From e59236fc17d2b404946a17d4af213c491294a81c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jan 2018 23:32:46 +0100 Subject: [PATCH 0001/2197] Add PSA crypto module New module psa_crypto.c (MBEDTLS_PSA_CRYPTO_C): Platform Security Architecture compatibility layer on top of libmedcrypto. Implement psa_crypto_init function which sets up a RNG. Add a mbedtls_psa_crypto_free function which deinitializes the library. Define a first batch of error codes. --- include/mbedtls/check_config.h | 6 ++ include/mbedtls/config.h | 14 ++- include/psa/crypto.h | 90 +++++++++++++++++++ include/psa/crypto_extra.h | 46 ++++++++++ include/psa/crypto_platform.h | 39 +++++++++ library/CMakeLists.txt | 1 + library/Makefile | 1 + library/psa_crypto.c | 97 +++++++++++++++++++++ library/version_features.c | 3 + tests/suites/test_suite_psa_crypto.data | 2 + tests/suites/test_suite_psa_crypto.function | 24 +++++ visualc/VS2010/mbedTLS.vcxproj | 4 + 12 files changed, 326 insertions(+), 1 deletion(-) create mode 100644 include/psa/crypto.h create mode 100644 include/psa/crypto_extra.h create mode 100644 include/psa/crypto_platform.h create mode 100644 library/psa_crypto.c create mode 100644 tests/suites/test_suite_psa_crypto.data create mode 100644 tests/suites/test_suite_psa_crypto.function diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 9e6bb8a46..41c3f2458 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -486,6 +486,12 @@ #error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously" #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) && \ + !( defined(MBEDTLS_CTR_DRBG_C) && \ + defined(MBEDTLS_ENTROPY_C) ) +#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 052aed0d3..dc112a91d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2013,7 +2013,7 @@ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C * */ -//#define MBEDTLS_CMAC_C +#define MBEDTLS_CMAC_C /** * \def MBEDTLS_CTR_DRBG_C @@ -2555,6 +2555,18 @@ */ #define MBEDTLS_POLY1305_C +/** +* \def MBEDTLS_PSA_CRYPTO_C + * + * Enable the Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto.c + * + * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * + */ +#define MBEDTLS_PSA_CRYPTO_C + /** * \def MBEDTLS_RIPEMD160_C * diff --git a/include/psa/crypto.h b/include/psa/crypto.h new file mode 100644 index 000000000..fc299af39 --- /dev/null +++ b/include/psa/crypto.h @@ -0,0 +1,90 @@ +/** + * \file psa/crypto.h + * \brief Platform Security Architecture cryptography module + */ + +#ifndef PSA_CRYPTO_H +#define PSA_CRYPTO_H + +#include "crypto_platform.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** \defgroup basic Basic definitions + * @{ + */ + +/** + * \brief Function return status. + * + * Zero indicates success, anything else indicates an error. + */ +typedef enum { + /** The action was completed successfully. */ + PSA_SUCCESS = 0, + /** The requested operation or a parameter is not supported + by this implementation. */ + PSA_ERROR_NOT_SUPPORTED, + /** The requested action is denied by a policy. */ + PSA_ERROR_NOT_PERMITTED, + /** An output buffer is too small. */ + PSA_ERROR_BUFFER_TOO_SMALL, + /** A slot is occupied, but must be empty to carry out the + requested action. */ + PSA_ERROR_OCCUPIED_SLOT, + /** A slot is empty, but must be occupied to carry out the + requested action. */ + PSA_ERROR_EMPTY_SLOT, + /** The requested action cannot be performed in the current state. */ + PSA_ERROR_BAD_STATE, + /** The parameters passed to the function are invalid. */ + PSA_ERROR_INVALID_ARGUMENT, + /** There is not enough runtime memory. */ + PSA_ERROR_INSUFFICIENT_MEMORY, + /** There is not enough persistent storage. */ + PSA_ERROR_INSUFFICIENT_STORAGE, + /** There was a communication failure inside the implementation. */ + PSA_ERROR_COMMUNICATION_FAILURE, + /** A hardware failure was detected. */ + PSA_ERROR_HARDWARE_FAILURE, + /** A tampering attempt was detected. */ + PSA_ERROR_TAMPERING_DETECTED, + /** There is not enough entropy to generate random data needed + for the requested action. */ + PSA_ERROR_INSUFFICIENT_ENTROPY, + /** The signature or MAC is incorrect. */ + PSA_ERROR_INVALID_SIGNATURE, + /** An error occurred that does not correspond to any defined + failure cause. */ + PSA_ERROR_UNKNOWN_ERROR, +} psa_status_t; + +/** + * \brief Library initialization. + * + * Applications must call this function before calling any other + * function in this module. + * + * Applications may call this function more than once. Once a call + * succeeds, subsequent calls are guaranteed to succeed. + * + * \return * \c PSA_SUCCESS: success. + * * \c PSA_ERROR_INSUFFICIENT_MEMORY + * * \c PSA_ERROR_COMMUNICATION_FAILURE + * * \c PSA_ERROR_HARDWARE_FAILURE + * * \c PSA_ERROR_TAMPERING_DETECTED + * * \c PSA_ERROR_INSUFFICIENT_ENTROPY + */ +psa_status_t psa_crypto_init(void); + +/**@}*/ + +#ifdef __cplusplus +} +#endif + +#include "crypto_extra.h" + +#endif /* PSA_CRYPTO_H */ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h new file mode 100644 index 000000000..b9e12bb6f --- /dev/null +++ b/include/psa/crypto_extra.h @@ -0,0 +1,46 @@ +/** + * \file psa/crypto_extra.h + * + * \brief PSA cryptography module: Mbed TLS vendor extensions + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_EXTRA_H +#define PSA_CRYPTO_EXTRA_H + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Library deinitialization. + * + * This function clears all data associated with the PSA layer, + * including the whole key store. + * + * This is an Mbed TLS extension. + */ +void mbedtls_psa_crypto_free( void ); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_EXTRA_H */ diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h new file mode 100644 index 000000000..eafc0b3ea --- /dev/null +++ b/include/psa/crypto_platform.h @@ -0,0 +1,39 @@ +/** + * \file psa/crypto_platform.h + * + * \brief PSA cryptography module: Mbed TLS platfom definitions + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_PLATFORM_H +#define PSA_CRYPTO_PLATFORM_H + +/* Include the Mbed TLS configuration file, the way Mbed TLS does it + * in each of its header files. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "../mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +/* PSA requires several types which C99 provides in stdint.h. */ +#include + +#endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6a280fe70..07811f9d0 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -53,6 +53,7 @@ set(src_crypto platform.c platform_util.c poly1305.c + psa_crypto.c ripemd160.c rsa.c rsa_internal.c diff --git a/library/Makefile b/library/Makefile index 430c59881..f4b39bdeb 100644 --- a/library/Makefile +++ b/library/Makefile @@ -81,6 +81,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ pk.o pk_wrap.o pkcs12.o \ pkcs5.o pkparse.o pkwrite.o \ platform.o platform_util.o poly1305.o \ + psa_crypto.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ threading.o timing.o version.o \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c new file mode 100644 index 000000000..ca25bb487 --- /dev/null +++ b/library/psa_crypto.c @@ -0,0 +1,97 @@ +/* + * PSA crypto layer on top of Mbed TLS crypto + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include "psa/crypto.h" + +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/entropy.h" + + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) +{ + volatile unsigned char *p = v; while( n-- ) *p++ = 0; +} + +typedef struct { + int initialized; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; +} psa_global_data_t; + +static psa_global_data_t global_data; + +static psa_status_t mbedtls_to_psa_error( int ret ) +{ + switch( ret ) + { + case 0: + return( PSA_SUCCESS ); + case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED: + case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE: + case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED: + return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + default: + return( PSA_ERROR_UNKNOWN_ERROR ); + } +} + +void mbedtls_psa_crypto_free( void ) +{ + mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); + mbedtls_entropy_free( &global_data.entropy ); + mbedtls_zeroize( &global_data, sizeof( global_data ) ); +} + +psa_status_t psa_crypto_init( void ) +{ + int ret; + const unsigned char drbg_seed[] = "PSA"; + + if( global_data.initialized != 0 ) + return( PSA_SUCCESS ); + + mbedtls_zeroize( &global_data, sizeof( global_data ) ); + mbedtls_entropy_init( &global_data.entropy ); + mbedtls_ctr_drbg_init( &global_data.ctr_drbg ); + + ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg, + mbedtls_entropy_func, + &global_data.entropy, + drbg_seed, sizeof( drbg_seed ) - 1 ); + if( ret != 0 ) + goto exit; + +exit: + if( ret != 0 ) + mbedtls_psa_crypto_free( ); + return( mbedtls_to_psa_error( ret ) ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/version_features.c b/library/version_features.c index 777b6034c..b77bf2658 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -678,6 +678,9 @@ static const char *features[] = { #if defined(MBEDTLS_POLY1305_C) "MBEDTLS_POLY1305_C", #endif /* MBEDTLS_POLY1305_C */ +#if defined(MBEDTLS_PSA_CRYPTO_C) + "MBEDTLS_PSA_CRYPTO_C", +#endif /* MBEDTLS_PSA_CRYPTO_C */ #if defined(MBEDTLS_RIPEMD160_C) "MBEDTLS_RIPEMD160_C", #endif /* MBEDTLS_RIPEMD160_C */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data new file mode 100644 index 000000000..3d7689bd2 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto.data @@ -0,0 +1,2 @@ +PSA init/deinit +init_deinit: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function new file mode 100644 index 000000000..9d9eee47b --- /dev/null +++ b/tests/suites/test_suite_psa_crypto.function @@ -0,0 +1,24 @@ +/* BEGIN_HEADER */ +#include "psa/crypto.h" +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void init_deinit() +{ + psa_status_t ret; + int i; + for( i = 0; i <= 1; i++ ) + { + ret = psa_crypto_init( ); + TEST_ASSERT( ret == PSA_SUCCESS ); + ret = psa_crypto_init( ); + TEST_ASSERT( ret == PSA_SUCCESS ); + mbedtls_psa_crypto_free( ); + } +} +/* END_CASE */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 73c92bda5..2c569e52d 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -224,6 +224,9 @@ + + + @@ -281,6 +284,7 @@ + From 62a7e7e65fb1c6bb0f6f0334677fa636839a5b8e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Feb 2018 21:54:47 +0100 Subject: [PATCH 0002/2197] Add a Doxygen-only section This is intended to document platform-specific definitions in PSA. --- include/psa/crypto.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fc299af39..0bd9c03eb 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -8,6 +8,14 @@ #include "crypto_platform.h" +#ifdef __DOXYGEN_ONLY__ +/** \defgroup platform Implementation-specific definitions + * @{ + */ + +/**@}*/ +#endif + #ifdef __cplusplus extern "C" { #endif From d8374ba92b124f4795c629c31981c3c6e4862f3b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Feb 2018 20:36:55 +0100 Subject: [PATCH 0003/2197] New configuration file for PSA crypto New configuration file with all cryptographic modules and MBEDTLS_PSA_CRYPTO_C, but no X.509 or TLS. --- configs/config-psa-crypto.h | 1711 +++++++++++++++++++++++++++++++++++ 1 file changed, 1711 insertions(+) create mode 100644 configs/config-psa-crypto.h diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h new file mode 100644 index 000000000..9c4f62aa0 --- /dev/null +++ b/configs/config-psa-crypto.h @@ -0,0 +1,1711 @@ +/** + * \file config-psa-crypto.h + * + * \brief Configuration with all cryptography features and no X.509 or TLS. + * + * This configuration is intended to prototype the PSA reference implementation. + */ +/* + * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/** + * \name SECTION: System support + * + * This section sets system specific settings. + * \{ + */ + +/** + * \def MBEDTLS_HAVE_ASM + * + * The compiler has support for asm(). + * + * Requires support for asm() in compiler. + * + * Used in: + * library/timing.c + * library/padlock.c + * include/mbedtls/bn_mul.h + * + * Comment to disable the use of assembly code. + */ +#define MBEDTLS_HAVE_ASM + +/** + * \def MBEDTLS_NO_UDBL_DIVISION + * + * The platform lacks support for double-width integer division (64-bit + * division on a 32-bit platform, 128-bit division on a 64-bit platform). + * + * Used in: + * include/mbedtls/bignum.h + * library/bignum.c + * + * The bignum code uses double-width division to speed up some operations. + * Double-width division is often implemented in software that needs to + * be linked with the program. The presence of a double-width integer + * type is usually detected automatically through preprocessor macros, + * but the automatic detection cannot know whether the code needs to + * and can be linked with an implementation of division for that type. + * By default division is assumed to be usable if the type is present. + * Uncomment this option to prevent the use of double-width division. + * + * Note that division for the native integer type is always required. + * Furthermore, a 64-bit type is always required even on a 32-bit + * platform, but it need not support multiplication or division. In some + * cases it is also desirable to disable some double-width operations. For + * example, if double-width division is implemented in software, disabling + * it can reduce code size in some embedded targets. + */ +//#define MBEDTLS_NO_UDBL_DIVISION + +/** + * \def MBEDTLS_HAVE_SSE2 + * + * CPU supports SSE2 instruction set. + * + * Uncomment if the CPU supports SSE2 (IA-32 specific). + */ +//#define MBEDTLS_HAVE_SSE2 + +/** + * \def MBEDTLS_PLATFORM_MEMORY + * + * Enable the memory allocation layer. + * + * By default mbed TLS uses the system-provided calloc() and free(). + * This allows different allocators (self-implemented or provided) to be + * provided to the platform abstraction layer. + * + * Enabling MBEDTLS_PLATFORM_MEMORY without the + * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide + * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and + * free() function pointer at runtime. + * + * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the + * alternate function at compile time. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Enable this layer to allow use of alternative memory allocators. + */ +//#define MBEDTLS_PLATFORM_MEMORY + +/** + * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + * + * Do not assign standard functions in the platform layer (e.g. calloc() to + * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) + * + * This makes sure there are no linking errors on platforms that do not support + * these functions. You will HAVE to provide alternatives, either at runtime + * via the platform_set_xxx() functions or at compile time by setting + * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a + * MBEDTLS_PLATFORM_XXX_MACRO. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Uncomment to prevent default assignment of standard functions in the + * platform layer. + */ +//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + +/** + * \def MBEDTLS_PLATFORM_EXIT_ALT + * + * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the + * function in the platform abstraction layer. + * + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * provide a function "mbedtls_platform_set_printf()" that allows you to set an + * alternative printf function pointer. + * + * All these define require MBEDTLS_PLATFORM_C to be defined! + * + * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; + * it will be enabled automatically by check_config.h + * + * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as + * MBEDTLS_PLATFORM_XXX_MACRO! + * + * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME + * + * Uncomment a macro to enable alternate implementation of specific base + * platform function + */ +//#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_TIME_ALT +//#define MBEDTLS_PLATFORM_FPRINTF_ALT +//#define MBEDTLS_PLATFORM_PRINTF_ALT +//#define MBEDTLS_PLATFORM_SNPRINTF_ALT +//#define MBEDTLS_PLATFORM_NV_SEED_ALT +//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT + +/** + * \def MBEDTLS_DEPRECATED_WARNING + * + * Mark deprecated functions so that they generate a warning if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * This only works with GCC and Clang. With other compilers, you may want to + * use MBEDTLS_DEPRECATED_REMOVED + * + * Uncomment to get warnings on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_WARNING + +/** + * \def MBEDTLS_DEPRECATED_REMOVED + * + * Remove deprecated functions so that they generate an error if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * Uncomment to get errors on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_REMOVED + +/* \} name SECTION: System support */ + +/** + * \name SECTION: mbed TLS feature support + * + * This section sets support for features that are or are not needed + * within the modules that are enabled. + * \{ + */ + +/** + * \def MBEDTLS_AES_ALT + * + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your + * alternate core implementation of a symmetric crypto, an arithmetic or hash + * module (e.g. platform specific assembly optimized implementations). Keep + * in mind that the function prototypes should remain the same. + * + * This replaces the whole module. If you only want to replace one of the + * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * provide the "struct mbedtls_aes_context" definition and omit the base + * function declarations and implementations. "aes_alt.h" will be included from + * "aes.h" to include the new function definitions. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * module. + * + * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their + * use constitutes a security risk. If possible, we recommend + * avoiding dependencies on them, and considering stronger message + * digests and ciphers instead. + * + */ +//#define MBEDTLS_AES_ALT +//#define MBEDTLS_ARC4_ALT +//#define MBEDTLS_BLOWFISH_ALT +//#define MBEDTLS_CAMELLIA_ALT +//#define MBEDTLS_CCM_ALT +//#define MBEDTLS_CMAC_ALT +//#define MBEDTLS_DES_ALT +//#define MBEDTLS_DHM_ALT +//#define MBEDTLS_ECJPAKE_ALT +//#define MBEDTLS_GCM_ALT +//#define MBEDTLS_MD2_ALT +//#define MBEDTLS_MD4_ALT +//#define MBEDTLS_MD5_ALT +//#define MBEDTLS_RIPEMD160_ALT +//#define MBEDTLS_RSA_ALT +//#define MBEDTLS_SHA1_ALT +//#define MBEDTLS_SHA256_ALT +//#define MBEDTLS_SHA512_ALT +//#define MBEDTLS_XTEA_ALT +/* + * When replacing the elliptic curve module, pleace consider, that it is + * implemented with two .c files: + * - ecp.c + * - ecp_curves.c + * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT + * macros as described above. The only difference is that you have to make sure + * that you provide functionality for both .c files. + */ +//#define MBEDTLS_ECP_ALT + +/** + * \def MBEDTLS_MD2_PROCESS_ALT + * + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * alternate core implementation of symmetric crypto or hash function. Keep in + * mind that function prototypes should remain the same. + * + * This replaces only one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * no longer provide the mbedtls_sha1_process() function, but it will still provide + * the other function (using your mbedtls_sha1_process() function) and the definition + * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible + * with this definition. + * + * \note Because of a signature change, the core AES encryption and decryption routines are + * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, + * respectively. When setting up alternative implementations, these functions should + * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt + * must stay untouched. + * + * \note If you use the AES_xxx_ALT macros, then is is recommended to also set + * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES + * tables. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + * + * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use + * constitutes a security risk. If possible, we recommend avoiding + * dependencies on them, and considering stronger message digests + * and ciphers instead. + * + */ +//#define MBEDTLS_MD2_PROCESS_ALT +//#define MBEDTLS_MD4_PROCESS_ALT +//#define MBEDTLS_MD5_PROCESS_ALT +//#define MBEDTLS_RIPEMD160_PROCESS_ALT +//#define MBEDTLS_SHA1_PROCESS_ALT +//#define MBEDTLS_SHA256_PROCESS_ALT +//#define MBEDTLS_SHA512_PROCESS_ALT +//#define MBEDTLS_DES_SETKEY_ALT +//#define MBEDTLS_DES_CRYPT_ECB_ALT +//#define MBEDTLS_DES3_CRYPT_ECB_ALT +//#define MBEDTLS_AES_SETKEY_ENC_ALT +//#define MBEDTLS_AES_SETKEY_DEC_ALT +//#define MBEDTLS_AES_ENCRYPT_ALT +//#define MBEDTLS_AES_DECRYPT_ALT +//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT +//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT +//#define MBEDTLS_ECDSA_VERIFY_ALT +//#define MBEDTLS_ECDSA_SIGN_ALT +//#define MBEDTLS_ECDSA_GENKEY_ALT + +/** + * \def MBEDTLS_ECP_INTERNAL_ALT + * + * Expose a part of the internal interface of the Elliptic Curve Point module. + * + * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your + * alternative core implementation of elliptic curve arithmetic. Keep in mind + * that function prototypes should remain the same. + * + * This partially replaces one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation + * is still present and it is used for group structures not supported by the + * alternative. + * + * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT + * and implementing the following functions: + * unsigned char mbedtls_internal_ecp_grp_capable( + * const mbedtls_ecp_group *grp ) + * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) + * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp ) + * The mbedtls_internal_ecp_grp_capable function should return 1 if the + * replacement functions implement arithmetic for the given group and 0 + * otherwise. + * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are + * called before and after each point operation and provide an opportunity to + * implement optimized set up and tear down instructions. + * + * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and + * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac + * function, but will use your mbedtls_internal_ecp_double_jac if the group is + * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when + * receives it as an argument). If the group is not supported then the original + * implementation is used. The other functions and the definition of + * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your + * implementation of mbedtls_internal_ecp_double_jac and + * mbedtls_internal_ecp_grp_capable must be compatible with this definition. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + */ +/* Required for all the functions in this section */ +//#define MBEDTLS_ECP_INTERNAL_ALT +/* Support for Weierstrass curves with Jacobi representation */ +//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT +//#define MBEDTLS_ECP_ADD_MIXED_ALT +//#define MBEDTLS_ECP_DOUBLE_JAC_ALT +//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT +//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT +/* Support for curves with Montgomery arithmetic */ +//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT +//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT +//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT + +/** + * \def MBEDTLS_TEST_NULL_ENTROPY + * + * Enables testing and use of mbed TLS without any configured entropy sources. + * This permits use of the library on platforms before an entropy source has + * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the + * MBEDTLS_ENTROPY_NV_SEED switches). + * + * WARNING! This switch MUST be disabled in production builds, and is suitable + * only for development. + * Enabling the switch negates any security provided by the library. + * + * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + */ +//#define MBEDTLS_TEST_NULL_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_HARDWARE_ALT + * + * Uncomment this macro to let mbed TLS use your own implementation of a + * hardware entropy collector. + * + * Your function must be called \c mbedtls_hardware_poll(), have the same + * prototype as declared in entropy_poll.h, and accept NULL as first argument. + * + * Uncomment to use your own hardware entropy collector. + */ +//#define MBEDTLS_ENTROPY_HARDWARE_ALT + +/** + * \def MBEDTLS_AES_ROM_TABLES + * + * Store the AES tables in ROM. + * + * Uncomment this macro to store the AES tables in ROM. + */ +//#define MBEDTLS_AES_ROM_TABLES + +/** + * \def MBEDTLS_CAMELLIA_SMALL_MEMORY + * + * Use less ROM for the Camellia implementation (saves about 768 bytes). + * + * Uncomment this macro to use less memory for Camellia. + */ +//#define MBEDTLS_CAMELLIA_SMALL_MEMORY + +/** + * \def MBEDTLS_CIPHER_MODE_CBC + * + * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CBC + +/** + * \def MBEDTLS_CIPHER_MODE_CFB + * + * Enable Cipher Feedback mode (CFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CFB + +/** + * \def MBEDTLS_CIPHER_MODE_CTR + * + * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CTR + +/** + * \def MBEDTLS_CIPHER_PADDING_PKCS7 + * + * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for + * specific padding modes in the cipher layer with cipher modes that support + * padding (e.g. CBC) + * + * If you disable all padding modes, only full blocks can be used with CBC. + * + * Enable padding modes in the cipher layer. + */ +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define MBEDTLS_CIPHER_PADDING_ZEROS + +/** + * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED + * + * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve + * module. By default all supported curves are enabled. + * + * Comment macros to disable the curve and functions for it + */ +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED + +/** + * \def MBEDTLS_ECP_NIST_OPTIM + * + * Enable specific 'modulo p' routines for each NIST prime. + * Depending on the prime and architecture, makes operations 4 to 8 times + * faster on the corresponding curve. + * + * Comment this macro to disable NIST curves optimisation. + */ +#define MBEDTLS_ECP_NIST_OPTIM + +/** + * \def MBEDTLS_ECDSA_DETERMINISTIC + * + * Enable deterministic ECDSA (RFC 6979). + * Standard ECDSA is "fragile" in the sense that lack of entropy when signing + * may result in a compromise of the long-term signing key. This is avoided by + * the deterministic variant. + * + * Requires: MBEDTLS_HMAC_DRBG_C + * + * Comment this macro to disable deterministic ECDSA. + */ +#define MBEDTLS_ECDSA_DETERMINISTIC + +/** + * \def MBEDTLS_PK_PARSE_EC_EXTENDED + * + * Enhance support for reading EC keys using variants of SEC1 not allowed by + * RFC 5915 and RFC 5480. + * + * Currently this means parsing the SpecifiedECDomain choice of EC + * parameters (only known groups are supported, not arbitrary domains, to + * avoid validation issues). + * + * Disable if you only need to support RFC 5915 + 5480 key formats. + */ +#define MBEDTLS_PK_PARSE_EC_EXTENDED + +/** + * \def MBEDTLS_ERROR_STRERROR_DUMMY + * + * Enable a dummy error function to make use of mbedtls_strerror() in + * third party libraries easier when MBEDTLS_ERROR_C is disabled + * (no effect when MBEDTLS_ERROR_C is enabled). + * + * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're + * not using mbedtls_strerror() or error_strerror() in your application. + * + * Disable if you run into name conflicts and want to really remove the + * mbedtls_strerror() + */ +#define MBEDTLS_ERROR_STRERROR_DUMMY + +/** + * \def MBEDTLS_GENPRIME + * + * Enable the prime-number generation code. + * + * Requires: MBEDTLS_BIGNUM_C + */ +#define MBEDTLS_GENPRIME + +/** + * \def MBEDTLS_FS_IO + * + * Enable functions that use the filesystem. + */ +#define MBEDTLS_FS_IO + +/** + * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + * Do not add default entropy sources. These are the platform specific, + * mbedtls_timing_hardclock and HAVEGE based poll functions. + * + * This is useful to have more control over the added entropy sources in an + * application. + * + * Uncomment this macro to prevent loading of default entropy functions. + */ +//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + +/** + * \def MBEDTLS_NO_PLATFORM_ENTROPY + * + * Do not use built-in platform entropy functions. + * This is useful if your platform does not support + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. + */ +//#define MBEDTLS_NO_PLATFORM_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_FORCE_SHA256 + * + * Force the entropy accumulator to use a SHA-256 accumulator instead of the + * default SHA-512 based one (if both are available). + * + * Requires: MBEDTLS_SHA256_C + * + * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option + * if you have performance concerns. + * + * This option is only useful if both MBEDTLS_SHA256_C and + * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. + */ +//#define MBEDTLS_ENTROPY_FORCE_SHA256 + +/** + * \def MBEDTLS_ENTROPY_NV_SEED + * + * Enable the non-volatile (NV) seed file-based entropy source. + * (Also enables the NV seed read/write functions in the platform layer) + * + * This is crucial (if not required) on systems that do not have a + * cryptographic entropy source (in hardware or kernel) available. + * + * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C + * + * \note The read/write functions that are used by the entropy source are + * determined in the platform layer, and can be modified at runtime and/or + * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. + * + * \note If you use the default implementation functions that read a seedfile + * with regular fopen(), please make sure you make a seedfile with the + * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at + * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from + * and written to or you will get an entropy source error! The default + * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE + * bytes from the file. + * + * \note The entropy collector will write to the seed file before entropy is + * given to an external source, to update it. + */ +//#define MBEDTLS_ENTROPY_NV_SEED + +/** + * \def MBEDTLS_MEMORY_DEBUG + * + * Enable debugging of buffer allocator memory issues. Automatically prints + * (to stderr) all (fatal) messages on memory allocation issues. Enables + * function for 'debug output' of allocated memory. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Uncomment this macro to let the buffer allocator print out error messages. + */ +//#define MBEDTLS_MEMORY_DEBUG + +/** + * \def MBEDTLS_MEMORY_BACKTRACE + * + * Include backtrace information with each allocated block. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * GLIBC-compatible backtrace() an backtrace_symbols() support + * + * Uncomment this macro to include backtrace information + */ +//#define MBEDTLS_MEMORY_BACKTRACE + +/** + * \def MBEDTLS_PK_RSA_ALT_SUPPORT + * + * Support external private RSA keys (eg from a HSM) in the PK layer. + * + * Comment this macro to disable support for external private RSA keys. + */ +#define MBEDTLS_PK_RSA_ALT_SUPPORT + +/** + * \def MBEDTLS_PKCS1_V15 + * + * Enable support for PKCS#1 v1.5 encoding. + * + * Requires: MBEDTLS_RSA_C + * + * This enables support for PKCS#1 v1.5 operations. + */ +#define MBEDTLS_PKCS1_V15 + +/** + * \def MBEDTLS_PKCS1_V21 + * + * Enable support for PKCS#1 v2.1 encoding. + * + * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C + * + * This enables support for RSAES-OAEP and RSASSA-PSS operations. + */ +#define MBEDTLS_PKCS1_V21 + +/** + * \def MBEDTLS_RSA_NO_CRT + * + * Do not use the Chinese Remainder Theorem for the RSA private operation. + * + * Uncomment this macro to disable the use of CRT in RSA. + * + */ +//#define MBEDTLS_RSA_NO_CRT + +/** + * \def MBEDTLS_SELF_TEST + * + * Enable the checkup functions (*_self_test). + */ +#define MBEDTLS_SELF_TEST + +/** + * \def MBEDTLS_SHA256_SMALLER + * + * Enable an implementation of SHA-256 that has lower ROM footprint but also + * lower performance. + * + * The default implementation is meant to be a reasonnable compromise between + * performance and size. This version optimizes more aggressively for size at + * the expense of performance. Eg on Cortex-M4 it reduces the size of + * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about + * 30%. + * + * Uncomment to enable the smaller implementation of SHA256. + */ +//#define MBEDTLS_SHA256_SMALLER + +/** + * \def MBEDTLS_THREADING_ALT + * + * Provide your own alternate threading implementation. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to allow your own alternate threading implementation. + */ +//#define MBEDTLS_THREADING_ALT + +/** + * \def MBEDTLS_THREADING_PTHREAD + * + * Enable the pthread wrapper layer for the threading layer. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to enable pthread mutexes. + */ +//#define MBEDTLS_THREADING_PTHREAD + +/** + * \def MBEDTLS_VERSION_FEATURES + * + * Allow run-time checking of compile-time enabled features. Thus allowing users + * to check at run-time if the library is for instance compiled with threading + * support via mbedtls_version_check_feature(). + * + * Requires: MBEDTLS_VERSION_C + * + * Comment this to disable run-time checking and save ROM space + */ +#define MBEDTLS_VERSION_FEATURES + +/* \} name SECTION: mbed TLS feature support */ + +/** + * \name SECTION: mbed TLS modules + * + * This section enables or disables entire modules in mbed TLS + * \{ + */ + +/** + * \def MBEDTLS_AESNI_C + * + * Enable AES-NI support on x86-64. + * + * Module: library/aesni.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the AES-NI instructions on x86-64 + */ +#define MBEDTLS_AESNI_C + +/** + * \def MBEDTLS_AES_C + * + * Enable the AES block cipher. + * + * Module: library/aes.c + * Caller: library/ssl_tls.c + * library/pem.c + * library/ctr_drbg.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * + * PEM_PARSE uses AES for decrypting encrypted keys. + */ +#define MBEDTLS_AES_C + +/** + * \def MBEDTLS_ARC4_C + * + * Enable the ARCFOUR stream cipher. + * + * Module: library/arc4.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + * + * \warning ARC4 is considered a weak cipher and its use constitutes a + * security risk. If possible, we recommend avoidng dependencies on + * it, and considering stronger ciphers instead. + * + */ +#define MBEDTLS_ARC4_C + +/** + * \def MBEDTLS_ASN1_PARSE_C + * + * Enable the generic ASN1 parser. + * + * Module: library/asn1.c + * Caller: library/x509.c + * library/dhm.c + * library/pkcs12.c + * library/pkcs5.c + * library/pkparse.c + */ +#define MBEDTLS_ASN1_PARSE_C + +/** + * \def MBEDTLS_ASN1_WRITE_C + * + * Enable the generic ASN1 writer. + * + * Module: library/asn1write.c + * Caller: library/ecdsa.c + * library/pkwrite.c + * library/x509_create.c + * library/x509write_crt.c + * library/x509write_csr.c + */ +#define MBEDTLS_ASN1_WRITE_C + +/** + * \def MBEDTLS_BASE64_C + * + * Enable the Base64 module. + * + * Module: library/base64.c + * Caller: library/pem.c + * + * This module is required for PEM support (required by X.509). + */ +#define MBEDTLS_BASE64_C + +/** + * \def MBEDTLS_BIGNUM_C + * + * Enable the multi-precision integer library. + * + * Module: library/bignum.c + * Caller: library/dhm.c + * library/ecp.c + * library/ecdsa.c + * library/rsa.c + * library/rsa_internal.c + * library/ssl_tls.c + * + * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. + */ +#define MBEDTLS_BIGNUM_C + +/** + * \def MBEDTLS_BLOWFISH_C + * + * Enable the Blowfish block cipher. + * + * Module: library/blowfish.c + */ +#define MBEDTLS_BLOWFISH_C + +/** + * \def MBEDTLS_CAMELLIA_C + * + * Enable the Camellia block cipher. + * + * Module: library/camellia.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + */ +#define MBEDTLS_CAMELLIA_C + +/** + * \def MBEDTLS_CCM_C + * + * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. + * + * Module: library/ccm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-CCM ciphersuites, if other requisites are + * enabled as well. + */ +#define MBEDTLS_CCM_C + +/** + * \def MBEDTLS_CIPHER_C + * + * Enable the generic cipher layer. + * + * Module: library/cipher.c + * Caller: library/ssl_tls.c + * + * Uncomment to enable generic cipher wrappers. + */ +#define MBEDTLS_CIPHER_C + +/** + * \def MBEDTLS_CMAC_C + * + * Enable the CMAC (Cipher-based Message Authentication Code) mode for block + * ciphers. + * + * Module: library/cmac.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C + * + */ +#define MBEDTLS_CMAC_C + +/** + * \def MBEDTLS_CTR_DRBG_C + * + * Enable the CTR_DRBG AES-256-based random generator. + * + * Module: library/ctr_drbg.c + * Caller: + * + * Requires: MBEDTLS_AES_C + * + * This module provides the CTR_DRBG AES-256 random number generator. + */ +#define MBEDTLS_CTR_DRBG_C + +/** + * \def MBEDTLS_DES_C + * + * Enable the DES block cipher. + * + * Module: library/des.c + * Caller: library/pem.c + * library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * + * PEM_PARSE uses DES/3DES for decrypting encrypted keys. + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +#define MBEDTLS_DES_C + +/** + * \def MBEDTLS_DHM_C + * + * Enable the Diffie-Hellman-Merkle module. + * + * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * DHE-RSA, DHE-PSK + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_DHM_C + +/** + * \def MBEDTLS_ECDH_C + * + * Enable the elliptic curve Diffie-Hellman library. + * + * Module: library/ecdh.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK + * + * Requires: MBEDTLS_ECP_C + */ +#define MBEDTLS_ECDH_C + +/** + * \def MBEDTLS_ECDSA_C + * + * Enable the elliptic curve DSA library. + * + * Module: library/ecdsa.c + * Caller: + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C + */ +#define MBEDTLS_ECDSA_C + +/** + * \def MBEDTLS_ECJPAKE_C + * + * Enable the elliptic curve J-PAKE library. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Module: library/ecjpake.c + * Caller: + * + * This module is used by the following key exchanges: + * ECJPAKE + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C + */ +#define MBEDTLS_ECJPAKE_C + +/** + * \def MBEDTLS_ECP_C + * + * Enable the elliptic curve over GF(p) library. + * + * Module: library/ecp.c + * Caller: library/ecdh.c + * library/ecdsa.c + * library/ecjpake.c + * + * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED + */ +#define MBEDTLS_ECP_C + +/** + * \def MBEDTLS_ENTROPY_C + * + * Enable the platform-specific entropy code. + * + * Module: library/entropy.c + * Caller: + * + * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C + * + * This module provides a generic entropy pool + */ +#define MBEDTLS_ENTROPY_C + +/** + * \def MBEDTLS_ERROR_C + * + * Enable error code to error string conversion. + * + * Module: library/error.c + * Caller: + * + * This module enables mbedtls_strerror(). + */ +#define MBEDTLS_ERROR_C + +/** + * \def MBEDTLS_GCM_C + * + * Enable the Galois/Counter Mode (GCM) for AES. + * + * Module: library/gcm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other + * requisites are enabled as well. + */ +#define MBEDTLS_GCM_C + +/** + * \def MBEDTLS_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: MBEDTLS_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. + */ +//#define MBEDTLS_HAVEGE_C + +/** + * \def MBEDTLS_HMAC_DRBG_C + * + * Enable the HMAC_DRBG random generator. + * + * Module: library/hmac_drbg.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * Uncomment to enable the HMAC_DRBG random number geerator. + */ +#define MBEDTLS_HMAC_DRBG_C + +/** + * \def MBEDTLS_MD_C + * + * Enable the generic message digest layer. + * + * Module: library/md.c + * Caller: + * + * Uncomment to enable generic message digest wrappers. + */ +#define MBEDTLS_MD_C + +/** + * \def MBEDTLS_MD2_C + * + * Enable the MD2 hash algorithm. + * + * Module: library/md2.c + * Caller: + * + * Uncomment to enable support for (rare) MD2-signed X.509 certs. + * + * \warning MD2 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_MD2_C + +/** + * \def MBEDTLS_MD4_C + * + * Enable the MD4 hash algorithm. + * + * Module: library/md4.c + * Caller: + * + * Uncomment to enable support for (rare) MD4-signed X.509 certs. + * + * \warning MD4 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_MD4_C + +/** + * \def MBEDTLS_MD5_C + * + * Enable the MD5 hash algorithm. + * + * Module: library/md5.c + * Caller: library/md.c + * library/pem.c + * library/ssl_tls.c + * + * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 + * depending on the handshake parameters. Further, it is used for checking + * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded + * encrypted keys. + * + * \warning MD5 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_MD5_C + +/** + * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Enable the buffer allocator implementation that makes use of a (stack) + * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() + * calls) + * + * Module: library/memory_buffer_alloc.c + * + * Requires: MBEDTLS_PLATFORM_C + * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * + * Enable this module to enable the buffer memory allocator. + */ +//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C + +/** + * \def MBEDTLS_OID_C + * + * Enable the OID database. + * + * Module: library/oid.c + * Caller: library/asn1write.c + * library/pkcs5.c + * library/pkparse.c + * library/pkwrite.c + * library/rsa.c + * library/x509.c + * library/x509_create.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * This modules translates between OIDs and internal values. + */ +#define MBEDTLS_OID_C + +/** + * \def MBEDTLS_PADLOCK_C + * + * Enable VIA Padlock support on x86. + * + * Module: library/padlock.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the VIA PadLock on x86. + */ +//#define MBEDTLS_PADLOCK_C + +/** + * \def MBEDTLS_PEM_PARSE_C + * + * Enable PEM decoding / parsing. + * + * Module: library/pem.c + * Caller: library/dhm.c + * library/pkparse.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for decoding / parsing PEM files. + */ +#define MBEDTLS_PEM_PARSE_C + +/** + * \def MBEDTLS_PEM_WRITE_C + * + * Enable PEM encoding / writing. + * + * Module: library/pem.c + * Caller: library/pkwrite.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for encoding / writing PEM files. + */ +#define MBEDTLS_PEM_WRITE_C + +/** + * \def MBEDTLS_PK_C + * + * Enable the generic public (asymetric) key layer. + * + * Module: library/pk.c + * Caller: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C + * + * Uncomment to enable generic public key wrappers. + */ +#define MBEDTLS_PK_C + +/** + * \def MBEDTLS_PK_PARSE_C + * + * Enable the generic public (asymetric) key parser. + * + * Module: library/pkparse.c + * Caller: library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key parse functions. + */ +#define MBEDTLS_PK_PARSE_C + +/** + * \def MBEDTLS_PK_WRITE_C + * + * Enable the generic public (asymetric) key writer. + * + * Module: library/pkwrite.c + * Caller: library/x509write.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key write functions. + */ +#define MBEDTLS_PK_WRITE_C + +/** + * \def MBEDTLS_PKCS5_C + * + * Enable PKCS#5 functions. + * + * Module: library/pkcs5.c + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the PKCS#5 functions. + */ +#define MBEDTLS_PKCS5_C + +/** + * \def MBEDTLS_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/pkcs11.c + * Caller: library/pk.c + * + * Requires: MBEDTLS_PK_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) + */ +//#define MBEDTLS_PKCS11_C + +/** + * \def MBEDTLS_PKCS12_C + * + * Enable PKCS#12 PBE functions. + * Adds algorithms for parsing PKCS#8 encrypted private keys + * + * Module: library/pkcs12.c + * Caller: library/pkparse.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * Can use: MBEDTLS_ARC4_C + * + * This module enables PKCS#12 functions. + */ +#define MBEDTLS_PKCS12_C + +/** + * \def MBEDTLS_PLATFORM_C + * + * Enable the platform abstraction layer that allows you to re-assign + * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). + * + * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT + * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned + * above to be specified at runtime or compile time respectively. + * + * \note This abstraction layer must be enabled on Windows (including MSYS2) + * as other module rely on it for a fixed snprintf implementation. + * + * Module: library/platform.c + * Caller: Most other .c files + * + * This module enables abstraction of common (libc) functions. + */ +#define MBEDTLS_PLATFORM_C + +/** + * \def MBEDTLS_PSA_CRYPTO_C + * + * Enable the Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto.c + * + * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * + */ +#define MBEDTLS_PSA_CRYPTO_C + +/** + * \def MBEDTLS_RIPEMD160_C + * + * Enable the RIPEMD-160 hash algorithm. + * + * Module: library/ripemd160.c + * Caller: library/md.c + * + */ +#define MBEDTLS_RIPEMD160_C + +/** + * \def MBEDTLS_RSA_C + * + * Enable the RSA public-key cryptosystem. + * + * Module: library/rsa.c + * library/rsa_internal.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c + * + * This module is used by the following key exchanges: + * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C + */ +#define MBEDTLS_RSA_C + +/** + * \def MBEDTLS_SHA1_C + * + * Enable the SHA1 cryptographic hash algorithm. + * + * Module: library/sha1.c + * Caller: library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509write_crt.c + * + * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 + * depending on the handshake parameters, and for SHA1-signed certificates. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_SHA1_C + +/** + * \def MBEDTLS_SHA256_C + * + * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * + * Module: library/sha256.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module adds support for SHA-224 and SHA-256. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define MBEDTLS_SHA256_C + +/** + * \def MBEDTLS_SHA512_C + * + * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * + * Module: library/sha512.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This module adds support for SHA-384 and SHA-512. + */ +#define MBEDTLS_SHA512_C + +/** + * \def MBEDTLS_THREADING_C + * + * Enable the threading abstraction layer. + * By default mbed TLS assumes it is used in a non-threaded environment or that + * contexts are not shared between threads. If you do intend to use contexts + * between threads, you will need to enable this layer to prevent race + * conditions. See also our Knowledge Base article about threading: + * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading + * + * Module: library/threading.c + * + * This allows different threading implementations (self-implemented or + * provided). + * + * You will have to enable either MBEDTLS_THREADING_ALT or + * MBEDTLS_THREADING_PTHREAD. + * + * Enable this layer to allow use of mutexes within mbed TLS + */ +//#define MBEDTLS_THREADING_C + +/** + * \def MBEDTLS_VERSION_C + * + * Enable run-time version information. + * + * Module: library/version.c + * + * This module provides run-time version information. + */ +#define MBEDTLS_VERSION_C + +/** + * \def MBEDTLS_XTEA_C + * + * Enable the XTEA block cipher. + * + * Module: library/xtea.c + * Caller: + */ +#define MBEDTLS_XTEA_C + +/* \} name SECTION: mbed TLS modules */ + +/** + * \name SECTION: Module configuration options + * + * This section allows for the setting of module specific sizes and + * configuration options. The default values are already present in the + * relevant header files and should suffice for the regular use cases. + * + * Our advice is to enable options and change their values here + * only if you have a good reason and know the consequences. + * + * Please check the respective header file for documentation on these + * parameters (to prevent duplicate documentation). + * \{ + */ + +/* MPI / BIGNUM options */ +//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ + +/* CTR_DRBG options */ +//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ +//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* HMAC_DRBG options */ +//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* ECP options */ +//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ +//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ +//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ + +/* Entropy options */ +//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ +//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ + +/* Memory buffer allocator options */ +//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ + +/* Platform options */ +//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ +/* Note: your snprintf must correclty zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ + +/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ +/* Note: your snprintf must correclty zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ + +/* \} name SECTION: Customisation configuration options */ + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ From 66920ceb19c688eb19c4bbd5623711a5cdba49fc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:49:49 +0100 Subject: [PATCH 0004/2197] Set the default configuration to PSA This will simplify development in the PSA branch. --- configs/config-default.h | 2911 ++++++++++++++++++++++++++++++++++++++ include/mbedtls/config.h | 1040 +------------- 2 files changed, 2920 insertions(+), 1031 deletions(-) create mode 100644 configs/config-default.h diff --git a/configs/config-default.h b/configs/config-default.h new file mode 100644 index 000000000..4100c8e32 --- /dev/null +++ b/configs/config-default.h @@ -0,0 +1,2911 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/** + * \name SECTION: System support + * + * This section sets system specific settings. + * \{ + */ + +/** + * \def MBEDTLS_HAVE_ASM + * + * The compiler has support for asm(). + * + * Requires support for asm() in compiler. + * + * Used in: + * library/timing.c + * library/padlock.c + * include/mbedtls/bn_mul.h + * + * Comment to disable the use of assembly code. + */ +#define MBEDTLS_HAVE_ASM + +/** + * \def MBEDTLS_NO_UDBL_DIVISION + * + * The platform lacks support for double-width integer division (64-bit + * division on a 32-bit platform, 128-bit division on a 64-bit platform). + * + * Used in: + * include/mbedtls/bignum.h + * library/bignum.c + * + * The bignum code uses double-width division to speed up some operations. + * Double-width division is often implemented in software that needs to + * be linked with the program. The presence of a double-width integer + * type is usually detected automatically through preprocessor macros, + * but the automatic detection cannot know whether the code needs to + * and can be linked with an implementation of division for that type. + * By default division is assumed to be usable if the type is present. + * Uncomment this option to prevent the use of double-width division. + * + * Note that division for the native integer type is always required. + * Furthermore, a 64-bit type is always required even on a 32-bit + * platform, but it need not support multiplication or division. In some + * cases it is also desirable to disable some double-width operations. For + * example, if double-width division is implemented in software, disabling + * it can reduce code size in some embedded targets. + */ +//#define MBEDTLS_NO_UDBL_DIVISION + +/** + * \def MBEDTLS_HAVE_SSE2 + * + * CPU supports SSE2 instruction set. + * + * Uncomment if the CPU supports SSE2 (IA-32 specific). + */ +//#define MBEDTLS_HAVE_SSE2 + +/** + * \def MBEDTLS_HAVE_TIME + * + * System has time.h and time(). + * The time does not need to be correct, only time differences are used, + * by contrast with MBEDTLS_HAVE_TIME_DATE + * + * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, + * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and + * MBEDTLS_PLATFORM_STD_TIME. + * + * Comment if your system does not support time functions + */ +#define MBEDTLS_HAVE_TIME + +/** + * \def MBEDTLS_HAVE_TIME_DATE + * + * System has time.h and time(), gmtime() and the clock is correct. + * The time needs to be correct (not necesarily very accurate, but at least + * the date should be correct). This is used to verify the validity period of + * X.509 certificates. + * + * Comment if your system does not have a correct clock. + */ +#define MBEDTLS_HAVE_TIME_DATE + +/** + * \def MBEDTLS_PLATFORM_MEMORY + * + * Enable the memory allocation layer. + * + * By default mbed TLS uses the system-provided calloc() and free(). + * This allows different allocators (self-implemented or provided) to be + * provided to the platform abstraction layer. + * + * Enabling MBEDTLS_PLATFORM_MEMORY without the + * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide + * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and + * free() function pointer at runtime. + * + * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the + * alternate function at compile time. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Enable this layer to allow use of alternative memory allocators. + */ +//#define MBEDTLS_PLATFORM_MEMORY + +/** + * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + * + * Do not assign standard functions in the platform layer (e.g. calloc() to + * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) + * + * This makes sure there are no linking errors on platforms that do not support + * these functions. You will HAVE to provide alternatives, either at runtime + * via the platform_set_xxx() functions or at compile time by setting + * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a + * MBEDTLS_PLATFORM_XXX_MACRO. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Uncomment to prevent default assignment of standard functions in the + * platform layer. + */ +//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + +/** + * \def MBEDTLS_PLATFORM_EXIT_ALT + * + * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the + * function in the platform abstraction layer. + * + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * provide a function "mbedtls_platform_set_printf()" that allows you to set an + * alternative printf function pointer. + * + * All these define require MBEDTLS_PLATFORM_C to be defined! + * + * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; + * it will be enabled automatically by check_config.h + * + * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as + * MBEDTLS_PLATFORM_XXX_MACRO! + * + * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME + * + * Uncomment a macro to enable alternate implementation of specific base + * platform function + */ +//#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_TIME_ALT +//#define MBEDTLS_PLATFORM_FPRINTF_ALT +//#define MBEDTLS_PLATFORM_PRINTF_ALT +//#define MBEDTLS_PLATFORM_SNPRINTF_ALT +//#define MBEDTLS_PLATFORM_NV_SEED_ALT +//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT + +/** + * \def MBEDTLS_DEPRECATED_WARNING + * + * Mark deprecated functions so that they generate a warning if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * This only works with GCC and Clang. With other compilers, you may want to + * use MBEDTLS_DEPRECATED_REMOVED + * + * Uncomment to get warnings on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_WARNING + +/** + * \def MBEDTLS_DEPRECATED_REMOVED + * + * Remove deprecated functions so that they generate an error if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * Uncomment to get errors on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_REMOVED + +/* \} name SECTION: System support */ + +/** + * \name SECTION: mbed TLS feature support + * + * This section sets support for features that are or are not needed + * within the modules that are enabled. + * \{ + */ + +/** + * \def MBEDTLS_TIMING_ALT + * + * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), + * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() + * + * Only works if you have MBEDTLS_TIMING_C enabled. + * + * You will need to provide a header "timing_alt.h" and an implementation at + * compile time. + */ +//#define MBEDTLS_TIMING_ALT + +/** + * \def MBEDTLS_AES_ALT + * + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your + * alternate core implementation of a symmetric crypto, an arithmetic or hash + * module (e.g. platform specific assembly optimized implementations). Keep + * in mind that the function prototypes should remain the same. + * + * This replaces the whole module. If you only want to replace one of the + * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * provide the "struct mbedtls_aes_context" definition and omit the base + * function declarations and implementations. "aes_alt.h" will be included from + * "aes.h" to include the new function definitions. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * module. + * + * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their + * use constitutes a security risk. If possible, we recommend + * avoiding dependencies on them, and considering stronger message + * digests and ciphers instead. + * + */ +//#define MBEDTLS_AES_ALT +//#define MBEDTLS_ARC4_ALT +//#define MBEDTLS_BLOWFISH_ALT +//#define MBEDTLS_CAMELLIA_ALT +//#define MBEDTLS_CCM_ALT +//#define MBEDTLS_CMAC_ALT +//#define MBEDTLS_DES_ALT +//#define MBEDTLS_DHM_ALT +//#define MBEDTLS_ECJPAKE_ALT +//#define MBEDTLS_GCM_ALT +//#define MBEDTLS_MD2_ALT +//#define MBEDTLS_MD4_ALT +//#define MBEDTLS_MD5_ALT +//#define MBEDTLS_RIPEMD160_ALT +//#define MBEDTLS_RSA_ALT +//#define MBEDTLS_SHA1_ALT +//#define MBEDTLS_SHA256_ALT +//#define MBEDTLS_SHA512_ALT +//#define MBEDTLS_XTEA_ALT +/* + * When replacing the elliptic curve module, pleace consider, that it is + * implemented with two .c files: + * - ecp.c + * - ecp_curves.c + * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT + * macros as described above. The only difference is that you have to make sure + * that you provide functionality for both .c files. + */ +//#define MBEDTLS_ECP_ALT + +/** + * \def MBEDTLS_MD2_PROCESS_ALT + * + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * alternate core implementation of symmetric crypto or hash function. Keep in + * mind that function prototypes should remain the same. + * + * This replaces only one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * no longer provide the mbedtls_sha1_process() function, but it will still provide + * the other function (using your mbedtls_sha1_process() function) and the definition + * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible + * with this definition. + * + * \note Because of a signature change, the core AES encryption and decryption routines are + * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, + * respectively. When setting up alternative implementations, these functions should + * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt + * must stay untouched. + * + * \note If you use the AES_xxx_ALT macros, then is is recommended to also set + * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES + * tables. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + * + * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use + * constitutes a security risk. If possible, we recommend avoiding + * dependencies on them, and considering stronger message digests + * and ciphers instead. + * + */ +//#define MBEDTLS_MD2_PROCESS_ALT +//#define MBEDTLS_MD4_PROCESS_ALT +//#define MBEDTLS_MD5_PROCESS_ALT +//#define MBEDTLS_RIPEMD160_PROCESS_ALT +//#define MBEDTLS_SHA1_PROCESS_ALT +//#define MBEDTLS_SHA256_PROCESS_ALT +//#define MBEDTLS_SHA512_PROCESS_ALT +//#define MBEDTLS_DES_SETKEY_ALT +//#define MBEDTLS_DES_CRYPT_ECB_ALT +//#define MBEDTLS_DES3_CRYPT_ECB_ALT +//#define MBEDTLS_AES_SETKEY_ENC_ALT +//#define MBEDTLS_AES_SETKEY_DEC_ALT +//#define MBEDTLS_AES_ENCRYPT_ALT +//#define MBEDTLS_AES_DECRYPT_ALT +//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT +//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT +//#define MBEDTLS_ECDSA_VERIFY_ALT +//#define MBEDTLS_ECDSA_SIGN_ALT +//#define MBEDTLS_ECDSA_GENKEY_ALT + +/** + * \def MBEDTLS_ECP_INTERNAL_ALT + * + * Expose a part of the internal interface of the Elliptic Curve Point module. + * + * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your + * alternative core implementation of elliptic curve arithmetic. Keep in mind + * that function prototypes should remain the same. + * + * This partially replaces one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation + * is still present and it is used for group structures not supported by the + * alternative. + * + * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT + * and implementing the following functions: + * unsigned char mbedtls_internal_ecp_grp_capable( + * const mbedtls_ecp_group *grp ) + * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) + * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp ) + * The mbedtls_internal_ecp_grp_capable function should return 1 if the + * replacement functions implement arithmetic for the given group and 0 + * otherwise. + * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are + * called before and after each point operation and provide an opportunity to + * implement optimized set up and tear down instructions. + * + * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and + * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac + * function, but will use your mbedtls_internal_ecp_double_jac if the group is + * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when + * receives it as an argument). If the group is not supported then the original + * implementation is used. The other functions and the definition of + * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your + * implementation of mbedtls_internal_ecp_double_jac and + * mbedtls_internal_ecp_grp_capable must be compatible with this definition. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + */ +/* Required for all the functions in this section */ +//#define MBEDTLS_ECP_INTERNAL_ALT +/* Support for Weierstrass curves with Jacobi representation */ +//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT +//#define MBEDTLS_ECP_ADD_MIXED_ALT +//#define MBEDTLS_ECP_DOUBLE_JAC_ALT +//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT +//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT +/* Support for curves with Montgomery arithmetic */ +//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT +//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT +//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT + +/** + * \def MBEDTLS_TEST_NULL_ENTROPY + * + * Enables testing and use of mbed TLS without any configured entropy sources. + * This permits use of the library on platforms before an entropy source has + * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the + * MBEDTLS_ENTROPY_NV_SEED switches). + * + * WARNING! This switch MUST be disabled in production builds, and is suitable + * only for development. + * Enabling the switch negates any security provided by the library. + * + * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + */ +//#define MBEDTLS_TEST_NULL_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_HARDWARE_ALT + * + * Uncomment this macro to let mbed TLS use your own implementation of a + * hardware entropy collector. + * + * Your function must be called \c mbedtls_hardware_poll(), have the same + * prototype as declared in entropy_poll.h, and accept NULL as first argument. + * + * Uncomment to use your own hardware entropy collector. + */ +//#define MBEDTLS_ENTROPY_HARDWARE_ALT + +/** + * \def MBEDTLS_AES_ROM_TABLES + * + * Use precomputed AES tables stored in ROM. + * + * Uncomment this macro to use precomputed AES tables stored in ROM. + * Comment this macro to generate AES tables in RAM at runtime. + * + * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb + * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the + * initialization time before the first AES operation can be performed. + * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c + * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded + * performance if ROM access is slower than RAM access. + * + * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. + * + */ +//#define MBEDTLS_AES_ROM_TABLES + +/** + * \def MBEDTLS_AES_FEWER_TABLES + * + * Use less ROM/RAM for AES tables. + * + * Uncommenting this macro omits 75% of the AES tables from + * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) + * by computing their values on the fly during operations + * (the tables are entry-wise rotations of one another). + * + * Tradeoff: Uncommenting this reduces the RAM / ROM footprint + * by ~6kb but at the cost of more arithmetic operations during + * runtime. Specifically, one has to compare 4 accesses within + * different tables to 4 accesses with additional arithmetic + * operations within the same table. The performance gain/loss + * depends on the system and memory details. + * + * This option is independent of \c MBEDTLS_AES_ROM_TABLES. + * + */ +//#define MBEDTLS_AES_FEWER_TABLES + +/** + * \def MBEDTLS_CAMELLIA_SMALL_MEMORY + * + * Use less ROM for the Camellia implementation (saves about 768 bytes). + * + * Uncomment this macro to use less memory for Camellia. + */ +//#define MBEDTLS_CAMELLIA_SMALL_MEMORY + +/** + * \def MBEDTLS_CIPHER_MODE_CBC + * + * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CBC + +/** + * \def MBEDTLS_CIPHER_MODE_CFB + * + * Enable Cipher Feedback mode (CFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CFB + +/** + * \def MBEDTLS_CIPHER_MODE_CTR + * + * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CTR + +/** + * \def MBEDTLS_CIPHER_NULL_CIPHER + * + * Enable NULL cipher. + * Warning: Only do so when you know what you are doing. This allows for + * encryption or channels without any security! + * + * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA + * + * Uncomment this macro to enable the NULL cipher and ciphersuites + */ +//#define MBEDTLS_CIPHER_NULL_CIPHER + +/** + * \def MBEDTLS_CIPHER_PADDING_PKCS7 + * + * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for + * specific padding modes in the cipher layer with cipher modes that support + * padding (e.g. CBC) + * + * If you disable all padding modes, only full blocks can be used with CBC. + * + * Enable padding modes in the cipher layer. + */ +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define MBEDTLS_CIPHER_PADDING_ZEROS + +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + +/** + * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED + * + * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve + * module. By default all supported curves are enabled. + * + * Comment macros to disable the curve and functions for it + */ +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_ECP_DP_CURVE448_ENABLED + +/** + * \def MBEDTLS_ECP_NIST_OPTIM + * + * Enable specific 'modulo p' routines for each NIST prime. + * Depending on the prime and architecture, makes operations 4 to 8 times + * faster on the corresponding curve. + * + * Comment this macro to disable NIST curves optimisation. + */ +#define MBEDTLS_ECP_NIST_OPTIM + +/** + * \def MBEDTLS_ECDSA_DETERMINISTIC + * + * Enable deterministic ECDSA (RFC 6979). + * Standard ECDSA is "fragile" in the sense that lack of entropy when signing + * may result in a compromise of the long-term signing key. This is avoided by + * the deterministic variant. + * + * Requires: MBEDTLS_HMAC_DRBG_C + * + * Comment this macro to disable deterministic ECDSA. + */ +#define MBEDTLS_ECDSA_DETERMINISTIC + +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + * + * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Requires: MBEDTLS_ECJPAKE_C + * MBEDTLS_SHA256_C + * MBEDTLS_ECP_DP_SECP256R1_ENABLED + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + */ +//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + +/** + * \def MBEDTLS_PK_PARSE_EC_EXTENDED + * + * Enhance support for reading EC keys using variants of SEC1 not allowed by + * RFC 5915 and RFC 5480. + * + * Currently this means parsing the SpecifiedECDomain choice of EC + * parameters (only known groups are supported, not arbitrary domains, to + * avoid validation issues). + * + * Disable if you only need to support RFC 5915 + 5480 key formats. + */ +#define MBEDTLS_PK_PARSE_EC_EXTENDED + +/** + * \def MBEDTLS_ERROR_STRERROR_DUMMY + * + * Enable a dummy error function to make use of mbedtls_strerror() in + * third party libraries easier when MBEDTLS_ERROR_C is disabled + * (no effect when MBEDTLS_ERROR_C is enabled). + * + * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're + * not using mbedtls_strerror() or error_strerror() in your application. + * + * Disable if you run into name conflicts and want to really remove the + * mbedtls_strerror() + */ +#define MBEDTLS_ERROR_STRERROR_DUMMY + +/** + * \def MBEDTLS_GENPRIME + * + * Enable the prime-number generation code. + * + * Requires: MBEDTLS_BIGNUM_C + */ +#define MBEDTLS_GENPRIME + +/** + * \def MBEDTLS_FS_IO + * + * Enable functions that use the filesystem. + */ +#define MBEDTLS_FS_IO + +/** + * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + * Do not add default entropy sources. These are the platform specific, + * mbedtls_timing_hardclock and HAVEGE based poll functions. + * + * This is useful to have more control over the added entropy sources in an + * application. + * + * Uncomment this macro to prevent loading of default entropy functions. + */ +//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + +/** + * \def MBEDTLS_NO_PLATFORM_ENTROPY + * + * Do not use built-in platform entropy functions. + * This is useful if your platform does not support + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. + */ +//#define MBEDTLS_NO_PLATFORM_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_FORCE_SHA256 + * + * Force the entropy accumulator to use a SHA-256 accumulator instead of the + * default SHA-512 based one (if both are available). + * + * Requires: MBEDTLS_SHA256_C + * + * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option + * if you have performance concerns. + * + * This option is only useful if both MBEDTLS_SHA256_C and + * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. + */ +//#define MBEDTLS_ENTROPY_FORCE_SHA256 + +/** + * \def MBEDTLS_ENTROPY_NV_SEED + * + * Enable the non-volatile (NV) seed file-based entropy source. + * (Also enables the NV seed read/write functions in the platform layer) + * + * This is crucial (if not required) on systems that do not have a + * cryptographic entropy source (in hardware or kernel) available. + * + * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C + * + * \note The read/write functions that are used by the entropy source are + * determined in the platform layer, and can be modified at runtime and/or + * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. + * + * \note If you use the default implementation functions that read a seedfile + * with regular fopen(), please make sure you make a seedfile with the + * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at + * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from + * and written to or you will get an entropy source error! The default + * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE + * bytes from the file. + * + * \note The entropy collector will write to the seed file before entropy is + * given to an external source, to update it. + */ +//#define MBEDTLS_ENTROPY_NV_SEED + +/** + * \def MBEDTLS_MEMORY_DEBUG + * + * Enable debugging of buffer allocator memory issues. Automatically prints + * (to stderr) all (fatal) messages on memory allocation issues. Enables + * function for 'debug output' of allocated memory. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Uncomment this macro to let the buffer allocator print out error messages. + */ +//#define MBEDTLS_MEMORY_DEBUG + +/** + * \def MBEDTLS_MEMORY_BACKTRACE + * + * Include backtrace information with each allocated block. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * GLIBC-compatible backtrace() an backtrace_symbols() support + * + * Uncomment this macro to include backtrace information + */ +//#define MBEDTLS_MEMORY_BACKTRACE + +/** + * \def MBEDTLS_PK_RSA_ALT_SUPPORT + * + * Support external private RSA keys (eg from a HSM) in the PK layer. + * + * Comment this macro to disable support for external private RSA keys. + */ +#define MBEDTLS_PK_RSA_ALT_SUPPORT + +/** + * \def MBEDTLS_PKCS1_V15 + * + * Enable support for PKCS#1 v1.5 encoding. + * + * Requires: MBEDTLS_RSA_C + * + * This enables support for PKCS#1 v1.5 operations. + */ +#define MBEDTLS_PKCS1_V15 + +/** + * \def MBEDTLS_PKCS1_V21 + * + * Enable support for PKCS#1 v2.1 encoding. + * + * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C + * + * This enables support for RSAES-OAEP and RSASSA-PSS operations. + */ +#define MBEDTLS_PKCS1_V21 + +/** + * \def MBEDTLS_RSA_NO_CRT + * + * Do not use the Chinese Remainder Theorem + * for the RSA private operation. + * + * Uncomment this macro to disable the use of CRT in RSA. + * + */ +//#define MBEDTLS_RSA_NO_CRT + +/** + * \def MBEDTLS_SELF_TEST + * + * Enable the checkup functions (*_self_test). + */ +#define MBEDTLS_SELF_TEST + +/** + * \def MBEDTLS_SHA256_SMALLER + * + * Enable an implementation of SHA-256 that has lower ROM footprint but also + * lower performance. + * + * The default implementation is meant to be a reasonnable compromise between + * performance and size. This version optimizes more aggressively for size at + * the expense of performance. Eg on Cortex-M4 it reduces the size of + * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about + * 30%. + * + * Uncomment to enable the smaller implementation of SHA256. + */ +//#define MBEDTLS_SHA256_SMALLER + +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Disable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + * + * \note Even if this option is disabled, both client and server are aware + * of the Renegotiation Indication Extension (RFC 5746) used to + * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). + * (See \c mbedtls_ssl_conf_legacy_renegotiation for the + * configuration of this extension). + * + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +//#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + * + * Enable server-side support for clients that reconnect from the same port. + * + * Some clients unexpectedly close the connection and try to reconnect using the + * same source port. This needs special support from the server to handle the + * new connection securely, as described in section 4.2.8 of RFC 6347. This + * flag enables that support. + * + * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Comment this to disable support for clients reusing the source port. + */ +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintainance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_EXPORT_KEYS + * + * Enable support for exporting key block and master secret. + * This is required for certain users of TLS, e.g. EAP-TLS. + * + * Comment this macro to disable support for key export + */ +#define MBEDTLS_SSL_EXPORT_KEYS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + * + * Fallback to old (pre-2.7), non-conforming implementation of the truncated + * HMAC extension which also truncates the HMAC key. Note that this option is + * only meant for a transitory upgrade period and is likely to be removed in + * a future version of the library. + * + * \warning The old implementation is non-compliant and has a security weakness + * (2^80 brute force attack on the HMAC key used for a single, + * uninterrupted connection). This should only be enabled temporarily + * when (1) the use of truncated HMAC is essential in order to save + * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use + * the fixed implementation yet (pre-2.7). + * + * \deprecated This option is deprecated and will likely be removed in a + * future version of Mbed TLS. + * + * Uncomment to fallback to old, non-compliant truncated HMAC implementation. + * + * Requires: MBEDTLS_SSL_TRUNCATED_HMAC + */ +//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + +/** + * \def MBEDTLS_THREADING_ALT + * + * Provide your own alternate threading implementation. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to allow your own alternate threading implementation. + */ +//#define MBEDTLS_THREADING_ALT + +/** + * \def MBEDTLS_THREADING_PTHREAD + * + * Enable the pthread wrapper layer for the threading layer. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to enable pthread mutexes. + */ +//#define MBEDTLS_THREADING_PTHREAD + +/** + * \def MBEDTLS_VERSION_FEATURES + * + * Allow run-time checking of compile-time enabled features. Thus allowing users + * to check at run-time if the library is for instance compiled with threading + * support via mbedtls_version_check_feature(). + * + * Requires: MBEDTLS_VERSION_C + * + * Comment this to disable run-time checking and save ROM space + */ +#define MBEDTLS_VERSION_FEATURES + +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * \warning Depending on your PKI use, enabling this can be a security risk! + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be a applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * \deprecated This feature is deprecated and will be removed + * in the next major revision of the library. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT +/* \} name SECTION: mbed TLS feature support */ + +/** + * \name SECTION: mbed TLS modules + * + * This section enables or disables entire modules in mbed TLS + * \{ + */ + +/** + * \def MBEDTLS_AESNI_C + * + * Enable AES-NI support on x86-64. + * + * Module: library/aesni.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the AES-NI instructions on x86-64 + */ +#define MBEDTLS_AESNI_C + +/** + * \def MBEDTLS_AES_C + * + * Enable the AES block cipher. + * + * Module: library/aes.c + * Caller: library/ssl_tls.c + * library/pem.c + * library/ctr_drbg.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * + * PEM_PARSE uses AES for decrypting encrypted keys. + */ +#define MBEDTLS_AES_C + +/** + * \def MBEDTLS_ARC4_C + * + * Enable the ARCFOUR stream cipher. + * + * Module: library/arc4.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + * + * \warning ARC4 is considered a weak cipher and its use constitutes a + * security risk. If possible, we recommend avoidng dependencies on + * it, and considering stronger ciphers instead. + * + */ +#define MBEDTLS_ARC4_C + +/** + * \def MBEDTLS_ASN1_PARSE_C + * + * Enable the generic ASN1 parser. + * + * Module: library/asn1.c + * Caller: library/x509.c + * library/dhm.c + * library/pkcs12.c + * library/pkcs5.c + * library/pkparse.c + */ +#define MBEDTLS_ASN1_PARSE_C + +/** + * \def MBEDTLS_ASN1_WRITE_C + * + * Enable the generic ASN1 writer. + * + * Module: library/asn1write.c + * Caller: library/ecdsa.c + * library/pkwrite.c + * library/x509_create.c + * library/x509write_crt.c + * library/x509write_csr.c + */ +#define MBEDTLS_ASN1_WRITE_C + +/** + * \def MBEDTLS_BASE64_C + * + * Enable the Base64 module. + * + * Module: library/base64.c + * Caller: library/pem.c + * + * This module is required for PEM support (required by X.509). + */ +#define MBEDTLS_BASE64_C + +/** + * \def MBEDTLS_BIGNUM_C + * + * Enable the multi-precision integer library. + * + * Module: library/bignum.c + * Caller: library/dhm.c + * library/ecp.c + * library/ecdsa.c + * library/rsa.c + * library/rsa_internal.c + * library/ssl_tls.c + * + * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. + */ +#define MBEDTLS_BIGNUM_C + +/** + * \def MBEDTLS_BLOWFISH_C + * + * Enable the Blowfish block cipher. + * + * Module: library/blowfish.c + */ +#define MBEDTLS_BLOWFISH_C + +/** + * \def MBEDTLS_CAMELLIA_C + * + * Enable the Camellia block cipher. + * + * Module: library/camellia.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + */ +#define MBEDTLS_CAMELLIA_C + +/** + * \def MBEDTLS_CCM_C + * + * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. + * + * Module: library/ccm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-CCM ciphersuites, if other requisites are + * enabled as well. + */ +#define MBEDTLS_CCM_C + +/** + * \def MBEDTLS_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define MBEDTLS_CERTS_C + +/** + * \def MBEDTLS_CIPHER_C + * + * Enable the generic cipher layer. + * + * Module: library/cipher.c + * Caller: library/ssl_tls.c + * + * Uncomment to enable generic cipher wrappers. + */ +#define MBEDTLS_CIPHER_C + +/** + * \def MBEDTLS_CMAC_C + * + * Enable the CMAC (Cipher-based Message Authentication Code) mode for block + * ciphers. + * + * Module: library/cmac.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C + * + */ +//#define MBEDTLS_CMAC_C + +/** + * \def MBEDTLS_CTR_DRBG_C + * + * Enable the CTR_DRBG AES-256-based random generator. + * + * Module: library/ctr_drbg.c + * Caller: + * + * Requires: MBEDTLS_AES_C + * + * This module provides the CTR_DRBG AES-256 random number generator. + */ +#define MBEDTLS_CTR_DRBG_C + +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + +/** + * \def MBEDTLS_DES_C + * + * Enable the DES block cipher. + * + * Module: library/des.c + * Caller: library/pem.c + * library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * + * PEM_PARSE uses DES/3DES for decrypting encrypted keys. + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +#define MBEDTLS_DES_C + +/** + * \def MBEDTLS_DHM_C + * + * Enable the Diffie-Hellman-Merkle module. + * + * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * DHE-RSA, DHE-PSK + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_DHM_C + +/** + * \def MBEDTLS_ECDH_C + * + * Enable the elliptic curve Diffie-Hellman library. + * + * Module: library/ecdh.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK + * + * Requires: MBEDTLS_ECP_C + */ +#define MBEDTLS_ECDH_C + +/** + * \def MBEDTLS_ECDSA_C + * + * Enable the elliptic curve DSA library. + * + * Module: library/ecdsa.c + * Caller: + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C + */ +#define MBEDTLS_ECDSA_C + +/** + * \def MBEDTLS_ECJPAKE_C + * + * Enable the elliptic curve J-PAKE library. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Module: library/ecjpake.c + * Caller: + * + * This module is used by the following key exchanges: + * ECJPAKE + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C + */ +//#define MBEDTLS_ECJPAKE_C + +/** + * \def MBEDTLS_ECP_C + * + * Enable the elliptic curve over GF(p) library. + * + * Module: library/ecp.c + * Caller: library/ecdh.c + * library/ecdsa.c + * library/ecjpake.c + * + * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED + */ +#define MBEDTLS_ECP_C + +/** + * \def MBEDTLS_ENTROPY_C + * + * Enable the platform-specific entropy code. + * + * Module: library/entropy.c + * Caller: + * + * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C + * + * This module provides a generic entropy pool + */ +#define MBEDTLS_ENTROPY_C + +/** + * \def MBEDTLS_ERROR_C + * + * Enable error code to error string conversion. + * + * Module: library/error.c + * Caller: + * + * This module enables mbedtls_strerror(). + */ +#define MBEDTLS_ERROR_C + +/** + * \def MBEDTLS_GCM_C + * + * Enable the Galois/Counter Mode (GCM) for AES. + * + * Module: library/gcm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other + * requisites are enabled as well. + */ +#define MBEDTLS_GCM_C + +/** + * \def MBEDTLS_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: MBEDTLS_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. + */ +//#define MBEDTLS_HAVEGE_C + +/** + * \def MBEDTLS_HMAC_DRBG_C + * + * Enable the HMAC_DRBG random generator. + * + * Module: library/hmac_drbg.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * Uncomment to enable the HMAC_DRBG random number geerator. + */ +#define MBEDTLS_HMAC_DRBG_C + +/** + * \def MBEDTLS_MD_C + * + * Enable the generic message digest layer. + * + * Module: library/md.c + * Caller: + * + * Uncomment to enable generic message digest wrappers. + */ +#define MBEDTLS_MD_C + +/** + * \def MBEDTLS_MD2_C + * + * Enable the MD2 hash algorithm. + * + * Module: library/md2.c + * Caller: + * + * Uncomment to enable support for (rare) MD2-signed X.509 certs. + * + * \warning MD2 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +//#define MBEDTLS_MD2_C + +/** + * \def MBEDTLS_MD4_C + * + * Enable the MD4 hash algorithm. + * + * Module: library/md4.c + * Caller: + * + * Uncomment to enable support for (rare) MD4-signed X.509 certs. + * + * \warning MD4 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +//#define MBEDTLS_MD4_C + +/** + * \def MBEDTLS_MD5_C + * + * Enable the MD5 hash algorithm. + * + * Module: library/md5.c + * Caller: library/md.c + * library/pem.c + * library/ssl_tls.c + * + * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 + * depending on the handshake parameters. Further, it is used for checking + * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded + * encrypted keys. + * + * \warning MD5 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_MD5_C + +/** + * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Enable the buffer allocator implementation that makes use of a (stack) + * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() + * calls) + * + * Module: library/memory_buffer_alloc.c + * + * Requires: MBEDTLS_PLATFORM_C + * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * + * Enable this module to enable the buffer memory allocator. + */ +//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C + +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP and UDP over IPv6/IPv4 networking routines. + * + * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) + * and Windows. For other platforms, you'll want to disable it, and write your + * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/net_sockets.c + * + * This module provides networking routines. + */ +#define MBEDTLS_NET_C + +/** + * \def MBEDTLS_OID_C + * + * Enable the OID database. + * + * Module: library/oid.c + * Caller: library/asn1write.c + * library/pkcs5.c + * library/pkparse.c + * library/pkwrite.c + * library/rsa.c + * library/x509.c + * library/x509_create.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * This modules translates between OIDs and internal values. + */ +#define MBEDTLS_OID_C + +/** + * \def MBEDTLS_PADLOCK_C + * + * Enable VIA Padlock support on x86. + * + * Module: library/padlock.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the VIA PadLock on x86. + */ +#define MBEDTLS_PADLOCK_C + +/** + * \def MBEDTLS_PEM_PARSE_C + * + * Enable PEM decoding / parsing. + * + * Module: library/pem.c + * Caller: library/dhm.c + * library/pkparse.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for decoding / parsing PEM files. + */ +#define MBEDTLS_PEM_PARSE_C + +/** + * \def MBEDTLS_PEM_WRITE_C + * + * Enable PEM encoding / writing. + * + * Module: library/pem.c + * Caller: library/pkwrite.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for encoding / writing PEM files. + */ +#define MBEDTLS_PEM_WRITE_C + +/** + * \def MBEDTLS_PK_C + * + * Enable the generic public (asymetric) key layer. + * + * Module: library/pk.c + * Caller: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C + * + * Uncomment to enable generic public key wrappers. + */ +#define MBEDTLS_PK_C + +/** + * \def MBEDTLS_PK_PARSE_C + * + * Enable the generic public (asymetric) key parser. + * + * Module: library/pkparse.c + * Caller: library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key parse functions. + */ +#define MBEDTLS_PK_PARSE_C + +/** + * \def MBEDTLS_PK_WRITE_C + * + * Enable the generic public (asymetric) key writer. + * + * Module: library/pkwrite.c + * Caller: library/x509write.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key write functions. + */ +#define MBEDTLS_PK_WRITE_C + +/** + * \def MBEDTLS_PKCS5_C + * + * Enable PKCS#5 functions. + * + * Module: library/pkcs5.c + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the PKCS#5 functions. + */ +#define MBEDTLS_PKCS5_C + +/** + * \def MBEDTLS_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/pkcs11.c + * Caller: library/pk.c + * + * Requires: MBEDTLS_PK_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) + */ +//#define MBEDTLS_PKCS11_C + +/** + * \def MBEDTLS_PKCS12_C + * + * Enable PKCS#12 PBE functions. + * Adds algorithms for parsing PKCS#8 encrypted private keys + * + * Module: library/pkcs12.c + * Caller: library/pkparse.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * Can use: MBEDTLS_ARC4_C + * + * This module enables PKCS#12 functions. + */ +#define MBEDTLS_PKCS12_C + +/** + * \def MBEDTLS_PLATFORM_C + * + * Enable the platform abstraction layer that allows you to re-assign + * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). + * + * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT + * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned + * above to be specified at runtime or compile time respectively. + * + * \note This abstraction layer must be enabled on Windows (including MSYS2) + * as other module rely on it for a fixed snprintf implementation. + * + * Module: library/platform.c + * Caller: Most other .c files + * + * This module enables abstraction of common (libc) functions. + */ +#define MBEDTLS_PLATFORM_C + +/** + * \def MBEDTLS_PSA_CRYPTO_C + * + * Enable the Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto.c + * + * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * + */ +#define MBEDTLS_PSA_CRYPTO_C + +/** + * \def MBEDTLS_RIPEMD160_C + * + * Enable the RIPEMD-160 hash algorithm. + * + * Module: library/ripemd160.c + * Caller: library/md.c + * + */ +#define MBEDTLS_RIPEMD160_C + +/** + * \def MBEDTLS_RSA_C + * + * Enable the RSA public-key cryptosystem. + * + * Module: library/rsa.c + * library/rsa_internal.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c + * + * This module is used by the following key exchanges: + * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C + */ +#define MBEDTLS_RSA_C + +/** + * \def MBEDTLS_SHA1_C + * + * Enable the SHA1 cryptographic hash algorithm. + * + * Module: library/sha1.c + * Caller: library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509write_crt.c + * + * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 + * depending on the handshake parameters, and for SHA1-signed certificates. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_SHA1_C + +/** + * \def MBEDTLS_SHA256_C + * + * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * + * Module: library/sha256.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module adds support for SHA-224 and SHA-256. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define MBEDTLS_SHA256_C + +/** + * \def MBEDTLS_SHA512_C + * + * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * + * Module: library/sha512.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This module adds support for SHA-384 and SHA-512. + */ +#define MBEDTLS_SHA512_C + +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + +/** + * \def MBEDTLS_THREADING_C + * + * Enable the threading abstraction layer. + * By default mbed TLS assumes it is used in a non-threaded environment or that + * contexts are not shared between threads. If you do intend to use contexts + * between threads, you will need to enable this layer to prevent race + * conditions. See also our Knowledge Base article about threading: + * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading + * + * Module: library/threading.c + * + * This allows different threading implementations (self-implemented or + * provided). + * + * You will have to enable either MBEDTLS_THREADING_ALT or + * MBEDTLS_THREADING_PTHREAD. + * + * Enable this layer to allow use of mutexes within mbed TLS + */ +//#define MBEDTLS_THREADING_C + +/** + * \def MBEDTLS_TIMING_C + * + * Enable the semi-portable timing interface. + * + * \note The provided implementation only works on POSIX/Unix (including Linux, + * BSD and OS X) and Windows. On other platforms, you can either disable that + * module and provide your own implementations of the callbacks needed by + * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide + * your own implementation of the whole module by setting + * \c MBEDTLS_TIMING_ALT in the current file. + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/timing.c + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. + */ +#define MBEDTLS_TIMING_C + +/** + * \def MBEDTLS_VERSION_C + * + * Enable run-time version information. + * + * Module: library/version.c + * + * This module provides run-time version information. + */ +#define MBEDTLS_VERSION_C + +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/x509_crl.c + * Caller: library/x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + +/** + * \def MBEDTLS_XTEA_C + * + * Enable the XTEA block cipher. + * + * Module: library/xtea.c + * Caller: + */ +#define MBEDTLS_XTEA_C + +/* \} name SECTION: mbed TLS modules */ + +/** + * \name SECTION: Module configuration options + * + * This section allows for the setting of module specific sizes and + * configuration options. The default values are already present in the + * relevant header files and should suffice for the regular use cases. + * + * Our advice is to enable options and change their values here + * only if you have a good reason and know the consequences. + * + * Please check the respective header file for documentation on these + * parameters (to prevent duplicate documentation). + * \{ + */ + +/* MPI / BIGNUM options */ +//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ + +/* CTR_DRBG options */ +//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ +//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* HMAC_DRBG options */ +//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* ECP options */ +//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ +//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ +//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ + +/* Entropy options */ +//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ +//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ + +/* Memory buffer allocator options */ +//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ + +/* Platform options */ +//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ +/* Note: your snprintf must correclty zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ + +/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ +/* Note: your snprintf must correclty zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ + +/* SSL Cache options */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +/* SSL options */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */ +//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ + +/** + * Complete list of ciphersuites to use, in order of preference. + * + * \warning No dependency checking is done on that field! This option can only + * be used to restrict the set of available ciphersuites. It is your + * responsibility to make sure the needed modules are active. + * + * Use this to save a few hundred bytes of ROM (default ordering of all + * available ciphersuites) and a few to a few hundred bytes of RAM. + * + * The value below is only an example, not the default. + */ +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* X509 options */ +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ + +/** + * Allow SHA-1 in the default TLS configuration for certificate signing. + * Without this build-time option, SHA-1 support must be activated explicitly + * through mbedtls_ssl_conf_cert_profile. Turning on this option is not + * recommended because of it is possible to generate SHA-1 collisions, however + * this may be safe for legacy infrastructure where additional controls apply. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + +/** + * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake + * signature and ciphersuite selection. Without this build-time option, SHA-1 + * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. + * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by + * default. At the time of writing, there is no practical attack on the use + * of SHA-1 in handshake signatures, hence this option is turned on by default + * to preserve compatibility with existing peers, but the general + * warning applies nonetheless: + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + +/** + * Uncomment the macro to let mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(). This replaces the default implementation in + * platform_util.c. + * + * mbedtls_platform_zeroize() is a widely used function across the library to + * zero a block of memory. The implementation is expected to be secure in the + * sense that it has been written to prevent the compiler from removing calls + * to mbedtls_platform_zeroize() as part of redundant code elimination + * optimizations. However, it is difficult to guarantee that calls to + * mbedtls_platform_zeroize() will not be optimized by the compiler as older + * versions of the C language standards do not provide a secure implementation + * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to + * configure their own implementation of mbedtls_platform_zeroize(), for + * example by using directives specific to their compiler, features from newer + * C standards (e.g using memset_s() in C11) or calling a secure memset() from + * their system (e.g explicit_bzero() in BSD). + */ +//#define MBEDTLS_PLATFORM_ZEROIZE_ALT + +/* \} name SECTION: Customisation configuration options */ + +/* Target and application specific configurations */ +//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h" + +#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE) +#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE +#endif + +/* + * Allow user to override any previous default. + * + * Use two macro names for that, as: + * - with yotta the prefix YOTTA_CFG_ is forced + * - without yotta is looks weird to have a YOTTA prefix. + */ +#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE) +#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE +#elif defined(MBEDTLS_USER_CONFIG_FILE) +#include MBEDTLS_USER_CONFIG_FILE +#endif + +#include "check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index dc112a91d..9f063be72 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1,11 +1,9 @@ /** - * \file config.h + * \file config-psa-crypto.h * - * \brief Configuration options (set of defines) + * \brief Configuration with all cryptography features and no X.509 or TLS. * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. + * This configuration is intended to prototype the PSA reference implementation. */ /* * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved @@ -119,33 +117,6 @@ */ //#define MBEDTLS_HAVE_SSE2 -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions - */ -#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h and time(), gmtime() and the clock is correct. - * The time needs to be correct (not necesarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - */ -#define MBEDTLS_HAVE_TIME_DATE - /** * \def MBEDTLS_PLATFORM_MEMORY * @@ -257,19 +228,6 @@ * \{ */ -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - /** * \def MBEDTLS_AES_ALT * @@ -604,37 +562,6 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES - /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -682,281 +609,6 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -1129,8 +781,7 @@ /** * \def MBEDTLS_RSA_NO_CRT * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. + * Do not use the Chinese Remainder Theorem for the RSA private operation. * * Uncomment this macro to disable the use of CRT in RSA. * @@ -1160,20 +811,6 @@ */ //#define MBEDTLS_SHA256_SMALLER -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - /** * \def MBEDTLS_SSL_ASYNC_PRIVATE * @@ -1185,348 +822,6 @@ */ //#define MBEDTLS_SSL_ASYNC_PRIVATE -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Disable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -//#define MBEDTLS_SSL_PROTO_SSL3 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintainance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - * - * Fallback to old (pre-2.7), non-conforming implementation of the truncated - * HMAC extension which also truncates the HMAC key. Note that this option is - * only meant for a transitory upgrade period and is likely to be removed in - * a future version of the library. - * - * \warning The old implementation is non-compliant and has a security weakness - * (2^80 brute force attack on the HMAC key used for a single, - * uninterrupted connection). This should only be enabled temporarily - * when (1) the use of truncated HMAC is essential in order to save - * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use - * the fixed implementation yet (pre-2.7). - * - * \deprecated This option is deprecated and will likely be removed in a - * future version of Mbed TLS. - * - * Uncomment to fallback to old, non-compliant truncated HMAC implementation. - * - * Requires: MBEDTLS_SSL_TRUNCATED_HMAC - */ -//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - /** * \def MBEDTLS_THREADING_ALT * @@ -1562,89 +857,6 @@ */ #define MBEDTLS_VERSION_FEATURES -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be a applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * \deprecated This feature is deprecated and will be removed - * in the next major revision of the library. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -2029,20 +1241,6 @@ */ #define MBEDTLS_CTR_DRBG_C -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - /** * \def MBEDTLS_DES_C * @@ -2141,7 +1339,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -//#define MBEDTLS_ECJPAKE_C +#define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C @@ -2289,7 +1487,7 @@ * it, and considering stronger message digests instead. * */ -//#define MBEDTLS_MD2_C +#define MBEDTLS_MD2_C /** * \def MBEDTLS_MD4_C @@ -2306,7 +1504,7 @@ * it, and considering stronger message digests instead. * */ -//#define MBEDTLS_MD4_C +#define MBEDTLS_MD4_C /** * \def MBEDTLS_MD5_C @@ -2346,25 +1544,6 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - /** * \def MBEDTLS_OID_C * @@ -2400,7 +1579,7 @@ * * This modules adds support for the VIA PadLock on x86. */ -#define MBEDTLS_PADLOCK_C +//#define MBEDTLS_PADLOCK_C /** * \def MBEDTLS_PEM_PARSE_C @@ -2651,84 +1830,6 @@ */ #define MBEDTLS_SHA512_C -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - /** * \def MBEDTLS_THREADING_C * @@ -2751,29 +1852,6 @@ */ //#define MBEDTLS_THREADING_C -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -#define MBEDTLS_TIMING_C - /** * \def MBEDTLS_VERSION_C * @@ -2785,106 +1863,6 @@ */ #define MBEDTLS_VERSION_C -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - /** * \def MBEDTLS_XTEA_C * @@ -3134,6 +2112,6 @@ #include MBEDTLS_USER_CONFIG_FILE #endif -#include "check_config.h" +#include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ From 4a6aaa4c513ce3484d2acf4ad86b6bc383ccd374 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:51:53 +0100 Subject: [PATCH 0005/2197] Remove Github templates These templates are not applicable to PSA development. --- .github/issue_template.md | 41 -------------------------------- .github/pull_request_template.md | 39 ------------------------------ 2 files changed, 80 deletions(-) delete mode 100644 .github/issue_template.md delete mode 100644 .github/pull_request_template.md diff --git a/.github/issue_template.md b/.github/issue_template.md deleted file mode 100644 index 7c3135351..000000000 --- a/.github/issue_template.md +++ /dev/null @@ -1,41 +0,0 @@ -Note: This is just a template, so feel free to use/remove the unnecessary things - -### Description -- Type: Bug | Enhancement\Feature Request | Question -- Priority: Blocker | Major | Minor - ---------------------------------------------------------------- -## Bug - -**OS** -Mbed OS|linux|windows| - -**mbed TLS build:** -Version: x.x.x or git commit id -OS version: x.x.x -Configuration: please attach config.h file where possible -Compiler and options (if you used a pre-built binary, please indicate how you obtained it): -Additional environment information: - -**Peer device TLS stack and version** -OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other -Version: - -**Expected behavior** - -**Actual behavior** - -**Steps to reproduce** - ----------------------------------------------------------------- -## Enhancement\Feature Request - -**Justification - why does the library need this feature?** - -**Suggested enhancement** - ------------------------------------------------------------------ - -## Question - -**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb), and preferably file an issue in the [Mbed TLS support forum](https://forums.mbed.com/c/mbed-tls)** diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md deleted file mode 100644 index 485b54195..000000000 --- a/.github/pull_request_template.md +++ /dev/null @@ -1,39 +0,0 @@ -Notes: -* Pull requests cannot be accepted until: -- The submitter has [accepted the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/) - or for companies or those that do not wish to create an mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/) -- The PR follows the [mbed TLS coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards) -* This is just a template, so feel free to use/remove the unnecessary things -## Description -A few sentences describing the overall goals of the pull request's commits. - - -## Status -**READY/IN DEVELOPMENT/HOLD** - -## Requires Backporting -When there is a bug fix, it should be backported to all maintained and supported branches. -Changes do not have to be backported if: -- This PR is a new feature\enhancement -- This PR contains changes in the API. If this is true, and there is a need for the fix to be backported, the fix should be handled differently in the legacy branch - -Yes | NO -Which branch? - -## Migrations -If there is any API change, what's the incentive and logic for it. - -YES | NO - -## Additional comments -Any additional information that could be of interest - -## Todos -- [ ] Tests -- [ ] Documentation -- [ ] Changelog updated -- [ ] Backported - - -## Steps to test or reproduce -Outline the steps to test or reproduce the PR here. From 1d26709dbd4a4f8ef9ea0ff58f2644a4bc3fc49c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Jan 2018 18:13:03 +0100 Subject: [PATCH 0006/2197] New function mbedtls_rsa_get_bitlen Add a new function mbedtls_rsa_get_bitlen which returns the RSA key size, i.e. the bit size of the modulus. In the pk module, call mbedtls_rsa_get_bitlen instead of mbedtls_rsa_get_len, which gave the wrong result for key sizes that are not a multiple of 8. This commit adds one non-regression test in the pk suite. More tests are needed for RSA key sizes that are a multiple of 8. This commit does not address RSA alternative implementations, which only provide an interface that return the modulus size in bytes. --- include/mbedtls/rsa.h | 10 +++++++ library/pk_wrap.c | 2 +- library/rsa.c | 9 ++++++- tests/suites/test_suite_pk.data | 11 +++++++- tests/suites/test_suite_pk.function | 39 +++++++++++++++++++++++----- tests/suites/test_suite_rsa.function | 27 ++++++++++++------- 6 files changed, 80 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 6eea5af2f..31a8db757 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -403,6 +403,16 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, */ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); +/** + * \brief This function retrieves the length of the RSA modulus in bits. + * + * \param ctx The initialized RSA context. + * + * \return The length of the RSA modulus in bits. + * + */ +size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx ); + /** * \brief This function generates an RSA keypair. * diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 2c7d2d79b..f9b4c659c 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -66,7 +66,7 @@ static int rsa_can_do( mbedtls_pk_type_t type ) static size_t rsa_get_bitlen( const void *ctx ) { const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx; - return( 8 * mbedtls_rsa_get_len( rsa ) ); + return( mbedtls_rsa_get_bitlen( rsa ) ); } static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, diff --git a/library/rsa.c b/library/rsa.c index 88c1cf100..ad196391f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -480,12 +480,19 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id /* * Get length in bytes of RSA modulus */ - size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) { return( ctx->len ); } +/* + * Get length in bits of RSA modulus + */ +size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx ) +{ + return( mbedtls_mpi_bitlen( &ctx->N ) ); +} + #if defined(MBEDTLS_GENPRIME) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index a066bd93e..77e3bd887 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -1,7 +1,16 @@ -PK utils: RSA +PK utils: RSA, 512 bits depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_utils:MBEDTLS_PK_RSA:512:64:"RSA" +## RSA key generation only supports even bit sizes +#PK utils: RSA, 511 bits +#depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +#pk_utils:MBEDTLS_PK_RSA:511:64:"RSA" +# +PK utils: RSA, 510 bits +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +pk_utils:MBEDTLS_PK_RSA:510:64:"RSA" + PK utils: ECKEY depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_utils:MBEDTLS_PK_ECKEY:192:24:"EC" diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 9005ddb31..a1d9b0b7a 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -13,13 +13,18 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); #define RSA_KEY_SIZE 512 #define RSA_KEY_LEN 64 -static int pk_genkey( mbedtls_pk_context *pk ) +static int pk_genkey( mbedtls_pk_context *pk, int size ) { ((void) pk); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) - return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 ); + { + if( size == 0 ) + size = RSA_KEY_SIZE; + return( mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), + rnd_std_rand, NULL, size, 3 ) ); + } #endif #if defined(MBEDTLS_ECP_C) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY || @@ -27,8 +32,30 @@ static int pk_genkey( mbedtls_pk_context *pk ) mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA ) { int ret; + mbedtls_ecp_group_id curve; + switch( size ) + { + case 0: + case 192: + curve = MBEDTLS_ECP_DP_SECP192R1; + break; + case 224: + curve = MBEDTLS_ECP_DP_SECP224R1; + break; + case 256: + curve = MBEDTLS_ECP_DP_SECP256R1; + break; + case 384: + curve = MBEDTLS_ECP_DP_SECP384R1; + break; + case 521: + curve = MBEDTLS_ECP_DP_SECP521R1; + break; + default: + return( -1 ); + } if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp, - MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 ) + curve ) ) != 0 ) return( ret ); return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d, @@ -77,7 +104,7 @@ void pk_utils( int type, int size, int len, char * name ) mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk ) == 0 ); + TEST_ASSERT( pk_genkey( &pk, size ) == 0 ); TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type ); TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) ); @@ -252,7 +279,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) memset( sig, 0, sizeof sig ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk ) == 0 ); + TEST_ASSERT( pk_genkey( &pk, 0 ) == 0 ); TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL ) == sign_ret ); @@ -447,7 +474,7 @@ void pk_rsa_alt( ) /* Initiliaze PK RSA context with random key */ TEST_ASSERT( mbedtls_pk_setup( &rsa, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - TEST_ASSERT( pk_genkey( &rsa ) == 0 ); + TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 ); /* Extract key to the raw rsa context */ TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index c43ef2050..46c8bf96e 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -44,7 +44,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); @@ -86,7 +87,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -127,7 +129,8 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); @@ -192,7 +195,8 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -256,7 +260,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -294,7 +299,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -342,7 +348,8 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); @@ -381,7 +388,8 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -440,7 +448,8 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); + TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); From 2f9c4dc5ad0fc982c0924b6efc7416a44444e173 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Jan 2018 13:16:24 +0100 Subject: [PATCH 0007/2197] Add key management functions Define psa_key_type_t and a first stab at a few values. New functions psa_import_key, psa_export_key, psa_destroy_key, psa_get_key_information. Implement them for raw data and RSA. Under the hood, create an in-memory, fixed-size keystore with room for MBEDTLS_PSA_KEY_SLOT_COUNT - 1 keys. --- include/psa/crypto.h | 113 ++++++++++ include/psa/crypto_platform.h | 3 + library/psa_crypto.c | 229 ++++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 28 +++ tests/suites/test_suite_psa_crypto.function | 120 +++++++++- 5 files changed, 488 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0bd9c03eb..63f119dc0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -8,11 +8,27 @@ #include "crypto_platform.h" +#include + #ifdef __DOXYGEN_ONLY__ /** \defgroup platform Implementation-specific definitions * @{ */ +/** \brief Key slot number. + * + * This type represents key slots. It must be an unsigned integral + * type.* The choice of type is implementation-dependent. + * 0 is not a valid key slot number. The meaning of other values is + * implementation dependent. + * + * At any given point in time, each key slot either contains a + * cryptographic object, or is empty. Key slots are persistent: + * once set, the cryptographic object remains in the key slot until + * explicitly destroyed. + */ +typedef _unsigned_integral_type_ psa_key_slot_t; + /**@}*/ #endif @@ -89,6 +105,103 @@ psa_status_t psa_crypto_init(void); /**@}*/ +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +typedef uint32_t psa_key_type_t; + +#define PSA_KEY_TYPE_NONE 0x00000000 +#define PSA_KEY_TYPE_RAW_DATA 0x00000001 +#define PSA_KEY_TYPE_RSA 0x40000001 +#define PSA_KEY_TYPE_ECC_BASE 0x40010000 + +#define PSA_KEY_TYPE_VENDOR_FLAG 0x80000000 +#define PSA_KEY_TYPE_ASYMMETRIC_FLAG 0x40000000 +#define PSA_KEY_TYPE_ECC_TEST_MASK 0x7fff0000 +#define PSA_KEY_TYPE_ECC_TEST_VALUE 0x40010000 + +#define PSA_KEY_TYPE_IS_VENDOR(type) \ + (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) +#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ + (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0) +#define PSA_KEY_TYPE_IS_ECC(type) \ + (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE) + +typedef uint32_t psa_algorithm_type_t; + +/**@}*/ + +/** \defgroup key_management Key management + * @{ + */ + +/** + * \brief Import a key in binary format. + * + * This function supports any output from psa_export_key(). + * + * \return * \c PSA_SUCCESS: success. + * * \c PSA_ERROR_NOT_SUPPORTED + * * \c PSA_ERROR_INVALID_ARGUMENT + * * \c PSA_ERROR_INSUFFICIENT_MEMORY + * * \c PSA_ERROR_COMMUNICATION_FAILURE + * * \c PSA_ERROR_HARDWARE_FAILURE + * * \c PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_import_key(psa_key_slot_t key, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + +/** + * \brief Destroy a key. + * + * \return * \c PSA_SUCCESS: success. + * * \c PSA_ERROR_EMPTY_SLOT + * * \c PSA_ERROR_COMMUNICATION_FAILURE + * * \c PSA_ERROR_HARDWARE_FAILURE + * * \c PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_destroy_key(psa_key_slot_t key); + +/** + * \brief Get basic metadata about a key. + * + * \return * \c PSA_SUCCESS: success. + * * \c PSA_ERROR_EMPTY_SLOT + * * \c PSA_ERROR_COMMUNICATION_FAILURE + * * \c PSA_ERROR_HARDWARE_FAILURE + * * \c PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_get_key_information(psa_key_slot_t key, + psa_key_type_t *type, + size_t *bits); + +/** + * \brief Export a key in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an equivalent object. + * + * If a key is created with psa_import_key() and then exported with + * this function, it is not guaranteed that the resulting data is + * identical: the implementation may choose a different representation + * of the same key. + * + * \return * \c PSA_SUCCESS: success. + * * \c PSA_ERROR_EMPTY_SLOT + * * \c PSA_ERROR_COMMUNICATION_FAILURE + * * \c PSA_ERROR_HARDWARE_FAILURE + * * \c PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_export_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/**@}*/ + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index eafc0b3ea..7aabd1bc0 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -36,4 +36,7 @@ /* PSA requires several types which C99 provides in stdint.h. */ #include +/* Integral type representing a key slot number. */ +typedef uint16_t psa_key_slot_t; + #endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ca25bb487..31dd0d640 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -29,8 +29,18 @@ #include "psa/crypto.h" +#include +#include +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + #include "mbedtls/ctr_drbg.h" #include "mbedtls/entropy.h" +#include "mbedtls/pk.h" /* Implementation that should never be optimized out by the compiler */ @@ -39,10 +49,32 @@ static void mbedtls_zeroize( void *v, size_t n ) volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/****************************************************************/ +/* Global data, support functions and library management */ +/****************************************************************/ + +/* Number of key slots (plus one because 0 is not used). + * The value is a compile-time constant for now, for simplicity. */ +#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 + +typedef struct { + psa_key_type_t type; + union { + struct raw_data { + uint8_t *data; + size_t bytes; + } raw; +#if defined(MBEDTLS_PK_C) + mbedtls_pk_context pk; +#endif /* MBEDTLS_PK_C */ + } data; +} key_slot_t; + typedef struct { int initialized; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; + key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; } psa_global_data_t; static psa_global_data_t global_data; @@ -57,13 +89,210 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE: case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED: return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + case MBEDTLS_ERR_PK_ALLOC_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_PK_TYPE_MISMATCH: + case MBEDTLS_ERR_PK_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_PK_FILE_IO_ERROR: + return( PSA_ERROR_TAMPERING_DETECTED ); + case MBEDTLS_ERR_PK_KEY_INVALID_VERSION: + case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_PK_PASSWORD_REQUIRED: + case MBEDTLS_ERR_PK_PASSWORD_MISMATCH: + return( PSA_ERROR_NOT_PERMITTED ); + case MBEDTLS_ERR_PK_INVALID_PUBKEY: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_PK_INVALID_ALG: + case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE: + case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH: + return( PSA_ERROR_INVALID_SIGNATURE ); default: return( PSA_ERROR_UNKNOWN_ERROR ); } } + + +/****************************************************************/ +/* Key management */ +/****************************************************************/ + +psa_status_t psa_import_key(psa_key_slot_t key, + psa_key_type_t type, + const uint8_t *data, + size_t data_length) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; + if( slot->type != PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_OCCUPIED_SLOT ); + + if( type == PSA_KEY_TYPE_RAW_DATA ) + { + if( data_length > SIZE_MAX / 8 ) + return( PSA_ERROR_NOT_SUPPORTED ); + slot->data.raw.data = mbedtls_calloc( 1, data_length ); + if( slot->data.raw.data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( slot->data.raw.data, data, data_length ); + slot->data.raw.bytes = data_length; + } + else +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) + if( type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( type ) ) + { + int ret; + mbedtls_pk_init( &slot->data.pk ); + ret = mbedtls_pk_parse_key( &slot->data.pk, + data, data_length, + NULL, 0 ); + if( ret != 0 ) + return( mbedtls_to_psa_error( ret ) ); + } + else +#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + + slot->type = type; + return( PSA_SUCCESS ); +} + +psa_status_t psa_destroy_key(psa_key_slot_t key) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + if( slot->type == PSA_KEY_TYPE_RAW_DATA ) + { + mbedtls_free( slot->data.raw.data ); + } + else +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) + if( slot->type == PSA_KEY_TYPE_RSA || + PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + mbedtls_pk_free( &slot->data.pk ); + } + else +#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ + { + /* Shouldn't happen: the key type is not any type that we + * put it. */ + return( PSA_ERROR_TAMPERING_DETECTED ); + } + + mbedtls_zeroize( slot, sizeof( *slot ) ); + return( PSA_SUCCESS ); +} + +psa_status_t psa_get_key_information(psa_key_slot_t key, + psa_key_type_t *type, + size_t *bits) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; + if( type != NULL ) + *type = slot->type; + if( bits != NULL ) + *bits = 0; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + if( slot->type == PSA_KEY_TYPE_RAW_DATA ) + { + if( bits != NULL ) + *bits = slot->data.raw.bytes * 8; + } + else +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) + if( slot->type == PSA_KEY_TYPE_RSA || + PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + if( bits != NULL ) + *bits = mbedtls_pk_get_bitlen( &slot->data.pk ); + } + else +#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ + { + /* Shouldn't happen: the key type is not any type that we + * put it. */ + return( PSA_ERROR_TAMPERING_DETECTED ); + } + + return( PSA_SUCCESS ); +} + +psa_status_t psa_export_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + if( slot->type == PSA_KEY_TYPE_RAW_DATA ) + { + if( slot->data.raw.bytes > data_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + memcpy( data, slot->data.raw.data, slot->data.raw.bytes ); + *data_length = slot->data.raw.bytes; + return( PSA_SUCCESS ); + } + else +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) + if( slot->type == PSA_KEY_TYPE_RSA || + PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + int ret; + ret = mbedtls_pk_write_key_der( &slot->data.pk, + data, data_size ); + if( ret < 0 ) + return( mbedtls_to_psa_error( ret ) ); + *data_length = ret; + return( PSA_SUCCESS ); + } + else +#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ + { + return( PSA_ERROR_NOT_SUPPORTED ); + } +} + + + +/****************************************************************/ +/* Module setup */ +/****************************************************************/ + void mbedtls_psa_crypto_free( void ) { + size_t key; + for( key = 1; key < MBEDTLS_PSA_KEY_SLOT_COUNT; key++ ) + psa_destroy_key( key ); mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); mbedtls_entropy_free( &global_data.entropy ); mbedtls_zeroize( &global_data, sizeof( global_data ) ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d7689bd2..d9149cacf 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,2 +1,30 @@ PSA init/deinit init_deinit: + +PSA import/export raw: 0 bytes +import_export:"":PSA_KEY_TYPE_RAW_DATA:0:0:PSA_SUCCESS:1 + +PSA import/export raw: 1 bytes +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:PSA_SUCCESS:1 + +PSA import/export raw: 1 bytes, larger buffer +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1 + +PSA import/export raw: 2 bytes, buffer too small +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export RSA: good +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA:1024:0:PSA_SUCCESS:1 + +PSA import/export RSA: trailing garbage ignored +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA:1024:-1:PSA_SUCCESS:0 + +PSA import RSA: truncated +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA:PSA_ERROR_INVALID_ARGUMENT + +#PSA import/export EC secp256r1: good +#depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +#import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9d9eee47b..6fa10dd96 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -10,15 +10,125 @@ /* BEGIN_CASE */ void init_deinit() { - psa_status_t ret; + psa_status_t status; int i; for( i = 0; i <= 1; i++ ) { - ret = psa_crypto_init( ); - TEST_ASSERT( ret == PSA_SUCCESS ); - ret = psa_crypto_init( ); - TEST_ASSERT( ret == PSA_SUCCESS ); + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); mbedtls_psa_crypto_free( ); } } /* END_CASE */ + +/* BEGIN_CASE */ +void import( char *hex, int type, int expected_status ) +{ + int slot = 1; + psa_status_t status; + unsigned char *data = NULL; + size_t data_size; + + data_size = strlen( hex ) / 2; + data = mbedtls_calloc( 1, data_size ); + TEST_ASSERT( data != NULL ); + data_size = unhexify( data, hex ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + status = psa_import_key( slot, type, data, data_size ); + TEST_ASSERT( status == (psa_status_t) expected_status ); + if( status == PSA_SUCCESS ) + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + +exit: + mbedtls_free( data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void import_export( char *hex, int type_arg, + int expected_bits, + int export_size_delta, + int expected_export_status, + int canonical_input ) +{ + int slot = 1; + int slot2 = slot + 1; + psa_key_type_t type = type_arg; + psa_status_t status; + unsigned char *data = NULL; + unsigned char *exported = NULL; + unsigned char *reexported = NULL; + size_t data_size; + size_t export_size; + size_t exported_length; + size_t reexported_length; + psa_key_type_t got_type; + size_t got_bits; + + data_size = strlen( hex ) / 2; + data = mbedtls_calloc( 1, data_size ); + TEST_ASSERT( data != NULL ); + data_size = unhexify( data, hex ); + export_size = (ssize_t) data_size + export_size_delta; + exported = mbedtls_calloc( 1, export_size ); + TEST_ASSERT( exported != NULL ); + if( ! canonical_input ) + { + reexported = mbedtls_calloc( 1, export_size ); + TEST_ASSERT( reexported != NULL ); + } + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data, data_size ) == PSA_SUCCESS ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( slot, + &got_type, &got_bits ) == + PSA_SUCCESS ); + TEST_ASSERT( got_type == type ); + TEST_ASSERT( got_bits == (size_t) expected_bits ); + + /* Export the key */ + status = psa_export_key( slot, + exported, export_size, + &exported_length ); + TEST_ASSERT( status == (psa_status_t) expected_export_status ); + if( status != PSA_SUCCESS ) + goto destroy; + + if( canonical_input ) + { + TEST_ASSERT( exported_length == data_size ); + TEST_ASSERT( memcmp( exported, data, data_size ) == 0 ); + } + else + { + TEST_ASSERT( psa_import_key( slot2, type, + exported, export_size ) == + PSA_SUCCESS ); + TEST_ASSERT( psa_export_key( slot2, + reexported, export_size, + &reexported_length ) == + PSA_SUCCESS ); + TEST_ASSERT( reexported_length == exported_length ); + TEST_ASSERT( memcmp( reexported, exported, + exported_length ) == 0 ); + } + +destroy: + /* Destroy the key */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + +exit: + mbedtls_free( data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 969ac726d9208c5a21c88a84b1ad955b67b0e63d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Jan 2018 18:16:59 +0100 Subject: [PATCH 0008/2197] PSA RSA key import: don't rely on pk so much Don't use the pk module except as required for pkparse/pkwrite. The PSA crypto layer is meant to work alongside pk, not on top of it. Fix the compile-time dependencies on RSA/ECP handling in psa_export_key, psa_destroy_key and psa_get_key_information. --- library/psa_crypto.c | 98 +++++++++++++++++++------ tests/suites/test_suite_psa_crypto.data | 6 +- 2 files changed, 81 insertions(+), 23 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 31dd0d640..f6da44e9d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -39,8 +39,11 @@ #endif #include "mbedtls/ctr_drbg.h" +#include "mbedtls/ecp.h" #include "mbedtls/entropy.h" #include "mbedtls/pk.h" +#include "mbedtls/pk_internal.h" +#include "mbedtls/rsa.h" /* Implementation that should never be optimized out by the compiler */ @@ -64,9 +67,12 @@ typedef struct { uint8_t *data; size_t bytes; } raw; -#if defined(MBEDTLS_PK_C) - mbedtls_pk_context pk; -#endif /* MBEDTLS_PK_C */ +#if defined(MBEDTLS_RSA_C) + mbedtls_rsa_context *rsa; +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + mbedtls_ecp_keypair *ecp; +#endif /* MBEDTLS_ECP_C */ } data; } key_slot_t; @@ -147,19 +153,43 @@ psa_status_t psa_import_key(psa_key_slot_t key, slot->data.raw.bytes = data_length; } else -#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) +#if defined(MBEDTLS_PK_PARSE_C) if( type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( type ) ) { int ret; - mbedtls_pk_init( &slot->data.pk ); - ret = mbedtls_pk_parse_key( &slot->data.pk, - data, data_length, + mbedtls_pk_context pk; + mbedtls_pk_init( &pk ); + ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); if( ret != 0 ) return( mbedtls_to_psa_error( ret ) ); + switch( mbedtls_pk_get_type( &pk ) ) + { +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_PK_RSA: + if( type == PSA_KEY_TYPE_RSA ) + slot->data.rsa = pk.pk_ctx; + else + return( PSA_ERROR_INVALID_ARGUMENT ); + break; +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + case MBEDTLS_PK_ECKEY: + if( PSA_KEY_TYPE_IS_ECC( type ) ) + { + // TODO: check curve + slot->data.ecp = pk.pk_ctx; + } + else + return( PSA_ERROR_INVALID_ARGUMENT ); + break; +#endif /* MBEDTLS_ECP_C */ + default: + return( PSA_ERROR_INVALID_ARGUMENT ); + } } else -#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_PK_PARSE_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -183,14 +213,20 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) mbedtls_free( slot->data.raw.data ); } else -#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) - if( slot->type == PSA_KEY_TYPE_RSA || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) +#if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA ) { - mbedtls_pk_free( &slot->data.pk ); + mbedtls_rsa_free( slot->data.rsa ); } else -#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + mbedtls_ecp_keypair_free( slot->data.ecp ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ { /* Shouldn't happen: the key type is not any type that we * put it. */ @@ -223,15 +259,22 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, *bits = slot->data.raw.bytes * 8; } else -#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) - if( slot->type == PSA_KEY_TYPE_RSA || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) +#if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA ) { if( bits != NULL ) - *bits = mbedtls_pk_get_bitlen( &slot->data.pk ); + *bits = mbedtls_rsa_get_bitlen( slot->data.rsa ); } else -#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + if( bits != NULL ) + *bits = slot->data.ecp->grp.pbits; + } + else +#endif /* defined(MBEDTLS_ECP_C) */ { /* Shouldn't happen: the key type is not any type that we * put it. */ @@ -263,20 +306,31 @@ psa_status_t psa_export_key(psa_key_slot_t key, return( PSA_SUCCESS ); } else -#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) +#if defined(MBEDTLS_PK_WRITE_C) if( slot->type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( slot->type ) ) { + mbedtls_pk_context pk; int ret; - ret = mbedtls_pk_write_key_der( &slot->data.pk, - data, data_size ); + mbedtls_pk_init( &pk ); + if( slot->type == PSA_KEY_TYPE_RSA ) + { + pk.pk_info = &mbedtls_rsa_info; + pk.pk_ctx = slot->data.rsa; + } + else + { + pk.pk_info = &mbedtls_eckey_info; + pk.pk_ctx = slot->data.ecp; + } + ret = mbedtls_pk_write_key_der( &pk, data, data_size ); if( ret < 0 ) return( mbedtls_to_psa_error( ret ) ); *data_length = ret; return( PSA_SUCCESS ); } else -#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */ +#endif /* definedMBEDTLS_PK_WRITE_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d9149cacf..b450a2d38 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -13,7 +13,7 @@ import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 -PSA import/export RSA: good +PSA import/export RSA: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA:1024:0:PSA_SUCCESS:1 @@ -25,6 +25,10 @@ PSA import RSA: truncated depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA:PSA_ERROR_INVALID_ARGUMENT +PSA import/export RSA: good, 1023-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA:1023:0:PSA_SUCCESS:1 + #PSA import/export EC secp256r1: good #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 From c66ea6a921a2cd63f446e06b80ebd7c3a6ff0c91 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Feb 2018 22:43:28 +0100 Subject: [PATCH 0009/2197] PSA key import: support RSA public keys Use different key types for private keys and public keys. --- include/psa/crypto.h | 12 +++++++-- library/psa_crypto.c | 34 +++++++++++++++++-------- tests/suites/test_suite_psa_crypto.data | 20 +++++++++------ 3 files changed, 45 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 63f119dc0..7e6156557 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -113,11 +113,15 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_NONE 0x00000000 #define PSA_KEY_TYPE_RAW_DATA 0x00000001 -#define PSA_KEY_TYPE_RSA 0x40000001 +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY 0x40000001 +#define PSA_KEY_TYPE_RSA_KEYPAIR 0x60000001 #define PSA_KEY_TYPE_ECC_BASE 0x40010000 #define PSA_KEY_TYPE_VENDOR_FLAG 0x80000000 #define PSA_KEY_TYPE_ASYMMETRIC_FLAG 0x40000000 +#define PSA_KEY_TYPE_ASYMMETRIC_MASK 0x60000000 +#define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC 0x40000000 +#define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR 0x60000000 #define PSA_KEY_TYPE_ECC_TEST_MASK 0x7fff0000 #define PSA_KEY_TYPE_ECC_TEST_VALUE 0x40010000 @@ -125,7 +129,11 @@ typedef uint32_t psa_key_type_t; (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0) -#define PSA_KEY_TYPE_IS_ECC(type) \ +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC) +#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ + (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR) +#define PSA_KEY_TYPE_IS_ECC(type) \ (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE) typedef uint32_t psa_algorithm_type_t; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f6da44e9d..741f5d11a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -154,20 +154,25 @@ psa_status_t psa_import_key(psa_key_slot_t key, } else #if defined(MBEDTLS_PK_PARSE_C) - if( type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( type ) ) + if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + type == PSA_KEY_TYPE_RSA_KEYPAIR || + PSA_KEY_TYPE_IS_ECC( type ) ) { int ret; mbedtls_pk_context pk; mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_key( &pk, data, data_length, - NULL, 0 ); + if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); + else + ret = mbedtls_pk_parse_public_key( &pk, data, data_length ); if( ret != 0 ) return( mbedtls_to_psa_error( ret ) ); switch( mbedtls_pk_get_type( &pk ) ) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: - if( type == PSA_KEY_TYPE_RSA ) + if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + type == PSA_KEY_TYPE_RSA_KEYPAIR ) slot->data.rsa = pk.pk_ctx; else return( PSA_ERROR_INVALID_ARGUMENT ); @@ -214,7 +219,8 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) } else #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA ) + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { mbedtls_rsa_free( slot->data.rsa ); } @@ -244,7 +250,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, key_slot_t *slot; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; if( type != NULL ) *type = slot->type; @@ -260,7 +266,8 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, } else #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA ) + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { if( bits != NULL ) *bits = mbedtls_rsa_get_bitlen( slot->data.rsa ); @@ -292,7 +299,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, key_slot_t *slot; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); @@ -307,13 +314,15 @@ psa_status_t psa_export_key(psa_key_slot_t key, } else #if defined(MBEDTLS_PK_WRITE_C) - if( slot->type == PSA_KEY_TYPE_RSA || + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || PSA_KEY_TYPE_IS_ECC( slot->type ) ) { mbedtls_pk_context pk; int ret; mbedtls_pk_init( &pk ); - if( slot->type == PSA_KEY_TYPE_RSA ) + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { pk.pk_info = &mbedtls_rsa_info; pk.pk_ctx = slot->data.rsa; @@ -323,7 +332,10 @@ psa_status_t psa_export_key(psa_key_slot_t key, pk.pk_info = &mbedtls_eckey_info; pk.pk_ctx = slot->data.ecp; } - ret = mbedtls_pk_write_key_der( &pk, data, data_size ); + if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + ret = mbedtls_pk_write_key_der( &pk, data, data_size ); + else + ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); if( ret < 0 ) return( mbedtls_to_psa_error( ret ) ); *data_length = ret; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b450a2d38..e8407a30c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -13,21 +13,25 @@ import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 -PSA import/export RSA: good, 1024-bit +PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA:1024:0:PSA_SUCCESS:1 +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1 -PSA import/export RSA: trailing garbage ignored +PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1 -PSA import RSA: truncated +PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA:PSA_ERROR_INVALID_ARGUMENT +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:1024:-1:PSA_SUCCESS:0 -PSA import/export RSA: good, 1023-bit +PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA:1023:0:PSA_SUCCESS:1 +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export RSA keypair: good, 1023-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1 #PSA import/export EC secp256r1: good #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED From 20035e357978a2cbd1f6915bec82534c386b25d0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Feb 2018 22:44:14 +0100 Subject: [PATCH 0010/2197] PSA crypto: asymmetric signature (RSA PKCS#1v1.5 only) Define hash algorithms and RSA signature algorithms. New function psa_asymmetric_sign. Implement psa_asymmetric_sign for RSA PKCS#1 v1.5. --- include/psa/crypto.h | 68 +++++++- library/psa_crypto.c | 182 ++++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 13 ++ tests/suites/test_suite_psa_crypto.function | 95 ++++++++++ 4 files changed, 357 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7e6156557..3eee3822b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -136,7 +136,39 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_ECC(type) \ (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE) -typedef uint32_t psa_algorithm_type_t; +typedef uint32_t psa_algorithm_t; + +#define PSA_ALG_HASH_BITS 0x01000000 +#define PSA_ALG_RSA_HASH_MASK 0x000000ff +#define PSA_ALG_MD2 0x01000001 +#define PSA_ALG_MD4 0x01000002 +#define PSA_ALG_MD5 0x01000003 +#define PSA_ALG_SHA_256_128 0x01000004 +#define PSA_ALG_RIPEMD160 0x01000005 +#define PSA_ALG_SHA_1 0x01000006 +#define PSA_ALG_SHA_256_160 0x01000007 +#define PSA_ALG_SHA_224 0x01000008 +#define PSA_ALG_SHA_256 0x01000009 +#define PSA_ALG_SHA_384 0x0100000a +#define PSA_ALG_SHA_512 0x0100000b +#define PSA_ALG_SHA_512_224 0x0100000c +#define PSA_ALG_SHA_512_256 0x0100000d +#define PSA_ALG_SHA3_224 0x01000010 +#define PSA_ALG_SHA3_256 0x01000011 +#define PSA_ALG_SHA3_384 0x01000012 +#define PSA_ALG_SHA3_512 0x01000013 + +#define PSA_ALG_RSA_PKCS1V15_RAW 0x40000100 +#define PSA_ALG_RSA_PSS_MGF1 0x40000200 +#define PSA_ALG_RSA_OAEP 0x40000300 +#define PSA_ALG_RSA_PKCS1V15(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_RSA_HASH_MASK)) +#define PSA_ALG_IS_RSA_PKCS1V15(alg) \ + (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW) +#define PSA_ALG_RSA_GET_HASH(alg) \ + (((alg) & PSA_ALG_RSA_HASH_MASK) | PSA_ALG_HASH_BITS) + +#define PSA_ALG_VENDOR_FLAG 0x80000000 /**@}*/ @@ -208,6 +240,40 @@ psa_status_t psa_export_key(psa_key_slot_t key, size_t data_size, size_t *data_length); + +/**@}*/ + +/** \defgroup asymmetric Asymmetric cryptography + * @{ + */ + +/** + * \brief Sign a hash or short message with a private key. + * + */ +psa_status_t psa_asymmetric_sign(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); + +/** + * \brief Verify the signature a hash or short message using a public key. + * + */ +psa_status_t psa_asymmetric_verify(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size); + /**@}*/ #ifdef __cplusplus diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 741f5d11a..256523271 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -41,6 +41,8 @@ #include "mbedtls/ctr_drbg.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" +#include "mbedtls/md.h" +#include "mbedtls/md_internal.h" #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" #include "mbedtls/rsa.h" @@ -350,6 +352,186 @@ psa_status_t psa_export_key(psa_key_slot_t key, +/****************************************************************/ +/* Message digests */ +/****************************************************************/ + +static const mbedtls_md_info_t *mbedtls_md_info_of_psa( psa_algorithm_t alg ) +{ + switch( alg ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + return( &mbedtls_md2_info ); +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + return( &mbedtls_md4_info ); +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + return( &mbedtls_md5_info ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + return( &mbedtls_ripemd160_info ); +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + return( &mbedtls_sha1_info ); +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + return( &mbedtls_sha224_info ); + case PSA_ALG_SHA_256: + return( &mbedtls_sha256_info ); +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + return( &mbedtls_sha384_info ); + case PSA_ALG_SHA_512: + return( &mbedtls_sha512_info ); +#endif + default: + return( NULL ); + } +} + +#if 0 +static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg ) +{ + switch( md_alg ) + { + case MBEDTLS_MD_NONE: + return( 0 ); + case MBEDTLS_MD_MD2: + return( PSA_ALG_MD2 ); + case MBEDTLS_MD_MD4: + return( PSA_ALG_MD4 ); + case MBEDTLS_MD_MD5: + return( PSA_ALG_MD5 ); + case MBEDTLS_MD_SHA1: + return( PSA_ALG_SHA_1 ); + case MBEDTLS_MD_SHA224: + return( PSA_ALG_SHA_224 ); + case MBEDTLS_MD_SHA256: + return( PSA_ALG_SHA_256 ); + case MBEDTLS_MD_SHA384: + return( PSA_ALG_SHA_384 ); + case MBEDTLS_MD_SHA512: + return( PSA_ALG_SHA_512 ); + case MBEDTLS_MD_RIPEMD160: + return( PSA_ALG_RIPEMD160 ); + default: + return( MBEDTLS_MD_NOT_SUPPORTED ); + } +} +#endif + + + +/****************************************************************/ +/* Asymmetric cryptography */ +/****************************************************************/ + +psa_status_t psa_asymmetric_sign(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_EMPTY_SLOT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + (void) salt; + (void) salt_length; + +#if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + mbedtls_rsa_context *rsa = slot->data.rsa; + int ret; + psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_of_psa( hash_alg ); + mbedtls_md_type_t md_alg = + hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); + if( md_alg == MBEDTLS_MD_NONE ) + { +#if SIZE_MAX > UINT_MAX + if( hash_length > UINT_MAX ) + return( PSA_ERROR_INVALID_ARGUMENT ); +#endif + } + else + { + if( mbedtls_md_get_size( md_info ) != hash_length ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( md_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + } + if( signature_size < rsa->len ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); +#if defined(MBEDTLS_PKCS1_V15) + if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ); + ret = mbedtls_rsa_pkcs1_sign( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + md_alg, hash_length, hash, + signature ); + } + else +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + if( alg == PSA_ALG_RSA_PSS_MGF1 ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + ret = mbedtls_rsa_rsassa_pss_sign( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + md_alg, hash_length, hash, + signature ); + } + else +#endif /* MBEDTLS_PKCS1_V21 */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + *signature_length = ( ret == 0 ? rsa->len : 0 ); + return( mbedtls_to_psa_error( ret ) ); + } + else +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + // TODO + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ + { + return( PSA_ERROR_NOT_SUPPORTED ); + } +} + + + /****************************************************************/ /* Module setup */ /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e8407a30c..51fbf3ade 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -36,3 +36,16 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1 #PSA import/export EC secp256r1: good #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 +# +PSA sign RSA PKCS#1 v1.5, raw +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" + +PSA sign RSA PKCS#1 v1.5 SHA-256 +sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" + +PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6fa10dd96..35515706d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -132,3 +132,98 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void sign_deterministic( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, char *output_hex ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size; + unsigned char signature[512]; + size_t signature_length; + + key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); + TEST_ASSERT( key_data != NULL ); + key_size = unhexify( key_data, key_hex ); + input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 ); + TEST_ASSERT( input_data != NULL ); + input_size = unhexify( input_data, input_hex ); + output_data = mbedtls_calloc( 1, strlen( output_hex ) / 2 ); + TEST_ASSERT( output_data != NULL ); + output_size = unhexify( output_data, output_hex ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_asymmetric_sign( slot, alg, + input_data, input_size, + NULL, 0, + signature, sizeof( signature ), + &signature_length ) == PSA_SUCCESS ); + TEST_ASSERT( signature_length == output_size ); + TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( output_data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_fail( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + int signature_size, int expected_status_arg ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + unsigned char *signature; + size_t signature_length; + + key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); + TEST_ASSERT( key_data != NULL ); + key_size = unhexify( key_data, key_hex ); + input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 ); + TEST_ASSERT( input_data != NULL ); + input_size = unhexify( input_data, input_hex ); + signature = mbedtls_calloc( 1, signature_size ); + TEST_ASSERT( signature != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + actual_status = psa_asymmetric_sign( slot, alg, + input_data, input_size, + NULL, 0, + signature, signature_size, + &signature_length ); + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( signature ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 0189e7512d9d3df9e7db84672a8b01f94da38f01 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Feb 2018 23:57:22 +0100 Subject: [PATCH 0011/2197] PSA crypto: PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE macro Test it for RSA. --- include/psa/crypto.h | 45 ++++++++++++++++++++- tests/suites/test_suite_psa_crypto.data | 18 +++++++++ tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++- 3 files changed, 86 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3eee3822b..4a60e67f9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -103,6 +103,9 @@ typedef enum { */ psa_status_t psa_crypto_init(void); +#define BITS_TO_BYTES(bits) (((bits) + 7) / 8) +#define BYTES_TO_BITS(bytes) ((bytes) * 8) + /**@}*/ /** \defgroup crypto_types Key and algorithm types @@ -122,7 +125,8 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_ASYMMETRIC_MASK 0x60000000 #define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC 0x40000000 #define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR 0x60000000 -#define PSA_KEY_TYPE_ECC_TEST_MASK 0x7fff0000 +#define PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK 0x5fff0000 +#define PSA_KEY_TYPE_RSA_TEST_VALUE 0x40000000 #define PSA_KEY_TYPE_ECC_TEST_VALUE 0x40010000 #define PSA_KEY_TYPE_IS_VENDOR(type) \ @@ -133,8 +137,10 @@ typedef uint32_t psa_key_type_t; (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC) #define PSA_KEY_TYPE_IS_KEYPAIR(type) \ (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR) +#define PSA_KEY_TYPE_IS_RSA(type) \ + (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_RSA_TEST_VALUE) #define PSA_KEY_TYPE_IS_ECC(type) \ - (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE) + (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE) typedef uint32_t psa_algorithm_t; @@ -247,6 +253,41 @@ psa_status_t psa_export_key(psa_key_slot_t key, * @{ */ +/** + * \brief Maximum ECDSA signature size for a given curve bit size + * + * \param curve_bits Curve size in bits + * \return Maximum signature size in bytes + * + * \note This macro returns a compile-time constant if its argument is one. + * + * \warning This macro may evaluate its argument multiple times. + */ +/* + * RFC 4492 page 20: + * + * Ecdsa-Sig-Value ::= SEQUENCE { + * r INTEGER, + * s INTEGER + * } + * + * Size is at most + * 1 (tag) + 1 (len) + 1 (initial 0) + curve_bytes for each of r and s, + * twice that + 1 (tag) + 2 (len) for the sequence + * (assuming curve_bytes is less than 126 for r and s, + * and less than 124 (total len <= 255) for the sequence) + */ +#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ + ( /*T,L of SEQUENCE*/ ((curve_bits) >= 61 * 8 ? 3 : 2) + \ + /*T,L of r,s*/ 2 * (((curve_bits) >= 127 * 8 ? 3 : 2) + \ + /*V of r,s*/ ((curve_bits) + 8) / 8)) + + +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \ + PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ + 0) + /** * \brief Sign a hash or short message with a private key. * diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 51fbf3ade..a2d6b89fd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -37,6 +37,24 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 # +PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128 + +PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw +signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_RAW:128 + +PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256 +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):128 + +PSA signature size: RSA keypair, 1024 bits, PSS +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128 + +PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_RAW:128 + +PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_RAW:129 + PSA sign RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 35515706d..80a778881 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -133,6 +133,18 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) +{ + psa_key_type_t type = type_arg; + psa_algorithm_t alg = alg_arg; + size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg); + TEST_ASSERT( actual_size == (size_t) expected_size_arg ); +exit: + ; +} +/* END_CASE */ + /* BEGIN_CASE */ void sign_deterministic( int key_type_arg, char *key_hex, int alg_arg, char *input_hex, char *output_hex ) @@ -142,12 +154,14 @@ void sign_deterministic( int key_type_arg, char *key_hex, psa_algorithm_t alg = alg_arg; unsigned char *key_data = NULL; size_t key_size; + size_t key_bits; unsigned char *input_data = NULL; size_t input_size; unsigned char *output_data = NULL; size_t output_size; - unsigned char signature[512]; size_t signature_length; + unsigned char *signature = NULL; + size_t signature_size; key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); TEST_ASSERT( key_data != NULL ); @@ -163,11 +177,19 @@ void sign_deterministic( int key_type_arg, char *key_hex, TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( slot, + NULL, + &key_bits ) == PSA_SUCCESS ); + + signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits ); + TEST_ASSERT( signature_size != 0 ); + signature = mbedtls_calloc( 1, signature_size ); + TEST_ASSERT( signature != NULL ); TEST_ASSERT( psa_asymmetric_sign( slot, alg, input_data, input_size, NULL, 0, - signature, sizeof( signature ), + signature, signature_size, &signature_length ) == PSA_SUCCESS ); TEST_ASSERT( signature_length == output_size ); TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 ); @@ -177,6 +199,7 @@ exit: mbedtls_free( key_data ); mbedtls_free( input_data ); mbedtls_free( output_data ); + mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 93aa0334d98e59ba22bce684787f71e94e081487 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Feb 2018 23:58:03 +0100 Subject: [PATCH 0012/2197] PSA asymmetric signature: set *signature_length = 0 on failure --- library/psa_crypto.c | 10 ++++++---- tests/suites/test_suite_psa_crypto.function | 5 +++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 256523271..66d81a365 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -446,6 +446,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, { key_slot_t *slot; + *signature_length = 0; + (void) salt; + (void) salt_length; + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; @@ -454,9 +458,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - (void) salt; - (void) salt_length; - #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { @@ -512,7 +513,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, { return( PSA_ERROR_INVALID_ARGUMENT ); } - *signature_length = ( ret == 0 ? rsa->len : 0 ); + if( ret == 0 ) + *signature_length = rsa->len; return( mbedtls_to_psa_error( ret ) ); } else diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 80a778881..c5d536e46 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -159,9 +159,9 @@ void sign_deterministic( int key_type_arg, char *key_hex, size_t input_size; unsigned char *output_data = NULL; size_t output_size; - size_t signature_length; unsigned char *signature = NULL; size_t signature_size; + size_t signature_length = 0xdeadbeef; key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); TEST_ASSERT( key_data != NULL ); @@ -219,7 +219,7 @@ void sign_fail( int key_type_arg, char *key_hex, psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; unsigned char *signature; - size_t signature_length; + size_t signature_length = 0xdeadbeef; key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); TEST_ASSERT( key_data != NULL ); @@ -241,6 +241,7 @@ void sign_fail( int key_type_arg, char *key_hex, signature, signature_size, &signature_length ); TEST_ASSERT( actual_status == expected_status ); + TEST_ASSERT( signature_length == 0 ); exit: psa_destroy_key( slot ); From 98f0a24255312cd892627994b62a1e3c2e5ff12b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Feb 2018 18:57:29 +0100 Subject: [PATCH 0013/2197] Improve key type and algorithm encodings Refine the encoding of key types and algorithms so that ranges of bits make more sense. Define a few symmetric cipher algorithms. --- include/psa/crypto.h | 156 +++++++++++++++++++++++++++++-------------- 1 file changed, 105 insertions(+), 51 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4a60e67f9..6276bac6e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -114,67 +114,121 @@ psa_status_t psa_crypto_init(void); typedef uint32_t psa_key_type_t; -#define PSA_KEY_TYPE_NONE 0x00000000 -#define PSA_KEY_TYPE_RAW_DATA 0x00000001 -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY 0x40000001 -#define PSA_KEY_TYPE_RSA_KEYPAIR 0x60000001 -#define PSA_KEY_TYPE_ECC_BASE 0x40010000 +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) -#define PSA_KEY_TYPE_VENDOR_FLAG 0x80000000 -#define PSA_KEY_TYPE_ASYMMETRIC_FLAG 0x40000000 -#define PSA_KEY_TYPE_ASYMMETRIC_MASK 0x60000000 -#define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC 0x40000000 -#define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR 0x60000000 -#define PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK 0x5fff0000 -#define PSA_KEY_TYPE_RSA_TEST_VALUE 0x40000000 -#define PSA_KEY_TYPE_ECC_TEST_VALUE 0x40010000 +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) +#define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) +#define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) -#define PSA_KEY_TYPE_IS_VENDOR(type) \ +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x04000001) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x04000002) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x04000004) + +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000) +#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000) +#define PSA_KEY_TYPE_ECC_BASE ((psa_key_type_t)0x06030000) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) + +#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) -#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ - (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0) -#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC) -#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ - (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR) +#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG) == \ + PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)) +#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ + (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ + (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG)) #define PSA_KEY_TYPE_IS_RSA(type) \ - (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_RSA_TEST_VALUE) + (((type) & ~PSA_KEY_TYPE_PAIR_FLAG) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) #define PSA_KEY_TYPE_IS_ECC(type) \ - (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE) + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE) typedef uint32_t psa_algorithm_t; -#define PSA_ALG_HASH_BITS 0x01000000 -#define PSA_ALG_RSA_HASH_MASK 0x000000ff -#define PSA_ALG_MD2 0x01000001 -#define PSA_ALG_MD4 0x01000002 -#define PSA_ALG_MD5 0x01000003 -#define PSA_ALG_SHA_256_128 0x01000004 -#define PSA_ALG_RIPEMD160 0x01000005 -#define PSA_ALG_SHA_1 0x01000006 -#define PSA_ALG_SHA_256_160 0x01000007 -#define PSA_ALG_SHA_224 0x01000008 -#define PSA_ALG_SHA_256 0x01000009 -#define PSA_ALG_SHA_384 0x0100000a -#define PSA_ALG_SHA_512 0x0100000b -#define PSA_ALG_SHA_512_224 0x0100000c -#define PSA_ALG_SHA_512_256 0x0100000d -#define PSA_ALG_SHA3_224 0x01000010 -#define PSA_ALG_SHA3_256 0x01000011 -#define PSA_ALG_SHA3_384 0x01000012 -#define PSA_ALG_SHA3_512 0x01000013 +#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000) -#define PSA_ALG_RSA_PKCS1V15_RAW 0x40000100 -#define PSA_ALG_RSA_PSS_MGF1 0x40000200 -#define PSA_ALG_RSA_OAEP 0x40000300 -#define PSA_ALG_RSA_PKCS1V15(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_RSA_HASH_MASK)) -#define PSA_ALG_IS_RSA_PKCS1V15(alg) \ +#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ + (((alg) & PSA_ALG_VENDOR_FLAG) != 0) +#define PSA_ALG_IS_HASH(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) +#define PSA_ALG_IS_MAC(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) +#define PSA_ALG_IS_CIPHER(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) +#define PSA_ALG_IS_AEAD(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) +#define PSA_ALG_IS_SIGN(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) +#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) +#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) +#define PSA_ALG_IS_KEY_DERIVATION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +#define PSA_ALG_SHA_256_128 ((psa_algorithm_t)0x01000004) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000005) +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000006) +#define PSA_ALG_SHA_256_160 ((psa_algorithm_t)0x01000007) +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) + +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +#define PSA_ALG_HMAC(hash_alg) \ + (PSA_ALG_HMAC_BASE | (hash_alg)) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02000001) +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02000002) +#define PSA_ALG_GMAC ((psa_algorithm_t)0x02000003) + +#define PSA_ALG_BLOCK_CIPHER_BASE_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x007f0000) +#define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) +#define PSA_ALG_CBC_BASE ((psa_algorithm_t)0x04000001) +#define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000003) +#define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000004) +#define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000005) +#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800000) +#define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) + +#define PSA_ALG_CCM ((psa_algorithm_t)0x06000002) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06000003) + +#define PSA_ALG_RSA_PKCS1V15_RAW ((psa_algorithm_t)0x10010000) +#define PSA_ALG_RSA_PSS_MGF1 ((psa_algorithm_t)0x10020000) +#define PSA_ALG_RSA_OAEP ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_PKCS1V15(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PKCS1V15(alg) \ (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW) -#define PSA_ALG_RSA_GET_HASH(alg) \ - (((alg) & PSA_ALG_RSA_HASH_MASK) | PSA_ALG_HASH_BITS) - -#define PSA_ALG_VENDOR_FLAG 0x80000000 +#define PSA_ALG_RSA_GET_HASH(alg) \ + (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) /**@}*/ From a59052993862d7e91ea21dfcfdb655454c134149 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Feb 2018 20:59:33 +0100 Subject: [PATCH 0014/2197] Greatly expanded mbedtls_to_psa_error It now covers most cryptography algorithm modules (missing: bignum, DHM, everything ECC, HMAC_DRBG). --- include/psa/crypto.h | 6 +- library/psa_crypto.c | 149 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 152 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6276bac6e..c1eb60ff8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -71,6 +71,8 @@ typedef enum { PSA_ERROR_INSUFFICIENT_STORAGE, /** There was a communication failure inside the implementation. */ PSA_ERROR_COMMUNICATION_FAILURE, + /** There was a storage failure that may have led to data loss. */ + PSA_ERROR_STORAGE_FAILURE, /** A hardware failure was detected. */ PSA_ERROR_HARDWARE_FAILURE, /** A tampering attempt was detected. */ @@ -78,8 +80,10 @@ typedef enum { /** There is not enough entropy to generate random data needed for the requested action. */ PSA_ERROR_INSUFFICIENT_ENTROPY, - /** The signature or MAC is incorrect. */ + /** The signature, MAC or hash is incorrect. */ PSA_ERROR_INVALID_SIGNATURE, + /** The decrypted padding is incorrect. */ + PSA_ERROR_INVALID_PADDING, /** An error occurred that does not correspond to any defined failure cause. */ PSA_ERROR_UNKNOWN_ERROR, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 66d81a365..84995176c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -38,14 +38,32 @@ #define mbedtls_free free #endif +#include "mbedtls/arc4.h" +#include "mbedtls/blowfish.h" +#include "mbedtls/camellia.h" +#include "mbedtls/cipher.h" +#include "mbedtls/ccm.h" +#include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/des.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" +#include "mbedtls/error.h" +#include "mbedtls/gcm.h" +#include "mbedtls/md2.h" +#include "mbedtls/md4.h" +#include "mbedtls/md5.h" #include "mbedtls/md.h" #include "mbedtls/md_internal.h" #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" +#include "mbedtls/ripemd160.h" #include "mbedtls/rsa.h" +#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" +#include "mbedtls/xtea.h" + /* Implementation that should never be optimized out by the compiler */ @@ -89,21 +107,110 @@ static psa_global_data_t global_data; static psa_status_t mbedtls_to_psa_error( int ret ) { - switch( ret ) + /* If there's both a high-level code and low-level code, dispatch on + * the high-level code. */ + switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret ) { case 0: return( PSA_SUCCESS ); + + case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: + case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: + case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_AES_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: + case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH: + case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_CCM_BAD_INPUT: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_CCM_AUTH_FAILED: + return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_CIPHER_ALLOC_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_CIPHER_INVALID_PADDING: + return( PSA_ERROR_INVALID_PADDING ); + case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED: + return( PSA_ERROR_BAD_STATE ); + case MBEDTLS_ERR_CIPHER_AUTH_FAILED: + return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT: + return( PSA_ERROR_TAMPERING_DETECTED ); + case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED: + return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG: + case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR: + return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + + case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_DES_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED: case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE: case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED: return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + + case MBEDTLS_ERR_GCM_AUTH_FAILED: + return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_GCM_BAD_INPUT: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED: + case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED: + case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_MD_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_MD_ALLOC_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_MD_FILE_IO_ERROR: + return( PSA_ERROR_STORAGE_FAILURE ); + case MBEDTLS_ERR_MD_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_PK_ALLOC_FAILED: return( PSA_ERROR_INSUFFICIENT_MEMORY ); case MBEDTLS_ERR_PK_TYPE_MISMATCH: case MBEDTLS_ERR_PK_BAD_INPUT_DATA: return( PSA_ERROR_INVALID_ARGUMENT ); case MBEDTLS_ERR_PK_FILE_IO_ERROR: - return( PSA_ERROR_TAMPERING_DETECTED ); + return( PSA_ERROR_STORAGE_FAILURE ); case MBEDTLS_ERR_PK_KEY_INVALID_VERSION: case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT: return( PSA_ERROR_INVALID_ARGUMENT ); @@ -120,6 +227,44 @@ static psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH: return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_PK_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_RSA_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_RSA_INVALID_PADDING: + return( PSA_ERROR_INVALID_PADDING ); + case MBEDTLS_ERR_RSA_KEY_GEN_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_RSA_PUBLIC_FAILED: + case MBEDTLS_ERR_RSA_PRIVATE_FAILED: + return( PSA_ERROR_TAMPERING_DETECTED ); + case MBEDTLS_ERR_RSA_VERIFY_FAILED: + return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE: + return( PSA_ERROR_BUFFER_TOO_SMALL ); + case MBEDTLS_ERR_RSA_RNG_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED: + case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED: + case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + + case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + default: return( PSA_ERROR_UNKNOWN_ERROR ); } From 9ef733faa0b11bce4dee9be4e0a453d0622bd519 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Feb 2018 21:05:37 +0100 Subject: [PATCH 0015/2197] Implement hash functions New header file crypto_struct.h. The main file crypto.sh declares structures which are implementation-defined. These structures must be defined in crypto_struct.h, which is included at the end so that the structures can use types defined in crypto.h. Implement psa_hash_start, psa_hash_update and psa_hash_final. This should work for all hash algorithms supported by Mbed TLS, but has only been smoke-tested for SHA-256, and only in the nominal case. --- include/psa/crypto.h | 54 ++++ include/psa/crypto_struct.h | 96 +++++++ library/psa_crypto.c | 283 ++++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 8 + tests/suites/test_suite_psa_crypto.function | 67 +++++ 5 files changed, 508 insertions(+) create mode 100644 include/psa/crypto_struct.h diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c1eb60ff8..90140d7a9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -307,6 +307,54 @@ psa_status_t psa_export_key(psa_key_slot_t key, /**@}*/ +/** \defgroup hash Message digests + * @{ + */ + +typedef struct psa_hash_operation_s psa_hash_operation_t; + +#define PSA_HASH_FINAL_SIZE(alg) \ + ( \ + (alg) == PSA_ALG_MD2 ? 16 : \ + (alg) == PSA_ALG_MD4 ? 16 : \ + (alg) == PSA_ALG_MD5 ? 16 : \ + (alg) == PSA_ALG_SHA_256_128 ? 16 : \ + (alg) == PSA_ALG_RIPEMD160 ? 20 : \ + (alg) == PSA_ALG_SHA_1 ? 20 : \ + (alg) == PSA_ALG_SHA_256_160 ? 20 : \ + (alg) == PSA_ALG_SHA_224 ? 28 : \ + (alg) == PSA_ALG_SHA_256 ? 32 : \ + (alg) == PSA_ALG_SHA_384 ? 48 : \ + (alg) == PSA_ALG_SHA_512 ? 64 : \ + (alg) == PSA_ALG_SHA_512_224 ? 28 : \ + (alg) == PSA_ALG_SHA_512_256 ? 32 : \ + (alg) == PSA_ALG_SHA3_224 ? 28 : \ + (alg) == PSA_ALG_SHA3_256 ? 32 : \ + (alg) == PSA_ALG_SHA3_384 ? 48 : \ + (alg) == PSA_ALG_SHA3_512 ? 64 : \ + 0) + +psa_status_t psa_hash_start(psa_hash_operation_t *operation, + psa_algorithm_t alg); + +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length); + +psa_status_t ps_hash_abort(psa_hash_operation_t *operation); + +/**@}*/ + +/** \defgroup MAC Message authentication codes /** \defgroup asymmetric Asymmetric cryptography * @{ */ @@ -379,6 +427,12 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, } #endif +/* The file "crypto_struct.h" contains definitions for + * implementation-specific structs that are declared above. */ +#include "crypto_struct.h" + +/* The file "crypto_extra.h" contains vendor-specific definitions. This + * can include vendor-defined algorithms, extra functions, etc. */ #include "crypto_extra.h" #endif /* PSA_CRYPTO_H */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h new file mode 100644 index 000000000..6bd4ed23d --- /dev/null +++ b/include/psa/crypto_struct.h @@ -0,0 +1,96 @@ +/** + * \file psa/crypto_struct.h + * + * \brief PSA cryptography module: Mbed TLS structured type implementations + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_STRUCT_H +#define PSA_CRYPTO_STRUCT_H + +/* Include the Mbed TLS configuration file, the way Mbed TLS does it + * in each of its header files. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "../mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "mbedtls/cipher.h" +#include "mbedtls/cmac.h" +#include "mbedtls/gcm.h" +#include "mbedtls/md.h" +#include "mbedtls/md2.h" +#include "mbedtls/md4.h" +#include "mbedtls/md5.h" +#include "mbedtls/ripemd160.h" +#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" + +struct psa_hash_operation_s +{ + psa_algorithm_t alg; + union + { +#if defined(MBEDTLS_MD2_C) + mbedtls_md2_context md2; +#endif +#if defined(MBEDTLS_MD4_C) + mbedtls_md4_context md4; +#endif +#if defined(MBEDTLS_MD5_C) + mbedtls_md5_context md5; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + mbedtls_ripemd160_context ripemd160; +#endif +#if defined(MBEDTLS_SHA1_C) + mbedtls_sha1_context sha1; +#endif +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_context sha256; +#endif +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_context sha512; +#endif + } ctx; +}; + +struct psa_mac_operation_s +{ + psa_algorithm_t alg; + int key_set : 1; + int iv_required : 1; + int iv_set : 1; + int has_input : 1; + uint8_t mac_size; + union + { +#if defined(MBEDTLS_MD_C) + mbedtls_md_context_t hmac; +#endif +#if defined(MBEDTLS_CMAC_C) + mbedtls_cipher_context_t cmac; +#endif + } ctx; +}; + +#endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84995176c..ca275495f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -72,6 +72,20 @@ static void mbedtls_zeroize( void *v, size_t n ) volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/* constant-time buffer comparison */ +static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) +{ + size_t i; + unsigned char diff = 0; + + for( i = 0; i < n; i++ ) + diff |= a[i] ^ b[i]; + + return( diff ); +} + + + /****************************************************************/ /* Global data, support functions and library management */ /****************************************************************/ @@ -573,6 +587,275 @@ static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg ) } #endif +psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) +{ + switch( operation->alg ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + mbedtls_md2_free( &operation->ctx.md2 ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + mbedtls_md4_free( &operation->ctx.md4 ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + mbedtls_md5_free( &operation->ctx.md5 ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + mbedtls_sha1_free( &operation->ctx.sha1 ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + case PSA_ALG_SHA_256: + mbedtls_sha256_free( &operation->ctx.sha256 ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + case PSA_ALG_SHA_512: + mbedtls_sha512_free( &operation->ctx.sha512 ); + break; +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + operation->alg = 0; + return( PSA_SUCCESS ); +} + +psa_status_t psa_hash_start( psa_hash_operation_t *operation, + psa_algorithm_t alg ) +{ + int ret; + operation->alg = 0; + switch( alg ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + mbedtls_md2_init( &operation->ctx.md2 ); + ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + mbedtls_md4_init( &operation->ctx.md4 ); + ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + mbedtls_md5_init( &operation->ctx.md5 ); + ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); + ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + mbedtls_sha1_init( &operation->ctx.sha1 ); + ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + mbedtls_sha256_init( &operation->ctx.sha256 ); + ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); + break; + case PSA_ALG_SHA_256: + mbedtls_sha256_init( &operation->ctx.sha256 ); + ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + mbedtls_sha512_init( &operation->ctx.sha512 ); + ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); + break; + case PSA_ALG_SHA_512: + mbedtls_sha512_init( &operation->ctx.sha512 ); + ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); + break; +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + if( ret == 0 ) + operation->alg = alg; + else + psa_hash_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); +} + +psa_status_t psa_hash_update( psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ + int ret; + switch( operation->alg ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + ret = mbedtls_md2_update_ret( &operation->ctx.md2, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + ret = mbedtls_md4_update_ret( &operation->ctx.md4, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + ret = mbedtls_md5_update_ret( &operation->ctx.md5, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + case PSA_ALG_SHA_256: + ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + case PSA_ALG_SHA_512: + ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, + input, input_length ); + break; +#endif + default: + ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; + break; + } + if( ret != 0 ) + psa_hash_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); +} + +psa_status_t psa_hash_finish( psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ + int ret; + size_t actual_hash_length = PSA_HASH_FINAL_SIZE( operation->alg ); + + /* Fill the output buffer with something that isn't a valid hash + * (barring an attack on the hash and deliberately-crafted input), + * in case the caller doesn't check the return status properly. */ + *hash_length = actual_hash_length; + memset( hash, '!', hash_size ); + + if( hash_size < actual_hash_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + switch( operation->alg ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + case PSA_ALG_SHA_256: + ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + case PSA_ALG_SHA_512: + ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + break; +#endif + default: + ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; + break; + } + + if( ret == 0 ) + { + return( psa_hash_abort( operation ) ); + } + else + { + psa_hash_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } +} + +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length) +{ + uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; + size_t actual_hash_length; + psa_status_t status = psa_hash_finish( operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ); + if( status != PSA_SUCCESS ) + return( status ); + if( actual_hash_length != hash_length ) + return( PSA_ERROR_INVALID_SIGNATURE ); + if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) + return( PSA_ERROR_INVALID_SIGNATURE ); + return( PSA_SUCCESS ); +} + + + + +/****************************************************************/ /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a2d6b89fd..f53b1a436 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -37,6 +37,14 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 # +PSA hash finish: SHA-256 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + +PSA hash verify: SHA-256 +depends_on:MBEDTLS_SHA256_C +hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c5d536e46..21802d147 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -133,6 +133,73 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_finish( int alg_arg, char *input_hex, char *hash_hex ) +{ + psa_algorithm_t alg = alg_arg; + unsigned char *input = NULL; + size_t input_size; + unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE]; + size_t expected_hash_length; + unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE]; + size_t actual_hash_length; + psa_hash_operation_t operation; + + input_size = strlen( input_hex ) / 2; + input = mbedtls_calloc( 1, input_size ); + TEST_ASSERT( input != NULL ); + input_size = unhexify( input, input_hex ); + expected_hash_length = unhexify( expected_hash, hash_hex ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input, input_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) == PSA_SUCCESS ); + TEST_ASSERT( actual_hash_length == expected_hash_length ); + TEST_ASSERT( memcmp( expected_hash, actual_hash, + expected_hash_length ) == 0 ); + +exit: + mbedtls_free( input ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_verify( int alg_arg, char *input_hex, char *hash_hex ) +{ + psa_algorithm_t alg = alg_arg; + unsigned char *input = NULL; + size_t input_size; + unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE]; + size_t expected_hash_length; + psa_hash_operation_t operation; + + input_size = strlen( input_hex ) / 2; + input = mbedtls_calloc( 1, input_size ); + TEST_ASSERT( input != NULL ); + input_size = unhexify( input, input_hex ); + expected_hash_length = unhexify( expected_hash, hash_hex ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input, input_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_verify( &operation, + expected_hash, + expected_hash_length ) == PSA_SUCCESS ); + +exit: + mbedtls_free( input ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) { From 308b91d7dbb2d58038bece8ed2aaa92d9a290ef0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Feb 2018 09:47:44 +0100 Subject: [PATCH 0016/2197] Wrote documentation for several functions, macros and types Document key import/export functions, hash functions, and asymmetric sign/verify, as well as some related macros and types. Nicer formatting for return values: use \retval. --- include/psa/crypto.h | 373 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 342 insertions(+), 31 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 90140d7a9..060c007ec 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -18,7 +18,7 @@ /** \brief Key slot number. * * This type represents key slots. It must be an unsigned integral - * type.* The choice of type is implementation-dependent. + * type. The choice of type is implementation-dependent. * 0 is not a valid key slot number. The meaning of other values is * implementation dependent. * @@ -98,12 +98,12 @@ typedef enum { * Applications may call this function more than once. Once a call * succeeds, subsequent calls are guaranteed to succeed. * - * \return * \c PSA_SUCCESS: success. - * * \c PSA_ERROR_INSUFFICIENT_MEMORY - * * \c PSA_ERROR_COMMUNICATION_FAILURE - * * \c PSA_ERROR_HARDWARE_FAILURE - * * \c PSA_ERROR_TAMPERING_DETECTED - * * \c PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval PSA_ERROR_INSUFFICIENT_ENTROPY */ psa_status_t psa_crypto_init(void); @@ -116,6 +116,8 @@ psa_status_t psa_crypto_init(void); * @{ */ +/** \brief Encoding of a key type. + */ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) @@ -133,7 +135,9 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003) #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x04000004) +/** RSA public key. */ #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000) +/** RSA key pair (private and public key). */ #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000) #define PSA_KEY_TYPE_ECC_BASE ((psa_key_type_t)0x06030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) @@ -153,6 +157,14 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_ECC(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE) +/** \brief Encoding of a cryptographic algorithm. + * + * For algorithms that can be applied to multiple key types, this type + * does not encode the key type. For example, for symmetric ciphers + * based on a block cipher, #psa_algorithm_t encodes the block cipher + * mode and the padding mode while the block cipher itself is encoded + * via #psa_key_type_t. + */ typedef uint32_t psa_algorithm_t; #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) @@ -168,6 +180,13 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_IS_VENDOR_DEFINED(alg) \ (((alg) & PSA_ALG_VENDOR_FLAG) != 0) +/** Whether the specified algorithm is a hash algorithm. + * + * \param alg An algorithm identifier (\c PSA_ALG_XXX value) + * + * \return 1 if \c alg is a hash algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a valid + * algorithm identifier. */ #define PSA_ALG_IS_HASH(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) #define PSA_ALG_IS_MAC(alg) \ @@ -245,13 +264,26 @@ typedef uint32_t psa_algorithm_t; * * This function supports any output from psa_export_key(). * - * \return * \c PSA_SUCCESS: success. - * * \c PSA_ERROR_NOT_SUPPORTED - * * \c PSA_ERROR_INVALID_ARGUMENT - * * \c PSA_ERROR_INSUFFICIENT_MEMORY - * * \c PSA_ERROR_COMMUNICATION_FAILURE - * * \c PSA_ERROR_HARDWARE_FAILURE - * * \c PSA_ERROR_TAMPERING_DETECTED + * \param key Slot where the key will be stored. This must be a + * valid slot for a key of the chosen type. It must + * be unoccupied. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param data Buffer containing the key data. + * \param data_length Size of the \c data buffer in bytes. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_NOT_SUPPORTED + * The key type or key size is not supported. + * \retval PSA_ERROR_INVALID_ARGUMENT + * The key slot is invalid, + * or the key data is not correctly formatted. + * \retval PSA_ERROR_OCCUPIED_SLOT + There is already a key in the specified slot. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type, @@ -261,22 +293,31 @@ psa_status_t psa_import_key(psa_key_slot_t key, /** * \brief Destroy a key. * - * \return * \c PSA_SUCCESS: success. - * * \c PSA_ERROR_EMPTY_SLOT - * * \c PSA_ERROR_COMMUNICATION_FAILURE - * * \c PSA_ERROR_HARDWARE_FAILURE - * * \c PSA_ERROR_TAMPERING_DETECTED + * \retval PSA_SUCCESS + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_destroy_key(psa_key_slot_t key); /** * \brief Get basic metadata about a key. * - * \return * \c PSA_SUCCESS: success. - * * \c PSA_ERROR_EMPTY_SLOT - * * \c PSA_ERROR_COMMUNICATION_FAILURE - * * \c PSA_ERROR_HARDWARE_FAILURE - * * \c PSA_ERROR_TAMPERING_DETECTED + * \param key Slot whose content is queried. This must + * be an occupied key slot. + * \param type On success, the key type (a \c PSA_KEY_TYPE_XXX value). + * This may be a null pointer, in which case the key type + * is not written. + * \param bits On success, the key size in bits. + * This may be a null pointer, in which case the key type + * is not written. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, @@ -293,11 +334,32 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * identical: the implementation may choose a different representation * of the same key. * - * \return * \c PSA_SUCCESS: success. - * * \c PSA_ERROR_EMPTY_SLOT - * * \c PSA_ERROR_COMMUNICATION_FAILURE - * * \c PSA_ERROR_HARDWARE_FAILURE - * * \c PSA_ERROR_TAMPERING_DETECTED + * For standard key types, the output format is as follows: + * + * - For symmetric keys (including MAC keys), the format is the + * raw bytes of the key. + * - For DES, the key data consists of 8 bytes. The parity bits must be + * correct. + * - For Triple-DES, the format is the concatenation of the + * two or three DES keys. + * - For RSA key pairs keys (#PSA_KEY_TYPE_RSA_KEYPAIR), the format + * is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208) + * as PrivateKeyInfo. + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format + * is the DER representation defined by X.509. + * + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param data Buffer where the key data is to be written. + * \param data_size Size of the \c data buffer in bytes. + * \param data_length On success, the number of bytes + * that make up the key data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, @@ -311,8 +373,25 @@ psa_status_t psa_export_key(psa_key_slot_t key, * @{ */ +/** The type of the state data structure for multipart hash operations. + * + * This is an implementation-define \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ typedef struct psa_hash_operation_s psa_hash_operation_t; +/** The size of the output of psa_hash_finish(), in bytes. + * + * This is also the hash size that psa_hash_verify() expects. + * + * \param alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The hash size for the specified hash algorithm. + * If the hash algorithm is not recognized, return 0. + * An implementation may return either 0 or the correct size + * for a hash algorithm that it recognizes, but does not support. + */ #define PSA_HASH_FINAL_SIZE(alg) \ ( \ (alg) == PSA_ALG_MD2 ? 16 : \ @@ -334,27 +413,168 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; (alg) == PSA_ALG_SHA3_512 ? 64 : \ 0) +/** Start a multipart hash operation. + * + * The sequence of operations to calculate a hash (message digest) + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_hash_start() to specify the algorithm. + * -# Call psa_hash_update() zero, one or more time, passing a fragment + * of the message each time. The hash that is calculated is the hash + * of the concatenation of these messages in order. + * -# To calculate the hash, call psa_hash_finish(). + * To compare the hash with an expected value, call psa_hash_verify(). + * + * The application may call psa_hash_abort() at any time after the operation + * has been initialized with psa_hash_start(). + * + * After a successful call to psa_hash_start(), the application must + * eventually destroy the operation through one of the following means: + * - A failed call to psa_hash_update(). + * - A call to psa_hash_final(), psa_hash_verify() or psa_hash_abort(). + * + * \param operation + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a hash algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_hash_start(psa_hash_operation_t *operation, psa_algorithm_t alg); +/** Add a message fragment to a multipart hash operation. + * + * The application must call psa_hash_start() before calling this function. + * + * If this function returns an error status, the operation becomes inactive. + * + * \param operation Active hash operation. + * \param input Buffer containing the message fragment to hash. + * \param input_length Size of the \c input buffer in bytes. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or already completed). + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, size_t input_length); +/** Finish the calculation of the hash of a message. + * + * The application must call psa_hash_start() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to psa_hash_update(). + * + * When this function returns, the operation becomes inactive. + * + * \warning Applications should not call this function if they expect + * a specific value for the hash. Call psa_hash_verify() instead. + * Beware that comparing integrity or authenticity data such as + * hash values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the hashed data which could allow an attacker to guess + * a valid hash and thereby bypass security controls. + * + * \param operation Active hash operation. + * \param hash Buffer where the hash is to be written. + * \param hash_size Size of the \c hash buffer in bytes. + * \param hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_FINAL_SIZE(alg) where \c alg is the + * hash algorithm that is calculated. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or already completed). + * \retval PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \c hash buffer is too small. You can determine a + * sufficient buffer size by calling #PSA_HASH_FINAL_SIZE(alg) + * where \c alg is the hash algorithm that is calculated. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length); +/** Finish the calculation of the hash of a message and compare it with + * an expected value. + * + * The application must call psa_hash_start() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to psa_hash_update(). It then + * compares the calculated hash with the expected hash passed as a + * parameter to this function. + * + * When this function returns, the operation becomes inactive. + * + * \note Applications shall make the best effort to ensure that the + * comparison between the actual hash and the expected hash is performed + * in constant time. + * + * \param operation Active hash operation. + * \param hash Buffer containing the expected hash value. + * \param hash_length Size of the \c hash buffer in bytes. + * + * \retval PSA_SUCCESS + * The expected hash is identical to the actual hash of the message. + * \retval PSA_ERROR_INVALID_SIGNATURE + * The hash of the message was calculated successfully, but it + * differs from the expected hash. + * \retval PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or already completed). + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length); -psa_status_t ps_hash_abort(psa_hash_operation_t *operation); +/** Abort a hash operation. + * + * This function may be called at any time after psa_hash_start(). + * Aborting an operation frees all associated resources except for the + * \c operation structure itself. + * + * Implementation should strive to be robust and handle inactive hash + * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, + * application writers should beware that uninitialized memory may happen + * to be indistinguishable from an active hash operation, and the behavior + * of psa_hash_abort() is undefined in this case. + * + * \param operation Active hash operation. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_BAD_STATE + * \c operation is not an active hash operation. + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_hash_abort(psa_hash_operation_t *operation); /**@}*/ -/** \defgroup MAC Message authentication codes /** \defgroup asymmetric Asymmetric cryptography * @{ */ @@ -389,6 +609,33 @@ psa_status_t ps_hash_abort(psa_hash_operation_t *operation); /*V of r,s*/ ((curve_bits) + 8) / 8)) +/** Safe signature buffer size for psa_asymmetric_sign(). + * + * This macro returns a safe buffer size for a signature using a key + * of the specified type and size, with the specified algorithm. + * Note that the actual size of the signature may be smaller + * (some algorithms produce a variable-size signature). + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_sign() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + * + */ #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ @@ -397,6 +644,41 @@ psa_status_t ps_hash_abort(psa_hash_operation_t *operation); /** * \brief Sign a hash or short message with a private key. * + * \param key Key slot containing an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \c key. + * \param hash The message to sign. + * \param hash_length Size of the \c hash buffer in bytes. + * \param salt A salt or label, if supported by the signature + * algorithm. + * If the signature algorithm does not support a + * salt, pass \c NULL. + * If the signature algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param signature Buffer where the signature is to be written. + * \param signature_size Size of the \c signature buffer in bytes. + * \param signature_length On success, the number of bytes + * that make up the returned signature value. + * This is at most #PSA_HASH_FINAL_SIZE(alg) + * (note that it may be less). + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \c signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \c key. + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval PSA_ERROR_INSUFFICIENT_ENTROPY */ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, @@ -411,6 +693,35 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, /** * \brief Verify the signature a hash or short message using a public key. * + * \param key Key slot containing a public key or an + * asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \c key. + * \param hash The message whose signature is to be verified. + * \param hash_length Size of the \c hash buffer in bytes. + * \param salt A salt or label, if supported by the signature + * algorithm. + * If the signature algorithm does not support a + * salt, pass \c NULL. + * If the signature algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param signature Buffer containing the signature to verify. + * \param signature_size Size of the \c signature buffer in bytes. + * + * \retval PSA_SUCCESS + * The signature is valid. + * \retval PSA_ERROR_INVALID_SIGNATURE + * The calculation was perfomed successfully, but the passed + * signature is not a valid signature. + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, From 8c9def3e7fa05bda96fefd49076d1d6a1a6417cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Feb 2018 10:02:12 +0100 Subject: [PATCH 0017/2197] PSA: Implement MAC functions Implement psa_mac_start, psa_mac_update and psa_mac_final. Implement HMAC anc CMAC. Smoke tests. --- include/psa/crypto.h | 79 ++++- library/psa_crypto.c | 301 +++++++++++++++++++- tests/suites/test_suite_psa_crypto.data | 8 + tests/suites/test_suite_psa_crypto.function | 63 ++++ 4 files changed, 437 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 060c007ec..5fb35685d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -144,6 +144,9 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) +#define PSA_KEY_TYPE_IS_RAW_BYTES(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_RAW_DATA || \ + ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC) #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ @@ -157,6 +160,13 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_ECC(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE) +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) \ + ( \ + (type) == PSA_KEY_TYPE_AES ? 16 : \ + (type) == PSA_KEY_TYPE_DES ? 8 : \ + (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ + 0) + /** \brief Encoding of a cryptographic algorithm. * * For algorithms that can be applied to multiple key types, this type @@ -223,25 +233,42 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) #define PSA_ALG_HMAC(hash_alg) \ - (PSA_ALG_HMAC_BASE | (hash_alg)) -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02000001) -#define PSA_ALG_CMAC ((psa_algorithm_t)0x02000002) -#define PSA_ALG_GMAC ((psa_algorithm_t)0x02000003) + (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_HMAC_HASH(hmac_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_HMAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_HMAC_BASE) +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) +#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) +#define PSA_ALG_IS_CIPHER_MAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_CIPHER_MAC_BASE) -#define PSA_ALG_BLOCK_CIPHER_BASE_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_CIPHER_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) +#define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000001) +#define PSA_ALG_BLOCK_CIPHER_MODE_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x007f0000) #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) +#define PSA_ALG_IS_BLOCK_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ + PSA_ALG_BLOCK_CIPHER_BASE) + #define PSA_ALG_CBC_BASE ((psa_algorithm_t)0x04000001) -#define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000003) -#define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000004) -#define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000005) +#define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) +#define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) +#define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800000) #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) -#define PSA_ALG_CCM ((psa_algorithm_t)0x06000002) -#define PSA_ALG_GCM ((psa_algorithm_t)0x06000003) +#define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) #define PSA_ALG_RSA_PKCS1V15_RAW ((psa_algorithm_t)0x10010000) #define PSA_ALG_RSA_PSS_MGF1 ((psa_algorithm_t)0x10020000) @@ -575,6 +602,38 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); /**@}*/ +/** \defgroup MAC Message authentication codes + * @{ + */ + +typedef struct psa_mac_operation_s psa_mac_operation_t; + +#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ + (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_FINAL_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ + PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ + 0) + +psa_status_t psa_mac_start(psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); + +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t psa_mac_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +psa_status_t psa_mac_verify(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length); + +psa_status_t psa_mac_abort(psa_mac_operation_t *operation); + +/**@}*/ + /** \defgroup asymmetric Asymmetric cryptography * @{ */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ca275495f..e264990ff 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -303,7 +303,7 @@ psa_status_t psa_import_key(psa_key_slot_t key, if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - if( type == PSA_KEY_TYPE_RAW_DATA ) + if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) { if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -374,7 +374,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( slot->type == PSA_KEY_TYPE_RAW_DATA ) + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { mbedtls_free( slot->data.raw.data ); } @@ -420,7 +420,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( slot->type == PSA_KEY_TYPE_RAW_DATA ) + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( bits != NULL ) *bits = slot->data.raw.bytes * 8; @@ -465,7 +465,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( slot->type == PSA_KEY_TYPE_RAW_DATA ) + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -856,6 +856,299 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, /****************************************************************/ +/* MAC */ +/****************************************************************/ + +static const mbedtls_cipher_info_t *mbedtls_cipher_info_of_psa( + psa_algorithm_t alg, + psa_key_type_t key_type, + size_t key_bits ) +{ + mbedtls_cipher_id_t cipher_id; + mbedtls_cipher_mode_t mode; + + if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) + { + if( PSA_ALG_IS_BLOCK_CIPHER( alg ) ) + alg &= ~PSA_ALG_BLOCK_CIPHER_MODE_MASK; + switch( alg ) + { + case PSA_ALG_STREAM_CIPHER: + mode = MBEDTLS_MODE_STREAM; + break; + case PSA_ALG_CBC_BASE: + mode = MBEDTLS_MODE_CBC; + break; + case PSA_ALG_CFB_BASE: + mode = MBEDTLS_MODE_CFB; + break; + case PSA_ALG_OFB_BASE: + mode = MBEDTLS_MODE_OFB; + break; + case PSA_ALG_CTR: + mode = MBEDTLS_MODE_CTR; + break; + case PSA_ALG_CCM: + mode = MBEDTLS_MODE_CCM; + break; + case PSA_ALG_GCM: + mode = MBEDTLS_MODE_GCM; + break; + default: + return( NULL ); + } + } + else if( alg == PSA_ALG_CMAC ) + mode = MBEDTLS_MODE_ECB; + else if( alg == PSA_ALG_GMAC ) + mode = MBEDTLS_MODE_GCM; + else + return( NULL ); + + switch( key_type ) + { + case PSA_KEY_TYPE_AES: + cipher_id = MBEDTLS_CIPHER_ID_AES; + break; + case PSA_KEY_TYPE_DES: + if( key_bits == 64 ) + cipher_id = MBEDTLS_CIPHER_ID_DES; + else + cipher_id = MBEDTLS_CIPHER_ID_3DES; + break; + case PSA_KEY_TYPE_CAMELLIA: + cipher_id = MBEDTLS_CIPHER_ID_CAMELLIA; + break; + case PSA_KEY_TYPE_ARC4: + cipher_id = MBEDTLS_CIPHER_ID_ARC4; + break; + default: + return( NULL ); + } + + return( mbedtls_cipher_info_from_values( cipher_id, key_bits, mode ) ); +} + +psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) +{ + switch( operation->alg ) + { +#if defined(MBEDTLS_CMAC_C) + case PSA_ALG_CMAC: + mbedtls_cipher_free( &operation->ctx.cmac ); + break; +#endif /* MBEDTLS_CMAC_C */ + default: +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( operation->alg ) ) + mbedtls_md_free( &operation->ctx.hmac ); + else +#endif /* MBEDTLS_MD_C */ + return( PSA_ERROR_NOT_SUPPORTED ); + } + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 0; + operation->has_input = 0; + return( PSA_SUCCESS ); +} + +psa_status_t psa_mac_start( psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) +{ + int ret = MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + psa_status_t status; + key_slot_t *slot; + psa_key_type_t key_type; + size_t key_bits; + const mbedtls_cipher_info_t *cipher_info = NULL; + + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 1; + operation->has_input = 0; + + status = psa_get_key_information( key, &key_type, &key_bits ); + if( status != PSA_SUCCESS ) + return( status ); + slot = &global_data.key_slots[key]; + + if( ! PSA_ALG_IS_HMAC( alg ) ) + { + cipher_info = mbedtls_cipher_info_of_psa( alg, key_type, key_bits ); + if( cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + operation->mac_size = cipher_info->block_size; + } + switch( alg ) + { +#if defined(MBEDTLS_CMAC_C) + case PSA_ALG_CMAC: + operation->iv_required = 0; + mbedtls_cipher_init( &operation->ctx.cmac ); + ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); + if( ret != 0 ) + break; + ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac, + slot->data.raw.data, + key_bits ); + break; +#endif /* MBEDTLS_CMAC_C */ + default: +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( alg ) ) + { + const mbedtls_md_info_t *md_info = + mbedtls_md_info_of_psa( PSA_ALG_HMAC_HASH( alg ) ); + if( md_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( key_type != PSA_KEY_TYPE_HMAC ) + return( PSA_ERROR_INVALID_ARGUMENT ); + operation->iv_required = 0; + operation->mac_size = mbedtls_md_get_size( md_info ); + mbedtls_md_init( &operation->ctx.hmac ); + ret = mbedtls_md_setup( &operation->ctx.hmac, md_info, 1 ); + if( ret != 0 ) + break; + ret = mbedtls_md_hmac_starts( &operation->ctx.hmac, + slot->data.raw.data, + slot->data.raw.bytes ); + break; + } + else +#endif /* MBEDTLS_MD_C */ + return( PSA_ERROR_NOT_SUPPORTED ); + } + + /* If we reach this point, then the algorithm-specific part of the + * context has at least been initialized, and may contain data that + * needs to be wiped on error. */ + operation->alg = alg; + if( ret != 0 ) + { + psa_mac_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } + operation->key_set = 1; + return( 0 ); +} + +psa_status_t psa_mac_update( psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ + int ret; + if( ! operation->key_set ) + return( PSA_ERROR_BAD_STATE ); + if( operation->iv_required && ! operation->iv_set ) + return( PSA_ERROR_BAD_STATE ); + operation->has_input = 1; + + switch( operation->alg ) + { +#if defined(MBEDTLS_CMAC_C) + case PSA_ALG_CMAC: + ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac, + input, input_length ); + break; +#endif /* MBEDTLS_CMAC_C */ + default: +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( operation->alg ) ) + { + ret = mbedtls_md_hmac_update( &operation->ctx.hmac, + input, input_length ); + } + else +#endif /* MBEDTLS_MD_C */ + { + ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } + break; + } + if( ret != 0 ) + psa_mac_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); +} + +psa_status_t psa_mac_finish( psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ) +{ + int ret; + if( ! operation->key_set ) + return( PSA_ERROR_BAD_STATE ); + if( operation->iv_required && ! operation->iv_set ) + return( PSA_ERROR_BAD_STATE ); + + /* Fill the output buffer with something that isn't a valid mac + * (barring an attack on the mac and deliberately-crafted input), + * in case the caller doesn't check the return status properly. */ + *mac_length = operation->mac_size; + memset( mac, '!', mac_size ); + + if( mac_size < operation->mac_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + switch( operation->alg ) + { +#if defined(MBEDTLS_CMAC_C) + case PSA_ALG_CMAC: + ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac ); + break; +#endif /* MBEDTLS_CMAC_C */ + default: +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( operation->alg ) ) + { + ret = mbedtls_md_hmac_finish( &operation->ctx.hmac, mac ); + } + else +#endif /* MBEDTLS_MD_C */ + { + ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } + break; + } + + if( ret == 0 ) + { + return( psa_mac_abort( operation ) ); + } + else + { + psa_mac_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } +} + +#define MBEDTLS_PSA_MAC_MAX_SIZE \ + ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \ + MBEDTLS_MD_MAX_SIZE : \ + MBEDTLS_MAX_BLOCK_LENGTH ) +psa_status_t psa_mac_verify( psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length ) +{ + uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE]; + size_t actual_mac_length; + psa_status_t status = psa_mac_finish( operation, + actual_mac, sizeof( actual_mac ), + &actual_mac_length ); + if( status != PSA_SUCCESS ) + return( status ); + if( actual_mac_length != mac_length ) + return( PSA_ERROR_INVALID_SIGNATURE ); + if( safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 ) + return( PSA_ERROR_INVALID_SIGNATURE ); + return( PSA_SUCCESS ); +} + + /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f53b1a436..4f4bef14c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -45,6 +45,14 @@ PSA hash verify: SHA-256 depends_on:MBEDTLS_SHA256_C hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" +PSA MAC verify: HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62" + +PSA MAC verify: CMAC-AES-128 +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 21802d147..d5305740f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1,5 +1,7 @@ /* BEGIN_HEADER */ #include "psa/crypto.h" + +#include "mbedtls/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -200,6 +202,67 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mac_verify( int key_type_arg, char *key_hex, + int alg_arg, char *iv_hex, + char *input_hex, char *mac_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char *iv = NULL; + size_t iv_size; + unsigned char *input = NULL; + size_t input_size; + unsigned char *expected_mac = NULL; + size_t expected_mac_size; + psa_mac_operation_t operation; + + key_size = strlen( key_hex ) / 2; + key = mbedtls_calloc( 1, key_size ); + TEST_ASSERT( key != NULL ); + key_size = unhexify( key, key_hex ); + iv_size = strlen( iv_hex ) / 2; + if( iv_size != 0 ) + { + iv = mbedtls_calloc( 1, iv_size ); + TEST_ASSERT( iv != NULL ); + iv_size = unhexify( iv, iv_hex ); + } + input_size = strlen( input_hex ) / 2; + input = mbedtls_calloc( 1, input_size ); + TEST_ASSERT( input != NULL ); + input_size = unhexify( input, input_hex ); + expected_mac_size = strlen( mac_hex ) / 2; + expected_mac = mbedtls_calloc( 1, expected_mac_size ); + TEST_ASSERT( expected_mac != NULL ); + expected_mac_size = unhexify( expected_mac, mac_hex ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + // TODO: support IV + TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_update( &operation, + input, input_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_verify( &operation, + expected_mac, + expected_mac_size ) == PSA_SUCCESS ); + +exit: + mbedtls_free( key ); + mbedtls_free( iv ); + mbedtls_free( input ); + mbedtls_free( expected_mac ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) { From 7e4acc5ef859f7b677d989d3d75d21fa3890b0d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Feb 2018 21:24:11 +0100 Subject: [PATCH 0018/2197] Document some MAC functions: psa_mac_start Adapt the documentation of hash functions. State that the key object does not need to remain valid throughout the operation. --- include/psa/crypto.h | 58 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5fb35685d..8cf7e3a3f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -447,7 +447,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * -# Allocate an operation object which will be passed to all the functions * listed here. * -# Call psa_hash_start() to specify the algorithm. - * -# Call psa_hash_update() zero, one or more time, passing a fragment + * -# Call psa_hash_update() zero, one or more times, passing a fragment * of the message each time. The hash that is calculated is the hash * of the concatenation of these messages in order. * -# To calculate the hash, call psa_hash_finish(). @@ -606,13 +606,69 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * @{ */ +/** The type of the state data structure for multipart MAC operations. + * + * This is an implementation-define \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ typedef struct psa_mac_operation_s psa_mac_operation_t; +/** The size of the output of psa_mac_finish(), in bytes. + * + * This is also the MAC size that psa_mac_verify() expects. + * + * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_MAC(alg) is true). + * + * \return The MAC size for the specified algorithm. + * If the MAC algorithm is not recognized, return 0. + * An implementation may return either 0 or the correct size + * for a MAC algorithm that it recognizes, but does not support. + */ #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_FINAL_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ 0) +/** Start a multipart MAC operation. + * + * The sequence of operations to calculate a MAC (message authentication code) + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_mac_start() to specify the algorithm and key. + * The key remains associated with the operation even if the content + * of the key slot changes. + * -# Call psa_mac_update() zero, one or more times, passing a fragment + * of the message each time. The MAC that is calculated is the MAC + * of the concatenation of these messages in order. + * -# To calculate the MAC, call psa_mac_finish(). + * To compare the MAC with an expected value, call psa_mac_verify(). + * + * The application may call psa_mac_abort() at any time after the operation + * has been initialized with psa_mac_start(). + * + * After a successful call to psa_mac_start(), the application must + * eventually destroy the operation through one of the following means: + * - A failed call to psa_mac_update(). + * - A call to psa_mac_final(), psa_mac_verify() or psa_mac_abort(). + * + * \param operation + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a MAC algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_mac_start(psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg); From 428dc5aef19fb191e528eece58089273b3da7897 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:27:18 +0100 Subject: [PATCH 0019/2197] Prototypes for symmetric cipher functions --- include/psa/crypto.h | 131 +++++++++++++++++++++++++++++++++++- include/psa/crypto_struct.h | 12 ++++ 2 files changed, 141 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8cf7e3a3f..0998a498d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -251,9 +251,10 @@ typedef uint32_t psa_algorithm_t; PSA_ALG_CIPHER_MAC_BASE) #define PSA_ALG_CIPHER_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000001) +#define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000) #define PSA_ALG_BLOCK_CIPHER_MODE_MASK ((psa_algorithm_t)0x000000ff) -#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x007f0000) +#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000) #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) #define PSA_ALG_IS_BLOCK_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ @@ -690,6 +691,132 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); /**@}*/ +/** \defgroup cipher Symmetric ciphers + * @{ + */ + +/** The type of the state data structure for multipart cipher operations. + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_cipher_operation_s psa_cipher_operation_t; + +/** Set the key for a multipart symmetric encryption operation. + * + * The sequence of operations to encrypt a message with a symmetric cipher + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_encrypt_setup() to specify the algorithm and key. + * The key remains associated with the operation even if the content + * of the key slot changes. + * -# Call either psa_encrypt_generate_iv() or psa_encrypt_set_iv() to + * generate or set the IV (initialization vector). You should use + * psa_encrypt_generate_iv() unless the protocol you are implementing + * requires a specific IV value. + * -# Call psa_cipher_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_cipher_finish(). + * + * The application may call psa_cipher_abort() at any time after the operation + * has been initialized with psa_encrypt_setup(). + * + * After a successful call to psa_encrypt_setup(), the application must + * eventually destroy the operation through one of the following means: + * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv() + * or psa_cipher_update(). + * - A call to psa_cipher_final() or psa_cipher_abort(). + * + * \param operation + * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_CIPHER(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a cipher algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); + +/** Set the key for a multipart symmetric decryption operation. + * + * The sequence of operations to decrypt a message with a symmetric cipher + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_decrypt_setup() to specify the algorithm and key. + * The key remains associated with the operation even if the content + * of the key slot changes. + * -# Call psa_cipher_update() with the IV (initialization vector) for the + * decryption. If the IV is prepended to the ciphertext, you can call + * psa_cipher_update() on a buffer containing the IV followed by the + * beginning of the message. + * -# Call psa_cipher_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_cipher_finish(). + * + * The application may call psa_cipher_abort() at any time after the operation + * has been initialized with psa_encrypt_setup(). + * + * After a successful call to psa_decrypt_setup(), the application must + * eventually destroy the operation through one of the following means: + * - A failed call to psa_cipher_update(). + * - A call to psa_cipher_final() or psa_cipher_abort(). + * + * \param operation + * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_CIPHER(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a cipher algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); + +psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length); + +psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length); + +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); + +/**@}*/ + /** \defgroup asymmetric Asymmetric cryptography * @{ */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 6bd4ed23d..ffa835e15 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -93,4 +93,16 @@ struct psa_mac_operation_s } ctx; }; +struct psa_cipher_operation_s +{ + psa_algorithm_t alg; + int key_set : 1; + int iv_set : 1; + uint8_t iv_size; + uint8_t block_size; + union + { + } ctx; +}; + #endif /* PSA_CRYPTO_STRUCT_H */ From 3b555710e2d14876a0ef708b6ed1b24c51f00582 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:27:57 +0100 Subject: [PATCH 0020/2197] Prototypes for AEAD functions This is still tentative. --- include/psa/crypto.h | 138 ++++++++++++++++++++++++++++++++++++ include/psa/crypto_struct.h | 13 ++++ 2 files changed, 151 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0998a498d..c833d7220 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -817,6 +817,144 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /**@}*/ +/** \defgroup aead Authenticated encryption with associated data (AEAD) + * @{ + */ + +/** The type of the state data structure for multipart AEAD operations. + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_aead_operation_s psa_aead_operation_t; + +/** Set the key for a multipart authenticated encryption operation. + * + * The sequence of operations to authenticate-and-encrypt a message + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. + * The key remains associated with the operation even if the content + * of the key slot changes. + * -# Call either psa_aead_generate_iv() or psa_aead_set_iv() to + * generate or set the IV (initialization vector). You should use + * psa_encrypt_generate_iv() unless the protocol you are implementing + * requires a specific IV value. + * -# Call psa_aead_update_ad() to pass the associated data that is + * to be authenticated but not encrypted. You may omit this step if + * there is no associated data. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the data to encrypt each time. + * -# Call psa_aead_finish(). + * + * The application may call psa_aead_abort() at any time after the operation + * has been initialized with psa_aead_encrypt_setup(). + * + * After a successful call to psa_aead_setup(), the application must + * eventually destroy the operation through one of the following means: + * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(), + * psa_aead_update_ad() or psa_aead_update(). + * - A call to psa_aead_final() or psa_aead_abort(). + * + * \param operation + * \param alg The AEAD algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_AEAD(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not an AEAD algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); + +/** Set the key for a multipart authenticated decryption operation. + * + * The sequence of operations to authenticated and decrypt a message + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. + * The key remains associated with the operation even if the content + * of the key slot changes. + * -# Call psa_aead_set_iv() to pass the initialization vector (IV) + * for the authenticated decryption. + * -# Call psa_aead_update_ad() to pass the associated data that is + * to be authenticated but not encrypted. You may omit this step if + * there is no associated data. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the data to decrypt each time. + * -# Call psa_aead_finish(). + * + * The application may call psa_aead_abort() at any time after the operation + * has been initialized with psa_aead_decrypt_setup(). + * + * After a successful call to psa_decrypt_setup(), the application must + * eventually destroy the operation through one of the following means: + * - A failed call to psa_aead_update(). + * - A call to psa_cipher_final() or psa_cipher_abort(). + * + * \param operation + * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_CIPHER(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a cipher algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); + +psa_status_t psa_aead_generate_iv(psa_aead_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length); + +psa_status_t psa_aead_set_iv(psa_aead_operation_t *operation, + const unsigned char *iv, + size_t iv_length); + +psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t psa_aead_update(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t psa_aead_finish(psa_aead_operation_t *operation, + uint8_t *tag, + size_t tag_size, + size_t *tag_length); + +psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + uint8_t *tag, + size_t tag_length); + +psa_status_t psa_aead_abort(psa_aead_operation_t *operation); + +/**@}*/ + /** \defgroup asymmetric Asymmetric cryptography * @{ */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index ffa835e15..9e70512d7 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -105,4 +105,17 @@ struct psa_cipher_operation_s } ctx; }; +struct psa_aead_operation_s +{ + psa_algorithm_t alg; + int key_set : 1; + int iv_set : 1; + int ad_set : 1; + uint8_t iv_size; + uint8_t block_size; + union + { + } ctx; +}; + #endif /* PSA_CRYPTO_STRUCT_H */ From 92b3073e36247d34edbf56674b6b4a28516bbb6a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:29:30 +0100 Subject: [PATCH 0021/2197] Minor documentation fixes --- include/psa/crypto.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c833d7220..94a5e0a9b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -360,7 +360,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * If a key is created with psa_import_key() and then exported with * this function, it is not guaranteed that the resulting data is * identical: the implementation may choose a different representation - * of the same key. + * of the same key if the format permits it. * * For standard key types, the output format is as follows: * @@ -370,7 +370,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * correct. * - For Triple-DES, the format is the concatenation of the * two or three DES keys. - * - For RSA key pairs keys (#PSA_KEY_TYPE_RSA_KEYPAIR), the format + * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format * is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208) * as PrivateKeyInfo. * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format @@ -385,6 +385,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * * \retval PSA_SUCCESS * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED * \retval PSA_ERROR_COMMUNICATION_FAILURE * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED @@ -403,7 +404,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, /** The type of the state data structure for multipart hash operations. * - * This is an implementation-define \c struct. Applications should not + * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ typedef struct psa_hash_operation_s psa_hash_operation_t; @@ -609,7 +610,7 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); /** The type of the state data structure for multipart MAC operations. * - * This is an implementation-define \c struct. Applications should not + * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ typedef struct psa_mac_operation_s psa_mac_operation_t; @@ -661,6 +662,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * \retval PSA_SUCCESS * Success. * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED * \retval PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. * \retval PSA_ERROR_NOT_SUPPORTED From 7698bcf338e5d3f6ac1ef20264ebae3be837da77 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:30:44 +0100 Subject: [PATCH 0022/2197] Basic interface for key policies Get/set the policy of a key slot. Opaque structure for key policies and field access functions. --- include/psa/crypto.h | 76 +++++++++++++++++++++++++++++++++++++ include/psa/crypto_struct.h | 6 +++ 2 files changed, 82 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 94a5e0a9b..493f5efba 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -395,6 +395,82 @@ psa_status_t psa_export_key(psa_key_slot_t key, size_t data_size, size_t *data_length); +/** + * \brief Export a public key or the public part of a key pair in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an object that is equivalent to the public key. + * + * For standard key types, the output format is as follows: + * + * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY), + * the format is the DER representation defined by X.509. + * + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param data Buffer where the key data is to be written. + * \param data_size Size of the \c data buffer in bytes. + * \param data_length On success, the number of bytes + * that make up the key data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_export_public_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** \brief Encoding of permitted usage on a key. */ +typedef uint32_t psa_key_usage_t; + +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) + +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) +#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) + +/** The type of the key policy data structure. + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_key_policy_s psa_key_policy_t; + +/** \brief Initialize a key policy structure to a default that forbids all + * usage of the key. */ +void psa_key_policy_init(psa_key_policy_t *policy); + +void psa_key_policy_set_usage(psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg); + +psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy); + +psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy); + +/** \brief Set the usage policy on a key slot. + * + * This function must be called on an empty key slot, before importing, + * generating or creating a key in the slot. Changing the policy of an + * existing key is not permitted. + */ +psa_status_t psa_set_key_policy(psa_key_slot_t key, + const psa_key_policy_t *policy); + +psa_status_t psa_get_key_policy(psa_key_slot_t key, + psa_key_policy_t *policy); /**@}*/ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 9e70512d7..c0a673860 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -118,4 +118,10 @@ struct psa_aead_operation_s } ctx; }; +struct psa_key_policy_s +{ + psa_key_usage_t usage; + psa_algorithm_t alg; +}; + #endif /* PSA_CRYPTO_STRUCT_H */ From 609b6a5b67b23ada65442b4a70b114d29105ff49 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 3 Mar 2018 21:31:50 +0100 Subject: [PATCH 0023/2197] Get the lifetime of a key slot --- include/psa/crypto.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 493f5efba..97fe4c3c2 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -474,6 +474,34 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, /**@}*/ +/** \defgroup persistence Key lifetime + * @{ + */ + +/** Encoding of key lifetimes. + */ +typedef uint32_t psa_key_lifetime_t; + +/** A volatile key slot retains its content as long as the application is + * running. It is guaranteed to be erased on a power reset. + */ +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) + +/** A persistent key slot retains its content as long as it is not explicitly + * destroyed. + */ +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) + +/** A write-once key slot may not be modified once a key has been set. + * It will retain its content as long as the device remains operational. + */ +#define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) + +psa_status_t psa_get_key_lifetime(psa_key_slot_t key, + psa_key_lifetime_t *lifetime); + +/**@}*/ + /** \defgroup hash Message digests * @{ */ From e4ebc12fcd1033e78cb2d9e8e0988018e130a886 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 14:16:44 +0100 Subject: [PATCH 0024/2197] psa_crypto_init: set the global initialized flag --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e264990ff..ea25c49a4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1288,6 +1288,8 @@ psa_status_t psa_crypto_init( void ) if( ret != 0 ) goto exit; + global_data.initialized = 1; + exit: if( ret != 0 ) mbedtls_psa_crypto_free( ); From 2905a7adccfaa18a562ad150d81763c209b0084d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:39:31 +0100 Subject: [PATCH 0025/2197] Fix namespace violation --- include/psa/crypto.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 97fe4c3c2..7eb45fbe8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -107,8 +107,8 @@ typedef enum { */ psa_status_t psa_crypto_init(void); -#define BITS_TO_BYTES(bits) (((bits) + 7) / 8) -#define BYTES_TO_BITS(bytes) ((bytes) * 8) +#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) +#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) /**@}*/ @@ -1123,7 +1123,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * */ #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ 0) From f5b9fa13e0f8d6de66c08d6fcfaaf1250059902f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:40:18 +0100 Subject: [PATCH 0026/2197] Documentation clarifications Clarify or add the documentation of some functions and constants. Add a note about what the __DOXYGEN_ONLY__ section is for. --- include/psa/crypto.h | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7eb45fbe8..48586a2f1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -11,6 +11,11 @@ #include #ifdef __DOXYGEN_ONLY__ +/* This __DOXYGEN_ONLY__ block contains mock definitions for things that + * must be defined in the crypto_platform.h header. These mock definitions + * are present in this file as a convenience to generate pretty-printed + * documentation that includes those definitions. */ + /** \defgroup platform Implementation-specific definitions * @{ */ @@ -30,7 +35,7 @@ typedef _unsigned_integral_type_ psa_key_slot_t; /**@}*/ -#endif +#endif /* __DOXYGEN_ONLY__ */ #ifdef __cplusplus extern "C" { @@ -120,7 +125,19 @@ psa_status_t psa_crypto_init(void); */ typedef uint32_t psa_key_type_t; +/** An invalid key type value. + * + * Zero is not the encoding of any key type. + */ #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) + +/** Vendor-defined flag + * + * Key types defined by this standard will never have the + * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types + * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should + * respect the bitwise structure used by standard encodings whenever practical. + */ #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) @@ -142,6 +159,7 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_ECC_BASE ((psa_key_type_t)0x06030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +/** Whether a key type is vendor-defined. */ #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) #define PSA_KEY_TYPE_IS_RAW_BYTES(type) \ @@ -290,7 +308,8 @@ typedef uint32_t psa_algorithm_t; /** * \brief Import a key in binary format. * - * This function supports any output from psa_export_key(). + * This function supports any output from psa_export_key(). Refer to the + * documentation of psa_export_key() for the format for each key type. * * \param key Slot where the key will be stored. This must be a * valid slot for a key of the chosen type. It must From 03182e99b63baee25ca221715787409ad557b8b7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:40:52 +0100 Subject: [PATCH 0027/2197] Fix parameter name in PSA_BLOCK_CIPHER_BLOCK_SIZE --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 48586a2f1..cc9881bad 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -178,7 +178,7 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_ECC(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE) -#define PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) \ +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ ( \ (type) == PSA_KEY_TYPE_AES ? 16 : \ (type) == PSA_KEY_TYPE_DES ? 8 : \ From 6d9121381a8e170afab9a80aeafb11ff28e2a6a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:41:37 +0100 Subject: [PATCH 0028/2197] Add some comments to document some non-obvious coding choices --- library/psa_crypto.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ea25c49a4..cc631d950 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -305,6 +305,7 @@ psa_status_t psa_import_key(psa_key_slot_t key, if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) { + /* Ensure that a bytes-to-bit conversion won't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); slot->data.raw.data = mbedtls_calloc( 1, data_length ); @@ -396,7 +397,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) #endif /* defined(MBEDTLS_ECP_C) */ { /* Shouldn't happen: the key type is not any type that we - * put it. */ + * put in. */ return( PSA_ERROR_TAMPERING_DETECTED ); } @@ -445,7 +446,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, #endif /* defined(MBEDTLS_ECP_C) */ { /* Shouldn't happen: the key type is not any type that we - * put it. */ + * put in. */ return( PSA_ERROR_TAMPERING_DETECTED ); } @@ -503,8 +504,11 @@ psa_status_t psa_export_key(psa_key_slot_t key, return( PSA_SUCCESS ); } else -#endif /* definedMBEDTLS_PK_WRITE_C) */ +#endif /* defined(MBEDTLS_PK_WRITE_C) */ { + /* This shouldn't happen in the reference implementation, but + it is valid for a special-purpose implementation to omit + support for exporting certain key types. */ return( PSA_ERROR_NOT_SUPPORTED ); } } From 3c6e970752c41ec0843c8187b7b03fd02be887cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:42:44 +0100 Subject: [PATCH 0029/2197] Fix memory leak in psa_destroy_key --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc631d950..c4e6be168 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -385,6 +385,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { mbedtls_rsa_free( slot->data.rsa ); + mbedtls_free( slot->data.rsa ); } else #endif /* defined(MBEDTLS_RSA_C) */ @@ -392,6 +393,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) { mbedtls_ecp_keypair_free( slot->data.ecp ); + mbedtls_free( slot->data.ecp ); } else #endif /* defined(MBEDTLS_ECP_C) */ From dc2fc8443fe4aa18797ffdea00d6649aa1e158ae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:42:59 +0100 Subject: [PATCH 0030/2197] Rename xxx_of_psa functions to xxx_from_psa Be consistent with how similar functions are named in Mbed TLS. --- library/psa_crypto.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c4e6be168..81da8cef0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -521,7 +521,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, /* Message digests */ /****************************************************************/ -static const mbedtls_md_info_t *mbedtls_md_info_of_psa( psa_algorithm_t alg ) +static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) { switch( alg ) { @@ -865,7 +865,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, /* MAC */ /****************************************************************/ -static const mbedtls_cipher_info_t *mbedtls_cipher_info_of_psa( +static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits ) @@ -984,7 +984,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( ! PSA_ALG_IS_HMAC( alg ) ) { - cipher_info = mbedtls_cipher_info_of_psa( alg, key_type, key_bits ); + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); operation->mac_size = cipher_info->block_size; @@ -1008,7 +1008,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( alg ) ) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_of_psa( PSA_ALG_HMAC_HASH( alg ) ); + mbedtls_md_info_from_psa( PSA_ALG_HMAC_HASH( alg ) ); if( md_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( key_type != PSA_KEY_TYPE_HMAC ) @@ -1191,7 +1191,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_of_psa( hash_alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); mbedtls_md_type_t md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); if( md_alg == MBEDTLS_MD_NONE ) From 40f68b98630af5cc46cd7e2bf954e806fdbfab6c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Mar 2018 16:43:36 +0100 Subject: [PATCH 0031/2197] Use unhexify_alloc where applicable --- tests/suites/test_suite_psa_crypto.function | 51 ++++++--------------- 1 file changed, 15 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d5305740f..93817948c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -33,10 +33,8 @@ void import( char *hex, int type, int expected_status ) unsigned char *data = NULL; size_t data_size; - data_size = strlen( hex ) / 2; - data = mbedtls_calloc( 1, data_size ); + data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); - data_size = unhexify( data, hex ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); status = psa_import_key( slot, type, data, data_size ); @@ -71,10 +69,8 @@ void import_export( char *hex, int type_arg, psa_key_type_t got_type; size_t got_bits; - data_size = strlen( hex ) / 2; - data = mbedtls_calloc( 1, data_size ); + data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); - data_size = unhexify( data, hex ); export_size = (ssize_t) data_size + export_size_delta; exported = mbedtls_calloc( 1, export_size ); TEST_ASSERT( exported != NULL ); @@ -147,10 +143,8 @@ void hash_finish( int alg_arg, char *input_hex, char *hash_hex ) size_t actual_hash_length; psa_hash_operation_t operation; - input_size = strlen( input_hex ) / 2; - input = mbedtls_calloc( 1, input_size ); + input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - input_size = unhexify( input, input_hex ); expected_hash_length = unhexify( expected_hash, hash_hex ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -181,10 +175,8 @@ void hash_verify( int alg_arg, char *input_hex, char *hash_hex ) size_t expected_hash_length; psa_hash_operation_t operation; - input_size = strlen( input_hex ) / 2; - input = mbedtls_calloc( 1, input_size ); + input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - input_size = unhexify( input, input_hex ); expected_hash_length = unhexify( expected_hash, hash_hex ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -220,25 +212,17 @@ void mac_verify( int key_type_arg, char *key_hex, size_t expected_mac_size; psa_mac_operation_t operation; - key_size = strlen( key_hex ) / 2; - key = mbedtls_calloc( 1, key_size ); + key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - key_size = unhexify( key, key_hex ); - iv_size = strlen( iv_hex ) / 2; - if( iv_size != 0 ) + if( iv_hex[0] != 0 ) { - iv = mbedtls_calloc( 1, iv_size ); + iv = unhexify_alloc( iv_hex, &iv_size ); TEST_ASSERT( iv != NULL ); - iv_size = unhexify( iv, iv_hex ); } - input_size = strlen( input_hex ) / 2; - input = mbedtls_calloc( 1, input_size ); + input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - input_size = unhexify( input, input_hex ); - expected_mac_size = strlen( mac_hex ) / 2; - expected_mac = mbedtls_calloc( 1, expected_mac_size ); + expected_mac = unhexify_alloc( mac_hex, &expected_mac_size ); TEST_ASSERT( expected_mac != NULL ); - expected_mac_size = unhexify( expected_mac, mac_hex ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -293,15 +277,12 @@ void sign_deterministic( int key_type_arg, char *key_hex, size_t signature_size; size_t signature_length = 0xdeadbeef; - key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); + key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - key_size = unhexify( key_data, key_hex ); - input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 ); + input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - input_size = unhexify( input_data, input_hex ); - output_data = mbedtls_calloc( 1, strlen( output_hex ) / 2 ); + output_data = unhexify_alloc( output_hex, &output_size ); TEST_ASSERT( output_data != NULL ); - output_size = unhexify( output_data, output_hex ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -348,15 +329,13 @@ void sign_fail( int key_type_arg, char *key_hex, size_t input_size; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - unsigned char *signature; + unsigned char *signature = NULL; size_t signature_length = 0xdeadbeef; - key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 ); + key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - key_size = unhexify( key_data, key_hex ); - input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 ); + input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - input_size = unhexify( input_data, input_hex ); signature = mbedtls_calloc( 1, signature_size ); TEST_ASSERT( signature != NULL ); From 06dc26350e7aa73543ce8446373d4ed8c30e079f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Mar 2018 07:47:25 +0100 Subject: [PATCH 0032/2197] Fix macro definitions for ECC keys Public keys and key pairs have different types. --- include/psa/crypto.h | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cc9881bad..16d7c08c8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -156,8 +156,17 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000) /** RSA key pair (private and public key). */ #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000) -#define PSA_KEY_TYPE_ECC_BASE ((psa_key_type_t)0x06030000) +/** DSA public key. */ +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x06020000) +/** DSA key pair (private and public key). */ +#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000) +#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ + (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ + (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) /** Whether a key type is vendor-defined. */ #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ @@ -165,18 +174,32 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_RAW_BYTES(type) \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_RAW_DATA || \ ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + +/** Whether a key type is asymmetric: either a key pair or a public key. */ #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) +/** Whether a key type is the public part of a key pair. */ #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG) == \ PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)) +/** Whether a key type is a key pair containing a private part and a public + * part. */ #define PSA_KEY_TYPE_IS_KEYPAIR(type) \ (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG)) +/** Whether a key type is an RSA key pair or public key. */ +/** The key pair type corresponding to a public key type. */ +#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ + ((type) | PSA_KEY_TYPE_PAIR_FLAG) +/** The public key type corresponding to a key pair type. */ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ + ((type) & ~PSA_KEY_TYPE_PAIR_FLAG) #define PSA_KEY_TYPE_IS_RSA(type) \ - (((type) & ~PSA_KEY_TYPE_PAIR_FLAG) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) +/** Whether a key type is an elliptic curve key pair or public key. */ #define PSA_KEY_TYPE_IS_ECC(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE) + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ + ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ ( \ From e3f694f49a1c561689a1279f3ad5c4b9dbf9381d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Mar 2018 07:48:40 +0100 Subject: [PATCH 0033/2197] Remove non-standard hash algorithms --- include/psa/crypto.h | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 16d7c08c8..ffa70d5c3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -259,10 +259,8 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) -#define PSA_ALG_SHA_256_128 ((psa_algorithm_t)0x01000004) -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000005) -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000006) -#define PSA_ALG_SHA_256_160 ((psa_algorithm_t)0x01000007) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) @@ -572,10 +570,8 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; (alg) == PSA_ALG_MD2 ? 16 : \ (alg) == PSA_ALG_MD4 ? 16 : \ (alg) == PSA_ALG_MD5 ? 16 : \ - (alg) == PSA_ALG_SHA_256_128 ? 16 : \ (alg) == PSA_ALG_RIPEMD160 ? 20 : \ (alg) == PSA_ALG_SHA_1 ? 20 : \ - (alg) == PSA_ALG_SHA_256_160 ? 20 : \ (alg) == PSA_ALG_SHA_224 ? 28 : \ (alg) == PSA_ALG_SHA_256 ? 32 : \ (alg) == PSA_ALG_SHA_384 ? 48 : \ From d393e18f90bab4c70d00cd5e65a5a64be5c98150 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Mar 2018 07:49:16 +0100 Subject: [PATCH 0034/2197] Add psa_set_key_lifetime It is likely that most implementations won't support this function. But in case an implementation wants to provide it, standardize its interface. --- include/psa/crypto.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ffa70d5c3..5edc04fcd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -537,9 +537,22 @@ typedef uint32_t psa_key_lifetime_t; */ #define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) +/** \brief Retrieve the lifetime of a key slot. + * + * The assignment of lifetimes to slots is implementation-dependent. + */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); +/** \brief Change the lifetime of a key slot. + * + * Whether the lifetime of a key slot can be changed at all, and if so + * whether the lifetime of an occupied key slot can be chaned, is + * implementation-dependent. + */ +psa_status_t psa_set_key_lifetime(psa_key_slot_t key, + const psa_key_lifetime_t *lifetime); + /**@}*/ /** \defgroup hash Message digests From 7e1985372206de30c0da8e65e0498f5b1118b47c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Mar 2018 07:50:30 +0100 Subject: [PATCH 0035/2197] More documentation --- include/psa/crypto.h | 59 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 57 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5edc04fcd..69c93dd6a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -201,11 +201,24 @@ typedef uint32_t psa_key_type_t; ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +/** The block size of a block cipher. + * + * \param type A cipher key type (value of type #psa_key_type_t). + * + * \return The block size for a block cipher, or 1 for a stream cipher. + * The return value is undefined if \c type does not identify + * a cipher algorithm. + * + * \note This macro returns a compile-time constant if its argument is one. + * + * \warning This macro may evaluate its argument multiple times. + */ #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ ( \ (type) == PSA_KEY_TYPE_AES ? 16 : \ (type) == PSA_KEY_TYPE_DES ? 8 : \ (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ + (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ 0) /** \brief Encoding of a cryptographic algorithm. @@ -233,11 +246,12 @@ typedef uint32_t psa_algorithm_t; (((alg) & PSA_ALG_VENDOR_FLAG) != 0) /** Whether the specified algorithm is a hash algorithm. * - * \param alg An algorithm identifier (\c PSA_ALG_XXX value) + * \param alg An algorithm identifier (value of type #psa_algorithm_t). * * \return 1 if \c alg is a hash algorithm, 0 otherwise. * This macro may return either 0 or 1 if \c alg is not a valid - * algorithm identifier. */ + * algorithm identifier. + */ #define PSA_ALG_IS_HASH(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) #define PSA_ALG_IS_MAC(alg) \ @@ -474,11 +488,41 @@ psa_status_t psa_export_public_key(psa_key_slot_t key, /** \brief Encoding of permitted usage on a key. */ typedef uint32_t psa_key_usage_t; +/** Whether the key may be exported. + * + * A public key or the public part of a key pair may always be exported + * regardless of the value of this permission flag. + * + * If a key does not have export permission, implementations shall not + * allow the key to be exported in plain form from the cryptoprocessor, + * whether through psa_export_key() or through a proprietary interface. + * The key may however be exportable in a wrapped form, i.e. in a form + * where it is encrypted by another key. + */ #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) +/** Whether the key may be used to encrypt a message. + * + * For a key pair, this concerns the public key. + */ #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) + +/** Whether the key may be used to decrypt a message. + * + * For a key pair, this concerns the private key. + */ #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) + +/** Whether the key may be used to sign a message. + * + * For a key pair, this concerns the private key. + */ #define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) + +/** Whether the key may be used to verify a message signature. + * + * For a key pair, this concerns the public key. + */ #define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) /** The type of the key policy data structure. @@ -492,6 +536,12 @@ typedef struct psa_key_policy_s psa_key_policy_t; * usage of the key. */ void psa_key_policy_init(psa_key_policy_t *policy); +/** \brief Set the standard fields of a policy structure. + * + * Note that this function does not make any consistency check of the + * parameters. The values are only checked when applying the policy to + * a key slot with psa_set_key_policy(). + */ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg); @@ -505,10 +555,15 @@ psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy); * This function must be called on an empty key slot, before importing, * generating or creating a key in the slot. Changing the policy of an * existing key is not permitted. + * + * Implementations may set restrictions on supported key policies + * depending on the key type and the key slot. */ psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy); +/** \brief Get the usage policy for a key slot. + */ psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy); From 971f7064e932d19e6b51d095421823fe40f37cc9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Mar 2018 17:52:58 +0100 Subject: [PATCH 0036/2197] More precise reference for the RSA public key format --- include/psa/crypto.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 69c93dd6a..95c894852 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -428,7 +428,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208) * as PrivateKeyInfo. * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format - * is the DER representation defined by X.509. + * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. * * \param key Slot whose content is to be exported. This must * be an occupied key slot. @@ -458,7 +458,8 @@ psa_status_t psa_export_key(psa_key_slot_t key, * For standard key types, the output format is as follows: * * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY), - * the format is the DER representation defined by X.509. + * is the DER representation of the public key defined by RFC 5280 + * as SubjectPublicKeyInfo. * * \param key Slot whose content is to be exported. This must * be an occupied key slot. From ed522974bdf5528bc668532bfd2a02bc4f4b3bcf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Mar 2018 17:54:15 +0100 Subject: [PATCH 0037/2197] Clarify how multipart operations get terminated --- include/psa/crypto.h | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 95c894852..a9cddc027 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -670,7 +670,8 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * has been initialized with psa_hash_start(). * * After a successful call to psa_hash_start(), the application must - * eventually destroy the operation through one of the following means: + * eventually terminate the operation. The following events terminate an + * operation: * - A failed call to psa_hash_update(). * - A call to psa_hash_final(), psa_hash_verify() or psa_hash_abort(). * @@ -862,7 +863,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * has been initialized with psa_mac_start(). * * After a successful call to psa_mac_start(), the application must - * eventually destroy the operation through one of the following means: + * eventually terminate the operation. The following events terminate an + * operation: * - A failed call to psa_mac_update(). * - A call to psa_mac_final(), psa_mac_verify() or psa_mac_abort(). * @@ -936,7 +938,8 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * has been initialized with psa_encrypt_setup(). * * After a successful call to psa_encrypt_setup(), the application must - * eventually destroy the operation through one of the following means: + * eventually terminate the operation. The following events terminate an + * operation: * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv() * or psa_cipher_update(). * - A call to psa_cipher_final() or psa_cipher_abort(). @@ -983,7 +986,8 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * has been initialized with psa_encrypt_setup(). * * After a successful call to psa_decrypt_setup(), the application must - * eventually destroy the operation through one of the following means: + * eventually terminate the operation. The following events terminate an + * operation: * - A failed call to psa_cipher_update(). * - A call to psa_cipher_final() or psa_cipher_abort(). * @@ -1064,8 +1068,9 @@ typedef struct psa_aead_operation_s psa_aead_operation_t; * The application may call psa_aead_abort() at any time after the operation * has been initialized with psa_aead_encrypt_setup(). * - * After a successful call to psa_aead_setup(), the application must - * eventually destroy the operation through one of the following means: + * After a successful call to psa_aead_encrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(), * psa_aead_update_ad() or psa_aead_update(). * - A call to psa_aead_final() or psa_aead_abort(). @@ -1112,8 +1117,9 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * The application may call psa_aead_abort() at any time after the operation * has been initialized with psa_aead_decrypt_setup(). * - * After a successful call to psa_decrypt_setup(), the application must - * eventually destroy the operation through one of the following means: + * After a successful call to psa_aead_decrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: * - A failed call to psa_aead_update(). * - A call to psa_cipher_final() or psa_cipher_abort(). * From 1906798d4ce0cc5e7d3c5dd1afe9c8e7d6933b73 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Mar 2018 17:54:53 +0100 Subject: [PATCH 0038/2197] Fix some typos and copypasta --- include/psa/crypto.h | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a9cddc027..04e6b4796 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -603,7 +603,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, /** \brief Change the lifetime of a key slot. * * Whether the lifetime of a key slot can be changed at all, and if so - * whether the lifetime of an occupied key slot can be chaned, is + * whether the lifetime of an occupied key slot can be changed, is * implementation-dependent. */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, @@ -673,7 +673,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_hash_update(). - * - A call to psa_hash_final(), psa_hash_verify() or psa_hash_abort(). + * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort(). * * \param operation * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value @@ -767,7 +767,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * * When this function returns, the operation becomes inactive. * - * \note Applications shall make the best effort to ensure that the + * \note Implementations shall make the best effort to ensure that the * comparison between the actual hash and the expected hash is performed * in constant time. * @@ -866,7 +866,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_mac_update(). - * - A call to psa_mac_final(), psa_mac_verify() or psa_mac_abort(). + * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort(). * * \param operation * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value @@ -942,7 +942,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * operation: * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv() * or psa_cipher_update(). - * - A call to psa_cipher_final() or psa_cipher_abort(). + * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param operation * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value @@ -989,7 +989,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_cipher_update(). - * - A call to psa_cipher_final() or psa_cipher_abort(). + * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param operation * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value @@ -1073,7 +1073,7 @@ typedef struct psa_aead_operation_s psa_aead_operation_t; * operation: * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(), * psa_aead_update_ad() or psa_aead_update(). - * - A call to psa_aead_final() or psa_aead_abort(). + * - A call to psa_aead_finish() or psa_aead_abort(). * * \param operation * \param alg The AEAD algorithm to compute (\c PSA_ALG_XXX value @@ -1121,11 +1121,11 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_aead_update(). - * - A call to psa_cipher_final() or psa_cipher_abort(). + * - A call to psa_aead_finish() or psa_aead_abort(). * * \param operation - * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_CIPHER(alg) is true). + * \param alg The AEAD algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_AEAD(alg) is true). * * \retval PSA_SUCCESS * Success. @@ -1134,7 +1134,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. * \retval PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a cipher algorithm. + * \c alg is not supported or is not an AEAD algorithm. * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_COMMUNICATION_FAILURE * \retval PSA_ERROR_HARDWARE_FAILURE From 8cc1ceec3e00486e98712f61757c51b563025578 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 28 Mar 2018 01:21:33 +0300 Subject: [PATCH 0039/2197] Key Policy APIs implementation --- include/psa/crypto.h | 6 ++ library/psa_crypto.c | 79 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 3 + tests/suites/test_suite_psa_crypto.function | 39 ++++++++++ 4 files changed, 127 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e8b22e0f5..687a3499f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -89,6 +89,8 @@ typedef enum { PSA_ERROR_INVALID_SIGNATURE, /** The decrypted padding is incorrect. */ PSA_ERROR_INVALID_PADDING, + /** The key policy is incorrect. */ + PSA_ERROR_INVALID_KEY_POLICY, /** An error occurred that does not correspond to any defined failure cause. */ PSA_ERROR_UNKNOWN_ERROR, @@ -489,6 +491,10 @@ psa_status_t psa_export_public_key(psa_key_slot_t key, /** \brief Encoding of permitted usage on a key. */ typedef uint32_t psa_key_usage_t; +/** An invalid key usage value. + * */ +#define PSA_KEY_USAGE_NONE ((psa_key_usage_t)0x00000000) + /** Whether the key may be exported. * * A public key or the public part of a key pair may always be exported diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c93da95b9..d53d6ee40 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -96,6 +96,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) typedef struct { psa_key_type_t type; + psa_key_policy_t policy; union { struct raw_data { uint8_t *data; @@ -1260,6 +1261,84 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, } +/****************************************************************/ +/* Key Policy */ +/****************************************************************/ + +void psa_key_policy_init(psa_key_policy_t *policy) +{ + mbedtls_zeroize( policy, sizeof( policy ) ); +} + +void psa_key_policy_set_usage(psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg) +{ + if( policy != NULL ) + { + policy->usage = usage; + policy->alg = alg; + } +} + +psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy) +{ + return policy->usage; +} + +psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy) +{ + return policy->alg; +} + +psa_status_t psa_set_key_policy(psa_key_slot_t key, + const psa_key_policy_t *policy) +{ + key_slot_t *slot; + psa_key_usage_t usage = PSA_KEY_USAGE_NONE; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + slot = &global_data.key_slots[key]; + if( slot->type != PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_OCCUPIED_SLOT ); + + usage |= policy->usage & PSA_KEY_USAGE_EXPORT; + usage |= policy->usage & PSA_KEY_USAGE_ENCRYPT; + usage |= policy->usage & PSA_KEY_USAGE_DECRYPT; + usage |= policy->usage & PSA_KEY_USAGE_SIGN; + usage |= policy->usage & PSA_KEY_USAGE_VERIFY; + + if( usage == PSA_KEY_USAGE_NONE ) + { + return( PSA_ERROR_INVALID_KEY_POLICY ); + } + + //TODO: is there any check over the algorithm before setting the policy? + slot->policy.usage = policy->usage; + slot->policy.alg = policy->alg; + + return( PSA_SUCCESS ); +} + +psa_status_t psa_get_key_policy(psa_key_slot_t key, + psa_key_policy_t *policy) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + policy->usage = slot->policy.usage; + policy->alg = slot->policy.alg; + + return( PSA_SUCCESS ); +} /****************************************************************/ /* Module setup */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4f4bef14c..c1261bc12 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -83,3 +83,6 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL + +PSA Key Policy set and get +key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 93817948c..fc5684f14 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -360,3 +360,42 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void key_policy( int usage_arg, int alg_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_ALG_CBC_BASE; + unsigned char key[32] = {0}; + psa_key_policy_t policy_set = {0}; + psa_key_policy_t policy_get = {0}; + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init(& policy_set ); + psa_key_policy_init(& policy_get ); + + psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg ); + + TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg ); + + TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg ); + + TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS ); + + TEST_ASSERT( policy_get.usage == policy_set.usage ); + TEST_ASSERT( policy_get.alg == policy_set.alg ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + From 06e7920be5fd6a2680fea9f9a8a30c1a4e5c6a9a Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 28 Mar 2018 13:17:44 +0300 Subject: [PATCH 0040/2197] integrate policy key usage in export and asymmetric sign functions --- library/psa_crypto.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d53d6ee40..a12b45400 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -469,6 +469,9 @@ psa_status_t psa_export_key(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); + if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) + return( PSA_ERROR_NOT_PERMITTED ); + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) @@ -1185,6 +1188,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); + if( !( slot->policy.usage & PSA_KEY_USAGE_SIGN ) ) + return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) From a97cb8c303a5d1e12f4169d4bdbdf137c6874b25 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 28 Mar 2018 03:46:26 -0700 Subject: [PATCH 0041/2197] Add calls for set policy in export/sign tests Add calls for set policy in export/sign tests --- tests/suites/test_suite_psa_crypto.function | 24 +++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index fc5684f14..653467b34 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -68,6 +68,7 @@ void import_export( char *hex, int type_arg, size_t reexported_length; psa_key_type_t got_type; size_t got_bits; + psa_key_policy_t policy = {0}; data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); @@ -81,6 +82,13 @@ void import_export( char *hex, int type_arg, } TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + PSA_ALG_VENDOR_FLAG ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, data, data_size ) == PSA_SUCCESS ); @@ -107,6 +115,8 @@ void import_export( char *hex, int type_arg, } else { + TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot2, type, exported, export_size ) == PSA_SUCCESS ); @@ -276,6 +286,7 @@ void sign_deterministic( int key_type_arg, char *key_hex, unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); @@ -286,6 +297,12 @@ void sign_deterministic( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_information( slot, @@ -331,6 +348,7 @@ void sign_fail( int key_type_arg, char *key_hex, psa_status_t expected_status = expected_status_arg; unsigned char *signature = NULL; size_t signature_length = 0xdeadbeef; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); @@ -341,6 +359,12 @@ void sign_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); From 4eed75790105950feb79779c6214719323711edf Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 28 Mar 2018 05:14:59 -0700 Subject: [PATCH 0042/2197] add new test scenarios --- library/psa_crypto.c | 7 +-- tests/suites/test_suite_psa_crypto.data | 6 +++ tests/suites/test_suite_psa_crypto.function | 54 ++++++++++++++++++++- 3 files changed, 61 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a12b45400..9fd0a61e2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1279,11 +1279,8 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg) { - if( policy != NULL ) - { - policy->usage = usage; - policy->alg = alg; - } + policy->usage = usage; + policy->alg = alg; } psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c1261bc12..2c2be2116 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -86,3 +86,9 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA Key Policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE + +PSA Key Policy enforcment - export +key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +PSA Key Policy enforcment - sign +key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_CBC_BASE:PSA_ERROR_NOT_PERMITTED:"" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 653467b34..b0cfe20bb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -389,7 +389,7 @@ exit: void key_policy( int usage_arg, int alg_arg ) { int key_slot = 1; - psa_key_type_t key_type = PSA_ALG_CBC_BASE; + psa_key_type_t key_type = PSA_KEY_TYPE_AES; unsigned char key[32] = {0}; psa_key_policy_t policy_set = {0}; psa_key_policy_t policy_get = {0}; @@ -423,3 +423,55 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_KEY_TYPE_AES; + unsigned char key[32] = {0}; + unsigned char* keypair = NULL; + size_t key_size = 0; + size_t signature_length = 0; + psa_key_policy_t policy = {0}; + int actual_status = PSA_SUCCESS; + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, usage_arg, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + switch( usage_arg ) + { + case PSA_KEY_USAGE_EXPORT: + keypair = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( keypair != NULL ); + key_type = PSA_KEY_TYPE_RSA_KEYPAIR; + TEST_ASSERT( psa_import_key( key_slot, key_type, + keypair, key_size ) == PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, + ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, + NULL, 0, &signature_length ); + break; + + case PSA_KEY_USAGE_SIGN: + key_type = PSA_KEY_TYPE_AES; + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + actual_status = psa_export_key( key_slot, NULL, 0, NULL ); + break; + default: + break; + } + + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From a59262338a3bd0ff909a9c9df14fa857a2be5945 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 28 Mar 2018 14:16:50 +0200 Subject: [PATCH 0043/2197] Rename PKCS1V15 to PKCS1V15_SIGN There's PKCS1V15_CRYPT as well (to be added soon). --- include/psa/crypto.h | 10 +++++----- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.data | 18 +++++++++--------- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e8b22e0f5..44cc7cc05 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -324,13 +324,13 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) -#define PSA_ALG_RSA_PKCS1V15_RAW ((psa_algorithm_t)0x10010000) +#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW ((psa_algorithm_t)0x10010000) #define PSA_ALG_RSA_PSS_MGF1 ((psa_algorithm_t)0x10020000) #define PSA_ALG_RSA_OAEP ((psa_algorithm_t)0x12020000) -#define PSA_ALG_RSA_PKCS1V15(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_PKCS1V15(alg) \ - (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW) +#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ + (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) #define PSA_ALG_RSA_GET_HASH(alg) \ (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c93da95b9..3ea87f642 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1211,7 +1211,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) - if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4f4bef14c..2de3df1eb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -54,32 +54,32 @@ depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128 +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_RAW:128 +signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256 -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):128 +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128 PSA signature size: RSA keypair, 1024 bits, PSS signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128 PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_RAW:128 +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_RAW:129 +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 PSA sign RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" +sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" PSA sign RSA PKCS#1 v1.5 SHA-256 -sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size -sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small -sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL From 6df908f23456dcf1f5c5ecb1cdc3df45035cbc15 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 2 Apr 2018 08:34:15 -0700 Subject: [PATCH 0044/2197] Add static internal MAC finish function add new psa_mac_finish_internal() to be called by psa_mac_finish() and psa_mac_verify() in order to be able to check key usage separatly. --- include/psa/crypto.h | 4 -- include/psa/crypto_struct.h | 2 + library/psa_crypto.c | 56 +++++++++++++-------- tests/suites/test_suite_psa_crypto.data | 6 +-- tests/suites/test_suite_psa_crypto.function | 43 ++++++++-------- 5 files changed, 61 insertions(+), 50 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 687a3499f..e8bea076d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -491,10 +491,6 @@ psa_status_t psa_export_public_key(psa_key_slot_t key, /** \brief Encoding of permitted usage on a key. */ typedef uint32_t psa_key_usage_t; -/** An invalid key usage value. - * */ -#define PSA_KEY_USAGE_NONE ((psa_key_usage_t)0x00000000) - /** Whether the key may be exported. * * A public key or the public part of a key pair may always be exported diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 898784013..eba4862c6 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -82,6 +82,8 @@ struct psa_mac_operation_s int iv_required : 1; int iv_set : 1; int has_input : 1; + int key_usage_sign : 1; + int key_usage_verify : 1; uint8_t mac_size; union { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9fd0a61e2..2391006f0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -986,6 +986,12 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( status ); slot = &global_data.key_slots[key]; + if ( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) + operation->key_usage_sign = 1; + + if ( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + operation->key_usage_verify = 1; + if( ! PSA_ALG_IS_HMAC( alg ) ) { cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); @@ -1084,7 +1090,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } -psa_status_t psa_mac_finish( psa_mac_operation_t *operation, +static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ) @@ -1136,6 +1142,17 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, } } +psa_status_t psa_mac_finish( psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ) +{ + if( !( operation->key_usage_sign ) ) + return( PSA_ERROR_NOT_PERMITTED ); + + return( psa_mac_finish_internal(operation, mac, mac_size, mac_length ) ); +} + #define MBEDTLS_PSA_MAC_MAX_SIZE \ ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \ MBEDTLS_MD_MAX_SIZE : \ @@ -1146,9 +1163,14 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, { uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE]; size_t actual_mac_length; - psa_status_t status = psa_mac_finish( operation, - actual_mac, sizeof( actual_mac ), - &actual_mac_length ); + psa_status_t status; + + if( !( operation->key_usage_verify ) ) + return( PSA_ERROR_NOT_PERMITTED ); + + status = psa_mac_finish_internal( operation, + actual_mac, sizeof( actual_mac ), + &actual_mac_length ); if( status != PSA_SUCCESS ) return( status ); if( actual_mac_length != mac_length ) @@ -1272,7 +1294,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, void psa_key_policy_init(psa_key_policy_t *policy) { - mbedtls_zeroize( policy, sizeof( policy ) ); + memset( policy, 0, sizeof( psa_key_policy_t ) ); } void psa_key_policy_set_usage(psa_key_policy_t *policy, @@ -1285,19 +1307,18 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy) { - return policy->usage; + return( policy->usage ); } psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy) { - return policy->alg; + return( policy->alg ); } psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy) { key_slot_t *slot; - psa_key_usage_t usage = PSA_KEY_USAGE_NONE; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1306,20 +1327,12 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - usage |= policy->usage & PSA_KEY_USAGE_EXPORT; - usage |= policy->usage & PSA_KEY_USAGE_ENCRYPT; - usage |= policy->usage & PSA_KEY_USAGE_DECRYPT; - usage |= policy->usage & PSA_KEY_USAGE_SIGN; - usage |= policy->usage & PSA_KEY_USAGE_VERIFY; - - if( usage == PSA_KEY_USAGE_NONE ) - { + if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT + | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN + | PSA_KEY_USAGE_VERIFY ) ) != 0 ) return( PSA_ERROR_INVALID_KEY_POLICY ); - } - //TODO: is there any check over the algorithm before setting the policy? - slot->policy.usage = policy->usage; - slot->policy.alg = policy->alg; + slot->policy = *policy; return( PSA_SUCCESS ); } @@ -1336,8 +1349,7 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - policy->usage = slot->policy.usage; - policy->alg = slot->policy.alg; + *policy = slot->policy; return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2c2be2116..da01e2381 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -87,8 +87,8 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA Key Policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE -PSA Key Policy enforcment - export +PSA Key Policy enforcement - export key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" -PSA Key Policy enforcment - sign -key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_CBC_BASE:PSA_ERROR_NOT_PERMITTED:"" +PSA Key Policy enforcement - sign +key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b0cfe20bb..bda2e7cea 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -221,6 +221,7 @@ void mac_verify( int key_type_arg, char *key_hex, unsigned char *expected_mac = NULL; size_t expected_mac_size; psa_mac_operation_t operation; + psa_key_policy_t policy; key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); @@ -236,6 +237,12 @@ void mac_verify( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key, key_size ) == PSA_SUCCESS ); // TODO: support IV @@ -427,7 +434,6 @@ exit: void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex ) { int key_slot = 1; - psa_key_type_t key_type = PSA_KEY_TYPE_AES; unsigned char key[32] = {0}; unsigned char* keypair = NULL; size_t key_size = 0; @@ -445,27 +451,22 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); - switch( usage_arg ) + if( usage_arg & PSA_KEY_USAGE_EXPORT ) { - case PSA_KEY_USAGE_EXPORT: - keypair = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( keypair != NULL ); - key_type = PSA_KEY_TYPE_RSA_KEYPAIR; - TEST_ASSERT( psa_import_key( key_slot, key_type, - keypair, key_size ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, - ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, - NULL, 0, &signature_length ); - break; - - case PSA_KEY_USAGE_SIGN: - key_type = PSA_KEY_TYPE_AES; - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - actual_status = psa_export_key( key_slot, NULL, 0, NULL ); - break; - default: - break; + keypair = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, + keypair, key_size ) == PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, + ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, + NULL, 0, &signature_length ); + } + + if( usage_arg & PSA_KEY_USAGE_SIGN ) + { + TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, + key, sizeof( key ) ) == PSA_SUCCESS ); + actual_status = psa_export_key( key_slot, NULL, 0, NULL ); } TEST_ASSERT( actual_status == expected_status ); From 9a1ba0dd3f8b95cf17f46331257dd2bc0ac7d0d5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Mar 2018 20:49:16 +0100 Subject: [PATCH 0045/2197] Typo in the documentation of psa_get_key_information --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 04e6b4796..e8b22e0f5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -392,7 +392,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * This may be a null pointer, in which case the key type * is not written. * \param bits On success, the key size in bits. - * This may be a null pointer, in which case the key type + * This may be a null pointer, in which case the key size * is not written. * * \retval PSA_SUCCESS From 8484565f856c2722bfaae27bb546eda5928bbefc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 28 Mar 2018 14:17:40 +0200 Subject: [PATCH 0046/2197] Minor errors in documentation around asymmetric signature --- include/psa/crypto.h | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 44cc7cc05..d4ebcba23 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1238,7 +1238,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ - 0) + ((void)alg, 0)) /** * \brief Sign a hash or short message with a private key. @@ -1261,8 +1261,6 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \param signature_size Size of the \c signature buffer in bytes. * \param signature_length On success, the number of bytes * that make up the returned signature value. - * This is at most #PSA_HASH_FINAL_SIZE(alg) - * (note that it may be less). * * \retval PSA_SUCCESS * \retval PSA_ERROR_BUFFER_TOO_SMALL From d926b880852490f791f75e6e161f6ad9c4fbc2bd Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 16 Apr 2018 01:53:20 -0700 Subject: [PATCH 0047/2197] Fix Policy enforcement sign test Fix Policy sign scenario for enforcement test --- tests/suites/test_suite_psa_crypto.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index bda2e7cea..ae5401a1c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -434,14 +434,11 @@ exit: void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex ) { int key_slot = 1; - unsigned char key[32] = {0}; unsigned char* keypair = NULL; size_t key_size = 0; size_t signature_length = 0; psa_key_policy_t policy = {0}; int actual_status = PSA_SUCCESS; - - memset( key, 0x2a, sizeof( key ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -464,8 +461,10 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key if( usage_arg & PSA_KEY_USAGE_SIGN ) { + keypair = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( keypair != NULL ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - key, sizeof( key ) ) == PSA_SUCCESS ); + keypair, key_size ) == PSA_SUCCESS ); actual_status = psa_export_key( key_slot, NULL, 0, NULL ); } @@ -473,6 +472,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key exit: psa_destroy_key( key_slot ); + mbedtls_free( keypair ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 9673cc8255fe01dc0bab2685ca4f120efc317279 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 11 Apr 2018 16:57:49 +0200 Subject: [PATCH 0048/2197] Define PSA_ALG_RSA_OAEP_MGF1(hash) --- include/psa/crypto.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f5db4d26b..f25837bfd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -331,7 +331,11 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ - (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) +#define PSA_ALG_RSA_OAEP_MGF1(hash_alg) \ + (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_OAEP_MGF1(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_RAW) #define PSA_ALG_RSA_GET_HASH(alg) \ (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) From 058e0b99631b4279a9f939c2773ee10beb197c73 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Mar 2018 16:20:19 +0100 Subject: [PATCH 0049/2197] Avoid empty unions When no algorithms are present in a category (e.g. no AEAD algorithm), the union in the corresponding operation structure was empty, which is not valid C. Add a dummy field to avoid this. --- include/psa/crypto_struct.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index c0a673860..898784013 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -50,6 +50,7 @@ struct psa_hash_operation_s psa_algorithm_t alg; union { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD2_C) mbedtls_md2_context md2; #endif @@ -84,6 +85,7 @@ struct psa_mac_operation_s uint8_t mac_size; union { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD_C) mbedtls_md_context_t hmac; #endif @@ -102,6 +104,7 @@ struct psa_cipher_operation_s uint8_t block_size; union { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ } ctx; }; @@ -115,6 +118,7 @@ struct psa_aead_operation_s uint8_t block_size; union { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ } ctx; }; From 6944f9a831d0c2a3c7acd4757311f8ad1beac427 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 28 Mar 2018 14:18:39 +0200 Subject: [PATCH 0050/2197] New functions: asymmetric encrypt/decrypt --- include/psa/crypto.h | 111 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 110 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d4ebcba23..d9c8fed6e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -326,7 +326,8 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW ((psa_algorithm_t)0x10010000) #define PSA_ALG_RSA_PSS_MGF1 ((psa_algorithm_t)0x10020000) -#define PSA_ALG_RSA_OAEP ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12010000) +#define PSA_ALG_RSA_OAEP_MGF1_BASE ((psa_algorithm_t)0x12020000) #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ @@ -1329,6 +1330,114 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, uint8_t *signature, size_t signature_size); +#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + ((void)alg, 0)) +#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) + +/** + * \brief Encrypt a short message with a public key. + * + * \param key Key slot containing a public key or an asymmetric + * key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \c key. + * \param input The message to encrypt. + * \param input_length Size of the \c input buffer in bytes. + * \param salt A salt or label, if supported by the encryption + * algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param output Buffer where the encrypted message is to be written. + * \param output_size Size of the \c output buffer in bytes. + * \param output_length On success, the number of bytes + * that make up the returned output. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \c output buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \c key. + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + */ +psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** + * \brief Decrypt a short message with a private key. + * + * \param key Key slot containing an asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \c key. + * \param input The message to decrypt. + * \param input_length Size of the \c input buffer in bytes. + * \param salt A salt or label, if supported by the encryption + * algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param output Buffer where the encrypted message is to be written. + * \param output_size Size of the \c output buffer in bytes. + * \param output_length On success, the number of bytes + * that make up the returned output. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \c output buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \c key. + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval PSA_ERROR_INVALID_PADDING + */ +psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + /**@}*/ #ifdef __cplusplus From 5feda72d7a4c3773833d46c1ea6268a5e00ff8be Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 16 Apr 2018 04:38:57 -0700 Subject: [PATCH 0051/2197] Remove usage of PSA_ERROR_INVALID_KEY_POLICY use PSA_ERROR_INVALID_ARGUMENT instead of INVALID_KEY_POLICY error --- include/psa/crypto.h | 2 -- library/psa_crypto.c | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e8bea076d..e8b22e0f5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -89,8 +89,6 @@ typedef enum { PSA_ERROR_INVALID_SIGNATURE, /** The decrypted padding is incorrect. */ PSA_ERROR_INVALID_PADDING, - /** The key policy is incorrect. */ - PSA_ERROR_INVALID_KEY_POLICY, /** An error occurred that does not correspond to any defined failure cause. */ PSA_ERROR_UNKNOWN_ERROR, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2391006f0..c516e38af 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1330,7 +1330,7 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) ) != 0 ) - return( PSA_ERROR_INVALID_KEY_POLICY ); + return( PSA_ERROR_INVALID_ARGUMENT ); slot->policy = *policy; From 06297936f23c2d025cfd39ed66e91802330d00e1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 11 Apr 2018 16:58:22 +0200 Subject: [PATCH 0052/2197] More precise bounds for PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE --- include/psa/crypto.h | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f25837bfd..1a2a7411d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1335,10 +1335,15 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, size_t signature_size); #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ - ((void)alg, 0)) + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + 0) #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ - PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + PSA_BITS_TO_BYTES(key_bits) - ((alg) == PSA_ALG_IS_RSA_OAEP_MGF1 ? \ + 2 * (PSA_ALG_RSA_GET_HASH(alg) + 1) : \ + 11 /*PKCS#1v1.5*/) : \ + 0) /** * \brief Encrypt a short message with a public key. From 9e7dc717b05296f4459c173d85b32f316167355e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 28 Mar 2018 14:18:50 +0200 Subject: [PATCH 0053/2197] New function: generate key/random --- include/psa/crypto.h | 65 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d9c8fed6e..3835ce46d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1440,6 +1440,71 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, /**@}*/ +/** \defgroup generation Key generation + * @{ + */ + +/** + * \brief Generate random bytes. + * + * \warning This function **can** fail! Callers MUST check the return status + * and MUST NOT use the content of the output buffer if the return + * status is not #PSA_SUCCESS. + * + * \note To generate a key, use psa_generate_key() instead. + * + * \param output Output buffer for the generated data. + * \param output_size Number of bytes to generate and output. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size); + +/** + * \brief Generate a key or key pair. + * + * \param key Slot where the key will be stored. This must be a + * valid slot for a key of the chosen type. It must + * be unoccupied. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param bits Key size in bits. + * \param parameters Extra parameters for key generation. The interpretation + * of this parameter depends on \c type. All types support + * \c NULL to use default parameters specified below. + * + * For any symmetric key type (type such that + * `PSA_KEY_TYPE_IS_ASYMMETRIC(type)` is false), \c parameters must be + * \c NULL. For asymmetric key types defined by this specification, + * the parameter type and the default parameters are defined by the + * table below. For vendor-defined key types, the vendor documentation + * shall define the parameter type and the default parameters. + * + * Type | Parameter type | Default parameters + * ---- | -------------- | ------------------ + * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | 65537 + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_generate_key(psa_key_slot_t key, + psa_key_type_t type, + size_t bits, + const void *parameters); + +/**@}*/ + #ifdef __cplusplus } #endif From 38a622b68ba4734b5b7c5c4da3b6c193c5d7dee4 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 17 Apr 2018 03:27:53 -0700 Subject: [PATCH 0054/2197] Function psa_get_key_policy() now return policy value for empty slots Function psa_get_key_policy() now return policy value for empty slots --- library/psa_crypto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c516e38af..a25362224 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1346,8 +1346,6 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); *policy = slot->policy; From 47c1bc0458dd91644a59f05d249d111d842d5802 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Mar 2018 17:55:04 +0100 Subject: [PATCH 0055/2197] Correct some return codes --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 81da8cef0..c93da95b9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -588,7 +588,7 @@ static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg ) case MBEDTLS_MD_RIPEMD160: return( PSA_ALG_RIPEMD160 ); default: - return( MBEDTLS_MD_NOT_SUPPORTED ); + return( 0 ); } } #endif @@ -1039,7 +1039,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } operation->key_set = 1; - return( 0 ); + return( PSA_SUCCESS ); } psa_status_t psa_mac_update( psa_mac_operation_t *operation, From f48af7fe7677bf6e30baa7ef73cc64e8b4c4f2f4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 28 Mar 2018 18:44:14 +0200 Subject: [PATCH 0056/2197] psa_generate_key: specify what the extra parameters mean --- include/psa/crypto.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3835ce46d..f5db4d26b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1407,7 +1407,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * supported. * \param salt_length Size of the \c salt buffer in bytes. * If \c salt is \c NULL, pass 0. - * \param output Buffer where the encrypted message is to be written. + * \param output Buffer where the decrypted message is to be written. * \param output_size Size of the \c output buffer in bytes. * \param output_length On success, the number of bytes * that make up the returned output. @@ -1485,9 +1485,9 @@ psa_status_t psa_generate_random(uint8_t *output, * table below. For vendor-defined key types, the vendor documentation * shall define the parameter type and the default parameters. * - * Type | Parameter type | Default parameters - * ---- | -------------- | ------------------ - * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | 65537 + * Type | Parameter type | Meaning | Parameters used if `parameters == NULL` + * ---- | -------------- | ------- | --------------------------------------- + * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537 * * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED From 804cd71bf8b5d01c1caaea1a482a7b50cf035104 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 20 Mar 2018 22:44:08 +0200 Subject: [PATCH 0057/2197] initial key lifetime implementation and tests --- include/psa/crypto.h | 41 +++++++++++-- library/psa_crypto.c | 49 ++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 21 +++++++ tests/suites/test_suite_psa_crypto.function | 65 +++++++++++++++++++++ 4 files changed, 172 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 04e6b4796..6caa62abf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -89,6 +89,10 @@ typedef enum { PSA_ERROR_INVALID_SIGNATURE, /** The decrypted padding is incorrect. */ PSA_ERROR_INVALID_PADDING, + /** The key lifetime value is incorrect. */ + PSA_ERROR_INVALID_LIFETIME, + /** The key lifetime can not be changed. */ + PSA_ERROR_KEY_LIFETIME_CHANGE, /** An error occurred that does not correspond to any defined failure cause. */ PSA_ERROR_UNKNOWN_ERROR, @@ -596,18 +600,47 @@ typedef uint32_t psa_key_lifetime_t; /** \brief Retrieve the lifetime of a key slot. * * The assignment of lifetimes to slots is implementation-dependent. + * + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param lifetime On success, the lifetime value. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_INVALID_ARGUMENT + * The key slot is invalid, + * or the key data is not correctly formatted. + * \retval PSA_ERROR_EMPTY_SLOT + * The key slot is not occupied. */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); /** \brief Change the lifetime of a key slot. + * + * \note In case a key slot has PSA_KEY_LIFETIME_WRITE_ONCE lifetime, + * it can not be changed and trying to set new value will return + * an error * - * Whether the lifetime of a key slot can be changed at all, and if so - * whether the lifetime of an occupied key slot can be changed, is - * implementation-dependent. + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param lifetime The lifetime value to be set for the given key. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_INVALID_ARGUMENT + * The key slot is invalid, + * or the key data is not correctly formatted. + * \retval PSA_ERROR_EMPTY_SLOT + * The key slot is not occupied. + * \retval PSA_ERROR_INVALID_LIFETIME + * The lifetime value is not valid. + * \retval PSA_ERROR_KEY_LIFETIME_CHANGE + * The key slot already has PSA_KEY_LIFETIME_WRITE_ONCE value, + * and can not be changed. */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, - const psa_key_lifetime_t *lifetime); + const psa_key_lifetime_t lifetime); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c93da95b9..5ba60e1ae 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -96,6 +96,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) typedef struct { psa_key_type_t type; + psa_key_lifetime_t lifetime; union { struct raw_data { uint8_t *data; @@ -362,6 +363,7 @@ psa_status_t psa_import_key(psa_key_slot_t key, } slot->type = type; + slot->lifetime = 0; return( PSA_SUCCESS ); } @@ -1260,6 +1262,53 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, } +/****************************************************************/ +/* Key Lifetime */ +/****************************************************************/ + +psa_status_t psa_get_key_lifetime(psa_key_slot_t key, + psa_key_lifetime_t *lifetime) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + slot = &global_data.key_slots[key]; + + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + *lifetime = slot->lifetime; + + return( PSA_SUCCESS ); +} + +psa_status_t psa_set_key_lifetime(psa_key_slot_t key, + const psa_key_lifetime_t lifetime) +{ + key_slot_t *slot; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + if( lifetime != PSA_KEY_LIFETIME_VOLATILE && + lifetime != PSA_KEY_LIFETIME_PERSISTENT && + lifetime != PSA_KEY_LIFETIME_WRITE_ONCE) + return( PSA_ERROR_INVALID_LIFETIME ); + + if ( slot->lifetime == PSA_KEY_LIFETIME_WRITE_ONCE ) + return( PSA_ERROR_KEY_LIFETIME_CHANGE ); + + slot->lifetime = liftime; + + return( PSA_SUCCESS ); +} + /****************************************************************/ /* Module setup */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4f4bef14c..9611c3248 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -83,3 +83,24 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL + +PSA Key Lifetime set and get volatile +key_lifetime:PSA_KEY_LIFETIME_VOLATILE + +PSA Key Lifetime set and get persistent +key_lifetime:PSA_KEY_LIFETIME_PERSISTENT + +PSA Key Lifetime set and get write_once +key_lifetime:PSA_KEY_LIFETIME_WRITE_ONCE + +PSA Key Lifetime set fail, invalid key slot +key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT + +PSA Key Lifetime set fail, unoccupied key slot +key_lifetime_set_fail:2:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_EMPTY_SLOT + +PSA Key Lifetime set fail, can not change write_once lifetime +key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_KEY_LIFETIME_CHANGE + +PSA Key Lifetime set fail, invalid key lifetime value +key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_LIFETIME diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 93817948c..d8dddff2c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -360,3 +360,68 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void key_lifetime( int lifetime_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_ALG_CBC_BASE; + unsigned char key[32] = {0}; + psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; + psa_key_lifetime_t lifetime_get; + + TEST_ASSERT( key != NULL ); + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( key_slot, lifetime_set )); + + TEST_ASSERT( psa_get_key_lifetime( key_slot, &lifetime_get )); + + TEST_ASSERT( lifetime_get == lifetime_set ); + +exit: + mbedtls_free( key ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_ALG_CBC_BASE; + unsigned char key[32] = {0}; + psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + + TEST_ASSERT( key != NULL ); + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); + + if( actual_status == PSA_SUCCESS ) + actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); + + TEST_ASSERT( expected_status == actual_status ); + +exit: + mbedtls_free( key ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 060ad8ac345b62c2b733345a575df22ccac3eb0e Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 20 Mar 2018 14:28:38 -0700 Subject: [PATCH 0058/2197] Compilation and tests fixes --- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.function | 12 ++++-------- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5ba60e1ae..329ee3dc5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1304,7 +1304,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, if ( slot->lifetime == PSA_KEY_LIFETIME_WRITE_ONCE ) return( PSA_ERROR_KEY_LIFETIME_CHANGE ); - slot->lifetime = liftime; + slot->lifetime = lifetime; return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d8dddff2c..b4bf66060 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -370,8 +370,6 @@ void key_lifetime( int lifetime_arg ) psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; psa_key_lifetime_t lifetime_get; - TEST_ASSERT( key != NULL ); - memset( key, 0x2a, sizeof( key ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -379,14 +377,15 @@ void key_lifetime( int lifetime_arg ) TEST_ASSERT( psa_import_key( key_slot, key_type, key, sizeof( key ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( key_slot, lifetime_set )); + TEST_ASSERT( psa_set_key_lifetime( key_slot, + lifetime_set ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_lifetime( key_slot, &lifetime_get )); + TEST_ASSERT( psa_get_key_lifetime( key_slot, + &lifetime_get ) == PSA_SUCCESS ); TEST_ASSERT( lifetime_get == lifetime_set ); exit: - mbedtls_free( key ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -403,8 +402,6 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_sta psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - TEST_ASSERT( key != NULL ); - memset( key, 0x2a, sizeof( key ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -420,7 +417,6 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_sta TEST_ASSERT( expected_status == actual_status ); exit: - mbedtls_free( key ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } From ba178511f4e82ee066b66f7a4a63d862f308dc27 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 21 Mar 2018 04:35:20 -0700 Subject: [PATCH 0059/2197] Remove unused and duplicated erros, fix documentation and tests Remove unused and duplicated erros, fix documentation and tests --- include/psa/crypto.h | 24 ++++++++------------- library/psa_crypto.c | 15 ++++++------- tests/suites/test_suite_psa_crypto.data | 10 ++------- tests/suites/test_suite_psa_crypto.function | 4 ++-- 4 files changed, 20 insertions(+), 33 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6caa62abf..6675ba45f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -89,10 +89,6 @@ typedef enum { PSA_ERROR_INVALID_SIGNATURE, /** The decrypted padding is incorrect. */ PSA_ERROR_INVALID_PADDING, - /** The key lifetime value is incorrect. */ - PSA_ERROR_INVALID_LIFETIME, - /** The key lifetime can not be changed. */ - PSA_ERROR_KEY_LIFETIME_CHANGE, /** An error occurred that does not correspond to any defined failure cause. */ PSA_ERROR_UNKNOWN_ERROR, @@ -582,15 +578,19 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, */ typedef uint32_t psa_key_lifetime_t; +/** An invalid key lifetime value. + */ +#define PSA_KEY_LIFETIME_NONE ((psa_key_lifetime_t)0x00000000) + /** A volatile key slot retains its content as long as the application is * running. It is guaranteed to be erased on a power reset. */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000001) /** A persistent key slot retains its content as long as it is not explicitly * destroyed. */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000002) /** A write-once key slot may not be modified once a key has been set. * It will retain its content as long as the device remains operational. @@ -617,11 +617,10 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); /** \brief Change the lifetime of a key slot. + * Whether the lifetime of a key slot can be changed at all, and if so + * whether the lifetime of an occupied key slot can be changed, is + * implementation-dependent. * - * \note In case a key slot has PSA_KEY_LIFETIME_WRITE_ONCE lifetime, - * it can not be changed and trying to set new value will return - * an error - * * \param key Slot whose content is to be exported. This must * be an occupied key slot. * \param lifetime The lifetime value to be set for the given key. @@ -633,11 +632,6 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * or the key data is not correctly formatted. * \retval PSA_ERROR_EMPTY_SLOT * The key slot is not occupied. - * \retval PSA_ERROR_INVALID_LIFETIME - * The lifetime value is not valid. - * \retval PSA_ERROR_KEY_LIFETIME_CHANGE - * The key slot already has PSA_KEY_LIFETIME_WRITE_ONCE value, - * and can not be changed. */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, const psa_key_lifetime_t lifetime); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 329ee3dc5..bdb47d249 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -363,7 +363,6 @@ psa_status_t psa_import_key(psa_key_slot_t key, } slot->type = type; - slot->lifetime = 0; return( PSA_SUCCESS ); } @@ -1292,17 +1291,17 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); + if( lifetime != PSA_KEY_LIFETIME_VOLATILE && + lifetime != PSA_KEY_LIFETIME_PERSISTENT && + lifetime != PSA_KEY_LIFETIME_WRITE_ONCE) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( lifetime != PSA_KEY_LIFETIME_VOLATILE && - lifetime != PSA_KEY_LIFETIME_PERSISTENT && - lifetime != PSA_KEY_LIFETIME_WRITE_ONCE) - return( PSA_ERROR_INVALID_LIFETIME ); - - if ( slot->lifetime == PSA_KEY_LIFETIME_WRITE_ONCE ) - return( PSA_ERROR_KEY_LIFETIME_CHANGE ); + if ( lifetime != PSA_KEY_LIFETIME_VOLATILE ) + return( PSA_ERROR_NOT_SUPPORTED ); slot->lifetime = lifetime; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9611c3248..be31c39bd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -87,12 +87,6 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA Key Lifetime set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE -PSA Key Lifetime set and get persistent -key_lifetime:PSA_KEY_LIFETIME_PERSISTENT - -PSA Key Lifetime set and get write_once -key_lifetime:PSA_KEY_LIFETIME_WRITE_ONCE - PSA Key Lifetime set fail, invalid key slot key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT @@ -100,7 +94,7 @@ PSA Key Lifetime set fail, unoccupied key slot key_lifetime_set_fail:2:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_EMPTY_SLOT PSA Key Lifetime set fail, can not change write_once lifetime -key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_KEY_LIFETIME_CHANGE +key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value -key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_LIFETIME +key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b4bf66060..7cb38d986 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -378,10 +378,10 @@ void key_lifetime( int lifetime_arg ) key, sizeof( key ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_set_key_lifetime( key_slot, - lifetime_set ) == PSA_SUCCESS ); + lifetime_set ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_lifetime( key_slot, - &lifetime_get ) == PSA_SUCCESS ); + &lifetime_get ) == PSA_SUCCESS ); TEST_ASSERT( lifetime_get == lifetime_set ); From 5d7ec2033dc7c35e669bda2a54520788e2c034ad Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 28 Mar 2018 01:29:41 +0300 Subject: [PATCH 0060/2197] fix key lifetime set implementation , tests accordingly --- library/psa_crypto.c | 4 ++-- tests/suites/test_suite_psa_crypto.data | 3 --- tests/suites/test_suite_psa_crypto.function | 13 +++---------- 3 files changed, 5 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bdb47d249..152fb17bf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1297,8 +1297,8 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + if( slot->type != PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_OCCUPIED_SLOT ); if ( lifetime != PSA_KEY_LIFETIME_VOLATILE ) return( PSA_ERROR_NOT_SUPPORTED ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index be31c39bd..6fd66ee2a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -90,9 +90,6 @@ key_lifetime:PSA_KEY_LIFETIME_VOLATILE PSA Key Lifetime set fail, invalid key slot key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT -PSA Key Lifetime set fail, unoccupied key slot -key_lifetime_set_fail:2:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_EMPTY_SLOT - PSA Key Lifetime set fail, can not change write_once lifetime key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 7cb38d986..c1bbe17ee 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -374,11 +374,11 @@ void key_lifetime( int lifetime_arg ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( key_slot, lifetime_set ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_lifetime( key_slot, &lifetime_get ) == PSA_SUCCESS ); @@ -396,19 +396,12 @@ exit: void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) { int key_slot = 1; - psa_key_type_t key_type = PSA_ALG_CBC_BASE; - unsigned char key[32] = {0}; psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - memset( key, 0x2a, sizeof( key ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); if( actual_status == PSA_SUCCESS ) From 1c34545cfe66610a062b377e68290fb406131fbb Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 16 Apr 2018 06:49:13 -0700 Subject: [PATCH 0061/2197] Remove usage of PSA_KEY_LIFETIME_NONE Remove usage of PSA_KEY_LIFETIME_NONE, initiate all key slot to PSA_KEY_LIFETIME_VOLATILE ini psa_crypto_init() --- include/psa/crypto.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6675ba45f..ac763f973 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -102,6 +102,10 @@ typedef enum { * * Applications may call this function more than once. Once a call * succeeds, subsequent calls are guaranteed to succeed. + * + * \note Initial lifetime value for each key slot is initiated + * to PSA_KEY_LIFETIME_VOLATILE, user should change this value + * before calling psa_import_key() if needed. * * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_MEMORY @@ -578,19 +582,15 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, */ typedef uint32_t psa_key_lifetime_t; -/** An invalid key lifetime value. - */ -#define PSA_KEY_LIFETIME_NONE ((psa_key_lifetime_t)0x00000000) - /** A volatile key slot retains its content as long as the application is * running. It is guaranteed to be erased on a power reset. */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) /** A persistent key slot retains its content as long as it is not explicitly * destroyed. */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000002) +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) /** A write-once key slot may not be modified once a key has been set. * It will retain its content as long as the device remains operational. From ea0500936eafd2db80c990c6fa770218a3f2c4fc Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 17 Apr 2018 00:31:34 -0700 Subject: [PATCH 0062/2197] Change behavior of psa_get_key_lifetime() psa_get_key_lifetime() behavior changed regarding empty slots, now it return the lifetime of and empty slots. Documentation in header file updated accordingly. --- include/psa/crypto.h | 12 ++---------- library/psa_crypto.c | 3 --- 2 files changed, 2 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ac763f973..07c1da1f9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -103,10 +103,6 @@ typedef enum { * Applications may call this function more than once. Once a call * succeeds, subsequent calls are guaranteed to succeed. * - * \note Initial lifetime value for each key slot is initiated - * to PSA_KEY_LIFETIME_VOLATILE, user should change this value - * before calling psa_import_key() if needed. - * * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_COMMUNICATION_FAILURE @@ -609,9 +605,7 @@ typedef uint32_t psa_key_lifetime_t; * Success. * \retval PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, - * or the key data is not correctly formatted. - * \retval PSA_ERROR_EMPTY_SLOT - * The key slot is not occupied. + * or the key data is not correctly formatted. */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); @@ -630,11 +624,9 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * \retval PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, * or the key data is not correctly formatted. - * \retval PSA_ERROR_EMPTY_SLOT - * The key slot is not occupied. */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, - const psa_key_lifetime_t lifetime); + psa_key_lifetime_t lifetime); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 152fb17bf..fef053919 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1274,9 +1274,6 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; - - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); *lifetime = slot->lifetime; From a7d245a4a220f7581ce9bf4497ab130a502d0730 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 17 Apr 2018 00:40:08 -0700 Subject: [PATCH 0063/2197] Fix return error values description Fix return PSA_ERROR_INVALID_ARGUMENT description for psa_set_key_lifetime() and psa_get_key_lifetime() --- include/psa/crypto.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 07c1da1f9..658403232 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -604,8 +604,7 @@ typedef uint32_t psa_key_lifetime_t; * \retval PSA_SUCCESS * Success. * \retval PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid, - * or the key data is not correctly formatted. + * The key slot is invalid. */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); @@ -623,7 +622,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * Success. * \retval PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, - * or the key data is not correctly formatted. + * or the lifetime value is invalid. */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime); From 8ca560293bae188211be21c96000c57b2bbcd409 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Apr 2018 14:07:59 +0200 Subject: [PATCH 0064/2197] Whitespace fixes --- include/psa/crypto.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 658403232..b18e22053 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -102,7 +102,7 @@ typedef enum { * * Applications may call this function more than once. Once a call * succeeds, subsequent calls are guaranteed to succeed. - * + * * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_COMMUNICATION_FAILURE @@ -596,11 +596,11 @@ typedef uint32_t psa_key_lifetime_t; /** \brief Retrieve the lifetime of a key slot. * * The assignment of lifetimes to slots is implementation-dependent. - * * \param key Slot whose content is to be exported. This must * be an occupied key slot. + * * \param lifetime On success, the lifetime value. - * + * * \retval PSA_SUCCESS * Success. * \retval PSA_ERROR_INVALID_ARGUMENT @@ -610,14 +610,15 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); /** \brief Change the lifetime of a key slot. + * * Whether the lifetime of a key slot can be changed at all, and if so * whether the lifetime of an occupied key slot can be changed, is * implementation-dependent. - * + * * \param key Slot whose content is to be exported. This must * be an occupied key slot. * \param lifetime The lifetime value to be set for the given key. - * + * * \retval PSA_SUCCESS * Success. * \retval PSA_ERROR_INVALID_ARGUMENT From 9bb53d7affd6aabd83ecb2bf45e058ebfdd0b0d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Apr 2018 14:09:24 +0200 Subject: [PATCH 0065/2197] Fix copypasta in lifetime function descriptions --- include/psa/crypto.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b18e22053..83e941f7e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -596,9 +596,8 @@ typedef uint32_t psa_key_lifetime_t; /** \brief Retrieve the lifetime of a key slot. * * The assignment of lifetimes to slots is implementation-dependent. - * \param key Slot whose content is to be exported. This must - * be an occupied key slot. * + * \param key Slot to query. * \param lifetime On success, the lifetime value. * * \retval PSA_SUCCESS @@ -615,9 +614,8 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * whether the lifetime of an occupied key slot can be changed, is * implementation-dependent. * - * \param key Slot whose content is to be exported. This must - * be an occupied key slot. - * \param lifetime The lifetime value to be set for the given key. + * \param key Slot whose lifetime is to be changed. + * \param lifetime The lifetime value to set for the given key slot. * * \retval PSA_SUCCESS * Success. From f0c9dd37d2b16a3d6e1e612d8a7ccf9ff208ae1a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Apr 2018 14:11:07 +0200 Subject: [PATCH 0066/2197] Added possible error codes for lifetime functions --- include/psa/crypto.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 83e941f7e..07a120c42 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -604,6 +604,9 @@ typedef uint32_t psa_key_lifetime_t; * Success. * \retval PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid. + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); @@ -622,6 +625,15 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * \retval PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, * or the lifetime value is invalid. + * \retval PSA_ERROR_NOT_SUPPORTED + * The implementation does not support the specified lifetime value, + * at least for the specified key slot. + * \retval PSA_ERROR_OCCUPIED_SLOT + * The slot contains a key, and the implementation does not support + * changing the lifetime of an occupied slot. + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime); From 5c7533923ad8cb45fe307bedb94204e564b6a76b Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 8 May 2018 11:18:38 +0300 Subject: [PATCH 0067/2197] ECDSA sign and verify implementation and tests ECDSA sign and verify implementation and tests --- include/psa/crypto.h | 1 + library/psa_crypto.c | 55 ++++++++++++++++++++- tests/suites/test_suite_psa_crypto.data | 24 +++++++-- tests/suites/test_suite_psa_crypto.function | 47 ++++++++++++++++++ 4 files changed, 122 insertions(+), 5 deletions(-) mode change 100644 => 100755 include/psa/crypto.h mode change 100644 => 100755 library/psa_crypto.c mode change 100644 => 100755 tests/suites/test_suite_psa_crypto.data mode change 100644 => 100755 tests/suites/test_suite_psa_crypto.function diff --git a/include/psa/crypto.h b/include/psa/crypto.h old mode 100644 new mode 100755 index f8b8ceadc..c0b318776 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -162,6 +162,7 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000) #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000) #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000) +#define PSA_KEY_TYPE_ECC_CURVE_NISTP256R1 ((psa_key_type_t)0x00000001) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) diff --git a/library/psa_crypto.c b/library/psa_crypto.c old mode 100644 new mode 100755 index 7e633a3ce..781e06f3a --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -281,6 +281,9 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_ECP_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + default: return( PSA_ERROR_UNKNOWN_ERROR ); } @@ -1278,9 +1281,59 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) { - // TODO + mbedtls_ecp_keypair *ecdsa = slot->data.ecp; + int ret; + const mbedtls_md_info_t *md_info; + mbedtls_md_type_t md_alg; + if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecdsa->grp.pbits ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + md_info = mbedtls_md_info_from_psa( alg ); + md_alg = mbedtls_md_get_type( md_info ); + ret = mbedtls_ecdsa_write_signature( ecdsa, md_alg, hash, hash_length, + signature, signature_length, mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ); + return( mbedtls_to_psa_error( ret ) ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ + { return( PSA_ERROR_NOT_SUPPORTED ); } +} + +psa_status_t psa_asymmetric_verify( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size ) +{ + key_slot_t *slot; + (void) salt; + (void) salt_length; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( !( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) ) + return( PSA_ERROR_NOT_PERMITTED ); + +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + mbedtls_ecp_keypair *ecdsa = slot->data.ecp; + int ret; + (void) alg; + ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, signature, + signature_size ); + return( mbedtls_to_psa_error( ret ) ); + } else #endif /* defined(MBEDTLS_ECP_C) */ { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data old mode 100644 new mode 100755 index 38f4b8090..c3f5f9001 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -33,10 +33,10 @@ PSA import/export RSA keypair: good, 1023-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1 -#PSA import/export EC secp256r1: good -#depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -#import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 -# +PSA import/export EC secp256r1: good +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):256:0:PSA_SUCCESS:1 + PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" @@ -78,6 +78,10 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA sign RSA PKCS#1 v1.5 SHA-256 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +PSA sign ECDSA SECP256R1 SHA-256 +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" + PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT @@ -104,3 +108,15 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA SECP256R1 SHA-256, output buffer too small +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL + +PSA sign ECDSA SECP256R1, invalid md alg +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT + +PSA verify ECDSA SECP256R1 SHA-256 +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function old mode 100644 new mode 100755 index de388dbc3..04a95d4f8 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -526,3 +526,50 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_verify( int key_type_arg, char *key_hex, + int alg_arg, char *hash_hex, char *signature_hex ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *hash_data = NULL; + size_t hash_size; + unsigned char *signature_data = NULL; + size_t signature_size; + psa_key_policy_t policy = {0}; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + hash_data = unhexify_alloc( hash_hex, &hash_size ); + TEST_ASSERT( hash_data != NULL ); + signature_data = unhexify_alloc( signature_hex, &signature_size ); + TEST_ASSERT( signature_data != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_asymmetric_verify( slot, alg, + hash_data, hash_size, + NULL, 0, + signature_data, signature_size ) == + PSA_SUCCESS ); +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( hash_data ); + mbedtls_free( signature_data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 7b30f8b0c92c879bff5f563dfd7097e07126623f Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 9 May 2018 16:07:36 +0300 Subject: [PATCH 0068/2197] Added handling for MBEDTLS_ERR_ECP_XXX error codes Added handling for MBEDTLS_ERR_ECP_XXX error codes --- library/psa_crypto.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 781e06f3a..edb81c435 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -282,7 +282,19 @@ static psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_HARDWARE_FAILURE ); case MBEDTLS_ERR_ECP_BAD_INPUT_DATA: + case MBEDTLS_ERR_ECP_INVALID_KEY: return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL: + return( PSA_ERROR_BUFFER_TOO_SMALL ); + case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH: + case MBEDTLS_ERR_ECP_VERIFY_FAILED: + return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_ECP_ALLOC_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); default: return( PSA_ERROR_UNKNOWN_ERROR ); From dd4ea38d583fa9b35eb2866f0058ff71e7faabee Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 3 Apr 2018 15:30:03 +0300 Subject: [PATCH 0069/2197] export public key --- include/psa/crypto.h | 2 +- library/psa_crypto.c | 51 +++++++++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 9 +++++ 3 files changed, 61 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f8b8ceadc..ca804f063 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -463,7 +463,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, * For standard key types, the output format is as follows: * * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY), - * is the DER representation of the public key defined by RFC 5280 + * the format is the DER representation of the public key defined by RFC 5280 * as SubjectPublicKeyInfo. * * \param key Slot whose content is to be exported. This must diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7e633a3ce..8f4cc202d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -521,6 +521,57 @@ psa_status_t psa_export_key(psa_key_slot_t key, } +psa_status_t psa_export_public_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + key_slot_t *slot; + psa_status_t status; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_EMPTY_SLOT ); + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS) + return( status ); + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + if( !(PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type)) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + +#if defined(MBEDTLS_PK_WRITE_C) + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || + PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + mbedtls_pk_context pk; + int ret; + mbedtls_pk_init( &pk ); + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + pk.pk_info = &mbedtls_rsa_info; + pk.pk_ctx = slot->data.rsa; + } + else + { + pk.pk_info = &mbedtls_eckey_info; + pk.pk_ctx = slot->data.ecp; + } + ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + if( ret < 0 ) + return( mbedtls_to_psa_error( ret ) ); + *data_length = ret; + return( PSA_SUCCESS ); + } +#endif /* defined(MBEDTLS_PK_WRITE_C) */ + /* This shouldn't happen in the reference implementation, but + it is valid for a special-purpose implementation to omit + support for exporting certain key types. */ + return( PSA_ERROR_NOT_SUPPORTED ); +} + /****************************************************************/ /* Message digests */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 38f4b8090..15c424ee6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -104,3 +104,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export RSA public key: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1 + From b4d0ddd2d3d32c08e204715eba089904e76b9d24 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 4 Apr 2018 12:47:52 +0300 Subject: [PATCH 0070/2197] psa_export_public_key --- include/psa/crypto.h | 4 +- library/psa_crypto.c | 11 ++-- tests/CMakeLists.txt | 1 + tests/suites/test_suite_psa_crypto.data | 5 +- tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++++++++ 5 files changed, 68 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ca804f063..f3a57014d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -180,8 +180,8 @@ typedef uint32_t psa_key_type_t; (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) /** Whether a key type is the public part of a key pair. */ #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG) == \ - PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)) + (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ + PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) /** Whether a key type is a key pair containing a private part and a public * part. */ #define PSA_KEY_TYPE_IS_KEYPAIR(type) \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8f4cc202d..57a392478 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -522,18 +522,15 @@ psa_status_t psa_export_key(psa_key_slot_t key, psa_status_t psa_export_public_key(psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length) + uint8_t *data, + size_t data_size, + size_t *data_length) { key_slot_t *slot; - psa_status_t status; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); - status = psa_get_key_slot( key, &slot ); - if( status != PSA_SUCCESS) - return( status ); + slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 58126bedc..d8b74f227 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -110,6 +110,7 @@ add_test_suite(pk) add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) +add_test_suite(psa_crypto) add_test_suite(shax) add_test_suite(ssl) add_test_suite(timing) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 15c424ee6..b04c281b8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -107,9 +107,8 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1 +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_SUCCESS PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1 - +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index de388dbc3..f4dbf1e1f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -526,3 +526,62 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + + +/* BEGIN_CASE */ +void import_export_public_key( char *hex, + int type_arg, + int expected_bits, + int expected_export_status ) +{ + int slot = 1; + psa_key_type_t type = type_arg; + psa_status_t status; + unsigned char *data = NULL; + unsigned char *exported = NULL; + size_t data_size; + size_t export_size; + size_t exported_length; + psa_key_type_t got_type; + size_t got_bits; + + data = unhexify_alloc( hex, &data_size ); + TEST_ASSERT( data != NULL ); + export_size = (ssize_t) data_size ; + exported = mbedtls_calloc( 1, export_size ); + TEST_ASSERT( exported != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data, data_size ) == PSA_SUCCESS ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( slot, + &got_type, &got_bits ) == PSA_SUCCESS ); + TEST_ASSERT( got_type == type ); + TEST_ASSERT( got_bits == (size_t) expected_bits ); + + /* Export the key */ + status = psa_export_public_key( slot, + exported, export_size, + &exported_length ); + TEST_ASSERT( status == (psa_status_t) expected_export_status ); + if( status != PSA_SUCCESS ) + goto destroy; + + + TEST_ASSERT( exported_length == data_size ); + +destroy: + /* Destroy the key */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + +exit: + mbedtls_free( data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ \ No newline at end of file From 5010828fb6039bb0741ade578dacac779785da23 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 16 Apr 2018 11:12:31 +0300 Subject: [PATCH 0071/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 57a392478..0fa400031 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -534,7 +534,7 @@ psa_status_t psa_export_public_key(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( !(PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type)) ) + if( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PK_WRITE_C) From 4ff99f36a7a6a3223ad79ad55f9c8334ae5d0143 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 16 Apr 2018 17:35:09 +0300 Subject: [PATCH 0072/2197] change test case descriptions + add newline of test_suite_psa_crypto.function --- tests/suites/test_suite_psa_crypto.data | 2 +- tests/suites/test_suite_psa_crypto.function | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b04c281b8..fcd320be9 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -109,6 +109,6 @@ PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_SUCCESS -PSA import/export RSA keypair: good, 1024-bit +PSA import/export-public PSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f4dbf1e1f..ae208be73 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -584,4 +584,4 @@ exit: mbedtls_free( data ); mbedtls_psa_crypto_free( ); } -/* END_CASE */ \ No newline at end of file +/* END_CASE */ From a998bc6ac99e63c7b81530655f9905a3a020089c Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 16 Apr 2018 18:16:20 +0300 Subject: [PATCH 0073/2197] psa_internal_export_key function for common code. create psa_internal_export_key function for common code in psa_export_key and psa_export_public_key. --- library/psa_crypto.c | 133 ++++++++++++++++++------------------------- 1 file changed, 54 insertions(+), 79 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0fa400031..7f18bd42b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -457,23 +457,28 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, return( PSA_SUCCESS ); } -psa_status_t psa_export_key(psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length) + +static psa_status_t psa_internal_export_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length, + int export_public_key) { key_slot_t *slot; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); - slot = &global_data.key_slots[key]; + slot = &global_data.key_slots[ key ]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - + if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) return( PSA_ERROR_NOT_PERMITTED ); + + if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); - if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + if( ( !export_public_key) && PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -483,41 +488,51 @@ psa_status_t psa_export_key(psa_key_slot_t key, } else #if defined(MBEDTLS_PK_WRITE_C) - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - mbedtls_pk_context pk; - int ret; - mbedtls_pk_init( &pk ); if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || + PSA_KEY_TYPE_IS_ECC( slot->type ) ) { - pk.pk_info = &mbedtls_rsa_info; - pk.pk_ctx = slot->data.rsa; + mbedtls_pk_context pk; + int ret; + mbedtls_pk_init( &pk ); + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + pk.pk_info = &mbedtls_rsa_info; + pk.pk_ctx = slot->data.rsa; + } + else + { + pk.pk_info = &mbedtls_eckey_info; + pk.pk_ctx = slot->data.ecp; + } + + if( ( ! export_public_key ) && PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + ret = mbedtls_pk_write_key_der( &pk, data, data_size ); + else + ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + if ( ret < 0 ) + return( mbedtls_to_psa_error( ret ) ); + *data_length = ret; + return( PSA_SUCCESS ); } else - { - pk.pk_info = &mbedtls_eckey_info; - pk.pk_ctx = slot->data.ecp; - } - if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - ret = mbedtls_pk_write_key_der( &pk, data, data_size ); - else - ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); - if( ret < 0 ) - return( mbedtls_to_psa_error( ret ) ); - *data_length = ret; - return( PSA_SUCCESS ); - } - else #endif /* defined(MBEDTLS_PK_WRITE_C) */ - { - /* This shouldn't happen in the reference implementation, but - it is valid for a special-purpose implementation to omit - support for exporting certain key types. */ - return( PSA_ERROR_NOT_SUPPORTED ); - } + { + /* This shouldn't happen in the reference implementation, but + it is valid for a special-purpose implementation to omit + support for exporting certain key types. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } +} + +psa_status_t psa_export_key(psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + return psa_internal_export_key( key, data, data_size, + data_length, 0 ); } @@ -526,50 +541,10 @@ psa_status_t psa_export_public_key(psa_key_slot_t key, size_t data_size, size_t *data_length) { - key_slot_t *slot; - - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); - - if( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - -#if defined(MBEDTLS_PK_WRITE_C) - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - mbedtls_pk_context pk; - int ret; - mbedtls_pk_init( &pk ); - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) - { - pk.pk_info = &mbedtls_rsa_info; - pk.pk_ctx = slot->data.rsa; - } - else - { - pk.pk_info = &mbedtls_eckey_info; - pk.pk_ctx = slot->data.ecp; - } - ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); - if( ret < 0 ) - return( mbedtls_to_psa_error( ret ) ); - *data_length = ret; - return( PSA_SUCCESS ); - } -#endif /* defined(MBEDTLS_PK_WRITE_C) */ - /* This shouldn't happen in the reference implementation, but - it is valid for a special-purpose implementation to omit - support for exporting certain key types. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return psa_internal_export_key( key, data, data_size, + data_length, 1 ); } - /****************************************************************/ /* Message digests */ /****************************************************************/ From 60364326174444c8ed3b8838db0331fc2c16b03e Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 29 Apr 2018 11:34:58 +0300 Subject: [PATCH 0074/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7f18bd42b..76d742088 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -511,7 +511,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, ret = mbedtls_pk_write_key_der( &pk, data, data_size ); else ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); - if ( ret < 0 ) + if( ret < 0 ) return( mbedtls_to_psa_error( ret ) ); *data_length = ret; return( PSA_SUCCESS ); From 17e36e1bd9dec3a74a05575ad8d6097cbafe3204 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 2 May 2018 12:55:20 +0300 Subject: [PATCH 0075/2197] fix conditions --- library/psa_crypto.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 76d742088..dddd88bba 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -468,7 +468,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); - slot = &global_data.key_slots[ key ]; + slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); @@ -478,7 +478,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( !export_public_key) && PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + if ( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -487,6 +487,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, return( PSA_SUCCESS ); } else + { #if defined(MBEDTLS_PK_WRITE_C) if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || @@ -506,11 +507,10 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, pk.pk_info = &mbedtls_eckey_info; pk.pk_ctx = slot->data.ecp; } - - if( ( ! export_public_key ) && PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - ret = mbedtls_pk_write_key_der( &pk, data, data_size ); - else + if ( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + else + ret = mbedtls_pk_write_key_der( &pk, data, data_size ); if( ret < 0 ) return( mbedtls_to_psa_error( ret ) ); *data_length = ret; @@ -524,6 +524,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, support for exporting certain key types. */ return( PSA_ERROR_NOT_SUPPORTED ); } + } } psa_status_t psa_export_key(psa_key_slot_t key, From 338a0cf569755475c0c4869e6f34f550beb3a6a9 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 2 May 2018 12:55:55 +0300 Subject: [PATCH 0076/2197] fix import_export_public_key test --- tests/suites/test_suite_psa_crypto.data | 4 ++-- tests/suites/test_suite_psa_crypto.function | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index fcd320be9..d483a74d1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -107,8 +107,8 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_SUCCESS +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:162:PSA_SUCCESS PSA import/export-public PSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_SUCCESS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:162:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ae208be73..6458aa382 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -532,6 +532,7 @@ exit: void import_export_public_key( char *hex, int type_arg, int expected_bits, + int public_key_expected_length, int expected_export_status ) { int slot = 1; @@ -572,7 +573,7 @@ void import_export_public_key( char *hex, goto destroy; - TEST_ASSERT( exported_length == data_size ); + TEST_ASSERT( exported_length == public_key_expected_length ); destroy: /* Destroy the key */ From b34879b61a89ee0ec5ed0124deabac6fa669f281 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 29 May 2018 16:45:14 +0300 Subject: [PATCH 0077/2197] fix import_export_public_key test to use policy --- tests/suites/test_suite_psa_crypto.function | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6458aa382..65b4739cb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -545,6 +545,7 @@ void import_export_public_key( char *hex, size_t exported_length; psa_key_type_t got_type; size_t got_bits; + psa_key_policy_t policy = {0}; data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); @@ -554,6 +555,13 @@ void import_export_public_key( char *hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + PSA_ALG_VENDOR_FLAG ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, data, data_size ) == PSA_SUCCESS ); From d732659867fa7174f6cfd2ee436cad6ab4e57b17 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 29 May 2018 16:56:39 +0300 Subject: [PATCH 0078/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dddd88bba..4df8533b1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -457,7 +457,6 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, return( PSA_SUCCESS ); } - static psa_status_t psa_internal_export_key(psa_key_slot_t key, uint8_t *data, size_t data_size, @@ -478,7 +477,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if ( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -507,7 +506,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, pk.pk_info = &mbedtls_eckey_info; pk.pk_ctx = slot->data.ecp; } - if ( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) + if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); else ret = mbedtls_pk_write_key_der( &pk, data, data_size ); @@ -1011,10 +1010,10 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( status ); slot = &global_data.key_slots[key]; - if ( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) + if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; - if ( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) operation->key_usage_verify = 1; if( ! PSA_ALG_IS_HMAC( alg ) ) @@ -1416,7 +1415,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - if ( lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) return( PSA_ERROR_NOT_SUPPORTED ); slot->lifetime = lifetime; From cceea98bfe2224843040c9f4e88d2d382dec757e Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 29 May 2018 16:59:38 +0300 Subject: [PATCH 0079/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4df8533b1..5fd11421d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -470,11 +470,12 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - + if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) ) + if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) + || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) From c425e87af7b639458d253e6db15798adca3bfe76 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 15:07:13 +0200 Subject: [PATCH 0080/2197] Add cast to satisfy gcc -Wsign-compare --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 65b4739cb..8c29f1d2e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -581,7 +581,7 @@ void import_export_public_key( char *hex, goto destroy; - TEST_ASSERT( exported_length == public_key_expected_length ); + TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); destroy: /* Destroy the key */ From 785fd55a39f37543bb613dba132771b5ab74e323 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 15:08:56 +0200 Subject: [PATCH 0081/2197] Whitespace fixes; removed redundant parentheses No semantic change. --- library/psa_crypto.c | 10 +++++----- tests/suites/test_suite_psa_crypto.function | 3 +-- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5fd11421d..d1960f727 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -473,9 +473,9 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) return( PSA_ERROR_NOT_PERMITTED ); - - if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) - || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) ) + + if( export_public_key && !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || + PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) @@ -520,8 +520,8 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, #endif /* defined(MBEDTLS_PK_WRITE_C) */ { /* This shouldn't happen in the reference implementation, but - it is valid for a special-purpose implementation to omit - support for exporting certain key types. */ + it is valid for a special-purpose implementation to omit + support for exporting certain key types. */ return( PSA_ERROR_NOT_SUPPORTED ); } } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8c29f1d2e..48c6228af 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -557,7 +557,7 @@ void import_export_public_key( char *hex, psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_VENDOR_FLAG ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); @@ -580,7 +580,6 @@ void import_export_public_key( char *hex, if( status != PSA_SUCCESS ) goto destroy; - TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); destroy: From 8756763cf1ff15a2a075f0677327f4d29c0a7588 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 4 Jun 2018 18:41:37 +0300 Subject: [PATCH 0082/2197] change error check on psa_internal_export_key func --- library/psa_crypto.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d1960f727..17d7d1a1f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -471,13 +471,13 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) - return( PSA_ERROR_NOT_PERMITTED ); - - if( export_public_key && !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || - PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) + if( export_public_key && ( !( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); + if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) && + ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) ) + return( PSA_ERROR_NOT_PERMITTED ); + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) From a964a8f9b0e8b2e6789aa1ae49b9607b08c1a436 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 4 Jun 2018 18:42:36 +0300 Subject: [PATCH 0083/2197] add non-regression tests for export public/non public key --- tests/suites/test_suite_psa_crypto.data | 28 +++++++++++++-------- tests/suites/test_suite_psa_crypto.function | 11 +++++--- 2 files changed, 25 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d483a74d1..42adea2a5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2,28 +2,32 @@ PSA init/deinit init_deinit: PSA import/export raw: 0 bytes -import_export:"":PSA_KEY_TYPE_RAW_DATA:0:0:PSA_SUCCESS:1 +import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1 +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 + +PSA import/export RSA keypair usage encrypt: bad, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -31,7 +35,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e PSA import/export RSA keypair: good, 1023-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1 +import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 #PSA import/export EC secp256r1: good #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -107,8 +111,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:162:PSA_SUCCESS +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS PSA import/export-public PSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:162:PSA_SUCCESS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS + +PSA import/export symmetric key: bad, 128-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE:128:162:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 48c6228af..e7a4ea56c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -49,7 +49,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void import_export( char *hex, int type_arg, +void import_export( char *hex, + int type_arg, + int alg_arg, + int usage_arg, int expected_bits, int export_size_delta, int expected_export_status, @@ -84,8 +87,7 @@ void import_export( char *hex, int type_arg, psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, - PSA_ALG_VENDOR_FLAG ); + psa_key_policy_set_usage( &policy, usage_arg, alg_arg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); @@ -531,6 +533,7 @@ exit: /* BEGIN_CASE */ void import_export_public_key( char *hex, int type_arg, + int alg_arg, int expected_bits, int public_key_expected_length, int expected_export_status ) @@ -558,7 +561,7 @@ void import_export_public_key( char *hex, psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, - PSA_ALG_VENDOR_FLAG ); + alg_arg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); From ce1b23a68c41e6155087628e58923d99b29e3b14 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 5 Jun 2018 11:11:23 +0300 Subject: [PATCH 0084/2197] PSA_ALG_CBC_BASE -> PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE + update tests description --- tests/suites/test_suite_psa_crypto.data | 28 ++++++++++++------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 42adea2a5..2467d86bb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2,32 +2,32 @@ PSA init/deinit init_deinit: PSA import/export raw: 0 bytes -import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 +import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 -PSA import/export RSA keypair usage encrypt: bad, 1024-bit +PSA import/export RSA keypair usage encrypt: bad, plicy usage set to ENCRYPT instead of EXPORT 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -35,7 +35,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e PSA import/export RSA keypair: good, 1023-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 +import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 #PSA import/export EC secp256r1: good #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -111,12 +111,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS PSA import/export-public PSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS -PSA import/export symmetric key: bad, 128-bit +PSA import/export symmetric key: bad, try to use export public key with symmetric key type 128-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE:128:162:PSA_ERROR_INVALID_ARGUMENT +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT From 503973bdf33e08ffa99f686ddf52834131d9964a Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 12 Mar 2018 15:59:30 +0200 Subject: [PATCH 0085/2197] initial implementation for PSA symmetric APIs - missing tests and documentations --- include/psa/crypto.h | 11 ++- include/psa/crypto_struct.h | 2 +- library/psa_crypto.c | 146 ++++++++++++++++++++++++++++++++++++ 3 files changed, 154 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f8b8ceadc..089484f19 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1057,12 +1057,15 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, - size_t input_length); + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length); psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length); + uint8_t *output, + size_t output_size, + size_t *output_length); psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index eba4862c6..2975bdcb0 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -106,7 +106,7 @@ struct psa_cipher_operation_s uint8_t block_size; union { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ + mbedtls_cipher_context_t cipher; } ctx; }; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7e633a3ce..428a237df 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1289,6 +1289,152 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, } +/****************************************************************/ +/* Symmetric cryptography */ +/****************************************************************/ + +psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); +{ + int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + psa_status_t status; + key_slot_t *slot; + psa_key_type_t key_type; + size_t key_bits; + const mbedtls_cipher_info_t *cipher_info = NULL; + + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->block_size = 0; + operation->iv_size = 0; + + status = psa_get_key_information( key, &key_type, &key_bits ); + if( status != PSA_SUCCESS ) + return( status ); + slot = &global_data.key_slots[key]; + + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); + if( cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + + operation->block_size = cipher_info->block_size; + + mbedtls_cipher_init( &operation->ctx.cipher ); + ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); + if (ret != 0) + { + psa_cipher_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } + + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, + key_bits, MBEDTLS_DECRYPT ); + if (ret != 0) + { + psa_cipher_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } + + operation->key_set = 1; + operation->alg = alg; + + return ( PSA_SUCCESS ); +} + +psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length) +{ + int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, iv_size); + if (ret != 0) + { + return( mbedtls_to_psa_error( ret ) ); + } + + *iv_length = iv_size; + retuen ( PSA_SUCCESS ); +} + +psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length) +{ + int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + + ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); + if (ret != 0) + { + psa_cipher_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } + + operation->iv_set = 1; + operation->iv_size = iv_length; + + return ( PSA_SUCCESS ); +} + +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length) +{ + int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + + ret = mbedtls_cipher_update( &operation->ctx.cipher, input, + input_length, output, output_length ); + if (ret != 0) + { + psa_cipher_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } + + return ( PSA_SUCCESS ); +} + +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + + if( ! operation->key_set ) + return( PSA_ERROR_BAD_STATE ); + if( ! operation->iv_set ) + return( PSA_ERROR_BAD_STATE ); + + ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, + output_length ); + if (ret != 0) + { + psa_cipher_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); + } + + return ( PSA_SUCCESS ); +} + +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) +{ + mbedtls_cipher_free( &operation->ctx.cipher ); + + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->block_size = 0; + operation->iv_size = 0; + + return ( PSA_SUCCESS ); +} + /****************************************************************/ /* Key Policy */ From 9bc76953ae20230f519328f1e74f5985d5345c6d Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 6 Jun 2018 17:25:35 +0300 Subject: [PATCH 0086/2197] export->export-public + move tests case --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2467d86bb..8d22fced5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -37,6 +37,18 @@ PSA import/export RSA keypair: good, 1023-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 +PSA import/export-public RSA public key: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS + +PSA import/export-public PSA keypair: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS + +PSA import/export-public symmetric key: bad, try to use export public key with symmetric key type 128-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT + #PSA import/export EC secp256r1: good #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1 @@ -108,15 +120,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT - -PSA import/export RSA public key: good, 1024-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS - -PSA import/export-public PSA keypair: good, 1024-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS - -PSA import/export symmetric key: bad, try to use export public key with symmetric key type 128-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT From 8275961178a62874496bf4c5090775ec8bce09da Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 12 Mar 2018 18:16:40 +0200 Subject: [PATCH 0087/2197] warnings fixes --- include/psa/crypto.h | 3 +-- library/psa_crypto.c | 15 ++++++++++----- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 089484f19..97819b74f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1046,8 +1046,7 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg); -psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, - unsigned char *iv, +psa_status_t psa_encrypt_generate_iv(unsigned char *iv, size_t iv_size, size_t *iv_length); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 428a237df..d349d1957 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1295,7 +1295,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, - psa_algorithm_t alg); + psa_algorithm_t alg) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; psa_status_t status; @@ -1343,13 +1343,12 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, return ( PSA_SUCCESS ); } -psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, - unsigned char *iv, +psa_status_t psa_encrypt_generate_iv(unsigned char *iv, size_t iv_size, size_t *iv_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, iv_size); if (ret != 0) { @@ -1357,7 +1356,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, } *iv_length = iv_size; - retuen ( PSA_SUCCESS ); + return ( PSA_SUCCESS ); } psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, @@ -1388,6 +1387,9 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + if ( output_size < input_length ) + return ( PSA_ERROR_BUFFER_TOO_SMALL ); + ret = mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ); if (ret != 0) @@ -1405,6 +1407,9 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, size_t *output_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + + if ( output_size < operation->block_size ) + return ( PSA_ERROR_BUFFER_TOO_SMALL ); if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); From f709f4a3564d7d02e86a73b1dee7d862b8bdb37e Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 6 Jun 2018 17:26:04 +0300 Subject: [PATCH 0088/2197] move import_export_public_key func place --- tests/suites/test_suite_psa_crypto.function | 136 ++++++++++---------- 1 file changed, 68 insertions(+), 68 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e7a4ea56c..22a5de69d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -143,6 +143,74 @@ exit: } /* END_CASE */ + +/* BEGIN_CASE */ +void import_export_public_key( char *hex, + int type_arg, + int alg_arg, + int expected_bits, + int public_key_expected_length, + int expected_export_status ) +{ + int slot = 1; + psa_key_type_t type = type_arg; + psa_status_t status; + unsigned char *data = NULL; + unsigned char *exported = NULL; + size_t data_size; + size_t export_size; + size_t exported_length; + psa_key_type_t got_type; + size_t got_bits; + psa_key_policy_t policy = {0}; + + data = unhexify_alloc( hex, &data_size ); + TEST_ASSERT( data != NULL ); + export_size = (ssize_t) data_size ; + exported = mbedtls_calloc( 1, export_size ); + TEST_ASSERT( exported != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data, data_size ) == PSA_SUCCESS ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( slot, + &got_type, &got_bits ) == PSA_SUCCESS ); + TEST_ASSERT( got_type == type ); + TEST_ASSERT( got_bits == (size_t) expected_bits ); + + /* Export the key */ + status = psa_export_public_key( slot, + exported, export_size, + &exported_length ); + TEST_ASSERT( status == (psa_status_t) expected_export_status ); + if( status != PSA_SUCCESS ) + goto destroy; + + TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); + +destroy: + /* Destroy the key */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + +exit: + mbedtls_free( data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_finish( int alg_arg, char *input_hex, char *hash_hex ) { @@ -528,71 +596,3 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ - - -/* BEGIN_CASE */ -void import_export_public_key( char *hex, - int type_arg, - int alg_arg, - int expected_bits, - int public_key_expected_length, - int expected_export_status ) -{ - int slot = 1; - psa_key_type_t type = type_arg; - psa_status_t status; - unsigned char *data = NULL; - unsigned char *exported = NULL; - size_t data_size; - size_t export_size; - size_t exported_length; - psa_key_type_t got_type; - size_t got_bits; - psa_key_policy_t policy = {0}; - - data = unhexify_alloc( hex, &data_size ); - TEST_ASSERT( data != NULL ); - export_size = (ssize_t) data_size ; - exported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( exported != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, - alg_arg ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, - data, data_size ) == PSA_SUCCESS ); - - /* Test the key information */ - TEST_ASSERT( psa_get_key_information( slot, - &got_type, &got_bits ) == PSA_SUCCESS ); - TEST_ASSERT( got_type == type ); - TEST_ASSERT( got_bits == (size_t) expected_bits ); - - /* Export the key */ - status = psa_export_public_key( slot, - exported, export_size, - &exported_length ); - TEST_ASSERT( status == (psa_status_t) expected_export_status ); - if( status != PSA_SUCCESS ) - goto destroy; - - TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); - -destroy: - /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); - -exit: - mbedtls_free( data ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ From d7d7ba5749287334271a559c64fd6379ae932381 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 12 Mar 2018 18:51:53 +0200 Subject: [PATCH 0089/2197] add positive test scenarios --- tests/suites/test_suite_psa_crypto.data | 9 ++ tests/suites/test_suite_psa_crypto.function | 141 ++++++++++++++++++++ 2 files changed, 150 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 38f4b8090..533bb71da 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -104,3 +104,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT + +PSA Symmetric encryption: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411" + +PSA Symmetric encryption/decryption: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411" + diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index de388dbc3..6f364938a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -526,3 +526,144 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +* BEGIN_CASE */ +void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, + char *key_hex, + char *input_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char *iv[16] = NULL; + size_t iv_size = 16; + size_t iv_length = 0; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output = NULL; + size_t output_size = 0; + size_t output_length = 0; + psa_cipher_operation_t operation; + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv, + iv_size, &iv_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, + iv_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + output, output_size, + &output_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + output_size - output_length, + &output_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, + char *key_hex, + char *input_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char *iv[16] = NULL; + size_t iv_size = 16; + size_t iv_length = 0; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output1 = NULL; + size_t output1_size = 0; + size_t output1_length = 0; + unsigned char *output2 = NULL; + size_t output2_size = 0; + size_t output2_length = 0; + size_t tmp_output_length = 0; + psa_cipher_operation_t operation1; + psa_cipher_operation_t operation2; + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, + iv_size, &iv_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv, + iv_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, + output1, output1_size, + &output1_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, + output1_size - output1_length, + &tmp_output_length) == PSA_SUCCESS ); + + output1_length += tmp_output_length; + + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, + iv_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_update( &operation2, output, output_length, + output2, output2_size, &output2_length) == PSA_SUCCESS ); + tmp_output_length = 0; + TEST_ASSERT( psa_cipher_finish( &operation, output2 + output2_length, + output2_size - output2_length, + &tmp_output_length) == PSA_SUCCESS ); + + output2_length += tmp_output_length; + + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == output1_length ); + TEST_ASSERT( output1_length == output2_length ); + TEST_ASSERT( memcmp( input, output, input_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From d1e8e41737ea221bbe179effb5255d217cdf0946 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 7 Jun 2018 09:49:39 +0200 Subject: [PATCH 0090/2197] Adapt older import_export test data to the new function signature --- include/psa/crypto.h | 2 ++ tests/suites/test_suite_psa_crypto.data | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0c9bf618f..c8a05a437 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -340,6 +340,8 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_RSA_GET_HASH(alg) \ (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) +#define PSA_ALG_ECDSA_RAW ((psa_algorithm_t)0x10030000) + /**@}*/ /** \defgroup key_management Key management diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d80c865c..9778a55cc 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -51,7 +51,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):256:0:PSA_SUCCESS:1 +import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C From e6b67a1e78808da6e750f53a5151a518c23558a8 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 12 Mar 2018 10:38:49 -0700 Subject: [PATCH 0091/2197] Fix parameters in test suite Fix test function signature in test suite --- tests/suites/test_suite_psa_crypto.function | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6f364938a..ce33228b2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -528,7 +528,7 @@ exit: /* END_CASE */ * BEGIN_CASE */ -void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, +void cipher_test_positive( int alg_arg, int key_type_arg, char *key_hex, char *input_hex ) { @@ -537,7 +537,7 @@ void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, psa_algorithm_t alg = alg_arg; unsigned char *key = NULL; size_t key_size; - unsigned char *iv[16] = NULL; + unsigned char iv[16] = {0}; size_t iv_size = 16; size_t iv_length = 0; unsigned char *input = NULL; @@ -560,7 +560,7 @@ void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv, + TEST_ASSERT( psa_encrypt_generate_iv( iv, iv_size, &iv_length) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, @@ -574,7 +574,7 @@ void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, output_size - output_length, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); exit: mbedtls_free( key ); @@ -585,7 +585,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, +void cipher_test_verify_output( int alg_arg, int key_type_arg, char *key_hex, char *input_hex ) { @@ -594,7 +594,7 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, psa_algorithm_t alg = alg_arg; unsigned char *key = NULL; size_t key_size; - unsigned char *iv[16] = NULL; + unsigned char iv[16] = {0}; size_t iv_size = 16; size_t iv_length = 0; unsigned char *input = NULL; @@ -622,7 +622,7 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, + TEST_ASSERT( psa_encrypt_generate_iv( iv, iv_size, &iv_length) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv, @@ -645,10 +645,10 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, iv_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation2, output, output_length, + TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, output2, output2_size, &output2_length) == PSA_SUCCESS ); tmp_output_length = 0; - TEST_ASSERT( psa_cipher_finish( &operation, output2 + output2_length, + TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS ); @@ -658,7 +658,7 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, TEST_ASSERT( input_size == output1_length ); TEST_ASSERT( output1_length == output2_length ); - TEST_ASSERT( memcmp( input, output, input_size ) == 0 ); + TEST_ASSERT( memcmp( input, output2, input_size ) == 0 ); exit: mbedtls_free( key ); From cdd3be9cfb9b1cd23b2b23d84bd71adaf117b7c0 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 13 Mar 2018 04:38:38 -0700 Subject: [PATCH 0092/2197] Add psa_crypto test suite to Cmake Add psa_crypto test suite to Cmake --- tests/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 58126bedc..d8b74f227 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -110,6 +110,7 @@ add_test_suite(pk) add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) +add_test_suite(psa_crypto) add_test_suite(shax) add_test_suite(ssl) add_test_suite(timing) From 990a18c2f00a8ff539b7bb3a781ac76e3c2357d7 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 14 Mar 2018 15:15:33 +0200 Subject: [PATCH 0093/2197] add ecb to cipher algorithms --- include/psa/crypto.h | 1 + library/psa_crypto.c | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 97819b74f..73cf7bd27 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -317,6 +317,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) #define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) +#define PSA_ALG_ECB_BASE ((psa_algorithm_t)0x04000005) #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800000) #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d349d1957..37befc0e5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -880,13 +880,14 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) { - if( PSA_ALG_IS_BLOCK_CIPHER( alg ) ) - alg &= ~PSA_ALG_BLOCK_CIPHER_MODE_MASK; switch( alg ) { case PSA_ALG_STREAM_CIPHER: mode = MBEDTLS_MODE_STREAM; break; + case PSA_ALG_ECB_BASE: + mode = MBEDTLS_MODE_ECB; + break; case PSA_ALG_CBC_BASE: mode = MBEDTLS_MODE_CBC; break; From efb0107fbe22de6461aab040d0b3714422587ccf Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 14 Mar 2018 17:03:52 +0200 Subject: [PATCH 0094/2197] CR fix, remove exposing ECB --- include/psa/crypto.h | 1 - library/psa_crypto.c | 3 --- 2 files changed, 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 73cf7bd27..97819b74f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -317,7 +317,6 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) #define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) -#define PSA_ALG_ECB_BASE ((psa_algorithm_t)0x04000005) #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800000) #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 37befc0e5..d170505c3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -885,9 +885,6 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_ALG_STREAM_CIPHER: mode = MBEDTLS_MODE_STREAM; break; - case PSA_ALG_ECB_BASE: - mode = MBEDTLS_MODE_ECB; - break; case PSA_ALG_CBC_BASE: mode = MBEDTLS_MODE_CBC; break; From 8481e74eccdbfdfe101e0e481aada00617bae9d4 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 18 Mar 2018 13:57:31 +0200 Subject: [PATCH 0095/2197] CR fixes more fixes Compilation fixes Compilation fixes for PSA crypto code and tests --- include/psa/crypto.h | 3 +- library/psa_crypto.c | 123 +++++++++++++++----- tests/suites/test_suite_psa_crypto.function | 4 +- 3 files changed, 99 insertions(+), 31 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 97819b74f..089484f19 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1046,7 +1046,8 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg); -psa_status_t psa_encrypt_generate_iv(unsigned char *iv, +psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, size_t iv_size, size_t *iv_length); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d170505c3..9a812b866 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -286,7 +286,40 @@ static psa_status_t mbedtls_to_psa_error( int ret ) } } +static void psa_operation_init(void *operation, + psa_algorithm_t alg) +{ + if( PSA_ALG_IS_MAC(alg) ) + { + if ( ((psa_mac_operation_t*)operation)->alg != 0 ) //restart + { + ((psa_mac_operation_t*)operation)->alg = 0; + ((psa_mac_operation_t*)operation)->iv_required = 0; + } + else + { + ((psa_mac_operation_t*)operation)->alg = alg; + ((psa_mac_operation_t*)operation)->iv_required = 1; + } + ((psa_mac_operation_t*)operation)->key_set = 0; + ((psa_mac_operation_t*)operation)->iv_set = 0; + ((psa_mac_operation_t*)operation)->has_input = 0; + ((psa_mac_operation_t*)operation)->mac_size = 0; + } + else if( PSA_ALG_IS_CIPHER(alg) ) + { + if ( ((psa_cipher_operation_t*)operation)->alg != 0 ) //restart + ((psa_cipher_operation_t*)operation)->alg = 0; + else + ((psa_cipher_operation_t*)operation)->alg = alg; + + ((psa_cipher_operation_t*)operation)->key_set = 0; + ((psa_cipher_operation_t*)operation)->iv_set = 0; + ((psa_cipher_operation_t*)operation)->iv_size = 0; + ((psa_cipher_operation_t*)operation)->block_size = 0; + } +} /****************************************************************/ /* Key management */ @@ -880,6 +913,10 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) { + if( PSA_ALG_IS_BLOCK_CIPHER( alg ) ) + { + alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + } switch( alg ) { case PSA_ALG_STREAM_CIPHER: @@ -955,11 +992,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); } - operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_required = 0; - operation->has_input = 0; + psa_operation_init(operation, 0); return( PSA_SUCCESS ); } @@ -974,11 +1007,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; - operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_required = 1; - operation->has_input = 0; + psa_operation_init(operation, alg); status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1291,9 +1320,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, /* Symmetric cryptography */ /****************************************************************/ -psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, +static psa_status_t psa_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, - psa_algorithm_t alg) + psa_algorithm_t alg, mbedtls_operation_t cipher_operation) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; psa_status_t status; @@ -1301,12 +1330,10 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_key_type_t key_type; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; + psa_algorithm_t padding_mode = PSA_ALG_BLOCK_CIPHER_PAD_NONE; + mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE; - operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->block_size = 0; - operation->iv_size = 0; + psa_operation_init(operation, alg); status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1328,33 +1355,78 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, } ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, - key_bits, MBEDTLS_DECRYPT ); + key_bits, cipher_operation ); if (ret != 0) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + if (( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE) + { + padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + + switch (padding_mode) + { + case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7: + mode = MBEDTLS_PADDING_PKCS7; + break; + case PSA_ALG_BLOCK_CIPHER_PAD_NONE: + mode = MBEDTLS_PADDING_NONE; + break; + default: + return ( PSA_ERROR_INVALID_PADDING ); + } + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); + if (ret != 0) + return( mbedtls_to_psa_error( ret ) ); + } +#endif //MBEDTLS_CIPHER_MODE_WITH_PADDING + operation->key_set = 1; operation->alg = alg; + operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type); + if ( PSA_ALG_IS_BLOCK_CIPHER(alg) ) + { + operation->iv_size = operation->block_size; + } return ( PSA_SUCCESS ); } -psa_status_t psa_encrypt_generate_iv(unsigned char *iv, +psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg) +{ + return psa_setup(operation, key, alg, MBEDTLS_ENCRYPT); +} + +psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg) +{ + return psa_setup(operation, key, alg, MBEDTLS_DECRYPT); +} + +psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, size_t iv_size, size_t *iv_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + if (iv_size < operation->iv_size) + return ( PSA_ERROR_BUFFER_TOO_SMALL ); - ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, iv_size); + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size); if (ret != 0) { return( mbedtls_to_psa_error( ret ) ); } - *iv_length = iv_size; - return ( PSA_SUCCESS ); + *iv_length = operation->iv_size; + + return psa_encrypt_set_iv( operation, iv, *iv_length); } psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, @@ -1371,7 +1443,6 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, } operation->iv_set = 1; - operation->iv_size = iv_length; return ( PSA_SUCCESS ); } @@ -1429,11 +1500,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) { mbedtls_cipher_free( &operation->ctx.cipher ); - operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->block_size = 0; - operation->iv_size = 0; + psa_operation_init(operation, 0); return ( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ce33228b2..66ab296ed 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -560,7 +560,7 @@ void cipher_test_positive( int alg_arg, int key_type_arg, TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( iv, + TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv, iv_size, &iv_length) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, @@ -622,7 +622,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( iv, + TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv, From 16864af80bae0f3c2717d8291c74ea265e15db25 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 19 Mar 2018 16:22:57 +0200 Subject: [PATCH 0096/2197] fix static function name --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9a812b866..57847fa1f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1320,7 +1320,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, /* Symmetric cryptography */ /****************************************************************/ -static psa_status_t psa_setup(psa_cipher_operation_t *operation, +static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg, mbedtls_operation_t cipher_operation) { @@ -1399,14 +1399,14 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg) { - return psa_setup(operation, key, alg, MBEDTLS_ENCRYPT); + return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT); } psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg) { - return psa_setup(operation, key, alg, MBEDTLS_DECRYPT); + return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT); } psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, From 3205a6592ba7b410bceadd49c8f263fcc45ced13 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 20 Mar 2018 17:09:59 +0200 Subject: [PATCH 0097/2197] tests fix --- library/psa_crypto.c | 6 +-- tests/suites/test_suite_psa_crypto.data | 5 +-- tests/suites/test_suite_psa_crypto.function | 44 ++++++++++----------- 3 files changed, 24 insertions(+), 31 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 57847fa1f..96eea5b9f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1425,7 +1425,6 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, } *iv_length = operation->iv_size; - return psa_encrypt_set_iv( operation, iv, *iv_length); } @@ -1476,16 +1475,13 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, size_t *output_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - - if ( output_size < operation->block_size ) - return ( PSA_ERROR_BUFFER_TOO_SMALL ); if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); if( ! operation->iv_set ) return( PSA_ERROR_BAD_STATE ); - ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, + ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, output_length ); if (ret != 0) { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 533bb71da..d8cab1fd4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -107,9 +107,8 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA Symmetric encryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411" +cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411" - +cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 66ab296ed..5b4702bef 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -542,11 +542,12 @@ void cipher_test_positive( int alg_arg, int key_type_arg, size_t iv_length = 0; unsigned char *input = NULL; size_t input_size = 0; - unsigned char *output = NULL; + unsigned char *output ; size_t output_size = 0; size_t output_length = 0; psa_cipher_operation_t operation; + key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); @@ -558,20 +559,19 @@ void cipher_test_positive( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key, key_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv, iv_size, &iv_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - iv_length) == PSA_SUCCESS ); + output_size = input_size; + output = mbedtls_calloc(0, output_size); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, output, output_size, &output_length) == PSA_SUCCESS ); - - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size - output_length, + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -599,10 +599,10 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, size_t iv_length = 0; unsigned char *input = NULL; size_t input_size = 0; - unsigned char *output1 = NULL; + unsigned char *output1; size_t output1_size = 0; size_t output1_length = 0; - unsigned char *output2 = NULL; + unsigned char *output2; size_t output2_size = 0; size_t output2_length = 0; size_t tmp_output_length = 0; @@ -620,39 +620,37 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key, key_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv, - iv_length) == PSA_SUCCESS ); - + output1_size = input_size; + output1 = mbedtls_calloc(0, output1_size); TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, output1, output1_size, &output1_length) == PSA_SUCCESS ); - - TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, + TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, output1_size - output1_length, &tmp_output_length) == PSA_SUCCESS ); - + output1_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); + output2_size = output1_length; + output2 = mbedtls_calloc(0, output2_size); - TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, + TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, iv_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, output2, output2_size, &output2_length) == PSA_SUCCESS ); tmp_output_length = 0; - TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, + TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS ); - - output2_length += tmp_output_length; + + output2_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); From e1210dcac39c6258b9d6f4435b81fe5be6c1b3c6 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 25 Mar 2018 15:44:12 +0300 Subject: [PATCH 0098/2197] remove unused parameter in psa_cipher_finish. --- include/psa/crypto.h | 1 - library/psa_crypto.c | 1 - tests/suites/test_suite_psa_crypto.function | 3 --- 3 files changed, 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 089484f19..b1c1abb06 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1064,7 +1064,6 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, - size_t output_size, size_t *output_length); psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 96eea5b9f..0d309c00b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1471,7 +1471,6 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, - size_t output_size, size_t *output_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5b4702bef..e3294a79b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -571,7 +571,6 @@ void cipher_test_positive( int alg_arg, int key_type_arg, output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -631,7 +630,6 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, output1, output1_size, &output1_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size - output1_length, &tmp_output_length) == PSA_SUCCESS ); output1_length += tmp_output_length; @@ -647,7 +645,6 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, output2, output2_size, &output2_length) == PSA_SUCCESS ); tmp_output_length = 0; TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS ); output2_length += tmp_output_length; From 41deec44947a9303fd6fee5e9e9ad3d9f470d167 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 4 Apr 2018 15:43:05 +0300 Subject: [PATCH 0099/2197] partly pr fix --- library/psa_crypto.c | 116 ++++++++++++++++++++----------------------- 1 file changed, 55 insertions(+), 61 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0d309c00b..0761978f7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -286,41 +286,6 @@ static psa_status_t mbedtls_to_psa_error( int ret ) } } -static void psa_operation_init(void *operation, - psa_algorithm_t alg) -{ - if( PSA_ALG_IS_MAC(alg) ) - { - if ( ((psa_mac_operation_t*)operation)->alg != 0 ) //restart - { - ((psa_mac_operation_t*)operation)->alg = 0; - ((psa_mac_operation_t*)operation)->iv_required = 0; - } - else - { - ((psa_mac_operation_t*)operation)->alg = alg; - ((psa_mac_operation_t*)operation)->iv_required = 1; - } - - ((psa_mac_operation_t*)operation)->key_set = 0; - ((psa_mac_operation_t*)operation)->iv_set = 0; - ((psa_mac_operation_t*)operation)->has_input = 0; - ((psa_mac_operation_t*)operation)->mac_size = 0; - } - else if( PSA_ALG_IS_CIPHER(alg) ) - { - if ( ((psa_cipher_operation_t*)operation)->alg != 0 ) //restart - ((psa_cipher_operation_t*)operation)->alg = 0; - else - ((psa_cipher_operation_t*)operation)->alg = alg; - - ((psa_cipher_operation_t*)operation)->key_set = 0; - ((psa_cipher_operation_t*)operation)->iv_set = 0; - ((psa_cipher_operation_t*)operation)->iv_size = 0; - ((psa_cipher_operation_t*)operation)->block_size = 0; - } -} - /****************************************************************/ /* Key management */ /****************************************************************/ @@ -992,7 +957,13 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); } - psa_operation_init(operation, 0); + + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 0; + operation->has_input = 0; + return( PSA_SUCCESS ); } @@ -1007,7 +978,11 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; - psa_operation_init(operation, alg); + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 1; + operation->has_input = 0; status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1333,7 +1308,11 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, psa_algorithm_t padding_mode = PSA_ALG_BLOCK_CIPHER_PAD_NONE; mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE; - psa_operation_init(operation, alg); + operation->alg = alg; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_size = 0; + operation->block_size = 0; status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1348,7 +1327,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, mbedtls_cipher_init( &operation->ctx.cipher ); ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); - if (ret != 0) + if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); @@ -1356,14 +1335,14 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, key_bits, cipher_operation ); - if (ret != 0) + if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if (( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE) + if( ( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE ) { padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; @@ -1376,10 +1355,10 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, mode = MBEDTLS_PADDING_NONE; break; default: - return ( PSA_ERROR_INVALID_PADDING ); + return ( PSA_ERROR_INVALID_ARGUMENT ); } ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); - if (ret != 0) + if( ret != 0 ) return( mbedtls_to_psa_error( ret ) ); } #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING @@ -1387,9 +1366,9 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, operation->key_set = 1; operation->alg = alg; operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type); - if ( PSA_ALG_IS_BLOCK_CIPHER(alg) ) + if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) ) { - operation->iv_size = operation->block_size; + operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type); } return ( PSA_SUCCESS ); @@ -1414,28 +1393,39 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, size_t iv_size, size_t *iv_length) { - int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - if (iv_size < operation->iv_size) - return ( PSA_ERROR_BUFFER_TOO_SMALL ); - - ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size); - if (ret != 0) + int ret = PSA_SUCCESS; + if( operation->iv_set ) + return( PSA_ERROR_BAD_STATE ); + if( iv_size < operation->iv_size ) { - return( mbedtls_to_psa_error( ret ) ); + ret = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size); + if( ret != 0 ) + { + ret = mbedtls_to_psa_error( ret ); + goto exit; } *iv_length = operation->iv_size; - return psa_encrypt_set_iv( operation, iv, *iv_length); + ret = psa_encrypt_set_iv( operation, iv, *iv_length); + + exit: + if( ret != PSA_SUCCESS) + psa_cipher_abort( operation ); + return( ret ); } psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, const unsigned char *iv, size_t iv_length) { - int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - + int ret = PSA_SUCCESS; + if( operation->iv_set ) + return( PSA_ERROR_BAD_STATE ); ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); - if (ret != 0) + if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); @@ -1455,12 +1445,12 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - if ( output_size < input_length ) + if( output_size < input_length ) return ( PSA_ERROR_BUFFER_TOO_SMALL ); ret = mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ); - if (ret != 0) + if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); @@ -1482,7 +1472,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, output_length ); - if (ret != 0) + if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); @@ -1495,8 +1485,12 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) { mbedtls_cipher_free( &operation->ctx.cipher ); - psa_operation_init(operation, 0); - + operation->alg = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_size = 0; + operation->block_size = 0; + return ( PSA_SUCCESS ); } From 89e0f468bfec34330f9ac29fe1066b902e9a6656 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 12 Apr 2018 08:48:45 +0300 Subject: [PATCH 0100/2197] style --- library/psa_crypto.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0761978f7..96d2c0f69 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1368,7 +1368,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type); if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) ) { - operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type); + operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); } return ( PSA_SUCCESS ); @@ -1401,7 +1401,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, ret = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size); + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size ); if( ret != 0 ) { ret = mbedtls_to_psa_error( ret ); @@ -1409,10 +1409,10 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, } *iv_length = operation->iv_size; - ret = psa_encrypt_set_iv( operation, iv, *iv_length); + ret = psa_encrypt_set_iv( operation, iv, *iv_length ); exit: - if( ret != PSA_SUCCESS) + if( ret != PSA_SUCCESS ) psa_cipher_abort( operation ); return( ret ); } From b152d4d8b6116746584a2011333295d855635bcc Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 11 Apr 2018 23:51:20 -0700 Subject: [PATCH 0101/2197] add test scenarios to decrypt and encrypt input and compare with given output --- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.data | 6 +- tests/suites/test_suite_psa_crypto.function | 82 +++++++++++++++++++-- 3 files changed, 82 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 96d2c0f69..9ad44e7f3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1365,7 +1365,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, operation->key_set = 1; operation->alg = alg; - operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type); + operation->block_size = PSA_ALG_IS_BLOCK_CIPHER( alg ) ? PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : 1; if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) ) { operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d8cab1fd4..3bf93b842 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -107,7 +107,11 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA Symmetric encryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_test_encrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e3294a79b..eb217f9f9 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -538,11 +538,10 @@ void cipher_test_positive( int alg_arg, int key_type_arg, unsigned char *key = NULL; size_t key_size; unsigned char iv[16] = {0}; - size_t iv_size = 16; - size_t iv_length = 0; unsigned char *input = NULL; size_t input_size = 0; - unsigned char *output ; + unsigned char *output; + unsigned char *expected_output; size_t output_size = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -553,6 +552,11 @@ void cipher_test_positive( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -561,10 +565,9 @@ void cipher_test_positive( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv, - iv_size, &iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, + sizeof( iv ) ) == PSA_SUCCESS ); - output_size = input_size; output = mbedtls_calloc(0, output_size); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, @@ -575,6 +578,9 @@ void cipher_test_positive( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + TEST_ASSERT( input_size == output_size ); + TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + exit: mbedtls_free( key ); mbedtls_free( input ); @@ -583,6 +589,70 @@ exit: } /* END_CASE */ + +/* BEGIN_CASE */ +void cipher_test_decrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t output_size = 0; + size_t output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, + sizeof( iv ) ) == PSA_SUCCESS ); + + output = mbedtls_calloc(0, output_size); + + TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + output, output_size, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + &output_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == output_size ); + TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + /* BEGIN_CASE */ void cipher_test_verify_output( int alg_arg, int key_type_arg, char *key_hex, From 4c80d8331a1cabbad3f61f7d1b16eadbadd3ad2c Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 22 Apr 2018 20:15:31 +0300 Subject: [PATCH 0102/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9ad44e7f3..bb74c2660 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -959,9 +959,9 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) } operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_required = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 0; operation->has_input = 0; return( PSA_SUCCESS ); @@ -979,9 +979,9 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, const mbedtls_cipher_info_t *cipher_info = NULL; operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_required = 1; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 1; operation->has_input = 0; status = psa_get_key_information( key, &key_type, &key_bits ); @@ -1358,7 +1358,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, return ( PSA_ERROR_INVALID_ARGUMENT ); } ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); - if( ret != 0 ) + if (ret != 0) return( mbedtls_to_psa_error( ret ) ); } #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING @@ -1413,7 +1413,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, exit: if( ret != PSA_SUCCESS ) - psa_cipher_abort( operation ); + psa_cipher_abort( operation ); return( ret ); } @@ -1478,7 +1478,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } - return ( PSA_SUCCESS ); + return( PSA_SUCCESS ); } psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) From 0071b873a3609885597e20be5ec6f428ceb22b95 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 22 Apr 2018 20:16:58 +0300 Subject: [PATCH 0103/2197] add missing parameter output_size on psa_cipher_finish --- include/psa/crypto.h | 1 + library/psa_crypto.c | 1 + tests/suites/test_suite_psa_crypto.function | 8 ++++---- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b1c1abb06..089484f19 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1064,6 +1064,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, + size_t output_size, size_t *output_length); psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bb74c2660..fbc5949dd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1461,6 +1461,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, + size_t output_size, size_t *output_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index eb217f9f9..bc46ad215 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -574,7 +574,7 @@ void cipher_test_positive( int alg_arg, int key_type_arg, output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - &output_length) == PSA_SUCCESS ); + output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -637,7 +637,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - &output_length) == PSA_SUCCESS ); + output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -700,7 +700,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, output1, output1_size, &output1_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - &tmp_output_length) == PSA_SUCCESS ); + output1_size, &tmp_output_length) == PSA_SUCCESS ); output1_length += tmp_output_length; @@ -715,7 +715,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, output2, output2_size, &output2_length) == PSA_SUCCESS ); tmp_output_length = 0; TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - &tmp_output_length) == PSA_SUCCESS ); + output2_size, &tmp_output_length) == PSA_SUCCESS ); output2_length += tmp_output_length; From bed71a2b17b5c7c046c5f4c0c3ae2176aaae200a Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 22 Apr 2018 20:19:20 +0300 Subject: [PATCH 0104/2197] fix missing check on output_size in psa_cipher_finish func --- include/psa/crypto.h | 4 ++++ library/psa_crypto.c | 22 ++++++++++++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 089484f19..31079525b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -321,6 +321,10 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) +#define PSA_ALG_IS_STREAM_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ + PSA_ALG_STREAM_CIPHER) + #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fbc5949dd..267262721 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1466,13 +1466,31 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ]; + if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); if( ! operation->iv_set ) return( PSA_ERROR_BAD_STATE ); + if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) + { + if (operation->ctx.cipher.unprocessed_len > operation->block_size) + return( PSA_ERROR_INVALID_ARGUMENT ); + if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) + && ( operation->ctx.cipher.unprocessed_len != 0 ) ) + return(PSA_ERROR_INVALID_ARGUMENT); + if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) + && ( output_size != operation->block_size ) ) + return(PSA_ERROR_INVALID_ARGUMENT); + } + if ( operation->ctx.cipher.operation == MBEDTLS_DECRYPT ) + if (operation->ctx.cipher.unprocessed_len != 0) + return( PSA_ERROR_INVALID_ARGUMENT ); - ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, - output_length ); + ret = mbedtls_cipher_finish(&operation->ctx.cipher, temp_output_buffer, + output_length); + if ( output_size > *output_length ) + memcpy( temp_output_buffer, output, *output_length ); if( ret != 0 ) { psa_cipher_abort( operation ); From 406008ab4c4a90e133b258ef0234997517876ed6 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 22 Apr 2018 20:20:29 +0300 Subject: [PATCH 0105/2197] add missing check on output_size in psa_cipher_update func --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 267262721..0e2d6dafa 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1445,7 +1445,8 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - if( output_size < input_length ) + if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && ( output_size < input_length ) ) + || ( ( PSA_ALG_IS_BLOCK_CIPHER(operation->alg)) && ( output_size < ((operation->ctx.cipher.unprocessed_len + input_length)/16)*16 ) ) ) return ( PSA_ERROR_BUFFER_TOO_SMALL ); ret = mbedtls_cipher_update( &operation->ctx.cipher, input, From 71f19ae6f8370f7f261f2c6979d0328a63deec27 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 22 Apr 2018 20:23:16 +0300 Subject: [PATCH 0106/2197] add missing call to psa_cipher_abort in cipher_setup func + iv_length check in cipher_set_iv func --- library/psa_crypto.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0e2d6dafa..b29b763f6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1359,7 +1359,10 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, } ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); if (ret != 0) + { + psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); + } } #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING @@ -1424,6 +1427,13 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, int ret = PSA_SUCCESS; if( operation->iv_set ) return( PSA_ERROR_BAD_STATE ); + if (iv_length != operation->iv_size) + { + if (((operation->alg) & PSA_ALG_ARC4) == PSA_ALG_ARC4) + return(PSA_ERROR_BAD_STATE); + else + return (PSA_ERROR_INVALID_ARGUMENT); + } ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); if( ret != 0 ) { @@ -1466,7 +1476,6 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, size_t *output_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ]; if( ! operation->key_set ) From ad9d82cc0e675ae2daec00d31d19b123998f2a23 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 30 Apr 2018 12:31:04 +0300 Subject: [PATCH 0107/2197] add iv_required field to psa_cipher_operation_s and fix relevant functions --- include/psa/crypto_struct.h | 1 + library/psa_crypto.c | 21 ++++++++++++--------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 2975bdcb0..639c15e76 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -101,6 +101,7 @@ struct psa_cipher_operation_s { psa_algorithm_t alg; int key_set : 1; + int iv_required : 1; int iv_set : 1; uint8_t iv_size; uint8_t block_size; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b29b763f6..c5a845664 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1309,9 +1309,10 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE; operation->alg = alg; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_size = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 1; + operation->iv_size = 0; operation->block_size = 0; status = psa_get_key_information( key, &key_type, &key_bits ); @@ -1397,7 +1398,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, size_t *iv_length) { int ret = PSA_SUCCESS; - if( operation->iv_set ) + if( operation->iv_set || !( operation->iv_required ) ) return( PSA_ERROR_BAD_STATE ); if( iv_size < operation->iv_size ) { @@ -1425,7 +1426,7 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, size_t iv_length) { int ret = PSA_SUCCESS; - if( operation->iv_set ) + if( operation->iv_set || !( operation->iv_required ) ) return( PSA_ERROR_BAD_STATE ); if (iv_length != operation->iv_size) { @@ -1442,6 +1443,7 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, } operation->iv_set = 1; + operation->iv_required = 0; return ( PSA_SUCCESS ); } @@ -1480,7 +1482,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); - if( ! operation->iv_set ) + if ( operation->iv_required && ! operation->iv_set ) return( PSA_ERROR_BAD_STATE ); if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) { @@ -1515,10 +1517,11 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) mbedtls_cipher_free( &operation->ctx.cipher ); operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_size = 0; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_size = 0; operation->block_size = 0; + operation->iv_required = 0; return ( PSA_SUCCESS ); } From dc38ebc068f0fe023a881785a63a6d465cc21003 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Mon, 30 Apr 2018 15:45:34 +0300 Subject: [PATCH 0108/2197] delete decrypt checks + fix memcpy& return value --- library/psa_crypto.c | 39 +++++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c5a845664..ee45a150f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1484,30 +1484,33 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, return( PSA_ERROR_BAD_STATE ); if ( operation->iv_required && ! operation->iv_set ) return( PSA_ERROR_BAD_STATE ); - if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) - { - if (operation->ctx.cipher.unprocessed_len > operation->block_size) - return( PSA_ERROR_INVALID_ARGUMENT ); - if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) - && ( operation->ctx.cipher.unprocessed_len != 0 ) ) - return(PSA_ERROR_INVALID_ARGUMENT); - if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) - && ( output_size != operation->block_size ) ) - return(PSA_ERROR_INVALID_ARGUMENT); - } - if ( operation->ctx.cipher.operation == MBEDTLS_DECRYPT ) - if (operation->ctx.cipher.unprocessed_len != 0) - return( PSA_ERROR_INVALID_ARGUMENT ); - ret = mbedtls_cipher_finish(&operation->ctx.cipher, temp_output_buffer, - output_length); - if ( output_size > *output_length ) - memcpy( temp_output_buffer, output, *output_length ); + if ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) + { + if( operation->ctx.cipher.unprocessed_len > operation->block_size ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) + && ( operation->ctx.cipher.unprocessed_len != 0 ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( ( ( ( operation->alg) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) + && ( output_size != operation->block_size ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer, + output_length ); if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } + if(output_size >= *output_length) + memcpy( output, temp_output_buffer, *output_length ); + else + { + psa_cipher_abort( operation ); + return( PSA_ERROR_BUFFER_TOO_SMALL ); + } return( PSA_SUCCESS ); } From 2cab25aacf6eff41cd171dcaf57719bd24983fef Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 2 May 2018 16:43:13 +0300 Subject: [PATCH 0109/2197] fix conditions in psa_cipher_finish function --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ee45a150f..3cf63a9b3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1489,11 +1489,11 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, { if( operation->ctx.cipher.unprocessed_len > operation->block_size ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) + if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) && ( operation->ctx.cipher.unprocessed_len != 0 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( ( ( operation->alg) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) - && ( output_size != operation->block_size ) ) + if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) + && ( *output_length != operation->block_size ) ) return( PSA_ERROR_INVALID_ARGUMENT ); } From a28258c594ec7752004ede906527f8aec41a8dc1 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 29 May 2018 16:25:04 +0300 Subject: [PATCH 0110/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3cf63a9b3..4f02bb2bc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -989,10 +989,10 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( status ); slot = &global_data.key_slots[key]; - if ( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) + \ ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; - if ( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) operation->key_usage_verify = 1; if( ! PSA_ALG_IS_HMAC( alg ) ) @@ -1347,7 +1347,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, { padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - switch (padding_mode) + switch ( padding_mode ) { case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7: mode = MBEDTLS_PADDING_PKCS7; @@ -1359,7 +1359,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, return ( PSA_ERROR_INVALID_ARGUMENT ); } ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); - if (ret != 0) + if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); @@ -1382,14 +1382,14 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg) { - return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT); + return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ); } psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg) { - return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT); + return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ); } psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, @@ -1428,12 +1428,12 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, int ret = PSA_SUCCESS; if( operation->iv_set || !( operation->iv_required ) ) return( PSA_ERROR_BAD_STATE ); - if (iv_length != operation->iv_size) + if( iv_length != operation->iv_size ) { - if (((operation->alg) & PSA_ALG_ARC4) == PSA_ALG_ARC4) - return(PSA_ERROR_BAD_STATE); + if( ( ( operation->alg ) & PSA_ALG_ARC4 ) == PSA_ALG_ARC4 ) + return( PSA_ERROR_BAD_STATE ); else - return (PSA_ERROR_INVALID_ARGUMENT); + return( PSA_ERROR_INVALID_ARGUMENT ); } ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); if( ret != 0 ) @@ -1482,10 +1482,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); - if ( operation->iv_required && ! operation->iv_set ) + if( operation->iv_required && ! operation->iv_set ) return( PSA_ERROR_BAD_STATE ); - if ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) + if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) { if( operation->ctx.cipher.unprocessed_len > operation->block_size ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1632,7 +1632,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - if ( lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) return( PSA_ERROR_NOT_SUPPORTED ); slot->lifetime = lifetime; From f55e804e0765249061977d2e3d165175c73560ae Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 29 May 2018 16:28:28 +0300 Subject: [PATCH 0111/2197] adjust indentation per Mbed TLS standards --- tests/suites/test_suite_psa_crypto.function | 36 ++++++++++----------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index bc46ad215..081b8d571 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -568,12 +568,12 @@ void cipher_test_positive( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output = mbedtls_calloc(0, output_size); + output = mbedtls_calloc(0, output_size); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, output, output_size, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -631,12 +631,12 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output = mbedtls_calloc(0, output_size); + output = mbedtls_calloc(0, output_size); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, output, output_size, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -689,35 +689,35 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key, key_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length) == PSA_SUCCESS ); - output1_size = input_size; - output1 = mbedtls_calloc(0, output1_size); + output1_size = input_size; + output1 = mbedtls_calloc(0, output1_size); TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, output1, output1_size, &output1_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size, &tmp_output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, + output1_size, &tmp_output_length) == PSA_SUCCESS ); output1_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - output2_size = output1_length; - output2 = mbedtls_calloc(0, output2_size); + output2_size = output1_length; + output2 = mbedtls_calloc(0, output2_size); - TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, - iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, + iv_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, output2, output2_size, &output2_length) == PSA_SUCCESS ); tmp_output_length = 0; - TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size, &tmp_output_length) == PSA_SUCCESS ); - - output2_length += tmp_output_length; + TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, + output2_size, &tmp_output_length) == PSA_SUCCESS ); + + output2_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); From 96cc00a8577e582e2a59bfc7412e73e0695ddf05 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 31 May 2018 14:03:56 +0300 Subject: [PATCH 0112/2197] add missing tests function --- tests/suites/test_suite_psa_crypto.function | 61 +++++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 081b8d571..6a7a2d12a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -589,6 +589,67 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_test_encrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t output_size = 0; + size_t output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, + sizeof( iv ) ) == PSA_SUCCESS ); + + output = mbedtls_calloc(0, output_size); + + TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + output, output_size, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + output_size, &output_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == output_size ); + TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ /* BEGIN_CASE */ void cipher_test_decrypt( int alg_arg, int key_type_arg, From 70531163a9a94d39f85e4b7118f60a391ca0c37f Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 31 May 2018 14:04:45 +0300 Subject: [PATCH 0113/2197] fix compilation error - missing if --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4f02bb2bc..56f3e1d4e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -989,7 +989,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( status ); slot = &global_data.key_slots[key]; - \ ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) + if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) From ae382791fba342d5a630b727f7ad144f053ad03a Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 31 May 2018 14:06:17 +0300 Subject: [PATCH 0114/2197] add missing psa_cipher_abort( operation ) --- library/psa_crypto.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 56f3e1d4e..a85b16845 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1356,7 +1356,8 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, mode = MBEDTLS_PADDING_NONE; break; default: - return ( PSA_ERROR_INVALID_ARGUMENT ); + psa_cipher_abort( operation ); + return( PSA_ERROR_INVALID_ARGUMENT ); } ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); if( ret != 0 ) @@ -1430,10 +1431,8 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, return( PSA_ERROR_BAD_STATE ); if( iv_length != operation->iv_size ) { - if( ( ( operation->alg ) & PSA_ALG_ARC4 ) == PSA_ALG_ARC4 ) - return( PSA_ERROR_BAD_STATE ); - else - return( PSA_ERROR_INVALID_ARGUMENT ); + psa_cipher_abort( operation ); + return( PSA_ERROR_INVALID_ARGUMENT ); } ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); if( ret != 0 ) From 395db875e6906ea6e064e742b448ab77e2c74343 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 31 May 2018 14:07:14 +0300 Subject: [PATCH 0115/2197] adjust indentation per Mbed TLS standards --- library/psa_crypto.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a85b16845..9f647af84 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1376,7 +1376,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); } - return ( PSA_SUCCESS ); + return( PSA_SUCCESS ); } psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, @@ -1416,10 +1416,10 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, *iv_length = operation->iv_size; ret = psa_encrypt_set_iv( operation, iv, *iv_length ); - exit: - if( ret != PSA_SUCCESS ) - psa_cipher_abort( operation ); - return( ret ); +exit: + if( ret != PSA_SUCCESS ) + psa_cipher_abort( operation ); + return( ret ); } psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, @@ -1444,7 +1444,7 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, operation->iv_set = 1; operation->iv_required = 0; - return ( PSA_SUCCESS ); + return( PSA_SUCCESS ); } psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, @@ -1455,10 +1455,12 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, size_t *output_length) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - - if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && ( output_size < input_length ) ) - || ( ( PSA_ALG_IS_BLOCK_CIPHER(operation->alg)) && ( output_size < ((operation->ctx.cipher.unprocessed_len + input_length)/16)*16 ) ) ) - return ( PSA_ERROR_BUFFER_TOO_SMALL ); + size_t expected_output_size = ( ( operation->ctx.cipher.unprocessed_len + input_length )/operation->block_size )*operation->block_size; + if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && + ( output_size < input_length ) ) || + ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && + ( output_size < expected_output_size ) ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); ret = mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ); @@ -1468,7 +1470,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } - return ( PSA_SUCCESS ); + return( PSA_SUCCESS ); } psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, @@ -1525,7 +1527,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) operation->block_size = 0; operation->iv_required = 0; - return ( PSA_SUCCESS ); + return( PSA_SUCCESS ); } From 3520c2c4f713c972afb80fce92109c032f491d4b Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 31 May 2018 14:51:58 +0300 Subject: [PATCH 0116/2197] unset iv_required to 0 (psa_encrypt_set_iv)and block_size (psa_cipher_setup) --- library/psa_crypto.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9f647af84..34b5e2530 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1324,8 +1324,6 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - operation->block_size = cipher_info->block_size; - mbedtls_cipher_init( &operation->ctx.cipher ); ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); if( ret != 0 ) @@ -1442,7 +1440,6 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, } operation->iv_set = 1; - operation->iv_required = 0; return( PSA_SUCCESS ); } From 7691fb7b6bd176ff4b0f715bc574af06287b80f8 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 31 May 2018 16:15:31 +0300 Subject: [PATCH 0117/2197] add new test scenario (cipher_test_encrypt_multipart) --- tests/suites/test_suite_psa_crypto.data | 12 ++++ tests/suites/test_suite_psa_crypto.function | 67 +++++++++++++++++++++ 2 files changed, 79 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3bf93b842..3d844d531 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -116,3 +116,15 @@ cipher_test_decrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf715880 PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric encryption multipart: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption multipart: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption multipart: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6a7a2d12a..e3007716f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -651,6 +651,73 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size, char *output_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t output_size = 0; + size_t output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, + sizeof( iv ) ) == PSA_SUCCESS ); + + output = mbedtls_calloc(0, output_size); + + TEST_ASSERT( (unsigned int)first_part_size < input_size ); + TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, + output, output_size, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, + output, output_size, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, + output_size, &output_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == output_size ); + TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_test_decrypt( int alg_arg, int key_type_arg, char *key_hex, From d8100245d8c5b8a70092ca16f60e63437069441d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 16:18:38 +0200 Subject: [PATCH 0118/2197] Remove cipher_test_positive, duplicated as cipher_test_encrypt cipher_test_positive was never compiled due to a syntax error in the BEGIN_CASE magic comment. It has now been duplicated as cipher_test_encrypt. Remove the copy that was never compiled. --- tests/suites/test_suite_psa_crypto.function | 62 --------------------- 1 file changed, 62 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e3007716f..4c62962d8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -527,68 +527,6 @@ exit: } /* END_CASE */ -* BEGIN_CASE */ -void cipher_test_positive( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex ) -{ - int key_slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; - unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t output_size = 0; - size_t output_length = 0; - psa_cipher_operation_t operation; - - - key = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &output_size ); - TEST_ASSERT( expected_output != NULL ); - - memset( iv, 0x2a, sizeof( iv ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); - - output = mbedtls_calloc(0, output_size); - - TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size, - &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size, &output_length) == PSA_SUCCESS ); - - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - - TEST_ASSERT( input_size == output_size ); - TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); - -exit: - mbedtls_free( key ); - mbedtls_free( input ); - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void cipher_test_encrypt( int alg_arg, int key_type_arg, char *key_hex, From e553c65cc3da11fa3137b4b0cb4af4cd694325b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 16:22:46 +0200 Subject: [PATCH 0119/2197] Fix indentation and horizontal whitespace Only whitespace changes in this commit. --- library/psa_crypto.c | 78 ++++++++++++++++++++++---------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 34b5e2530..ddc007bc8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1295,8 +1295,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, /* Symmetric cryptography */ /****************************************************************/ -static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, +static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, + psa_key_slot_t key, psa_algorithm_t alg, mbedtls_operation_t cipher_operation) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; @@ -1333,7 +1333,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, } ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, - key_bits, cipher_operation ); + key_bits, cipher_operation ); if( ret != 0 ) { psa_cipher_abort( operation ); @@ -1377,24 +1377,24 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, return( PSA_SUCCESS ); } -psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg) +psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) { return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ); } -psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg) +psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) { return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ); } -psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, - unsigned char *iv, - size_t iv_size, - size_t *iv_length) +psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length ) { int ret = PSA_SUCCESS; if( operation->iv_set || !( operation->iv_required ) ) @@ -1408,9 +1408,9 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, if( ret != 0 ) { ret = mbedtls_to_psa_error( ret ); - goto exit; + goto exit; } - + *iv_length = operation->iv_size; ret = psa_encrypt_set_iv( operation, iv, *iv_length ); @@ -1420,9 +1420,9 @@ exit: return( ret ); } -psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, - const unsigned char *iv, - size_t iv_length) +psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length ) { int ret = PSA_SUCCESS; if( operation->iv_set || !( operation->iv_required ) ) @@ -1444,23 +1444,23 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, return( PSA_SUCCESS ); } -psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - unsigned char *output, - size_t output_size, - size_t *output_length) +psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length ) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; size_t expected_output_size = ( ( operation->ctx.cipher.unprocessed_len + input_length )/operation->block_size )*operation->block_size; - if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && - ( output_size < input_length ) ) || - ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && - ( output_size < expected_output_size ) ) ) + if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && + ( output_size < input_length ) ) || + ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && + ( output_size < expected_output_size ) ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); ret = mbedtls_cipher_update( &operation->ctx.cipher, input, - input_length, output, output_length ); + input_length, output, output_length ); if( ret != 0 ) { psa_cipher_abort( operation ); @@ -1470,13 +1470,13 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, return( PSA_SUCCESS ); } -psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length) +psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length ) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ]; + uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); @@ -1496,13 +1496,13 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, } ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer, - output_length ); + output_length ); if( ret != 0 ) { psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } - if(output_size >= *output_length) + if( output_size >= *output_length ) memcpy( output, temp_output_buffer, *output_length ); else { @@ -1513,10 +1513,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, return( PSA_SUCCESS ); } -psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) -{ +psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) +{ mbedtls_cipher_free( &operation->ctx.cipher ); - + operation->alg = 0; operation->key_set = 0; operation->iv_set = 0; From 7e9288520f317045a1c5fa63ba1c192d03931db5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 16:23:10 +0200 Subject: [PATCH 0120/2197] Wrap lines to 80 columns --- library/psa_crypto.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ddc007bc8..621e733ef 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1297,7 +1297,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_key_slot_t key, - psa_algorithm_t alg, mbedtls_operation_t cipher_operation) + psa_algorithm_t alg, + mbedtls_operation_t cipher_operation ) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; psa_status_t status; @@ -1368,7 +1369,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->key_set = 1; operation->alg = alg; - operation->block_size = PSA_ALG_IS_BLOCK_CIPHER( alg ) ? PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : 1; + operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ? + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : + 1 ); if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) ) { operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -1404,7 +1407,8 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, ret = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size ); + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, + iv, operation->iv_size ); if( ret != 0 ) { ret = mbedtls_to_psa_error( ret ); @@ -1452,7 +1456,9 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, size_t *output_length ) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - size_t expected_output_size = ( ( operation->ctx.cipher.unprocessed_len + input_length )/operation->block_size )*operation->block_size; + size_t expected_output_size = + ( ( operation->ctx.cipher.unprocessed_len + input_length ) / + operation->block_size ) * operation->block_size; if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && ( output_size < input_length ) ) || ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && @@ -1487,10 +1493,12 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, { if( operation->ctx.cipher.unprocessed_len > operation->block_size ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) + if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) + == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) && ( operation->ctx.cipher.unprocessed_len != 0 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) + if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) + == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) && ( *output_length != operation->block_size ) ) return( PSA_ERROR_INVALID_ARGUMENT ); } From 89d789c9bc7785e511091dda26b5d946afd9b992 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Jun 2018 17:17:16 +0200 Subject: [PATCH 0121/2197] Refactor some argument checks for readability No intended behavior change. --- library/psa_crypto.c | 42 +++++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 621e733ef..4d84ab252 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1456,13 +1456,22 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, size_t *output_length ) { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - size_t expected_output_size = - ( ( operation->ctx.cipher.unprocessed_len + input_length ) / - operation->block_size ) * operation->block_size; - if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && - ( output_size < input_length ) ) || - ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && - ( output_size < expected_output_size ) ) ) + size_t expected_output_size; + if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) + { + /* Take the unprocessed partial block left over from previous + * update calls, if any, plus the input to this call. Remove + * the last partial block, if any. You get the data that will be + * output in this call. */ + expected_output_size = + ( operation->ctx.cipher.unprocessed_len + input_length ) + / operation->block_size * operation->block_size; + } + else + { + expected_output_size = input_length; + } + if( output_size < expected_output_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); ret = mbedtls_cipher_update( &operation->ctx.cipher, input, @@ -1493,14 +1502,17 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, { if( operation->ctx.cipher.unprocessed_len > operation->block_size ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) - == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) - && ( operation->ctx.cipher.unprocessed_len != 0 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) - == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) - && ( *output_length != operation->block_size ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + switch( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) + { + case PSA_ALG_BLOCK_CIPHER_PAD_NONE: + if( operation->ctx.cipher.unprocessed_len != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; + case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7: + if( *output_length != operation->block_size ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; + } } ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer, From 5eb6e9ed60d42ebd8c11e167ca014d7502105037 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 5 Jun 2018 11:38:39 +0300 Subject: [PATCH 0122/2197] PSA_ALG_CBC_BASE -> SA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE --- tests/suites/test_suite_psa_crypto.data | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d844d531..3519f11c3 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -85,7 +85,7 @@ PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL PSA Key Policy set and get -key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE +key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE PSA Key Policy enforcement - export key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" @@ -107,24 +107,24 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA Symmetric encryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" +cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric encryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" +cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption multipart: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric encryption multipart: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric encryption multipart: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" From 7cb22b8327e97838c4b51d03b74e0f076ad77925 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 5 Jun 2018 11:40:02 +0300 Subject: [PATCH 0123/2197] abort operation before return + fix error checks --- library/psa_crypto.c | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4d84ab252..78e0dc485 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1342,7 +1342,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( ( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE ) + if( ( alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_CBC_BASE ) { padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; @@ -1494,24 +1494,29 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; if( ! operation->key_set ) - return( PSA_ERROR_BAD_STATE ); - if( operation->iv_required && ! operation->iv_set ) - return( PSA_ERROR_BAD_STATE ); - - if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) { - if( operation->ctx.cipher.unprocessed_len > operation->block_size ) - return( PSA_ERROR_INVALID_ARGUMENT ); - switch( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) + psa_cipher_abort( operation ); + return( PSA_ERROR_BAD_STATE ); + } + if( operation->iv_required && ! operation->iv_set ) + { + psa_cipher_abort( operation ); + return( PSA_ERROR_BAD_STATE ); + } + if( ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) + { + if( operation->ctx.cipher.unprocessed_len >= operation->block_size ) { - case PSA_ALG_BLOCK_CIPHER_PAD_NONE: - if( operation->ctx.cipher.unprocessed_len != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; - case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7: - if( *output_length != operation->block_size ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; + psa_cipher_abort( operation ); + return( PSA_ERROR_TAMPERING_DETECTED ); + } + if( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) + { + if( operation->ctx.cipher.unprocessed_len != 0 ) + { + psa_cipher_abort( operation ); + return( PSA_ERROR_INVALID_ARGUMENT ); + } } } From 5351420b3e5a4e26c58ddc6341bc026fbea519a4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 15:11:46 +0200 Subject: [PATCH 0124/2197] Use block local variable for padding_mode for readability No intended behavior change. --- library/psa_crypto.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 78e0dc485..7b5979778 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1306,8 +1306,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_key_type_t key_type; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; - psa_algorithm_t padding_mode = PSA_ALG_BLOCK_CIPHER_PAD_NONE; - mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE; operation->alg = alg; operation->key_set = 0; @@ -1344,7 +1342,8 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) if( ( alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_CBC_BASE ) { - padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + psa_algorithm_t padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + mbedtls_cipher_padding_t mode; switch ( padding_mode ) { @@ -1505,12 +1504,14 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, } if( ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) { + psa_algorithm_t padding_mode = + operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; if( operation->ctx.cipher.unprocessed_len >= operation->block_size ) { psa_cipher_abort( operation ); return( PSA_ERROR_TAMPERING_DETECTED ); } - if( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) + if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) { if( operation->ctx.cipher.unprocessed_len != 0 ) { From 2c5219a06d65d3677f90b4a3a5407cbc0d0e3067 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 15:12:32 +0200 Subject: [PATCH 0125/2197] Whitespace normalization No semantic change. --- library/psa_crypto.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7b5979778..dc25dfb4d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1499,23 +1499,24 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, } if( operation->iv_required && ! operation->iv_set ) { - psa_cipher_abort( operation ); + psa_cipher_abort( operation ); return( PSA_ERROR_BAD_STATE ); } - if( ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) + if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT && + PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) { psa_algorithm_t padding_mode = operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; if( operation->ctx.cipher.unprocessed_len >= operation->block_size ) { - psa_cipher_abort( operation ); + psa_cipher_abort( operation ); return( PSA_ERROR_TAMPERING_DETECTED ); } if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) { if( operation->ctx.cipher.unprocessed_len != 0 ) { - psa_cipher_abort( operation ); + psa_cipher_abort( operation ); return( PSA_ERROR_INVALID_ARGUMENT ); } } From 691dfb3e3a3292cc98616916b6dc3d946bf9025e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 15:18:02 +0200 Subject: [PATCH 0126/2197] Whitespce normalization No semantic change. --- tests/suites/test_suite_psa_crypto.function | 47 +++++++++++---------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4c62962d8..058c34411 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -528,9 +528,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_encrypt( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, char *output_hex ) +void cipher_test_encrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; @@ -557,7 +557,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -571,7 +571,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, output = mbedtls_calloc(0, output_size); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size, + output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, output_size, &output_length) == PSA_SUCCESS ); @@ -590,7 +590,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, +void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, char *key_hex, char *input_hex, int first_part_size, char *output_hex ) @@ -620,7 +620,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -629,16 +629,17 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); + sizeof( iv ) ) == PSA_SUCCESS ); output = mbedtls_calloc(0, output_size); TEST_ASSERT( (unsigned int)first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_size, + output, output_size, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, output_size, + TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, + input_size - first_part_size, + output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, output_size, &output_length) == PSA_SUCCESS ); @@ -657,7 +658,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_decrypt( int alg_arg, int key_type_arg, +void cipher_test_decrypt( int alg_arg, int key_type_arg, char *key_hex, char *input_hex, char *output_hex ) { @@ -686,7 +687,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -700,7 +701,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, output = mbedtls_calloc(0, output_size); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size, + output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, output_size, &output_length) == PSA_SUCCESS ); @@ -720,7 +721,7 @@ exit: /* BEGIN_CASE */ -void cipher_test_verify_output( int alg_arg, int key_type_arg, +void cipher_test_verify_output( int alg_arg, int key_type_arg, char *key_hex, char *input_hex ) { @@ -749,7 +750,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -763,11 +764,11 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, output1_size = input_size; output1 = mbedtls_calloc(0, output1_size); TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, - output1, output1_size, + output1, output1_size, &output1_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size, &tmp_output_length) == PSA_SUCCESS ); - + output1_size, &tmp_output_length) == PSA_SUCCESS ); + output1_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); @@ -776,15 +777,15 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, output2 = mbedtls_calloc(0, output2_size); TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, - iv_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, + iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, output2, output2_size, &output2_length) == PSA_SUCCESS ); tmp_output_length = 0; TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size, &tmp_output_length) == PSA_SUCCESS ); + output2_size, &tmp_output_length) == PSA_SUCCESS ); output2_length += tmp_output_length; - + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); TEST_ASSERT( input_size == output1_length ); From 7268afc29e5fadfc7ade62a8dfa3dcf54aecef70 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 15:19:24 +0200 Subject: [PATCH 0127/2197] Reordered cipher tests to be just after MAC tests --- tests/suites/test_suite_psa_crypto.data | 48 +- tests/suites/test_suite_psa_crypto.function | 530 ++++++++++---------- 2 files changed, 291 insertions(+), 287 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3519f11c3..6fa907d58 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -53,6 +53,30 @@ PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" +PSA Symmetric encryption: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" + +PSA Symmetric encryption/decryption: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric encryption multipart: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption multipart: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption multipart: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 @@ -104,27 +128,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT - -PSA Symmetric encryption: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" - -PSA Symmetric encryption: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" - -PSA Symmetric encryption/decryption: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" - -PSA Symmetric encryption multipart: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" - -PSA Symmetric encryption multipart: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" - -PSA Symmetric encryption multipart: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 058c34411..5ac87214f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -264,269 +264,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) -{ - psa_key_type_t type = type_arg; - psa_algorithm_t alg = alg_arg; - size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg); - TEST_ASSERT( actual_size == (size_t) expected_size_arg ); -exit: - ; -} -/* END_CASE */ - -/* BEGIN_CASE */ -void sign_deterministic( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, char *output_hex ) -{ - int slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - size_t key_bits; - unsigned char *input_data = NULL; - size_t input_size; - unsigned char *output_data = NULL; - size_t output_size; - unsigned char *signature = NULL; - size_t signature_size; - size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = {0}; - - key_data = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input_data != NULL ); - output_data = unhexify_alloc( output_hex, &output_size ); - TEST_ASSERT( output_data != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( slot, - NULL, - &key_bits ) == PSA_SUCCESS ); - - signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits ); - TEST_ASSERT( signature_size != 0 ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); - - TEST_ASSERT( psa_asymmetric_sign( slot, alg, - input_data, input_size, - NULL, 0, - signature, signature_size, - &signature_length ) == PSA_SUCCESS ); - TEST_ASSERT( signature_length == output_size ); - TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 ); - -exit: - psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( output_data ); - mbedtls_free( signature ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void sign_fail( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, - int signature_size, int expected_status_arg ) -{ - int slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; - psa_status_t actual_status; - psa_status_t expected_status = expected_status_arg; - unsigned char *signature = NULL; - size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = {0}; - - key_data = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input_data != NULL ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); - - actual_status = psa_asymmetric_sign( slot, alg, - input_data, input_size, - NULL, 0, - signature, signature_size, - &signature_length ); - TEST_ASSERT( actual_status == expected_status ); - TEST_ASSERT( signature_length == 0 ); - -exit: - psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( signature ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_policy( int usage_arg, int alg_arg ) -{ - int key_slot = 1; - psa_key_type_t key_type = PSA_KEY_TYPE_AES; - unsigned char key[32] = {0}; - psa_key_policy_t policy_set = {0}; - psa_key_policy_t policy_get = {0}; - - - memset( key, 0x2a, sizeof( key ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init(& policy_set ); - psa_key_policy_init(& policy_get ); - - psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg ); - - TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg ); - - TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg ); - - TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS ); - - TEST_ASSERT( policy_get.usage == policy_set.usage ); - TEST_ASSERT( policy_get.alg == policy_set.alg ); - - - - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex ) -{ - int key_slot = 1; - unsigned char* keypair = NULL; - size_t key_size = 0; - size_t signature_length = 0; - psa_key_policy_t policy = {0}; - int actual_status = PSA_SUCCESS; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, usage_arg, alg_arg ); - - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); - - if( usage_arg & PSA_KEY_USAGE_EXPORT ) - { - keypair = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( keypair != NULL ); - TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair, key_size ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, - ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, - NULL, 0, &signature_length ); - } - - if( usage_arg & PSA_KEY_USAGE_SIGN ) - { - keypair = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( keypair != NULL ); - TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair, key_size ) == PSA_SUCCESS ); - actual_status = psa_export_key( key_slot, NULL, 0, NULL ); - } - - TEST_ASSERT( actual_status == expected_status ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_free( keypair ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_lifetime( int lifetime_arg ) -{ - int key_slot = 1; - psa_key_type_t key_type = PSA_ALG_CBC_BASE; - unsigned char key[32] = {0}; - psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; - psa_key_lifetime_t lifetime_get; - memset( key, 0x2a, sizeof( key ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( key_slot, - lifetime_set ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_lifetime( key_slot, - &lifetime_get ) == PSA_SUCCESS ); - TEST_ASSERT( lifetime_get == lifetime_set ); -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) -{ - int key_slot = 1; - psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; - psa_status_t actual_status; - psa_status_t expected_status = expected_status_arg; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); - - if( actual_status == PSA_SUCCESS ) - actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); - - TEST_ASSERT( expected_status == actual_status ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void cipher_test_encrypt( int alg_arg, int key_type_arg, char *key_hex, @@ -799,3 +536,270 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) +{ + psa_key_type_t type = type_arg; + psa_algorithm_t alg = alg_arg; + size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg); + TEST_ASSERT( actual_size == (size_t) expected_size_arg ); +exit: + ; +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_deterministic( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, char *output_hex ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + size_t key_bits; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_policy_t policy = {0}; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + output_data = unhexify_alloc( output_hex, &output_size ); + TEST_ASSERT( output_data != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( slot, + NULL, + &key_bits ) == PSA_SUCCESS ); + + signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits ); + TEST_ASSERT( signature_size != 0 ); + signature = mbedtls_calloc( 1, signature_size ); + TEST_ASSERT( signature != NULL ); + + TEST_ASSERT( psa_asymmetric_sign( slot, alg, + input_data, input_size, + NULL, 0, + signature, signature_size, + &signature_length ) == PSA_SUCCESS ); + TEST_ASSERT( signature_length == output_size ); + TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( output_data ); + mbedtls_free( signature ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_fail( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + int signature_size, int expected_status_arg ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + unsigned char *signature = NULL; + size_t signature_length = 0xdeadbeef; + psa_key_policy_t policy = {0}; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + signature = mbedtls_calloc( 1, signature_size ); + TEST_ASSERT( signature != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + actual_status = psa_asymmetric_sign( slot, alg, + input_data, input_size, + NULL, 0, + signature, signature_size, + &signature_length ); + TEST_ASSERT( actual_status == expected_status ); + TEST_ASSERT( signature_length == 0 ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( signature ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_policy( int usage_arg, int alg_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_KEY_TYPE_AES; + unsigned char key[32] = {0}; + psa_key_policy_t policy_set = {0}; + psa_key_policy_t policy_get = {0}; + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init(& policy_set ); + psa_key_policy_init(& policy_get ); + + psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg ); + + TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg ); + + TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg ); + + TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS ); + + TEST_ASSERT( policy_get.usage == policy_set.usage ); + TEST_ASSERT( policy_get.alg == policy_set.alg ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex ) +{ + int key_slot = 1; + unsigned char* keypair = NULL; + size_t key_size = 0; + size_t signature_length = 0; + psa_key_policy_t policy = {0}; + int actual_status = PSA_SUCCESS; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, usage_arg, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + if( usage_arg & PSA_KEY_USAGE_EXPORT ) + { + keypair = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, + keypair, key_size ) == PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, + ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, + NULL, 0, &signature_length ); + } + + if( usage_arg & PSA_KEY_USAGE_SIGN ) + { + keypair = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, + keypair, key_size ) == PSA_SUCCESS ); + actual_status = psa_export_key( key_slot, NULL, 0, NULL ); + } + + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_free( keypair ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_lifetime( int lifetime_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_ALG_CBC_BASE; + unsigned char key[32] = {0}; + psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; + psa_key_lifetime_t lifetime_get; + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( key_slot, + lifetime_set ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_lifetime( key_slot, + &lifetime_get ) == PSA_SUCCESS ); + + TEST_ASSERT( lifetime_get == lifetime_set ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) +{ + int key_slot = 1; + psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); + + if( actual_status == PSA_SUCCESS ) + actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); + + TEST_ASSERT( expected_status == actual_status ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 5cbb4c8508919f2f0e74ae3426b8cbefad6fc093 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 15:21:31 +0200 Subject: [PATCH 0128/2197] Correct some test case descriptions --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6fa907d58..2126462c0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -57,7 +57,7 @@ PSA Symmetric encryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption: AES-128 +PSA Symmetric decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" @@ -65,15 +65,15 @@ PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption multipart: AES-128 +PSA Symmetric encryption multipart: AES-128, 7+9 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128 +PSA Symmetric encryption multipart: AES-128, 3+13 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128 +PSA Symmetric encryption multipart: AES-128, 11+5 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" From ded844092e7ae866b03f6cdd0d9d4201b6c85371 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 6 Jun 2018 16:36:50 +0300 Subject: [PATCH 0129/2197] fix and add tests case + fix for padding mode --- tests/suites/test_suite_psa_crypto.data | 61 ++++- tests/suites/test_suite_psa_crypto.function | 287 ++++++++++++++++---- 2 files changed, 294 insertions(+), 54 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2126462c0..3ebbd5985 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -55,28 +55,77 @@ mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":" PSA Symmetric encryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b" +cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS + +PSA Symmetric encryption: bad, input buffer too small AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA Symmetric decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955" +cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS + +PSA Symmetric decryption: AES-128 bad, input buffer too small AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE + PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption multipart: AES-128, 7+9 +PSA Symmetric encryption/decryption: 16 bytes PKC padding +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric encryption/decryption: 15 bytes PKC padding +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" + +PSA Symmetric encryption/decryption CTR alg: AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric encryption multipart: AES-128 7+9 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128, 3+13 +PSA Symmetric encryption multipart: AES-128 3+13 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128, 11+5 +PSA Symmetric encryption multipart: AES-128 4+12 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" + +PSA Symmetric encryption multipart: AES-128 11+5 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" +PSA Symmetric decryption multipart: AES-128 7+9 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric decryption multipart: AES-128 3+12 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric decryption multipart: AES-128 11+5 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" + +PSA Symmetric encryption + decryption multipart: AES-128 11+5 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 + +PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 + +PSA Symmetric encryption + decryption multipart: AES-128 16+16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743ba076ec9dfbe47d52afc357336f20743b":16 + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 @@ -128,3 +177,5 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT + + diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5ac87214f..8d16c6fbf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -265,11 +265,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_encrypt( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, char *output_hex ) +void cipher_test_encrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex, + int expected_status ) { int key_slot = 1; + psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *key = NULL; @@ -279,7 +281,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size = 0; + size_t output_size, output_size_1 = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -294,7 +296,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -304,20 +306,22 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - - output = mbedtls_calloc(0, output_size); + output_size_1 = input_size + operation.block_size; + output = mbedtls_calloc(1, output_size_1); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size, + output, output_size_1, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size, &output_length) == PSA_SUCCESS ); - - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - - TEST_ASSERT( input_size == output_size ); - TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + status = psa_cipher_finish( &operation, output + output_length, + output_size_1, &output_length); + TEST_ASSERT( status == (psa_status_t) expected_status ); + if( expected_status == PSA_SUCCESS ) + { + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + TEST_ASSERT( input_size == output_size ); + TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + } exit: mbedtls_free( key ); mbedtls_free( input ); @@ -327,7 +331,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, +void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, char *key_hex, char *input_hex, int first_part_size, char *output_hex ) @@ -342,7 +346,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size = 0; + size_t output_size, output_size_1 = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -357,7 +361,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -366,20 +370,19 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); - - output = mbedtls_calloc(0, output_size); + sizeof( iv ) ) == PSA_SUCCESS ); + output_size_1 = input_size + operation.block_size; + output = mbedtls_calloc(1, output_size_1); TEST_ASSERT( (unsigned int)first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_size, + output, output_size_1, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, - input_size - first_part_size, - output, output_size, + TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, + output, output_size_1, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size, &output_length) == PSA_SUCCESS ); + output_size_1, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -395,11 +398,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_decrypt( int alg_arg, int key_type_arg, +void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, char *key_hex, - char *input_hex, char *output_hex ) + char *input_hex, + int first_part_size, char *output_hex) { int key_slot = 1; + psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *key = NULL; @@ -409,7 +414,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size = 0; + size_t output_size, output_size_1 = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -424,7 +429,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -435,14 +440,18 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output = mbedtls_calloc(0, output_size); + output_size_1 = input_size + operation.block_size; + output = mbedtls_calloc(1, output_size_1); - TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size, + TEST_ASSERT( (unsigned int)first_part_size < input_size ); + TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, + output, output_size_1, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, + output, output_size_1, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size, &output_length) == PSA_SUCCESS ); - + output_size_1, &output_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); TEST_ASSERT( input_size == output_size ); @@ -458,7 +467,78 @@ exit: /* BEGIN_CASE */ -void cipher_test_verify_output( int alg_arg, int key_type_arg, +void cipher_test_decrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex, + int expected_status ) +{ + int key_slot = 1; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t output_size, output_size_1 = 0; + size_t output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, + sizeof( iv ) ) == PSA_SUCCESS ); + + output_size_1 = input_size + operation.block_size; + output = mbedtls_calloc(1, output_size); + + TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + output, output_size_1, + &output_length) == PSA_SUCCESS ); + status = psa_cipher_finish( &operation, output + output_length, + output_size_1, &output_length); + TEST_ASSERT( status == (psa_status_t) expected_status ); + + if( expected_status == PSA_SUCCESS ) + { + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == output_size ); + TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + } + + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void cipher_test_verify_output( int alg_arg, int key_type_arg, char *key_hex, char *input_hex ) { @@ -487,7 +567,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -498,45 +578,154 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length) == PSA_SUCCESS ); - output1_size = input_size; - output1 = mbedtls_calloc(0, output1_size); + output1_size = input_size + operation1.block_size; + output1 = mbedtls_calloc(1, output1_size); + TEST_ASSERT( output1 != NULL); + TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, - output1, output1_size, + output1, output1_size, &output1_length) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size, &tmp_output_length) == PSA_SUCCESS ); + output1_size, &tmp_output_length) == PSA_SUCCESS ); + + output1_length += tmp_output_length; + + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + + output2_size = output1_length; + output2 = mbedtls_calloc(1, output2_size); + + TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, + iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, + output2, output2_size, &output2_length) == PSA_SUCCESS ); + tmp_output_length = 0; + TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, + output2_size, &tmp_output_length) == PSA_SUCCESS ); + + output2_length += tmp_output_length; + + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == output2_length ); + TEST_ASSERT( memcmp( input, output2, input_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); + + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_test_verify_output_multpart( int alg_arg, + int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + size_t iv_size = 16; + size_t iv_length = 0; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output1; + size_t output1_size = 0; + size_t output1_length = 0; + unsigned char *output2; + size_t output2_size = 0; + size_t output2_length = 0; + size_t tmp_output_length , temp = 0; + psa_cipher_operation_t operation1; + psa_cipher_operation_t operation2; + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, + iv_size, &iv_length) == PSA_SUCCESS ); + output1_size = input_size + operation1.block_size; + output1 = mbedtls_calloc(1, output1_size); + + TEST_ASSERT( (unsigned int)first_part_size < input_size ); + + TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size, + output1, output1_size, + &output1_length) == PSA_SUCCESS ); + temp = output1_length ; + + TEST_ASSERT( psa_cipher_update( &operation1, input + first_part_size, input_size - first_part_size, + output1, output1_size, + &output1_length) == PSA_SUCCESS ); + output1_length += temp; + + TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, + output1_size - output1_length, &tmp_output_length) == PSA_SUCCESS ); output1_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_size = output1_length; - output2 = mbedtls_calloc(0, output2_size); + output2 = mbedtls_calloc(1, output2_size); TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, - iv_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, - output2, output2_size, &output2_length) == PSA_SUCCESS ); + iv_length) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, + output2, output2_size, + &output2_length) == PSA_SUCCESS ); + + temp = output2_length ; + + TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size, + output1_length - first_part_size, + output2, output2_size, + &output2_length) == PSA_SUCCESS ); + + output2_length += temp; tmp_output_length = 0; TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size, &tmp_output_length) == PSA_SUCCESS ); + output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS ); output2_length += tmp_output_length; - + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == output1_length ); - TEST_ASSERT( output1_length == output2_length ); + TEST_ASSERT( input_size == output2_length ); TEST_ASSERT( memcmp( input, output2, input_size ) == 0 ); exit: mbedtls_free( key ); mbedtls_free( input ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } /* END_CASE */ + /* BEGIN_CASE */ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) { From 7f87850fc41bb5abe4496838827f6e1b2c42ba7e Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 6 Jun 2018 17:09:40 +0300 Subject: [PATCH 0130/2197] fix and add tests case + fix for padding mode --- tests/suites/test_suite_psa_crypto.data | 8 +------- tests/suites/test_suite_psa_crypto.function | 7 +------ 2 files changed, 2 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3ebbd5985..2958b30ac 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -69,7 +69,6 @@ PSA Symmetric decryption: AES-128 bad, input buffer too small AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE - PSA Symmetric encryption/decryption: AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" @@ -106,7 +105,7 @@ PSA Symmetric decryption multipart: AES-128 7+9 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric decryption multipart: AES-128 3+12 +PSA Symmetric decryption multipart: AES-128 3+13 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" @@ -122,10 +121,6 @@ PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 -PSA Symmetric encryption + decryption multipart: AES-128 16+16 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743ba076ec9dfbe47d52afc357336f20743b":16 - PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 @@ -178,4 +173,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT - diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8d16c6fbf..4f1d3d60e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -264,6 +264,7 @@ exit: } /* END_CASE */ + /* BEGIN_CASE */ void cipher_test_encrypt( int alg_arg, int key_type_arg, char *key_hex, @@ -613,9 +614,6 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, exit: mbedtls_free( key ); mbedtls_free( input ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -718,14 +716,11 @@ void cipher_test_verify_output_multpart( int alg_arg, exit: mbedtls_free( key ); mbedtls_free( input ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } /* END_CASE */ - /* BEGIN_CASE */ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) { From 4ca9c3f9a163185f8e67a46ecb37f37000a4e3c9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 18:44:09 +0200 Subject: [PATCH 0131/2197] Fix whitespace issues Only whitespace changes. * Remove tabs. * Remove trailing whitespace. * Correct some misindented lines. * Normalize whitespace around some punctuation. * Split some lines to avoid going over 80 columns. --- tests/suites/test_suite_psa_crypto.data | 1 - tests/suites/test_suite_psa_crypto.function | 219 +++++++++++--------- 2 files changed, 117 insertions(+), 103 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2958b30ac..16bce06eb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -172,4 +172,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA Key Lifetime set fail, invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT - diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4f1d3d60e..16b65ac37 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -266,7 +266,7 @@ exit: /* BEGIN_CASE */ -void cipher_test_encrypt( int alg_arg, int key_type_arg, +void cipher_test_encrypt( int alg_arg, int key_type_arg, char *key_hex, char *input_hex, char *output_hex, int expected_status ) @@ -297,7 +297,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -305,16 +305,16 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc(1, output_size_1); + output = mbedtls_calloc( 1, output_size_1 ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size_1, - &output_length) == PSA_SUCCESS ); + output, output_size_1, + &output_length ) == PSA_SUCCESS ); status = psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length); + output_size_1, &output_length ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) { @@ -332,10 +332,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size, char *output_hex ) +void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size, char *output_hex ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; @@ -362,7 +362,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -370,20 +370,22 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc(1, output_size_1); + output = mbedtls_calloc( 1, output_size_1 ); - TEST_ASSERT( (unsigned int)first_part_size < input_size ); + TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_size_1, - &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, output_size_1, - &output_length) == PSA_SUCCESS ); + output, output_size_1, + &output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, + input + first_part_size, + input_size - first_part_size, + output, output_size_1, + &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length) == PSA_SUCCESS ); + output_size_1, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -399,13 +401,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size, char *output_hex) +void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size, char *output_hex ) { int key_slot = 1; - + psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *key = NULL; @@ -430,7 +432,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -438,21 +440,23 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc(1, output_size_1); + output = mbedtls_calloc( 1, output_size_1 ); - TEST_ASSERT( (unsigned int)first_part_size < input_size ); + TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_size_1, - &output_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, output_size_1, - &output_length) == PSA_SUCCESS ); + output, output_size_1, + &output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, + input + first_part_size, + input_size - first_part_size, + output, output_size_1, + &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length) == PSA_SUCCESS ); + output_size_1, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); TEST_ASSERT( input_size == output_size ); @@ -468,10 +472,10 @@ exit: /* BEGIN_CASE */ -void cipher_test_decrypt( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, char *output_hex, - int expected_status ) +void cipher_test_decrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex, + int expected_status ) { int key_slot = 1; psa_status_t status; @@ -499,7 +503,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -507,17 +511,17 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, - sizeof( iv ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc(1, output_size); + output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size_1, - &output_length) == PSA_SUCCESS ); + output, output_size_1, + &output_length ) == PSA_SUCCESS ); status = psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length); + output_size_1, &output_length ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) @@ -539,9 +543,9 @@ exit: /* BEGIN_CASE */ -void cipher_test_verify_output( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex ) +void cipher_test_verify_output( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; @@ -568,7 +572,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -577,35 +581,40 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, - iv_size, &iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_generate_iv( &operation1, + iv, iv_size, + &iv_length ) == PSA_SUCCESS ); output1_size = input_size + operation1.block_size; - output1 = mbedtls_calloc(1, output1_size); - TEST_ASSERT( output1 != NULL); + output1 = mbedtls_calloc( 1, output1_size ); + TEST_ASSERT( output1 != NULL ); TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, - output1, output1_size, - &output1_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size, &tmp_output_length) == PSA_SUCCESS ); - + output1, output1_size, + &output1_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation1, + output1 + output1_length, output1_size, + &tmp_output_length ) == PSA_SUCCESS ); + output1_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_size = output1_length; - output2 = mbedtls_calloc(1, output2_size); + output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, - iv_length) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, - output2, output2_size, &output2_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation2, + iv, iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, + output2, output2_size, + &output2_length ) == PSA_SUCCESS ); tmp_output_length = 0; - TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size, &tmp_output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation2, + output2 + output2_length, + output2_size, + &tmp_output_length ) == PSA_SUCCESS ); output2_length += tmp_output_length; - + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); TEST_ASSERT( input_size == output2_length ); @@ -621,10 +630,10 @@ exit: /* BEGIN_CASE */ void cipher_test_verify_output_multpart( int alg_arg, - int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size ) + int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; @@ -642,7 +651,7 @@ void cipher_test_verify_output_multpart( int alg_arg, unsigned char *output2; size_t output2_size = 0; size_t output2_length = 0; - size_t tmp_output_length , temp = 0; + size_t tmp_output_length, temp = 0; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; @@ -651,7 +660,7 @@ void cipher_test_verify_output_multpart( int alg_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -660,54 +669,60 @@ void cipher_test_verify_output_multpart( int alg_arg, TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, - iv_size, &iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_generate_iv( &operation1, + iv, iv_size, + &iv_length ) == PSA_SUCCESS ); output1_size = input_size + operation1.block_size; - output1 = mbedtls_calloc(1, output1_size); + output1 = mbedtls_calloc( 1, output1_size ); + + TEST_ASSERT( (unsigned int) first_part_size < input_size ); - TEST_ASSERT( (unsigned int)first_part_size < input_size ); - TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size, - output1, output1_size, - &output1_length) == PSA_SUCCESS ); - temp = output1_length ; + output1, output1_size, + &output1_length ) == PSA_SUCCESS ); + temp = output1_length; - TEST_ASSERT( psa_cipher_update( &operation1, input + first_part_size, input_size - first_part_size, - output1, output1_size, - &output1_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation1, + input + first_part_size, + input_size - first_part_size, + output1, output1_size, + &output1_length ) == PSA_SUCCESS ); output1_length += temp; TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size - output1_length, &tmp_output_length) == PSA_SUCCESS ); + output1_size - output1_length, + &tmp_output_length ) == PSA_SUCCESS ); output1_length += tmp_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_size = output1_length; - output2 = mbedtls_calloc(1, output2_size); + output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, - iv_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation2, + iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, - output2, output2_size, - &output2_length) == PSA_SUCCESS ); + output2, output2_size, + &output2_length ) == PSA_SUCCESS ); - temp = output2_length ; + temp = output2_length; - TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size, - output1_length - first_part_size, - output2, output2_size, - &output2_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size, + output1_length - first_part_size, + output2, output2_size, + &output2_length ) == PSA_SUCCESS ); output2_length += temp; tmp_output_length = 0; - TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation2, + output2 + output2_length, + output2_size - output2_length, + &tmp_output_length ) == PSA_SUCCESS ); output2_length += tmp_output_length; - + TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); TEST_ASSERT( input_size == output2_length ); From 9cf78d301d2d839083723b31ef9d893f921ea8ee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 18:57:11 +0200 Subject: [PATCH 0132/2197] Fix some test case dependencies on cipher modes --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 16bce06eb..88b26d283 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -74,15 +74,15 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption/decryption: 16 bytes PKC padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption/decryption: 15 bytes PKC padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA Symmetric encryption/decryption CTR alg: AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption multipart: AES-128 7+9 @@ -118,7 +118,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw From 17ddaa27b0ccb95cf7d76af0be38e2882f50e2c8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Jun 2018 18:57:49 +0200 Subject: [PATCH 0133/2197] Correct and improve cipher test case descriptions --- tests/suites/test_suite_psa_crypto.data | 34 ++++++++++++------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 88b26d283..783148cf1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -53,71 +53,71 @@ PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" -PSA Symmetric encryption: AES-128 +PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS -PSA Symmetric encryption: bad, input buffer too small AES-128 +PSA Symmetric encryption: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT -PSA Symmetric decryption: AES-128 +PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS -PSA Symmetric decryption: AES-128 bad, input buffer too small AES-128 +PSA Symmetric decryption: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE -PSA Symmetric encryption/decryption: AES-128 +PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption/decryption: 16 bytes PKC padding +PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption/decryption: 15 bytes PKC padding +PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" -PSA Symmetric encryption/decryption CTR alg: AES-128 +PSA Symmetric encryption/decryption: AES-CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption multipart: AES-128 7+9 +PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128 3+13 +PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128 4+12 +PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-128 11+5 +PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric decryption multipart: AES-128 7+9 +PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric decryption multipart: AES-128 3+13 +PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric decryption multipart: AES-128 11+5 +PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption + decryption multipart: AES-128 11+5 +PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 -PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12 +PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 From 9e3aa62c137c751eb31dc9dff2d331b3d3bc6bef Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 7 Jun 2018 12:08:47 +0300 Subject: [PATCH 0134/2197] change variable naming --- tests/suites/test_suite_psa_crypto.function | 42 ++++++++++----------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 16b65ac37..906100328 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -282,7 +282,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, output_size_1 = 0; + size_t output_size, max_output_size = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -307,14 +307,14 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_size_1 ); + max_output_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, max_output_size ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size_1, + output, max_output_size, &output_length ) == PSA_SUCCESS ); status = psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length ); + max_output_size, &output_length ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) { @@ -347,7 +347,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, output_size_1 = 0; + size_t output_size, max_output_size = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -372,20 +372,20 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_size_1 ); + max_output_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, max_output_size ); TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_size_1, + output, max_output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, output_size_1, + output, max_output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length ) == PSA_SUCCESS ); + max_output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -417,7 +417,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, output_size_1 = 0; + size_t output_size, max_output_size = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -443,20 +443,20 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_size_1 = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_size_1 ); + output_simax_output_sizeze_1 = input_size + operation.block_size; + output = mbedtls_calloc( 1, max_output_size ); TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_size_1, + output, max_output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, output_size_1, + output, max_output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length ) == PSA_SUCCESS ); + max_output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); TEST_ASSERT( input_size == output_size ); @@ -488,7 +488,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, output_size_1 = 0; + size_t output_size, max_output_size = 0; size_t output_length = 0; psa_cipher_operation_t operation; @@ -514,14 +514,14 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_size_1 = input_size + operation.block_size; + max_output_size = input_size + operation.block_size; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_size_1, + output, max_output_size, &output_length ) == PSA_SUCCESS ); status = psa_cipher_finish( &operation, output + output_length, - output_size_1, &output_length ); + max_output_size, &output_length ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) From a9c3a658becf3486c77f812f575c1a979f654e5a Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 7 Jun 2018 18:08:58 +0300 Subject: [PATCH 0135/2197] tests fix + max_output_size --- tests/suites/test_suite_psa_crypto.function | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 906100328..9f9dd6808 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -319,8 +319,6 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - - TEST_ASSERT( input_size == output_size ); TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); } exit: @@ -443,7 +441,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_simax_output_sizeze_1 = input_size + operation.block_size; + max_output_size = input_size + operation.block_size; output = mbedtls_calloc( 1, max_output_size ); TEST_ASSERT( (unsigned int) first_part_size < input_size ); @@ -515,7 +513,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, iv, sizeof( iv ) ) == PSA_SUCCESS ); max_output_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_size ); + output = mbedtls_calloc( 1, max_output_size ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, output, max_output_size, @@ -527,8 +525,6 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - - TEST_ASSERT( input_size == output_size ); TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); } From 8172b87a6332120b7d2c1ae12107e7a9072df99e Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 7 Jun 2018 18:09:18 +0300 Subject: [PATCH 0136/2197] add tests cases --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 783148cf1..e9f26bc24 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -57,14 +57,38 @@ PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS + +PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS + PSA Symmetric encryption: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +PSA Symmetric encryption: AES-CTR, 16 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS + +PSA Symmetric encryption: AES-CTR, 15 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS + PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE + +PSA Symmetric decryption: AES-CTR, 16 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_test_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS + PSA Symmetric decryption: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE From 048b7f080203519c2ca8d258dcd84ef62d4e2c2e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 14:20:49 +0200 Subject: [PATCH 0137/2197] Rename some variables to make the code easier to read In cipher_test_verify_output_multpart, tweak the ways chunk sizes are added in order to get rid of the variable temp. In other functions, this commit does not change the logic at all. --- tests/suites/test_suite_psa_crypto.function | 178 +++++++++++--------- 1 file changed, 95 insertions(+), 83 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9f9dd6808..29f233b55 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -282,8 +282,9 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, max_output_size = 0; - size_t output_length = 0; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; psa_cipher_operation_t operation; @@ -293,7 +294,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - expected_output = unhexify_alloc( output_hex, &output_size ); + expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); @@ -307,19 +308,22 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - max_output_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, max_output_size ); + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, max_output_size, - &output_length ) == PSA_SUCCESS ); - status = psa_cipher_finish( &operation, output + output_length, - max_output_size, &output_length ); + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + status = psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + TEST_ASSERT( memcmp( expected_output, output, + expected_output_size ) == 0 ); } exit: mbedtls_free( key ); @@ -345,8 +349,9 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, max_output_size = 0; - size_t output_length = 0; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; psa_cipher_operation_t operation; @@ -356,7 +361,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - expected_output = unhexify_alloc( output_hex, &output_size ); + expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); @@ -370,25 +375,27 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - max_output_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, max_output_size ); + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, max_output_size, - &output_length ) == PSA_SUCCESS ); + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, max_output_size, - &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - max_output_size, &output_length ) == PSA_SUCCESS ); + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == output_size ); - TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + TEST_ASSERT( input_size == expected_output_size ); + TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); exit: mbedtls_free( key ); @@ -415,8 +422,9 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, max_output_size = 0; - size_t output_length = 0; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; psa_cipher_operation_t operation; @@ -426,7 +434,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - expected_output = unhexify_alloc( output_hex, &output_size ); + expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); @@ -441,24 +449,26 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - max_output_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, max_output_size ); + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, max_output_size, - &output_length ) == PSA_SUCCESS ); + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, - output, max_output_size, - &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, output + output_length, - max_output_size, &output_length ) == PSA_SUCCESS ); + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == output_size ); - TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + TEST_ASSERT( input_size == expected_output_size ); + TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); exit: mbedtls_free( key ); @@ -486,8 +496,9 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, size_t input_size = 0; unsigned char *output; unsigned char *expected_output; - size_t output_size, max_output_size = 0; - size_t output_length = 0; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; psa_cipher_operation_t operation; @@ -497,7 +508,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - expected_output = unhexify_alloc( output_hex, &output_size ); + expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); memset( iv, 0x2a, sizeof( iv ) ); @@ -512,20 +523,23 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - max_output_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, max_output_size ); + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, max_output_size, - &output_length ) == PSA_SUCCESS ); - status = psa_cipher_finish( &operation, output + output_length, - max_output_size, &output_length ); + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + status = psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 ); + TEST_ASSERT( memcmp( expected_output, output, + expected_output_size ) == 0 ); } @@ -559,7 +573,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, unsigned char *output2; size_t output2_size = 0; size_t output2_length = 0; - size_t tmp_output_length = 0; + size_t function_output_length = 0; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; @@ -589,9 +603,9 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, &output1_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, output1_size, - &tmp_output_length ) == PSA_SUCCESS ); + &function_output_length ) == PSA_SUCCESS ); - output1_length += tmp_output_length; + output1_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); @@ -603,13 +617,13 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, output2, output2_size, &output2_length ) == PSA_SUCCESS ); - tmp_output_length = 0; + function_output_length = 0; TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, output2_size, - &tmp_output_length ) == PSA_SUCCESS ); + &function_output_length ) == PSA_SUCCESS ); - output2_length += tmp_output_length; + output2_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); @@ -642,12 +656,12 @@ void cipher_test_verify_output_multpart( int alg_arg, unsigned char *input = NULL; size_t input_size = 0; unsigned char *output1; - size_t output1_size = 0; + size_t output1_buffer_size = 0; size_t output1_length = 0; unsigned char *output2; - size_t output2_size = 0; + size_t output2_buffer_size = 0; size_t output2_length = 0; - size_t tmp_output_length, temp = 0; + size_t function_output_length; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; @@ -668,56 +682,54 @@ void cipher_test_verify_output_multpart( int alg_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_size = input_size + operation1.block_size; - output1 = mbedtls_calloc( 1, output1_size ); + output1_buffer_size = input_size + operation1.block_size; + output1 = mbedtls_calloc( 1, output1_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input_size ); TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size, - output1, output1_size, - &output1_length ) == PSA_SUCCESS ); - temp = output1_length; + output1, output1_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + output1_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation1, input + first_part_size, input_size - first_part_size, - output1, output1_size, - &output1_length ) == PSA_SUCCESS ); - output1_length += temp; + output1, output1_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + output1_length += function_output_length; - TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length, - output1_size - output1_length, - &tmp_output_length ) == PSA_SUCCESS ); - - output1_length += tmp_output_length; + TEST_ASSERT( psa_cipher_finish( &operation1, + output1 + output1_length, + output1_buffer_size - output1_length, + &function_output_length ) == PSA_SUCCESS ); + output1_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - output2_size = output1_length; - output2 = mbedtls_calloc( 1, output2_size ); + output2_buffer_size = output1_length; + output2 = mbedtls_calloc( 1, output2_buffer_size ); TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, - output2, output2_size, - &output2_length ) == PSA_SUCCESS ); + output2, output2_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + output2_length += function_output_length; - temp = output2_length; - - TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size, + TEST_ASSERT( psa_cipher_update( &operation2, + output1 + first_part_size, output1_length - first_part_size, - output2, output2_size, - &output2_length ) == PSA_SUCCESS ); + output2, output2_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + output2_length += function_output_length; - output2_length += temp; - tmp_output_length = 0; TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size - output2_length, - &tmp_output_length ) == PSA_SUCCESS ); - - output2_length += tmp_output_length; + output2_buffer_size - output2_length, + &function_output_length ) == PSA_SUCCESS ); + output2_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); From 50e586b691cb81ad3dcf5f43ede156feb22fb8d2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 14:28:46 +0200 Subject: [PATCH 0138/2197] We don't need _test_ in test function names Also fix typo multpart -> multipart --- tests/suites/test_suite_psa_crypto.data | 46 +- tests/suites/test_suite_psa_crypto.function | 588 ++++++++++---------- 2 files changed, 317 insertions(+), 317 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e9f26bc24..14eb73477 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -55,95 +55,95 @@ mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":" PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS PSA Symmetric encryption: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA Symmetric encryption: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA Symmetric encryption: AES-CTR, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE PSA Symmetric decryption: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS PSA Symmetric decryption: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" +cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA Symmetric encryption/decryption: AES-CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 +cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 +cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 29f233b55..bee64ef6c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -266,296 +266,296 @@ exit: /* BEGIN_CASE */ -void cipher_test_encrypt( int alg_arg, int key_type_arg, +void cipher_encrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex, + int expected_status ) +{ + int key_slot = 1; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &expected_output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); + + TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + status = psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ); + TEST_ASSERT( status == (psa_status_t) expected_status ); + if( expected_status == PSA_SUCCESS ) + { + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( expected_output, output, + expected_output_size ) == 0 ); + } +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_encrypt_multipart( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size, char *output_hex ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &expected_output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); + + TEST_ASSERT( (unsigned int) first_part_size < input_size ); + TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, + input + first_part_size, + input_size - first_part_size, + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == expected_output_size ); + TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_decrypt_multipart( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size, char *output_hex ) +{ + int key_slot = 1; + + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &expected_output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); + + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); + + TEST_ASSERT( (unsigned int) first_part_size < input_size ); + TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, + input + first_part_size, + input_size - first_part_size, + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + + TEST_ASSERT( input_size == expected_output_size ); + TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void cipher_decrypt( int alg_arg, int key_type_arg, + char *key_hex, + char *input_hex, char *output_hex, + int expected_status ) +{ + int key_slot = 1; + psa_status_t status; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key = NULL; + size_t key_size; + unsigned char iv[16] = {0}; + unsigned char *input = NULL; + size_t input_size = 0; + unsigned char *output; + unsigned char *expected_output; + size_t expected_output_size; + size_t output_buffer_size = 0; + size_t function_output_length = 0; + psa_cipher_operation_t operation; + + + key = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key != NULL ); + + input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input != NULL ); + + expected_output = unhexify_alloc( output_hex, &expected_output_size ); + TEST_ASSERT( expected_output != NULL ); + + memset( iv, 0x2a, sizeof( iv ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); + + output_buffer_size = input_size + operation.block_size; + output = mbedtls_calloc( 1, output_buffer_size ); + + TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + output, output_buffer_size, + &function_output_length ) == PSA_SUCCESS ); + status = psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ); + TEST_ASSERT( status == (psa_status_t) expected_status ); + + if( expected_status == PSA_SUCCESS ) + { + TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( expected_output, output, + expected_output_size ) == 0 ); + } + + +exit: + mbedtls_free( key ); + mbedtls_free( input ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void cipher_verify_output( int alg_arg, int key_type_arg, char *key_hex, - char *input_hex, char *output_hex, - int expected_status ) -{ - int key_slot = 1; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; - unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - psa_cipher_operation_t operation; - - - key = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); - TEST_ASSERT( expected_output != NULL ); - - memset( iv, 0x2a, sizeof( iv ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_buffer_size ); - - TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, - &function_output_length ); - TEST_ASSERT( status == (psa_status_t) expected_status ); - if( expected_status == PSA_SUCCESS ) - { - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( expected_output, output, - expected_output_size ) == 0 ); - } -exit: - mbedtls_free( key ); - mbedtls_free( input ); - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size, char *output_hex ) -{ - int key_slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; - unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - psa_cipher_operation_t operation; - - - key = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); - TEST_ASSERT( expected_output != NULL ); - - memset( iv, 0x2a, sizeof( iv ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_buffer_size ); - - TEST_ASSERT( (unsigned int) first_part_size < input_size ); - TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, - input + first_part_size, - input_size - first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - - TEST_ASSERT( input_size == expected_output_size ); - TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); - -exit: - mbedtls_free( key ); - mbedtls_free( input ); - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size, char *output_hex ) -{ - int key_slot = 1; - - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; - unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - psa_cipher_operation_t operation; - - - key = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); - TEST_ASSERT( expected_output != NULL ); - - memset( iv, 0x2a, sizeof( iv ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); - - output_buffer_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_buffer_size ); - - TEST_ASSERT( (unsigned int) first_part_size < input_size ); - TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, - input + first_part_size, - input_size - first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - - TEST_ASSERT( input_size == expected_output_size ); - TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); - -exit: - mbedtls_free( key ); - mbedtls_free( input ); - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - - -/* BEGIN_CASE */ -void cipher_test_decrypt( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, char *output_hex, - int expected_status ) -{ - int key_slot = 1; - psa_status_t status; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; - unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; - size_t output_buffer_size = 0; - size_t function_output_length = 0; - psa_cipher_operation_t operation; - - - key = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); - TEST_ASSERT( expected_output != NULL ); - - memset( iv, 0x2a, sizeof( iv ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); - - output_buffer_size = input_size + operation.block_size; - output = mbedtls_calloc( 1, output_buffer_size ); - - TEST_ASSERT( psa_cipher_update( &operation, input, input_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); - status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, - &function_output_length ); - TEST_ASSERT( status == (psa_status_t) expected_status ); - - if( expected_status == PSA_SUCCESS ) - { - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( expected_output, output, - expected_output_size ) == 0 ); - } - - -exit: - mbedtls_free( key ); - mbedtls_free( input ); - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - - -/* BEGIN_CASE */ -void cipher_test_verify_output( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex ) + char *input_hex ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; @@ -639,11 +639,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void cipher_test_verify_output_multpart( int alg_arg, - int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size ) +void cipher_verify_output_multipart( int alg_arg, + int key_type_arg, + char *key_hex, + char *input_hex, + int first_part_size ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; From a7ec95f1ea08139290184dcaf2f5b450da51a4af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 14:40:59 +0200 Subject: [PATCH 0139/2197] Cipher tests: calculate and verify the actual output size --- tests/suites/test_suite_psa_crypto.function | 25 ++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index bee64ef6c..6be41c350 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -285,6 +285,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t expected_output_size; size_t output_buffer_size = 0; size_t function_output_length = 0; + size_t total_output_length = 0; psa_cipher_operation_t operation; @@ -314,17 +315,22 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_update( &operation, input, input_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; status = psa_cipher_finish( &operation, output + function_output_length, output_buffer_size, &function_output_length ); + total_output_length += function_output_length; + TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + TEST_ASSERT( total_output_length == expected_output_size ); TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); } + exit: mbedtls_free( key ); mbedtls_free( input ); @@ -352,9 +358,9 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t expected_output_size; size_t output_buffer_size = 0; size_t function_output_length = 0; + size_t total_output_length = 0; psa_cipher_operation_t operation; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); @@ -382,19 +388,21 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; TEST_ASSERT( psa_cipher_finish( &operation, output + function_output_length, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); - + total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == expected_output_size ); + TEST_ASSERT( total_output_length == expected_output_size ); TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); exit: @@ -425,9 +433,9 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t expected_output_size; size_t output_buffer_size = 0; size_t function_output_length = 0; + size_t total_output_length = 0; psa_cipher_operation_t operation; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); @@ -456,18 +464,21 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; TEST_ASSERT( psa_cipher_finish( &operation, output + function_output_length, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == expected_output_size ); + TEST_ASSERT( total_output_length == expected_output_size ); TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); exit: @@ -499,6 +510,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t expected_output_size; size_t output_buffer_size = 0; size_t function_output_length = 0; + size_t total_output_length = 0; psa_cipher_operation_t operation; @@ -529,15 +541,18 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_update( &operation, input, input_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); + total_output_length += function_output_length; status = psa_cipher_finish( &operation, output + function_output_length, output_buffer_size, &function_output_length ); + total_output_length += function_output_length; TEST_ASSERT( status == (psa_status_t) expected_status ); if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + TEST_ASSERT( total_output_length == expected_output_size ); TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); } From 42b8aec7923d03f909649f2234d773d2ab8cc3b0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 14:41:49 +0200 Subject: [PATCH 0140/2197] Correct some bad test data * PKCS#7 padding always adds at least one byte of padding, so test data with plaintext length = ciphertext length could not have been correct. * CTR has plaintext length = ciphertext length, so test data with differing lengths could not have been correct. --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 14eb73477..e2fea7035 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -59,7 +59,7 @@ cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC @@ -75,7 +75,7 @@ cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7 PSA Symmetric encryption: AES-CTR, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC From 5809ce7bd602202e6b4a703a5987344f339665af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 14:42:50 +0200 Subject: [PATCH 0141/2197] Add PKCS#7 good decryption test cases --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e2fea7035..2d2431577 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -81,6 +81,14 @@ PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +PSA Symmetric decryption: AES-CBC-PKCS#7, 16 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS + +PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, good +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS + PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE From 39ee871d3fb213357ecb0697e3e112e626117f61 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 26 Apr 2018 00:51:02 +0300 Subject: [PATCH 0142/2197] Change AEAD APIs to integrated AEAD APIs. Change AEAD APIs to integrated AEAD APIs, this will allow t support CCM and GCM algorithms. --- include/psa/crypto.h | 87 ++++++++++--------------------------- include/psa/crypto_struct.h | 14 ------ 2 files changed, 23 insertions(+), 78 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c0b318776..7fc14a222 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1072,14 +1072,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /** \defgroup aead Authenticated encryption with associated data (AEAD) * @{ */ - -/** The type of the state data structure for multipart AEAD operations. - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_aead_operation_s psa_aead_operation_t; - /** Set the key for a multipart authenticated encryption operation. * * The sequence of operations to authenticate-and-encrypt a message @@ -1131,32 +1123,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg); -/** Set the key for a multipart authenticated decryption operation. - * - * The sequence of operations to authenticated and decrypt a message - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. - * The key remains associated with the operation even if the content - * of the key slot changes. - * -# Call psa_aead_set_iv() to pass the initialization vector (IV) - * for the authenticated decryption. - * -# Call psa_aead_update_ad() to pass the associated data that is - * to be authenticated but not encrypted. You may omit this step if - * there is no associated data. - * -# Call psa_aead_update() zero, one or more times, passing a fragment - * of the data to decrypt each time. - * -# Call psa_aead_finish(). - * - * The application may call psa_aead_abort() at any time after the operation - * has been initialized with psa_aead_decrypt_setup(). - * - * After a successful call to psa_aead_decrypt_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A failed call to psa_aead_update(). - * - A call to psa_aead_finish() or psa_aead_abort(). +/** Process an integrated authenticated encryption operation. * * \param operation * \param alg The AEAD algorithm to compute (\c PSA_ALG_XXX value @@ -1175,37 +1142,29 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg); +psa_status_t psa_aead_encrypt( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length ); -psa_status_t psa_aead_generate_iv(psa_aead_operation_t *operation, - unsigned char *iv, - size_t iv_size, - size_t *iv_length); - -psa_status_t psa_aead_set_iv(psa_aead_operation_t *operation, - const unsigned char *iv, - size_t iv_length); - -psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length); - -psa_status_t psa_aead_update(psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length); - -psa_status_t psa_aead_finish(psa_aead_operation_t *operation, - uint8_t *tag, - size_t tag_size, - size_t *tag_length); - -psa_status_t psa_aead_verify(psa_aead_operation_t *operation, - uint8_t *tag, - size_t tag_length); - -psa_status_t psa_aead_abort(psa_aead_operation_t *operation); +psa_status_t psa_aead_decrypt( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length ); /**@}*/ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index eba4862c6..20a153d23 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -110,20 +110,6 @@ struct psa_cipher_operation_s } ctx; }; -struct psa_aead_operation_s -{ - psa_algorithm_t alg; - int key_set : 1; - int iv_set : 1; - int ad_set : 1; - uint8_t iv_size; - uint8_t block_size; - union - { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ - } ctx; -}; - struct psa_key_policy_s { psa_key_usage_t usage; From 5955c98779dfdc9c51c676ea7be0ebacd919881d Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 26 Apr 2018 00:53:03 +0300 Subject: [PATCH 0143/2197] Initial implementation of the AEAD decrypt/encrypt APIs Initial implementation for the AEAD APIs, missing the following: * Concatenation of the tag to the output buffer. * Updated documentation of the new functions. * argument validations * tests --- library/psa_crypto.c | 185 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index edb81c435..9efad5583 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1466,6 +1466,191 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, } +/****************************************************************/ +/* AEAD */ +/****************************************************************/ +psa_status_t psa_aead_encrypt( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length ) +{ + int ret; + psa_status_t status; + key_slot_t *slot; + psa_key_type_t key_type; + size_t key_bits; + const mbedtls_cipher_info_t *cipher_info = NULL; + unsigned char tag[16]; + + status = psa_get_key_information( key, &key_type, &key_bits ); + if( status != PSA_SUCCESS ) + return( status ); + slot = &global_data.key_slots[key]; + + //TODO: check key policy + + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); + if( cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + + if ( key_type != PSA_KEY_TYPE_RAW_DATA) + return( PSA_ERROR_BAD_STATE ); + + operation->block_size = cipher_info->block_size; + + if( alg == PSA_ALG_GCM ) + { + mbedtls_gcm_context gcm; + mbedtls_gcm_init( &gcm ); + ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, + ( const unsigned char * )slot->data.raw.data, key_bits ); + if( ret != 0 ) + { + mbedtls_gcm_free( &gcm ); + return( mbedtls_to_psa_error( ret ) ); + } + ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, + plaintext_length, ( const unsigned char* )nonce , + nonce_length, ( const unsigned char* )additional_data, + additional_data_length, + ( const unsigned char* ) plaintext, + ( unsigned char* )ciphertext, sizeof( tag ), tag ); + if( ret != 0 ) + { + mbedtls_gcm_free( &gcm ); + return( mbedtls_to_psa_error( ret ) ); + } + + //TODO: append the tag to the output buffer and update the output buffer length. + mbedtls_gcm_free( &gcm ); + } + else if( alg == PSA_ALG_CCM ) + { + mbedtls_ccm_context ccm; + mbedtls_ccm_init( &ccm ); + ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, + ( const unsigned char * )slot->data.raw.data, key_bits ); + if( ret != 0 ) + { + mbedtls_ccm_free( &ccm ); + return( mbedtls_to_psa_error( ret ) ); + } + ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, + ( const unsigned char* )nonce , + nonce_length, ( const unsigned char* )additional_data, + additional_data_length, + ( const unsigned char* ) plaintext, + ( unsigned char* )ciphertext, sizeof( tag ), tag ); + if( ret != 0 ) + { + mbedtls_ccm_free( &ccm ); + return( mbedtls_to_psa_error( ret ) ); + } + + //TODO: append the tag to the output buffer and update the output buffer length. + mbedtls_ccm_free( &ccm ); + } +} + +psa_status_t psa_aead_decrypt( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length ) +{ + int ret; + psa_status_t status; + key_slot_t *slot; + psa_key_type_t key_type; + size_t key_bits; + const mbedtls_cipher_info_t *cipher_info = NULL; + unsigned char tag[16]; + + status = psa_get_key_information( key, &key_type, &key_bits ); + if( status != PSA_SUCCESS ) + return( status ); + slot = &global_data.key_slots[key]; + + //TODO: check key policy + + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); + if( cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + + if ( key_type != PSA_KEY_TYPE_RAW_DATA) + return( PSA_ERROR_BAD_STATE ); + + operation->block_size = cipher_info->block_size; + + if( alg == PSA_ALG_GCM ) + { + mbedtls_gcm_context gcm; + mbedtls_gcm_init( &gcm ); + ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, + ( const unsigned char * )slot->data.raw.data, key_bits ); + if( ret != 0 ) + { + mbedtls_gcm_free( &gcm ); + return( mbedtls_to_psa_error( ret ) ); + } + ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT, + ciphertext_length, ( const unsigned char* )nonce , + nonce_length, ( const unsigned char* )additional_data, + additional_data_length, + ( const unsigned char* )ciphertext, + ( unsigned char* )plaintext, sizeof( tag ), tag ); + if( ret != 0 ) + { + mbedtls_gcm_free( &gcm ); + return( mbedtls_to_psa_error( ret ) ); + } + + //TODO: append the tag to the output buffer and update the output buffer length. + mbedtls_gcm_free( &gcm ); + } + else if( alg == PSA_ALG_CCM ) + { + mbedtls_ccm_context ccm; + mbedtls_ccm_init( &ccm ); + ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, + ( const unsigned char * )slot->data.raw.data, key_bits ); + if( ret != 0 ) + { + mbedtls_ccm_free( &ccm ); + return( mbedtls_to_psa_error( ret ) ); + } + ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, + ( const unsigned char* )nonce , + nonce_length, ( const unsigned char* )additional_data, + additional_data_length, + ( const unsigned char* )ciphertext , + ( unsigned char* )plaintext, sizeof( tag ), tag ); + if( ret != 0 ) + { + mbedtls_ccm_free( &ccm ); + return( mbedtls_to_psa_error( ret ) ); + } + + //TODO: append the tag to the output buffer and update the output buffer length. + mbedtls_ccm_free( &ccm ); + } + + return( PSA_SUCCESS ); +} + /****************************************************************/ /* Module setup */ From 47ddf3d544408a2ff630786492e5b985d4df3b00 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 26 Apr 2018 01:11:21 +0300 Subject: [PATCH 0144/2197] Concatenate the tag to the output buffer Concatenate the tag to the output buffer. --- library/psa_crypto.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9efad5583..11a805e55 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1508,6 +1508,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; + if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, ( const unsigned char * )slot->data.raw.data, key_bits ); @@ -1528,12 +1531,16 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } - //TODO: append the tag to the output buffer and update the output buffer length. mbedtls_gcm_free( &gcm ); } else if( alg == PSA_ALG_CCM ) { mbedtls_ccm_context ccm; + if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( nonce_length < 7 || nonce_length > 13 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, ( const unsigned char * )slot->data.raw.data, key_bits ); @@ -1554,9 +1561,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } - //TODO: append the tag to the output buffer and update the output buffer length. mbedtls_ccm_free( &ccm ); } + memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) ); + return( PSA_SUCCESS ); } psa_status_t psa_aead_decrypt( psa_key_slot_t key, @@ -1598,6 +1606,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; + if( plaintext_size < ( ciphertext_length + 8 + sizeof( tag ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, ( const unsigned char * )slot->data.raw.data, key_bits ); @@ -1618,12 +1629,17 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } - //TODO: append the tag to the output buffer and update the output buffer length. mbedtls_gcm_free( &gcm ); + memcpy( plaintext + ciphertext_length + 8, tag, sizeof( tag ) ); } else if( alg == PSA_ALG_CCM ) { mbedtls_ccm_context ccm; + if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( nonce_length < 7 || nonce_length > 13 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, ( const unsigned char * )slot->data.raw.data, key_bits ); @@ -1644,10 +1660,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } - //TODO: append the tag to the output buffer and update the output buffer length. mbedtls_ccm_free( &ccm ); + memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) ); } - return( PSA_SUCCESS ); } From 9e5a515aa8ca51a186db0df4c9d1c3f625306dd1 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 26 Apr 2018 12:07:35 +0300 Subject: [PATCH 0145/2197] Fix parameter validation --- library/psa_crypto.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 11a805e55..005b9feb4 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1489,6 +1489,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; + if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); @@ -1508,9 +1511,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; - if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, ( const unsigned char * )slot->data.raw.data, key_bits ); @@ -1536,8 +1536,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, else if( alg == PSA_ALG_CCM ) { mbedtls_ccm_context ccm; - if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1587,6 +1585,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; + if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); @@ -1606,8 +1607,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; - if( plaintext_size < ( ciphertext_length + 8 + sizeof( tag ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, @@ -1635,8 +1634,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, else if( alg == PSA_ALG_CCM ) { mbedtls_ccm_context ccm; - if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); From ce5cba9a6aeac759ebd5d624586185b2fecbf971 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 26 Apr 2018 12:08:21 +0300 Subject: [PATCH 0146/2197] unify the concatenation of the tag and update output length --- library/psa_crypto.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 005b9feb4..c0ef1c54f 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1562,6 +1562,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_ccm_free( &ccm ); } memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) ); + *ciphertext_length = plaintext_length + sizeof( tag ); return( PSA_SUCCESS ); } @@ -1629,7 +1630,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } mbedtls_gcm_free( &gcm ); - memcpy( plaintext + ciphertext_length + 8, tag, sizeof( tag ) ); } else if( alg == PSA_ALG_CCM ) { @@ -1659,8 +1659,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } mbedtls_ccm_free( &ccm ); - memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) ); } + + memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) ); + *plaintext_length = ciphertext_length + sizeof( tag ); return( PSA_SUCCESS ); } From 579d35900798077c201b4fc17ffe7eba036691ed Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 08:51:35 +0300 Subject: [PATCH 0147/2197] remove psa_aead_encrypt_setup from header file remove psa_aead_encrypt_setup from header file --- include/psa/crypto.h | 51 -------------------------------------------- 1 file changed, 51 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7fc14a222..cd86080c1 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1072,57 +1072,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /** \defgroup aead Authenticated encryption with associated data (AEAD) * @{ */ -/** Set the key for a multipart authenticated encryption operation. - * - * The sequence of operations to authenticate-and-encrypt a message - * is as follows: - * -# Allocate an operation object which will be passed to all the functions - * listed here. - * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. - * The key remains associated with the operation even if the content - * of the key slot changes. - * -# Call either psa_aead_generate_iv() or psa_aead_set_iv() to - * generate or set the IV (initialization vector). You should use - * psa_encrypt_generate_iv() unless the protocol you are implementing - * requires a specific IV value. - * -# Call psa_aead_update_ad() to pass the associated data that is - * to be authenticated but not encrypted. You may omit this step if - * there is no associated data. - * -# Call psa_aead_update() zero, one or more times, passing a fragment - * of the data to encrypt each time. - * -# Call psa_aead_finish(). - * - * The application may call psa_aead_abort() at any time after the operation - * has been initialized with psa_aead_encrypt_setup(). - * - * After a successful call to psa_aead_encrypt_setup(), the application must - * eventually terminate the operation. The following events terminate an - * operation: - * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(), - * psa_aead_update_ad() or psa_aead_update(). - * - A call to psa_aead_finish() or psa_aead_abort(). - * - * \param operation - * \param alg The AEAD algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_AEAD(alg) is true). - * - * \retval PSA_SUCCESS - * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not an AEAD algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED - */ -psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg); - /** Process an integrated authenticated encryption operation. * * \param operation From 9112693930a8575c44863a83bdeccf150912cfa7 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 11:10:16 +0300 Subject: [PATCH 0148/2197] aead test scenario --- tests/suites/test_suite_psa_crypto.function | 70 +++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 04a95d4f8..4721c87f3 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -573,3 +573,73 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void aead_encrypt_decrypt( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + cahr* additional_data, int additional_data_length ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_length; + unsigned char *output_data2 = NULL; + size_t output_length2; + psa_status_t actual_status; + uint8_t* nonce = NULL; + size_t nonce_length = 16; + size_t tag_length = 16; + + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + output_data = mbedtls_calloc( 1, input_size + tag_length ); + TEST_ASSERT( output_data != NULL ); + if( alg == PSA_ALG_CCM ) + { + nonce_length = 12; + } + nonce = mbedtls_calloc( 1, nonce_length ); + TEST_ASSERT( nonce != NULL ); + for( int i = 0; i < nonce_length; ++nonce_length ) + nonce[i] = i; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_aead_encrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + input_data, input_size, output_data, + input_size, &output_length ) ); + + output_data2 = mbedtls_calloc( 1, output_length ); + TEST_ASSERT( output_data2 != NULL ); + + TEST_ASSERT( psa_aead_decrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + output_data, output_length - tag_length, output_data2, + output_length, &output_length2 ) ); + + TEST_ASSERT( memcmp( input, output_data2, + input_size ) == 0 ); + + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( signature ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From db6247315fb944c1aca0389ba18525a72112a352 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 17:21:50 +0300 Subject: [PATCH 0149/2197] Parameters validation fixes Fix key_type validation test and no need to ask for place for tag in decryption --- library/psa_crypto.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c0ef1c54f..2650fffe6 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1503,8 +1503,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if ( key_type != PSA_KEY_TYPE_RAW_DATA) - return( PSA_ERROR_BAD_STATE ); + if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) + return( PSA_ERROR_INVALID_ARGUMENT ); operation->block_size = cipher_info->block_size; @@ -1586,7 +1587,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; - if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) ) + if( plaintext_size < ciphertext_length ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_information( key, &key_type, &key_bits ); From 6bbd8c75dcf1460bb499c8ba4037309a0817350f Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 17:22:52 +0300 Subject: [PATCH 0150/2197] Remove unnecessary cast Remove unnecessary cast --- library/psa_crypto.c | 37 +++++++++++++++---------------------- 1 file changed, 15 insertions(+), 22 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2650fffe6..7589432c9 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1521,11 +1521,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, - plaintext_length, ( const unsigned char* )nonce , - nonce_length, ( const unsigned char* )additional_data, - additional_data_length, - ( const unsigned char* ) plaintext, - ( unsigned char* )ciphertext, sizeof( tag ), tag ); + plaintext_length, nonce , + nonce_length, additional_data, + additional_data_length, plaintext, + ciphertext, sizeof( tag ), tag ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); @@ -1542,18 +1541,16 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, - ( const unsigned char * )slot->data.raw.data, key_bits ); + slot->data.raw.data, key_bits ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, - ( const unsigned char* )nonce , - nonce_length, ( const unsigned char* )additional_data, + nonce , nonce_length, additional_data, additional_data_length, - ( const unsigned char* ) plaintext, - ( unsigned char* )ciphertext, sizeof( tag ), tag ); + plaintext, ciphertext, sizeof( tag ), tag ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); @@ -1612,18 +1609,16 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, - ( const unsigned char * )slot->data.raw.data, key_bits ); + slot->data.raw.data, key_bits ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT, - ciphertext_length, ( const unsigned char* )nonce , - nonce_length, ( const unsigned char* )additional_data, - additional_data_length, - ( const unsigned char* )ciphertext, - ( unsigned char* )plaintext, sizeof( tag ), tag ); + ciphertext_length, nonce , nonce_length, + additional_data, additional_data_length, + ciphertext, plaintext, sizeof( tag ), tag ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); @@ -1641,18 +1636,16 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, - ( const unsigned char * )slot->data.raw.data, key_bits ); + slot->data.raw.data, key_bits ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, - ( const unsigned char* )nonce , - nonce_length, ( const unsigned char* )additional_data, - additional_data_length, - ( const unsigned char* )ciphertext , - ( unsigned char* )plaintext, sizeof( tag ), tag ); + nonce , nonce_length, additional_data, + additional_data_length, ciphertext , + plaintext, sizeof( tag ), tag ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); From 4f5eb7cb5411fea304a10f1eadaa9ddeded16395 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 17:23:47 +0300 Subject: [PATCH 0151/2197] Fill the the output buffer with zero data in case of failure --- library/psa_crypto.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7589432c9..0ed9dd9bf 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1528,6 +1528,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( ret != 0 ) { mbedtls_gcm_free( &gcm ); + mbedtls_zeroize( ciphertext, plaintext_length ); return( mbedtls_to_psa_error( ret ) ); } @@ -1554,6 +1555,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( ret != 0 ) { mbedtls_ccm_free( &ccm ); + mbedtls_zeroize( ciphertext, plaintext_length ); return( mbedtls_to_psa_error( ret ) ); } @@ -1622,6 +1624,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( ret != 0 ) { mbedtls_gcm_free( &gcm ); + mbedtls_zeroize( plaintext, ciphertext_length ); return( mbedtls_to_psa_error( ret ) ); } @@ -1649,14 +1652,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( ret != 0 ) { mbedtls_ccm_free( &ccm ); + mbedtls_zeroize( plaintext, ciphertext_length ); return( mbedtls_to_psa_error( ret ) ); } mbedtls_ccm_free( &ccm ); } - memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) ); - *plaintext_length = ciphertext_length + sizeof( tag ); + *plaintext_length = ciphertext_length; return( PSA_SUCCESS ); } From 091e73b22b4759d938ee0afeb9bf6d7b112fd861 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 17:24:39 +0300 Subject: [PATCH 0152/2197] Fix usage of TEST_ASSERT Add missing == PSA_SUCCESS in TEST_ASSERT usage --- tests/suites/test_suite_psa_crypto.function | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4721c87f3..6376e5659 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -591,7 +591,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, unsigned char *output_data2 = NULL; size_t output_length2; psa_status_t actual_status; - uint8_t* nonce = NULL; + uint8_t nonce[16]; size_t nonce_length = 16; size_t tag_length = 16; @@ -606,8 +606,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, { nonce_length = 12; } - nonce = mbedtls_calloc( 1, nonce_length ); - TEST_ASSERT( nonce != NULL ); + for( int i = 0; i < nonce_length; ++nonce_length ) nonce[i] = i; @@ -620,7 +619,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, nonce, nonce_length, additional_data, additional_data_length, input_data, input_size, output_data, - input_size, &output_length ) ); + input_size, &output_length ) == PSA_SUCCESS ); output_data2 = mbedtls_calloc( 1, output_length ); TEST_ASSERT( output_data2 != NULL ); @@ -629,7 +628,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, nonce, nonce_length, additional_data, additional_data_length, output_data, output_length - tag_length, output_data2, - output_length, &output_length2 ) ); + output_length, &output_length2 ) == PSA_SUCCESS ); TEST_ASSERT( memcmp( input, output_data2, input_size ) == 0 ); From a7e6df76ead156437d97aa592aa8bbec28f77b9d Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 30 Apr 2018 17:25:45 +0300 Subject: [PATCH 0153/2197] Validation fixes for key_type --- library/psa_crypto.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0ed9dd9bf..33e265766 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1600,8 +1600,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if ( key_type != PSA_KEY_TYPE_RAW_DATA) - return( PSA_ERROR_BAD_STATE ); + if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) + return( PSA_ERROR_INVALID_ARGUMENT ); operation->block_size = cipher_info->block_size; From dad36fa855e17a039e1f8f1a5671093a8255808b Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 02:24:42 -0700 Subject: [PATCH 0154/2197] add Key and Algorithm validation --- include/psa/crypto.h | 1 + library/psa_crypto.c | 38 +++++++++++++++++++++++++++----------- 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cd86080c1..deeab4a64 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -143,6 +143,7 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) +#define PSA_KEY_TYPE_CATEGORY_CIPHER ((psa_key_type_t)0x04000000) #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) #define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 33e265766..7d70d534a 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1488,7 +1488,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; - + mbedtls_cipher_id_t cipher_id; + if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1497,6 +1498,15 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; + if ( key_type == PSA_KEY_TYPE_AES ) + { + cipher_id = MBEDTLS_CIPHER_ID_AES; + } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + //TODO: check key policy cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); @@ -1507,13 +1517,11 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); - operation->block_size = cipher_info->block_size; - if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; mbedtls_gcm_init( &gcm ); - ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, + ret = mbedtls_gcm_setkey( &gcm, cipher_id, ( const unsigned char * )slot->data.raw.data, key_bits ); if( ret != 0 ) { @@ -1541,7 +1549,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &ccm ); - ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, + ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); if( ret != 0 ) { @@ -1551,7 +1559,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, nonce , nonce_length, additional_data, additional_data_length, - plaintext, ciphertext, sizeof( tag ), tag ); + plaintext, ciphertext, tag, sizeof( tag ) ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); @@ -1585,6 +1593,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; + mbedtls_cipher_id_t cipher_id; if( plaintext_size < ciphertext_length ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1594,6 +1603,15 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; + if ( key_type == PSA_KEY_TYPE_AES ) + { + cipher_id = MBEDTLS_CIPHER_ID_AES; + } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + //TODO: check key policy cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); @@ -1604,14 +1622,12 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); - operation->block_size = cipher_info->block_size; - if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; mbedtls_gcm_init( &gcm ); - ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, + ret = mbedtls_gcm_setkey( &gcm, cipher_id, slot->data.raw.data, key_bits ); if( ret != 0 ) { @@ -1639,7 +1655,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &ccm ); - ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, + ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); if( ret != 0 ) { @@ -1649,7 +1665,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, nonce , nonce_length, additional_data, additional_data_length, ciphertext , - plaintext, sizeof( tag ), tag ); + plaintext, tag, sizeof( tag ) ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); From bdd892aef57c341d1b9d26cc189ec1f6cae39b73 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 02:26:51 -0700 Subject: [PATCH 0155/2197] Add test scenario --- tests/suites/test_suite_psa_crypto.data | 3 +++ tests/suites/test_suite_psa_crypto.function | 17 ++++++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c3f5f9001..3e80c9072 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -120,3 +120,6 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"307802010 PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" + +PSA AEAD Encrypt-Decrypt, first scenario +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6376e5659..f6a0d2208 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -575,9 +575,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, - cahr* additional_data, int additional_data_length ) +void aead_encrypt_decrypt( int key_type_arg, char * key_hex, + int alg_arg, char * input_hex, + char * add_data ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -590,16 +590,20 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, size_t output_length; unsigned char *output_data2 = NULL; size_t output_length2; - psa_status_t actual_status; uint8_t nonce[16]; size_t nonce_length = 16; size_t tag_length = 16; + unsigned char *additional_data = NULL; + size_t additional_data_length = 0; + size_t i = 0; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); + additional_data = unhexify_alloc( add_data, &additional_data_length ); + TEST_ASSERT( input_data != NULL ); output_data = mbedtls_calloc( 1, input_size + tag_length ); TEST_ASSERT( output_data != NULL ); if( alg == PSA_ALG_CCM ) @@ -607,7 +611,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, nonce_length = 12; } - for( int i = 0; i < nonce_length; ++nonce_length ) + for( ; i < nonce_length; ++nonce_length ) nonce[i] = i; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -630,7 +634,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex, output_data, output_length - tag_length, output_data2, output_length, &output_length2 ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( input, output_data2, + TEST_ASSERT( memcmp( input_data, output_data2, input_size ) == 0 ); @@ -638,7 +642,6 @@ exit: psa_destroy_key( slot ); mbedtls_free( key_data ); mbedtls_free( input_data ); - mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 17638efc469ffbb40b248df47c1351bb0c3dcf9f Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 04:58:00 -0700 Subject: [PATCH 0156/2197] remove unused variable --- library/psa_crypto.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7d70d534a..45f55638b 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1486,7 +1486,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; mbedtls_cipher_id_t cipher_id; @@ -1509,9 +1508,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //TODO: check key policy - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) @@ -1591,7 +1587,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - const mbedtls_cipher_info_t *cipher_info = NULL; unsigned char tag[16]; mbedtls_cipher_id_t cipher_id; @@ -1614,9 +1609,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, //TODO: check key policy - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) From e58e68458e6051c5c4a2d9222fd03787ca29a02f Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 04:58:32 -0700 Subject: [PATCH 0157/2197] fix condition over key type --- library/psa_crypto.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 45f55638b..5810853cb 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1488,7 +1488,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t key_bits; unsigned char tag[16]; mbedtls_cipher_id_t cipher_id; - + if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1508,9 +1508,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //TODO: check key policy - - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1609,9 +1608,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, //TODO: check key policy - - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) From d973472a37647e52913729a8d0d10c5da2d3ffca Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 04:59:26 -0700 Subject: [PATCH 0158/2197] Fix loop index and output size parameter value --- tests/suites/test_suite_psa_crypto.function | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f6a0d2208..d366608c8 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -587,6 +587,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, unsigned char *input_data = NULL; size_t input_size; unsigned char *output_data = NULL; + size_t output_size = 0; size_t output_length; unsigned char *output_data2 = NULL; size_t output_length2; @@ -604,14 +605,15 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( input_data != NULL ); additional_data = unhexify_alloc( add_data, &additional_data_length ); TEST_ASSERT( input_data != NULL ); - output_data = mbedtls_calloc( 1, input_size + tag_length ); + output_size = input_size + tag_length; + output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); if( alg == PSA_ALG_CCM ) { nonce_length = 12; } - for( ; i < nonce_length; ++nonce_length ) + for( ; i < nonce_length; ++i ) nonce[i] = i; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -623,7 +625,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, nonce, nonce_length, additional_data, additional_data_length, input_data, input_size, output_data, - input_size, &output_length ) == PSA_SUCCESS ); + output_size, &output_length ) == PSA_SUCCESS ); output_data2 = mbedtls_calloc( 1, output_length ); TEST_ASSERT( output_data2 != NULL ); From 5c8845f5635d0fca6a25cca89880be0efde884cb Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 05:40:09 -0700 Subject: [PATCH 0159/2197] return invalid argument for unsupported algorithms --- library/psa_crypto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5810853cb..aaaa8a53c 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1564,6 +1564,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_ccm_free( &ccm ); } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) ); *ciphertext_length = plaintext_length + sizeof( tag ); return( PSA_SUCCESS ); From f07db2e919742d760e60409054524c16f387cfda Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 9 May 2018 05:41:08 -0700 Subject: [PATCH 0160/2197] Add more test scenario for GCM and failure cases --- tests/suites/test_suite_psa_crypto.data | 19 +++++++++++++++++-- tests/suites/test_suite_psa_crypto.function | 13 +++++++++---- 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3e80c9072..05d579a38 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -121,5 +121,20 @@ PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA AEAD Encrypt-Decrypt, first scenario -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B" +PSA AEAD Encrypt-Decrypt, AES CCM scenario 1 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, AES CCM scenario 2 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, AES GCM scenario 1 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, AES GCM scenario 2 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type +aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT + +PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d366608c8..9a6004a49 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -577,7 +577,7 @@ exit: /* BEGIN_CASE */ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, int alg_arg, char * input_hex, - char * add_data ) + char * add_data, int expected_result ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -625,7 +625,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, nonce, nonce_length, additional_data, additional_data_length, input_data, input_size, output_data, - output_size, &output_length ) == PSA_SUCCESS ); + output_size, &output_length ) == ( psa_status_t )expected_result ); output_data2 = mbedtls_calloc( 1, output_length ); TEST_ASSERT( output_data2 != NULL ); @@ -634,16 +634,21 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, nonce, nonce_length, additional_data, additional_data_length, output_data, output_length - tag_length, output_data2, - output_length, &output_length2 ) == PSA_SUCCESS ); + output_length, &output_length2 ) == ( psa_status_t )expected_result ); - TEST_ASSERT( memcmp( input_data, output_data2, + if( expected_result == 0 ) + { + TEST_ASSERT( memcmp( input_data, output_data2, input_size ) == 0 ); + } exit: psa_destroy_key( slot ); mbedtls_free( key_data ); mbedtls_free( input_data ); + mbedtls_free( additional_data ); + mbedtls_free( output_data ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 9b071325913e9c1786c41510d0c4769dca6c7665 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 31 May 2018 03:18:45 -0700 Subject: [PATCH 0161/2197] remove compilation warnings --- tests/suites/test_suite_psa_crypto.function | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9a6004a49..b592c6eca 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -577,7 +577,8 @@ exit: /* BEGIN_CASE */ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, int alg_arg, char * input_hex, - char * add_data, int expected_result ) + char * add_data + , int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -597,6 +598,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, unsigned char *additional_data = NULL; size_t additional_data_length = 0; size_t i = 0; + psa_status_t expected_result = (psa_status_t) expected_result_arg; key_data = unhexify_alloc( key_hex, &key_size ); @@ -625,7 +627,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, nonce, nonce_length, additional_data, additional_data_length, input_data, input_size, output_data, - output_size, &output_length ) == ( psa_status_t )expected_result ); + output_size, &output_length ) == expected_result ); output_data2 = mbedtls_calloc( 1, output_length ); TEST_ASSERT( output_data2 != NULL ); @@ -634,9 +636,9 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, nonce, nonce_length, additional_data, additional_data_length, output_data, output_length - tag_length, output_data2, - output_length, &output_length2 ) == ( psa_status_t )expected_result ); + output_length, &output_length2 ) == expected_result ); - if( expected_result == 0 ) + if( PSA_SUCCESS == expected_result ) { TEST_ASSERT( memcmp( input_data, output_data2, input_size ) == 0 ); @@ -649,6 +651,7 @@ exit: mbedtls_free( input_data ); mbedtls_free( additional_data ); mbedtls_free( output_data ); + mbedtls_free( output_data2 ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 39574652ae0d9ed1b1558b150f1347727260b00b Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Fri, 1 Jun 2018 04:39:53 -0700 Subject: [PATCH 0162/2197] add else for not supported algorithm --- library/psa_crypto.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index aaaa8a53c..beb5f559d 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1669,7 +1669,11 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_ccm_free( &ccm ); } - + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + *plaintext_length = ciphertext_length; return( PSA_SUCCESS ); } From e797945ea9f0c64c725effd551af34b76ea5a40b Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Fri, 1 Jun 2018 04:41:03 -0700 Subject: [PATCH 0163/2197] initialize length variables and process decrypt only when encrypts passes --- tests/suites/test_suite_psa_crypto.function | 25 +++++++++++---------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b592c6eca..93bb9cc2a 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -589,9 +589,9 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, size_t input_size; unsigned char *output_data = NULL; size_t output_size = 0; - size_t output_length; + size_t output_length = 0; unsigned char *output_data2 = NULL; - size_t output_length2; + size_t output_length2 = 0; uint8_t nonce[16]; size_t nonce_length = 16; size_t tag_length = 16; @@ -629,19 +629,20 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, input_data, input_size, output_data, output_size, &output_length ) == expected_result ); - output_data2 = mbedtls_calloc( 1, output_length ); - TEST_ASSERT( output_data2 != NULL ); - - TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - output_data, output_length - tag_length, output_data2, - output_length, &output_length2 ) == expected_result ); - if( PSA_SUCCESS == expected_result ) { + output_data2 = mbedtls_calloc( 1, output_length ); + TEST_ASSERT( output_data2 != NULL ); + + TEST_ASSERT( psa_aead_decrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + output_data, output_length - tag_length, output_data2, + output_length, &output_length2 ) == expected_result ); + + TEST_ASSERT( memcmp( input_data, output_data2, - input_size ) == 0 ); + input_size ) == 0 ); } From 20399393a5190a6b921fa4448d60777584480b67 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Fri, 1 Jun 2018 04:41:27 -0700 Subject: [PATCH 0164/2197] add psa_crypto to test suites --- tests/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 58126bedc..d8b74f227 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -110,6 +110,7 @@ add_test_suite(pk) add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) +add_test_suite(psa_crypto) add_test_suite(shax) add_test_suite(ssl) add_test_suite(timing) From a40d77477de223beba1c50fd8b3db42de0bfac5a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Jun 2018 16:28:30 +0200 Subject: [PATCH 0165/2197] Whitespace fixes Changed indentation to match Mbed TLS style. Wrapped some lines to 80 columns. --- library/psa_crypto.c | 55 +++++++++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 26 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index beb5f559d..ba43e1968 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1490,7 +1490,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_cipher_id_t cipher_id; if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1509,25 +1509,26 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //TODO: check key policy if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; mbedtls_gcm_init( &gcm ); - ret = mbedtls_gcm_setkey( &gcm, cipher_id, - ( const unsigned char * )slot->data.raw.data, key_bits ); + ret = mbedtls_gcm_setkey( &gcm, cipher_id, + ( const unsigned char * )slot->data.raw.data, + key_bits ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, - plaintext_length, nonce , - nonce_length, additional_data, - additional_data_length, plaintext, - ciphertext, sizeof( tag ), tag ); + plaintext_length, nonce, + nonce_length, additional_data, + additional_data_length, plaintext, + ciphertext, sizeof( tag ), tag ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); @@ -1544,17 +1545,18 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &ccm ); - ret = mbedtls_ccm_setkey( &ccm, cipher_id, + ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); return( mbedtls_to_psa_error( ret ) ); } - ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, - nonce , nonce_length, additional_data, - additional_data_length, - plaintext, ciphertext, tag, sizeof( tag ) ); + ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, + nonce, nonce_length, additional_data, + additional_data_length, + plaintext, ciphertext, + tag, sizeof( tag ) ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); @@ -1594,7 +1596,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_cipher_id_t cipher_id; if( plaintext_size < ciphertext_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1613,7 +1615,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, //TODO: check key policy if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1621,7 +1623,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_gcm_context gcm; mbedtls_gcm_init( &gcm ); - ret = mbedtls_gcm_setkey( &gcm, cipher_id, + ret = mbedtls_gcm_setkey( &gcm, cipher_id, slot->data.raw.data, key_bits ); if( ret != 0 ) { @@ -1629,9 +1631,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT, - ciphertext_length, nonce , nonce_length, - additional_data, additional_data_length, - ciphertext, plaintext, sizeof( tag ), tag ); + ciphertext_length, nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, plaintext, + sizeof( tag ), tag ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); @@ -1644,22 +1647,22 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, else if( alg == PSA_ALG_CCM ) { mbedtls_ccm_context ccm; - + if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &ccm ); - ret = mbedtls_ccm_setkey( &ccm, cipher_id, + ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); return( mbedtls_to_psa_error( ret ) ); } - ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, - nonce , nonce_length, additional_data, - additional_data_length, ciphertext , - plaintext, tag, sizeof( tag ) ); + ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, + nonce, nonce_length, additional_data, + additional_data_length, ciphertext, + plaintext, tag, sizeof( tag ) ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); @@ -1673,7 +1676,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, { return( PSA_ERROR_INVALID_ARGUMENT ); } - + *plaintext_length = ciphertext_length; return( PSA_SUCCESS ); } From 1e7d8f1b09f26776c6734b16280ae7affbaad75d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Jun 2018 16:29:38 +0200 Subject: [PATCH 0166/2197] Document AEAD functions Write documentation for psa_aead_encrypt and psa_aead_decrypt. Define macros PSA_AEAD_ENCRYPT_OUTPUT_SIZE and PSA_AEAD_DECRYPT_OUTPUT_SIZE (untested). --- include/psa/crypto.h | 82 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 78 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index deeab4a64..af1ab37c4 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1073,11 +1073,39 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /** \defgroup aead Authenticated encryption with associated data (AEAD) * @{ */ -/** Process an integrated authenticated encryption operation. + +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ + ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 : \ + (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 : \ + 0) + +/** Process an authenticated encryption operation. * - * \param operation - * \param alg The AEAD algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_AEAD(alg) is true). + * \param key Slot containing the key to use. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * \param nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param additional_data Additional data that will be authenticated + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param plaintext Data that will be authenticated and + * encrypted. + * \param plaintext_length Size of \p plaintext in bytes. + * \param ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is not + * part of this output. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate outputs, the + * authentication tag is appended to the + * encrypted data. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, + * \p plaintext_length). + * \param ciphertext_length On success, the size of the output + * in the \b ciphertext buffer. * * \retval PSA_SUCCESS * Success. @@ -1104,6 +1132,52 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t ciphertext_size, size_t *ciphertext_length ); +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 : \ + (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 : \ + 0) + +/** Process an authenticated decryption operation. + * + * \param key Slot containing the key to use. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * \param nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param additional_data Additional data that has been authenticated + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param ciphertext Data that has been authenticated and + * encrypted. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate inputs, the buffer + * must contain the encrypted data followed + * by the authentication tag. + * \param ciphertext_length Size of \p ciphertext in bytes. + * \param plaintext Output buffer for the decrypted data. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, + * \p ciphertext_length). + * \param plaintext_length On success, the size of the output + * in the \b plainrtext buffer. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_INVALID_SIGNATURE + * The ciphertext is not authentic. + * \retval PSA_ERROR_NOT_PERMITTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not an AEAD algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_aead_decrypt( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, From 36a74b71a0c4b5514e0b066d4d461fc0d20b768c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Jun 2018 16:30:32 +0200 Subject: [PATCH 0167/2197] Fix Doxygen comments to pass clang -Wdocumentation --- include/psa/crypto.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index af1ab37c4..d916cffb9 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -711,7 +711,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * - A failed call to psa_hash_update(). * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort(). * - * \param operation + * \param operation The operation object to use. * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_HASH(alg) is true). * @@ -904,7 +904,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * - A failed call to psa_mac_update(). * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort(). * - * \param operation + * \param operation The operation object to use. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). * @@ -980,7 +980,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * or psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * - * \param operation + * \param operation The operation object to use. * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_CIPHER(alg) is true). * @@ -1027,7 +1027,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * - A failed call to psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * - * \param operation + * \param operation The operation object to use. * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_CIPHER(alg) is true). * From ee652a344cc4f19b2e557766f3e11265dbbc38a4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Jun 2018 19:23:52 +0200 Subject: [PATCH 0168/2197] Fix psa_aead_decrypt to read the tag at the end of the ciphertext --- library/psa_crypto.c | 86 ++++++++++++++------- tests/suites/test_suite_psa_crypto.function | 2 +- 2 files changed, 60 insertions(+), 28 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ba43e1968..b5208f0d0 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1544,6 +1544,14 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); + tag_length = 16; + status = psa_aead_unpadded_locate_tag( tag_length, + ciphertext, ciphertext_length, + plaintext_size, plaintext_length, + &tag ); + if( status != PSA_SUCCESS ) + return( status ); + mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); @@ -1575,6 +1583,29 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( PSA_SUCCESS ); } +/* Locate the tag in a ciphertext buffer containing the encrypted data + * followed by the tag. Return the length of the part preceding the tag in + * *plaintext_length. This is the size of the plaintext in modes where + * the encrypted data has the same size as the plaintext, such as + * CCM and GCM. */ +static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t **p_tag ) +{ + size_t payload_length; + if( tag_length > ciphertext_length ) + return( PSA_ERROR_INVALID_ARGUMENT ); + payload_length = ciphertext_length - tag_length; + if( payload_length > plaintext_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + *p_tag = ciphertext + payload_length; + *plaintext_length = payload_length; + return( PSA_SUCCESS ); +} + psa_status_t psa_aead_decrypt( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, @@ -1592,11 +1623,11 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - unsigned char tag[16]; + const uint8_t *tag; + size_t tag_length; mbedtls_cipher_id_t cipher_id; - if( plaintext_size < ciphertext_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + *plaintext_length = 0; status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1622,6 +1653,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, { mbedtls_gcm_context gcm; + tag_length = 16; + status = psa_aead_unpadded_locate_tag( tag_length, + ciphertext, ciphertext_length, + plaintext_size, plaintext_length, + &tag ); + if( status != PSA_SUCCESS ) + return( status ); + mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_id, slot->data.raw.data, key_bits ); @@ -1630,18 +1669,13 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_gcm_free( &gcm ); return( mbedtls_to_psa_error( ret ) ); } - ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT, - ciphertext_length, nonce, nonce_length, - additional_data, additional_data_length, - ciphertext, plaintext, - sizeof( tag ), tag ); - if( ret != 0 ) - { - mbedtls_gcm_free( &gcm ); - mbedtls_zeroize( plaintext, ciphertext_length ); - return( mbedtls_to_psa_error( ret ) ); - } + ret = mbedtls_gcm_auth_decrypt( &gcm, + *plaintext_length, + nonce, nonce_length, + additional_data, additional_data_length, + tag, tag_length, + ciphertext, plaintext ); mbedtls_gcm_free( &gcm ); } else if( alg == PSA_ALG_CCM ) @@ -1659,17 +1693,11 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_ccm_free( &ccm ); return( mbedtls_to_psa_error( ret ) ); } - ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, - nonce, nonce_length, additional_data, - additional_data_length, ciphertext, - plaintext, tag, sizeof( tag ) ); - if( ret != 0 ) - { - mbedtls_ccm_free( &ccm ); - mbedtls_zeroize( plaintext, ciphertext_length ); - return( mbedtls_to_psa_error( ret ) ); - } - + ret = mbedtls_ccm_auth_decrypt( &ccm, *plaintext_length, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, plaintext, + tag, tag_length ); mbedtls_ccm_free( &ccm ); } else @@ -1677,8 +1705,12 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); } - *plaintext_length = ciphertext_length; - return( PSA_SUCCESS ); + if( ret != 0 ) + { + mbedtls_zeroize( plaintext, *plaintext_length ); + *plaintext_length = 0; + } + return( mbedtls_to_psa_error( ret ) ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 93bb9cc2a..e36719d31 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -637,7 +637,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( psa_aead_decrypt( slot, alg, nonce, nonce_length, additional_data, additional_data_length, - output_data, output_length - tag_length, output_data2, + output_data, output_length, output_data2, output_length, &output_length2 ) == expected_result ); From 9375f8403a2ad8e082b6356dfa0cc65945ee3da2 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 14:28:24 +0300 Subject: [PATCH 0169/2197] fix code offsets after rebase --- library/psa_crypto.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b5208f0d0..e64b69116 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1544,14 +1544,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); - tag_length = 16; - status = psa_aead_unpadded_locate_tag( tag_length, - ciphertext, ciphertext_length, - plaintext_size, plaintext_length, - &tag ); - if( status != PSA_SUCCESS ) - return( status ); - mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); @@ -1685,6 +1677,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); + tag_length = 16; + status = psa_aead_unpadded_locate_tag( tag_length, + ciphertext, ciphertext_length, + plaintext_size, plaintext_length, + &tag ); + if( status != PSA_SUCCESS ) + return( status ); + mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); From 22898ba0bda0c016d35eab037700fe661a4e302f Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:03:52 +0300 Subject: [PATCH 0170/2197] remove duplicated definition --- include/psa/crypto.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d916cffb9..fc26e51fd 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -143,7 +143,6 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) -#define PSA_KEY_TYPE_CATEGORY_CIPHER ((psa_key_type_t)0x04000000) #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) #define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) From f4f0d612ba80e44cb5e6491b932b9d29d15c8b07 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:04:51 +0300 Subject: [PATCH 0171/2197] change mbedtls_cipher_info_from_psa to provide cipher_id also --- library/psa_crypto.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e64b69116..6c431586e 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -888,10 +888,11 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, - size_t key_bits ) + size_t key_bits, + mbedtls_cipher_id_t* cipher_id ) { - mbedtls_cipher_id_t cipher_id; mbedtls_cipher_mode_t mode; + mbedtls_cipher_id_t cipher_id_tmp; if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) { @@ -934,25 +935,27 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch( key_type ) { case PSA_KEY_TYPE_AES: - cipher_id = MBEDTLS_CIPHER_ID_AES; + cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; break; case PSA_KEY_TYPE_DES: if( key_bits == 64 ) - cipher_id = MBEDTLS_CIPHER_ID_DES; + cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; else - cipher_id = MBEDTLS_CIPHER_ID_3DES; + cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; break; case PSA_KEY_TYPE_CAMELLIA: - cipher_id = MBEDTLS_CIPHER_ID_CAMELLIA; + cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA; break; case PSA_KEY_TYPE_ARC4: - cipher_id = MBEDTLS_CIPHER_ID_ARC4; + cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4; break; default: return( NULL ); } + if( cipher_id != NULL ) + *cipher_id == cipher_id_tmp; - return( mbedtls_cipher_info_from_values( cipher_id, key_bits, mode ) ); + return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); } psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) @@ -1010,7 +1013,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( ! PSA_ALG_IS_HMAC( alg ) ) { - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); operation->mac_size = cipher_info->block_size; From f08a550e688b444f53e9d254671a113c06c50e1d Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:05:47 +0300 Subject: [PATCH 0172/2197] set output length to zero to cover output length in error case --- library/psa_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6c431586e..1123a78c1 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1491,6 +1491,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t key_bits; unsigned char tag[16]; mbedtls_cipher_id_t cipher_id; + *ciphertext_length = 0; if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); From 95893f834de554f7a5e04aba000cc799a74e2207 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:06:17 +0300 Subject: [PATCH 0173/2197] remove usless cast --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1123a78c1..eadd42890 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1521,7 +1521,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_gcm_context gcm; mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_id, - ( const unsigned char * )slot->data.raw.data, + slot->data.raw.data, key_bits ); if( ret != 0 ) { From 554faad2603d9b8c96dfd5ab4ae8348ca4a1ff3a Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:07:38 +0300 Subject: [PATCH 0174/2197] return NOT_SUPPORTED instead of INVLID_ARGUMENT --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index eadd42890..699b8f301 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1572,7 +1572,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, } else { - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_NOT_SUPPORTED ); } memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) ); *ciphertext_length = plaintext_length + sizeof( tag ); @@ -1706,7 +1706,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } else { - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_NOT_SUPPORTED ); } if( ret != 0 ) From f58aa6ade6ea13983fafbebbd780159a2c60d2f6 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:08:32 +0300 Subject: [PATCH 0175/2197] use memset instead of mbedtils_zeroize --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 699b8f301..ddeb36d59 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1564,7 +1564,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( ret != 0 ) { mbedtls_ccm_free( &ccm ); - mbedtls_zeroize( ciphertext, plaintext_length ); + memset( ciphertext, 0, plaintext_length ); return( mbedtls_to_psa_error( ret ) ); } @@ -1711,7 +1711,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( ret != 0 ) { - mbedtls_zeroize( plaintext, *plaintext_length ); + memset( plaintext, 0, *plaintext_length ); *plaintext_length = 0; } return( mbedtls_to_psa_error( ret ) ); From 0f21465175662498cf3f84a92a08f8fd65d36fc7 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:10:06 +0300 Subject: [PATCH 0176/2197] use mbedtls_cipher_info_from_psa to get cipher ID --- library/psa_crypto.c | 28 ++++++++++------------------ 1 file changed, 10 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ddeb36d59..317417d69 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1491,6 +1491,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t key_bits; unsigned char tag[16]; mbedtls_cipher_id_t cipher_id; + const mbedtls_cipher_info_t *cipher_info = NULL; + *ciphertext_length = 0; if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) @@ -1501,14 +1503,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; - if ( key_type == PSA_KEY_TYPE_AES ) - { - cipher_id = MBEDTLS_CIPHER_ID_AES; - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); + if( cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); //TODO: check key policy @@ -1622,7 +1619,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, const uint8_t *tag; size_t tag_length; mbedtls_cipher_id_t cipher_id; - + const mbedtls_cipher_info_t *cipher_info = NULL; + *plaintext_length = 0; status = psa_get_key_information( key, &key_type, &key_bits ); @@ -1630,15 +1628,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; - if ( key_type == PSA_KEY_TYPE_AES ) - { - cipher_id = MBEDTLS_CIPHER_ID_AES; - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); + if( cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); //TODO: check key policy if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER From 4fc744f8af1fef75f8d005584275dc3a6e209090 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 15:10:47 +0300 Subject: [PATCH 0177/2197] change the check of block size for all supported algorithms --- library/psa_crypto.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 317417d69..905b9a80f 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1509,8 +1509,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //TODO: check key policy - if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1633,8 +1633,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( PSA_ERROR_NOT_SUPPORTED ); //TODO: check key policy - if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) From 15223a8b899903d6a92a9af7dda35cb15ab13ecd Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 17:19:55 +0300 Subject: [PATCH 0178/2197] write the tag directly on the ciphertext buffer. --- library/psa_crypto.c | 54 ++++++++++++++++++++++++++------------------ 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 905b9a80f..8cf0df4ee 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1489,15 +1489,13 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - unsigned char tag[16]; + uint8_t *tag; + size_t tag_length; mbedtls_cipher_id_t cipher_id; const mbedtls_cipher_info_t *cipher_info = NULL; *ciphertext_length = 0; - if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); @@ -1516,6 +1514,15 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( alg == PSA_ALG_GCM ) { mbedtls_gcm_context gcm; + tag_length = 16; + + //make sure we have place to hold the tag in the ciphertext buffer + if( ciphertext_size < ( plaintext_length + tag_length ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + //update the tag pointer to point to the end of the ciphertext_length + tag = ciphertext + plaintext_length; + mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_id, slot->data.raw.data, @@ -1529,22 +1536,26 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, plaintext_length, nonce, nonce_length, additional_data, additional_data_length, plaintext, - ciphertext, sizeof( tag ), tag ); - if( ret != 0 ) - { - mbedtls_gcm_free( &gcm ); - mbedtls_zeroize( ciphertext, plaintext_length ); - return( mbedtls_to_psa_error( ret ) ); - } - + ciphertext, tag_length, tag ); mbedtls_gcm_free( &gcm ); } else if( alg == PSA_ALG_CCM ) { mbedtls_ccm_context ccm; + tag_length = 16; + if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); + //make sure we have place to hold the tag in the ciphertext buffer + if( ciphertext_size < ( plaintext_length + tag_length ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + //update the tag pointer to point to the end of the ciphertext_length + tag = ciphertext + plaintext_length; + + + mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); @@ -1557,22 +1568,21 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, nonce, nonce_length, additional_data, additional_data_length, plaintext, ciphertext, - tag, sizeof( tag ) ); - if( ret != 0 ) - { - mbedtls_ccm_free( &ccm ); - memset( ciphertext, 0, plaintext_length ); - return( mbedtls_to_psa_error( ret ) ); - } - + tag, tag_length ); mbedtls_ccm_free( &ccm ); } else { return( PSA_ERROR_NOT_SUPPORTED ); } - memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) ); - *ciphertext_length = plaintext_length + sizeof( tag ); + + if( ret != 0 ) + { + memset( ciphertext, 0, ciphertext_size ); + return( mbedtls_to_psa_error( ret ) ); + } + + *ciphertext_length = plaintext_length + tag_length; return( PSA_SUCCESS ); } From 60a64d079a0f3b15e13dbe99a7eac3db559acd07 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 17:20:42 +0300 Subject: [PATCH 0179/2197] remove unnecessary argument to the psa_aead_unpadded_locate_tag function --- library/psa_crypto.c | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8cf0df4ee..c5001f909 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -953,7 +953,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( return( NULL ); } if( cipher_id != NULL ) - *cipher_id == cipher_id_tmp; + *cipher_id = cipher_id_tmp; return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); } @@ -1595,7 +1595,6 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, const uint8_t *ciphertext, size_t ciphertext_length, size_t plaintext_size, - size_t *plaintext_length, const uint8_t **p_tag ) { size_t payload_length; @@ -1605,7 +1604,6 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, if( payload_length > plaintext_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); *p_tag = ciphertext + payload_length; - *plaintext_length = payload_length; return( PSA_SUCCESS ); } @@ -1654,8 +1652,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag_length = 16; status = psa_aead_unpadded_locate_tag( tag_length, ciphertext, ciphertext_length, - plaintext_size, plaintext_length, - &tag ); + plaintext_size, &tag ); if( status != PSA_SUCCESS ) return( status ); @@ -1669,7 +1666,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } ret = mbedtls_gcm_auth_decrypt( &gcm, - *plaintext_length, + ciphertext_length - tag_length, nonce, nonce_length, additional_data, additional_data_length, tag, tag_length, @@ -1686,8 +1683,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag_length = 16; status = psa_aead_unpadded_locate_tag( tag_length, ciphertext, ciphertext_length, - plaintext_size, plaintext_length, - &tag ); + plaintext_size, &tag ); if( status != PSA_SUCCESS ) return( status ); @@ -1699,7 +1695,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_ccm_free( &ccm ); return( mbedtls_to_psa_error( ret ) ); } - ret = mbedtls_ccm_auth_decrypt( &ccm, *plaintext_length, + ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length, nonce, nonce_length, additional_data, additional_data_length, ciphertext, plaintext, @@ -1712,10 +1708,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } if( ret != 0 ) - { - memset( plaintext, 0, *plaintext_length ); - *plaintext_length = 0; - } + memset( plaintext, 0, plaintext_size ); + else + *plaintext_length = ciphertext_length - tag_length; + return( mbedtls_to_psa_error( ret ) ); } From 4b26850a1575375c22494db1057cdc4d8951f203 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 19:01:25 +0300 Subject: [PATCH 0180/2197] fix tests according to the code changes in error value --- tests/suites/test_suite_psa_crypto.data | 4 ++-- tests/suites/test_suite_psa_crypto.function | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 05d579a38..4d67714ef 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -134,7 +134,7 @@ PSA AEAD Encrypt-Decrypt, AES GCM scenario 2 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type -aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT +aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e36719d31..10687cdbf 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -577,8 +577,7 @@ exit: /* BEGIN_CASE */ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, int alg_arg, char * input_hex, - char * add_data - , int expected_result_arg ) + char * add_data, int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; From f2525ebda769dcb2fe1cefd46177fb042c3946ee Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 3 Jun 2018 19:13:34 +0300 Subject: [PATCH 0181/2197] add encryption only test case --- tests/suites/test_suite_psa_crypto.data | 3 + tests/suites/test_suite_psa_crypto.function | 67 +++++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4d67714ef..ac9feefcc 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -138,3 +138,6 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED + +PSA AEAD Encrypt, AES CCM +aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 10687cdbf..a582b56c3 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -655,3 +655,70 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void aead_encrypt( int key_type_arg, char * key_hex, + int alg_arg, char * input_hex, + char * add_data, char * nonce_hex, + char * expected_result_hex ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + unsigned char *expected_result = NULL; + size_t expected_result_length = 0; + uint8_t* nonce = NULL; + size_t nonce_length = 0; + size_t tag_length = 16; + unsigned char *additional_data = NULL; + size_t additional_data_length = 0; + + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + additional_data = unhexify_alloc( add_data, &additional_data_length ); + TEST_ASSERT( input_data != NULL ); + output_size = input_size + tag_length; + output_data = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output_data != NULL ); + nonce = unhexify_alloc( nonce_hex, &nonce_length ); + TEST_ASSERT( nonce != NULL ); + expected_result = unhexify_alloc( expected_result_hex, &expected_result_length ); + TEST_ASSERT( expected_result != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_aead_encrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + input_data, input_size, output_data, + output_size, &output_length ) == PSA_SUCCESS ); + + + TEST_ASSERT( memcmp( output_data, expected_result, + output_length ) == 0 ); + + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( additional_data ); + mbedtls_free( output_data ); + mbedtls_free( nonce ); + mbedtls_free( expected_result ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 0317945a375abdbfc3a3a4fe0795002be551adb7 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 12:06:29 +0300 Subject: [PATCH 0182/2197] disable uncompleted tests --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ac9feefcc..494ebd504 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -139,5 +139,5 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED -PSA AEAD Encrypt, AES CCM -aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3" +#PSA AEAD Encrypt, AES CCM +#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3" From 96910d807ed73db0c5a06b5d17c07acd4c0120fd Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 14:33:00 +0300 Subject: [PATCH 0183/2197] fix block size depending on algorithm --- library/psa_crypto.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c5001f909..df0201b1d 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1507,8 +1507,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //TODO: check key policy - if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) ) + if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1516,6 +1515,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_gcm_context gcm; tag_length = 16; + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + //make sure we have place to hold the tag in the ciphertext buffer if( ciphertext_size < ( plaintext_length + tag_length ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1544,6 +1546,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_ccm_context ccm; tag_length = 16; + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( nonce_length < 7 || nonce_length > 13 ) return( PSA_ERROR_INVALID_ARGUMENT ); From f14394b25f19a7c3ad9e4809778ee36487f23e50 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 14:33:19 +0300 Subject: [PATCH 0184/2197] add policy checks --- library/psa_crypto.c | 7 +++++-- tests/suites/test_suite_psa_crypto.function | 14 ++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index df0201b1d..8207a9bc1 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1505,7 +1505,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - //TODO: check key policy + if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) + return( PSA_ERROR_NOT_PERMITTED ); if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1644,7 +1645,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - //TODO: check key policy + + if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) + return( PSA_ERROR_NOT_PERMITTED ); if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) ) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a582b56c3..16577dd91 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -598,6 +598,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, size_t additional_data_length = 0; size_t i = 0; psa_status_t expected_result = (psa_status_t) expected_result_arg; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); @@ -619,6 +620,12 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); @@ -679,6 +686,7 @@ void aead_encrypt( int key_type_arg, char * key_hex, size_t tag_length = 16; unsigned char *additional_data = NULL; size_t additional_data_length = 0; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); @@ -697,6 +705,12 @@ void aead_encrypt( int key_type_arg, char * key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); From ed8dbeb43462b2fd1b6860ae40dab232b2dbc80e Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 15:00:52 +0300 Subject: [PATCH 0185/2197] add and fix data vectors --- tests/suites/test_suite_psa_crypto.data | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 494ebd504..c0c5f92bc 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -139,5 +139,8 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED -#PSA AEAD Encrypt, AES CCM -#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3" +#PSA AEAD Encrypt, AES CCM - scenario 1 +#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" + +#PSA AEAD Encrypt, AES CCM - scenario 2 +#aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" From 371a6e4067fb0ddd1582caf9f22a20db8f20ac89 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 15:11:08 +0300 Subject: [PATCH 0186/2197] add decrypt tests for CCM --- tests/suites/test_suite_psa_crypto.data | 14 ++-- tests/suites/test_suite_psa_crypto.function | 74 +++++++++++++++++++++ 2 files changed, 84 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c0c5f92bc..4aafeffaa 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -139,8 +139,14 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED -#PSA AEAD Encrypt, AES CCM - scenario 1 -#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" +PSA AEAD Encrypt, AES CCM - scenario 1 +aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" -#PSA AEAD Encrypt, AES CCM - scenario 2 -#aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" +PSA AEAD Encrypt, AES CCM - scenario 2 +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" + +PSA AEAD Decrypt, AES CCM - scenario 1 +aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C" + +PSA AEAD Decrypt, AES CCM - scenario 2 +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 16577dd91..f276bee87 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -736,3 +736,77 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void aead_decrypt( int key_type_arg, char * key_hex, + int alg_arg, char * input_hex, + char * add_data, char * nonce_hex, + char * expected_result_hex ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + unsigned char *expected_result = NULL; + size_t expected_result_length = 0; + uint8_t* nonce = NULL; + size_t nonce_length = 0; + size_t tag_length = 16; + unsigned char *additional_data = NULL; + size_t additional_data_length = 0; + psa_key_policy_t policy = {0}; + + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + additional_data = unhexify_alloc( add_data, &additional_data_length ); + TEST_ASSERT( input_data != NULL ); + output_size = input_size + tag_length; + output_data = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output_data != NULL ); + nonce = unhexify_alloc( nonce_hex, &nonce_length ); + TEST_ASSERT( nonce != NULL ); + expected_result = unhexify_alloc( expected_result_hex, &expected_result_length ); + TEST_ASSERT( expected_result != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_aead_decrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + input_data, input_size, output_data, + output_size, &output_length ) == PSA_SUCCESS ); + + + TEST_ASSERT( memcmp( output_data, expected_result, + output_length ) == 0 ); + + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( additional_data ); + mbedtls_free( output_data ); + mbedtls_free( nonce ); + mbedtls_free( expected_result ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From c1ee32e1f4d742b5cbad44d23fdac75eea364ba2 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 16:21:56 +0300 Subject: [PATCH 0187/2197] add GCM test vectors encrypt/decrypt --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4aafeffaa..ae86bfa21 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -150,3 +150,15 @@ aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4C PSA AEAD Decrypt, AES CCM - scenario 2 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" + +PSA AEAD Encrypt, AES GCM - scenario 1 +aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" + +PSA AEAD Encrypt, AES GCM - scenario 2 +aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" + +PSA AEAD Decrypt, AES GCM - scenario 1 +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826" + +PSA AEAD Decrypt, AES GCM - scenario 2 +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013" From f7f72da7695056b7b9a9171681090f33ca2dc1f3 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Mon, 4 Jun 2018 16:32:11 +0300 Subject: [PATCH 0188/2197] add invalid signature test case --- tests/suites/test_suite_psa_crypto.data | 14 ++++++++++---- tests/suites/test_suite_psa_crypto.function | 21 +++++++++++++-------- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ae86bfa21..b75536c7a 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -146,10 +146,10 @@ PSA AEAD Encrypt, AES CCM - scenario 2 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" PSA AEAD Decrypt, AES CCM - scenario 1 -aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C" +aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS PSA AEAD Decrypt, AES CCM - scenario 2 -aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef" +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS PSA AEAD Encrypt, AES GCM - scenario 1 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" @@ -158,7 +158,13 @@ PSA AEAD Encrypt, AES GCM - scenario 2 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" PSA AEAD Decrypt, AES GCM - scenario 1 -aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826" +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS PSA AEAD Decrypt, AES GCM - scenario 2 -aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013" +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS + +PSA AEAD Decrypt, AES GCM - invalid signature +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE + +PSA AEAD Decrypt, AES CCM - invalid signature +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f276bee87..0e1662ff1 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -741,7 +741,7 @@ exit: void aead_decrypt( int key_type_arg, char * key_hex, int alg_arg, char * input_hex, char * add_data, char * nonce_hex, - char * expected_result_hex ) + char * expected_result_hex, int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -753,7 +753,7 @@ void aead_decrypt( int key_type_arg, char * key_hex, unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - unsigned char *expected_result = NULL; + unsigned char *expected_data = NULL; size_t expected_result_length = 0; uint8_t* nonce = NULL; size_t nonce_length = 0; @@ -761,6 +761,7 @@ void aead_decrypt( int key_type_arg, char * key_hex, unsigned char *additional_data = NULL; size_t additional_data_length = 0; psa_key_policy_t policy = {0}; + psa_status_t expected_result = (psa_status_t) expected_result_arg; key_data = unhexify_alloc( key_hex, &key_size ); @@ -774,8 +775,8 @@ void aead_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( output_data != NULL ); nonce = unhexify_alloc( nonce_hex, &nonce_length ); TEST_ASSERT( nonce != NULL ); - expected_result = unhexify_alloc( expected_result_hex, &expected_result_length ); - TEST_ASSERT( expected_result != NULL ); + expected_data = unhexify_alloc( expected_result_hex, &expected_result_length ); + TEST_ASSERT( expected_data != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -792,11 +793,15 @@ void aead_decrypt( int key_type_arg, char * key_hex, nonce, nonce_length, additional_data, additional_data_length, input_data, input_size, output_data, - output_size, &output_length ) == PSA_SUCCESS ); + output_size, &output_length ) == expected_result ); - TEST_ASSERT( memcmp( output_data, expected_result, - output_length ) == 0 ); + if ( expected_result == PSA_SUCCESS ) + { + TEST_ASSERT( memcmp( output_data, expected_data, + output_length ) == 0 ); + } + exit: @@ -806,7 +811,7 @@ exit: mbedtls_free( additional_data ); mbedtls_free( output_data ); mbedtls_free( nonce ); - mbedtls_free( expected_result ); + mbedtls_free( expected_data ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 5ed0621dd4c2cd77f534a64dd9e38a3f37d1aac8 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 6 Jun 2018 13:09:34 +0300 Subject: [PATCH 0189/2197] aligned with coding standards - line length --- library/psa_crypto.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8207a9bc1..3ee3f9d8d 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1501,14 +1501,16 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, + key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) + if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1642,15 +1644,18 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, + key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == + PSA_KEY_TYPE_CATEGORY_SYMMETRIC + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == + cipher_info->block_size ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1676,7 +1681,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, ret = mbedtls_gcm_auth_decrypt( &gcm, ciphertext_length - tag_length, nonce, nonce_length, - additional_data, additional_data_length, + additional_data, + additional_data_length, tag, tag_length, ciphertext, plaintext ); mbedtls_gcm_free( &gcm ); From 6b4d98cf78d1ba453c4a83dd999b2a002c37d1db Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 6 Jun 2018 13:19:51 +0300 Subject: [PATCH 0190/2197] remove trailing spaces --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3ee3f9d8d..190abe1ea 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1509,7 +1509,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1652,9 +1652,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) ) return( PSA_ERROR_INVALID_ARGUMENT ); From 8ffd764e23e39aa330c7d1c7f31774e20a672f73 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 6 Jun 2018 13:37:29 +0300 Subject: [PATCH 0191/2197] re-group test vectors and change vectors' names --- tests/suites/test_suite_psa_crypto.data | 42 ++++++++++++------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b75536c7a..2b466b164 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -121,50 +121,50 @@ PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA AEAD Encrypt-Decrypt, AES CCM scenario 1 +PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS -PSA AEAD Encrypt-Decrypt, AES CCM scenario 2 +PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS -PSA AEAD Encrypt-Decrypt, AES GCM scenario 1 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS - -PSA AEAD Encrypt-Decrypt, AES GCM scenario 2 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS - PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED -PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED - -PSA AEAD Encrypt, AES CCM - scenario 1 +PSA AEAD Encrypt, AES CCM - 23-bytes input aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" -PSA AEAD Encrypt, AES CCM - scenario 2 +PSA AEAD Encrypt, AES CCM - 24-bytes input aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" -PSA AEAD Decrypt, AES CCM - scenario 1 +PSA AEAD Decrypt, AES CCM - 39-bytes input aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS -PSA AEAD Decrypt, AES CCM - scenario 2 +PSA AEAD Decrypt, AES CCM - 40-bytes input aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS -PSA AEAD Encrypt, AES GCM - scenario 1 +PSA AEAD Decrypt, AES CCM - invalid signature +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE + +PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS + +PSA AEAD Encrypt, AES GCM - 128-bytes input - 1 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" -PSA AEAD Encrypt, AES GCM - scenario 2 +PSA AEAD Encrypt, AES GCM - 128-bytes input - 2 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" -PSA AEAD Decrypt, AES GCM - scenario 1 +PSA AEAD Decrypt, AES GCM - 144-bytes input - 1 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS -PSA AEAD Decrypt, AES GCM - scenario 2 +PSA AEAD Decrypt, AES GCM - 144-bytes input - 2 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS PSA AEAD Decrypt, AES GCM - invalid signature aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE -PSA AEAD Decrypt, AES CCM - invalid signature -aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE +PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED From fb5b9cbb8d79f80c49f80f213b51b2161aafe924 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 6 Jun 2018 13:44:27 +0300 Subject: [PATCH 0192/2197] add missing documentations --- include/psa/crypto.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fc26e51fd..c45fccd4b 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1073,6 +1073,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * @{ */ +// This macro calculates the encryption output size according to given algorithm #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 : \ (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 : \ @@ -1131,6 +1132,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t ciphertext_size, size_t *ciphertext_length ); +// This macro calculates the decryption output size according to given algorithm #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 : \ (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 : \ @@ -1160,7 +1162,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, * \p ciphertext_length). * \param plaintext_length On success, the size of the output - * in the \b plainrtext buffer. + * in the \b plaintext buffer. * * \retval PSA_SUCCESS * Success. From e3cb8a8d8b8667caa0e41131b27d19ceec1b8e66 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 6 Jun 2018 13:45:03 +0300 Subject: [PATCH 0193/2197] return PSA_ERROR_BUFFER_TOO_SMALL intead of PSA_ERROR_INVALID_ARGUMENT --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 190abe1ea..d507a53c8 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1523,7 +1523,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //make sure we have place to hold the tag in the ciphertext buffer if( ciphertext_size < ( plaintext_length + tag_length ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_BUFFER_TOO_SMALL ); //update the tag pointer to point to the end of the ciphertext_length tag = ciphertext + plaintext_length; @@ -1557,7 +1557,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //make sure we have place to hold the tag in the ciphertext buffer if( ciphertext_size < ( plaintext_length + tag_length ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_BUFFER_TOO_SMALL ); //update the tag pointer to point to the end of the ciphertext_length tag = ciphertext + plaintext_length; From a1d980168357d6554008b7bb29a3f15b3594e13f Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Wed, 6 Jun 2018 13:45:55 +0300 Subject: [PATCH 0194/2197] add slot validation --- library/psa_crypto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d507a53c8..f0439e3ec 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1500,6 +1500,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( status != PSA_SUCCESS ) return( status ); slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); @@ -1643,6 +1645,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( status != PSA_SUCCESS ) return( status ); slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); From e109f216383a8a7cbe737dc337becb617285b78f Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 7 Jun 2018 01:38:14 +0300 Subject: [PATCH 0195/2197] remove unnecessary check for block size --- library/psa_crypto.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f0439e3ec..ba1fd9d4c 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1657,9 +1657,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( PSA_ERROR_NOT_PERMITTED ); if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == - PSA_KEY_TYPE_CATEGORY_SYMMETRIC - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == - cipher_info->block_size ) ) + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) From 1347a73fbe09927c7187dcfd871bbb0ce68e0ea7 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 7 Jun 2018 01:38:45 +0300 Subject: [PATCH 0196/2197] fix macros documentation style. --- include/psa/crypto.h | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c45fccd4b..8e20013a2 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1073,7 +1073,24 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * @{ */ -// This macro calculates the encryption output size according to given algorithm + +/** AEAD Encrypted data size + * + * This macro calculates the encrypted data size according to given algorithm + * and plaintext_length. + * + * + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * \param plaintext_length Size of \p plaintext in bytes. + * + * \return If the algorithm is PSA_ALG_GCM the encrypted data size is + * plaintext_length plus 16-bytes for tag. + * If the algorithm is PSA_ALG_CCM the encrypted data size is + * plaintext_length plus 16-bytes for tag. + * Otherwise return zero. + */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 : \ (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 : \ @@ -1132,7 +1149,23 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t ciphertext_size, size_t *ciphertext_length ); -// This macro calculates the decryption output size according to given algorithm +/** AEAD Decrypted data size + * + * This macro calculates the decrypted data size according to given algorithm + * and ciphertext_length. + * + * + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * \param ciphertext_length Size of \p ciphertext in bytes. + * + * \return If the algorithm is PSA_ALG_GCM the decrypted data size is + * ciphertext_length minus 16-bytes for tag. + * If the algorithm is PSA_ALG_CCM the decrypted data size is + * ciphertext_length minus 16-bytes for tag. + * Otherwise return zero. + */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 : \ (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 : \ From fc614b1e0eacd372c10480c53a720ceb18f832b8 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 7 Jun 2018 01:43:52 +0300 Subject: [PATCH 0197/2197] fix parentheses --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ba1fd9d4c..a8306ab24 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1656,8 +1656,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) + if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) From 3158564f089f26a534123b67b3058885de3962cf Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 7 Jun 2018 11:45:03 +0300 Subject: [PATCH 0198/2197] add nonce as argument to the test function of encrypt/decrypt --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ tests/suites/test_suite_psa_crypto.function | 14 ++++---------- 2 files changed, 10 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2b466b164..8fc7985b8 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -122,13 +122,13 @@ depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type -aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED +aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED PSA AEAD Encrypt, AES CCM - 23-bytes input aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" @@ -146,10 +146,10 @@ PSA AEAD Decrypt, AES CCM - invalid signature aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS PSA AEAD Encrypt, AES GCM - 128-bytes input - 1 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" @@ -167,4 +167,4 @@ PSA AEAD Decrypt, AES GCM - invalid signature aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0e1662ff1..1cb938108 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -576,7 +576,7 @@ exit: /* BEGIN_CASE */ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, + int alg_arg, char * input_hex, char * nonce_hex, char * add_data, int expected_result_arg ) { int slot = 1; @@ -591,12 +591,11 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, size_t output_length = 0; unsigned char *output_data2 = NULL; size_t output_length2 = 0; - uint8_t nonce[16]; + uint8_t* nonce; size_t nonce_length = 16; size_t tag_length = 16; unsigned char *additional_data = NULL; size_t additional_data_length = 0; - size_t i = 0; psa_status_t expected_result = (psa_status_t) expected_result_arg; psa_key_policy_t policy = {0}; @@ -610,13 +609,8 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, output_size = input_size + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); - if( alg == PSA_ALG_CCM ) - { - nonce_length = 12; - } - - for( ; i < nonce_length; ++i ) - nonce[i] = i; + nonce = unhexify_alloc( nonce_hex, &nonce_length ); + TEST_ASSERT( nonce != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); From 65eb8588fec079d476d701e9106ba86fcb077153 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Apr 2018 08:28:58 +0200 Subject: [PATCH 0199/2197] Expand the description of error codes --- include/psa/crypto.h | 221 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 200 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f5db4d26b..a463cc05a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -54,43 +54,206 @@ typedef enum { /** The action was completed successfully. */ PSA_SUCCESS = 0, /** The requested operation or a parameter is not supported - by this implementation. */ + * by this implementation. + * + * Implementations should return this error code when an enumeration + * parameter such as a key type, algorithm, etc. is not recognized. + * If a combination of parameters is recognized and identified as + * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ PSA_ERROR_NOT_SUPPORTED, - /** The requested action is denied by a policy. */ + /** The requested action is denied by a policy. + * + * Implementations should return this error code when the parameters + * are recognized as valid and supported, and a policy explicitly + * denies the requested operation. + * + * If a subset of the parameters of a function call identify a + * forbidden operation, and another subset of the parameters are + * not valid or not supported, it is unspecified whether the function + * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or + * #PSA_ERROR_INVALID_ARGUMENT. */ PSA_ERROR_NOT_PERMITTED, - /** An output buffer is too small. */ + /** An output buffer is too small. + * + * Applications can call the `PSA_xxx_SIZE` macro listed in the function + * description to determine a sufficient buffer size. + * + * Implementations should preferably return this error code only + * in cases when performing the operation with a larger output + * buffer would succeed. However implementations may return this + * error if a function has invalid or unsupported parameters in addition + * to the parameters that determine the necessary output buffer size. */ PSA_ERROR_BUFFER_TOO_SMALL, /** A slot is occupied, but must be empty to carry out the - requested action. */ + * requested action. + * + * If the slot number is invalid (i.e. the requested action could + * not be performed even after erasing the slot's content), + * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ PSA_ERROR_OCCUPIED_SLOT, /** A slot is empty, but must be occupied to carry out the - requested action. */ + * requested action. + * + * If the slot number is invalid (i.e. the requested action could + * not be performed even after creating appropriate content in the slot), + * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ PSA_ERROR_EMPTY_SLOT, - /** The requested action cannot be performed in the current state. */ + /** The requested action cannot be performed in the current state. + * + * Multipart operations return this error when one of the + * functions is called out of sequence. Refer to the function + * descriptions for permitted sequencing of functions. + * + * Implementations shall not return this error code to indicate + * that a key slot is occupied when it needs to be free or vice versa, + * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * as applicable. */ PSA_ERROR_BAD_STATE, - /** The parameters passed to the function are invalid. */ + /** The parameters passed to the function are invalid. + * + * Implementations may return this error any time a parameter or + * combination of parameters are recognized as invalid. + * + * Implementations shall not return this error code to indicate + * that a key slot is occupied when it needs to be free or vice versa, + * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * as applicable. */ PSA_ERROR_INVALID_ARGUMENT, - /** There is not enough runtime memory. */ + /** There is not enough runtime memory. + * + * If the action is carried out across multiple security realms, this + * error can refer to available memory in any of the security realms. */ PSA_ERROR_INSUFFICIENT_MEMORY, - /** There is not enough persistent storage. */ + /** There is not enough persistent storage. + * + * Functions that modify the key storage return this error code if + * there is insufficient storage space on the host media. In addition, + * many functions that do not otherwise access storage may return this + * error code if the implementation requires a mandatory log entry for + * the requested action and the log storage space is full. */ PSA_ERROR_INSUFFICIENT_STORAGE, - /** There was a communication failure inside the implementation. */ + /** There was a communication failure inside the implementation. + * + * This can indicate a communication failure between the application + * and an external cryptoprocessor or between the cryptoprocessor and + * an external volatile or persistent memory. A communication failure + * may be transient or permanent depending on the cause. + * + * \warning If a function returns this error, it is undetermined + * whether the requested action has completed or not. Implementations + * should return #PSA_SUCCESS on successful completion whenver + * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE + * if the requested action was completed successfully in an external + * cryptoprocessor but there was a breakdown of communication before + * the cryptoprocessor could report the status to the application. + */ PSA_ERROR_COMMUNICATION_FAILURE, - /** There was a storage failure that may have led to data loss. */ + /** There was a storage failure that may have led to data loss. + * + * This error indicates that some persistent storage is corrupted. + * It should not be used for a corruption of volatile memory + * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error + * between the cryptoprocessor and its external storage (use + * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is + * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). + * + * Note that a storage failure does not indicate that any data that was + * previously read is invalid. However this previously read data may no + * longer be readable from storage. + * + * When a storage failure occurs, it is no longer possible to ensure + * the global integrity of the keystore. Depending on the global + * integrity guarantees offered by the implementation, access to other + * data may or may not fail even if the data is still readable but + * its integrity canont be guaranteed. + * + * Implementations should only use this error code to report a + * permanent storage corruption. However application writers should + * keep in mind that transient errors while reading the storage may be + * reported using this error code. */ PSA_ERROR_STORAGE_FAILURE, - /** A hardware failure was detected. */ + /** A hardware failure was detected. + * + * A hardware failure may be transient or permanent depending on the + * cause. */ PSA_ERROR_HARDWARE_FAILURE, - /** A tampering attempt was detected. */ + /** A tampering attempt was detected. + * + * If an application receives this error code, there is no guarantee + * that previously accessed or computed data was correct and remains + * confidential. Applications should not perform any security function + * and should enter a safe failure state. + * + * Implementations may return this error code if they detect an invalid + * state that cannot happen during normal operation and that indicates + * that the implementation's security guarantees no longer hold. Depending + * on the implementation architecture and on its security and safety goals, + * the implementation may forcibly terminate the application. + * + * This error code is intended as a last resort when a security breach + * is detected and it is unsure whether the keystore data is still + * protected. Implementations shall only return this error code + * to report an alarm from a tampering detector, to indicate that + * the confidentiality of stored data can no longer be guaranteed, + * or to indicate that the integrity of previously returned data is now + * considered compromised. Implementations shall not use this error code + * to indicate a hardware failure that merely makes it impossible to + * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, + * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, + * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code + * instead). + * + * This error indicates an attack against the application. Implementations + * shall not return this error code as a consequence of the behavior of + * the application itself. */ PSA_ERROR_TAMPERING_DETECTED, /** There is not enough entropy to generate random data needed - for the requested action. */ + * for the requested action. + * + * This error indicates a failure of a hardware random generator. + * Application writers should note that this error can be returned not + * only by functions whose purpose is to generate random data, such + * as key, IV or nonce generation, but also by functions that execute + * an algorithm with a randomized result, as well as functions that + * use randomization of intermediate computations as a countermeasure + * to certain attacks. + * + * Implementations should avoid returning this error after psa_crypto_init() + * has succeeded. Implementations should generate sufficient + * entropy during initialization and subsequently use a cryptographically + * secure pseudorandom generator (PRNG). However implementations may return + * this error at any time if a policy requires the PRNG to be reseeded + * during normal operation. */ PSA_ERROR_INSUFFICIENT_ENTROPY, - /** The signature, MAC or hash is incorrect. */ + /** The signature, MAC or hash is incorrect. + * + * Verification functions return this error if the verification + * calculations completed successfully, and the value to be verified + * was determined to be incorrect. + * + * If the value to verify has an invalid size, implementations may return + * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ PSA_ERROR_INVALID_SIGNATURE, - /** The decrypted padding is incorrect. */ + /** The decrypted padding is incorrect. + * + * \warning In some protocols, when decrypting data, it is essential that + * the behavior of the application does not depend on whether the padding + * is correct, down to precise timing. Applications should prefer + * protocols that use authenticated encryption rather than plain + * encryption. If the application must perform a decryption of + * unauthenticated data, the application writer should take care not + * to reveal whether the padding is invalid. + * + * Implementations should strive to make valid and invalid padding + * as close as possible to indistinguishable to an external observer. + * In particular, the timing of a decryption operation should not + * depend on the validity of the padding. */ PSA_ERROR_INVALID_PADDING, /** An error occurred that does not correspond to any defined - failure cause. */ + * failure cause. + * + * Implementations may use this error code if none of the other standard + * error codes are applicable. */ PSA_ERROR_UNKNOWN_ERROR, } psa_status_t; @@ -357,13 +520,15 @@ typedef uint32_t psa_algorithm_t; * \retval PSA_SUCCESS * Success. * \retval PSA_ERROR_NOT_SUPPORTED - * The key type or key size is not supported. + * The key type or key size is not supported, either by the + * implementation in general or in this particular slot. * \retval PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, * or the key data is not correctly formatted. * \retval PSA_ERROR_OCCUPIED_SLOT - There is already a key in the specified slot. + * There is already a key in the specified slot. * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_INSUFFICIENT_STORAGE * \retval PSA_ERROR_COMMUNICATION_FAILURE * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED @@ -377,10 +542,24 @@ psa_status_t psa_import_key(psa_key_slot_t key, * \brief Destroy a key. * * \retval PSA_SUCCESS - * \retval PSA_ERROR_EMPTY_SLOT + * The slot's content, if any, has been erased. + * \retval PSA_ERROR_NOT_PERMITTED + * The slot holds content and cannot be erased because it is + * read-only, either due to a policy or due to physical restrictions. + * \retval PSA_ERROR_INVALID_ARGUMENT + * The specified slot number does not designate a valid slot. * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE + * There was an failure in communication with the cryptoprocessor. + * The key material may still be present in the cryptoprocessor. + * \retval PSA_ERROR_STORAGE_FAILURE + * The storage is corrupted. Implementations shall make a best effort + * to erase key material even in this stage, however applications + * should be aware that it may be impossible to guarantee that the + * key material is not recoverable in such cases. * \retval PSA_ERROR_TAMPERING_DETECTED + * An unexpected condition which is not a storage corruption or + * a communication failure occurred. The cryptoprocessor may have + * been compromised. */ psa_status_t psa_destroy_key(psa_key_slot_t key); From 212e4d8f7c213221c3f7dce04654983da22686a0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 11:36:37 +0200 Subject: [PATCH 0200/2197] Improve documentation of PSA_AEAD_xxx_OUTPUT_SIZE --- include/psa/crypto.h | 48 ++++++++++++++++++++++++-------------------- 1 file changed, 26 insertions(+), 22 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8e20013a2..7286ef9d8 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1074,22 +1074,24 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); */ -/** AEAD Encrypted data size +/** The maximum size of the output of psa_aead_encrypt(), in bytes. * - * This macro calculates the encrypted data size according to given algorithm - * and plaintext_length. + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_encrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. * - * - * \param alg The AEAD algorithm to compute + * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(alg) is true). - * \param plaintext_length Size of \p plaintext in bytes. + * \param plaintext_length Size of the plaintext in bytes. * - * \return If the algorithm is PSA_ALG_GCM the encrypted data size is - * plaintext_length plus 16-bytes for tag. - * If the algorithm is PSA_ALG_CCM the encrypted data size is - * plaintext_length plus 16-bytes for tag. - * Otherwise return zero. + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 : \ @@ -1149,22 +1151,24 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t ciphertext_size, size_t *ciphertext_length ); -/** AEAD Decrypted data size +/** The maximum size of the output of psa_aead_decrypt(), in bytes. * - * This macro calculates the decrypted data size according to given algorithm - * and ciphertext_length. + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_decrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the plaintext may be smaller. * - * - * \param alg The AEAD algorithm to compute + * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(alg) is true). - * \param ciphertext_length Size of \p ciphertext in bytes. + * \param ciphertext_length Size of the plaintext in bytes. * - * \return If the algorithm is PSA_ALG_GCM the decrypted data size is - * ciphertext_length minus 16-bytes for tag. - * If the algorithm is PSA_ALG_CCM the decrypted data size is - * ciphertext_length minus 16-bytes for tag. - * Otherwise return zero. + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 : \ From 71bb7b77f05fd3e8f07c99249f9e645326fbd96a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Apr 2018 08:29:59 +0200 Subject: [PATCH 0201/2197] Switch PSA_HASH_FINAL_SIZE to PSA_HASH_SIZE Make this macro work on derived algorithms as well (HMAC, hash-and-sign, etc.). --- include/psa/crypto.h | 40 ++++++++++++++++++++-------------------- library/psa_crypto.c | 2 +- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a463cc05a..c880586fe 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -814,23 +814,23 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * An implementation may return either 0 or the correct size * for a hash algorithm that it recognizes, but does not support. */ -#define PSA_HASH_FINAL_SIZE(alg) \ - ( \ - (alg) == PSA_ALG_MD2 ? 16 : \ - (alg) == PSA_ALG_MD4 ? 16 : \ - (alg) == PSA_ALG_MD5 ? 16 : \ - (alg) == PSA_ALG_RIPEMD160 ? 20 : \ - (alg) == PSA_ALG_SHA_1 ? 20 : \ - (alg) == PSA_ALG_SHA_224 ? 28 : \ - (alg) == PSA_ALG_SHA_256 ? 32 : \ - (alg) == PSA_ALG_SHA_384 ? 48 : \ - (alg) == PSA_ALG_SHA_512 ? 64 : \ - (alg) == PSA_ALG_SHA_512_224 ? 28 : \ - (alg) == PSA_ALG_SHA_512_256 ? 32 : \ - (alg) == PSA_ALG_SHA3_224 ? 28 : \ - (alg) == PSA_ALG_SHA3_256 ? 32 : \ - (alg) == PSA_ALG_SHA3_384 ? 48 : \ - (alg) == PSA_ALG_SHA3_512 ? 64 : \ +#define PSA_HASH_SIZE(alg) \ + ( \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ + PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ 0) /** Start a multipart hash operation. @@ -915,7 +915,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \param hash_size Size of the \c hash buffer in bytes. * \param hash_length On success, the number of bytes * that make up the hash value. This is always - * #PSA_HASH_FINAL_SIZE(alg) where \c alg is the + * #PSA_HASH_SIZE(alg) where \c alg is the * hash algorithm that is calculated. * * \retval PSA_SUCCESS @@ -924,7 +924,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * The operation state is not valid (not started, or already completed). * \retval PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c hash buffer is too small. You can determine a - * sufficient buffer size by calling #PSA_HASH_FINAL_SIZE(alg) + * sufficient buffer size by calling #PSA_HASH_SIZE(alg) * where \c alg is the hash algorithm that is calculated. * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_COMMUNICATION_FAILURE @@ -1020,7 +1020,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * for a MAC algorithm that it recognizes, but does not support. */ #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ - (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_FINAL_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ + (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ 0) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3ea87f642..b66862c50 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -774,7 +774,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t *hash_length ) { int ret; - size_t actual_hash_length = PSA_HASH_FINAL_SIZE( operation->alg ); + size_t actual_hash_length = PSA_HASH_SIZE( operation->alg ); /* Fill the output buffer with something that isn't a valid hash * (barring an attack on the hash and deliberately-crafted input), From 5e39dc96e009587401397590ec16d3da001ac7dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 11:41:57 +0200 Subject: [PATCH 0202/2197] New macro PSA_AEAD_TAG_SIZE, use it for PSA_AEAD_xxx_OUTPUT_SIZE --- include/psa/crypto.h | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7286ef9d8..9806c959d 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1073,6 +1073,25 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * @{ */ +/** The tag size for an AEAD algorithm, in bytes. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * + * \return The tag size for the specified algorithm. + * If the AEAD algorithm does not have an identified + * tag that can be distinguished from the rest of + * the ciphertext, return 0. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_TAG_SIZE(alg) \ + ((alg) == PSA_ALG_GCM ? 16 : \ + (alg) == PSA_ALG_CCM ? 16 : \ + 0) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -1094,8 +1113,8 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * recognizes, but does not support. */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 : \ - (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 : \ + (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) : \ 0) /** Process an authenticated encryption operation. @@ -1170,9 +1189,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * correct size for an AEAD algorithm that it * recognizes, but does not support. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 : \ - (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 : \ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ + (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) : \ 0) /** Process an authenticated decryption operation. From 154bd95131470b5d58efc60829dbb8d371b8cd63 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Apr 2018 08:38:16 +0200 Subject: [PATCH 0203/2197] psa_destroy_key: return SUCCESS on an empty slot Do wipe the slot even if it doesn't contain a key, to erase any metadata. --- include/psa/crypto.h | 12 +++++++++++- library/psa_crypto.c | 8 +++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c880586fe..982cca701 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -539,7 +539,17 @@ psa_status_t psa_import_key(psa_key_slot_t key, size_t data_length); /** - * \brief Destroy a key. + * \brief Destroy a key and restore the slot to its default state. + * + * This function destroys the content of the key slot from both volatile + * memory and, if applicable, non-volatile storage. Implementations shall + * make a best effort to ensure that any previous content of the slot is + * unrecoverable. + * + * This function also erases any metadata such as policies. It returns the + * specified slot to its default state. + * + * \param key The key slot to erase. * * \retval PSA_SUCCESS * The slot's content, if any, has been erased. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b66862c50..deeffa3b8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -373,9 +373,11 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); - - if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + { + /* No key material to clean, but do zeroize the slot below to wipe + * metadata such as policies. */ + } + else if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { mbedtls_free( slot->data.raw.data ); } From 3585596aecb48e79d33ade6bccd34d316c203547 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Apr 2018 08:39:16 +0200 Subject: [PATCH 0204/2197] Document a few more macros --- include/psa/crypto.h | 58 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 54 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 982cca701..a2ce15665 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -304,15 +304,47 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) +/** Raw data. + * + * A "key" of this type cannot be used for any cryptographic operation. + * Applications may use this type to store arbitrary data in the keystore. */ #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) #define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) +/** HMAC key. + * + * The key policy determines which underlying hash algorithm the key can be + * used for. + * + * HMAC keys should generally have the same size as the underlying hash. + * This size can be calculated with `PSA_HASH_SIZE(alg)` where + * `alg` is the HMAC algorithm or the underlying hash algorithm. */ #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) +/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. + * + * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or + * 32 bytes (AES-256). + */ #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x04000001) +/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). + * + * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or + * 24 bytes (3-key 3DES). + * + * Note that single DES and 2-key 3DES are weak and strongly + * deprecated and should only be used to decrypt legacy data. 3-key 3DES + * is weak and deprecated and should only be used in legacy protocols. + */ #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x04000002) +/** Key for an cipher, AEAD or MAC algorithm based on the + * Camellia block cipher. */ #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003) +/** Key for the RC4 stream cipher. + * + * Note that RC4 is weak and deprecated and should only be used in + * legacy protocols. */ #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x04000004) /** RSA public key. */ @@ -369,8 +401,14 @@ typedef uint32_t psa_key_type_t; * \param type A cipher key type (value of type #psa_key_type_t). * * \return The block size for a block cipher, or 1 for a stream cipher. - * The return value is undefined if \c type does not identify - * a cipher algorithm. + * The return value is undefined if \c type is not a supported + * cipher key type. + * + * \note It is possible to build stream cipher algorithms on top of a block + * cipher, for example CTR mode (#PSA_ALG_CTR). + * This macro only takes the key type into account, so it cannot be + * used to determine the size of the data that #psa_cipher_update() + * might buffer for future processing in general. * * \note This macro returns a compile-time constant if its argument is one. * @@ -451,7 +489,17 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) -#define PSA_ALG_HMAC(hash_alg) \ +/** Macro to build an HMAC algorithm. + * + * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256. + * + * \param alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The corresponding HMAC algorithm. + * \return Unspecified if \p alg is not a hash algorithm. + */ +#define PSA_ALG_HMAC(hash_alg) \ (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_HMAC_HASH(hmac_alg) \ (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) @@ -817,7 +865,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * This is also the hash size that psa_hash_verify() expects. * * \param alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm + * (`PSA_ALG_HMAC(hash_alg)` where `hash_alg` is a + * hash algorithm). * * \return The hash size for the specified hash algorithm. * If the hash algorithm is not recognized, return 0. From bb1072f64296de6e13437f37227533f97f5c0dfa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 18:46:05 +0200 Subject: [PATCH 0205/2197] Fix use of mbedtls_cipher_info_from_psa One branch added an extra argument, the other branch added a call of this function. Pass the extra argument on the code from the other branch. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4d42c8d2b..e4f2a8722 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1411,7 +1411,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, return( status ); slot = &global_data.key_slots[key]; - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits ); + cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); From 39e59144f6717e7414d4876bbf58f22084fe6c31 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Wed, 2 May 2018 23:16:26 +0300 Subject: [PATCH 0206/2197] added support for PKCSv1.5 signature verification and encryption/decryption and very basic tests. --- library/psa_crypto.c | 240 ++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 45 ++++ tests/suites/test_suite_psa_crypto.function | 262 ++++++++++++++++++++ 3 files changed, 547 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index edb81c435..a18abcd95 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1353,7 +1353,247 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, } } +psa_status_t psa_asymmetric_verify(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size) +{ + key_slot_t *slot; + (void) salt; + (void) salt_length; + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_EMPTY_SLOT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + #if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + mbedtls_rsa_context *rsa = slot->data.rsa; + int ret; + psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); + mbedtls_md_type_t md_alg = + hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); + if( md_alg == MBEDTLS_MD_NONE ) + { +#if SIZE_MAX > UINT_MAX + if( hash_length > UINT_MAX ) + return( PSA_ERROR_INVALID_ARGUMENT ); +#endif + } + else + { + if( mbedtls_md_get_size( md_info ) != hash_length ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( md_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + } + if( signature_size < rsa->len ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); +#if defined(MBEDTLS_PKCS1_V15) + if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ); + + ret = mbedtls_rsa_pkcs1_verify( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + md_alg, + hash_length, + hash, + signature ); + + } + else +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + if( alg == PSA_ALG_RSA_PSS_MGF1 ) + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* MBEDTLS_PKCS1_V21 */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + return( mbedtls_to_psa_error( ret ) ); + } + else +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + // TODO + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ + { + return( PSA_ERROR_NOT_SUPPORTED ); + } +} + + +psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + key_slot_t *slot; + (void) salt; + (void) salt_length; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_EMPTY_SLOT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + // check output size? + +#if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + mbedtls_rsa_context *rsa = slot->data.rsa; + int ret; + if( output_size < rsa->len ) + return( PSA_ERROR_INVALID_ARGUMENT ); +#if defined(MBEDTLS_PKCS1_V15) + if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + { + ret = mbedtls_rsa_pkcs1_encrypt( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + input_length, + input, + output ); + } + else +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + if( alg == PSA_ALG_RSA_PSS_MGF1 ) + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* MBEDTLS_PKCS1_V21 */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + if( ret == 0 ) + *output_length = rsa->len; // check if this is correct + return( mbedtls_to_psa_error( ret ) ); + } +#endif +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + // TODO + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + +} + + +psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + key_slot_t *slot; + (void) salt; + (void) salt_length; + + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_EMPTY_SLOT ); + slot = &global_data.key_slots[key]; + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + +#if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + mbedtls_rsa_context *rsa = slot->data.rsa; + int ret; + + if( output_size < rsa->len ) + return( PSA_ERROR_INVALID_ARGUMENT ); + +#if defined(MBEDTLS_PKCS1_V15) + if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + { + *output_length = input_length; // check this + ret = mbedtls_rsa_pkcs1_decrypt( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + output_length, + input, + output, + output_size ); + } + else +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + if( alg == PSA_ALG_RSA_PSS_MGF1 ) + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* MBEDTLS_PKCS1_V21 */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + if( ret == 0 ) + *output_length = rsa->len; // check if this is correct + return( mbedtls_to_psa_error( ret ) ); + } +#endif +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + // TODO + return( PSA_ERROR_NOT_SUPPORTED ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + +} + /****************************************************************/ /* Key Policy */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c3f5f9001..a86f963d5 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -100,6 +100,18 @@ key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_P PSA Key Lifetime set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE +PSA verify RSA PKCS#1 v1.5 signature +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" + +PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong hash +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT + +PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong signature +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE + PSA Key Lifetime set fail, invalid key slot key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT @@ -120,3 +132,36 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"307802010 PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" + +PSA encrypt using RSA PKCS#1 v1.5 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":128 + +PSA encrypt using RSA PKCS#1 v1.5 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":128 + +PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT + +PSA encrypt using RSA PKCS#1 v1.5 fail wrong key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT + +PSA decrypt using RSA PKCS#1 v1.5 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128 + +PSA decrypt using RSA PKCS#1 v1.5 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128 + +PSA decrypt using RSA PKCS#1 v1.5 fail ARGUMENTS +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT + +PSA decrypt using RSA PKCS#1 v1.5 fail wrong key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT + diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 04a95d4f8..01e0a3fa5 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -573,3 +573,265 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_verify_fail( int key_type_arg, char *key_hex, + int alg_arg, char *hash_hex, char *signature_hex, + int expected_status_arg ) +{ + + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *hash_data = NULL; + size_t hash_size; + unsigned char *signature_data = NULL; + size_t signature_size; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + hash_data = unhexify_alloc( hash_hex, &hash_size ); + TEST_ASSERT( hash_data != NULL ); + signature_data = unhexify_alloc( signature_hex, &signature_size ); + TEST_ASSERT( signature_data != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + actual_status = psa_asymmetric_verify( slot, alg, + hash_data, hash_size, + NULL, 0, + signature_data, signature_size ); + + + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( hash_data ); + mbedtls_free( signature_data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void asymmetric_encrypt( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + char *expected_hex, int expected_size ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *expected_data = NULL; + size_t expected_data_size; + unsigned char *output = NULL; + size_t output_size = 4096; + size_t output_length = 0; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + expected_data = unhexify_alloc( expected_hex, &expected_data_size ); + TEST_ASSERT( expected_data != NULL ); + output = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output != NULL ); + + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( ((size_t)expected_size) == output_length ); + // function uses random internally + //TEST_ASSERT( memcmp( expected_data, output, output_length ) == 0 ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( expected_data ); + mbedtls_free( output); + mbedtls_psa_crypto_free( ); + +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + int expected_status_arg ) +{ + + + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output = NULL; + size_t output_size = 4096; + size_t output_length = 0; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + output = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output != NULL ); + + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + actual_status = psa_asymmetric_encrypt(slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, + &output_length); + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( output); + mbedtls_psa_crypto_free( ); + +} +/* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_decrypt( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + char *expected_hex, int expected_size ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *expected_data = NULL; + size_t expected_data_size; + unsigned char *output = NULL; + size_t output_size = 4096; + size_t output_length = 0; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + expected_data = unhexify_alloc( expected_hex, &expected_data_size ); + TEST_ASSERT( expected_data != NULL ); + output = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output != NULL ); + + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, + &output_length) == PSA_SUCCESS ); + TEST_ASSERT( ((size_t)expected_size) == output_length ); + TEST_ASSERT( memcmp( expected_data, output, (output_length/8) ) == 0 ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( expected_data ); + mbedtls_free( output); + mbedtls_psa_crypto_free( ); + + +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex, + int expected_status_arg ) +{ + + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output = NULL; + size_t output_size = 4096; + size_t output_length = 0; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + output = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output != NULL ); + + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + actual_status = psa_asymmetric_decrypt(slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, + &output_length); + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( output); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ \ No newline at end of file From 0f3bdbddeedee6f224662c19dbd5dea62c4b801d Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Wed, 2 May 2018 23:56:12 +0300 Subject: [PATCH 0207/2197] change RSA encryption tests compensate for random component in encryption. --- tests/suites/test_suite_psa_crypto.data | 4 +- tests/suites/test_suite_psa_crypto.function | 77 +++++++++++---------- 2 files changed, 44 insertions(+), 37 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a86f963d5..d8de1cc59 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -135,11 +135,11 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3 PSA encrypt using RSA PKCS#1 v1.5 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":128 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA encrypt using RSA PKCS#1 v1.5 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":128 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 01e0a3fa5..70e7574a6 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -624,8 +624,7 @@ exit: /* BEGIN_CASE */ void asymmetric_encrypt( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, - char *expected_hex, int expected_size ) + int alg_arg, char *input_hex ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -634,44 +633,52 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, size_t key_size; unsigned char *input_data = NULL; size_t input_size; - unsigned char *expected_data = NULL; - size_t expected_data_size; unsigned char *output = NULL; size_t output_size = 4096; size_t output_length = 0; + unsigned char *output2 = NULL; + size_t output2_size = 4096; + size_t output2_length = 0; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - expected_data = unhexify_alloc( expected_hex, &expected_data_size ); - TEST_ASSERT( expected_data != NULL ); output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - + output2 = mbedtls_calloc( 1, output2_size ); + TEST_ASSERT( output2 != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, - input_data, - input_size, - NULL, 0, - output, - output_size, + //checked using encrypt/decrpyt because of non-optional random + // part of encryption process preventing using fixed vectors + TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, &output_length) == PSA_SUCCESS ); - TEST_ASSERT( ((size_t)expected_size) == output_length ); - // function uses random internally - //TEST_ASSERT( memcmp( expected_data, output, output_length ) == 0 ); + + TEST_ASSERT( psa_asymmetric_decrypt(slot, alg, + output, + output_length, + NULL, 0, + output2, + output2_size, + &output2_length) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( input_data, output2, input_size ) == 0 ); exit: psa_destroy_key( slot ); mbedtls_free( key_data ); mbedtls_free( input_data ); - mbedtls_free( expected_data ); mbedtls_free( output); + mbedtls_free( output2); mbedtls_psa_crypto_free( ); } @@ -711,12 +718,12 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_encrypt(slot, alg, - input_data, - input_size, - NULL, 0, - output, - output_size, + actual_status = psa_asymmetric_encrypt(slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, &output_length); TEST_ASSERT( actual_status == expected_status ); @@ -763,12 +770,12 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, - input_data, - input_size, - NULL, 0, - output, - output_size, + TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( ((size_t)expected_size) == output_length ); TEST_ASSERT( memcmp( expected_data, output, (output_length/8) ) == 0 ); @@ -818,12 +825,12 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_decrypt(slot, alg, - input_data, - input_size, - NULL, 0, - output, - output_size, + actual_status = psa_asymmetric_decrypt(slot, alg, + input_data, + input_size, + NULL, 0, + output, + output_size, &output_length); TEST_ASSERT( actual_status == expected_status ); From 7f5a31915b6e80731cbd4504746fcd925a5aab63 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Sun, 6 May 2018 22:26:54 +0300 Subject: [PATCH 0208/2197] code fixes for internal code review: 1. change to correct error code 2. removed unneeded comment --- library/psa_crypto.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a18abcd95..e24638a3a 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1367,7 +1367,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, (void) salt_length; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); @@ -1460,14 +1460,13 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, (void) salt_length; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - // check output size? #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) From 4f594eca401edce71e599bbc28e22f8d177138db Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Tue, 29 May 2018 16:09:13 +0300 Subject: [PATCH 0209/2197] remove check for key pair (public key should be enough for verification) --- library/psa_crypto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e24638a3a..05df3e32f 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1371,8 +1371,6 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) From a1cac84e833787585fd45d78678a1021c930263a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 19:33:02 +0200 Subject: [PATCH 0210/2197] Move AEAD tests just after cipher Always adding things at the end tends to create merge conflicts. Adding in the middle in this way makes the order more logical in addition to avoiding conflicts. --- tests/suites/test_suite_psa_crypto.data | 96 ++-- tests/suites/test_suite_psa_crypto.function | 472 ++++++++++---------- 2 files changed, 284 insertions(+), 284 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1af3e5334..d3dc68e63 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -169,6 +169,54 @@ PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 by depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 +PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type +aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED + +PSA AEAD Encrypt, AES CCM - 23-bytes input +aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" + +PSA AEAD Encrypt, AES CCM - 24-bytes input +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" + +PSA AEAD Decrypt, AES CCM - 39-bytes input +aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS + +PSA AEAD Decrypt, AES CCM - 40-bytes input +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD Decrypt, AES CCM - invalid signature +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE + +PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS + +PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2 +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS + +PSA AEAD Encrypt, AES GCM - 128-bytes input - 1 +aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" + +PSA AEAD Encrypt, AES GCM - 128-bytes input - 2 +aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" + +PSA AEAD Decrypt, AES GCM - 144-bytes input - 1 +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS + +PSA AEAD Decrypt, AES GCM - 144-bytes input - 2 +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS + +PSA AEAD Decrypt, AES GCM - invalid signature +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE + +PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 @@ -236,51 +284,3 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"307802010 PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" - -PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS - -PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS - -PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type -aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED - -PSA AEAD Encrypt, AES CCM - 23-bytes input -aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" - -PSA AEAD Encrypt, AES CCM - 24-bytes input -aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" - -PSA AEAD Decrypt, AES CCM - 39-bytes input -aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS - -PSA AEAD Decrypt, AES CCM - 40-bytes input -aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS - -PSA AEAD Decrypt, AES CCM - invalid signature -aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE - -PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS - -PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2 -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS - -PSA AEAD Encrypt, AES GCM - 128-bytes input - 1 -aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" - -PSA AEAD Encrypt, AES GCM - 128-bytes input - 2 -aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" - -PSA AEAD Decrypt, AES GCM - 144-bytes input - 1 -aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS - -PSA AEAD Decrypt, AES GCM - 144-bytes input - 2 -aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS - -PSA AEAD Decrypt, AES GCM - invalid signature -aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE - -PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a308cbd18..3905e01d4 100755 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -829,6 +829,242 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void aead_encrypt_decrypt( int key_type_arg, char * key_hex, + int alg_arg, char * input_hex, char * nonce_hex, + char * add_data, int expected_result_arg ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + unsigned char *output_data2 = NULL; + size_t output_length2 = 0; + uint8_t* nonce; + size_t nonce_length = 16; + size_t tag_length = 16; + unsigned char *additional_data = NULL; + size_t additional_data_length = 0; + psa_status_t expected_result = (psa_status_t) expected_result_arg; + psa_key_policy_t policy = {0}; + + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + additional_data = unhexify_alloc( add_data, &additional_data_length ); + TEST_ASSERT( input_data != NULL ); + output_size = input_size + tag_length; + output_data = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output_data != NULL ); + nonce = unhexify_alloc( nonce_hex, &nonce_length ); + TEST_ASSERT( nonce != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_aead_encrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + input_data, input_size, output_data, + output_size, &output_length ) == expected_result ); + + if( PSA_SUCCESS == expected_result ) + { + output_data2 = mbedtls_calloc( 1, output_length ); + TEST_ASSERT( output_data2 != NULL ); + + TEST_ASSERT( psa_aead_decrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + output_data, output_length, output_data2, + output_length, &output_length2 ) == expected_result ); + + + TEST_ASSERT( memcmp( input_data, output_data2, + input_size ) == 0 ); + } + + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( additional_data ); + mbedtls_free( output_data ); + mbedtls_free( output_data2 ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void aead_encrypt( int key_type_arg, char * key_hex, + int alg_arg, char * input_hex, + char * add_data, char * nonce_hex, + char * expected_result_hex ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + unsigned char *expected_result = NULL; + size_t expected_result_length = 0; + uint8_t* nonce = NULL; + size_t nonce_length = 0; + size_t tag_length = 16; + unsigned char *additional_data = NULL; + size_t additional_data_length = 0; + psa_key_policy_t policy = {0}; + + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + additional_data = unhexify_alloc( add_data, &additional_data_length ); + TEST_ASSERT( input_data != NULL ); + output_size = input_size + tag_length; + output_data = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output_data != NULL ); + nonce = unhexify_alloc( nonce_hex, &nonce_length ); + TEST_ASSERT( nonce != NULL ); + expected_result = unhexify_alloc( expected_result_hex, &expected_result_length ); + TEST_ASSERT( expected_result != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_aead_encrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + input_data, input_size, output_data, + output_size, &output_length ) == PSA_SUCCESS ); + + + TEST_ASSERT( memcmp( output_data, expected_result, + output_length ) == 0 ); + + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( additional_data ); + mbedtls_free( output_data ); + mbedtls_free( nonce ); + mbedtls_free( expected_result ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void aead_decrypt( int key_type_arg, char * key_hex, + int alg_arg, char * input_hex, + char * add_data, char * nonce_hex, + char * expected_result_hex, int expected_result_arg ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *key_data = NULL; + size_t key_size; + unsigned char *input_data = NULL; + size_t input_size; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + unsigned char *expected_data = NULL; + size_t expected_result_length = 0; + uint8_t* nonce = NULL; + size_t nonce_length = 0; + size_t tag_length = 16; + unsigned char *additional_data = NULL; + size_t additional_data_length = 0; + psa_key_policy_t policy = {0}; + psa_status_t expected_result = (psa_status_t) expected_result_arg; + + + key_data = unhexify_alloc( key_hex, &key_size ); + TEST_ASSERT( key_data != NULL ); + input_data = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( input_data != NULL ); + additional_data = unhexify_alloc( add_data, &additional_data_length ); + TEST_ASSERT( input_data != NULL ); + output_size = input_size + tag_length; + output_data = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output_data != NULL ); + nonce = unhexify_alloc( nonce_hex, &nonce_length ); + TEST_ASSERT( nonce != NULL ); + expected_data = unhexify_alloc( expected_result_hex, &expected_result_length ); + TEST_ASSERT( expected_data != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data, key_size ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_aead_decrypt( slot, alg, + nonce, nonce_length, + additional_data, additional_data_length, + input_data, input_size, output_data, + output_size, &output_length ) == expected_result ); + + + if ( expected_result == PSA_SUCCESS ) + { + TEST_ASSERT( memcmp( output_data, expected_data, + output_length ) == 0 ); + } + + + +exit: + psa_destroy_key( slot ); + mbedtls_free( key_data ); + mbedtls_free( input_data ); + mbedtls_free( additional_data ); + mbedtls_free( output_data ); + mbedtls_free( nonce ); + mbedtls_free( expected_data ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) { @@ -1142,239 +1378,3 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ - -/* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, char * nonce_hex, - char * add_data, int expected_result_arg ) -{ - int slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; - unsigned char *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - unsigned char *output_data2 = NULL; - size_t output_length2 = 0; - uint8_t* nonce; - size_t nonce_length = 16; - size_t tag_length = 16; - unsigned char *additional_data = NULL; - size_t additional_data_length = 0; - psa_status_t expected_result = (psa_status_t) expected_result_arg; - psa_key_policy_t policy = {0}; - - - key_data = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input_data != NULL ); - additional_data = unhexify_alloc( add_data, &additional_data_length ); - TEST_ASSERT( input_data != NULL ); - output_size = input_size + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); - nonce = unhexify_alloc( nonce_hex, &nonce_length ); - TEST_ASSERT( nonce != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - input_data, input_size, output_data, - output_size, &output_length ) == expected_result ); - - if( PSA_SUCCESS == expected_result ) - { - output_data2 = mbedtls_calloc( 1, output_length ); - TEST_ASSERT( output_data2 != NULL ); - - TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - output_data, output_length, output_data2, - output_length, &output_length2 ) == expected_result ); - - - TEST_ASSERT( memcmp( input_data, output_data2, - input_size ) == 0 ); - } - - -exit: - psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( additional_data ); - mbedtls_free( output_data ); - mbedtls_free( output_data2 ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, - char * add_data, char * nonce_hex, - char * expected_result_hex ) -{ - int slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; - unsigned char *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - unsigned char *expected_result = NULL; - size_t expected_result_length = 0; - uint8_t* nonce = NULL; - size_t nonce_length = 0; - size_t tag_length = 16; - unsigned char *additional_data = NULL; - size_t additional_data_length = 0; - psa_key_policy_t policy = {0}; - - - key_data = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input_data != NULL ); - additional_data = unhexify_alloc( add_data, &additional_data_length ); - TEST_ASSERT( input_data != NULL ); - output_size = input_size + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); - nonce = unhexify_alloc( nonce_hex, &nonce_length ); - TEST_ASSERT( nonce != NULL ); - expected_result = unhexify_alloc( expected_result_hex, &expected_result_length ); - TEST_ASSERT( expected_result != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - input_data, input_size, output_data, - output_size, &output_length ) == PSA_SUCCESS ); - - - TEST_ASSERT( memcmp( output_data, expected_result, - output_length ) == 0 ); - - -exit: - psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( additional_data ); - mbedtls_free( output_data ); - mbedtls_free( nonce ); - mbedtls_free( expected_result ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, - char * add_data, char * nonce_hex, - char * expected_result_hex, int expected_result_arg ) -{ - int slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; - unsigned char *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - unsigned char *expected_data = NULL; - size_t expected_result_length = 0; - uint8_t* nonce = NULL; - size_t nonce_length = 0; - size_t tag_length = 16; - unsigned char *additional_data = NULL; - size_t additional_data_length = 0; - psa_key_policy_t policy = {0}; - psa_status_t expected_result = (psa_status_t) expected_result_arg; - - - key_data = unhexify_alloc( key_hex, &key_size ); - TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); - TEST_ASSERT( input_data != NULL ); - additional_data = unhexify_alloc( add_data, &additional_data_length ); - TEST_ASSERT( input_data != NULL ); - output_size = input_size + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); - nonce = unhexify_alloc( nonce_hex, &nonce_length ); - TEST_ASSERT( nonce != NULL ); - expected_data = unhexify_alloc( expected_result_hex, &expected_result_length ); - TEST_ASSERT( expected_data != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - input_data, input_size, output_data, - output_size, &output_length ) == expected_result ); - - - if ( expected_result == PSA_SUCCESS ) - { - TEST_ASSERT( memcmp( output_data, expected_data, - output_length ) == 0 ); - } - - - -exit: - psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( additional_data ); - mbedtls_free( output_data ); - mbedtls_free( nonce ); - mbedtls_free( expected_data ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ From 6afe789d4c16e1e22010290719cdf0af513e8315 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 May 2018 13:16:08 +0200 Subject: [PATCH 0211/2197] Finish renaming around PSA_ALG_IS_RSA_PKCS1V15 Now the code compiles. Some OAEP and PSS macros may still need to be fixed. --- library/psa_crypto.c | 6 +++--- tests/suites/test_suite_psa_crypto.data | 18 +++++++++--------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 05df3e32f..c9562d346 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1398,7 +1398,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) - if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); @@ -1474,7 +1474,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, if( output_size < rsa->len ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) - if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { ret = mbedtls_rsa_pkcs1_encrypt( rsa, mbedtls_ctr_drbg_random, @@ -1548,7 +1548,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) - if( PSA_ALG_IS_RSA_PKCS1V15( alg ) ) + if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { *output_length = input_length; // check this ret = mbedtls_rsa_pkcs1_decrypt( rsa, diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d8de1cc59..97a7038a4 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -102,15 +102,15 @@ key_lifetime:PSA_KEY_LIFETIME_VOLATILE PSA verify RSA PKCS#1 v1.5 signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA Key Lifetime set fail, invalid key slot key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT @@ -135,11 +135,11 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3 PSA encrypt using RSA PKCS#1 v1.5 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA encrypt using RSA PKCS#1 v1.5 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -147,15 +147,15 @@ asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA encrypt using RSA PKCS#1 v1.5 fail wrong key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT PSA decrypt using RSA PKCS#1 v1.5 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128 PSA decrypt using RSA PKCS#1 v1.5 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128 PSA decrypt using RSA PKCS#1 v1.5 fail ARGUMENTS depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -163,5 +163,5 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA decrypt using RSA PKCS#1 v1.5 fail wrong key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT From 5b051bc608dc99cd77200d614c4c177a9096aa66 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 May 2018 13:25:48 +0200 Subject: [PATCH 0212/2197] Remove trailing whitespace Only horizontal whitespace changes in this commit. --- library/psa_crypto.c | 68 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 44 +++++++------ 2 files changed, 58 insertions(+), 54 deletions(-) mode change 100755 => 100644 tests/suites/test_suite_psa_crypto.function diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c9562d346..69854c765 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1442,15 +1442,15 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, } } - -psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, + +psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, size_t *output_length) { key_slot_t *slot; @@ -1471,7 +1471,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - if( output_size < rsa->len ) + if( output_size < rsa->len ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) @@ -1480,7 +1480,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PUBLIC, - input_length, + input_length, input, output ); } @@ -1513,17 +1513,17 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, return( PSA_ERROR_NOT_SUPPORTED ); } -} +} - -psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, + +psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, size_t *output_length) { key_slot_t *slot; @@ -1544,7 +1544,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - if( output_size < rsa->len ) + if( output_size < rsa->len ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) @@ -1555,9 +1555,9 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PRIVATE, - output_length, + output_length, input, - output, + output, output_size ); } else @@ -1589,8 +1589,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, return( PSA_ERROR_NOT_SUPPORTED ); } -} - +} + /****************************************************************/ /* Key Policy */ @@ -1626,13 +1626,13 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - + slot = &global_data.key_slots[key]; if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT - | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN + if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT + | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1650,7 +1650,7 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; - + *policy = slot->policy; return( PSA_SUCCESS ); @@ -1671,7 +1671,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; - + *lifetime = slot->lifetime; return( PSA_SUCCESS ); @@ -1685,8 +1685,8 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( lifetime != PSA_KEY_LIFETIME_VOLATILE && - lifetime != PSA_KEY_LIFETIME_PERSISTENT && + if( lifetime != PSA_KEY_LIFETIME_VOLATILE && + lifetime != PSA_KEY_LIFETIME_PERSISTENT && lifetime != PSA_KEY_LIFETIME_WRITE_ONCE) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1696,7 +1696,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, if ( lifetime != PSA_KEY_LIFETIME_VOLATILE ) return( PSA_ERROR_NOT_SUPPORTED ); - + slot->lifetime = lifetime; return( PSA_SUCCESS ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function old mode 100755 new mode 100644 index 70e7574a6..b6ba9b47b --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -84,7 +84,7 @@ void import_export( char *hex, int type_arg, psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_VENDOR_FLAG ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); @@ -400,10 +400,9 @@ void key_policy( int usage_arg, int alg_arg ) unsigned char key[32] = {0}; psa_key_policy_t policy_set = {0}; psa_key_policy_t policy_get = {0}; - memset( key, 0x2a, sizeof( key ) ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init(& policy_set ); @@ -425,9 +424,6 @@ void key_policy( int usage_arg, int alg_arg ) TEST_ASSERT( policy_get.usage == policy_set.usage ); TEST_ASSERT( policy_get.alg == policy_set.alg ); - - - exit: psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); @@ -443,7 +439,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key size_t signature_length = 0; psa_key_policy_t policy = {0}; int actual_status = PSA_SUCCESS; - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -458,11 +454,11 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key TEST_ASSERT( keypair != NULL ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, keypair, key_size ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, - ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, + actual_status = psa_asymmetric_sign( key_slot, + ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, NULL, 0, &signature_length ); } - + if( usage_arg & PSA_KEY_USAGE_SIGN ) { keypair = unhexify_alloc( key_hex, &key_size ); @@ -489,21 +485,29 @@ void key_lifetime( int lifetime_arg ) unsigned char key[32] = {0}; psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; psa_key_lifetime_t lifetime_get; + memset( key, 0x2a, sizeof( key ) ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( key_slot, + + TEST_ASSERT( psa_set_key_lifetime( key_slot, lifetime_set ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key, sizeof( key ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_lifetime( key_slot, + + TEST_ASSERT( psa_get_key_lifetime( key_slot, &lifetime_get ) == PSA_SUCCESS ); - TEST_ASSERT( lifetime_get == lifetime_set ); + + TEST_ASSERT( lifetime_get == lifetime_set ); + exit: psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } /* END_CASE */ + /* BEGIN_CASE */ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) { @@ -518,7 +522,7 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_sta if( actual_status == PSA_SUCCESS ) actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); - + TEST_ASSERT( expected_status == actual_status ); exit: @@ -654,7 +658,7 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); - //checked using encrypt/decrpyt because of non-optional random + //checked using encrypt/decrpyt because of non-optional random // part of encryption process preventing using fixed vectors TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, input_data, @@ -670,7 +674,7 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, NULL, 0, output2, output2_size, - &output2_length) == PSA_SUCCESS ); + &output2_length) == PSA_SUCCESS ); TEST_ASSERT( memcmp( input_data, output2, input_size ) == 0 ); exit: @@ -711,7 +715,7 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( input_data != NULL ); output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -763,7 +767,7 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, TEST_ASSERT( expected_data != NULL ); output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -818,7 +822,7 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( input_data != NULL ); output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -841,4 +845,4 @@ exit: mbedtls_free( output); mbedtls_psa_crypto_free( ); } -/* END_CASE */ \ No newline at end of file +/* END_CASE */ From 723feffe159b7eacbab7272bc55f429bf726648a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 May 2018 20:08:13 +0200 Subject: [PATCH 0213/2197] Fix some errors in PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE A call to PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE wouldn't even have compiled. Fix some obvious errors. This is still untested. --- include/psa/crypto.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c0b318776..084049430 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1368,11 +1368,13 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, (PSA_KEY_TYPE_IS_RSA(key_type) ? \ ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ 0) -#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ +#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ + (PSA_ALG_IS_RSA_OAEP_MGF1(alg) ? \ + 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_GET_HASH(alg)) + 1 : \ + 11 /*PKCS#1v1.5*/) +#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - PSA_BITS_TO_BYTES(key_bits) - ((alg) == PSA_ALG_IS_RSA_OAEP_MGF1 ? \ - 2 * (PSA_ALG_RSA_GET_HASH(alg) + 1) : \ - 11 /*PKCS#1v1.5*/) : \ + PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ 0) /** From 72eca16afe60edda0113f92f0f6d1b654e4bdc21 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:19:38 +0300 Subject: [PATCH 0214/2197] Fix scenario test names 1. make all names unique 2. fix spacing issue in names --- tests/suites/test_suite_psa_crypto.data | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 97a7038a4..64f5431d3 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -104,11 +104,11 @@ PSA verify RSA PKCS#1 v1.5 signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong hash +PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT -PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong signature +PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE @@ -133,35 +133,35 @@ PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA encrypt using RSA PKCS#1 v1.5 +PSA encrypt using RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA encrypt using RSA PKCS#1 v1.5 +PSA encrypt using RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" -PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS +PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA encrypt using RSA PKCS#1 v1.5 fail wrong key +PSA encrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt using RSA PKCS#1 v1.5 +PSA decrypt using RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128 -PSA decrypt using RSA PKCS#1 v1.5 +PSA decrypt using RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128 -PSA decrypt using RSA PKCS#1 v1.5 fail ARGUMENTS +PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt using RSA PKCS#1 v1.5 fail wrong key +PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT From 553b8f39e95ce60f1c1087c310aa5ce65da760db Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:20:59 +0300 Subject: [PATCH 0215/2197] Fix test data test data used incorrect clear-text length. --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 64f5431d3..72ddbc066 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -151,11 +151,11 @@ asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb7 PSA decrypt using RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32 PSA decrypt using RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34 PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From d70bc48630f6ded3c11daf350e066f94b1d96dc2 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:31:13 +0300 Subject: [PATCH 0216/2197] Fix test output size 1. set output size to safe value 2. set output size correctly 3. check correct length of actual output --- tests/suites/test_suite_psa_crypto.function | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b6ba9b47b..caa0abd0b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -638,14 +638,16 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, unsigned char *input_data = NULL; size_t input_size; unsigned char *output = NULL; - size_t output_size = 4096; + size_t output_size = 0; size_t output_length = 0; unsigned char *output2 = NULL; - size_t output2_size = 4096; + size_t output2_size = 0; size_t output2_length = 0; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); + output_size = key_size; + output2_size = key_size; input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); output = mbedtls_calloc( 1, output_size ); @@ -704,19 +706,19 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, unsigned char *input_data = NULL; size_t input_size; unsigned char *output = NULL; - size_t output_size = 4096; + size_t output_size = 0; size_t output_length = 0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); + output_size = key_size; input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, @@ -756,11 +758,13 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, unsigned char *expected_data = NULL; size_t expected_data_size; unsigned char *output = NULL; - size_t output_size = 4096; + size_t output_size = 0; size_t output_length = 0; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); + output_size = key_size; input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); expected_data = unhexify_alloc( expected_hex, &expected_data_size ); @@ -768,7 +772,6 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, @@ -782,7 +785,7 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( ((size_t)expected_size) == output_length ); - TEST_ASSERT( memcmp( expected_data, output, (output_length/8) ) == 0 ); + TEST_ASSERT( memcmp( expected_data, output, (output_length) ) == 0 ); exit: psa_destroy_key( slot ); @@ -811,19 +814,19 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, unsigned char *input_data = NULL; size_t input_size; unsigned char *output = NULL; - size_t output_size = 4096; + size_t output_size = 0; size_t output_length = 0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); + output_size = key_size; input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, From 717a040df55a8db0d6526b19b8d1ebef3dfbc18e Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:36:15 +0300 Subject: [PATCH 0217/2197] Remove duplicate / unneeded code 1. remove duplicate function introduced by re-base 2. remove unneeded code --- library/psa_crypto.c | 46 ++------------------------------------------ 1 file changed, 2 insertions(+), 44 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 69854c765..4913adfed 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1313,46 +1313,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, } } -psa_status_t psa_asymmetric_verify( psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *signature, - size_t signature_size ) -{ - key_slot_t *slot; - (void) salt; - (void) salt_length; - - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); - if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( !( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) ) - return( PSA_ERROR_NOT_PERMITTED ); - -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - mbedtls_ecp_keypair *ecdsa = slot->data.ecp; - int ret; - (void) alg; - ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, signature, - signature_size ); - return( mbedtls_to_psa_error( ret ) ); - } - else -#endif /* defined(MBEDTLS_ECP_C) */ - { - return( PSA_ERROR_NOT_SUPPORTED ); - } -} - psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, @@ -1497,7 +1457,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); } if( ret == 0 ) - *output_length = rsa->len; // check if this is correct + *output_length = rsa->len; return( mbedtls_to_psa_error( ret ) ); } #endif @@ -1550,7 +1510,6 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, #if defined(MBEDTLS_PKCS1_V15) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { - *output_length = input_length; // check this ret = mbedtls_rsa_pkcs1_decrypt( rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, @@ -1572,8 +1531,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, { return( PSA_ERROR_INVALID_ARGUMENT ); } - if( ret == 0 ) - *output_length = rsa->len; // check if this is correct + return( mbedtls_to_psa_error( ret ) ); } #endif From 4db79eb36b6b1f7aa87519133f1de5af85000180 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:40:31 +0300 Subject: [PATCH 0218/2197] Extract common code Make code easier to maintain. --- library/psa_crypto.c | 78 +++++++++++++++++++++++--------------------- 1 file changed, 40 insertions(+), 38 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4913adfed..17ab2cfae 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1203,6 +1203,30 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, /* Asymmetric cryptography */ /****************************************************************/ +static psa_status_t verify_RSA_hash_input_and_get_md_type(psa_algorithm_t alg, size_t hash_length, mbedtls_md_type_t *md_alg) +{ + psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type(md_info); + if (*md_alg == MBEDTLS_MD_NONE) + { +#if SIZE_MAX > UINT_MAX + if (hash_length > UINT_MAX) + return(PSA_ERROR_INVALID_ARGUMENT); +#endif + } + else + { + if (mbedtls_md_get_size(md_info) != hash_length) + return(PSA_ERROR_INVALID_ARGUMENT); + if (md_info == NULL) + return(PSA_ERROR_NOT_SUPPORTED); + } + return PSA_SUCCESS; +} + + + psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, @@ -1214,11 +1238,12 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, size_t *signature_length) { key_slot_t *slot; - + psa_status_t status; *signature_length = 0; (void) salt; (void) salt_length; + if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; @@ -1234,24 +1259,12 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = - hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); - if( md_alg == MBEDTLS_MD_NONE ) - { -#if SIZE_MAX > UINT_MAX - if( hash_length > UINT_MAX ) - return( PSA_ERROR_INVALID_ARGUMENT ); -#endif - } - else - { - if( mbedtls_md_get_size( md_info ) != hash_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( md_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - } + mbedtls_md_type_t md_alg; + status = verify_RSA_hash_input_and_get_md_type( alg, hash_length, + &md_alg ); + if ( status != PSA_SUCCESS ) + return status; + if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) @@ -1323,6 +1336,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, size_t signature_size) { key_slot_t *slot; + psa_status_t status; (void) salt; (void) salt_length; @@ -1332,29 +1346,17 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - #if defined(MBEDTLS_RSA_C) + #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = - hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); - if( md_alg == MBEDTLS_MD_NONE ) - { -#if SIZE_MAX > UINT_MAX - if( hash_length > UINT_MAX ) - return( PSA_ERROR_INVALID_ARGUMENT ); -#endif - } - else - { - if( mbedtls_md_get_size( md_info ) != hash_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( md_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - } + mbedtls_md_type_t md_alg; + status = verify_RSA_hash_input_and_get_md_type(alg, hash_length, + &md_alg); + if (status != PSA_SUCCESS) + return status; + if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) From c460291714754ca4ab56b5fe6292139555805f95 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:42:18 +0300 Subject: [PATCH 0219/2197] Re-Add ECC verification code which was not properly merged in re-base. --- library/psa_crypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 17ab2cfae..c1c47d231 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1394,8 +1394,12 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) { - // TODO - return( PSA_ERROR_NOT_SUPPORTED ); + mbedtls_ecp_keypair *ecdsa = slot->data.ecp; + int ret; + (void)alg; + ret = mbedtls_ecdsa_read_signature(ecdsa, hash, hash_length, signature, + signature_size); + return(mbedtls_to_psa_error(ret)); } else #endif /* defined(MBEDTLS_ECP_C) */ From ca466c89b09e2ad7ae23e47a1142c0f9129c309a Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:43:12 +0300 Subject: [PATCH 0220/2197] Set output length to safe value --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c1c47d231..ba688bccd 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1422,6 +1422,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, key_slot_t *slot; (void) salt; (void) salt_length; + *output_length = 0; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1495,6 +1496,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, key_slot_t *slot; (void) salt; (void) salt_length; + *output_length = 0; if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); From d708260de45c74786c85124f8341ef210686087e Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:45:27 +0300 Subject: [PATCH 0221/2197] add key policy enforcement implementation add checks that keys have been set for the correct usage for asymmetric functions. --- library/psa_crypto.c | 6 +++++ tests/suites/test_suite_psa_crypto.function | 26 +++++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ba688bccd..dce8e097f 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1345,6 +1345,8 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); + if (!(slot->policy.usage & PSA_KEY_USAGE_VERIFY)) + return(PSA_ERROR_NOT_PERMITTED); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) @@ -1431,6 +1433,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); + if (!(slot->policy.usage & PSA_KEY_USAGE_ENCRYPT)) + return(PSA_ERROR_NOT_PERMITTED); #if defined(MBEDTLS_RSA_C) @@ -1505,6 +1509,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); + if (!(slot->policy.usage & PSA_KEY_USAGE_DECRYPT)) + return(PSA_ERROR_NOT_PERMITTED); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index caa0abd0b..690b22c88 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -595,6 +595,7 @@ void asymmetric_verify_fail( int key_type_arg, char *key_hex, size_t signature_size; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); @@ -605,6 +606,12 @@ void asymmetric_verify_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); @@ -643,6 +650,7 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, unsigned char *output2 = NULL; size_t output2_size = 0; size_t output2_length = 0; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); @@ -657,6 +665,10 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg_arg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); @@ -710,6 +722,7 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, size_t output_length = 0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); @@ -721,6 +734,10 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg_arg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); @@ -774,6 +791,10 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); @@ -818,6 +839,7 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, size_t output_length = 0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; + psa_key_policy_t policy = {0}; key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); @@ -829,6 +851,10 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); From 1c2a7ea4e240f373a87c8316636ad10ca4023753 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Tue, 5 Jun 2018 15:01:42 +0300 Subject: [PATCH 0222/2197] Allow psa_asymmetric_verify and psa_asymmetric_encrypt to use public key only. --- library/psa_crypto.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dce8e097f..3722987f1 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1349,7 +1349,8 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, return(PSA_ERROR_NOT_PERMITTED); #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) || + ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; @@ -1438,7 +1439,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) || + ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; From 61b91d4476b9d187913166e39bb85d15e942242b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 16:09:36 +0200 Subject: [PATCH 0223/2197] Normalize whitespace to Mbed TLS standards Only whitespace changes in this commit. --- library/psa_crypto.c | 191 ++++++++++---------- tests/suites/test_suite_psa_crypto.function | 2 +- 2 files changed, 95 insertions(+), 98 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3722987f1..c716b7beb 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1203,39 +1203,39 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, /* Asymmetric cryptography */ /****************************************************************/ -static psa_status_t verify_RSA_hash_input_and_get_md_type(psa_algorithm_t alg, size_t hash_length, mbedtls_md_type_t *md_alg) +static psa_status_t verify_RSA_hash_input_and_get_md_type( psa_algorithm_t alg, + size_t hash_length, + mbedtls_md_type_t *md_alg ) { - psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH(alg); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); - *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type(md_info); - if (*md_alg == MBEDTLS_MD_NONE) + psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); + *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); + if( *md_alg == MBEDTLS_MD_NONE ) { #if SIZE_MAX > UINT_MAX - if (hash_length > UINT_MAX) - return(PSA_ERROR_INVALID_ARGUMENT); + if( hash_length > UINT_MAX ) + return( PSA_ERROR_INVALID_ARGUMENT ); #endif } else { - if (mbedtls_md_get_size(md_info) != hash_length) - return(PSA_ERROR_INVALID_ARGUMENT); - if (md_info == NULL) - return(PSA_ERROR_NOT_SUPPORTED); + if( mbedtls_md_get_size( md_info ) != hash_length ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( md_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); } - return PSA_SUCCESS; + return( PSA_SUCCESS ); } - - -psa_status_t psa_asymmetric_sign(psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length) +psa_status_t psa_asymmetric_sign( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) { key_slot_t *slot; psa_status_t status; @@ -1243,7 +1243,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, (void) salt; (void) salt_length; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; @@ -1251,7 +1250,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( !( slot->policy.usage & PSA_KEY_USAGE_SIGN ) ) + if( ! ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) ) return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) @@ -1261,9 +1260,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, int ret; mbedtls_md_type_t md_alg; status = verify_RSA_hash_input_and_get_md_type( alg, hash_length, - &md_alg ); - if ( status != PSA_SUCCESS ) - return status; + &md_alg ); + if( status != PSA_SUCCESS ) + return( status ); if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1315,8 +1314,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, md_info = mbedtls_md_info_from_psa( alg ); md_alg = mbedtls_md_get_type( md_info ); ret = mbedtls_ecdsa_write_signature( ecdsa, md_alg, hash, hash_length, - signature, signature_length, mbedtls_ctr_drbg_random, - &global_data.ctr_drbg ); + signature, signature_length, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ); return( mbedtls_to_psa_error( ret ) ); } else @@ -1326,14 +1326,14 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, } } -psa_status_t psa_asymmetric_verify(psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *signature, - size_t signature_size) +psa_status_t psa_asymmetric_verify( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *signature, + size_t signature_size ) { key_slot_t *slot; psa_status_t status; @@ -1345,20 +1345,20 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if (!(slot->policy.usage & PSA_KEY_USAGE_VERIFY)) - return(PSA_ERROR_NOT_PERMITTED); + if( ! ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) ) + return( PSA_ERROR_NOT_PERMITTED ); - #if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_RSA_C) if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) || ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; mbedtls_md_type_t md_alg; - status = verify_RSA_hash_input_and_get_md_type(alg, hash_length, - &md_alg); - if (status != PSA_SUCCESS) - return status; + status = verify_RSA_hash_input_and_get_md_type( alg, hash_length, + &md_alg ); + if( status != PSA_SUCCESS ) + return( status ); if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1369,13 +1369,13 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, MBEDTLS_MD_NONE ); ret = mbedtls_rsa_pkcs1_verify( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PUBLIC, - md_alg, - hash_length, - hash, - signature ); + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + md_alg, + hash_length, + hash, + signature ); } else @@ -1400,9 +1400,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, mbedtls_ecp_keypair *ecdsa = slot->data.ecp; int ret; (void)alg; - ret = mbedtls_ecdsa_read_signature(ecdsa, hash, hash_length, signature, - signature_size); - return(mbedtls_to_psa_error(ret)); + ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, + signature, signature_size ); + return( mbedtls_to_psa_error( ret ) ); } else #endif /* defined(MBEDTLS_ECP_C) */ @@ -1411,16 +1411,15 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, } } - -psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length) +psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { key_slot_t *slot; (void) salt; @@ -1434,28 +1433,27 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if (!(slot->policy.usage & PSA_KEY_USAGE_ENCRYPT)) - return(PSA_ERROR_NOT_PERMITTED); - + if( ! ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) + return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) || - ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) ) + ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; if( output_size < rsa->len ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { - ret = mbedtls_rsa_pkcs1_encrypt( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PUBLIC, - input_length, - input, - output ); + ret = mbedtls_rsa_pkcs1_encrypt( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + input_length, + input, + output ); } else #endif /* MBEDTLS_PKCS1_V15 */ @@ -1488,16 +1486,15 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, } - -psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length) +psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { key_slot_t *slot; (void) salt; @@ -1511,8 +1508,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, return( PSA_ERROR_EMPTY_SLOT ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if (!(slot->policy.usage & PSA_KEY_USAGE_DECRYPT)) - return(PSA_ERROR_NOT_PERMITTED); + if( ! ( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) + return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) @@ -1526,14 +1523,14 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, #if defined(MBEDTLS_PKCS1_V15) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { - ret = mbedtls_rsa_pkcs1_decrypt( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PRIVATE, - output_length, - input, - output, - output_size ); + ret = mbedtls_rsa_pkcs1_decrypt( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + output_length, + input, + output, + output_size ); } else #endif /* MBEDTLS_PKCS1_V15 */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 690b22c88..4522b9a8d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -84,7 +84,7 @@ void import_export( char *hex, int type_arg, psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_VENDOR_FLAG ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); From 8b18a4fef304f5baca485af7600a18ec9deb0f8c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 16:34:46 +0200 Subject: [PATCH 0224/2197] Rename verify_RSA_hash_input_and_get_md_type Give it a shorter name that's more in line with our naming conventions. --- library/psa_crypto.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c716b7beb..2a0d59c50 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1203,9 +1203,11 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, /* Asymmetric cryptography */ /****************************************************************/ -static psa_status_t verify_RSA_hash_input_and_get_md_type( psa_algorithm_t alg, - size_t hash_length, - mbedtls_md_type_t *md_alg ) +/* Decode the hash algorithm from alg and store the mbedtls encoding in + * md_alg. Verify that the hash length is consistent. */ +static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, + size_t hash_length, + mbedtls_md_type_t *md_alg ) { psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); @@ -1259,8 +1261,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; mbedtls_md_type_t md_alg; - status = verify_RSA_hash_input_and_get_md_type( alg, hash_length, - &md_alg ); + status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); if( status != PSA_SUCCESS ) return( status ); @@ -1355,8 +1356,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; mbedtls_md_type_t md_alg; - status = verify_RSA_hash_input_and_get_md_type( alg, hash_length, - &md_alg ); + status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); if( status != PSA_SUCCESS ) return( status ); From 625b01c9c3ba8e3b52c75336d6d41f43d960af46 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 17:43:16 +0200 Subject: [PATCH 0225/2197] Add OAEP placeholders in asymmetric encrypt/decrypt Replace PSS placeholders by OAEP placeholders. PSS is a signature algorithm, not an encryption algorithm. Fix typo in PSA_ALG_IS_RSA_OAEP_MGF1. --- include/psa/crypto.h | 2 +- library/psa_crypto.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 084049430..db5b5f6ab 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -336,7 +336,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_RSA_OAEP_MGF1(hash_alg) \ (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_OAEP_MGF1(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_RAW) + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_BASE) #define PSA_ALG_RSA_GET_HASH(alg) \ (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2a0d59c50..cd20738d9 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1458,7 +1458,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, else #endif /* MBEDTLS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) - if( alg == PSA_ALG_RSA_PSS_MGF1 ) + if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) ) { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -1535,7 +1535,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, else #endif /* MBEDTLS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) - if( alg == PSA_ALG_RSA_PSS_MGF1 ) + if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) ) { return( PSA_ERROR_NOT_SUPPORTED ); } From beb4948d1067b41bc52ef2ec0f5a08d825e46b21 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 17:44:35 +0200 Subject: [PATCH 0226/2197] Add RSA PSS verification (untested) --- library/psa_crypto.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cd20738d9..459373652 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1383,7 +1383,13 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, #if defined(MBEDTLS_PKCS1_V21) if( alg == PSA_ALG_RSA_PSS_MGF1 ) { - return( PSA_ERROR_NOT_SUPPORTED ); + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + ret = mbedtls_rsa_rsassa_pss_verify( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + md_alg, hash_length, hash, + signature ); } else #endif /* MBEDTLS_PKCS1_V21 */ From b75e4f131454fe3e3ac322800dc9d6a811a42819 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 17:44:47 +0200 Subject: [PATCH 0227/2197] Remove ECC boilerplate in asymmetric encrypt/decrypt We don't have any encryption algorithm using ECC keys at the moment. --- library/psa_crypto.c | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 459373652..5b92f49b1 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1477,15 +1477,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, *output_length = rsa->len; return( mbedtls_to_psa_error( ret ) ); } -#endif -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - // TODO - return( PSA_ERROR_NOT_SUPPORTED ); - } else -#endif /* defined(MBEDTLS_ECP_C) */ +#endif /* defined(MBEDTLS_RSA_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -1553,15 +1546,8 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } -#endif -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - // TODO - return( PSA_ERROR_NOT_SUPPORTED ); - } else -#endif /* defined(MBEDTLS_ECP_C) */ +#endif /* defined(MBEDTLS_RSA_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } From c4def2f2280bcfb988e7be41e79a2b9afd450c66 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 17:53:48 +0200 Subject: [PATCH 0228/2197] Add input length check in psa_asymmetric_decrypt Remove output size check which is not needed here and was copypasta. Add non-regression tests. --- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.data | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5b92f49b1..ef34f857a 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1516,7 +1516,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - if( output_size < rsa->len ) + if( input_length != rsa->len ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 72ddbc066..0cf6bc53f 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -165,3 +165,10 @@ PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too small +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT + +PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too large +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT From eebd7381bb84de01d74c3cee2219e9c3e1ee7955 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Jun 2018 18:11:54 +0200 Subject: [PATCH 0229/2197] Rename asymmetric_encrypt to clarify what it does Renamed to asymmetric_encrypt_decrypt --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- tests/suites/test_suite_psa_crypto.function | 9 +++++---- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0cf6bc53f..e854870c5 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -133,13 +133,13 @@ PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA encrypt using RSA PKCS#1 v1.5 vector #1 +PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA encrypt using RSA PKCS#1 v1.5 vector #2 +PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4522b9a8d..39e104145 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -634,8 +634,8 @@ exit: /* BEGIN_CASE */ -void asymmetric_encrypt( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex ) +void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex, + int alg_arg, char *input_hex ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -672,8 +672,9 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_import_key( slot, key_type, key_data, key_size ) == PSA_SUCCESS ); - //checked using encrypt/decrpyt because of non-optional random - // part of encryption process preventing using fixed vectors + /* We test encryption by checking that encrypt-then-decrypt gives back + * the original plaintext because of the non-optional random + * part of encryption process which prevents using fixed vectors. */ TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, input_data, input_size, From 423f219bb22a6e5b2fd5b831171b255948274c2f Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 12 Jun 2018 17:05:20 +0300 Subject: [PATCH 0230/2197] Fixed missing dependencies in psa crypto tests PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash PSA Symmetric decryption: AES-CTR, 16 bytes, good PSA Symmetric encryption: AES-CTR, 15 bytes, good PSA Symmetric encryption: AES-CTR, 16 bytes, good --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b36e54979..f1fb30f50 100755 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -86,11 +86,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA Symmetric encryption: AES-CTR, 16 bytes, good -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA Symmetric encryption: AES-CTR, 15 bytes, good -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good @@ -110,7 +110,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE PSA Symmetric decryption: AES-CTR, 16 bytes, good -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS PSA Symmetric decryption: AES-CBC-nopad, input too short @@ -269,7 +269,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature From 3e02b3b28092661702cc343000927e0d961b8e6b Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 12 Jun 2018 17:06:52 +0300 Subject: [PATCH 0231/2197] On target testing tests adaptation Updated all psa crypto tests to use the new test format --- tests/suites/test_suite_psa_crypto.data | 0 tests/suites/test_suite_psa_crypto.function | 778 ++++++++------------ 2 files changed, 327 insertions(+), 451 deletions(-) mode change 100755 => 100644 tests/suites/test_suite_psa_crypto.data diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data old mode 100755 new mode 100644 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index add059ed2..002f9f7d0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1,7 +1,13 @@ /* BEGIN_HEADER */ +#include #include "psa/crypto.h" - #include "mbedtls/md.h" + +#if(UINT32_MAX > SIZE_MAX) +#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) ((x) <= SIZE_MAX) +#else +#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) 1 +#endif /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -26,30 +32,27 @@ void init_deinit() /* END_CASE */ /* BEGIN_CASE */ -void import( char *hex, int type, int expected_status ) +void import( data_t *data, int type, int expected_status ) { int slot = 1; psa_status_t status; - unsigned char *data = NULL; - size_t data_size; - data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - status = psa_import_key( slot, type, data, data_size ); + status = psa_import_key( slot, type, data->x, (size_t) data->len ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( status == PSA_SUCCESS ) TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); exit: - mbedtls_free( data ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void import_export( char *hex, +void import_export( data_t *data, int type_arg, int alg_arg, int usage_arg, @@ -62,10 +65,8 @@ void import_export( char *hex, int slot2 = slot + 1; psa_key_type_t type = type_arg; psa_status_t status; - unsigned char *data = NULL; unsigned char *exported = NULL; unsigned char *reexported = NULL; - size_t data_size; size_t export_size; size_t exported_length; size_t reexported_length; @@ -73,9 +74,9 @@ void import_export( char *hex, size_t got_bits; psa_key_policy_t policy = {0}; - data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); - export_size = (ssize_t) data_size + export_size_delta; + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); + export_size = (ssize_t) data->len + export_size_delta; exported = mbedtls_calloc( 1, export_size ); TEST_ASSERT( exported != NULL ); if( ! canonical_input ) @@ -93,7 +94,7 @@ void import_export( char *hex, /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, - data, data_size ) == PSA_SUCCESS ); + data->x, (size_t) data->len ) == PSA_SUCCESS ); /* Test the key information */ TEST_ASSERT( psa_get_key_information( slot, @@ -112,8 +113,8 @@ void import_export( char *hex, if( canonical_input ) { - TEST_ASSERT( exported_length == data_size ); - TEST_ASSERT( memcmp( exported, data, data_size ) == 0 ); + TEST_ASSERT( exported_length == (size_t) data->len ); + TEST_ASSERT( memcmp( exported, data->x, (size_t) data->len ) == 0 ); } else { @@ -138,14 +139,15 @@ destroy: slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); exit: - mbedtls_free( data ); + mbedtls_free( exported ); + mbedtls_free( reexported ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void import_export_public_key( char *hex, +void import_export_public_key( data_t *data, int type_arg, int alg_arg, int expected_bits, @@ -155,18 +157,16 @@ void import_export_public_key( char *hex, int slot = 1; psa_key_type_t type = type_arg; psa_status_t status; - unsigned char *data = NULL; unsigned char *exported = NULL; - size_t data_size; size_t export_size; size_t exported_length; psa_key_type_t got_type; size_t got_bits; psa_key_policy_t policy = {0}; - data = unhexify_alloc( hex, &data_size ); TEST_ASSERT( data != NULL ); - export_size = (ssize_t) data_size ; + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); + export_size = (ssize_t) data->len; exported = mbedtls_calloc( 1, export_size ); TEST_ASSERT( exported != NULL ); @@ -181,7 +181,8 @@ void import_export_public_key( char *hex, /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, - data, data_size ) == PSA_SUCCESS ); + data->x, (size_t) data->len ) == + PSA_SUCCESS ); /* Test the key information */ TEST_ASSERT( psa_get_key_information( slot, @@ -206,104 +207,88 @@ destroy: slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); exit: - mbedtls_free( data ); + mbedtls_free( exported ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void hash_finish( int alg_arg, char *input_hex, char *hash_hex ) +void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) { psa_algorithm_t alg = alg_arg; - unsigned char *input = NULL; - size_t input_size; - unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE]; - size_t expected_hash_length; unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE]; size_t actual_hash_length; psa_hash_operation_t operation; - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - expected_hash_length = unhexify( expected_hash, hash_hex ); + TEST_ASSERT( expected_hash != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, - input, input_size ) == PSA_SUCCESS ); + input->x, (size_t) input->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ) == PSA_SUCCESS ); - TEST_ASSERT( actual_hash_length == expected_hash_length ); - TEST_ASSERT( memcmp( expected_hash, actual_hash, - expected_hash_length ) == 0 ); + TEST_ASSERT( actual_hash_length == (size_t) expected_hash->len ); + TEST_ASSERT( memcmp( expected_hash->x, actual_hash, + (size_t) expected_hash->len ) == 0 ); exit: - mbedtls_free( input ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void hash_verify( int alg_arg, char *input_hex, char *hash_hex ) +void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) { psa_algorithm_t alg = alg_arg; - unsigned char *input = NULL; - size_t input_size; - unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE]; - size_t expected_hash_length; psa_hash_operation_t operation; - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - expected_hash_length = unhexify( expected_hash, hash_hex ); + TEST_ASSERT( expected_hash != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, - input, input_size ) == PSA_SUCCESS ); + input->x, (size_t) input->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, - expected_hash, - expected_hash_length ) == PSA_SUCCESS ); + expected_hash->x, + (size_t) expected_hash->len ) == + PSA_SUCCESS ); exit: - mbedtls_free( input ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void mac_verify( int key_type_arg, char *key_hex, - int alg_arg, char *iv_hex, - char *input_hex, char *mac_hex ) +void mac_verify( int key_type_arg, data_t *key, + int alg_arg, data_t *iv, + data_t *input, data_t *expected_mac ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; - unsigned char *iv = NULL; - size_t iv_size; - unsigned char *input = NULL; - size_t input_size; - unsigned char *expected_mac = NULL; - size_t expected_mac_size; psa_mac_operation_t operation; psa_key_policy_t policy; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - if( iv_hex[0] != 0 ) - { - iv = unhexify_alloc( iv_hex, &iv_size ); - TEST_ASSERT( iv != NULL ); - } - input = unhexify_alloc( input_hex, &input_size ); + TEST_ASSERT( iv != NULL ); TEST_ASSERT( input != NULL ); - expected_mac = unhexify_alloc( mac_hex, &expected_mac_size ); TEST_ASSERT( expected_mac != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( iv->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -314,21 +299,18 @@ void mac_verify( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); // TODO: support IV TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, - input, input_size ) == PSA_SUCCESS ); + input->x, (size_t) input->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify( &operation, - expected_mac, - expected_mac_size ) == PSA_SUCCESS ); + expected_mac->x, + (size_t) expected_mac->len ) == PSA_SUCCESS ); exit: - mbedtls_free( key ); - mbedtls_free( iv ); - mbedtls_free( input ); - mbedtls_free( expected_mac ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -337,52 +319,44 @@ exit: /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, char *output_hex, + data_t *key, + data_t *input, data_t *expected_output, int expected_status ) { int key_slot = 1; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; + unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); memset( iv, 0x2a, sizeof( iv ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input_size + operation.block_size; + output_buffer_size = (size_t) input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); + TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -396,14 +370,13 @@ void cipher_encrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output_size ); - TEST_ASSERT( memcmp( expected_output, output, - expected_output_size ) == 0 ); + TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( memcmp( expected_output->x, output, + (size_t) expected_output->len ) == 0 ); } exit: - mbedtls_free( key ); - mbedtls_free( input ); + mbedtls_free( output ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -411,57 +384,51 @@ exit: /* BEGIN_CASE */ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size, char *output_hex ) + data_t *key, + data_t *input, + int first_part_size, + data_t *expected_output ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; + unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); memset( iv, 0x2a, sizeof( iv ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input_size + operation.block_size; + output_buffer_size = (size_t) input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); + TEST_ASSERT( output != NULL ); - TEST_ASSERT( (unsigned int) first_part_size < input_size ); - TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, + TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len ); + TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation, - input + first_part_size, - input_size - first_part_size, + input->x + first_part_size, + (size_t) input->len - first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -472,12 +439,12 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output_size ); - TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); + TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( memcmp( expected_output->x, output, + (size_t) expected_output->len ) == 0 ); exit: - mbedtls_free( key ); - mbedtls_free( input ); + mbedtls_free( output ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -485,59 +452,53 @@ exit: /* BEGIN_CASE */ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, - int first_part_size, char *output_hex ) + data_t *key, + data_t *input, + int first_part_size, + data_t *expected_output ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; + unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); memset( iv, 0x2a, sizeof( iv ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input_size + operation.block_size; + output_buffer_size = (size_t) input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); + TEST_ASSERT( output != NULL ); - TEST_ASSERT( (unsigned int) first_part_size < input_size ); - TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size, + TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len ); + TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation, - input + first_part_size, - input_size - first_part_size, + input->x + first_part_size, + (size_t) input->len - first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -548,12 +509,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output_size ); - TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 ); + TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( memcmp( expected_output->x, output, + (size_t) expected_output->len ) == 0 ); exit: - mbedtls_free( key ); - mbedtls_free( input ); + mbedtls_free( output ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -562,53 +523,45 @@ exit: /* BEGIN_CASE */ void cipher_decrypt( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, char *output_hex, + data_t *key, + data_t *input, data_t *expected_output, int expected_status ) { int key_slot = 1; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; unsigned char iv[16] = {0}; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output; - unsigned char *expected_output; - size_t expected_output_size; + unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); - - expected_output = unhexify_alloc( output_hex, &expected_output_size ); TEST_ASSERT( expected_output != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); memset( iv, 0x2a, sizeof( iv ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input_size + operation.block_size; + output_buffer_size = (size_t) input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); + TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_cipher_update( &operation, input, input_size, + TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -622,15 +575,14 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output_size ); - TEST_ASSERT( memcmp( expected_output, output, - expected_output_size ) == 0 ); + TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( memcmp( expected_output->x, output, + (size_t) expected_output->len ) == 0 ); } exit: - mbedtls_free( key ); - mbedtls_free( input ); + mbedtls_free( output ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -639,39 +591,34 @@ exit: /* BEGIN_CASE */ void cipher_verify_output( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex ) + data_t *key, + data_t *input ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; unsigned char iv[16] = {0}; size_t iv_size = 16; size_t iv_length = 0; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output1; + unsigned char *output1 = NULL; size_t output1_size = 0; size_t output1_length = 0; - unsigned char *output2; + unsigned char *output2 = NULL; size_t output2_size = 0; size_t output2_length = 0; size_t function_output_length = 0; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); @@ -679,11 +626,11 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_size = input_size + operation1.block_size; + output1_size = (size_t) input->len + operation1.block_size; output1 = mbedtls_calloc( 1, output1_size ); TEST_ASSERT( output1 != NULL ); - TEST_ASSERT( psa_cipher_update( &operation1, input, input_size, + TEST_ASSERT( psa_cipher_update( &operation1, input->x, (size_t) input->len, output1, output1_size, &output1_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, @@ -696,6 +643,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, output2_size = output1_length; output2 = mbedtls_calloc( 1, output2_size ); + TEST_ASSERT( output2 != NULL ); TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); @@ -712,12 +660,12 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == output2_length ); - TEST_ASSERT( memcmp( input, output2, input_size ) == 0 ); + TEST_ASSERT( (size_t) input->len == output2_length ); + TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 ); exit: - mbedtls_free( key ); - mbedtls_free( input ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } @@ -726,40 +674,35 @@ exit: /* BEGIN_CASE */ void cipher_verify_output_multipart( int alg_arg, int key_type_arg, - char *key_hex, - char *input_hex, + data_t *key, + data_t *input, int first_part_size ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key = NULL; - size_t key_size; unsigned char iv[16] = {0}; size_t iv_size = 16; size_t iv_length = 0; - unsigned char *input = NULL; - size_t input_size = 0; - unsigned char *output1; + unsigned char *output1 = NULL; size_t output1_buffer_size = 0; size_t output1_length = 0; - unsigned char *output2; + unsigned char *output2 = NULL; size_t output2_buffer_size = 0; size_t output2_length = 0; size_t function_output_length; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; - key = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key != NULL ); - - input = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key, key_size ) == PSA_SUCCESS ); + key->x, (size_t) key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); @@ -767,19 +710,20 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_buffer_size = input_size + operation1.block_size; + output1_buffer_size = (size_t) input->len + operation1.block_size; output1 = mbedtls_calloc( 1, output1_buffer_size ); + TEST_ASSERT( output1 != NULL ); - TEST_ASSERT( (unsigned int) first_part_size < input_size ); + TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len ); - TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size, + TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, output1, output1_buffer_size, &function_output_length ) == PSA_SUCCESS ); output1_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation1, - input + first_part_size, - input_size - first_part_size, + input->x + first_part_size, + (size_t) input->len - first_part_size, output1, output1_buffer_size, &function_output_length ) == PSA_SUCCESS ); output1_length += function_output_length; @@ -794,6 +738,7 @@ void cipher_verify_output_multipart( int alg_arg, output2_buffer_size = output1_length; output2 = mbedtls_calloc( 1, output2_buffer_size ); + TEST_ASSERT( output2 != NULL ); TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); @@ -818,54 +763,46 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - TEST_ASSERT( input_size == output2_length ); - TEST_ASSERT( memcmp( input, output2, input_size ) == 0 ); + TEST_ASSERT( (size_t) input->len == output2_length ); + TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 ); exit: - mbedtls_free( key ); - mbedtls_free( input ); + mbedtls_free( output1 ); + mbedtls_free( output2 ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, char * nonce_hex, - char * add_data, int expected_result_arg ) +void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, + int alg_arg, data_t * input_data, data_t * nonce, + data_t * additional_data, int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; unsigned char *output_data2 = NULL; size_t output_length2 = 0; - uint8_t* nonce; - size_t nonce_length = 16; size_t tag_length = 16; - unsigned char *additional_data = NULL; - size_t additional_data_length = 0; psa_status_t expected_result = (psa_status_t) expected_result_arg; psa_key_policy_t policy = {0}; - - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - additional_data = unhexify_alloc( add_data, &additional_data_length ); - TEST_ASSERT( input_data != NULL ); - output_size = input_size + tag_length; + TEST_ASSERT( nonce != NULL ); + TEST_ASSERT( additional_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); + + output_size = (size_t) input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); - nonce = unhexify_alloc( nonce_hex, &nonce_length ); - TEST_ASSERT( nonce != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -876,13 +813,16 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - input_data, input_size, output_data, - output_size, &output_length ) == expected_result ); + nonce->x, (size_t) nonce->len, + additional_data->x, + (size_t) additional_data->len, + input_data->x, (size_t) input_data->len, + output_data, + output_size, &output_length ) == + expected_result ); if( PSA_SUCCESS == expected_result ) { @@ -890,22 +830,21 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( output_data2 != NULL ); TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, + nonce->x, (size_t) nonce->len, + additional_data->x, + (size_t) additional_data->len, output_data, output_length, output_data2, - output_length, &output_length2 ) == expected_result ); + output_length, &output_length2 ) == + expected_result ); - TEST_ASSERT( memcmp( input_data, output_data2, - input_size ) == 0 ); + TEST_ASSERT( memcmp( input_data->x, output_data2, + (size_t) input_data->len ) == 0 ); } exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( additional_data ); mbedtls_free( output_data ); mbedtls_free( output_data2 ); mbedtls_psa_crypto_free( ); @@ -913,44 +852,34 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, - char * add_data, char * nonce_hex, - char * expected_result_hex ) +void aead_encrypt( int key_type_arg, data_t * key_data, + int alg_arg, data_t * input_data, + data_t * additional_data, data_t * nonce, + data_t * expected_result ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - unsigned char *expected_result = NULL; - size_t expected_result_length = 0; - uint8_t* nonce = NULL; - size_t nonce_length = 0; size_t tag_length = 16; - unsigned char *additional_data = NULL; - size_t additional_data_length = 0; psa_key_policy_t policy = {0}; - - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - additional_data = unhexify_alloc( add_data, &additional_data_length ); - TEST_ASSERT( input_data != NULL ); - output_size = input_size + tag_length; + TEST_ASSERT( additional_data != NULL ); + TEST_ASSERT( nonce != NULL ); + TEST_ASSERT( expected_result != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) ); + + output_size = (size_t) input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); - nonce = unhexify_alloc( nonce_hex, &nonce_length ); - TEST_ASSERT( nonce != NULL ); - expected_result = unhexify_alloc( expected_result_hex, &expected_result_length ); - TEST_ASSERT( expected_result != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -961,71 +890,60 @@ void aead_encrypt( int key_type_arg, char * key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - input_data, input_size, output_data, + nonce->x, (size_t) nonce->len, + additional_data->x, + (size_t) additional_data->len, + input_data->x, (size_t) input_data->len, + output_data, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( output_data, expected_result, + TEST_ASSERT( memcmp( output_data, expected_result->x, output_length ) == 0 ); exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( additional_data ); mbedtls_free( output_data ); - mbedtls_free( nonce ); - mbedtls_free( expected_result ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, char * key_hex, - int alg_arg, char * input_hex, - char * add_data, char * nonce_hex, - char * expected_result_hex, int expected_result_arg ) +void aead_decrypt( int key_type_arg, data_t * key_data, + int alg_arg, data_t * input_data, + data_t * additional_data, data_t * nonce, + data_t * expected_data, int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - unsigned char *expected_data = NULL; - size_t expected_result_length = 0; - uint8_t* nonce = NULL; - size_t nonce_length = 0; size_t tag_length = 16; - unsigned char *additional_data = NULL; - size_t additional_data_length = 0; psa_key_policy_t policy = {0}; psa_status_t expected_result = (psa_status_t) expected_result_arg; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - additional_data = unhexify_alloc( add_data, &additional_data_length ); - TEST_ASSERT( input_data != NULL ); - output_size = input_size + tag_length; + TEST_ASSERT( additional_data != NULL ); + TEST_ASSERT( nonce != NULL ); + TEST_ASSERT( expected_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); + + output_size = (size_t) input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); - nonce = unhexify_alloc( nonce_hex, &nonce_length ); - TEST_ASSERT( nonce != NULL ); - expected_data = unhexify_alloc( expected_result_hex, &expected_result_length ); - TEST_ASSERT( expected_data != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1036,18 +954,21 @@ void aead_decrypt( int key_type_arg, char * key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce, nonce_length, - additional_data, additional_data_length, - input_data, input_size, output_data, - output_size, &output_length ) == expected_result ); + nonce->x, (size_t) nonce->len, + additional_data->x, (size_t) additional_data->len, + input_data->x, (size_t) input_data->len, + output_data, + output_size, &output_length ) == + expected_result ); if ( expected_result == PSA_SUCCESS ) { - TEST_ASSERT( memcmp( output_data, expected_data, + TEST_ASSERT( memcmp( output_data, expected_data->x, output_length ) == 0 ); } @@ -1055,12 +976,7 @@ void aead_decrypt( int key_type_arg, char * key_hex, exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( additional_data ); mbedtls_free( output_data ); - mbedtls_free( nonce ); - mbedtls_free( expected_data ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1078,30 +994,25 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_deterministic( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, char *output_hex ) +void sign_deterministic( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + data_t *output_data ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; size_t key_bits; - unsigned char *input_data = NULL; - size_t input_size; - unsigned char *output_data = NULL; - size_t output_size; unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - output_data = unhexify_alloc( output_hex, &output_size ); TEST_ASSERT( output_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1112,7 +1023,7 @@ void sign_deterministic( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_information( slot, NULL, &key_bits ) == PSA_SUCCESS ); @@ -1123,45 +1034,40 @@ void sign_deterministic( int key_type_arg, char *key_hex, TEST_ASSERT( signature != NULL ); TEST_ASSERT( psa_asymmetric_sign( slot, alg, - input_data, input_size, + input_data->x, (size_t) input_data->len, NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); - TEST_ASSERT( signature_length == output_size ); - TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 ); + TEST_ASSERT( signature_length == (size_t) output_data->len ); + TEST_ASSERT( memcmp( signature, output_data->x, (size_t) output_data->len ) + == 0 ); exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( output_data ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void sign_fail( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, +void sign_fail( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, int signature_size, int expected_status_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; unsigned char *signature = NULL; size_t signature_length = 0xdeadbeef; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + signature = mbedtls_calloc( 1, signature_size ); TEST_ASSERT( signature != NULL ); @@ -1174,10 +1080,12 @@ void sign_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); actual_status = psa_asymmetric_sign( slot, alg, - input_data, input_size, + input_data->x, + (size_t) input_data->len, NULL, 0, signature, signature_size, &signature_length ); @@ -1186,8 +1094,6 @@ void sign_fail( int key_type_arg, char *key_hex, exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } @@ -1232,11 +1138,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex ) +void key_policy_fail( int usage_arg, int alg_arg, int expected_status, + data_t *keypair ) { int key_slot = 1; - unsigned char* keypair = NULL; - size_t key_size = 0; size_t signature_length = 0; psa_key_policy_t policy = {0}; int actual_status = PSA_SUCCESS; @@ -1251,21 +1156,23 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key if( usage_arg & PSA_KEY_USAGE_EXPORT ) { - keypair = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair, key_size ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, - ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, + keypair->x, (size_t) keypair->len ) == + PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, + ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, NULL, 0, &signature_length ); } if( usage_arg & PSA_KEY_USAGE_SIGN ) { - keypair = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair, key_size ) == PSA_SUCCESS ); + keypair->x, (size_t) keypair->len ) == + PSA_SUCCESS ); actual_status = psa_export_key( key_slot, NULL, 0, NULL ); } @@ -1273,7 +1180,6 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key exit: psa_destroy_key( key_slot ); - mbedtls_free( keypair ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1333,26 +1239,21 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_verify( int key_type_arg, char *key_hex, - int alg_arg, char *hash_hex, char *signature_hex ) +void asymmetric_verify( int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *hash_data = NULL; - size_t hash_size; - unsigned char *signature_data = NULL; - size_t signature_size; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - hash_data = unhexify_alloc( hash_hex, &hash_size ); TEST_ASSERT( hash_data != NULL ); - signature_data = unhexify_alloc( signature_hex, &signature_size ); TEST_ASSERT( signature_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1363,47 +1264,41 @@ void asymmetric_verify( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_verify( slot, alg, - hash_data, hash_size, + hash_data->x, (size_t) hash_data->len, NULL, 0, - signature_data, signature_size ) == + signature_data->x, + (size_t) signature_data->len ) == PSA_SUCCESS ); exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( hash_data ); - mbedtls_free( signature_data ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_verify_fail( int key_type_arg, char *key_hex, - int alg_arg, char *hash_hex, char *signature_hex, - int expected_status_arg ) +void asymmetric_verify_fail( int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data, + int expected_status_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *hash_data = NULL; - size_t hash_size; - unsigned char *signature_data = NULL; - size_t signature_size; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - hash_data = unhexify_alloc( hash_hex, &hash_size ); TEST_ASSERT( hash_data != NULL ); - signature_data = unhexify_alloc( signature_hex, &signature_size ); TEST_ASSERT( signature_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1414,37 +1309,32 @@ void asymmetric_verify_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); actual_status = psa_asymmetric_verify( slot, alg, - hash_data, hash_size, + hash_data->x, (size_t) hash_data->len, NULL, 0, - signature_data, signature_size ); + signature_data->x, + (size_t) signature_data->len ); TEST_ASSERT( actual_status == expected_status ); exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( hash_data ); - mbedtls_free( signature_data ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex ) +void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; unsigned char *output = NULL; size_t output_size = 0; size_t output_length = 0; @@ -1453,12 +1343,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex, size_t output2_length = 0; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - output_size = key_size; - output2_size = key_size; - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + + output_size = (size_t) key_data->len; + output2_size = output_size; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); output2 = mbedtls_calloc( 1, output2_size ); @@ -1471,14 +1362,15 @@ void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, - input_data, - input_size, + input_data->x, + (size_t) input_data->len, NULL, 0, output, output_size, @@ -1491,14 +1383,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex, output2, output2_size, &output2_length) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( input_data, output2, input_size ) == 0 ); + TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len ) + == 0 ); exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( output); - mbedtls_free( output2); + mbedtls_free( output ); + mbedtls_free( output2 ); mbedtls_psa_crypto_free( ); } @@ -1506,8 +1397,8 @@ exit: /* BEGIN_CASE */ -void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, +void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, int expected_status_arg ) { @@ -1515,10 +1406,6 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; unsigned char *output = NULL; size_t output_size = 0; size_t output_length = 0; @@ -1526,11 +1413,12 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - output_size = key_size; - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + + output_size = (size_t) key_data->len; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); @@ -1541,11 +1429,12 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); actual_status = psa_asymmetric_encrypt(slot, alg, - input_data, - input_size, + input_data->x, + (size_t) input_data->len, NULL, 0, output, output_size, @@ -1554,40 +1443,33 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex, exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( output); + mbedtls_free( output ); mbedtls_psa_crypto_free( ); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, - char *expected_hex, int expected_size ) +void asymmetric_decrypt( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + data_t *expected_data, int expected_size ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; - unsigned char *expected_data = NULL; - size_t expected_data_size; unsigned char *output = NULL; size_t output_size = 0; size_t output_length = 0; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - output_size = key_size; - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); - expected_data = unhexify_alloc( expected_hex, &expected_data_size ); TEST_ASSERT( expected_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); + + output_size = (size_t) key_data->len; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); @@ -1598,24 +1480,22 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, - input_data, - input_size, + input_data->x, + (size_t) input_data->len, NULL, 0, output, output_size, &output_length) == PSA_SUCCESS ); TEST_ASSERT( ((size_t)expected_size) == output_length ); - TEST_ASSERT( memcmp( expected_data, output, (output_length) ) == 0 ); + TEST_ASSERT( memcmp( expected_data->x, output, (output_length) ) == 0 ); exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); - mbedtls_free( expected_data ); - mbedtls_free( output); + mbedtls_free( output ); mbedtls_psa_crypto_free( ); @@ -1624,18 +1504,14 @@ exit: /* BEGIN_CASE */ -void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, - int alg_arg, char *input_hex, +void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, int expected_status_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - unsigned char *key_data = NULL; - size_t key_size; - unsigned char *input_data = NULL; - size_t input_size; unsigned char *output = NULL; size_t output_size = 0; size_t output_length = 0; @@ -1643,11 +1519,12 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy = {0}; - key_data = unhexify_alloc( key_hex, &key_size ); TEST_ASSERT( key_data != NULL ); - output_size = key_size; - input_data = unhexify_alloc( input_hex, &input_size ); TEST_ASSERT( input_data != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); + + output_size = (size_t) key_data->len; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); @@ -1658,11 +1535,12 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data, key_size ) == PSA_SUCCESS ); + key_data->x, (size_t) key_data->len ) == + PSA_SUCCESS ); actual_status = psa_asymmetric_decrypt(slot, alg, - input_data, - input_size, + input_data->x, + (size_t) input_data->len, NULL, 0, output, output_size, @@ -1671,8 +1549,6 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex, exit: psa_destroy_key( slot ); - mbedtls_free( key_data ); - mbedtls_free( input_data ); mbedtls_free( output); mbedtls_psa_crypto_free( ); } From dcd636a73f2b61b8ab6681049f6731eee3439249 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 16:03:32 +0300 Subject: [PATCH 0232/2197] Commit changes to hmac to not use MD abstraction this PR is part of efforts to use "lower level" mbedTLS APIs vs "higher level" abstract APIs. --- include/psa/crypto_struct.h | 12 ++- library/psa_crypto.c | 155 +++++++++++++++++++++++++++++++----- 2 files changed, 144 insertions(+), 23 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 74e1146b2..8e332b534 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -75,6 +75,16 @@ struct psa_hash_operation_s } ctx; }; + +typedef struct { + unsigned int block_size; + /** The hash context. */ + struct psa_hash_operation_s hash_ctx; + /** The HMAC part of the context. */ + void *hmac_ctx; +} psa_hmac_internal_data; + + struct psa_mac_operation_s { psa_algorithm_t alg; @@ -89,7 +99,7 @@ struct psa_mac_operation_s { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_MD_C) - mbedtls_md_context_t hmac; + psa_hmac_internal_data hmac; #endif #if defined(MBEDTLS_CMAC_C) mbedtls_cipher_context_t cmac; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 18cd44ce3..5c9a8288e 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -996,7 +996,16 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) default: #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) - mbedtls_md_free( &operation->ctx.hmac ); + { + psa_hash_abort( &operation->ctx.hmac.hash_ctx ); + if ( operation->ctx.hmac.hmac_ctx != NULL ) + { + mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, + sizeof( operation->ctx.hmac.block_size * 2 ) ); + mbedtls_free( operation->ctx.hmac.hmac_ctx ); + operation->ctx.hmac.block_size = 0; + } + } else #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); @@ -1015,11 +1024,13 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg ) { - int ret = MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + int ret = 0; psa_status_t status; key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; + size_t keylen; + uint8_t* key_ptr = NULL; const mbedtls_cipher_info_t *cipher_info = NULL; operation->alg = 0; @@ -1027,11 +1038,19 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, operation->iv_set = 0; operation->iv_required = 1; operation->has_input = 0; + operation->key_usage_sign = 0; + operation->key_usage_verify = 0; status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); + slot = &global_data.key_slots[key]; + if (slot->type == PSA_KEY_TYPE_NONE) + return(PSA_ERROR_EMPTY_SLOT); + + key_ptr = slot->data.raw.data; + keylen = slot->data.raw.bytes; if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; @@ -1064,28 +1083,78 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) { + unsigned char sum[MBEDTLS_MD_MAX_SIZE]; + unsigned char *ipad, *opad; + size_t i; + size_t sum_size = MBEDTLS_MD_MAX_SIZE; const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( PSA_ALG_HMAC_HASH( alg ) ); + if( md_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( key_type != PSA_KEY_TYPE_HMAC ) return( PSA_ERROR_INVALID_ARGUMENT ); + operation->iv_required = 0; - operation->mac_size = mbedtls_md_get_size( md_info ); - mbedtls_md_init( &operation->ctx.hmac ); - ret = mbedtls_md_setup( &operation->ctx.hmac, md_info, 1 ); - if( ret != 0 ) - break; - ret = mbedtls_md_hmac_starts( &operation->ctx.hmac, - slot->data.raw.data, - slot->data.raw.bytes ); + operation->mac_size = md_info->size; + operation->ctx.hmac.block_size = md_info->block_size; + operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2, + md_info->block_size ); + if( operation->ctx.hmac.hmac_ctx == NULL ) + { + ret = MBEDTLS_ERR_MD_ALLOC_FAILED; + goto cleanup; + } + + status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( alg ) ); + if( status != PSA_SUCCESS ) + goto cleanup; + + if( key_bits / 8 > (size_t) operation->ctx.hmac.block_size ) + { + status = psa_hash_update(&operation->ctx.hmac.hash_ctx, + key_ptr, slot->data.raw.bytes); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hash_finish(&operation->ctx.hmac.hash_ctx, sum, + sum_size, &sum_size); + if ( status != PSA_SUCCESS ) + goto cleanup; + + keylen = sum_size; + key_ptr = sum; + } + + ipad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx; + opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx + + operation->ctx.hmac.block_size; + + memset( ipad, 0x36, operation->ctx.hmac.block_size ); + memset( opad, 0x5C, operation->ctx.hmac.block_size ); + + for( i = 0; i < keylen; i++ ) + { + ipad[i] = ( unsigned char )( ipad[i] ^ key_ptr[i] ); + opad[i] = ( unsigned char )( opad[i] ^ key_ptr[i] ); + } + + status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( alg ) ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad, + operation->ctx.hmac.block_size ); + if( status != PSA_SUCCESS ) + goto cleanup; break; } else #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); } - +cleanup: /* If we reach this point, then the algorithm-specific part of the * context has at least been initialized, and may contain data that * needs to be wiped on error. */ @@ -1103,7 +1172,8 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) { - int ret; + int ret = 0 ; + psa_status_t status = PSA_SUCCESS; if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); if( operation->iv_required && ! operation->iv_set ) @@ -1122,8 +1192,8 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - ret = mbedtls_md_hmac_update( &operation->ctx.hmac, - input, input_length ); + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input, + input_length ); } else #endif /* MBEDTLS_MD_C */ @@ -1132,9 +1202,14 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, } break; } - if( ret != 0 ) - psa_mac_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) ) + { + psa_mac_abort(operation); + if (ret != 0) + status = mbedtls_to_psa_error(ret); + } + + return status; } static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, @@ -1142,7 +1217,8 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, size_t mac_size, size_t *mac_length ) { - int ret; + int ret = 0; + psa_status_t status = PSA_SUCCESS; if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); if( operation->iv_required && ! operation->iv_set ) @@ -1168,7 +1244,37 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - ret = mbedtls_md_hmac_finish( &operation->ctx.hmac, mac ); + unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; + unsigned char *opad; + size_t hash_size = 0; + + opad = (unsigned char *) operation->ctx.hmac.hmac_ctx + + operation->ctx.hmac.block_size; + + status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, + sizeof ( tmp ), &hash_size ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( operation->alg ) ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad, + operation->ctx.hmac.block_size ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp, + hash_size); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac, + mac_size, mac_length ); + if( status != PSA_SUCCESS ) + goto cleanup; } else #endif /* MBEDTLS_MD_C */ @@ -1177,15 +1283,19 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, } break; } +cleanup: - if( ret == 0 ) + if( ( ret == 0 ) && (status == PSA_SUCCESS) ) { return( psa_mac_abort( operation ) ); } else { psa_mac_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + if (ret != 0) + status = mbedtls_to_psa_error(ret); + + return status; } } @@ -1197,7 +1307,8 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, if( !( operation->key_usage_sign ) ) return( PSA_ERROR_NOT_PERMITTED ); - return( psa_mac_finish_internal(operation, mac, mac_size, mac_length ) ); + return( psa_mac_finish_internal(operation, mac, + mac_size, mac_length ) ); } #define MBEDTLS_PSA_MAC_MAX_SIZE \ From 7810be273af28fffe6340c93d7395370cedfc656 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 4 Jun 2018 17:48:23 +0300 Subject: [PATCH 0233/2197] Code correction: remove unneeded sizeof --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5c9a8288e..c4f220988 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1001,7 +1001,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) if ( operation->ctx.hmac.hmac_ctx != NULL ) { mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, - sizeof( operation->ctx.hmac.block_size * 2 ) ); + operation->ctx.hmac.block_size * 2 ); mbedtls_free( operation->ctx.hmac.hmac_ctx ); operation->ctx.hmac.block_size = 0; } From eeace0bf7f0809887b91fe55db2c8257b4212496 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Tue, 5 Jun 2018 11:21:07 +0300 Subject: [PATCH 0234/2197] Code style fix : changed keylen to key_length --- library/psa_crypto.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c4f220988..a2670ef6f 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1029,7 +1029,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - size_t keylen; + size_t key_length; uint8_t* key_ptr = NULL; const mbedtls_cipher_info_t *cipher_info = NULL; @@ -1050,7 +1050,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return(PSA_ERROR_EMPTY_SLOT); key_ptr = slot->data.raw.data; - keylen = slot->data.raw.bytes; + key_length = slot->data.raw.bytes; if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; @@ -1122,7 +1122,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if ( status != PSA_SUCCESS ) goto cleanup; - keylen = sum_size; + key_length = sum_size; key_ptr = sum; } @@ -1133,7 +1133,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, memset( ipad, 0x36, operation->ctx.hmac.block_size ); memset( opad, 0x5C, operation->ctx.hmac.block_size ); - for( i = 0; i < keylen; i++ ) + for( i = 0; i < key_length; i++ ) { ipad[i] = ( unsigned char )( ipad[i] ^ key_ptr[i] ); opad[i] = ( unsigned char )( opad[i] ^ key_ptr[i] ); From 0c9ec53a10abe14789867b1243b974a3a65c2627 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 7 Jun 2018 13:27:47 +0300 Subject: [PATCH 0235/2197] remove reliance on md_info context for hash information 1. remove reliance on md_info context for hash information by decoding locally 2. remove block_size field in context as this is dynamically computed --- library/psa_crypto.c | 114 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 96 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a2670ef6f..d676f67a8 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -984,8 +984,74 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); } + +static psa_status_t get_block_size_from_hash_algorithm( psa_algorithm_t alg, unsigned int *block_size, unsigned int *digest_size) +{ + *block_size = 0; + *digest_size = 0; + + switch( PSA_ALG_HMAC_HASH( alg ) ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + *block_size = 16; + *digest_size = 16; + break; +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + *block_size = 64; + *digest_size = 16; + break; +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + *block_size = 64; + *digest_size = 16; + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + *block_size = 64; + *digest_size = 20; + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + *block_size = 64; + *digest_size = 20; + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + *block_size = 64; + *digest_size = 28; + break; + case PSA_ALG_SHA_256: + *block_size = 64; + *digest_size = 32; + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + *block_size = 128; + *digest_size = 48; + break; + case PSA_ALG_SHA_512: + *block_size = 128; + *digest_size = 64; + break; +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } +return ( PSA_SUCCESS ); +} + + psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) { + psa_status_t status; switch( operation->alg ) { #if defined(MBEDTLS_CMAC_C) @@ -997,13 +1063,19 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { + unsigned int block_size = 0; + unsigned int digest_size = 0; + status = get_block_size_from_hash_algorithm( operation->alg, + &block_size, &digest_size); + if( status != PSA_SUCCESS ) + return( status ); + psa_hash_abort( &operation->ctx.hmac.hash_ctx ); if ( operation->ctx.hmac.hmac_ctx != NULL ) { - mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, - operation->ctx.hmac.block_size * 2 ); + mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, + block_size * 2 ); mbedtls_free( operation->ctx.hmac.hmac_ctx ); - operation->ctx.hmac.block_size = 0; } } else @@ -1087,19 +1159,19 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, unsigned char *ipad, *opad; size_t i; size_t sum_size = MBEDTLS_MD_MAX_SIZE; - const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_psa( PSA_ALG_HMAC_HASH( alg ) ); + unsigned int block_size = 0; + unsigned int digest_size = 0; + status = get_block_size_from_hash_algorithm( alg, + &block_size, &digest_size); + if( status != PSA_SUCCESS ) + return( status ); - if( md_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); if( key_type != PSA_KEY_TYPE_HMAC ) return( PSA_ERROR_INVALID_ARGUMENT ); operation->iv_required = 0; - operation->mac_size = md_info->size; - operation->ctx.hmac.block_size = md_info->block_size; - operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2, - md_info->block_size ); + operation->mac_size = digest_size; + operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2, block_size ); if( operation->ctx.hmac.hmac_ctx == NULL ) { ret = MBEDTLS_ERR_MD_ALLOC_FAILED; @@ -1111,7 +1183,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) goto cleanup; - if( key_bits / 8 > (size_t) operation->ctx.hmac.block_size ) + if( key_bits / 8 > (size_t) block_size ) { status = psa_hash_update(&operation->ctx.hmac.hash_ctx, key_ptr, slot->data.raw.bytes); @@ -1128,10 +1200,10 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, ipad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx; opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx + - operation->ctx.hmac.block_size; + block_size; - memset( ipad, 0x36, operation->ctx.hmac.block_size ); - memset( opad, 0x5C, operation->ctx.hmac.block_size ); + memset( ipad, 0x36, block_size ); + memset( opad, 0x5C, block_size ); for( i = 0; i < key_length; i++ ) { @@ -1145,7 +1217,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, goto cleanup; status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad, - operation->ctx.hmac.block_size ); + block_size ); if( status != PSA_SUCCESS ) goto cleanup; break; @@ -1247,9 +1319,15 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; size_t hash_size = 0; + unsigned int block_size = 0; + unsigned int digest_size = 0; + status = get_block_size_from_hash_algorithm( operation->alg, + &block_size, &digest_size); + if( status != PSA_SUCCESS ) + return( status ); opad = (unsigned char *) operation->ctx.hmac.hmac_ctx + - operation->ctx.hmac.block_size; + block_size; status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, sizeof ( tmp ), &hash_size ); @@ -1262,7 +1340,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, goto cleanup; status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad, - operation->ctx.hmac.block_size ); + block_size ); if( status != PSA_SUCCESS ) goto cleanup; From 35dfbf4601ac49d4f76781fda464288753c64119 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 7 Jun 2018 16:20:17 +0300 Subject: [PATCH 0236/2197] change hmac context to use statically allocated memory 1. removed dynamic allocation of stack context 2. moved ipad to stack 3. added defines for maximal sizes --- include/psa/crypto_struct.h | 11 +++++++++-- library/psa_crypto.c | 21 ++++++--------------- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 8e332b534..ebf80cb03 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -45,6 +45,14 @@ #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#if defined(MBEDTLS_SHA512_C) +#define PSA_CRYPTO_MD_MAX_SIZE 64 +#define PSA_CRYPTO_MD_BLOCK_SIZE 128 +#else +#define PSA_CRYPTO_MD_MAX_SIZE 32 +#define PSA_CRYPTO_MD_BLOCK_SIZE 64 +#endif + struct psa_hash_operation_s { psa_algorithm_t alg; @@ -77,11 +85,10 @@ struct psa_hash_operation_s typedef struct { - unsigned int block_size; /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ - void *hmac_ctx; + char hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE]; } psa_hmac_internal_data; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d676f67a8..29a541faa 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1074,8 +1074,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) if ( operation->ctx.hmac.hmac_ctx != NULL ) { mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, - block_size * 2 ); - mbedtls_free( operation->ctx.hmac.hmac_ctx ); + block_size); } } else @@ -1155,8 +1154,9 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) { - unsigned char sum[MBEDTLS_MD_MAX_SIZE]; - unsigned char *ipad, *opad; + unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE]; + unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; + unsigned char *opad; size_t i; size_t sum_size = MBEDTLS_MD_MAX_SIZE; unsigned int block_size = 0; @@ -1171,12 +1171,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, operation->iv_required = 0; operation->mac_size = digest_size; - operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2, block_size ); - if( operation->ctx.hmac.hmac_ctx == NULL ) - { - ret = MBEDTLS_ERR_MD_ALLOC_FAILED; - goto cleanup; - } status = psa_hash_start( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( alg ) ); @@ -1198,9 +1192,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, key_ptr = sum; } - ipad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx; - opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx + - block_size; + opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx; memset( ipad, 0x36, block_size ); memset( opad, 0x5C, block_size ); @@ -1326,8 +1318,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - opad = (unsigned char *) operation->ctx.hmac.hmac_ctx + - block_size; + opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, sizeof ( tmp ), &hash_size ); From 1e2b04602641a0b8b2794f61a5fe08b81ba75ef5 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 7 Jun 2018 23:45:51 +0300 Subject: [PATCH 0237/2197] adding more test cases for hmac --- tests/suites/test_suite_psa_crypto.data | 96 +++++++++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f1fb30f50..41a597de6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -65,6 +65,102 @@ PSA MAC verify: HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62" +PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" + +PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" + +PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" + +PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" + +PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44" + +PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843" + +PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649" + +PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737" + +PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea" + +PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe" + +PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27" + +PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb" + +PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a" + +PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b" + +PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb" + +PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd" + +PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e" + +PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54" + +PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952" + +PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598" + +PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1" + +PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" + +PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e" + +PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" + PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" From 9e2ffe83acda69dc0a15da9a823ae461b6be16ca Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Fri, 8 Jun 2018 22:51:15 +0300 Subject: [PATCH 0238/2197] change type of hash block to uint8_t --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index ebf80cb03..60c44fbb8 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -88,7 +88,7 @@ typedef struct { /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ - char hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE]; + uint8_t hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE]; } psa_hmac_internal_data; From 084832d65f04a50038fed754def6134e17455411 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Fri, 8 Jun 2018 22:52:24 +0300 Subject: [PATCH 0239/2197] replace get_block_size_from_hash_algorithm with PSA_HASH_BLOCK_SIZE macro --- library/psa_crypto.c | 49 +++++++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 19 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 29a541faa..75a87ad45 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -984,6 +984,18 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); } +#define PSA_HASH_BLOCK_SIZE(alg) \ + ( \ + (alg) == PSA_ALG_MD2 ? 16 : \ + (alg) == PSA_ALG_MD4 ? 64 : \ + (alg) == PSA_ALG_MD5 ? 64 : \ + (alg) == PSA_ALG_RIPEMD160 ? 64 : \ + (alg) == PSA_ALG_SHA_1 ? 64 : \ + (alg) == PSA_ALG_SHA_224 ? 64 : \ + (alg) == PSA_ALG_SHA_256 ? 64 : \ + (alg) == PSA_ALG_SHA_384 ? 128 : \ + (alg) == PSA_ALG_SHA_512 ? 128 : \ + 0) static psa_status_t get_block_size_from_hash_algorithm( psa_algorithm_t alg, unsigned int *block_size, unsigned int *digest_size) { @@ -1063,13 +1075,12 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - unsigned int block_size = 0; - unsigned int digest_size = 0; - status = get_block_size_from_hash_algorithm( operation->alg, - &block_size, &digest_size); - if( status != PSA_SUCCESS ) - return( status ); - + unsigned int block_size = + PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + + if(block_size == 0) + return( PSA_ERROR_NOT_SUPPORTED ); + psa_hash_abort( &operation->ctx.hmac.hash_ctx ); if ( operation->ctx.hmac.hmac_ctx != NULL ) { @@ -1159,12 +1170,13 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, unsigned char *opad; size_t i; size_t sum_size = MBEDTLS_MD_MAX_SIZE; - unsigned int block_size = 0; - unsigned int digest_size = 0; - status = get_block_size_from_hash_algorithm( alg, - &block_size, &digest_size); - if( status != PSA_SUCCESS ) - return( status ); + unsigned int block_size = + PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + unsigned int digest_size = + PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + + if( ( block_size == 0 ) || ( digest_size == 0 ) ) + return( PSA_ERROR_NOT_SUPPORTED ); if( key_type != PSA_KEY_TYPE_HMAC ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1311,12 +1323,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; size_t hash_size = 0; - unsigned int block_size = 0; - unsigned int digest_size = 0; - status = get_block_size_from_hash_algorithm( operation->alg, - &block_size, &digest_size); - if( status != PSA_SUCCESS ) - return( status ); + unsigned int block_size = + PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + + if (block_size == 0) + return(PSA_ERROR_NOT_SUPPORTED); opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; From ef057ac8ed8e6ef7ec023a4947eacb833fbfcc6a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 17:11:54 +0200 Subject: [PATCH 0240/2197] Remove dead code Remove an unused function and an unused variable. Now the code builds with gcc -Wall -Wextra -Werror. --- library/psa_crypto.c | 65 -------------------------------------------- 1 file changed, 65 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 75a87ad45..b6cee8709 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -997,73 +997,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( (alg) == PSA_ALG_SHA_512 ? 128 : \ 0) -static psa_status_t get_block_size_from_hash_algorithm( psa_algorithm_t alg, unsigned int *block_size, unsigned int *digest_size) -{ - *block_size = 0; - *digest_size = 0; - - switch( PSA_ALG_HMAC_HASH( alg ) ) - { -#if defined(MBEDTLS_MD2_C) - case PSA_ALG_MD2: - *block_size = 16; - *digest_size = 16; - break; -#endif -#if defined(MBEDTLS_MD4_C) - case PSA_ALG_MD4: - *block_size = 64; - *digest_size = 16; - break; -#endif -#if defined(MBEDTLS_MD5_C) - case PSA_ALG_MD5: - *block_size = 64; - *digest_size = 16; - break; -#endif -#if defined(MBEDTLS_RIPEMD160_C) - case PSA_ALG_RIPEMD160: - *block_size = 64; - *digest_size = 20; - break; -#endif -#if defined(MBEDTLS_SHA1_C) - case PSA_ALG_SHA_1: - *block_size = 64; - *digest_size = 20; - break; -#endif -#if defined(MBEDTLS_SHA256_C) - case PSA_ALG_SHA_224: - *block_size = 64; - *digest_size = 28; - break; - case PSA_ALG_SHA_256: - *block_size = 64; - *digest_size = 32; - break; -#endif -#if defined(MBEDTLS_SHA512_C) - case PSA_ALG_SHA_384: - *block_size = 128; - *digest_size = 48; - break; - case PSA_ALG_SHA_512: - *block_size = 128; - *digest_size = 64; - break; -#endif - default: - return( PSA_ERROR_NOT_SUPPORTED ); - } -return ( PSA_SUCCESS ); -} - - psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) { - psa_status_t status; switch( operation->alg ) { #if defined(MBEDTLS_CMAC_C) From 99bc649760c0f3632d14c9f4aef62b6850772d75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 17:13:00 +0200 Subject: [PATCH 0241/2197] Normalize whitespace to Mbed TLS standards Only whitespace changes in this commit. --- library/psa_crypto.c | 48 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b6cee8709..c34d621e2 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1010,10 +1010,10 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - unsigned int block_size = - PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + unsigned int block_size = + PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); - if(block_size == 0) + if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); psa_hash_abort( &operation->ctx.hmac.hash_ctx ); @@ -1063,8 +1063,8 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( status ); slot = &global_data.key_slots[key]; - if (slot->type == PSA_KEY_TYPE_NONE) - return(PSA_ERROR_EMPTY_SLOT); + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); key_ptr = slot->data.raw.data; key_length = slot->data.raw.bytes; @@ -1120,34 +1120,34 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, operation->mac_size = digest_size; status = psa_hash_start( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( alg ) ); + PSA_ALG_HMAC_HASH( alg ) ); if( status != PSA_SUCCESS ) goto cleanup; - if( key_bits / 8 > (size_t) block_size ) + if( key_bits / 8 > (size_t) block_size ) { - status = psa_hash_update(&operation->ctx.hmac.hash_ctx, + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, key_ptr, slot->data.raw.bytes); if( status != PSA_SUCCESS ) goto cleanup; - status = psa_hash_finish(&operation->ctx.hmac.hash_ctx, sum, - sum_size, &sum_size); - if ( status != PSA_SUCCESS ) + status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, + sum, sum_size, &sum_size); + if( status != PSA_SUCCESS ) goto cleanup; key_length = sum_size; key_ptr = sum; } - opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx; + opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; memset( ipad, 0x36, block_size ); memset( opad, 0x5C, block_size ); for( i = 0; i < key_length; i++ ) { - ipad[i] = ( unsigned char )( ipad[i] ^ key_ptr[i] ); - opad[i] = ( unsigned char )( opad[i] ^ key_ptr[i] ); + ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] ); + opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] ); } status = psa_hash_start( &operation->ctx.hmac.hash_ctx, @@ -1172,11 +1172,11 @@ cleanup: operation->alg = alg; if( ret != 0 ) { - psa_mac_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + psa_mac_abort(operation); + if ( ret != 0 ) + status = mbedtls_to_psa_error(ret); } - operation->key_set = 1; - return( PSA_SUCCESS ); + } psa_status_t psa_mac_update( psa_mac_operation_t *operation, @@ -1261,13 +1261,13 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, unsigned int block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); - if (block_size == 0) - return(PSA_ERROR_NOT_SUPPORTED); + if( block_size == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, - sizeof ( tmp ), &hash_size ); + sizeof( tmp ), &hash_size ); if( status != PSA_SUCCESS ) goto cleanup; @@ -1307,7 +1307,7 @@ cleanup: else { psa_mac_abort( operation ); - if (ret != 0) + if( ret != 0 ) status = mbedtls_to_psa_error(ret); return status; @@ -1322,8 +1322,8 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, if( !( operation->key_usage_sign ) ) return( PSA_ERROR_NOT_PERMITTED ); - return( psa_mac_finish_internal(operation, mac, - mac_size, mac_length ) ); + return( psa_mac_finish_internal( operation, mac, + mac_size, mac_length ) ); } #define MBEDTLS_PSA_MAC_MAX_SIZE \ From 7e454bc19f2422c8086232ff77244f03f069577b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 17:26:17 +0200 Subject: [PATCH 0242/2197] Split out CMAC and HMAC code into auxiliary functions Split algorithm-specific code out of psa_mac_start. This makes the function easier to read. The behavior is mostly unchanged. In a few cases, errors before setting a key trigger a context wipe where they didn't. This is a marginal performance loss but only cases that are an error in caller code. --- library/psa_crypto.c | 193 ++++++++++++++++++++++++------------------- 1 file changed, 109 insertions(+), 84 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c34d621e2..1eecd3e7c 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -925,6 +925,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; } switch( alg ) + { case PSA_ALG_STREAM_CIPHER: mode = MBEDTLS_MODE_STREAM; @@ -1037,18 +1038,105 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) return( PSA_SUCCESS ); } +static int psa_cmac_start( psa_mac_operation_t *operation, + size_t key_bits, + key_slot_t *slot, + const mbedtls_cipher_info_t *cipher_info ) +{ + int ret; + + operation->mac_size = cipher_info->block_size; + operation->iv_required = 0; + mbedtls_cipher_init( &operation->ctx.cmac ); + + ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); + if( ret != 0 ) + return( ret ); + + ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac, + slot->data.raw.data, + key_bits ); + return( ret ); +} + +static int psa_hmac_start( psa_mac_operation_t *operation, + psa_key_type_t key_type, + size_t key_bits, + key_slot_t *slot, + psa_algorithm_t alg ) +{ + unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE]; + unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; + unsigned char *opad; + size_t i; + size_t sum_size = MBEDTLS_MD_MAX_SIZE; + unsigned int block_size = + PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + unsigned int digest_size = + PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + uint8_t* key_ptr = slot->data.raw.data; + size_t key_length = slot->data.raw.bytes; + psa_status_t status; + + if( ( block_size == 0 ) || ( digest_size == 0 ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + + if( key_type != PSA_KEY_TYPE_HMAC ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + operation->iv_required = 0; + operation->mac_size = digest_size; + + status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( alg ) ); + if( status != PSA_SUCCESS ) + return( status ); + + if( key_bits / 8 > (size_t) block_size ) + { + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, + key_ptr, slot->data.raw.bytes); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, + sum, sum_size, &sum_size); + if( status != PSA_SUCCESS ) + return( status ); + + key_length = sum_size; + key_ptr = sum; + } + + opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; + + memset( ipad, 0x36, block_size ); + memset( opad, 0x5C, block_size ); + + for( i = 0; i < key_length; i++ ) + { + ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] ); + opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] ); + } + + status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( alg ) ); + if( status != PSA_SUCCESS ) + return( status ); + + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad, + block_size ); + return( status ); +} + psa_status_t psa_mac_start( psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg ) { - int ret = 0; psa_status_t status; key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - size_t key_length; - uint8_t* key_ptr = NULL; - const mbedtls_cipher_info_t *cipher_info = NULL; + const mbedtls_cipher_info_t *cipher_info; operation->alg = 0; operation->key_set = 0; @@ -1066,9 +1154,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - key_ptr = slot->data.raw.data; - key_length = slot->data.raw.bytes; - if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; @@ -1086,97 +1171,37 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, { #if defined(MBEDTLS_CMAC_C) case PSA_ALG_CMAC: - operation->iv_required = 0; - mbedtls_cipher_init( &operation->ctx.cmac ); - ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); - if( ret != 0 ) - break; - ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac, - slot->data.raw.data, - key_bits ); + status = mbedtls_to_psa_error( psa_cmac_start( operation, + key_bits, + slot, + cipher_info ) ); break; #endif /* MBEDTLS_CMAC_C */ default: #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) - { - unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE]; - unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; - unsigned char *opad; - size_t i; - size_t sum_size = MBEDTLS_MD_MAX_SIZE; - unsigned int block_size = - PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); - unsigned int digest_size = - PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); - - if( ( block_size == 0 ) || ( digest_size == 0 ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - - if( key_type != PSA_KEY_TYPE_HMAC ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - operation->iv_required = 0; - operation->mac_size = digest_size; - - status = psa_hash_start( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( alg ) ); - if( status != PSA_SUCCESS ) - goto cleanup; - - if( key_bits / 8 > (size_t) block_size ) - { - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, - key_ptr, slot->data.raw.bytes); - if( status != PSA_SUCCESS ) - goto cleanup; - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, - sum, sum_size, &sum_size); - if( status != PSA_SUCCESS ) - goto cleanup; - - key_length = sum_size; - key_ptr = sum; - } - - opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; - - memset( ipad, 0x36, block_size ); - memset( opad, 0x5C, block_size ); - - for( i = 0; i < key_length; i++ ) - { - ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] ); - opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] ); - } - - status = psa_hash_start( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( alg ) ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad, - block_size ); - if( status != PSA_SUCCESS ) - goto cleanup; - break; - } + status = psa_hmac_start( operation, + key_type, key_bits, slot, + alg ); else #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); } -cleanup: + /* If we reach this point, then the algorithm-specific part of the - * context has at least been initialized, and may contain data that - * needs to be wiped on error. */ - operation->alg = alg; - if( ret != 0 ) + + * context may contain data that needs to be wiped on error. */ + if( status != PSA_SUCCESS ) { psa_mac_abort(operation); - if ( ret != 0 ) - status = mbedtls_to_psa_error(ret); } + else + { + operation->alg = alg; + operation->key_set = 1; + } + return( status ); } psa_status_t psa_mac_update( psa_mac_operation_t *operation, From e1bc6800cc60a7f1aa337276059fa15ef81b8f15 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 17:36:05 +0200 Subject: [PATCH 0243/2197] psa_hmac_start: remove useless casts --- library/psa_crypto.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1eecd3e7c..794af37f8 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1067,10 +1067,10 @@ static int psa_hmac_start( psa_mac_operation_t *operation, { unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE]; unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; - unsigned char *opad; + unsigned char *opad = operation->ctx.hmac.hmac_ctx; size_t i; size_t sum_size = MBEDTLS_MD_MAX_SIZE; - unsigned int block_size = + size_t block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); unsigned int digest_size = PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); @@ -1092,7 +1092,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - if( key_bits / 8 > (size_t) block_size ) + if( key_bits / 8 > block_size ) { status = psa_hash_update( &operation->ctx.hmac.hash_ctx, key_ptr, slot->data.raw.bytes); @@ -1107,15 +1107,13 @@ static int psa_hmac_start( psa_mac_operation_t *operation, key_ptr = sum; } - opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; - memset( ipad, 0x36, block_size ); memset( opad, 0x5C, block_size ); for( i = 0; i < key_length; i++ ) { - ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] ); - opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] ); + ipad[i] = ipad[i] ^ key_ptr[i]; + opad[i] = opad[i] ^ key_ptr[i]; } status = psa_hash_start( &operation->ctx.hmac.hash_ctx, @@ -1281,7 +1279,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( operation->alg ) ) { unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; - unsigned char *opad; + unsigned char *opad = operation->ctx.hmac.hmac_ctx; size_t hash_size = 0; unsigned int block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); @@ -1289,8 +1287,6 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); - opad = (unsigned char *) operation->ctx.hmac.hmac_ctx; - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, sizeof( tmp ), &hash_size ); if( status != PSA_SUCCESS ) From c102e3ce4b6652b76bf0ca6520e04e3095a0cf41 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 17:38:53 +0200 Subject: [PATCH 0244/2197] psa_hmac_start: simplify key_length logic in hash-the-key case --- library/psa_crypto.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 794af37f8..9fb80bb21 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1069,7 +1069,6 @@ static int psa_hmac_start( psa_mac_operation_t *operation, unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; unsigned char *opad = operation->ctx.hmac.hmac_ctx; size_t i; - size_t sum_size = MBEDTLS_MD_MAX_SIZE; size_t block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); unsigned int digest_size = @@ -1099,11 +1098,9 @@ static int psa_hmac_start( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, - sum, sum_size, &sum_size); + sum, sizeof( sum ), &key_length ); if( status != PSA_SUCCESS ) return( status ); - - key_length = sum_size; key_ptr = sum; } From 6a0a44e16704b59040f8b330e57e52cf1cfa645d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 17:42:48 +0200 Subject: [PATCH 0245/2197] HMAC: clean up local variables containing key material In psa_mac_start, the hash of the key and ipad contain material that can be used to make HMAC calculations with the key, therefore they must be wiped. In psa_mac_finish_internal, tmp contains an intermediate value which could reveal the HMAC. This is definitely sensitive in the verify case, and marginally sensitive in the finish case (it isn't if the hash function is ideal, but it could make things worse if the hash function is partially broken). --- library/psa_crypto.c | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9fb80bb21..b5b1a96ee 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1116,10 +1116,19 @@ static int psa_hmac_start( psa_mac_operation_t *operation, status = psa_hash_start( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( alg ) ); if( status != PSA_SUCCESS ) - return( status ); + goto cleanup; status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad, block_size ); + +cleanup: + if( key_bits / 8 > (size_t) block_size ) + mbedtls_zeroize( sum, key_length ); + mbedtls_zeroize( ipad, key_length ); + /* opad is in the context. It needs to stay in memory if this function + * succeeds, and it will be wiped by psa_mac_abort() called from + * psa_mac_start in the error case. */ + return( status ); } @@ -1188,7 +1197,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, * context may contain data that needs to be wiped on error. */ if( status != PSA_SUCCESS ) { - psa_mac_abort(operation); + psa_mac_abort( operation ); } else @@ -1288,26 +1297,27 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, sizeof( tmp ), &hash_size ); if( status != PSA_SUCCESS ) goto cleanup; + /* From here on, tmp needs to be wiped. */ status = psa_hash_start( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( operation->alg ) ); if( status != PSA_SUCCESS ) - goto cleanup; + goto hmac_cleanup; status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad, block_size ); if( status != PSA_SUCCESS ) - goto cleanup; + goto hmac_cleanup; status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp, hash_size); if( status != PSA_SUCCESS ) - goto cleanup; + goto hmac_cleanup; status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac, mac_size, mac_length ); - if( status != PSA_SUCCESS ) - goto cleanup; + hmac_cleanup: + mbedtls_zeroize( tmp, hash_size ); } else #endif /* MBEDTLS_MD_C */ From d223b52a9a5bc0bef69f8f5745ef4a9952facdfb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Jun 2018 18:12:58 +0200 Subject: [PATCH 0246/2197] psa_hmac_start: reduce stack usage Store the temporary key in the long-key case (where the key is first hashed) directly into ipad. This reduces the stack usage a little, at a slight cost in complexity. --- library/psa_crypto.c | 35 ++++++++++++++++------------------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b5b1a96ee..dbb35928f 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1061,11 +1061,9 @@ static int psa_cmac_start( psa_mac_operation_t *operation, static int psa_hmac_start( psa_mac_operation_t *operation, psa_key_type_t key_type, - size_t key_bits, key_slot_t *slot, psa_algorithm_t alg ) { - unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE]; unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; unsigned char *opad = operation->ctx.hmac.hmac_ctx; size_t i; @@ -1073,7 +1071,6 @@ static int psa_hmac_start( psa_mac_operation_t *operation, PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); unsigned int digest_size = PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); - uint8_t* key_ptr = slot->data.raw.data; size_t key_length = slot->data.raw.bytes; psa_status_t status; @@ -1091,27 +1088,31 @@ static int psa_hmac_start( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - if( key_bits / 8 > block_size ) + if( key_length > block_size ) { status = psa_hash_update( &operation->ctx.hmac.hash_ctx, - key_ptr, slot->data.raw.bytes); + slot->data.raw.data, slot->data.raw.bytes ); if( status != PSA_SUCCESS ) return( status ); status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, - sum, sizeof( sum ), &key_length ); + ipad, sizeof( ipad ), &key_length ); if( status != PSA_SUCCESS ) return( status ); - key_ptr = sum; } + else + memcpy( ipad, slot->data.raw.data, slot->data.raw.bytes ); - memset( ipad, 0x36, block_size ); - memset( opad, 0x5C, block_size ); - + /* ipad contains the key followed by garbage. Xor and fill with 0x36 + * to create the ipad value. */ for( i = 0; i < key_length; i++ ) - { - ipad[i] = ipad[i] ^ key_ptr[i]; - opad[i] = opad[i] ^ key_ptr[i]; - } + ipad[i] ^= 0x36; + memset( ipad + key_length, 0x36, block_size - key_length ); + + /* Copy the key material from ipad to opad, flipping the requisite bits, + * and filling the rest of opad with the requisite constant. */ + for( i = 0; i < key_length; i++ ) + opad[i] = ipad[i] ^ 0x36 ^ 0x5C; + memset( opad + key_length, 0x5C, block_size - key_length ); status = psa_hash_start( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( alg ) ); @@ -1122,8 +1123,6 @@ static int psa_hmac_start( psa_mac_operation_t *operation, block_size ); cleanup: - if( key_bits / 8 > (size_t) block_size ) - mbedtls_zeroize( sum, key_length ); mbedtls_zeroize( ipad, key_length ); /* opad is in the context. It needs to stay in memory if this function * succeeds, and it will be wiped by psa_mac_abort() called from @@ -1184,9 +1183,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, default: #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) - status = psa_hmac_start( operation, - key_type, key_bits, slot, - alg ); + status = psa_hmac_start( operation, key_type, slot, alg ); else #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); From caec7f0c49630d25570c2d6656e85dbdef45e1e6 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 14 Jun 2018 15:34:50 +0300 Subject: [PATCH 0247/2197] Fix rename issue missed by re-base --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dbb35928f..60a1197ed 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1070,7 +1070,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, size_t block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); unsigned int digest_size = - PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); size_t key_length = slot->data.raw.bytes; psa_status_t status; From 5ca6547b77f93c39ba673b8a4f5d36cd1bf701bb Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Sun, 17 Jun 2018 14:03:40 +0300 Subject: [PATCH 0248/2197] Renamed hmac_ctx to opad and removed null check. this array is now part of the struct and not dynamically allocated so it can't be null. --- include/psa/crypto_struct.h | 2 +- library/psa_crypto.c | 9 +++------ 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 60c44fbb8..f554b6eab 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -88,7 +88,7 @@ typedef struct { /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ - uint8_t hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE]; + uint8_t opad[PSA_CRYPTO_MD_BLOCK_SIZE]; } psa_hmac_internal_data; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 60a1197ed..e51de04cb 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1018,11 +1018,8 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) return( PSA_ERROR_NOT_SUPPORTED ); psa_hash_abort( &operation->ctx.hmac.hash_ctx ); - if ( operation->ctx.hmac.hmac_ctx != NULL ) - { - mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, + mbedtls_zeroize( operation->ctx.hmac.opad, block_size); - } } else #endif /* MBEDTLS_MD_C */ @@ -1065,7 +1062,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, psa_algorithm_t alg ) { unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; - unsigned char *opad = operation->ctx.hmac.hmac_ctx; + unsigned char *opad = operation->ctx.hmac.opad; size_t i; size_t block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); @@ -1282,7 +1279,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( operation->alg ) ) { unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; - unsigned char *opad = operation->ctx.hmac.hmac_ctx; + unsigned char *opad = operation->ctx.hmac.opad; size_t hash_size = 0; unsigned int block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); From 9627241beb2898b1d491f2d99981836935a06ca1 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Sun, 17 Jun 2018 14:41:10 +0300 Subject: [PATCH 0249/2197] change macro PSA_HASH_BLOCK_SIZE to function psa_get_hash_block_size --- library/psa_crypto.c | 46 +++++++++++++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e51de04cb..2f0cff2e7 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -985,18 +985,32 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); } -#define PSA_HASH_BLOCK_SIZE(alg) \ - ( \ - (alg) == PSA_ALG_MD2 ? 16 : \ - (alg) == PSA_ALG_MD4 ? 64 : \ - (alg) == PSA_ALG_MD5 ? 64 : \ - (alg) == PSA_ALG_RIPEMD160 ? 64 : \ - (alg) == PSA_ALG_SHA_1 ? 64 : \ - (alg) == PSA_ALG_SHA_224 ? 64 : \ - (alg) == PSA_ALG_SHA_256 ? 64 : \ - (alg) == PSA_ALG_SHA_384 ? 128 : \ - (alg) == PSA_ALG_SHA_512 ? 128 : \ - 0) +static size_t psa_get_hash_block_size(psa_algorithm_t alg) +{ + switch(alg) + { + case PSA_ALG_MD2: + return 16; + case PSA_ALG_MD4: + return 64; + case PSA_ALG_MD5: + return 64; + case PSA_ALG_RIPEMD160: + return 64; + case PSA_ALG_SHA_1: + return 64; + case PSA_ALG_SHA_224: + return 64; + case PSA_ALG_SHA_256: + return 64; + case PSA_ALG_SHA_384: + return 128; + case PSA_ALG_SHA_512: + return 128; + default: + return 0; + } +} psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) { @@ -1012,7 +1026,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) if( PSA_ALG_IS_HMAC( operation->alg ) ) { unsigned int block_size = - PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -1065,7 +1079,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, unsigned char *opad = operation->ctx.hmac.opad; size_t i; size_t block_size = - PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( alg ) ) ); unsigned int digest_size = PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); size_t key_length = slot->data.raw.bytes; @@ -1281,8 +1295,8 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad = operation->ctx.hmac.opad; size_t hash_size = 0; - unsigned int block_size = - PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + size_t block_size = + psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); From e9664c30f0ebdbd6e5f057646c03b51cdeec53a8 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Sun, 17 Jun 2018 14:41:30 +0300 Subject: [PATCH 0250/2197] space and style fixes --- library/psa_crypto.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2f0cff2e7..90c76732e 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -924,8 +924,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( { alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; } - switch( alg ) + switch( alg ) { case PSA_ALG_STREAM_CIPHER: mode = MBEDTLS_MODE_STREAM; @@ -1252,9 +1252,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, } if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) ) { - psa_mac_abort(operation); - if (ret != 0) - status = mbedtls_to_psa_error(ret); + psa_mac_abort( operation ); + if ( ret != 0 ) + status = mbedtls_to_psa_error( ret ); } return status; From aa5aea0bac33142a9a37d1e7340a7cc001eb4c64 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 18 Jun 2018 12:24:33 +0300 Subject: [PATCH 0251/2197] fix spaces and add braces --- library/psa_crypto.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 90c76732e..4a256988b 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -985,30 +985,30 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); } -static size_t psa_get_hash_block_size(psa_algorithm_t alg) +static size_t psa_get_hash_block_size( psa_algorithm_t alg ) { switch(alg) { case PSA_ALG_MD2: - return 16; + return( 16 ); case PSA_ALG_MD4: - return 64; + return( 64 ); case PSA_ALG_MD5: - return 64; + return( 64 ); case PSA_ALG_RIPEMD160: - return 64; + return( 64 ); case PSA_ALG_SHA_1: - return 64; + return( 64 ); case PSA_ALG_SHA_224: - return 64; + return( 64 ); case PSA_ALG_SHA_256: - return 64; + return( 64 ); case PSA_ALG_SHA_384: - return 128; + return( 128 ); case PSA_ALG_SHA_512: - return 128; + return ( 128 ); default: - return 0; + return ( 0 ); } } From 27fbaf7781da515eb9be35437c317c1faf41805e Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 12 Jun 2018 17:09:28 +0300 Subject: [PATCH 0252/2197] Fixed test sign_deterministic, macro PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE Arguments in the wrong order --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 002f9f7d0..cb9301ab6 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1028,7 +1028,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, NULL, &key_bits ) == PSA_SUCCESS ); - signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits ); + signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); signature = mbedtls_calloc( 1, signature_size ); TEST_ASSERT( signature != NULL ); From 6de7a179c882b0b6484ae79e2e326fc7c5e941de Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 17:51:17 +0200 Subject: [PATCH 0253/2197] Fix file permissions Some files were marked as executable but shouldn't have been. --- include/psa/crypto.h | 0 library/psa_crypto.c | 0 2 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 include/psa/crypto.h mode change 100755 => 100644 library/psa_crypto.c diff --git a/include/psa/crypto.h b/include/psa/crypto.h old mode 100755 new mode 100644 diff --git a/library/psa_crypto.c b/library/psa_crypto.c old mode 100755 new mode 100644 From 2d2778650b04edb0791217ce6c31c42f1844d092 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 15:41:12 +0200 Subject: [PATCH 0254/2197] Normalize whitespace Normalize whitespace to Mbed TLS standards. There are only whitespace changes in this commit. --- include/psa/crypto.h | 4 +- include/psa/crypto_struct.h | 5 +- library/psa_crypto.c | 165 ++++++------ tests/suites/test_suite_psa_crypto.function | 270 ++++++++++---------- 4 files changed, 225 insertions(+), 219 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 94060c1eb..c513b24c2 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1304,8 +1304,8 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - unsigned char *output, - size_t output_size, + unsigned char *output, + size_t output_size, size_t *output_length); psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f554b6eab..4b0f9799b 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -48,7 +48,7 @@ #if defined(MBEDTLS_SHA512_C) #define PSA_CRYPTO_MD_MAX_SIZE 64 #define PSA_CRYPTO_MD_BLOCK_SIZE 128 -#else +#else #define PSA_CRYPTO_MD_MAX_SIZE 32 #define PSA_CRYPTO_MD_BLOCK_SIZE 64 #endif @@ -84,7 +84,8 @@ struct psa_hash_operation_s }; -typedef struct { +typedef struct +{ /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4a256988b..954895910 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -94,12 +94,15 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) * The value is a compile-time constant for now, for simplicity. */ #define MBEDTLS_PSA_KEY_SLOT_COUNT 32 -typedef struct { +typedef struct +{ psa_key_type_t type; psa_key_policy_t policy; psa_key_lifetime_t lifetime; - union { - struct raw_data { + union + { + struct raw_data + { uint8_t *data; size_t bytes; } raw; @@ -112,7 +115,8 @@ typedef struct { } data; } key_slot_t; -typedef struct { +typedef struct +{ int initialized; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; @@ -305,10 +309,10 @@ static psa_status_t mbedtls_to_psa_error( int ret ) /* Key management */ /****************************************************************/ -psa_status_t psa_import_key(psa_key_slot_t key, - psa_key_type_t type, - const uint8_t *data, - size_t data_length) +psa_status_t psa_import_key( psa_key_slot_t key, + psa_key_type_t type, + const uint8_t *data, + size_t data_length ) { key_slot_t *slot; @@ -380,7 +384,7 @@ psa_status_t psa_import_key(psa_key_slot_t key, return( PSA_SUCCESS ); } -psa_status_t psa_destroy_key(psa_key_slot_t key) +psa_status_t psa_destroy_key( psa_key_slot_t key ) { key_slot_t *slot; @@ -424,9 +428,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key) return( PSA_SUCCESS ); } -psa_status_t psa_get_key_information(psa_key_slot_t key, - psa_key_type_t *type, - size_t *bits) +psa_status_t psa_get_key_information( psa_key_slot_t key, + psa_key_type_t *type, + size_t *bits ) { key_slot_t *slot; @@ -472,11 +476,11 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, return( PSA_SUCCESS ); } -static psa_status_t psa_internal_export_key(psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length, - int export_public_key) +static psa_status_t psa_internal_export_key( psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length, + int export_public_key ) { key_slot_t *slot; @@ -492,7 +496,7 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) && ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) ) return( PSA_ERROR_NOT_PERMITTED ); - + if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) { if( slot->data.raw.bytes > data_size ) @@ -542,23 +546,23 @@ static psa_status_t psa_internal_export_key(psa_key_slot_t key, } } -psa_status_t psa_export_key(psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length) +psa_status_t psa_export_key( psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length ) { return psa_internal_export_key( key, data, data_size, - data_length, 0 ); + data_length, 0 ); } -psa_status_t psa_export_public_key(psa_key_slot_t key, - uint8_t *data, - size_t data_size, - size_t *data_length) +psa_status_t psa_export_public_key( psa_key_slot_t key, + uint8_t *data, + size_t data_size, + size_t *data_length ) { return psa_internal_export_key( key, data, data_size, - data_length, 1 ); + data_length, 1 ); } /****************************************************************/ @@ -884,9 +888,9 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, } } -psa_status_t psa_hash_verify(psa_hash_operation_t *operation, - const uint8_t *hash, - size_t hash_length) +psa_status_t psa_hash_verify( psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length ) { uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; size_t actual_hash_length; @@ -912,7 +916,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, - size_t key_bits, + size_t key_bits, mbedtls_cipher_id_t* cipher_id ) { mbedtls_cipher_mode_t mode; @@ -987,7 +991,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( static size_t psa_get_hash_block_size( psa_algorithm_t alg ) { - switch(alg) + switch( alg ) { case PSA_ALG_MD2: return( 16 ); @@ -1006,9 +1010,9 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) case PSA_ALG_SHA_384: return( 128 ); case PSA_ALG_SHA_512: - return ( 128 ); - default: - return ( 0 ); + return( 128 ); + default: + return( 0 ); } } @@ -1032,8 +1036,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) return( PSA_ERROR_NOT_SUPPORTED ); psa_hash_abort( &operation->ctx.hmac.hash_ctx ); - mbedtls_zeroize( operation->ctx.hmac.opad, - block_size); + mbedtls_zeroize( operation->ctx.hmac.opad, block_size ); } else #endif /* MBEDTLS_MD_C */ @@ -1241,7 +1244,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( operation->alg ) ) { status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input, - input_length ); + input_length ); } else #endif /* MBEDTLS_MD_C */ @@ -1250,10 +1253,10 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, } break; } - if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) ) + if( ( ret != 0 ) || ( status != PSA_SUCCESS ) ) { psa_mac_abort( operation ); - if ( ret != 0 ) + if( ret != 0 ) status = mbedtls_to_psa_error( ret ); } @@ -1261,9 +1264,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, } static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) + uint8_t *mac, + size_t mac_size, + size_t *mac_length ) { int ret = 0; psa_status_t status = PSA_SUCCESS; @@ -1296,7 +1299,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, unsigned char *opad = operation->ctx.hmac.opad; size_t hash_size = 0; size_t block_size = - psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -1318,7 +1321,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, goto hmac_cleanup; status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp, - hash_size); + hash_size ); if( status != PSA_SUCCESS ) goto hmac_cleanup; @@ -1336,7 +1339,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, } cleanup: - if( ( ret == 0 ) && (status == PSA_SUCCESS) ) + if( ( ret == 0 ) && ( status == PSA_SUCCESS ) ) { return( psa_mac_abort( operation ) ); } @@ -1344,7 +1347,7 @@ cleanup: { psa_mac_abort( operation ); if( ret != 0 ) - status = mbedtls_to_psa_error(ret); + status = mbedtls_to_psa_error( ret ); return status; } @@ -1362,9 +1365,9 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, mac_size, mac_length ) ); } -#define MBEDTLS_PSA_MAC_MAX_SIZE \ - ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \ - MBEDTLS_MD_MAX_SIZE : \ +#define MBEDTLS_PSA_MAC_MAX_SIZE \ + ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \ + MBEDTLS_MD_MAX_SIZE : \ MBEDTLS_MAX_BLOCK_LENGTH ) psa_status_t psa_mac_verify( psa_mac_operation_t *operation, const uint8_t *mac, @@ -1598,7 +1601,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, { mbedtls_ecp_keypair *ecdsa = slot->data.ecp; int ret; - (void)alg; + (void) alg; ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, signature, signature_size ); return( mbedtls_to_psa_error( ret ) ); @@ -2015,31 +2018,31 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) /* Key Policy */ /****************************************************************/ -void psa_key_policy_init(psa_key_policy_t *policy) +void psa_key_policy_init( psa_key_policy_t *policy ) { memset( policy, 0, sizeof( psa_key_policy_t ) ); } -void psa_key_policy_set_usage(psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg) +void psa_key_policy_set_usage( psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg ) { policy->usage = usage; policy->alg = alg; } -psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy) +psa_key_usage_t psa_key_policy_get_usage( psa_key_policy_t *policy ) { return( policy->usage ); } -psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy) +psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy ) { return( policy->alg ); } -psa_status_t psa_set_key_policy(psa_key_slot_t key, - const psa_key_policy_t *policy) +psa_status_t psa_set_key_policy( psa_key_slot_t key, + const psa_key_policy_t *policy ) { key_slot_t *slot; @@ -2051,8 +2054,8 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, return( PSA_ERROR_OCCUPIED_SLOT ); if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT - | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN - | PSA_KEY_USAGE_VERIFY ) ) != 0 ) + | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN + | PSA_KEY_USAGE_VERIFY ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); slot->policy = *policy; @@ -2060,8 +2063,8 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, return( PSA_SUCCESS ); } -psa_status_t psa_get_key_policy(psa_key_slot_t key, - psa_key_policy_t *policy) +psa_status_t psa_get_key_policy( psa_key_slot_t key, + psa_key_policy_t *policy ) { key_slot_t *slot; @@ -2081,8 +2084,8 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, /* Key Lifetime */ /****************************************************************/ -psa_status_t psa_get_key_lifetime(psa_key_slot_t key, - psa_key_lifetime_t *lifetime) +psa_status_t psa_get_key_lifetime( psa_key_slot_t key, + psa_key_lifetime_t *lifetime ) { key_slot_t *slot; @@ -2096,8 +2099,8 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, return( PSA_SUCCESS ); } -psa_status_t psa_set_key_lifetime(psa_key_slot_t key, - const psa_key_lifetime_t lifetime) +psa_status_t psa_set_key_lifetime( psa_key_slot_t key, + const psa_key_lifetime_t lifetime ) { key_slot_t *slot; @@ -2146,7 +2149,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t tag_length; mbedtls_cipher_id_t cipher_id; const mbedtls_cipher_info_t *cipher_info = NULL; - + *ciphertext_length = 0; status = psa_get_key_information( key, &key_type, &key_bits ); @@ -2154,18 +2157,18 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_EMPTY_SLOT ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + return( PSA_ERROR_NOT_SUPPORTED ); if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) + if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -2238,13 +2241,13 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, { return( PSA_ERROR_NOT_SUPPORTED ); } - + if( ret != 0 ) { memset( ciphertext, 0, ciphertext_size ); return( mbedtls_to_psa_error( ret ) ); } - + *ciphertext_length = plaintext_length + tag_length; return( PSA_SUCCESS ); } @@ -2291,7 +2294,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, size_t tag_length; mbedtls_cipher_id_t cipher_id; const mbedtls_cipher_info_t *cipher_info = NULL; - + *plaintext_length = 0; status = psa_get_key_information( key, &key_type, &key_bits ); @@ -2299,18 +2302,18 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, return( status ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_EMPTY_SLOT ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - + return( PSA_ERROR_NOT_SUPPORTED ); + if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) return( PSA_ERROR_NOT_PERMITTED ); - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) + if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cb9301ab6..5a68074e4 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4,9 +4,9 @@ #include "mbedtls/md.h" #if(UINT32_MAX > SIZE_MAX) -#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) ((x) <= SIZE_MAX) +#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX ) #else -#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) 1 +#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1 #endif /* END_HEADER */ @@ -16,7 +16,7 @@ */ /* BEGIN_CASE */ -void init_deinit() +void init_deinit( ) { psa_status_t status; int i; @@ -148,11 +148,11 @@ exit: /* BEGIN_CASE */ void import_export_public_key( data_t *data, - int type_arg, - int alg_arg, - int expected_bits, - int public_key_expected_length, - int expected_export_status ) + int type_arg, + int alg_arg, + int expected_bits, + int public_key_expected_length, + int expected_export_status ) { int slot = 1; psa_key_type_t type = type_arg; @@ -182,18 +182,18 @@ void import_export_public_key( data_t *data, /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, data->x, (size_t) data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); /* Test the key information */ TEST_ASSERT( psa_get_key_information( slot, - &got_type, &got_bits ) == PSA_SUCCESS ); + &got_type, &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); /* Export the key */ status = psa_export_public_key( slot, - exported, export_size, - &exported_length ); + exported, export_size, + &exported_length ); TEST_ASSERT( status == (psa_status_t) expected_export_status ); if( status != PSA_SUCCESS ) goto destroy; @@ -230,7 +230,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, input->x, (size_t) input->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ) == PSA_SUCCESS ); @@ -259,11 +259,11 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, input->x, (size_t) input->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, expected_hash->x, (size_t) expected_hash->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); exit: mbedtls_psa_crypto_free( ); @@ -305,7 +305,7 @@ void mac_verify( int key_type_arg, data_t *key, TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input->x, (size_t) input->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify( &operation, expected_mac->x, (size_t) expected_mac->len ) == PSA_SUCCESS ); @@ -441,7 +441,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( total_output_length == (size_t) expected_output->len ); TEST_ASSERT( memcmp( expected_output->x, output, - (size_t) expected_output->len ) == 0 ); + (size_t) expected_output->len ) == 0 ); exit: mbedtls_free( output ); @@ -510,8 +510,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); TEST_ASSERT( total_output_length == (size_t) expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - (size_t) expected_output->len ) == 0 ); + TEST_ASSERT( memcmp( expected_output->x, output, + (size_t) expected_output->len ) == 0 ); exit: mbedtls_free( output ); @@ -776,8 +776,8 @@ exit: /* BEGIN_CASE */ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, - int alg_arg, data_t * input_data, data_t * nonce, - data_t * additional_data, int expected_result_arg ) + int alg_arg, data_t * input_data, data_t * nonce, + data_t * additional_data, int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -816,13 +816,13 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, key_data->x, (size_t) key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce->x, (size_t) nonce->len, - additional_data->x, - (size_t) additional_data->len, - input_data->x, (size_t) input_data->len, - output_data, - output_size, &output_length ) == - expected_result ); + nonce->x, (size_t) nonce->len, + additional_data->x, + (size_t) additional_data->len, + input_data->x, (size_t) input_data->len, + output_data, + output_size, &output_length ) == + expected_result ); if( PSA_SUCCESS == expected_result ) { @@ -830,18 +830,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( output_data2 != NULL ); TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce->x, (size_t) nonce->len, - additional_data->x, - (size_t) additional_data->len, - output_data, output_length, output_data2, - output_length, &output_length2 ) == - expected_result ); - + nonce->x, (size_t) nonce->len, + additional_data->x, + (size_t) additional_data->len, + output_data, output_length, output_data2, + output_length, &output_length2 ) == + expected_result ); + TEST_ASSERT( memcmp( input_data->x, output_data2, - (size_t) input_data->len ) == 0 ); + (size_t) input_data->len ) == 0 ); } - + exit: psa_destroy_key( slot ); @@ -853,9 +853,9 @@ exit: /* BEGIN_CASE */ void aead_encrypt( int key_type_arg, data_t * key_data, - int alg_arg, data_t * input_data, - data_t * additional_data, data_t * nonce, - data_t * expected_result ) + int alg_arg, data_t * input_data, + data_t * additional_data, data_t * nonce, + data_t * expected_result ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -880,7 +880,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data, output_size = (size_t) input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -891,20 +891,20 @@ void aead_encrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce->x, (size_t) nonce->len, - additional_data->x, - (size_t) additional_data->len, - input_data->x, (size_t) input_data->len, - output_data, - output_size, &output_length ) == PSA_SUCCESS ); + nonce->x, (size_t) nonce->len, + additional_data->x, + (size_t) additional_data->len, + input_data->x, (size_t) input_data->len, + output_data, + output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( memcmp( output_data, expected_result->x, - output_length ) == 0 ); - + output_length ) == 0 ); + exit: psa_destroy_key( slot ); @@ -915,9 +915,9 @@ exit: /* BEGIN_CASE */ void aead_decrypt( int key_type_arg, data_t * key_data, - int alg_arg, data_t * input_data, - data_t * additional_data, data_t * nonce, - data_t * expected_data, int expected_result_arg ) + int alg_arg, data_t * input_data, + data_t * additional_data, data_t * nonce, + data_t * expected_data, int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -944,7 +944,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data, output_size = (size_t) input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); - + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -955,24 +955,24 @@ void aead_decrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce->x, (size_t) nonce->len, - additional_data->x, (size_t) additional_data->len, - input_data->x, (size_t) input_data->len, - output_data, - output_size, &output_length ) == - expected_result ); + nonce->x, (size_t) nonce->len, + additional_data->x, (size_t) additional_data->len, + input_data->x, (size_t) input_data->len, + output_data, + output_size, &output_length ) == + expected_result ); - if ( expected_result == PSA_SUCCESS ) + if( expected_result == PSA_SUCCESS ) { TEST_ASSERT( memcmp( output_data, expected_data->x, - output_length ) == 0 ); + output_length ) == 0 ); } - + exit: psa_destroy_key( slot ); @@ -986,7 +986,7 @@ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; - size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg); + size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ); TEST_ASSERT( actual_size == (size_t) expected_size_arg ); exit: ; @@ -1039,8 +1039,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature, signature_size, &signature_length ) == PSA_SUCCESS ); TEST_ASSERT( signature_length == (size_t) output_data->len ); - TEST_ASSERT( memcmp( signature, output_data->x, (size_t) output_data->len ) - == 0 ); + TEST_ASSERT( memcmp( signature, output_data->x, + (size_t) output_data->len ) == 0 ); exit: psa_destroy_key( slot ); @@ -1081,7 +1081,7 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); actual_status = psa_asymmetric_sign( slot, alg, input_data->x, @@ -1112,14 +1112,14 @@ void key_policy( int usage_arg, int alg_arg ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - psa_key_policy_init(& policy_set ); - psa_key_policy_init(& policy_get ); + psa_key_policy_init( &policy_set ); + psa_key_policy_init( &policy_get ); psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg ); - TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg ); + TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == (psa_key_usage_t) usage_arg ); - TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg ); + TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == (psa_algorithm_t) alg_arg ); TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); @@ -1159,11 +1159,13 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, TEST_ASSERT( keypair != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, (size_t) keypair->len ) == - PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, - ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, - NULL, 0, &signature_length ); + keypair->x, (size_t) keypair->len ) == + PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, + (psa_algorithm_t) alg_arg, + NULL, 0, + NULL, 0, + NULL, 0, &signature_length ); } if( usage_arg & PSA_KEY_USAGE_SIGN ) @@ -1171,8 +1173,8 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, TEST_ASSERT( keypair != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, (size_t) keypair->len ) == - PSA_SUCCESS ); + keypair->x, (size_t) keypair->len ) == + PSA_SUCCESS ); actual_status = psa_export_key( key_slot, NULL, 0, NULL ); } @@ -1198,13 +1200,13 @@ void key_lifetime( int lifetime_arg ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_set_key_lifetime( key_slot, - lifetime_set ) == PSA_SUCCESS ); + lifetime_set ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, key, sizeof( key ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_lifetime( key_slot, - &lifetime_get ) == PSA_SUCCESS ); + &lifetime_get ) == PSA_SUCCESS ); TEST_ASSERT( lifetime_get == lifetime_set ); @@ -1265,14 +1267,14 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_verify( slot, alg, hash_data->x, (size_t) hash_data->len, NULL, 0, signature_data->x, (size_t) signature_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); exit: psa_destroy_key( slot ); mbedtls_psa_crypto_free( ); @@ -1310,13 +1312,13 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); actual_status = psa_asymmetric_verify( slot, alg, - hash_data->x, (size_t) hash_data->len, - NULL, 0, - signature_data->x, - (size_t) signature_data->len ); + hash_data->x, (size_t) hash_data->len, + NULL, 0, + signature_data->x, + (size_t) signature_data->len ); TEST_ASSERT( actual_status == expected_status ); @@ -1363,28 +1365,28 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ - TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, - input_data->x, - (size_t) input_data->len, - NULL, 0, - output, - output_size, - &output_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_asymmetric_encrypt( slot, alg, + input_data->x, + (size_t) input_data->len, + NULL, 0, + output, + output_size, + &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_asymmetric_decrypt(slot, alg, - output, - output_length, - NULL, 0, - output2, - output2_size, - &output2_length) == PSA_SUCCESS ); + TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + output, + output_length, + NULL, 0, + output2, + output2_size, + &output2_length ) == PSA_SUCCESS ); TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len ) - == 0 ); + == 0 ); exit: psa_destroy_key( slot ); @@ -1398,8 +1400,8 @@ exit: /* BEGIN_CASE */ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - int expected_status_arg ) + int alg_arg, data_t *input_data, + int expected_status_arg ) { @@ -1430,15 +1432,15 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); - actual_status = psa_asymmetric_encrypt(slot, alg, - input_data->x, - (size_t) input_data->len, - NULL, 0, - output, - output_size, - &output_length); + actual_status = psa_asymmetric_encrypt( slot, alg, + input_data->x, + (size_t) input_data->len, + NULL, 0, + output, + output_size, + &output_length ); TEST_ASSERT( actual_status == expected_status ); exit: @@ -1481,17 +1483,17 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, - input_data->x, - (size_t) input_data->len, - NULL, 0, - output, - output_size, - &output_length) == PSA_SUCCESS ); - TEST_ASSERT( ((size_t)expected_size) == output_length ); - TEST_ASSERT( memcmp( expected_data->x, output, (output_length) ) == 0 ); + input_data->x, + (size_t) input_data->len, + NULL, 0, + output, + output_size, + &output_length ) == PSA_SUCCESS ); + TEST_ASSERT( ( (size_t) expected_size ) == output_length ); + TEST_ASSERT( memcmp( expected_data->x, output, ( output_length ) ) == 0 ); exit: psa_destroy_key( slot ); @@ -1505,8 +1507,8 @@ exit: /* BEGIN_CASE */ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - int expected_status_arg ) + int alg_arg, data_t *input_data, + int expected_status_arg ) { int slot = 1; @@ -1536,20 +1538,20 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_import_key( slot, key_type, key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); - actual_status = psa_asymmetric_decrypt(slot, alg, - input_data->x, - (size_t) input_data->len, - NULL, 0, - output, - output_size, - &output_length); + actual_status = psa_asymmetric_decrypt( slot, alg, + input_data->x, + (size_t) input_data->len, + NULL, 0, + output, + output_size, + &output_length ); TEST_ASSERT( actual_status == expected_status ); exit: psa_destroy_key( slot ); - mbedtls_free( output); + mbedtls_free( output ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From c1bb6c8dcca3686698104374f45c6dec5a5b67d6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 16:04:39 +0200 Subject: [PATCH 0255/2197] Formatting improvements Avoid lines longer than 80 columns. Remove some redundant parentheses, e.g. change if( ( a == b ) && ( c == d ) ) to if( a == b && c == d ) which makes lines less long and makes the remaining parentheses more relevant. Add missing parentheses around return statements. There should be no semantic change in this commit. --- library/psa_crypto.c | 71 +++++++++--------- tests/suites/test_suite_psa_crypto.function | 81 ++++++++++++++------- 2 files changed, 92 insertions(+), 60 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 954895910..ff03abd16 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -490,11 +490,12 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( export_public_key && ( !( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) ) ) + if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) && - ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) ) + if( ! export_public_key && + ! PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) && + ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 ) return( PSA_ERROR_NOT_PERMITTED ); if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) @@ -551,8 +552,8 @@ psa_status_t psa_export_key( psa_key_slot_t key, size_t data_size, size_t *data_length ) { - return psa_internal_export_key( key, data, data_size, - data_length, 0 ); + return( psa_internal_export_key( key, data, data_size, + data_length, 0 ) ); } @@ -561,8 +562,8 @@ psa_status_t psa_export_public_key( psa_key_slot_t key, size_t data_size, size_t *data_length ) { - return psa_internal_export_key( key, data, data_size, - data_length, 1 ); + return( psa_internal_export_key( key, data, data_size, + data_length, 1 ) ); } /****************************************************************/ @@ -1030,7 +1031,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) if( PSA_ALG_IS_HMAC( operation->alg ) ) { unsigned int block_size = - psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -1082,13 +1083,13 @@ static int psa_hmac_start( psa_mac_operation_t *operation, unsigned char *opad = operation->ctx.hmac.opad; size_t i; size_t block_size = - psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( alg ) ) ); + psa_get_hash_block_size( PSA_ALG_HMAC_HASH( alg ) ); unsigned int digest_size = - PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); + PSA_HASH_SIZE( PSA_ALG_HMAC_HASH( alg ) ); size_t key_length = slot->data.raw.bytes; psa_status_t status; - if( ( block_size == 0 ) || ( digest_size == 0 ) ) + if( block_size == 0 || digest_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); if( key_type != PSA_KEY_TYPE_HMAC ) @@ -1253,14 +1254,14 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, } break; } - if( ( ret != 0 ) || ( status != PSA_SUCCESS ) ) + if( ret != 0 || status != PSA_SUCCESS ) { psa_mac_abort( operation ); if( ret != 0 ) status = mbedtls_to_psa_error( ret ); } - return status; + return( status ); } static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, @@ -1299,7 +1300,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, unsigned char *opad = operation->ctx.hmac.opad; size_t hash_size = 0; size_t block_size = - psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) ); + psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -1339,7 +1340,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, } cleanup: - if( ( ret == 0 ) && ( status == PSA_SUCCESS ) ) + if( ret == 0 && status == PSA_SUCCESS ) { return( psa_mac_abort( operation ) ); } @@ -1349,7 +1350,7 @@ cleanup: if( ret != 0 ) status = mbedtls_to_psa_error( ret ); - return status; + return( status ); } } @@ -1358,7 +1359,7 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, size_t mac_size, size_t *mac_length ) { - if( !( operation->key_usage_sign ) ) + if( ! operation->key_usage_sign ) return( PSA_ERROR_NOT_PERMITTED ); return( psa_mac_finish_internal( operation, mac, @@ -1377,7 +1378,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, size_t actual_mac_length; psa_status_t status; - if( !( operation->key_usage_verify ) ) + if( ! operation->key_usage_verify ) return( PSA_ERROR_NOT_PERMITTED ); status = psa_mac_finish_internal( operation, @@ -1546,8 +1547,8 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) - if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) || - ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) ) + if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || + slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; @@ -1639,8 +1640,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) - if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) || - ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) ) + if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || + slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; @@ -1830,7 +1831,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ? PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : 1 ); - if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) ) + if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR ) { operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); } @@ -1842,14 +1843,14 @@ psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg ) { - return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ); + return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); } psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg ) { - return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ); + return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); } psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, @@ -1858,7 +1859,7 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, size_t *iv_length ) { int ret = PSA_SUCCESS; - if( operation->iv_set || !( operation->iv_required ) ) + if( operation->iv_set || ! operation->iv_required ) return( PSA_ERROR_BAD_STATE ); if( iv_size < operation->iv_size ) { @@ -1887,7 +1888,7 @@ psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation, size_t iv_length ) { int ret = PSA_SUCCESS; - if( operation->iv_set || !( operation->iv_required ) ) + if( operation->iv_set || ! operation->iv_required ) return( PSA_ERROR_BAD_STATE ); if( iv_length != operation->iv_size ) { @@ -2053,9 +2054,11 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT - | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN - | PSA_KEY_USAGE_VERIFY ) ) != 0 ) + if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_SIGN | + PSA_KEY_USAGE_VERIFY ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); slot->policy = *policy; @@ -2164,7 +2167,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) + if( ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) == 0 ) return( PSA_ERROR_NOT_PERMITTED ); if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != @@ -2231,7 +2234,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, return( mbedtls_to_psa_error( ret ) ); } ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, - nonce, nonce_length, additional_data, + nonce, nonce_length, + additional_data, additional_data_length, plaintext, ciphertext, tag, tag_length ); @@ -2369,7 +2373,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length, nonce, nonce_length, - additional_data, additional_data_length, + additional_data, + additional_data_length, ciphertext, plaintext, tag, tag_length ); mbedtls_ccm_free( &ccm ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5a68074e4..5e66986ae 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -186,7 +186,8 @@ void import_export_public_key( data_t *data, /* Test the key information */ TEST_ASSERT( psa_get_key_information( slot, - &got_type, &got_bits ) == PSA_SUCCESS ); + &got_type, + &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); @@ -348,7 +349,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, (size_t) key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); @@ -413,7 +415,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, (size_t) key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); @@ -482,7 +485,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, (size_t) key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); @@ -552,7 +556,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, (size_t) key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); @@ -620,8 +625,10 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, (size_t) key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation1, + key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation2, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, @@ -704,8 +711,10 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, (size_t) key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_setup( &operation1, + key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_decrypt_setup( &operation2, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, @@ -775,9 +784,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, - int alg_arg, data_t * input_data, data_t * nonce, - data_t * additional_data, int expected_result_arg ) +void aead_encrypt_decrypt( int key_type_arg, + data_t * key_data, + int alg_arg, + data_t * input_data, + data_t * nonce, + data_t * additional_data, + int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -808,7 +821,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, + alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); @@ -833,8 +848,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data, nonce->x, (size_t) nonce->len, additional_data->x, (size_t) additional_data->len, - output_data, output_length, output_data2, - output_length, &output_length2 ) == + output_data, output_length, + output_data2, output_length, + &output_length2 ) == expected_result ); @@ -898,8 +914,8 @@ void aead_encrypt( int key_type_arg, data_t * key_data, additional_data->x, (size_t) additional_data->len, input_data->x, (size_t) input_data->len, - output_data, - output_size, &output_length ) == PSA_SUCCESS ); + output_data, output_size, + &output_length ) == PSA_SUCCESS ); TEST_ASSERT( memcmp( output_data, expected_result->x, @@ -959,7 +975,8 @@ void aead_decrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( psa_aead_decrypt( slot, alg, nonce->x, (size_t) nonce->len, - additional_data->x, (size_t) additional_data->len, + additional_data->x, + (size_t) additional_data->len, input_data->x, (size_t) input_data->len, output_data, output_size, &output_length ) == @@ -982,7 +999,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg ) +void signature_size( int type_arg, + int bits, + int alg_arg, + int expected_size_arg ) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; @@ -1028,7 +1048,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, NULL, &key_bits ) == PSA_SUCCESS ); - signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); + signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, + key_bits, alg ); TEST_ASSERT( signature_size != 0 ); signature = mbedtls_calloc( 1, signature_size ); TEST_ASSERT( signature != NULL ); @@ -1117,9 +1138,11 @@ void key_policy( int usage_arg, int alg_arg ) psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg ); - TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == (psa_key_usage_t) usage_arg ); + TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == + (psa_key_usage_t) usage_arg ); - TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == (psa_algorithm_t) alg_arg ); + TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == + (psa_algorithm_t) alg_arg ); TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); @@ -1218,7 +1241,9 @@ exit: /* BEGIN_CASE */ -void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) +void key_lifetime_set_fail( int key_slot_arg, + int lifetime_arg, + int expected_status_arg ) { int key_slot = 1; psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; @@ -1360,7 +1385,9 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg_arg ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, + alg_arg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, @@ -1385,8 +1412,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, output2, output2_size, &output2_length ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len ) - == 0 ); + TEST_ASSERT( memcmp( input_data->x, output2, + (size_t) input_data->len ) == 0 ); exit: psa_destroy_key( slot ); @@ -1493,7 +1520,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data, output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( ( (size_t) expected_size ) == output_length ); - TEST_ASSERT( memcmp( expected_data->x, output, ( output_length ) ) == 0 ); + TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); exit: psa_destroy_key( slot ); From 803ce7402ac3776e1667d735e971c456f8137fea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 16:07:14 +0200 Subject: [PATCH 0256/2197] Change sizeof(type) to sizeof(variable) --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ff03abd16..190341fbd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2021,7 +2021,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) void psa_key_policy_init( psa_key_policy_t *policy ) { - memset( policy, 0, sizeof( psa_key_policy_t ) ); + memset( policy, 0, sizeof( *policy ) ); } void psa_key_policy_set_usage( psa_key_policy_t *policy, From 7bcfc0a9aeced4d4f011ba7865682d961e932c71 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 21:49:39 +0200 Subject: [PATCH 0257/2197] Be more consistent about blank lines --- library/psa_crypto.c | 17 ++++++++------ tests/suites/test_suite_psa_crypto.function | 26 --------------------- 2 files changed, 10 insertions(+), 33 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 190341fbd..e5ac7bd81 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -305,6 +305,8 @@ static psa_status_t mbedtls_to_psa_error( int ret ) } } + + /****************************************************************/ /* Key management */ /****************************************************************/ @@ -556,7 +558,6 @@ psa_status_t psa_export_key( psa_key_slot_t key, data_length, 0 ) ); } - psa_status_t psa_export_public_key( psa_key_slot_t key, uint8_t *data, size_t data_size, @@ -566,6 +567,8 @@ psa_status_t psa_export_public_key( psa_key_slot_t key, data_length, 1 ) ); } + + /****************************************************************/ /* Message digests */ /****************************************************************/ @@ -909,7 +912,6 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, - /****************************************************************/ /* MAC */ /****************************************************************/ @@ -1395,7 +1397,6 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, - /****************************************************************/ /* Asymmetric cryptography */ /****************************************************************/ @@ -1679,7 +1680,6 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, { return( PSA_ERROR_NOT_SUPPORTED ); } - } psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, @@ -1748,9 +1748,10 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, { return( PSA_ERROR_NOT_SUPPORTED ); } - } + + /****************************************************************/ /* Symmetric cryptography */ /****************************************************************/ @@ -2015,6 +2016,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) } + /****************************************************************/ /* Key Policy */ /****************************************************************/ @@ -2128,9 +2130,11 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, } + /****************************************************************/ /* AEAD */ /****************************************************************/ + psa_status_t psa_aead_encrypt( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, @@ -2223,8 +2227,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //update the tag pointer to point to the end of the ciphertext_length tag = ciphertext + plaintext_length; - - mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, slot->data.raw.data, key_bits ); @@ -2393,6 +2395,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } + /****************************************************************/ /* Module setup */ /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5e66986ae..3de4745bf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -145,7 +145,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void import_export_public_key( data_t *data, int type_arg, @@ -317,7 +316,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, data_t *key, @@ -524,7 +522,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void cipher_decrypt( int alg_arg, int key_type_arg, data_t *key, @@ -585,7 +582,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg, (size_t) expected_output->len ) == 0 ); } - exit: mbedtls_free( output ); psa_destroy_key( key_slot ); @@ -593,7 +589,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void cipher_verify_output( int alg_arg, int key_type_arg, data_t *key, @@ -853,12 +848,10 @@ void aead_encrypt_decrypt( int key_type_arg, &output_length2 ) == expected_result ); - TEST_ASSERT( memcmp( input_data->x, output_data2, (size_t) input_data->len ) == 0 ); } - exit: psa_destroy_key( slot ); mbedtls_free( output_data ); @@ -917,11 +910,9 @@ void aead_encrypt( int key_type_arg, data_t * key_data, output_data, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( output_data, expected_result->x, output_length ) == 0 ); - exit: psa_destroy_key( slot ); mbedtls_free( output_data ); @@ -945,7 +936,6 @@ void aead_decrypt( int key_type_arg, data_t * key_data, psa_key_policy_t policy = {0}; psa_status_t expected_result = (psa_status_t) expected_result_arg; - TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); TEST_ASSERT( additional_data != NULL ); @@ -982,15 +972,12 @@ void aead_decrypt( int key_type_arg, data_t * key_data, output_size, &output_length ) == expected_result ); - if( expected_result == PSA_SUCCESS ) { TEST_ASSERT( memcmp( output_data, expected_data->x, output_length ) == 0 ); } - - exit: psa_destroy_key( slot ); mbedtls_free( output_data ); @@ -1239,7 +1226,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, @@ -1312,7 +1298,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, data_t *signature_data, int expected_status_arg ) { - int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -1345,7 +1330,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, signature_data->x, (size_t) signature_data->len ); - TEST_ASSERT( actual_status == expected_status ); exit: @@ -1354,7 +1338,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data ) @@ -1420,18 +1403,14 @@ exit: mbedtls_free( output ); mbedtls_free( output2 ); mbedtls_psa_crypto_free( ); - } /* END_CASE */ - /* BEGIN_CASE */ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, int expected_status_arg ) { - - int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -1474,7 +1453,6 @@ exit: psa_destroy_key( slot ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); - } /* END_CASE */ @@ -1526,18 +1504,14 @@ exit: psa_destroy_key( slot ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); - - } /* END_CASE */ - /* BEGIN_CASE */ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, int expected_status_arg ) { - int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; From 4abf741e6a4d5705de1f75b47a9f795efd5861f0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 16:35:34 +0200 Subject: [PATCH 0258/2197] Hygiene improvements in PSA crypto test code Get rid of many redundant casts. In particular, it is not useful to cast uint32_t values to size_t before performing arithmetic or comparisons on them. Rewrap a number of function calls, many of which now have narrower arguments thanks to the removed casts. When a function call doesn't fit on a single line, avoid grouping unrelated parameters together, but do try to group a buffer pointer and the associated size. Define more auxiliary variables xxx of a particular integer type (psa_algorithm_t, psa_key_usage_t, etc.) corresponding to a test function xxx_arg which has the type int. This avoids the need to cast xxx_arg to an unsigned type sometimes in the code. --- tests/suites/test_suite_psa_crypto.function | 351 +++++++++----------- 1 file changed, 158 insertions(+), 193 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3de4745bf..3786e57a3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -41,7 +41,7 @@ void import( data_t *data, int type, int expected_status ) TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - status = psa_import_key( slot, type, data->x, (size_t) data->len ); + status = psa_import_key( slot, type, data->x, data->len ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( status == PSA_SUCCESS ) TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); @@ -64,6 +64,7 @@ void import_export( data_t *data, int slot = 1; int slot2 = slot + 1; psa_key_type_t type = type_arg; + psa_algorithm_t alg = alg_arg; psa_status_t status; unsigned char *exported = NULL; unsigned char *reexported = NULL; @@ -87,19 +88,17 @@ void import_export( data_t *data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, usage_arg, alg_arg ); - + psa_key_policy_set_usage( &policy, usage_arg, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, - data->x, (size_t) data->len ) == PSA_SUCCESS ); + data->x, data->len ) == PSA_SUCCESS ); /* Test the key information */ TEST_ASSERT( psa_get_key_information( slot, - &got_type, &got_bits ) == - PSA_SUCCESS ); + &got_type, + &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); @@ -113,20 +112,20 @@ void import_export( data_t *data, if( canonical_input ) { - TEST_ASSERT( exported_length == (size_t) data->len ); - TEST_ASSERT( memcmp( exported, data->x, (size_t) data->len ) == 0 ); + TEST_ASSERT( exported_length == data->len ); + TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 ); } else { TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot2, type, - exported, export_size ) == - PSA_SUCCESS ); + exported, + export_size ) == PSA_SUCCESS ); TEST_ASSERT( psa_export_key( slot2, - reexported, export_size, - &reexported_length ) == - PSA_SUCCESS ); + reexported, + export_size, + &reexported_length ) == PSA_SUCCESS ); TEST_ASSERT( reexported_length == exported_length ); TEST_ASSERT( memcmp( reexported, exported, exported_length ) == 0 ); @@ -155,6 +154,7 @@ void import_export_public_key( data_t *data, { int slot = 1; psa_key_type_t type = type_arg; + psa_algorithm_t alg = alg_arg; psa_status_t status; unsigned char *exported = NULL; size_t export_size; @@ -172,16 +172,12 @@ void import_export_public_key( data_t *data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, - alg_arg ); - + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); /* Import the key */ TEST_ASSERT( psa_import_key( slot, type, - data->x, (size_t) data->len ) == - PSA_SUCCESS ); + data->x, data->len ) == PSA_SUCCESS ); /* Test the key information */ TEST_ASSERT( psa_get_key_information( slot, @@ -229,14 +225,13 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, - input->x, (size_t) input->len ) == - PSA_SUCCESS ); + input->x, input->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ) == PSA_SUCCESS ); - TEST_ASSERT( actual_hash_length == (size_t) expected_hash->len ); + TEST_ASSERT( actual_hash_length == expected_hash->len ); TEST_ASSERT( memcmp( expected_hash->x, actual_hash, - (size_t) expected_hash->len ) == 0 ); + expected_hash->len ) == 0 ); exit: mbedtls_psa_crypto_free( ); @@ -258,12 +253,11 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, - input->x, (size_t) input->len ) == - PSA_SUCCESS ); + input->x, + input->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, expected_hash->x, - (size_t) expected_hash->len ) == - PSA_SUCCESS ); + expected_hash->len ) == PSA_SUCCESS ); exit: mbedtls_psa_crypto_free( ); @@ -293,22 +287,19 @@ void mac_verify( int key_type_arg, data_t *key, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg ); - + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); // TODO: support IV TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, - input->x, (size_t) input->len ) == - PSA_SUCCESS ); + input->x, input->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify( &operation, expected_mac->x, - (size_t) expected_mac->len ) == PSA_SUCCESS ); + expected_mac->len ) == PSA_SUCCESS ); exit: psa_destroy_key( key_slot ); @@ -345,18 +336,19 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + operation.block_size; + output_buffer_size = input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len, + TEST_ASSERT( psa_cipher_update( &operation, + input->x, input->len, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -370,9 +362,9 @@ void cipher_encrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( total_output_length == expected_output->len ); TEST_ASSERT( memcmp( expected_output->x, output, - (size_t) expected_output->len ) == 0 ); + expected_output->len ) == 0 ); } exit: @@ -411,25 +403,25 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + operation.block_size; + output_buffer_size = input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len ); + TEST_ASSERT( (unsigned int) first_part_size < input->len ); TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, - (size_t) input->len - first_part_size, + input->len - first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -440,9 +432,9 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( total_output_length == expected_output->len ); TEST_ASSERT( memcmp( expected_output->x, output, - (size_t) expected_output->len ) == 0 ); + expected_output->len ) == 0 ); exit: mbedtls_free( output ); @@ -481,7 +473,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); @@ -489,18 +481,19 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + operation.block_size; + output_buffer_size = input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len ); - TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, + TEST_ASSERT( (unsigned int) first_part_size < input->len ); + TEST_ASSERT( psa_cipher_update( &operation, + input->x, first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; TEST_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, - (size_t) input->len - first_part_size, + input->len - first_part_size, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -511,9 +504,9 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( total_output_length == expected_output->len ); TEST_ASSERT( memcmp( expected_output->x, output, - (size_t) expected_output->len ) == 0 ); + expected_output->len ) == 0 ); exit: mbedtls_free( output ); @@ -551,7 +544,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS ); @@ -559,11 +552,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + operation.block_size; + output_buffer_size = input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); - TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len, + TEST_ASSERT( psa_cipher_update( &operation, + input->x, input->len, output, output_buffer_size, &function_output_length ) == PSA_SUCCESS ); total_output_length += function_output_length; @@ -577,9 +571,9 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == (size_t) expected_output->len ); + TEST_ASSERT( total_output_length == expected_output->len ); TEST_ASSERT( memcmp( expected_output->x, output, - (size_t) expected_output->len ) == 0 ); + expected_output->len ) == 0 ); } exit: @@ -618,7 +612,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); @@ -628,11 +622,11 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_size = (size_t) input->len + operation1.block_size; + output1_size = input->len + operation1.block_size; output1 = mbedtls_calloc( 1, output1_size ); TEST_ASSERT( output1 != NULL ); - TEST_ASSERT( psa_cipher_update( &operation1, input->x, (size_t) input->len, + TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len, output1, output1_size, &output1_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_finish( &operation1, @@ -662,8 +656,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - TEST_ASSERT( (size_t) input->len == output2_length ); - TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 ); + TEST_ASSERT( input->len == output2_length ); + TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); exit: mbedtls_free( output1 ); @@ -704,7 +698,7 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, - key->x, (size_t) key->len ) == PSA_SUCCESS ); + key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS ); @@ -714,11 +708,11 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_buffer_size = (size_t) input->len + operation1.block_size; + output1_buffer_size = input->len + operation1.block_size; output1 = mbedtls_calloc( 1, output1_buffer_size ); TEST_ASSERT( output1 != NULL ); - TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len ); + TEST_ASSERT( (unsigned int) first_part_size < input->len ); TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, output1, output1_buffer_size, @@ -727,7 +721,7 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_update( &operation1, input->x + first_part_size, - (size_t) input->len - first_part_size, + input->len - first_part_size, output1, output1_buffer_size, &function_output_length ) == PSA_SUCCESS ); output1_length += function_output_length; @@ -767,8 +761,8 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); - TEST_ASSERT( (size_t) input->len == output2_length ); - TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 ); + TEST_ASSERT( input->len == output2_length ); + TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); exit: mbedtls_free( output1 ); @@ -796,7 +790,7 @@ void aead_encrypt_decrypt( int key_type_arg, unsigned char *output_data2 = NULL; size_t output_length2 = 0; size_t tag_length = 16; - psa_status_t expected_result = (psa_status_t) expected_result_arg; + psa_status_t expected_result = expected_result_arg; psa_key_policy_t policy = {0}; TEST_ASSERT( key_data != NULL ); @@ -808,31 +802,28 @@ void aead_encrypt_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); - output_size = (size_t) input_data->len + tag_length; + output_size = input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == PSA_SUCCESS ); + key_data->x, key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce->x, (size_t) nonce->len, + nonce->x, nonce->len, additional_data->x, - (size_t) additional_data->len, - input_data->x, (size_t) input_data->len, - output_data, - output_size, &output_length ) == - expected_result ); + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length ) == expected_result ); if( PSA_SUCCESS == expected_result ) { @@ -840,16 +831,15 @@ void aead_encrypt_decrypt( int key_type_arg, TEST_ASSERT( output_data2 != NULL ); TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce->x, (size_t) nonce->len, + nonce->x, nonce->len, additional_data->x, - (size_t) additional_data->len, + additional_data->len, output_data, output_length, output_data2, output_length, - &output_length2 ) == - expected_result ); + &output_length2 ) == expected_result ); TEST_ASSERT( memcmp( input_data->x, output_data2, - (size_t) input_data->len ) == 0 ); + input_data->len ) == 0 ); } exit: @@ -886,27 +876,24 @@ void aead_encrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) ); - output_size = (size_t) input_data->len + tag_length; + output_size = input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_aead_encrypt( slot, alg, - nonce->x, (size_t) nonce->len, - additional_data->x, - (size_t) additional_data->len, - input_data->x, (size_t) input_data->len, + nonce->x, nonce->len, + additional_data->x, additional_data->len, + input_data->x, input_data->len, output_data, output_size, &output_length ) == PSA_SUCCESS ); @@ -934,7 +921,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data, size_t output_length = 0; size_t tag_length = 16; psa_key_policy_t policy = {0}; - psa_status_t expected_result = (psa_status_t) expected_result_arg; + psa_status_t expected_result = expected_result_arg; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -947,30 +934,27 @@ void aead_decrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); - output_size = (size_t) input_data->len + tag_length; + output_size = input_data->len + tag_length; output_data = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output_data != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_aead_decrypt( slot, alg, - nonce->x, (size_t) nonce->len, + nonce->x, nonce->len, additional_data->x, - (size_t) additional_data->len, - input_data->x, (size_t) input_data->len, - output_data, - output_size, &output_length ) == - expected_result ); + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length ) == expected_result ); if( expected_result == PSA_SUCCESS ) { @@ -1024,13 +1008,12 @@ void sign_deterministic( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); - + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_information( slot, NULL, &key_bits ) == PSA_SUCCESS ); @@ -1042,13 +1025,13 @@ void sign_deterministic( int key_type_arg, data_t *key_data, TEST_ASSERT( signature != NULL ); TEST_ASSERT( psa_asymmetric_sign( slot, alg, - input_data->x, (size_t) input_data->len, + input_data->x, input_data->len, NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); - TEST_ASSERT( signature_length == (size_t) output_data->len ); + TEST_ASSERT( signature_length == output_data->len ); TEST_ASSERT( memcmp( signature, output_data->x, - (size_t) output_data->len ) == 0 ); + output_data->len ) == 0 ); exit: psa_destroy_key( slot ); @@ -1082,18 +1065,15 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg ); - + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); actual_status = psa_asymmetric_sign( slot, alg, - input_data->x, - (size_t) input_data->len, + input_data->x, input_data->len, NULL, 0, signature, signature_size, &signature_length ); @@ -1111,6 +1091,8 @@ exit: void key_policy( int usage_arg, int alg_arg ) { int key_slot = 1; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage = usage_arg; psa_key_type_t key_type = PSA_KEY_TYPE_AES; unsigned char key[32] = {0}; psa_key_policy_t policy_set = {0}; @@ -1123,14 +1105,10 @@ void key_policy( int usage_arg, int alg_arg ) psa_key_policy_init( &policy_set ); psa_key_policy_init( &policy_get ); - psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg ); - - TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == - (psa_key_usage_t) usage_arg ); - - TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == - (psa_algorithm_t) alg_arg ); + psa_key_policy_set_usage( &policy_set, usage, alg ); + TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage ); + TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg ); TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( key_slot, key_type, @@ -1152,6 +1130,8 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, data_t *keypair ) { int key_slot = 1; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage = usage_arg; size_t signature_length = 0; psa_key_policy_t policy = {0}; int actual_status = PSA_SUCCESS; @@ -1159,32 +1139,31 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, usage_arg, alg_arg ); - + psa_key_policy_set_usage( &policy, usage, alg ); TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); - if( usage_arg & PSA_KEY_USAGE_EXPORT ) + if( usage & PSA_KEY_USAGE_EXPORT ) { TEST_ASSERT( keypair != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); - TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, (size_t) keypair->len ) == - PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, - (psa_algorithm_t) alg_arg, + TEST_ASSERT( psa_import_key( key_slot, + PSA_KEY_TYPE_RSA_KEYPAIR, + keypair->x, + keypair->len ) == PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, alg, NULL, 0, NULL, 0, NULL, 0, &signature_length ); } - if( usage_arg & PSA_KEY_USAGE_SIGN ) + if( usage & PSA_KEY_USAGE_SIGN ) { TEST_ASSERT( keypair != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); - TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, (size_t) keypair->len ) == - PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, + PSA_KEY_TYPE_RSA_KEYPAIR, + keypair->x, + keypair->len ) == PSA_SUCCESS ); actual_status = psa_export_key( key_slot, NULL, 0, NULL ); } @@ -1202,7 +1181,7 @@ void key_lifetime( int lifetime_arg ) int key_slot = 1; psa_key_type_t key_type = PSA_ALG_CBC_BASE; unsigned char key[32] = {0}; - psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; + psa_key_lifetime_t lifetime_set = lifetime_arg; psa_key_lifetime_t lifetime_get; memset( key, 0x2a, sizeof( key ) ); @@ -1232,7 +1211,7 @@ void key_lifetime_set_fail( int key_slot_arg, int expected_status_arg ) { int key_slot = 1; - psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg; + psa_key_lifetime_t lifetime_set = lifetime_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; @@ -1271,21 +1250,18 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg ); - + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_verify( slot, alg, - hash_data->x, (size_t) hash_data->len, + hash_data->x, hash_data->len, NULL, 0, signature_data->x, - (size_t) signature_data->len ) == - PSA_SUCCESS ); + signature_data->len ) == PSA_SUCCESS ); exit: psa_destroy_key( slot ); mbedtls_psa_crypto_free( ); @@ -1315,20 +1291,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg ); - + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); actual_status = psa_asymmetric_verify( slot, alg, - hash_data->x, (size_t) hash_data->len, + hash_data->x, hash_data->len, NULL, 0, signature_data->x, - (size_t) signature_data->len ); + signature_data->len ); TEST_ASSERT( actual_status == expected_status ); @@ -1358,7 +1332,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - output_size = (size_t) key_data->len; + output_size = key_data->len; output2_size = output_size; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); @@ -1370,33 +1344,29 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg_arg ); + alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ TEST_ASSERT( psa_asymmetric_encrypt( slot, alg, - input_data->x, - (size_t) input_data->len, + input_data->x, input_data->len, NULL, 0, - output, - output_size, + output, output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, - output, - output_length, + output, output_length, NULL, 0, - output2, - output2_size, + output2, output2_size, &output2_length ) == PSA_SUCCESS ); TEST_ASSERT( memcmp( input_data->x, output2, - (size_t) input_data->len ) == 0 ); + input_data->len ) == 0 ); exit: psa_destroy_key( slot ); @@ -1426,26 +1396,24 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - output_size = (size_t) key_data->len; + output_size = key_data->len; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg_arg ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); actual_status = psa_asymmetric_encrypt( slot, alg, - input_data->x, - (size_t) input_data->len, + input_data->x, input_data->len, NULL, 0, - output, - output_size, + output, output_size, &output_length ); TEST_ASSERT( actual_status == expected_status ); @@ -1476,28 +1444,27 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); - output_size = (size_t) key_data->len; + output_size = key_data->len; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, - input_data->x, - (size_t) input_data->len, + input_data->x, input_data->len, NULL, 0, output, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( ( (size_t) expected_size ) == output_length ); + TEST_ASSERT( (size_t) expected_size == output_length ); TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); exit: @@ -1527,26 +1494,24 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - output_size = (size_t) key_data->len; + output_size = key_data->len; output = mbedtls_calloc( 1, output_size ); TEST_ASSERT( output != NULL ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, (size_t) key_data->len ) == - PSA_SUCCESS ); + key_data->x, + key_data->len ) == PSA_SUCCESS ); actual_status = psa_asymmetric_decrypt( slot, alg, - input_data->x, - (size_t) input_data->len, + input_data->x, input_data->len, NULL, 0, - output, - output_size, + output, output_size, &output_length ); TEST_ASSERT( actual_status == expected_status ); From 01b929c85bfd2737402d2fcb57db86e845a42a0f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 16:40:34 +0200 Subject: [PATCH 0259/2197] Fix key_lifetime_set_fail not cleaning up the right key slot --- tests/suites/test_suite_psa_crypto.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3786e57a3..01262e038 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1210,17 +1210,17 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg ) { - int key_slot = 1; + psa_key_slot_t key_slot = key_slot_arg; psa_key_lifetime_t lifetime_set = lifetime_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); + actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); if( actual_status == PSA_SUCCESS ) - actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set ); + actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); TEST_ASSERT( expected_status == actual_status ); From c0ec97222b5e8a94bfa8c05cf2c022cee92295a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 17:03:37 +0200 Subject: [PATCH 0260/2197] mac_verify: remove unused IV argument We aren't going to have MAC with IV in the API any time soon, if at all, so remove the embryonic support for it in the tests. --- tests/suites/test_suite_psa_crypto.data | 52 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 12 ++--- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 41a597de6..8a2e88eda 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -63,107 +63,107 @@ hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5 PSA MAC verify: HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62" +mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44" +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843" +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649" +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737" +mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a" +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b" +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb" +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd" +mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" +mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C -mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" +mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 01262e038..a89bdf90e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -265,9 +265,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mac_verify( int key_type_arg, data_t *key, - int alg_arg, data_t *iv, - data_t *input, data_t *expected_mac ) +void mac_verify( int key_type_arg, + data_t *key, + int alg_arg, + data_t *input, + data_t *expected_mac ) { int key_slot = 1; psa_key_type_t key_type = key_type_arg; @@ -276,11 +278,9 @@ void mac_verify( int key_type_arg, data_t *key, psa_key_policy_t policy; TEST_ASSERT( key != NULL ); - TEST_ASSERT( iv != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_mac != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( iv->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) ); @@ -292,7 +292,7 @@ void mac_verify( int key_type_arg, data_t *key, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - // TODO: support IV + TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, From dec7261df175daac4a4ace5f3733485e8a372620 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 18:12:37 +0200 Subject: [PATCH 0261/2197] Remove redundant initialization of policies to {0} Some compilers don't like initializing a structure to {0} (incomplete initializer). It's redundant anyway since we always call psa_key_policy_init. --- tests/suites/test_suite_psa_crypto.function | 32 ++++++++++----------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a89bdf90e..a88e02fd7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -73,7 +73,7 @@ void import_export( data_t *data, size_t reexported_length; psa_key_type_t got_type; size_t got_bits; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); @@ -161,7 +161,7 @@ void import_export_public_key( data_t *data, size_t exported_length; psa_key_type_t got_type; size_t got_bits; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); @@ -791,7 +791,7 @@ void aead_encrypt_decrypt( int key_type_arg, size_t output_length2 = 0; size_t tag_length = 16; psa_status_t expected_result = expected_result_arg; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -863,7 +863,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data, size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -920,7 +920,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data, size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; psa_status_t expected_result = expected_result_arg; TEST_ASSERT( key_data != NULL ); @@ -996,7 +996,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -1052,7 +1052,7 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_status_t expected_status = expected_status_arg; unsigned char *signature = NULL; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -1095,8 +1095,8 @@ void key_policy( int usage_arg, int alg_arg ) psa_key_usage_t usage = usage_arg; psa_key_type_t key_type = PSA_KEY_TYPE_AES; unsigned char key[32] = {0}; - psa_key_policy_t policy_set = {0}; - psa_key_policy_t policy_get = {0}; + psa_key_policy_t policy_set; + psa_key_policy_t policy_get; memset( key, 0x2a, sizeof( key ) ); @@ -1133,7 +1133,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_arg; size_t signature_length = 0; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; int actual_status = PSA_SUCCESS; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1238,7 +1238,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( hash_data != NULL ); @@ -1279,7 +1279,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( hash_data != NULL ); @@ -1325,7 +1325,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, unsigned char *output2 = NULL; size_t output2_size = 0; size_t output2_length = 0; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -1389,7 +1389,7 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, size_t output_length = 0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -1435,7 +1435,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data, unsigned char *output = NULL; size_t output_size = 0; size_t output_length = 0; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); @@ -1487,7 +1487,7 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, size_t output_length = 0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy = {0}; + psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); From b3e6e5deebb7ffbe68b11ab19a9090aa9494b651 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 22:16:43 +0200 Subject: [PATCH 0262/2197] Rename hash max sizes for consistency Use "hash" throughout the library, not "md" as in Mbed TLS. --- include/psa/crypto_struct.h | 10 +++---- library/psa_crypto.c | 33 +-------------------- tests/suites/test_suite_psa_crypto.function | 3 +- 3 files changed, 7 insertions(+), 39 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 4b0f9799b..0dbd86c18 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -46,11 +46,11 @@ #include "mbedtls/sha512.h" #if defined(MBEDTLS_SHA512_C) -#define PSA_CRYPTO_MD_MAX_SIZE 64 -#define PSA_CRYPTO_MD_BLOCK_SIZE 128 +#define PSA_HASH_MAX_SIZE 64 +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 #else -#define PSA_CRYPTO_MD_MAX_SIZE 32 -#define PSA_CRYPTO_MD_BLOCK_SIZE 64 +#define PSA_HASH_MAX_SIZE 32 +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 #endif struct psa_hash_operation_s @@ -89,7 +89,7 @@ typedef struct /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ - uint8_t opad[PSA_CRYPTO_MD_BLOCK_SIZE]; + uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; } psa_hmac_internal_data; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e5ac7bd81..446c90ea0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -614,37 +614,6 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) } } -#if 0 -static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg ) -{ - switch( md_alg ) - { - case MBEDTLS_MD_NONE: - return( 0 ); - case MBEDTLS_MD_MD2: - return( PSA_ALG_MD2 ); - case MBEDTLS_MD_MD4: - return( PSA_ALG_MD4 ); - case MBEDTLS_MD_MD5: - return( PSA_ALG_MD5 ); - case MBEDTLS_MD_SHA1: - return( PSA_ALG_SHA_1 ); - case MBEDTLS_MD_SHA224: - return( PSA_ALG_SHA_224 ); - case MBEDTLS_MD_SHA256: - return( PSA_ALG_SHA_256 ); - case MBEDTLS_MD_SHA384: - return( PSA_ALG_SHA_384 ); - case MBEDTLS_MD_SHA512: - return( PSA_ALG_SHA_512 ); - case MBEDTLS_MD_RIPEMD160: - return( PSA_ALG_RIPEMD160 ); - default: - return( 0 ); - } -} -#endif - psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { switch( operation->alg ) @@ -1081,7 +1050,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, key_slot_t *slot, psa_algorithm_t alg ) { - unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; + unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; unsigned char *opad = operation->ctx.hmac.opad; size_t i; size_t block_size = diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a88e02fd7..69deba11e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1,7 +1,6 @@ /* BEGIN_HEADER */ #include #include "psa/crypto.h" -#include "mbedtls/md.h" #if(UINT32_MAX > SIZE_MAX) #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX ) @@ -212,7 +211,7 @@ exit: void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) { psa_algorithm_t alg = alg_arg; - unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE]; + unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_hash_operation_t operation; From e1fed0de18e83884d95faef3796432cfccb61ac3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 20:45:45 +0200 Subject: [PATCH 0263/2197] Define elliptic curve identifiers from TLS Instead of rolling our own list of elliptic curve identifiers, use one from somewhere. Pick TLS because it's the right size (16 bits) and it's as good as any. --- include/psa/crypto.h | 50 ++++++++++++++++++++++++- tests/suites/test_suite_psa_crypto.data | 10 ++--- 2 files changed, 54 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c513b24c2..28103c78b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -357,7 +357,6 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000) #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000) #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000) -#define PSA_KEY_TYPE_ECC_CURVE_NISTP256R1 ((psa_key_type_t)0x00000001) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) @@ -397,6 +396,55 @@ typedef uint32_t psa_key_type_t; ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +/** The type of PSA elliptic curve identifiers. */ +typedef uint16_t psa_ecc_curve_t; +/** Extract the curve from an elliptic curve key type. */ +#define PSA_KEY_TYPE_GET_CURVE(type) \ + ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) + +/* The encoding of curve identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */ +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) +#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100) +#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101) +#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102) +#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103) +#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104) + /** The block size of a block cipher. * * \param type A cipher key type (value of type #psa_key_type_t). diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8a2e88eda..ff96c9024 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -51,7 +51,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C @@ -340,7 +340,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA sign ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT @@ -383,15 +383,15 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA sign ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL PSA sign ECDSA SECP256R1, invalid md alg depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 34ef7f5a552c5a11365c03f5f6de88ebce2098fe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 20:47:51 +0200 Subject: [PATCH 0264/2197] Check the curve of an elliptic curve key on import psa_import_key must check that the imported key data matches the expected key type. Implement the missing check for EC keys that the curve is the expected one. --- library/psa_crypto.c | 47 +++++++++++++++++++++++-- tests/suites/test_suite_psa_crypto.data | 8 +++++ 2 files changed, 52 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 446c90ea0..603a5101c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -311,6 +311,41 @@ static psa_status_t mbedtls_to_psa_error( int ret ) /* Key management */ /****************************************************************/ +static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) +{ + switch( grpid ) + { + case MBEDTLS_ECP_DP_SECP192R1: + return( PSA_ECC_CURVE_SECP192R1 ); + case MBEDTLS_ECP_DP_SECP224R1: + return( PSA_ECC_CURVE_SECP224R1 ); + case MBEDTLS_ECP_DP_SECP256R1: + return( PSA_ECC_CURVE_SECP256R1 ); + case MBEDTLS_ECP_DP_SECP384R1: + return( PSA_ECC_CURVE_SECP384R1 ); + case MBEDTLS_ECP_DP_SECP521R1: + return( PSA_ECC_CURVE_SECP521R1 ); + case MBEDTLS_ECP_DP_BP256R1: + return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); + case MBEDTLS_ECP_DP_BP384R1: + return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); + case MBEDTLS_ECP_DP_BP512R1: + return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); + case MBEDTLS_ECP_DP_CURVE25519: + return( PSA_ECC_CURVE_CURVE25519 ); + case MBEDTLS_ECP_DP_SECP192K1: + return( PSA_ECC_CURVE_SECP192K1 ); + case MBEDTLS_ECP_DP_SECP224K1: + return( PSA_ECC_CURVE_SECP224K1 ); + case MBEDTLS_ECP_DP_SECP256K1: + return( PSA_ECC_CURVE_SECP256K1 ); + case MBEDTLS_ECP_DP_CURVE448: + return( PSA_ECC_CURVE_CURVE448 ); + default: + return( 0 ); + } +} + psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, @@ -356,7 +391,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, case MBEDTLS_PK_RSA: if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || type == PSA_KEY_TYPE_RSA_KEYPAIR ) - slot->data.rsa = pk.pk_ctx; + slot->data.rsa = mbedtls_pk_rsa( pk ); else return( PSA_ERROR_INVALID_ARGUMENT ); break; @@ -365,8 +400,14 @@ psa_status_t psa_import_key( psa_key_slot_t key, case MBEDTLS_PK_ECKEY: if( PSA_KEY_TYPE_IS_ECC( type ) ) { - // TODO: check curve - slot->data.ecp = pk.pk_ctx; + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); + psa_ecc_curve_t actual_curve = + mbedtls_ecc_group_to_psa( ecp->grp.id ); + psa_ecc_curve_t expected_curve = + PSA_KEY_TYPE_GET_CURVE( type ); + if( actual_curve != expected_curve ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot->data.ecp = ecp; } else return( PSA_ERROR_INVALID_ARGUMENT ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ff96c9024..3e4465cc0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -53,6 +53,14 @@ PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +PSA import/export EC secp384r1: good +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 + +PSA import EC keypair secp384r1: wrong curve +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT + PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" From d5b3322f72fe56fa4db898bcf2586c68ad14b1cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 22:20:03 +0200 Subject: [PATCH 0265/2197] Reorder PSA test cases to group them by topic * init-deinit * import-export * policies * lifetime * hash * MAC * cipher * AEAD * asymmetric sign * asymmetric verify * asymmetric encrypt-decrypt This commit only moves test functions and test cases around. It does not modify, add or remove tests. --- tests/suites/test_suite_psa_crypto.data | 54 ++-- tests/suites/test_suite_psa_crypto.function | 286 ++++++++++---------- 2 files changed, 170 insertions(+), 170 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3e4465cc0..b1a372cdc 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -61,6 +61,27 @@ PSA import EC keypair secp384r1: wrong curve depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT +PSA Key Policy set and get +key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE + +PSA Key Policy enforcement - export +key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +PSA Key Policy enforcement - sign +key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +PSA Key Lifetime set and get volatile +key_lifetime:PSA_KEY_LIFETIME_VOLATILE + +PSA Key Lifetime set fail, invalid key slot +key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT + +PSA Key Lifetime set fail, can not change write_once lifetime +key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED + +PSA Key Lifetime set fail, invalid key lifetime value +key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT + PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" @@ -356,17 +377,13 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL -PSA Key Policy set and get -key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE +PSA sign ECDSA SECP256R1 SHA-256, output buffer too small +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL -PSA Key Policy enforcement - export -key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - -PSA Key Policy enforcement - sign -key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - -PSA Key Lifetime set and get volatile -key_lifetime:PSA_KEY_LIFETIME_VOLATILE +PSA sign ECDSA SECP256R1, invalid md alg +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA verify RSA PKCS#1 v1.5 signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -380,23 +397,6 @@ PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE -PSA Key Lifetime set fail, invalid key slot -key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT - -PSA Key Lifetime set fail, can not change write_once lifetime -key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED - -PSA Key Lifetime set fail, invalid key lifetime value -key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT - -PSA sign ECDSA SECP256R1 SHA-256, output buffer too small -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL - -PSA sign ECDSA SECP256R1, invalid md alg -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT - PSA verify ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 69deba11e..9dbf0340d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -207,6 +207,149 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_policy( int usage_arg, int alg_arg ) +{ + int key_slot = 1; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage = usage_arg; + psa_key_type_t key_type = PSA_KEY_TYPE_AES; + unsigned char key[32] = {0}; + psa_key_policy_t policy_set; + psa_key_policy_t policy_get; + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy_set ); + psa_key_policy_init( &policy_get ); + + psa_key_policy_set_usage( &policy_set, usage, alg ); + + TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage ); + TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS ); + + TEST_ASSERT( policy_get.usage == policy_set.usage ); + TEST_ASSERT( policy_get.alg == policy_set.alg ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_policy_fail( int usage_arg, int alg_arg, int expected_status, + data_t *keypair ) +{ + int key_slot = 1; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage = usage_arg; + size_t signature_length = 0; + psa_key_policy_t policy; + int actual_status = PSA_SUCCESS; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + if( usage & PSA_KEY_USAGE_EXPORT ) + { + TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); + TEST_ASSERT( psa_import_key( key_slot, + PSA_KEY_TYPE_RSA_KEYPAIR, + keypair->x, + keypair->len ) == PSA_SUCCESS ); + actual_status = psa_asymmetric_sign( key_slot, alg, + NULL, 0, + NULL, 0, + NULL, 0, &signature_length ); + } + + if( usage & PSA_KEY_USAGE_SIGN ) + { + TEST_ASSERT( keypair != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); + TEST_ASSERT( psa_import_key( key_slot, + PSA_KEY_TYPE_RSA_KEYPAIR, + keypair->x, + keypair->len ) == PSA_SUCCESS ); + actual_status = psa_export_key( key_slot, NULL, 0, NULL ); + } + + TEST_ASSERT( actual_status == expected_status ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_lifetime( int lifetime_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = PSA_ALG_CBC_BASE; + unsigned char key[32] = {0}; + psa_key_lifetime_t lifetime_set = lifetime_arg; + psa_key_lifetime_t lifetime_get; + + memset( key, 0x2a, sizeof( key ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( key_slot, + lifetime_set ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key, sizeof( key ) ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_lifetime( key_slot, + &lifetime_get ) == PSA_SUCCESS ); + + TEST_ASSERT( lifetime_get == lifetime_set ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_lifetime_set_fail( int key_slot_arg, + int lifetime_arg, + int expected_status_arg ) +{ + psa_key_slot_t key_slot = key_slot_arg; + psa_key_lifetime_t lifetime_set = lifetime_arg; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); + + if( actual_status == PSA_SUCCESS ) + actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); + + TEST_ASSERT( expected_status == actual_status ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) { @@ -1086,149 +1229,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void key_policy( int usage_arg, int alg_arg ) -{ - int key_slot = 1; - psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = usage_arg; - psa_key_type_t key_type = PSA_KEY_TYPE_AES; - unsigned char key[32] = {0}; - psa_key_policy_t policy_set; - psa_key_policy_t policy_get; - - memset( key, 0x2a, sizeof( key ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy_set ); - psa_key_policy_init( &policy_get ); - - psa_key_policy_set_usage( &policy_set, usage, alg ); - - TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage ); - TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS ); - - TEST_ASSERT( policy_get.usage == policy_set.usage ); - TEST_ASSERT( policy_get.alg == policy_set.alg ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_policy_fail( int usage_arg, int alg_arg, int expected_status, - data_t *keypair ) -{ - int key_slot = 1; - psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = usage_arg; - size_t signature_length = 0; - psa_key_policy_t policy; - int actual_status = PSA_SUCCESS; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); - - if( usage & PSA_KEY_USAGE_EXPORT ) - { - TEST_ASSERT( keypair != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); - TEST_ASSERT( psa_import_key( key_slot, - PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, - keypair->len ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, alg, - NULL, 0, - NULL, 0, - NULL, 0, &signature_length ); - } - - if( usage & PSA_KEY_USAGE_SIGN ) - { - TEST_ASSERT( keypair != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); - TEST_ASSERT( psa_import_key( key_slot, - PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, - keypair->len ) == PSA_SUCCESS ); - actual_status = psa_export_key( key_slot, NULL, 0, NULL ); - } - - TEST_ASSERT( actual_status == expected_status ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_lifetime( int lifetime_arg ) -{ - int key_slot = 1; - psa_key_type_t key_type = PSA_ALG_CBC_BASE; - unsigned char key[32] = {0}; - psa_key_lifetime_t lifetime_set = lifetime_arg; - psa_key_lifetime_t lifetime_get; - - memset( key, 0x2a, sizeof( key ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_set_key_lifetime( key_slot, - lifetime_set ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_get_key_lifetime( key_slot, - &lifetime_get ) == PSA_SUCCESS ); - - TEST_ASSERT( lifetime_get == lifetime_set ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_lifetime_set_fail( int key_slot_arg, - int lifetime_arg, - int expected_status_arg ) -{ - psa_key_slot_t key_slot = key_slot_arg; - psa_key_lifetime_t lifetime_set = lifetime_arg; - psa_status_t actual_status; - psa_status_t expected_status = expected_status_arg; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); - - if( actual_status == PSA_SUCCESS ) - actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); - - TEST_ASSERT( expected_status == actual_status ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void asymmetric_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, From 313b8af18e6a85303d50eeafe7cd704d0bcd2fd9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 22:45:01 +0200 Subject: [PATCH 0266/2197] Improve the description of some test cases Make the descriptions more consistent. --- tests/suites/test_suite_psa_crypto.data | 142 ++++++++++++------------ 1 file changed, 71 insertions(+), 71 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b1a372cdc..0d7a31bdf 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -17,7 +17,7 @@ PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 -PSA import/export RSA keypair usage encrypt: bad, plicy usage set to ENCRYPT instead of EXPORT 1024-bit +PSA import/export RSA keypair: policy forbids export depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 @@ -45,7 +45,7 @@ PSA import/export-public PSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS -PSA import/export-public symmetric key: bad, try to use export public key with symmetric key type 128-bit +PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT @@ -61,25 +61,25 @@ PSA import EC keypair secp384r1: wrong curve depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT -PSA Key Policy set and get +PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE -PSA Key Policy enforcement - export +PSA key policy enforcement: export key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" -PSA Key Policy enforcement - sign +PSA key policy enforcement: sign key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" -PSA Key Lifetime set and get volatile +PSA key lifetime: set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE -PSA Key Lifetime set fail, invalid key slot +PSA key lifetime set: invalid key slot key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT -PSA Key Lifetime set fail, can not change write_once lifetime +PSA key lifetime set: cannot change write_once lifetime key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED -PSA Key Lifetime set fail, invalid key lifetime value +PSA key lifetime set: invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT PSA hash finish: SHA-256 @@ -194,152 +194,152 @@ PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" -PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good +PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS -PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good +PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS -PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good +PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS -PSA Symmetric encryption: AES-CBC-nopad, input too short +PSA symmetric encrypt: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT -PSA Symmetric encryption: AES-CTR, 16 bytes, good +PSA symmetric encrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS -PSA Symmetric encryption: AES-CTR, 15 bytes, good +PSA symmetric encrypt: AES-CTR, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS -PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good +PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS -PSA Symmetric decryption: AES-CBC-PKCS#7, 16 bytes, good +PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS -PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, good +PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS -PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected +PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE -PSA Symmetric decryption: AES-CTR, 16 bytes, good +PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS -PSA Symmetric decryption: AES-CBC-nopad, input too short +PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE -PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good +PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes +PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes +PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" -PSA Symmetric encryption/decryption: AES-CTR +PSA symmetric encrypt/decrypt: AES-CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes +PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes +PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes +PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes +PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" -PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes +PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes +PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes +PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" -PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes +PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 -PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes +PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 -PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1 +PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS -PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2 +PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS -PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type +PSA AEAD encrypt/decrypt: DES-CCM not supported aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED -PSA AEAD Encrypt, AES CCM - 23-bytes input +PSA AEAD encrypt: AES-CCM, 23 bytes aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" -PSA AEAD Encrypt, AES CCM - 24-bytes input +PSA AEAD encrypt: AES-CCM, 24 bytes aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" -PSA AEAD Decrypt, AES CCM - 39-bytes input +PSA AEAD decrypt: AES-CCM, 39 bytes aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS -PSA AEAD Decrypt, AES CCM - 40-bytes input +PSA AEAD decrypt, AES-CCM, 40 bytes aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS -PSA AEAD Decrypt, AES CCM - invalid signature +PSA AEAD decrypt: AES-CCM, invalid signature aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE -PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1 +PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS -PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2 +PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS -PSA AEAD Encrypt, AES GCM - 128-bytes input - 1 +PSA AEAD encrypt, AES-GCM, 128 bytes #1 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" -PSA AEAD Encrypt, AES GCM - 128-bytes input - 2 +PSA AEAD encrypt, AES-GCM, 128 bytes #2 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" -PSA AEAD Decrypt, AES GCM - 144-bytes input - 1 +PSA AEAD decrypt, AES-GCM, 144 bytes #1 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS -PSA AEAD Decrypt, AES GCM - 144-bytes input - 2 +PSA AEAD decrypt, AES-GCM, 144 bytes #2 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS -PSA AEAD Decrypt, AES GCM - invalid signature +PSA AEAD decrypt, AES-GCM, invalid signature aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE -PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm +PSA AEAD encrypt/decrypt: invalid algorithm (CTR) aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw @@ -360,83 +360,83 @@ signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 -PSA sign RSA PKCS#1 v1.5, raw +PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" -PSA sign RSA PKCS#1 v1.5 SHA-256 +PSA sign: RSA PKCS#1 v1.5 SHA-256 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA sign ECDSA SECP256R1 SHA-256 +PSA sign: ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size +PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT -PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small +PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign ECDSA SECP256R1 SHA-256, output buffer too small +PSA sign: ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign ECDSA SECP256R1, invalid md alg +PSA sign: ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT -PSA verify RSA PKCS#1 v1.5 signature +PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT -PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE -PSA verify ECDSA SECP256R1 SHA-256 +PSA verify: ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1 +PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #2 +PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" -PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm +PSA encrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA encrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type +PSA encrypt: RSA PKCS#1 v1.5: invalid key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt using RSA PKCS#1 v1.5 vector #1 +PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32 -PSA decrypt using RSA PKCS#1 v1.5 vector #2 +PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34 -PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm +PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type +PSA decrypt: RSA PKCS#1 v1.5: incorrect key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too small +PSA decrypt: RSA PKCS#1 v1.5, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too large +PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT From 4e69d7a9a7e757810d6f9a9f826a4d6f776aae72 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 20:19:14 +0200 Subject: [PATCH 0267/2197] psa_generate_key: pass parameters_size argument When calling psa_generate_key, pass the size of the parameters buffer explicitly. This makes calls more verbose but less error-prone. This also has the benefit that in an implementation with separation, the frontend knows how many bytes to send to the backend without needing to know about each key type. --- include/psa/crypto.h | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 28103c78b..204ac267a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1846,14 +1846,17 @@ psa_status_t psa_generate_random(uint8_t *output, /** * \brief Generate a key or key pair. * - * \param key Slot where the key will be stored. This must be a - * valid slot for a key of the chosen type. It must - * be unoccupied. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param bits Key size in bits. - * \param parameters Extra parameters for key generation. The interpretation - * of this parameter depends on \c type. All types support - * \c NULL to use default parameters specified below. + * \param key Slot where the key will be stored. This must be a + * valid slot for a key of the chosen type. It must + * be unoccupied. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param bits Key size in bits. + * \param parameters Extra parameters for key generation. The + * interpretation of this parameter depends on + * \c type. All types support \c NULL to use + * the default parameters specified below. + * \param parameters_size Size of the buffer that \param parameters + * points to, in bytes. * * For any symmetric key type (type such that * `PSA_KEY_TYPE_IS_ASYMMETRIC(type)` is false), \c parameters must be @@ -1878,7 +1881,8 @@ psa_status_t psa_generate_random(uint8_t *output, psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, size_t bits, - const void *parameters); + const void *parameters, + size_t parameters_size); /**@}*/ From 2d9d6db60f5fd0a4993d90e47f39462647624ad6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 23:25:28 +0200 Subject: [PATCH 0268/2197] check-names: also check PSA files Allow both mbedtls and psa identifiers in either set of files for now. --- tests/scripts/check-names.sh | 2 +- tests/scripts/list-identifiers.sh | 2 +- tests/scripts/list-macros.sh | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index 4c66440e2..68493f91b 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -53,7 +53,7 @@ done for THING in identifiers; do printf "Names of $THING: " test -r $THING - BAD=$( grep -v '^mbedtls_[0-9a-z_]*[0-9a-z]$' $THING || true ) + BAD=$( grep -E -v '^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$' $THING || true ) if [ "x$BAD" = "x" ]; then echo "PASS" else diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index 130d9d63f..89daa68c7 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -7,7 +7,7 @@ if [ -d include/mbedtls ]; then :; else exit 1 fi -HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h|bn_mul' ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h|bn_mul' ) rm -f identifiers diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 3c84adba6..34d909517 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -8,6 +8,7 @@ if [ -d include/mbedtls ]; then :; else fi HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' ) +HEADERS="$HEADERS configs/config-default.h" sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \ | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \ From ca36a23bcefe20dc45a2c261d731b2b3cd6c81ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 21:18:00 +0200 Subject: [PATCH 0269/2197] Fix asymmetric encrypt/decrypt test with invalid key types The key data was invalid on import. The import doesn't fail because it doesn't check the data enough. --- tests/suites/test_suite_psa_crypto.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0d7a31bdf..ca8ea2336 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -415,7 +415,7 @@ asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA encrypt: RSA PKCS#1 v1.5: invalid key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -429,9 +429,9 @@ PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt: RSA PKCS#1 v1.5: incorrect key type +PSA decrypt: RSA PKCS#1 v1.5: invalid key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 828ed149d5bc65e7dbd1a0216e3458cfb7eed14a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Jun 2018 23:25:51 +0200 Subject: [PATCH 0270/2197] Rename MBEDTLS_xxx macros in psa_crypto.c to placate check-names.sh --- library/psa_crypto.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 603a5101c..1de19555f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -92,7 +92,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) /* Number of key slots (plus one because 0 is not used). * The value is a compile-time constant for now, for simplicity. */ -#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 +#define PSA_KEY_SLOT_COUNT 32 typedef struct { @@ -120,7 +120,7 @@ typedef struct int initialized; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; - key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; + key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; } psa_global_data_t; static psa_global_data_t global_data; @@ -353,7 +353,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type != PSA_KEY_TYPE_NONE ) @@ -431,7 +431,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) @@ -477,7 +477,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; if( type != NULL ) @@ -527,7 +527,7 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) @@ -1166,7 +1166,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, key_slot_t *slot; psa_key_type_t key_type; size_t key_bits; - const mbedtls_cipher_info_t *cipher_info; + const mbedtls_cipher_info_t *cipher_info = NULL; operation->alg = 0; operation->key_set = 0; @@ -1378,7 +1378,7 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, mac_size, mac_length ) ); } -#define MBEDTLS_PSA_MAC_MAX_SIZE \ +#define PSA_MAC_MAX_SIZE \ ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \ MBEDTLS_MD_MAX_SIZE : \ MBEDTLS_MAX_BLOCK_LENGTH ) @@ -1386,7 +1386,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) { - uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE]; + uint8_t actual_mac[PSA_MAC_MAX_SIZE]; size_t actual_mac_length; psa_status_t status; @@ -1453,7 +1453,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, (void) salt; (void) salt_length; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) @@ -1549,7 +1549,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, (void) salt; (void) salt_length; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) @@ -1640,7 +1640,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, (void) salt_length; *output_length = 0; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) @@ -1707,7 +1707,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, (void) salt_length; *output_length = 0; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) @@ -2059,7 +2059,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; @@ -2083,7 +2083,7 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; @@ -2104,7 +2104,7 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); slot = &global_data.key_slots[key]; @@ -2119,7 +2119,7 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, { key_slot_t *slot; - if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT ) + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_INVALID_ARGUMENT ); if( lifetime != PSA_KEY_LIFETIME_VOLATILE && @@ -2413,7 +2413,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, void mbedtls_psa_crypto_free( void ) { size_t key; - for( key = 1; key < MBEDTLS_PSA_KEY_SLOT_COUNT; key++ ) + for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ ) psa_destroy_key( key ); mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); mbedtls_entropy_free( &global_data.entropy ); From 0ff4b0f7f98740197944e67303c244aba2578fa1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 21:31:50 +0200 Subject: [PATCH 0271/2197] psa_import_key: validate symmetric key size When importing a symmetric key, validate that the key size is valid for the given key type. Non-supported key types may no longer be imported. --- library/psa_crypto.c | 61 +++++++++++++++++++++++-- tests/suites/test_suite_psa_crypto.data | 16 +++++++ 2 files changed, 73 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e41e51287..4d2f8d05b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -346,6 +346,57 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) } } +static psa_status_t prepare_raw_data_slot( psa_key_type_t type, + size_t bits, + struct raw_data *raw ) +{ + /* Check that the bit size is acceptable for the key type */ + switch( type ) + { + case PSA_KEY_TYPE_RAW_DATA: +#if defined(MBEDTLS_MD_C) + case PSA_KEY_TYPE_HMAC: +#endif + break; +#if defined(MBEDTLS_AES_C) + case PSA_KEY_TYPE_AES: + if( bits != 128 && bits != 192 && bits != 256 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; +#endif +#if defined(MBEDTLS_CAMELLIA_C) + case PSA_KEY_TYPE_CAMELLIA: + if( bits != 128 && bits != 192 && bits != 256 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; +#endif +#if defined(MBEDTLS_DES_C) + case PSA_KEY_TYPE_DES: + if( bits != 64 && bits != 128 && bits != 192 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; +#endif +#if defined(MBEDTLS_ARC4_C) + case PSA_KEY_TYPE_ARC4: + if( bits < 8 || bits > 2048 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + + /* Allocate memory for the key */ + raw->bytes = PSA_BITS_TO_BYTES( bits ); + raw->data = mbedtls_calloc( 1, raw->bytes ); + if( raw->data == NULL ) + { + raw->bytes = 0; + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + } + return( PSA_SUCCESS ); +} + psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, @@ -361,14 +412,16 @@ psa_status_t psa_import_key( psa_key_slot_t key, if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) { + psa_status_t status; /* Ensure that a bytes-to-bit conversion won't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); - slot->data.raw.data = mbedtls_calloc( 1, data_length ); - if( slot->data.raw.data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + status = prepare_raw_data_slot( type, + PSA_BYTES_TO_BITS( data_length ), + &slot->data.raw ); + if( status != PSA_SUCCESS ) + return( status ); memcpy( slot->data.raw.data, data, data_length ); - slot->data.raw.bytes = data_length; } else #if defined(MBEDTLS_PK_PARSE_C) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ca8ea2336..00add7d64 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -13,6 +13,22 @@ import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER PSA import/export raw: 2 bytes, buffer too small import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +PSA import/export AES-128 +depends_on:MBEDTLS_AES_C +import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:128:0:PSA_SUCCESS:1 + +PSA import/export AES-192 +depends_on:MBEDTLS_AES_C +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:192:0:PSA_SUCCESS:1 + +PSA import/export AES-256 +depends_on:MBEDTLS_AES_C +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 + +PSA import AES: bad key size +depends_on:MBEDTLS_AES_C +import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT + PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 From 13187931f17cd6dcb43a703319eaa41a704b476f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 11:49:23 +0200 Subject: [PATCH 0272/2197] Update the PSA crypto-only config.h in configs The file was derived from an earlier version of Mbed TLS and had not been updated in a rebase of the PSA branch. --- configs/config-psa-crypto.h | 58 +++++++++++++++++++++++++++++++++++-- 1 file changed, 56 insertions(+), 2 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 9c4f62aa0..9ae09c9ec 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -398,12 +398,45 @@ /** * \def MBEDTLS_AES_ROM_TABLES * - * Store the AES tables in ROM. + * Use precomputed AES tables stored in ROM. + * + * Uncomment this macro to use precomputed AES tables stored in ROM. + * Comment this macro to generate AES tables in RAM at runtime. + * + * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb + * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the + * initialization time before the first AES operation can be performed. + * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c + * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded + * performance if ROM access is slower than RAM access. + * + * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. * - * Uncomment this macro to store the AES tables in ROM. */ //#define MBEDTLS_AES_ROM_TABLES +/** + * \def MBEDTLS_AES_FEWER_TABLES + * + * Use less ROM/RAM for AES tables. + * + * Uncommenting this macro omits 75% of the AES tables from + * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) + * by computing their values on the fly during operations + * (the tables are entry-wise rotations of one another). + * + * Tradeoff: Uncommenting this reduces the RAM / ROM footprint + * by ~6kb but at the cost of more arithmetic operations during + * runtime. Specifically, one has to compare 4 accesses within + * different tables to 4 accesses with additional arithmetic + * operations within the same table. The performance gain/loss + * depends on the system and memory details. + * + * This option is independent of \c MBEDTLS_AES_ROM_TABLES. + * + */ +//#define MBEDTLS_AES_FEWER_TABLES + /** * \def MBEDTLS_CAMELLIA_SMALL_MEMORY * @@ -470,6 +503,7 @@ #define MBEDTLS_ECP_DP_BP384R1_ENABLED #define MBEDTLS_ECP_DP_BP512R1_ENABLED #define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_ECP_DP_CURVE448_ENABLED /** * \def MBEDTLS_ECP_NIST_OPTIM @@ -1704,6 +1738,26 @@ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +/** + * Uncomment the macro to let mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(). This replaces the default implementation in + * platform_util.c. + * + * mbedtls_platform_zeroize() is a widely used function across the library to + * zero a block of memory. The implementation is expected to be secure in the + * sense that it has been written to prevent the compiler from removing calls + * to mbedtls_platform_zeroize() as part of redundant code elimination + * optimizations. However, it is difficult to guarantee that calls to + * mbedtls_platform_zeroize() will not be optimized by the compiler as older + * versions of the C language standards do not provide a secure implementation + * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to + * configure their own implementation of mbedtls_platform_zeroize(), for + * example by using directives specific to their compiler, features from newer + * C standards (e.g using memset_s() in C11) or calling a secure memset() from + * their system (e.g explicit_bzero() in BSD). + */ +//#define MBEDTLS_PLATFORM_ZEROIZE_ALT + /* \} name SECTION: Customisation configuration options */ #include "mbedtls/check_config.h" From 05d69890ee67641d0cffd30880dd82636cccb6ab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 22:00:52 +0200 Subject: [PATCH 0273/2197] Implement psa_generate_random --- library/psa_crypto.c | 22 +++++++++++ tests/suites/test_suite_psa_crypto.data | 15 ++++++++ tests/suites/test_suite_psa_crypto.function | 41 +++++++++++++++++++++ 3 files changed, 78 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4d2f8d05b..5609f4283 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2461,6 +2461,28 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, +/****************************************************************/ +/* Key generation */ +/****************************************************************/ + +psa_status_t psa_generate_random( uint8_t *output, + size_t output_size ) +{ + int ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, + output, output_size ); + return( mbedtls_to_psa_error( ret ) ); +} + +psa_status_t psa_generate_key( psa_key_slot_t key, + psa_key_type_t type, + size_t bits, + const void *parameters, + size_t parameters_size ) +{ + return( PSA_ERROR_NOT_SUPPORTED ); +} + + /****************************************************************/ /* Module setup */ /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 00add7d64..4b6085c40 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -456,3 +456,18 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT + +PSA generate random: 0 bytes +generate_random:0:0 + +PSA generate random: 1 byte +generate_random:1:8 + +PSA generate random: 4 bytes +generate_random:1:2 + +PSA generate random: 16 bytes +generate_random:16:0 + +PSA generate random: 19 bytes +generate_random:19:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9dbf0340d..c1d0e149a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1520,3 +1520,44 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void generate_random( int bytes, int retries ) +{ + const unsigned char trail[] = "foobar"; + unsigned char *buffer1 = mbedtls_calloc( 1, bytes + sizeof( trail ) ); + unsigned char *buffer2 = mbedtls_calloc( 1, bytes ); + + TEST_ASSERT( buffer1 != NULL ); + TEST_ASSERT( buffer2 != NULL ); + memcpy( buffer1 + bytes, trail, sizeof( trail ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_generate_random( buffer1, bytes ) == PSA_SUCCESS ); + + /* Check that no more than bytes have been overwritten */ + TEST_ASSERT( memcmp( buffer1 + bytes, trail, sizeof( trail ) ) == 0 ); + + if( bytes == 0 ) + goto exit; + + /* We can't validate that the data is really random, but we can + * validate that it doesn't repeat between calls. There's a + * 1/256^bytes chance that it does repeat, of course, so allow + * a few retries. */ + ++retries; /* The first time isn't a REtry */ + do + { + --retries; + TEST_ASSERT( psa_generate_random( buffer2, bytes ) == PSA_SUCCESS ); + } + while( memcmp( buffer1, buffer2, bytes ) == 0 && retries >= -1 ); + TEST_ASSERT( retries >= 0 ); + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( buffer1 ); + mbedtls_free( buffer2 ); +} +/* END_CASE */ From 1672d1d2e4400ba91d034e1853944dda32a9100a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 11:50:35 +0200 Subject: [PATCH 0274/2197] Remove features with missing dependencies from config.h The default config.h omits non-crypto features. Remove some features that had been accidentally left in but have dependencies that had been removed. Also update configs/config-psa-crypto.h to match include/mbedtls/config.h. They were historically identical but started diverging when the feature-psa branch was rebased on top of a more recent upstream. Now the code builds with the "full" config. --- configs/config-psa-crypto.h | 26 -------------------------- include/mbedtls/config.h | 26 -------------------------- 2 files changed, 52 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 9ae09c9ec..184e1ab64 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -152,13 +152,10 @@ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as * MBEDTLS_PLATFORM_XXX_MACRO! * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * * Uncomment a macro to enable alternate implementation of specific base * platform function */ //#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT //#define MBEDTLS_PLATFORM_FPRINTF_ALT //#define MBEDTLS_PLATFORM_PRINTF_ALT //#define MBEDTLS_PLATFORM_SNPRINTF_ALT @@ -1221,29 +1218,6 @@ */ #define MBEDTLS_GCM_C -/** - * \def MBEDTLS_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: MBEDTLS_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define MBEDTLS_HAVEGE_C - /** * \def MBEDTLS_HMAC_DRBG_C * diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 9f063be72..2ae69911c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -178,13 +178,10 @@ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as * MBEDTLS_PLATFORM_XXX_MACRO! * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * * Uncomment a macro to enable alternate implementation of specific base * platform function */ //#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT //#define MBEDTLS_PLATFORM_FPRINTF_ALT //#define MBEDTLS_PLATFORM_PRINTF_ALT //#define MBEDTLS_PLATFORM_SNPRINTF_ALT @@ -1395,29 +1392,6 @@ */ #define MBEDTLS_GCM_C -/** - * \def MBEDTLS_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: MBEDTLS_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define MBEDTLS_HAVEGE_C - /** * \def MBEDTLS_HKDF_C * From 0e2315859fd46cedff76869b0600109d2aee44bb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 00:11:07 +0200 Subject: [PATCH 0275/2197] psa_export_key: fix asymmetric key in larger buffer Exporting an asymmetric key only worked if the target buffer had exactly the right size, because psa_export_key uses mbedtls_pk_write_key_der or mbedtls_pk_write_pubkey_der and these functions write to the end of the buffer, which psa_export_key did not correct for. Fix this by moving the data to the beginning of the buffer if necessary. Add non-regression tests. --- library/psa_crypto.c | 11 +++++++++++ tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 2 files changed, 19 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5609f4283..c552b5331 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -629,6 +629,17 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, ret = mbedtls_pk_write_key_der( &pk, data, data_size ); if( ret < 0 ) return( mbedtls_to_psa_error( ret ) ); + /* The mbedtls_pk_xxx functions write to the end of the buffer. + * Move the data to the beginning and erase remaining data + * at the original location. */ + if( 2 * (size_t) ret <= data_size ) + { + memcpy( data, data + data_size - ret, ret ); + } + else if( (size_t) ret < data_size ) + { + memmove( data, data + data_size - ret, ret ); + } *data_length = ret; return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4b6085c40..b4c0fa97a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -33,6 +33,10 @@ PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +PSA import/export RSA public key: good, 1024-bit, larger buffer +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 + PSA import/export RSA keypair: policy forbids export depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 @@ -41,6 +45,10 @@ PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +PSA import/export RSA keypair: good, 1024-bit, larger buffer +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 + PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 From 9a9e19f3fb40f164eceed41193bd45875aae2e78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 11:56:47 +0200 Subject: [PATCH 0276/2197] Switch default config back to the upstream one + PSA + CMAC Switch the default config.h back to the upstream version, plus the new feature from this branch MBEDTLS_PSA_CRYPTO_C, plus MBEDTLS_CMAC_C because it's a features we're using to explore the API design but that's off by default in Mbed TLS. Having a crypto-only version saved a bit of developer time, and it's something we want to ship, but we also need a full build with TLS to work, and the CI scripts assume that the default build includes TLS. As a consequence, list-macros.sh no longer needs a special case to pass check-names.sh. --- include/mbedtls/config.h | 1068 +++++++++++++++++++++++++++++++++- tests/scripts/list-macros.sh | 1 - 2 files changed, 1058 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2ae69911c..d3df9eeda 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1,9 +1,11 @@ /** - * \file config-psa-crypto.h + * \file config.h * - * \brief Configuration with all cryptography features and no X.509 or TLS. + * \brief Configuration options (set of defines) * - * This configuration is intended to prototype the PSA reference implementation. + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. */ /* * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved @@ -117,6 +119,33 @@ */ //#define MBEDTLS_HAVE_SSE2 +/** + * \def MBEDTLS_HAVE_TIME + * + * System has time.h and time(). + * The time does not need to be correct, only time differences are used, + * by contrast with MBEDTLS_HAVE_TIME_DATE + * + * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, + * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and + * MBEDTLS_PLATFORM_STD_TIME. + * + * Comment if your system does not support time functions + */ +#define MBEDTLS_HAVE_TIME + +/** + * \def MBEDTLS_HAVE_TIME_DATE + * + * System has time.h and time(), gmtime() and the clock is correct. + * The time needs to be correct (not necesarily very accurate, but at least + * the date should be correct). This is used to verify the validity period of + * X.509 certificates. + * + * Comment if your system does not have a correct clock. + */ +#define MBEDTLS_HAVE_TIME_DATE + /** * \def MBEDTLS_PLATFORM_MEMORY * @@ -178,10 +207,13 @@ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as * MBEDTLS_PLATFORM_XXX_MACRO! * + * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME + * * Uncomment a macro to enable alternate implementation of specific base * platform function */ //#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_TIME_ALT //#define MBEDTLS_PLATFORM_FPRINTF_ALT //#define MBEDTLS_PLATFORM_PRINTF_ALT //#define MBEDTLS_PLATFORM_SNPRINTF_ALT @@ -225,6 +257,19 @@ * \{ */ +/** + * \def MBEDTLS_TIMING_ALT + * + * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), + * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() + * + * Only works if you have MBEDTLS_TIMING_C enabled. + * + * You will need to provide a header "timing_alt.h" and an implementation at + * compile time. + */ +//#define MBEDTLS_TIMING_ALT + /** * \def MBEDTLS_AES_ALT * @@ -559,6 +604,37 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -606,6 +682,281 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + * + * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Requires: MBEDTLS_ECJPAKE_C + * MBEDTLS_SHA256_C + * MBEDTLS_ECP_DP_SECP256R1_ENABLED + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + */ +//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -778,7 +1129,8 @@ /** * \def MBEDTLS_RSA_NO_CRT * - * Do not use the Chinese Remainder Theorem for the RSA private operation. + * Do not use the Chinese Remainder Theorem + * for the RSA private operation. * * Uncomment this macro to disable the use of CRT in RSA. * @@ -808,6 +1160,20 @@ */ //#define MBEDTLS_SHA256_SMALLER +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + /** * \def MBEDTLS_SSL_ASYNC_PRIVATE * @@ -819,6 +1185,348 @@ */ //#define MBEDTLS_SSL_ASYNC_PRIVATE +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Disable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + * + * \note Even if this option is disabled, both client and server are aware + * of the Renegotiation Indication Extension (RFC 5746) used to + * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). + * (See \c mbedtls_ssl_conf_legacy_renegotiation for the + * configuration of this extension). + * + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +//#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + * + * Enable server-side support for clients that reconnect from the same port. + * + * Some clients unexpectedly close the connection and try to reconnect using the + * same source port. This needs special support from the server to handle the + * new connection securely, as described in section 4.2.8 of RFC 6347. This + * flag enables that support. + * + * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Comment this to disable support for clients reusing the source port. + */ +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintainance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_EXPORT_KEYS + * + * Enable support for exporting key block and master secret. + * This is required for certain users of TLS, e.g. EAP-TLS. + * + * Comment this macro to disable support for key export + */ +#define MBEDTLS_SSL_EXPORT_KEYS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + * + * Fallback to old (pre-2.7), non-conforming implementation of the truncated + * HMAC extension which also truncates the HMAC key. Note that this option is + * only meant for a transitory upgrade period and is likely to be removed in + * a future version of the library. + * + * \warning The old implementation is non-compliant and has a security weakness + * (2^80 brute force attack on the HMAC key used for a single, + * uninterrupted connection). This should only be enabled temporarily + * when (1) the use of truncated HMAC is essential in order to save + * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use + * the fixed implementation yet (pre-2.7). + * + * \deprecated This option is deprecated and will likely be removed in a + * future version of Mbed TLS. + * + * Uncomment to fallback to old, non-compliant truncated HMAC implementation. + * + * Requires: MBEDTLS_SSL_TRUNCATED_HMAC + */ +//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + /** * \def MBEDTLS_THREADING_ALT * @@ -854,6 +1562,89 @@ */ #define MBEDTLS_VERSION_FEATURES +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * \warning Depending on your PKI use, enabling this can be a security risk! + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be a applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * \deprecated This feature is deprecated and will be removed + * in the next major revision of the library. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1238,6 +2029,20 @@ */ #define MBEDTLS_CTR_DRBG_C +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + /** * \def MBEDTLS_DES_C * @@ -1336,7 +2141,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -#define MBEDTLS_ECJPAKE_C +//#define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C @@ -1392,6 +2197,29 @@ */ #define MBEDTLS_GCM_C +/** + * \def MBEDTLS_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: MBEDTLS_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. + */ +//#define MBEDTLS_HAVEGE_C + /** * \def MBEDTLS_HKDF_C * @@ -1461,7 +2289,7 @@ * it, and considering stronger message digests instead. * */ -#define MBEDTLS_MD2_C +//#define MBEDTLS_MD2_C /** * \def MBEDTLS_MD4_C @@ -1478,7 +2306,7 @@ * it, and considering stronger message digests instead. * */ -#define MBEDTLS_MD4_C +//#define MBEDTLS_MD4_C /** * \def MBEDTLS_MD5_C @@ -1518,6 +2346,25 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP and UDP over IPv6/IPv4 networking routines. + * + * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) + * and Windows. For other platforms, you'll want to disable it, and write your + * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/net_sockets.c + * + * This module provides networking routines. + */ +#define MBEDTLS_NET_C + /** * \def MBEDTLS_OID_C * @@ -1553,7 +2400,7 @@ * * This modules adds support for the VIA PadLock on x86. */ -//#define MBEDTLS_PADLOCK_C +#define MBEDTLS_PADLOCK_C /** * \def MBEDTLS_PEM_PARSE_C @@ -1804,6 +2651,84 @@ */ #define MBEDTLS_SHA512_C +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + /** * \def MBEDTLS_THREADING_C * @@ -1826,6 +2751,29 @@ */ //#define MBEDTLS_THREADING_C +/** + * \def MBEDTLS_TIMING_C + * + * Enable the semi-portable timing interface. + * + * \note The provided implementation only works on POSIX/Unix (including Linux, + * BSD and OS X) and Windows. On other platforms, you can either disable that + * module and provide your own implementations of the callbacks needed by + * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide + * your own implementation of the whole module by setting + * \c MBEDTLS_TIMING_ALT in the current file. + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/timing.c + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. + */ +#define MBEDTLS_TIMING_C + /** * \def MBEDTLS_VERSION_C * @@ -1837,6 +2785,106 @@ */ #define MBEDTLS_VERSION_C +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/x509_crl.c + * Caller: library/x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + /** * \def MBEDTLS_XTEA_C * @@ -2067,7 +3115,7 @@ /* \} name SECTION: Customisation configuration options */ /* Target and application specific configurations */ -//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h" +//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h" #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE) #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE @@ -2086,6 +3134,6 @@ #include MBEDTLS_USER_CONFIG_FILE #endif -#include "mbedtls/check_config.h" +#include "check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 34d909517..3c84adba6 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -8,7 +8,6 @@ if [ -d include/mbedtls ]; then :; else fi HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' ) -HEADERS="$HEADERS configs/config-default.h" sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \ | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \ From e66ca3bbf36332bca6a97f6bca2a5883f5f32387 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 00:11:45 +0200 Subject: [PATCH 0277/2197] psa_export_key: zero out potential garbage in the output buffer In psa_export_key, ensure that each byte of the output buffer either contains its original value, is zero, or is part of the actual output. Specifically, don't risk having partial output on error, and don't leave extra data at the end of the buffer when exporting an asymmetric key. Test that exporting to a previously zeroed buffer leaves the buffer zeroed outside the actual output if any. --- library/psa_crypto.c | 5 +++++ tests/suites/test_suite_psa_crypto.function | 24 +++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c552b5331..8e7aeefa2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -628,17 +628,22 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, else ret = mbedtls_pk_write_key_der( &pk, data, data_size ); if( ret < 0 ) + { + memset( data, 0, data_size ); return( mbedtls_to_psa_error( ret ) ); + } /* The mbedtls_pk_xxx functions write to the end of the buffer. * Move the data to the beginning and erase remaining data * at the original location. */ if( 2 * (size_t) ret <= data_size ) { memcpy( data, data + data_size - ret, ret ); + memset( data + data_size - ret, 0, ret ); } else if( (size_t) ret < data_size ) { memmove( data, data + data_size - ret, ret ); + memset( data + ret, 0, data_size - ret ); } *data_length = ret; return( PSA_SUCCESS ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c1d0e149a..958637560 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -7,6 +7,25 @@ #else #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1 #endif + +/** Test if a buffer is not all-bits zero. + * + * \param buffer Pointer to the beginning of the buffer. + * \param size Size of the buffer in bytes. + * + * \return 0 if the buffer is all-bits-zero. + * \return A nonzero value otherwise. + */ +int mem_is_nonzero( void *buffer, size_t size ) +{ + size_t i; + for( i = 0; i < size; i++ ) + { + if( ( (unsigned char *) buffer )[i] != 0 ) + return( i + 1 ); + } + return( 0 ); +} /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -106,8 +125,13 @@ void import_export( data_t *data, exported, export_size, &exported_length ); TEST_ASSERT( status == (psa_status_t) expected_export_status ); + TEST_ASSERT( ! mem_is_nonzero( exported + exported_length, + export_size - exported_length ) ); if( status != PSA_SUCCESS ) + { + TEST_ASSERT( exported_length == 0 ); goto destroy; + } if( canonical_input ) { From e3b07d81d6bf52203cfbb5ed7b98f8e6ede942a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Jun 2018 11:57:35 +0200 Subject: [PATCH 0278/2197] Fix build without CMAC Add missing guard for MBEDTLS_CMAC_C. --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1de19555f..e41e51287 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1065,6 +1065,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) return( PSA_SUCCESS ); } +#if defined(MBEDTLS_CMAC_C) static int psa_cmac_start( psa_mac_operation_t *operation, size_t key_bits, key_slot_t *slot, @@ -1085,6 +1086,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation, key_bits ); return( ret ); } +#endif /* MBEDTLS_CMAC_C */ static int psa_hmac_start( psa_mac_operation_t *operation, psa_key_type_t key_type, From 12313cd84c57be7ad3d150706171adadc529a3ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 00:20:32 +0200 Subject: [PATCH 0279/2197] Implement psa_generate_key: AES, DES, RSA, ECP In the test cases, try exporting the generated key and perform sanity checks on it. --- library/psa_crypto.c | 144 +++++++++++++++++++- tests/suites/test_suite_psa_crypto.data | 51 +++++++ tests/suites/test_suite_psa_crypto.function | 130 ++++++++++++++++++ 3 files changed, 324 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8e7aeefa2..d75226cc6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -346,6 +346,41 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) } } +static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve ) +{ + switch( curve ) + { + case PSA_ECC_CURVE_SECP192R1: + return( MBEDTLS_ECP_DP_SECP192R1 ); + case PSA_ECC_CURVE_SECP224R1: + return( MBEDTLS_ECP_DP_SECP224R1 ); + case PSA_ECC_CURVE_SECP256R1: + return( MBEDTLS_ECP_DP_SECP256R1 ); + case PSA_ECC_CURVE_SECP384R1: + return( MBEDTLS_ECP_DP_SECP384R1 ); + case PSA_ECC_CURVE_SECP521R1: + return( MBEDTLS_ECP_DP_SECP521R1 ); + case PSA_ECC_CURVE_BRAINPOOL_P256R1: + return( MBEDTLS_ECP_DP_BP256R1 ); + case PSA_ECC_CURVE_BRAINPOOL_P384R1: + return( MBEDTLS_ECP_DP_BP384R1 ); + case PSA_ECC_CURVE_BRAINPOOL_P512R1: + return( MBEDTLS_ECP_DP_BP512R1 ); + case PSA_ECC_CURVE_CURVE25519: + return( MBEDTLS_ECP_DP_CURVE25519 ); + case PSA_ECC_CURVE_SECP192K1: + return( MBEDTLS_ECP_DP_SECP192K1 ); + case PSA_ECC_CURVE_SECP224K1: + return( MBEDTLS_ECP_DP_SECP224K1 ); + case PSA_ECC_CURVE_SECP256K1: + return( MBEDTLS_ECP_DP_SECP256K1 ); + case PSA_ECC_CURVE_CURVE448: + return( MBEDTLS_ECP_DP_CURVE448 ); + default: + return( MBEDTLS_ECP_DP_NONE ); + } +} + static psa_status_t prepare_raw_data_slot( psa_key_type_t type, size_t bits, struct raw_data *raw ) @@ -2495,7 +2530,114 @@ psa_status_t psa_generate_key( psa_key_slot_t key, const void *parameters, size_t parameters_size ) { - return( PSA_ERROR_NOT_SUPPORTED ); + key_slot_t *slot; + + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + slot = &global_data.key_slots[key]; + if( slot->type != PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_OCCUPIED_SLOT ); + if( parameters == NULL && parameters_size != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) + { + psa_status_t status = prepare_raw_data_slot( type, bits, + &slot->data.raw ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_generate_random( slot->data.raw.data, + slot->data.raw.bytes ); + if( status != PSA_SUCCESS ) + { + mbedtls_free( slot->data.raw.data ); + return( status ); + } +#if defined(MBEDTLS_DES_C) + if( type == PSA_KEY_TYPE_DES ) + { + mbedtls_des_key_set_parity( slot->data.raw.data ); + if( slot->data.raw.bytes >= 16 ) + mbedtls_des_key_set_parity( slot->data.raw.data + 8 ); + if( slot->data.raw.bytes == 24 ) + mbedtls_des_key_set_parity( slot->data.raw.data + 16 ); + } +#endif /* MBEDTLS_DES_C */ + } + else + +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) + if ( type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + mbedtls_rsa_context *rsa; + int ret; + int exponent = 65537; + if( parameters != NULL ) + { + const unsigned *p = parameters; + if( parameters_size != sizeof( *p ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( *p > INT_MAX ) + return( PSA_ERROR_INVALID_ARGUMENT ); + exponent = *p; + } + rsa = mbedtls_calloc( 1, sizeof( *rsa ) ); + if( rsa == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + mbedtls_rsa_init( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); + ret = mbedtls_rsa_gen_key( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + bits, + exponent ); + if( ret != 0 ) + { + mbedtls_rsa_free( rsa ); + mbedtls_free( rsa ); + return( mbedtls_to_psa_error( ret ) ); + } + slot->data.rsa = rsa; + } + else +#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ + +#if defined(MBEDTLS_ECP_C) + if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + { + psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE( type ); + mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_keypair *ecp; + int ret; + if( parameters != NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( curve_info->bit_size != bits ) + return( PSA_ERROR_INVALID_ARGUMENT ); + ecp = mbedtls_calloc( 1, sizeof( *ecp ) ); + if( ecp == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + mbedtls_ecp_keypair_init( ecp ); + ret = mbedtls_ecp_gen_key( grp_id, ecp, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ); + if( ret != 0 ) + { + mbedtls_ecp_keypair_free( ecp ); + mbedtls_free( ecp ); + return( mbedtls_to_psa_error( ret ) ); + } + slot->data.ecp = ecp; + } + else +#endif /* MBEDTLS_ECP_C */ + + return( PSA_ERROR_NOT_SUPPORTED ); + + slot->type = type; + return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b4c0fa97a..9902a0ecb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -479,3 +479,54 @@ generate_random:16:0 PSA generate random: 19 bytes generate_random:19:0 + +PSA generate key: bad type (0xffffffff) +generate_key:0xffffffff:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED + +PSA generate key: bad type (RSA public key) +generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED + +PSA generate key: raw data, 0 bits +generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS + +PSA generate key: raw data, 8 bits +generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS + +PSA generate key: raw data, 7 bits +generate_key:PSA_KEY_TYPE_AES:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA generate key: AES, 128 bits, CTR +depends_on:MBEDTLS_AES_C +generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS + +PSA generate key: DES, 64 bits, CTR +depends_on:MBEDTLS_DES_C +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS + +PSA generate key: DES, 128 bits, CTR +depends_on:MBEDTLS_DES_C +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS + +PSA generate key: DES, 192 bits, CTR +depends_on:MBEDTLS_DES_C +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS + +PSA generate key: invalid key size: AES, 64 bits +depends_on:MBEDTLS_AES_C +generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA generate key: RSA, 512 bits, good +depends_on:MBEDTLS_RSA_C +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS + +PSA generate key: RSA, 1024 bits, good +depends_on:MBEDTLS_RSA_C +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS + +PSA generate key: ECC, SECP256R1, good +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_SUCCESS + +PSA generate key: ECC, SECP256R1, incorrect bit size +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 958637560..1cd9c22a0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1585,3 +1585,133 @@ exit: mbedtls_free( buffer2 ); } /* END_CASE */ + +/* BEGIN_CASE */ +void generate_key( int type_arg, + int bits_arg, + int usage_arg, + int alg_arg, + int expected_status_arg ) +{ + int slot = 1; + psa_key_type_t type = type_arg; + psa_key_usage_t usage = usage_arg; + size_t bits = bits_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_type_t got_type; + size_t got_bits; + unsigned char exported[616] = {0}; /* enough for a 1024-bit RSA key */ + size_t exported_length; + psa_status_t expected_export_status = + usage & PSA_KEY_USAGE_EXPORT ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED; + psa_status_t expected_info_status = + expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT; + psa_key_policy_t policy; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + /* Generate a key */ + TEST_ASSERT( psa_generate_key( slot, type, bits, + NULL, 0 ) == expected_status ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( slot, + &got_type, + &got_bits ) == expected_info_status ); + if( expected_info_status != PSA_SUCCESS ) + goto exit; + TEST_ASSERT( got_type == type ); + TEST_ASSERT( got_bits == bits ); + + /* Export the key */ + TEST_ASSERT( psa_export_key( slot, + exported, sizeof( exported ), + &exported_length ) == expected_export_status ); + if( expected_export_status == PSA_SUCCESS ) + { + if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) + TEST_ASSERT( exported_length == ( bits + 7 ) / 8 ); +#if defined(MBEDTLS_DES_C) + if( type == PSA_KEY_TYPE_DES ) + { + /* Check the parity bits. */ + unsigned i; + for( i = 0; i < bits / 8; i++ ) + { + unsigned bit_count = 0; + unsigned m; + for( m = 1; m <= 0x100; m <<= 1 ) + { + if( exported[i] & m ) + ++bit_count; + } + TEST_ASSERT( bit_count % 2 != 0 ); + } + } +#endif +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) + if( type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + /* Sanity check: does this look like the beginning of a PKCS#8 + * RSA key pair? Assumes bits is a multiple of 8. */ + size_t n_bytes = bits / 8 + 1; + size_t n_encoded_bytes; + unsigned char *n_end; + TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 ); + TEST_ASSERT( exported[0] == 0x30 ); + TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key + TEST_ASSERT( exported[4] == 0x02 ); + TEST_ASSERT( exported[5] == 0x01 ); + TEST_ASSERT( exported[6] == 0x00 ); + TEST_ASSERT( exported[7] == 0x02 ); + n_encoded_bytes = exported[8]; + n_end = exported + 9 + n_encoded_bytes; + if( n_encoded_bytes & 0x80 ) + { + n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7; + n_encoded_bytes |= exported[9] & 0x7f; + n_end += 1; + } + /* The encoding of n should start with a 0 byte since it should + * have its high bit set. However Mbed TLS is not compliant and + * generates an invalid, but widely tolerated, encoding of + * positive INTEGERs with a bit size that is a multiple of 8 + * with no leading 0 byte. Accept this here. */ + TEST_ASSERT( n_bytes == n_encoded_bytes || + n_bytes == n_encoded_bytes + 1 ); + if( n_bytes == n_encoded_bytes ) + TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 ); + /* Sanity check: e must be 3 */ + TEST_ASSERT( n_end[0] == 0x02 ); + TEST_ASSERT( n_end[1] == 0x03 ); + TEST_ASSERT( n_end[2] == 0x01 ); + TEST_ASSERT( n_end[3] == 0x00 ); + TEST_ASSERT( n_end[4] == 0x01 ); + TEST_ASSERT( n_end[5] == 0x02 ); + } +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( type ) ) + { + /* Sanity check: does this look like the beginning of a PKCS#8 + * elliptic curve key pair? */ + TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 ); + TEST_ASSERT( exported[0] == 0x30 ); + } +#endif /* MBEDTLS_ECP_C */ + } + + /* We should do something with the key according to its permitted usage. + * This would require figuring out what the key type allows or + * specifying it somehow in the test data. */ + +exit: + psa_destroy_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From c939f6fcba1cda328c4a21b7c8df596690e36add Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 20 Jun 2018 11:11:08 +0100 Subject: [PATCH 0280/2197] fixup! New function mbedtls_rsa_get_bitlen In some configurations (like config-mini-tls1_1.h), size is unused. This leads to failures when building with CMake Asan, because that build doesn't use "-Wno-unused-value". Fixes: e01822299624 ("New function mbedtls_rsa_get_bitlen") --- tests/suites/test_suite_pk.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index a1d9b0b7a..916b3c54d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -16,6 +16,7 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); static int pk_genkey( mbedtls_pk_context *pk, int size ) { ((void) pk); + ((void) size); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) From 16c0f4f787e7d4f52072b4ad211fdc6e04c2c98e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 16:05:20 +0200 Subject: [PATCH 0281/2197] Fix potential memory corruption on MAC/cipher setup failure When psa_mac_start(), psa_encrypt_setup() or psa_cipher_setup() failed, depending on when the failure happened, it was possible that psa_mac_abort() or psa_cipher_abort() would crash because it would try to call a free() function uninitialized data in the operation structure. Refactor the functions so that they initialize the operation structure before doing anything else. Add non-regression tests and a few more positive and negative unit tests for psa_mac_start() and psa_cipher_setup() (the latter via psa_encrypt_setip()). --- library/psa_crypto.c | 94 +++++++++++++++------ tests/suites/test_suite_psa_crypto.data | 47 +++++++++++ tests/suites/test_suite_psa_crypto.function | 85 +++++++++++++++++++ 3 files changed, 202 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d75226cc6..535384c42 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1133,10 +1133,53 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) } } +/* Initialize the MAC operation structure. Once this function has been + * called, psa_mac_abort can run and will do the right thing. */ +static psa_status_t psa_mac_init( psa_mac_operation_t *operation, + psa_algorithm_t alg ) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + operation->alg = alg; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 0; + operation->has_input = 0; + operation->key_usage_sign = 0; + operation->key_usage_verify = 0; + +#if defined(MBEDTLS_CMAC_C) + if( alg == PSA_ALG_CMAC ) + { + operation->iv_required = 0; + mbedtls_cipher_init( &operation->ctx.cmac ); + status = PSA_SUCCESS; + } + else +#endif /* MBEDTLS_CMAC_C */ +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( operation->alg ) ) + { + status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( alg ) ); + } + else +#endif /* MBEDTLS_MD_C */ + { + /* fall through with NOT_SUPPORTED */ + } + + if( status != PSA_SUCCESS ) + memset( operation, 0, sizeof( *operation ) ); + return( status ); +} + psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) { switch( operation->alg ) { + case 0: + return( PSA_SUCCESS ); #if defined(MBEDTLS_CMAC_C) case PSA_ALG_CMAC: mbedtls_cipher_free( &operation->ctx.cmac ); @@ -1165,6 +1208,8 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) operation->iv_set = 0; operation->iv_required = 0; operation->has_input = 0; + operation->key_usage_sign = 0; + operation->key_usage_verify = 0; return( PSA_SUCCESS ); } @@ -1178,8 +1223,6 @@ static int psa_cmac_start( psa_mac_operation_t *operation, int ret; operation->mac_size = cipher_info->block_size; - operation->iv_required = 0; - mbedtls_cipher_init( &operation->ctx.cmac ); ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); if( ret != 0 ) @@ -1213,14 +1256,9 @@ static int psa_hmac_start( psa_mac_operation_t *operation, if( key_type != PSA_KEY_TYPE_HMAC ) return( PSA_ERROR_INVALID_ARGUMENT ); - operation->iv_required = 0; operation->mac_size = digest_size; - status = psa_hash_start( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( alg ) ); - if( status != PSA_SUCCESS ) - return( status ); - + /* The hash was started earlier in psa_mac_init. */ if( key_length > block_size ) { status = psa_hash_update( &operation->ctx.hmac.hash_ctx, @@ -1274,13 +1312,9 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; - operation->alg = 0; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_required = 1; - operation->has_input = 0; - operation->key_usage_sign = 0; - operation->key_usage_verify = 0; + status = psa_mac_init( operation, alg ); + if( status != PSA_SUCCESS ) + return( status ); status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1332,7 +1366,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, else { - operation->alg = alg; operation->key_set = 1; } return( status ); @@ -1872,6 +1905,21 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, /* Symmetric cryptography */ /****************************************************************/ +/* Initialize the cipher operation structure. Once this function has been + * called, psa_cipher_abort can run and will do the right thing. */ +static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation, + psa_algorithm_t alg ) +{ + operation->alg = alg; + operation->key_set = 0; + operation->iv_set = 0; + operation->iv_required = 1; + operation->iv_size = 0; + operation->block_size = 0; + mbedtls_cipher_init( &operation->ctx.cipher ); + return( PSA_SUCCESS ); +} + static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg, @@ -1884,12 +1932,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; - operation->alg = alg; - operation->key_set = 0; - operation->iv_set = 0; - operation->iv_required = 1; - operation->iv_size = 0; - operation->block_size = 0; + status = psa_cipher_init( operation, alg ); + if( status != PSA_SUCCESS ) + return( status ); status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) @@ -1900,7 +1945,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - mbedtls_cipher_init( &operation->ctx.cipher ); ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); if( ret != 0 ) { @@ -1944,7 +1988,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING operation->key_set = 1; - operation->alg = alg; operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ? PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : 1 ); @@ -2119,6 +2162,9 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) { + if( operation->alg == 0 ) + return( PSA_SUCCESS ); + mbedtls_cipher_free( &operation->ctx.cipher ); operation->alg = 0; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9902a0ecb..552faf9c4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -106,6 +106,14 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA key lifetime set: invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT +PSA hash setup: good, SHA-256 +depends_on:MBEDTLS_SHA256_C +hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS + +PSA hash setup: bad (unknown hash algorithm) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED + PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" @@ -114,6 +122,27 @@ PSA hash verify: SHA-256 depends_on:MBEDTLS_SHA256_C hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" +PSA MAC setup: good, HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA MAC setup: good, AES-CMAC +depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C +mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS + +PSA MAC setup: bad algorithm (unknown MAC algorithm) +depends_on:MBEDTLS_MD_C +mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED + +PSA MAC setup: invalid key type, HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA MAC setup: incompatible key DES for CMAC +depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +mac_setup:PSA_KEY_TYPE_DES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED + PSA MAC verify: HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62" @@ -218,6 +247,24 @@ PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" +PSA cipher setup: good, AES-CTR +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS + +PSA cipher setup: bad algorithm (unknown cipher algorithm) +depends_on:MBEDTLS_AES_C +cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher setup: invalid key type, CTR +depends_on:MBEDTLS_CIPHER_MODE_CTR +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED + +PSA cipher setup: incompatible key ARC4 for CTR +depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR +# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here +cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED + PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1cd9c22a0..ee781326e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -374,6 +374,25 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_setup( int alg_arg, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_hash_operation_t operation; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + status = psa_hash_start( &operation, alg ); + psa_hash_abort( &operation ); + TEST_ASSERT( status == (psa_status_t) expected_status_arg ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) { @@ -430,6 +449,40 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mac_setup( int key_type_arg, + data_t *key, + int alg_arg, + int expected_status_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_mac_operation_t operation; + psa_key_policy_t policy; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, + alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key->x, key->len ) == PSA_SUCCESS ); + + status = psa_mac_start( &operation, key_slot, alg ); + psa_mac_abort( &operation ); + TEST_ASSERT( status == (psa_status_t) expected_status_arg ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_verify( int key_type_arg, data_t *key, @@ -473,6 +526,38 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_setup( int key_type_arg, + data_t *key, + int alg_arg, + int expected_status_arg ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_cipher_operation_t operation; + psa_key_policy_t policy; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key->x, key->len ) == PSA_SUCCESS ); + + status = psa_encrypt_setup( &operation, key_slot, alg ); + psa_cipher_abort( &operation ); + TEST_ASSERT( status == (psa_status_t) expected_status_arg ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, data_t *key, From 248051acb6a1d24bb83504cd9eaae2a3f9418044 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 16:09:38 +0200 Subject: [PATCH 0282/2197] Add missing #ifdef guards around psa_hmac_start --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 535384c42..dba8a5daf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1235,6 +1235,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation, } #endif /* MBEDTLS_CMAC_C */ +#if defined(MBEDTLS_MD_C) static int psa_hmac_start( psa_mac_operation_t *operation, psa_key_type_t key_type, key_slot_t *slot, @@ -1301,6 +1302,7 @@ cleanup: return( status ); } +#endif /* MBEDTLS_MD_C */ psa_status_t psa_mac_start( psa_mac_operation_t *operation, psa_key_slot_t key, @@ -1357,13 +1359,11 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, } /* If we reach this point, then the algorithm-specific part of the - * context may contain data that needs to be wiped on error. */ if( status != PSA_SUCCESS ) { psa_mac_abort( operation ); } - else { operation->key_set = 1; From c06e07128c0588f100803eda09cd11b42bb5f16e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 16:21:04 +0200 Subject: [PATCH 0283/2197] Favor INVALID_ARGUMENT over NOT_SUPPORTED for bad algorithm types In psa_hash_start, psa_mac_start and psa_cipher_setup, return PSA_ERROR_INVALID_ARGUMENT rather than PSA_ERROR_NOT_SUPPORTED when the algorithm parameter is not the right category. --- library/psa_crypto.c | 13 +++++++++++-- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dba8a5daf..90b43549c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -865,7 +865,9 @@ psa_status_t psa_hash_start( psa_hash_operation_t *operation, break; #endif default: - return( PSA_ERROR_NOT_SUPPORTED ); + return( PSA_ALG_IS_HASH( alg ) ? + PSA_ERROR_NOT_SUPPORTED : + PSA_ERROR_INVALID_ARGUMENT ); } if( ret == 0 ) operation->alg = alg; @@ -1166,7 +1168,8 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, else #endif /* MBEDTLS_MD_C */ { - /* fall through with NOT_SUPPORTED */ + if( ! PSA_ALG_IS_MAC( alg ) ) + status = PSA_ERROR_INVALID_ARGUMENT; } if( status != PSA_SUCCESS ) @@ -1910,6 +1913,12 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation, psa_algorithm_t alg ) { + if( ! PSA_ALG_IS_CIPHER( alg ) ) + { + memset( operation, 0, sizeof( *operation ) ); + return( PSA_ERROR_INVALID_ARGUMENT ); + } + operation->alg = alg; operation->key_set = 0; operation->iv_set = 0; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 552faf9c4..c0d7c3ebe 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -114,6 +114,10 @@ PSA hash setup: bad (unknown hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED +PSA hash setup: bad (not a hash algorithm) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" @@ -134,6 +138,10 @@ PSA MAC setup: bad algorithm (unknown MAC algorithm) depends_on:MBEDTLS_MD_C mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED +PSA MAC setup: bad algorithm (not a MAC algorithm) +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_ERROR_INVALID_ARGUMENT + PSA MAC setup: invalid key type, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT @@ -255,6 +263,10 @@ PSA cipher setup: bad algorithm (unknown cipher algorithm) depends_on:MBEDTLS_AES_C cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED +PSA cipher setup: bad algorithm (not a cipher algorithm) +depends_on:MBEDTLS_AES_C +cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + PSA cipher setup: invalid key type, CTR depends_on:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here From 818ca1283a44506ac3ab13fb79edb3a60cae10ed Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 18:16:48 +0200 Subject: [PATCH 0284/2197] generate_key tests: exercise the key After generating a key, perform a smoke test: run one operation with it and check that the operation has the expected status. --- tests/suites/test_suite_psa_crypto.data | 38 ++-- tests/suites/test_suite_psa_crypto.function | 238 +++++++++++++++++++- 2 files changed, 258 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c0d7c3ebe..2e6b63e33 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -556,36 +556,44 @@ generate_key:PSA_KEY_TYPE_AES:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMEN PSA generate key: AES, 128 bits, CTR depends_on:MBEDTLS_AES_C -generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS -PSA generate key: DES, 64 bits, CTR -depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS +PSA generate key: AES, 128 bits, GCM +depends_on:MBEDTLS_AES_C +generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS -PSA generate key: DES, 128 bits, CTR +PSA generate key: DES, 64 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS -PSA generate key: DES, 192 bits, CTR +PSA generate key: DES, 128 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS + +PSA generate key: DES, 192 bits, CBC-nopad +depends_on:MBEDTLS_DES_C +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS PSA generate key: invalid key size: AES, 64 bits depends_on:MBEDTLS_AES_C -generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT +generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT -PSA generate key: RSA, 512 bits, good +PSA generate key: RSA, 512 bits, good, sign depends_on:MBEDTLS_RSA_C -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS -PSA generate key: RSA, 1024 bits, good +PSA generate key: RSA, 1024 bits, good, sign depends_on:MBEDTLS_RSA_C -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS + +PSA generate key: RSA, 512 bits, good, encrypt +depends_on:MBEDTLS_RSA_C +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS PSA generate key: ECC, SECP256R1, good depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW | PSA_ALG_SHA_256:PSA_SUCCESS PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT +generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ee781326e..ac6746d06 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -26,6 +26,230 @@ int mem_is_nonzero( void *buffer, size_t size ) } return( 0 ); } + +static int exercise_mac_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_mac_operation_t operation; + const unsigned char input[] = "foo"; + unsigned char mac[64] = {0}; + size_t mac_length = sizeof( mac ); + + if( usage & PSA_KEY_USAGE_SIGN ) + { + TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_update( &operation, + input, sizeof( input ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_finish( &operation, + mac, sizeof( input ), + &mac_length ) == PSA_SUCCESS ); + } + + if( usage & PSA_KEY_USAGE_VERIFY ) + { + psa_status_t verify_status = + ( usage & PSA_KEY_USAGE_SIGN ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE ); + TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_update( &operation, + input, sizeof( input ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_verify( &operation, mac, mac_length ) == verify_status ); + } + + return( 1 ); + +exit: + psa_mac_abort( &operation ); + return( 0 ); +} + +static int exercise_cipher_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_cipher_operation_t operation; + unsigned char iv[16] = {0}; + size_t iv_length = sizeof( iv ); + const unsigned char plaintext[16] = "Hello, world..."; + unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)"; + size_t ciphertext_length = sizeof( ciphertext ); + unsigned char decrypted[sizeof( ciphertext )]; + size_t part_length; + + if( usage & PSA_KEY_USAGE_ENCRYPT ) + { + TEST_ASSERT( psa_encrypt_setup( &operation, key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_generate_iv( &operation, + iv, sizeof( iv ), + &iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, + plaintext, sizeof( plaintext ), + ciphertext, sizeof( ciphertext ), + &ciphertext_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_finish( &operation, + ciphertext + ciphertext_length, + sizeof( ciphertext ) - ciphertext_length, + &part_length ) == PSA_SUCCESS ); + ciphertext_length += part_length; + } + + if( usage & PSA_KEY_USAGE_DECRYPT ) + { + psa_status_t status; + if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) + { + psa_key_type_t type; + size_t bits; + TEST_ASSERT( psa_get_key_information( key, &type, &bits ) ); + iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); + } + TEST_ASSERT( psa_decrypt_setup( &operation, key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_encrypt_set_iv( &operation, + iv, iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_update( &operation, + ciphertext, ciphertext_length, + decrypted, sizeof( decrypted ), + &part_length ) == PSA_SUCCESS ); + status = psa_cipher_finish( &operation, + decrypted + part_length, + sizeof( decrypted ) - part_length, + &part_length ); + /* For a stream cipher, all inputs are valid. For a block cipher, + * if the input is some aribtrary data rather than an actual + ciphertext, a padding error is likely. */ + if( ( usage & PSA_KEY_USAGE_DECRYPT ) || + PSA_BLOCK_CIPHER_BLOCK_SIZE( alg ) == 1 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_SUCCESS || + status == PSA_ERROR_INVALID_PADDING ); + } + + return( 1 ); + +exit: + psa_cipher_abort( &operation ); + return( 0 ); +} + +static int exercise_aead_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + unsigned char nonce[16] = {0}; + size_t nonce_length = sizeof( nonce ); + unsigned char plaintext[16] = "Hello, world..."; + unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)"; + size_t ciphertext_length = sizeof( ciphertext ); + size_t plaintext_length = sizeof( ciphertext ); + + if( usage & PSA_KEY_USAGE_ENCRYPT ) + { + TEST_ASSERT( psa_aead_encrypt( key, alg, + nonce, nonce_length, + NULL, 0, + plaintext, sizeof( plaintext ), + ciphertext, sizeof( ciphertext ), + &ciphertext_length ) == PSA_SUCCESS ); + } + + if( usage & PSA_KEY_USAGE_DECRYPT ) + { + psa_status_t verify_status = + ( usage & PSA_KEY_USAGE_ENCRYPT ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE ); + TEST_ASSERT( psa_aead_decrypt( key, alg, + nonce, nonce_length, + NULL, 0, + ciphertext, ciphertext_length, + plaintext, sizeof( plaintext ), + &plaintext_length ) == verify_status ); + } + + return( 1 ); + +exit: + return( 0 ); +} + +static int exercise_signature_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + unsigned char payload[16] = {0}; + size_t payload_length = sizeof( payload ); + unsigned char signature[256] = {0}; + size_t signature_length = sizeof( signature ); + + if( usage & PSA_KEY_USAGE_SIGN ) + { + TEST_ASSERT( psa_asymmetric_sign( key, alg, + payload, payload_length, + NULL, 0, + signature, sizeof( signature ), + &signature_length ) == PSA_SUCCESS ); + } + + if( usage & PSA_KEY_USAGE_VERIFY ) + { + psa_status_t verify_status = + ( usage & PSA_KEY_USAGE_SIGN ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE ); + TEST_ASSERT( psa_asymmetric_verify( key, alg, + payload, payload_length, + NULL, 0, + signature, signature_length ) == + verify_status ); + } + + return( 1 ); + +exit: + return( 0 ); +} + +static int exercise_asymmetric_encryption_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + unsigned char plaintext[256] = "Hello, world..."; + unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)"; + size_t ciphertext_length = sizeof( ciphertext ); + size_t plaintext_length = 16; + + if( usage & PSA_KEY_USAGE_ENCRYPT ) + { + TEST_ASSERT( + psa_asymmetric_encrypt( key, alg, + plaintext, plaintext_length, + NULL, 0, + ciphertext, sizeof( ciphertext ), + &ciphertext_length ) == PSA_SUCCESS ); + } + + if( usage & PSA_KEY_USAGE_DECRYPT ) + { + psa_status_t status = + psa_asymmetric_decrypt( key, alg, + ciphertext, ciphertext_length, + NULL, 0, + plaintext, sizeof( plaintext ), + &plaintext_length ); + TEST_ASSERT( status == PSA_SUCCESS || + ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 && + ( status == PSA_ERROR_INVALID_ARGUMENT || + status == PSA_ERROR_INVALID_PADDING ) ) ); + } + + return( 1 ); + +exit: + return( 0 ); +} /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1791,9 +2015,17 @@ void generate_key( int type_arg, #endif /* MBEDTLS_ECP_C */ } - /* We should do something with the key according to its permitted usage. - * This would require figuring out what the key type allows or - * specifying it somehow in the test data. */ + /* Do something with the key according to its type and permitted usage. */ + if( PSA_ALG_IS_MAC( alg ) ) + exercise_mac_key( slot, usage, alg ); + else if( PSA_ALG_IS_CIPHER( alg ) ) + exercise_cipher_key( slot, usage, alg ); + else if( PSA_ALG_IS_AEAD( alg ) ) + exercise_aead_key( slot, usage, alg ); + else if( PSA_ALG_IS_SIGN( alg ) ) + exercise_signature_key( slot, usage, alg ); + else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) + exercise_asymmetric_encryption_key( slot, usage, alg ); exit: psa_destroy_key( slot ); From 3f669c374af40f5fbf980e4ec430a7e007f1fffd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:21:51 +0200 Subject: [PATCH 0285/2197] Simplify mem_is_nonzero to mem_is_zero This also fixes a bug that the value that mem_is_nonzero tried to return could overflow int. --- tests/suites/test_suite_psa_crypto.function | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ac6746d06..773163ba1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -13,18 +13,18 @@ * \param buffer Pointer to the beginning of the buffer. * \param size Size of the buffer in bytes. * - * \return 0 if the buffer is all-bits-zero. - * \return A nonzero value otherwise. + * \return 1 if the buffer is all-bits-zero. + * \return 0 if there is at least one nonzero byte. */ -int mem_is_nonzero( void *buffer, size_t size ) +static int mem_is_zero( void *buffer, size_t size ) { size_t i; for( i = 0; i < size; i++ ) { if( ( (unsigned char *) buffer )[i] != 0 ) - return( i + 1 ); + return( 0 ); } - return( 0 ); + return( 1 ); } static int exercise_mac_key( psa_key_slot_t key, @@ -349,8 +349,8 @@ void import_export( data_t *data, exported, export_size, &exported_length ); TEST_ASSERT( status == (psa_status_t) expected_export_status ); - TEST_ASSERT( ! mem_is_nonzero( exported + exported_length, - export_size - exported_length ) ); + TEST_ASSERT( mem_is_zero( exported + exported_length, + export_size - exported_length ) ); if( status != PSA_SUCCESS ) { TEST_ASSERT( exported_length == 0 ); From b866e2b4d26c2580a9c903f160fc08a0c9c9a9cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:25:10 +0200 Subject: [PATCH 0286/2197] Get rid of some casts in test_suite_psa_crypto Use more auxiliary variables to unmarshall int values. --- tests/suites/test_suite_psa_crypto.function | 34 +++++++++++++-------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 773163ba1..84cb69a66 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -274,9 +274,10 @@ void init_deinit( ) /* END_CASE */ /* BEGIN_CASE */ -void import( data_t *data, int type, int expected_status ) +void import( data_t *data, int type, int expected_status_arg ) { int slot = 1; + psa_status_t expected_status = expected_status_arg; psa_status_t status; TEST_ASSERT( data != NULL ); @@ -284,7 +285,7 @@ void import( data_t *data, int type, int expected_status ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); status = psa_import_key( slot, type, data->x, data->len ); - TEST_ASSERT( status == (psa_status_t) expected_status ); + TEST_ASSERT( status == expected_status ); if( status == PSA_SUCCESS ) TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); @@ -300,13 +301,14 @@ void import_export( data_t *data, int usage_arg, int expected_bits, int export_size_delta, - int expected_export_status, + int expected_export_status_arg, int canonical_input ) { int slot = 1; int slot2 = slot + 1; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t expected_export_status = expected_export_status_arg; psa_status_t status; unsigned char *exported = NULL; unsigned char *reexported = NULL; @@ -348,7 +350,7 @@ void import_export( data_t *data, status = psa_export_key( slot, exported, export_size, &exported_length ); - TEST_ASSERT( status == (psa_status_t) expected_export_status ); + TEST_ASSERT( status == expected_export_status ); TEST_ASSERT( mem_is_zero( exported + exported_length, export_size - exported_length ) ); if( status != PSA_SUCCESS ) @@ -397,11 +399,12 @@ void import_export_public_key( data_t *data, int alg_arg, int expected_bits, int public_key_expected_length, - int expected_export_status ) + int expected_export_status_arg ) { int slot = 1; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t expected_export_status = expected_export_status_arg; psa_status_t status; unsigned char *exported = NULL; size_t export_size; @@ -437,7 +440,7 @@ void import_export_public_key( data_t *data, status = psa_export_public_key( slot, exported, export_size, &exported_length ); - TEST_ASSERT( status == (psa_status_t) expected_export_status ); + TEST_ASSERT( status == expected_export_status ); if( status != PSA_SUCCESS ) goto destroy; @@ -603,6 +606,7 @@ void hash_setup( int alg_arg, int expected_status_arg ) { psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; psa_hash_operation_t operation; psa_status_t status; @@ -610,7 +614,7 @@ void hash_setup( int alg_arg, status = psa_hash_start( &operation, alg ); psa_hash_abort( &operation ); - TEST_ASSERT( status == (psa_status_t) expected_status_arg ); + TEST_ASSERT( status == expected_status ); exit: mbedtls_psa_crypto_free( ); @@ -682,6 +686,7 @@ void mac_setup( int key_type_arg, int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; psa_mac_operation_t operation; psa_key_policy_t policy; psa_status_t status; @@ -699,7 +704,7 @@ void mac_setup( int key_type_arg, status = psa_mac_start( &operation, key_slot, alg ); psa_mac_abort( &operation ); - TEST_ASSERT( status == (psa_status_t) expected_status_arg ); + TEST_ASSERT( status == expected_status ); exit: psa_destroy_key( key_slot ); @@ -759,6 +764,7 @@ void cipher_setup( int key_type_arg, int key_slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; psa_cipher_operation_t operation; psa_key_policy_t policy; psa_status_t status; @@ -774,7 +780,7 @@ void cipher_setup( int key_type_arg, status = psa_encrypt_setup( &operation, key_slot, alg ); psa_cipher_abort( &operation ); - TEST_ASSERT( status == (psa_status_t) expected_status_arg ); + TEST_ASSERT( status == expected_status ); exit: psa_destroy_key( key_slot ); @@ -786,12 +792,13 @@ exit: void cipher_encrypt( int alg_arg, int key_type_arg, data_t *key, data_t *input, data_t *expected_output, - int expected_status ) + int expected_status_arg ) { int key_slot = 1; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; unsigned char iv[16] = {0}; unsigned char *output = NULL; size_t output_buffer_size = 0; @@ -833,7 +840,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, &function_output_length ); total_output_length += function_output_length; - TEST_ASSERT( status == (psa_status_t) expected_status ); + TEST_ASSERT( status == expected_status ); if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); @@ -994,12 +1001,13 @@ exit: void cipher_decrypt( int alg_arg, int key_type_arg, data_t *key, data_t *input, data_t *expected_output, - int expected_status ) + int expected_status_arg ) { int key_slot = 1; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; unsigned char iv[16] = {0}; unsigned char *output = NULL; size_t output_buffer_size = 0; @@ -1041,7 +1049,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, output_buffer_size, &function_output_length ); total_output_length += function_output_length; - TEST_ASSERT( status == (psa_status_t) expected_status ); + TEST_ASSERT( status == expected_status ); if( expected_status == PSA_SUCCESS ) { From 140855615fbac66e21a601657742f9693437430d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:28:55 +0200 Subject: [PATCH 0287/2197] Fix copypasta in some test cases --- tests/suites/test_suite_psa_crypto.data | 28 ++++++++++++------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2e6b63e33..631447cd2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -31,27 +31,27 @@ import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, 1024-bit, larger buffer depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: policy forbids export depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, 1024-bit, larger buffer depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -59,15 +59,15 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e PSA import/export RSA keypair: good, 1023-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 +import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS PSA import/export-public PSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -546,13 +546,13 @@ PSA generate key: bad type (RSA public key) generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED PSA generate key: raw data, 0 bits -generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS + +PSA generate key: raw data, 7 bits: invalid argument +generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT PSA generate key: raw data, 8 bits -generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS - -PSA generate key: raw data, 7 bits -generate_key:PSA_KEY_TYPE_AES:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT +generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS PSA generate key: AES, 128 bits, CTR depends_on:MBEDTLS_AES_C From b54979a297702014f12f50bf3b2652f2671737bb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:32:47 +0200 Subject: [PATCH 0288/2197] Refuse non-byte-sized raw data keys Since the key size is stored in bytes, we can't have a key whose size isn't a whole number of bytes. --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 90b43549c..ba80912dd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -420,6 +420,8 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, default: return( PSA_ERROR_NOT_SUPPORTED ); } + if( bits % 8 != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); /* Allocate memory for the key */ raw->bytes = PSA_BITS_TO_BYTES( bits ); From 775b8e97b1795a720870c304413a9f1f65a4180d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:34:34 +0200 Subject: [PATCH 0289/2197] export asymmetric key: more larger buffer cases Test not only a buffer that's one byte larger than the minimum, but also larger sizes that currently trigger a different code path. --- tests/suites/test_suite_psa_crypto.data | 28 +++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 631447cd2..aafc243fc 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -33,10 +33,22 @@ PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 -PSA import/export RSA public key: good, 1024-bit, larger buffer +PSA import/export RSA public key: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +PSA import/export RSA public key: good, larger buffer (*2-1) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 + +PSA import/export RSA public key: good, larger buffer (*2) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 + +PSA import/export RSA public key: good, larger buffer (*2+1) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 + PSA import/export RSA keypair: policy forbids export depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 @@ -45,10 +57,22 @@ PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 -PSA import/export RSA keypair: good, 1024-bit, larger buffer +PSA import/export RSA keypair: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +PSA import/export RSA keypair: good, larger buffer (*2-1) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, larger buffer (*2) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1 + +PSA import/export RSA keypair: good, larger buffer (*2+1) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 + PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 From 9a94480685ee3280be70aeaf650ee6d49ffdfe74 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:35:35 +0200 Subject: [PATCH 0290/2197] Convert ERR_ASN1 error codes to PSA This fixes the error code when psa_export_key on an asymmetric key reports that the output buffer is too small. --- library/psa_crypto.c | 12 ++++++++++++ tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 2 files changed, 20 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ba80912dd..adcadf3f5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -39,6 +39,7 @@ #endif #include "mbedtls/arc4.h" +#include "mbedtls/asn1.h" #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/cipher.h" @@ -144,6 +145,17 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_ASN1_OUT_OF_DATA: + case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG: + case MBEDTLS_ERR_ASN1_INVALID_LENGTH: + case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH: + case MBEDTLS_ERR_ASN1_INVALID_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_ASN1_ALLOC_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: + return( PSA_ERROR_BUFFER_TOO_SMALL ); + case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aafc243fc..94fb181e0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -49,6 +49,10 @@ PSA import/export RSA public key: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 +PSA import/export RSA public key: export buffer too small +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 + PSA import/export RSA keypair: policy forbids export depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 @@ -73,6 +77,10 @@ PSA import/export RSA keypair: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 +PSA import/export RSA keypair: export buffer too small +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 + PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 From 9ad29e2bee1c12f6799d269307abf10f6153d8f0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 09:40:04 +0200 Subject: [PATCH 0291/2197] Add what little was missing to fully support DES Also add what was missing in the test suite to support block ciphers with a block size that isn't 16. Fix some buggy test data that passed only due to problems with DES support in the product. --- library/psa_crypto.c | 27 ++++++++++++++-- tests/suites/test_suite_psa_crypto.data | 34 ++++++++++++++++++--- tests/suites/test_suite_psa_crypto.function | 20 ++++++++---- 3 files changed, 68 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index adcadf3f5..a610af364 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1102,10 +1102,17 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; break; case PSA_KEY_TYPE_DES: + /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES, + * and 192 for three-key Triple-DES. */ if( key_bits == 64 ) cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; else cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; + /* mbedtls doesn't recognize two-key Triple-DES as an algorithm, + * but two-key Triple-DES is functionally three-key Triple-DES + * with K1=K3, so that's how we present it to mbedtls. */ + if( key_bits == 128 ) + key_bits = 192; break; case PSA_KEY_TYPE_CAMELLIA: cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA; @@ -1975,8 +1982,24 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } - ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, - key_bits, cipher_operation ); +#if defined(MBEDTLS_DES_C) + if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) + { + /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ + unsigned char keys[24]; + memcpy( keys, slot->data.raw.data, 16 ); + memcpy( keys + 16, slot->data.raw.data, 8 ); + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, + keys, + 192, cipher_operation ); + } + else +#endif + { + ret = mbedtls_cipher_setkey( &operation->ctx.cipher, + slot->data.raw.data, + key_bits, cipher_operation ); + } if( ret != 0 ) { psa_cipher_abort( operation ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 94fb181e0..9ed9cf532 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -178,10 +178,10 @@ PSA MAC setup: invalid key type, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT -PSA MAC setup: incompatible key DES for CMAC -depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C +PSA MAC setup: incompatible key HMAC for CMAC +depends_on:MBEDTLS_CMAC_C # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here -mac_setup:PSA_KEY_TYPE_DES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED PSA MAC verify: HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -333,6 +333,18 @@ PSA symmetric encrypt: AES-CTR, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS +PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS + +PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS + +PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS + PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS @@ -357,6 +369,18 @@ PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE +PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS + +PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS + PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" @@ -600,11 +624,11 @@ generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA generate key: DES, 128 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS PSA generate key: DES, 192 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS PSA generate key: invalid key size: AES, 64 bits depends_on:MBEDTLS_AES_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 84cb69a66..c64138223 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -800,6 +800,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; unsigned char iv[16] = {0}; + size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -813,7 +814,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); - memset( iv, 0x2a, sizeof( iv ) ); + iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + memset( iv, 0x2a, iv_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -824,7 +826,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); + iv, iv_size ) == PSA_SUCCESS ); output_buffer_size = input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); @@ -867,6 +869,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; + size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -880,7 +883,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); - memset( iv, 0x2a, sizeof( iv ) ); + iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + memset( iv, 0x2a, iv_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -937,6 +941,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; + size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -950,7 +955,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); - memset( iv, 0x2a, sizeof( iv ) ); + iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + memset( iv, 0x2a, iv_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1009,6 +1015,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; unsigned char iv[16] = {0}; + size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -1022,7 +1029,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); - memset( iv, 0x2a, sizeof( iv ) ); + iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + memset( iv, 0x2a, iv_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1033,7 +1041,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); + iv, iv_size ) == PSA_SUCCESS ); output_buffer_size = input->len + operation.block_size; output = mbedtls_calloc( 1, output_buffer_size ); From a50d7396f3ef605ebf5529ca211bae71836502c0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 10:22:13 +0200 Subject: [PATCH 0292/2197] test of generate_random: focus on testing the output buffer size In the test generate_random, focus on testing that psa_generate_random is writing all the bytes of the output buffer and no more. Add a check that it is writing to each byte of the output buffer. Do not try to look for repeating output as the structure of a unit test isn't likely to catch that sort of problem anyway. --- tests/suites/test_suite_psa_crypto.data | 13 +++-- tests/suites/test_suite_psa_crypto.function | 62 ++++++++++++--------- 2 files changed, 43 insertions(+), 32 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9ed9cf532..265a6d5be 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -581,19 +581,22 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT PSA generate random: 0 bytes -generate_random:0:0 +generate_random:0 PSA generate random: 1 byte -generate_random:1:8 +generate_random:1 PSA generate random: 4 bytes -generate_random:1:2 +generate_random:4 PSA generate random: 16 bytes -generate_random:16:0 +generate_random:16 PSA generate random: 19 bytes -generate_random:19:0 +generate_random:19 + +PSA generate random: 260 bytes +generate_random:260 PSA generate key: bad type (0xffffffff) generate_key:0xffffffff:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c64138223..9af19fa6d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1871,43 +1871,51 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void generate_random( int bytes, int retries ) +void generate_random( int bytes_arg ) { - const unsigned char trail[] = "foobar"; - unsigned char *buffer1 = mbedtls_calloc( 1, bytes + sizeof( trail ) ); - unsigned char *buffer2 = mbedtls_calloc( 1, bytes ); + size_t bytes = bytes_arg; + const unsigned char trail[] = "don't overwrite me"; + unsigned char *output = mbedtls_calloc( 1, bytes + sizeof( trail ) ); + unsigned char *changed = mbedtls_calloc( 1, bytes ); + size_t i; + unsigned run; - TEST_ASSERT( buffer1 != NULL ); - TEST_ASSERT( buffer2 != NULL ); - memcpy( buffer1 + bytes, trail, sizeof( trail ) ); + TEST_ASSERT( output != NULL ); + TEST_ASSERT( changed != NULL ); + memcpy( output + bytes, trail, sizeof( trail ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generate_random( buffer1, bytes ) == PSA_SUCCESS ); - - /* Check that no more than bytes have been overwritten */ - TEST_ASSERT( memcmp( buffer1 + bytes, trail, sizeof( trail ) ) == 0 ); - - if( bytes == 0 ) - goto exit; - - /* We can't validate that the data is really random, but we can - * validate that it doesn't repeat between calls. There's a - * 1/256^bytes chance that it does repeat, of course, so allow - * a few retries. */ - ++retries; /* The first time isn't a REtry */ - do + /* Run several times, to ensure that every output byte will be + * nonzero at least once with overwhelming probability + * (2^(-8*number_of_runs)). */ + for( run = 0; run < 10; run++ ) { - --retries; - TEST_ASSERT( psa_generate_random( buffer2, bytes ) == PSA_SUCCESS ); + memset( output, 0, bytes ); + TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS ); + + /* Check that no more than bytes have been overwritten */ + TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 ); + + for( i = 0; i < bytes; i++ ) + { + if( output[i] != 0 ) + ++changed[i]; + } + } + + /* Check that every byte was changed to nonzero at least once. This + * validates that psa_generate_random is overwriting every byte of + * the output buffer. */ + for( i = 0; i < bytes; i++ ) + { + TEST_ASSERT( changed[i] != 0 ); } - while( memcmp( buffer1, buffer2, bytes ) == 0 && retries >= -1 ); - TEST_ASSERT( retries >= 0 ); exit: mbedtls_psa_crypto_free( ); - mbedtls_free( buffer1 ); - mbedtls_free( buffer2 ); + mbedtls_free( output ); + mbedtls_free( changed ); } /* END_CASE */ From 48c0ea14c66998c956c5fd4b0b17020a11d60fef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 14:15:31 +0200 Subject: [PATCH 0293/2197] Remove PSA_KEY_TYPE_IS_RAW_BYTES from crypto.h It isn't used to define other macros and it doesn't seem that useful for users. Remove it, we can reintroduce it if needed. Define a similar function key_type_is_raw_bytes in the implementation with a clear semantics: it's a key that's represented as a struct raw_data. --- include/psa/crypto.h | 3 --- library/psa_crypto.c | 17 ++++++++++++----- tests/suites/test_suite_psa_crypto.function | 9 ++++++++- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 204ac267a..4a46eb8c3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -366,9 +366,6 @@ typedef uint32_t psa_key_type_t; /** Whether a key type is vendor-defined. */ #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) -#define PSA_KEY_TYPE_IS_RAW_BYTES(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_RAW_DATA || \ - ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC) /** Whether a key type is asymmetric: either a key pair or a public key. */ #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a610af364..fc73b2cf2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -116,6 +116,13 @@ typedef struct } data; } key_slot_t; +static int key_type_is_raw_bytes( psa_key_type_t type ) +{ + psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK; + return( category == PSA_KEY_TYPE_RAW_DATA || + category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); +} + typedef struct { int initialized; @@ -459,7 +466,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, if( slot->type != PSA_KEY_TYPE_NONE ) return( PSA_ERROR_OCCUPIED_SLOT ); - if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) + if( key_type_is_raw_bytes( type ) ) { psa_status_t status; /* Ensure that a bytes-to-bit conversion won't overflow. */ @@ -541,7 +548,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) /* No key material to clean, but do zeroize the slot below to wipe * metadata such as policies. */ } - else if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + else if( key_type_is_raw_bytes( slot->type ) ) { mbedtls_free( slot->data.raw.data ); } @@ -589,7 +596,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); - if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + if( key_type_is_raw_bytes( slot->type ) ) { if( bits != NULL ) *bits = slot->data.raw.bytes * 8; @@ -643,7 +650,7 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 ) return( PSA_ERROR_NOT_PERMITTED ); - if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) ) + if( key_type_is_raw_bytes( slot->type ) ) { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -2632,7 +2639,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, if( parameters == NULL && parameters_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) + if( key_type_is_raw_bytes( type ) ) { psa_status_t status = prepare_raw_data_slot( type, bits, &slot->data.raw ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9af19fa6d..2d279fc38 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -27,6 +27,13 @@ static int mem_is_zero( void *buffer, size_t size ) return( 1 ); } +static int key_type_is_raw_bytes( psa_key_type_t type ) +{ + psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK; + return( category == PSA_KEY_TYPE_RAW_DATA || + category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); +} + static int exercise_mac_key( psa_key_slot_t key, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -1967,7 +1974,7 @@ void generate_key( int type_arg, &exported_length ) == expected_export_status ); if( expected_export_status == PSA_SUCCESS ) { - if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) ) + if( key_type_is_raw_bytes( type ) ) TEST_ASSERT( exported_length == ( bits + 7 ) / 8 ); #if defined(MBEDTLS_DES_C) if( type == PSA_KEY_TYPE_DES ) From f9c2c09810a2ba0cdca72b08b5eafe8872a7e150 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Jun 2018 16:57:07 +0200 Subject: [PATCH 0294/2197] In abort functions, return BAD_STATE on obviously bad input psa_hash_abort, psa_mac_abort and psa_cipher_abort now return PSA_ERROR_BAD_STATE if operation->alg is obviously not valid, which can only happen due to a programming error in the caller or in the library. We can't detect all cases of calling abort on uninitialized memory but this is dirt cheap and better than nothing. --- library/psa_crypto.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fc73b2cf2..12c21d7b6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -822,7 +822,7 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) break; #endif default: - return( PSA_ERROR_NOT_SUPPORTED ); + return( PSA_ERROR_BAD_STATE ); } operation->alg = 0; return( PSA_SUCCESS ); @@ -1231,7 +1231,11 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) } else #endif /* MBEDTLS_MD_C */ - return( PSA_ERROR_NOT_SUPPORTED ); + { + /* Sanity check (shouldn't happen: operation->alg should + * always have been initialized to a valid value). */ + return( PSA_ERROR_BAD_STATE ); + } } operation->alg = 0; @@ -2218,6 +2222,11 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) if( operation->alg == 0 ) return( PSA_SUCCESS ); + /* Sanity check (shouldn't happen: operation->alg should + * always have been initialized to a valid value). */ + if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) + return( PSA_ERROR_BAD_STATE ); + mbedtls_cipher_free( &operation->ctx.cipher ); operation->alg = 0; From c2a79768867bdc5425fe3408482b74888ad4faa5 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Mon, 18 Jun 2018 16:20:16 +0300 Subject: [PATCH 0295/2197] PSA Crypto error code definitions Removed the psa_status_t enum and defined error codes as defines. Conditionally defining PSA_SUCCESS and psa_status_t. --- include/psa/crypto.h | 432 ++++++++++++++++++++++--------------------- 1 file changed, 226 insertions(+), 206 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 94060c1eb..9780681be 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -50,212 +50,232 @@ extern "C" { * * Zero indicates success, anything else indicates an error. */ -typedef enum { - /** The action was completed successfully. */ - PSA_SUCCESS = 0, - /** The requested operation or a parameter is not supported - * by this implementation. - * - * Implementations should return this error code when an enumeration - * parameter such as a key type, algorithm, etc. is not recognized. - * If a combination of parameters is recognized and identified as - * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ - PSA_ERROR_NOT_SUPPORTED, - /** The requested action is denied by a policy. - * - * Implementations should return this error code when the parameters - * are recognized as valid and supported, and a policy explicitly - * denies the requested operation. - * - * If a subset of the parameters of a function call identify a - * forbidden operation, and another subset of the parameters are - * not valid or not supported, it is unspecified whether the function - * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or - * #PSA_ERROR_INVALID_ARGUMENT. */ - PSA_ERROR_NOT_PERMITTED, - /** An output buffer is too small. - * - * Applications can call the `PSA_xxx_SIZE` macro listed in the function - * description to determine a sufficient buffer size. - * - * Implementations should preferably return this error code only - * in cases when performing the operation with a larger output - * buffer would succeed. However implementations may return this - * error if a function has invalid or unsupported parameters in addition - * to the parameters that determine the necessary output buffer size. */ - PSA_ERROR_BUFFER_TOO_SMALL, - /** A slot is occupied, but must be empty to carry out the - * requested action. - * - * If the slot number is invalid (i.e. the requested action could - * not be performed even after erasing the slot's content), - * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ - PSA_ERROR_OCCUPIED_SLOT, - /** A slot is empty, but must be occupied to carry out the - * requested action. - * - * If the slot number is invalid (i.e. the requested action could - * not be performed even after creating appropriate content in the slot), - * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ - PSA_ERROR_EMPTY_SLOT, - /** The requested action cannot be performed in the current state. - * - * Multipart operations return this error when one of the - * functions is called out of sequence. Refer to the function - * descriptions for permitted sequencing of functions. - * - * Implementations shall not return this error code to indicate - * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT - * as applicable. */ - PSA_ERROR_BAD_STATE, - /** The parameters passed to the function are invalid. - * - * Implementations may return this error any time a parameter or - * combination of parameters are recognized as invalid. - * - * Implementations shall not return this error code to indicate - * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT - * as applicable. */ - PSA_ERROR_INVALID_ARGUMENT, - /** There is not enough runtime memory. - * - * If the action is carried out across multiple security realms, this - * error can refer to available memory in any of the security realms. */ - PSA_ERROR_INSUFFICIENT_MEMORY, - /** There is not enough persistent storage. - * - * Functions that modify the key storage return this error code if - * there is insufficient storage space on the host media. In addition, - * many functions that do not otherwise access storage may return this - * error code if the implementation requires a mandatory log entry for - * the requested action and the log storage space is full. */ - PSA_ERROR_INSUFFICIENT_STORAGE, - /** There was a communication failure inside the implementation. - * - * This can indicate a communication failure between the application - * and an external cryptoprocessor or between the cryptoprocessor and - * an external volatile or persistent memory. A communication failure - * may be transient or permanent depending on the cause. - * - * \warning If a function returns this error, it is undetermined - * whether the requested action has completed or not. Implementations - * should return #PSA_SUCCESS on successful completion whenver - * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE - * if the requested action was completed successfully in an external - * cryptoprocessor but there was a breakdown of communication before - * the cryptoprocessor could report the status to the application. - */ - PSA_ERROR_COMMUNICATION_FAILURE, - /** There was a storage failure that may have led to data loss. - * - * This error indicates that some persistent storage is corrupted. - * It should not be used for a corruption of volatile memory - * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error - * between the cryptoprocessor and its external storage (use - * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is - * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). - * - * Note that a storage failure does not indicate that any data that was - * previously read is invalid. However this previously read data may no - * longer be readable from storage. - * - * When a storage failure occurs, it is no longer possible to ensure - * the global integrity of the keystore. Depending on the global - * integrity guarantees offered by the implementation, access to other - * data may or may not fail even if the data is still readable but - * its integrity canont be guaranteed. - * - * Implementations should only use this error code to report a - * permanent storage corruption. However application writers should - * keep in mind that transient errors while reading the storage may be - * reported using this error code. */ - PSA_ERROR_STORAGE_FAILURE, - /** A hardware failure was detected. - * - * A hardware failure may be transient or permanent depending on the - * cause. */ - PSA_ERROR_HARDWARE_FAILURE, - /** A tampering attempt was detected. - * - * If an application receives this error code, there is no guarantee - * that previously accessed or computed data was correct and remains - * confidential. Applications should not perform any security function - * and should enter a safe failure state. - * - * Implementations may return this error code if they detect an invalid - * state that cannot happen during normal operation and that indicates - * that the implementation's security guarantees no longer hold. Depending - * on the implementation architecture and on its security and safety goals, - * the implementation may forcibly terminate the application. - * - * This error code is intended as a last resort when a security breach - * is detected and it is unsure whether the keystore data is still - * protected. Implementations shall only return this error code - * to report an alarm from a tampering detector, to indicate that - * the confidentiality of stored data can no longer be guaranteed, - * or to indicate that the integrity of previously returned data is now - * considered compromised. Implementations shall not use this error code - * to indicate a hardware failure that merely makes it impossible to - * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, - * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, - * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code - * instead). - * - * This error indicates an attack against the application. Implementations - * shall not return this error code as a consequence of the behavior of - * the application itself. */ - PSA_ERROR_TAMPERING_DETECTED, - /** There is not enough entropy to generate random data needed - * for the requested action. - * - * This error indicates a failure of a hardware random generator. - * Application writers should note that this error can be returned not - * only by functions whose purpose is to generate random data, such - * as key, IV or nonce generation, but also by functions that execute - * an algorithm with a randomized result, as well as functions that - * use randomization of intermediate computations as a countermeasure - * to certain attacks. - * - * Implementations should avoid returning this error after psa_crypto_init() - * has succeeded. Implementations should generate sufficient - * entropy during initialization and subsequently use a cryptographically - * secure pseudorandom generator (PRNG). However implementations may return - * this error at any time if a policy requires the PRNG to be reseeded - * during normal operation. */ - PSA_ERROR_INSUFFICIENT_ENTROPY, - /** The signature, MAC or hash is incorrect. - * - * Verification functions return this error if the verification - * calculations completed successfully, and the value to be verified - * was determined to be incorrect. - * - * If the value to verify has an invalid size, implementations may return - * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ - PSA_ERROR_INVALID_SIGNATURE, - /** The decrypted padding is incorrect. - * - * \warning In some protocols, when decrypting data, it is essential that - * the behavior of the application does not depend on whether the padding - * is correct, down to precise timing. Applications should prefer - * protocols that use authenticated encryption rather than plain - * encryption. If the application must perform a decryption of - * unauthenticated data, the application writer should take care not - * to reveal whether the padding is invalid. - * - * Implementations should strive to make valid and invalid padding - * as close as possible to indistinguishable to an external observer. - * In particular, the timing of a decryption operation should not - * depend on the validity of the padding. */ - PSA_ERROR_INVALID_PADDING, - /** An error occurred that does not correspond to any defined - * failure cause. - * - * Implementations may use this error code if none of the other standard - * error codes are applicable. */ - PSA_ERROR_UNKNOWN_ERROR, -} psa_status_t; +#if defined(PSA_SUCCESS) +typedef psa_error_t psa_status_t; +#else +typedef int32_t psa_status_t; +/** The action was completed successfully. */ +#define PSA_SUCCESS ((psa_status_t)0) +#endif // PSA_SUCCESS + +/** The requested operation or a parameter is not supported + * by this implementation. + * + * Implementations should return this error code when an enumeration + * parameter such as a key type, algorithm, etc. is not recognized. + * If a combination of parameters is recognized and identified as + * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)1) + +/** The requested action is denied by a policy. + * + * Implementations should return this error code when the parameters + * are recognized as valid and supported, and a policy explicitly + * denies the requested operation. + * + * If a subset of the parameters of a function call identify a + * forbidden operation, and another subset of the parameters are + * not valid or not supported, it is unspecified whether the function + * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or + * #PSA_ERROR_INVALID_ARGUMENT. */ +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)2) + +/** An output buffer is too small. + * + * Applications can call the `PSA_xxx_SIZE` macro listed in the function + * description to determine a sufficient buffer size. + * + * Implementations should preferably return this error code only + * in cases when performing the operation with a larger output + * buffer would succeed. However implementations may return this + * error if a function has invalid or unsupported parameters in addition + * to the parameters that determine the necessary output buffer size. */ +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)3) + +/** A slot is occupied, but must be empty to carry out the + * requested action. + * + * If the slot number is invalid (i.e. the requested action could + * not be performed even after erasing the slot's content), + * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ +#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)4) + +/** A slot is empty, but must be occupied to carry out the + * requested action. + * + * If the slot number is invalid (i.e. the requested action could + * not be performed even after creating appropriate content in the slot), + * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ +#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)5) + +/** The requested action cannot be performed in the current state. + * + * Multipart operations return this error when one of the + * functions is called out of sequence. Refer to the function + * descriptions for permitted sequencing of functions. + * + * Implementations shall not return this error code to indicate + * that a key slot is occupied when it needs to be free or vice versa, + * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * as applicable. */ +#define PSA_ERROR_BAD_STATE ((psa_status_t)6) + +/** The parameters passed to the function are invalid. + * + * Implementations may return this error any time a parameter or + * combination of parameters are recognized as invalid. + * + * Implementations shall not return this error code to indicate + * that a key slot is occupied when it needs to be free or vice versa, + * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * as applicable. */ +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)7) + +/** There is not enough runtime memory. + * + * If the action is carried out across multiple security realms, this + * error can refer to available memory in any of the security realms. */ +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)8) + +/** There is not enough persistent storage. + * + * Functions that modify the key storage return this error code if + * there is insufficient storage space on the host media. In addition, + * many functions that do not otherwise access storage may return this + * error code if the implementation requires a mandatory log entry for + * the requested action and the log storage space is full. */ +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)9) + +/** There was a communication failure inside the implementation. + * + * This can indicate a communication failure between the application + * and an external cryptoprocessor or between the cryptoprocessor and + * an external volatile or persistent memory. A communication failure + * may be transient or permanent depending on the cause. + * + * \warning If a function returns this error, it is undetermined + * whether the requested action has completed or not. Implementations + * should return #PSA_SUCCESS on successful completion whenver + * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE + * if the requested action was completed successfully in an external + * cryptoprocessor but there was a breakdown of communication before + * the cryptoprocessor could report the status to the application. + */ +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)10) + +/** There was a storage failure that may have led to data loss. + * + * This error indicates that some persistent storage is corrupted. + * It should not be used for a corruption of volatile memory + * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error + * between the cryptoprocessor and its external storage (use + * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is + * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). + * + * Note that a storage failure does not indicate that any data that was + * previously read is invalid. However this previously read data may no + * longer be readable from storage. + * + * When a storage failure occurs, it is no longer possible to ensure + * the global integrity of the keystore. Depending on the global + * integrity guarantees offered by the implementation, access to other + * data may or may not fail even if the data is still readable but + * its integrity canont be guaranteed. + * + * Implementations should only use this error code to report a + * permanent storage corruption. However application writers should + * keep in mind that transient errors while reading the storage may be + * reported using this error code. */ +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)11) + +/** A hardware failure was detected. + * + * A hardware failure may be transient or permanent depending on the + * cause. */ +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)12) + +/** A tampering attempt was detected. + * + * If an application receives this error code, there is no guarantee + * that previously accessed or computed data was correct and remains + * confidential. Applications should not perform any security function + * and should enter a safe failure state. + * + * Implementations may return this error code if they detect an invalid + * state that cannot happen during normal operation and that indicates + * that the implementation's security guarantees no longer hold. Depending + * on the implementation architecture and on its security and safety goals, + * the implementation may forcibly terminate the application. + * + * This error code is intended as a last resort when a security breach + * is detected and it is unsure whether the keystore data is still + * protected. Implementations shall only return this error code + * to report an alarm from a tampering detector, to indicate that + * the confidentiality of stored data can no longer be guaranteed, + * or to indicate that the integrity of previously returned data is now + * considered compromised. Implementations shall not use this error code + * to indicate a hardware failure that merely makes it impossible to + * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, + * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, + * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code + * instead). + * + * This error indicates an attack against the application. Implementations + * shall not return this error code as a consequence of the behavior of + * the application itself. */ +#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)13) + +/** There is not enough entropy to generate random data needed + * for the requested action. + * + * This error indicates a failure of a hardware random generator. + * Application writers should note that this error can be returned not + * only by functions whose purpose is to generate random data, such + * as key, IV or nonce generation, but also by functions that execute + * an algorithm with a randomized result, as well as functions that + * use randomization of intermediate computations as a countermeasure + * to certain attacks. + * + * Implementations should avoid returning this error after psa_crypto_init() + * has succeeded. Implementations should generate sufficient + * entropy during initialization and subsequently use a cryptographically + * secure pseudorandom generator (PRNG). However implementations may return + * this error at any time if a policy requires the PRNG to be reseeded + * during normal operation. */ +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)14) + +/** The signature, MAC or hash is incorrect. + * + * Verification functions return this error if the verification + * calculations completed successfully, and the value to be verified + * was determined to be incorrect. + * + * If the value to verify has an invalid size, implementations may return + * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)15) + +/** The decrypted padding is incorrect. + * + * \warning In some protocols, when decrypting data, it is essential that + * the behavior of the application does not depend on whether the padding + * is correct, down to precise timing. Applications should prefer + * protocols that use authenticated encryption rather than plain + * encryption. If the application must perform a decryption of + * unauthenticated data, the application writer should take care not + * to reveal whether the padding is invalid. + * + * Implementations should strive to make valid and invalid padding + * as close as possible to indistinguishable to an external observer. + * In particular, the timing of a decryption operation should not + * depend on the validity of the padding. */ +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)16) + +/** An error occurred that does not correspond to any defined + * failure cause. + * + * Implementations may use this error code if none of the other standard + * error codes are applicable. */ +#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)17) /** * \brief Library initialization. From 8173631d7e889882d00b40e95a5f3915957d18be Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 15:04:31 +0200 Subject: [PATCH 0296/2197] psa_hash_abort: return PSA_SUCCESS if alg=0 Make psa_hash_abort consistent with psa_mac_abort and psa_cipher_abort. Add a comment explaining the reasoning. --- library/psa_crypto.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 12c21d7b6..2670e4139 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -784,6 +784,11 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { switch( operation->alg ) { + case 0: + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + break; #if defined(MBEDTLS_MD2_C) case PSA_ALG_MD2: mbedtls_md2_free( &operation->ctx.md2 ); @@ -1210,6 +1215,9 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) switch( operation->alg ) { case 0: + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ return( PSA_SUCCESS ); #if defined(MBEDTLS_CMAC_C) case PSA_ALG_CMAC: @@ -2220,7 +2228,12 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) { if( operation->alg == 0 ) + { + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ return( PSA_SUCCESS ); + } /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ From f24c7f80a07d37de80d277ea326f12df2bf510ae Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 27 Jun 2018 17:20:43 +0100 Subject: [PATCH 0297/2197] psa_export_key: Always set a valid data length Make psa_export_key() always set a valid data_length when exporting, even when there are errors. This makes the API easier to use for buggy programs (like our test code). Our test code previously used exported_length uninitialized when checking to see that the buffer returned was all zero in import_export() in the case where an error was returned from psa_export_key(). Initialize exported_length to an invalid length, and check that it gets set properly by psa_export_key(), to avoid this using export_length uninitialized. Note that the mem_is_zero() check is still valid when psa_export_key() returns an error, e.g. where exported_length is 0, as we want to check that nothing was written to the buffer on error. Out test code also previous passed NULL for the data_length parameter of psa_export_key() when it expected a failure (in key_policy_fail()). However, data_length is not allowed to be NULL, especially now that we write to data_length from psa_export_key() even when there are errors. Update the test code to not pass in a NULL data_length. --- library/psa_crypto.c | 6 ++++++ tests/suites/test_suite_psa_crypto.function | 15 +++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2670e4139..de2bf40a9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -636,6 +636,12 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, { key_slot_t *slot; + /* Set the key to empty now, so that even when there are errors, we always + * set data_length to a value between 0 and data_size. On error, setting + * the key to empty is a good choice because an empty key representation is + * unlikely to be accepted anywhere. */ + *data_length = 0; + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) return( PSA_ERROR_EMPTY_SLOT ); slot = &global_data.key_slots[key]; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2d279fc38..c67725d70 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -8,6 +8,9 @@ #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1 #endif +/** An invalid export length that will never be set by psa_export_key(). */ +static const size_t INVALID_EXPORT_LENGTH = ~0U; + /** Test if a buffer is not all-bits zero. * * \param buffer Pointer to the beginning of the buffer. @@ -320,7 +323,7 @@ void import_export( data_t *data, unsigned char *exported = NULL; unsigned char *reexported = NULL; size_t export_size; - size_t exported_length; + size_t exported_length = INVALID_EXPORT_LENGTH; size_t reexported_length; psa_key_type_t got_type; size_t got_bits; @@ -358,6 +361,13 @@ void import_export( data_t *data, exported, export_size, &exported_length ); TEST_ASSERT( status == expected_export_status ); + + /* The exported length must be set by psa_export_key() to a value between 0 + * and export_size. On errors, the exported length must be 0. */ + TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH ); + TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 ); + TEST_ASSERT( exported_length <= export_size ); + TEST_ASSERT( mem_is_zero( exported + exported_length, export_size - exported_length ) ); if( status != PSA_SUCCESS ) @@ -536,13 +546,14 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, if( usage & PSA_KEY_USAGE_SIGN ) { + size_t data_length; TEST_ASSERT( keypair != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, keypair->x, keypair->len ) == PSA_SUCCESS ); - actual_status = psa_export_key( key_slot, NULL, 0, NULL ); + actual_status = psa_export_key( key_slot, NULL, 0, &data_length ); } TEST_ASSERT( actual_status == expected_status ); From e9a0a9d74d5098572edd23138b11f270a3091641 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Jun 2018 13:59:04 +0200 Subject: [PATCH 0298/2197] Update documentation of psa_success_t Now that the type is not an enum, explain what values are valid. Also add a comment to explain the #if defined(PSA_SUCCESS) temporary hack. --- include/psa/crypto.h | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9780681be..20e2942c9 100755 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -45,18 +45,33 @@ extern "C" { * @{ */ +#if defined(PSA_SUCCESS) +/* If PSA_SUCCESS is defined, assume that PSA crypto is being used + * together with PSA IPC, which also defines the identifier + * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; + * the other error code names don't clash. Also define psa_status_t as + * an alias for the type used by PSA IPC. This is a temporary hack + * until we unify error reporting in PSA IPC and PSA crypo. + * + * Note that psa_defs.h must be included before this header! + */ +typedef psa_error_t psa_status_t; + +#else /* defined(PSA_SUCCESS) */ + /** * \brief Function return status. * - * Zero indicates success, anything else indicates an error. + * This is either #PSA_SUCCESS (which is zero), indicating success, + * or a nonzero value indicating that an error occurred. Errors are + * encoded as one of the \c PSA_ERROR_xxx values defined here. */ -#if defined(PSA_SUCCESS) -typedef psa_error_t psa_status_t; -#else typedef int32_t psa_status_t; + /** The action was completed successfully. */ #define PSA_SUCCESS ((psa_status_t)0) -#endif // PSA_SUCCESS + +#endif /* !defined(PSA_SUCCESS) */ /** The requested operation or a parameter is not supported * by this implementation. From c648d6949d75718e23d78fbee802247202c584fb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 08:46:13 +0200 Subject: [PATCH 0299/2197] psa_import_key: fix memory leak on error Free the content of the pk object if an error occurs after the import. --- library/psa_crypto.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index de2bf40a9..dbeeef6ae 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -487,6 +487,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, { int ret; mbedtls_pk_context pk; + psa_status_t status = PSA_SUCCESS; mbedtls_pk_init( &pk ); if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); @@ -502,7 +503,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, type == PSA_KEY_TYPE_RSA_KEYPAIR ) slot->data.rsa = mbedtls_pk_rsa( pk ); else - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; break; #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) @@ -515,15 +516,26 @@ psa_status_t psa_import_key( psa_key_slot_t key, psa_ecc_curve_t expected_curve = PSA_KEY_TYPE_GET_CURVE( type ); if( actual_curve != expected_curve ) - return( PSA_ERROR_INVALID_ARGUMENT ); + { + status = PSA_ERROR_INVALID_ARGUMENT; + break; + } slot->data.ecp = ecp; } else - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; break; #endif /* MBEDTLS_ECP_C */ default: - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; + break; + } + /* Free the content of the pk object only on error. On success, + * the content of the object has been stored in the slot. */ + if( status != PSA_SUCCESS ) + { + mbedtls_pk_free( &pk ); + return( status ); } } else From e7edf7bb20f9295f0e26cc09601d524aaf0377b0 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 27 Jun 2018 17:55:12 +0100 Subject: [PATCH 0300/2197] psa: Expect zero-length exported-public symmetric keys Because exporting-public a symmetric key fails, we have no reasonable expectation that the exported key length has any value at all other than something obviously incorrect or "empty", like a key with a length of 0. Our current implementation explicitly sets the exported key length to 0 on errors, so test for this. Fix the "PSA import/export-public: cannot export-public a symmetric key" test to expect a key length of 0 instead of 162. --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 265a6d5be..612a15220 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -103,7 +103,7 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5 PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED From 7baf0d57024b32b99b6dfaba74fca28cc006bde6 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Jun 2018 18:02:59 +0100 Subject: [PATCH 0301/2197] psa: doxygen: Fix parameters reference Doxygen interprets `\param` as starting documentation for a new param, or to extend a previously started `\param` documentation when the same reference is used. The intention here was to reference the function parameter, not extend the previous documentation. Use `\p` to refer to function parameters. --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 38735f2dc..9a1eec96a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1887,7 +1887,7 @@ psa_status_t psa_generate_random(uint8_t *output, * interpretation of this parameter depends on * \c type. All types support \c NULL to use * the default parameters specified below. - * \param parameters_size Size of the buffer that \param parameters + * \param parameters_size Size of the buffer that \p parameters * points to, in bytes. * * For any symmetric key type (type such that From 202d0793a228a718b20656033e0aab9a81a62df9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 08:48:24 +0200 Subject: [PATCH 0302/2197] Add import test cases with a key pair of the wrong type --- tests/suites/test_suite_psa_crypto.data | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 612a15220..957e574a4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -89,6 +89,10 @@ PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +PSA import RSA keypair: valid key but EC +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT + PSA import/export RSA keypair: good, 1023-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 @@ -113,10 +117,14 @@ PSA import/export EC secp384r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 -PSA import EC keypair secp384r1: wrong curve +PSA import EC keypair secp384r1: valid key but wrong curve depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair: valid key but RSA +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE From adb9b2372b9edd355e4d1a87cf8c742033264dd0 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Thu, 28 Jun 2018 01:52:54 -0700 Subject: [PATCH 0303/2197] fix PSA_BLOCK_CIPHER_BLOCK_SIZE() argument in test code --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0d056db2a..51e541902 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -108,9 +108,9 @@ static int exercise_cipher_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_DECRYPT ) { psa_status_t status; + psa_key_type_t type = PSA_KEY_TYPE_NONE; if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) { - psa_key_type_t type; size_t bits; TEST_ASSERT( psa_get_key_information( key, &type, &bits ) ); iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); @@ -130,7 +130,7 @@ static int exercise_cipher_key( psa_key_slot_t key, * if the input is some aribtrary data rather than an actual ciphertext, a padding error is likely. */ if( ( usage & PSA_KEY_USAGE_DECRYPT ) || - PSA_BLOCK_CIPHER_BLOCK_SIZE( alg ) == 1 ) + PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 ) TEST_ASSERT( status == PSA_SUCCESS ); else TEST_ASSERT( status == PSA_SUCCESS || From 2a671e9031a1a760d4d4cfb8fcc6c469052ec7da Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 27 Jun 2018 17:47:40 +0100 Subject: [PATCH 0304/2197] psa: export_public_key: Check for all zero on error --- tests/suites/test_suite_psa_crypto.function | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c67725d70..0d056db2a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -425,7 +425,7 @@ void import_export_public_key( data_t *data, psa_status_t status; unsigned char *exported = NULL; size_t export_size; - size_t exported_length; + size_t exported_length = INVALID_EXPORT_LENGTH; psa_key_type_t got_type; size_t got_bits; psa_key_policy_t policy; @@ -458,11 +458,12 @@ void import_export_public_key( data_t *data, exported, export_size, &exported_length ); TEST_ASSERT( status == expected_export_status ); + TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); + TEST_ASSERT( mem_is_zero( exported + exported_length, + export_size - exported_length ) ); if( status != PSA_SUCCESS ) goto destroy; - TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); - destroy: /* Destroy the key */ TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); From 7ed29c56f176d3ce4e5d9258da22bd5990cb81d3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 15:50:08 +0200 Subject: [PATCH 0305/2197] Rename PSA_ALG_RSA_GET_HASH to PSA_ALG_SIGN_GET_HASH And don't use it for HMAC when there's a perfectly serviceable PSA_ALG_HMAC_HASH. HMAC isn't hash-and-sign. --- include/psa/crypto.h | 58 +++++++++++++++++++++++++++++--------------- library/psa_crypto.c | 2 +- 2 files changed, 40 insertions(+), 20 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9a1eec96a..90f5b6426 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -632,8 +632,28 @@ typedef uint32_t psa_algorithm_t; (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_OAEP_MGF1(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_BASE) -#define PSA_ALG_RSA_GET_HASH(alg) \ - (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) +/** Get the hash used by a hash-and-sign signature algorithm. + * + * A hash-and-sign algorithm is a signature algorithm which is + * composed of two phases: first a hashing phase which does not use + * the key and produces a hash of the input message, then a signing + * phase which only uses the hash and the key and not the message + * itself. + * + * \param alg A signature algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_SIGN(alg) is true). + * + * \return The underlying hash algorithm if \p alg is a hash-and-sign + * algorithm. + * \return 0 if \p alg is a signature algorithm that does not + * follow the hash-and-sign structure. + * \return Unspecified if \p alg is not a signature algorithm or + * if it is not supported by the implementation. + */ +#define PSA_ALG_SIGN_GET_HASH(alg) \ + (PSA_ALG_IS_SIGN(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) #define PSA_ALG_ECDSA_RAW ((psa_algorithm_t)0x10030000) @@ -994,23 +1014,23 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * An implementation may return either 0 or the correct size * for a hash algorithm that it recognizes, but does not support. */ -#define PSA_HASH_SIZE(alg) \ - ( \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ - PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ +#define PSA_HASH_SIZE(alg) \ + ( \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ + PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ 0) /** Start a multipart hash operation. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dbeeef6ae..44867dc48 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1617,7 +1617,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, size_t hash_length, mbedtls_md_type_t *md_alg ) { - psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); if( *md_alg == MBEDTLS_MD_NONE ) From a9a3c23ccd439e79b37ee80071eddd01ec2fcd2a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 08:49:03 +0200 Subject: [PATCH 0306/2197] Fix a config dependency in a test case --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 957e574a4..961cb7385 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -118,7 +118,7 @@ depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import EC keypair secp384r1: valid key but wrong curve -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: valid key but RSA From 65fa0b84339ac07ec93db350a11437b46752c188 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Thu, 28 Jun 2018 02:14:00 -0700 Subject: [PATCH 0307/2197] fix if condition to validate encrypt key usage --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 51e541902..6bcc65f31 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -129,7 +129,7 @@ static int exercise_cipher_key( psa_key_slot_t key, /* For a stream cipher, all inputs are valid. For a block cipher, * if the input is some aribtrary data rather than an actual ciphertext, a padding error is likely. */ - if( ( usage & PSA_KEY_USAGE_DECRYPT ) || + if( ( usage & PSA_KEY_USAGE_ENCRYPT ) || PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 ) TEST_ASSERT( status == PSA_SUCCESS ); else From ea4469f8d1dde253f873b226fbe3a9e959c89395 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 13:57:23 +0200 Subject: [PATCH 0308/2197] Fix parameter name in Doxygen documentation --- include/psa/crypto.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 90f5b6426..8988be105 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -574,11 +574,12 @@ typedef uint32_t psa_algorithm_t; * * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256. * - * \param alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). * - * \return The corresponding HMAC algorithm. - * \return Unspecified if \p alg is not a hash algorithm. + * \return The corresponding HMAC algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. */ #define PSA_ALG_HMAC(hash_alg) \ (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) From 559d2f6d3e404a6fb95f59ed945d9de2cd029888 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 10:29:10 +0200 Subject: [PATCH 0309/2197] Add bad-type import tests with coinciding key sizes Add a negative test for import where the expected key is an EC key with the correct key size, but the wrong curve. Change the test that tries to import an RSA key when an EC key is expected to have the expected key size. --- tests/suites/test_suite_psa_crypto.data | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 961cb7385..5bdc718c6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -117,13 +117,17 @@ PSA import/export EC secp384r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 -PSA import EC keypair secp384r1: valid key but wrong curve +PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT + PSA import EC keypair: valid key but RSA -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C +import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE From 9e73ff17d43bf9a88b7d96bbcf24ca4b7e75c55c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 21:25:40 +0200 Subject: [PATCH 0310/2197] Add missing parameters to some documentation tests/scripts/doxygen.sh now passes. --- include/psa/crypto.h | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8988be105..e6911238c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1212,13 +1212,18 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * * This is also the MAC size that psa_mac_verify() expects. * - * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_MAC(alg) is true). + * \param key_type The type of the MAC key. + * \param key_bits The size of the MAC key in bits. + * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_MAC(alg) is true). * - * \return The MAC size for the specified algorithm. - * If the MAC algorithm is not recognized, return 0. - * An implementation may return either 0 or the correct size - * for a MAC algorithm that it recognizes, but does not support. + * \return The MAC size for the specified algorithm with + * the specified key parameters. + * \return 0 if the MAC algorithm is not recognized. + * \return Either 0 or the correct size for a MAC algorithm that + * the implementation recognizes, but does not support. + * \return Unspecified if the key parameters are not consistent + * with the algorithm. */ #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ @@ -1250,6 +1255,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort(). * * \param operation The operation object to use. + * \param key Slot containing the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). * @@ -1326,6 +1332,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param operation The operation object to use. + * \param key Slot containing the key to use for the operation. * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_CIPHER(alg) is true). * @@ -1373,6 +1380,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param operation The operation object to use. + * \param key Slot containing the key to use for the operation. * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_CIPHER(alg) is true). * From 55bf3d117124f21a28d2b57e0549ab266d1deb78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 15:53:48 +0200 Subject: [PATCH 0311/2197] Sort out RSA mechanisms * PSS needs to be parametrized by a hash. * Don't use `_MGF1` in the names of macros for OAEP and PSS. No one ever uses anything else. * Add brief documentation for the RSA signature mechanisms. --- include/psa/crypto.h | 60 ++++++++++++++++++++----- library/psa_crypto.c | 8 ++-- tests/suites/test_suite_psa_crypto.data | 2 +- 3 files changed, 55 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e6911238c..32e0f3d83 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -621,18 +621,52 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) -#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW ((psa_algorithm_t)0x10010000) -#define PSA_ALG_RSA_PSS_MGF1 ((psa_algorithm_t)0x10020000) -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12010000) -#define PSA_ALG_RSA_OAEP_MGF1_BASE ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) +/** RSA PKCS#1 v1.5 signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PKCS1-v1_5. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) + (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Raw PKCS#1 v1.5 signature. + * + * The input to this algorithm is the DigestInfo structure used by + * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2 + * steps 3–6. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) -#define PSA_ALG_RSA_OAEP_MGF1(hash_alg) \ - (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_OAEP_MGF1(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_BASE) + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +/** RSA PSS signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PSS, with the message generation function MGF1. The specified + * hash algorithm is used to hash the input message, to create the + * salted hash, and for the mask generation. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The corresponding RSA PSS signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PSS(hash_alg) \ + (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PSS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) + /** Get the hash used by a hash-and-sign signature algorithm. * * A hash-and-sign algorithm is a signature algorithm which is @@ -657,6 +691,12 @@ typedef uint32_t psa_algorithm_t; 0) #define PSA_ALG_ECDSA_RAW ((psa_algorithm_t)0x10030000) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +#define PSA_ALG_RSA_OAEP(hash_alg) \ + (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_OAEP(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 44867dc48..a4fac648e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1690,7 +1690,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, else #endif /* MBEDTLS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) - if( alg == PSA_ALG_RSA_PSS_MGF1 ) + if( PSA_ALG_IS_RSA_PSS( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); ret = mbedtls_rsa_rsassa_pss_sign( rsa, @@ -1789,7 +1789,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, else #endif /* MBEDTLS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) - if( alg == PSA_ALG_RSA_PSS_MGF1 ) + if( PSA_ALG_IS_RSA_PSS( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); ret = mbedtls_rsa_rsassa_pss_verify( rsa, @@ -1872,7 +1872,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, else #endif /* MBEDTLS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) - if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) ) + if( PSA_ALG_IS_RSA_OAEP( alg ) ) { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -1941,7 +1941,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, else #endif /* MBEDTLS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) - if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) ) + if( PSA_ALG_IS_RSA_OAEP( alg ) ) { return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5bdc718c6..d3186783d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -503,7 +503,7 @@ PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128 PSA signature size: RSA keypair, 1024 bits, PSS -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128 +signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128 PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 From 08bac713dfb06ae152beaa80b8c8f3d4d5bb69e0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 16:14:46 +0200 Subject: [PATCH 0312/2197] Clarify that asymmetric_{sign,verify} operate on a hash --- include/psa/crypto.h | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 32e0f3d83..b67f322f3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1715,10 +1715,16 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, /** * \brief Sign a hash or short message with a private key. * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_start(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * * \param key Key slot containing an asymmetric key pair. * \param alg A signature algorithm that is compatible with * the type of \c key. - * \param hash The message to sign. + * \param hash The hash or message to sign. * \param hash_length Size of the \c hash buffer in bytes. * \param salt A salt or label, if supported by the signature * algorithm. @@ -1762,11 +1768,18 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, /** * \brief Verify the signature a hash or short message using a public key. * + * Note that to perform a hash-and-sign signature algorithm, you must + * first calculate the hash by calling psa_hash_start(), psa_hash_update() + * and psa_hash_finish(). Then pass the resulting hash as the \p hash + * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) + * to determine the hash algorithm to use. + * * \param key Key slot containing a public key or an * asymmetric key pair. * \param alg A signature algorithm that is compatible with * the type of \c key. - * \param hash The message whose signature is to be verified. + * \param hash The hash or message whose signature is to be + * verified. * \param hash_length Size of the \c hash buffer in bytes. * \param salt A salt or label, if supported by the signature * algorithm. From e9191ff90bb3c3c71a6f73a5159613faf9991a70 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 14:58:41 +0200 Subject: [PATCH 0313/2197] Add missing const for signature parameter of psa_asymmetric_verify --- include/psa/crypto.h | 2 +- library/psa_crypto.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b67f322f3..4f1fd7d91 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1811,7 +1811,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, size_t hash_length, const uint8_t *salt, size_t salt_length, - uint8_t *signature, + const uint8_t *signature, size_t signature_size); #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a4fac648e..c7a44f6a7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1741,7 +1741,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, size_t hash_length, const uint8_t *salt, size_t salt_length, - uint8_t *signature, + const uint8_t *signature, size_t signature_size ) { key_slot_t *slot; From 526fab0066cb4ab06bf3b291d2a718131010d165 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 18:19:40 +0200 Subject: [PATCH 0314/2197] Fix parameter name signature_size for psa_asymmetric_verify It should have been signature_length, following our conventions. --- include/psa/crypto.h | 4 ++-- library/psa_crypto.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4f1fd7d91..62334dd6b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1791,7 +1791,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \param salt_length Size of the \c salt buffer in bytes. * If \c salt is \c NULL, pass 0. * \param signature Buffer containing the signature to verify. - * \param signature_size Size of the \c signature buffer in bytes. + * \param signature_length Size of the \c signature buffer in bytes. * * \retval PSA_SUCCESS * The signature is valid. @@ -1812,7 +1812,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, const uint8_t *salt, size_t salt_length, const uint8_t *signature, - size_t signature_size); + size_t signature_length); #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c7a44f6a7..35adbb4ae 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1742,7 +1742,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, const uint8_t *salt, size_t salt_length, const uint8_t *signature, - size_t signature_size ) + size_t signature_length ) { key_slot_t *slot; psa_status_t status; @@ -1768,7 +1768,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, if( status != PSA_SUCCESS ) return( status ); - if( signature_size < rsa->len ) + if( signature_length < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) @@ -1815,7 +1815,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, int ret; (void) alg; ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, - signature, signature_size ); + signature, signature_length ); return( mbedtls_to_psa_error( ret ) ); } else From a81d85b732d077e2fde8745a011cf7f36277e0a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 16:10:23 +0200 Subject: [PATCH 0315/2197] Sort out ECDSA mechanisms * Distinguish randomized ECDSA from deterministic ECDSA. * Deterministic ECDSA needs to be parametrized by a hash. * Randomized ECDSA only uses the hash for the initial hash step, but add ECDSA(hash) algorithms anyway so that all the signature algorithms encode the initial hashing step. * Add brief documentation for the ECDSA signature mechanisms. * Also define DSA signature mechanisms while I'm at it. There were already key types for DSA. --- include/psa/crypto.h | 81 ++++++++++++++++- library/psa_crypto.c | 116 ++++++++++++++++++++---- tests/suites/test_suite_psa_crypto.data | 32 ++++--- 3 files changed, 194 insertions(+), 35 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 62334dd6b..2f972d37d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -667,6 +667,83 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_IS_RSA_PSS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) +#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) +/** DSA signature with hashing. + * + * This is the signature scheme defined by FIPS 186-4, + * with a random per-message secret number (*k*). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The corresponding DSA signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DSA(hash_alg) \ + (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) +#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_DSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_DSA_BASE) +#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) + +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +/** ECDSA signature with hashing. + * + * This is the ECDSA signature scheme defined by ANSI X9.62, + * with a random per-message secret number (*k*). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The corresponding ECDSA signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_ECDSA(hash_alg) \ + (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** ECDSA signature without hashing. + * + * This is the signature scheme defined by ANSI X9.62, + * without specifying a hash algorithm. This algorithm may only be + * used to sign or verify a sequence of bytes that should be an + * already-calculated hash. Note that the input is padded with + * zeros on the left or truncated on the left as required to fit + * the curve size. + */ +#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +/** Deterministic ECDSA signature with hashing. + * + * This is the deterministic ECDSA signature scheme defined by RFC 6979. + * + * Note that when this algorithm is used for verification, signatures + * made with randomized ECDSA (#PSA_ALG_ECDSA(\c hash_alg)) with the + * same private key are accepted. In other words, + * #PSA_ALG_DETERMINISTIC_ECDSA(\c hash_alg) differs from + * #PSA_ALG_ECDSA(\c hash_alg) only for signature, not for verification. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(alg) is true). + * + * \return The corresponding deterministic ECDSA signature + * algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_ECDSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_ECDSA_BASE) +#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) + /** Get the hash used by a hash-and-sign signature algorithm. * * A hash-and-sign algorithm is a signature algorithm which is @@ -686,11 +763,11 @@ typedef uint32_t psa_algorithm_t; * if it is not supported by the implementation. */ #define PSA_ALG_SIGN_GET_HASH(alg) \ - (PSA_ALG_IS_SIGN(alg) ? \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) -#define PSA_ALG_ECDSA_RAW ((psa_algorithm_t)0x10030000) #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) #define PSA_ALG_RSA_OAEP(hash_alg) \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 35adbb4ae..ffc587a1e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -40,6 +40,8 @@ #include "mbedtls/arc4.h" #include "mbedtls/asn1.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/bignum.h" #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/cipher.h" @@ -1637,6 +1639,74 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, return( PSA_SUCCESS ); } +#if defined(MBEDTLS_ECDSA_C) +/* Temporary copy from ecdsa.c */ +static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, + unsigned char *sig, size_t *slen ) +{ + int ret; + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; + unsigned char *p = buf + sizeof( buf ); + size_t len = 0; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + + memcpy( sig, p, len ); + *slen = len; + + return( 0 ); +} + +/* `ecp` cannot be const because `ecp->grp` needs to be non-const + * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det() + * (even though these functions don't modify it). */ +static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + int ret; + mbedtls_mpi r, s; + mbedtls_mpi_init( &r ); + mbedtls_mpi_init( &s ); + + if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecp->grp.pbits ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) ) + { + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); + mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); + MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp->grp, &r, &s, &ecp->d, + hash, hash_length, + md_alg ) ); + } + else + { + MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d, + hash, hash_length, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ) ); + } + MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, + signature, signature_length ) ); + +cleanup: + mbedtls_mpi_free( &r ); + mbedtls_mpi_free( &s ); + return( mbedtls_to_psa_error( ret ) ); +} +#endif /* MBEDTLS_ECDSA_C */ + psa_status_t psa_asymmetric_sign( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, @@ -1714,19 +1784,19 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) { - mbedtls_ecp_keypair *ecdsa = slot->data.ecp; - int ret; - const mbedtls_md_info_t *md_info; - mbedtls_md_type_t md_alg; - if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecdsa->grp.pbits ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - md_info = mbedtls_md_info_from_psa( alg ); - md_alg = mbedtls_md_get_type( md_info ); - ret = mbedtls_ecdsa_write_signature( ecdsa, md_alg, hash, hash_length, - signature, signature_length, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg ); - return( mbedtls_to_psa_error( ret ) ); +#if defined(MBEDTLS_ECDSA_C) + if( PSA_ALG_IS_ECDSA( alg ) ) + status = psa_ecdsa_sign( slot->data.ecp, + alg, + hash, hash_length, + signature, signature_size, + signature_length ); + else +#endif /* defined(MBEDTLS_ECDSA_C) */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + return( status ); } else #endif /* defined(MBEDTLS_ECP_C) */ @@ -1811,12 +1881,20 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) { - mbedtls_ecp_keypair *ecdsa = slot->data.ecp; - int ret; - (void) alg; - ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, - signature, signature_length ); - return( mbedtls_to_psa_error( ret ) ); +#if defined(MBEDTLS_ECDSA_C) + if( PSA_ALG_IS_ECDSA( alg ) ) + { + int ret; + ret = mbedtls_ecdsa_read_signature( slot->data.ecp, + hash, hash_length, + signature, signature_length ); + return( mbedtls_to_psa_error( ret ) ); + } + else +#endif /* defined(MBEDTLS_ECDSA_C) */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } } else #endif /* defined(MBEDTLS_ECP_C) */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d3186783d..17e3a5538 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -111,11 +111,11 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export EC secp384r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED @@ -518,9 +518,9 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA sign: RSA PKCS#1 v1.5 SHA-256 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA sign: ECDSA SECP256R1 SHA-256 +PSA sign: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT @@ -528,13 +528,13 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: ECDSA SECP256R1 SHA-256, output buffer too small +PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: ECDSA SECP256R1, invalid hash +PSA sign: deterministic ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -548,9 +548,13 @@ PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE -PSA verify: ECDSA SECP256R1 SHA-256 +PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" + +PSA verify: ECDSA SECP256R1, wrong signature +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -662,9 +666,9 @@ depends_on:MBEDTLS_RSA_C generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS PSA generate key: ECC, SECP256R1, good -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW | PSA_ALG_SHA_256:PSA_SUCCESS +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C +generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS PSA generate key: ECC, SECP256R1, incorrect bit size -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C +generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT From a680c7a9fcf7765dd35a177e9b6ddd607520ab3f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 16:12:43 +0200 Subject: [PATCH 0316/2197] Add import-and-exercise tests for some signature algorithms --- tests/suites/test_suite_psa_crypto.data | 12 ++++ tests/suites/test_suite_psa_crypto.function | 61 +++++++++++++++++++++ 2 files changed, 73 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 17e3a5538..2f9035438 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -511,6 +511,18 @@ signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 +PSA import/exercise RSA keypair, PKCS#1 v1.5 raw +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW + +PSA import/exercise: ECP SECP256R1 keypair, ECDSA +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C +import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY + +PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) + PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6bcc65f31..446af5a19 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -476,6 +476,67 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void import_and_exercise_key( data_t *data, + int type_arg, + int bits_arg, + int alg_arg ) +{ + int slot = 1; + psa_key_type_t type = type_arg; + size_t bits = bits_arg; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage = + ( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ? + ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_VERIFY : + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) : + PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || + PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ? + ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) : + 0 ); + psa_key_policy_t policy; + psa_key_type_t got_type; + size_t got_bits; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + /* Import the key */ + status = psa_import_key( slot, type, data->x, data->len ); + TEST_ASSERT( status == PSA_SUCCESS ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( slot, + &got_type, + &got_bits ) == PSA_SUCCESS ); + TEST_ASSERT( got_type == type ); + TEST_ASSERT( got_bits == bits ); + + /* Do something with the key according to its type and permitted usage. */ + if( PSA_ALG_IS_MAC( alg ) ) + exercise_mac_key( slot, usage, alg ); + else if( PSA_ALG_IS_CIPHER( alg ) ) + exercise_cipher_key( slot, usage, alg ); + else if( PSA_ALG_IS_AEAD( alg ) ) + exercise_aead_key( slot, usage, alg ); + else if( PSA_ALG_IS_SIGN( alg ) ) + exercise_signature_key( slot, usage, alg ); + else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) + exercise_asymmetric_encryption_key( slot, usage, alg ); + +exit: + psa_destroy_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_policy( int usage_arg, int alg_arg ) { From 2853849498e8a69ff237c52cea29b23d488cb307 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 11 Jul 2018 17:34:00 +0200 Subject: [PATCH 0317/2197] Doxygen: linkify references to macro names --- include/psa/crypto.h | 380 +++++++++++++++++++++---------------------- 1 file changed, 190 insertions(+), 190 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a30af423a..f1c836834 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -301,12 +301,12 @@ typedef int32_t psa_status_t; * Applications may call this function more than once. Once a call * succeeds, subsequent calls are guaranteed to succeed. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED - * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY */ psa_status_t psa_crypto_init(void); @@ -354,7 +354,7 @@ typedef uint32_t psa_key_type_t; * used for. * * HMAC keys should generally have the same size as the underlying hash. - * This size can be calculated with `PSA_HASH_SIZE(alg)` where + * This size can be calculated with #PSA_HASH_SIZE(`alg`) where * `alg` is the HMAC algorithm or the underlying hash algorithm. */ #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. @@ -802,21 +802,21 @@ typedef uint32_t psa_algorithm_t; * \param data Buffer containing the key data. * \param data_length Size of the \c data buffer in bytes. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the * implementation in general or in this particular slot. - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, * or the key data is not correctly formatted. - * \retval PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_OCCUPIED_SLOT * There is already a key in the specified slot. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_INSUFFICIENT_STORAGE - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type, @@ -836,22 +836,22 @@ psa_status_t psa_import_key(psa_key_slot_t key, * * \param key The key slot to erase. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. - * \retval PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_NOT_PERMITTED * The slot holds content and cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT * The specified slot number does not designate a valid slot. - * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE * There was an failure in communication with the cryptoprocessor. * The key material may still be present in the cryptoprocessor. - * \retval PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE * The storage is corrupted. Implementations shall make a best effort * to erase key material even in this stage, however applications * should be aware that it may be impossible to guarantee that the * key material is not recoverable in such cases. - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_TAMPERING_DETECTED * An unexpected condition which is not a storage corruption or * a communication failure occurred. The cryptoprocessor may have * been compromised. @@ -870,11 +870,11 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * This may be a null pointer, in which case the key size * is not written. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, @@ -912,12 +912,12 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * \param data_length On success, the number of bytes * that make up the key data. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, @@ -943,12 +943,12 @@ psa_status_t psa_export_key(psa_key_slot_t key, * \param data_length On success, the number of bytes * that make up the key data. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_INVALID_ARGUMENT - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data, @@ -1075,13 +1075,13 @@ typedef uint32_t psa_key_lifetime_t; * \param key Slot to query. * \param lifetime On success, the lifetime value. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid. - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); @@ -1095,20 +1095,20 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * \param key Slot whose lifetime is to be changed. * \param lifetime The lifetime value to set for the given key slot. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, * or the lifetime value is invalid. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * The implementation does not support the specified lifetime value, * at least for the specified key slot. - * \retval PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_OCCUPIED_SLOT * The slot contains a key, and the implementation does not support * changing the lifetime of an occupied slot. - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime); @@ -1132,7 +1132,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * * \param alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm - * (`PSA_ALG_HMAC(hash_alg)` where `hash_alg` is a + * (#PSA_ALG_HMAC(`hash_alg`) where `hash_alg` is a * hash algorithm). * * \return The hash size for the specified hash algorithm. @@ -1185,14 +1185,14 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_HASH(alg) is true). * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a hash algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg); @@ -1207,14 +1207,14 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \param input Buffer containing the message fragment to hash. * \param input_length Size of the \c input buffer in bytes. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or already completed). - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, @@ -1244,18 +1244,18 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * #PSA_HASH_SIZE(alg) where \c alg is the * hash algorithm that is calculated. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or already completed). - * \retval PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_SIZE(alg) * where \c alg is the hash algorithm that is calculated. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, @@ -1281,17 +1281,17 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \param hash Buffer containing the expected hash value. * \param hash_length Size of the \c hash buffer in bytes. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The expected hash is identical to the actual hash of the message. - * \retval PSA_ERROR_INVALID_SIGNATURE + * \retval #PSA_ERROR_INVALID_SIGNATURE * The hash of the message was calculated successfully, but it * differs from the expected hash. - * \retval PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or already completed). - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, @@ -1311,12 +1311,12 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * * \param operation Active hash operation. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_BAD_STATE + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE * \c operation is not an active hash operation. - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); @@ -1365,18 +1365,18 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a MAC algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_slot_t key, @@ -1413,18 +1413,18 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a MAC algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_slot_t key, @@ -1490,18 +1490,18 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_CIPHER(alg) is true). * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a cipher algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, @@ -1538,18 +1538,18 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_CIPHER(alg) is true). * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a cipher algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, @@ -1632,18 +1632,18 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \param ciphertext_length On success, the size of the output * in the \b ciphertext buffer. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not an AEAD algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_aead_encrypt( psa_key_slot_t key, psa_algorithm_t alg, @@ -1683,20 +1683,20 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * \param plaintext_length On success, the size of the output * in the \b plaintext buffer. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_EMPTY_SLOT - * \retval PSA_ERROR_INVALID_SIGNATURE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_INVALID_SIGNATURE * The ciphertext is not authentic. - * \retval PSA_ERROR_NOT_PERMITTED - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not an AEAD algorithm. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_aead_decrypt( psa_key_slot_t key, psa_algorithm_t alg, @@ -1755,20 +1755,20 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * \param signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \c key. - * \retval PSA_ERROR_NOT_SUPPORTED - * \retval PSA_ERROR_INVALID_ARGUMENT - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED - * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY */ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, @@ -1808,17 +1808,17 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \param signature Buffer containing the signature to verify. * \param signature_length Size of the \c signature buffer in bytes. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * The signature is valid. - * \retval PSA_ERROR_INVALID_SIGNATURE + * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was perfomed successfully, but the passed * signature is not a valid signature. - * \retval PSA_ERROR_NOT_SUPPORTED - * \retval PSA_ERROR_INVALID_ARGUMENT - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, @@ -1860,20 +1860,20 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * \param output_length On success, the number of bytes * that make up the returned output. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \c key. - * \retval PSA_ERROR_NOT_SUPPORTED - * \retval PSA_ERROR_INVALID_ARGUMENT - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED - * \retval PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY */ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -1910,21 +1910,21 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * \param output_length On success, the number of bytes * that make up the returned output. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \c key. - * \retval PSA_ERROR_NOT_SUPPORTED - * \retval PSA_ERROR_INVALID_ARGUMENT - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED - * \retval PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INVALID_PADDING */ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -1954,12 +1954,12 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, * \param output Output buffer for the generated data. * \param output_size Number of bytes to generate and output. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_NOT_SUPPORTED - * \retval PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_generate_random(uint8_t *output, size_t output_size); @@ -1979,8 +1979,8 @@ psa_status_t psa_generate_random(uint8_t *output, * \param parameters_size Size of the buffer that \p parameters * points to, in bytes. * - * For any symmetric key type (type such that - * `PSA_KEY_TYPE_IS_ASYMMETRIC(type)` is false), \c parameters must be + * For any symmetric key type (a type such that + * #PSA_KEY_TYPE_IS_ASYMMETRIC(`type`) is false), \c parameters must be * \c NULL. For asymmetric key types defined by this specification, * the parameter type and the default parameters are defined by the * table below. For vendor-defined key types, the vendor documentation @@ -1990,14 +1990,14 @@ psa_status_t psa_generate_random(uint8_t *output, * ---- | -------------- | ------- | --------------------------------------- * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537 * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_NOT_SUPPORTED - * \retval PSA_ERROR_INVALID_ARGUMENT - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, From 0cad07c2fb0f34b2ad8502433b0e387408e97e21 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 19:49:02 +0200 Subject: [PATCH 0318/2197] New header crypto_sizes.h This header will contain macros that calculate buffer sizes, whose semantics are standardized but whose definitions are implementation-specific because they depend on the available algorithms and on some permitted buffer size tolerances. Move size macros from crypto_struct.h to crypto_sizes.h, because these definitions need to be available both in the frontend and in the backend, whereas structures have different contents. --- include/psa/crypto.h | 4 +++ include/psa/crypto_sizes.h | 50 +++++++++++++++++++++++++++++++++++++ include/psa/crypto_struct.h | 8 ------ 3 files changed, 54 insertions(+), 8 deletions(-) create mode 100644 include/psa/crypto_sizes.h diff --git a/include/psa/crypto.h b/include/psa/crypto.h index dcf1ba227..8f3a7f039 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2070,6 +2070,10 @@ psa_status_t psa_generate_key(psa_key_slot_t key, } #endif +/* The file "crypto_sizes.h" contains definitions for size calculation + * macros whose definitions are implementation-specific. */ +#include "crypto_sizes.h" + /* The file "crypto_struct.h" contains definitions for * implementation-specific structs that are declared above. */ #include "crypto_struct.h" diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h new file mode 100644 index 000000000..1de26e6d6 --- /dev/null +++ b/include/psa/crypto_sizes.h @@ -0,0 +1,50 @@ +/** + * \file psa/crypto_sizes.h + * + * \brief PSA cryptography module: Mbed TLS buffer size macros + * + * This file contains the definitions of macros that are useful to + * compute buffer sizes. The signatures and semantics of these macros + * are standardized, but the definitions are not, because they depend on + * the available algorithms and, in some cases, on permitted tolerances + * on buffer sizes. + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_SIZES_H +#define PSA_CRYPTO_SIZES_H + +/* Include the Mbed TLS configuration file, the way Mbed TLS does it + * in each of its header files. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "../mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SHA512_C) +#define PSA_HASH_MAX_SIZE 64 +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 +#else +#define PSA_HASH_MAX_SIZE 32 +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 +#endif + +#endif /* PSA_CRYPTO_SIZES_H */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 0dbd86c18..1935f9099 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -45,14 +45,6 @@ #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#if defined(MBEDTLS_SHA512_C) -#define PSA_HASH_MAX_SIZE 64 -#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 -#else -#define PSA_HASH_MAX_SIZE 32 -#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 -#endif - struct psa_hash_operation_s { psa_algorithm_t alg; From ca45c35e65818ec2e2c13291053d2f7a20e709a0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 16:13:09 +0200 Subject: [PATCH 0319/2197] Fix exercise_signature_key for ECDSA mbedtls_ecdsa_verify fails when the input is all-bits-zero (mbedtls issue #1792). Use a different input. --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 446af5a19..cb6da7f44 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -189,7 +189,7 @@ static int exercise_signature_key( psa_key_slot_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { - unsigned char payload[16] = {0}; + unsigned char payload[16] = {1}; size_t payload_length = sizeof( payload ); unsigned char signature[256] = {0}; size_t signature_length = sizeof( signature ); From 5d1888ebc547535294f20e9041680911b5d99e1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 00:32:42 +0200 Subject: [PATCH 0320/2197] Rename PSA_ALG_STREAM_CIPHER -> PSA_ALG_STREAM_CIPHER_BASE Follow the usual naming convention: PSA_ALG_xxx_BASE for a constant that isn't an algorithm, just used to build one. --- include/psa/crypto.h | 5 +++-- library/psa_crypto.c | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f1c836834..95fe42d69 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -610,13 +610,14 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) #define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) -#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800000) + +#define PSA_ALG_STREAM_CIPHER_BASE ((psa_algorithm_t)0x04800000) #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) #define PSA_ALG_IS_STREAM_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ - PSA_ALG_STREAM_CIPHER) + PSA_ALG_STREAM_CIPHER_BASE) #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9145a6df1..50a99904c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1191,7 +1191,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch( alg ) { - case PSA_ALG_STREAM_CIPHER: + case PSA_ALG_STREAM_CIPHER_BASE: mode = MBEDTLS_MODE_STREAM; break; case PSA_ALG_CBC_BASE: From 49cee6c582397a55a753bffe20acc52d84ef6327 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 21:03:58 +0200 Subject: [PATCH 0321/2197] Move implementation-dependent size macros to crypto_sizes.h Macros such as PSA_HASH_SIZE whose definitions can be the same everywhere except in implementations that support non-standard algorithms remain in crypto.h, at least for the time being. --- include/psa/crypto.h | 110 ----------------------------------- include/psa/crypto_sizes.h | 115 +++++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+), 110 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8f3a7f039..e29a464de 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1333,28 +1333,6 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * as directed by the documentation of a specific implementation. */ typedef struct psa_mac_operation_s psa_mac_operation_t; -/** The size of the output of psa_mac_finish(), in bytes. - * - * This is also the MAC size that psa_mac_verify() expects. - * - * \param key_type The type of the MAC key. - * \param key_bits The size of the MAC key in bits. - * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_MAC(alg) is true). - * - * \return The MAC size for the specified algorithm with - * the specified key parameters. - * \return 0 if the MAC algorithm is not recognized. - * \return Either 0 or the correct size for a MAC algorithm that - * the implementation recognizes, but does not support. - * \return Unspecified if the key parameters are not consistent - * with the algorithm. - */ -#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ - (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ - PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ - 0) - /** Start a multipart MAC operation. * * The sequence of operations to calculate a MAC (message authentication code) @@ -1575,30 +1553,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); (alg) == PSA_ALG_CCM ? 16 : \ 0) -/** The maximum size of the output of psa_aead_encrypt(), in bytes. - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_aead_encrypt() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the ciphertext may be smaller. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). - * \param plaintext_length Size of the plaintext in bytes. - * - * \return The AEAD ciphertext size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) : \ - 0) - /** Process an authenticated encryption operation. * * \param key Slot containing the key to use. @@ -1652,30 +1606,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t ciphertext_size, size_t *ciphertext_length ); -/** The maximum size of the output of psa_aead_decrypt(), in bytes. - * - * If the size of the plaintext buffer is at least this large, it is - * guaranteed that psa_aead_decrypt() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the plaintext may be smaller. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). - * \param ciphertext_length Size of the plaintext in bytes. - * - * \return The AEAD ciphertext size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ - (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) : \ - 0) - /** Process an authenticated decryption operation. * * \param key Slot containing the key to use. @@ -1746,38 +1676,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ (PSA_BITS_TO_BYTES(curve_bits) * 2) -/** Safe signature buffer size for psa_asymmetric_sign(). - * - * This macro returns a safe buffer size for a signature using a key - * of the specified type and size, with the specified algorithm. - * Note that the actual size of the signature may be smaller - * (some algorithms produce a variable-size signature). - * - * \warning This function may call its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param key_type An asymmetric key type (this may indifferently be a - * key pair type or a public key type). - * \param key_bits The size of the key in bits. - * \param alg The signature algorithm. - * - * \return If the parameters are valid and supported, return - * a buffer size in bytes that guarantees that - * psa_asymmetric_sign() will not fail with - * #PSA_ERROR_BUFFER_TOO_SMALL. - * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a - * sensible size or 0. - * If the parameters are not valid, the - * return value is unspecified. - * - */ -#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ - PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ - ((void)alg, 0)) - /** * \brief Sign a hash or short message with a private key. * @@ -1880,18 +1778,10 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, const uint8_t *signature, size_t signature_length); -#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ - 0) #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ (PSA_ALG_IS_RSA_OAEP_MGF1(alg) ? \ 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_GET_HASH(alg)) + 1 : \ 11 /*PKCS#1v1.5*/) -#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ - 0) /** * \brief Encrypt a short message with a public key. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 1de26e6d6..d7eab4e61 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -8,6 +8,9 @@ * are standardized, but the definitions are not, because they depend on * the available algorithms and, in some cases, on permitted tolerances * on buffer sizes. + * + * Macros that compute sizes whose values do not depend on the + * implementation are in crypto.h. */ /* * Copyright (C) 2018, ARM Limited, All Rights Reserved @@ -47,4 +50,116 @@ #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 #endif + +/** The size of the output of psa_mac_finish(), in bytes. + * + * This is also the MAC size that psa_mac_verify() expects. + * + * \param key_type The type of the MAC key. + * \param key_bits The size of the MAC key in bits. + * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_MAC(alg) is true). + * + * \return The MAC size for the specified algorithm with + * the specified key parameters. + * \return 0 if the MAC algorithm is not recognized. + * \return Either 0 or the correct size for a MAC algorithm that + * the implementation recognizes, but does not support. + * \return Unspecified if the key parameters are not consistent + * with the algorithm. + */ +#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ + (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ + PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ + 0) + +/** The maximum size of the output of psa_aead_encrypt(), in bytes. + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_encrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * \param plaintext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ + (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) : \ + 0) + +/** The maximum size of the output of psa_aead_decrypt(), in bytes. + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_decrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the plaintext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * \param ciphertext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ + (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) : \ + 0) + +/** Safe signature buffer size for psa_asymmetric_sign(). + * + * This macro returns a safe buffer size for a signature using a key + * of the specified type and size, with the specified algorithm. + * Note that the actual size of the signature may be smaller + * (some algorithms produce a variable-size signature). + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_sign() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + * + */ +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ + ((void)alg, 0)) + +#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + 0) +#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? \ + PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ + 0) + #endif /* PSA_CRYPTO_SIZES_H */ From eae6eee24c1c09839efcbaf38669073fc6239fa9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 13:56:01 +0200 Subject: [PATCH 0322/2197] Change ECDSA signature representation to r||s Change the representation of an ECDSA signature from the ASN.1 DER encoding used in TLS and X.509, to the concatenation of r and s in big-endian order with a fixed size. A fixed size helps memory and buffer management and this representation is generally easier to use for anything that doesn't require the ASN.1 representation. This is the same representation as PKCS#11 (Cryptoki) except that PKCS#11 allows r and s to be truncated (both to the same length), which complicates the implementation and negates the advantage of a fixed-size representation. --- include/psa/crypto.h | 39 ++++------- library/psa_crypto.c | 86 +++++++++++++++---------- tests/suites/test_suite_psa_crypto.data | 14 ++-- 3 files changed, 75 insertions(+), 64 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2f972d37d..dcf1ba227 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -698,6 +698,12 @@ typedef uint32_t psa_algorithm_t; * This is the ECDSA signature scheme defined by ANSI X9.62, * with a random per-message secret number (*k*). * + * The representation of the signature as a byte string consists of + * the concatentation of the signature values *r* and *s*. Each of + * *r* and *s* is encoded as an *N*-octet string, where *N* is the length + * of the base point of the curve in octets. Each value is represented + * in big-endian order (most significant octet first). + * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(alg) is true). * @@ -709,7 +715,7 @@ typedef uint32_t psa_algorithm_t; (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** ECDSA signature without hashing. * - * This is the signature scheme defined by ANSI X9.62, + * This is the same signature scheme as #PSA_ALG_ECDSA(), but * without specifying a hash algorithm. This algorithm may only be * used to sign or verify a sequence of bytes that should be an * already-calculated hash. Note that the input is padded with @@ -722,6 +728,8 @@ typedef uint32_t psa_algorithm_t; * * This is the deterministic ECDSA signature scheme defined by RFC 6979. * + * The representation of a signature is the same as with #PSA_ALG_ECDSA(). + * * Note that when this algorithm is used for verification, signatures * made with randomized ECDSA (#PSA_ALG_ECDSA(\c hash_alg)) with the * same private key are accepted. In other words, @@ -1728,34 +1736,15 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, */ /** - * \brief Maximum ECDSA signature size for a given curve bit size + * \brief ECDSA signature size for a given curve bit size * - * \param curve_bits Curve size in bits - * \return Maximum signature size in bytes + * \param curve_bits Curve size in bits. + * \return Signature size in bytes. * * \note This macro returns a compile-time constant if its argument is one. - * - * \warning This macro may evaluate its argument multiple times. */ -/* - * RFC 4492 page 20: - * - * Ecdsa-Sig-Value ::= SEQUENCE { - * r INTEGER, - * s INTEGER - * } - * - * Size is at most - * 1 (tag) + 1 (len) + 1 (initial 0) + curve_bytes for each of r and s, - * twice that + 1 (tag) + 2 (len) for the sequence - * (assuming curve_bytes is less than 126 for r and s, - * and less than 124 (total len <= 255) for the sequence) - */ -#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ - ( /*T,L of SEQUENCE*/ ((curve_bits) >= 61 * 8 ? 3 : 2) + \ - /*T,L of r,s*/ 2 * (((curve_bits) >= 127 * 8 ? 3 : 2) + \ - /*V of r,s*/ ((curve_bits) + 8) / 8)) - +#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ + (PSA_BITS_TO_BYTES(curve_bits) * 2) /** Safe signature buffer size for psa_asymmetric_sign(). * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ffc587a1e..9454f478c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -40,7 +40,6 @@ #include "mbedtls/arc4.h" #include "mbedtls/asn1.h" -#include "mbedtls/asn1write.h" #include "mbedtls/bignum.h" #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" @@ -1640,28 +1639,6 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, } #if defined(MBEDTLS_ECDSA_C) -/* Temporary copy from ecdsa.c */ -static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, - unsigned char *sig, size_t *slen ) -{ - int ret; - unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; - unsigned char *p = buf + sizeof( buf ); - size_t len = 0; - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); - - memcpy( sig, p, len ); - *slen = len; - - return( 0 ); -} - /* `ecp` cannot be const because `ecp->grp` needs to be non-const * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det() * (even though these functions don't modify it). */ @@ -1675,11 +1652,16 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, { int ret; mbedtls_mpi r, s; + size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecp->grp.pbits ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + *signature_length = 0; + if( signature_size < 2 * curve_bytes ) + { + ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + goto cleanup; + } if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) ) { @@ -1697,8 +1679,48 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) ); } - MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, - signature, signature_length ) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r, + signature, + curve_bytes ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s, + signature + curve_bytes, + curve_bytes ) ); + +cleanup: + mbedtls_mpi_free( &r ); + mbedtls_mpi_free( &s ); + if( ret == 0 ) + *signature_length = 2 * curve_bytes; + memset( signature + *signature_length, 0, + signature_size - *signature_length ); + return( mbedtls_to_psa_error( ret ) ); +} + +static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ) +{ + int ret; + mbedtls_mpi r, s; + size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); + mbedtls_mpi_init( &r ); + mbedtls_mpi_init( &s ); + + if( signature_length != 2 * curve_bytes ) + return( PSA_ERROR_INVALID_SIGNATURE ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, + signature, + curve_bytes ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s, + signature + curve_bytes, + curve_bytes ) ); + + ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length, + &ecp->Q, &r, &s ); cleanup: mbedtls_mpi_free( &r ); @@ -1883,13 +1905,9 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, { #if defined(MBEDTLS_ECDSA_C) if( PSA_ALG_IS_ECDSA( alg ) ) - { - int ret; - ret = mbedtls_ecdsa_read_signature( slot->data.ecp, - hash, hash_length, - signature, signature_length ); - return( mbedtls_to_psa_error( ret ) ); - } + return( psa_ecdsa_verify( slot->data.ecp, + hash, hash_length, + signature, signature_length ) ); else #endif /* defined(MBEDTLS_ECDSA_C) */ { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2f9035438..1181fcd92 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -532,7 +532,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA sign: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT @@ -542,7 +542,7 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC @@ -562,11 +562,15 @@ asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396 PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA verify: ECDSA SECP256R1, wrong signature +PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: ECDSA SECP256R1, wrong signature of correct size +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 5ce3e59dfe3d79e2a0196cea426bd9fdf25be492 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 00:35:06 +0200 Subject: [PATCH 0323/2197] Doc: PSA_ALG_IS_HASH is unspecified if alg is not *supported* --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 95fe42d69..fb7edf83c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -531,7 +531,7 @@ typedef uint32_t psa_algorithm_t; * \param alg An algorithm identifier (value of type #psa_algorithm_t). * * \return 1 if \c alg is a hash algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a valid + * This macro may return either 0 or 1 if \c alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_HASH(alg) \ From af3baabd058559821afab7d3d44c5c7253f0c9bc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 22:55:52 +0200 Subject: [PATCH 0324/2197] Define max sizes for MAC and signatures This requires defining a maximum RSA key size, since the RSA key size is the signature size. Enforce the maximum RSA key size when importing or generating a key. --- include/psa/crypto_sizes.h | 83 ++++++++++++++++++++++++++++++++++++++ library/psa_crypto.c | 14 ++++--- 2 files changed, 92 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index d7eab4e61..f4d2cd839 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -42,6 +42,14 @@ #include MBEDTLS_CONFIG_FILE #endif +/** \def PSA_HASH_MAX_SIZE + * + * Maximum size of a hash. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a hash supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ #if defined(MBEDTLS_SHA512_C) #define PSA_HASH_MAX_SIZE 64 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 @@ -50,6 +58,81 @@ #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 #endif +/** \def PSA_MAC_MAX_SIZE + * + * Maximum size of a MAC. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a MAC supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +/* All non-HMAC MACs have a maximum size that's smaller than the + * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */ +#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE + +/* The maximum size of an RSA key on this implementation, in bits. + * This is a vendor-specific macro. + * + * Mbed TLS does not set a hard limit on the size of RSA keys: any key + * whose parameters fit in a bignum is accepted. However large keys can + * induce a large memory usage and long computation times. Unlike other + * auxiliary macros in this file and in crypto.h, which reflect how the + * library is configured, this macro defines how the library is + * configured. This implementation refuses to import or generate an + * RSA key whose size is larger than the value defined here. + * + * Note that an implementation may set different size limits for different + * operations, and does not need to accept all key sizes up to the limit. */ +#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096 + +/* The maximum size of an ECC key on this implementation, in bits. + * This is a vendor-specific macro. */ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521 +#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512 +#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448 +#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384 +#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384 +#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256 +#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256 +#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256 +#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255 +#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224 +#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224 +#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192 +#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192 +#else +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0 +#endif + +/** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE + * + * Maximum size of an asymmetric signature. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a MAC supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ + PSA_BITS_TO_BYTES( \ + PSA_VENDOR_RSA_MAX_KEY_BITS > PSA_VENDOR_ECC_MAX_CURVE_BITS ? \ + PSA_VENDOR_RSA_MAX_KEY_BITS : \ + PSA_VENDOR_ECC_MAX_CURVE_BITS \ + ) + + /** The size of the output of psa_mac_finish(), in bytes. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1d8eb506d..8ce668ce3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -502,7 +502,13 @@ psa_status_t psa_import_key( psa_key_slot_t key, case MBEDTLS_PK_RSA: if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || type == PSA_KEY_TYPE_RSA_KEYPAIR ) - slot->data.rsa = mbedtls_pk_rsa( pk ); + { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); + size_t bits = mbedtls_rsa_get_bitlen( rsa ); + if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) + return( PSA_ERROR_NOT_SUPPORTED ); + slot->data.rsa = rsa; + } else status = PSA_ERROR_INVALID_ARGUMENT; break; @@ -1579,10 +1585,6 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, mac_size, mac_length ) ); } -#define PSA_MAC_MAX_SIZE \ - ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \ - MBEDTLS_MD_MAX_SIZE : \ - MBEDTLS_MAX_BLOCK_LENGTH ) psa_status_t psa_mac_verify( psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) @@ -2862,6 +2864,8 @@ psa_status_t psa_generate_key( psa_key_slot_t key, mbedtls_rsa_context *rsa; int ret; int exponent = 65537; + if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) + return( PSA_ERROR_NOT_SUPPORTED ); if( parameters != NULL ) { const unsigned *p = parameters; From d35a1cce7f20b3d6a28813961e46331e3e371d4d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Jun 2018 21:26:10 +0200 Subject: [PATCH 0325/2197] Correct the documentation of mem_is_zero --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cb6da7f44..2fba85414 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -11,7 +11,7 @@ /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; -/** Test if a buffer is not all-bits zero. +/** Test if a buffer is all-bits zero. * * \param buffer Pointer to the beginning of the buffer. * \param size Size of the buffer in bytes. From dcd149432700c971d2709eb1533f4b5896d448c9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 00:30:52 +0200 Subject: [PATCH 0326/2197] Doc: write documentation for many macros and functions As of this commit, all #identifier links in the documentation are resolved. --- include/psa/crypto.h | 437 +++++++++++++++++++++++++++++++++++++ include/psa/crypto_sizes.h | 54 ++++- 2 files changed, 490 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fb7edf83c..34ab8e112 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -339,11 +339,13 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) + /** Raw data. * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) + #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) #define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) @@ -357,12 +359,14 @@ typedef uint32_t psa_key_type_t; * This size can be calculated with #PSA_HASH_SIZE(`alg`) where * `alg` is the HMAC algorithm or the underlying hash algorithm. */ #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) + /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ #define PSA_KEY_TYPE_AES ((psa_key_type_t)0x04000001) + /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or @@ -373,9 +377,11 @@ typedef uint32_t psa_key_type_t; * is weak and deprecated and should only be used in legacy protocols. */ #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x04000002) + /** Key for an cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003) + /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in @@ -386,15 +392,19 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000) /** RSA key pair (private and public key). */ #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000) + /** DSA public key. */ #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x06020000) /** DSA key pair (private and public key). */ #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000) + #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000) #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +/** Elliptic curve key pair. */ #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) +/** Elliptic curve public key. */ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) @@ -526,6 +536,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_IS_VENDOR_DEFINED(alg) \ (((alg) & PSA_ALG_VENDOR_FLAG) != 0) + /** Whether the specified algorithm is a hash algorithm. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). @@ -536,18 +547,82 @@ typedef uint32_t psa_algorithm_t; */ #define PSA_ALG_IS_HASH(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) + +/** Whether the specified algorithm is a MAC algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a MAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_MAC(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) + +/** Whether the specified algorithm is a symmetric cipher algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a symmetric cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_CIPHER(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) + +/** Whether the specified algorithm is an authenticated encryption + * with associated data (AEAD) algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an AEAD algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_AEAD(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) + +/** Whether the specified algorithm is a public-key signature algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a public-key signature algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_SIGN(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) + +/** Whether the specified algorithm is a public-key encryption algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a public-key encryption algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) + +/** Whether the specified algorithm is a key agreement algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_KEY_AGREEMENT(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) + +/** Whether the specified algorithm is a key derivation algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a key derivation algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_KEY_DERIVATION(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) @@ -583,15 +658,35 @@ typedef uint32_t psa_algorithm_t; */ #define PSA_ALG_HMAC(hash_alg) \ (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + #define PSA_ALG_HMAC_HASH(hmac_alg) \ (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is an HMAC algorithm. + * + * HMAC is a family of MAC algorithms that are based on a hash function. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an HMAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_HMAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_HMAC_BASE) + #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) + +/** Whether the specified algorithm is a MAC algorithm based on a block cipher. + * + * \return 1 if \c alg is a MAC algorithm based on a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_CIPHER_MAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) @@ -600,21 +695,71 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000) #define PSA_ALG_BLOCK_CIPHER_MODE_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x003f0000) + +/** Use a block cipher mode without padding. + * + * This padding mode may only be used with messages whose lengths are a + * whole number of blocks for the chosen block cipher. + */ #define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000) #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) + +/** Whether the specified algorithm is a block cipher. + * + * A block cipher is a symmetric cipher that encrypts or decrypts messages + * by chopping them into fixed-size blocks. Processing a message requires + * applying a _padding mode_ to transform the message into one whose + * length is a whole number of blocks. To construct an algorithm + * identifier for a block cipher, apply a bitwise-or between the block + * cipher mode and the padding mode. For example, CBC with PKCS#7 padding + * is `PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7`. + * + * The transformation applied to each block is determined by the key type. + * For example, to use AES-128-CBC-PKCS7, use the algorithm above with + * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a block cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier or if it is not a symmetric cipher algorithm. + */ #define PSA_ALG_IS_BLOCK_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ PSA_ALG_BLOCK_CIPHER_BASE) +/** The CBC block cipher mode. + */ #define PSA_ALG_CBC_BASE ((psa_algorithm_t)0x04000001) #define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) #define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) #define PSA_ALG_STREAM_CIPHER_BASE ((psa_algorithm_t)0x04800000) +/** The CTR stream cipher mode. + * + * CTR is a stream cipher which is built from a block cipher. The + * underlying block cipher is determined by the key type. For example, + * to use AES-128-CTR, use this algorithm with + * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). + */ #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) +/** The ARC4 stream cipher algorithm. + */ #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) +/** Whether the specified algorithm is a stream cipher. + * + * A stream cipher is a symmetric cipher that encrypts or decrypts messages + * by applying a bitwise-xor with a stream of bytes that is generated + * from a key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a stream cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier or if it is not a symmetric cipher algorithm. + */ #define PSA_ALG_IS_STREAM_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ PSA_ALG_STREAM_CIPHER_BASE) @@ -647,6 +792,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) + #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) /** RSA PSS signature with hashing. * @@ -777,8 +923,25 @@ typedef uint32_t psa_algorithm_t; ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) +/** RSA PKCS#1 v1.5 encryption. + */ #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) + #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +/** RSA OAEP encryption. + * + * This is the encryption scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSAES-OAEP, with the message generation function MGF1. + * + * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use + * for MGF1. + * + * \return The corresponding RSA OAEP signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ #define PSA_ALG_RSA_OAEP(hash_alg) \ (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_OAEP(alg) \ @@ -979,24 +1142,42 @@ typedef uint32_t psa_key_usage_t; #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) /** Whether the key may be used to encrypt a message. + * + * This flag allows the key to be used for a symmetric encryption operation, + * for an AEAD encryption-and-authentication operation, + * or for an asymmetric encryption operation, + * if otherwise permitted by the key's type and policy. * * For a key pair, this concerns the public key. */ #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) /** Whether the key may be used to decrypt a message. + * + * This flag allows the key to be used for a symmetric decryption operation, + * for an AEAD decryption-and-verification operation, + * or for an asymmetric decryption operation, + * if otherwise permitted by the key's type and policy. * * For a key pair, this concerns the private key. */ #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) /** Whether the key may be used to sign a message. + * + * This flag allows the key to be used for a MAC calculation operation + * or for an asymmetric signature operation, + * if otherwise permitted by the key's type and policy. * * For a key pair, this concerns the private key. */ #define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) /** Whether the key may be used to verify a message signature. + * + * This flag allows the key to be used for a MAC verification operation + * or for an asymmetric signature verification operation, + * if otherwise permitted by by the key's type and policy. * * For a key pair, this concerns the public key. */ @@ -1023,8 +1204,10 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg); +/** \brief Retrieve the usage field of a policy structure. */ psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy); +/** \brief Retrieve the algorithm field of a policy structure. */ psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy); /** \brief Set the usage policy on a key slot. @@ -1431,19 +1614,131 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg); +/** Add a message fragment to a multipart MAC operation. + * + * The application must call psa_mac_sign_setup() or psa_mac_verify_setup() + * before calling this function. + * + * If this function returns an error status, the operation becomes inactive. + * + * \param operation Active MAC operation. + * \param input Buffer containing the message fragment to add to + * the MAC calculation. + * \param input_length Size of the \c input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or already completed). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length); +/** Finish the calculation of the MAC of a message. + * + * The application must call psa_mac_sign_setup() before calling this function. + * This function calculates the MAC of the message formed by concatenating + * the inputs passed to preceding calls to psa_mac_update(). + * + * When this function returns, the operation becomes inactive. + * + * \warning Applications should not call this function if they expect + * a specific value for the MAC. Call psa_mac_verify_finish() instead. + * Beware that comparing integrity or authenticity data such as + * MAC values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the MAC value which could allow an attacker to guess + * a valid MAC and thereby bypass security controls. + * + * \param operation Active MAC operation. + * \param mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param mac_length On success, the number of bytes + * that make up the MAC value. This is always + * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and + * bit-size respectively of \c key and `alg` is the + * MAC algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \c mac buffer is too small. You can determine a + * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length); +/** Finish the calculation of the MAC of a message and compare it with + * an expected value. + * + * The application must call psa_mac_verify_setup() before calling this function. + * This function calculates the MAC of the message formed by concatenating + * the inputs passed to preceding calls to psa_mac_update(). It then + * compares the calculated MAC with the expected MAC passed as a + * parameter to this function. + * + * When this function returns, the operation becomes inactive. + * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual MAC and the expected MAC is performed + * in constant time. + * + * \param operation Active MAC operation. + * \param mac Buffer containing the expected MAC value. + * \param mac_length Size of the \c mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the message. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected MAC. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or already completed). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length); +/** Abort a MAC operation. + * + * This function may be called at any time after psa_mac_sign_setup() + * or psa_mac_verify_setup(). + * Aborting an operation frees all associated resources except for the + * \c operation structure itself. + * + * Implementation should strive to be robust and handle inactive MAC + * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, + * application writers should beware that uninitialized memory may happen + * to be indistinguishable from an active MAC operation, and the behavior + * of psa_mac_abort() is undefined in this case. + * + * \param operation Active MAC operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * \c operation is not an active MAC operation. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); /**@}*/ @@ -1556,15 +1851,104 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, psa_algorithm_t alg); +/** Generate an IV for a symmetric encryption operation. + * + * This function generates a random IV (initialization vector), nonce + * or initial counter value for the encryption operation as appropriate + * for the chosen algorithm, key type and key size. + * + * The application must call psa_cipher_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation becomes inactive. + * + * \param operation Active cipher operation. + * \param iv Buffer where the generated IV is to be written. + * \param iv_size Size of the \c iv buffer in bytes. + * \param iv_length On success, the number of bytes of the generated IV. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or IV already set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \c output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, unsigned char *iv, size_t iv_size, size_t *iv_length); +/** Set the IV for a symmetric encryption or decryption operation. + * + * This function sets the random IV (initialization vector), nonce + * or initial counter value for the encryption or decryption operation. + * + * The application must call psa_cipher_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation becomes inactive. + * + * \note When encrypting, applications should use psa_cipher_generate_iv() + * instead of this function, unless implementing a protocol that requires + * a non-random IV. + * + * \param operation Active cipher operation. + * \param iv Buffer containing the IV to use. + * \param iv_length Size of the IV in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, or IV already set). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of the \c iv is not acceptable for the chosen algorithm, + * or the chosen algorithm does not use an IV. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const unsigned char *iv, size_t iv_length); +/** Encrypt or decrypt a message fragment in an active cipher operation. + * + * The application must call psa_cipher_encrypt_setup() or + * psa_cipher_decrypt_setup() before calling this function. The choice + * of setup function determines whether this function encrypts or + * decrypts its input. After calling a setup function, if the chosen + * algorithm requires an IV, the application must call + * psa_cipher_generate_iv() or psa_cipher_set_iv(). + * + * If this function returns an error status, the operation becomes inactive. + * + * \param operation Active cipher operation. + * \param input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \c input buffer in bytes. + * \param output Buffer where the output is to be written. + * \param output_size Size of the \c output buffer in bytes. + * \param output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, IV required but + * not set, or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, @@ -1572,11 +1956,64 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, size_t output_size, size_t *output_length); +/** Finish encrypting or decrypting a message in a cipher operation. + * + * The application must call psa_cipher_encrypt_setup() or + * psa_cipher_decrypt_setup() before calling this function. The choice + * of setup function determines whether this function encrypts or + * decrypts its input. + * + * This function finishes the encryption or decryption of the message + * formed by concatenating the inputs passed to preceding calls to + * psa_cipher_update(). + * + * When this function returns, the operation becomes inactive. + * + * \param operation Active cipher operation. + * \param output Buffer where the output is to be written. + * \param output_size Size of the \c output buffer in bytes. + * \param output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not started, IV required but + * not set, or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); +/** Abort a cipher operation. + * + * This function may be called at any time after + * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). + * Aborting an operation frees all associated resources except for the + * \c operation structure itself. + * + * Implementation should strive to be robust and handle inactive cipher + * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, + * application writers should beware that uninitialized memory may happen + * to be indistinguishable from an active cipher operation, and the behavior + * of psa_cipher_abort() is undefined in this case. + * + * \param operation Active cipher operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * \c operation is not an active cipher operation. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /**@}*/ diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 574d3e55c..ab5b17e19 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -237,17 +237,69 @@ * sensible size or 0. * If the parameters are not valid, the * return value is unspecified. - * */ #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ ((void)alg, 0)) +/** Safe output buffer size for psa_asymmetric_encrypt(). + * + * This macro returns a safe buffer size for a ciphertext produced using + * a key of the specified type and size, with the specified algorithm. + * Note that the actual size of the ciphertext may be smaller, depending + * on the algorithm. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_encrypt() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ 0) + +/** Safe output buffer size for psa_asymmetric_decrypt(). + * + * This macro returns a safe buffer size for a ciphertext produced using + * a key of the specified type and size, with the specified algorithm. + * Note that the actual size of the ciphertext may be smaller, depending + * on the algorithm. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type An asymmetric key type (this may indifferently be a + * key pair type or a public key type). + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_decrypt() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ From 480416af9d4acb874d5f60bb725334f71103daf7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 19:04:07 +0200 Subject: [PATCH 0327/2197] Fix argument validation in asn1_write_10x 1 << bits doesn't work when bits is too large. Found by ASan. --- tests/suites/test_suite_psa_crypto.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0d1a25c82..5f705e3e3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -46,7 +46,9 @@ static int asn1_write_10x( unsigned char **p, { int ret; int len = bits / 8 + 1; - if( x >= 1 << bits ) + if( bits == 0 ) + return( MBEDTLS_ERR_ASN1_INVALID_DATA ); + if( bits <= 8 && x >= 1 << ( bits - 1 ) ) return( MBEDTLS_ERR_ASN1_INVALID_DATA ); if( *p < start || *p - start < (ssize_t) len ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); From 65fb236799af6634e44860040f4ba1ec1eb00936 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Jun 2018 13:55:30 +0100 Subject: [PATCH 0328/2197] psa: Make psa_set_key_lifetime() match declaration Previously, the psa_set_key_lifetime() implementation did not match the function declaration in psa/crypto.h. Value types don't need const, since they are passed by value. Fix psa_set_key_lifetime() implementation by making it match its declaration in the header. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8ce668ce3..7d7882745 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2513,7 +2513,7 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key, } psa_status_t psa_set_key_lifetime( psa_key_slot_t key, - const psa_key_lifetime_t lifetime ) + psa_key_lifetime_t lifetime ) { key_slot_t *slot; From 2743e42580dd30a7fb0eeb8d4b9b5d90b8090f19 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 22:57:11 +0200 Subject: [PATCH 0329/2197] Correct reference for RSA keypair export format --- include/psa/crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e29a464de..07ee00061 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -900,8 +900,8 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * - For Triple-DES, the format is the concatenation of the * two or three DES keys. * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format - * is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208) - * as PrivateKeyInfo. + * is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017) + * as RSAPrivateKey. * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. * From 2b450e3a01e138598e31dbb0c0f8b8a4182e92f7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 27 Jun 2018 15:42:46 +0200 Subject: [PATCH 0330/2197] Factor RSA sign/verify code into its own functions This makes the functions smaller and makes error paths easier to read. --- library/psa_crypto.c | 219 ++++++++++++++++++++++++------------------- 1 file changed, 125 insertions(+), 94 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9454f478c..cb2a4f271 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1612,6 +1612,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation, /* Asymmetric cryptography */ /****************************************************************/ +#if defined(MBEDTLS_RSA_C) /* Decode the hash algorithm from alg and store the mbedtls encoding in * md_alg. Verify that the hash length is consistent. */ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, @@ -1638,6 +1639,115 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, return( PSA_SUCCESS ); } +static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + psa_status_t status; + int ret; + mbedtls_md_type_t md_alg; + + status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); + if( status != PSA_SUCCESS ) + return( status ); + + if( signature_size < rsa->len ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + +#if defined(MBEDTLS_PKCS1_V15) + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ); + ret = mbedtls_rsa_pkcs1_sign( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + md_alg, hash_length, hash, + signature ); + } + else +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + if( PSA_ALG_IS_RSA_PSS( alg ) ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + ret = mbedtls_rsa_rsassa_pss_sign( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + md_alg, hash_length, hash, + signature ); + } + else +#endif /* MBEDTLS_PKCS1_V21 */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + if( ret == 0 ) + *signature_length = rsa->len; + return( mbedtls_to_psa_error( ret ) ); +} + +static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ) +{ + psa_status_t status; + int ret; + mbedtls_md_type_t md_alg; + + status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); + if( status != PSA_SUCCESS ) + return( status ); + + if( signature_length < rsa->len ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + +#if defined(MBEDTLS_PKCS1_V15) + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE ); + ret = mbedtls_rsa_pkcs1_verify( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + md_alg, + hash_length, + hash, + signature ); + } + else +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + if( PSA_ALG_IS_RSA_PSS( alg ) ) + { + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + ret = mbedtls_rsa_rsassa_pss_verify( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + md_alg, hash_length, hash, + signature ); + } + else +#endif /* MBEDTLS_PKCS1_V21 */ + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + return( mbedtls_to_psa_error( ret ) ); +} +#endif /* MBEDTLS_RSA_C */ + #if defined(MBEDTLS_ECDSA_C) /* `ecp` cannot be const because `ecp->grp` needs to be non-const * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det() @@ -1740,7 +1850,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, size_t *signature_length ) { key_slot_t *slot; - psa_status_t status; *signature_length = 0; (void) salt; (void) salt_length; @@ -1758,48 +1867,11 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { - mbedtls_rsa_context *rsa = slot->data.rsa; - int ret; - mbedtls_md_type_t md_alg; - status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); - if( status != PSA_SUCCESS ) - return( status ); - - if( signature_size < rsa->len ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); -#if defined(MBEDTLS_PKCS1_V15) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_sign( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PRIVATE, - md_alg, hash_length, hash, - signature ); - } - else -#endif /* MBEDTLS_PKCS1_V15 */ -#if defined(MBEDTLS_PKCS1_V21) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_sign( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PRIVATE, - md_alg, hash_length, hash, - signature ); - } - else -#endif /* MBEDTLS_PKCS1_V21 */ - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - if( ret == 0 ) - *signature_length = rsa->len; - return( mbedtls_to_psa_error( ret ) ); + return( psa_rsa_sign( slot->data.rsa, + alg, + hash, hash_length, + signature, signature_size, + signature_length ) ); } else #endif /* defined(MBEDTLS_RSA_C) */ @@ -1808,17 +1880,16 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, { #if defined(MBEDTLS_ECDSA_C) if( PSA_ALG_IS_ECDSA( alg ) ) - status = psa_ecdsa_sign( slot->data.ecp, - alg, - hash, hash_length, - signature, signature_size, - signature_length ); + return( psa_ecdsa_sign( slot->data.ecp, + alg, + hash, hash_length, + signature, signature_size, + signature_length ) ); else #endif /* defined(MBEDTLS_ECDSA_C) */ { return( PSA_ERROR_INVALID_ARGUMENT ); } - return( status ); } else #endif /* defined(MBEDTLS_ECP_C) */ @@ -1837,7 +1908,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, size_t signature_length ) { key_slot_t *slot; - psa_status_t status; + (void) salt; (void) salt_length; @@ -1853,50 +1924,10 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { - mbedtls_rsa_context *rsa = slot->data.rsa; - int ret; - mbedtls_md_type_t md_alg; - status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); - if( status != PSA_SUCCESS ) - return( status ); - - if( signature_length < rsa->len ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); -#if defined(MBEDTLS_PKCS1_V15) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - - ret = mbedtls_rsa_pkcs1_verify( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PUBLIC, - md_alg, - hash_length, - hash, - signature ); - - } - else -#endif /* MBEDTLS_PKCS1_V15 */ -#if defined(MBEDTLS_PKCS1_V21) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_verify( rsa, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg, - MBEDTLS_RSA_PUBLIC, - md_alg, hash_length, hash, - signature ); - } - else -#endif /* MBEDTLS_PKCS1_V21 */ - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - return( mbedtls_to_psa_error( ret ) ); + return( psa_rsa_verify( slot->data.rsa, + alg, + hash, hash_length, + signature, signature_length ) ); } else #endif /* defined(MBEDTLS_RSA_C) */ From 9911b02f323aa319f9e0a9ec8623af19e852c386 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 17:30:48 +0200 Subject: [PATCH 0331/2197] Add sign_verify test and use it to smoke-test PSS --- tests/suites/test_suite_psa_crypto.data | 20 ++++++ tests/suites/test_suite_psa_crypto.function | 77 ++++++++++++++++++++- 2 files changed, 96 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 27c15389f..e964186c0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -681,6 +681,26 @@ PSA sign: deterministic ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +PSA sign/verify: RSA PKCS#1 v1.5, raw +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" + +PSA sign/verify: RSA PKCS#1 v1.5 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" + +PSA sign/verify: RSA PSS-SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" + +PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + +PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e9efb3a0a..cbb3f37b2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2014,7 +2014,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); - /* Verify that the signature is correct. */ + /* Verify that the signature is what is expected. */ TEST_ASSERT( signature_length == output_data->len ); TEST_ASSERT( memcmp( signature, output_data->x, output_data->len ) == 0 ); @@ -2078,6 +2078,81 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void sign_verify( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_policy_t policy; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, + alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( slot, + NULL, + &key_bits ) == PSA_SUCCESS ); + + /* Allocate a buffer which has the size advertized by the + * library. */ + signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, + key_bits, alg ); + TEST_ASSERT( signature_size != 0 ); + TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); + signature = mbedtls_calloc( 1, signature_size ); + TEST_ASSERT( signature != NULL ); + + /* Perform the signature. */ + TEST_ASSERT( psa_asymmetric_sign( slot, alg, + input_data->x, input_data->len, + NULL, 0, + signature, signature_size, + &signature_length ) == PSA_SUCCESS ); + /* Check that the signature length looks sensible. */ + TEST_ASSERT( signature_length <= signature_size ); + TEST_ASSERT( signature_length > 0 ); + + /* Use the library to verify that the signature is correct. */ + TEST_ASSERT( psa_asymmetric_verify( + slot, alg, + input_data->x, input_data->len, + NULL, 0, + signature, signature_length ) == PSA_SUCCESS ); + + if( input_data->len != 0 ) + { + /* Flip a bit in the input and verify that the signature is now + * detected as invalid. Flip a bit at the beginning, not at the end, + * because ECDSA may ignore the last few bits of the input. */ + input_data->x[0] ^= 1; + TEST_ASSERT( psa_asymmetric_verify( + slot, alg, + input_data->x, input_data->len, + NULL, 0, + signature, + signature_length ) == PSA_ERROR_INVALID_SIGNATURE ); + } + +exit: + psa_destroy_key( slot ); + mbedtls_free( signature ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void asymmetric_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, From 7256e6c9a4421800768a180b533ba7f315c9048a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 00:34:26 +0200 Subject: [PATCH 0332/2197] Doc: fix formatting of some macro arguments in explanations --- include/psa/crypto.h | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 34ab8e112..4c8cc40fd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -356,7 +356,7 @@ typedef uint32_t psa_key_type_t; * used for. * * HMAC keys should generally have the same size as the underlying hash. - * This size can be calculated with #PSA_HASH_SIZE(`alg`) where + * This size can be calculated with #PSA_HASH_SIZE(\p alg) where * `alg` is the HMAC algorithm or the underlying hash algorithm. */ #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) @@ -650,7 +650,7 @@ typedef uint32_t psa_algorithm_t; * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding HMAC algorithm. * \return Unspecified if \p alg is not a supported @@ -775,7 +775,7 @@ typedef uint32_t psa_algorithm_t; * RSASSA-PKCS1-v1_5. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. * \return Unspecified if \p alg is not a supported @@ -803,7 +803,7 @@ typedef uint32_t psa_algorithm_t; * salted hash, and for the mask generation. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding RSA PSS signature algorithm. * \return Unspecified if \p alg is not a supported @@ -821,7 +821,7 @@ typedef uint32_t psa_algorithm_t; * with a random per-message secret number (*k*). * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding DSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -852,7 +852,7 @@ typedef uint32_t psa_algorithm_t; * in big-endian order (most significant octet first). * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding ECDSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -884,7 +884,7 @@ typedef uint32_t psa_algorithm_t; * #PSA_ALG_ECDSA(\c hash_alg) only for signature, not for verification. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true). + * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding deterministic ECDSA signature * algorithm. @@ -908,7 +908,7 @@ typedef uint32_t psa_algorithm_t; * itself. * * \param alg A signature algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_SIGN(alg) is true). + * #PSA_ALG_IS_SIGN(\p alg) is true). * * \return The underlying hash algorithm if \p alg is a hash-and-sign * algorithm. @@ -1315,7 +1315,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * This is also the hash size that psa_hash_verify() expects. * * \param alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm + * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm * (#PSA_ALG_HMAC(`hash_alg`) where `hash_alg` is a * hash algorithm). * @@ -1367,7 +1367,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * * \param operation The operation object to use. * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_HASH(alg) is true). + * such that #PSA_ALG_IS_HASH(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1422,10 +1422,10 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * * \param operation Active hash operation. * \param hash Buffer where the hash is to be written. - * \param hash_size Size of the \c hash buffer in bytes. + * \param hash_size Size of the \p hash buffer in bytes. * \param hash_length On success, the number of bytes * that make up the hash value. This is always - * #PSA_HASH_SIZE(alg) where \c alg is the + * #PSA_HASH_SIZE(`alg`) where `alg` is the * hash algorithm that is calculated. * * \retval #PSA_SUCCESS @@ -1434,7 +1434,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * The operation state is not valid (not started, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c hash buffer is too small. You can determine a - * sufficient buffer size by calling #PSA_HASH_SIZE(alg) + * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) * where \c alg is the hash algorithm that is calculated. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -1595,7 +1595,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \param operation The operation object to use. * \param key Slot containing the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(alg) is true). + * such that #PSA_ALG_IS_MAC(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1784,7 +1784,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * \param operation The operation object to use. * \param key Slot containing the key to use for the operation. * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_CIPHER(alg) is true). + * such that #PSA_ALG_IS_CIPHER(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1832,7 +1832,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \param operation The operation object to use. * \param key Slot containing the key to use for the operation. * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_CIPHER(alg) is true). + * such that #PSA_ALG_IS_CIPHER(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -2026,7 +2026,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). + * #PSA_ALG_IS_AEAD(\p alg) is true). * * \return The tag size for the specified algorithm. * If the AEAD algorithm does not have an identified @@ -2047,7 +2047,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \param key Slot containing the key to use. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). + * #PSA_ALG_IS_AEAD(\p alg) is true). * \param nonce Nonce or IV to use. * \param nonce_length Size of the \p nonce buffer in bytes. * \param additional_data Additional data that will be authenticated @@ -2100,7 +2100,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * \param key Slot containing the key to use. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). + * #PSA_ALG_IS_AEAD(\p alg) is true). * \param nonce Nonce or IV to use. * \param nonce_length Size of the \p nonce buffer in bytes. * \param additional_data Additional data that has been authenticated @@ -2197,7 +2197,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c signature buffer is too small. You can * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) + * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \c key. * \retval #PSA_ERROR_NOT_SUPPORTED @@ -2302,7 +2302,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \c output buffer is too small. You can * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) + * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \c key. * \retval #PSA_ERROR_NOT_SUPPORTED @@ -2418,7 +2418,7 @@ psa_status_t psa_generate_random(uint8_t *output, * points to, in bytes. * * For any symmetric key type (a type such that - * #PSA_KEY_TYPE_IS_ASYMMETRIC(`type`) is false), \c parameters must be + * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \c parameters must be * \c NULL. For asymmetric key types defined by this specification, * the parameter type and the default parameters are defined by the * table below. For vendor-defined key types, the vendor documentation From ed34695e08f01dcee3e6079cc103301efbb16a39 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 5 Jul 2018 15:22:45 +0300 Subject: [PATCH 0333/2197] Fix tests in test_suite_psa_crypto to set policy usage --- tests/suites/test_suite_psa_crypto.function | 30 +++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c90447f81..9128e8fc5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1041,6 +1041,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; + psa_key_policy_t policy; TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); @@ -1054,6 +1055,10 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); @@ -1111,6 +1116,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; + psa_key_policy_t policy; TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); @@ -1124,6 +1130,10 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); @@ -1184,6 +1194,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; + psa_key_policy_t policy; TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); @@ -1197,6 +1208,10 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); @@ -1259,6 +1274,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; + psa_key_policy_t policy; TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); @@ -1272,6 +1288,10 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); @@ -1333,6 +1353,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, size_t function_output_length = 0; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; + psa_key_policy_t policy; TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); @@ -1341,6 +1362,10 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); @@ -1420,6 +1445,7 @@ void cipher_verify_output_multipart( int alg_arg, size_t function_output_length; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; + psa_key_policy_t policy; TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); @@ -1428,6 +1454,10 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); From 46f1fd7afd4f17062883ebd6c0dbf915602212f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 19:31:31 +0200 Subject: [PATCH 0334/2197] Handle null pointers safely when used as buffers of size 0 When the size of a buffer is 0, the corresponding pointer argument may be null. In such cases, library functions must not perform arithmetic on the pointer or call standard library functions such as memset and memcpy, since that would be undefined behavior in C. Protect such cases. Refactor the storage of a 0-sized raw data object to make it store a null pointer, rather than depending on the behavior of calloc(1,0). --- library/psa_crypto.c | 50 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 40 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4a3363952..19db5a9ec 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -409,10 +409,17 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, switch( type ) { case PSA_KEY_TYPE_RAW_DATA: + if( bits == 0 ) + { + raw->bytes = 0; + raw->data = NULL; + return( PSA_SUCCESS ); + } + break; #if defined(MBEDTLS_MD_C) case PSA_KEY_TYPE_HMAC: -#endif break; +#endif #if defined(MBEDTLS_AES_C) case PSA_KEY_TYPE_AES: if( bits != 128 && bits != 192 && bits != 256 ) @@ -478,7 +485,8 @@ psa_status_t psa_import_key( psa_key_slot_t key, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); - memcpy( slot->data.raw.data, data, data_length ); + if( data_length != 0 ) + memcpy( slot->data.raw.data, data, data_length ); } else #if defined(MBEDTLS_PK_PARSE_C) @@ -679,7 +687,8 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, slot->data.raw.data, slot->data.raw.bytes ); + if( slot->data.raw.bytes != 0 ) + memcpy( data, slot->data.raw.data, slot->data.raw.bytes ); *data_length = slot->data.raw.bytes; return( PSA_SUCCESS ); } @@ -710,7 +719,10 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, ret = mbedtls_pk_write_key_der( &pk, data, data_size ); if( ret < 0 ) { - memset( data, 0, data_size ); + /* If data_size is 0 then data may be NULL and then the + * call to memset would have undefined behavior. */ + if( data_size != 0 ) + memset( data, 0, data_size ); return( mbedtls_to_psa_error( ret ) ); } /* The mbedtls_pk_xxx functions write to the end of the buffer. @@ -999,7 +1011,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, * (barring an attack on the hash and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ *hash_length = actual_hash_length; - memset( hash, '!', hash_size ); + /* If hash_size is 0 then hash may be NULL and then the + * call to memset would have undefined behavior. */ + if( hash_size != 0 ) + memset( hash, '!', hash_size ); if( hash_size < actual_hash_length ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1500,7 +1515,10 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, * (barring an attack on the mac and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ *mac_length = operation->mac_size; - memset( mac, '!', mac_size ); + /* If mac_size is 0 then mac may be NULL and then the + * call to memset would have undefined behavior. */ + if( mac_size != 0 ) + memset( mac, '!', mac_size ); if( mac_size < operation->mac_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1944,8 +1962,10 @@ exit: if( status == PSA_SUCCESS ) memset( signature + *signature_length, '!', signature_size - *signature_length ); - else + else if( signature_size != 0 ) memset( signature, '!', signature_size ); + /* If signature_size is 0 then we have nothing to do. We must not call + * memset because signature may be NULL in this case. */ return( status ); } @@ -2410,7 +2430,9 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, psa_cipher_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } - if( output_size >= *output_length ) + if( *output_length == 0 ) + /* Nothing to copy. Note that output may be NULL in this case. */ ; + else if( output_size >= *output_length ) memcpy( output, temp_output_buffer, *output_length ); else { @@ -2684,7 +2706,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, if( ret != 0 ) { - memset( ciphertext, 0, ciphertext_size ); + /* If ciphertext_size is 0 then ciphertext may be NULL and then the + * call to memset would have undefined behavior. */ + if( ciphertext_size != 0 ) + memset( ciphertext, 0, ciphertext_size ); return( mbedtls_to_psa_error( ret ) ); } @@ -2823,7 +2848,12 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, } if( ret != 0 ) - memset( plaintext, 0, plaintext_size ); + { + /* If plaintext_size is 0 then plaintext may be NULL and then the + * call to memset has undefined behavior. */ + if( plaintext_size != 0 ) + memset( plaintext, 0, plaintext_size ); + } else *plaintext_length = ciphertext_length - tag_length; From 045bd50a78a3d8d639ea470c79300eb6331bedff Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Jun 2018 14:00:08 +0100 Subject: [PATCH 0335/2197] psa: Use key slot type in mbedtls_psa_crypto_free() To avoid a possible loss of precision, and to be semantically correct, use psa_key_slot_t (which is 16 bits) instead of size_t (which is 32 or 64 bits on common platforms) in mbedtls_psa_crypto_free(). --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7d7882745..4b17e5594 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2941,7 +2941,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, void mbedtls_psa_crypto_free( void ) { - size_t key; + psa_key_slot_t key; for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ ) psa_destroy_key( key ); mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); From 69c1267fd21c94cdf1f9289fd18e7cf0d36f6162 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 00:07:19 +0200 Subject: [PATCH 0336/2197] Use PSA_xxx_MAX_SIZE for hash/MAC/signature size in tests In tests that had a hard-coded buffer size, use PSA_MAC_MAX_SIZE or PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE as appropriate. Test that PSA_xxx_MAX_SIZE is larger than the size used in tests that expect a specific output. --- tests/suites/test_suite_psa_crypto.function | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1959e13d0..03ce5b33b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -43,7 +43,7 @@ static int exercise_mac_key( psa_key_slot_t key, { psa_mac_operation_t operation; const unsigned char input[] = "foo"; - unsigned char mac[64] = {0}; + unsigned char mac[PSA_MAC_MAX_SIZE] = {0}; size_t mac_length = sizeof( mac ); if( usage & PSA_KEY_USAGE_SIGN ) @@ -191,7 +191,7 @@ static int exercise_signature_key( psa_key_slot_t key, { unsigned char payload[16] = {1}; size_t payload_length = sizeof( payload ); - unsigned char signature[256] = {0}; + unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length = sizeof( signature ); if( usage & PSA_KEY_USAGE_SIGN ) @@ -709,6 +709,9 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) size_t actual_hash_length; psa_hash_operation_t operation; + TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) ); + TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE ); + TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_hash != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); @@ -737,6 +740,9 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) psa_algorithm_t alg = alg_arg; psa_hash_operation_t operation; + TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) ); + TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE ); + TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_hash != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); @@ -805,6 +811,8 @@ void mac_verify( int key_type_arg, psa_mac_operation_t operation; psa_key_policy_t policy; + TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); + TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_mac != NULL ); @@ -1594,6 +1602,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); + TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); signature = mbedtls_calloc( 1, signature_size ); TEST_ASSERT( signature != NULL ); @@ -1677,6 +1686,8 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_key_policy_t policy; + TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); + TEST_ASSERT( key_data != NULL ); TEST_ASSERT( hash_data != NULL ); TEST_ASSERT( signature_data != NULL ); From a26ff6a290ff8b8bfbc836f0fd54bc7e55306e0f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 12:21:19 +0200 Subject: [PATCH 0337/2197] psa_asymmetric_sign: consistently fill unused output with '!' Fill the unused part of the output buffer with '!', for consistency with hash and mac. On error, set the output length to the output buffer size and fill the output buffer with '!', again for consistency with hash and mac. This way an invalid output is more visible in a memory dump. Restructure the error paths so that there is a single place where the unused part of the output buffer is filled. Also remove a redundant initialization of *signature_length to 0. --- library/psa_crypto.c | 64 ++++++++++++++++++++++++++++++-------------- 1 file changed, 44 insertions(+), 20 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cb2a4f271..1d8eb506d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1766,7 +1766,6 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - *signature_length = 0; if( signature_size < 2 * curve_bytes ) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; @@ -1802,8 +1801,6 @@ cleanup: mbedtls_mpi_free( &s ); if( ret == 0 ) *signature_length = 2 * curve_bytes; - memset( signature + *signature_length, 0, - signature_size - *signature_length ); return( mbedtls_to_psa_error( ret ) ); } @@ -1850,28 +1847,43 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, size_t *signature_length ) { key_slot_t *slot; - *signature_length = 0; + psa_status_t status; + + *signature_length = signature_size; + (void) salt; (void) salt_length; if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); + { + status = PSA_ERROR_EMPTY_SLOT; + goto exit; + } slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + { + status = PSA_ERROR_EMPTY_SLOT; + goto exit; + } if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } if( ! ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) ) - return( PSA_ERROR_NOT_PERMITTED ); + { + status = PSA_ERROR_NOT_PERMITTED; + goto exit; + } #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) { - return( psa_rsa_sign( slot->data.rsa, - alg, - hash, hash_length, - signature, signature_size, - signature_length ) ); + status = psa_rsa_sign( slot->data.rsa, + alg, + hash, hash_length, + signature, signature_size, + signature_length ); } else #endif /* defined(MBEDTLS_RSA_C) */ @@ -1880,22 +1892,34 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, { #if defined(MBEDTLS_ECDSA_C) if( PSA_ALG_IS_ECDSA( alg ) ) - return( psa_ecdsa_sign( slot->data.ecp, - alg, - hash, hash_length, - signature, signature_size, - signature_length ) ); + status = psa_ecdsa_sign( slot->data.ecp, + alg, + hash, hash_length, + signature, signature_size, + signature_length ); else #endif /* defined(MBEDTLS_ECDSA_C) */ { - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; } } else #endif /* defined(MBEDTLS_ECP_C) */ { - return( PSA_ERROR_NOT_SUPPORTED ); + status = PSA_ERROR_NOT_SUPPORTED; } + +exit: + /* Fill the unused part of the output buffer (the whole buffer on error, + * the trailing part on success) with something that isn't a valid mac + * (barring an attack on the mac and deliberately-crafted input), + * in case the caller doesn't check the return status properly. */ + if( status == PSA_SUCCESS ) + memset( signature + *signature_length, '!', + signature_size - *signature_length ); + else + memset( signature, '!', signature_size ); + return( status ); } psa_status_t psa_asymmetric_verify( psa_key_slot_t key, From 3ff2162d14dd4457eee3d206d755942fd5138249 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 17:37:13 +0200 Subject: [PATCH 0338/2197] Remove salt from asymmetric_{sign,verify} No common signature algorithm uses a salt (RSA-PKCS#1v1.5, RSA-PSS, DSA, ECDSA, EdDSA). We don't even take an IV for MAC whereas MAC algorithms with IV are uncommon but heard of. So remove the salt parameter from psa_asymmetric_sign and psa_asymmetric_verify. --- include/psa/crypto.h | 22 --------------------- library/psa_crypto.c | 10 ---------- tests/suites/test_suite_psa_crypto.function | 11 ----------- 3 files changed, 43 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8ac817a6e..68e3b0aa3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2241,15 +2241,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * the type of \p key. * \param[in] hash The hash or message to sign. * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] salt A salt or label, if supported by the - * signature algorithm. - * If the signature algorithm does not support - * a salt, pass \c NULL. - * If the signature algorithm supports an - * optional salt and you do not want to pass - * a salt, pass \c NULL. - * \param salt_length Size of the \p salt buffer in bytes. - * If \p salt is \c NULL, pass 0. * \param[out] signature Buffer where the signature is to be written. * \param signature_size Size of the \p signature buffer in bytes. * \param[out] signature_length On success, the number of bytes @@ -2274,8 +2265,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, uint8_t *signature, size_t signature_size, size_t *signature_length); @@ -2296,15 +2285,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \param[in] hash The hash or message whose signature is to be * verified. * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] salt A salt or label, if supported by the signature - * algorithm. - * If the signature algorithm does not support a - * salt, pass \c NULL. - * If the signature algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. - * \param salt_length Size of the \p salt buffer in bytes. - * If \p salt is \c NULL, pass 0. * \param[in] signature Buffer containing the signature to verify. * \param signature_length Size of the \p signature buffer in bytes. * @@ -2324,8 +2304,6 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, const uint8_t *signature, size_t signature_length); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index eb140ea2c..9988ec09e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1983,8 +1983,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, uint8_t *signature, size_t signature_size, size_t *signature_length ) @@ -1994,9 +1992,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, *signature_length = signature_size; - (void) salt; - (void) salt_length; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -2058,17 +2053,12 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, const uint8_t *signature, size_t signature_length ) { key_slot_t *slot; psa_status_t status; - (void) salt; - (void) salt_length; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cbb3f37b2..9505ab6eb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -294,7 +294,6 @@ static int exercise_signature_key( psa_key_slot_t key, { TEST_ASSERT( psa_asymmetric_sign( key, alg, payload, payload_length, - NULL, 0, signature, sizeof( signature ), &signature_length ) == PSA_SUCCESS ); } @@ -307,7 +306,6 @@ static int exercise_signature_key( psa_key_slot_t key, PSA_ERROR_INVALID_SIGNATURE ); TEST_ASSERT( psa_asymmetric_verify( key, alg, payload, payload_length, - NULL, 0, signature, signature_length ) == verify_status ); } @@ -965,7 +963,6 @@ void asymmetric_signature_key_policy( int policy_usage, status = psa_asymmetric_sign( key_slot, exercise_alg, payload, payload_length, - NULL, 0, signature, sizeof( signature ), &signature_length ); if( policy_alg == exercise_alg && @@ -977,7 +974,6 @@ void asymmetric_signature_key_policy( int policy_usage, memset( signature, 0, sizeof( signature ) ); status = psa_asymmetric_verify( key_slot, exercise_alg, payload, payload_length, - NULL, 0, signature, sizeof( signature ) ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) @@ -2011,7 +2007,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data, /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); /* Verify that the signature is what is expected. */ @@ -2061,7 +2056,6 @@ void sign_fail( int key_type_arg, data_t *key_data, actual_status = psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_size, &signature_length ); TEST_ASSERT( actual_status == expected_status ); @@ -2118,7 +2112,6 @@ void sign_verify( int key_type_arg, data_t *key_data, /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); /* Check that the signature length looks sensible. */ @@ -2129,7 +2122,6 @@ void sign_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_verify( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_length ) == PSA_SUCCESS ); if( input_data->len != 0 ) @@ -2141,7 +2133,6 @@ void sign_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_verify( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_length ) == PSA_ERROR_INVALID_SIGNATURE ); } @@ -2184,7 +2175,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_verify( slot, alg, hash_data->x, hash_data->len, - NULL, 0, signature_data->x, signature_data->len ) == PSA_SUCCESS ); exit: @@ -2225,7 +2215,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, actual_status = psa_asymmetric_verify( slot, alg, hash_data->x, hash_data->len, - NULL, 0, signature_data->x, signature_data->len ); From aa7bc47f738bc4c91a127b2a29029c5a8af63045 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 00:54:56 +0200 Subject: [PATCH 0339/2197] Add missing const on policy_get_xxx function parameter --- include/psa/crypto.h | 4 ++-- library/psa_crypto.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4c8cc40fd..e57f5647e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1205,10 +1205,10 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_algorithm_t alg); /** \brief Retrieve the usage field of a policy structure. */ -psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy); +psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); /** \brief Retrieve the algorithm field of a policy structure. */ -psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy); +psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); /** \brief Set the usage policy on a key slot. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 50a99904c..fce9e3c82 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2585,12 +2585,12 @@ void psa_key_policy_set_usage( psa_key_policy_t *policy, policy->alg = alg; } -psa_key_usage_t psa_key_policy_get_usage( psa_key_policy_t *policy ) +psa_key_usage_t psa_key_policy_get_usage( const psa_key_policy_t *policy ) { return( policy->usage ); } -psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy ) +psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) { return( policy->alg ); } From b0b255c82a4df82807c58636eb61cad999fb277f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Jul 2018 17:01:38 +0200 Subject: [PATCH 0340/2197] Always access key slots through accessor functions New functions psa_get_key_slot(), psa_get_empty_key_slot(), psa_get_key_from_slot() to access a key slot object from a key slot number. These functions perform all requisite validations: * psa_get_key_slot() verifies that the key slot number is in range. * psa_get_empty_key_slot() verifies that the slot is empty. * psa_get_key_from_slot() verifies that the slot contains a key with a suitable policy. Always use these functions so as to make sure that the requisite validations are always performed. --- library/psa_crypto.c | 254 ++++++++++++++++++++++++++----------------- 1 file changed, 152 insertions(+), 102 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6dff2f532..f156d0c27 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -339,6 +339,72 @@ static psa_status_t mbedtls_to_psa_error( int ret ) } } +/* Retrieve a key slot, occupied or not. */ +static psa_status_t psa_get_key_slot( psa_key_slot_t key, + key_slot_t **p_slot ) +{ + if( key == 0 || key > PSA_KEY_SLOT_COUNT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + *p_slot = &global_data.key_slots[key]; + return( PSA_SUCCESS ); +} + +/* Retrieve an empty key slot (slot with no key data, but possibly + * with some metadata such as a policy). */ +static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, + key_slot_t **p_slot ) +{ + psa_status_t status; + key_slot_t *slot = NULL; + + *p_slot = NULL; + + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + if( slot->type != PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_OCCUPIED_SLOT ); + + *p_slot = slot; + return( status ); +} + +/* Retrieve a slot which must contain a key. The key must have allow all + * the usage flags set in \p usage. If \p alg is nonzero, the key must + * allow operations with this algorithm. */ +static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, + key_slot_t **p_slot, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_status_t status; + key_slot_t *slot = NULL; + + *p_slot = NULL; + + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + /* Enforce that usage policy for the key slot contains all the flags + * required by the usage parameter. There is one exception: public + * keys can always be exported, so we treat public key objects as + * if they had the export flag. */ + if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) + usage &= ~PSA_KEY_USAGE_EXPORT; + if( ( slot->policy.usage & usage ) != usage ) + return( PSA_ERROR_NOT_PERMITTED ); + if( alg != 0 && ( alg != slot->policy.alg ) ) + return( PSA_ERROR_NOT_PERMITTED ); + + *p_slot = slot; + return( PSA_SUCCESS ); +} + /****************************************************************/ @@ -481,16 +547,13 @@ psa_status_t psa_import_key( psa_key_slot_t key, size_t data_length ) { key_slot_t *slot; - - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_OCCUPIED_SLOT ); + psa_status_t status = PSA_SUCCESS; + status = psa_get_empty_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); if( key_type_is_raw_bytes( type ) ) { - psa_status_t status; /* Ensure that a bytes-to-bit conversion won't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -510,7 +573,6 @@ psa_status_t psa_import_key( psa_key_slot_t key, { int ret; mbedtls_pk_context pk; - psa_status_t status = PSA_SUCCESS; mbedtls_pk_init( &pk ); if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); @@ -583,10 +645,12 @@ psa_status_t psa_import_key( psa_key_slot_t key, psa_status_t psa_destroy_key( psa_key_slot_t key ) { key_slot_t *slot; + psa_status_t status; + + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; if( slot->type == PSA_KEY_TYPE_NONE ) { /* No key material to clean, but do zeroize the slot below to wipe @@ -629,16 +693,19 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, size_t *bits ) { key_slot_t *slot; + psa_status_t status; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); - slot = &global_data.key_slots[key]; if( type != NULL ) - *type = slot->type; + *type = 0; if( bits != NULL ) *bits = 0; + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); + if( type != NULL ) + *type = slot->type; if( key_type_is_raw_bytes( slot->type ) ) { @@ -679,6 +746,13 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, int export_public_key ) { key_slot_t *slot; + psa_status_t status; + /* Exporting a public key doesn't require a usage flag. If we're + * called by psa_export_public_key(), don't require the EXPORT flag. + * If we're called by psa_export_key(), do require the EXPORT flag; + * if the key turns out to be public key object, psa_get_key_from_slot() + * will ignore this flag. */ + psa_key_usage_t usage = export_public_key ? 0 : PSA_KEY_USAGE_EXPORT; /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -686,20 +760,12 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, * unlikely to be accepted anywhere. */ *data_length = 0; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); - + status = psa_get_key_from_slot( key, &slot, usage, 0 ); + if( status != PSA_SUCCESS ) + return( status ); if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ! export_public_key && - ! PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) && - ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_NOT_PERMITTED ); - if( key_type_is_raw_bytes( slot->type ) ) { if( slot->data.raw.bytes > data_size ) @@ -1424,13 +1490,17 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + status = psa_get_key_from_slot( key, &slot, 0, alg ); + if( status != PSA_SUCCESS ) + return( status ); + /* Since this function is called identically for a sign or verify + * operation, we don't know yet whether the operation is permitted. + * Store the part of the key policy that we can't check in the + * operation structure. psa_mac_finish() or psa_mac_verify() will + * check that remaining part. */ if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; - if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) operation->key_usage_verify = 1; @@ -1919,27 +1989,14 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, (void) salt; (void) salt_length; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - { - status = PSA_ERROR_EMPTY_SLOT; + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg ); + if( status != PSA_SUCCESS ) goto exit; - } - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - { - status = PSA_ERROR_EMPTY_SLOT; - goto exit; - } if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( ! ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) ) - { - status = PSA_ERROR_NOT_PERMITTED; - goto exit; - } #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) @@ -1999,17 +2056,14 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, size_t signature_length ) { key_slot_t *slot; + psa_status_t status; (void) salt; (void) salt_length; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); - if( ! ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) ) - return( PSA_ERROR_NOT_PERMITTED ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg ); + if( status != PSA_SUCCESS ) + return( status ); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || @@ -2054,19 +2108,17 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, size_t *output_length ) { key_slot_t *slot; + psa_status_t status; + (void) salt; (void) salt_length; *output_length = 0; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + if( status != PSA_SUCCESS ) + return( status ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ! ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) ) - return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || @@ -2121,19 +2173,17 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, size_t *output_length ) { key_slot_t *slot; + psa_status_t status; + (void) salt; (void) salt_length; *output_length = 0; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_EMPTY_SLOT ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + if( status != PSA_SUCCESS ) + return( status ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( ! ( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) - return( PSA_ERROR_NOT_PERMITTED ); #if defined(MBEDTLS_RSA_C) if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) @@ -2216,6 +2266,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_key_type_t key_type; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; + psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_DECRYPT ); status = psa_cipher_init( operation, alg ); if( status != PSA_SUCCESS ) @@ -2224,7 +2277,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); - slot = &global_data.key_slots[key]; + status = psa_get_key_from_slot( key, &slot, usage, alg); + if( status != PSA_SUCCESS ) + return( status ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL ); if( cipher_info == NULL ) @@ -2525,13 +2580,14 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, const psa_key_policy_t *policy ) { key_slot_t *slot; + psa_status_t status; - if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL ) + if( policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_OCCUPIED_SLOT ); + status = psa_get_empty_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | @@ -2549,11 +2605,14 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key, psa_key_policy_t *policy ) { key_slot_t *slot; + psa_status_t status; - if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL ) + if( policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); *policy = slot->policy; @@ -2570,11 +2629,11 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key, psa_key_lifetime_t *lifetime ) { key_slot_t *slot; + psa_status_t status; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - slot = &global_data.key_slots[key]; + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); *lifetime = slot->lifetime; @@ -2585,18 +2644,16 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, psa_key_lifetime_t lifetime ) { key_slot_t *slot; - - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); + psa_status_t status; if( lifetime != PSA_KEY_LIFETIME_VOLATILE && lifetime != PSA_KEY_LIFETIME_PERSISTENT && lifetime != PSA_KEY_LIFETIME_WRITE_ONCE) return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_OCCUPIED_SLOT ); + status = psa_get_empty_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -2639,18 +2696,15 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + if( status != PSA_SUCCESS ) + return( status ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if( ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) == 0 ) - return( PSA_ERROR_NOT_PERMITTED ); - if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -2787,18 +2841,15 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, status = psa_get_key_information( key, &key_type, &key_bits ); if( status != PSA_SUCCESS ) return( status ); - slot = &global_data.key_slots[key]; - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + if( status != PSA_SUCCESS ) + return( status ); cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) ) - return( PSA_ERROR_NOT_PERMITTED ); - if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -2903,19 +2954,18 @@ psa_status_t psa_generate_key( psa_key_slot_t key, size_t parameters_size ) { key_slot_t *slot; + psa_status_t status; - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) - return( PSA_ERROR_INVALID_ARGUMENT ); - slot = &global_data.key_slots[key]; - if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_OCCUPIED_SLOT ); if( parameters == NULL && parameters_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_empty_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + if( key_type_is_raw_bytes( type ) ) { - psa_status_t status = prepare_raw_data_slot( type, bits, - &slot->data.raw ); + status = prepare_raw_data_slot( type, bits, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); status = psa_generate_random( slot->data.raw.data, From 1ae051409f69d0db7c492fa59b57bc8755c71109 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 17:46:59 +0200 Subject: [PATCH 0341/2197] Fix memory leak when importing an RSA key that is too large --- library/psa_crypto.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 19db5a9ec..1d5337bfb 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -514,7 +514,10 @@ psa_status_t psa_import_key( psa_key_slot_t key, mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); size_t bits = mbedtls_rsa_get_bitlen( rsa ); if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + { + status = PSA_ERROR_NOT_SUPPORTED; + break; + } slot->data.rsa = rsa; } else From 5390f695909db67994d2193f1115132b0a49b551 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Jun 2018 14:18:50 +0100 Subject: [PATCH 0342/2197] psa: Use type of block_size consistently Use size_t for block_size in psa_mac_abort() because psa_get_hash_block_size() returns a size_t. This also helps to avoid compiler warnings on LLP64 systems. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4b17e5594..dc0a27d6b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1253,7 +1253,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - unsigned int block_size = + size_t block_size = psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); if( block_size == 0 ) From 0b352bcf957694d81b747c92e6d71c6d596e84ed Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 00:16:11 +0200 Subject: [PATCH 0343/2197] Test that creating RSA keys larger than the maximum fails Test keypair import, public key import and key generation. --- tests/suites/test_suite_psa_crypto.data | 9 ++ tests/suites/test_suite_psa_crypto.function | 118 ++++++++++++++++++++ 2 files changed, 127 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1181fcd92..b281cb3af 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -129,6 +129,12 @@ PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT +PSA import RSA key pair: maximum size exceeded +import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED + +PSA import RSA public key: maximum size exceeded +import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED + PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE @@ -681,6 +687,9 @@ PSA generate key: RSA, 512 bits, good, encrypt depends_on:MBEDTLS_RSA_C generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS +PSA generate key: RSA, maximum size exceeded +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED + PSA generate key: ECC, SECP256R1, good depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 03ce5b33b..0d1a25c82 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include +#include "mbedtls/asn1write.h" #include "psa/crypto.h" #if(UINT32_MAX > SIZE_MAX) @@ -37,6 +38,88 @@ static int key_type_is_raw_bytes( psa_key_type_t type ) category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); } +/* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */ +static int asn1_write_10x( unsigned char **p, + unsigned char *start, + size_t bits, + unsigned char x ) +{ + int ret; + int len = bits / 8 + 1; + if( x >= 1 << bits ) + return( MBEDTLS_ERR_ASN1_INVALID_DATA ); + if( *p < start || *p - start < (ssize_t) len ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + *p -= len; + ( *p )[len-1] = x; + if( bits % 8 == 0 ) + ( *p )[1] |= 1; + else + ( *p )[0] |= 1 << ( bits % 8 ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_INTEGER ) ); + return( len ); +} + +static int construct_fake_rsa_key( unsigned char *buffer, + size_t buffer_size, + unsigned char **p, + size_t bits, + int keypair ) +{ + size_t half_bits = ( bits + 1 ) / 2; + int ret; + int len = 0; + /* Construct something that looks like a DER encoding of + * as defined by PKCS#1 v2.2 (RFC 8017) section A.1.2: + * RSAPrivateKey ::= SEQUENCE { + * version Version, + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * otherPrimeInfos OtherPrimeInfos OPTIONAL + * } + * Or, for a public key, the same structure with only + * version, modulus and publicExponent. + */ + *p = buffer + buffer_size; + if( keypair ) + { + MBEDTLS_ASN1_CHK_ADD( len, /* pq */ + asn1_write_10x( p, buffer, half_bits, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, /* dq */ + asn1_write_10x( p, buffer, half_bits, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, /* dp */ + asn1_write_10x( p, buffer, half_bits, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, /* q */ + asn1_write_10x( p, buffer, half_bits, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */ + asn1_write_10x( p, buffer, half_bits, 3 ) ); + MBEDTLS_ASN1_CHK_ADD( len, /* d */ + asn1_write_10x( p, buffer, bits, 1 ) ); + } + MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */ + asn1_write_10x( p, buffer, 17, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, /* n */ + asn1_write_10x( p, buffer, bits, 1 ) ); + if( keypair ) + MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */ + mbedtls_asn1_write_int( p, buffer, 0 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) ); + { + const unsigned char tag = + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE; + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) ); + } + return( len ); +} + static int exercise_mac_key( psa_key_slot_t key, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -304,6 +387,41 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) +{ + int slot = 1; + size_t bits = bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t status; + psa_key_type_t type = + keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; + size_t buffer_size = /* Slight overapproximations */ + keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; + unsigned char *buffer = mbedtls_calloc( 1, buffer_size ); + unsigned char *p; + int ret; + size_t length; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( buffer != NULL ); + + TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p, + bits, keypair ) ) >= 0 ); + length = ret; + + /* Try importing the key */ + status = psa_import_key( slot, type, p, length ); + TEST_ASSERT( status == expected_status ); + if( status == PSA_SUCCESS ) + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + +exit: + mbedtls_free( buffer ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_export( data_t *data, int type_arg, From 860ce9d9e53c700cdc20819fd70bae46d9262932 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 12:23:00 +0200 Subject: [PATCH 0344/2197] Document what the signature tests are doing a bit better Add a check that the purported output length is less than the buffer size in sign_fail. --- tests/suites/test_suite_psa_crypto.function | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2fba85414..1959e13d0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1589,17 +1589,21 @@ void sign_deterministic( int key_type_arg, data_t *key_data, NULL, &key_bits ) == PSA_SUCCESS ); + /* Allocate a buffer which has the size advertized by the + * library. */ signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); signature = mbedtls_calloc( 1, signature_size ); TEST_ASSERT( signature != NULL ); + /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); + /* Verify that the signature is correct. */ TEST_ASSERT( signature_length == output_data->len ); TEST_ASSERT( memcmp( signature, output_data->x, output_data->len ) == 0 ); @@ -1614,11 +1618,12 @@ exit: /* BEGIN_CASE */ void sign_fail( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, - int signature_size, int expected_status_arg ) + int signature_size_arg, int expected_status_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t signature_size = signature_size_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; unsigned char *signature = NULL; @@ -1649,7 +1654,11 @@ void sign_fail( int key_type_arg, data_t *key_data, signature, signature_size, &signature_length ); TEST_ASSERT( actual_status == expected_status ); - TEST_ASSERT( signature_length == 0 ); + /* The value of *signature_length is unspecified on error, but + * whatever it is, it should be less than signature_size, so that + * if the caller tries to read *signature_length bytes without + * checking the error code then they don't overflow a buffer. */ + TEST_ASSERT( signature_length <= signature_size ); exit: psa_destroy_key( slot ); From 630a18a51e8e04a2a73eff86f14786ca13f464d7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 17:49:35 +0200 Subject: [PATCH 0345/2197] Don't break the rsa context abstraction This would fail on alternative implementation. --- library/psa_crypto.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9988ec09e..af0b2f61a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1774,7 +1774,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, if( status != PSA_SUCCESS ) return( status ); - if( signature_size < rsa->len ) + if( signature_size < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if @@ -1822,7 +1822,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, } if( ret == 0 ) - *signature_length = rsa->len; + *signature_length = mbedtls_rsa_get_len( rsa ); return( mbedtls_to_psa_error( ret ) ); } @@ -1841,7 +1841,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, if( status != PSA_SUCCESS ) return( status ); - if( signature_length < rsa->len ) + if( signature_length < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21) @@ -2124,7 +2124,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - if( output_size < rsa->len ) + if( output_size < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) @@ -2150,7 +2150,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); } if( ret == 0 ) - *output_length = rsa->len; + *output_length = mbedtls_rsa_get_len( rsa ); return( mbedtls_to_psa_error( ret ) ); } else @@ -2189,7 +2189,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; - if( input_length != rsa->len ) + if( input_length != mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PKCS1_V15) From edd11a14aad385d508b85986580f432f1ac2e187 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 01:08:58 +0200 Subject: [PATCH 0346/2197] Doc: add [in] or [out] annotations to pointer arguments --- include/psa/crypto.h | 327 ++++++++++++++++++++++--------------------- 1 file changed, 166 insertions(+), 161 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e57f5647e..c2144fb49 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -963,7 +963,7 @@ typedef uint32_t psa_algorithm_t; * valid slot for a key of the chosen type. It must * be unoccupied. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param data Buffer containing the key data. + * \param[in] data Buffer containing the key data. * \param data_length Size of the \c data buffer in bytes. * * \retval #PSA_SUCCESS @@ -1027,10 +1027,10 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * * \param key Slot whose content is queried. This must * be an occupied key slot. - * \param type On success, the key type (a \c PSA_KEY_TYPE_XXX value). + * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value). * This may be a null pointer, in which case the key type * is not written. - * \param bits On success, the key size in bits. + * \param[out] bits On success, the key size in bits. * This may be a null pointer, in which case the key size * is not written. * @@ -1069,12 +1069,12 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. * - * \param key Slot whose content is to be exported. This must - * be an occupied key slot. - * \param data Buffer where the key data is to be written. - * \param data_size Size of the \c data buffer in bytes. - * \param data_length On success, the number of bytes - * that make up the key data. + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param[out] data Buffer where the key data is to be written. + * \param data_size Size of the \c data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key data. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_EMPTY_SLOT @@ -1100,12 +1100,12 @@ psa_status_t psa_export_key(psa_key_slot_t key, * the format is the DER representation of the public key defined by RFC 5280 * as SubjectPublicKeyInfo. * - * \param key Slot whose content is to be exported. This must - * be an occupied key slot. - * \param data Buffer where the key data is to be written. - * \param data_size Size of the \c data buffer in bytes. - * \param data_length On success, the number of bytes - * that make up the key data. + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param[out] data Buffer where the key data is to be written. + * \param data_size Size of the \c data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key data. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_EMPTY_SLOT @@ -1257,7 +1257,7 @@ typedef uint32_t psa_key_lifetime_t; * The assignment of lifetimes to slots is implementation-dependent. * * \param key Slot to query. - * \param lifetime On success, the lifetime value. + * \param[out] lifetime On success, the lifetime value. * * \retval #PSA_SUCCESS * Success. @@ -1365,9 +1365,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * - A failed call to psa_hash_update(). * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort(). * - * \param operation The operation object to use. - * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[out] operation The operation object to use. + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1387,9 +1387,9 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * * If this function returns an error status, the operation becomes inactive. * - * \param operation Active hash operation. - * \param input Buffer containing the message fragment to hash. - * \param input_length Size of the \c input buffer in bytes. + * \param[in,out] operation Active hash operation. + * \param[in] input Buffer containing the message fragment to hash. + * \param input_length Size of the \c input buffer in bytes. * * \retval #PSA_SUCCESS * Success. @@ -1420,13 +1420,13 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * about the hashed data which could allow an attacker to guess * a valid hash and thereby bypass security controls. * - * \param operation Active hash operation. - * \param hash Buffer where the hash is to be written. - * \param hash_size Size of the \p hash buffer in bytes. - * \param hash_length On success, the number of bytes - * that make up the hash value. This is always - * #PSA_HASH_SIZE(`alg`) where `alg` is the - * hash algorithm that is calculated. + * \param[in,out] operation Active hash operation. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_SIZE(`alg`) where `alg` is the + * hash algorithm that is calculated. * * \retval #PSA_SUCCESS * Success. @@ -1461,9 +1461,9 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * comparison between the actual hash and the expected hash is performed * in constant time. * - * \param operation Active hash operation. - * \param hash Buffer containing the expected hash value. - * \param hash_length Size of the \c hash buffer in bytes. + * \param[in,out] operation Active hash operation. + * \param[in] hash Buffer containing the expected hash value. + * \param hash_length Size of the \c hash buffer in bytes. * * \retval #PSA_SUCCESS * The expected hash is identical to the actual hash of the message. @@ -1493,7 +1493,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * to be indistinguishable from an active hash operation, and the behavior * of psa_hash_abort() is undefined in this case. * - * \param operation Active hash operation. + * \param[in,out] operation Active hash operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE @@ -1544,10 +1544,10 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * - A failed call to psa_mac_update(). * - A call to psa_mac_sign_finish() or psa_mac_abort(). * - * \param operation The operation object to use. - * \param key Slot containing the key to use for the operation. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(alg) is true). + * \param[out] operation The operation object to use. + * \param key Slot containing the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1592,10 +1592,10 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * - A failed call to psa_mac_update(). * - A call to psa_mac_verify_finish() or psa_mac_abort(). * - * \param operation The operation object to use. - * \param key Slot containing the key to use for the operation. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(\p alg) is true). + * \param[out] operation The operation object to use. + * \param key Slot containing the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1621,10 +1621,10 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * * If this function returns an error status, the operation becomes inactive. * - * \param operation Active MAC operation. - * \param input Buffer containing the message fragment to add to - * the MAC calculation. - * \param input_length Size of the \c input buffer in bytes. + * \param[in,out] operation Active MAC operation. + * \param[in] input Buffer containing the message fragment to add to + * the MAC calculation. + * \param input_length Size of the \c input buffer in bytes. * * \retval #PSA_SUCCESS * Success. @@ -1655,15 +1655,15 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * about the MAC value which could allow an attacker to guess * a valid MAC and thereby bypass security controls. * - * \param operation Active MAC operation. - * \param mac Buffer where the MAC value is to be written. - * \param mac_size Size of the \p mac buffer in bytes. - * \param mac_length On success, the number of bytes - * that make up the MAC value. This is always - * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg) - * where \c key_type and \c key_bits are the type and - * bit-size respectively of \c key and `alg` is the - * MAC algorithm that is calculated. + * \param[in,out] operation Active MAC operation. + * \param[out] mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param[out] mac_length On success, the number of bytes + * that make up the MAC value. This is always + * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and + * bit-size respectively of \c key and `alg` is the + * MAC algorithm that is calculated. * * \retval #PSA_SUCCESS * Success. @@ -1697,9 +1697,9 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * comparison between the actual MAC and the expected MAC is performed * in constant time. * - * \param operation Active MAC operation. - * \param mac Buffer containing the expected MAC value. - * \param mac_length Size of the \c mac buffer in bytes. + * \param[in,out] operation Active MAC operation. + * \param[in] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \c mac buffer in bytes. * * \retval #PSA_SUCCESS * The expected MAC is identical to the actual MAC of the message. @@ -1730,7 +1730,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * to be indistinguishable from an active MAC operation, and the behavior * of psa_mac_abort() is undefined in this case. * - * \param operation Active MAC operation. + * \param[in,out] operation Active MAC operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE @@ -1781,10 +1781,11 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * or psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * - * \param operation The operation object to use. - * \param key Slot containing the key to use for the operation. - * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[out] operation The operation object to use. + * \param key Slot containing the key to use for the operation. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1829,10 +1830,11 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * - A failed call to psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * - * \param operation The operation object to use. - * \param key Slot containing the key to use for the operation. - * \param alg The cipher algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[out] operation The operation object to use. + * \param key Slot containing the key to use for the operation. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -1862,10 +1864,11 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * * If this function returns an error status, the operation becomes inactive. * - * \param operation Active cipher operation. - * \param iv Buffer where the generated IV is to be written. - * \param iv_size Size of the \c iv buffer in bytes. - * \param iv_length On success, the number of bytes of the generated IV. + * \param[in,out] operation Active cipher operation. + * \param[out] iv Buffer where the generated IV is to be written. + * \param iv_size Size of the \c iv buffer in bytes. + * \param[out] iv_length On success, the number of bytes of the + * generated IV. * * \retval #PSA_SUCCESS * Success. @@ -1897,9 +1900,9 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * instead of this function, unless implementing a protocol that requires * a non-random IV. * - * \param operation Active cipher operation. - * \param iv Buffer containing the IV to use. - * \param iv_length Size of the IV in bytes. + * \param[in,out] operation Active cipher operation. + * \param[in] iv Buffer containing the IV to use. + * \param iv_length Size of the IV in bytes. * * \retval #PSA_SUCCESS * Success. @@ -1928,14 +1931,14 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * * If this function returns an error status, the operation becomes inactive. * - * \param operation Active cipher operation. - * \param input Buffer containing the message fragment to - * encrypt or decrypt. - * \param input_length Size of the \c input buffer in bytes. - * \param output Buffer where the output is to be written. - * \param output_size Size of the \c output buffer in bytes. - * \param output_length On success, the number of bytes - * that make up the returned output. + * \param[in,out] operation Active cipher operation. + * \param[in] input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \c input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. * * \retval #PSA_SUCCESS * Success. @@ -1969,11 +1972,11 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * * When this function returns, the operation becomes inactive. * - * \param operation Active cipher operation. - * \param output Buffer where the output is to be written. - * \param output_size Size of the \c output buffer in bytes. - * \param output_length On success, the number of bytes - * that make up the returned output. + * \param[in,out] operation Active cipher operation. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. * * \retval #PSA_SUCCESS * Success. @@ -2005,7 +2008,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * to be indistinguishable from an active cipher operation, and the behavior * of psa_cipher_abort() is undefined in this case. * - * \param operation Active cipher operation. + * \param[in,out] operation Active cipher operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE @@ -2048,15 +2051,15 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param nonce Nonce or IV to use. + * \param[in] nonce Nonce or IV to use. * \param nonce_length Size of the \p nonce buffer in bytes. - * \param additional_data Additional data that will be authenticated + * \param[in] additional_data Additional data that will be authenticated * but not encrypted. * \param additional_data_length Size of \p additional_data in bytes. - * \param plaintext Data that will be authenticated and + * \param[in] plaintext Data that will be authenticated and * encrypted. * \param plaintext_length Size of \p plaintext in bytes. - * \param ciphertext Output buffer for the authenticated and + * \param[out] ciphertext Output buffer for the authenticated and * encrypted data. The additional data is not * part of this output. For algorithms where the * encrypted data and the authentication tag @@ -2067,7 +2070,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * This must be at least * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, * \p plaintext_length). - * \param ciphertext_length On success, the size of the output + * \param[out] ciphertext_length On success, the size of the output * in the \b ciphertext buffer. * * \retval #PSA_SUCCESS @@ -2101,24 +2104,24 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param nonce Nonce or IV to use. + * \param[in] nonce Nonce or IV to use. * \param nonce_length Size of the \p nonce buffer in bytes. - * \param additional_data Additional data that has been authenticated + * \param[in] additional_data Additional data that has been authenticated * but not encrypted. * \param additional_data_length Size of \p additional_data in bytes. - * \param ciphertext Data that has been authenticated and + * \param[in] ciphertext Data that has been authenticated and * encrypted. For algorithms where the * encrypted data and the authentication tag * are defined as separate inputs, the buffer * must contain the encrypted data followed * by the authentication tag. * \param ciphertext_length Size of \p ciphertext in bytes. - * \param plaintext Output buffer for the decrypted data. + * \param[out] plaintext Output buffer for the decrypted data. * \param plaintext_size Size of the \p plaintext buffer in bytes. * This must be at least * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, * \p ciphertext_length). - * \param plaintext_length On success, the size of the output + * \param[out] plaintext_length On success, the size of the output * in the \b plaintext buffer. * * \retval #PSA_SUCCESS @@ -2174,24 +2177,24 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. * - * \param key Key slot containing an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of \c key. - * \param hash The hash or message to sign. - * \param hash_length Size of the \c hash buffer in bytes. - * \param salt A salt or label, if supported by the signature - * algorithm. - * If the signature algorithm does not support a - * salt, pass \c NULL. - * If the signature algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. - * \param signature Buffer where the signature is to be written. - * \param signature_size Size of the \c signature buffer in bytes. - * \param signature_length On success, the number of bytes - * that make up the returned signature value. + * \param key Key slot containing an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of \c key. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \c hash buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * signature algorithm. + * If the signature algorithm does not support + * a salt, pass \c NULL. + * If the signature algorithm supports an + * optional salt and you do not want to pass + * a salt, pass \c NULL. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \c signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -2231,10 +2234,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * asymmetric key pair. * \param alg A signature algorithm that is compatible with * the type of \c key. - * \param hash The hash or message whose signature is to be + * \param[in] hash The hash or message whose signature is to be * verified. * \param hash_length Size of the \c hash buffer in bytes. - * \param salt A salt or label, if supported by the signature + * \param[in] salt A salt or label, if supported by the signature * algorithm. * If the signature algorithm does not support a * salt, pass \c NULL. @@ -2243,7 +2246,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * pass \c NULL. * \param salt_length Size of the \c salt buffer in bytes. * If \c salt is \c NULL, pass 0. - * \param signature Buffer containing the signature to verify. + * \param[in] signature Buffer containing the signature to verify. * \param signature_length Size of the \c signature buffer in bytes. * * \retval #PSA_SUCCESS @@ -2275,28 +2278,29 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, /** * \brief Encrypt a short message with a public key. * - * \param key Key slot containing a public key or an asymmetric - * key pair. - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \c key. - * \param input The message to encrypt. - * \param input_length Size of the \c input buffer in bytes. - * \param salt A salt or label, if supported by the encryption - * algorithm. - * If the algorithm does not support a - * salt, pass \c NULL. - * If the algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. + * \param key Key slot containing a public key or an + * asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \c key. + * \param[in] input The message to encrypt. + * \param input_length Size of the \c input buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. - * \param output Buffer where the encrypted message is to be written. - * \param output_size Size of the \c output buffer in bytes. - * \param output_length On success, the number of bytes - * that make up the returned output. + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param[out] output Buffer where the encrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -2326,27 +2330,28 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, /** * \brief Decrypt a short message with a private key. * - * \param key Key slot containing an asymmetric key pair. - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \c key. - * \param input The message to decrypt. - * \param input_length Size of the \c input buffer in bytes. - * \param salt A salt or label, if supported by the encryption - * algorithm. - * If the algorithm does not support a - * salt, pass \c NULL. - * If the algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. + * \param key Key slot containing an asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \c key. + * \param[in] input The message to decrypt. + * \param input_length Size of the \c input buffer in bytes. + * \param[in] salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass \c NULL. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass \c NULL. * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. - * \param output Buffer where the decrypted message is to be written. - * \param output_size Size of the \c output buffer in bytes. - * \param output_length On success, the number of bytes - * that make up the returned output. + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the \c salt buffer in bytes. + * If \c salt is \c NULL, pass 0. + * \param[out] output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -2389,7 +2394,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, * * \note To generate a key, use psa_generate_key() instead. * - * \param output Output buffer for the generated data. + * \param[out] output Output buffer for the generated data. * \param output_size Number of bytes to generate and output. * * \retval #PSA_SUCCESS @@ -2410,7 +2415,7 @@ psa_status_t psa_generate_random(uint8_t *output, * be unoccupied. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * \param bits Key size in bits. - * \param parameters Extra parameters for key generation. The + * \param[in] parameters Extra parameters for key generation. The * interpretation of this parameter depends on * \c type. All types support \c NULL to use * the default parameters specified below. From da8191d1cd031d06fa78208f22dafadf659d0ca8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 19:46:38 +0200 Subject: [PATCH 0347/2197] Rename psa_hash_start -> psa_hash_setup Make function names for multipart operations more consistent (hash edition). --- include/psa/crypto.h | 20 ++++++++++---------- library/psa_crypto.c | 8 ++++---- tests/suites/test_suite_psa_crypto.function | 6 +++--- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 07ee00061..1ee403cf7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1165,7 +1165,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. - * -# Call psa_hash_start() to specify the algorithm. + * -# Call psa_hash_setup() to specify the algorithm. * -# Call psa_hash_update() zero, one or more times, passing a fragment * of the message each time. The hash that is calculated is the hash * of the concatenation of these messages in order. @@ -1173,9 +1173,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * To compare the hash with an expected value, call psa_hash_verify(). * * The application may call psa_hash_abort() at any time after the operation - * has been initialized with psa_hash_start(). + * has been initialized with psa_hash_setup(). * - * After a successful call to psa_hash_start(), the application must + * After a successful call to psa_hash_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_hash_update(). @@ -1194,12 +1194,12 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_hash_start(psa_hash_operation_t *operation, +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg); /** Add a message fragment to a multipart hash operation. * - * The application must call psa_hash_start() before calling this function. + * The application must call psa_hash_setup() before calling this function. * * If this function returns an error status, the operation becomes inactive. * @@ -1222,7 +1222,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, /** Finish the calculation of the hash of a message. * - * The application must call psa_hash_start() before calling this function. + * The application must call psa_hash_setup() before calling this function. * This function calculates the hash of the message formed by concatenating * the inputs passed to preceding calls to psa_hash_update(). * @@ -1265,7 +1265,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, /** Finish the calculation of the hash of a message and compare it with * an expected value. * - * The application must call psa_hash_start() before calling this function. + * The application must call psa_hash_setup() before calling this function. * This function calculates the hash of the message formed by concatenating * the inputs passed to preceding calls to psa_hash_update(). It then * compares the calculated hash with the expected hash passed as a @@ -1299,7 +1299,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, /** Abort a hash operation. * - * This function may be called at any time after psa_hash_start(). + * This function may be called at any time after psa_hash_setup(). * Aborting an operation frees all associated resources except for the * \c operation structure itself. * @@ -1680,7 +1680,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * \brief Sign a hash or short message with a private key. * * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_start(), psa_hash_update() + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() * and psa_hash_finish(). Then pass the resulting hash as the \p hash * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. @@ -1733,7 +1733,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \brief Verify the signature a hash or short message using a public key. * * Note that to perform a hash-and-sign signature algorithm, you must - * first calculate the hash by calling psa_hash_start(), psa_hash_update() + * first calculate the hash by calling psa_hash_setup(), psa_hash_update() * and psa_hash_finish(). Then pass the resulting hash as the \p hash * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc996a01c..76e1a68e5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -944,7 +944,7 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) return( PSA_SUCCESS ); } -psa_status_t psa_hash_start( psa_hash_operation_t *operation, +psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { int ret; @@ -1311,7 +1311,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( alg ) ); } else @@ -1445,7 +1445,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, opad[i] = ipad[i] ^ 0x36 ^ 0x5C; memset( opad + key_length, 0x5C, block_size - key_length ); - status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( alg ) ); if( status != PSA_SUCCESS ) goto cleanup; @@ -1627,7 +1627,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, goto cleanup; /* From here on, tmp needs to be wiped. */ - status = psa_hash_start( &operation->ctx.hmac.hash_ctx, + status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, PSA_ALG_HMAC_HASH( operation->alg ) ); if( status != PSA_SUCCESS ) goto hmac_cleanup; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3681a2ee1..438b7219f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1057,7 +1057,7 @@ void hash_setup( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - status = psa_hash_start( &operation, alg ); + status = psa_hash_setup( &operation, alg ); psa_hash_abort( &operation ); TEST_ASSERT( status == expected_status ); @@ -1084,7 +1084,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, input->x, input->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_finish( &operation, @@ -1115,7 +1115,7 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, input->x, input->len ) == PSA_SUCCESS ); From b870b188ad2007424bdabb9c1a7bc2a4975c37bb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Jul 2018 16:02:09 +0200 Subject: [PATCH 0348/2197] New internal function psa_get_key_bits Isolate the code of psa_get_key_information that calculates the bit size of a key into its own function which can be called by functions that have a key slot pointer. --- library/psa_crypto.c | 51 ++++++++++++++++++-------------------------- 1 file changed, 21 insertions(+), 30 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f156d0c27..63dbcce47 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -688,6 +688,24 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) return( PSA_SUCCESS ); } +/* Return the size of the key in the given slot, in bits. */ +static size_t psa_get_key_bits( const key_slot_t *slot ) +{ + if( key_type_is_raw_bytes( slot->type ) ) + return( slot->data.raw.bytes * 8 ); +#if defined(MBEDTLS_RSA_C) + if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || + slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + return( mbedtls_rsa_get_bitlen( slot->data.rsa ) ); +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + return( slot->data.ecp->grp.pbits ); +#endif /* defined(MBEDTLS_ECP_C) */ + /* Shouldn't happen except on an empty slot. */ + return( 0 ); +} + psa_status_t psa_get_key_information( psa_key_slot_t key, psa_key_type_t *type, size_t *bits ) @@ -702,40 +720,13 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); + if( slot->type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_EMPTY_SLOT ); if( type != NULL ) *type = slot->type; - - if( key_type_is_raw_bytes( slot->type ) ) - { - if( bits != NULL ) - *bits = slot->data.raw.bytes * 8; - } - else -#if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) - { - if( bits != NULL ) - *bits = mbedtls_rsa_get_bitlen( slot->data.rsa ); - } - else -#endif /* defined(MBEDTLS_RSA_C) */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - if( bits != NULL ) - *bits = slot->data.ecp->grp.pbits; - } - else -#endif /* defined(MBEDTLS_ECP_C) */ - { - /* Shouldn't happen: the key type is not any type that we - * put in. */ - return( PSA_ERROR_TAMPERING_DETECTED ); - } - + if( bits != NULL ) + *bits = psa_get_key_bits( slot ); return( PSA_SUCCESS ); } From 02b750781f64f04c9c23f06245f39535ac4607bb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 1 Jul 2018 22:31:34 +0200 Subject: [PATCH 0349/2197] Factor duplicated code into exercise_key Also fail the test if the test code lacks a way to exercise the key. --- tests/suites/test_suite_psa_crypto.function | 54 +++++++++++++-------- 1 file changed, 34 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5f705e3e3..1017e88c8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -345,6 +345,36 @@ static int exercise_asymmetric_encryption_key( psa_key_slot_t key, exit: return( 0 ); } + +static int exercise_key( psa_key_slot_t slot, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + int ok; + if( alg == 0 ) + ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */ + else if( PSA_ALG_IS_MAC( alg ) ) + ok = exercise_mac_key( slot, usage, alg ); + else if( PSA_ALG_IS_CIPHER( alg ) ) + ok = exercise_cipher_key( slot, usage, alg ); + else if( PSA_ALG_IS_AEAD( alg ) ) + ok = exercise_aead_key( slot, usage, alg ); + else if( PSA_ALG_IS_SIGN( alg ) ) + ok = exercise_signature_key( slot, usage, alg ); + else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) + ok = exercise_asymmetric_encryption_key( slot, usage, alg ); + else + { + char message[40]; + mbedtls_snprintf( message, sizeof( message ), + "No code to exercise alg=0x%08lx", + (unsigned long) alg ); + test_fail( message, __LINE__, __FILE__ ); + ok = 0; + } + return( ok ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -640,16 +670,8 @@ void import_and_exercise_key( data_t *data, TEST_ASSERT( got_bits == bits ); /* Do something with the key according to its type and permitted usage. */ - if( PSA_ALG_IS_MAC( alg ) ) - exercise_mac_key( slot, usage, alg ); - else if( PSA_ALG_IS_CIPHER( alg ) ) - exercise_cipher_key( slot, usage, alg ); - else if( PSA_ALG_IS_AEAD( alg ) ) - exercise_aead_key( slot, usage, alg ); - else if( PSA_ALG_IS_SIGN( alg ) ) - exercise_signature_key( slot, usage, alg ); - else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - exercise_asymmetric_encryption_key( slot, usage, alg ); + if( ! exercise_key( slot, usage, alg ) ) + goto exit; exit: psa_destroy_key( slot ); @@ -2260,16 +2282,8 @@ void generate_key( int type_arg, } /* Do something with the key according to its type and permitted usage. */ - if( PSA_ALG_IS_MAC( alg ) ) - exercise_mac_key( slot, usage, alg ); - else if( PSA_ALG_IS_CIPHER( alg ) ) - exercise_cipher_key( slot, usage, alg ); - else if( PSA_ALG_IS_AEAD( alg ) ) - exercise_aead_key( slot, usage, alg ); - else if( PSA_ALG_IS_SIGN( alg ) ) - exercise_signature_key( slot, usage, alg ); - else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - exercise_asymmetric_encryption_key( slot, usage, alg ); + if( ! exercise_key( slot, usage, alg ) ) + goto exit; exit: psa_destroy_key( slot ); From 23bbb757adc2bc84ff29f02db566e9755b123de2 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Jun 2018 14:16:54 +0100 Subject: [PATCH 0350/2197] psa: Pass the number of bits with explicit types The GCM, CCM, RSA, and cipher modules inconsistently use int or unsigned int for a count of bits. The PSA Crypto API uses size_t for counting things. This causes issues on LLP64 systems where a size_t can hold more than an unsigned int. Add casts for where key_bits and bits are passed to mbedtls_* APIs. --- library/psa_crypto.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dc0a27d6b..1bea9ed37 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1163,7 +1163,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( if( cipher_id != NULL ) *cipher_id = cipher_id_tmp; - return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) ); + return( mbedtls_cipher_info_from_values( cipher_id_tmp, + (int) key_bits, mode ) ); } static size_t psa_get_hash_block_size( psa_algorithm_t alg ) @@ -2188,7 +2189,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, { ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data, - key_bits, cipher_operation ); + (int) key_bits, cipher_operation ); } if( ret != 0 ) { @@ -2604,7 +2605,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_id, slot->data.raw.data, - key_bits ); + (unsigned int) key_bits ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); @@ -2637,7 +2638,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, - slot->data.raw.data, key_bits ); + slot->data.raw.data, + (unsigned int) key_bits ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); @@ -2743,7 +2745,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_gcm_init( &gcm ); ret = mbedtls_gcm_setkey( &gcm, cipher_id, - slot->data.raw.data, key_bits ); + slot->data.raw.data, + (unsigned int) key_bits ); if( ret != 0 ) { mbedtls_gcm_free( &gcm ); @@ -2775,7 +2778,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, mbedtls_ccm_init( &ccm ); ret = mbedtls_ccm_setkey( &ccm, cipher_id, - slot->data.raw.data, key_bits ); + slot->data.raw.data, + (unsigned int) key_bits ); if( ret != 0 ) { mbedtls_ccm_free( &ccm ); @@ -2882,7 +2886,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, ret = mbedtls_rsa_gen_key( rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, - bits, + (unsigned int) bits, exponent ); if( ret != 0 ) { From 07c91f5df33631c40c3152cc0db0923580bd1ab2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Jun 2018 18:02:53 +0200 Subject: [PATCH 0351/2197] Add notes about the purpose and usage of auxiliary header files --- include/psa/crypto_extra.h | 5 +++++ include/psa/crypto_platform.h | 10 ++++++++++ include/psa/crypto_sizes.h | 8 ++++++++ include/psa/crypto_struct.h | 10 ++++++++++ 4 files changed, 33 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b9e12bb6f..2d03f7311 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -2,6 +2,11 @@ * \file psa/crypto_extra.h * * \brief PSA cryptography module: Mbed TLS vendor extensions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file is reserved for vendor-specific definitions. */ /* * Copyright (C) 2018, ARM Limited, All Rights Reserved diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 7aabd1bc0..9af320d1e 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -2,6 +2,16 @@ * \file psa/crypto_platform.h * * \brief PSA cryptography module: Mbed TLS platfom definitions + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains platform-dependent type definitions. + * + * In implementations with isolation between the application and the + * cryptography module, implementers should take care to ensure that + * the definitions that are exposed to applications match what the + * module implements. */ /* * Copyright (C) 2018, ARM Limited, All Rights Reserved diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index f4d2cd839..80b2f9d62 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -3,12 +3,20 @@ * * \brief PSA cryptography module: Mbed TLS buffer size macros * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * * This file contains the definitions of macros that are useful to * compute buffer sizes. The signatures and semantics of these macros * are standardized, but the definitions are not, because they depend on * the available algorithms and, in some cases, on permitted tolerances * on buffer sizes. * + * In implementations with isolation between the application and the + * cryptography module, implementers should take care to ensure that + * the definitions that are exposed to applications match what the + * module implements. + * * Macros that compute sizes whose values do not depend on the * implementation are in crypto.h. */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 1935f9099..b981f23c7 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -2,6 +2,16 @@ * \file psa/crypto_struct.h * * \brief PSA cryptography module: Mbed TLS structured type implementations + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * This file contains the definitions of some data structures with + * implementation-specific definitions. + * + * In implementations with isolation between the application and the + * cryptography module, it is expected that the front-end and the back-end + * would have different versions of this file. */ /* * Copyright (C) 2018, ARM Limited, All Rights Reserved From 6b530867e4e504fa1aae7d762f81311e40846392 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 00:14:39 +0200 Subject: [PATCH 0352/2197] Test importing a key pair as a public key and vice versa --- tests/suites/test_suite_psa_crypto.data | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e964186c0..53d8c958f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -85,6 +85,14 @@ PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +PSA import RSA keypair: public key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT + +PSA import RSA public key: key pair +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_INVALID_ARGUMENT + PSA import RSA keypair: valid key but EC depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT @@ -97,7 +105,7 @@ PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS -PSA import/export-public PSA keypair: good, 1024-bit +PSA import/export-public RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS @@ -137,6 +145,18 @@ PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair: public key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + +PSA import EC public key: key pair +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +# For consistency with ECpub as ECpair, RSApub as RSApair and RSApair as RSApub, +# one would expect the status to be PSA_ERROR_INVALID_ARGUMENT. But the +# Mbed TLS pkparse module returns MBEDTLS_ERR_PK_INVALID_ALG, I think because +# it's looking for an OID where there is no OID. +import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED + PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT From 53d991e655b9141aad6d719629521606f312907e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 01:14:59 +0200 Subject: [PATCH 0353/2197] generate_key: rename \p parameters to \p extra \p parameters is a confusing name for a function parameter. Rename it to \p extra. --- include/psa/crypto.h | 15 ++++++++------- library/psa_crypto.c | 14 +++++++------- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c2144fb49..ff85924aa 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2415,21 +2415,22 @@ psa_status_t psa_generate_random(uint8_t *output, * be unoccupied. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * \param bits Key size in bits. - * \param[in] parameters Extra parameters for key generation. The + * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter depends on * \c type. All types support \c NULL to use * the default parameters specified below. - * \param parameters_size Size of the buffer that \p parameters - * points to, in bytes. + * \param extra_size Size of the buffer that \p extra + * points to, in bytes. Note that if \p extra is + * \c NULL then \p extra_size must be zero. * * For any symmetric key type (a type such that - * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \c parameters must be + * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \p extra must be * \c NULL. For asymmetric key types defined by this specification, * the parameter type and the default parameters are defined by the * table below. For vendor-defined key types, the vendor documentation * shall define the parameter type and the default parameters. * - * Type | Parameter type | Meaning | Parameters used if `parameters == NULL` + * Type | Parameter type | Meaning | Parameters used if `extra == NULL` * ---- | -------------- | ------- | --------------------------------------- * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537 * @@ -2445,8 +2446,8 @@ psa_status_t psa_generate_random(uint8_t *output, psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, size_t bits, - const void *parameters, - size_t parameters_size); + const void *extra, + size_t extra_size); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fce9e3c82..a256ad7ee 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2964,13 +2964,13 @@ psa_status_t psa_generate_random( uint8_t *output, psa_status_t psa_generate_key( psa_key_slot_t key, psa_key_type_t type, size_t bits, - const void *parameters, - size_t parameters_size ) + const void *extra, + size_t extra_size ) { key_slot_t *slot; psa_status_t status; - if( parameters == NULL && parameters_size != 0 ) + if( extra == NULL && extra_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_empty_key_slot( key, &slot ); @@ -3010,10 +3010,10 @@ psa_status_t psa_generate_key( psa_key_slot_t key, int exponent = 65537; if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); - if( parameters != NULL ) + if( extra != NULL ) { - const unsigned *p = parameters; - if( parameters_size != sizeof( *p ) ) + const unsigned *p = extra; + if( extra_size != sizeof( *p ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( *p > INT_MAX ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -3048,7 +3048,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, mbedtls_ecp_curve_info_from_grp_id( grp_id ); mbedtls_ecp_keypair *ecp; int ret; - if( parameters != NULL ) + if( extra != NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); From acd4be36faff4bd0f774fae95a7ee39853a84dc9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 19:56:25 +0200 Subject: [PATCH 0354/2197] Rename psa_mac_{finish,verify} -> psa_mac_{sign,verify}_finish Make function names for multipart operations more consistent (MAC finish edition). --- include/psa/crypto.h | 21 ++++++++++---------- include/psa/crypto_sizes.h | 4 ++-- library/psa_crypto.c | 18 ++++++++--------- tests/suites/test_suite_psa_crypto.function | 22 +++++++++++---------- 4 files changed, 34 insertions(+), 31 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1ee403cf7..957385916 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1345,8 +1345,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * -# Call psa_mac_update() zero, one or more times, passing a fragment * of the message each time. The MAC that is calculated is the MAC * of the concatenation of these messages in order. - * -# To calculate the MAC, call psa_mac_finish(). - * To compare the MAC with an expected value, call psa_mac_verify(). + * -# To calculate the MAC, call psa_mac_sign_finish(). + * To compare the MAC with an expected value, call psa_mac_verify_finish(). * * The application may call psa_mac_abort() at any time after the operation * has been initialized with psa_mac_start(). @@ -1355,7 +1355,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_mac_update(). - * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort(). + * - A call to psa_mac_sign_finish(), psa_mac_verify_finish() or + * psa_mac_abort(). * * \param operation The operation object to use. * \param key Slot containing the key to use for the operation. @@ -1383,14 +1384,14 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, size_t input_length); -psa_status_t psa_mac_finish(psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length); +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); -psa_status_t psa_mac_verify(psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length); +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length); psa_status_t psa_mac_abort(psa_mac_operation_t *operation); diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 80b2f9d62..574d3e55c 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -142,9 +142,9 @@ -/** The size of the output of psa_mac_finish(), in bytes. +/** The size of the output of psa_mac_sign_finish(), in bytes. * - * This is also the MAC size that psa_mac_verify() expects. + * This is also the MAC size that psa_mac_verify_finish() expects. * * \param key_type The type of the MAC key. * \param key_bits The size of the MAC key in bits. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 76e1a68e5..4c42d61e0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1483,8 +1483,8 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, /* Since this function is called identically for a sign or verify * operation, we don't know yet whether the operation is permitted. * Store the part of the key policy that we can't check in the - * operation structure. psa_mac_finish() or psa_mac_verify() will - * check that remaining part. */ + * operation structure. psa_mac_sign_finish() or psa_mac_verify_finish() + * will check that remaining part. */ if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) operation->key_usage_sign = 1; if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) @@ -1671,10 +1671,10 @@ cleanup: } } -psa_status_t psa_mac_finish( psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) +psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ) { if( ! operation->key_usage_sign ) return( PSA_ERROR_NOT_PERMITTED ); @@ -1683,9 +1683,9 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation, mac_size, mac_length ) ); } -psa_status_t psa_mac_verify( psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) +psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length ) { uint8_t actual_mac[PSA_MAC_MAX_SIZE]; size_t actual_mac_length; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 438b7219f..fcab07bc3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -141,9 +141,9 @@ static int exercise_mac_key( psa_key_slot_t key, TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_finish( &operation, - mac, sizeof( input ), - &mac_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_sign_finish( &operation, + mac, sizeof( input ), + &mac_length ) == PSA_SUCCESS ); } if( usage & PSA_KEY_USAGE_VERIFY ) @@ -155,7 +155,9 @@ static int exercise_mac_key( psa_key_slot_t key, TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_verify( &operation, mac, mac_length ) == verify_status ); + TEST_ASSERT( psa_mac_verify_finish( &operation, + mac, + mac_length ) == verify_status ); } return( 1 ); @@ -747,8 +749,8 @@ void mac_key_policy( int policy_usage, status = psa_mac_start( &operation, key_slot, exercise_alg ); if( status == PSA_SUCCESS ) - status = psa_mac_finish( &operation, - mac, sizeof( mac ), &output_length ); + status = psa_mac_sign_finish( &operation, + mac, sizeof( mac ), &output_length ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -759,7 +761,7 @@ void mac_key_policy( int policy_usage, memset( mac, 0, sizeof( mac ) ); status = psa_mac_start( &operation, key_slot, exercise_alg ); if( status == PSA_SUCCESS ) - status = psa_mac_verify( &operation, mac, sizeof( mac ) ); + status = psa_mac_verify_finish( &operation, mac, sizeof( mac ) ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); @@ -1198,9 +1200,9 @@ void mac_verify( int key_type_arg, TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input->x, input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_verify( &operation, - expected_mac->x, - expected_mac->len ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_verify_finish( &operation, + expected_mac->x, + expected_mac->len ) == PSA_SUCCESS ); exit: psa_destroy_key( key_slot ); From ab1d7ab89f66c08a32912c434558ba3268a7a98b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Jul 2018 16:07:47 +0200 Subject: [PATCH 0355/2197] Don't call psa_get_key_information internally When you have a key slot pointer, read the key type directly, and call psa_get_key_bits to get the bit size. --- library/psa_crypto.c | 47 +++++++++++++++++--------------------------- 1 file changed, 18 insertions(+), 29 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 63dbcce47..d730bd821 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1469,7 +1469,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, { psa_status_t status; key_slot_t *slot; - psa_key_type_t key_type; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; @@ -1477,10 +1476,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - status = psa_get_key_information( key, &key_type, &key_bits ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_get_key_from_slot( key, &slot, 0, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -1495,9 +1490,12 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) operation->key_usage_verify = 1; + key_bits = psa_get_key_bits( slot ); + if( ! PSA_ALG_IS_HMAC( alg ) ) { - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL ); + cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, + NULL ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); operation->mac_size = cipher_info->block_size; @@ -1515,7 +1513,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, default: #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) - status = psa_hmac_start( operation, key_type, slot, alg ); + status = psa_hmac_start( operation, slot->type, slot, alg ); else #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); @@ -2254,7 +2252,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; psa_status_t status; key_slot_t *slot; - psa_key_type_t key_type; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ? @@ -2265,14 +2262,12 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - status = psa_get_key_information( key, &key_type, &key_bits ); - if( status != PSA_SUCCESS ) - return( status ); status = psa_get_key_from_slot( key, &slot, usage, alg); if( status != PSA_SUCCESS ) return( status ); + key_bits = psa_get_key_bits( slot ); - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL ); + cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -2284,7 +2279,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, } #if defined(MBEDTLS_DES_C) - if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) + if( slot->type == PSA_KEY_TYPE_DES && key_bits == 128 ) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ unsigned char keys[24]; @@ -2336,11 +2331,11 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->key_set = 1; operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ? - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : + PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) : 1 ); if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR ) { - operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ); } return( PSA_SUCCESS ); @@ -2675,7 +2670,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, int ret; psa_status_t status; key_slot_t *slot; - psa_key_type_t key_type; size_t key_bits; uint8_t *tag; size_t tag_length; @@ -2684,19 +2678,17 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, *ciphertext_length = 0; - status = psa_get_key_information( key, &key_type, &key_bits ); - if( status != PSA_SUCCESS ) - return( status ); status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); + key_bits = psa_get_key_bits( slot ); - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, + cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -2705,7 +2697,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_gcm_context gcm; tag_length = 16; - if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 ) + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); //make sure we have place to hold the tag in the ciphertext buffer @@ -2736,7 +2728,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, mbedtls_ccm_context ccm; tag_length = 16; - if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 ) + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); if( nonce_length < 7 || nonce_length > 13 ) @@ -2820,7 +2812,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, int ret; psa_status_t status; key_slot_t *slot; - psa_key_type_t key_type; size_t key_bits; const uint8_t *tag; size_t tag_length; @@ -2829,19 +2820,17 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, *plaintext_length = 0; - status = psa_get_key_information( key, &key_type, &key_bits ); - if( status != PSA_SUCCESS ) - return( status ); status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); + key_bits = psa_get_key_bits( slot ); - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, + cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, &cipher_id ); if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != + if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) return( PSA_ERROR_INVALID_ARGUMENT ); From 3d91abefac0e6be0a6cc1aa094392181c549acb0 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 3 Jul 2018 13:15:54 +0300 Subject: [PATCH 0356/2197] Use PSA_BLOCK_CIPHER_BLOCK_SIZE() macro to get the cipher block size Use PSA_BLOCK_CIPHER_BLOCK_SIZE() macro to get the cipher block size instead of accessing the operation struct additionally, for SPM case, the 'block_size' member is not a member in the operation struct --- tests/suites/test_suite_psa_crypto.function | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1017e88c8..9eac29b43 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1057,7 +1057,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, iv_size ) == PSA_SUCCESS ); - output_buffer_size = input->len + operation.block_size; + output_buffer_size = (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); @@ -1126,7 +1127,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input->len + operation.block_size; + output_buffer_size = (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); @@ -1199,7 +1201,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = input->len + operation.block_size; + output_buffer_size = (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); @@ -1273,7 +1276,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_set_iv( &operation, iv, iv_size ) == PSA_SUCCESS ); - output_buffer_size = input->len + operation.block_size; + output_buffer_size = (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output = mbedtls_calloc( 1, output_buffer_size ); TEST_ASSERT( output != NULL ); @@ -1343,7 +1347,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_size = input->len + operation1.block_size; + output1_size = (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output1 = mbedtls_calloc( 1, output1_size ); TEST_ASSERT( output1 != NULL ); @@ -1429,7 +1434,8 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_buffer_size = input->len + operation1.block_size; + output1_buffer_size = (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output1 = mbedtls_calloc( 1, output1_buffer_size ); TEST_ASSERT( output1 != NULL ); From aee13338b3a26045a7a8c8ff999312a26c30b6f1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Jul 2018 12:15:28 +0200 Subject: [PATCH 0357/2197] Fix safe output length in hash and mac finish In psa_hash_finish and psa_mac_finish_internal, set the fallback output length (which is reported on error) to the output buffer size, not to the _expected_ buffer size which could be larger. --- library/psa_crypto.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1d5337bfb..a2f68975b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1013,7 +1013,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, /* Fill the output buffer with something that isn't a valid hash * (barring an attack on the hash and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ - *hash_length = actual_hash_length; + *hash_length = hash_size; /* If hash_size is 0 then hash may be NULL and then the * call to memset would have undefined behavior. */ if( hash_size != 0 ) @@ -1068,6 +1068,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, if( ret == 0 ) { + *hash_length = actual_hash_length; return( psa_hash_abort( operation ) ); } else @@ -1517,7 +1518,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, /* Fill the output buffer with something that isn't a valid mac * (barring an attack on the mac and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ - *mac_length = operation->mac_size; + *mac_length = mac_size; /* If mac_size is 0 then mac may be NULL and then the * call to memset would have undefined behavior. */ if( mac_size != 0 ) @@ -1583,6 +1584,7 @@ cleanup: if( ret == 0 && status == PSA_SUCCESS ) { + *mac_length = operation->mac_size; return( psa_mac_abort( operation ) ); } else From bbf97e3cf16cd2678dedf6c875eeb4e8c86acf54 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Jun 2018 14:20:51 +0100 Subject: [PATCH 0358/2197] psa: Pass hash_length with explicit types The RSA module uses unsigned int for hash_length. The PSA Crypto API uses size_t for hash_length. Cast hash_length to unsigned int when passed to the hash module. --- library/psa_crypto.c | 32 ++++++++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1bea9ed37..4a3363952 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1661,6 +1661,15 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, if( signature_size < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); + /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if + * hash_length will fit and return an error if it doesn't. */ +#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21) +#if SIZE_MAX > UINT_MAX + if( hash_length > UINT_MAX ) + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +#endif + #if defined(MBEDTLS_PKCS1_V15) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { @@ -1670,7 +1679,9 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PRIVATE, - md_alg, hash_length, hash, + md_alg, + (unsigned int) hash_length, + hash, signature ); } else @@ -1683,7 +1694,9 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PRIVATE, - md_alg, hash_length, hash, + md_alg, + (unsigned int) hash_length, + hash, signature ); } else @@ -1715,6 +1728,15 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, if( signature_length < rsa->len ) return( PSA_ERROR_BUFFER_TOO_SMALL ); +#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21) +#if SIZE_MAX > UINT_MAX + /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if + * hash_length will fit and return an error if it doesn't. */ + if( hash_length > UINT_MAX ) + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +#endif + #if defined(MBEDTLS_PKCS1_V15) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { @@ -1725,7 +1747,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, &global_data.ctr_drbg, MBEDTLS_RSA_PUBLIC, md_alg, - hash_length, + (unsigned int) hash_length, hash, signature ); } @@ -1739,7 +1761,9 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PUBLIC, - md_alg, hash_length, hash, + md_alg, + (unsigned int) hash_length, + hash, signature ); } else From 35da9a2f2efae290d1e54e7a27f76c310b5fa86c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 19:17:49 +0200 Subject: [PATCH 0359/2197] In psa_asymmetric_encrypt, allow public keys The code was accepting key pairs only, even though encryption doesn't require the private key. --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index af0b2f61a..a1b8104f7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2115,7 +2115,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || + PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) From 4c317f4b4c5dd3dce1b755bb12ad939ca1a7710e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 01:24:09 +0200 Subject: [PATCH 0360/2197] generate_key: define a structure type for RSA extra parameters --- include/psa/crypto.h | 11 ++++++++++- library/psa_crypto.c | 12 ++++++++---- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ff85924aa..b190907cf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2407,6 +2407,15 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, psa_status_t psa_generate_random(uint8_t *output, size_t output_size); +/** Extra parameters for RSA key generation. + * + * You may pass a pointer to a structure of this type as the `extra` + * parameter to psa_generate_key(). + */ +typedef struct { + uint32_t e; /**! Public exponent value. Default: 65537. */ +} psa_generate_key_extra_rsa; + /** * \brief Generate a key or key pair. * @@ -2432,7 +2441,7 @@ psa_status_t psa_generate_random(uint8_t *output, * * Type | Parameter type | Meaning | Parameters used if `extra == NULL` * ---- | -------------- | ------- | --------------------------------------- - * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537 + * `PSA_KEY_TYPE_RSA_KEYPAIR` | #psa_generate_key_extra_rsa | Public exponent | 65537 * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_NOT_SUPPORTED diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a256ad7ee..eb140ea2c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3012,12 +3012,16 @@ psa_status_t psa_generate_key( psa_key_slot_t key, return( PSA_ERROR_NOT_SUPPORTED ); if( extra != NULL ) { - const unsigned *p = extra; + const psa_generate_key_extra_rsa *p = extra; if( extra_size != sizeof( *p ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( *p > INT_MAX ) - return( PSA_ERROR_INVALID_ARGUMENT ); - exponent = *p; +#if INT_MAX < 0xffffffff + /* Check that the uint32_t value passed by the caller fits + * in the range supported by this implementation. */ + if( p->e > INT_MAX ) + return( PSA_ERROR_NOT_SUPPORTED ); +#endif + exponent = p->e; } rsa = mbedtls_calloc( 1, sizeof( *rsa ) ); if( rsa == NULL ) From 89167cb597c58dd6b9516c6701ab0dc86496adb8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 20:12:23 +0200 Subject: [PATCH 0361/2197] Split psa_mac_setup -> psa_mac_{sign,verify}_setup Make function names for multipart operations more consistent (MAC setup edition). Split psa_mac_setup into two functions psa_mac_sign_setup and psa_mac_verify_setup. These functions behave identically except that they require different usage flags on the key. The goal of the split is to enforce the key policy during setup rather than at the end of the operation (which was a bit of a hack). In psa_mac_sign_finish and psa_mac_verify_finish, if the operation is of the wrong type, abort the operation before returning BAD_STATE. --- include/psa/crypto.h | 80 +++++++++++++++++---- include/psa/crypto_struct.h | 3 +- library/psa_crypto.c | 67 ++++++++++------- tests/suites/test_suite_psa_crypto.function | 23 +++--- 4 files changed, 116 insertions(+), 57 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 957385916..98573c90f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1333,30 +1333,32 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * as directed by the documentation of a specific implementation. */ typedef struct psa_mac_operation_s psa_mac_operation_t; -/** Start a multipart MAC operation. +/** Start a multipart MAC calculation operation. * - * The sequence of operations to calculate a MAC (message authentication code) - * is as follows: + * This function sets up the calculation of the MAC + * (message authentication code) of a byte string. + * To verify the MAC of a message against an + * expected value, use psa_mac_verify_setup() instead. + * + * The sequence of operations to calculate a MAC is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. - * -# Call psa_mac_start() to specify the algorithm and key. + * -# Call psa_mac_sign_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. * -# Call psa_mac_update() zero, one or more times, passing a fragment * of the message each time. The MAC that is calculated is the MAC * of the concatenation of these messages in order. - * -# To calculate the MAC, call psa_mac_sign_finish(). - * To compare the MAC with an expected value, call psa_mac_verify_finish(). + * -# At the end of the message, call psa_mac_sign_finish() to finish + * calculating the MAC value and retrieve it. * * The application may call psa_mac_abort() at any time after the operation - * has been initialized with psa_mac_start(). + * has been initialized with psa_mac_sign_setup(). * - * After a successful call to psa_mac_start(), the application must - * eventually terminate the operation. The following events terminate an - * operation: + * After a successful call to psa_mac_sign_setup(), the application must + * eventually terminate the operation through one of the following methods: * - A failed call to psa_mac_update(). - * - A call to psa_mac_sign_finish(), psa_mac_verify_finish() or - * psa_mac_abort(). + * - A call to psa_mac_sign_finish() or psa_mac_abort(). * * \param operation The operation object to use. * \param key Slot containing the key to use for the operation. @@ -1376,9 +1378,57 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_mac_start(psa_mac_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg); +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); + +/** Start a multipart MAC verification operation. + * + * This function sets up the verification of the MAC + * (message authentication code) of a byte string against an expected value. + * + * The sequence of operations to verify a MAC is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Call psa_mac_verify_setup() to specify the algorithm and key. + * The key remains associated with the operation even if the content + * of the key slot changes. + * -# Call psa_mac_update() zero, one or more times, passing a fragment + * of the message each time. The MAC that is calculated is the MAC + * of the concatenation of these messages in order. + * -# At the end of the message, call psa_mac_verify_finish() to finish + * calculating the actual MAC of the message and verify it against + * the expected value. + * + * The application may call psa_mac_abort() at any time after the operation + * has been initialized with psa_mac_verify_setup(). + * + * After a successful call to psa_mac_verify_setup(), the application must + * eventually terminate the operation through one of the following methods: + * - A failed call to psa_mac_update(). + * - A call to psa_mac_verify_finish() or psa_mac_abort(). + * + * \param operation The operation object to use. + * \param key Slot containing the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(alg) is true). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_NOT_PERMITTED + * \retval PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg. + * \retval PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a MAC algorithm. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b981f23c7..85c997485 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -102,8 +102,7 @@ struct psa_mac_operation_s int iv_required : 1; int iv_set : 1; int has_input : 1; - int key_usage_sign : 1; - int key_usage_verify : 1; + int is_sign : 1; uint8_t mac_size; union { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4c42d61e0..61eef45ca 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1296,8 +1296,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, operation->iv_set = 0; operation->iv_required = 0; operation->has_input = 0; - operation->key_usage_sign = 0; - operation->key_usage_verify = 0; + operation->is_sign = 0; #if defined(MBEDTLS_CMAC_C) if( alg == PSA_ALG_CMAC ) @@ -1367,14 +1366,13 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) operation->iv_set = 0; operation->iv_required = 0; operation->has_input = 0; - operation->key_usage_sign = 0; - operation->key_usage_verify = 0; + operation->is_sign = 0; return( PSA_SUCCESS ); } #if defined(MBEDTLS_CMAC_C) -static int psa_cmac_start( psa_mac_operation_t *operation, +static int psa_cmac_setup( psa_mac_operation_t *operation, size_t key_bits, key_slot_t *slot, const mbedtls_cipher_info_t *cipher_info ) @@ -1395,7 +1393,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation, #endif /* MBEDTLS_CMAC_C */ #if defined(MBEDTLS_MD_C) -static int psa_hmac_start( psa_mac_operation_t *operation, +static int psa_hmac_setup( psa_mac_operation_t *operation, psa_key_type_t key_type, key_slot_t *slot, psa_algorithm_t alg ) @@ -1457,39 +1455,34 @@ cleanup: mbedtls_zeroize( ipad, key_length ); /* opad is in the context. It needs to stay in memory if this function * succeeds, and it will be wiped by psa_mac_abort() called from - * psa_mac_start in the error case. */ + * psa_mac_setup in the error case. */ return( status ); } #endif /* MBEDTLS_MD_C */ -psa_status_t psa_mac_start( psa_mac_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg, + int is_sign ) { psa_status_t status; key_slot_t *slot; size_t key_bits; + psa_key_usage_t usage = + is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; const mbedtls_cipher_info_t *cipher_info = NULL; status = psa_mac_init( operation, alg ); if( status != PSA_SUCCESS ) return( status ); + if( is_sign ) + operation->is_sign = 1; - status = psa_get_key_from_slot( key, &slot, 0, alg ); + status = psa_get_key_from_slot( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); - /* Since this function is called identically for a sign or verify - * operation, we don't know yet whether the operation is permitted. - * Store the part of the key policy that we can't check in the - * operation structure. psa_mac_sign_finish() or psa_mac_verify_finish() - * will check that remaining part. */ - if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 ) - operation->key_usage_sign = 1; - if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 ) - operation->key_usage_verify = 1; - key_bits = psa_get_key_bits( slot ); if( ! PSA_ALG_IS_HMAC( alg ) ) @@ -1504,7 +1497,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, { #if defined(MBEDTLS_CMAC_C) case PSA_ALG_CMAC: - status = mbedtls_to_psa_error( psa_cmac_start( operation, + status = mbedtls_to_psa_error( psa_cmac_setup( operation, key_bits, slot, cipher_info ) ); @@ -1513,7 +1506,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, default: #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) - status = psa_hmac_start( operation, slot->type, slot, alg ); + status = psa_hmac_setup( operation, slot->type, slot, alg ); else #endif /* MBEDTLS_MD_C */ return( PSA_ERROR_NOT_SUPPORTED ); @@ -1532,6 +1525,20 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation, return( status ); } +psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) +{ + return( psa_mac_setup( operation, key, alg, 1 ) ); +} + +psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) +{ + return( psa_mac_setup( operation, key, alg, 0 ) ); +} + psa_status_t psa_mac_update( psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -1676,8 +1683,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, size_t mac_size, size_t *mac_length ) { - if( ! operation->key_usage_sign ) - return( PSA_ERROR_NOT_PERMITTED ); + if( ! operation->is_sign ) + { + psa_mac_abort( operation ); + return( PSA_ERROR_BAD_STATE ); + } return( psa_mac_finish_internal( operation, mac, mac_size, mac_length ) ); @@ -1691,8 +1701,11 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, size_t actual_mac_length; psa_status_t status; - if( ! operation->key_usage_verify ) - return( PSA_ERROR_NOT_PERMITTED ); + if( operation->is_sign ) + { + psa_mac_abort( operation ); + return( PSA_ERROR_BAD_STATE ); + } status = psa_mac_finish_internal( operation, actual_mac, sizeof( actual_mac ), diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index fcab07bc3..3a03a76bf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -138,7 +138,8 @@ static int exercise_mac_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_SIGN ) { - TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_sign_setup( &operation, + key, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_sign_finish( &operation, @@ -152,7 +153,8 @@ static int exercise_mac_key( psa_key_slot_t key, ( usage & PSA_KEY_USAGE_SIGN ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_verify_setup( &operation, + key, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify_finish( &operation, @@ -736,7 +738,6 @@ void mac_key_policy( int policy_usage, psa_mac_operation_t operation; psa_status_t status; unsigned char mac[PSA_MAC_MAX_SIZE]; - size_t output_length; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -747,10 +748,7 @@ void mac_key_policy( int policy_usage, TEST_ASSERT( psa_import_key( key_slot, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_mac_start( &operation, key_slot, exercise_alg ); - if( status == PSA_SUCCESS ) - status = psa_mac_sign_finish( &operation, - mac, sizeof( mac ), &output_length ); + status = psa_mac_sign_setup( &operation, key_slot, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -759,12 +757,10 @@ void mac_key_policy( int policy_usage, psa_mac_abort( &operation ); memset( mac, 0, sizeof( mac ) ); - status = psa_mac_start( &operation, key_slot, exercise_alg ); - if( status == PSA_SUCCESS ) - status = psa_mac_verify_finish( &operation, mac, sizeof( mac ) ); + status = psa_mac_verify_setup( &operation, key_slot, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) - TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); + TEST_ASSERT( status == PSA_SUCCESS ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1155,7 +1151,7 @@ void mac_setup( int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - status = psa_mac_start( &operation, key_slot, alg ); + status = psa_mac_sign_setup( &operation, key_slot, alg ); psa_mac_abort( &operation ); TEST_ASSERT( status == expected_status ); @@ -1196,7 +1192,8 @@ void mac_verify( int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_verify_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input->x, input->len ) == PSA_SUCCESS ); From 69e033aea05618084e3ac3aa1b264c617c717c21 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Jul 2018 15:47:54 +0200 Subject: [PATCH 0362/2197] RSA encryption: accept input=NULL if ilen=0 In mbedtls_rsa_rsaes_oaep_encrypt and mbedtls_rsa_rsaes_pkcs1_v15_encrypt, if the input length is 0 (which is unusual and mostly useless, but permitted) then it is fine for the input pointer to be NULL. Don't return an error in this case. When `input` is NULL, `memcpy( p, input, ilen )` has undefined behavior even if `ilen` is zero. So skip the `memcpy` call in this case. Likewise, in `mbedtls_rsa_rsaes_oaep_decrypt` and `mbedtls_rsa_rsaes_pkcs1_v15_decrypt`, skip the `memcpy` call if `*olen` is zero. --- library/rsa.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index ad196391f..499d14540 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1122,7 +1122,8 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, p += hlen; p += olen - 2 * hlen - 2 - ilen; *p++ = 1; - memcpy( p, input, ilen ); + if( ilen != 0 ) + memcpy( p, input, ilen ); mbedtls_md_init( &md_ctx ); if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) @@ -1169,7 +1170,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); // We don't check p_rng because it won't be dereferenced here - if( f_rng == NULL || input == NULL || output == NULL ) + if( f_rng == NULL || output == NULL ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if( ilen != 0 && input == NULL ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -1209,7 +1212,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, } *p++ = 0; - memcpy( p, input, ilen ); + if( ilen != 0 ) + memcpy( p, input, ilen ); return( ( mode == MBEDTLS_RSA_PUBLIC ) ? mbedtls_rsa_public( ctx, output, output ) @@ -1373,7 +1377,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, } *olen = ilen - (p - buf); - memcpy( output, p, *olen ); + if( *olen != 0 ) + memcpy( output, p, *olen ); ret = 0; cleanup: @@ -1471,7 +1476,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, } *olen = ilen - (p - buf); - memcpy( output, p, *olen ); + if( *olen != 0 ) + memcpy( output, p, *olen ); ret = 0; cleanup: From 2701005b46953d6f993a57115ceda2d1384c8bd1 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Tue, 3 Jul 2018 13:16:15 +0300 Subject: [PATCH 0363/2197] Modifications for psa-crypto in order to integrate with SPM Add required includes in tests and psa_crypto.c file in order to be able to compilef for the SPM solution. Some functions needed to be deprecated from psa_crypto.c since they already implemented in the SPM. --- library/psa_crypto.c | 15 +++++++++++++-- tests/suites/test_suite_psa_crypto.function | 5 +++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ca461c20e..68fa0ef67 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -27,6 +27,17 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) +//! In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure +//! Partition Manager) integration which separate the code into two parts +//! NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment). +//! In this mode an additional header file should be included. +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +//! PSA_CRYPTO_SECURE means that this file is compiled to the SPE side. +//! some headers will be affected by this flag. +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif + #include "psa/crypto.h" #include @@ -2481,7 +2492,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) /****************************************************************/ /* Key Policy */ /****************************************************************/ - +#if !defined(MBEDTLS_PSA_CRYPTO_SPM) void psa_key_policy_init( psa_key_policy_t *policy ) { memset( policy, 0, sizeof( *policy ) ); @@ -2504,7 +2515,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy ) { return( policy->alg ); } - +#endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */ psa_status_t psa_set_key_policy( psa_key_slot_t key, const psa_key_policy_t *policy ) { diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9eac29b43..c90447f81 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1,5 +1,10 @@ /* BEGIN_HEADER */ #include + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif + #include "mbedtls/asn1write.h" #include "psa/crypto.h" From 1d96fff61a26090ea6f4c0ad4ee078b39a912aef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Jul 2018 12:15:39 +0200 Subject: [PATCH 0364/2197] In psa_mac_finish, write a safe output even in the BAD_STATE case --- library/psa_crypto.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a2f68975b..ca461c20e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1510,10 +1510,6 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, { int ret = 0; psa_status_t status = PSA_SUCCESS; - if( ! operation->key_set ) - return( PSA_ERROR_BAD_STATE ); - if( operation->iv_required && ! operation->iv_set ) - return( PSA_ERROR_BAD_STATE ); /* Fill the output buffer with something that isn't a valid mac * (barring an attack on the mac and deliberately-crafted input), @@ -1524,6 +1520,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( mac_size != 0 ) memset( mac, '!', mac_size ); + if( ! operation->key_set ) + return( PSA_ERROR_BAD_STATE ); + if( operation->iv_required && ! operation->iv_set ) + return( PSA_ERROR_BAD_STATE ); + if( mac_size < operation->mac_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); From 656896e4c36749f03b7ec24defad1fbc485d1944 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 19:12:28 +0200 Subject: [PATCH 0365/2197] Add positive asymmetric encryption tests Revise the test function asymmetric_encrypt_fail into asymmetric_encrypt and use it for positive tests as well. Get the expected output length from PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE. Check the actual output length against test data. Add positive test cases for encryption: one with an RSA public key (this is the only test for encryption with a public key rather than a key pair) and one with a key pair. --- tests/suites/test_suite_psa_crypto.data | 30 ++++-- tests/suites/test_suite_psa_crypto.function | 102 +++++++++++--------- 2 files changed, 75 insertions(+), 57 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 53d8c958f..f61c281b5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -745,6 +745,22 @@ PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +PSA encrypt: RSA PKCS#1 v1.5, good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS + +PSA encrypt: RSA PKCS#1 v1.5, key pair +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS + +PSA encrypt: invalid algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT + +PSA encrypt: RSA PKCS#1 v1.5: invalid key type +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT + PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" @@ -753,14 +769,6 @@ PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" -PSA encrypt: invalid algorithm -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT - -PSA encrypt: RSA PKCS#1 v1.5: invalid key type -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT - PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32 @@ -773,7 +781,11 @@ PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT -PSA decrypt: RSA PKCS#1 v1.5: invalid key type +PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT + +PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9505ab6eb..71325745a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2226,6 +2226,60 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void asymmetric_encrypt( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + int expected_output_length_arg, + int expected_status_arg ) +{ + int slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t expected_output_length = expected_output_length_arg; + size_t key_bits; + unsigned char *output = NULL; + size_t output_size; + size_t output_length = ~0; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + psa_key_policy_t policy; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Import the key */ + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( slot, key_type, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + /* Determine the maximum output length */ + TEST_ASSERT( psa_get_key_information( slot, + NULL, + &key_bits ) == PSA_SUCCESS ); + output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); + output = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output != NULL ); + + /* Encrypt the input */ + actual_status = psa_asymmetric_encrypt( slot, alg, + input_data->x, input_data->len, + NULL, 0, + output, output_size, + &output_length ); + TEST_ASSERT( actual_status == expected_status ); + TEST_ASSERT( output_length == expected_output_length ); + +exit: + psa_destroy_key( slot ); + mbedtls_free( output ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data ) @@ -2290,54 +2344,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - int expected_status_arg ) -{ - int slot = 1; - psa_key_type_t key_type = key_type_arg; - psa_algorithm_t alg = alg_arg; - unsigned char *output = NULL; - size_t output_size = 0; - size_t output_length = 0; - psa_status_t actual_status; - psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy; - - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - - output_size = key_data->len; - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); - - actual_status = psa_asymmetric_encrypt( slot, alg, - input_data->x, input_data->len, - NULL, 0, - output, output_size, - &output_length ); - TEST_ASSERT( actual_status == expected_status ); - -exit: - psa_destroy_key( slot ); - mbedtls_free( output ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void asymmetric_decrypt( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, From 3fa675cd971941c58405f6f30ee69cca62c8fc78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 01:31:03 +0200 Subject: [PATCH 0366/2197] Doc: generate_key: improve documentation of \p extra --- include/psa/crypto.h | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b190907cf..3cd516097 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2427,22 +2427,27 @@ typedef struct { * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter depends on * \c type. All types support \c NULL to use - * the default parameters specified below. + * default parameters. Implementation that support + * the generation of vendor-specific key types + * that allow extra parameters shall document + * the format of these extra parameters and + * the default values. For standard parameters, + * the meaning of \p extra is as follows: + * - For a symmetric key type (a type \c type such + * that #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is + * false), \p extra must be \c NULL. + * - For an elliptic curve key type (a type \c type + * such that #PSA_KEY_TYPE_IS_ECC(\p type) is + * false), \p extra must be \c NULL. + * - For an RSA key, \p extra is an optional + * #psa_generate_key_extra_rsa structure + * specifying the public exponent. The + * default public exponent used when \p extra + * is \c NULL is 65537. * \param extra_size Size of the buffer that \p extra * points to, in bytes. Note that if \p extra is * \c NULL then \p extra_size must be zero. * - * For any symmetric key type (a type such that - * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \p extra must be - * \c NULL. For asymmetric key types defined by this specification, - * the parameter type and the default parameters are defined by the - * table below. For vendor-defined key types, the vendor documentation - * shall define the parameter type and the default parameters. - * - * Type | Parameter type | Meaning | Parameters used if `extra == NULL` - * ---- | -------------- | ------- | --------------------------------------- - * `PSA_KEY_TYPE_RSA_KEYPAIR` | #psa_generate_key_extra_rsa | Public exponent | 65537 - * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT From 5d0b864944c7017a59c7adaf97c3881612001d8b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 20:35:02 +0200 Subject: [PATCH 0367/2197] Streamline cleanup logic in MAC finish Reorganize error handling code in psa_mac_finish_internal, psa_mac_sign_finish and psa_mac_verify finish to ensure that: * psa_mac_abort() is always called, on all success and error paths. * psa_mac_finish places a safe value in the output parameters on all error paths, even if abort fails. --- library/psa_crypto.c | 106 +++++++++++++++++++++++-------------------- 1 file changed, 58 insertions(+), 48 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 61eef45ca..a29c07769 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1585,20 +1585,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, uint8_t *mac, - size_t mac_size, - size_t *mac_length ) + size_t mac_size ) { - int ret = 0; - psa_status_t status = PSA_SUCCESS; - - /* Fill the output buffer with something that isn't a valid mac - * (barring an attack on the mac and deliberately-crafted input), - * in case the caller doesn't check the return status properly. */ - *mac_length = mac_size; - /* If mac_size is 0 then mac may be NULL and then the - * call to memset would have undefined behavior. */ - if( mac_size != 0 ) - memset( mac, '!', mac_size ); + psa_status_t status; if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); @@ -1612,8 +1601,10 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, { #if defined(MBEDTLS_CMAC_C) case PSA_ALG_CMAC: - ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac ); - break; + { + int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac ); + return( mbedtls_to_psa_error( ret ) ); + } #endif /* MBEDTLS_CMAC_C */ default: #if defined(MBEDTLS_MD_C) @@ -1631,7 +1622,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, sizeof( tmp ), &hash_size ); if( status != PSA_SUCCESS ) - goto cleanup; + return( status ); /* From here on, tmp needs to be wiped. */ status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, @@ -1650,32 +1641,21 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, goto hmac_cleanup; status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac, - mac_size, mac_length ); + mac_size, &hash_size ); hmac_cleanup: mbedtls_zeroize( tmp, hash_size ); } else #endif /* MBEDTLS_MD_C */ { - ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; + /* This shouldn't happen if operation was initialized by + * a setup function. */ + return( PSA_ERROR_BAD_STATE ); } break; } -cleanup: - if( ret == 0 && status == PSA_SUCCESS ) - { - *mac_length = operation->mac_size; - return( psa_mac_abort( operation ) ); - } - else - { - psa_mac_abort( operation ); - if( ret != 0 ) - status = mbedtls_to_psa_error( ret ); - - return( status ); - } + return( status ); } psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, @@ -1683,14 +1663,37 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, size_t mac_size, size_t *mac_length ) { + psa_status_t status; + + /* Fill the output buffer with something that isn't a valid mac + * (barring an attack on the mac and deliberately-crafted input), + * in case the caller doesn't check the return status properly. */ + *mac_length = mac_size; + /* If mac_size is 0 then mac may be NULL and then the + * call to memset would have undefined behavior. */ + if( mac_size != 0 ) + memset( mac, '!', mac_size ); + if( ! operation->is_sign ) { - psa_mac_abort( operation ); - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto cleanup; } - return( psa_mac_finish_internal( operation, mac, - mac_size, mac_length ) ); + status = psa_mac_finish_internal( operation, mac, mac_size ); + +cleanup: + if( status == PSA_SUCCESS ) + { + status = psa_mac_abort( operation ); + if( status == PSA_SUCCESS ) + *mac_length = operation->mac_size; + else + memset( mac, '!', mac_size ); + } + else + psa_mac_abort( operation ); + return( status ); } psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, @@ -1698,25 +1701,32 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, size_t mac_length ) { uint8_t actual_mac[PSA_MAC_MAX_SIZE]; - size_t actual_mac_length; psa_status_t status; if( operation->is_sign ) { - psa_mac_abort( operation ); - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto cleanup; + } + if( operation->mac_size != mac_length ) + { + status = PSA_ERROR_INVALID_SIGNATURE; + goto cleanup; } status = psa_mac_finish_internal( operation, - actual_mac, sizeof( actual_mac ), - &actual_mac_length ); - if( status != PSA_SUCCESS ) - return( status ); - if( actual_mac_length != mac_length ) - return( PSA_ERROR_INVALID_SIGNATURE ); - if( safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 ) - return( PSA_ERROR_INVALID_SIGNATURE ); - return( PSA_SUCCESS ); + actual_mac, sizeof( actual_mac ) ); + + if( safer_memcmp( mac, actual_mac, mac_length ) != 0 ) + status = PSA_ERROR_INVALID_SIGNATURE; + +cleanup: + if( status == PSA_SUCCESS ) + status = psa_mac_abort( operation ); + else + psa_mac_abort( operation ); + + return( status ); } From 25c4fa8fb0537fbb9d5a4af42d1b4643e9ee9aca Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 6 Jul 2018 16:23:25 +0100 Subject: [PATCH 0368/2197] Fix copy paste error PSA test suite At this point it fixes memory leaks as well. These memory leaks are the fault of the 'psa_cipher_finish()' function and the calls fixed in this commit (among with many others in the test suite) will become obsolete after fixing 'psa_cipher_finish()'. --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c90447f81..715236896 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1385,7 +1385,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, output2_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); TEST_ASSERT( input->len == output2_length ); TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); @@ -1491,7 +1491,7 @@ void cipher_verify_output_multipart( int alg_arg, &function_output_length ) == PSA_SUCCESS ); output2_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); TEST_ASSERT( input->len == output2_length ); TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); From 76f5c7b6a874edb4de057d159827d8c8dbd2d70c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Jul 2018 16:53:09 +0200 Subject: [PATCH 0369/2197] Tests: cover policy checks for all operations Add tests of key policy checks for MAC, cipher, AEAD, asymmetric encryption and asymmetric signature. For each category, test with/without the requisite usage flag in each direction, and test algorithm mismatch. --- tests/suites/test_suite_psa_crypto.data | 102 ++++++- tests/suites/test_suite_psa_crypto.function | 282 +++++++++++++++++--- 2 files changed, 348 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b281cb3af..f1075bbac 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -138,11 +138,105 @@ import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE -PSA key policy enforcement: export -key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" +PSA key policy: MAC, sign | verify +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) -PSA key policy enforcement: sign -key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" +PSA key policy: MAC, wrong algorithm +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224) + +PSA key policy: MAC, sign but not verify +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key policy: MAC, verify but not sign +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key policy: MAC, neither sign nor verify +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key policy: cipher, encrypt | decrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR + +PSA key policy: cipher, wrong algorithm +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC +cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE + +PSA key policy: cipher, encrypt but not decrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR + +PSA key policy: cipher, decrypt but not encrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR + +PSA key policy: cipher, neither encrypt nor decrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR + +PSA key policy: AEAD, encrypt | decrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM + +PSA key policy: AEAD, wrong algorithm +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_GCM_C +aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM + +PSA key policy: AEAD, encrypt but not decrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM + +PSA key policy: AEAD, decrypt but not encrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM + +PSA key policy: AEAD, neither encrypt nor decrypt +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM + +PSA key policy: asymmetric encryption, encrypt | decrypt +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA key policy: asymmetric encryption, wrong algorithm +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) + +PSA key policy: asymmetric encryption, encrypt but not decrypt +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA key policy: asymmetric encryption, decrypt but not encrypt +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA key policy: asymmetric encryption, neither encrypt nor decrypt +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA key policy: asymmetric signature, sign | verify +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW + +PSA key policy: asymmetric signature, wrong algorithm +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224) + +PSA key policy: asymmetric signature, sign but not verify +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW + +PSA key policy: asymmetric signature, verify but not sign +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW + +PSA key policy: asymmetric signature, neither sign nor verify +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA key lifetime: set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9128e8fc5..977222bbf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -723,49 +723,267 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void key_policy_fail( int usage_arg, int alg_arg, int expected_status, - data_t *keypair ) +void mac_key_policy( int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg ) { int key_slot = 1; - psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = usage_arg; - size_t signature_length = 0; psa_key_policy_t policy; - int actual_status = PSA_SUCCESS; + psa_mac_operation_t operation; + psa_status_t status; + unsigned char mac[PSA_MAC_MAX_SIZE]; + size_t output_length; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, usage, alg ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); - if( usage & PSA_KEY_USAGE_EXPORT ) - { - TEST_ASSERT( keypair != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); - TEST_ASSERT( psa_import_key( key_slot, - PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, - keypair->len ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( key_slot, alg, - NULL, 0, - NULL, 0, - NULL, 0, &signature_length ); - } + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); - if( usage & PSA_KEY_USAGE_SIGN ) - { - size_t data_length; - TEST_ASSERT( keypair != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) ); - TEST_ASSERT( psa_import_key( key_slot, - PSA_KEY_TYPE_RSA_KEYPAIR, - keypair->x, - keypair->len ) == PSA_SUCCESS ); - actual_status = psa_export_key( key_slot, NULL, 0, &data_length ); - } + status = psa_mac_start( &operation, key_slot, exercise_alg ); + if( status == PSA_SUCCESS ) + status = psa_mac_finish( &operation, + mac, sizeof( mac ), &output_length ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + psa_mac_abort( &operation ); - TEST_ASSERT( actual_status == expected_status ); + memset( mac, 0, sizeof( mac ) ); + status = psa_mac_start( &operation, key_slot, exercise_alg ); + if( status == PSA_SUCCESS ) + status = psa_mac_verify( &operation, mac, sizeof( mac ) ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_mac_abort( &operation ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_key_policy( int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg ) +{ + int key_slot = 1; + psa_key_policy_t policy; + psa_cipher_operation_t operation; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); + + status = psa_encrypt_setup( &operation, key_slot, exercise_alg ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + psa_cipher_abort( &operation ); + + status = psa_decrypt_setup( &operation, key_slot, exercise_alg ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_cipher_abort( &operation ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void aead_key_policy( int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int nonce_length_arg, + int tag_length_arg, + int exercise_alg ) +{ + int key_slot = 1; + psa_key_policy_t policy; + psa_status_t status; + unsigned char nonce[16] = {0}; + size_t nonce_length = nonce_length_arg; + unsigned char tag[16]; + size_t tag_length = tag_length_arg; + size_t output_length; + + TEST_ASSERT( nonce_length <= sizeof( nonce ) ); + TEST_ASSERT( tag_length <= sizeof( tag ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); + + status = psa_aead_encrypt( key_slot, exercise_alg, + nonce, nonce_length, + NULL, 0, + NULL, 0, + tag, tag_length, + &output_length ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + + memset( tag, 0, sizeof( tag ) ); + status = psa_aead_decrypt( key_slot, exercise_alg, + nonce, nonce_length, + NULL, 0, + tag, tag_length, + NULL, 0, + &output_length ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) + TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_encryption_key_policy( int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg ) +{ + int key_slot = 1; + psa_key_policy_t policy; + psa_status_t status; + size_t key_bits; + size_t buffer_length; + unsigned char *buffer = NULL; + size_t output_length; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_information( key_slot, + NULL, + &key_bits ) == PSA_SUCCESS ); + buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, + exercise_alg ); + buffer = mbedtls_calloc( 1, buffer_length ); + TEST_ASSERT( buffer != NULL ); + + status = psa_asymmetric_encrypt( key_slot, exercise_alg, + NULL, 0, + NULL, 0, + buffer, buffer_length, + &output_length ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + + memset( buffer, 0, buffer_length ); + status = psa_asymmetric_decrypt( key_slot, exercise_alg, + buffer, buffer_length, + NULL, 0, + buffer, buffer_length, + &output_length ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) + TEST_ASSERT( status == PSA_ERROR_INVALID_PADDING ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); + mbedtls_free( buffer ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_signature_key_policy( int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg ) +{ + int key_slot = 1; + psa_key_policy_t policy; + psa_status_t status; + unsigned char payload[16] = {1}; + size_t payload_length = sizeof( payload ); + unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + size_t signature_length; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); + + status = psa_asymmetric_sign( key_slot, exercise_alg, + payload, payload_length, + NULL, 0, + signature, sizeof( signature ), + &signature_length ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + + memset( signature, 0, sizeof( signature ) ); + status = psa_asymmetric_verify( key_slot, exercise_alg, + payload, payload_length, + NULL, 0, + signature, sizeof( signature ) ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: psa_destroy_key( key_slot ); From a5c7b7d0ddcfcc1b5313abb28311c0c2c6b39223 Mon Sep 17 00:00:00 2001 From: Mohammad Abo Mokh Date: Wed, 4 Jul 2018 15:57:00 +0300 Subject: [PATCH 0370/2197] Style fixes --- library/psa_crypto.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 68fa0ef67..6dff2f532 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -26,14 +26,17 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) - -//! In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure -//! Partition Manager) integration which separate the code into two parts -//! NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment). -//! In this mode an additional header file should be included. +/* + * In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure + * Partition Manager) integration which separate the code into two parts + * NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment). + * In this mode an additional header file should be included. + */ #if defined(MBEDTLS_PSA_CRYPTO_SPM) -//! PSA_CRYPTO_SECURE means that this file is compiled to the SPE side. -//! some headers will be affected by this flag. +/* + * PSA_CRYPTO_SECURE means that this file is compiled to the SPE side. + * some headers will be affected by this flag. + */ #define PSA_CRYPTO_SECURE 1 #include "crypto_spe.h" #endif @@ -2492,6 +2495,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) /****************************************************************/ /* Key Policy */ /****************************************************************/ + #if !defined(MBEDTLS_PSA_CRYPTO_SPM) void psa_key_policy_init( psa_key_policy_t *policy ) { @@ -2516,6 +2520,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy ) return( policy->alg ); } #endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */ + psa_status_t psa_set_key_policy( psa_key_slot_t key, const psa_key_policy_t *policy ) { From 365b984e38b37cef4a98e1019d19d19549762842 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 00:19:25 +0200 Subject: [PATCH 0371/2197] Add asymmetric_verify tests with public keys Change most asymmetric_verify to use public keys (they were all using key pairs before). Keep one test with an RSA key pair and one with an EC key pair. --- tests/suites/test_suite_psa_crypto.data | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f61c281b5..4ac25b4d8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -723,27 +723,35 @@ sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100a PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" + +PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" + +PSA verify with keypair: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From fa4070c50bd17d2d1c231e752a3f5e11709fd0f6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 19:23:03 +0200 Subject: [PATCH 0372/2197] Doc: Fix some \c name that should have been \p name --- include/psa/crypto.h | 174 +++++++++++++++++++++---------------------- 1 file changed, 87 insertions(+), 87 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3cd516097..fa2765667 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -492,7 +492,7 @@ typedef uint16_t psa_ecc_curve_t; * \param type A cipher key type (value of type #psa_key_type_t). * * \return The block size for a block cipher, or 1 for a stream cipher. - * The return value is undefined if \c type is not a supported + * The return value is undefined if \p type is not a supported * cipher key type. * * \note It is possible to build stream cipher algorithms on top of a block @@ -541,8 +541,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a hash algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a hash algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_HASH(alg) \ @@ -552,8 +552,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a MAC algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a MAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_MAC(alg) \ @@ -563,8 +563,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a symmetric cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_CIPHER(alg) \ @@ -575,8 +575,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is an AEAD algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is an AEAD algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_AEAD(alg) \ @@ -586,8 +586,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a public-key signature algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_SIGN(alg) \ @@ -597,8 +597,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a public-key encryption algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ @@ -608,8 +608,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a key agreement algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_KEY_AGREEMENT(alg) \ @@ -619,8 +619,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a key derivation algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a key derivation algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_KEY_DERIVATION(alg) \ @@ -668,8 +668,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is an HMAC algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is an HMAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_HMAC(alg) \ @@ -683,8 +683,8 @@ typedef uint32_t psa_algorithm_t; /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * - * \return 1 if \c alg is a MAC algorithm based on a block cipher, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ #define PSA_ALG_IS_CIPHER_MAC(alg) \ @@ -720,8 +720,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a block cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a block cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier or if it is not a symmetric cipher algorithm. */ #define PSA_ALG_IS_BLOCK_CIPHER(alg) \ @@ -756,8 +756,8 @@ typedef uint32_t psa_algorithm_t; * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * - * \return 1 if \c alg is a stream cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported + * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier or if it is not a symmetric cipher algorithm. */ #define PSA_ALG_IS_STREAM_CIPHER(alg) \ @@ -878,10 +878,10 @@ typedef uint32_t psa_algorithm_t; * The representation of a signature is the same as with #PSA_ALG_ECDSA(). * * Note that when this algorithm is used for verification, signatures - * made with randomized ECDSA (#PSA_ALG_ECDSA(\c hash_alg)) with the + * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the * same private key are accepted. In other words, - * #PSA_ALG_DETERMINISTIC_ECDSA(\c hash_alg) differs from - * #PSA_ALG_ECDSA(\c hash_alg) only for signature, not for verification. + * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from + * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). @@ -964,7 +964,7 @@ typedef uint32_t psa_algorithm_t; * be unoccupied. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * \param[in] data Buffer containing the key data. - * \param data_length Size of the \c data buffer in bytes. + * \param data_length Size of the \p data buffer in bytes. * * \retval #PSA_SUCCESS * Success. @@ -1072,7 +1072,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * \param key Slot whose content is to be exported. This must * be an occupied key slot. * \param[out] data Buffer where the key data is to be written. - * \param data_size Size of the \c data buffer in bytes. + * \param data_size Size of the \p data buffer in bytes. * \param[out] data_length On success, the number of bytes * that make up the key data. * @@ -1103,7 +1103,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, * \param key Slot whose content is to be exported. This must * be an occupied key slot. * \param[out] data Buffer where the key data is to be written. - * \param data_size Size of the \c data buffer in bytes. + * \param data_size Size of the \p data buffer in bytes. * \param[out] data_length On success, the number of bytes * that make up the key data. * @@ -1372,7 +1372,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a hash algorithm. + * \p alg is not supported or is not a hash algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1389,7 +1389,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * * \param[in,out] operation Active hash operation. * \param[in] input Buffer containing the message fragment to hash. - * \param input_length Size of the \c input buffer in bytes. + * \param input_length Size of the \p input buffer in bytes. * * \retval #PSA_SUCCESS * Success. @@ -1433,7 +1433,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \c hash buffer is too small. You can determine a + * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) * where \c alg is the hash algorithm that is calculated. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1463,7 +1463,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * * \param[in,out] operation Active hash operation. * \param[in] hash Buffer containing the expected hash value. - * \param hash_length Size of the \c hash buffer in bytes. + * \param hash_length Size of the \p hash buffer in bytes. * * \retval #PSA_SUCCESS * The expected hash is identical to the actual hash of the message. @@ -1485,7 +1485,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * * This function may be called at any time after psa_hash_setup(). * Aborting an operation frees all associated resources except for the - * \c operation structure itself. + * \p operation structure itself. * * Implementation should strive to be robust and handle inactive hash * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, @@ -1497,7 +1497,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE - * \c operation is not an active hash operation. + * \p operation is not an active hash operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -1554,9 +1554,9 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a MAC algorithm. + * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1624,7 +1624,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \param[in,out] operation Active MAC operation. * \param[in] input Buffer containing the message fragment to add to * the MAC calculation. - * \param input_length Size of the \c input buffer in bytes. + * \param input_length Size of the \p input buffer in bytes. * * \retval #PSA_SUCCESS * Success. @@ -1670,7 +1670,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \c mac buffer is too small. You can determine a + * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -1699,7 +1699,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * * \param[in,out] operation Active MAC operation. * \param[in] mac Buffer containing the expected MAC value. - * \param mac_length Size of the \c mac buffer in bytes. + * \param mac_length Size of the \p mac buffer in bytes. * * \retval #PSA_SUCCESS * The expected MAC is identical to the actual MAC of the message. @@ -1722,7 +1722,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * This function may be called at any time after psa_mac_sign_setup() * or psa_mac_verify_setup(). * Aborting an operation frees all associated resources except for the - * \c operation structure itself. + * \p operation structure itself. * * Implementation should strive to be robust and handle inactive MAC * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, @@ -1734,7 +1734,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE - * \c operation is not an active MAC operation. + * \p operation is not an active MAC operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -1792,9 +1792,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a cipher algorithm. + * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1841,9 +1841,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a cipher algorithm. + * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1866,7 +1866,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * * \param[in,out] operation Active cipher operation. * \param[out] iv Buffer where the generated IV is to be written. - * \param iv_size Size of the \c iv buffer in bytes. + * \param iv_size Size of the \p iv buffer in bytes. * \param[out] iv_length On success, the number of bytes of the * generated IV. * @@ -1909,7 +1909,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or IV already set). * \retval #PSA_ERROR_INVALID_ARGUMENT - * The size of the \c iv is not acceptable for the chosen algorithm, + * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -1934,9 +1934,9 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \param[in,out] operation Active cipher operation. * \param[in] input Buffer containing the message fragment to * encrypt or decrypt. - * \param input_length Size of the \c input buffer in bytes. + * \param input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. - * \param output_size Size of the \c output buffer in bytes. + * \param output_size Size of the \p output buffer in bytes. * \param[out] output_length On success, the number of bytes * that make up the returned output. * @@ -1974,7 +1974,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * * \param[in,out] operation Active cipher operation. * \param[out] output Buffer where the output is to be written. - * \param output_size Size of the \c output buffer in bytes. + * \param output_size Size of the \p output buffer in bytes. * \param[out] output_length On success, the number of bytes * that make up the returned output. * @@ -2000,7 +2000,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * This function may be called at any time after * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). * Aborting an operation frees all associated resources except for the - * \c operation structure itself. + * \p operation structure itself. * * Implementation should strive to be robust and handle inactive cipher * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, @@ -2012,7 +2012,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE - * \c operation is not an active cipher operation. + * \p operation is not an active cipher operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -2078,9 +2078,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not an AEAD algorithm. + * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2131,9 +2131,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * The ciphertext is not authentic. * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg. + * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not an AEAD algorithm. + * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2179,9 +2179,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * * \param key Key slot containing an asymmetric key pair. * \param alg A signature algorithm that is compatible with - * the type of \c key. + * the type of \p key. * \param[in] hash The hash or message to sign. - * \param hash_length Size of the \c hash buffer in bytes. + * \param hash_length Size of the \p hash buffer in bytes. * \param[in] salt A salt or label, if supported by the * signature algorithm. * If the signature algorithm does not support @@ -2189,20 +2189,20 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * If the signature algorithm supports an * optional salt and you do not want to pass * a salt, pass \c NULL. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. * \param[out] signature Buffer where the signature is to be written. - * \param signature_size Size of the \c signature buffer in bytes. + * \param signature_size Size of the \p signature buffer in bytes. * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \c signature buffer is too small. You can + * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \c key. + * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2233,10 +2233,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \param key Key slot containing a public key or an * asymmetric key pair. * \param alg A signature algorithm that is compatible with - * the type of \c key. + * the type of \p key. * \param[in] hash The hash or message whose signature is to be * verified. - * \param hash_length Size of the \c hash buffer in bytes. + * \param hash_length Size of the \p hash buffer in bytes. * \param[in] salt A salt or label, if supported by the signature * algorithm. * If the signature algorithm does not support a @@ -2244,10 +2244,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * If the signature algorithm supports an optional * salt and you do not want to pass a salt, * pass \c NULL. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. * \param[in] signature Buffer containing the signature to verify. - * \param signature_length Size of the \c signature buffer in bytes. + * \param signature_length Size of the \p signature buffer in bytes. * * \retval #PSA_SUCCESS * The signature is valid. @@ -2281,9 +2281,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * \param key Key slot containing a public key or an * asymmetric key pair. * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \c key. + * compatible with the type of \p key. * \param[in] input The message to encrypt. - * \param input_length Size of the \c input buffer in bytes. + * \param input_length Size of the \p input buffer in bytes. * \param[in] salt A salt or label, if supported by the * encryption algorithm. * If the algorithm does not support a @@ -2294,21 +2294,21 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is * supported. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. * \param[out] output Buffer where the encrypted message is to * be written. - * \param output_size Size of the \c output buffer in bytes. + * \param output_size Size of the \p output buffer in bytes. * \param[out] output_length On success, the number of bytes * that make up the returned output. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \c output buffer is too small. You can + * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \c key. + * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2332,9 +2332,9 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * * \param key Key slot containing an asymmetric key pair. * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \c key. + * compatible with the type of \p key. * \param[in] input The message to decrypt. - * \param input_length Size of the \c input buffer in bytes. + * \param input_length Size of the \p input buffer in bytes. * \param[in] salt A salt or label, if supported by the * encryption algorithm. * If the algorithm does not support a @@ -2345,8 +2345,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is * supported. - * \param salt_length Size of the \c salt buffer in bytes. - * If \c salt is \c NULL, pass 0. + * \param salt_length Size of the \p salt buffer in bytes. + * If \p salt is \c NULL, pass 0. * \param[out] output Buffer where the decrypted message is to * be written. * \param output_size Size of the \c output buffer in bytes. @@ -2355,11 +2355,11 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \c output buffer is too small. You can + * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \c key. + * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2426,17 +2426,17 @@ typedef struct { * \param bits Key size in bits. * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter depends on - * \c type. All types support \c NULL to use + * \p type. All types support \c NULL to use * default parameters. Implementation that support * the generation of vendor-specific key types * that allow extra parameters shall document * the format of these extra parameters and * the default values. For standard parameters, * the meaning of \p extra is as follows: - * - For a symmetric key type (a type \c type such + * - For a symmetric key type (a type such * that #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is * false), \p extra must be \c NULL. - * - For an elliptic curve key type (a type \c type + * - For an elliptic curve key type (a type * such that #PSA_KEY_TYPE_IS_ECC(\p type) is * false), \p extra must be \c NULL. * - For an RSA key, \p extra is an optional From fbfac6867b02e5d6b8a8e9df744d42138c262449 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 20:51:54 +0200 Subject: [PATCH 0373/2197] Simplify algorithm checking logic in MAC functions Use if-else-if chains rather than switch because many blocks apply to a class of algoritmhs rather than a single algorithm or a fixed set of algorithms. Call abort on more error paths that were missed earlier. --- library/psa_crypto.c | 272 +++++++++++++++++++++---------------------- 1 file changed, 134 insertions(+), 138 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a29c07769..4160bd1eb 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1327,38 +1327,37 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) { - switch( operation->alg ) + if( operation->alg == 0 ) { - case 0: - /* The object has (apparently) been initialized but it is not - * in use. It's ok to call abort on such an object, and there's - * nothing to do. */ - return( PSA_SUCCESS ); + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + return( PSA_SUCCESS ); + } + else #if defined(MBEDTLS_CMAC_C) - case PSA_ALG_CMAC: - mbedtls_cipher_free( &operation->ctx.cmac ); - break; + if( operation->alg == PSA_ALG_CMAC ) + { + mbedtls_cipher_free( &operation->ctx.cmac ); + } + else #endif /* MBEDTLS_CMAC_C */ - default: #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - size_t block_size = - psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); - - if( block_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - - psa_hash_abort( &operation->ctx.hmac.hash_ctx ); - mbedtls_zeroize( operation->ctx.hmac.opad, block_size ); - } - else + if( PSA_ALG_IS_HMAC( operation->alg ) ) + { + size_t block_size = + psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); + if( block_size == 0 ) + goto bad_state; + psa_hash_abort( &operation->ctx.hmac.hash_ctx ); + mbedtls_zeroize( operation->ctx.hmac.opad, block_size ); + } + else #endif /* MBEDTLS_MD_C */ - { - /* Sanity check (shouldn't happen: operation->alg should - * always have been initialized to a valid value). */ - return( PSA_ERROR_BAD_STATE ); - } + { + /* Sanity check (shouldn't happen: operation->alg should + * always have been initialized to a valid value). */ + goto bad_state; } operation->alg = 0; @@ -1369,6 +1368,14 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) operation->is_sign = 0; return( PSA_SUCCESS ); + +bad_state: + /* If abort is called on an uninitialized object, we can't trust + * anything. Wipe the object in case it contains confidential data. + * This may result in a memory leak if a pointer gets overwritten, + * but it's too late to do anything about this. */ + memset( operation, 0, sizeof( *operation ) ); + return( PSA_ERROR_BAD_STATE ); } #if defined(MBEDTLS_CMAC_C) @@ -1471,7 +1478,6 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, size_t key_bits; psa_key_usage_t usage = is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; - const mbedtls_cipher_info_t *cipher_info = NULL; status = psa_mac_init( operation, alg ); if( status != PSA_SUCCESS ) @@ -1481,39 +1487,38 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, status = psa_get_key_from_slot( key, &slot, usage, alg ); if( status != PSA_SUCCESS ) - return( status ); - + goto exit; key_bits = psa_get_key_bits( slot ); - if( ! PSA_ALG_IS_HMAC( alg ) ) - { - cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, - NULL ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - operation->mac_size = cipher_info->block_size; - } - switch( alg ) - { #if defined(MBEDTLS_CMAC_C) - case PSA_ALG_CMAC: - status = mbedtls_to_psa_error( psa_cmac_setup( operation, - key_bits, - slot, - cipher_info ) ); - break; + if( alg == PSA_ALG_CMAC ) + { + const mbedtls_cipher_info_t *cipher_info = + mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL ); + int ret; + if( cipher_info == NULL ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + operation->mac_size = cipher_info->block_size; + ret = psa_cmac_setup( operation, key_bits, slot, cipher_info ); + status = mbedtls_to_psa_error( ret ); + } + else #endif /* MBEDTLS_CMAC_C */ - default: #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HMAC( alg ) ) - status = psa_hmac_setup( operation, slot->type, slot, alg ); - else + if( PSA_ALG_IS_HMAC( alg ) ) + { + status = psa_hmac_setup( operation, slot->type, slot, alg ); + } + else #endif /* MBEDTLS_MD_C */ - return( PSA_ERROR_NOT_SUPPORTED ); + { + status = PSA_ERROR_NOT_SUPPORTED; } - /* If we reach this point, then the algorithm-specific part of the - * context may contain data that needs to be wiped on error. */ +exit: if( status != PSA_SUCCESS ) { psa_mac_abort( operation ); @@ -1543,43 +1548,39 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) { - int ret = 0 ; - psa_status_t status = PSA_SUCCESS; + psa_status_t status = PSA_ERROR_BAD_STATE; if( ! operation->key_set ) - return( PSA_ERROR_BAD_STATE ); + goto cleanup; if( operation->iv_required && ! operation->iv_set ) - return( PSA_ERROR_BAD_STATE ); + goto cleanup; operation->has_input = 1; - switch( operation->alg ) - { #if defined(MBEDTLS_CMAC_C) - case PSA_ALG_CMAC: - ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac, - input, input_length ); - break; -#endif /* MBEDTLS_CMAC_C */ - default: -#if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input, - input_length ); - } - else -#endif /* MBEDTLS_MD_C */ - { - ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; - } - break; - } - if( ret != 0 || status != PSA_SUCCESS ) + if( operation->alg == PSA_ALG_CMAC ) { - psa_mac_abort( operation ); - if( ret != 0 ) - status = mbedtls_to_psa_error( ret ); + int ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac, + input, input_length ); + status = mbedtls_to_psa_error( ret ); + } + else +#endif /* MBEDTLS_CMAC_C */ +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( operation->alg ) ) + { + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input, + input_length ); + } + else +#endif /* MBEDTLS_MD_C */ + { + /* This shouldn't happen if `operation` was initialized by + * a setup function. */ + status = PSA_ERROR_BAD_STATE; } +cleanup: + if( status != PSA_SUCCESS ) + psa_mac_abort( operation ); return( status ); } @@ -1597,65 +1598,60 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( mac_size < operation->mac_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - switch( operation->alg ) - { #if defined(MBEDTLS_CMAC_C) - case PSA_ALG_CMAC: - { - int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac ); - return( mbedtls_to_psa_error( ret ) ); - } -#endif /* MBEDTLS_CMAC_C */ - default: -#if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; - unsigned char *opad = operation->ctx.hmac.opad; - size_t hash_size = 0; - size_t block_size = - psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); - - if( block_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, - sizeof( tmp ), &hash_size ); - if( status != PSA_SUCCESS ) - return( status ); - /* From here on, tmp needs to be wiped. */ - - status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( operation->alg ) ); - if( status != PSA_SUCCESS ) - goto hmac_cleanup; - - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad, - block_size ); - if( status != PSA_SUCCESS ) - goto hmac_cleanup; - - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp, - hash_size ); - if( status != PSA_SUCCESS ) - goto hmac_cleanup; - - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac, - mac_size, &hash_size ); - hmac_cleanup: - mbedtls_zeroize( tmp, hash_size ); - } - else -#endif /* MBEDTLS_MD_C */ - { - /* This shouldn't happen if operation was initialized by - * a setup function. */ - return( PSA_ERROR_BAD_STATE ); - } - break; + if( operation->alg == PSA_ALG_CMAC ) + { + int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac ); + return( mbedtls_to_psa_error( ret ) ); } + else +#endif /* MBEDTLS_CMAC_C */ +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HMAC( operation->alg ) ) + { + unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; + unsigned char *opad = operation->ctx.hmac.opad; + size_t hash_size = 0; + size_t block_size = + psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); - return( status ); + if( block_size == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); + + status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, + sizeof( tmp ), &hash_size ); + if( status != PSA_SUCCESS ) + return( status ); + /* From here on, tmp needs to be wiped. */ + + status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, + PSA_ALG_HMAC_HASH( operation->alg ) ); + if( status != PSA_SUCCESS ) + goto hmac_cleanup; + + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad, + block_size ); + if( status != PSA_SUCCESS ) + goto hmac_cleanup; + + status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp, + hash_size ); + if( status != PSA_SUCCESS ) + goto hmac_cleanup; + + status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac, + mac_size, &hash_size ); + hmac_cleanup: + mbedtls_zeroize( tmp, hash_size ); + return( status ); + } + else +#endif /* MBEDTLS_MD_C */ + { + /* This shouldn't happen if `operation` was initialized by + * a setup function. */ + return( PSA_ERROR_BAD_STATE ); + } } psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, From 315b51c22d8356db9bd550a4b71239b19faa7420 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 9 Jul 2018 16:04:51 +0100 Subject: [PATCH 0374/2197] Fix memory leak in psa_cipher_finish() --- library/psa_crypto.c | 49 ++++++++++++++++++++++++++++---------------- 1 file changed, 31 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6dff2f532..e10ca30ed 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2410,18 +2410,19 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, size_t output_size, size_t *output_length ) { - int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + psa_status_t status = PSA_ERROR_UNKNOWN_ERROR; + int cipher_ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; if( ! operation->key_set ) { - psa_cipher_abort( operation ); - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto error; } if( operation->iv_required && ! operation->iv_set ) { - psa_cipher_abort( operation ); - return( PSA_ERROR_BAD_STATE ); + status = PSA_ERROR_BAD_STATE; + goto error; } if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) @@ -2430,37 +2431,49 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; if( operation->ctx.cipher.unprocessed_len >= operation->block_size ) { - psa_cipher_abort( operation ); - return( PSA_ERROR_TAMPERING_DETECTED ); + status = PSA_ERROR_TAMPERING_DETECTED; + goto error; } if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) { if( operation->ctx.cipher.unprocessed_len != 0 ) { - psa_cipher_abort( operation ); - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; + goto error; } } } - ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer, - output_length ); - if( ret != 0 ) + cipher_ret = mbedtls_cipher_finish( &operation->ctx.cipher, + temp_output_buffer, + output_length ); + if( cipher_ret != 0 ) { - psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + status = mbedtls_to_psa_error( cipher_ret ); + goto error; } + if( *output_length == 0 ) - /* Nothing to copy. Note that output may be NULL in this case. */ ; + ; /* Nothing to copy. Note that output may be NULL in this case. */ else if( output_size >= *output_length ) memcpy( output, temp_output_buffer, *output_length ); else { - psa_cipher_abort( operation ); - return( PSA_ERROR_BUFFER_TOO_SMALL ); + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto error; } - return( PSA_SUCCESS ); + status = psa_cipher_abort( operation ); + + return( status ); + +error: + + *output_length = 0; + + (void) psa_cipher_abort( operation ); + + return( status ); } psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) From ab4152b3d4e7ec7284ae04f5791385aa324e94e4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Jul 2018 16:12:42 +0200 Subject: [PATCH 0375/2197] Diversify export tests without the export usage flag Test both with a symmetric key and with a key pair. --- tests/suites/test_suite_psa_crypto.data | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f1075bbac..72c602181 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -53,10 +53,6 @@ PSA import/export RSA public key: export buffer too small depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 -PSA import/export RSA keypair: policy forbids export -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 - PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 @@ -117,6 +113,22 @@ PSA import/export EC secp384r1: good depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +PSA import/export AES key: policy forbids export +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export HMAC key: policy forbids export +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export RSA keypair: policy forbids export (crypt) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export RSA keypair: policy forbids export (sign) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 + PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT From d8008d6dfea95f15990a260230dde868d34b59a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 19:51:51 +0200 Subject: [PATCH 0376/2197] New macro PSA_KEY_TYPE_IS_RSA --- include/psa/crypto.h | 6 +++++- library/psa_crypto.c | 25 ++++++++----------------- 2 files changed, 13 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 68e3b0aa3..ba0755b2e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -433,7 +433,11 @@ typedef uint32_t psa_key_type_t; /** Whether a key type is an RSA key pair or public key. */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -/** Whether a key type is an elliptic curve key pair or public key. */ +/** Whether a key type is an RSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_RSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == \ + PSA_KEY_TYPE_RSA_PUBLIC_KEY) +/** Whether a key type is an elliptic curve key (pair or public-only). */ #define PSA_KEY_TYPE_IS_ECC(type) \ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a1b8104f7..fac1c7564 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -567,9 +567,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, } else #if defined(MBEDTLS_PK_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - type == PSA_KEY_TYPE_RSA_KEYPAIR || - PSA_KEY_TYPE_IS_ECC( type ) ) + if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) { int ret; mbedtls_pk_context pk; @@ -584,8 +582,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, { #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: - if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( PSA_KEY_TYPE_IS_RSA( type ) ) { mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); size_t bits = mbedtls_rsa_get_bitlen( rsa ); @@ -662,8 +659,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) } else #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { mbedtls_rsa_free( slot->data.rsa ); mbedtls_free( slot->data.rsa ); @@ -694,8 +690,7 @@ static size_t psa_get_key_bits( const key_slot_t *slot ) if( key_type_is_raw_bytes( slot->type ) ) return( slot->data.raw.bytes * 8 ); #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) return( mbedtls_rsa_get_bitlen( slot->data.rsa ) ); #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) @@ -769,15 +764,13 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, else { #if defined(MBEDTLS_PK_WRITE_C) - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || + if( PSA_KEY_TYPE_IS_RSA( slot->type ) || PSA_KEY_TYPE_IS_ECC( slot->type ) ) { mbedtls_pk_context pk; int ret; mbedtls_pk_init( &pk ); - if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY || - slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { pk.pk_info = &mbedtls_rsa_info; pk.pk_ctx = slot->data.rsa; @@ -2064,8 +2057,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, return( status ); #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || - slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { return( psa_rsa_verify( slot->data.rsa, alg, @@ -2120,8 +2112,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR || - slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; From dda3bd344d42165c696b65b67b957aaec0fb89e5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 19:40:46 +0200 Subject: [PATCH 0377/2197] Doc: Minor formatting and copy fixes --- include/psa/crypto.h | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fa2765667..43d8d0986 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -647,7 +647,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) /** Macro to build an HMAC algorithm. * - * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256. + * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). @@ -702,6 +702,7 @@ typedef uint32_t psa_algorithm_t; * whole number of blocks for the chosen block cipher. */ #define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000) + #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) /** Whether the specified algorithm is a block cipher. @@ -736,6 +737,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) #define PSA_ALG_STREAM_CIPHER_BASE ((psa_algorithm_t)0x04800000) + /** The CTR stream cipher mode. * * CTR is a stream cipher which is built from a block cipher. The @@ -744,6 +746,7 @@ typedef uint32_t psa_algorithm_t; * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). */ #define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) + /** The ARC4 stream cipher algorithm. */ #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) @@ -1660,9 +1663,9 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \param mac_size Size of the \p mac buffer in bytes. * \param[out] mac_length On success, the number of bytes * that make up the MAC value. This is always - * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg) + * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg) * where \c key_type and \c key_bits are the type and - * bit-size respectively of \c key and `alg` is the + * bit-size respectively of the key and \c alg is the * MAC algorithm that is calculated. * * \retval #PSA_SUCCESS @@ -1875,7 +1878,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not started, or IV already set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \c output buffer is too small. + * The size of the \p iv buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2357,7 +2360,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) + * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. * \retval #PSA_ERROR_NOT_SUPPORTED @@ -2439,8 +2442,9 @@ typedef struct { * - For an elliptic curve key type (a type * such that #PSA_KEY_TYPE_IS_ECC(\p type) is * false), \p extra must be \c NULL. - * - For an RSA key, \p extra is an optional - * #psa_generate_key_extra_rsa structure + * - For an RSA key (\p type is + * #PSA_KEY_TYPE_RSA_KEYPAIR), \p extra is an + * optional #psa_generate_key_extra_rsa structure * specifying the public exponent. The * default public exponent used when \p extra * is \c NULL is 65537. From fe11951c167c92d4727fcdd8625e86da261e3cbc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 21:39:34 +0200 Subject: [PATCH 0378/2197] Rename psa cipher functions to psa_cipher_xxx Make function names for multipart operations more consistent (cipher edition). Rename symmetric cipher multipart operation functions so that they all start with psa_cipher_: * psa_encrypt_setup -> psa_cipher_encrypt_setup * psa_decrypt_setup -> psa_cipher_decrypt_setup * psa_encrypt_set_iv -> psa_cipher_set_iv * psa_encrypt_generate_iv -> psa_cipher_generate_iv --- include/psa/crypto.h | 42 +++++----- library/psa_crypto.c | 28 +++---- tests/suites/test_suite_psa_crypto.function | 90 +++++++++++---------- 3 files changed, 81 insertions(+), 79 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 98573c90f..9fea83e7c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1464,10 +1464,10 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. - * -# Call psa_encrypt_setup() to specify the algorithm and key. + * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. - * -# Call either psa_encrypt_generate_iv() or psa_encrypt_set_iv() to + * -# Call either psa_encrypt_generate_iv() or psa_cipher_set_iv() to * generate or set the IV (initialization vector). You should use * psa_encrypt_generate_iv() unless the protocol you are implementing * requires a specific IV value. @@ -1476,12 +1476,12 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * -# Call psa_cipher_finish(). * * The application may call psa_cipher_abort() at any time after the operation - * has been initialized with psa_encrypt_setup(). + * has been initialized with psa_cipher_encrypt_setup(). * - * After a successful call to psa_encrypt_setup(), the application must + * After a successful call to psa_cipher_encrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv() + * - A failed call to psa_encrypt_generate_iv(), psa_cipher_set_iv() * or psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * @@ -1503,9 +1503,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg); +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); /** Set the key for a multipart symmetric decryption operation. * @@ -1513,7 +1513,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. - * -# Call psa_decrypt_setup() to specify the algorithm and key. + * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. * -# Call psa_cipher_update() with the IV (initialization vector) for the @@ -1525,9 +1525,9 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * -# Call psa_cipher_finish(). * * The application may call psa_cipher_abort() at any time after the operation - * has been initialized with psa_encrypt_setup(). + * has been initialized with psa_cipher_decrypt_setup(). * - * After a successful call to psa_decrypt_setup(), the application must + * After a successful call to psa_cipher_decrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: * - A failed call to psa_cipher_update(). @@ -1551,18 +1551,18 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg); +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg); -psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, - unsigned char *iv, - size_t iv_size, - size_t *iv_length); +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length); -psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, - const unsigned char *iv, - size_t iv_length); +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length); psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4160bd1eb..b9f43b54a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2360,24 +2360,24 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, return( PSA_SUCCESS ); } -psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) { return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); } -psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, + psa_key_slot_t key, + psa_algorithm_t alg ) { return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); } -psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, - unsigned char *iv, - size_t iv_size, - size_t *iv_length ) +psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, + unsigned char *iv, + size_t iv_size, + size_t *iv_length ) { int ret = PSA_SUCCESS; if( operation->iv_set || ! operation->iv_required ) @@ -2396,7 +2396,7 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, } *iv_length = operation->iv_size; - ret = psa_encrypt_set_iv( operation, iv, *iv_length ); + ret = psa_cipher_set_iv( operation, iv, *iv_length ); exit: if( ret != PSA_SUCCESS ) @@ -2404,9 +2404,9 @@ exit: return( ret ); } -psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation, - const unsigned char *iv, - size_t iv_length ) +psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, + const unsigned char *iv, + size_t iv_length ) { int ret = PSA_SUCCESS; if( operation->iv_set || ! operation->iv_required ) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3a03a76bf..e9efb3a0a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -184,10 +184,11 @@ static int exercise_cipher_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - TEST_ASSERT( psa_encrypt_setup( &operation, key, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation, - iv, sizeof( iv ), - &iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_encrypt_setup( &operation, + key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_generate_iv( &operation, + iv, sizeof( iv ), + &iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, plaintext, sizeof( plaintext ), ciphertext, sizeof( ciphertext ), @@ -209,9 +210,10 @@ static int exercise_cipher_key( psa_key_slot_t key, TEST_ASSERT( psa_get_key_information( key, &type, &bits ) ); iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); } - TEST_ASSERT( psa_decrypt_setup( &operation, key, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_decrypt_setup( &operation, + key, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation, + iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, ciphertext, ciphertext_length, decrypted, sizeof( decrypted ), @@ -792,7 +794,7 @@ void cipher_key_policy( int policy_usage, TEST_ASSERT( psa_import_key( key_slot, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_encrypt_setup( &operation, key_slot, exercise_alg ); + status = psa_cipher_encrypt_setup( &operation, key_slot, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -800,7 +802,7 @@ void cipher_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); psa_cipher_abort( &operation ); - status = psa_decrypt_setup( &operation, key_slot, exercise_alg ); + status = psa_cipher_decrypt_setup( &operation, key_slot, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -1230,7 +1232,7 @@ void cipher_setup( int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - status = psa_encrypt_setup( &operation, key_slot, alg ); + status = psa_cipher_encrypt_setup( &operation, key_slot, alg ); psa_cipher_abort( &operation ); TEST_ASSERT( status == expected_status ); @@ -1279,11 +1281,11 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_encrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, iv_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation, + iv, iv_size ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output = mbedtls_calloc( 1, output_buffer_size ); @@ -1354,11 +1356,11 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_encrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output = mbedtls_calloc( 1, output_buffer_size ); @@ -1432,11 +1434,11 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_decrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -1512,11 +1514,11 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_decrypt_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_set_iv( &operation, - iv, iv_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation, + iv, iv_size ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -1586,14 +1588,14 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation1, - key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation2, - key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_encrypt_setup( &operation1, + key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_decrypt_setup( &operation2, + key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation1, - iv, iv_size, - &iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_generate_iv( &operation1, + iv, iv_size, + &iv_length ) == PSA_SUCCESS ); output1_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output1 = mbedtls_calloc( 1, output1_size ); @@ -1614,8 +1616,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, output2 = mbedtls_calloc( 1, output2_size ); TEST_ASSERT( output2 != NULL ); - TEST_ASSERT( psa_encrypt_set_iv( &operation2, - iv, iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation2, + iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, output2, output2_size, &output2_length ) == PSA_SUCCESS ); @@ -1678,14 +1680,14 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_import_key( key_slot, key_type, key->x, key->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_setup( &operation1, - key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_decrypt_setup( &operation2, - key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_encrypt_setup( &operation1, + key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_decrypt_setup( &operation2, + key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_encrypt_generate_iv( &operation1, - iv, iv_size, - &iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_generate_iv( &operation1, + iv, iv_size, + &iv_length ) == PSA_SUCCESS ); output1_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); output1 = mbedtls_calloc( 1, output1_buffer_size ); @@ -1717,8 +1719,8 @@ void cipher_verify_output_multipart( int alg_arg, output2 = mbedtls_calloc( 1, output2_buffer_size ); TEST_ASSERT( output2 != NULL ); - TEST_ASSERT( psa_encrypt_set_iv( &operation2, - iv, iv_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_cipher_set_iv( &operation2, + iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, output2, output2_buffer_size, From 279ab8e69be6c05105f5b422507886dd112733fd Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 9 Jul 2018 16:13:21 +0100 Subject: [PATCH 0379/2197] Prevent leaking plaintext in psa_cipher_finish() --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e10ca30ed..e5833ce22 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2463,6 +2463,7 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, goto error; } + mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) ); status = psa_cipher_abort( operation ); return( status ); @@ -2471,6 +2472,7 @@ error: *output_length = 0; + mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) ); (void) psa_cipher_abort( operation ); return( status ); From af89fd771ecde904536e769746887947373ad37e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 19:52:37 +0200 Subject: [PATCH 0380/2197] psa_import_key: split RSA and ECP code into small functions No intended behavior change except that some edge cases may have swapped between INVALID_ARGUMENT and NOT_SUPPORTED. --- library/psa_crypto.c | 91 ++++++++++++++++++++++++++------------------ 1 file changed, 53 insertions(+), 38 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fac1c7564..30b68faf6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -541,6 +541,43 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, return( PSA_SUCCESS ); } +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) +static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, + mbedtls_rsa_context **p_rsa ) +{ + if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_RSA ) + return( PSA_ERROR_INVALID_ARGUMENT ); + else + { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk ); + size_t bits = mbedtls_rsa_get_bitlen( rsa ); + if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) + return( PSA_ERROR_NOT_SUPPORTED ); + *p_rsa = rsa; + return( PSA_SUCCESS ); + } +} +#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ + +#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) +static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve, + mbedtls_pk_context *pk, + mbedtls_ecp_keypair **p_ecp ) +{ + if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) + return( PSA_ERROR_INVALID_ARGUMENT ); + else + { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( *pk ); + psa_ecc_curve_t actual_curve = mbedtls_ecc_group_to_psa( ecp->grp.id ); + if( actual_curve != expected_curve ) + return( PSA_ERROR_INVALID_ARGUMENT ); + *p_ecp = ecp; + return( PSA_SUCCESS ); + } +} +#endif /* defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) */ + psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, @@ -572,55 +609,33 @@ psa_status_t psa_import_key( psa_key_slot_t key, int ret; mbedtls_pk_context pk; mbedtls_pk_init( &pk ); + + /* Parse the data. */ if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); else ret = mbedtls_pk_parse_public_key( &pk, data, data_length ); if( ret != 0 ) return( mbedtls_to_psa_error( ret ) ); - switch( mbedtls_pk_get_type( &pk ) ) - { + + /* We have something that the pkparse module recognizes. + * If it has the expected type and passes any type-specific + * checks, store it. */ #if defined(MBEDTLS_RSA_C) - case MBEDTLS_PK_RSA: - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); - size_t bits = mbedtls_rsa_get_bitlen( rsa ); - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - { - status = PSA_ERROR_NOT_SUPPORTED; - break; - } - slot->data.rsa = rsa; - } - else - status = PSA_ERROR_INVALID_ARGUMENT; - break; + if( PSA_KEY_TYPE_IS_RSA( type ) ) + status = psa_import_rsa_key( &pk, &slot->data.rsa ); + else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - case MBEDTLS_PK_ECKEY: - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - psa_ecc_curve_t actual_curve = - mbedtls_ecc_group_to_psa( ecp->grp.id ); - psa_ecc_curve_t expected_curve = - PSA_KEY_TYPE_GET_CURVE( type ); - if( actual_curve != expected_curve ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - break; - } - slot->data.ecp = ecp; - } - else - status = PSA_ERROR_INVALID_ARGUMENT; - break; + if( PSA_KEY_TYPE_IS_ECC( type ) ) + status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( type ), + &pk, &slot->data.ecp ); + else #endif /* MBEDTLS_ECP_C */ - default: - status = PSA_ERROR_INVALID_ARGUMENT; - break; + { + status = PSA_ERROR_NOT_SUPPORTED; } + /* Free the content of the pk object only on error. On success, * the content of the object has been stored in the slot. */ if( status != PSA_SUCCESS ) From 6ac73a912bda829756b6d6772c28c64727d2f4d2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 19:47:19 +0200 Subject: [PATCH 0381/2197] Doc: add some missing documentation of function and macro parameters --- include/psa/crypto.h | 44 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 43d8d0986..4b2e9a0aa 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -682,6 +682,8 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). * * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. * This macro may return either 0 or 1 if \p alg is not a supported @@ -1194,7 +1196,10 @@ typedef uint32_t psa_key_usage_t; typedef struct psa_key_policy_s psa_key_policy_t; /** \brief Initialize a key policy structure to a default that forbids all - * usage of the key. */ + * usage of the key. + * + * \param[out] policy The policy object to initialize. + */ void psa_key_policy_init(psa_key_policy_t *policy); /** \brief Set the standard fields of a policy structure. @@ -1202,15 +1207,29 @@ void psa_key_policy_init(psa_key_policy_t *policy); * Note that this function does not make any consistency check of the * parameters. The values are only checked when applying the policy to * a key slot with psa_set_key_policy(). + * + * \param[out] policy The policy object to modify. + * \param usage The permitted uses for the key. + * \param alg The algorithm that the key may be used for. */ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg); -/** \brief Retrieve the usage field of a policy structure. */ +/** \brief Retrieve the usage field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted uses for a key with this policy. + */ psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); -/** \brief Retrieve the algorithm field of a policy structure. */ +/** \brief Retrieve the algorithm field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted algorithm for a key with this policy. + */ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); /** \brief Set the usage policy on a key slot. @@ -1221,11 +1240,30 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * * Implementations may set restrictions on supported key policies * depending on the key type and the key slot. + * + * \param key The key slot whose policy is to be changed. + * \param[in] policy The policy object to query. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy); /** \brief Get the usage policy for a key slot. + * + * \param key The key slot whose policy is being queried. + * \param[out] policy On success, the key's policy. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy); From b4fa8c9c6d97a65ebf5c18513b2aed53ad8f6b61 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 11 Jul 2018 15:57:44 +0100 Subject: [PATCH 0382/2197] psa: Fix Doxygen comment on psa_get_key_from_slot We failed all.sh on the "test: doxygen markup outside doxygen blocks" due to doxygen markup being outside a Doxygen block. Add an extra `*` to the psa_get_key_from_slot comment to denote the comment as a Doxygen comment. --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc996a01c..aee00787b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -371,9 +371,9 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, return( status ); } -/* Retrieve a slot which must contain a key. The key must have allow all - * the usage flags set in \p usage. If \p alg is nonzero, the key must - * allow operations with this algorithm. */ +/** Retrieve a slot which must contain a key. The key must have allow all the + * usage flags set in \p usage. If \p alg is nonzero, the key must allow + * operations with this algorithm. */ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, key_slot_t **p_slot, psa_key_usage_t usage, From 61a60376b7364a439a683aa26d9ff058dcac288c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Jul 2018 21:48:44 +0200 Subject: [PATCH 0383/2197] Fix misplaced Doxygen comment --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9fea83e7c..a30af423a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -414,13 +414,13 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_KEYPAIR(type) \ (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG)) -/** Whether a key type is an RSA key pair or public key. */ /** The key pair type corresponding to a public key type. */ #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ ((type) | PSA_KEY_TYPE_PAIR_FLAG) /** The public key type corresponding to a key pair type. */ #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ ((type) & ~PSA_KEY_TYPE_PAIR_FLAG) +/** Whether a key type is an RSA key pair or public key. */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) /** Whether a key type is an elliptic curve key pair or public key. */ From d00444cf33abb3f82156ffbf5593e61c1479e161 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 21:10:56 +0200 Subject: [PATCH 0384/2197] Improve test coverage of PKCS#1 v1.5 encrypt/decrypt * Add a test for decryption with invalid padding. * Add a test for encryption with input too large. * In negative tests, pass input whose length matches the key length, unless that's what the test is about. --- tests/suites/test_suite_psa_crypto.data | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4ac25b4d8..6968ff9aa 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -761,6 +761,10 @@ PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +PSA encrypt: RSA PKCS#1 v1.5, input too large +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:PSA_ERROR_INVALID_ARGUMENT + PSA encrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT @@ -785,17 +789,21 @@ PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34 +PSA decrypt: RSA PKCS#1 v1.5, invalid padding +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":PSA_ERROR_INVALID_PADDING + PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 9ac9426731a58cee9b13b7184e457c00fc54ac52 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 20:15:32 +0200 Subject: [PATCH 0385/2197] Doc: clarify the preconditions for psa_cipher_update --- include/psa/crypto.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4b2e9a0aa..8a80620dd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1963,12 +1963,12 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, /** Encrypt or decrypt a message fragment in an active cipher operation. * - * The application must call psa_cipher_encrypt_setup() or - * psa_cipher_decrypt_setup() before calling this function. The choice - * of setup function determines whether this function encrypts or - * decrypts its input. After calling a setup function, if the chosen - * algorithm requires an IV, the application must call - * psa_cipher_generate_iv() or psa_cipher_set_iv(). + * Before calling this function, you must: + * 1. Call either psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). + * The choice of setup function determines whether this function + * encrypts or decrypts its input. + * 2. If the algorithm requires an IV, call psa_cipher_generate_iv() + * (recommended when encrypting) or psa_cipher_set_iv(). * * If this function returns an error status, the operation becomes inactive. * From 67a9351bc5813346f047a3fbc8384afa0a2c19b2 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 11 Jul 2018 16:07:40 +0100 Subject: [PATCH 0386/2197] psa: config: Add MBEDTLS_PSA_CRYPTO_SPM We failed check-names.sh due to using a define which wasn't described or defined anywhere. Even though we won't realistically enable MBEDTLS_PSA_CRYPTO_SPM via the configuration system (and will do it from PSA Crypto SPM tooling instead), add a description of the configuration to config.h as good practice. Exclude MBEDTLS_PSA_CRYPTO_SPM from the "full" configuration as well. --- configs/config-psa-crypto.h | 14 ++++++++++++++ include/mbedtls/check_config.h | 4 ++++ include/mbedtls/config.h | 14 ++++++++++++++ library/version_features.c | 3 +++ scripts/config.pl | 1 + 5 files changed, 36 insertions(+) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 184e1ab64..870e335d1 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -696,6 +696,20 @@ */ #define MBEDTLS_PKCS1_V21 +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_SPM + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 41c3f2458..620aff999 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -492,6 +492,10 @@ #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C) +#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index d3df9eeda..385381f7c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1126,6 +1126,20 @@ */ #define MBEDTLS_PKCS1_V21 +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_SPM + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/library/version_features.c b/library/version_features.c index b77bf2658..9917ec03e 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -414,6 +414,9 @@ static const char *features[] = { #if defined(MBEDTLS_PKCS1_V21) "MBEDTLS_PKCS1_V21", #endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) + "MBEDTLS_PSA_CRYPTO_SPM", +#endif /* MBEDTLS_PSA_CRYPTO_SPM */ #if defined(MBEDTLS_RSA_NO_CRT) "MBEDTLS_RSA_NO_CRT", #endif /* MBEDTLS_RSA_NO_CRT */ diff --git a/scripts/config.pl b/scripts/config.pl index 3d2884cc9..2e4ac3bb6 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -96,6 +96,7 @@ MBEDTLS_ZLIB_SUPPORT MBEDTLS_PKCS11_C MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION +MBEDTLS_PSA_CRYPTO_SPM _ALT\s*$ ); From 66763a008a08f41d7bcdc24acb926f47a640b797 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 21:54:10 +0200 Subject: [PATCH 0387/2197] asymmetric_decrypt test: remove redundant argument The expected output size is the size of the expected output, it doesn't need to be passed separately. --- tests/suites/test_suite_psa_crypto.data | 4 ++-- tests/suites/test_suite_psa_crypto.function | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6968ff9aa..eb5f77b93 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -783,11 +783,11 @@ asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057 PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 71325745a..8c8d41d26 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2347,7 +2347,7 @@ exit: /* BEGIN_CASE */ void asymmetric_decrypt( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, - data_t *expected_data, int expected_size ) + data_t *expected_data ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -2384,7 +2384,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data, output, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( (size_t) expected_size == output_length ); + TEST_ASSERT( expected_data->len == output_length ); TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); exit: From be42f312a81d2ac628ad05de20fbd0c398ee794a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 13 Jul 2018 14:38:15 +0200 Subject: [PATCH 0388/2197] Doxygen: use \c foo in preference to `foo` for consistency --- include/psa/crypto.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8a80620dd..d5bda81f9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -97,7 +97,7 @@ typedef int32_t psa_status_t; /** An output buffer is too small. * - * Applications can call the `PSA_xxx_SIZE` macro listed in the function + * Applications can call the \c PSA_xxx_SIZE macro listed in the function * description to determine a sufficient buffer size. * * Implementations should preferably return this error code only @@ -356,8 +356,8 @@ typedef uint32_t psa_key_type_t; * used for. * * HMAC keys should generally have the same size as the underlying hash. - * This size can be calculated with #PSA_HASH_SIZE(\p alg) where - * `alg` is the HMAC algorithm or the underlying hash algorithm. */ + * This size can be calculated with #PSA_HASH_SIZE(\c alg) where + * \c alg is the HMAC algorithm or the underlying hash algorithm. */ #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. @@ -1357,7 +1357,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * * \param alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm - * (#PSA_ALG_HMAC(`hash_alg`) where `hash_alg` is a + * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a * hash algorithm). * * \return The hash size for the specified hash algorithm. @@ -1466,7 +1466,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \param hash_size Size of the \p hash buffer in bytes. * \param[out] hash_length On success, the number of bytes * that make up the hash value. This is always - * #PSA_HASH_SIZE(`alg`) where `alg` is the + * #PSA_HASH_SIZE(\c alg) where \c alg is the * hash algorithm that is calculated. * * \retval #PSA_SUCCESS @@ -2450,7 +2450,7 @@ psa_status_t psa_generate_random(uint8_t *output, /** Extra parameters for RSA key generation. * - * You may pass a pointer to a structure of this type as the `extra` + * You may pass a pointer to a structure of this type as the \c extra * parameter to psa_generate_key(). */ typedef struct { From 1c211b3e01ca1692e5e3a5b2625f1bec804b7eca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 00:24:04 +0200 Subject: [PATCH 0389/2197] Fix some test dependencies * No test depends on MBEDTLS_PK_C except via MBEDTLS_PK_PARSE_C, so remove MBEDTLS_PK_C and keep only MBEDTLS_PK_PARSE_C. * Add MBEDTLS_PK_WRITE_C for pk export tests. * Add MBEDTLS_GENPRIME for RSA key generation tests. * Add dependencies to AEAD tests. * Add missing dependencies to many RSA tests. --- tests/suites/test_suite_psa_crypto.data | 102 ++++++++++++++---------- 1 file changed, 62 insertions(+), 40 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 72c602181..27c15389f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -30,87 +30,87 @@ depends_on:MBEDTLS_AES_C import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: valid key but EC -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA keypair: good, 1023-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 PSA import/export-public RSA public key: good, 1024-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS PSA import/export-public PSA keypair: good, 1024-bit -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS PSA import/export-public: cannot export-public a symmetric key -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export EC secp256r1: good -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export EC secp384r1: good -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export @@ -122,29 +122,31 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: valid key but RSA -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT PSA import RSA key pair: maximum size exceeded +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: maximum size exceeded +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy set and get @@ -558,51 +560,67 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS PSA AEAD encrypt/decrypt: DES-CCM not supported +depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt: AES-CCM, 23 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" PSA AEAD encrypt: AES-CCM, 24 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" PSA AEAD decrypt: AES-CCM, 39 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS PSA AEAD decrypt, AES-CCM, 40 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS PSA AEAD decrypt: AES-CCM, invalid signature +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS PSA AEAD encrypt, AES-GCM, 128 bytes #1 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" PSA AEAD encrypt, AES-GCM, 128 bytes #2 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" PSA AEAD decrypt, AES-GCM, 144 bytes #1 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS PSA AEAD decrypt, AES-GCM, 144 bytes #2 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS PSA AEAD decrypt, AES-GCM, invalid signature +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE PSA AEAD encrypt/decrypt: invalid algorithm (CTR) +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw @@ -624,15 +642,15 @@ PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise: ECP SECP256R1 keypair, ECDSA -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) PSA sign: RSA PKCS#1 v1.5, raw @@ -640,28 +658,31 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" PSA sign: RSA PKCS#1 v1.5 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash @@ -669,19 +690,19 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, good -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature of correct size -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 @@ -782,18 +803,19 @@ depends_on:MBEDTLS_AES_C generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT PSA generate key: RSA, 512 bits, good, sign -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1024 bits, good, sign -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 512 bits, good, encrypt -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS PSA generate key: RSA, maximum size exceeded +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED PSA generate key: ECC, SECP256R1, good From 54622aec806255443afbd99e57442b673d18bcb3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 22:24:24 +0200 Subject: [PATCH 0390/2197] Fix PSA_ALG_SIGN_GET_HASH for PSA_ALG_SIGN_xxx_RAW --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ba0755b2e..2477e58a5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -929,6 +929,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_SIGN_GET_HASH(alg) \ (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) From b82ab6f402535f5b262fb2f1faa70c7f8ac0b402 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 13 Jul 2018 15:33:43 +0200 Subject: [PATCH 0391/2197] Improve documentation of abort functions Explicitly state that calling abort is safe after initializing to zero. Explicitly state that calling abort on an inactive operation is safe, and replace "active" by "initialized" in the description of the parameter. Get rid of the recommendation for implementers to try to handle uninitialized structures safely. It's good advice in principle but cannot be achieved in a robust way and the wording was confusing. --- include/psa/crypto.h | 70 ++++++++++++++++++++++++++++---------------- 1 file changed, 44 insertions(+), 26 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d5bda81f9..8ac817a6e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1524,17 +1524,23 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, /** Abort a hash operation. * - * This function may be called at any time after psa_hash_setup(). * Aborting an operation frees all associated resources except for the - * \p operation structure itself. + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_hash_setup() again. * - * Implementation should strive to be robust and handle inactive hash - * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, - * application writers should beware that uninitialized memory may happen - * to be indistinguishable from an active hash operation, and the behavior - * of psa_hash_abort() is undefined in this case. + * You may call this function any time after the operation object has + * been initialized by any of the following methods: + * - A call to psa_hash_setup(), whether it succeeds or not. + * - Initializing the \c struct to all-bits-zero. + * - Initializing the \c struct to logical zeros, e.g. + * `psa_hash_operation_t operation = {0}`. * - * \param[in,out] operation Active hash operation. + * In particular, calling psa_hash_abort() after the operation has been + * terminated by a call to psa_hash_abort(), psa_hash_finish() or + * psa_hash_verify() is safe and has no effect. + * + * \param[in,out] operation Initialized hash operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE @@ -1760,18 +1766,24 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, /** Abort a MAC operation. * - * This function may be called at any time after psa_mac_sign_setup() - * or psa_mac_verify_setup(). * Aborting an operation frees all associated resources except for the - * \p operation structure itself. + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_mac_sign_setup() or psa_mac_verify_setup() again. * - * Implementation should strive to be robust and handle inactive MAC - * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, - * application writers should beware that uninitialized memory may happen - * to be indistinguishable from an active MAC operation, and the behavior - * of psa_mac_abort() is undefined in this case. + * You may call this function any time after the operation object has + * been initialized by any of the following methods: + * - A call to psa_mac_sign_setup() or psa_mac_verify_setup(), whether + * it succeeds or not. + * - Initializing the \c struct to all-bits-zero. + * - Initializing the \c struct to logical zeros, e.g. + * `psa_mac_operation_t operation = {0}`. * - * \param[in,out] operation Active MAC operation. + * In particular, calling psa_mac_abort() after the operation has been + * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or + * psa_mac_verify_finish() is safe and has no effect. + * + * \param[in,out] operation Initialized MAC operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE @@ -2038,18 +2050,24 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, /** Abort a cipher operation. * - * This function may be called at any time after - * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(). * Aborting an operation frees all associated resources except for the - * \p operation structure itself. + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again. * - * Implementation should strive to be robust and handle inactive cipher - * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However, - * application writers should beware that uninitialized memory may happen - * to be indistinguishable from an active cipher operation, and the behavior - * of psa_cipher_abort() is undefined in this case. + * You may call this function any time after the operation object has + * been initialized by any of the following methods: + * - A call to psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(), + * whether it succeeds or not. + * - Initializing the \c struct to all-bits-zero. + * - Initializing the \c struct to logical zeros, e.g. + * `psa_cipher_operation_t operation = {0}`. * - * \param[in,out] operation Active cipher operation. + * In particular, calling psa_cipher_abort() after the operation has been + * terminated by a call to psa_cipher_abort() or psa_cipher_finish() + * is safe and has no effect. + * + * \param[in,out] operation Initialized cipher operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE From f969b3ac74dcabea70a7a80ee09bf56581c3adbb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 00:20:25 +0200 Subject: [PATCH 0392/2197] Change a generate_key test to exercise with PSS This required tweaking exercise_signature_key to use a payload size for the signature based on the algorithm, since our implementation of PSS requires that the input size matches the hash size. This would also be the case for PKCS#1 v1.5 with a specified hash. --- tests/suites/test_suite_psa_crypto.data | 10 +++++----- tests/suites/test_suite_psa_crypto.function | 10 ++++++++-- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index eb5f77b93..e3d74ba93 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -870,13 +870,13 @@ PSA generate key: invalid key size: AES, 64 bits depends_on:MBEDTLS_AES_C generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT -PSA generate key: RSA, 512 bits, good, sign -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS -PSA generate key: RSA, 1024 bits, good, sign -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS PSA generate key: RSA, 512 bits, good, encrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8c8d41d26..dbe306e04 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -285,13 +285,19 @@ static int exercise_signature_key( psa_key_slot_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { - unsigned char payload[16] = {1}; - size_t payload_length = sizeof( payload ); + unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + size_t payload_length = 16; unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length = sizeof( signature ); if( usage & PSA_KEY_USAGE_SIGN ) { + /* Some algorithms require the payload to have the size of + * the hash encoded in the algorithm. Use this input size + * even for algorithms that allow other input sizes. */ + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); + if( hash_alg != 0 ) + payload_length = PSA_HASH_SIZE( hash_alg ); TEST_ASSERT( psa_asymmetric_sign( key, alg, payload, payload_length, signature, sizeof( signature ), From ef0cb407361cc42cacf3d9a8c74ddf028ffd966e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 16:55:59 +0200 Subject: [PATCH 0393/2197] Fix bug in exercise_mac_key that almost always broke the SIGN case That case isn't used in the test suite yet. --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e9efb3a0a..37d6aca3f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -143,7 +143,7 @@ static int exercise_mac_key( psa_key_slot_t key, TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_sign_finish( &operation, - mac, sizeof( input ), + mac, sizeof( mac ), &mac_length ) == PSA_SUCCESS ); } From f64ee8a7f10f05c5b624afd817aef7ef7d1d5adb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 16:57:40 +0200 Subject: [PATCH 0394/2197] Fix "unknown MAC algorithm" to actually use a MAC algorithm --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 27c15389f..b44c347e2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -294,7 +294,7 @@ mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_S PSA MAC setup: bad algorithm (unknown MAC algorithm) depends_on:MBEDTLS_MD_C -mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED PSA MAC setup: bad algorithm (not a MAC algorithm) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC From a4d20bd3879c206fe9f6b55d86bc640b25bf3a09 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 23:35:02 +0200 Subject: [PATCH 0395/2197] For RSA PSS, document that salt length = hash length This is the most common mode and the only mode that Mbed TLS functions fully supports (mbedtls_rsa_rsassa_pss_verify_ext can verify signatures with a different salt length). --- include/psa/crypto.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2477e58a5..ea209852a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -807,7 +807,8 @@ typedef uint32_t psa_algorithm_t; * * This is the signature scheme defined by RFC 8017 * (PKCS#1: RSA Cryptography Specifications) under the name - * RSASSA-PSS, with the message generation function MGF1. The specified + * RSASSA-PSS, with the message generation function MGF1, and with + * a salt length equal to the length of the hash. The specified * hash algorithm is used to hash the input message, to create the * salted hash, and for the mask generation. * From 94e44540ff9eb42fb4e63f371335d3e7a36c32e4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 16:58:43 +0200 Subject: [PATCH 0396/2197] psa_hash_update: robustify the case length=0 Don't require hash implementations to behave correctly on a zero-length input, which may have an invalid pointer. --- library/psa_crypto.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index eb140ea2c..47605d432 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1018,6 +1018,12 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, size_t input_length ) { int ret; + + /* Don't require hash implementations to behave correctly on a + * zero-length input, which may have an invalid pointer. */ + if( input_length == 0 ) + return( PSA_SUCCESS ); + switch( operation->alg ) { #if defined(MBEDTLS_MD2_C) @@ -1068,6 +1074,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; break; } + if( ret != 0 ) psa_hash_abort( operation ); return( mbedtls_to_psa_error( ret ) ); From 71ac7b11a755dfe2b7daf02481d99e3fcee449d2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 23:36:35 +0200 Subject: [PATCH 0397/2197] Allow RSA PSS with any input size Although RSASSA-PSS defines its input as a message to be hashed, we implement a sign-the-hash function. This function can take an input which isn't a hash, so don't restrict the size of the input, any more than Mbed TLS does. Remove a redundant check that hash_length fits in unsigned int for the sake of Mbed TLS RSA functions. Test that PSS accepts inputs of various lengths. For PKCS#1 v1.5 signature in raw mode, test the maximum input length. --- library/psa_crypto.c | 55 ++++++++++++------------- tests/suites/test_suite_psa_crypto.data | 26 +++++++++++- 2 files changed, 52 insertions(+), 29 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 30b68faf6..2a60b6feb 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1741,28 +1741,45 @@ cleanup: #if defined(MBEDTLS_RSA_C) /* Decode the hash algorithm from alg and store the mbedtls encoding in - * md_alg. Verify that the hash length is consistent. */ + * md_alg. Verify that the hash length is acceptable. */ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, size_t hash_length, mbedtls_md_type_t *md_alg ) { psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info ); - if( *md_alg == MBEDTLS_MD_NONE ) - { + *md_alg = mbedtls_md_get_type( md_info ); + + /* The Mbed TLS RSA module uses an unsigned int for hash length + * parameters. Validate that it fits so that we don't risk an + * overflow later. */ #if SIZE_MAX > UINT_MAX - if( hash_length > UINT_MAX ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( hash_length > UINT_MAX ) + return( PSA_ERROR_INVALID_ARGUMENT ); #endif - } - else + +#if defined(MBEDTLS_PKCS1_V15) + /* For PKCS#1 v1.5 signature, if using a hash, the hash length + * must be correct. */ + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) && + alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW ) { + if( md_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); if( mbedtls_md_get_size( md_info ) != hash_length ) return( PSA_ERROR_INVALID_ARGUMENT ); + } +#endif /* MBEDTLS_PKCS1_V15 */ + +#if defined(MBEDTLS_PKCS1_V21) + /* PSS requires a hash internally. */ + if( PSA_ALG_IS_RSA_PSS( alg ) ) + { if( md_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); } +#endif /* MBEDTLS_PKCS1_V21 */ + return( PSA_SUCCESS ); } @@ -1785,15 +1802,6 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, if( signature_size < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if - * hash_length will fit and return an error if it doesn't. */ -#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21) -#if SIZE_MAX > UINT_MAX - if( hash_length > UINT_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -#endif - #if defined(MBEDTLS_PKCS1_V15) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { @@ -1818,7 +1826,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PRIVATE, - md_alg, + MBEDTLS_MD_NONE, (unsigned int) hash_length, hash, signature ); @@ -1852,15 +1860,6 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, if( signature_length < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); -#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21) -#if SIZE_MAX > UINT_MAX - /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if - * hash_length will fit and return an error if it doesn't. */ - if( hash_length > UINT_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -#endif - #if defined(MBEDTLS_PKCS1_V15) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { @@ -1885,7 +1884,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, mbedtls_ctr_drbg_random, &global_data.ctr_drbg, MBEDTLS_RSA_PUBLIC, - md_alg, + MBEDTLS_MD_NONE, (unsigned int) hash_length, hash, signature ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e3d74ba93..9770f0453 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -689,6 +689,10 @@ PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT +PSA sign: RSA PKCS#1 v1.5 raw, input too large +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT + PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL @@ -709,10 +713,18 @@ PSA sign/verify: RSA PKCS#1 v1.5 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA sign/verify: RSA PSS-SHA-256 +PSA sign/verify: RSA PSS SHA-256, 0 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" + +PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +PSA sign/verify: RSA PSS SHA-256, 129 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" @@ -737,6 +749,18 @@ PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +PSA verify: RSA PSS SHA-256, good signature, 0 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" + +PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" + +PSA verify: RSA PSS SHA-256, good signature, 129 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" + PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" From 01126fae7fa4c4d0584a852818cf1087b74d367f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:04:55 +0200 Subject: [PATCH 0398/2197] Isolate HMAC code into its own functions Create internal functions for HMAC operations. This prepares for two things: separating crypto-sensitive code from argument decoding and validation, and using HMAC for other purposes than a MAC inside the library (e.g. HMAC_DRBG, HKDF). No intended observable behavior change in this commit. --- library/psa_crypto.c | 151 ++++++++++++++++++++++--------------------- 1 file changed, 79 insertions(+), 72 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 47605d432..de1f772ea 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1332,6 +1332,14 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, return( status ); } +#if defined(MBEDTLS_MD_C) +static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac ) +{ + mbedtls_zeroize( hmac->opad, sizeof( hmac->opad ) ); + return( psa_hash_abort( &hmac->hash_ctx ) ); +} +#endif /* MBEDTLS_MD_C */ + psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) { if( operation->alg == 0 ) @@ -1352,12 +1360,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - size_t block_size = - psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); - if( block_size == 0 ) - goto bad_state; - psa_hash_abort( &operation->ctx.hmac.hash_ctx ); - mbedtls_zeroize( operation->ctx.hmac.opad, block_size ); + psa_hmac_abort_internal( &operation->ctx.hmac ); } else #endif /* MBEDTLS_MD_C */ @@ -1407,43 +1410,33 @@ static int psa_cmac_setup( psa_mac_operation_t *operation, #endif /* MBEDTLS_CMAC_C */ #if defined(MBEDTLS_MD_C) -static int psa_hmac_setup( psa_mac_operation_t *operation, - psa_key_type_t key_type, - key_slot_t *slot, - psa_algorithm_t alg ) +static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, + const uint8_t *key, + size_t key_length, + psa_algorithm_t hash_alg ) { unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; - unsigned char *opad = operation->ctx.hmac.opad; size_t i; - size_t block_size = - psa_get_hash_block_size( PSA_ALG_HMAC_HASH( alg ) ); - unsigned int digest_size = - PSA_HASH_SIZE( PSA_ALG_HMAC_HASH( alg ) ); - size_t key_length = slot->data.raw.bytes; + size_t block_size = psa_get_hash_block_size( hash_alg ); psa_status_t status; - if( block_size == 0 || digest_size == 0 ) + if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); - if( key_type != PSA_KEY_TYPE_HMAC ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - operation->mac_size = digest_size; /* The hash was started earlier in psa_mac_init. */ if( key_length > block_size ) { - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, - slot->data.raw.data, slot->data.raw.bytes ); + status = psa_hash_update( &hmac->hash_ctx, key, key_length ); if( status != PSA_SUCCESS ) return( status ); - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, + status = psa_hash_finish( &hmac->hash_ctx, ipad, sizeof( ipad ), &key_length ); if( status != PSA_SUCCESS ) return( status ); } else - memcpy( ipad, slot->data.raw.data, slot->data.raw.bytes ); + memcpy( ipad, key, key_length ); /* ipad contains the key followed by garbage. Xor and fill with 0x36 * to create the ipad value. */ @@ -1454,22 +1447,17 @@ static int psa_hmac_setup( psa_mac_operation_t *operation, /* Copy the key material from ipad to opad, flipping the requisite bits, * and filling the rest of opad with the requisite constant. */ for( i = 0; i < key_length; i++ ) - opad[i] = ipad[i] ^ 0x36 ^ 0x5C; - memset( opad + key_length, 0x5C, block_size - key_length ); + hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C; + memset( hmac->opad + key_length, 0x5C, block_size - key_length ); - status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( alg ) ); + status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); if( status != PSA_SUCCESS ) goto cleanup; - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad, - block_size ); + status = psa_hash_update( &hmac->hash_ctx, ipad, block_size ); cleanup: mbedtls_zeroize( ipad, key_length ); - /* opad is in the context. It needs to stay in memory if this function - * succeeds, and it will be wiped by psa_mac_abort() called from - * psa_mac_setup in the error case. */ return( status ); } @@ -1517,7 +1505,22 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) { - status = psa_hmac_setup( operation, slot->type, slot, alg ); + psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg ); + if( hash_alg == 0 ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + if( slot->type != PSA_KEY_TYPE_HMAC ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + status = psa_hmac_setup_internal( &operation->ctx.hmac, + slot->data.raw.data, + slot->data.raw.bytes, + hash_alg ); + operation->mac_size = PSA_HASH_SIZE( hash_alg ); } else #endif /* MBEDTLS_MD_C */ @@ -1591,12 +1594,49 @@ cleanup: return( status ); } +#if defined(MBEDTLS_MD_C) +static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac, + uint8_t *mac, + size_t mac_size ) +{ + unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; + psa_algorithm_t hash_alg = hmac->hash_ctx.alg; + size_t hash_size = 0; + size_t block_size = psa_get_hash_block_size( hash_alg ); + psa_status_t status; + + if( block_size == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); + + status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); + if( status != PSA_SUCCESS ) + return( status ); + /* From here on, tmp needs to be wiped. */ + + status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_hash_finish( &hmac->hash_ctx, mac, mac_size, &hash_size ); + +exit: + mbedtls_zeroize( tmp, hash_size ); + return( status ); +} +#endif /* MBEDTLS_MD_C */ + static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size ) { - psa_status_t status; - if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); if( operation->iv_required && ! operation->iv_set ) @@ -1616,41 +1656,8 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; - unsigned char *opad = operation->ctx.hmac.opad; - size_t hash_size = 0; - size_t block_size = - psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) ); - - if( block_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp, - sizeof( tmp ), &hash_size ); - if( status != PSA_SUCCESS ) - return( status ); - /* From here on, tmp needs to be wiped. */ - - status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( operation->alg ) ); - if( status != PSA_SUCCESS ) - goto hmac_cleanup; - - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad, - block_size ); - if( status != PSA_SUCCESS ) - goto hmac_cleanup; - - status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp, - hash_size ); - if( status != PSA_SUCCESS ) - goto hmac_cleanup; - - status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac, - mac_size, &hash_size ); - hmac_cleanup: - mbedtls_zeroize( tmp, hash_size ); - return( status ); + return( psa_hmac_finish_internal( &operation->ctx.hmac, + mac, mac_size ) ); } else #endif /* MBEDTLS_MD_C */ From 072ac56a03942a3c194b39c67b294dd79ab614df Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 00:21:29 +0200 Subject: [PATCH 0399/2197] Implement OAEP Implement RSAES-OAEP encryption and decryption. Test it to the same level as PKCS#1 v1.5. --- include/psa/crypto.h | 8 +++- library/psa_crypto.c | 38 +++++++++++++++- tests/suites/test_suite_psa_crypto.data | 60 ++++++++++++++++++++++++- 3 files changed, 100 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ea209852a..78836288c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -957,6 +957,10 @@ typedef uint32_t psa_algorithm_t; (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_RSA_OAEP(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) +#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) /**@}*/ @@ -2314,8 +2318,8 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, size_t signature_length); #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ - (PSA_ALG_IS_RSA_OAEP_MGF1(alg) ? \ - 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_GET_HASH(alg)) + 1 : \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ 11 /*PKCS#1v1.5*/) /** diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2a60b6feb..c1cf490da 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2101,6 +2101,17 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, } } +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) +static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, + mbedtls_rsa_context *rsa ) +{ + psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); + mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); + mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); +} +#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) */ + psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *input, @@ -2114,8 +2125,11 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; + /* Only used by some algorithms which may or may not be included in the + * build-time configuration use the salt. */ (void) salt; (void) salt_length; + *output_length = 0; status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); @@ -2148,7 +2162,15 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, #if defined(MBEDTLS_PKCS1_V21) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { - return( PSA_ERROR_NOT_SUPPORTED ); + psa_rsa_oaep_set_padding_mode( alg, rsa ); + ret = mbedtls_rsa_rsaes_oaep_encrypt( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PUBLIC, + salt, salt_length, + input_length, + input, + output ); } else #endif /* MBEDTLS_PKCS1_V21 */ @@ -2179,8 +2201,11 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; + /* Only used by some algorithms which may or may not be included in the + * build-time configuration use the salt. */ (void) salt; (void) salt_length; + *output_length = 0; status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); @@ -2215,7 +2240,16 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, #if defined(MBEDTLS_PKCS1_V21) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { - return( PSA_ERROR_NOT_SUPPORTED ); + psa_rsa_oaep_set_padding_mode( alg, rsa ); + ret = mbedtls_rsa_rsaes_oaep_decrypt( rsa, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg, + MBEDTLS_RSA_PRIVATE, + salt, salt_length, + output_length, + input, + output, + output_size ); } else #endif /* MBEDTLS_PKCS1_V21 */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9770f0453..db8a59f89 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -781,14 +781,30 @@ PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +PSA encrypt: RSA OAEP-SHA-256, good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS + +PSA encrypt: RSA OAEP-SHA-384, good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":128:PSA_SUCCESS + PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +PSA encrypt: RSA OAEP-SHA-256, key pair +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS + PSA encrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:PSA_ERROR_INVALID_ARGUMENT +PSA encrypt: RSA OAEP-SHA-384, input too large +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":0:PSA_ERROR_INVALID_ARGUMENT + PSA encrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT @@ -805,6 +821,14 @@ PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +PSA encrypt-decrypt: RSA OAEP-SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" + +PSA encrypt-decrypt: RSA OAEP-SHA-384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e" + PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" @@ -813,10 +837,26 @@ PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +PSA decrypt: RSA OAEP-SHA-256, 0 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"" + +PSA decrypt: RSA OAEP-SHA-256, 30 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"74686973206973206e6f2073717565616d697368206f7373696672616765" + +PSA decrypt: RSA OAEP-SHA-384, 30 bytes +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"74686973206973206e6f2073717565616d697368206f7373696672616765" + PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":PSA_ERROR_INVALID_PADDING +PSA decrypt: RSA OAEP-SHA-256, invalid padding +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":PSA_ERROR_INVALID_PADDING + PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT @@ -825,6 +865,10 @@ PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT +PSA decrypt: RSA OAEP, invalid key type (RSA public key) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT + PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":PSA_ERROR_INVALID_ARGUMENT @@ -837,6 +881,14 @@ PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT +PSA decrypt: RSA OAEP-SHA-256, input too small +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT + +PSA decrypt: RSA OAEP-SHA-256, input too large +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT + PSA generate random: 0 bytes generate_random:0 @@ -902,10 +954,14 @@ PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS -PSA generate key: RSA, 512 bits, good, encrypt -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS +PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS + PSA generate key: RSA, maximum size exceeded depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED From 9688997301a315933290ed4d55ec407d045ac324 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:07:03 +0200 Subject: [PATCH 0400/2197] MAC setup: support 0-length HMAC key Avoid undefined behavior when using a 0-length HMAC key (Asan complained). --- library/psa_crypto.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index de1f772ea..a0f278086 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1435,7 +1435,11 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, if( status != PSA_SUCCESS ) return( status ); } - else + /* A 0-length key is not commonly used in HMAC when used as a MAC, + * but it is permitted. It is common when HMAC is used in HKDF, for + * example. Don't call `memcpy` in the 0-length because `key` could be + * an invalid pointer which would make the behavior undefined. */ + else if( key_length != 0 ) memcpy( ipad, key, key_length ); /* ipad contains the key followed by garbage. Xor and fill with 0x36 From 68428121885b7f729a75a825680820efcc4e8fe9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 18:42:41 +0200 Subject: [PATCH 0401/2197] Asymmetric encryption tests: allow label argument Add a label argument to all asymmetric encryption test functions (currently empty in all tests, but that will change soon). In asymmetric_encrypt and asymmetric_decrypt, with an empty label, test with both a null pointer and a non-null pointer. --- tests/suites/test_suite_psa_crypto.data | 56 +++++++-------- tests/suites/test_suite_psa_crypto.function | 77 ++++++++++++++++++--- 2 files changed, 94 insertions(+), 39 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index db8a59f89..1660f0674 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -779,115 +779,115 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"305 PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: invalid key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"" PSA encrypt-decrypt: RSA OAEP-SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA OAEP-SHA-384 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA decrypt: RSA OAEP-SHA-256, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" PSA decrypt: RSA OAEP-SHA-256, 30 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"74686973206973206e6f2073717565616d697368206f7373696672616765" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"74686973206973206e6f2073717565616d697368206f7373696672616765" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":PSA_ERROR_INVALID_PADDING PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index dbe306e04..9bb548c00 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2237,6 +2237,7 @@ void asymmetric_encrypt( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, + data_t *label, int expected_output_length_arg, int expected_status_arg ) { @@ -2273,12 +2274,27 @@ void asymmetric_encrypt( int key_type_arg, /* Encrypt the input */ actual_status = psa_asymmetric_encrypt( slot, alg, input_data->x, input_data->len, - NULL, 0, + label->x, label->len, output, output_size, &output_length ); TEST_ASSERT( actual_status == expected_status ); TEST_ASSERT( output_length == expected_output_length ); + /* If the label is empty, the test framework puts a non-null pointer + * in label->x. Test that a null pointer works as well. */ + if( label->len == 0 ) + { + output_length = ~0; + memset( output, 0, output_size ); + actual_status = psa_asymmetric_encrypt( slot, alg, + input_data->x, input_data->len, + NULL, label->len, + output, output_size, + &output_length ); + TEST_ASSERT( actual_status == expected_status ); + TEST_ASSERT( output_length == expected_output_length ); + } + exit: psa_destroy_key( slot ); mbedtls_free( output ); @@ -2287,8 +2303,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data ) +void asymmetric_encrypt_decrypt( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -2330,13 +2349,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data, * part of encryption process which prevents using fixed vectors. */ TEST_ASSERT( psa_asymmetric_encrypt( slot, alg, input_data->x, input_data->len, - NULL, 0, + label->x, label->len, output, output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, output, output_length, - NULL, 0, + label->x, label->len, output2, output2_size, &output2_length ) == PSA_SUCCESS ); TEST_ASSERT( memcmp( input_data->x, output2, @@ -2351,8 +2370,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, +void asymmetric_decrypt( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, data_t *expected_data ) { int slot = 1; @@ -2386,13 +2408,29 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, input_data->x, input_data->len, - NULL, 0, + label->x, label->len, output, output_size, &output_length ) == PSA_SUCCESS ); TEST_ASSERT( expected_data->len == output_length ); TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); + /* If the label is empty, the test framework puts a non-null pointer + * in label->x. Test that a null pointer works as well. */ + if( label->len == 0 ) + { + output_length = ~0; + memset( output, 0, output_size ); + TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + input_data->x, input_data->len, + NULL, label->len, + output, + output_size, + &output_length ) == PSA_SUCCESS ); + TEST_ASSERT( expected_data->len == output_length ); + TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); + } + exit: psa_destroy_key( slot ); mbedtls_free( output ); @@ -2401,8 +2439,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, +void asymmetric_decrypt_fail( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, int expected_status_arg ) { int slot = 1; @@ -2436,11 +2477,25 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data, actual_status = psa_asymmetric_decrypt( slot, alg, input_data->x, input_data->len, - NULL, 0, + label->x, label->len, output, output_size, &output_length ); TEST_ASSERT( actual_status == expected_status ); + /* If the label is empty, the test framework puts a non-null pointer + * in label->x. Test that a null pointer works as well. */ + if( label->len == 0 ) + { + output_length = ~0; + memset( output, 0, output_size ); + actual_status = psa_asymmetric_decrypt( slot, alg, + input_data->x, input_data->len, + NULL, label->len, + output, output_size, + &output_length ); + TEST_ASSERT( actual_status == expected_status ); + } + exit: psa_destroy_key( slot ); mbedtls_free( output ); From b8be288374a462738613861d776362ee11f9b854 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Jul 2018 16:24:34 +0200 Subject: [PATCH 0402/2197] psa_hmac_setup_internal: add some missing cleanup on failure Clean ipad if hashing the key failed. --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a0f278086..f157f4506 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1429,11 +1429,11 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, { status = psa_hash_update( &hmac->hash_ctx, key, key_length ); if( status != PSA_SUCCESS ) - return( status ); + goto cleanup; status = psa_hash_finish( &hmac->hash_ctx, ipad, sizeof( ipad ), &key_length ); if( status != PSA_SUCCESS ) - return( status ); + goto cleanup; } /* A 0-length key is not commonly used in HMAC when used as a MAC, * but it is permitted. It is common when HMAC is used in HKDF, for From 55c94dd500b88f429bdc5af6092448fc8932166e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 18:54:48 +0200 Subject: [PATCH 0403/2197] Asymmetric encrypt/decrypt tests: check output length In asymmetric_encrypt_decrypt, use the buffer size advertized by the library for the ciphertext, and the length of the plaintext for the re-decrypted output. Test the output length if known. Require it to be 0 on error for encrypt/decrypt functions. If the output length is unknown, test at least that it's within the buffer limits. --- tests/suites/test_suite_psa_crypto.function | 38 ++++++++++++++------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9bb548c00..4ff25fe6b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2312,12 +2312,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, int slot = 1; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output = NULL; - size_t output_size = 0; - size_t output_length = 0; + size_t output_size; + size_t output_length = ~0; unsigned char *output2 = NULL; - size_t output2_size = 0; - size_t output2_length = 0; + size_t output2_size; + size_t output2_length = ~0; psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); @@ -2325,13 +2326,6 @@ void asymmetric_encrypt_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - output_size = key_data->len; - output2_size = output_size; - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); - output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( output2 != NULL ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -2344,6 +2338,18 @@ void asymmetric_encrypt_decrypt( int key_type_arg, key_data->x, key_data->len ) == PSA_SUCCESS ); + + /* Determine the maximum ciphertext length */ + TEST_ASSERT( psa_get_key_information( slot, + NULL, + &key_bits ) == PSA_SUCCESS ); + output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); + output = mbedtls_calloc( 1, output_size ); + TEST_ASSERT( output != NULL ); + output2_size = input_data->len; + output2 = mbedtls_calloc( 1, output2_size ); + TEST_ASSERT( output2 != NULL ); + /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ @@ -2352,12 +2358,16 @@ void asymmetric_encrypt_decrypt( int key_type_arg, label->x, label->len, output, output_size, &output_length ) == PSA_SUCCESS ); + /* We don't know what ciphertext length to expect, but check that + * it looks sensible. */ + TEST_ASSERT( output_length <= output_size ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, output, output_length, label->x, label->len, output2, output2_size, &output2_length ) == PSA_SUCCESS ); + TEST_ASSERT( output2_length == input_data->len ); TEST_ASSERT( memcmp( input_data->x, output2, input_data->len ) == 0 ); @@ -2382,7 +2392,7 @@ void asymmetric_decrypt( int key_type_arg, psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; size_t output_size = 0; - size_t output_length = 0; + size_t output_length = ~0; psa_key_policy_t policy; TEST_ASSERT( key_data != NULL ); @@ -2451,7 +2461,7 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; size_t output_size = 0; - size_t output_length = 0; + size_t output_length = ~0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy; @@ -2481,6 +2491,7 @@ void asymmetric_decrypt_fail( int key_type_arg, output, output_size, &output_length ); TEST_ASSERT( actual_status == expected_status ); + TEST_ASSERT( output_length <= output_size ); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ @@ -2494,6 +2505,7 @@ void asymmetric_decrypt_fail( int key_type_arg, output, output_size, &output_length ); TEST_ASSERT( actual_status == expected_status ); + TEST_ASSERT( output_length <= output_size ); } exit: From ff94abdf3a95d08921c31281f82d8f7bfda9db15 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:07:52 +0200 Subject: [PATCH 0404/2197] Make psa_hmac_setup_internal more standalone Call psa_hash_setup in psa_hmac_setup_internal rather than psa_mac_init. This makes it easier to use psa_hmac_setup_internal on its own (for the sake of using HMAC internally inside the library). --- library/psa_crypto.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f157f4506..b1555631e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1317,8 +1317,9 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( operation->alg ) ) { - status = psa_hash_setup( &operation->ctx.hmac.hash_ctx, - PSA_ALG_HMAC_HASH( alg ) ); + /* We'll set up the hash operation later in psa_hmac_setup_internal. */ + operation->ctx.hmac.hash_ctx.alg = 0; + status = PSA_SUCCESS; } else #endif /* MBEDTLS_MD_C */ @@ -1423,8 +1424,10 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); + status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); + if( status != PSA_SUCCESS ) + return( status ); - /* The hash was started earlier in psa_mac_init. */ if( key_length > block_size ) { status = psa_hash_update( &hmac->hash_ctx, key, key_length ); From 3bd1a42203bd3b7a3999c363aab9864cc7a41b1d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Jul 2018 11:55:51 +0200 Subject: [PATCH 0405/2197] Remove duplicate definition of PSA_KEY_TYPE_IS_RSA --- include/psa/crypto.h | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 78836288c..cbc7f4d45 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -430,13 +430,10 @@ typedef uint32_t psa_key_type_t; /** The public key type corresponding to a key pair type. */ #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ ((type) & ~PSA_KEY_TYPE_PAIR_FLAG) -/** Whether a key type is an RSA key pair or public key. */ -#define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == \ - PSA_KEY_TYPE_RSA_PUBLIC_KEY) + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + /** Whether a key type is an elliptic curve key (pair or public-only). */ #define PSA_KEY_TYPE_IS_ECC(type) \ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ From b3fc05d77693fcc81d1dfee069e870cacff9364b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 19:04:35 +0200 Subject: [PATCH 0406/2197] psa_asymmetric_{encrypt,decrypt}: reject salt when not allowed In psa_asymmetric_encrypt and psa_asymmetric_decrypt, if the algorithm does not use a salt, require the salt to be empty. --- library/psa_crypto.c | 16 ++++++---------- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c1cf490da..02807a22c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2125,13 +2125,11 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; - /* Only used by some algorithms which may or may not be included in the - * build-time configuration use the salt. */ - (void) salt; - (void) salt_length; - *output_length = 0; + if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -2201,13 +2199,11 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; - /* Only used by some algorithms which may or may not be included in the - * build-time configuration use the salt. */ - (void) salt; - (void) salt_length; - *output_length = 0; + if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1660f0674..b232f2ce4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -801,6 +801,10 @@ PSA encrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT +PSA encrypt: RSA PKCS#1 v1.5: salt not allowed +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT + PSA encrypt: RSA OAEP-SHA-384, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT @@ -853,6 +857,10 @@ PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING +PSA decrypt: RSA PKCS#1 v1.5: salt not allowed +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":PSA_ERROR_INVALID_ARGUMENT + PSA decrypt: RSA OAEP-SHA-256, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":PSA_ERROR_INVALID_PADDING From 1e6bfdff5eb0e3d0b50acd3416ce4545aa5c3d46 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Jul 2018 16:22:47 +0200 Subject: [PATCH 0407/2197] psa_hmac_setup_internal: fix double call of psa_hash_setup In the common case (key no longer than the block size), psa_hash_setup was being called twice in succession. With current implementations this is just a small performance loss, but potentially with alternative implementations this could have lead to a memory leak. --- library/psa_crypto.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b1555631e..7ea614f45 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1424,12 +1424,11 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, if( block_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); - status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); - if( status != PSA_SUCCESS ) - return( status ); - if( key_length > block_size ) { + status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); + if( status != PSA_SUCCESS ) + goto cleanup; status = psa_hash_update( &hmac->hash_ctx, key, key_length ); if( status != PSA_SUCCESS ) goto cleanup; From 55728b0e704dc1b6128e57da2ddb8b811d7da176 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 16 Jul 2018 23:08:16 +0200 Subject: [PATCH 0408/2197] Add a few key type and algorithm test macros These new PSA_xxx_IS_yyy macros fill a few missing gaps. --- include/psa/crypto.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cbc7f4d45..5135e122d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -438,6 +438,12 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_ECC(type) \ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_KEYPAIR_BASE) +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) /** The type of PSA elliptic curve identifiers. */ typedef uint16_t psa_ecc_curve_t; @@ -845,6 +851,10 @@ typedef uint32_t psa_algorithm_t; PSA_ALG_DSA_BASE) #define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ + (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ + (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) /** ECDSA signature with hashing. @@ -905,6 +915,10 @@ typedef uint32_t psa_algorithm_t; PSA_ALG_ECDSA_BASE) #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) /** Get the hash used by a hash-and-sign signature algorithm. * From 731606c580f53dff26a11a4ac9275b56a76bae5b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 30 Jun 2018 19:21:59 +0200 Subject: [PATCH 0409/2197] Add OAEP tests with non-empty labels --- tests/suites/test_suite_psa_crypto.data | 32 +++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b232f2ce4..4ae8db886 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -785,6 +785,14 @@ PSA encrypt: RSA OAEP-SHA-256, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +PSA encrypt: RSA OAEP-SHA-256, good, with label +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS + +PSA encrypt: RSA OAEP-SHA-384, good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS + PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS @@ -829,6 +837,10 @@ PSA encrypt-decrypt: RSA OAEP-SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" +PSA encrypt-decrypt: RSA OAEP-SHA-256, with label +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" + PSA encrypt-decrypt: RSA OAEP-SHA-384 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" @@ -845,14 +857,34 @@ PSA decrypt: RSA OAEP-SHA-256, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" +PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":"" + PSA decrypt: RSA OAEP-SHA-256, 30 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" +PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" + PSA decrypt: RSA OAEP-SHA-384, 30 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" +PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":PSA_ERROR_INVALID_PADDING + +PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":PSA_ERROR_INVALID_PADDING + +PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":PSA_ERROR_INVALID_PADDING + PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING From 9aa369eafb2a19b84d0f46e837d8ec1e73f0dd9a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 16 Jul 2018 00:36:29 +0200 Subject: [PATCH 0410/2197] HMAC: improve robustness checks on hash/block size In psa_mac_setup and psa_hmac_setup_internal, perform a sanity check on the hash size and the hash block size respectively. These sanity checks should only trigger on an incompletely or incorrectly implemented hash function. Remove the check on the block size in psa_hmac_finish_internal because at this point it has already been checked and used. --- library/psa_crypto.c | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7ea614f45..67536f2ac 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1418,10 +1418,21 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, { unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; size_t i; + size_t hash_size = PSA_HASH_SIZE( hash_alg ); size_t block_size = psa_get_hash_block_size( hash_alg ); psa_status_t status; - if( block_size == 0 ) + /* Sanity checks on block_size, to guarantee that there won't be a buffer + * overflow below. This should never trigger if the hash algorithm + * is implemented correctly. */ + /* The size checks against the ipad and opad buffers cannot be written + * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )` + * because that triggers -Wlogical-op on GCC 7.3. */ + if( block_size > sizeof( ipad ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( block_size > sizeof( hmac->opad ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( block_size < hash_size ) return( PSA_ERROR_NOT_SUPPORTED ); if( key_length > block_size ) @@ -1517,16 +1528,26 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, status = PSA_ERROR_NOT_SUPPORTED; goto exit; } + + operation->mac_size = PSA_HASH_SIZE( hash_alg ); + /* Sanity check. This shouldn't fail on a valid configuration. */ + if( operation->mac_size == 0 || + operation->mac_size > sizeof( operation->ctx.hmac.opad ) ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + if( slot->type != PSA_KEY_TYPE_HMAC ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } + status = psa_hmac_setup_internal( &operation->ctx.hmac, slot->data.raw.data, slot->data.raw.bytes, hash_alg ); - operation->mac_size = PSA_HASH_SIZE( hash_alg ); } else #endif /* MBEDTLS_MD_C */ @@ -1611,9 +1632,6 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac, size_t block_size = psa_get_hash_block_size( hash_alg ); psa_status_t status; - if( block_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); if( status != PSA_SUCCESS ) return( status ); From cb088e7059e1f12fde99c022c6c7c4a4a68043e0 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 17 Jul 2018 17:36:59 +0300 Subject: [PATCH 0411/2197] Replace ssize_t by ptrdiff_t ssize_t is a POSIX thing, not standard C --- tests/suites/test_suite_psa_crypto.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e9efb3a0a..c94e4b086 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -55,7 +55,7 @@ static int asn1_write_10x( unsigned char **p, return( MBEDTLS_ERR_ASN1_INVALID_DATA ); if( bits <= 8 && x >= 1 << ( bits - 1 ) ) return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - if( *p < start || *p - start < (ssize_t) len ) + if( *p < start || *p - start < (ptrdiff_t) len ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *p -= len; ( *p )[len-1] = x; @@ -492,7 +492,7 @@ void import_export( data_t *data, TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); - export_size = (ssize_t) data->len + export_size_delta; + export_size = (ptrdiff_t) data->len + export_size_delta; exported = mbedtls_calloc( 1, export_size ); TEST_ASSERT( exported != NULL ); if( ! canonical_input ) @@ -593,7 +593,7 @@ void import_export_public_key( data_t *data, TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); - export_size = (ssize_t) data->len; + export_size = (ptrdiff_t) data->len; exported = mbedtls_calloc( 1, export_size ); TEST_ASSERT( exported != NULL ); From 029b5d648d4fb9bba51d5f8daebdaffa66354f75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 16 Jul 2018 23:13:37 +0200 Subject: [PATCH 0412/2197] New utility program psa/psa_constant_names Print the symbolic name corresponding to a numerical value. Supported types: status values, algorithms, elliptic curves, key types, key usage masks. The program is partly generated from parsing psa/crypto.h with a few hard-coded assumptions. This isn't ideal but it works and requires little machinery. --- programs/.gitignore | 2 + programs/Makefile | 16 +- programs/psa/psa_constant_names.c | 157 ++++++++++++++++ scripts/generate_psa_constants.py | 301 ++++++++++++++++++++++++++++++ 4 files changed, 474 insertions(+), 2 deletions(-) create mode 100644 programs/psa/psa_constant_names.c create mode 100755 scripts/generate_psa_constants.py diff --git a/programs/.gitignore b/programs/.gitignore index 02418966f..327dbdc17 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -29,6 +29,8 @@ pkey/rsa_sign pkey/rsa_sign_pss pkey/rsa_verify pkey/rsa_verify_pss +psa/psa_constant_names +psa/psa_constant_names_generated.c random/gen_entropy random/gen_random_ctr_drbg random/gen_random_havege diff --git a/programs/Makefile b/programs/Makefile index b6d1fa25b..c65a10c43 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -60,6 +60,7 @@ APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \ pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \ pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \ + psa/psa_constant_names$(EXEXT) \ ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \ ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \ ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \ @@ -83,6 +84,8 @@ ifdef TEST_CPP APPS += test/cpp_dummy_build$(EXEXT) endif +EXTRA_GENERATED = + .SILENT: .PHONY: all clean list @@ -92,6 +95,11 @@ all: $(APPS) $(DEP): $(MAKE) -C ../library +EXTRA_GENERATED += psa/psa_constant_names_generated.c +psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c +psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h + ../scripts/generate_psa_constants.py + aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP) echo " CC aes/aescrypt2.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -188,6 +196,10 @@ pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP) echo " CC pkey/rsa_encrypt.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP) + echo " CC psa/psa_constant_names.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP) echo " CC random/gen_entropy.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -294,9 +306,9 @@ x509/req_app$(EXEXT): x509/req_app.c $(DEP) clean: ifndef WINDOWS - rm -f $(APPS) + rm -f $(APPS) $(EXTRA_GENERATED) else - del /S /Q /F *.o *.exe + del /S /Q /F *.o *.exe $(EXTRA_GENERATED) endif list: diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c new file mode 100644 index 000000000..d422e14f6 --- /dev/null +++ b/programs/psa/psa_constant_names.c @@ -0,0 +1,157 @@ +#include +#include +#include + +#include "psa/crypto.h" + +/* There are different GET_HASH macros for different kinds of algorithms + * built from hashes, but the values are all constructed on the + * same model. */ +#define PSA_ALG_GET_HASH(alg) \ + (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH) + +static void append(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length) +{ + *required_size += length; + if (*required_size < buffer_size) { + memcpy(*buffer, string, length); + *buffer += length; + } +} + +/* The code of these function is automatically generated and included below. */ +static const char *psa_ecc_curve_name(psa_ecc_curve_t curve); +static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg); + +static void append_with_curve(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length, + psa_ecc_curve_t curve) +{ + const char *curve_name = psa_ecc_curve_name(curve); + append(buffer, buffer_size, required_size, string, length); + append(buffer, buffer_size, required_size, "(", 1); + if (curve_name != NULL) { + append(buffer, buffer_size, required_size, + curve_name, strlen(curve_name)); + } else { + size_t n = snprintf(*buffer, buffer_size - *required_size, + "0x%04x", (unsigned) curve); + if (n < buffer_size - *required_size) *buffer += n; + *required_size += n; + } + append(buffer, buffer_size, required_size, ")", 1); +} + +static void append_with_hash(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length, + psa_algorithm_t hash_alg) +{ + const char *hash_name = psa_hash_algorithm_name(hash_alg); + append(buffer, buffer_size, required_size, string, length); + append(buffer, buffer_size, required_size, "(", 1); + if (hash_name != NULL) { + append(buffer, buffer_size, required_size, + hash_name, strlen(hash_name)); + } else { + size_t n = snprintf(*buffer, buffer_size - *required_size, + "0x%08lx", (unsigned long) hash_alg); + if (n < buffer_size - *required_size) *buffer += n; + *required_size += n; + } + append(buffer, buffer_size, required_size, ")", 1); +} + +#include "psa_constant_names_generated.c" + +static int psa_snprint_status(char *buffer, size_t buffer_size, + psa_status_t status) +{ + const char *name = psa_strerror(status); + if (name == NULL) { + return snprintf(buffer, buffer_size, "%ld", (long) status); + } else { + size_t length = strlen(name); + if (length < buffer_size) { + memcpy(buffer, name, length + 1); + return length; + } else { + return buffer_size; + } + } +} + +static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, + psa_ecc_curve_t curve) +{ + const char *name = psa_ecc_curve_name(curve); + if (name == NULL) { + return snprintf(buffer, buffer_size, "0x%04x", (unsigned) curve); + } else { + size_t length = strlen(name); + if (length < buffer_size) { + memcpy(buffer, name, length + 1); + return length; + } else { + return buffer_size; + } + } +} + +static void usage(const char *program_name) +{ + printf("Usage: %s TYPE VALUE\n", + program_name == NULL ? "psa_constant_names" : program_name); + printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n"); + printf("Supported types (with = between aliases):\n"); + printf(" alg=algorithm Status code (psa_algorithm_t)\n"); + printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_curve_t)\n"); + printf(" type=key_type Status code (psa_key_type_t)\n"); + printf(" usage=key_usage Key usage (psa_key_usage_t)\n"); + printf(" error=status Status code (psa_status_t)\n"); +} + +int main(int argc, char *argv[]) +{ + char buffer[200]; + unsigned long value; + char *end; + + if (argc <= 1 || + !strcmp(argv[1], "help") || + !strcmp(argv[1], "--help")) + { + usage(argv[0]); + return EXIT_FAILURE; + } + if (argc != 3) { + usage(argv[0]); + return EXIT_FAILURE; + } + value = strtoul(argv[2], &end, 0); + if (*end) { + printf("Non-numeric value: %s\n", argv[2]); + return EXIT_FAILURE; + } + + if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) + psa_snprint_status(buffer, sizeof(buffer), value); + else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) + psa_snprint_algorithm(buffer, sizeof(buffer), value); + else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) + psa_snprint_ecc_curve(buffer, sizeof(buffer), value); + else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) + psa_snprint_key_type(buffer, sizeof(buffer), value); + else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) + psa_snprint_key_usage(buffer, sizeof(buffer), value); + else { + printf("Unknown type: %s\n", argv[1]); + return EXIT_FAILURE; + } + + puts(buffer); + return EXIT_SUCCESS; +} diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py new file mode 100755 index 000000000..e4cb45b4a --- /dev/null +++ b/scripts/generate_psa_constants.py @@ -0,0 +1,301 @@ +#!/usr/bin/env python +import os +import re +import sys + +output_template = '''\ +/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ + +static const char *psa_strerror(psa_status_t status) +{ + switch (status) { + %(status_cases)s + default: return NULL; + } +} + +static const char *psa_ecc_curve_name(psa_ecc_curve_t curve) +{ + switch (curve) { + %(ecc_curve_cases)s + default: return NULL; + } +} + +static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) +{ + switch (hash_alg) { + %(hash_algorithm_cases)s + default: return NULL; + } +} + +static int psa_snprint_key_type(char *buffer, size_t buffer_size, + psa_key_type_t type) +{ + size_t required_size = 0; + switch (type) { + %(key_type_cases)s + default: + %(key_type_code)s{ + return snprintf(buffer, buffer_size, + "0x%%08lx", (unsigned long) type); + } + break; + } + buffer[0] = 0; + return required_size; +} + +static void append_padding_mode(char **buffer, size_t buffer_size, + size_t *required_size, + psa_algorithm_t padding_mode) +{ + size_t n; + append(buffer, buffer_size, required_size, " | ", 3); + switch (padding_mode) { + %(padding_mode_cases)s + default: + n = snprintf(*buffer, buffer_size - *required_size, + "0x%%08lx", (unsigned long) padding_mode); + if (n < buffer_size - *required_size) *buffer += n; + *required_size += n; + break; + } +} + +static int psa_snprint_algorithm(char *buffer, size_t buffer_size, + psa_algorithm_t alg) +{ + size_t required_size = 0; + psa_algorithm_t padding_mode = -1; + psa_algorithm_t alg_without_padding = alg; + if (PSA_ALG_IS_CIPHER(alg) && PSA_ALG_IS_BLOCK_CIPHER(alg)) { + padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + } + switch (alg_without_padding) { + %(algorithm_cases)s + default: + %(algorithm_code)s{ + return snprintf(buffer, buffer_size, + "0x%%08lx", (unsigned long) alg); + } + break; + } + if (padding_mode != (psa_algorithm_t) -1) { + append_padding_mode(&buffer, buffer_size, &required_size, padding_mode); + } + buffer[0] = 0; + return required_size; +} + +static int psa_snprint_key_usage(char *buffer, size_t buffer_size, + psa_key_usage_t usage) +{ + size_t required_size = 0; + if (usage == 0) { + if (buffer_size > 1) { + buffer[0] = '0'; + buffer[1] = 0; + } else if (buffer_size == 1) { + buffer[0] = 0; + } + return 1; + } +%(key_usage_code)s + if (usage != 0) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + required_size += snprintf(buffer, buffer_size - required_size, + "0x%%08x", usage); + } else { + buffer[0] = 0; + } + return required_size; +} + +/* End of automatically generated file. */ +''' + +key_type_from_curve_template = '''if (%(tester)s(type)) { + append_with_curve(&buffer, buffer_size, &required_size, + "%(builder)s", %(builder_length)s, + PSA_KEY_TYPE_GET_CURVE(type)); + } else ''' + +algorithm_from_hash_template = '''if (%(tester)s(alg_without_padding)) { + append_with_hash(&buffer, buffer_size, &required_size, + "%(builder)s", %(builder_length)s, + PSA_ALG_GET_HASH(alg_without_padding)); + } else ''' + +bit_test_template = '''\ + if (%(var)s & %(flag)s) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "%(flag)s", %(length)d); + %(var)s ^= %(flag)s; + }\ +''' + +class MacroCollector: + def __init__(self): + self.statuses = set() + self.key_types = set() + self.key_types_from_curve = {} + self.ecc_curves = set() + self.algorithms = set() + self.hash_algorithms = set() + self.block_cipher_padding_modes = set() + self.algorithms_from_hash = {} + self.key_usages = set() + + # "#define" followed by a macro name with either no parameters + # or a single parameter. Grab the macro name in group 1, the + # parameter name if any in group 2 and the definition in group 3. + definition_re = re.compile(r'\s*#\s*define\s+(\w+)(?:\s+|\((\w+)\)\s*)(.+)(?:/[*/])?') + + def read_line(self, line): + m = re.match(self.definition_re, line) + if not m: + return + name, parameter, definition = m.groups() + if name.endswith('_FLAG') or name.endswith('MASK'): + # Macro only to build actual values + return + elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \ + and not parameter: + self.statuses.add(name) + elif name.startswith('PSA_KEY_TYPE_') and not parameter: + self.key_types.add(name) + elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve': + self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:] + elif name.startswith('PSA_ECC_CURVE_') and not parameter: + self.ecc_curves.add(name) + elif name.startswith('PSA_ALG_BLOCK_CIPHER_PAD_') and not parameter: + self.block_cipher_padding_modes.add(name) + elif name.startswith('PSA_ALG_') and not parameter: + if name in ['PSA_ALG_BLOCK_CIPHER_BASE', + 'PSA_ALG_ECDSA_BASE', + 'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']: + # Ad hoc skipping of duplicate names for some numerical values + return + self.algorithms.add(name) + # Ad hoc detection of hash algorithms + if re.search(r'0x010000[0-9A-Fa-f]{2}', definition): + self.hash_algorithms.add(name) + elif name.startswith('PSA_ALG_') and parameter == 'hash_alg': + if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']: + # A naming irregularity + tester = name[:8] + 'IS_RANDOMIZED_' + name[8:] + else: + tester = name[:8] + 'IS_' + name[8:] + self.algorithms_from_hash[name] = tester + elif name.startswith('PSA_KEY_USAGE_') and not parameter: + self.key_usages.add(name) + else: + # Other macro without parameter + return + + def read_file(self, header_file): + for line in header_file: + self.read_line(line) + + def make_return_case(self, name): + return 'case %(name)s: return "%(name)s";' % {'name': name} + + def make_append_case(self, name): + template = ('case %(name)s: ' + 'append(&buffer, buffer_size, &required_size, "%(name)s", %(length)d); ' + 'break;') + return template % {'name': name, 'length': len(name)} + + def make_inner_append_case(self, name): + template = ('case %(name)s: ' + 'append(buffer, buffer_size, required_size, "%(name)s", %(length)d); ' + 'break;') + return template % {'name': name, 'length': len(name)} + + def make_bit_test(self, var, flag): + return bit_test_template % {'var': var, + 'flag': flag, + 'length': len(flag)} + + def make_status_cases(self): + return '\n '.join(map(self.make_return_case, + sorted(self.statuses))) + + def make_ecc_curve_cases(self): + return '\n '.join(map(self.make_return_case, + sorted(self.ecc_curves))) + + def make_key_type_cases(self): + return '\n '.join(map(self.make_append_case, + sorted(self.key_types))) + + def make_key_type_from_curve_code(self, builder, tester): + return key_type_from_curve_template % {'builder': builder, + 'builder_length': len(builder), + 'tester': tester} + + def make_key_type_code(self): + d = self.key_types_from_curve + make = self.make_key_type_from_curve_code + return '\n '.join([make(k, d[k]) for k in sorted(d.keys())]) + + def make_hash_algorithm_cases(self): + return '\n '.join(map(self.make_return_case, + sorted(self.hash_algorithms))) + + def make_padding_mode_cases(self): + return '\n '.join(map(self.make_inner_append_case, + sorted(self.block_cipher_padding_modes))) + + def make_algorithm_cases(self): + return '\n '.join(map(self.make_append_case, + sorted(self.algorithms))) + + def make_algorithm_from_hash_code(self, builder, tester): + return algorithm_from_hash_template % {'builder': builder, + 'builder_length': len(builder), + 'tester': tester} + + def make_algorithm_code(self): + d = self.algorithms_from_hash + make = self.make_algorithm_from_hash_code + return '\n '.join([make(k, d[k]) for k in sorted(d.keys())]) + + def make_key_usage_code(self): + return '\n'.join([self.make_bit_test('usage', bit) + for bit in sorted(self.key_usages)]) + + def write_file(self, output_file): + data = {} + data['status_cases'] = self.make_status_cases() + data['ecc_curve_cases'] = self.make_ecc_curve_cases() + data['key_type_cases'] = self.make_key_type_cases() + data['key_type_code'] = self.make_key_type_code() + data['hash_algorithm_cases'] = self.make_hash_algorithm_cases() + data['padding_mode_cases'] = self.make_padding_mode_cases() + data['algorithm_cases'] = self.make_algorithm_cases() + data['algorithm_code'] = self.make_algorithm_code() + data['key_usage_code'] = self.make_key_usage_code() + output_file.write(output_template % data) + +def generate_psa_constants(header_file_name, output_file_name): + collector = MacroCollector() + with open(header_file_name) as header_file: + collector.read_file(header_file) + temp_file_name = output_file_name + '.tmp' + with open(temp_file_name, 'w') as output_file: + collector.write_file(output_file) + os.rename(temp_file_name, output_file_name) + +if __name__ == '__main__': + if not os.path.isdir('programs') and os.path.isdir('../programs'): + os.chdir('..') + generate_psa_constants('include/psa/crypto.h', + 'programs/psa/psa_constant_names_generated.c') From 674038aaa485104b8c219adf656c0365033f1880 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Jul 2018 18:25:30 +0200 Subject: [PATCH 0413/2197] README file for Mbed Crypto Link to the API documentation in docs/. --- crypto/.gitignore | 2 ++ crypto/README.md | 66 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 crypto/.gitignore create mode 100644 crypto/README.md diff --git a/crypto/.gitignore b/crypto/.gitignore new file mode 100644 index 000000000..bf39198d1 --- /dev/null +++ b/crypto/.gitignore @@ -0,0 +1,2 @@ +/docs/*.pdf +/docs/html diff --git a/crypto/README.md b/crypto/README.md new file mode 100644 index 000000000..7663c0f78 --- /dev/null +++ b/crypto/README.md @@ -0,0 +1,66 @@ +# Mbed Crypto library + +The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security (PSA) architecture. This is a preview release of Mbed Crypto, provided for evaluation purposes only. + +Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license. + +## PSA cryptography API + +Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. + +The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of PSA on any platform. + +The design goals of the PSA Cryptography API include: + +* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired. +* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, in order to take advantage of hardware accelerators. +* All access to keys is done via handles, which allows support for external cryptoprocessors that is transparent to applications. +* The interface to algorithms is generic, favoring algorithm agility. +* The interface is designed to be easy to use, and hard to accidentally misuse. + +## Mbed Crypto implementation + +Mbed Crypto is a reference implementation of the PSA Cryptography API. It is written in portable C. + +## Documentation + +The Mbed Crypto library is a reference implementation of the PSA Cryptography API. Therefore, the library's API documentation is the PSA Cryptography API specification. The PSA Cryptography API specification consists of the following documents: + +* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf). +* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html). + +## Compiling + +You need the following tools to build the library with the provided makefiles: + +* GNU Make. +* A C toolchain (compiler, linker, archiver). +* Python 2 or Python 3 (either will work) to generate the test code. +* Perl to run the tests. + +If you have a C compiler such as GCC or Clang, just run `make` in the toplevel directory to build the library, a set of unit tests and some sample programs. + +To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`). For example: +``` +make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar +``` +The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. + +To run the unit tests on the host machine, run `make test` from the toplevel directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. + +## Example programs + +The `programs/` subdirectory contains some sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library and the code may need to be adapted to build a real-world application. + +## Upcoming features + +Future releases of this library will include: + +* A driver programming interface, to use hardware accelerators instead of the default software implementation for chosen algorithms. +* Support for external keys, stored and manipulated exclusively in a separate cryptoprocessor. +* A configuration mechanism to compile only the algorithms you need for your application. +* A wider set of cryptographic algorithms. + +## Feedback welcome + +Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received in email will be treated confidentially. From eab56e4159cdfb7ca7a033735025aadb0ad1a627 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:12:33 +0200 Subject: [PATCH 0414/2197] Add generator API Add an API for byte generators: psa_crypto_generator_t, PSA_CRYPTO_GENERATOR_INIT, psa_crypto_generator_init, psa_get_generator_capacity, psa_generator_read, psa_generator_import_key, psa_generator_abort. This commit does not yet implement any generator algorithm, it only provides the framework. This code may not compile with -Wunused. --- include/psa/crypto.h | 177 +++++++++++++++++++++++++++++++++++- include/psa/crypto_struct.h | 21 +++++ library/psa_crypto.c | 100 +++++++++++++++++++- 3 files changed, 296 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8ac817a6e..4dbbdedcd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -285,12 +285,18 @@ typedef int32_t psa_status_t; * depend on the validity of the padding. */ #define PSA_ERROR_INVALID_PADDING ((psa_status_t)16) +/** The generator has insufficient capacity left. + * + * Once a function returns this error, attempts to read from the + * generator will always return this error. */ +#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)17) + /** An error occurred that does not correspond to any defined * failure cause. * * Implementations may use this error code if none of the other standard * error codes are applicable. */ -#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)17) +#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)18) /** * \brief Library initialization. @@ -2440,6 +2446,175 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, /**@}*/ +/** \defgroup generation Generators + * @{ + */ + +/** The type of the state data structure for generators. + * + * Before calling any function on a generator, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_crypto_generator_t generator; + * memset(&generator, 0, sizeof(generator)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_crypto_generator_t generator = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_CRYPTO_GENERATOR_INIT, + * for example: + * \code + * psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + * \endcode + * - Assign the result of the function psa_crypto_generator_init() + * to the structure, for example: + * \code + * psa_crypto_generator_t generator; + * generator = psa_crypto_generator_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. + */ +typedef struct psa_crypto_generator_s psa_crypto_generator_t; + +/** \def PSA_CRYPTO_GENERATOR_INIT + * + * This macro returns a suitable initializer for a generator object + * of type #psa_crypto_generator_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_CRYPTO_GENERATOR_INIT {0} +#endif + +/** Return an initial value for a generator object. + */ +static psa_crypto_generator_t psa_crypto_generator_init(void); + +/** Retrieve the current capacity of a generator. + * + * The capacity of a generator is the maximum number of bytes that it can + * return. Reading *N* bytes from a generator reduces its capacity by *N*. + * + * \param[in] generator The generator to query. + * \param[out] capacity On success, the capacity of the generator. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_BAD_STATE + * \retval PSA_ERROR_COMMUNICATION_FAILURE + */ +psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, + size_t *capacity); + +/** Read some data from a generator. + * + * This function reads and returns a sequence of bytes from a generator. + * The data that is read is discarded from the generator. The generator's + * capacity is decreased by the number of bytes read. + * + * \param[in,out] generator The generator object to read from. + * \param[out] output Buffer where the generator output will be + * written. + * \param output_length Number of bytes to output. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_CAPACITY + * There were fewer than \p output_length bytes + * in the generator. Note that in this case, no + * output is written to the output buffer. + * The generator's capacity is set to 0, thus + * subsequent calls to this function will not + * succeed, even with a smaller output buffer. + * \retval PSA_ERROR_BAD_STATE + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_generator_read(psa_crypto_generator_t *generator, + uint8_t *output, + size_t output_length); + +/** Create a symmetric key from data read from a generator. + * + * This function reads a sequence of bytes from a generator and imports + * these bytes as a key. + * The data that is read is discarded from the generator. The generator's + * capacity is decreased by the number of bytes read. + * + * This function is equivalent to calling #psa_generator_read and + * passing the resulting output to #psa_import_key, but + * if the implementation provides an isolation boundary then + * the key material is not exposed outside the isolation boundary. + * + * \param key Slot where the key will be stored. This must be a + * valid slot for a key of the chosen type. It must + * be unoccupied. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * This must be a symmetric key type. + * \param bits Key size in bits. + * \param[in,out] generator The generator object to read from. + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_INSUFFICIENT_CAPACITY + * There were fewer than \p output_length bytes + * in the generator. Note that in this case, no + * output is written to the output buffer. + * The generator's capacity is set to 0, thus + * subsequent calls to this function will not + * succeed, even with a smaller output buffer. + * \retval PSA_ERROR_NOT_SUPPORTED + * The key type or key size is not supported, either by the + * implementation in general or in this particular slot. + * \retval PSA_ERROR_BAD_STATE + * \retval PSA_ERROR_INVALID_ARGUMENT + * The key slot is invalid. + * \retval PSA_ERROR_OCCUPIED_SLOT + * There is already a key in the specified slot. + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_INSUFFICIENT_STORAGE + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_generator_import_key(psa_key_slot_t key, + psa_key_type_t type, + size_t bits, + psa_crypto_generator_t *generator); + +/** Abort a generator. + * + * Once a generator has been aborted, its capacity is zero. + * Aborting a generator frees all associated resources except for the + * \c generator structure itself. + * + * This function may be called at any time as long as the generator + * object has been initialized to #PSA_CRYPTO_GENERATOR_INIT, to + * psa_crypto_generator_init() or a zero value. In particular, it is valid + * to call psa_generator_abort() twice, or to call psa_generator_abort() + * on a generator that has not been set up. + * + * Once aborted, the generator object may be called. + * + * \param[in,out] generator The generator to abort. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_BAD_STATE + * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval PSA_ERROR_HARDWARE_FAILURE + * \retval PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); + +/**@}*/ + /** \defgroup generation Key generation * @{ */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 85c997485..27a9f1efc 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -130,6 +130,27 @@ struct psa_cipher_operation_s } ctx; }; +struct psa_crypto_generator_s +{ + psa_algorithm_t alg; + size_t capacity; + union + { + struct + { + uint8_t *data; + size_t size; + } buffer; + } ctx; +}; + +#define PSA_CRYPTO_GENERATOR_INIT {0, 0, {{0, 0}}} +static inline struct psa_crypto_generator_s psa_crypto_generator_init( void ) +{ + const struct psa_crypto_generator_s v = PSA_CRYPTO_GENERATOR_INIT; + return( v ); +} + struct psa_key_policy_s { psa_key_usage_t usage; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 67536f2ac..6cc42c6ba 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2988,7 +2988,105 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, /****************************************************************/ -/* Key generation */ +/* Generators */ +/****************************************************************/ + +psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) +{ + psa_status_t status = PSA_SUCCESS; + if( generator->alg == 0 ) + { + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + } + else + { + status = PSA_ERROR_BAD_STATE; + } + memset( generator, 0, sizeof( *generator ) ); + return( status ); +} + + +psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, + size_t *capacity) +{ + *capacity = generator->capacity; + return( PSA_SUCCESS ); +} + +psa_status_t psa_generator_read( psa_crypto_generator_t *generator, + uint8_t *output, + size_t output_length ) +{ + psa_status_t status; + + if( output_length > generator->capacity ) + { + generator->capacity = 0; + /* Go through the error path to wipe all confidential data now + * that the generator object is useless. */ + status = PSA_ERROR_INSUFFICIENT_CAPACITY; + goto exit; + } + if( output_length == 0 && + generator->capacity == 0 && generator->alg == 0 ) + { + /* Edge case: this is a blank or finished generator, and 0 + * bytes were requested. The right error in this case could + * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return + * INSUFFICIENT_CAPACITY, which is right for a finished + * generator, for consistency with the case when + * output_length > 0. */ + return( PSA_ERROR_INSUFFICIENT_CAPACITY ); + } + generator->capacity -= output_length; + + { + return( PSA_ERROR_BAD_STATE ); + } + +exit: + if( status != PSA_SUCCESS ) + { + psa_generator_abort( generator ); + memset( output, '!', output_length ); + } + return( status ); +} + +psa_status_t psa_generator_import_key( psa_key_slot_t key, + psa_key_type_t type, + size_t bits, + psa_crypto_generator_t *generator ) +{ + uint8_t *data = NULL; + size_t bytes = PSA_BITS_TO_BYTES( bits ); + psa_status_t status; + + if( ! key_type_is_raw_bytes( type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( bits % 8 != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + data = mbedtls_calloc( 1, bytes ); + if( data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + status = psa_generator_read( generator, data, bytes ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_import_key( key, type, data, bytes ); + +exit: + mbedtls_free( data ); + return( status ); +} + + + +/****************************************************************/ +/* Random generation */ /****************************************************************/ psa_status_t psa_generate_random( uint8_t *output, From f2ffdb87f67992b9d5b768f82e6759c2f0c63d62 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Sun, 22 Jul 2018 18:23:32 +0300 Subject: [PATCH 0415/2197] Fix generate_key and hash_setup tests vectors -Add depends_on MBEDTLS_CIPHER_MODE_CTR for CTR test_suite_psa_crypto -Change bad type/hash alg parameter to *_CATEGORY_* --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 27c15389f..19348bdf3 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -270,7 +270,7 @@ hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS PSA hash setup: bad (unknown hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED +hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -763,8 +763,8 @@ generate_random:19 PSA generate random: 260 bytes generate_random:260 -PSA generate key: bad type (0xffffffff) -generate_key:0xffffffff:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED +PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK) +generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED PSA generate key: bad type (RSA public key) generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED @@ -779,7 +779,7 @@ PSA generate key: raw data, 8 bits generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS PSA generate key: AES, 128 bits, CTR -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS PSA generate key: AES, 128 bits, GCM From e83f06a2296b98ab3e69b05d1ce1d4fb5f220bde Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Jul 2018 22:00:25 +0200 Subject: [PATCH 0416/2197] Minor clarifications --- crypto/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/README.md b/crypto/README.md index 7663c0f78..b05e0464f 100644 --- a/crypto/README.md +++ b/crypto/README.md @@ -8,12 +8,12 @@ Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICEN Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. -The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of PSA on any platform. +The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of other PSA components on any platform. The design goals of the PSA Cryptography API include: * The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired. -* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, in order to take advantage of hardware accelerators. +* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example in order to take advantage of hardware accelerators. * All access to keys is done via handles, which allows support for external cryptoprocessors that is transparent to applications. * The interface to algorithms is generic, favoring algorithm agility. * The interface is designed to be easy to use, and hard to accidentally misuse. From ea0fb4975c3be493773b9be7d57400ef9d99a107 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:17:20 +0200 Subject: [PATCH 0417/2197] Add framework for simple key derivation New key type PSA_KEY_TYPE_DERIVE. New usage flag PSA_KEY_USAGE_DERIVE. New function psa_key_derivation. No key derivation algorithm is implemented yet. The code may not compile with -Wunused. Write some unit test code for psa_key_derivation. Most of it cannot be used yet due to the lack of a key derivation algorithm. --- include/psa/crypto.h | 62 +++++++++++ library/psa_crypto.c | 49 ++++++++- tests/suites/test_suite_psa_crypto.data | 4 + tests/suites/test_suite_psa_crypto.function | 111 ++++++++++++++++++++ 4 files changed, 224 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4dbbdedcd..9165463f5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -366,6 +366,13 @@ typedef uint32_t psa_key_type_t; * \c alg is the HMAC algorithm or the underlying hash algorithm. */ #define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) +/** A secret for key derivation. + * + * The key policy determines which key derivation algorithm the key + * can be used for. + */ +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x02000101) + /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or @@ -1194,6 +1201,10 @@ typedef uint32_t psa_key_usage_t; */ #define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) +/** Whether the key may be used to derive other keys. + */ +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) + /** The type of the key policy data structure. * * This is an implementation-defined \c struct. Applications should not @@ -2615,6 +2626,57 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); /**@}*/ +/** \defgroup derivation Key derivation + * @{ + */ + +/** Set up a key derivation operation. + * + * A key derivation algorithm takes three inputs: a secret input \p key and + * two non-secret inputs \p label and p salt. + * The result of this function is a byte generator which can + * be used to produce keys and other cryptographic material. + * + * The role of \p label and \p salt is as follows: + * + * \param[in,out] generator The generator object to set up. It must + * have been initialized to . + * \param key Slot containing the secret key to use. + * \param alg The key derivation algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). + * \param[in] salt Salt to use. + * \param salt_length Size of the \p salt buffer in bytes. + * \param[in] label Label to use. + * \param label_length Size of the \p label buffer in bytes. + * \param capacity The maximum number of bytes that the + * generator will be able to provide. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg, + * or \p capacity is too large for the specified algorithm and key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, + psa_key_type_t key, + psa_algorithm_t alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length, + size_t capacity); + +/**@}*/ + /** \defgroup generation Key generation * @{ */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6cc42c6ba..cc59ca800 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -498,8 +498,9 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, break; #if defined(MBEDTLS_MD_C) case PSA_KEY_TYPE_HMAC: - break; #endif + case PSA_KEY_TYPE_DERIVE: + break; #if defined(MBEDTLS_AES_C) case PSA_KEY_TYPE_AES: if( bits != 128 && bits != 192 && bits != 256 ) @@ -2651,7 +2652,8 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN | - PSA_KEY_USAGE_VERIFY ) ) != 0 ) + PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_DERIVE ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); slot->policy = *policy; @@ -3085,6 +3087,49 @@ exit: +/****************************************************************/ +/* Key derivation */ +/****************************************************************/ + +psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, + psa_key_type_t key, + psa_algorithm_t alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length, + size_t capacity ) +{ + key_slot_t *slot; + psa_status_t status; + + if( generator->alg != 0 ) + return( PSA_ERROR_BAD_STATE ); + + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg ); + if( status != PSA_SUCCESS ) + return( status ); + if( slot->type != PSA_KEY_TYPE_DERIVE ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + + /* Set generator->alg even on failure so that abort knows what to do. */ + generator->alg = alg; + if( status == PSA_SUCCESS ) + generator->capacity = capacity; + else + psa_generator_abort( generator ); + return( status ); +} + + + /****************************************************************/ /* Random generation */ /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b44c347e2..1113eec81 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -745,6 +745,10 @@ PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: not a key derivation algorithm +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 37d6aca3f..278554f75 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -357,6 +357,36 @@ exit: return( 0 ); } +static int exercise_key_derivation_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + unsigned char label[16] = "This is a label."; + size_t label_length = sizeof( label ); + unsigned char seed[16] = "abcdefghijklmnop"; + size_t seed_length = sizeof( seed ); + unsigned char output[1]; + + if( usage & PSA_KEY_USAGE_DERIVE ) + { + TEST_ASSERT( psa_key_derivation( &generator, + key, alg, + label, label_length, + seed, seed_length, + sizeof( output ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_read( &generator, + output, + sizeof( output ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + } + + return( 1 ); + +exit: + return( 0 ); +} + static int exercise_key( psa_key_slot_t slot, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -374,6 +404,8 @@ static int exercise_key( psa_key_slot_t slot, ok = exercise_signature_key( slot, usage, alg ); else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) ok = exercise_asymmetric_encryption_key( slot, usage, alg ); + else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) + ok = exercise_key_derivation_key( slot, usage, alg ); else { char message[40]; @@ -657,6 +689,7 @@ void import_and_exercise_key( data_t *data, ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? PSA_KEY_USAGE_ENCRYPT : PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) : + PSA_ALG_IS_KEY_DERIVATION( alg ) ? PSA_KEY_USAGE_DERIVE : 0 ); psa_key_policy_t policy; psa_key_type_t got_type; @@ -991,6 +1024,45 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_key_policy( int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg ) +{ + int key_slot = 1; + psa_key_policy_t policy; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); + + status = psa_key_derivation( &generator, key_slot, + exercise_alg, + NULL, 0, + NULL, 0, + 1 ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_lifetime( int lifetime_arg ) { @@ -2372,6 +2444,45 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_setup( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *salt, + data_t *label, + int requested_capacity_arg, + int expected_status_arg ) +{ + psa_key_slot_t slot = 1; + size_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t requested_capacity = requested_capacity_arg; + psa_status_t expected_status = expected_status_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_policy_t policy; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, key_type, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_key_derivation( &generator, slot, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) == expected_status ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_random( int bytes_arg ) { From bef7f14f8e251cf1f8f82ea520ea0e97a57efaef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:22:21 +0200 Subject: [PATCH 0418/2197] Implement HKDF --- include/psa/crypto.h | 32 +++++++++ include/psa/crypto_struct.h | 17 +++++ library/psa_crypto.c | 133 ++++++++++++++++++++++++++++++++++++ 3 files changed, 182 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9165463f5..47241a68c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -965,6 +965,36 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_IS_RSA_OAEP(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100) +/** Macro to build an HKDF algorithm. + * + * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HKDF algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HKDF(hash_alg) \ + (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Whether the specified algorithm is an HKDF algorithm. + * + * HKDF is a family of key derivation algorithms that are based on a hash + * function and the HMAC construction. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an HKDF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_HKDF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) +#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + /**@}*/ /** \defgroup key_management Key management @@ -2638,6 +2668,8 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * be used to produce keys and other cryptographic material. * * The role of \p label and \p salt is as follows: + * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step + * and \p label is the info string used in the "expand" step. * * \param[in,out] generator The generator object to set up. It must * have been initialized to . diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 27a9f1efc..baf5b1495 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -130,6 +130,20 @@ struct psa_cipher_operation_s } ctx; }; +typedef struct +{ + uint8_t *info; + size_t info_length; + psa_hmac_internal_data hmac; + uint8_t prk[PSA_HASH_MAX_SIZE]; + uint8_t output_block[PSA_HASH_MAX_SIZE]; +#if PSA_HASH_MAX_SIZE > 0xff +#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" +#endif + uint8_t offset_in_block; + uint8_t block_number; +} psa_hkdf_generator_t; + struct psa_crypto_generator_s { psa_algorithm_t alg; @@ -141,6 +155,9 @@ struct psa_crypto_generator_s uint8_t *data; size_t size; } buffer; +#if defined(MBEDTLS_MD_C) + psa_hkdf_generator_t hkdf; +#endif } ctx; }; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc59ca800..9e8f90b54 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3003,6 +3003,14 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) * nothing to do. */ } else +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HKDF( generator->alg ) ) + { + mbedtls_free( generator->ctx.hkdf.info ); + status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac ); + } + else +#endif /* MBEDTLS_MD_C */ { status = PSA_ERROR_BAD_STATE; } @@ -3018,6 +3026,66 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, return( PSA_SUCCESS ); } +#if defined(MBEDTLS_MD_C) +/* Read some bytes from an HKDF-based generator. This performs a chunk + * of the expand phase of the HKDF algorithm. */ +static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, + psa_algorithm_t hash_alg, + uint8_t *output, + size_t output_length ) +{ + uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + psa_status_t status; + + while( output_length != 0 ) + { + /* Copy what remains of the current block */ + uint8_t n = hash_length - hkdf->offset_in_block; + if( n > output_length ) + n = (uint8_t) output_length; + memcpy( output, hkdf->output_block + hkdf->offset_in_block, n ); + output += n; + output_length -= n; + hkdf->offset_in_block += n; + if( output_length == 0 || hkdf->block_number == 0xff ) + break; + + /* We need a new block */ + ++hkdf->block_number; + hkdf->offset_in_block = 0; + status = psa_hmac_setup_internal( &hkdf->hmac, + hkdf->prk, hash_length, + hash_alg ); + if( status != PSA_SUCCESS ) + return( status ); + if( hkdf->block_number != 1 ) + { + status = psa_hash_update( &hkdf->hmac.hash_ctx, + hkdf->output_block, + hash_length ); + if( status != PSA_SUCCESS ) + return( status ); + } + status = psa_hash_update( &hkdf->hmac.hash_ctx, + hkdf->info, + hkdf->info_length ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hash_update( &hkdf->hmac.hash_ctx, + &hkdf->block_number, 1 ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hmac_finish_internal( &hkdf->hmac, + hkdf->output_block, + sizeof( hkdf->output_block ) ); + if( status != PSA_SUCCESS ) + return( status ); + } + + return( PSA_SUCCESS ); +} +#endif /* MBEDTLS_MD_C */ + psa_status_t psa_generator_read( psa_crypto_generator_t *generator, uint8_t *output, size_t output_length ) @@ -3045,6 +3113,15 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, } generator->capacity -= output_length; +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HKDF( generator->alg ) ) + { + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( generator->alg ); + status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg, + output, output_length ); + } + else +#endif /* MBEDTLS_MD_C */ { return( PSA_ERROR_BAD_STATE ); } @@ -3091,6 +3168,45 @@ exit: /* Key derivation */ /****************************************************************/ +/* Set up an HKDF-based generator. This is exactly the extract phase + * of the HKDF algorithm. */ +static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, + key_slot_t *slot, + psa_algorithm_t hash_alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length ) +{ + psa_status_t status; + status = psa_hmac_setup_internal( &hkdf->hmac, + salt, salt_length, + PSA_ALG_HMAC_HASH( hash_alg ) ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hash_update( &hkdf->hmac.hash_ctx, + slot->data.raw.data, + slot->data.raw.bytes ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hmac_finish_internal( &hkdf->hmac, + hkdf->prk, + sizeof( hkdf->prk ) ); + if( status != PSA_SUCCESS ) + return( status ); + hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg ); + hkdf->block_number = 0; + hkdf->info_length = label_length; + if( label_length != 0 ) + { + hkdf->info = mbedtls_calloc( 1, label_length ); + if( hkdf->info == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( hkdf->info, label, label_length ); + } + return( PSA_SUCCESS ); +} + psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, psa_key_type_t key, psa_algorithm_t alg, @@ -3115,6 +3231,23 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HKDF( alg ) ) + { + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); + size_t hash_size = PSA_HASH_SIZE( hash_alg ); + if( hash_size == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( capacity > 255 * hash_size ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_generator_hkdf_setup( &generator->ctx.hkdf, + slot, + hash_alg, + salt, salt_length, + label, label_length ); + } + else +#endif { return( PSA_ERROR_NOT_SUPPORTED ); } From 96ee5c70b96652b4f7c0a97a2e7a76dedf1286bc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:24:54 +0200 Subject: [PATCH 0419/2197] HKDF: positive tests --- tests/suites/test_suite_psa_crypto.data | 48 ++++++++++ tests/suites/test_suite_psa_crypto.function | 100 ++++++++++++++++++++ 2 files changed, 148 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1113eec81..3d7031b8c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -749,6 +749,54 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA key derivation: not a key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" + +PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865" + +PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" + +PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" + +PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"" + +PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858" + +PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":"" + +PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":"" + +PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":"" + +PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":"" + +PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":"" + +PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 278554f75..cf72e489e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -8,6 +8,8 @@ #include "mbedtls/asn1write.h" #include "psa/crypto.h" +#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) + #if(UINT32_MAX > SIZE_MAX) #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX ) #else @@ -2483,6 +2485,104 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_output( int alg_arg, + data_t *key_data, + data_t *salt, + data_t *label, + int requested_capacity_arg, + data_t *expected_output1, + data_t *expected_output2 ) +{ + psa_key_slot_t slot = 1; + psa_algorithm_t alg = alg_arg; + size_t requested_capacity = requested_capacity_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + uint8_t *expected_outputs[2] = + {expected_output1->x, expected_output2->x}; + size_t output_sizes[2] = + {expected_output1->len, expected_output2->len}; + size_t output_buffer_size = 0; + uint8_t *output_buffer = NULL; + size_t expected_capacity; + size_t current_capacity; + psa_key_policy_t policy; + psa_status_t status; + unsigned i; + + for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) + { + if( output_sizes[i] > output_buffer_size ) + output_buffer_size = output_sizes[i]; + if( output_sizes[i] == 0 ) + expected_outputs[i] = NULL; + } + output_buffer = mbedtls_calloc( 1, output_buffer_size ); + TEST_ASSERT( output_buffer != NULL ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + /* Extraction phase. */ + TEST_ASSERT( psa_key_derivation( &generator, slot, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) == + PSA_SUCCESS ); + TEST_ASSERT( current_capacity == requested_capacity ); + expected_capacity = requested_capacity; + + /* Expansion phase. */ + for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) + { + /* Read some bytes. */ + status = psa_generator_read( &generator, + output_buffer, output_sizes[i] ); + if( expected_capacity == 0 && output_sizes[i] == 0 ) + { + /* Reading 0 bytes when 0 bytes are available can go either way. */ + TEST_ASSERT( status == PSA_SUCCESS || + status == PSA_ERROR_INSUFFICIENT_CAPACITY ); + continue; + } + else if( expected_capacity == 0 || + output_sizes[i] > expected_capacity ) + { + /* Capacity exceeded. */ + TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_CAPACITY ); + expected_capacity = 0; + continue; + } + /* Success. Check the read data. */ + TEST_ASSERT( status == PSA_SUCCESS ); + if( output_sizes[i] != 0 ) + TEST_ASSERT( memcmp( output_buffer, expected_outputs[i], + output_sizes[i] ) == 0 ); + /* Check the generator status. */ + expected_capacity -= output_sizes[i]; + TEST_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) == + PSA_SUCCESS ); + TEST_ASSERT( expected_capacity == current_capacity ); + } + TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + +exit: + mbedtls_free( output_buffer ); + psa_generator_abort( &generator ); + psa_destroy_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_random( int bytes_arg ) { From f24af9602f7e5e88dc5e9d4db1617c06e4ed4bb1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:29:05 +0200 Subject: [PATCH 0420/2197] Key derivation with HKDF: add a few negative tests --- tests/suites/test_suite_psa_crypto.data | 55 +++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d7031b8c..f906874ed 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -252,6 +252,18 @@ PSA key policy: asymmetric signature, neither sign nor verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +PSA key policy: derive, permitted +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) + +PSA key policy: derive, not permitted +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) + +PSA key policy: derive, wrong algorithm +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) + PSA key lifetime: set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE @@ -745,11 +757,22 @@ PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: HKDF-SHA-256, good case +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS + +PSA key derivation: bad key type +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: not a key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: unsupported key derivation algorithm +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED + PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" @@ -797,6 +820,38 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" + +PSA key derivation: HKDF SHA-256, request maximum capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" + +PSA key derivation: HKDF SHA-1, request maximum capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" + +PSA key derivation: HKDF SHA-256, request too much capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: HKDF SHA-1, request too much capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_ALG_HKDF(PSA_ALG_SHA_1):"":"":255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: over capacity 42: output 42+1 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff" + +PSA key derivation: over capacity 42: output 41+2 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff" + +PSA key derivation: over capacity 42: output 43+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"" + +PSA key derivation: over capacity 42: output 43+1 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff" PSA generate random: 0 bytes generate_random:0 From 0386fbaa70883c9ef7f8390c2a264f11ef8596ec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Jul 2018 17:29:22 +0200 Subject: [PATCH 0421/2197] Key derivation: test deriving a key from the KDF output --- tests/suites/test_suite_psa_crypto.data | 17 +++ tests/suites/test_suite_psa_crypto.function | 143 ++++++++++++++++++++ 2 files changed, 160 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f906874ed..43b964730 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -852,6 +852,23 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key derivation: over capacity 42: output 43+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff" + +PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key derivation: HKDF SHA-256, exercise HKDF-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) + +PSA key derivation: HKDF SHA-256, derive key, 16+32 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 + +PSA key derivation: HKDF SHA-256, derive key, 1+41 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 + PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cf72e489e..1f1732e65 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2583,6 +2583,149 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_key_exercise( int alg_arg, + data_t *key_data, + data_t *salt, + data_t *label, + int derived_type_arg, + int derived_bits_arg, + int derived_usage_arg, + int derived_alg_arg ) +{ + psa_key_slot_t base_key = 1; + psa_key_slot_t derived_key = 2; + psa_algorithm_t alg = alg_arg; + psa_key_type_t derived_type = derived_type_arg; + size_t derived_bits = derived_bits_arg; + psa_key_usage_t derived_usage = derived_usage_arg; + psa_algorithm_t derived_alg = derived_alg_arg; + size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_policy_t policy; + psa_key_type_t got_type; + size_t got_bits; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + /* Derive a key. */ + TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + salt->x, salt->len, + label->x, label->len, + capacity ) == PSA_SUCCESS ); + psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); + TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( derived_key, + derived_type, + derived_bits, + &generator ) == PSA_SUCCESS ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( derived_key, + &got_type, + &got_bits ) == PSA_SUCCESS ); + TEST_ASSERT( got_type == derived_type ); + TEST_ASSERT( got_bits == derived_bits ); + + /* Exercise the derived key. */ + if( ! exercise_key( derived_key, derived_usage, derived_alg ) ) + goto exit; + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( base_key ); + psa_destroy_key( derived_key ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void derive_key_export( int alg_arg, + data_t *key_data, + data_t *salt, + data_t *label, + int bytes1_arg, + int bytes2_arg ) +{ + psa_key_slot_t base_key = 1; + psa_key_slot_t derived_key = 2; + psa_algorithm_t alg = alg_arg; + size_t bytes1 = bytes1_arg; + size_t bytes2 = bytes2_arg; + size_t capacity = bytes1 + bytes2; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + uint8_t *output_buffer = mbedtls_calloc( 1, capacity ); + uint8_t *export_buffer = mbedtls_calloc( 1, capacity ); + psa_key_policy_t policy; + size_t length; + + TEST_ASSERT( output_buffer != NULL ); + TEST_ASSERT( export_buffer != NULL ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + /* Derive some material and output it. */ + TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + salt->x, salt->len, + label->x, label->len, + capacity ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_read( &generator, + output_buffer, + capacity ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + + /* Derive the same output again, but this time store it in key objects. */ + TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + salt->x, salt->len, + label->x, label->len, + capacity ) == PSA_SUCCESS ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); + TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( derived_key, + PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( bytes1 ), + &generator ) == PSA_SUCCESS ); + TEST_ASSERT( psa_export_key( derived_key, + export_buffer, bytes1, + &length ) == PSA_SUCCESS ); + TEST_ASSERT( length == bytes1 ); + TEST_ASSERT( psa_destroy_key( derived_key ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( derived_key, + PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( bytes2 ), + &generator ) == PSA_SUCCESS ); + TEST_ASSERT( psa_export_key( derived_key, + export_buffer + bytes1, bytes2, + &length ) == PSA_SUCCESS ); + TEST_ASSERT( length == bytes2 ); + + /* Compare the outputs from the two runs. */ + TEST_ASSERT( memcmp( output_buffer, export_buffer, capacity ) == 0 ); + +exit: + mbedtls_free( output_buffer ); + mbedtls_free( export_buffer ); + psa_generator_abort( &generator ); + psa_destroy_key( base_key ); + psa_destroy_key( derived_key ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_random( int bytes_arg ) { From d54931c7c4d199ec709d7f6f7516d361cdff4b4b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Jul 2018 21:06:59 +0200 Subject: [PATCH 0422/2197] HKDF: be more robust if we reach the maximum ouptut length In psa_generator_hkdf_read, return BAD_STATE if we're trying to construct more output than the algorithm allows. This can't happen through the API due to the capacity limit, but it could potentially happen in an internal call. Also add a test case that verifies that we can set up HKDF with its maximum capacity and read up to the maximum capacity. --- library/psa_crypto.c | 9 ++- tests/suites/test_suite_psa_crypto.data | 8 +++ tests/suites/test_suite_psa_crypto.function | 66 +++++++++++++++++++++ 3 files changed, 82 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9e8f90b54..ef99403e3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3047,8 +3047,15 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, output += n; output_length -= n; hkdf->offset_in_block += n; - if( output_length == 0 || hkdf->block_number == 0xff ) + if( output_length == 0 ) break; + /* We can't be wanting more output after block 0xff, otherwise + * the capacity check in psa_generator_read() would have + * prevented this call. It could happen only if the generator + * object was corrupted or if this function is called directly + * inside the library. */ + if( hkdf->block_number == 0xff ) + return( PSA_ERROR_BAD_STATE ); /* We need a new block */ ++hkdf->block_number; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 43b964730..8ffaa8779 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -853,6 +853,14 @@ PSA key derivation: over capacity 42: output 43+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff" +PSA key derivation: HKDF SHA-256, read maximum capacity minus 1 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1 + +PSA key derivation: HKDF SHA-256, read maximum capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 + PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1f1732e65..27bc4e1d5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2583,6 +2583,72 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_full( int alg_arg, + data_t *key_data, + data_t *salt, + data_t *label, + int requested_capacity_arg ) +{ + psa_key_slot_t slot = 1; + psa_algorithm_t alg = alg_arg; + size_t requested_capacity = requested_capacity_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + unsigned char output_buffer[16]; + size_t expected_capacity = requested_capacity; + size_t current_capacity; + psa_key_policy_t policy; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + /* Extraction phase. */ + TEST_ASSERT( psa_key_derivation( &generator, slot, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) == + PSA_SUCCESS ); + TEST_ASSERT( current_capacity == expected_capacity ); + + /* Expansion phase. */ + while( current_capacity > 0 ) + { + size_t read_size = sizeof( output_buffer ); + if( read_size > current_capacity ) + read_size = current_capacity; + TEST_ASSERT( psa_generator_read( &generator, + output_buffer, + read_size ) == PSA_SUCCESS ); + expected_capacity -= read_size; + TEST_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) == + PSA_SUCCESS ); + TEST_ASSERT( current_capacity == expected_capacity ); + } + + /* Check that the generator refuses to go over capacity. */ + TEST_ASSERT( psa_generator_read( &generator, + output_buffer, + 1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); + + TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void derive_key_exercise( int alg_arg, data_t *key_data, From 50a058c9f383d635ef9b1a00b7793a556cf5362c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 25 Jun 2018 17:12:53 +0100 Subject: [PATCH 0423/2197] crypto/library: Add a Makefile --- crypto/library/Makefile | 76 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 crypto/library/Makefile diff --git a/crypto/library/Makefile b/crypto/library/Makefile new file mode 100644 index 000000000..9151662a7 --- /dev/null +++ b/crypto/library/Makefile @@ -0,0 +1,76 @@ +CFLAGS ?= -O2 -I../include +WARNING_CFLAGS ?= \ + -Werror -Wall -Wextra \ + -Wno-unused-function \ + -Wno-overlength-strings \ + -Wdeclaration-after-statement \ +# Don't delete this line. + +OBJS_CRYPTO := \ + aes.o \ + aesni.o \ + arc4.o \ + asn1parse.o \ + asn1write.o \ + base64.o \ + bignum.o \ + blowfish.o \ + camellia.o \ + ccm.o \ + cipher.o \ + cipher_wrap.o \ + cmac.o \ + ctr_drbg.o \ + des.o \ + ecdsa.o \ + ecp.o \ + ecp_curves.o \ + entropy.o \ + entropy_poll.o \ + gcm.o \ + hmac_drbg.o \ + md.o \ + md2.o \ + md4.o \ + md5.o \ + md_wrap.o \ + oid.o \ + pem.o \ + pk.o \ + pk_wrap.o \ + pkcs12.o \ + pkcs5.o \ + pkparse.o \ + pkwrite.o \ + platform.o \ + platform_util.o \ + psa_crypto.o \ + ripemd160.o \ + rsa_internal.o \ + rsa.o \ + sha1.o \ + sha256.o \ + sha512.o \ + xtea.o \ +# Don't delete this line. + +.SILENT: + +.PHONY: all static clean + +all: static + +static: libmbedcrypto.a + +libmbedcrypto.a: $(OBJS_CRYPTO) + echo " AR $@" + $(AR) -rc $@ $(OBJS_CRYPTO) + echo " RL $@" + $(AR) -s $@ + +.c.o: + echo " CC $<" + $(CC) $(CFLAGS) $(WARNING_CFLAGS) -c $< + +clean: + rm -f *.o libmbedcrypto.a From 1efc5fe6c5a468f20ea340c4c0cd48343b33566a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 6 Jul 2018 10:37:06 +0100 Subject: [PATCH 0424/2197] crypto/tests: Add a Makefile --- crypto/tests/Makefile | 73 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 crypto/tests/Makefile diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile new file mode 100644 index 000000000..3315a6eca --- /dev/null +++ b/crypto/tests/Makefile @@ -0,0 +1,73 @@ +CFLAGS ?= -O2 -I../include +WARNING_CFLAGS ?= \ + -Werror -Wall -Wextra \ + -Wno-unused-function \ + -Wno-overlength-strings \ + -Wdeclaration-after-statement \ +# Don't delete this line. + +LDFLAGS ?= -L../library -lmbedcrypto + +DEP := ../library/libmbedcrypto.a + +# Python executable +PYTHON ?= python + +APPS := \ + test_suite_psa_crypto \ +# Don't delete this line. + +# Look up for associated function files +func.test_suite_psa_crypto := test_suite_psa_crypto + +.SILENT: + +.PHONY: all test clean + +all: $(APPS) + +$(DEP): + $(MAKE) -C ../library + +C_FILES := $(addsuffix .c,$(APPS)) + +.SECONDEXPANSION: +$(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function + echo " Gen $@" + $(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \ + -d suites/$*.data \ + -t suites/main_test.function \ + -p suites/host_test.function \ + -s suites \ + --help-file suites/helpers.function \ + -o . + + +$(APPS): %: %.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(WARNING_CFLAGS) $< $(LDFLAGS) -o $@ + +clean: + rm -rf $(APPS) *.c *.data TESTS + rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write + +test: $(APPS) + ./test_suite_psa_crypto + +# Create separate targets for generating embedded tests. +EMBEDDED_TESTS := $(addprefix embedded_,$(APPS)) + +# Generate test code for target. + +.SECONDEXPANSION: +$(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function + echo " Gen ./TESTS/mbedcrypto/$*/$*.c" + $(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \ + -d suites/$*.data \ + -t suites/main_test.function \ + -p suites/target_test.function \ + -s suites \ + --help-file suites/helpers.function \ + -o ./TESTS/mbedcrypto/$* + +gen-embedded-test: $(EMBEDDED_TESTS) From a3ff8a6ed59e9c8e803f5388a41a1bba18f77919 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 10 Jul 2018 10:10:21 +0300 Subject: [PATCH 0425/2197] psa: programs: Add cipher example Add `programs/psa/crypto_examples.c`. Update relevant Makefiles, CMakeLists.txt, and .gitignore files. --- programs/.gitignore | 1 + programs/CMakeLists.txt | 1 + programs/Makefile | 5 +++++ programs/psa/CMakeLists.txt | 7 +++++++ programs/psa/crypto_examples.c | 4 ++++ 5 files changed, 18 insertions(+) create mode 100644 programs/psa/CMakeLists.txt create mode 100644 programs/psa/crypto_examples.c diff --git a/programs/.gitignore b/programs/.gitignore index d58253d49..453ae0d13 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -29,6 +29,7 @@ pkey/rsa_sign pkey/rsa_sign_pss pkey/rsa_verify pkey/rsa_verify_pss +psa/crypto_examples psa/psa_constant_names psa/psa_constant_names_generated.c psa/key_ladder_demo diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt index 4cdae7821..661b12071 100644 --- a/programs/CMakeLists.txt +++ b/programs/CMakeLists.txt @@ -1,6 +1,7 @@ add_subdirectory(aes) add_subdirectory(hash) add_subdirectory(pkey) +add_subdirectory(psa) add_subdirectory(random) add_subdirectory(ssl) add_subdirectory(test) diff --git a/programs/Makefile b/programs/Makefile index 9e1a5279e..b1534071c 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -60,6 +60,7 @@ APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \ pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \ pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \ + psa/crypto_examples$(EXEXT) \ psa/key_ladder_demo$(EXEXT) psa/psa_constant_names$(EXEXT) \ ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \ ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \ @@ -308,6 +309,10 @@ x509/req_app$(EXEXT): x509/req_app.c $(DEP) echo " CC x509/req_app.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP) + echo " CC psa/crypto_examples.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + clean: ifndef WINDOWS rm -f $(APPS) $(EXTRA_GENERATED) diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt new file mode 100644 index 000000000..a0fe803d7 --- /dev/null +++ b/programs/psa/CMakeLists.txt @@ -0,0 +1,7 @@ +add_executable(crypto_examples crypto_examples.c) +target_link_libraries(crypto_examples mbedtls) + +install(TARGETS crypto_examples + DESTINATION "bin" + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c new file mode 100644 index 000000000..3a549ff86 --- /dev/null +++ b/programs/psa/crypto_examples.c @@ -0,0 +1,4 @@ +int main( void ) +{ + return( 0 ); +} From 5a6ade8ab664e65830e8e2fde2e7ca23e468c585 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 19 Jul 2018 13:39:30 +0100 Subject: [PATCH 0426/2197] crypto/programs: Add a Makefile --- crypto/programs/Makefile | 51 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 crypto/programs/Makefile diff --git a/crypto/programs/Makefile b/crypto/programs/Makefile new file mode 100644 index 000000000..093b43dcf --- /dev/null +++ b/crypto/programs/Makefile @@ -0,0 +1,51 @@ +CFLAGS ?= -O2 -I../include +WARNING_CFLAGS ?= \ + -Werror -Wall -Wextra \ + -Wno-unused-function \ + -Wno-overlength-strings \ + -Wdeclaration-after-statement \ +# Don't delete this line. + +LDFLAGS ?= -L../library -lmbedcrypto + +DEP := ../library/libmbedcrypto.a + +APPS := \ + psa/crypto_examples \ + psa/key_ladder_demo \ + psa/psa_constant_names \ +# Don't delete this line. + +EXTRA_GENERATED := \ + psa/psa_constant_names_generated.c \ +# Don't delete this line. + +.SILENT: + +.PHONY: all clean list + +all: $(APPS) + +$(DEP): + $(MAKE) -C ../library + +psa/crypto_examples: psa/crypto_examples.c $(DEP) + echo " CC psa/crypto_examples.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +psa/key_ladder_demo: psa/key_ladder_demo.c $(DEP) + echo " CC psa/key_ladder_demo.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h + ../scripts/generate_psa_constants.py + +psa/psa_constant_names: psa/psa_constant_names_generated.c psa/psa_constant_names.c $(DEP) + echo " CC psa/psa_constant_names.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +clean: + rm -f $(APPS) $(EXTRA_GENERATED) + +list: + echo $(APPS) From 10366708d6a4c6c68ae6961ca0620919aaf71ea3 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 11 Jul 2018 13:44:41 +0300 Subject: [PATCH 0427/2197] psa: programs: Add cipher AES CBC no padding --- programs/psa/crypto_examples.c | 210 +++++++++++++++++++++++++++++++++ 1 file changed, 210 insertions(+) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 3a549ff86..18f93a299 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -1,4 +1,214 @@ +#include "psa/crypto.h" +#include + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_printf printf +#endif + +#define ASSERT( predicate ) \ + do \ + { \ + if( ! ( predicate ) ) \ + { \ + mbedtls_printf( "\tassertion failed at %s:%d - '%s'\r\n", \ + __FILE__, __LINE__, #predicate); \ + goto exit; \ + } \ + } while ( 0 ) + +#define ASSERT_STATUS( actual, expected ) \ + do \ + { \ + if( ( actual ) != ( expected ) ) \ + { \ + mbedtls_printf( "\tassertion failed at %s:%d - " \ + "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ + (psa_status_t) actual, (psa_status_t) expected ); \ + goto exit; \ + } \ + } while ( 0 ) + +/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */ +static const psa_key_slot_t key_slot_cipher = 1; + +static psa_status_t set_key_policy( psa_key_slot_t key_slot, + psa_key_usage_t key_usage, + psa_algorithm_t alg ) +{ + psa_status_t status; + psa_key_policy_t policy; + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, key_usage, alg ); + status = psa_set_key_policy( key_slot, &policy ); + ASSERT_STATUS( status, PSA_SUCCESS ); +exit: + return( status ); +} + +static psa_status_t cipher_operation( psa_cipher_operation_t *operation, + const uint8_t * input, + size_t input_size, + size_t part_size, + uint8_t * output, + size_t output_size, + size_t *output_len ) +{ + psa_status_t status; + size_t bytes_to_write = 0, bytes_written = 0, len = 0; + + *output_len = 0; + while( bytes_written != input_size ) + { + bytes_to_write = ( input_size - bytes_written > part_size ? + part_size : + input_size - bytes_written ); + + status = psa_cipher_update( operation, input + bytes_written, + bytes_to_write, output + *output_len, + output_size - *output_len, &len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + bytes_written += bytes_to_write; + *output_len += len; + } + + status = psa_cipher_finish( operation, output + *output_len, + output_size - *output_len, &len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + *output_len += len; + +exit: + return( status ); +} + +static psa_status_t cipher_encrypt( psa_key_slot_t key_slot, + psa_algorithm_t alg, + uint8_t * iv, + size_t iv_size, + const uint8_t * input, + size_t input_size, + size_t part_size, + uint8_t * output, + size_t output_size, + size_t *output_len ) +{ + psa_status_t status; + psa_cipher_operation_t operation; + size_t iv_len = 0; + + memset( &operation, 0, sizeof( operation ) ); + status = psa_cipher_encrypt_setup( &operation, key_slot, alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_operation( &operation, input, input_size, part_size, + output, output_size, output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_cipher_abort( &operation ); + return( status ); +} + +static psa_status_t cipher_decrypt( psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t * iv, + size_t iv_size, + const uint8_t * input, + size_t input_size, + size_t part_size, + uint8_t * output, + size_t output_size, + size_t *output_len ) +{ + psa_status_t status; + psa_cipher_operation_t operation; + + memset( &operation, 0, sizeof( operation ) ); + status = psa_cipher_decrypt_setup( &operation, key_slot, alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_cipher_set_iv( &operation, iv, iv_size ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_operation( &operation, input, input_size, part_size, + output, output_size, output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_cipher_abort( &operation ); + return( status ); +} + +static psa_status_t +cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) +{ + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ), + key_bits = 256, + part_size = block_size, + }; + const psa_algorithm_t alg = PSA_ALG_CBC_BASE | + PSA_ALG_BLOCK_CIPHER_PAD_NONE; + + psa_status_t status; + size_t output_len = 0; + uint8_t iv[block_size]; + uint8_t input[block_size]; + uint8_t encrypt[block_size]; + uint8_t decrypt[block_size]; + + status = psa_generate_random( input, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = set_key_policy( key_slot_cipher, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, + alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + NULL, 0 ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ), + input, sizeof( input ), part_size, + encrypt, sizeof( encrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ), + encrypt, output_len, part_size, + decrypt, sizeof( decrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = memcmp( input, decrypt, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_destroy_key( key_slot_cipher ); + return( status ); +} + +static void cipher_examples( void ) +{ + psa_status_t status; + + mbedtls_printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" ); + status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( ); + if( status == PSA_SUCCESS ) + mbedtls_printf( "\tsuccess!\r\n" ); +} + int main( void ) { + ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + cipher_examples( ); +exit: + mbedtls_psa_crypto_free( ); return( 0 ); } From 1ff639d37cf229c01acbf966eb21895b3bc26b07 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 25 Jun 2018 17:08:36 +0100 Subject: [PATCH 0428/2197] crypto: Add a Makefile --- crypto/Makefile | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 crypto/Makefile diff --git a/crypto/Makefile b/crypto/Makefile new file mode 100644 index 000000000..2230ed97c --- /dev/null +++ b/crypto/Makefile @@ -0,0 +1,20 @@ +.PHONY: all lib programs tests clean test + +all: programs tests + +lib: + $(MAKE) -C library + +programs: lib + $(MAKE) -C programs + +tests: lib + $(MAKE) -C tests + +clean: + $(MAKE) -C library clean + $(MAKE) -C programs clean + $(MAKE) -C tests clean + +test: lib tests + $(MAKE) -C tests test From a2d0804b334347cd7899bd90d16b6d1594066d8c Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 12 Jul 2018 10:27:58 +0300 Subject: [PATCH 0429/2197] psa: programs: Add cipher AES CBC PKCS7 multipart --- programs/psa/crypto_examples.c | 52 ++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 18f93a299..e2d2cf553 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -194,6 +194,53 @@ exit: return( status ); } +static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) +{ + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ), + key_bits = 256, + input_size = 100, + part_size = 10, + }; + + const psa_algorithm_t alg = PSA_ALG_CBC_BASE | + PSA_ALG_BLOCK_CIPHER_PAD_PKCS7; + + psa_status_t status; + size_t output_len = 0; + uint8_t iv[block_size], input[input_size], + encrypt[input_size + block_size], decrypt[input_size + block_size]; + + status = psa_generate_random( input, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = set_key_policy( key_slot_cipher, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, + alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + NULL, 0 ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ), + input, sizeof( input ), part_size, + encrypt, sizeof( encrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ), + encrypt, output_len, part_size, + decrypt, sizeof( decrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = memcmp( input, decrypt, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_destroy_key( key_slot_cipher ); + return( status ); +} + static void cipher_examples( void ) { psa_status_t status; @@ -202,6 +249,11 @@ static void cipher_examples( void ) status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( ); if( status == PSA_SUCCESS ) mbedtls_printf( "\tsuccess!\r\n" ); + + mbedtls_printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" ); + status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( ); + if( status == PSA_SUCCESS ) + mbedtls_printf( "\tsuccess!\r\n" ); } int main( void ) From 9fb0e011771b03c15466e6b0f86dcc62ac057048 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Jul 2018 15:51:49 +0200 Subject: [PATCH 0430/2197] Fix nonstandard whitespace --- include/psa/crypto.h | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 47241a68c..63be86b3e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2192,17 +2192,17 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_aead_encrypt( psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length ); +psa_status_t psa_aead_encrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); /** Process an authenticated decryption operation. * @@ -2245,17 +2245,17 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_aead_decrypt( psa_key_slot_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length ); +psa_status_t psa_aead_decrypt(psa_key_slot_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); /**@}*/ From debb2c0d12ff29e947383dedfff5740c904e292d Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 25 Jun 2018 17:25:29 +0100 Subject: [PATCH 0431/2197] crypto: Add an Mbed Crypto exporter script Create a tarball-based ditribution of the Mbed Crypto source code using the code from Mbed TLS. Only export the files needed by Mbed Crypto to implement the PSA Crypto API. Rename "mbedtls_*" and "MBEDTLS_*" symbols to "mbedcrypto_*" and "MBEDCRYPTO_*". The exported distribution can stand alone, without any Mbed TLS repository needing to be present. "make test" will continue to work as before and will run only the PSA Crypto test suite. --- scripts/mbed_crypto.make | 226 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 226 insertions(+) create mode 100644 scripts/mbed_crypto.make diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make new file mode 100644 index 000000000..391c914f4 --- /dev/null +++ b/scripts/mbed_crypto.make @@ -0,0 +1,226 @@ +########################################################################### +# +# Copyright (c) 2018, ARM Limited, All Rights Reserved +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +########################################################################### + +# +# Use this file to export an Mbed Crypto release tarball as follows, from the +# top level of the mbedtls repo: +# +# 1) make -f scripts/mbed_crypto.make +# + +.PHONY: all clean FORCE + +all: mbedcrypto.tar.gz + +# +# Crypto-necessary library files +# +LIB_FILES := \ + aes.c \ + aesni.c \ + arc4.c \ + asn1parse.c \ + asn1write.c \ + base64.c \ + bignum.c \ + blowfish.c \ + camellia.c \ + ccm.c \ + cipher.c \ + cipher_wrap.c \ + cmac.c \ + ctr_drbg.c \ + des.c \ + ecdsa.c \ + ecp.c \ + ecp_curves.c \ + entropy.c \ + entropy_poll.c \ + gcm.c \ + hmac_drbg.c \ + md.c \ + md2.c \ + md4.c \ + md5.c \ + md_wrap.c \ + oid.c \ + pem.c \ + pk.c \ + pk_wrap.c \ + pkcs12.c \ + pkcs5.c \ + pkparse.c \ + pkwrite.c \ + platform.c \ + platform_util.c \ + psa_crypto.c \ + ripemd160.c \ + rsa_internal.c \ + rsa.c \ + sha1.c \ + sha256.c \ + sha512.c \ + xtea.c \ +# Don't delete this line. + +# +# Crypto-necessary include files +# +INC_FILES := \ + mbedcrypto/aes.h \ + mbedcrypto/aesni.h \ + mbedcrypto/arc4.h \ + mbedcrypto/asn1.h \ + mbedcrypto/asn1write.h \ + mbedcrypto/base64.h \ + mbedcrypto/bignum.h \ + mbedcrypto/blowfish.h \ + mbedcrypto/bn_mul.h \ + mbedcrypto/camellia.h \ + mbedcrypto/ccm.h \ + mbedcrypto/certs.h \ + mbedcrypto/check_config.h \ + mbedcrypto/cipher.h \ + mbedcrypto/cipher_internal.h \ + mbedcrypto/cmac.h \ + mbedcrypto/config.h \ + mbedcrypto/ctr_drbg.h \ + mbedcrypto/des.h \ + mbedcrypto/ecdsa.h \ + mbedcrypto/ecp.h \ + mbedcrypto/ecp_internal.h \ + mbedcrypto/entropy.h \ + mbedcrypto/entropy_poll.h \ + mbedcrypto/error.h \ + mbedcrypto/gcm.h \ + mbedcrypto/hmac_drbg.h \ + mbedcrypto/md.h \ + mbedcrypto/md2.h \ + mbedcrypto/md4.h \ + mbedcrypto/md5.h \ + mbedcrypto/md_internal.h \ + mbedcrypto/oid.h \ + mbedcrypto/pem.h \ + mbedcrypto/pk.h \ + mbedcrypto/pk_internal.h \ + mbedcrypto/pkcs11.h \ + mbedcrypto/pkcs12.h \ + mbedcrypto/pkcs5.h \ + mbedcrypto/platform.h \ + mbedcrypto/platform_util.h \ + mbedcrypto/ripemd160.h \ + mbedcrypto/rsa.h \ + mbedcrypto/rsa_internal.h \ + mbedcrypto/sha1.h \ + mbedcrypto/sha256.h \ + mbedcrypto/sha512.h \ + mbedcrypto/threading.h \ + mbedcrypto/xtea.h \ + psa/crypto.h \ + psa/crypto_extra.h \ + psa/crypto_platform.h \ + psa/crypto_sizes.h \ + psa/crypto_struct.h \ +# Don't delete this line. + +TEST_FILES := \ + tests/scripts/generate_test_code.py \ + tests/scripts/mbedtls_test.py \ + tests/scripts/test_generate_test_code.py \ + tests/scripts/run-test-suites.pl \ + tests/suites/helpers.function \ + tests/suites/host_test.function \ + tests/suites/main_test.function \ + tests/suites/target_test.function \ + tests/suites/test_suite_psa_crypto.data \ + tests/suites/test_suite_psa_crypto.function \ +# Don't delete this line. + +OTHER_FILES := \ + LICENSE \ + VERSION.txt \ + programs/psa/crypto_examples.c \ + programs/psa/key_ladder_demo.c \ + programs/psa/psa_constant_names.c \ + scripts/config.pl \ + scripts/generate_psa_constants.py \ +# Don't delete this line. + +# Prepend destination directory +LIB_FILES := $(addprefix crypto/library/,$(LIB_FILES)) +INC_FILES := $(addprefix crypto/include/,$(INC_FILES)) +TEST_FILES := $(addprefix crypto/,$(TEST_FILES)) +OTHER_FILES := $(addprefix crypto/,$(OTHER_FILES)) + +define rename_mbedcrypto + @sed -i -e 's/Mbed TLS/Mbed Crypto/g' $(1) + @sed -i -e 's/mbed TLS/Mbed Crypto/g' $(1) + @sed -i -e 's/MBEDTLS_/MBEDCRYPTO_/g' $(1) + @sed -i -e 's/mbedtls/mbedcrypto/g' $(1) + @sed -i -e 's/MbedTls/MbedCrypto/g' $(1) + @sed -i -e 's/include\/mbedtls/include\/mbedcrypto/g' $(1) +endef + +crypto/include/mbedcrypto/config.h: configs/config-psa-crypto.h + @echo $@ + @mkdir -p $(dir $@) + @cp $< $@ + @#Rename the file in the comments + @sed -i -e 's/config-psa-crypto.h/config.h/g' $@ + $(call rename_mbedcrypto,$@) + +crypto/tests/data_files/%: tests/data_files/% + @echo $@ + @mkdir -p $(dir $@) + @cp $< $@ + @#Don't rename things inside data files + +crypto/include/mbedcrypto/%.h: include/mbedtls/%.h + @echo $@ + @mkdir -p $(dir $@) + @cp $< $@ + $(call rename_mbedcrypto,$@) + +crypto/LICENSE: apache-2.0.txt + @echo $@ + @mkdir -p $(dir $@) + @cp $< $@ + @#Don't rename anything in the license + +crypto/%: % + @echo $@ + @mkdir -p $(dir $@) + @cp $< $@ + $(call rename_mbedcrypto,$@) + +crypto/VERSION.txt: FORCE + @git describe --tags --abbrev=12 --dirty > $@ + +mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES) + @echo $@ + @tar czf mbedcrypto.tar.gz crypto + +clean: + @echo clean + @rm -rf mbedcrypto.tar.gz \ + $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES) + +FORCE: + +# vi: ft=make From 44b09d2a67a4c33eb39d4eb4ebbe3e9877a7c22d Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 12 Jul 2018 13:06:41 +0300 Subject: [PATCH 0432/2197] psa: programs: Add cipher AES CTR multipart --- programs/psa/crypto_examples.c | 50 ++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index e2d2cf553..a7c36fa04 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -241,6 +241,51 @@ exit: return( status ); } +static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) +{ + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ), + key_bits = 256, + input_size = 100, + part_size = 10, + }; + const psa_algorithm_t alg = PSA_ALG_CTR; + + psa_status_t status; + size_t output_len = 0; + uint8_t iv[block_size], input[input_size], encrypt[input_size], + decrypt[input_size]; + + status = psa_generate_random( input, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = set_key_policy( key_slot_cipher, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, + alg ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + NULL, 0 ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ), + input, sizeof( input ), part_size, + encrypt, sizeof( encrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ), + encrypt, output_len, part_size, + decrypt, sizeof( decrypt ), &output_len ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = memcmp( input, decrypt, sizeof( input ) ); + ASSERT_STATUS( status, PSA_SUCCESS ); + +exit: + psa_destroy_key( key_slot_cipher ); + return( status ); +} + static void cipher_examples( void ) { psa_status_t status; @@ -254,6 +299,11 @@ static void cipher_examples( void ) status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( ); if( status == PSA_SUCCESS ) mbedtls_printf( "\tsuccess!\r\n" ); + + mbedtls_printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" ); + status = cipher_example_encrypt_decrypt_aes_ctr_multi( ); + if( status == PSA_SUCCESS ) + mbedtls_printf( "\tsuccess!\r\n" ); } int main( void ) From 08542d80376b46999dbaada5dde810733b9ea547 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Jul 2018 17:05:42 +0200 Subject: [PATCH 0433/2197] Fix psa_generator_import_key for DES In psa_generator_import_key, if generating a DES or 3DES key, set the parity bits. Add tests for deriving a DES key. Also test deriving an AES key while I'm at it. --- library/psa_crypto.c | 25 ++++++++++++++++++------- tests/suites/test_suite_psa_crypto.data | 20 ++++++++++++++++++++ 2 files changed, 38 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ef99403e3..a532bd358 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3142,6 +3142,18 @@ exit: return( status ); } +#if defined(MBEDTLS_DES_C) +static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) +{ + if( data_size >= 8 ) + mbedtls_des_key_set_parity( data ); + if( data_size >= 16 ) + mbedtls_des_key_set_parity( data + 8 ); + if( data_size >= 24 ) + mbedtls_des_key_set_parity( data + 16 ); +} +#endif /* MBEDTLS_DES_C */ + psa_status_t psa_generator_import_key( psa_key_slot_t key, psa_key_type_t type, size_t bits, @@ -3162,6 +3174,10 @@ psa_status_t psa_generator_import_key( psa_key_slot_t key, status = psa_generator_read( generator, data, bytes ); if( status != PSA_SUCCESS ) goto exit; +#if defined(MBEDTLS_DES_C) + if( type == PSA_KEY_TYPE_DES ) + psa_des_set_key_parity( data, bytes ); +#endif /* MBEDTLS_DES_C */ status = psa_import_key( key, type, data, bytes ); exit: @@ -3312,13 +3328,8 @@ psa_status_t psa_generate_key( psa_key_slot_t key, } #if defined(MBEDTLS_DES_C) if( type == PSA_KEY_TYPE_DES ) - { - mbedtls_des_key_set_parity( slot->data.raw.data ); - if( slot->data.raw.bytes >= 16 ) - mbedtls_des_key_set_parity( slot->data.raw.data + 8 ); - if( slot->data.raw.bytes == 24 ) - mbedtls_des_key_set_parity( slot->data.raw.data + 16 ); - } + psa_des_set_key_parity( slot->data.raw.data, + slot->data.raw.bytes ); #endif /* MBEDTLS_DES_C */ } else diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8ffaa8779..4904dff21 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -861,6 +861,26 @@ PSA key derivation: HKDF SHA-256, read maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 +PSA key derivation: HKDF SHA-256, exercise AES128-CTR +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: HKDF SHA-256, exercise AES256-CTR +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: HKDF SHA-256, exercise DES-CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 + +PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 + +PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 + PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) From 80e317af15575e2106b6abe72461033649cda83e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 11 Jul 2018 15:45:23 +0100 Subject: [PATCH 0434/2197] all.sh: Test the Mbed Crypto exporter Ensure that the exporter creates a "crypto" folder where "make test" runs and passes. Ensure that cleanup also runs without error. --- scripts/mbed_crypto.make | 1 + tests/scripts/all.sh | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index 391c914f4..f06bdfba2 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -157,6 +157,7 @@ OTHER_FILES := \ VERSION.txt \ programs/psa/crypto_examples.c \ programs/psa/key_ladder_demo.c \ + programs/psa/key_ladder_demo.sh \ programs/psa/psa_constant_names.c \ scripts/config.pl \ scripts/generate_psa_constants.py \ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1faa5d561..996204662 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -456,6 +456,14 @@ msg "test: doxygen warnings" # ~ 3s cleanup tests/scripts/doxygen.sh +msg "test: Mbed Crypto exporter " # ~ 30s +cleanup +make -f scripts/mbed_crypto.make +cd crypto +make test +make clean +cd .. +make -f scripts/mbed_crypto.make clean ################################################################ From 18ac331e1517897a66cbb39be0d38cfcee55e07e Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 17 Jul 2018 09:28:11 +0300 Subject: [PATCH 0435/2197] psa: programs: Add cipher example fallback main When dependencies are missing, print an error message from the example about missing dependencies at run-time. --- programs/psa/crypto_examples.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index a7c36fa04..e8b64f19a 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -31,6 +31,19 @@ } \ } while ( 0 ) +#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \ + !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \ + !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) +int main( void ) +{ + mbedtls_printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " + "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " + "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " + "not defined.\r\n" ); + return( 0 ); +} +#else + /* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */ static const psa_key_slot_t key_slot_cipher = 1; @@ -314,3 +327,5 @@ exit: mbedtls_psa_crypto_free( ); return( 0 ); } +#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC && + MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */ From f0fa436b65813c0c3d02ce55ef5d9238931b9058 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 16 Jul 2018 17:08:43 +0200 Subject: [PATCH 0436/2197] New sample program key_ladder_demo Demo of a key derivation ladder. Sample run in key_ladder_demo.sh. --- programs/.gitignore | 1 + programs/Makefile | 6 +- programs/psa/key_ladder_demo.c | 682 ++++++++++++++++++++++++++++++++ programs/psa/key_ladder_demo.sh | 49 +++ 4 files changed, 737 insertions(+), 1 deletion(-) create mode 100644 programs/psa/key_ladder_demo.c create mode 100755 programs/psa/key_ladder_demo.sh diff --git a/programs/.gitignore b/programs/.gitignore index 327dbdc17..d58253d49 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -31,6 +31,7 @@ pkey/rsa_verify pkey/rsa_verify_pss psa/psa_constant_names psa/psa_constant_names_generated.c +psa/key_ladder_demo random/gen_entropy random/gen_random_ctr_drbg random/gen_random_havege diff --git a/programs/Makefile b/programs/Makefile index c65a10c43..9e1a5279e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -60,7 +60,7 @@ APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \ pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \ pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \ - psa/psa_constant_names$(EXEXT) \ + psa/key_ladder_demo$(EXEXT) psa/psa_constant_names$(EXEXT) \ ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \ ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \ ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \ @@ -196,6 +196,10 @@ pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP) echo " CC pkey/rsa_encrypt.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +psa/key_ladder_demo$(EXEXT): psa/key_ladder_demo.c $(DEP) + echo " CC psa/key_ladder_demo.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP) echo " CC psa/psa_constant_names.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c new file mode 100644 index 000000000..2c75ca462 --- /dev/null +++ b/programs/psa/key_ladder_demo.c @@ -0,0 +1,682 @@ +/** + * PSA API key derivation demonstration + * + * This program calculates a key ladder: a chain of secret material, each + * derived from the previous one in a deterministic way based on a label. + * Two keys are identical if and only if they are derived from the same key + * using the same label. + * + * The initial key is called the master key. The master key is normally + * randomly generated, but it could itself be derived from another key. + * + * This program derives a series of keys called intermediate keys. + * The first intermediate key is derived from the master key using the + * first label passed on the command line. Each subsequent intermediate + * key is derived from the previous one using the next label passed + * on the command line. + * + * This program has four modes of operation: + * + * - "generate": generate a random master key. + * - "wrap": derive a wrapping key from the last intermediate key, + * and use that key to encrypt-and-authenticate some data. + * - "unwrap": derive a wrapping key from the last intermediate key, + * and use that key to decrypt-and-authenticate some + * ciphertext created by wrap mode. + * - "save": save the last intermediate key so that it can be reused as + * the master key in another run of the program. + * + * See the usage() output for the command line usage. See the file + * `key_ladder_demo.sh` for an example run. + */ + +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* First include Mbed TLS headers to get the Mbed TLS configuration and + * platform definitions that we'll use in this program. Also include + * standard C headers for functions we'll use here. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_printf printf +#endif +#include +#include + +#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize + +/* If the build options we need are not enabled, compile a placeholder. */ +#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ + !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) +int main( void ) +{ + mbedtls_printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n"); + return( 0 ); +} +#else + +/* The real program starts here. */ + + + +#include + +/* Run a system function and bail out if it fails. */ +#define SYS_CHECK( expr ) \ + do \ + { \ + if( ! ( expr ) ) \ + { \ + perror( #expr ); \ + status = DEMO_ERROR; \ + goto exit; \ + } \ + } \ + while( 0 ) + +/* Run a PSA function and bail out if it fails. */ +#define PSA_CHECK( expr ) \ + do \ + { \ + status = ( expr ); \ + if( status != PSA_SUCCESS ) \ + { \ + mbedtls_printf( "Error %d at line %u: %s\n", \ + (int) status, \ + __LINE__, \ + #expr ); \ + goto exit; \ + } \ + } \ + while( 0 ) + +/* To report operational errors in this program, use an error code that is + * different from every PSA error code. */ +#define DEMO_ERROR 120 + +/* The maximum supported key ladder depth. */ +#define MAX_LADDER_DEPTH 10 + +/* Salt to use when deriving an intermediate key. */ +#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" ) +#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) ) + +/* Salt to use when deriving a wrapping key. */ +#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" ) +#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) ) + +/* Size of the key derivation keys (applies both to the master key and + * to intermediate keys). */ +#define KEY_SIZE_BYTES 40 + +/* Algorithm for key derivation. */ +#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 ) + +/* Type and size of the key used to wrap data. */ +#define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES +#define WRAPPING_KEY_BITS 128 + +/* Cipher mode used to wrap data. */ +#define WRAPPING_ALG PSA_ALG_CCM + +/* Nonce size used to wrap data. */ +#define WRAPPING_IV_SIZE 13 + +/* Header used in files containing wrapped data. We'll save this header + * directly without worrying about data representation issues such as + * integer sizes and endianness, because the data is meant to be read + * back by the same program on the same machine. */ +#define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte +#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) ) +typedef struct +{ + char magic[WRAPPED_DATA_MAGIC_LENGTH]; + size_t ad_size; /* Size of the additional data, which is this header. */ + size_t payload_size; /* Size of the encrypted data. */ + /* Store the IV inside the additional data. It's convenient. */ + uint8_t iv[WRAPPING_IV_SIZE]; +} wrapped_data_header_t; + +/* This program uses three key slots: one for the master key, one to + * derive intermediate keys, and one for the wrapping key. We use a + * single slot for all the intermediate keys because they are only + * needed successively, so each time we derive an intermediate key, + * we destroy the previous one. */ +static const psa_key_slot_t master_key_slot = 1; +static const psa_key_slot_t derived_key_slot = 2; +static const psa_key_slot_t wrapping_key_slot = 3; + +/* The modes that this program can operate in (see usage). */ +enum program_mode +{ + MODE_GENERATE, + MODE_SAVE, + MODE_UNWRAP, + MODE_WRAP +}; + +/* Save a key to a file. In the real world, you may want to export a derived + * key sometimes, to share it with another party. */ +static psa_status_t save_key( psa_key_slot_t key_slot, + const char *output_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + uint8_t key_data[KEY_SIZE_BYTES]; + size_t key_size; + FILE *key_file = NULL; + + PSA_CHECK( psa_export_key( key_slot, + key_data, sizeof( key_data ), + &key_size ) ); + SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL ); + SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size ); + SYS_CHECK( fclose( key_file ) == 0 ); + key_file = NULL; + +exit: + if( key_file != NULL) + fclose( key_file ); + return( status ); +} + +/* Generate a master key for use in this demo. + * + * Normally a master key would be non-exportable. For the purpose of this + * demo, we want to save it to a file, to avoid relying on the keystore + * capability of the PSA crypto library. */ +static psa_status_t generate( const char *key_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_policy_t policy; + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + KDF_ALG ); + PSA_CHECK( psa_set_key_policy( master_key_slot, &policy ) ); + + PSA_CHECK( psa_generate_key( master_key_slot, + PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), + NULL, 0 ) ); + + PSA_CHECK( save_key( master_key_slot, key_file_name ) ); + +exit: + return( status ); +} + +/* Load the master key from a file. + * + * In the real world, this master key would be stored in an internal memory + * and the storage would be managed by the keystore capability of the PSA + * crypto library. */ +static psa_status_t import_key_from_file( psa_key_slot_t key_slot, + psa_key_usage_t usage, + psa_algorithm_t alg, + const char *key_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_policy_t policy; + uint8_t key_data[KEY_SIZE_BYTES]; + size_t key_size; + FILE *key_file = NULL; + unsigned char extra_byte; + + SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); + SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), + key_file ) ) != 0 ); + if( fread( &extra_byte, 1, 1, key_file ) != 0 ) + { + mbedtls_printf( "Key file too large (max: %u).\n", + (unsigned) sizeof( key_data ) ); + status = DEMO_ERROR; + goto exit; + } + SYS_CHECK( fclose( key_file ) == 0 ); + key_file = NULL; + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage, alg ); + PSA_CHECK( psa_set_key_policy( key_slot, &policy ) ); + PSA_CHECK( psa_import_key( key_slot, + PSA_KEY_TYPE_DERIVE, + key_data, key_size ) ); +exit: + if( key_file != NULL ) + fclose( key_file ); + mbedtls_platform_zeroize( key_data, sizeof( key_data ) ); + return( status ); +} + +/* Derive the intermediate keys, using the list of labels provided on + * the command line. */ +static psa_status_t derive_key_ladder( const char *ladder[], + size_t ladder_depth ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_policy_t policy; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + /* We'll derive the first intermediate key from the master key, then + * each subsequent intemediate key from the previous intemediate key. */ + psa_key_slot_t parent_key_slot = master_key_slot; + size_t i; + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + KDF_ALG ); + + /* For each label in turn, ... */ + for( i = 0; i < ladder_depth; i++ ) + { + /* Start deriving material from the master key (if i=0) or from + * the current intermediate key (if i>0). */ + PSA_CHECK( psa_key_derivation( + &generator, + parent_key_slot, + KDF_ALG, + DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH, + (uint8_t*) ladder[i], strlen( ladder[i] ), + KEY_SIZE_BYTES ) ); + /* When the parent key is not the master key, destroy it, + * since it is no longer needed. */ + if( i != 0 ) + PSA_CHECK( psa_destroy_key( derived_key_slot ) ); + PSA_CHECK( psa_set_key_policy( derived_key_slot, &policy ) ); + /* Use the generator obtained from the parent key to create + * the next intermediate key. */ + PSA_CHECK( psa_generator_import_key( + derived_key_slot, + PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), + &generator ) ); + PSA_CHECK( psa_generator_abort( &generator ) ); + parent_key_slot = derived_key_slot; + } + +exit: + psa_generator_abort( &generator ); + return( status ); +} + +/* Derive a wrapping key from the last intermediate key. */ +static psa_status_t derive_wrapping_key( psa_key_usage_t usage ) +{ + psa_status_t status = PSA_SUCCESS; + psa_key_policy_t policy; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG ); + PSA_CHECK( psa_set_key_policy( wrapping_key_slot, &policy ) ); + + PSA_CHECK( psa_key_derivation( + &generator, + derived_key_slot, + KDF_ALG, + WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, + NULL, 0, + PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); + PSA_CHECK( psa_generator_import_key( + wrapping_key_slot, + PSA_KEY_TYPE_AES, + WRAPPING_KEY_BITS, + &generator ) ); + +exit: + psa_generator_abort( &generator ); + return( status ); +} + +static psa_status_t wrap_data( const char *input_file_name, + const char *output_file_name ) +{ + psa_status_t status; + FILE *input_file = NULL; + FILE *output_file = NULL; + long input_position; + size_t input_size; + size_t buffer_size; + unsigned char *buffer = NULL; + size_t ciphertext_size; + wrapped_data_header_t header; + + /* Find the size of the data to wrap. */ + SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); + SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 ); + SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 ); +#if LONG_MAX > SIZE_MAX + if( input_position > SIZE_MAX ) + { + mbedtls_printf( "Input file too large.\n" ); + status = DEMO_ERROR; + goto exit; + } +#endif + input_size = input_position; + buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size ); + /* Check for integer overflow. */ + if( buffer_size < input_size ) + { + mbedtls_printf( "Input file too large.\n" ); + status = DEMO_ERROR; + goto exit; + } + + /* Load the data to wrap. */ + SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 ); + SYS_CHECK( ( buffer = mbedtls_calloc( 1, buffer_size ) ) != NULL ); + SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size ); + SYS_CHECK( fclose( input_file ) == 0 ); + input_file = NULL; + + /* Construct a header. */ + memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH ); + header.ad_size = sizeof( header ); + header.payload_size = input_size; + + /* Wrap the data. */ + PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) ); + PSA_CHECK( psa_aead_encrypt( wrapping_key_slot, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof( header ), + buffer, input_size, + buffer, buffer_size, + &ciphertext_size ) ); + + /* Write the output. */ + SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); + SYS_CHECK( fwrite( &header, 1, sizeof( header ), + output_file ) == sizeof( header ) ); + SYS_CHECK( fwrite( buffer, 1, ciphertext_size, + output_file ) == ciphertext_size ); + SYS_CHECK( fclose( output_file ) == 0 ); + output_file = NULL; + +exit: + if( input_file != NULL ) + fclose( input_file ); + if( output_file != NULL ) + fclose( output_file ); + if( buffer != NULL ) + mbedtls_platform_zeroize( buffer, buffer_size ); + mbedtls_free( buffer ); + return( status ); +} + +static psa_status_t unwrap_data( const char *input_file_name, + const char *output_file_name ) +{ + psa_status_t status; + FILE *input_file = NULL; + FILE *output_file = NULL; + unsigned char *buffer = NULL; + size_t ciphertext_size; + size_t plaintext_size; + wrapped_data_header_t header; + unsigned char extra_byte; + + /* Load and validate the header. */ + SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); + SYS_CHECK( fread( &header, 1, sizeof( header ), + input_file ) == sizeof( header ) ); + if( memcmp( &header.magic, WRAPPED_DATA_MAGIC, + WRAPPED_DATA_MAGIC_LENGTH ) != 0 ) + { + mbedtls_printf( "The input does not start with a valid magic header.\n" ); + status = DEMO_ERROR; + goto exit; + } + if( header.ad_size != sizeof( header ) ) + { + mbedtls_printf( "The header size is not correct.\n" ); + status = DEMO_ERROR; + goto exit; + } + ciphertext_size = + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size ); + /* Check for integer overflow. */ + if( ciphertext_size < header.payload_size ) + { + mbedtls_printf( "Input file too large.\n" ); + status = DEMO_ERROR; + goto exit; + } + + /* Load the payload data. */ + SYS_CHECK( ( buffer = mbedtls_calloc( 1, ciphertext_size ) ) != NULL ); + SYS_CHECK( fread( buffer, 1, ciphertext_size, + input_file ) == ciphertext_size ); + if( fread( &extra_byte, 1, 1, input_file ) != 0 ) + { + mbedtls_printf( "Extra garbage after ciphertext\n" ); + status = DEMO_ERROR; + goto exit; + } + SYS_CHECK( fclose( input_file ) == 0 ); + input_file = NULL; + + /* Unwrap the data. */ + PSA_CHECK( psa_aead_decrypt( wrapping_key_slot, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof( header ), + buffer, ciphertext_size, + buffer, ciphertext_size, + &plaintext_size ) ); + if( plaintext_size != header.payload_size ) + { + mbedtls_printf( "Incorrect payload size in the header.\n" ); + status = DEMO_ERROR; + goto exit; + } + + /* Write the output. */ + SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); + SYS_CHECK( fwrite( buffer, 1, plaintext_size, + output_file ) == plaintext_size ); + SYS_CHECK( fclose( output_file ) == 0 ); + output_file = NULL; + +exit: + if( input_file != NULL ) + fclose( input_file ); + if( output_file != NULL ) + fclose( output_file ); + if( buffer != NULL ) + mbedtls_platform_zeroize( buffer, ciphertext_size ); + mbedtls_free( buffer ); + return( status ); +} + +static psa_status_t run( enum program_mode mode, + const char *key_file_name, + const char *ladder[], size_t ladder_depth, + const char *input_file_name, + const char *output_file_name ) +{ + psa_status_t status = PSA_SUCCESS; + + /* Initialize the PSA crypto library. */ + PSA_CHECK( psa_crypto_init( ) ); + + /* Generate mode is unlike the others. Generate the master key and exit. */ + if( mode == MODE_GENERATE ) + return( generate( key_file_name ) ); + + /* Read the master key. */ + PSA_CHECK( import_key_from_file( master_key_slot, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + KDF_ALG, + key_file_name ) ); + + /* Calculate the derived key for this session. */ + PSA_CHECK( derive_key_ladder( ladder, ladder_depth ) ); + + switch( mode ) + { + case MODE_SAVE: + PSA_CHECK( save_key( derived_key_slot, output_file_name ) ); + break; + case MODE_UNWRAP: + PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT ) ); + PSA_CHECK( unwrap_data( input_file_name, output_file_name ) ); + break; + case MODE_WRAP: + PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT ) ); + PSA_CHECK( wrap_data( input_file_name, output_file_name ) ); + break; + default: + /* Unreachable but some compilers don't realize it. */ + break; + } + +exit: + /* Deinitialize the PSA crypto library. */ + mbedtls_psa_crypto_free( ); + return( status ); +} + +static void usage( void ) +{ + mbedtls_printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" ); + mbedtls_printf( "Demonstrate the usage of a key derivation ladder.\n" ); + mbedtls_printf( "\n" ); + mbedtls_printf( "Modes:\n" ); + mbedtls_printf( " generate Generate the master key\n" ); + mbedtls_printf( " save Save the derived key\n" ); + mbedtls_printf( " unwrap Unwrap (decrypt) input with the derived key\n" ); + mbedtls_printf( " wrap Wrap (encrypt) input with the derived key\n" ); + mbedtls_printf( "\n" ); + mbedtls_printf( "Options:\n" ); + mbedtls_printf( " input=FILENAME Input file (required for wrap/unwrap)\n" ); + mbedtls_printf( " master=FILENAME File containing the master key (default: master.key)\n" ); + mbedtls_printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" ); + mbedtls_printf( " label=TEXT Label for the key derivation.\n" ); + mbedtls_printf( " This may be repeated multiple times.\n" ); + mbedtls_printf( " To get the same key, you must use the same master key\n" ); + mbedtls_printf( " and the same sequence of labels.\n" ); +} + +int main( int argc, char *argv[] ) +{ + char *key_file_name = "master.key"; + char *input_file_name = NULL; + char *output_file_name = NULL; + const char *ladder[MAX_LADDER_DEPTH]; + size_t ladder_depth = 0; + int i; + enum program_mode mode; + psa_status_t status; + + if( argc <= 1 || + strcmp( argv[1], "help" ) == 0 || + strcmp( argv[1], "-help" ) == 0 || + strcmp( argv[1], "--help" ) == 0 ) + { + usage( ); + return( MBEDTLS_EXIT_SUCCESS ); + } + + for( i = 2; i < argc; i++ ) + { + char *q = strchr( argv[i], '=' ); + if( q == NULL ) + { + mbedtls_printf( "Missing argument to option %s\n", argv[i] ); + goto usage_failure; + } + *q = 0; + ++q; + if( strcmp( argv[i], "input" ) == 0 ) + input_file_name = q; + else if( strcmp( argv[i], "label" ) == 0 ) + { + if( ladder_depth == MAX_LADDER_DEPTH ) + { + mbedtls_printf( "Maximum ladder depth %u exceeded.\n", + (unsigned) MAX_LADDER_DEPTH ); + return( MBEDTLS_EXIT_FAILURE ); + } + ladder[ladder_depth] = q; + ++ladder_depth; + } + else if( strcmp( argv[i], "master" ) == 0 ) + key_file_name = q; + else if( strcmp( argv[i], "output" ) == 0 ) + output_file_name = q; + else + { + mbedtls_printf( "Unknown option: %s\n", argv[i] ); + goto usage_failure; + } + } + + if( strcmp( argv[1], "generate" ) == 0 ) + mode = MODE_GENERATE; + else if( strcmp( argv[1], "save" ) == 0 ) + mode = MODE_SAVE; + else if( strcmp( argv[1], "unwrap" ) == 0 ) + mode = MODE_UNWRAP; + else if( strcmp( argv[1], "wrap" ) == 0 ) + mode = MODE_WRAP; + else + { + mbedtls_printf( "Unknown action: %s\n", argv[1] ); + goto usage_failure; + } + + if( input_file_name == NULL && + ( mode == MODE_WRAP || mode == MODE_UNWRAP ) ) + { + mbedtls_printf( "Required argument missing: input\n" ); + return( DEMO_ERROR ); + } + if( output_file_name == NULL && + ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) ) + { + mbedtls_printf( "Required argument missing: output\n" ); + return( DEMO_ERROR ); + } + + status = run( mode, key_file_name, + ladder, ladder_depth, + input_file_name, output_file_name ); + return( status == PSA_SUCCESS ? + MBEDTLS_EXIT_SUCCESS : + MBEDTLS_EXIT_FAILURE ); + +usage_failure: + usage( ); + return( MBEDTLS_EXIT_FAILURE ); +} +#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh new file mode 100755 index 000000000..2cec945f5 --- /dev/null +++ b/programs/psa/key_ladder_demo.sh @@ -0,0 +1,49 @@ +#!/bin/sh +set -e -u + +program="${0%/*}"/key_ladder_demo +files_to_clean= + +run () { + echo + echo "# $1" + shift + echo "+ $*" + "$@" +} + +if [ -e master.key ]; then + echo "# Reusing the existing master.key file." +else + files_to_clean="$files_to_clean master.key" + run "Generate a master key." \ + "$program" generate master=master.key +fi + +files_to_clean="$files_to_clean input.txt hello_world.wrap" +echo "Here is some input. See it wrapped." >input.txt +run "Derive a key and wrap some data with it." \ + "$program" wrap master=master.key label=hello label=world \ + input=input.txt output=hello_world.wrap + +files_to_clean="$files_to_clean hello_world.txt" +run "Derive the same key again and unwrap the data." \ + "$program" unwrap master=master.key label=hello label=world \ + input=hello_world.wrap output=hello_world.txt +run "Compare the unwrapped data with the original input." \ + cmp input.txt hello_world.txt + +files_to_clean="$files_to_clean hellow_orld.txt" +! run "Derive a different key and attempt to unwrap the data. This must fail." \ + "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld + +files_to_clean="$files_to_clean hello.key" +run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \ + "$program" save master=master.key label=hello \ + input=hello_world.wrap output=hello.key +run "Check that we get the same key by unwrapping data made by the other key." \ + "$program" unwrap master=hello.key label=world \ + input=hello_world.wrap output=hello_world.txt + +# Cleanup +rm -f $files_to_clean From 65731b8e08f8cc62e0fe3763c861ee474c07f19a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 18 Jul 2018 16:40:26 +0100 Subject: [PATCH 0437/2197] gitignore: Ignore Mbed Crypto exported files --- .gitignore | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.gitignore b/.gitignore index f40064d5b..2edbc997c 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,16 @@ massif-* # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those: *.dir/ + +# Exported Mbed Crypto files +crypto/LICENSE +crypto/VERSION.txt +crypto/include +crypto/library/*.c +crypto/library/libmbedcrypto* +crypto/scripts +crypto/tests/scripts +crypto/tests/suites +crypto/tests/test_suite* +crypto/programs/psa +mbedcrypto.tar.gz From edd768775f8b0d45b24d7693424e4fd9f4880712 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 20 Jul 2018 17:42:05 +0200 Subject: [PATCH 0438/2197] Fix doxygen warnings * Broken link #PSA_ALG_SHA_256 * Duplicate group name "generators" * Missing documentation in psa_generate_key_extra_rsa due to bad magic comment marker --- include/psa/crypto.h | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f282aa20b..4c615f0e1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -652,15 +652,25 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +/** SHA2-224 */ #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +/** SHA2-256 */ #define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +/** SHA2-384 */ #define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +/** SHA2-512 */ #define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +/** SHA2-512/224 */ #define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +/** SHA2-512/256 */ #define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +/** SHA3-224 */ #define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +/** SHA3-256 */ #define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +/** SHA3-384 */ #define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +/** SHA3-512 */ #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) @@ -2486,7 +2496,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, /**@}*/ -/** \defgroup generation Generators +/** \defgroup generators Generators * @{ */ @@ -2708,7 +2718,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, /**@}*/ -/** \defgroup generation Key generation +/** \defgroup random Random generation * @{ */ @@ -2740,7 +2750,7 @@ psa_status_t psa_generate_random(uint8_t *output, * parameter to psa_generate_key(). */ typedef struct { - uint32_t e; /**! Public exponent value. Default: 65537. */ + uint32_t e; /**< Public exponent value. Default: 65537. */ } psa_generate_key_extra_rsa; /** From 588e8cb94081a6da2dffa469874f42c38aa2d4e9 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 20 Jul 2018 13:27:58 +0100 Subject: [PATCH 0439/2197] Add psa headers to generate_visualc_files.pl --- scripts/generate_visualc_files.pl | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 811c71f47..488a5beb6 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -19,7 +19,8 @@ my $vsx_sln_tpl_file = "scripts/data_files/vs2010-sln-template.sln"; my $vsx_sln_file = "$vsx_dir/mbedTLS.sln"; my $programs_dir = 'programs'; -my $header_dir = 'include/mbedtls'; +my $mbedtls_header_dir = 'include/mbedtls'; +my $psa_header_dir = 'include/psa'; my $source_dir = 'library'; # Need windows line endings! @@ -53,7 +54,8 @@ exit( main() ); sub check_dirs { return -d $vsx_dir - && -d $header_dir + && -d $mbedtls_header_dir + && -d $psa_header_dir && -d $source_dir && -d $programs_dir; } @@ -131,9 +133,10 @@ sub gen_entry_list { } sub gen_main_file { - my ($headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_; + my ($mbedtls_headers, $psa_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_; - my $header_entries = gen_entry_list( $hdr_tpl, @$headers ); + my $header_entries = gen_entry_list( $hdr_tpl, @$mbedtls_headers ); + $header_entries .= gen_entry_list( $hdr_tpl, @$psa_headers ); my $source_entries = gen_entry_list( $src_tpl, @$sources ); my $out = slurp_file( $main_tpl ); @@ -187,14 +190,16 @@ sub main { del_vsx_files(); my @app_list = get_app_list(); - my @headers = <$header_dir/*.h>; + my @mbedtls_headers = <$mbedtls_header_dir/*.h>; + my @psa_headers = <$psa_header_dir/*.h>; my @sources = <$source_dir/*.c>; - map { s!/!\\!g } @headers; + map { s!/!\\!g } @mbedtls_headers; + map { s!/!\\!g } @psa_headers; map { s!/!\\!g } @sources; gen_app_files( @app_list ); - gen_main_file( \@headers, \@sources, + gen_main_file( \@mbedtls_headers, \@psa_headers, \@sources, $vsx_hdr_tpl, $vsx_src_tpl, $vsx_main_tpl_file, $vsx_main_file ); From 1692363b3ea4e7e473115e61c115be38a3531c64 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 20 Jul 2018 13:29:25 +0100 Subject: [PATCH 0440/2197] Add visualc files generated by generate_visualc_files.pl --- visualc/VS2010/crypto_examples.vcxproj | 174 ++++++++++++++++++++++ visualc/VS2010/key_ladder_demo.vcxproj | 174 ++++++++++++++++++++++ visualc/VS2010/mbedTLS.sln | 39 +++++ visualc/VS2010/mbedTLS.vcxproj | 6 +- visualc/VS2010/psa_constant_names.vcxproj | 174 ++++++++++++++++++++++ 5 files changed, 565 insertions(+), 2 deletions(-) create mode 100644 visualc/VS2010/crypto_examples.vcxproj create mode 100644 visualc/VS2010/key_ladder_demo.vcxproj create mode 100644 visualc/VS2010/psa_constant_names.vcxproj diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj new file mode 100644 index 000000000..9ca6b6485 --- /dev/null +++ b/visualc/VS2010/crypto_examples.vcxproj @@ -0,0 +1,174 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {020C31BD-C4DF-BABA-E537-F517C4E98537} + Win32Proj + crypto_examples + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + Windows7.1SDK + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj new file mode 100644 index 000000000..80914ffbe --- /dev/null +++ b/visualc/VS2010/key_ladder_demo.vcxproj @@ -0,0 +1,174 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {778777A0-393D-45E8-83C1-EAF487236F1F} + Win32Proj + key_ladder_demo + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + Windows7.1SDK + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 66b96c3a3..32c86c09b 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -123,6 +123,21 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify_pss", "rsa_verif {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypto_examples", "crypto_examples.vcxproj", "{020C31BD-C4DF-BABA-E537-F517C4E98537}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_ladder_demo", "key_ladder_demo.vcxproj", "{778777A0-393D-45E8-83C1-EAF487236F1F}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_constant_names.vcxproj", "{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -451,6 +466,30 @@ Global {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.Build.0 = Release|Win32 {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.ActiveCfg = Release|x64 {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.Build.0 = Release|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.ActiveCfg = Debug|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.Build.0 = Debug|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.ActiveCfg = Debug|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.Build.0 = Debug|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.ActiveCfg = Release|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.Build.0 = Release|Win32 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.ActiveCfg = Release|x64 + {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.Build.0 = Release|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.ActiveCfg = Debug|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.Build.0 = Debug|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.ActiveCfg = Debug|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.Build.0 = Debug|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.ActiveCfg = Release|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.Build.0 = Release|Win32 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.ActiveCfg = Release|x64 + {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.Build.0 = Release|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.ActiveCfg = Debug|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.Build.0 = Debug|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.ActiveCfg = Debug|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.Build.0 = Debug|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.ActiveCfg = Release|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64 + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64 {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 2c569e52d..4d8b92af1 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -225,8 +225,10 @@ - + + + @@ -283,8 +285,8 @@ - + diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj new file mode 100644 index 000000000..2618c7c0a --- /dev/null +++ b/visualc/VS2010/psa_constant_names.vcxproj @@ -0,0 +1,174 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {A0BAD8F0-69B5-8382-86ED-C36ACBE54117} + Win32Proj + psa_constant_names + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + Windows7.1SDK + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + ../../include + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + From 13a61f705e21ab346c7f5c33e30ad5cee416c783 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 11:54:24 +0100 Subject: [PATCH 0441/2197] Add psa header files to yotta build --- yotta/create-module.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/yotta/create-module.sh b/yotta/create-module.sh index 4c79ebe51..a7845faa2 100755 --- a/yotta/create-module.sh +++ b/yotta/create-module.sh @@ -20,8 +20,9 @@ fi TMP=$DEST-tmp rm -rf $TMP -mkdir -p $TMP/mbedtls $TMP/source +mkdir -p $TMP/mbedtls $TMP/psa $TMP/source cp $TREE/include/mbedtls/*.h $TMP/mbedtls +cp $TREE/include/psa/*.h $TMP/psa cp $TREE/library/*.c $TMP/source # temporary, should depend on external module later From 9c862253cc146d029b1ae2824f93eb2e9b9124df Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 12:52:44 +0100 Subject: [PATCH 0442/2197] Add handling for zero-length buffers in tests The buffer can be NULL if the length is zero, so we only check it's not NULL if the length is nonzero --- tests/suites/test_suite_psa_crypto.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2e0804bf5..65a0365ba 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -532,11 +532,11 @@ void import_export( data_t *data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); export_size = (ptrdiff_t) data->len + export_size_delta; exported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( exported != NULL ); + TEST_ASSERT( export_size == 0 || exported != NULL ); if( ! canonical_input ) { reexported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( reexported != NULL ); + TEST_ASSERT( export_size == 0 || reexported != NULL ); } TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2343,7 +2343,7 @@ void asymmetric_encrypt( int key_type_arg, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + TEST_ASSERT( output_size == 0 || output != NULL ); /* Encrypt the input */ actual_status = psa_asymmetric_encrypt( slot, alg, @@ -2946,7 +2946,7 @@ void generate_random( int bytes_arg ) unsigned run; TEST_ASSERT( output != NULL ); - TEST_ASSERT( changed != NULL ); + TEST_ASSERT( bytes == 0 || changed != NULL ); memcpy( output + bytes, trail, sizeof( trail ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); From 77b33b29265b8266a683014041dda45142a228ec Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 15:29:42 +0100 Subject: [PATCH 0443/2197] Add missing dependencies on MBEDTLS_SHA256_C --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 894317e32..337b44fc2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -694,7 +694,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size @@ -742,7 +742,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature From 5cc689a821b86ca249d613ee58d621ab3e1748ac Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 15:34:10 +0100 Subject: [PATCH 0444/2197] Add handling for (sometimes) unused parameters --- library/psa_crypto.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 210fa5ff4..94f6b1776 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2164,6 +2164,12 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; + (void) input; + (void) input_length; + (void) salt; + (void) output; + (void) output_size; + *output_length = 0; if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) @@ -2238,6 +2244,12 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; + (void) input; + (void) input_length; + (void) salt; + (void) output; + (void) output_size; + *output_length = 0; if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) From efb52d53bf17d0d235d9ba0177bc4391cfce531f Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 15:41:49 +0100 Subject: [PATCH 0445/2197] Add missing dependency on MBEDTLS_PKCS1_V15 --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 337b44fc2..91b5b7248 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -674,7 +674,7 @@ PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise: ECP SECP256R1 keypair, ECDSA From 8f8aa8f9311d8ff058ec70e63de6762eb6d827ce Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 15:44:51 +0100 Subject: [PATCH 0446/2197] Add ifdef for MBEDTLS_ECP_C around ecc_group_to_psa functions These are unused if MBEDTLS_ECP_C isn't defined. --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 94f6b1776..75c7ea8a5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -411,6 +411,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, /* Key management */ /****************************************************************/ +#if defined(MBEDTLS_ECP_C) static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) { switch( grpid ) @@ -480,6 +481,7 @@ static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve ) return( MBEDTLS_ECP_DP_NONE ); } } +#endif /* defined(MBEDTLS_ECP_C) */ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, size_t bits, From 10ccc641acbc03b17c6e17fac9ebf710a034c5b6 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 16:30:56 +0100 Subject: [PATCH 0447/2197] Add missing dependencies on MBEDTLS_ECDSA_C --- tests/suites/test_suite_psa_crypto.data | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 91b5b7248..47a8f0c42 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -694,7 +694,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size @@ -710,7 +710,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash @@ -738,11 +738,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature @@ -774,19 +774,19 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" PSA verify: ECDSA SECP256R1, good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify with keypair: ECDSA SECP256R1, good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature of correct size -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA encrypt: RSA PKCS#1 v1.5, good From cab5494b122012ba4360929440f8c137b637449f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 25 Jul 2018 13:26:13 +0100 Subject: [PATCH 0448/2197] psa: Add license header to crypto.h --- include/psa/crypto.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4c615f0e1..0ba34929b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2,6 +2,22 @@ * \file psa/crypto.h * \brief Platform Security Architecture cryptography module */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ #ifndef PSA_CRYPTO_H #define PSA_CRYPTO_H From 9e2d7a09f1c2db2e42fdf5877932768e230bd9b3 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 24 Jul 2018 16:33:30 +0100 Subject: [PATCH 0449/2197] Add ifdefs for psa_internal_export_key function MBEDTLS_PK_WRITE_C only requires either MBEDTLS_RSA_C or MBEDTLS_ECP_C to be defined. Added wrappers to handle the cases where only one has been defined. Moved mbedtls_pk_init to be within the ifdefs, so it's only called if appropriate. --- include/psa/crypto.h | 1 + library/psa_crypto.c | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9f0b13541..896235b35 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1174,6 +1174,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * \retval #PSA_SUCCESS * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 75c7ea8a5..959b9ecc4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -787,16 +787,25 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, { mbedtls_pk_context pk; int ret; - mbedtls_pk_init( &pk ); if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { +#if defined(MBEDTLS_RSA_C) + mbedtls_pk_init( &pk ); pk.pk_info = &mbedtls_rsa_info; pk.pk_ctx = slot->data.rsa; +#else + return( PSA_ERROR_NOT_SUPPORTED ); +#endif } else { +#if defined(MBEDTLS_ECP_C) + mbedtls_pk_init( &pk ); pk.pk_info = &mbedtls_eckey_info; pk.pk_ctx = slot->data.ecp; +#else + return( PSA_ERROR_NOT_SUPPORTED ); +#endif } if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); From 8800136156816ac3d0313751eb6942a73fede607 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 26 Jul 2018 13:59:04 +0100 Subject: [PATCH 0450/2197] Fix key parameter in psa_key_derivation to use correct type --- include/psa/crypto.h | 2 +- library/psa_crypto.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0ba34929b..9f0b13541 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2724,7 +2724,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, - psa_key_type_t key, + psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a62fac7b1..210fa5ff4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3257,7 +3257,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, } psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, - psa_key_type_t key, + psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, From 80bed236dee9885c43feb75292757b938acbd55f Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 26 Jul 2018 13:03:38 +0100 Subject: [PATCH 0451/2197] Change psa_structs to use unsigned ints These structs are using bitfields of length one, which can only represent 0 and -1 for signed ints. Changing these to unsigned int lets them represent 0 and 1, which is what we want. --- include/psa/crypto_struct.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index baf5b1495..e38a9bfba 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -98,11 +98,11 @@ typedef struct struct psa_mac_operation_s { psa_algorithm_t alg; - int key_set : 1; - int iv_required : 1; - int iv_set : 1; - int has_input : 1; - int is_sign : 1; + unsigned int key_set : 1; + unsigned int iv_required : 1; + unsigned int iv_set : 1; + unsigned int has_input : 1; + unsigned int is_sign : 1; uint8_t mac_size; union { @@ -119,9 +119,9 @@ struct psa_mac_operation_s struct psa_cipher_operation_s { psa_algorithm_t alg; - int key_set : 1; - int iv_required : 1; - int iv_set : 1; + unsigned int key_set : 1; + unsigned int iv_required : 1; + unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; union From c32f0304db583e166a71370e744251b8d7445cad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Aug 2018 16:02:11 +0200 Subject: [PATCH 0452/2197] Fix bad key type constant that worked by accident --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 04c1c7982..310df38f4 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1128,7 +1128,7 @@ exit: void key_lifetime( int lifetime_arg ) { int key_slot = 1; - psa_key_type_t key_type = PSA_ALG_CBC_BASE; + psa_key_type_t key_type = PSA_KEY_TYPE_RAW_DATA; unsigned char key[32] = {0}; psa_key_lifetime_t lifetime_set = lifetime_arg; psa_key_lifetime_t lifetime_get; From 78b3bb670da616b206fb1d9be1a28674deea95ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Aug 2018 16:03:41 +0200 Subject: [PATCH 0453/2197] Change the bitwise encoding of key type categories There were only 5 categories (now 4). Reduce the category mask from 7 bits to 3. Combine unformatted, not-necessarily-uniform keys (HMAC, derivation) with raw data. Reintroduce a KEY_TYPE_IS_UNSTRUCTURED macro (which used to exist under the name KEY_TYPE_IS_RAW_DATA macro) for key types that don't have any structure, including both should-be-uniform keys (such as block cipher and stream cipher keys) and not-necessarily-uniform keys (such as HMAC keys and secrets for key derivation). --- include/psa/crypto.h | 82 +++++++++++++++++++++++++++++--------------- library/psa_crypto.c | 4 +-- 2 files changed, 56 insertions(+), 30 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6d3132283..55c0c0413 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -360,17 +360,19 @@ typedef uint32_t psa_key_type_t; */ #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7e000000) +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) + +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) /** Raw data. * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x02000000) - -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x04000000) -#define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC ((psa_key_type_t)0x06000000) -#define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x01000000) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) /** HMAC key. * @@ -380,21 +382,21 @@ typedef uint32_t psa_key_type_t; * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_SIZE(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x02000001) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x02000101) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x04000001) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -405,30 +407,30 @@ typedef uint32_t psa_key_type_t; * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x04000002) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) /** Key for an cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x04000003) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x04000004) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) /** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x06010000) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x07010000) +#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000) /** DSA public key. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x06020000) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) /** DSA key pair (private and public key). */ -#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x07020000) +#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x06030000) -#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x07030000) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) +#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) /** Elliptic curve key pair. */ #define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ @@ -441,24 +443,50 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) +/** Whether a key type is an unstructured array of bytes. + * + * This encompasses both symmetric keys and non-key data. + */ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + /** Whether a key type is asymmetric: either a key pair or a public key. */ #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) + (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ + & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ + PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is the public part of a key pair. */ #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ - PSA_KEY_TYPE_CATEGORY_ASYMMETRIC) + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is a key pair containing a private part and a public * part. */ #define PSA_KEY_TYPE_IS_KEYPAIR(type) \ - (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \ - (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG)) -/** The key pair type corresponding to a public key type. */ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +/** The key pair type corresponding to a public key type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding key pair type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ - ((type) | PSA_KEY_TYPE_PAIR_FLAG) -/** The public key type corresponding to a key pair type. */ + ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) +/** The public key type corresponding to a key pair type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding public key type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ - ((type) & ~PSA_KEY_TYPE_PAIR_FLAG) + ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 316acbe64..dfbb6800f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -135,9 +135,7 @@ typedef struct static int key_type_is_raw_bytes( psa_key_type_t type ) { - psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK; - return( category == PSA_KEY_TYPE_RAW_DATA || - category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); + return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ); } typedef struct From e8779747947f0fd3ae5187d3cbe746b77ddd33f7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Aug 2018 16:10:56 +0200 Subject: [PATCH 0454/2197] Move key type feature test macros to a more logical place --- include/psa/crypto.h | 104 +++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 55c0c0413..8a76a2151 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -368,6 +368,58 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) +/** Whether a key type is vendor-defined. */ +#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ + (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) + +/** Whether a key type is an unstructured array of bytes. + * + * This encompasses both symmetric keys and non-key data. + */ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + +/** Whether a key type is asymmetric: either a key pair or a public key. */ +#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ + & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ + PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is the public part of a key pair. */ +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is a key pair containing a private part and a public + * part. */ +#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +/** The key pair type corresponding to a public key type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding key pair type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ + ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) +/** The public key type corresponding to a key pair type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding public key type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ + ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) +/** Whether a key type is an RSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_RSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + /** Raw data. * * A "key" of this type cannot be used for any cryptographic operation. @@ -439,58 +491,6 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) -/** Whether a key type is vendor-defined. */ -#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ - (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) - -/** Whether a key type is an unstructured array of bytes. - * - * This encompasses both symmetric keys and non-key data. - */ -#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ - PSA_KEY_TYPE_CATEGORY_SYMMETRIC) - -/** Whether a key type is asymmetric: either a key pair or a public key. */ -#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ - & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ - PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) -/** Whether a key type is the public part of a key pair. */ -#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) -/** Whether a key type is a key pair containing a private part and a public - * part. */ -#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) -/** The key pair type corresponding to a public key type. - * - * You may also pass a key pair type as \p type, it will be left unchanged. - * - * \param type A public key type or key pair type. - * - * \return The corresponding key pair type. - * If \p type is not a public key or a key pair, - * the return value is undefined. - */ -#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ - ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) -/** The public key type corresponding to a key pair type. - * - * You may also pass a key pair type as \p type, it will be left unchanged. - * - * \param type A public key type or key pair type. - * - * \return The corresponding public key type. - * If \p type is not a public key or a key pair, - * the return value is undefined. - */ -#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ - ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) -/** Whether a key type is an RSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) - /** Whether a key type is an elliptic curve key (pair or public-only). */ #define PSA_KEY_TYPE_IS_ECC(type) \ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ From 4e1e9beb56f711b01812b50a9c3282445d9ac578 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Aug 2018 18:57:40 +0200 Subject: [PATCH 0455/2197] Define the encoding of ECC and DSA keys --- include/psa/crypto.h | 114 ++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 106 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8a76a2151..837f737c3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1187,10 +1187,50 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * - For Triple-DES, the format is the concatenation of the * two or three DES keys. * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format - * is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017) - * as RSAPrivateKey. - * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format - * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. + * is the non-encrypted DER encoding of the representation defined by + * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0. + * ``` + * RSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * } + * ``` + * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format + * is the non-encrypted DER encoding of the representation used by + * OpenSSL and OpenSSH, which the following ASN.1 structure: + * ``` + * DSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * prime INTEGER, -- p + * subprime INTEGER, -- q + * generator INTEGER, -- g + * public INTEGER, -- y + * private INTEGER, -- x + * } + * ``` + * - For elliptic curve key pairs (key types for which + * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is the + * non-encrypted DER encoding of the representation defined by RFC 5915 as + * `ECPrivateKey`, version 1. + * ``` + * ECPrivateKey ::= SEQUENCE { + * version INTEGER, -- must be 1 + * privateKey OCTET STRING, + * -- `ceiling(log_{256}(n))`-byte string, big endian, + * -- where n is the order of the curve. + * parameters ECParameters {{ NamedCurve }}, -- mandatory + * publicKey BIT STRING -- mandatory + * } + * ``` + * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is + * true), the format is the same as for psa_export_public_key(). * * \param key Slot whose content is to be exported. This must * be an occupied key slot. @@ -1218,11 +1258,69 @@ psa_status_t psa_export_key(psa_key_slot_t key, * The output of this function can be passed to psa_import_key() to * create an object that is equivalent to the public key. * - * For standard key types, the output format is as follows: + * The format is the DER representation defined by RFC 5280 as + * `SubjectPublicKeyInfo`, with the `subjectPublicKey` format + * specified below. + * ``` + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + * ``` * - * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY), - * the format is the DER representation of the public key defined by RFC 5280 - * as SubjectPublicKeyInfo. + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), + * the `subjectPublicKey` format is defined by RFC 3279 §2.3.1 as + * `RSAPublicKey`, + * with the OID `rsaEncryption`, + * and with the parameters `NULL`. + * ``` + * pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) + * rsadsi(113549) pkcs(1) 1 } + * rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } + * + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * ``` + * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), + * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as + * `DSAPublicKey`, + * with the OID `id-dsa`, + * and with the parameters `DSS-Parms`. + * ``` + * id-dsa OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 } + * + * Dss-Parms ::= SEQUENCE { + * p INTEGER, + * q INTEGER, + * g INTEGER } + * DSAPublicKey ::= INTEGER -- public key, Y + * ``` + * - For elliptic curve public keys (key types for which + * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), + * the `subjectPublicKey` format is defined by RFC 3279 §2.3.5 as + * `ECPoint`, which is an OCTET STRING containing the uncompressed + * representation defined by SEC1 §2.3.3. + * The OID is `id-ecPublicKey`, + * and the parameters must be given as a `namedCurve`. + * ``` + * ansi-X9-62 OBJECT IDENTIFIER ::= + * { iso(1) member-body(2) us(840) 10045 } + * id-public-key-type OBJECT IDENTIFIER ::= { ansi-X9.62 2 } + * id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 } + * + * ECPoint ::= OCTET STRING + * -- first byte: 0x04; + * -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian; + * -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian, + * -- where n is the order of the curve. + * + * EcpkParameters ::= CHOICE { -- other choices are not allowed + * namedCurve OBJECT IDENTIFIER } + * ``` * * \param key Slot whose content is to be exported. This must * be an occupied key slot. From 1be949b8461474f113c6fe2ef249cec8be6455d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Aug 2018 19:06:59 +0200 Subject: [PATCH 0456/2197] New macro PSA_KEY_EXPORT_MAX_SIZE Sufficient buffer size for psa_export_key() and psa_export_public_key(). --- include/psa/crypto.h | 14 +++ include/psa/crypto_sizes.h | 209 +++++++++++++++++++++++++++++++++++++ 2 files changed, 223 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 837f737c3..87f2d60b7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1243,6 +1243,12 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p data buffer is too small. You can determine a + * sufficient buffer size by calling + * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits) + * where \c type is the key type + * and \c bits is the key size in bits. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -1332,6 +1338,14 @@ psa_status_t psa_export_key(psa_key_slot_t key, * \retval #PSA_SUCCESS * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key is neither a public key nor a key pair. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p data buffer is too small. You can determine a + * sufficient buffer size by calling + * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(\c type), \c bits) + * where \c type is the key type + * and \c bits is the key size in bits. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index ab5b17e19..bc8edc612 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -305,4 +305,213 @@ PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ 0) +/* Maximum size of the ASN.1 encoding of an INTEGER with the specified + * number of bits. + * + * This definition assumes that bits <= 2^19 - 9 so that the length field + * is at most 3 bytes. The length of the encoding is the length of the + * bit string padded to a whole number of bytes plus: + * - 1 type byte; + * - 1 to 3 length bytes; + * - 0 to 1 bytes of leading 0 due to the sign bit. + */ +#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \ + ((bits) / 8 + 5) + +/* Maximum size of the export encoding of an RSA public key. + * Assumes that the public exponent is less than 2^32. + * + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } -- contains RSAPublicKey + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters NULL } + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * + * - 3 * 4 bytes of SEQUENCE overhead; + * - 1 + 1 + 9 bytes of algorithm (RSA OID); + * - 2 bytes of NULL; + * - 4 bytes of BIT STRING overhead; + * - n : INTEGER; + * - 7 bytes for the public exponent. + */ +#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 36) + +/* Maximum size of the export encoding of an RSA key pair. + * Assumes thatthe public exponent is less than 2^32 and that the size + * difference between the two primes is at most 1 bit. + * + * RSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * modulus INTEGER, -- N-bit + * publicExponent INTEGER, -- 32-bit + * privateExponent INTEGER, -- N-bit + * prime1 INTEGER, -- N/2-bit + * prime2 INTEGER, -- N/2-bit + * exponent1 INTEGER, -- N/2-bit + * exponent2 INTEGER, -- N/2-bit + * coefficient INTEGER, -- N/2-bit + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 3 bytes of version; + * - 7 half-size INTEGERs plus 2 full-size INTEGERs, + * overapproximated as 9 half-size INTEGERS; + * - 7 bytes for the public exponent. + */ +#define PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) \ + (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14) + +/* Maximum size of the export encoding of a DSA public key. + * + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } -- contains DSAPublicKey + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters Dss-Parms } -- SEQUENCE of 3 INTEGERs + * DSAPublicKey ::= INTEGER -- public key, Y + * + * - 3 * 4 bytes of SEQUENCE overhead; + * - 1 + 1 + 7 bytes of algorithm (DSA OID); + * - 4 bytes of BIT STRING overhead; + * - 3 full-size INTEGERs (p, g, y); + * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits). + */ +#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59) + +/* Maximum size of the export encoding of a DSA key pair. + * + * DSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * prime INTEGER, -- p + * subprime INTEGER, -- q + * generator INTEGER, -- g + * public INTEGER, -- y + * private INTEGER, -- x + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 3 bytes of version; + * - 3 full-size INTEGERs (p, g, y); + * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits). + */ +#define PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) \ + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75) + +/* Maximum size of the export encoding of an ECC public key. + * + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } -- contains ECPoint + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters OBJECT IDENTIFIER } -- namedCurve + * ECPoint ::= OCTET STRING + * -- first byte: 0x04; + * -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian; + * -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian, + * -- where n is the order of the curve. + * + * - 2 * 4 bytes of SEQUENCE overhead; + * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID); + * - 1 + 1 + 12 bytes of namedCurve OID; + * - 4 bytes of BIT STRING overhead; + * - 1 byte + 2 * point size in ECPoint. + */ +#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (2 * PSA_BITS_TO_BYTES(key_bits) + 36) + +/* Maximum size of the export encoding of an ECC key pair. + * + * ECPrivateKey ::= SEQUENCE { + * version INTEGER, -- must be 1 + * privateKey OCTET STRING, + * -- `ceiling(log_{256}(n))`-byte string, big endian, + * -- where n is the order of the curve. + * parameters ECParameters {{ NamedCurve }}, -- mandatory + * publicKey BIT STRING -- mandatory + * } + * + * - 4 bytes of SEQUENCE overhead; + * - 1 * point size in privateKey + * - 1 + 1 + 12 bytes of namedCurve OID; + * - 4 bytes of BIT STRING overhead; + * - public key as for #PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE. + */ +#define PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) \ + (3 * PSA_BITS_TO_BYTES(key_bits) + 56) + +/** Safe output buffer size for psa_export_key() or psa_export_public_key(). + * + * This macro returns a compile-time constant if its arguments are + * compile-time constants. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * The following code illustrates how to allocate enough memory to export + * a key by querying the key type and size at runtime. + * \code{c} + * psa_key_type_t key_type; + * size_t key_bits; + * psa_status_t status; + * status = psa_get_key_information(key, &key_type, &key_bits); + * if (status != PSA_SUCCESS) handle_error(...); + * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits); + * unsigned char *buffer = malloc(buffer_size); + * if (buffer != NULL) handle_error(...); + * size_t buffer_length; + * status = psa_export_key(key, buffer, buffer_size, &buffer_length); + * if (status != PSA_SUCCESS) handle_error(...); + * \endcode + * + * For psa_export_public_key(), calculate the buffer size from the + * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR + * to convert a key pair type to the corresponding public key type. + * \code{c} + * psa_key_type_t key_type; + * size_t key_bits; + * psa_status_t status; + * status = psa_get_key_information(key, &key_type, &key_bits); + * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(key_type); + * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); + * unsigned char *buffer = malloc(buffer_size); + * if (buffer != NULL) handle_error(...); + * size_t buffer_length; + * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); + * if (status != PSA_SUCCESS) handle_error(...); + * \endcode + * + * \param key_type A supported key type. + * \param key_bits The size of the key in bits. + * \param alg The signature algorithm. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_asymmetric_sign() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_KEYPAIR ? PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_KEYPAIR ? PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_KEYPAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ + 0) + #endif /* PSA_CRYPTO_SIZES_H */ From d14664a79b40e0497d919bf73ed4c4cd327a3026 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Aug 2018 19:07:32 +0200 Subject: [PATCH 0457/2197] Move export key sanity check from generate to exercise Move the code to perform sanity checks on the exported key from generate_key to exercise_key. This way the sanity checks can be performed after importing or deriving a key as well. In addition to checking the exported key if its usage allows it, check the exported public key if the key is asymmetric. --- tests/suites/test_suite_psa_crypto.function | 236 +++++++++++++------- 1 file changed, 154 insertions(+), 82 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 310df38f4..317475041 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -393,6 +393,156 @@ exit: return( 0 ); } +int exported_key_sanity_check( psa_key_type_t type, size_t bits, + uint8_t *exported, size_t exported_length ) +{ + if( key_type_is_raw_bytes( type ) ) + TEST_ASSERT( exported_length == ( bits + 7 ) / 8 ); + +#if defined(MBEDTLS_DES_C) + if( type == PSA_KEY_TYPE_DES ) + { + /* Check the parity bits. */ + unsigned i; + for( i = 0; i < bits / 8; i++ ) + { + unsigned bit_count = 0; + unsigned m; + for( m = 1; m <= 0x100; m <<= 1 ) + { + if( exported[i] & m ) + ++bit_count; + } + TEST_ASSERT( bit_count % 2 != 0 ); + } + } +#endif + +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) + if( type == PSA_KEY_TYPE_RSA_KEYPAIR ) + { + /* Sanity check: does this look like the beginning of a PKCS#8 + * RSA key pair? Assumes bits is a multiple of 8. */ + size_t n_bytes = bits / 8 + 1; + size_t n_encoded_bytes; + unsigned char *n_end; + TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 ); + TEST_ASSERT( exported[0] == 0x30 ); + TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key + TEST_ASSERT( exported[4] == 0x02 ); + TEST_ASSERT( exported[5] == 0x01 ); + TEST_ASSERT( exported[6] == 0x00 ); + TEST_ASSERT( exported[7] == 0x02 ); + n_encoded_bytes = exported[8]; + n_end = exported + 9 + n_encoded_bytes; + if( n_encoded_bytes & 0x80 ) + { + n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7; + n_encoded_bytes |= exported[9] & 0x7f; + n_end += 1; + } + /* The encoding of n should start with a 0 byte since it should + * have its high bit set. However Mbed TLS is not compliant and + * generates an invalid, but widely tolerated, encoding of + * positive INTEGERs with a bit size that is a multiple of 8 + * with no leading 0 byte. Accept this here. */ + TEST_ASSERT( n_bytes == n_encoded_bytes || + n_bytes == n_encoded_bytes + 1 ); + if( n_bytes == n_encoded_bytes ) + TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 ); + /* Sanity check: e must be 3 */ + TEST_ASSERT( n_end[0] == 0x02 ); + TEST_ASSERT( n_end[1] == 0x03 ); + TEST_ASSERT( n_end[2] == 0x01 ); + TEST_ASSERT( n_end[3] == 0x00 ); + TEST_ASSERT( n_end[4] == 0x01 ); + TEST_ASSERT( n_end[5] == 0x02 ); + } +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) + { + /* Sanity check: does this look like the beginning of a PKCS#8 + * elliptic curve key pair? */ + TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 ); + TEST_ASSERT( exported[0] == 0x30 ); + } +#endif /* MBEDTLS_ECP_C */ + + return( 0 ); + +exit: + return( 1 ); +} + +static int exercise_export_key( psa_key_slot_t slot, + psa_key_usage_t usage ) +{ + psa_key_type_t type; + size_t bits; + uint8_t *exported = NULL; + size_t exported_size = 0; + size_t exported_length = 0; + int ok = 0; + + if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 ) + { + TEST_ASSERT( psa_export_key( slot, NULL, 0, &exported_length ) == + PSA_ERROR_NOT_PERMITTED ); + return( 1 ); + } + + TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS ); + exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); + exported = mbedtls_calloc( 1, exported_size ); + TEST_ASSERT( exported != NULL ); + + TEST_ASSERT( psa_export_key( slot, + exported, exported_size, + &exported_length ) == PSA_SUCCESS ); + ok = exported_key_sanity_check( type, bits, exported, exported_length ); + +exit: + mbedtls_free( exported ); + return( ok ); +} + +static int exercise_export_public_key( psa_key_slot_t slot ) +{ + psa_key_type_t type; + psa_key_type_t public_type; + size_t bits; + uint8_t *exported = NULL; + size_t exported_size = 0; + size_t exported_length = 0; + int ok = 0; + + TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS ); + if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) + { + TEST_ASSERT( psa_export_public_key( slot, + NULL, 0, &exported_length ) == + PSA_ERROR_INVALID_ARGUMENT ); + return( 1 ); + } + + public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); + exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ); + exported = mbedtls_calloc( 1, exported_size ); + TEST_ASSERT( exported != NULL ); + + TEST_ASSERT( psa_export_public_key( slot, + exported, exported_size, + &exported_length ) == PSA_SUCCESS ); + ok = exported_key_sanity_check( public_type, bits, + exported, exported_length ); + +exit: + mbedtls_free( exported ); + return( ok ); +} + static int exercise_key( psa_key_slot_t slot, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -421,6 +571,10 @@ static int exercise_key( psa_key_slot_t slot, test_fail( message, __LINE__, __FILE__ ); ok = 0; } + + ok = ok && exercise_export_key( slot, usage ); + ok = ok && exercise_export_public_key( slot ); + return( ok ); } @@ -3056,10 +3210,6 @@ void generate_key( int type_arg, psa_status_t expected_status = expected_status_arg; psa_key_type_t got_type; size_t got_bits; - unsigned char exported[616] = {0}; /* enough for a 1024-bit RSA key */ - size_t exported_length; - psa_status_t expected_export_status = - usage & PSA_KEY_USAGE_EXPORT ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED; psa_status_t expected_info_status = expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT; psa_key_policy_t policy; @@ -3083,84 +3233,6 @@ void generate_key( int type_arg, TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == bits ); - /* Export the key */ - TEST_ASSERT( psa_export_key( slot, - exported, sizeof( exported ), - &exported_length ) == expected_export_status ); - if( expected_export_status == PSA_SUCCESS ) - { - if( key_type_is_raw_bytes( type ) ) - TEST_ASSERT( exported_length == ( bits + 7 ) / 8 ); -#if defined(MBEDTLS_DES_C) - if( type == PSA_KEY_TYPE_DES ) - { - /* Check the parity bits. */ - unsigned i; - for( i = 0; i < bits / 8; i++ ) - { - unsigned bit_count = 0; - unsigned m; - for( m = 1; m <= 0x100; m <<= 1 ) - { - if( exported[i] & m ) - ++bit_count; - } - TEST_ASSERT( bit_count % 2 != 0 ); - } - } -#endif -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_KEYPAIR ) - { - /* Sanity check: does this look like the beginning of a PKCS#8 - * RSA key pair? Assumes bits is a multiple of 8. */ - size_t n_bytes = bits / 8 + 1; - size_t n_encoded_bytes; - unsigned char *n_end; - TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 ); - TEST_ASSERT( exported[0] == 0x30 ); - TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key - TEST_ASSERT( exported[4] == 0x02 ); - TEST_ASSERT( exported[5] == 0x01 ); - TEST_ASSERT( exported[6] == 0x00 ); - TEST_ASSERT( exported[7] == 0x02 ); - n_encoded_bytes = exported[8]; - n_end = exported + 9 + n_encoded_bytes; - if( n_encoded_bytes & 0x80 ) - { - n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7; - n_encoded_bytes |= exported[9] & 0x7f; - n_end += 1; - } - /* The encoding of n should start with a 0 byte since it should - * have its high bit set. However Mbed TLS is not compliant and - * generates an invalid, but widely tolerated, encoding of - * positive INTEGERs with a bit size that is a multiple of 8 - * with no leading 0 byte. Accept this here. */ - TEST_ASSERT( n_bytes == n_encoded_bytes || - n_bytes == n_encoded_bytes + 1 ); - if( n_bytes == n_encoded_bytes ) - TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 ); - /* Sanity check: e must be 3 */ - TEST_ASSERT( n_end[0] == 0x02 ); - TEST_ASSERT( n_end[1] == 0x03 ); - TEST_ASSERT( n_end[2] == 0x01 ); - TEST_ASSERT( n_end[3] == 0x00 ); - TEST_ASSERT( n_end[4] == 0x01 ); - TEST_ASSERT( n_end[5] == 0x02 ); - } -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - /* Sanity check: does this look like the beginning of a PKCS#8 - * elliptic curve key pair? */ - TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 ); - TEST_ASSERT( exported[0] == 0x30 ); - } -#endif /* MBEDTLS_ECP_C */ - } - /* Do something with the key according to its type and permitted usage. */ if( ! exercise_key( slot, usage, alg ) ) goto exit; From 4f6c77b0a9f4534b52c67b3416cc34d290ad9b5f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 11 Aug 2018 01:17:53 +0200 Subject: [PATCH 0458/2197] fixup format spec --- include/psa/crypto.h | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 87f2d60b7..3f8cb44c9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1191,7 +1191,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0. * ``` * RSAPrivateKey ::= SEQUENCE { - * version Version, -- 0 + * version INTEGER, -- must be 0 * modulus INTEGER, -- n * publicExponent INTEGER, -- e * privateExponent INTEGER, -- d @@ -1207,7 +1207,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * OpenSSL and OpenSSH, which the following ASN.1 structure: * ``` * DSAPrivateKey ::= SEQUENCE { - * version Version, -- 0 + * version INTEGER, -- must be 0 * prime INTEGER, -- p * subprime INTEGER, -- q * generator INTEGER, -- g @@ -1218,15 +1218,19 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * - For elliptic curve key pairs (key types for which * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is the * non-encrypted DER encoding of the representation defined by RFC 5915 as - * `ECPrivateKey`, version 1. + * `ECPrivateKey`, version 1. The `ECParameters` field must be a + * `namedCurve` OID as specified in RFC 5480 §2.1.1.1. The public key + * must be present and must be an `ECPoint` in the same format + * (uncompressed variant) an ECC public key of the + * corresponding type exported with psa_export_public_key(). * ``` * ECPrivateKey ::= SEQUENCE { * version INTEGER, -- must be 1 * privateKey OCTET STRING, - * -- `ceiling(log_{256}(n))`-byte string, big endian, + * -- `ceiling(log2(n)/8)`-byte string, big endian, * -- where n is the order of the curve. - * parameters ECParameters {{ NamedCurve }}, -- mandatory - * publicKey BIT STRING -- mandatory + * parameters [0] IMPLICIT ECParameters {{ namedCurve }}, -- mandatory + * publicKey [1] IMPLICIT BIT STRING -- mandatory * } * ``` * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is @@ -1308,20 +1312,21 @@ psa_status_t psa_export_key(psa_key_slot_t key, * - For elliptic curve public keys (key types for which * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), * the `subjectPublicKey` format is defined by RFC 3279 §2.3.5 as - * `ECPoint`, which is an OCTET STRING containing the uncompressed + * `ECPoint`, which contains the uncompressed * representation defined by SEC1 §2.3.3. * The OID is `id-ecPublicKey`, - * and the parameters must be given as a `namedCurve`. + * and the parameters must be given as a `namedCurve` OID as specified in + * RFC 5480 §2.1.1.1. * ``` * ansi-X9-62 OBJECT IDENTIFIER ::= * { iso(1) member-body(2) us(840) 10045 } * id-public-key-type OBJECT IDENTIFIER ::= { ansi-X9.62 2 } * id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 } * - * ECPoint ::= OCTET STRING - * -- first byte: 0x04; - * -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian; - * -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian, + * ECPoint ::= ... + * -- first 8 bits: 0x04; + * -- then x_P as an n-bit string, big endian; + * -- then y_P as a n-bit string, big endian, * -- where n is the order of the curve. * * EcpkParameters ::= CHOICE { -- other choices are not allowed From 996deb18cca397d5be2728bde8fd27e57ea11052 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 1 Aug 2018 15:45:45 +0200 Subject: [PATCH 0459/2197] Fix buffer overflow in the slot array Slots are numbered from 1, but the slot array is a C array so it's numbered from 0. Add a non-regression test. --- library/psa_crypto.c | 9 +++- tests/suites/test_suite_psa_crypto.data | 3 ++ tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++++++++ 3 files changed, 69 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 210fa5ff4..fe3072935 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -82,6 +82,8 @@ +#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) + /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { @@ -343,10 +345,13 @@ static psa_status_t mbedtls_to_psa_error( int ret ) static psa_status_t psa_get_key_slot( psa_key_slot_t key, key_slot_t **p_slot ) { - if( key == 0 || key > PSA_KEY_SLOT_COUNT ) + /* 0 is not a valid slot number under any circumstance. This + * implementation provides slots number 1 to N where N is the + * number of available slots. */ + if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - *p_slot = &global_data.key_slots[key]; + *p_slot = &global_data.key_slots[key - 1]; return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 894317e32..0f7c8a97f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,6 +1,9 @@ PSA init/deinit init_deinit: +PSA fill 250 slots +fill_slots:250 + PSA import/export raw: 0 bytes import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2e0804bf5..88ef27fbb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -447,6 +447,65 @@ void init_deinit( ) } /* END_CASE */ +/* BEGIN_CASE */ +void fill_slots( int max_arg ) +{ + /* Fill all the slots until we run out of memory or out of slots, + * or until some limit specified in the test data for the sake of + * implementations with an essentially unlimited number of slots. + * This test assumes that available slots are numbered from 1. */ + + psa_key_slot_t slot; + psa_key_slot_t max = 0; + psa_key_policy_t policy; + uint8_t exported[sizeof( max )]; + size_t exported_size; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); + + for( max = 1; max <= (size_t) max_arg; max++ ) + { + status = psa_set_key_policy( max, &policy ); + /* Stop filling slots if we run out of memory or out of + * available slots. */ + TEST_ASSERT( status == PSA_SUCCESS || + status == PSA_ERROR_INSUFFICIENT_MEMORY || + status == PSA_ERROR_INVALID_ARGUMENT ); + if( status != PSA_SUCCESS ) + break; + status = psa_import_key( max, PSA_KEY_TYPE_RAW_DATA, + (uint8_t*) &max, sizeof( max ) ); + /* Since psa_set_key_policy succeeded, we know that the slot + * number is valid. But we may legitimately run out of memory. */ + TEST_ASSERT( status == PSA_SUCCESS || + status == PSA_ERROR_INSUFFICIENT_MEMORY ); + if( status != PSA_SUCCESS ) + break; + } + /* `max` is now the first slot number that wasn't filled. */ + max -= 1; + + for( slot = 1; slot <= max; slot++ ) + { + TEST_ASSERT( psa_export_key( slot, + exported, sizeof( exported ), + &exported_size ) == PSA_SUCCESS ); + TEST_ASSERT( exported_size == sizeof( slot ) ); + TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 ); + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + } + +exit: + for( slot = 1; slot <= max; slot++ ) + psa_destroy_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import( data_t *data, int type, int expected_status_arg ) { From cb6adbb75023bc47cbd4082bccf0cff297f6d752 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 11 Aug 2018 01:18:12 +0200 Subject: [PATCH 0460/2197] fixup sizes --- include/psa/crypto_sizes.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index bc8edc612..4df72b025 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -412,10 +412,10 @@ * AlgorithmIdentifier ::= SEQUENCE { * algorithm OBJECT IDENTIFIER, * parameters OBJECT IDENTIFIER } -- namedCurve - * ECPoint ::= OCTET STRING - * -- first byte: 0x04; - * -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian; - * -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian, + * ECPoint ::= ... + * -- first 8 bits: 0x04; + * -- then x_P as an n-bit string, big endian; + * -- then y_P as a n-bit string, big endian, * -- where n is the order of the curve. * * - 2 * 4 bytes of SEQUENCE overhead; @@ -432,10 +432,10 @@ * ECPrivateKey ::= SEQUENCE { * version INTEGER, -- must be 1 * privateKey OCTET STRING, - * -- `ceiling(log_{256}(n))`-byte string, big endian, + * -- `ceiling(log2(n)/8)`-byte string, big endian, * -- where n is the order of the curve. - * parameters ECParameters {{ NamedCurve }}, -- mandatory - * publicKey BIT STRING -- mandatory + * parameters [0] IMPLICIT ECParameters {{ NamedCurve }}, + * publicKey [1] IMPLICIT BIT STRING * } * * - 4 bytes of SEQUENCE overhead; From 9a05634558ccd2f8cbb8cf62a22555a7085f4d42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 1 Aug 2018 15:46:54 +0200 Subject: [PATCH 0461/2197] psa_crypto_free: destroy the last slot The last slot in the array was not freed due to an off-by-one error. Amend the fill_slots test to serve as a non-regression test for this issue: without this bug fix, it would cause a memory leak. --- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.function | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fe3072935..8b25dac1a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3453,7 +3453,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, void mbedtls_psa_crypto_free( void ) { psa_key_slot_t key; - for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ ) + for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) psa_destroy_key( key ); mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); mbedtls_entropy_free( &global_data.entropy ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 88ef27fbb..43e479470 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -496,12 +496,10 @@ void fill_slots( int max_arg ) &exported_size ) == PSA_SUCCESS ); TEST_ASSERT( exported_size == sizeof( slot ) ); TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 ); - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); } exit: - for( slot = 1; slot <= max; slot++ ) - psa_destroy_key( slot ); + /* Do not destroy the keys. mbedtls_psa_crypto_free() should do it. */ mbedtls_psa_crypto_free( ); } /* END_CASE */ From ddeb55ad3244c640416e7cf6fac85b5c75afa944 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Aug 2018 15:08:07 +0200 Subject: [PATCH 0462/2197] Remove trailing whitespace and fix indentation in generated C file --- scripts/generate_psa_constants.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index e4cb45b4a..bc2302aff 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -120,16 +120,16 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size, ''' key_type_from_curve_template = '''if (%(tester)s(type)) { - append_with_curve(&buffer, buffer_size, &required_size, - "%(builder)s", %(builder_length)s, - PSA_KEY_TYPE_GET_CURVE(type)); - } else ''' + append_with_curve(&buffer, buffer_size, &required_size, + "%(builder)s", %(builder_length)s, + PSA_KEY_TYPE_GET_CURVE(type)); + } else ''' algorithm_from_hash_template = '''if (%(tester)s(alg_without_padding)) { - append_with_hash(&buffer, buffer_size, &required_size, - "%(builder)s", %(builder_length)s, - PSA_ALG_GET_HASH(alg_without_padding)); - } else ''' + append_with_hash(&buffer, buffer_size, &required_size, + "%(builder)s", %(builder_length)s, + PSA_ALG_GET_HASH(alg_without_padding)); + } else ''' bit_test_template = '''\ if (%(var)s & %(flag)s) { @@ -244,7 +244,7 @@ class MacroCollector: def make_key_type_code(self): d = self.key_types_from_curve make = self.make_key_type_from_curve_code - return '\n '.join([make(k, d[k]) for k in sorted(d.keys())]) + return ''.join([make(k, d[k]) for k in sorted(d.keys())]) def make_hash_algorithm_cases(self): return '\n '.join(map(self.make_return_case, @@ -266,7 +266,7 @@ class MacroCollector: def make_algorithm_code(self): d = self.algorithms_from_hash make = self.make_algorithm_from_hash_code - return '\n '.join([make(k, d[k]) for k in sorted(d.keys())]) + return ''.join([make(k, d[k]) for k in sorted(d.keys())]) def make_key_usage_code(self): return '\n'.join([self.make_bit_test('usage', bit) From dd2f95b855f9c570dd1d73260abc01f3000e7868 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 11 Aug 2018 01:22:42 +0200 Subject: [PATCH 0463/2197] Improve and augment export sanity checks Implement sanity checks of exported public keys, using ASN.1 parsing. Rewrite the sanity checks of key pairs using ASN.1 parsing, so as to check more things with simpler code. --- tests/suites/test_suite_psa_crypto.function | 323 ++++++++++++++++---- 1 file changed, 269 insertions(+), 54 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 317475041..b04f6a390 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -5,7 +5,10 @@ #include "spm/psa_defs.h" #endif +#include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" +#include "mbedtls/oid.h" + #include "psa/crypto.h" #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) @@ -38,13 +41,6 @@ static int mem_is_zero( void *buffer, size_t size ) return( 1 ); } -static int key_type_is_raw_bytes( psa_key_type_t type ) -{ - psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK; - return( category == PSA_KEY_TYPE_RAW_DATA || - category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); -} - /* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */ static int asn1_write_10x( unsigned char **p, unsigned char *start, @@ -393,11 +389,118 @@ exit: return( 0 ); } -int exported_key_sanity_check( psa_key_type_t type, size_t bits, - uint8_t *exported, size_t exported_length ) +typedef struct { - if( key_type_is_raw_bytes( type ) ) + unsigned char length; + unsigned char string[]; +} small_byte_string_t; +#define DECLARE_SMALL_STRING_OF_LITERAL( name, literal ) \ + static const small_byte_string_t name = \ + { sizeof( literal ) - 1, literal } + +#if defined(MBEDTLS_RSA_C) +DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_rsa, + MBEDTLS_OID_PKCS1_RSA ); +#endif +#if defined(MBEDTLS_ECP_C) +DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_ecc, + MBEDTLS_OID_EC_ALG_UNRESTRICTED ); +#endif + +static int is_oid_of_key_type( psa_key_type_t type, + const uint8_t *oid, size_t oid_length ) +{ + const small_byte_string_t *expected_oid = +#if defined(MBEDTLS_RSA_C) + PSA_KEY_TYPE_IS_RSA( type ) ? &key_type_oid_rsa : +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + PSA_KEY_TYPE_IS_ECC( type ) ? &key_type_oid_ecc : +#endif /* MBEDTLS_ECP_C */ + NULL; + + if( expected_oid == NULL ) + { + char message[40]; + mbedtls_snprintf( message, sizeof( message ), + "OID not known for key type=0x%08lx", + (unsigned long) type ); + test_fail( message, __LINE__, __FILE__ ); + return( 0 ); + } + + TEST_ASSERT( oid_length == expected_oid->length ); + TEST_ASSERT( memcmp( oid, expected_oid->string, oid_length ) == 0 ); + return( 1 ); + +exit: + return( 0 ); +} + +static int asn1_skip_integer( unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd ) +{ + size_t len; + size_t actual_bits; + unsigned char msb; + TEST_ASSERT( mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_INTEGER ) == 0 ); + /* Tolerate a slight departure from DER encoding: + * - 0 may be represented by an empty string or a 1-byte string. + * - The sign bit may be used as a value bit. */ + if( ( len == 1 && ( *p )[0] == 0 ) || + ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) ) + { + ++( *p ); + --len; + } + if( min_bits == 0 && len == 0 ) + return( 1 ); + msb = ( *p )[0]; + TEST_ASSERT( msb != 0 ); + actual_bits = 8 * ( len - 1 ); + while( msb != 0 ) + { + msb >>= 1; + ++actual_bits; + } + TEST_ASSERT( actual_bits >= min_bits ); + TEST_ASSERT( actual_bits <= max_bits ); + if( must_be_odd ) + TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 ); + *p += len; + return( 1 ); +exit: + return( 0 ); +} + +static int asn1_get_implicit_tag( unsigned char **p, const unsigned char *end, + size_t *len, + unsigned char n, unsigned char tag ) +{ + int ret; + ret = mbedtls_asn1_get_tag( p, end, len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | ( n ) ); + if( ret != 0 ) + return( ret ); + end = *p + *len; + ret = mbedtls_asn1_get_tag( p, end, len, tag ); + if( ret != 0 ) + return( ret ); + if( *p + *len != end ) + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( 0 ); +} + +static int exported_key_sanity_check( psa_key_type_t type, size_t bits, + uint8_t *exported, size_t exported_length ) +{ + if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) TEST_ASSERT( exported_length == ( bits + 7 ) / 8 ); + else + TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) ); #if defined(MBEDTLS_DES_C) if( type == PSA_KEY_TYPE_DES ) @@ -416,64 +519,176 @@ int exported_key_sanity_check( psa_key_type_t type, size_t bits, TEST_ASSERT( bit_count % 2 != 0 ); } } + else #endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) if( type == PSA_KEY_TYPE_RSA_KEYPAIR ) { - /* Sanity check: does this look like the beginning of a PKCS#8 - * RSA key pair? Assumes bits is a multiple of 8. */ - size_t n_bytes = bits / 8 + 1; - size_t n_encoded_bytes; - unsigned char *n_end; - TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 ); - TEST_ASSERT( exported[0] == 0x30 ); - TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key - TEST_ASSERT( exported[4] == 0x02 ); - TEST_ASSERT( exported[5] == 0x01 ); - TEST_ASSERT( exported[6] == 0x00 ); - TEST_ASSERT( exported[7] == 0x02 ); - n_encoded_bytes = exported[8]; - n_end = exported + 9 + n_encoded_bytes; - if( n_encoded_bytes & 0x80 ) - { - n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7; - n_encoded_bytes |= exported[9] & 0x7f; - n_end += 1; - } - /* The encoding of n should start with a 0 byte since it should - * have its high bit set. However Mbed TLS is not compliant and - * generates an invalid, but widely tolerated, encoding of - * positive INTEGERs with a bit size that is a multiple of 8 - * with no leading 0 byte. Accept this here. */ - TEST_ASSERT( n_bytes == n_encoded_bytes || - n_bytes == n_encoded_bytes + 1 ); - if( n_bytes == n_encoded_bytes ) - TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 ); - /* Sanity check: e must be 3 */ - TEST_ASSERT( n_end[0] == 0x02 ); - TEST_ASSERT( n_end[1] == 0x03 ); - TEST_ASSERT( n_end[2] == 0x01 ); - TEST_ASSERT( n_end[3] == 0x00 ); - TEST_ASSERT( n_end[4] == 0x01 ); - TEST_ASSERT( n_end[5] == 0x02 ); - } + uint8_t *p = exported; + uint8_t *end = exported + exported_length; + size_t len; + /* RSAPrivateKey ::= SEQUENCE { + * version Version, -- 0 + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * } + */ + TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); + TEST_ASSERT( p + len == end ); + if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) ) + goto exit; + /* Require d to be at least half the size of n. */ + if( ! asn1_skip_integer( &p, end, bits / 2, bits, 1 ) ) + goto exit; + /* Require p and q to be at most half the size of n, rounded up. */ + if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + goto exit; + TEST_ASSERT( p == end ); + } + else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) { - /* Sanity check: does this look like the beginning of a PKCS#8 - * elliptic curve key pair? */ - TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 ); - TEST_ASSERT( exported[0] == 0x30 ); - } + uint8_t *p = exported; + uint8_t *end = exported + exported_length; + size_t len; + int version; + /* ECPrivateKey ::= SEQUENCE { + * version INTEGER, -- must be 1 + * privateKey OCTET STRING, + * -- `ceiling(log_{256}(n))`-byte string, big endian, + * -- where n is the order of the curve. + * parameters ECParameters {{ NamedCurve }}, -- mandatory + * publicKey BIT STRING -- mandatory + * } + */ + TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); + TEST_ASSERT( p + len == end ); + TEST_ASSERT( mbedtls_asn1_get_int( &p, end, &version ) == 0 ); + TEST_ASSERT( version == 1 ); + TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_OCTET_STRING ) == 0 ); + /* Bug in Mbed TLS: the length of the octet string depends on the value */ + // TEST_ASSERT( len == PSA_BITS_TO_BYTES( bits ) ); + p += len; + TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 0, + MBEDTLS_ASN1_OID ) == 0 ); + p += len; + TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 1, + MBEDTLS_ASN1_BIT_STRING ) == 0 ); + TEST_ASSERT( p + len == end ); + TEST_ASSERT( p[0] == 0 ); /* 0 unused bits in the bit string */ + ++p; + TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end ); + TEST_ASSERT( p[0] == 4 ); + } + else #endif /* MBEDTLS_ECP_C */ - return( 0 ); + if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) + { + uint8_t *p = exported; + uint8_t *end = exported + exported_length; + size_t len; + mbedtls_asn1_buf alg; + mbedtls_asn1_buf params; + mbedtls_asn1_bitstring bitstring; + /* SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + */ + TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); + TEST_ASSERT( p + len == end ); + TEST_ASSERT( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ) == 0 ); + if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) + goto exit; + TEST_ASSERT( mbedtls_asn1_get_bitstring( &p, end, &bitstring ) == 0 ); + TEST_ASSERT( p == end ); + p = bitstring.p; +#if defined(MBEDTLS_RSA_C) + if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) + { + /* RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + */ + TEST_ASSERT( bitstring.unused_bits == 0 ); + TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); + TEST_ASSERT( p + len == end ); + if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) ) + goto exit; + if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) ) + goto exit; + TEST_ASSERT( p == end ); + } + else +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) + { + /* ECPoint ::= ... + * -- first 8 bits: 0x04; + * -- then x_P as an n-bit string, big endian; + * -- then y_P as a n-bit string, big endian, + * -- where n is the order of the curve. + */ + TEST_ASSERT( bitstring.unused_bits == 0 ); + TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end ); + TEST_ASSERT( p[0] == 4 ); + } + else +#endif /* MBEDTLS_ECP_C */ + { + char message[40]; + mbedtls_snprintf( message, sizeof( message ), + "No sanity check for public key type=0x%08lx", + (unsigned long) type ); + test_fail( message, __LINE__, __FILE__ ); + return( 0 ); + } + } + else + + { + /* No sanity checks for other types */ + } + + return( 1 ); exit: - return( 1 ); + return( 0 ); } static int exercise_export_key( psa_key_slot_t slot, From f26dbfc096ce53117f368ce9d5b2179aa4529f34 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 1 Aug 2018 16:09:08 +0300 Subject: [PATCH 0464/2197] Rearrange PSA_ERROR_XXX error codes Set PSA_ERROR_UNKNOWN_ERROR as the first error code to prevent the need to change its value whenever a new error code is added. --- include/psa/crypto.h | 48 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 896235b35..128c2c0cd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -89,6 +89,13 @@ typedef int32_t psa_status_t; #endif /* !defined(PSA_SUCCESS) */ +/** An error occurred that does not correspond to any defined + * failure cause. + * + * Implementations may use this error code if none of the other standard + * error codes are applicable. */ +#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1) + /** The requested operation or a parameter is not supported * by this implementation. * @@ -96,7 +103,7 @@ typedef int32_t psa_status_t; * parameter such as a key type, algorithm, etc. is not recognized. * If a combination of parameters is recognized and identified as * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)1) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2) /** The requested action is denied by a policy. * @@ -109,7 +116,7 @@ typedef int32_t psa_status_t; * not valid or not supported, it is unspecified whether the function * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or * #PSA_ERROR_INVALID_ARGUMENT. */ -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)2) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3) /** An output buffer is too small. * @@ -121,7 +128,7 @@ typedef int32_t psa_status_t; * buffer would succeed. However implementations may return this * error if a function has invalid or unsupported parameters in addition * to the parameters that determine the necessary output buffer size. */ -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)3) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4) /** A slot is occupied, but must be empty to carry out the * requested action. @@ -129,7 +136,7 @@ typedef int32_t psa_status_t; * If the slot number is invalid (i.e. the requested action could * not be performed even after erasing the slot's content), * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)4) +#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5) /** A slot is empty, but must be occupied to carry out the * requested action. @@ -137,7 +144,7 @@ typedef int32_t psa_status_t; * If the slot number is invalid (i.e. the requested action could * not be performed even after creating appropriate content in the slot), * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)5) +#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6) /** The requested action cannot be performed in the current state. * @@ -149,7 +156,7 @@ typedef int32_t psa_status_t; * that a key slot is occupied when it needs to be free or vice versa, * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT * as applicable. */ -#define PSA_ERROR_BAD_STATE ((psa_status_t)6) +#define PSA_ERROR_BAD_STATE ((psa_status_t)7) /** The parameters passed to the function are invalid. * @@ -160,13 +167,13 @@ typedef int32_t psa_status_t; * that a key slot is occupied when it needs to be free or vice versa, * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT * as applicable. */ -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)7) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8) /** There is not enough runtime memory. * * If the action is carried out across multiple security realms, this * error can refer to available memory in any of the security realms. */ -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)8) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9) /** There is not enough persistent storage. * @@ -175,7 +182,7 @@ typedef int32_t psa_status_t; * many functions that do not otherwise access storage may return this * error code if the implementation requires a mandatory log entry for * the requested action and the log storage space is full. */ -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)9) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10) /** There was a communication failure inside the implementation. * @@ -192,7 +199,7 @@ typedef int32_t psa_status_t; * cryptoprocessor but there was a breakdown of communication before * the cryptoprocessor could report the status to the application. */ -#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)10) +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11) /** There was a storage failure that may have led to data loss. * @@ -217,13 +224,13 @@ typedef int32_t psa_status_t; * permanent storage corruption. However application writers should * keep in mind that transient errors while reading the storage may be * reported using this error code. */ -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)11) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12) /** A hardware failure was detected. * * A hardware failure may be transient or permanent depending on the * cause. */ -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)12) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13) /** A tampering attempt was detected. * @@ -254,7 +261,7 @@ typedef int32_t psa_status_t; * This error indicates an attack against the application. Implementations * shall not return this error code as a consequence of the behavior of * the application itself. */ -#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)13) +#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14) /** There is not enough entropy to generate random data needed * for the requested action. @@ -273,7 +280,7 @@ typedef int32_t psa_status_t; * secure pseudorandom generator (PRNG). However implementations may return * this error at any time if a policy requires the PRNG to be reseeded * during normal operation. */ -#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)14) +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15) /** The signature, MAC or hash is incorrect. * @@ -283,7 +290,7 @@ typedef int32_t psa_status_t; * * If the value to verify has an invalid size, implementations may return * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)15) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16) /** The decrypted padding is incorrect. * @@ -299,20 +306,13 @@ typedef int32_t psa_status_t; * as close as possible to indistinguishable to an external observer. * In particular, the timing of a decryption operation should not * depend on the validity of the padding. */ -#define PSA_ERROR_INVALID_PADDING ((psa_status_t)16) +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17) /** The generator has insufficient capacity left. * * Once a function returns this error, attempts to read from the * generator will always return this error. */ -#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)17) - -/** An error occurred that does not correspond to any defined - * failure cause. - * - * Implementations may use this error code if none of the other standard - * error codes are applicable. */ -#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)18) +#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18) /** * \brief Library initialization. From 23b9d149a2841a2d69c97df60c75e9a77b209133 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Aug 2018 15:08:46 +0200 Subject: [PATCH 0465/2197] Fix indentation in generated C file The indentation now complies with Emacs's "k&r" style. --- scripts/generate_psa_constants.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index bc2302aff..5a5d2e5cf 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -71,8 +71,8 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, psa_algorithm_t padding_mode = -1; psa_algorithm_t alg_without_padding = alg; if (PSA_ALG_IS_CIPHER(alg) && PSA_ALG_IS_BLOCK_CIPHER(alg)) { - padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; + alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; } switch (alg_without_padding) { %(algorithm_cases)s From 8f609239d59426d2078508cd620c0982af7c26ad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 11 Aug 2018 01:24:55 +0200 Subject: [PATCH 0466/2197] Do export sanity checks in import_export as well This is not useful to validate the implementation when importing canonical input, which is the case for most import/export test cases, but it helps validate the sanity checks themselves. --- tests/suites/test_suite_psa_crypto.function | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b04f6a390..ee29ec951 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1001,6 +1001,9 @@ void import_export( data_t *data, goto destroy; } + if( ! exercise_export_key( slot, usage_arg ) ) + goto exit; + if( canonical_input ) { TEST_ASSERT( exported_length == data->len ); From 13f43948f302725788118ae4db08f3833f5f5484 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Sun, 5 Aug 2018 12:09:44 +0300 Subject: [PATCH 0467/2197] typo fix --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 128c2c0cd..8ecd17bb4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -67,7 +67,7 @@ extern "C" { * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; * the other error code names don't clash. Also define psa_status_t as * an alias for the type used by PSA IPC. This is a temporary hack - * until we unify error reporting in PSA IPC and PSA crypo. + * until we unify error reporting in PSA IPC and PSA crypto. * * Note that psa_defs.h must be included before this header! */ From ae3d2a2c26cccc2b7c83e335d7d2bd7d5a387211 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Aug 2018 14:14:22 +0200 Subject: [PATCH 0468/2197] Avoid non-standard C constructs Don't rely on static initialization of a flexible array member, that's a GNU extension. The previous code also triggered a Clang warning "suggest braces around initialization of subobject" (-Wmissing-braces) for `struct {char a[]} = {"foo"}`. --- tests/suites/test_suite_psa_crypto.function | 42 ++++++++------------- 1 file changed, 16 insertions(+), 26 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ee29ec951..d5922b767 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -389,37 +389,27 @@ exit: return( 0 ); } -typedef struct -{ - unsigned char length; - unsigned char string[]; -} small_byte_string_t; -#define DECLARE_SMALL_STRING_OF_LITERAL( name, literal ) \ - static const small_byte_string_t name = \ - { sizeof( literal ) - 1, literal } - -#if defined(MBEDTLS_RSA_C) -DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_rsa, - MBEDTLS_OID_PKCS1_RSA ); -#endif -#if defined(MBEDTLS_ECP_C) -DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_ecc, - MBEDTLS_OID_EC_ALG_UNRESTRICTED ); -#endif - static int is_oid_of_key_type( psa_key_type_t type, const uint8_t *oid, size_t oid_length ) { - const small_byte_string_t *expected_oid = + const uint8_t *expected_oid = NULL; + size_t expected_oid_length = 0; #if defined(MBEDTLS_RSA_C) - PSA_KEY_TYPE_IS_RSA( type ) ? &key_type_oid_rsa : + if( PSA_KEY_TYPE_IS_RSA( type ) ) + { + expected_oid = (uint8_t *) MBEDTLS_OID_PKCS1_RSA; + expected_oid_length = sizeof( MBEDTLS_OID_PKCS1_RSA ) - 1; + } + else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - PSA_KEY_TYPE_IS_ECC( type ) ? &key_type_oid_ecc : + if( PSA_KEY_TYPE_IS_ECC( type ) ) + { + expected_oid = (uint8_t *) MBEDTLS_OID_EC_ALG_UNRESTRICTED; + expected_oid_length = sizeof( MBEDTLS_OID_EC_ALG_UNRESTRICTED ) - 1; + } + else #endif /* MBEDTLS_ECP_C */ - NULL; - - if( expected_oid == NULL ) { char message[40]; mbedtls_snprintf( message, sizeof( message ), @@ -429,8 +419,8 @@ static int is_oid_of_key_type( psa_key_type_t type, return( 0 ); } - TEST_ASSERT( oid_length == expected_oid->length ); - TEST_ASSERT( memcmp( oid, expected_oid->string, oid_length ) == 0 ); + TEST_ASSERT( oid_length == expected_oid_length ); + TEST_ASSERT( memcmp( oid, expected_oid, oid_length ) == 0 ); return( 1 ); exit: From 40835d4e560acfbaf9552b7b693d2b2c17e3eb9d Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 2 Aug 2018 13:14:17 +0300 Subject: [PATCH 0469/2197] Add missing calls to psa_hash_abort in hash functions --- library/psa_crypto.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c7d5a6780..b94e0e6a5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1110,6 +1110,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t hash_size, size_t *hash_length ) { + psa_status_t status; int ret; size_t actual_hash_length = PSA_HASH_SIZE( operation->alg ); @@ -1123,7 +1124,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, memset( hash, '!', hash_size ); if( hash_size < actual_hash_length ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } switch( operation->alg ) { @@ -1168,8 +1172,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; break; } + status = mbedtls_to_psa_error( ret ); - if( ret == 0 ) +exit: + if( status == PSA_SUCCESS ) { *hash_length = actual_hash_length; return( psa_hash_abort( operation ) ); @@ -1177,7 +1183,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, else { psa_hash_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + return( status ); } } From ed7382f6a72cabea82504b7e33f2be289143b46c Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 2 Aug 2018 14:19:33 +0300 Subject: [PATCH 0470/2197] Update documentation due to function renaming --- include/psa/crypto.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 128c2c0cd..e1b70aeab 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1911,9 +1911,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. - * -# Call either psa_encrypt_generate_iv() or psa_cipher_set_iv() to + * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to * generate or set the IV (initialization vector). You should use - * psa_encrypt_generate_iv() unless the protocol you are implementing + * psa_cipher_generate_iv() unless the protocol you are implementing * requires a specific IV value. * -# Call psa_cipher_update() zero, one or more times, passing a fragment * of the message each time. @@ -1925,7 +1925,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * After a successful call to psa_cipher_encrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to psa_encrypt_generate_iv(), psa_cipher_set_iv() + * - A failed call to psa_cipher_generate_iv(), psa_cipher_set_iv() * or psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * From 6ef7983208a01a2e2da58c5edabfcbc0b0dcd00c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Aug 2018 14:17:06 +0200 Subject: [PATCH 0471/2197] Fix copypasta in PSA_KEY_EXPORT_MAX_SIZE documentation --- include/psa/crypto_sizes.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 4df72b025..c42375beb 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -492,7 +492,6 @@ * * \param key_type A supported key type. * \param key_bits The size of the key in bits. - * \param alg The signature algorithm. * * \return If the parameters are valid and supported, return * a buffer size in bytes that guarantees that From b67f308c4f982f5d5e224d0822c046c9af269cbf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 7 Aug 2018 15:33:10 +0200 Subject: [PATCH 0472/2197] Fix re-import size in import_export test with non-canonical input --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 04c1c7982..97501af6a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -643,7 +643,7 @@ void import_export( data_t *data, TEST_ASSERT( psa_import_key( slot2, type, exported, - export_size ) == PSA_SUCCESS ); + exported_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_export_key( slot2, reexported, export_size, From 534bd7c33b6acfccb48a85532bf4c52d7ffbaca6 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 2 Aug 2018 13:56:32 +0300 Subject: [PATCH 0473/2197] Add missing calls to psa_cipher_abort in cipher functions --- library/psa_crypto.c | 65 +++++++++++++++++++++++++------------------- 1 file changed, 37 insertions(+), 28 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b94e0e6a5..316acbe64 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2478,53 +2478,59 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, size_t iv_size, size_t *iv_length ) { - int ret = PSA_SUCCESS; + psa_status_t status; + int ret; if( operation->iv_set || ! operation->iv_required ) - return( PSA_ERROR_BAD_STATE ); + { + status = PSA_ERROR_BAD_STATE; + goto exit; + } if( iv_size < operation->iv_size ) { - ret = PSA_ERROR_BUFFER_TOO_SMALL; + status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size ); if( ret != 0 ) { - ret = mbedtls_to_psa_error( ret ); + status = mbedtls_to_psa_error( ret ); goto exit; } *iv_length = operation->iv_size; - ret = psa_cipher_set_iv( operation, iv, *iv_length ); + status = psa_cipher_set_iv( operation, iv, *iv_length ); exit: - if( ret != PSA_SUCCESS ) + if( status != PSA_SUCCESS ) psa_cipher_abort( operation ); - return( ret ); + return( status ); } psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, const unsigned char *iv, size_t iv_length ) { - int ret = PSA_SUCCESS; + psa_status_t status; + int ret; if( operation->iv_set || ! operation->iv_required ) - return( PSA_ERROR_BAD_STATE ); + { + status = PSA_ERROR_BAD_STATE; + goto exit; + } if( iv_length != operation->iv_size ) { - psa_cipher_abort( operation ); - return( PSA_ERROR_INVALID_ARGUMENT ); + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; } - ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); - if( ret != 0 ) - { + ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length ); + status = mbedtls_to_psa_error( ret ); +exit: + if( status == PSA_SUCCESS ) + operation->iv_set = 1; + else psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); - } - - operation->iv_set = 1; - - return( PSA_SUCCESS ); + return( status ); } psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, @@ -2534,7 +2540,8 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, size_t output_size, size_t *output_length ) { - int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + psa_status_t status; + int ret; size_t expected_output_size; if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) { @@ -2550,18 +2557,20 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, { expected_output_size = input_length; } + if( output_size < expected_output_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } ret = mbedtls_cipher_update( &operation->ctx.cipher, input, input_length, output, output_length ); - if( ret != 0 ) - { + status = mbedtls_to_psa_error( ret ); +exit: + if( status != PSA_SUCCESS ) psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); - } - - return( PSA_SUCCESS ); + return( status ); } psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, From c6290c043e4095768aef2bd4c145c7ae36a124a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Aug 2018 17:24:59 +0200 Subject: [PATCH 0474/2197] Minor documentation improvements --- include/psa/crypto.h | 4 ++-- tests/suites/test_suite_psa_crypto.function | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3f8cb44c9..c3899bfe7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1204,7 +1204,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * ``` * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format * is the non-encrypted DER encoding of the representation used by - * OpenSSL and OpenSSH, which the following ASN.1 structure: + * OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows: * ``` * DSAPrivateKey ::= SEQUENCE { * version INTEGER, -- must be 0 @@ -1316,7 +1316,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, * representation defined by SEC1 §2.3.3. * The OID is `id-ecPublicKey`, * and the parameters must be given as a `namedCurve` OID as specified in - * RFC 5480 §2.1.1.1. + * RFC 5480 §2.1.1.1 or other applicable standards. * ``` * ansi-X9-62 OBJECT IDENTIFIER ::= * { iso(1) member-body(2) us(840) 10045 } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d5922b767..16227fb6d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -589,6 +589,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 0, MBEDTLS_ASN1_OID ) == 0 ); p += len; + /* publicKey: ECPoint in uncompressed representation (as below) */ TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 1, MBEDTLS_ASN1_BIT_STRING ) == 0 ); TEST_ASSERT( p + len == end ); @@ -649,7 +650,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) { /* ECPoint ::= ... - * -- first 8 bits: 0x04; + * -- first 8 bits: 0x04 (uncompressed representation); * -- then x_P as an n-bit string, big endian; * -- then y_P as a n-bit string, big endian, * -- where n is the order of the curve. From 8a1a8f31e3336f27a94543e25b5975075138577c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 7 Aug 2018 15:33:49 +0200 Subject: [PATCH 0475/2197] Add test cases for PEM import This is not a standard PSA feature, it's an extension provided by the current implementation. --- tests/suites/test_suite_psa_crypto.data | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6bdd3274e..01be797ab 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -140,6 +140,16 @@ PSA import/export RSA keypair: policy forbids export (sign) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 +# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS +# extension which we may drop in the future. +PSA import/export RSA public key: import PEM +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 + +PSA import/export RSA keypair: import PEM +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 + PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT From dea46cf8f15c2357dd515039c5e494d766f53595 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 16:12:54 +0200 Subject: [PATCH 0476/2197] Clarify comment in test In RSAPrivateKey, Version is an INTEGER. The version must be 0. --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 16227fb6d..87bf28e23 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -519,7 +519,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, uint8_t *end = exported + exported_length; size_t len; /* RSAPrivateKey ::= SEQUENCE { - * version Version, -- 0 + * version INTEGER, -- must be 0 * modulus INTEGER, -- n * publicExponent INTEGER, -- e * privateExponent INTEGER, -- d From 517e73736eb1284f4cd55b02db78d6578c4ec361 Mon Sep 17 00:00:00 2001 From: Jen Andruska Date: Tue, 7 Aug 2018 12:31:32 +0100 Subject: [PATCH 0477/2197] Update README.md --- crypto/README.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/crypto/README.md b/crypto/README.md index b05e0464f..9699ca3d4 100644 --- a/crypto/README.md +++ b/crypto/README.md @@ -1,6 +1,6 @@ # Mbed Crypto library -The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security (PSA) architecture. This is a preview release of Mbed Crypto, provided for evaluation purposes only. +The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only. Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license. @@ -8,23 +8,23 @@ Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICEN Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. -The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of other PSA components on any platform. +The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. -The design goals of the PSA Cryptography API include: +The design goals of the PSA cryptography API include: * The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired. -* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example in order to take advantage of hardware accelerators. -* All access to keys is done via handles, which allows support for external cryptoprocessors that is transparent to applications. +* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators. +* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications. * The interface to algorithms is generic, favoring algorithm agility. -* The interface is designed to be easy to use, and hard to accidentally misuse. +* The interface is designed to be easy to use and hard to accidentally misuse. ## Mbed Crypto implementation -Mbed Crypto is a reference implementation of the PSA Cryptography API. It is written in portable C. +Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C. ## Documentation -The Mbed Crypto library is a reference implementation of the PSA Cryptography API. Therefore, the library's API documentation is the PSA Cryptography API specification. The PSA Cryptography API specification consists of the following documents: +Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents: * The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf). * The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html). @@ -38,29 +38,29 @@ You need the following tools to build the library with the provided makefiles: * Python 2 or Python 3 (either will work) to generate the test code. * Perl to run the tests. -If you have a C compiler such as GCC or Clang, just run `make` in the toplevel directory to build the library, a set of unit tests and some sample programs. +If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. -To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`). For example: +To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example: ``` make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar ``` -The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. +The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. -To run the unit tests on the host machine, run `make test` from the toplevel directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. +To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. ## Example programs -The `programs/` subdirectory contains some sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library and the code may need to be adapted to build a real-world application. +The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application. ## Upcoming features Future releases of this library will include: -* A driver programming interface, to use hardware accelerators instead of the default software implementation for chosen algorithms. -* Support for external keys, stored and manipulated exclusively in a separate cryptoprocessor. +* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms. +* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor. * A configuration mechanism to compile only the algorithms you need for your application. * A wider set of cryptographic algorithms. ## Feedback welcome -Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received in email will be treated confidentially. +Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially. From e852df846649dbf0a8ece71c2d77dfa5f5907c8d Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 14 Sep 2018 12:00:46 +0100 Subject: [PATCH 0478/2197] fixup! Add PSA crypto module --- include/mbedtls/config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 385381f7c..4a5edc1f2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2570,7 +2570,7 @@ #define MBEDTLS_POLY1305_C /** -* \def MBEDTLS_PSA_CRYPTO_C + * \def MBEDTLS_PSA_CRYPTO_C * * Enable the Platform Security Architecture cryptography API. * From 0adf0fc31c2ed664f7536e15c8c7ef4e99e1b5a5 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 6 Sep 2018 16:24:41 +0300 Subject: [PATCH 0479/2197] Ensure the module is initialized in psa_generate_random --- include/psa/crypto.h | 1 + library/psa_crypto.c | 10 ++++++++-- tests/suites/test_suite_psa_crypto.data | 3 +++ tests/suites/test_suite_psa_crypto.function | 10 ++++++++++ 4 files changed, 22 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c3899bfe7..b0bbb16cf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2902,6 +2902,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_generate_random(uint8_t *output, size_t output_size); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dfbb6800f..01dbf3c3a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -148,6 +148,10 @@ typedef struct static psa_global_data_t global_data; +#define GUARD_MODULE_INITIALIZED \ + if( global_data.initialized == 0 ) \ + return( PSA_ERROR_BAD_STATE ); + static psa_status_t mbedtls_to_psa_error( int ret ) { /* If there's both a high-level code and low-level code, dispatch on @@ -3360,8 +3364,10 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, psa_status_t psa_generate_random( uint8_t *output, size_t output_size ) { - int ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, - output, output_size ); + int ret; + GUARD_MODULE_INITIALIZED; + + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size ); return( mbedtls_to_psa_error( ret ) ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 01be797ab..202bd420f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1178,3 +1178,6 @@ generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA validate module initialization: random +validate_module_init_generate_random: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e14b2256d..e4a776ac0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3451,3 +3451,13 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void validate_module_init_generate_random( ) +{ + psa_status_t status; + uint8_t random[10] = { 0 }; + status = psa_generate_random( random, sizeof( random ) ); + TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); +} +/* END_CASE */ From 90d8c7a728053bac46bf8552d35dc67904cf54ac Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 12 Sep 2018 11:44:52 +0300 Subject: [PATCH 0480/2197] Ensure the module is initialized in key based functions --- include/psa/crypto.h | 22 +++++++++++++++++++++ library/psa_crypto.c | 2 ++ tests/suites/test_suite_psa_crypto.data | 3 +++ tests/suites/test_suite_psa_crypto.function | 10 ++++++++++ 4 files changed, 37 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b0bbb16cf..92d394d5a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1104,6 +1104,7 @@ typedef uint32_t psa_algorithm_t; * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type, @@ -1142,6 +1143,7 @@ psa_status_t psa_import_key(psa_key_slot_t key, * An unexpected condition which is not a storage corruption or * a communication failure occurred. The cryptoprocessor may have * been compromised. + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_destroy_key(psa_key_slot_t key); @@ -1162,6 +1164,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, @@ -1256,6 +1259,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, @@ -1354,6 +1358,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data, @@ -1491,6 +1496,7 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy); @@ -1504,6 +1510,7 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy); @@ -1547,6 +1554,7 @@ typedef uint32_t psa_key_lifetime_t; * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); @@ -1574,6 +1582,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime); @@ -1848,6 +1857,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_slot_t key, @@ -1896,6 +1906,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_slot_t key, @@ -2092,6 +2103,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, @@ -2141,6 +2153,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, @@ -2384,6 +2397,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_aead_encrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2437,6 +2451,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_aead_decrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2500,6 +2515,7 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, @@ -2539,6 +2555,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, @@ -2593,6 +2610,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2645,6 +2663,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2795,6 +2814,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * \retval PSA_ERROR_COMMUNICATION_FAILURE * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_generator_import_key(psa_key_slot_t key, psa_key_type_t type, @@ -2868,6 +2888,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, psa_key_slot_t key, @@ -2957,6 +2978,7 @@ typedef struct { * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 01dbf3c3a..8aa3145bd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -347,6 +347,8 @@ static psa_status_t mbedtls_to_psa_error( int ret ) static psa_status_t psa_get_key_slot( psa_key_slot_t key, key_slot_t **p_slot ) { + GUARD_MODULE_INITIALIZED; + /* 0 is not a valid slot number under any circumstance. This * implementation provides slots number 1 to N where N is the * number of available slots. */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 202bd420f..b4c276377 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1181,3 +1181,6 @@ generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE PSA validate module initialization: random validate_module_init_generate_random: + +PSA validate module initialization: key based +validate_module_init_key_based: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e4a776ac0..2b1a946ec 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3461,3 +3461,13 @@ void validate_module_init_generate_random( ) TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); } /* END_CASE */ + +/* BEGIN_CASE */ +void validate_module_init_key_based( ) +{ + psa_status_t status; + uint8_t data[10] = { 0 }; + status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); + TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); +} +/* END_CASE */ From 1861709e5cb389f548515103ab8938c7517677c6 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Sun, 16 Sep 2018 12:22:41 +0300 Subject: [PATCH 0481/2197] Add documentation describing behavior of not calling psa_crypto_init --- include/psa/crypto.h | 77 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 92d394d5a..d976d7b18 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -323,6 +323,14 @@ typedef int32_t psa_status_t; * Applications may call this function more than once. Once a call * succeeds, subsequent calls are guaranteed to succeed. * + * If the application calls other functions before calling psa_crypto_init(), + * the behavior is undefined. Implementations are encouraged to either perform + * the operation as if the library had been initialized or to return + * #PSA_ERROR_BAD_STATE or some other applicable error. In particular, + * implementations should not return a success status if the lack of + * initialization may have security implications, for example due to improper + * seeding of the random number generator. + * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -1105,6 +1113,9 @@ typedef uint32_t psa_algorithm_t; * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type, @@ -1144,6 +1155,9 @@ psa_status_t psa_import_key(psa_key_slot_t key, * a communication failure occurred. The cryptoprocessor may have * been compromised. * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_destroy_key(psa_key_slot_t key); @@ -1165,6 +1179,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, @@ -1260,6 +1277,9 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data, @@ -1359,6 +1379,9 @@ psa_status_t psa_export_key(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data, @@ -1497,6 +1520,9 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy); @@ -1511,6 +1537,9 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy); @@ -1555,6 +1584,9 @@ typedef uint32_t psa_key_lifetime_t; * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t *lifetime); @@ -1583,6 +1615,9 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime); @@ -1858,6 +1893,9 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_slot_t key, @@ -1907,6 +1945,9 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, psa_key_slot_t key, @@ -2104,6 +2145,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, @@ -2154,6 +2198,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, psa_key_slot_t key, @@ -2398,6 +2445,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_encrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2452,6 +2502,9 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_decrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2516,6 +2569,9 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key, * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, @@ -2556,6 +2612,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, @@ -2611,6 +2670,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2664,6 +2726,9 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_INVALID_PADDING * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, psa_algorithm_t alg, @@ -2815,6 +2880,9 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_generator_import_key(psa_key_slot_t key, psa_key_type_t type, @@ -2889,6 +2957,9 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, psa_key_slot_t key, @@ -2924,6 +2995,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_generate_random(uint8_t *output, size_t output_size); @@ -2979,6 +3053,9 @@ typedef struct { * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, From 81ba4abb02936516da93c9ec05a74d3748efb055 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:02:08 +0200 Subject: [PATCH 0482/2197] Fix bad algorithm and key type values in some tests --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 01be797ab..c60b2fcec 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5,16 +5,16 @@ PSA fill 250 slots fill_slots:250 PSA import/export raw: 0 bytes -import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 +import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export AES-128 depends_on:MBEDTLS_AES_C From acec7b6fa11ff0f48cf6ba4e3226e1620fa5a545 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 Sep 2018 20:34:11 +0200 Subject: [PATCH 0483/2197] exercise_export_key: fix public key case Public keys are always exportable, even if their usage doesn't include the EXPORT flag. --- tests/suites/test_suite_psa_crypto.function | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2b1a946ec..81ddee003 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -692,14 +692,16 @@ static int exercise_export_key( psa_key_slot_t slot, size_t exported_length = 0; int ok = 0; - if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 ) + TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS ); + + if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && + ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) { TEST_ASSERT( psa_export_key( slot, NULL, 0, &exported_length ) == PSA_ERROR_NOT_PERMITTED ); return( 1 ); } - TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS ); exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); exported = mbedtls_calloc( 1, exported_size ); TEST_ASSERT( exported != NULL ); From 821adfe51c7f855aada178b33f012cbdda40bfff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 Sep 2018 20:34:46 +0200 Subject: [PATCH 0484/2197] Add exercise tests for RSA public keys and for PSS --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b4c276377..74fc26b7e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -690,6 +690,18 @@ PSA import/exercise RSA keypair, PKCS#1 v1.5 raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW +PSA import/exercise RSA keypair, PSS-SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) + +PSA import/exercise RSA public key, PKCS#1 v1.5 raw +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW + +PSA import/exercise RSA public key, PSS-SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) + PSA import/exercise: ECP SECP256R1 keypair, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY From ef12c63de0611099b7fe70e564c6806289a27523 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 Sep 2018 20:37:48 +0200 Subject: [PATCH 0485/2197] RSA verification: don't report an invalid padding error Mbed TLS distinguishes "invalid padding" from "valid padding but the rest of the signature is invalid". This has little use in practice and PSA doesn't report this distinction. We just report "invalid signature". --- library/psa_crypto.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8aa3145bd..0100441ac 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1959,6 +1959,12 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, { return( PSA_ERROR_INVALID_ARGUMENT ); } + + /* Mbed TLS distinguishes "invalid padding" from "valid padding but + * the rest of the signature is invalid". This has little use in + * practice and PSA doesn't report this distinction. */ + if( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) + return( PSA_ERROR_INVALID_SIGNATURE ); return( mbedtls_to_psa_error( ret ) ); } #endif /* MBEDTLS_RSA_C */ From daea26f70fcb66788f1f3ca2f6d9e13445389596 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:02:45 +0200 Subject: [PATCH 0486/2197] Correct and simplify block-based cipher modes OFB and CFB are streaming modes. XTS is a not a cipher mode but it doesn't use a separate padding step. This leaves only CBC as a block cipher mode that needs a padding step. Since CBC is the only mode that uses a separate padding step, and is likely to remain the only mode in the future, encode the padding mode directly in the algorithm constant, rather than building up an algorithm value from a chaining mode and a padding mode. This greatly simplifies the interface as well as some parts of the implementation. --- include/psa/crypto.h | 107 ++++++++++-------------- library/psa_crypto.c | 96 +++++++++------------ programs/psa/crypto_examples.c | 6 +- scripts/generate_psa_constants.py | 43 +--------- tests/suites/test_suite_psa_crypto.data | 82 +++++++++--------- 5 files changed, 132 insertions(+), 202 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c3899bfe7..1c68304a6 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -767,65 +767,8 @@ typedef uint32_t psa_algorithm_t; (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) -#define PSA_ALG_CIPHER_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000) -#define PSA_ALG_BLOCK_CIPHER_MODE_MASK ((psa_algorithm_t)0x000000ff) -#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK ((psa_algorithm_t)0x003f0000) - -/** Use a block cipher mode without padding. - * - * This padding mode may only be used with messages whose lengths are a - * whole number of blocks for the chosen block cipher. - */ -#define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000) - -#define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ((psa_algorithm_t)0x00010000) - -/** Whether the specified algorithm is a block cipher. - * - * A block cipher is a symmetric cipher that encrypts or decrypts messages - * by chopping them into fixed-size blocks. Processing a message requires - * applying a _padding mode_ to transform the message into one whose - * length is a whole number of blocks. To construct an algorithm - * identifier for a block cipher, apply a bitwise-or between the block - * cipher mode and the padding mode. For example, CBC with PKCS#7 padding - * is `PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7`. - * - * The transformation applied to each block is determined by the key type. - * For example, to use AES-128-CBC-PKCS7, use the algorithm above with - * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a block cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier or if it is not a symmetric cipher algorithm. - */ -#define PSA_ALG_IS_BLOCK_CIPHER(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ - PSA_ALG_BLOCK_CIPHER_BASE) - -/** The CBC block cipher mode. - */ -#define PSA_ALG_CBC_BASE ((psa_algorithm_t)0x04000001) -#define PSA_ALG_CFB_BASE ((psa_algorithm_t)0x04000002) -#define PSA_ALG_OFB_BASE ((psa_algorithm_t)0x04000003) -#define PSA_ALG_XTS_BASE ((psa_algorithm_t)0x04000004) - -#define PSA_ALG_STREAM_CIPHER_BASE ((psa_algorithm_t)0x04800000) - -/** The CTR stream cipher mode. - * - * CTR is a stream cipher which is built from a block cipher. The - * underlying block cipher is determined by the key type. For example, - * to use AES-128-CTR, use this algorithm with - * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). - */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04800001) - -/** The ARC4 stream cipher algorithm. - */ -#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800002) +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) /** Whether the specified algorithm is a stream cipher. * @@ -840,8 +783,50 @@ typedef uint32_t psa_algorithm_t; * algorithm identifier or if it is not a symmetric cipher algorithm. */ #define PSA_ALG_IS_STREAM_CIPHER(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \ - PSA_ALG_STREAM_CIPHER_BASE) + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + +/** The ARC4 stream cipher algorithm. + */ +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) + +/** The CTR stream cipher mode. + * + * CTR is a stream cipher which is built from a block cipher. + * The underlying block cipher is determined by the key type. + * For example, to use AES-128-CTR, use this algorithm with + * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). + */ +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) + +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) + +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) + +/** The XTS cipher mode. + * + * XTS is a cipher mode which is built from a block cipher. It requires at + * least one full block of input, but beyond this minimum the input + * does not need to be a whole number of blocks. + */ +#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) + +/** The CBC block cipher chaining mode, with no padding. + * + * The underlying block cipher is determined by the key type. + * + * This symmetric cipher mode can only be used with messages whose lengths + * are whole number of blocks for the chosen block cipher. + */ +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) + +/** The CBC block cipher chaining mode with PKCS#7 padding. + * + * The underlying block cipher is determined by the key type. + * + * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. + */ +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) #define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) #define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dfbb6800f..66a6feb3a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1220,28 +1220,26 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) { - if( PSA_ALG_IS_BLOCK_CIPHER( alg ) ) - { - alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - } - switch( alg ) { - case PSA_ALG_STREAM_CIPHER_BASE: + case PSA_ALG_ARC4: mode = MBEDTLS_MODE_STREAM; break; - case PSA_ALG_CBC_BASE: - mode = MBEDTLS_MODE_CBC; - break; - case PSA_ALG_CFB_BASE: - mode = MBEDTLS_MODE_CFB; - break; - case PSA_ALG_OFB_BASE: - mode = MBEDTLS_MODE_OFB; - break; case PSA_ALG_CTR: mode = MBEDTLS_MODE_CTR; break; + case PSA_ALG_CFB: + mode = MBEDTLS_MODE_CFB; + break; + case PSA_ALG_OFB: + mode = MBEDTLS_MODE_OFB; + break; + case PSA_ALG_CBC_NO_PADDING: + mode = MBEDTLS_MODE_CBC; + break; + case PSA_ALG_CBC_PKCS7: + mode = MBEDTLS_MODE_CBC; + break; case PSA_ALG_CCM: mode = MBEDTLS_MODE_CCM; break; @@ -2419,37 +2417,32 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( ( alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_CBC_BASE ) + switch( alg ) { - psa_algorithm_t padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - mbedtls_cipher_padding_t mode; - - switch ( padding_mode ) - { - case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7: - mode = MBEDTLS_PADDING_PKCS7; - break; - case PSA_ALG_BLOCK_CIPHER_PAD_NONE: - mode = MBEDTLS_PADDING_NONE; - break; - default: - psa_cipher_abort( operation ); - return( PSA_ERROR_INVALID_ARGUMENT ); - } - ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode ); - if( ret != 0 ) - { - psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); - } + case PSA_ALG_CBC_NO_PADDING: + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, + MBEDTLS_PADDING_NONE ); + break; + case PSA_ALG_CBC_PKCS7: + ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, + MBEDTLS_PADDING_PKCS7 ); + break; + default: + /* The algorithm doesn't involve padding. */ + ret = 0; + break; + } + if( ret != 0 ) + { + psa_cipher_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); } #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING operation->key_set = 1; - operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ? - PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) : - 1 ); - if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR ) + operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : + PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) ); + if( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG ) { operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ); } @@ -2541,7 +2534,7 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, psa_status_t status; int ret; size_t expected_output_size; - if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) + if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) { /* Take the unprocessed partial block left over from previous * update calls, if any, plus the input to this call. Remove @@ -2590,24 +2583,13 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, status = PSA_ERROR_BAD_STATE; goto error; } + if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT && - PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) + operation->alg == PSA_ALG_CBC_NO_PADDING && + operation->ctx.cipher.unprocessed_len != 0 ) { - psa_algorithm_t padding_mode = - operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - if( operation->ctx.cipher.unprocessed_len >= operation->block_size ) - { - status = PSA_ERROR_TAMPERING_DETECTED; + status = PSA_ERROR_INVALID_ARGUMENT; goto error; - } - if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE ) - { - if( operation->ctx.cipher.unprocessed_len != 0 ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto error; - } - } } cipher_ret = mbedtls_cipher_finish( &operation->ctx.cipher, diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index e8b64f19a..72c41fa79 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -167,8 +167,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) key_bits = 256, part_size = block_size, }; - const psa_algorithm_t alg = PSA_ALG_CBC_BASE | - PSA_ALG_BLOCK_CIPHER_PAD_NONE; + const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; psa_status_t status; size_t output_len = 0; @@ -216,8 +215,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) part_size = 10, }; - const psa_algorithm_t alg = PSA_ALG_CBC_BASE | - PSA_ALG_BLOCK_CIPHER_PAD_PKCS7; + const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; psa_status_t status; size_t output_len = 0; diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 5a5d2e5cf..7ab1c0a93 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -47,34 +47,11 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size, return required_size; } -static void append_padding_mode(char **buffer, size_t buffer_size, - size_t *required_size, - psa_algorithm_t padding_mode) -{ - size_t n; - append(buffer, buffer_size, required_size, " | ", 3); - switch (padding_mode) { - %(padding_mode_cases)s - default: - n = snprintf(*buffer, buffer_size - *required_size, - "0x%%08lx", (unsigned long) padding_mode); - if (n < buffer_size - *required_size) *buffer += n; - *required_size += n; - break; - } -} - static int psa_snprint_algorithm(char *buffer, size_t buffer_size, psa_algorithm_t alg) { size_t required_size = 0; - psa_algorithm_t padding_mode = -1; - psa_algorithm_t alg_without_padding = alg; - if (PSA_ALG_IS_CIPHER(alg) && PSA_ALG_IS_BLOCK_CIPHER(alg)) { - padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK; - } - switch (alg_without_padding) { + switch (alg) { %(algorithm_cases)s default: %(algorithm_code)s{ @@ -83,9 +60,6 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } break; } - if (padding_mode != (psa_algorithm_t) -1) { - append_padding_mode(&buffer, buffer_size, &required_size, padding_mode); - } buffer[0] = 0; return required_size; } @@ -125,10 +99,10 @@ key_type_from_curve_template = '''if (%(tester)s(type)) { PSA_KEY_TYPE_GET_CURVE(type)); } else ''' -algorithm_from_hash_template = '''if (%(tester)s(alg_without_padding)) { +algorithm_from_hash_template = '''if (%(tester)s(alg)) { append_with_hash(&buffer, buffer_size, &required_size, "%(builder)s", %(builder_length)s, - PSA_ALG_GET_HASH(alg_without_padding)); + PSA_ALG_GET_HASH(alg)); } else ''' bit_test_template = '''\ @@ -149,7 +123,6 @@ class MacroCollector: self.ecc_curves = set() self.algorithms = set() self.hash_algorithms = set() - self.block_cipher_padding_modes = set() self.algorithms_from_hash = {} self.key_usages = set() @@ -175,11 +148,8 @@ class MacroCollector: self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:] elif name.startswith('PSA_ECC_CURVE_') and not parameter: self.ecc_curves.add(name) - elif name.startswith('PSA_ALG_BLOCK_CIPHER_PAD_') and not parameter: - self.block_cipher_padding_modes.add(name) elif name.startswith('PSA_ALG_') and not parameter: - if name in ['PSA_ALG_BLOCK_CIPHER_BASE', - 'PSA_ALG_ECDSA_BASE', + if name in ['PSA_ALG_ECDSA_BASE', 'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']: # Ad hoc skipping of duplicate names for some numerical values return @@ -250,10 +220,6 @@ class MacroCollector: return '\n '.join(map(self.make_return_case, sorted(self.hash_algorithms))) - def make_padding_mode_cases(self): - return '\n '.join(map(self.make_inner_append_case, - sorted(self.block_cipher_padding_modes))) - def make_algorithm_cases(self): return '\n '.join(map(self.make_append_case, sorted(self.algorithms))) @@ -279,7 +245,6 @@ class MacroCollector: data['key_type_cases'] = self.make_key_type_cases() data['key_type_code'] = self.make_key_type_code() data['hash_algorithm_cases'] = self.make_hash_algorithm_cases() - data['padding_mode_cases'] = self.make_padding_mode_cases() data['algorithm_cases'] = self.make_algorithm_cases() data['algorithm_code'] = self.make_algorithm_code() data['key_usage_code'] = self.make_key_usage_code() diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c60b2fcec..94e8d5bd8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -114,7 +114,7 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5 PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:0:PSA_ERROR_INVALID_ARGUMENT +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:128:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -183,7 +183,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy set and get -key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE +key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING PSA key policy: MAC, sign | verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -211,7 +211,7 @@ cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ PSA key policy: cipher, wrong algorithm depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC -cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE +cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_NO_PADDING PSA key policy: cipher, encrypt but not decrypt depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR @@ -343,7 +343,7 @@ mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f1011121314151617181 PSA MAC setup: bad algorithm (not a MAC algorithm) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_ERROR_INVALID_ARGUMENT +mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT PSA MAC setup: invalid key type, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -482,127 +482,127 @@ cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PS PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS PSA symmetric encrypt: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encrypt: AES-CTR, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" +cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA symmetric encrypt/decrypt: AES-CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" +cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 +cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 +cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C @@ -1068,15 +1068,15 @@ derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key derivation: HKDF SHA-256, exercise DES-CBC depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -1137,15 +1137,15 @@ generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA generate key: DES, 64 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: DES, 128 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: DES, 192 bits, CBC-nopad depends_on:MBEDTLS_DES_C -generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: invalid key size: AES, 64 bits depends_on:MBEDTLS_AES_C From 44fed61e01486435d7c4e2248739e581fd1dd83e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 18:20:20 +0200 Subject: [PATCH 0487/2197] Create infrastructure for metadata validation unit tests --- crypto/tests/Makefile | 3 +++ scripts/mbed_crypto.make | 2 ++ .../suites/test_suite_psa_crypto_metadata.data | 0 .../test_suite_psa_crypto_metadata.function | 18 ++++++++++++++++++ 4 files changed, 23 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_metadata.data create mode 100644 tests/suites/test_suite_psa_crypto_metadata.function diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile index 3315a6eca..2de5ffa7a 100644 --- a/crypto/tests/Makefile +++ b/crypto/tests/Makefile @@ -15,10 +15,12 @@ PYTHON ?= python APPS := \ test_suite_psa_crypto \ + test_suite_psa_crypto_metadata \ # Don't delete this line. # Look up for associated function files func.test_suite_psa_crypto := test_suite_psa_crypto +func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata .SILENT: @@ -52,6 +54,7 @@ clean: rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write test: $(APPS) + ./test_suite_psa_crypto_metadata ./test_suite_psa_crypto # Create separate targets for generating embedded tests. diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index f06bdfba2..5da57084d 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -150,6 +150,8 @@ TEST_FILES := \ tests/suites/target_test.function \ tests/suites/test_suite_psa_crypto.data \ tests/suites/test_suite_psa_crypto.function \ + tests/suites/test_suite_psa_crypto_metadata.data \ + tests/suites/test_suite_psa_crypto_metadata.function \ # Don't delete this line. OTHER_FILES := \ diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data new file mode 100644 index 000000000..e69de29bb diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function new file mode 100644 index 000000000..51f7a5ef5 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -0,0 +1,18 @@ +/* BEGIN_HEADER */ +/* Test macros that provide metadata about algorithms and key types. + * This test suite only contains tests that don't require executing + * code. Other test suites validate macros that require creating a key + * and using it. */ + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif + +#include "psa/crypto.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ From 583b55d97d4e263df379aea04be1f18f623caef3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:21:32 +0200 Subject: [PATCH 0488/2197] Add PSA_KEY_TYPE_IS_DSA to go with PSA_KEY_TYPE_IS_RSA Also move PSA_KEY_TYPE_IS_RSA to a more logical location. --- include/psa/crypto.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1c68304a6..439ca52b2 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -416,9 +416,6 @@ typedef uint32_t psa_key_type_t; */ #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) -/** Whether a key type is an RSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) /** Raw data. * @@ -475,11 +472,17 @@ typedef uint32_t psa_key_type_t; #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) /** RSA key pair (private and public key). */ #define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000) +/** Whether a key type is an RSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_RSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) /** DSA public key. */ #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) /** DSA key pair (private and public key). */ #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) +/** Whether a key type is an DSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_DSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000) From 70ce2c6170a2eb46f56854e520c8ef3de55df82b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:21:57 +0200 Subject: [PATCH 0489/2197] FFDHE groups are not elliptic curves TLS now defines named curves in the "TLS Supported Groups registry", but we're using the encoding only for elliptic curves, so don't include values that aren't named curve. While we're at it, upgrade the reference to the shiny new RFC 8422. --- include/psa/crypto.h | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 439ca52b2..ff299362e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -517,7 +517,7 @@ typedef uint16_t psa_ecc_curve_t; * TLS Supported Groups Registry (formerly known as the * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */ + * The values are defined by RFC 8422 and RFC 7027. */ #define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) #define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) #define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) @@ -548,11 +548,6 @@ typedef uint16_t psa_ecc_curve_t; #define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) -#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100) -#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101) -#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102) -#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103) -#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104) /** The block size of a block cipher. * From 9df2dc87ab9b50633345068aba36b9aa71ecda65 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:24:17 +0200 Subject: [PATCH 0490/2197] Fix name of PSA_ALG_IS_BLOCK_CIPHER_MAC The macro was used under the name PSA_ALG_IS_BLOCK_CIPHER_MAC but defined as PSA_ALG_IS_CIPHER_MAC. That wouldn't have worked if we used this macro (we currently don't but it may become useful). --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ff299362e..ab9bb8e66 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -761,7 +761,7 @@ typedef uint32_t psa_algorithm_t; * This macro may return either 0 or 1 if \p alg is not a supported * algorithm identifier. */ -#define PSA_ALG_IS_CIPHER_MAC(alg) \ +#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) From 00709fafb80ea8a8ab3963a0880e5585257d7339 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:25:41 +0200 Subject: [PATCH 0491/2197] Rename PSA_ALG_HMAC_HASH to PSA_ALG_HMAC_GET_HASH Be consistent with other GET_HASH macros. --- include/psa/crypto.h | 32 ++++++++++++++++---------------- include/psa/crypto_sizes.h | 2 +- library/psa_crypto.c | 4 ++-- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ab9bb8e66..276eb238d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -731,7 +731,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_HMAC(hash_alg) \ (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_HMAC_HASH(hmac_alg) \ +#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is an HMAC algorithm. @@ -1590,21 +1590,21 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; */ #define PSA_HASH_SIZE(alg) \ ( \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ - PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ 0) /** Start a multipart hash operation. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index c42375beb..988c43f5a 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -160,7 +160,7 @@ * with the algorithm. */ #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ - (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \ + (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ 0) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 66a6feb3a..91c14bb03 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1549,7 +1549,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HMAC( alg ) ) { - psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg ); + psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg ); if( hash_alg == 0 ) { status = PSA_ERROR_NOT_SUPPORTED; @@ -3253,7 +3253,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, psa_status_t status; status = psa_hmac_setup_internal( &hkdf->hmac, salt, salt_length, - PSA_ALG_HMAC_HASH( hash_alg ) ); + PSA_ALG_HMAC_GET_HASH( hash_alg ) ); if( status != PSA_SUCCESS ) return( status ); status = psa_hash_update( &hkdf->hmac.hash_ctx, From 35fe2034c1d6089217bb91f8c4da2f9afbb88d4d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:26:02 +0200 Subject: [PATCH 0492/2197] PSA_MAC_FINAL_SIZE: we don't use key_bits at the moment None of the currently defined MAC algorithms have a MAC size that depends on the key size, so the key_bits parameter is unused. The key_type parameter may be unused on an implementation where there is no block cipher MAC. Declare the key_type and key_bits parameters as used so that callers who define a variable just for this don't risk getting "unused variable" warnings. --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 988c43f5a..4aa7cd89e 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -162,7 +162,7 @@ #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ - 0) + ((void)(key_type), (void)(key_bits), 0)) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * From 17351eb7f26facc20aff5ddf03521961988bfc08 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:36:36 +0200 Subject: [PATCH 0493/2197] Algorithm validation tests For all algorithms, validate feature test macros (PSA_ALG_IS_xxx). For hash algorithms, validate the exact hash size, and validate xxx_GET_HASH macros on dependent algorithms. For MAC algorithms, validate the MAC size. For AEAD algorithms, validate the tag size. There is a separate test case for each HMAC algorithm, which is necessary because each has its own MAC size. For other hash-dependent algorithms, there is no interesting variation to test here, so only one hash gets tested. --- .../test_suite_psa_crypto_metadata.data | 183 ++++++++++++++ .../test_suite_psa_crypto_metadata.function | 232 ++++++++++++++++++ 2 files changed, 415 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index e69de29bb..d1a5986d8 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -0,0 +1,183 @@ +Hash: MD2 +hash_algorithm:PSA_ALG_MD2:16 + +Hash: MD4 +hash_algorithm:PSA_ALG_MD4:16 + +Hash: MD5 +hash_algorithm:PSA_ALG_MD5:16 + +Hash: RIPEMD160 +hash_algorithm:PSA_ALG_RIPEMD160:20 + +Hash: SHA-1 +hash_algorithm:PSA_ALG_SHA_1:20 + +Hash: SHA-2 SHA-224 +hash_algorithm:PSA_ALG_SHA_224:28 + +Hash: SHA-2 SHA-256 +hash_algorithm:PSA_ALG_SHA_256:32 + +Hash: SHA-2 SHA-384 +hash_algorithm:PSA_ALG_SHA_384:48 + +Hash: SHA-2 SHA-512 +hash_algorithm:PSA_ALG_SHA_512:64 + +Hash: SHA-2 SHA-512/224 +hash_algorithm:PSA_ALG_SHA_512_224:28 + +Hash: SHA-2 SHA-512/256 +hash_algorithm:PSA_ALG_SHA_512_256:32 + +Hash: SHA-3 SHA3-224 +hash_algorithm:PSA_ALG_SHA3_224:28 + +Hash: SHA-3 SHA3-256 +hash_algorithm:PSA_ALG_SHA3_256:32 + +Hash: SHA-3 SHA3-384 +hash_algorithm:PSA_ALG_SHA3_384:48 + +Hash: SHA-3 SHA3-512 +hash_algorithm:PSA_ALG_SHA3_512:64 + +MAC: HMAC-MD2 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 + +MAC: HMAC-MD4 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 + +MAC: HMAC-MD5 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 + +MAC: HMAC-RIPEMD160 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160 + +MAC: HMAC-SHA-1 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160 + +MAC: HMAC-SHA-224 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 + +MAC: HMAC-SHA-256 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 + +MAC: HMAC-SHA-384 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384 + +MAC: HMAC-SHA-512 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512 + +MAC: HMAC-SHA-512/224 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 + +MAC: HMAC-SHA-512/256 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 + +MAC: HMAC-SHA3-224 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 + +MAC: HMAC-SHA3-256 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 + +MAC: HMAC-SHA3-384 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384 + +MAC: HMAC-SHA3-512 +mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512 + +MAC: CBC_MAC-AES-128 +mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 + +MAC: CBC_MAC-AES-192 +mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 + +MAC: CBC_MAC-AES-256 +mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 + +MAC: CBC_MAC-3DES +mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 + +MAC: CMAC-AES-128 +mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 + +MAC: CMAC-AES-192 +mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 + +MAC: CMAC-AES-256 +mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 + +MAC: CMAC-3DES +mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 + +MAC: GMAC-AES-128 +mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 + +MAC: GMAC-AES-192 +mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 + +MAC: GMAC-AES-256 +mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 + +Cipher: ARC4 +cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER + +Cipher: CTR +cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER + +Cipher: CFB +cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER + +Cipher: OFB +cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER + +Cipher: CBC-nopad +cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0 + +Cipher: CBC-PKCS#7 +cipher_algorithm:PSA_ALG_CBC_PKCS7:0 + +Cipher: XTS +cipher_algorithm:PSA_ALG_XTS:0 + +AEAD: CCM +aead_algorithm:PSA_ALG_CCM:0:16 + +AEAD: GCM +aead_algorithm:PSA_ALG_GCM:0:16 + +Asymmetric signature: RSA PKCS#1 v1.5 raw +asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN + +Asymmetric signature: RSA PKCS#1 v1.5 SHA-256 +asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN + +Asymmetric signature: RSA PSS SHA-256 +asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS + +Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256 +asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA + +Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 +asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC + +Asymmetric signature: randomized ECDSA (no hashing) +asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA + +Asymmetric signature: SHA-256 + randomized ECDSA +asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA + +Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 +asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC + +Asymmetric encryption: RSA PKCS#1 v1.5 +asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0 + +Asymmetric encryption: RSA OAEP using SHA-256 +asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP + +Key derivation: HKDF using SHA-256 +key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF + diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 51f7a5ef5..d25aace10 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -10,9 +10,241 @@ #include "psa/crypto.h" +/* Flags for algorithm classification macros. There is a flag for every + * algorithm classification macro PSA_ALG_IS_xxx except for the + * category test macros, which are hard-coded in each + * category-specific function. The name of the flag is the name of the + * classification macro without the PSA_ prefix. */ +#define ALG_IS_VENDOR_DEFINED ( 1u << 0 ) +#define ALG_IS_HMAC ( 1u << 1 ) +#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 ) +#define ALG_IS_STREAM_CIPHER ( 1u << 3 ) +#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 ) +#define ALG_IS_RSA_PSS ( 1u << 5 ) +#define ALG_IS_DSA ( 1u << 6 ) +#define ALG_DSA_IS_DETERMINISTIC ( 1u << 7 ) +#define ALG_IS_DETERMINISTIC_DSA ( 1u << 8 ) +#define ALG_IS_RANDOMIZED_DSA ( 1u << 9 ) +#define ALG_IS_ECDSA ( 1u << 10 ) +#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 ) +#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 ) +#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 ) +#define ALG_IS_RSA_OAEP ( 1u << 14 ) +#define ALG_IS_HKDF ( 1u << 15 ) + +#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ + TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) + +void algorithm_classification( psa_algorithm_t alg, unsigned flags ) +{ + TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags ); + if ( PSA_ALG_IS_DSA( alg ) ) + TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags ); + if ( PSA_ALG_IS_ECDSA( alg ) ) + TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags ); +exit: ; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES * depends_on:MBEDTLS_PSA_CRYPTO_C * END_DEPENDENCIES */ + +/* BEGIN_CASE */ +void hash_algorithm( int alg_arg, int length_arg ) +{ + psa_algorithm_t alg = alg_arg; + size_t length = length_arg; + psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg ); + psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg ); + psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg ); + psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg ); + psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg ); + psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg ); + psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg ); + psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg ); + psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg ); + + /* Algorithm classification */ + TEST_ASSERT( PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, 0 ); + + /* Dependent algorithms */ + TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg ); + TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg ); + TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg ); + TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg ); + TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg ); + TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg ); + TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg ); + TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg ); + TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg ); + + /* Hash length and block size */ + TEST_ASSERT( length == PSA_HASH_SIZE( alg ) ); + TEST_ASSERT( length <= PSA_HASH_MAX_SIZE ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mac_algorithm( int alg_arg, int classification_flags, + int length_arg, + int key_type_arg, int key_bits_arg ) +{ + psa_algorithm_t alg = alg_arg; + size_t length = length_arg; + size_t key_type = key_type_arg; + size_t key_bits = key_bits_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); + + /* Length */ + TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) ); + TEST_ASSERT( length <= PSA_MAC_MAX_SIZE ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_algorithm( int alg_arg, int classification_flags ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void aead_algorithm( int alg_arg, int classification_flags, + int tag_length_arg ) +{ + psa_algorithm_t alg = alg_arg; + size_t tag_length = tag_length_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); + + /* Tag length */ + TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_agreement_algorithm( int alg_arg, int classification_flags ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_derivation_algorithm( int alg_arg, int classification_flags ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); +} +/* END_CASE */ + From 49cd3299089843bb16485e938a928393c6c3dfba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Aug 2018 18:43:09 +0200 Subject: [PATCH 0494/2197] Key type validation tests For all key types, validate feature test macros (PSA_KEY_TYPE_IS_xxx). For asymmetric keys (public key or key pair), validate the corresponding public/pair type. For ECC keys, validate GET_CURVE. --- .../test_suite_psa_crypto_metadata.data | 122 ++++++++++++++++++ .../test_suite_psa_crypto_metadata.function | 81 ++++++++++++ 2 files changed, 203 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index d1a5986d8..714d094f2 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -181,3 +181,125 @@ asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_O Key derivation: HKDF using SHA-256 key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF +Key type: raw data +key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED + +Key type: HMAC +key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED + +Key type: secret for key derivation +key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED + +Key type: AES +key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED + +Key type: DES +key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED + +Key type: Camellia +key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED + +Key type: ARC4 +key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED + +Key type: RSA public key +key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA + +Key type: RSA key pair +key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA + +Key type: DSA public key +key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA + +Key type: DSA key pair +key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA + +ECC key types: sect163k1 +ecc_key_types:PSA_ECC_CURVE_SECT163K1 + +ECC key types: sect163r1 +ecc_key_types:PSA_ECC_CURVE_SECT163R1 + +ECC key types: sect163r2 +ecc_key_types:PSA_ECC_CURVE_SECT163R2 + +ECC key types: sect193r1 +ecc_key_types:PSA_ECC_CURVE_SECT193R1 + +ECC key types: sect193r2 +ecc_key_types:PSA_ECC_CURVE_SECT193R2 + +ECC key types: sect233k1 +ecc_key_types:PSA_ECC_CURVE_SECT233K1 + +ECC key types: sect233r1 +ecc_key_types:PSA_ECC_CURVE_SECT233R1 + +ECC key types: sect239k1 +ecc_key_types:PSA_ECC_CURVE_SECT239K1 + +ECC key types: sect283k1 +ecc_key_types:PSA_ECC_CURVE_SECT283K1 + +ECC key types: sect283r1 +ecc_key_types:PSA_ECC_CURVE_SECT283R1 + +ECC key types: sect409k1 +ecc_key_types:PSA_ECC_CURVE_SECT409K1 + +ECC key types: sect409r1 +ecc_key_types:PSA_ECC_CURVE_SECT409R1 + +ECC key types: sect571k1 +ecc_key_types:PSA_ECC_CURVE_SECT571K1 + +ECC key types: sect571r1 +ecc_key_types:PSA_ECC_CURVE_SECT571R1 + +ECC key types: secp160k1 +ecc_key_types:PSA_ECC_CURVE_SECP160K1 + +ECC key types: secp160r1 +ecc_key_types:PSA_ECC_CURVE_SECP160R1 + +ECC key types: secp160r2 +ecc_key_types:PSA_ECC_CURVE_SECP160R2 + +ECC key types: secp192k1 +ecc_key_types:PSA_ECC_CURVE_SECP192K1 + +ECC key types: secp192r1 +ecc_key_types:PSA_ECC_CURVE_SECP192R1 + +ECC key types: secp224k1 +ecc_key_types:PSA_ECC_CURVE_SECP224K1 + +ECC key types: secp224r1 +ecc_key_types:PSA_ECC_CURVE_SECP224R1 + +ECC key types: secp256k1 +ecc_key_types:PSA_ECC_CURVE_SECP256K1 + +ECC key types: secp256r1 +ecc_key_types:PSA_ECC_CURVE_SECP256R1 + +ECC key types: secp384r1 +ecc_key_types:PSA_ECC_CURVE_SECP384R1 + +ECC key types: secp521r1 +ecc_key_types:PSA_ECC_CURVE_SECP521R1 + +ECC key types: Brainpool P256R1 +ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1 + +ECC key types: Brainpool P384R1 +ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1 + +ECC key types: Brainpool P512R1 +ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1 + +ECC key types: Curve25519 +ecc_key_types:PSA_ECC_CURVE_CURVE25519 + +ECC key types: Curve448 +ecc_key_types:PSA_ECC_CURVE_CURVE448 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index d25aace10..0b8fba075 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -32,6 +32,18 @@ #define ALG_IS_RSA_OAEP ( 1u << 14 ) #define ALG_IS_HKDF ( 1u << 15 ) +/* Flags for key type classification macros. There is a flag for every + * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that + * are tested as derived from other macros. The name of the flag is + * the name of the classification macro without the PSA_ prefix. */ +#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 ) +#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 ) +#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 ) +#define KEY_TYPE_IS_KEYPAIR ( 1u << 3 ) +#define KEY_TYPE_IS_RSA ( 1u << 4 ) +#define KEY_TYPE_IS_DSA ( 1u << 5 ) +#define KEY_TYPE_IS_ECC ( 1u << 6 ) + #define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) @@ -58,6 +70,30 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) exit: ; } +void key_type_classification( psa_key_type_t type, unsigned flags ) +{ + /* Macros tested based on the test case parameter */ + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags ); + + /* Macros with derived semantics */ + TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) == + ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) || + PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) == + ( PSA_KEY_TYPE_IS_ECC( type ) && + PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) == + ( PSA_KEY_TYPE_IS_ECC( type ) && + PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); + +exit: ; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -248,3 +284,48 @@ void key_derivation_algorithm( int alg_arg, int classification_flags ) } /* END_CASE */ +/* BEGIN_CASE */ +void key_type( int type_arg, int classification_flags ) +{ + psa_key_type_t type = type_arg; + + key_type_classification( type, classification_flags ); + + /* For asymmetric types, check the corresponding pair/public type */ + if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY ) + { + psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ); + TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type ); + key_type_classification( pair_type, + ( classification_flags + & ~KEY_TYPE_IS_PUBLIC_KEY ) + | KEY_TYPE_IS_KEYPAIR ); + TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type ); + } + if( classification_flags & KEY_TYPE_IS_KEYPAIR ) + { + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); + TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type ); + key_type_classification( public_type, + ( classification_flags + & ~KEY_TYPE_IS_KEYPAIR ) + | KEY_TYPE_IS_PUBLIC_KEY ); + TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type ); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecc_key_types( int curve_arg ) +{ + psa_ecc_curve_t curve = curve_arg; + psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); + psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve ); + + test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY ); + test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR ); + + TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve ); + TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve ); +} +/* END_CASE */ From d9c8260f23527d896945fd73e94775198b6f8e19 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Sep 2018 13:58:36 +0200 Subject: [PATCH 0495/2197] Add dependencies to metadata validation tests If some algorithms are excluded in the build, it's ok for the corresponding macros not to give the correct results. Therefore the corresponding test cases should depend on the implementation of the algorithm. For example, it's ok for PSA_HASH_MAX_SIZE to be less than PSA_HASH_SIZE(PSA_ALG_SHA_512) if we build without SHA-512 support, and we indeed do this. It's even ok for an implementation to return 0 for PSA_ALG_IS_HASH(PSA_ALG_SHA_512) if it doesn't support SHA-512; we return 1 anyway but the tests are less implementation-specific if we don't enforce it. This commit adds dependencies on symbols that don't exist in Mbed TLS, for algorithms that Mbed TLS doesn't implement. These are: MBEDTLS_SHA512_256 for SHA-512/256, MBEDTLS_SHA3_C for SHA-3, MBEDTLS_DSA_C and MBEDTLS_DSA_DETERMINISTIC for DSA, and MBEDTLS_ECP_DP_xxx_ENABLED for elliptic curves that have a PSA encoding but are not supported in Mbed TLS. --- .../test_suite_psa_crypto_metadata.data | 99 +++++++++++++++++++ 1 file changed, 99 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 714d094f2..552e83160 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -1,184 +1,245 @@ Hash: MD2 +depends_on:MBEDTLS_MD2_C hash_algorithm:PSA_ALG_MD2:16 Hash: MD4 +depends_on:MBEDTLS_MD4_C hash_algorithm:PSA_ALG_MD4:16 Hash: MD5 +depends_on:MBEDTLS_MD5_C hash_algorithm:PSA_ALG_MD5:16 Hash: RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C hash_algorithm:PSA_ALG_RIPEMD160:20 Hash: SHA-1 +depends_on:MBEDTLS_SHA1_C hash_algorithm:PSA_ALG_SHA_1:20 Hash: SHA-2 SHA-224 +depends_on:MBEDTLS_SHA256_C hash_algorithm:PSA_ALG_SHA_224:28 Hash: SHA-2 SHA-256 +depends_on:MBEDTLS_SHA256_C hash_algorithm:PSA_ALG_SHA_256:32 Hash: SHA-2 SHA-384 +depends_on:MBEDTLS_SHA512_C hash_algorithm:PSA_ALG_SHA_384:48 Hash: SHA-2 SHA-512 +depends_on:MBEDTLS_SHA512_C hash_algorithm:PSA_ALG_SHA_512:64 Hash: SHA-2 SHA-512/224 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256 hash_algorithm:PSA_ALG_SHA_512_224:28 Hash: SHA-2 SHA-512/256 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256 hash_algorithm:PSA_ALG_SHA_512_256:32 Hash: SHA-3 SHA3-224 +depends_on:MBEDTLS_SHA3_C hash_algorithm:PSA_ALG_SHA3_224:28 Hash: SHA-3 SHA3-256 +depends_on:MBEDTLS_SHA3_C hash_algorithm:PSA_ALG_SHA3_256:32 Hash: SHA-3 SHA3-384 +depends_on:MBEDTLS_SHA3_C hash_algorithm:PSA_ALG_SHA3_384:48 Hash: SHA-3 SHA3-512 +depends_on:MBEDTLS_SHA3_C hash_algorithm:PSA_ALG_SHA3_512:64 MAC: HMAC-MD2 +depends_on:MBEDTLS_MD2_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 MAC: HMAC-MD4 +depends_on:MBEDTLS_MD4_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 MAC: HMAC-MD5 +depends_on:MBEDTLS_MD5_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 MAC: HMAC-RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160 MAC: HMAC-SHA-1 +depends_on:MBEDTLS_SHA1_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160 MAC: HMAC-SHA-224 +depends_on:MBEDTLS_SHA256_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 MAC: HMAC-SHA-256 +depends_on:MBEDTLS_SHA256_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 MAC: HMAC-SHA-384 +depends_on:MBEDTLS_SHA512_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384 MAC: HMAC-SHA-512 +depends_on:MBEDTLS_SHA512_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512 MAC: HMAC-SHA-512/224 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 MAC: HMAC-SHA-512/256 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 MAC: HMAC-SHA3-224 +depends_on:MBEDTLS_SHA3_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 MAC: HMAC-SHA3-256 +depends_on:MBEDTLS_SHA3_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 MAC: HMAC-SHA3-384 +depends_on:MBEDTLS_SHA3_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384 MAC: HMAC-SHA3-512 +depends_on:MBEDTLS_SHA3_C mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512 MAC: CBC_MAC-AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 MAC: CBC_MAC-AES-192 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 MAC: CBC_MAC-AES-256 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 MAC: CBC_MAC-3DES +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 MAC: CMAC-AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 MAC: CMAC-AES-192 +depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 MAC: CMAC-AES-256 +depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 MAC: CMAC-3DES +depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 MAC: GMAC-AES-128 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 MAC: GMAC-AES-192 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 MAC: GMAC-AES-256 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 Cipher: ARC4 +depends_on:MBEDTLS_ARC4_C cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER Cipher: CTR +depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER Cipher: CFB +depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER Cipher: OFB +depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER Cipher: CBC-nopad +depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0 Cipher: CBC-PKCS#7 +depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_algorithm:PSA_ALG_CBC_PKCS7:0 Cipher: XTS +depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS cipher_algorithm:PSA_ALG_XTS:0 AEAD: CCM +depends_on:MBEDTLS_CCM_C aead_algorithm:PSA_ALG_CCM:0:16 AEAD: GCM +depends_on:MBEDTLS_GCM_C aead_algorithm:PSA_ALG_GCM:0:16 Asymmetric signature: RSA PKCS#1 v1.5 raw +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN Asymmetric signature: RSA PKCS#1 v1.5 SHA-256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN Asymmetric signature: RSA PSS SHA-256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256 +depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 +depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC Asymmetric signature: randomized ECDSA (no hashing) +depends_on:MBEDTLS_ECDSA_C asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA Asymmetric signature: SHA-256 + randomized ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC Asymmetric encryption: RSA PKCS#1 v1.5 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0 Asymmetric encryption: RSA OAEP using SHA-256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP Key derivation: HKDF using SHA-256 +depends_on:MBEDTLS_SHA256_C key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF Key type: raw data @@ -191,115 +252,153 @@ Key type: secret for key derivation key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED Key type: AES +depends_on:MBEDTLS_AES_C key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED Key type: DES +depends_on:MBEDTLS_DES_C key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED Key type: Camellia +depends_on:MBEDTLS_CAMELLIA_C key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED Key type: ARC4 +depends_on:MBEDTLS_ARC4_C key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED Key type: RSA public key +depends_on:MBEDTLS_RSA_C key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA Key type: RSA key pair +depends_on:MBEDTLS_RSA_C key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA Key type: DSA public key +depends_on:MBEDTLS_DSA_C key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA Key type: DSA key pair +depends_on:MBEDTLS_DSA_C key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA ECC key types: sect163k1 +depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT163K1 ECC key types: sect163r1 +depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT163R1 ECC key types: sect163r2 +depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT163R2 ECC key types: sect193r1 +depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT193R1 ECC key types: sect193r2 +depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT193R2 ECC key types: sect233k1 +depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT233K1 ECC key types: sect233r1 +depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT233R1 ECC key types: sect239k1 +depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT239K1 ECC key types: sect283k1 +depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT283K1 ECC key types: sect283r1 +depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT283R1 ECC key types: sect409k1 +depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT409K1 ECC key types: sect409r1 +depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT409R1 ECC key types: sect571k1 +depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT571K1 ECC key types: sect571r1 +depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT571R1 ECC key types: secp160k1 +depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP160K1 ECC key types: secp160r1 +depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP160R1 ECC key types: secp160r2 +depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP160R2 ECC key types: secp192k1 +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP192K1 ECC key types: secp192r1 +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP192R1 ECC key types: secp224k1 +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP224K1 ECC key types: secp224r1 +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP224R1 ECC key types: secp256k1 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP256K1 ECC key types: secp256r1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP256R1 ECC key types: secp384r1 +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP384R1 ECC key types: secp521r1 +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECP521R1 ECC key types: Brainpool P256R1 +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1 ECC key types: Brainpool P384R1 +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1 ECC key types: Brainpool P512R1 +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1 ECC key types: Curve25519 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecc_key_types:PSA_ECC_CURVE_CURVE25519 ECC key types: Curve448 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecc_key_types:PSA_ECC_CURVE_CURVE448 From 3052f53c37a4be1b66fc032cae898097c1f66363 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Sep 2018 14:13:26 +0200 Subject: [PATCH 0496/2197] Add block sizes to HMAC metadata validation tests --- include/psa/crypto_sizes.h | 3 ++ .../test_suite_psa_crypto_metadata.data | 30 +++++++++---------- .../test_suite_psa_crypto_metadata.function | 21 ++++++++++++- 3 files changed, 38 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 4aa7cd89e..edb240be0 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -58,6 +58,9 @@ * should be the maximum size of a hash supported by the implementation, * in bytes, and must be no smaller than this maximum. */ +/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, + * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for + * HMAC-SHA3-512. */ #if defined(MBEDTLS_SHA512_C) #define PSA_HASH_MAX_SIZE 64 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 552e83160..ca42d5b9a 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -60,63 +60,63 @@ hash_algorithm:PSA_ALG_SHA3_512:64 MAC: HMAC-MD2 depends_on:MBEDTLS_MD2_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64 MAC: HMAC-MD4 depends_on:MBEDTLS_MD4_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64 MAC: HMAC-MD5 depends_on:MBEDTLS_MD5_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64 MAC: HMAC-RIPEMD160 depends_on:MBEDTLS_RIPEMD160_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64 MAC: HMAC-SHA-1 depends_on:MBEDTLS_SHA1_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64 MAC: HMAC-SHA-224 depends_on:MBEDTLS_SHA256_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64 MAC: HMAC-SHA-256 depends_on:MBEDTLS_SHA256_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64 MAC: HMAC-SHA-384 depends_on:MBEDTLS_SHA512_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128 MAC: HMAC-SHA-512 depends_on:MBEDTLS_SHA512_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128 MAC: HMAC-SHA-512/224 depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256 -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128 MAC: HMAC-SHA-512/256 depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256 -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128 MAC: HMAC-SHA3-224 depends_on:MBEDTLS_SHA3_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144 MAC: HMAC-SHA3-256 depends_on:MBEDTLS_SHA3_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136 MAC: HMAC-SHA3-384 depends_on:MBEDTLS_SHA3_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104 MAC: HMAC-SHA3-512 depends_on:MBEDTLS_SHA3_C -mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512 +hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72 MAC: CBC_MAC-AES-128 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 0b8fba075..bbd51717f 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -138,7 +138,7 @@ void hash_algorithm( int alg_arg, int length_arg ) TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg ); TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg ); - /* Hash length and block size */ + /* Hash length */ TEST_ASSERT( length == PSA_HASH_SIZE( alg ) ); TEST_ASSERT( length <= PSA_HASH_MAX_SIZE ); } @@ -171,6 +171,25 @@ void mac_algorithm( int alg_arg, int classification_flags, } /* END_CASE */ +/* BEGIN_CASE */ +void hmac_algorithm( int alg_arg, + int length_arg, + int block_size_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg ); + size_t block_size = block_size_arg; + + TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) ); + TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg ); + + TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE ); + + test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg, + PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) ); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_algorithm( int alg_arg, int classification_flags ) { From fa764b161bdd00e5b244e1be6afc6ef0cf35dbbe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Sep 2018 14:19:57 +0200 Subject: [PATCH 0497/2197] Add curve sizes to ECC curve metadata validation tests --- .../test_suite_psa_crypto_metadata.data | 60 +++++++++---------- .../test_suite_psa_crypto_metadata.function | 8 ++- 2 files changed, 37 insertions(+), 31 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index ca42d5b9a..c9df6c74e 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -285,120 +285,120 @@ key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA ECC key types: sect163k1 depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT163K1 +ecc_key_types:PSA_ECC_CURVE_SECT163K1:163 ECC key types: sect163r1 depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT163R1 +ecc_key_types:PSA_ECC_CURVE_SECT163R1:163 ECC key types: sect163r2 depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT163R2 +ecc_key_types:PSA_ECC_CURVE_SECT163R2:163 ECC key types: sect193r1 depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT193R1 +ecc_key_types:PSA_ECC_CURVE_SECT193R1:193 ECC key types: sect193r2 depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT193R2 +ecc_key_types:PSA_ECC_CURVE_SECT193R2:193 ECC key types: sect233k1 depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT233K1 +ecc_key_types:PSA_ECC_CURVE_SECT233K1:233 ECC key types: sect233r1 depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT233R1 +ecc_key_types:PSA_ECC_CURVE_SECT233R1:233 ECC key types: sect239k1 depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT239K1 +ecc_key_types:PSA_ECC_CURVE_SECT239K1:239 ECC key types: sect283k1 depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT283K1 +ecc_key_types:PSA_ECC_CURVE_SECT283K1:283 ECC key types: sect283r1 depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT283R1 +ecc_key_types:PSA_ECC_CURVE_SECT283R1:283 ECC key types: sect409k1 depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT409K1 +ecc_key_types:PSA_ECC_CURVE_SECT409K1:409 ECC key types: sect409r1 depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT409R1 +ecc_key_types:PSA_ECC_CURVE_SECT409R1:409 ECC key types: sect571k1 depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT571K1 +ecc_key_types:PSA_ECC_CURVE_SECT571K1:571 ECC key types: sect571r1 depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT571R1 +ecc_key_types:PSA_ECC_CURVE_SECT571R1:571 ECC key types: secp160k1 depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP160K1 +ecc_key_types:PSA_ECC_CURVE_SECP160K1:160 ECC key types: secp160r1 depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP160R1 +ecc_key_types:PSA_ECC_CURVE_SECP160R1:160 ECC key types: secp160r2 depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP160R2 +ecc_key_types:PSA_ECC_CURVE_SECP160R2:160 ECC key types: secp192k1 depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP192K1 +ecc_key_types:PSA_ECC_CURVE_SECP192K1:192 ECC key types: secp192r1 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP192R1 +ecc_key_types:PSA_ECC_CURVE_SECP192R1:192 ECC key types: secp224k1 depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP224K1 +ecc_key_types:PSA_ECC_CURVE_SECP224K1:224 ECC key types: secp224r1 depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP224R1 +ecc_key_types:PSA_ECC_CURVE_SECP224R1:224 ECC key types: secp256k1 depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP256K1 +ecc_key_types:PSA_ECC_CURVE_SECP256K1:256 ECC key types: secp256r1 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP256R1 +ecc_key_types:PSA_ECC_CURVE_SECP256R1:256 ECC key types: secp384r1 depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP384R1 +ecc_key_types:PSA_ECC_CURVE_SECP384R1:384 ECC key types: secp521r1 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP521R1 +ecc_key_types:PSA_ECC_CURVE_SECP521R1:521 ECC key types: Brainpool P256R1 depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1 +ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256 ECC key types: Brainpool P384R1 depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1 +ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384 ECC key types: Brainpool P512R1 depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1 +ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512 ECC key types: Curve25519 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecc_key_types:PSA_ECC_CURVE_CURVE25519 +ecc_key_types:PSA_ECC_CURVE_CURVE25519:255 ECC key types: Curve448 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED -ecc_key_types:PSA_ECC_CURVE_CURVE448 +ecc_key_types:PSA_ECC_CURVE_CURVE448:448 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index bbd51717f..ca9d5576a 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -335,9 +335,10 @@ void key_type( int type_arg, int classification_flags ) /* END_CASE */ /* BEGIN_CASE */ -void ecc_key_types( int curve_arg ) +void ecc_key_types( int curve_arg, int curve_bits_arg ) { psa_ecc_curve_t curve = curve_arg; + size_t curve_bits = curve_bits_arg; psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve ); @@ -346,5 +347,10 @@ void ecc_key_types( int curve_arg ) TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve ); TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve ); + + /* Validate that the bit size is less than the maximum ECC bit size + * in this implementation. There's no parameter that should be equal + * to curve_bits and can be validated without creating a key. */ + TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); } /* END_CASE */ From 8954d0c274fedb54f416d65255d61fb8b3e909f8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 13:51:25 +0200 Subject: [PATCH 0498/2197] Write documentation for TEST_ASSERT --- tests/suites/helpers.function | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 32b1b790d..ad219ab63 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -69,6 +69,18 @@ typedef struct data_tag /*----------------------------------------------------------------------------*/ /* Macros */ +/** Evaluate an expression and fail the test case if it is false. + * + * Failing the test means: + * - Mark this test case as failed. + * - Print a message identifying the failure. + * - Jump to the \c exit label. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param TEST The expression to evaluate. + */ #define TEST_ASSERT( TEST ) \ do { \ if( ! (TEST) ) \ From b75125c5ff2989f83b59d1259a0603d520783949 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 13:52:16 +0200 Subject: [PATCH 0499/2197] New macro ASSERT_ALLOC to allocate memory in tests The new macro ASSERT_ALLOC allocates memory with mbedtls_calloc and fails the test if the allocation fails. It outputs a null pointer if the requested size is 0. It is meant to replace existing calls to mbedtls_calloc. --- tests/suites/helpers.function | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index ad219ab63..0a4cf8737 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -90,6 +90,37 @@ typedef struct data_tag } \ } while( 0 ) +/** Allocate memory dynamically and fail the test case if this fails. + * + * You must set \p pointer to \c NULL before calling this macro and + * put `mbedtls_free( pointer )` in the test's cleanup code. + * + * If \p size is zero, the resulting \p pointer will be \c NULL. + * This is usually what we want in tests since API functions are + * supposed to accept null pointers when a buffer size is zero. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param size Buffer size to allocate in bytes. + * This expression may be evaluated multiple times. + * + */ +#define ASSERT_ALLOC( pointer, size ) \ + do \ + { \ + TEST_ASSERT( ( pointer ) == NULL ); \ + if( ( size ) != 0 ) \ + { \ + ( pointer ) = mbedtls_calloc( 1, ( size ) ); \ + TEST_ASSERT( ( pointer ) != NULL ); \ + } \ + } \ + while( 0 ) + #define assert(a) if( !( a ) ) \ { \ mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ From 8cebbba7e6509d58a29aecdae7f45361b1372d0d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 13:54:18 +0200 Subject: [PATCH 0500/2197] Use ASSERT_ALLOC instead of mbedtls_calloc in PSA tests This commit resolves a bug whereby some test cases failed on systems where mbedtls_calloc returns NULL when the size of 0, because the test case asserted `pointer != NULL` regardless of the size. --- tests/suites/test_suite_psa_crypto.function | 103 +++++++------------- 1 file changed, 37 insertions(+), 66 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 81ddee003..a55cfc7ac 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -703,8 +703,7 @@ static int exercise_export_key( psa_key_slot_t slot, } exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); - exported = mbedtls_calloc( 1, exported_size ); - TEST_ASSERT( exported != NULL ); + ASSERT_ALLOC( exported, exported_size ); TEST_ASSERT( psa_export_key( slot, exported, exported_size, @@ -737,8 +736,7 @@ static int exercise_export_public_key( psa_key_slot_t slot ) public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ); - exported = mbedtls_calloc( 1, exported_size ); - TEST_ASSERT( exported != NULL ); + ASSERT_ALLOC( exported, exported_size ); TEST_ASSERT( psa_export_public_key( slot, exported, exported_size, @@ -898,13 +896,13 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; size_t buffer_size = /* Slight overapproximations */ keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; - unsigned char *buffer = mbedtls_calloc( 1, buffer_size ); + unsigned char *buffer = NULL; unsigned char *p; int ret; size_t length; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( buffer != NULL ); + ASSERT_ALLOC( buffer, buffer_size ); TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p, bits, keypair ) ) >= 0 ); @@ -950,13 +948,9 @@ void import_export( data_t *data, TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); export_size = (ptrdiff_t) data->len + export_size_delta; - exported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( export_size == 0 || exported != NULL ); + ASSERT_ALLOC( exported, export_size ); if( ! canonical_input ) - { - reexported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( export_size == 0 || reexported != NULL ); - } + ASSERT_ALLOC( reexported, export_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -1054,8 +1048,7 @@ void import_export_public_key( data_t *data, TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); export_size = (ptrdiff_t) data->len; - exported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( exported != NULL ); + ASSERT_ALLOC( exported, export_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1367,8 +1360,7 @@ void asymmetric_encryption_key_policy( int policy_usage, &key_bits ) == PSA_SUCCESS ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, exercise_alg ); - buffer = mbedtls_calloc( 1, buffer_length ); - TEST_ASSERT( buffer != NULL ); + ASSERT_ALLOC( buffer, buffer_length ); status = psa_asymmetric_encrypt( key_slot, exercise_alg, NULL, 0, @@ -1786,8 +1778,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, iv, iv_size ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, input->x, input->len, @@ -1861,8 +1852,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, iv, sizeof( iv ) ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, @@ -1940,8 +1930,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); TEST_ASSERT( psa_cipher_update( &operation, @@ -2020,8 +2009,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, input->x, input->len, @@ -2096,8 +2084,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, &iv_length ) == PSA_SUCCESS ); output1_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output1 = mbedtls_calloc( 1, output1_size ); - TEST_ASSERT( output1 != NULL ); + ASSERT_ALLOC( output1, output1_size ); TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len, output1, output1_size, @@ -2111,8 +2098,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_size = output1_length; - output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( output2 != NULL ); + ASSERT_ALLOC( output2, output2_size ); TEST_ASSERT( psa_cipher_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); @@ -2188,8 +2174,7 @@ void cipher_verify_output_multipart( int alg_arg, &iv_length ) == PSA_SUCCESS ); output1_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output1 = mbedtls_calloc( 1, output1_buffer_size ); - TEST_ASSERT( output1 != NULL ); + ASSERT_ALLOC( output1, output1_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); @@ -2214,8 +2199,7 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_buffer_size = output1_length; - output2 = mbedtls_calloc( 1, output2_buffer_size ); - TEST_ASSERT( output2 != NULL ); + ASSERT_ALLOC( output2, output2_buffer_size ); TEST_ASSERT( psa_cipher_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); @@ -2282,8 +2266,7 @@ void aead_encrypt_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); output_size = input_data->len + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); + ASSERT_ALLOC( output_data, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2306,8 +2289,7 @@ void aead_encrypt_decrypt( int key_type_arg, if( PSA_SUCCESS == expected_result ) { - output_data2 = mbedtls_calloc( 1, output_length ); - TEST_ASSERT( output_data2 != NULL ); + ASSERT_ALLOC( output_data2, output_length ); TEST_ASSERT( psa_aead_decrypt( slot, alg, nonce->x, nonce->len, @@ -2356,8 +2338,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) ); output_size = input_data->len + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); + ASSERT_ALLOC( output_data, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2414,8 +2395,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); output_size = input_data->len + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); + ASSERT_ALLOC( output_data, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2503,8 +2483,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); + ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, @@ -2543,8 +2522,7 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); + ASSERT_ALLOC( signature, signature_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2608,8 +2586,7 @@ void sign_verify( int key_type_arg, data_t *key_data, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); + ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, @@ -2764,8 +2741,7 @@ void asymmetric_encrypt( int key_type_arg, NULL, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_size == 0 || output != NULL ); + ASSERT_ALLOC( output, output_size ); /* Encrypt the input */ actual_status = psa_asymmetric_encrypt( slot, alg, @@ -2840,11 +2816,9 @@ void asymmetric_encrypt_decrypt( int key_type_arg, NULL, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_size ); output2_size = input_data->len; - output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( output2 != NULL ); + ASSERT_ALLOC( output2, output2_size ); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random @@ -2899,8 +2873,7 @@ void asymmetric_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); output_size = key_data->len; - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2968,8 +2941,7 @@ void asymmetric_decrypt_fail( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); output_size = key_data->len; - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -3082,8 +3054,7 @@ void derive_output( int alg_arg, if( output_sizes[i] == 0 ) expected_outputs[i] = NULL; } - output_buffer = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output_buffer != NULL ); + ASSERT_ALLOC( output_buffer, output_buffer_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -3292,13 +3263,13 @@ void derive_key_export( int alg_arg, size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - uint8_t *output_buffer = mbedtls_calloc( 1, capacity ); - uint8_t *export_buffer = mbedtls_calloc( 1, capacity ); + uint8_t *output_buffer = NULL; + uint8_t *export_buffer = NULL; psa_key_policy_t policy; size_t length; - TEST_ASSERT( output_buffer != NULL ); - TEST_ASSERT( export_buffer != NULL ); + ASSERT_ALLOC( output_buffer, capacity ); + ASSERT_ALLOC( export_buffer, capacity ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -3362,13 +3333,13 @@ void generate_random( int bytes_arg ) { size_t bytes = bytes_arg; const unsigned char trail[] = "don't overwrite me"; - unsigned char *output = mbedtls_calloc( 1, bytes + sizeof( trail ) ); - unsigned char *changed = mbedtls_calloc( 1, bytes ); + unsigned char *output = NULL; + unsigned char *changed = NULL; size_t i; unsigned run; - TEST_ASSERT( output != NULL ); - TEST_ASSERT( bytes == 0 || changed != NULL ); + ASSERT_ALLOC( output, bytes + sizeof( trail ) ); + ASSERT_ALLOC( changed, bytes ); memcpy( output + bytes, trail, sizeof( trail ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); From 3c22596d9b1d5d82e8eaff48c20f215c4f93ffc2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 13:56:31 +0200 Subject: [PATCH 0501/2197] New macro ASSERT_COMPARE to compare two buffers ASSERT_COMPARE tests that the two buffers have the same size and content. The intended use is to replace TEST_ASSERT( size1 == size2 ) followed by memcmp on the content. Keep using memcmp when comparing two buffers that have the same size by construction. --- tests/suites/helpers.function | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 0a4cf8737..f416b3035 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -121,6 +121,27 @@ typedef struct data_tag } \ while( 0 ) +/** Compare two buffers and fail the test case if they differ. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param p1 Pointer to the start of the first buffer. + * \param size1 Size of the first buffer in bytes. + * This expression may be evaluated multiple times. + * \param p2 Pointer to the start of the second buffer. + * \param size2 Size of the second buffer in bytes. + * This expression may be evaluated multiple times. + */ +#define ASSERT_COMPARE( p1, size1, p2, size2 ) \ + do \ + { \ + TEST_ASSERT( ( size1 ) == ( size2 ) ); \ + if( ( size1 ) != 0 ) \ + TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \ + } \ + while( 0 ) + #define assert(a) if( !( a ) ) \ { \ mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ From bd7dea9e640dddccab75afecf4f739af5c36c9d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 13:57:19 +0200 Subject: [PATCH 0502/2197] Use ASSERT_COMPARE instead of memcmp in PSA tests This commit fixes some missing size comparison. In aead_encrypt_decrypt, aead_encrypt and aead_decrypt, the test code would not have noticed if the library function had reported an output length that was not the expected length. --- tests/suites/test_suite_psa_crypto.function | 79 ++++++++------------- 1 file changed, 31 insertions(+), 48 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a55cfc7ac..ea1547e1f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -419,8 +419,7 @@ static int is_oid_of_key_type( psa_key_type_t type, return( 0 ); } - TEST_ASSERT( oid_length == expected_oid_length ); - TEST_ASSERT( memcmp( oid, expected_oid, oid_length ) == 0 ); + ASSERT_COMPARE( expected_oid, expected_oid_length, oid, oid_length ); return( 1 ); exit: @@ -854,8 +853,7 @@ void fill_slots( int max_arg ) TEST_ASSERT( psa_export_key( slot, exported, sizeof( exported ), &exported_size ) == PSA_SUCCESS ); - TEST_ASSERT( exported_size == sizeof( slot ) ); - TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 ); + ASSERT_COMPARE( &slot, sizeof( slot ), exported, exported_size ); } exit: @@ -992,10 +990,7 @@ void import_export( data_t *data, goto exit; if( canonical_input ) - { - TEST_ASSERT( exported_length == data->len ); - TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 ); - } + ASSERT_COMPARE( data->x, data->len, exported, exported_length ); else { TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS ); @@ -1007,9 +1002,8 @@ void import_export( data_t *data, reexported, export_size, &reexported_length ) == PSA_SUCCESS ); - TEST_ASSERT( reexported_length == exported_length ); - TEST_ASSERT( memcmp( reexported, exported, - exported_length ) == 0 ); + ASSERT_COMPARE( exported, exported_length, + reexported, reexported_length ); } destroy: @@ -1580,9 +1574,8 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ) == PSA_SUCCESS ); - TEST_ASSERT( actual_hash_length == expected_hash->len ); - TEST_ASSERT( memcmp( expected_hash->x, actual_hash, - expected_hash->len ) == 0 ); + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); exit: mbedtls_psa_crypto_free( ); @@ -1795,9 +1788,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); } exit: @@ -1872,9 +1864,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); exit: mbedtls_free( output ); @@ -1951,9 +1942,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); exit: mbedtls_free( output ); @@ -2026,9 +2016,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); } exit: @@ -2115,8 +2104,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); - TEST_ASSERT( input->len == output2_length ); - TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); + ASSERT_COMPARE( input->x, input->len, output2, output2_length ); exit: mbedtls_free( output1 ); @@ -2224,8 +2212,7 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); - TEST_ASSERT( input->len == output2_length ); - TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); + ASSERT_COMPARE( input->x, input->len, output2, output2_length ); exit: mbedtls_free( output1 ); @@ -2299,8 +2286,8 @@ void aead_encrypt_decrypt( int key_type_arg, output_data2, output_length, &output_length2 ) == expected_result ); - TEST_ASSERT( memcmp( input_data->x, output_data2, - input_data->len ) == 0 ); + ASSERT_COMPARE( input_data->x, input_data->len, + output_data2, output_length2 ); } exit: @@ -2357,8 +2344,8 @@ void aead_encrypt( int key_type_arg, data_t * key_data, output_data, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( output_data, expected_result->x, - output_length ) == 0 ); + ASSERT_COMPARE( expected_result->x, expected_result->len, + output_data, output_length ); exit: psa_destroy_key( slot ); @@ -2416,10 +2403,8 @@ void aead_decrypt( int key_type_arg, data_t * key_data, &output_length ) == expected_result ); if( expected_result == PSA_SUCCESS ) - { - TEST_ASSERT( memcmp( output_data, expected_data->x, - output_length ) == 0 ); - } + ASSERT_COMPARE( expected_data->x, expected_data->len, + output_data, output_length ); exit: psa_destroy_key( slot ); @@ -2491,9 +2476,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature, signature_size, &signature_length ) == PSA_SUCCESS ); /* Verify that the signature is what is expected. */ - TEST_ASSERT( signature_length == output_data->len ); - TEST_ASSERT( memcmp( signature, output_data->x, - output_data->len ) == 0 ); + ASSERT_COMPARE( output_data->x, output_data->len, + signature, signature_length ); exit: psa_destroy_key( slot ); @@ -2837,9 +2821,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, label->x, label->len, output2, output2_size, &output2_length ) == PSA_SUCCESS ); - TEST_ASSERT( output2_length == input_data->len ); - TEST_ASSERT( memcmp( input_data->x, output2, - input_data->len ) == 0 ); + ASSERT_COMPARE( input_data->x, input_data->len, + output2, output2_length ); exit: psa_destroy_key( slot ); @@ -2891,8 +2874,8 @@ void asymmetric_decrypt( int key_type_arg, output, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( expected_data->len == output_length ); - TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); + ASSERT_COMPARE( expected_data->x, expected_data->len, + output, output_length ); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ @@ -2906,8 +2889,8 @@ void asymmetric_decrypt( int key_type_arg, output, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( expected_data->len == output_length ); - TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); + ASSERT_COMPARE( expected_data->x, expected_data->len, + output, output_length ); } exit: From 79722b06725113fcd1c5381d77b8eabf957d65aa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Sep 2018 15:46:41 +0200 Subject: [PATCH 0503/2197] Fix incorrect test dependencies for MBEDTLS_PKCS1_V21 --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 38c5fee98..0319782fa 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -691,7 +691,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA keypair, PSS-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA public key, PKCS#1 v1.5 raw @@ -699,7 +699,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA public key, PSS-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA From a84f97c9bd6e96979f41266fa2a34d377b75ede9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Sep 2018 15:50:21 +0200 Subject: [PATCH 0504/2197] Update build script for tests after mbedcrypto exporter Update to the latest syntax changes of generate_test_code.py. This was missed in the rebase onto mbedtls-2.13. --- crypto/tests/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile index 2de5ffa7a..f76c1c0f8 100644 --- a/crypto/tests/Makefile +++ b/crypto/tests/Makefile @@ -41,7 +41,7 @@ $(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_tes -t suites/main_test.function \ -p suites/host_test.function \ -s suites \ - --help-file suites/helpers.function \ + --helpers-file suites/helpers.function \ -o . @@ -70,7 +70,7 @@ $(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data script -t suites/main_test.function \ -p suites/target_test.function \ -s suites \ - --help-file suites/helpers.function \ + --helpers-file suites/helpers.function \ -o ./TESTS/mbedcrypto/$* gen-embedded-test: $(EMBEDDED_TESTS) From 1596554c9930cbd1c5ef1f0e07196cfab192bcea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Sep 2018 13:42:26 +0200 Subject: [PATCH 0505/2197] Fix "make WINDOWS_BUILD=1 clean" on non-Windows hosts The clean rule was not using the correct names for the compiled executable files. --- tests/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Makefile b/tests/Makefile index 4d2edd456..b6e49bf8a 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -105,7 +105,7 @@ $(BINARIES): %$(EXEXT): %.c $(DEP) clean: ifndef WINDOWS - rm -rf $(APPS) *.c *.datax TESTS + rm -rf $(BINARIES) *.c *.datax TESTS else del /Q /F *.c *.exe *.datax ifneq ($(wildcard TESTS/.*),) From 899c6521955ca6a8f505ef1d01c6efe541059e8f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Sep 2018 15:54:40 +0200 Subject: [PATCH 0506/2197] In keep-going mode, don't hard-fail on some auxiliary script Add record_status in front of the invocation of several scripts where it was missing. --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 996204662..a323d1553 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -436,25 +436,25 @@ OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \ ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh msg "test: recursion.pl" # < 1s -tests/scripts/recursion.pl library/*.c +record_status tests/scripts/recursion.pl library/*.c msg "test: freshness of generated source files" # < 1s -tests/scripts/check-generated-files.sh +record_status tests/scripts/check-generated-files.sh msg "test: doxygen markup outside doxygen blocks" # < 1s -tests/scripts/check-doxy-blocks.pl +record_status tests/scripts/check-doxy-blocks.pl msg "test: check-files.py" # < 1s cleanup -tests/scripts/check-files.py +record_status tests/scripts/check-files.py msg "test/build: declared and exported names" # < 3s cleanup -tests/scripts/check-names.sh +record_status tests/scripts/check-names.sh msg "test: doxygen warnings" # ~ 3s cleanup -tests/scripts/doxygen.sh +record_status tests/scripts/doxygen.sh msg "test: Mbed Crypto exporter " # ~ 30s cleanup @@ -1079,10 +1079,10 @@ for optimization_flag in -O2 -O3 -Ofast -Os; do done msg "Lint: Python scripts" -tests/scripts/check-python-files.sh +record_status tests/scripts/check-python-files.sh msg "uint test: generate_test_code.py" -./tests/scripts/test_generate_test_code.py +record_status ./tests/scripts/test_generate_test_code.py ################################################################ #### Termination From 99ca35e968421d7ae0c5e3d93a9a2bd67da9386e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Sep 2018 17:49:57 +0200 Subject: [PATCH 0507/2197] Look for documentation only in specific directories Generate the documentation from include and doxygen/input only. Don't get snared by files containing Doxygen comments that lie in other directories such as tests, yotta, crypto/include, ... The only difference this makes in a fresh checkout is that the documentation no longer lists target_config.h. This file is from yotta, does not contain any Doxygen comment, and its inclusion in the rendered documentation was clearly an oversight. --- doxygen/mbedtls.doxyfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 43d6e6e72..5ad20d65b 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -664,7 +664,7 @@ WARN_LOGFILE = # directories like "/usr/src/myproject". Separate the files or directories # with spaces. -INPUT = .. +INPUT = ../include input # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is @@ -696,7 +696,7 @@ RECURSIVE = YES # Note that relative paths are relative to the directory from which doxygen is # run. -EXCLUDE = ../configs ../yotta/module +EXCLUDE = # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded From f7ab5ad13a4d1749c720c3db28c008343852e336 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Sep 2018 18:19:24 +0200 Subject: [PATCH 0508/2197] Skip calling memset when the size is 0 memset(NULL, c, 0) has undefined behavior, so don't do it. clang-asan complains. --- tests/suites/test_suite_psa_crypto.function | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ea1547e1f..59cc7166d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1367,7 +1367,8 @@ void asymmetric_encryption_key_policy( int policy_usage, else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); - memset( buffer, 0, buffer_length ); + if( buffer_length != 0 ) + memset( buffer, 0, buffer_length ); status = psa_asymmetric_decrypt( key_slot, exercise_alg, buffer, buffer_length, NULL, 0, @@ -2741,7 +2742,8 @@ void asymmetric_encrypt( int key_type_arg, if( label->len == 0 ) { output_length = ~0; - memset( output, 0, output_size ); + if( output_size != 0 ) + memset( output, 0, output_size ); actual_status = psa_asymmetric_encrypt( slot, alg, input_data->x, input_data->len, NULL, label->len, @@ -2882,7 +2884,8 @@ void asymmetric_decrypt( int key_type_arg, if( label->len == 0 ) { output_length = ~0; - memset( output, 0, output_size ); + if( output_size != 0 ) + memset( output, 0, output_size ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, input_data->x, input_data->len, NULL, label->len, @@ -2949,7 +2952,8 @@ void asymmetric_decrypt_fail( int key_type_arg, if( label->len == 0 ) { output_length = ~0; - memset( output, 0, output_size ); + if( output_size != 0 ) + memset( output, 0, output_size ); actual_status = psa_asymmetric_decrypt( slot, alg, input_data->x, input_data->len, NULL, label->len, @@ -3332,7 +3336,8 @@ void generate_random( int bytes_arg ) * (2^(-8*number_of_runs)). */ for( run = 0; run < 10; run++ ) { - memset( output, 0, bytes ); + if( bytes != 0 ) + memset( output, 0, bytes ); TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS ); /* Check that no more than bytes have been overwritten */ From 3e954cf84de6ae30697080782a8a493432fe3a1c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 10:12:17 +0200 Subject: [PATCH 0509/2197] In keep-going mode, don't hard-fail on some tests Add if_build_succeeded in front of the invocation of some test runs where it was missing. --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a323d1553..a63b3fc27 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -539,10 +539,10 @@ msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s make test msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s -tests/ssl-opt.sh -f RSA +if_build_succeeded tests/ssl-opt.sh -f RSA msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min -tests/compat.sh -t RSA +if_build_succeeded tests/compat.sh -t RSA msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" cleanup From 3a33c01a98d8ed899f5e23ff54e6131a95b18615 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 27 Sep 2018 10:14:36 +0100 Subject: [PATCH 0510/2197] mbed_crypto: Always describe the current version Even with a shallow clone of the repo where there are no tags available to version with, don't error and instead show a unique abbreviated commit hash as fallback. --- scripts/mbed_crypto.make | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index 5da57084d..c0e5a0531 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -213,7 +213,7 @@ crypto/%: % $(call rename_mbedcrypto,$@) crypto/VERSION.txt: FORCE - @git describe --tags --abbrev=12 --dirty > $@ + @git describe --tags --abbrev=12 --dirty --always > $@ mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES) @echo $@ From 2bb56095ec50c373b899a4614346e694678f271f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 11:49:52 +0200 Subject: [PATCH 0511/2197] Remove redundant check in all.sh test -s can't fail if the subsequent grep succeeds. --- tests/scripts/all.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a63b3fc27..0bce2a886 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1071,7 +1071,6 @@ for optimization_flag in -O2 -O3 -Ofast -Os; do cleanup make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log - if_build_succeeded [ -s test_zeroize.log ] if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log if_build_succeeded not grep -i "error" test_zeroize.log rm -f test_zeroize.log From e04d4e6d13398f6cfd6d85df3f7563b551df1885 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 27 Sep 2018 11:50:24 +0200 Subject: [PATCH 0512/2197] Don't try to disable ASLR We don't need to disable ASLR, so don't try. If gdb tries but fails, the test runs normally, but all.sh then trips up because it sees `warning: Error disabling address space randomization: Operation not permitted` and interprets it as an error that indicates a test failure. --- tests/scripts/test_zeroize.gdb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb index 617ab5544..77c812a0b 100644 --- a/tests/scripts/test_zeroize.gdb +++ b/tests/scripts/test_zeroize.gdb @@ -41,6 +41,9 @@ # number does not need to be updated often. set confirm off +# We don't need to turn off ASLR, so don't try. +set disable-randomization off + file ./programs/test/zeroize break zeroize.c:100 From c426352ec5dfd48a4c7ac7db42d4c194a1ac8322 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 28 Sep 2018 11:48:10 +0200 Subject: [PATCH 0513/2197] check-files: exclude .git and third-party files Exclude ".git" directories anywhere. This avoids spurious errors in git checkouts that contain branch names that look like a file check-files.py would check. Exclude "mbed-os" anywhere and "examples" from the root. Switch to the new mechanism to exclude "yotta/module". These are directories where we store third-party files that do not need to match our preferences. Exclude "cov-int" from the root. Fix #1691 --- tests/scripts/check-files.py | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index f560d0378..0fb2117a3 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -155,6 +155,12 @@ class IntegrityChecker(object): ".c", ".h", ".sh", ".pl", ".py", ".md", ".function", ".data", "Makefile", "CMakeLists.txt", "ChangeLog" ) + self.excluded_directories = ['.git', 'mbed-os'] + self.excluded_paths = list(map(os.path.normpath, [ + 'cov-int', + 'examples', + 'yotta/module' + ])) self.issues_to_check = [ PermissionIssueTracker(), EndOfFileNewlineIssueTracker(), @@ -179,12 +185,19 @@ class IntegrityChecker(object): console = logging.StreamHandler() self.logger.addHandler(console) + def prune_branch(self, root, d): + if d in self.excluded_directories: + return True + if os.path.normpath(os.path.join(root, d)) in self.excluded_paths: + return True + return False + def check_files(self): - for root, dirs, files in sorted(os.walk(".")): + for root, dirs, files in os.walk("."): + dirs[:] = sorted(d for d in dirs if not self.prune_branch(root, d)) for filename in sorted(files): filepath = os.path.join(root, filename) - if (os.path.join("yotta", "module") in filepath or - not filepath.endswith(self.files_to_check)): + if not filepath.endswith(self.files_to_check): continue for issue_to_check in self.issues_to_check: if issue_to_check.should_check_file(filepath): From f18c146d6bd2356b8db0b4f575c1d361ab60dec6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Aug 2018 15:17:29 +0200 Subject: [PATCH 0514/2197] Remove a redundant test case --- tests/suites/test_suite_psa_crypto.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0319782fa..6a5a21fc7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -354,10 +354,6 @@ depends_on:MBEDTLS_CMAC_C # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED -PSA MAC verify: HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62" - PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" From a7aa442c7cdee82eacc55115aeef5a2410e5f27f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Aug 2018 15:17:54 +0200 Subject: [PATCH 0515/2197] Add tests for mac_sign --- tests/suites/test_suite_psa_crypto.data | 16 +++++ tests/suites/test_suite_psa_crypto.function | 69 +++++++++++++++++++-- 2 files changed, 80 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6a5a21fc7..913c69460 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -354,18 +354,34 @@ depends_on:MBEDTLS_CMAC_C # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED +PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" + PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" +PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" + PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" +PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" + PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" +PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" + PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 59cc7166d..9f1945809 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -22,20 +22,23 @@ /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; -/** Test if a buffer is all-bits zero. +/** Test if a buffer contains a constant byte value. + * + * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`. * * \param buffer Pointer to the beginning of the buffer. + * \param c Expected value of every byte. * \param size Size of the buffer in bytes. * * \return 1 if the buffer is all-bits-zero. * \return 0 if there is at least one nonzero byte. */ -static int mem_is_zero( void *buffer, size_t size ) +static int mem_is_char( void *buffer, unsigned char c, size_t size ) { size_t i; for( i = 0; i < size; i++ ) { - if( ( (unsigned char *) buffer )[i] != 0 ) + if( ( (unsigned char *) buffer )[i] != c ) return( 0 ); } return( 1 ); @@ -978,7 +981,7 @@ void import_export( data_t *data, TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 ); TEST_ASSERT( exported_length <= export_size ); - TEST_ASSERT( mem_is_zero( exported + exported_length, + TEST_ASSERT( mem_is_char( exported + exported_length, 0, export_size - exported_length ) ); if( status != PSA_SUCCESS ) { @@ -1067,7 +1070,7 @@ void import_export_public_key( data_t *data, &exported_length ); TEST_ASSERT( status == expected_export_status ); TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); - TEST_ASSERT( mem_is_zero( exported + exported_length, + TEST_ASSERT( mem_is_char( exported + exported_length, 0, export_size - exported_length ) ); if( status != PSA_SUCCESS ) goto destroy; @@ -1647,6 +1650,62 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mac_sign( int key_type_arg, + data_t *key, + int alg_arg, + data_t *input, + data_t *expected_mac ) +{ + int key_slot = 1; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_mac_operation_t operation; + psa_key_policy_t policy; + /* Leave a little extra room in the output buffer. At the end of the + * test, we'll check that the implementation didn't overwrite onto + * this extra room. */ + uint8_t actual_mac[PSA_MAC_MAX_SIZE + 10]; + size_t mac_buffer_size = + PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key->len ), alg ); + size_t mac_length = 0; + + memset( actual_mac, '+', sizeof( actual_mac ) ); + TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); + TEST_ASSERT( expected_mac->len <= mac_buffer_size ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key->x, key->len ) == PSA_SUCCESS ); + + /* Calculate the MAC. */ + TEST_ASSERT( psa_mac_sign_setup( &operation, + key_slot, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_update( &operation, + input->x, input->len ) == PSA_SUCCESS ); + TEST_ASSERT( psa_mac_sign_finish( &operation, + actual_mac, mac_buffer_size, + &mac_length ) == PSA_SUCCESS ); + + /* Compare with the expected value. */ + TEST_ASSERT( mac_length == expected_mac->len ); + TEST_ASSERT( memcmp( actual_mac, expected_mac->x, mac_length ) == 0 ); + + /* Verify that the end of the buffer is untouched. */ + TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+', + sizeof( actual_mac ) - mac_length ) ); + +exit: + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_verify( int key_type_arg, data_t *key, From d911eb79151565c755b5ff5d1c82206d7517c570 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Aug 2018 15:18:45 +0200 Subject: [PATCH 0516/2197] Add support for truncated MAC algorithms --- include/psa/crypto.h | 50 ++++++++++++++++ include/psa/crypto_sizes.h | 6 +- library/psa_crypto.c | 45 ++++++++++++--- tests/suites/test_suite_psa_crypto.data | 76 +++++++++++++++++++++++++ 4 files changed, 168 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 62d392017..0269be959 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -756,6 +756,56 @@ typedef uint32_t psa_algorithm_t; (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_HMAC_BASE) +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_MAC_TRUNCATION_OFFSET 8 + +/** Macro to build a truncated MAC algorithm. + * + * A truncated MAC algorithm is identical to the corresponding MAC + * algorithm except that the MAC value for the truncated algorithm + * consists of only the first \p mac_length bytes of the MAC value + * for the untruncated algorithm. + * + * \note This macro may allow constructing algorithm identifiers that + * are not valid, either because the specified length is larger + * than the untruncated MAC or because the specified length is + * smaller than permitted by the implementation. + * + * \note It is implementation-defined whether a truncated MAC that + * is truncated to the same length as the MAC of the untruncated + * algorithm is considered identical to the untruncated algorithm + * for policy comparison purposes. + * + * \param alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * \param mac_length Desired length of the truncated MAC in bytes. + * + * \return The corresponding MAC algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * MAC algorithm or if \p mac_length is too small or + * too large for the specified MAC algorithm. + */ +#define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \ + (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ + ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) + +/** Length to which a MAC algorithm is truncated. + * + * \param alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). + * + * \return Length of the truncated MAC in bytes. + * \return 0 if \p alg is a non-truncated MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_MAC_TRUNCATED_LENGTH(alg) \ + (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) + #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index edb240be0..c058afc38 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -143,7 +143,8 @@ PSA_VENDOR_ECC_MAX_CURVE_BITS \ ) - +/** The maximum size of a block cipher supported by the implementation. */ +#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16 /** The size of the output of psa_mac_sign_finish(), in bytes. * @@ -163,7 +164,8 @@ * with the algorithm. */ #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ - (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ + ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ + PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \ ((void)(key_type), (void)(key_bits), 0)) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6fd905c8c..3411cc843 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1523,8 +1523,10 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, size_t key_bits; psa_key_usage_t usage = is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; + unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg ); + psa_algorithm_t full_length_alg = alg & ~PSA_ALG_MAC_TRUNCATION_MASK; - status = psa_mac_init( operation, alg ); + status = psa_mac_init( operation, full_length_alg ); if( status != PSA_SUCCESS ) return( status ); if( is_sign ) @@ -1536,10 +1538,11 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, key_bits = psa_get_key_bits( slot ); #if defined(MBEDTLS_CMAC_C) - if( alg == PSA_ALG_CMAC ) + if( full_length_alg == PSA_ALG_CMAC ) { const mbedtls_cipher_info_t *cipher_info = - mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL ); + mbedtls_cipher_info_from_psa( full_length_alg, + slot->type, key_bits, NULL ); int ret; if( cipher_info == NULL ) { @@ -1553,7 +1556,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, else #endif /* MBEDTLS_CMAC_C */ #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HMAC( alg ) ) + if( PSA_ALG_IS_HMAC( full_length_alg ) ) { psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg ); if( hash_alg == 0 ) @@ -1588,6 +1591,24 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, status = PSA_ERROR_NOT_SUPPORTED; } + if( truncated == 0 ) + { + /* The "normal" case: untruncated algorithm. Nothing to do. */ + } + else if( truncated < 4 ) + { + /* Too small to make any sense. Reject. 4 bytes is too small for + * security but ancient protocols with 32-bit MACs do exist. */ + status = PSA_ERROR_NOT_SUPPORTED; + } + else if( truncated > operation->mac_size ) + { + /* It's impossible to "truncate" to a larger length. */ + status = PSA_ERROR_INVALID_ARGUMENT; + } + else + operation->mac_size = truncated; + exit: if( status != PSA_SUCCESS ) { @@ -1682,7 +1703,11 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac, if( status != PSA_SUCCESS ) goto exit; - status = psa_hash_finish( &hmac->hash_ctx, mac, mac_size, &hash_size ); + status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); + if( status != PSA_SUCCESS ) + goto exit; + + memcpy( mac, tmp, mac_size ); exit: mbedtls_zeroize( tmp, hash_size ); @@ -1705,7 +1730,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, #if defined(MBEDTLS_CMAC_C) if( operation->alg == PSA_ALG_CMAC ) { - int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac ); + uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE]; + int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp ); + if( ret == 0 ) + memcpy( mac, tmp, mac_size ); + mbedtls_zeroize( tmp, sizeof( tmp ) ); return( mbedtls_to_psa_error( ret ) ); } else @@ -1714,7 +1743,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( operation->alg ) ) { return( psa_hmac_finish_internal( &operation->ctx.hmac, - mac, mac_size ) ); + mac, operation->mac_size ) ); } else #endif /* MBEDTLS_MD_C */ @@ -1793,6 +1822,8 @@ cleanup: else psa_mac_abort( operation ); + mbedtls_zeroize( actual_mac, mac_length ); + return( status ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 913c69460..b76f3071e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -466,10 +466,86 @@ PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" +PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" + +PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" + +PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" + +PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" + +PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b" + +PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b" + +PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268" + +PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268" + +PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112" + +PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112" + +PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde" + +PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde" + +PSA MAC sign: CMAC-AES-128 +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" + PSA MAC verify: CMAC-AES-128 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" +PSA MAC sign: CMAC-AES-128, truncated to 16 bytes (actual size) +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" + +PSA MAC verify: CMAC-AES-128, truncated to 16 bytes (actual size) +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827" + +PSA MAC sign: CMAC-AES-128, truncated to 15 bytes +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8" + +PSA MAC verify: CMAC-AES-128, truncated to 15 bytes +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8" + +PSA MAC sign: CMAC-AES-128, truncated to 4 bytes +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747" + +PSA MAC verify: CMAC-AES-128, truncated to 4 bytes +depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C +mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747" + PSA cipher setup: good, AES-CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS From edf9a6576d4cd7ebf6d0287a2fbfd9b8d1546e7a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 Aug 2018 18:11:56 +0200 Subject: [PATCH 0517/2197] Refactor AEAD setup into a common function There was a lot of repetition between psa_aead_encrypt and psa_aead_decrypt. Refactor the code into a new function psa_aead_setup. The new code should behave identically except that in some cases where multiple error conditions apply, the code may now return a different error code. Internally, I rearranged some of the code: * I removed a check that the key type was in CATEGORY_SYMMETRIC because it's redundant with mbedtls_cipher_info_from_psa which enumerates supported key types explicitly. * The order of some validations is different to allow the split between setup and data processing. The code now calls a more robust function psa_aead_abort in case of any error after the early stage of the setup. --- library/psa_crypto.c | 320 +++++++++++++++++++++---------------------- 1 file changed, 159 insertions(+), 161 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3411cc843..82af92086 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2821,6 +2821,102 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, /* AEAD */ /****************************************************************/ +typedef struct +{ + key_slot_t *slot; + const mbedtls_cipher_info_t *cipher_info; + union + { +#if defined(MBEDTLS_CCM_C) + mbedtls_ccm_context ccm; +#endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_GCM_C) + mbedtls_gcm_context gcm; +#endif /* MBEDTLS_GCM_C */ + } ctx; + uint8_t tag_length; +} aead_operation_t; + +static void psa_aead_abort( aead_operation_t *operation, + psa_algorithm_t alg ) +{ + switch( alg ) + { +#if defined(MBEDTLS_CCM_C) + case PSA_ALG_CCM: + mbedtls_ccm_free( &operation->ctx.ccm ); + break; +#endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CCM_C) + case PSA_ALG_GCM: + mbedtls_gcm_free( &operation->ctx.gcm ); + break; +#endif /* MBEDTLS_GCM_C */ + } +} + +static psa_status_t psa_aead_setup( aead_operation_t *operation, + psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_status_t status; + size_t key_bits; + mbedtls_cipher_id_t cipher_id; + + status = psa_get_key_from_slot( key, &operation->slot, usage, alg ); + if( status != PSA_SUCCESS ) + return( status ); + + key_bits = psa_get_key_bits( operation->slot ); + + operation->cipher_info = + mbedtls_cipher_info_from_psa( alg, operation->slot->type, key_bits, + &cipher_id ); + if( operation->cipher_info == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + + switch( alg ) + { +#if defined(MBEDTLS_CCM_C) + case PSA_ALG_CCM: + operation->tag_length = 16; + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + mbedtls_ccm_init( &operation->ctx.ccm ); + status = mbedtls_to_psa_error( + mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id, + operation->slot->data.raw.data, + (unsigned int) key_bits ) ); + if( status != 0 ) + goto cleanup; + break; +#endif /* MBEDTLS_CCM_C */ + +#if defined(MBEDTLS_GCM_C) + case PSA_ALG_GCM: + operation->tag_length = 16; + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + mbedtls_gcm_init( &operation->ctx.gcm ); + status = mbedtls_to_psa_error( + mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, + operation->slot->data.raw.data, + (unsigned int) key_bits ) ); + break; +#endif /* MBEDTLS_GCM_C */ + + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + + return( PSA_SUCCESS ); + +cleanup: + psa_aead_abort( operation, alg ); + return( status ); +} + psa_status_t psa_aead_encrypt( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce, @@ -2833,113 +2929,60 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t ciphertext_size, size_t *ciphertext_length ) { - int ret; psa_status_t status; - key_slot_t *slot; - size_t key_bits; + aead_operation_t operation; uint8_t *tag; - size_t tag_length; - mbedtls_cipher_id_t cipher_id; - const mbedtls_cipher_info_t *cipher_info = NULL; *ciphertext_length = 0; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - key_bits = psa_get_key_bits( slot ); - cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, - key_bits, &cipher_id ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - - if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) != - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) - return( PSA_ERROR_INVALID_ARGUMENT ); + /* For all currently supported modes, the tag is at the end of the + * ciphertext. */ + if( ciphertext_size < ( plaintext_length + operation.tag_length ) ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + tag = ciphertext + plaintext_length; if( alg == PSA_ALG_GCM ) { - mbedtls_gcm_context gcm; - tag_length = 16; - - if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - //make sure we have place to hold the tag in the ciphertext buffer - if( ciphertext_size < ( plaintext_length + tag_length ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - //update the tag pointer to point to the end of the ciphertext_length - tag = ciphertext + plaintext_length; - - mbedtls_gcm_init( &gcm ); - ret = mbedtls_gcm_setkey( &gcm, cipher_id, - slot->data.raw.data, - (unsigned int) key_bits ); - if( ret != 0 ) - { - mbedtls_gcm_free( &gcm ); - return( mbedtls_to_psa_error( ret ) ); - } - ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, - plaintext_length, nonce, - nonce_length, additional_data, - additional_data_length, plaintext, - ciphertext, tag_length, tag ); - mbedtls_gcm_free( &gcm ); + status = mbedtls_to_psa_error( + mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm, + MBEDTLS_GCM_ENCRYPT, + plaintext_length, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, ciphertext, + operation.tag_length, tag ) ); } else if( alg == PSA_ALG_CCM ) { - mbedtls_ccm_context ccm; - tag_length = 16; - - if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if( nonce_length < 7 || nonce_length > 13 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - //make sure we have place to hold the tag in the ciphertext buffer - if( ciphertext_size < ( plaintext_length + tag_length ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - //update the tag pointer to point to the end of the ciphertext_length - tag = ciphertext + plaintext_length; - - mbedtls_ccm_init( &ccm ); - ret = mbedtls_ccm_setkey( &ccm, cipher_id, - slot->data.raw.data, - (unsigned int) key_bits ); - if( ret != 0 ) - { - mbedtls_ccm_free( &ccm ); - return( mbedtls_to_psa_error( ret ) ); - } - ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, - nonce, nonce_length, - additional_data, - additional_data_length, - plaintext, ciphertext, - tag, tag_length ); - mbedtls_ccm_free( &ccm ); + status = mbedtls_to_psa_error( + mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm, + plaintext_length, + nonce, nonce_length, + additional_data, + additional_data_length, + plaintext, ciphertext, + tag, operation.tag_length ) ); } else { return( PSA_ERROR_NOT_SUPPORTED ); } - if( ret != 0 ) - { - /* If ciphertext_size is 0 then ciphertext may be NULL and then the - * call to memset would have undefined behavior. */ - if( ciphertext_size != 0 ) - memset( ciphertext, 0, ciphertext_size ); - return( mbedtls_to_psa_error( ret ) ); - } + if( status != PSA_SUCCESS && ciphertext_size != 0 ) + memset( ciphertext, 0, ciphertext_size ); - *ciphertext_length = plaintext_length + tag_length; - return( PSA_SUCCESS ); +exit: + psa_aead_abort( &operation, alg ); + if( status == PSA_SUCCESS ) + *ciphertext_length = plaintext_length + operation.tag_length; + return( status ); } /* Locate the tag in a ciphertext buffer containing the encrypted data @@ -2975,108 +3018,63 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, size_t plaintext_size, size_t *plaintext_length ) { - int ret; psa_status_t status; - key_slot_t *slot; - size_t key_bits; - const uint8_t *tag; - size_t tag_length; - mbedtls_cipher_id_t cipher_id; - const mbedtls_cipher_info_t *cipher_info = NULL; + aead_operation_t operation; + const uint8_t *tag = NULL; *plaintext_length = 0; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - key_bits = psa_get_key_bits( slot ); - - cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, - key_bits, &cipher_id ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - - if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) != - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) - return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) { - mbedtls_gcm_context gcm; - - tag_length = 16; - status = psa_aead_unpadded_locate_tag( tag_length, + status = psa_aead_unpadded_locate_tag( operation.tag_length, ciphertext, ciphertext_length, plaintext_size, &tag ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; - mbedtls_gcm_init( &gcm ); - ret = mbedtls_gcm_setkey( &gcm, cipher_id, - slot->data.raw.data, - (unsigned int) key_bits ); - if( ret != 0 ) - { - mbedtls_gcm_free( &gcm ); - return( mbedtls_to_psa_error( ret ) ); - } - - ret = mbedtls_gcm_auth_decrypt( &gcm, - ciphertext_length - tag_length, - nonce, nonce_length, - additional_data, - additional_data_length, - tag, tag_length, - ciphertext, plaintext ); - mbedtls_gcm_free( &gcm ); + status = mbedtls_to_psa_error( + mbedtls_gcm_auth_decrypt( &operation.ctx.gcm, + ciphertext_length - operation.tag_length, + nonce, nonce_length, + additional_data, + additional_data_length, + tag, operation.tag_length, + ciphertext, plaintext ) ); } else if( alg == PSA_ALG_CCM ) { - mbedtls_ccm_context ccm; - - if( nonce_length < 7 || nonce_length > 13 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - tag_length = 16; - status = psa_aead_unpadded_locate_tag( tag_length, + status = psa_aead_unpadded_locate_tag( operation.tag_length, ciphertext, ciphertext_length, plaintext_size, &tag ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; - mbedtls_ccm_init( &ccm ); - ret = mbedtls_ccm_setkey( &ccm, cipher_id, - slot->data.raw.data, - (unsigned int) key_bits ); - if( ret != 0 ) - { - mbedtls_ccm_free( &ccm ); - return( mbedtls_to_psa_error( ret ) ); - } - ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length, - nonce, nonce_length, - additional_data, - additional_data_length, - ciphertext, plaintext, - tag, tag_length ); - mbedtls_ccm_free( &ccm ); + status = mbedtls_to_psa_error( + mbedtls_ccm_auth_decrypt( &operation.ctx.ccm, + ciphertext_length - operation.tag_length, + nonce, nonce_length, + additional_data, + additional_data_length, + ciphertext, plaintext, + tag, operation.tag_length ) ); } else { return( PSA_ERROR_NOT_SUPPORTED ); } - if( ret != 0 ) - { - /* If plaintext_size is 0 then plaintext may be NULL and then the - * call to memset has undefined behavior. */ - if( plaintext_size != 0 ) - memset( plaintext, 0, plaintext_size ); - } - else - *plaintext_length = ciphertext_length - tag_length; + if( status != PSA_SUCCESS && plaintext_size != 0 ) + memset( plaintext, 0, plaintext_size ); - return( mbedtls_to_psa_error( ret ) ); +exit: + psa_aead_abort( &operation, alg ); + if( status == PSA_SUCCESS ) + *plaintext_length = ciphertext_length - operation.tag_length; + return( status ); } From 7da96b0d913169d3811a39c39522293b5055fd15 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 Aug 2018 18:45:42 +0200 Subject: [PATCH 0518/2197] Reorder parameters of AEAD unit tests to be more logical Pass the nonce first, then the AD, then the input. This is the order in which the data is processed and it's the order of the parameters to the API functions. --- tests/suites/test_suite_psa_crypto.data | 32 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 30 ++++++++++--------- 2 files changed, 33 insertions(+), 29 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b76f3071e..71b0d1b2d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -694,67 +694,67 @@ cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS PSA AEAD encrypt/decrypt: DES-CCM not supported depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED +aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt: AES-CCM, 23 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" +aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8" PSA AEAD encrypt: AES-CCM, 24 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" PSA AEAD decrypt: AES-CCM, 39 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS +aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS PSA AEAD decrypt, AES-CCM, 40 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS PSA AEAD decrypt: AES-CCM, invalid signature depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS PSA AEAD encrypt, AES-GCM, 128 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" +aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" PSA AEAD encrypt, AES-GCM, 128 bytes #2 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" +aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" PSA AEAD decrypt, AES-GCM, 144 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS PSA AEAD decrypt, AES-GCM, 144 bytes #2 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS PSA AEAD decrypt, AES-GCM, invalid signature depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE +aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE PSA AEAD encrypt/decrypt: invalid algorithm (CTR) depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9f1945809..5503c94b6 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2283,12 +2283,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, - data_t * key_data, +void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, int alg_arg, - data_t * input_data, - data_t * nonce, - data_t * additional_data, + data_t *nonce, + data_t *additional_data, + data_t *input_data, int expected_result_arg ) { int slot = 1; @@ -2359,10 +2358,12 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, data_t * key_data, - int alg_arg, data_t * input_data, - data_t * additional_data, data_t * nonce, - data_t * expected_result ) +void aead_encrypt( int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_result ) { int slot = 1; psa_key_type_t key_type = key_type_arg; @@ -2415,10 +2416,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, data_t * key_data, - int alg_arg, data_t * input_data, - data_t * additional_data, data_t * nonce, - data_t * expected_data, int expected_result_arg ) +void aead_decrypt( int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_data, + int expected_result_arg ) { int slot = 1; psa_key_type_t key_type = key_type_arg; From 23cc2ff9a82b4d6b0e9abbfc6ca16b5d47c1e460 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 Aug 2018 19:47:52 +0200 Subject: [PATCH 0519/2197] Add support for non-default-tag-size AEAD (CCM and GCM) --- include/psa/crypto.h | 36 ++++++++++++++--- include/psa/crypto_sizes.h | 12 +++--- library/psa_crypto.c | 39 +++++++++++++------ .../test_suite_psa_crypto_metadata.function | 2 +- 4 files changed, 66 insertions(+), 23 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0269be959..c22e85338 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -884,8 +884,34 @@ typedef uint32_t psa_algorithm_t; */ #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) -#define PSA_ALG_CCM ((psa_algorithm_t)0x06000001) -#define PSA_ALG_GCM ((psa_algorithm_t)0x06000002) +#define PSA_ALG_CCM ((psa_algorithm_t)0x06001001) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06001002) + +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_AEAD_TAG_LENGTH_OFFSET 8 + +/** Macro to build a shortened AEAD algorithm. + * + * A shortened AEAD algorithm is similar to the corresponding AEAD + * algorithm, but has an authentication tag that consists of fewer bytes. + * Depending on the algorithm, the tag length may affect the calculation + * of the ciphertext. + * + * \param alg A AEAD algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) + * is true). + * \param mac_length Desired length of the authentication tag in bytes. + * + * \return The corresponding AEAD algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * AEAD algorithm or if \p tag_length is not valid + * for the specified AEAD algorithm. + */ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \ + (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ + ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ + PSA_ALG_AEAD_TAG_LENGTH_MASK)) #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) /** RSA PKCS#1 v1.5 signature with hashing. @@ -2432,9 +2458,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * correct size for an AEAD algorithm that it * recognizes, but does not support. */ -#define PSA_AEAD_TAG_SIZE(alg) \ - ((alg) == PSA_ALG_GCM ? 16 : \ - (alg) == PSA_ALG_CCM ? 16 : \ +#define PSA_AEAD_TAG_LENGTH(alg) \ + (PSA_ALG_IS_AEAD(alg) ? \ + (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ 0) /** Process an authenticated encryption operation. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index c058afc38..169566ece 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -188,9 +188,9 @@ * correct size for an AEAD algorithm that it * recognizes, but does not support. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) : \ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ 0) /** The maximum size of the output of psa_aead_decrypt(), in bytes. @@ -212,9 +212,9 @@ * correct size for an AEAD algorithm that it * recognizes, but does not support. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - (PSA_AEAD_TAG_SIZE(alg) != 0 ? \ - (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) : \ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ 0) /** Safe signature buffer size for psa_asymmetric_sign(). diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 82af92086..44862424d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1224,6 +1224,9 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( mbedtls_cipher_mode_t mode; mbedtls_cipher_id_t cipher_id_tmp; + if( PSA_ALG_IS_AEAD( alg ) ) + alg &= ~PSA_ALG_AEAD_TAG_LENGTH_MASK; + if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) { switch( alg ) @@ -1246,10 +1249,10 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_ALG_CBC_PKCS7: mode = MBEDTLS_MODE_CBC; break; - case PSA_ALG_CCM: + case PSA_ALG_CCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK: mode = MBEDTLS_MODE_CCM; break; - case PSA_ALG_GCM: + case PSA_ALG_GCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK: mode = MBEDTLS_MODE_GCM; break; default: @@ -2834,6 +2837,8 @@ typedef struct mbedtls_gcm_context gcm; #endif /* MBEDTLS_GCM_C */ } ctx; + psa_algorithm_t core_alg; + uint8_t full_tag_length; uint8_t tag_length; } aead_operation_t; @@ -2876,11 +2881,12 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, if( operation->cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - switch( alg ) + switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) ) { #if defined(MBEDTLS_CCM_C) - case PSA_ALG_CCM: - operation->tag_length = 16; + case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ): + operation->core_alg = PSA_ALG_CCM; + operation->full_tag_length = 16; if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &operation->ctx.ccm ); @@ -2894,8 +2900,9 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_GCM_C) - case PSA_ALG_GCM: - operation->tag_length = 16; + case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ): + operation->core_alg = PSA_ALG_GCM; + operation->full_tag_length = 16; if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_gcm_init( &operation->ctx.gcm ); @@ -2910,6 +2917,16 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, return( PSA_ERROR_NOT_SUPPORTED ); } + if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto cleanup; + } + operation->tag_length = PSA_AEAD_TAG_LENGTH( alg ); + /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. + * GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. + * In both cases, mbedtls_xxx will validate the tag length below. */ + return( PSA_SUCCESS ); cleanup: @@ -2948,7 +2965,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, } tag = ciphertext + plaintext_length; - if( alg == PSA_ALG_GCM ) + if( operation.core_alg == PSA_ALG_GCM ) { status = mbedtls_to_psa_error( mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm, @@ -2959,7 +2976,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, plaintext, ciphertext, operation.tag_length, tag ) ); } - else if( alg == PSA_ALG_CCM ) + else if( operation.core_alg == PSA_ALG_CCM ) { status = mbedtls_to_psa_error( mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm, @@ -3028,7 +3045,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( status != PSA_SUCCESS ) return( status ); - if( alg == PSA_ALG_GCM ) + if( operation.core_alg == PSA_ALG_GCM ) { status = psa_aead_unpadded_locate_tag( operation.tag_length, ciphertext, ciphertext_length, @@ -3045,7 +3062,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag, operation.tag_length, ciphertext, plaintext ) ); } - else if( alg == PSA_ALG_CCM ) + else if( operation.core_alg == PSA_ALG_CCM ) { status = psa_aead_unpadded_locate_tag( operation.tag_length, ciphertext, ciphertext_length, diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index ca9d5576a..a264389cd 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -227,7 +227,7 @@ void aead_algorithm( int alg_arg, int classification_flags, algorithm_classification( alg, classification_flags ); /* Tag length */ - TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) ); + TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) ); } /* END_CASE */ From be00a71c90991c867247b2c554c5e5bafc951451 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 Aug 2018 19:59:43 +0200 Subject: [PATCH 0520/2197] Add tests for shorter-tag AEAD (CCM, GCM) --- tests/suites/test_suite_psa_crypto.data | 96 +++++++++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 71b0d1b2d..d8a5924cb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -712,6 +712,34 @@ PSA AEAD encrypt: AES-CCM, 24 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" +PSA AEAD encrypt: AES-CCM, 24 bytes, T=4 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39" + +PSA AEAD encrypt: AES-CCM, 24 bytes, T=6 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc" + +PSA AEAD encrypt: AES-CCM, 24 bytes, T=8 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776" + +PSA AEAD encrypt: AES-CCM, 24 bytes, T=10 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e" + +PSA AEAD encrypt: AES-CCM, 24 bytes, T=12 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846" + +PSA AEAD encrypt: AES-CCM, 24 bytes, T=14 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f" + +PSA AEAD encrypt: AES-CCM, 24 bytes, T=16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" + PSA AEAD decrypt: AES-CCM, 39 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS @@ -720,10 +748,50 @@ PSA AEAD decrypt, AES-CCM, 40 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS +PSA AEAD decrypt: AES-CCM, 24 bytes, T=4 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD decrypt: AES-CCM, 24 bytes, T=6 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD decrypt: AES-CCM, 24 bytes, T=8 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD decrypt: AES-CCM, 24 bytes, T=10 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD decrypt: AES-CCM, 24 bytes, T=12 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD decrypt: AES-CCM, 24 bytes, T=14 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + +PSA AEAD decrypt: AES-CCM, 24 bytes, T=16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS + PSA AEAD decrypt: AES-CCM, invalid signature depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE +PSA AEAD decrypt: AES-CCM, invalid signature, T=4 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE + +PSA AEAD decrypt: AES-CCM, truncated tag of the right length +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE + +PSA AEAD decrypt: AES-CCM, invalid tag length 0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS @@ -740,6 +808,18 @@ PSA AEAD encrypt, AES-GCM, 128 bytes #2 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56" +PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=4 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f" + +PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a" + +PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=16 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" + PSA AEAD decrypt, AES-GCM, 144 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS @@ -748,10 +828,26 @@ PSA AEAD decrypt, AES-GCM, 144 bytes #2 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS +PSA AEAD decrypt, AES-GCM, 144 bytes, T=4 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS + +PSA AEAD decrypt, AES-GCM, 144 bytes, T=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS + +PSA AEAD decrypt, AES-GCM, 144 bytes, T=16 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS + PSA AEAD decrypt, AES-GCM, invalid signature depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE +PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE + PSA AEAD encrypt/decrypt: invalid algorithm (CTR) depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED From 70f46e17e8c08022c9c0303074165976c745cc3f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Aug 2018 15:07:53 +0200 Subject: [PATCH 0521/2197] New macro PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH Useful to analyze algorithm values. --- include/psa/crypto.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c22e85338..ac3852912 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -913,6 +913,24 @@ typedef uint32_t psa_algorithm_t; ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ PSA_ALG_AEAD_TAG_LENGTH_MASK)) +/** Calculate the corresponding AEAD algorithm with the default tag length. + * + * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The corresponding AEAD algorithm with the default tag length + * for that algorithm. + */ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \ + ( \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \ + 0) +#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ + ref : + #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) /** RSA PKCS#1 v1.5 signature with hashing. * From 0deaf3d8d71d38a5b2258e3dcca34a02ece331ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Aug 2018 15:06:39 +0200 Subject: [PATCH 0522/2197] psa_constant_names: new function append_integer Factor repeated code into a new function append_integer. --- programs/psa/psa_constant_names.c | 22 ++++++++++++++-------- scripts/generate_psa_constants.py | 8 ++++---- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index d422e14f6..755bc8c1e 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -21,6 +21,16 @@ static void append(char **buffer, size_t buffer_size, } } +static void append_integer(char **buffer, size_t buffer_size, + size_t *required_size, + const char *format /*printf format for value*/, + unsigned long value) +{ + size_t n = snprintf(*buffer, buffer_size - *required_size, format, value); + if (n < buffer_size - *required_size) *buffer += n; + *required_size += n; +} + /* The code of these function is automatically generated and included below. */ static const char *psa_ecc_curve_name(psa_ecc_curve_t curve); static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg); @@ -37,10 +47,8 @@ static void append_with_curve(char **buffer, size_t buffer_size, append(buffer, buffer_size, required_size, curve_name, strlen(curve_name)); } else { - size_t n = snprintf(*buffer, buffer_size - *required_size, - "0x%04x", (unsigned) curve); - if (n < buffer_size - *required_size) *buffer += n; - *required_size += n; + append_integer(buffer, buffer_size, required_size, + "0x%04x", curve); } append(buffer, buffer_size, required_size, ")", 1); } @@ -57,10 +65,8 @@ static void append_with_hash(char **buffer, size_t buffer_size, append(buffer, buffer_size, required_size, hash_name, strlen(hash_name)); } else { - size_t n = snprintf(*buffer, buffer_size - *required_size, - "0x%08lx", (unsigned long) hash_alg); - if (n < buffer_size - *required_size) *buffer += n; - *required_size += n; + append_integer(buffer, buffer_size, required_size, + "0x%08lx", hash_alg); } append(buffer, buffer_size, required_size, ")", 1); } diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 7ab1c0a93..0e80f40c5 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -55,8 +55,8 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, %(algorithm_cases)s default: %(algorithm_code)s{ - return snprintf(buffer, buffer_size, - "0x%%08lx", (unsigned long) alg); + append_integer(&buffer, buffer_size, &required_size, + "0x%%08lx", (unsigned long) alg); } break; } @@ -82,8 +82,8 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size, if (required_size != 0) { append(&buffer, buffer_size, &required_size, " | ", 3); } - required_size += snprintf(buffer, buffer_size - required_size, - "0x%%08x", usage); + append_integer(&buffer, buffer_size, &required_size, + "0x%%08lx", (unsigned long) usage); } else { buffer[0] = 0; } From 498c2a1ff5fdca66c4600c00deaeeefcfa2b3ad9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Aug 2018 15:07:20 +0200 Subject: [PATCH 0523/2197] psa_constant_names: support truncated MAC and AEAD --- scripts/generate_psa_constants.py | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 0e80f40c5..85bfe3ae9 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -51,7 +51,24 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, psa_algorithm_t alg) { size_t required_size = 0; - switch (alg) { + psa_algorithm_t core_alg = alg; + unsigned long length_modifier = 0; + if (PSA_ALG_IS_MAC(alg)) { + core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0); + if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_TRUNCATED_MAC(", 22); + length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); + } + } else if (PSA_ALG_IS_AEAD(alg)) { + core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg); + if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, + "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29); + length_modifier = PSA_AEAD_TAG_LENGTH(alg); + } + } + switch (core_alg) { %(algorithm_cases)s default: %(algorithm_code)s{ @@ -60,6 +77,12 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } break; } + if (core_alg != alg) { + append(&buffer, buffer_size, &required_size, ", ", 2); + append_integer(&buffer, buffer_size, &required_size, + "%%lu", length_modifier); + append(&buffer, buffer_size, &required_size, ")", 1); + } buffer[0] = 0; return required_size; } @@ -99,10 +122,10 @@ key_type_from_curve_template = '''if (%(tester)s(type)) { PSA_KEY_TYPE_GET_CURVE(type)); } else ''' -algorithm_from_hash_template = '''if (%(tester)s(alg)) { +algorithm_from_hash_template = '''if (%(tester)s(core_alg)) { append_with_hash(&buffer, buffer_size, &required_size, "%(builder)s", %(builder_length)s, - PSA_ALG_GET_HASH(alg)); + PSA_ALG_GET_HASH(core_alg)); } else ''' bit_test_template = '''\ From 38808fa094d6cb50e2108081f476ea608f69d492 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Aug 2018 15:07:37 +0200 Subject: [PATCH 0524/2197] psa_constant_names: fix some copypasta --- programs/psa/psa_constant_names.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 755bc8c1e..55a70c60d 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -113,9 +113,9 @@ static void usage(const char *program_name) program_name == NULL ? "psa_constant_names" : program_name); printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n"); printf("Supported types (with = between aliases):\n"); - printf(" alg=algorithm Status code (psa_algorithm_t)\n"); + printf(" alg=algorithm Algorithm (psa_algorithm_t)\n"); printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_curve_t)\n"); - printf(" type=key_type Status code (psa_key_type_t)\n"); + printf(" type=key_type Key type (psa_key_type_t)\n"); printf(" usage=key_usage Key usage (psa_key_usage_t)\n"); printf(" error=status Status code (psa_status_t)\n"); } From 3111981d94a41f74a561f65def0e40a278842e8d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:47:48 +0200 Subject: [PATCH 0525/2197] Fix parameter name in Doxygen documentation --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ac3852912..a64610773 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -900,7 +900,7 @@ typedef uint32_t psa_algorithm_t; * \param alg A AEAD algorithm identifier (value of type * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) * is true). - * \param mac_length Desired length of the authentication tag in bytes. + * \param tag_length Desired length of the authentication tag in bytes. * * \return The corresponding AEAD algorithm with the specified * length. From 5b3417a3d10c08b99516a327a53471d6ee9e850f Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Wed, 10 Oct 2018 17:55:03 -0500 Subject: [PATCH 0526/2197] Added the crypto driver API header file --- include/psa/crypto_driver.h | 1287 +++++++++++++++++++++++++++++++++++ 1 file changed, 1287 insertions(+) create mode 100644 include/psa/crypto_driver.h diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h new file mode 100644 index 000000000..64c21b591 --- /dev/null +++ b/include/psa/crypto_driver.h @@ -0,0 +1,1287 @@ +#ifndef __PSA_CRYPTO_DRIVER_H__ +#define __PSA_CRYPTO_DRIVER_H__ + +#include +#include + +typedef uint32_t psa_status_t; +typedef uint32_t psa_algorithm_t; +typedef uint32_t encrypt_or_decrypt_t; +typedef uint32_t psa_key_slot_t; +typedef uint32_t psa_key_type_t; + +/** \defgroup opaque_mac Opaque Message Authentication Code + * @{ + */ +/** \brief A function that starts an MAC operation for a PSA Crypto Driver implementation using an opaque key + * + * \param p_context A structure that will contain the hardware-specific MAC context + * \param key_slot The slot of the key to be used for the operation + * \param algorithm The algorithm to be used to underly the MAC operation + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_mac_opaque_setup_t)( void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm ); + +/** \brief A function that continues a previously started MAC operation using an opaque key + * + * \param p_context A hardware-specific structure for the previously-established MAC operation to be continued + * \param p_input A buffer containing the message to be appended to the MAC operation + * \param input_length The size in bytes of the input message buffer + */ +typedef psa_status_t (*pcd_mac_opaque_update_t)( void *p_context, + const unsigned char *p_input, + size_t input_length ); + +/** \brief a function that completes a previously started MAC operation by returning the resulting MAC using an opaque key + * + * \param p_context A hardware-specific structure for the previously started MAC operation to be fiinished + * \param p_output A buffer where the generated MAC will be placed + * \param output_size The size in bytes of the buffer that has been allocated for the `output` buffer + * \param p_output_length After completion, the address will contain the number of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_mac_opaque_finish_t)( void *p_ctx, + unsigned char *p_output, + size_t output_size, + size_t *p_output_length ); + +/** \brief A function that completes a previously started MAC operation by comparing the resulting MAC against a known value + * using an opaque key + * + * \param p_context A hardware-specific structure for the previously started MAC operation to be fiinished + * \param p_mac The MAC value against which the resulting MAC will be compared against + * \param mac_length The size in bytes of the value stored in `mac` + * + * \retval PSA_SUCCESS + * The operation completed successfully and the MACs matched each other + * \retval PSA_ERROR_INVALID_SIGNATURE + * The operation completed successfully, but the calculated MAC did not match the provided MAC + */ +typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)( void *p_context, + const unsigned char *p_mac, + size_t mac_length ); + +/** \brief A funciton that performs an MAC operation in one command and return the calculated MAC using an opaque key + * + * \param p_input A buffer containing the message to be MACed + * \param input_length The size in bytes of `input` + * \param key_slot The slot of the key to be used + * \param alg The algorithm to be used to underlie the MAC operation + * \param p_output A buffer where the generated MAC will be placed + * \param output_size The size in bytes of the `output` buffer + * \param p_output_length After completion, the address will contain the number of bytes placed in the `output` buffer + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_mac_opaque_t)( const unsigned char *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + unsigned char *p_output, + size_t output_size, + size_t *p_output_length ); + +/** \brief A function that performs an MAC operation in one command and compare the resulting MAC against a known value using an opaque key + * + * \param p_input A buffer containing the message to be MACed + * \param input_length The size in bytes of `input` + * \param key_slot The slot of the key to be used + * \param alg The algorithm to be used to underlie the MAC operation + * \param p_mac The MAC value against which the resulting MAC will be compared against + * \param mac_length The size in bytes of `mac` + * + * \retval PSA_SUCCESS + * The operation completed successfully and the MACs matched each other + * \retval PSA_ERROR_INVALID_SIGNATURE + * The operation completed successfully, but the calculated MAC did not match the provided MAC + */ +typedef psa_status_t (*pcd_mac_opaque_verify_t)( const unsigned char *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + const unsigned char *p_mac, + size_t mac_length ); + +/** \brief A struct containing all of the function pointers needed to implement MAC operations using opaque keys. + * + * PSA Crypto API implementations should populate the table as appropriate upon startup. + * + * If one of the functions is not implemented (such as `pcd_mac_opaque_t`), it should be set to NULL. + * + */ +struct pcd_mac_opaque_t { + size_t context_size; /**__start + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying hash function, and `MAC_VARIANT` is the specific variant of a + * MAC operation (such as HMAC or CMAC) + * + * \param p_context A structure that will contain the hardware-specific MAC context + * \param p_key A buffer containing the cleartext key material to be used in the operation + * \param key_length The size in bytes of the key material + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_mac_transparent_start_t)( struct pcd_mac_transparent_context_t *p_context, + const unsigned char *p_key, + size_t key_length ); + +/** \brief The function prototype for the update operation of a transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_mac_transparent___update + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a + * MAC operation (such as HMAC or CMAC) + * + * \param p_context A hardware-specific structure for the previously-established MAC operation to be continued + * \param p_input A buffer containing the message to be appended to the MAC operation + * \param input_length The size in bytes of the input message buffer + */ +typedef psa_status_t (*pcd_mac_transparent_update_t)( struct pcd_mac_transparent_context_t *p_context, + const unsigned char *p_input, + size_t input_length ); + +/** \brief The function prototype for the finish operation of a transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_mac_transparent___finish + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a + * MAC operation (such as HMAC or CMAC) + * + * \param p_context A hardware-specific structure for the previously started MAC operation to be fiinished + * \param p_output A buffer where the generated MAC will be placed + * \param output_size The size in bytes of the buffer that has been allocated for the `p_output` buffer + * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_mac_transparent_finish_t)( struct pcd_mac_transparent_context_t *p_context, + unsigned char *p_output, + size_t output_size, + size_t *p_output_length ); + +/** @} + */ + +/** \defgroup opaque_cipher Opaque Symmetric Ciphers + ** @{ + */ + +/** \brief A function pointer that provides the cipher setup function for opaque-key operations + * + * TBD: Since this is an opaque API (External, in Gilles nomeclature), shouldn't we be receiving a key handle/slot instead of key data? This is how I + * will write it + + * \param p_context A structure that will contain the hardware-specific cipher context. + * \param key_slot THe slot of the key to be used for the operation + * \param algorithm The algorithm to be used in the cipher operation + * \param direction Indicates whether the operation is an encrypt or decrypt + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_NOT_SUPPORTED + */ +typedef psa_status_t (*pcd_cipher_opaque_setup_t) ( void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + encrypt_or_decrypt_t direction ); + + +/** \brief A function pointer that sets the initialization vector (if necessary) for an opaque cipher operation + * + * Note that the psa_cipher_* function set has two IV functions: one to set the IV, and one to generate it + * internally. the generate function is not necessary for the driver API as the PSA Crypto implementation + * can do the generation using it's RNG features + * + * \param p_context A structure that contains the previously set up hardware-specific cipher context + * \param p_iv A buffer containing the initialization vector + * \param iv_length The size (in bytes) of the `p_iv` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)( void *p_context, + const uint8_t *p_iv, + size_t iv_length ); + +/** \brief A function that continues a previously started opaque-key cipher operation + * + * \param p_context A hardware-specific structure for the previously started cipher operation + * \param p_input A buffer containing the data to be encrypted/decrypted + * \param input_size The size in bytes of the buffer pointed to by `p_input` + * \param p_output The caller-allocated buffer where the output will be placed + * \param output_size The allocated size in bytes of the `p_output` buffer + * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_opaque_update_t) (void *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** \brief A function that completes a previously started opaque-key cipher operation + * + * \param p_context A hardware-specific structure for the previously started cipher operation + * \param p_output The caller-callocated buffer where the output will be placed + * \param output_size The allocated size in bytes of the `p_output` buffer + * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_opaque_finish_t) (void *p_context, uint8_t *p_output, size_t output_size, size_t *p_output_length ); + +/** \brief A function that performs the ECB block mode for opaque-key cipher operations + * + * Note: this function should only be used with implementations that do not provide a needed higher-level operation. + * + * \param key_slot The slot of the key to be used for the operation + * \param algorithm The algorithm to be used in the cipher operation + * \param direction Indicates whether the operation is an encrypt or decrypt + * \param p_input A buffer containing the data to be encrypted/decrypted + * \param input_size The size in bytes of the buffer pointed to by `p_input` + * \param p_output The caller-allocated byffer where the output will be placed + * \param output_size The allocated size in bytes of the `p_output` buffer + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_NOT_SUPPORTED + */ +typedef psa_status_t (*pcd_cipher_opaque_ecb_t) ( psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + encrypt_or_decrypt_t direction, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size ); + +/** + * \brief A struct containing all of the function pointers needed to implement cipher operations using opaque keys. + * + * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * + * If one of the functions is not implemented (such as `pcd_cipher_opaque_ecb_t`), it should be set to NULL. + */ +struct pcd_cipher_opaque_t { + size_t size; /**_ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * \param p_context A structure that will contain the hardware-specific cipher context + * \param direction Indicates if the operation is an encrypt or a decrypt + * \param p_key_data A buffer containing the cleartext key material to be used in the operation + * \param key_data_size The size in bytes of the key material + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_transparent_setup_t) ( struct pcd_cipher_transparent_context_t *p_context, + encrypt_or_decrypt_t direction, + const uint8_t *p_key_data, + size_t key_data_size ); + +/** \brief The function prototype for the set initialization vector operation of transparent-key block cipher operations + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_cipher_transparent_set_iv__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * \param p_context A structure that contains the previously setup hardware-specific cipher context + * \param p_iv A buffer containing the initialization vecotr + * \param iv_length The size in bytes of the contents of `p_iv` + * + * \retval PSA_SUCCESS +*/ +typedef psa_status_t (*pcd_cipher_transparent_set_iv_t) ( struct pcd_cipher_transparent_context_t *p_context, + const uint8_t *p_iv, + size_t iv_length ); +/** \brief The function prototype for the update operation of transparent-key block cipher operations. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_cipher_transparent_update__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding? + * + * \param p_context A hardware-specific structure for the previously started cipher operation + * \param p_input A buffer containing the data to be encrypted or decrypted + * \param input_size The size in bytes of the `p_input` buffer + * \param p_output A caller-allocated buffer where the generated output will be placed + * \param output_size The size in bytes of the `p_output` buffer + * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_transparent_update_t) ( struct pcd_cipher_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** \brief The function prototype for the finish operation of transparent-key block cipher operations. +* + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_cipher_transparent_finish__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding? + * + * \param p_context A hardware-specific structure for the previously started cipher operation + * \param p_output A caller-allocated buffer where the generated output will be placed + * \param output_size The size in bytes of the `p_output` buffer + * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_transparent_finish_t) ( struct pcd_cipher_transparent_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** \brief The function prototype for the abort operation of transparent-key block cipher operations. + * + * Functions that implement the following prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_cipher_transparent_abort__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding? + * + * \param p_context A hardware-specific structure for the previously started cipher operation + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_transparent_abort_t) ( struct pcd_cipher_transparent_context_t *p_context ); + +/** @} + */ + +/** \defgroup digest Message Digests + * @{ + */ + +/** \brief The hardware-specific hash context structure + * The contents of this structure are implementation dependent and are therefore not described here + */ +struct pcd_hash_context_t { + // Implementation specific +}; + +/** \brief The function prototype for the start operation of a hash (message digest) operation + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_hash__start + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying hash function + * + * \param p_context A structure that will contain the hardware-specific hash context + * + * \retval PSA_SUCCESS Success. + */ +typedef psa_status_t (*pcd_hash_start_t)(struct pcd_hash_context_t *p_context ); + + + +/** \brief The function prototype for the update operation of a hash (message digest) operation + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_hash__update + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm + * + * \param p_context A hardware-specific structure for the previously-established hash operation to be continued + * \param p_input A buffer containing the message to be appended to the hash operation + * \param input_length The size in bytes of the input message buffer + */ +typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, const unsigned char *p_input, size_t input_length); + +/** \brief The prototype for the finish operation of a hash (message digest) operation + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_hash__finish + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm + * + * \param p_context A hardware-specific structure for the previously started hash operation to be fiinished + * \param p_output A buffer where the generated digest will be placed + * \param output_size The size in bytes of the buffer that has been allocated for the `p_output` buffer + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, unsigned char *p_output, size_t output_size); + +/** \brief The function prototype for the abort operation of a hash (message digest) operation + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_hash__abort + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm + * + * \param p_context A hardware-specific structure for the previously started hash operation to be aborted + */ +typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); + +/** @} + */ + + +/** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography + * @{ + */ + +/** + * \brief A function that signs a hash or short message with a private key. + * + * \param key_slot Key slot of an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of `key`. + * \param[in] p_hash The hash or message to sign. + * \param hash_length Size of the `p_hash` buffer in bytes. + * \param[out] p_signature Buffer where the signature is to be written. + * \param signature_size Size of the `p_signature` buffer in bytes. + * \param[out] p_signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)( psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length ); + +/** + * \brief A function that verifies the signature a hash or short message using a public key. + * + * \param key_slot Key slot of a public key or an asymmetric key pair. + * \param alg A signature algorithm that is compatible with + * the type of `key`. + * \param[in] p_hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the `p_hash` buffer in bytes. + * \param[in] p_signature Buffer containing the signature to verify. + * \param signature_length Size of the `p_signature` buffer in bytes. + * + * \retval PSA_SUCCESS + * The signature is valid. + */ +typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)( psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length ); + +/** + * \brief A function that encrypts a short message with a public key. + * + * \param key_slot Key slot of a public key or an asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of `key`. + * \param[in] p_input The message to encrypt. + * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] p_salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass `NULL`. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass `NULL`. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the `p_salt` buffer in bytes. + * If `p_salt` is `NULL`, pass 0. + * \param[out] p_output Buffer where the encrypted message is to + * be written. + * \param output_size Size of the `p_output` buffer in bytes. + * \param[out] p_output_length On success, the number of bytes + * that make up the returned output. + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)( psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** + * \brief Decrypt a short message with a private key. + * + * \param key_slot Key slot of an asymmetric key pair. + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \p key. + * \param[in] p_input The message to decrypt. + * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] p_salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass `NULL`. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass `NULL`. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the `p_salt` buffer in bytes. + * If `p_salt` is `NULL`, pass 0. + * \param[out] p_output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the `p_output` buffer in bytes. + * \param[out] p_output_length On success, the number of bytes + * that make up the returned output. + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)( psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** + * \brief A struct containing all of the function pointers needed to implement asymmetric cryptographic operations + * using opaque keys. + * + * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * + * If one of the functions is not implemented, it should be set to NULL. + */ +struct pcd_asymmetric_opaque_t { + pcd_asymmetric_opaque_sign_t *p_sign; /**< Function that performs the asymmetric sign operation */ + pcd_asymmetric_opaque_verify_t *p_verify; /**< Function that performs the asymmetric verify operation */ + pcd_asymmetric_opaque_encrypt_t *p_encrypt; /**< Function that performs the asymmetric encrypt operation */ + pcd_asymmetric_opaque_decrypt_t *p_decrypt; /**< Function that performs the asymmetric decrypt operation */ +}; + +/** @} + */ + +/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography + * @{ + */ + + +/** + * \brief A function that signs a hash or short message with a transparent private key. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_asymmetric__sign + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the signing algorithm + * + * \param p_key A buffer containing the private key material. + * \param key_size The size in bytes of the `p_key` data + * \param alg A signature algorithm that is compatible with + * the type of `p_key`. + * \param[in] p_hash The hash or message to sign. + * \param hash_length Size of the `p_hash` buffer in bytes. + * \param[out] p_signature Buffer where the signature is to be written. + * \param signature_size Size of the `p_signature` buffer in bytes. + * \param[out] p_signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)( const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length ); + +/** + * \brief A function that verifies the signature a hash or short message using a transparent public key. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_asymmetric__verify + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the signing algorithm + * + * \param p_key A buffer containing the public key material. + * \param key_size The size in bytes of the `p_key` data + * \param alg A signature algorithm that is compatible with + * the type of `key`. + * \param[in] p_hash The hash or message whose signature is to be + * verified. + * \param hash_length Size of the `p_hash` buffer in bytes. + * \param[in] p_signature Buffer containing the signature to verify. + * \param signature_length Size of the `p_signature` buffer in bytes. + * + * \retval PSA_SUCCESS + * The signature is valid. + */ +typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)( const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length ); + +/** + * \brief A function that encrypts a short message with a transparent public key. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_asymmetric__encrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the encryption algorithm + * + * \param p_key A buffer containing the public key material + * \param key_size The size in bytes of the `p_key` data + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of `key`. + * \param[in] p_input The message to encrypt. + * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] p_salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass `NULL`. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass `NULL`. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the `p_salt` buffer in bytes. + * If `p_salt` is `NULL`, pass 0. + * \param[out] p_output Buffer where the encrypted message is to + * be written. + * \param output_size Size of the `p_output` buffer in bytes. + * \param[out] p_output_length On success, the number of bytes + * that make up the returned output. + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)( const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** + * \brief Decrypt a short message with a transparent private key. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_asymmetric__decrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the encryption algorithm + * + * \param p_key A buffer containing the private key material + * \param key_size The size in bytes of the `p_key` data + * \param alg An asymmetric encryption algorithm that is + * compatible with the type of \p key. + * \param[in] p_input The message to decrypt. + * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] p_salt A salt or label, if supported by the + * encryption algorithm. + * If the algorithm does not support a + * salt, pass `NULL`. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass `NULL`. + * + * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param salt_length Size of the `p_salt` buffer in bytes. + * If `p_salt` is `NULL`, pass 0. + * \param[out] p_output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the `p_output` buffer in bytes. + * \param[out] p_output_length On success, the number of bytes + * that make up the returned output. + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)( const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length ); + +/** @} + */ + +/** \defgroup aead_opaque AEAD Opaque + * * @{ + */ + +/** Process an authenticated encryption operation using an opaque key. + * + * \param key_slot Slot containing the key to use. + * \param algorithm The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] p_nonce Nonce or IV to use. + * \param nonce_length Size of the `p_nonce` buffer in bytes. + * \param[in] p_additional_data Additional data that will be authenticated + * but not encrypted. + * \param additional_data_length Size of `p_additional_data` in bytes. + * \param[in] p_plaintext Data that will be authenticated and + * encrypted. + * \param plaintext_length Size of `p_plaintext` in bytes. + * \param[out] p_ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is not + * part of this output. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate outputs, the + * authentication tag is appended to the + * encrypted data. + * \param ciphertext_size Size of the `p_ciphertext` buffer in bytes. + * \param[out] p_ciphertext_length On success, the size of the output + * in the `p_ciphertext` buffer. + * + * \retval #PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_aead_opaque_encrypt_t)( psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_plaintext, + size_t plaintext_length, + uint8_t *p_ciphertext, + size_t ciphertext_size, + size_t *p_ciphertext_length); + +/** Process an authenticated decryption operation using an opaque key. + * + * \param key_slot Slot containing the key to use. + * \param algorithm The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] p_nonce Nonce or IV to use. + * \param nonce_length Size of the `p_nonce` buffer in bytes. + * \param[in] p_additional_data Additional data that has been authenticated + * but not encrypted. + * \param additional_data_length Size of `p_additional_data` in bytes. + * \param[in] p_ciphertext Data that has been authenticated and + * encrypted. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate inputs, the buffer + * must contain the encrypted data followed + * by the authentication tag. + * \param ciphertext_length Size of `p_ciphertext` in bytes. + * \param[out] p_plaintext Output buffer for the decrypted data. + * \param plaintext_size Size of the `p_plaintext` buffer in bytes. + * \param[out] p_plaintext_length On success, the size of the output + * in the `p_plaintext` buffer. + * + * \retval #PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_aead_opaque_decrypt_t)( psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_ciphertext, + size_t ciphertext_length, + uint8_t *p_plaintext, + size_t plaintext_size, + size_t *p_plaintext_length); + +/** + * \brief A struct containing all of the function pointers needed to implement Authenticated Encryption + * with Additional Data operations using opaque keys + * + * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * + * If one of the functions is not implemented, it should be set to NULL. + */ +struct psa_aead_opaque_t { + psa_aead_opaque_encrypt_t *p_encrypt; /**< Function that performs the AEAD encrypt operation */ + psa_aead_opaque_decrypt_t *p_decrypt; /**< Function that performs the AEAD decrypt operation */ +}; +/** @} + */ + +/** \defgroup aead_transparent AEAD Transparent + */ + +/** Process an authenticated encryption operation. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_aead__encrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the AEAD algorithm + * + * \param p_key A pointer to the key material + * \param key_length The size in bytes of the key material + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param[in] additional_data Additional data that will be MACed + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param[in] plaintext Data that will be MACed and + * encrypted. + * \param plaintext_length Size of \p plaintext in bytes. + * \param[out] ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is not + * part of this output. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate outputs, the + * authentication tag is appended to the + * encrypted data. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, + * \p plaintext_length). + * \param[out] ciphertext_length On success, the size of the output + * in the \b ciphertext buffer. + * + * \retval #PSA_SUCCESS + + */ +typedef psa_status_t (*psa_aead_transparent_encrypt_t)( const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length ); + +/** Process an authenticated decryption operation. + * + * Functions that implement the prototype should be named in the following convention: + * ~~~~~~~~~~~~~{.c} + * pcd_aead__decrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the AEAD algorithm + * \param p_key A pointer to the key material + * \param key_length The size in bytes of the key material + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param[in] nonce Nonce or IV to use. + * \param nonce_length Size of the \p nonce buffer in bytes. + * \param[in] additional_data Additional data that has been MACed + * but not encrypted. + * \param additional_data_length Size of \p additional_data in bytes. + * \param[in] ciphertext Data that has been MACed and + * encrypted. For algorithms where the + * encrypted data and the authentication tag + * are defined as separate inputs, the buffer + * must contain the encrypted data followed + * by the authentication tag. + * \param ciphertext_length Size of \p ciphertext in bytes. + * \param[out] plaintext Output buffer for the decrypted data. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, + * \p ciphertext_length). + * \param[out] plaintext_length On success, the size of the output + * in the \b plaintext buffer. + * + * \retval #PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_aead_transparent_decrypt_t) ( const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); + +/** @} + + +/** \defgroup rng Entropy Generation + * @{ + */ + +/** \brief A hardware-specific structure for a entropy providing hardware + */ +struct pcd_entropy_context_t { + // Implementation specific +}; + +/** \brief Initialize an entropy driver + * + * + * \param p_context A hardware-specific structure containing any context information for the implementation + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_entropy_init_t)( struct pcd_entropy_context_t *p_context ); + +/** \brief Get a specified number of bytes from the entropy source + * + * Retrives `buffer_size` bytes of data from the entropy source. The entropy source will always fill the provided buffer to its full size. + * However, most entropy sources have biases, and the actual amount of entropy contained in the buffer will be less than the number of bytes. + * The driver will return the actual number of bytes of entropy placed in the buffer in `p_received_entropy_bytes`. + * A PSA Crypto API implementation will likely feed the output of this function into a Digital Random Bit Generator (DRBG), and typically has + * a minimum amount of entropy that it needs. + * To accomplish this, the PSA Crypto implementation should be designed to call this function multiple times until it has received the required + * amount of entropy from the entropy source. + * + * \param p_context A hardware-specific structure containing any context information for the implementation + * \param p_buffer A caller-allocated buffer for the retrieved bytes to be placed in + * \param buffer_size The allocated size of `p_buffer` + * \param p_received_entropy_bytes The amount of entropy (in bytes) actually provided in `p_buffer` + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_entropy_get_bytes_t)( struct pcd_entropy_context_t *p_context, uint8_t *p_buffer, uint32_t buffer_size, uint32_t *p_received_entropy_bytes ); + +/** + * \brief A struct containing all of the function pointers needed to interface to an entropy source + * + * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * + * If one of the functions is not implemented, it should be set to NULL. + */ +struct pcd_entropy_t { + pcd_entropy_init_t *p_init; /**< Function that performs initialization for the entropy source */ + pcd_entropy_get_bytes_t *p_get_bytes; /**< Function that performs the get_bytes operation for the entropy source */ +}; +/** @} + */ + +/** \defgroup key_management Key Management + * @{ + */ + +/** \brief Import a key in binary format. + * + * This function can support any output from psa_export_key(). Refer to the + * documentation of psa_export_key() for the format for each key type. + * + * \param key_slot Slot where the key will be stored. This must be a + * valid slot for a key of the chosen type. It must + * be unoccupied. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] p_data Buffer containing the key data. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*pcd_opaque_import_key_t) ( psa_key_slot_t key_slot, + psa_key_type_t type, + const uint8_t *p_data, + size_t data_length ); + +/** + * \brief Destroy a key and restore the slot to its default state. + * + * This function destroys the content of the key slot from both volatile + * memory and, if applicable, non-volatile storage. Implementations shall + * make a best effort to ensure that any previous content of the slot is + * unrecoverable. + * + * This function also erases any metadata such as policies. It returns the + * specified slot to its default state. + * + * \param key_slot The key slot to erase. + * + * \retval #PSA_SUCCESS + * The slot's content, if any, has been erased. + */ +typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key ); + +/** + * \brief Export a key in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an equivalent object. + * + * If a key is created with psa_import_key() and then exported with + * this function, it is not guaranteed that the resulting data is + * identical: the implementation may choose a different representation + * of the same key if the format permits it. + * + * For standard key types, the output format is as follows: + * + * - For symmetric keys (including MAC keys), the format is the + * raw bytes of the key. + * - For DES, the key data consists of 8 bytes. The parity bits must be + * correct. + * - For Triple-DES, the format is the concatenation of the + * two or three DES keys. + * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format + * is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017) + * as RSAPrivateKey. + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format + * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. + * + * \param key Slot whose content is to be exported. This must + * be an occupied key slot. + * \param[out] p_data Buffer where the key data is to be written. + * \param data_size Size of the `p_data` buffer in bytes. + * \param[out] p_data_length On success, the number of bytes + * that make up the key data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +typedef psa_status_t (*pcd_export_key_t)( psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ); + +/** + * \brief Export a public key or the public part of a key pair in binary format. + * + * The output of this function can be passed to psa_import_key() to + * create an object that is equivalent to the public key. + * + * For standard key types, the output format is as follows: + * + * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY), + * the format is the DER representation of the public key defined by RFC 5280 + * as SubjectPublicKeyInfo. + * + * \param key_slot Slot whose content is to be exported. This must + * be an occupied key slot. + * \param[out] p_data Buffer where the key data is to be written. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] p_data_length On success, the number of bytes + * that make up the key data. + * + * \retval #PSA_SUCCESS + */ +typedef psa_status_t (*pcd_export_public_key_t)( psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ); + +/** + * \brief A struct containing all of the function pointers needed to for key management using + * opaque keys. + * + * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * + * If one of the functions is not implemented, it should be set to NULL. + */ +struct pcd_key_management_t { + pcd_opaque_import_key_t *p_import; /**< Function that performs the key import operation */ + pcd_destroy_key_t *p_destroy; /**< Function that performs the key destroy operation */ + pcd_export_key_t *p_export; /**< Function that performs the key export operation */ + pcd_export_public_key_t *p_export_public; /**< Function that perforsm the public key export operation */ +}; + +/** @} + */ + +/** \defgroup derivation Key Derivation and Agreement + * @{ + * Key derivation is the process of generating new key material using an existing key and additional parameters, iterating through a basic + * cryptographic function, such as a hash. + * Key agreement is a part of cryptographic protocols that allows two parties to agree on the same key value, but starting from different original + * key material. + * The flows are similar, and the PSA Crypto Driver API uses the same functions for both of the flows. + * + * There are two different final functions for the flows, `pcd_key_derivation_derive` and `pcd_key_derivation_export`. `pcd_key_derivation_derive` + * is used when the key material should be placed in a slot on the hardware and not exposed to the caller. `pcd_key_derivation_export` is used + * when the key material should be returned to the PSA Cryptographic API implementation. + * + * Different key derivation algorithms require a different number of inputs. Instead of having an API that + * takes as input variable length arrays, which can be problemmatic to manage on embedded platforms, the inputs + * are passed to the driver via a function, `pcd_key_derivation_collateral`, that is called multiple times with different `collateral_id`s. + * Thus, for a key derivation algorithm that required 3 paramter inputs, the flow would look something like: +```C +pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); +pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, p_collateral_0, collateral_0_size); +pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, p_collateral_1, collateral_1_size); +pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, p_collateral_2, collateral_2_size); +pcd_key_derivation_derive(); +``` + +key agreement example: +```C +pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes); +pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); +pcd_key_derivation_export(p_session_key, session_key_size, &session_key_length); +``` + */ + +/** \brief Set up a key derivation operation by specifying the algorithm and the source key sot + * + * \param kdf_alg The algorithm to be used for the key derivation + * \param souce_key The key to be used as the source material for the key derivation + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t ( *pcd_key_derivation_setup_t )( psa_algorithm_t kdf_alg, psa_key_slot_t source_key ); + +/** \brief Provide collateral (parameters) needed for a key derivation or key agreement operation + * + * Since many key derivation algorithms require multiple parameters, it is expeced that this function may be called multiple + * times for the same operation, each with a different algorithm-specific `collateral_id` + * + * \param collateral_id + * \param p_collateral + * \param collateral_size + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_key_derivation_collateral_t ) ( uint32_t collateral_id, const uint8_t p_collateral, uint32_t collateral_size ); + +/** \brief Perform the final key derivation step and place the generated key material in a slot + * + * param dest_key The slot where the generated key material should be placed + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t ( *pcd_key_derivation_derive_t )( psa_key_slot_t dest_key ); + +/** \brief Pefform the final step of a key agreement and place the generated key material in a buffer + * + * \param p_output + * \param output_size + * \param p_output_length + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t ( *pcd_key_derivation_export_t )( uint8_t *p_output, uint32_t output_size, uint32_t *p_output_length ); + +/** + * \brief A struct containing all of the function pointers needed to for key derivation and agreement + * + * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * + * If one of the functions is not implemented, it should be set to NULL. + */ +struct pcd_key_derivation_t { + pcd_key_derivation_setup_t *p_setup; /**< Function that performs the key derivation setup */ + pcd_key_derivation_collateral_t *p_collateral; /**< Function that sets the key derivation collateral */ + pcd_key_derivation_derive_t *p_derive; /**< Function that performs the final key derivation step */ + pcd_key_derivation_export_t *p_export; /**< Function that perforsm the final key derivation or agreement and exports the key */ +}; + +/** @} + */ + +#endif // __PSA_CRYPTO_DRIVER_H__ \ No newline at end of file From 16e72299cd418ed63044b65ad4251accdea80c5d Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Mon, 15 Oct 2018 16:14:24 -0500 Subject: [PATCH 0527/2197] Changed crypto_driver.h based on PR feedback --- include/psa/crypto_driver.h | 1866 +++++++++++++++++++++-------------- 1 file changed, 1128 insertions(+), 738 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 64c21b591..c0a62b268 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -1,348 +1,615 @@ +/** + * \file psa/crypto_driver.h + * \brief Platform Security Architecture cryptographic driver module + * + * This file describes an API for driver developers to implement to enable + * hardware to be called in a standardized way by a PSA Cryptographic API + * implementation. The API described is not intended to be called by + * application developers. + */ + +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ #ifndef __PSA_CRYPTO_DRIVER_H__ #define __PSA_CRYPTO_DRIVER_H__ #include #include +/** The following types are redefinitions from the psa/crypto.h file. + * It is intended that these will be moved to a new common header file to + * avoid duplication. They are included here for expediency in publication. + */ typedef uint32_t psa_status_t; typedef uint32_t psa_algorithm_t; -typedef uint32_t encrypt_or_decrypt_t; +typedef uint8_t encrypt_or_decrypt_t; typedef uint32_t psa_key_slot_t; typedef uint32_t psa_key_type_t; /** \defgroup opaque_mac Opaque Message Authentication Code - * @{ */ -/** \brief A function that starts an MAC operation for a PSA Crypto Driver implementation using an opaque key +/**@{*/ +/** \brief A function that starts a MAC operation for a PSA Crypto Driver + * implementation using an opaque key * - * \param p_context A structure that will contain the hardware-specific MAC context - * \param key_slot The slot of the key to be used for the operation - * \param algorithm The algorithm to be used to underly the MAC operation + * \param[in,out] p_context A structure that will contain the + * hardware-specific MAC context + * \param[in] key_slot The slot of the key to be used for the + * operation + * \param[in] algorithm The algorithm to be used to underly the MAC + * operation * * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_opaque_setup_t)( void *p_context, - psa_key_slot_t key_slot, - psa_algorithm_t algorithm ); +typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm); -/** \brief A function that continues a previously started MAC operation using an opaque key +/** \brief A function that continues a previously started MAC operation using + * an opaque key * - * \param p_context A hardware-specific structure for the previously-established MAC operation to be continued - * \param p_input A buffer containing the message to be appended to the MAC operation - * \param input_length The size in bytes of the input message buffer + * \param[in,out] p_context A hardware-specific structure for the + * previously-established MAC operation to be + * continued + * \param[in] p_input A buffer containing the message to be appended + * to the MAC operation + * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_mac_opaque_update_t)( void *p_context, - const unsigned char *p_input, - size_t input_length ); +typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, + const uint8_t *p_input, + size_t input_length); -/** \brief a function that completes a previously started MAC operation by returning the resulting MAC using an opaque key +/** \brief a function that completes a previously started MAC operation by + * returning the resulting MAC using an opaque key * - * \param p_context A hardware-specific structure for the previously started MAC operation to be fiinished - * \param p_output A buffer where the generated MAC will be placed - * \param output_size The size in bytes of the buffer that has been allocated for the `output` buffer - * \param p_output_length After completion, the address will contain the number of bytes placed in the `p_output` buffer + * \param[in] p_context A hardware-specific structure for the + * previously started MAC operation to be + * finished + * \param[out] p_mac A buffer where the generated MAC will be + * placed + * \param[in] mac_size The size in bytes of the buffer that has been + * allocated for the `output` buffer + * \param[out] p_mac_length After completion, will contain the number of + * bytes placed in the `p_output` buffer * * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_opaque_finish_t)( void *p_ctx, - unsigned char *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context, + uint8_t *p_mac, + size_t mac_size, + size_t *p_mac_length); -/** \brief A function that completes a previously started MAC operation by comparing the resulting MAC against a known value - * using an opaque key +/** \brief A function that completes a previously started MAC operation by + * comparing the resulting MAC against a known value using an opaque key * - * \param p_context A hardware-specific structure for the previously started MAC operation to be fiinished - * \param p_mac The MAC value against which the resulting MAC will be compared against - * \param mac_length The size in bytes of the value stored in `mac` + * \param[in] p_context A hardware-specific structure for the previously + * started MAC operation to be fiinished + * \param[in] p_mac The MAC value against which the resulting MAC will + * be compared against + * \param[in] mac_length The size in bytes of the value stored in `p_mac` * * \retval PSA_SUCCESS - * The operation completed successfully and the MACs matched each other + * The operation completed successfully and the MACs matched each + * other * \retval PSA_ERROR_INVALID_SIGNATURE - * The operation completed successfully, but the calculated MAC did not match the provided MAC + * The operation completed successfully, but the calculated MAC did + * not match the provided MAC */ -typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)( void *p_context, - const unsigned char *p_mac, - size_t mac_length ); +typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context, + const uint8_t *p_mac, + size_t mac_length); -/** \brief A funciton that performs an MAC operation in one command and return the calculated MAC using an opaque key +/** \brief A function that aborts a previous started opaque-key MAC operation + + * \param[in] p_context A hardware-specific structure for the previously + * started MAC operation to be aborted + */ +typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); + +/** \brief A funciton that performs a MAC operation in one command and return + * the calculated MAC using an opaque key * - * \param p_input A buffer containing the message to be MACed - * \param input_length The size in bytes of `input` - * \param key_slot The slot of the key to be used - * \param alg The algorithm to be used to underlie the MAC operation - * \param p_output A buffer where the generated MAC will be placed - * \param output_size The size in bytes of the `output` buffer - * \param p_output_length After completion, the address will contain the number of bytes placed in the `output` buffer + * \param[in] p_input A buffer containing the message to be MACed + * \param[in] input_length The size in bytes of `input` + * \param[in] key_slot The slot of the key to be used + * \param[in] alg The algorithm to be used to underlie the MA + * operation + * \param[out] p_mac A buffer where the generated MAC will be + * placed + * \param[in] mac_size The size in bytes of the `output` buffer + * \param[out] p_mac_length After completion, will contain the number of + * bytes placed in the `output` buffer * * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_opaque_t)( const unsigned char *p_input, - size_t input_length, - psa_key_slot_t key_slot, - psa_algorithm_t alg, - unsigned char *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_size, + size_t *p_mac_length); -/** \brief A function that performs an MAC operation in one command and compare the resulting MAC against a known value using an opaque key +/** \brief A function that performs an MAC operation in one command and + * compare the resulting MAC against a known value using an opaque key * - * \param p_input A buffer containing the message to be MACed - * \param input_length The size in bytes of `input` - * \param key_slot The slot of the key to be used - * \param alg The algorithm to be used to underlie the MAC operation - * \param p_mac The MAC value against which the resulting MAC will be compared against - * \param mac_length The size in bytes of `mac` + * \param[in] p_input A buffer containing the message to be MACed + * \param[in] input_length The size in bytes of `input` + * \param[in] key_slot The slot of the key to be used + * \param[in] alg The algorithm to be used to underlie the MAC + * operation + * \param[in] p_mac The MAC value against which the resulting MAC will + * be compared against + * \param[in] mac_length The size in bytes of `mac` * * \retval PSA_SUCCESS - * The operation completed successfully and the MACs matched each other + * The operation completed successfully and the MACs matched each + * other * \retval PSA_ERROR_INVALID_SIGNATURE - * The operation completed successfully, but the calculated MAC did not match the provided MAC + * The operation completed successfully, but the calculated MAC did + * not match the provided MAC */ -typedef psa_status_t (*pcd_mac_opaque_verify_t)( const unsigned char *p_input, +typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, size_t input_length, psa_key_slot_t key_slot, psa_algorithm_t alg, - const unsigned char *p_mac, - size_t mac_length ); + const uint8_t *p_mac, + size_t mac_length); -/** \brief A struct containing all of the function pointers needed to implement MAC operations using opaque keys. +/** \brief A struct containing all of the function pointers needed to + * implement MAC operations using opaque keys. * - * PSA Crypto API implementations should populate the table as appropriate upon startup. + * PSA Crypto API implementations should populate the table as appropriate + * upon startup. * - * If one of the functions is not implemented (such as `pcd_mac_opaque_t`), it should be set to NULL. + * If one of the functions is not implemented (such as `pcd_mac_opaque_t`), + * it should be set to NULL. + * + * Driver implementers should ensure that they implement all of the functions + * that make sense for their hardware, and that they provide a full solution + * (for example, if they support `p_setup`, they should also support + * `p_update` and at least one of `p_finish` or `p_finish_verify`). * */ struct pcd_mac_opaque_t { - size_t context_size; /**__start + * pcd_mac_transparent___setup * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying hash function, and `MAC_VARIANT` is the specific variant of a - * MAC operation (such as HMAC or CMAC) + * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` + * is the specific variant of a MAC operation (such as HMAC or CMAC) * - * \param p_context A structure that will contain the hardware-specific MAC context - * \param p_key A buffer containing the cleartext key material to be used in the operation - * \param key_length The size in bytes of the key material + * \param[in,out] p_context A structure that will contain the + * hardware-specific MAC context + * \param[in] p_key A buffer containing the cleartext key material + * to be used in the operation + * \param[in] key_length The size in bytes of the key material * * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_transparent_start_t)( struct pcd_mac_transparent_context_t *p_context, - const unsigned char *p_key, - size_t key_length ); +typedef psa_status_t (*pcd_mac_transparent_setup_t)(struct pcd_mac_transparent_context_t *p_context, + const uint8_t *p_key, + size_t key_length); -/** \brief The function prototype for the update operation of a transparent-key MAC operation +/** \brief The function prototype for the update operation of a + * transparent-key MAC operation * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_mac_transparent___update * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a - * MAC operation (such as HMAC or CMAC) + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` + * is the specific variant of a MAC operation (such as HMAC or CMAC) * - * \param p_context A hardware-specific structure for the previously-established MAC operation to be continued - * \param p_input A buffer containing the message to be appended to the MAC operation - * \param input_length The size in bytes of the input message buffer + * \param[in,out] p_context A hardware-specific structure for the + * previously-established MAC operation to be + * continued + * \param[in] p_input A buffer containing the message to be appended + * to the MAC operation + * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_mac_transparent_update_t)( struct pcd_mac_transparent_context_t *p_context, - const unsigned char *p_input, - size_t input_length ); +typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_length); -/** \brief The function prototype for the finish operation of a transparent-key MAC operation +/** \brief The function prototype for the finish operation of a + * transparent-key MAC operation * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_mac_transparent___finish * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a - * MAC operation (such as HMAC or CMAC) + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) * - * \param p_context A hardware-specific structure for the previously started MAC operation to be fiinished - * \param p_output A buffer where the generated MAC will be placed - * \param output_size The size in bytes of the buffer that has been allocated for the `p_output` buffer - * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * \param[in] p_context A hardware-specific structure for the + * previously started MAC operation to be + * finished + * \param[out] p_mac A buffer where the generated MAC will be placed + * \param[in] mac_length The size in bytes of the buffer that has been + * allocated for the `p_mac` buffer * * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_transparent_finish_t)( struct pcd_mac_transparent_context_t *p_context, - unsigned char *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_context_t *p_context, + uint8_t *p_mac, + size_t mac_length); -/** @} +/** \brief The function prototype for the finish and verify operation of a + * transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * pcd_mac_transparent___finish_verify + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in] p_context A hardware-specific structure for the + * previously started MAC operation to be + * fiinished + * \param[in] p_mac A buffer containing the MAC that will be used + * for verification + * \param[in] mac_length The size in bytes of the data in the `p_mac` + * buffer + * + * \retval PSA_SUCCESS + * The operation completed successfully and the comparison matched */ +typedef psa_status_t (*pcd_mac_transparent_verify_finish_t)(struct pcd_mac_transparent_context_t *p_context, + const uint8_t *p_mac, + size_t mac_length); + +/** \brief The function prototype for the abort operation for a previously + * started transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * pcd_mac_transparent___abort + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in] p_context A hardware-specific structure for the + * previously started MAC operation to be + * fiinished + * + */ +typedef psa_status_t (*pcd_mac_transparent_abort_t)(struct pcd_mac_transparent_context_t *p_context); + +/** \brief The function prototype for a one-shot operation of a transparent-key + * MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * pcd_mac_transparent__ + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in] p_input A buffer containing the data to be MACed + * \param[in] input_length The length in bytes of the `p_input` data + * \param[in] p_key A buffer containing the key material to be used + * for the MAC operation + * \param[in] key_length The length in bytes of the `p_key` data + * \param[in] alg The algorithm to be performed + * \param[out] p_mac The buffer where the resulting MAC will be placed + * upon success + * \param[in] mac_length The length in bytes of the `p_mac` buffer + */ +typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_length); + +/** \brief The function prototype for a one-shot operation of a transparent-key + * MAC Verify operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * pcd_mac_transparent___verify + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in] p_input A buffer containing the data to be MACed + * \param[in] input_length The length in bytes of the `p_input` data + * \param[in] p_key A buffer containing the key material to be used + * for the MAC operation + * \param[in] key_length The length in bytes of the `p_key` data + * \param[in] alg The algorithm to be performed + * \param[in] p_mac The MAC data to be compared + * \param[in] mac_length The length in bytes of the `p_mac` buffer + * + * \retval PSA_SUCCESS + * The operation completed successfully and the comparison matched + */ +typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *p_mac, + size_t mac_length); +/**@}*/ /** \defgroup opaque_cipher Opaque Symmetric Ciphers - ** @{ */ +/**@{*/ -/** \brief A function pointer that provides the cipher setup function for opaque-key operations +/** \brief A function pointer that provides the cipher setup function for + * opaque-key operations * - * TBD: Since this is an opaque API (External, in Gilles nomeclature), shouldn't we be receiving a key handle/slot instead of key data? This is how I - * will write it - - * \param p_context A structure that will contain the hardware-specific cipher context. - * \param key_slot THe slot of the key to be used for the operation - * \param algorithm The algorithm to be used in the cipher operation - * \param direction Indicates whether the operation is an encrypt or decrypt + * \param[in,out] p_context A structure that will contain the + * hardware-specific cipher context. + * \param[in] key_slot The slot of the key to be used for the + * operation + * \param[in] algorithm The algorithm to be used in the cipher + * operation + * \param[in] direction Indicates whether the operation is an encrypt + * or decrypt * * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*pcd_cipher_opaque_setup_t) ( void *p_context, - psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - encrypt_or_decrypt_t direction ); - - -/** \brief A function pointer that sets the initialization vector (if necessary) for an opaque cipher operation - * - * Note that the psa_cipher_* function set has two IV functions: one to set the IV, and one to generate it - * internally. the generate function is not necessary for the driver API as the PSA Crypto implementation - * can do the generation using it's RNG features - * - * \param p_context A structure that contains the previously set up hardware-specific cipher context - * \param p_iv A buffer containing the initialization vector - * \param iv_length The size (in bytes) of the `p_iv` buffer - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)( void *p_context, - const uint8_t *p_iv, - size_t iv_length ); - -/** \brief A function that continues a previously started opaque-key cipher operation - * - * \param p_context A hardware-specific structure for the previously started cipher operation - * \param p_input A buffer containing the data to be encrypted/decrypted - * \param input_size The size in bytes of the buffer pointed to by `p_input` - * \param p_output The caller-allocated buffer where the output will be placed - * \param output_size The allocated size in bytes of the `p_output` buffer - * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*pcd_cipher_opaque_update_t) (void *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length ); - -/** \brief A function that completes a previously started opaque-key cipher operation - * - * \param p_context A hardware-specific structure for the previously started cipher operation - * \param p_output The caller-callocated buffer where the output will be placed - * \param output_size The allocated size in bytes of the `p_output` buffer - * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*pcd_cipher_opaque_finish_t) (void *p_context, uint8_t *p_output, size_t output_size, size_t *p_output_length ); - -/** \brief A function that performs the ECB block mode for opaque-key cipher operations - * - * Note: this function should only be used with implementations that do not provide a needed higher-level operation. - * - * \param key_slot The slot of the key to be used for the operation - * \param algorithm The algorithm to be used in the cipher operation - * \param direction Indicates whether the operation is an encrypt or decrypt - * \param p_input A buffer containing the data to be encrypted/decrypted - * \param input_size The size in bytes of the buffer pointed to by `p_input` - * \param p_output The caller-allocated byffer where the output will be placed - * \param output_size The allocated size in bytes of the `p_output` buffer - * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_NOT_SUPPORTED - */ -typedef psa_status_t (*pcd_cipher_opaque_ecb_t) ( psa_key_slot_t key_slot, +typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, + psa_key_slot_t key_slot, psa_algorithm_t algorithm, - encrypt_or_decrypt_t direction, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size ); + encrypt_or_decrypt_t direction); + +/** \brief A function pointer that sets the initialization vector (if + * necessary) for an opaque cipher operation + * + * Rationale: that the psa_cipher_* function set has two IV functions: one to + * set the IV, and one to generate it internally. the generate function is not + * necessary for the driver API as the PSA Crypto implementation can do the + * generation using its RNG features. + * + * \param[in,out] p_context A structure that contains the previously set up + * hardware-specific cipher context + * \param[in] p_iv A buffer containing the initialization vector + * \param[in] iv_length The size (in bytes) of the `p_iv` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, + const uint8_t *p_iv, + size_t iv_length); + +/** \brief A function that continues a previously started opaque-key cipher + * operation + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started cipher operation + * \param[in] p_input A buffer containing the data to be + * encrypted/decrypted + * \param[in] input_size The size in bytes of the buffer pointed to + * by `p_input` + * \param[out] p_output The caller-allocated buffer where the + * output will be placed + * \param[in] output_size The allocated size in bytes of the + * `p_output` buffer + * \param[out] p_output_length After completion, will contain the number + * of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** \brief A function that completes a previously started opaque-key cipher + * operation + * + * \param[in] p_context A hardware-specific structure for the + * previously started cipher operation + * \param[out] p_output The caller-callocated buffer where the output + * will be placed + * \param[in] output_size The allocated size in bytes of the `p_output` + * buffer + * \param[out] p_output_length After completion, will contain the number of + * bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** \brief A function that aborts a previously started opaque-key cipher + * operation + * + * \param[in] p_context A hardware-specific structure for the + * previously started cipher operation + */ +typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); + +/** \brief A function that performs the ECB block mode for opaque-key cipher + * operations + * + * Note: this function should only be used with implementations that do not + * provide a needed higher-level operation. + * + * \param[in] key_slot The slot of the key to be used for the operation + * \param[in] algorithm The algorithm to be used in the cipher operation + * \param[in] direction Indicates whether the operation is an encrypt or + * decrypt + * \param[in] p_input A buffer containing the data to be + * encrypted/decrypted + * \param[in] input_size The size in bytes of the buffer pointed to by + * `p_input` + * \param[out] p_output The caller-allocated byffer where the output will + * be placed + * \param[in] output_size The allocated size in bytes of the `p_output` + * buffer + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_NOT_SUPPORTED + */ +typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + encrypt_or_decrypt_t direction, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size); /** - * \brief A struct containing all of the function pointers needed to implement cipher operations using opaque keys. + * \brief A struct containing all of the function pointers needed to implement + * cipher operations using opaque keys. * - * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. * - * If one of the functions is not implemented (such as `pcd_cipher_opaque_ecb_t`), it should be set to NULL. + * If one of the functions is not implemented (such as + * `pcd_cipher_opaque_ecb_t`), it should be set to NULL. */ struct pcd_cipher_opaque_t { - size_t size; /**_ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * or for stream ciphers: + * ~~~~~~~~~~~~~{.c} + * pcd_cipher_transparent_setup_ + * ~~~~~~~~~~~~~ + * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) * - * \param p_context A structure that will contain the hardware-specific cipher context - * \param direction Indicates if the operation is an encrypt or a decrypt - * \param p_key_data A buffer containing the cleartext key material to be used in the operation - * \param key_data_size The size in bytes of the key material + * \param[in,out] p_context A structure that will contain the + * hardware-specific cipher context + * \param[in] direction Indicates if the operation is an encrypt or a + * decrypt + * \param[in] p_key_data A buffer containing the cleartext key material + * to be used in the operation + * \param[in] key_data_size The size in bytes of the key material * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_setup_t) ( struct pcd_cipher_transparent_context_t *p_context, - encrypt_or_decrypt_t direction, - const uint8_t *p_key_data, - size_t key_data_size ); +typedef psa_status_t (*pcd_cipher_transparent_setup_t)(struct pcd_cipher_transparent_context_t *p_context, + encrypt_or_decrypt_t direction, + const uint8_t *p_key_data, + size_t key_data_size); -/** \brief The function prototype for the set initialization vector operation of transparent-key block cipher operations - * Functions that implement the prototype should be named in the following convention: +/** \brief The function prototype for the set initialization vector operation + * of transparent-key block cipher operations + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_cipher_transparent_set_iv__ * ~~~~~~~~~~~~~ @@ -350,18 +617,22 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t) ( struct pcd_cipher_trans * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * - * \param p_context A structure that contains the previously setup hardware-specific cipher context - * \param p_iv A buffer containing the initialization vecotr - * \param iv_length The size in bytes of the contents of `p_iv` + * \param[in,out] p_context A structure that contains the previously setup + * hardware-specific cipher context + * \param[in] p_iv A buffer containing the initialization vecotr + * \param[in] iv_length The size in bytes of the contents of `p_iv` * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_set_iv_t) ( struct pcd_cipher_transparent_context_t *p_context, - const uint8_t *p_iv, - size_t iv_length ); -/** \brief The function prototype for the update operation of transparent-key block cipher operations. +typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(struct pcd_cipher_transparent_context_t *p_context, + const uint8_t *p_iv, + size_t iv_length); + +/** \brief The function prototype for the update operation of transparent-key + * block cipher operations. * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_cipher_transparent_update__ * ~~~~~~~~~~~~~ @@ -369,51 +640,58 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t) ( struct pcd_cipher_tran * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * - * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding? - * - * \param p_context A hardware-specific structure for the previously started cipher operation - * \param p_input A buffer containing the data to be encrypted or decrypted - * \param input_size The size in bytes of the `p_input` buffer - * \param p_output A caller-allocated buffer where the generated output will be placed - * \param output_size The size in bytes of the `p_output` buffer - * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * \param[in,out] p_context A hardware-specific structure for the + * previously started cipher operation + * \param[in] p_input A buffer containing the data to be + * encrypted or decrypted + * \param[in] input_size The size in bytes of the `p_input` buffer + * \param[out] p_output A caller-allocated buffer where the + * generated output will be placed + * \param[in] output_size The size in bytes of the `p_output` buffer + * \param[out] p_output_length After completion, will contain the number + * of bytes placed in the `p_output` buffer * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_update_t) ( struct pcd_cipher_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); -/** \brief The function prototype for the finish operation of transparent-key block cipher operations. +/** \brief The function prototype for the finish operation of transparent-key + * block cipher operations. * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_cipher_transparent_finish__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * - * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding? - * - * \param p_context A hardware-specific structure for the previously started cipher operation - * \param p_output A caller-allocated buffer where the generated output will be placed - * \param output_size The size in bytes of the `p_output` buffer - * \param p_output_length After completion, will contain the number of bytes placed in the `p_output` buffer + * + * \param[in] p_context A hardware-specific structure for the + * previously started cipher operation + * \param[out] p_output A caller-allocated buffer where the generated + * output will be placed + * \param[in] output_size The size in bytes of the `p_output` buffer + * \param[out] p_output_length After completion, will contain the number of + * bytes placed in the `p_output` buffer * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_finish_t) ( struct pcd_cipher_transparent_context_t *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transparent_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); -/** \brief The function prototype for the abort operation of transparent-key block cipher operations. +/** \brief The function prototype for the abort operation of transparent-key + * block cipher operations. * - * Functions that implement the following prototype should be named in the following convention: + * Functions that implement the following prototype should be named in the + * following convention: * ~~~~~~~~~~~~~{.c} * pcd_cipher_transparent_abort__ * ~~~~~~~~~~~~~ @@ -421,336 +699,364 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t) ( struct pcd_cipher_tran * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * - * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding? - * - * \param p_context A hardware-specific structure for the previously started cipher operation + * \param[in] p_context A hardware-specific structure for the + * previously started cipher operation * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_abort_t) ( struct pcd_cipher_transparent_context_t *p_context ); +typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transparent_context_t *p_context); -/** @} - */ +/**@}*/ -/** \defgroup digest Message Digests - * @{ +/** \defgroup driver_digest Message Digests */ +/**@{*/ /** \brief The hardware-specific hash context structure - * The contents of this structure are implementation dependent and are therefore not described here + * The contents of this structure are implementation dependent and are + * therefore not described here */ struct pcd_hash_context_t { // Implementation specific }; -/** \brief The function prototype for the start operation of a hash (message digest) operation +/** \brief The function prototype for the start operation of a hash (message + * digest) operation * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} - * pcd_hash__start + * pcd_hash__setup * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying hash function * - * \param p_context A structure that will contain the hardware-specific hash context + * \param[in,out] p_context A structure that will contain the + * hardware-specific hash context * * \retval PSA_SUCCESS Success. */ -typedef psa_status_t (*pcd_hash_start_t)(struct pcd_hash_context_t *p_context ); +typedef psa_status_t (*pcd_hash_setup_t)(struct pcd_hash_context_t *p_context); - - -/** \brief The function prototype for the update operation of a hash (message digest) operation +/** \brief The function prototype for the update operation of a hash (message + * digest) operation * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_hash__update * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * - * \param p_context A hardware-specific structure for the previously-established hash operation to be continued - * \param p_input A buffer containing the message to be appended to the hash operation - * \param input_length The size in bytes of the input message buffer + * \param[in,out] p_context A hardware-specific structure for the + * previously-established hash operation to be + * continued + * \param[in] p_input A buffer containing the message to be appended + * to the hash operation + * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, const unsigned char *p_input, size_t input_length); +typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, + const uint8_t *p_input, + size_t input_length); -/** \brief The prototype for the finish operation of a hash (message digest) operation +/** \brief The prototype for the finish operation of a hash (message digest) + * operation * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_hash__finish * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * - * \param p_context A hardware-specific structure for the previously started hash operation to be fiinished - * \param p_output A buffer where the generated digest will be placed - * \param output_size The size in bytes of the buffer that has been allocated for the `p_output` buffer + * \param[in] p_context A hardware-specific structure for the + * previously started hash operation to be + * fiinished + * \param[out] p_output A buffer where the generated digest will be + * placed + * \param[in] output_size The size in bytes of the buffer that has been + * allocated for the `p_output` buffer * * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, unsigned char *p_output, size_t output_size); +typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, + uint8_t *p_output, + size_t output_size); -/** \brief The function prototype for the abort operation of a hash (message digest) operation +/** \brief The function prototype for the abort operation of a hash (message + * digest) operation * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_hash__abort * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * - * \param p_context A hardware-specific structure for the previously started hash operation to be aborted + * \param[in] p_context A hardware-specific structure for the previously + * started hash operation to be aborted */ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); -/** @} - */ +/**@}*/ /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography - * @{ */ +/**@{*/ /** - * \brief A function that signs a hash or short message with a private key. + * \brief A function that signs a hash or short message with a private key * - * \param key_slot Key slot of an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of `key`. - * \param[in] p_hash The hash or message to sign. - * \param hash_length Size of the `p_hash` buffer in bytes. - * \param[out] p_signature Buffer where the signature is to be written. - * \param signature_size Size of the `p_signature` buffer in bytes. + * \param[in] key_slot Key slot of an asymmetric key pair + * \param[in] alg A signature algorithm that is compatible + * with the type of `key` + * \param[in] p_hash The hash or message to sign + * \param[in] hash_length Size of the `p_hash` buffer in bytes + * \param[out] p_signature Buffer where the signature is to be written + * \param signature_size Size of the `p_signature` buffer in bytes * \param[out] p_signature_length On success, the number of bytes - * that make up the returned signature value. + * that make up the returned signature value * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)( psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length ); +typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); /** - * \brief A function that verifies the signature a hash or short message using a public key. + * \brief A function that verifies the signature a hash or short message using + * a public key * - * \param key_slot Key slot of a public key or an asymmetric key pair. - * \param alg A signature algorithm that is compatible with - * the type of `key`. - * \param[in] p_hash The hash or message whose signature is to be - * verified. - * \param hash_length Size of the `p_hash` buffer in bytes. - * \param[in] p_signature Buffer containing the signature to verify. - * \param signature_length Size of the `p_signature` buffer in bytes. + * \param[in] key_slot Key slot of a public key or an asymmetric key + * pair + * \param[in] alg A signature algorithm that is compatible with + * the type of `key` + * \param[in] p_hash The hash or message whose signature is to be + * verified + * \param[in] hash_length Size of the `p_hash` buffer in bytes + * \param[in] p_signature Buffer containing the signature to verify + * \param[in] signature_length Size of the `p_signature` buffer in bytes * * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)( psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length ); +typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); /** - * \brief A function that encrypts a short message with a public key. + * \brief A function that encrypts a short message with a public key * - * \param key_slot Key slot of a public key or an asymmetric key pair. - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of `key`. - * \param[in] p_input The message to encrypt. - * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] key_slot Key slot of a public key or an asymmetric key + * pair + * \param[in] alg An asymmetric encryption algorithm that is + * compatible with the type of `key` + * \param[in] p_input The message to encrypt + * \param[in] input_length Size of the `p_input` buffer in bytes * \param[in] p_salt A salt or label, if supported by the - * encryption algorithm. + * encryption algorithm * If the algorithm does not support a * salt, pass `NULL`. * If the algorithm supports an optional * salt and you do not want to pass a salt, * pass `NULL`. - * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the `p_salt` buffer in bytes. + * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param[in] salt_length Size of the `p_salt` buffer in bytes * If `p_salt` is `NULL`, pass 0. * \param[out] p_output Buffer where the encrypted message is to - * be written. - * \param output_size Size of the `p_output` buffer in bytes. - * \param[out] p_output_length On success, the number of bytes - * that make up the returned output. + * be written + * \param[in] output_size Size of the `p_output` buffer in bytes + * \param[out] p_output_length On success, the number of bytes that make up + * the returned output * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)( psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief Decrypt a short message with a private key. * - * \param key_slot Key slot of an asymmetric key pair. - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p key. - * \param[in] p_input The message to decrypt. - * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] key_slot Key slot of an asymmetric key pair + * \param[in] alg An asymmetric encryption algorithm that is + * compatible with the type of `key` + * \param[in] p_input The message to decrypt + * \param[in] input_length Size of the `p_input` buffer in bytes * \param[in] p_salt A salt or label, if supported by the - * encryption algorithm. + * encryption algorithm * If the algorithm does not support a * salt, pass `NULL`. * If the algorithm supports an optional * salt and you do not want to pass a salt, * pass `NULL`. - * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the `p_salt` buffer in bytes. + * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param[in] salt_length Size of the `p_salt` buffer in bytes * If `p_salt` is `NULL`, pass 0. * \param[out] p_output Buffer where the decrypted message is to - * be written. - * \param output_size Size of the `p_output` buffer in bytes. + * be written + * \param[in] output_size Size of the `p_output` buffer in bytes * \param[out] p_output_length On success, the number of bytes - * that make up the returned output. + * that make up the returned output * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)( psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** - * \brief A struct containing all of the function pointers needed to implement asymmetric cryptographic operations - * using opaque keys. + * \brief A struct containing all of the function pointers needed to implement + * asymmetric cryptographic operations using opaque keys. * - * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_asymmetric_opaque_t { - pcd_asymmetric_opaque_sign_t *p_sign; /**< Function that performs the asymmetric sign operation */ - pcd_asymmetric_opaque_verify_t *p_verify; /**< Function that performs the asymmetric verify operation */ - pcd_asymmetric_opaque_encrypt_t *p_encrypt; /**< Function that performs the asymmetric encrypt operation */ - pcd_asymmetric_opaque_decrypt_t *p_decrypt; /**< Function that performs the asymmetric decrypt operation */ + /** Function that performs the asymmetric sign operation */ + pcd_asymmetric_opaque_sign_t *p_sign; + /** Function that performs the asymmetric verify operation */ + pcd_asymmetric_opaque_verify_t *p_verify; + /** Function that performs the asymmetric encrypt operation */ + pcd_asymmetric_opaque_encrypt_t *p_encrypt; + /** Function that performs the asymmetric decrypt operation */ + pcd_asymmetric_opaque_decrypt_t *p_decrypt; }; -/** @} - */ +/**@}*/ /** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography - * @{ */ +/**@{*/ /** - * \brief A function that signs a hash or short message with a transparent private key. + * \brief A function that signs a hash or short message with a transparent + * private key * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_asymmetric__sign * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * - * \param p_key A buffer containing the private key material. - * \param key_size The size in bytes of the `p_key` data - * \param alg A signature algorithm that is compatible with - * the type of `p_key`. - * \param[in] p_hash The hash or message to sign. - * \param hash_length Size of the `p_hash` buffer in bytes. - * \param[out] p_signature Buffer where the signature is to be written. - * \param signature_size Size of the `p_signature` buffer in bytes. + * \param[in] p_key A buffer containing the private key + * material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg A signature algorithm that is compatible + * with the type of `p_key` + * \param[in] p_hash The hash or message to sign + * \param[in] hash_length Size of the `p_hash` buffer in bytes + * \param[out] p_signature Buffer where the signature is to be written + * \param[in] signature_size Size of the `p_signature` buffer in bytes * \param[out] p_signature_length On success, the number of bytes - * that make up the returned signature value. + * that make up the returned signature value * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)( const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length ); +typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); /** - * \brief A function that verifies the signature a hash or short message using a transparent public key. + * \brief A function that verifies the signature a hash or short message using + * a transparent public key * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_asymmetric__verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * - * \param p_key A buffer containing the public key material. - * \param key_size The size in bytes of the `p_key` data - * \param alg A signature algorithm that is compatible with - * the type of `key`. - * \param[in] p_hash The hash or message whose signature is to be - * verified. - * \param hash_length Size of the `p_hash` buffer in bytes. - * \param[in] p_signature Buffer containing the signature to verify. - * \param signature_length Size of the `p_signature` buffer in bytes. + * \param[in] p_key A buffer containing the public key material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg A signature algorithm that is compatible with + * the type of `key` + * \param[in] p_hash The hash or message whose signature is to be + * verified + * \param[in] hash_length Size of the `p_hash` buffer in bytes + * \param[in] p_signature Buffer containing the signature to verify + * \param[in] signature_length Size of the `p_signature` buffer in bytes * * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)( const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length ); +typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); /** - * \brief A function that encrypts a short message with a transparent public key. + * \brief A function that encrypts a short message with a transparent public + * key * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_asymmetric__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm * - * \param p_key A buffer containing the public key material - * \param key_size The size in bytes of the `p_key` data - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of `key`. - * \param[in] p_input The message to encrypt. - * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] p_key A buffer containing the public key material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg An asymmetric encryption algorithm that is + * compatible with the type of `key` + * \param[in] p_input The message to encrypt + * \param[in] input_length Size of the `p_input` buffer in bytes * \param[in] p_salt A salt or label, if supported by the - * encryption algorithm. + * encryption algorithm * If the algorithm does not support a - * salt, pass `NULL`. + * salt, pass `NULL` * If the algorithm supports an optional * salt and you do not want to pass a salt, * pass `NULL`. - * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the `p_salt` buffer in bytes. + * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param[in] salt_length Size of the `p_salt` buffer in bytes * If `p_salt` is `NULL`, pass 0. * \param[out] p_output Buffer where the encrypted message is to - * be written. - * \param output_size Size of the `p_output` buffer in bytes. + * be written + * \param[in] output_size Size of the `p_output` buffer in bytes * \param[out] p_output_length On success, the number of bytes - * that make up the returned output. + * that make up the returned output * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)( const uint8_t *p_key, +typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, const uint8_t *p_input, @@ -759,90 +1065,90 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)( const uint8_t *p_k size_t salt_length, uint8_t *p_output, size_t output_size, - size_t *p_output_length ); + size_t *p_output_length); /** - * \brief Decrypt a short message with a transparent private key. + * \brief Decrypt a short message with a transparent private key * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_asymmetric__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm * - * \param p_key A buffer containing the private key material - * \param key_size The size in bytes of the `p_key` data - * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p key. - * \param[in] p_input The message to decrypt. - * \param input_length Size of the `p_input` buffer in bytes. + * \param[in] p_key A buffer containing the private key material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg An asymmetric encryption algorithm that is + * compatible with the type of `key` + * \param[in] p_input The message to decrypt + * \param[in] input_length Size of the `p_input` buffer in bytes * \param[in] p_salt A salt or label, if supported by the - * encryption algorithm. + * encryption algorithm * If the algorithm does not support a * salt, pass `NULL`. * If the algorithm supports an optional * salt and you do not want to pass a salt, * pass `NULL`. - * - * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param salt_length Size of the `p_salt` buffer in bytes. - * If `p_salt` is `NULL`, pass 0. + * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported + * \param[in] salt_length Size of the `p_salt` buffer in bytes + * If `p_salt` is `NULL`, pass 0 * \param[out] p_output Buffer where the decrypted message is to - * be written. - * \param output_size Size of the `p_output` buffer in bytes. + * be written + * \param[in] output_size Size of the `p_output` buffer in bytes * \param[out] p_output_length On success, the number of bytes - * that make up the returned output. + * that make up the returned output * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)( const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length ); +typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); -/** @} - */ +/**@}*/ /** \defgroup aead_opaque AEAD Opaque - * * @{ */ +/**@{*/ -/** Process an authenticated encryption operation using an opaque key. +/** \brief Process an authenticated encryption operation using an opaque key * - * \param key_slot Slot containing the key to use. - * \param algorithm The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param[in] p_nonce Nonce or IV to use. - * \param nonce_length Size of the `p_nonce` buffer in bytes. - * \param[in] p_additional_data Additional data that will be authenticated - * but not encrypted. - * \param additional_data_length Size of `p_additional_data` in bytes. - * \param[in] p_plaintext Data that will be authenticated and - * encrypted. - * \param plaintext_length Size of `p_plaintext` in bytes. - * \param[out] p_ciphertext Output buffer for the authenticated and - * encrypted data. The additional data is not - * part of this output. For algorithms where the - * encrypted data and the authentication tag - * are defined as separate outputs, the - * authentication tag is appended to the - * encrypted data. - * \param ciphertext_size Size of the `p_ciphertext` buffer in bytes. - * \param[out] p_ciphertext_length On success, the size of the output - * in the `p_ciphertext` buffer. + * \param[in] key_slot Slot containing the key to use. + * \param[in] algorithm The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(`alg`) is true) + * \param[in] p_nonce Nonce or IV to use + * \param[in] nonce_length Size of the `p_nonce` buffer in bytes + * \param[in] p_additional_data Additional data that will be + * authenticated but not encrypted + * \param[in] additional_data_length Size of `p_additional_data` in bytes + * \param[in] p_plaintext Data that will be authenticated and + * encrypted + * \param[in] plaintext_length Size of `p_plaintext` in bytes + * \param[out] p_ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is + * not part of this output. For algorithms + * where the encrypted data and the + * authentication tag are defined as + * separate outputs, the authentication + * tag is appended to the encrypted data. + * \param[in] ciphertext_size Size of the `p_ciphertext` buffer in + * bytes + * \param[out] p_ciphertext_length On success, the size of the output in + * the `p_ciphertext` buffer * * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_aead_opaque_encrypt_t)( psa_key_slot_t key_slot, +typedef psa_status_t (*psa_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -854,167 +1160,177 @@ typedef psa_status_t (*psa_aead_opaque_encrypt_t)( psa_key_slot_t key_slot, size_t ciphertext_size, size_t *p_ciphertext_length); -/** Process an authenticated decryption operation using an opaque key. +/** Process an authenticated decryption operation using an opaque key * - * \param key_slot Slot containing the key to use. - * \param algorithm The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param[in] p_nonce Nonce or IV to use. - * \param nonce_length Size of the `p_nonce` buffer in bytes. - * \param[in] p_additional_data Additional data that has been authenticated - * but not encrypted. - * \param additional_data_length Size of `p_additional_data` in bytes. - * \param[in] p_ciphertext Data that has been authenticated and - * encrypted. For algorithms where the - * encrypted data and the authentication tag - * are defined as separate inputs, the buffer - * must contain the encrypted data followed - * by the authentication tag. - * \param ciphertext_length Size of `p_ciphertext` in bytes. - * \param[out] p_plaintext Output buffer for the decrypted data. - * \param plaintext_size Size of the `p_plaintext` buffer in bytes. - * \param[out] p_plaintext_length On success, the size of the output - * in the `p_plaintext` buffer. + * \param[in] key_slot Slot containing the key to use + * \param[in] algorithm The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(`alg`) is true) + * \param[in] p_nonce Nonce or IV to use + * \param[in] nonce_length Size of the `p_nonce` buffer in bytes + * \param[in] p_additional_data Additional data that has been + * authenticated but not encrypted + * \param[in] additional_data_length Size of `p_additional_data` in bytes + * \param[in] p_ciphertext Data that has been authenticated and + * encrypted. + * For algorithms where the encrypted data + * and the authentication tag are defined + * as separate inputs, the buffer must + * contain the encrypted data followed by + * the authentication tag. + * \param[in] ciphertext_length Size of `p_ciphertext` in bytes + * \param[out] p_plaintext Output buffer for the decrypted data + * \param[in] plaintext_size Size of the `p_plaintext` buffer in + * bytes + * \param[out] p_plaintext_length On success, the size of the output in + * the `p_plaintext` buffer * * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_aead_opaque_decrypt_t)( psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - const uint8_t *p_nonce, - size_t nonce_length, - const uint8_t *p_additional_data, - size_t additional_data_length, - const uint8_t *p_ciphertext, - size_t ciphertext_length, - uint8_t *p_plaintext, - size_t plaintext_size, - size_t *p_plaintext_length); +typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_ciphertext, + size_t ciphertext_length, + uint8_t *p_plaintext, + size_t plaintext_size, + size_t *p_plaintext_length); /** - * \brief A struct containing all of the function pointers needed to implement Authenticated Encryption - * with Additional Data operations using opaque keys + * \brief A struct containing all of the function pointers needed to implement + * Authenticated Encryption with Additional Data operations using opaque keys * - * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. * * If one of the functions is not implemented, it should be set to NULL. */ struct psa_aead_opaque_t { - psa_aead_opaque_encrypt_t *p_encrypt; /**< Function that performs the AEAD encrypt operation */ - psa_aead_opaque_decrypt_t *p_decrypt; /**< Function that performs the AEAD decrypt operation */ + /** Function that performs the AEAD encrypt operation */ + psa_aead_opaque_encrypt_t *p_encrypt; + /** Function that performs the AEAD decrypt operation */ + psa_aead_opaque_decrypt_t *p_decrypt; }; -/** @} - */ +/**@}*/ /** \defgroup aead_transparent AEAD Transparent */ +/**@{*/ /** Process an authenticated encryption operation. * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_aead__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the AEAD algorithm * - * \param p_key A pointer to the key material - * \param key_length The size in bytes of the key material - * \param alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param[in] nonce Nonce or IV to use. - * \param nonce_length Size of the \p nonce buffer in bytes. - * \param[in] additional_data Additional data that will be MACed - * but not encrypted. - * \param additional_data_length Size of \p additional_data in bytes. - * \param[in] plaintext Data that will be MACed and - * encrypted. - * \param plaintext_length Size of \p plaintext in bytes. - * \param[out] ciphertext Output buffer for the authenticated and - * encrypted data. The additional data is not - * part of this output. For algorithms where the - * encrypted data and the authentication tag - * are defined as separate outputs, the - * authentication tag is appended to the - * encrypted data. - * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, - * \p plaintext_length). - * \param[out] ciphertext_length On success, the size of the output - * in the \b ciphertext buffer. + * \param[in] p_key A pointer to the key material + * \param[in] key_length The size in bytes of the key material + * \param[in] alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(`alg`) is true) + * \param[in] nonce Nonce or IV to use + * \param[in] nonce_length Size of the `nonce` buffer in bytes + * \param[in] additional_data Additional data that will be MACed + * but not encrypted. + * \param[in] additional_data_length Size of `additional_data` in bytes + * \param[in] plaintext Data that will be MACed and + * encrypted. + * \param[in] plaintext_length Size of `plaintext` in bytes + * \param[out] ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is + * not part of this output. For algorithms + * where the encrypted data and the + * authentication tag are defined as + * separate outputs, the authentication + * tag is appended to the encrypted data. + * \param[in] ciphertext_size Size of the `ciphertext` buffer in + * bytes + * This must be at least + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`, + * `plaintext_length`). + * \param[out] ciphertext_length On success, the size of the output in + * the `ciphertext` buffer * * \retval #PSA_SUCCESS */ -typedef psa_status_t (*psa_aead_transparent_encrypt_t)( const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length ); +typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); /** Process an authenticated decryption operation. * - * Functions that implement the prototype should be named in the following convention: + * Functions that implement the prototype should be named in the following + * convention: * ~~~~~~~~~~~~~{.c} * pcd_aead__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the AEAD algorithm - * \param p_key A pointer to the key material - * \param key_length The size in bytes of the key material - * \param alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param[in] nonce Nonce or IV to use. - * \param nonce_length Size of the \p nonce buffer in bytes. - * \param[in] additional_data Additional data that has been MACed - * but not encrypted. - * \param additional_data_length Size of \p additional_data in bytes. - * \param[in] ciphertext Data that has been MACed and - * encrypted. For algorithms where the - * encrypted data and the authentication tag - * are defined as separate inputs, the buffer - * must contain the encrypted data followed - * by the authentication tag. - * \param ciphertext_length Size of \p ciphertext in bytes. - * \param[out] plaintext Output buffer for the decrypted data. - * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, - * \p ciphertext_length). - * \param[out] plaintext_length On success, the size of the output - * in the \b plaintext buffer. + * \param[in] p_key A pointer to the key material + * \param[in] key_length The size in bytes of the key material + * \param[in] alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(`alg`) is true) + * \param[in] nonce Nonce or IV to use + * \param[in] nonce_length Size of the `nonce` buffer in bytes + * \param[in] additional_data Additional data that has been MACed + * but not encrypted + * \param[in] additional_data_length Size of `additional_data` in bytes + * \param[in] ciphertext Data that has been MACed and + * encrypted + * For algorithms where the encrypted data + * and the authentication tag are defined + * as separate inputs, the buffer must + * contain the encrypted data followed by + * the authentication tag. + * \param[in] ciphertext_length Size of `ciphertext` in bytes + * \param[out] plaintext Output buffer for the decrypted data + * \param[in] plaintext_size Size of the `plaintext` buffer in + * bytes + * This must be at least + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`, + * `ciphertext_length`). + * \param[out] plaintext_length On success, the size of the output + * in the \b plaintext buffer * * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_aead_transparent_decrypt_t) ( const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length); +typedef psa_status_t (*psa_aead_transparent_decrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); -/** @} +/**@}*/ -/** \defgroup rng Entropy Generation - * @{ +/** \defgroup driver_rng Entropy Generation */ +/**@{*/ /** \brief A hardware-specific structure for a entropy providing hardware */ @@ -1025,71 +1341,89 @@ struct pcd_entropy_context_t { /** \brief Initialize an entropy driver * * - * \param p_context A hardware-specific structure containing any context information for the implementation + * \param[in,out] p_context A hardware-specific structure + * containing any context information for + * the implementation * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_init_t)( struct pcd_entropy_context_t *p_context ); +typedef psa_status_t (*pcd_entropy_init_t)(struct pcd_entropy_context_t *p_context); /** \brief Get a specified number of bytes from the entropy source * - * Retrives `buffer_size` bytes of data from the entropy source. The entropy source will always fill the provided buffer to its full size. - * However, most entropy sources have biases, and the actual amount of entropy contained in the buffer will be less than the number of bytes. - * The driver will return the actual number of bytes of entropy placed in the buffer in `p_received_entropy_bytes`. - * A PSA Crypto API implementation will likely feed the output of this function into a Digital Random Bit Generator (DRBG), and typically has - * a minimum amount of entropy that it needs. - * To accomplish this, the PSA Crypto implementation should be designed to call this function multiple times until it has received the required - * amount of entropy from the entropy source. + * It retrives `buffer_size` bytes of data from the entropy source. The entropy + * source will always fill the provided buffer to its full size, however, most + * entropy sources have biases, and the actual amount of entropy contained in + * the buffer will be less than the number of bytes. + * The driver will return the actual number of bytes of entropy placed in the + * buffer in `p_received_entropy_bytes`. + * A PSA Crypto API implementation will likely feed the output of this function + * into a Digital Random Bit Generator (DRBG), and typically has a minimum + * amount of entropy that it needs. + * To accomplish this, the PSA Crypto implementation should be designed to call + * this function multiple times until it has received the required amount of + * entropy from the entropy source. * - * \param p_context A hardware-specific structure containing any context information for the implementation - * \param p_buffer A caller-allocated buffer for the retrieved bytes to be placed in - * \param buffer_size The allocated size of `p_buffer` - * \param p_received_entropy_bytes The amount of entropy (in bytes) actually provided in `p_buffer` + * \param[in,out] p_context A hardware-specific structure + * containing any context information + * for the implementation + * \param[out] p_buffer A caller-allocated buffer for the + * retrieved bytes to be placed in + * \param[in] buffer_size The allocated size of `p_buffer` + * \param[out] p_received_entropy_bytes The amount of entropy (in bytes) + * actually provided in `p_buffer` * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_get_bytes_t)( struct pcd_entropy_context_t *p_context, uint8_t *p_buffer, uint32_t buffer_size, uint32_t *p_received_entropy_bytes ); +typedef psa_status_t (*pcd_entropy_get_bytes_t)(struct pcd_entropy_context_t *p_context, + uint8_t *p_buffer, + uint32_t buffer_size, + uint32_t *p_received_entropy_bytes); /** - * \brief A struct containing all of the function pointers needed to interface to an entropy source + * \brief A struct containing all of the function pointers needed to interface + * to an entropy source * - * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_entropy_t { - pcd_entropy_init_t *p_init; /**< Function that performs initialization for the entropy source */ - pcd_entropy_get_bytes_t *p_get_bytes; /**< Function that performs the get_bytes operation for the entropy source */ + /** Function that performs initialization for the entropy source */ + pcd_entropy_init_t *p_init; + /** Function that performs the get_bytes operation for the entropy source + */ + pcd_entropy_get_bytes_t *p_get_bytes; }; -/** @} - */ +/**@}*/ -/** \defgroup key_management Key Management - * @{ +/** \defgroup driver_key_management Key Management */ +/**@{*/ -/** \brief Import a key in binary format. +/** \brief Import a key in binary format * * This function can support any output from psa_export_key(). Refer to the * documentation of psa_export_key() for the format for each key type. * - * \param key_slot Slot where the key will be stored. This must be a - * valid slot for a key of the chosen type. It must - * be unoccupied. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param[in] p_data Buffer containing the key data. - * \param data_length Size of the \p data buffer in bytes. + * \param[in] key_slot Slot where the key will be stored. This must be a + * valid slot for a key of the chosen type. It must + * be unoccupied. + * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] p_data Buffer containing the key data. + * \param[in] data_length Size of the `data` buffer in bytes. * * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_opaque_import_key_t) ( psa_key_slot_t key_slot, - psa_key_type_t type, - const uint8_t *p_data, - size_t data_length ); +typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot, + psa_key_type_t type, + const uint8_t *p_data, + size_t data_length); /** - * \brief Destroy a key and restore the slot to its default state. + * \brief Destroy a key and restore the slot to its default state * * This function destroys the content of the key slot from both volatile * memory and, if applicable, non-volatile storage. Implementations shall @@ -1099,20 +1433,20 @@ typedef psa_status_t (*pcd_opaque_import_key_t) ( psa_key_slot_t key_slot, * This function also erases any metadata such as policies. It returns the * specified slot to its default state. * - * \param key_slot The key slot to erase. + * \param[in] key_slot The key slot to erase. * * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. */ -typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key ); +typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key); /** - * \brief Export a key in binary format. + * \brief Export a key in binary format * * The output of this function can be passed to psa_import_key() to * create an equivalent object. * - * If a key is created with psa_import_key() and then exported with + * If a key is created with `psa_import_key()` and then exported with * this function, it is not guaranteed that the resulting data is * identical: the implementation may choose a different representation * of the same key if the format permits it. @@ -1131,10 +1465,10 @@ typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key ); * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. * - * \param key Slot whose content is to be exported. This must + * \param[in] key Slot whose content is to be exported. This must * be an occupied key slot. * \param[out] p_data Buffer where the key data is to be written. - * \param data_size Size of the `p_data` buffer in bytes. + * \param[in] data_size Size of the `p_data` buffer in bytes. * \param[out] p_data_length On success, the number of bytes * that make up the key data. * @@ -1146,13 +1480,13 @@ typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key ); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -typedef psa_status_t (*pcd_export_key_t)( psa_key_slot_t key, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ); +typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length); /** - * \brief Export a public key or the public part of a key pair in binary format. + * \brief Export a public key or the public part of a key pair in binary format * * The output of this function can be passed to psa_import_key() to * create an object that is equivalent to the public key. @@ -1163,125 +1497,181 @@ typedef psa_status_t (*pcd_export_key_t)( psa_key_slot_t key, * the format is the DER representation of the public key defined by RFC 5280 * as SubjectPublicKeyInfo. * - * \param key_slot Slot whose content is to be exported. This must + * \param[in] key_slot Slot whose content is to be exported. This must * be an occupied key slot. * \param[out] p_data Buffer where the key data is to be written. - * \param data_size Size of the \p data buffer in bytes. + * \param[in] data_size Size of the `data` buffer in bytes. * \param[out] p_data_length On success, the number of bytes * that make up the key data. * * \retval #PSA_SUCCESS */ -typedef psa_status_t (*pcd_export_public_key_t)( psa_key_slot_t key, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ); +typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length); /** - * \brief A struct containing all of the function pointers needed to for key management using - * opaque keys. + * \brief A struct containing all of the function pointers needed to for key + * management using opaque keys * - * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_key_management_t { - pcd_opaque_import_key_t *p_import; /**< Function that performs the key import operation */ - pcd_destroy_key_t *p_destroy; /**< Function that performs the key destroy operation */ - pcd_export_key_t *p_export; /**< Function that performs the key export operation */ - pcd_export_public_key_t *p_export_public; /**< Function that perforsm the public key export operation */ + /** Function that performs the key import operation */ + pcd_opaque_import_key_t *p_import; + /** Function that performs the key destroy operation */ + pcd_destroy_key_t *p_destroy; + /** Function that performs the key export operation */ + pcd_export_key_t *p_export; + /** Function that perforsm the public key export operation */ + pcd_export_public_key_t *p_export_public; }; -/** @} - */ +/**@}*/ -/** \defgroup derivation Key Derivation and Agreement - * @{ - * Key derivation is the process of generating new key material using an existing key and additional parameters, iterating through a basic - * cryptographic function, such as a hash. - * Key agreement is a part of cryptographic protocols that allows two parties to agree on the same key value, but starting from different original - * key material. - * The flows are similar, and the PSA Crypto Driver API uses the same functions for both of the flows. - * - * There are two different final functions for the flows, `pcd_key_derivation_derive` and `pcd_key_derivation_export`. `pcd_key_derivation_derive` - * is used when the key material should be placed in a slot on the hardware and not exposed to the caller. `pcd_key_derivation_export` is used - * when the key material should be returned to the PSA Cryptographic API implementation. - * - * Different key derivation algorithms require a different number of inputs. Instead of having an API that - * takes as input variable length arrays, which can be problemmatic to manage on embedded platforms, the inputs - * are passed to the driver via a function, `pcd_key_derivation_collateral`, that is called multiple times with different `collateral_id`s. - * Thus, for a key derivation algorithm that required 3 paramter inputs, the flow would look something like: -```C -pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); -pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, p_collateral_0, collateral_0_size); -pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, p_collateral_1, collateral_1_size); -pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, p_collateral_2, collateral_2_size); -pcd_key_derivation_derive(); -``` - -key agreement example: -```C -pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes); -pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); -pcd_key_derivation_export(p_session_key, session_key_size, &session_key_length); -``` +/** \defgroup driver_derivation Key Derivation and Agreement */ - -/** \brief Set up a key derivation operation by specifying the algorithm and the source key sot - * - * \param kdf_alg The algorithm to be used for the key derivation - * \param souce_key The key to be used as the source material for the key derivation - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t ( *pcd_key_derivation_setup_t )( psa_algorithm_t kdf_alg, psa_key_slot_t source_key ); - -/** \brief Provide collateral (parameters) needed for a key derivation or key agreement operation - * - * Since many key derivation algorithms require multiple parameters, it is expeced that this function may be called multiple - * times for the same operation, each with a different algorithm-specific `collateral_id` - * - * \param collateral_id - * \param p_collateral - * \param collateral_size - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*pcd_key_derivation_collateral_t ) ( uint32_t collateral_id, const uint8_t p_collateral, uint32_t collateral_size ); - -/** \brief Perform the final key derivation step and place the generated key material in a slot - * - * param dest_key The slot where the generated key material should be placed - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t ( *pcd_key_derivation_derive_t )( psa_key_slot_t dest_key ); - -/** \brief Pefform the final step of a key agreement and place the generated key material in a buffer - * - * \param p_output - * \param output_size - * \param p_output_length - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t ( *pcd_key_derivation_export_t )( uint8_t *p_output, uint32_t output_size, uint32_t *p_output_length ); +/**@{*/ /** - * \brief A struct containing all of the function pointers needed to for key derivation and agreement + * Key derivation is the process of generating new key material using an + * existing key and additional parameters, iterating through a basic + * cryptographic function, such as a hash. + * Key agreement is a part of cryptographic protocols that allows two parties + * to agree on the same key value, but starting from different original key + * material. + * The flows are similar, and the PSA Crypto Driver API uses the same functions + * for both of the flows. * - * PSA Crypto API implementations should populate instances of the table as appropriate upon startup. + * There are two different final functions for the flows, + * `pcd_key_derivation_derive` and `pcd_key_derivation_export`. + * `pcd_key_derivation_derive` is used when the key material should be placed + * in a slot on the hardware and not exposed to the caller. + * `pcd_key_derivation_export` is used when the key material should be returned + * to the PSA Cryptographic API implementation. + * + * Different key derivation algorithms require a different number of inputs. + * Instead of having an API that takes as input variable length arrays, which + * can be problemmatic to manage on embedded platforms, the inputs are passed + * to the driver via a function, `pcd_key_derivation_collateral`, that is + * called multiple times with different `collateral_id`s. Thus, for a key + * derivation algorithm that required 3 paramter inputs, the flow would look + * something like: + * ~~~~~~~~~~~~~{.c} + * pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); + * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, + * p_collateral_0, + * collateral_0_size); + * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, + * p_collateral_1, + * collateral_1_size); + * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, + * p_collateral_2, + * collateral_2_size); + * pcd_key_derivation_derive(); + * ~~~~~~~~~~~~~ + * + * key agreement example: + * ~~~~~~~~~~~~~{.c} + * pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes); + * pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); + * pcd_key_derivation_export(p_session_key, + * session_key_size, + * &session_key_length); + * ~~~~~~~~~~~~~ + */ + +struct pcd_key_derivation_context_t { + // Implementation specific +}; + +/** \brief Set up a key derivation operation by specifying the algorithm and + * the source key sot + * + * \param[in,out] p_context A hardware-specific structure containing any + * context information for the implementation + * \param[in] kdf_alg The algorithm to be used for the key derivation + * \param[in] souce_key The key to be used as the source material for the + * key derivation + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_key_derivation_setup_t)(struct pcd_key_derivation_context_t *p_context, + psa_algorithm_t kdf_alg, + psa_key_slot_t source_key); + +/** \brief Provide collateral (parameters) needed for a key derivation or key + * agreement operation + * + * Since many key derivation algorithms require multiple parameters, it is + * expeced that this function may be called multiple times for the same + * operation, each with a different algorithm-specific `collateral_id` + * + * \param[in,out] p_context A hardware-specific structure containing any + * context information for the implementation + * \param[in] collateral_id An ID for the collateral being provided + * \param[in] p_collateral A buffer containing the collateral data + * \param[in] collateral_size The size in bytes of the collateral + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_key_derivation_collateral_t)(struct pcd_key_derivation_context_t *p_context, + uint32_t collateral_id, + const uint8_t p_collateral, + size_t collateral_size); + +/** \brief Perform the final key derivation step and place the generated key + * material in a slot + * \param[in,out] p_context A hardware-specific structure containing any + * context information for the implementation + * \param[in] dest_key The slot where the generated key material + * should be placed + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_key_derivation_derive_t)(struct pcd_key_derivation_context_t *p_context, + psa_key_slot_t dest_key); + +/** \brief Perform the final step of a key agreement and place the generated + * key material in a buffer + * + * \param[out] p_output Buffer in which to place the generated key + * material + * \param[in] output_size The size in bytes of `p_output` + * \param[out] p_output_length Upon success, contains the number of bytes of + * key material placed in `p_output` + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** + * \brief A struct containing all of the function pointers needed to for key + * derivation and agreement + * + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_key_derivation_t { - pcd_key_derivation_setup_t *p_setup; /**< Function that performs the key derivation setup */ - pcd_key_derivation_collateral_t *p_collateral; /**< Function that sets the key derivation collateral */ - pcd_key_derivation_derive_t *p_derive; /**< Function that performs the final key derivation step */ - pcd_key_derivation_export_t *p_export; /**< Function that perforsm the final key derivation or agreement and exports the key */ + /** Function that performs the key derivation setup */ + pcd_key_derivation_setup_t *p_setup; + /** Function that sets the key derivation collateral */ + pcd_key_derivation_collateral_t *p_collateral; + /** Function that performs the final key derivation step */ + pcd_key_derivation_derive_t *p_derive; + /** Function that perforsm the final key derivation or agreement and + * exports the key */ + pcd_key_derivation_export_t *p_export; }; -/** @} - */ +/**@}*/ #endif // __PSA_CRYPTO_DRIVER_H__ \ No newline at end of file From e1f2d7d1ac985df3c5330fe33479e77fff58cca6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:54:54 +0200 Subject: [PATCH 0528/2197] Document and check the consistency of truncated MAC encodings Add comments noting that the maximum length of a MAC must fit in PSA_ALG_MAC_TRUNCATION_MASK. Add a unit test that verifies that the maximum MAC size fits. --- include/psa/crypto.h | 11 +++++++++++ include/psa/crypto_sizes.h | 3 +++ tests/suites/test_suite_psa_crypto.data | 3 +++ tests/suites/test_suite_psa_crypto.function | 13 +++++++++++++ 4 files changed, 30 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a64610773..3d99933c0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -756,6 +756,13 @@ typedef uint32_t psa_algorithm_t; (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_HMAC_BASE) +/* In the encoding of a MAC algorithm, the bits corresponding to + * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is + * truncated. As an exception, the value 0 means the untruncated algorithm, + * whatever its length is. The length is encoded in 6 bits, so it can + * reach up to 63; the largest MAC is 64 bytes so its trivial truncation + * to full length is correctly encoded as 0 and any non-trivial truncation + * is correctly encoded as a value between 1 and 63. */ #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) #define PSA_MAC_TRUNCATION_OFFSET 8 @@ -887,6 +894,10 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CCM ((psa_algorithm_t)0x06001001) #define PSA_ALG_GCM ((psa_algorithm_t)0x06001002) +/* In the encoding of a AEAD algorithm, the bits corresponding to + * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. + * The constants for default lengths follow this encoding. + */ #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) #define PSA_AEAD_TAG_LENGTH_OFFSET 8 diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 169566ece..b5ff2aac3 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -79,6 +79,9 @@ */ /* All non-HMAC MACs have a maximum size that's smaller than the * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */ +/* Note that the encoding of truncated MAC algorithms limits this value + * to 64 bytes. + */ #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE /* The maximum size of an RSA key on this implementation, in bits. diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d8a5924cb..e8b119ea6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,3 +1,6 @@ +PSA compile-time sanity checks +static_checks: + PSA init/deinit init_deinit: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5503c94b6..63d837fdc 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -793,6 +793,19 @@ static int exercise_key( psa_key_slot_t slot, * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void static_checks( ) +{ + size_t max_truncated_mac_size = + PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET; + + /* Check that the length for a truncated MAC always fits in the algorithm + * encoding. The shifted mask is the maximum truncated value. The + * untruncated algorithm may be one byte larger. */ + TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size ); +} +/* END_CASE */ + /* BEGIN_CASE */ void init_deinit( ) { From 6d72ff9e7935dc1861c1fbfd25a847456289bcef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:55:08 +0200 Subject: [PATCH 0529/2197] Document that the minimum truncated MAC length is implementation-defined --- include/psa/crypto.h | 4 ++++ library/psa_crypto.c | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3d99933c0..48c971351 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -788,6 +788,10 @@ typedef uint32_t psa_algorithm_t; * is true). This may be a truncated or untruncated * MAC algorithm. * \param mac_length Desired length of the truncated MAC in bytes. + * This must be at most the full length of the MAC + * and must be at least an implementation-specified + * minimum. The implementation-specified minimum + * shall not be zero. * * \return The corresponding MAC algorithm with the specified * length. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 44862424d..0aa19cf9d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1600,8 +1600,10 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, } else if( truncated < 4 ) { - /* Too small to make any sense. Reject. 4 bytes is too small for - * security but ancient protocols with 32-bit MACs do exist. */ + /* A very short MAC is too short for security since it can be + * brute-forced. Ancient protocols with 32-bit MACs do exist, + * so we make this our minimum, even though 32 bits is still + * too small for security. */ status = PSA_ERROR_NOT_SUPPORTED; } else if( truncated > operation->mac_size ) From 87b0ac49f8a07bb887cac0e6189232bcfe7f6fe8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:55:49 +0200 Subject: [PATCH 0530/2197] Fix possible buffer overread in psa_mac_finish_internal (CMAC) --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0aa19cf9d..410f64821 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1738,7 +1738,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE]; int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp ); if( ret == 0 ) - memcpy( mac, tmp, mac_size ); + memcpy( mac, tmp, operation->mac_size ); mbedtls_zeroize( tmp, sizeof( tmp ) ); return( mbedtls_to_psa_error( ret ) ); } From 99b7d6b700b003f996dfbeca4952141e2c3610b2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:56:19 +0200 Subject: [PATCH 0531/2197] Wipe sensitive data in psa_mac_verify_finish Wipe the whole MAC intermediate buffer, not just the requested MAC size. With truncated MAC algorithms, the requested MAC size may be smaller than what is written to the intermediate buffer. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 410f64821..da6bd612f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1827,7 +1827,7 @@ cleanup: else psa_mac_abort( operation ); - mbedtls_zeroize( actual_mac, mac_length ); + mbedtls_zeroize( actual_mac, sizeof( actual_mac ) ); return( status ); } From 28dfea6bb9f0f468073158667a85902997bf51f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 14:59:24 +0200 Subject: [PATCH 0532/2197] Add test cases for truncated MAC with a too short/long length --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e8b119ea6..3faa82df6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -348,6 +348,14 @@ PSA MAC setup: bad algorithm (not a MAC algorithm) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT +PSA MAC setup: truncated MAC too small (1 byte) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED + +PSA MAC setup: truncated MAC too large (33 bytes for SHA-256) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT + PSA MAC setup: invalid key type, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT From 8cac2e628e93d1bff2e0400678b1e2c3545d398c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 15:07:38 +0200 Subject: [PATCH 0533/2197] Translate GCM_BAD_INPUT to INVALID_ARGUMENT, not NOT_SUPPORTED --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index da6bd612f..d512d4c7c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -242,7 +242,7 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_GCM_AUTH_FAILED: return( PSA_ERROR_INVALID_SIGNATURE ); case MBEDTLS_ERR_GCM_BAD_INPUT: - return( PSA_ERROR_NOT_SUPPORTED ); + return( PSA_ERROR_INVALID_ARGUMENT ); case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); From 85ea2b397c2b479e369b7b653d522693ef4b0292 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 15:07:55 +0200 Subject: [PATCH 0534/2197] Add some negative tests of CCM and GCM with invalid tag lengths --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3faa82df6..ac9c81d98 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -803,6 +803,18 @@ PSA AEAD decrypt: AES-CCM, invalid tag length 0 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT +PSA AEAD decrypt: AES-CCM, invalid tag length 2 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + +PSA AEAD decrypt: AES-CCM, invalid tag length 15 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + +PSA AEAD decrypt: AES-CCM, invalid tag length 18 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS @@ -859,6 +871,18 @@ PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE +PSA AEAD decrypt: AES-GCM, invalid tag length 0 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + +PSA AEAD decrypt: AES-GCM, invalid tag length 2 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + +PSA AEAD decrypt: AES-GCM, invalid tag length 18 +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT + PSA AEAD encrypt/decrypt: invalid algorithm (CTR) depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED From c26eae1a9d3ce20dfd79808a967594bd256ece33 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 16:01:19 +0200 Subject: [PATCH 0535/2197] Clarify the description of a CCM truncated tag test --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ac9c81d98..871a511b2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -795,7 +795,7 @@ PSA AEAD decrypt: AES-CCM, invalid signature, T=4 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE -PSA AEAD decrypt: AES-CCM, truncated tag of the right length +PSA AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE From f8a8fe60f85d77ee4a4c930fb8b340c452aa8d6f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 16:38:05 +0200 Subject: [PATCH 0536/2197] Fix memory leak with AEAD with non-default tag lengths When freeing the key context, choose the context format based on the base algorithm value stored in the operation object. --- library/psa_crypto.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d512d4c7c..f3a2c64af 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2844,10 +2844,9 @@ typedef struct uint8_t tag_length; } aead_operation_t; -static void psa_aead_abort( aead_operation_t *operation, - psa_algorithm_t alg ) +static void psa_aead_abort( aead_operation_t *operation ) { - switch( alg ) + switch( operation->core_alg ) { #if defined(MBEDTLS_CCM_C) case PSA_ALG_CCM: @@ -2932,7 +2931,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, return( PSA_SUCCESS ); cleanup: - psa_aead_abort( operation, alg ); + psa_aead_abort( operation ); return( status ); } @@ -2998,7 +2997,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, memset( ciphertext, 0, ciphertext_size ); exit: - psa_aead_abort( &operation, alg ); + psa_aead_abort( &operation ); if( status == PSA_SUCCESS ) *ciphertext_length = plaintext_length + operation.tag_length; return( status ); @@ -3090,7 +3089,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, memset( plaintext, 0, plaintext_size ); exit: - psa_aead_abort( &operation, alg ); + psa_aead_abort( &operation ); if( status == PSA_SUCCESS ) *plaintext_length = ciphertext_length - operation.tag_length; return( status ); From 7fa99d90ddd2be932bd2ee76301a1184486266d6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Sep 2018 22:09:46 +0200 Subject: [PATCH 0537/2197] Add metadata tests for truncated MAC and short-tag AEAD --- .../test_suite_psa_crypto_metadata.function | 120 ++++++++++++++---- 1 file changed, 93 insertions(+), 27 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index a264389cd..9cb68b9fa 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -94,6 +94,47 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) exit: ; } +void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, + size_t length ) +{ + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); + + /* Length */ + TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) ); + +exit: ; +} + +void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, + size_t tag_length ) +{ + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + algorithm_classification( alg, classification_flags ); + + /* Tag length */ + TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) ); + +exit: ; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -151,23 +192,30 @@ void mac_algorithm( int alg_arg, int classification_flags, { psa_algorithm_t alg = alg_arg; size_t length = length_arg; + size_t n; size_t key_type = key_type_arg; size_t key_bits = key_bits_arg; - /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); - - /* Length */ - TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) ); + mac_algorithm_core( alg, classification_flags, + key_type, key_bits, length ); TEST_ASSERT( length <= PSA_MAC_MAX_SIZE ); + + /* Truncated versions */ + for( n = 1; n <= length; n++ ) + { + psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); + mac_algorithm_core( truncated_alg, classification_flags, + key_type, key_bits, n ); + /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length + * of the outer truncation (even if the outer length is smaller than + * the inner length). */ + TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ) == + PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); + TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ) == + PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); + TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ) == + PSA_ALG_TRUNCATED_MAC( alg, length ) ); + } } /* END_CASE */ @@ -179,14 +227,22 @@ void hmac_algorithm( int alg_arg, psa_algorithm_t alg = alg_arg; psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg ); size_t block_size = block_size_arg; + size_t length = length_arg; + size_t n; TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) ); TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg ); TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE ); - test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg, - PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) ); + test_mac_algorithm( alg_arg, ALG_IS_HMAC, length, + PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length ) ); + + for( n = 1; n <= length; n++ ) + { + psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); + TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( truncated_alg ) == hash_alg ); + } } /* END_CASE */ @@ -214,20 +270,30 @@ void aead_algorithm( int alg_arg, int classification_flags, { psa_algorithm_t alg = alg_arg; size_t tag_length = tag_length_arg; + size_t n; - /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + aead_algorithm_core( alg, classification_flags, tag_length ); - /* Tag length */ - TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) ); + /* Truncated versions */ + for( n = 1; n <= tag_length; n++ ) + { + psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n ); + aead_algorithm_core( truncated_alg, classification_flags, n ); + TEST_ASSERT( + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ) == alg ); + /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives + * the length of the outer truncation (even if the outer length is + * smaller than the inner length). */ + TEST_ASSERT( + PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ) == + PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) ); + TEST_ASSERT( + PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ) == + PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) ); + TEST_ASSERT( + PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ) == + PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) ); + } } /* END_CASE */ From 57fbdb19397ec8b45a002252f5f187d7f6c76a19 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Oct 2018 18:29:17 +0200 Subject: [PATCH 0538/2197] Use a public macro for AEAD tag length variations Avoid depending on the encoding of algorithms inside psa_crypto.c. --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f3a2c64af..ab9ec725e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1225,7 +1225,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( mbedtls_cipher_id_t cipher_id_tmp; if( PSA_ALG_IS_AEAD( alg ) ) - alg &= ~PSA_ALG_AEAD_TAG_LENGTH_MASK; + alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ); if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) { @@ -1249,10 +1249,10 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_ALG_CBC_PKCS7: mode = MBEDTLS_MODE_CBC; break; - case PSA_ALG_CCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK: + case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ): mode = MBEDTLS_MODE_CCM; break; - case PSA_ALG_GCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK: + case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ): mode = MBEDTLS_MODE_GCM; break; default: From e0e9c7c417e694b30870a9068769f1ca933f7d42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Oct 2018 18:28:05 +0200 Subject: [PATCH 0539/2197] New macro PSA_ALG_FULL_LENGTH_MAC Provide a documented way of constructing the full-length MAC algorithm from a truncated version. --- include/psa/crypto.h | 15 +++++++++++++++ library/psa_crypto.c | 2 +- .../test_suite_psa_crypto_metadata.function | 2 ++ 3 files changed, 18 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 48c971351..99c4b523d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -803,6 +803,21 @@ typedef uint32_t psa_algorithm_t; (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) +/** Macro to build the base MAC algorithm corresponding to a truncated + * MAC algorithm. + * + * \param alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * + * \return The corresponding base MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_ALG_FULL_LENGTH_MAC(alg) \ + ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) + /** Length to which a MAC algorithm is truncated. * * \param alg A MAC algorithm identifier (value of type diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ab9ec725e..6b01c13f0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1527,7 +1527,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_key_usage_t usage = is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg ); - psa_algorithm_t full_length_alg = alg & ~PSA_ALG_MAC_TRUNCATION_MASK; + psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg ); status = psa_mac_init( operation, full_length_alg ); if( status != PSA_SUCCESS ) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 9cb68b9fa..215110a32 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -198,6 +198,7 @@ void mac_algorithm( int alg_arg, int classification_flags, mac_algorithm_core( alg, classification_flags, key_type, key_bits, length ); + TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( alg ) == alg ); TEST_ASSERT( length <= PSA_MAC_MAX_SIZE ); /* Truncated versions */ @@ -206,6 +207,7 @@ void mac_algorithm( int alg_arg, int classification_flags, psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); mac_algorithm_core( truncated_alg, classification_flags, key_type, key_bits, n ); + TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ) == alg ); /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length * of the outer truncation (even if the outer length is smaller than * the inner length). */ From f3d0a56841493cb184e9244f1d0d9aa3929b0ee4 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Thu, 18 Oct 2018 16:41:08 -0500 Subject: [PATCH 0540/2197] Integrated mostly cosmetic feedback from Alex --- include/psa/crypto_driver.h | 45 ++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index c0a62b268..c571764ce 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -77,7 +77,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, /** \brief a function that completes a previously started MAC operation by * returning the resulting MAC using an opaque key * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be * finished * \param[out] p_mac A buffer where the generated MAC will be @@ -85,7 +85,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, * \param[in] mac_size The size in bytes of the buffer that has been * allocated for the `output` buffer * \param[out] p_mac_length After completion, will contain the number of - * bytes placed in the `p_output` buffer + * bytes placed in the `p_mac` buffer * * \retval PSA_SUCCESS * Success. @@ -98,7 +98,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context, /** \brief A function that completes a previously started MAC operation by * comparing the resulting MAC against a known value using an opaque key * - * \param[in] p_context A hardware-specific structure for the previously + * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be fiinished * \param[in] p_mac The MAC value against which the resulting MAC will * be compared against @@ -117,7 +117,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context, /** \brief A function that aborts a previous started opaque-key MAC operation - * \param[in] p_context A hardware-specific structure for the previously + * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be aborted */ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); @@ -126,9 +126,9 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); * the calculated MAC using an opaque key * * \param[in] p_input A buffer containing the message to be MACed - * \param[in] input_length The size in bytes of `input` + * \param[in] input_length The size in bytes of `p_input` * \param[in] key_slot The slot of the key to be used - * \param[in] alg The algorithm to be used to underlie the MA + * \param[in] alg The algorithm to be used to underlie the MAC * operation * \param[out] p_mac A buffer where the generated MAC will be * placed @@ -285,7 +285,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be * finished * \param[out] p_mac A buffer where the generated MAC will be placed @@ -310,9 +310,9 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be - * fiinished + * verified and finished * \param[in] p_mac A buffer containing the MAC that will be used * for verification * \param[in] mac_length The size in bytes of the data in the `p_mac` @@ -336,9 +336,9 @@ typedef psa_status_t (*pcd_mac_transparent_verify_finish_t)(struct pcd_mac_trans * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be - * fiinished + * aborted * */ typedef psa_status_t (*pcd_mac_transparent_abort_t)(struct pcd_mac_transparent_context_t *p_context); @@ -475,9 +475,9 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, /** \brief A function that completes a previously started opaque-key cipher * operation * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation - * \param[out] p_output The caller-callocated buffer where the output + * \param[out] p_output The caller-allocated buffer where the output * will be placed * \param[in] output_size The allocated size in bytes of the `p_output` * buffer @@ -494,7 +494,7 @@ typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context, /** \brief A function that aborts a previously started opaque-key cipher * operation * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation */ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); @@ -513,7 +513,7 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); * encrypted/decrypted * \param[in] input_size The size in bytes of the buffer pointed to by * `p_input` - * \param[out] p_output The caller-allocated byffer where the output will + * \param[out] p_output The caller-allocated buffer where the output will * be placed * \param[in] output_size The allocated size in bytes of the `p_output` * buffer @@ -672,7 +672,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transp * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation * \param[out] p_output A caller-allocated buffer where the generated * output will be placed @@ -699,7 +699,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transp * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation * * \retval PSA_SUCCESS @@ -768,20 +768,23 @@ typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * - * \param[in] p_context A hardware-specific structure for the + * \param[in,out] p_context A hardware-specific structure for the * previously started hash operation to be * fiinished * \param[out] p_output A buffer where the generated digest will be * placed * \param[in] output_size The size in bytes of the buffer that has been * allocated for the `p_output` buffer + * \param[out] p_output_length The number of bytes placed in `p_output` after + * success * * \retval PSA_SUCCESS * Success. */ typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, uint8_t *p_output, - size_t output_size); + size_t output_size, + size_t *p_output_length); /** \brief The function prototype for the abort operation of a hash (message * digest) operation @@ -793,7 +796,7 @@ typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * - * \param[in] p_context A hardware-specific structure for the previously + * \param[in,out] p_context A hardware-specific structure for the previously * started hash operation to be aborted */ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); @@ -814,7 +817,7 @@ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); * \param[in] p_hash The hash or message to sign * \param[in] hash_length Size of the `p_hash` buffer in bytes * \param[out] p_signature Buffer where the signature is to be written - * \param signature_size Size of the `p_signature` buffer in bytes + * \param[in] signature_size Size of the `p_signature` buffer in bytes * \param[out] p_signature_length On success, the number of bytes * that make up the returned signature value * From ddb4f3bdf7fba1e02fd03de906b0d5ef91dcc1c9 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 19 Oct 2018 11:34:50 +0100 Subject: [PATCH 0541/2197] Add a Jenkinsfile for PR job testing --- tests/.jenkins/Jenkinsfile | 1 + 1 file changed, 1 insertion(+) create mode 100644 tests/.jenkins/Jenkinsfile diff --git a/tests/.jenkins/Jenkinsfile b/tests/.jenkins/Jenkinsfile new file mode 100644 index 000000000..78a7878ee --- /dev/null +++ b/tests/.jenkins/Jenkinsfile @@ -0,0 +1 @@ +mbedtls_psa.run_job() From 1824696681de10a1f01048ef7e3bdd21f407a788 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 17 Oct 2018 15:01:45 +0100 Subject: [PATCH 0542/2197] Fix integer conversion warnings in psa_constant_names --- programs/psa/psa_constant_names.c | 18 +++++++++--------- scripts/generate_psa_constants.py | 6 +++--- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 55a70c60d..88821dab5 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -83,9 +83,9 @@ static int psa_snprint_status(char *buffer, size_t buffer_size, size_t length = strlen(name); if (length < buffer_size) { memcpy(buffer, name, length + 1); - return length; + return (int) length; } else { - return buffer_size; + return (int) buffer_size; } } } @@ -100,9 +100,9 @@ static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, size_t length = strlen(name); if (length < buffer_size) { memcpy(buffer, name, length + 1); - return length; + return (int) length; } else { - return buffer_size; + return (int) buffer_size; } } } @@ -144,15 +144,15 @@ int main(int argc, char *argv[]) } if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) - psa_snprint_status(buffer, sizeof(buffer), value); + psa_snprint_status(buffer, sizeof(buffer), (psa_status_t) value); else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) - psa_snprint_algorithm(buffer, sizeof(buffer), value); + psa_snprint_algorithm(buffer, sizeof(buffer), (psa_algorithm_t) value); else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) - psa_snprint_ecc_curve(buffer, sizeof(buffer), value); + psa_snprint_ecc_curve(buffer, sizeof(buffer), (psa_ecc_curve_t) value); else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) - psa_snprint_key_type(buffer, sizeof(buffer), value); + psa_snprint_key_type(buffer, sizeof(buffer), (psa_key_type_t) value); else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) - psa_snprint_key_usage(buffer, sizeof(buffer), value); + psa_snprint_key_usage(buffer, sizeof(buffer), (psa_key_usage_t) value); else { printf("Unknown type: %s\n", argv[1]); return EXIT_FAILURE; diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 85bfe3ae9..7e4420b69 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -44,7 +44,7 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size, break; } buffer[0] = 0; - return required_size; + return (int) required_size; } static int psa_snprint_algorithm(char *buffer, size_t buffer_size, @@ -84,7 +84,7 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, append(&buffer, buffer_size, &required_size, ")", 1); } buffer[0] = 0; - return required_size; + return (int) required_size; } static int psa_snprint_key_usage(char *buffer, size_t buffer_size, @@ -110,7 +110,7 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size, } else { buffer[0] = 0; } - return required_size; + return (int) required_size; } /* End of automatically generated file. */ From e5204c94a148b48da8819682bf77bfd54448c924 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Mon, 22 Oct 2018 17:24:55 +0300 Subject: [PATCH 0543/2197] add tests that increase key derivation code coverage slightly added tests that increase code coverage for the key derivation functions slightly by reaching error cases not covered before. --- tests/suites/test_suite_psa_crypto.data | 12 +++++++++++ tests/suites/test_suite_psa_crypto.function | 23 +++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 871a511b2..1a93a8929 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1189,6 +1189,10 @@ PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS +PSA key derivation: HKDF-SHA-512, good case +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS + PSA key derivation: bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT @@ -1201,6 +1205,14 @@ PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED +PSA key derivation: unsupported key derivation algorithm +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED + +PSA key derivation: bad arguments test +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +test_derive_invalid_generator: + PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 63d837fdc..c6f49c007 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3085,6 +3085,29 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void test_derive_invalid_generator() +{ + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_slot_t base_key = 1; + psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + data_t salt; + data_t label; + size_t capacity = 0; + salt.x = NULL; + salt.len = 0; + label.x = NULL; + label.len = 0; + + generator.alg = alg; + /* invalid generator.alg */ + TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + salt.x, salt.len, + label.x, label.len, + capacity ) == PSA_ERROR_BAD_STATE ); +} +/* END_CASE */ + /* BEGIN_CASE */ void derive_output( int alg_arg, data_t *key_data, From 6dee5c9649651629542c647876b61cf8c80e6e42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Oct 2018 19:11:00 +0200 Subject: [PATCH 0544/2197] Add test_suite_psa_crypto_metadata to cmake builds This test suite was run by make builds, but I had forgotten to add it to CMakeLists.txt. --- tests/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index d8b74f227..a7821d7bc 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -111,6 +111,7 @@ add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) add_test_suite(psa_crypto) +add_test_suite(psa_crypto_metadata) add_test_suite(shax) add_test_suite(ssl) add_test_suite(timing) From 9ba61d0ce5143cafac2aa057ab4ae1d05eccf972 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Oct 2018 19:26:38 +0200 Subject: [PATCH 0545/2197] Ignore generated files under crypto/ from crypto/.gitignore In /crypto/.gitignore, list files that are generated by a build done under /crypto/. In the outer /.gitignore, list files under /crypto/ only if they are created by the export process. This commit slightly refines both lists and adds some build products to /crypto/.gitignore. --- .gitignore | 11 ++++++----- crypto/.gitignore | 11 +++++++++++ 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 2edbc997c..ea732a496 100644 --- a/.gitignore +++ b/.gitignore @@ -30,12 +30,13 @@ massif-* # Exported Mbed Crypto files crypto/LICENSE crypto/VERSION.txt -crypto/include +crypto/include/mbedcrypto/*.h +crypto/include/psa/*.h crypto/library/*.c -crypto/library/libmbedcrypto* +crypto/programs/psa/*.c +crypto/programs/psa/*.sh crypto/scripts crypto/tests/scripts -crypto/tests/suites -crypto/tests/test_suite* -crypto/programs/psa +crypto/tests/suites/*.data +crypto/tests/suites/*.function mbedcrypto.tar.gz diff --git a/crypto/.gitignore b/crypto/.gitignore index bf39198d1..ae4ba4530 100644 --- a/crypto/.gitignore +++ b/crypto/.gitignore @@ -1,2 +1,13 @@ +*.exe +*.o +*.obj /docs/*.pdf /docs/html +/library/libmbedcrypto*.a +/library/libmbedcrypto*.dll +/library/libmbedcrypto*.so +/library/libmbedcrypto*.so.[0-9]* +/programs/psa/crypto_examples +/programs/psa/key_ladder_demo +/programs/psa/psa_constant_names +/tests/test_suite_* From 765682cf09604656d31e68f99126450c87fd5080 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Mon, 22 Oct 2018 15:27:27 -0500 Subject: [PATCH 0546/2197] Added detailed descriptions for modules. Additional small edits. --- include/psa/crypto_driver.h | 150 ++++++++++++++++++++++++++++++------ 1 file changed, 125 insertions(+), 25 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index c571764ce..14784bb72 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -41,6 +41,20 @@ typedef uint32_t psa_key_slot_t; typedef uint32_t psa_key_type_t; /** \defgroup opaque_mac Opaque Message Authentication Code + * Generation and authentication of Message Authentication Codes (MACs) using + * opaque keys can be done either as a single function call (via the + * `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in + * parts using the following sequence: + * - `psa_mac_opaque_setup_t` + * - `psa_mac_opaque_update_t` + * - `psa_mac_opaque_update_t` + * - ... + * - `psa_mac_opaque_finish_t` or `psa_mac_opaque_finish_verify_t` + * + * If a previously started Opaque MAC operation needs to be terminated, it + * should be done so by the `psa_mac_opaque_abort_t`. Failure to do so may + * result in allocated resources not being freed or in other undefined + * behavior. */ /**@{*/ /** \brief A function that starts a MAC operation for a PSA Crypto Driver @@ -179,8 +193,8 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, * PSA Crypto API implementations should populate the table as appropriate * upon startup. * - * If one of the functions is not implemented (such as `pcd_mac_opaque_t`), - * it should be set to NULL. + * If one of the functions is not implemented (such as + * `pcd_mac_opaque_generate_t`), it should be set to NULL. * * Driver implementers should ensure that they implement all of the functions * that make sense for their hardware, and that they provide a full solution @@ -217,10 +231,26 @@ struct pcd_mac_opaque_t { /**@}*/ /** \defgroup transparent_mac Transparent Message Authentication Code + * Generation and authentication of Message Authentication Codes (MACs) using + * transparent keys can be done either as a single function call (via the + * `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t` + * functions), or in parts using the following sequence: + * - `psa_mac_transparent_setup_t` + * - `psa_mac_transparent_update_t` + * - `psa_mac_transparent_update_t` + * - ... + * - `psa_mac_transparent_finish_t` or `psa_mac_transparent_finish_verify_t` + * + * If a previously started Transparent MAC operation needs to be terminated, it + * should be done so by the `psa_mac_transparent_abort_t`. Failure to do so may + * result in allocated resources not being freed or in other undefined + * behavior. + * */ /**@{*/ /** \brief The hardware-specific transparent-key MAC context structure + * * The contents of this structure are implementation dependent and are * therefore not described here. */ @@ -321,7 +351,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_ * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ -typedef psa_status_t (*pcd_mac_transparent_verify_finish_t)(struct pcd_mac_transparent_context_t *p_context, +typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(struct pcd_mac_transparent_context_t *p_context, const uint8_t *p_mac, size_t mac_length); @@ -405,6 +435,24 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, /**@}*/ /** \defgroup opaque_cipher Opaque Symmetric Ciphers + * + * Encryption and Decryption using opaque keys in block modes other than ECB + * must be done in multiple parts, using the following flow: + * - `pcd_cipher_opaque_setup_t` + * - `pcd_cipher_opaque_set_iv_t` (optional depending upon block mode) + * - `pcd_cipher_opaque_update_t` + * - ... + * - `pcd_cipher_opaque_finish_t` + + * If a previously started Opaque Cipher operation needs to be terminated, it + * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may + * result in allocated resources not being freed or in other undefined + * behavior. + * + * In situations where a PSA Cryptographic API implementation is using a block + * mode not-supported by the underlying hardware or driver, it can construct + * the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function + * pointer for the cipher operations. */ /**@{*/ @@ -431,10 +479,10 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, /** \brief A function pointer that sets the initialization vector (if * necessary) for an opaque cipher operation * - * Rationale: that the psa_cipher_* function set has two IV functions: one to - * set the IV, and one to generate it internally. the generate function is not - * necessary for the driver API as the PSA Crypto implementation can do the - * generation using its RNG features. + * Rationale: The `psa_cipher_*` function in the PSA Cryptographif API has two + * IV functions: one to set the IV, and one to generate it internally. The + * generate function is not necessary for the driver API as the PSA Crypto + * implementation can do the generation using its RNG features. * * \param[in,out] p_context A structure that contains the previously set up * hardware-specific cipher context @@ -564,11 +612,24 @@ struct pcd_cipher_opaque_t { /**@}*/ /** \defgroup transparent_cipher Transparent Block Cipher + * Encryption and Decryption using transparent keys in block modes other than + * ECB must be done in multiple parts, using the following flow: + * - `pcd_cipher_transparent_setup_t` + * - `pcd_cipher_transparent_set_iv_t` (optional depending upon block mode) + * - `pcd_cipher_transparent_update_t` + * - ... + * - `pcd_cipher_transparent_finish_t` + + * If a previously started Transparent Cipher operation needs to be terminated, + * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do + * so may result in allocated resources not being freed or in other undefined + * behavior. */ /**@{*/ /** \brief The hardware-specific transparent-key Cipher context structure - * The contents of this structure are implementation dependent and are + * + * The contents of this structure are implementation dependent and are * therefore not described here. */ struct pcd_cipher_transparent_context_t { @@ -709,10 +770,23 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transpa /**@}*/ /** \defgroup driver_digest Message Digests + * + * Generation and authentication of Message Digests (aka hashes) must be done + * in parts using the following sequence: + * - `psa_hash_setup_t` + * - `psa_hash_update_t` + * - ... + * - `psa_hash_finish_t` + * + * If a previously started Message Digest operation needs to be terminated + * before the `psa_hash_finish_t` operation is complete, it should be aborted + * by the `psa_hash_abort_t`. Failure to do so may result in allocated + * resources not being freed or in other undefined behavior. */ /**@{*/ /** \brief The hardware-specific hash context structure + * * The contents of this structure are implementation dependent and are * therefore not described here */ @@ -805,6 +879,10 @@ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography + * + * Since the amount of data that can (or should) be encrypted or signed using + * asymmetric keys is limited by the key size, asymmetric key operations using + * opaque keys must be done in single function calls. */ /**@{*/ @@ -814,7 +892,7 @@ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg A signature algorithm that is compatible * with the type of `key` - * \param[in] p_hash The hash or message to sign + * \param[in] p_hash The hash to sign * \param[in] hash_length Size of the `p_hash` buffer in bytes * \param[out] p_signature Buffer where the signature is to be written * \param[in] signature_size Size of the `p_signature` buffer in bytes @@ -833,14 +911,13 @@ typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, /** * \brief A function that verifies the signature a hash or short message using - * a public key + * an asymmetric public key * * \param[in] key_slot Key slot of a public key or an asymmetric key * pair * \param[in] alg A signature algorithm that is compatible with * the type of `key` - * \param[in] p_hash The hash or message whose signature is to be - * verified + * \param[in] p_hash The hash whose signature is to be verified * \param[in] hash_length Size of the `p_hash` buffer in bytes * \param[in] p_signature Buffer containing the signature to verify * \param[in] signature_length Size of the `p_signature` buffer in bytes @@ -856,7 +933,8 @@ typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, size_t signature_length); /** - * \brief A function that encrypts a short message with a public key + * \brief A function that encrypts a short message with an asymmetric public + * key * * \param[in] key_slot Key slot of a public key or an asymmetric key * pair @@ -894,7 +972,7 @@ typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, size_t *p_output_length); /** - * \brief Decrypt a short message with a private key. + * \brief Decrypt a short message with an asymmetric private key. * * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg An asymmetric encryption algorithm that is @@ -953,13 +1031,17 @@ struct pcd_asymmetric_opaque_t { /**@}*/ /** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography + * + * Since the amount of data that can (or should) be encrypted or signed using + * asymmetric keys is limited by the key size, asymmetric key operations using + * transparent keys must be done in single function calls. */ /**@{*/ /** * \brief A function that signs a hash or short message with a transparent - * private key + * asymmetric private key * * Functions that implement the prototype should be named in the following * convention: @@ -993,7 +1075,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, /** * \brief A function that verifies the signature a hash or short message using - * a transparent public key + * a transparent asymmetric public key * * Functions that implement the prototype should be named in the following * convention: @@ -1024,8 +1106,8 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key size_t signature_length); /** - * \brief A function that encrypts a short message with a transparent public - * key + * \brief A function that encrypts a short message with a transparent + * asymmetric public key * * Functions that implement the prototype should be named in the following * convention: @@ -1071,7 +1153,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke size_t *p_output_length); /** - * \brief Decrypt a short message with a transparent private key + * \brief Decrypt a short message with a transparent asymmetric private key * * Functions that implement the prototype should be named in the following * convention: @@ -1119,6 +1201,11 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke /**@}*/ /** \defgroup aead_opaque AEAD Opaque + * Authenticated Encryption with Additional Data (AEAD) operations with opaque + * keys must be done in one function call. While this creates a burden for + * implementers as there must be sufficient space in memory for the entire + * message, it prevents decrypted data from being made available before the + * authentication operation is complete and the data is known to be authentic. */ /**@{*/ @@ -1221,10 +1308,17 @@ struct psa_aead_opaque_t { /**@}*/ /** \defgroup aead_transparent AEAD Transparent + * + * Authenticated Encryption with Additional Data (AEAD) operations with + * transparent keys must be done in one function call. While this creates a + * burden for implementers as there must be sufficient space in memory for the + * entire message, it prevents decrypted data from being made available before + * the authentication operation is complete and the data is known to be + * authentic. */ /**@{*/ -/** Process an authenticated encryption operation. +/** Process an authenticated encryption operation using an opaque key. * * Functions that implement the prototype should be named in the following * convention: @@ -1277,7 +1371,7 @@ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key, size_t ciphertext_size, size_t *ciphertext_length); -/** Process an authenticated decryption operation. +/** Process an authenticated decryption operation using an opaque key. * * Functions that implement the prototype should be named in the following * convention: @@ -1402,6 +1496,10 @@ struct pcd_entropy_t { /**@}*/ /** \defgroup driver_key_management Key Management + * Currently, key management is limited to importing keys in the clear, + * destroying keys, and exporting keys in the clear. + * Whether a key may be exported is determined by the key policies in place + * on the key slot. */ /**@{*/ @@ -1537,10 +1635,6 @@ struct pcd_key_management_t { /**@}*/ /** \defgroup driver_derivation Key Derivation and Agreement - */ -/**@{*/ - -/** * Key derivation is the process of generating new key material using an * existing key and additional parameters, iterating through a basic * cryptographic function, such as a hash. @@ -1587,7 +1681,13 @@ struct pcd_key_management_t { * &session_key_length); * ~~~~~~~~~~~~~ */ +/**@{*/ +/** \brief The hardware-specific key derivation context structure + * + * The contents of this structure are implementation dependent and are + * therefore not described here + */ struct pcd_key_derivation_context_t { // Implementation specific }; From 608e091d9a44f562d8b240d9602cbb268eab1b6d Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 17 Oct 2018 14:48:27 +0100 Subject: [PATCH 0547/2197] Add pre Visual Studio 2015 support to psa_constant_names snprintf was only added in Visual Studio 2015. This adds support for building using Visual Studio versions prior to 2015. This implementation of snprintf has been taken from platform.c --- programs/psa/psa_constant_names.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 88821dab5..dd19677c4 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -4,6 +4,35 @@ #include "psa/crypto.h" +/* This block is present to support Visual Studio builds prior to 2015 */ +#if defined(_MSC_VER) && _MSC_VER < 1900 +#include +int snprintf( char *s, size_t n, const char *fmt, ... ) +{ + int ret; + va_list argp; + + /* Avoid calling the invalid parameter handler by checking ourselves */ + if( s == NULL || n == 0 || fmt == NULL ) + return( -1 ); + + va_start( argp, fmt ); +#if defined(_TRUNCATE) && !defined(__MINGW32__) + ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp ); +#else + ret = _vsnprintf( s, n, fmt, argp ); + if( ret < 0 || (size_t) ret == n ) + { + s[n-1] = '\0'; + ret = -1; + } +#endif + va_end( argp ); + + return( ret ); +} +#endif + /* There are different GET_HASH macros for different kinds of algorithms * built from hashes, but the values are all constructed on the * same model. */ From 3b80ab93ce0c6e173c773622f77b2899c949ef0b Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 17 Oct 2018 16:11:34 +0100 Subject: [PATCH 0548/2197] Add path handling for psa_constant_names on Windows --- programs/Makefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/programs/Makefile b/programs/Makefile index b1534071c..9cc28c47e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -96,7 +96,12 @@ all: $(APPS) $(DEP): $(MAKE) -C ../library +ifdef WINDOWS +EXTRA_GENERATED += psa\psa_constant_names_generated.c +else EXTRA_GENERATED += psa/psa_constant_names_generated.c +endif + psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h ../scripts/generate_psa_constants.py From 6c0f94cbd0ede1dad6383ea27a8d8569123afefc Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 17 Oct 2018 16:12:33 +0100 Subject: [PATCH 0549/2197] Add better handling when deleting files on Windows Windows complains if you try to delete a file that doesn't exist. Makefiles now check if the files exist before trying to delete them. --- library/Makefile | 3 ++- programs/Makefile | 4 +++- tests/Makefile | 4 +++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/library/Makefile b/library/Makefile index f4b39bdeb..cf6750d05 100644 --- a/library/Makefile +++ b/library/Makefile @@ -200,5 +200,6 @@ clean: ifndef WINDOWS rm -f *.o libmbed* else - del /Q /F *.o libmbed* + if exist *.o del /Q /F *.o + if exist libmbed* del /Q /F libmbed* endif diff --git a/programs/Makefile b/programs/Makefile index 9cc28c47e..f3627c906 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -322,7 +322,9 @@ clean: ifndef WINDOWS rm -f $(APPS) $(EXTRA_GENERATED) else - del /S /Q /F *.o *.exe $(EXTRA_GENERATED) + if exist *.o del /S /Q /F *.o + if exist *.exe del /S /Q /F *.exe + if exist $(EXTRA_GENERATED) del /S /Q /F $(EXTRA_GENERATED) endif list: diff --git a/tests/Makefile b/tests/Makefile index b6e49bf8a..889d2a7da 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -107,7 +107,9 @@ clean: ifndef WINDOWS rm -rf $(BINARIES) *.c *.datax TESTS else - del /Q /F *.c *.exe *.datax + if exist *.c del /Q /F *.c + if exist *.exe del /Q /F *.exe + if exist *.datax del /Q /F *.datax ifneq ($(wildcard TESTS/.*),) rmdir /Q /S TESTS endif From 81133a6f76cce15019e631e4c771a4ba2cf4fe4a Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Tue, 23 Oct 2018 14:55:32 -0500 Subject: [PATCH 0550/2197] More changes due to PR feedback --- include/psa/crypto_driver.h | 83 +++++++++++++++++-------------------- 1 file changed, 39 insertions(+), 44 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 14784bb72..19f5adaac 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -39,6 +39,7 @@ typedef uint32_t psa_algorithm_t; typedef uint8_t encrypt_or_decrypt_t; typedef uint32_t psa_key_slot_t; typedef uint32_t psa_key_type_t; +typedef uint32_t psa_key_usage_t; /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using @@ -136,7 +137,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context, */ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); -/** \brief A funciton that performs a MAC operation in one command and return +/** \brief A function that performs a MAC operation in one command and returns * the calculated MAC using an opaque key * * \param[in] p_input A buffer containing the message to be MACed @@ -146,7 +147,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); * operation * \param[out] p_mac A buffer where the generated MAC will be * placed - * \param[in] mac_size The size in bytes of the `output` buffer + * \param[in] mac_size The size in bytes of the `p_mac` buffer * \param[out] p_mac_length After completion, will contain the number of * bytes placed in the `output` buffer * @@ -254,9 +255,7 @@ struct pcd_mac_opaque_t { * The contents of this structure are implementation dependent and are * therefore not described here. */ -struct pcd_mac_transparent_context_t { - // Implementation specific -}; +typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; /** \brief The function prototype for the setup operation of a * transparent-key MAC operation @@ -278,7 +277,7 @@ struct pcd_mac_transparent_context_t { * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_transparent_setup_t)(struct pcd_mac_transparent_context_t *p_context, +typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_t *p_context, const uint8_t *p_key, size_t key_length); @@ -300,7 +299,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(struct pcd_mac_transparent_c * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_context_t *p_context, +typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context_t *p_context, const uint8_t *p_input, size_t input_length); @@ -325,7 +324,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_ * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_context_t *p_context, +typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context_t *p_context, uint8_t *p_mac, size_t mac_length); @@ -351,7 +350,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_ * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ -typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(struct pcd_mac_transparent_context_t *p_context, +typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_context_t *p_context, const uint8_t *p_mac, size_t mac_length); @@ -371,7 +370,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(struct pcd_mac_trans * aborted * */ -typedef psa_status_t (*pcd_mac_transparent_abort_t)(struct pcd_mac_transparent_context_t *p_context); +typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context); /** \brief The function prototype for a one-shot operation of a transparent-key * MAC operation @@ -479,7 +478,7 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, /** \brief A function pointer that sets the initialization vector (if * necessary) for an opaque cipher operation * - * Rationale: The `psa_cipher_*` function in the PSA Cryptographif API has two + * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two * IV functions: one to set the IV, and one to generate it internally. The * generate function is not necessary for the driver API as the PSA Crypto * implementation can do the generation using its RNG features. @@ -632,9 +631,7 @@ struct pcd_cipher_opaque_t { * The contents of this structure are implementation dependent and are * therefore not described here. */ -struct pcd_cipher_transparent_context_t { - // Implementation specific -}; +typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t; /** \brief The function prototype for the setup operation of transparent-key * block cipher operations. @@ -662,7 +659,7 @@ struct pcd_cipher_transparent_context_t { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_setup_t)(struct pcd_cipher_transparent_context_t *p_context, +typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context, encrypt_or_decrypt_t direction, const uint8_t *p_key_data, size_t key_data_size); @@ -685,7 +682,7 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(struct pcd_cipher_transpa * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(struct pcd_cipher_transparent_context_t *p_context, +typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context, const uint8_t *p_iv, size_t iv_length); @@ -714,7 +711,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(struct pcd_cipher_transp * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transparent_context_t *p_context, +typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context, const uint8_t *p_input, size_t input_size, uint8_t *p_output, @@ -743,7 +740,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transp * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transparent_context_t *p_context, +typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context, uint8_t *p_output, size_t output_size, size_t *p_output_length); @@ -765,7 +762,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transp * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transparent_context_t *p_context); +typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context); /**@}*/ @@ -790,9 +787,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transpa * The contents of this structure are implementation dependent and are * therefore not described here */ -struct pcd_hash_context_t { - // Implementation specific -}; +typedef struct pcd_hash_context_s pcd_hash_context_t; /** \brief The function prototype for the start operation of a hash (message * digest) operation @@ -809,7 +804,7 @@ struct pcd_hash_context_t { * * \retval PSA_SUCCESS Success. */ -typedef psa_status_t (*pcd_hash_setup_t)(struct pcd_hash_context_t *p_context); +typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); /** \brief The function prototype for the update operation of a hash (message * digest) operation @@ -828,7 +823,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(struct pcd_hash_context_t *p_context); * to the hash operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, +typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, const uint8_t *p_input, size_t input_length); @@ -855,7 +850,7 @@ typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, +typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context, uint8_t *p_output, size_t output_size, size_t *p_output_length); @@ -873,7 +868,7 @@ typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, * \param[in,out] p_context A hardware-specific structure for the previously * started hash operation to be aborted */ -typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context); +typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context); /**@}*/ @@ -1431,9 +1426,7 @@ typedef psa_status_t (*psa_aead_transparent_decrypt_t)(const uint8_t *p_key, /** \brief A hardware-specific structure for a entropy providing hardware */ -struct pcd_entropy_context_t { - // Implementation specific -}; +typedef struct pcd_entropy_context_s pcd_entropy_context_t; /** \brief Initialize an entropy driver * @@ -1444,7 +1437,7 @@ struct pcd_entropy_context_t { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_init_t)(struct pcd_entropy_context_t *p_context); +typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); /** \brief Get a specified number of bytes from the entropy source * @@ -1472,7 +1465,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(struct pcd_entropy_context_t *p_conte * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_get_bytes_t)(struct pcd_entropy_context_t *p_context, +typedef psa_status_t (*pcd_entropy_get_bytes_t)(pcd_entropy_context_t *p_context, uint8_t *p_buffer, uint32_t buffer_size, uint32_t *p_received_entropy_bytes); @@ -1508,18 +1501,22 @@ struct pcd_entropy_t { * This function can support any output from psa_export_key(). Refer to the * documentation of psa_export_key() for the format for each key type. * - * \param[in] key_slot Slot where the key will be stored. This must be a - * valid slot for a key of the chosen type. It must - * be unoccupied. - * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param[in] p_data Buffer containing the key data. - * \param[in] data_length Size of the `data` buffer in bytes. + * \param[in] key_slot Slot where the key will be stored + * This must be a valid slot for a key of the chosen + * type. It must be unoccupied. + * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value) + * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value) + * \param[in] usage The allowed uses of the key + * \param[in] p_data Buffer containing the key data + * \param[in] data_length Size of the `data` buffer in bytes * * \retval #PSA_SUCCESS * Success. */ typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot, psa_key_type_t type, + psa_algorithm_t algorithm, + psa_key_usage_t usage, const uint8_t *p_data, size_t data_length); @@ -1688,9 +1685,7 @@ struct pcd_key_management_t { * The contents of this structure are implementation dependent and are * therefore not described here */ -struct pcd_key_derivation_context_t { - // Implementation specific -}; +typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t; /** \brief Set up a key derivation operation by specifying the algorithm and * the source key sot @@ -1703,7 +1698,7 @@ struct pcd_key_derivation_context_t { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_setup_t)(struct pcd_key_derivation_context_t *p_context, +typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context, psa_algorithm_t kdf_alg, psa_key_slot_t source_key); @@ -1722,9 +1717,9 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(struct pcd_key_derivation_con * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_collateral_t)(struct pcd_key_derivation_context_t *p_context, +typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context, uint32_t collateral_id, - const uint8_t p_collateral, + const uint8_t *p_collateral, size_t collateral_size); /** \brief Perform the final key derivation step and place the generated key @@ -1736,7 +1731,7 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(struct pcd_key_derivatio * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_derive_t)(struct pcd_key_derivation_context_t *p_context, +typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context, psa_key_slot_t dest_key); /** \brief Perform the final step of a key agreement and place the generated From 6f960ab063ee9d70f19e4fa56bb97cc1351a48b5 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Tue, 23 Oct 2018 15:58:06 -0500 Subject: [PATCH 0551/2197] Additional fixes per comments in PR#92 in psa-crypto --- include/psa/crypto_driver.h | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 19f5adaac..d2008b7c3 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -41,6 +41,9 @@ typedef uint32_t psa_key_slot_t; typedef uint32_t psa_key_type_t; typedef uint32_t psa_key_usage_t; +#define PSA_CRYPTO_DRIVER_ENCRYPT 1 +#define PSA_CRYPTO_DRIVER_DECRYPT 0 + /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using * opaque keys can be done either as a single function call (via the @@ -1439,7 +1442,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t; */ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); -/** \brief Get a specified number of bytes from the entropy source +/** \brief Get a specified number of bits from the entropy source * * It retrives `buffer_size` bytes of data from the entropy source. The entropy * source will always fill the provided buffer to its full size, however, most @@ -1458,17 +1461,17 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); * containing any context information * for the implementation * \param[out] p_buffer A caller-allocated buffer for the - * retrieved bytes to be placed in + * retrieved entropy to be placed in * \param[in] buffer_size The allocated size of `p_buffer` - * \param[out] p_received_entropy_bytes The amount of entropy (in bytes) + * \param[out] p_received_entropy_bits The amount of entropy (in bits) * actually provided in `p_buffer` * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_get_bytes_t)(pcd_entropy_context_t *p_context, - uint8_t *p_buffer, - uint32_t buffer_size, - uint32_t *p_received_entropy_bytes); +typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context, + uint8_t *p_buffer, + uint32_t buffer_size, + uint32_t *p_received_entropy_bits); /** * \brief A struct containing all of the function pointers needed to interface @@ -1482,9 +1485,9 @@ typedef psa_status_t (*pcd_entropy_get_bytes_t)(pcd_entropy_context_t *p_context struct pcd_entropy_t { /** Function that performs initialization for the entropy source */ pcd_entropy_init_t *p_init; - /** Function that performs the get_bytes operation for the entropy source + /** Function that performs the get_bits operation for the entropy source */ - pcd_entropy_get_bytes_t *p_get_bytes; + pcd_entropy_get_bits_t *p_get_bits; }; /**@}*/ From 8ffded300d7a0590de52530b9604069ec68a4279 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Thu, 25 Oct 2018 13:49:38 +0300 Subject: [PATCH 0552/2197] Improve line coverage for asymmetric sign function by adding new bad scenarios --- tests/suites/test_suite_psa_crypto.data | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0319782fa..25d9fba2b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -742,6 +742,13 @@ PSA sign: deterministic ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +PSA sign: invalid key slot type +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT + +PSA sign: invalid algorithm for ECC key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT + PSA sign/verify: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" From 87576c5c5afb58caf8896bc297e315bf205f2d96 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Thu, 25 Oct 2018 13:49:59 +0300 Subject: [PATCH 0553/2197] Improve line coverage for asymmetric verify function by adding new bad scenarios --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 25d9fba2b..b8a770932 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -821,6 +821,10 @@ PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +PSA verify: invalid algorithm for ECC key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"":"":PSA_ERROR_INVALID_ARGUMENT + PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS From b46e7ca16bd1f06d3162d9ba8576cb44751f79f6 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 25 Oct 2018 14:46:09 +0300 Subject: [PATCH 0554/2197] add additional generator tests and generalize key derivation test Key derivation test now uses an indirect way to test generator validity as the direct way previously used isn't compatible with the PSA IPC implementation. Additional bad path test for the generator added to check basic bad-path scenarios. --- tests/suites/test_suite_psa_crypto.data | 8 ++- tests/suites/test_suite_psa_crypto.function | 80 +++++++++++++++++---- 2 files changed, 72 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1a93a8929..39ac88839 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1209,9 +1209,13 @@ PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED -PSA key derivation: bad arguments test +PSA key derivation: invalid generator state ( double generate + read past capacity ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -test_derive_invalid_generator: +test_derive_invalid_generator_state:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" + +PSA key derivation: invalid generator state ( call read/get_capacity after init and abort ) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +test_derive_invalid_generator_tests: PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c6f49c007..65bec58c3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3086,25 +3086,77 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_generator() +void test_derive_invalid_generator_state( int key_type_arg, data_t *key_data) { - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_slot_t base_key = 1; + size_t key_type = key_type_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); - data_t salt; - data_t label; - size_t capacity = 0; - salt.x = NULL; - salt.len = 0; - label.x = NULL; - label.len = 0; + size_t capacity = 42; + uint8_t buffer[42]; + psa_key_policy_t policy; - generator.alg = alg; - /* invalid generator.alg */ + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( base_key, key_type, + key_data->x, + key_data->len ) == PSA_SUCCESS ); + + /* valid key derivation */ TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, - salt.x, salt.len, - label.x, label.len, - capacity ) == PSA_ERROR_BAD_STATE ); + NULL, 0, + NULL, 0, + capacity ) == PSA_SUCCESS ); + + /* state of generator shouldn't allow additional generation */ + TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + NULL, 0, + NULL, 0, + capacity ) == PSA_ERROR_BAD_STATE ); + + TEST_ASSERT( psa_generator_read( &generator, buffer, capacity ) + == PSA_SUCCESS ); + + TEST_ASSERT( psa_generator_read( &generator, buffer, capacity ) + == PSA_ERROR_INSUFFICIENT_CAPACITY ); + + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( base_key ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void test_derive_invalid_generator_tests( ) +{ + uint8_t output_buffer[16]; + size_t buffer_size = 16; + size_t capacity = 0; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + + TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size) + == PSA_ERROR_INSUFFICIENT_CAPACITY ); + + TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) + == PSA_ERROR_BAD_STATE ); + + TEST_ASSERT( psa_generator_abort(&generator) == PSA_SUCCESS ); + + TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size) + == PSA_ERROR_INSUFFICIENT_CAPACITY ); + + TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity) + == PSA_ERROR_BAD_STATE ); + +exit: + psa_generator_abort( &generator ); } /* END_CASE */ From 00646883f1cef7713e3e15c3228f5ea3d13f675f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 10:04:44 +0100 Subject: [PATCH 0555/2197] visualc: Add crypto_driver.h to project A new header file for crypto drivers has been added, so we need to ensure that the Visual Studio project files reference the new header. --- visualc/VS2010/mbedTLS.vcxproj | 1 + 1 file changed, 1 insertion(+) diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 4d8b92af1..301d3333f 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -225,6 +225,7 @@ + From d3d26aa6b2477e5d5b65da5a578458157fb22f7f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 10:07:32 +0100 Subject: [PATCH 0556/2197] psa: driver: Fix trailing whitespace issues Remove all trailing whitespace from crypto_driver.h. Ensure there is a new line at the end of crypto_driver.h. --- include/psa/crypto_driver.h | 250 ++++++++++++++++++------------------ 1 file changed, 125 insertions(+), 125 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index d2008b7c3..9bf00d513 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -1,7 +1,7 @@ /** * \file psa/crypto_driver.h * \brief Platform Security Architecture cryptographic driver module - * + * * This file describes an API for driver developers to implement to enable * hardware to be called in a standardized way by a PSA Cryptographic API * implementation. The API described is not intended to be called by @@ -31,7 +31,7 @@ #include /** The following types are redefinitions from the psa/crypto.h file. - * It is intended that these will be moved to a new common header file to + * It is intended that these will be moved to a new common header file to * avoid duplication. They are included here for expediency in publication. */ typedef uint32_t psa_status_t; @@ -46,7 +46,7 @@ typedef uint32_t psa_key_usage_t; /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using - * opaque keys can be done either as a single function call (via the + * opaque keys can be done either as a single function call (via the * `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in * parts using the following sequence: * - `psa_mac_opaque_setup_t` @@ -54,23 +54,23 @@ typedef uint32_t psa_key_usage_t; * - `psa_mac_opaque_update_t` * - ... * - `psa_mac_opaque_finish_t` or `psa_mac_opaque_finish_verify_t` - * - * If a previously started Opaque MAC operation needs to be terminated, it + * + * If a previously started Opaque MAC operation needs to be terminated, it * should be done so by the `psa_mac_opaque_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. */ /**@{*/ -/** \brief A function that starts a MAC operation for a PSA Crypto Driver +/** \brief A function that starts a MAC operation for a PSA Crypto Driver * implementation using an opaque key - * - * \param[in,out] p_context A structure that will contain the + * + * \param[in,out] p_context A structure that will contain the * hardware-specific MAC context * \param[in] key_slot The slot of the key to be used for the * operation - * \param[in] algorithm The algorithm to be used to underly the MAC + * \param[in] algorithm The algorithm to be used to underly the MAC * operation - * + * * \retval PSA_SUCCESS * Success. */ @@ -80,7 +80,7 @@ typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context, /** \brief A function that continues a previously started MAC operation using * an opaque key - * + * * \param[in,out] p_context A hardware-specific structure for the * previously-established MAC operation to be * continued @@ -94,9 +94,9 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, /** \brief a function that completes a previously started MAC operation by * returning the resulting MAC using an opaque key - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started MAC operation to be + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started MAC operation to be * finished * \param[out] p_mac A buffer where the generated MAC will be * placed @@ -104,7 +104,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, * allocated for the `output` buffer * \param[out] p_mac_length After completion, will contain the number of * bytes placed in the `p_mac` buffer - * + * * \retval PSA_SUCCESS * Success. */ @@ -115,13 +115,13 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context, /** \brief A function that completes a previously started MAC operation by * comparing the resulting MAC against a known value using an opaque key - * + * * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be fiinished * \param[in] p_mac The MAC value against which the resulting MAC will * be compared against * \param[in] mac_length The size in bytes of the value stored in `p_mac` - * + * * \retval PSA_SUCCESS * The operation completed successfully and the MACs matched each * other @@ -142,7 +142,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); /** \brief A function that performs a MAC operation in one command and returns * the calculated MAC using an opaque key - * + * * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `p_input` * \param[in] key_slot The slot of the key to be used @@ -153,7 +153,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); * \param[in] mac_size The size in bytes of the `p_mac` buffer * \param[out] p_mac_length After completion, will contain the number of * bytes placed in the `output` buffer - * + * * \retval PSA_SUCCESS * Success. */ @@ -167,7 +167,7 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input, /** \brief A function that performs an MAC operation in one command and * compare the resulting MAC against a known value using an opaque key - * + * * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `input` * \param[in] key_slot The slot of the key to be used @@ -176,7 +176,7 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input, * \param[in] p_mac The MAC value against which the resulting MAC will * be compared against * \param[in] mac_length The size in bytes of `mac` - * + * * \retval PSA_SUCCESS * The operation completed successfully and the MACs matched each * other @@ -193,18 +193,18 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, /** \brief A struct containing all of the function pointers needed to * implement MAC operations using opaque keys. - * + * * PSA Crypto API implementations should populate the table as appropriate * upon startup. * * If one of the functions is not implemented (such as * `pcd_mac_opaque_generate_t`), it should be set to NULL. - * + * * Driver implementers should ensure that they implement all of the functions * that make sense for their hardware, and that they provide a full solution * (for example, if they support `p_setup`, they should also support * `p_update` and at least one of `p_finish` or `p_finish_verify`). - * + * */ struct pcd_mac_opaque_t { /**The size in bytes of the hardware-specific Opaque-MAC Context structure @@ -236,7 +236,7 @@ struct pcd_mac_opaque_t { /** \defgroup transparent_mac Transparent Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using - * transparent keys can be done either as a single function call (via the + * transparent keys can be done either as a single function call (via the * `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t` * functions), or in parts using the following sequence: * - `psa_mac_transparent_setup_t` @@ -244,12 +244,12 @@ struct pcd_mac_opaque_t { * - `psa_mac_transparent_update_t` * - ... * - `psa_mac_transparent_finish_t` or `psa_mac_transparent_finish_verify_t` - * - * If a previously started Transparent MAC operation needs to be terminated, it + * + * If a previously started Transparent MAC operation needs to be terminated, it * should be done so by the `psa_mac_transparent_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. - * + * */ /**@{*/ @@ -262,7 +262,7 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; /** \brief The function prototype for the setup operation of a * transparent-key MAC operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -270,13 +270,13 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` * is the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in,out] p_context A structure that will contain the + * + * \param[in,out] p_context A structure that will contain the * hardware-specific MAC context * \param[in] p_key A buffer containing the cleartext key material * to be used in the operation * \param[in] key_length The size in bytes of the key material - * + * * \retval PSA_SUCCESS * Success. */ @@ -294,7 +294,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_ * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` * is the specific variant of a MAC operation (such as HMAC or CMAC) - * + * * \param[in,out] p_context A hardware-specific structure for the * previously-established MAC operation to be * continued @@ -308,7 +308,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context /** \brief The function prototype for the finish operation of a * transparent-key MAC operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -316,14 +316,14 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be * finished * \param[out] p_mac A buffer where the generated MAC will be placed * \param[in] mac_length The size in bytes of the buffer that has been * allocated for the `p_mac` buffer - * + * * \retval PSA_SUCCESS * Success. */ @@ -333,7 +333,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context /** \brief The function prototype for the finish and verify operation of a * transparent-key MAC operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -341,7 +341,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be * verified and finished @@ -349,7 +349,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context * for verification * \param[in] mac_length The size in bytes of the data in the `p_mac` * buffer - * + * * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ @@ -359,7 +359,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_ /** \brief The function prototype for the abort operation for a previously * started transparent-key MAC operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -367,25 +367,25 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_ * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be * aborted - * + * */ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context); /** \brief The function prototype for a one-shot operation of a transparent-key * MAC operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * pcd_mac_transparent__ * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) - * + * * \param[in] p_input A buffer containing the data to be MACed * \param[in] input_length The length in bytes of the `p_input` data * \param[in] p_key A buffer containing the key material to be used @@ -406,7 +406,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, /** \brief The function prototype for a one-shot operation of a transparent-key * MAC Verify operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -414,7 +414,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) - * + * * \param[in] p_input A buffer containing the data to be MACed * \param[in] input_length The length in bytes of the `p_input` data * \param[in] p_key A buffer containing the key material to be used @@ -423,7 +423,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, * \param[in] alg The algorithm to be performed * \param[in] p_mac The MAC data to be compared * \param[in] mac_length The length in bytes of the `p_mac` buffer - * + * * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ @@ -437,7 +437,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, /**@}*/ /** \defgroup opaque_cipher Opaque Symmetric Ciphers - * + * * Encryption and Decryption using opaque keys in block modes other than ECB * must be done in multiple parts, using the following flow: * - `pcd_cipher_opaque_setup_t` @@ -446,11 +446,11 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, * - ... * - `pcd_cipher_opaque_finish_t` - * If a previously started Opaque Cipher operation needs to be terminated, it + * If a previously started Opaque Cipher operation needs to be terminated, it * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. - * + * * In situations where a PSA Cryptographic API implementation is using a block * mode not-supported by the underlying hardware or driver, it can construct * the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function @@ -469,7 +469,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, * operation * \param[in] direction Indicates whether the operation is an encrypt * or decrypt - * + * * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ @@ -480,17 +480,17 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, /** \brief A function pointer that sets the initialization vector (if * necessary) for an opaque cipher operation - * + * * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two * IV functions: one to set the IV, and one to generate it internally. The * generate function is not necessary for the driver API as the PSA Crypto * implementation can do the generation using its RNG features. - * + * * \param[in,out] p_context A structure that contains the previously set up * hardware-specific cipher context * \param[in] p_iv A buffer containing the initialization vector * \param[in] iv_length The size (in bytes) of the `p_iv` buffer - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, @@ -499,7 +499,7 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, /** \brief A function that continues a previously started opaque-key cipher * operation - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation * \param[in] p_input A buffer containing the data to be @@ -512,7 +512,7 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, * `p_output` buffer * \param[out] p_output_length After completion, will contain the number * of bytes placed in the `p_output` buffer - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, @@ -533,7 +533,7 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, * buffer * \param[out] p_output_length After completion, will contain the number of * bytes placed in the `p_output` buffer - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context, @@ -551,10 +551,10 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); /** \brief A function that performs the ECB block mode for opaque-key cipher * operations - * + * * Note: this function should only be used with implementations that do not * provide a needed higher-level operation. - * + * * \param[in] key_slot The slot of the key to be used for the operation * \param[in] algorithm The algorithm to be used in the cipher operation * \param[in] direction Indicates whether the operation is an encrypt or @@ -567,7 +567,7 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); * be placed * \param[in] output_size The allocated size in bytes of the `p_output` * buffer - * + * * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ @@ -582,10 +582,10 @@ typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, /** * \brief A struct containing all of the function pointers needed to implement * cipher operations using opaque keys. - * + * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. - * + * * If one of the functions is not implemented (such as * `pcd_cipher_opaque_ecb_t`), it should be set to NULL. */ @@ -630,7 +630,7 @@ struct pcd_cipher_opaque_t { /**@{*/ /** \brief The hardware-specific transparent-key Cipher context structure - * + * * The contents of this structure are implementation dependent and are * therefore not described here. */ @@ -651,7 +651,7 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t * pcd_cipher_transparent_setup_ * ~~~~~~~~~~~~~ * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) - * + * * \param[in,out] p_context A structure that will contain the * hardware-specific cipher context * \param[in] direction Indicates if the operation is an encrypt or a @@ -659,7 +659,7 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t * \param[in] p_key_data A buffer containing the cleartext key material * to be used in the operation * \param[in] key_data_size The size in bytes of the key material - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context, @@ -677,12 +677,12 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * + * * \param[in,out] p_context A structure that contains the previously setup * hardware-specific cipher context * \param[in] p_iv A buffer containing the initialization vecotr * \param[in] iv_length The size in bytes of the contents of `p_iv` - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context, @@ -700,7 +700,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation * \param[in] p_input A buffer containing the data to be @@ -711,7 +711,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c * \param[in] output_size The size in bytes of the `p_output` buffer * \param[out] p_output_length After completion, will contain the number * of bytes placed in the `p_output` buffer - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context, @@ -740,7 +740,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c * \param[in] output_size The size in bytes of the `p_output` buffer * \param[out] p_output_length After completion, will contain the number of * bytes placed in the `p_output` buffer - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context, @@ -750,7 +750,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c /** \brief The function prototype for the abort operation of transparent-key * block cipher operations. - * + * * Functions that implement the following prototype should be named in the * following convention: * ~~~~~~~~~~~~~{.c} @@ -759,10 +759,10 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context); @@ -770,14 +770,14 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co /**@}*/ /** \defgroup driver_digest Message Digests - * + * * Generation and authentication of Message Digests (aka hashes) must be done * in parts using the following sequence: * - `psa_hash_setup_t` * - `psa_hash_update_t` * - ... * - `psa_hash_finish_t` - * + * * If a previously started Message Digest operation needs to be terminated * before the `psa_hash_finish_t` operation is complete, it should be aborted * by the `psa_hash_abort_t`. Failure to do so may result in allocated @@ -786,7 +786,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co /**@{*/ /** \brief The hardware-specific hash context structure - * + * * The contents of this structure are implementation dependent and are * therefore not described here */ @@ -794,17 +794,17 @@ typedef struct pcd_hash_context_s pcd_hash_context_t; /** \brief The function prototype for the start operation of a hash (message * digest) operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * pcd_hash__setup * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying hash function - * + * * \param[in,out] p_context A structure that will contain the * hardware-specific hash context - * + * * \retval PSA_SUCCESS Success. */ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); @@ -818,7 +818,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); * pcd_hash__update * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm - * + * * \param[in,out] p_context A hardware-specific structure for the * previously-established hash operation to be * continued @@ -832,14 +832,14 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, /** \brief The prototype for the finish operation of a hash (message digest) * operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * pcd_hash__finish * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm - * + * * \param[in,out] p_context A hardware-specific structure for the * previously started hash operation to be * fiinished @@ -849,7 +849,7 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, * allocated for the `p_output` buffer * \param[out] p_output_length The number of bytes placed in `p_output` after * success - * + * * \retval PSA_SUCCESS * Success. */ @@ -860,14 +860,14 @@ typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context, /** \brief The function prototype for the abort operation of a hash (message * digest) operation - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * pcd_hash__abort * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm - * + * * \param[in,out] p_context A hardware-specific structure for the previously * started hash operation to be aborted */ @@ -877,7 +877,7 @@ typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context); /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography - * + * * Since the amount of data that can (or should) be encrypted or signed using * asymmetric keys is limited by the key size, asymmetric key operations using * opaque keys must be done in single function calls. @@ -1009,10 +1009,10 @@ typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, /** * \brief A struct containing all of the function pointers needed to implement * asymmetric cryptographic operations using opaque keys. - * + * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. - * + * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_asymmetric_opaque_t { @@ -1040,14 +1040,14 @@ struct pcd_asymmetric_opaque_t { /** * \brief A function that signs a hash or short message with a transparent * asymmetric private key - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * pcd_asymmetric__sign * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm - * + * * \param[in] p_key A buffer containing the private key * material * \param[in] key_size The size in bytes of the `p_key` data @@ -1080,8 +1080,8 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, * ~~~~~~~~~~~~~{.c} * pcd_asymmetric__verify * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the signing algorithm - * + * Where `ALGO` is the name of the signing algorithm + * * \param[in] p_key A buffer containing the public key material * \param[in] key_size The size in bytes of the `p_key` data * \param[in] alg A signature algorithm that is compatible with @@ -1113,7 +1113,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key * pcd_asymmetric__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm - * + * * \param[in] p_key A buffer containing the public key material * \param[in] key_size The size in bytes of the `p_key` data * \param[in] alg An asymmetric encryption algorithm that is @@ -1159,7 +1159,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke * pcd_asymmetric__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm - * + * * \param[in] p_key A buffer containing the private key material * \param[in] key_size The size in bytes of the `p_key` data * \param[in] alg An asymmetric encryption algorithm that is @@ -1200,7 +1200,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke /** \defgroup aead_opaque AEAD Opaque * Authenticated Encryption with Additional Data (AEAD) operations with opaque - * keys must be done in one function call. While this creates a burden for + * keys must be done in one function call. While this creates a burden for * implementers as there must be sufficient space in memory for the entire * message, it prevents decrypted data from being made available before the * authentication operation is complete and the data is known to be authentic. @@ -1291,10 +1291,10 @@ typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, /** * \brief A struct containing all of the function pointers needed to implement * Authenticated Encryption with Additional Data operations using opaque keys - * + * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. - * + * * If one of the functions is not implemented, it should be set to NULL. */ struct psa_aead_opaque_t { @@ -1306,7 +1306,7 @@ struct psa_aead_opaque_t { /**@}*/ /** \defgroup aead_transparent AEAD Transparent - * + * * Authenticated Encryption with Additional Data (AEAD) operations with * transparent keys must be done in one function call. While this creates a * burden for implementers as there must be sufficient space in memory for the @@ -1317,7 +1317,7 @@ struct psa_aead_opaque_t { /**@{*/ /** Process an authenticated encryption operation using an opaque key. - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -1354,7 +1354,7 @@ struct psa_aead_opaque_t { * the `ciphertext` buffer * * \retval #PSA_SUCCESS - + */ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key, size_t key_length, @@ -1370,7 +1370,7 @@ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key, size_t *ciphertext_length); /** Process an authenticated decryption operation using an opaque key. - * + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} @@ -1433,7 +1433,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t; /** \brief Initialize an entropy driver * - * + * * \param[in,out] p_context A hardware-specific structure * containing any context information for * the implementation @@ -1443,7 +1443,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t; typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); /** \brief Get a specified number of bits from the entropy source - * + * * It retrives `buffer_size` bytes of data from the entropy source. The entropy * source will always fill the provided buffer to its full size, however, most * entropy sources have biases, and the actual amount of entropy contained in @@ -1456,7 +1456,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); * To accomplish this, the PSA Crypto implementation should be designed to call * this function multiple times until it has received the required amount of * entropy from the entropy source. - * + * * \param[in,out] p_context A hardware-specific structure * containing any context information * for the implementation @@ -1465,7 +1465,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); * \param[in] buffer_size The allocated size of `p_buffer` * \param[out] p_received_entropy_bits The amount of entropy (in bits) * actually provided in `p_buffer` - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context, @@ -1476,10 +1476,10 @@ typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context, /** * \brief A struct containing all of the function pointers needed to interface * to an entropy source - * + * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. - * + * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_entropy_t { @@ -1615,10 +1615,10 @@ typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key, /** * \brief A struct containing all of the function pointers needed to for key * management using opaque keys - * + * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. - * + * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_key_management_t { @@ -1643,14 +1643,14 @@ struct pcd_key_management_t { * material. * The flows are similar, and the PSA Crypto Driver API uses the same functions * for both of the flows. - * + * * There are two different final functions for the flows, * `pcd_key_derivation_derive` and `pcd_key_derivation_export`. * `pcd_key_derivation_derive` is used when the key material should be placed * in a slot on the hardware and not exposed to the caller. * `pcd_key_derivation_export` is used when the key material should be returned * to the PSA Cryptographic API implementation. - * + * * Different key derivation algorithms require a different number of inputs. * Instead of having an API that takes as input variable length arrays, which * can be problemmatic to manage on embedded platforms, the inputs are passed @@ -1671,7 +1671,7 @@ struct pcd_key_management_t { * collateral_2_size); * pcd_key_derivation_derive(); * ~~~~~~~~~~~~~ - * + * * key agreement example: * ~~~~~~~~~~~~~{.c} * pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes); @@ -1684,7 +1684,7 @@ struct pcd_key_management_t { /**@{*/ /** \brief The hardware-specific key derivation context structure - * + * * The contents of this structure are implementation dependent and are * therefore not described here */ @@ -1692,13 +1692,13 @@ typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t; /** \brief Set up a key derivation operation by specifying the algorithm and * the source key sot - * + * * \param[in,out] p_context A hardware-specific structure containing any * context information for the implementation * \param[in] kdf_alg The algorithm to be used for the key derivation * \param[in] souce_key The key to be used as the source material for the * key derivation - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context, @@ -1707,17 +1707,17 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t /** \brief Provide collateral (parameters) needed for a key derivation or key * agreement operation - * + * * Since many key derivation algorithms require multiple parameters, it is * expeced that this function may be called multiple times for the same * operation, each with a different algorithm-specific `collateral_id` - * + * * \param[in,out] p_context A hardware-specific structure containing any * context information for the implementation * \param[in] collateral_id An ID for the collateral being provided * \param[in] p_collateral A buffer containing the collateral data * \param[in] collateral_size The size in bytes of the collateral - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context, @@ -1731,7 +1731,7 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_conte * context information for the implementation * \param[in] dest_key The slot where the generated key material * should be placed - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context, @@ -1739,13 +1739,13 @@ typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t /** \brief Perform the final step of a key agreement and place the generated * key material in a buffer - * + * * \param[out] p_output Buffer in which to place the generated key * material * \param[in] output_size The size in bytes of `p_output` * \param[out] p_output_length Upon success, contains the number of bytes of * key material placed in `p_output` - * + * * \retval PSA_SUCCESS */ typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output, @@ -1755,10 +1755,10 @@ typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output, /** * \brief A struct containing all of the function pointers needed to for key * derivation and agreement - * + * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. - * + * * If one of the functions is not implemented, it should be set to NULL. */ struct pcd_key_derivation_t { @@ -1775,4 +1775,4 @@ struct pcd_key_derivation_t { /**@}*/ -#endif // __PSA_CRYPTO_DRIVER_H__ \ No newline at end of file +#endif // __PSA_CRYPTO_DRIVER_H__ From 0a09f77357737a4df763a3c13131519a82984db5 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 11:42:32 +0100 Subject: [PATCH 0557/2197] psa: driver: Fix comment whitespace format Fix comment formatting whitespace issues in crypto_driver.h to match our style. --- include/psa/crypto_driver.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 9bf00d513..737476a9d 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -684,7 +684,7 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co * \param[in] iv_length The size in bytes of the contents of `p_iv` * * \retval PSA_SUCCESS -*/ + */ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context, const uint8_t *p_iv, size_t iv_length); @@ -723,7 +723,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c /** \brief The function prototype for the finish operation of transparent-key * block cipher operations. -* + * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} From 72244ae5954c76f7ebe21929fe64dfdd6fc88680 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 10:59:12 +0100 Subject: [PATCH 0558/2197] psa: driver: Fix names of AEAD functions The driver AEAD functions had a `psa_` prefix. They should have had a `pcd_` prefix like the other driver functions. --- include/psa/crypto_driver.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 737476a9d..0e07eef0e 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -1236,7 +1236,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -1276,7 +1276,7 @@ typedef psa_status_t (*psa_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -1297,11 +1297,11 @@ typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, * * If one of the functions is not implemented, it should be set to NULL. */ -struct psa_aead_opaque_t { +struct pcd_aead_opaque_t { /** Function that performs the AEAD encrypt operation */ - psa_aead_opaque_encrypt_t *p_encrypt; + pcd_aead_opaque_encrypt_t *p_encrypt; /** Function that performs the AEAD decrypt operation */ - psa_aead_opaque_decrypt_t *p_decrypt; + pcd_aead_opaque_decrypt_t *p_decrypt; }; /**@}*/ @@ -1356,7 +1356,7 @@ struct psa_aead_opaque_t { * \retval #PSA_SUCCESS */ -typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key, +typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key, size_t key_length, psa_algorithm_t alg, const uint8_t *nonce, @@ -1407,7 +1407,7 @@ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_aead_transparent_decrypt_t)(const uint8_t *p_key, +typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key, size_t key_length, psa_algorithm_t alg, const uint8_t *nonce, From e095d60d95f587aeeb1ab054eed9b11a18d0ad3e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 12:09:31 +0100 Subject: [PATCH 0559/2197] psa: driver: Use "Driver Model" terminology "Driver APIs" can be interpreted to mean APIs used when you want to write a driver, not the set of functions you implement to make a driver. See https://www.kernel.org/doc/html/latest/driver-api/index.html "The kernel offers a wide variety of interfaces to support the development of device drivers." As such, we are renaming "Driver API" to "Driver Model" and updating our work so far to reflect this change. --- include/psa/crypto_driver.h | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 0e07eef0e..a59ff6e29 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -2,10 +2,11 @@ * \file psa/crypto_driver.h * \brief Platform Security Architecture cryptographic driver module * - * This file describes an API for driver developers to implement to enable - * hardware to be called in a standardized way by a PSA Cryptographic API - * implementation. The API described is not intended to be called by - * application developers. + * This file describes the PSA Crypto Driver Model, containing functions for + * driver developers to implement to enable hardware to be called in a + * standardized way by a PSA Cryptographic API implementation. The functions + * comprising the driver model, which driver authors implement, are not + * intended to be called by application developers. */ /* @@ -483,8 +484,8 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, * * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two * IV functions: one to set the IV, and one to generate it internally. The - * generate function is not necessary for the driver API as the PSA Crypto - * implementation can do the generation using its RNG features. + * generate function is not necessary for the drivers to implement as the PSA + * Crypto implementation can do the generation using its RNG features. * * \param[in,out] p_context A structure that contains the previously set up * hardware-specific cipher context @@ -1641,7 +1642,7 @@ struct pcd_key_management_t { * Key agreement is a part of cryptographic protocols that allows two parties * to agree on the same key value, but starting from different original key * material. - * The flows are similar, and the PSA Crypto Driver API uses the same functions + * The flows are similar, and the PSA Crypto Driver Model uses the same functions * for both of the flows. * * There are two different final functions for the flows, From 1acb2c43179837c8adcb5f167fb8d29cff9be201 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 10:49:58 +0100 Subject: [PATCH 0560/2197] psa: driver: Replace `pcd_` prefix with `psa_drv_` The `pcd_` prefix is ambiguous and does not make it clear that the types and symbols are standardized by PSA. Replace `pcd_` with a prefix that can be shared with all PSA drivers, `psa_drv_`. --- include/psa/crypto_driver.h | 698 ++++++++++++++++++------------------ 1 file changed, 349 insertions(+), 349 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index a59ff6e29..9acd33066 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -48,7 +48,7 @@ typedef uint32_t psa_key_usage_t; /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using * opaque keys can be done either as a single function call (via the - * `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in + * `psa_drv_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in * parts using the following sequence: * - `psa_mac_opaque_setup_t` * - `psa_mac_opaque_update_t` @@ -75,9 +75,9 @@ typedef uint32_t psa_key_usage_t; * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context, - psa_key_slot_t key_slot, - psa_algorithm_t algorithm); +typedef psa_status_t (*psa_drv_mac_opaque_setup_t)(void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm); /** \brief A function that continues a previously started MAC operation using * an opaque key @@ -89,9 +89,9 @@ typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context, * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, - const uint8_t *p_input, - size_t input_length); +typedef psa_status_t (*psa_drv_mac_opaque_update_t)(void *p_context, + const uint8_t *p_input, + size_t input_length); /** \brief a function that completes a previously started MAC operation by * returning the resulting MAC using an opaque key @@ -109,10 +109,10 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context, * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context, - uint8_t *p_mac, - size_t mac_size, - size_t *p_mac_length); +typedef psa_status_t (*psa_drv_mac_opaque_finish_t)(void *p_context, + uint8_t *p_mac, + size_t mac_size, + size_t *p_mac_length); /** \brief A function that completes a previously started MAC operation by * comparing the resulting MAC against a known value using an opaque key @@ -130,16 +130,16 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context, * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ -typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_mac_opaque_finish_verify_t)(void *p_context, + const uint8_t *p_mac, + size_t mac_length); /** \brief A function that aborts a previous started opaque-key MAC operation * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be aborted */ -typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); +typedef psa_status_t (*psa_drv_mac_opaque_abort_t)(void *p_context); /** \brief A function that performs a MAC operation in one command and returns * the calculated MAC using an opaque key @@ -158,13 +158,13 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context); * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input, - size_t input_length, - psa_key_slot_t key_slot, - psa_algorithm_t alg, - uint8_t *p_mac, - size_t mac_size, - size_t *p_mac_length); +typedef psa_status_t (*psa_drv_mac_opaque_generate_t)(const uint8_t *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_size, + size_t *p_mac_length); /** \brief A function that performs an MAC operation in one command and * compare the resulting MAC against a known value using an opaque key @@ -185,12 +185,12 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input, * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ -typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, - size_t input_length, - psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_mac, + size_t mac_length); /** \brief A struct containing all of the function pointers needed to * implement MAC operations using opaque keys. @@ -199,7 +199,7 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, * upon startup. * * If one of the functions is not implemented (such as - * `pcd_mac_opaque_generate_t`), it should be set to NULL. + * `psa_drv_mac_opaque_generate_t`), it should be set to NULL. * * Driver implementers should ensure that they implement all of the functions * that make sense for their hardware, and that they provide a full solution @@ -207,38 +207,38 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input, * `p_update` and at least one of `p_finish` or `p_finish_verify`). * */ -struct pcd_mac_opaque_t { +struct psa_drv_mac_opaque_t { /**The size in bytes of the hardware-specific Opaque-MAC Context structure */ - size_t context_size; + size_t context_size; /** Function that performs the setup operation */ - pcd_mac_opaque_setup_t *p_setup; + psa_drv_mac_opaque_setup_t *p_setup; /** Function that performs the update operation */ - pcd_mac_opaque_update_t *p_update; + psa_drv_mac_opaque_update_t *p_update; /** Function that completes the operation */ - pcd_mac_opaque_finish_t *p_finish; + psa_drv_mac_opaque_finish_t *p_finish; /** Function that completed a MAC operation with a verify check */ - pcd_mac_opaque_finish_verify_t *p_finish_verify; + psa_drv_mac_opaque_finish_verify_t *p_finish_verify; /** Function that aborts a previoustly started operation */ - pcd_mac_opaque_abort_t *p_abort; + psa_drv_mac_opaque_abort_t *p_abort; /** Function that performs the MAC operation in one call */ - pcd_mac_opaque_generate_t *p_mac; + psa_drv_mac_opaque_generate_t *p_mac; /** Function that performs the MAC and verify operation in one call */ - pcd_mac_opaque_verify_t *p_mac_verify; + psa_drv_mac_opaque_verify_t *p_mac_verify; }; /**@}*/ /** \defgroup transparent_mac Transparent Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using * transparent keys can be done either as a single function call (via the - * `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t` + * `psa_drv_mac_transparent_generate_t` or `psa_mac_transparent_verify_t` * functions), or in parts using the following sequence: * - `psa_mac_transparent_setup_t` * - `psa_mac_transparent_update_t` @@ -259,7 +259,7 @@ struct pcd_mac_opaque_t { * The contents of this structure are implementation dependent and are * therefore not described here. */ -typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; +typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t; /** \brief The function prototype for the setup operation of a * transparent-key MAC operation @@ -267,7 +267,7 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent___setup + * psa_drv_mac_transparent___setup * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` * is the specific variant of a MAC operation (such as HMAC or CMAC) @@ -281,9 +281,9 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t; * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_t *p_context, - const uint8_t *p_key, - size_t key_length); +typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context, + const uint8_t *p_key, + size_t key_length); /** \brief The function prototype for the update operation of a * transparent-key MAC operation @@ -291,7 +291,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_ * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent___update + * psa_drv_mac_transparent___update * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` * is the specific variant of a MAC operation (such as HMAC or CMAC) @@ -303,9 +303,9 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_ * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_length); +typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_length); /** \brief The function prototype for the finish operation of a * transparent-key MAC operation @@ -313,7 +313,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent___finish + * psa_drv_mac_transparent___finish * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -328,9 +328,9 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context_t *p_context, - uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context, + uint8_t *p_mac, + size_t mac_length); /** \brief The function prototype for the finish and verify operation of a * transparent-key MAC operation @@ -338,7 +338,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent___finish_verify + * psa_drv_mac_transparent___finish_verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -354,9 +354,9 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ -typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_context_t *p_context, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context, + const uint8_t *p_mac, + size_t mac_length); /** \brief The function prototype for the abort operation for a previously * started transparent-key MAC operation @@ -364,7 +364,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_ * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent___abort + * psa_drv_mac_transparent___abort * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -374,7 +374,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_ * aborted * */ -typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context); +typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context); /** \brief The function prototype for a one-shot operation of a transparent-key * MAC operation @@ -382,7 +382,7 @@ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_ * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent__ + * psa_drv_mac_transparent__ * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -397,13 +397,13 @@ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_ * upon success * \param[in] mac_length The length in bytes of the `p_mac` buffer */ -typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, - size_t input_length, - const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_length); /** \brief The function prototype for a one-shot operation of a transparent-key * MAC Verify operation @@ -411,7 +411,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_mac_transparent___verify + * psa_drv_mac_transparent___verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -428,24 +428,24 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input, * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ -typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, - size_t input_length, - const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *p_mac, + size_t mac_length); /**@}*/ /** \defgroup opaque_cipher Opaque Symmetric Ciphers * * Encryption and Decryption using opaque keys in block modes other than ECB * must be done in multiple parts, using the following flow: - * - `pcd_cipher_opaque_setup_t` - * - `pcd_cipher_opaque_set_iv_t` (optional depending upon block mode) - * - `pcd_cipher_opaque_update_t` + * - `psa_drv_cipher_opaque_setup_t` + * - `psa_drv_cipher_opaque_set_iv_t` (optional depending upon block mode) + * - `psa_drv_cipher_opaque_update_t` * - ... - * - `pcd_cipher_opaque_finish_t` + * - `psa_drv_cipher_opaque_finish_t` * If a previously started Opaque Cipher operation needs to be terminated, it * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may @@ -454,7 +454,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, * * In situations where a PSA Cryptographic API implementation is using a block * mode not-supported by the underlying hardware or driver, it can construct - * the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function + * the block mode itself, while calling the `psa_drv_cipher_opaque_ecb_t` function * pointer for the cipher operations. */ /**@{*/ @@ -474,10 +474,10 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input, * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, - psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - encrypt_or_decrypt_t direction); +typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + encrypt_or_decrypt_t direction); /** \brief A function pointer that sets the initialization vector (if * necessary) for an opaque cipher operation @@ -494,9 +494,9 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, - const uint8_t *p_iv, - size_t iv_length); +typedef psa_status_t (*psa_drv_cipher_opaque_set_iv_t)(void *p_context, + const uint8_t *p_iv, + size_t iv_length); /** \brief A function that continues a previously started opaque-key cipher * operation @@ -516,12 +516,12 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_cipher_opaque_update_t)(void *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief A function that completes a previously started opaque-key cipher * operation @@ -537,10 +537,10 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_cipher_opaque_finish_t)(void *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief A function that aborts a previously started opaque-key cipher * operation @@ -548,7 +548,7 @@ typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context, * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation */ -typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); +typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context); /** \brief A function that performs the ECB block mode for opaque-key cipher * operations @@ -572,13 +572,13 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context); * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - encrypt_or_decrypt_t direction, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size); +typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + encrypt_or_decrypt_t direction, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size); /** * \brief A struct containing all of the function pointers needed to implement @@ -588,28 +588,28 @@ typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, * appropriate upon startup. * * If one of the functions is not implemented (such as - * `pcd_cipher_opaque_ecb_t`), it should be set to NULL. + * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL. */ -struct pcd_cipher_opaque_t { +struct psa_drv_cipher_opaque_t { /** The size in bytes of the hardware-specific Opaque Cipher context * structure */ - size_t size; + size_t size; /** Function that performs the setup operation */ - pcd_cipher_opaque_setup_t *p_setup; + psa_drv_cipher_opaque_setup_t *p_setup; /** Function that sets the IV (if necessary) */ - pcd_cipher_opaque_set_iv_t *p_set_iv; + psa_drv_cipher_opaque_set_iv_t *p_set_iv; /** Function that performs the update operation */ - pcd_cipher_opaque_update_t *p_update; + psa_drv_cipher_opaque_update_t *p_update; /** Function that completes the operation */ - pcd_cipher_opaque_finish_t *p_finish; + psa_drv_cipher_opaque_finish_t *p_finish; /** Function that aborts the operation */ - pcd_cipher_opaque_abort_t *p_abort; + psa_drv_cipher_opaque_abort_t *p_abort; /** Function that performs ECB mode for the cipher * (Danger: ECB mode should not be used directly by clients of the PSA * Crypto Client API) */ - pcd_cipher_opaque_ecb_t *p_ecb; + psa_drv_cipher_opaque_ecb_t *p_ecb; }; /**@}*/ @@ -617,11 +617,11 @@ struct pcd_cipher_opaque_t { /** \defgroup transparent_cipher Transparent Block Cipher * Encryption and Decryption using transparent keys in block modes other than * ECB must be done in multiple parts, using the following flow: - * - `pcd_cipher_transparent_setup_t` - * - `pcd_cipher_transparent_set_iv_t` (optional depending upon block mode) - * - `pcd_cipher_transparent_update_t` + * - `psa_drv_cipher_transparent_setup_t` + * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode) + * - `psa_drv_cipher_transparent_update_t` * - ... - * - `pcd_cipher_transparent_finish_t` + * - `psa_drv_cipher_transparent_finish_t` * If a previously started Transparent Cipher operation needs to be terminated, * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do @@ -635,21 +635,21 @@ struct pcd_cipher_opaque_t { * The contents of this structure are implementation dependent and are * therefore not described here. */ -typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t; +typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t; /** \brief The function prototype for the setup operation of transparent-key * block cipher operations. * Functions that implement the prototype should be named in the following * conventions: * ~~~~~~~~~~~~~{.c} - * pcd_cipher_transparent_setup__ + * psa_drv_cipher_transparent_setup__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) * or for stream ciphers: * ~~~~~~~~~~~~~{.c} - * pcd_cipher_transparent_setup_ + * psa_drv_cipher_transparent_setup_ * ~~~~~~~~~~~~~ * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) * @@ -663,17 +663,17 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context, - encrypt_or_decrypt_t direction, - const uint8_t *p_key_data, - size_t key_data_size); +typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context, + encrypt_or_decrypt_t direction, + const uint8_t *p_key_data, + size_t key_data_size); /** \brief The function prototype for the set initialization vector operation * of transparent-key block cipher operations * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_cipher_transparent_set_iv__ + * psa_drv_cipher_transparent_set_iv__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -686,9 +686,9 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context, - const uint8_t *p_iv, - size_t iv_length); +typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context, + const uint8_t *p_iv, + size_t iv_length); /** \brief The function prototype for the update operation of transparent-key * block cipher operations. @@ -696,7 +696,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_cipher_transparent_update__ + * psa_drv_cipher_transparent_update__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -715,12 +715,12 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief The function prototype for the finish operation of transparent-key * block cipher operations. @@ -728,7 +728,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_cipher_transparent_finish__ + * psa_drv_cipher_transparent_finish__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -744,10 +744,10 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief The function prototype for the abort operation of transparent-key * block cipher operations. @@ -755,7 +755,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c * Functions that implement the following prototype should be named in the * following convention: * ~~~~~~~~~~~~~{.c} - * pcd_cipher_transparent_abort__ + * psa_drv_cipher_transparent_abort__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -766,7 +766,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context); +typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context); /**@}*/ @@ -791,7 +791,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co * The contents of this structure are implementation dependent and are * therefore not described here */ -typedef struct pcd_hash_context_s pcd_hash_context_t; +typedef struct psa_drv_hash_context_s psa_drv_hash_context_t; /** \brief The function prototype for the start operation of a hash (message * digest) operation @@ -799,7 +799,7 @@ typedef struct pcd_hash_context_s pcd_hash_context_t; * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_hash__setup + * psa_drv_hash__setup * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying hash function * @@ -808,7 +808,7 @@ typedef struct pcd_hash_context_s pcd_hash_context_t; * * \retval PSA_SUCCESS Success. */ -typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); +typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context); /** \brief The function prototype for the update operation of a hash (message * digest) operation @@ -816,7 +816,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_hash__update + * psa_drv_hash__update * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * @@ -827,9 +827,9 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context); * to the hash operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, - const uint8_t *p_input, - size_t input_length); +typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context, + const uint8_t *p_input, + size_t input_length); /** \brief The prototype for the finish operation of a hash (message digest) * operation @@ -837,7 +837,7 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_hash__finish + * psa_drv_hash__finish * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * @@ -854,10 +854,10 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context, * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief The function prototype for the abort operation of a hash (message * digest) operation @@ -865,14 +865,14 @@ typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context, * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_hash__abort + * psa_drv_hash__abort * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm * * \param[in,out] p_context A hardware-specific structure for the previously * started hash operation to be aborted */ -typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context); +typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context); /**@}*/ @@ -900,13 +900,13 @@ typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context); * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length); +typedef psa_status_t (*psa_drv_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); /** * \brief A function that verifies the signature a hash or short message using @@ -924,12 +924,12 @@ typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length); +typedef psa_status_t (*psa_drv_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); /** * \brief A function that encrypts a short message with an asymmetric public @@ -960,15 +960,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief Decrypt a short message with an asymmetric private key. @@ -997,15 +997,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief A struct containing all of the function pointers needed to implement @@ -1016,15 +1016,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, * * If one of the functions is not implemented, it should be set to NULL. */ -struct pcd_asymmetric_opaque_t { +struct psa_drv_asymmetric_opaque_t { /** Function that performs the asymmetric sign operation */ - pcd_asymmetric_opaque_sign_t *p_sign; + psa_drv_asymmetric_opaque_sign_t *p_sign; /** Function that performs the asymmetric verify operation */ - pcd_asymmetric_opaque_verify_t *p_verify; + psa_drv_asymmetric_opaque_verify_t *p_verify; /** Function that performs the asymmetric encrypt operation */ - pcd_asymmetric_opaque_encrypt_t *p_encrypt; + psa_drv_asymmetric_opaque_encrypt_t *p_encrypt; /** Function that performs the asymmetric decrypt operation */ - pcd_asymmetric_opaque_decrypt_t *p_decrypt; + psa_drv_asymmetric_opaque_decrypt_t *p_decrypt; }; /**@}*/ @@ -1045,7 +1045,7 @@ struct pcd_asymmetric_opaque_t { * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_asymmetric__sign + * psa_drv_asymmetric__sign * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * @@ -1063,14 +1063,14 @@ struct pcd_asymmetric_opaque_t { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length); +typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); /** * \brief A function that verifies the signature a hash or short message using @@ -1079,7 +1079,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_asymmetric__verify + * psa_drv_asymmetric__verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * @@ -1096,13 +1096,13 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key, * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length); +typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); /** * \brief A function that encrypts a short message with a transparent @@ -1111,7 +1111,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_asymmetric__encrypt + * psa_drv_asymmetric__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm * @@ -1140,16 +1140,16 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief Decrypt a short message with a transparent asymmetric private key @@ -1157,7 +1157,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_asymmetric__decrypt + * psa_drv_asymmetric__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm * @@ -1186,16 +1186,16 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /**@}*/ @@ -1237,17 +1237,17 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - const uint8_t *p_nonce, - size_t nonce_length, - const uint8_t *p_additional_data, - size_t additional_data_length, - const uint8_t *p_plaintext, - size_t plaintext_length, - uint8_t *p_ciphertext, - size_t ciphertext_size, - size_t *p_ciphertext_length); +typedef psa_status_t (*psa_drv_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_plaintext, + size_t plaintext_length, + uint8_t *p_ciphertext, + size_t ciphertext_size, + size_t *p_ciphertext_length); /** Process an authenticated decryption operation using an opaque key * @@ -1277,17 +1277,17 @@ typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - const uint8_t *p_nonce, - size_t nonce_length, - const uint8_t *p_additional_data, - size_t additional_data_length, - const uint8_t *p_ciphertext, - size_t ciphertext_length, - uint8_t *p_plaintext, - size_t plaintext_size, - size_t *p_plaintext_length); +typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_ciphertext, + size_t ciphertext_length, + uint8_t *p_plaintext, + size_t plaintext_size, + size_t *p_plaintext_length); /** * \brief A struct containing all of the function pointers needed to implement @@ -1298,11 +1298,11 @@ typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, * * If one of the functions is not implemented, it should be set to NULL. */ -struct pcd_aead_opaque_t { +struct psa_drv_aead_opaque_t { /** Function that performs the AEAD encrypt operation */ - pcd_aead_opaque_encrypt_t *p_encrypt; + psa_drv_aead_opaque_encrypt_t *p_encrypt; /** Function that performs the AEAD decrypt operation */ - pcd_aead_opaque_decrypt_t *p_decrypt; + psa_drv_aead_opaque_decrypt_t *p_decrypt; }; /**@}*/ @@ -1322,7 +1322,7 @@ struct pcd_aead_opaque_t { * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_aead__encrypt + * psa_drv_aead__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the AEAD algorithm * @@ -1357,25 +1357,25 @@ struct pcd_aead_opaque_t { * \retval #PSA_SUCCESS */ -typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length); +typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); /** Process an authenticated decryption operation using an opaque key. * * Functions that implement the prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * pcd_aead__decrypt + * psa_drv_aead__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the AEAD algorithm * \param[in] p_key A pointer to the key material @@ -1408,18 +1408,18 @@ typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length); +typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); /**@}*/ @@ -1430,7 +1430,7 @@ typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key, /** \brief A hardware-specific structure for a entropy providing hardware */ -typedef struct pcd_entropy_context_s pcd_entropy_context_t; +typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t; /** \brief Initialize an entropy driver * @@ -1441,7 +1441,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t; * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); +typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context); /** \brief Get a specified number of bits from the entropy source * @@ -1469,10 +1469,10 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context); * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context, - uint8_t *p_buffer, - uint32_t buffer_size, - uint32_t *p_received_entropy_bits); +typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context, + uint8_t *p_buffer, + uint32_t buffer_size, + uint32_t *p_received_entropy_bits); /** * \brief A struct containing all of the function pointers needed to interface @@ -1483,12 +1483,12 @@ typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context, * * If one of the functions is not implemented, it should be set to NULL. */ -struct pcd_entropy_t { +struct psa_drv_entropy_t { /** Function that performs initialization for the entropy source */ - pcd_entropy_init_t *p_init; + psa_drv_entropy_init_t *p_init; /** Function that performs the get_bits operation for the entropy source */ - pcd_entropy_get_bits_t *p_get_bits; + psa_drv_entropy_get_bits_t *p_get_bits; }; /**@}*/ @@ -1517,12 +1517,12 @@ struct pcd_entropy_t { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot, - psa_key_type_t type, - psa_algorithm_t algorithm, - psa_key_usage_t usage, - const uint8_t *p_data, - size_t data_length); +typedef psa_status_t (*psa_drv_opaque_import_key_t)(psa_key_slot_t key_slot, + psa_key_type_t type, + psa_algorithm_t algorithm, + psa_key_usage_t usage, + const uint8_t *p_data, + size_t data_length); /** * \brief Destroy a key and restore the slot to its default state @@ -1540,7 +1540,7 @@ typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. */ -typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key); +typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key); /** * \brief Export a key in binary format @@ -1582,10 +1582,10 @@ typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length); +typedef psa_status_t (*psa_drv_export_key_t)(psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length); /** * \brief Export a public key or the public part of a key pair in binary format @@ -1608,10 +1608,10 @@ typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key, * * \retval #PSA_SUCCESS */ -typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length); +typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length); /** * \brief A struct containing all of the function pointers needed to for key @@ -1622,15 +1622,15 @@ typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key, * * If one of the functions is not implemented, it should be set to NULL. */ -struct pcd_key_management_t { +struct psa_drv_key_management_t { /** Function that performs the key import operation */ - pcd_opaque_import_key_t *p_import; + psa_drv_opaque_import_key_t *p_import; /** Function that performs the key destroy operation */ - pcd_destroy_key_t *p_destroy; + psa_drv_destroy_key_t *p_destroy; /** Function that performs the key export operation */ - pcd_export_key_t *p_export; + psa_drv_export_key_t *p_export; /** Function that perforsm the public key export operation */ - pcd_export_public_key_t *p_export_public; + psa_drv_export_public_key_t *p_export_public; }; /**@}*/ @@ -1646,40 +1646,40 @@ struct pcd_key_management_t { * for both of the flows. * * There are two different final functions for the flows, - * `pcd_key_derivation_derive` and `pcd_key_derivation_export`. - * `pcd_key_derivation_derive` is used when the key material should be placed + * `psa_drv_key_derivation_derive` and `psa_drv_key_derivation_export`. + * `psa_drv_key_derivation_derive` is used when the key material should be placed * in a slot on the hardware and not exposed to the caller. - * `pcd_key_derivation_export` is used when the key material should be returned + * `psa_drv_key_derivation_export` is used when the key material should be returned * to the PSA Cryptographic API implementation. * * Different key derivation algorithms require a different number of inputs. * Instead of having an API that takes as input variable length arrays, which * can be problemmatic to manage on embedded platforms, the inputs are passed - * to the driver via a function, `pcd_key_derivation_collateral`, that is + * to the driver via a function, `psa_drv_key_derivation_collateral`, that is * called multiple times with different `collateral_id`s. Thus, for a key * derivation algorithm that required 3 paramter inputs, the flow would look * something like: * ~~~~~~~~~~~~~{.c} - * pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); - * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, - * p_collateral_0, - * collateral_0_size); - * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, - * p_collateral_1, - * collateral_1_size); - * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, - * p_collateral_2, - * collateral_2_size); - * pcd_key_derivation_derive(); + * psa_drv_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); + * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_0, + * p_collateral_0, + * collateral_0_size); + * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_1, + * p_collateral_1, + * collateral_1_size); + * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_2, + * p_collateral_2, + * collateral_2_size); + * psa_drv_key_derivation_derive(); * ~~~~~~~~~~~~~ * * key agreement example: * ~~~~~~~~~~~~~{.c} - * pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes); - * pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); - * pcd_key_derivation_export(p_session_key, - * session_key_size, - * &session_key_length); + * psa_drv_key_derivation_setup(alg, source_key. dest_key_size_bytes); + * psa_drv_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); + * psa_drv_key_derivation_export(p_session_key, + * session_key_size, + * &session_key_length); * ~~~~~~~~~~~~~ */ /**@{*/ @@ -1689,7 +1689,7 @@ struct pcd_key_management_t { * The contents of this structure are implementation dependent and are * therefore not described here */ -typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t; +typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t; /** \brief Set up a key derivation operation by specifying the algorithm and * the source key sot @@ -1702,9 +1702,9 @@ typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t; * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context, - psa_algorithm_t kdf_alg, - psa_key_slot_t source_key); +typedef psa_status_t (*psa_drv_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context, + psa_algorithm_t kdf_alg, + psa_key_slot_t source_key); /** \brief Provide collateral (parameters) needed for a key derivation or key * agreement operation @@ -1721,10 +1721,10 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context, - uint32_t collateral_id, - const uint8_t *p_collateral, - size_t collateral_size); +typedef psa_status_t (*psa_drv_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context, + uint32_t collateral_id, + const uint8_t *p_collateral, + size_t collateral_size); /** \brief Perform the final key derivation step and place the generated key * material in a slot @@ -1735,8 +1735,8 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_conte * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context, - psa_key_slot_t dest_key); +typedef psa_status_t (*psa_drv_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context, + psa_key_slot_t dest_key); /** \brief Perform the final step of a key agreement and place the generated * key material in a buffer @@ -1749,9 +1749,9 @@ typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t * * \retval PSA_SUCCESS */ -typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief A struct containing all of the function pointers needed to for key @@ -1762,16 +1762,16 @@ typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output, * * If one of the functions is not implemented, it should be set to NULL. */ -struct pcd_key_derivation_t { +struct psa_drv_key_derivation_t { /** Function that performs the key derivation setup */ - pcd_key_derivation_setup_t *p_setup; + psa_drv_key_derivation_setup_t *p_setup; /** Function that sets the key derivation collateral */ - pcd_key_derivation_collateral_t *p_collateral; + psa_drv_key_derivation_collateral_t *p_collateral; /** Function that performs the final key derivation step */ - pcd_key_derivation_derive_t *p_derive; + psa_drv_key_derivation_derive_t *p_derive; /** Function that perforsm the final key derivation or agreement and * exports the key */ - pcd_key_derivation_export_t *p_export; + psa_drv_key_derivation_export_t *p_export; }; /**@}*/ From 7632f628d7b336c51a6fd396fc088630f1babea0 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 11:26:45 +0100 Subject: [PATCH 0561/2197] psa: driver: Prefix "encrypt or decrypt" type The driver model's "encrypt or decrypt" type, encrypt_or_decrypt_t, is publicly exposed and needs to have a `psa_` prefix in order to properly communicate that it is part of the PSA driver model. --- include/psa/crypto_driver.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 9acd33066..25cbf3ed4 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -37,7 +37,7 @@ */ typedef uint32_t psa_status_t; typedef uint32_t psa_algorithm_t; -typedef uint8_t encrypt_or_decrypt_t; +typedef uint8_t psa_encrypt_or_decrypt_t; typedef uint32_t psa_key_slot_t; typedef uint32_t psa_key_type_t; typedef uint32_t psa_key_usage_t; @@ -477,7 +477,7 @@ typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context, psa_key_slot_t key_slot, psa_algorithm_t algorithm, - encrypt_or_decrypt_t direction); + psa_encrypt_or_decrypt_t direction); /** \brief A function pointer that sets the initialization vector (if * necessary) for an opaque cipher operation @@ -574,7 +574,7 @@ typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context); */ typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, psa_algorithm_t algorithm, - encrypt_or_decrypt_t direction, + psa_encrypt_or_decrypt_t direction, const uint8_t *p_input, size_t input_size, uint8_t *p_output, @@ -664,7 +664,7 @@ typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_c * \retval PSA_SUCCESS */ typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context, - encrypt_or_decrypt_t direction, + psa_encrypt_or_decrypt_t direction, const uint8_t *p_key_data, size_t key_data_size); From 4155850dd9283acfde4124c669042ed54c019631 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 11:44:33 +0100 Subject: [PATCH 0562/2197] psa: driver: Use header guard style consistently The file crypto_driver.h was not using the header guard style as other PSA Crypto header files. Remove the `__` prefix and suffix. Use C-style comments for the end-of-guard comment. --- include/psa/crypto_driver.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 25cbf3ed4..006453151 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -25,8 +25,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#ifndef __PSA_CRYPTO_DRIVER_H__ -#define __PSA_CRYPTO_DRIVER_H__ +#ifndef PSA_CRYPTO_DRIVER_H +#define PSA_CRYPTO_DRIVER_H #include #include @@ -1776,4 +1776,4 @@ struct psa_drv_key_derivation_t { /**@}*/ -#endif // __PSA_CRYPTO_DRIVER_H__ +#endif /* PSA_CRYPTO_DRIVER_H */ From 20b8a4f2ffb9d794b517ad69a971515e68307c08 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 11:57:26 +0100 Subject: [PATCH 0563/2197] psa: driver: Convert struct types to typedefs Convert PSA Crypto driver model structs to typedefs so that the `struct` name doesn't need to be used and for consistent style with other PSA structures. --- include/psa/crypto_driver.h | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index 006453151..f6fe04835 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -207,7 +207,7 @@ typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input, * `p_update` and at least one of `p_finish` or `p_finish_verify`). * */ -struct psa_drv_mac_opaque_t { +typedef struct { /**The size in bytes of the hardware-specific Opaque-MAC Context structure */ size_t context_size; @@ -232,7 +232,7 @@ struct psa_drv_mac_opaque_t { /** Function that performs the MAC and verify operation in one call */ psa_drv_mac_opaque_verify_t *p_mac_verify; -}; +} psa_drv_mac_opaque_t; /**@}*/ /** \defgroup transparent_mac Transparent Message Authentication Code @@ -590,7 +590,7 @@ typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, * If one of the functions is not implemented (such as * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL. */ -struct psa_drv_cipher_opaque_t { +typedef struct { /** The size in bytes of the hardware-specific Opaque Cipher context * structure */ @@ -610,7 +610,7 @@ struct psa_drv_cipher_opaque_t { * Crypto Client API) */ psa_drv_cipher_opaque_ecb_t *p_ecb; -}; +} psa_drv_cipher_opaque_t; /**@}*/ @@ -1016,7 +1016,7 @@ typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_s * * If one of the functions is not implemented, it should be set to NULL. */ -struct psa_drv_asymmetric_opaque_t { +typedef struct { /** Function that performs the asymmetric sign operation */ psa_drv_asymmetric_opaque_sign_t *p_sign; /** Function that performs the asymmetric verify operation */ @@ -1025,7 +1025,7 @@ struct psa_drv_asymmetric_opaque_t { psa_drv_asymmetric_opaque_encrypt_t *p_encrypt; /** Function that performs the asymmetric decrypt operation */ psa_drv_asymmetric_opaque_decrypt_t *p_decrypt; -}; +} psa_drv_asymmetric_opaque_t; /**@}*/ @@ -1298,12 +1298,12 @@ typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, * * If one of the functions is not implemented, it should be set to NULL. */ -struct psa_drv_aead_opaque_t { +typedef struct { /** Function that performs the AEAD encrypt operation */ psa_drv_aead_opaque_encrypt_t *p_encrypt; /** Function that performs the AEAD decrypt operation */ psa_drv_aead_opaque_decrypt_t *p_decrypt; -}; +} psa_drv_aead_opaque_t; /**@}*/ /** \defgroup aead_transparent AEAD Transparent @@ -1483,13 +1483,13 @@ typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_ * * If one of the functions is not implemented, it should be set to NULL. */ -struct psa_drv_entropy_t { +typedef struct { /** Function that performs initialization for the entropy source */ psa_drv_entropy_init_t *p_init; /** Function that performs the get_bits operation for the entropy source */ psa_drv_entropy_get_bits_t *p_get_bits; -}; +} psa_drv_entropy_t; /**@}*/ /** \defgroup driver_key_management Key Management @@ -1622,7 +1622,7 @@ typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key, * * If one of the functions is not implemented, it should be set to NULL. */ -struct psa_drv_key_management_t { +typedef struct { /** Function that performs the key import operation */ psa_drv_opaque_import_key_t *p_import; /** Function that performs the key destroy operation */ @@ -1631,7 +1631,7 @@ struct psa_drv_key_management_t { psa_drv_export_key_t *p_export; /** Function that perforsm the public key export operation */ psa_drv_export_public_key_t *p_export_public; -}; +} psa_drv_key_management_t; /**@}*/ @@ -1762,7 +1762,7 @@ typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output, * * If one of the functions is not implemented, it should be set to NULL. */ -struct psa_drv_key_derivation_t { +typedef struct { /** Function that performs the key derivation setup */ psa_drv_key_derivation_setup_t *p_setup; /** Function that sets the key derivation collateral */ @@ -1772,7 +1772,7 @@ struct psa_drv_key_derivation_t { /** Function that perforsm the final key derivation or agreement and * exports the key */ psa_drv_key_derivation_export_t *p_export; -}; +} psa_drv_key_derivation_t; /**@}*/ From 9411db74c4917490ff02eebf298b70cbcba6d918 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 11:59:58 +0100 Subject: [PATCH 0564/2197] psa: driver: Wrap types and symbols for C/C++ use Add extern "C" wrappers around type and function declarations to enable C++ interoperability of the driver header. This is done so that the driver functions and types can be used or implmented by C++ code. --- include/psa/crypto_driver.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index f6fe04835..b2e3a1d5f 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -31,6 +31,10 @@ #include #include +#ifdef __cplusplus +extern "C" { +#endif + /** The following types are redefinitions from the psa/crypto.h file. * It is intended that these will be moved to a new common header file to * avoid duplication. They are included here for expediency in publication. @@ -1776,4 +1780,8 @@ typedef struct { /**@}*/ +#ifdef __cplusplus +} +#endif + #endif /* PSA_CRYPTO_DRIVER_H */ From f015feced9973c96fa7616970e7136662783400f Mon Sep 17 00:00:00 2001 From: "Derek D. Miller" Date: Fri, 26 Oct 2018 10:56:11 -0500 Subject: [PATCH 0565/2197] Some changes from 'pcd_' to 'psa_drv_' were missed In the comments, some of the changes from `pcd_` to `psa_drv_` omitted the `_drv_` part. Changed them to be consistent --- include/psa/crypto_driver.h | 38 ++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index b2e3a1d5f..a52ecc427 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -52,16 +52,16 @@ typedef uint32_t psa_key_usage_t; /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using * opaque keys can be done either as a single function call (via the - * `psa_drv_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in + * `psa_drv_mac_opaque_generate_t` or `psa_drv_mac_opaque_verify_t` functions), or in * parts using the following sequence: - * - `psa_mac_opaque_setup_t` - * - `psa_mac_opaque_update_t` - * - `psa_mac_opaque_update_t` + * - `psa_drv_mac_opaque_setup_t` + * - `psa_drv_mac_opaque_update_t` + * - `psa_drv_mac_opaque_update_t` * - ... - * - `psa_mac_opaque_finish_t` or `psa_mac_opaque_finish_verify_t` + * - `psa_drv_mac_opaque_finish_t` or `psa_drv_mac_opaque_finish_verify_t` * * If a previously started Opaque MAC operation needs to be terminated, it - * should be done so by the `psa_mac_opaque_abort_t`. Failure to do so may + * should be done so by the `psa_drv_mac_opaque_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. */ @@ -242,16 +242,16 @@ typedef struct { /** \defgroup transparent_mac Transparent Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using * transparent keys can be done either as a single function call (via the - * `psa_drv_mac_transparent_generate_t` or `psa_mac_transparent_verify_t` + * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t` * functions), or in parts using the following sequence: - * - `psa_mac_transparent_setup_t` - * - `psa_mac_transparent_update_t` - * - `psa_mac_transparent_update_t` + * - `psa_drv_mac_transparent_setup_t` + * - `psa_drv_mac_transparent_update_t` + * - `psa_drv_mac_transparent_update_t` * - ... - * - `psa_mac_transparent_finish_t` or `psa_mac_transparent_finish_verify_t` + * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t` * * If a previously started Transparent MAC operation needs to be terminated, it - * should be done so by the `psa_mac_transparent_abort_t`. Failure to do so may + * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. * @@ -452,7 +452,7 @@ typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, * - `psa_drv_cipher_opaque_finish_t` * If a previously started Opaque Cipher operation needs to be terminated, it - * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may + * should be done so by the `psa_drv_cipher_opaque_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. * @@ -628,7 +628,7 @@ typedef struct { * - `psa_drv_cipher_transparent_finish_t` * If a previously started Transparent Cipher operation needs to be terminated, - * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do + * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do * so may result in allocated resources not being freed or in other undefined * behavior. */ @@ -778,14 +778,14 @@ typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transp * * Generation and authentication of Message Digests (aka hashes) must be done * in parts using the following sequence: - * - `psa_hash_setup_t` - * - `psa_hash_update_t` + * - `psa_drv_hash_setup_t` + * - `psa_drv_hash_update_t` * - ... - * - `psa_hash_finish_t` + * - `psa_drv_hash_finish_t` * * If a previously started Message Digest operation needs to be terminated - * before the `psa_hash_finish_t` operation is complete, it should be aborted - * by the `psa_hash_abort_t`. Failure to do so may result in allocated + * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted + * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated * resources not being freed or in other undefined behavior. */ /**@{*/ From 49c25919169b4780059ed8f974a16dba72e7c6eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 15:15:31 +0100 Subject: [PATCH 0566/2197] Improve export_public_key test function In the test function for export_public_key, don't just check the length of the result. Compare the actual result to the expected result. Take an extra argument that allows using an export buffer that's larger or smaller than needed. Zero is the size given by PSA_KEY_EXPORT_MAX_SIZE. Don't check the output of psa_get_key_information. That's useful in import_export because it tests both import and export, but not in import_export_public_key whose goal is only to test public key export. This commit adjusts the existing test data but does not add new test cases. --- tests/suites/test_suite_psa_crypto.data | 6 ++-- tests/suites/test_suite_psa_crypto.function | 40 ++++++--------------- 2 files changed, 13 insertions(+), 33 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 871a511b2..f8bf77427 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -109,15 +109,15 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1 PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:128:0:PSA_ERROR_INVALID_ARGUMENT +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"" PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 63d837fdc..99e95562b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1039,9 +1039,9 @@ exit: void import_export_public_key( data_t *data, int type_arg, int alg_arg, - int expected_bits, - int public_key_expected_length, - int expected_export_status_arg ) + int export_size_delta, + int expected_export_status_arg, + data_t *expected_public_key ) { int slot = 1; psa_key_type_t type = type_arg; @@ -1049,17 +1049,10 @@ void import_export_public_key( data_t *data, psa_status_t expected_export_status = expected_export_status_arg; psa_status_t status; unsigned char *exported = NULL; - size_t export_size; + size_t export_size = expected_public_key->len + export_size_delta; size_t exported_length = INVALID_EXPORT_LENGTH; - psa_key_type_t got_type; - size_t got_bits; psa_key_policy_t policy; - TEST_ASSERT( data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); - export_size = (ptrdiff_t) data->len; - ASSERT_ALLOC( exported, export_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -1070,32 +1063,19 @@ void import_export_public_key( data_t *data, TEST_ASSERT( psa_import_key( slot, type, data->x, data->len ) == PSA_SUCCESS ); - /* Test the key information */ - TEST_ASSERT( psa_get_key_information( slot, - &got_type, - &got_bits ) == PSA_SUCCESS ); - TEST_ASSERT( got_type == type ); - TEST_ASSERT( got_bits == (size_t) expected_bits ); - - /* Export the key */ + /* Export the public key */ + ASSERT_ALLOC( exported, export_size ); status = psa_export_public_key( slot, exported, export_size, &exported_length ); TEST_ASSERT( status == expected_export_status ); - TEST_ASSERT( exported_length == (size_t) public_key_expected_length ); - TEST_ASSERT( mem_is_char( exported + exported_length, 0, - export_size - exported_length ) ); - if( status != PSA_SUCCESS ) - goto destroy; - -destroy: - /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + if( status == PSA_SUCCESS ) + ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, + exported, exported_length ); exit: mbedtls_free( exported ); + psa_destroy_key( slot ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From d8b7d4f87e3d157351718ffe2917720cccac4e65 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 15:18:41 +0100 Subject: [PATCH 0567/2197] In export tests, also test PSA_KEY_EXPORT_MAX_SIZE When testing psa_export_key or psa_export_public_key, test that the expected result fits in the size given by PSA_KEY_EXPORT_MAX_SIZE. --- tests/suites/test_suite_psa_crypto.function | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 99e95562b..139a62f64 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1021,6 +1021,7 @@ void import_export( data_t *data, ASSERT_COMPARE( exported, exported_length, reexported, reexported_length ); } + TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) ); destroy: /* Destroy the key */ @@ -1070,8 +1071,16 @@ void import_export_public_key( data_t *data, &exported_length ); TEST_ASSERT( status == expected_export_status ); if( status == PSA_SUCCESS ) + { + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); + size_t bits; + TEST_ASSERT( psa_get_key_information( slot, NULL, &bits ) == + PSA_SUCCESS ); + TEST_ASSERT( expected_public_key->len <= + PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) ); ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, exported, exported_length ); + } exit: mbedtls_free( exported ); From 1010628a9978a4634a723c4cbcac5d757e6812dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 15:55:17 +0100 Subject: [PATCH 0568/2197] Add some key pair and public key export tests Add buffer-too-small tests for export_public_key. Add some good cases of export and export-public with EC keys. --- tests/suites/test_suite_psa_crypto.data | 60 ++++++++++++++++++++++++- 1 file changed, 58 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f8bf77427..2660f3018 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -115,18 +115,74 @@ PSA import/export-public RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA import/export-public: cannot export-public a symmetric key +PSA import/export-public RSA public key: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"" +import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA import/export-public RSA keypair: buffer too small +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +PSA import/export EC secp224r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED +import_export:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 + +PSA import/export-public EC secp224r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED +import_export_public_key:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +PSA import/export-public EC secp256r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import_export_public_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + PSA import/export EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +PSA import/export-public EC secp384r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +import_export_public_key:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +PSA import/export EC secp521r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +import_export:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 + +PSA import/export-public EC secp521r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +import_export_public_key:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +PSA import/export EC brainpool256r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +import_export:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 + +PSA import/export-public EC brainpool256r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +import_export_public_key:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +PSA import/export EC brainpool384r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED +import_export:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 + +PSA import/export-public EC brainpool384r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED +import_export_public_key:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +PSA import/export EC brainpool512r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +import_export:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 + +PSA import/export-public EC brainpool512r1: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +import_export_public_key:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +PSA import/export-public: cannot export-public a symmetric key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"" + PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1 From e783d34543e7a95b0f26dd6fc3f7897426ca233f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 19:16:53 +0100 Subject: [PATCH 0569/2197] Private EC key format: change test data to raw private keys In preparation for the import/export format change for private elliptic curve keys from RFC 5915 to the raw secret value, transform the test data to the new format. Tests will not pass until the implementation has been changed to the new format and some test cases and test functions have been adjusted. I used the script below to look for lines containing a PSA_KEY_TYPE_ECC_KEYPAIR and change the first hex string in the line with an ASN.1 header that looks like the beginning of an RFC 5915 ECPrivateKey. This always happens to be a private key input. perl -a -F: -i -pe 'sub pad { local ($_) = @_; s/^00// if length == $digits + 2; die if length > $digits; sprintf("\"%0${digits}s\"", $_) } if ($F[0] !~ /\W/ && /:PSA_KEY_TYPE_ECC_KEYPAIR\( *PSA_ECC_CURVE_[A-Z_]+([0-9]+)/) {$digits = int(($1+7)/8)*2; s/"30(?:[0-7].|81..|82....)02010104(..)([0-9a-f]+)"/pad(substr($2, 0, hex($1)*2))/ie}' tests/suites/test_suite_psa_crypto.data --- tests/suites/test_suite_psa_crypto.data | 48 ++++++++++++------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2660f3018..973597535 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -125,59 +125,59 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5 PSA import/export EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export_public_key:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export_public_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export_public_key:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export_public_key:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export_public_key:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export_public_key:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export_public_key:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -211,11 +211,11 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT +import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT +import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -979,11 +979,11 @@ import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818 PSA import/exercise: ECP SECP256R1 keypair, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C -import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -995,7 +995,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA sign: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1011,11 +1011,11 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5 PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1039,11 +1039,11 @@ sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdb PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1079,7 +1079,7 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"30593013 PSA verify with keypair: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C From 5b802a366a0fc114092894a89b8945e3f353be12 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 19:21:41 +0100 Subject: [PATCH 0570/2197] Private EC key format: remove ASN.1-based sanity checks In preparation for the import/export format change for private elliptic curve keys from RFC 5915 to the raw secret value, remove ASN.1-based sanity checks. For the raw secret value, most byte strings of the correct length are valid (the details depend on the curve), so as a sanity check, just check the length. --- tests/suites/test_suite_psa_crypto.function | 39 ++------------------- 1 file changed, 3 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 139a62f64..73f03b5c3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -564,42 +564,9 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) { - uint8_t *p = exported; - uint8_t *end = exported + exported_length; - size_t len; - int version; - /* ECPrivateKey ::= SEQUENCE { - * version INTEGER, -- must be 1 - * privateKey OCTET STRING, - * -- `ceiling(log_{256}(n))`-byte string, big endian, - * -- where n is the order of the curve. - * parameters ECParameters {{ NamedCurve }}, -- mandatory - * publicKey BIT STRING -- mandatory - * } - */ - TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); - TEST_ASSERT( p + len == end ); - TEST_ASSERT( mbedtls_asn1_get_int( &p, end, &version ) == 0 ); - TEST_ASSERT( version == 1 ); - TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_OCTET_STRING ) == 0 ); - /* Bug in Mbed TLS: the length of the octet string depends on the value */ - // TEST_ASSERT( len == PSA_BITS_TO_BYTES( bits ) ); - p += len; - TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 0, - MBEDTLS_ASN1_OID ) == 0 ); - p += len; - /* publicKey: ECPoint in uncompressed representation (as below) */ - TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 1, - MBEDTLS_ASN1_BIT_STRING ) == 0 ); - TEST_ASSERT( p + len == end ); - TEST_ASSERT( p[0] == 0 ); /* 0 unused bits in the bit string */ - ++p; - TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end ); - TEST_ASSERT( p[0] == 4 ); - } + /* Just the secret value */ + TEST_ASSERT( exported_length == PSA_BITS_TO_BYTES( bits ) ); + } else #endif /* MBEDTLS_ECP_C */ From 991aee67cfc9971e950af75f53ac9fdae206f3f0 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Wed, 31 Oct 2018 10:36:48 +0200 Subject: [PATCH 0571/2197] improve test description --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b8a770932..4db358e84 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -742,7 +742,7 @@ PSA sign: deterministic ECDSA SECP256R1, invalid hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT -PSA sign: invalid key slot type +PSA sign: invalid key type, signing with a public key sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid algorithm for ECC key From 4eda37bb9e831a8c28fa1706e08908f84e367ce7 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Wed, 31 Oct 2018 12:15:58 +0200 Subject: [PATCH 0572/2197] streamline test function API by removing parameter streamline the API for the test test_derive_invalid_generator_state by removing the key type paramter (it is assumed to always be PSA_KEY_TYPE_DERIVE) --- tests/suites/test_suite_psa_crypto.data | 2 +- tests/suites/test_suite_psa_crypto.function | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 39ac88839..66bb175a2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1211,7 +1211,7 @@ derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b": PSA key derivation: invalid generator state ( double generate + read past capacity ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -test_derive_invalid_generator_state:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" +test_derive_invalid_generator_state:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" PSA key derivation: invalid generator state ( call read/get_capacity after init and abort ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 65bec58c3..34455fffa 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3086,10 +3086,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_generator_state( int key_type_arg, data_t *key_data) +void test_derive_invalid_generator_state( data_t *key_data ) { psa_key_slot_t base_key = 1; - size_t key_type = key_type_arg; + size_t key_type = PSA_KEY_TYPE_DERIVE; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); size_t capacity = 42; From 5078930459f6be94b9984a2518b9b26340fefe55 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Wed, 31 Oct 2018 12:16:38 +0200 Subject: [PATCH 0573/2197] fix whitespace issues --- tests/suites/test_suite_psa_crypto.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 34455fffa..f7a48093b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3141,18 +3141,18 @@ void test_derive_invalid_generator_tests( ) size_t capacity = 0; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size) + TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_generator_abort(&generator) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size) + TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); - TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity) + TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) == PSA_ERROR_BAD_STATE ); exit: From f76aa7789bc7468a8594cf5fb9e822501d54e4f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 19:24:33 +0100 Subject: [PATCH 0574/2197] Private EC key format: change to raw secret value (doc, import) Change the import/export format of private elliptic curve keys from RFC 5915 to the raw secret value. This commit updates the format specification and the import code, but not the export code. --- include/psa/crypto.h | 22 +++--------- library/psa_crypto.c | 81 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 99c4b523d..b54585a7e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1343,23 +1343,11 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * } * ``` * - For elliptic curve key pairs (key types for which - * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is the - * non-encrypted DER encoding of the representation defined by RFC 5915 as - * `ECPrivateKey`, version 1. The `ECParameters` field must be a - * `namedCurve` OID as specified in RFC 5480 §2.1.1.1. The public key - * must be present and must be an `ECPoint` in the same format - * (uncompressed variant) an ECC public key of the - * corresponding type exported with psa_export_public_key(). - * ``` - * ECPrivateKey ::= SEQUENCE { - * version INTEGER, -- must be 1 - * privateKey OCTET STRING, - * -- `ceiling(log2(n)/8)`-byte string, big endian, - * -- where n is the order of the curve. - * parameters [0] IMPLICIT ECParameters {{ namedCurve }}, -- mandatory - * publicKey [1] IMPLICIT BIT STRING -- mandatory - * } - * ``` + * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is + * a big-endian representation of the private point as a + * `ceiling(log2(n)/8)`-byte string where `n` is the order of the curve. + * This is the content of the `privateKey` field of the `ECPrivateKey` + * format defined by RFC 5915. * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is * true), the format is the same as for psa_export_public_key(). * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6b01c13f0..f77df3051 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -262,6 +262,23 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_MD_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_MPI_FILE_IO_ERROR: + return( PSA_ERROR_STORAGE_FAILURE ); + case MBEDTLS_ERR_MPI_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_MPI_INVALID_CHARACTER: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL: + return( PSA_ERROR_BUFFER_TOO_SMALL ); + case MBEDTLS_ERR_MPI_NEGATIVE_VALUE: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: + return( PSA_ERROR_INVALID_ARGUMENT ); + case MBEDTLS_ERR_MPI_ALLOC_FAILED: + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + case MBEDTLS_ERR_PK_ALLOC_FAILED: return( PSA_ERROR_INSUFFICIENT_MEMORY ); case MBEDTLS_ERR_PK_TYPE_MISMATCH: @@ -572,6 +589,7 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ #if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) +/* Import an elliptic curve parsed by the mbedtls pk module. */ static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve, mbedtls_pk_context *pk, mbedtls_ecp_keypair **p_ecp ) @@ -590,6 +608,58 @@ static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve, } #endif /* defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) */ +#if defined(MBEDTLS_ECP_C) +/* Import a private key given as a byte string which is the private value + * in big-endian order. */ +static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, + const uint8_t *data, + size_t data_length, + mbedtls_ecp_keypair **p_ecp ) +{ + psa_status_t status = PSA_ERROR_TAMPERING_DETECTED; + mbedtls_ecp_keypair *ecp = NULL; + mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + + *p_ecp = NULL; + ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); + if( ecp == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + /* Load the group. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); + if( status != PSA_SUCCESS ) + goto exit; + /* Load the secret value. */ + status = mbedtls_to_psa_error( + mbedtls_mpi_read_binary( &ecp->d, data, data_length ) ); + if( status != PSA_SUCCESS ) + goto exit; + /* Validate the private key. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) ); + if( status != PSA_SUCCESS ) + goto exit; + /* Calculate the public key from the private key. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, + mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) ); + if( status != PSA_SUCCESS ) + goto exit; + + *p_ecp = ecp; + return( PSA_SUCCESS ); + +exit: + if( ecp != NULL ) + { + mbedtls_ecp_keypair_free( ecp ); + mbedtls_free( ecp ); + } + return( status ); +} +#endif /* defined(MBEDTLS_ECP_C) */ + psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, @@ -615,6 +685,17 @@ psa_status_t psa_import_key( psa_key_slot_t key, memcpy( slot->data.raw.data, data, data_length ); } else +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) + { + status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( type ), + data, data_length, + &slot->data.ecp ); + if( status != PSA_SUCCESS ) + return( status ); + } + else +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PK_PARSE_C) if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) { From 188c71e38253c2741494b57352e5a15158838ed9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 19:26:02 +0100 Subject: [PATCH 0575/2197] Private EC key format: change to raw secret value (export) Change the import/export format of private elliptic curve keys from RFC 5915 to the raw secret value. This commit updates the export code. --- library/psa_crypto.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f77df3051..eac1eb4d5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -869,6 +869,21 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, *data_length = slot->data.raw.bytes; return( PSA_SUCCESS ); } +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) && !export_public_key ) + { + size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( slot ) ); + if( bytes > data_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + status = mbedtls_to_psa_error( + mbedtls_mpi_write_binary( &slot->data.ecp->d, data, bytes ) ); + if( status != PSA_SUCCESS ) + return( status ); + memset( data + bytes, 0, data_size - bytes ); + *data_length = bytes; + return( PSA_SUCCESS ); + } +#endif else { #if defined(MBEDTLS_PK_WRITE_C) From 52b9018cf7d8a905fbad9752560a224fc75f6784 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Oct 2018 19:26:27 +0100 Subject: [PATCH 0576/2197] psa_export_key: for raw-byte keys, zero the end of the output buffer Skip all writing to the target buffer if its size is 0, since in this case the pointer might be invalid and this would cause the calls to memcpy and memset to have undefined behavior. --- library/psa_crypto.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index eac1eb4d5..87f9147a6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -864,8 +864,12 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - if( slot->data.raw.bytes != 0 ) + if( data_size != 0 ) + { memcpy( data, slot->data.raw.data, slot->data.raw.bytes ); + memset( data + slot->data.raw.bytes, 0, + data_size - slot->data.raw.bytes ); + } *data_length = slot->data.raw.bytes; return( PSA_SUCCESS ); } From 2257649ce43234bbf5946a2f925d5254a6fa865e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Oct 2018 09:09:39 +0100 Subject: [PATCH 0577/2197] Private EC key import: boundary test cases Add boundary test cases for private key validity for a short Weierstrass curve (0 < d < n). Remove obsolete test cases "valid key but wrong curve". With the new format, the private key representation does not contain an encoding of the curve. --- tests/suites/test_suite_psa_crypto.data | 26 ++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 973597535..5f202c3d4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -209,18 +209,30 @@ PSA import/export RSA keypair: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 -PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT - -PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair: DER format +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair: secp256r1, all-bits-zero (bad) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + +PSA import EC keypair: secp256r1, d == n - 1 (good) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_SUCCESS + +PSA import EC keypair: secp256r1, d == n (bad) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + +PSA import EC keypair: secp256r1, d > n (bad) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + PSA import EC public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED # For consistency with ECpub as ECpair, RSApub as RSApair and RSApair as RSApub, From 5eb1521957dba7118640fce1dfe9d9eb4d4361d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Oct 2018 13:24:35 +0100 Subject: [PATCH 0578/2197] Private EC key format: update key representation size macro --- include/psa/crypto_sizes.h | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index b5ff2aac3..edddca47a 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -437,23 +437,10 @@ /* Maximum size of the export encoding of an ECC key pair. * - * ECPrivateKey ::= SEQUENCE { - * version INTEGER, -- must be 1 - * privateKey OCTET STRING, - * -- `ceiling(log2(n)/8)`-byte string, big endian, - * -- where n is the order of the curve. - * parameters [0] IMPLICIT ECParameters {{ NamedCurve }}, - * publicKey [1] IMPLICIT BIT STRING - * } - * - * - 4 bytes of SEQUENCE overhead; - * - 1 * point size in privateKey - * - 1 + 1 + 12 bytes of namedCurve OID; - * - 4 bytes of BIT STRING overhead; - * - public key as for #PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE. + * An ECC key pair is represented by the secret value. */ #define PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) \ - (3 * PSA_BITS_TO_BYTES(key_bits) + 56) + (PSA_BITS_TO_BYTES(key_bits)) /** Safe output buffer size for psa_export_key() or psa_export_public_key(). * From f7933939b31459fcfdd670dc9b4283c44847409b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Oct 2018 14:07:52 +0100 Subject: [PATCH 0579/2197] Expand the documentation of import/export formats Clarify that the key type determines the syntax of the input. Clarify the constraints on implementations that support extra import formats. --- include/psa/crypto.h | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b54585a7e..732bc2fad 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1195,13 +1195,27 @@ typedef uint32_t psa_algorithm_t; * \brief Import a key in binary format. * * This function supports any output from psa_export_key(). Refer to the - * documentation of psa_export_key() for the format for each key type. + * documentation of psa_export_public_key() for the format of public keys + * and to the documentation of psa_export_key() for the format for + * other key types. + * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. * * \param key Slot where the key will be stored. This must be a * valid slot for a key of the chosen type. It must * be unoccupied. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param[in] data Buffer containing the key data. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). On a successful + * import, the key slot will contain a key of this type. + * \param[in] data Buffer containing the key data. The content of this + * buffer is interpreted according to \p type. It must + * contain the format described in the documentation + * of psa_export_key() or psa_export_public_key() for + * the chosen type. * \param data_length Size of the \p data buffer in bytes. * * \retval #PSA_SUCCESS @@ -1300,10 +1314,10 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * The output of this function can be passed to psa_import_key() to * create an equivalent object. * - * If a key is created with psa_import_key() and then exported with - * this function, it is not guaranteed that the resulting data is - * identical: the implementation may choose a different representation - * of the same key if the format permits it. + * If the implementation of psa_import_key() supports other formats + * beyond the format specified here, the output from psa_export_key() + * must use the representation specified here, not the original + * representation. * * For standard key types, the output format is as follows: * From f8964b95804fb2212ace60ab78a272dcc540fd7b Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Wed, 31 Oct 2018 18:06:14 +0200 Subject: [PATCH 0580/2197] updated test to work around https://github.com/ARMmbed/mbedtls-psa/issues/183 test should check the correct error values once this issue is fixed --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f7a48093b..7e8120040 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3145,7 +3145,7 @@ void test_derive_invalid_generator_tests( ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) - == PSA_ERROR_BAD_STATE ); + == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:issue opened TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); @@ -3153,7 +3153,7 @@ void test_derive_invalid_generator_tests( ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) - == PSA_ERROR_BAD_STATE ); + == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:issue opened exit: psa_generator_abort( &generator ); From dd69d8b7ffd73deb184c81bfca1b2c4c04e4e0d2 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 1 Nov 2018 12:24:23 +0200 Subject: [PATCH 0581/2197] Streamline test function API by removing parameter streamline the API for the test test_derive_invalid_generator_state: by removing the key_data parameter. This parameter is not important for test flow and can be hard-coded. --- tests/suites/test_suite_psa_crypto.data | 2 +- tests/suites/test_suite_psa_crypto.function | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 66bb175a2..10ab81222 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1211,7 +1211,7 @@ derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b": PSA key derivation: invalid generator state ( double generate + read past capacity ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -test_derive_invalid_generator_state:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b" +test_derive_invalid_generator_state: PSA key derivation: invalid generator state ( call read/get_capacity after init and abort ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 7e8120040..528857b8e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3086,7 +3086,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_generator_state( data_t *key_data ) +void test_derive_invalid_generator_state( ) { psa_key_slot_t base_key = 1; size_t key_type = PSA_KEY_TYPE_DERIVE; @@ -3094,6 +3094,9 @@ void test_derive_invalid_generator_state( data_t *key_data ) psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); size_t capacity = 42; uint8_t buffer[42]; + const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; psa_key_policy_t policy; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -3103,8 +3106,8 @@ void test_derive_invalid_generator_state( data_t *key_data ) TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( base_key, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + key_data, + sizeof(key_data) ) == PSA_SUCCESS ); /* valid key derivation */ TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, From 1caf6d24f2b642996cd82569880808830977bfed Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Thu, 1 Nov 2018 12:27:20 +0200 Subject: [PATCH 0582/2197] Fix code style and clarify issue comment * remove unneeded constants * clarify comment reference to issue 183 * add additional reference comment * fix brace spacing issues --- tests/suites/test_suite_psa_crypto.function | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 528857b8e..56a23fe04 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3091,9 +3091,9 @@ void test_derive_invalid_generator_state( ) psa_key_slot_t base_key = 1; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); - size_t capacity = 42; + psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); uint8_t buffer[42]; + size_t capacity = sizeof( buffer ); const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; @@ -3107,7 +3107,7 @@ void test_derive_invalid_generator_state( ) TEST_ASSERT( psa_import_key( base_key, key_type, key_data, - sizeof(key_data) ) == PSA_SUCCESS ); + sizeof( key_data ) ) == PSA_SUCCESS ); /* valid key derivation */ TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, @@ -3145,18 +3145,18 @@ void test_derive_invalid_generator_tests( ) psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) - == PSA_ERROR_INSUFFICIENT_CAPACITY ); + == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183 TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) - == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:issue opened + == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183 TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) - == PSA_ERROR_INSUFFICIENT_CAPACITY ); + == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183 TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) - == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:issue opened + == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:#183 exit: psa_generator_abort( &generator ); From 18b1a227ac5783f65db912e550c27f3627420e0a Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 18 Oct 2018 15:04:06 +0300 Subject: [PATCH 0583/2197] Add missing algorithms to existing hash tests --- tests/suites/test_suite_psa_crypto.data | 96 +++++++++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 871a511b2..43d243e1b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -312,10 +312,42 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED PSA key lifetime set: invalid key lifetime value key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT +PSA hash setup: good, SHA-1 +depends_on:MBEDTLS_SHA1_C +hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS + +PSA hash setup: good, SHA-224 +depends_on:MBEDTLS_SHA256_C +hash_setup:PSA_ALG_SHA_224:PSA_SUCCESS + PSA hash setup: good, SHA-256 depends_on:MBEDTLS_SHA256_C hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS +PSA hash setup: good, SHA-384 +depends_on:MBEDTLS_SHA512_C +hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS + +PSA hash setup: good, SHA-512 +depends_on:MBEDTLS_SHA512_C +hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS + +PSA hash setup: good, MD-2 +depends_on:MBEDTLS_MD2_C +hash_setup:PSA_ALG_MD2:PSA_SUCCESS + +PSA hash setup: good, MD-4 +depends_on:MBEDTLS_MD4_C +hash_setup:PSA_ALG_MD4:PSA_SUCCESS + +PSA hash setup: good, MD-5 +depends_on:MBEDTLS_MD5_C +hash_setup:PSA_ALG_MD5:PSA_SUCCESS + +PSA hash setup: good, RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C +hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS + PSA hash setup: bad (unknown hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED @@ -324,14 +356,78 @@ PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +PSA hash finish: SHA-1 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221" + +PSA hash finish: SHA-224 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57" + PSA hash finish: SHA-256 depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" +PSA hash finish: SHA-384 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a" + +PSA hash finish: SHA-512 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" + +PSA hash finish: MD-2 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" + +PSA hash finish: MD-4 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" + +PSA hash finish: MD-5 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" + +PSA hash finish: RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" + +PSA hash verify: SHA-1 +depends_on:MBEDTLS_SHA1_C +hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221" + +PSA hash verify: SHA-224 +depends_on:MBEDTLS_SHA256_C +hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57" + PSA hash verify: SHA-256 depends_on:MBEDTLS_SHA256_C hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" +PSA hash verify: SHA-384 +depends_on:MBEDTLS_SHA512_C +hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a" + +PSA hash verify: SHA-512 +depends_on:MBEDTLS_SHA512_C +hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" + +PSA hash verify: MD-2 +depends_on:MBEDTLS_MD2_C +hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" + +PSA hash verify: MD-4 +depends_on:MBEDTLS_MD4_C +hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" + +PSA hash verify: MD-5 +depends_on:MBEDTLS_MD5_C +hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" + +PSA hash verify: RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C +hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" + PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS From ec93d30b45dbf7a5a36fe907f1d4e37ddcd0c248 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 18 Oct 2018 18:01:10 +0300 Subject: [PATCH 0584/2197] Add hash bad paths test Increase code coverage --- tests/suites/test_suite_psa_crypto.data | 4 ++ tests/suites/test_suite_psa_crypto.function | 56 +++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 43d243e1b..0eb06e436 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -428,6 +428,10 @@ PSA hash verify: RIPEMD160 depends_on:MBEDTLS_RIPEMD160_C hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" +PSA hash: bad paths +depends_on:MBEDTLS_SHA256_C +hash_bad_paths: + PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 63d837fdc..4a05adf8c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1628,6 +1628,62 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_bad_paths( ) +{ + psa_algorithm_t alg = PSA_ALG_SHA_256; + unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 }; + size_t expected_size = PSA_HASH_SIZE( alg ); + unsigned char input[] = "input"; + psa_hash_operation_t operation; + size_t hash_len; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* psa_hash_update without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_update( &operation, + input, sizeof( input ) ) == + PSA_ERROR_INVALID_ARGUMENT ); + + /* psa_hash_finish without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_finish( &operation, + hash, expected_size, + &hash_len ) == PSA_ERROR_INVALID_ARGUMENT ); + + /* psa_hash_verify without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_verify( &operation, + hash, expected_size ) == + PSA_ERROR_INVALID_ARGUMENT ); + + /* psa_hash_finish with a smaller hash buffer than expected */ + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_finish( &operation, + hash, expected_size - 1, + &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL ); + + + /* psa_hash_verify with a smaller hash buffer than expected */ + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_verify( &operation, + hash, expected_size - 1 ) == + PSA_ERROR_INVALID_SIGNATURE ); + + /* psa_hash_verify with a non-matching hash buffer */ + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input, sizeof( input ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_verify( &operation, + hash, expected_size ) == + PSA_ERROR_INVALID_SIGNATURE ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_setup( int key_type_arg, data_t *key, From f5b3eb85b5647a233931dca0d7854bbfc958b62b Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Sun, 21 Oct 2018 17:18:06 +0300 Subject: [PATCH 0585/2197] Add hash test for multipart operation Test vectors migrated from mbedTLS --- tests/suites/test_suite_psa_crypto.data | 276 ++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 41 +++ 2 files changed, 317 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0eb06e436..fc69b14d7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -432,6 +432,282 @@ PSA hash: bad paths depends_on:MBEDTLS_SHA256_C hash_bad_paths: +PSA hash multi part: SHA-1 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #9 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #10 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" + +PSA hash multi part: MD-2 Test vector RFC1319 #1 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" + +PSA hash multi part: MD-2 Test vector RFC1319 #2 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" + +PSA hash multi part: MD-2 Test vector RFC1319 #3 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" + +PSA hash multi part: MD-2 Test vector RFC1319 #4 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" + +PSA hash multi part: MD-2 Test vector RFC1319 #5 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" + +PSA hash multi part: MD-2 Test vector RFC1319 #6 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" + +PSA hash multi part: MD-2 Test vector RFC1319 #7 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" + +PSA hash multi part: MD-4 Test vector RFC1320 #1 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" + +PSA hash multi part: MD-4 Test vector RFC1320 #2 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" + +PSA hash multi part: MD-4 Test vector RFC1320 #3 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" + +PSA hash multi part: MD-4 Test vector RFC1320 #4 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" + +PSA hash multi part: MD-4 Test vector RFC1320 #5 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" + +PSA hash multi part: MD-4 Test vector RFC1320 #6 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" + +PSA hash multi part: MD-4 Test vector RFC1320 #7 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" + +PSA hash multi part: MD-5 Test vector RFC1321 #1 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" + +PSA hash multi part: MD-5 Test vector RFC1321 #2 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" + +PSA hash multi part: MD-5 Test vector RFC1321 #3 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" + +PSA hash multi part: MD-5 Test vector RFC1321 #4 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" + +PSA hash multi part: MD-5 Test vector RFC1321 #5 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" + +PSA hash multi part: MD-5 Test vector RFC1321 #6 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" + +PSA hash multi part: MD-5 Test vector RFC1321 #7 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" + +PSA hash multi part: RIPEMD160 Test vector from paper #1 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" + +PSA hash multi part: RIPEMD160 Test vector from paper #2 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" + +PSA hash multi part: RIPEMD160 Test vector from paper #3 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" + +PSA hash multi part: RIPEMD160 Test vector from paper #4 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36" + +PSA hash multi part: RIPEMD160 Test vector from paper #5 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" + +PSA hash multi part: RIPEMD160 Test vector from paper #6 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" + +PSA hash multi part: RIPEMD160 Test vector from paper #7 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189" + +PSA hash multi part: RIPEMD160 Test vector from paper #8 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4a05adf8c..f66c37b75 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1775,6 +1775,47 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) +{ + psa_algorithm_t alg = alg_arg; + unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 }; + size_t actual_hash_length; + psa_hash_operation_t operation; + uint32_t halfway; + + TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) ); + TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE ); + + TEST_ASSERT( input != NULL ); + TEST_ASSERT( expected_hash != NULL ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); + TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + + halfway = input->len / 2; + TEST_ASSERT( psa_hash_update( &operation, + input->x, + halfway ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input->x + halfway, + input->len - halfway ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) == PSA_SUCCESS ); + + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_verify( int key_type_arg, data_t *key, From a00f1d8b004efa9df7ccff1580344526cbb20323 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Mon, 22 Oct 2018 15:10:29 +0300 Subject: [PATCH 0586/2197] Add additional test vectors for hash single part Test vectors migrated from mbedTLS --- tests/suites/test_suite_psa_crypto.data | 276 ++++++++++++++++++++++++ 1 file changed, 276 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index fc69b14d7..77d62a899 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -392,6 +392,282 @@ PSA hash finish: RIPEMD160 depends_on:MBEDTLS_RIPEMD160_C hash_finish:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" +PSA hash finish: SHA-1 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #9 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #10 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" + +PSA hash finish: MD-2 Test vector RFC1319 #1 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" + +PSA hash finish: MD-2 Test vector RFC1319 #2 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" + +PSA hash finish: MD-2 Test vector RFC1319 #3 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" + +PSA hash finish: MD-2 Test vector RFC1319 #4 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" + +PSA hash finish: MD-2 Test vector RFC1319 #5 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" + +PSA hash finish: MD-2 Test vector RFC1319 #6 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" + +PSA hash finish: MD-2 Test vector RFC1319 #7 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" + +PSA hash finish: MD-4 Test vector RFC1320 #1 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" + +PSA hash finish: MD-4 Test vector RFC1320 #2 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" + +PSA hash finish: MD-4 Test vector RFC1320 #3 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" + +PSA hash finish: MD-4 Test vector RFC1320 #4 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" + +PSA hash finish: MD-4 Test vector RFC1320 #5 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" + +PSA hash finish: MD-4 Test vector RFC1320 #6 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" + +PSA hash finish: MD-4 Test vector RFC1320 #7 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" + +PSA hash finish: MD-5 Test vector RFC1321 #1 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" + +PSA hash finish: MD-5 Test vector RFC1321 #2 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" + +PSA hash finish: MD-5 Test vector RFC1321 #3 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" + +PSA hash finish: MD-5 Test vector RFC1321 #4 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" + +PSA hash finish: MD-5 Test vector RFC1321 #5 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" + +PSA hash finish: MD-5 Test vector RFC1321 #6 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" + +PSA hash finish: MD-5 Test vector RFC1321 #7 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" + +PSA hash finish: RIPEMD160 Test vector from paper #1 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" + +PSA hash finish: RIPEMD160 Test vector from paper #2 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" + +PSA hash finish: RIPEMD160 Test vector from paper #3 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" + +PSA hash finish: RIPEMD160 Test vector from paper #4 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36" + +PSA hash finish: RIPEMD160 Test vector from paper #5 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" + +PSA hash finish: RIPEMD160 Test vector from paper #6 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" + +PSA hash finish: RIPEMD160 Test vector from paper #7 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189" + +PSA hash finish: RIPEMD160 Test vector from paper #8 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + PSA hash verify: SHA-1 depends_on:MBEDTLS_SHA1_C hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221" From 9b3b31dc521695e8830d5f7c7e3f39f613f8c783 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Mon, 22 Oct 2018 16:03:34 +0300 Subject: [PATCH 0587/2197] Delete redundant hash test vectors Due to migration of test vectors from mbedTLS --- tests/suites/test_suite_psa_crypto.data | 36 ------------------------- 1 file changed, 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 77d62a899..3c131caf9 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -356,42 +356,6 @@ PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT -PSA hash finish: SHA-1 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221" - -PSA hash finish: SHA-224 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57" - -PSA hash finish: SHA-256 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" - -PSA hash finish: SHA-384 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a" - -PSA hash finish: SHA-512 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" - -PSA hash finish: MD-2 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" - -PSA hash finish: MD-4 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" - -PSA hash finish: MD-5 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" - -PSA hash finish: RIPEMD160 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" - PSA hash finish: SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" From 931fa6d663883e62c0b5a660cbdffcd0d4995bba Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 24 Oct 2018 12:20:22 +0300 Subject: [PATCH 0588/2197] Remove input parameter validations from hash test functions Remove from hash_finish, hash_verify and hash_multi_part --- tests/suites/test_suite_psa_crypto.function | 24 --------------------- 1 file changed, 24 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f66c37b75..879a77c2f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1575,14 +1575,6 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) size_t actual_hash_length; psa_hash_operation_t operation; - TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) ); - TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE ); - - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_hash != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); @@ -1605,14 +1597,6 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) psa_algorithm_t alg = alg_arg; psa_hash_operation_t operation; - TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) ); - TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE ); - - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_hash != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); @@ -1784,14 +1768,6 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) psa_hash_operation_t operation; uint32_t halfway; - TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) ); - TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE ); - - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_hash != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); From 02d6295e5354a161c9be29aa386695cac5208620 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 24 Oct 2018 12:45:18 +0300 Subject: [PATCH 0589/2197] Move positive hash tests into a new test suite Move hash_finish, hash_verify and hash_multi_part to a new test suite test_suite_psa_crypto_hash. --- scripts/mbed_crypto.make | 2 + tests/CMakeLists.txt | 1 + tests/suites/test_suite_psa_crypto.data | 588 ------------------ tests/suites/test_suite_psa_crypto.function | 80 +-- tests/suites/test_suite_psa_crypto_hash.data | 587 +++++++++++++++++ .../test_suite_psa_crypto_hash.function | 94 +++ 6 files changed, 685 insertions(+), 667 deletions(-) create mode 100644 tests/suites/test_suite_psa_crypto_hash.data create mode 100644 tests/suites/test_suite_psa_crypto_hash.function diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index c0e5a0531..e5e6ded6d 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -150,6 +150,8 @@ TEST_FILES := \ tests/suites/target_test.function \ tests/suites/test_suite_psa_crypto.data \ tests/suites/test_suite_psa_crypto.function \ + tests/suites/test_suite_psa_crypto_hash.data \ + tests/suites/test_suite_psa_crypto_hash.function \ tests/suites/test_suite_psa_crypto_metadata.data \ tests/suites/test_suite_psa_crypto_metadata.function \ # Don't delete this line. diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index a7821d7bc..89be6feb7 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -111,6 +111,7 @@ add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) add_test_suite(psa_crypto) +add_test_suite(psa_crypto_hash) add_test_suite(psa_crypto_metadata) add_test_suite(shax) add_test_suite(ssl) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3c131caf9..bfd391ce9 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -356,598 +356,10 @@ PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT -PSA hash finish: SHA-1 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #9 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" - -PSA hash finish: SHA-1 Test Vector NIST CAVS #10 -depends_on:MBEDTLS_SHA1_C -hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" - -PSA hash finish: SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" - -PSA hash finish: SHA-256 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C -hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" - -PSA hash finish: SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" - -PSA hash finish: SHA-512 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C -hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" - -PSA hash finish: MD-2 Test vector RFC1319 #1 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" - -PSA hash finish: MD-2 Test vector RFC1319 #2 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -PSA hash finish: MD-2 Test vector RFC1319 #3 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" - -PSA hash finish: MD-2 Test vector RFC1319 #4 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" - -PSA hash finish: MD-2 Test vector RFC1319 #5 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" - -PSA hash finish: MD-2 Test vector RFC1319 #6 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" - -PSA hash finish: MD-2 Test vector RFC1319 #7 -depends_on:MBEDTLS_MD2_C -hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" - -PSA hash finish: MD-4 Test vector RFC1320 #1 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -PSA hash finish: MD-4 Test vector RFC1320 #2 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" - -PSA hash finish: MD-4 Test vector RFC1320 #3 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" - -PSA hash finish: MD-4 Test vector RFC1320 #4 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" - -PSA hash finish: MD-4 Test vector RFC1320 #5 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" - -PSA hash finish: MD-4 Test vector RFC1320 #6 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" - -PSA hash finish: MD-4 Test vector RFC1320 #7 -depends_on:MBEDTLS_MD4_C -hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" - -PSA hash finish: MD-5 Test vector RFC1321 #1 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" - -PSA hash finish: MD-5 Test vector RFC1321 #2 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" - -PSA hash finish: MD-5 Test vector RFC1321 #3 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" - -PSA hash finish: MD-5 Test vector RFC1321 #4 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" - -PSA hash finish: MD-5 Test vector RFC1321 #5 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" - -PSA hash finish: MD-5 Test vector RFC1321 #6 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" - -PSA hash finish: MD-5 Test vector RFC1321 #7 -depends_on:MBEDTLS_MD5_C -hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" - -PSA hash finish: RIPEMD160 Test vector from paper #1 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" - -PSA hash finish: RIPEMD160 Test vector from paper #2 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" - -PSA hash finish: RIPEMD160 Test vector from paper #3 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" - -PSA hash finish: RIPEMD160 Test vector from paper #4 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36" - -PSA hash finish: RIPEMD160 Test vector from paper #5 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" - -PSA hash finish: RIPEMD160 Test vector from paper #6 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" - -PSA hash finish: RIPEMD160 Test vector from paper #7 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189" - -PSA hash finish: RIPEMD160 Test vector from paper #8 -depends_on:MBEDTLS_RIPEMD160_C -hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" - -PSA hash verify: SHA-1 -depends_on:MBEDTLS_SHA1_C -hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221" - -PSA hash verify: SHA-224 -depends_on:MBEDTLS_SHA256_C -hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57" - -PSA hash verify: SHA-256 -depends_on:MBEDTLS_SHA256_C -hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" - -PSA hash verify: SHA-384 -depends_on:MBEDTLS_SHA512_C -hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a" - -PSA hash verify: SHA-512 -depends_on:MBEDTLS_SHA512_C -hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" - -PSA hash verify: MD-2 -depends_on:MBEDTLS_MD2_C -hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" - -PSA hash verify: MD-4 -depends_on:MBEDTLS_MD4_C -hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" - -PSA hash verify: MD-5 -depends_on:MBEDTLS_MD5_C -hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" - -PSA hash verify: RIPEMD160 -depends_on:MBEDTLS_RIPEMD160_C -hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" - PSA hash: bad paths depends_on:MBEDTLS_SHA256_C hash_bad_paths: -PSA hash multi part: SHA-1 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #9 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" - -PSA hash multi part: SHA-1 Test Vector NIST CAVS #10 -depends_on:MBEDTLS_SHA1_C -hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" - -PSA hash multi part: SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" - -PSA hash multi part: SHA-256 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C -hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" - -PSA hash multi part: SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" - -PSA hash multi part: SHA-512 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C -hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" - -PSA hash multi part: MD-2 Test vector RFC1319 #1 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" - -PSA hash multi part: MD-2 Test vector RFC1319 #2 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" - -PSA hash multi part: MD-2 Test vector RFC1319 #3 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" - -PSA hash multi part: MD-2 Test vector RFC1319 #4 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" - -PSA hash multi part: MD-2 Test vector RFC1319 #5 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" - -PSA hash multi part: MD-2 Test vector RFC1319 #6 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" - -PSA hash multi part: MD-2 Test vector RFC1319 #7 -depends_on:MBEDTLS_MD2_C -hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" - -PSA hash multi part: MD-4 Test vector RFC1320 #1 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" - -PSA hash multi part: MD-4 Test vector RFC1320 #2 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" - -PSA hash multi part: MD-4 Test vector RFC1320 #3 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" - -PSA hash multi part: MD-4 Test vector RFC1320 #4 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" - -PSA hash multi part: MD-4 Test vector RFC1320 #5 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" - -PSA hash multi part: MD-4 Test vector RFC1320 #6 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" - -PSA hash multi part: MD-4 Test vector RFC1320 #7 -depends_on:MBEDTLS_MD4_C -hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" - -PSA hash multi part: MD-5 Test vector RFC1321 #1 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" - -PSA hash multi part: MD-5 Test vector RFC1321 #2 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" - -PSA hash multi part: MD-5 Test vector RFC1321 #3 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" - -PSA hash multi part: MD-5 Test vector RFC1321 #4 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" - -PSA hash multi part: MD-5 Test vector RFC1321 #5 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" - -PSA hash multi part: MD-5 Test vector RFC1321 #6 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" - -PSA hash multi part: MD-5 Test vector RFC1321 #7 -depends_on:MBEDTLS_MD5_C -hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" - -PSA hash multi part: RIPEMD160 Test vector from paper #1 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" - -PSA hash multi part: RIPEMD160 Test vector from paper #2 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" - -PSA hash multi part: RIPEMD160 Test vector from paper #3 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" - -PSA hash multi part: RIPEMD160 Test vector from paper #4 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36" - -PSA hash multi part: RIPEMD160 Test vector from paper #5 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" - -PSA hash multi part: RIPEMD160 Test vector from paper #6 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" - -PSA hash multi part: RIPEMD160 Test vector from paper #7 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189" - -PSA hash multi part: RIPEMD160 Test vector from paper #8 -depends_on:MBEDTLS_RIPEMD160_C -hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" - PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 879a77c2f..898588879 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1568,52 +1568,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) -{ - psa_algorithm_t alg = alg_arg; - unsigned char actual_hash[PSA_HASH_MAX_SIZE]; - size_t actual_hash_length; - psa_hash_operation_t operation; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x, input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) == PSA_SUCCESS ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) -{ - psa_algorithm_t alg = alg_arg; - psa_hash_operation_t operation; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x, - input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_verify( &operation, - expected_hash->x, - expected_hash->len ) == PSA_SUCCESS ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void hash_bad_paths( ) +void hash_bad_paths( ) { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 }; @@ -1759,39 +1714,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) -{ - psa_algorithm_t alg = alg_arg; - unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 }; - size_t actual_hash_length; - psa_hash_operation_t operation; - uint32_t halfway; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - - halfway = input->len / 2; - TEST_ASSERT( psa_hash_update( &operation, - input->x, - halfway ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x + halfway, - input->len - halfway ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) == PSA_SUCCESS ); - - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void mac_verify( int key_type_arg, data_t *key, diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data new file mode 100644 index 000000000..3d32bab90 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -0,0 +1,587 @@ +PSA hash finish: SHA-1 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #9 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" + +PSA hash finish: SHA-1 Test Vector NIST CAVS #10 +depends_on:MBEDTLS_SHA1_C +hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" + +PSA hash finish: SHA-224 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" + +PSA hash finish: SHA-256 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" + +PSA hash finish: SHA-384 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" + +PSA hash finish: SHA-512 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" + +PSA hash finish: MD-2 Test vector RFC1319 #1 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" + +PSA hash finish: MD-2 Test vector RFC1319 #2 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" + +PSA hash finish: MD-2 Test vector RFC1319 #3 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" + +PSA hash finish: MD-2 Test vector RFC1319 #4 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" + +PSA hash finish: MD-2 Test vector RFC1319 #5 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" + +PSA hash finish: MD-2 Test vector RFC1319 #6 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" + +PSA hash finish: MD-2 Test vector RFC1319 #7 +depends_on:MBEDTLS_MD2_C +hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" + +PSA hash finish: MD-4 Test vector RFC1320 #1 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" + +PSA hash finish: MD-4 Test vector RFC1320 #2 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" + +PSA hash finish: MD-4 Test vector RFC1320 #3 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" + +PSA hash finish: MD-4 Test vector RFC1320 #4 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" + +PSA hash finish: MD-4 Test vector RFC1320 #5 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" + +PSA hash finish: MD-4 Test vector RFC1320 #6 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" + +PSA hash finish: MD-4 Test vector RFC1320 #7 +depends_on:MBEDTLS_MD4_C +hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" + +PSA hash finish: MD-5 Test vector RFC1321 #1 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" + +PSA hash finish: MD-5 Test vector RFC1321 #2 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" + +PSA hash finish: MD-5 Test vector RFC1321 #3 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" + +PSA hash finish: MD-5 Test vector RFC1321 #4 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" + +PSA hash finish: MD-5 Test vector RFC1321 #5 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" + +PSA hash finish: MD-5 Test vector RFC1321 #6 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" + +PSA hash finish: MD-5 Test vector RFC1321 #7 +depends_on:MBEDTLS_MD5_C +hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" + +PSA hash finish: RIPEMD160 Test vector from paper #1 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" + +PSA hash finish: RIPEMD160 Test vector from paper #2 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" + +PSA hash finish: RIPEMD160 Test vector from paper #3 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" + +PSA hash finish: RIPEMD160 Test vector from paper #4 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36" + +PSA hash finish: RIPEMD160 Test vector from paper #5 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" + +PSA hash finish: RIPEMD160 Test vector from paper #6 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" + +PSA hash finish: RIPEMD160 Test vector from paper #7 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189" + +PSA hash finish: RIPEMD160 Test vector from paper #8 +depends_on:MBEDTLS_RIPEMD160_C +hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + +PSA hash verify: SHA-1 +depends_on:MBEDTLS_SHA1_C +hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221" + +PSA hash verify: SHA-224 +depends_on:MBEDTLS_SHA256_C +hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57" + +PSA hash verify: SHA-256 +depends_on:MBEDTLS_SHA256_C +hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + +PSA hash verify: SHA-384 +depends_on:MBEDTLS_SHA512_C +hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a" + +PSA hash verify: SHA-512 +depends_on:MBEDTLS_SHA512_C +hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" + +PSA hash verify: MD-2 +depends_on:MBEDTLS_MD2_C +hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" + +PSA hash verify: MD-4 +depends_on:MBEDTLS_MD4_C +hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" + +PSA hash verify: MD-5 +depends_on:MBEDTLS_MD5_C +hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" + +PSA hash verify: RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C +hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #9 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" + +PSA hash multi part: SHA-1 Test Vector NIST CAVS #10 +depends_on:MBEDTLS_SHA1_C +hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" + +PSA hash multi part: SHA-224 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" + +PSA hash multi part: SHA-256 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA256_C +hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" + +PSA hash multi part: SHA-384 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #1 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #2 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #3 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #4 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #5 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #6 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #7 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" + +PSA hash multi part: SHA-512 Test Vector NIST CAVS #8 +depends_on:MBEDTLS_SHA512_C +hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" + +PSA hash multi part: MD-2 Test vector RFC1319 #1 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" + +PSA hash multi part: MD-2 Test vector RFC1319 #2 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" + +PSA hash multi part: MD-2 Test vector RFC1319 #3 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" + +PSA hash multi part: MD-2 Test vector RFC1319 #4 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" + +PSA hash multi part: MD-2 Test vector RFC1319 #5 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" + +PSA hash multi part: MD-2 Test vector RFC1319 #6 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" + +PSA hash multi part: MD-2 Test vector RFC1319 #7 +depends_on:MBEDTLS_MD2_C +hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" + +PSA hash multi part: MD-4 Test vector RFC1320 #1 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" + +PSA hash multi part: MD-4 Test vector RFC1320 #2 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" + +PSA hash multi part: MD-4 Test vector RFC1320 #3 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" + +PSA hash multi part: MD-4 Test vector RFC1320 #4 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" + +PSA hash multi part: MD-4 Test vector RFC1320 #5 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" + +PSA hash multi part: MD-4 Test vector RFC1320 #6 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" + +PSA hash multi part: MD-4 Test vector RFC1320 #7 +depends_on:MBEDTLS_MD4_C +hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" + +PSA hash multi part: MD-5 Test vector RFC1321 #1 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" + +PSA hash multi part: MD-5 Test vector RFC1321 #2 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" + +PSA hash multi part: MD-5 Test vector RFC1321 #3 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" + +PSA hash multi part: MD-5 Test vector RFC1321 #4 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" + +PSA hash multi part: MD-5 Test vector RFC1321 #5 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" + +PSA hash multi part: MD-5 Test vector RFC1321 #6 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" + +PSA hash multi part: MD-5 Test vector RFC1321 #7 +depends_on:MBEDTLS_MD5_C +hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" + +PSA hash multi part: RIPEMD160 Test vector from paper #1 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" + +PSA hash multi part: RIPEMD160 Test vector from paper #2 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" + +PSA hash multi part: RIPEMD160 Test vector from paper #3 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" + +PSA hash multi part: RIPEMD160 Test vector from paper #4 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36" + +PSA hash multi part: RIPEMD160 Test vector from paper #5 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" + +PSA hash multi part: RIPEMD160 Test vector from paper #6 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" + +PSA hash multi part: RIPEMD160 Test vector from paper #7 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189" + +PSA hash multi part: RIPEMD160 Test vector from paper #8 +depends_on:MBEDTLS_RIPEMD160_C +hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function new file mode 100644 index 000000000..75878ef3c --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -0,0 +1,94 @@ +/* BEGIN_HEADER */ + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif + +#include "psa/crypto.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + + /* BEGIN_CASE */ +void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) +{ + psa_algorithm_t alg = alg_arg; + unsigned char actual_hash[PSA_HASH_MAX_SIZE]; + size_t actual_hash_length; + psa_hash_operation_t operation; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input->x, input->len ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) == PSA_SUCCESS ); + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) +{ + psa_algorithm_t alg = alg_arg; + psa_hash_operation_t operation; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input->x, + input->len ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_verify( &operation, + expected_hash->x, + expected_hash->len ) == PSA_SUCCESS ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) +{ + psa_algorithm_t alg = alg_arg; + unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 }; + size_t actual_hash_length; + psa_hash_operation_t operation; + uint32_t halfway; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + + halfway = input->len / 2; + TEST_ASSERT( psa_hash_update( &operation, + input->x, + halfway ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input->x + halfway, + input->len - halfway ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) == PSA_SUCCESS ); + + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 69290f0e71ceb687527ab7281ad54b12afa38523 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 24 Oct 2018 13:50:54 +0300 Subject: [PATCH 0590/2197] Update hash tests documentation --- tests/suites/test_suite_psa_crypto.data | 6 +- tests/suites/test_suite_psa_crypto.function | 4 +- tests/suites/test_suite_psa_crypto_hash.data | 90 ++++++++++---------- 3 files changed, 50 insertions(+), 50 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bfd391ce9..01ca74f5a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -332,15 +332,15 @@ PSA hash setup: good, SHA-512 depends_on:MBEDTLS_SHA512_C hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS -PSA hash setup: good, MD-2 +PSA hash setup: good, MD2 depends_on:MBEDTLS_MD2_C hash_setup:PSA_ALG_MD2:PSA_SUCCESS -PSA hash setup: good, MD-4 +PSA hash setup: good, MD4 depends_on:MBEDTLS_MD4_C hash_setup:PSA_ALG_MD4:PSA_SUCCESS -PSA hash setup: good, MD-5 +PSA hash setup: good, MD5 depends_on:MBEDTLS_MD5_C hash_setup:PSA_ALG_MD5:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 898588879..3bca3cb5f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1604,13 +1604,13 @@ void hash_bad_paths( ) &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL ); - /* psa_hash_verify with a smaller hash buffer than expected */ + /* psa_hash_verify with a smaller hash digest than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, hash, expected_size - 1 ) == PSA_ERROR_INVALID_SIGNATURE ); - /* psa_hash_verify with a non-matching hash buffer */ + /* psa_hash_verify with a non-matching hash digest */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 3d32bab90..746d810f1 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -158,87 +158,87 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA512_C hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" -PSA hash finish: MD-2 Test vector RFC1319 #1 +PSA hash finish: MD2 Test vector RFC1319 #1 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" -PSA hash finish: MD-2 Test vector RFC1319 #2 +PSA hash finish: MD2 Test vector RFC1319 #2 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" -PSA hash finish: MD-2 Test vector RFC1319 #3 +PSA hash finish: MD2 Test vector RFC1319 #3 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" -PSA hash finish: MD-2 Test vector RFC1319 #4 +PSA hash finish: MD2 Test vector RFC1319 #4 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" -PSA hash finish: MD-2 Test vector RFC1319 #5 +PSA hash finish: MD2 Test vector RFC1319 #5 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" -PSA hash finish: MD-2 Test vector RFC1319 #6 +PSA hash finish: MD2 Test vector RFC1319 #6 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" -PSA hash finish: MD-2 Test vector RFC1319 #7 +PSA hash finish: MD2 Test vector RFC1319 #7 depends_on:MBEDTLS_MD2_C hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" -PSA hash finish: MD-4 Test vector RFC1320 #1 +PSA hash finish: MD4 Test vector RFC1320 #1 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" -PSA hash finish: MD-4 Test vector RFC1320 #2 +PSA hash finish: MD4 Test vector RFC1320 #2 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" -PSA hash finish: MD-4 Test vector RFC1320 #3 +PSA hash finish: MD4 Test vector RFC1320 #3 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" -PSA hash finish: MD-4 Test vector RFC1320 #4 +PSA hash finish: MD4 Test vector RFC1320 #4 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" -PSA hash finish: MD-4 Test vector RFC1320 #5 +PSA hash finish: MD4 Test vector RFC1320 #5 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" -PSA hash finish: MD-4 Test vector RFC1320 #6 +PSA hash finish: MD4 Test vector RFC1320 #6 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" -PSA hash finish: MD-4 Test vector RFC1320 #7 +PSA hash finish: MD4 Test vector RFC1320 #7 depends_on:MBEDTLS_MD4_C hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" -PSA hash finish: MD-5 Test vector RFC1321 #1 +PSA hash finish: MD5 Test vector RFC1321 #1 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" -PSA hash finish: MD-5 Test vector RFC1321 #2 +PSA hash finish: MD5 Test vector RFC1321 #2 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" -PSA hash finish: MD-5 Test vector RFC1321 #3 +PSA hash finish: MD5 Test vector RFC1321 #3 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" -PSA hash finish: MD-5 Test vector RFC1321 #4 +PSA hash finish: MD5 Test vector RFC1321 #4 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" -PSA hash finish: MD-5 Test vector RFC1321 #5 +PSA hash finish: MD5 Test vector RFC1321 #5 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" -PSA hash finish: MD-5 Test vector RFC1321 #6 +PSA hash finish: MD5 Test vector RFC1321 #6 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" -PSA hash finish: MD-5 Test vector RFC1321 #7 +PSA hash finish: MD5 Test vector RFC1321 #7 depends_on:MBEDTLS_MD5_C hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" @@ -294,15 +294,15 @@ PSA hash verify: SHA-512 depends_on:MBEDTLS_SHA512_C hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf" -PSA hash verify: MD-2 +PSA hash verify: MD2 depends_on:MBEDTLS_MD2_C hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf" -PSA hash verify: MD-4 +PSA hash verify: MD4 depends_on:MBEDTLS_MD4_C hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25" -PSA hash verify: MD-5 +PSA hash verify: MD5 depends_on:MBEDTLS_MD5_C hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb" @@ -470,87 +470,87 @@ PSA hash multi part: SHA-512 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA512_C hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" -PSA hash multi part: MD-2 Test vector RFC1319 #1 +PSA hash multi part: MD2 Test vector RFC1319 #1 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773" -PSA hash multi part: MD-2 Test vector RFC1319 #2 +PSA hash multi part: MD2 Test vector RFC1319 #2 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1" -PSA hash multi part: MD-2 Test vector RFC1319 #3 +PSA hash multi part: MD2 Test vector RFC1319 #3 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" -PSA hash multi part: MD-2 Test vector RFC1319 #4 +PSA hash multi part: MD2 Test vector RFC1319 #4 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0" -PSA hash multi part: MD-2 Test vector RFC1319 #5 +PSA hash multi part: MD2 Test vector RFC1319 #5 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b" -PSA hash multi part: MD-2 Test vector RFC1319 #6 +PSA hash multi part: MD2 Test vector RFC1319 #6 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd" -PSA hash multi part: MD-2 Test vector RFC1319 #7 +PSA hash multi part: MD2 Test vector RFC1319 #7 depends_on:MBEDTLS_MD2_C hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8" -PSA hash multi part: MD-4 Test vector RFC1320 #1 +PSA hash multi part: MD4 Test vector RFC1320 #1 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" -PSA hash multi part: MD-4 Test vector RFC1320 #2 +PSA hash multi part: MD4 Test vector RFC1320 #2 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24" -PSA hash multi part: MD-4 Test vector RFC1320 #3 +PSA hash multi part: MD4 Test vector RFC1320 #3 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" -PSA hash multi part: MD-4 Test vector RFC1320 #4 +PSA hash multi part: MD4 Test vector RFC1320 #4 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b" -PSA hash multi part: MD-4 Test vector RFC1320 #5 +PSA hash multi part: MD4 Test vector RFC1320 #5 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9" -PSA hash multi part: MD-4 Test vector RFC1320 #6 +PSA hash multi part: MD4 Test vector RFC1320 #6 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4" -PSA hash multi part: MD-4 Test vector RFC1320 #7 +PSA hash multi part: MD4 Test vector RFC1320 #7 depends_on:MBEDTLS_MD4_C hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536" -PSA hash multi part: MD-5 Test vector RFC1321 #1 +PSA hash multi part: MD5 Test vector RFC1321 #1 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" -PSA hash multi part: MD-5 Test vector RFC1321 #2 +PSA hash multi part: MD5 Test vector RFC1321 #2 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661" -PSA hash multi part: MD-5 Test vector RFC1321 #3 +PSA hash multi part: MD5 Test vector RFC1321 #3 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" -PSA hash multi part: MD-5 Test vector RFC1321 #4 +PSA hash multi part: MD5 Test vector RFC1321 #4 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0" -PSA hash multi part: MD-5 Test vector RFC1321 #5 +PSA hash multi part: MD5 Test vector RFC1321 #5 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b" -PSA hash multi part: MD-5 Test vector RFC1321 #6 +PSA hash multi part: MD5 Test vector RFC1321 #6 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f" -PSA hash multi part: MD-5 Test vector RFC1321 #7 +PSA hash multi part: MD5 Test vector RFC1321 #7 depends_on:MBEDTLS_MD5_C hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a" From 4271df932ca25660d888889fe5ccca5d9c72d9a0 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 24 Oct 2018 18:16:19 +0300 Subject: [PATCH 0591/2197] Add scenario to test case hash_bad_paths Tests where the verification hash digest is prefixed with the expected digest but also has extra bytes appended at the end of it. --- tests/suites/test_suite_psa_crypto.function | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3bca3cb5f..0d292e3ce 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1577,6 +1577,15 @@ void hash_bad_paths( ) psa_hash_operation_t operation; size_t hash_len; + /* SHA-256 hash digest of the string 'input' with 2 extra bytes appended at + * the end */ + unsigned char extra_length_digest[] = + { + 0x3a, 0x28, 0x92, 0x32, 0x39, 0x9a, 0x20, 0x75, 0x09, 0xf4, 0xfa, 0x9d, + 0x70, 0xfa, 0x6f, 0x68, 0x81, 0x7c, 0xe6, 0xa6, 0x6f, 0x21, 0x50, 0xff, + 0x08, 0x23, 0x36, 0x31, 0x1f, 0x4e, 0x55, 0xfe, 0xaa, 0xbb + }; + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); /* psa_hash_update without calling psa_hash_setup beforehand */ @@ -1618,6 +1627,18 @@ void hash_bad_paths( ) hash, expected_size ) == PSA_ERROR_INVALID_SIGNATURE ); + /* psa_hash_verify with a hash digest longer than expected, where the first + * 32 bytes match the expected digest but 2 extra bytes are appended at the + * end of the digest */ + memset( hash, 0, sizeof( hash ) ); + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input, sizeof( input ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_verify( &operation, + extra_length_digest, + sizeof( extra_length_digest ) ) == + PSA_ERROR_INVALID_SIGNATURE ); + exit: mbedtls_psa_crypto_free( ); } From 58028321b9606cb020a0ba23ecb99e3f1fbf6841 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 25 Oct 2018 10:22:01 +0300 Subject: [PATCH 0592/2197] Split test hash_bad_paths into 3 different tests 1. Rename hash_bad_paths to hash_verify_bad_paths 2. Add test hash_update_bad_paths 3. Add test hash_finish_bad_paths The different scenarios tested as part of hash_bad_paths are moved to the relevant test. --- tests/suites/test_suite_psa_crypto.data | 12 +++- tests/suites/test_suite_psa_crypto.function | 69 ++++++++++++++------- 2 files changed, 58 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 01ca74f5a..507ca9b43 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -356,9 +356,17 @@ PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT -PSA hash: bad paths +PSA hash verify: bad paths depends_on:MBEDTLS_SHA256_C -hash_bad_paths: +hash_verify_bad_paths: + +PSA hash update: bad paths +depends_on:MBEDTLS_SHA256_C +hash_update_bad_paths: + +PSA hash finish: bad paths +depends_on:MBEDTLS_SHA256_C +hash_finish_bad_paths: PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0d292e3ce..3db6df5b8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1568,14 +1568,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void hash_bad_paths( ) +void hash_verify_bad_paths( ) { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 }; size_t expected_size = PSA_HASH_SIZE( alg ); unsigned char input[] = "input"; psa_hash_operation_t operation; - size_t hash_len; /* SHA-256 hash digest of the string 'input' with 2 extra bytes appended at * the end */ @@ -1588,31 +1587,12 @@ void hash_bad_paths( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - /* psa_hash_update without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_update( &operation, - input, sizeof( input ) ) == - PSA_ERROR_INVALID_ARGUMENT ); - - /* psa_hash_finish without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_finish( &operation, - hash, expected_size, - &hash_len ) == PSA_ERROR_INVALID_ARGUMENT ); - /* psa_hash_verify without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); TEST_ASSERT( psa_hash_verify( &operation, hash, expected_size ) == PSA_ERROR_INVALID_ARGUMENT ); - /* psa_hash_finish with a smaller hash buffer than expected */ - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_finish( &operation, - hash, expected_size - 1, - &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL ); - - /* psa_hash_verify with a smaller hash digest than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, @@ -1644,6 +1624,53 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_update_bad_paths( ) +{ + unsigned char input[] = "input"; + psa_hash_operation_t operation; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* psa_hash_update without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_update( &operation, + input, sizeof( input ) ) == + PSA_ERROR_INVALID_ARGUMENT ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_finish_bad_paths( ) +{ + psa_algorithm_t alg = PSA_ALG_SHA_256; + unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 }; + size_t expected_size = PSA_HASH_SIZE( alg ); + psa_hash_operation_t operation; + size_t hash_len; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* psa_hash_finish without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_finish( &operation, + hash, expected_size, + &hash_len ) == PSA_ERROR_INVALID_ARGUMENT ); + + /* psa_hash_finish with a smaller hash buffer than expected */ + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_finish( &operation, + hash, expected_size - 1, + &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_setup( int key_type_arg, data_t *key, From e1f932ba4d1a6f54870d7151a6b1ec829d073b08 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Mon, 29 Oct 2018 13:34:37 +0200 Subject: [PATCH 0593/2197] Refactor hash multi part test Refactor test hash_multi_part to test various sizes when calling psa_hash_update. --- .../test_suite_psa_crypto_hash.function | 33 ++++++++++--------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 75878ef3c..14e6a9769 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -64,29 +64,32 @@ exit: void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) { psa_algorithm_t alg = alg_arg; - unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 }; + unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_hash_operation_t operation; - uint32_t halfway; + uint32_t len = 0; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + do + { + memset( actual_hash, 0, sizeof( actual_hash ) ); + TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - halfway = input->len / 2; - TEST_ASSERT( psa_hash_update( &operation, - input->x, - halfway ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x + halfway, - input->len - halfway ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input->x, len ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_update( &operation, + input->x + len, input->len - len ) == + PSA_SUCCESS ); - TEST_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) == PSA_SUCCESS ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); + + } while( len++ != input->len ); exit: mbedtls_psa_crypto_free( ); From f86548d674c83787f0cd7b12a656a7b9c62dfe57 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 1 Nov 2018 10:44:32 +0200 Subject: [PATCH 0594/2197] Add test hash_bad_order 1. New test for testing bad order of hash function calls. 2. Removed test hash_update_bad_paths since it's test scenario was moved to the new test. 3. Moved some scenarios from test hash_verify_bad_paths to the new test. --- tests/suites/test_suite_psa_crypto.data | 7 +-- tests/suites/test_suite_psa_crypto.function | 68 +++++++++++---------- 2 files changed, 40 insertions(+), 35 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 507ca9b43..45ce896fc 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -356,14 +356,13 @@ PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +PSA hash: bad order function calls +hash_bad_order: + PSA hash verify: bad paths depends_on:MBEDTLS_SHA256_C hash_verify_bad_paths: -PSA hash update: bad paths -depends_on:MBEDTLS_SHA256_C -hash_update_bad_paths: - PSA hash finish: bad paths depends_on:MBEDTLS_SHA256_C hash_finish_bad_paths: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3db6df5b8..a6ab78ede 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1567,6 +1567,43 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_bad_order( ) +{ + unsigned char input[] = ""; + /* SHA-256 hash of an empty string */ + unsigned char hash[] = { + 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, + 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, + 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; + size_t hash_len; + psa_hash_operation_t operation; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* psa_hash_update without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_update( &operation, + input, sizeof( input ) ) == + PSA_ERROR_INVALID_ARGUMENT ); + + /* psa_hash_verify without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_verify( &operation, + hash, sizeof( hash ) ) == + PSA_ERROR_INVALID_ARGUMENT ); + + /* psa_hash_finish without calling psa_hash_setup beforehand */ + memset( &operation, 0, sizeof( operation ) ); + TEST_ASSERT( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ) == + PSA_ERROR_INVALID_ARGUMENT ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_verify_bad_paths( ) { @@ -1587,12 +1624,6 @@ void hash_verify_bad_paths( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - /* psa_hash_verify without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_verify( &operation, - hash, expected_size ) == - PSA_ERROR_INVALID_ARGUMENT ); - /* psa_hash_verify with a smaller hash digest than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, @@ -1624,25 +1655,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void hash_update_bad_paths( ) -{ - unsigned char input[] = "input"; - psa_hash_operation_t operation; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - /* psa_hash_update without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_update( &operation, - input, sizeof( input ) ) == - PSA_ERROR_INVALID_ARGUMENT ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void hash_finish_bad_paths( ) { @@ -1654,12 +1666,6 @@ void hash_finish_bad_paths( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - /* psa_hash_finish without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_finish( &operation, - hash, expected_size, - &hash_len ) == PSA_ERROR_INVALID_ARGUMENT ); - /* psa_hash_finish with a smaller hash buffer than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_finish( &operation, From b2dd5ed1e62f932fb6750fe89c1cdc02b24163d6 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 1 Nov 2018 11:58:59 +0200 Subject: [PATCH 0595/2197] Rename test hash_finish_bad_paths to hash_finish_bad_args Test dependency moved to .function file. --- tests/suites/test_suite_psa_crypto.data | 5 ++--- tests/suites/test_suite_psa_crypto.function | 6 +++--- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 45ce896fc..071d6f39f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -363,9 +363,8 @@ PSA hash verify: bad paths depends_on:MBEDTLS_SHA256_C hash_verify_bad_paths: -PSA hash finish: bad paths -depends_on:MBEDTLS_SHA256_C -hash_finish_bad_paths: +PSA hash finish: bad arguments +hash_finish_bad_args: PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a6ab78ede..305e95da7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1655,11 +1655,11 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void hash_finish_bad_paths( ) +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ +void hash_finish_bad_args( ) { psa_algorithm_t alg = PSA_ALG_SHA_256; - unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 }; + unsigned char hash[PSA_HASH_MAX_SIZE]; size_t expected_size = PSA_HASH_SIZE( alg ); psa_hash_operation_t operation; size_t hash_len; From 27e6945f4303c13bd2ff3a789218443cf00b63af Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 1 Nov 2018 14:26:34 +0200 Subject: [PATCH 0596/2197] Refactor and rename test hash_verify_bad_paths to hash_verify_bad_args 1. Updated test scenarios. 2. Renamed test and updated test description. 3. Some documentation updates. 4. Test dependency moved to .function file. --- tests/suites/test_suite_psa_crypto.data | 5 ++- tests/suites/test_suite_psa_crypto.function | 39 +++++++-------------- 2 files changed, 15 insertions(+), 29 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 071d6f39f..9f4887a1f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -359,9 +359,8 @@ hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA hash: bad order function calls hash_bad_order: -PSA hash verify: bad paths -depends_on:MBEDTLS_SHA256_C -hash_verify_bad_paths: +PSA hash verify: bad arguments +hash_verify_bad_args: PSA hash finish: bad arguments hash_finish_bad_args: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 305e95da7..d128c742a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1604,50 +1604,37 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void hash_verify_bad_paths( ) +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ +void hash_verify_bad_args( ) { psa_algorithm_t alg = PSA_ALG_SHA_256; - unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 }; + /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb) + * appended to it */ + unsigned char hash[] = { + 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, + 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, + 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb }; size_t expected_size = PSA_HASH_SIZE( alg ); - unsigned char input[] = "input"; psa_hash_operation_t operation; - /* SHA-256 hash digest of the string 'input' with 2 extra bytes appended at - * the end */ - unsigned char extra_length_digest[] = - { - 0x3a, 0x28, 0x92, 0x32, 0x39, 0x9a, 0x20, 0x75, 0x09, 0xf4, 0xfa, 0x9d, - 0x70, 0xfa, 0x6f, 0x68, 0x81, 0x7c, 0xe6, 0xa6, 0x6f, 0x21, 0x50, 0xff, - 0x08, 0x23, 0x36, 0x31, 0x1f, 0x4e, 0x55, 0xfe, 0xaa, 0xbb - }; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - /* psa_hash_verify with a smaller hash digest than expected */ + /* psa_hash_verify with a smaller hash than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, hash, expected_size - 1 ) == PSA_ERROR_INVALID_SIGNATURE ); - /* psa_hash_verify with a non-matching hash digest */ + /* psa_hash_verify with a non-matching hash */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, - hash, expected_size ) == + hash + 1, expected_size ) == PSA_ERROR_INVALID_SIGNATURE ); - /* psa_hash_verify with a hash digest longer than expected, where the first - * 32 bytes match the expected digest but 2 extra bytes are appended at the - * end of the digest */ - memset( hash, 0, sizeof( hash ) ); + /* psa_hash_verify with a hash longer than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, - extra_length_digest, - sizeof( extra_length_digest ) ) == + hash, sizeof( hash ) ) == PSA_ERROR_INVALID_SIGNATURE ); exit: From 392952df933b6733bc4efe6ca97625ad94e5dcf3 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Thu, 1 Nov 2018 14:27:19 +0200 Subject: [PATCH 0597/2197] Fix test dependencies lists --- tests/suites/test_suite_psa_crypto.data | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4db358e84..dc614b3c6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -743,10 +743,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid key type, signing with a public key -sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid algorithm for ECC key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw @@ -822,8 +823,8 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA verify: invalid algorithm for ECC key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"":"":PSA_ERROR_INVALID_ARGUMENT +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 2d65cf0b16e62d6e074c3535ebf19b1a856b7446 Mon Sep 17 00:00:00 2001 From: Mohammad AboMokh Date: Tue, 6 Nov 2018 11:56:45 +0200 Subject: [PATCH 0598/2197] Fix sign test dependencies and used algorithm --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index dc614b3c6..a1c2311d7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -747,8 +747,8 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid algorithm for ECC key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 8739da830ed643ab7cfad61b6f6941f79eab9d46 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Nov 2018 15:15:05 +0100 Subject: [PATCH 0599/2197] Fix test data in an old format Update some test data from the asymmetric_apis_coverage branch that wasn't updated to the new format from the psa-asymmetric-format-raw_private_key branch. --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 13892cc2d..ecd21493a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1068,7 +1068,7 @@ sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818 PSA sign: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1144,7 +1144,7 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"305 PSA verify: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 28a38e6e38195012317b4307569824154fdce650 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 7 Nov 2018 16:18:24 +0200 Subject: [PATCH 0600/2197] Add tests that checks key management corner cases - import a key into a non empty key slot. - export a key from invalid slot number. --- tests/suites/test_suite_psa_crypto.data | 13 ++++++ tests/suites/test_suite_psa_crypto.function | 44 +++++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ecd21493a..64cc16c1e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -31,6 +31,19 @@ PSA import/export AES-256 depends_on:MBEDTLS_AES_C import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +PSA import to non empty key slot +depends_on:MBEDTLS_AES_C +import_key_nonempty_slot + +PSA export empty key slot +export_invalid_slot:1:PSA_ERROR_EMPTY_SLOT + +PSA export out of range key slot - lower bound +export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT + +PSA export out of range key slot - upper bound +export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT + PSA import AES: bad key size depends_on:MBEDTLS_AES_C import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c46da9648..001869e3e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1003,6 +1003,50 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void import_key_nonempty_slot( ) +{ + int slot = 1; + psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA; + psa_status_t status; + const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 }; + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data, sizeof( data ) ) == PSA_SUCCESS ); + + /* Import the key again */ + status = psa_import_key( slot, type, data, sizeof( data ) ); + TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void export_invalid_slot( int slot, int expected_export_status_arg ) +{ + psa_status_t status; + unsigned char *exported = NULL; + size_t export_size = 0; + size_t exported_length = INVALID_EXPORT_LENGTH; + psa_status_t expected_export_status = expected_export_status_arg; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Export the key */ + status = psa_export_key( slot, + exported, export_size, + &exported_length ); + TEST_ASSERT( status == expected_export_status ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_export_public_key( data_t *data, int type_arg, From 3455009116d0fa9f0169fcad55523f54f5015b61 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 7 Nov 2018 16:19:34 +0200 Subject: [PATCH 0601/2197] Add tests that check export failures after illegal behavior - export a key after import key failure. - export a key after the key was destroyed. - export a key after set key policy but no key material creation. --- tests/suites/test_suite_psa_crypto.data | 27 ++++++ tests/suites/test_suite_psa_crypto.function | 99 +++++++++++++++++++++ 2 files changed, 126 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 64cc16c1e..ae21e677e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -44,6 +44,33 @@ export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT PSA export out of range key slot - upper bound export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT +PSA export a slot where there was some activity but no key material creation +export_with_no_key_activity + +PSA export a slot after a failed import of a AES key +depends_on:MBEDTLS_AES_C +export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT + +PSA export a slot after a failed import of a RSA key +depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C +export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT + +PSA export a slot after a failed import of an EC keypair: public key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT + +PSA export RSA public key from a slot where there was an import followed by destroy. +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY + +PSA export AES key from a slot where there was an import followed by destroy. +depends_on:MBEDTLS_AES_C +export_after_destroy_key:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES + +PSA export EC key from a slot where there was an import followed by destroy. +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +export_after_destroy_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1) + PSA import AES: bad key size depends_on:MBEDTLS_AES_C import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 001869e3e..6e992939b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1047,6 +1047,105 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void export_with_no_key_activity( ) +{ + int slot = 1; + psa_algorithm_t alg = PSA_ALG_CTR; + psa_status_t status; + psa_key_policy_t policy; + unsigned char *exported = NULL; + size_t export_size = 0; + size_t exported_length = INVALID_EXPORT_LENGTH; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + /* Export the key */ + status = psa_export_key( slot, + exported, export_size, + &exported_length ); + TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void export_after_import_failure( data_t *data, int type_arg, + int expected_import_status_arg ) +{ + int slot = 1; + psa_key_type_t type = type_arg; + psa_status_t status; + unsigned char *exported = NULL; + size_t export_size = 0; + psa_status_t expected_import_status = expected_import_status_arg; + size_t exported_length = INVALID_EXPORT_LENGTH; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Import the key - expect failure */ + status = psa_import_key( slot, type, + data->x, data->len ); + TEST_ASSERT( status == expected_import_status ); + + /* Export the key */ + status = psa_export_key( slot, + exported, export_size, + &exported_length ); + TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void export_after_destroy_key( data_t *data, int type_arg ) +{ + int slot = 1; + psa_key_type_t type = type_arg; + psa_status_t status; + psa_key_policy_t policy; + psa_algorithm_t alg = PSA_ALG_CTR; + unsigned char *exported = NULL; + size_t export_size = 0; + size_t exported_length = INVALID_EXPORT_LENGTH; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + export_size = (ptrdiff_t) data->len; + ASSERT_ALLOC( exported, export_size ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_export_key( slot, exported, export_size, + &exported_length ) == PSA_SUCCESS ); + + /* Destroy the key */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + + /* Export the key */ + status = psa_export_key( slot, exported, export_size, + &exported_length ); + TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + +exit: + mbedtls_free( exported ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_export_public_key( data_t *data, int type_arg, From ce50007f90d4936ce4bcac9c37de3e6a39a11e72 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Wed, 7 Nov 2018 16:20:07 +0200 Subject: [PATCH 0602/2197] Add tests of using cipher in bad state cases - cipher setup after import key failure. - cipher setup after set key policy but no key material creation. --- tests/suites/test_suite_psa_crypto.data | 7 +++ tests/suites/test_suite_psa_crypto.function | 51 +++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ae21e677e..3d93ee4e6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -47,6 +47,9 @@ export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT PSA export a slot where there was some activity but no key material creation export_with_no_key_activity +PSA setup cipher where there was some activity on key but no key material creation +cipher_with_no_key_activity + PSA export a slot after a failed import of a AES key depends_on:MBEDTLS_AES_C export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT @@ -59,6 +62,10 @@ PSA export a slot after a failed import of an EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT +PSA setup cipher after a failed import of a AES key +depends_on:MBEDTLS_AES_C +cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT + PSA export RSA public key from a slot where there was an import followed by destroy. depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6e992939b..14caa9ddf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1075,6 +1075,30 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_with_no_key_activity( ) +{ + int slot = 1; + psa_status_t status; + psa_key_policy_t policy; + psa_cipher_operation_t operation; + int exercise_alg = PSA_ALG_CTR; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg ); + TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + +exit: + psa_cipher_abort( &operation ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void export_after_import_failure( data_t *data, int type_arg, int expected_import_status_arg ) @@ -1105,6 +1129,33 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_after_import_failure( data_t *data, int type_arg, + int expected_import_status_arg ) +{ + int slot = 1; + psa_cipher_operation_t operation; + psa_key_type_t type = type_arg; + psa_status_t status; + psa_status_t expected_import_status = expected_import_status_arg; + int exercise_alg = PSA_ALG_CTR; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + /* Import the key - expect failure */ + status = psa_import_key( slot, type, + data->x, data->len ); + TEST_ASSERT( status == expected_import_status ); + + status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg ); + TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + +exit: + psa_cipher_abort( &operation ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void export_after_destroy_key( data_t *data, int type_arg ) { From 728944718a07ed31fc62bc27e9ba061e9da0edc1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 8 Nov 2018 10:00:08 +0100 Subject: [PATCH 0603/2197] Fix a test case with incorrect dependency Simplify the test case "PSA export a slot after a failed import of an EC keypair": use an invalid private value for the specified curve. Now the dependencies match the test data, so this fixes curves.pl. --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d93ee4e6..4a9714a27 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -58,9 +58,9 @@ PSA export a slot after a failed import of a RSA key depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT -PSA export a slot after a failed import of an EC keypair: public key +PSA export a slot after a failed import of an EC keypair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT +export_after_import_failure:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT PSA setup cipher after a failed import of a AES key depends_on:MBEDTLS_AES_C From 594a330eb7c344a54407956f3175ea97ee6f973b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 17:07:22 +0100 Subject: [PATCH 0604/2197] psa: test: Fix truncation of message by snprintf We had only allocated 40 bytes for printing into, but we wanted to print 46 bytes. Update the buffer to be 47 bytes, which is large enough to hold what we want to print plus a terminating null byte. --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 14caa9ddf..d2875ae34 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -631,7 +631,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, else #endif /* MBEDTLS_ECP_C */ { - char message[40]; + char message[47]; mbedtls_snprintf( message, sizeof( message ), "No sanity check for public key type=0x%08lx", (unsigned long) type ); From aac64a2839e32ec3e74590de3f958b4f3747e5b9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Nov 2018 18:37:42 +0100 Subject: [PATCH 0605/2197] Remove support for non-byte-aligned RSA keys Remove the need for an extra function mbedtls_rsa_get_bitlen. Use mbedtls_rsa_get_len, which is only correct for keys whose size is a multiple of 8. Key sizes that aren't a multiple of 8 are extremely rarely used, so in practice this is not a problematic limitation. --- library/psa_crypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 87f9147a6..dc6f2da49 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -579,7 +579,11 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, else { mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk ); - size_t bits = mbedtls_rsa_get_bitlen( rsa ); + /* The size of an RSA key doesn't have to be a multiple of 8. + * Mbed TLS supports non-byte-aligned key sizes, but not well. + * For example, mbedtls_rsa_get_len() returns the key size in + * bytes, not in bits. */ + size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); *p_rsa = rsa; @@ -799,7 +803,7 @@ static size_t psa_get_key_bits( const key_slot_t *slot ) return( slot->data.raw.bytes * 8 ); #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) - return( mbedtls_rsa_get_bitlen( slot->data.rsa ) ); + return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) ); #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) From 86a440b63864d61ba475548291a0bd4945ad2a22 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Nov 2018 18:39:40 +0100 Subject: [PATCH 0606/2197] Reject non-byte-aligned RSA keys On key import and key generation, for RSA, reject key sizes that are not a multiple of 8. Such keys are not well-supported in Mbed TLS and are hardly ever used in practice. The previous commit removed support for non-byte-aligned keys at the PSA level. This commit actively rejects such keys and adds corresponding tests (test keys generated with "openssl genrsa"). --- library/psa_crypto.c | 30 +++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 40 ++++++++++++++++++++++--- 2 files changed, 66 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dc6f2da49..4584f6bde 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -571,6 +571,28 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, } #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) +/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes + * that are not a multiple of 8) well. For example, there is only + * mbedtls_rsa_get_len(), which returns a number of bytes, and no + * way to return the exact bit size of a key. + * To keep things simple, reject non-byte-aligned key sizes. */ +static psa_status_t psa_check_rsa_key_byte_aligned( + const mbedtls_rsa_context *rsa ) +{ + mbedtls_mpi n; + psa_status_t status; + mbedtls_mpi_init( &n ); + status = mbedtls_to_psa_error( + mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) ); + if( status == PSA_SUCCESS ) + { + if( mbedtls_mpi_bitlen( &n ) % 8 != 0 ) + status = PSA_ERROR_NOT_SUPPORTED; + } + mbedtls_mpi_free( &n ); + return( status ); +} + static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, mbedtls_rsa_context **p_rsa ) { @@ -584,8 +606,12 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, * For example, mbedtls_rsa_get_len() returns the key size in * bytes, not in bits. */ size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); + psa_status_t status; if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); + status = psa_check_rsa_key_byte_aligned( rsa ); + if( status != PSA_SUCCESS ) + return( status ); *p_rsa = rsa; return( PSA_SUCCESS ); } @@ -3556,6 +3582,10 @@ psa_status_t psa_generate_key( psa_key_slot_t key, int exponent = 65537; if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); + /* Accept only byte-aligned keys, for the same reasons as + * in psa_import_rsa_key(). */ + if( bits % 8 != 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); if( extra != NULL ) { const psa_generate_key_extra_rsa *p = extra; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4a9714a27..229fa81c5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -150,10 +150,6 @@ PSA import RSA keypair: valid key but EC depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT -PSA import/export RSA keypair: good, 1023-bit -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1 - PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" @@ -170,6 +166,30 @@ PSA import/export-public RSA keypair: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +PSA import/export RSA public key: 1016-bit (good) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import_export:"30819e300d06092a864886f70d010101050003818c0030818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 + +PSA import/export RSA keypair: 1016-bit (good) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 + +PSA import RSA public key: 1022-bit (not supported) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import:"30819e300d06092a864886f70d010101050003818c0030818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED + +PSA import RSA keypair: 1022-bit (not supported) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED + +PSA import RSA public key: 1023-bit (not supported) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import:"30819e300d06092a864886f70d010101050003818c003081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED + +PSA import RSA keypair: 1023-bit (not supported) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED + PSA import/export EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 @@ -1562,6 +1582,10 @@ PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS + PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS @@ -1574,6 +1598,14 @@ PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS +PSA generate key: RSA, 1022 bits: not supported +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED + +PSA generate key: RSA, 1023 bits: not supported +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED + PSA generate key: RSA, maximum size exceeded depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED From 64a43ce48e4885f329eecc0bfd8efa59777bd5a4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Nov 2018 18:42:28 +0100 Subject: [PATCH 0607/2197] Revert "fixup! New function mbedtls_rsa_get_bitlen" This reverts commit c939f6fcba1cda328c4a21b7c8df596690e36add. --- tests/suites/test_suite_pk.function | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 916b3c54d..a1d9b0b7a 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -16,7 +16,6 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); static int pk_genkey( mbedtls_pk_context *pk, int size ) { ((void) pk); - ((void) size); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) From e19b7d54d052baee9c5bd24731ff3c252ad80ebf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Nov 2018 18:42:43 +0100 Subject: [PATCH 0608/2197] Revert "New function mbedtls_rsa_get_bitlen" This reverts commit 1d26709dbd4a4f8ef9ea0ff58f2644a4bc3fc49c. --- include/mbedtls/rsa.h | 10 ------- library/pk_wrap.c | 2 +- library/rsa.c | 9 +------ tests/suites/test_suite_pk.data | 11 +------- tests/suites/test_suite_pk.function | 39 +++++----------------------- tests/suites/test_suite_rsa.function | 27 +++++++------------ 6 files changed, 18 insertions(+), 80 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 31a8db757..6eea5af2f 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -403,16 +403,6 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, */ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); -/** - * \brief This function retrieves the length of the RSA modulus in bits. - * - * \param ctx The initialized RSA context. - * - * \return The length of the RSA modulus in bits. - * - */ -size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx ); - /** * \brief This function generates an RSA keypair. * diff --git a/library/pk_wrap.c b/library/pk_wrap.c index f9b4c659c..2c7d2d79b 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -66,7 +66,7 @@ static int rsa_can_do( mbedtls_pk_type_t type ) static size_t rsa_get_bitlen( const void *ctx ) { const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx; - return( mbedtls_rsa_get_bitlen( rsa ) ); + return( 8 * mbedtls_rsa_get_len( rsa ) ); } static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, diff --git a/library/rsa.c b/library/rsa.c index 499d14540..56490f93e 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -480,19 +480,12 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id /* * Get length in bytes of RSA modulus */ + size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) { return( ctx->len ); } -/* - * Get length in bits of RSA modulus - */ -size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx ) -{ - return( mbedtls_mpi_bitlen( &ctx->N ) ); -} - #if defined(MBEDTLS_GENPRIME) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 77e3bd887..a066bd93e 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -1,16 +1,7 @@ -PK utils: RSA, 512 bits +PK utils: RSA depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_utils:MBEDTLS_PK_RSA:512:64:"RSA" -## RSA key generation only supports even bit sizes -#PK utils: RSA, 511 bits -#depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -#pk_utils:MBEDTLS_PK_RSA:511:64:"RSA" -# -PK utils: RSA, 510 bits -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_utils:MBEDTLS_PK_RSA:510:64:"RSA" - PK utils: ECKEY depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_utils:MBEDTLS_PK_ECKEY:192:24:"EC" diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index a1d9b0b7a..9005ddb31 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -13,18 +13,13 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); #define RSA_KEY_SIZE 512 #define RSA_KEY_LEN 64 -static int pk_genkey( mbedtls_pk_context *pk, int size ) +static int pk_genkey( mbedtls_pk_context *pk ) { ((void) pk); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) - { - if( size == 0 ) - size = RSA_KEY_SIZE; - return( mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), - rnd_std_rand, NULL, size, 3 ) ); - } + return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 ); #endif #if defined(MBEDTLS_ECP_C) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY || @@ -32,30 +27,8 @@ static int pk_genkey( mbedtls_pk_context *pk, int size ) mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA ) { int ret; - mbedtls_ecp_group_id curve; - switch( size ) - { - case 0: - case 192: - curve = MBEDTLS_ECP_DP_SECP192R1; - break; - case 224: - curve = MBEDTLS_ECP_DP_SECP224R1; - break; - case 256: - curve = MBEDTLS_ECP_DP_SECP256R1; - break; - case 384: - curve = MBEDTLS_ECP_DP_SECP384R1; - break; - case 521: - curve = MBEDTLS_ECP_DP_SECP521R1; - break; - default: - return( -1 ); - } if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp, - curve ) ) != 0 ) + MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 ) return( ret ); return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d, @@ -104,7 +77,7 @@ void pk_utils( int type, int size, int len, char * name ) mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk, size ) == 0 ); + TEST_ASSERT( pk_genkey( &pk ) == 0 ); TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type ); TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) ); @@ -279,7 +252,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) memset( sig, 0, sizeof sig ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk, 0 ) == 0 ); + TEST_ASSERT( pk_genkey( &pk ) == 0 ); TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL ) == sign_ret ); @@ -474,7 +447,7 @@ void pk_rsa_alt( ) /* Initiliaze PK RSA context with random key */ TEST_ASSERT( mbedtls_pk_setup( &rsa, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 ); + TEST_ASSERT( pk_genkey( &rsa ) == 0 ); /* Extract key to the raw rsa context */ TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 46c8bf96e..c43ef2050 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -44,8 +44,7 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); @@ -87,8 +86,7 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -129,8 +127,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); @@ -195,8 +192,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -260,8 +256,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -299,8 +294,7 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -348,8 +342,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); @@ -388,8 +381,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); @@ -448,8 +440,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 ); + TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); From 92587dbf2b9c03f7fac62e6b1631e3c24d85ae0c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:12:42 +0200 Subject: [PATCH 0609/2197] Write missing bit of the documentation of psa_key_derivation --- include/psa/crypto.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 732bc2fad..6efaa0242 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3040,7 +3040,10 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * and \p label is the info string used in the "expand" step. * * \param[in,out] generator The generator object to set up. It must - * have been initialized to . + * have been initialized to all-bits-zero, + * a logical zero (`{0}`), + * \c PSA_CRYPTO_GENERATOR_INIT or + * psa_crypto_generator_init(). * \param key Slot containing the secret key to use. * \param alg The key derivation algorithm to compute * (\c PSA_ALG_XXX value such that From e8f0e3dc3c1c97cdb0d850118aa9a29a2dad9747 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 11:52:10 +0200 Subject: [PATCH 0610/2197] New algorithm category: key selection A key selection algorithm is similar to a key derivation algorithm in that it takes a secret input and produces a secret output stream. However, unlike key derivation algorithms, there is no expectation that the input cannot be reconstructed from the output. Key selection algorithms are exclusively meant to be used on the output of a key agreement algorithm to select chunks of the shared secret. --- include/psa/crypto.h | 35 ++++++++- tests/suites/test_suite_psa_crypto.data | 6 +- .../test_suite_psa_crypto_metadata.data | 2 + .../test_suite_psa_crypto_metadata.function | 71 ++++++++++++++----- 4 files changed, 94 insertions(+), 20 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6efaa0242..f344e1467 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -603,6 +603,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000) #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000) +#define PSA_ALG_CATEGORY_KEY_SELECTION ((psa_algorithm_t)0x31000000) #define PSA_ALG_IS_VENDOR_DEFINED(alg) \ (((alg) & PSA_ALG_VENDOR_FLAG) != 0) @@ -674,6 +675,7 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) +#define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000) /** Whether the specified algorithm is a key agreement algorithm. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). @@ -683,7 +685,8 @@ typedef uint32_t psa_algorithm_t; * algorithm identifier. */ #define PSA_ALG_IS_KEY_AGREEMENT(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) + (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \ + PSA_ALG_CATEGORY_KEY_AGREEMENT) /** Whether the specified algorithm is a key derivation algorithm. * @@ -696,6 +699,17 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_IS_KEY_DERIVATION(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) +/** Whether the specified algorithm is a key selection algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key selection algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_SELECTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) + #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) @@ -1185,6 +1199,25 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff) + +/** Use a shared secret as is. + * + * Specify this algorithm as the selection component of a key agreement + * to use the raw result of the key agreement as key material. + * + * \warning The raw result of a key agreement algorithm such as finite-field + * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should + * not be used directly as key material. It can however be used as the secret + * input in a key derivation algorithm. + */ +#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) + +#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ + (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK) /**@}*/ /** \defgroup key_management Key management diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 229fa81c5..5759a15df 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1377,7 +1377,11 @@ PSA key derivation: bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: not a key derivation algorithm +PSA key derivation: not a key derivation algorithm (selection) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_SELECT_RAW:"":"":42:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: not a key derivation algorithm (HMAC) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index c9df6c74e..09544f4fb 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -242,6 +242,8 @@ Key derivation: HKDF using SHA-256 depends_on:MBEDTLS_SHA256_C key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF +Key selection: raw +key_selection_algorithm:PSA_ALG_SELECT_RAW:0 Key type: raw data key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 215110a32..4faa4341e 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -107,6 +107,7 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); /* Length */ @@ -127,6 +128,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); /* Tag length */ @@ -166,6 +168,7 @@ void hash_algorithm( int alg_arg, int length_arg ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, 0 ); /* Dependent algorithms */ @@ -262,6 +265,7 @@ void cipher_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -313,6 +317,7 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -331,24 +336,7 @@ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_agreement_algorithm( int alg_arg, int classification_flags ) -{ - psa_algorithm_t alg = alg_arg; - - /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -367,10 +355,57 @@ void key_derivation_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ +/* BEGIN_CASE */ +void key_selection_algorithm( int alg_arg, int classification_flags ) +{ + psa_algorithm_t alg = alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_SELECTION( alg ) ); + algorithm_classification( alg, classification_flags ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_agreement_algorithm( int alg_arg, int classification_flags, + int post_alg_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_algorithm_t actual_post_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); + psa_algorithm_t expected_post_alg = post_alg_arg; + + /* Algorithm classification */ + TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); + TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); + algorithm_classification( alg, classification_flags ); + + /* Shared secret derivation properties */ + TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( actual_post_alg ) || + PSA_ALG_IS_KEY_SELECTION( actual_post_alg ) ); + TEST_ASSERT( actual_post_alg == expected_post_alg ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_type( int type_arg, int classification_flags ) { From 93098fd996c466bc863bbb3109a6a5b6bf828cc1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 11:54:43 +0200 Subject: [PATCH 0611/2197] Key agreement: macros for finite-field Diffie-Hellman, ECDH Declare macros to represent key agreement algorithms. --- include/psa/crypto.h | 67 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.data | 17 +++++ .../test_suite_psa_crypto_metadata.function | 14 ++++ 3 files changed, 98 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f344e1467..515e65f3d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1218,6 +1218,73 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK) + +#define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000) +/** The Diffie-Hellman key agreement algorithm. + * + * This algorithm combines the finite-field Diffie-Hellman-Merkle key + * agreement to produce a shared secret from a private key and the peer's + * public key, with a key selection or key derivation algorithm to produce + * one or more shared keys and other shared cryptographic material. + * + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) + * or a key selection algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_SELECTION(\p hash_alg) is true). + * + * \return The Diffie-Hellman algorithm with the specified + * selection or derivation algorithm. + */ +#define PSA_ALG_FFDH(kdf_alg) \ + (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) +/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. + * + * This includes every supported key selection or key agreement algorithm + * for the output of the Diffie-Hellman calculation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_FFDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE) + +#define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000) +/** The elliptic curve Diffie-Hellman key agreement algorithm. + * + * This algorithm combines the elliptic curve Diffie-Hellman key + * agreement to produce a shared secret from a private key and the peer's + * public key, with a key selection or key derivation algorithm to produce + * one or more shared keys and other shared cryptographic material. + * + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) + * or a selection algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). + * + * \return The Diffie-Hellman algorithm with the specified + * selection or derivation algorithm. + */ +#define PSA_ALG_ECDH(kdf_alg) \ + (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) +/** Whether the specified algorithm is an elliptic curve Diffie-Hellman + * algorithm. + * + * This includes every supported key selection or key agreement algorithm + * for the output of the Diffie-Hellman calculation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm, + * 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_ECDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) + /**@}*/ /** \defgroup key_management Key management diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 09544f4fb..b61d8e1aa 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -244,6 +244,23 @@ key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF Key selection: raw key_selection_algorithm:PSA_ALG_SELECT_RAW:0 + +Key agreement: FFDH, raw output +depends_on:MBEDTLS_DHM_C +key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_SELECT_RAW ):ALG_IS_FFDH:PSA_ALG_SELECT_RAW + +Key agreement: FFDH, HKDF using SHA-256 +depends_on:MBEDTLS_DHM_C +key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) + +Key agreement: ECDH, raw output +depends_on:MBEDTLS_ECDH_C +key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ):ALG_IS_ECDH:PSA_ALG_SELECT_RAW + +Key agreement: ECDH, HKDF using SHA-256 +depends_on:MBEDTLS_ECDH_C +key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) + Key type: raw data key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 4faa4341e..a8316c40d 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -31,6 +31,8 @@ #define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 ) #define ALG_IS_RSA_OAEP ( 1u << 14 ) #define ALG_IS_HKDF ( 1u << 15 ) +#define ALG_IS_FFDH ( 1u << 16 ) +#define ALG_IS_ECDH ( 1u << 17 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -357,6 +359,12 @@ void key_derivation_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); + + /* Check combinations with key agreements */ + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) ); + TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg ); + TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg ); } /* END_CASE */ @@ -376,6 +384,12 @@ void key_selection_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); TEST_ASSERT( PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); + + /* Check combinations with key agreements */ + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) ); + TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg ); + TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg ); } /* END_CASE */ From cce18aec4ca3d68c53232c58a0b6d8a05ad956c4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:03:52 +0200 Subject: [PATCH 0612/2197] Split off psa_key_derivation_internal Refactor psa_key_derivation to prepare for key agreement algorithms which need to plug into key derivation after argument validation. --- library/psa_crypto.c | 100 ++++++++++++++++++++++++++++--------------- 1 file changed, 65 insertions(+), 35 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4584f6bde..b99c808ca 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3432,7 +3432,8 @@ exit: /* Set up an HKDF-based generator. This is exactly the extract phase * of the HKDF algorithm. */ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, - key_slot_t *slot, + const uint8_t *secret, + size_t secret_length, psa_algorithm_t hash_alg, const uint8_t *salt, size_t salt_length, @@ -3445,9 +3446,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, PSA_ALG_HMAC_GET_HASH( hash_alg ) ); if( status != PSA_SUCCESS ) return( status ); - status = psa_hash_update( &hkdf->hmac.hash_ctx, - slot->data.raw.data, - slot->data.raw.bytes ); + status = psa_hash_update( &hkdf->hmac.hash_ctx, secret, secret_length ); if( status != PSA_SUCCESS ) return( status ); status = psa_hmac_finish_internal( &hkdf->hmac, @@ -3468,6 +3467,51 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, return( PSA_SUCCESS ); } +static psa_status_t psa_key_derivation_internal( + psa_crypto_generator_t *generator, + const uint8_t *secret, size_t secret_length, + psa_algorithm_t alg, + const uint8_t *salt, size_t salt_length, + const uint8_t *label, size_t label_length, + size_t capacity ) +{ + psa_status_t status; + size_t max_capacity; + + /* Set generator->alg even on failure so that abort knows what to do. */ + generator->alg = alg; + +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HKDF( alg ) ) + { + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); + size_t hash_size = PSA_HASH_SIZE( hash_alg ); + if( hash_size == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); + max_capacity = 255 * hash_size; + status = psa_generator_hkdf_setup( &generator->ctx.hkdf, + secret, secret_length, + hash_alg, + salt, salt_length, + label, label_length ); + } + else +#endif + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + + if( status != PSA_SUCCESS ) + return( status ); + + if( capacity <= max_capacity ) + generator->capacity = capacity; + else + return( PSA_ERROR_INVALID_ARGUMENT ); + + return( PSA_SUCCESS ); +} + psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, psa_key_slot_t key, psa_algorithm_t alg, @@ -3483,41 +3527,27 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, if( generator->alg != 0 ) return( PSA_ERROR_BAD_STATE ); - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg ); - if( status != PSA_SUCCESS ) - return( status ); - if( slot->type != PSA_KEY_TYPE_DERIVE ) - return( PSA_ERROR_INVALID_ARGUMENT ); - + /* Make sure that alg is a key derivation algorithm. This prevents + * key selection algorithms, which psa_key_derivation_internal + * accepts for the sake of key agreement. */ if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); -#if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HKDF( alg ) ) - { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); - size_t hash_size = PSA_HASH_SIZE( hash_alg ); - if( hash_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( capacity > 255 * hash_size ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_generator_hkdf_setup( &generator->ctx.hkdf, - slot, - hash_alg, - salt, salt_length, - label, label_length ); - } - else -#endif - { - return( PSA_ERROR_NOT_SUPPORTED ); - } + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg ); + if( status != PSA_SUCCESS ) + return( status ); - /* Set generator->alg even on failure so that abort knows what to do. */ - generator->alg = alg; - if( status == PSA_SUCCESS ) - generator->capacity = capacity; - else + if( slot->type != PSA_KEY_TYPE_DERIVE ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_key_derivation_internal( generator, + slot->data.raw.data, + slot->data.raw.bytes, + alg, + salt, salt_length, + label, label_length, + capacity ); + if( status != PSA_SUCCESS ) psa_generator_abort( generator ); return( status ); } From 751d965dfcd518d90e74ccaa22f6480f73bca990 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:05:44 +0200 Subject: [PATCH 0613/2197] Implement PSA_ALG_SELECT_RAW --- library/psa_crypto.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b99c808ca..202552391 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3241,6 +3241,16 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) * nothing to do. */ } else + if( generator->alg == PSA_ALG_SELECT_RAW ) + { + if( generator->ctx.buffer.data != NULL ) + { + mbedtls_zeroize( generator->ctx.buffer.data, + generator->ctx.buffer.size ); + mbedtls_free( generator->ctx.buffer.data ); + } + } + else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( generator->alg ) ) { @@ -3358,6 +3368,14 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, } generator->capacity -= output_length; + if( generator->alg == PSA_ALG_SELECT_RAW ) + { + size_t offset = + generator->ctx.buffer.size - generator->capacity - output_length; + memcpy( output, generator->ctx.buffer.data + offset, output_length ); + status = PSA_SUCCESS; + } + else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( generator->alg ) ) { @@ -3481,6 +3499,21 @@ static psa_status_t psa_key_derivation_internal( /* Set generator->alg even on failure so that abort knows what to do. */ generator->alg = alg; + if( alg == PSA_ALG_SELECT_RAW ) + { + if( salt_length != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( label_length != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); + if( generator->ctx.buffer.data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( generator->ctx.buffer.data, secret, secret_length ); + generator->ctx.buffer.size = secret_length; + max_capacity = secret_length; + status = PSA_SUCCESS; + } + else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( alg ) ) { From 8feb3a886d8427aa6f541b1f389360a9f972f095 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:06:11 +0200 Subject: [PATCH 0614/2197] Support key derivation with non-predefined capacity psa_key_derivation requires the caller to specify a maximum capacity. This commit adds a special value that indicates that the maximum capacity should be the maximum supported by the algorithm. This is currently meant only for selection algorithms used on the shared secret produced by a key agreement. --- include/psa/crypto.h | 9 +++++++++ library/psa_crypto.c | 2 ++ 2 files changed, 11 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 515e65f3d..8059ab9e2 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3122,6 +3122,15 @@ psa_status_t psa_generator_import_key(psa_key_slot_t key, */ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); +/** Use the maximum possible capacity for a generator. + * + * Use this value as the capacity argument when setting up a generator + * to indicate that the generator should have the maximum possible capacity. + * The value of the maximum possible capacity depends on the generator + * algorithm. + */ +#define PSA_GENERATOR_UNBRIDLED_CAPACITY ((size_t)(-1)) + /**@}*/ /** \defgroup derivation Key derivation diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 202552391..3c1cec930 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3539,6 +3539,8 @@ static psa_status_t psa_key_derivation_internal( if( capacity <= max_capacity ) generator->capacity = capacity; + else if( capacity == PSA_GENERATOR_UNBRIDLED_CAPACITY ) + generator->capacity = max_capacity; else return( PSA_ERROR_INVALID_ARGUMENT ); From 01d718cee89bfd057af43d4ff95e80e3acf9b372 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:01:02 +0200 Subject: [PATCH 0615/2197] New API function: psa_key_agreement Set up a generator from a key agreement. --- include/psa/crypto.h | 40 ++++++ library/psa_crypto.c | 60 +++++++++ tests/suites/test_suite_psa_crypto.data | 20 +++ tests/suites/test_suite_psa_crypto.function | 136 ++++++++++++++++++++ 4 files changed, 256 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8059ab9e2..8fb641fdc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3191,6 +3191,46 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, size_t label_length, size_t capacity); +/** Set up a key agreement operation. + * + * A key agreement algorithm takes two inputs: a private key \p private_key + * a public key \p peer_key. + * The result of this function is a byte generator which can + * be used to produce keys and other cryptographic material. + * + * \param[in,out] generator The generator object to set up. It must + * have been initialized to all-bits-zero, + * a logical zero (`{0}`), + * \c PSA_CRYPTO_GENERATOR_INIT or + * psa_crypto_generator_init(). + * \param private_key Slot containing the private key to use. + * \param[in] peer_key Public key of the peer. + * \param peer_key_length Size of \p peer_key in bytes. + * \param alg The key agreement algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c private_key is not compatible with \c alg, + * or \p peer_key is not valid for \c alg or not compatible with + * \c private_key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, + psa_key_slot_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + psa_algorithm_t alg); + /**@}*/ /** \defgroup random Random generation diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3c1cec930..6f25d8b29 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3589,6 +3589,66 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, +/****************************************************************/ +/* Key agreement */ +/****************************************************************/ + +#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES + +static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, + key_slot_t *private_key, + const uint8_t *peer_key, + size_t peer_key_length, + psa_algorithm_t alg ) +{ + psa_status_t status; + uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; + size_t shared_secret_length = 0; + + /* Step 1: run the secret agreement algorithm to generate the shared + * secret. */ + switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ) ) + { + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + if( status != PSA_SUCCESS ) + goto exit; + + /* Step 2: set up the key derivation to generate key material from + * the shared secret. */ + status = psa_key_derivation_internal( generator, + shared_secret, shared_secret_length, + PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ), + NULL, 0, NULL, 0, + PSA_GENERATOR_UNBRIDLED_CAPACITY ); +exit: + mbedtls_zeroize( shared_secret, shared_secret_length ); + return( status ); +} + +psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, + psa_key_slot_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + psa_algorithm_t alg ) +{ + key_slot_t *slot; + psa_status_t status; + if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_key_from_slot( private_key, &slot, + PSA_KEY_USAGE_DERIVE, alg ); + if( status != PSA_SUCCESS ) + return( status ); + return( psa_key_agreement_internal( generator, + slot, + peer_key, peer_key_length, + alg ) ); +} + + + /****************************************************************/ /* Random generation */ /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5759a15df..d321e68ff 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -435,6 +435,18 @@ PSA key policy: derive, wrong algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) +PSA key policy: agreement, permitted +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) + +PSA key policy: agreement, not permitted +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) + +PSA key policy: agreement, wrong algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) + PSA key lifetime: set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE @@ -1525,6 +1537,14 @@ PSA key derivation: HKDF SHA-256, derive key, 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 +PSA key agreement setup: ECDH, unknown KDF +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED + +PSA key agreement setup: not a key agreement algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT + PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d2875ae34..b7b7c4c5d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -392,6 +392,51 @@ exit: return( 0 ); } +static int exercise_key_agreement_key( psa_key_slot_t key, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_type_t key_type; + psa_key_type_t public_key_type; + size_t key_bits; + uint8_t *public_key = NULL; + size_t public_key_length; + unsigned char output[1]; + int ok = 0; + + if( usage & PSA_KEY_USAGE_DERIVE ) + { + /* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ + TEST_ASSERT( psa_get_key_information( key, + &key_type, + &key_bits ) == PSA_SUCCESS ); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type ); + public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, + key_bits ); + public_key = mbedtls_calloc( 1, public_key_length ); + TEST_ASSERT( public_key != NULL ); + TEST_ASSERT( + psa_export_public_key( key, + public_key, public_key_length, + &public_key_length ) == PSA_SUCCESS ); + TEST_ASSERT( psa_key_agreement( &generator, + key, + public_key, public_key_length, + alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_read( &generator, + output, + sizeof( output ) ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + } + ok = 1; + +exit: + mbedtls_free( public_key ); + return( ok ); +} + static int is_oid_of_key_type( psa_key_type_t type, const uint8_t *oid, size_t oid_length ) { @@ -737,6 +782,8 @@ static int exercise_key( psa_key_slot_t slot, ok = exercise_asymmetric_encryption_key( slot, usage, alg ); else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) ok = exercise_key_derivation_key( slot, usage, alg ); + else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + ok = exercise_key_agreement_key( slot, usage, alg ); else { char message[40]; @@ -1271,6 +1318,7 @@ void import_and_exercise_key( data_t *data, PSA_KEY_USAGE_ENCRYPT : PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) : PSA_ALG_IS_KEY_DERIVATION( alg ) ? PSA_KEY_USAGE_DERIVE : + PSA_ALG_IS_KEY_AGREEMENT( alg ) ? PSA_KEY_USAGE_DERIVE : 0 ); psa_key_policy_t policy; psa_key_type_t got_type; @@ -1642,6 +1690,61 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void agreement_key_policy( int policy_usage, + int policy_alg, + int key_type_arg, + data_t *key_data, + int exercise_alg ) +{ + int key_slot = 1; + psa_key_policy_t policy; + psa_key_type_t key_type = key_type_arg; + psa_key_type_t public_key_type; + size_t key_bits; + uint8_t *public_key = NULL; + size_t public_key_length; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( key_slot, key_type, + key_data->x, key_data->len ) == PSA_SUCCESS ); + + /* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ + TEST_ASSERT( psa_get_key_information( key_slot, + &key_type, + &key_bits ) == PSA_SUCCESS ); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type ); + public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); + public_key = mbedtls_calloc( 1, public_key_length ); + TEST_ASSERT( public_key != NULL ); + TEST_ASSERT( psa_export_public_key( key_slot, + public_key, public_key_length, + &public_key_length ) == PSA_SUCCESS ); + + status = psa_key_agreement( &generator, key_slot, + public_key, public_key_length, + exercise_alg ); + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) + TEST_ASSERT( status == PSA_SUCCESS ); + else + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( key_slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_lifetime( int lifetime_arg ) { @@ -3655,6 +3758,39 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_agreement_setup( int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + int expected_status_arg ) +{ + psa_key_slot_t our_key = 1; + psa_algorithm_t alg = alg_arg; + psa_key_type_t our_key_type = our_key_type_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_policy_t policy; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_key_agreement( &generator, + our_key, + peer_key_data->x, peer_key_data->len, + alg ) == expected_status_arg ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( our_key ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_random( int bytes_arg ) { From 5968559a9cf5e7c03691de741e0b9e604617c1b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:11:34 +0200 Subject: [PATCH 0616/2197] Key agreement test functions --- tests/suites/test_suite_psa_crypto.function | 81 +++++++++++++++++++++ 1 file changed, 81 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b7b7c4c5d..fc02453e3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3791,6 +3791,87 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_agreement_capacity( int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + int expected_capacity_arg ) +{ + psa_key_slot_t our_key = 1; + psa_algorithm_t alg = alg_arg; + psa_key_type_t our_key_type = our_key_type_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_policy_t policy; + size_t actual_capacity; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_key_agreement( &generator, + our_key, + peer_key_data->x, peer_key_data->len, + alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_generator_capacity( + &generator, &actual_capacity ) == PSA_SUCCESS ); + TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( our_key ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_agreement_output( int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + data_t *expected_output ) +{ + psa_key_slot_t our_key = 1; + psa_algorithm_t alg = alg_arg; + psa_key_type_t our_key_type = our_key_type_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_policy_t policy; + uint8_t *actual_output = mbedtls_calloc( 1, expected_output->len ); + + TEST_ASSERT( actual_output != NULL ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_key_agreement( &generator, + our_key, + peer_key_data->x, peer_key_data->len, + alg ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_generator_read( &generator, + actual_output, + expected_output->len ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( actual_output, expected_output->x, + expected_output->len ) == 0 ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( our_key ); + mbedtls_psa_crypto_free( ); + mbedtls_free( actual_output ); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_random( int bytes_arg ) { From b7ecdf0509742d1f0a03286ecbf38a69a8329d1d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Sep 2018 12:11:27 +0200 Subject: [PATCH 0617/2197] Implement ECDH --- library/psa_crypto.c | 54 ++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 74 +++++++++++++++++++++++-- 2 files changed, 123 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6f25d8b29..c18c8f022 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -62,6 +62,7 @@ #include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/des.h" +#include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" #include "mbedtls/error.h" @@ -3593,6 +3594,48 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, /* Key agreement */ /****************************************************************/ +static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, + size_t peer_key_length, + const mbedtls_ecp_keypair *our_key, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length ) +{ + mbedtls_pk_context pk; + mbedtls_ecp_keypair *their_key = NULL; + mbedtls_ecdh_context ecdh; + int ret; + mbedtls_ecdh_init( &ecdh ); + mbedtls_pk_init( &pk ); + + ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ); + if( ret != 0 ) + goto exit; + if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_ECKEY ) + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto exit; + } + their_key = mbedtls_pk_ec( pk ); + ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ); + if( ret != 0 ) + goto exit; + ret = mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ); + if( ret != 0 ) + goto exit; + + ret = mbedtls_ecdh_calc_secret( &ecdh, + shared_secret_length, + shared_secret, shared_secret_size, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ); + +exit: + mbedtls_pk_free( &pk ); + mbedtls_ecdh_free( &ecdh ); + return( mbedtls_to_psa_error( ret ) ); +} + #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, @@ -3609,6 +3652,17 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato * secret. */ switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ) ) { +#if defined(MBEDTLS_ECDH_C) + case PSA_ALG_ECDH_BASE: + if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_key_agreement_ecdh( peer_key, peer_key_length, + private_key->data.ecp, + shared_secret, + sizeof( shared_secret ), + &shared_secret_length ); + break; +#endif /* MBEDTLS_ECDH_C */ default: return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d321e68ff..374d3035a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -437,15 +437,15 @@ derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYP PSA key policy: agreement, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) PSA key policy: agreement, not permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) +agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) PSA key policy: agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) PSA key lifetime: set and get volatile key_lifetime:PSA_KEY_LIFETIME_VOLATILE @@ -1109,6 +1109,10 @@ PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) +PSA import/exercise: ECP SECP256R1 keypair, ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) + PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" @@ -1537,13 +1541,73 @@ PSA key derivation: HKDF SHA-256, derive key, 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 +PSA key agreement setup: ECDH, raw: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS + +PSA key agreement setup: ECDH, raw: public key on different curve +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT + +PSA key agreement setup: ECDH, raw: public key instead of private key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT + PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: not a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT + +PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 + +PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" + +PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 + +PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" + +PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 + +PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" + +PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 + +PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" + +PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 + +PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" + +PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 + +PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" PSA generate random: 0 bytes generate_random:0 From 1d7c082124547fcd2b2dc1203671bf99162bd69d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Oct 2018 19:05:22 +0200 Subject: [PATCH 0618/2197] Fix a memory leak in a test --- tests/suites/test_suite_psa_crypto.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index fc02453e3..5685a61cf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1684,6 +1684,7 @@ void derive_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: + mbedtls_free( public_key ); psa_generator_abort( &generator ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); From 2607bca6664e38f130ea239a289deb1e75a7db38 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:21:03 +0200 Subject: [PATCH 0619/2197] Give "DH" and "DHM" as alternative names Be consistent about calling it just "Diffie-Hellman", except once where I state that "Diffie-Hellman-Merkle" is an alternative name. --- include/psa/crypto.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8fb641fdc..1ec9627eb 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1222,8 +1222,9 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000) /** The Diffie-Hellman key agreement algorithm. * - * This algorithm combines the finite-field Diffie-Hellman-Merkle key - * agreement to produce a shared secret from a private key and the peer's + * This algorithm combines the finite-field Diffie-Hellman (DH) key + * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement, + * to produce a shared secret from a private key and the peer's * public key, with a key selection or key derivation algorithm to produce * one or more shared keys and other shared cryptographic material. * @@ -1252,7 +1253,7 @@ typedef uint32_t psa_algorithm_t; (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE) #define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000) -/** The elliptic curve Diffie-Hellman key agreement algorithm. +/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. * * This algorithm combines the elliptic curve Diffie-Hellman key * agreement to produce a shared secret from a private key and the peer's From 79dd6229e4f767cf5a152fc4bea4514c8ec350dd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:22:11 +0200 Subject: [PATCH 0620/2197] Clarify the format of the (EC)DH shared secret --- include/psa/crypto.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1ec9627eb..51d3716cd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1228,6 +1228,9 @@ typedef uint32_t psa_algorithm_t; * public key, with a key selection or key derivation algorithm to produce * one or more shared keys and other shared cryptographic material. * + * The input to \p kdf_alg is the shared secret `g^{ab}` in big-endian format. + * It is `ceiling(n / 8)` bytes long where `n` is the size of the prime `p`. + * * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) * or a key selection algorithm (\c PSA_ALG_XXX value such @@ -1260,6 +1263,10 @@ typedef uint32_t psa_algorithm_t; * public key, with a key selection or key derivation algorithm to produce * one or more shared keys and other shared cryptographic material. * + * The input to \p kdf_alg is the shared secret `d_A Q_B = d_B Q_A` in + * big-endian format. It is `ceiling(n / 8)` bytes long where `n` is the + * curve size in bits. + * * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) * or a selection algorithm (\c PSA_ALG_XXX value such From 211a436f2e78e9f94086e76809a7a987da5ca759 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:22:31 +0200 Subject: [PATCH 0621/2197] Document that key agreement produces a maximum-capacity generator --- include/psa/crypto.h | 3 +++ library/psa_crypto.c | 9 +++++++++ 2 files changed, 12 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 51d3716cd..cc233f26e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3206,6 +3206,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * The result of this function is a byte generator which can * be used to produce keys and other cryptographic material. * + * The resulting generator always has the maximum capacity permitted by + * the algorithm. + * * \param[in,out] generator The generator object to set up. It must * have been initialized to all-bits-zero, * a logical zero (`{0}`), diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c18c8f022..bc306cbd1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3371,6 +3371,15 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, if( generator->alg == PSA_ALG_SELECT_RAW ) { + /* Initially, the capacity of a selection generator is always + * the size of the buffer, i.e. `generator->ctx.buffer.size`, + * abbreviated in this comment as `size`. When the remaining + * capacity is `c`, the next bytes to serve start `c` bytes + * from the end of the buffer, i.e. `size - c` from the + * beginning of the buffer. Since `generator->capacity` was just + * decremented above, we need to serve the bytes from + * `size - generator->capacity - output_length` to + * `size - generator->capacity`. */ size_t offset = generator->ctx.buffer.size - generator->capacity - output_length; memcpy( output, generator->ctx.buffer.data + offset, output_length ); From fc411f1ac13b949c8c7459e0a1fdf69f9add9f4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:34:48 +0200 Subject: [PATCH 0622/2197] Use ASSERT_ALLOC in key agreement tests --- tests/suites/test_suite_psa_crypto.function | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5685a61cf..2245cfd34 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -11,6 +11,8 @@ #include "psa/crypto.h" +#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) + #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) #if(UINT32_MAX > SIZE_MAX) @@ -415,7 +417,7 @@ static int exercise_key_agreement_key( psa_key_slot_t key, public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); - public_key = mbedtls_calloc( 1, public_key_length ); + ASSERT_ALLOC( public_key, public_key_length ); TEST_ASSERT( public_key != NULL ); TEST_ASSERT( psa_export_public_key( key, @@ -1724,7 +1726,7 @@ void agreement_key_policy( int policy_usage, &key_bits ) == PSA_SUCCESS ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); - public_key = mbedtls_calloc( 1, public_key_length ); + ASSERT_ALLOC( public_key, public_key_length ); TEST_ASSERT( public_key != NULL ); TEST_ASSERT( psa_export_public_key( key_slot, public_key, public_key_length, From 10df341436a04690baa6bfff9f7ca897e411be65 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:35:43 +0200 Subject: [PATCH 0623/2197] Factor usage_to_exercise into its own function --- tests/suites/test_suite_psa_crypto.function | 41 ++++++++++++++------- 1 file changed, 28 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2245cfd34..59020f763 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -802,6 +802,33 @@ static int exercise_key( psa_key_slot_t slot, return( ok ); } +static psa_key_usage_t usage_to_exercise( psa_key_type_t type, + psa_algorithm_t alg ) +{ + if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ) + { + return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_VERIFY : + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + } + else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || + PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) + { + return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + } + else if( PSA_ALG_IS_KEY_DERIVATION( alg ) || + PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + { + return( PSA_KEY_USAGE_DERIVE ); + } + else + { + return( 0 ); + } + +} /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1309,19 +1336,7 @@ void import_and_exercise_key( data_t *data, psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = - ( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ? - ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY : - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) : - PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || - PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ? - ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_ENCRYPT : - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) : - PSA_ALG_IS_KEY_DERIVATION( alg ) ? PSA_KEY_USAGE_DERIVE : - PSA_ALG_IS_KEY_AGREEMENT( alg ) ? PSA_KEY_USAGE_DERIVE : - 0 ); + psa_key_usage_t usage = usage_to_exercise( type, alg ); psa_key_policy_t policy; psa_key_type_t got_type; size_t got_bits; From bf49197c9bb1b8d5086d7ee9f39ccdd1ad74da18 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:36:12 +0200 Subject: [PATCH 0624/2197] key_agreement_capacity: test the actual capacity as well After testing that the advertized capacity is what the test data says, read that many bytes to test that this is also actual capacity. --- tests/suites/test_suite_psa_crypto.function | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 59020f763..a0f038107 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3821,6 +3821,7 @@ void key_agreement_capacity( int alg_arg, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_policy_t policy; size_t actual_capacity; + unsigned char output[16]; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -3836,10 +3837,25 @@ void key_agreement_capacity( int alg_arg, peer_key_data->x, peer_key_data->len, alg ) == PSA_SUCCESS ); + /* Test the advertized capacity. */ TEST_ASSERT( psa_get_generator_capacity( &generator, &actual_capacity ) == PSA_SUCCESS ); TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg ); + /* Test the actual capacity by reading the output. */ + while( actual_capacity > sizeof( output ) ) + { + TEST_ASSERT( psa_generator_read( &generator, + output, sizeof( output ) ) == + PSA_SUCCESS ); + actual_capacity -= sizeof( output ); + } + TEST_ASSERT( psa_generator_read( &generator, + output, actual_capacity ) == + PSA_SUCCESS ); + TEST_ASSERT( psa_generator_read( &generator, output, 1 ) == + PSA_ERROR_INSUFFICIENT_CAPACITY ); + exit: psa_generator_abort( &generator ); psa_destroy_key( our_key ); From 3ec8ed8b512fcd573100859cbe519ec411cbb7d5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:37:15 +0200 Subject: [PATCH 0625/2197] Add multipart key agreement tests Add test cases that do key agreement with raw selection in pieces, to validate that selection works even when the application doesn't read everything in one chunk. --- tests/suites/test_suite_psa_crypto.data | 26 ++++++++++++++------ tests/suites/test_suite_psa_crypto.function | 27 +++++++++++++++------ 2 files changed, 38 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 374d3035a..6b1c38eee 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1565,9 +1565,21 @@ PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 -PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read +PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" + +PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" + +PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" + +PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C @@ -1575,7 +1587,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C @@ -1583,7 +1595,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C @@ -1591,7 +1603,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C @@ -1599,7 +1611,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C @@ -1607,7 +1619,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a0f038107..bcd07c15f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3867,16 +3867,17 @@ exit: void key_agreement_output( int alg_arg, int our_key_type_arg, data_t *our_key_data, data_t *peer_key_data, - data_t *expected_output ) + data_t *expected_output1, data_t *expected_output2 ) { psa_key_slot_t our_key = 1; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_policy_t policy; - uint8_t *actual_output = mbedtls_calloc( 1, expected_output->len ); + uint8_t *actual_output = NULL; - TEST_ASSERT( actual_output != NULL ); + ASSERT_ALLOC( actual_output, MAX( expected_output1->len, + expected_output2->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -3892,11 +3893,21 @@ void key_agreement_output( int alg_arg, peer_key_data->x, peer_key_data->len, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_read( &generator, - actual_output, - expected_output->len ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( actual_output, expected_output->x, - expected_output->len ) == 0 ); + TEST_ASSERT( + psa_generator_read( &generator, + actual_output, + expected_output1->len ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( actual_output, expected_output1->x, + expected_output1->len ) == 0 ); + if( expected_output2->len != 0 ) + { + TEST_ASSERT( + psa_generator_read( &generator, + actual_output, + expected_output2->len ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( actual_output, expected_output2->x, + expected_output2->len ) == 0 ); + } exit: psa_generator_abort( &generator ); From 714e16b37a576f57771ea48c6b00e24f45347c85 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 22:49:49 +0200 Subject: [PATCH 0626/2197] Add import/export test of EC public key --- tests/suites/test_suite_psa_crypto.data | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6b1c38eee..e8d836168 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -190,7 +190,7 @@ PSA import RSA keypair: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED -PSA import/export EC secp224r1: good +PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 @@ -198,7 +198,7 @@ PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" -PSA import/export EC secp256r1: good +PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 @@ -206,7 +206,7 @@ PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" -PSA import/export EC secp384r1: good +PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 @@ -214,7 +214,7 @@ PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" -PSA import/export EC secp521r1: good +PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 @@ -222,7 +222,7 @@ PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" -PSA import/export EC brainpool256r1: good +PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 @@ -230,7 +230,7 @@ PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" -PSA import/export EC brainpool384r1: good +PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 @@ -238,7 +238,7 @@ PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" -PSA import/export EC brainpool512r1: good +PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 @@ -250,6 +250,10 @@ PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:"" +PSA import/export EC secp256r1 public key: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import_export:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 + PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1 From 88714d78b8bd107c7d3787895e4a012605cc134d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Oct 2018 23:07:25 +0200 Subject: [PATCH 0627/2197] Allow ECDH-only public key in ECDH In ECDH key agreement, allow a public key with the OID id-ECDH, not just a public key with the OID id-ecPublicKey. Public keys with the OID id-ECDH are not permitted by psa_import_key, at least for now. There would be no way to use the key for a key agreement operation anyway in the current API. --- library/psa_crypto.c | 10 +++++++--- tests/suites/test_suite_psa_crypto.data | 11 +++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bc306cbd1..5fe969c3c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3620,10 +3620,14 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ); if( ret != 0 ) goto exit; - if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_ECKEY ) + switch( mbedtls_pk_get_type( &pk ) ) { - ret = MBEDTLS_ERR_ECP_INVALID_KEY; - goto exit; + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + break; + default: + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto exit; } their_key = mbedtls_pk_ec( pk ); ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e8d836168..5b8166428 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -312,6 +312,13 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED # it's looking for an OID where there is no OID. import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED +# A key with the OID id-ECDH is only valid for ECDH, not for ECDSA. +# Such keys are currently not allowed by psa_import_key, only by +# psa_key_agreement. +PSA import EC public key: ECDH-only +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"3057301106052b8104010c06082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT @@ -1573,6 +1580,10 @@ PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +PSA key agreement: ECDH SECP256R1 with ECDH-only public key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3057301106052b8104010c06082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" + PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" From f5f442a50c3e19f738618d20a5288e1838760458 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 18:20:48 +0100 Subject: [PATCH 0628/2197] More accurate description of the shared secret for ECDH Don't refer to the "curve size", call it the "size of the order of the curve". --- include/psa/crypto.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cc233f26e..412fe5a75 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1263,9 +1263,10 @@ typedef uint32_t psa_algorithm_t; * public key, with a key selection or key derivation algorithm to produce * one or more shared keys and other shared cryptographic material. * - * The input to \p kdf_alg is the shared secret `d_A Q_B = d_B Q_A` in - * big-endian format. It is `ceiling(n / 8)` bytes long where `n` is the - * curve size in bits. + * The input to \p kdf_alg is the x-coordinate of the shared secret + * `d_A Q_B = d_B Q_A` in big-endian format. It has the same size of + * the order of the curve, i.e. `ceiling(n / 8)` bytes where `n` is + * the size of the order of the curve. * * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) From c7998b78b8f4c6f58ad5a0216d321063d59f17a9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 18:45:02 +0100 Subject: [PATCH 0629/2197] Factor common code into key_agreement_with_self --- tests/suites/test_suite_psa_crypto.function | 80 ++++++++++----------- 1 file changed, 38 insertions(+), 42 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index bcd07c15f..674a6e9fe 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -394,16 +394,46 @@ exit: return( 0 ); } +/* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ +static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, + psa_key_type_t key_slot, + psa_algorithm_t alg ) +{ + psa_key_type_t private_key_type; + psa_key_type_t public_key_type; + size_t key_bits; + uint8_t *public_key = NULL; + size_t public_key_length; + /* Return UNKNOWN_ERROR if something other than the final call to + * psa_key_agreement fails. This isn't fully satisfactory, but it's + * good enough: callers will report it as a failed test anyway. */ + psa_status_t status = PSA_ERROR_UNKNOWN_ERROR; + + TEST_ASSERT( psa_get_key_information( key_slot, + &private_key_type, + &key_bits ) == PSA_SUCCESS ); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); + public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); + ASSERT_ALLOC( public_key, public_key_length ); + TEST_ASSERT( public_key != NULL ); + TEST_ASSERT( psa_export_public_key( key_slot, + public_key, public_key_length, + &public_key_length ) == PSA_SUCCESS ); + + status = psa_key_agreement( generator, key_slot, + public_key, public_key_length, + alg ); +exit: + mbedtls_free( public_key ); + return( status ); +} + static int exercise_key_agreement_key( psa_key_slot_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_type_t key_type; - psa_key_type_t public_key_type; - size_t key_bits; - uint8_t *public_key = NULL; - size_t public_key_length; unsigned char output[1]; int ok = 0; @@ -411,22 +441,8 @@ static int exercise_key_agreement_key( psa_key_slot_t key, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - TEST_ASSERT( psa_get_key_information( key, - &key_type, - &key_bits ) == PSA_SUCCESS ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type ); - public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, - key_bits ); - ASSERT_ALLOC( public_key, public_key_length ); - TEST_ASSERT( public_key != NULL ); - TEST_ASSERT( - psa_export_public_key( key, - public_key, public_key_length, - &public_key_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_key_agreement( &generator, - key, - public_key, public_key_length, - alg ) == PSA_SUCCESS ); + TEST_ASSERT( key_agreement_with_self( &generator, key, alg ) == + PSA_SUCCESS ); TEST_ASSERT( psa_generator_read( &generator, output, sizeof( output ) ) == PSA_SUCCESS ); @@ -435,7 +451,6 @@ static int exercise_key_agreement_key( psa_key_slot_t key, ok = 1; exit: - mbedtls_free( public_key ); return( ok ); } @@ -1701,7 +1716,6 @@ void derive_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - mbedtls_free( public_key ); psa_generator_abort( &generator ); psa_destroy_key( key_slot ); mbedtls_psa_crypto_free( ); @@ -1718,10 +1732,6 @@ void agreement_key_policy( int policy_usage, int key_slot = 1; psa_key_policy_t policy; psa_key_type_t key_type = key_type_arg; - psa_key_type_t public_key_type; - size_t key_bits; - uint8_t *public_key = NULL; - size_t public_key_length; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; @@ -1734,22 +1744,8 @@ void agreement_key_policy( int policy_usage, TEST_ASSERT( psa_import_key( key_slot, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - /* We need two keys to exercise key agreement. Exercise the - * private key against its own public key. */ - TEST_ASSERT( psa_get_key_information( key_slot, - &key_type, - &key_bits ) == PSA_SUCCESS ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type ); - public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); - ASSERT_ALLOC( public_key, public_key_length ); - TEST_ASSERT( public_key != NULL ); - TEST_ASSERT( psa_export_public_key( key_slot, - public_key, public_key_length, - &public_key_length ) == PSA_SUCCESS ); + status = key_agreement_with_self( &generator, key_slot, exercise_alg ); - status = psa_key_agreement( &generator, key_slot, - public_key, public_key_length, - exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); From b408661be987451e71fc94be5d6e23a111dfd002 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 14 Nov 2018 20:51:23 +0100 Subject: [PATCH 0630/2197] ECDH: check that the keys are on the same curve In psa_key_agreement_ecdh, check that the public key is on the same curve as the private key. The underlying mbedtls API doesn't check. If the curves don't match, psa_key_agreement_ecdh is practically guaranteed to return INVALID_ARGUMENT anyway, because way the code is written, the public point is interpreted on the curve of the private point, and it is rejected because the point is not on the curve. This is why the test case "PSA key agreement setup: ECDH, raw: public key on different curve" passed even before adding this check. --- library/psa_crypto.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5fe969c3c..763074c9b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3630,6 +3630,12 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, goto exit; } their_key = mbedtls_pk_ec( pk ); + if( their_key->grp.id != our_key->grp.id ) + { + ret = MBEDTLS_ERR_ECP_INVALID_KEY; + goto exit; + } + ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ); if( ret != 0 ) goto exit; From 7b5b4a01a4b3cdb269a5b0535313203b2458b85f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 14 Nov 2018 21:05:10 +0100 Subject: [PATCH 0631/2197] Correct description of the ECDH shared secret The endianness actually depends on the curve type. Correct the terminology around "curve size" and "order of the curve". I tried to find a formulation that is comprehensible to programmers who do not know the underlying mathematics, but nonetheless correct and precise. Use similar terminology in other places that were using "order of the curve" to describe the bit size associated with the curve. --- include/psa/crypto.h | 34 +++++++++++++++++++++++++++------- include/psa/crypto_sizes.h | 7 ++++--- 2 files changed, 31 insertions(+), 10 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 412fe5a75..df760ddd5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1263,10 +1263,29 @@ typedef uint32_t psa_algorithm_t; * public key, with a key selection or key derivation algorithm to produce * one or more shared keys and other shared cryptographic material. * - * The input to \p kdf_alg is the x-coordinate of the shared secret - * `d_A Q_B = d_B Q_A` in big-endian format. It has the same size of - * the order of the curve, i.e. `ceiling(n / 8)` bytes where `n` is - * the size of the order of the curve. + * The shared secret produced by key agreement and passed as input to the + * derivation or selection algorithm \p kdf_alg is the x-coordinate of + * the shared secret point. It is always `ceiling(q / 8)` bytes long where + * `q` is the bit size associated with the curve, i.e. the bit size of the + * order of the curve's coordinate field. When `q` is not a multiple of 8, + * the byte containing the most significant bit of the shared secret + * is padded with zero bits. The byte order is either little-endian + * or big-endian depending on the curve type. + * + * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in little-endian byte order. + * The bit size is 448 for Curve448 and 255 for Curve25519. + * - For Weierstrass curves over prime fields (curve types + * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `q = ceiling(log_2(p))` for the field `F_p`. + * - For Weierstrass curves over binary fields (curve types + * `PSA_ECC_CURVE_SECTXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `q = m` for the field `F_{2^m}`. * * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) @@ -1567,9 +1586,10 @@ psa_status_t psa_export_key(psa_key_slot_t key, * * ECPoint ::= ... * -- first 8 bits: 0x04; - * -- then x_P as an n-bit string, big endian; - * -- then y_P as a n-bit string, big endian, - * -- where n is the order of the curve. + * -- then x_P as a `ceiling(n/8)`-byte string, big endian; + * -- then y_P as a `ceiling(n/8)`-byte string, big endian; + * -- where `n` is the bit size associated with the curve, + * -- i.e. the bit size of `q` for a curve over `F_q`. * * EcpkParameters ::= CHOICE { -- other choices are not allowed * namedCurve OBJECT IDENTIFIER } diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index edddca47a..f4feb4d20 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -422,9 +422,10 @@ * parameters OBJECT IDENTIFIER } -- namedCurve * ECPoint ::= ... * -- first 8 bits: 0x04; - * -- then x_P as an n-bit string, big endian; - * -- then y_P as a n-bit string, big endian, - * -- where n is the order of the curve. + * -- then x_P as a `ceiling(n/8)`-byte string, big endian; + * -- then y_P as a `ceiling(n/8)`-byte string, big endian; + * -- where `n` is the bit size associated with the curve, + * -- i.e. the bit size of `q` for a curve over `F_q`. * * - 2 * 4 bytes of SEQUENCE overhead; * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID); From 6c6a023f9994ca1854cada3d51be237e57680712 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Nov 2018 17:44:43 +0100 Subject: [PATCH 0632/2197] More tweaks on EC-related wording Use m for the bit size of the field order, not q which is traditionally the field order. Correct and clarify the private key representation format as has been done for the private key and ECDH shared secret formats. --- include/psa/crypto.h | 25 +++++++++++++++---------- include/psa/crypto_sizes.h | 7 +++---- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index df760ddd5..6e5bbe010 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1265,9 +1265,9 @@ typedef uint32_t psa_algorithm_t; * * The shared secret produced by key agreement and passed as input to the * derivation or selection algorithm \p kdf_alg is the x-coordinate of - * the shared secret point. It is always `ceiling(q / 8)` bytes long where - * `q` is the bit size associated with the curve, i.e. the bit size of the - * order of the curve's coordinate field. When `q` is not a multiple of 8, + * the shared secret point. It is always `ceiling(m / 8)` bytes long where + * `m` is the bit size associated with the curve, i.e. the bit size of the + * order of the curve's coordinate field. When `m` is not a multiple of 8, * the byte containing the most significant bit of the shared secret * is padded with zero bits. The byte order is either little-endian * or big-endian depending on the curve type. @@ -1280,12 +1280,12 @@ typedef uint32_t psa_algorithm_t; * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` * in big-endian byte order. - * The bit size is `q = ceiling(log_2(p))` for the field `F_p`. + * The bit size is `m = ceiling(log_2(p))` for the field `F_p`. * - For Weierstrass curves over binary fields (curve types * `PSA_ECC_CURVE_SECTXXX`), * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` * in big-endian byte order. - * The bit size is `q = m` for the field `F_{2^m}`. + * The bit size is `m` for the field `F_{2^m}`. * * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) @@ -1486,8 +1486,13 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * ``` * - For elliptic curve key pairs (key types for which * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is - * a big-endian representation of the private point as a - * `ceiling(log2(n)/8)`-byte string where `n` is the order of the curve. + * a representation of the private value as a `ceiling(m/8)`-byte string + * where `m` is the bit size associated with the curve, i.e. the bit size + * of the order of the curve's coordinate field. This byte string is + * in little-endian order for Montgomery curves (curve types + * `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass + * curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX` + * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`). * This is the content of the `privateKey` field of the `ECPrivateKey` * format defined by RFC 5915. * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is @@ -1586,9 +1591,9 @@ psa_status_t psa_export_key(psa_key_slot_t key, * * ECPoint ::= ... * -- first 8 bits: 0x04; - * -- then x_P as a `ceiling(n/8)`-byte string, big endian; - * -- then y_P as a `ceiling(n/8)`-byte string, big endian; - * -- where `n` is the bit size associated with the curve, + * -- then x_P as a `ceiling(m/8)`-byte string, big endian; + * -- then y_P as a `ceiling(m/8)`-byte string, big endian; + * -- where `m` is the bit size associated with the curve, * -- i.e. the bit size of `q` for a curve over `F_q`. * * EcpkParameters ::= CHOICE { -- other choices are not allowed diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index f4feb4d20..f0a1ba7dd 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -422,10 +422,9 @@ * parameters OBJECT IDENTIFIER } -- namedCurve * ECPoint ::= ... * -- first 8 bits: 0x04; - * -- then x_P as a `ceiling(n/8)`-byte string, big endian; - * -- then y_P as a `ceiling(n/8)`-byte string, big endian; - * -- where `n` is the bit size associated with the curve, - * -- i.e. the bit size of `q` for a curve over `F_q`. + * -- then x_P as a `ceiling(m/8)`-byte string, big endian; + * -- then y_P as a `ceiling(m/8)`-byte string, big endian; + * -- where `m` is the bit size associated with the curve. * * - 2 * 4 bytes of SEQUENCE overhead; * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID); From d171e78b4691dba2d976021faffebabc3dcefec8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Nov 2018 17:46:21 +0100 Subject: [PATCH 0633/2197] Document the peer_key format for psa_key_agreement --- include/psa/crypto.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6e5bbe010..a2191c664 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3241,7 +3241,11 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * \c PSA_CRYPTO_GENERATOR_INIT or * psa_crypto_generator_init(). * \param private_key Slot containing the private key to use. - * \param[in] peer_key Public key of the peer. + * \param[in] peer_key Public key of the peer. It must be + * in the same format that psa_import_key() + * accepts. The standard formats for public + * keys are documented in the documentation + * of psa_export_public_key(). * \param peer_key_length Size of \p peer_key in bytes. * \param alg The key agreement algorithm to compute * (\c PSA_ALG_XXX value such that From 99d0259987fadf213323fe6621759c01d7ecca34 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Nov 2018 17:47:25 +0100 Subject: [PATCH 0634/2197] Improve documentation the shared secret format for FFDH --- include/psa/crypto.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a2191c664..64f343c6e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1228,8 +1228,11 @@ typedef uint32_t psa_algorithm_t; * public key, with a key selection or key derivation algorithm to produce * one or more shared keys and other shared cryptographic material. * - * The input to \p kdf_alg is the shared secret `g^{ab}` in big-endian format. - * It is `ceiling(n / 8)` bytes long where `n` is the size of the prime `p`. + * The shared secret produced by key agreement and passed as input to the + * derivation or selection algorithm \p kdf_alg is the shared secret + * `g^{ab}` in big-endian format. + * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` + * in bits. * * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) From 79250c255f365e295ab475019cd6477f7833c6fc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 17:32:46 +0100 Subject: [PATCH 0635/2197] Add identifiers for TLS-1.2 PRF This commit adds KDF algorithm identifiers `PSA_ALG_TLS12_PRF(HASH)` to the PSA crypto API. They represent the key derivation functions used by TLS 1.2 for the PreMasterSecret->MasterSecret and MasterSecret->KeyBlock conversions. --- include/psa/crypto.h | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 64f343c6e..8e439bab0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1199,6 +1199,39 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200) +/** Macro to build a TLS-1.2 PRF algorithm. + * + * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the + * TLS 1.2 PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PRF algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PRF(hash_alg) \ + (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PRF algorithm. + * + * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, + * specified in Section 5 of RFC 5246. It is based on HMAC and can be + * used with either SHA-256 or SHA-384. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PRF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) +#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff) /** Use a shared secret as is. From c8a41d71cba5b03f7be075cd3b904b5075011294 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 17:33:01 +0100 Subject: [PATCH 0636/2197] Add implementation of TLS-1.2 PRF --- include/psa/crypto_struct.h | 30 +++++ library/psa_crypto.c | 240 ++++++++++++++++++++++++++++++++++++ 2 files changed, 270 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index e38a9bfba..2d7bb2682 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -144,6 +144,35 @@ typedef struct uint8_t block_number; } psa_hkdf_generator_t; +typedef struct psa_tls12_prf_generator_s +{ + /* The TLS 1.2 PRF uses the key for each HMAC iteration, + * hence we must store it for the lifetime of the generator. + * This is different from HKDF, where the key is only used + * in the extraction phase, but not during expansion. */ + unsigned char *key; + size_t key_len; + + /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */ + uint8_t Ai_with_seed[PSA_HASH_MAX_SIZE + 64]; + size_t seed_length; + + /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ + uint8_t output_block[PSA_HASH_MAX_SIZE]; + +#if PSA_HASH_MAX_SIZE > 0xff +#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" +#endif + + /* Indicates how many bytes in the current HMAC block have + * already been read by the user. */ + uint8_t offset_in_block; + + /* The 1-based number of the block. */ + uint8_t block_number; + +} psa_tls12_prf_generator_t; + struct psa_crypto_generator_s { psa_algorithm_t alg; @@ -157,6 +186,7 @@ struct psa_crypto_generator_s } buffer; #if defined(MBEDTLS_MD_C) psa_hkdf_generator_t hkdf; + psa_tls12_prf_generator_t tls12_prf; #endif } ctx; }; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 763074c9b..ef4623716 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1506,6 +1506,12 @@ static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac ) mbedtls_zeroize( hmac->opad, sizeof( hmac->opad ) ); return( psa_hash_abort( &hmac->hash_ctx ) ); } + +static void psa_hmac_init_internal( psa_hmac_internal_data *hmac ) +{ + /* Instances of psa_hash_operation_s can be initialized by zeroization. */ + memset( hmac, 0, sizeof( *hmac ) ); +} #endif /* MBEDTLS_MD_C */ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) @@ -3258,6 +3264,15 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) mbedtls_free( generator->ctx.hkdf.info ); status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac ); } + else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ) + { + if( generator->ctx.tls12_prf.key != NULL ) + { + mbedtls_zeroize( generator->ctx.tls12_prf.key, + generator->ctx.tls12_prf.key_len ); + mbedtls_free( generator->ctx.tls12_prf.key ); + } + } else #endif /* MBEDTLS_MD_C */ { @@ -3340,6 +3355,172 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, return( PSA_SUCCESS ); } + +static psa_status_t psa_generator_tls12_prf_generate_next_block( + psa_tls12_prf_generator_t *tls12_prf, + psa_algorithm_t alg ) +{ + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); + uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + psa_hmac_internal_data hmac; + psa_status_t status, cleanup_status; + + /* We can't be wanting more output after block 0xff, otherwise + * the capacity check in psa_generator_read() would have + * prevented this call. It could happen only if the generator + * object was corrupted or if this function is called directly + * inside the library. */ + if( tls12_prf->block_number == 0xff ) + return( PSA_ERROR_BAD_STATE ); + + /* We need a new block */ + ++tls12_prf->block_number; + tls12_prf->offset_in_block = 0; + + /* Recall the definition of the TLS-1.2-PRF from RFC 5246: + * + * PRF(secret, label, seed) = P_(secret, label + seed) + * + * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + + * HMAC_hash(secret, A(2) + seed) + + * HMAC_hash(secret, A(3) + seed) + ... + * + * A(0) = seed + * A(i) = HMAC_hash( secret, A(i-1) ) + * + * The `psa_tls12_prf_generator` structures saves the block + * `HMAC_hash(secret, A(i) + seed)` from which the output + * is currently extracted as `output_block`, while + * `A(i) + seed` is stored in `Ai_with_seed`. + * + * Generating a new block means recalculating `Ai_with_seed` + * from the A(i)-part of it, and afterwards recalculating + * `output_block`. + * + * A(0) is computed at setup time. + * + */ + + psa_hmac_init_internal( &hmac ); + + /* We must distinguish the calculation of A(1) from those + * of A(2) and higher, because A(0)=seed has a different + * length than the other A(i). */ + if( tls12_prf->block_number == 1 ) + { + /* Compute A(1) = HMAC_hash(secret, label + seed) */ + status = psa_hmac_setup_internal( &hmac, + tls12_prf->key, + tls12_prf->key_len, + hash_alg ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &hmac.hash_ctx, + /* This omits the (so far undefined) + * first hash_length bytes. */ + tls12_prf->Ai_with_seed + hash_length, + tls12_prf->seed_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hmac_finish_internal( &hmac, + tls12_prf->Ai_with_seed, + hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + } + else + { + /* Compute A(i+1) = HMAC_hash(secret, A(i)) */ + status = psa_hmac_setup_internal( &hmac, + tls12_prf->key, + tls12_prf->key_len, + hash_alg ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &hmac.hash_ctx, + tls12_prf->Ai_with_seed, + /* This omits the seed part of A(i) */ + hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hmac_finish_internal( &hmac, + tls12_prf->Ai_with_seed, + hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + } + + /* Compute the next block `HMAC_hash(secret, A(i+1) + seed)`. */ + status = psa_hmac_setup_internal( &hmac, + tls12_prf->key, + tls12_prf->key_len, + hash_alg ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &hmac.hash_ctx, + tls12_prf->Ai_with_seed, + hash_length + tls12_prf->seed_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hmac_finish_internal( &hmac, + tls12_prf->output_block, + hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + +cleanup: + + cleanup_status = psa_hmac_abort_internal( &hmac ); + if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS ) + status = cleanup_status; + + return( status ); +} + +/* Read some bytes from an TLS-1.2-PRF-based generator. + * See Section 5 of RFC 5246. */ +static psa_status_t psa_generator_tls12_prf_read( + psa_tls12_prf_generator_t *tls12_prf, + psa_algorithm_t alg, + uint8_t *output, + size_t output_length ) +{ + psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); + uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + psa_status_t status; + + while( output_length != 0 ) + { + /* Copy what remains of the current block */ + uint8_t n = hash_length - tls12_prf->offset_in_block; + + /* Check if we have fully processed the current block. */ + if( n == 0 ) + { + status = psa_generator_tls12_prf_generate_next_block( tls12_prf, + alg ); + if( status != PSA_SUCCESS ) + return( status ); + + continue; + } + + if( n > output_length ) + n = (uint8_t) output_length; + memcpy( output, tls12_prf->output_block + tls12_prf->offset_in_block, + n ); + output += n; + output_length -= n; + tls12_prf->offset_in_block += n; + } + + return( PSA_SUCCESS ); +} #endif /* MBEDTLS_MD_C */ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, @@ -3393,6 +3574,12 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg, output, output_length ); } + else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ) + { + status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf, + generator->alg, output, + output_length ); + } else #endif /* MBEDTLS_MD_C */ { @@ -3495,6 +3682,41 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, return( PSA_SUCCESS ); } +/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */ +static psa_status_t psa_generator_tls12_prf_setup( + psa_tls12_prf_generator_t *tls12_prf, + const unsigned char *key, + size_t key_len, + psa_algorithm_t hash_alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length ) +{ + uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + + tls12_prf->key = mbedtls_calloc( 1, key_len ); + if( tls12_prf->key == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + tls12_prf->key_len = key_len; + memcpy( tls12_prf->key, key, key_len ); + + /* Write `label + seed' at the end of the `A(i) + seed` buffer, + * leaving the initial `hash_length` bytes unspecified for now. */ + memcpy( tls12_prf->Ai_with_seed + hash_length, label, label_length ); + memcpy( tls12_prf->Ai_with_seed + hash_length + label_length, + salt, salt_length ); + + tls12_prf->seed_length = label_length + salt_length; + + /* The first block gets generated when + * psa_generator_read() is called. */ + tls12_prf->block_number = 0; + tls12_prf->offset_in_block = hash_length; + + return( PSA_SUCCESS ); +} + static psa_status_t psa_key_derivation_internal( psa_crypto_generator_t *generator, const uint8_t *secret, size_t secret_length, @@ -3538,6 +3760,24 @@ static psa_status_t psa_key_derivation_internal( salt, salt_length, label, label_length ); } + else if( PSA_ALG_IS_TLS12_PRF( alg ) ) + { + psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); + size_t hash_size = PSA_HASH_SIZE( hash_alg ); + + /* TLS-1.2 PRF supports only SHA-256 and SHA-384. */ + if( hash_alg != PSA_ALG_SHA_256 && + hash_alg != PSA_ALG_SHA_384 ) + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + + max_capacity = 255 * hash_size; + status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf, + secret, secret_length, + hash_alg, salt, salt_length, + label, label_length ); + } else #endif { From 24658c4ba1b9aa1a81117e38f1a959327a07a51a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 17:33:08 +0100 Subject: [PATCH 0637/2197] Add test vectors for TLS 1.2 PRF Taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html --- tests/suites/test_suite_psa_crypto.data | 69 +++++++++++++++++++++++-- 1 file changed, 65 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5b8166428..7f37db197 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -434,18 +434,30 @@ PSA key policy: asymmetric signature, neither sign nor verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW -PSA key policy: derive, permitted +PSA key policy: derive via HKDF, permitted depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) -PSA key policy: derive, not permitted +PSA key policy: derive via TLS 1.2 PRF, permitted +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) + +PSA key policy: derive via HKDF, not permitted depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) -PSA key policy: derive, wrong algorithm +PSA key policy: derive via TLS 1.2 PRF, not permitted +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) + +PSA key policy: derive via HKDF, wrong algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) +PSA key policy: derive via TLS 1.2 PRF, wrong algorithm +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) + PSA key policy: agreement, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) @@ -1400,10 +1412,18 @@ PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS -PSA key derivation: bad key type +PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 PRF SHA-256, good case +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, bad key type +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: not a key derivation algorithm (selection) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_SELECT_RAW:"":"":42:PSA_ERROR_INVALID_ARGUMENT @@ -1476,6 +1496,47 @@ PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" +# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html +PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":"" + +PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66" + +PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" + +PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" + +PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" + +PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" + +PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" + +PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" + +PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" + +PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" + PSA key derivation: HKDF SHA-256, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" From 580fba143101b4c1403d45dc9f8c4691aa68320f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 13 Nov 2018 20:50:45 +0000 Subject: [PATCH 0638/2197] Dynamically allocate `A(i) + seed` buffer for TLS-1.2 PRF --- include/psa/crypto_struct.h | 4 ++-- library/psa_crypto.c | 25 +++++++++++++++++++++---- 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 2d7bb2682..f11b87cca 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -154,8 +154,8 @@ typedef struct psa_tls12_prf_generator_s size_t key_len; /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */ - uint8_t Ai_with_seed[PSA_HASH_MAX_SIZE + 64]; - size_t seed_length; + uint8_t *Ai_with_seed; + size_t Ai_with_seed_len; /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ uint8_t output_block[PSA_HASH_MAX_SIZE]; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ef4623716..2030315dd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3272,6 +3272,13 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) generator->ctx.tls12_prf.key_len ); mbedtls_free( generator->ctx.tls12_prf.key ); } + + if( generator->ctx.tls12_prf.Ai_with_seed != NULL ) + { + mbedtls_zeroize( generator->ctx.tls12_prf.Ai_with_seed, + generator->ctx.tls12_prf.Ai_with_seed_len ); + mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed ); + } } else #endif /* MBEDTLS_MD_C */ @@ -3420,7 +3427,7 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block( /* This omits the (so far undefined) * first hash_length bytes. */ tls12_prf->Ai_with_seed + hash_length, - tls12_prf->seed_length ); + tls12_prf->Ai_with_seed_len - hash_length ); if( status != PSA_SUCCESS ) goto cleanup; status = psa_hmac_finish_internal( &hmac, @@ -3463,7 +3470,7 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block( status = psa_hash_update( &hmac.hash_ctx, tls12_prf->Ai_with_seed, - hash_length + tls12_prf->seed_length ); + tls12_prf->Ai_with_seed_len ); if( status != PSA_SUCCESS ) goto cleanup; @@ -3694,6 +3701,8 @@ static psa_status_t psa_generator_tls12_prf_setup( size_t label_length ) { uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + size_t Ai_with_seed_len = hash_length + salt_length + label_length; + int overflow; tls12_prf->key = mbedtls_calloc( 1, key_len ); if( tls12_prf->key == NULL ) @@ -3701,14 +3710,22 @@ static psa_status_t psa_generator_tls12_prf_setup( tls12_prf->key_len = key_len; memcpy( tls12_prf->key, key, key_len ); + overflow = ( salt_length + label_length < salt_length ) || + ( salt_length + label_length + hash_length < hash_length ); + if( overflow ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + tls12_prf->Ai_with_seed = mbedtls_calloc( 1, Ai_with_seed_len ); + if( tls12_prf->Ai_with_seed == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + tls12_prf->Ai_with_seed_len = Ai_with_seed_len; + /* Write `label + seed' at the end of the `A(i) + seed` buffer, * leaving the initial `hash_length` bytes unspecified for now. */ memcpy( tls12_prf->Ai_with_seed + hash_length, label, label_length ); memcpy( tls12_prf->Ai_with_seed + hash_length + label_length, salt, salt_length ); - tls12_prf->seed_length = label_length + salt_length; - /* The first block gets generated when * psa_generator_read() is called. */ tls12_prf->block_number = 0; From 3b339e23427a315a294397f500d0c69fb73849d1 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 13 Nov 2018 20:56:14 +0000 Subject: [PATCH 0639/2197] Simplify psa_generator_tls12_prf_generate_next_block() --- library/psa_crypto.c | 66 +++++++++++++++++--------------------------- 1 file changed, 26 insertions(+), 40 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2030315dd..5ee43e4d6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3372,6 +3372,9 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block( psa_hmac_internal_data hmac; psa_status_t status, cleanup_status; + unsigned char *Ai; + size_t Ai_len; + /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_generator_read() would have * prevented this call. It could happen only if the generator @@ -3415,51 +3418,34 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block( * length than the other A(i). */ if( tls12_prf->block_number == 1 ) { - /* Compute A(1) = HMAC_hash(secret, label + seed) */ - status = psa_hmac_setup_internal( &hmac, - tls12_prf->key, - tls12_prf->key_len, - hash_alg ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hash_update( &hmac.hash_ctx, - /* This omits the (so far undefined) - * first hash_length bytes. */ - tls12_prf->Ai_with_seed + hash_length, - tls12_prf->Ai_with_seed_len - hash_length ); - if( status != PSA_SUCCESS ) - goto cleanup; - status = psa_hmac_finish_internal( &hmac, - tls12_prf->Ai_with_seed, - hash_length ); - if( status != PSA_SUCCESS ) - goto cleanup; + Ai = tls12_prf->Ai_with_seed + hash_length; + Ai_len = tls12_prf->Ai_with_seed_len - hash_length; } else { - /* Compute A(i+1) = HMAC_hash(secret, A(i)) */ - status = psa_hmac_setup_internal( &hmac, - tls12_prf->key, - tls12_prf->key_len, - hash_alg ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hash_update( &hmac.hash_ctx, - tls12_prf->Ai_with_seed, - /* This omits the seed part of A(i) */ - hash_length ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hmac_finish_internal( &hmac, - tls12_prf->Ai_with_seed, - hash_length ); - if( status != PSA_SUCCESS ) - goto cleanup; + Ai = tls12_prf->Ai_with_seed; + Ai_len = hash_length; } + /* Compute A(i+1) = HMAC_hash(secret, A(i)) */ + status = psa_hmac_setup_internal( &hmac, + tls12_prf->key, + tls12_prf->key_len, + hash_alg ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hash_update( &hmac.hash_ctx, + Ai, Ai_len ); + if( status != PSA_SUCCESS ) + goto cleanup; + + status = psa_hmac_finish_internal( &hmac, + tls12_prf->Ai_with_seed, + hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + /* Compute the next block `HMAC_hash(secret, A(i+1) + seed)`. */ status = psa_hmac_setup_internal( &hmac, tls12_prf->key, From 353e45361d9dc733f1ef5102eda0f0b28864848a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 09:53:57 +0000 Subject: [PATCH 0640/2197] Don't call memcpy() with 0-length arguments The standard prohibits calling memcpy() with NULL pointer arguments, even if the size argument is 0. The TLS-1.2 PRF generator setup function previously called memcpy() with the label and salt as the source, even if they were of length 0, as exercised by the derive_key_policy test case in the PSA crypto test suite. This commit adds guards around the memcpy() calls so that they are only executed of salt or label have positive length, respectively. --- library/psa_crypto.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5ee43e4d6..f0de86124 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3708,9 +3708,17 @@ static psa_status_t psa_generator_tls12_prf_setup( /* Write `label + seed' at the end of the `A(i) + seed` buffer, * leaving the initial `hash_length` bytes unspecified for now. */ - memcpy( tls12_prf->Ai_with_seed + hash_length, label, label_length ); - memcpy( tls12_prf->Ai_with_seed + hash_length + label_length, - salt, salt_length ); + if( label_length != 0 ) + { + memcpy( tls12_prf->Ai_with_seed + hash_length, + label, label_length ); + } + + if( salt_length != 0 ) + { + memcpy( tls12_prf->Ai_with_seed + hash_length + label_length, + salt, salt_length ); + } /* The first block gets generated when * psa_generator_read() is called. */ From 87a7eeb9060e1a199c71422b0f18365da2c52596 Mon Sep 17 00:00:00 2001 From: mohammad1603 Date: Thu, 1 Nov 2018 11:25:49 +0200 Subject: [PATCH 0641/2197] Add a getting started guide Add a new guide intended to help users of the library quickly get going with any of a number of tasks via code snippets and explanations. --- docs/getting_started.md | 526 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 526 insertions(+) create mode 100644 docs/getting_started.md diff --git a/docs/getting_started.md b/docs/getting_started.md new file mode 100644 index 000000000..eac831546 --- /dev/null +++ b/docs/getting_started.md @@ -0,0 +1,526 @@ +## Getting started with Mbed Crypto + +### What is Mbed Crypto? + +Mbed Crypto is an open source cryptographic library that supports a wide range of cryptographic operations, including: +* Key management +* Hashing +* Symmetric cryptography +* Asymmetric cryptography +* Message authentication (MAC) +* Key generation and derivation +* Authenticated encryption with associated data (AEAD) + +The Mbed Crypto library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). It is written in portable C. + +The Mbed Crypto library is distributed under the Apache License, version 2.0. + +#### Platform Security Architecture (PSA) + +Arm's Platform Security Architecture (PSA) is a holistic set of threat models, +security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives. + +### Using Mbed Crypto + +* [Getting the Mbed Crypto library](#getting-the-mbed-crypto-library) +* [Building the Mbed Crypto library](#building-the-mbed-crypto-library) +* [Using the Mbed Crypto library](#using-the-mbed-crypto-library) +* [Importing a key](#importing-a-key) +* [Signing a message using RSA](#signing-a-message-using-RSA) +* [Encrypting or decrypting using symmetric ciphers](#encrypting-or-decrypting-using-symmetric-ciphers) +* [Hashing a message](#hashing-a-message) +* [Deriving a new key from an existing key](#deriving-a-new-key-from-an-existing-key) +* [Generating a random value](#generating-a-random-value) +* [Authenticating and encrypting or decrypting a message](#authenticating-and-encrypting-or-decrypting-a-message) +* [Generating and exporting keys](#generating-and-exporting-keys) +* [More about the Mbed Crypto library](#more-about-the-mbed-crypto-library) + +### Getting the Mbed Crypto library + +Mbed Crypto releases are available in the [public Github repository]( https://github.com/ARMmbed/mbed-crypto). + +### Building the Mbed Crypto library + +You need the following tools to build the library with the provided makefiles: +* GNU Make. +* A C toolchain (compiler, linker, archiver). +* Python 2 or Python 3 (either works) to generate the test code. +* Perl to run the tests. + +If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. + +To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`), such as: +``` +make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar +``` +The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. + +To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. + +### Using the Mbed Crypto library + +To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other API. This initializes the library. + +### Importing a key + +To use a key for cryptography operations in Mbed Crypto, you need to first import it into a key slot. Each slot can store only one key at a time. The slot where the key is stored must be unoccupied, and valid for a key of the chosen type. + +Prerequisites to importing keys: +* Initialize the library with a successful call to `psa_crypto_init`. + +Importing a key and checking key information: +1. Import a key pair into key slot `1`. +1. Test the information stored in this slot: +```C + int key_slot = 1; + uint8_t *data = "KEYPAIR_KEY_DATA"; + size_t data_size; + psa_key_type_t type = PSA_KEY_TYPE_RSA_PUBLIC_KEY; + size_t got_bits; + psa_key_type_t got_type; + size_t expected_bits = data_size; + psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA; + size_t export_size = data_size; + + psa_crypto_init(); + + /* Import the key */ + status = psa_import_key(key_slot, type, data, data_size); + + /* Test the key information */ + status = psa_get_key_information(slot, &got_type, &got_bits); + + /* Destroy the key */ + psa_destroy_key(key_slot); + mbedtls_psa_crypto_free(); +``` + +### Signing a message using RSA + +Mbed Crypto provides support for encrypting, decrypting, signing and verifying messages using public key signature algorithms (such as RSA or ECDSA). + +Prerequisites to working with the asymmetric cipher API: +* Initialize the library with a successful call to `psa_crypto_init`. +* Configure the key policy accordingly: + * `PSA_KEY_USAGE_SIGN` to allow signing. + * `PSA_KEY_USAGE_VERIFY` to allow signature verification. +* Have a valid key in the key slot. + +To sign a given message `payload` using RSA: +1. Set the key policy of the chosen key slot by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_SIGN` parameter and the algorithm `PSA_ALG_RSA_PKCS1V15_SIGN_RAW`. +This allows the key in the key slot to be used for RSA signing. +1. Import the key into the key slot by calling `psa_import_key()`. You can use an already imported key instead of importing a new one. +1. Call `psa_asymmetric_sign()` and get the output buffer that contains the signature: +```C + psa_status_t status; + int key_slot = 1; + unsigned char key[] = "RSA_KEY"; + unsigned char payload[] = "ASYMMETRIC_INPUT_FOR_SIGN"; + psa_key_policy_t policy; + unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + size_t signature_length; + + status = psa_crypto_init(); + + /* Import the key */ + psa_key_policy_init(&policy); + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_SIGN, + PSA_ALG_RSA_PKCS1V15_SIGN_RAW); + status = psa_set_key_policy(key_slot, &policy); + + status = psa_import_key(key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, + key, sizeof(key)); + + /* Sing message using the key */ + status = psa_asymmetric_sign(key_slot, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, + payload, sizeof(payload), + signature, sizeof(signature), + &signature_length); + /* Destroy the key */ + psa_destroy_key(key_slot); + mbedtls_psa_crypto_free(); +``` + +### Encrypting or decrypting using symmetric ciphers + +Mbed Crypto provides support for encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers). + +Prerequisites to working with the symmetric cipher API: +* Initialize the library with a successful call to `psa_crypto_init`. +* Configure the key policy accordingly (`PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption). +* Have a valid key in the key slot. + +Encrypting a message with a symmetric cipher: +1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. +1. Call `psa_cipher_encrypt_setup` to initialize the operation structure and specify the algorithm and the key to be used. +1. Call either `psa_cipher_generate_iv` or `psa_cipher_set_iv` to generate or set the initialization vector (IV). We recommended `psa_cipher_generate_iv`, unless you require a specific IV value. +1. Call `psa_cipher_update` one or more times, passing either the whole or only a fragment of the message each time. +1. Call `psa_cipher_finish` to end the operation and output the encrypted message. + +Encrypting random data using an AES key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled): +```c + psa_key_slot_t key_slot = 1; + psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; + psa_cipher_operation_t operation; + size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES); + unsigned char input[block_size]; + unsigned char iv[block_size]; + size_t iv_len; + unsigned char output[block_size]; + size_t output_len; + + /* generate some random data to be encrypted */ + psa_generate_random(input, sizeof(input)); + + /* encrypt the key */ + psa_cipher_encrypt_setup(&operation, key_slot, alg); + psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len); + psa_cipher_update(&operation, input, sizeof(input), + output, sizeof(output), + &output_len); + psa_cipher_finish(&operation, + output + output_len, sizeof(output) - output_len, + &output_len); + /* Clean up cipher operation context */ + psa_cipher_abort(&operation); +``` + +Decrypting a message with a symmetric cipher: +1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. +1. Call `psa_cipher_decrypt_setup` to initialize the operation structure and to specify the algorithm and the key to be used. +1. Call `psa_cipher_set_iv` with the IV for the decryption. +1. Call `psa_cipher_update` one or more times passing either the whole or only a fragment of the message each time. +1. Call `psa_cipher_finish` to end the operation and output the decrypted message. + +Decrypting encrypted data using an AES key in CBC mode with no padding +(assuming all prerequisites have been fulfilled): +```c + psa_key_slot_t key_slot = 1; + psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; + psa_cipher_operation_t operation; + size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES); + unsigned char input[block_size]; + unsigned char iv[block_size]; + size_t iv_len; + unsigned char output[block_size]; + size_t output_len; + + /* setup input data */ + fetch_iv(iv, sizeof(iv)); /* fetch the IV used when the data was encrypted */ + fetch_input(input, sizeof(input)); /* fetch the data to be decrypted */ + + /* encrypt the encrypted data */ + psa_cipher_decrypt_setup(&operation, key_slot, alg); + psa_cipher_set_iv(&operation, iv, sizeof(iv)); + psa_cipher_update(&operation, input, sizeof(input), + output, sizeof(output), + &output_len); + psa_cipher_finish(&operation, + output + output_len, sizeof(output) - output_len, + &output_len); + /* Clean up cipher operation context */ + psa_cipher_abort(&operation); +``` + +#### Handling cipher operation contexts + +Once you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`, you can terminate the operation at any time by calling `psa_cipher_abort`. + +The call to `psa_cipher_abort` frees any resources associated with the operation (except for the operation structure itself). An implicit call to `psa_cipher_abort` occurs when any of these conditions occur: +* A call to `psa_cipher_generate_iv`, `psa_cipher_set_iv` or `psa_cipher_update` has failed (returning any status other than `PSA_SUCCESS`). +* Either a successful or failed call to `psa_cipher_finish`. + +Once `psa_cipher_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling either `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup` again. + +For an operation that has been initialized successfully (by a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`) it is imperative that at some time `psa_cipher_abort` is called. + +Multiple sequential calls to `psa_cipher_abort` on an operation that has already been terminated (either implicitly or explicitly) are safe and have no effect. + +### Hashing a message + +Mbed Crypto lets you compute and verify hashes using various hashing algorithms. + +The current implementation supports the following hash algorithms: `MD2`, `MD4`, `MD5`, `RIPEMD160`, `SHA-1`, `SHA-224`, `SHA-256`, `SHA-384`, and `SHA-512`. + +Prerequisites to working with the hash APIs: +* Initialize the library with a successful call to `psa_crypto_init`. + +To calculate a hash: +1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. +1. Call `psa_hash_setup` to initialize the operation structure and specify the hash algorithm. +1. Call `psa_hash_update` one or more times, passing either the whole or only a fragment of the message each time. +1. Call `psa_hash_finish` to calculate the hash, or `psa_hash_verify` to compare the computed hash with an expected hash value. + +Calculate the `SHA-256` hash of a message: +```c + psa_algorithm_t alg = PSA_ALG_SHA_256; + psa_hash_operation_t operation; + unsigned char input[] = { 'a', 'b', 'c' }; + unsigned char actual_hash[PSA_HASH_MAX_SIZE]; + size_t actual_hash_len; + + /* Compute hash of message */ + psa_hash_setup(&operation, alg); + psa_hash_update(&operation, input, sizeof(input)); + psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_len); + + /* Clean up hash operation context */ + psa_hash_abort(&operation); +``` + +Verify the `SHA-256` hash of a message: +```c + psa_algorithm_t alg = PSA_ALG_SHA_256; + psa_hash_operation_t operation; + unsigned char input[] = { 'a', 'b', 'c' }; + unsigned char expected_hash[] = { + 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, + 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, + 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad + }; + size_t expected_hash_len = PSA_HASH_SIZE(alg); + + /* Verify message hash */ + psa_hash_setup(&operation, alg); + psa_hash_update(&operation, input, sizeof(input)); + psa_hash_verify(&operation, expected_hash, expected_hash_len); +``` + +The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm. + +#### Handling hash operation contexts + +Once the operation structure has been successfully initialized by a successful call to `psa_hash_setup`, it's possible to terminate the operation at any time by calling `psa_hash_abort`. The call to `psa_hash_abort` frees any resources associated with the operation (except for the operation structure itself). + +An implicit call to `psa_hash_abort` occurs when any of these conditions occur: +1. A call to `psa_hash_update` has failed (returning any status other than `PSA_SUCCESS`). +1. Either a successful or failed call to `psa_hash_finish`. +1. Either a successful or failed call to `psa_hash_verify`. + +Once `psa_hash_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling `psa_hash_setup` again. + +For an operation that has been initialized successfully (by a successful call to `psa_hash_setup`) it is imperative that at some time `psa_hash_abort` is called. + +Multiple sequential calls to `psa_hash_abort` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect. + +### Generating a random value + +Mbed Crypto can generate random data. + +Prerequisites to random generation: +* Initialize the library with a successful call to `psa_crypto_init`. + +Generate a random, ten-byte piece of data: +1. Generate random bytes by calling `psa_generate_random()`: +```C + psa_status_t status; + uint8_t random[10] = { 0 }; + psa_crypto_init(); + status = psa_generate_random(random, sizeof(random)); + + mbedtls_psa_crypto_free(); +``` + +### Deriving a new key from an existing key + +Mbed Crypto provides a key derivation API that lets you derive new keys from existing ones. Key derivation is based upon the generator abstraction. A generator must first be initialized and set up (provided with a key and optionally other data) and then derived data can be read from it either to a buffer or directly imported into a key slot. + +Prerequisites to working with the key derivation APIs: +* Initialize the library with a successful call to `psa_crypto_init`. +* Configure the key policy for the key used for derivation (`PSA_KEY_USAGE_DERIVE`) +* The key type must be `PSA_KEY_TYPE_DERIVE`. + +Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF with a given key, salt and label: +1. Set the key policy for key derivation by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_DERIVE` parameter, and the algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. +1. Import the key into the key slot by calling `psa_import_key()`. You can skip this step and the previous one if the key has already been imported into a known key slot. +1. Set up the generator using the `psa_key_derivation` function providing a key slot containing a key that can be used for key derivation and a salt and label (Note: salt and label are optional). +1. Initiate a key policy to for the derived key by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR`. +1. Set the key policy to the derived key slot. +1. Import a key from generator into the desired key slot using (`psa_generator_import_key`). +1. Clean up generator. + +At this point the derived key slot holds a new 128-bit AES-CTR encryption key derived from the key, salt and label provided: +```C + psa_key_slot_t base_key = 1; + psa_key_slot_t derived_key = 2; + psa_key_policy_t policy; + + unsigned char key[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b }; + + unsigned char salt[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + + unsigned char label[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, + 0xf7, 0xf8, 0xf9 }; + + psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + size_t derived_bits = 128; + size_t capacity = PSA_BITS_TO_BYTES(derived_bits); + + status = psa_crypto_init(); + + /* Import a key for use in key derivation, if such a key has already been imported you can skip this part */ + psa_key_policy_init(&policy); + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DERIVE, alg); + status = psa_set_key_policy(base_key, &policy); + + status = psa_import_key(base_key, PSA_KEY_TYPE_DERIVE, key, sizeof(key)); + + /* Derive a key into a key slot*/ + status = psa_key_derivation(&generator, base_key, alg, salt, sizeof(salt), + label, sizeof(label), capacity); + + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR); + + psa_set_key_policy(derived_key, &policy); + + psa_generator_import_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator); + + /* Clean up generator and key */ + psa_generator_abort(&generator); + /* as part of clean up you may want to clean up the keys used by calling: + * psa_destroy_key( base_key ); or psa_destroy_key( derived_key ); */ + mbedtls_psa_crypto_free(); +``` + +### Authenticating and encrypting or decrypting a message + +Mbed Crypto provides a simple way for authenticate and encrypt with associated data (AEAD) supporting `PSA_ALG_CCM` algorithm. + +Prerequisites to working with the AEAD ciphers APIs: +* Initialize the library with a successful call to `psa_crypto_init`. +* The key policy for the key used for derivation must be configured accordingly (`PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT`). + +To authenticate and encrypt a message: +```C + int slot = 1; + psa_status_t status; + unsigned char key[] = { 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; + + unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B }; + + unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, + 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; + + unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, + 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, + 0xD2, 0xD7, 0xC2 }; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + size_t tag_length = 16; + + output_size = sizeof(input_data) + tag_length; + output_data = malloc(output_size); + status = psa_crypto_init(); + + psa_key_policy_init(&policy); + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM); + status = psa_set_key_policy(slot, &policy); + + status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key)); + + status = psa_aead_encrypt(slot, PSA_ALG_CCM, + nonce, sizeof(nonce), + additional_data, sizeof(additional_data), + input_data, sizeof(input_data), + output_data, output_size, + &output_length); + + psa_destroy_key(slot); + mbedtls_free(output_data); + mbedtls_psa_crypto_free(); +``` + +To authenticate and decrypt a message: + +```C + int slot = 1; + psa_status_t status; + unsigned char key[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF + }; + + unsigned char nonce[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3, + 0x3C, 0x49, 0xFD, 0x70 + }; + + unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, + 0xC3, 0x3C, 0x49, 0xFD, 0x70 + }; + unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, + 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, + 0xD2, 0xD7, 0xC2 + }; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + + output_size = sizeof(input_data); + output_data = malloc(output_size); + status = psa_crypto_init(); + + psa_key_policy_init(&policy); + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM); + status = psa_set_key_policy(slot, &policy); + + status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key)); + + status = psa_aead_decrypt(slot, PSA_ALG_CCM, + nonce, sizeof(nonce), + additional_data, sizeof(additional_data), + input_data, sizeof(input_data), + output_data, output_size, + &output_length); + + psa_destroy_key(slot); + mbedtls_free(output_data); + mbedtls_psa_crypto_free(); +``` + +### Generating and exporting keys + +Mbed Crypto provides a simple way to generate a key or key pair. + +Prerequisites to using key generation and export APIs: +* Initialize the library with a successful call to `psa_crypto_init`. + +Generate a piece of random 128-bit AES data: +1. Set the key policy for key generation by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_EXPORT` parameter and the algorithm `PSA_ALG_GCM`. +1. Generate a random AES key by calling `psa_generate_key()`. +1. Export the generated key by calling `psa_export_key()`: +```C + int slot = 1; + size_t bits = 128; + size_t exported_size = bits; + size_t exported_length = 0; + uint8_t *exported = malloc(exported_size); + + psa_crypto_init(); + + psa_key_policy_init(&policy); + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_GCM); + psa_set_key_policy(slot, &policy); + + /* Generate a key */ + psa_generate_key(slot, PSA_KEY_TYPE_AES, bits, NULL, 0); + + psa_export_key(slot, exported, exported_size, &exported_length) + + psa_destroy_key(slot); + mbedtls_psa_crypto_free(); +``` + +### More about the Mbed Crypto library + +More information on [Mbed Crypto](https://github.com/ARMmbed/mbed-crypto/). + +More information on [PSA Crypto](https://github.com/ARMmbed/mbed-crypto/blob/development/docs/PSA_Crypto_API_Overview.pdf). From a05219c70bc71eb0a656531e4a1a8a222a5146af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 16:02:56 +0100 Subject: [PATCH 0642/2197] Add some missing compilation guards Add missing checks for defined(MBEDTLS_MD_C) around types and functions that require it (HMAC, HKDF, TLS12_PRF). Add missing checks for defined(MBEDTLS_ECDSA_DETERMINISTIC) around code that calls mbedtls_ecdsa_sign_det(). Add missing checks for defined(MBEDTLS_ECDH_C) around ECDH-specific functions. --- include/psa/crypto_struct.h | 8 ++++++-- library/psa_crypto.c | 21 ++++++++++++++++++++- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f11b87cca..44a1a6057 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -85,7 +85,7 @@ struct psa_hash_operation_s } ctx; }; - +#if defined(MBEDTLS_MD_C) typedef struct { /** The hash context. */ @@ -93,7 +93,7 @@ typedef struct /** The HMAC part of the context. */ uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; } psa_hmac_internal_data; - +#endif /* MBEDTLS_MD_C */ struct psa_mac_operation_s { @@ -130,6 +130,7 @@ struct psa_cipher_operation_s } ctx; }; +#if defined(MBEDTLS_MD_C) typedef struct { uint8_t *info; @@ -143,7 +144,9 @@ typedef struct uint8_t offset_in_block; uint8_t block_number; } psa_hkdf_generator_t; +#endif /* MBEDTLS_MD_C */ +#if defined(MBEDTLS_MD_C) typedef struct psa_tls12_prf_generator_s { /* The TLS 1.2 PRF uses the key for each HMAC iteration, @@ -172,6 +175,7 @@ typedef struct psa_tls12_prf_generator_s uint8_t block_number; } psa_tls12_prf_generator_t; +#endif /* MBEDTLS_MD_C */ struct psa_crypto_generator_s { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f0de86124..c38d0484e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1431,6 +1431,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( (int) key_bits, mode ) ); } +#if defined(MBEDTLS_MD_C) static size_t psa_get_hash_block_size( psa_algorithm_t alg ) { switch( alg ) @@ -1457,6 +1458,7 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) return( 0 ); } } +#endif /* MBEDTLS_MD_C */ /* Initialize the MAC operation structure. Once this function has been * called, psa_mac_abort can run and will do the right thing. */ @@ -2164,6 +2166,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, goto cleanup; } +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) ) { psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); @@ -2174,7 +2177,9 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, md_alg ) ); } else +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ { + (void) alg; MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d, hash, hash_length, mbedtls_ctr_drbg_random, @@ -2265,7 +2270,13 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) { #if defined(MBEDTLS_ECDSA_C) - if( PSA_ALG_IS_ECDSA( alg ) ) + if( +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + PSA_ALG_IS_ECDSA( alg ) +#else + PSA_ALG_IS_RANDOMIZED_ECDSA( alg ) +#endif + ) status = psa_ecdsa_sign( slot->data.ecp, alg, hash, hash_length, @@ -3637,6 +3648,7 @@ exit: /* Key derivation */ /****************************************************************/ +#if defined(MBEDTLS_MD_C) /* Set up an HKDF-based generator. This is exactly the extract phase * of the HKDF algorithm. */ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, @@ -3674,7 +3686,9 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, } return( PSA_SUCCESS ); } +#endif /* MBEDTLS_MD_C */ +#if defined(MBEDTLS_MD_C) /* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */ static psa_status_t psa_generator_tls12_prf_setup( psa_tls12_prf_generator_t *tls12_prf, @@ -3727,6 +3741,7 @@ static psa_status_t psa_generator_tls12_prf_setup( return( PSA_SUCCESS ); } +#endif /* MBEDTLS_MD_C */ static psa_status_t psa_key_derivation_internal( psa_crypto_generator_t *generator, @@ -3744,8 +3759,10 @@ static psa_status_t psa_key_derivation_internal( if( alg == PSA_ALG_SELECT_RAW ) { + (void) salt; if( salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); + (void) label; if( label_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); @@ -3854,6 +3871,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, /* Key agreement */ /****************************************************************/ +#if defined(MBEDTLS_ECDH_C) static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, size_t peer_key_length, const mbedtls_ecp_keypair *our_key, @@ -3905,6 +3923,7 @@ exit: mbedtls_ecdh_free( &ecdh ); return( mbedtls_to_psa_error( ret ) ); } +#endif /* MBEDTLS_ECDH_C */ #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES From 346797d7b9c4add1d8a367625c7940c657342ff5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 16:05:06 +0100 Subject: [PATCH 0643/2197] Add missing cleanup on failure in psa_key_agreement If psa_key_derivation_internal() fails, it's up to the caller to clean up. Do this, and add a note at the top of psa_key_derivation_internal() and its auxiliary functions. There is no non-regression test because at the moment the only way to trigger an error is a borderline low-memory condition and we don't have the means to trigger this. --- library/psa_crypto.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c38d0484e..072f626b3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3650,7 +3650,11 @@ exit: #if defined(MBEDTLS_MD_C) /* Set up an HKDF-based generator. This is exactly the extract phase - * of the HKDF algorithm. */ + * of the HKDF algorithm. + * + * Note that if this function fails, you must call psa_generator_abort() + * to potentially free embedded data structures and wipe confidential data. + */ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, const uint8_t *secret, size_t secret_length, @@ -3689,7 +3693,11 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) -/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */ +/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). + * + * Note that if this function fails, you must call psa_generator_abort() + * to potentially free embedded data structures and wipe confidential data. + */ static psa_status_t psa_generator_tls12_prf_setup( psa_tls12_prf_generator_t *tls12_prf, const unsigned char *key, @@ -3743,6 +3751,9 @@ static psa_status_t psa_generator_tls12_prf_setup( } #endif /* MBEDTLS_MD_C */ +/* Note that if this function fails, you must call psa_generator_abort() + * to potentially free embedded data structures and wipe confidential data. + */ static psa_status_t psa_key_derivation_internal( psa_crypto_generator_t *generator, const uint8_t *secret, size_t secret_length, @@ -3927,6 +3938,9 @@ exit: #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES +/* Note that if this function fails, you must call psa_generator_abort() + * to potentially free embedded data structures and wipe confidential data. + */ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, key_slot_t *private_key, const uint8_t *peer_key, @@ -3984,10 +3998,13 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, PSA_KEY_USAGE_DERIVE, alg ); if( status != PSA_SUCCESS ) return( status ); - return( psa_key_agreement_internal( generator, - slot, - peer_key, peer_key_length, - alg ) ); + status = psa_key_agreement_internal( generator, + slot, + peer_key, peer_key_length, + alg ); + if( status != PSA_SUCCESS ) + psa_generator_abort( generator ); + return( status ); } From 1dfb1ba684d82039c860fa1587a61eadd8a96bc7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 16:06:37 +0100 Subject: [PATCH 0644/2197] Add a test case for key agreement with a following KDF There was no test case of ECDH with anything other than PSA_ALG_SELECT_RAW. Exercise the code path from ECDH through a "proper" KDF. ECDH shared secret copied from an existing test, HKDF output calculated with Cryptodome. --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7f37db197..0fbf2574a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1697,6 +1697,10 @@ PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" + PSA generate random: 0 bytes generate_random:0 From a1b87e5afe228aed21a5c55d96dade4eee613253 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 16:43:04 +0100 Subject: [PATCH 0645/2197] Add missing dependency in an ECDH test case curves.pl passes. --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0fbf2574a..da105d2d1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1618,7 +1618,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH, raw: public key on different curve -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, raw: public key instead of private key From 93f8500e2ef5ba0d8e8b9d9b27c9f59980299060 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 16:43:31 +0100 Subject: [PATCH 0646/2197] Fix unused variables warning if MBEDTLS_ECDH_C is off depends-pkalgs.pl passes. --- library/psa_crypto.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 072f626b3..b0fb5a883 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3967,6 +3967,9 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato break; #endif /* MBEDTLS_ECDH_C */ default: + (void) private_key; + (void) peer_key; + (void) peer_key_length; return( PSA_ERROR_NOT_SUPPORTED ); } if( status != PSA_SUCCESS ) From 19643c573d6c796f010a9ef25ac053bda34d2b2a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 16:45:02 +0100 Subject: [PATCH 0647/2197] Fix typo in documentation tests/scripts/doxygen.sh passes. --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8e439bab0..15c8130ef 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1270,7 +1270,7 @@ typedef uint32_t psa_algorithm_t; * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) * or a key selection algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_SELECTION(\p hash_alg) is true). + * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). * * \return The Diffie-Hellman algorithm with the specified * selection or derivation algorithm. From 8dbfca462818038190f3690ae48b5ef6173fde26 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 12 Oct 2018 11:56:55 +0100 Subject: [PATCH 0648/2197] Add TLS-1.2 PSK-to-MS key derivation algorithm identifier to PSA API --- include/psa/crypto.h | 39 ++++++++++++++++++++++++++++++++++++++ include/psa/crypto_sizes.h | 16 ++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 15c8130ef..bdddeca59 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1232,6 +1232,45 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300) +/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. + * + * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the + * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PSK to MS algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ + (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. + * + * In a pure-PSK handshake in TLS 1.2, the master secret is derived + * from the PreSharedKey (PSK) through the application of padding and + * the TLS-1.2 PRF (see below). The latter is based on HMAC and can + * be used with either SHA-256 or SHA-384. + * + * For the application to TLS-1.2, the salt passed to psa_key_derivation() + * (and forwarded to the TLS-1.2 PRF) is the concatenation of the + * ClientHello.Random + ServerHello.Random, while the label is "master secret". + * See RFC 5246, Section 8.1, Computing the Master Secret. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) +#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff) /** Use a shared secret as is. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index f0a1ba7dd..7e1795673 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -131,6 +131,22 @@ #define PSA_VENDOR_ECC_MAX_CURVE_BITS 0 #endif +/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN + * + * This macro returns the maximum length of the PSK supported + * by the TLS-1.2 PSK-to-MS key derivation. + * + * Quoting RFC 4279, Sect 5.3: + * TLS implementations supporting these ciphersuites MUST support + * arbitrary PSK identities up to 128 octets in length, and arbitrary + * PSKs up to 64 octets in length. Supporting longer identities and + * keys is RECOMMENDED. + * + * Therefore, no implementation should define a value smaller than 64 + * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN. + */ +#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128 + /** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE * * Maximum size of an asymmetric signature. From 1aaedc03d4402d5f6147b0e0a653fa7c7c9c5e13 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 11:35:34 +0000 Subject: [PATCH 0649/2197] Add implementation of TLS-1.2 PSK-to-MS key derivation --- library/psa_crypto.c | 72 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 65 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b0fb5a883..010c338c0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3275,7 +3275,9 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) mbedtls_free( generator->ctx.hkdf.info ); status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac ); } - else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ) + else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) || + /* TLS-1.2 PSK-to-MS KDF uses the same generator as TLS-1.2 PRF */ + PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) ) { if( generator->ctx.tls12_prf.key != NULL ) { @@ -3578,7 +3580,8 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg, output, output_length ); } - else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ) + else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) ) { status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf, generator->alg, output, @@ -3749,6 +3752,47 @@ static psa_status_t psa_generator_tls12_prf_setup( return( PSA_SUCCESS ); } + +/* Set up a TLS-1.2-PSK-to-MS-based generator. */ +static psa_status_t psa_generator_tls12_psk_to_ms_setup( + psa_tls12_prf_generator_t *tls12_prf, + const unsigned char *psk, + size_t psk_len, + psa_algorithm_t hash_alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length ) +{ + psa_status_t status; + unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; + + if( psk_len > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + /* Quoting RFC 4279, Section 2: + * + * The premaster secret is formed as follows: if the PSK is N octets + * long, concatenate a uint16 with the value N, N zero octets, a second + * uint16 with the value N, and the PSK itself. + */ + + pms[0] = ( psk_len >> 8 ) & 0xff; + pms[1] = ( psk_len >> 0 ) & 0xff; + memset( pms + 2, 0, psk_len ); + pms[2 + psk_len + 0] = pms[0]; + pms[2 + psk_len + 1] = pms[1]; + memcpy( pms + 4 + psk_len, psk, psk_len ); + + status = psa_generator_tls12_prf_setup( tls12_prf, + pms, 4 + 2 * psk_len, + hash_alg, + salt, salt_length, + label, label_length ); + + mbedtls_zeroize( pms, sizeof( pms ) ); + return( status ); +} #endif /* MBEDTLS_MD_C */ /* Note that if this function fails, you must call psa_generator_abort() @@ -3799,7 +3843,9 @@ static psa_status_t psa_key_derivation_internal( salt, salt_length, label, label_length ); } - else if( PSA_ALG_IS_TLS12_PRF( alg ) ) + /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ + else if( PSA_ALG_IS_TLS12_PRF( alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) { psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); size_t hash_size = PSA_HASH_SIZE( hash_alg ); @@ -3812,10 +3858,22 @@ static psa_status_t psa_key_derivation_internal( } max_capacity = 255 * hash_size; - status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf, - secret, secret_length, - hash_alg, salt, salt_length, - label, label_length ); + + if( PSA_ALG_IS_TLS12_PRF( alg ) ) + { + status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf, + secret, secret_length, + hash_alg, salt, salt_length, + label, label_length ); + } + else + { + status = psa_generator_tls12_psk_to_ms_setup( + &generator->ctx.tls12_prf, + secret, secret_length, + hash_alg, salt, salt_length, + label, label_length ); + } } else #endif From a198f06feb5d2ab7a453d1708bf28c3717f98710 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 12 Oct 2018 15:48:17 +0100 Subject: [PATCH 0650/2197] Add tests for TLS-1.2 PSK-to-MS derivation --- tests/suites/test_suite_psa_crypto.data | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index da105d2d1..b09eb307d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1537,6 +1537,21 @@ PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" +# Test case manually extracted from debug output of TLS-PSK run +# Label: "master secret" +# Salt: Concatenation of ClientHello.Random and ServerHello.Random +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":"" + +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" + +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" + PSA key derivation: HKDF SHA-256, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" From f074938aaeb87425cd24df333e047d1238297163 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 10:18:09 +0000 Subject: [PATCH 0651/2197] Add SHA-384 tests for TLS 1.2 PSK-to-MS key derivation --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b09eb307d..5f09c8dc0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1552,6 +1552,18 @@ PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" + +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" + +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" + PSA key derivation: HKDF SHA-256, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" From 6b123fbc39b2a1364dc0a7f51860461935c43f04 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 14:34:55 +0000 Subject: [PATCH 0652/2197] Add test for overly long PSK in TLS-1.2 PSK-to-MS KDF --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5f09c8dc0..ea214d25a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1580,6 +1580,10 @@ PSA key derivation: HKDF SHA-1, request too much capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_setup:PSA_KEY_TYPE_DERIVE:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_ALG_HKDF(PSA_ALG_SHA_1):"":"":255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_setup:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"":"":100:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: over capacity 42: output 42+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff" From 2255a360a6d1b86735f479678a220092658447da Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 16:05:13 +0000 Subject: [PATCH 0653/2197] Improve documentation of TLS-1.2 PRF and PSK-to-MS KDF --- include/psa/crypto.h | 35 +++++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index bdddeca59..d1a3f0f3b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1201,6 +1201,16 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200) /** Macro to build a TLS-1.2 PRF algorithm. + * + * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, + * specified in Section 5 of RFC 5246. It is based on HMAC and can be + * used with either SHA-256 or SHA-384. + * + * For the application to TLS-1.2, the salt and label arguments passed + * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246, + * respectively. For example, for TLS key expansion, the salt is the + * concatenation of ServerHello.Random + ClientHello.Random, + * while the label is "key expansion". * * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the * TLS 1.2 PRF using HMAC-SHA-256. @@ -1216,10 +1226,6 @@ typedef uint32_t psa_algorithm_t; (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is a TLS-1.2 PRF algorithm. - * - * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, - * specified in Section 5 of RFC 5246. It is based on HMAC and can be - * used with either SHA-256 or SHA-384. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * @@ -1234,6 +1240,17 @@ typedef uint32_t psa_algorithm_t; #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. + * + * In a pure-PSK handshake in TLS 1.2, the master secret is derived + * from the PreSharedKey (PSK) through the application of padding + * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5). + * The latter is based on HMAC and can be used with either SHA-256 + * or SHA-384. + * + * For the application to TLS-1.2, the salt passed to psa_key_derivation() + * (and forwarded to the TLS-1.2 PRF) is the concatenation of the + * ClientHello.Random + ServerHello.Random, while the label is "master secret" + * or "extended master secret". * * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. @@ -1249,16 +1266,6 @@ typedef uint32_t psa_algorithm_t; (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) /** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. - * - * In a pure-PSK handshake in TLS 1.2, the master secret is derived - * from the PreSharedKey (PSK) through the application of padding and - * the TLS-1.2 PRF (see below). The latter is based on HMAC and can - * be used with either SHA-256 or SHA-384. - * - * For the application to TLS-1.2, the salt passed to psa_key_derivation() - * (and forwarded to the TLS-1.2 PRF) is the concatenation of the - * ClientHello.Random + ServerHello.Random, while the label is "master secret". - * See RFC 5246, Section 8.1, Computing the Master Secret. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * From 9989b5e6625255aa56c4815bf008fce1b0fe1c11 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 20 Nov 2018 10:30:51 +0000 Subject: [PATCH 0654/2197] Update config-default.h to latest default config Upstream mbedtls maintains the default configuration in include/mbedtls/config.h. We maintain the default configuration in configs/config-default.h, and our PSA-specific configuration in include/mbedtls/config.h. This means, each time we update Mbed TLS, we need to update the default configuration file (configs/config-default.h) manually using the copy from mbedtls. --- configs/config-default.h | 324 +++++++++++++++++++++++++++++++++++---- 1 file changed, 292 insertions(+), 32 deletions(-) diff --git a/configs/config-default.h b/configs/config-default.h index 4100c8e32..16ed503ca 100644 --- a/configs/config-default.h +++ b/configs/config-default.h @@ -8,7 +8,7 @@ * memory footprint. */ /* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -48,10 +48,14 @@ * Requires support for asm() in compiler. * * Used in: + * library/aria.c * library/timing.c - * library/padlock.c * include/mbedtls/bn_mul.h * + * Required by: + * MBEDTLS_AESNI_C + * MBEDTLS_PADLOCK_C + * * Comment to disable the use of assembly code. */ #define MBEDTLS_HAVE_ASM @@ -84,6 +88,28 @@ */ //#define MBEDTLS_NO_UDBL_DIVISION +/** + * \def MBEDTLS_NO_64BIT_MULTIPLICATION + * + * The platform lacks support for 32x32 -> 64-bit multiplication. + * + * Used in: + * library/poly1305.c + * + * Some parts of the library may use multiplication of two unsigned 32-bit + * operands with a 64-bit result in order to speed up computations. On some + * platforms, this is not available in hardware and has to be implemented in + * software, usually in a library provided by the toolchain. + * + * Sometimes it is not desirable to have to link to that library. This option + * removes the dependency of that library on platforms that lack a hardware + * 64-bit multiplier by embedding a software implementation in Mbed TLS. + * + * Note that depending on the compiler, this may decrease performance compared + * to using the library function provided by the toolchain. + */ +//#define MBEDTLS_NO_64BIT_MULTIPLICATION + /** * \def MBEDTLS_HAVE_SSE2 * @@ -111,12 +137,21 @@ /** * \def MBEDTLS_HAVE_TIME_DATE * - * System has time.h and time(), gmtime() and the clock is correct. + * System has time.h, time(), and an implementation for + * mbedtls_platform_gmtime_r() (see below). * The time needs to be correct (not necesarily very accurate, but at least * the date should be correct). This is used to verify the validity period of * X.509 certificates. * * Comment if your system does not have a correct clock. + * + * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that + * behaves similarly to the gmtime_r() function from the C standard. Refer to + * the documentation for mbedtls_platform_gmtime_r() for more information. + * + * \note It is possible to configure an implementation for + * mbedtls_platform_gmtime_r() at compile-time by using the macro + * MBEDTLS_PLATFORM_GMTIME_R_ALT. */ #define MBEDTLS_HAVE_TIME_DATE @@ -271,23 +306,29 @@ */ //#define MBEDTLS_AES_ALT //#define MBEDTLS_ARC4_ALT +//#define MBEDTLS_ARIA_ALT //#define MBEDTLS_BLOWFISH_ALT //#define MBEDTLS_CAMELLIA_ALT //#define MBEDTLS_CCM_ALT +//#define MBEDTLS_CHACHA20_ALT +//#define MBEDTLS_CHACHAPOLY_ALT //#define MBEDTLS_CMAC_ALT //#define MBEDTLS_DES_ALT //#define MBEDTLS_DHM_ALT //#define MBEDTLS_ECJPAKE_ALT //#define MBEDTLS_GCM_ALT +//#define MBEDTLS_NIST_KW_ALT //#define MBEDTLS_MD2_ALT //#define MBEDTLS_MD4_ALT //#define MBEDTLS_MD5_ALT +//#define MBEDTLS_POLY1305_ALT //#define MBEDTLS_RIPEMD160_ALT //#define MBEDTLS_RSA_ALT //#define MBEDTLS_SHA1_ALT //#define MBEDTLS_SHA256_ALT //#define MBEDTLS_SHA512_ALT //#define MBEDTLS_XTEA_ALT + /* * When replacing the elliptic curve module, pleace consider, that it is * implemented with two .c files: @@ -509,6 +550,20 @@ */ #define MBEDTLS_CIPHER_MODE_CTR +/** + * \def MBEDTLS_CIPHER_MODE_OFB + * + * Enable Output Feedback mode (OFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_OFB + +/** + * \def MBEDTLS_CIPHER_MODE_XTS + * + * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. + */ +#define MBEDTLS_CIPHER_MODE_XTS + /** * \def MBEDTLS_CIPHER_NULL_CIPHER * @@ -622,6 +677,30 @@ */ #define MBEDTLS_ECP_NIST_OPTIM +/** + * \def MBEDTLS_ECP_RESTARTABLE + * + * Enable "non-blocking" ECC operations that can return early and be resumed. + * + * This allows various functions to pause by returning + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in + * order to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum + * number of ECC operations a function may perform before pausing; see + * mbedtls_ecp_set_max_ops() for more information. + * + * This is useful in non-threaded environments if you want to avoid blocking + * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. + * + * Uncomment this macro to enable restartable ECC computations. + * + * \note This option only works with the default software implementation of + * elliptic curve functionality. It is incompatible with + * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. + */ +//#define MBEDTLS_ECP_RESTARTABLE + /** * \def MBEDTLS_ECDSA_DETERMINISTIC * @@ -1128,6 +1207,17 @@ */ #define MBEDTLS_SSL_ALL_ALERT_MESSAGES +/** + * \def MBEDTLS_SSL_ASYNC_PRIVATE + * + * Enable asynchronous external private key operations in SSL. This allows + * you to configure an SSL connection to call an external cryptographic + * module to perform private key operations instead of performing the + * operation inside the library. + * + */ +//#define MBEDTLS_SSL_ASYNC_PRIVATE + /** * \def MBEDTLS_SSL_DEBUG_ALL * @@ -1222,7 +1312,7 @@ /** * \def MBEDTLS_SSL_RENEGOTIATION * - * Disable support for TLS renegotiation. + * Enable support for TLS renegotiation. * * The two main uses of renegotiation are (1) refresh keys on long-lived * connections and (2) client authentication after the initial handshake. @@ -1617,7 +1707,7 @@ * Enable the AES block cipher. * * Module: library/aes.c - * Caller: library/ssl_tls.c + * Caller: library/cipher.c * library/pem.c * library/ctr_drbg.c * @@ -1692,7 +1782,7 @@ * Enable the ARCFOUR stream cipher. * * Module: library/arc4.c - * Caller: library/ssl_tls.c + * Caller: library/cipher.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): @@ -1786,7 +1876,7 @@ * Enable the Camellia block cipher. * * Module: library/camellia.c - * Caller: library/ssl_tls.c + * Caller: library/cipher.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): @@ -1835,6 +1925,58 @@ */ #define MBEDTLS_CAMELLIA_C +/** + * \def MBEDTLS_ARIA_C + * + * Enable the ARIA block cipher. + * + * Module: library/aria.c + * Caller: library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * + * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + */ +//#define MBEDTLS_ARIA_C + /** * \def MBEDTLS_CCM_C * @@ -1861,6 +2003,26 @@ */ #define MBEDTLS_CERTS_C +/** + * \def MBEDTLS_CHACHA20_C + * + * Enable the ChaCha20 stream cipher. + * + * Module: library/chacha20.c + */ +#define MBEDTLS_CHACHA20_C + +/** + * \def MBEDTLS_CHACHAPOLY_C + * + * Enable the ChaCha20-Poly1305 AEAD algorithm. + * + * Module: library/chachapoly.c + * + * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C + */ +#define MBEDTLS_CHACHAPOLY_C + /** * \def MBEDTLS_CIPHER_C * @@ -1889,14 +2051,16 @@ /** * \def MBEDTLS_CTR_DRBG_C * - * Enable the CTR_DRBG AES-256-based random generator. + * Enable the CTR_DRBG AES-based random generator. + * The CTR_DRBG generator uses AES-256 by default. + * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. * * Module: library/ctr_drbg.c * Caller: * * Requires: MBEDTLS_AES_C * - * This module provides the CTR_DRBG AES-256 random number generator. + * This module provides the CTR_DRBG AES random number generator. */ #define MBEDTLS_CTR_DRBG_C @@ -1921,7 +2085,7 @@ * * Module: library/des.c * Caller: library/pem.c - * library/ssl_tls.c + * library/cipher.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): @@ -2091,6 +2255,21 @@ */ //#define MBEDTLS_HAVEGE_C +/** + * \def MBEDTLS_HKDF_C + * + * Enable the HKDF algorithm (RFC 5869). + * + * Module: library/hkdf.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the Hashed Message Authentication Code + * (HMAC)-based key derivation function (HKDF). + */ +#define MBEDTLS_HKDF_C + /** * \def MBEDTLS_HMAC_DRBG_C * @@ -2105,6 +2284,19 @@ */ #define MBEDTLS_HMAC_DRBG_C +/** + * \def MBEDTLS_NIST_KW_C + * + * Enable the Key Wrapping mode for 128-bit block ciphers, + * as defined in NIST SP 800-38F. Only KW and KWP modes + * are supported. At the moment, only AES is approved by NIST. + * + * Module: library/nist_kw.c + * + * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C + */ +//#define MBEDTLS_NIST_KW_C + /** * \def MBEDTLS_MD_C * @@ -2389,16 +2581,14 @@ #define MBEDTLS_PLATFORM_C /** - * \def MBEDTLS_PSA_CRYPTO_C + * \def MBEDTLS_POLY1305_C * - * Enable the Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto.c - * - * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * Enable the Poly1305 MAC algorithm. * + * Module: library/poly1305.c + * Caller: library/chachapoly.c */ -#define MBEDTLS_PSA_CRYPTO_C +#define MBEDTLS_POLY1305_C /** * \def MBEDTLS_RIPEMD160_C @@ -2755,6 +2945,7 @@ //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ /* HMAC_DRBG options */ //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ @@ -2810,7 +3001,68 @@ //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ /* SSL options */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */ + +/** \def MBEDTLS_SSL_MAX_CONTENT_LEN + * + * Maximum fragment length in bytes. + * + * Determines the size of both the incoming and outgoing TLS I/O buffers. + * + * Uncommenting MBEDTLS_SSL_IN_CONTENT_LEN and/or MBEDTLS_SSL_OUT_CONTENT_LEN + * will override this length by setting maximum incoming and/or outgoing + * fragment length, respectively. + */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_IN_CONTENT_LEN + * + * Maximum incoming fragment length in bytes. + * + * Uncomment to set the size of the inward TLS buffer independently of the + * outward buffer. + */ +//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_OUT_CONTENT_LEN + * + * Maximum outgoing fragment length in bytes. + * + * Uncomment to set the size of the outward TLS buffer independently of the + * inward buffer. + * + * It is possible to save RAM by setting a smaller outward buffer, while keeping + * the default inward 16384 byte buffer to conform to the TLS specification. + * + * The minimum required outward buffer size is determined by the handshake + * protocol's usage. Handshaking will fail if the outward buffer is too small. + * The specific size requirement depends on the configured ciphers and any + * certificate data which is sent during the handshake. + * + * For absolute minimum RAM usage, it's best to enable + * MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and reduce MBEDTLS_SSL_MAX_CONTENT_LEN. This + * reduces both incoming and outgoing buffer sizes. However this is only + * guaranteed if the other end of the connection also supports the TLS + * max_fragment_len extension. Otherwise the connection may fail. + */ +//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING + * + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + * + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * + */ +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 + //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ @@ -2884,25 +3136,33 @@ */ //#define MBEDTLS_PLATFORM_ZEROIZE_ALT +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT + /* \} name SECTION: Customisation configuration options */ -/* Target and application specific configurations */ -//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h" - -#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE) -#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE -#endif - -/* +/* Target and application specific configurations + * * Allow user to override any previous default. * - * Use two macro names for that, as: - * - with yotta the prefix YOTTA_CFG_ is forced - * - without yotta is looks weird to have a YOTTA prefix. */ -#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE) -#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE -#elif defined(MBEDTLS_USER_CONFIG_FILE) +#if defined(MBEDTLS_USER_CONFIG_FILE) #include MBEDTLS_USER_CONFIG_FILE #endif From 76a449ba497689c636f592934740ae3c0b31b3a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 11:48:15 +0100 Subject: [PATCH 0655/2197] Add config-default.h to test-ref-configs.pl This commit adds the default upstream configuration to the set of tests we run on CI, which was long overdue. config-default is a copy of the Mbed TLS upstream config.h. It's useful for two things: to compare our local changes to include/mbedtls/config.h, and to test that we aren't breaking the default upstream configuration. Run a subset of the TLS tests that focus on exercising cryptographic algorithms as used from TLS. Don't run the full set of TLS tests because they're unlikely to be affected by changes in the PSA branch. --- tests/scripts/test-ref-configs.pl | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 80d5f3875..d12c4c2f0 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -17,6 +17,10 @@ use warnings; use strict; my %configs = ( + 'config-default.h' => { + 'opt' => '-f Default', + 'compat' => '-m tls1_2 -V NO', + }, 'config-mini-tls1_1.h' => { 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', }, From d9eee3b417c2e8f63dd10d835ab9a9472242c2ed Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 2 Nov 2018 10:45:36 +0000 Subject: [PATCH 0656/2197] Add library as valid header file location The persistent key implementation will be split across multiple files as it will eventually be implementing multiple storage backends. As these internal functions will need to be callable by other files, we will add the headers in the library folder. This commit adds this include location to the necessary scripts. For tests, the library is added as an include location as testing on-target with Mbed OS is not possible with paths including ".." --- CMakeLists.txt | 1 + crypto/tests/Makefile | 2 +- scripts/generate_visualc_files.pl | 8 +++++--- tests/Makefile | 2 +- tests/scripts/list-identifiers.sh | 2 +- 5 files changed, 9 insertions(+), 6 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 99bf31f1f..11efd87e4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -168,6 +168,7 @@ else() endif() include_directories(include/) +include_directories(library/) if(ENABLE_ZLIB_SUPPORT) find_package(ZLIB) diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile index f76c1c0f8..b44b470a3 100644 --- a/crypto/tests/Makefile +++ b/crypto/tests/Makefile @@ -1,4 +1,4 @@ -CFLAGS ?= -O2 -I../include +CFLAGS ?= -O2 -I../include -I../library WARNING_CFLAGS ?= \ -Werror -Wall -Wextra \ -Wno-unused-function \ diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 488a5beb6..d8825eed5 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -133,10 +133,11 @@ sub gen_entry_list { } sub gen_main_file { - my ($mbedtls_headers, $psa_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_; + my ($mbedtls_headers, $psa_headers, $source_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_; my $header_entries = gen_entry_list( $hdr_tpl, @$mbedtls_headers ); $header_entries .= gen_entry_list( $hdr_tpl, @$psa_headers ); + $header_entries .= gen_entry_list( $hdr_tpl, @$source_headers ); my $source_entries = gen_entry_list( $src_tpl, @$sources ); my $out = slurp_file( $main_tpl ); @@ -192,6 +193,7 @@ sub main { my @app_list = get_app_list(); my @mbedtls_headers = <$mbedtls_header_dir/*.h>; my @psa_headers = <$psa_header_dir/*.h>; + my @source_headers = <$source_dir/*.h>; my @sources = <$source_dir/*.c>; map { s!/!\\!g } @mbedtls_headers; map { s!/!\\!g } @psa_headers; @@ -199,8 +201,8 @@ sub main { gen_app_files( @app_list ); - gen_main_file( \@mbedtls_headers, \@psa_headers, \@sources, - $vsx_hdr_tpl, $vsx_src_tpl, + gen_main_file( \@mbedtls_headers, \@psa_headers, \@source_headers, + \@sources, $vsx_hdr_tpl, $vsx_src_tpl, $vsx_main_tpl_file, $vsx_main_file ); gen_vsx_solution( @app_list ); diff --git a/tests/Makefile b/tests/Makefile index 889d2a7da..f5cafe585 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -6,7 +6,7 @@ CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement -Wno-unused-function -Wno-unused-value LDFLAGS ?= -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -I../library -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ -lmbedtls$(SHARED_SUFFIX) \ -lmbedx509$(SHARED_SUFFIX) \ diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index 89daa68c7..ccd488c2e 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -7,7 +7,7 @@ if [ -d include/mbedtls ]; then :; else exit 1 fi -HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h|bn_mul' ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' ) rm -f identifiers From db2b8db7150183e15169636027f87c4145e5645c Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 15 Jun 2018 13:06:04 +0100 Subject: [PATCH 0657/2197] psa: Add storage implementation for files Add new functions, psa_load_persistent_key(), psa_free_persistent_key_data(), and psa_save_persistent_key(), for managing persistent keys. These functions load to or save from our internal representation of key slots. Serialization is a concern of the storage backend implementation and doesn't abstraction-leak into the lifetime management code. An initial implementation for files is provided. Additional storage backends can implement this interface for other storage types. --- configs/config-psa-crypto.h | 25 ++ crypto/library/Makefile | 2 + crypto/tests/Makefile | 3 + include/mbedtls/check_config.h | 12 + include/mbedtls/config.h | 25 ++ library/CMakeLists.txt | 2 + library/Makefile | 2 + library/psa_crypto_storage.c | 195 ++++++++++++++++ library/psa_crypto_storage.h | 177 ++++++++++++++ library/psa_crypto_storage_backend.h | 112 +++++++++ library/psa_crypto_storage_file.c | 218 ++++++++++++++++++ library/version_features.c | 6 + scripts/config.pl | 2 + scripts/mbed_crypto.make | 6 + tests/CMakeLists.txt | 1 + tests/scripts/all.sh | 10 + .../test_suite_psa_crypto_storage_file.data | 43 ++++ ...est_suite_psa_crypto_storage_file.function | 159 +++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 4 + 19 files changed, 1004 insertions(+) create mode 100644 library/psa_crypto_storage.c create mode 100644 library/psa_crypto_storage.h create mode 100644 library/psa_crypto_storage_backend.h create mode 100644 library/psa_crypto_storage_file.c create mode 100644 tests/suites/test_suite_psa_crypto_storage_file.data create mode 100644 tests/suites/test_suite_psa_crypto_storage_file.function diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 870e335d1..27e9ef1d6 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1522,6 +1522,31 @@ */ #define MBEDTLS_PSA_CRYPTO_C +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_C + * + * Enable the Platform Security Architecture persistent key storage. + * + * Module: library/psa_crypto_storage.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * + */ +#define MBEDTLS_PSA_CRYPTO_STORAGE_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * + * Enable persistent key storage over files for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_file.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO + * + */ +#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + /** * \def MBEDTLS_RIPEMD160_C * diff --git a/crypto/library/Makefile b/crypto/library/Makefile index 9151662a7..5b963c5ea 100644 --- a/crypto/library/Makefile +++ b/crypto/library/Makefile @@ -45,6 +45,8 @@ OBJS_CRYPTO := \ platform.o \ platform_util.o \ psa_crypto.o \ + psa_crypto_storage.o \ + psa_crypto_storage_file.o \ ripemd160.o \ rsa_internal.o \ rsa.o \ diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile index b44b470a3..2f68e8677 100644 --- a/crypto/tests/Makefile +++ b/crypto/tests/Makefile @@ -16,11 +16,13 @@ PYTHON ?= python APPS := \ test_suite_psa_crypto \ test_suite_psa_crypto_metadata \ + test_suite_psa_crypto_storage_file \ # Don't delete this line. # Look up for associated function files func.test_suite_psa_crypto := test_suite_psa_crypto func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata +func.test_suite_psa_crypto_storage_file := test_suite_psa_crypto_storage_file .SILENT: @@ -56,6 +58,7 @@ clean: test: $(APPS) ./test_suite_psa_crypto_metadata ./test_suite_psa_crypto + ./test_suite_psa_crypto_storage_file # Create separate targets for generating embedded tests. EMBEDDED_TESTS := $(addprefix embedded_,$(APPS)) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6eec2ada9..f78e61bf1 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -506,6 +506,18 @@ #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ + !( defined(MBEDTLS_PSA_CRYPTO_C) && \ + defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) ) +#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && \ + !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ + defined(MBEDTLS_FS_IO) ) +#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index cd256c31c..2190ac519 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2616,6 +2616,31 @@ */ #define MBEDTLS_PSA_CRYPTO_C +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_C + * + * Enable the Platform Security Architecture persistent key storage. + * + * Module: library/psa_crypto_storage.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * + */ +#define MBEDTLS_PSA_CRYPTO_STORAGE_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * + * Enable persistent key storage over files for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_file.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO + * + */ +#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + /** * \def MBEDTLS_RIPEMD160_C * diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 0c2ac888b..04e404c29 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -54,6 +54,8 @@ set(src_crypto platform_util.c poly1305.c psa_crypto.c + psa_crypto_storage.c + psa_crypto_storage_file.c ripemd160.c rsa.c rsa_internal.c diff --git a/library/Makefile b/library/Makefile index cf6750d05..83afa661e 100644 --- a/library/Makefile +++ b/library/Makefile @@ -82,6 +82,8 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ pkcs5.o pkparse.o pkwrite.o \ platform.o platform_util.o poly1305.o \ psa_crypto.o \ + psa_crypto_storage.o \ + psa_crypto_storage_file.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ threading.o timing.o version.o \ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c new file mode 100644 index 000000000..5285826ce --- /dev/null +++ b/library/psa_crypto_storage.c @@ -0,0 +1,195 @@ +/* + * PSA persistent key storage + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + +#include +#include + +#include "psa/crypto.h" +#include "psa_crypto_storage.h" +#include "psa_crypto_storage_backend.h" +#include "mbedtls/platform_util.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ + (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ + (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ + (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ +} +#endif + +typedef struct { + uint8_t version[4]; + uint8_t type[sizeof( psa_key_type_t )]; + uint8_t policy[sizeof( psa_key_policy_t )]; + uint8_t data_len[4]; + uint8_t key_data[]; +} psa_persistent_key_storage_format; + +void psa_format_key_data_for_storage( const uint8_t *data, + const size_t data_length, + const psa_key_type_t type, + const psa_key_policy_t *policy, + uint8_t *storage_data ) +{ + psa_persistent_key_storage_format *storage_format = + (psa_persistent_key_storage_format *) storage_data; + + PUT_UINT32_LE(0, storage_format->version, 0); + PUT_UINT32_LE(type, storage_format->type, 0); + PUT_UINT32_LE(policy->usage, storage_format->policy, 0); + PUT_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); + PUT_UINT32_LE(data_length, storage_format->data_len, 0); + memcpy( storage_format->key_data, data, data_length ); +} + +psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, + size_t storage_data_length, + uint8_t **key_data, + size_t *key_data_length, + psa_key_type_t *type, + psa_key_policy_t *policy ) +{ + const psa_persistent_key_storage_format *storage_format = + (const psa_persistent_key_storage_format *)storage_data; + uint32_t version; + + GET_UINT32_LE(version, storage_format->version, 0); + if( version != 0 ) + return( PSA_ERROR_STORAGE_FAILURE ); + + GET_UINT32_LE(*key_data_length, storage_format->data_len, 0); + if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || + *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) + return( PSA_ERROR_STORAGE_FAILURE ); + + *key_data = mbedtls_calloc( 1, *key_data_length ); + if( *key_data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + GET_UINT32_LE(*type, storage_format->type, 0); + GET_UINT32_LE(policy->usage, storage_format->policy, 0); + GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); + + memcpy( *key_data, storage_format->key_data, *key_data_length ); + + return( PSA_SUCCESS ); +} + +psa_status_t psa_save_persistent_key( const psa_key_slot_t key, + const psa_key_type_t type, + const psa_key_policy_t *policy, + const uint8_t *data, + const size_t data_length ) +{ + size_t storage_data_length; + uint8_t *storage_data; + psa_status_t status; + + if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) + return PSA_ERROR_INSUFFICIENT_STORAGE; + storage_data_length = data_length + sizeof( psa_persistent_key_storage_format ); + + storage_data = mbedtls_calloc( 1, storage_data_length ); + if( storage_data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + psa_format_key_data_for_storage( data, data_length, type, policy, + storage_data ); + + status = psa_crypto_storage_store( key, + storage_data, storage_data_length ); + + mbedtls_free( storage_data ); + + return( status ); +} + +void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) +{ + if( key_data != NULL ) + { + mbedtls_platform_zeroize( key_data, key_data_length ); + } + mbedtls_free( key_data ); +} + +psa_status_t psa_load_persistent_key( psa_key_slot_t key, + psa_key_type_t *type, + psa_key_policy_t *policy, + uint8_t **data, + size_t *data_length ) +{ + psa_status_t status = PSA_SUCCESS; + uint8_t *loaded_data; + size_t storage_data_length = 0; + + status = psa_crypto_storage_get_data_length( key, &storage_data_length ); + if( status != PSA_SUCCESS ) + return( status ); + + loaded_data = mbedtls_calloc( 1, storage_data_length ); + + if( loaded_data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + status = psa_crypto_storage_load( key, loaded_data, storage_data_length ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_parse_key_data_from_storage( loaded_data, storage_data_length, + data, data_length, type, policy ); + +exit: + mbedtls_free( loaded_data ); + return( status ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h new file mode 100644 index 000000000..167b0db05 --- /dev/null +++ b/library/psa_crypto_storage.h @@ -0,0 +1,177 @@ +/** + * \file psa_crypto_storage.h + * + * \brief PSA cryptography module: Mbed TLS key storage + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_STORAGE_H +#define PSA_CRYPTO_STORAGE_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* Include the Mbed TLS configuration file, the way Mbed TLS does it + * in each of its header files. */ +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#include "psa/crypto.h" +#include + +/* Limit the maximum key size to 30kB (just in case someone tries to + * inadvertently store an obscene amount of data) */ +#define PSA_CRYPTO_MAX_STORAGE_SIZE ( 30 * 1024 ) + +/** + * \brief Format key data and metadata and save to a location for given key + * slot. + * + * This function formats the key data and metadata and saves it to a + * persistent storage backend. The storage location corresponding to the + * key slot must be empty, otherwise this function will fail. This function + * should be called after psa_import_key_into_slot() to ensure the + * persistent key is not saved into a storage location corresponding to an + * already occupied non-persistent key, as well as validating the key data. + * + * + * \param key Slot number of the key to be stored. This must be a + * valid slot for a key of the chosen type. This should be + * an occupied key slot with an unoccupied corresponding + * storage location. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] policy The key policy to save. + * \param[in] data Buffer containing the key data. + * \param data_length The number of bytes that make up the key data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_STORAGE + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_save_persistent_key( const psa_key_slot_t key, + const psa_key_type_t type, + const psa_key_policy_t *policy, + const uint8_t *data, + const size_t data_length ); + +/** + * \brief Parses key data and metadata and load persistent key for given + * key slot number. + * + * This function reads from a storage backend, parses the key data and + * metadata and writes them to the appropriate output parameters. + * + * Note: This function allocates a buffer and returns a pointer to it through + * the data parameter. psa_free_persistent_key_data() must be called after + * this function to zeroize and free this buffer, regardless of whether this + * function succeeds or fails. + * + * \param key Slot number whose content is to be loaded. This + * must be an unoccupied key slot with an occupied + * corresponding storage location. The key slot + * lifetime must be set to persistent. + * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX + * value). + * \param[out] policy On success, the key's policy. + * \param[out] data Pointer to an allocated key data buffer on return. + * \param[out] data_length The number of bytes that make up the key data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_load_persistent_key( psa_key_slot_t key, + psa_key_type_t *type, + psa_key_policy_t *policy, + uint8_t **data, + size_t *data_length ); + +/** + * \brief Remove persistent data for the given key slot number. + * + * \param key Slot number whose content is to be removed + * from persistent storage. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ); + +/** + * \brief Zeroizes and frees the given buffer. + * + * This function must be called at some point after psa_load_persistent_key() + * to zeroize and free the memory allocated to the buffer in that function. + * + * \param key_data Buffer for the key data. + * \param key_data_length Size of the key data buffer. + * + */ +void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); + +/** + * \brief Formats key data and metadata for persistent storage + * + * \param[in] data Buffer for the key data. + * \param data_length Length of the key data buffer. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param policy The key policy. + * \param[out] storage_data Output buffer for the formatted data. + * + */ +void psa_format_key_data_for_storage( const uint8_t *data, + const size_t data_length, + const psa_key_type_t type, + const psa_key_policy_t *policy, + uint8_t *storage_data ); + +/** + * \brief Parses persistent storage data into key data and metadata + * + * \param[in] storage_data Buffer for the storage data. + * \param storage_data_length Length of the storage data buffer + * \param[out] key_data On output, pointer to a newly allocated buffer + * containing the key data. This must be freed + * using psa_free_persistent_key_data() + * \param[out] key_data_length Length of the key data buffer + * \param[out] type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[out] policy The key policy. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_STORAGE + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, + size_t storage_data_length, + uint8_t **key_data, + size_t *key_data_length, + psa_key_type_t *type, + psa_key_policy_t *policy ); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_STORAGE_H */ diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h new file mode 100644 index 000000000..3ca9a1d74 --- /dev/null +++ b/library/psa_crypto_storage_backend.h @@ -0,0 +1,112 @@ +/** + * \file psa_crypto_storage_backend.h + * + * \brief PSA cryptography module: Mbed TLS key storage backend + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_STORAGE_BACKEND_H +#define PSA_CRYPTO_STORAGE_BACKEND_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* Include the Mbed TLS configuration file, the way Mbed TLS does it + * in each of its header files. */ +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#include "psa/crypto.h" +#include "psa_crypto_storage.h" +#include + +/** + * \brief Load persistent data for the given key slot number. + * + * This function reads data from a storage backend and returns the data in a + * buffer. + * + * \param key Slot number whose content is to be loaded. This must + * be a key slot whose lifetime is set to persistent. + * \param[out] data Buffer where the data is to be written. + * \param data_size Size of the \c data buffer in bytes. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, + size_t data_size ); + +/** + * \brief Store persistent data for the given key slot number. + * + * This function stores the given data buffer to a persistent storage. + * + * \param key Slot number whose content is to be stored. + * \param[in] data Buffer containing the data to be stored. + * \param data_length The number of bytes + * that make up the data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_STORAGE + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, + const uint8_t *data, + size_t data_length ); + +/** + * \brief Checks if persistent data is stored for the given key slot number + * + * This function checks if any key data or metadata exists for the key slot in + * the persistent storage. + * + * \param key Slot number whose content is to be checked. + * + * \retval 0 + * No persistent data present for slot number + * \retval 1 + * Persistent data present for slot number + */ +int psa_is_key_present_in_storage( const psa_key_slot_t key ); + +/** + * \brief Get data length for given key slot number. + * + * \param key Slot number whose stored data length is to be obtained. + * \param[out] data_length The number of bytes + * that make up the data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, + size_t *data_length ); + + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_STORAGE_H */ diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c new file mode 100644 index 000000000..03c711af3 --- /dev/null +++ b/library/psa_crypto_storage_file.c @@ -0,0 +1,218 @@ +/* + * PSA file storage backend for persistent keys + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) + +#include + +#include "psa/crypto.h" +#include "psa_crypto_storage_backend.h" +#include "mbedtls/platform_util.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_snprintf snprintf +#endif + +/* This option sets where files are to be stored. If this is left unset, + * the files by default will be stored in the same location as the program, + * which may not be desired or possible. */ +#if !defined(CRYPTO_STORAGE_FILE_LOCATION) +#define CRYPTO_STORAGE_FILE_LOCATION "" +#endif + +enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 }; + +static void key_slot_to_location( const psa_key_slot_t key, + char *location, + size_t location_size ) +{ + mbedtls_snprintf( location, location_size, + CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key ); +} + +psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, + size_t data_size ) +{ + psa_status_t status = PSA_SUCCESS; + FILE *file; + size_t num_read; + char slot_location[MAX_LOCATION_LEN]; + + key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + file = fopen( slot_location, "rb" ); + if( file == NULL ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + num_read = fread( data, 1, data_size, file ); + if( num_read != data_size ) + status = PSA_ERROR_STORAGE_FAILURE; + +exit: + if( file != NULL ) + fclose( file ); + return( status ); +} + +int psa_is_key_present_in_storage( const psa_key_slot_t key ) +{ + char slot_location[MAX_LOCATION_LEN]; + FILE *file; + + key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + + file = fopen( slot_location, "r" ); + if( file == NULL ) + { + /* File doesn't exist */ + return( 0 ); + } + + fclose( file ); + return( 1 ); +} + +psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status = PSA_SUCCESS; + int ret; + size_t num_written; + char slot_location[MAX_LOCATION_LEN]; + FILE *file; + /* The storage location corresponding to "key slot 0" is used as a + * temporary location in order to make the apparition of the actual slot + * file atomic. 0 is not a valid key slot number, so this should not + * affect actual keys. */ + const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"; + + key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + + if( psa_is_key_present_in_storage( key ) == 1 ) + return( PSA_ERROR_OCCUPIED_SLOT ); + + file = fopen( temp_location, "wb" ); + if( file == NULL ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + + num_written = fwrite( data, 1, data_length, file ); + if( num_written != data_length ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + + ret = fclose( file ); + file = NULL; + if( ret != 0 ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + + if( rename( temp_location, slot_location ) != 0 ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + +exit: + if( file != NULL ) + fclose( file ); + remove( temp_location ); + return( status ); +} + +psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ) +{ + FILE *file; + char slot_location[MAX_LOCATION_LEN]; + + key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + + /* Only try remove the file if it exists */ + file = fopen( slot_location, "rb" ); + if( file != NULL ) + { + fclose( file ); + + if( remove( slot_location ) != 0 ) + return( PSA_ERROR_STORAGE_FAILURE ); + } + return( PSA_SUCCESS ); +} + +psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, + size_t *data_length ) +{ + psa_status_t status = PSA_SUCCESS; + FILE *file; + long file_size; + char slot_location[MAX_LOCATION_LEN]; + + key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + + file = fopen( slot_location, "rb" ); + if( file == NULL ) + return( PSA_ERROR_EMPTY_SLOT ); + + if( fseek( file, 0, SEEK_END ) != 0 ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + + file_size = ftell( file ); + + if( file_size < 0 ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + +#if LONG_MAX > SIZE_MAX + if( (unsigned long) file_size > SIZE_MAX ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } +#endif + *data_length = (size_t) file_size; + +exit: + fclose( file ); + return( status ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ diff --git a/library/version_features.c b/library/version_features.c index ffad82fa4..7ef899717 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -687,6 +687,12 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_C) "MBEDTLS_PSA_CRYPTO_C", #endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + "MBEDTLS_PSA_CRYPTO_STORAGE_C", +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) + "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ #if defined(MBEDTLS_RIPEMD160_C) "MBEDTLS_RIPEMD160_C", #endif /* MBEDTLS_RIPEMD160_C */ diff --git a/scripts/config.pl b/scripts/config.pl index 2e4ac3bb6..69c6d5fce 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -116,6 +116,8 @@ MBEDTLS_MEMORY_BACKTRACE MBEDTLS_MEMORY_BUFFER_ALLOC_C MBEDTLS_PLATFORM_TIME_ALT MBEDTLS_PLATFORM_FPRINTF_ALT +MBEDTLS_PSA_CRYPTO_STORAGE_C +MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C ); # Things that should be enabled in "full" even if they match @excluded diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index e5e6ded6d..ab54d555f 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -70,6 +70,10 @@ LIB_FILES := \ platform.c \ platform_util.c \ psa_crypto.c \ + psa_crypto_storage.h \ + psa_crypto_storage.c \ + psa_crypto_storage_backend.h \ + psa_crypto_storage_file.c \ ripemd160.c \ rsa_internal.c \ rsa.c \ @@ -154,6 +158,8 @@ TEST_FILES := \ tests/suites/test_suite_psa_crypto_hash.function \ tests/suites/test_suite_psa_crypto_metadata.data \ tests/suites/test_suite_psa_crypto_metadata.function \ + tests/suites/test_suite_psa_crypto_storage_file.data \ + tests/suites/test_suite_psa_crypto_storage_file.function \ # Don't delete this line. OTHER_FILES := \ diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 89be6feb7..7af7fcf18 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -113,6 +113,7 @@ add_test_suite(poly1305) add_test_suite(psa_crypto) add_test_suite(psa_crypto_hash) add_test_suite(psa_crypto_metadata) +add_test_suite(psa_crypto_storage_file) add_test_suite(shax) add_test_suite(ssl) add_test_suite(timing) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5b04d84a1..73152cf05 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -644,6 +644,8 @@ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl unset MBEDTLS_FS_IO +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, # to re-enable platform integration features otherwise disabled in C99 builds make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs @@ -859,6 +861,8 @@ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s @@ -877,6 +881,8 @@ scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib echo "Checking that software 64-bit division is not required" if_build_succeeded not grep __aeabi_uldiv library/*.o @@ -897,6 +903,8 @@ scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib echo "Checking that software 64-bit multiplication is not required" if_build_succeeded not grep __aeabi_lmul library/*.o @@ -920,6 +928,8 @@ scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO +scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C if [ $RUN_ARMCC -ne 0 ]; then make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data new file mode 100644 index 000000000..730e0925c --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_storage_file.data @@ -0,0 +1,43 @@ +PSA Storage Load verify loaded file +depends_on:MBEDTLS_FS_IO +load_data_from_file:1:"deadbeef":1:4:PSA_SUCCESS + +PSA Storage Load check slots dont share state +depends_on:MBEDTLS_FS_IO +load_data_from_file:2:"deadbeef":1:4:PSA_ERROR_STORAGE_FAILURE + +PSA Storage Load zero length file +depends_on:MBEDTLS_FS_IO +load_data_from_file:1:"":1:1:PSA_SUCCESS + +PSA Storage Load less than capacity of data buffer +depends_on:MBEDTLS_FS_IO +load_data_from_file:1:"deadbeef":1:5:PSA_SUCCESS + +PSA Storage Load nonexistent file location, should fail +depends_on:MBEDTLS_FS_IO +load_data_from_file:1:"deadbeef":0:4:PSA_ERROR_STORAGE_FAILURE + +PSA Storage Store verify stored file +depends_on:MBEDTLS_FS_IO +write_data_to_file:"deadbeef":PSA_SUCCESS + +PSA Storage Store into preexisting location, should fail +depends_on:MBEDTLS_FS_IO +write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_OCCUPIED_SLOT + +PSA Storage Store, preexisting temp_location file, should succeed +depends_on:MBEDTLS_FS_IO +write_data_to_prexisting_file:"psa_key_slot_0":"deadbeef":PSA_SUCCESS + +PSA Storage Get data size verify data size +depends_on:MBEDTLS_FS_IO +get_file_size:"deadbeef":4:PSA_SUCCESS:1 + +PSA Storage Get data size verify data size zero length file +depends_on:MBEDTLS_FS_IO +get_file_size:"":0:PSA_SUCCESS:1 + +PSA Storage Get data size nonexistent file location, should fail +depends_on:MBEDTLS_FS_IO +get_file_size:"deadbeef":4:PSA_ERROR_EMPTY_SLOT:0 diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function new file mode 100644 index 000000000..b6dcad777 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_storage_file.function @@ -0,0 +1,159 @@ +/* BEGIN_HEADER */ +#include +#include "psa/crypto.h" +#include "psa_crypto_storage_backend.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void load_data_from_file( int slot_to_load, data_t *data, int should_make_file, + int capacity_arg, int expected_status ) +{ + char slot_location[] = "psa_key_slot_1"; + psa_status_t status; + int ret; + size_t file_size = 0; + uint8_t *loaded_data = NULL; + size_t capacity = (size_t) capacity_arg; + + if( should_make_file == 1 ) + { + /* Create a file with data contents, with mask permissions. */ + FILE *file; + file = fopen( slot_location, "wb+" ); + TEST_ASSERT( file != NULL ); + file_size = fwrite( data->x, 1, data->len, file ); + TEST_ASSERT( file_size == data->len ); + ret = fclose( file ); + TEST_ASSERT( ret == 0 ); + } + + /* Read from the file with psa_crypto_storage_load. */ + loaded_data = mbedtls_calloc( 1, capacity ); + TEST_ASSERT( loaded_data != NULL ); + status = psa_crypto_storage_load( (psa_key_slot_t) slot_to_load, loaded_data, + file_size ); + + /* Check we get the expected status. */ + TEST_ASSERT( status == expected_status ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Check that the file data and data length is what we expect. */ + ASSERT_COMPARE( data->x, data->len, loaded_data, file_size ); + +exit: + mbedtls_free( loaded_data ); + remove( slot_location ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void write_data_to_file( data_t *data, int expected_status ) +{ + char slot_location[] = "psa_key_slot_1"; + psa_status_t status; + int ret; + FILE *file; + size_t file_size; + size_t num_read; + uint8_t *loaded_data = NULL; + + /* Write data to file. */ + status = psa_crypto_storage_store( 1, data->x, data->len ); + + /* Check that we got the expected status. */ + TEST_ASSERT( status == expected_status ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Check that the file length is what we expect */ + file = fopen( slot_location, "rb" ); + TEST_ASSERT( file != NULL ); + fseek( file, 0, SEEK_END ); + file_size = (size_t) ftell( file ); + fseek( file, 0, SEEK_SET ); + TEST_ASSERT( file_size == data->len ); + + /* Check that the file contents are what we expect */ + loaded_data = mbedtls_calloc( 1, data->len ); + TEST_ASSERT( loaded_data != NULL ); + + num_read = fread( loaded_data, 1, file_size, file ); + TEST_ASSERT( num_read == file_size ); + ASSERT_COMPARE( data->x, data->len, loaded_data, file_size ); + ret = fclose( file ); + TEST_ASSERT( ret == 0 ); + +exit: + mbedtls_free( loaded_data ); + remove( slot_location ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void get_file_size( data_t *data, int expected_data_length, + int expected_status, int should_make_file ) +{ + char slot_location[] = "psa_key_slot_1"; + psa_status_t status; + int ret; + size_t file_size; + + if( should_make_file ) + { + /* Create a file with data contents, with mask permissions. */ + FILE *file; + file = fopen( slot_location, "wb+" ); + TEST_ASSERT( file != NULL ); + file_size = fwrite( data->x, 1, data->len, file ); + TEST_ASSERT( file_size == data->len ); + ret = fclose( file ); + TEST_ASSERT( ret == 0 ); + } + + /* Check get data size is what we expect */ + status = psa_crypto_storage_get_data_length( 1, &file_size ); + TEST_ASSERT( status == expected_status ); + if( expected_status == PSA_SUCCESS ) + TEST_ASSERT( file_size == (size_t)expected_data_length ); + +exit: + remove( slot_location ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void write_data_to_prexisting_file( char *preexist_file_location, + data_t *data, int expected_status ) +{ + char slot_location[] = "psa_key_slot_1"; + psa_status_t status; + int ret; + FILE *file; + + /* Create file first */ + file = fopen( preexist_file_location, "wb" ); + TEST_ASSERT( file != NULL ); + ret = fclose( file ); + TEST_ASSERT( ret == 0 ); + + /* Write data to file. */ + status = psa_crypto_storage_store( 1, data->x, data->len ); + + /* Check that we got the expected status. */ + TEST_ASSERT( status == expected_status ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + remove( preexist_file_location ); + remove( slot_location ); +} +/* END_CASE */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 301d3333f..91cf2f0fc 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -230,6 +230,8 @@ + + @@ -287,6 +289,8 @@ + + From 96ebf9efcfa64392f33ed862ad8ed6ec4b424360 Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Thu, 28 Jun 2018 18:02:17 +0300 Subject: [PATCH 0658/2197] psa: Add magic header to storage backend Add a magic header to the storage format used with files. The header is used as an initial check that the data is what we expect, rather than garbage data. --- library/psa_crypto_storage.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 5285826ce..0a5805b62 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -65,7 +65,14 @@ } #endif +/** + * Persistent key storage magic header. + */ +#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" +#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) ) + typedef struct { + uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; uint8_t type[sizeof( psa_key_type_t )]; uint8_t policy[sizeof( psa_key_policy_t )]; @@ -82,6 +89,7 @@ void psa_format_key_data_for_storage( const uint8_t *data, psa_persistent_key_storage_format *storage_format = (psa_persistent_key_storage_format *) storage_data; + memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); PUT_UINT32_LE(0, storage_format->version, 0); PUT_UINT32_LE(type, storage_format->type, 0); PUT_UINT32_LE(policy->usage, storage_format->policy, 0); @@ -90,6 +98,14 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->key_data, data, data_length ); } +static psa_status_t check_magic_header( const uint8_t *data ) +{ + if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER, + PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 ) + return( PSA_ERROR_STORAGE_FAILURE ); + return( PSA_SUCCESS ); +} + psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, size_t storage_data_length, uint8_t **key_data, @@ -97,10 +113,18 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, psa_key_type_t *type, psa_key_policy_t *policy ) { + psa_status_t status; const psa_persistent_key_storage_format *storage_format = (const psa_persistent_key_storage_format *)storage_data; uint32_t version; + if( storage_data_length < sizeof(*storage_format) ) + return( PSA_ERROR_STORAGE_FAILURE ); + + status = check_magic_header( storage_data ); + if( status != PSA_SUCCESS ) + return( status ); + GET_UINT32_LE(version, storage_format->version, 0); if( version != 0 ) return( PSA_ERROR_STORAGE_FAILURE ); From 940d72c3e827753226138379ed8ff1947c55af1a Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 13 Jul 2018 13:18:51 +0100 Subject: [PATCH 0659/2197] psa: Refactor psa_import_key() Create a new function psa_import_key_into_slot() from psa_import_key(). This is common functionality that will be used both when importing a key and loading a key from persistent storage. --- library/psa_crypto.c | 53 ++++++++++++++++++++++++++++++-------------- 1 file changed, 36 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 010c338c0..77d91c3cd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -691,23 +691,18 @@ exit: } #endif /* defined(MBEDTLS_ECP_C) */ -psa_status_t psa_import_key( psa_key_slot_t key, - psa_key_type_t type, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_import_key_into_slot( key_slot_t *slot, + const uint8_t *data, + size_t data_length ) { - key_slot_t *slot; psa_status_t status = PSA_SUCCESS; - status = psa_get_empty_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - if( key_type_is_raw_bytes( type ) ) + if( key_type_is_raw_bytes( slot->type ) ) { /* Ensure that a bytes-to-bit conversion won't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); - status = prepare_raw_data_slot( type, + status = prepare_raw_data_slot( slot->type, PSA_BYTES_TO_BITS( data_length ), &slot->data.raw ); if( status != PSA_SUCCESS ) @@ -717,9 +712,9 @@ psa_status_t psa_import_key( psa_key_slot_t key, } else #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) + if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) ) { - status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( type ), + status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), data, data_length, &slot->data.ecp ); if( status != PSA_SUCCESS ) @@ -728,14 +723,15 @@ psa_status_t psa_import_key( psa_key_slot_t key, else #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PK_PARSE_C) - if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) || + PSA_KEY_TYPE_IS_ECC( slot->type ) ) { int ret; mbedtls_pk_context pk; mbedtls_pk_init( &pk ); /* Parse the data. */ - if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); else ret = mbedtls_pk_parse_public_key( &pk, data, data_length ); @@ -746,13 +742,13 @@ psa_status_t psa_import_key( psa_key_slot_t key, * If it has the expected type and passes any type-specific * checks, store it. */ #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) status = psa_import_rsa_key( &pk, &slot->data.rsa ); else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( type ), + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), &pk, &slot->data.ecp ); else #endif /* MBEDTLS_ECP_C */ @@ -773,8 +769,31 @@ psa_status_t psa_import_key( psa_key_slot_t key, { return( PSA_ERROR_NOT_SUPPORTED ); } + return( PSA_SUCCESS ); +} + + +psa_status_t psa_import_key( psa_key_slot_t key, + psa_key_type_t type, + const uint8_t *data, + size_t data_length ) +{ + key_slot_t *slot; + psa_status_t status; + + status = psa_get_empty_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); slot->type = type; + + status = psa_import_key_into_slot( slot, data, data_length ); + if( status != PSA_SUCCESS ) + { + slot->type = PSA_KEY_TYPE_NONE; + return( status ); + } + return( PSA_SUCCESS ); } From 06fd18de375f6713763c1bd65c927f0933a6c493 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Mon, 16 Jul 2018 11:21:11 +0100 Subject: [PATCH 0660/2197] psa: Move get_key_slot functions Move the psa_get_key_slot and related static functions as they will need to call psa_import_key_into_slot() for persistent keys. --- library/psa_crypto.c | 140 +++++++++++++++++++++---------------------- 1 file changed, 70 insertions(+), 70 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 77d91c3cd..11621ee8a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -361,76 +361,6 @@ static psa_status_t mbedtls_to_psa_error( int ret ) } } -/* Retrieve a key slot, occupied or not. */ -static psa_status_t psa_get_key_slot( psa_key_slot_t key, - key_slot_t **p_slot ) -{ - GUARD_MODULE_INITIALIZED; - - /* 0 is not a valid slot number under any circumstance. This - * implementation provides slots number 1 to N where N is the - * number of available slots. */ - if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - *p_slot = &global_data.key_slots[key - 1]; - return( PSA_SUCCESS ); -} - -/* Retrieve an empty key slot (slot with no key data, but possibly - * with some metadata such as a policy). */ -static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, - key_slot_t **p_slot ) -{ - psa_status_t status; - key_slot_t *slot = NULL; - - *p_slot = NULL; - - status = psa_get_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_OCCUPIED_SLOT ); - - *p_slot = slot; - return( status ); -} - -/** Retrieve a slot which must contain a key. The key must have allow all the - * usage flags set in \p usage. If \p alg is nonzero, the key must allow - * operations with this algorithm. */ -static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, - key_slot_t **p_slot, - psa_key_usage_t usage, - psa_algorithm_t alg ) -{ - psa_status_t status; - key_slot_t *slot = NULL; - - *p_slot = NULL; - - status = psa_get_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); - - /* Enforce that usage policy for the key slot contains all the flags - * required by the usage parameter. There is one exception: public - * keys can always be exported, so we treat public key objects as - * if they had the export flag. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) - usage &= ~PSA_KEY_USAGE_EXPORT; - if( ( slot->policy.usage & usage ) != usage ) - return( PSA_ERROR_NOT_PERMITTED ); - if( alg != 0 && ( alg != slot->policy.alg ) ) - return( PSA_ERROR_NOT_PERMITTED ); - - *p_slot = slot; - return( PSA_SUCCESS ); -} @@ -772,6 +702,76 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot, return( PSA_SUCCESS ); } +/* Retrieve a key slot, occupied or not. */ +static psa_status_t psa_get_key_slot( psa_key_slot_t key, + key_slot_t **p_slot ) +{ + GUARD_MODULE_INITIALIZED; + + /* 0 is not a valid slot number under any circumstance. This + * implementation provides slots number 1 to N where N is the + * number of available slots. */ + if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + *p_slot = &global_data.key_slots[key - 1]; + return( PSA_SUCCESS ); +} + +/* Retrieve an empty key slot (slot with no key data, but possibly + * with some metadata such as a policy). */ +static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, + key_slot_t **p_slot ) +{ + psa_status_t status; + key_slot_t *slot = NULL; + + *p_slot = NULL; + + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + if( slot->type != PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_OCCUPIED_SLOT ); + + *p_slot = slot; + return( status ); +} + +/** Retrieve a slot which must contain a key. The key must have allow all the + * usage flags set in \p usage. If \p alg is nonzero, the key must allow + * operations with this algorithm. */ +static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, + key_slot_t **p_slot, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_status_t status; + key_slot_t *slot = NULL; + + *p_slot = NULL; + + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + if( slot->type == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_EMPTY_SLOT ); + + /* Enforce that usage policy for the key slot contains all the flags + * required by the usage parameter. There is one exception: public + * keys can always be exported, so we treat public key objects as + * if they had the export flag. */ + if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) + usage &= ~PSA_KEY_USAGE_EXPORT; + if( ( slot->policy.usage & usage ) != usage ) + return( PSA_ERROR_NOT_PERMITTED ); + if( alg != 0 && ( alg != slot->policy.alg ) ) + return( PSA_ERROR_NOT_PERMITTED ); + + *p_slot = slot; + return( PSA_SUCCESS ); +} psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, From 40225ba70961d8e2e6260a563c1bc7c2290566be Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 15 Nov 2018 14:48:15 +0000 Subject: [PATCH 0661/2197] psa: Refactor psa_destroy_key() Create a new function psa_remove_key_from_memory() from psa_destroy_key(). This is needed as psa_destroy_key() will remove all key data, including persistent storage. mbedtls_psa_crypto_free() will now only free in-memory data and not persistent data. --- library/psa_crypto.c | 84 +++++++++++++++++++++++++------------------- 1 file changed, 48 insertions(+), 36 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 11621ee8a..c205e12f6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -773,6 +773,42 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, return( PSA_SUCCESS ); } +static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot ) +{ + if( slot->type == PSA_KEY_TYPE_NONE ) + { + /* No key material to clean. */ + } + else if( key_type_is_raw_bytes( slot->type ) ) + { + mbedtls_free( slot->data.raw.data ); + } + else +#if defined(MBEDTLS_RSA_C) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + { + mbedtls_rsa_free( slot->data.rsa ); + mbedtls_free( slot->data.rsa ); + } + else +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + { + mbedtls_ecp_keypair_free( slot->data.ecp ); + mbedtls_free( slot->data.ecp ); + } + else +#endif /* defined(MBEDTLS_ECP_C) */ + { + /* Shouldn't happen: the key type is not any type that we + * put in. */ + return( PSA_ERROR_TAMPERING_DETECTED ); + } + + return( PSA_SUCCESS ); +} + psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, @@ -805,41 +841,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); - - if( slot->type == PSA_KEY_TYPE_NONE ) - { - /* No key material to clean, but do zeroize the slot below to wipe - * metadata such as policies. */ - } - else if( key_type_is_raw_bytes( slot->type ) ) - { - mbedtls_free( slot->data.raw.data ); - } - else -#if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) - { - mbedtls_rsa_free( slot->data.rsa ); - mbedtls_free( slot->data.rsa ); - } - else -#endif /* defined(MBEDTLS_RSA_C) */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - { - mbedtls_ecp_keypair_free( slot->data.ecp ); - mbedtls_free( slot->data.ecp ); - } - else -#endif /* defined(MBEDTLS_ECP_C) */ - { - /* Shouldn't happen: the key type is not any type that we - * put in. */ - return( PSA_ERROR_TAMPERING_DETECTED ); - } - - mbedtls_zeroize( slot, sizeof( *slot ) ); - return( PSA_SUCCESS ); + return( psa_remove_key_from_memory( slot ) ); } /* Return the size of the key in the given slot, in bits. */ @@ -4231,8 +4233,18 @@ psa_status_t psa_generate_key( psa_key_slot_t key, void mbedtls_psa_crypto_free( void ) { psa_key_slot_t key; + key_slot_t *slot; + psa_status_t status; + for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) - psa_destroy_key( key ); + { + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + continue; + psa_remove_key_data_from_memory( slot ); + /* Zeroize the slot to wipe metadata such as policies. */ + mbedtls_zeroize( slot, sizeof( *slot ) ); + } mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); mbedtls_entropy_free( &global_data.entropy ); mbedtls_zeroize( &global_data, sizeof( global_data ) ); From d49a499d033def28cbd5132d17974e462c628bda Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Mon, 18 Jun 2018 17:27:26 +0100 Subject: [PATCH 0662/2197] psa: Implement persistent keys Allow use of persistent keys, including configuring them, importing and exporting them, and destroying them. When getting a slot using psa_get_key_slot, there are 3 scenarios that can occur if the keys lifetime is persistent: 1. Key type is PSA_KEY_TYPE_NONE, no persistent storage entry: - The key slot is treated as a standard empty key slot 2. Key type is PSA_KEY_TYPE_NONE, persistent storage entry exists: - Attempt to load the key from persistent storage 3. Key type is not PSA_KEY_TYPE_NONE: - As checking persistent storage on every use of the key could be expensive, the persistent key is assumed to be saved in persistent storage, the in-memory key is continued to be used. --- crypto/tests/Makefile | 3 + include/psa/crypto.h | 11 + library/psa_crypto.c | 83 ++++- scripts/mbed_crypto.make | 2 + tests/CMakeLists.txt | 1 + tests/suites/test_suite_psa_crypto.data | 4 + tests/suites/test_suite_psa_crypto.function | 81 +++++ .../test_suite_psa_crypto_persistent_key.data | 78 ++++ ...t_suite_psa_crypto_persistent_key.function | 341 ++++++++++++++++++ 9 files changed, 599 insertions(+), 5 deletions(-) create mode 100644 tests/suites/test_suite_psa_crypto_persistent_key.data create mode 100644 tests/suites/test_suite_psa_crypto_persistent_key.function diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile index 2f68e8677..cc4355bed 100644 --- a/crypto/tests/Makefile +++ b/crypto/tests/Makefile @@ -16,12 +16,14 @@ PYTHON ?= python APPS := \ test_suite_psa_crypto \ test_suite_psa_crypto_metadata \ + test_suite_psa_crypto_persistent_key \ test_suite_psa_crypto_storage_file \ # Don't delete this line. # Look up for associated function files func.test_suite_psa_crypto := test_suite_psa_crypto func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata +func.test_suite_psa_crypto_persistent_key := test_suite_psa_crypto_persistent_key func.test_suite_psa_crypto_storage_file := test_suite_psa_crypto_storage_file .SILENT: @@ -58,6 +60,7 @@ clean: test: $(APPS) ./test_suite_psa_crypto_metadata ./test_suite_psa_crypto + ./test_suite_psa_crypto_persistent_key ./test_suite_psa_crypto_storage_file # Create separate targets for generating embedded tests. diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d1a3f0f3b..1ca64922e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1441,6 +1441,7 @@ typedef uint32_t psa_algorithm_t; * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE @@ -1922,6 +1923,16 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * whether the lifetime of an occupied key slot can be changed, is * implementation-dependent. * + * When creating a persistent key, you must call this function before creating + * the key material with psa_import_key(), psa_generate_key() or + * psa_generator_import_key(). To open an existing persistent key, you must + * call this function with the correct lifetime value before using the slot + * for a cryptographic operation. Once a slot's lifetime has been set, + * the lifetime remains associated with the slot until a subsequent call to + * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or + * until the application terminates (or disconnects from the cryptography + * service, if the implementation offers such a possibility). + * * \param key Slot whose lifetime is to be changed. * \param lifetime The lifetime value to set for the given key slot. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c205e12f6..6b089831e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -43,6 +43,10 @@ #include "psa/crypto.h" +/* Include internal declarations that are useful for implementing persistently + * stored keys. */ +#include "psa_crypto_storage.h" + #include #include #if defined(MBEDTLS_PLATFORM_C) @@ -702,6 +706,27 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot, return( PSA_SUCCESS ); } +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t key, + key_slot_t *p_slot ) +{ + psa_status_t status = PSA_SUCCESS; + uint8_t *key_data = NULL; + size_t key_data_length = 0; + + status = psa_load_persistent_key( key, &( p_slot )->type, + &( p_slot )->policy, &key_data, + &key_data_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_import_key_into_slot( p_slot, + key_data, key_data_length ); +exit: + psa_free_persistent_key_data( key_data, key_data_length ); + return( status ); +} +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + /* Retrieve a key slot, occupied or not. */ static psa_status_t psa_get_key_slot( psa_key_slot_t key, key_slot_t **p_slot ) @@ -715,6 +740,23 @@ static psa_status_t psa_get_key_slot( psa_key_slot_t key, return( PSA_ERROR_INVALID_ARGUMENT ); *p_slot = &global_data.key_slots[key - 1]; + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + /* There are two circumstances this can occur: the key material has + * not yet been created, or the key exists in storage but has not yet + * been loaded into memory. */ + if( ( *p_slot )->type == PSA_KEY_TYPE_NONE ) + { + psa_status_t status = PSA_SUCCESS; + status = psa_load_persistent_key_into_slot( key, *p_slot ); + if( status != PSA_ERROR_EMPTY_SLOT ) + return( status ); + } + } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + return( PSA_SUCCESS ); } @@ -830,18 +872,44 @@ psa_status_t psa_import_key( psa_key_slot_t key, return( status ); } - return( PSA_SUCCESS ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + /* Store in file location */ + status = psa_save_persistent_key( key, slot->type, &slot->policy, data, + data_length ); + if( status != PSA_SUCCESS ) + { + (void) psa_remove_key_data_from_memory( slot ); + slot->type = PSA_KEY_TYPE_NONE; + } + } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + + return( status ); } psa_status_t psa_destroy_key( psa_key_slot_t key ) { key_slot_t *slot; - psa_status_t status; + psa_status_t status = PSA_SUCCESS; + psa_status_t storage_status = PSA_SUCCESS; status = psa_get_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); - return( psa_remove_key_from_memory( slot ) ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + storage_status = psa_destroy_persistent_key( key ); + } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + status = psa_remove_key_data_from_memory( slot ); + /* Zeroize the slot to wipe metadata such as policies. */ + mbedtls_zeroize( slot, sizeof( *slot ) ); + if( status != PSA_SUCCESS ) + return( status ); + return( storage_status ); } /* Return the size of the key in the given slot, in bits. */ @@ -2974,16 +3042,21 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, if( lifetime != PSA_KEY_LIFETIME_VOLATILE && lifetime != PSA_KEY_LIFETIME_PERSISTENT && - lifetime != PSA_KEY_LIFETIME_WRITE_ONCE) + lifetime != PSA_KEY_LIFETIME_WRITE_ONCE ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_empty_key_slot( key, &slot ); if( status != PSA_SUCCESS ) return( status ); - if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( lifetime == PSA_KEY_LIFETIME_WRITE_ONCE ) return( PSA_ERROR_NOT_SUPPORTED ); +#if !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + return( PSA_ERROR_NOT_SUPPORTED ); +#endif + slot->lifetime = lifetime; return( PSA_SUCCESS ); diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index ab54d555f..f51f5f8f3 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -158,6 +158,8 @@ TEST_FILES := \ tests/suites/test_suite_psa_crypto_hash.function \ tests/suites/test_suite_psa_crypto_metadata.data \ tests/suites/test_suite_psa_crypto_metadata.function \ + tests/suites/test_suite_psa_crypto_persistent_key.data \ + tests/suites/test_suite_psa_crypto_persistent_key.function \ tests/suites/test_suite_psa_crypto_storage_file.data \ tests/suites/test_suite_psa_crypto_storage_file.function \ # Don't delete this line. diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7af7fcf18..34658c8e1 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -113,6 +113,7 @@ add_test_suite(poly1305) add_test_suite(psa_crypto) add_test_suite(psa_crypto_hash) add_test_suite(psa_crypto_metadata) +add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_storage_file) add_test_suite(shax) add_test_suite(ssl) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ea214d25a..7e70de38a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1834,3 +1834,7 @@ validate_module_init_generate_random: PSA validate module initialization: key based validate_module_init_key_based: + +persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 674a6e9fe..4692dbe84 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4030,3 +4030,84 @@ void validate_module_init_key_based( ) TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ +void persistent_key_load_key_from_storage( data_t *data, int type_arg, + int bits, int usage_arg, + int alg_arg ) +{ + psa_key_slot_t slot = 1; + psa_key_type_t type = (psa_key_type_t) type_arg; + psa_key_type_t type_get; + size_t bits_get; + psa_key_policy_t policy_set; + psa_key_policy_t policy_get; + psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg; + psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg; + unsigned char *first_export = NULL; + unsigned char *second_export = NULL; + size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); + size_t first_exported_length; + size_t second_exported_length; + + ASSERT_ALLOC( first_export, export_size ); + ASSERT_ALLOC( second_export, export_size ); + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy_set ); + + psa_key_policy_set_usage( &policy_set, policy_usage, + policy_alg ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy_set ) == PSA_SUCCESS ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == PSA_SUCCESS ); + + /* Export the key */ + TEST_ASSERT( psa_export_key( slot, first_export, export_size, + &first_exported_length ) == PSA_SUCCESS ); + + /* Shutdown and restart */ + mbedtls_psa_crypto_free(); + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + /* Mark slot as persistent again */ + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + /* Check key slot still contains key data */ + TEST_ASSERT( psa_get_key_information( + slot, &type_get, &bits_get ) == PSA_SUCCESS ); + TEST_ASSERT( type_get == type ); + TEST_ASSERT( bits_get == (size_t) bits ); + + TEST_ASSERT( psa_get_key_policy( slot, &policy_get ) == PSA_SUCCESS ); + TEST_ASSERT( psa_key_policy_get_usage( + &policy_get ) == policy_usage ); + TEST_ASSERT( psa_key_policy_get_algorithm( + &policy_get ) == policy_alg ); + + /* Export the key again */ + TEST_ASSERT( psa_export_key( slot, second_export, export_size, + &second_exported_length ) == PSA_SUCCESS ); + + ASSERT_COMPARE( first_export, first_exported_length, + second_export, second_exported_length ); + + ASSERT_COMPARE( data->x, data->len, + first_export, first_exported_length ); + +exit: + mbedtls_free( first_export ); + mbedtls_free( second_export ); + psa_destroy_key( slot ); + mbedtls_psa_crypto_free(); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data new file mode 100644 index 000000000..46e547c93 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -0,0 +1,78 @@ +PSA Storage format data for storage +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION + +PSA Storage parse stored data +parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS + +PSA Storage parse stored data wrong version, should fail +parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE + +PSA Storage parse too big data, should fail +parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE + +PSA Storage parse bad magic, should fail +parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE + +PSA Storage parse not enough magic, should fail +parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE + +# Not specific to files, but only run this test in an environment where the maximum size could be reached. +Save maximum size persistent raw key +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +save_large_persistent_key:0:PSA_SUCCESS + +Save larger than maximum size persistent raw key, should fail +save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE + +Persistent key is configurable +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_is_configurable:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +Persistent key destroy +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" + +Persistent key destroy missing key +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"":PSA_KEY_TYPE_RAW_DATA:"deadbeef" + +Key lifetime defaults to volatile +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +default_volatile_lifetime:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +Persistent key import +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_SUCCESS + +Persistent key import garbage data, should fail +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"11111111":PSA_ERROR_INVALID_ARGUMENT + +import/export persistent raw key: 0 byte +import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0 + +import/export persistent raw key: 1 byte +import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0 + +import/export persistent key RSA public key: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0 + +import/export persistent key RSA keypair: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0 + +import/export persistent raw key file not exist: 1 byte +import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1 + +import/export persistent key RSA public key file not exist: 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1 + +import/export persistent key RSA keypair file not exist: 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1 + +PSA import/export-persistent symmetric key: 16 bytes +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0 diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function new file mode 100644 index 000000000..505f1f9e1 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -0,0 +1,341 @@ +/* BEGIN_HEADER */ +#include +#include "psa/crypto.h" +#include "psa_crypto_storage.h" +#include "psa_crypto_storage_backend.h" +#include "mbedtls/md.h" + +#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" +#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) ) + +typedef struct { + uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; + uint8_t version[4]; + uint8_t type[sizeof( psa_key_type_t )]; + uint8_t policy[sizeof( psa_key_policy_t )]; + uint8_t data_len[4]; + uint8_t key_data[]; +} psa_persistent_key_storage_format; +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void format_storage_data_check( data_t *key_data, + data_t *expected_file_data, + int key_type, int key_usage, int key_alg ) +{ + uint8_t *file_data; + size_t file_data_length; + psa_key_policy_t key_policy; + + key_policy.usage = (psa_key_usage_t) key_usage; + key_policy.alg = (psa_algorithm_t) key_alg; + + file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format ); + file_data = mbedtls_calloc( 1, file_data_length ); + psa_format_key_data_for_storage( key_data->x, key_data->len, + (psa_key_type_t) key_type, &key_policy, + file_data ); + + ASSERT_COMPARE( expected_file_data->x, expected_file_data->len, + file_data, file_data_length ); + mbedtls_free( file_data ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void parse_storage_data_check( data_t *file_data, + data_t *expected_key_data, + int expected_key_type, + int expected_key_usage, + int expected_key_alg, + int expected_status ) +{ + uint8_t *key_data = NULL; + size_t key_data_length = 0; + psa_key_type_t key_type = 0; + psa_key_policy_t key_policy; + psa_status_t status; + + status = psa_parse_key_data_from_storage( file_data->x, file_data->len, + &key_data, &key_data_length, + &key_type, &key_policy ); + + TEST_ASSERT( status == expected_status ); + if( status != PSA_SUCCESS ) + goto exit; + + TEST_ASSERT( key_type == (psa_key_type_t) expected_key_type ); + TEST_ASSERT( key_policy.usage == (uint32_t) expected_key_usage ); + TEST_ASSERT( key_policy.alg == (uint32_t) expected_key_alg ); + ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, + key_data, key_data_length ); + +exit: + mbedtls_free( key_data ); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void save_large_persistent_key( int data_too_large, int expected_status ) +{ + psa_key_slot_t slot = 1; + uint8_t *data = NULL; + size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE; + + if( data_too_large ) + data_length += 1; + + ASSERT_ALLOC( data, data_length ); + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_RAW_DATA, + data, data_length ) == expected_status ); + +exit: + mbedtls_free( data ); + psa_destroy_persistent_key( slot ); + mbedtls_psa_crypto_free(); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void persistent_key_is_configurable( int slot_arg, int type_arg, + data_t *data ) +{ + psa_key_policy_t policy; + psa_key_lifetime_t lifetime; + psa_key_slot_t slot = (psa_key_slot_t) slot_arg; + psa_key_type_t type = (psa_key_type_t) type_arg; + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS ); + + TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT ); + +exit: + psa_destroy_persistent_key( slot ); + mbedtls_psa_crypto_free(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void persistent_key_destroy( int slot_arg, int should_store, + int first_type_arg, data_t *first_data, + int second_type_arg, data_t *second_data ) +{ + psa_key_policy_t policy; + psa_key_slot_t slot = (psa_key_slot_t) slot_arg; + psa_key_type_t first_type = (psa_key_type_t) first_type_arg; + psa_key_type_t second_type = (psa_key_type_t) second_type_arg; + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + if( should_store == 1 ) + { + TEST_ASSERT( psa_import_key( + slot, first_type, + first_data->x, first_data->len ) == PSA_SUCCESS ); + } + + /* Destroy the key */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + + /* Check key slot storage is removed */ + TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 ); + + /* Check destroying the key again doesn't report failure */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + + /* Shutdown and restart */ + mbedtls_psa_crypto_free(); + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + /* Mark slot as persistent again */ + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + /* Check key slot is empty */ + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + + /* Import different key data to ensure slot really was empty */ + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + PSA_ALG_VENDOR_FLAG ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_import_key( + slot, second_type, + second_data->x, second_data->len ) == PSA_SUCCESS ); + +exit: + psa_destroy_persistent_key( slot ); + mbedtls_psa_crypto_free(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void default_volatile_lifetime( int slot_arg, int type_arg, data_t *data ) +{ + psa_key_policy_t policy; + psa_key_slot_t slot = (psa_key_slot_t) slot_arg; + psa_key_type_t type = (psa_key_type_t) type_arg; + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == PSA_SUCCESS ); + + /* Shutdown and restart */ + mbedtls_psa_crypto_free(); + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + /* Check key slot is empty */ + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + +exit: + psa_destroy_persistent_key( slot ); + mbedtls_psa_crypto_free(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void persistent_key_import( int slot_arg, int type_arg, data_t *data, + int expected_status ) +{ + psa_key_policy_t policy; + psa_key_lifetime_t lifetime; + psa_key_slot_t slot = (psa_key_slot_t) slot_arg; + psa_key_type_t type = (psa_key_type_t) type_arg; + + TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == expected_status ); + + if( expected_status != PSA_SUCCESS ) + { + TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 ); + goto exit; + } + + TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS ); + + TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT ); + +exit: + psa_destroy_persistent_key( slot ); + mbedtls_psa_crypto_free(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void import_export_persistent_key( data_t *data, int type_arg, + int expected_bits, int key_not_exist ) +{ + psa_key_slot_t slot = 1; + psa_key_type_t type = (psa_key_type_t) type_arg; + unsigned char *exported = NULL; + size_t export_size = data->len; + size_t exported_length; + psa_key_type_t got_type; + size_t got_bits; + psa_key_policy_t policy; + psa_key_lifetime_t lifetime_get; + + ASSERT_ALLOC( exported, export_size ); + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_set_key_lifetime( + slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, + PSA_ALG_VENDOR_FLAG ); + + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_lifetime( + slot, &lifetime_get ) == PSA_SUCCESS ); + TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT ); + + /* Test the key information */ + TEST_ASSERT( psa_get_key_information( + slot, &got_type, &got_bits ) == PSA_SUCCESS ); + TEST_ASSERT( got_type == type ); + TEST_ASSERT( got_bits == (size_t) expected_bits ); + + TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 1 ); + + if( key_not_exist ) + { + psa_destroy_persistent_key( slot ); + } + /* Export the key */ + TEST_ASSERT( psa_export_key( slot, exported, export_size, + &exported_length ) == PSA_SUCCESS ); + + ASSERT_COMPARE( data->x, data->len, exported, exported_length ); + + /* Destroy the key */ + TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( + slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 ); + +exit: + mbedtls_free( exported ); + psa_destroy_persistent_key( slot ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From dd8fb777ce245c4e21a5806270e806d888ee52a7 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 7 Nov 2018 16:00:44 +0000 Subject: [PATCH 0663/2197] psa: Refactor psa_internal_export_key to use slot, rather than key When generating keys that have persistent lifetime, we will need the keys to be in the exported format to save to persistent storage. This refactoring to separate checking the slots usage from the exporting of the key data will be necessary for using psa_internal_export_key in psa_generate_key. --- library/psa_crypto.c | 52 ++++++++++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 19 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6b089831e..74c3cfc0b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -953,30 +953,14 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, return( PSA_SUCCESS ); } -static psa_status_t psa_internal_export_key( psa_key_slot_t key, +static psa_status_t psa_internal_export_key( key_slot_t *slot, uint8_t *data, size_t data_size, size_t *data_length, int export_public_key ) { - key_slot_t *slot; - psa_status_t status; - /* Exporting a public key doesn't require a usage flag. If we're - * called by psa_export_public_key(), don't require the EXPORT flag. - * If we're called by psa_export_key(), do require the EXPORT flag; - * if the key turns out to be public key object, psa_get_key_from_slot() - * will ignore this flag. */ - psa_key_usage_t usage = export_public_key ? 0 : PSA_KEY_USAGE_EXPORT; - - /* Set the key to empty now, so that even when there are errors, we always - * set data_length to a value between 0 and data_size. On error, setting - * the key to empty is a good choice because an empty key representation is - * unlikely to be accepted anywhere. */ *data_length = 0; - status = psa_get_key_from_slot( key, &slot, usage, 0 ); - if( status != PSA_SUCCESS ) - return( status ); if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -996,6 +980,8 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t key, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) && !export_public_key ) { + psa_status_t status; + size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( slot ) ); if( bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1080,7 +1066,22 @@ psa_status_t psa_export_key( psa_key_slot_t key, size_t data_size, size_t *data_length ) { - return( psa_internal_export_key( key, data, data_size, + key_slot_t *slot; + psa_status_t status; + + /* Set the key to empty now, so that even when there are errors, we always + * set data_length to a value between 0 and data_size. On error, setting + * the key to empty is a good choice because an empty key representation is + * unlikely to be accepted anywhere. */ + *data_length = 0; + + /* Export requires the EXPORT flag. There is an exception for public keys, + * which don't require any flag, but psa_get_key_from_slot takes + * care of this. */ + status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 ); + if( status != PSA_SUCCESS ) + return( status ); + return( psa_internal_export_key( slot, data, data_size, data_length, 0 ) ); } @@ -1089,7 +1090,20 @@ psa_status_t psa_export_public_key( psa_key_slot_t key, size_t data_size, size_t *data_length ) { - return( psa_internal_export_key( key, data, data_size, + key_slot_t *slot; + psa_status_t status; + + /* Set the key to empty now, so that even when there are errors, we always + * set data_length to a value between 0 and data_size. On error, setting + * the key to empty is a good choice because an empty key representation is + * unlikely to be accepted anywhere. */ + *data_length = 0; + + /* Exporting a public key doesn't require a usage flag. */ + status = psa_get_key_from_slot( key, &slot, 0, 0 ); + if( status != PSA_SUCCESS ) + return( status ); + return( psa_internal_export_key( slot, data, data_size, data_length, 1 ) ); } From 0c6575a84dd77076b9f976396b07e3b39f56d316 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 7 Nov 2018 16:05:30 +0000 Subject: [PATCH 0664/2197] psa: Extend psa_generate_key to support persistent lifetimes --- library/psa_crypto.c | 41 +++++++++- tests/suites/test_suite_psa_crypto.data | 30 +++++++- tests/suites/test_suite_psa_crypto.function | 76 ++++++++++++++++--- ...t_suite_psa_crypto_persistent_key.function | 1 + 4 files changed, 136 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 74c3cfc0b..58cb73830 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1107,6 +1107,37 @@ psa_status_t psa_export_public_key( psa_key_slot_t key, data_length, 1 ) ); } +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key, + key_slot_t *slot, + size_t bits ) +{ + psa_status_t status; + uint8_t *data; + size_t key_length; + size_t data_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, bits ); + data = mbedtls_calloc( 1, data_size ); + /* Get key data in export format */ + status = psa_internal_export_key( slot, data, data_size, &key_length, 0 ); + if( status != PSA_SUCCESS ) + { + slot->type = PSA_KEY_TYPE_NONE; + goto exit; + } + /* Store in file location */ + status = psa_save_persistent_key( key, slot->type, &slot->policy, + data, key_length ); + if( status != PSA_SUCCESS ) + { + slot->type = PSA_KEY_TYPE_NONE; + } +exit: + mbedtls_zeroize( data, key_length ); + mbedtls_free( data ); + return( status ); +} +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + /****************************************************************/ @@ -4309,7 +4340,15 @@ psa_status_t psa_generate_key( psa_key_slot_t key, return( PSA_ERROR_NOT_SUPPORTED ); slot->type = type; - return( PSA_SUCCESS ); + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + return( psa_save_generated_persistent_key( key, slot, bits ) ); + } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + + return( status ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7e70de38a..e1c1b0545 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1837,4 +1837,32 @@ validate_module_init_key_based: persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY:PSA_SUCCESS + +PSA generate persistent key: raw data, 8 bits +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY:PSA_SUCCESS + +PSA generate persistent key: AES, 128 bits, CTR +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_SUCCESS + +PSA generate persistent key: DES, 64 bits, CBC-nopad +depends_on:MBEDTLS_DES_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY:PSA_SUCCESS + +PSA generate persistent key: RSA, 1024 bits, good, sign (PSS SHA-256) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY:PSA_SUCCESS + +PSA generate persistent key: ECC, SECP256R1, good +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY:PSA_SUCCESS + +PSA derive persistent key: HKDF SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY:PSA_SUCCESS + +PSA generate persistent key: AES, 128 bits, CTR +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_ERROR_NOT_PERMITTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4692dbe84..53295befa 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -844,6 +844,13 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type, } } + +typedef enum { + IMPORT_KEY = 0, + GENERATE_KEY = 1, + DERIVE_KEY = 2 +} generate_method; + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -4034,9 +4041,11 @@ void validate_module_init_key_based( ) /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_key_load_key_from_storage( data_t *data, int type_arg, int bits, int usage_arg, - int alg_arg ) + int alg_arg, int generation_method, + int export_status ) { psa_key_slot_t slot = 1; + psa_key_slot_t base_key = 2; psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_type_t type_get; size_t bits_get; @@ -4044,6 +4053,9 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, psa_key_policy_t policy_get; psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg; psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg; + psa_key_policy_t base_policy_set; + psa_algorithm_t base_policy_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); @@ -4064,14 +4076,44 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, policy_alg ); TEST_ASSERT( psa_set_key_policy( slot, &policy_set ) == PSA_SUCCESS ); + switch( generation_method ) + { + case IMPORT_KEY: + /* Import the key */ + TEST_ASSERT( psa_import_key( slot, type, + data->x, data->len ) == PSA_SUCCESS ); + break; - /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, - data->x, data->len ) == PSA_SUCCESS ); + case GENERATE_KEY: + /* Generate a key */ + TEST_ASSERT( psa_generate_key( slot, type, bits, + NULL, 0 ) == PSA_SUCCESS ); + break; + + case DERIVE_KEY: + /* Create base key */ + psa_key_policy_init( &base_policy_set ); + + psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, + base_policy_alg ); + TEST_ASSERT( psa_set_key_policy( + base_key, &base_policy_set ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + data->x, data->len ) == PSA_SUCCESS ); + /* Derive a key. */ + TEST_ASSERT( psa_key_derivation( &generator, base_key, + base_policy_alg, + NULL, 0, NULL, 0, + export_size ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( + slot, PSA_KEY_TYPE_RAW_DATA, + bits, &generator ) == PSA_SUCCESS ); + break; + } /* Export the key */ TEST_ASSERT( psa_export_key( slot, first_export, export_size, - &first_exported_length ) == PSA_SUCCESS ); + &first_exported_length ) == export_status ); /* Shutdown and restart */ mbedtls_psa_crypto_free(); @@ -4096,13 +4138,27 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, /* Export the key again */ TEST_ASSERT( psa_export_key( slot, second_export, export_size, - &second_exported_length ) == PSA_SUCCESS ); + &second_exported_length ) == export_status ); - ASSERT_COMPARE( first_export, first_exported_length, - second_export, second_exported_length ); + if( export_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( first_export, first_exported_length, + second_export, second_exported_length ); - ASSERT_COMPARE( data->x, data->len, - first_export, first_exported_length ); + switch( generation_method ) + { + case IMPORT_KEY: + ASSERT_COMPARE( data->x, data->len, + first_export, first_exported_length ); + break; + default: + break; + } + } + + /* Do something with the key according to its type and permitted usage. */ + if( ! exercise_key( slot, policy_usage, policy_alg ) ) + goto exit; exit: mbedtls_free( first_export ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 505f1f9e1..0ede6e6c8 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -16,6 +16,7 @@ typedef struct { uint8_t data_len[4]; uint8_t key_data[]; } psa_persistent_key_storage_format; + /* END_HEADER */ /* BEGIN_DEPENDENCIES From 46119565607fed4149b804588629a80b39e91d8e Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 20 Nov 2018 18:30:34 +0200 Subject: [PATCH 0665/2197] Add new MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C configuration option - update configuration requires - update check_config.h to include MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - update con and config.h --- configs/config-psa-crypto.h | 17 ++++++++++++++++- include/mbedtls/check_config.h | 14 ++++++++++++-- include/mbedtls/config.h | 17 ++++++++++++++++- library/version_features.c | 3 +++ scripts/config.pl | 1 + 5 files changed, 48 insertions(+), 4 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 27e9ef1d6..f3a8b722f 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1529,7 +1529,9 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * Requires: MBEDTLS_PSA_CRYPTO_C and one of either + * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * (but not both) * */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -1547,6 +1549,19 @@ */ #define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * + * Enable persistent key storage over PSA ITS for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_its.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + /** * \def MBEDTLS_RIPEMD160_C * diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index f78e61bf1..21bede707 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -506,9 +506,14 @@ #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) +#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined" +#endif + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ - !( defined(MBEDTLS_PSA_CRYPTO_C) && \ - defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) ) + !( defined(MBEDTLS_PSA_CRYPTO_C) && \ + ( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) || \ + defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) ) #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" #endif @@ -518,6 +523,11 @@ #error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) && \ + ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +#error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2190ac519..b2a9a2e10 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2623,7 +2623,9 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * Requires: MBEDTLS_PSA_CRYPTO_C and one of either + * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * (but not both) * */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -2641,6 +2643,19 @@ */ #define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * + * Enable persistent key storage over PSA ITS for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_its.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + /** * \def MBEDTLS_RIPEMD160_C * diff --git a/library/version_features.c b/library/version_features.c index 7ef899717..00652f1e4 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -693,6 +693,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) + "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ #if defined(MBEDTLS_RIPEMD160_C) "MBEDTLS_RIPEMD160_C", #endif /* MBEDTLS_RIPEMD160_C */ diff --git a/scripts/config.pl b/scripts/config.pl index 69c6d5fce..81bb8950d 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -118,6 +118,7 @@ MBEDTLS_PLATFORM_TIME_ALT MBEDTLS_PLATFORM_FPRINTF_ALT MBEDTLS_PSA_CRYPTO_STORAGE_C MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C ); # Things that should be enabled in "full" even if they match @excluded From a90abf13b6e2be43a22a1bca41474bb3e032852b Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 20 Nov 2018 18:32:25 +0200 Subject: [PATCH 0666/2197] add MBEDTLS_PSA_HAS_ITS_IO update config.h,config-psa-crypto.h, version_features.c and config.pl --- configs/config-psa-crypto.h | 10 ++++++++++ include/mbedtls/config.h | 10 ++++++++++ library/version_features.c | 3 +++ scripts/config.pl | 3 +++ 4 files changed, 26 insertions(+) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index f3a8b722f..c9a8ebd62 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -710,6 +710,16 @@ */ //#define MBEDTLS_PSA_CRYPTO_SPM +/** + * \def MBEDTLS_PSA_HAS_ITS_IO + * + * Enable the non-volatile secure storage usage. + * + * This is crucial on systems that do not have a HW TRNG support. + * + */ +//#define MBEDTLS_PSA_HAS_ITS_IO + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index b2a9a2e10..c47c4714a 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1173,6 +1173,16 @@ */ //#define MBEDTLS_PSA_CRYPTO_SPM +/** + * \def MBEDTLS_PSA_HAS_ITS_IO + * + * Enable the non-volatile secure storage usage. + * + * This is crucial on systems that do not have a HW TRNG support. + * + */ +//#define MBEDTLS_PSA_HAS_ITS_IO + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/library/version_features.c b/library/version_features.c index 00652f1e4..af8149052 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -420,6 +420,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_SPM) "MBEDTLS_PSA_CRYPTO_SPM", #endif /* MBEDTLS_PSA_CRYPTO_SPM */ +#if defined(MBEDTLS_PSA_HAS_ITS_IO) + "MBEDTLS_PSA_HAS_ITS_IO", +#endif /* MBEDTLS_PSA_HAS_ITS_IO */ #if defined(MBEDTLS_RSA_NO_CRT) "MBEDTLS_RSA_NO_CRT", #endif /* MBEDTLS_RSA_NO_CRT */ diff --git a/scripts/config.pl b/scripts/config.pl index 81bb8950d..6d02ec05c 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -97,6 +97,8 @@ MBEDTLS_PKCS11_C MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM +MBEDTLS_PSA_HAS_ITS_IO +MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C _ALT\s*$ ); @@ -119,6 +121,7 @@ MBEDTLS_PLATFORM_FPRINTF_ALT MBEDTLS_PSA_CRYPTO_STORAGE_C MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C +MBEDTLS_PSA_HAS_ITS_IO ); # Things that should be enabled in "full" even if they match @excluded From a26d764bae2c25c1d87eae326ffcd47924a6220a Mon Sep 17 00:00:00 2001 From: Moran Peker Date: Tue, 20 Nov 2018 18:33:41 +0200 Subject: [PATCH 0667/2197] Add new PSA Crypto Storage backend implementation using ITS APIs The new file is conditionally compiled with the new mbedtls configuration option that Mbed OS would set by default - `MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C`. - --- library/CMakeLists.txt | 1 + library/Makefile | 1 + library/psa_crypto_storage_its.c | 184 +++++++++++++++++++++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 1 + 4 files changed, 187 insertions(+) create mode 100644 library/psa_crypto_storage_its.c diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 04e404c29..fb6b9569a 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -56,6 +56,7 @@ set(src_crypto psa_crypto.c psa_crypto_storage.c psa_crypto_storage_file.c + psa_crypto_storage_its.c ripemd160.c rsa.c rsa_internal.c diff --git a/library/Makefile b/library/Makefile index 83afa661e..aa8cecefa 100644 --- a/library/Makefile +++ b/library/Makefile @@ -84,6 +84,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ psa_crypto.o \ psa_crypto_storage.o \ psa_crypto_storage_file.o \ + psa_crypto_storage_its.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ threading.o timing.o version.o \ diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c new file mode 100644 index 000000000..29394b5d8 --- /dev/null +++ b/library/psa_crypto_storage_its.c @@ -0,0 +1,184 @@ +/* + * PSA storage backend for persistent keys using psa_its APIs. + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) + +#include "psa/crypto.h" +#include "psa_crypto_storage_backend.h" +#include "psa_prot_internal_storage.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#endif + +static psa_status_t its_to_psa_error( psa_its_status_t ret ) +{ + switch( ret ) + { + case PSA_ITS_SUCCESS: + return( PSA_SUCCESS ); + + case PSA_ITS_ERROR_KEY_NOT_FOUND: + return( PSA_ERROR_EMPTY_SLOT ); + + case PSA_ITS_ERROR_STORAGE_FAILURE: + return( PSA_ERROR_STORAGE_FAILURE ); + + case PSA_ITS_ERROR_INSUFFICIENT_SPACE: + return( PSA_ERROR_INSUFFICIENT_STORAGE ); + + case PSA_ITS_ERROR_INVALID_KEY: + case PSA_PS_ERROR_OFFSET_INVALID: + case PSA_ITS_ERROR_INCORRECT_SIZE: + case PSA_ITS_ERROR_BAD_POINTER: + return( PSA_ERROR_INVALID_ARGUMENT ); + + case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: + return( PSA_ERROR_NOT_SUPPORTED ); + + case PSA_ITS_ERROR_WRITE_ONCE: + return( PSA_ERROR_OCCUPIED_SLOT ); + + default: + return( PSA_ERROR_UNKNOWN_ERROR ); + } +} + +static uint32_t psa_its_identifier_of_slot( psa_key_slot_t key ) +{ + return( key ); +} + +psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, + size_t data_size ) +{ + psa_its_status_t ret; + psa_status_t status; + uint32_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_its_info_t data_identifier_info; + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + status = its_to_psa_error( ret ); + if( status != PSA_SUCCESS ) + return( status ); + + ret = psa_its_get( data_identifier, 0, data_size, data ); + status = its_to_psa_error( ret ); + + return( status ); +} + +int psa_is_key_present_in_storage( const psa_key_slot_t key ) +{ + psa_its_status_t ret; + uint32_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_its_info_t data_identifier_info; + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + + if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND ) + return( 0 ); + return( 1 ); +} + +psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, + const uint8_t *data, + size_t data_length ) +{ + psa_its_status_t ret; + psa_status_t status; + uint32_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_its_info_t data_identifier_info; + + if( psa_is_key_present_in_storage( key ) == 1 ) + return( PSA_ERROR_OCCUPIED_SLOT ); + + ret = psa_its_set( data_identifier, data_length, data, 0 ); + status = its_to_psa_error( ret ); + if( status != PSA_SUCCESS ) + { + return( PSA_ERROR_STORAGE_FAILURE ); + } + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + status = its_to_psa_error( ret ); + if( status != PSA_SUCCESS ) + { + goto exit; + } + + if( data_identifier_info.size != data_length ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + +exit: + if( status != PSA_SUCCESS ) + psa_its_remove( data_identifier ); + return( status ); +} + +psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ) +{ + psa_its_status_t ret; + uint32_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_its_info_t data_identifier_info; + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND ) + return( PSA_SUCCESS ); + + if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS ) + return( PSA_ERROR_STORAGE_FAILURE ); + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + if( ret != PSA_ITS_ERROR_KEY_NOT_FOUND ) + return( PSA_ERROR_STORAGE_FAILURE ); + + return( PSA_SUCCESS ); +} + +psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, + size_t *data_length ) +{ + psa_its_status_t ret; + psa_status_t status; + uint32_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_its_info_t data_identifier_info; + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + status = its_to_psa_error( ret ); + if( status != PSA_SUCCESS ) + return( status ); + + *data_length = (size_t) data_identifier_info.size; + + return( PSA_SUCCESS ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 91cf2f0fc..5d57a7504 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -291,6 +291,7 @@ + From 3a45d9e13bad588a93739a00c2c5f6aa0c84bc5e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 31 Oct 2018 19:00:48 +0000 Subject: [PATCH 0668/2197] CMake: psa: Enable installing of headers When installing via CMake, also install PSA headers so that PSA APIs can be more easily used from the installed library. --- include/CMakeLists.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 1b581a54d..67c66c8c6 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -3,11 +3,16 @@ option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON) if(INSTALL_MBEDTLS_HEADERS) file(GLOB headers "mbedtls/*.h") + file(GLOB psa_headers "psa/*.h") install(FILES ${headers} DESTINATION include/mbedtls PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + install(FILES ${psa_headers} + DESTINATION include/psa + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + endif(INSTALL_MBEDTLS_HEADERS) # Make config.h available in an out-of-source build. ssl-opt.sh requires it. From 5ae1fb6f69893370a42a199eba3efd35ba365c8a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 29 Oct 2018 17:40:05 +0000 Subject: [PATCH 0669/2197] CMake: Don't build non-crypto when a subproject When building Mbed Crypto as a subproject, don't add targets for libmbedx509 or libmbedtls, as the parent project should build these. The parent project will define USE_CRYPTO_SUBMODULE variable when using Mbed Crypto as a submodule, so we can depend on that variable to control whether or not we build non-crypto libraries. --- library/CMakeLists.txt | 61 +++++++++++++++++++++++++++--------------- 1 file changed, 40 insertions(+), 21 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 04e404c29..ba137b9f8 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -147,17 +147,23 @@ if(USE_STATIC_MBEDTLS_LIBRARY) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} ${libs}) - add_library(${mbedx509_static_target} STATIC ${src_x509}) - set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) - target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) + if(USE_CRYPTO_SUBMODULE) + install(TARGETS ${mbedcrypto_static_target} + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + else() + add_library(${mbedx509_static_target} STATIC ${src_x509}) + set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) + target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) - add_library(${mbedtls_static_target} STATIC ${src_tls}) - set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) - target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) + add_library(${mbedtls_static_target} STATIC ${src_tls}) + set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) + target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) - install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target} - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target} + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + endif() endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) @@ -165,20 +171,33 @@ if(USE_SHARED_MBEDTLS_LIBRARY) set_target_properties(mbedcrypto PROPERTIES VERSION 2.14.0 SOVERSION 3) target_link_libraries(mbedcrypto ${libs}) - add_library(mbedx509 SHARED ${src_x509}) - set_target_properties(mbedx509 PROPERTIES VERSION 2.14.0 SOVERSION 0) - target_link_libraries(mbedx509 ${libs} mbedcrypto) + if(USE_CRYPTO_SUBMODULE) + install(TARGETS mbedcrypto + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + else() + add_library(mbedx509 SHARED ${src_x509}) + set_target_properties(mbedx509 PROPERTIES VERSION 2.14.0 SOVERSION 0) + target_link_libraries(mbedx509 ${libs} mbedcrypto) - add_library(mbedtls SHARED ${src_tls}) - set_target_properties(mbedtls PROPERTIES VERSION 2.14.0 SOVERSION 12) - target_link_libraries(mbedtls ${libs} mbedx509) + add_library(mbedtls SHARED ${src_tls}) + set_target_properties(mbedtls PROPERTIES VERSION 2.14.0 SOVERSION 12) + target_link_libraries(mbedtls ${libs} mbedx509) - install(TARGETS mbedtls mbedx509 mbedcrypto - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + install(TARGETS mbedtls mbedx509 mbedcrypto + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + endif() endif(USE_SHARED_MBEDTLS_LIBRARY) -add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls) -if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static) +if(USE_CRYPTO_SUBMODULE) + add_custom_target(crypto_lib DEPENDS mbedcrypto) + if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + add_dependencies(crypto_lib mbedcrypto_static) + endif() +else() + add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls) + if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static) + endif() endif() From c74fe6a3e7afd048f84c81aa62f28666b44492db Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 30 Oct 2018 18:09:22 +0000 Subject: [PATCH 0670/2197] Add Mbed Crypto README.md Move our Mbed Crypto README out from the crypto folder and up to the top level for better visibility when using Mbed Crypto as a submodule of Mbed TLS. --- README.md | 203 ++++++++++------------------------------------- crypto/README.md | 66 --------------- 2 files changed, 41 insertions(+), 228 deletions(-) delete mode 100644 crypto/README.md diff --git a/README.md b/README.md index d7a0e9d6b..9699ca3d4 100644 --- a/README.md +++ b/README.md @@ -1,187 +1,66 @@ -README for Mbed TLS -=================== +# Mbed Crypto library -Configuration -------------- +The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only. -Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Perl script `scripts/config.pl` (use `--help` for usage instructions). +Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license. -Compiler options can be set using conventional environment variables such as `CC` and `CFLAGS` when using the Make and CMake build system (see below). +## PSA cryptography API -Compiling ---------- +Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. -There are currently three active build systems used within Mbed TLS releases: +The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. -- GNU Make -- CMake -- Microsoft Visual Studio (Microsoft Visual Studio 2010 or later) +The design goals of the PSA cryptography API include: -The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically. +* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired. +* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators. +* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications. +* The interface to algorithms is generic, favoring algorithm agility. +* The interface is designed to be easy to use and hard to accidentally misuse. -The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`. Also, when loading shared libraries using dlopen(), you'll need to load libmbedcrypto first, then libmbedx509, before you can load libmbedtls. +## Mbed Crypto implementation -### Make +Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C. -We require GNU Make. To build the library and the sample programs, GNU Make and a C compiler are sufficient. Some of the more advanced build targets require some Unix/Linux tools. +## Documentation -We intentionally only use a minimum of functionality in the makefiles in order to keep them as simple and independent of different toolchains as possible, to allow users to more easily move between different platforms. Users who need more features are recommended to use CMake. +Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents: -In order to build from the source code using GNU Make, just enter at the command line: +* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf). +* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html). - make +## Compiling -In order to run the tests, enter: +You need the following tools to build the library with the provided makefiles: - make check +* GNU Make. +* A C toolchain (compiler, linker, archiver). +* Python 2 or Python 3 (either will work) to generate the test code. +* Perl to run the tests. -The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with: +If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. - make no_test +To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example: +``` +make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar +``` +The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. -You'll still be able to run a much smaller set of tests with: +To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. - programs/test/selftest +## Example programs -In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if the target is Windows but the build environment is Unix-like (for instance when cross-compiling, or compiling from an MSYS shell), and `WINDOWS=1` if the build environment is a Windows shell (for instance using mingw32-make) (in that case some targets will not be available). +The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application. -Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved. +## Upcoming features -Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line. +Future releases of this library will include: -Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue. +* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms. +* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor. +* A configuration mechanism to compile only the algorithms you need for your application. +* A wider set of cryptographic algorithms. -In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://tls.mbed.org/kb). - -### CMake - -In order to build the source using CMake in a separate directory (recommended), just enter at the command line: - - mkdir /path/to/build_dir && cd /path/to/build_dir - cmake /path/to/mbedtls_source - make - -In order to run the tests, enter: - - make test - -The test suites need Perl to be built. If you don't have Perl installed, you'll want to disable the test suites with: - - cmake -DENABLE_TESTING=Off /path/to/mbedtls_source - -If you disabled the test suites, but kept the programs enabled, you can still run a much smaller set of tests with: - - programs/test/selftest - -To configure CMake for building shared libraries, use: - - cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On /path/to/mbedtls_source - -There are many different build modes available within the CMake buildsystem. Most of them are available for gcc and clang, though some are compiler-specific: - -- `Release`. This generates the default code without any unnecessary information in the binary files. -- `Debug`. This generates debug information and disables optimization of the code. -- `Coverage`. This generates code coverage information in addition to debug information. -- `ASan`. This instruments the code with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent version of gcc and clang.) (With recent version of clang, this mode also instruments the code with UndefinedSanitizer to check for undefined behaviour.) -- `ASanDbg`. Same as ASan but slower, with debug information and better stack traces. -- `MemSan`. This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86\_64. -- `MemSanDbg`. Same as MemSan but slower, with debug information, better stack traces and origin tracking. -- `Check`. This activates the compiler warnings that depend on optimization and treats all warnings as errors. - -Switching build modes in CMake is simple. For debug mode, enter at the command line: - - cmake -D CMAKE_BUILD_TYPE=Debug /path/to/mbedtls_source - -To list other available CMake options, use: - - cmake -LH - -Note that, with CMake, you can't adjust the compiler or its flags after the -initial invocation of cmake. This means that `CC=your_cc make` and `make -CC=your_cc` will *not* work (similarly with `CFLAGS` and other variables). -These variables need to be adjusted when invoking cmake for the first time, -for example: - - CC=your_cc cmake /path/to/mbedtls_source - -If you already invoked cmake and want to change those settings, you need to -remove the build directory and create it again. - -Note that it is possible to build in-place; this will however overwrite the -provided Makefiles (see `scripts/tmp_ignore_makefiles.sh` if you want to -prevent `git status` from showing them as modified). In order to do so, from -the Mbed TLS source directory, use: - - cmake . - make - -If you want to change `CC` or `CFLAGS` afterwards, you will need to remove the -CMake cache. This can be done with the following command using GNU find: - - find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} + - -You can now make the desired change: - - CC=your_cc cmake . - make - -Regarding variables, also note that if you set CFLAGS when invoking cmake, -your value of CFLAGS doesn't override the content provided by cmake (depending -on the build mode as seen above), it's merely prepended to it. - -### Microsoft Visual Studio - -The build files for Microsoft Visual Studio are generated for Visual Studio 2010. - -The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well. However, the selftest program in `programs/test/` is still available. - -Example programs ----------------- - -We've included example programs for a lot of different features and uses in [`programs/`](programs/README.md). Most programs only focus on a single feature or usage scenario, so keep that in mind when copying parts of the code. - -Tests ------ - -Mbed TLS includes an elaborate test suite in `tests/` that initially requires Perl to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function. - -For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available: - -- `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations. -- `tests/compat.sh` tests interoperability of every ciphersuite with other implementations. -- `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations. -- `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled -- `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc). - -Configurations --------------- - -We provide some non-standard configurations focused on specific use cases in the `configs/` directory. You can read more about those in `configs/README.txt` - -Porting Mbed TLS ----------------- - -Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful: - -- [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS) -- [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on) -- [How do I configure Mbed TLS](https://tls.mbed.org/kb/compiling-and-building/how-do-i-configure-mbedtls) - -Contributing ------------- - -We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions: - -- All contributions, whether large or small require a Contributor's License Agreement (CLA) to be accepted. This is because source code can possibly fall under copyright law and we need your consent to share in the ownership of the copyright. -- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions should be fully tested before submission. -- As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted. - -To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an Mbed account and [accepting the online agreement here with a click through](https://os.mbed.com/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an Mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to Arm as described in the instructions given. - -### Making a Contribution - -1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://forums.mbed.com/c/mbed-tls) around a feature idea or a bug. -2. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the "development" branch as a basis. -3. Write a test which shows that the bug was fixed or that the feature works as expected. -4. Send a pull request and bug us until it gets merged and published. Contributions may need some modifications, so work with us to get your change accepted. We will include your name in the ChangeLog :) +## Feedback welcome +Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially. diff --git a/crypto/README.md b/crypto/README.md deleted file mode 100644 index 9699ca3d4..000000000 --- a/crypto/README.md +++ /dev/null @@ -1,66 +0,0 @@ -# Mbed Crypto library - -The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only. - -Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license. - -## PSA cryptography API - -Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. - -The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. - -The design goals of the PSA cryptography API include: - -* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired. -* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators. -* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications. -* The interface to algorithms is generic, favoring algorithm agility. -* The interface is designed to be easy to use and hard to accidentally misuse. - -## Mbed Crypto implementation - -Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C. - -## Documentation - -Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents: - -* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf). -* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html). - -## Compiling - -You need the following tools to build the library with the provided makefiles: - -* GNU Make. -* A C toolchain (compiler, linker, archiver). -* Python 2 or Python 3 (either will work) to generate the test code. -* Perl to run the tests. - -If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. - -To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example: -``` -make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar -``` -The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. - -To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. - -## Example programs - -The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application. - -## Upcoming features - -Future releases of this library will include: - -* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms. -* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor. -* A configuration mechanism to compile only the algorithms you need for your application. -* A wider set of cryptographic algorithms. - -## Feedback welcome - -Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially. From 74a04cdd59b1a60ad9dc03e0c3b61687e1a13158 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 31 Oct 2018 17:43:00 +0000 Subject: [PATCH 0671/2197] Remove exporter script We no longer need an exporter script as we'll use our existing tooling in the top level directory for builds and releases. --- .gitignore | 14 --- crypto/.gitignore | 13 --- crypto/Makefile | 20 ---- crypto/library/Makefile | 78 ------------- crypto/programs/Makefile | 51 --------- crypto/tests/Makefile | 82 -------------- scripts/mbed_crypto.make | 239 --------------------------------------- tests/scripts/all.sh | 9 -- 8 files changed, 506 deletions(-) delete mode 100644 crypto/.gitignore delete mode 100644 crypto/Makefile delete mode 100644 crypto/library/Makefile delete mode 100644 crypto/programs/Makefile delete mode 100644 crypto/tests/Makefile delete mode 100644 scripts/mbed_crypto.make diff --git a/.gitignore b/.gitignore index ea732a496..f40064d5b 100644 --- a/.gitignore +++ b/.gitignore @@ -26,17 +26,3 @@ massif-* # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those: *.dir/ - -# Exported Mbed Crypto files -crypto/LICENSE -crypto/VERSION.txt -crypto/include/mbedcrypto/*.h -crypto/include/psa/*.h -crypto/library/*.c -crypto/programs/psa/*.c -crypto/programs/psa/*.sh -crypto/scripts -crypto/tests/scripts -crypto/tests/suites/*.data -crypto/tests/suites/*.function -mbedcrypto.tar.gz diff --git a/crypto/.gitignore b/crypto/.gitignore deleted file mode 100644 index ae4ba4530..000000000 --- a/crypto/.gitignore +++ /dev/null @@ -1,13 +0,0 @@ -*.exe -*.o -*.obj -/docs/*.pdf -/docs/html -/library/libmbedcrypto*.a -/library/libmbedcrypto*.dll -/library/libmbedcrypto*.so -/library/libmbedcrypto*.so.[0-9]* -/programs/psa/crypto_examples -/programs/psa/key_ladder_demo -/programs/psa/psa_constant_names -/tests/test_suite_* diff --git a/crypto/Makefile b/crypto/Makefile deleted file mode 100644 index 2230ed97c..000000000 --- a/crypto/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -.PHONY: all lib programs tests clean test - -all: programs tests - -lib: - $(MAKE) -C library - -programs: lib - $(MAKE) -C programs - -tests: lib - $(MAKE) -C tests - -clean: - $(MAKE) -C library clean - $(MAKE) -C programs clean - $(MAKE) -C tests clean - -test: lib tests - $(MAKE) -C tests test diff --git a/crypto/library/Makefile b/crypto/library/Makefile deleted file mode 100644 index 5b963c5ea..000000000 --- a/crypto/library/Makefile +++ /dev/null @@ -1,78 +0,0 @@ -CFLAGS ?= -O2 -I../include -WARNING_CFLAGS ?= \ - -Werror -Wall -Wextra \ - -Wno-unused-function \ - -Wno-overlength-strings \ - -Wdeclaration-after-statement \ -# Don't delete this line. - -OBJS_CRYPTO := \ - aes.o \ - aesni.o \ - arc4.o \ - asn1parse.o \ - asn1write.o \ - base64.o \ - bignum.o \ - blowfish.o \ - camellia.o \ - ccm.o \ - cipher.o \ - cipher_wrap.o \ - cmac.o \ - ctr_drbg.o \ - des.o \ - ecdsa.o \ - ecp.o \ - ecp_curves.o \ - entropy.o \ - entropy_poll.o \ - gcm.o \ - hmac_drbg.o \ - md.o \ - md2.o \ - md4.o \ - md5.o \ - md_wrap.o \ - oid.o \ - pem.o \ - pk.o \ - pk_wrap.o \ - pkcs12.o \ - pkcs5.o \ - pkparse.o \ - pkwrite.o \ - platform.o \ - platform_util.o \ - psa_crypto.o \ - psa_crypto_storage.o \ - psa_crypto_storage_file.o \ - ripemd160.o \ - rsa_internal.o \ - rsa.o \ - sha1.o \ - sha256.o \ - sha512.o \ - xtea.o \ -# Don't delete this line. - -.SILENT: - -.PHONY: all static clean - -all: static - -static: libmbedcrypto.a - -libmbedcrypto.a: $(OBJS_CRYPTO) - echo " AR $@" - $(AR) -rc $@ $(OBJS_CRYPTO) - echo " RL $@" - $(AR) -s $@ - -.c.o: - echo " CC $<" - $(CC) $(CFLAGS) $(WARNING_CFLAGS) -c $< - -clean: - rm -f *.o libmbedcrypto.a diff --git a/crypto/programs/Makefile b/crypto/programs/Makefile deleted file mode 100644 index 093b43dcf..000000000 --- a/crypto/programs/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -CFLAGS ?= -O2 -I../include -WARNING_CFLAGS ?= \ - -Werror -Wall -Wextra \ - -Wno-unused-function \ - -Wno-overlength-strings \ - -Wdeclaration-after-statement \ -# Don't delete this line. - -LDFLAGS ?= -L../library -lmbedcrypto - -DEP := ../library/libmbedcrypto.a - -APPS := \ - psa/crypto_examples \ - psa/key_ladder_demo \ - psa/psa_constant_names \ -# Don't delete this line. - -EXTRA_GENERATED := \ - psa/psa_constant_names_generated.c \ -# Don't delete this line. - -.SILENT: - -.PHONY: all clean list - -all: $(APPS) - -$(DEP): - $(MAKE) -C ../library - -psa/crypto_examples: psa/crypto_examples.c $(DEP) - echo " CC psa/crypto_examples.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -psa/key_ladder_demo: psa/key_ladder_demo.c $(DEP) - echo " CC psa/key_ladder_demo.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h - ../scripts/generate_psa_constants.py - -psa/psa_constant_names: psa/psa_constant_names_generated.c psa/psa_constant_names.c $(DEP) - echo " CC psa/psa_constant_names.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -clean: - rm -f $(APPS) $(EXTRA_GENERATED) - -list: - echo $(APPS) diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile deleted file mode 100644 index cc4355bed..000000000 --- a/crypto/tests/Makefile +++ /dev/null @@ -1,82 +0,0 @@ -CFLAGS ?= -O2 -I../include -I../library -WARNING_CFLAGS ?= \ - -Werror -Wall -Wextra \ - -Wno-unused-function \ - -Wno-overlength-strings \ - -Wdeclaration-after-statement \ -# Don't delete this line. - -LDFLAGS ?= -L../library -lmbedcrypto - -DEP := ../library/libmbedcrypto.a - -# Python executable -PYTHON ?= python - -APPS := \ - test_suite_psa_crypto \ - test_suite_psa_crypto_metadata \ - test_suite_psa_crypto_persistent_key \ - test_suite_psa_crypto_storage_file \ -# Don't delete this line. - -# Look up for associated function files -func.test_suite_psa_crypto := test_suite_psa_crypto -func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata -func.test_suite_psa_crypto_persistent_key := test_suite_psa_crypto_persistent_key -func.test_suite_psa_crypto_storage_file := test_suite_psa_crypto_storage_file - -.SILENT: - -.PHONY: all test clean - -all: $(APPS) - -$(DEP): - $(MAKE) -C ../library - -C_FILES := $(addsuffix .c,$(APPS)) - -.SECONDEXPANSION: -$(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function - echo " Gen $@" - $(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \ - -d suites/$*.data \ - -t suites/main_test.function \ - -p suites/host_test.function \ - -s suites \ - --helpers-file suites/helpers.function \ - -o . - - -$(APPS): %: %.c $(DEP) - echo " CC $<" - $(CC) $(CFLAGS) $(WARNING_CFLAGS) $< $(LDFLAGS) -o $@ - -clean: - rm -rf $(APPS) *.c *.data TESTS - rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write - -test: $(APPS) - ./test_suite_psa_crypto_metadata - ./test_suite_psa_crypto - ./test_suite_psa_crypto_persistent_key - ./test_suite_psa_crypto_storage_file - -# Create separate targets for generating embedded tests. -EMBEDDED_TESTS := $(addprefix embedded_,$(APPS)) - -# Generate test code for target. - -.SECONDEXPANSION: -$(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function - echo " Gen ./TESTS/mbedcrypto/$*/$*.c" - $(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \ - -d suites/$*.data \ - -t suites/main_test.function \ - -p suites/target_test.function \ - -s suites \ - --helpers-file suites/helpers.function \ - -o ./TESTS/mbedcrypto/$* - -gen-embedded-test: $(EMBEDDED_TESTS) diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make deleted file mode 100644 index f51f5f8f3..000000000 --- a/scripts/mbed_crypto.make +++ /dev/null @@ -1,239 +0,0 @@ -########################################################################### -# -# Copyright (c) 2018, ARM Limited, All Rights Reserved -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -########################################################################### - -# -# Use this file to export an Mbed Crypto release tarball as follows, from the -# top level of the mbedtls repo: -# -# 1) make -f scripts/mbed_crypto.make -# - -.PHONY: all clean FORCE - -all: mbedcrypto.tar.gz - -# -# Crypto-necessary library files -# -LIB_FILES := \ - aes.c \ - aesni.c \ - arc4.c \ - asn1parse.c \ - asn1write.c \ - base64.c \ - bignum.c \ - blowfish.c \ - camellia.c \ - ccm.c \ - cipher.c \ - cipher_wrap.c \ - cmac.c \ - ctr_drbg.c \ - des.c \ - ecdsa.c \ - ecp.c \ - ecp_curves.c \ - entropy.c \ - entropy_poll.c \ - gcm.c \ - hmac_drbg.c \ - md.c \ - md2.c \ - md4.c \ - md5.c \ - md_wrap.c \ - oid.c \ - pem.c \ - pk.c \ - pk_wrap.c \ - pkcs12.c \ - pkcs5.c \ - pkparse.c \ - pkwrite.c \ - platform.c \ - platform_util.c \ - psa_crypto.c \ - psa_crypto_storage.h \ - psa_crypto_storage.c \ - psa_crypto_storage_backend.h \ - psa_crypto_storage_file.c \ - ripemd160.c \ - rsa_internal.c \ - rsa.c \ - sha1.c \ - sha256.c \ - sha512.c \ - xtea.c \ -# Don't delete this line. - -# -# Crypto-necessary include files -# -INC_FILES := \ - mbedcrypto/aes.h \ - mbedcrypto/aesni.h \ - mbedcrypto/arc4.h \ - mbedcrypto/asn1.h \ - mbedcrypto/asn1write.h \ - mbedcrypto/base64.h \ - mbedcrypto/bignum.h \ - mbedcrypto/blowfish.h \ - mbedcrypto/bn_mul.h \ - mbedcrypto/camellia.h \ - mbedcrypto/ccm.h \ - mbedcrypto/certs.h \ - mbedcrypto/check_config.h \ - mbedcrypto/cipher.h \ - mbedcrypto/cipher_internal.h \ - mbedcrypto/cmac.h \ - mbedcrypto/config.h \ - mbedcrypto/ctr_drbg.h \ - mbedcrypto/des.h \ - mbedcrypto/ecdsa.h \ - mbedcrypto/ecp.h \ - mbedcrypto/ecp_internal.h \ - mbedcrypto/entropy.h \ - mbedcrypto/entropy_poll.h \ - mbedcrypto/error.h \ - mbedcrypto/gcm.h \ - mbedcrypto/hmac_drbg.h \ - mbedcrypto/md.h \ - mbedcrypto/md2.h \ - mbedcrypto/md4.h \ - mbedcrypto/md5.h \ - mbedcrypto/md_internal.h \ - mbedcrypto/oid.h \ - mbedcrypto/pem.h \ - mbedcrypto/pk.h \ - mbedcrypto/pk_internal.h \ - mbedcrypto/pkcs11.h \ - mbedcrypto/pkcs12.h \ - mbedcrypto/pkcs5.h \ - mbedcrypto/platform.h \ - mbedcrypto/platform_util.h \ - mbedcrypto/ripemd160.h \ - mbedcrypto/rsa.h \ - mbedcrypto/rsa_internal.h \ - mbedcrypto/sha1.h \ - mbedcrypto/sha256.h \ - mbedcrypto/sha512.h \ - mbedcrypto/threading.h \ - mbedcrypto/xtea.h \ - psa/crypto.h \ - psa/crypto_extra.h \ - psa/crypto_platform.h \ - psa/crypto_sizes.h \ - psa/crypto_struct.h \ -# Don't delete this line. - -TEST_FILES := \ - tests/scripts/generate_test_code.py \ - tests/scripts/mbedtls_test.py \ - tests/scripts/test_generate_test_code.py \ - tests/scripts/run-test-suites.pl \ - tests/suites/helpers.function \ - tests/suites/host_test.function \ - tests/suites/main_test.function \ - tests/suites/target_test.function \ - tests/suites/test_suite_psa_crypto.data \ - tests/suites/test_suite_psa_crypto.function \ - tests/suites/test_suite_psa_crypto_hash.data \ - tests/suites/test_suite_psa_crypto_hash.function \ - tests/suites/test_suite_psa_crypto_metadata.data \ - tests/suites/test_suite_psa_crypto_metadata.function \ - tests/suites/test_suite_psa_crypto_persistent_key.data \ - tests/suites/test_suite_psa_crypto_persistent_key.function \ - tests/suites/test_suite_psa_crypto_storage_file.data \ - tests/suites/test_suite_psa_crypto_storage_file.function \ -# Don't delete this line. - -OTHER_FILES := \ - LICENSE \ - VERSION.txt \ - programs/psa/crypto_examples.c \ - programs/psa/key_ladder_demo.c \ - programs/psa/key_ladder_demo.sh \ - programs/psa/psa_constant_names.c \ - scripts/config.pl \ - scripts/generate_psa_constants.py \ -# Don't delete this line. - -# Prepend destination directory -LIB_FILES := $(addprefix crypto/library/,$(LIB_FILES)) -INC_FILES := $(addprefix crypto/include/,$(INC_FILES)) -TEST_FILES := $(addprefix crypto/,$(TEST_FILES)) -OTHER_FILES := $(addprefix crypto/,$(OTHER_FILES)) - -define rename_mbedcrypto - @sed -i -e 's/Mbed TLS/Mbed Crypto/g' $(1) - @sed -i -e 's/mbed TLS/Mbed Crypto/g' $(1) - @sed -i -e 's/MBEDTLS_/MBEDCRYPTO_/g' $(1) - @sed -i -e 's/mbedtls/mbedcrypto/g' $(1) - @sed -i -e 's/MbedTls/MbedCrypto/g' $(1) - @sed -i -e 's/include\/mbedtls/include\/mbedcrypto/g' $(1) -endef - -crypto/include/mbedcrypto/config.h: configs/config-psa-crypto.h - @echo $@ - @mkdir -p $(dir $@) - @cp $< $@ - @#Rename the file in the comments - @sed -i -e 's/config-psa-crypto.h/config.h/g' $@ - $(call rename_mbedcrypto,$@) - -crypto/tests/data_files/%: tests/data_files/% - @echo $@ - @mkdir -p $(dir $@) - @cp $< $@ - @#Don't rename things inside data files - -crypto/include/mbedcrypto/%.h: include/mbedtls/%.h - @echo $@ - @mkdir -p $(dir $@) - @cp $< $@ - $(call rename_mbedcrypto,$@) - -crypto/LICENSE: apache-2.0.txt - @echo $@ - @mkdir -p $(dir $@) - @cp $< $@ - @#Don't rename anything in the license - -crypto/%: % - @echo $@ - @mkdir -p $(dir $@) - @cp $< $@ - $(call rename_mbedcrypto,$@) - -crypto/VERSION.txt: FORCE - @git describe --tags --abbrev=12 --dirty --always > $@ - -mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES) - @echo $@ - @tar czf mbedcrypto.tar.gz crypto - -clean: - @echo clean - @rm -rf mbedcrypto.tar.gz \ - $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES) - -FORCE: - -# vi: ft=make diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 73152cf05..43f1db600 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -440,15 +440,6 @@ msg "test: doxygen warnings" # ~ 3s cleanup record_status tests/scripts/doxygen.sh -msg "test: Mbed Crypto exporter " # ~ 30s -cleanup -make -f scripts/mbed_crypto.make -cd crypto -make test -make clean -cd .. -make -f scripts/mbed_crypto.make clean - ################################################################ #### Build and test many configurations and targets From c6e4ab00a8e6c67864eca6752efd03c6d6b64b56 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 1 Nov 2018 16:56:08 +0000 Subject: [PATCH 0672/2197] Use parent module includes when used as a submodule For Makefiles, enable overriding where includes can come from in order to enable the parent module to set the include path. This allows the parent module to specify that its config.h should be used, even when the submodule when built standalone would use a different config.h. For CMake, always look in the parent's include folder and our own. List the parent's include folder first, so that preference is given to parent include files. --- library/CMakeLists.txt | 6 ++++++ library/Makefile | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index ba137b9f8..433fab11c 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -146,6 +146,9 @@ if(USE_STATIC_MBEDTLS_LIBRARY) add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} ${libs}) + target_include_directories(${mbedcrypto_static_target} + PUBLIC ${CMAKE_SOURCE_DIR}/include/ + PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) if(USE_CRYPTO_SUBMODULE) install(TARGETS ${mbedcrypto_static_target} @@ -170,6 +173,9 @@ if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedcrypto SHARED ${src_crypto}) set_target_properties(mbedcrypto PROPERTIES VERSION 2.14.0 SOVERSION 3) target_link_libraries(mbedcrypto ${libs}) + target_include_directories(mbedcrypto + PUBLIC ${CMAKE_SOURCE_DIR}/include/ + PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) if(USE_CRYPTO_SUBMODULE) install(TARGETS mbedcrypto diff --git a/library/Makefile b/library/Makefile index 83afa661e..5814ae8a1 100644 --- a/library/Makefile +++ b/library/Makefile @@ -5,7 +5,8 @@ CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement LDFLAGS ?= -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64 +CRYPTO_INCLUDES ?= -I../include +LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = ifdef DEBUG From 11293cccedddc864d2f7ae1aa33d74fba4abf47b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 12:22:34 +0000 Subject: [PATCH 0673/2197] README: Update with how to use as a subproject --- README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.md b/README.md index 9699ca3d4..a7270686d 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,23 @@ The provided makefiles pass options to the compiler that assume a GCC-like comma To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. +### Compiling as a subproject + +Mbed Crypto supports being built as a subproject of Mbed TLS. Mbed TLS can use Mbed Crypto for its cryptography implementation by using Mbed Crypto as a subproject. + +From the Mbed TLS project repository, CMake can be invoked as follows to build Mbed TLS using Mbed Crypto's `libmbedcrypto`. +``` +mkdir cmake +cd cmake +cmake .. -DUSE_CRYPTO_SUBMODULE=1 +make -j +make test +``` + +When building Mbed Crypto as a subproject of Mbed TLS, the Mbed TLS +configuration file (config.h) is used, and not the Mbed Crypto configuration +file. + ## Example programs The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application. From a49ba5ea5f208fc8bc491176fdaca6e8b562f97e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 9 Nov 2018 15:46:12 +0000 Subject: [PATCH 0674/2197] README: Specify that C99 is required --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a7270686d..d412a4d79 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ Since the Mbed Crypto library is a reference implementation of the PSA cryptogra You need the following tools to build the library with the provided makefiles: * GNU Make. -* A C toolchain (compiler, linker, archiver). +* A C99 toolchain (compiler, linker, archiver). * Python 2 or Python 3 (either will work) to generate the test code. * Perl to run the tests. From 852dac2df8d5a423716fa754c690a8e6bbdf38fb Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 9 Nov 2018 15:47:58 +0000 Subject: [PATCH 0675/2197] README: Update with the CMake build option Note that one can also use CMake and doesn't strictly require GNU Make. For instance, telling CMake to output Visual Studio project files and using those would preclude the need for GNU Make. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d412a4d79..5b5215329 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ Since the Mbed Crypto library is a reference implementation of the PSA cryptogra You need the following tools to build the library with the provided makefiles: -* GNU Make. +* GNU Make or a build tool that CMake supports. * A C99 toolchain (compiler, linker, archiver). * Python 2 or Python 3 (either will work) to generate the test code. * Perl to run the tests. From 3c7cc5eb1858e1910edfcf2d9a8e73316c2ced8e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 15 Nov 2018 17:38:58 +0000 Subject: [PATCH 0676/2197] Makefile: Install PSA headers When running `make install`, it can be desirable for the PSA Crypto header files to get installed as well, so that the PSA portions of the library are usable. --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index f4c0a0021..f32641a22 100644 --- a/Makefile +++ b/Makefile @@ -24,6 +24,8 @@ ifndef WINDOWS install: no_test mkdir -p $(DESTDIR)/include/mbedtls cp -rp include/mbedtls $(DESTDIR)/include + mkdir -p $(DESTDIR)/include/psa + cp -rp include/psa $(DESTDIR)/include mkdir -p $(DESTDIR)/lib cp -RP library/libmbedtls.* $(DESTDIR)/lib From 910c76b3d101a47fd39dbdadcbc1cabf37ed36de Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 21 Nov 2018 16:03:21 +0200 Subject: [PATCH 0677/2197] Check that memory allocation was successful in psa_save_generated_persistent_key --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 58cb73830..05b8a8e8b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1117,6 +1117,8 @@ static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key, size_t key_length; size_t data_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, bits ); data = mbedtls_calloc( 1, data_size ); + if( data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); /* Get key data in export format */ status = psa_internal_export_key( slot, data, data_size, &key_length, 0 ); if( status != PSA_SUCCESS ) From 2bcd312cda2f1eafaf827ae389963f2591d8f043 Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Mon, 19 Nov 2018 11:53:02 +0200 Subject: [PATCH 0678/2197] Add entropy injection function to psa cripto APIs --- include/psa/crypto_extra.h | 27 +++++++++++++++++++++++++++ library/psa_crypto.c | 29 ++++++++++++++++++++++++++++- 2 files changed, 55 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 2d03f7311..f39f33963 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -34,6 +34,9 @@ extern "C" { #endif +/* UID for secure storage seed */ +#define MBED_RANDOM_SEED_ITS_UID 0xFFFFFF52 + /** * \brief Library deinitialization. * @@ -44,6 +47,30 @@ extern "C" { */ void mbedtls_psa_crypto_free( void ); + +#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) +/** + * \brief Inject initial entropy seed into persistent storage for random capabilities. + * + * \warning This function **can** fail! Callers MUST check the return status. + * + * \note To use this function both mbedtls_nv_seed_read and mbedtls_nv_seed_write + * must be defined. + * + * \param seed[in] Buffer storing the seed value to inject. + * \param seed_size[in] Size of the \p seed buffer. The minimum size of the seed is MBEDTLS_ENTROPY_MIN_PLATFORM + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_BAD_STATE + */ +psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, + size_t seed_size); + +#endif + #ifdef __cplusplus } #endif diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 58cb73830..77314f2dd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -69,6 +69,7 @@ #include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" +#include "mbedtls/entropy_poll.h" #include "mbedtls/error.h" #include "mbedtls/gcm.h" #include "mbedtls/md2.h" @@ -85,7 +86,9 @@ #include "mbedtls/sha512.h" #include "mbedtls/xtea.h" - +#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) +#include "psa_prot_internal_storage.h" +#endif #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) @@ -4223,6 +4226,30 @@ psa_status_t psa_generate_random( uint8_t *output, return( mbedtls_to_psa_error( ret ) ); } +#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) +psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, + size_t seed_size ) +{ + psa_status_t status; + struct psa_its_info_t p_info; + if( global_data.initialized ) + return( PSA_ERROR_NOT_PERMITTED ); + if( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info ); + if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */ + { + status = psa_its_set( MBED_RANDOM_SEED_ITS_UID, seed_size, seed, 0 ); + } + else if( PSA_ITS_SUCCESS == status ) + { + /* You should not be here. Seed needs to be injected only once */ + status = PSA_ERROR_NOT_PERMITTED; + } + return( status ); +} +#endif + psa_status_t psa_generate_key( psa_key_slot_t key, psa_key_type_t type, size_t bits, From 9468bb241c5c4ad9d7353966cb2db93eff540dd5 Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Mon, 19 Nov 2018 11:53:55 +0200 Subject: [PATCH 0679/2197] Add Tests for psa crypto entropy incjection --- tests/CMakeLists.txt | 1 + .../suites/test_suite_psa_crypto_entropy.data | 14 +++ .../test_suite_psa_crypto_entropy.function | 88 +++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_entropy.data create mode 100644 tests/suites/test_suite_psa_crypto_entropy.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 34658c8e1..95d60ff31 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -111,6 +111,7 @@ add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) add_test_suite(psa_crypto) +add_test_suite(psa_crypto_entropy) add_test_suite(psa_crypto_hash) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data new file mode 100644 index 000000000..1fc972aa0 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_entropy.data @@ -0,0 +1,14 @@ +PSA validate entropy injection: good, minimum size +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED + +PSA validate entropy injection: good, max size +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED + +PSA validate entropy injection: bad, too big +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS + +PSA validate entropy injection: bad, too small +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS + +PSA validate entropy injection: before and after crypto_init +run_entropy_inject_with_crypto_init: \ No newline at end of file diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function new file mode 100644 index 000000000..a134abe71 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -0,0 +1,88 @@ +/* BEGIN_HEADER */ +#include + +#include "psa/crypto.h" +#include "psa_prot_internal_storage.h" +#include "mbedtls/entropy.h" +#include "mbedtls/entropy_poll.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void validate_entropy_seed_injection( int seed_length_a, + int expected_status_a, + int seed_length_b, + int expected_status_b ) +{ + psa_its_status_t its_status; + psa_status_t status; + uint8_t output[32] = { 0 }; + uint8_t zeros[32] = { 0 }; + uint8_t *seed = NULL; + int i; + int seed_size; + if( seed_length_a > seed_length_b) + { + seed_size = seed_length_a; + } + else + { + seed_size = seed_length_b; + } + ASSERT_ALLOC( seed, seed_size ); + /* fill seed in some data */ + for( i = 0; i < seed_size; ++i) + { + seed[i] = i; + } + its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); + status = mbedtls_psa_inject_entropy( seed, seed_length_a ); + TEST_ASSERT( status == expected_status_a ); + status = mbedtls_psa_inject_entropy( seed, seed_length_b ); + TEST_ASSERT( status == expected_status_b ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 ); +exit: + mbedtls_free( seed ); + psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void run_entropy_inject_with_crypto_init( ) +{ + psa_its_status_t its_status; + psa_status_t status; + int i; + uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0}; + /* fill seed in some data */ + for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i) + { + seed[i] = i; + } + its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); + status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM ); + TEST_ASSERT( status == PSA_SUCCESS ); + its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM ); + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + mbedtls_psa_crypto_free( ); + /* The seed is written by nv_seed callback functions therefore the injection will fail */ + status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM ); + TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); +exit: + psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 212a793217b8356852f54c88d3769df28b970a97 Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Mon, 19 Nov 2018 12:19:19 +0200 Subject: [PATCH 0680/2197] add MBEDTLS_PSA_HAS_ITS_IO to config.h --- include/mbedtls/config.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c47c4714a..c1619fbad 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1103,6 +1103,16 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED +/** + * \def MBEDTLS_PSA_HAS_ITS_IO + * + * Enable the non-volatile secure storage usage. + * + * This is crucial on systems that do not have a HW TRNG support. + * + */ +//#define MBEDTLS_PSA_HAS_ITS_IO + /** * \def MBEDTLS_MEMORY_DEBUG * From 0338ded2f4183251b6c4a8971087ba998629840f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Nov 2018 18:19:27 +0100 Subject: [PATCH 0681/2197] Improve documentation of mbedtls_psa_inject_entropy Explain what the function does, why one would use it, how to use it, how to handle its input, and what the status codes mean. --- include/psa/crypto_extra.h | 51 +++++++++++++++++++++++++++++++++----- 1 file changed, 45 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f39f33963..e40a50520 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -50,21 +50,60 @@ void mbedtls_psa_crypto_free( void ); #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) /** - * \brief Inject initial entropy seed into persistent storage for random capabilities. + * \brief Inject an initial entropy seed for the random generator. + * + * This function injects data to be used as a seed for the random generator + * used by the PSA Crypto implementation. On devices that lack a trusted + * entropy source (preferably a hardware random number generator), + * the Mbed PSA Crypto implementation uses this value to seed its + * random generator. + * + * On devices without a trusted entropy source, this function must be + * called exactly once in the lifetime of the device. On devices with + * a trusted entropy source, calling this function is optional. + * In all cases, this function may only be called before calling any + * other function in the PSA Crypto API, including psa_crypto_init(). + * + * When this function returns successfully, it populates a file in + * persistent storage. Once the file has been created, this function + * can no longer succeed. + * If any error occurs, the file is not created, and you may call this + * function again after correcting the reason for the error. * * \warning This function **can** fail! Callers MUST check the return status. * - * \note To use this function both mbedtls_nv_seed_read and mbedtls_nv_seed_write - * must be defined. + * \warning If you use this function, you should use it as part of a + * factory provisioning process. The value of the injected seed + * is critical to the security of the device. It must be + * *secret*, *unpredictable* and (statistically) *unique per device*. + * You should be generate it randomly using a cryptographically + * secure random generator seeded from trusted entropy sources. + * You should transmit it securely to the device and ensure + * that its value is not leaked or stored anywhere beyond the + * needs of transmitting it from the point of generation to + * the call of this function, and erase all copies of the value + * once this function returns. * - * \param seed[in] Buffer storing the seed value to inject. - * \param seed_size[in] Size of the \p seed buffer. The minimum size of the seed is MBEDTLS_ENTROPY_MIN_PLATFORM + * This is an Mbed TLS extension. + * + * \param seed[in] Buffer containing the seed value to inject. + * \param seed_size Size of the \p seed buffer. + * The minimum size of the seed is + * #MBEDTLS_ENTROPY_MIN_PLATFORM. * * \retval #PSA_SUCCESS + * The seed value was injected successfully. The random generator + * of the PSA Crypto implementation is now ready for use. + * You may now call psa_crypto_init() and use the PSA Crypto + * implementation. * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p seed_size is not large enough. * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval `PSA_ITS_ERROR_XXX` + * There was a failure reading or writing from storage. * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_BAD_STATE + * The library has already been initialized. It is no longer + * possible to call this function. */ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, size_t seed_size); From ee2ffd311bf5496f20d6984eb2f1b0c83390704c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 11:02:49 +0100 Subject: [PATCH 0682/2197] Document the maximum seed size as well as the minimum --- include/psa/crypto_extra.h | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index e40a50520..c7accd1f9 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -50,7 +50,8 @@ void mbedtls_psa_crypto_free( void ); #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) /** - * \brief Inject an initial entropy seed for the random generator. + * \brief Inject an initial entropy seed for the random generator into + * secure storage. * * This function injects data to be used as a seed for the random generator * used by the PSA Crypto implementation. On devices that lack a trusted @@ -67,8 +68,10 @@ void mbedtls_psa_crypto_free( void ); * When this function returns successfully, it populates a file in * persistent storage. Once the file has been created, this function * can no longer succeed. - * If any error occurs, the file is not created, and you may call this - * function again after correcting the reason for the error. + * + * If any error occurs, this function does not change the system state. + * You can call this function again after correcting the reason for the + * error if possible. * * \warning This function **can** fail! Callers MUST check the return status. * @@ -88,8 +91,9 @@ void mbedtls_psa_crypto_free( void ); * * \param seed[in] Buffer containing the seed value to inject. * \param seed_size Size of the \p seed buffer. - * The minimum size of the seed is - * #MBEDTLS_ENTROPY_MIN_PLATFORM. + * The size of the seed must be + * at least #MBEDTLS_ENTROPY_MIN_PLATFORM bytes + * and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes. * * \retval #PSA_SUCCESS * The seed value was injected successfully. The random generator @@ -97,7 +101,7 @@ void mbedtls_psa_crypto_free( void ); * You may now call psa_crypto_init() and use the PSA Crypto * implementation. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p seed_size is not large enough. + * \p seed_size is out of range. * \retval #PSA_ERROR_STORAGE_FAILURE * \retval `PSA_ITS_ERROR_XXX` * There was a failure reading or writing from storage. From 21f37cbbecd955f82854f2291a6e68dfd9183d8a Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Mon, 19 Nov 2018 11:53:55 +0200 Subject: [PATCH 0683/2197] Add Tests for psa crypto entropy incjection Adjust code to handle and work with MBEDTLS_ENTROPY_BLOCK_SIZE definition option --- include/psa/crypto_extra.h | 6 ++++-- library/psa_crypto.c | 8 ++++++-- library/version_features.c | 3 +++ tests/suites/test_suite_psa_crypto_entropy.data | 9 +++++---- tests/suites/test_suite_psa_crypto_entropy.function | 10 +++++----- 5 files changed, 23 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index c7accd1f9..13134926f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -91,8 +91,10 @@ void mbedtls_psa_crypto_free( void ); * * \param seed[in] Buffer containing the seed value to inject. * \param seed_size Size of the \p seed buffer. - * The size of the seed must be - * at least #MBEDTLS_ENTROPY_MIN_PLATFORM bytes + * The size of the seed must be equal or larger than any + * of the values defined both in + * #MBEDTLS_ENTROPY_MIN_PLATFORM + * and in the #MBEDTLS_ENTROPY_BLOCK_SIZE defines * and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes. * * \retval #PSA_SUCCESS diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 77314f2dd..26bea1980 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4234,8 +4234,12 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, struct psa_its_info_t p_info; if( global_data.initialized ) return( PSA_ERROR_NOT_PERMITTED ); - if( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + + if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || + ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) || + ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info ); if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */ { diff --git a/library/version_features.c b/library/version_features.c index af8149052..590f949f4 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -402,6 +402,9 @@ static const char *features[] = { #if defined(MBEDTLS_ENTROPY_NV_SEED) "MBEDTLS_ENTROPY_NV_SEED", #endif /* MBEDTLS_ENTROPY_NV_SEED */ +#if defined(MBEDTLS_PSA_HAS_ITS_IO) + "MBEDTLS_PSA_HAS_ITS_IO", +#endif /* MBEDTLS_PSA_HAS_ITS_IO */ #if defined(MBEDTLS_MEMORY_DEBUG) "MBEDTLS_MEMORY_DEBUG", #endif /* MBEDTLS_MEMORY_DEBUG */ diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data index 1fc972aa0..bbc056d92 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.data +++ b/tests/suites/test_suite_psa_crypto_entropy.data @@ -1,14 +1,15 @@ PSA validate entropy injection: good, minimum size -validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED +validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_ERROR_NOT_PERMITTED PSA validate entropy injection: good, max size validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED PSA validate entropy injection: bad, too big -validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS PSA validate entropy injection: bad, too small -validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS +validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS PSA validate entropy injection: before and after crypto_init -run_entropy_inject_with_crypto_init: \ No newline at end of file +run_entropy_inject_with_crypto_init: + diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index a134abe71..1cb58b9a2 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -62,24 +62,24 @@ void run_entropy_inject_with_crypto_init( ) psa_its_status_t its_status; psa_status_t status; int i; - uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0}; + uint8_t seed[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0}; /* fill seed in some data */ - for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i) + for( i = 0; i < MBEDTLS_ENTROPY_BLOCK_SIZE; ++i) { seed[i] = i; } its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM ); + status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); TEST_ASSERT( status == PSA_SUCCESS ); its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM ); + status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); mbedtls_psa_crypto_free( ); /* The seed is written by nv_seed callback functions therefore the injection will fail */ - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM ); + status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: psa_its_remove(MBED_RANDOM_SEED_ITS_UID); From 4d27c94aee2746a9bce74edab06ed1dadcc707f5 Mon Sep 17 00:00:00 2001 From: avolinski Date: Tue, 20 Nov 2018 15:48:54 +0200 Subject: [PATCH 0684/2197] Adding testcase for PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM --- tests/suites/test_suite_psa_crypto_entropy.data | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data index bbc056d92..a2355d50a 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.data +++ b/tests/suites/test_suite_psa_crypto_entropy.data @@ -7,7 +7,10 @@ validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTL PSA validate entropy injection: bad, too big validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS -PSA validate entropy injection: bad, too small +PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS + +PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS PSA validate entropy injection: before and after crypto_init From 7cc8229d80110c4664306d6bc728727c035e7858 Mon Sep 17 00:00:00 2001 From: avolinski Date: Tue, 20 Nov 2018 15:52:25 +0200 Subject: [PATCH 0685/2197] Replace MBED_RANDOM_SEED_ITS_UID with MBEDTLS_RANDOM_SEED_ITS_UID Update mbedtls_psa_inject_entropy function documentation --- include/psa/crypto_extra.h | 12 ++++++------ library/psa_crypto.c | 4 ++-- tests/suites/test_suite_psa_crypto_entropy.function | 10 +++++----- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 13134926f..880e09c24 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -35,7 +35,7 @@ extern "C" { #endif /* UID for secure storage seed */ -#define MBED_RANDOM_SEED_ITS_UID 0xFFFFFF52 +#define MBEDTLS_RANDOM_SEED_ITS_UID 0xFFFFFF52 /** * \brief Library deinitialization. @@ -91,11 +91,11 @@ void mbedtls_psa_crypto_free( void ); * * \param seed[in] Buffer containing the seed value to inject. * \param seed_size Size of the \p seed buffer. - * The size of the seed must be equal or larger than any - * of the values defined both in - * #MBEDTLS_ENTROPY_MIN_PLATFORM - * and in the #MBEDTLS_ENTROPY_BLOCK_SIZE defines - * and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes. + * The size of the seed in bytes must be greater + * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM + * and #MBEDTLS_ENTROPY_BLOCK_SIZE. + * It must be less or equal to + * #MBEDTLS_ENTROPY_MAX_SEED_SIZE. * * \retval #PSA_SUCCESS * The seed value was injected successfully. The random generator diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 26bea1980..fe73d1d35 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4240,10 +4240,10 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info ); + status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info ); if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */ { - status = psa_its_set( MBED_RANDOM_SEED_ITS_UID, seed_size, seed, 0 ); + status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 ); } else if( PSA_ITS_SUCCESS == status ) { diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 1cb58b9a2..4be2c5a34 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -40,7 +40,7 @@ void validate_entropy_seed_injection( int seed_length_a, { seed[i] = i; } - its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + its_status = psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); TEST_ASSERT( status == expected_status_a ); @@ -51,7 +51,7 @@ void validate_entropy_seed_injection( int seed_length_a, TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 ); exit: mbedtls_free( seed ); - psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -68,11 +68,11 @@ void run_entropy_inject_with_crypto_init( ) { seed[i] = i; } - its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + its_status = psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); TEST_ASSERT( status == PSA_SUCCESS ); - its_status = psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + its_status = psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); @@ -82,7 +82,7 @@ void run_entropy_inject_with_crypto_init( ) status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - psa_its_remove(MBED_RANDOM_SEED_ITS_UID); + psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 13beb100c285a19e7c71cd50cb15ef68662fdc3a Mon Sep 17 00:00:00 2001 From: avolinski Date: Tue, 20 Nov 2018 16:51:49 +0200 Subject: [PATCH 0686/2197] Adjust psa entropy inject tests to take as minimum seed size the maximum of MBEDTLS_ENTROPY_MIN_PLATFORM and MBEDTLS_ENTROPY_BLOCK_SIZE --- library/psa_crypto.c | 48 +++++++++++++++-- .../suites/test_suite_psa_crypto_entropy.data | 8 +-- .../test_suite_psa_crypto_entropy.function | 54 ++++++++++++------- 3 files changed, 82 insertions(+), 28 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fe73d1d35..cc5532a00 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4227,10 +4227,46 @@ psa_status_t psa_generate_random( uint8_t *output, } #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) + +/* Support function for error conversion between psa_its error codes to psa crypto */ +static psa_status_t its_to_psa_error( psa_its_status_t ret ) +{ + switch( ret ) + { + case PSA_ITS_SUCCESS: + return( PSA_SUCCESS ); + + case PSA_ITS_ERROR_KEY_NOT_FOUND: + return( PSA_ERROR_EMPTY_SLOT ); + + case PSA_ITS_ERROR_STORAGE_FAILURE: + return( PSA_ERROR_STORAGE_FAILURE ); + + case PSA_ITS_ERROR_INSUFFICIENT_SPACE: + return( PSA_ERROR_INSUFFICIENT_STORAGE ); + + case PSA_ITS_ERROR_INVALID_KEY: + case PSA_PS_ERROR_OFFSET_INVALID: + case PSA_ITS_ERROR_INCORRECT_SIZE: + case PSA_ITS_ERROR_BAD_POINTER: + return( PSA_ERROR_INVALID_ARGUMENT ); + + case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: + return( PSA_ERROR_NOT_SUPPORTED ); + + case PSA_ITS_ERROR_WRITE_ONCE: + return( PSA_ERROR_OCCUPIED_SLOT ); + + default: + return( PSA_ERROR_UNKNOWN_ERROR ); + } +} + psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, size_t seed_size ) { psa_status_t status; + psa_its_status_t its_status; struct psa_its_info_t p_info; if( global_data.initialized ) return( PSA_ERROR_NOT_PERMITTED ); @@ -4240,16 +4276,20 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info ); - if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */ + its_status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info ); + status = its_to_psa_error( its_status ); + + if( PSA_ITS_ERROR_KEY_NOT_FOUND == its_status ) /* No seed exists */ { - status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 ); + its_status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 ); + status = its_to_psa_error( its_status ); } - else if( PSA_ITS_SUCCESS == status ) + else if( PSA_ITS_SUCCESS == its_status ) { /* You should not be here. Seed needs to be injected only once */ status = PSA_ERROR_NOT_PERMITTED; } + return( status ); } #endif diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data index a2355d50a..61593e9d6 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.data +++ b/tests/suites/test_suite_psa_crypto_entropy.data @@ -1,17 +1,17 @@ PSA validate entropy injection: good, minimum size -validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_ERROR_NOT_PERMITTED +validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED PSA validate entropy injection: good, max size validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED PSA validate entropy injection: bad, too big -validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM -validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS +validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE -validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS +validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS PSA validate entropy injection: before and after crypto_init run_entropy_inject_with_crypto_init: diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 4be2c5a34..2c069a9e3 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -6,6 +6,14 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +/* MAX value support macro */ +#if !defined(MAX) +#define MAX(a,b) (((a)>(b))?(a):(b)) +#endif + +/* Calculating the minimum allowed entropy size in bytes */ +#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -26,7 +34,7 @@ void validate_entropy_seed_injection( int seed_length_a, uint8_t *seed = NULL; int i; int seed_size; - if( seed_length_a > seed_length_b) + if( seed_length_a > seed_length_b ) { seed_size = seed_length_a; } @@ -35,23 +43,25 @@ void validate_entropy_seed_injection( int seed_length_a, seed_size = seed_length_b; } ASSERT_ALLOC( seed, seed_size ); - /* fill seed in some data */ - for( i = 0; i < seed_size; ++i) + /* fill seed with some data */ + for( i = 0; i < seed_size; ++i ) { seed[i] = i; } - its_status = psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); - TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); + its_status = psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || + ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); TEST_ASSERT( status == expected_status_a ); status = mbedtls_psa_inject_entropy( seed, seed_length_b ); TEST_ASSERT( status == expected_status_b ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 ); + TEST_ASSERT( psa_generate_random( output, + sizeof( output ) ) == PSA_SUCCESS ); + TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 ); exit: mbedtls_free( seed ); - psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); + psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -62,27 +72,31 @@ void run_entropy_inject_with_crypto_init( ) psa_its_status_t its_status; psa_status_t status; int i; - uint8_t seed[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0}; - /* fill seed in some data */ - for( i = 0; i < MBEDTLS_ENTROPY_BLOCK_SIZE; ++i) + uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; + /* fill seed with some data */ + for( i = 0; i < sizeof( seed ); ++i ) { seed[i] = i; } - its_status = psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); - TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) ); - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); + its_status = psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || + ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); + status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); TEST_ASSERT( status == PSA_SUCCESS ); - its_status = psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); + its_status = psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY ); + status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); + TEST_ASSERT( status == PSA_SUCCESS ); + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); mbedtls_psa_crypto_free( ); /* The seed is written by nv_seed callback functions therefore the injection will fail */ - status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); + status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID); + psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 1c66205df6ea46070adfb09a6490fc91c6e9a5b4 Mon Sep 17 00:00:00 2001 From: avolinski Date: Wed, 21 Nov 2018 16:54:09 +0200 Subject: [PATCH 0687/2197] Remove trailing space in psa_crypto.c --- library/psa_crypto.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc5532a00..9c85b7ce3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4289,7 +4289,6 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, /* You should not be here. Seed needs to be injected only once */ status = PSA_ERROR_NOT_PERMITTED; } - return( status ); } #endif From 0d2c266c06aea854a6b9d40790a9ab0879caff2d Mon Sep 17 00:00:00 2001 From: avolinski Date: Wed, 21 Nov 2018 17:31:07 +0200 Subject: [PATCH 0688/2197] change MBEDTLS_RANDOM_SEED_ITS define to be PSA_CRYPTO_ITS_RANDOM_SEED_UID --- include/psa/crypto_extra.h | 2 +- library/psa_crypto.c | 4 ++-- tests/suites/test_suite_psa_crypto_entropy.function | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 880e09c24..b6f5adc89 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -35,7 +35,7 @@ extern "C" { #endif /* UID for secure storage seed */ -#define MBEDTLS_RANDOM_SEED_ITS_UID 0xFFFFFF52 +#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 /** * \brief Library deinitialization. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9c85b7ce3..aefd3da14 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4276,12 +4276,12 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - its_status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info ); + its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); status = its_to_psa_error( its_status ); if( PSA_ITS_ERROR_KEY_NOT_FOUND == its_status ) /* No seed exists */ { - its_status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 ); + its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); status = its_to_psa_error( its_status ); } else if( PSA_ITS_SUCCESS == its_status ) diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 2c069a9e3..46c77e97c 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -48,7 +48,7 @@ void validate_entropy_seed_injection( int seed_length_a, { seed[i] = i; } - its_status = psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); @@ -61,7 +61,7 @@ void validate_entropy_seed_injection( int seed_length_a, TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 ); exit: mbedtls_free( seed ); - psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -78,12 +78,12 @@ void run_entropy_inject_with_crypto_init( ) { seed[i] = i; } - its_status = psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); TEST_ASSERT( status == PSA_SUCCESS ); - its_status = psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); status = psa_crypto_init( ); TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY ); @@ -96,7 +96,7 @@ void run_entropy_inject_with_crypto_init( ) status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID ); + psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From b309eec4a54dcc171c59d74c54ad3838e3537e61 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 20:56:14 +0100 Subject: [PATCH 0689/2197] Move library initialization tests to a new test suite --- tests/CMakeLists.txt | 1 + tests/suites/test_suite_psa_crypto.data | 9 ---- tests/suites/test_suite_psa_crypto.function | 36 ------------- tests/suites/test_suite_psa_crypto_init.data | 8 +++ .../test_suite_psa_crypto_init.function | 50 +++++++++++++++++++ 5 files changed, 59 insertions(+), 45 deletions(-) create mode 100644 tests/suites/test_suite_psa_crypto_init.data create mode 100644 tests/suites/test_suite_psa_crypto_init.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 95d60ff31..56ce9338a 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -113,6 +113,7 @@ add_test_suite(poly1305) add_test_suite(psa_crypto) add_test_suite(psa_crypto_entropy) add_test_suite(psa_crypto_hash) +add_test_suite(psa_crypto_init) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_storage_file) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e1c1b0545..1ce394e5a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,9 +1,6 @@ PSA compile-time sanity checks static_checks: -PSA init/deinit -init_deinit: - PSA fill 250 slots fill_slots:250 @@ -1829,12 +1826,6 @@ PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT -PSA validate module initialization: random -validate_module_init_generate_random: - -PSA validate module initialization: key based -validate_module_init_key_based: - persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 53295befa..2fa060b25 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -871,22 +871,6 @@ void static_checks( ) } /* END_CASE */ -/* BEGIN_CASE */ -void init_deinit( ) -{ - psa_status_t status; - int i; - for( i = 0; i <= 1; i++ ) - { - status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); - status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); - mbedtls_psa_crypto_free( ); - } -} -/* END_CASE */ - /* BEGIN_CASE */ void fill_slots( int max_arg ) { @@ -4018,26 +4002,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void validate_module_init_generate_random( ) -{ - psa_status_t status; - uint8_t random[10] = { 0 }; - status = psa_generate_random( random, sizeof( random ) ); - TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void validate_module_init_key_based( ) -{ - psa_status_t status; - uint8_t data[10] = { 0 }; - status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); - TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_key_load_key_from_storage( data_t *data, int type_arg, int bits, int usage_arg, diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data new file mode 100644 index 000000000..ad90c17cd --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -0,0 +1,8 @@ +PSA init/deinit +init_deinit: + +PSA validate module initialization: random +validate_module_init_generate_random: + +PSA validate module initialization: key based +validate_module_init_key_based: diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function new file mode 100644 index 000000000..4ac76a3a5 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -0,0 +1,50 @@ +/* BEGIN_HEADER */ +#include + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif +#include "psa/crypto.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void init_deinit( ) +{ + psa_status_t status; + int i; + for( i = 0; i <= 1; i++ ) + { + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); + mbedtls_psa_crypto_free( ); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void validate_module_init_generate_random( ) +{ + psa_status_t status; + uint8_t random[10] = { 0 }; + status = psa_generate_random( random, sizeof( random ) ); + TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void validate_module_init_key_based( ) +{ + psa_status_t status; + uint8_t data[10] = { 0 }; + status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); + TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); +} +/* END_CASE */ From 445e2257453520b3af895b62649415771d3f4bfc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 21:00:42 +0100 Subject: [PATCH 0690/2197] Test that deinit deactivates random generation and key slots --- tests/suites/test_suite_psa_crypto_init.data | 16 +++++++++----- .../test_suite_psa_crypto_init.function | 22 +++++++++++++++---- 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index ad90c17cd..61f067d06 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -1,8 +1,14 @@ PSA init/deinit -init_deinit: +init_deinit:2 -PSA validate module initialization: random -validate_module_init_generate_random: +No random without init +validate_module_init_generate_random:0 -PSA validate module initialization: key based -validate_module_init_key_based: +No key slot access without init +validate_module_init_key_based:0 + +No random after deinit +validate_module_init_generate_random:1 + +No key slot access after deinit +validate_module_init_key_based:1 diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 4ac76a3a5..7fccc13d2 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -14,11 +14,11 @@ */ /* BEGIN_CASE */ -void init_deinit( ) +void init_deinit( int count ) { psa_status_t status; int i; - for( i = 0; i <= 1; i++ ) + for( i = 0; i < count; i++ ) { status = psa_crypto_init( ); TEST_ASSERT( status == PSA_SUCCESS ); @@ -30,20 +30,34 @@ void init_deinit( ) /* END_CASE */ /* BEGIN_CASE */ -void validate_module_init_generate_random( ) +void validate_module_init_generate_random( int count ) { psa_status_t status; uint8_t random[10] = { 0 }; + int i; + for( i = 0; i < count; i++ ) + { + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); + mbedtls_psa_crypto_free( ); + } status = psa_generate_random( random, sizeof( random ) ); TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); } /* END_CASE */ /* BEGIN_CASE */ -void validate_module_init_key_based( ) +void validate_module_init_key_based( int count ) { psa_status_t status; uint8_t data[10] = { 0 }; + int i; + for( i = 0; i < count; i++ ) + { + status = psa_crypto_init( ); + TEST_ASSERT( status == PSA_SUCCESS ); + mbedtls_psa_crypto_free( ); + } status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); } From c6b6907066b016a2e2babb9ea6940d6a8c202575 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 21:42:52 +0100 Subject: [PATCH 0691/2197] Make library init and deinit more robust to errors Allow mbedtls_psa_crypto_free to be called twice, or without a prior call to psa_crypto_init. Keep track of the initialization state more precisely in psa_crypto_init so that mbedtls_psa_crypto_free knows what to do. --- library/psa_crypto.c | 51 ++++++++++++++----- tests/suites/test_suite_psa_crypto_init.data | 6 +++ .../test_suite_psa_crypto_init.function | 13 +++++ 3 files changed, 58 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 291dcdb0d..4c0ac1213 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -146,12 +146,21 @@ static int key_type_is_raw_bytes( psa_key_type_t type ) return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ); } +enum rng_state +{ + RNG_NOT_INITIALIZED = 0, + RNG_INITIALIZED, + RNG_SEEDED, +}; + typedef struct { - int initialized; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; + unsigned initialized : 1; + enum rng_state rng_state : 2; + unsigned key_slots_initialized : 1; } psa_global_data_t; static psa_global_data_t global_data; @@ -4433,18 +4442,26 @@ void mbedtls_psa_crypto_free( void ) psa_key_slot_t key; key_slot_t *slot; psa_status_t status; - - for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) + if( global_data.key_slots_initialized ) { - status = psa_get_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - continue; - psa_remove_key_data_from_memory( slot ); - /* Zeroize the slot to wipe metadata such as policies. */ - mbedtls_zeroize( slot, sizeof( *slot ) ); + for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) + { + status = psa_get_key_slot( key, &slot ); + if( status != PSA_SUCCESS ) + continue; + psa_remove_key_data_from_memory( slot ); + /* Zeroize the slot to wipe metadata such as policies. */ + mbedtls_zeroize( slot, sizeof( *slot ) ); + } } - mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); - mbedtls_entropy_free( &global_data.entropy ); + if( global_data.rng_state != RNG_NOT_INITIALIZED ) + { + mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); + mbedtls_entropy_free( &global_data.entropy ); + } + /* Wipe all remaining data, including configuration. + * In particular, this sets all state indicator to the value + * indicating "uninitialized". */ mbedtls_zeroize( &global_data, sizeof( global_data ) ); } @@ -4453,20 +4470,30 @@ psa_status_t psa_crypto_init( void ) int ret; const unsigned char drbg_seed[] = "PSA"; + /* Double initialization is explicitly allowed. */ if( global_data.initialized != 0 ) return( PSA_SUCCESS ); mbedtls_zeroize( &global_data, sizeof( global_data ) ); + + /* Initialize the random generator. */ mbedtls_entropy_init( &global_data.entropy ); mbedtls_ctr_drbg_init( &global_data.ctr_drbg ); - + global_data.rng_state = RNG_INITIALIZED; ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg, mbedtls_entropy_func, &global_data.entropy, drbg_seed, sizeof( drbg_seed ) - 1 ); if( ret != 0 ) goto exit; + global_data.rng_state = RNG_SEEDED; + /* Initialize the key slots. Zero-initialization has made all key + * slots empty, so there is nothing to do. In a future version we will + * load data from storage. */ + global_data.key_slots_initialized = 1; + + /* All done. */ global_data.initialized = 1; exit: diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index 61f067d06..e44111814 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -1,6 +1,12 @@ PSA init/deinit init_deinit:2 +PSA deinit without init +deinit_without_init:0 + +PSA deinit twice +deinit_without_init:1 + No random without init validate_module_init_generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 7fccc13d2..7cb10c0a1 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -29,6 +29,19 @@ void init_deinit( int count ) } /* END_CASE */ +/* BEGIN_CASE */ +void deinit_without_init( int count ) +{ + int i; + for( i = 0; i < count; i++ ) + { + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + mbedtls_psa_crypto_free( ); + } + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void validate_module_init_generate_random( int count ) { From 1d7195f71506d9b54e5abab768c005ff7d5bd0fa Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Thu, 22 Nov 2018 16:24:48 +0200 Subject: [PATCH 0692/2197] always compile mbedtls_psa_inject_entropy In case of dual core this function header must be enable for calling the SPM entropy inject function without any use of NV_SEED --- include/psa/crypto_extra.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b6f5adc89..b0ca76e73 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -48,7 +48,6 @@ extern "C" { void mbedtls_psa_crypto_free( void ); -#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) /** * \brief Inject an initial entropy seed for the random generator into * secure storage. @@ -89,6 +88,13 @@ void mbedtls_psa_crypto_free( void ); * * This is an Mbed TLS extension. * + * \note This function is only available on the following platforms: + * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and + * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you + * must provide compatible implementations of mbedtls_nv_seed_read + * and mbedtls_nv_seed_write. + * * In a client-server integration of PSA Cryptography, on the client side, + * if the server supports this feature. * \param seed[in] Buffer containing the seed value to inject. * \param seed_size Size of the \p seed buffer. * The size of the seed in bytes must be greater @@ -114,7 +120,6 @@ void mbedtls_psa_crypto_free( void ); psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, size_t seed_size); -#endif #ifdef __cplusplus } From 0cfaed18582d15103a6b267d65a66f826b0cd15d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Nov 2018 17:11:45 +0200 Subject: [PATCH 0693/2197] fix doxigen issue Co-Authored-By: netanelgonen --- include/psa/crypto_extra.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b0ca76e73..9e8f97c9d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -89,14 +89,14 @@ void mbedtls_psa_crypto_free( void ); * This is an Mbed TLS extension. * * \note This function is only available on the following platforms: - * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and - * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you - * must provide compatible implementations of mbedtls_nv_seed_read + * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and + * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you + * must provide compatible implementations of mbedtls_nv_seed_read * and mbedtls_nv_seed_write. - * * In a client-server integration of PSA Cryptography, on the client side, + * * In a client-server integration of PSA Cryptography, on the client side, * if the server supports this feature. - * \param seed[in] Buffer containing the seed value to inject. - * \param seed_size Size of the \p seed buffer. + * \param[in] seed Buffer containing the seed value to inject. + * \param[in] seed_size Size of the \p seed buffer. * The size of the seed in bytes must be greater * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM * and #MBEDTLS_ENTROPY_BLOCK_SIZE. From 26fd730876bf83169d7d02de08101c7c5fba5c5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 22 Oct 2018 12:14:52 +0200 Subject: [PATCH 0694/2197] Add config option for X.509/TLS to use PSA --- include/mbedtls/check_config.h | 4 ++++ include/mbedtls/config.h | 14 ++++++++++++++ library/version_features.c | 3 +++ scripts/config.pl | 3 +++ 4 files changed, 24 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 21bede707..508c00a8a 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -670,6 +670,10 @@ #endif #undef MBEDTLS_THREADING_IMPL +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_C) +#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C) #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c1619fbad..2341ef50f 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1616,6 +1616,20 @@ */ //#define MBEDTLS_THREADING_PTHREAD +/** + * \def MBEDTLS_USE_PSA_CRYPTO + * + * Make the X.509 and TLS library use PSA for cryptographic operations, see + * #MBEDTLS_PSA_CRYPTO_C. + * + * Note: this option is still in progress, the full X.509 and TLS modules are + * not covered yet, but parts that are not ported to PSA yet will still work + * as usual, so enabling this option should not break backwards compatibility. + * + * Requires: MBEDTLS_PSA_CRYPTO_C. + */ +//#define MBEDTLS_USE_PSA_CRYPTO + /** * \def MBEDTLS_VERSION_FEATURES * diff --git a/library/version_features.c b/library/version_features.c index 590f949f4..2bfcfc015 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -522,6 +522,9 @@ static const char *features[] = { #if defined(MBEDTLS_THREADING_PTHREAD) "MBEDTLS_THREADING_PTHREAD", #endif /* MBEDTLS_THREADING_PTHREAD */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + "MBEDTLS_USE_PSA_CRYPTO", +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_VERSION_FEATURES) "MBEDTLS_VERSION_FEATURES", #endif /* MBEDTLS_VERSION_FEATURES */ diff --git a/scripts/config.pl b/scripts/config.pl index 6d02ec05c..55f4b6e1c 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -36,6 +36,8 @@ # - this could be enabled if the respective tests were adapted # MBEDTLS_ZLIB_SUPPORT # MBEDTLS_PKCS11_C +# MBEDTLS_USE_PSA_CRYPTO +# - experimental, and more an alternative implementation than a feature # and any symbol beginning _ALT # @@ -99,6 +101,7 @@ MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_HAS_ITS_IO MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C +MBEDTLS_USE_PSA_CRYPTO _ALT\s*$ ); From dde444258192af79b3732c6dd8568633a0ba6601 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 30 Oct 2018 11:20:45 +0100 Subject: [PATCH 0695/2197] Add build using PSA to all.sh --- tests/scripts/all.sh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 43f1db600..b9e1e37bb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -573,6 +573,35 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_ msg "test: compat.sh ARIA + ChachaPoly" if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' +# USE_PSA: run the same set of tests as basic-build-test.sh +msg "build: cmake, full config + USE_PSA, ASan" +cleanup +cp "$CONFIG_H" "$CONFIG_BAK" +scripts/config.pl full +scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests +scripts/config.pl set MBEDTLS_PSA_CRYPTO_C +scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO +CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . +make + +msg "test: main suites (USE_PSA)" +make test + +msg "test: ssl-opt.sh (USE_PSA)" +if_build_succeeded tests/ssl-opt.sh + +msg "test: compat.sh default (USE_PSA)" +if_build_succeeded tests/compat.sh + +msg "test: compat.sh ssl3 (USE_PSA)" +if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' + +msg "test: compat.sh RC4, DES & NULL (USE_PSA)" +if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' + +msg "test: compat.sh ARIA + ChachaPoly (USE_PSA)" +if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' + msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s cleanup cp "$CONFIG_H" "$CONFIG_BAK" From 560aeaf26bd7a702fe43acf827cbe5f87c87e55b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 8 Nov 2018 13:32:02 +0000 Subject: [PATCH 0696/2197] Add internal header for PSA utility functions This commit adds the header file mbedtls/psa_util.h which contains static utility functions `mbedtls_psa_xxx()` used in the integration of PSA Crypto into Mbed TLS. Warning: These functions are internal only and may change at any time. --- include/mbedtls/psa_util.h | 162 +++++++++++++++++++++++++++++++++++++ 1 file changed, 162 insertions(+) create mode 100644 include/mbedtls/psa_util.h diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h new file mode 100644 index 000000000..03c55e166 --- /dev/null +++ b/include/mbedtls/psa_util.h @@ -0,0 +1,162 @@ +/** + * \file psa_compat.h + * + * \brief Utility functions for the use of the PSA Crypto library. + * + * \warning This function is not part of the public API and may + * change at any time. + */ +/* + * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_PSA_COMPAT_H) +#define MBEDTLS_PSA_COMPAT_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + +#include "psa/crypto.h" + +#include "ecp.h" +#include "md.h" + +static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) +{ + for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) + { + if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ) + { + *key = slot; + return( PSA_SUCCESS ); + } + } + return( PSA_ERROR_INSUFFICIENT_MEMORY ); +} + +static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) +{ + switch( md_alg ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( PSA_ALG_MD2 ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( PSA_ALG_MD4 ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( PSA_ALG_MD5 ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( PSA_ALG_SHA_1 ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( PSA_ALG_SHA_224 ); + case MBEDTLS_MD_SHA256: + return( PSA_ALG_SHA_256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( PSA_ALG_SHA_384 ); + case MBEDTLS_MD_SHA512: + return( PSA_ALG_SHA_512 ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( PSA_ALG_RIPEMD160 ); +#endif + case MBEDTLS_MD_NONE: /* Intentional fallthrough */ + default: + return( 0 ); + } +} + +static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) +{ + switch( grpid ) + { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + case MBEDTLS_ECP_DP_SECP192R1: + return( PSA_ECC_CURVE_SECP192R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + case MBEDTLS_ECP_DP_SECP224R1: + return( PSA_ECC_CURVE_SECP224R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + case MBEDTLS_ECP_DP_SECP256R1: + return( PSA_ECC_CURVE_SECP256R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + case MBEDTLS_ECP_DP_SECP384R1: + return( PSA_ECC_CURVE_SECP384R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + case MBEDTLS_ECP_DP_SECP521R1: + return( PSA_ECC_CURVE_SECP521R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + case MBEDTLS_ECP_DP_BP256R1: + return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + case MBEDTLS_ECP_DP_BP384R1: + return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + case MBEDTLS_ECP_DP_BP512R1: + return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: + return( PSA_ECC_CURVE_CURVE25519 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case MBEDTLS_ECP_DP_SECP192K1: + return( PSA_ECC_CURVE_SECP192K1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case MBEDTLS_ECP_DP_SECP224K1: + return( PSA_ECC_CURVE_SECP224K1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case MBEDTLS_ECP_DP_SECP256K1: + return( PSA_ECC_CURVE_SECP256K1 ); +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + case MBEDTLS_ECP_DP_CURVE448: + return( PSA_ECC_CURVE_CURVE448 ); +#endif + default: + return( 0 ); + } +} + +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#endif /* MBEDTLS_PSA_COMPAT_H */ From 28b9d3590480ddd1680c6d88cfb4ac551c5c5e84 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 09:29:12 +0000 Subject: [PATCH 0697/2197] Add PSA-to-Mbed TLS translations for cipher module --- include/mbedtls/psa_util.h | 73 +++++++++++++++++++++++++++++++++++++- 1 file changed, 72 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 03c55e166..f92f95087 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -41,6 +41,8 @@ #include "ecp.h" #include "md.h" +/* Slot allocation */ + static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) { for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) @@ -54,7 +56,74 @@ static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); } -static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) +/* Translations for symmetric crypto. */ + +static psa_key_type_t mbedtls_psa_translate_cipher_type( + mbedtls_cipher_type_t cipher ) +{ + switch( cipher ) + { + case MBEDTLS_CIPHER_AES_128_CCM: + case MBEDTLS_CIPHER_AES_192_CCM: + case MBEDTLS_CIPHER_AES_256_CCM: + case MBEDTLS_CIPHER_AES_128_GCM: + case MBEDTLS_CIPHER_AES_192_GCM: + case MBEDTLS_CIPHER_AES_256_GCM: + case MBEDTLS_CIPHER_AES_128_CBC: + case MBEDTLS_CIPHER_AES_192_CBC: + case MBEDTLS_CIPHER_AES_256_CBC: + return( PSA_KEY_TYPE_AES ); + + /* ARIA not yet supported in PSA. */ + /* case MBEDTLS_CIPHER_ARIA_128_CCM: + case MBEDTLS_CIPHER_ARIA_192_CCM: + case MBEDTLS_CIPHER_ARIA_256_CCM: + case MBEDTLS_CIPHER_ARIA_128_GCM: + case MBEDTLS_CIPHER_ARIA_192_GCM: + case MBEDTLS_CIPHER_ARIA_256_GCM: + case MBEDTLS_CIPHER_ARIA_128_CBC: + case MBEDTLS_CIPHER_ARIA_192_CBC: + case MBEDTLS_CIPHER_ARIA_256_CBC: + return( PSA_KEY_TYPE_ARIA ); */ + + default: + return( 0 ); + } +} + +static psa_algorithm_t mbedtls_psa_translate_cipher_mode( + mbedtls_cipher_mode_t mode ) +{ + switch( mode ) + { + case MBEDTLS_MODE_GCM: + return( PSA_ALG_GCM ); + case MBEDTLS_MODE_CCM: + return( PSA_ALG_CCM ); + case MBEDTLS_MODE_CBC: + return( PSA_ALG_CBC_NO_PADDING ); + default: + return( 0 ); + } +} + +static psa_key_usage_t mbedtls_psa_translate_cipher_operation( + mbedtls_cipher_operation_t op ) +{ + switch( op ) + { + case MBEDTLS_ENCRYPT: + return( PSA_KEY_USAGE_ENCRYPT ); + case MBEDTLS_DECRYPT: + return( PSA_KEY_USAGE_DECRYPT ); + default: + return( 0 ); + } +} + +/* Translations for hashing. */ + +psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) { switch( md_alg ) { @@ -96,6 +165,8 @@ static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) } } +/* Translations for ECC. */ + static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) { switch( grpid ) From 5f48818712054f2f5f018e04ca5d2906abfb150a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 10:18:57 +0000 Subject: [PATCH 0698/2197] Make PSA utility functions static inline Compilers warn about unused static functions. --- include/mbedtls/psa_util.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f92f95087..017c48e2a 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -43,7 +43,7 @@ /* Slot allocation */ -static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) +static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) { for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) { @@ -58,7 +58,7 @@ static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) /* Translations for symmetric crypto. */ -static psa_key_type_t mbedtls_psa_translate_cipher_type( +static inline psa_key_type_t mbedtls_psa_translate_cipher_type( mbedtls_cipher_type_t cipher ) { switch( cipher ) @@ -91,7 +91,7 @@ static psa_key_type_t mbedtls_psa_translate_cipher_type( } } -static psa_algorithm_t mbedtls_psa_translate_cipher_mode( +static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( mbedtls_cipher_mode_t mode ) { switch( mode ) @@ -107,8 +107,8 @@ static psa_algorithm_t mbedtls_psa_translate_cipher_mode( } } -static psa_key_usage_t mbedtls_psa_translate_cipher_operation( - mbedtls_cipher_operation_t op ) +static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( + mbedtls_operation_t op ) { switch( op ) { @@ -123,7 +123,7 @@ static psa_key_usage_t mbedtls_psa_translate_cipher_operation( /* Translations for hashing. */ -psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) +static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) { switch( md_alg ) { @@ -167,7 +167,7 @@ psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) /* Translations for ECC. */ -static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) +static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) { switch( grpid ) { From eba99931710083543a842827609ae59c011a6761 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 13:18:45 +0000 Subject: [PATCH 0699/2197] Initialize PSA Crypto implementation at the start of each test suite --- tests/suites/main_test.function | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 2ba919ce0..8bd408ca9 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -25,6 +25,9 @@ #include MBEDTLS_CONFIG_FILE #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /*----------------------------------------------------------------------------*/ /* Common helper code */ @@ -221,8 +224,22 @@ int main( int argc, const char *argv[] ) ret ); return( -1 ); } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + { + psa_status_t status; + status = psa_crypto_init(); + if( status != PSA_SUCCESS ) + { + mbedtls_fprintf( stderr, + "FATAL: Failed to initialize PSA Crypto - error %d\n", + status ); + return( -1 ); + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + ret = execute_tests( argc, argv ); platform_teardown(); return( ret ); } - From 50955d1c18e79b0234e5f0192a76aeac2902c0d6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 17:46:59 +0000 Subject: [PATCH 0700/2197] Initialize PSA Crypto implementation in ssl_client2.c --- programs/ssl/ssl_client2.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 15c778d31..87b9ab1bd 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -59,6 +59,10 @@ int main( void ) #include "mbedtls/debug.h" #include "mbedtls/timing.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + #include #include #include @@ -555,6 +559,9 @@ int main( int argc, char *argv[] ) #endif char *p, *q; const int *list; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; +#endif /* * Make sure memory references are valid. @@ -573,6 +580,17 @@ int main( int argc, char *argv[] ) memset( (void * ) alpn_list, 0, sizeof( alpn_list ) ); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = psa_crypto_init(); + if( status != PSA_SUCCESS ) + { + mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif + if( argc == 0 ) { usage: From 06b6f34e9f668e34e01e4c75bc90e6ee445cb0db Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 17:47:48 +0000 Subject: [PATCH 0701/2197] Initialize PSA Crypto implementation in ssl_server2 --- programs/ssl/ssl_server2.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index efda65d23..1c6ccaef1 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -60,6 +60,10 @@ int main( void ) #include "mbedtls/debug.h" #include "mbedtls/timing.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + #include #include #include @@ -1238,6 +1242,9 @@ int main( int argc, char *argv[] ) int i; char *p, *q; const int *list; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; +#endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); @@ -1277,6 +1284,17 @@ int main( int argc, char *argv[] ) mbedtls_ssl_cookie_init( &cookie_ctx ); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = psa_crypto_init(); + if( status != PSA_SUCCESS ) + { + mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif + #if !defined(_WIN32) /* Abort cleanly on SIGTERM and SIGINT */ signal( SIGTERM, term_handler ); From 639a4320ca6d46acdce14c6069b4bd29460bb35c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 13 Nov 2018 21:01:41 +0000 Subject: [PATCH 0702/2197] Fix Doxygen annotation in psa_util.h --- include/mbedtls/psa_util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 017c48e2a..224432ea1 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -1,5 +1,5 @@ /** - * \file psa_compat.h + * \file psa_util.h * * \brief Utility functions for the use of the PSA Crypto library. * From 14f78b03bb6460d1ef3735b4b9b29a939c7de8d2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 09:37:19 +0000 Subject: [PATCH 0703/2197] Add function to translate PSA errors to PK module errors --- include/mbedtls/psa_util.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 224432ea1..d9f1be49d 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -40,6 +40,7 @@ #include "ecp.h" #include "md.h" +#include "pk.h" /* Slot allocation */ @@ -228,6 +229,31 @@ static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group } } +/* Translations for PK layer */ + +static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) +{ + switch( status ) + { + case PSA_SUCCESS: + return( 0 ); + case PSA_ERROR_NOT_SUPPORTED: + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + case PSA_ERROR_INSUFFICIENT_MEMORY: + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + case PSA_ERROR_COMMUNICATION_FAILURE: + case PSA_ERROR_HARDWARE_FAILURE: + case PSA_ERROR_TAMPERING_DETECTED: + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + case PSA_ERROR_INSUFFICIENT_ENTROPY: + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + case PSA_ERROR_BAD_STATE: + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + default: /* should never happen */ + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + } +} + #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_PSA_COMPAT_H */ From dec64735e2924ff581b0341cf24d350e9fbdcfaf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 15:48:57 +0000 Subject: [PATCH 0704/2197] Add AEAD tag length parameter to mbedtls_psa_translate_cipher_mode() In case of AEAD ciphers, the cipher mode (and not even the entire content of mbedtls_cipher_info_t) doesn't uniquely determine a psa_algorithm_t because it doesn't specify the AEAD tag length, which however is included in psa_algorithm_t identifiers. This commit adds a tag length value to mbedtls_psa_translate_cipher_mode() to account for that ambiguity. --- include/mbedtls/psa_util.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index d9f1be49d..f66635cc4 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -93,16 +93,18 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( } static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( - mbedtls_cipher_mode_t mode ) + mbedtls_cipher_mode_t mode, size_t taglen ) { switch( mode ) { case MBEDTLS_MODE_GCM: - return( PSA_ALG_GCM ); + return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) ); case MBEDTLS_MODE_CCM: - return( PSA_ALG_CCM ); + return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) ); case MBEDTLS_MODE_CBC: - return( PSA_ALG_CBC_NO_PADDING ); + if( taglen == 0 ) + return( PSA_ALG_CBC_NO_PADDING ); + /* Intentional fallthrough for taglen != 0 */ default: return( 0 ); } From 4d9e1e0ac4217a5a5288f98effa0438b71b95b75 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 15:01:22 +0000 Subject: [PATCH 0705/2197] Improve documentation of mbedtls_psa_err_translate_pk() --- include/mbedtls/psa_util.h | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f66635cc4..41c0e2b30 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -243,15 +243,18 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); case PSA_ERROR_INSUFFICIENT_MEMORY: return( MBEDTLS_ERR_PK_ALLOC_FAILED ); - case PSA_ERROR_COMMUNICATION_FAILURE: - case PSA_ERROR_HARDWARE_FAILURE: - case PSA_ERROR_TAMPERING_DETECTED: - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); case PSA_ERROR_INSUFFICIENT_ENTROPY: return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); case PSA_ERROR_BAD_STATE: return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - default: /* should never happen */ + /* All other failures */ + case PSA_ERROR_COMMUNICATION_FAILURE: + case PSA_ERROR_HARDWARE_FAILURE: + case PSA_ERROR_TAMPERING_DETECTED: + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + default: /* We return the same as for the 'other failures', + * but list them separately nonetheless to indicate + * which failure conditions we have considered. */ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); } } From 77030426a0600297342f29d7f7fea9e11fff23bc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 18 Nov 2018 07:16:46 +0000 Subject: [PATCH 0706/2197] Update VisualC files --- visualc/VS2010/mbedTLS.vcxproj | 1 + 1 file changed, 1 insertion(+) diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 5d57a7504..6535d483a 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -204,6 +204,7 @@ + From 56a78dd4adb8aafb4c0ab0d99dd71942016f079a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 09:46:26 +0000 Subject: [PATCH 0707/2197] State explicitly that any API depending on PSA is unstable --- include/mbedtls/config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2341ef50f..1f37d0843 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1626,6 +1626,10 @@ * not covered yet, but parts that are not ported to PSA yet will still work * as usual, so enabling this option should not break backwards compatibility. * + * \warning Support for PSA is still an experimental feature. + * Any public API that depends on this option may change + * at any time until this warning is removed. + * * Requires: MBEDTLS_PSA_CRYPTO_C. */ //#define MBEDTLS_USE_PSA_CRYPTO From 47a6291445f0c38fbaac5bf0455a88c3c273f045 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 15:14:21 +0000 Subject: [PATCH 0708/2197] Use MBEDTLS_PSA_UTIL_H instead of MBEDTLS_PSA_COMPAT_H in psa_util.h This is still an artifact from when psa_util.h was called psa_compat.h. --- include/mbedtls/psa_util.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 41c0e2b30..4a0c87ccf 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -25,8 +25,8 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ -#if !defined(MBEDTLS_PSA_COMPAT_H) -#define MBEDTLS_PSA_COMPAT_H +#ifndef MBEDTLS_PSA_UTIL_H +#define MBEDTLS_PSA_UTIL_H #if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" @@ -261,4 +261,4 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_PSA_COMPAT_H */ +#endif /* MBEDTLS_PSA_UTIL_H */ From fc359fd837db38ad6039afac96d78c0c94a21010 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 15:15:01 +0000 Subject: [PATCH 0709/2197] Remove double white space --- include/mbedtls/psa_util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 4a0c87ccf..576613309 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -48,7 +48,7 @@ static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) { for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) { - if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ) + if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ) { *key = slot; return( PSA_SUCCESS ); From 12bd57b8c8868db16ce4d2872629a79e9078aaf3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 15:16:12 +0000 Subject: [PATCH 0710/2197] Refer to PSA through MBEDTLS_USE_PSA_CRYPTO, not USE_PSA, in all.sh --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b9e1e37bb..6af13e660 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -573,8 +573,8 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_ msg "test: compat.sh ARIA + ChachaPoly" if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' -# USE_PSA: run the same set of tests as basic-build-test.sh -msg "build: cmake, full config + USE_PSA, ASan" +# MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh +msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan" cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full @@ -584,22 +584,22 @@ scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make -msg "test: main suites (USE_PSA)" +msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)" make test -msg "test: ssl-opt.sh (USE_PSA)" +msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded tests/ssl-opt.sh -msg "test: compat.sh default (USE_PSA)" +msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded tests/compat.sh -msg "test: compat.sh ssl3 (USE_PSA)" +msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' -msg "test: compat.sh RC4, DES & NULL (USE_PSA)" +msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' -msg "test: compat.sh ARIA + ChachaPoly (USE_PSA)" +msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)" if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s From 866fc7e3a7bbf201bb3111e1233480425d7a2e68 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Oct 2018 15:28:02 +0100 Subject: [PATCH 0711/2197] Add API for configuration of opaque PSK This commit adds two public API functions mbedtls_ssl_conf_psk_opaque() mbedtls_ssl_set_hs_psk_opaque() which allow to configure the use of opaque, PSA-maintained PSKs at configuration time or run time. --- include/mbedtls/ssl.h | 130 +++++++++++++++++++++++++++++++++--------- 1 file changed, 104 insertions(+), 26 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 55b206fae..5008950a0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2057,68 +2057,146 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /** - * \brief Set the Pre Shared Key (PSK) and the expected identity name + * \brief Configure a pre-shared key (PSK) and identity + * to be used in PSK-based ciphersuites. * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. * - * \note Currently clients can only register one pre-shared key. - * In other words, the servers' identity hint is ignored. + * \warning Currently, clients can only register a single pre-shared key. + * Calling this function or mbedtls_ssl_conf_opaque_psk() more + * than once will overwrite values configured in previous calls. * Support for setting multiple PSKs on clients and selecting - * one based on the identity hint is not a planned feature but - * feedback is welcomed. + * one based on the identity hint is not a planned feature, + * but feedback is welcomed. * - * \param conf SSL configuration - * \param psk pointer to the pre-shared key - * \param psk_len pre-shared key length - * \param psk_identity pointer to the pre-shared key identity - * \param psk_identity_len identity key length + * \param conf The SSL configuration to register the PSK with. + * \param psk The pointer to the pre-shared key to use. + * \param psk_len The length of the pre-shared key in bytes. + * \param psk_identity The pointer to the pre-shared key identity. + * \param psk_identity_len The length of the pre-shared key identity + * in bytes. * - * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED + * \note The PSK and its identity are copied internally and + * hence need not be preserved by the caller for the lifetime + * of the SSL configuration. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief Configure an opaque pre-shared key (PSK) and identity + * to be used in PSK-based ciphersuites. + * + * \note This is mainly useful for clients. Servers will usually + * want to use \c mbedtls_ssl_conf_psk_cb() instead. + * + * \warning Currently, clients can only register a single pre-shared key. + * Calling this function or mbedtls_ssl_conf_psk() more than + * once will overwrite values configured in previous calls. + * Support for setting multiple PSKs on clients and selecting + * one based on the identity hint is not a planned feature, + * but feedback is welcomed. + * + * \param conf The SSL configuration to register the PSK with. + * \param psk The identifier of the key slot holding the PSK. + * Until \p conf is destroyed or this function is successfully + * again, the key slot \p psk must be populated with a key of + * type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows + * its use for the key derivation algorithm applied in the + * handshake. + * \param psk_identity The pointer to the pre-shared key identity. + * \param psk_identity_len The length of the pre-shared key identity + * in bytes. + * + * \note The PSK identity hint is copied internally and hence need + * not be preserved by the caller for the lifetime of the + * SSL configuration. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + */ +int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, + psa_key_slot_t psk, + const unsigned char *psk_identity, + size_t psk_identity_len ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /** - * \brief Set the Pre Shared Key (PSK) for the current handshake + * \brief Set the pre-shared Key (PSK) for the current handshake. * * \note This should only be called inside the PSK callback, - * ie the function passed to \c mbedtls_ssl_conf_psk_cb(). + * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb(). * - * \param ssl SSL context - * \param psk pointer to the pre-shared key - * \param psk_len pre-shared key length + * \param ssl The SSL context to configure a PSK for. + * \param psk The pointer to the pre-shared key. + * \param psk_len The length of the pre-shared key in bytes. * - * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, const unsigned char *psk, size_t psk_len ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief Set an opaque pre-shared Key (PSK) for the current handshake. + * + * \note This should only be called inside the PSK callback, + * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb(). + * + * \param ssl The SSL context to configure a PSK for. + * \param psk The identifier of the key slot holding the PSK. + * For the duration of the current handshake, the key slot + * must be populated with a key of type + * #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its + * use for the key derivation algorithm + * applied in the handshake. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + */ +int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, + psa_key_slot_t psk ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /** * \brief Set the PSK callback (server-side only). * * If set, the PSK callback is called for each - * handshake where a PSK ciphersuite was negotiated. + * handshake where a PSK-based ciphersuite was negotiated. * The caller provides the identity received and wants to * receive the actual PSK data and length. * - * The callback has the following parameters: (void *parameter, - * mbedtls_ssl_context *ssl, const unsigned char *psk_identity, - * size_t identity_len) + * The callback has the following parameters: + * - \c void*: The opaque pointer \p p_psk. + * - \c mbedtls_ssl_context*: The SSL context to which + * the operation applies. + * - \c const unsigned char*: The PSK identity + * selected by the client. + * - \c size_t: The length of the PSK identity + * selected by the client. + * * If a valid PSK identity is found, the callback should use - * \c mbedtls_ssl_set_hs_psk() on the ssl context to set the - * correct PSK and return 0. + * \c mbedtls_ssl_set_hs_psk() or + * \c mbedtls_ssl_set_hs_psk_opaque() + * on the SSL context to set the correct PSK and return \c 0. * Any other return value will result in a denied PSK identity. * * \note If you set a PSK callback using this function, then you * don't need to set a PSK key and identity using * \c mbedtls_ssl_conf_psk(). * - * \param conf SSL configuration - * \param f_psk PSK identity function - * \param p_psk PSK identity parameter + * \param conf The SSL configuration to register the callback with. + * \param f_psk The callback for selecting and setting the PSK based + * in the PSK identity chosen by the client. + * \param p_psk A pointer to an opaque structure to be passed to + * the callback, for example a PSK store. */ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, From ce620dd8b0deb7092ff9287cc87e91c882e15fd0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Oct 2018 15:29:46 +0100 Subject: [PATCH 0712/2197] Add opaque PSK identifier to mbedtls_ssl_handshake_params This commit adds a field `psk_opaque` to the handshake parameter struct `mbedtls_ssl_handshake_params` which indicates if the user has configured the use of an opaque PSK. --- include/mbedtls/ssl_internal.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 97abb9f90..318d13fd8 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -283,9 +283,12 @@ struct mbedtls_ssl_handshake_params const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_slot_t psk_opaque; /*!< Opaque PSK from the callback */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char *psk; /*!< PSK from the callback */ size_t psk_len; /*!< Length of PSK from callback */ -#endif +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) From b94493cbc5c8f70003483cf5f3502067761ff347 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Oct 2018 15:31:03 +0100 Subject: [PATCH 0713/2197] Add opaque PSK identifier to SSL configuration --- include/mbedtls/ssl.h | 48 +++++++++++++++++++++++++++++++------------ 1 file changed, 35 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5008950a0..171803f75 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -65,6 +65,10 @@ #include "platform_time.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * SSL Error codes */ @@ -923,19 +927,37 @@ struct mbedtls_ssl_config #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - unsigned char *psk; /*!< pre-shared key. This field should - only be set via - mbedtls_ssl_conf_psk() */ - size_t psk_len; /*!< length of the pre-shared key. This - field should only be set via - mbedtls_ssl_conf_psk() */ - unsigned char *psk_identity; /*!< identity for PSK negotiation. This - field should only be set via - mbedtls_ssl_conf_psk() */ - size_t psk_identity_len;/*!< length of identity. This field should - only be set via - mbedtls_ssl_conf_psk() */ -#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_slot_t psk_opaque; /*!< PSA key slot holding opaque PSK. + * This field should only be set via + * mbedtls_ssl_conf_psk_opaque(). + * If either no PSK or a raw PSK have + * been configured, this has value \c 0. */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + unsigned char *psk; /*!< The raw pre-shared key. This field should + * only be set via mbedtls_ssl_conf_psk(). + * If either no PSK or an opaque PSK + * have been configured, this has value NULL. */ + size_t psk_len; /*!< The length of the raw pre-shared key. + * This field should only be set via + * mbedtls_ssl_conf_psk(). + * Its value is non-zero if and only if + * \c psk is not \c NULL. */ + + unsigned char *psk_identity; /*!< The PSK identity for PSK negotiation. + * This field should only be set via + * mbedtls_ssl_conf_psk(). + * This is set if and only if either + * \c psk or \c psk_opaque are set. */ + size_t psk_identity_len;/*!< The length of PSK identity. + * This field should only be set via + * mbedtls_ssl_conf_psk(). + * Its value is non-zero if and only if + * \c psk is not \c NULL or \c psk_opaque + * is not \c 0. */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) const char **alpn_list; /*!< ordered list of protocols */ From c6b8d400a0ba6516bee41a79130c568bfa46346d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Oct 2018 15:31:26 +0100 Subject: [PATCH 0714/2197] Implement API for configuration of opaque PSKs This commit adds implementations of the two new API functions mbedtls_ssl_conf_psk_opaque() mbedtls_ssl_set_hs_psk_opaque(). --- library/ssl_tls.c | 116 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 95 insertions(+), 21 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 82e65251f..2150c03d1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7326,6 +7326,37 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + +static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) +{ + /* Remove reference to existing PSK, if any. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( conf->psk_opaque != 0 ) + { + /* The maintenance of the PSK key slot is the + * user's responsibility. */ + conf->psk_opaque = 0; + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( conf->psk != NULL ) + { + mbedtls_platform_zeroize( conf->psk, conf->psk_len ); + + mbedtls_free( conf->psk ); + conf->psk = NULL; + conf->psk_len = 0; + } + + /* Remove reference to PSK identity, if any. */ + if( conf->psk_identity != NULL ) + { + mbedtls_free( conf->psk_identity ); + conf->psk_identity = NULL; + conf->psk_identity_len = 0; + } +} + int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len ) @@ -7343,20 +7374,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); - - mbedtls_free( conf->psk ); - conf->psk = NULL; - conf->psk_len = 0; - } - if( conf->psk_identity != NULL ) - { - mbedtls_free( conf->psk_identity ); - conf->psk_identity = NULL; - conf->psk_identity_len = 0; - } + ssl_conf_remove_psk( conf ); if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL || ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL ) @@ -7377,6 +7395,24 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, return( 0 ); } +static void ssl_remove_psk( mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ssl->handshake->psk_opaque != 0 ) + { + ssl->handshake->psk_opaque = 0; + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ssl->handshake->psk != NULL ) + { + mbedtls_platform_zeroize( ssl->handshake->psk, + ssl->handshake->psk_len ); + mbedtls_free( ssl->handshake->psk ); + ssl->handshake->psk_len = 0; + } +} + int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, const unsigned char *psk, size_t psk_len ) { @@ -7386,13 +7422,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, if( psk_len > MBEDTLS_PSK_MAX_LEN ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( ssl->handshake->psk != NULL ) - { - mbedtls_platform_zeroize( ssl->handshake->psk, - ssl->handshake->psk_len ); - mbedtls_free( ssl->handshake->psk ); - ssl->handshake->psk_len = 0; - } + ssl_remove_psk( ssl ); if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); @@ -7403,6 +7433,50 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, return( 0 ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, + psa_key_slot_t psk_slot, + const unsigned char *psk_identity, + size_t psk_identity_len ) +{ + if( psk_slot == 0 || psk_identity == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + /* Identity len will be encoded on two bytes */ + if( ( psk_identity_len >> 16 ) != 0 || + psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + ssl_conf_remove_psk( conf ); + + if( ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL ) + { + mbedtls_free( conf->psk_identity ); + conf->psk_identity = NULL; + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + conf->psk_identity_len = psk_identity_len; + memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); + + conf->psk_opaque = psk_slot; + return( 0 ); +} + +int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, + psa_key_slot_t psk_slot ) +{ + if( psk_slot == 0 || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + ssl_remove_psk( ssl ); + ssl->handshake->psk_opaque = psk_slot; + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t), From fac92db771c73f4d2f9c354fc05e80868dcf60a4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 11:37:50 +0100 Subject: [PATCH 0715/2197] Add support for opaque PSKs in ssl_client2 example program This commit adds support for the use of PSA-based opaque PSKs in the TLS client example application programs/ssl/ssl_client2. Specifically, a numerical command line option `psk_slot` with the following constraints and semantics is added: - It can only be used alongside the provisioning of a raw PSK through the preexisting `psk` command line option. - It can only be used if both TLS 1.2 and a PSK-only ciphersuite are enforced through the appropriate use of the `min_version` and `force_ciphersuite` command line options. - If the previous conditions are met, setting `psk_slot=d` will result in the PSA key slot with identifier `d` being populated with the raw PSK data specified through the `psk` parameter and passed to Mbed TLS via `mbedtls_ssl_conf_psk_opaque()` prior to the handshake. Enforcing the TLS version and ciphersuite is necessary to determine the exact KDF algorithm the PSK will be used for. This is required as it is currently not possible to set up a key without specifying exactly one algorithm the key may be used with. --- programs/ssl/ssl_client2.c | 219 +++++++++++++++++++++++++++---------- 1 file changed, 163 insertions(+), 56 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 87b9ab1bd..51a0c3f5b 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -85,6 +85,7 @@ int main( void ) #define DFL_CRT_FILE "" #define DFL_KEY_FILE "" #define DFL_PSK "" +#define DFL_PSK_SLOT 0 #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL #define DFL_EC_MAX_OPS -1 @@ -139,9 +140,23 @@ int main( void ) #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#define USAGE_PSK \ +#define USAGE_PSK_RAW \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define USAGE_PSK_SLOT \ + " psk_slot=%%d default: 0\n" \ + " An empty key slot identifier to be used to hold the PSK.\n" \ + " Note: Currently only supported in conjunction with\n" \ + " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ + " to force a particular PSK-only ciphersuite.\n" \ + " Note: This is to test integration of PSA-based opaque PSKs with\n" \ + " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ + " with prepopulated key slots instead of importing raw key material.\n" +#else +#define USAGE_PSK_SLOT "" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT #else #define USAGE_PSK "" #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ @@ -337,6 +352,9 @@ struct options const char *ca_path; /* the path with the CA certificate(s) reside */ const char *crt_file; /* the file with the client certificate */ const char *key_file; /* the file with the client key */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + int psk_slot; +#endif const char *psk; /* the pre-shared key */ const char *psk_identity; /* the pre-shared key identity */ const char *ecjpake_pw; /* the EC J-PAKE password */ @@ -540,6 +558,13 @@ int main( int argc, char *argv[] ) const char *pers = "ssl_client2"; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_slot_t slot; + psa_algorithm_t alg = 0; + psa_key_policy_t policy; + psa_status_t status; +#endif + #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; #endif @@ -559,9 +584,6 @@ int main( int argc, char *argv[] ) #endif char *p, *q; const int *list; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_status_t status; -#endif /* * Make sure memory references are valid. @@ -628,6 +650,9 @@ int main( int argc, char *argv[] ) opt.crt_file = DFL_CRT_FILE; opt.key_file = DFL_KEY_FILE; opt.psk = DFL_PSK; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + opt.psk_slot = DFL_PSK_SLOT; +#endif opt.psk_identity = DFL_PSK_IDENTITY; opt.ecjpake_pw = DFL_ECJPAKE_PW; opt.ec_max_ops = DFL_EC_MAX_OPS; @@ -728,6 +753,10 @@ int main( int argc, char *argv[] ) opt.key_file = q; else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + else if( strcmp( p, "psk_slot" ) == 0 ) + opt.psk_slot = atoi( q ); +#endif else if( strcmp( p, "psk_identity" ) == 0 ) opt.psk_identity = q; else if( strcmp( p, "ecjpake_pw" ) == 0 ) @@ -1012,57 +1041,6 @@ int main( int argc, char *argv[] ) mbedtls_debug_set_threshold( opt.debug_level ); #endif - if( opt.force_ciphersuite[0] > 0 ) - { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); - - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); - ret = 2; - goto usage; - } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); - ret = 2; - goto usage; - } - - /* If the server selects a version that's not supported by - * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { - opt.max_version = ciphersuite_info->max_minor_ver; - } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { - opt.min_version = ciphersuite_info->min_minor_ver; - /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - - /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { - mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" ); - ret = 2; - goto usage; - } - - opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; - } - } - #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * Unhexify the pre-shared key if any is given @@ -1113,6 +1091,101 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + if( opt.psk == NULL ) + { + mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + ret = 2; + goto usage; + } + + if( opt.force_ciphersuite[0] <= 0 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if( opt.force_ciphersuite[0] > 0 ) + { + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + ciphersuite_info = + mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + + if( opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version ) + { + mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + ret = 2; + goto usage; + } + if( opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version ) + { + mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + ret = 2; + goto usage; + } + + /* If the server selects a version that's not supported by + * this suite, then there will be no common ciphersuite... */ + if( opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver ) + { + opt.max_version = ciphersuite_info->max_minor_ver; + } + if( opt.min_version < ciphersuite_info->min_minor_ver ) + { + opt.min_version = ciphersuite_info->min_minor_ver; + /* DTLS starts with TLS 1.1 */ + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } + + /* Enable RC4 if needed and not explicitly disabled */ + if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + { + if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) + { + mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" ); + ret = 2; + goto usage; + } + + opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + /* Ensure that the chosen ciphersuite is PSK-only; we must know + * the ciphersuite in advance to set the correct policy for the + * PSK key slot. This limitation might go away in the future. */ + if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || + opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + + /* Determine KDF algorithm the opaque PSK will be used in. */ +#if defined(MBEDTLS_SHA512_C) + if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); + else +#endif /* MBEDTLS_SHA512_C */ + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + } + #if defined(MBEDTLS_ECP_C) if( opt.curves != NULL ) { @@ -1484,6 +1557,40 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + /* The algorithm has already been determined earlier. */ + slot = (psa_key_slot_t) opt.psk_slot; + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + + status = psa_set_key_policy( slot, &policy ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret ); + goto exit; + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ) ) != 0 ) @@ -1492,7 +1599,7 @@ int main( int argc, char *argv[] ) ret ); goto exit; } -#endif +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ if( opt.min_version != DFL_MIN_VERSION ) mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, From a5ce0fd77f51651f8bd1a7fe4c423ee7f87edaa3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 11:54:44 +0100 Subject: [PATCH 0716/2197] Don't suggest the use of a PSK suite if no PSK configured on client --- library/ssl_cli.c | 38 +++++++++++++++++++++++++++++++++++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index ff576f3a8..70ce90f75 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -51,6 +51,27 @@ #include "mbedtls/platform_util.h" #endif +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_conf_has_psk( mbedtls_ssl_config const *conf ) +{ + if( conf->psk_identity == NULL || + conf->psk_identity_len == 0 ) + { + return( 0 ); + } + + if( conf->psk != NULL && conf->psk_len != 0 ) + return( 1 ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( conf->psk_opaque != 0 ) + return( 1 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -754,6 +775,15 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf return( 1 ); #endif + /* Don't suggest PSK-based ciphersuite if no PSK is available. */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && + ssl_conf_has_psk( ssl ) == 0 ) + { + return( 1 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + return( 0 ); } @@ -3007,10 +3037,12 @@ ecdh_calc_secret: /* * opaque psk_identity<0..2^16-1>; */ - if( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ) + if( ssl_conf_has_psk( ssl ) == 0 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for PSK" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + /* We don't offer PSK suites if we don't have a PSK, + * and we check that the server's choice is among the + * ciphersuites we offered, so this should never happen. */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } i = 4; From a32400bc6b991ee64b6ae56b0a539b3a9e5288b0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 11:59:34 +0100 Subject: [PATCH 0717/2197] Allow opaque PSKs in pure-PSK ciphersuites only In contrast, RSA-PSK, ECDHE-PSK and DHE-PSK are explicitly excluded for the moment. --- library/ssl_cli.c | 39 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 70ce90f75..90cafebe8 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -70,6 +70,23 @@ static int ssl_conf_has_psk( mbedtls_ssl_config const *conf ) return( 0 ); } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int ssl_conf_has_raw_psk( mbedtls_ssl_config const *conf ) +{ + if( conf->psk_identity == NULL || + conf->psk_identity_len == 0 ) + { + return( 0 ); + } + + if( conf->psk != NULL && conf->psk_len != 0 ) + return( 1 ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -778,7 +795,7 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf /* Don't suggest PSK-based ciphersuite if no PSK is available. */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_psk( ssl ) == 0 ) + ssl_conf_has_psk( ssl->conf ) == 0 ) { return( 1 ); } @@ -3037,7 +3054,7 @@ ecdh_calc_secret: /* * opaque psk_identity<0..2^16-1>; */ - if( ssl_conf_has_psk( ssl ) == 0 ) + if( ssl_conf_has_psk( ssl->conf ) == 0 ) { /* We don't offer PSK suites if we don't have a PSK, * and we check that the server's choice is among the @@ -3071,6 +3088,12 @@ ecdh_calc_secret: #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only suites. */ + if( ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 ) return( ret ); } @@ -3079,6 +3102,12 @@ ecdh_calc_secret: #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only suites. */ + if( ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * ClientDiffieHellmanPublic public (DHM send G^X mod P) */ @@ -3109,6 +3138,12 @@ ecdh_calc_secret: #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only suites. */ + if( ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * ClientECDiffieHellmanPublic public; */ From 1e414e5d1d597c806dbde125a187df9af49a4d36 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 12:10:41 +0100 Subject: [PATCH 0718/2197] Simplify master secret derivation in mbedtls_ssl_derive_keys() --- library/ssl_tls.c | 78 +++++++++++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 33 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2150c03d1..4c0d0c17e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -621,6 +621,10 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) const mbedtls_cipher_info_t *cipher_info; const mbedtls_md_info_t *md_info; +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + unsigned char session_hash[48]; +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + mbedtls_ssl_session *session = ssl->session_negotiate; mbedtls_ssl_transform *transform = ssl->transform_negotiate; mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -700,56 +704,62 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) * TLSv1+: * master = PRF( premaster, "master secret", randbytes )[0..47] */ - if( handshake->resume == 0 ) + if( handshake->resume != 0 ) { - MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster, - handshake->pmslen ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); + } + else + { + /* The label for the KDF used for key expansion. + * This is either "master secret" or "extended master secret" + * depending on whether the Extended Master Secret extension + * is used. */ + char const *lbl = "master secret"; + + /* The salt for the KDF used for key expansion. + * - If the Extended Master Secret extension is not used, + * this is ClientHello.Random + ServerHello.Random + * (see Sect. 8.1 in RFC 5246). + * - If the Extended Master Secret extension is used, + * this is the transcript of the handshake so far. + * (see Sect. 4 in RFC 7627). */ + unsigned char const *salt = handshake->randbytes; + size_t salt_len = 64; + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + mbedtls_md_type_t const md_type = ciphersuite_info->mac; +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) { - unsigned char session_hash[48]; - size_t hash_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) ); + lbl = "extended master secret"; + salt = session_hash; ssl->handshake->calc_verify( ssl, session_hash ); - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { #if defined(MBEDTLS_SHA512_C) - if( ssl->transform_negotiate->ciphersuite_info->mac == - MBEDTLS_MD_SHA384 ) - { - hash_len = 48; - } + if( md_type == MBEDTLS_MD_SHA384 ) + salt_len = 48; else -#endif - hash_len = 32; +#endif /* MBEDTLS_SHA512_C */ + salt_len = 32; } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - hash_len = 36; - - MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len ); - - ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, - "extended master secret", - session_hash, hash_len, - session->master, 48 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); - } + salt_len = 36; + MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, salt_len ); } - else -#endif +#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */ + ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, - "master secret", - handshake->randbytes, 64, + lbl, salt, salt_len, session->master, 48 ); if( ret != 0 ) { @@ -757,11 +767,13 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) return( ret ); } + MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", + handshake->premaster, + handshake->pmslen ); + mbedtls_platform_zeroize( handshake->premaster, sizeof(handshake->premaster) ); } - else - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); /* * Swap the client and server random values. From b7aaf1e641795be55f9e74d61b5c1d48d0c3f4cd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 15:26:22 +0100 Subject: [PATCH 0719/2197] Implement PSA-based PSK-to-MS derivation in mbedtls_ssl_derive_keys --- library/ssl_tls.c | 93 +++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 82 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4c0d0c17e..7e861a5fb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -607,6 +607,28 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char * #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) +static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +{ + if( ssl->conf->f_psk != NULL ) + { + /* If we've used a callback to select the PSK, + * the static configuration is irrelevant. */ + if( ssl->handshake->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); + } + + if( ssl->conf->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO && + MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) { int ret = 0; @@ -758,21 +780,70 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */ - ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, - lbl, salt, salt_len, - session->master, 48 ); - if( ret != 0 ) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + ssl_use_opaque_psk( ssl ) == 1 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); + /* Perform PSK-to-MS expansion in a single step. */ + psa_status_t status; + psa_algorithm_t alg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_slot_t psk; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); + + psk = ssl->conf->psk_opaque; + if( ssl->handshake->psk_opaque != 0 ) + psk = ssl->handshake->psk_opaque; + + if( md_type == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); + else + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + + status = psa_key_derivation( &generator, psk, alg, + salt, salt_len, + (unsigned char const *) lbl, + (size_t) strlen( lbl ), + 48 ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_read( &generator, session->master, 48 ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_abort( &generator ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } + else +#endif + { + ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, + lbl, salt, salt_len, + session->master, 48 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); + return( ret ); + } - MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", - handshake->premaster, - handshake->pmslen ); + MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", + handshake->premaster, + handshake->pmslen ); - mbedtls_platform_zeroize( handshake->premaster, - sizeof(handshake->premaster) ); + mbedtls_platform_zeroize( handshake->premaster, + sizeof(handshake->premaster) ); + } } /* From 21e98b411483008af877d2e85f20ee4d8bcb8393 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 15:26:40 +0100 Subject: [PATCH 0720/2197] Skip PMS generation on client if opaque PSK is used For opaque PSKs, the PSK-to-MS expansion is performed atomatically on the PSA-side. --- library/ssl_cli.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 90cafebe8..3f91d4f5b 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3165,6 +3165,17 @@ ecdh_calc_secret: return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO && + MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { From f5e56299eafcc0d518e695331f6fe47099c2e2ce Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Oct 2018 15:27:39 +0100 Subject: [PATCH 0721/2197] Add tests to ssl-opt.sh exercising client-side opaque PSK --- tests/ssl-opt.sh | 56 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ce9aee28a..41fbf7c28 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3830,6 +3830,62 @@ run_test "PSK callback: psk, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123 psk_slot=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123 psk_slot=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback, EMS" \ + "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123 psk_slot=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -c "using extended master secret"\ + -s "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ + "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123 psk_slot=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -c "using extended master secret"\ + -s "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + run_test "PSK callback: no psk, no callback" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ From ef29b2c3c9f04c52590fbc7ff84ae4eeb51f8b73 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Oct 2018 11:28:08 +0100 Subject: [PATCH 0722/2197] Add support for opaque PSKs to ssl_server2 example application This commit adds command line parameters `psk_slot` and `psk_list_slot` to the example application `programs/ssl/ssl_server2`. These have the following semantics: - `psk_slot`: The same semantics as for the `ssl_client2` example application. That is, if a PSK is configured through the use of the command line parameters `psk` and `psk_identity`, then `psk_slot=X` can be used to import the PSK into PSA key slot X and registering it statically with the SSL configuration through the new API call mbedtls_ssl_conf_hs_opaque(). - `psk_list_slot`: In addition to the static PSK registered in the the SSL configuration, servers can register a callback for picking the PSK corresponding to the PSK identity that the client chose. The `ssl_server2` example application uses such a callback to select the PSK from a list of PSKs + Identities provided through the command line parameter `psk_list`, and to register the selected PSK via `mbedtls_ssl_set_hs_psk()`. In this case, the new parameter `psk_list_slot=X` has the effect of registering all PSKs provided in in `psk_list` as PSA keys in the key slots starting from slot `X`, and having the PSK selection callback register the chosen PSK through the new API function `mbedtls_ssl_set_hs_psk_opaque()`. --- programs/ssl/ssl_server2.c | 201 +++++++++++++++++++++++++++++++++++-- 1 file changed, 195 insertions(+), 6 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1c6ccaef1..1169763d7 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -123,6 +123,8 @@ int main( void ) #define DFL_ASYNC_PRIVATE_DELAY2 ( -1 ) #define DFL_ASYNC_PRIVATE_ERROR ( 0 ) #define DFL_PSK "" +#define DFL_PSK_SLOT 0 +#define DFL_PSK_LIST_SLOT 0 #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL #define DFL_PSK_LIST NULL @@ -224,9 +226,38 @@ int main( void ) #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#define USAGE_PSK \ +#define USAGE_PSK_RAW \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ - " psk_identity=%%s default: \"Client_identity\"\n" + " psk_identity=%%s default: \"Client_identity\"\n" \ + " psk_list=%%s default: \"\"\n" \ + " A list of (PSK identity, PSK value) pairs in (hex format, without 0x)\n" \ + " id1,psk1[,id2,psk2[,...]]\n" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define USAGE_PSK_SLOT \ + " psk_slot=%%d default: 0 (don't use key slots)\n" \ + " An empty key slot identifier to be used to hold the static PSK\n" \ + " configured through the psk parameter.\n"\ + " Note: Currently only supported in conjunction with\n" \ + " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ + " to force a particular PSK-only ciphersuite.\n" \ + " Note: This is to test integration of PSA-based opaque PSKs with\n" \ + " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ + " with prepopulated key slots instead of importing raw key material.\n" \ + " psk_list_slot=%%d default: 0 (don't use key slots)\n" \ + " The base of a consecutive list of empty key slot identifiers to be used\n" \ + " to hold the dynamic PSKs configured through the psk_list parameter;\n" \ + " for example, if you specify a list of 3 dynamic PSKs through the psk_list\n"\ + " parameter, then the slots psk_slot, .., psk_slot+3 must be empty.\n" \ + " Note: Currently only supported in conjunction with\n" \ + " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ + " to force a particular PSK-only ciphersuite.\n" \ + " Note: This is to test integration of PSA-based opaque PSKs with\n" \ + " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ + " with prepopulated key slots instead of importing raw key material.\n" +#else +#define USAGE_PSK_SLOT "" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT #else #define USAGE_PSK "" #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ @@ -453,6 +484,10 @@ struct options int async_private_delay1; /* number of times f_async_resume needs to be called for key 1, or -1 for no async */ int async_private_delay2; /* number of times f_async_resume needs to be called for key 2, or -1 for no async */ int async_private_error; /* inject error in async private callback */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + int psk_slot; + int psk_list_slot; +#endif const char *psk; /* the pre-shared key */ const char *psk_identity; /* the pre-shared key identity */ char *psk_list; /* list of PSK id/key pairs for callback */ @@ -771,6 +806,9 @@ struct _psk_entry const char *name; size_t key_len; unsigned char key[MBEDTLS_PSK_MAX_LEN]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_slot_t slot; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ psk_entry *next; }; @@ -819,6 +857,11 @@ psk_entry *psk_parse( char *psk_string ) if( unhexify( new->key, key_hex, &new->key_len ) != 0 ) goto error; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_list_slot != 0 ) + new->slot = opt.psk_list_slot++; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + new->next = cur; cur = new; } @@ -844,6 +887,11 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl, if( name_len == strlen( cur->name ) && memcmp( name, cur->name, name_len ) == 0 ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( cur->slot != 0 ) + return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); + else +#endif return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); } @@ -1174,12 +1222,39 @@ int idle( mbedtls_net_context *fd, return( 0 ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static psa_status_t psa_setup_psk_key_slot( psa_key_slot_t slot, + psa_algorithm_t alg, + unsigned char *psk, + size_t psk_len ) +{ + psa_status_t status; + psa_key_policy_t policy; + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + + status = psa_set_key_policy( slot, &policy ); + if( status != PSA_SUCCESS ) + return( status ); + + status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); + if( status != PSA_SUCCESS ) + return( status ); + + return( PSA_SUCCESS ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + int main( int argc, char *argv[] ) { int ret = 0, len, written, frags, exchanges_left; int version_suites[4][2]; unsigned char* buf = 0; #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_algorithm_t alg = 0; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; psk_entry *psk_info = NULL; @@ -1342,6 +1417,10 @@ int main( int argc, char *argv[] ) opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2; opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR; opt.psk = DFL_PSK; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + opt.psk_slot = DFL_PSK_SLOT; + opt.psk_list_slot = DFL_PSK_LIST_SLOT; +#endif opt.psk_identity = DFL_PSK_IDENTITY; opt.psk_list = DFL_PSK_LIST; opt.ecjpake_pw = DFL_ECJPAKE_PW; @@ -1470,6 +1549,12 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + else if( strcmp( p, "psk_slot" ) == 0 ) + opt.psk_slot = atoi( q ); + else if( strcmp( p, "psk_list_slot" ) == 0 ) + opt.psk_list_slot = atoi( q ); +#endif else if( strcmp( p, "psk_identity" ) == 0 ) opt.psk_identity = q; else if( strcmp( p, "psk_list" ) == 0 ) @@ -1779,6 +1864,42 @@ int main( int argc, char *argv[] ) goto exit; } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + if( strlen( opt.psk ) == 0 ) + { + mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + ret = 2; + goto usage; + } + + if( opt.force_ciphersuite[0] <= 0 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + } + + if( opt.psk_list_slot != 0 ) + { + if( opt.psk_list == NULL ) + { + mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + ret = 2; + goto usage; + } + + if( opt.force_ciphersuite[0] <= 0 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( opt.force_ciphersuite[0] > 0 ) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info; @@ -1828,6 +1949,30 @@ int main( int argc, char *argv[] ) opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 || opt.psk_list_slot != 0 ) + { + /* Ensure that the chosen ciphersuite is PSK-only; we must know + * the ciphersuite in advance to set the correct policy for the + * PSK key slot. This limitation might go away in the future. */ + if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || + opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + + /* Determine KDF algorithm the opaque PSK will be used in. */ +#if defined(MBEDTLS_SHA512_C) + if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); + else +#endif /* MBEDTLS_SHA512_C */ + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ } if( opt.version_suites != NULL ) @@ -2501,12 +2646,35 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) { - ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ); - if( ret != 0 ) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + /* The algorithm has already been determined earlier. */ + status = psa_setup_psk_key_slot( opt.psk_slot, alg, + psk, psk_len ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, opt.psk_slot, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret ); + goto exit; + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) { mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret ); goto exit; @@ -2514,7 +2682,28 @@ int main( int argc, char *argv[] ) } if( opt.psk_list != NULL ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_list_slot != 0 ) + { + psk_entry *cur_psk; + for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) + { + fprintf( stderr, "REGISTER KEY SLOT %d\n", (int) cur_psk->slot ); + status = psa_setup_psk_key_slot( cur_psk->slot, alg, + cur_psk->key, + cur_psk->key_len ); + if( status != PSA_SUCCESS ) + { + fprintf( stderr, "REGISTER KEY SLOT\n" ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info ); + } #endif #if defined(MBEDTLS_DHM_C) From 8bb28b947026d7d785b50d2a7ddb5223250ee491 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Oct 2018 11:38:07 +0100 Subject: [PATCH 0723/2197] Rename ssl_conf_has_[raw_]_psk to ssl_conf_has_static_[raw_]psk This is to differentiate the function from the functions relevant on the server-side, which also need to take into the PSK callback. --- library/ssl_cli.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 3f91d4f5b..cd25dca91 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -52,7 +52,7 @@ #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_conf_has_psk( mbedtls_ssl_config const *conf ) +static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) { if( conf->psk_identity == NULL || conf->psk_identity_len == 0 ) @@ -72,7 +72,7 @@ static int ssl_conf_has_psk( mbedtls_ssl_config const *conf ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_conf_has_raw_psk( mbedtls_ssl_config const *conf ) +static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf ) { if( conf->psk_identity == NULL || conf->psk_identity_len == 0 ) @@ -795,7 +795,7 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf /* Don't suggest PSK-based ciphersuite if no PSK is available. */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_psk( ssl->conf ) == 0 ) + ssl_conf_has_static_psk( ssl->conf ) == 0 ) { return( 1 ); } @@ -3054,7 +3054,7 @@ ecdh_calc_secret: /* * opaque psk_identity<0..2^16-1>; */ - if( ssl_conf_has_psk( ssl->conf ) == 0 ) + if( ssl_conf_has_static_psk( ssl->conf ) == 0 ) { /* We don't offer PSK suites if we don't have a PSK, * and we check that the server's choice is among the @@ -3090,7 +3090,7 @@ ecdh_calc_secret: { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3104,7 +3104,7 @@ ecdh_calc_secret: { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3140,7 +3140,7 @@ ecdh_calc_secret: { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3169,7 +3169,7 @@ ecdh_calc_secret: defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_conf_has_raw_psk( ssl->conf ) == 0 ) + ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); } From 4855c2d4c2049ffde03140b468a4949a1c1ee1ba Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Oct 2018 12:07:29 +0100 Subject: [PATCH 0724/2197] Add server-support for opaque PSKs --- library/ssl_srv.c | 75 +++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 69 insertions(+), 6 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 36ca0d69f..54cce0ad6 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -149,6 +149,48 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) +{ + if( conf->f_psk != NULL ) + return( 1 ); + + if( conf->psk_identity_len == 0 || conf->psk_identity == NULL ) + return( 0 ); + + if( conf->psk != NULL && conf->psk_len != 0 ) + return( 1 ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( conf->psk_opaque != 0 ) + return( 1 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + return( 0 ); +} + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +{ + if( ssl->conf->f_psk != NULL ) + { + /* If we've used a callback to select the PSK, + * the static configuration is irrelevant. */ + + if( ssl->handshake->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); + } + + if( ssl->conf->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -867,9 +909,7 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, /* If the ciphersuite requires a pre-shared key and we don't * have one, skip it now rather than failing later */ if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl->conf->f_psk == NULL && - ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || - ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) + ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); return( 0 ); @@ -3648,9 +3688,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha int ret = 0; size_t n; - if( ssl->conf->f_psk == NULL && - ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || - ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) + if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); @@ -3828,6 +3866,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically + * and skip the intermediate PMS. */ + if( ssl_use_opaque_psk( ssl ) ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { @@ -3859,6 +3904,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( ret ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); @@ -3888,6 +3939,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( ret ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); @@ -3919,6 +3976,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, From 5a1d6da8f8c70e2c4f2bd0b9a591cd0070a7caf2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Oct 2018 13:15:08 +0100 Subject: [PATCH 0725/2197] Add tests to ssl-opt.sh exercising server-side opaque PSK --- tests/ssl-opt.sh | 178 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 178 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 41fbf7c28..45b2e207f 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3886,6 +3886,184 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123 extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123 extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=abc psk=dead extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=abc psk=dead extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=2 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ + "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 1 \ + -s "SSL - Verification of the message MAC failed" + run_test "PSK callback: no psk, no callback" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ From 3d4261bb218ad45f2986e9484feec3384e07ac02 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 12:44:15 +0000 Subject: [PATCH 0726/2197] Fix typo in documentation of mbedtls_ssl_conf_opaque_psk() --- include/mbedtls/ssl.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 171803f75..678660659 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2128,10 +2128,10 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \param conf The SSL configuration to register the PSK with. * \param psk The identifier of the key slot holding the PSK. * Until \p conf is destroyed or this function is successfully - * again, the key slot \p psk must be populated with a key of - * type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows - * its use for the key derivation algorithm applied in the - * handshake. + * called again, the key slot \p psk must be populated with a + * key of type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy + * allows its use for the key derivation algorithm applied + * in the handshake. * \param psk_identity The pointer to the pre-shared key identity. * \param psk_identity_len The length of the pre-shared key identity * in bytes. From 5916c99cc323c675370050cb6f3ebbd62f54da91 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 12:44:27 +0000 Subject: [PATCH 0727/2197] Don't use idiom `if( func() )` but always add explicit value check --- library/ssl_srv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 54cce0ad6..4d99f884d 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3869,7 +3869,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_USE_PSA_CRYPTO) /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically * and skip the intermediate PMS. */ - if( ssl_use_opaque_psk( ssl ) ) + if( ssl_use_opaque_psk( ssl ) == 1 ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); else #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 4d057f61a77f536ab16d26c893523b2406fe7261 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 12:45:16 +0000 Subject: [PATCH 0728/2197] Don't use 48 as a magic number in ssl_derive_keys() In multiple places, it occurrs as the fixed length of the master secret, so use a constant with a descriptive name instead. This is reinforced by the fact the some further occurrences of '48' are semantically different. --- library/ssl_tls.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7e861a5fb..8f3d203de 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -643,6 +643,10 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) const mbedtls_cipher_info_t *cipher_info; const mbedtls_md_info_t *md_info; + /* cf. RFC 5246, Section 8.1: + * "The master secret is always exactly 48 bytes in length." */ + size_t const master_secret_len = 48; + #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) unsigned char session_hash[48]; #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ @@ -807,14 +811,15 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) salt, salt_len, (unsigned char const *) lbl, (size_t) strlen( lbl ), - 48 ); + master_secret_len ); if( status != PSA_SUCCESS ) { psa_generator_abort( &generator ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - status = psa_generator_read( &generator, session->master, 48 ); + status = psa_generator_read( &generator, session->master, + master_secret_len ); if( status != PSA_SUCCESS ) { psa_generator_abort( &generator ); @@ -830,7 +835,8 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) { ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, lbl, salt, salt_len, - session->master, 48 ); + session->master, + master_secret_len ); if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); From bffefae305adfe899984c558111cd02b8cfdb31d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 12:47:16 +0000 Subject: [PATCH 0729/2197] Safe-guard `ssl_conf_remove_psk()` for simultaneous raw-opaque PSKs The code maintains the invariant that raw and opaque PSKs are never configured simultaneously, so strictly speaking `ssl_conf_remove_psk()` need not consider clearing the raw PSK if it has already cleared an opaque one - and previously, it didn't. However, it doesn't come at any cost to keep this check as a safe-guard to future unforeseen situations where opaque and raw PSKs _are_ both present. --- library/ssl_tls.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8f3d203de..6fa2e3a76 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7426,7 +7426,11 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) * user's responsibility. */ conf->psk_opaque = 0; } - else + /* This and the following branch should never + * be taken simultaenously as we maintain the + * invariant that raw and opaque PSKs are never + * configured simultaneously. As a safeguard, + * though, `else` is omitted here. */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ if( conf->psk != NULL ) { From 39eb4274bbe2182d865d58ca90b8297eb060f146 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 12:52:42 +0000 Subject: [PATCH 0730/2197] Remove overly long line in ssl_client2.c --- programs/ssl/ssl_client2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 51a0c3f5b..598ec43fe 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1582,7 +1582,7 @@ int main( int argc, char *argv[] ) if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot, (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) + strlen( opt.psk_identity ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", ret ); From 923cd655e02560be7ddd7fb3ff5723b759c73c26 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 13:25:17 +0000 Subject: [PATCH 0731/2197] Destroy PSA-based temporary opaque PSK key at the end of ssl_client2 --- programs/ssl/ssl_client2.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 598ec43fe..61dd50ebf 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2230,6 +2230,26 @@ exit: mbedtls_ctr_drbg_free( &ctr_drbg ); mbedtls_entropy_free( &entropy ); +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + /* This is ok even if the slot hasn't been + * initialized (we might have jumed here + * immediately because of bad cmd line params, + * for example). */ + status = psa_destroy_key( opt.psk_slot ); + if( status != PSA_SUCCESS ) + { + mbedtls_printf( "Failed to destroy key slot %u - error was %d", + (unsigned) opt.psk_slot, (int) status ); + if( ret == 0 ) + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && + MBEDTLS_USE_PSA_CRYPTO */ + #if defined(_WIN32) mbedtls_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); From 01612e28867f60a67a6ed08ba61c898d03e95e4b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 5 Nov 2018 13:48:43 +0000 Subject: [PATCH 0732/2197] Destroy PSA-based temporary opaque PSKs at the end of ssl_server2 --- programs/ssl/ssl_server2.c | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1169763d7..f4b737faf 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -815,16 +815,30 @@ struct _psk_entry /* * Free a list of psk_entry's */ -void psk_free( psk_entry *head ) +int psk_free( psk_entry *head ) { psk_entry *next; while( head != NULL ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; + psa_key_slot_t const slot = head->slot; + + if( slot != 0 ) + { + status = psa_destroy_key( slot ); + if( status != PSA_SUCCESS ) + return( status ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + next = head->next; mbedtls_free( head ); head = next; } + + return( 0 ); } /* @@ -3332,12 +3346,31 @@ exit: sni_free( sni_info ); #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - psk_free( psk_info ); + if( ( ret = psk_free( psk_info ) ) != 0 ) + mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret ); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) mbedtls_dhm_free( &dhm ); #endif +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_slot != 0 ) + { + /* This is ok even if the slot hasn't been + * initialized (we might have jumed here + * immediately because of bad cmd line params, + * for example). */ + status = psa_destroy_key( opt.psk_slot ); + if( status != PSA_SUCCESS ) + { + mbedtls_printf( "Failed to destroy key slot %u - error was %d", + (unsigned) opt.psk_slot, (int) status ); + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && + MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_ssl_free( &ssl ); mbedtls_ssl_config_free( &conf ); mbedtls_ctr_drbg_free( &ctr_drbg ); From a6f1d18afe621cfed0694249e226fd365fcf36f9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 13:06:09 +0000 Subject: [PATCH 0733/2197] Automatically allocate opaque PSK key slots in ssl_{client/server}2 Previously, command line arguments `psk_slot` and `psk_list_slot` could be used to indicate the PSA key slots that the example applications should use to store the PSK(s) provided. This commit changes this approach to use the utility function `mbedtls_psa_get_free_key_slot()` to obtain free key slots from the PSA Crypto implementation automatically, so that users only need to pass boolean flags `psk_opaque` and `psk_list_opaque` on the command line to enable / disable PSA-based opaque PSKs. --- programs/ssl/ssl_client2.c | 37 +++++++++------ programs/ssl/ssl_server2.c | 94 ++++++++++++++++++++++---------------- tests/ssl-opt.sh | 34 +++++++------- 3 files changed, 93 insertions(+), 72 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 61dd50ebf..1bf6e2f0c 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -61,6 +61,7 @@ int main( void ) #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" +#include "mbedtls/psa_util.h" #endif #include @@ -85,7 +86,7 @@ int main( void ) #define DFL_CRT_FILE "" #define DFL_KEY_FILE "" #define DFL_PSK "" -#define DFL_PSK_SLOT 0 +#define DFL_PSK_OPAQUE 0 #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL #define DFL_EC_MAX_OPS -1 @@ -145,8 +146,9 @@ int main( void ) " psk_identity=%%s default: \"Client_identity\"\n" #if defined(MBEDTLS_USE_PSA_CRYPTO) #define USAGE_PSK_SLOT \ - " psk_slot=%%d default: 0\n" \ - " An empty key slot identifier to be used to hold the PSK.\n" \ + " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \ + " Enable this to store the PSK configured through command line\n" \ + " parameter `psk` in a PSA-based key slot.\n" \ " Note: Currently only supported in conjunction with\n" \ " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ " to force a particular PSK-only ciphersuite.\n" \ @@ -353,7 +355,7 @@ struct options const char *crt_file; /* the file with the client certificate */ const char *key_file; /* the file with the client key */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - int psk_slot; + int psk_opaque; #endif const char *psk; /* the pre-shared key */ const char *psk_identity; /* the pre-shared key identity */ @@ -651,7 +653,7 @@ int main( int argc, char *argv[] ) opt.key_file = DFL_KEY_FILE; opt.psk = DFL_PSK; #if defined(MBEDTLS_USE_PSA_CRYPTO) - opt.psk_slot = DFL_PSK_SLOT; + opt.psk_opaque = DFL_PSK_OPAQUE; #endif opt.psk_identity = DFL_PSK_IDENTITY; opt.ecjpake_pw = DFL_ECJPAKE_PW; @@ -754,8 +756,8 @@ int main( int argc, char *argv[] ) else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; #if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_slot" ) == 0 ) - opt.psk_slot = atoi( q ); + else if( strcmp( p, "psk_opaque" ) == 0 ) + opt.psk_opaque = atoi( q ); #endif else if( strcmp( p, "psk_identity" ) == 0 ) opt.psk_identity = q; @@ -1093,11 +1095,11 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { if( opt.psk == NULL ) { - mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); ret = 2; goto usage; } @@ -1162,7 +1164,7 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { /* Ensure that the chosen ciphersuite is PSK-only; we must know * the ciphersuite in advance to set the correct policy for the @@ -1558,10 +1560,15 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { /* The algorithm has already been determined earlier. */ - slot = (psa_key_slot_t) opt.psk_slot; + status = mbedtls_psa_get_free_key_slot( &slot ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); @@ -2232,17 +2239,17 @@ exit: #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { /* This is ok even if the slot hasn't been * initialized (we might have jumed here * immediately because of bad cmd line params, * for example). */ - status = psa_destroy_key( opt.psk_slot ); + status = psa_destroy_key( slot ); if( status != PSA_SUCCESS ) { mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) opt.psk_slot, (int) status ); + (unsigned) slot, (int) status ); if( ret == 0 ) ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index f4b737faf..534a3f373 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -62,6 +62,7 @@ int main( void ) #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" +#include "mbedtls/psa_util.h" #endif #include @@ -123,8 +124,8 @@ int main( void ) #define DFL_ASYNC_PRIVATE_DELAY2 ( -1 ) #define DFL_ASYNC_PRIVATE_ERROR ( 0 ) #define DFL_PSK "" -#define DFL_PSK_SLOT 0 -#define DFL_PSK_LIST_SLOT 0 +#define DFL_PSK_OPAQUE 0 +#define DFL_PSK_LIST_OPAQUE 0 #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL #define DFL_PSK_LIST NULL @@ -234,20 +235,18 @@ int main( void ) " id1,psk1[,id2,psk2[,...]]\n" #if defined(MBEDTLS_USE_PSA_CRYPTO) #define USAGE_PSK_SLOT \ - " psk_slot=%%d default: 0 (don't use key slots)\n" \ - " An empty key slot identifier to be used to hold the static PSK\n" \ - " configured through the psk parameter.\n"\ + " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \ + " Enable this to store the PSK configured through command line\n" \ + " parameter `psk` in a PSA-based key slot.\n" \ " Note: Currently only supported in conjunction with\n" \ " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ " to force a particular PSK-only ciphersuite.\n" \ " Note: This is to test integration of PSA-based opaque PSKs with\n" \ " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ " with prepopulated key slots instead of importing raw key material.\n" \ - " psk_list_slot=%%d default: 0 (don't use key slots)\n" \ - " The base of a consecutive list of empty key slot identifiers to be used\n" \ - " to hold the dynamic PSKs configured through the psk_list parameter;\n" \ - " for example, if you specify a list of 3 dynamic PSKs through the psk_list\n"\ - " parameter, then the slots psk_slot, .., psk_slot+3 must be empty.\n" \ + " psk_list_opaque=%%d default: 0 (don't use opaque dynamic PSKs)\n" \ + " Enable this to store the list of dynamically chosen PSKs configured\n" \ + " through the command line parameter `psk_list` in PSA-based key slots.\n" \ " Note: Currently only supported in conjunction with\n" \ " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ " to force a particular PSK-only ciphersuite.\n" \ @@ -485,8 +484,8 @@ struct options int async_private_delay2; /* number of times f_async_resume needs to be called for key 2, or -1 for no async */ int async_private_error; /* inject error in async private callback */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - int psk_slot; - int psk_list_slot; + int psk_opaque; + int psk_list_opaque; #endif const char *psk; /* the pre-shared key */ const char *psk_identity; /* the pre-shared key identity */ @@ -871,11 +870,6 @@ psk_entry *psk_parse( char *psk_string ) if( unhexify( new->key, key_hex, &new->key_len ) != 0 ) goto error; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_list_slot != 0 ) - new->slot = opt.psk_list_slot++; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - new->next = cur; cur = new; } @@ -1250,11 +1244,17 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_slot_t slot, status = psa_set_key_policy( slot, &policy ); if( status != PSA_SUCCESS ) + { + fprintf( stderr, "POLICY\n" ); return( status ); + } status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); if( status != PSA_SUCCESS ) + { + fprintf( stderr, "IMPORT\n" ); return( status ); + } return( PSA_SUCCESS ); } @@ -1268,6 +1268,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg = 0; + psa_key_slot_t psk_slot = 0; #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; @@ -1432,8 +1433,8 @@ int main( int argc, char *argv[] ) opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR; opt.psk = DFL_PSK; #if defined(MBEDTLS_USE_PSA_CRYPTO) - opt.psk_slot = DFL_PSK_SLOT; - opt.psk_list_slot = DFL_PSK_LIST_SLOT; + opt.psk_opaque = DFL_PSK_OPAQUE; + opt.psk_list_opaque = DFL_PSK_LIST_OPAQUE; #endif opt.psk_identity = DFL_PSK_IDENTITY; opt.psk_list = DFL_PSK_LIST; @@ -1564,10 +1565,10 @@ int main( int argc, char *argv[] ) else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; #if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_slot" ) == 0 ) - opt.psk_slot = atoi( q ); - else if( strcmp( p, "psk_list_slot" ) == 0 ) - opt.psk_list_slot = atoi( q ); + else if( strcmp( p, "psk_opaque" ) == 0 ) + opt.psk_opaque = atoi( q ); + else if( strcmp( p, "psk_list_opaque" ) == 0 ) + opt.psk_list_opaque = atoi( q ); #endif else if( strcmp( p, "psk_identity" ) == 0 ) opt.psk_identity = q; @@ -1879,11 +1880,11 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { if( strlen( opt.psk ) == 0 ) { - mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); ret = 2; goto usage; } @@ -1896,7 +1897,7 @@ int main( int argc, char *argv[] ) } } - if( opt.psk_list_slot != 0 ) + if( opt.psk_list_opaque != 0 ) { if( opt.psk_list == NULL ) { @@ -1965,7 +1966,7 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 || opt.psk_list_slot != 0 ) + if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 ) { /* Ensure that the chosen ciphersuite is PSK-only; we must know * the ciphersuite in advance to set the correct policy for the @@ -2664,20 +2665,27 @@ int main( int argc, char *argv[] ) if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { - /* The algorithm has already been determined earlier. */ - status = psa_setup_psk_key_slot( opt.psk_slot, alg, - psk, psk_len ); + status = mbedtls_psa_get_free_key_slot( &psk_slot ); if( status != PSA_SUCCESS ) { + fprintf( stderr, "ALLOC FAIL\n" ); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, opt.psk_slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) + /* The algorithm has already been determined earlier. */ + status = psa_setup_psk_key_slot( psk_slot, alg, psk, psk_len ); + if( status != PSA_SUCCESS ) + { + fprintf( stderr, "SETUP FAIL\n" ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", ret ); @@ -2698,24 +2706,30 @@ int main( int argc, char *argv[] ) if( opt.psk_list != NULL ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_list_slot != 0 ) + if( opt.psk_list_opaque != 0 ) { psk_entry *cur_psk; for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) { - fprintf( stderr, "REGISTER KEY SLOT %d\n", (int) cur_psk->slot ); + status = mbedtls_psa_get_free_key_slot( &cur_psk->slot ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + status = psa_setup_psk_key_slot( cur_psk->slot, alg, cur_psk->key, cur_psk->key_len ); if( status != PSA_SUCCESS ) { - fprintf( stderr, "REGISTER KEY SLOT\n" ); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info ); } #endif @@ -3355,17 +3369,17 @@ exit: #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_slot != 0 ) + if( opt.psk_opaque != 0 ) { /* This is ok even if the slot hasn't been * initialized (we might have jumed here * immediately because of bad cmd line params, * for example). */ - status = psa_destroy_key( opt.psk_slot ); + status = psa_destroy_key( psk_slot ); if( status != PSA_SUCCESS ) { mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) opt.psk_slot, (int) status ); + (unsigned) psk_slot, (int) status ); } } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 45b2e207f..129b91c08 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3834,7 +3834,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123 psk_slot=1" \ + psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ -S "skip PMS generation for opaque PSK"\ @@ -3848,7 +3848,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=foo psk=abc123 psk_slot=1" \ + psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ -S "skip PMS generation for opaque PSK"\ @@ -3862,7 +3862,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123 psk_slot=1" \ + psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ -S "skip PMS generation for opaque PSK"\ @@ -3876,7 +3876,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=foo psk=abc123 psk_slot=1" \ + psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ -S "skip PMS generation for opaque PSK"\ @@ -3888,7 +3888,7 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 0 \ @@ -3902,7 +3902,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=foo psk=abc123" \ 0 \ @@ -3916,7 +3916,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ - "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123 extended_ms=1" \ @@ -3931,7 +3931,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ - "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=foo psk=abc123 extended_ms=1" \ @@ -3946,7 +3946,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ @@ -3960,7 +3960,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=def psk=beef" \ 0 \ @@ -3974,7 +3974,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ - "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=abc psk=dead extended_ms=1" \ @@ -3989,7 +3989,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ - "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=abc psk=dead extended_ms=1" \ @@ -4004,7 +4004,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ @@ -4018,7 +4018,7 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=2 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ @@ -4032,7 +4032,7 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ - "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ @@ -4045,7 +4045,7 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ @@ -4058,7 +4058,7 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 1 \ From ed437a674e71098a4ab8c91ef861438ace9bf7b9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 13:18:25 +0000 Subject: [PATCH 0734/2197] Fix typo in documentation of mbedtls_ssl_conf_psk() --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 678660659..f7c9d936a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2086,7 +2086,7 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * want to use \c mbedtls_ssl_conf_psk_cb() instead. * * \warning Currently, clients can only register a single pre-shared key. - * Calling this function or mbedtls_ssl_conf_opaque_psk() more + * Calling this function or mbedtls_ssl_conf_psk_opaque() more * than once will overwrite values configured in previous calls. * Support for setting multiple PSKs on clients and selecting * one based on the identity hint is not a planned feature, From e9bf0f4c32ea07d6fee9c6ce6b5c75fbac084894 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 13:33:04 +0000 Subject: [PATCH 0735/2197] Share code for PSK identity configuration This commit shares the code for setting the PSK identity hint between the functions mbedtls_ssl_conf_psk() and mbedtls_ssl_conf_psk_opaque(). --- library/ssl_tls.c | 92 ++++++++++++++++++++++++----------------------- 1 file changed, 48 insertions(+), 44 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6fa2e3a76..93439697e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7450,44 +7450,56 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) } } -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ) +/* This function assumes that PSK identity in the SSL config is unset. + * It checks that the provided identity is well-formed and attempts + * to make a copy of it in the SSL config. + * On failure, the PSK identity in the config remains unset. */ +static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf, + unsigned char const *psk_identity, + size_t psk_identity_len ) { - if( psk == NULL || psk_identity == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - /* Identity len will be encoded on two bytes */ - if( ( psk_identity_len >> 16 ) != 0 || + if( psk_identity == NULL || + ( psk_identity_len >> 16 ) != 0 || psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) { return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - ssl_conf_remove_psk( conf ); - - if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL || - ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL ) - { - mbedtls_free( conf->psk ); - mbedtls_free( conf->psk_identity ); - conf->psk = NULL; - conf->psk_identity = NULL; + conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ); + if( conf->psk_identity == NULL ) return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - conf->psk_len = psk_len; conf->psk_identity_len = psk_identity_len; - - memcpy( conf->psk, psk, conf->psk_len ); memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); return( 0 ); } +int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len ) +{ + int ret; + /* Remove opaque/raw PSK + PSK Identity */ + ssl_conf_remove_psk( conf ); + + /* Check and set raw PSK */ + if( psk == NULL || psk_len > MBEDTLS_PSK_MAX_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + conf->psk_len = psk_len; + memcpy( conf->psk, psk, conf->psk_len ); + + /* Check and set PSK Identity */ + ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len ); + if( ret != 0 ) + ssl_conf_remove_psk( conf ); + + return( ret ); +} + static void ssl_remove_psk( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -7532,30 +7544,22 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, const unsigned char *psk_identity, size_t psk_identity_len ) { - if( psk_slot == 0 || psk_identity == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - /* Identity len will be encoded on two bytes */ - if( ( psk_identity_len >> 16 ) != 0 || - psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - + int ret; + /* Clear opaque/raw PSK + PSK Identity, if present. */ ssl_conf_remove_psk( conf ); - if( ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL ) - { - mbedtls_free( conf->psk_identity ); - conf->psk_identity = NULL; - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - conf->psk_identity_len = psk_identity_len; - memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); - + /* Check and set opaque PSK */ + if( psk_slot == 0 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); conf->psk_opaque = psk_slot; - return( 0 ); + + /* Check and set PSK Identity */ + ret = ssl_conf_set_psk_identity( conf, psk_identity, + psk_identity_len ); + if( ret != 0 ) + ssl_conf_remove_psk( conf ); + + return( ret ); } int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, From 40975782077e83821531cc7e7999b505e6549393 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 11:44:14 +0000 Subject: [PATCH 0736/2197] Initialize PSA key slot as invalid in ssl_client2.c Otherwise, if `mbedtls_psa_get_free_key_slot()` fails to find a fresh key slot, the slot value will be undefined, and the call to `psa_destroy_key()` at the end of `main()` is undefined behavior. --- programs/ssl/ssl_client2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 1bf6e2f0c..ff625fbd2 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -561,7 +561,7 @@ int main( int argc, char *argv[] ) const char *pers = "ssl_client2"; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_slot_t slot; + psa_key_slot_t slot = 0; psa_algorithm_t alg = 0; psa_key_policy_t policy; psa_status_t status; From 2e009fe0131eb9b84121dbd8956bb94080bf6f75 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 8 Nov 2018 16:57:42 +0000 Subject: [PATCH 0737/2197] Fix style in definition of `mbedtls_cipher_mode_t` --- include/mbedtls/cipher.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 58a5d63dd..d112eb032 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -179,16 +179,16 @@ typedef enum { /** Supported cipher modes. */ typedef enum { - MBEDTLS_MODE_NONE = 0, /**< None. */ - MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */ - MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */ - MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */ - MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */ - MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */ - MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */ - MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */ - MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */ - MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */ + MBEDTLS_MODE_NONE = 0, /**< None. */ + MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */ + MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */ + MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */ + MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */ + MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */ + MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */ + MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */ + MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */ + MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */ MBEDTLS_MODE_CHACHAPOLY, /**< The ChaCha-Poly cipher mode. */ } mbedtls_cipher_mode_t; From 0953ba18993999a7e772b7fa2e71fdb902dfdcea Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 8 Nov 2018 16:01:22 +0000 Subject: [PATCH 0738/2197] Fix style in NUM_CIPHERS definition in cipher_wrap.c Use brackets around `sizeof()` arguments as well as the entire macro. --- library/cipher_wrap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 6dd8c5d3a..d4538ed7b 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -2266,7 +2266,8 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_NONE, NULL } }; -#define NUM_CIPHERS sizeof mbedtls_cipher_definitions / sizeof mbedtls_cipher_definitions[0] +#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) / \ + sizeof(mbedtls_cipher_definitions[0]) ) int mbedtls_cipher_supported[NUM_CIPHERS]; #endif /* MBEDTLS_CIPHER_C */ From c8b699dfa4d61a31a67653fc8424b0521b3c41bb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 8 Nov 2018 15:57:42 +0000 Subject: [PATCH 0739/2197] Fix style in cipher.h --- include/mbedtls/cipher.h | 141 +++++++++++++++++++++------------------ 1 file changed, 77 insertions(+), 64 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index d112eb032..47709a932 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -405,7 +405,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * In future versions, the caller will be required to call * mbedtls_cipher_init() on the structure first. */ -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); +int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info ); /** * \brief This function returns the block size of the given cipher. @@ -415,7 +416,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_in * \return The size of the blocks of the cipher. * \return 0 if \p ctx has not been initialized. */ -static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx ) +static inline unsigned int mbedtls_cipher_get_block_size( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -432,7 +434,8 @@ static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_c * \return The mode of operation. * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. */ -static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx ) +static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return MBEDTLS_MODE_NONE; @@ -450,7 +453,8 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtl * \return \c 0 for ciphers not using an IV or a nonce. * \return The actual size if an IV has been set. */ -static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx ) +static inline int mbedtls_cipher_get_iv_size( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -469,7 +473,8 @@ static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ct * \return The type of the cipher. * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. */ -static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx ) +static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return MBEDTLS_CIPHER_NONE; @@ -486,7 +491,8 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_ciphe * \return The name of the cipher. * \return NULL if \p ctx has not been not initialized. */ -static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx ) +static inline const char *mbedtls_cipher_get_name( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -503,7 +509,8 @@ static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_ * \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been * initialized. */ -static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx ) +static inline int mbedtls_cipher_get_key_bitlen( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return MBEDTLS_KEY_LENGTH_NONE; @@ -519,7 +526,8 @@ static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t * \return The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. */ -static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx ) +static inline mbedtls_operation_t mbedtls_cipher_get_operation( + const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return MBEDTLS_OPERATION_NONE; @@ -543,8 +551,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_ci * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, - int key_bitlen, const mbedtls_operation_t operation ); +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation ); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** @@ -562,7 +572,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * does not support padding. */ -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ); +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode ); #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ /** @@ -582,7 +593,7 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_ciph * parameter-verification failure. */ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len ); + const unsigned char *iv, size_t iv_len ); /** * \brief This function resets the cipher state. @@ -597,16 +608,16 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /** - * \brief This function adds additional data for AEAD ciphers. - * Currently supported with GCM and ChaCha20+Poly1305. - * Must be called exactly once, after mbedtls_cipher_reset(). + * \brief This function adds additional data for AEAD ciphers. + * Currently supported with GCM and ChaCha20+Poly1305. + * Must be called exactly once, after mbedtls_cipher_reset(). * - * \param ctx The generic cipher context. - * \param ad The additional data to use. - * \param ad_len the Length of \p ad. + * \param ctx The generic cipher context. + * \param ad The additional data to use. + * \param ad_len the Length of \p ad. * - * \return \c 0 on success. - * \return A specific error code on failure. + * \return \c 0 on success. + * \return A specific error code on failure. */ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ); @@ -643,8 +654,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, * unsupported mode for a cipher. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, - size_t ilen, unsigned char *output, size_t *olen ); +int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, + const unsigned char *input, + size_t ilen, unsigned char *output, + size_t *olen ); /** * \brief The generic cipher finalization function. If data still @@ -736,27 +749,27 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CIPHER_MODE_AEAD) /** - * \brief The generic autenticated encryption (AEAD) function. + * \brief The generic autenticated encryption (AEAD) function. * - * \param ctx The generic cipher context. - * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. - * \param iv_len The IV length for ciphers with variable-size IV. - * This parameter is discarded by ciphers with fixed-size IV. - * \param ad The additional data to authenticate. - * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. - * \param ilen The length of the input data. - * \param output The buffer for the output data. - * Must be able to hold at least \p ilen. - * \param olen The length of the output data, to be updated with the - * actual number of Bytes written. - * \param tag The buffer for the authentication tag. - * \param tag_len The desired length of the authentication tag. + * \param ctx The generic cipher context. + * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * \param iv_len The IV length for ciphers with variable-size IV. + * This parameter is discarded by ciphers with fixed-size IV. + * \param ad The additional data to authenticate. + * \param ad_len The length of \p ad. + * \param input The buffer holding the input data. + * \param ilen The length of the input data. + * \param output The buffer for the output data. + * Must be able to hold at least \p ilen. + * \param olen The length of the output data, to be updated with the + * actual number of Bytes written. + * \param tag The buffer for the authentication tag. + * \param tag_len The desired length of the authentication tag. * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on - * parameter-verification failure. - * \return A cipher-specific error code on failure. + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return A cipher-specific error code on failure. */ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, @@ -766,32 +779,32 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len ); /** - * \brief The generic autenticated decryption (AEAD) function. + * \brief The generic autenticated decryption (AEAD) function. * - * \note If the data is not authentic, then the output buffer - * is zeroed out to prevent the unauthentic plaintext being - * used, making this interface safer. + * \note If the data is not authentic, then the output buffer + * is zeroed out to prevent the unauthentic plaintext being + * used, making this interface safer. * - * \param ctx The generic cipher context. - * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. - * \param iv_len The IV length for ciphers with variable-size IV. - * This parameter is discarded by ciphers with fixed-size IV. - * \param ad The additional data to be authenticated. - * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. - * \param ilen The length of the input data. - * \param output The buffer for the output data. - * Must be able to hold at least \p ilen. - * \param olen The length of the output data, to be updated with the - * actual number of Bytes written. - * \param tag The buffer holding the authentication tag. - * \param tag_len The length of the authentication tag. + * \param ctx The generic cipher context. + * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * \param iv_len The IV length for ciphers with variable-size IV. + * This parameter is discarded by ciphers with fixed-size IV. + * \param ad The additional data to be authenticated. + * \param ad_len The length of \p ad. + * \param input The buffer holding the input data. + * \param ilen The length of the input data. + * \param output The buffer for the output data. + * Must be able to hold at least \p ilen. + * \param olen The length of the output data, to be updated with the + * actual number of Bytes written. + * \param tag The buffer holding the authentication tag. + * \param tag_len The length of the authentication tag. * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on - * parameter-verification failure. - * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. - * \return A cipher-specific error code on failure. + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. + * \return A cipher-specific error code on failure. */ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, From 18597cd3c459b9a6dc312f969afeea519b9c74d1 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Nov 2018 16:36:33 +0000 Subject: [PATCH 0740/2197] Fix style in cipher.c --- library/cipher.c | 61 +++++++++++++++++++++++++++++------------------- 1 file changed, 37 insertions(+), 24 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index d7acf34ee..7a012f9eb 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -71,7 +71,8 @@ * a non-zero value. * This is currently only used by GCM and ChaCha20+Poly1305. */ -static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t len ) +static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, + size_t len ) { const unsigned char *p1 = (const unsigned char*) v1; const unsigned char *p2 = (const unsigned char*) v2; @@ -108,7 +109,8 @@ const int *mbedtls_cipher_list( void ) return( mbedtls_cipher_supported ); } -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( + const mbedtls_cipher_type_t cipher_type ) { const mbedtls_cipher_definition_t *def; @@ -119,7 +121,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher return( NULL ); } -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( + const char *cipher_name ) { const mbedtls_cipher_definition_t *def; @@ -133,9 +136,10 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher return( NULL ); } -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, - int key_bitlen, - const mbedtls_cipher_mode_t mode ) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( + const mbedtls_cipher_id_t cipher_id, + int key_bitlen, + const mbedtls_cipher_mode_t mode ) { const mbedtls_cipher_definition_t *def; @@ -173,7 +177,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); } -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ) +int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info ) { if( NULL == cipher_info || NULL == ctx ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); @@ -199,8 +204,10 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_in return( 0 ); } -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, - int key_bitlen, const mbedtls_operation_t operation ) +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation ) { if( NULL == ctx || NULL == ctx->cipher_info ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); @@ -223,12 +230,13 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k MBEDTLS_MODE_CTR == ctx->cipher_info->mode ) { return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, - ctx->key_bitlen ); + ctx->key_bitlen ); } if( MBEDTLS_DECRYPT == operation ) return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, - ctx->key_bitlen ); + ctx->key_bitlen ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } @@ -830,7 +838,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ) +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode ) { if( NULL == ctx || MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) @@ -889,7 +898,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len ); + return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, + tag, tag_len ) ); #endif #if defined(MBEDTLS_CHACHAPOLY_C) @@ -899,8 +909,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, if ( tag_len != 16U ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - return mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - tag ); + return( mbedtls_chachapoly_finish( + (mbedtls_chachapoly_context*) ctx->cipher_ctx, tag ) ); } #endif @@ -925,8 +935,9 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, if( tag_len > sizeof( check_tag ) ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, - check_tag, tag_len ) ) ) + if( 0 != ( ret = mbedtls_gcm_finish( + (mbedtls_gcm_context *) ctx->cipher_ctx, + check_tag, tag_len ) ) ) { return( ret ); } @@ -946,8 +957,8 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, if ( tag_len != sizeof( check_tag ) ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - check_tag ); + ret = mbedtls_chachapoly_finish( + (mbedtls_chachapoly_context*) ctx->cipher_ctx, check_tag ); if ( ret != 0 ) { return( ret ); @@ -982,10 +993,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 ) return( ret ); - if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 ) + if( ( ret = mbedtls_cipher_update( ctx, input, ilen, + output, olen ) ) != 0 ) return( ret ); - if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 ) + if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, + &finish_olen ) ) != 0 ) return( ret ); *olen += finish_olen; @@ -1008,9 +1021,9 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { *olen = ilen; - return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen, - iv, iv_len, ad, ad_len, input, output, - tag_len, tag ) ); + return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, + ilen, iv, iv_len, ad, ad_len, + input, output, tag_len, tag ) ); } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) From f28d344832e6eb6d693e6641108533e2852f7616 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 8 Nov 2018 15:55:24 +0000 Subject: [PATCH 0741/2197] Expand documentation of mbedtls_cipher_list() --- include/mbedtls/cipher.h | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 47709a932..8dc55f922 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -324,11 +324,17 @@ typedef struct mbedtls_cipher_context_t } mbedtls_cipher_context_t; /** - * \brief This function retrieves the list of ciphers supported by the generic - * cipher module. + * \brief This function retrieves the list of ciphers supported + * by the generic cipher module. * - * \return A statically-allocated array of ciphers. The last entry - * is zero. + * For any cipher identifier in the returned list, you can + * obtain the corresponding generic cipher information structure + * via mbedtls_cipher_info_from_type(), which can then be used + * to prepare a cipher context via mbedtls_cipher_setup(). + * + * + * \return A statically-allocated array of cipher identifiers + * of type cipher_type_t. The last entry is zero. */ const int *mbedtls_cipher_list( void ); From 73907f842ba1a8a72d837bcd4c757ac6235f9a61 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Nov 2018 16:09:19 +0000 Subject: [PATCH 0742/2197] Improve wording in documentation of mbedtls_cipher_setup() --- include/mbedtls/cipher.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 8dc55f922..5051c1241 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -394,9 +394,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); /** - * \brief This function initializes and fills the cipher-context - * structure with the appropriate values. It also clears - * the structure. + * \brief This function initializes a cipher context for + * use with the given cipher primitive. * * \param ctx The context to initialize. May not be NULL. * \param cipher_info The cipher to use. From 4ccfc40aefb9a8ff9ad415140eb1d82a0a99f0d0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Nov 2018 16:10:57 +0000 Subject: [PATCH 0743/2197] Add declaration and dummy-definition of mbedtls_cipher_setup_psa() --- include/mbedtls/cipher.h | 20 ++++++++++++++++++++ library/cipher.c | 12 ++++++++++++ 2 files changed, 32 insertions(+) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 5051c1241..e7e222c4e 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -413,6 +413,26 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief This function initializes a cipher context for + * PSA-based use with the given cipher primitive. + * + * \note See #MBEDTLS_USE_PSA_CRYPTO for information on PSA. + * + * \param ctx The context to initialize. May not be \c NULL. + * \param cipher_info The cipher to use. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the + * cipher-specific context fails. + */ +int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /** * \brief This function returns the block size of the given cipher. * diff --git a/library/cipher.c b/library/cipher.c index 7a012f9eb..34a8170bc 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -58,6 +58,10 @@ #include "mbedtls/cmac.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -204,6 +208,14 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, return( 0 ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info ) +{ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, From ce1ddee13a171867687ec0ac6b04d2a9a732c2df Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Nov 2018 16:20:29 +0000 Subject: [PATCH 0744/2197] Add `psa_enabled` field to cipher ctx and add dummy implementations This field determines whether a cipher context should use an external implementation of the PSA Crypto API for cryptographic operations, or Mbed TLS' own crypto library. The commit also adds dummy implementations for the cipher API. --- include/mbedtls/cipher.h | 12 ++++ library/cipher.c | 135 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 146 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index e7e222c4e..c2745e82f 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -321,6 +321,18 @@ typedef struct mbedtls_cipher_context_t /** CMAC-specific context. */ mbedtls_cmac_context_t *cmac_ctx; #endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /** Indicates whether the cipher operations should be performed + * by Mbed TLS' own crypto library or an external implementation + * of the PSA Crypto API. + * This is unset if the cipher context is setup through + * mbedtls_cipher_setup(), and set if it is setup through + * mbedtls_cipher_setup_psa(). + */ + unsigned char psa_enabled; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + } mbedtls_cipher_context_t; /** diff --git a/library/cipher.c b/library/cipher.c index 34a8170bc..e6baa2cfe 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -166,6 +166,16 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) if( ctx == NULL ) return; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* TODO: Add free'ing of PSA-specific context. */ + + mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); + return; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_CMAC_C) if( ctx->cmac_ctx ) { @@ -212,7 +222,14 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ) { - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if( NULL == cipher_info || NULL == ctx ) + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + + memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + + ctx->cipher_info = cipher_info; + ctx->psa_enabled = 1; + return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -224,6 +241,14 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, if( NULL == ctx || NULL == ctx->cipher_info ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* TODO */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 && (int) ctx->cipher_info->key_bitlen != key_bitlen ) { @@ -262,6 +287,16 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, else if( NULL == iv && iv_len != 0 ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto has an API for multipart + * operations, we currently don't make it + * accessible through the cipher layer. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( NULL == iv && iv_len == 0 ) ctx->iv_size = 0; @@ -306,6 +341,15 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) if( NULL == ctx || NULL == ctx->cipher_info ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* We don't support resetting PSA-based + * cipher contexts, yet. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + ctx->unprocessed_len = 0; return( 0 ); @@ -318,6 +362,16 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, if( NULL == ctx || NULL == ctx->cipher_info ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto has an API for multipart + * operations, we currently don't make it + * accessible through the cipher layer. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { @@ -362,6 +416,16 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto has an API for multipart + * operations, we currently don't make it + * accessible through the cipher layer. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + *olen = 0; block_size = mbedtls_cipher_get_block_size( ctx ); @@ -768,6 +832,16 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto has an API for multipart + * operations, we currently don't make it + * accessible through the cipher layer. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + *olen = 0; if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode || @@ -859,6 +933,19 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto knows about CBC padding + * schemes, we currently don't make them + * accessible through the cipher layer. */ + if( mode != MBEDTLS_PADDING_NONE ) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + + return( 0 ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + switch( mode ) { #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) @@ -908,6 +995,18 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, if( MBEDTLS_ENCRYPT != ctx->operation ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto has an API for multipart + * operations, we currently don't make it + * accessible through the cipher layer. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + + return( 0 ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, @@ -941,6 +1040,16 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* While PSA Crypto has an API for multipart + * operations, we currently don't make it + * accessible through the cipher layer. */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { @@ -999,6 +1108,14 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, int ret; size_t finish_olen; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* TODO */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) return( ret ); @@ -1029,6 +1146,14 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* TODO */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { @@ -1076,6 +1201,14 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len ) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ctx->psa_enabled == 1 ) + { + /* TODO */ + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { From 6118e43d1566dfc41af7c88b8d21b77db9e66e0f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Nov 2018 16:47:20 +0000 Subject: [PATCH 0745/2197] Add PSA-specific cipher context --- include/mbedtls/cipher_internal.h | 15 +++++++++++++++ library/cipher.c | 20 ++++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index c6def0bef..f69645233 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -34,6 +34,10 @@ #include "cipher.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #ifdef __cplusplus extern "C" { #endif @@ -114,6 +118,17 @@ typedef struct const mbedtls_cipher_info_t *info; } mbedtls_cipher_definition_t; +#if defined(MBEDTLS_USE_PSA_CRYPTO) +typedef struct +{ + psa_key_slot_t slot; + unsigned char slot_state; /*!< 0: The slot is unset. + * 1: The slot is set and we own it. + * 2: The slot is set but we don't own it. */ + +} mbedtls_cipher_context_psa; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; extern int mbedtls_cipher_supported[]; diff --git a/library/cipher.c b/library/cipher.c index e6baa2cfe..0bff79ee7 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -169,7 +169,19 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ctx->psa_enabled == 1 ) { - /* TODO: Add free'ing of PSA-specific context. */ + if( ctx->cipher_ctx != NULL ) + { + mbedtls_cipher_context_psa * const cipher_psa = + (mbedtls_cipher_context_psa *) ctx->cipher_ctx; + + if( cipher_psa->slot_state == 1 ) + { + /* TODO: Destroy PSA key */ + } + + mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) ); + mbedtls_free( cipher_psa ); + } mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); return; @@ -225,6 +237,10 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, if( NULL == cipher_info || NULL == ctx ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ctx->cipher_ctx = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) ); + if( ctx->cipher_ctx == NULL ) + return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); ctx->cipher_info = cipher_info; @@ -244,7 +260,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ctx->psa_enabled == 1 ) { - /* TODO */ + /* TODO: Allocate and setup PSA key slot from raw key material. */ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From edda8b8830905044203375c0a1bf552818ede802 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 11:59:30 +0000 Subject: [PATCH 0746/2197] Implement mbedtls_cipher_setkey() for PSA-based cipher contexts This commit implements the internal key slot management performed by PSA-based cipher contexts. Specifically, `mbedtls_cipher_setkey()` wraps the provided raw key material into a key slot, and `mbedtls_cipher_free()` destroys that key slot. --- include/mbedtls/cipher_internal.h | 1 + library/cipher.c | 81 ++++++++++++++++++++++++++++--- 2 files changed, 75 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index f69645233..f1f0e2bde 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -121,6 +121,7 @@ typedef struct #if defined(MBEDTLS_USE_PSA_CRYPTO) typedef struct { + psa_algorithm_t alg; psa_key_slot_t slot; unsigned char slot_state; /*!< 0: The slot is unset. * 1: The slot is set and we own it. diff --git a/library/cipher.c b/library/cipher.c index 0bff79ee7..dccf43de4 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -60,6 +60,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" +#include "mbedtls/psa_util.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PLATFORM_C) @@ -176,7 +177,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) if( cipher_psa->slot_state == 1 ) { - /* TODO: Destroy PSA key */ + /* xxx_free() doesn't allow to return failures. */ + (void) psa_destroy_key( cipher_psa->slot ); } mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) ); @@ -234,15 +236,23 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ) { + psa_algorithm_t alg; + mbedtls_cipher_context_psa *cipher_psa; + if( NULL == cipher_info || NULL == ctx ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - ctx->cipher_ctx = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) ); - if( ctx->cipher_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode ); + if( alg == 0) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) ); + if( cipher_psa == NULL ) + return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + cipher_psa->alg = alg; + ctx->cipher_ctx = cipher_psa; ctx->cipher_info = cipher_info; ctx->psa_enabled = 1; return( 0 ); @@ -254,14 +264,71 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, int key_bitlen, const mbedtls_operation_t operation ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + if( NULL == ctx || NULL == ctx->cipher_info || + NULL == ctx->cipher_ctx ) + { return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + } + + if( operation != MBEDTLS_DECRYPT && + operation != MBEDTLS_ENCRYPT ) + { + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + } #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ctx->psa_enabled == 1 ) { - /* TODO: Allocate and setup PSA key slot from raw key material. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + mbedtls_cipher_context_psa * const cipher_psa = + (mbedtls_cipher_context_psa *) ctx->cipher_ctx; + + size_t const key_bytelen = ( (size_t) key_bitlen + 7 ) / 8; + + psa_status_t status; + psa_key_type_t key_type; + psa_key_usage_t key_usage; + psa_key_policy_t key_policy; + + /* PSA Crypto API only accepts byte-aligned keys. */ + if( key_bitlen % 8 != 0 ) + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + + /* Don't allow keys to be set multiple times. */ + if( cipher_psa->slot_state != 0 ) + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + + /* Find a fresh key slot to use. */ + status = mbedtls_psa_get_free_key_slot( &cipher_psa->slot ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + cipher_psa->slot_state = 1; /* Indicate that we own the key slot. */ + + /* From that point on, the responsibility for destroying the + * key slot is on mbedtls_cipher_free(). This includes the case + * where the policy setup or key import below fail, as + * mbedtls_cipher_free() needs to be called in any case. */ + + /* Setup policy for the new key slot. */ + psa_key_policy_init( &key_policy ); + key_usage = mbedtls_psa_translate_cipher_operation( operation ); + psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg ); + status = psa_set_key_policy( cipher_psa->slot, &key_policy ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + /* Populate new key slot. */ + key_type = mbedtls_psa_translate_cipher_type( + ctx->cipher_info->type ); + if( key_type == 0 ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + status = psa_import_key( cipher_psa->slot, + key_type, key, key_bytelen ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + ctx->key_bitlen = key_bitlen; + ctx->operation = operation; + return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 55e2e3d5cc6f94156d77cf65a588e3efb49651c9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 12:36:17 +0000 Subject: [PATCH 0747/2197] Implement PSA-based version of mbedtls_cipher_crypt() --- library/cipher.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 52 insertions(+), 2 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index dccf43de4..a83d3c6a6 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1194,8 +1194,58 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ctx->psa_enabled == 1 ) { - /* TODO */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + /* As in the non-PSA case, we don't check that + * a key has been set. If not, the key slot will + * still be in its default state of 0, which is + * guaranteed to be invalid, hence the PSA-call + * below will gracefully fail. */ + mbedtls_cipher_context_psa * const cipher_psa = + (mbedtls_cipher_context_psa *) ctx->cipher_ctx; + + psa_status_t status; + psa_cipher_operation_t cipher_op; + size_t part_len; + + if( ctx->operation == MBEDTLS_DECRYPT ) + { + status = psa_cipher_decrypt_setup( &cipher_op, + cipher_psa->slot, + cipher_psa->alg ); + } + else if( ctx->operation == MBEDTLS_ENCRYPT ) + { + status = psa_cipher_encrypt_setup( &cipher_op, + cipher_psa->slot, + cipher_psa->alg ); + } + else + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + + /* In the following, we can immediately return on an error, + * because the PSA Crypto API guarantees that cipher operations + * are terminated by unsuccessful calls to psa_cipher_update(), + * and by any call to psa_cipher_finish(). */ + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + status = psa_cipher_set_iv( &cipher_op, iv, iv_len ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + status = psa_cipher_update( &cipher_op, + input, ilen, + output, ilen, olen ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + status = psa_cipher_finish( &cipher_op, + output + *olen, ilen - *olen, + &part_len ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + *olen += part_len; + return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 58fc9aab549bdb995cc150c3113e601a5cccb82d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 12:46:35 +0000 Subject: [PATCH 0748/2197] Add AES-*-CBC test vectors for PSA-based cipher contexts --- tests/suites/test_suite_cipher.aes.data | 188 ++++++++++++++++++------ tests/suites/test_suite_cipher.function | 16 +- 2 files changed, 155 insertions(+), 49 deletions(-) diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index e81086360..1a8ff1e4b 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1512,187 +1512,283 @@ test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"00000000000000000000000 AES-128-ECB crypt Encrypt NIST KAT #1 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0 AES-128-ECB crypt Encrypt NIST KAT #2 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"f0000000000000000000000000000000":"":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"f0000000000000000000000000000000":"":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8":0:0 AES-128-ECB crypt Encrypt NIST KAT #3 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0:0 AES-128-ECB crypt Decrypt NIST KAT #1 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0:0 AES-128-ECB crypt Decrypt NIST KAT #2 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0:0 AES-128-ECB crypt Decrypt NIST KAT #3 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Encrypt NIST KAT #1 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0:0 AES-192-ECB crypt Encrypt NIST KAT #2 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0:0 AES-192-ECB crypt Encrypt NIST KAT #3 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0:0 AES-192-ECB crypt Encrypt NIST KAT #4 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0 AES-192-ECB crypt Decrypt NIST KAT #1 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #2 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #3 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0 AES-192-ECB crypt Decrypt NIST KAT #4 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0 AES-256-ECB crypt Encrypt NIST KAT #1 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0:0 AES-256-ECB crypt Encrypt NIST KAT #2 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0:0 AES-256-ECB crypt Encrypt NIST KAT #3 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0:0 AES-256-ECB crypt Encrypt NIST KAT #4 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0 AES-256-ECB crypt Decrypt NIST KAT #1 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #2 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #3 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0 AES-256-ECB crypt Decrypt NIST KAT #4 depends_on:MBEDTLS_AES_C -test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0 AES-128-CBC crypt Encrypt NIST KAT #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:0 AES-128-CBC crypt Encrypt NIST KAT #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:0 AES-128-CBC crypt Encrypt NIST KAT #3 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:0 AES-128-CBC crypt Encrypt NIST KAT #4 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0 AES-128-CBC crypt Decrypt NIST KAT #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:0 AES-128-CBC crypt Decrypt NIST KAT #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:0 AES-128-CBC crypt Decrypt NIST KAT #3 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:0 AES-128-CBC crypt Decrypt NIST KAT #4 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:0 AES-192-CBC crypt Encrypt NIST KAT #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:0 AES-192-CBC crypt Encrypt NIST KAT #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:0 AES-192-CBC crypt Encrypt NIST KAT #3 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:0 AES-192-CBC crypt Encrypt NIST KAT #4 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:0 AES-192-CBC crypt Decrypt NIST KAT #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:0 AES-192-CBC crypt Decrypt NIST KAT #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:0 AES-192-CBC crypt Decrypt NIST KAT #3 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:0 AES-192-CBC crypt Decrypt NIST KAT #4 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0 AES-256-CBC crypt Encrypt NIST KAT #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:0 AES-256-CBC crypt Encrypt NIST KAT #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:0 AES-256-CBC crypt Encrypt NIST KAT #3 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:0 AES-256-CBC crypt Encrypt NIST KAT #4 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:0 AES-256-CBC crypt Decrypt NIST KAT #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0 AES-256-CBC crypt Decrypt NIST KAT #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:0 AES-256-CBC crypt Decrypt NIST KAT #3 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:0 AES-256-CBC crypt Decrypt NIST KAT #4 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0 +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:0 + +AES-128-CBC crypt Encrypt NIST KAT #1 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1 + +AES-128-CBC crypt Encrypt NIST KAT #2 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1 + +AES-128-CBC crypt Encrypt NIST KAT #3 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1 + +AES-128-CBC crypt Encrypt NIST KAT #4 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1 + +AES-128-CBC crypt Decrypt NIST KAT #1 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1 + +AES-128-CBC crypt Decrypt NIST KAT #2 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1 + +AES-128-CBC crypt Decrypt NIST KAT #3 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1 + +AES-128-CBC crypt Decrypt NIST KAT #4 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 + +AES-192-CBC crypt Encrypt NIST KAT #1 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1 + +AES-192-CBC crypt Encrypt NIST KAT #2 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1 + +AES-192-CBC crypt Encrypt NIST KAT #3 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1 + +AES-192-CBC crypt Encrypt NIST KAT #4 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 + +AES-192-CBC crypt Decrypt NIST KAT #1 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 + +AES-192-CBC crypt Decrypt NIST KAT #2 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 + +AES-192-CBC crypt Decrypt NIST KAT #3 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 + +AES-192-CBC crypt Decrypt NIST KAT #4 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 + +AES-256-CBC crypt Encrypt NIST KAT #1 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1 + +AES-256-CBC crypt Encrypt NIST KAT #2 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1 + +AES-256-CBC crypt Encrypt NIST KAT #3 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1 + +AES-256-CBC crypt Encrypt NIST KAT #4 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 + +AES-256-CBC crypt Decrypt NIST KAT #1 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 + +AES-256-CBC crypt Decrypt NIST KAT #2 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 + +AES-256-CBC crypt Decrypt NIST KAT #3 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 + +AES-256-CBC crypt Decrypt NIST KAT #4 PSA +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 Cipher Corner Case behaviours depends_on:MBEDTLS_AES_C diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index c5bce7e50..da9dfa138 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -648,8 +648,8 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ void test_vec_crypt( int cipher_id, int operation, char *hex_key, - char *hex_iv, char *hex_input, char *hex_result, - int finish_result ) + char *hex_iv, char *hex_input, char *hex_result, + int finish_result, int use_psa ) { unsigned char key[50]; unsigned char input[16]; @@ -669,8 +669,18 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key, memset( iv, 0x00, sizeof( iv ) ); /* Prepare context */ +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + (void) use_psa; +#else + if( use_psa == 1 ) + { + TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, + mbedtls_cipher_info_from_type( cipher_id ) ) ); + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + mbedtls_cipher_info_from_type( cipher_id ) ) ); key_len = unhexify( key, hex_key ); inputlen = unhexify( input, hex_input ); From a395d8f1e998e7b472973f1cf9df3279fc3f622b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 13:33:16 +0000 Subject: [PATCH 0749/2197] Always configure PSA-based keys for encryption and decryption Mbed TLS cipher layer allows usage of keys for other purposes than indicated in the `operation` parameter of `mbedtls_cipher_setkey()`. The semantics of the PSA Crypto API, in contrast, checks key usage against the key policy. As a remedy, this commit modifies the PSA key slot setup to always allow both encryption and decryption. --- library/cipher.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/cipher.c b/library/cipher.c index a83d3c6a6..243c73918 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -310,7 +310,13 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, /* Setup policy for the new key slot. */ psa_key_policy_init( &key_policy ); - key_usage = mbedtls_psa_translate_cipher_operation( operation ); + + /* Mbed TLS' cipher layer doesn't enforce the mode of operation + * (encrypt vs. decrypt): it is possible to setup a key for encryption + * and use it for AEAD decryption. Until tests relying on this + * are changed, allow any usage in PSA. */ + /* key_usage = mbedtls_psa_translate_cipher_operation( operation ); */ + key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg ); status = psa_set_key_policy( cipher_psa->slot, &key_policy ); if( status != PSA_SUCCESS ) From 20120b373e27f423ade5cb185c4815d1e5685852 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 16:26:27 +0000 Subject: [PATCH 0750/2197] Add AEAD tag length to new mbedtls_cipher_setup_psa() For AEAD ciphers, the information contained in mbedtls_cipher_info is not enough to deduce a PSA algorithm value of type psa_algorithm_t. This is because mbedtls_cipher_info doesn't contain the AEAD tag length, while values of type psa_algorithm_t do. This commit adds the AEAD tag length as a separate parameter to mbedtls_cipher_setup_psa(). For Non-AEAD ciphers, the value must be 0. This approach is preferred over passing psa_algorithm_t directly in order to keep the changes in existing code using the cipher layer small. --- include/mbedtls/cipher.h | 9 ++++++++- library/cipher.c | 5 +++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index c2745e82f..eff12f687 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -434,6 +434,12 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * * \param ctx The context to initialize. May not be \c NULL. * \param cipher_info The cipher to use. + * \param taglen For AEAD ciphers, the length in bytes of the + * authentication tag to use. Subsequent uses of + * mbedtls_cipher_auth_encrypt() or + * mbedtls_cipher_auth_decrypt() must provide + * the same tag length. + * For non-AEAD ciphers, the value must be \c 0. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on @@ -442,7 +448,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * cipher-specific context fails. */ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info ); + const mbedtls_cipher_info_t *cipher_info, + size_t taglen ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** diff --git a/library/cipher.c b/library/cipher.c index 243c73918..0b7c887f0 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -234,7 +234,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info ) + const mbedtls_cipher_info_t *cipher_info, + size_t taglen ) { psa_algorithm_t alg; mbedtls_cipher_context_psa *cipher_psa; @@ -242,7 +243,7 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, if( NULL == cipher_info || NULL == ctx ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode ); + alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen ); if( alg == 0) return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); From fe73adee5ae72d5d0b4de8fcab8e2efa3b7f4bc4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 16:26:46 +0000 Subject: [PATCH 0751/2197] Implement PSA-based AEAD enc/dec cipher operations --- library/cipher.c | 57 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 53 insertions(+), 4 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 0b7c887f0..c03b0528c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1289,8 +1289,32 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ctx->psa_enabled == 1 ) { - /* TODO */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + /* As in the non-PSA case, we don't check that + * a key has been set. If not, the key slot will + * still be in its default state of 0, which is + * guaranteed to be invalid, hence the PSA-call + * below will gracefully fail. */ + mbedtls_cipher_context_psa * const cipher_psa = + (mbedtls_cipher_context_psa *) ctx->cipher_ctx; + + psa_status_t status; + + /* PSA Crypto API always writes the authentication tag + * at the end of the encrypted message. */ + if( tag != output + ilen ) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + + status = psa_aead_encrypt( cipher_psa->slot, + cipher_psa->alg, + iv, iv_len, + ad, ad_len, + input, ilen, + output, ilen + tag_len, olen ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + *olen -= tag_len; + return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -1344,8 +1368,33 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ctx->psa_enabled == 1 ) { - /* TODO */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + /* As in the non-PSA case, we don't check that + * a key has been set. If not, the key slot will + * still be in its default state of 0, which is + * guaranteed to be invalid, hence the PSA-call + * below will gracefully fail. */ + mbedtls_cipher_context_psa * const cipher_psa = + (mbedtls_cipher_context_psa *) ctx->cipher_ctx; + + psa_status_t status; + + /* PSA Crypto API always writes the authentication tag + * at the end of the encrypted message. */ + if( tag != input + ilen ) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + + status = psa_aead_decrypt( cipher_psa->slot, + cipher_psa->alg, + iv, iv_len, + ad, ad_len, + input, ilen + tag_len, + output, ilen, olen ); + if( status == PSA_ERROR_INVALID_SIGNATURE ) + return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); + else if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + + return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 1ccb1d614db77b2c00ff1f339c77d08413b28ee3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 12 Nov 2018 16:27:30 +0000 Subject: [PATCH 0752/2197] Test PSA-based CCM cipher operations --- tests/suites/test_suite_cipher.ccm.data | 623 ++++++++++++++---- .../suites/test_suite_cipher.chachapoly.data | 4 +- tests/suites/test_suite_cipher.function | 92 ++- 3 files changed, 570 insertions(+), 149 deletions(-) diff --git a/tests/suites/test_suite_cipher.ccm.data b/tests/suites/test_suite_cipher.ccm.data index 264ce9925..79725008f 100644 --- a/tests/suites/test_suite_cipher.ccm.data +++ b/tests/suites/test_suite_cipher.ccm.data @@ -1,480 +1,863 @@ AES-128-CCM test vector NIST #1 (P=0, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":0 AES-128-CCM test vector NIST #2 (P=0, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":0 AES-128-CCM test vector NIST #3 (P=0, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":0 AES-128-CCM test vector NIST #4 (P=0, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":0 AES-128-CCM test vector NIST #5 (P=0, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":0 AES-128-CCM test vector NIST #6 (P=0, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":0 AES-128-CCM test vector NIST #7 (P=0, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":0 AES-128-CCM test vector NIST #8 (P=0, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":0 AES-128-CCM test vector NIST #9 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0 AES-128-CCM test vector NIST #10 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":0 AES-128-CCM test vector NIST #11 (P=24, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0 AES-128-CCM test vector NIST #12 (P=24, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":0 AES-128-CCM test vector NIST #13 (P=24, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0 AES-128-CCM test vector NIST #14 (P=24, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":0 AES-128-CCM test vector NIST #15 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0 AES-128-CCM test vector NIST #16 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":0 AES-128-CCM test vector NIST #17 (P=0, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":0 AES-128-CCM test vector NIST #18 (P=0, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":0 AES-128-CCM test vector NIST #19 (P=0, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":0 AES-128-CCM test vector NIST #20 (P=0, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":0 AES-128-CCM test vector NIST #21 (P=0, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":0 AES-128-CCM test vector NIST #22 (P=0, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":0 AES-128-CCM test vector NIST #23 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":0 AES-128-CCM test vector NIST #24 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":0 AES-128-CCM test vector NIST #25 (P=24, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0 AES-128-CCM test vector NIST #26 (P=24, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":0 AES-128-CCM test vector NIST #27 (P=24, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0 AES-128-CCM test vector NIST #28 (P=24, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":0 AES-128-CCM test vector NIST #29 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0 AES-128-CCM test vector NIST #30 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":0 AES-128-CCM test vector NIST #31 (P=24, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0 AES-128-CCM test vector NIST #32 (P=24, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":0 AES-192-CCM test vector NIST #1 (P=0, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":0 AES-192-CCM test vector NIST #2 (P=0, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":0 AES-192-CCM test vector NIST #3 (P=0, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":0 AES-192-CCM test vector NIST #4 (P=0, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":0 AES-192-CCM test vector NIST #5 (P=0, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":0 AES-192-CCM test vector NIST #6 (P=0, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":0 AES-192-CCM test vector NIST #7 (P=0, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":0 AES-192-CCM test vector NIST #8 (P=0, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":0 AES-192-CCM test vector NIST #9 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0 AES-192-CCM test vector NIST #10 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":0 AES-192-CCM test vector NIST #11 (P=24, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0 AES-192-CCM test vector NIST #12 (P=24, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":0 AES-192-CCM test vector NIST #13 (P=24, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0 AES-192-CCM test vector NIST #14 (P=24, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":0 AES-192-CCM test vector NIST #15 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0 AES-192-CCM test vector NIST #16 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":0 AES-192-CCM test vector NIST #17 (P=0, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":0 AES-192-CCM test vector NIST #18 (P=0, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":0 AES-192-CCM test vector NIST #19 (P=0, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":0 AES-192-CCM test vector NIST #20 (P=0, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":0 AES-192-CCM test vector NIST #21 (P=0, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":0 AES-192-CCM test vector NIST #22 (P=0, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":0 AES-192-CCM test vector NIST #23 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":0 AES-192-CCM test vector NIST #24 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":0 AES-192-CCM test vector NIST #25 (P=24, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0 AES-192-CCM test vector NIST #26 (P=24, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":0 AES-192-CCM test vector NIST #27 (P=24, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0 AES-192-CCM test vector NIST #28 (P=24, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":0 AES-192-CCM test vector NIST #29 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0 AES-192-CCM test vector NIST #30 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":0 AES-192-CCM test vector NIST #31 (P=24, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0 AES-192-CCM test vector NIST #32 (P=24, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":0 AES-256-CCM test vector NIST #1 (P=0, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":0 AES-256-CCM test vector NIST #2 (P=0, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":0 AES-256-CCM test vector NIST #3 (P=0, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":0 AES-256-CCM test vector NIST #4 (P=0, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":0 AES-256-CCM test vector NIST #5 (P=0, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":0 AES-256-CCM test vector NIST #6 (P=0, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":0 AES-256-CCM test vector NIST #7 (P=0, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":0 AES-256-CCM test vector NIST #8 (P=0, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":0 AES-256-CCM test vector NIST #9 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0 AES-256-CCM test vector NIST #10 (P=24, N=7, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":0 AES-256-CCM test vector NIST #11 (P=24, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0 AES-256-CCM test vector NIST #12 (P=24, N=7, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":0 AES-256-CCM test vector NIST #13 (P=24, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0 AES-256-CCM test vector NIST #14 (P=24, N=13, A=0, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":0 AES-256-CCM test vector NIST #15 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0 AES-256-CCM test vector NIST #16 (P=24, N=13, A=0, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":0 AES-256-CCM test vector NIST #17 (P=0, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":0 AES-256-CCM test vector NIST #18 (P=0, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":0 AES-256-CCM test vector NIST #19 (P=0, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":0 AES-256-CCM test vector NIST #20 (P=0, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":0 AES-256-CCM test vector NIST #21 (P=0, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":0 AES-256-CCM test vector NIST #22 (P=0, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":0 AES-256-CCM test vector NIST #23 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":0 AES-256-CCM test vector NIST #24 (P=0, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":0 AES-256-CCM test vector NIST #25 (P=24, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0 AES-256-CCM test vector NIST #26 (P=24, N=7, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":0 AES-256-CCM test vector NIST #27 (P=24, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0 AES-256-CCM test vector NIST #28 (P=24, N=7, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":0 AES-256-CCM test vector NIST #29 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0 AES-256-CCM test vector NIST #30 (P=24, N=13, A=32, T=4) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":0 AES-256-CCM test vector NIST #31 (P=24, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0 AES-256-CCM test vector NIST #32 (P=24, N=13, A=32, T=16) depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":0 Camellia-CCM test vector RFC 5528 #1 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":0 Camellia-CCM test vector RFC 5528 #2 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":0 Camellia-CCM test vector RFC 5528 #3 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":0 Camellia-CCM test vector RFC 5528 #4 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E":0 Camellia-CCM test vector RFC 5528 #5 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F":0 Camellia-CCM test vector RFC 5528 #6 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":0 Camellia-CCM test vector RFC 5528 #7 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":0 Camellia-CCM test vector RFC 5528 #8 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":0 Camellia-CCM test vector RFC 5528 #9 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":0 Camellia-CCM test vector RFC 5528 #10 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E":0 Camellia-CCM test vector RFC 5528 #11 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F":0 Camellia-CCM test vector RFC 5528 #12 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":0 Camellia-CCM test vector RFC 5528 #13 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3":0 Camellia-CCM test vector RFC 5528 #14 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7":0 Camellia-CCM test vector RFC 5528 #15 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08":0 Camellia-CCM test vector RFC 5528 #16 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B":0 Camellia-CCM test vector RFC 5528 #17 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7":0 Camellia-CCM test vector RFC 5528 #18 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9":0 Camellia-CCM test vector RFC 5528 #19 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D":0 Camellia-CCM test vector RFC 5528 #20 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC":0 Camellia-CCM test vector RFC 5528 #21 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB":0 Camellia-CCM test vector RFC 5528 #22 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E":0 Camellia-CCM test vector RFC 5528 #23 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7":0 Camellia-CCM test vector RFC 5528 #24 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C -auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D" +auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":0 +AES-128-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":1 + +AES-128-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":1 + +AES-128-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":1 + +AES-128-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":1 + +AES-128-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":1 + +AES-128-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":1 + +AES-128-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":1 + +AES-128-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":1 + +AES-128-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 + +AES-128-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":1 + +AES-128-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 + +AES-128-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":1 + +AES-128-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 + +AES-128-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":1 + +AES-128-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 + +AES-128-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":1 + +AES-128-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":1 + +AES-128-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":1 + +AES-128-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":1 + +AES-128-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":1 + +AES-128-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":1 + +AES-128-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":1 + +AES-128-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":1 + +AES-128-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":1 + +AES-128-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 + +AES-128-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":1 + +AES-128-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 + +AES-128-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":1 + +AES-128-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 + +AES-128-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":1 + +AES-128-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 + +AES-128-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":1 + +AES-192-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":1 + +AES-192-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":1 + +AES-192-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":1 + +AES-192-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":1 + +AES-192-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":1 + +AES-192-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":1 + +AES-192-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":1 + +AES-192-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":1 + +AES-192-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 + +AES-192-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":1 + +AES-192-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 + +AES-192-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":1 + +AES-192-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 + +AES-192-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":1 + +AES-192-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 + +AES-192-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":1 + +AES-192-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":1 + +AES-192-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":1 + +AES-192-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":1 + +AES-192-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":1 + +AES-192-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":1 + +AES-192-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":1 + +AES-192-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":1 + +AES-192-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":1 + +AES-192-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 + +AES-192-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":1 + +AES-192-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 + +AES-192-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":1 + +AES-192-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 + +AES-192-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":1 + +AES-192-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 + +AES-192-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":1 + +AES-256-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":1 + +AES-256-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":1 + +AES-256-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":1 + +AES-256-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":1 + +AES-256-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":1 + +AES-256-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":1 + +AES-256-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":1 + +AES-256-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":1 + +AES-256-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1 + +AES-256-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":1 + +AES-256-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1 + +AES-256-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":1 + +AES-256-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1 + +AES-256-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":1 + +AES-256-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1 + +AES-256-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":1 + +AES-256-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":1 + +AES-256-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":1 + +AES-256-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":1 + +AES-256-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":1 + +AES-256-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":1 + +AES-256-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":1 + +AES-256-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":1 + +AES-256-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":1 + +AES-256-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1 + +AES-256-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":1 + +AES-256-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1 + +AES-256-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":1 + +AES-256-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1 + +AES-256-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":1 + +AES-256-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1 + +AES-256-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":1 diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data index 9d74d5663..7310a84d7 100644 --- a/tests/suites/test_suite_cipher.chachapoly.data +++ b/tests/suites/test_suite_cipher.chachapoly.data @@ -112,11 +112,11 @@ enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:16:16:-1:16:16:16:16 ChaCha20+Poly1305 RFC 7539 Test Vector #1 depends_on:MBEDTLS_CHACHAPOLY_C -auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d" +auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":0 ChaCha20+Poly1305 RFC 7539 Test Vector #1 Unauthentic (1st bit flipped) depends_on:MBEDTLS_CHACHAPOLY_C -auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":"":0 Chacha20+Poly1305 RFC 7539 Test Vector #1 (streaming) depends_on:MBEDTLS_CHACHAPOLY_C diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index da9dfa138..ada7347c8 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -542,33 +542,66 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, data_t * ad, data_t * cipher, data_t * tag, - char * result, data_t * clear ) + char * result, data_t * clear, int use_psa ) { + /* Takes an AEAD ciphertext + tag and performs a pair + * of AEAD decryption and AEAD encryption. It checks that + * this results in the expected plaintext, and that + * decryption and encryption are inverse to one another. */ + int ret; - unsigned char output[267]; /* above + 2 (overwrite check) */ - unsigned char my_tag[20]; + unsigned char output[300]; /* Temporary buffer for results of + * encryption and decryption. */ + unsigned char *output_tag = NULL; /* Temporary buffer for tag in the + * encryption step. */ + mbedtls_cipher_context_t ctx; size_t outlen; + unsigned char *tmp_tag = NULL; + unsigned char *tmp_cipher = NULL; + mbedtls_cipher_init( &ctx ); - memset( output, 0xFF, sizeof( output ) ); - memset( my_tag, 0xFF, sizeof( my_tag ) ); - /* Prepare context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) ); +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + (void) use_psa; +#else + if( use_psa == 1 ) + { + /* PSA requires that the tag immediately follows the ciphertext. */ + tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len ); + TEST_ASSERT( tmp_cipher != NULL ); + tmp_tag = tmp_cipher + cipher->len; + + memcpy( tmp_cipher, cipher->x, cipher->len ); + memcpy( tmp_tag, tag->x, tag->len ); + + TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, + mbedtls_cipher_info_from_type( cipher_id ), + tag->len ) ); + } + else +#endif + { + tmp_tag = tag->x; + tmp_cipher = cipher->x; + TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, + mbedtls_cipher_info_from_type( cipher_id ) ) ); + } + + TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, + MBEDTLS_DECRYPT ) ); /* decode buffer and check tag->x */ - ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - cipher->x, cipher->len, output, &outlen, - tag->x, tag->len ); - /* make sure we didn't overwrite */ - TEST_ASSERT( output[outlen + 0] == 0xFF ); - TEST_ASSERT( output[outlen + 1] == 0xFF ); + /* Sanity check that we don't use overly long inputs. */ + TEST_ASSERT( sizeof( output ) >= cipher->len ); + + ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, + tmp_cipher, cipher->len, output, &outlen, + tmp_tag, tag->len ); /* make sure the message is rejected if it should be */ if( strcmp( result, "FAIL" ) == 0 ) @@ -587,23 +620,28 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, memset( output, 0xFF, sizeof( output ) ); outlen = 0; + /* Sanity check that we don't use overly long inputs. */ + TEST_ASSERT( sizeof( output ) >= clear->len + tag->len ); + + output_tag = output + clear->len; ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len, clear->x, clear->len, output, &outlen, - my_tag, tag->len ); + output_tag, tag->len ); TEST_ASSERT( ret == 0 ); TEST_ASSERT( outlen == clear->len ); - TEST_ASSERT( memcmp( output, cipher->x, clear->len ) == 0 ); - TEST_ASSERT( memcmp( my_tag, tag->x, tag->len ) == 0 ); - - /* make sure we didn't overwrite */ - TEST_ASSERT( output[outlen + 0] == 0xFF ); - TEST_ASSERT( output[outlen + 1] == 0xFF ); - TEST_ASSERT( my_tag[tag->len + 0] == 0xFF ); - TEST_ASSERT( my_tag[tag->len + 1] == 0xFF ); - + TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 ); + TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 ); exit: + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( use_psa == 1 ) + { + mbedtls_free( tmp_cipher ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_cipher_free( &ctx ); } /* END_CASE */ @@ -675,12 +713,12 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key, if( use_psa == 1 ) { TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + mbedtls_cipher_info_from_type( cipher_id ), 0 ) ); } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + mbedtls_cipher_info_from_type( cipher_id ) ) ); key_len = unhexify( key, hex_key ); inputlen = unhexify( input, hex_input ); From 78115ac4784e1c70511a83e75f9743b032b0765f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 18:04:13 +0000 Subject: [PATCH 0753/2197] Adapt existing Cipher-GCM test cases to new param for auth_crypt_tv --- tests/suites/test_suite_cipher.gcm.data | 1008 +++++++++++------------ 1 file changed, 504 insertions(+), 504 deletions(-) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 5e7911838..0a0bd069c 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -704,2016 +704,2016 @@ decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f94673 AES-GCM NIST Validation (AES-128,128,0,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45" +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"" +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0 From e15c71ca722320d25301cd17d130df74afbfb6ac Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Nov 2018 18:04:56 +0000 Subject: [PATCH 0754/2197] Test PSA-based GCM cipher operations --- tests/suites/test_suite_cipher.gcm.data | 2016 +++++++++++++++++++++++ 1 file changed, 2016 insertions(+) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 0a0bd069c..cf90336a5 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -2717,3 +2717,2019 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc3 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":1 + +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1 + +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1 \ No newline at end of file From 4ee7e76378a7ee3e62f1bde1cdf868589926de17 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 17 Nov 2018 22:00:38 +0000 Subject: [PATCH 0755/2197] Check support for cipher in mbedtls_cipher_setup_psa() mbedtls_cipher_setup_psa() should return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE when the requested cipher is not supported by PSA, so that the caller can try the original mbedtls_cipher_setup() instead. The previous version of mbedtls_cipher_setup_psa(), however, only attempted to translate the cipher mode (GCM, CCM, CBC, ChaChaPoly, Stream), but didn't consider the underlying cipher primitive. Hence, it wouldn't fail when attempting to setup a cipher context for, say, 3DES-CBC, where CBC is currently supported by PSA but 3DES isn't. This commit adds a check to mbedtls_cipher_setup_psa() for whether the requested cipher primitive is available in the underlying PSA Crypto implementation, and fails cleanly with MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE if it is isn't. --- library/cipher.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/cipher.c b/library/cipher.c index c03b0528c..e9a1a07a0 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -243,8 +243,12 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, if( NULL == cipher_info || NULL == ctx ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + /* Check that the underlying cipher mode and cipher type are + * supported by the underlying PSA Crypto implementation. */ alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen ); - if( alg == 0) + if( alg == 0 ) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 ) return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); From 190865523191330955cf12f6e47620a3a1033fbf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 17 Nov 2018 22:11:16 +0000 Subject: [PATCH 0756/2197] Use enum for slot state in PSA-based cipher context --- include/mbedtls/cipher_internal.h | 20 ++++++++++++++++---- library/cipher.c | 8 +++++--- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index f1f0e2bde..cecad9a8d 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -119,14 +119,26 @@ typedef struct } mbedtls_cipher_definition_t; #if defined(MBEDTLS_USE_PSA_CRYPTO) +typedef enum +{ + MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, + MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts + * which use raw key material internally + * imported into a freshly allocated key slot, + * and which hence need to destroy that key + * slot when they are no longer needed. */ + MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts + * which use a key from a key slot + * provided by the user, and which hence + * should not be destroyed when the + * context is no longer needed. */ +} mbedtls_cipher_psa_key_ownership; + typedef struct { psa_algorithm_t alg; psa_key_slot_t slot; - unsigned char slot_state; /*!< 0: The slot is unset. - * 1: The slot is set and we own it. - * 2: The slot is set but we don't own it. */ - + mbedtls_cipher_psa_key_ownership slot_state; } mbedtls_cipher_context_psa; #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/cipher.c b/library/cipher.c index e9a1a07a0..95146ac63 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -175,7 +175,7 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) mbedtls_cipher_context_psa * const cipher_psa = (mbedtls_cipher_context_psa *) ctx->cipher_ctx; - if( cipher_psa->slot_state == 1 ) + if( cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED ) { /* xxx_free() doesn't allow to return failures. */ (void) psa_destroy_key( cipher_psa->slot ); @@ -299,14 +299,16 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* Don't allow keys to be set multiple times. */ - if( cipher_psa->slot_state != 0 ) + if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* Find a fresh key slot to use. */ status = mbedtls_psa_get_free_key_slot( &cipher_psa->slot ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - cipher_psa->slot_state = 1; /* Indicate that we own the key slot. */ + /* Indicate that we own the key slot and need to + * destroy it in mbedtls_cipher_free(). */ + cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; /* From that point on, the responsibility for destroying the * key slot is on mbedtls_cipher_free(). This includes the case From fea491545922d2ff6a74977112102a9afc8c01ef Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 17 Nov 2018 22:15:20 +0000 Subject: [PATCH 0757/2197] Minor rewording in documentation of PSA-based cipher context --- include/mbedtls/cipher.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index eff12f687..1d68b12ef 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -326,8 +326,8 @@ typedef struct mbedtls_cipher_context_t /** Indicates whether the cipher operations should be performed * by Mbed TLS' own crypto library or an external implementation * of the PSA Crypto API. - * This is unset if the cipher context is setup through - * mbedtls_cipher_setup(), and set if it is setup through + * This is unset if the cipher context is established through + * mbedtls_cipher_setup(), and set if it is established through * mbedtls_cipher_setup_psa(). */ unsigned char psa_enabled; From 91cb605032f776266651e90920ea9d02fbc9a085 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 13:47:15 +0000 Subject: [PATCH 0758/2197] Add missing newline at the end of test_suite_cipher.gcm.data --- tests/suites/test_suite_cipher.gcm.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index cf90336a5..03d08ce32 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -4732,4 +4732,4 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc3 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1 \ No newline at end of file +auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1 From 9de97d7773d98fd57eab08c0b03a14fa9ee9b2c7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Nov 2018 14:05:48 +0000 Subject: [PATCH 0759/2197] Don't use multiline comments in enums to silence check-names.sh The sanity checking script tests/scripts/check-names.sh uses a simple state machine paired with a sequence of `sed` commands to extract enumeration constants from the code. This code, however, doesn't work properly when using multiline comments in enumerations such as recently done in the constants MBEDTLS_CIPHER_PSA_KEY_XXX. This commit doesn't attempt to make check-names.sh more robust but instead uses /* ... */ comment indicators in each comment line, while silences check-names.sh. Increasing the robustness of check-names.sh is instead tracked in #2210. --- include/mbedtls/cipher_internal.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index cecad9a8d..6687b362d 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -122,16 +122,16 @@ typedef struct typedef enum { MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, - MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts - * which use raw key material internally - * imported into a freshly allocated key slot, - * and which hence need to destroy that key - * slot when they are no longer needed. */ - MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts - * which use a key from a key slot - * provided by the user, and which hence - * should not be destroyed when the - * context is no longer needed. */ + MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ + /* use raw key material internally imported */ + /* into a allocated key slot, and which */ + /* hence need to destroy that key slot */ + /* when they are no longer needed. */ + MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts */ + /* which use a key from a key slot */ + /* provided by the user, and which */ + /* hence should not be destroyed when */ + /* the context is no longer needed. */ } mbedtls_cipher_psa_key_ownership; typedef struct From 7b056296419d23fd5cc59c98d600615a54813466 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Nov 2018 11:34:03 +0000 Subject: [PATCH 0760/2197] Return 'Feature unavailable' error for ciphers unsupported by PSA --- library/cipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/cipher.c b/library/cipher.c index 95146ac63..1cc0beb28 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -333,7 +333,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, key_type = mbedtls_psa_translate_cipher_type( ctx->cipher_info->type ); if( key_type == 0 ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); status = psa_import_key( cipher_psa->slot, key_type, key, key_bytelen ); if( status != PSA_SUCCESS ) From 432084d3f82118f6b77063327c4ba30e7b8143df Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Nov 2018 11:34:34 +0000 Subject: [PATCH 0761/2197] Improve doc wording of PSA status field of mbedtls_cipher_context_t --- include/mbedtls/cipher.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 1d68b12ef..d6ecac652 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -326,8 +326,8 @@ typedef struct mbedtls_cipher_context_t /** Indicates whether the cipher operations should be performed * by Mbed TLS' own crypto library or an external implementation * of the PSA Crypto API. - * This is unset if the cipher context is established through - * mbedtls_cipher_setup(), and set if it is established through + * This is unset if the cipher context was established through + * mbedtls_cipher_setup(), and set if it was established through * mbedtls_cipher_setup_psa(). */ unsigned char psa_enabled; From be3ffba33db8eec8e61d661bd2d33460455b8e41 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 15:21:18 +0000 Subject: [PATCH 0762/2197] Setup PSA-based cipher context in mbedtls_ssl_derive_keys() This commit changes the code path in mbedtls_ssl_derive_keys() responsible for setting up record protection cipher contexts to attempt to use the new API mbedtls_cipher_setup_psa() in case MBEDTLS_USE_PSA_CRYPTO is set. For that, the AEAD tag length must be provided, which is already computed earlier in mbedtls_ssl_derive_keys() and only needs to be stored a function scope to be available for mbedtls_cipher_setup_psa(). If mbedtls_cipher_setup_psa() fails cleanly indicating that the requested cipher is not supported in PSA, we fall through to the default setup using mbedtls_cipher_setup(). However, we print a debug message in this case, to allow catching the fallthrough in tests where we know we're using a cipher which should be supported by PSA. --- library/ssl_tls.c | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 82e65251f..acfb3de82 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -618,6 +618,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) unsigned char *mac_dec; size_t mac_key_len; size_t iv_copy_len; + size_t taglen = 0; const mbedtls_cipher_info_t *cipher_info; const mbedtls_md_info_t *md_info; @@ -810,7 +811,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) cipher_info->mode == MBEDTLS_MODE_CCM || cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) { - size_t taglen, explicit_ivlen; + size_t explicit_ivlen; transform->maclen = 0; mac_key_len = 0; @@ -1030,6 +1031,22 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) } #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, + cipher_info, taglen ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + return( ret ); + } + + if( ret == 0 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) ); + else + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); + + if( ret != 0 ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, cipher_info ) ) != 0 ) { @@ -1037,6 +1054,23 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) return( ret ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, + cipher_info, taglen ); + + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + return( ret ); + } + + if( ret == 0 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) ); + else + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); + + if( ret != 0 ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, cipher_info ) ) != 0 ) { From 2dd04907e2dd6f4e403856b62eede1e7bc14efba Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 17:27:29 +0000 Subject: [PATCH 0763/2197] Omit tests from ssl-opt.sh which force a disabled ciphersuite --- tests/ssl-opt.sh | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ce9aee28a..2e2f4f1ab 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -185,6 +185,12 @@ requires_config_value_at_most() { fi } +requires_ciphersuite_enabled() { + if [ -z "$($P_CLI --help | grep "$1")" ]; then + SKIP_NEXT="YES" + fi +} + # skip next test if OpenSSL doesn't support FALLBACK_SCSV requires_openssl_with_fallback_scsv() { if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then @@ -519,14 +525,6 @@ run_test() { SKIP_NEXT="YES" fi - # should we skip? - if [ "X$SKIP_NEXT" = "XYES" ]; then - SKIP_NEXT="NO" - echo "SKIP" - SKIPS=$(( $SKIPS + 1 )) - return - fi - # does this test use a proxy? if [ "X$1" = "X-p" ]; then PXY_CMD="$2" @@ -541,6 +539,26 @@ run_test() { CLI_EXPECT="$3" shift 3 + # Check if server forces ciphersuite + FORCE_CIPHERSUITE=$(echo "$SRV_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p') + if [ ! -z "$FORCE_CIPHERSUITE" ]; then + requires_ciphersuite_enabled $FORCE_CIPHERSUITE + fi + + # Check if client forces ciphersuite + FORCE_CIPHERSUITE=$(echo "$CLI_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p') + if [ ! -z "$FORCE_CIPHERSUITE" ]; then + requires_ciphersuite_enabled $FORCE_CIPHERSUITE + fi + + # should we skip? + if [ "X$SKIP_NEXT" = "XYES" ]; then + SKIP_NEXT="NO" + echo "SKIP" + SKIPS=$(( $SKIPS + 1 )) + return + fi + # fix client port if [ -n "$PXY_CMD" ]; then CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g ) From f43177d1d07e1cc013bb9583ef13a3be4f168bac Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Nov 2018 17:28:40 +0000 Subject: [PATCH 0764/2197] Add runs for specific PSA-supported ciphersuites to ssl-opt.sh So far, make sure we test the following ciphersuites without any fallback to non-PSA ciphers: TLS-ECDHE-ECDSA-WITH-AES-128-CCM TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 TLS-ECDHE-ECDSA-WITH-AES-256-CCM TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 --- tests/ssl-opt.sh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 2e2f4f1ab..6b24a2978 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -752,6 +752,23 @@ run_test() { rm -f $SRV_OUT $CLI_OUT $PXY_OUT } +run_test_psa() { + requires_config_enabled MBEDTLS_USE_PSA_CRYPTO + run_test "Default, PSA ($1)" \ + "$P_SRV debug_level=1 force_version=tls1_2" \ + "$P_CLI debug_level=1 force_version=tls1_2 force_ciphersuite=$1" \ + 0 \ + -c "Successfully setup PSA-based decryption cipher context" \ + -c "Successfully setup PSA-based encryption cipher context" \ + -s "Successfully setup PSA-based decryption cipher context" \ + -s "Successfully setup PSA-based encryption cipher context" \ + -C "Failed to setup PSA-based cipher context"\ + -S "Failed to setup PSA-based cipher context"\ + -s "Protocol is TLSv1.2" \ + -S "error" \ + -C "error" +} + cleanup() { rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1 @@ -883,6 +900,18 @@ run_test "Default, DTLS" \ -s "Protocol is DTLSv1.2" \ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" +# Test ciphersuites which we expect to be fully supported by PSA Crypto +# and check that we don't fall back to Mbed TLS' internal crypto primitives. +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 + # Test current time in ServerHello requires_config_enabled MBEDTLS_HAVE_TIME run_test "ServerHello contains gmt_unix_time" \ From 4724645e28edcf1dacaea515baddff8e71608420 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 17 Nov 2018 21:18:01 +0000 Subject: [PATCH 0765/2197] Introduce macros for constants in SSL ticket implementation --- library/ssl_ticket.c | 56 ++++++++++++++++++++++++++++++-------------- 1 file changed, 38 insertions(+), 18 deletions(-) diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 985b7cd50..6692187a0 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -54,6 +54,19 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) #define MAX_KEY_BYTES 32 /* 256 bits */ +#define TICKET_KEY_NAME_BYTES 4 +#define TICKET_IV_BYTES 12 +#define TICKET_CRYPT_LEN_BYTES 2 +#define TICKET_AUTH_TAG_BYTES 16 + +#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES + \ + TICKET_AUTH_TAG_BYTES ) +#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES ) + /* * Generate/update a key */ @@ -278,6 +291,7 @@ static int ssl_load_session( mbedtls_ssl_session *session, * The key_name, iv, and length of encrypted_state are the additional * authenticated data. */ + int mbedtls_ssl_ticket_write( void *p_ticket, const mbedtls_ssl_session *session, unsigned char *start, @@ -289,9 +303,9 @@ int mbedtls_ssl_ticket_write( void *p_ticket, mbedtls_ssl_ticket_context *ctx = p_ticket; mbedtls_ssl_ticket_key *key; unsigned char *key_name = start; - unsigned char *iv = start + 4; - unsigned char *state_len_bytes = iv + 12; - unsigned char *state = state_len_bytes + 2; + unsigned char *iv = start + TICKET_KEY_NAME_BYTES; + unsigned char *state_len_bytes = iv + TICKET_IV_BYTES; + unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES; unsigned char *tag; size_t clear_len, ciph_len; @@ -302,7 +316,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket, /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag, * in addition to session itself, that will be checked when writing it. */ - if( end - start < 4 + 12 + 2 + 16 ) + if( end - start < TICKET_MIN_LEN ) return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_THREADING_C) @@ -317,9 +331,9 @@ int mbedtls_ssl_ticket_write( void *p_ticket, *ticket_lifetime = ctx->ticket_lifetime; - memcpy( key_name, key->name, 4 ); + memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES ); - if( ( ret = ctx->f_rng( ctx->p_rng, iv, 12 ) ) != 0 ) + if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 ) goto cleanup; /* Dump session state */ @@ -335,8 +349,11 @@ int mbedtls_ssl_ticket_write( void *p_ticket, /* Encrypt and authenticate */ tag = state + clear_len; if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx, - iv, 12, key_name, 4 + 12 + 2, - state, clear_len, state, &ciph_len, tag, 16 ) ) != 0 ) + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + state, clear_len, state, &ciph_len, + tag, TICKET_AUTH_TAG_BYTES ) ) != 0 ) { goto cleanup; } @@ -346,7 +363,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket, goto cleanup; } - *tlen = 4 + 12 + 2 + 16 + ciph_len; + *tlen = TICKET_MIN_LEN + ciph_len; cleanup: #if defined(MBEDTLS_THREADING_C) @@ -385,17 +402,16 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, mbedtls_ssl_ticket_context *ctx = p_ticket; mbedtls_ssl_ticket_key *key; unsigned char *key_name = buf; - unsigned char *iv = buf + 4; - unsigned char *enc_len_p = iv + 12; - unsigned char *ticket = enc_len_p + 2; + unsigned char *iv = buf + TICKET_KEY_NAME_BYTES; + unsigned char *enc_len_p = iv + TICKET_IV_BYTES; + unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES; unsigned char *tag; size_t enc_len, clear_len; if( ctx == NULL || ctx->f_rng == NULL ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - /* See mbedtls_ssl_ticket_write() */ - if( len < 4 + 12 + 2 + 16 ) + if( len < TICKET_MIN_LEN ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); #if defined(MBEDTLS_THREADING_C) @@ -409,7 +425,7 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; tag = ticket + enc_len; - if( len != 4 + 12 + 2 + enc_len + 16 ) + if( len != TICKET_MIN_LEN + enc_len ) { ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; goto cleanup; @@ -425,9 +441,13 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, } /* Decrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, iv, 12, - key_name, 4 + 12 + 2, ticket, enc_len, - ticket, &clear_len, tag, 16 ) ) != 0 ) + if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + ticket, enc_len, + ticket, &clear_len, + tag, TICKET_AUTH_TAG_BYTES ) ) != 0 ) { if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) ret = MBEDTLS_ERR_SSL_INVALID_MAC; From 329919eadf05abc9c992d85d7e38aaf9ef9a0641 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 17 Nov 2018 21:25:59 +0000 Subject: [PATCH 0766/2197] Use PSA-based ciphers for SSL ticket protection This commit modifies the default SSL ticket implementation from `library/ssl_ticket.c` to use PSA-based cipher context for ticket creation and parsing. As in mbedtls_ssl_derive_keys() adapted in an earlier commit, we allow fallback to the ordinary mbedtls_cipher_setup() if the provided cipher is not known. We do this even though we always call mbedtls_ssl_ticket_setup() with AES-GCM in our own code since this function is public and might be used with other ciphers by users. --- library/ssl_ticket.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 6692187a0..9fc690f4c 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -154,11 +154,27 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 || - ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) - { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + return( ret ); + /* We don't yet expect to support all ciphers through PSA, + * so allow fallback to ordinary mbedtls_cipher_setup(). */ + if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + return( ret ); + if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) return( ret ); - } if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) From fc20c14e76c32e6d6b10af650bdfb0b37c3d40a5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 17 Nov 2018 22:27:38 +0000 Subject: [PATCH 0767/2197] Use PSA-based ciphers for record protections in TLS-1.2 only Reasons: - For the first release, we attempt to support TLS-1.2 only, - At least TLS-1.0 is known to not work at the moment, as for CBC ciphersuites the code in mbedtls_ssl_decrypt_buf() and mbedtls_ssl_encrypt_buf() assumes that mbedtls_cipher_crypt() updates the structure field for the IV in the cipher context, which the PSA-based implementation currently doesn't. --- library/ssl_tls.c | 85 +++++++++++++++++++++++++++++++++++------------ 1 file changed, 64 insertions(+), 21 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index acfb3de82..e6a4222a2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -610,6 +610,9 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char * int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) { int ret = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + int psa_fallthrough; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char tmp[64]; unsigned char keyblk[256]; unsigned char *key1; @@ -1032,20 +1035,41 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, - cipher_info, taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + + /* Only use PSA-based ciphers for TLS-1.2. + * That's relevant at least for TLS-1.0, where + * we assume that mbedtls_cipher_crypt() updates + * the structure field for the IV, which the PSA-based + * implementation currently doesn't. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); - return( ret ); + ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, + cipher_info, taglen ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + return( ret ); + } + + if( ret == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) ); + psa_fallthrough = 0; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); + psa_fallthrough = 1; + } } - - if( ret == 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) ); else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); + psa_fallthrough = 1; +#else + psa_fallthrough = 1; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( ret != 0 ) + if( psa_fallthrough == 1 ) #endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, cipher_info ) ) != 0 ) @@ -1055,21 +1079,40 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, - cipher_info, taglen ); - - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + /* Only use PSA-based ciphers for TLS-1.2. + * That's relevant at least for TLS-1.0, where + * we assume that mbedtls_cipher_crypt() updates + * the structure field for the IV, which the PSA-based + * implementation currently doesn't. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); - return( ret ); + ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, + cipher_info, taglen ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + return( ret ); + } + + if( ret == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) ); + psa_fallthrough = 0; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); + psa_fallthrough = 1; + } } - - if( ret == 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) ); else - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); + psa_fallthrough = 1; +#else + psa_fallthrough = 1; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( ret != 0 ) + if( psa_fallthrough == 1 ) #endif /* MBEDTLS_USE_PSA_CRYPTO */ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, cipher_info ) ) != 0 ) From 5b6425a9313bdeb32380eb08fb1aec4a2e1213a9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Nov 2018 11:31:17 +0000 Subject: [PATCH 0768/2197] Remove superfluous quotes in ssl-opt.sh --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6b24a2978..5d8efc2eb 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -186,7 +186,7 @@ requires_config_value_at_most() { } requires_ciphersuite_enabled() { - if [ -z "$($P_CLI --help | grep "$1")" ]; then + if [ -z "$($P_CLI --help | grep $1)" ]; then SKIP_NEXT="YES" fi } From 0110add3d6680003ed64311be8b5c5cd259cfc92 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 20 Nov 2018 11:37:34 +0000 Subject: [PATCH 0769/2197] Rename PSA test in ssl-opt.sh --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 5d8efc2eb..bae70e8ec 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -754,7 +754,7 @@ run_test() { run_test_psa() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO - run_test "Default, PSA ($1)" \ + run_test "PSA-supported ciphersuite: $1" \ "$P_SRV debug_level=1 force_version=tls1_2" \ "$P_CLI debug_level=1 force_version=tls1_2 force_ciphersuite=$1" \ 0 \ From 1ecf92c364d00abbaf3a52e887760f648949c600 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 22 Oct 2018 12:11:15 +0200 Subject: [PATCH 0770/2197] Skeleton for PK_OPAQUE_PSA --- include/mbedtls/pk.h | 23 +++++++++++++++++++++++ include/mbedtls/pk_internal.h | 4 ++++ library/pk.c | 23 +++++++++++++++++++++++ library/pk_wrap.c | 27 +++++++++++++++++++++++++++ 4 files changed, 77 insertions(+) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index df3a03c7c..3a35afba7 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -45,6 +45,10 @@ #include "ecdsa.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline @@ -83,6 +87,7 @@ typedef enum { MBEDTLS_PK_ECDSA, MBEDTLS_PK_RSA_ALT, MBEDTLS_PK_RSASSA_PSS, + MBEDTLS_PK_OPAQUE_PSA, } mbedtls_pk_type_t; /** @@ -234,6 +239,24 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); */ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief Initialize a PK context to wrap a PSA key slot. + * + * \param ctx Context to initialize. Must be empty (type NONE). + * \param key PSA key slot to wrap. + * + * \return 0 on success, + * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, + * MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. + * + * \note This function replaces mbedtls_pk_setup() for contexts + * that wrap a (possibly opaque) PSA key slot instead of + * storing and manipulating the key material directly. + */ +int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /** * \brief Initialize an RSA-alt context diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h index 48b7a5f7b..7288e9b32 100644 --- a/include/mbedtls/pk_internal.h +++ b/include/mbedtls/pk_internal.h @@ -135,4 +135,8 @@ extern const mbedtls_pk_info_t mbedtls_ecdsa_info; extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +extern const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info; +#endif + #endif /* MBEDTLS_PK_WRAP_H */ diff --git a/library/pk.c b/library/pk.c index e0e8dbad2..cb6e1587a 100644 --- a/library/pk.c +++ b/library/pk.c @@ -139,6 +139,29 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) return( 0 ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* + * Initialise a PSA-wrapping context + */ +int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ) +{ + const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info; + + if( ctx == NULL || ctx->pk_info != NULL ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + + /* coming soon: remember key */ + (void) key; + + ctx->pk_info = info; + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* * Initialize an RSA-alt context diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 87806be33..4885c49ac 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -716,4 +716,31 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + +const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { + MBEDTLS_PK_OPAQUE_PSA, + "Opaque (PSA)", + NULL, /* coming soon: bitlen */ + NULL, /* coming soon: can_do */ + NULL, /* verify - will be done later */ + NULL, /* coming soon: sign */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, /* restartable verify - not relevant */ + NULL, /* restartable sign - not relevant */ +#endif + NULL, /* decrypt - will be done later */ + NULL, /* encrypt - will be done later */ + NULL, /* check_pair - could be done later or left NULL */ + NULL, /* coming soon: alloc */ + NULL, /* coming soon: free */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, /* restart alloc - not relevant */ + NULL, /* restart free - not relevant */ +#endif + NULL, /* debug - could be done later, or even left NULL */ +}; + +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #endif /* MBEDTLS_PK_C */ From 3bc2029a337aafdb24e7fed24d6089668573c376 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 24 Oct 2018 12:37:44 +0200 Subject: [PATCH 0771/2197] Clarify return value of pk_check_pair() --- include/mbedtls/pk.h | 6 +++++- library/pk.c | 6 ++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 3a35afba7..d70e54650 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -503,7 +503,11 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, * \param pub Context holding a public key. * \param prv Context holding a private (and public) key. * - * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA + * \return \c 0 on success (keys were checked and match each other). + * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not + * be checked - in that case they may or may not match. + * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid. + * \return Another non-zero value if the keys do not match. */ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); diff --git a/library/pk.c b/library/pk.c index cb6e1587a..b2f681242 100644 --- a/library/pk.c +++ b/library/pk.c @@ -456,12 +456,14 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ) { if( pub == NULL || pub->pk_info == NULL || - prv == NULL || prv->pk_info == NULL || - prv->pk_info->check_pair_func == NULL ) + prv == NULL || prv->pk_info == NULL ) { return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); } + if( prv->pk_info->check_pair_func == NULL ) + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT ) { if( pub->pk_info->type != MBEDTLS_PK_RSA ) From 274f521b9ab35278cfcb0d850aad4bb37276366b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 31 Oct 2018 09:57:45 +0100 Subject: [PATCH 0772/2197] Implement alloc/free wrappers for pk_opaque_psa --- library/pk.c | 7 ++++--- library/pk_wrap.c | 19 +++++++++++++++++-- tests/suites/test_suite_pk.data | 3 +++ tests/suites/test_suite_pk.function | 19 +++++++++++++++++++ 4 files changed, 43 insertions(+), 5 deletions(-) diff --git a/library/pk.c b/library/pk.c index b2f681242..331ed6c76 100644 --- a/library/pk.c +++ b/library/pk.c @@ -146,6 +146,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info; + psa_key_slot_t *pk_ctx; if( ctx == NULL || ctx->pk_info != NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -153,11 +154,11 @@ int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ) if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) return( MBEDTLS_ERR_PK_ALLOC_FAILED ); - /* coming soon: remember key */ - (void) key; - ctx->pk_info = info; + pk_ctx = (psa_key_slot_t *) ctx->pk_ctx; + *pk_ctx = key; + return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 4885c49ac..0e12d05c2 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -718,6 +718,21 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { #if defined(MBEDTLS_USE_PSA_CRYPTO) +static void *pk_psa_alloc_wrap( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( psa_key_slot_t ) ); + + /* no _init() function to call, an calloc() already zeroized */ + + return( ctx ); +} + +static void pk_psa_free_wrap( void *ctx ) +{ + mbedtls_platform_zeroize( ctx, sizeof( psa_key_slot_t ) ); + mbedtls_free( ctx ); +} + const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { MBEDTLS_PK_OPAQUE_PSA, "Opaque (PSA)", @@ -732,8 +747,8 @@ const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { NULL, /* decrypt - will be done later */ NULL, /* encrypt - will be done later */ NULL, /* check_pair - could be done later or left NULL */ - NULL, /* coming soon: alloc */ - NULL, /* coming soon: free */ + pk_psa_alloc_wrap, + pk_psa_free_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) NULL, /* restart alloc - not relevant */ NULL, /* restart free - not relevant */ diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 478cde7be..417670d80 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -14,6 +14,9 @@ PK utils: ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_utils:MBEDTLS_PK_ECDSA:192:24:"ECDSA" +PK PSA utils +pk_psa_utils: + RSA verify test vector #1 (good) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 4813f71f7..d95dbc9b3 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -69,6 +69,25 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) * END_DEPENDENCIES */ +/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */ +void pk_psa_utils( ) +{ + mbedtls_pk_context pk; + const char * const name = "Opaque (PSA)"; + + mbedtls_pk_init( &pk ); + + TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == 0 ); + + TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA ); + TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); + +exit: + mbedtls_pk_free( &pk ); +} +/* END_CASE */ + + /* BEGIN_CASE */ void pk_utils( int type, int size, int len, char * name ) { From 06c631859cb5e567cae07c3e7ae4087494ea71f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 31 Oct 2018 10:28:01 +0100 Subject: [PATCH 0773/2197] Add key generation to opaque test function While at it, clarify who's responsible for destroying the underlying key. That can't be us because some keys cannot be destroyed and we wouldn't know. So let's leave that up to the caller. --- include/mbedtls/pk.h | 11 ++++++++ tests/suites/test_suite_pk.function | 42 ++++++++++++++++++++++++++--- 2 files changed, 50 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index d70e54650..b481e437b 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -208,6 +208,11 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ); /** * \brief Free a mbedtls_pk_context + * + * \note For contexts that have been set up with + * mbedtls_pk_setup_psa(), this does not free the underlying + * key slot and you still need to call psa_destroy_key() + * independently if you want to destroy that key. */ void mbedtls_pk_free( mbedtls_pk_context *ctx ); @@ -246,6 +251,12 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * \param ctx Context to initialize. Must be empty (type NONE). * \param key PSA key slot to wrap. * + * \note The wrapped key slot must remain valid as long as the + * wrapping PK context is in use, that is at least between + * the point this function is called and the point + * mbedtls_pk_free() is called on this context. The wrapped + * key slot might then be independently used or destroyed. + * * \return 0 on success, * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, * MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index d95dbc9b3..64f1fec42 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -62,6 +62,34 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) return( ((const mbedtls_rsa_context *) ctx)->len ); } #endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + +#include "mbedtls/psa_util.h" + +#define PK_PSA_INVALID_SLOT 0 /* guaranteed invalid */ + +/* + * Generate a key in a free key slot and return this key slot, + * or PK_PSA_INVALID_SLOT if no slot was available. + */ +psa_key_slot_t pk_psa_genkey( void ) +{ + psa_key_slot_t key; + + const int curve = PSA_ECC_CURVE_SECP256R1; + const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve); + const size_t bits = 256; + + if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) ) + return( PK_PSA_INVALID_SLOT ); + + if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) ) + return( PK_PSA_INVALID_SLOT ); + + return( key ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -69,21 +97,29 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */ +/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ void pk_psa_utils( ) { mbedtls_pk_context pk; const char * const name = "Opaque (PSA)"; + psa_key_slot_t key; mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == 0 ); + key = pk_psa_genkey(); + TEST_ASSERT( key != 0 ); + + TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 ); TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA ); TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); -exit: + /* test that freeing the context does not destroy the key */ mbedtls_pk_free( &pk ); + TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); + +exit: + mbedtls_pk_free( &pk ); /* redundant except upon error */ } /* END_CASE */ From 683632b78ec5c37408d33e778b31e61c03e043ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 31 Oct 2018 10:36:51 +0100 Subject: [PATCH 0774/2197] Add support for get_(bit)len on opaque keys --- library/pk_wrap.c | 13 ++++++++++++- tests/suites/test_suite_pk.function | 7 ++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 0e12d05c2..75a49a15c 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -733,10 +733,21 @@ static void pk_psa_free_wrap( void *ctx ) mbedtls_free( ctx ); } +static size_t pk_psa_get_bitlen( const void *ctx ) +{ + const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; + size_t bits; + + if( PSA_SUCCESS != psa_get_key_information( *key, NULL, &bits ) ) + return( 0 ); + + return( bits ); +} + const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { MBEDTLS_PK_OPAQUE_PSA, "Opaque (PSA)", - NULL, /* coming soon: bitlen */ + pk_psa_get_bitlen, NULL, /* coming soon: can_do */ NULL, /* verify - will be done later */ NULL, /* coming soon: sign */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 64f1fec42..8f6abf59e 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -101,9 +101,11 @@ psa_key_slot_t pk_psa_genkey( void ) void pk_psa_utils( ) { mbedtls_pk_context pk; - const char * const name = "Opaque (PSA)"; psa_key_slot_t key; + const char * const name = "Opaque (PSA)"; + const size_t bitlen = 256; /* harcoded in genkey() */ + mbedtls_pk_init( &pk ); key = pk_psa_genkey(); @@ -114,6 +116,9 @@ void pk_psa_utils( ) TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA ); TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); + TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen ); + TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 ); + /* test that freeing the context does not destroy the key */ mbedtls_pk_free( &pk ); TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); From 07b103fe07848ce77c7f8e8a16334eb1b5a88625 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 31 Oct 2018 10:57:29 +0100 Subject: [PATCH 0775/2197] Implement can_do for opaque ECC keypairs Unfortunately the can_do wrapper does not receive the key context as an argument, so it cannot check psa_get_key_information(). Later we might want to change our internal structures to fix this, but for now we'll just restrict opaque PSA keys to be ECDSA keypairs, as this is the only thing we need for now. It also simplifies testing a bit (no need to test each key type). --- include/mbedtls/pk.h | 14 ++++++++++---- library/pk.c | 8 ++++++++ library/pk_wrap.c | 11 ++++++++++- tests/suites/test_suite_pk.function | 10 ++++++++++ 4 files changed, 38 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index b481e437b..3f640931f 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -249,7 +249,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * \brief Initialize a PK context to wrap a PSA key slot. * * \param ctx Context to initialize. Must be empty (type NONE). - * \param key PSA key slot to wrap. + * \param key PSA key slot to wrap - must hold an ECC keypair. * * \note The wrapped key slot must remain valid as long as the * wrapping PK context is in use, that is at least between @@ -257,13 +257,19 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * mbedtls_pk_free() is called on this context. The wrapped * key slot might then be independently used or destroyed. * - * \return 0 on success, - * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, - * MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. + * \return \c 0 on success, + * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input + * (context already used, invalid key slot) + * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an + * ECC keypair, + * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. * * \note This function replaces mbedtls_pk_setup() for contexts * that wrap a (possibly opaque) PSA key slot instead of * storing and manipulating the key material directly. + * + * \note This function is currently only available for ECC keypair. + * Support for other key types will be added later. */ int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk.c b/library/pk.c index 331ed6c76..f65b2eed7 100644 --- a/library/pk.c +++ b/library/pk.c @@ -147,10 +147,18 @@ int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info; psa_key_slot_t *pk_ctx; + psa_key_type_t type; if( ctx == NULL || ctx->pk_info != NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if( PSA_SUCCESS != psa_get_key_information( key, &type, NULL ) ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + /* Current implementation of can_do() relies on this. */ + if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ; + if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) return( MBEDTLS_ERR_PK_ALLOC_FAILED ); diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 75a49a15c..d01694c69 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -744,11 +744,20 @@ static size_t pk_psa_get_bitlen( const void *ctx ) return( bits ); } +static int pk_psa_can_do( mbedtls_pk_type_t type ) +{ + /* For now opaque PSA keys can only wrap ECC keypairs, + * as checked by setup_psa(). + * Also, ECKEY_DH does not really make sense with the current API. */ + return( type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECDSA ); +} + const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { MBEDTLS_PK_OPAQUE_PSA, "Opaque (PSA)", pk_psa_get_bitlen, - NULL, /* coming soon: can_do */ + pk_psa_can_do, NULL, /* verify - will be done later */ NULL, /* coming soon: sign */ #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 8f6abf59e..3beff380f 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -108,6 +108,12 @@ void pk_psa_utils( ) mbedtls_pk_init( &pk ); + TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + mbedtls_pk_free( &pk ); + mbedtls_pk_init( &pk ); + key = pk_psa_genkey(); TEST_ASSERT( key != 0 ); @@ -119,6 +125,10 @@ void pk_psa_utils( ) TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen ); TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 ); + TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 ); + TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 ); + TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 ); + /* test that freeing the context does not destroy the key */ mbedtls_pk_free( &pk ); TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); From 99af2f0dd1717b929e6d045dd6016fe12bb45481 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 31 Oct 2018 11:14:36 +0100 Subject: [PATCH 0776/2197] Add tests for unsupported operations/functions --- tests/suites/test_suite_pk.function | 30 ++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 3beff380f..1edc04eb2 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -100,13 +100,19 @@ psa_key_slot_t pk_psa_genkey( void ) /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ void pk_psa_utils( ) { - mbedtls_pk_context pk; + mbedtls_pk_context pk, pk2; psa_key_slot_t key; const char * const name = "Opaque (PSA)"; const size_t bitlen = 256; /* harcoded in genkey() */ + mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; + unsigned char b1[1], b2[1]; + size_t len; + mbedtls_pk_debug_item dbg; + mbedtls_pk_init( &pk ); + mbedtls_pk_init( &pk2 ); TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -129,12 +135,34 @@ void pk_psa_utils( ) TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 ); TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 ); + /* unsupported operations: verify, decrypt, encrypt */ + TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg, + b1, sizeof( b1), b2, sizeof( b2 ) ) + == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ), + b2, &len, sizeof( b2 ), + NULL, NULL ) + == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ), + b2, &len, sizeof( b2 ), + NULL, NULL ) + == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + + /* unsupported functions: check_pair, debug */ + TEST_ASSERT( mbedtls_pk_setup( &pk2, + mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); + TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 ) + == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg ) + == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + /* test that freeing the context does not destroy the key */ mbedtls_pk_free( &pk ); TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); exit: mbedtls_pk_free( &pk ); /* redundant except upon error */ + mbedtls_pk_free( &pk2 ); } /* END_CASE */ From 7d51255ca755c014b636d2c8c8909891794af7fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 31 Oct 2018 16:22:49 +0100 Subject: [PATCH 0777/2197] Implement pk_sign() for opaque ECDSA keys --- library/pk_wrap.c | 113 +++++++++++++++++++++++++++- tests/suites/test_suite_pk.data | 3 + tests/suites/test_suite_pk.function | 61 +++++++++++++++ 3 files changed, 176 insertions(+), 1 deletion(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index d01694c69..47f39d7e7 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -41,10 +41,18 @@ #include "mbedtls/ecdsa.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/asn1write.h" +#endif + #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) #include "mbedtls/platform_util.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#endif + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -753,13 +761,116 @@ static int pk_psa_can_do( mbedtls_pk_type_t type ) type == MBEDTLS_PK_ECDSA ); } +/* Like mbedtls_asn1_write_mpi, but from a buffer */ +static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, + const unsigned char *src, size_t slen ) +{ + int ret; + size_t len = 0; + + if( (size_t)( *p - start ) < slen ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + len = slen; + *p -= len; + memcpy( *p, src, len ); + + if( **p & 0x80 ) + { + if( *p - start < 1 ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = 0x00; + len += 1; + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); + + return( (int) len ); +} + +/* Transcode signature from PSA format to ASN.1 sequence. + * See ecdsa_signature_to_asn1 in ecdsa.c. + * + * [in] sig: the signature in PSA format + * [in/out] sig_len: signature length pre- and post-transcoding + * [out] dst: the signature in ASN.1 format + */ +static int pk_ecdsa_sig_asn1_from_psa( const unsigned char *sig, size_t *sig_len, + unsigned char *dst ) +{ + int ret; + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; + unsigned char *p = buf + sizeof( buf ); + size_t len = 0; + const size_t mpi_len = *sig_len / 2; + + MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig + mpi_len, mpi_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig, mpi_len ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + + memcpy( dst, p, len ); + *sig_len = len; + + return( 0 ); +} + +static int pk_psa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; + psa_status_t status; + psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); + /* PSA needs a buffer of know size */ + unsigned char buf[2 * MBEDTLS_ECP_MAX_BYTES]; + const size_t buf_len = sizeof( buf ); + + /* PSA has its own RNG */ + (void) f_rng; + (void) p_rng; + + status = psa_asymmetric_sign( *key, alg, hash, hash_len, + buf, buf_len, sig_len ); + + /* translate errors to best approximation */ + switch( status ) + { + case PSA_SUCCESS: + break; /* don't return now */ + case PSA_ERROR_NOT_SUPPORTED: + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + case PSA_ERROR_INSUFFICIENT_MEMORY: + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + case PSA_ERROR_COMMUNICATION_FAILURE: + case PSA_ERROR_HARDWARE_FAILURE: + case PSA_ERROR_TAMPERING_DETECTED: + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + case PSA_ERROR_INSUFFICIENT_ENTROPY: + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + case PSA_ERROR_BAD_STATE: + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + default: /* should never happen */ + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + } + + pk_ecdsa_sig_asn1_from_psa( buf, sig_len, sig ); + + return( 0 ); +} + const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { MBEDTLS_PK_OPAQUE_PSA, "Opaque (PSA)", pk_psa_get_bitlen, pk_psa_can_do, NULL, /* verify - will be done later */ - NULL, /* coming soon: sign */ + pk_psa_sign_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) NULL, /* restartable verify - not relevant */ NULL, /* restartable sign - not relevant */ diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 417670d80..011b1f5f6 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -188,3 +188,6 @@ pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75 ECDSA restartable sign/verify: ECKEY, max_ops=250 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64 + +PSA wrapped sign +pk_psa_sign: diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 1edc04eb2..563fa44f5 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -72,6 +72,7 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) /* * Generate a key in a free key slot and return this key slot, * or PK_PSA_INVALID_SLOT if no slot was available. + * The key uses NIST P-256 and is usable for signing with SHA-256. */ psa_key_slot_t pk_psa_genkey( void ) { @@ -80,10 +81,20 @@ psa_key_slot_t pk_psa_genkey( void ) const int curve = PSA_ECC_CURVE_SECP256R1; const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve); const size_t bits = 256; + psa_key_policy_t policy; + /* find a free key slot */ if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) ) return( PK_PSA_INVALID_SLOT ); + /* set up policy on key slot */ + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, + PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); + if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) ) + return( PK_PSA_INVALID_SLOT ); + + /* generate key */ if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) ) return( PK_PSA_INVALID_SLOT ); @@ -760,3 +771,53 @@ exit: mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +void pk_psa_sign( ) +{ + mbedtls_pk_context pk; + psa_key_slot_t key; + unsigned char hash[50], sig[100], pkey[100]; + size_t sig_len, klen = 0; + + /* + * This tests making signatures with a wrapped PSA key: + * - generate a fresh PSA key + * - wrap it in a PK context and make a signature this way + * - extract the public key + * - parse it to a PK context and verify the signature this way + */ + + mbedtls_pk_init( &pk ); + + memset( hash, 0x2a, sizeof hash ); + memset( sig, 0, sizeof sig ); + memset( pkey, 0, sizeof pkey ); + + key = pk_psa_genkey(); + TEST_ASSERT( key != 0 ); + + TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 ); + + TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, + hash, sizeof hash, sig, &sig_len, + NULL, NULL ) == 0 ); + + mbedtls_pk_free( &pk ); + + TEST_ASSERT( PSA_SUCCESS == psa_export_public_key( + key, pkey, sizeof( pkey ), &klen ) ); + TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); + + mbedtls_pk_init( &pk ); + + TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey, klen ) == 0 ); + + + TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, + hash, sizeof hash, sig, sig_len ) == 0 ); + +exit: + mbedtls_pk_free( &pk ); +} +/* END_CASE */ From 276cb64e6c141bb88b4315ba8b88b05d50a818f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 6 Nov 2018 09:34:30 +0100 Subject: [PATCH 0778/2197] Align names to use "opaque" only everywhere It's better for names in the API to describe the "what" (opaque keys) rather than the "how" (using PSA), at least since we don't intend to have multiple function doing the same "what" in different ways in the foreseeable future. --- include/mbedtls/pk.h | 6 +++--- include/mbedtls/pk_internal.h | 2 +- library/pk.c | 4 ++-- library/pk_wrap.c | 26 +++++++++++++------------- tests/suites/test_suite_pk.function | 10 +++++----- 5 files changed, 24 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 3f640931f..001dcca6d 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -87,7 +87,7 @@ typedef enum { MBEDTLS_PK_ECDSA, MBEDTLS_PK_RSA_ALT, MBEDTLS_PK_RSASSA_PSS, - MBEDTLS_PK_OPAQUE_PSA, + MBEDTLS_PK_OPAQUE, } mbedtls_pk_type_t; /** @@ -210,7 +210,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ); * \brief Free a mbedtls_pk_context * * \note For contexts that have been set up with - * mbedtls_pk_setup_psa(), this does not free the underlying + * mbedtls_pk_setup_opaque(), this does not free the underlying * key slot and you still need to call psa_destroy_key() * independently if you want to destroy that key. */ @@ -271,7 +271,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * \note This function is currently only available for ECC keypair. * Support for other key types will be added later. */ -int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ); +int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h index 7288e9b32..fc9ba13fe 100644 --- a/include/mbedtls/pk_internal.h +++ b/include/mbedtls/pk_internal.h @@ -136,7 +136,7 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) -extern const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info; +extern const mbedtls_pk_info_t mbedtls_pk_opaque_info; #endif #endif /* MBEDTLS_PK_WRAP_H */ diff --git a/library/pk.c b/library/pk.c index f65b2eed7..c34ab7e02 100644 --- a/library/pk.c +++ b/library/pk.c @@ -143,9 +143,9 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) /* * Initialise a PSA-wrapping context */ -int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key ) +int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key ) { - const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info; + const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; psa_key_slot_t *pk_ctx; psa_key_type_t type; diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 47f39d7e7..e576f7334 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -726,7 +726,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { #if defined(MBEDTLS_USE_PSA_CRYPTO) -static void *pk_psa_alloc_wrap( void ) +static void *pk_opaque_alloc_wrap( void ) { void *ctx = mbedtls_calloc( 1, sizeof( psa_key_slot_t ) ); @@ -735,13 +735,13 @@ static void *pk_psa_alloc_wrap( void ) return( ctx ); } -static void pk_psa_free_wrap( void *ctx ) +static void pk_opaque_free_wrap( void *ctx ) { mbedtls_platform_zeroize( ctx, sizeof( psa_key_slot_t ) ); mbedtls_free( ctx ); } -static size_t pk_psa_get_bitlen( const void *ctx ) +static size_t pk_opaque_get_bitlen( const void *ctx ) { const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; size_t bits; @@ -752,7 +752,7 @@ static size_t pk_psa_get_bitlen( const void *ctx ) return( bits ); } -static int pk_psa_can_do( mbedtls_pk_type_t type ) +static int pk_opaque_can_do( mbedtls_pk_type_t type ) { /* For now opaque PSA keys can only wrap ECC keypairs, * as checked by setup_psa(). @@ -819,7 +819,7 @@ static int pk_ecdsa_sig_asn1_from_psa( const unsigned char *sig, size_t *sig_len return( 0 ); } -static int pk_psa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, +static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) @@ -864,13 +864,13 @@ static int pk_psa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, return( 0 ); } -const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { - MBEDTLS_PK_OPAQUE_PSA, - "Opaque (PSA)", - pk_psa_get_bitlen, - pk_psa_can_do, +const mbedtls_pk_info_t mbedtls_pk_opaque_info = { + MBEDTLS_PK_OPAQUE, + "Opaque", + pk_opaque_get_bitlen, + pk_opaque_can_do, NULL, /* verify - will be done later */ - pk_psa_sign_wrap, + pk_opaque_sign_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) NULL, /* restartable verify - not relevant */ NULL, /* restartable sign - not relevant */ @@ -878,8 +878,8 @@ const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = { NULL, /* decrypt - will be done later */ NULL, /* encrypt - will be done later */ NULL, /* check_pair - could be done later or left NULL */ - pk_psa_alloc_wrap, - pk_psa_free_wrap, + pk_opaque_alloc_wrap, + pk_opaque_free_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) NULL, /* restart alloc - not relevant */ NULL, /* restart free - not relevant */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 563fa44f5..bf87b2b0d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -114,7 +114,7 @@ void pk_psa_utils( ) mbedtls_pk_context pk, pk2; psa_key_slot_t key; - const char * const name = "Opaque (PSA)"; + const char * const name = "Opaque"; const size_t bitlen = 256; /* harcoded in genkey() */ mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; @@ -125,7 +125,7 @@ void pk_psa_utils( ) mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk2 ); - TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == + TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); mbedtls_pk_free( &pk ); @@ -134,9 +134,9 @@ void pk_psa_utils( ) key = pk_psa_genkey(); TEST_ASSERT( key != 0 ); - TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 ); + TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); - TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA ); + TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE ); TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen ); @@ -797,7 +797,7 @@ void pk_psa_sign( ) key = pk_psa_genkey(); TEST_ASSERT( key != 0 ); - TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 ); + TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, From 35a7ff93664761644ea100c4f1c32ed037c97bbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 13 Nov 2018 10:48:23 +0100 Subject: [PATCH 0779/2197] Improve documentation of mbedtls_pk_setup_opaque() --- include/mbedtls/pk.h | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 001dcca6d..57a7005a5 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -248,8 +248,13 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); /** * \brief Initialize a PK context to wrap a PSA key slot. * - * \param ctx Context to initialize. Must be empty (type NONE). - * \param key PSA key slot to wrap - must hold an ECC keypair. + * \note This function replaces mbedtls_pk_setup() for contexts + * that wrap a (possibly opaque) PSA key slot instead of + * storing and manipulating the key material directly. + * + * \param ctx The context to initialize. It must be empty (type NONE). + * \param key The PSA key slot to wrap, which must hold an ECC key pair + * (see notes below). * * \note The wrapped key slot must remain valid as long as the * wrapping PK context is in use, that is at least between @@ -257,19 +262,16 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * mbedtls_pk_free() is called on this context. The wrapped * key slot might then be independently used or destroyed. * - * \return \c 0 on success, + * \note This function is currently only available for ECC key + * pairs (that is, ECC keys containing private key material). + * Support for other key types may be added later. + * + * \return \c 0 on success. * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input - * (context already used, invalid key slot) + * (context already used, invalid key slot). * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an - * ECC keypair, + * ECC key pair. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. - * - * \note This function replaces mbedtls_pk_setup() for contexts - * that wrap a (possibly opaque) PSA key slot instead of - * storing and manipulating the key material directly. - * - * \note This function is currently only available for ECC keypair. - * Support for other key types will be added later. */ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ From fe8607350c8c934140e0ccf7454fbb3684d9086c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 12 Nov 2018 15:06:57 +0100 Subject: [PATCH 0780/2197] Add new macro to detemine ECDSA signature length Revived from a previous PR by Gilles, see: https://github.com/ARMmbed/mbedtls/pull/1293/files#diff-568ef321d275f2035b8b26a70ee9af0bR71 This will be useful in eliminating temporary stack buffers for transcoding the signature: in order to do that in place we need to be able to make assumptions about the size of the output buffer, which this macro will provide. (See next commit.) --- include/mbedtls/ecdsa.h | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 4057828d4..5245c6ee3 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -35,25 +35,30 @@ #include "ecp.h" #include "md.h" -/* - * RFC-4492 page 20: +/** + * \brief Maximum ECDSA signature size for a given curve bit size * + * \param bits Curve size in bits + * \return Maximum signature size in bytes + * + * \note This macro returns a compile-time constant if its argument + * is one. It may evaluate its argument multiple times. + */ +/* * Ecdsa-Sig-Value ::= SEQUENCE { * r INTEGER, * s INTEGER * } * - * Size is at most - * 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s, - * twice that + 1 (tag) + 2 (len) for the sequence - * (assuming ECP_MAX_BYTES is less than 126 for r and s, - * and less than 124 (total len <= 255) for the sequence) + * For each of r and s, the value (V) may include an extra initial "0" bit. */ -#if MBEDTLS_ECP_MAX_BYTES > 124 -#error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN" -#endif +#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \ + ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \ + /*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \ + /*V of r,s*/ ( ( bits ) + 8 ) / 8 ) ) + /** The maximal size of an ECDSA signature in Bytes. */ -#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) +#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS ) #ifdef __cplusplus extern "C" { From f127e6080e907d0743edde8747e1530fe2b108ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 13 Nov 2018 10:32:00 +0100 Subject: [PATCH 0781/2197] Get rid of large stack buffers in PSA sign wrapper --- library/pk_wrap.c | 180 ++++++++++++++++++++++++++-------------------- 1 file changed, 101 insertions(+), 79 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index e576f7334..e8b26db56 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -761,88 +761,13 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type ) type == MBEDTLS_PK_ECDSA ); } -/* Like mbedtls_asn1_write_mpi, but from a buffer */ -static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, - const unsigned char *src, size_t slen ) +/* translate PSA errors to best PK approximation */ +static int pk_err_from_psa( psa_status_t status ) { - int ret; - size_t len = 0; - - if( (size_t)( *p - start ) < slen ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - len = slen; - *p -= len; - memcpy( *p, src, len ); - - if( **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - *--(*p) = 0x00; - len += 1; - } - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); - - return( (int) len ); -} - -/* Transcode signature from PSA format to ASN.1 sequence. - * See ecdsa_signature_to_asn1 in ecdsa.c. - * - * [in] sig: the signature in PSA format - * [in/out] sig_len: signature length pre- and post-transcoding - * [out] dst: the signature in ASN.1 format - */ -static int pk_ecdsa_sig_asn1_from_psa( const unsigned char *sig, size_t *sig_len, - unsigned char *dst ) -{ - int ret; - unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; - unsigned char *p = buf + sizeof( buf ); - size_t len = 0; - const size_t mpi_len = *sig_len / 2; - - MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig + mpi_len, mpi_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig, mpi_len ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); - - memcpy( dst, p, len ); - *sig_len = len; - - return( 0 ); -} - -static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) -{ - const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; - psa_status_t status; - psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); - /* PSA needs a buffer of know size */ - unsigned char buf[2 * MBEDTLS_ECP_MAX_BYTES]; - const size_t buf_len = sizeof( buf ); - - /* PSA has its own RNG */ - (void) f_rng; - (void) p_rng; - - status = psa_asymmetric_sign( *key, alg, hash, hash_len, - buf, buf_len, sig_len ); - - /* translate errors to best approximation */ switch( status ) { case PSA_SUCCESS: - break; /* don't return now */ + return( 0 ); case PSA_ERROR_NOT_SUPPORTED: return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); case PSA_ERROR_INSUFFICIENT_MEMORY: @@ -858,12 +783,109 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, default: /* should never happen */ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); } +} - pk_ecdsa_sig_asn1_from_psa( buf, sig_len, sig ); +/* + * Like mbedtls_asn1_write_mpi(), but from a buffer. + * + * p: pointer to the end of the output buffer + * start: start of the output buffer, and also of the mpi to write at the end + * n_len: length ot the mpi to read from start + */ +static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, + size_t n_len ) +{ + int ret; + size_t len = 0; + + if( (size_t)( *p - start ) < n_len ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + len = n_len; + *p -= len; + memmove( *p, start, len ); + + /* if the msb is 1, ASN.1 requires that we prepend a 0. + * we're never called with n_len == 0, so we can always read back a byte */ + if( **p & 0x80 ) + { + if( *p - start < 1 ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = 0x00; + len += 1; + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_INTEGER ) ); + + return( (int) len ); +} + +/* Transcode signature from PSA format to ASN.1 sequence. + * See ecdsa_signature_to_asn1 in ecdsa.c, but with byte buffers instead of + * MPIs, and in-place. + * + * [in/out] sig: the signature pre- and post-transcoding + * [in/out] sig_len: signature length pre- and post-transcoding + * [int] buf_len: the available size the in/out buffer + */ +static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len, + size_t buf_len ) +{ + int ret; + size_t len = 0; + const size_t rs_len = *sig_len / 2; + unsigned char *p = sig + buf_len; + + MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + + memmove( sig, p, len ); + *sig_len = len; return( 0 ); } +static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; + psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); + size_t bits, buf_len; + psa_status_t status; + + /* PSA has its own RNG */ + (void) f_rng; + (void) p_rng; + + /* PSA needs an output buffer of known size, but our API doesn't provide + * that information. Assume that the buffer is large enough for a + * maximal-length signature with that key (otherwise the application is + * buggy anyway). */ + status = psa_get_key_information( *key, NULL, &bits ); + if( status != PSA_SUCCESS ) + return( pk_err_from_psa( status ) ); + + buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( bits ); + + /* make the signature */ + status = psa_asymmetric_sign( *key, alg, hash, hash_len, + sig, buf_len, sig_len ); + if( status != PSA_SUCCESS ) + return( pk_err_from_psa( status ) ); + + /* transcode it to ASN.1 sequence */ + return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) ); +} + const mbedtls_pk_info_t mbedtls_pk_opaque_info = { MBEDTLS_PK_OPAQUE, "Opaque", From 615530728f9737faf3d2673a1ef68a9c59f9d148 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 15 Nov 2018 12:17:38 +0100 Subject: [PATCH 0782/2197] Improve documentation of an internal function --- library/pk_wrap.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index e8b26db56..762dbfb91 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -786,11 +786,13 @@ static int pk_err_from_psa( psa_status_t status ) } /* - * Like mbedtls_asn1_write_mpi(), but from a buffer. + * Simultaneously convert and move raw MPI from the beginning of a buffer + * to an ASN.1 MPI at the end of the buffer. + * See also mbedtls_asn1_write_mpi(). * * p: pointer to the end of the output buffer * start: start of the output buffer, and also of the mpi to write at the end - * n_len: length ot the mpi to read from start + * n_len: length of the mpi to read from start */ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, size_t n_len ) From 1e48ebd306c76a3e70aadc25b0ef05350faa6c21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 16 Nov 2018 10:09:11 +0100 Subject: [PATCH 0783/2197] Fix a compliance issue in signature encoding The issue is not present in the normal path because asn1write_mpi() does it automatically, but we're not using that here... --- library/pk_wrap.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 762dbfb91..5e8360225 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -807,8 +807,16 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, *p -= len; memmove( *p, start, len ); + /* ASN.1 DER encoding requires minimal length, so skip leading 0s. + * Neither r nor s can be 0, so we can assume len > 0 at all times. */ + while( **p == 0x00 ) + { + ++(*p); + --len; + } + /* if the msb is 1, ASN.1 requires that we prepend a 0. - * we're never called with n_len == 0, so we can always read back a byte */ + * Neither r nor s can be 0, so we can assume len > 0 at all times. */ if( **p & 0x80 ) { if( *p - start < 1 ) From f4427678ae05b451604400db9834017fab570fd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 16 Nov 2018 10:15:09 +0100 Subject: [PATCH 0784/2197] Use shared function for error translation --- library/pk_wrap.c | 28 ++-------------------------- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 5e8360225..301d2266f 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -761,30 +761,6 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type ) type == MBEDTLS_PK_ECDSA ); } -/* translate PSA errors to best PK approximation */ -static int pk_err_from_psa( psa_status_t status ) -{ - switch( status ) - { - case PSA_SUCCESS: - return( 0 ); - case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); - case PSA_ERROR_COMMUNICATION_FAILURE: - case PSA_ERROR_HARDWARE_FAILURE: - case PSA_ERROR_TAMPERING_DETECTED: - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); - case PSA_ERROR_INSUFFICIENT_ENTROPY: - return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); - case PSA_ERROR_BAD_STATE: - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - default: /* should never happen */ - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); - } -} - /* * Simultaneously convert and move raw MPI from the beginning of a buffer * to an ASN.1 MPI at the end of the buffer. @@ -882,7 +858,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, * buggy anyway). */ status = psa_get_key_information( *key, NULL, &bits ); if( status != PSA_SUCCESS ) - return( pk_err_from_psa( status ) ); + return( mbedtls_psa_err_translate_pk( status ) ); buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( bits ); @@ -890,7 +866,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, status = psa_asymmetric_sign( *key, alg, hash, hash_len, sig, buf_len, sig_len ); if( status != PSA_SUCCESS ) - return( pk_err_from_psa( status ) ); + return( mbedtls_psa_err_translate_pk( status ) ); /* transcode it to ASN.1 sequence */ return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) ); From 29a1325b0d1ea24b3ed9ffd0576a1ed91b48f343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 16 Nov 2018 10:54:54 +0100 Subject: [PATCH 0785/2197] Guard against PSA generating invalid signature The goal is not to double-check everything PSA does, but to ensure that it anything goes wrong, we fail cleanly rather than by overwriting a buffer. --- library/pk_wrap.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 301d2266f..3af17d398 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -784,13 +784,18 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, memmove( *p, start, len ); /* ASN.1 DER encoding requires minimal length, so skip leading 0s. - * Neither r nor s can be 0, so we can assume len > 0 at all times. */ - while( **p == 0x00 ) + * Neither r nor s should be 0, but as a failsafe measure, still detect + * that rather than overflowing the buffer in case of a PSA error. */ + while( len > 0 && **p == 0x00 ) { ++(*p); --len; } + /* this is only reached if the signature was invalid */ + if( len == 0 ) + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + /* if the msb is 1, ASN.1 requires that we prepend a 0. * Neither r nor s can be 0, so we can assume len > 0 at all times. */ if( **p & 0x80 ) From 261456221224bc2ada3ce86363dc9523e4a75973 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 19 Nov 2018 12:25:37 +0100 Subject: [PATCH 0786/2197] Add test utility function: wrap_as_opaque() The new function is not tested here, but will be in a subsequent PR. --- include/mbedtls/pk.h | 25 +++++++++++++++++ library/pk.c | 65 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 57a7005a5..862065eed 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -740,6 +740,31 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief Turn an EC key into an Opaque one + * + * \warning This is a temporary utility function for tests. It might + * change or be removed at any time without notice. + * + * \note Only ECDSA keys are supported so far. Signing with the + * specified hash is the only allowed use of that key. + * + * \param pk Input: the EC key to transfer to a PSA key slot. + * Output: a PK context wrapping that PSA key slot. + * \param slot Output: the chosen slot for storing the key. + * It's the caller's responsibility to destroy that slot + * after calling mbedtls_pk_free() on the PK context. + * \param hash_alg The hash algorithm to allow for use with that key. + * + * \return \c 0 if successful. + * \return An Mbed TLS error code otherwise. + */ +int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, + psa_key_slot_t *slot, + psa_algorithm_t hash_alg ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #ifdef __cplusplus } #endif diff --git a/library/pk.c b/library/pk.c index c34ab7e02..989ed095b 100644 --- a/library/pk.c +++ b/library/pk.c @@ -41,6 +41,10 @@ #include "mbedtls/ecdsa.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#endif + #include #include @@ -535,4 +539,65 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) return( ctx->pk_info->type ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* + * Load the key to a PSA key slot, + * then turn the PK context into a wrapper for that key slot. + * + * Currently only works for EC private keys. + */ +int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, + psa_key_slot_t *slot, + psa_algorithm_t hash_alg ) +{ +#if !defined(MBEDTLS_ECP_C) + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); +#else + psa_key_slot_t key; + const mbedtls_ecp_keypair *ec; + unsigned char d[MBEDTLS_ECP_MAX_BYTES]; + size_t d_len; + psa_ecc_curve_t curve_id; + psa_key_type_t key_type; + psa_key_policy_t policy; + int ret; + + /* export the private key material in the format PSA wants */ + if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + + ec = mbedtls_pk_ec( *pk ); + d_len = ( ec->grp.nbits + 7 ) / 8; + if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 ) + return( ret ); + + curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; + + /* find a free key slot */ + if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) ) + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + + /* set policy */ + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, + PSA_ALG_ECDSA(hash_alg) ); + if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) ) + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + + /* import private key in slot */ + key_type = PSA_KEY_TYPE_ECC_KEYPAIR(curve_id); + if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) ) + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + + /* remember slot number to be destroyed later by caller */ + *slot = key; + + /* make PK context wrap the key slot */ + mbedtls_pk_free( pk ); + mbedtls_pk_init( pk ); + + return( mbedtls_pk_setup_opaque( pk, key ) ); +#endif /* MBEDTLS_ECP_C */ +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_PK_C */ From 72d94be0deb7ce363dd85cfb2379c6715ce5917d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 19 Nov 2018 12:39:27 +0100 Subject: [PATCH 0787/2197] Improve description of a test --- tests/suites/test_suite_pk.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 011b1f5f6..049750268 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -14,7 +14,7 @@ PK utils: ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_utils:MBEDTLS_PK_ECDSA:192:24:"ECDSA" -PK PSA utils +PK PSA utilities: setup/free, info functions, unsupported operations pk_psa_utils: RSA verify test vector #1 (good) From e31411a8149370291a47ff48b4991a77412c020c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 22 Nov 2018 12:21:20 +0100 Subject: [PATCH 0788/2197] Fix test that wasn't actually effective psa_destroy_key() returns success even if the slot is empty. --- tests/suites/test_suite_pk.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index bf87b2b0d..37cf5c569 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -169,6 +169,7 @@ void pk_psa_utils( ) /* test that freeing the context does not destroy the key */ mbedtls_pk_free( &pk ); + TEST_ASSERT( PSA_SUCCESS == psa_get_key_information( key, NULL, NULL ) ); TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); exit: From ca906fb8b936163eadf396c2b5780cfdb46aa2ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 7 Nov 2018 09:42:35 +0100 Subject: [PATCH 0789/2197] Add option key_opaque to ssl_client2 (skeleton) This is just the plumbing for the option itself, implementation of the option will be the next commit. --- programs/ssl/ssl_client2.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 87b9ab1bd..8d15b4f8f 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -84,6 +84,7 @@ int main( void ) #define DFL_CA_PATH "" #define DFL_CRT_FILE "" #define DFL_KEY_FILE "" +#define DFL_KEY_OPAQUE 0 #define DFL_PSK "" #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL @@ -134,9 +135,16 @@ int main( void ) #define USAGE_IO \ " No file operations available (MBEDTLS_FS_IO not defined)\n" #endif /* MBEDTLS_FS_IO */ -#else +#else /* MBEDTLS_X509_CRT_PARSE_C */ #define USAGE_IO "" #endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) +#define USAGE_KEY_OPAQUE \ + " key_opaque=%%d Handle your private key as if it were opaque\n" \ + " default: 0 (disabled)\n" +#else +#define USAGE_KEY_OPAQUE "" +#endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK \ @@ -283,6 +291,7 @@ int main( void ) " auth_mode=%%s default: (library default: none)\n" \ " options: none, optional, required\n" \ USAGE_IO \ + USAGE_KEY_OPAQUE \ "\n" \ USAGE_PSK \ USAGE_ECJPAKE \ @@ -337,6 +346,7 @@ struct options const char *ca_path; /* the path with the CA certificate(s) reside */ const char *crt_file; /* the file with the client certificate */ const char *key_file; /* the file with the client key */ + int key_opaque; /* handle private key as if it were opaque */ const char *psk; /* the pre-shared key */ const char *psk_identity; /* the pre-shared key identity */ const char *ecjpake_pw; /* the EC J-PAKE password */ @@ -627,6 +637,7 @@ int main( int argc, char *argv[] ) opt.ca_path = DFL_CA_PATH; opt.crt_file = DFL_CRT_FILE; opt.key_file = DFL_KEY_FILE; + opt.key_opaque = DFL_KEY_OPAQUE; opt.psk = DFL_PSK; opt.psk_identity = DFL_PSK_IDENTITY; opt.ecjpake_pw = DFL_ECJPAKE_PW; @@ -726,6 +737,10 @@ int main( int argc, char *argv[] ) opt.crt_file = q; else if( strcmp( p, "key_file" ) == 0 ) opt.key_file = q; +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) + else if( strcmp( p, "key_opaque" ) == 0 ) + opt.key_opaque = atoi( q ); +#endif else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; else if( strcmp( p, "psk_identity" ) == 0 ) @@ -1309,6 +1324,13 @@ int main( int argc, char *argv[] ) goto exit; } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.key_opaque != 0 ) + { + /* coming soon: load key to key slot */ + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_printf( " ok\n" ); #endif /* MBEDTLS_X509_CRT_PARSE_C */ From f83d31260db0739308537f54237ff00f3759434b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 8 Nov 2018 09:52:25 +0100 Subject: [PATCH 0790/2197] Implement key_opaque option to ssl_client2 --- programs/ssl/ssl_client2.c | 16 ++++++++++++++-- tests/ssl-opt.sh | 15 +++++++++++++++ 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 8d15b4f8f..f3bf495bb 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -566,6 +566,9 @@ int main( int argc, char *argv[] ) mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; mbedtls_pk_context pkey; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_slot_t key_slot = 0; /* invalid key slot */ +#endif #endif char *p, *q; const int *list; @@ -1327,11 +1330,17 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( opt.key_opaque != 0 ) { - /* coming soon: load key to key slot */ + if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, + PSA_ALG_SHA_256 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret ); + goto exit; + } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_printf( " ok\n" ); + mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) ); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* @@ -2138,6 +2147,9 @@ exit: mbedtls_x509_crt_free( &clicert ); mbedtls_x509_crt_free( &cacert ); mbedtls_pk_free( &pkey ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key( key_slot ); +#endif #endif mbedtls_ssl_session_free( &saved_session ); mbedtls_ssl_free( &ssl ); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ce9aee28a..5cded213e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -865,6 +865,21 @@ run_test "Default, DTLS" \ -s "Protocol is DTLSv1.2" \ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" +# Test using an opaque private key for client authentication +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for client authentication" \ + "$P_SRV auth_mode=required" \ + "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 0 \ + -c "key type: Opaque" \ + -s "Verifying peer X.509 certificate... ok" \ + -S "error" \ + -C "error" + # Test current time in ServerHello requires_config_enabled MBEDTLS_HAVE_TIME run_test "ServerHello contains gmt_unix_time" \ From 596e65e1a58b1e6b665a98458aea71fb4c5933da Mon Sep 17 00:00:00 2001 From: Netanel Gonen Date: Thu, 22 Nov 2018 18:41:43 +0200 Subject: [PATCH 0791/2197] Fix indentation --- include/psa/crypto_extra.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 9e8f97c9d..7f0885794 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -95,13 +95,13 @@ void mbedtls_psa_crypto_free( void ); * and mbedtls_nv_seed_write. * * In a client-server integration of PSA Cryptography, on the client side, * if the server supports this feature. - * \param[in] seed Buffer containing the seed value to inject. + * \param[in] seed Buffer containing the seed value to inject. * \param[in] seed_size Size of the \p seed buffer. - * The size of the seed in bytes must be greater - * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM - * and #MBEDTLS_ENTROPY_BLOCK_SIZE. - * It must be less or equal to - * #MBEDTLS_ENTROPY_MAX_SEED_SIZE. + * The size of the seed in bytes must be greater + * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM + * and #MBEDTLS_ENTROPY_BLOCK_SIZE. + * It must be less or equal to + * #MBEDTLS_ENTROPY_MAX_SEED_SIZE. * * \retval #PSA_SUCCESS * The seed value was injected successfully. The random generator From 6f249de70608532bca7ef3e325fd556960e74399 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 10:07:36 -0500 Subject: [PATCH 0792/2197] pkwrite: add opaque key handling for public key exporting Return early from mbedtls_pk_write_pubkey_der - public opaque key exporting is expected to contain all of the needed data, therefore it shouldn't be written again. --- library/pkwrite.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/library/pkwrite.c b/library/pkwrite.c index 8eabd889b..d135060e4 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -46,6 +46,9 @@ #include "mbedtls/pem.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -161,6 +164,23 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) ); else #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) + { + size_t buffer_size = *p - start; + psa_key_slot_t* key_slot = ( psa_key_slot_t* ) key->pk_ctx; + if ( psa_export_public_key( *key_slot, start, buffer_size, &len ) + != PSA_SUCCESS ) + { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + else + { + memmove( *p - len, start, len ); + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( (int) len ); @@ -177,6 +197,10 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) + { + return( (int) len ); + } if( c - buf < 1 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); From c3de438b8eec7a94931442eedcbb6b998247bea4 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 10:12:37 -0500 Subject: [PATCH 0793/2197] Add CSR write testing using opaque keys Parse and verify CSR programatically instead of using predetermined data, to not tamper with randomness in tests. --- tests/suites/test_suite_x509write.data | 4 ++ tests/suites/test_suite_x509write.function | 75 ++++++++++++++++++++++ 2 files changed, 79 insertions(+) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 5b54d8588..c932c6816 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -42,6 +42,10 @@ Certificate Request check Server5 ECDSA, key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 +Certificate Request check opaque Server5 ECDSA, key_usage +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO +x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 + Certificate write check Server1 SHA1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:1:-1:"data_files/server1.crt":0 diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index c00b1aca8..f1aeaa0c6 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -5,6 +5,11 @@ #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "mbedtls/rsa.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + #if defined(MBEDTLS_RSA_C) int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, @@ -28,6 +33,29 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) } #endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen ) +{ + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; + mbedtls_x509_csr csr; + + if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + md_info = mbedtls_md_info_from_type( csr.sig_md ); + if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) + return ( MBEDTLS_ERR_X509_BAD_INPUT_DATA );/* Note: this can't happen except after an internal error */ + + if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, + csr.sig_md, hash, mbedtls_md_get_size( md_info ), + csr.sig.p, csr.sig.len ) != 0 ) + return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -95,6 +123,53 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ +void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, + int cert_type ) +{ + mbedtls_pk_context key; + psa_key_slot_t slot; + psa_algorithm_t md_alg_psa; + mbedtls_x509write_csr req; + unsigned char buf[4096]; + int ret; + size_t pem_len = 0; + const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; + rnd_pseudo_info rnd_info; + + psa_crypto_init(); + memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); + + md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type ); + TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); + + mbedtls_pk_init( &key ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 ); + + mbedtls_x509write_csr_init( &req ); + mbedtls_x509write_csr_set_md_alg( &req, md_type ); + mbedtls_x509write_csr_set_key( &req, &key ); + TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); + if( key_usage != 0 ) + TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); + if( cert_type != 0 ) + TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); + + ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( ret == 0 ); + + pem_len = strlen( (char *) buf ); + buf[pem_len] = '\0'; + TEST_ASSERT( x509_crt_verifycsr( buf, pem_len+1 ) == 0 ); + +exit: + mbedtls_x509write_csr_free( &req ); + mbedtls_pk_free( &key ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ void x509_crt_check( char *subject_key_file, char *subject_pwd, char *subject_name, char *issuer_key_file, From 2f3112258587fb89a91ddf372372f9d2ef8876e0 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 18:04:01 -0500 Subject: [PATCH 0794/2197] Cosmetic changes Adjust whitespaces, reduce test dependencies and reduce buffer size passed by 1. --- library/pkwrite.c | 4 ++-- tests/suites/test_suite_x509write.data | 2 +- tests/suites/test_suite_x509write.function | 11 ++++++++--- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index d135060e4..dcd3263b2 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -168,11 +168,11 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) { size_t buffer_size = *p - start; - psa_key_slot_t* key_slot = ( psa_key_slot_t* ) key->pk_ctx; + psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx; if ( psa_export_public_key( *key_slot, start, buffer_size, &len ) != PSA_SUCCESS ) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); } else { diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index c932c6816..40964258b 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -43,7 +43,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_EC x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 Certificate Request check opaque Server5 ECDSA, key_usage -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 Certificate write check Server1 SHA1 diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index f1aeaa0c6..8fe3b841d 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -45,12 +45,17 @@ static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen ) md_info = mbedtls_md_info_from_type( csr.sig_md ); if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) - return ( MBEDTLS_ERR_X509_BAD_INPUT_DATA );/* Note: this can't happen except after an internal error */ + { + /* Note: this can't happen except after an internal error */ + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + } if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, csr.sig_md, hash, mbedtls_md_get_size( md_info ), csr.sig.p, csr.sig.len ) != 0 ) + { return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); + } return( 0 ); } @@ -156,13 +161,13 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, if( cert_type != 0 ) TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), + ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1, rnd_pseudo_rand, &rnd_info ); TEST_ASSERT( ret == 0 ); pem_len = strlen( (char *) buf ); buf[pem_len] = '\0'; - TEST_ASSERT( x509_crt_verifycsr( buf, pem_len+1 ) == 0 ); + TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 ); exit: mbedtls_x509write_csr_free( &req ); From 16d6000577a9abd3982bd86e37589b36351472b6 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 18:09:59 -0500 Subject: [PATCH 0795/2197] pkwrite: add a safety check before calculating the buffer size --- library/pkwrite.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index dcd3263b2..3dfc590ad 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -167,8 +167,13 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, #if defined(MBEDTLS_USE_PSA_CRYPTO) if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) { - size_t buffer_size = *p - start; + size_t buffer_size; psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx; + + if ( *p < start ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + buffer_size = *p - start; if ( psa_export_public_key( *key_slot, start, buffer_size, &len ) != PSA_SUCCESS ) { From d6d07909f2997173041a9b55f67bcb0c1c191837 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 02:53:17 -0500 Subject: [PATCH 0796/2197] Remove trailing whitespace --- tests/suites/test_suite_x509write.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 8fe3b841d..bf43a8001 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -147,7 +147,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type ); TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); - + mbedtls_pk_init( &key ); TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 ); From 3bd69dda1ab212ab3549be48283497f5856df9dd Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 03:03:28 -0500 Subject: [PATCH 0797/2197] pkwrite: add an explicit cast to size_t --- library/pkwrite.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 3dfc590ad..d34714b34 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -173,7 +173,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, if ( *p < start ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - buffer_size = *p - start; + buffer_size = (size_t)( *p - start ); if ( psa_export_public_key( *key_slot, start, buffer_size, &len ) != PSA_SUCCESS ) { From 78276b1c73f9dbaa9fcc1000fd2eee4ef3635a40 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 31 Oct 2018 06:18:39 -0400 Subject: [PATCH 0798/2197] x509: use the PSA API to perform hashing operations So far limited only to certificate verification withour CRL and CSR generation. --- library/x509_crt.c | 36 +++++++++++++++++++++++++++++++----- library/x509write_csr.c | 30 ++++++++++++++++++++++++++++-- 2 files changed, 59 insertions(+), 7 deletions(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index 3e505e2f3..2e4a79658 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -49,6 +49,11 @@ #include "mbedtls/pem.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -1892,16 +1897,37 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, mbedtls_x509_crt *parent, mbedtls_x509_crt_restart_ctx *rs_ctx ) { - const mbedtls_md_info_t *md_info; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - + size_t hash_len; +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + const mbedtls_md_info_t *md_info; md_info = mbedtls_md_info_from_type( child->sig_md ); + hash_len = mbedtls_md_get_size( md_info ); + + /* Note: hash errors can happen only after an internal error */ if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) + return( -1 ); +#else + psa_hash_operation_t hash_operation; + psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md ); + + if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) + return( -1 ); + + if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len ) + != PSA_SUCCESS ) { - /* Note: this can't happen except after an internal error */ + psa_hash_abort( &hash_operation ); return( -1 ); } + if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) + != PSA_SUCCESS ) + { + psa_hash_abort( &hash_operation ); + return( -1 ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Skip expensive computation on obvious mismatch */ if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) ) return( -1 ); @@ -1910,7 +1936,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA ) { return( mbedtls_pk_verify_restartable( &parent->pk, - child->sig_md, hash, mbedtls_md_get_size( md_info ), + child->sig_md, hash, hash_len, child->sig.p, child->sig.len, &rs_ctx->pk ) ); } #else @@ -1918,7 +1944,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, #endif return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, - child->sig_md, hash, mbedtls_md_get_size( md_info ), + child->sig_md, hash, hash_len, child->sig.p, child->sig.len ) ); } diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 66cee5601..6270b6335 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -37,6 +37,11 @@ #include "mbedtls/asn1write.h" #include "mbedtls/platform_util.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + #include #include @@ -136,7 +141,11 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s size_t pub_len = 0, sig_and_oid_len = 0, sig_len; size_t len = 0; mbedtls_pk_type_t pk_alg; - +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_operation_t hash_operation; + size_t hash_len; + psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* * Prepare data to be signed in tmp_buf */ @@ -187,9 +196,26 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s /* * Prepare signature + * Note: hash errors can happen only after an internal error */ - mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if( psa_hash_update( &hash_operation, c, len) != PSA_SUCCESS ) + { + psa_hash_abort( &hash_operation ); + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + } + if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) + != PSA_SUCCESS ) + { + psa_hash_abort( &hash_operation ); + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + } +#else /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); +#endif if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, f_rng, p_rng ) ) != 0 ) { From 593fccdf973f199265cd8c690358450fd3d148af Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 13:57:58 -0500 Subject: [PATCH 0799/2197] x509: remove unnecessary calls to psa_hash_abort According to the documentation, it does not need to be called after a failed psa_hash call. --- library/x509_crt.c | 2 -- library/x509write_csr.c | 7 ++----- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index 2e4a79658..92c052cc2 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1917,14 +1917,12 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len ) != PSA_SUCCESS ) { - psa_hash_abort( &hash_operation ); return( -1 ); } if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) != PSA_SUCCESS ) { - psa_hash_abort( &hash_operation ); return( -1 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 6270b6335..f2950ad2f 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -202,15 +202,12 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) return( MBEDTLS_ERR_X509_FATAL_ERROR ); - if( psa_hash_update( &hash_operation, c, len) != PSA_SUCCESS ) - { - psa_hash_abort( &hash_operation ); + if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS ) return( MBEDTLS_ERR_X509_FATAL_ERROR ); - } + if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) != PSA_SUCCESS ) { - psa_hash_abort( &hash_operation ); return( MBEDTLS_ERR_X509_FATAL_ERROR ); } #else /* MBEDTLS_USE_PSA_CRYPTO */ From 60ea0fc185987f633131ea1684c112867599504e Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 03:20:09 -0500 Subject: [PATCH 0800/2197] Remove trailing whitespace --- library/x509_crt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index 92c052cc2..c5b6a1248 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1903,7 +1903,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, const mbedtls_md_info_t *md_info; md_info = mbedtls_md_info_from_type( child->sig_md ); hash_len = mbedtls_md_get_size( md_info ); - + /* Note: hash errors can happen only after an internal error */ if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) return( -1 ); From 39d1f4b29f63a97f4e772c860d6c17e43586d84c Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 31 Oct 2018 05:16:46 -0400 Subject: [PATCH 0801/2197] pk_wrap.c: add support for ecdsa signature verification using PSA Use PSA internally to verify signatures. Add a conversion to a raw signature format. --- library/pk_wrap.c | 260 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 260 insertions(+) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 87806be33..f48b85039 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -45,6 +45,12 @@ #include "mbedtls/platform_util.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/x509.h" +#include "mbedtls/asn1.h" +#endif + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -472,6 +478,259 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) return( type == MBEDTLS_PK_ECDSA ); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) +{ + for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) + { + if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ) + { + *key = slot; + return( PSA_SUCCESS ); + } + } + return( PSA_ERROR_INSUFFICIENT_MEMORY ); +} + +static psa_algorithm_t translate_md_to_psa( mbedtls_md_type_t md_alg ) +{ + switch( md_alg ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( PSA_ALG_MD2 ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( PSA_ALG_MD4 ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( PSA_ALG_MD5 ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( PSA_ALG_SHA_1 ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( PSA_ALG_SHA_224 ); + case MBEDTLS_MD_SHA256: + return( PSA_ALG_SHA_256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( PSA_ALG_SHA_384 ); + case MBEDTLS_MD_SHA512: + return( PSA_ALG_SHA_512 ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( PSA_ALG_RIPEMD160 ); +#endif + case MBEDTLS_MD_NONE: // Intentional fallthrough + default: + return( 0 ); + } +} + +/* + * Convert a signature from an ASN.1 sequence of two integers + * to a raw {r,s} buffer. Note: upon a successful call, the caller + * takes ownership of the sig->p buffer. + */ +static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, + mbedtls_asn1_buf *sig ) +{ + int ret; + size_t len_signature; + size_t len_partial; + int tag_type; + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + tag_type = **p; + + if( ( ret = mbedtls_asn1_get_tag(p, end, &len_partial, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); + } + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) ) + != 0 ) + return( ret ); + + if( **p == '\0' ) { + ( *p )++; + len_partial--; + } + + sig->p = mbedtls_calloc( 2, len_partial ); + if( sig->p == NULL ) { + return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + } + + memcpy( sig->p, *p, len_partial ); + len_signature = len_partial; + ( *p ) += len_partial; + if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) ) + != 0 ) + { + mbedtls_free( sig->p ); + return( ret ); + } + + if( **p == '\0' ) { + ( *p )++; + len_partial--; + } + + memcpy( sig->p + len_partial, *p, len_partial ); + len_signature += len_partial; + sig->tag = tag_type; + sig->len = len_signature; + ( *p ) += len_partial; + return( 0 ); +} + +static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) +{ + switch( grpid ) + { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + case MBEDTLS_ECP_DP_SECP192R1: + return( PSA_ECC_CURVE_SECP192R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + case MBEDTLS_ECP_DP_SECP224R1: + return( PSA_ECC_CURVE_SECP224R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + case MBEDTLS_ECP_DP_SECP256R1: + return( PSA_ECC_CURVE_SECP256R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + case MBEDTLS_ECP_DP_SECP384R1: + return( PSA_ECC_CURVE_SECP384R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + case MBEDTLS_ECP_DP_SECP521R1: + return( PSA_ECC_CURVE_SECP521R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + case MBEDTLS_ECP_DP_BP256R1: + return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + case MBEDTLS_ECP_DP_BP384R1: + return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + case MBEDTLS_ECP_DP_BP512R1: + return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: + return( PSA_ECC_CURVE_CURVE25519 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case MBEDTLS_ECP_DP_SECP192K1: + return( PSA_ECC_CURVE_SECP192K1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case MBEDTLS_ECP_DP_SECP224K1: + return( PSA_ECC_CURVE_SECP224K1 ); +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case MBEDTLS_ECP_DP_SECP256K1: + return( PSA_ECC_CURVE_SECP256K1 ); +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + case MBEDTLS_ECP_DP_CURVE448: + return( PSA_ECC_CURVE_CURVE448 ); +#endif + default: + return( 0 ); + } +} + +static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len ) +{ + int ret; + psa_key_slot_t key_slot; + psa_key_policy_t policy; + psa_key_type_t psa_type; + mbedtls_pk_context key; + mbedtls_asn1_buf signature; + int key_len; + const int buff_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES + unsigned char buf[buff_len]; + unsigned char *p = ( unsigned char* ) sig; + mbedtls_pk_info_t pk_info = mbedtls_eckey_info; + psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) ); + psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); + ((void) md_alg); + + memset( &signature, 0, sizeof( mbedtls_asn1_buf ) ); + mbedtls_platform_zeroize( buf, buff_len ); + key.pk_info = &pk_info; + key.pk_ctx = ctx; + psa_crypto_init(); + + psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); + + if( extract_ecdsa_sig( &p, p + sig_len, &signature ) != 0 ) + { + ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; + goto cleanup; + } + + key_len = mbedtls_pk_write_pubkey_der( &key, buf, buff_len ); + if( key_len <= 0 ) + { + ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; + goto cleanup; + } + + if( mbedtls_psa_get_free_key_slot( &key_slot ) != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + goto cleanup; + } + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); + if( psa_set_key_policy( key_slot, &policy ) != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + goto cleanup; + } + + if( psa_import_key( key_slot, psa_type, buf+buff_len-key_len, key_len ) + != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; + goto cleanup; + } + + if( psa_asymmetric_verify( key_slot, psa_sig_md, + hash, hash_len, + signature.p, signature.len ) + != PSA_SUCCESS ) + { + psa_destroy_key( key_slot ); + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + goto cleanup; + } + ret = 0; + psa_destroy_key( key_slot ); + + cleanup: + mbedtls_free( signature.p ); + return( ret ); +} +#else /* MBEDTLS_USE_PSA_CRYPTO */ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) @@ -487,6 +746,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, return( ret ); } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, From 1e3b6865d7197e023735d364f6316963cb1b2686 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 6 Nov 2018 08:50:04 -0500 Subject: [PATCH 0802/2197] pk_wrap: cosmetic changes Adjust whitespaces and variable names --- library/pk_wrap.c | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index f48b85039..4a74621fc 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -547,12 +547,15 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, size_t len_partial; int tag_type; if( ( end - *p ) < 1 ) + { return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + } tag_type = **p; - if( ( ret = mbedtls_asn1_get_tag(p, end, &len_partial, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { + if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); } @@ -560,15 +563,15 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, != 0 ) return( ret ); - if( **p == '\0' ) { + if( **p == '\0' ) + { ( *p )++; len_partial--; } sig->p = mbedtls_calloc( 2, len_partial ); - if( sig->p == NULL ) { + if( sig->p == NULL ) return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); - } memcpy( sig->p, *p, len_partial ); len_signature = len_partial; @@ -580,7 +583,8 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, return( ret ); } - if( **p == '\0' ) { + if( **p == '\0' ) + { ( *p )++; len_partial--; } @@ -665,16 +669,14 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, mbedtls_pk_context key; mbedtls_asn1_buf signature; int key_len; - const int buff_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES - unsigned char buf[buff_len]; - unsigned char *p = ( unsigned char* ) sig; + const int buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES + unsigned char buf[buf_len]; + unsigned char *p = (unsigned char*) sig; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) ); psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); - ((void) md_alg); memset( &signature, 0, sizeof( mbedtls_asn1_buf ) ); - mbedtls_platform_zeroize( buf, buff_len ); key.pk_info = &pk_info; key.pk_ctx = ctx; psa_crypto_init(); @@ -687,7 +689,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - key_len = mbedtls_pk_write_pubkey_der( &key, buf, buff_len ); + key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); if( key_len <= 0 ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -707,7 +709,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_import_key( key_slot, psa_type, buf+buff_len-key_len, key_len ) + if( psa_import_key( key_slot, psa_type, buf+buf_len-key_len, key_len ) != PSA_SUCCESS ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; From 6d49ae92233a6bd1442ecc5aff4ccec4c82719cc Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 7 Nov 2018 03:19:08 -0500 Subject: [PATCH 0803/2197] pk_wrap: nullify the signature pointer on error in extract_ecdsa_sig Fix a double free error in ecdsa_verify_wrap --- library/pk_wrap.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 4a74621fc..3e150a20d 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -576,10 +576,11 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, memcpy( sig->p, *p, len_partial ); len_signature = len_partial; ( *p ) += len_partial; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) ) - != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, + MBEDTLS_ASN1_INTEGER ) ) != 0 ) { mbedtls_free( sig->p ); + sig->p = NULL; return( ret ); } @@ -684,10 +685,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); if( extract_ecdsa_sig( &p, p + sig_len, &signature ) != 0 ) - { - ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; - goto cleanup; - } + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); if( key_len <= 0 ) From f8c94a811a45d4e0291dbeba8aa622f1b115c064 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 7 Nov 2018 08:18:52 -0500 Subject: [PATCH 0804/2197] pk_wrap: check if curve conversion is successful --- library/pk_wrap.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 3e150a20d..6007a23c8 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -677,6 +677,9 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) ); psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); + if( curve == 0 ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + memset( &signature, 0, sizeof( mbedtls_asn1_buf ) ); key.pk_info = &pk_info; key.pk_ctx = ctx; From c097b0fdedd82e5a9369fa418c3c785bd81250b9 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 7 Nov 2018 09:30:50 -0500 Subject: [PATCH 0805/2197] pk_wrap: add a check for equal signature parts --- library/pk_wrap.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 6007a23c8..2e22ec9d3 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -542,10 +542,9 @@ static psa_algorithm_t translate_md_to_psa( mbedtls_md_type_t md_alg ) static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *sig ) { - int ret; - size_t len_signature; - size_t len_partial; - int tag_type; + int ret, tag_type; + size_t len_signature, len_partial; + if( ( end - *p ) < 1 ) { return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + @@ -590,6 +589,10 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, len_partial--; } + // Check if both parts are of the same size + if( len_partial != len_signature ) + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE ); + memcpy( sig->p + len_partial, *p, len_partial ); len_signature += len_partial; sig->tag = tag_type; From 2f69b1a059a32deef1aa2886d290262a91656aa7 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 8 Nov 2018 04:33:06 -0500 Subject: [PATCH 0806/2197] pk_wrap: destroy key slot on errors with policy or key importing --- library/pk_wrap.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 2e22ec9d3..469dc253d 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -591,7 +591,7 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, // Check if both parts are of the same size if( len_partial != len_signature ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE ); + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE ); memcpy( sig->p + len_partial, *p, len_partial ); len_signature += len_partial; @@ -696,15 +696,16 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); if( key_len <= 0 ) { - ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; - goto cleanup; + mbedtls_free( signature.p ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); } if( mbedtls_psa_get_free_key_slot( &key_slot ) != PSA_SUCCESS ) { - ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - goto cleanup; + mbedtls_free( signature.p ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); } + psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); if( psa_set_key_policy( key_slot, &policy ) != PSA_SUCCESS ) @@ -725,14 +726,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, signature.p, signature.len ) != PSA_SUCCESS ) { - psa_destroy_key( key_slot ); ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } ret = 0; - psa_destroy_key( key_slot ); cleanup: + psa_destroy_key( key_slot ); mbedtls_free( signature.p ); return( ret ); } From 510ee70501d54c95f5a59aef4bed35a0aad6ae51 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 8 Nov 2018 05:04:53 -0500 Subject: [PATCH 0807/2197] pk_wrap: test if a valid md_alg is passed to ecdsa_verify_wrap Adjust tests to pass a valid algorithm --- library/pk_wrap.c | 6 +++++- tests/suites/test_suite_pk.function | 3 ++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 469dc253d..4fc1a8552 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -677,12 +677,16 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char buf[buf_len]; unsigned char *p = (unsigned char*) sig; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; - psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) ); + psa_algorithm_t psa_sig_md = translate_md_to_psa( md_alg ); psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); if( curve == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if( psa_sig_md == 0 ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + psa_sig_md = PSA_ALG_ECDSA( psa_sig_md ); memset( &signature, 0, sizeof( mbedtls_asn1_buf ) ); key.pk_info = &pk_info; key.pk_ctx = ctx; diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 4813f71f7..c7c707558 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -246,7 +246,8 @@ void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash, TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q, key->x, key->len ) == 0 ); - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, + // MBEDTLS_MD_SHA1 is a dummy - it is ignored, but has to be other than MBEDTLS_MD_NONE. + TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA1, hash->x, hash->len, sig->x, sig->len ) == ret ); exit: From ca6330992e2f1f2c51239008612734de6fedd7fa Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 14:33:01 -0500 Subject: [PATCH 0808/2197] pk_wrap: switch to helper functions defined in psa_util.h Remove duplicated helper functions. Remove an unnecessary call to psa_crypto_init(). --- library/pk_wrap.c | 60 ++--------------------------------------------- 1 file changed, 2 insertions(+), 58 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 4fc1a8552..56ce69c54 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -47,7 +47,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#include "mbedtls/x509.h" +#include "mbedtls/psa_util.h" #include "mbedtls/asn1.h" #endif @@ -479,61 +479,6 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) -{ - for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) - { - if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ) - { - *key = slot; - return( PSA_SUCCESS ); - } - } - return( PSA_ERROR_INSUFFICIENT_MEMORY ); -} - -static psa_algorithm_t translate_md_to_psa( mbedtls_md_type_t md_alg ) -{ - switch( md_alg ) - { -#if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( PSA_ALG_MD2 ); -#endif -#if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( PSA_ALG_MD4 ); -#endif -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_MD_MD5: - return( PSA_ALG_MD5 ); -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_MD_SHA1: - return( PSA_ALG_SHA_1 ); -#endif -#if defined(MBEDTLS_SHA256_C) - case MBEDTLS_MD_SHA224: - return( PSA_ALG_SHA_224 ); - case MBEDTLS_MD_SHA256: - return( PSA_ALG_SHA_256 ); -#endif -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_MD_SHA384: - return( PSA_ALG_SHA_384 ); - case MBEDTLS_MD_SHA512: - return( PSA_ALG_SHA_512 ); -#endif -#if defined(MBEDTLS_RIPEMD160_C) - case MBEDTLS_MD_RIPEMD160: - return( PSA_ALG_RIPEMD160 ); -#endif - case MBEDTLS_MD_NONE: // Intentional fallthrough - default: - return( 0 ); - } -} - /* * Convert a signature from an ASN.1 sequence of two integers * to a raw {r,s} buffer. Note: upon a successful call, the caller @@ -677,7 +622,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char buf[buf_len]; unsigned char *p = (unsigned char*) sig; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; - psa_algorithm_t psa_sig_md = translate_md_to_psa( md_alg ); + psa_algorithm_t psa_sig_md = mbedtls_psa_translate_md( md_alg ); psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); if( curve == 0 ) @@ -690,7 +635,6 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, memset( &signature, 0, sizeof( mbedtls_asn1_buf ) ); key.pk_info = &pk_info; key.pk_ctx = ctx; - psa_crypto_init(); psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); From 45fc4641562daf97242b68f27286e51990292700 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 14:53:35 -0500 Subject: [PATCH 0809/2197] pk_wrap: improve error codes returned from ecdsa_verify_wrap Use the shared PSA utilities to translate errors. --- library/pk_wrap.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 56ce69c54..0d1d91b62 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -492,15 +492,14 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, if( ( end - *p ) < 1 ) { - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } tag_type = **p; if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); + return( ret ); } if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) ) @@ -536,7 +535,7 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, // Check if both parts are of the same size if( len_partial != len_signature ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE ); + return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); memcpy( sig->p + len_partial, *p, len_partial ); len_signature += len_partial; @@ -638,8 +637,8 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - if( extract_ecdsa_sig( &p, p + sig_len, &signature ) != 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature ) ) != 0 ) + return( ret ); key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); if( key_len <= 0 ) @@ -648,17 +647,17 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); } - if( mbedtls_psa_get_free_key_slot( &key_slot ) != PSA_SUCCESS ) + if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS ) { mbedtls_free( signature.p ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return( mbedtls_psa_err_translate_pk( ret ) ); } psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); - if( psa_set_key_policy( key_slot, &policy ) != PSA_SUCCESS ) + if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS ) { - ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + ret = mbedtls_psa_err_translate_pk( ret ); goto cleanup; } From 7b7808cc7654f524108ecda72eb2b337d60051c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 15 Nov 2018 11:44:11 +0100 Subject: [PATCH 0810/2197] Add tests for ECDSA verify with short r, s values This is intended to test transcoding the signature to the format expected by PSA (fixed-length encoding of r, s) when r and s have respectively: - full length with initial null byte - full length without initial null byte - non-full length with initial null byte - non-full length without initial null byte The signatures were generated using: programs/pkey/pk_sign tests/data_files/server5.key foo where foo is an empty file, and with a variant of one of the following patches applied: diff --git a/library/ecdsa.c b/library/ecdsa.c index abac015cebc6..e4a27b044516 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } + printf("\ngenerating r...\n"); +gen: MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -317,6 +319,11 @@ mul: MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G, f_rng, p_rng, ECDSA_RS_ECP ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) ); + + size_t bits = mbedtls_mpi_bitlen( pr ); + printf("%zu ", bits); + if( bits != 255 ) + goto gen; } while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 ); or: diff --git a/library/ecdsa.c b/library/ecdsa.c index abac015cebc6..d704376e0c42 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } + printf("\ngenerating r...\n"); +gen: MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -353,6 +355,11 @@ modn: MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); + + size_t bits = mbedtls_mpi_bitlen( s ); + printf("%zu ", bits); + if( bits != 247 ) + goto gen; } while( mbedtls_mpi_cmp_int( s, 0 ) == 0 ); with the value edited manually between each run to get the desired bit length. --- tests/suites/test_suite_pk.data | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 478cde7be..11dff2675 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -38,6 +38,38 @@ EC(DSA) verify test vector #2 (bad) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED +EC(DSA) verify test vector: good, bitlen(r) = 256 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3046022100faecc085c6c5362b91ff1fd6dd77da80bc071bee9ff1ac0ef9509c017f13267c022100a7d0b908c938d3dd6c6a9cdc5b0a4a4ee455c519c1ff6cda959806b7e7461ba0":0 + +EC(DSA) verify test vector: good, bitlen(r) = 255 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0 + +EC(DSA) verify test vector: good, bitlen(r) = 248 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220009109f967f9082abc9c46e5ea07936529b82023a1a49b872c046f430983db2602210085f0b1960d61f8d75109b5b7ff991d3171320d2ab547104f864048455a965090":0 + +EC(DSA) verify test vector: good, bitlen(r) = 247 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3044021f461786833b50247b07194da6cedbd3caefbcd19c73b6283ccff5097cd0d73b022100d85d20b0b8c3b596eb1cdb0381e681fa0a8bccde4e89c139020af3b0f88e099c":0 + +EC(DSA) verify test vector: good, bitlen(s) = 256 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0 + +EC(DSA) verify test vector: good, bitlen(s) = 255 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"304402206ae26950c606d08fe5e1682efdccfb3a7213ca46bd523ffd20c4213fe1400d3402207612106ada7055926167650b257da7f4c42c190b8aa9e3b680f8751fe90c63a5":0 + +EC(DSA) verify test vector: good, bitlen(s) = 248 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3045022100fd4d718ab483827492e10b89745fad100d2dd257102b99aff179ee596a569f1f022000a1b777e32a8b4909763b615b805e59194e6196eb05719287a36eb5f17aa485":0 + +EC(DSA) verify test vector: good, bitlen(s) = 247 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0 + ECDSA sign-verify depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_sign_verify:MBEDTLS_PK_ECDSA:0:0 From 3016de3eebd5147d153f1059ca6b924f6a7a41ee Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 17:01:16 -0500 Subject: [PATCH 0811/2197] pk_wrap: rework signature extraction to work with small r and s values There is a probability that r will be encoded as 31 or less bytes in DER, so additional padding is added in such case. Added a signature-part extraction function to tidy up the code further. --- library/pk_wrap.c | 108 ++++++++++++++++++++++++++++------------------ 1 file changed, 66 insertions(+), 42 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 0d1d91b62..e33ea3fc5 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -479,70 +479,93 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) +/* + * Extract one signature part of an ASN.1 integer type to a given buffer + * and adjust padding according to part_size. + */ +static int extract_ecdsa_sig_part( unsigned char **from, const unsigned char *end, + unsigned char *to, size_t part_size ) +{ + int ret; + size_t len_total, len_partial, zero_padding; + + if( ( ret = mbedtls_asn1_get_tag( from, end, &len_partial, + MBEDTLS_ASN1_INTEGER ) ) != 0 ) + { + return( ret ); + } + + while( **from == '\0' && len_partial > 0 ) + { + ( *from )++; + len_partial--; + } + + if( len_partial > part_size || len_partial == 0 ) + return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + + zero_padding = part_size - len_partial; + memcpy( to + zero_padding, *from, len_partial ); + len_total = len_partial + zero_padding; + while( zero_padding > 0 ) + { + zero_padding--; + to[zero_padding] = 0; + } + + ( *from ) += len_partial; + return len_total; +} + /* * Convert a signature from an ASN.1 sequence of two integers * to a raw {r,s} buffer. Note: upon a successful call, the caller * takes ownership of the sig->p buffer. */ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, - mbedtls_asn1_buf *sig ) + mbedtls_asn1_buf *sig, size_t int_size ) { - int ret, tag_type; - size_t len_signature, len_partial; + int ret; if( ( end - *p ) < 1 ) { return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } - tag_type = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( ret ); - } - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) ) - != 0 ) - return( ret ); - - if( **p == '\0' ) - { - ( *p )++; - len_partial--; - } - - sig->p = mbedtls_calloc( 2, len_partial ); + sig->p = mbedtls_calloc( 2, int_size ); if( sig->p == NULL ) return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); - memcpy( sig->p, *p, len_partial ); - len_signature = len_partial; - ( *p ) += len_partial; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, - MBEDTLS_ASN1_INTEGER ) ) != 0 ) + sig->tag = **p; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &sig->len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - mbedtls_free( sig->p ); - sig->p = NULL; - return( ret ); + goto cleanup; } - if( **p == '\0' ) + /* Extract r */ + if( ( ret = extract_ecdsa_sig_part( p, end, sig->p, int_size ) ) < 0) { - ( *p )++; - len_partial--; + goto cleanup; } + sig->len = ret; - // Check if both parts are of the same size - if( len_partial != len_signature ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + /* Extract s */ + if( ( ret = extract_ecdsa_sig_part( p, end, sig->p + sig->len, int_size ) ) < 0) + { + goto cleanup; + } + sig->len += ret; - memcpy( sig->p + len_partial, *p, len_partial ); - len_signature += len_partial; - sig->tag = tag_type; - sig->len = len_signature; - ( *p ) += len_partial; return( 0 ); + +cleanup: + mbedtls_free( sig->p ); + sig->p = NULL; + sig->len = 0; + sig->tag = 0; + return( ret ); } static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) @@ -637,7 +660,8 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature ) ) != 0 ) + if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature, + ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7) / 8 ) ) != 0 ) return( ret ); key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); @@ -678,7 +702,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, } ret = 0; - cleanup: +cleanup: psa_destroy_key( key_slot ); mbedtls_free( signature.p ); return( ret ); From 688ea8d10de20f46ed3e533992e4886c022c9721 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 17:41:58 -0500 Subject: [PATCH 0812/2197] pk_wrap: reuse a static buffer for signature extraction Use a buffer left over after importing a key to hold an extracted signature. --- library/pk_wrap.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index e33ea3fc5..46ffe4e27 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -519,8 +519,8 @@ static int extract_ecdsa_sig_part( unsigned char **from, const unsigned char *en /* * Convert a signature from an ASN.1 sequence of two integers - * to a raw {r,s} buffer. Note: upon a successful call, the caller - * takes ownership of the sig->p buffer. + * to a raw {r,s} buffer. Note: the provided sig buffer should be at least + * twice as big as int_size. */ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *sig, size_t int_size ) @@ -532,9 +532,8 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } - sig->p = mbedtls_calloc( 2, int_size ); if( sig->p == NULL ) - return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); sig->tag = **p; @@ -561,8 +560,6 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, return( 0 ); cleanup: - mbedtls_free( sig->p ); - sig->p = NULL; sig->len = 0; sig->tag = 0; return( ret ); @@ -640,12 +637,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, mbedtls_pk_context key; mbedtls_asn1_buf signature; int key_len; - const int buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES + const unsigned buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES unsigned char buf[buf_len]; unsigned char *p = (unsigned char*) sig; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; psa_algorithm_t psa_sig_md = mbedtls_psa_translate_md( md_alg ); psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); + size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8; if( curve == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -660,22 +658,12 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature, - ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7) / 8 ) ) != 0 ) - return( ret ); - key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); if( key_len <= 0 ) - { - mbedtls_free( signature.p ); return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - } if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS ) - { - mbedtls_free( signature.p ); return( mbedtls_psa_err_translate_pk( ret ) ); - } psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); @@ -692,6 +680,20 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } + /* Reuse the buffer of an already imported key */ + if( 2 * signature_part_size > buf_len ) + { + ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; + goto cleanup; + } + signature.p = buf; + + if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature, + signature_part_size ) ) != 0 ) + { + goto cleanup; + } + if( psa_asymmetric_verify( key_slot, psa_sig_md, hash, hash_len, signature.p, signature.len ) @@ -704,7 +706,6 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, cleanup: psa_destroy_key( key_slot ); - mbedtls_free( signature.p ); return( ret ); } #else /* MBEDTLS_USE_PSA_CRYPTO */ From 73bf6b9e00e35e19c96042f359b495cc54e9d204 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 05:04:35 -0500 Subject: [PATCH 0813/2197] pk_wrap: rework and tidy up signature extraction Improve comments, use a normal buffer instead of mbedtls_asn1_buf, remove unneeded variables and use shared utilities where possible. --- library/pk_wrap.c | 169 ++++++++++++---------------------------------- 1 file changed, 44 insertions(+), 125 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 46ffe4e27..8d6c0f263 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -480,150 +480,70 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) #if defined(MBEDTLS_USE_PSA_CRYPTO) /* - * Extract one signature part of an ASN.1 integer type to a given buffer - * and adjust padding according to part_size. + * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of + * those integers and convert it to the fixed-length encoding expected by PSA. */ -static int extract_ecdsa_sig_part( unsigned char **from, const unsigned char *end, - unsigned char *to, size_t part_size ) +static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end, + unsigned char *to, size_t to_len ) { int ret; - size_t len_total, len_partial, zero_padding; + size_t unpadded_len, padding_len; - if( ( ret = mbedtls_asn1_get_tag( from, end, &len_partial, + if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) { return( ret ); } - while( **from == '\0' && len_partial > 0 ) + while( unpadded_len > 0 && **from == 0x00 ) { ( *from )++; - len_partial--; + unpadded_len--; } - if( len_partial > part_size || len_partial == 0 ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if( unpadded_len > to_len || unpadded_len == 0 ) + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - zero_padding = part_size - len_partial; - memcpy( to + zero_padding, *from, len_partial ); - len_total = len_partial + zero_padding; - while( zero_padding > 0 ) - { - zero_padding--; - to[zero_padding] = 0; - } + padding_len = to_len - unpadded_len; + memcpy( to + padding_len, *from, unpadded_len ); + ( *from ) += unpadded_len; - ( *from ) += len_partial; - return len_total; + memset( to, 0x00, padding_len ); + + return( 0 ); } /* * Convert a signature from an ASN.1 sequence of two integers - * to a raw {r,s} buffer. Note: the provided sig buffer should be at least + * to a raw {r,s} buffer. Note: the provided sig buffer must be at least * twice as big as int_size. */ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, - mbedtls_asn1_buf *sig, size_t int_size ) + unsigned char *sig, size_t int_size ) { int ret; + size_t tmp_size; if( ( end - *p ) < 1 ) { return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } - if( sig->p == NULL ) + if( sig == NULL ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - sig->tag = **p; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &sig->len, + if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - goto cleanup; - } + return( ret ); /* Extract r */ - if( ( ret = extract_ecdsa_sig_part( p, end, sig->p, int_size ) ) < 0) - { - goto cleanup; - } - sig->len = ret; - + if( ( ret = extract_ecdsa_sig_int( p, end, sig, int_size ) ) != 0 ) + return( ret ); /* Extract s */ - if( ( ret = extract_ecdsa_sig_part( p, end, sig->p + sig->len, int_size ) ) < 0) - { - goto cleanup; - } - sig->len += ret; + if( ( ret = extract_ecdsa_sig_int( p, end, sig + int_size, int_size ) ) != 0 ) + return( ret ); return( 0 ); - -cleanup: - sig->len = 0; - sig->tag = 0; - return( ret ); -} - -static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) -{ - switch( grpid ) - { -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - case MBEDTLS_ECP_DP_SECP192R1: - return( PSA_ECC_CURVE_SECP192R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - case MBEDTLS_ECP_DP_SECP224R1: - return( PSA_ECC_CURVE_SECP224R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - case MBEDTLS_ECP_DP_SECP256R1: - return( PSA_ECC_CURVE_SECP256R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - case MBEDTLS_ECP_DP_SECP384R1: - return( PSA_ECC_CURVE_SECP384R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - case MBEDTLS_ECP_DP_SECP521R1: - return( PSA_ECC_CURVE_SECP521R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - case MBEDTLS_ECP_DP_BP256R1: - return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - case MBEDTLS_ECP_DP_BP384R1: - return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - case MBEDTLS_ECP_DP_BP512R1: - return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - case MBEDTLS_ECP_DP_CURVE25519: - return( PSA_ECC_CURVE_CURVE25519 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - case MBEDTLS_ECP_DP_SECP192K1: - return( PSA_ECC_CURVE_SECP192K1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - case MBEDTLS_ECP_DP_SECP224K1: - return( PSA_ECC_CURVE_SECP224K1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - case MBEDTLS_ECP_DP_SECP256K1: - return( PSA_ECC_CURVE_SECP256K1 ); -#endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - case MBEDTLS_ECP_DP_CURVE448: - return( PSA_ECC_CURVE_CURVE448 ); -#endif - default: - return( 0 ); - } } static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, @@ -635,36 +555,36 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_key_policy_t policy; psa_key_type_t psa_type; mbedtls_pk_context key; - mbedtls_asn1_buf signature; int key_len; - const unsigned buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES - unsigned char buf[buf_len]; + /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */ + unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES]; unsigned char *p = (unsigned char*) sig; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; - psa_algorithm_t psa_sig_md = mbedtls_psa_translate_md( md_alg ); - psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); + psa_algorithm_t psa_sig_md, psa_md; + psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group ( + ( (mbedtls_ecdsa_context *) ctx )->grp.id ); size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8; if( curve == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - if( psa_sig_md == 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - psa_sig_md = PSA_ALG_ECDSA( psa_sig_md ); - memset( &signature, 0, sizeof( mbedtls_asn1_buf ) ); + /* mbedlts_pk_write_pubkey_der() expects a full PK context, + * re-construct one to make it happy */ key.pk_info = &pk_info; key.pk_ctx = ctx; - - psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - - key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len ); + key_len = mbedtls_pk_write_pubkey_der( &key, buf, sizeof( buf ) ); if( key_len <= 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( ret ) ); + psa_md = mbedtls_psa_translate_md( md_alg ); + if( psa_md == 0 ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + psa_sig_md = PSA_ALG_ECDSA( psa_md ); + psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); + psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS ) @@ -673,7 +593,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_import_key( key_slot, psa_type, buf+buf_len-key_len, key_len ) + if( psa_import_key( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len ) != PSA_SUCCESS ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -681,14 +601,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, } /* Reuse the buffer of an already imported key */ - if( 2 * signature_part_size > buf_len ) + if( 2 * signature_part_size > sizeof( buf ) ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; goto cleanup; } - signature.p = buf; - if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature, + if( ( ret = extract_ecdsa_sig( &p, p + sig_len, buf, signature_part_size ) ) != 0 ) { goto cleanup; @@ -696,7 +615,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( psa_asymmetric_verify( key_slot, psa_sig_md, hash, hash_len, - signature.p, signature.len ) + buf, 2 * signature_part_size ) != PSA_SUCCESS ) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; From e30ad542a10d2c506e2948f6d445afaf44f82734 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 05:14:46 -0500 Subject: [PATCH 0814/2197] Cosmetic changes Move memset to a more relevant spot, fix one whitespace error --- library/pk_wrap.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 8d6c0f263..1b626c75a 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -505,11 +505,10 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); padding_len = to_len - unpadded_len; + memset( to, 0x00, padding_len ); memcpy( to + padding_len, *from, unpadded_len ); ( *from ) += unpadded_len; - memset( to, 0x00, padding_len ); - return( 0 ); } @@ -561,7 +560,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char *p = (unsigned char*) sig; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; psa_algorithm_t psa_sig_md, psa_md; - psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group ( + psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8; From 96cc1b3def98f62c3e5f87ca2155d7d52a8ad598 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 06:39:06 -0500 Subject: [PATCH 0815/2197] pk_wrap.c: tidy up signature extraction Add a sanity check for signature length, remove superfluous bounds check. --- library/pk_wrap.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 1b626c75a..9fc7e22b9 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -523,14 +523,6 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, int ret; size_t tmp_size; - if( ( end - *p ) < 1 ) - { - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - } - - if( sig == NULL ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) return( ret ); @@ -562,7 +554,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_algorithm_t psa_sig_md, psa_md; psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group( ( (mbedtls_ecdsa_context *) ctx )->grp.id ); - size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8; + const size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7 ) / 8; if( curve == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -599,19 +591,26 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - /* Reuse the buffer of an already imported key */ + /* We don't need the exported key anymore and can + * reuse its buffer for signature extraction. */ if( 2 * signature_part_size > sizeof( buf ) ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; goto cleanup; } - if( ( ret = extract_ecdsa_sig( &p, p + sig_len, buf, + if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf, signature_part_size ) ) != 0 ) { goto cleanup; } + if( p != sig + sig_len ) + { + ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + goto cleanup; + } + if( psa_asymmetric_verify( key_slot, psa_sig_md, hash, hash_len, buf, 2 * signature_part_size ) From 266d907c87ac43d5f518fad7134ba70d64bfb5df Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 20 Nov 2018 07:59:18 -0500 Subject: [PATCH 0816/2197] pk_wrap.c: fix length mismatch check placement --- library/pk_wrap.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 9fc7e22b9..3690fef5b 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -605,12 +605,6 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( p != sig + sig_len ) - { - ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; - goto cleanup; - } - if( psa_asymmetric_verify( key_slot, psa_sig_md, hash, hash_len, buf, 2 * signature_part_size ) @@ -619,6 +613,12 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } + + if( p != sig + sig_len ) + { + ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + goto cleanup; + } ret = 0; cleanup: From 82df32e3fd99608de3df042d69f70bd278306079 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 23 Nov 2018 15:11:20 +0000 Subject: [PATCH 0817/2197] psa: Unused key_bits is OK When MD or CMAC are disabled, let the compiler know that it is OK that `key_bits` is set but not used by casting `key_bits` to `(void)`. --- library/psa_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 291dcdb0d..d100eb1fc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1869,6 +1869,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, else #endif /* MBEDTLS_MD_C */ { + (void) key_bits; status = PSA_ERROR_NOT_SUPPORTED; } From 5e769522359e3b07167f9d1696c971cd5d19fc6e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 21:59:56 +0100 Subject: [PATCH 0818/2197] Add a facility to configure entropy sources Add a function to configure entropy sources. For testing only. Use it to test that the library initialization fails properly if there is no entropy source. --- library/psa_crypto.c | 25 ++++- library/psa_crypto_invasive.h | 79 ++++++++++++++++ tests/suites/test_suite_psa_crypto_init.data | 6 ++ .../test_suite_psa_crypto_init.function | 93 +++++++++++++++++++ 4 files changed, 200 insertions(+), 3 deletions(-) create mode 100644 library/psa_crypto_invasive.h diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4c0ac1213..f4c87d3e2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -43,6 +43,7 @@ #include "psa/crypto.h" +#include "psa_crypto_invasive.h" /* Include internal declarations that are useful for implementing persistently * stored keys. */ #include "psa_crypto_storage.h" @@ -155,6 +156,8 @@ enum rng_state typedef struct { + void (* entropy_init )( mbedtls_entropy_context *ctx ); + void (* entropy_free )( mbedtls_entropy_context *ctx ); mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; @@ -4437,6 +4440,17 @@ psa_status_t psa_generate_key( psa_key_slot_t key, /* Module setup */ /****************************************************************/ +psa_status_t mbedtls_psa_crypto_configure_entropy_sources( + void (* entropy_init )( mbedtls_entropy_context *ctx ), + void (* entropy_free )( mbedtls_entropy_context *ctx ) ) +{ + if( global_data.rng_state != RNG_NOT_INITIALIZED ) + return( PSA_ERROR_BAD_STATE ); + global_data.entropy_init = entropy_init; + global_data.entropy_free = entropy_free; + return( PSA_SUCCESS ); +} + void mbedtls_psa_crypto_free( void ) { psa_key_slot_t key; @@ -4457,7 +4471,7 @@ void mbedtls_psa_crypto_free( void ) if( global_data.rng_state != RNG_NOT_INITIALIZED ) { mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); - mbedtls_entropy_free( &global_data.entropy ); + global_data.entropy_free( &global_data.entropy ); } /* Wipe all remaining data, including configuration. * In particular, this sets all state indicator to the value @@ -4474,10 +4488,15 @@ psa_status_t psa_crypto_init( void ) if( global_data.initialized != 0 ) return( PSA_SUCCESS ); - mbedtls_zeroize( &global_data, sizeof( global_data ) ); + /* Set default configuration if + * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */ + if( global_data.entropy_init == NULL ) + global_data.entropy_init = mbedtls_entropy_init; + if( global_data.entropy_free == NULL ) + global_data.entropy_free = mbedtls_entropy_free; /* Initialize the random generator. */ - mbedtls_entropy_init( &global_data.entropy ); + global_data.entropy_init( &global_data.entropy ); mbedtls_ctr_drbg_init( &global_data.ctr_drbg ); global_data.rng_state = RNG_INITIALIZED; ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg, diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h new file mode 100644 index 000000000..642652a47 --- /dev/null +++ b/library/psa_crypto_invasive.h @@ -0,0 +1,79 @@ +/** + * \file psa_crypto_invasive.h + * + * \brief PSA cryptography module: invasive interfaces for test only. + * + * The interfaces in this file are intended for testing purposes only. + * They MUST NOT be made available to clients over IPC in integrations + * with isolation, and they SHOULD NOT be made available in library + * integrations except when building the library for testing. + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_INVASIVE_H +#define PSA_CRYPTO_INVASIVE_H + +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#include "psa/crypto.h" + +#include "mbedtls/entropy.h" + +/** \brief Configure entropy sources. + * + * This function may only be called before a call to psa_crypto_init(), + * or after a call to mbedtls_psa_crypto_free() and before any + * subsequent call to psa_crypto_init(). + * + * This function is only intended for test purposes. The functionality + * it provides is also useful for system integrators, but + * system integrators should configure entropy drivers instead of + * breaking through to the Mbed TLS API. + * + * \param entropy_init Function to initialize the entropy context + * and set up the desired entropy sources. + * It is called by psa_crypto_init(). + * By default this is mbedtls_entropy_init(). + * This function cannot report failures directly. + * To indicate a failure, set the entropy context + * to a state where mbedtls_entropy_func() will + * return an error. + * \param entropy_free Function to free the entropy context + * and associated resources. + * It is called by mbedtls_psa_crypto_free(). + * By default this is mbedtls_entropy_free(). + * + * \retval PSA_SUCCESS + * Success. + * \retval PSA_ERROR_NOT_PERMITTED + * The caller does not have the permission to configure + * entropy sources. + * \retval PSA_ERROR_BAD_STATE + * The library has already been initialized. + */ +psa_status_t mbedtls_psa_crypto_configure_entropy_sources( + void (* entropy_init )( mbedtls_entropy_context *ctx ), + void (* entropy_free )( mbedtls_entropy_context *ctx ) ); + +#endif /* PSA_CRYPTO_INVASIVE_H */ diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index e44111814..8ce044dc6 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -18,3 +18,9 @@ validate_module_init_generate_random:1 No key slot access after deinit validate_module_init_key_based:1 + +Custom entropy sources: all standard +custom_entropy_sources:0x0000ffff:PSA_SUCCESS + +Custom entropy sources: none +custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 7cb10c0a1..0957969d5 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -6,6 +6,73 @@ #endif #include "psa/crypto.h" +/* Some tests in this module configure entropy sources. */ +#include "psa_crypto_invasive.h" + +#include "mbedtls/entropy.h" +#include "mbedtls/entropy_poll.h" + +#define ENTROPY_SOURCE_PLATFORM 0x00000001 +#define ENTROPY_SOURCE_TIMING 0x00000002 +#define ENTROPY_SOURCE_HAVEGE 0x00000004 +#define ENTROPY_SOURCE_HARDWARE 0x00000008 +#define ENTROPY_SOURCE_NV_SEED 0x00000010 +static uint32_t custom_entropy_sources_mask; + +/* This is a modified version of mbedtls_entropy_init() from entropy.c + * which chooses entropy sources dynamically. */ +static void custom_entropy_init( mbedtls_entropy_context *ctx ) +{ + ctx->source_count = 0; + memset( ctx->source, 0, sizeof( ctx->source ) ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif + + ctx->accumulator_started = 0; +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + mbedtls_sha512_init( &ctx->accumulator ); +#else + mbedtls_sha256_init( &ctx->accumulator ); +#endif +#if defined(MBEDTLS_HAVEGE_C) + mbedtls_havege_init( &ctx->havege_data ); +#endif + +#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) + if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM ) + mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG ); +#endif +#if defined(MBEDTLS_TIMING_C) + if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING ) + mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDCLOCK, + MBEDTLS_ENTROPY_SOURCE_WEAK ); +#endif +#if defined(MBEDTLS_HAVEGE_C) + if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE ) + mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, + MBEDTLS_ENTROPY_MIN_HAVEGE, + MBEDTLS_ENTROPY_SOURCE_STRONG ); +#endif +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE ) + mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG ); +#endif +#if defined(MBEDTLS_ENTROPY_NV_SEED) + if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED ) + mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG ); + ctx->initial_entropy_run = 0; +#endif +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -75,3 +142,29 @@ void validate_module_init_key_based( int count ) TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); } /* END_CASE */ + +/* BEGIN_CASE */ +void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) +{ + psa_status_t expected_init_status = expected_init_status_arg; + int inited = 0; + uint8_t random[10] = { 0 }; + + custom_entropy_sources_mask = sources_arg; + TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free ) == + PSA_SUCCESS ); + + TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); + if( expected_init_status != PSA_SUCCESS ) + goto exit; + inited = 1; + + TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == + PSA_SUCCESS ); + +exit: + if( inited ) + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From ebe770c693250dc2cc179b54361b81849fddd0a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 22:41:50 +0100 Subject: [PATCH 0819/2197] Add tests with a fake entropy source Add tests with a fake entropy source to check that the required amount of entropy is one block, fed in one or more steps. --- tests/suites/test_suite_psa_crypto_init.data | 15 ++++ .../test_suite_psa_crypto_init.function | 82 ++++++++++++++++++- 2 files changed, 93 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index 8ce044dc6..58817d93b 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -24,3 +24,18 @@ custom_entropy_sources:0x0000ffff:PSA_SUCCESS Custom entropy sources: none custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: never returns anything +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:0:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: less than the block size +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY + +Fake entropy: one block eventually +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS + +Fake entropy: one block in two steps +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:-1:-1:PSA_SUCCESS + +Fake entropy: more than one block in two steps +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 0957969d5..5aa571d49 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -12,12 +12,41 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) + +typedef struct +{ + size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */ + size_t max_steps; + size_t *length_sequence; + size_t step; +} fake_entropy_state_t; +static int fake_entropy_source( void *state_arg, + unsigned char *output, size_t len, + size_t *olen ) +{ + fake_entropy_state_t *state = state_arg; + size_t i; + + if( state->step >= state->max_steps ) + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + + *olen = MIN( len, state->length_sequence[state->step] ); + for( i = 0; i < *olen; i++ ) + output[i] = i; + ++state->step; + return( 0 ); +}; + #define ENTROPY_SOURCE_PLATFORM 0x00000001 #define ENTROPY_SOURCE_TIMING 0x00000002 #define ENTROPY_SOURCE_HAVEGE 0x00000004 #define ENTROPY_SOURCE_HARDWARE 0x00000008 #define ENTROPY_SOURCE_NV_SEED 0x00000010 +#define ENTROPY_SOURCE_FAKE 0x40000000 + static uint32_t custom_entropy_sources_mask; +static fake_entropy_state_t fake_entropy_state; /* This is a modified version of mbedtls_entropy_init() from entropy.c * which chooses entropy sources dynamically. */ @@ -71,6 +100,12 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx ) MBEDTLS_ENTROPY_SOURCE_STRONG ); ctx->initial_entropy_run = 0; #endif + + if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE ) + mbedtls_entropy_add_source( ctx, + fake_entropy_source, &fake_entropy_state, + fake_entropy_state.threshold, + MBEDTLS_ENTROPY_SOURCE_STRONG ); } /* END_HEADER */ @@ -147,7 +182,6 @@ void validate_module_init_key_based( int count ) void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) { psa_status_t expected_init_status = expected_init_status_arg; - int inited = 0; uint8_t random[10] = { 0 }; custom_entropy_sources_mask = sources_arg; @@ -158,13 +192,53 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; - inited = 1; TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == PSA_SUCCESS ); exit: - if( inited ) - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void fake_entropy_source( int threshold, + int amount1, + int amount2, + int amount3, + int amount4, + int expected_init_status_arg ) +{ + psa_status_t expected_init_status = expected_init_status_arg; + uint8_t random[10] = { 0 }; + size_t lengths[4]; + + fake_entropy_state.threshold = threshold; + fake_entropy_state.step = 0; + fake_entropy_state.max_steps = 0; + if( amount1 >= 0 ) + lengths[fake_entropy_state.max_steps++] = amount1; + if( amount2 >= 0 ) + lengths[fake_entropy_state.max_steps++] = amount2; + if( amount3 >= 0 ) + lengths[fake_entropy_state.max_steps++] = amount3; + if( amount4 >= 0 ) + lengths[fake_entropy_state.max_steps++] = amount4; + fake_entropy_state.length_sequence = lengths; + + custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE; + TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free ) == + PSA_SUCCESS ); + + TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); + if( expected_init_status != PSA_SUCCESS ) + goto exit; + + TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == + PSA_SUCCESS ); + +exit: + mbedtls_psa_crypto_free( ); } /* END_CASE */ From 0b3b5733fcd27261de5cab1e35212e08339ca65e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 23:09:54 +0100 Subject: [PATCH 0820/2197] Support NV seed enabled at compile time but not at runtime When testing with custom entropy sources, if MBEDTLS_ENTROPY_NV_SEED is enabled at compile time but the NV seed source is not used at runtime, mbedtls_entropy_func makes a second pass anyway. Cope with this in the test code by telling the entropy module not to make this second pass. --- tests/suites/test_suite_psa_crypto_init.function | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 5aa571d49..13dfd3366 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -95,10 +95,17 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx ) #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED ) + { mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, MBEDTLS_ENTROPY_BLOCK_SIZE, MBEDTLS_ENTROPY_SOURCE_STRONG ); - ctx->initial_entropy_run = 0; + ctx->initial_entropy_run = 0; + } + else + { + /* Skip the NV seed even though it's compiled in. */ + ctx->initial_entropy_run = 1; + } #endif if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE ) From 0fce4c58301df29664b904dae76d13d30f81128a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 23:21:01 +0100 Subject: [PATCH 0821/2197] Add init tests with entropy from NV seed --- tests/suites/test_suite_psa_crypto_init.data | 9 +++++ .../test_suite_psa_crypto_init.function | 35 +++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index 58817d93b..6996c115b 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -39,3 +39,12 @@ fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1: Fake entropy: more than one block in two steps fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS + +NV seed only: less than minimum +entropy_from_nv_seed:MBEDTLS_ENTROPY_MIN_PLATFORM - 1:PSA_ERROR_INSUFFICIENT_ENTROPY + +NV seed only: less than one block +entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTROPY + +NV seed only: just enough +entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 13dfd3366..f4bb86f09 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -11,8 +11,13 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#include "mbedtls/platform.h" #define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) +#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) + +#define ENTROPY_MIN_NV_SEED_SIZE \ + MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) typedef struct { @@ -249,3 +254,33 @@ exit: mbedtls_psa_crypto_free( ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */ +void entropy_from_nv_seed( int seed_size_arg, + int expected_init_status_arg ) +{ + psa_status_t expected_init_status = expected_init_status_arg; + uint8_t random[10] = { 0 }; + uint8_t *seed = NULL; + size_t seed_size = seed_size_arg; + + ASSERT_ALLOC( seed, seed_size ); + TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 ); + + custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; + TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free ) == + PSA_SUCCESS ); + + TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); + if( expected_init_status != PSA_SUCCESS ) + goto exit; + + TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == + PSA_SUCCESS ); + +exit: + mbedtls_free( seed ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ From 9e1be6a246cffccbaec50ed9831d9e79b1dbb7c3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Nov 2018 23:21:37 +0100 Subject: [PATCH 0822/2197] Create the NV seed file for the tests if needed Write an all-bits-zero NV seed file for the tests. Without this, if the seed file is not present when this test suite is executed, the PSA module initialization will fail, causing most test cases to fail. Also write an all-bits-zero NV seed file at the end. The test cases in this test suite mess with the file, but subsequent test suites may need it. --- tests/suites/test_suite_psa_crypto_init.data | 6 ++++++ tests/suites/test_suite_psa_crypto_init.function | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index 6996c115b..c57a764ef 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -1,3 +1,6 @@ +Create NV seed file +create_nv_seed: + PSA init/deinit init_deinit:2 @@ -48,3 +51,6 @@ entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTRO NV seed only: just enough entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS + +Recreate NV seed file +create_nv_seed: diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index f4bb86f09..359650429 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -127,6 +127,14 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx ) * END_DEPENDENCIES */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */ +void create_nv_seed( ) +{ + static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE]; + TEST_ASSERT( mbedtls_nv_seed_write( seed, sizeof( seed ) ) >= 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void init_deinit( int count ) { From 8fe3372de13a6016ea8ef68b8948e9a03843b492 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 26 Nov 2018 17:21:23 +0000 Subject: [PATCH 0823/2197] Add generated documentation for mbedcrypto-0.1.0b --- docs/PSACryptoDriverModelSpec.pdf | Bin 0 -> 565092 bytes docs/PSA_Crypto_API_Overview.pdf | Bin 0 -> 200980 bytes docs/PSA_Crypto_API_Reference.pdf | Bin 0 -> 527887 bytes 3 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 docs/PSACryptoDriverModelSpec.pdf create mode 100644 docs/PSA_Crypto_API_Overview.pdf create mode 100644 docs/PSA_Crypto_API_Reference.pdf diff --git a/docs/PSACryptoDriverModelSpec.pdf b/docs/PSACryptoDriverModelSpec.pdf new file mode 100644 index 0000000000000000000000000000000000000000..cf11380e840184071cdf3b55ae11d7f67b389e8e GIT binary patch literal 565092 zcmeFYWppL6vMy$3W@ct)W@ct)W@e9>Va&|T%*-A$Gc(&`d$yf9_ucz)lXF(yN&Y1( zTK%J1t-V{SmOj;2r6N}nlb~m2V22_9wLH2G!$QPF!9|mJGWJD2Hpk>S}e!XaNtd=$`n_4+M;ynHAs+ylw?C@q|yWA zNz-z6lg+wJs)<6^)L?obqp=YzZ^RuK3dy4!-cR4h=M$=}YCa5DSuW)23R5=JK z);b_Gc$E>Pa4={UFom(Qbrmk%=qw+mR5}&T9x17vGa+atkYq(*q##P_RG?cp?$G0b zAl4035nhGge95RvDZneVT%dLWqv7mw3?P;4LYXy>Xh57HP@sGeGrCp>8%8iodBPD> z$K+S=4ZP|QSzd&~DOD(TT0xfEM9N6;0b1CI$E+l}OmG?vh0%4sT2N?oV2w&t6B_A} z*Rdo}LIHYO$0EE+Xg1zE@@a>y=wHEWcz zMAc{$430{v0sBFzDJZK#eU2>Rk?E<%aGy+e(TRvw1zUI(n;%d)g*6)Z=7_0q1kLjv z4+o(5`HK(r?fDKDzr%Lv>*wzXG~Og%`ThTNczIGV?^EVso7Ny$j$!wHl@04eK;qxJ zcdQ(!L`dSNo4=OL)a?o4CcTk9E=BgYhy9j~Q1>|#@*Iwlheq(~U2^{pIL`X{tlXe}xUnjtB`(B2Nx;ou_ zq~aXaUY-Cnre;3?l$Ay*xD>5{uecKezkVo zvwlM#8~+o#>l$6iw8+4k%HUae=GGj{7F%cFHuE|n6e9Q#EAWPSz(&pW3J@C$THH+7 zscYq)d*@c_TPGzBCt92@I-B8i*N*I;&K@29#*acRfSgu)zJ99vTPcDs2()N$SZ0tO zd#)+vFXMU*ylC3FFk7!qbi7J-&@5c zw196Xtqb~W@J8SMe)xBYqu}LuJ7|Ovp0bMro$P^>HfTr^yd8Mw+Q5D3&j?WCc!!jZ zRi68j+F?2-$u~tkTVAilwj&{wF*Xf7TOqGSh-0BJ{@{{Ap+#9x>;)6|fYzz|l$0fu zSJ@}Gv%<_>mwMPucFZ+-u51}s;vEM@$5!fOhqH9)Y?4ZLah5u29S<30S^izhJw`s*FaWqvUgW~eHc&d*3DZ>hSIU~f1FCZ5!%DDE2Ak!Zp1-u&Siuv1cJxkh;YOvq=l)JG}L$<;%?@i&9r_r#+?uy z8>97WI*!fvLV+y237M=mF`7Z%jz~Of0X>8SG=QUl1OoG`Wb(t%11|XeP;sl@@oX4aatUf~ko}4hMaE!z|Txh-7d;0g0mi7mz~1@v3iW z30`r2L28T{MMjITkcrDklOH^Aheg98D2gml69NP@WiX0=V?Zld=wq8d=N0 zN8W~_7$RbG0eJyPFBA*}J+0_q0jZJDAkb%Yl2X*-i8@hGM5~$;8ND<(BNGq<80?G^ z6Idc?BqkOpw2}yjQ%J};Fuv5NPKJmu2M8QYQ@A%YOw&F&)da&>t8UZJv_c|N932oE z5hNIwuni~}mt=P%K*eZgq0zEdUV)Kbb5Mw~8xa*&E);CFIF_>r5mI9>3S}hSEzqpV zBT1`5uve8Trow_#_y3!13=AVbc z(UjBy$MNQU{xeIbou1^QCiR#!k;@r^^WtU9n+zj zcL%dlqPSBHQRfM8w!KSx+B>7C6^1Momec{KCP@!`X4wXIbAQ<1_|I}RGUwE9b5C~J zZ_aLP*ucumQVzQ;I0kdl6D_eH__3HxV8aPr`PUdf%ep|;l!+jBbmG2Xlp7C8it zTC`d;ZNabJ);I4OIImsWPxJkzk-VsiFT0UlB8Wd#tz%zeczR3=t7J6h!8;JwcslI0 zQ<~g-F~30=_sO&E)w1l{9!uLRiJ*wtwIG3Si%^MJQKs~CnAh>EnatfPz{w$-qUJ`Pfc-@!r!8B>K)x0KMfw@Y)+66q1c~Rd8D49{d!bgvc^o10`$2Chp?~ z?mOPJ-hma7=uU`eT~EtBg4*cBtk*B5Zf%rq zU0~Z+t{v7_?fxz?g>PQICA3~gH9vrQaaz6MF#j+y?o<9HP;7ZQdkY*nRF1p}7}pYw8rYhcM(Q zIU1<$Gw(fVwt;WFLxKkJO@F5;wsdE1lacl-;Fb3^HdCXBXUd8NJ>GaMjzSe(-lE;g zCJ>@~PGryVJ!Z_XbgPDjdqX(KM{K<(^;a0|lyNP1|X5n-q>sQ;+sTA*x zWs@-XV_M9dZ}+^ocQ=h`*~i0(0;E=lt}?31FzRd59oJ&>R!5*zxo#+>xeF!xApET{b6Z6!28*JxoX#nvG{8yMlZeZ z{_<1)Q_}^jbcha;C-)ot_Be3vp8=kYiS7RZz_YM({<{GG*S2=V<%aA1)I49;Ly;yE zhgW(=yWVa0ogp{0k2@{KQ&hfrpN(bBO5oFXQoU!I?sg}Bjvt13?c1~XTn%qE=bvr zEP`DqODsq+j!A|s;aKi8BFOB8J#5T@#-D?=@E~r4r{V> zdrb!|rE!gtZh1G+{A^8}Z_Lf=vW7_9UKnbgQ6MnDP%x~uOWeOm9E||25XSvm1V#{U zJT;W(p&{o%YXHqX74s0eUy@`L*E~|FrxYtpx*<$P0@492DSClYDi_NWx}an{ZW((0 zC^lA_%?Sk)X`PqC&1f35>_iI0xRX0xi`YnsB$?hwX{Inp7vgR3;0=&R&! zy@_pxrPka;SJ2=xF$HkwC8{5AFoc=xK!HRkFa-NhPmnPAFf2q`6CD^-YAa;Cef%G2 ztYtH8@X)LeB_r)w7OZ8vbmTURX)LT|1SRCs>0RB9u=wAjpKrIv#k}uNUw6KqE|pUoP zbX*;0OW6}vx6|J}S8Hmy8GFsOoju)<9$A;ijX`d2nhAmW;Rm0o2x~S{7u<2|2S`Mk8s&?P_Yh@Pai9$y`?;fn*9=tPqskiN+^?r&^hkT4reIC}dKPVo2`*^PU zU~Y~V&W@Y7GF{c19IIaN;}tx7RP>!lw#_MW%v>=2enR;pkKMt;7syWL(MjHBy?3`C zZ{K05Ue(CI*Q%nAKAum>6|ahar#Z9aR8K$swbdeAP>FPYV?O0{uZH(0oke{Xq*t$u zAp-ryTx!*kR9cM@IjfpXxp&AaFImj=A6JWd@i)!0z#De?$Dhf&xAaE=*1gT1CAB-Y z(_X~^)ojnaOMk-vf(Vfo@_uFj3wp@4@Nc!DKH6RZYQs&Ul1ijSf-r&Wn5G>MU3NLa#iVIa8ZCdB_<{^8 zymFr1pU?B6yNqo}J`T3#8tQD`-kJXNi5$Mo`S{`a0aM#@(aM+EqNh5sr1h^X^Co!y z-RZCGy%*y-3!Y}yRTI-F5AxO?3b^50UmNncbXhPlH1&q_Q+HkPAd2Aw5rJRd^oCcI ziHAKtm(q?5s_o_g{R?~X*IyR-!E&WO8zr4nYE_teS>){*Y~`r@3~!UykfBLy4_5=;K=u`n%8^c9vl2dRcSZ=XJqAI{_kFk|MW_* zu(AIS;3WEAdnMu$izcvte;$y?z|@O<5KF zr3~@E&zO02m7!NnD?o&|qhKdz6Jk2TBmBJkwMGxA4J>_tU|(4RQUV|RDJ^gR(0&aY z0l8S|Gff&r*$v{3Ep8p(dGu1HlFu=A&5QOczBkzl!k|8u$$m&&lC;mtE?$LN&1HA_ zFR!j-_wDq<2c`zYiD`KYBGm9T!4~9T_*&>lwQszHAm^zma=5k>GE$eA_5BMivM~L( z{pr7aJFIN~wia2{n1Dn?!9`t3`AtDp!AVg``B`02!;kgqL>Ty8L0v&*!Kq4Prob;i zt66|q<&8ifd@x`xV2BoTr;%*B7-qcm$)0jWI-Ymn=+R>3UuNiL;m}1EgX(~q;*jc~ zq?IFAouFOZU>9QH9}Zc7u;JKN*})uGFgzhah~>x`aDc2Gn7seRu-G~Nd03pB|GBIF z8)`)WnlvvZeVij!55R#a8#XdSNCOe_VB9@Q4vq4a~z>aI|`Y z-aF7W!RO2-oWUk3P1i$4wmVXZM!Sq$pIroqm@QRHLpyiglK3E)-2pjxb`7Ow$PzWd z)n7a8SV)vUl8S@`Ng5`zxDoEhFcfK6$UH*^j2#CeX?y(7%3Pid3$uZY5IrT&{eEr# zt|-VNA5$^vV?Fh)D9ElVg7;qqU6>w zD5djJNP{Gb5=Yn8&xs|)-W!qL%gv6@=UAmOK{3XVpy>{+;yA!k9h zV!$_NhY-a!?6UUoYYBJFL^v~zc$ps1P_Q%Xd_J4xVZ^Vw=m)xC6$8>JhxnT5UkE-1 zl-Q;EFfog=W1=!MYg$PohqG(;RJ*V10F@nfp6>*Nqb-Y*;v+HnWD^vmBZ}+J6;_Gl z&3;K{0R>;EM;zpmf<6-f2s;;?hPRfQ?e}N$a^TPUZa@2hRd{k8NV_d7VwQ$tHv@Or zr)?K&^baonbskkmja}yiVs=4{6J6PI-c*BK&58I=n9|>ck#!sa9)N&ele#@W$UN-wgV~+840{_;P;DTmE7+JGD=aJVA8fz)7pf7?Z4+OR8a(1ZEzgz4>`;q%kzBa;R~m+b4>|r6 z?n_yB;iAp-{h$sv{P_S7#R-dL=JL*&Um}@Dd7C)!ZtIbLQnx2Taz#^q5LA-eq$)$h z{`ugEB{9+`$rW+b64|`vrqRULW{27#^Ju4S7SpX`Wb9n@b{{f^RGSgE4d<`7slKJK z{6lKRF=6VvC9(|>m{f{Z0~eC;XzR-A5Hs##h>>hGPOFOrncYv%TWz2^ncuh>k`z0<{9?G8%O!aXThWka z*z=M&#b-Oy5ILk=*@g zC3KBBPS1i1Xu%a~o-4o=Z}VQ!&qAp?2ma|9dKKPkgS=Ybt-JyKq|j%hp18w#0ExEU zG;THR(1Ca(BU|_*MDJxWs%SAPe`$rLua1Lge4}-?T%#N@6+u8(sT7WDhxUmbK9=H5A$S3$@brzcN;C)vRa<(;nP_`%3nwQaJQgHiH& z`P1di?<%U8)nR|5Z;*+Rw77pp3{DpAe}Nbr|2GgLOV@Fe32l7u9WB6(;P4%1E5Xh! zjpAmr#~pQws5D7ON_1?bJ^v<*0UkKH67!s-WbDT}_gP^4d_4qe&}K8EZ zL0aQb%Y`BB5OqgbvE%St;T!26rU4HV)*EdvLD$e7!&zHbOIT2_Us8~44f8+8u8DwD zvVEl1?Lm^^F6nx%WWc)zmsC+kb+>qIRHJ4ZW-7gR z#n}Nw^XD@|L`=Wj*ymVIj=XaF{j6Q`W1cR0-eeuBy()6{A1cB}OHI-bQHgG$2S&8CK4boRsIIXT!(-%jp!F$YxVUdl-y^Mz2!ugL>=|dOGUp=+of!G0Gg!$EUke zlPkUzrzoeKBodQnMulzkqr#>iZOr3tZO6P0WG1~bXHK`kHK=`_4IC-+WP1U(b$m3& zIpmtQ2?G!fPA)RE@QtAe<4;j1BBGJuew_u22m+6x0t!bdkBv$9O=N!O)DX>9eR9Qg zd0Qx1-?+Cg)xwC5!mlzrDg0Z6viqAhsr*~{Ra*BLcJ*V%gd0yX?}jiL(9f10j8>udFg|L~4+k4g zYC`4P4QsGuW&SU=*q|HchV?$Lg6V%pZ8!f#X%col6tFV##g#>{eJ3rhC;;02jalK< zhl*2v=6!^q>^N9zU9a_&+Za%LgAjDv*1XKGPw=;wo2&f#dC?4Au=>voT`jvoOycpo zPdCT55VBYHlMh_8&Xi?Hc0X{-a?qbAFe+c%^ix}(ya+6nRmGP=UTp2EHy;!Pg;DG@ zb(BJ*ZeEBki0JD?H_v5Y^?g(MT}a}D>~coKp>6*&52L?<9b$n5)VE<~giMDQ`4c7Q89M_Jb(WFu-;T=1gk z`u@~Dv@lvU{F(|x)U6>^ICdOWA@XhadK^`z@{L#v61JJ;iaE)^;|Fm^F4GX7Rlbl_ z2b&%f@v>=&SnVaM5Y)1RIuZ;vX1^X#Eh?Dl?y{M14_nexSohWs>m0KO3w`%cAwQsY z5C$6OG|G--5Y0fj)ON)&RA1&Tnhccc;6DDG0Rm@`Q6=fk0jEPQhVc7jd!~fNh<6I; zTTcsudYE>*MZ2$^&dKYu){0`VemO2BQj}x7s0q7fx1*t(K70`2Q9{|Qu{78VZkba{ z$RevrMtt(k1lbz=QnNRA?1%)V=mlA*-!<@w(3VOxDx`>&R9ThMM-j|t28rd1Jq%is z;s-WKSsJaRXaHXn+Pg}fi2|KGV7=v_s{)+>MXQrswHUq^G4)nIPv;?srHV-EqDbne zU&%W@)U1Nd5HCd+;?0d!nmSDDS$03!O3Z2*V&P|re#MJvF@(;P3^qkUGFsdgb)%8G zCoQnN9j<~`e{7Q%GNynR5yE;=k}0Tb!NbJgPtPbfsarwAlQ)XQ=mcvMoGuThK>ZJ%6DL5vqjqaw+txraL7;<8q3bkcUfPGM+ML_O_G{%TXm4E<#4sF>=JEUP78a+!XfCYnE2vn zn=gw6ZiocRyzfd#&XRF-RvL2wZ&UVtYbN1B;Iknxgu_Z>Ky zQB+zK-vqR>XyZgEPD&>q{lvrIzHF8sm=@M=N*z+xP13{-05XgXzC>mH&%_E!@m3|1-ME!p_CgT{b!8Lq+L8O_ z>-QJt3L{2M)RTgY1`w&36M=q|ilS&kYU_}R#OjOc0MGT$Yxc4u)_Yj`^vEAK4By_| z9r3R;r0^IsY_ttYpbUk#3b<6q%Ic(2==J zED3+`3lCC3O`=91L+*Yqin6KYY7k>Fw26xSbDCEH-4$wexr6wNaivGuh_>{=!h*=S zAIxeoD3}~Ql*wGa6q~G>d~THSpcD!#4c~K|pPjOfOEt*UI!I5}L{yN*tBRYTGOAl} z*S2b7MG3q9$|a~<=0_flfnN3Wf?Dknbw#XcBn`TUM0!Tnh2SK6SOS?OL^>k62^3M~+eaPVxuVp-jd!uJMUV@v+=%dD* zSY8JXxMU$t8}dvJC{~44rZSk?19Gckiprz}F0_ScST@->UY?fpEHzEo^0EO_EG{ZI ze{IEFJyWa%13cN{;xjQX9owT%T);21&HhkaG_TA_JZs0 zP<6B5q1JBoIhF##sag0oOg!N!i9&G_ngH~9mBDH2@#Y4?HR!x>Y9UN4C6d6opadw! z2-0<0cPWk;2%6*9*uF|Msy!wXwIFj-Y=1Q5{%C>dH)#8#3Bw7$)qyD@@KrguC@v8~ zz2(+$%g)1S<71~|C@6qS^%vO3$?nwYMstgQQd?l3w|7e0UMZu1L2s{rpevv}YV+qs zbv=jSpOLb^M-^P=_CDuZzk8nYX}{lZraxH>-u>n-##{WqzFu2lyla@m zIKR6#?fQE=`+B?j0Fjycf97Ui$Ey=K^96c(Ke!aX-VFo0ecrxiIXU}FH5uf)JZWgAU?*hNa1qM+6&l@)KAD|P40VD^b0w5GF z34z-IA0HnOD2B7U8^oQSeYV`2IJIKc3py?In*nPs@f^p_6Gw^T#0jDV5qt>Vc#mAi zD~Xz-2E8esilR@xc5RFT06*UR?-#&JAjg)YgFsLB2a_#H|L&LhC*XBUlP$mFc30$L zld=O<6ZMlUEDLLZZ7oX8d2Q|DOU?K5jDdtBV#v16$#ZB<(AST(3QJ~D1Zm!&jq(FBXC^ZsR0;OH zfQqJTAnxc{G_FeM07MY204MI7U^!z`Uxejw5NqcjHxk_gkzoT_w-IY`&Lv6tdULuL zjV8JQk#!J|9oLbeF;?)gxbp7<+IC}jx2yvx^#`{DUe0;BViMT4HOTlbGY(89E4UVDpCZw0s~tf`>14Rry%Ss z8g0FK{yMZBZvhCuvmF`HDltBJ&hO8qiBP}mf`L{vUv0xRRo&+8$b05j$!6`eWvlKP z<*Ea_O*KxddfaA}guQxkTa~izN<}T14QOp!)PV!5;aQP-IJj()-y+sD$mVzFS{ zU!ghCl6YPuFPsn78{?7gSbL(m&ElrLnN#$by~2(YTn^Vn*3ixwl%#=q2v;HjzEiLT z*vqMKnixKEKmt2n#FE~cVNwa@9y}33%*cL16%QqchL>~ufSV!643voYb+U#$w@Ni3 z(%%EPq|HO4z;$RjDX$>odiLzA7}zo)Yz=W(CPOctG#Mn$ZoxuV2T5gdWDNrAt?PSHbEu$Q;TM>`gS@WE__`%H6bI*AR1C=0q|q&;t{RZFv!FBwgnn z0wHNRg5UCMXT9R3qRxwvC*ecFBsJ};n9EeiA8X;S7NS6%L_zwAe2im7*vE44_oaVS zQ?w?oi5eh!^B=!-^p67ow*iLRu4^hS4xcJTKhY3R!yz$t`8Z17u>3{Wnv>P#f+PZ=x5_@YwiB}5qmy-R?1%Vxe$ckRu zFsnt|64~FM8}7M94_x6jVxLu%gQg?@xUNb0$BkAwDH|x<1~p~sW#4gas!Nu0mnEA& zQg-mOK0@T2vf|${I*j?gPHw>Q4h!I~rkx;PmG8U#PV~zy&Wj&_D?EWhh(LT_FtNWR#z*_VeXq1~OV47PZ80X#ubfsH%yJ_TZqMNAP zz=KwU0A8&cvJ!Q}gt28z*EXzW7ty$mVA_a3X0jDC+J+fp&xo;QK-bo*W#`Mh%a6(R zf3Bu`Y0|nhZ(P25sX|L=@lK+jy|VqVp1Uv-0JZ2&k?)hSn|~m(Q`bilyRhp0{sw|O zO}G4KQftGZ4PWQ_WFMn^Zux_F^A_t3%i z{!&y?mRUt9i&e!a(!>5FQG_MWXhzE^^K#UWuP_w?bHhtSEzvIBhn<3j>WF1l15#|T zwKEygiSGak-YOK@7|v*!;?Rk`|5ccrFJw=W=3BzkdEw?a*$ZM77F=vZnIl{&wPk7V zCLRX%&J%w+Dr$C84KqbDee+69Q`=`g*h0r4t!=wQ>t7AqE7Mg(cMKXV9chf^p{0?$ zq5*-~6}uF^iw?P&gRm-{bn34jEVS)=HE%-uq`t;IY!|pPileScP+HxR(nW>f-{C%C z8ex|YTgR)4vt4r1HTx5p5LRJEuP3duZzHTUzo?TzZei402|Uy)yG2392<2dHJg$qJ z`Zi^`6R4O$H@{@tl*(OJTirS)E@@}rj;pY9AQg(_0uHHb05pf3MwC5PB8M9OMrL% z7EMv{_fv}`3VcO%x5WMUbFz&^>1nR0CceJC^V@xt&xL-{#}$$z2N`Lf(qk;*_bBqR zXP%3k+pYQ(Gf_%%?Km~TbmcuUwy4N)Z?-2X!RhPp3Kc=xOFZWnB$}t@B7-sA?xoox zAFCEA$L?^HK~Ny79H0+tb4H*SZrOu&5;0BDTv`p$hRuCz6)f%HI3c2@r!s5+u%ki)N-8T_mBUrt`)J^%$?2VavSTYf_dWzDpPs+C0bF&3kQe z*1i<>fQ3x;0{<1v{CCFt|Cw+;C-=VyAuw|>{oBW&bG39Gw>Z!O=Iigb%nDY?WYUj& zOK*70gn}Jrx4IxDl1)jPj#bo}|9s}+x;rnMV1bAo9~>NX`u&mO*%iCTbUf4xmu}gs zPz%@2bC`OXUCU-lcsy@Nns?Y3^)5+MVSNdqqT@)w{qwygPq*s1`^UlJ`vx#OPk3mO zay@*VIGX)Q>IH1i?(J-7{{^%A?frQW@c9O~<3z@RXzt%lNZ0)H1^U%<`Wt?b#s@tA z`%t5Zg9e868GL(+IE!w}Oq+l}ZP1{X_adhH#^a}$I8w83j5tvnXb1YKxI&|Nw!TJ~ zj5*(T-Am2xaN~VfmPyyO` z@|v;A+hq`KDyP zz}^t01v}{}TcCn|Xfl^mnVGa9uY;T9S651HtEsEyj4XkgyJ*U;k>X%#DXVya?oN;0 zQBcdJ!L!1q#(YKTAb%tdOwAA*b-|&t*ZLi|!H&k3J`VZ5Z?Z^F0b+_vmY55GMkVzX zQ>z5(a&f;$#q_}GKutVFdgrkn)%@ah$7tH8(}p0nE_r)(d~>x{ll4qiHGdH3oJ)sp z`?kp+N2rau%?f)3oCv&XPflG_1trZG{N8lX^x+gy1yYj4Urjxu=vtmzd#Yb_V7ZLQe! zD~~5gDOsV?0qM(6l|>*72wdA%32)UvQRAJkfJ`!&6uH+m0JL%59reYsm!%;?oo~yB z3yDzZc`v&iXrq<(tMdqR0CmS=79@&EBo!}LE#2#|4h0Y!m*3U1 zUj6kSp_nIE#_~7`*x4d&X&Ow9xFTAnLNL30<~{@t{9qo0c+u%=ahO^GU;PdEr1}r( z=Ek|`p_arS=pE)G3gO_vWb8YmEeUkR*QQ4_pHy7{w|0!_tD8`1zLKUk9M2eg{abfrLfFVGLtQ* z4IAHOash0P;j!9?KE6zxDgz@h`hLv4%N+Xy;hNDA#t7TiBo~^opnb-tB z4f8{#2`E18+7y?>Uaeui3`xPqkf@hCL_A4&LCf(WYp|j}fY0-@I|A={2^8AQh2MRW zV%RN@!jMLIa;mlyMMhl+u2*4VkI!p3X2PKDq4swP)&=F4_UEEnP~%S>wxYII4Izh* zF`Tv5se&sn7L!NNW=#?wMUvzDn+%}`=oZMmelfO=y(^ad9?EToc*fc3IjA$H>(J4( z9Yo-_2L)5{Trh+L-a|FN8$If&#fc4^n;-4D6{m4$OxARdXiUndul74$M&>;FJu(aK z%zBB0i(cvU*RlB!oP9BM;QcdIT>J^rTB}_ymT9Vi)~mm8U^dr4dWtrg^xOnMS|=!j zq3}lc6gJb2GWwG=qJXrjs5_PrHGY@W5qAC%cv0pAmXP?)0`Iw`xBpNib;jC~An9*V zY8hUhoibJ&A<8r?c8nIBH25;wMFFNAyy1dpQgL-LX~S|k-D{tr9(FHu%`2%PM4r+U zip$*lc+jIOE3Q}1f|oVvCS7h+TTd?NXD)sROLG3IueHx=#{I`MIyr+Qz}iddKt5&Q z#_$Ah025tOut?eF-80CJqLcOo%z>R!mf%G%D3oAvO-$;E5BU^MDUm;4j#R@dX3b?x zv0Fqwo3J!b!At;eye#**Kae@>NOZ}bE>zDHw50KuIN&8_1d$b}}3D zxrAXSrLDN|cZtiI{DNbTRu&x&OF>8I+bn9qIVPMc&fUgP&Dw^)#j%`>Y~Fr)LC(9D z(kbj|4)!bZlNRvoP)$o^D>dXNf=>ov2^+#@T=W%`hZQu10J)y&03wX!pAW>zH^6L! z@t96TnE#&g`H%9yj>P3^$T}W#!1evjFgge3F_=y! zyrj3!B7sHQ;c(r$6>j9mCJqp9t=G89=%;)QVk{f0ZZxfb*BlKExG!I^(6jy%CO z0AN6( z=lK5slhz0GW!!+ENmH&O`z3$xb^5*a5_ig`k)(lLT>2=63};y)xTt;2Ss9IaS{|VR z=Gi;H$}C&s;a~PPOjbz}f5=rHwp|Z{{p!$~9)(b@FE1vTv6gvpv;9sNCpc&@Mp=j{ zXYOAhZ(Fvhy_6V>A7x9u!a+A*pb1y^eq7lYGl1m{NDfLK9V(B9&CUy)H%|81+)k3n#E3v=`uQM1J!Nui1pJ$gQDWUR13gydvY`Np{FC z0zLkT$?LwrX2fN^E}1VUdol#x1%gNz4+-OX7>k9N2$>pOJ6}(j(GBC(N~^rE@TM8C zh6(N(F($XQ+o}{Q6RGMyv;dp+Y7Uic+L(+1O7PJo6jzr&>738ark>tgZTBXpOGpI8 zz!Momp7W%Q6Q2^A2`n79(AvNUqQoQ#miP)qIrv6N%X9tMxMRrXc)lp$Ky7T1HMEzDweWX;|flt{`2>p$Awzr$GDf zdHtL70XOs*pEs^|Qv8p)A8Fa#XBH51FCyUVIYDSnt#RHqm#7dtA%$l<08~^evd(fa zG9W6+9(=DbbTZUEor$4Uk;*#Dv2FrVa|;q~5iBjqu+fl)-vjP^1q7lSrlu#v)nxRK z`lkAWLzM5!7UCi7aJ|Pf%iT#_zPvY)Ri}lGRrhIqJ_;;v$lu=0VO1me@=4BhDL#`Og`wK%Yk zgQqWqB#(*id6!g{K$@?49b)**dMVA-`P1i$(sQx|meA_fPRnU3s?SXea{SqVU?p-) zM$%vI!@#E46+Hz4q7J6rn0=3SP6&G2flax0CMCWV4fNT2jhR#0GR55(OTKTUJ?RYAkF_&k z2@vP&(VJCMiWk=3kx}2GmwOLtlu;$6DiT(C%s7d<=TLWL9S3gip{~7x@x&Qkq;r|gI)cTwGZf@!Z z!>Hwn$~9jk@n8@HwRwI+}hI0jfj)wuPkEi=Bi}wBI;=GiloT@j4(2@a{NvE{73m;qwCEMVuRj_@!msj zSD75N^$LZ@A=YIH!pgp~ic`oD7EI;NrmAQ(en>7?G&6O|!@3tAS?R<2kCIwjloU2* zuJz0bRW!~fN_+GI4RDUaXgOh#HtHfi++Z^^q(E|FAt{hBpPAs4V&B_dUyr?|&*rDLENExUHh6C+-&+N^ljrU8fP~YKQ7l@F5A6xM2hV_#Mf3X9q17~Mu|B^K;mvr;We+rg$}!_$KJI@4LOe z@6Dba-}|evkS~50->v>$@5?^QBY#`G^xWAmf2XrPY(6^N{)#gMf$v6i&olsU^FMm` z{RO|#`uXL~+g=O3)o!Uvx}j1QP6v;i+e_uIfzpY!#uk6#xbgyZkGk`wwKBkKL^RuuR;W^Hyd zYI*r{MvC@g{_XR1cX+)g!81xEPZ%3GV`_PXnaYKA%Me<*!PwD4Y2)(>ZLFDydIza>it7=&&v%%A$Ya_!*lMF6Tbs4 zJp0@ABx&1eGNQk?>XhbU;!%oHmNE4U|HBH-|NiA4b7`r+Akgyr_{?j){c3w(tLEEw zSoC1XaO;oO9~u#zy5EnUV|`k?{rcj5@0jg;Ev|t*xw*awdY(_A7xBG+=SZOW((r-K zgJZkkAGh63=3`uwHBbM#>94DuH-US#E~k#cz27sZtM#`bivFbj?g`hsf_oo2-|VmJl6N4h^A`q^7B+_{@gC^RH3<^=1R(_Wty07x`;Fa%${swjL|rB0H}qN5DEV zHFs-uL^pnZ*#COhR<*q3jAFcB2EhIt)kN}XgBmeFD-W&FULJg zF#f9pb-#y38AZ#0i|iHeqn9_E9^8bROu=jZy(`{2?!TH=yR2Bd@n-u7bg{W@&dmG* z2k>UYW@cjQ(GBuxs(y^hDM%VkW2z8bm;eB{^)C~*fcKOn(Uq|u@PVJR^a*FwyWeR=mXu7jLPNc>1*v8IM1N0(_T!$ncs)25Zz4yeudG{SIFr4onlMQZzJd8HLg5mTAZ_ zp6EOEzP!{k$)FW)kR?iOoJ@L1x#L>vI`F)faD)E5+wgf#m!iPG_mn6P%`!I5&?Ij84%_9S= z&sfeSj6O}@WAjJ5j@B;d5yoIkm#=_Y@!6kW8qxdZoZ`a}=Y*ooKT$LcgmJs*@d&-*q`xp;P zFcYdp`#m_#CQ;&a2E|uM!h&-h%^kxA+IjksO0=y@vWqUCl5y7d=hLA4RGjQ%TuJ)Z zsnEztXZD^oVXrELhs?X57k3Lgy6}o$$x5}?v7p`I`pl8R9kz$Fii%tV*R~(Vyk4wB zN@ja^e>f6ZRxm($7->wFlZqCrv~Y?ZUw1OKz{rN;>!fp+LLbh*8~k1pWz0HeK8jWY z;9^8!r#@inl`xxzr)4+9+jD7qsi|18tit1l-K7&C!UVen!4%{2-W^wKO11O<3gmY8;C1viM`J4AY@;=@3$o&ybFp>-a)BMTvj&Hb8MGQzSbclI5D8n z>#Th1Kp8jr?vmT>mMWHs%!-l_QJgqALBalswoUsOk zL%iR5*ND^gEB|!RZ7DADJjU>_+u5_q5A#%d=vTM}`j;AZgWUN{C^3czY2ZXSR7 z3TV+tdM^f93as^sICJqQqTSRQAhm?MW1j z1o(e~&wqop{}xIAui6FSX(Ddle}wCEmR~F|2uX8#)TlTf3m2*VcvJf zHEFls+1!-*{pWTmG1X);f_A1Aih&QAD(FcV#bcoIaN5vIo%heF@Lkw z0fKvPP5KU#S4WB(b!G8^ZjAPFa{71>=66cabQbOGJ>kRORj$E$FT;tPV3D-)xn+`A zH1!70njW#I?_reOfrsxZ`{QGpJvs$>X$_K>=6-!NfpN#0W%qxsPp%!1ZhZN;Kup-S z`+$T-p>5>?Ba1T_C7*;K@0^CWL0nfgh@Cs}vmGmwPT{cH$l%PA_NUUsmy8)_deObp zOjcxLTe1(oNqit|A|anazbcux6m@QRg`~F>*&6uCx%t70`j949j578tpRL(DH0h zBLMz+s`TL8Fo9ZMCi3*|bc$(|`Xcw(o>v-#qpHIEShN-k&Pf0wnwFV$#cC_~D!S}m zkXvbJ45o()(!Mt)elOQ(Po{m6^Ubr)!A7Q8w)y|;!RwP4mcpAB zX~e$?{Cb6^HICkuD=Ssmj^)=BuaeZfhdXJ3an2(!y}OK>eQVswNs<$rpU9QjJC?Ul zh(Q5?TZ)BhW!r+N;i>qSG_y~)SlOadrIDtoFUNs5_D03REB;%6DwOVPMgqi9S` zuX=eZM9W9naywLG>325yRSM?gMK8MbvHq6q9j%?}6lTOw`C)aG7B;w){d?=km+q0H z2MqenGk4Yl# zgtcg?ZC-WsF%1bmI#hYw1Q^RypoMne;aI|(19C<^+JmNIiP@Q2evK98WqX92d5?>4(>M&@6_*!&#-pr| z@OeCHnI)wyHSw-J4RX=^z1jbsM;&$_XS4yQX49Jd5?i1gCxe_kT|X>1MOti2?S z`Vc6W|IS)C;wN!^6}^?ekkXaP>5Gf~ELJSQ)KOeZ8eDu&o z-dOop%7k=j1vdpZ3gCtSA8<&c#G5MZzijP39{9q>bbEI~v%~<0=t8(H4Lin(wR)Bw zR(?HJ`YGCda3ZhF55gXTRUq1>GVxgaxLHgHzXkWQH&AVquU-~T9>+rdnA}|x1W5a& zK;n~uk*`kWxA^Y2^>46BPLNCwL_bJytW?a<(7sT#9v<-D=%@>i;a*1Bcgm+wiPRu9 zQ2c5~7URt?*<7pWU9JT;F@evW#7EB12-ZkURI^0wiYL7FlV<(hLAY#%{&w64Y+;uY z9#$U-lj!B+wEHNKLUxa4H0>xH!RJxd_ELIVeQn|FV7D?nY{uFNAm@x12YFZU<92oB ztnOlA7A3FtW$KWm7ySA4!*oqa?2EvCsV#SR1X$N5CJ-(=1coLNoVO+?jdr_HlY1K8 z*^t5p$LbE!4@gj!j-6l@Tg!}M^YH5Al&!?ZG?YPtX;A@f`Ir6?#wYAPkmN)%yXypc zk+r!}I$;}Ec6ROV{B(J<1g4pkj2<>^rD8VS;KCWR zybz1>&&6%71?wG6*7dfXrP@j;tPK1*gt8bwd#MyYF%HZru32F0`6L~tzPy|_cmVjL z>y5qf-rPvB>iw`NfA#Bj$QPqGledJ(;&7dA)L#1sbj=7BeGDz3i4GO`$|wgUGWSv( z65zm=SGK?j#%s4$XE{kScM3IY<=85kk}3)7j$H>hF?a7+f@zuyM{FJw8y zlL~Oszk(REsgHotDceD41L1F~A`kZacc9F@-G6buX}J9Tp=QecQ;W~?WM*Goc!J;b z5y0Uo1TdGCbB<^?&B}jgD*za0Kpn!NDF}+x3;uZ@fJFbyO2KVF_d#wl`)K2P*&>Vo z=l7jbmH)x#o2$Esc}!&^KpzBNLGUmK2zmzf0wji%|0nH8E^(4w-<(eXmVx1b%m~RP zW|;R45(kS+U0~NBPi+om(M9T*;m3l`Ac<2))uA581sO0oLDoOhp zJsf6#Awj!s!ied41$`BFzOcKD7Q{L0R^MsQlhRxh*n4HoN0Mey=hMi8(d&Yvd}U~f z21P=biGjUX(vE6-Eo>`Pn3F>=S{H0T!8qC)e)%nFwND~l&+=s8%Wz?oE3rp(gcmjA zd{pM~B{z=zPF>6hYOxyi?|W5}u&?!f;}*-!?asj$-9|^s(J;GXRJMSzs=nQe|Dy|f*LRK`C6N^Jp?s_a-7oyp(o)Bi0{#^8KZhC zu0;1yUoOW&!e6Mm3R+XtNG4Sn#3GsRlyozji2Ih-G?d!Bl7{O`(r%4=1Yc~dOhv6p zzel;4CS1-xhM+IV^wy+*r2{JLXRnF*be5a8kJF3hK)#R~nYrhK0_TN|eI z4(Nc(&2_L#-0!W;#I3$IWr^z|g#04;`625?T??y*L%Uy6U*Sk}*N+X3m60}<=5d?A z$sLLymY>WRmaOS;j{6K0;zlPz9%)!Q^8+edw4{QMxpavaeV)$yKxq}y#W@Fcxlu#I zZ$AZytl`)7>pnp7JxoekKn)HB9=4F{S(l3sNQaJ`ebG^o$Hdni8g{xoee4w!V(-zS zqd~BW>xTGt^IBpzZGAIQbMys{&LuFFtZ4h`AYM$mVwWyZ9lz*TMJvQ$hN6w9)i!+;MBbGu{XOU9Zfpc}n5h@R<~zS^+0X$B0*|2=$b) zjEeU3vqTqT{5QO-mh?Wcd#w4v!1ZKhAx%~?X16P>VtIpJ5Doc$$QeJkvmYpX>)AbD zTPGH_KlJJ7>d)&!On*w#RN}LWpflujtEH6!$1;QOKrHzt4hTvZf~*~UlH%b6SC3x- zp>QV6U;i0X@-DiHlcqKJL=l}aMjH~hm0 z<5x4{81RyNx}Fa&p~stR1vgBE>veF}QB6p4%!y|Clh#)@veZl<*L8#whc$mD!I}f) zbib;tl?PsnT4sEyhez&Upxe70aQ)%55S+0`>(S2L8?e+J1)LK4-J)(3)eCN@w1ggG zeHkQPUqt~9*JpuS2lWYI0!)K1%R-fr7lL*M-tDC%XWS-n9<$&2mRklibH%MA>9a9* zwLYv;;Zw#PPr~);TiaZH!@G%Rb8ze!)Vs4EZ4~eJi0uf{Dflu@9L7H}Q-wwu5z+eO z@KfNS%YEO}vRz$6Z%6!+{L-zDg;a(RMT{cFjjx3~nGoGL_d%&N#WXS3fbE@++DIZa-fIc-M0vq3GU_AiD_M2iVLEXjSjy=vHW*S6ZVl@^?)BV^+$ z^zaHa9zz&a>g{b!KHPWL2q~6K!>}ySXmHaK?t6_P_Q;Z;wogy2(*4_7%pzZ_bTPp` z97lJ{ zH$F|ReLUT*{ww9ec~u7dEmB~eb5#Qo z$h1cj_>ymM^S^Q~00IF{&fq3wp;>4Hw)oSkGk{s})M2I~S^G_T0zm0EiOJu1JFq?i zU#GntkP8C4X3J%OIF7}k|8g2aw*uHU&6K~PVbycWcWNj6X82>=q1a5Sr4lY}EWgJ`(;891S^^EOEfZZ#nUZwxwD&!NF} zcE<9Tw!#rY@*sxD=uj-j;P#RH>ZS>uOsnIu{DA5*N=pWPFf~BhbhsO{m5NFbUB5t0 zYJD|2AvC8TPjHf%@J-W)%k+vnOktWeU@%+;B9~hJJ;S=xwb{i=t&T28EtCzx7Y9Be+@sQLP zp0pQ}>s7Tdjt6RP0=ZAgKp#$wE;**Z&^2!5dPoILQd{hi^XAW&oq@Aeuz3Ntw6r`N z|6vJU8Cho529TbRTJx`z;qco)4?sc&BrT|7s2}A^l5nmCPPe{gplk|`Mfd@yuKX%HqH4jj9x--AQSIg={5 z51xPtK)uhyQl4%3(oIBrzKu^7l=|&Tpf_zej`lcB)4n7vpQV0Rf-|MEBg`-roEG{{ z0nk=Pqnk;=-aQcoeb8v{aPQ@AjI#XlzI4{gv#=(z#&#B#gHCKdyfCxUM%~?XSNXOOtuTw#TuS>n!GHL=665c`1 z{rXJS@pFLHvkpg{$&b}OzpbhPs>*!re!l@4@Z082=8(dZ)@Xl!90O3O?HU+~gv;2v zvPWp;I7tf)rPqZ})U0j+J@Hx0MPVCvCBQ9TDTjB{2+JWyQf7deSg(p+_*~TjQl~hK zVYjsMyq;R8skHZPVSHjQH3}CGtcDxEQp&i(C`+fjK-S|lGtu$Pz}vq9y61T5(Q=@x zO`4|*{5|_WX_&GqQI3RB4v}-)uOvLA#|0qoG{W9cyA8qLn%|>6uwR2=(bLc7ngfWE zO&W#3nNws4yeru?2AAzSb-%qU9g4rbFroW)+&621KCv(V+wDT|ycOv1bbOjT(R7>v zkyK!|h;v7xyWr{8jEer#YeCk79C_MvfMuo)li&PcDk3_XeWOr_a(%M&jZC=TG~a@av!113wu@TO;4)n}1w;d?C))x9 z?JhG402)`O`&I;OQRGjzGzj*bDZBylW(se7y7;y~ZzNYMfFGd4L(qC5P#4hmjWnwu z1+W=<1RMqOn7j-*IdZt^jV3Rg246^pd%ChXMfWtX|LH&i?F8#0?UPf$Nzl(Dh+BWZ z3!+9dT|bj-n?_<&Ee(Rj{sa7+)^nuCeO7tro>;)8Nd!5=m%nA--0cw?0IZ$jGB_~- zhvuj0U!BC5m}k>n_l)9!KQ-7-$J zPKc~HA^z(dNeb)!kivtR8H2)JP5f98N>MQrx`J7A?#KU=W+wh0t^cQSK)4weB2`9h z`14ek>R){8G_rO zD+lM(2ObI~NF~6Pe${F|3_4Ab;_l7Rq_uih7k2QOXocF^|I;M=e>=S&Zx~QKK8O`e zke*yV3C6e_;k|`DsnWwi(VLF)frtHwOmRuSiN^ES_MTlCoOibaeZq*(`F+#TQ~EkX zKASRdws14?)}{~8qJB&haV&k)(O0;6T%)mczTDAU{g^jU6yFIxc54$?e9om@qgS{A z%+Xut;7feD>AT)SQT-UM(XCBQ#ItY(l!e=jERcbty+9R?Uk&1lIXAyjhdU&z;eH23 zj;nXt8|UC1TryO@-lsk$hrNMBkh;)3xctd^f@HqN)q2Kz|*8K6q zRq@jLo*gd>$(DiVVAM-kX^ipKsdiP;6-JwLJ1jVNz>t48)>3h_TZrlG=<6w37>WY5eux!4H z#k~*t40CC;89Jio$TF$+EVY%ehSTMZmIH3Gt-hS+ioq{6#}D)4v0zS(;YIeNLT&j0 zVF%s-?wk;WWN^y)VGeMa5E}RO z)eacS4Y2Rr@Chh}I!!RcC5)PEu&c-?`Z`pZ)ZFZTD7C%t#2DjEfK3M=7N`}XAL?AO z;E0f*d@0Fw;&fsvQ7(?H7&{n7*m%4$3?9{y!EdJ!EyCEBB3+7{%8Pu})V&$Rt{C;& zRRJX&Jio3iza+QIp3ug3EApiNq43UvGMZHlx0t!+Qy*UFa=S=`F6yQd2E!Q~^E|Kd z{$>LI`Ak)k&dJByA*udDVd4;Rm}WM_~a$p$4u6WRE&MjfO*I+x=+?fx8Lqc@61Ku>2ih=+}V6yly=3oXs@^>`K}mo!iV-YvyxTq7fO?hF<~c70^4{um=4*!A1Zsp zuHJlQLyz(O!1T)*Z}awR-rAe{fob4?6VW(p;fd%5wV!gKq*hrhDVKj$I0+xP%_lI= zJy^P-)y5)Bq1~vr_oIGr<{pIt$TZx$(>YBI4mi$WQ?d$_h!dh`~B`w zrlf@QYTk`bncf>!M)U!k#bdV$UPha^R+dLzS5~g$V0er=E{-2d8RC`Z)YNau_U3Cg zmR^zJI3#k9UFzQL4E$D@jTz|feDrhBfJ71S3%!?bWEX8e zDt+1Et5!vI*Nk+L0{yV4vz}XDyFO~LdB^#X=dDX-c?)Uf=MJ|&%Vm`}5mQ4>n28yP z21F{0W9UJr;+(%YDGy&Eh$5q0Dp(snl*$9MQPavMhKzEl&>TsgcGUgH?WH;AO0~CP z^7=$*xUnGkLJLr{hwQ!dpT@8x@;1>cK#O{Cdx7VsK~?%h_~AgQqFfjl<&slH$E+3e z?Ur7viVbNaR>@eG4$@;TRw=HI%y(^5);!?Q0cN=Z9`{sB+rz6-1%9b9gr~z&a(Z`N zEhL6tvKxDqx)0|YQq6r?=z}8+%4qa*wr#att}? zg~>H#SvjqrwQWi2ySmfUqa>~1vB1=>msMj7Yk!_+x11!67RueC<+FQLvEyN$f z(!0M1)rAV7$Kzh!+mL$sDJ@|w`^Wl<0GmY17QfYFSop(m$Szb>9kjl)m_FIE2#(L! zkKoIJSlB~?boI}>)WbL0a>3(Pg`FwYU>@tHG~CZl=eNMm1k+q;dr4PN`12b5;5(GD ztbIwI9y|inZoHRE=wUP72(60D#A)XbP4FeLXH{+e%Ld;^f^jY*B&fXuBUq=5qQIzF z(`}Ja9;IP&oU6cVjPWyg{21WYArn`7x*zxB1waQGSMuU<44CJ-VWS26bcDYkqE=Tx z>p2{v;wxNv?oh?dJXhO!_}DAlTPS{No@?S0r8lW)#69rJmmVkkGYKg;xJ>Rue+8Ns zs{l<1sVJxWv5&N7q%t0yUe@x^63&GkTZmyc@Kwy`@&35H?iZQE7;5d?S3`3CaA$5s z$Wj#Mgj0#OtTYH8ByQzOOjoBxY^>so(NQmI<113V{KpiJp$LKL$hHt zw7e?6yC+M|KjN98W%5mh0xumEBDsoTInO;9(GrpRB78pT2XJzJJwhMd1%Cd0=Tllj_dQe zpE7d3oiFARspz?9a-_?pC|cKZXClfd6tqj~To|BS5Xl$)cqQ4QfavI1{Dcr4p0w4{ z&v)WEqpR7|^J*TdX8?r2$Slj?y!5UW_*zM!ap}R7TtgX*Fa54F-;%~qSSPQ+|L9X# z?jGC@1w5w7mP1h>P_oX!-kR*((WChe6NOAoyw2^h1Pku)f<&3P6rAbRCA^n%#9P@e z_v($zJ?&%eOPjEsjy!kqLGuvL-v6n`AQGL$9F+C0dMq@&gQC&BNV+AE91+BPXT@2~ zP;iFj2g}h|5Wx!xX?kHDObkSPo$Z@nlR(aR;de7RmYjA(T~2g>S7po{$NC#PcGM1KFfQmt@0iehgzn7q&4r>hO(<3~0 zHxV;)apKw*B(VYMYKgw*4U>>@00R(Se2ag?AEut*9$;GFbrx=ba>xKob(wtoUg=4g zzQb(#y(tVTz?k5ss7*jgW`HGMxRE%GLFbR9PXo{2_;S;iHWF`5BiDY+he;&9mZ| zWZQrJ1|Z`=)M_SWQCv7n)<0)5-F%zeS_~5{U1$cj`AaRGDF{A zEBqwe=33Ifxxv#$ec~9ZI5KV1j!(tJcQZ+56!9v*{N3;1-PK(%r+GSy1S#drCBTI= z5vR-*i5ltCe&7S*g`1~8;?u|N1s_fx;}vc*;sB;}RImnu*lr=YD}dvFv(w^iE6y-! zyIJ-@*Zwk_NX-m;65j|jz%5!xnBWdqOneo=!@H5=#XKfz~zituP_&a## zwhbYzS&nCnw=k6g5))PMUWW8Vu9}Pj-xxD6$ORd-(q&~C7KM8(AZVZ^mTdK~u0ZE< z2nt(7eH7LwUZtB9zq;D%ETi2iQo|$7wb(h>i|YdgjsuShOcXg!R?axKv0yyij9^n0 z^Qk@6ENouvVvBoEI~S^>IUmxlNZJiApp(l<4cPli_o;fzN+(CO97EKtYM&=n*ZF>A z)Cgg7Ht-2oc3^P<{Q1rKwv}<~7QV*W(?XKy1)khC0!Z^Gjkvz6omg6P{jyTfPDq*Z zD_LJ}u&5`d2MU+#xfm`BH;pWj-4?;U!gV{f0ayu^l6mf&pxxtz1 zlZN=|se(dgHm=sHHKT4AZ6x(UB&mQ~qvKS4D`GooU{l-`0Kw77kQUIeX5yrzoQ^vz z8Kex6RqYrB>@H+V>(Cjk-!g~Kxv#q-w;US!q>C!ebcTmQ%+k-a-eXdGZ*=Ch<@th$e!uH(#UQ#S#_r=oNBiL~9b^fjw;49%q$auPUB^t%sx&L@J}j!IYK; zmQ?r|22)z`vjVb(dt|m~URH*h*BSM_p{14GF2yvuQdsppf$aJAgo2l%7_J8W69H#T8-F!tg!}4 z+)rus@5S5qAd^}x1>vJy!m#$s;XN(W3J6zl;lo@4mf@GwEUBllE43pqtdwfN(Oz8L zVl|Fs{b0DOc8_#ci>eLtmoE)#YcicC020l>#ga4VzURr|x;}Ojj5ROWXQ{7)wqfjE z3@11T*T(wjbrT+p`i`GR*>_|~(28T>_#_JhsDI3Q!f3FxxDKXR(x8wxx)lA-j zzgSg%t(rh3TIe54Z6fkf*~2Gugz0R?c~p`I9O2zL%0;!majTfkl%@iL1JqAR(^MV$ zsoFtx9KA5lKIn4Dkyg!Tlo*7A-h=pb%!9;1b}nh638KMiWs64f`A(W2lN- z=HkrIs>rup>*(nB zWSH_*ZK0YvNMQ&M=&K^Nb3nzy@ry9F?N*g^LJxXnFFvMg{^Y#YXF+69u0`Sq$j4fV zy)UbPnnWss;yM`EY6*OYWvy}d_k5~qlV5a@?5G3uLDe*;xwPe>inz8vs?j&5>&m4h z{6u0hUo2i%Ve4u}+KIdcP7x!cIE}#vY4ktRTmmxqezzs+iSxge}*zLd}YIS+1SeO;$ zpC>sP*B896uM1t}u)4JS9?{1UcGQWS?*d)LSFds1pT`So$?g{Ve9GZ!NPrAwCB`_{ zgVB)Mn=Ov*GiBXsc0cE$MNjGZVXZfORhW_YGL@_n*d~c#hH{2LLIGUOD#^~C(}R@H z@<=8DMz;LQ)oakooyDklk7KG>mWm3=%nz&dz1n>yk6x&*$W6K&jlDP%EXEke>pg#L zVZRa-tIxudzRBlv9qVVavSZ3BQO;JikaHC02oXq76SM%RUQX-Ap1;3F(eB@`244Z!GZ{CnU2)9f8Ga) zs{-&2>g>~KV)K6l>P)lYulH#pmfaDY=bL>1T$;?4zB>}ANld0w-@>SG5LOcyytz9G zmL~cCcN+s(HHE#9tn6Rx1X6(+9w2yT3akUx{}tzu#|$$k5~LM>-baA(5M25lPMj-N zWbOa_wv*@iclH5Aff-%{+NV=jAmT}l`xob#bS2Z6b>=(>5<-*@2x%_s{#Jbu)tpR) zrnGh{9h>3XxBK*CY$o~k%{~J4Mnb}W$RZ}U?Z*(&Itayoy)iAr^H(XKL<)>ZbBfZQ z*LZb@jpIS2`^H>Z;Q-ij&n|cN!QMqHRyc`43<5sxo^QjucTB|arlc67&u`2BRTNkD z?qSIB6zH<7)^P8*9`Ebt$jB@o{_rIV(eo9`Yqncdm*%M*kJK@~g{F!-MpQlXZb!}(X z4AWOvd%Rb?`&7Ywa1D1n?)vp4{p03$g1+$e3qM}Cq?o|-2+=zp$a^mC(f#gSq@7q= z1crX2>~b2(IiClgkITv7#mIePZJm>^Y!e;si3}W6Q(8CPD;(h)n3tHej25QMQx4je zfFgeBswuu68Q4IL%ufSla`$G+NdE_3?`xXWM}BNNS=Ebmf34VXqU_2Lq89Cgu(Kv) zW*+Q5=F8!nk?>tq{T`BV?GLl-eqJ?u;9a0}<+Z-Nq=<8!+Em-)q8S+1;I!**t(ncHB-kyjJ1W4T+p*eQw(V((!7^}#!5{$*gIa6cu3jkfzxkJq5&K^ z%BtXFSzm=I=ch$%dJa^|d7iBM#b}>X^#He>(x`*NWnCq5aOE0Mi!z!kMigx&TG*4s zmX2dC26mXeWet2yfORZ35>*l>eY0#!X>_$hHj(H zLnL@iILf`0B${e15ehsF5XfZWq)B1U02* zqT}6&WKj(uGHh@Kub@h%pfpg5Jz-RuY*8xr2l(|kuMds3T8R?NI-3IBd%Fy1*#i{b15bL@TA*1Us-1WU2Aa0_`j1k-%3H#Yybwzo zK-1)%!a4$vIF-JFp!l~hK`eg$Dho3%vH`GXCNiwA!<5`msPcU~l39RZy-vcB!Z5H5v0xj8h#qMcyQ&|=W$C|H78K7LLQCu8t0kZETl{Uiazkz2bzbhJNBE_7-4RU^!;9EQ$|5sa z(@X)vySqO+i0Y#fjpaikVT=qcXAtW@cFuAQn91Tu@E?+chtwneOLZ(^6qw1P);R0E z_jN`QUsEY;5>tnkbi>JK_zPugnq`qaRfzStOa_zOvmgTlI8f@9F~fYY&+3CwT!IeF z!cl{r<*RyfyPh47G#-q>mtF`@=Hy$l6*+!p(!Xj}XKhP#W%bW33e|Tt5)TwY^-GA} zO=59lgBeE;khCVgG{~fu`UW<&Gyr~Dnri%-3#>?biKl8D{gA!+J?SBr^{Iduw+i-q z+G!2$rGOt_&jCn$bptMHS(!|PTA|+!-^GZ%vuQ(3x7&xW4~6*Zb_v-JnR=~fBT4HF zOuX9<=_(wGN^ou&Jwm++9yc{t_a2I^6_V8lv!vZ5b`}`RngbDZ{NU`g(u$`|@bQ*3 z@{>J1^|+YoTkq8>>i~!BIcBaVN2fe@?67*HkSM(W>o}rm2mV>*DBlqlQif2pzXkM z7r*)JEQGQZbd<~>#K}xxrVu#k+-6xa$CU%{|6MLH`x3!4)7irm!~rj7(IEoSW{(;* zdFeEw0t*ATJ%jNk37jc0o)ggfk1r>&-OR@NtpiBDmHLnQD@R=#Tv1qLH?xsoJ5FE{Q`JCUDPCp!!aZxdrkqiiRhjD zXD0l;l)$2bY-84B{K>(!_m0BM&I={<*brVG+hgcqORlyytMuw zhy8PY?HwugAfeC1Js3TVppY5yh6Te3MVXI z&V$`uUp<+dyB1`|>Yo|h6IApmEX2yEZObg8264chL1AM%x_n*toB#mPcezSj3j4H1 zT}$4^+I@}I>%~EtFDq1c{Wz9%qDtD;!W_>_*F+&qpJBD>NI4GFhzymbdFvv>dxZR0 zpJSv?58!rVq2Fj}WTK;{Xe{n}*BV!{(b^mw7kg)}R%Cs}!!3c`w63O{lQE$jYnPxQ zPdc+H?L%waQ%%qOp6Bl@0Nx;;L{x4%!>K>z%cph4?2n@2ln4dtfg z!s}o*HgCSW4;V}dvoOa!o@)WgPcv}T4b2xCU(-wqIa-Bol`$36Bu%mVY2ZtXm}f#i z#9{Wc>jt&QUt2!C`286{Thk+5_1C^9F0h>;Ra(yGB*}D_D7`ph+G!?qtZG3~DcKPM z&!MA+g){&}l7|!$>9@ipku-kB745jfZ`mVOOMIH&-uaB)`HtfU7HMBcJfUUEszs%r zVQuk*&b7OBc2>Mb#?;Mz@%m0!%mK=-N{pQ&R2Qi8co%*Qse#X~-VM;|d_U+8@spvy zO4_*JD~OKgaS{ki`oHyWX=_WEiBJO7}bxNs_+SF7J|D4e<7}LPPrW^ znt;ovOb2`-FiD{Nb5PZ!WzFcwf@Y(*LU&zKSm7T+P|ld|0!bXYubqEepvR_`Wqv~wKPV&Un{AoWfr@G zy5x*6ocm<+o08mAweFuPf&Y^Wa#csr9uv}6q%Dq`KDdIrK7%d3YxbBF_SA!ZMC)dH zk8dGYPU;)-Ud)Cmt3EozK;-QyYeX79rX1AdZFVt;^d|d31fFQJWf{>VLBGlL!l2qT ziTnPo_UPG5{|B{2OrhiNI=N>_owCC}F#s_>LI3wRT{M$y`=;;Wzhnczb)b2?%V4_xMX#UeCGZ`q| zRj)eD_gs#aaMy2=D6_ruZ0z^C-(G{Ss*I!=p~BKpSUu-+%bcT8nlzal_&0PR3;n}T z_`TALD;@;m%RhQr%iOS9AAWS&26vH#*ByLxXklEF#D^-a9rW@m-NT=@6Gr%j zrp9{b6SK}|zPe}ZkQnP?oL0Ht$YgX~b$%Mh>gi(fQSb#b`KG72&X+fpYrt;0PE8Lh zY7dxh-+M~u(wD1tR_>k{Z@>Ml!Z+*3g=Kde?AdyLUqZiVj+?NrRc_*_$J?qMA{eDM zms&fQBu>8F=JC5G7lm4S7MU3*(B@ruw=Ztdz?00?eUYIa)z%c*LwI}N(1RrB@umHV zcPg(ZEcM#9)xpN(S=6b0uH#-YeO8A35~WN-C5K1Z+oVLAT@F;nzG7SFx2MS@6~_5i zb%;_ooQtiz@3G3hc0GOvCA*4pFdqD5+@pq!P#$x0%zL4JzqE_b>z`B)itj#szGxt{ z>h`^xWnmjiqL^`yAECX^z3KmR{Mzb z?C(>0F)u57ao#T%9yzQL(IP*LXH@KQ8V|XDJp~$hA2E1RJ#ACk`*r!BC0oDVkKX)Y zTZLiilWez$%T)P>rf%Jjp$_IsF57O&sA*DJ849e^vO@2&w9@wb?OlJY4qmyp{bVU6 z>8$GdYx;#UmrYU!w|+eN^Rv_wCW_)8Q#R308J%?4PG5cNr#8p%Q>32S`&89`aRD*9P08{x@){pztlVYHD~+M`lqjA4BOt|jVw0#zgScJ;sxbk z(8(t?4QH*kR~Jc!_b;LM`dqX+ESuHzn|#&cP5baB-60|d%U(O_msf9+fJ#PZbG+7~~sk$+HdM?PtfM)(FlVV@G^ zh?Dq_)hO+yD-NRaB(VLa4oU$aOiVqCb6`KYgXar)JrD$&le+BbI>XzyE$msOeP9h=hZl>1?sQ17DH zu_jk+_g2oYMnc*}7YpMj)|BucO?Uu$!J%3J8d%D!DX-^FCb(+|+QTGi8pm8cIE zez6}k_J{V}cT*jzSn|i~vGqGPqWr9y8`Wxxa^;Um_Fk&ZmERac?vj=N?rySUvWfXD7aL)6qREMn3xRer5)(Zn@a0x+~K!#qvZN z^@>Ny&RfD0cQ(dZNSjk%1@;U)QZWJIVy!|q0u&jdSW*2# zwQG%NmF&wD+t^Ewk~=NcYj%r?Ns&?WSBJPhX%!puuhnkMNVNPb2BSDwu^Y z=t;^ub=+r6B%*!k!XGLehQ*i6bBmB9Me3bNt<6pj8!deQGId{t!pJ;KiVw`eX3ez|e2qhy713Je;@f$m5jXP6aO4rbxUuXj>qYe57{q z$Ga9I#Crv%Vz=(--Po0?vvTW>CwutIlrJ5=qt?2XzK9WFk{Q~+bNA^tM@$;h4=lJ^ zCw-@J9N%7K@pXlbxTd{<)Xrt~GFMlPm^^O~E!Vj}|Jdik^9h*&8#{J*e*CzpvuW== zx*gxtO1?v=`BR!i%8-mG_lUG!O6QJ-;)Pl0c-WHlrF@0-sS*wv9sfR*Hhl7uoL++1 zhvzXHw(YoyzO#BwrD#d_ib#lbD~AtA|@~ zU{@F6ucGeGIZ^lTe$VkR*24vi=z{+RSL|Aim?1Q&q7;8o-lb%*RN<7ZC)Ufu#@6!}4GplC2iC^G_QEe_zbKqIc=#9a z`61s6+6EV_F4zh_KZOFTDGOH90{>=yLQ-|7lIre%oHLHQQ&{<`TQz09YI=GjRcc)r zwoh1Nod5f>7N0+q&yT+$Qi@}L$bK<=`0$q|;agjN?uh+V40CgXD`=N+ym2xG$0xuq zwO}sHrB9dy+}VZZl*1efF3KyYIgOt*K%!h4#0TLj`p`k>jLy;U`b=Y=?Hi(!F+-;8QLaL@*bnc2MPEgWw{nP(^p?IX zMjM(VwAxFfX$xVc*NMc8XQ)+K?WgM=5;qW|_igVxbZGOEFJ>#OPaumXEhKVeSM9s? zRlj|g7kl2Jr- z8@HXSuQJ^1d8g&Roz(KM3d0@F^_4$cyTz}1L=kuT`eBP%)U6*@SoNJt_Rv|?!TVva zL9Gp&WtgmmcDn2@iQ9YfvvIU>)N+$iyX0GHeci_uu~U@v*)Cb4DtC}51Qt;=iMlKi;V4V*oNmV2%9(`*k*m^b^Rg3!loDJBKmX{Bb$FaWSe~J_i()>KXv%HU0Fje zmGIx)ocruty=2OZ>=&ksRM9_#Y8tBUl6Ry(wHTL$eM3XbOi^Z0KS?~cM3}OpTFFzA z7rvSH$Xou!=1mRWsU2CTkwre$jjZAQ{x0X4SG8ZgK6LTW zqHu;;=$SLYY>wAbTgMhWw$&}Hoa*1`DZu7Yxc(WBAR}7$)|okyYYCu^P=>p z+um^I{m}HKe8}D^`K}o6vR%{H=bB}#K9!S|Fb!9%sqYVuE5uz4gg{Zdkcs9+H7DHc zj){9m{CN7oqxzabyx#%*-i%26#JPy%p36*+i~Yhs)UR7!cfdg8X1~dft&4S~gF0MU zNoRKdSWKt&p47Tkopxa@My8{eL!XC(H~XzzvU=|=>t7-vu6g34+=QmPTNa!p8n1OO zZZ}zbVBVdtyRTK`7_W`Lb8`FST7!q8=4FVST%4F`W@Y=^&9x79FMG86nfI%O!oM8- z>1+4tGIX`~`{pxFi;K&YAG=kZH&?vm7kO+{((6D4_&egsn!3zW1Fp&o9@Z^8roBBh zeHY96*OXI7r4H?1m84UpYRQsiZFuEfAG2@umza||c1me$>+k!tE6f{^Py(&4&O570Qo2s-BrE z#wap!M4-cMf9&2ixkUA`tdRO;znd$nu7A0usO)3d{fuJ>E6&7iP=4I(1fA16)F5xF zxZE&p?f*yFTZYBeH0#14c!0s(0t`-Ymx16G+}%C6yA19Y+=9CV2m~M8AvnR^9fIdf zp7-6?-e-U3`t~`0mQ+{WUDdW)s#mAlO73P(XL}8DM~rM_e#ENbO~DCq)~G0TieSfx zqZrB0WGk{bnQ2c)u2f5sN>u76RN<)T*h9C_w>y=C>Hy&?bQ-7AgKNZV_U5}{E?DEu%;^>j zoEpN_EDu6)bH~46&D8xH{ETzowA9QuY()RR>A+EJ!Ra$jKDIKnyim;r8yny>exS#} zTtnCk#dwbWL1C`<7epe^us79)rIHY-*g}clMA`7=JN3v|kA21l;(Y^E2BZb4Jd^+ggF;|45uWEavY}D@{APQOPl=n2~eyE>~drpNQE8Q8RK*-t-DA z{fEW89XO?FTQ@5I1F`4}WI_5vXzgc@&uzA&`nqS!t_vk?+$&9+HEtf&ZMNh3K00$$ zf8x7rSS&RMl}4l-A1h}JNnejHG~2qCU*`5|xdWOWE9VS9yxLr9vIN{ZYgQkd9@N?g zxII-GXpSFOc)xw zBV1`0|I6HFEg+!jsdClu^Q+CZW@VSo%iLBiUcl{@CX2`1qf*%G(Vgb^uA~2d^Ztv? z|M%woC+GjYdH>1Dcr1o&;}GijRQbzL|Mlof^S@hDaZ^xv`VHNju9%wlW$qAarrSN# z%+tSSX8kqu2x?~2ePvpgcWdQ*IQtFM%pWh%4Ei6k@;_|-f6B`Lu=W2XEC0h*ZE{&9 zA4c#m!_~iLrv1&d|J|Bm^q2kZqbRA<>)<8Em!gi1{?b#FEVP&V+l4}vSLg{N*O5Z^ z0X@wXf=q$A=~Lz`8a3Tl93xUH2ew=0^7`GiT}RwE@=Z&%aqw>1{LfkBPYYs)QE@n? zMu~_PDN$pcI4&ZCABFSZ-#J?Ew z!owrqJtsCUthsIfQ;nSJ6~6yeBeuGIY2=hsvu)zBhYt%z9Y!`hAW!49wAX~)Sd4L7 zQN_1oX(V2G*=@1v%7KYpw>2I;tLs}TG406h*K@h*m@ue#Y_;#V)MM)!_ng}h7vS59 zw%*KzSNFBlB08PECB>)@_^-JB^3m4oo2YhsU}HV%=7!uX-#$0Ds;tjimk? zK;vIZXuv4^ONkIec4Ja4vqm(p`N-eDOj9%fS;PM*5erqKK9%twCBAA%de)~_-j6n< zj#}6J7YP5fnUO!P?Q%3#R_2c~8h9)%VKY|Wv^Uqg>hJY-j(hiN?RG~ZojW|Q3N>hk zG%UzHnlVc3_iS#f{wAgo?uP6AZ|mJB`VF*>FRzOWWIS$$QXRiM-)IJ$d5!j*+&`}e z{MZ#H~H{w#19F=(e>wXQVQYdZL%@ZWZiF6 z2?noRuOIcTJu{7Z!Usk7V{QIKC0~q8c%X4oAYXbQ+RpcNhG-u#yDEY)3+S<05bUrB#%&0gupei!xvKS1_WN@D)_ zlptS)MYxb>&?Dr%Cj2}2w|n_>#J$KnvvIxmt@E5dnUeh%=#nQ^@8OcC>Q-;!0WAirf7&-Bv+RJ*N_0Wv>dHm z(Z}Fl*Gq4(nd?8s9T6K1KyPO{M&MqaA+|}H`(SZxhHe^ysS7lfb-7b|2oZ4+uKXEN zOCN&uNFhSHlYK(rAc8ek#S!5k0-tDzT+09gpKJ@&=HmMg=h@MkRn4uwu=0PoTl4o) z9AnX(!8DnU@n}CAhg&`Sr9xIt!!0}%!ye&?SNYuwcfQNoWv7-l^yNNIc3C90l_kEu zEO7X{$o{nZL`lD-s!ge=z5K;NX4u&X>q_I*PcW5Qsx!~}Q?VZR)XjSM4k5lndhA%1 zg=##Uu!_vRc1#(ZS(W4pDd4i5btLM??t9VPC&QbKI1u7h_pi;J#8t)>1plQ9h-&!<_ z(y-}BCI7Ff-zdn!ET3n|*OVlO%r^B@|D;`Tl-yVo+|YcEJdYsQ8~R=bf4zi&~65Mi3ySY!Qw{K*kkg*jNy{!m|cd9^BG|R3ePbUCx|nMD6FKeHnfdRj2zd5aLC&RJyX9tfpB#yqBS z(n$6^!70gm5!^OQd{|gumg3M!wN>hrVsMay-*^b^F;~baf(nXi@97`(&LSr&tIHG* zzJ0kHnlvL(&;DU0M<-Y2B$PDF1t;k?)D^y6UhYCR6MWkqJN9V~w7KTRMvrFM#1I>Q z7O^=0b}|Z6{qCS4c{BIBzX1i%we9Kfx)yx=NROZ5y&;Hk1q_+$E=jvcIO1!u&fJrB zKDtu=xv0QSpBj-j@^M)&zFaAz;i}|SXmfDImIM}#Gs^`@=AIr=-OK8}%ZW6I4pTsB|SxV4c&=z4DzM97kxE|?=(;M<(1yFdM#)_C#l{(4s(KxKbalghur z+w>7dIP=+U_BK>~3(aIEkj(np0K$R3k#RV`3ZG%xy&!AaT#H4pV?^7RJA!o&8AHyE zda1Ht_var&p`AEI^jLK7Xt|rV*BN-S+-OGJG?W@(P_&h&{Jfg0B7-@a1l*M3fu*f) z?7wZ_|Jg&JX>m?~5&(MtsLjLjDM_TMYEnE>>)4}#{3g(+Z;8g2dCM}3MwvQh@za3o zMC0dXditgIX(0ReMreVz$nr>>2qijQ4_Hl06K{7QBsGWsc5a&cyGm=Ve(Zz%&pPNK zD~tOw#8S-9*}L=lY}u_6WyKp_#`c@jpB+*ozW9Vx$OJ`w9`2@y} zz+X!gu?1GAbfE_|9ytqb699;`*&P@8sj&r0SqKKo)veVSHG}XJy~4LA!7S-44E}bm zEW~-_G6U_y*D<>IjkW~JUbMkPJ&gYRcon=1iO!<_tpzlZH;#8|UzoBVgT#5d92?Rv zOzD=d7X>W?a4yP55YA%qNN}?dy0KZ2&bH$s@>&N%@3onKVw)U>3attZR9qg{{<%d| zAafj%29d>frCDqN??p17t9IUZ>2F`0zX975Ka;%H@T{UKz_hfh>;rgD7%D4V5DltB zR^Z_hT*BYGongT2sQe6CzlsueJqzU6>3Ue;)f3p5#f+Q%UO)H92f~!b@R4&@)aN~S8>d`@gG=clURqb^?gM_XdbjvN^ z_GtY|5;z3>&ReHsqlb88tbT!9^4yk#8@D=yFp1=rBQYF|__{ zOHxCkB44jsn720=l<_th8ny1Rh)`7&Ihw7q42N9Qvch%#+cex%>&~LGFM!uOjTatT zKpE0bukwR{xpR8L2&22r&CD~;o5cF>yj6eWT{c#4`KqxyI9GAXiQf6MYQzh(a_!4M zeT{>5nDHlvS1!N;+F??kLaKk}I>I~+=N%S4f^6)uh(J};D~yiX*-KH`?SB#dSFEM6 z{D@C>f=hyW+})t+^qe8+;o1xNps$B6H$FC`2jS{HEF#q-AXu9@@66KFZy-kl@i(n0 zu2b5*y0`1uTu1GTnuQZiEjAk$s$&YzGtZoL-=&fx7>$c(`((E37(|+E%xkFWZTQA# zMzqN@6L@8mKagH6IY~h6jg5)}$AZ)a^f;k0XXYHtH1`S@enmH)+dud{#m@?;+#37{ zP3H-v$}cm52ie9N=KHAiHubJkm3_LmhB+MfcPH7G=$c*k=4vZ=C*g*YOSgo*zc$mI zq#>$X8Ol9MZDhHGlx&kR!MfGE7h}A@lMH1ev0a9fOsDq-@#Kni4g(Z?S5A)>g4Z>9 zQla4v2wJBDE77!)U(^=s+s}Hjx1-@`+Wkm732_xxjYdD1thrVx&g4f%w9w7UW{#y> zbOq1Ri#i}-=+oJh-;=q0FN@D)VEWbtX(0Z_AF*M5*rJW|p2k3O(C^c@>|w0M4vh0W zysq(ST%fiPJg;rtJ}&&*RXj3u>XTTXM@yq}9ieBAkxz4!ruc)(t;V$s zTYL3hq6ehNGs>rzfMJ0hlMG==h+f<_@_W|m>txoh!m(gW^DmX`8!1J;SoUPP!?$q} z+M0s`;#o=2JXO1_e^6~x80u*}OC`MqCFvFY60Hhx@ZVa4k<%9G`agXnQXi;SZlDFP zVQgH)Cgm^{;rfTq(@At!vqCnBsk?NS)xccbvh>-jn2wRLDmZkptlKMe{j}Xg#j-7! z79_;GNU_YDM8w6O!cZLtCCk0`CGVq}*ek)6J`ied+2K&maYfw@+T1f;)nOEzDx`!_(L7Sft*H88zL5)& zAxK?4!%|k;c`s`+gORK;u2-tiz>yb(E*uyo-m;y{nrE-cJFfS8vnue`aU~DDpsa`p z>N!LAmg+kZR%ZE`;-x1t9_n_&IPWh>tw`!M56Fu-B-I!N;wzyW;|p(^-@2|I)3vT8 zvL3#3uV8qji{>uo8BRY@-Vk)n$tBt?-`3>&02ZK*2O8hazM&kA3h&v=aVG~c zDsvU(tu{`R+0fk-&k(vo!sX7auq`yvjw|}P#Lgqq^|>~376d2nDe|;_@;s;bs_>~% zj@Fh<&Zuu&8%%z!C+Q@bSGSebemjnWUv-lGvGD0te5jL%Q>a_j`EI;B%Atnn?UHIp z0iVs#?He~4M;{inA#$d7hL>=bi%uXIpNEA<;Fv#=x#D?=vON(owgnGbPxwbI=d#N% z*c8>P8=Dl_zLOH=O|=u6Qhc4rQ9EkmtC_mPxO?+OG?;IB2&m$UKCkJ}yL!TS%&-pY zVo!pVKhacX-WT_K>+WZ-!XK10!e|F<*;xo~^iRpGXKphNE;Cb=nBTG_B?kOBTgHT$ zYp__fhz1VJmD|P?)xUC}Il13cdf~il=7Vpc{Yolx0OyNe`Gf1si9U&^i_(mp zvvSGMh$mu7sbRBG+o1gn`ht|$}19o4zq1qyef%?wEw_htFV=&m>@yw+F~lLlg<1Mbg{^SXCa;IMHwjOIR=VeUL*k^d_7)?eMv7qc?@$leev&n z*`5{h@p_SGA24ErB^4CF3kq=h7obXZ1%^<43s3{dskZMUHIt#TAV72qFM2-@nH_h% z-wIg@DzjU6R;NY_K{7=EfS4%pZ`upC@Ux;I z1y$VkMF`qjY?um6}za_a@YDUY|)*AQb=1r2xizBey5?72wb5M;uQyL`SKQ?;=mO3g1sRM z{lxQIm1bLm^Chn&J{aJdV0`zLF@ zj*}A#V#%K;Hj+DX`SlYExANy{W$%LVy((B<-(3%b@AtOTW(kE)!JxfD^o%@FQ1Ku_ zFS#|y+v@~%o&Q3V+V}y-rdxrdh;1tR9ni7w!fWvJj8rX6`Ta)`Nc`%i!gEP9N^|S` zn>ne0WX2p{o-3S=KP2R0mMhb__g-8z@p1uIQsfg5L@#6wd&E%TLvCcdcLhiJf%ieW zv`^yC?O4(9jN7{GGV4AYJZpq<_3r{;gfp}qZ0yqdaHG#vI>kLk9~igNs54W8jES=cX=P*(H(+*B!QjE;aqO~)A!4RIPYjrbOG-8bwj;9gZ;bO@crsLoM zbNkN>i4O3mGPKaniT2aW;hvCzCem!dP z0~dX}z%F#?Kb=y61=`&dUJQTgd^$H|P?jvQWV4yw?ENIbz89zU@2Ntr1lfomA56W%r<}E!BfROLqx=MXZJFJ;2no$cz#Pr~ z7A|p*UJteF6Tw`RbXDpcO0&$qX5+6Tgm7Xl97A8sMo81So>5sG(x?CoZ>D8a=}_XdCAl56ytDgD}) zuKpFKpto9cf6b6r?r1I>xIMzCZjBQ!&MjSs*=|}cPeUP_z~cFuolTh@Sx!QYEK8Bz zP-GxRGv_JWy|GkgJlC*%yD>n&OK$bmM z&pb4&&|s2fnOe&%mdDN<8#yru+A?GCV~)b3y(5(4Gt>HrLf$Jq5c-|+loX%E1&Hsk zI6{F%Z{2qVm`U9cZ6vJ!j<{S_Rkx`$dO-|mTJi6t09|MO*YwrvZ;=G`<%V8wj0+I2i zoc5Y13ry$fGA{D@q2Xz~VbsY;c}X%fXVC4&o?xx^f*WZqQt^nC%YL6Z(efL*1bT*t zxEO6eNcoM{8y^ayuU&5nR7}ctLq6=!cgZ&PF>GSd2zq%K$gPx?t;S!*W=2qn>1u?Gd zxtf5^aNE33ouUM7<2Dm9;Wz#(TtlUm%4jaNQ>^Ll6nOL8#hAF~zJV71F$p`VMdznP zl9$DlZ-40cwE2&1+EMu4l~yNB#9_LP-1SgwPDI7IcW$5!UbKj@m3a-*aDL#2)l;$2 zZh%;;e&@0QJF4`yAv6ZmGqA8T{Po7-` zJn`|pX|Anxa&DFjb&g1%ZAfsu`C9g11K`ZFS3gWSRlW#zQVUOa((rk&5klMCs14CK z?LJOo*5_YPZxtOPMP4T$LgFqN0Dg8U&YWe1p5L1;KIgBVi-WfFJ*)zm*ns!cNTmww z1>dr$50QtE%0U*UX6TPH_r|aNJE=CueRLdmmSqCu|M1q^`}GKNqS7SXP#3zF?F0CG z*5<~`sO+4AJKFM;EJN0u-K+c}A7urCAJ{hvpC}g}UDt z*hgTWY@_o%+F8Ou_?O-?LGItQQU0t7dTyNjjb)(S!6>f42y6<96@{X3!Kkq z;erWXg}Tj)t86Iphaa+yRkj1j&9bghWzZP{g}Q|+D5^)gQSZkizJfSUL;GMfA`lcM zjkjm*HeD4lfp)R(asyE(^`Oq%&?!Iky4b~NoEOk|0AopI3+6&?tef_aslvSDomyK( zuR@OJovIK=)VX;pfG{7^D-unvP6lfWfwEm3@YPASpYu*Z!UOlaAEVsz)sdn6>rhCH zpZndJj)+73A7&&l?~9y5XvmfHq{@EA7u>MTeQb-0kxlaUvo(ey*bpqfB! z{D-c|PGa?IPN=jQnd#L8C3~4B5%3GxSMUO#m%V&i5ho_Fjm6un%5)$*}TwOaQ*U(~G>f3kp9zsBzf!lj>q%a}Zl>3#K*(oMuC++@II!Ud6vm$Jn~ zE6Www^5%?8>Be<7MZ^3bCyrx`Sd9LR)FjuL;uCbxPxq#&0rph=8U9JU*Dtp=(^VE; zl53sLo%98u#=^Pd*i-u=>9IvSgzcQlY4FE+dc4;sqoa&XXmABIdf5{t9wLmVK=zY_ z_~2eVz7a~90nzWwL0LozNHc8Aa|fDCL0R&mL7AOKYg38cpW?x~XrF1#R{Euqd4P3h z&Uev&dop-bPyr=#qe1zg%(Z$rdw!s=9{#Ni|62P?H&i_TRu+2%3wh|G3v-~&-f;5@rc-JTH(>RqktjFLw5mjtF0PiQKf#rA4Ap@U#xk%y`>M=Ai5R3HOP-xCH6jQHDT^Z1-p1QgF2s3&%^kZrn`*^yAhr|> ztL>0paB_!UV+NnemM?DA3@dWg>~o|EmtRjb_ZHAy6*ehSmqzzDttoyx^6_fD_Yi?~ z5J*3SN88U(jou(1!NI1fub|`$@9ZpDI8myVa5=Q-qH-~86i{!o&dwf%e~H;vDt!1^ zAW6Nva!a3#Bisn|?Jqz`7n~^A#T`{De5$)SF~lhK$f>Uk7-Qj4tG9 z;%}wamE|~DT~^gLna&coc!DG)onB<_sBjEHDNm5<)D7ghcXCY~H$&$hnCnSTF?{q}LpP#?|yAdw)it zS*JN0iUWPuX4cBWMD)pz^+sAVd;57-2*H6pl9{s&ef|c%E!5(7PbPa@PnJ&G3xs{U zZpwG;1nBwZ}FnRQXxXPlHky6}DtH);bs%Z$?_bKv`iViH|AvWuP_a>+78d4OLo!}5k$wyI)BH@fh zL_RxHC#~?DRqi-3Bm_tOI(U(o&ARJ`_kg+!T+-Iqp`ybH7LMN&KUxu!4g@kMgRxr? zFRLO}Ilm@P{WcQMG{($1_&v|BjLt}onX}_m4=AxKfq0Nnbn*%i{XuT1=qX@b4ZxJal9ASGBd^iM;^23K6`u(E`&xb~GxGVEPSUZpx5rGPWTp z-c0n4%=LSIt*S^p4xk^w&T!Nhy`#F!OxHl%=7q_NTKq&Mg!~CTESL!IFfzb4hnMmx zhU#ZBs7Av*G4~)RJQeC54%VK_S4MgjT*fYU0Z=?7wtSK=4Y|x-Hs*=F2i^!0VA(7t zLsu1`vd=M8Tgieo%GqHYxSiKXFat}|_e!UzWOH!~&-87I=6gRZF0;}l5x4o9?A>RE z6h%iv3JSs`{I}M1XdjJtsji^H)7fFs&){=G(I6*xP6ZsShqBbHjy*+fKL(C@x9IJ@ z8$N<{L1$mChb7opV|`NWWb9MqM)t}?77HB&`JRfStnkNtQ86r!O@6FgoknX zdO-IG*^M{f&J+ip<0Pwc2KJ~VhSNtV?lqa7hWAV zZAQsAqWR$!9Iw4Bazwj#?iHrLr8}9vC}=EpRdijhxKPKuea$8h1_j4X51vJ&^ZIQt zzM+)Hl_Xny_@SKRklxZ7Pa9<>V60c$v%n(0z(N928Z@3rWaBduIRQ`(qXg934(S@O7hq)A4S4}`go@dJ!`BTyYOjQgiq>_Q+88l zDKM$+Sws3@sr%Q}f&-rPRB_|OXBvN(LhfoWt{wRc=yB^{uZ&O}j+~bPIcK&wq z(H1n0z)%f;V;6e#u8S;_e=65f9v;I^VqO4?hPvk?^MaHH6sjP)QfDKZ(c0ytr|c43T{r1okD z67_~vtLk^iXR=~cOpkKB!5-Tz^Z@Ez{3_4uX;;(xE-=+gxSM3Wpa+m8k3_Rb0X0cK zNfT7Vd9ID2yG)bfs%NnIKhaLn`JIG;Q341)2p-8-soI+)1@zbb89h;Ds-Fl!_HF3% z+}$l_!7|Upe@7m(U=;&;mpBz3%%dV!fG(8^1Q}D_@LBCe_UyM%hzMR)sqe?gZ@^-a zOtMS9EHKQdIJi*X1c^CDT~NS*924S_Lt_%BO08mKDJ~KZ(hXT}KgPsP4Q^ROr)CY7 z2a)`sF6Z|VJ1Du0Pc3{^8Lao+-+%F{(8$-^l8mkr_`O4~mOOM(L-~5c2QPjITQ5pd zIO&DL_Sh1xb)3wnn{nQ^l~A!Wg+&TBiW0?Jv(rB|k7A}a^B65eISf}8Jy ztq&^;Sio%1I@R)^R3th~)g!fDCvl;KJV-v?@(@^*gqX8MD__iuhpacT4T#rPg(kNv zJ%x0ak>!5!+@NSu1z0S>zvuoTJro6(nK-g8^>VlFa{qvo(8aLoJfYp?Bv-SlKu{gh z1L7$0(0VU594cNemp*FjbXHX4F4b35xefhs$lql%(WH0uF`>IEk;QY{$1|m;z>@sbj(=mvUFZWXzeDa&1#Uu z!p@Bcm#|zc=%1_twz|nt5n?PckPi1af2oF-@xvVgnw$@fbQ}d;y;Q-ed(> zpaAH+fERd2G!CCVcT-T5sd^uilD9$+Wgk;nnD*Ob0SDz3pPFPaRgQ+~2t{i0(!O*? zgl}AmjAMyQY07yvJI9l>r<3^|jOBcom~~*g;0K=b56H>!Oh#Qsdi2Y0wbFf0;=q@^ zrk=DP8bZquoxLy~;H;GA)lAGSlX6+G(7I@`-Z=;f6XKJpm?_Fc_yWNO1L7y9AMe3K zQs+bIjit)>3AIw9XMQk5zVZ2~@iN|>(p7y-(^xd}eITjGjG@6RVm8dDZ0fTgTloT5 z^Q-TdJ+Qq=>1gA89Pa77QQAI=ZYNW72c$r2gDa18gsS)YZ@(gcxL@M!9(!8WX*4pCCA7@e!i;?w5UnGnofm zJH$QYK&2VKbE9$fy*&G0_%#D)2Dpb@EI}Cu1fZaQ3!&qp{Z#v?$`RTzyFPV$!lY;D zDZ+559iCY`lr?4c3@P2stzE2QQCulZ4zF8J+^kpX=YBJ7MR8jKZ89F+<-`)!De*NX$)`*u5bcg-|d=wQ3D0@(kzMZ7k)cJ(#2Q1+a;1vGyALLT;Tr0@PL*+>=%bsdrCV;I4HxddU8XCrTv6F3}|371R`Q5@^GYA);@t=HI*%ldf1@YI>2yTfmVi8+qOh_UA9m9|6vGFU= z=s_P`LGEJR^5-t7jq($Pu*byBL0_n${Jw)hUk-g;)8$(R{yspfAQXv94sjm;1VM+U zhYvxgL1e-aD0Y9@8(KH>d2hC3b3L_myyRZqZ#NYPe9LRqvn-)X$QmfH+{dO1Uru( zS(oohJ0SH`rERrZiaruw!`no6li_vFZ!(yszpYwzCI3SFvgE2kt@roa0U8Lc&+x`G zMyHQ%RyDX>IT^9XA|mZHTK*YyPO?MV_@R&Z9ihkFRLTeB&8vC=N*a4|&wVaM+4SH7 z@27oS2d6ro$m}HvzuXnj)UT;he1>|Ey2?lrTmM)2J+WU}PswbFPg9Zvi4_~{V3ZO}GDSpy+CP+Fv7|v;yv2!Jj0X}AIA}9CRbpFA%RoLi{r(ny zhX3qqc7jM$ay1=9z0Eu2*!h>nT{WZ{ zUUVNsy~zmR9IGpY9fg*>Flz1^)<y2OY%(v^E3Iltd>AGdz1WP!sE(pac3AF&Sq0R!kq4>>JP?fVz*5a<~N^ z%Dj)Mn9t+;rCQ)Obb#*|o}@SANo0HpjVhCBfoi3PRMyjr6V~Cr%zU&}*t|VNAjM1+ zm(Yo|fB3|OiCw}ZnY85afwEqLM$Swrh zoDlu^uYa(o(SNxl%pLORcGS%U@fgqbh9w95k>qlmu0_`j@6j;KW?o3{Y}Uznuj|(^ zhp+3G3th|C4NZg&co_RFD)FJazc60wgan|6UvTKpFxa`hC)K^J+uT^!a&3MjAg=+0 zRD<~RYiRveZQQ_F)u5##=tW^>GrAfgT_O%iHTgCd4c)~S5wMt>Q>DJwqJpxDrJes}DE2(7U z1nd?cc<^$n*9OBY#Vjk)71EAn*3)!I(R{wmA?m(ZRQ{fEy*H_3O`=b9EN)pknuG3z z6Bn_Yl+-9)x4RwCK$Oj$Lnj_NUoS&oe!Sg0np!*xnc4OJxtYvG&oA2SZCMFr^Unkr z+TlvFQ)5-&WTynq9Q_eT>Vvu#xIM2f9>rG2t$cc^GluR4ac%Y{hNebr_1ZtFf#1Xr ziLO?lk7#0bgL)?{GQ>dhSB;*R9$~lfQ5X}p9_n9^01dA1|HrwNC|0b0y(@s`0TaEFEXk`4`pKKQ`T2*q_`(8^H z+_r3rRo3JbPMrk)jZ1k7!urc^d#Ns(=+@HC;Fl{OWS6UNzRy7E6A{!+_eT+}TExYS zcfav;mOsEe*`uah$MGb&LPyXO&JfXEhLsl|qzuNe<6$imj-FhiRBhg@(31d%z0TcG zSqLOY$mkp4&lZ-ridb<_o(C!u->6U!c~1b=S|2Kyb3>06xnV%C2U)Skb%e7$9ECE4 zjSbeAfKrG2e4y$Do_>W2XZi6byQR`NQN+AKEwuaycrU?>p&TNm7$dmft$-(rj_*jB|K%58 z^vp4(Z>e)4BY%O+1GwcVbyXAP?)b+kpkzw}xoJ3NIM%5fndeq5%PKI}V1Js%)gN=a z0{o@|<~I;J-q$j%!_KNY>i1BhMw#O0UCH=Cy)yWreZylr5KU1t@Yle1I4<>|fIXgK zmmJvf>c*>;?{~+4-2%@241=~F)D5qUk~}vn7Z$ z@NjFqMIAlEiNDpRoSqdER2@jtlnvrz+rKLg5Y6nDSS6~6cTgECtL$c4*%S@g6Gl@2 zk0NE>u`d)_gB{6#`*M6CFbZwu&-Hb3D>mTUJhnJEiz$ z7{-zAVYi2goCvV|w?jZtv8DWOUFTc5AJvS*1U!mHack(;f?ODbuQ7h3524kECH9`i zh)A)AU+6xss9`lP5+>XE8WJs3Z;`^BQ#&=wEbSuQ#_#~`l<62dM8$-*H~z#8N)(36 z6j2?T!~O6|Mrv&rN~IR%S&v3n&%L}-rt?`66v5W?9pL${W}GEO8h;)3hWZ9gk$74X zYyXyTzS9Um@^te%l#I7JZq=qgmoV<7o3BGNx8+SGGB{w2U@7Qv-bBL$Hfid@kQFzX zP0)#N_*~4{)JimEifJPOgE&F@uMdFsJ&C8>1d*)Kii{HE%s^gr-gbA6B(BcrDyvja z=L5r_8~4ZUsgqRLp&Nb^{R)?-1a_zc0DPpq$aL*1_izC)E-8Up3c_X|EHl4xWca*oC)A~g3}SsKT-&U-k@*^*L589b3Y`rwJqgowV_W|N0^-o`qwKX@VcC{`H(8~t z>cs9O3Cmu4jf-ien)k3;Ahw;aiS zxj|eRj1!P(!vp=!z+vJ+RIhj2LBMx4gpQ0|>J7PUyT9&s#I);S37r&Qz2x0p%__}) zhU-&8TR|3x4yGX|EgDie)G+14_AGfB>2)MgMT z8NOaD_Dv|wA1%Y^-||fKmIf*{jBuSNmEi6)8fDxg=qgPRi-biG3pF*0u{9R5i#2q0 z2p$^#W0$OG72@phN&D=w-qg^#zv--HMRz06B}MM-eP&Tu=w5QxhspuvmLi5j--J1j z&BHZ{%>j8`Cqq_$-6#&(8@^Lr9#f|zjDl>{AskZ=`#xWx?x4I>vg`2=#vzPk9Og`z zN{r+gnME6H@HjSh@1}IECOJ))ar$df=#tMwXib|d0iz-$zT#mM_mD~1cw?{CLDn%4 zo}tseRWwZo!Hs}1FMe7ihCdyc_MEe|*qC>d#!Yd4)yFY3K>%wned)q_;h)9lMhox$ z18D`ZKV-fe?5ts2YU4cxIZJI!rXWf!-*$7FO=}~_XR8IpN{#m=YcDNSTM%1}MauIc zVX|SGQ&r2cHiQr=@y8@(fp%Sj`Ln(7`k3uHgqaNJL`_SW@hP)E!6+}l_V;dhy=GN! zrfehrvIoh$+E@JyP%1Tl)kgur@OrQuRPYFT*Cl}h4AjFx0l4|0K)rQ))c{-={i)gF zH;Jt{F_nDy!7RKj(1%Ur`uB5zrNNe>iIO$+Lq|S{E71n!G zb0>rPw|^t5@t9|;Q+<7;L??e&yA*i!J{ihC6i~Q|n`+*1eaKeL@GnWxU}i~K@0p6%!07ij3#QwW$v7}jrg%OabwmKBzC!IfjegNZ{ac`Alu8`mOV zk$EMCW79d5@PKY^oVRO(6}CxM0?J~?F{Nyi9u%jt8gq>T;85Z~9w+DMgrMG(XV?#9 zTmm?zq@a+7j_E;!oMVNA^WdNTB(985Wwf|@A{mFeP^_$We)d!McWn1)c1Ur zpe^Tc(?aFGLXEQsf;((twBLH^<^o%bvukxH`k6%qwGjNV^8_l=QTXqF-o%Rm4efs9 zzOO95ijlaL4tFm_rqZSyh_>_r%;VJ~wNNN9c`syWn^eL9f_^frqhp0kfM!~E*h-I_? zNls#q-);1eWId7f{6{>wnJUq3M)S5=>1O1Z07CrcZtm3A=4gQero^TK=!Z5{xHW*C zwiozY6nRvEz~eOjZAt9|=BPV(-uL2ry3{AdmTT|VAAvcQ{Z%o?u}(TgyzkWXEqNU0XIw->91|5^j+4Qo+Dno-(>rJ4AX>;ZQI!` ztNws&r)=!sqo0DQn2Z%xDzo6E7Pqonc!UuZS_b**WnC3e6ICYp90&de=E2hHLH;Fl z5$Cei{7iC>dz`IBEr_V#ImpN6`zc@|h$`&-`X!s7lSX*In-Gei!H^5vwPmWXq6>{? z?_ab`aH%WQ35516Ee}=-RsGjwB!%=nAL0b>M5O+387ZjpZNM}CKvF+DxlE?Gg5N-y zcbv~V&yaWIn>^G#BK_p?K$vl)OF~faIM%5e-ydyfvhp}W#kPT%QhiE3mCQ@vhY~UC z^?F*>$UEI{gSmF@>n`RbJ`H?&3%Hx8LQ8rz$5D<@vi-UXweR5nqU){0qWYr7UulMB z$f3I%6p$`yNeMwZL^`CKp}Rr4MUX~Dq+{rAq)R$PLh>H`zQ6am@!Y>=&ps>mo-?!0 zoV7lCom>^h#pIDApQ;!cHPnfBW4Y|>5bwGLzp+%OXt9OLwqM@8i^=6spDL)q;egeZ zm~I#UrG@KlF8k(uvQ5cG?g0_C*uqjRbJou*LkM6^wd-E}pU5>}iOT1nCFjEdLttWD znMhM_9~=`-MUky-K>L|~Ww>u&my!wwBH)McqCqF=YaCBkQQ(FrB^ zIk2c_>Kyur9RufA34YrqNBgl&@&C|cCvTNoO6`A`_|sGQLd_VDzqxdXfWM_8`)~85 zWpk)iTAa*Bt!yZn&A^h>Bdf^&lygj^_I$XczE96-!8f4PZTk6;COo%#>@=}HG6p8utK01D`M4{a9e zLGeEGxzR~Kzze-C_cZbA?UVF*f{3Q>{)31%_5DO=W87ucL@X2+&*k7O`7X<5mqwtP2x8J1!-ljvNhiTtUEhxy8|0{;$jOR0MD*7faveCG z2)Yi8yIfmEa;5FdoVTA;qhCdmWoi!nm;l~-A}u6pR9N}MxMn+3MzpVASI{I;CYtCl zvJN&i{ch(wnehXi87)f-duk=QUHd<jkJCWXW}n(L%Tet76i=5& zBwI%h9{lq5`#dms=jtk2sE?YJTALUTiOZ+RWz>6tIx$I$J5G*}6q>n6cRfhe=hVN> zjlYFdBSdiA4zQfBa7FJldMC{%{{i^uhkG3Erht80iIHhF z7@EOdl^%K!QnHyrmDSHW$7SWGIY%{omSyFsS&VYS-YbKTgO$3O&xr#tN@yxB=-!Ie z8WiQd`l6f2^X(uR*sLlmQHiDgm7^h6bIbh`#_9qNyO#T>x8LUNC(+SK0t2_6 z+`Ki;{9{yQ%_N3tKZb~D!A)UTX7NM)(%1>zo?FxtJorFl``#zjiRCuN1L*lLl=A*o z{W4i`EV%r@oQ(9H!oF-0PyLeqd!O~rWcABxJ(-^sP??2*PTGdnEor(L>lW$vKD7;D z-$;VaTQ%Cjr^L!K0?xSP3fix z?CiXsqU>e5S*Wi~Ux-G?Iv2fMU>MIqRi zdQTiz(~ay+>W_`+z@P&4R>$UwL1uCDMCqdL^nJt*(PYh|3yS4_uaD1PUV4P+`$w+(s?OTdF6NT5a+s!>=QeI zLxh!Qte)OW;oWE}f=x&O75$cs4V@W_kGG9t590HH8z)v6PwfXG2itXc^se`Wom?`d~aip$QP z_U0)Rwi2W9Da^;}Vnvl98^NGwniSf-v{5H~E4*7myDQtJqQX4?`4E_B;%yb8JZft& z?94>3SJXFDy@>VjD?0HA8n|cLH1TzT)%L~sH0_Q892{2dT5QEy2<+)(1>IX^uEk78 zNWC$*w*WYb8gqc7@EOXups|~isw_+JyzuNaYw)J5(V8YoqW+e{dy*!5Hz@REN?$s-UMZs65LraT7%69-4CIandwG|j z+t}<}Kqb|U$O?nwbSk{HDQoNMHLxad1B%4wtUhgpO$r6wfHZ zuQ5mm20v1JC9(R$wJ{7B6olhNM6Fac`qjR;7As?5EJ_&H)SnN04wvhu#7$ii*!&xu z$cSUUgpY}P-mmC86vG`J`{Ol`3coe;3*XAw+-cqTN|~atqgo#c-J=|LNA)MC|DM28 z3vw0a7_S79!x0&7|0g;87RP+LJ|lyzHVt0sX3Ri_pp~Ztj*ct`#|8aG`H_*)mCuaN z)xL&Dp!M65m-kI!BGpB?Or0UtaEx_CBx{d580nnIRz)T8J-W*J*bw4@$~KTmL(iD- zXD-O?O(R4UOSCYQu~RJQo_cW__Vp(i6mEYP>}RKFI-cC00J*|5(7fIUQiFiVdQZJd z%UTiXRBzI-Cv-k32~*3eXN7{f;>k|iOG*WBF73Bsrwv8DULa#*|6MN$G6tx-(AvhJ z|A^;gwfN{Q)&VwC#-Pl#TtlIjgBfxR#3)B_vS#wgy*gBN#@k=e5yLcbD?+c5R`F1B zphR%~NW|;9+Q~C|E|(9N2|(H%=94VEqZ8ccfQLk1?b}q3l3wtftVJaASQ?&k>&_3} zIny7HU=l3X%6A!l1QLWr7aJeWw)!ekndBX>IfRs%#`wTHp9jqc+@f6z{5*OLaXR6j zJz~(T_tMR$MRZd6E9v;-Dh44siJ-nW+gKI-F`Hjp!rp9=e|xj7QZbkbNPK0pe*0#$ z;Y+qZ1Y&CVX0#?sMd&MAnei(oQr&<0IDnjP>hK%u_0rJw;|z-0t2rH*imza7uCHpA1NaVa^^Qh;1>c=Ge~VO8TTD9J%eh+mwq_23%}{KUiPB~CwEx|j z3OVQDDp%U#QNI3@4gK`H7|XwNH!L=eOE59+45xA!7o4Vrkz>jep8G_*?Ne&KW|}Cn zZ+aNW2#N20L3hza*U8CkC#q72HpIDm-Da|cdz6D~0xeLTvjqvhG@3@CPTpO>#wRGJ zN~<^Vu}~5vi;9)yUN6hU*;mk)Mk_l?=1Ja{x|+%Kj1#AwC=gnQ6RD@KsuWs#FvPUY z!@~J8yAr+}_70VjsC-PcfoFQ-e7oOo#L;Z^e#cyv+Zp{*LUDQDJoGSqKB zu7fx>g=%=~b8svi=TToI&hx;ry!BnM%%3v#*mlDO%=G$DMl8GG{4yl1E>0Xf*#eIx zJQIrf3@J6Vx|r^c9s8;n?;U+fbumn+w3;Xg$Vuwc5PENrBsha|QM!QHcycrV0yM>* z8;U@%qF$2mQ1KK6Z49wsf3*hl5Z+!SvlN`&llZeN;8_Xq%-0rT9i+Y&X)Fn6^dv@4 z1x}kYW-f|!40A4WwVoKJinMY%w~!|>PkJs4%%B$x2p<5301d#92%y26>j`c#yWmg< zH4Vjh0DjrT#C~IvmR}t9sDJ(gBo;dBC1HPhl4&-Jsznwq?8HBS4-h>v;xV#vhb4fB z2Q|@4u}oE_;XCga)I_hufQ%;DPLXsu^Z6JMPl^8m@E8ByaL^R z2g-Ctrs8bKUVM+fy)UVWB8MgTpE^>!`La}ChW}dbzz!C1w&%(_d5+iF@fi3yBl4k| z@yz*wJD|E5JvB}W7sahg$o}1by zgH+(Ms;FAi-)aPgIm^Ds!zjXKwf&i@>wz@>r3mTY5&`9={_>JmljULUffk$W0n$}d zdC??H+eiGLwcslnL(Nut^J$_#G@>D<_JbNLBr%tP_!(L43LRr5*~HSiB=5&S^&+q5 zcwvLDD6gL3*U!Nx!g;Enene-7Qi^+PhI+sA$2xegu&Ig37Ogvu1K@uycpLP9RHXM z-`?FOX6b|N(mXf$1l2qOJUxcQQ5640A#egrDPHH&R`LfiO)RG>h6_}aen3|Z(03tB zwYjM4c~LKr!vRSi6ARVDWoj%=fO!_hOV{P_y3P)dgdK;37_ukp1 z>9!P;tCx!XB*U{3TfhMBqGkhm4h9CrH}{%Qq55ME3PN_+=&L~4*cP*8GWAFYWb|sI zwE0(oq8D<721s3%eLe^voc8B5E#7qv0JiiMfoWF60iDMV8%u1s>}w$RydySpR-UL& z-=QAkOA@PGG3K-S^_b1WjK~W&3nf_30;Ujb5(;$Lrj3Rf z*JM%hGcNN!*~-LWCbjOf!^`=}Xt)8G0K@__Kb&Mx@;By=hVjSMo9lArQu6cXP!40% z=TZ)TkyV3c5OZUC&JDsY>X6+_B+qZuiBDU`VHa%*b{$(_ivh1CHV!X$Vx}c;_b-e| zMN_$b!dc1L)~3>~?tiS=CRU;sF0*^Cj3GcyYVV>!P{|Yi5Cgdc{{DF!j%Aps-Bv?S z=JO(ZZtB1LJ*GPEj%Bo~{wRW40}Zn=hX`2jLk#G=;nBN$Hm_C|5H|Ryj8nzDhYG5<{}C6D6zc`aLhe~T=svYOvV7<6L1f@Yi7vnp{N`?3K!V-}4y;;6jIT%ui|lLw zmwQKNsm?#Zn$1D26ODwXRg3jvi%9^`!|K%Z1qRNk<@zpaY&p~2YWo3r$B@MaDftme|v>@oUb<* zrxJ*-jYstWc+~t<(DO~6alU}8xMa`?(CE!w#yg8Z;w0GF>$nNC&$o;Oq=Bf)lNuoL zud$K{1WLYJ0Rq9xl0!XieUd|jK74gdq-bwnMEs9bC$LJK0nr_T!@d9FD&ODd6X`q$ zFe{gn-NFpP`|SGA7?e7 zF-Rq1n?~{OoKnJHGxFo?a5eK17(%d0^=FPGJ-ziqNw=!!d0+dYC4YPFGH_ivl4>9J zRkE|@!Q{YOtx+|OaT;sG(1<*a!?0N{=6JOtQ52PpnOiIc#|3AiFSGl*HrbxoE*MeFE&kOs4|8ICpStkNb ziZrz~&n{?9#c*r#&S346q1$gd=mIyf9}bG1TZrDDtf<%E;aY}XlewbZ$Da1SOA3pR zHzPWZb{8O>lW=U{k<+ms)(VaPu_@T#IGyTem<{~uXZmdZ zKPIUEnRtS10Q5x9kK#qj>i_Z_fL7Vi1+rLR$u9cBe#qChh5b!||AT}WvO0Y8ZUP3u z4OmE=IrFft0Pq&Hiump@pxP-g2tQyD03Wjk@G+u(S^xiV%Q67B-1+_=xTRC)#N=Ws zOjFIjhzzzn2kzjel;`XdVW+d z?C!{;M|B)G0W76=*OmVTeV)h^GxgUMj|9fRM3SC(BLF7? zY)}F={ulJo{^tD)m`MIf8{s|OFISG2=a;qrZ$Jj2Z00et$q_NUv{*ZldHU?~e)A%v z$#F7~7NSgsN7hTvO4(UL>QV>e&iRG9C z0>Io!kwGbKCcbE|!WWCV^3$aS?3k274`BU)}-Sy~K0L_Wm1Kr7@e*7twG z3_WkSg`gFA_u`vV%rHOL4M@v2S}ku4Yki+O5>xFlj?u7Hkwx^LgraLkBGYMokAFqn z@LsDQuj*kU8dEK=7J8B7bm6K^lKViZ4D(J__q+j;&bp6VU7=-auoFOxwK=*d@eHtM z4gA5lLH0q{bp+$+#;Xwm+E3lQTJnHSiC*2Cn8x4eYI!``wj@tnVM_e7ADT_lVdX(S~- zV)1d*<*yUj7>D|Xj*KM8bBdHX2_5&Q<9#pM{Kvl?F<*noUH{mF>?otRYByBZ1$Xu* z9Sc+W975i96xop>>-J)69DXvr$aLydW$Qde##aFr`EK1Q^@4R=@n>AfAz>Q*-I&=F zzDg+n6|abuNgg<;O}x4sfGOxjXCam<;vWIU2^8OaDEyKbOm4{$mcOggjx$Aw^&zA* zQE#kYCDD1aTrx4AvZ8sd4?=5Mr%(s^^F4!Eq=F zH7%QPC7bV)X;i%Fo4f49&fW8r_?w!bo!xt$F)bvUL$&!PibF2u%brEI@|mAdAT7 zwlH|(^5CkMy?LLF7&|2(^`&>`eG?NYMO~W`EVtF{-J(zUGx4&?35>gedgPJ&pA6wi zyHk7IU}e3jfu!fKoAbG;x6TAy{jwg@7X5FUp4l7M$bR2==AcHx%o}|j7a^b87KDn0 zeeirj$gxIwMi=DEe506<%sr2g`*%H&#*{TEj`8iQR(g{Our@JU{ci2JwvhP~mr@`p zl;jSoFG*57xQs~*Iqtl|_0}2wp)YtdT^3W(eJTs`U>K&XZI$`W1wiyxG>HN+nVA5b zg4iaIULhSF53T679{5+E;u2?~bZY}!S-9hs2UaK?Y-@QiiC3ps=-dM2coNm$v#pI= zLvGdIA2b{8)&sv~>3Uy97J=mcXEthk30|w>fAqUV!lZvR;rd-hF%o{lP!VGflh%s- z==fVZg`!|Q7^p|_PBMT~gUxx%V9qHiMx1-hDa_i8Onw%;sM5+l}A1q;HO)-zkCv zZ1m&t3%5A0X1bDo!EIBu1ljM=C4P{q5BT8Sw z43l2_Bfo)IV$FeH@K4_9CYU~mUj2sT5UGsY3U5~9`T9E0dSICWZV19U_A1iNNy9`| zYLH(Gf>4ykp1Rby4Dp$usE$1TMbOVry?HfXh3`NHzF||sYV)&)>rnd<%GdL=hEI(>poe2qR#(W>U=xSg zj*B{@R_+W=#o0kZksz2Vs){jYmQM9E!HmzLKRY;;x~Z26h(fv)ramSzCdd? z`6g>gf|NXtuxLa6QhEq>Cbim2g%n?$E&l@&Yw^A;3G#b)D3x0RFUteEu%t=D}p5q6Meo1BTpq!Px zyhXc-1qvj;5uk{GdNb>tWMMzlA{MXHtm@B$L zIrrrB>9)w0?jh~XzwsopLq-Tss60&93Rgo-2YA<8e3sThdyQT2;KLl1fm=xiu@q<66t2HfK1M5#bmdO0j zOu$%!H-Cc{9!u-YkGVFwWmc#mL%((J!ZfZ z6yOzvs2c`KZYr`MVUjm3U3xYkOAx1xB%h~|QO#?srSIf~WhL06j6y>@_;l;DV+aT{ zhF%lh96zJfCtT54s?Ay zAQ?tA5c2C{F4pacr}n3|x83wSMdALPwK&ZFd#hq%SjPKP#5z(>QC5 z)5ghC=HfQ)FNEB9S!i*+7Z^tRbi&Q=Bgzh2>Qv~s zP|&J5hSEJPGi9@W06giCmnoy+@mgx5@M*KBX{-6=AYafIw9m~sx@n5qBRAS98MrzE zH0~iEQK~E7wR)(-={+sQz<`}NOP?Nwt&2Y>KGht<(C?;c!*vX*2o0%e8Q86e4NWtl6WkxUn_;ro7y{j{fFU((@-9p!)KI>qfv3<}^}!lQ|y>rwmtNa2LW2Qo-TAg=rjCwsfN z^=st7u1+fYc|+yEB^%<<^S`Tbvfu;@iVwTxhY%a|FwCOw{V>&=xh^b(LfU4=HgIc# zS0PmqmZD;rKqgiCM5o|S^>x8msp6Oa2Jv~tKjqOrhBkulO#UHtO-bPeVFAvm=QNIgsZR*TYwYarvUvCqAxI29zDQHgk&y00rRbR?}?%x|QuI6kozx0GdI-amN+f)}O$OE(Y8>ZoUgz)cfUQzI)FD(o9jxiu^Ar@^dg6((m zodl=~T1+sQz2Cfc=f)4<$s|s@?g;(OOQF^wthNjUCk4q+d>b>QCR3o_DT4!gzvc0U zaM*{6m)fv1P{gbAm3oR3ag9#4zK**_f`cNUe1&bfsWf)M*3<^A*2&b9EcaAW`f1qh-Y|A3;1O}An=)Hpd-r}1ROYxw^+OH z`IM;3njIv#3I2BsG@HZIH(%?t3TEq9k`XA;ivsl3vY1I&Es(Kgk$^g8if;SxRCF@p#0da5t4yiQrR{qQ-IvV~_f` zgzNK-I+_-$sKyCRkdC6!ZZ?#%&a*Sj;`C3DZuajU-}uvig72^*%D@{X`+$%ptGENy z>XS}U3Ks=Ul6;`oX&~FDzfr=mQo$?=U==IhzyDg878HEiO4n2a3V$P?%amx^ovramWxDhP87IlpYY4~( zA!BS{@qt#v3u2(4$v=po^n`+>O=L(t>}xwjYKrL z+a*{IG?+pk-{ZH?CstyZloPbMK(pDE!K4yLJp<1$-%-HHBvJWNZB>v669vBe8eTRg zeuh)Ygh{0mHQVVrgADeJ=6A@=4+)54AJy?COh5D%FgS_CgAugUXuI*ooQ(?uaL~IT zKb*zQ(M+fMH)vC`F0NvDsc>MRrRa@y0p%|7pK9NL>SL%SA?f2A(jGO&C)T`3j4J2C;4)^iI89A1hQw$HIn7uBr zeyvCsi;wtG7S03nmLC)Kq>_rZQNk;^G`WZN3kgTo3)S>>NaBc!^$o!*ycL+?rxP4p z#`AT}JiSRUr{a8-nqKYP0m7kuF#H6IlHqR=hg*U=-*NV1S<(6=BEkU0H4x5cwM@!f zLs28#$254xpp(F$HJx%KFEipICM!mgCW-+p5iJ7555~kpro!hWDw`g`TJQ_ZO}n~#JxI2LCCQ781now zi)9UTO_+tESe^xvUVY?dVy?#T~|-xCJ%_wx?wjCSJ^$n;7_kaeWsv58HZ>ft7v}u1`r4ZJ>#%|AS!1 z9sS$9R3DD>H~;VRQl)Q{DrqL@jGe~W7h2jBmT&k?YK7)Ejr^3bsfntgw?Lhx2mK zX)FJ{{MO~@Z3{hVZ@}Le3JXP(Sh{e1uyDVI;p7|%MN$W_OsD>XCQ^BX-X^3*c!o06 zfVmWs+N@e+zvW+w&(2{1$`HI%1Oh5rP$e>E z9T>kU0a+&)1(19i)s4GzhGZ1ItDT+sbu7mwtk$`KW;q>vY-&zE;%EWsi;XqE-hFi$ zYHv;uWp7Tw&Y~4(ACu=@Fb{`M1Y0mi*MtHRD0}df(+F~M6wH?x$fSZVfbTrHKHSv& z+}t0IQ`h}GlF~xn1}wT;+~5Wa)9}IROe{j945pU{VC}OTgfGtzoSvqaNzw=?8;Z#!QSy;zy8d1iz25SM9swZ>44%>pOUOftzY1y z*N)2{YV~$!-M?L>EFcsLzMVU-&TDLbYDG@BYUOzq?G^(U<*%|`^SU(#Nf23YtzjrP zX&=%Zs%HfOMs`7}EA*5U`?3nUN5*KEz9mef5#rXQoKc8QdCMq|T?a;RC8T}N3fX2v z#XF4u{K?mpoVK*%AtEgls-MR#u*?yYaO@7!A}ug)->Lzw+NK*;>YW(z2}-3bJ{G>i zv@bK$6UYII2bGEbHK3L}=p^`iZBhJ2R9!8a*N-6_h&@XyQ9FIKWYX>SLaG z#2t5v^C*K4jNrKQC?Bm~8gOSLQ14EvDE;Cx0r& zmdTbyQ!13<322;G??gzYY?rgq(LP|p%gC8DT}Dka>Vq7GYQIK{QHt|)vXF1WnQo8B zz9NNGzY_8=P~}Z5QU<-;D8(t#J4szdZ39pG3yCGgABH$Jb1cXijyE_QuMQDE{xh?) zB+X28Tg{%LibgBTI{pO%4z0x!(OKM+#3UFZFBU1Rd{Kyd_=f?f#dTMaLRx{a2)QV? z2g%IV`=3L}r#~b>2Le=^dr)X!vFcqVvok|}_sj0H5S#-nEgbxmyup;Im-GdOcDdwo z*3ab$T?i$r`Qy$FahBZDyg7J7?Q)d~Y1#3evCj>=&<9#ZVWD1CggL*!uM~DJFfY#y z&8GVWMy@f=v%AsvT3&nhdikqKRJYfRocr8(<(x)6^)GN-=yhQ%h^F&M>(H(9jD^-) z7zM1m<|?03W&wsGnBBunbB6-^IYzDl`H+8h`n*P^pl(Li6g%G?NmftGuKBER6IrCq z9z8odspvGIJ=uvoazuPS5wiGoh#)kdh@MOQ+dgI;p9oDi#w1edOtV>Bul>-%OT0+B z9@GTnrlxQOEZSOYhGE{&VX7`EXdEH}Dxif2zU{-jyiDNPu~wnQV;`WRRiGsfo zvWILiH?kJPQrwQlGOF2x%Zxnp%yx!ZN6oCn?yU)bX`pls%MVX!CvucuK3#{1o+LSzHSBs_1UvZYJ_bG zAI-%8Ch{4Hq8hO}x*Kc8De#h3pn6Zli%J;$yt9{}?hTU}?3*Wth6Pz;9(^g`G2G@n zfuKU>Yb5JRtx6n!ae}ZdtDM>#1IHMq+`IZe<+8lioFz4`vzYFqZ^677c(M86*41A>bBH1%mgWkht#;G^i@Dy5%obtu~T3jw=| z$h4`kV5&}iL*I8yA@<`2j+ZB740QBeXn^i9vwFA)3H*fo)k`TVa3n6Ic_VY^(IX?M*3kh8+{qD+bs|Q0 z3>r5=bRMNc3JC?qKQSRa$9>rwpb>d8&o3XPV#4HKv3UBlOShz~2=XoFwX<0@@Ar7L zZ_g>yAiFBIJA^%6v_CMfURJk1Tp4fQ{0(^gq=r;X*y56nOL>Mw{L=a|5645(@y|Lw z#!|CG%DqM5@?9t&6>%wS?j~2I^Wgh?1Me-Gh_`}P-Liq8kkRpHY9OLpEQfBeU|3)j zOkLJEjA!PSU!{pCg0#@yy>fa-FXdiZMv>Z2Ms~*WE&`vh_AM*kWd0pP=|}<;Zdyu-K8hOk?Ql#AK`=27ne~|*+8lz8 zGl|jFv6CgSOb99#1{w~DsX)i6Cm!RbJWboq8Fq!R&IZBYE-8vA_P$!z4T|39riv+k zqpH`?uSC!>ch|^>#oZ2PCtI z>5*o@!+F%0Ayuu{$$#qQoj#HycAVY$E2&Yo#Kqq9j7=A!JG|N>^%h!>oc)P&%-J9> zt&ny$ER^y7_>o-gRUVFEf*C3qyRDo|S~!l6g=^tB4+<8Vmh;1l&--i*u43T9Y&j7m@3@w)_+@Bwt5hx{@>KV}92ip3;PuwS-$n*f$9*TRT*Irw z_Q5VBk>u#|-_)}-+$I+sa+XFQE+zGpv5kv<-Bn*S@~1PzJZS@G#r`criv>_l4+V|? zJi{Bb$`ZUO$cxWGaU`0AsGggbt9nl`wc#s{5QOCq)~3RXLvj_KEpYcW?^(ovVa1L3 zZ$)D`LKS1(*@Va!VM^~v2L;Rk=&>r~b~F0NBZNF(onPE}l_E})6^RwH8ow|8zJ7b) zO2MkveGE#10&W`lsJ6k+ig(5-%3q>cqw!8q5v4(z5|3Em3mvC3Y!^GHkLcC4{$=y& zGY!7B&lS!heI~WnzH%#%@Uc&^I@KY;(I4T1zs5mMQpbh|{B0WN0;OS0&k56DvOTVA z&f@+xUHwbZbL+vFS0vMKl+dSX+qIa34bguQGZ;Q6{*!_j{j8KAk%SRZttp%*J(-;^ zO|Ztq1=oS1S{2m&^==_<2HT8hOol=UwtwlHXhUeWt~JHAblv7`y57e^H1`8a%QgeE zk>2=%VAvr-fTP(Zqti}>mWVEI-9@B4_hW5g(Vs56PNcIU@nT0#tW(6P%f!KXV|KYj z$B@pWrUCB?T(h8EOZED1fh40DIpx%I~zxT@Ti3rHeFqJ!T$<}?Neb+VP!2-uWF z{g-kT!L^nUX8|)09=KZKI581^z>tgVQy05n-js?g zftWk4r@jC#+nXZ}>LO&8+vK?PD?$|1q=llh=aEG@sTU z-txnyU0=87R2N8#W#PEE8{}*hOdSMSkfP1se`6cZq-#r!-qU&(eGckaNoJMFYt{#S zsnN86QENmK6BD-QT}~ZpmBw8!n5$*Ny*^xR3UznxA-D0>k22m9OX@*4hU{cD7Ut zLteVvf#)TYBa-a+XT90XE~*I0FTTZXWjJ!U#A+zS4Zuw16_affAn(8S)&iGi2mNoY?g1R}$)4Jt&Fg}U?uHHA+wHoavE^f%d z#z0-HhU~Y_f$6kCK8UUod4652OK>F%P%nktAepT!WEzZ*yMkL57decSWZ8B``?KNI z-_U$}mY*y^Y1ONeHY%N|;+t%03g+vdc4St;! zX#z!rhFS!(+!2kV`%V+nDtd372exM2l_H_rAQ)b}nu75p-JjrX(DZe{!gWnzSfBjm zJ3TybDQ3od^g_na>a+dAWT%4Av9z!7h4}{A4ku$@7iF|q++WM&D6tl+^RE;>R*B?EF zEBdH?RqwD9EmV)uoCp0eLkwmj>i7atp5}Kj$Lq0n0TVNPE*^9@U&$opF3b=DDi_d_ z`w^_jCAO_b4;m{?ycQ#eOArnC8qzP->&oWuW3tixE31UO)WP7Z2gO_(X`6YLZMw}J zK}Jj1h_*?u?U)kDM?4^P*r``B#4td@p_#7m$+u`hiNV+W)$>L)5*R`3EiY%*zd>!k zdOSf7MM~L3<>s__9MOB*dASxouAq$XQh{;t&KA|+bBT*H&R`7C`#e%|fAM@jqyo&XX&&|bc$@tptxRe23z1l=V>5F( zOHY;RJFCMK(|O_7+gAh?e0GGI{`~HPrx`|nM}*kA&Aqk-*C|s?VOsud?Rk2FlqH|} zD7?Ww9!44v;=xW$5ACpv5jlg7a19965PLgl>@$|D00OYc#1EeC8vVWR`GUnB znz{;=*A5GUyawzMrJ5dzy$Oq@8?4dP`>X0HZ|P}QeaF;N$QQ%6TVTy73N*f~7u+!| z74cOPz6sN~5lvZzT5E@e5?Ev@cmjid68Dw2)cb|N-kx`@9`GIAK1g~dh_T?UvD!{9`V26bW|_7 z>z`6;F4`&}JW6;|2)rx{UzDrh4|Jn5*f99Y516mKo<>igcgff)Xao<)puc$dJ=}@^ zQ<)3`9OL4)@ij{nO)>G~FWNFKVsr@u&N7=9bOK3Yba9AYzN1zhsj=nQ3h$1VQp&&m z%l%3PzLEdqZvx8e`INrVrn^$(pRFj;gZ-x!qRRe-kFJilb9+c{(Rz>eO}39|(jX{f zIec~*x=o|f{6BDJ@Ashb{Ff>da#y?s5z$|?uB)UQc1i-_DjkF z!y@QYf8=j0phkdKCj(CENc4>sD;EL*Su=-ei!(cExQ(-iQ)C3K+(_|TRY8^QFdtfp zJW|I4EWsMQ)FSgCGFEQS5v+DF&vMprhNiWqm<<|GJp`yoI{5{%iJrhKrHqVqkNw)v zsaaMn&{c?(WGx$C+1E5nL7LW-*ZeQs!gTUO?PuAp$+!|V1!Z6vThdLa&45XIyNZ4K zsTNi@8q=Odofo>Y)gEt?$|^8nVp>_Bs7S%3{SlV#KsbCCI98kFq5fhAtJA0#lzA%4 zFPyEkp1SbT!QZwsGx4h_QQbZ*|^HAwR4S$l!g_SrzYt_NRD+uiKeowp-Any1@CCa2O1e)b2FJG602FVRrFM-+1hVZ&vc zmeSQdf>NLidu2Wm{hv%^>+xH~H@i8C7oJc7ZBw-0~e)7R&qU7Dp7 zsj0*JR5MCWHA@VvdG}?u6l*<_gP#|0$X~1jvpKZVJ8>4IAJi;_udX=iJ*5ON91omm z;&kKK!`G9J@K{VbJdp3F8F4|qg9@qqa^epHc2_Vh7P%{wQ6D!=hjxAo3J(m}qw6si zP|Q#3aNi>=ru%hm)+z*i>|CZEbxe4Jb%F(&`|l7`d5LxQ$RiBuvBVlk@8;@>)~v-6 z`rmt#n$a9uGn{qzL&6_7IkfA<9vGHvD-iLsS}jQ`)^@GK9YD@@iPcTOWaKIzmV@Z> zac^hsnOpcOYv9i@K!MUDYMk(smtY0!Ra&OJFs}%c63VP%#uuzlAXWu(N1vq9%?E1& zi3)i0?Q8xG8t&ooU0E+& z5d}p|`-jn0=j+ColS!0$yv6th%OH^Lw!&}@Rqojf$)6?+HfP7_Hjcqs!|2`?pk+T|Rkg&gK( zh)AX#?>-xnVjt&Mst2ESUFUr+KNsT4#mj+qLzyArtOw|gnTNay5a-k{B^!0Qo~<(Ce)ax!Ho z!Ex}nfQ*OkCTB$8cV#c%E&P zJOm*OOR=L-MSN491qbt7?a63DGW5jH4k*tg6`gb{c-f7ya4T%K~Sl zvszVN49rCv{HTGQyM2c3rt2_nKrya68tt2PSTt{oL*aKn^if>Vc>J+xppMG6&noyu?B5zF^V{KUSmYtn6W-d41>W?kPRr07GR z9i2%URV?RIrx``hd+@pY?n%uFMxj%E9nL=>mlN>uVbhYG6U1QU=AJ*e!7dD=YW9QE z@80O}PF%#&eQFi6OgVPDjWHO%FtB;u^aw9}Qo7aoFn$qhM!6hZ>Ei@3KAin9y)M1uzj4udE75ZoPt6I_D31&4tIcXuBM?(XjH z5-hm8>)-_2dEf85d-qmt-KuZ*Zr#78&p9nqBj@RJy8G8R@f5zy>ctp-Xq*=sGUmh` z%7~2agx9Y;^cmC~i%1TDOce@4p?q^RMGmbv=owKhiOQMB9y0-vFcOV$qZuO}FVfg{ zFE0%cj{c8I)vQvs6VTgaGjd(_5PjplknKI83t!;EWX@y^qYm(sxi8sL_t$hyZRGM@3i6(a_9Lhh=3$Q!WPURUSL@S#Dqw|6>MJ>N zw+`eJ{^yHr$X{nz{~j(h;4rcd9K^i(R(Og{H~IG?jAD^T!UE{ z$;1m+dhF~VIlyfyBX%|w5H3`6>LFv81Kc7DqI!6y!!;ub%IE4(f@XY(s;q?Q-oUof z4>`sm(W89*t9;6dB#9Xh&K6bSr!7O`NBMfj)pK~}Q}Jx;ANS-VMII*P`gKf!B{vp+ z#|cFOxd})mC>u5+aq*>07o%l306&Q8rTXW$e#-Y>-)=R6r1f_TAz5!QF8bbxfw6=; zxmX@a;I}8Asi)oGp(n-HgSS`V2VJ-X9QUYlvqSE@h-vtG_^lsgM?c737T*58ZBb5` z6*zPUH{!47!te(4iod7c39pGJi)8;e2akq%qr?Qtd>S;Aq(2V}lk5*9AD2TASj=zP=f{3iBXXFlV`k|9(tO0G@@dvDT@%Oc7`RNcH0 z8t+hWY)51*O(nDXPN-2h3sg&6t&Fez7pK#Vgxh1NQI^jk&)&HACky>02~uvlpzAeh zT7bW|3!wpl{9ex~`3B2_XUJo)%O4yj+$&j@(sTkGaapQWmVMiRW()2m9pE9Vx0A0L z`?miy%*WqNQD9gkByOz?;Fa{sPdb)u#7Ze*E9D1LMSj-pQ8AI2-oTasLLm%LG8SX( z<)Bi>2iW!;4;=Ouj^_`Mz;0Uy)#k*;k(sAS1JYI$ejU%QMB^Fp%u!sgV*{Vti8?Zc z06Whn6%;*`K*Pvk|FG`9%au&G9J#w10pRcmA+ubV_{j$}@q_nL&7*6Fa~BW-0UacE zxvbt#;*VZR`G8G+oCVGTjuaE|ug%Awd-N|ecFwozJ0a4yaEeI^QMrQfuX=llxulF3 zX0TE77aZQ30VsYEpewuh53kQoiu#nvS5MjBZYVv0f0$EX&jv^G6+4ucx2rj>Zsn${ z#JY)P?(R6w{O8|TQRKe2;(7b!9c_m$l69N8YSSIwec1IT7XhH1$G+wkhx~vvwzQB>~UU?}I4cf^xvx^Cj;j>+SC^R$$|m+v^|8(IfGB=?gd4?hI72)y2RHAyqp%;kWC zDZ^e*Za(bE5c_H*(3Lh{rR+oDtsP98>F-dS+}9x9uSpC>cLj+g?`n4!Y}k8Vf1oP> zl^#UKIVi~`Xy?4i!c_r=+2dHrsI#XAZK8_Qq_YR$FYxfNwL$MF5U&yKtb!;bMFMxj zjmN=2?Td%~N+p!xdqq{8K@%4+x1A$>^ECfQ7iZlmioxK99D+93HP2{l7{Dnw2yJTHs57h?vQxkdX`3F4#fY4&Rax1bo2X0at5U~;^? z{?A#9sWiCF6Mwwf_U(N)sn!;f;Vg3$G$p0+&sB!Whh*T~UKnVcU1FV?6pvtg# zx9tNQm9fdIdH#e0pIlAA7&Ht`RJ38a3v^!Cbc)XmSk#MH&>`-`Ym@l*Z|B)mx%byj zZ!A%T8GS4p`nlF5HIYe}<|KzcAEwgac})3-u9gDA*wHC!`x|Spk?RiWC>$-p@%rN1 zKHar}L&Lt!a|SSQ^JN3BI%vVq|;eQDssP5P}C}mi!;g3|G*A2U_q}98|HB} zZKQ(X-XfCNRqv2acfgG!4;iMz_A$YVOYEg^7*rMyE^!R+Cq%*`gmd8~Y`GLk9qwm- z=r#GA7?*`bFw0Mc<6{yBHro!=0mtcFLze`{hA{!b zzq1v!(8T7LQh!NHS2JN7WKMv2xDKbI;J)Nobb{hAzlf$pnCyr%;D{o&%s^V%%zL9~ zQ)*p`0v)BoeECxnzP|Rv3jM(dq6BztQ7Z@kUHZ{wqM;I7Wtq;wDiE&nvuWnu6h-%E z_JffgRlDDbLT?oOJ~^?EeS7P*Xd(+WtUyw$!hISvb~?=AYSjZ1AP((W0&C{A<>b(g zTwoJ96X#$gf)?-h2PY^fK*tJ;B`6=;6CG7~;=ElIX(Is}9?8PvXuRX=GtHC3VD2&A zhf0aIw4~7HRo#oUJeQy0N1y$dP&}F~);O5i&B*0A|tjTXk7QQWr#sXcY z%teJp7Sg8bE)>b}XO#DLFr2N`+nUi$F@~aimRD7Q^+$Min=p?Fi zM0s+wpW86Pg0%Lg3DmM$d)Ril%)@-VBjis&ERa2e6&jyQUnos3AAU4w`*PFCWF+$2 zXe?yLTrzJH2YI1upi(+~(xyG^+6r79?d#nzt7yT>gw&7GDk~ zmZINs<4k%+s`AD0l5iRoAKs20=SA-^hI&Txmq-?_fdv+fPyXHh*uaoyqvc$xP#^SB zdHk$MWpoLh?(HqhZw{G@$QngcpUSTM^QmF+ThQ4eK?@&LqV3}m*w4-Ry$h12sdN=q zg67v9jx+)Ee5l-P*-B`eb#jzRfCvXvp?3$vF$oulZDiIy4GE*1mIqxm;+gRwq z_%^eV#r8g-Ja_}CAmWmRd(tv5l-eK2+?;Uv1|r6|9RJZAP@6^`R_My7C=zamzqY#^0I)=3AJP;9YpR zN$_uB<6Y?GZp#Y}v^u|2hU`aVm0I{1tF=dohCBB%0@pzRh^8kcgEAzTCM(>zU*J>7 zcGQ|1a2ffc*p*%a@50IBUlVmW;PYR|zo53Z@y;Uiwm*yYEAM%lsj z0;qnmC%*`DmF zW##L`1y0#>39gXk7!Mhe4C5{f^NuUY@Gk~vzQz{MWfBf^Nk5?R`(X(YH^(+vG+Y7t z@-M6=Pm*E|LG<>Is)kJWl)CZ{+;fp zt0AAP#bpO5U!d&&HD9pPJqln_)@k|l{Xi^^H-b-d@Ky8KBR=OenF?3IfP~NiwwjmH1whT1&`mrZXVQR|fuc2#>cdlwpBR z`szAX`c2xcCt=rJCC7&}K<3XnccVVeXjI4-!ZB_;Eu4CM?(-_bh<4zL{SgJHw4X1r zb=zIojxI7iB&dQ=G%lFt_eOQ)F^z|bIgMvDB0A=3pA#7u-uaR{p$L#`dbdQ5H_|~e zApqdfq+neTDjX%4NauW`OspeoJMt}j9@!Ij)hJTAv3&(tyx4A}Mx03&Jf>OS!LeAY z&yt05(#$=7E7AEoc~bu4QuP%MMRRwFeej^=aQIm@u=fHh+^p)y>Wce{^1|)6N1TA* zGqUO)eai<8T+Y1`07?bM)FUp7qDE{aEBsmwVpvRExeB3_a$Su;6*UEoIlZ9qH=%gj zOVksZdyq*{^@rl_jo~O6KQW5P2LuL5!|u2Q3446QpNkF|%Ctd@0JJqsit z-rtzD4Gp`j&|%{XkZXKET%g!=o=JgkR{p8|C9sxgkEPChUp|k>0gF+hf28tNFW`g_ zVk~wSo5bnRx`mB=-HYT8gh(7bMVHHanQ)Pkff0t4-X! zk$9*gqTac?yX@$t2KM(K!;BXe+{i1{?*p1&gQj=AvJ}7ID(ITQo&&U*$%Sa@xX}n@ zhU>4XbeD)klaVaasVNXGVes?S=?GWEmYyd>RcVYhcT<@>aDR15;OWqnDv2R}tTMiT zB5}dU4HsmpQlZs_zJ_a*;8ZFPkj<6NA~zKq(@Ut?cm=B+N9KipKt51N#s=6w(orC zhR|5wicK~ttI)kTgqgR{WLqXN=t$EWjVMW2Yc|<8-qw^Ah?LHoQ>@IR!uEio7Xpl9 z2}%)CkLlr}V8nvp8U>y`RLOMvV~(`Ho|<5+GJ zGpnrZuiTDNopC}bPa-sfV8=h^B}cPAT?zS1wkQew0K=${_ zIxsCfyn2Ye=#p+WPXDkG-AB5GO>4pH8&jeGsf=Sie{Hr_C77pc>~|Gb^Luh+D|&?K7^rBlFm#-m6O>cbd`yk<0DU-mR{%GwoQ7{;#9^{thQV|=oq4{K5v78TkqA05{9va1^HkU2rdZdX8}qaWa*=4f;@TvNW443aYr@gu@Dz zmlu7>a=^V58?(T+<7LIEdl`Q{k%OMsyB9+OBXlL$wmu8UU(m3*=lfPqFF($rnlW)X zuOHuL0bA>3h}k4o-f6*abFR4$S+~m6aIZm7K%N*ubJ6#-krb#JZQCzlA;x7I@J4jj zzq**?9NL8;N~?bop|8_SJ_Zy!u0FlMTJREk{m+igYOvs~qpZf@^v%+LuH~-3cJ_16 z7o6VRQ&SAuHy5B;8(C}kLtf$U`fGlgk(?_M$Zjp)BHPk=w6ZanN#+!sAcR2E)5kwT z)j+uhGlY{WBX?eqH(!1nx%U{+MKI=prVi;nAbj&OH~^0;4!MUdpFev{(Zh&wO$)5w zk*}S;nwa++HK=c@UBC#5~F@dEz@OT?!l{C_JM)F;XI& z;SwKQ3LAE6Sc8eX9{u;kQ!%i~WYp?7)qDGx%rlw-#m#Yop2@O#04~v&XgOoVSps)i z+?xF@I^n-oZgUaYzT%!}NtYhh$Cos3DeieouSe-I438bO8xDG=P zy?+kr$vTbmJ&U40OK@U)9S1pD4uKw+k~J5xka5PKfZ?=Gk%5Z4Bk`9U89{}jiS!A& z6h^$81J*?(;oeivZ9dqwiLijt<(=0G+_j1my!#7xQXS`a4sVqM7Yoo}gOAwk-j6PY z=7E9e6hbRcsZW*-E%KbP8*;A5l{yx8PiY&8nuiD*udT@#w#@yE1H#fs(mYrJHO%DYf zv^x|R($E5E70OoJ);&#@(7@Sin&wkKz{av&0=J^m!@jJiR;Z~-3BPdb?3%-p`8c#hp#XKMQJS%#``|ksWDU?`Y z-vd0>TMiy)v9!9-o#WFd_1&2HwvcMexj||$A{-= zbGr+B8rmkS*o~GavwFcfw)|MPtsE!^b8#ElAz@5aahO_Y2jtl;ntz()(w@%_&#oDl z#g>=B;<+B|FHLqKJ)ud78=^u$iB_VsZ&cd6^ui3P!Zsa+e2ZY-M->=q(lQY|9x^LN zzDv@gPOSBoX1Ad)*z!%6AI9~t8UnPfQ#M76lJF9dVz39c-8}rpMVA9><$v5Q0gMK@ zMaGJjviyWkzeX7D?Ud)T(3C>o{<(qmqn%>VmEfy!U{YwZV>}ngcJtf5&2VtveT{c# zO(C!PXufzk@-_EhtX#25gx``H_O3eGL`Uv8c!M(Ejz~|%MMgL}+LF|uI_iRXL=pq% zyYxJ9-m2z7B+|&)X8adBHqbY8|C#n!TDC%}6aN~mpS)_a;=h?DhPd;$RU(*eOek?j zA8-91i38YEEg22#C$#DIomqsmE1}gUowfGT_A-o})n-`b5gLL1B_po{evV#OmW;PN zW}EWOL{&36Bq2^-?!t zJdHn5?+iXKvetY;M=7xvXrtWq{nW};exl33*518yJqvxM8 za1Spn1WR9l1=((Jcb!!-Ea00!kNdX}q< zkWn6*Ev$O$gItOjF@ zSIBh(7lu}M_zT!D_IF)@_Ug{(ngrX|O28`*vRsF95xtTqnnJ&r`-mB@A3qbCpUxYK!@WeDvdSAY*iAl@2*2SB7 za1~HBVng33X)#M0zUo|7ESx?IvnTg~x9TVZfIgiiV3}e|?>o4UfvWFwcN+V(ZzUCS zopZKz96VYAHZq`<22sCSfTs71+e&{!)2`pvXg3^tKPv#XB_1TdktkQsjO%{v;vUl) zsH?hHAdFP-?svg8YY#pyIBiX2_x>F( zV%m}L{QwHGwKUY(buFmIPh#=uyWuGbWD)CSJP!XO1N8x&5{~lz#Fbam91a2=kM?(f zGxgx!TA$vAEFG*yIVy%_9&9_dzqPlkr%ol*6l6blojk>Oq^%%9wt<1Yt(t?+ALjP+ z@oO=uSD|-bbO}jTVSz1Gr^J8Kp#Lq;UF)t?i&8vT((Dar6slUhmkZ1?6eu+wPFi?q zC!~b$o+Hi>!DKCTXePSM{44Z<%{E!kaduYo@|R+}ox=`xcm=L!Y66{A)4!*6;kim# zIc_jIpHZg?{Eq_)0BonhSRMV&sBum{OqZ*211!vsFV5ZDE7bh&_i86Kli<1B2Xo#S zPeA}%q3VFtlzOp3IpD<3DieC9mDwn@UbZ45-`o6z&w8J6h4S;l$ecy6{0OiXAt$fj zy=WL8cS9`Y;L-hLs{F1YLhVa@w^VzJ9z%B%-(O49F;{irdMD%%2S4bqQ5T;UP(`wi zS<1T^d5>zZ&mWnqry~(K1|Hv6$y-%tkCEtaKD6qc;kj~61*Zv_)O^wJEp%epv4Y-t z(iu%P%IYy%WLOJ-G}J)(V~lHU_JN{HxqMAD&Y6axETNIuPJJP79t(hvRk5bAa7zkJ zPZO6T;YTjpYgfKh+VAnu2Ly`Wl{W^HgChRA`j=1 zmxGMcASZB1p3S2=J>CIThKuVM%0ebG;tecPe?it75qe*)GUQEV9`E*f2{G~DhBJji z=1%M%F+t!`#jR?YLbV%p+t(}NM<|#t*ye_V7kq60yP+jrCBp$(hRd-#=bQPef4pr6 zjm({h5%mf%|6A8)wkfxC&rjeSVNx%PSSNHUZ)G^=-!*!P#8XM$Ikl3BW<+Wo zw=ei{kpb~hy4;i4Sd-bN#7zk*FHr+a1!L1nSZGBT6}IZT^iM@xqBAZ=9`N)K17Q|M>^V%eJ{8Xv5v| zU`%YO+emOMAwAHZx9(RMd5^g%1(mK@>oHDZQFGG!hbgJ>$PZ)W!Y~hX z0W%ihVtk-PqVIa1b~dgWYOe=KjJU7D{PJ9+*H11wke}{pDtg*Rd-L@r$cYCmdKVno zmi~^>`Rm8lI!Z+<3oh)x-5iw2cK2jV?5&`nI|&1+!ePTlf9{U`X9Im?EQe(+gtMAZ zudFx6oi7YdXAj?~Jy;KihNFnA*IxBotC@vF%-P)zn!N73C5MbvXaWHD(^3(fUn->nM!tvr^@% zpc~O5vb4*+n`JkCi96I%{W9En6H0xJS?h(p+r>cHS?e5SC<7?M{me=s?!`ZMfk@@DAs? zw59`UhxB&Y$xV=J3;S04jC0O9io(4@MKflc=eS{0?&on0^wM`hbTwA>KW1v2j%x^| zI@E!MP&5L*+r`iYyj$%pn59a#X!i>Dp|4?~9<$boD_Sux{kaP=(wHlZ;NBCBUVf50 z&RhD}Ffs@!`qO3QSk3u&-CiSul>yRoFOxMW&(qhzt!hPU@<^PT`W?d#QccD!(4u+A zNW(+_kX;TZEtbMn(1WN-#Y^ zlxLmaj4l+{H56=GAh-VzI6%Yt@Oc;iW1)zQ{UDbjEmMIe1=U#+i8B# z6%Mm=`nT|gTPDb^3b3){#DmQ&TjQgOW@uaq4g|jmFGI$gO?(*g{^w`gXhNzkqz49j z(xyj7`NX)70l|l;%zwN47`UY-U}6l}N`PjNxm4#LY>)PC2Cm*B6(35o!I zpNIgZev%&e^?)&Rfi*fup5lCe-us$t%(S(#E6G=+BJ=TQ-(cnuPdy>?(UGWSPTC{T zp+O-102_JWi7!1B$L6Qc>Tehqr8i+ne1#6(u0^Ipo`WAJWS?(joKSljJJW`E9y*%w zgl6ZOX$-!c>{sshbXrP!Zb!|VZV!)Bc20NQVJJ(VCXl1MPOr%c5eWxNIsXYXH@o&f z9k?$pe}UGeY|*?G+S?op>9Y-U@|tumPL4k$5+PbUb>-#-D9?Jk(MpBz^YQiHZ??(a z-qV3U-P7@jyYZYWn(97#g@ssi9^p@A8Z^VfdVyL&o!ODMse^n@#!^MpgV0Lt1X41{X&|J9{9 z%}iTuc6g!sbJ%JCiF6W^y1Ca2C2!aZ#dEh=7~_Kl+T4MJGa6sUISfqqx z)5Kk?Xf=NG&RCB5p03H1pg)kRWLOK2i$P1eA|nL%l=VpInrvVDpurbv%r9P?oCE(*(yP zvk9IRkuGF09@G**khhbwV%^Ul%8H@G2NgIPAlUsYW;5an&q~9ECJ{A?3~Sy;{Q|v! zCoR)(4tLEFAYDgQ*)0*@lDNyCl7rsAqlt0wrs|MT6MxqUa>IhePQ6Q9QnDHZ=T(+s zEUQW$wG-e_@6d!Wqvq=NxuiDpWycJ02hab4R$GM3j!`O?7wwhEV(o9^5qa&YEOwu(7SJ;6E=m zITs_itkgH^8As6mZgR*Si8Iczn|t!eih!)f0C*P`>c!!NqfO#6x|}AbOgv&-Sv7n1 zbUgaK!%n=3@F)uN0gOEX5(Q95-8K`%)znXsNBhmaYjp`UNS%&%ufMi*$&F86s4U(6 zyE(AVxB>w~+n15RxFO}rBXFx+^GVr_$;d~2l{_JipPmb4DG%C7O$#FCVBUw^#Gj5Q zjOSwBM_2_?x4}Em_B4iWO;eBEsOaVc+NjDr*qwb^HI3h7Oi3ofE4W+mvlh$WI)+ZX zB(Z*oUO?QllxMrAu5UYqtX6LmbL(7gnosB@?&-ZgE88q+pj=!L4(a)P>l&k7-L7Qj ztkd)9-!bqQ1;p`=Ec z)SZxzt;TJa^V`WySF3izw$+@>e~$iYs~MCXTdR3hlvb(THduA4k1v!yYI7Qt?OV@z zRkT*A-8WpVt_w7APo9nc@VNfpBiDX-+^?<+Hn~im{r^E;IKH|MzNLF^z&gfhj6(aT ze+A8<7;7O6L*aL2TzOmPG46s8Vd}AIh*?cs{q5&0!$KcZ-|AFB59K50d4{`j@W1Q{ za>-*Hgp_-7L;?gvJJ<@;aC5ysZj68_6y-bTW0p2};qv=zj=lcsu+7w1BBIH~k_i~` zRTvJJtj+VF!vBU^lKsnbb=&upw{w7S%_5wvdiCfxWWf+ob+8~6c}@^D0F1)9k(+Sx zR(hy()&mZA8P-C9=hCEl2x+^VRzcqqS&LpxBSktwQ5(d2f9k3f4gT8gj{{AUsd^x` z^UUJThO0^<2jTW_4DlbXvYK#(tF`<@@c+2HL7pTqM{kJE(N920`v)rwngH?R_?-pa z2NDReI8sRaw=9C%kktbm%o~yejsDX(xa*iab96om<=_a{xFpx=(?UvY=pzs*H-xw$ zp)KtInWuI>OEL1d^nF8C(`9u)8w0}ky?1Sxb?L#po8!tYS)4(HSt0ON{x5itQh_Y$ z2}08{n-?G!B%2b4gI5(@Q(+OQp&1GSLLwQm0-*L;B{w4mn>PW#p_yWf8T#Cza>diKot*tCA{n@Y$3LUtb^yyak!)Cq`@d;6KAwL zlCOlA&6z3-mBH0wu)O!e8ydYca44e#ke{E7-|{`96G+&6E2?3T6H*SR3#hUv`IAN9 z(aR@kI}JbZWhG0GxQ_1kn}eMk{FPE}k$-e!>2UYY=*d#a*%4K9IoNfFM-x`N8qJTt zdyMTsUs45&((l^4!_9l-GQ@szvz#5FWzsB)Sb#+QFys4;+(cj^9GfT#mDVS6!v9*r zJv@}FpsV=`Gvii>^(o=><=Q_5CaIQ~R<;+D;f2=3a&R7$6_w6G_L8ppQ%r8S)>3V7 zHVSzr71qX8@yPqT?ej4GF2X?g4#MMIf+02chi0S6y7LsZ6U}U#{ZRVGezE9jcWH7$ z=5^e9g#-mm?SdD!ogaQX)xUmP!F%a&?Rhh_--pW4u%5FaWaj?r#M!MsGAN z^#L?L6gmyIgE50?c_69Ki#rL1Kh4kbs+Vt zHSuB58ipPBx@y(8{e8zDu0dau?I#wA8hAfsC%t!FqY##tj~(d~c4PD28rblC2&^>{ zQ!%UkF+E2?@yyjbO)9INDIFKWqNKO;iE;|g2i@OUkZ1q=O2!X<4_96;QwCSxQ30i* zfjJpaK?MBT>_jZW@x{57!K3RC|a zPITp7YyGcO`dpM@Cd9=BuQ2!JNNZM3yz7X&xyaXI{DxRKWbphg z1>l$A;q>&P2<*6fT)8tSId3}mPCIY%dUZB9uy=9lYH3}qWNIptZP7J@!jx96z45(N zRf-lg6D6wr=crSCZlU!5-c?hp)UN;guIgk^cK+XYRiaMyz6GlX?GFZJTh^Rj6@^uE zHw~$s>N5*gkJ^j|^pjfyb*>NreSrkP z&Jd_!5u;La!Hx{A9{}n`8^$t&F~hzap7}(x-?}#@d0zW%2%8{AbX-p-7|@kps6G){wy6+)}xf*4H2jbg?5@(^nlNU z7XH#Ay6czw5t!A^WC@CWb{f2m%i^5^6}bDay@O-^AqYoyg&21HBhPFLh{Y;S(`;u& zw;X#e^ILuE&q^Mv=T2G&Q=mUxixHpXs)a95nNuC5|9Rqh-Wyv|tqvG`&eSdm3Jc6C zVW%yywVz#Mlj;WFetUvLW%jT1yI;Dj0PHQn!V2~UkZh`+`9}&*&oBDhF@XH z!}t+}Xex^nt@IiNzv@gfMS3K8bqShy2lpl>lGh}66-gHq#)z|*OGOJ!`Xk@vs5b=V zFZ)loT2{Ct0{dhPlG_6a%xe0Gg#2#{SCj}#V;F>WXPSF4MI-HC znXu3$3iL5VwNOD;5u4O&T9c;2mtHeFd1xlw`G_d%QdzeXpY9?B0#crwR1S*>VPE!7 zZNt=Y^RdWT@SKhjRH$2PO|t19WDP628z8MXD~**Yyc>TfOV6?S`06npVvu#7?q zkW8xqlda6{bKI?)L7avmHFW1*bf@Yg;0+nxHj~TKNL&w;^>K~*sveCB-iTPg%qO#V#n?(NfQ`=gl|U32^1#OF*&6zc~qG|lvI%d<=D=ZuP>6B8*G&5(`+RC8uYwx&LS1+k-%+YD7l4)hmtgY2X zr>+1cU~*)j z&JohCE5Htz93QCr0eRLH5Ccq357hmH21L7f9jw!hSDi3KpIfuWiZwL zCw@G!i09S+mW%(tFg*;r`d(i!2JJZJw*q1M=f6Nc3GJ#|DTYAr_4R?a2Qy6;BjnN{tG${GFN^b z-0ih^x!L_6Ao1j)d-e$;qor(iH|uUi>0Dj*JU^>$wtjqYJy~Fv=t6fvykuz+CG$mzi%DcD z2!6`-(8kNEe z7nWjXnnABeBu@yZR6)1f;Y$K*3(S@iZEGyDpWK+d%jBlEMSp_lX9)WIwso}bWXPZ5 znb%IHPVyiZX^QVd?Glf*(~nsO)5N+kkAoH0i9!XlFd;|C7v||q{eSRWt5M|{XJbQY zJ=$3dE1N;@Bb`Qal00Vulr>_m!JM8vRkL)G~~QObuIA`RImDF)3m zg5;EP&7(<>K3rmZIIDv08T8U6yUu!ImUNh%Rn_xCc9&06KP7xhMO`4(Zz80SVp(57(XQsJd9{Aix6CW z|7j=uOPYX*jm)5%rG4P|GOPhlX3JUfx51S6A0m*VB+20RFXE5J!0PVNb#ZVg`SvHi zHzDH^afx5?RvTYQGY1;q#EWgeglavxCgyLzkxZu3U3+?I z+;yXPnvfC|7!p&?GD`!r@S0UA(ffRr2|`YdxmRt!%#TwFDmVYq=tZ2ZP1gDXrq1NU9LqPaQ5HTcms2H37PjEnm_9 zWt!aH+l1n!)F?}%D?EfdLYg~B(l4VOA)5N=3a*kZu5!#sv;w)hHn?#SLpP3~L1m_3 z5rMtUKo@Yt(A|HG<)(^Ao-vYlw*!3Z`2Vr{AMZmzJvM^;%PAd_Imw>!`wg$ro;TkD z+F+bON+_~YFof?vl{ou@0$pMwhM+>Bmde*qC%`SoV}HRb@9TX$Zx|R_gNTB{6iW|> z-`;X0LyA6G*Z&Haxm)9<1ma+uZ|Q~;U^UWJ?UZ{+dZbPlT$H!#gI@L|-t zCRDYuW>!9dATF*#g6K@0JJvS z=|@4<-Ht8B`v^&OeryBwP75f446TT3wRmnCCbU~zQ}{-^kX)j;1GK)fT?F z?r`ACMv*t1zQP#3cUPhRD5wF}YM4lI98PSK$s%of5vDCrs_*D{(7zDbI=j{qczL^G z5a;b*S^X^gr#9)b;uwZG;z^%jRT??QzWFYY62+nZ5V7Gs_mr|Q7QPk}(NTe9@#=@W z{yxSSP-;zT6Rjoh6Pd2Yyza%nLA+Fv+q>W_Y*G)BuLcTEY3^-Je>g*|h1Bsi-`t8C^H?$D7-npJf>P zN){9f@V_aCvhM)Un#UDB%lBoV_O^y1R+`yusTUjuG6rR7Uwv;@ypanJ-D1K&&8gPQ z3xcup-EvU^xfSa52k`o`u7>QF{047G`hgFDj7oR2jw-YJU%-)c`TYTas7pc9*WM1b z<`mKzGR2%yWX1QwV~}sB9<4fFNTe&kT+^8jwE1$l#TWZ|Uw%Cg-Ji5cONR(EUZQ6G zj`FQ?rBG~%_Sr%+VXzD=x8>ZMua+Dqisc+LK|oYWlHMobqtee!rtK`6RhCN_K_?^H zTrRjJvsjT`Vwq@(B__3sD8uK1(qUbFK(X*K_NcF z=H*(vfyomR;G;;95;1(Uy=7po?oPwv_t6{FbrPodL~D{Z6Xx+`6^ljv2o3rZ9$E3o zTlPI7dwYG|hUe_``?g+Zo=UQCST~ z0MD1G@FI%^SBOt-VAsKPBvf0=B9SIa}->ojm9_u_G?C)ogX+eL?{D-j^gYW zSZ?|oy#8Ua%Hij)#%oV3)Fx$9CkD(dA(0vjokuw=;(HMhx&s6g7Ogr5VcgcGQT!8t zoJQQ-px!9xpItZ5@OffA`j1i(j?CaBpZ_s+S~F@9I)1_(_jjBotp04hPYG7cRk*Ac zE2=3Jh_=GcRDX8l*Tz@+x1YwYIP*>0l_vxnkrl!}hv;r-QYqz4i7cb;+Yc+J&-q6m z>$5b8p+BMI-FT zGC&d%lM}U@+cauu7;Qp1oN_=@P)Qp0v?)#rd~6% zee|<^X|rue-l5$Zbl{j3^-tvKuX|4~TQHhefw}<=$%^bhv*Lu+V5f+8)}%;hMw<=- za7IK#v|bPt9g%QwM#L-i#)p_V(56`4Q3&=6!H1UQ><_@?)??$i z%tuOm0Y^0%(AcQL#H@^?hI!|%;R?!shJ@K(2K9az*ZgL2Ryr1Vc9*clipj$f;QwxU zG13_~tawJI$RI#&pvi5?%fvQLrFooihPHktA91w|+40s%Q&Q09&X*d&!v*UoT=+Gp z;;*PBhcI@MJx2|Cr2EarW7ml*5vp5CWq97z`s~9Q3{#SanPc>RQ(L1{CZv+EvkJi|ofO#tI0M`1Ocu|~b+saWqZ~;a&^U5A3E`JZ zVs~~@EK|=9qlPq6hzRXPhnRlwZ=pybXfu=nu&+X&@Q>sCRBn8;(V~f+mF&2-F!vB# zYPCn>L|`yJ^NDv;`U8FkbMmqQ#nk0^*+RWyc4~OEfyo9m(IG0CDsT#ZsL6~YI~Y=T z2s83=4NG%*zNE-fpae?>lkkiYf=r-*YQA{y!UmrGZRm1Mpe+7~$wu;rAfzDi(@03+ zbdC=*r{nbJEY|zKx>92UAN~5qo6?+XrD}CwXm^+#3qa)QD<&6c--bF_ORNuY5>N0P z%ul=|gaT-J@Jq^xkO8y{4hHG9M!kRwdn!=34YsOn4ipvgQJ@5WwAmPJKG&D7eJ9ta zS`r8ts)tWQ9S2j_wd?6lhPruCMVd&mQbHq00;3g<(zDb$MDzn2nhH{2Soi&x1PHqd zaRv*&8IP#KF^#gRZn93>DQK7PDgg0qx#Yh2cXpNOZ~P+ii+3CBkOqXc6CCE07MZ2| zuhgCikVpJ79&|!JPW#klEC81k);e$L;MYyuGGQ`aPr1VNnDBeUN?`G3WLp zQumfwb#&R$w{ef)Ci_xG77UQf{k)XrW5n_WTj8*@N7&HWi#;4AeDll9I-UF9B50eG z@NSQ4L@?dmw}ZR~xtgkf@X{)H=(xiw2~~ABog#wV>vZ5Tqz6~$B7F+T#UYoK5K}ce zZ5?S)W_F{-n0a_+IZ;qxN94}PvEIv9t3inAt=&HyeBLfmv}K$4&YAf%oKYrV|p9r0qBx`=l%-e^Pr6A)`z=C~Xl;o9O4)S3j?QsD;`TL9L36u2V4W_POJA2A$D{{bI((aQ%ghw>90<^3s^_R{BcFw8{yr+l3 zbE!V=w{iR5=MPAJYZoT=#u&dSm}pL8?Qw~>_+592C3LT9I>&V{+1J-;yZjX=ILxSa zIFrqG$%LA}+&ca@;@&bUt|bT%4i?;HZ~}xd6I_B@aCdiicMT-CySoR6puuHu4;Gxk z-5mludGGu7?B6}Rd)_(s%&qQ{u6r4}d#b9dk|YT=K3@&jENu8C`kr^y-EWfw`<}Dq zv{#2KyoeYz+DJ0Mu9-{jxUckpUh|4DN=(uLw(=gcv*V$LWrsLqF|K< z{oB!+jpa|aHoiTjCITWCV>O3819#K7`f8jH{q+%UGM$$>wXRkA=}dql6b@;PqRd*Pj`Fj0!!9JsgR5rHh-YHYz>%vaRwP#D zyEpTY*PqXjnFkbdp40XmoU6JU%5RSP26N~koS{KB|Nr0w6Gs#yUP8HscY8PD---K6 ze_lNRpc+sTL7bqy7kf7f)RS)i_tyf*_uUK&}(=-VJ8|U&i1o?~TVRsP>^( zkH1;7zML2@CK&U5wxJy+#<`Y4CIDG4czhekOpu`JDNrBwU=tI3&M~mY{g+{MlgxNVrokn^rzX8Kn(cXwXZJk#%TzEJoscTJGyxv?kc zZ5-PfjWHK1V$=g}ICflzLLm5*}1c)+|8Dkc@-uVz8QJ_lw8H#Cj4yUx8k_&o&Yb zV)3U)1gbdZK+HK8?d;Ly2fP%yx)x^eU4Q#1{+5JYjksbla&`{TYO!oueV%VEqlB4^ zd`~@qRTYJ)4V~Cg!2;T0z^P1En?A4(5$BJP&lbv@bj8L?z0k;jk0r}v_Yc;4JLIuk zlv_wOa>_LUOkYIeQ^MH-k|fjQUTZQg=h&AZ#5TW<%Sw7M)7AQx)uc5&e~f(+;ElvPD7m<~bC|)sqtC(j82% zITdSaImH60;)FyN?V4PfyCmArWA}N1OC0FQ)qcIr4|T$f@w`x%Ik`{P7Qc#L4K~lm z>z1z7LMyFkYggtl=l$cymkjFY5fucnlj)y>8~kcF6)?{B?_QvZ>GVJHTaJf0&o?^X zYD1%a5_vNh9)cdeoA9BKTLD~{T{t8K9+2}-mXn)b4vJvA6f1Lg%0%-ak7R?Gp?D3k zU(J}=&M69o_6cRp!%8ovdc%1d;mFVlTcW0vKX!6%P>T%`VJF(9u?&p8A6JKF)wAsR zY9)ki)IW;A7dG^ChiY(MauqJoPm>!LhUk4JBt)0s-tS|iNIny##Ti%}(fhME9Qm@R z*Tc9g9x+1pPt@>tHuJq5?~6ZM7U2&MZ}gtzfK@LH3nygc?V)FIBuXO86Ran2S@l=2qI8~H`QmL2*eVVT>MbJVGx`xMx= z-o(8@`c~v6gB&_sB)Ue+k4e=l*$+o><#^tSwojN{VwJDjsoy3!i+dPM_<7f{B-&Gx z>*pT#EN;qsXEZN*1AKIsUh=#b+pl9d_*|Qq(NtF1iB%VvEBj4zBK!RWSS!qq=yQDJ z(ir~Vl2rFa&s!2`OEB@j_O?D@tqN&*NBPT`!v?ZwTyFC=)vaG7yEyr7AnIq*=m6BE&LXKTr3vy8OBe?XXR@+B#)p0!cL5oZMhU=4QEm`Ab`?MN^P-eEj%Do#7 zCwCn(!W)mu)FkeLBzTUYV3O7yQ5JgXJ!gAxq_yM&SJot-9J%VD-D?!%+p>o7`F(TF zb2ugdIhcg7)_2P_ZdSN;%4GQu*ZU_Huv7TN@wuY#k}I!Ye$wX@VQD%QD*cAxHx)cN znw~)RnQy0W>U#kLLl8efCw5XKhoPT)W&xv?;1O zHE&6XEG-@gEA*sA;QOuh@%m2Pc}jUK>Z}OrhMX?88yabZ@+spweAPGe{^5L|#G)5o zW43y$n2-$TyuS;O{S6t7bd<0k0{6)Z?dyHy}(#F zgUO`D`l&a2h_!cgwrw`iZn@S|bHny7KoH}wabbm&q;pRSOr;WsAxjQb`%Whd&ONc7 zm<&~9K znIfVU>DvgDNX{Om(s&z7{gUaesTshY0-&#dXTz>m5ZVyb7dIXeyl~4T-R6P01O51mO6V z-a39K$+kVLe!2d;7+)(i_g=GwlFTO`JZ#Qp3n$m?sOw0$L~pUrV#{&7HWFUaZ^NTqK-2|IYaREX4K`d0=ERE7prhG*n0u=8TE-g9m9 zmOjoIDnb{^NrbCU20LLtS&(9S3xo|>WAPyX!Yz=Cfk#iY?o;CVFx+V^NTu3SvcHi+ z15JS&Ba%an$tLOY>DnZjW{-G##%FAG&zjMu1eE4lS~ug$bdM{rcjMfFFT>pmlu)2}PAJ~~U;N<@D1KRieME<^ z&Ue$MpbQEN{e-`9>pW`9hZH!sg^5$=r~KLAaF7S&%k@V9cMCsaFCg z6B6Dl48kUhT5$Y4VwukEiK_RSyD$OzgT2?Cme$v2 z%#pmGZ_R3Qu&P4CyAJOk&R!8s-rliIU^)y6zC8K6Jj&@CZd4lboNE{oaKU^CzOM}2 z(?Wec^8fRC$AIgeW>ZQ-!>^ZdE@ZlMT@Fn&4Q6umv~bLzBj#z?Vi}(UOk{kE0J%6H z(ub0)R;GPm5+ph$r3=QCeHN8OCH*{hFGgZ=*%lb6&dW6;DrNLB_i*Fm3!Hv}ku-3Y zp(~#bR7IBkMw*1P?}Z%pH@)XO`E^_nmeS8~*gjMX^7&Y}v3H_PbVp{$W zPG(V{!Im?q3AcqG)?gd5J43mlH~O$gBJ$Sl3Cx&KHo4hbh^$fXc*uV^iZ-1eS2MaL zPxp4qhA-{XN9AqqkP6DZ!UEJBsl_H(f?(zy_vt#G@*~8lFgcgSLIW-|JOwEYvp}d4 zhW10zFt?x!VF@;B+HOl0uEmHF3aM?LXjuDTO7833eR#_+YebO81DWq7R@LnzZr!z` znS?_1vD_REOpU)oB|c&yO1;gD0p;l19h$AF=@r^N4$JmE=mA&}Zdhssu?PW#v)y_( zqF?e;ZNb7Q`^k*^!NP$TKK%GV$BlTE6=X9ikuF1JKPT7%JdgHOICAcxOtNz-OhRbn zDyJ{>VU*+r9m$U(Sv64c(#*`IYSC2K zpAeRy9dgXM0xSsR`N3=;*Vh`ibEtWUKKO#G^lo_??X`>5q>RYpJgnkZ;vg_Tusz?qr{< zWz|r-OgsfPYT)qKnX&ZrhM++y_{`X~tq~TEDnQw@ud(GvF=dchJb=^q@huwiY7%2( z0D1toKNa-M?`{e}rPs(Dc}n#=QSxo1p)KW)_r}Dizftq9x}GQ6ziht)$M3#mgNkx2W+9%hjPH zI0&`g{XEm|X_cbhXKoI>m~&>pX1-Bl%=)6@!v;Wk6Zty~GuvK9zbL7IN-Y6DKdeg9 zj#d~3FMHD;1t2R@si|&=#4fH7~Yv%X?a7=QuS{pfQuOGJMx_zcKihn4%nFOB1pJnl*d?r%>zZ72hVtM2JnPxL5L3@v zB4&TNaTF)@MdStf8XJ!L3Bpt&5y`+3s1yuc!zb^LY5bw>?!+imu3sGePQ$0~8Al}0 zU081_UUaNuKuBDd&M>IXOQ1rehnJHBTjDaN0pM2_Mmp@1Cf zg-O)e6MDi;@m}^88FSQU<<$KdnPJOiY=yF*J#_>Wuj;2hqGYgBCiye@G^IU&A|lL% zOuzf6#dHaVX~RwXD~6{ROwA~YYxgp$=c;-hzx^<3i?V9>4H3b9SVzEu83ND70YW*=jX8cq4-qHc=p`IN&L2^x9w9GWb#EmF%nOZkt3HcP8uQw%bqBk- z+VUHZkR*b%NN%x?4l60epj&pbieb}A8q(cyK)0{F?+EYot$$C!0|Um1yGiWx)I;^o z`|vC$6141#OiXO2xp*`hgAj~Jqrj@HK=!e z2dWAVJYw&WLJmF9##OI^zz85FzBk=Qbr@D~1}60OxzV~g(VX#Ye_aY>m8$L1BT`w% z1G&V#lG5ptR8hB(9I@<32a7>##)bEiv#)i!X|keci4}%3ex!jd!46hnEsf+KLT(Va zNWf!|_8Q=-$qfUTaR#0iAc{)KC?iKwp1`!OB(RG-#(=sw5dbxry>uerW9>i}yD`P% zzEBXchc16gxQk*6;|QE%GLq-8zUbc8wB0ZUk{M1ESNyZ{88v<2O~k-p&GgukAokT) zQ}$V|Mers~20%5m(ZNmXG%HX~27b({B4Q-@yz6=fAfLr>@jBIG>0IfoydyFl?w$7v z?xFX3+vuD3Uar&y*kS{C$3i794c3Sxt4%VzLCB3(+kC_IuBM7?d} z>pHb1jNIm!7#&lTvQ^Pr7({WuUn;HDKqW4_z7h5!SgOA16_K_odDuqWdNB@tgHjK^ z->$4IX*$oX-l{a@lXI>O%;aqHSQ>cSN^HdvQU2mI4EoJWMJ(AJ_+eyAi#U;PptF?8 z_mdp(cpW9J%ZbkvTF@~bR(<^^{oBAvTr1>QmmP4-W3*|9eeQh&wN{Nz_j7bbO@wU! zN+$X8MK?>v+|g;hwjTe+rklr43?cTju#QuKdOGadg;j`iypG0euY`w2M7f}e*Qy@S z;&l2>JmT<_O-GO4xTbBC#f>N&O3x^TD32Ukv9M~CW&aPNt!_}u?P7jrF-TFGK%?(t z`$u6DhM|^`p7%lmm&u+d7P#!jId5jef}>7TwVuB5*7Uf-`bSFlXI+JxeNd4u7z@H4 zCGHMKyeJ9r0)>*-fb)r^+?CWfr9X`MmieUsi_74$?ehD}@=|Q?>{edy2V^|;K#9sY zZ*|Y--G5J%%4-tUSfxIUh{)Hud}tpgkx-`EpjrDM#m&92`26OI&T!%rdK+!SF(|mn zPiTs3SmiHyT3)qKSbcVQ7k@CO~-cqjqZ`-Jhe{>}??L zSNLhW2H#im5iOMYji39$u#2V+u)6%$S8oA`AEqWgC_9$CtJ+32fmiFyHT1Ye)dwEQ zJjK>i*WKMCxOhg|H#54U#!tN( zUC6rHqD z$c5t%%^CI|cj0b|7{R7Yn-Ehao1O$bCzl`J8Te^PtK|ub*|hFq=|24WEnsnovq4}aY?#m1#ggC%gMi^MlpWLkV0D1BTVT0?F60aTk} zyk;ITo|x#+bm2G!hb6i&&GWWi6CEg2%IAteN+ga~BDGQ7F**(R^ecZ7dTgRLo%Ux` zIMIIDnu)Sr3C9K;>CgV1K(YdTE~da8nv^4#8G%&xf8}wWf)#u}RgriYgU5dY8VOhp z;Ip!Q>UK?6!eL5JRwC#6hrgKEg+?Yud-C2D%nSR>Y>}=+Hk$6~`vM2D37woz`$LVh z0-1jQ1RMlBs8Jb1Rq!J6*rZjz+sqG34)79)@=*d=kj+D9jTS(idn)e*0`J}C4BSBW z{kK0$Xc~1ZHcs7(KLJizj8MhhPsIdpvsn91ddMPfC5b@7i$Xj*aAJ2Gj3_PC)UG~` zX*`f67oQ$`%<7cW+YJmc_my*Ab7;f*c7=-39kY7m4`=({ZL}GtJV@itv>DL@SQ;C- z9LS5O#L~+YEIk1!KHFVyHGFIXg#nUo(~+bMy)|I6r~*5S>9&P-&$l z39mr_P;z`@2c|Pe@UmAVMZ^_>3uk=bZ@4{%>PEsd=wV5Ri~Kkbu1(vH{z;+LQzOh# zs3_aZ9kLit9tWr3yuDFg(hJA6O%ZGdCx#i%P=nelf~^g`HAqZ}WDAw&6>!n%>t4u+Frv&65I(jFkDN?5EYxr_>>Y+Q_M z0ze0<4XlZ43iAtF7Ga^ZW4gz1G67QBCq?Z3RYPQjJOUZ2@B>!!lI_22p|8cco#)6- z6;*A81dVbYv%;X%F;|C{mb*MY;U%E-_pdygSEu@7^FywYn!4EG_Mx%a7etGB(b|R z7yai?hX%zy(J3$ z6ZEtq0n6ToVN@ZQo`D87rSUUg>_-l`@e&8Vejf;YbWqI-hD=KL5T{Oh7YbD-lA+3-_@#E(v+*r(gh&CV)^dsGU{9Od8WBz1TAG7R9E zzxP;MzdmeUgA3q1=W}@D-;AGcv$AV65A*zvoFY1ni_2;}@s3C^TD%P|ETJU9H6@?^ zZPv{SvkwL&-r+H2d;mbI_tHA_I!>}=9itD>6H$@O@1ov zLzkngYw=^hev_X#Fg^wsX@6zL)_B4v+rTHw04+}b&LEEwgFiYUVI4J|wnro}zn>xo zo1hP2@vj&z<1;#UlUJE%LvQ$d%3~YUo$IaZy^udX$8Bm#^Bxril}SqnJdc$J1I-^Qv}ymEC&Vk--(HW0wL+xVv-ef6e@1#)pZpWo*Fm7C_@902h2~6esfn6B&4` zXt@}XCI`GG*?>#Ht8t?+8y$hBO<2e!vcl4 z$>`f2e*F%hNls!HnAt^E?|5$CD0&k?>ok2a31cy0j+}^$v9V-v`zE&=Fp!e^6h0&0 z;v`e(hrUCP`nV=JePDWpjEu#0934Q@WTzN(J>wh0VjOA!-r6^M|2_Dp1k{yXQYkC) z?z3;&I%O}LOSkH;gx|(V3s~m3!@8s47|HJzv2~<(lJmF;cH$-D7PY!a{>c`%P^faN zmLni1c(7h80yTVJ1vv(wvDpOkf7QY+5nD7kSm1`A$MfH@V4=KPmUy`me4!PDO;2Mp ztzcxxH9ntk7IZ7N8EAmRbTAK_DdnY0R=y}FkeF}k4w4%OfmEU+El1%7M9_{>SmgfvG3mY!AQC+{_ z;aoyB`-R>MbH(|Nmy1k2Nt(XZn#I^2{HubnI9Z#@@UUcVXF}^hvgH%=crL(JJWalI zW{k=1$p^@sYAEg+dw>#Q!Cs*|DgP1W7HDp9m)4H_tSR{iV`I)t*UAF*>l z66i`Xg<9fJsde_TYFaKC&xM-MV0<12Mnz&6v8Z(C$>6>fn3$zVWY3;OrohVf)xI>i zuqgeBhpF?&Gz7eobCDv;w-IR*a@#oQSI?C_t*wj7xIr0Ym**(52%=snQ_D>|)8$E; zePCq@wF+hFYYf4ItO0t*0Mx67Th=evkPnS2&UmJpG8Zr3N<*ify@Bkq*jqR8M5h3~ zJFy!ghnt|la|6w4O5P-vgAXRL^^#P2GIwaO8B!lt$URWpf0l-teTV{N3GGwRYf$u& zRg>&RQao{*!TNqoWJiQkDOmw6?xpkWlXJy7IV2GS=VYF6-o}DBwsA^7gTkQ|AUva4 zz9cY$gEI~2Pzcw$E-^K$d(=lpTp#4S`EC;&iHqTaJ<-3E_Ag=l{1H%{6X?zObCvuQ zW*E4b?jUp3GGz^;;VAXWrm@8-u(7M+C_E&I30i7>q7qg?1^AF;CeDS>%9y2yqx%^T)Uo=RHg-ZE2PNTbbfOKJhA zAN05-1ejm*`fwY7m{HBil(_Jebe@J2nHMmfUP!sgd%&@!;A>7(Y#93-qF>}n zKqYOgdM;aZ`hdrHLPyqm=tfz-krXc zt-$$hk;LvG+irMOxlFE7Fl)2=cKyX#BRqg52Gs&ZyF)^!=x9euBOXCl^KNTY1!E^& z@0>?3t~es-W-H+PoEU+H5lp%?pJ|&AZ9#u4`s?Y&fD8xQ?+QMQu>(b&G~_Pk(YG`o zum!4pug>!Mb|r zoS9cfDFf8yBf08|rgR|5qDC!1EqmOsIHqzX4XV8LX;+?UL?U?~fnP-mV?pGr<)g0E zoR7m&EHaOYbT@R@RT~q*kswzSb^tf%nfP%CjLXcqDXaHO_OB7~*F(s4;p`^r`Yt|S z^v#eb5d*1M2^)%~z*l_|=Hi`qE)n(-3V~$r!tHZ0TdbBP|7brEwkc9=xJ4N#gBEa1 z01k*RV8h;8Qlya6h)n{ zRLcc*Br&XlOe?yPh6`X$cfH#nm0t1Xe{1PrWWCd;IYAZRiiw~!A6iMu-DLbx zbRnI8U8~W2Hjr_g|2uXD{d&AgB($JnBIgU4azrK13xAjMw|HN8XCshpQ5+5?Vh6qE z3f25Po$jO4iWQ7;feV>@yUEY9tNPGPJKPSZ4C5=O=z*t#F2~I>VbD_UeSG#h@LaVi zsq%(3&Mmw&6zIv<{MlBFvqYR;exNrhJXE0`1aUOtMdhI1CrKZ}+IT>@Q}N$uyg9Ya z&r11Fx=OcW-KN-5M}8TQ(P~@^t_itk*S~ckFOEQs92`$y12S>M>&PC@G_ezVWtQJBJoI<2&!Dd zA1)z1Dv)YpSww?KwxSEk9WyS8EPIjGT|2Zrhp~`rvG0NeN!w@#+6gRK)DshN1Gl;% zF5o$$Uzq)b6YH922a&zz^=D!N!iQ)FB1-NvoMI7#|KP9z7Lr@(L!*u{T)ZN!DW+(9 z0axxJ>}v*Ji2mUdS>ywGwr5i^AeQvg|E1CPQ9y@E3%SlW{i(HL0_ApE_?MeF7G$ur zhw2{U8th}r*!O_IEApuLJ5F2+XL<2kLKbBeeRrZ{ze!Ih;wP zRekju8$lejH{h~3L@jrWFpB$YDkEy={M)K}A}KDv$<76pLYp>@r)*M+UgZO=y3D2` zfqWtM73a|QuaDjDn+wYM9PgX0g~ zylrp;h7?Q2zm+F_<=C;WOg&0IE&}4pMz+GS(Pxzf#zFRQD}E0H7M|dEQIwcaT&dd~Ae31y33+qvo9|v&4>P z`Eaqp<2NCw6YG%$Jj%FVW0NGlu!M!nIL?NZpggP+Q_g}}Qf9!&q5%0|6;kVVocw>5ST zK3w5SV)O3f=1g*SvYmR?nRb8%WP53oDN)zETJpp)j0 zreA!^cIk`dp~$}$|6DVVgw#SthX}k+DBjKDLfzve2pwAgvgrS1xfTDc@GlE6 zI65Gpo)g8p4oWshg7C{{5Xgncf|ArLE(Bf!?vE40z-Tz&T^mOSgmowdgiq5PA=c;e8>?K*DSd(#y3!{7KYgg(JI3 zrKFfC%B&Y^;DT9?94W{ns@Bi%L4Ca*hkf6!{5te$_~d^qP`|Xr$4sI;yBXZy*Csjd zhMZ{pIHjha^r05h_(3Vp&t-Xzn`d2&SAB&w*1BUv1UNEu$OsRL<)(@F`?6LLh96aUi*Q=l@1sTvujtJ^v z{d|D5E8{Q}PaiA}<&T$VL_W-)Ahi9%zRa2OyICY(vpG!fc$p39!#u;rUpcjP_DsL~ zJNd~fF6?g|D4yJbI8PxvHJZ%;Ta)!#9*uv7MW1BV|CbJe+)X!sLQz}UFf-8FVF-8% z`Q_B#iooX!9ZVVUbn6-u?&j0Oaf|-+3g6}@jKQG-i_nI!Z?djfAYZE!z<7%u8>c_u z{}(9DgGxepf-3i9MEi>}nM&!_vvLXyofs=&E@x4LF;m=eEhsJ=o$lOXc&7xqtqMVh zx*mCc0n7cX3(2xse`p1ANQ<#F5b4*a@^Gty3M1lr#l5X zy_F7S@HpYQGgJ`cUy0WfQ{1vye&E&qRSNP1ZQl(xaq0Xw2>{>0RU3TQ@+;5Q79YEk z6r}r@HbH)d_19inX82fH?MSarHk63E(AeFG#yG(`&9P8Lf70)3#=C4yOB(^1&1n}% z`(~7geC_>cIIcQFxtgDXMX)0mZ>Y#@a@LI1BdpsWOC*&dz0jdjRyz9ITN~rx?AMI- z=d_1l01hlQwhY?}l?3(5zlAYcJR{RFWh;V79j^%Luh;6*FvaN2i)({P>zdQ@0rsfe z8@mj%ne7HLL>9ZIKE&-hk z=3MDE9W8BIHFn)|K29Eu`paP*01v=XBRZE4)9J*#%~NnJKm+t~hu3Ra11M4Y*I2&P z$*TjU@Aq-~ioocz&}ZGzvYgRI&T-biI__;peXFm_dD!J?oAP6PLpH!i2tb2fbJl64 ztiFLzmo*;wfj^GJu(}>y&p5_y7{6VwESSr-|=1MEl z(G|li5BuDwBfn7lgyl;;{$^2cqwK(UG|%(^3r}IR&mf4?VB+a-d3oWf3Hj~r_ed0; zqfzhhZjnS~58xF~fv==dnmjPB>E6I31U(1*vzAL3BB(0Px zF#%_<#$?)YuQTHGo{*+VPfJx4A3*O)h`af5eU}Klh~_dgT=dlB6JHmVIWb1VGF=Rt zW~2HpaVy}i6yW3^|6HJWGz>gt{3vv7d4CcJGj;S*%#` zbzV3bHXU=$V~QyX;C=VA0eFG&Vnm(&~m(!M2~+vbZ>e#gXi`TOHa zbK_OHE0BRtjSZ0i)IX1S^!wvecSB5-Q};s|waP4^U39`?hmt(6^#w!ydhc0Zi59<+ zmOm2;k7VwkAyZlkjf9~Z36Kr}=`C3f$i{IcZ3W>zIt+2wUf2wUY23D>{+C3#0(fb; zlCQB^d4h&--b6N1nX~Cbbz5-zUAU1Ad~}is$Wj+NO}udDDcfKZEJVs<`}V0;Bs2i-!2&gu~EtM@SQZ+kb>!u|GKa#zeCMmAmDa+ z>Pv6`7Q)PO{yKB!_b(J392$OjE~wCgczP*ljF5|s-xF8S!!Imo18YtG7!@Vt9YAJqt)KXA>q}lkX_`5wv^TK>m!BU0~W~UEkP1V;b z%f?S2m%}PNI}-b!#CCE(37r`SE5X(pmFT7!1Md-Azwnf4m7Nny)iH15^;b0^*flt@ z5hFy7gE!bR7U2ZbGP^VR%Dr1b9`D}G7|VVREtG7({(A0j zlHQ!utAxmu)(JzWM&?nai5k{2atg4)UQ%YjKHt4Zjd}lT%@mGzlX3?C=@Qe-aMUxX zdLuE6h5>zrw5}*86_eF?kuE8C$EuAE;+TSbWJP4|e&!e_qn-duBXCYcS&Zk3Dh4fx zC`RhgJ*9pA3!9}`B$dFf3>xns zzsnm^kD;;X3Gv{ZmN(TdYiIINBDgwC0#!(n7Nl62EgjTqIDC1mF^SILJfXN*Qb-@q zynO+ACvu+nT$T8ptu>tS%YK3ODMUXfEw)>&XL6qS`PIf)o74Ets7Ofq2Fp-$pXf6q z7KGP7A`1$& z5Wm&kUK2UPaG6H>=kiRC6i@qmng4VB3;+8$FsjSmk$FK>XZjJyQj^%|SDeL~0Y|G? zZO*`Xa<>SMA!M(W{y75QlRK@kNNF?4Ool#>>AfN!eS6Vk#Fk>K>D~JIqOqU-}_4jxM1cU*Mu_{x4hw^KA9_#@0suxF$EM5B2LRG zP+0Cz-P;Z^`;QAG_*Sc1=Vd+SFvaG(u4ePm>LbaWJpRS`n=GnnjLeCQpOjNX9Ovgk z6BOM}{UO|ZM35)Kb>^35p`6FwpV@bP;V>3^YldLWL>kVMM&iaGj%{9fLI`poERLIU%|Rc=PO- z!NQf$_xJP5<7Ci3n476AX{hTOI)1}ikY*PY@B@-MNB?-QG>>5laEAVBmJto$*!KP| zli}}C+ZJcD$+J4MW!#aX~S)iw;KY$+*+TxCs5|QgLT5SKn2cn&i zI}+hm?$m9_QJz>Tg9iCjD%jx~lQ9>uvr;Z#?!-)?GH1pe!ALpF2j~Yt-^Uh`9_2jr zPp&p3w@a~|p z>)9p~b~&Q!vfguW=5=FvgSFJciHqiC05RdAu`Tw~(@|{~B&G?J8%_rNc zlB&6e#*8NQnR)9aZ3dkRGn+=+s+6j^AB{^*>dW)i%i4B26?WEYiDhbX{Vz+$HGMDE z)(BE+X9g~HT^xTUE@|WIR2bW+*;YkVsns=>H>uCfmoI6n=~P(T%-L3DRH@ZB{#emx zXx11#nRE7O{67Q7oqg(8*65o#M^FA^kfGUQ^kmi9r+H=VzXki8pK4bG=$kP|PyS<& zp;=+{WXAcaVMXA71N>ru&G%7jBMmc#F>z~En#+-SBZDXQVBi*!sgoZm2jLY*@dGqi zhtDMHLg4dd5H$AbfocJ!)ax8(B7~E5H|k|z^3`TVfv@6?UXG;yO>pf4hT#iZX#u&)tSV?ltSx%??Lsn@Q)rz533Q?4|K<++yn9zq!?Cx-;9%=`| z?Gv59`Chp+1YmY0$j`>ok7oiSxi5s-D6cyXzS*_D+7U^Yj&%Fw`MkCp@?2n0$|XWe zW#IBS#+n7C8%5oLv2mfbB|y}lQ(Yv?9LY_>U^6}0vijp<(K#633CD>`fwp6w zI@Z2EEx|C3NKVnja<83p#`hJeV<>oiZHlBWfX2;6v*H-?O1b|2v;ZK#cmaEsmU_WX z5av62tyua74BzJr$}iuH*pn+b59^_|?ROWXoO`Nh!=~|Z+;P+s>;A?__3|?^6>C*a zQZVg1RwSNK%XBYS4@mYq4@B&&x8J3^fEp9hTAsaWY~ary>W~bnfOMqJ&pk;cZT9? zs(zgts0HqKCGv#~TpM(@!rj|Rp%2lfuJSoH91GCQ^66*EtnoM(8;w@Z7;zTwTGK(W zyT9+*Tx8cWpwZbX@K|H=*@JHjzZgD{IL;IVYMGO3DJKcDZ8LRzJ(MdK0yp3<9x!7q zuwKZ@qir!eaIp>K;EA1)DNub(j3>vJ|g-E^WG)~<8 zltv@8CU8N}NiZ^}s3i%zv)}NTBl-1>7*&{eFp3s9i>_i6`zW+`95PH}*lBPes}N~o z291nPoZQ@=$&WyTHMA^HyQ>#rlH|+4qaXpE>7aVJ9!)j zb^*kA{jbDkpl;85gj5pfnq}F<0-t4Jz&t6Ta$30V+l5w1yF)94K}31KHyeSZ@ks%& z&lZ|sC2TAWw!P^d#&1>gaY_2X2`z}2XMa?Qdh{0I$Z*ZdPQ-A883 z?)3_F!X{4}J0MJ`Jo`;4Uq97E-L}4j>^?qJrLTuP*sXTWxxT7L{%y(Xm6yq|xmlGk zj?WgSx3a6G+8_Rs(`zl0;dDDFVeFeVOKU|_Ni{lTmDMXL8)bJ(FJYXSHOpwFS4lNH z{2{BCQZ~x!wphZrJZqNOYO9j!w@_Tv#z=#IrNh>RezmNZnsC;dq&wy?{>(AvP{J7E z5eZo}_G~6xWB7j$R)u&}Kvu0in~B%{W6<2QnP|-}#3K{3`rm>lAs%gzReR57lC}RB zH1hNyTq6td2!*Wvw_tXNM=500%F}~*?LP+1JUxik^g=vRA*=tFz&~BD$*2~BcH1Nf zOh%;)m?h8TC`Eh&rg%Tk^#qylq$fQE@j;Fw)>Oe=ZrzZA*5YH~pP z<3-tITsb26#0|(ENSVeo#6NF(64R}^_6yGKD+N@!uWl)Sw;KK#De1`6n0B>1b?*O&4nJon@I7a02SO&h|wD6?ZO7G3e(U@K{+gV)+1JR8X*jJhj&kkP#kYkyR3NT2~xQfbUw^)jFg;MD8{1WNb?_ltb z>0)Wc7+D4;3JGx;AS|UJ)s9HjiXP*yA|1c|#ERxmU}`lUc0t!heUU9I5+K-EPii;O7QZ07})X z?tP7k7-?$nMUVTX=z4mgo~O;(RwyzQP|8sW?FCCAf0Sn?Y`%wI>ELR#@2B0^?JrZK z6Mz9Q$;aKF6XYsXZY5UT!|P^oS&^ln<@Jq6CN`-+t5f$&Jtb_@b_3-*SV-cpUps(u z1V)m@VV~N7*#j+o_O%Gl?DR!LFxfSM)tGQ1=0^eCXV@m51&a3rP*-s={CXS`Zs0rT zJ-XIlbhup|v<+7lr!eJ+?;?+A7RzCpc)8MLhHNVlF`q1|QMgoC=4dkvb56TyoF{8_3aP-jO3kwiqsRON_xbs z4qK7DJ(@8CMN=JQ`cW7Qre(!onKb@N{ib{pdo2u4u0{1P##%4nRNL5HvnNH#|3!cu z7mm}Yb9etJ$9s~FAZ{V1%$1NoZtLc^bY$}Nu<&+hClQ*ReIdD(8{Pjq6E zFa2p$KSH_8Sq(e?V1FRjuQ>S}vQ|XCmINSV#9YSp(FFF!J{Aal-&qGo z`;Jmq5;Geh%6{&xHFYf~p>U2v7BGy-5|ja}7AMNUXKgqleMwl9N`XhYdI7tJg8#rP ztio{efEC-)TvcvZ%7Xd=SFEDWK2wgYruW@3GQnfJ81(#vJC!r%%!#8Wm`s*EsE?%h zCgVBgp%$o=6W-sCdGGt_D;9i~q$}^8Y(d%E6LmuRYm_*a9U}{SB^|Wtg0qE9qT1`D z^bGY~4d?Ixz=619{(F8(TSmE;-gkty7gZlHW<&wByyPjs3x^g>!Bqr$AdqVPJiXCgxPyNXrr_-Pb0mIuu{mgO z=cQL}7p@qKvxm0++%`{WUAb|)Ob7z=h%OT1vWBxx_%q9pu-R9xI>qhYh=P4CRQAD! zj26%R8bE-rihS~t{HCitTtZB6a-t~gC(L2YQdY7&G}#%k9VImU^y8K zzck-QfAJmJsUT>3c{Ldbf+sL`?O&uU>*oJr{^IKs{w|bsF7o~X*QPJXQ4i0));B*# ze~ah5e5-+>& zi0I7)0$WA6fYvs-RZ2Nv47F^?Olq8qQvW>OZ$vEaV|DwGw?jaGJhpZF?V0;79S=>} zdJ#;drZt1em!)DF(s?~uj{m{kTL<;=ERUkW`QRGd-8HzoB@o;-xVu|$3+`@#;7)MY z;4Z=4-R&;lb56Z;>)oo~eg8g++RyAvcTe}sZtqBUkI9#{uS}9&h%{LPGG(RHL6gkG zO3H8rt@<(;xh*t%ndNU@A5Q2=5HO-ccXn#7hIIP9M_Qo$t-bw^wsm;k=M<9$Y6X!DP*X+kDY;ho0Z3Ld62Av1)t*%6n|?#I?)X z9S({45A5L|WoTBo&ymId-ay4!;lcQH&DT%!kFzOT%=8wD&?a9>0_}9)w{1 zUBrv$R+Csf)*yS@1h)I}L%yf&!++!`cj~wk#VK$`PC^K=G+g_$UcZ}b$4@g5cB?5F zeD3$+*7kMyO!2`YLCK z;R2J^pc*rVfbifGU%`42p($|P0Mjt>fcxXsB}=u|jX(~@!^h97jlQhL(=|{2!=7e? z#aJi6_I%w0Nikoi(N?ad>ki#65tz?{toWVEr8C7K#1|1`Oq*QP)2IS|!o%tzfc}u* zv=4-l!ftSIY2xl(WQq)UcapT_U^L59ZBjVeZz3o#YhGoI69l`=22>OM3`}^0Vi;BYy#PJv$zy#UF$z$)oMM$mqo_|}TpK!D-$)JIZLVy~l z>R1h6Ql1(8G$R~1ytTi@7{fDUbp|MEEbk&%d%-gd7lnp9MmSAjrUmOWevI18yYDNv zx|4RCi>q`3ACLqcZO?>PqbvoPI&B*72){3mJ@wbLxl-4ps(J9r2Imi&tiEq>vyCI; z;1U|S_lVM1xUGL>tNuivGIx&MgNuvm*<<8nX(o1zhz$F&1u@E&etJANCKt7ulaIJ( z$Jz{%uXO_~wXSSKn4qsA7-IDtdl?ruTOAR(uqqez+#z@%rGM(&&aFq3HOB%Joep4e zopP{)SFD~ZgyRzCYlxB=+PZbFuLMhU_TUj3ssD4Ye>?wY0x(B%!-x9<59ZNhgkWS2 zxsMn<*|w4EpKtXKH&UW*8n}82|EkFDDi|hm?%&+pMXtdabWQ`*aAkXXFcG6^R%3#B zzX5v#j4DdcBC)Jg+M8z7P}G%f)z-qxI8wsZl$GL9G=`Zn-I(2SUUOTT*gl zCVTOx)n>$`?&uKoG3DqQneio;CmF&H>*`1JvdgMHs}7g&JZ0Q(UW=~fyN6~xg} zTZGBrX+C>sIq(+X@C9IV0L94@^E9#OCbL0_Z1;5PWLD!dmu|1P0IkwVf>9ZO%pKCZ z5guaTKK$6*yP3eN7zx;O0j6lU-56xdigj3O%<##d;FH~=hu{$GYHVmEHfZPE@vAxE z)IO!(p*s4U)q1w_Jk6MUKEQ`VmqV`BA*l=G;H_#x5!U(@qVgOr$uVqHIVCtGU6a>l zg}8W`kH8aI{yfpbzVga}!QafOK=vlH-SIIz;UHlrgo)lk|EvmI0(Q2mNvx9GrZd82 z38$`Z{zrJPo`Pgbzo#9dyir2Qu?PI8YjzgRUAueW&v|ol)tL63LR&;8ZyD~IhVR!5 zbl%J1=^?t0E;UmhtCQO^%j=-DTdz+ndQaeo?Wp|=8P+!oZCh~I*0&4g(|=K9T%QoX zV+7F25b5gM7TT^^843d=3r^tau$ZW<3D1bVpFZZ`na!#^lG}ZSS5L{jKJfzm<(=3V zQ(Yo;nW9?Tt$=5iS<71OYAkZzhvI7uuth$acxcD))6rQ?-QS>+7ZF&BSvhV2;1< zP}l8*%RV8Ze}DY0gJSu4B@uQ3s(Ox`n^$atTwv#)Nv;yxU2|*Oj4TpX4 zpM;(Ct=YOLvm_W0DzMy}+5u(aj`G%y=G1IG7gqit0^C0u+R(Z(-w$lhIvQF4(h-As zbLR*29N*~IPAscv=()0%&---`{SNHs3TEJuZq5Ix8DOF4XxnUE{Gv^^eFp3J2ed#o zizJv{6)$e+OZpkG`t8boo|}^I$8;}%I~WrUy{VsB>j!pNLGUE;4~Ny)r4`H+=>Wh2 z0V1E(*yq>YJu`iV(Zal9@tVa!4cJ0_b9>Xz&squymWfxWzwtM$&q$q%3n8hC$e>U4 zRbU4X56L3Wk)-_RY^6bg9WaBmon&-weUn!zb3>e=u8=yxKh}lxY9THaWByvxk_2p5 z&1r^cqyuBGBpX!Dt^-a7axr=WL1PQR@C;go6-x{*Xyb3f$R`kX{jN6pxO~+H6sEsK zPb3j@QI9@?yq$7#6727oHNuY*as(qSD4?Dny3De=n~1%lL--6)<0w!BgJ70+8Yamu zL6mu9{L@nyRlQIOtyu`4`g)o5y=zFFk2Qu z7!0v9aeICtC~>2P;v6K!c;boAg5m%JjKKiKO+qBm608hPQ>6 zy)^G=SM&xsNW_&%h8eSZwcsQ;Ry8Zh&X2LR9=agOK5Idi(q64Te*oegrk;<@Bi6L{NrNbJbY>Vg--xy@1?+T z!|%6v)q?dAMg;;$Fs(iLeE^wJCn##wY666_J>v) z1)KUt`yl=^-_aovUZJm=`gpe{2GLpZdkdwdW<=~tL zI~zYisL`jQ02Tovn@7wn=cvsw_dHgx&wvx;h4aF{^Q%bC0dLGrWbxFYpkBI-!6H6% znz|>=5JZ39E=KZpBs}o9?=J;hRepv>9enxXSSRSYjDe zx}?)G$~ij2#o7s%Q6IpY3v#h!-T>)`%@(DXq4`wq;J(PrB+H4d$Qcspc$>lBpi_L} z5DaY_9)|%z{o7x(2G>N$y&pvKiT*fDU_=OYPIb_Vxv4xf0~6CLaD3(7KJ>glwD6;W zXiQvZTA>MfnJGUBW9kEomd)CghlPgWO&aISTgai4(qJ-1j;o{P5ltif*jDxAsn|FC zohjj~_5?3d`Lr|K2pAiVQJfI5UH5|vv+#oL3kkWxgYYly; zVs-qH0DC|3b><~w9KE$>5DIBnu1jeEZ7a;i*l*D&?ty%som%+R#cfq(733fqD6k1K zrA<1M2=}?~c)hXvpiQl^Ve{8FIpZ$B>21%qQ{!hy5SnuvY3S%=f+eueSf-8+@7sHhl0*5xjfrJz(4-t^GYU@MsRsnDiApa3iDQfzcYD%WW8KZ5UeIU zjyUTgS6s)(wQ4dFhF9LHoHJwJuO3GG!EWz~$_Jx_V+1|Nry)CZ2hRcV`4=$x9}`5C zC4*gyN3LV9s#v%H#zSr>5MvZ<%$U@Z{)D|lIq9&c~Pq=bU z5WSe%hrKM(j`6CobT6tcL%z3I#?O#8&|Se?SM%ajzj$8 z;J1>l1_};A{pJip)}0vU@RvAVl|A%;{@)|$m^7%SsQqHDN_+uAs)?|_2Qo2(EW_1J zrrf$fANydC1yI0YcGvTBZeHBjDLZ@}WsnQ&5S(B6Va^@;r1zkvZKxX*OHytr&y2hn2CPzB$x()#YrW@~TNFlr%TuwTKpj=coIRs$d3&t~+%v=`>~kx17ytL6ab z5K0xC?_g8DtcLiQ&6-h_!pE0rK(EW(#B`NUiZ19h>=m?pbF_!fh!lg_Eh6Gq3wC9? zfNT;5F|RG~CoiDYwk+aMzcAhxIfmO<);YLhbAgKKK5NeGXF6#!ltj`g<9wp)SaxVv z;E2vghoST=-peP>U^0_iP)07qaY)NS6;g&ytLeSpqNR8B6}hN{tXu1#7z9qfXoW)# z$O7~@K_yTduUMt!BdRvVt>6-R#dm*~$9L7U>zKnD00|d{rx^Z~4m|4;>8l)cw#;nm z=$5c&h^Yx)M!UAG+uv{2V-8uh4qCKK9(up4FCD2fKd$*@9~dIWNo8@|>(as6YK#y; zBWJysV9VzHeR&wkC?KYTa$vv9#u_P|Hfo(r<&}bQFqZ|ZCE6}qwUh39cj}_Cfj5ch zr{c#lCxyq^fV#qfMb&dMQ=?{f)NjF+FYyewT2WBmWjLyH0F$R73{NCRpE6_!@pZMM zV%F(Gh|fha@pZyXK^45quDTE zFrli?Ovu|T2Eu3YIk(}FI-0bsjV2teP~?LgPI%5Sh>seXgLe0ThC*35{#4Pv#c zX{U+rWiV9rl`;*iMQG*xpe;**|IuDMuakakxPpSOBK@KL5)ygu`(T9-<9&bUk5NAR zCC%Tuu?`Xq9=sYfve|K<1C~g-tgjBgtA%Sc7B!>NMOoKL)~0jN>h9y99#*=-@N96v zk>H8cHtbCpUeO^;2dfdnMu&c5Kl3L{UzVT1VT2;}#s3DjE@Q@Al%#aLyUJ$$Pok8@ z#v-up{n6bzy%4ds1l54}rt_E*=@v}#1aNw9y$PYSicHLgUTz@Fl5nrvsN9=AzFhvg z+v*mAo$ES2OlmH}pL&Vlk}#~sivfM8rv0M+^-x6lqs0-O8b$6PpRVnPz>B;YT+d5h zI)*1Ormu}+_AzzKfTQT8SNHwooU}~qt%@=n*_fm-o(Clq4W`P)+7SU%qE_@pY54@O zOT-{xO9uD3Q+73nLFp%8JUKvj;!J8o#woK z$GO?^#C>>IQ(&MP3fGJ)XT6NGy*y??m1s=g*WQmn^i z)QU$(RypqAMbz%(Ray4AQV@I`9$R#v9`*u!BT!A@2@RSu=)nF6Q#d!QvsC_RLIYfk zKJuYBajTIMjx8#7O}cZdwO4a#Ar;nkdh%t|LOpCaREV`^)b3noacMEa@oFIjWzaD# z@MvY7vW+E%CObClhY>TNRyj5(tB*774a2*PC5alC!oy8p{KMjo9oRSxp{8j>R>9^P z{|LZKN@fNfu%@O}@(o+9NStAXn<2p=OwJJr^^K6HT_J-^lIF0%ef0#NTjpzHl<#;Y zr1!K7o&_U{a+w6?m=ze~EF+ruui-Cb&P5>@k-0{bGtNSSp1&6-vvUP=yz;j+%2s@~ zNbt)rPNr48JLtr3pbO>7ll@1?#?@&0t1xwM-A0j9DzUjVA$pHZfgo`LWDa$~!}BMh zN#|iImI~nwb&P`cbmGeu7#3E3c?7b{Bnze)4dQ&_n}sJgQ(Z6v19%9$pM#dZkm^27 z#+(QCV+mNF=^Ax!eY#4_dyIV#=F0N5pIfDhA3xFMkMdfDs_`v~$Ualp#Oq2!3skt+ z`PdR$zYbJyKnPRwFzcAC!`kZ!)>TquT)&wWEdn@ECPRL&eo=$%u{ZfA`%F8A zwFC{jZP&T<47@w6ZWSL1Vq)(gj}KT2a|Ij=yxM|7Z*x$Ofp)#ChHv%mnmTw6Qei9; zx&8z6fO@8ka*{=KAOGm!^CG`2+H| zm}cRM8!k?#Rr&R4`5*b^TUO0pWHZRk$;y!Jn8AIie8Ro zZ$IgYo#`E+(aEC}ku&BLawKk+cXzlzsd@kdX9SxCftg~p-LWr=9RZ$TZE7SMrOh>F$cAc+;Ad?mdDh2Jr~C0kuBQxx@T z-kHMr?0mOUab{r_@QO|ADAjW0T;CmCn=Na?v%A?nqn-N;cvM}vQdpk)7=H3i>;`Bo zrgxMA0gKiTNA*tlKlvhykLVRvHQ`mW`Kr|d#k2n^Hne@Muo_(nZF?xiVDS}BdH1;5 z9M#(a*Q5n^+C4k$U%jz&yHZQd99@z3O6`cDUkc_swh+Y!XB5~rz{1-^sYZ5RSPbTZ z% z)c!@mF8@dT-l^^$%J3}K^bx+yh3M99AbkZS2~)FD(@+TTVOxV za*NkF}R=L zT#V+Y%g(jt^D7+h*S5L&#GeGONV$Y~mmgj#>0YQq=57D@6sD}DJy@r#&AlvtxwCCa z0c@fge*NKa9vV`nEHd=9zMVJl{e%f_I`Cr2csp<6OK_|9-zK`W|81hHV*M`@U5f_Q z(YcaEO=qoA8_QYi^5$}t#(LZa)t)(v1x-Y)QUl9R)_}Ee;?B912A>w;c+ybq&ZX5N zpO(OQ(j@SuvC`nz(j8A)tlhaaY-&@tVMJFE@09EnJO22~1OZTX6AmVsur4nWY(9~!9vCvk~zFt*AxmRTY0cB7H(*%4j zzY;QE9d}+fiki>ZXMeh7;x_+n;qlaX%14=Q5a5Nrbiv`aVMegcKm6S~f z8D1aC_pTd!Prfz%6`W>^fKw^B?rBl`3K^*e2Kv6*Ykc*5ygt1unGLR8or@QMaNvzh zB800WHzRUmzlC_TqN{AlrIW%@!774ty<%GEPH#4t;G|T{XxB!}Y}1(|1Xjd1EYTgP z(sH4-JWWl%!MyNY9vEC@VUKtLPBahdf1|%Znm%fFy{3#<+xgD1nSe13N~%<=@`;ED zLm>z2WczE4Wxa-CD?VXvQ>+UVQ@I6YH>mz9>d^rPb)rEBv>O-sGdp#^3R6^Eur@z& zWpWX+J);LOq3y`gL{Lm_4U^Rgi}$pf#jrOM_+0&#FWc#>L^D~Z9@D?-g{S0r9TEux<KbMcQ16y+4IXGmT;8Dj5CAMgmmCc>COMvjx;x-wg4fBl(g{SNgVcinzm zf4A#e0zB;j8vXZu(&3eVi`$K{~EI!b6z9LW>;& zzoG;*0iH|pdITc!A|CgB*;&kl{~h--njLIhgg00nF;YDsqQoH98tfx% zYtm_sf7I^hO5^T>+kqT(lLicw=IVpx>lt_`({vMRP-3{BY~I6uY-UuEKcP&aITi;c zUtSKsi0_w76g}s_epjnDK6~oaiccuR@Qm!%RLV{Mywqr5=oS+Pqpl<6?OA?V8ohA| zG+c_sAw!w$=D`<`*gx4TR{0X%9_Qa~D<Qp-;KO8QXkwbaF5@uzpY38d|_{u`v@f z6TheU_~4l2jBQMv%!pZ-x!8#R`GaGUFt>6tb|7YwurhEm7Be=o{bmd&AOQDoDsD@e zs@As494N1+dcyidln|Jr;RU*?R(^QAObpF#4UL6T@WL^P3&mD6aT&zek87Ufed-N6 z$q3M8(+6%$$V7zEq~L<##e4b^kPg2CbfWX!Cf$$qqut1bZhBU|5|0uv)krzvzI$K$ zZNC|Z%&l5)t=inbF&|{;C=jvuuXGlgIUsBJ9hcRn$W3O>65TLTuGq#$6Oa-FEO%|s zI?As4c8#lN#rO$|bK(zSjaP`QvrN(ZCUVQ5za%GfD>#36!vHp1AUW|=7 zscs#&$5HGzYA9Rerp@9O%fU|Z@oiqrQsSXB0@I zs%TVe*bwBbhLiqM?PK){pHewlcYVSB;klvD-i#CEyDHaxvDULOYR0GvL!I$aeuFf;rzAAV7>Qm(b-3k+ zlIqv5LkKMWhz{w*Eq`CLQ>gwNeB_~OBBip;Ap86I+*Q^O&9yYY1w^>y&& z_($=}cDKe^Gnwg!rRG1N5Hd#Hf(ScGc_~oR!;oq2>w3opxY?1H_0z1}(|&H?G$};a zmZI)BVIBsI2-oFhfM14THcQ*L=Nff#6_)504oB@HQQ9-3@$i=OJDsDkJ)LyT2YQ;} zQS_F*MSKQGCyGtdejFF?BEm52tqNcfDDUyx+-!L55tQVM)i{^pQv=?Z>i{Y(^+!7f zHt6|U<)J*LU1U0Ue%5~aZ~_K|2zs?zDOF0PUz_1*LugX5YH5f|m(9C5xcV5#^$%R` z+WzhiXfiMpc_Rb8xzG$>5Y#1>0us4?sPs7Vs*VWH*c;GW1ceg>(q_rV1)@>vk1N+u z9x9f~)JgMNA?U{^Me8>yP6HLY)3{*3Z){Z-3DQKf~Qsyu4c><)B5x0 zR#CCbhIUo+PI8T)cP=Emfftgg_RgnBlOXSkW(cF^q}%bFYw32$n6=eC$-LUr`6GB$ zQ89}^%mutRNd%|qr~4=#1B!PtQk|z_Tg>u8)LB9Yp_mt+OcVzL9#BjbAY)vm-#ICE z9Lx8)L{{#$F7(m)S07bT#egg?cK^P!vY{_uoP+}A1H(H>y$kw)d;uvVSr%H!5(&zSISy-;PG#Vk_rd8bb%R z3tm|SAWYk2720h~pY!c}qF!l^w;D$;9Q-$7e`C5?YHV-{&7?|=aWK$;J?L~sf?&|h&X4qhBOfhaF$Fjb*xwmxL&LGkS@EfTsg1Z#)w75fyTp-9u(uY^FTp3c1 z{34GgB^fx_#Oc$$inqtpXeluzwmQZM;?J)(RkmFd z7chky0X*WZDIiDMp?qLnx!Fykdj9#_v&3A*Ar9ms8?C2=(YV=aE8erjN)_unHif=x ziDQZ>F~&IXSmptbC6h^ahRh{3nnMOj*4L9yf;a=Q^${M>-NRX5|G~f7EeAw9#!2MQ z*HAA4BfP8Sw|1^FHEBch1_lIMalnUmQ2e!d;I#sG<#6U)23XM ze0Z&xsrx@=aRLQcvtGDb+k^G9Oi$v zaIDmCR3N&Rw^**|Se`EFl)AM)6Lrwa6_uMCQX7*mJkRb{s`}PHmiFl}ydG{;5}uZP zQbc%}oz~-jncb;m^mTqLoz^3GJv>)yt4NzyxoWo1RU17jao71&S-R^y+xnh)(_Esf zHhWa!p`%h+dg!duR#EalW@1*BZaS;9R)o*1Tr|__s`VX}xas^4nTen5AnR3x-5yJe zI+~vW_P)Hc*8{L;ai`YOvGhFKR)4g&pv4=kX!w0p&-&HkMy<3%^Lci&k`NHCLep|! z;$5z3J)PIXOSPg7o|oB;N+e%^_5V$t|3}FGdwKo~^8Z?%|B_t8Qc__VGq9+`^%eQx%k#Um5%DIXtf0KZkCw;|5LOM+X_`aN|(1gNuQ}<3L<(fb!Vi@t1-9m|C1pLT2T$u!Q;9ljf$I4h#+W2o@VwHZiny92LH zL7EqS3;62W{y2rCS1dJJsuzBXFA#7O51b!UqYGD194e97Qm!GNPt_7h$@r+SQWf`2 z3rX*CKZIMshRbmqf|(>u=dP)(gg-Y%DY9;e(M`+O)ZpW4O?cUG96dkbMU0CJEC@YU zeYlG7`IQK&N#urVKq;))?Y=AVmHMGB#3*!dezr2~yNpDEj#S6`n(@t8fE4;?$-GHz ze@FG8)ebj+%^YCh!-7=LihF5D=Lly-BBL`Jbf)qagJ12Z?Kjo6_8d-R_vuW?!XSwOeNMzRnmw5dT7DuRrwgQ9SW7A@g>CfO!akn zjxx0>KkO-uw7c66-WG<`nLuLA}eB_6k)awY?boJ zs;d9AoQ3h-JNh6LHBh-LP&r$i+``20b$ppNfbCLe!$J4IxBJ)GVaUbd3~;SbMK#9_ z&sjloNqSBSFUJB?HMm?AJ@%~z?sFn6w9GoSH5p9e|*n1*e7)K z^i0j|FkS;&S7^)T=UHrr@Q*BoEB2l>ca|VGQqT0>9!d?SVJLgpPoeEI#VPLCT-i9} zxqN(E2Ek6}##(-g&{8%Hz^DayKJt@8fZZp3*P29!@(?_RUwd32*J31AvpbDmogAL; z1yxA(J9i+Q9>Sb>2ukg))XQa1Sn_B%AbGel)x~?RDYef%l6!H&+~H%M-_z>vc>a8L zmbVxF?lE%z$m6NzCCIXbMIp@z$#sO48&-#-lx7{%}ed!5fqBv z&Yz#akGB&T^#J>6Iq>fLFacPp#p$qL5%*{Jdf)Qfp#{8KPV6T}nZ@C2(|CHPu*f5| zN`-dMYc~crTP(efM7J^d?$NEMFx*qAdzUHJJ6E$+Zmddm>wGk>`l{rt>UIdEjZev? z9zLV5(!bqXlQYgj)tw8^6s#Q>b*mG$1bw^g4fRM=3}??|FfYR~r>2I`e#N*sc$E5q zlGRCa8CL1^`>REMoLcAy_NWcA+|k~D7t^5aq{W^%$5dRCy`kyGr7OUcJB9t-3uiu@ z50_$J5tBavXO8A@6KNELpW98LZ4?y964*kvp-#eZmJy*=*1+urCHD^AlyjJ17lr8% zNSkICjX6~})a2Hu6~u=(G?(cw&?S+4yF&fI5q4YqsGPK~^!8x+u_=P~AY0G%ZInj3 z{!>`NH+kbQzWT!Qhq(lH7)ly0`V~cw7^{bNOWQ(ij*08+&kjkRq2S{>>}kyu_tFyG zjkQrw-mG3)ke|%5Zc5i-L!X&9F!|lbeDE3;2vB?6%7ohlzAD|Ji%KXo?#aKVH#l)c#tuQl_qw~~ukhl~Z*@t!l#8?)hsGp1#@eKY+ z1`_p@JK2CT4wU;i_Nm?%RB6u}Vla_DL(xuVh)t%K_i==ZNV~()M>yi)$1DeJQ=-SL zeD@vi!k)hVmsG=nzE`S^rzVRPbeui2WkgVfdxe%URDIiQ-;^NEQ!|A12yWbXmt&-J zqfSv>aU=Q0^5U0coqpo+c2mR6rhS;R`_rdk2l>BYE9iZZh0&I-rZQ(SK5?20fi3q@ zb(0FL!<=iV7dqTBOxI%&hwNqkaa1c0fpP7dE!&PwRM6uMc>=kknoFePw?VXDKG#ts zP$)Oq41GiP*Cn_-+xX4zJZ7z4b($-fn*LW{W7VCN2Gew9$!1xf+#ntPFPnt&qIYim z#%ZIE?#78I*D&i)dAFtjXs!0xLFgCN4+s+ZDbVLK4-m5b_>jspyJVbB^40fX^JID% zip^zisdRl><)0(1zr5w|Pdnxpcwmb;Jh9@=b&wn$TF^_1Up%R$rq9vS$0Pf6UEvol z2x$G&e(X$zL+XV!$oEIUP`c)SrOrM%nzFyXk;Zl{KDe{J7Pjzuu;?vaD<>-O-3;;T z;M5bGq*x_ZMKp{3q9OZXtuywQj8mk2_qQ*Bht&{?zzVZ8p@l1|eZFJhj z!cs#nhX@7PuC4Z#;NcwjN=dgjy>b2rO8CG8e^+{O<{?^Ud>Qq%>ff1Fa#e<8NI&mS zMjS8Jcbb<+N={G{DAp-IAqE>4!xI#D1s{74(9PBSf)rRX&knpHa3xXetC40bCi<-Y zhlHOc#Vz}q%8QW@VVHM29eb#cSCvx+fc8KWiq{01|jpc5_3S8eE1LWPk=2Mo)L(MSy$O>8J4Ga`gAY_%l*{n z$j`$&vl&e|aUF9_2ao%QOhLx{RCpTsRQIBihQsCrGI{fTP(WYcnWXvX)+WnSxu2HG zoV}@6V?a?udAdZaeGn3b)foVZ_+72zUA}lO^1)&U_L86WagEhbufCn zsZlT)33QIAnn;CWurTjA2^!xY5)esoGJkk>nD?jR39sWV8y{T!t_i1g+VjD6OYDhi zWMPkE(f27jjL#oBAGhOtR-!>7iTFez{Es52UT^6pAX2lKZHn~JB5(J zNa8m`ojT)yI_g>HLjvvu8 zg;{=~{QhH>p&)}hA7FLEOj24**`=|6twr z4D`mMpjhMvo+l2yjgD{Ft=h_6D$J`*idM6ZCU16&#BEsP4t`Gbi;7t(&O>D7^V0C? z`|66&Dg^<`iGK# zp)dXieO)-7R;Ehr`Fui};1G1Jfk)#%q`VM#4+5|aCy;VN1M!W+sgyl|6_o`(F!|z8 zw0rDu50S;s;R6aI=s?;{q}ply?mX*!+=$xCQy};2j1I5dPC^x*LSTi&0j*l$S1^1U(FDz|7A%P4h20#*xq*8KLwmGj~NRTQ_Hvj zXXy$#a!AwYSspN^8v`B-ZMh_k(X;ydNg9JDF;k2Nt4X}SE>-L7LByHrtKV&Lr-xhb zs1abH=1MM?KDEqCeij$OX*GvBr1M!HidM)+w5i;Q6ICl~c)!jE)&6Q>xZG82ByDMx zq}2CtT2v>*jkb7?q=v2Yaoj6gn*p z&<`<7VTvK!QJV4kA`b|5jpE?V+=U!LOc#pXst#>r22(0HGc}7E80ONfl%5Ih>n=Yt z#c5u;=l;+``am{(Ng2;uKSV-m-Z>7d^8;OJU|5O*$yHRAY;pg%IU_+0@N%xY)XD|= z-nb`svsbe16VQ2BfYX4ad;z*l%8xvCB1%d5>)^n}M7j*R#ppbtAjqI^tt!M;!^hNc z7?G5C4%cGjpsTM54j)}?7ta_Y{;p&82>ZRfN+v|?4FBNyxho)YK_Kn(8*KF36@U*|kxd}&EH1n3cK_a93^_k&rF+$Jgwn2&7L$a3@*)JG2U6@-OyeY$VQTHNnw5CB2Oi#Dr zLONwU_ixk$KU#sdJ*U&gWHRgn23*f5HTeR&yKAD_B4lR?JPqU^j6#e_gJHPWrkDgZ zXc~lpw>cPw-a?`;;15nPfqf5|&Gl=?kB?F+sRYIf#!v@kNGD=ovhj*aVf@cCxm1yS zPUikMZUJi%hM{Nj$Zt5;%U`nhXG0&Zr5Vs$)Oo$Z-6iDRx)kYdA*h8!r63d&_s>Pf z?D(WkH@f|0xgV9|5>%@2mdO?FY~O}bzT_kl)dJtjuq+d+oSE_`JLTqDJ-7;1OMGi=TJa_qlzPR#%W9_BKwZi zAYk7PlXj_`bPVx1@jysvdX6Mt#!3B`yzvmnL;`^`&cq@ZMywb;jDpoB>44<7yvuNB zq1-s}fTGBQ4>GBUMa(WA#G$P~j@(v*RC~PFKLQT|2XB!CL`i`Gw(x?}kxM2&?_YSI<>hWBv42rlSJW>%gnl^aKDP zkIBG3ktO6m2S~BxBYUF91Pw9XKc97+%x3lA3p^i3H@YJq@KYXw_szmZk0 z%7Ce%*_1fw?0rtZZ-Zzb?uk9 zCYxd0lnWj%8^C?4^a25UXjYB(gso8)HXd8pPhu;wp41<@Rx_XC0LOB3-XZB_U`d`B z?%TM8DwS;YY&vQ}!W<_auIRh$G61&IDoQX~!#9=Ec;|(~tlU6Fwdu)-sBQ^X3NOlS z3^^B(^#OVcD**cpZ&vC^LRoQX!OBdIBIc_xt%2)=pZl<vpHOOs&a&itZx zzD!{mgSU6my~J0m$5tg~L9J0vY(3{i(l5dq$aLJ7k|<-5EU@+c!iqMr0bSDa>GOEE zn^mL9v@cTuWzlj**Unh#90 zkuqA(rHR3hiE>3q@B70)c`h3gXmGBv?pas@#oI)D%`Mv>pZP@~v?*e>qoJ~u?ev@c zy$$|eb77+v%smd0mwAf*j)%g7mUBG&d8e(6pBWp^BGu+oqB{M($X%S=R0#e3g-5?) z*)UOKzFI}~3Mz|wQio7$G03m-iq_cicAU4p?H9*guMkfRjCL;Hy)jCM5pYP%xD0y6 zxWRgVv$9>ioF5J4D72~AY_30_ z(#C6*czy}YE-Uk}L|3Z;&k_YI@ox{C`~z}4^5is(S82OPa;W)G?%!kl%b(YuXzPv^ z#THkv*pR2vQ;M+x&EI!7eQFWZKAdu09`DS4wLYA8!gPLDw@FULNicGtVkc$;duZc` zj8U-z3=#ct0$#Ga2^LO9edSmyBLsA4bL1>ICuMNfMDvFc`JKN7RsWw2$WAHK?jab-k$b~SAOn9``nY5w7|>C$cItnjl9HmniQj-Rq#jdY z%F$8=t^XIAIQHL>TDY4R&{JB#XkT+N4&_I@Vma4W-u>O}k~rq&qitk&+o3L3`U#W% zJv3E%#oM@BNgFBbt&U09KwTE|b#^T0*UEdsFA8V5Xx38tyxwDyVP25$6KAiF?y}4X zwN>H9UdZ3)2Bi8=FCAe<*Vrk&>_5*|k_rzPb&zzvQVp10+HqjI>&L;{0W#63r-JuNW542H$pqEByv7D zW@+=8nAmMFc~Z&Nfss8LZc+HIuzLCL=dswVDa=P*3>y!Gw^jO=5h2=#ANRU&RlxA+ zO*gT&xvBR;+nvUym58_s<1xSZNbO%L*U*^9E}IM`{V&GeI;^VTTl|*h&>UJy;s8?8 zA|>73CDPr}AQFc@bVx`Yx;eCzc<2&PN=jO!k(AKiM!)xY@BQ8PeV+FpW|+O!n!Wez zGqY#bXVyN>GUEmpj&?v+JV?4%RmTp8=RQUhYar-(G-|eV4m|Y~lHPip!u+>(MU_@K z(vHT}!o>VRLK8W5N8j@vSv(HCfEden^;*rOXl`cG#XLSj5v8``$GaJz-dM_4lZFux zQYNeg!${z!{n=BC`Fs*Ik?+iYC&1n_%>HNH5Wg6_UOZ~J!VqMYfxE7&49xqhRrR&s zGg(fhcgr;2uh0#=GpLoTsq`Ewmvu4%BIpN6C_^9g=Z%23lXy`)2EBROHIF@ zK$;wRu7@%e-bgc8{Q~1qrP^avXk=M?e3MCm9kI9;Y?ttMu_RJN^KH}eN5DX;;!N&C znX)-gU$ZNv@v%H4dbkwe<$4zZE1?@#;;R+YNmuqzu?|J&_$W$l#|QGr6M+3lLS5(-3192-NU9B zy-ORL*Gf6DeoGdd9MHr2!W3d?9sktXh6IFoXU%y;lt(&>;f+J3@~qfI3fFB}aiB@K z`@_bnL&D}dzR5FLMo7HjibZ>hX|xd2#f2pGM_&8ZRn5_3T!LoP;ExOvr)od;aS6`p zp8vv#!cpK`3X_SDDRxbId6G2JvZ~436J1D0PQ&KerQ$V#Wn1m@0mOj1>{;#|sTOVg zcG1hP$ASbt`^811)5<8q0OTfO-HBv@ZimICoZ#gU748=&kP9*F^YYL95TfPlMzY98 zXk4_aMHzIG{qf8pAe?uTwrBCvVA!A%Vwj$602QL1wgL+908N`3`SfP_0KIrb&*x;j zhQ5-Z{rtctw097jQUw_cRb_8eq1?SkSQQ63lk07=}hIf|w7sph$IQy=>pm_^LrtQK;p zqdV~{-p~D|CFD?OxknV-;{C|ftEy|*3oUn_)?~`W5Ua8)()&^BPQi=(5wH50)3*FsdyE2{X=76_X zJ6zezqA-CtZN-!D)~7k_arCjEC&im(D7zUZ#x?uL%_ov(le_=k!RftU%uh!V_E3@%dZpvV$Tj*2DX`d#I3g$tXe zot7q!D7LCO&Rg(eHS?p0NsYJ(z)*$5*;# zx}`Mrh({hz+iYn&(~#)Kpi{i#%?+?E*wqj$5qYSt^#z*qXBqHhYzlG}yE5JJ)@@0D z3+P!ARJ9#AgA@gn-w=rONK{d4Da@}wxY-Yu%=Mr#&;LSL&Yys`|LPaYIY$Oc3r-Vp z*xM_V7G zH&Owx7DcbA&{-?oV^&75X-9)KU+@2(u>2*0`~}2#R&e8i2}DG8x~xGKYu*X4g|wqI z@0H(`C`h;xTY5k(&`DTM!u`)att6fKOD3Nt_9@qM5laQ!8$2Wy7horY^NRj zx@{m01pYr1orNmw+v~w;4`yBiB0KgcjUzQyYHg9gul(>LL2&&PAP$2t+kC6*3`LF8 z-3POe$wU|Sj%l5cf<8?Km$Xg;h$6kR^@MXWH^7FKLZJ6Ige{Gzu^`Ad6*M#CMLzjPD^fLAOp#|;-!PWVX z{I#K6xB3Vxtcf7U9V6soCrg3LGS+^p z|DwlxAVbsQ&-Jol+zEVo&f$Ez^2BGcovN;WJWyq+N)NpF zWdAb^Jwx>(_#`2kHPMopQ4h@(%{lWi>WpYcv~CWxbq_9~G|2koxw|YoN%>0$X(LAB z3gZ*raz45xv=R1st~J|`>uXrxw?Wi$TRP`aT4Dnu2dmxOj@e^(nsCi7>1S7t;8>}2 z-XxUt#QtJwyPkGc;!-}k{Q_|6h!-nwg%D`4m~VJpml0F_QFSC~YUPh@F7FYl!2(^w zS1rPkR8Q%Y6*Vh6j>S^S9_bPqZhO+CjWC1LMs~p%g#kTr~iD z$)lF9G6RZu=vkX21lvcf&-!tv%XMoq=4Yb&7Frjq42r-mtmhS+$+hwrOU>3a?b*h! z=TbcO9R*%4%#_Pkbx7ExtaoHU6X$0hy!x@y+-dp4QMX|CF)w?%lIpm^zN4(=3pJic zLgC&+PmO6ZD)oN*SgJTgHk$;pt8j9rk9fT>)cH(imP#rZE|v~y;a)NZu@)MOzGJq) zJ3!<^9qYe$=LQ7~Hq5$!MI6pT?v&WZptP@*>#tHZYi90tbRyT7b)ClVMT}9?Cx^>m zPQoCYETS%X)6Yt5sl!U;vz4O1(mZfk3m>|dyRqi4Aku3(QZ=Yr-N7TCAH^MzkatjN zT(=HWs(ipw)#$yYZ5tpNxx!;DFNBo0Gbl6E$Mf-!u~UYBJA8fo)cOc{@rEkyo3>hVi#jfhPV^8DB}Qkynx zJ;h;5hRUR0{nEOijYP#H0>uiQ&@n^hvEcVwn7DlU=81rf^HeR-t(Ynq z`@*^|aoUwOI8HW9!-6Meypvlu-TgrfIv2YVv2d==%s79Grd~>dA?Zu2?S56~lTX5l z59e`k3bg9#1)dWcM8vlE>EZSB$Ho~(G;wwKzZhb-zyO1cbyF-?-&MNiAtI_%{))#@_nf{}F#olniH&Je~^w{=tsz6urpdqLAkf9p-OmX8y zJQtJBNT+0ZINqa-=V7h@=Qt@&Aiz}V6%c74J#yoYn zHV{+khnJ4dO2nB!y*#p3K*|yHYz82=E#?M4ec+0->BOYa|64+T}&LS<8UUg78o zZ!|=AMHogsYV5(hj?Loo3S2K&6#5-Pc&)9C9RZ=h@by|`wGv{o;_AjuYa80hlcP3j z7$lN0OI*M@-6eqv{!FFvix#cYqRGQjtuDd8GL9~VmdCOug*N>h&TNZAr}j?f+09Sk0vakQXoSG)GV#ecPW*X_Zp=G`-9sJqjlXv>T?j*S#+KDp1TwmCU0(X-GD)k}c`qwdXJ z!Jp&UOmUxRJhq#f9p?G3KWBV)K-+&}#6^iImJ?;3h2IgwTjn7q>OQlKJKY1`uGMm6 z>XGWD18dtUuykJHpOQ?^DMMx>!4l=WNpM7* zfeYt#ZtcCyrHmY7Ql-9_5_ymFfoAua=6gHUuN2N0v!Y-Yvh>2kA!X<)MN$;@FgAIg z93&hyo6?H7-%sQ@)fZlt*ki9?7(!9;fW)?xzNnvq`%wqex>0dDZJ+F5kj&~^VITkA z90x^I7p#Osl2YGkc>;&`pGWd|(yf4RP8TX3DN=509GfYyVT?;14H#O_&t=CW6dCiV ztcaoS3LR5;7H~J-5EYUVlZHM>%Q|^49KyJl4T{~5gyOz#s-ZbirPk$UCI|{wEY!WY z;nIANN@5ekyFIEy2;Q2c2w=o{?jOu2-_95-uS6Cp5vPZG3yrC@FPdZxh95*e@Q`U8 z(ZaD{MMb%Apn4Mg+uT*i&clWytdW=WgY0|^kC;%?G8L1F)>LK=Qk{89f}TfE4i;ZC zv>skr%$-of=q%R(osW_I8N$jHNk>zuwiC0eh;#84^u-sggu=l!v##8o&gXtFR_ns^vZpHC-f`<*34U*(4_e4 zBywDqu@Jiy^qHDdxMWibegqjSslR%ytq%OSK2Ki|OhN3{F1PXI?=$>C$-!l=>>4cD{u{XvjD=Ds&#lRzcn;J(eGEX2>nZ zrUq^?Zxq4&iWE#HBaWgoJ)BwpbM!O&o>GpH2nT*kx5V7Wp$r;m;}AI|w8{Q$b<<{u zvsBCGqiQ*!bBb9;r(|fe{aYG~VHAfrpZVUD@MH3Wl&!ZknbiYA42I?=1W3O|m5hHA zdTGNb>o03$dn{08zb_0MWI_zg6xwMpyLl+K%{TuzA**4l9E5u7kE9de5Y$^yh!*&m zt8_W^DJ`A*JT%F4C{KET-&s1k#G6DKJ!iDJ9z=ZJNJ8Nv!juPB1CZd)4uYjL+FxVh zTGC?5>{YVR14Rs!e~mom_ee%pGgxPYt@;oWk)-|l@i9(ST9=uB9t-wLE(ZlyD|tDY zC)fc0sMx6Gm`IA-BIG!d3-(UgOG?r(nvR*G)-@{x>2s+u5Ftu#WB`UU#t>xk5>prj zNind07Ug3(cLiBEk{X#Yv3!PiHNBV% z-bsM^Uo-5vO4Fi8^r;_VxM8?i@G4TqHuPa8W;SSGoX4zFtrEI+{nDI|+{B3~tz zaMH*vZiU1&V(&hz`Oct5tQ!~Ee)`~fMMgm9EAp?7zzp6+3b0_EvjL;hr`Cm6;Ui0! zs&Ijc!@{E=agm=x!qr09tVt`$?k83F(jv@NxNd&bnlVrV3O?@OW~rZ#oG?JI9y>Qn zjl5qbKE|oShpQO9@au7Cmh$riN+EnM!}k_U606C88Tt&S1$u)hn4k(j+jqF1T8JbD zTKW@I3)JPG)Eowz05V%mqNuiNE=NQ!JXy?ETNWOf%8(cu0Y}7Cy@6B$QItfE+C0r=z0(5LycK=$ZC$tF#dn zCDEnW0CnO<(5-&mklRI_RlEZP_Bf!tTIIf464Bs!Bb!e1_9|8q91AVQ|i`@?TP%Gv=?dAIEx$C(!U}k{_I}9&h}Bs?fYdQ%NSMKpO(A#eTguO1G~YNt07wznOtqJs+i!TTo#! z1u_D1fFn`-qH#>8_|6f@bkWF&2+r`2ZF)H_eAcKMRy$HjK3XmF z8PP4dXJ-Tl%VYNHQq}JXyq?3mo0uB_lw9iTO&xxT{fr|?P5f{ zezC?DkW{|$L&u1by5m!r>QE1jD9>=I8vEM)AaIt<>oq=IkIjLzZ@Okz=|*{Fd2z$) zO+c8L;b~sxbpVrVNK5kgPLka~$$)p?9DRmR0&ikg{N!0l?uvI$uBvaA%bdT+sU14Y zVPvXT_>;v5mZoTDz#tjc0gT4&+4-=T+Gz3*(K}H)G1iL$8!Il@lIRNYQQMvhed#r* z=xk@`Q}|L6g~@*X0f%}J)~o9)YgMS6@7t(gSE$@^N#DDCbil%zZH9`e8OFvQd(MM_ z2bt0#eY)rhYk?)C4ioyb>wGMgj3(nGj_`wokeJGHOKgJx_)l!Qn^HW7pFW&R9sF>( z@lH=SF`3lXlhag&&!jUrOD4toaLDK13~LAt5Hw?mTR~MoZn8_aMc~&n>+GO4DwXm1 ztk@O;dFI(%p2dmqzIGCScBT9OKNnilh)|ZYd?tWw%ztzr_$M=@lT&;}09j-5;TfYW zrX8VfA&7*S_#($-3Bh~nn-!c>1h%b@e0j!DnKAi=3YVe$)$=1dMwS{b4ttLEr8Rr) z><+dV!R#t6Gv;e%2qsOWDsu`nt71t1M}(cC{?7{>dkTP&lYpTr=By~J$8;T1ybDG8Dls)>>y{3Jy_*EQ@kP5j}H`M}s* z-NAG}okv&pEWEQvLICxLj{vBLAIMZPjQ3No(73z@B=P~3P3dMTkNQD%{U)_1a+XE3 zwsZkW^Jgg#k=(I)wI^A*imXu}dXIqNec1qo0gHgg@1(@?gF=D*JE7?*F) zc;W{4F_cA_o&#CqACo=5y}omz%e~*@aJ@jkDi$fu9g-LF?Kb(e71=SzNw0V< zXBY2qeLapU_|Iom1k`g(3AC#4XIRDS8==;h?E*OA7&pZo9Nya&f^6FGazL_jT~Wsc zYfiaE2jTq`4p-9XIa2?Y`vw=->5!|v)w!7p1&XL z6B}1!wlDbHoYFFoph4u$w#uMIB+0V6{LLVeaD{qLmn#%b-@ z31-yHb=O{68v}*Qz41t^&4b za4Ek~Q+T2uHT9oHn6LT$wDwVp9aGiD(I=oX;iZ&2NRnZG-tL zjcF|`{%`eMc>PRH*EZIe5m^Y zKjS)Bkl#eP-aC)SD$m`)-C~yTlEzX9aELQ5Az1bdRb^3SPK_haDHtjv`nA%yrV)nw z>p3OxLGwTAwOB*Em20XxR`H$zSOYHp{qF3s84vV4Ju^tiZM6zhUh1^T@dl_4AVD~3 z^t!f%MC6D5@voSB$3iqfP1sS=?z-djrz>FL)<6D(ch=j%=>p6G<5xXyTgmC!xGcpL zswO$d>-N3MK^@H2?SOmtQJ}OgO?E}~C+44IRQ*h84~m<0NNH0abfD>h2{65$Cfnyn z4;EVrCj1P`Vniz5OQGXK;=DYcw$N(( zY7@nX(l`jVV7DhAZVS8qk(e#pWp%tkjP_K&^SJ0?l8hmKC+%uA-RHZzo2{J|!tcEg zG~9E?GKVkcmW!>TcSR{kn{YBoYJUx9u8S~93KE^yn5k#>y7r!U>YuNR4h@SfJrp+8 z3)#To-cDCyM(T+|illWT$JTd^~F>LFJYEW#jZ*cT= z^2PLZw&&lA)+Yj@4;IY+kmN}K0v&N4=^nVebq{IA7cEV@tYZ9az_I^|4o%xA4XB(t z&22w*3$9t3imwu#j=YP#mx}ZEE(2Sd30_qP#(A8F$c%CDgZP_S#bm~+Fb8j10JTe^ z)7=a}pHR53^CzST;(5FDP;Xw6;f)YTuKWfwX7ZEOX)5m(wFK|8Nt~ekPK66aKWP1j zgI)3>qNC_5pZuBfjxwYvc+g5qFR)+vur?*Z1=gN*b~WA5_b3T!1wvodkRb4=EP zf^>*-y2r)iXtpW>Kg#s9li{|l_$1*hVp-E&imicauKe$RvWm?MHvejS*qQWfa?#O(*26^oL}ZcY~4PMJNt?9%^)obuj5g5hs=KoetIIRk-g_*wC|2gHc;MOnsG*x+Xg$Ev*tsDU-*doQlAKW?c!!4i zgJyD^u0EpT;~^%wd6Q^`pF$4}M(QIm&1#eZYH&+PUAh@VVIGCL^U8^sy|pu#f1Qj` zG*dQL3UD>X?7OQ72Z&?%jkjHe)cO8utqgw6=PKru+Cxyjf%ryLAe*&*f$PG|kbcB) zgSJgM?t7}Y6S}-RNpTqfi zbRvPA|5qVQ^)@;SRcA02iSNAa%0Lg{d}55KYuo~*@W$3)-;3V#VSM6C9v1mH7pqlY zPAkjQN#F?G0B~eWD?jZ7$7C zqGG`bTW0yyK{9hvK@=_9vIAuj^Fq1u??&0vH*Xupi5RO}$)uqbecCBy4c55Cvw<*s z7qClf0L=ciO3-M!hx2edu0^hSwEc3&eF_88MDtvazf!~PiRO19GAgsL(f437vU@8) z3N-;la)9!LW{3``)f6-sJ==AIJxc|ott|g6PFJ*T1@xP!%v$}^!J;wY69l!&+{?Bm zzaC9@2W$vlkhYpq4Q7m`!*}AjF>oC)ef?uM)mhh7W(Tx=i3BUc1AcZRM zfxcZlE!Ua&KVPKXD{&{NxL4Dwwmd;3m8dbcOef$etec;zlod6m6gU7pi-kqGy+GOJ zq!%f(I3-Ikt7Z}6N~Y?GQhu!EBXRu?$JA6L(8n=R(~ZlH|xicokjokN6rFw#KcLs zutn~8tSvG+uNBi2eF7E;2+z3#`gsiSvaD=Iziz+>xpe4B$B@^mTz%Ekaj@>6BO9i* z2zVh+I@KgkI_T>Yzb{X$ulqhcn42~ zLMs&}D6M0D<%*>6H zLhn`8wZ#ob3w&;#*A(J|$38Vu2GCJHcn0Tym;%Vpp@WOS~SZ}6WxYxoUV+%~r) z2R?A1d^5qxhy;2V_6SOAbuq|58S)`|yhkEjfr{9zJOT>tskrjr8G}BIt$Ad0K zpOGTJ*u<+-tNO0F0Ls6``=^#uW_OM(%N|+N6YD*DowilFNA=R;TEg)^_P2EfUc4C;dQE>!TaW`-;|T(+t@6Bnn(E#Q z_IQsxd;REC{@Y=+U&N0awo$b?diTukn-nea%_B3Hkk={~#NJ_oc=ZZSu99~l8xK10 zpBH=*Ca7OLL)$grL~|yyXF`8+g65pQ17Hba1?p{sC_a0^A-V3jX!|Ci_d2}~0wtpZ zsdS#BP}%S`{iL-BaRGCjtYJ=r<~Z=`-D0RU?SdjvF3Lyo%Yg^dJW*shoaoJqB3l9a;Q$+Le{oExG~p3pePANcB{Z41 z7yxX+mgp?ZN@0<3u2J4lTA_+MB1pW4Ty$Y2Xb{-wc`sHJp;&j{1?|`eo&y*I#H;Dx zCy?3!x<6_6IA#;{Axj9Bpn(MPmhwx0fG`69ikE#y|ATaJaYGaxjQ{OM^wp5S+6%;| z=?;J*`VIhGLRR40-*ebgmZv?i56)deUyzJ{I6JHc$8S-#e{qX)w6|$R+RB}GLOeUH z@L{R_3XNcIvnb#7#VxIqQw^BQ{v`tFV_L?6y{Gn0%NqBRWV6GA!b|Ob1CZ*}Z|pvM z>r}1v>aL}w-Y34*fVJv+^;$5;Z!x6EdnN1SIRJ<=V||KJ6ZhQwgSy1PkJ)~DcSF|J zpkd(f*xW?Dy2RNeiV|O*Mec1z8(?B=Zoo$)?CtDy_|YysX(t;!wr4`S z&SJMLz#6%@RrH5X?DW1#3Ln-#VNI!hE)NIx&3UaBKlu>ug#UzNuY4Ve^+uvy>56}@T;nq$sKUKfsCb=hj!B@9Gr2LsH`3qG4B;?r zm|*>bozj{n2jy^&BqQ~Uh;hi>>};zjBX`5+0rXHSy0TzgcV98LBus~!JG8)g*eEN_e8FEh!fWnWvR9T#jfIv(r^p&*uhjfe@YH;%vX1F)p9u>dN3{m^Fs#s@c!te9ili&N;{Jj2*zQK&s(nHP^a7k04F16$0 zQ=#nJ$BmT1e>i5r<<@JL_Ee*y8BHYFpjj*A3iv~=H#b#}SZbVj=)o#TSCA0(u4M53hdR$?8BvrgT9Xocul{<9o*>qtR=(QTg`LNfECt zvpn9}=Z$J`zC@@C=)p0>?cUi}$}Y+Q9fB9!AK)cauV5tOr#}H52K(rId$WEGPLf&= zctz=U%ofLX%ywclZYX=>j7}RawL$_>c8|}b&1N)7&zKi#e4i%skOrF)L(&{i`r3W&XzQLI0VZuT7;Nt;jG!ndzWEAUDDWhZTmr z-$j2|Q>d7vp?r@-_(Y#rj65(zU@N=&Rq`Fqz3bq^d-#6MVWhqo`<*(~ALggf=3p(% z9u+Ylrc^(Ch^aNFl}Z3ElUyJNd5l{2s|pB`bxUu!bkYXKpO?v*hm&;PH$L4~O0cBFyh8XzKz zM1?ezW73I7?NSIf&+!8wdQUu_7W1ZX*?o+hdY$HR{^Lrv@Gn{u1OyV zArS@sK*bP7XZMP~6-(uL#M+^sx~kipMFU}pfEYQ8PV*HD+f)x`_?c<7BKhx;2+Z$V z=@v@F$9X3jDSaa2{FCzQRI*BJ3>KoqZpa=uwI^aN3lI+v0c+BjAcda2>Itc_*l%2N3UQ zmnuzNXF}Kqh?WGLNZMd&-W2C!)D`~UO2vjz{+KI~@g!M0^eSNLuhlay*8OtHp zKA*>yasL;w9AZsng7A=PytHri34S;C#uFG?l z@jh<<#uNJWsAC2dfR}~IaJA}r-@wt4qnXiITxog7tP21?kk2T;C;I-g4lJjeC%|W* zFFzXidSt^R6&5*b9_4=2xNiI8=ooEcVSHg*G#xf+*n>)S;#b3z)Fp7h;i$!q6x~zu z*?KThAJR_D%+mQVVBn%piJ^_&z2xe-%(qZx%$_2`WLL217?XzgXErj101)~+0cE*W z#|OV}V9&^RrD$&Cldz>icDSBUcKcdZ4%s%l2ZJ|>q+UW;0uB_`_7K_iwxY){+n!2piB#GvSRUGPr2*#4>PlC-9Jq1-0h zJ2%a6&sf?t6SYwk?DwhiV$3e5Tl-EP;8?wYX0mr1IvX z%`XtK=rjRX#mm~Bw6;_ZBqh1Y2CN2CZFdbSUROQr60OKtoJj<+RWcGqFh;)Ql&@~H zaO_wu@`K|ytr|}vtW`T>!{QC54izbHh~4qUrXKA_PJTyP{=qdR4b(X{lfGsYSK++M zE=_^(toMQ5xwA2<=<}-g5=qtz*B1#HQ=eIX1qLUc?pUSvo%08BIAqvWXof%y}>SRWZAO@bMc160RA)U<{_ zLG+AnH24E%4)~&v6Jf4%zp=Mh1M~(in?KQZWq*duXG0Y6u}H|pN%W(~F5;tT^Qb;s zXF7{{6tZ@WW_Ei!mF76X+5P45g8Mu(-xZk%@c8w9!=j1o1vFo14RGK^MMzH_MqlCd zTC8cNt+^q`3ha9=(s$eqg-LC$ZbI(d4Y9AAY*{*Q?@JCMqXQ`kaG4kr-+U_|h>~OM z{RX=)2!{idSRD@yIi?&Cc?3v5q^uoLuSE4CMFDFTfZ-!Ff?f;WXuNGcGYer(;5rrh zn1H&av?4zc3gblq51z7I=CZWCbdfG;j264Gs)p_JF;ue*KAe8eP#f0CE{QY@F(Lt+ zeykYp4AU@91eme{F2_%XBNwN_p27tITqhUyrAXV>W;^z&**GP#+`iVARD%~VBhqF; z<+gzfSj>Hk1UgS-Drqg&K^2@QWGxS<_#Zpoqjli8 zxCA9IbT$tm3&_{a=kX@OTjT-2_dWxVy3P~xbxn5xA8W;}En>GRPkMqqkoio5_m6gAcx){TB*e+??m)2Ddg zY(cBM343<~2JQRj{@lUcU{hsNvlgHOydX{K@sxm?zA@PF2P2Die^*oboGEi1F-gU` z*@6r!p_c+uEGtA2L)V)-{sk_|YzP&@WvZm1<4@t*$|; z=`G;N4$g46Z|{5Oue{b@$1*kGAZIr|_DDD6=x2^01mjC^gFyhAce%PDU0i-r$L{Ej!-P`}jyF4nBHlS&J0?yZjHar%DA^PWL9n0L=D6W2{6 zDNHja=+mlH!!x?)=@43jyY4Owf9Y|r=tU%o2b=32CiA?v`#?p2q7AFwQsi+Tyxi&n zdqNm$2bS|*hxHPfDU!zi`=`is<}2?J|-rQU_O%KEdiXTW!PoQE3uJB;#TYt_@^ZRxP_8h z>h61DPA)YKIn%FiybHI+^<_CmopacIK?J-xf%v7x zE;niHy%%O35q;v zzJIX;MV&O)KOFJ9#{Wl;`~=3hsV0^jh)6g2wJeo}UFYqU@eavMGD-KvN%JJ|z=+$5 z$Wgy!3WwuWFx}%Lh{b>Sh*#`?;Ul*(_xOnA^HCEhFvf5JSVv(wfP(-W$vr;ujI{Y5 zJ~CN$zk~tcBZcKpnS%y`GpLA5tX_xCPBh5g%s?lA?k61RwumpmH%7La_rHQW&YScL z;QO!Vja~hK^j|v{jm|^|5E5=gzRmr>XKt$tbVRnA|2m?`l!LU`7TH>`Q%NTMi4=5#{GNwex%CXMri&c#oBtqbw06pc%y1$uvO%Oa zN@5!voXNPM@Rl~v+j?1U^!uTci!(Vc*I(@x<4|Q&deBZ~lN~`uu+0oKOIRDQm~mgL z8Td_4aEvK7X^8{im54Frv%Q!4+q-0#fG7MSA)af3X^<0xYT(2W7#?dHK}ne#!vH73 zu?}z|$9iAv*}ZxntKz4U)AZ)2V(h3VKX5J64T~5b+YB38 zDwV1ims9~hMRkj*b&6ynus5Uk$#>R`SpXB+j7$HEiA2<(ZaSZ#YcZ_9Yd6a`z>{fO zxL{p9)}jX35>>=IfiyurIpL6J-&v)87q4pjDCjRkxa-1D#=Al8yQ0rQ;5f#hA7432 z6r*sxxwtLhT1)z;nL-{wYr(YucC-WXhccc~b^at08-PW6*di*?RB&D=Ix@#<{u;ft zjwX#gzEidPLTm%SAO!h7g_w`XcF^!@u}NQQfBk$b^@*YT7*=At&lzii)woVq%|k4q zSS@PgL8#9R6x`*$XvsYwG;EUs^qLmM z&z4p`%0_3$Jaz6T8jko@08w<4luOT5)Y8kUe>$LE%=YCullC;o0x9bmT|slUGQeRM zkM}d|G6jKdhrCPm*s^^fyf-o!P1;PamdRx;&Z|SZOA8_yUb`SDm6|r~TpOP%4enQ} zrR43h`a<^oKNv}I+kY?;xuE}!kv!94jUwhxT^H)I-j)T%U*Rrm37ISn37H(T*dFEK z;uxa_!TJ=(41hdwAn_K-I;JXntC~~Z<=dxP)OP+yHOJmp)^y`6<$&{a*v|gT=oyrN$mO~T+2wvQJ{q2hAYo3+n6jrWhF@TS-8oq8U zyatiy)<|Gc!|0z2zBnNH`F+wc~iEc6nxs;PlQs!KNX2#nqpm6UoGiK_Z8bQz{5%_7HiP7Ef@dKpAmNN#=LpbA#8qI+#_{IrrM+nZBn@CGZ8J!dGyC0Bv*8$wXPqrs+3<^Tpp$JY7LneV2kbh zs+fAE!XT>ANtY9|T+Gk$0;?nvgNpkB4a0Q&b(~z&=8lAr9sk+57UtMIH-cxC?v_xf{z*Rk~WpQYe zPF9n=z(M9M15?CXz#JAkW<=>1C%LnEDA!8;S9xZluZ_WcwctfkM=CqzuiFzE17Kn$ zOTvO@2`#`3e-X>JK4RKsN>2HYn7M(!xv|7eG?_BQxbXUzjBSmML-(i~6|!U*u{&c> z09C2h?7G4^i=DA&U&BfBsMgHJtppRdXcjgBXN=S=)J-%EdW6^xr!UCPqj=>jJz;mPg^08@c)cfV2 z9$YXW!*I~<#9L&;aL^*quWA~&L4&_uId##kMtcVlyeuQhLnKtm?g=-o2IhVep7z*r zz7zqRQri$B0A<VR znpq&5`B?|oncIK?Hiq->1jL({g^{S;-gMF^RejkzuOb1<$-*tbopWb1C(#5{_hnEt z623hu`gm`|q??(vUa6^lPlv^U8!#dWMeT+FwTW&6dOYW8L^$)zrM3XZDsb#30BkTd zz^f3|pqGBSL8w4Yw3u$jNMGc=iO$Cw~QyFxEy%ACcV>b z#TBZ|26Y|aEv~f*JI{0{sBq!~RRliYlHReUk=gw;3g{2&3;nY?2kaNsM)DSO8~foF z=6L+8?vgg=?JuHss==i84BT1UzK?X~MHn{48h-(_%NoOsPQ-7{J zA)K&Kx25o-&QRfieQMw+cFjW#UXvh^4iRzukU?L<8WgE@N(^<$qZm|ji^I{M+(=6Y;6?9Dis>BU3+Bs?%)37ULnLXvzut`&GA-vhp+(PvG7gB!;dbM7mMBrKFLT2Bo`GN#nad&+q--_=|J**=OxDmpgM}ue(kr8ilW!9{H1= za>U$4S9R-cO(x28{f(#cs+#h!{&E0U>}glEZwKIa>SuOt@+mJfp<*N8)55l|5x1-5 zfo;pNuhDt~fEoEe2Ckt*{zQy_5YGK)&7zz2H&$x0B5W7SzGmk-K!4agMA&czfd-20 zmWuw-d0F3i)__oAr(LTAZF9gL%TzoE*@Cp->;>BLZ*Tfz^g6*_DnRVupT>cIyC=W| z01CaEJ^#cGu=h%3svpbAw$OUBFW1$Qvl@&U?=^TRsfI^!q@)Mmhu})DChn+ zZOP|yALOg~hCiHN!(iy7M26fYgLM@@pck!WF=~Pit)#t1)&EMorFGGZeT`@kV6gN% z{pF2mnfl7oZS}fF*9!IQ|6mx1*;4=Mud*BV(lYm|sv;&&|NcEv{g=D1bAzRums=6N z8Cs}dd<{3dh~%E!hwRA@pv`bhtA z4h;K`GJUAdd6oN5Fe{7~J60Vt{a7oERir8m0r8_X;2CzzjGU&=b?r-gU17*wyX8GD z{9a`8I%&^)oN=p(RkNUU=UlxlTjIA8;TVC?ny3A8p517B&s?W1iyl36=jz3aUYjYtGU$aUZs**AJeMGEt z;hO{5`4>B<32^c^1%jLU`{nF`V&>QwQ|H+9vJQF2k#Q=Fi77Z%)S7HeR)0ME;Gs1k!szd7H^pC zSHhp=*2%U1s>=1rd*aH)9;nLg{Ot43DPz;K!X40$siGK(@?)Qn{9PsJL5sA7mO~8 z(H6?Ynz0*X$r}?&9#`j8rO9|a7afq9W8j|Q#ZYCXz7(J7l8{&}JkP8uWsD_{bJp??J;#vD7R9D^R~e1|{q z;;MDrmOxBpZR;c#S{WxaQ#pPL&_o~o*TWo{2o)7TA0gmHI{#XTH2Iew@JrXXFH@Kt zh22~7WS;256yKw~bWB&MfA-I7QeE*qv%6dT|4PWmL9L+{dQ{AbuE2nD_o>7*YL!hr*aOiHn@u-(?zsuFe; z84mL2KYfnQ19TEV8e;zr1Il0TniI(Yjx+L7cRH_ofGrTBY~a}zq7L!E4HQ}9s)gSN zG<*_T;K^=Q{0}8y*b>N&JH5Bx)YXeFozo%v-;{v3|Dgmt5Xw+#+G0=evb+`D0Z&&> zbx9o1e}xwU;>!byT<&TM6Fhi&y3Z@<#{~UuJQ@GIS+AuW_gt4d=#C>7Ii&9yB@(=2 zEt>Kdu2jmMxRv)$dsey;J1wJ2%?`N&MbJnf$=kbAw(#73L^qhaZ`&&L+{gvFquXm- zLdY}|y1cMCQ10>DrKK^VvhG? zG&6brybh~e6#%FNQ-$s-+{L6dM-=M~TR6lJ@XHzYT&_EN2AlalvSE#36^2sCVW!1MjwvS5`$$dsy%CiPFI5}UOy@}ff2rad!&gwc zCOor{#k1hEhBGF^kZ^OE%QT({q!c3v0#kkT zj#8X?(>gLO+GKdjGbKV1q;9h6xA$d0R~&!t>WMPUuvq>KIGmKj9&Y0$mmU!|aHn^5 z6LyDv3~n_?+NNkyf(Ge%MAGHSg7jZ~6iiB+iVce|(50w!%(@hOFdS+q^d|1!60?&^ zH3T;l=$c^V5rRlweQf{t0YddW+>Tk}mZzDEP7NW`Usy5Q9}S1NO1;%kOnz0TB{&=P z@32gK*t46#61Q7uockh`1ofF<#-T0qqTAfICyGh=20^-Qij!72VvQ4=`mo=$`#NrS zFg-;p+NyC|%pwb-ZlwV8Lp^QURV1wfK6U{_eOp0MuL~ZMDO%=`DH=-;F}$LxpG;$t zj6-}v@-@6>NSfc5O9rZAF^3$l)(h=M3FB;r;+O45)1g}L+bCScmGfm%fv|vYWE}&` zI=MIiep;3XQ7`_7jCR_%I~rCQjPu_Xosk0z|7n^=bOGvQ4d}78H>k?9mx%x#BU&k; z`Dx$sKw+4DK7QN-;1@%w0CEG`lfYaFf=?Uzs>fbWrV`;IQxJ?QOVx1 zcWBxxiJ?Uq<@7-4CS&S^#ARP-#9Vk^NIq>gfU=?BK$J#U8JQgj%K+S{o!x`~zoOPw z-T|hmP(Fbcpmh<#G{IouY9tf|H42Y%4)ByIYig-)c$g4jgUw>fy_!Yg2-38> zmepxV*FIS)R4cXdCgF=VE_hOu&ZCs!%6)K@kuFnED~+GQDvqUvFxj1^swC`f?$03k zAC76eyvnxWdzt? zfwsa9`p+qNu$WbW=B13fwaB;cP$4f7yK_MU_Tw&$eee)F$*QPYdC=2D1VNP|00KDj zLTiS|#Yrda2ojb73?m1(z|-L!I8%$RPb@X$!vk{bhmOc(0@d%Cd`b$yClhU_00!li_4rmhu{G8%P#aHz^Y1oX~T9aD%ZE%C%avggh4g#za_ zdnG@9P(FofPEyzFF08=|8cJK+Ql;fzS5On)I?+wbj2*!c23p&FUk$Xfw=SuwpOFh( z^gA|KD>|adB3~03zR*IZyAb;-0NN(d@;XNYpMkAF=1f;lrXGhevP#9 z^@M4=ukrP@PAZ@QDb8aR2WcU6S30dUrL#B|SM80ZEf!p}yEngaB@q6mXAp&pSTmwK zT?|n1D4kl2D^WZ?<{C;BHV&#fEF=ImK|xVb<>RxzihC{G`~^(VJIg3|nYCJXzb?te zjS*mwLmKHVFzH)tVus(e;XL#<;ENB8aZPB!5CnvJm82jmBMELWQ9 zC%<2+b8dO`9yI&BZ=v=<{qttY)(`;0!>on#+Q^I?X8d`-QuBj4nn_;hq-F^s75QB5 zpJikk2e-~#dK0Q!MG1f8i@6Y5G%P#(Fs50GJyiP<|H&tFK<92tN4eL4)%4zG`;V%AGD6CMlPW+w{)WG*JluyQvR8naGl({f|g@!sB35 zePq|ryuDt{4yEU!zlF!cOPXZ{L-TBVW_^C5z6XM^QJ%1(CC&QqS$&?m4m2p; z33a^>ztSoce-d|Dh`h||`${FETNP1(qr^8g1dsRPR}y6MVDGW=;ZM4m#~Xqk)NA4* zCjGBt0lXR9Pkp!GTj0!^rjl^8DfT7?VTWd24I$yxxfXE>b-KWut z;fi=GcSb;E@0TOHjXrvmp)Y!4Xf$1WpD&86a5l%Pv?3+D4u%Eh$kNFHweWP2Njm(J zK`)Z4J+&riOeacaqCH^jyl%Ri!MuyfUhA9%oKY| z#x8SknlxC4l=3Y*0x!=MlFo?^91A2j# zYU)>Yr;IlP-<3GP;+xlDXE2Ib;xgm;uo#gj`i6JF&(j)U`P-662#$$DPR0*bR}J&%eWjYzOmg9Y+aC&YIG?4^3uJ+oq>A} zn2G@_ZHC9W+951)xyo#90epR+kyAs^+z!6lmO?^dcehTQlL!I!ad`1}<)SaX*Pw#$ z${3`O_XF_G?`BH9|AvpYZUm=V7a%#%(XG=zGq&BDCAEU2xA79z(T#A>Y|Kk&|8!O+ z6Q8yqvc1)sMZgA3QTzc*0?!4L`R2Nr)Me#5Yn=q8dgIyqf-10#jZr~Z z84=2~ofjy^Pd4?KH<4VpfzeRlX~$8B4jyVN<{TUU+TC_E^ThE#h*; zm3^z>77=Xi2U*yrR2KR3%LuVdAeE{^O4-*v%aE%a)H%R|Pu&%2$+q8%wJR(R;-MdN zpX@6rEnq`J!$$GieF(`q7xpJ2{~7naROdZfnH2a8?&cb`%2J532zK5reB8V zFUP9eb6oo+3S9o8Gp!-I_FFT7+>cSlmOs`vF5EKtk|5pMm#XU+&jeAZHd=+YH9ZZnyDE zx%Qw4k1UCdchEBSgq>Xc)*>2jk?`_kQ>M@(3ppjuFt7PRC?cHtDw(?bJSe zOD1RcB6ENY^^RNz20=Max%e7eNWw1Ksii~lhXM>|LuP*81I2UbSc?=-FvD-?3MWcm zDD_}?kJRIgEPlkcM!YH}JYN*n#6C^(+FCC&n!)6L-NSCrUK?|)Gi*Gn0^}i8JpYV+ zGXnz+w#hhK_aMp8Kl6^0NA= z(r}662t>3;7Bljs8jmMsSbF7m?E_ohx`!^2km##;1)>A9 zwA~qC5gk;Fop0DK-3ddqA<3W!1|jVSdsWN#5=wn?hdqg}gQ64EBN4|$&F@BAO22+* z#i#4pMV+mUZyHmM4WpfCYv$P^%!Ob8ulK41jAT4GYb$gn`d{C#VqI@v6|LTWY1$#Y z{EhhmVtM*nNw*q;R9?!)`I+R7KUpZ(G-5q?pvAKz;RzyoNR)L&U7T{5CV87pK+&(` zG>MImkpt(5i>fU?b`>2`&mzEQ!j_1QxpvfGvW>E!JOpV+KXVocJy=14wz2By)EVZf_Y#1ww(x9_YOCKlACq+2wD5Iz-ik*x1Z|BWE z?|pa2_v(Ul@HM}>gES#ifqx;q%>ES-%(P%z;*a|gk|Cpo(kgPtCY{-V2`}pmy&2-C z%u*yu=28REGMq3fJ%+Dn2bp`8m+_*VeUvQk8WGocs)xjoORE=F!({W2xCeg{#(wL=}Ej2SqJ%6GA9=amY>^ zElC7a`erZAGx=W@H0o#LumubRMMlnMe-_){-RdP2mCoVHmYay>Nfwd?$pd4bt#Ey+ z)11N3+7&JsJl-i<~Jlx@%=&uyjja-r0tHIv<;$>+t`?yT> z_WECw?G5UX*k3ZLyOc{(oinPMM~3Vi>KVne+68goj0(t&fi%U+bwF=dEpDsI8l}aa zeQ(BDBKMCnqbo8lmO|;piikiFE@U_yF3^;czbQwhzbh3^&uk(jk70ax>>8zf&?^bT z%?WY;k@YTICF8Uny?$Q51GlzlZQR*G2D zz1y6z4)+YM_RrLdYmXs_Ng(q3icD3_{be6nDsAy~aa_B|UyTT7B*Brg$Pu2V#nI2akgbCqg+-G&!1v^A^xw?+eOf3Tq_Zm1|3SLoSi(Q8iWm$4&d>OZALe= znevobJQ~RIH(~j+iSFtQl+`XX?T_e|?D&_&W4~Th3F&X6o^Rn}elnxWPyTSf>x;OLyh-u)Z6L2#w* zYkZ6kBeP^zY}Ls;14M9}jZAUo#C06M!HcQfOdZ!MjP#@P6Ct6^sL6=$DN+2ZtHP8i z3NAtLtM3K=OO_(|Vw;mK{@{z}4G5xSs|bbq-O%y?%F9hh+SbQN#nTz;KEA+#ZOv8i zHH{o=(CaJcI%0fz0BN5$I7sYh0pKQ*xWhtQ<+&ttB=lTF%phJGr_RMMnPq>)-lH$P z*Le(6hWt&xCv4DLx_vHgu^v@Lah~`S2E)JX-)%fr?|Q;aSfE~c)nk3dM1_c|pb-P( zXe2pzjnMtI9Gu0xWnxtEPGnbXHG(MEVVg#g^sjO<{IfAqGB4$=b-y$Pq( z_YC-r6P(gBl&*FvD?9MS?tskQK9tO;Lfji-{opM{zv&(j8N@w2R*TY7l{{{|LThpA zsEaEY!1AQ9_<_p(R_|7`T32lIxaPFP=wo2-r145dv7T>8^u#eJkVPc2NUTh*cg1)` zzESUI7>Aqf#kkRed4thPM!%j<^2lDzDQUue{Rgz%?u-x}XWiswpn22shd*&`z_pt# z+L+^iY(5J9s4oPA{u{HQtuYxup}*DhUE-d9wMm+(tD8|AS7l@Nrm*runYwIT<%jnY z9~^tfKYnm$JpHOlnVY4p+oD(efmxDBJ46oV9($;xN`L#|m{gB1WC$=@-l^Vw_@Jf3 zwE)c6b#(;-1&iIk?{8ak60spGt?Z0EyrG6h`RGDyR%-()^=4%iW8E;D%;`d4o2_hL zD4#TEW1VBeJ}Gk-Fe$i4*f-!j|2DzGUd#uz74QxWir3=L0v>LpIRXq*V%%@#@+P`* zb8>IS>=03|gZ(*lt+aCIf{1Q-fTMyHVm4K+a;K}W-@N^kEyPWpV663J&G`3JJhuO#`;&aqG))refC{rrk_mvwxIwg)>$BK`Fm>fzDX=e zdkm9dr)KX8aEa6Pgx>BilGduND_m|J#pb$(2f-cM~`xQKPEYgTy zIEL7}cR2!ETX${B;1|^7*UJx?ZhwgA`0*m2vH#Hz&1Bd7b+CSW&_$Cfbf#_if@Hto zt>>M>ql`hJH5SEzl&+}2x8-$k7qWlEVDk3ssntVKoWFLGQ9}>@u-$-;0QsKB=j6_W z?~(dLLXZ|Y!29v0;Ry%RbeUuJ;sveW86l#XwJRGbJ?TbWmX0F@Ph{63B-!THTVd!? zzgqCMBNMpwmoADqI#oU_VjT91B0;miE--w~+mvD>dG?yulfJC37Y3YwymW#ukQ!lwgHr_ z(cuG1d&iaXgpF(!E`c$rx3=7&LzcoFIuZ%RgdEaNY{Bvo=n@5R!t-R59rVI7n=E(I zM{;iAfuF{KNOY|b((r!B`enX?R1tkT{Z;Y2Y#m@w9hqk;Ez_d2IA>Atk~E>| z#)z2^$B)Z({2WhN5G(xkjw_Zfit#1-F!u8W6m8P^Q&74(jOgU~v}X2sx>S*6y}pOk z^HoVAj(VD6OPaPJw@E=Br1RzzaPTXToLhFX5uJsKr(!=kb&6V)wB?-!n#!k*dae0U zrJ}r@yDOYVO}Sjo;l9KNg#3QB1FD;!bqht$?u*&_=r(U)AV!O>=#4gGXg=f}TkCcY z`Gr3Z;Wmc4KY54JQHk=t<&&Ub#egk}bhx%+XLx+0A>)7+=*ye(#0!nSP>wNyP6{C)VJT|ZL^bld|C zLZj{t(e3dsH={C`{}AO!@gzs!FJZY|Ti?JvCzjQ!NDH9#71RpA5*&42U72?AO)sSi z6cFp_>M%V*rfPP1Z7RtkhiLjhQ(bj^Jzws9?pQ3dnjLf_yZC_p@F#`ba;{nYBKzeV zaS&x>JU8j4b4clFQf7r{)N>cAwGP-_Jr1Ug_nf=j`T!=zmq5+2Hm#H=c{$AQgvs1s zzMrL+jW{G2ms-C2^LmXGNT^+e(S-#ayR=28+&X&-E7YIKhZ}T~GNfP~>=G(uomvtJ z*WdB)f!bLwiEZrP7 z+{hx`J68v`ridTl`3j(QaifU-Rsy~Csl}$6-qnwLcQ%ISe#H{SO;m?ncW(f*yJA7r zn988tJk`gfe39}%%+RDIQ3x@mzz#dFXBjf^wMF-T%;@KfvRf~HJ=Re^Au7DAyE)7< zQ4FsdyJzq@33JG6p5ywP{#&zEzKO6voj?fFktrO}=cYGSD4De;Hz;aOD`=6?VNqdv zD3$1MR(iUA^0TxL(6knijpWLX$}%L|>agbjcu@Mb3f1*Z5oZL6Fa4aR3~Ahn3&k_^ z@>zrHjq5-1FjT84o4`98wM{#;;JOgPoO+qBAo;g-1Zm3>CWY`L8+L2|;#h-yV9J<@ z=A80^wQlUR`SO5?lYDsmd!%ttI1K~-zzf#i;1t?A=FXIabfL}RJYE|L{e#qV<<1wl zzfT4evPbaNqr99nnNyGwN0LGYbURg{?@)|;i!bfO-BXJaZ}28T+QOUCIy;H2KAG;M z5xNi~90$d413`uf&A;)2;{x?{n;1o3XOIuYl(O8HC~_<%YHV;i7K#;5<*u?l8VBBJ1=1)E`&qKS5VV&EdY!SjlEgKsLZNTy&q-DA zNYF$rA__Q+UkCS^_-Klb^9@0VA)@7?`d!b~a7#~$U#@OnVeo3#&KYBW)lZ7YaXm}6 zsv~p%@iXfvc($kT?^3I_VM=Xx&ET9TL=vi4Ir{s!;&01!g4=oP-*IwT<2_tP#}$my za>b_(uK{4Pnz*#|`?h0YgQReR4#goE_1fs{`S1E4IU}v<4LjOCK_NhPrKI%y_VGQP z$kT6~(l2Ijv>k4Moiek(jM?2GgOg`J{f2DnKEoQDHq>7$@dZ7>sjj@XU7AFeMbiX!`-;?U-}$uvkvEAnyuVi*b#knDpyFIh{dV(tQ?pgN z`8oDgNd12GoAa4+kARUxNKnzK_efd|0*eCfr;H_=D}v!2myHfG^R_3rCHBv{FTYGM zJEVESnqaaPkVPxpmD?{+n0crI=0am>T?XBW;1FhQ|7oT%J9OZmuGfg@WOA+bwP;9m z)jGwlhUK#FdB6n|wIPp~^f6wac}o~Fd=F)bbxIieGQMcT0*4yUVc{9YVITF=Hg77l zzzzCoN^MG-y#p{sTdKerWQTH!6Io*HI))?ph9ztVHASrmX2reSYGRc-hP6qpp~Is$ zHNU>ar9Qj~gv5$xm)bHpm?<(ZFw25S>KHPD4`rt%KIY{*djhd6TQCsajyc84LH%wCOt9#o5-X=+*KU9{p#-{b#QC*D3ko~^5J_; zt9g*F@@;im3nY;9>VWy1v07nfLP)dZ6JlzBosB&tl*1u6?ksCw z)(`s!L~45;WxSWj!JSj3f*;F@G{IV3mh*UhFY081soi1`Q{ictNo;xN{C}mxGz|Qm z=y6d@|JF)uhW^N=W5$r9C%z-sq?^)NQ?$;ja7UJT|Jc>v*Jj3VTio($6SC7TsHXF& zl#qlf6+1hx347YZK>0BqcDAi7gNB;?RW8`Fy@C8jXd)s;n`J_v3qk2#oShxv@jX_u zsadACEe(CP(UigyDM?Yfo%xp&@_6|O#=t=)<5CqrD*b55UaXW?hTImlXmlkA&){+R zS5jvlY1(P|Cg>{c(_6B2Tz3j~HoVK4$}J`WY7Z;Mtms#?`FQQTYH{*rUKQrH_}EXw^xBPE^w zxtpbJ05Y9fkO%bev zkFpfPeRphTE2yBH!K7`fJyftqA2_8`w8Fm7(L0(tcvy=in3XsW9>=-=j?7v%nMBYc(JTA zn-iaL>Hfv#xjxCzZ}3=6$7aax5WeAs?Szr+g- znAg3uz8|KmO(~nWOg4g}c?cwuUA`I8yd{-~ zGdSX}q&VD_LPV$hN9%e&Idm9?*lNs&r#TG!V{_M5&X;h8#|lyDD8^aAz&ZAuSw||} zMY+gspjToBR%P+U%bV4a>4BcHWNCzF-;L>uqk5<_~OrWS7y7(G==o z*9j%(Tp}ux>sgSNepxgonJ~n-9_KB;(C<>2-g?YSGzb6evO-L}n+q~JETu1tviz{@ zX73dRsQ(Zs2j3m-XQc!j2P0Q$L{y@sJ0+1K-#aCVtC3lV2}r%61&nWzr+2Dla+!ou zyNi9lA~KRowR!l;!13)B8tV1vHk&YdJY>U_RAFW(UO)lN=lS(2T5g7bnv)X60$ZK) z!Vx3+eL~Kqs@4?UdC0(ffedcV@t|HhF=BHqgpmXxPUGiptx*lZz!Ps+1RCX$I99J`JWge+!%=B+Wvo7ER2<{3mM8JZ#}od8ff%qke1O zx!yl-T?fh<%TO1$UtHibb4RcGCO?o@vL!X?2|kT8ZLm-n)xC6FHt+P4 z6hW&ZX?Q0A-oBwrX3Pn?Z0yk3tcpv=q<95IqJtEL+CgKj#Kkv1IeZ|PjuXM)U3v(J z$)I}+4bNOc!^ZcqN!mo7<$iewHyk`<9h3bbX~ai2yiic>n3!+Thf3SdED+867nH4U+ zz$@=ijCWMXUX4iUP>|gqsrv_uVBWY7?*bldQi&RZbs1l8DSlEGoX~F6yxrq?$sb@} zP=Ge^HbvIMS6baeFiZb3qxkq&x3oKEsAG)UMVS7javNqy?*PlatwEId<`K~^?iwlT z%WKRYEuFq4dxN6n<^QQVC;By8Ek*7A6EhU1SM+A6Lnh0L=n)uyFN=s{tRVZLa5yn%f0E8I7wA zYa+1~GoB%G2i|9cF^~NqBR0hk(p*d@G6kWHGp)vm%If#d#W(U-9|jIFk44fIvuqy8 z8XC*_3N3SRj0Ls=*V{7h>cQi+B>r)Y`CU-LICw3*`@h(L$D^%m)(8;V_ofH`AM(DD z99OT_6MXM)%=SK?UIr(7)<|JB_P2K)3~iz-Ba-xZ^{n>7(Ixq>$a@cpC5%#;tS&Kh zj-mw;R6iUL8sADVd|sr6eRTIPR;?oS=jcx|cXTl&3sy&lZi)qtygi84(6G)gKr>k> zndPISJ!|iEP0Xm*cqF66L2)bI^Ftd|L0Xmk&X>d;v!C}E5aF#u<3Yni>%ei#r^751 zcl%MJGy}hhQrUR&%A#}~WG0{fWJ50e_mI|j-cd^8q0f0qmSvcHQI5q@pyA=HQsXvB z#+)3cC}KD3VViBRj1M9l@1uhF9g_+%_ZG8n_S~`Z60z@-zB2>OYs4^eiYjWGzB)7+|VEWYL}?IWIkK}&d)NfLskp@oj+Q;1S}~5 z&n35z=%o`l;LXu#79^T!{&}SN#HV+lZlmP;&qtz@M>eow9Wqtu?`Wf3q}9H?CAUv8 zED)qA*WbjM+o(^d`6qW>zy9Mye|yrls-I;$Y~4Qidg-F!G>{S?X53}_b|)>@ZPePf zhjMs0J340+6JRzjW&Tj0)vqb~D)l$)mG@wLbdE%o^CAD=n`X{1%so8vi(P zrk5poI~qD5NA&}ZHA2_}TlkX-+kQE`yU!^O2?n7sbI-cc>5fc}e7jM9&GekehOLBE z*rXNqEx0T4c#99BR*Jv{b7oslO{tQ3S2J!$-gd|N?H0jm>hoH>y2O$LY%m50*ED)? znVlJ~YXedyoxVg>-EabVYfK%DfP;EyE#ch;(a#A6<%cGg^t!ze-eH-`6bNd;jSd6cA z)h!8%(%BxE6oXreP64*nm&{I2xlBz6cm zOa|MSJgc(V6|FJ%L7NON61Vl3OP`cfSnM{mcf}qPJ!O!ZXXfos5`#b~n0MlD&<(!_ z@3poRjVgQiqupQ^i+1AAa+TXKWsDdsN=)imzbb`S7JPq^n!X>PKa&t7xjL@= zQDxrFOotxQPmh!Xh7q>;?NQ5OO-O1a99;40l)K)scFZmAg5!V8zW3#gATH9kMY4aa zp$FKRrAtq{=a}Uw;E%7Urvk4O9j&&WSp5jiOJVLXM| z#%JH>%Myr0a`p_|2@ijSQ0tDRtV^9EEEs~0VfA@y-??z%Vl3~FHjn5YX{nO^N8XA} zqoGy=4bqe<+GsLaOeM2fi0&@O#Y9?t%v54XUeJAaDCH?WO|mt%eT7HPSP=gWEKG#N z6QA6sdtEKIIog^$MwvR;N#~q6U^q=V?u4p&PmCYP_Z7NYW@r zC=$?G*-+@jm+9Hqhov)G2UBqxl3A3Iv@*Uxh4O08*vp0E)NH-Oj)ye3zA z1ug6Qgq)kUO?v9pZEj4X>dGFntU%yr^rY^BdcT#C$DZAm?)k`(K#B zu0O`=$vfe{<&p{Oj)&Q;KF_cWoSq_ilXuTfPO(b>my@oi>-DZb;`}lXw)6IsR=#&^ z=bgVV1{}`*-!-Fb*$2L^mL*b>GfR`QMrGKE`9yD@~ zPd7DHm*UJF8tKOxidt4rO}l;i3)3L}OaZ-K__NghlM%2TI`Bw@DD!9fiG=%Es&?{$ z2+nw*zjq3jh%NRNb?#H;?#K^*1c{nOkXiIDdBCFYUE!<7@Yvz-Qgh ze0~aHmNgJ!1fRU6GmigLM^LZ&dHa~QL}*t`GA-I#zK4jS>3cj$StV!q=7C<(V$^$-to^<}eFv+Gf~1AB+cv>~vtrCYf>xf|C@%1!I@v zv&?D)G1~pFX5#^Pd%(4Io5701%w*hwz-Wz#uG-wp8@tEtMf9W^?IczK?l)WJ6T%;^)G=afqu`SbwAOlPV?X}1pCT>h5IV{C!ac$kZIC~ z)IyR!d#MUve@gd|!ydQZ^gupzK&(p?d`Ys`&+`a-KWd;8JQA^IaZz09hY}-$#6otd z-~3e%ML_~V;7KyE-R;Z2ry8azRMJ?)8+9efhf=oEPAb8e)fAl6hvCbDis=_&hb&8K zUN@09vlEO`WTeSgpg93<#+Ju#84=2YDKT^wuFp*>iz@rvQSn{;RkpB|IU!t=caJD0 z56tYr2&5~0@!u#5M%l85sLlhCNU9t+H(^KQva_v@Y&5)!FALzGC`BdAEx#zF8v#dk zJyDe^_#_bPE2TaAX0*E$s0srbCg^gpt}JCRRAz`Cp51_M&#cnNh}OWtwYa77grvP7!qSgz(huz&K`y64j9Qoi^4LS zR%>Z)3|UzA{VY==GszmyQL}NgKZ6`o?ZurlxSUMFR^ukP_L|>acgD=C3QQ|d(Vma2 za+>@^Uf+3w82VcD+r;iyfGu`LKe=O<|2QLkmabBlm$!^(S<|dO=z?UCFj-8K1}uB@ z5|iA}(G=OtF1h%niVVtev+cdJL_M^yNNbw(;(&Ekawd?qtEx+KQ+T7ywtktE6#UVS z*Q1HS28=YsDZi&0n9GfYk}FWBU7n^AN_2D?CM5fvid!S>n`W=H_sQiixf<2d9oe(M zfvmx&4KTO>gzJlSFjSP|iYb+#a{LVKSvXOgClOAon*CzseG1O9d&3`)Hr^rY3bi2Q zQFZfMm*to9nMp!Q7(U7VNHi$jL*q;TSkrfDHL8+EOOuLv_+`ZVGt$EB>mf<=XXU(j zRGw*kaQ}%X%_8r~_bod97VdxHqj@157+o6_r(u~7c%0OlYdo0zcu>hQnO?95pPwoc zN?-YNS&ZkCTST~{>GiM|w(^6b_tHXa>1C*L@7Is&o28``XV0G<3qe3i<_H0Z>Gp8*+b;uPK=f(gz1%2{wb8 zn&7d@?~=wYYfcC=C1_P!FN~Ml;$jFW_JgZ&-?ulRGolFU#Qpnv7L4?woQp( zEI+Dcer#Xt-qKXLQp9rYwdo&-{jweL+X!!gfS?XV)bO;1Gf+n8$wP5WvdF?@{4t=n znXWHFaj^)LdW{Q#S=@f0cIK}z`bq$rdndBouR>7X@upZu8{b~<4})^L*7Xp%TDGKZ z$~8OBn1$xYCibZbWM)OA{k8Bhy3LMI1iGLmuLRt6%({OShi^JN{*25X=Psjy(^K-r z%|W5YqB*IIxW>IiQAN){5Y&=*!`Uk2=%BEfp{niqiZh+9x_ZEIc>htb(axw`6OTpf z)!7PWY$|(RGKjcM(lD1*D%6kj>cIPN6Z?9~CC(AiM=B2RN)+nE#`2S3RV1f$@6ZKN zSq88hbX?v|osqQr!a2+?IJJP7nrmHzt*ri>n)7|o-MOXhOufSvI&coIvu}y;w3zZ> zVlc{xK;+v}VmJTfl;+GkEBrZuTURwF+6d?--EXF16{8OTFRDklr?0!J#lLSv4XcS? zQ;gdNy>CLTwB;>4(iXa@64U5zFYD+7eFoF&ohNKSH(h@Kqw6blnzL_RwfGHCRGO$J zV!R0$2=L?{S6xYqAbgOG`}X=ah#qpKy_fc&Aem0T|FpvC$2qU}>3)-cx)#p!F)D3+ z*Q%%kOVDK50O~m9k?nw5L?MPBuV7J9LH+1v8I#fc(2L__H;Z$`UBvs7gsEZGb{1k< zsD2fIa`p>}L_niv4gBOYRyns;+ze|(S=;c7pDq7Fu)85m=F_acyQVbbA|^Dwrc9HA zlxeox@_X@Yaz3FEaq5?<-C9QAwL$$jZrubvEMSx|8+D}!o+<{T+KhbfrHK^!Q zC0a;x{4ZLXRvtT}8dZF8%JTNC;~b<)_;at$<63Jr20Vr4-lWplaEpVODyA~h602Tq zZ>#)GfgbYy{JcF`r9?Z#_s?L2mCsJa_|edrXU`8e@5uZqRrd+aMfGnP*#1!;^P>X3 zz5Qc_*qYuv9nLHzo8AL-%iV11$7dn9^HucSGBiqO5$*IJie5au+SHFawgm!^$lTv^ zx7r~Vaq#SzUtI60zIy_qIHK6BF$N0(c|eOo@&r#mp-nhDZ8OXZL>>615fEn$Suw^= z>E3H~XI}b$X|+g&)F5c-F^2M=mA|gCUs+QU;-Y{VlO8M6%Muv~9wrbRn4xi^y&KVv z6n)>K{7%pEh5ygF(C}_YzQr)YvUcPk)b;tV9{czKLlb0Q*b;xLTw0|(uRx5BfG~5l zWWVo}^NMqGUh>9+8jHQIjYWGhTfgmWEoZ7Tiw_-0ehz|;P|C~?e3ET7yNtq%|85B_ z>yFeiD$xc#y^~X1L(0##AZ;m>H5IEHm?78{WTVmON*ur^q&Xms;nz}XH)>scYhST( zX=9wBwJb#JQRWf;)7c|$@cZq8pMyZQ;MSq7nO zTUtLbe&I!(=E`3DA{D)AL|4N2_HNYw3nu=hg{|CD_E-aEOXNt6^$)t$C5^kQ%*0g~ z{t}x8Pe?z10=JEio0!9z5f+l`df+oO88v6g!S%qeA6ke}OuBv+5;?Q^4}1?S1QWHm z&-G!N7r88`Z;->7gN+*&BLD^pRkKsn>)uI2T%)E&{>}3mG)|R@78)xzF?Z?Y)2~e% zA6aDm_O-Im;?5V=f)3Z#vOjOGxxB)o!fj6_z-YF|u- z;4of9Yk!gTBfNnv>$3B$m$B3*DLfvu9vu4nXXP;T7tYjApB<)$`3nQbZS^JJ*qnPO-7MwXj2FXVHu{wkSXLT)w%!($uQfgw{r`A-3!q4wCQNW} zhrwZRrw4bJ!QFju9o(UDcXxLm+;yOF*TDyO26u<+@B8oeb|W@6_IB?sqC4K~%FHL< zhVH8BswcBvaWt%Yv$u_$ziU~RzMdC=^+IE*9LB97Fq&2CeTd?mVG!;;Auw1X`2_26xl=S-;tuzK(xySD$>p&Pc)@FH^WKA^{bVsbAmiZ)Yl z=-LI3pQCa|mtAWSsC)jq(2@fyIY-OCsA+gn5%Z3e5c9TxpmVX|b;pDMsAxaGUC(?Y zuH&0^Y~9HIkFsFFhVRi>0`ElpLAS(;9LyONl!=?xCVyZcN6Trirg2I%=qoG z#TBxz2^#m~E3}B+ekMkN>@z@$48`^!3b#49}Sw(}+ht{zAv5MLCLEOX^By5OPTceC&Q%2NmapF-ak!M`G6O#3YvTUDTQ?*M4WeyZm~YY zguq@H4GGwBL#Kma<`Y(e?sY9i*DMA)e~ombtgM0nE3yi8SfC9FZz39+t%)Y3j!)fm z1g_Kxj;`|Lxi|R4uz-mCVp*mo$On)9gUKsL-3Hp;d0&QbWF)!{EhUvZQjbJ+`*u9_ z3XQI0H1_vkvk`kM@A+O08 z{i}|laK&q)xQ9LOOc}~2s^@Z`W2*o5f=vQ@{=zT?ib?MOxA6pcDf0!a+_bSoUPb4F z;&OU3nu%Q|X!Gf3hWoV_rWOTWZF{>ur?i+|!>TuUe%R`4?A$AcZr@XD{56kN-?`_4 zIni4X{zg@nIayr_e+IsumXx~Fr)8reGT;+i_>CTyk`8#uqdv+iaAbj>e`Mv+mi3)} zuIO8N4m*unsvfDR4!kF-P9A8e`k#ZZ5=K!o`c54$H(d)@`8|700H;v|5*|hl0Ympu zgcBECtH@;orw#(!|Fl$?dsQ40jZ>8c1y&wIxus=0coL>%lHaFgTmAE7ZOtTiNz1PL zNGPempH^bx0R-4_z#K90Y`gF>a)_TY@hsRd{Ret*#g+qc0gT1CxrbiIb0%hnU$ZR)3AUsMy-ze7&x$0$esWO+ueWPmWxkAWcb7(s-) zak7#lmaxC7^Wvc9s%+^pRyPSIw~_^c(LA)8skZhP(w(%y*S!V2Z7SvO8f@D%C zraSn=N;=5wT{f0s!GHP|TX1*my>mn+U`|5YS@zHBCi)AiiPUaK72q4fi};;WDRfCW zz({q(<l~qL; z7Lz|axRnO$O#Z6-l*B=`rsuti%1=L@fpI^Qbi74muPTyLRtprZS6krCuGIoaKFA-^ zZD3ttFYziKI{1%2MbZUd^H%vlaM{0AGT?7I46HmwTGI`2y+$rXwgZX{C9-pBwXA!C z4hq-?tk}#(1YEj}&m{NT{i|!+T28$OWsJOB21da!#XtDG`_T=iGRZ4peXw(9PdiR6@cW1LE@jG>)XKhXdMs^> zy9&-lZyuF-D4d*J`}Vcu5=kFJGq3(H(^jgqI}1=XT?l(nhB`>GKe1U_MJZe@zjLT) zF5szRt{*dB0@mmvgY>n_=M9 z(xdTGS*_mM{G~;sf6;1L2jzREku`^Hb!qiNQ*&mE#_vU|6&;4}m1fq>Hr1&W3k=s& z2IDDbwF~d7XSJmoR2e$!=$L)4w6RXHt!}7RuW$a^qA|Gmb6E%b zd!?1Nx^4B(>XiL^%qW<^9+SEUl`}bDuzjW;W{}qKyN@dE=kmL#x(kM_v z9oAPN2R@wQMJYZd$9ubEY(xI0g(gBumjgy`BcO)lQ}LT~J*0Gmwo>$N-U^P!3(~ znQ0ATR6v_m0W24u;xg?r2hqaM8&ad!YKKbjpJzTf%|K5Spp*JSNM;-;!8<(o83S#@ z0PK*Wrz%c0XOO7QKcGQ`9ND5|pGumip$?2fPr?bkek1b_a!?!m2vvo0RgSkTz={Y^ z$bC!_nR@WbkX(O-P~9nn0snx@H#=;-4{^+bqK@m@Vv6bOl7)_5w23b5XW71Q`Hw{h-h?P>=NzaM5bq7=U>e1184R@{E@RN<@%^-zM{WV6DWMsF4OsM z=2gCM@3nUB$eJVz?JQ72^6>4D{eYWdid$hpyNRQSZJ^M{pE7ZqAfX?R1u|^2@EwpT z$sC>^ct9Q^-yEV~vQ44EaGHJG!Ia?x(i!-6YAO3qnfVTw!r_$S$O_{bo-n~K_!OOq z=<2e-iCB+EiIPt*HUU98Ro4;e0yk^1wKJ@lu{ryFFoc(l2$qh2sd&~AYj(8c6a7y3}aglT9@Ndq_ z6o`F@6%Z32DcOfJ5y@ZV?Pzp0cdCRQenwu^T$y6IWeor5>|xp57&ob_%FxZz^nN>V za1p_mif9|(8DK2-!pls+gh;A>jVA~~b-2KQD8eN&!!+~3bBIq1#-*&hWUgO3ZYZS< zq1@y81#u#vgbV)}JfRxfD2c@#cQnQcJ67s2JcVQDKLxvDzP-Z^YqbN8AbS9`TJMla zotBv9B{r}SY*2D$t)YU>gbto1{d3VJWGYC{Gxjp6KR)nt4ro(u9{CNE0VAQwI2avy z+5|$^$Vu>@$xIWOiOsJIMdPV*T_38xg!!YkC34tAJ0f+1F}s+VT~Y5B9=&u-b?5wcQ=GM z>A^k(F^Fku4?QK0KRQjs`*Hlk?`x;>? zGelDVVZ3sZEO@oEYmj^pS~*`+P9}~W^)im?Jb8>o_6|!8e$EA$x^CejwE~;rpe_7@9 zLMz6ZUGYm9f6tp`cF3uwS^i~}*GsJ!XLZ#sWgMS3%jhT`SEJS&d|y4S?SHrWnw(gn z>_mSGTxO}?-!Wa`))rJqO-S0`Gu7tN)>lZ)NZLOzUE$I8RY)yJ+CMVY=GD$sNUccP z|2x0t(%Re*okMRyGrl@{?ba}nL+?&AzA<|3-hiANnk3Sqkvg1Yc5T|uug$5LI-O*8 zYsw>_t)ZB@^xLU#Rz`CCY{ki|Wi6MX)#ASuM{Q`Da^~HP|BTxHw~GJ1`Tt%k?)cfD zlUMzkK7DK2H~?CMqV6B@ziR!D=x7zWq-s;0UAm)&{eOG>7qd*&Je%tOj@!Su|HbNm zV6foi)x4(9(5g9p_CGI{W$-Pm9Umz0xUaVVzchwv+u5i7$=bg+Z~yhbD7H_Q|A~1% zE3Z!Z6R-2XiguCur*r?_uKm|{yZ?8@#vX2{=tdAXW^`k(*8e=FkCq)t>YuRvd!zRM zFGMyT-mD@vUeC&+e`YlQgBW?Kf6DgnE!%x`?EW8$G{nO51|KK5R9L;bK0qhr3GuC2 zdYPvUtO?REMywIm&1Z@bUGqcL1QCVCi?=(e*;dbg9LD+8kVNxXq+bx=`O8txO` z`&TUWwhbw2k?PPQg$IMCpjM@HRuhu3hk#nz_Bxi;muYM)9QSeKs%~&QT=orG_m2SR z$d+kfmR%zmbZr6wZQqRp@g*MiQ2UY#YHNTxvIIcEa?BA#ZU+->T=|op{JD5j$!^Sqd#~E)ufVmv4Ce zc{ir}7!dtD8M{bCvGk>SVVYIdN{Fq$P2L0VlNSAX=f3eFyO|E{a7XJMa4AEELg6m) z7Q1Gs08nS{BAc~kwtr6$pKvv}<;+7C>pwwPosmXM8)^M@029&WB;O=da0+y~jBUeI z+DgD?O|?xpYgxpdSNZ;*lNw(d?#Y9{u@Ll9A|5W%i&K6D(~?KH9o{qhu=T2J z5ZoEx!|NRj%E1TDr5#1%214aF99hIJvNPPKiw%3y$z_>uXJH3lxK)Oanv3teiEsl{r? zV4-XVd#6g*AUea^%FnY2$*EERLbfvfgGHr1HnF|QW{N1~*LpysS=kXtzmu&ITxdp0 zw!lttyoz9Z;qBzHW+gfL!?Dws#^x*dKhfAoyI@WBw4(l1U2SHA#kK!wV6x*4GyfD4 zkttk2wsrlZ=^3G|JhYp(T^)D(D-3-VdshgTmR_>;&n<%D0f40A-vs;3h~?T}_0MZc zQg4J<_-Hj-Wlh!acqaWN(;Mlxl)S8I@Q)o{(bG~z zN2h7@arh=3J-c(qE*GV0T{$=o7}9Rm+n97zFJ(h14sB{1Fr1d5x4OGAyVQ@}Atp0V znE5VPYlxt4jD03VW!?i{<6sd~k90Eux_!IFUP}^X9ehIsYbOQ+xC`;T#Ir|DuOQ*s zMKePrsHrdor&;<$269U(2FfCh7(aMW|s4k;sM48F5DRtoZ_eO?t>E_*EUAu zOEUs+)i4lf>hi^jcn6F`RD_{NG2BS!_dEO0O4F{>j!gIvOxw+UFWK^=Rr==^7#mN~ zS~00f$yF=^^HN?#{xRx^J*y2X_At6Dq3~IB*^v9oa@zym{SED_$zH)ruh6>Uk|owU zY85T*6NQZ5Dfj0pvK6WL^>I%MMPVgZBE&xUB;G|4ID+piOTp_hGKe^iJsc1lqNrbT z`qXKp@fg;fY(cim25(+ZtMC!o{j(42DX01U7?DK!Abjr4 zF)sx$*w#yGYW}CU15?*d{D@_Hg?#5}aM%TK*ygN+@aahevXyL*a86c&f7WJpl{ptU zMh{Pbbrv{=aSzXm+?1{FpqFzZV}{@!{2LE#j<`eL$hR4Whg;WA?CO8j+kS54&RKH9uz{xGC8a3;`LO(HNlu^{| zO_c7V5lk&~;iL7BJ4q_fYomREWq}aVJ9}i$Jd+Av@9Em@`(7(Q$~{W~TQAoT`SQv7 zYax|zEJS_-!gufLqTu0E0pjFm)ZF~XXj+wmDO74XM^u)>k+*h0iL!CK%ayq6@+8(# zxj)SyW_}m6mMo#Owk~;%i;p&LnM(z_j0`aPTet&6ae{4|d%uj!j}baMtnI!0e0CrR zm)m*f3w=svk9513_&vn$6l1N0kdou6yK-LHCr<|Yl;tt@u3xmt zO2P*i|B%dXPkb1nS8ZfvdZTP0ui>uwend5b{rg3`Z(D=*F&uso+WqHXrf|+l9kv7Q zt;+5wd2Eb4dKR>v)2$LAey4YFxb<%S8n*kVqF9@yA^8Fa+|zO(2#Zu0yp`iB3eFHI zoZE7r=%%LP^(IXQpVvEJ;l;T{OFN&Hz>tQFKgp9)CbNJP;o0geL2N)rM(0VW z5ufSJy+2%7`}Ujc7=R$*GmD>Sh|Cl{9XOROqzP|j+?LvyXb=11m+sdHzTinuxPTZS z!cZm@ZTEv7eCblC@5$b$G07Sg6y1Ek)2Cm~}>`BT?M0 zI|3}Hwvl-E_iUykULgKH<7HWoD;06`_VBXHOmA%C$Q7pF}ZFCrFTpgBe_C|f?{dxC*@O)V?7GlOV zu|wI6s`08U9*XBhH+imvnWVnipu8+MKM*$35-mLshn#g^V9T>*m#ztUDahFDb11|m zYdK*bDy9r2_qtKnV#OS?03brL)5xbz&iO=U(zkuVezxVX_>}cqA`X-EhcFg8jXvkM zVCggcu6bW6EVwRUMSo5E0}S1dA(D@NT9_LE+&1e=AAw4N}w`gRFZ!dE|XG}XfBW&3^X2z8TV&@AgTc?DoL|zP&P-ui#B9X zdH@{C5=?mOk4odM0u$1_{slt!y4ul^NV-(hrJL&eD=ukm1E393u>S`C`FW9%EyIFK z{J?Guye`LOz&rubB2ll2n}?)Gs6i5B)OU)M-Wng>!|Z@C1y$;8Ki0Mk>!}J@b24rG_WJ@aJP2d-Y2N_`+MuJarr^3*$RaZj zE`nfwgp-d5$yM+#{}FczaiQ1jxh)dE!x2JEkj7-RTrKEmsi&8t;-Ok&@U zaXCb@F_XjZl${V8NXzYLueC`9<|>bIU1xC!czbOSmOcDN<_Y5bpig61*tV1-^6m@m8l@Y<_zKqHa+$(;rI@2 zN7Lw^_oVb?aw0b75}1udq+jnK4!tws6|2c|Bmc_zaz!l=aGahGo@CntrvU{HuS5R( z1Xu`HRSSg}5VCx!f@BOS7!b~y3=zszIXo=1w@^4w6cBnT4b1V^4=hFGA?8H-Lnq*j zqkFvA?W$zzdJ-};<&02PKp^jgEbU*TL!K3BukI7jMKF992^!yiuthjm?2m%fO#w=4 zRAfHAh?BVjn0^)s-4P5p>_SuxnW3YW&0#*LQrahC8blbxiQ(1-F)_z#`mV>T0b8rC z`t3~tLM$;N?Eq+&eW|{H!71Zl`}vHX!G2sGlAPV~;i`&C2kci@%avVQW>440;yMz(aX? z0e)2hLHq!)qZ2cWJBCCw{;+cGe23!)La3sMSc9|bYqX8CPgJw!+8ec7;MUSJoYOkf zV=@{IX?NV^s)h3WiTmOjD0nd3gvQwd`gXx3TH-}^xmKTCBgsFUl^7%J_-G#hW08Fd zY(dsV^U!G{$`0|#(f|Qi{o|YTwUTI-QeJJMrr_ZSXtZMVgz~==MNvUvJ;n-)EdWeR zUj8juyBq>%M6agCcvywr8mOsxO;Q{>Nh^{8v?9w3BUp572=t_cs(=ergW1u=#V=ul ze*NlvinJll2*5Qh{SCQx?rfpl^Uw9?WG~1r%3EwaFYZW~Lt?``pmroieGW>ij{dqN zgRUw^E0h8(`B8^aTPxK0a~7)3Q3tOwjHOv^s(Auhtghi}l$bq(+Fc7IF?}^WhS=3u zAGJ~mTfYHy69=Rc?C&C%0{$rVsHPwxrx|Bdh93vjrOR_#X2Z1(uFixV!06679ExXjny18_cz#{)ub8KRLd-6QYNbzJ^RV2-}?J5w!T_Jfa~>hpxj zpA$FAAC&<^xxcs^^CKa9kHv3_gZ5+C)Vo0ISk!f)e+#5`i`2b z>G|NhUstAa<1AhGHM^cH?DSTWKhtk6`%t9BZ`>^3^T)zwe;V57iCPf_9PeOJC%skD zgs^Ltit!%{W13R+dsliiI2RiH7y}O4O6w%aqjOm3xpbcfkgp~RV!{7hoa~K~EQq4y*GPXdl8L;y61cIivTQoCNRnKqmXE&WVo|&G4 zk7nQb;T{;q=59TPbePsS2uUCeVA2lrBCk51-+N4$s^!}T4`V23Xf6sTq+HWLZz8H> z&WFz8C&t5CO>>oY~D(D@w%@xZk%jcGB|w%&KY0yNE(pNh6>O=#5A2k1&;A?FM!Wv zFU8p@#NXPQ#AIrZUre{bf9(vCAMi|iRQk%vTC(ZgpOScIBO;2zurowwXK@_m?f)k_ z)&%Qn3%fOpg>q~q$!Fvi1Cgr11H?~uC|>q>Q4>UQ`O`w2eh6i@|2*@{e0Da= zo1H*4dyI;jprJm+a4`xv6($srEg3R7##)Pf&icl)e{cXfr%hZpBD`oBfAI{SL%Qg7 z-KDW8`;w$1+z~lz(4@18?(s9CFk6Od;l=-=ICpvf!i)7L&K2UmgV}nH*7lRtM_D}N zpR!je?!QcC)(^A#0<8>(=G^I@$~eW#Ja-uWK#6NY`+QX?6;$^qA2IptxQi|7jml+~ zqaP7|{Bw@@Wx&0`4I&KA3kJvQr$c&h-Z?4|)ZptZ!zFY}E8^_R7$uJmCmsL_8Zv{B zhDRk451ukpzIJ`4g_K(~Q+5*c!9wRv6A#!e42vS)`KybQMa~%YhTKj|KDB5D!Ly4- zBJMxhL4U5m1K}`H)6Ka zZd|!(uh}~?A{7%dMus;!YoA_inUQVn>Eghk@{%w{`WLt>q`@@2Z5M_EdDBAd@g{`@ z$6z%ILjecd#b!+ZtR5aU1@ex+Ii0rXm0qS)>{g6suH{Gna7Vx1wf6wJ_uCgS9jEbH zFUTy5xAi3y=7qvLrs2}dD6^>i#HBC6m&V8kUkIdkwjBaX7@8;{x#|a zPt`~ffV{mbr3sY8s5DwKY>5N?e_><+8u4Am*z__+-!L5R0!!HGq#%j)>yj;Dq(S3I zIA%0Bl(mna>CHTPRZ_7jArzUkT==!@&~LBSv_^IUnr1hN?T6B$Joagywb zEr<(?jK{oL5a=wMQd*MjF;=**-aXKG*PZ!mut1{)C7$Y;z!`g1>XcR0MW|%iH>@%2 z>G|~{A(r)9JOZi&|0hcLCm>S1-y2shp6)~VW>)UwbkBPj@s#D2a!>HA2EH%S1SA|t zmQ3(u%XhKQ@BQrK;`_mj(bt$%%;gWP4mKrAbmK87>eP1XLsf+kAC@Hsy({xcx+$jz zQCg@Kp`FOG2K$MqY54;A30FngHamP427B;EvcfI648eKRMlaWKpZT`QjP7&~h<=kR z|@7(>4$ajWl@*3K^xIBT0qzR_l#?ZQ861gyiJhSS>Fg^n1 zEE`}*c6-6uSgemzIVzVjX)u(+zxCLDvNDwbAT|kLvJ$@ z5L`Gyp+mlfz{PQ{b5)^g=4^A{|AFh}_hBfg(!}1YA+Y@m;obyu+Y9qPI^Kd@oH!5{ zEpyM|0hb985O6EkEfVC717L^V999j0&7#=s5Upyz!mF!Ky#1& z6#r~r_u1m}_6zALF<#RNH*L;7xiYyOJt8lGus!0+rs07IhyIq0(_1h=a#QV^hF{5z z1Wc<96umneMoqnLS}x3;p@`B})`lhpW5i4K^Z%TuNq|h-wuBr7=g?|sCyuvLhzq_S z;*Lo&6X`XQ_N+%SAJ2*T2V;3}UHnZX-|5hLwnHTOD~Ek?XCksB!)mHpN{{}GmAAo5 zTgs`{E0X%t`l=+y`)c89DafR%uD9A5nS3v=kBdsdGFQqFTx)^y>h2qNzSedTH@d+9 zwF{1*8G40FB8{;T{b*A>w^wKCBqtwiD67bVaW(wW*?|h z=pmn39guOFAcPYgyi?=NQ)kEoa=vT)1E-@F8lHxY4Tv3eX|GN)OXMqi9P;vZZ=hd2 z9vAoYW=;mHGlS&~lHk`<+BnQg_?(N5lX4z5x1(v^>S9h8r4V zp}ge68w81+Y$0ONDmbpZ)GQ(5Y397pEJb2>p*)qwn?vl2UQ4%k=(T?DFLv)h{(f&A zyLa#*5=pnE6M5kz2bjasZBkh;Jb*5o!!f8|2r;4fx7KjM04il9YKw~E&E9U7t*K{# z5wH+#0{~8pgj=_Vl+e2kE)NDpX!UIaRzohsRbZ(_9|boYZ~mqTqG`G0ji$vp*;i>} z8o;czF(tD(r?`U`=8>kCdzA~ErqsU&QapyHu!TToFAG78g_1=Xj$u6rC>y7J`m?4h zQ*HjI0L*UQfpOIO<>62|BJ$;tD;ilV9q=-T0vOU+O%|IQ740C&-Q#qavN2aA(H4SkQq_YFGM3U+7iekSj}F8GAG?v;3u!9}^Ik zsK+GK$Q454bZlpy<|}6o_d3DYKegvymbYTInn8GZ&DKfJmn2Y=mbW4^n^8S|DHppu zeadkjpa@x)l*qCer zG9}Y20vpp$4sZoB)fr6Ng4{aOX=_lec(&@&4l!q^|4IdU6o#j$WC# z;(mru?X0C>PW}*S5El$_d6Uh|0(2PDy?|7x=%v)X3CT`@@vg4}MtYa4_*@ir%K|F|=A;dg|?rY#RJ*{3c~ zKHuYLW_B#U)e}@=oTTXjc(c_Pz-Ygg#w+Cad+b%wG(fdg&Z8Kq3b#b37AAwEji|*d7C=38d!f_aF3eV~vc6K}*vZY#sjhiSTvpGT!LPIxRnP`0YK&`W{UvJjES;kK%Juk){+VU*Di ze|Y9Xd_S~a2lt5K+($|Sn=Vtlz= z-t6+UHop+ld+N^&RFJeIAXB$zo2zboNEo&q$v@7nV#ZhJ^{?!PU6<#dX~4|!SxsG} zGx@kP;1*uYPRgxvl?u2#rVQ_}B8}@Gh@#>+mv{33%{i9dg@WXs?doDW@esW{eQDgW zR8}zSOPR`tvNBonG{vQzjZu%JUUQBL7R0#ia3#~RH;+@oZ(Lj4*(-s-yAsz#geW6z z6{Ar&d|8+;U^`NisxGoDDswMr|rMD z{^EwmvsR_ zi9vALEK$82#c1YzO)%tH{CoLa-`h~`KftAcpJv#30p)3jZYD}!+`{1O+hJ?%Wk?TE z$cBp9uz2WP#(yM$iDwgU`m*c?RK1R_`K44Cxs!N!?iWXB{ME zEB>yZh;{KV)i&|a9;mKx8`}AEr~BK*L_Pqp$%5M~wnZMLx)wqJ{}6pZ9d~#A8kZj> zyR3xV10MfLawNYp8cn!_ToTHKM}OvT`+#EQ-TELqbvwVfWAY$Lh3=IC!r-^T7J)2szc!iL2lF{d!$k!Wr9E;9KD}$ccm!RUO}wGj*`Kuzqc;> zOOOGxMcI!T7gT(zCU&uGM>GL*wrhgKX(=|Nft`f|>xP@`M3ezVXnK8{dUcxbwal>j zpA8)9Rn;iVI#ab~zBwgByyej1dw*s)Pb_==N^U){rvDc|qaP?petxZ<;ZU}RJcMU2PS#p$pVn|g3ML6N$E_u`n05yGAtdg-8e;~Ne#;;Xi;wqBqMJzo$04s( z+;QQFf19~=ZX27c=<~GbpU(N+oZoDio2oG1x3E1)rHL_wW__uaHsQKfWvSNSh`FRe z@i34`pOS>_giswu@jnW0;3uGPP@^ZaEp6-hbm+J2s|Io5IG3hH5#O^Hk8MbuZ#;hJ z5WBbVuf+6FY;SAi4#x^%AN~04zCp?VehDAKwngr;TRS2z&F`sSN8sma9w4~w=)PNf zxkj~nhG`u}IBFw=>caJY`@-)@USs!aNi>a#ip%w0jPC)0N$-E8Q*_<6?{Ue8vwO|) z6^Hfht^C!1Z;uYPDF4JCOjvIBy6pjT0D+W6Uo6J)F#gl=*2b)NhOn`d@l<>ko0e{|uM&e*B*(bkuk2I|&B9N_brYD5@9> z@-$7Gh#Avz$drs7ql+8m>RWrqjP~eY@EG|Nr%Nc@7u|ved-?*l6kU{L-J??}1v(2{ zUOo(EO4}tP`_w(c9?8DgO$P36eK_KiM+Ogk$qOX6*iCXS!(&VczG3^(n@7(ce|nLx zWMD;0>?S0jKCOsrXP>Z#is|ripPJmD7H;b5y9{UShCO}kCIy+K{lF-%uRG0pu0C3; zqdifN*8cb`!IcBpwSD9tS39B}Nz&NO#4yL(Zo|XJ!J1COU+7@0{}LN=X-qG6!w;l~ zss@ZMdVt{@WsFMd`VL z1%0q;D|HYYmU*q?2VoBkhA$KNwgB9|vUg8EfH)&5emD+SPd_|4;SckCOhzR;Dd%a> zJH4A!Y~Hm&3x`Fv5u-v;%lk#P0i!}MLy2*2(%df-Tr@d9wr^(DoEDYeN@x?j+37FA zIQ8R_e;||oPdwiULG-$D$>04}+#ja|vVyA#hLAe`f+W>gSzrrr>{XXcFqrp^)B6gN z+tZJd)z?Pc)9cwfpW4^Pa38_d)O2uz_hAuBvNt>LotfV5x=C7`M&zUrQrk25_H6&- z7WOtLXYjaJl(KsI9;Onu{*fPO-NkNSwQSH^0KarPD~(-_eQsbU9*Un~f!`tl`4004h~Mku96ALO3IFeTnQBDkIP6 z%xN!G!r(c2aDO69k-n;>z*Qye#2K2ec4kSO*zGN~?{89%ONA~dK3obz_A6GxFzMam zh?APcQetM3k8!+>EntZtI&&12;5;) z5CTQpu$|@c#ASY*&o&!UfDqb%qQ|uc4-|?Q5O)2Z-a=PoD|N)1{$>9}a0zf;zJt4; z1$My!`N20*zc%d54|==b=QZR9`E2+#g1r1+z}8IO{2&2Zb?}3nr?TxHR-l9BFz5DmL2WPvJ*{ZB(%*sDHl$ucL7cCm2miq_mi(k=Oo6mSp<)vZ^Vba`Ze(tGx zXqcp~B~po@Bfyz%*3~$4MmAnr09vjC%MRG$S$U9N>VRLPwG@yly)Am@Z*8sx#l63{ z&T=`an(tsjjMqDO8~9{Mn-8HLM*A2G_8)uh8qXu{dgv9!e&N>(T9RQ`G`rsSHf9l* zvnU|SvQD*m4Mcy*a2l(Jxegw7LENd|PBE})^fO+0>EdbMGo{GH)J$+uDO3S9Uyf24 zLy6YRpOK+xO=-@0R{MUeeByCZtZZ7QqgQ_%P@zi6Cf1+SdQXEE`7)o^3cdUg%0hR9 zzR4;@I|A8w$AxuKDT7h1gWlLI77O9Mo6RR_=AfmcGd#aDem#XrJZ=@goYYKN^tV8G zf4YK>^O_mmLyL8zN>dg(;Kcrl0D+;<#ubH z+yoC}AJ)F1v{O~jE@&f2NT&!n_sFOJ?NQQT+*Dc*@j zh2kDU9H7J5Pqgh8c{TklpjHrEB);e-@R*>kKd5Cx8ek4)b49ijN7rVaU_z*V*V~N0 zPgU{WJ}H&H7T(SWQroecL#&@55(r_o0t@NVpnQXGfa8?sJ%jtA-`93qfVw$?S-Ob6 zAW^C5_yW{8wBtSn?3V#2k_MUlIw1%ZZkFD`6f}~r{>p zuzk|&io*E&GyLj#FlOJ}ru)Lj9UJEeNrczmgV0Xp8G(6JYmaaJQgE7O`tiO^Sz=s3 zRF2J}YYQ%QBW8cdunhzuIF@GWC1r7S#!4kX96%*{UT+gLE^u_P8_t3exlr6#_hpcA zI{h*oL%2qH;h5Rbhupa91NV@nBloFydu-BaHQ>)r5gvk-j* zh{kY!cEz7cs)2nUun1K_Xd1WQjCUy=`BKbDul%4kx2NF&p4j)2g$3HUMEQqxk*-RU z=zh!CcBzSenYF;jd{BywNLkf`!JxT>8btuLZ@MD1KrO!oKNtkh-4#=Ea4v zrpWiAIM4*8a=E}j|KuaP$7z^C+4XP;^ZOcFgN4Xs32p=213JVV56oG^z{P!3Enz~K zoa0R4x_p+(DSoEf>qVNXLUe1t*QfM~?4^5mpilYMuQ!z1TWEu;T^Rz;TLL{H(Vvk_ zUC9UT&ybjE1*2l3%iwm)KS+^khH^fuTCHXUZ#)zEhD}w_ zMrG#SmIrjJ=d~U+Zq$ReoTmI6WXLjo-({4Aj|~~EMJ&ph}2Xz%knxV<#2mZ4*`|* zX6Ep(-f6A5E?@x@AxnI~b70P9xv5+cVq=UccX-C@p9E2yvG7e2Z+q zxmL9gt_mOBfu3bK;=cNdwC8vW!V(kYW*sy2O|P^1beQKUz}gBOZdJjxBD8%gN^o(rhgR>o)m?knxKDBSev;A~<;k_jCtF2T>!PLZ4ATpCg5a-0dpx_l9nyqPNq?36J|H=pw2C!0FddD7yzOq_3I?F;OBsJFoc$uA))HSQklSadDXUxd4 zzCkY_?R?TT0h$~Kqm*>6=O*RB>_ z=2IULPv6(BGQ+bRGhYk6CTqhL2Jj!)4dnq#mWm=(#IxR45t<2q`hL&G$$Ug`tDc^^~8C)C(J^FS7G|S3T#Cfo-0`Q@bCUGTLIjN66&lwwTqe-)d36*CN zowpUiS?2v-7jLkEUej8i4S{2HV@#9AU|#jBz5(qh)!HWW+=`Xi@T|)gWqGQihZSN1JA!CuDZ2> zjcLj5+zW$6|CYF8io~_G$9o3&KVpNWj`(LgHE(2+Z@IByH zwZ7bl@Ly%d;lJ|s!94K?wP+gw@EXfS1>UG9b@%0!T68{P+<*Nr1*dXWg3Ea36MtyyH83{C6P8^?4X!dND zDL}VNpBl$Q*98n43@ChcIc@M4Dc%G1IBf!=_!XY5{rk=Oi6cz=cjz?lPmtVJ>OyJ> zl!*pSy3uy$oVFBV=w9w%{@5%Bwu)t+F8P5P-hT!oH{+gyZ`5CRr54QA~Cj;*IQn`J%Qq_<~q@TybDl+z{L(?%nt zBV*33QVf*Z$pa`ma-OI_@Sr~H|L3$HdKr>faEmhxr4EMQ2V~1gV0Z%*5Zr>5{Yzx{ z(nphCgn?QI^ZMwYl`KMo7gvVX_V38+1CrNKWq%Gg0oj6$sWA}hJowYl+9u7QY#-Vl3V}4{#iLtDlO{r%-mQ|Ms&mYZ~rD9Nhm0 zac>=0*Yf0x1_Hq$SO`vljXS|DSa5f@;I?s>AVGq=69^LA-9314cX!`xg58yK&dj~@ z-n)PN=G{BP2Uy+J^{wjewV``eSJg6RvR>@5ia1g$Wqpk7Yg9)foPyD?*R8OMJn&EF zD%WV}ckb*VoU_(60UjaI9Vl&dm%fN?5pX(bZ)t;yv5wBf!ruOAmrhy592)PZS)znI>veIPxlH1N3&{a)g_+4 z)&(FZ3Za7o$vPvenM3c4r~i>j*=A_^)e93YJ(4xNWB$(eBO~%M@4BV1a|5g>Ac>{R zd(5ZbsMr(0-(9yswk7#*OlG`|iUU^6N4#V52VD8YCV*s)w;_ZTcAo7t)-VA-BZYO`>0O4&&4B}2iLme=EPq6gKVUrTn^gbQ3%ZUkXZje84!`FI>(YgH|!g?Ud|#>iSerchcwPQl}H zBc)Bp!`=v(DfTn6Y?Re|1*J-;(i3p26ef!YsZ7NIl>Dde@271 zOoSW%=4tCrUG0(pNzP5uoN}bw18Jp2CY|uDyZ@-iaKkqDPvZSCop#Wej{flb)eB%9 z+o>yE5_m#d(D8-aC&2*o+TWeRY!OE{^4Z^&*EpEB8SXJw#1wffZ^69TV-&)=NZO)L zc6$I;E}o>r%P5KE%m(kdW%mJt%A3DB^8C^)@VBHzxp&u?PSnfoe>gOzJ%-)3-kw2G zTvr{B{kKS-12!2oV44PAmI7>n{|IWe3Mk;mth`Fv(slL#B;F>?@wTQqQ5sKAZ;xiA zm1$vDaXDF4naOp|r1R8i)leDR?@rr|rum0(IjQEFMYZ<;O{0G|tsnl40AHHP`;=;3 zh0Tm$hNW=8P@C_5NM8A$BGykwiE@%sI1HeiPFA;O@+Y&UNR1xs63t@jzx+%7QMZuJ z!vbelL$$s=N~FOKycuqqv81|KtS&F9ZKxP)rvAE&jEAm7T2nl7zNGY|iq5KYu%wjH zD^U$p{OwRj;!+cLW~(`4NIO|gNvNv0l$-}mwNOJ#Ef=lKUOcS0v>c^K$2vFIeG~E7 ziBf}_^TNs#skKj!D(-U}9>bMgK{^{m)3DG}VurS}Cicz1d!ni!8OG-oVWhWcke?b- zioszW>)533)lc8>%e04|8s%2$nh@U!VS|YGOcQ=0i^NNHipo2$$A|~_G?pWN>eUOS zWp}gY7Xxer^cCopDO)I$7l8?x3jBB2=?rN{v@pjMv0#_rtqIu|Iv@@9H}=ORVzBdd zc-WOujmztj%LHsMFh;wj&Iqm@=Yx-@L zM2913b^x&Qz20Iw>HNl~7xlBM*@*M-l?q-mwC(3ehI13G2qK_E`~4{|GSyrX#9O{b z)sb16tXPy5vM-GsGvAWTKRi-26i7pQYrq!)gmAAAz8!W} zPsTyCtygVKqoMh@yz7t5^RXq!TS*z7+N_nh4h1iGP29I~u5hlALUMfQlB7|kSP-Pf zdkFltBud}Mh8E!ihr+vw?Wf9JBe3jpomyBhy=3~HhqOY#(wW=e4QG;j@JC@s4tk+oZTLpD96cE+>VOE#-6yb#ySlLQTqAb-O|M<>DgeI zA69x@6RI4q`@Up*yi(}B4C|IJQ$Z}2?o~$X?hx525+<3O-xIK`hk%nXWXSD^2p2Qw zFGTg^$%K6l39}EsQs$InS9x!4+(@Coa5@wVVLEZVHJC9UJd+{MnAi=)>dD0?u;uwe zf&`+mk;1a(mA)V{mM@Y`o;7%M`#T#u0)=F+Oc1|Kyg_2YUQGXIV|I5GR|8_ z8mpp9mlW+}AuGMa>)d8guWe z)mBh$q+uIHlA6(F^9u5rH@7MMLUKJN=bhO*Tg&9cNM`7Y02}$PH(Mk4?d(iaAARMy z21S;m>r8G5J>hc9O7!+EXd-UsbeJygEAg-bNL=1wqlm%~;;~K_ksspv{VMpEC$v9R zBZfliJs(1=ms#b^^Z{Y>tM}l{k2ZHOB?PmdzmskuV35$nYQ7 zM3YLz8gV0Vm1xe=8C7(hUA@uXUy-}AG{92{!ZsJ?gZ)xK`r;SQ=TjzD7aYqppDe^D$+Eg4g zya)ASL?jmS-X^RSYOu}=y&hfHkvvp_Ow=?k(>&z6(kx%NiowCz=ZzOlX%8?wyZY_V zpDPGL#SZsb{noAW>Gb+f_Nz|93<}(Sf?l*uap#K0g*Fu3z9)Z0U?qTo-XEQv{G5%f zG>@LT@#2{hszM;RIO*eW(K|`JS-n7PMhR0Wa6Ehy{60GHRrqVJZD3s8vsW*Q19cGB=1a{gUan?}$ z3;u(n2R);BJxy6g=#we+M+S*%uGxdSBy)0?oBn#597Zdr=Aqb7v&o|^=R^w3(L8Gs z;e=2#N8sU9Ne&{TuE7Iarh&x4$jnjJb3i9S-YjiDdO$~~q$j?nthXcSJUU0Xpvnw3 zcn-0KbsAo(v;;e{>7y!P7D$y_{kA5CJ&N$#al1(Cd|t2U^6_tiT=ix{yG@=Jmj{X; zts8)(QWcM^ekTi0b&DN~$}T#^Mlu{WMPC?aD)R~IRi~1y7M106iY;Y0Y>Sc@XR7nH z>s5!7tWuS2tskGPJ*pqA>-k0JYBojT zjA~W+boHuzNyUrGYC6SMGNudq3`<{4y{c@OlTP}o+cfL(h9SoPGO^C4BI#tNx=p)Y zV;Ew!pwGBeV(Rr@OB}6k)2inhhL|m^GAyN=dezw2C!PG)65WO&b_=VFOD(2e4K`;< zCo9!$I`#jxL_vn75Yzig8`7kco@yV>dW>O+(Zb(EpKPzfNWSz?!`3IBfQWRbuFK5_ z25v95uE<0Zb4QD=rnvo{!OUCMO@|z4P>;6*iAgJUl1vwddnn%%1i=sLXm9-aolF1HCPg!l{28Mih{@1?Wfh@wF`7ep+0=J^s^^8+#Fy4&qGCDt6=FHPA z4@T@@q`1EMkbAo=V`0fGrlXt7j2cyMx%!qSETu+f!@|UBQ?>~8HAV)QuyDXT^qq+f z+#waP$6CCeBWrrEB)Y}a@rBEE?KvCgqeUFll@dGCy5m5P?mVd9v#WLmgPx|(>m0^T zEgE}ggr%SA+uJ6<^nC&eR8VhEOy@l6k{iHh`u)(`im@xH9zb@4QqUf9h(^qa0?PE8 zGAbH~!aRcwpQl&%`wd8nL)HU4qT%}g8}p2 zZ|lVsggvo_>=)Q4HxxgUv$uje{cgeM*YEm1(^_mIR7vTd3lv>|Cblz=&P zktB2ooFq0)dk?UoIeYauM*rj;a>$G83BBSU_^pnl>V)mLbCxSfH2$rc< zYHvg-P(}C}$Twe&qMMtZ3HnNcteMkE3N7W72w=SAt0k|qF+ZJZhU`hAXI}&AoM@!0 z9S=W4ZX1W}Wu?Es`Z3PL;-&ec1iv3w=5TMw0XDw5nb?&ClN^;>u@|D+Bh*>(_9%Er zwG{jKFx0#dS6?(lNxVBo%B`@!jaI)f6tIY=|eDztZ2~%(V%(%x1 z#^kYm=+;H9dM5_fuXnX7s9_7_+61mXGqgaQ-3er8S>nZHO9)D2HCj&zR^B%_HZBw3;a$8bqwqKm-@MTD4aOfX zr^(jTcpIDXhG43Kg>K?TY%Ls1&q$Ya()6fR0@L{-l@?Jft^_YwQ5bd@@itYGN?M=A zRv&%^E1EE9A8XV&u+%?v@X`>~{``xYPq&F(BIgaS&8lScUQ;$kr5NFx!J?hbvSKAi zRuNxn=~uAhpu-zJTG*%QJB} zsQ#O$m-cCwAmsXR);DT?Y06sj{tmlDpbV=%`{n6amj3ACIA9=Bs4za+3vClXD}pl? zO@F4gS11uXIY=yfB&w<@)Tjcq%`8nhDpmomHVuUv*YiuhPyM-~ML~aqzHb4-%2%_# z)Y@As^zbw_`~|yMUo`pPC(LRn-ubFFWMOHFC70>tV$b2R<-DsK{x29$FHaY1Aqkt4 z1HY=57ah+>6+u}a1-o~~zg%^$`GKxWvO97O9)JJ67EV3X@$XiEmVh*k8alE2MQMy`4f%)lsw+vwOaH>cyEBkLC-m2H?Ru}FQk)@M z=l?wMKf7H2|6J|=1N^^dwf_%$ zjsKq2{y*$B{(DyY|FGBikE{Lv=N91qI?-}Lka4Nd^uE?6JLzPq+DE%yVHoniAwCKD z<&O-K;To5`rj>1qrAP#IM8nB{=vw(gdo_B)9GB5$>eqn_I>^CBzdlmRHF&-?xUX^#=`f$w1Bz1aWh>xyc26cnj?3HYJsF6=UbZ%)z!Raol4vA~wgCTz9 zLd;N@n0=_s16h!`A>Y{#A?6f$OCwZ!Fc3An!AjbO%q3yC&edfEef`9c2|4uJR6n?W zq9~Hg#RI%u_#9+&kcsO_DpdnnH2Bl0iOfDGu+h5KfD&5Zd{A0iDR$d`q>hE~Vex** z_CmOnlrErmfX%{|cN6)zBfFEgjI&O_nKTd>b!8qADS@!Lk4?g52A9ck`!z*w^j;A# z6&;YpI+wQ$Tt>3e4sRqFOXKk}+>m+C>1H9OEFm*_{Q_Tryfm^iW&?_yGtsn7>mu3b-1n?%@x-FpP-n$z6PoqofrO+#ebIeP znM@nPhPh|WFB>$W+2k(JHl?fkxaUSBm8jMvusoHVrzD|(Xs**~FB*#HF$I01<&Jz! zz5ruBR0J%AF=kEz8{mzFD%2rC>B#XVET&hwT2nu|u@XN`L|J}3rH#5txrsj=$jQfRy%S!i&dj{{6jO3F} z-@YVe2sWsQ^<%ZNCvX(IVSea1*?2)CiX*KwJdRTCCg2;KmeV}1DZ`7*pZ7fLNqJ>*Z@wq5b{ll^-@A_egdxfhc!t%rGvr+T|{}$3s zx`}t?XXi0d^B5QUCo$-a(08jf#FH@8LcRAUA=lKifE<#)syR4wDUeE_IUQ(r|%p^+M14d!|qm9|?O>lc!p9rd|`} zT2fOb%2rJPev0^!V^iIem?v2BD41>|w{VfK&iEG?JJXo3IgIa$6@7j>mnv}U(o{6Y zG;HGCq(7K#_|~L&84Wq_{mz1RHYjZ7NAFwvue>NKq1^0;*y-_OqD~;)UL&boaWN&h z_(=UE2~Qb&f^8F0vAvtrO-+0GhEaw3cA~F_T!CA5FSg1PjTzMrnQm8TUA*XCLPYM0 z?>#jKE9pKObr!CT5he}uO-ODYPO~${@K<)Re%ldDl{oUZtnPQSZz{ir?mhVPm;mWq zMQ4DT*%lvHfrFT#C~j~JM&H&06o^NY_$bg!N|fVr#qdaQiJ9P$07 z#koGU9_rMn z_U|d~e59Q76xs{!<8ZcYqqw&=c0tUu7=;8C`@bLi)plPczOGsSPJ0k{O!;eQUvaJ> zAgJZgZJ$2_rm%71Cm%d<^S1SN1+shYSm>uhc*C)+ithfW?&9p?pqaYRJ3=*G7Hwo# zA@PwLMT9p*M=8-VNAOd5rP==XWDb)%BHqSjU!)szVXmla^J`I;lSo=tp{Aap{j8Kk zUju_ATswJcwsbROD*XbHsY23x*Ht)TE5Fhk-hJd59mrqD9W*HmDYpdgnKWgeyZ;(; zYG-Y6Y4zFcskI}vhZ*LoEvv;@PJ>x`>J-!-E;+Tt^pfOphx>q?7B0I=TL zR{w~3wXxuNnUF-TZ}I~J9;{ke{qbEU4Q+6H5~-S^gO6X=2>*oO)s$9np#vnqqbV^q zE!(Q~EwiRs;D|XMfAHR{TrU^d%LF5dvKg4W308NFWZ$G_W@FmM*Xycs*`QbE85%(@B4RzbFui?;sd;AqDr4W`7x{&_D>2%3+>etX_2j^sE-MF%*YCUV8~S%hU~r7 zlWv*|3)90ToA5%$p&J&)3=h(*b2K`{(9+7UcV5|hE-Ql1dhUqry5V0k_pp7!BH2;|LI^!7!i z46GMH+2nvT7e05k>=!RIghB_<2L|wFIkqJg&3(GMr=^qUY>@O~yR!QHQ4Hi%c`JDF znf5vz?W9Nw7kC}JUqUdtlYG6KDhn1qFx~~JsnRCmI5&LExL8I>G5G;69l(45zKvlX zYTNzVN7CngXn&r-Q#_f9?2$E+CJ;wXVvG}7or9&?2R2|)At^@)nIJl!UT9!-qXdQS znTMc|PB@xDFGFkevd-PRcHTqLPBpk0t0!AEd6MHY9y*3n8kkYavZz;N7YwTeP4J9MDsvqiUQykBh*N=87g2&*L}U5GVHr!&_*UdR zz)!5^5&nK+rzRyE642x^{URX4I_-zWL}bcKzO9X^0C}pnU-I?O9iApVv^Y3!zHI@n zfmu;m0fAlwIR72nIpFPvre&aJ9q5K%5U5D$8Jx<*ZN+5GA%cC&G?vTAZnppo$ zkg)Xue2c%aT@T!Az(I$`Y_vVz-x&SQ9ZHO?7!)sg`og$(^c7A+C*13fDma{IvF?zj znNKgnCCE2={+zc%f4Pw?Qu}z`i-D}N*CFhzQVeg$1P@jgDKNe6^SG>|#g0$nS4#yh z!(2Fdv8pA=ArLA1SrQ;^*L|LweYT=ZmDHwxjlyrXSA%$}fDoH#IQ~qZ00i-Dq=BB( zzo1xP7YNe!!3spOvu}x-4)Z=w<1ew;`wdI~2>QFuJ^!0cvi;j4wS)+}NbjoPXI4kx zF8%3-eYOP&{aycnXylFQyP<o%S_Nri>;aN zpfdZddWh*N_an%|R4MnUsT~(YP!%j%ZW&pKXxqDN2vkfeE4({HYrNHVb$A~2vJo}w zr5JgRHQx@i&rwrFU3E?7Uf~RRabu}reMt#Z%01x@-1zg|w;=0k>>ubN$4Y2k-@Y5# zw!r;$5IwYUlJzGw86(1t^iRNvM!gIx>I(wH+AqoGqyR4_!=eyK8*mN`)?Adn14RzP zUH^ix-S8U(byckkxv$rYU~q?stWf^`N`&{+Teu>o+{DbEWUs14{{xW-xBkNr6RR=5 z;4;6VQ4US8ELbJ3ZlU$Dx9~b`b@T=$r5#K_vsMK~l-p7X8DYUGBn_{*&-oF@es1H#;WGfb9Tpn&LR87RSfMee zv0G8s^_YiyOHo(hZTJz@S9l{Dd9LgB^LJOyqT^e*UpAX1rqF7Sd2vAI%A}Pn3pt2V zUv7Wh_ZH5@6MJH|6pKdoG8 zzzke>J{0?t%^Nt79xUpc)Z?jTp5K{%BbnXeXkk#Plh)A7(1(eUtn&5IdFNNVVY156 zJqgiQFn{F@PRVvHVpjil4m5cDN{KvcQzjs518_C!(=q1nVV?I0mysS*@upmSK5)p| zykywIk8;;mU?r;X_WIIM75$?^8k)Xjg}6>ZCvAHq>eF!y?x!wk3w_-2!V1r z`CIrO>c`gQr~bHjpz8rEPyM2<DV^b%uMKZf%&ou2`_!Rz$yk zbD8T~&#>rElv2GI!NR>G48QEy78KrE8fXrLNYflc0{Y09ZIngcS?pw9r^D2+i-qOm zUp{>3{N)4@+eVGRO5L$iK8&Bu=c>7}yuPk@u@eg2XS;0{=Q+tB;zsKYQBU>%(W90mbc zdKusb=k+X!Ug!;JmmYIZY{(U(==e8&nTCbm%=6=b6W5Uh0LMt5FMsZ(_VPR8jGTo@ z!{;cn#7cyHb>yztRv9M23IvVH$cmM4EIyjQq}f%SnA z>Lcz$@DrlDO3)tm<+~e?U5vN#q~{}4f{|^`*$`LC=J(fp(Y?}N-plXloEky=`$JO> zB($kH(RF&+oMBHJIA7UQQbqG)o~Kr67ewtkzq#g?put8Mr&Kv+Y+iUw#h=&;39yXXV~q#n9xH-N4*)+tu<~Vwnw_37;q#bKDgFaG3a`HTdP^FjXHEMky?$R5f4 zQj=QJE3qJ=wch>QIZu!iKh?2FMMHe~S)O|z8$+_nR=Ee(r;B&A$MlIi<`a%t^Q1|G zK&lp7wSZkIm9A6I`<|V2Oj!IPes7jAX*&Duc#*A7R{^x0 zY5wQp;m}fR8ut;_8upamqGq4@F)wD@*?i(%%lVJa0>0D3s64@Jm3nu;%yraecFc$N0j|T6GFDzMndK7xOIztjS?Zx$G(4&6=6RrO(2{H)ZE!EcRWrjYTZm zw|(84TR{U31s(=H!hZv6m;%k){XqM*z^>u7mNMT_=A~G#Sn`8pYBSUJJPR{4YuX}< zkj>_3tu{UmO&kjjkrPzQR<_~T%TMx4&99wxJ7J#7!ZoUqIF5OBhHK=3goUq}SsA0+ z3^;wI*0MU6TMVPWFEbQ>5xI|@9VP`hlXdurPI9Wbe!GH$?!|pjMzL2()S{FG|I8sH zOe9}_C-hEQYEPhsx5;Cf_O%C9!|G3=QU!NiQ?0S;g<7y0GP9dOWA&yJWoFWf|Da2# zXj~zBJ1zs-@ed#|yg!9ArPS%}@}o+8?1xs9r&dG##Cq>Z$skcVCN)|^*NBW@LZ+LP z8&7h>A;ds_<`tJv-k)M5t%g}IZE056F`Krml?l3vA%#FRVv@~5{++a_~E;LtTk`joOC%Z7ce26$dtSlOI=EnXI6oekD zPjm=X9d6NCa+@HOt|{ti$tYQ@BX}Qdy?3#Yy8#yXGDA1Elc2cSUVNqx2WXQtzIuM7RNp3SP&u+J|(7PL%op+C{2Wxeq z)CAy}@l?ok0;P;O&^kaHJHi5=cQYKh-USRT?6fk$ATWL>dL{>9k4`WNHo{$Jq# z1(I@;eANs`)XFmKp(l88K(Xf%Ht%JW^zSrsh<*wnEgR}?G}LopRN2k;yG@PU>7xgh z_^LkTR?f|XB$e+G{IK@Y&o^sW_*<7jJ<%if#%;_F{tV^O0~wPT0xcGwWDlg$w1gb8 z6L_5{c}y7KV%l1wfp7r5Lrmbq$4Q4sLH=;tRZh>7ll!61P;2 zztWe?vZ2VjMA2q+&=~}*vyn!Mazi0rhZ7NOb_VyInUSFs@5W7gBU=#OaIT7cJWPul z-b!8Y%DvW2P%BX2Mz!U7B{zdZt7YYveD)#MUW zE(e9N!|R{LHBE!7Odj1P^EE%O*4E`s5nk}LlG~X_$<-bVsz=ltpjE|#Uj+`K<99W> zN{pD}=TJlvG`VGZfZ;qjp90}gpv97&V#Dv7ChAzfUjkz9m7#59QCI-5}m zVoe~A>nO3^Fy?S_!x@oA4n#`TS%h1-E~2Fn#fR(`EopJB3$v4I!qvVJA>~MtUG4jH zQT6Tzk8Q&gXVs>xXW|c-3h^*3j`hd0U-n$)z6r~jcMg<`0>D;^=t|Vo%6Fgnz|oV^ z*e0VPcRPhNU$tWOhuCm0t-C#zn!RfGp=_^y+h+mH23~Bi<00B9L*sO+|CQt6XwqAk zUBa)PPLzcb1*EEUJOV8b-;~49i(4aju`7v$%Max~i)NoW;D9d=`m_0Zqd*bcBKCS!&O*mm0a13557URW(1^hdj;b{{eTAQipu8j ziFW@@+*$QfKpO;^J`Z;V*{WCHNT7)OA!s04LsNkco%TnzCaya0AEkKklTt3brX(}H znY_nQFterlO^(dW5wq_!GVn(yN0$CzabM1$3ZxE+T+1`L} zhqR8O*hw%dGU^T_w=OP+QX!o5CfQKsF|txGa}^x!Zb+U2oaU(w@-n}pse-r3U_m40 zzG-A*qfI!h@a?byp@Yi;j`$e$EH(crQ+n>tyWR|ei%3xVW}M<>khLU1bdRYDQP`z| zAGI_$(A?EaL=f881b~}fYe2+$XG~Sr3v%ea$TyFxX~7D^iGPD7Y5u0fp#H;@(I0OU zF4Mh$BO$VY%{*_af+Hykq%b2dXG%9tp8llJYM3tfnb5cVI1JdQ(?*E_!Wi@xurcwH z<#NPgctFONZs^=z{-~>qewviR@HG@fP_&(XAm1GMYj-{AE+u2h zuQT_t2rl04r7ROd!#Yn*hU?J>SDr@kcveb;h7l`AJA=yMt`#b1rt>}0(R+-Z`Gybt znQ?(FORIp`3_bMI^0F{o;MpRuMdwPs`3B689Oy-v68Lr8fTsblM64UfmS-%5)(m$s zf?3WIo$do{(d|A@rB?jW%yv@}q)YUNYqPP@(T-w_3BgTcdT0H#pYIgB?^BdUb=YP=$wr<=Jeo4=6V1ps(WS}>E-as(n3+)9yfAxCwZ2x$t7naHA z#rWrdCMQ5s=MwMGIF+8R9Fg<9IUbA*#d0XfZU_)t0p6G%-TZR3t-aZ$ z5P`qdOK&*u)Ftr;yWSdaoZZR+4A+^y!D#c8P*wAsTJG4jTASCSWNl=+TgBJy#yPpO zSg$rgjLZ!LdJXuN3(4)|Lkh2k+`KA5PfA=6v*zxSScvGfgl-J{`+P)&ESrG=kZJhy z>9>Nu>QPNnBohr)vvvoHwhcsiMo=*+DEB5C0Iw%RU}^Dy3Bno~GJ7X}tj0O+U5jS~ zr}A5#L3Uus72F@ryA|m)G@6^J4!qNrsqKWSw#jK=SHREsGj9SkZ9Xq8jTKtBEF z+_^kTWabPizRQB$KBfv)Mq?Z{nZIQbZD^jmt*-Xlr8aJ~WO+wo(GzH3bXr%^6FaIi zi263ZB7D=pPYzsojH^e9ncRWr%l_QPwm*lh@LVobxl(h2AV>zs`OB?1uFby;iTddC zU{pRb*1QMQuu%iBNOD_*t_3_E-TS@F2xEK{L(O^*ohiG+py6v`8A>Yc*o*gt?H`_o z6ZXor^L{!uy!RR>4>b~j1`EtWZ@)n>RY+gTtCG(hRUVc}?R+_@;@Hxrh?6&1JwhYO z6enVOH(V3A2e1>DvTV)vCJ0?;;0|_v|s3)_^e2b3X zFv`0k0@D#S?vdV-OWe!R;NHec{xS>6nse)nTROpHCDKWYRcH(ZkE?rqI4*ueThJrt z`+@$8l<*wjp3!E!^z(DL;M)W3)Ss^~XKhEGy^ZHT28ham;t{?N1oI(sCg*;~Z9eW2 z?hLwWL}Syrl7Nj}#bq1wVg6a*CDP|XX~9$saQAU~YxBGP>7O`IQ1 zgyI&%o3M7(@xKq|XUy^Z0t-d;ely(=p5ynn%SA??rP&vp)XyT~`E!X;+^=gNfj@B# znbJp<1kBO}vwz+dz#xes{w^nmh1F-1cDOV4eWM_m2){O-U6L=$Q-jR;L+7h!m@#Jr z7B^UeDh@idJ4&*=#fd$1w(FBe^xHQNh4C|_sqIJ4Rs@yt3;sn!v;jbl^0 zR_`%N`kFRt#NPGT%@bW7^tm3M{8?#mqQ5>dyhb;nQ|DJmavsO2S~OnPT141~ME9!m zG(1f+2VI>M3pbdaNB7*9~zu>g! zwKC4Svk4{l)NZ!_#01LpCd=a+93Y-)M+8BbTh_c9>B%L$FRtX#AQXt)0x3D z>H5>4J+i6YCnsk|QzP3yC3|BlWNtPtG8VEwC4PQnW>pWcDH*e-g0YpUi8C^@ii@%H zUzCsbj<(3me}4bP!HUeRs4A|>^wHABRNlzel#GUn8SG?aU}6cjFm*I=0e>=bHZ^cE zb#O7YGcjcXe=?)}2cc+WZYu9$Yi#OB_HRO@?9A-NEKQurxY_@7MH!h{M8w{mOos)i zaI>?Ky?@WHhs>;O>SXWYXkzL__NSkUj`k)hrp{zKWXy_UAIX4rad&446=y*0U+v0V z0F?VLX@bBPGPA6yow>6G85ai^D+@3XOB-jP2h1OB0DzdOiTx*2WPt0RnQ_lZ@R5q! z;VoThRd*O5$rD$$sf8VXHV_F;7jFN2^0~o2hx$bkoq?*@tU!!dESzLOB>L0s9+WQo z<#$hZLm&=j6ng(;c7s5d&M?{YlMI-Xb7sRl>&jGh6zn}U% zuwg#wOy;az&Obw$6(3AshJ-4i#FuX13rtkHr@lU*rsuob_am8{;i>CSEd)fq9%FTs z&6ECybUjmzNw5I6uXD495AMSSn(zgyJ-NS)3@_BHz76_4)5(8w3xh_mxUL$4`F`@r z@Z|epd6RXOet3Ho+Ye}Dt)C`2>Y*8jQyK)b8p4A+LDb$ejd;e@ve6p$LN0JBXHEXz zhv+dQ`{CtRjKiW*AK1Ldu0@F%J*PQiz3@tCsSi%2r6M^jXGy9|T{M`9R?yNf95Pq_ z(Y<2`*C#m0u3#GE)y6A6l5Nc~uHMcUouQR{6)L-F}!rKre zAO==zjp`1E`x&YiK@-9)(ASKtT4(LJGPp3mS%P`5mn@$de8w&Zff@Lg)xAjlVKKYZ zM|Gtx<4qwsgP?Us93&Y;ZdjA%kqUufnh?wkLI<|#puf0w~*{-+bVI=pibWF}u?6QY}V zKf?=Q0R-#p7nXii5G9wnomy@jqYJJ3;94O@OqleU(w^GrG^`U9x?CRbkRr@gd)FS| zKBv7ZeA%&stNY;S7GnOqO{(avc;o@#2M{cuje%P;G95#^J=_oK41bwojSk@|e`gZKc4sS$O>h?bC3o>;gzw@-R#oyFURx zst8(K17)1rR}km}Y1@XC`W<5aC2eMlu;b2J1?G!HAynVzIR0=r6f!ARXw{y}+S-}! zDpQ8)t4=SA!lA|=Z2g-<`^cwQiNj>-{lbaDSTqS#eczbN23n>I>%{!!w8`^dg1U$N z=MX!GSV9v&d*C3w`4C4AewxQHv309M4Y0uvWHhNXl`UL##DC~--WW0*=4POUX;CVh zVtDyZ=T#vELEl`8Co8s@YMexD%tnSWevkgu%Zi9PpJG$8<3I54HGkmMsK%z1rZGWi zA#ujw(~ot{+ON8uq)cN>0fe;%vsrh9^d$`zTZRgQ$-K4i`uD1Og}>Ct|G_f=_%8cW z!t#jzMBs%n^O05u-d}SxU*-Qlv^!TtSXSJ99_U}Rv%*JIsE-&-a;P?Cs93dpO&`d( z^=Vi$2`8|gaE8DP|3%CH7XJJf9BzT_jZXhy66SOZ{tVYFn#L=g{-gx|l^;o?8%W`% zioCf>-jPLk>_#6!z^vhqy&j$i25ui!r#HhU8EAw5mGOI(sjhxo51INaosTBNDS+x` z!kKD(0g==Rr~fxv6Ou*>buB$9P7;n`+%g^}i%fEKzd;XN)8x{{x51x^!>R<(cLKsy zsL~Se!z);CjHyO`P)3u#>q#}nPj2hK_t>FH8VS-!@Mzd~sB(i096jHG?_6o^qw^28 z)~S6XeK8Wyk{7LLHF&zLkM}NkqMdwKG@gW~%TXq{DBNtDtcUf|PZyo%zO-;I*PWKT zxScr9$-9*`S&!Yen5Q91Z5a85xHg<$s|l zGNTM7P?OmJx~KD}dj)^Gw*hpoti`&p#kCpep7oPQ+O+@8((~y<_oV=CDHDuMS$$XCUyPW}q=Mr*`9_=A-v7 z7W?MZE?m^S^>7U|{*~hF`0MFc5#YO$VS~)4!)uL@4&H~E(+bx=om23uyDMSTUGdCx zBJrvS{N+jf<>~Me7z^(sFc$PbV_5;la(GaY^<;Ggj79qq7|WYKV+rXvJSzU(T-;t> zTv75b7NN~_?d9PWC7VaZ|3Y!dlQ>{80F%kj<*sDv&sffZu`E6UW6Ao{Lr%ZC;1Zn* zr}0dPK0?k7FY4pWP6fdH8(=2>!`$+RdCEZGac1`q^Y4-w1I8z-3k?jv|Ktq;VE>sL z(l?iQ!wXjjPoeu~t_%On^#(B4b@#wr1D%^Puzj*Z(P+@$V@?O(0A`;p-#EX`p=rIA z%57)PYaWc>T}#nW!lZnQnuycSedInVFaj_g(OomlmEJd(6F5;($+Rx7ZoiNIdZgTw zJT24VozcIDFRNcXTh1i@y3G1rb^B}h^1a@+ypY8JzMpXz1|93NqxotU2<%$?{r;A< zB;oDGTU}%6jkoUj*n4Y=hN6mwLl`J5C2_KKTo0f4&~V*zqYkKximIacYQ<*W+7N9i z%^$_QI`X+o{=w(&wfm33SdqIy7uP(m9H_FD%#Xz>BLigY`cSg!JqUeEk^HoS; zQpx0TRhzD`7zG`9U4e$FrY=BcYtTJD| zNXK0Hf{rhB9;bDgD&YAz@o6xw)?V~zW< z%2eUfz7B>M4L?@>&PW}Js^qZiwun_yUh@N8p(^yYd`8GlHD?If3fE74(#pJS_3(2f z`9%CfP;Rw4edcu>^?{obAx(${uA1Aw3!pXOdNqiIBDs@*{Iq-RSB(}-NB=|Zx0E(< z=?rpK(t+i<0{6yG?KVu>^sMbQtCu^k%dp7HE_+I`WYuQ^&s0oeGAduN4;G!D>6Of7 zPQ$mwK4}gd;2BDxXewMF3CS$JwJg5{4N(LepKCmQCr+A1?Sld_l+JMy(Me< zA7uS?TvXrp2aHNHATdLCcStjYl_+t;JqTYffMfU>7_0okKR6VE|i8A(Bnb31z%{7 z7^{ zk}0<@5m9n*A5D*QudHrQ0BO}v_;Qu3folvVR*5NzXF1QHn-wO5FKfG8Y@4lv(kj*d zIw!}oCb>Pf#bDn(v{@*%zO*{>VX3-+`}ze+^Y_t!))kEh|KLwZ>~7J-yir5Ne|YIX z_z>S-db8*5Mdk;zH)AMZ2z)a%^w$_%^{*MZ52^b^8TH zhDoy=djH2!y+FBhGL&3FvwcKeQ{;cR5SQ$dasVyYv_(pJeSW^f>sVA{%EbY%7e;;( z(ph4l$!OXQ_!Q{0B;>N9tCGyK?kZEQ!%H=LC7r!vaIEkdb2z(=Wq-a+3bfv-le;mt z5fRaSRYFfy0>%JDvYi&7k4PvawPJ6KWc8y(}g>&W9)$Cs!%xpc4-a%%bm%NN8R`w0A5}hTmt3ms% zuPg;aO1S&Pqj~Qw^%?d2T$ne-%1(TUrLCKp4o~7&4|Ur9QHESDFpbXdTX&z(Q$ zrHW&M9ebGgmcZpL+ML7$54lgayjT6AQlO^6D}h&d_WG{^J(c=J$Xe`U7w~%D>*=gK z&H-N|PwU`LSx!KeT(s>w))5>s$MRZeC*}-a*F>XS)&vd zNQL#CHCEQ}y};$CKhL*<=ckT;J#h-V{ zWA+K-)#7zhZZ0$UWh1%B9~%8Bu&G-0@gTtUsc*Nt$lpJ4BFggE=5cql?|Ie!ekA4% zlzSZ%0`HJ>rd(k9Vca|Lu@v4vL|(HXvQ&uvLDUdb`?+q1R-lY16~F#{>>2*0%us94 zCeBJGmWg@KCg=9`cell`^D`dn@Kwqb2b1~FdIGR|X84`Rw|EWi*9@y?Kg7wm$B${O zH*c{Tf;B!eu!PRlNu{u42sPzNAE4}mzf2evG{1tBq6cuQjxPhy(d?|`hq&~nyYzIO zWaqU#>X}xp!Y|)WUnZY(6c&zK?6uze-Nx?H#JE@{N8?Fvn@IaCLEZ5jY;<1?OnJm; zsrCe~e>n8qyv9E3@;VuLW<2V%C+YY@t_%uk_fnP<^ zn<9%8vp%yEw&A9L^hlMKBJhz!LlrZbPBs`TC?r0;EryM|_;)?1NWVIOoQcJD1lc#o z`(r`O_G#bjV=(pXT;ffzJx%AA*p`@P<-6dm4(>w-yYJpv%riZUx<&$1muSeUp#190bF=G)9sWgIbF&UGWiwHyePwYrnX5GavWR&r zFu*?!%6>}ijBz`74Ou2=>1+k-l-vsmsCfFuFs0%{Qwby^Wd(WR{^5wcE(u!#{0yuBaeBy&ZUOQdq`z&7WSVjb22gXx z5N;1fU(SA~N0-lX7Ky0^XjYYiM407IyYxk_Un^@yMLqEv{HL>_#y4^LIdP(;sJWr4 zE&*?o%|PUngov8C_ToQ%x{Mod-KQ`5xaPz!U)GGCJ6Y?l^A)iv!a`VkN;l3rsZ>QP z!w5!<_pO-_qySv zKMKC3>u!TiI%W~j6CWGZA0OMzzm5ECzcW0{y2-?ZA*FxjZf7Ikp=F^toS&p#w`(me zgnDDJ?`>B^Y&d(e3`*kOd`%=lpNvtgvUjhAHu>@Jj(J=)zorhPZ;i#Vq4u!#nH?3#7ArP; z7DvmkU;B3RXeJYnz%y$X=^ZxNg6Glt{G6fRs=vjjvhVrGbm_SIs0g4OwmqNM>>ab_ zY5;A_;>sfwfv4vENCtZ{v)SU=DkcJiX#Y-;wXFPSRSFTi0WDL>Z!Z6 z^EvX}L@aLU9{emCQZSN+wDv;(<0vFx6yMX8sPU3|$xflBSWstFiX@}P*8h`QOi}1% zTQ06&qVxOo)l>h3z!UamI2fAseLk2nwCVi`EX-=nIuZ>Ji?$*|5aJLvpb^bpl^vJ< zSQNDe=Fi=FBKUDA_!MoNbdsaPO213RuIHpV_6LofRWdGL@8xM7q{^;{Er(|_`H%*r zYqsj~;`sY_(l5y!pSv`NENShTrPMR4$Il-K zrX^6*FB!FF;(Q!;rD5)`&?NU& zG{4+sB=}H$-}~LBtlViPEqT7|m$!^NXiPgK8+#&jgbeL;0K~LA%0hy#zz4?t?TN4b zB0(&1o?m;+O*GqaRO%yA;zamZ3uz@KphGGa=52!x<*II!0*@tud$NrU>-6_tv))4M z;T8h1rLb`&MT@Q=Z}CuAip$Ll)Ey$G!{cET@Rwr-InR*z2O)%chxl+V{Anej0)8MP~J;6uF!wyn?|@YQmB%)$4l`xa#$q9GFrUesS% z76dMaS%bk==pwiyg8HBqN^9pxURvhnwY*qwcLvq&i+B95Q=a4=u2R^jDJkYLwH@eD z(1B5KBf(tOOT47cN{TQmKVf^7T!E3qIe0SSepva3`r0>J$(O0OqT|KQY$Xv9G~f|b zx1U!@%+SV4u}2=CGT^0uV!io4qPiVrK8_?$?CK@8eaNa4PvF$X(#;(OGEyI1-qd>= zBQU@}jlfym8w^q3B%hzpzpQ;A;e5X%Z>wgnV3CLTxHuUdwVuvL)+;G37M<_ItQINO zMH zwMF1diKezKQ-{}z)K`FP4!(-K{X)pK$Iih}7<$WJ6NpXvaF{ z4Lma;2D@pS(O;>zgT7%wKUJRUI&bH%ozgn_V&e2zG?I!s6O4Z%a6>B#e|7FqvSuBsoxqTN`v>|U$ak#2c9mnmt5SDm*Wah$XHN&o zD5jl-O>Ej!Qmtb-xtGm}b`q$EHY$`-ZDR$wR;AKC42XFICu;NkzzU4U zo+(jKU0?+_O^7=yKB7?QpAv{*`G1fVl+Yf;is)a-=cs97_p*M{Lq>%WWupR>8D`H! zM|6KRl8M%m`CZs$bmYN=$}#4-5Q~E@P-aT+jDOYgq@Kt&gmBpS7D1od#{Vw0kt)_s z1u6@05*I<2kX^Y13_%7n;z_|ZbNh-=?F7h;CSa*ASS%Uf4cNnktu)Twm&O`nD8 z6r&>=kyz&)HmwFy!luATK@i@FsVajF65d{kIt9IkG1$)MYlj1Rb0H@3>*nHk5W;?? zfZl}v)7x6v4YTk)WHPaig=J%?f}u#W01xPUDxEn+YMmw+alxf&DdabYpYG1)p zifrsh195O@g_kC~Tq#u{cIN`S0<&%}$2&1n9WbV}EeS`l;nH~cag@Rz&md`*cOL8y zKP`pD;i{;n6#Y!uHESN?@UTaeG|7#a+>NszxZ`^l;};teYv(%&GwOAG))ZqBq_jAH zzw90+1BTq4@DI&cypkEt+obBJ91odwX)8vuXe98#=9mWh^5)LkY@TyVv|!?z^MxCU zrmdKw?OQg2%yqY!7t~pxJAAC(LF6WG!@#;2G0<*` zkj1`z8qME_PH(NW(gi=7Ux`8AV*A_6brN(Zv}s_VjuV`k$Zv=lXyob8LrH>=mK$k#j3^znsWYEdjez0x*N;BlX zOTS50D@db;o=jxM3}nW6-kiioxztzvuG~=gyg{WH-RB&Cc^S`j%-_OB3GtEKz}f9_ z0RmamOoW1;WNoZ^o|nfHQL&|GACcauzPGCl-W;-_F$o;>iS%+6?Wg&^Ln?B>Q|U9RZMBT3A?r70TS<|a$j_FF==k?Yt9&K0(281cUQnLculwCjv}gN%TDNw|gJzL6 zF8NAt4o(MG_KPtzYwuvqffj=n`=8IBL>!&4wt9t|Q;SkB z+RqC6NRm>YgJN={H<5!zX%dW8ySPsuKJxPThul}Q#`!&~2~%oZUmKQ-ALzX1C_YK<8y7zbIlsi-PRMM2<=f&Yj5ev<5c z`PC>Wmk5jdXg+{tU*#;S<$M8!Dsds|VgttTO>$_Trrcjo;2t+S&P_UX z;1FVIyhVMpx?q%c=I<~bh>TfUmH_cmd%^8c=&sA^AT%OCP6D!^O1G`exX!htYs6^I zx0ZYqm(^mpPsn+6AtXRXLpe}~)OI0abmS(W05OknUiXc;n z@9a`BVCcjD%4Z4uC|r#5(J7LgL@0)ZB( ziy!V_I41`jpL%~qqlG4g7jiqnCn;4dR^Ws;u}Myd+x0h~uY0bDfiu>HU4i-o(?ZUW zWtbd%87PiBm&8ExG93wb%`&yeyWqY>wNn*e>)XJkmiFTYT|_lF^J!R$0Y%^bGr!Z?|L0iF_H|g8))x z6yRo{5)RCne zJSo+DU-WZ9J~{S`x5|1#)xHhq7cT7dXZ-u)0d#}sN)`e9Nd0=rG#0s22uT#pX1`M^b{LOzfWaxR_aFd`HJV!joKv$LpbgE-O?*{J|g*7I*?R3J|~q{e7CX-|97}6 z*F5*-=ce)Nf1?}GIT_MZfy0sBEUWh${;^Ppt>$m>HJ?^AM`Cj@6A`%C6?~y9g-1L3 zs5>}*Lk1#Agmm!1pZJzS)273Dgte)C5hPRRQnAdEz8pI1C`u9$wM8A)^#Vz*aH4b{ z2QxTtkqFVv!xNhCg%KE$?a$6}@o&5L$*8vk*Hh#7|Gcs6$(NIP)4ZXT04AkAeKYh7 zsu%ks9~WOHa)XSziiDKfREpg?V;!Lt>MXW`=C^<-DQ;7b#G)2qIIUWFE#6^m6fO#S zEpB7l$BNk90_Fx@OCrY9oHFZhb?l&VJ^id@&*8hL*@PsM-Y(hrXA9A9|FIv7G6)fM zd`@%&WfL0vF9Omj#&EI;YyE3RN7eM3`0^_U4U~<5CFJv6|G`uz0*-o%?ICIFQ3et< z3Q||ms-?Fwy&kk5tl3KHXHw=eIH?CIM7{=f3(3y6Z7UX1WGdfQZ~3Lc7Nh>x`?$M}T9|6=`h!6`leGy} zuR?RQiBI?_DE7MAFs2G3ctbH4s#ai0aaGElfmMw|dM3MhBI) z!%1D3A1T~~IgUVamUj#*8zI59wB*-~+qCHxjw;>V+HP~v*z;FKOJzcL4yRpxzu^d_ zcb~k&QRbK|=qEFpG~+Luju!uD-!4wsQ#9_`Rbk~oobxAwgX$u`>%s(o;A7jUb*2md zSYvJai?J+p_EFm9n|RAMo+yQ){yVzXK!Nm;xz*W3NI~yyV}qfbnRTyOo97SH zUp8Th5|GY3Ch5>-(0%lHiMVj=i@>eA=UG9y$HY0xwRoRESY}fv^ad%hewfg^7DO3L zJRK1*zshl#^)M3L1?aymT=|QpKjs}>s(C7Irl{?>eBTIjdZ*1SzU_Js^)Y{r63u2b z{!L4Ve2$xEjr|3_*Wh%|$L|ue)rQp0Bo1uo&o1zrRAyK8KLj2$Nef>Nb1yDBhb8bRdR|>&r$M*8oW8gU@Fd^Vmc3Y-gaRBXzYYlVB zZ{YvL;5QUN;VHi8JGUKf86=Kh-D)Xuaib8I&M>Wg5kO0{8tQ<|Zy$#JEAK~TL^ z8q1PNwJz%p^!qqDX~*GE)R!|#3tRWM+2^U&K{M9X-%SZ}&Ik4z!xxtI)M0C9nX4Jg zrd6a(e(D7SU5X2P!pLK7VBYRs?qJP(y^3|*?04kV1|+DP{CLdkCY&JpEmF40dre+~ zRhHSe=`F8UeZ~RWnnMoD?0IH`31R2UESQK_A!=9B$BP_D z#+glSBL(KQ{qX{zfoT8kjy$H?!Z)C1N>DDv1&h59OXoU+y$?&bU4Qr&awN_7_|g4K zc7s`o^abr~MDvkVkPeOL%ixU#ZC1keIz%1JN@@T?}pbV94wDRpf?WHu9RURs6QNDACN%Sl zb$7{&l8eG6{$4F>2%d5b-OG3--*&VLFTy? zdveE9vi5wIZQ6(|ldXt!pKJ;ak4h%$=DVk)K++`1gu2Xv&Sf>l%hC zoYRg|pX>Tjl}pv;!-ZMQHX9pQOjCBKY!4efYK%IQ!k#f<#QA1B!Ckvur*6w5pM9Kd+gCAykBgKU>TfVVbaKS6o*Rw6@dUPxT(?TG1Zn|@+X=kq%r0w8yH6fGd ztNlMwB9V6G6YAXSwQ54@Rv49*1+O3{WY@r4gS7kRQvS;7{RIVUR;9OS?YJ)jApNG! zE%*{3D*J@omH6`to#QE!6+;mpED{l%d`<%)!wCy;Am-Tdt7X^eJ!66}|4k|)G{j~^ zkV3HYVIevn>DyGC1t=X*#VmxT5Q*q+d7$AA%w*Ja7e=`DRJtQc?LbJf1ucXgM?T0w zh{GnR)>WtXh6z%Hnp{M#SKjwrhENuVh;igxA#kMedmpV<^rg?M=Z4B0zaO7jsaS@9 zaXG`adS&6=U?fR6SV^sP0wW!=N0*ex$ijg-_FiZ8xQ9^{E>NHnI7VuM^RoscV~g9- zlVi9GkjcYxE$HV^Nc3 zWGH-ZMZ$|u(%WPdu23*zGt2oYMj_m9p~C9HLC@A0$_XgGrJcrOL9C1a3dU)7JDsS< zQZk284A}$f75{7)9;2#|Dxa-yXu}ErRH}cspf|9XVxwKCOQMRri~OSy$XQ{FtEHe- zVRcWaFN4`oK8H~XVPyb#BMk>uw)Mam({?0J1~>ytIDtMZ|JP^bK%X^m?$ATZ4Ij-1 z%7K=5b0Q$M(Ti_|Y)BH(PRhJw%MnJ(%r-*u6}LeWAG&(w(IOksDR-_O~;W)36KsU(ts9sDIx5Am^8 z&Nn}~l?!OqSFS1;f9G>;=sLyr3XxF|-)YD>m|>rX@F$yEBs@|3-Iy%8!gbyOSW!!l zfRXTPropd`l(P{_iwi;eDNdVhlD;hg`xF*ePt2#xmRoG7_#PbOIXEeXG!#Th2@1am zr5M|pEcVz?<(;m=MTj7><6!KwRQ}3_zA}mde(jMwR!d?93=QA>Xhzm(#>{2H$R;fa z$}2(F9s6;XBgj3B9eErdg)G2c6U&s1p5&F4V(1^>Qe@4olLkiYESh38V;)MP4?UZ9 zEBk@WJD4{5>w9(y1#qkyaj_CR(jw<66e$QuK1ggCD!Ar97`tF`X)$0WdI4wZJc|8c z!SY7XH9;X3RzojVL-v%MJQ|%`KFLfYQ~Z1Tv&xtsg(cuz;(Pk-%JOA+bkjkCnoh%j z|4#ivd%twCkixQW-~auX*pCY-v?Cm%n?e$xVaxPjlGh1*+S4D0(^GOvunoRdiHj64 zT1+!WIORKp#?wV+BamTOlk_xLNgY$}w4O6E>pA?d_i#n*=-ZjBiXdgp1`=KGw#9xD z-eFsMd4Hg)*6sD^EebtNQi;-V$4g55Y~zVR|@Tc`vwT z^?jmApUOwK7SI_#dxGn9g+CeIbc-mZHc9B|fB{&Gu)th7ntJkkM<+LX-b;f1QSzq$8TkjC z2W(UH(d1{TFrxyY`z%KYyGy4Q1U@wqn^X{GrKMx^L)S3>%hycy=vZj37_x~9wO`$I zA@oaTSfte7C!lyI3hV0^hsSS~(zq0~8LC{Y**U%PawIoW4pb{s`<0o&QgnRRFa;`t zOR$leR+=7;zRgqMzK|nfKSPr84`_YP=A9<#iB$^oP$<4NqwYG-Eb=L7Z!*j&M~k!{ z=oLo;PudGB{wMKT#EU%RS`E^L`kj|Vuc-A&4Dt9Ww9}odUtN4rSI<<^Wu4GYQ3oPL zxZ}$RFO{FRVySt&jFV&Akp?u-mnK;flgpQ8mCfub z)+~YgDXT8AOeX^(ca4&rELK!TxMirUpXS<~ixq3$Yc#H#zq=_T3c8`8BuIRjpw(^; z|5#s1;oFn#ZP?qRBKXP2kXvO0fexE!k#G)gl3@JgxU}9wQrhaN6=ebCvb0W#DfAc6 zXQ%P~NLU5)4~5kF@YN>n0RqJg3s}@M*J{6$?8`X`T2?3IWDTcNAhL!@Nf6l%8M6)J zAw@Dxfh*s=iHH=@^Ol;4O>ka}I?-5-RSuozHR-3YC+ z&2&~j_Mzbi5X$i~2jHI>24be2f0Q2-K9+Uh%~}Jyf&vKhk0qW@f8zEVPaPPSW*oU& zxuHiGMv2m_1fij}j@Y6AQiV&`J5#nax zK!cnjT%-YQzxYPT9B-G^D}Yd2@(Nt5!9eOFHGYR%AIQ2-bEd=D*JK`TBzBw&%Q)uJ z->=$`mgyID6(8$&$Z&+-i?2seS0~y5L>3wt*fESkyr_g1nWu{BEE$sh+y^tvAHbxH zg1`=ca|yMU@O1_ns{vzFpGLWlG7O=P#i6sQ;CaplaiDi5wDbvMeAy4K{!g+&a|}&6zM9H60g*j|CAZz z;pS8RH<+p{LuC(jNQr4(jV%Z%sZA`jKwl016CgnA{f)>uI8=5a_{tvvkp15%iZ;;# zcK8^WBM5E+o0VSFu+*8;sFp|!%u3~n0o*m94e((rZQQ?!3TdPxBEgrsMs-64q@3i? zBj#5zut|Arrlb_&rE^;XA!}xp5L=KAogm=|OwgLQNkcyzF?<@8X^3>*lrxNS82S__ z@G0TJfhoGh#&G7<=Ve2r#Vay=HED|#Z3#A)P27PvkzvH*^bF|)H_ThUzh4C=*pXw6 zZSPrfMb;rcnA*%Xb@IGQb5L@u%>-uoNQj$s6A$t^oo#$;OZx9V{?;SL&z4cPwPtx& z$hZJ~S(CXnse%xCd|Wa_a?%yN?Z(3U>n@Yg~%H}3g0 z7>Cg`(gi++ZWe&geK_YeR2szQ`{kHVJ!QDW=hbA3PGttCTkUWdzc6hdn0`IX`9anp zHqXdEAAKKA%e?1U2QwQ(BpjFuVkL=3g9X{9_Z$VVl2(&kJ*$RRe*ZuhA@ES!Hx=xf z3hP%HhwxbTJ{O-Km$d zyhl6}dX2X%GX|kCB$C>e8RLeDtFcP{m+)5Vb<4Bu0|+qML(^LWnnKf!qCA1a0sMvv z2n{RIN1*iI?btd6SoOn+n@;?AYLdOo@2QQqaws6Dd&E z6TWiE=BtIgeiW|%H=Hkt^_AH7FlXF;V7NRsDmT4rS}?EgZ?lJsfGWD|@EKobt0$5p zYufkfAZST9%^*#wuFua!1OZks5fk`o)Kgh`_Nn;$3GygLk+T7Iq_fWpmbMJ81}Or_ z>e%O08EB&YT>JOvYA=ZhLB3%t4M@|MulYa^Dqel6sqA zt^|vAE6!WHe8`ERP%(GDuyP@D!FBnckxX`^14itEZqz&F8#N|U6~<*R5*(nLtqPcX zebRH1vBxR=qhC}+n(CwOV@6DqQn2bU{ywO1uNr>UHtY(lxEXu0t$6vpQq+$Bs-rH) zq^k78RM4|y>IKKXvj}qhezz>U$y}HA{1biM5iNuPOiP+Gd&(y9QxayYM${UnaZbSi zPVDNtS72ghB(1#m>sD4q&=HHtG173OD#|fZIUz!Zd6m= zoRr}~%Cv)F#txwGX^gH)nQLnmStOezEu`nLK}oUH1khOFWPU0qy#l5fsYZANm5IQq zWd-;RJ%!23+IV5c+9U;N6fLtr!+|{9)!2i|ufnpEE_mD_jGKnk*{d6vAfy^tD#m)V z>Uht~ib`>IO1T%)!^5o<5~M+Y6FpJEA2;t(TtOobzq#hT-lUz66kr_#MURPUdV;h- zQR3qQaN@bGDaUT}9#}N+r%Rjy+xnqgW-{Xplz89Ya0UP0@XX)_2^HV)ZOvX*=E&f+ z8X77c5FPjEzno-Tnkb@wg7^SI;AYp~@C5`n*)v}*C9k0zfj2 zU*D<|KLz)>vS&O8HlI!r)*yd_fX6XCx{AGl7Tj(qruw@j_eVj}C5X&v3~ zKR}6JRxY!jDJR{ZGK&6{Z;1FOgT84m(>Q;4AYfyC!^J+8811FHEbL{zwPtdpDfzbi zxKH<}ZYFR435Y}L^12J53x53beSV;;Yg07nfS|@a@;UF5-0pQOn%}<+dABTfBl>UxNd#)2CO_wATu0L)RnCp3Nj2CDf4_AMm-&!}k z3X2YwXAhT}+$dt(xaH>}%h@0|^#np2(xN-tP`TS=xy5axSyHVvqI)V#rvLVf^*>0$ zkFK&Cr3{a{Rla}zK?tweycIP-BYU(6zt~0{*N7KuJisU)$S!lU}6xr^HoW4a122mhcq;;HL~o^ub2MwY*!VRqi`34}VHh?K_3|DXf< zG+zwy6a@z$BGCW?5R>JKQ!7RFDkr#pj?L*2y|P+8GUe@CYhl-E0t0es-tOZa!!oaT z6Q;751uwE*{*&^aHP=p2h_qod0D-a9wU z@5ehWdPmq~PC2?3ueA@$#Qke2W9_0@oQY!^JHPBD%VU z`nn;W=~WoXU;-|mL}+0d(DMIx-KG`Swt(VFfZ~aB7e2O?&*uCwD$TR;CH@W;)XzED z1KsvCdJ!(BcT@rZ2>xG+1GOIuOK+fC1(D8(KiX9aF5^3#(l&|Gc>j5f``)b}ZD{!$ zKux5$m&}3c=EN}ONQH^w;&oanSWSmpqR{aX!QT}|cPbqoqvi3(bRPJOGM ztw=flzBmOnV4_9;i8x~P4o)Fv=9y^O&bSzsoWQWQ(#!v(-l7AuWNM}v7^ob%qYvtx zrPh>Nvm1w9VAVw^vCAr6C}YNfxKV;J9hs@mu?!Z+*erc*!Gn*g0`Q^+p;z$#uUlTT z$fc*OKa87yaCghlwnNUe z98>A432Ja=xMlnv@qbwoWW4eEy}H(@f)Y1oM7;6e(eT|W$4l7bze_Z=82E7ht5dVB z8EQZP?Qhgc!=?)8W$ABpbRBnzu}IL6QvFvW^_KB{^7I2V*gj4ldznScFinfN z%_R}LQPNwQBJ9g1QCL`M_vaB4VBMTRxYRr`wnb=l!PGfnFG6|R$_FVg^w16HQ`xA3 z7$XC^f8&GNomw|;&hpdc{0Vqi%@Y#KOKX7h3S~xj@ogKAXAc-?w>cJG!8#g&ip{PA{&Cm3(bw-iRjho*czNJ zS1VBXg5x7+R8aKiK`%YEx5pqo;_c2$c1z?|kJ&FXls*&xevgx$@0%d}2>?{MVgv%- z+9zO}V!Y;7sIk$M>7>o0>+(Q=ZR1KWIJO`+J>`lvgl+>Z^;PPo#>k|XUDjwq+WJ}j>3k}zI_UA|!1Yr~|D8Ie&((*WUND z5t>4C@6w@kcPLo7hWfp{W`n|a{rlP<2tHhZ1Gk9clV3}nqv1={KBH*tlas82Hb1wJ zJ>^zq9b>;2K}Ph6<5m+hqws2NGC|ZNaWpFKPLh}tyCc}B%b7&!;YGUNf7>JX{_?VL zm$&d)kROeQqv#@wnKf-kNHLF{`5hbK4eMq6j>4GjO954})|v)pnTP1|vyP@Zt8G=- z*0YE85A5GT&E$RpVWn{6`$* z7|3z@kJ?CGyZkGw6yL;dK24pf^t5WsxnzH}7z6fF&VdpBwe_2?`zRh~Odr32%x`XM zSCjaHV~}UuSMj=g4+ouJtnmYEQBM#XEWFBDaAxK#xOmm9ovCfK(THj%3q+21S$0ss zEvdx82jgdj?x}KSxn@B@jw`CNT;6jOP{g3t*gSOUI1Hv*0pYdmO_{H1?0>yfhx&>2?SNFI!+T4#MQ^zrA_9359Lo_$5g>RsyhiYEQ*-^n zEe|6&A?Uwd#=bj~6XFHA!>>)iO{q%l5O9I!)GPd-m$HdWy2g$gb1C>PRCwzW2kk`c zu{-NL3hiX^vHKy~D^DLpPytGSPJR3aT+Q9`P6mLT(om>DTr}3)iw?YoFa4qa6M_BW_aV0>Ird$q zsgtoUqL%zjQeuEC`PoUL1C=KBoU?zfNe9`0gfERM4K8z^>tF#+(EKKaALG6eB{@EL zE$lfI<_wPeV)$gmg4>V+@2oNom3;}jTa5AI$jnvN=`FNxO)-nFAt2~$O%(jQ(R0*fC#ye?Ph zLT=*GD+5{DE;wr;WM@rmfiTfvnzh#n0xcUNzs<~LXFynLIVZ$eh@^hLiu4>=w*$I6H@xc`+2u95QfB8mMAYo7Z^VywxXr`brr^ozwm%_{SC5lv*;V#| z4?ljH@w{pK=mz?Bi{I|D?D>o`8kch~xlHTA85-lwF@gULk zBOvnYmzAq8eWIHH2TJ6R_A-P-dhA!eptBmb7WH|+(ftsty7Ipw!1T)hIsZ<5jK98` zrIfSr6yN*VnAj`<6uLn3G{B>T&egRhfM+s4c<9(7TSlBA5b05)&UpF>KKw@}ym->f$NP;K^Vq*PDhenETlTshQ zEc-vf9RCCxTtR@W_zjC}m?;bhN9*qa=BfP27Jsbvj6LeZ*srTSgOqDPBEYrAML1iN zM%KM1;LHDj4@VSOOa2f4oleZ10)|A1+`+3bu^OvoOU5LF&XB0{KQf0+qR@X<=V^l% zK)VUX{Eugo6l=-&|Hq;Z#nzNm~Zt=Q^ z4KQRoJMjc^pcN^%b1Q9k5_4W-+GUrDCJK}-xatEC48UNa8M3R8hFSSAZ7tF+)uS3?p z&OG84ad@>A9`g_x3FU=M@lDXFTaYkB@IBG%SNos{{3V_$3+h${V6 zcP^0>Q_+{s<~^=_e&aV3Cr!7?{QJFAg=WPzuQ{j86Q2?*k`l95az>2yxMxr6O@b}v zf#^b|IvbJ-d54HL=L*eCO^xj4C%-CBR)F2`u*x#ry!od7*(2!&t?wGW*sEWUcuEVg zLq!QPnx1z2nvyaf9GWP`TFX-Akrk&J{6Q&sOpU7I#mVPxb<%D}(VUkve#B2lLC?I| zJPoBYeob+1k5u(<5Rjhs*0V`Fd>93g4hLe}L<08%)w*5HO~NB2!@e_e)W;$oQdD9& zlE%z|tv_Tlo>ktt_hJ~~YTkVaoF=k5LyOzOv%2ig|1`v7l;ZGrZacjK-jI9jraH$g zFzeZc@e6=Ce0wB4MvIqMPcW%tt=*$-wh6d3si7F+Sv1*-On<@sU%{7u{D#8+eh;+1 zU8XyqWdzlP|KgOH?33y!DuR?pa9yWK0nx=(xK1i_@Efnq>GH{!q{Ttv z@WHr9WuyAD!AP0Y?_BAPZ&LIeA1DYU+05?hna2A!kSh<&?BR)vys&pI&i>gO1!0xx z9phFzk1h);^vUt-g|^&h2Q!)utVOg;H(7Tl4T1xqp;||cWz5?n>Ufyhh(!X7lG`v{{RyJ67vn?| zbYQZ%YdyTv#zy*2_V&OplN%=_t{Sz7etrchAQ597b zXMtXXXBzg|K{Fx6sK=ay*GeSIQ=K(OC5q+)v8KbVv5qu;_Eyh8gNX%&zuAANFd;eFY-BI zDBx>e+!iUeVvid;w&c&gOLeR%!sfPDxn3#T3{le+))G)Su{`k~kW8ImWRFo$w{lR? zBXt44Eruez94m2R%^CFFwDqGD)T-z3C|C29wK9^4(d^Z{>ajztz^Q85DVgnW_z7$U zaYn7Q%gM7Kk2eMvFGl4vHlP&&l)2Pd+o|zor3i>&Oa(h?66in3`fn1ci7kp*~3!J<=*5%{;>bh z5CaYK*zheol04~J92Ec#5o^|*841X;tu58(R!6c!zUco>V+0RcRQ^}FGEjMEuUX@2 z-ZV=zVpgo5GvbS)GLdNc6LtgH5uwKD&Lh&xDUtF#Zjr|5VvcDS7m~NdYUq(K%1}25 z%jw_AO|$+aJ1slGjFZy-4-R3q;IxqUU`MjS7NvhKO72J!G|%J4{>Gq(I@*yW1JJ%5 z&|a7Q=VLW-^s{-Ua7JHG>Ou_5lsk{!_l8she8JuQZ}G;?#_b2)csC?&f`bHDNfmk& z3mtr5YOv^<<6-Jw@>b+p(AF2G9O(l$u%tk?@rr%Qod_fm$C}l>&3GX2rQ|$_RwyR)jq*P-M}7#pZS{ zz&a=!Q^eMf1iZ39zRhVR-)l~cW|Rly8@1>NB((Nwbn{V9fSowZje`_gEI7z!xu=6r zmZh!;Z6(5Wr~9rsXeux`Sp2WKrqSnPeSdcVs}Gmdj(M&cagKw)fYlY<&nrP(5p*opPLIHC&IgQld2D z2Dxz(fX(FZ*`mZ#j_(3EC|jR5FgqW@$p1=CoVlpJ^g0oiiheK|oE&EYsD#FWBhRQ@ zwRBR{h%vYDgWSXkV7RD_qhUiWjXcP!by7QJ(1`z@-a<>wWe zrqm^zUa)h2T?v~-b5D>2rB(7GYk<^dK68pM$qmN;758BrOUj615rFrTB8Uch!jMF+ ze{TCqH8DqNK7PWE@b@3T-}}@IT$r*!BWFFMN+<1@SbTRrSX*hrt{^f^Xp%?q787%L zwhBBXENYM8@*SBCz4C!QgwtFZ>cS6DUng$^Ly8y?!(G^(LZ``L-n2kA{uXNKZ4gB@%6ikNK?dBnzQv5T7Pse%ckpt1C(*`^Q>NC0 z5=pepaO;|5&*Ka4g(uYX%O(hE zoAjY}tojWy5V=TCKCOfeBB!ND&r0x*q-b^cKe58Sw5DwDAMLe5+zTYkMD-gx45EUl zE41f)s9i?6VD2$hsGW^I68_he4PXjP+FnbWaf$W}yhw_EK7pwPK2CBQf7R3w(vF!N z=|dL-r)H?+s%ao)FAXqNBaytl5KpxZW9%8bXRDk-TZ@YRVNcq_w}#8hrazME10Ow5 zGV8P|B^J_tZ?c>us%c=MaD(-NbJL{*oai0K@Ui^DhIv?K27{muyX}$Zx-hMqK z>F1Lm#Jkbb@!PI|^ zi5s8D14*I$9#xxu5KU3LNI#+bAX;iLGX`D%TL88(d6|wOBjAzXyuXu{VhixEtbEy| zuU5t`-Ps9wj98|d=3ZbTf3ljV-lnzJE|R=#2AvzLf>MMym_&Kq^V;ua+cC!Z1Hx*h zZ$@3p1N7M*;!+n4xGZ+WDngM`_jEFfhy0X4XNjQ+`kDvsq#p;q%T5!`Apwe}e3Osh zjotn@Z$K@g96$a_c--k8`t3`gJ&?gKmnf4hEu>c!ovF1+gs~i_M(9h^crz4-R@MMj zGgvemwIg8zF;(-I7PrIV%~KR9?pX32)=~2q;#>}vH*DpZdows2p}Khtc%|d- znu?NQ^BZvQ3uPZu;hQ@e%*cQRfLN=vG7zJ!@-Co?Cusmi40!giDR8KgW8z}t4DNNu z)PG>zAjdc7RGsqRQE7}I?{pz2GCO zbv*khv4?QTKEcd(xgLmY&pr~(hTt>ldd1LgDVCJ~az~rQJrFPi`U6Zhv(SiXj+{ui ztt5K$qUk(LaU?vHAJS1hL*s*DTt3HB)NdUbI=tdeeXt9BCn$6<(uwvsM4r_E+5YqP zChPBa-*yo3J$0?46x$WrijR)s*zK-T@u^L>?{if@796`G+CeW;7(OtJ_uF54fC}Iu zL--dEsdP`v0{dG3!6Ri^GpCnlom_sTZg~0|kve)$T&T0N3CY<^sVAtSOH}HHx zCoEyVfvYWoVjPz6c!V6gc4LK_^jia$1&V^qB4NK7|7BiaX1>CZNlzs82Xb9Zv#MN7)}2st-=5(vp%#H8%>I1lnIN3QkqRCIlznLPopj758XCA zz}cll6{xh9_$%yliYKgaq|1{&r>qvD7pP_O69Qn3J~BSIPgHBk2=(vBUpbq-G`#GS zJ+33gVrL1M1-i%5ncM;OJHdZL0GwS8JnHsX#!;3$8M!3JC}CVL#S>w^?DCHFryBy_ zBgMUGAj;Y0z^sWkP5MBC%qCzzS`D}|wY0{6n1Bw!fO(Vn5Wcywx6Wf?6x?+(Oq0Z8 zjWy5&nd7iXUw%H!xz_cbIu+(!x>_SO#{-|!fC6r4|8WA$VmK<>c+x_<5KgHoyh)Yo zS_sE9KPFbkkszNJ9+U;lrfH>Ivebg>0W|4^?yta&%2I?c|2@pH1(@|w0?Zy;eFx{d zvcgBe{^S6Yq_=CXM%k-6(h`g*jNY)xJ;4;3hi_l3S+Ko8T~3p;@0!maHia8=NLPvg zBMQu(Vz7{S6loe}w)7OQ5E#$|Y<>#vePB8ja6T#X3d67jY0O-!x#Qlnw+JvZV$P}G zzyR?8{D?V>$#k`bq=9b|m@=UT{DuCE4IqIjV7xpwKSKs-rQkeCgMV*$M*RQrGZYxN z1W^Xqk!i99ts;ys^DZFSUI?OckN)dr)B!JJGN26M#Y~K_0z2ZXI|c9_utgl@*W{>f z!uJyl`z_xintz+K1A+6y>i_jJNf5z!uD}>7A6EFxZ}D|<bTK(odj&5^zm{J^) z$*}wKUr6N6sp(%xq+N6*OZ*cK!&~4O7OLloQ1{O4>Ipt(BFy+sBKR|7hTTwNwLDxJCPnGFL1o~Sw2$+!fC7= z>h#%+sw=m!EU>REwQ>kJd0v&+v?vnll(@zfd;TI;y@5(1W$HVk{J2{;?CyOL$e;B?b4(#>hT zx7O+<U48nr)24Fo*~O3B{k5h2%ckk`15=wGmB-Ni`BX1J zJXne8;Yv-C7@$Cy1RNf*8O#B8M%H%P;~#1j%?4i3ofVdJM|>o$stI7w_XZu*)s$8e zweh%=Vm;&0Ja@2hjNdeNMJ7xk*xU})x`OY+am9ZzgJ*Xi)mHhwwV%q2A)_UrvZ>kH z!xM$>!^CWOy2U>^v?~I*nZ4}NYFEA1Xb;g!LRV^HyUK9Z%59_G`?$M`2OAOXSGe=MxluQ&%$0s`bPRfQmU9@eFVNG5Xxl?z|_q5}!bFwp+(!@4r(%x=obR`Qz zTz2IIaG(2y^x_F+PLZ8})v<9h%GZy_rRRI{$ErY9ZC6oS0PNKF&H=!XP^KN#(3kU! zX&lmJBlDxe*-CJyI8eTK@*pF|BLK^h80oUmE`TKgP6^FiySkoWWdNdbOCBUn5UD`a z^h$A_alP399|58_n1@5rF=4Y&jEZ>w4MX9EB+C_%*H0kTLakuSZE~VzgH488_~bWN zzg(FjpFi*RT+qjDNp^WbRDgj$CQdu3RwDg>Iuok)4r)^XvO?s*Rb{dN&9do1WaEkg zpl!2>0a$_$fR=L~h{;F^e3C}@0=cM6A0k`dBwJMiNhEAR486AR$U;WRoXO1c(;IYv z%ok}GZC8x;|Aj~}+W(KX1^)3XJ1>8jsR8^-9fn_tn4K%_9_pz5Qu$-yFFa!#fEAK# z;b(aG|7g9}JRhKECg|(ri2l+uG#Gt=o=N}z(KE%2{||abFIfsmF+KYSW+$24JyrFR zTi5Qg|9~NB9SUak6Mld5izoTY`$O%TSTe-h!)Pr(eD8=~rb+L6kzu@cr_DCL7O0>3 zx6Q3TNt>X%+em_2ok$X+fFDf!AWtr`&db1m`3D}SPduyP!wxb4;T~S&#n&8TyZ3R~ zp^#l!D|QPG$4g-a&P9(*AcD*}DR!VHDq_ z<(p*(^PNBI!;O8~DQ9}*{3z^ctadlv^$_kD6_cDM5C;`d_Rx$aZXC9qp z{*AW$GmuFlq_Ar8Bozj615ye?gqu~k%vBJz{tOTM)TZOu)uYXCmU4?RT!++$s3o-Y z(KX3!jT_yQo7PI~Tio+kver|b@8Zn9gj*gs6BNaiciK_X;7V??!EoC-1PG61GRiwS z3!$B4k}zE6J3TguSh?OHczCV-L&`P8!#G0Ouy@ZBv2Kz%c#b*OsR~T<4f~f>amB+I ziaC)SV5&gG4(gVZg_7ag!wpP9(a_pdYq{ta7qJDS0MD_zK?v=d2^1c#tq2bjZC5m0 zE1Z<&?(^&ugW)!{rj>W*L=|D>6#Md!OWdWReftDxy%xc}(EOr?Hlqf?1*W>Wg20V9YF6Nl91VoCe%rQ-?PLE3dTR!b?l@)n<4|qYi=)jhfFV`c2 zwe=`VAlD-Xvy^*vB+~@GbZ({V|I(TPs_2jN^|MS<_glW^rqPzzq_upabyxd>>EY+l zd&>wrKg-c*gc=ACEnnw<<bg@f*lr}+k_0qn#KpP-YNufYM#5J4^pdcUkI^mC!R$v5PC7kBELnI zo?Oq##_1S6Uc3G1(MNYN$rqe#QmX)SBAfh|IXRcqOZt|jM3SRG_(IS-yh0mdQ?8Ar zx%V}#R`R-&#d{-Uzd~pIzV~3uv7rS7zDhM<)wYx(WRed5TlW$)7Ls+S+jmAi+T z(B67>Um%ID?`4pd0Qo5IAAl{e_2X{{K~)C7bRIR8HWO)WDBlZSM9_?Lmeg@F{{F1e zh0m8V7G&6V-{nMiFFDFJ{Wb|#LA{#u6UnPzLD3=&ImPH5yNF!bX9f+su^$toN^th` zo$0CkQIeVbi} z4DtXgL)%T`__yl9OtkY(_q)du)$Q{gGI$T$Mtt7qW#BUgSUKK5f0u!ixEhq*c=V7T z)Kqikqq(G`+2=GLBpeUOEiCB_W1q_i)*ClZr+S|N1q+Wdj!h~+GuxwVn`s!Z>HKd6 zr@^x69IY3>&F*#;sCgQAV|y%-j_PYeo82N{JvuMbEN9UrsMBUw*$Bd`(N$>EiZO1dXLL(5jeqM~ zE-KLV4->c~AU&_l{KpeGSz>qs07G#$6Xv-IM3yIF0*I3H^#Z$kPN6~g*HyQGf<*v6 zgKHpQqN=OwwHKpR=srPR(9i$_UKmVe>Nz%>$VZfCLH;^v*HQ$9N0%!1MMxKn2`ka=dH$s1_iZ)-m`JfGwHb zbiVRR{EIKW@@91YR2~QK7}WrWAlN03N6I+uBGK~OpG}%nn4mbegOxy*PnrO3SRxX zPPHag-=oTdCyGy~>aVeOe4_bP)0|IKNge`;zki7Ult$q2Bu+!`W!SHbO~%+o+t5y% z;mK1Dpc)>1VBq*GbJ2DrFq*%=qCdhp@r3CtV{>Vo-22B!&9*bR{sUDLqc(&A0S}+Y zN093@k4!GR0Dy{Dt3&d1o?}qIPirr`->dE0vD5s`J$a6UEkMDv?(03xKG9r{Y`gc< zeBVrUn%%&1!{CFo{mav`hg#MdP3S%9w1K@0neHP%kPRc)GR;SK0a(SV?hkmyu}Q7d zy!6gde(aQR+b>c53n0ax>+!&DUZ>t(7EpdGBeh(oehE}bmw`{dmp!ZrZvJNg_u&{u zA87nN(KnrX*)=bqgFq)2z(8+1*Zqd0HaQl7Er`uw4qN_O9~)&NxomqbHvqLNcEMEZ}k;Gy=Ye4D)p_!4L*bKy`UeV7fjL6at?leRB26l@LJ<-Iw z=2o?UT+P1JhF%f)?G6~w{-Q@g8Mn-G97Jir3ibEVY(hF(eE0-lXs;Khn*43l2WO+j zzG{AA;pP}@7ifDdnJ#MLor-wj#j~5yVj%g=bnehdvCN9OMm}BitHP}@6Sm6VhGQ1) z@-b;Pfb86!&U%|2Zx^rtULmVs9FCf?>k-Qv63)&YdY|u8<|QK6U6K2~RVMl@`JLNx z9(wSSxXkAsjYuk|MRx_`%yIiL)kzz=B3CLCBhtvov!2Qs8f_r;_j2bdoi17}s&&t( zAnEF{HxT2`bAA&Ag#ACn?->2+5m^Uwy_#G9hXJ(S^qf*1zzjIdCmJ_^#e(3zfffB?Dw3j)CJb?qXH$ZT95kEHQOseLUN9*AKJlM2M4 zw@g!e8LytI$Wm=HRqAu`$Q4Z2M^gR4BTU{>J?9G#{CeWs>IfJ6IJX@INa!q;I08lX z8&Lyl7yXoQtECts@FtFjYLZHb?S%rHCm3`pqOMPT2uHMAQ-x2`96|UTyjqKyk1{PD z-iL}@m1-V5FeqHjd>hk|D)GtT{MIozgyjwUB-`oMp#~6)9#CgbJfaSv1p?_Mt)II| zhI>CL3{p16wjWTP>4_&6@KKA!S8>D5+LUk7M?i`M&PKN=6Iu4zC%57rFCzxy@?dr6 z#k0TZ#YWPC zfrJKTwp7bj-FTnG-zr>hyjcTM8jM*sBV$K-BoiM~DH)(wM<4b+8hq_lr2Yo0z!VqG z3p}KoIGMPMI`?4IfqV#MA7e<~xEtTrtHkgF&i~5~#FWB1FcJJ45S}l94;WNNlxF~q z*Vn&oqPquy{zCv!9xM|rG!z;6reUzsZ}`X>fC=NRcx=a~1-AmfOKFwGZO6VJZE zMEPelQQG#73q}t~=!KDLYI#bPsL!rZ%#Z6afB;g<;B7eue{in{@CSppS^vQwe4t)| zB|NuCYY9=dV0VbYbk)M+i8vHYQAM+p2oMw-kRdpD_0oJST^@i10OlYly9D| ztT1YaSgKNdALl^}Y|3tEy<_=R$&p)DS4G}opyS>Voqel#Q77ObxuBfJ#w{@R1FwUe z<3H=~H~!o=qs;uHMg8OCTC)xscLdGVPsIvlk#ftSRUiJ0(n)x(F|GXhYip{&kjGHE zA3USOY)Ux~IrcMY@0t1-jlW|1(hBo>6ns}R`Bg5cXzdkb;KCDBv?T)3)PN$Issg2H8DIua#_W`Ce*K^E1L*b}bp&x}e5=hrD5oJYw-Bi~5s3 zd(I5G+LAxc3()t=P&*9Gp^~JC3{nlUZuNXZyzPv9-B85D%+k=y8)-l& zn$>M4B$rFWLqa3#Oy%=0wN$Pl4R)=in=kwqTjU!S`y}691$RluetE4s%-}!5TR7jg zVF8nV0ojR?*==j>mQ4uk59;O4u7m;8SG;3a#b;lL7Ry1(JMcblD{p=`V_4fXModF; zjQ2=8PnE7eh=Vf6ZY7W^T-=*4pHWlpbhM9wLm#QprDhPQp+?Fu6L8mOxmG&K;yiwH^()HV1R-LBgFx{(- zT31BHEIw|tF)&p`qpE9I(kiix@*}mbzRI9jpy2$YM6RE4$PeJx7!5iHTuAcVhB_AX zJ>EBpgT_F`6xU-B%$gynLsisY8^CZdR`pW!rMe!s9|!TjW;d^MJz;l1T0~w%bT|0>i9bH<;~um z2Mjd&Y5m8Fn0B7}3|iS8N7pIZUGLwdjfuQ^|Gc{3!`uddj3RxUt(&>aG2*r$H<~ z8jL;BWjqy)L@tLx>58IKPpCW;kc?tJo9hx840qDe63p#uUf3wW#1-r0a!)(9;l-RdQ=P##W#uQ zUBz_r@CjKpV0J4Ju<*zW5a$lYMvbt)KRL#YWw^uf2w5cxnmYq}O5-4}y3|b)hdu;0 zhepm*0Z9x4n%4i`uB6`mU2*c7^hX7(_CH%`{Twif09*bwQeumd)3VGcBOMBmV0LUn zlfmm<;;TDCU1G5Y4pQjFE%hyV& zWpv0M<6aNraM&RCe}Vde!u_;#HAxFjD0e|6`0k~1Ooyz{CZI8+crDWDmtBzh9WXOm zEGn}OtlWB@%KN>&#u8nIRG<6qz$i$8G%tr~NLq11-(ybw6F~NledA@Ps?5!HI2~ZV zgnBlIe0LZ}Ds!T+&bJS0G%1?QBjbe7Pm)<@HVhb}b-)ED^ITV1DgWs#tt0C4%V(;_ zrA*+LI-P|HrRPm6S0udlBI1z&&Uaz8Kv;U-sWKBT7J}!R*-Cj_vi$Jb!1#A~e;=De zqVzdayjL9f8K=QgDQnq_)OW<%cX5O6vdq0wN|hzNB6E!9c#(SEVJ*Ap@r!E^RS81} zHZe7T=-CEwas8tn+@J%hQToVic8VFIZBDU4=ogLEA6%P5u8X6h%5}~Z5pvMDIa-^zgB$j`vkR=C3$}%7M53jK@LAhIYK|YHS#_#ri5w4+ z>1tUf6nds#7%V-hdK)jW^R>TuORZbLvu)qTwuzIwValzc?6PPd^m~+_lv<$F=qq1k zCV70V_eIu=Tbv&Vrj*xbI;+lZy=WTNlJixqec)12#F9CBh&+u4D?22dC(0s0C8tvm zP*Sm-NGVcn#vt%nd>UuG#5dgOq^f-~WRI3P#Af6WC)D5jit>F&#s*J&4Y#F6cEgV> z;b&MgG0Od;EuiI@*|qDp;3&xs zYppog8;R|=QV^Ma-Kbn2^&jekgT)=H<PGZq_86L^_|wB~ zW8-`EHFwWC16Lyd=@XJYwTfPv*#OfO=%Qx|AH2yILYcODYFL_k&7WG+fBp~w`M{eh zF$7=wJw$X4tmD#fdyUYX_e?RwI4kP&hwLWE!)p7b?q`YmejUm_%7gzAj8o&XNB4ef zR;z+O#D=WcbSR6+19e=pzo-iberxo}9R96h!robe_g@XY#~ccP5Uu99N&E5pRR~>% z+kefGUh|8v*F8-21_2%5#dzfRMfQNbzik1PwU$o%P=hKd6J+`H?H}b9z9^_sl4$af z7*|3a7^J%W>P(?R;uz z2sp0%@JemKvI{1WKJSo4y`Q+J=`sr}G)tjxJ$p>_syGZV&Kx?I+M$lz6AZm)37s__ zqe$m2g$%h;JViR&LtGaGO!yraQU4Q^t)bpQ#KT0#*$n=LuTI;B}oRHgr%Nz zxGD^p!2F7NHFpZrZosU{|n@aK6!i0|x(MXw<7L%;n}Wa0|+q zx^?0mYc-Qls`@0AlB_(aE?snU zN_6T8DMM0fr@A<`e67d5Dz@ObCMpj23{mf;$90kl$CoD5T?O^W_muP!*%QDTefM!1 z)gIG>Y=8EFXHb-+wn1I2<;q}Xbv2DXHlPXx$kj)-!EIXfJQQ)@5#*JkS14+vF)$0@MC=LAr9l7>?oY72b6g%H2ieo0X; zu{a_1PCCMg;PK?xbOCjdnqHzFdmJ!-1jw2oFLxk}a+n@`{>FTMX9nVeVvpO#jV+)q zan?&5VF&%|;1sN)MlDeKAZ!};d7S(kAU7iLfbY>I@#B;prPxaH1a<1M_V0?qgAiSg zAy(HYNFB!}i>ss&awr2)RJoqORHp*vG~23()c@$F-U2i0rpq;K3bjcS(~@E*a!Lp; zEO$4n=4>A6}defAFx;i7HBw zOy$rh^^P)$>q$ZA?&tqO?^M$e;=gaRz8lY`j+)WaZi!K2R3EhG0Fwf;=Yu>a;V&Hh zXoAwbiBcr>iM|fsaz*sOQ&l$9Gt?mo(dJ?UJm{b*Zp zfX^x&ng5)X%c;TN6Q$Vzpt6{AVj(NHP2GKnEOb6gu{OphwOpyT@_;ArQQ3KizT z-a^7-lLom_erw>W$-XU0%wA=7*J5^TJbCTK(Ul*GRmLu~@?}q7ZRA)nJiT<fGAb%;gv)^b#kDRpLMcw@@g2o~ z?WDu(fbVb+u|<=N09faW1@Y@i8uIl+Dh0*aw}SL_w+Ww38QRf@v}~1oBk}rp(lg?cdIz z#21bCTrzpsPkK+vUhiU7X8ib z+w4>JeX7R`N(?pFL+$kOZyeY2l2lju6oQ_i^OBy7B%Yn%Xnp*ZR&W~TwIr(UERvb* zi7+*&u$$L5ck5TEUzaa3|4qLYt!jCw-O;0a?*veU|d7oCYlOLLJHCgod6j6n;_X zSqqvVGC&S?i;ZJ5vGrAIk)0NH!0)x2uDi5#Z}~28_-E;O^F60Fm(BBq?FnSE>0iz0 zJ%wnXX*;LCL{h2XMcu0ErV&_rq-V^{p%;5os)O^<%Z@;Edi(eV+?u@e!^!CG!&w8KW^0^FXM|>md=Fy(>;4WE0 zo=L7fEtDtZVt+^fvL}+Af>gifdgIfJ6JZ|M<$Z$md-fci>%Hd`HspKXEA^Z!-3bQe zw|voS8Q%NUj|+;iUXCQwPUjR5$99^Y64yYcQt-i6byp8|Z1yz^!!ik-X`NS z4gNOf87=%x53=T6X&`wbwDIQ^;69vE!y@mLQN41yussj|v2LbCvC=;jv!9|LcIJ_V zb3THX{nA=lUh0iV&SNQ|Q;UqqsMvOeg=ntuWH7lrHra~NW3HMZ%jjhRi^2|XhaC~Z ziYAZ*UA_~o2mM{+m@FF#W>gN*@ao%|xOVay1e;+P?pSAmT9!WQx-_#G)Q3LeM*-I&+%J?je~4X)o-0NUwH-A}qA$75T`8 zaV3aixF$NKG}sX#!V{{dZ3V;4T`3)^oZ6)@9_Dt$6NCy^{r}eL-aa-m?xZENs z0&4E&3LiD2=;LC#r$ar6y#xA~B;LAt$XaS0RAs~kq9pG0cJ<)fAG&C@dw<-{_@e*H z5NYhe)=4EgKZ|9|CG*jmm(Rw<)oJoVuNdbUbhA#ESl8l9e?1sP^r4n)+iY1{m`GY% zuJDo>;lrB9Rr%=7pP1Qj2j#vc!gTQk9sZOWS>fM(YT92lXH_26$cEQ#-(|Qf?iv&t zHEbi#y`E4Q3-#PV1~U`7_EG+HINfoPVHRry-|ki~9OP%ZC&%z{8T#n;qxRaQmwNPP zPkQ_gv4c=<6`$65N3+mOFQkm1+i~e?rlr`|nGF&TCO>@3rwP?zd1Y`R$3>v^=Ak2G z;f^5froA4LnjZDxct0L3Za1{SMf=*cWz~TL?9ujnw!>vi+e{u#_Oq`sh4l^P!~4T= z2Nim5KV~lM6ROH;de!B=61ol$^(ojM`p>k!COtlILQ8z0_y6MA5$Y)WTi^yORTtMN zz!uK}0v30qGvt;(g{HV}3Ybg0t4U8jlDiW1)dgz5 z;E5x)C2>9P370($c$f_3hqc!4gzO&%(kG4*^T{Zw)K;0_n4%b~S5ivSAu>wQ2K_@i z6GT>(A~kz(7GW0&f2mDyQw$*^MW>ViFtKotrB%$3-hnFhU4duiaGn0ZVwUi8rKXq$ zFa!VvY&_K%-f&=LRO!aX1)}RPq|Dp(K!HupjzHD&%iUig`ZSfL#JE4m zUh21r-t<3Kjw*V^3H?D=G@>jT4;3`cYP(6gtyDq+S68R{gPu9w3@`F*J$6GW+$Ad> zFvwQ4`;ntUmbobRv3ihT<6-a>M_>*DeN=Kx9ejfJrEYmN>CI%4AfmD=D*{kA#U>Yz9A8hGfvzOwE2q%+##B~10S2>dVrUC@&} zST8BkLww$mo6wK5dtOdrnJX4S+OT%scyAD$ws@XQ27(jc4`7!K9-d>x8y zOocl4s6?FB&?1h=D-AfEybAJ)jk^x`vs0;%&&WKbQ>~D1$~*EPfspEnxzI0C-^ViC}M zg1oW|;?DO*UJa>XZZEovC^O1H)zBX$q>y@w75Kg;uy;Ba{=0YNihomnNGhGkkE~1i z^jckvoAnn_ud!gzezcEo4J;dpWBHR~og*2(E-ClS+9J9jM>WB z^?rvU)OpG(cNhGk+8wmsH}U%wR_;Ymwb#M~X_X_WY;{r8nh(FrQ@0mTKJ3X55Q>M~ zCe}^Lq==-8C5Wk${ty`m*Jw#88_p1ubG7Aw2tagTDVDujEM7{_ZIY~o2$lKliB)U7 zGQ4rHMX(d32-OB!&T^ey_&B203%rOU;n2sdcG5W>aAGoCG_~6ihZa{)^5+k)^520> zPQLk2Dw%D(;Vg6M+c?aC;uWb;V(XMPJ!5~&y4h#`8YT?o8feY;qWNXaj_FDA4 z_1yDcM(Zskd1XJx|6Cpj%#l^Pdu<(?{a!z{(lAn^$(D;ik+gD%-JCuDEg`qK26-9n zky-e~M9*gCM9x{|G7I|@iT&q?{BQZ+ogHJo$|V*Je3ALb=x>&Xx9o?AO1VEZOX3Jx z33gTEI(?H9UNYLuH*I0cI_Y*IX|J`9kDS1p=w&(6c`GlNbZKHW0Qx)PV_@LlTns(Z#Yij^5#3!qpD@=ERO&iGu8#p0k_TVEw?$x+u zS1E?O=^7u!u;P;x6#E5a#UlKX3>L+%C9~(%F=P1!RNBeR-t@y(N|Hy#(Sdl1DSzV0 zF)6*h*22Wc+pd3%;h%_PG#g>)npapm*rI3vz^{JEh1;7ov0dg)Z1K|uy| zD?K*IM(K75NHJ}?W9w5+3B1?i5#c}dcv5#^1-(bx(QgnxMdMK+Nhoqg)Te1_(^zzQ zdur@T@%2E~GC5*BUPl&Hgd}sG^a^+O94xoOXlH`G#Qm%|<4!~L=pRoy3+a#B6Mh?F(*3B%@{%ID zI`qE5_k%x>9K4Q4-m|}@pvVMfZT#0yLnUm0Ml`pgTO8<6hO>0O_!Kc*;$P(-$H!$J z|J(}SI?(m{**0PIwEvfxHfOD<$|@x0(x#>2ec-u}kP*1j0*q@Jw(#syKg&g-1N4I-$12 z6%Js=d^*Sst=Udo2m}kj%9N^N| zSY4k6M%LS-+!ubP73N6W*AthL@1p(a?dd^+TuZ{Zf~Vp^O_GHK6?j6ZyQbGVpzE9T zTOS!)T5D?+^G#lBWzlK957xDcErFrgxxZ2*qJt~&suf(vaNNy%z8@8NUT!XgkYE44 zuv6S5wnM*uM)xyHB71$v?K&g)r0u42R*02vu!m0Qd6y$%=E063T0}^iSAs*h9!xHw zzmx1~C{H9`D_(SEmgPn96fT``P;j5F_AU`)e#pwrRARp>v?ityrwzY4H~yFpZ5Kpn z8G9U&Ufp?ja=WPIWxKUcX7<2)nPCUD*EeZ}+*Vu19Um%9vmCB)hZVhQ$<9h=YK$Q^ z(~aB~=R5N*EgZD-e~6w8DF?{f+z+Zo1%c6L6^YyZROX5`HOvuBQ@(p0dvwv!i^J_la>^+&|lCW5<( z7Z=b&R@$wikRe=)^9Z8LVK2pvm^CGv$c;%lp}Rrooi>HBDj(7q?hgFuSX%k|3-y-y zFDi;*+kGR8TiFG*EuTxxayO2M47y)%g{2FAS6yA4m)9%sjHlYJ&?>xrrLAhyL%LH}=~+@lo@|hROyVoyGoMb);NrA!bHMoL1reMo-H;Vd2o8LuDNKS!G=Uhq?&Qajl`5+*(?2QeP9ApQl+p1yNQ>bM*HP^=HHnTiodR1olMU#rfof)EuemnI90S)I>E8G4YZeo~$?>KQ(o5b@)h zRi|r^CtO827>})gxiW4^QCSo8*U*S*wCSj&=5|}9AnCT6&y5r{T&w*9dMWp}G-|7X;;YSvgJAwqHed|94T5tr_+yR3k?GZG^ zvx`6hu%mzAbN)$U_QY(geJC(QFmCn%j#1APA%*`G@Z9Bf9O3*Zb&;)m3%9}@S5Pf_ znkjaUZIiBzrBQqL$7RpL6OH-ZYMclfn0&QtHXuFIlsC7D8v?Y`EF~uwHhU9b^#aj+ z5%HzJ@d9EsNMw8OB*IYghxfcG=wdkJ0ne&c(b8pfqm733Gu=xOzo2+|LFSNe?k;NSU>*qL=(}Yeiep}+@^^T!TOA|h#u&)5IeJpKl(i2p=nOZjz>{+7ApK;~U^NnsI5p%=G=_vOyg%`Kf6F;GuU+KG2>f4GYYkYOK ziXWBaX)IDL3Fr~N%MWcVlI9mjgOTRe0|xQGdfv74Q<+H#CnykR;>>@r|Cq&-yQPmxjtI>=6$6+3G@HbbwZA8PkCC8&#Al=u~ z&Cb8<5~SGD2?7lQ#W(HrvQ9(v6~86i<+QW1$)_`XFCj%6P1A#Lh)I};`pxeYA6JI+ ziIOlg6nZFHX!bh-&Lf{Ue&06*sW6R)M?|7J)y!srGLLJOqwZCYQ&Tg&GKwDB8WGWl z*bO;G>PNq}7SH5-Zj(#vMme&>&ZCt<&hbXiuW3LjzF<7pGeeRnq#hnHrkVHx6$D#rQVMGu~}{ufZuYkKs-wE8)TX9)4>> zr`qVYVnuR|F3sRpR+W)Hjq<7)$;^zfO`<0P5eI$~LV$zF*?=35&Z*q7!I+hv_D1cFykjMV*BZ148pl z*W^Xu7es9C5>+;*l&^k~_LqEQK`Lg}a>zP7KR`u-CCv}!*)#(;+2!YCb(U>7u-ZTK zqFxQQ_RS}YP~#9sncIOZjj<*CHZF;X9W!Fe)FD!Z zbXH$IC?*+#n}d8A_4cq&OuU=*7A{Rjj<}V)@YjlbUA{La=>4))q{85&fqcsPqM zi-;Z(=B{fU3X;52b)19<>TUVX)S8#XyCG2}Z4f=B#;qP$NaJ+Rn}0pfM(^IiuOzf|a( z^8*7xq~h@o^v)Zlh(r<>acuMV7Iy}SNF5b;quE%CVLeovs$O*c(=jBrEYz;YQNh}!Of2W7aje6-TVGW%rVy^}HI z&v2!eY}0+aMM`Vfzta6~^0SPnnsZ^_Fm~sC<|@9~VzijB`s!ED|3}g|4 z#N*1BRG;T8!R(f^^+ydRfC4B3pH2zdY*ZqoV(X zU`|+TN(La5&ut7^vY&mR5fjZ4h=&UXO`B~E)^di+Pf=|()E2Vz@}-o|ZVY}6Q!U0k zA7t}$WkEsE&|p+I?VfHswa*;JCg4j!*>%)5!2uYx#~dF0{6W{>>#nuhHvnKK-tk?K zs(gW>W34H{>#xq4U!7koJ7<>N7<6qfj07TG{sO4rz`b$vCE=<8`1PcW8=M^SCKj}o zO!#8UYiG0~D~k1CqNDfMLQNsVXvp{@vOkBfoG%dps@zKAk)MjkJ#k&n+A5QG2p+kk z>lt+==!!G(gGv5@v%LlXUzGZ|(_$G#PhKS43M$V=;{DICVtz+i(Sc0vk`OsT-=RrH z+Ha4*N37N)BdhwP2qnQM0X zx40HYl*{1pbnfk=&p88Q&S_;HK{WagK8U~jX_Docy70g!)%bFVG@F~8&Ig@;$rmKhIfQa0VdXw_JaosWrM@)5$hyyY~ z4=uMpQZP>e-|J1O8-9xB{PNllgb?IA&#!kc$?|S-JDLk&;-lqj0PS~NpUY-+0y3|C zdFY>a!ifz`8$Hl*Do#8=ogqQ2sPtzwzh8*1iI;z*CVoL(Nm3S((yWhSyj<+h?t2Ql z%#Rg{5Tyijy#G{|t=q*!9+G4qsQaifB6)Kc`}Q3DHWqylc~B>8`ySih>&OhLSEQLsu7J05&oK2U#_RM#!z;Z^uv{6dnE*~`}(a~!}x4y8{i&2X`G>%wc z!#A62t+(4DbW{)B1kc9u){_Hnj9wdb|Da~I!sSur*R3j+x9sd4&4OKcS&~uH=QHYi z7@ZYtMq6+9>P|89)%<&VdNQJL^iT)_gmUl>4eO=WjvZY+DQLXg)tFWW=XT zQ$a~=Sqc>_DATtu+!NhWmCiUhH&c#NB`7x;vN6@@=GM{>4xktdA3B!Gou=o({mB*S zvF-6Vn54vmebtZiF-G5Gs-e7JQAynXM!G4iqr~?jtf<|Z@t*P|D5McZ>z-cUP*@|G zlHKrCJR`kG*8)P>rXedJpD-di5x8e4t~@$$#8165$$x6rslqo6qhhEX?YDX|#Hf-) z6nzr&hz){~COrL)Qm>sO@o7!6@%LLObA6xTEs7VRW;v`IE0PRTp+zzV9~bi6O;&xZYPrlV^+{ zOtHTFs3CRsc0_PQcj;tqJ?ehN$Ohdj9`bb{Yf9eOPCU4a7xLM*Lo zGhv+2Kh00_Z1du;;QgivcP(PS+%pZ*1Up8!D#=`t=&Es3oFP)0xIIW5{Zb-q*@ekE z#t$TS$?SM4;Ef~_Z~hARIX>cxEM|(pVxxbouk}k$_;ewD;M`F}Y1P9<)$rirdH@Of zo+Vu0R9qPr?MLRqKHpIBNnK^iYjDC7{xPX>JiZ^Hmx$@r5zzDV)>NUl3{F!RP2exORl_ zA(+*xVBDlZpqwDC{N=~Cpz(_9OUtw%+V06nntds4&g2UUV>0wt+5~iAJ`RS0Ic(~5 zrY8p3uyHBOX<%^@L@&ch9=`d`r>O?hv;i}X2lphKY(Gy`S4D#0P)whC$mIkQYATdaAJ3I=!1K$jRYCofv&2&=Ig~PVAV1&}8IW|(@e#WBA zcaKdmk8#Gp*!7kB1zK<9p^al4nw@r7Ct_vG#34WvpdK3E6M0A9QOMy*t9jGowg?f|z1$3NR`&F7;#?#5e-(A`KGEiPxMp#n+blG*!?3#oPXApne z7fJ^MHX3gMMWQix`B(PpwO%=8BF(OM$=Fl z9!E^X6k5sEU-1qE;vdRkRTb1QT>7<*7%pY4qKWlg3bAmfyhy$-{jRp|K%{NvKs_7A zDADj!X9+_f`I7!1{E-A>y<0zfitvy1DRMjK!KA|7q7b8crXIw4#bLn>BC=fG`zA0l zwpd^Kfnwo9_Zg@BkFrP59JO_PU|9@cKT8rRhoMVGP0YApEBq+NCMjJm+DS^eJLGUG ztJ=c4cGdGIO@Jhzi*sj#%zu|VISqIE?5W#Wso#L+4iSr8S95kTGYPo$LhuPxU1Q@> z3E=%94;Vn@FgK%=dAIv2?!e(tb6co;xbliBx1rQ&@Jgf`#^EA1EIc(x^>=aAS)U0^ zG~Eb)^@>1A8q3iN6}Ab)QTGdHlTV?HbB6bs#rI(&FDj>y%6GN6FMycBP7wI6`A^WP zdcV!JEin0=p!2;odiq94EP%|6{}QGXN2$MZr_ny1SIJKhyDe2SUW7*KCkX$s0K5&+ z&FGDm$oc#e%m03%f;}NmW#?{nZI=L9pp!pfka~ge1dY;rifELc_{_4>F4zamg~RxT zUf_aReDxHub)!l?yH1agdmHx-zBV7&9;)Q^Ug+x{zy%pw;Lzso(T09Jv7`u|o(k#s zG|mqRki#^C0U;U_KWRVt(Qsd*L`b8jUG${ur!ezPs(%80acYwnj8WUgD&jvAXBm+~ z=MDk_mCDK~sOqGuXBF4esKv6jX3VRIgif5mvWXtf-k;yN*g3WZiS`4X42PdRNDV!ZR4(uA|jE z=XSWV1wLs*x09LY8J>~r0eh~n!bb)#Y+-ocml84%jE zMO{xR3#*`o4#5#)=kQc6kn|Z4v4bGNJ+7~oS!~h<1b{KNg{98`I?-SB)qkT8nM6gn z2E6-d6huZ$z74>a9g_?0WGncDpm7oJzy!aGEj-uympC7$)6yU!G6d-dG%g|t5=O4S zvq6g5G7th2jiVChYGsqsZK4wUrE`v>K~w@0QuR9s4uAxJmp9kPU#DtKr&#Icconf* zzQc{Kid>&_1c=JNg#Gf}x_V%+f@rG|LH%VN7MK?vV5t0O{ju^ml`Zdu6$lKjmrdXu zjG-!30<#8m^I`1I54wu(8arXX{>5-I`ZVa@=DGwa;3z7Ir zng4eULPgGNqo%RyBO&Oc%H?E~+mD4S@Hj3q2@BxoH|#(p^zltTjWlG$@Vu?4VSemH<|z_DJ8pst}-^}QDZ zUM^$nBR7?!sC8flSQ}UH|6kL?3m~2lo~wNzQp_uQyC#|>E5W$*?z^98aYsdz zitVk^?GA^bC{kxa2=&D#=n?KHK!;-F3JLV02fb%mD^x$2cQ)9-4_8+RtN*Q~Lq{bP z=+j1_EK0|R0gUSi(cKKgBAN2}tGn_ng!)DRm>d`6@7t?G19iUHBIAiUM(dc{BGdFX zSG(w!NuWyk1VTO$hHUW$!(Z|XK>z*=(n|uj3)`h${g>0(VN6!Ttne+?m z(*sW4Ub-(M7Z+?DmZh-?pPz$*Ch#ALJSKE(1Ni!LJXOpSAu9o{13W)6Hi-k3EI*W% z6j6q$W1#eEgyA;maXZ5~aXV&4SnQm9du~p;z@+Qfu{NdlGQ@vb)(C?i=Cs5t`pY@r zI3@YlHri!Bvlf5LuUMdqUmET^%5pWH^CtHOx4go@0<-ma zMmrqZ&YOAw9eZE87hC|#ehu(=Sn+$(;m%yW&3dq1zo(QtiF$tC&kjjkvxdKmfNmUt zmnHP1ROG7b{6gYAjJUT0rMIJyHJI{Y!3>%*!d055kdohac*YDIe_xG2EJUOPxvnW5 z09{x-5I)EEMUt7>`4C@uI2u&tq7Z6cazPp9T*DU+$E4JK+pLgz86S~;)WsV1aQuU@ z%YWY8iKqp*CUVujLalkD-zMU7CA602=W_;Z85cjY#tf4HyE$K873??>Nwjt!nd=3Q zi5D9{@dMN^Jw85X+@y`J;}?6P78^PuzWl0whHW%HS1zMqfB?X>e})2<+`{_}YSZfe zGxSeHtqct(C9stad!H{CjQRXv<%31%9s=AiHuzT#0kHXvu5Mgg*Ao_oE`MxI@!yww zMZ#mP^TCaYTpgO9&}2j5H(BB>$gbj`Q;ZLkMf|(*^4^7cGd2A^FQBYbxRK|*geY&Drc|izO}0k&znDf zqt`7xwW#wfudkfFt6OSUZK#|*wQzd+whEA?vw4P@9rdM;y1{QwkGk6B8-CH(^Ha~2 z-EYm$mF=pt^Cf@2spys-S*UoH^EGgepN=}XU$3nFKOyf|*7zG-#!pur-2WeuPbnXo zuDv#4QtFuV6!!@zv9;bpQpBP5(kazWQ!V0<7`59Fio=;x*KH15MVxYCm|fuJE+&_W3;-PKRn z&sW5l&FyespzecNUf{-M(oJc;$f;lkKy=Fw#zo@W-2A4G*65n{krcR9u(D*N*L zl6l11s&63Q2+abxPZ)q{?`rZHL=8Z$*amHmF*B@0cq?^NF&b_`|W51-LQ<}x2lgx1ol~nQl zYoPsRV!osPVY zfpy6!D9GKkz}pQnK37%Jh@k*rIy)}YI zY>!i93TfY7+`9I`eP6r~?FK$*Jxjm`A5nbaLx=gaG^=mGbvbo8Fi>X;}5AKWuK7BAQg zzc^=gB$TFqPW;azXmf92$4-;~?7K=`M|oGU7cI*~q?N^G39JQ)0kuySbUVvnSIYqL1x(}m!vKsu7V?X&) z2qf~3=tt~hKtqzBIFtkK;EkKXG@AlyO$U%e%^Ou~508B>1ufzz2+qfddp3f<`cKVa z<~^RtsmcWhMl1HuiR8k1G#r1t9~zfSLy;Hz^X%5ehio;;EuY877bH<@M^3}1Yz-$d z_;45nugPev%r-8P<4TyVCn2^%{Vt5znLv#BduRx)1Jvp{v^>Vy(p)i??!tQss<>sM zY7aw|1xp@_I^ze(L}ye1O$G|Iy>`D&GJ|)Aqk*>`UDjuvCOXt&CMY!wCw2-t4#s-{ zj3*LC)*izm%qG^?`}h`bxcP#v6TpkJ;gXfZRGa#N-A7jPoihn<+yknhyxKGTdv2bx z)HR7Qz8m&D!yl6u`#Bo+co9EuOvG&8VOYH(ppzrPMi6W#bYU9KJ@?G9PGK7M87V~rjSo+aMy zieRR?*~kf5>8Xmurlalt_2CM#0dQdw?Zdc5tZP09m4zUx%8#7hK)g@Om5R*G7=-`6 zMuoULbbdL5n6D6)Rp?w6SN5elgGsEhqK>+D=MVzH_T&3O*Q{yuOyWTkzze%{$m`;# zOsns5RcJq3rq&4W{d1bS65P^{S}W4@ICtS;Q>l)F=NiRK6%1|${Rn~{_-4B) zwJ0s93?Qc=(><2Hs{!xd-L1GbxiEr-`bQ)+Zg=^Ys`_lmYZU8IL+C!k%NOmwan6Fi zEO~WUr!*vAgSNjOxKT4U1Uz5emi0`$3OXZ6m#7HG&9TO;?a-?B?d(DYZ~EkzX<+0@ z4M4iKGJM;8PUJ}PYzRuVXb|_}^IP>&ikc|9bFE}obu-FJ#vav5AJifyYJQ{<2=Dy?(V(4JCB%WFk@h{q41__)AwG4*+G9)<>jS_XL9{ca)r`7$%rXgw+r`NO^b z-FQrlM(}C~Cx#IbLtE<7&~z4u*O5cooMwCSUo~`WKWkpfn`6s%rkTzQ%Hoq*i?R%e z?j2hpOLgpM!d$7n6Ptmhovt@OkfC;c!tn~9TU^U^Jf4!v8)#T6z;KcGq}muB>dY4y zZi8K}tJPkZBNCI4&&_k6oNPNd_~Lj&&hrBm6IWt#(!XecD=aEg^zSI>Z&woN5{dSL zR3|6n{=oo@E}CC&5_Q#t5G!Xt7!M;&Y~$1g}|_(RoBg0 zLV(0Yy&2{&e6q8}-g% zb%R8k6nps&^^dU2HSmmcv9zVQQpA`@iCv>wZzDDDmQP>_m`vw8XV*Jrz=A$N6|d2D@2-4r5WW!*;Pf+&|P z#$BD3QH;0ejeO6`i5%$AR1-L+f($FK?*3Qi6)Bh7fh_-Gp4#%hfIMXeGxy z3F_ABYd`O($V|S(_6h0?r?2Tb#};QTY7#yPVDf)z&vu zV!RIL2MEex&0;sj*kP78E4}|_Jo*=-%QZeP{C(AA-bxQ(Zup%xYroqA+r;+-rSL=NAsTcd;2%Ri05#ac(}Pwl?bll z*b%^e<}#319SF0x{nE$25NA7gUi+z|n!TL+iFq6EgOY%h+kh4wLM7_tQ2DDlG%fSU-C=rE62sg*oyxgN8q-B|^?B0}MW%c&z z>=gTN8+K-$H((IDZg+O}!|mR=uWR)~u&n(39VeDcgJPL~E+8>CJh^Ixac3Qz(|rPA z9K0czCuzGOV%O!v_<)35X56ILiA~@KWs$;w!?gX;59(7G;``@5p20|AM2S8Ut_gD? z3$uV>SXcwrH=^9+y6$wyJNa?vyw);Y%3;v3d%OM;AvuoO4)6m2%`O{y%b5Vyq(?DQ>}L zB|0;kv!MZ|Um1y)cD{lHs@bjFoJcouXA#R`}DH~l5VdPqfsB^== zgn><~=CC1a-_T>7+q3Giq2tI?tYx+ME8Z*?&ao|||Nj}sCa~-?#mR_FwyVO8OdAk? z?lWN(1|wBo(Fkcq_s5ZbwUQk+4J&Dt(#Pc7F1o5;E^Wk>NNCVi+&%q%vrMS6R^Ju| z6xX4#(bVY$e4wvrdU?#m6V#~t>}dg^j|uZAge9$QzfI=s(1ft!7k=i_J zvF`eYL@F0{vl`(o@B`!bB6^i+(U5bKi=clnv7VJhg{FX< z!d*c=G`;}T=yYs%QQ5=ZCErg!k+iJ#;cuq z6a|AN#^64tI)=Dd6t@&3jnyT7c9XwjzvVVLxBZLA!pW-US1M2CT!MbY@s zf}*~17>%WrKFlf18vz3Tjx9fCZA2dUeW;8)4E=UdmHyG9$m$Rmjiup_fBHf(GsVDW zsIm}mkb%3c9cfU;ipCmQR26ynj~qv$+5}4!!t#QSkn{sGLYh7Lc#XUVm1UKpy!kup zJs?=gRt?Q4+`EkF5|x;-L+>ZEg|uverJ_y5nrl}LgRLX1iE4f%7eg$Q&QtJuQF_bQ zH4SF^b5IaL#TkTT(;))f9;Rk_O_NwOsUe?X3ikcvMVAHFV4~9?jlk>KXLzaf9x^vc z6__MU=h1ASdUR1)Rxdu_CIT)&2|*ZQrP*Aet0&9k?K#r>9X+uaVO%3Z0T zYmYz0U>=R-4`Hh4WXl1kKS-tV@Qk6EcoPO?g_f0^6{bDXoEJ^T4MmAsr20e~`}pzD zKNN$E!mj-Ocx{fo5|bfKML}jpA6DZto;O^e+T%W=v#gC2il`#spc?%Ab1&-&5_=$n z{|#kuL>na9>~r@9pERbHV~Z*Zj-$)alwl%Zh=68f%ONwtCNU&Rw@ZY>`B7ujnS?yn z=fcp~xCIhYUr1$es(lW9u@9$#AQ7k~9y+RwUp1u+tOnwjG1BO-0u7GdaE!xX8W*dx;3(m5=@~I%Bi-XpdvckCG6QIE z?@z&dI=1l<_r2AIz=v$cn({lMg(jp!YQ+V&yD_C(kC}d_il~D{Hs^c*E&)uR z5YoEEvy>Tws@efw5wYF(qsOBd5FHI&a7G*F~Q-h6K&lT}63Jbn$0+q~BQvB`Ahp|NoN zK+?4*GTQwiGD_a^1HM-t*>>ZloqWS|tlq+dkIY`boP?kL_V$`r-Zs7kV*OwCz(|zx zzb7bG8xJa3PJy#iP9C)O?mpNxE_+Ky55w=Nig@e4wyQn!zTH1YMg{zxCK!-w?2nA* zJrVaZz|XD1PqB^0|Mczes%g6P(Anae{<2zPlxhjMf4l3Lnt7e)ET*tI$Ff*o zi>C^HS(k#p>rkwf+eHAHo>xwU#V4DG{*yQ7)v-12uC7;as(-aMF=ty<_qw)KZ_9NV zZEt@5FY9a!fhR9Ebby@YfP{fx(e{EeBgULv<`TF28w~8z+aZMMdB;ZfF57^z!@?6T zw#^$pXKdSBZr%3$K&)ElOuxI2sw@N8KQRlOU3_-N zzvMtkf4IvXN0&hn8c}OJTlKf~E1unwqchg(hA#;IORRwZLv+Ja<_*A8x(CV8wQbn? z9Tq3?R>uP&MzN}lE(X+__QB{fD@C! zjZf$@eR8!ZSCOaC%KqdmXV7tq7XwN`o6yrDcA!Kc$>6_0xHT%Xq1#womkJ-cGYdMi zY^aULFPu%r9i(bD`=>$YhNd#Otq_tH2FLyCUaGCWy?M7BGg5#np|R8&OuP-Q5bk^s ztX2aP#^GKQTWTDFC(wB%EwS=5M4gGr#I6)*gnp{k&mHj!Dd`=N#p>aecyKD;biduI zwRycVt~%FdY1o~={w9ir?8mW7c>Mf^c!uKDR}>j+diD8j-}_qSi|z5I)@S?Q$lba@ zd5ArZ)!HNi_}To&o8B+cZ*T3lmDfukMPn7J!(?8-rJZN?W~7N^^mbvP}U~9yo&)7ocv(M(2G4g?HX0!c zCrPRjDC^XQyVQGeDcx~Z z@mqzPCDp0lE7|g}2jd@_MliGER>LZLp&&T<_GBQ?wThqJp?6ZycJGNqMA`(OI^G|H z_OL$5t5?pXeGS15bFKg^yrt4<&&j^T{mNi2ZS12MTkA|^Hm2SC?1_w9SIYEeGG!hs zh)+NOFcy*TTV17Tm>1#LoqQrF+`;d&@aa~f?UZf)O`-041{EOH-+{6%j`hY#EcSY9 z5?|(~jjaLQR%k8}V?f~}oLVB${ZG@@feSn|=evQZYg1VDh=_g~?XQWPsQO-h7M)0QRT7?ZXtvnoZ>RLeI}Os8AMcZ409isQyatp7H7W3lpX;(ioFT!GhKbED()k z@daH4Qm#}l5vZ_!V9cBQcVb9Rw)KLKLcB&$3_`DN{*L+l-*2V3e#Al@v%)+%@k)sd zA(||jmRs)_#r}|R&5*4iwK(jD`yPj%>M@C9dxKkRxAFaekuK5%%p7cu=9j`k9Lrk) z^Cwm2aEUoVW!2PR)x&nt(4>h(WATg<90!sHk0@|VHq(Uy8&@L1w!!R9!Gd-Xv`mGM zQU1nDW@(stq{C&jBF`ly!F!|6>ID&9;W2F>WuEczAM6zfP5Nj?YlPUav)bwML1};d zcGJ+15XUTyh^RkSL(hMCKuv%71ur>ugFX*#sgv5|gM+^Y@$}XaB!IP|h#WUZjx8DA zoFUKBywsXQQ=cmQbvs|qgX4l4S)&zyeL}Kh#qk|Dkh5P|TaY~SFgPa3!8p4K*~Q0x zVr@h?nY$D`lEdK*jTfQcAjv1d+j-YDW_nsTQTy1V>X{=6gM7KZnu+63Igp|t$z6)x+9 z_9oVKfY@~V4cwlQp(Nl@I{=RyMDpo+2WPdby(5701qK`3E1?s5B?EQXMS;h9%4V#k za>Fj5O=k|<&c01TmaU6vr647`V&>#Cn?0qdC}0auk89g=i%2U%ldoUq*%wKl!$1IE z$CUGv7^GQijQ(RwOC5c!=jun1m_~{IRxYC?T?n1-Ub!mQszoKnS#HGO2jo3S7(r~M z88MrYWWx&_veKW+%TmxQoa0v92Ji57Jd4{e{hk)1yp@J+(dOJ}c2FDEILcIp@k zeN0>Zg>{ZSUp@SsVFI6XxL}^~Eyw~5EaX>(NYuh;c3@%HE;tV`?0*p;JalxS@#bSF zb?VwG415|Y_60Sz3P*_;;<*M1k$4B)&2+AB6vxnR9`q7n*yk4sTmPH&a>Rl6h;Y-1 zqbcJb)_$_>V8~aSDz;|v$@jeF^B#Fcf2=A8<0}ZK(;;8|fcLR*L3lt!MsO?drru!W zqS|q_)Ks|$@DpBBjbE2i{J#1ve!ZNKl-GxSqH?I`)u7kd>mjJzi#!zE#o5W zN|TDRV;47e9#`UVH7IEw{+_Bs^ZJTs6K~grR!7I%AYolf-z~#7@+!@x)e!=vO5*VY zzunMrfLhG@kP>-S#|BBqa>$h?HC-iZ)K$v|#!B=vMX&Btgu+(2MzKeFYsG({3BQRK zZoCKbkE>GE3wKSftFBS`kNKv@OZmORyiIUG6RPhpeK-LBcx%;*l><}TuHkqlW5_=H zjdJooI94aKHl~9lTdrx4eh@Za`^%iyUNc3NGc{81Ob6_xiT&`fKZb-*B z99mw8nQoULg5ik=dw-rNs{6gWev&k8$(oQbxUd4l85eHFjfR$F~#HZ8m(?5l7( zK+5kmq&(Ua2&}h3?}maZGaI`=o0IbULP;TzH)oNQ2xGVC5ERJoW(%irN|k*yj?mZX z;Nq21JV~wjJZWJQiv7)FIA5VfA_|6YpPoh0|dhcgz{h)~l|?_nATD}7Zu0J3M)bblbIw07X)hkNfJ z#xF@F0g5P+54?YHDV6`WUM}$cDV3`6u0WLAV=4wV;~BjO`ZdRJd6fz%YnYxx9g+A= zw&x^E{gffUs`RtrYac}lX)TuRBN(vhtRRCgM7Q5jP{%Ua$RB`sZ2m}7v{$irV7-=tM=GFC?$myRWf>i((f-< zQ*RcJ&}(v60c0)>!_Ak{C%b{6b?Jf_--?`w$Wv?%=M-j*5{$+z$De2tZ&~%B+5F0_pxzXu;hxU zP33H0m6_*LK>@xEV&&##6*yB6T4N<%Rk%~gGf&Q{w{0jQJU(VB78qojlk4gLYZYe3 zMbtmf|3H7RW@jp0`T<*h1XXY*!phUFr_yk2uX=+BFnGGt@@x{8n>R*m)#kD~tFjB# zmFT<50S|e<&EB7uANZ8Z8`phTa{}0rRqL1=ZlAE9nlqa!6VkVA8Z%b-85j}J*c+rdjBKnVW*j6J_~_WAAo^)941HP@{! z)9N6MN%c&a3qPXuPMhA^HCJSuIi$hVPVg(X6P2-;tY z5zJ?b0}SxuTS3Y)g?>jRc)Nm4ZE`ASB869aSv)GV!!t#2esZ%zjyy9RU1iF+fsREH zY7@oZG=lMVyG|WxP6?-qkqXYpC}_HhloOVZ6>x#~X{kx4Ak`5nG`H=$oXF9+C{||1 z$S4_1;O2=XTLT^&12415d-S!=l@N&ESEhDwDE)kyqg+SJg%NLG^+rg5Af*`Wr#Rqy z5#&9RGjZgM9Dq$gfPm7=jjCg7OI6z}k0Knj1`P1EKURbzGVEv;`6~Qf9 zUhDBDC&R}}j5Bn_g+goatH--Va#pF$C~0-bgvXOa&o^)ft~4S8b8<^+39t)J!Z4)h zykI%tnEpXbqzAGR!ND|ltg$c|3{?J!yDWIx+BlAHD=&eN62C6{8f@=}a$NIk{Xk)6Tg*36R5!;Fx@ z;?@PAh}iub?jNEZT#UZ)avcwZK@`dv3z_V2fK6qqqB+-jsGjO^ zIX(UC=g!c8+9`{Q!7HG}dV{X zZkS{QlR$AT7aA`^I~JP2j4)gY&^FOpaq>lkTpxd%GV>;8dW5@M;T9(rC{J-=u+h|> z<&2jHsC~>weLjfcz#{B4TY1oR12Cg>lXiQGhBcNyhAu0KC z=eHorCg1Zl{4QOL;?9nIi!>Ji z#r1F$Qg76h*Q&UmhUykKB^V%|?qOjSQ zt>*XwSE;f07Q7#xVPGR$MIttHd;wqoNP_;u3E-qSF|fVRU9yBYjy1L${w&CoNq(>5 zX9RtgKcnWihnXnBB1FLUXH{krfrz?IkiN+%NX zxVt28`UY^U_pa$>rf);^^S<}9ix)Hl4wdb_aCx@2ZS`mQY9|4w6=9zg13{2aDKpn2 z68Z+#XFiD;^$k-gck%SIqxeD{s_cXn(VPga7~{g#&$teAIq!pKsLMZ$$J}`|0UjqB zuqH_IRTO1F(iUn9b@w@rcJ)lcu+wT%P8>|#MmpqKHG~D`Q;`1S`v8dq`?(S@!;8G% z3WA@+Z@}rfIE|?TZ+|f-DgeW3{sC}$#ZjIjS$o|6t3Z9Q$hf4`mG=)Q{wf;<@@o&6 z(S^TeABw2fCtn7#srr+5UVhjl{abNjQW4>#xHb!0X1%jT_w2VSPL}hG6mx_B<)l4O znc{X9s7xUX@FhA6mXO!@UV32?kdoAw8<`_EwI89igYiS35v0SP+egP1*rUUc1f$d&gFSW$0$A;jsGJQh zFrurbi4P$smzxZXT=j)3njgIq3Z*}}Awd)5LnB%t3yMpOU6Wx{EnN60R@Mis04{5B z7VlEkZHl*@meVDZe={wY9eIdk0*M~qJk|b~6h;xDC~xxNyMoTJ_YxjmA#1F2D>9j) zU-L)$zQAn~fqs~Fu0&BLUFk8DLdHSX!@s{>1Jg=q;xdskCf^*sZ(z2;h1j!r9^kc% zbf8Db;k37V`CRVFTff^Fm7kT@=#1M${>trF)3SzYP<~`8%Ej-U2eTz&Ehu%Y@eyBb zYST0h8UodkiJlWIH3c$^iYU3)!GdD2lvqTxD86r+Y1b-sVg9uU0xlYD{^Qtr=(S%ngE;TYT@5uVhUsK-d8D*E#dGCJk?{UOfgGK-(8>;+}+ zpOVk`2KNzXyew3%Tq_W_=6rTSMW(a&XIvdlE=SR`H-1a2Up>V;D*lue2JQY0!R{^A z`WYBo7ImtS0@+^LnuExtQ7OTl377nW!KP`eI=jnD*jmy6r0g(87_tAdkjTd>qcJ29 zna5r|x7;@yT1qpjqGoRFJ4W?!*tu)(7Y%6V6h1mjRa&~KT3{05B0l}x;-PbpZMVS4 zT6+80K{B&Mi*JscVmUlu{SRS#cZx50iPlWv=U^kcEyY~KrYc^kJJi_*9dhNFOv-*? zr-=7-)GPPNRvB(2d1Kvs9Q5UT4oO@3v01O9E;lezhwE8SLvv11oKyJIoI~y|#bL#es z>ZjacjwS-mRSsddv>tu&7TPH{sEYqZ+*=35wRCTz!9oZD4nqhbSa62`!7U-UyA7^E z2X{#b2~6<8J&@q8gANb|2u^T!cO4w=&N=V-ec!#ezQ69RdaI_^+H^nbSxwEJ-Llu} z_Ve+y^j|lSj3?4o?Jhk%2?`sFAm(YH*6>8`;6$CwQ&-haRqcmDTyFeVtUoTRWx+(j zZrwjX^fMXe3s9IDWX<8XH^W&deL%2ulvR4lD+GFJHr@7vJ?@HqZ1QJaVy5$bs{C6* z67rr%A!dunk7tJW;H_7XBC+3X;VR=VVX>iZ9qvTi@(;$2FZ+H?V=}}b=VVq?<}Q*j z1O4OQE4I8!MkY`{{LSj>Ge6paC;<-p6C*a-yGx%weLO3Vjsb=x{6_7_y*>}OuC)Gsf3Y8q zRxEUUk~m4n2v$NI{^n%q7OBKQ2ogMW{!Dbfk0pRui57&kVtJx9?MQzQ`T0n#%whgZbLwO>IFKgH7+WTL82CDZ9K<+z?MW z);9L9i9Hbvh6;&kFem8ji3sQrQ!*{xdNJk$sFV%B*zANk8w7oXt8$V1ojp{E zjdPpBQ3YS@KrZ)f;mPQPKTZwu*687@LaF$^ozlTy^5FL7QX5G><|TCnCvCa zNI(2Rip9ifigG3|RLSXDSWUgSgM$lOf)KxjC#tGiRZTzq3+8Msa-@Il9F5 z4Ae^JS{yQAL!8C%{Pu7Rb5d|1sqhzCgXfHoDp=2O-Wk#HrG|d@ZJ4g(N)B2A9VZT} zb(lJAX9F3R{@LLiw@kj*QsOGO%jWY#(H3f!&0LN3_%$NNk?@Q%Cbh)DMFItw7hhcn zML>@;eFob_Q#LAu<0+bP_SB?0ZN*a*aQ{NCr?;F=x)~zp*a?f2n4mlDI^k6yC2N&m zHbJ*9mzQ>Nk`wmY0}g}IMXB@fQJ+Fns~AN<9^gKKpOr9~dTvq22%ckAy^Ejz5PN207CPp*#b{Qa zWpG$#$Q?s&Ifq#VuayjXDg|<0Xn2+RI~Ubp(Lowlxs0K(7saoQTSDb9v-uI-&f1qz zzOE%8gmSfyWB%o(tkcg&lVo(RZ!uPJQADzDF)WbtFOzX!ylkmZdf5R~96gkaCHFgf z*v(#n^Wz&Dw;3ebk50f8bN2}>>H%Z;hvv5~?jwSxlDmx2AUs&T(ST0I*%d>Kq=>Td zr96}KMQ2OJRgV%)YGP=}N&E(PD?jCt8{(L)fO8L6CfQ&ebjj8BUs=%gTMKz3vND-a zX*3axa3Qi+-VQOM+h!d+d${0*OgxFVZl0Fcl*aCrH1-D4Xd|&F)5}B>A0m!aiV?@` zCIDvcvWJ8KAGjE~?D0&@FT05jE%Q^DJ02C4ZIvF#2d!Rj(2UMupP=bDj z!xU8UPI7k- zXo4$hW^E5Ner*;4tVbGVyN5gTe(bChLl3oysH=ZIA%m`*9a9d%+g zUy{a2cFhcQdSYmE&xpX`JJfnJaeqoC9toQ1)0T2{@{SNY|Fx2$^LilC#=niD)BUU! z-}W}>#fmLDzAfIX#^)2fxsgfZfBp&oLOiY#P9RLRw0koY0E=~w!9tS2{g~^LJBgk} z1s0r-ug1fWv$nU={Q9lkjblC%fSv;MTR@Ki`W^o?BVSj995UjW)0rbL`{%xAlvW$s zBevTMqNk3$4zgOywD^uSM$O=Uy5;i6bzX3N&P{1t0blqFdKJOB_h<|AC01<1>V8Xe z!YqU#TFCj5+?*jf&c)q1+rRtl1MRBuQJ}iLgwL@hhmyoGOLU*8cGQ3I*%i@Df&nPd000pHnA@~p)BY?z#4`u3}g|H8?^H%5B7sz;kZHevuz35tU_@E92 zGC$efTHy=oQDmqgN+U;wImX>AQStzVIbp}FmU4#zrI+B%4V-^PDCZR!PRzhYM{-;GkX8(}ekf#IIc?;^SxNb{dCm{t; z&y8n7ivWo4fd%d@^gO}GXntFmv-;Ra@q8?6ERp6$nH7QriXQ5FW9$Q3NZ(t$LeF33 ze8#*-_S1}cyghptf{4CWl#-&P3Ajy*o<{H2A|}E9h7+!i zu>IQ$2CgzuEMO1mKnAB-?9JN?o=+?D?aMb8RY5CaZw|Whf{F4L#1{VsiX)n71Fk<5 zovaK#j`Sr612iU}AqQRJE2K91*FR^X0y}wzlOA870{rkQH97rSJFbtcrCR)3`>&58 zl$YW6$PlVPzJsnzyjv8S&Oz72-H;{q;xgd%JK$vX=7J{+&@mgf9N{%zC%cT|af3?4vZe);D)V+p&B`>*G*EZS zaZl~I{;3uPB~{a+DsK29i?~d*J@5e)$9MV`7@ak6J$n8L1&zpq&6aN-s`t3-5 zsA4+jWc^C-=l%20X5o2xtNjc1DZlgm3zw{GQL}?c<0%OK`86XSU=w=YY%oC4f|cq$ zPtiiZ?RPHv>(agfcX1MgH{mtif#qZm{bF}Xj{qZQ*R4ki*@b=jb2Q2$)n9Ak{pdF8J0Gl_mJ|}I5cOWfw$T3YUDcJ_ zQrFshZ_BZr&DqzdJEHL7z3MDFFV(Z=Nf!CYhvWgue9#w9apO;3y_6P7e_Qbb=OOaL z$=Z{z^b00$!UY6BnRSys30=@t5(WQ!hzyP8VbW**u_Dqm^zHrFsN?w%>C+PG2v0QM zPiA`inIqro=XmYWaW>bC7y~ua~nu@pM2GRT=5>O z`0Q0`(%5Lmqe;@Io_6xgVn=*T&zdK?2RtEA>GVXG#*;aQDWXKg8BNT|+~?(m$dg$@ z0#8KaCjI*!Q*1-^!t9UsSDx5K!V88jA5Uf%yrSgeH|x&o8cyacu_wA`7b^w{tZJ$m z(LFXAOQ_u=!vxX}0_3;<&{uY>tPgmKg9HXCoIN)h6)2rDgqODlJP#`EfI&!y;p<@5{hA5N=id5@ruku*>?5A@#ld2!xS@#0#E zhT<=0=gvDB^v>JRA|6zkEd_AV$b%9Gz1j~n=R#4TbM2Xfd&H*H3qvawFnvKI1kJLe zlg9GcD*?!U(rX2qJa_Tdubp>!awNfdr%A|a7X>vUdMlE0cs7y^i$$&X4RT)n z4XLwA@0->s@ME^-IK9UbKMQWh6X>d+VEXwgpkeW3Bz)v-V#i`oYk$+6meY#am=1w3 zzk=#LHXtZXRxOj_PQ6XY|BO(rrk>oTdYB=7^(eg`G3xwc3nT4)RiIVJh%8lB)l{O# zrwFm-ReKaToA3G-e`b>wF=TcBNSU@d#67$J&L$3knYi*@TVJ7*-7@k4oaF$1-5yo+ z9iPk}IWo1IsUHNC%uMa_r%y`XN5K0LyC#YiQ=HwV-=i*E_g z((b>nGOiZ4KPBY1t~w`PA>7o+v4`rdr>MkN(pwd|F6b@n``wOhM-uqEvSuX&F*v6FE1Qls1%@yzx(p@ zuL=5|qK(slm|1No?K4r0SIyLat4D$D9W6GpORs-6nro_iW8v#|$!d&LCA>Ue`w^x4 zeUX%kw-(?g2Tf~v@~52VkVu8UvsQ{bd6sHr9M;N{mOIPM4qE_Mxy5t^>vH^>4O($O4vhwNrEae@Uy^2?}sK7V%=+Ns4qJ8@7cTU8V`={B7W39 zW$kE|jt1>gig+S-yp0-ER{+wlfrTF2xV;&8fN7Y$CO3nKdK65`p=p&qkA z8JwE#uR2pLWOQBN?y=#C_hZNSHBG!TO~gZVDdYL`-aLJB#q(|{#u}l5(D*C-GgT-l zO9tHS{wbYymGJ0UK!F{Imf&_;s!*?HKocG+$S9RzeQ9R%?*Z8fjV_)NT+Xvj5Xz*tHNRz<@YGA9l@7Sk zPphAkucS||88Y-I`c+fG7V2a;E#({9nKR65mdt;T2JY8VPrQ9?cKO+gqJ(}?UNUVC zv|QBuMP)#FY5}CRXJ`A5zV*DA8B=*zZ_N1ps~)AK6o21`hcKG$WcllreKEs_o zJ20>9D|f1d}Zg6=f)`6zUq5ckLYtD;_an_e z-8_aCm{x+%o}abH;+RxZRBt-IS;_U>Dq^^;?G+F7Ea1B^qErVOk>ue{ZnanFn8Z6Q zWtx<{dQmN0MP$*z7)3JDWIXPrhwD6;f#bM*k|b@nD{ea-i?T!+OSZUB zU7VY=wfL%3Hf+QS=(#2(?#;61UDgWcDT?D+ANkAesuyb>Er0Nf4VU6She~^~_bPmt zrZt1xc#2}7!8ULa8MQfI0`7?*+BpsdS%p}A;-(SV^yS*8&u9G4uxtXpm83{Ew9tTOqA{@uV$T|$2-!Hv5SrC8@G|)>4ELPk-H1w>JmX#2eL8=pI==<+Y zJb_haip3f{L@@qbJD6_JLTc<9+G^M(mnp=Z^cWAZlm*%Cv4|>q@I=B`@g}*Y4XEw6 zCQ8>clnpy{%vXn=dkd9VDrm~s)C>Hrz2{x@dlT{_D;FMvM%1S9b8tXKdid`BobK%K z5&c@pi5cx&K(E$XJLc8cLrd=?j(gJd!|sm)>u`8}i*01MdGopd;#v5MjX$+$tt_$a z=6HhoFz|jy{F1lf7}j@-LS|k_bhI>3r5;YWv>PjQwrJnjb+ss8*mbCDv1$EB@Um&O ztN$yy)ZN*%{v+_%##+_?6-ad@wz0oOu)1i~{pEz8<&9lOi^mOX+_swDVwvZE$ju5s z2`r}nipNtKF?*!{zYC-2J*=t!nuysWo-+C`iTUU~ys7`1h}olHC-yG-253_oOxBP?sa# zm<099zkAmt&;0guPepOR!l%huBVTFV?t5?LHyOEx>94)F{x`~Tn!XBsO*)2MleEvQ zXT~`A$VEZ5vqR1{l{}bz-g}s(43=db0j;L>LaVke_Z+ESoR7Kk#W{5wF52Q1Fw+O% zq&m!e-iqUU1>nj6t+FhNydUyb2|Gsonaw8nOUGIP2|9{v<06#8=l+3Kd=hRmnzu%veYwnZQR#FW@Aq@q|<7YLdyQ9SlZcW8zY5=OF+H2JII)1Zz8Lk~1JOq`9{PC&4$E|X$_ z+`?b&@wCh7Zx);yomSYb;^8tYw$=<0r7=)Ld=xo}H8c8?`4-cF?!Iz#MJJzh!Kx2F z5c|F4P^z1TsVJ|To4(ZQ1#;!mu~jD#Ca<|e81)uz?=u=8%e;z4pu=H&)z&Gw zDdZ~7evIZu{7TNKO_7jbVAfdF#vXO>UVnNPUp}OlaLwM>UU_0`%6+h(5U?MuEgMb7MJijUm!62 z>a2qW?}`zx(IHlcmF+$D)2h$2KhSNbez0Vb1L-%W1RkaA9HE8vlhNdJ{}z}OgdXI` zppQpyZ#3;5tn?U z-iYp8U01oAw@wE`+mh~Nt4k8+dnyx^og#MAI$_67&>rzBIOkiF$CiR_M$65OX^<1@xvy~7zy8P{LJYG$0>{i6zF4B{(S z<&Ql^deufqaOS{vI*R94EKAHAafb%iL6+(buzBVAFN%mARcB;6?LFqbkbEc1aJ-7R z;dCjXnwP79&TRg8_GyFWg}#%VfJ#dhrB{gNIojX>in)Ov2R1iwr5#tif3{*KaCH_?tHBO=`nVKTNv21eyY>|M|7%NvT6NC z5VL8ussAhfzx7h|7QPa-jQ=HJZQ(0j``;2I7QSz5|64-G!dI&Hza{uBeBS|w#r}7M zr-iRf?SD%USX{rU{eO#=yN0sbNUAy7g|zYQ%h}_R{MB>ndPb_SdQRo`W16ivv63`M zv#iUyMm=gr&8+3_U_%t4yFuxunpezyoU9msGY@L0EOjYZD`BdD-ziB?T#0a>wZ}m- zMXFZxLuhH0FAv6X_)(*xFk+bNh?c2}h9t15C-Df`+6~VG<+Z~_BnfyP#n?+p3zJ0jwrR2VfvDKyD7stMR(`3x;uPZ|jLb|U z%BBIqJOtO6NE=yWhTqd8DT(uj?q6~6>>nz2>1|7Ruluy^F#Arwo5F)gH!d*30Jl)mG~hA>?YcGWT!;`u273CC+*TzR(*-+i>K{Q z@nV<-e-wh4zOijMuJUPyfQSW%0KdVvP(tu%Ulh05a?&$UYwhwIFT6!lqlElc>U2@8iv{7wTU*{6_u6KkCjDCbmt<)^PbY zub~B7b1Dp4XwFtZzOf#OG?x#~4$BR1SXZk2m_PFTL z;AGk*_Q&}2Bio8QevuE+$1#U_6LT#5b6QGw?#FLObZ?Q3Gg>sn;Yoo%^<~3eDm{N$ zEp{#&qh@KVl<+9BWIW%ZEDY!l(za!P=WY6^sei|pTeb*_;-jfLqt-*N*N>rjH`05I zFMQ@)@|pH4Cgw6hywT)pZX?;EP!UMe3)~`~kboR^yx-ALxP#Ue5A~-85qQxh|FFfK z79O0;I(p$;`Pq35$G<0M8Yc?z0kVg7t))S`h7+BU9IDQzF6I_{_-Ex7^=#)W&BzH&4MBDka|xYiV41<_h< z;&~R9I$mvdSq)p`GYSnM=H-b#a&(7D2N1QU{2oGTV1&nsFP*(0JM6*gAYwJ(=tZ(*c27Ozlijz0jNdZ2#(A2L57G!yhVwVBQBF~(BynO! zsgmqMLR8c&4?cl=b{hH?!bt?E=6R!s+gq8FryjAoqHBxYVHT|E^!Zu9$1*#EvSMOp z=kwoWc>>oODp8X=drun!nYPh{nwu?KG9b{>dH1WcrU7#t&(^Yyy`N{oi!)^#u*H3^ zpG&I~Ckals_yX5wvvjo?Gs2YtGP@He9xGQAhieljLe97NUUg@FQk+yf=Zv)grZNCq zD$vgMe6T8*#^ZgAWRv=ng{Q9ly>B=hKCq{+kn!_YCRy;SjK?g}%aHW~u^c@4 z^`+pd-nvUC&5hVsf!g^TzSz2;qYg$6n>K6SB!MQk+<;rdj!D$lR2N?b5c4xm-8lCi z(b)^U-@WgX6N#}8*?qXoeO3~fdorAo;;F9WDDi0JG+wLqBb-#ohXZ9FZ@f9_?^f!Y znjIH2s~tnKRBTNnp3>JGVJQ{0hV`03a4)P@qLOzWW_rBFqA?Mahim=y;$lrzkY=4S zC(~deuB5hcle=O3O;oK#K-d)Yo*wVh#dpY))!X-b)ir*=%#&%9 z1JC=^Rc(jK`LD3{Z=!2-&+&$u_*z}xv$D$}qd?A3vp&{|QPFXehCs8KoMg!xOu}Bs z;h0)Wr25euKBw+>Thja@S=hm~q)df(Y-%VN4lZFU(^qm{Vcn|Iy6V#p5;vrb$y z%sfoeoOQeD6y2G>_q1K)Y)aNXzsppl2Exj8!FtSYDul04T|!VFCHSW~5XIEi3rFlm z`Uc>7z5=n7+5AaKM;u;E*g&yM`;lS?w-eAG0PP_>>Bc)*fiQss08w~xrmAN-I6JIc z{sE@2ZtNtREkp{sXCkOI0I>Xx3Hiq;58Jfs#SxNXmtipNnBJ%^I%fS*eRS0UW;sVagS6+6>obLRrhr#p2y z?;Y5@+aj>DgpSXxElaME<4z2wUH+{oGQMkF=1Co@BLTzfqO;odHUfd!5Z%{%j92qa zB@)0(_DU4T4!#mRRI`l-Ft0|t}8Nd_pthAABmHz{P;-kH%%!6z}0KpG5Mp-IeOPc0RM& zu=vK4F$&O8-%&gSgMLPI}Q|^cpJo55Bq_ZmhH!UfN(4W?8w^@{&OIn zWnjWSr!(u#t8p2Y1vhKZaB5OUPH4KV2-e%^sm7zerXBT3O*(CvFp7%sH$`>0?|j-C zmKL9Wvn9+ZzVkOX6jS6*_<04qK;HBFK0^EZ+jGhnXpB=Q;f18+u}_a}rjk8V@en<~ z(6|bYJsfj*$NX1@b9Rc&Q0w`mYZ0N zCMrkZ)ue4V?{g9?3a4l+7Q1TIm@!k(6-3qPvibZjt|mb)OQj{qT})c2HSN@I;R_U@ zxai8LIttaxILq2>jYFJaE6DHtsa}d^jpj-(uW7i5qU4Z2fZf6HiB#B4MsS8wy=>pc zDkBGw8n`KLG$@9Ql;1yyD)^67CD%2xeX#J2Fk~e+u1D}opDJI*Wht+8Yi<70cInUiZqQi zp|=Uc^3-HM0bNNyD=?MmEoLPirp+b{_k45MI--EbvCM#b5&#OPBXEzl zGwvnSbBx828iON1p&(}{M`&>d!pzR0nCVof+>%p_0guj{+*ZQ|02u)aQyc)7Ul+UO ziSi_Sh1`!%LRaPV#(r4#Y-x-}q7HiDJrgiYZ{hQ9Um@`9`pUbBth zoKv&Bku$O)A`b$AAE)Su zu<@V23HeF9QL-RbXt}N3GQsPLaG%xZThi6G;le#;6<8tM@^;|&V?@vZjz+} z4ghD=dcMC&cG<2ke`-_{UTf6+tAQsH>^>;na$&+A@29Y^!)Mrh#3eNJ7T)TT$yFgsL=cx5Wpcpn)@)ekq zaW`rm0fVaKc9vvg?QQ`2KOey6!!1klT;X#kUHU38F)iv3!7^j*9~&-{mVdebF#yn^ z|DY?3|DZAO|8WO2!Qg-UyVdlM`|!!KKkhRxbmG-uYtHa7 zib}fpOqIZ5o|^J1xV=#5HL0`IcYMn{s)|#o*t$G+<{v7u8}Ba^IK>IYCGFC!6WTI| zc;Bq2e1PEFPF4|ro}9e|CQ-$XSZ6b9;QA5G=yM^Q2(w zOLQ0QlY;#(ab5ic1wk_7h@*Wfk;-SzxPQo2j~>0VZJ>TyPNhDbA{0y$K&sw8;|-TA zX^2yMve#5Yo@}n0bjo{=qGCsScdtoU zhMb3WaeJ@nX@T3cH^#vGjeeh)k^vXS#e;17ZI2Cp>K z=n4u?hx0);=0M3A=qQi*>7i0Gr!$Xv{ojB-@-X^3Ck$Bo3YQg4O&i(ha|kPCfL)Zm zV|Vw)l-JkjyKIhUImKJyk|C~k0UzKV;WpSe4<;I|-Mt=)+&su@dbjZbh>%2cO#Wu^ z#`h0W$qZw5J_e1Vf@(2tXN!CY%~QM;+>S=!wmez&8O|dpIk6?_ead8NZHh!1$Rx&zgJM$8WSaS($^956gyOeJmrBXdkMeBLeA`|Cf1h8||E4@fur8r8B#&6w~DzDW7 z%y{%1aUh?8!GprrRAHbdsyCIb>oY^o2Z(iL^{SRx_6^di^2t`IpQ{UzHKg)2lyC%? zEm~EQ^QSOjAkw;F#nO4uVRKyiYN_u8uhpb?l@bikKmB9&8k)p}K{;SCg`L7A%D|77 z!d9}^XHidY3(yolA@q&SSu-Hg03+uum~&-)fhc9A1pjYPZnIZ<^0{w$^-8ZOfp+Ba z>%oZDU#s~PJ2WP)#tcc4R`Bb+05(uV9GX^=w|5vpph}}B4d~UaroMMl*%cEZ!EWCk z8Sb9Ze$?Fo!hy@G6rg9<(McorPe^=~;K+=MaYFv^=7H~Ti_iES`S@Rx_@>LaS4=Sc zGy8izJncD`f^O}BtxkzU{st;gkHH*;iT};dd_+a*r?se2xo~u)0(C-O=-kIR5nS>& z-fdnlKRX_Y5&&mZ7)CtCR;A(adTE&mOyX9^@qZ-s;r|d3#{fzl_uo98ll7x~a|z7f zDDb~Y&dz>(%KEuf7R}o8<=U2|zz5LL9suUS(Vr7LD((8L4gUb~eAyvyTC(MgkFDMl zpT2)5`$i{9Kya>E^{?qH?-rB1#>5>D70g|?a~H#JMS)n7{qUW@7r> z#wjWW^MI+b{}NH_>G*N1nR;Sx8oblQFtU8*2g5({`2R+@A1b6l9gJD_$O4w@4y-gN1tmb<7R>hE{B}zv`GpUUvT3q zj67@EDhVyB6#e}OoXjtv^`+LU6(n7CU3_R@PvBL@?f&a!qT*k(pUt&)$*kqf^I+~e za<@={liYlwIH5mV3)G%6p#ls18`6b<-r4+k>cJ8r)?- z^SJs&c)AOnG#-DN4!lDvOTP5`03^VZjME4{+yjgAnL ze*Kw{@q1nt(d!^RVn*w4e+6mumfJl|>q^r<8n1jONu^ev}F<<}>=(IO2y85jAV37NAz=MlwfThePmLQ_&%%+t_=!Gi( z&24;jDfY0bO~bwQsmwRYL_b=ckZv&(xnI>#r7;?k@4)wp>Ga!ah4x%a#?6@MoPS)- z7FWCR2H&ARGEW^9pChEGhEjZ!yqYj=MfDX#=>e-*9sM`4(ZGX^CoW`g`)#df>H>@J z#O}eP-qEvq+fLT*kBU+TJM$#_#Sa|X7T5R}>$4^Q&T4#DuqmGv6F`%otJ-FrSiWlC zE%UbNo5Rd^2_s++`IBYI0SB>%`Wl9b6|4Y0?D5HvngdhBTKd8y3_$WlFK6 zNx&7)EQs4+#^aBMvb{-`c7I{7rO9yF_~|pGThBdiRIu{Et~fbhd5)8Y+M#JMGjuIL zX*nqOK@htq(vSgzEMK#i*LRW#pEV@bQN5blrs2If+H#%VN_AL-QXj#f?zWlM>_eRR z-FT&iuOQ!@8xK9Zwo8Wu@&!k4o70WNY{`Xei0_U9!FVENF{h}mu}?YT)Wm;lU>f99 zj&QSfz!A_jZm6ooBroP{*8?LCb9bG_pGElsb+6%GnG?2iVIfR?PYCIA6o6th+l^(`=+8 zTG5LWmTZZmgTvJTJZXx1ccSOcqlKCCjW2LQiWK?a`xCtGp?@Ar?lekya#qihsY+8v zKKq#rf8O^)IFD)_|B~*`c)r)D<}w3b_R3CXDr4iqCoz0ETKlG3lVj|xQw0grkUfl{ z{*`f9S5|lH4q@J49G};2A0v4d;KV`%t;})2C~^bCr1&#Pup6mB^#@U&jD$Vh3xz*K zQ(;waDSO8+-$XQV~a>P_T?^TsY~dX zxt$Jb%w+l;yFLs43=*jpT3QE&Y7OSk$WZb&*$P`e=*}swoF(>jqj5ZY*}&l&-Aw&o zVRH7B>Fp{lEK|1M{Q2bVuhLyvgW`Q2IwMvekSn#=HI?~EPt4oOu&v9C;p!mLj0UmE zl||MF6HWze4(=81z1ybT)FRDYDF!W`J6;FKT2ui^cd@^$fTX+FJOjtxn1dMyK}9n| z3y4&A#o8qIoXaj`N2r0mp=}Zd@e(k`0w(w*vFzyGr znRC{+y;CA*EA#wC<3>dqLHT;$nfYnZ*wJ3pBtXd1BS-^v%%8j@?N*v@AlOn<$+ z?lwB67NY#($W3TlLt#jc7Lgul>jp|cC884AmVbdRv<)K{vOy+}sFjFIwm%V2%KI)> zj0qU-yNz~SzhjK36QmfM2oG626tbnvk9|1X94Y_yU7qrbiV3wrlT_d)8QaRAlBi2i zzrs?InFFN?u)DFzqN<4{x@wUL!#tYdZo?l^C)8ZurN3STIA_%u@w~h!;)S+G>~OEddQ2WdpbN_tlIA$FpxC*n${H4)ICuO>+5uae~WEUjMt zKBcP!25B+*2Kj+le!l+2vw%)(64U11Hbx^Ui?V?f-JN|_@h>*wP^L-5aV8{;;!!qR z8xmNiK~!|g+2fFD(NY3cu`0K(dZk4S(}L;8h8WQihQQX^AL~LPY|fyNH`z3P;8HF< zA^`tUZAk1X{R_q;*_RwN%e@_Py7Po;Ao3p~4AyDLkssD3k{{+eU@ zAzh^OBw?)ZazaW;0`y2n{)kusIuN5N2pZZ3EQ&p)@W|IGP^C;SS&EuFp~@(cGc1u@dxRTHbrN1ipU7^d%tS#sFW0kQ3lzl-iFW#0dzadEVF;%U zs&A4HZJ9yVx6ktJ#Ljoq&KLw=yh@5x%pSN>w2sE#@I#IX?zomMrbX2WTHk(u@X1wd zc`5B|=he|t+C6ezdJg0~j0kCIH-Vq}ne{Jd1=Bx?N;ZB0FGo5k?Pbk6F%8_xa?@xbH?>c&k|=Uy zf|3W?!GX#$Ptv7EnaViiNR2Aa8s*()AF{Pn$RM6cY<&4pm1$U=0HiWkiq?=SlBsXh zg=R(7FVH9MQl>Hx)?yZ${_ccl$&ducpjod4yZCG-gZzK46n?S0#_q^z9AdJJmqS=g9jAhbp00 zq2h~MpRP`jFYiMARqqSO>jm*9vCqUovuOclbH&P3qX#oE9*VkeckJbI_E&(a=->Vi znD*mbK?p~FW~F6XqXu>e!S*1=r;C;fM{VqfM>4ygu1E+5`fXap@&nR zWm;6~*qOt6W6gsu>lxZ^V4$8H*u)*R&I%cDdy-y7P@?}~qF^iU+7f279(sGOqp z_kpaFZ#F-v^M$PMZZ_W_*ZVc0d@2}_+_y96QzvR>^NJIYv}h9n$T~IQ!kT>KgZaLA zO4CM8TDSQ=m-rEXQWGhNRsHl9B7Df3r+2K)m-NU9U{-^y2ZS^y67ru~i3R6ggW;`+qSZ+_f^y~2E zNnAZN0yZDuAGvzRa2i^4Vg)=>0sNFV54%FB7bmUqKv}ebLUv5BLyo@$7D22 z%;0b$?XV2%e)_Ns<4&LB!cOjDA}FxqPk`Y6AvTa{tVPu%undI?BE9#?3^a89@_p0T z+B!e5-jC_CLb3;6*~= zAJGF}6Q>W(;x$a2{>N2zsC3me{7@45+i)Ys^>;bnTgJ7_Mst@1F@}wjMrjeA@+pHxvckTU8gtE zVA2c}TM%YBb_ccf^35rAues>%KPGId#I3Nh1lAPjNjb)<6;t}<1gfrZwOXXjNt=cyy+8V3<`Z7( z>cm*&d$tJ71rAT5=`(9%VD^!@r!0DfY74$~(c$>b$RV_lO2;XOgcmdGsSv3({S;L5 zGN4mGNfKC%4g&Ub$-~M{eI0Vz*MlKhHD+M*^{<|OS~o$~C?ev+Czq+>JdMeuTj~%V|1QJeZIxtg z<=rOnu`uqt8h4__FMdL>sE62(HocD-x6h+C^4tY*|4R3LUUVy(p!ZpQQ+p51^!zHu zQ^5W)VOyMF*IVW1i0Y@L-k+)-6sQv(t`@%mvlo!4lwL_94HK}~HR4nG7AVQY!sf24RCTlZE=cU(A5Kb9sYKXj=#Q~8murirfY#)z(awsI@B|N zFuHFRYxM31{X$V&?)xqGM=I7AWOwo*E&V5u zTe16bo|}@N3qm(|J>1{eF#bmn^>Amg{YSVMt0rCdTugio+`G_W8uEV!eQy=?Pxj9L zJ;8>>yns95U-9_Qv+G~+KM%0S$^Nu8kX2N~Dk5f%fB0HDU_thfj5L6@1G0J%LDv$q z#y@-`ov|Q$N|qczI|f<3im+&j*~6L2i2gr|Ej7HT7Rrae;vtMtneH3lyb-mX$~>8q z_i?K?YLhg%bO+}uz&5o)k`kWAsyne3q92?-4_ka5TycY}R2gh7i2A+$eCE3L+drZbJoG zz4d=l_KiWB{7aY9nzn7*Hm7adwmoedPusR_+qOMzTRV66Zp0gL{}Fq)KK&x}T<>`Ri^yW4Rnw-gYwef!N{J0rTTI*OskpQ* zQu*(}`L04Y$8hb?1tIqO#P@uTlqTuaAm7)r_kx`HNmt2Mmdx?zFUVAu&=Wn$$@S!Z z;gp$KHOeh34LO41kJn2JxuKq~e5v1IUVkNL?DQ(WN~!C*a@-j+(n9pZN%oywZ`%GQ z-p2)8YpnDBq+@Ld|&|BVwP`ID6G!r_HijAgpDE()EY9)POzYo!F$y|1m zg9=N{fj-K(gmHm>APLK%)W*V%+E2K)E`*bb)et z-QR%`g0!d%V8+!3ld0(e7p_Aji2SIyCZD2ug7(5+%~btGQLU9wmb5;>o^t}3E9r3A zu+~?N8;F^$q4=hJN9HU*Jb^7rV<57M)92S#U`kPhS;a1}?r8|FOJXNPqdADYPT;4P z4^B2yY6Yj(IxA5R(I$87eavy^IQ)nUF1Rytn~kTMAnkhmC~7Xe*9YH}<2PlHLxxrE zWbIWJGB)UP0*ktGjLAV-vj-9hYYj&E644{1q*$8BlZSU+`$-(@^88@jS4Z%w2JQ$4d@>QpzPah_#|A%Bam91V~# zVSefE>;mpB@$HEVQ1-r_rDeuFs>lnYL5}B&Qs2tHbk_fN0P*D5l{{vwXy2a~4uvKI zSVesMyHg!_UbBqCMhMya;2J(>*U0)b1S0EWpf!b zENVHlP2fCCvG+iAA~?g}wWHxvt%v0$OeF?q?mXt~tGHIPH6FI#e)U>2Y@dzfHWfC0 z`i&&K3Y`TdhSTl09nYsPum53~($^NvUN9FeSzR8A8WGG+z0cB!q?BwidVqo*HlbxX@6gwLe0RzFmPCPtN^vWLgCIs|y zhL%dsHc<4k1dI#}Q1qe}j!w=5oJ@a@(k8ZM&gKM6%p42^|NHvaU2A6(M*@0LYXfH! zVG|=eV-qMoKB#{`wp1sA^jCC3%b) z(CajzrVwgy$-&mY-VE7z5D9>a0T?wY50IPw)9Uv0EkpS z#au7vJ2G_TQYZ+rPgTTXZxe?MbS_wCW&n-e42m&kOgzA8C>m7ZTXkCS!+Q*?5G`sR z?T!hDd8+J4WelzU4ac7;;{Yg9JK-M4;a<)hN)nPKHKSfmjI;EGTsgqsO0^h6ly$_&PiQP$=M8FdXzwji zhY0F5Y2W!Pr=j#v?q+4uf<^i6^zU>IZ?2-C^aSJ;`K6V1mP#9o3Pq(-RBBkfJhpGg zquEhRRmf;qy=u4o7u(<4j|mNCzzssW=_%> z^lu3h;D7aQ|7@$y4|^VpK10|4=F{r*_;iH&v!|OQmh-LEZoqA)>gF24zEH#lw2Mw5 zH@Ke`N!X@JbZI946-B-fGESNRlY=h?49ZNz$dU=pA|%l<0@KIeDiT=CLUOJ!$_N0N zS}NcGr7G(O#usT7G#_I$J~E)}6x3!u(C+~;hP6ejHIC^2=NVDQi1XOfg?J(0F+j>B zFBM^{(Xd|?JnEtq>l06QSh3CSjIBnKfF3J=Sug_?3xxkqJSS8pX}(ILLcs~AXpUB7 zc14)EauChnle!l62#cU>8%E>Lv1r5b?4n*ZB6O?~mcFxibU_ycKv6$3p`4?ch7FEV zwjX5OuQ(0JP77xGmz?+;2UKWFmY=-XBb0Py@FHI>PxY97Jde2vL4% z`r82g3d*p9Et6rhp#^Yvj*Z`)}*2~ND5e-YfwB;@XqLK&nEM8!#Ac=CjqjQq)8Zyb{U?2cCs%s-NT3!6PGZ3ky!Jqg}y7 z0@R)W_~i=l>g_l?%{*dHMETfUJo{!=Veq6x_~*BQk@uHOyFhuRBK?W|$lrOTTbkeg zXWQwt{0x@fjvfwA&LAWP-j3gb>iip>8zJcUa#x2BI~hxFc&T>NEoylzIRnT!{Yyg| z6Ae>K^Ew)MyxX0g-fsg#9ktS$28kD2+0tQtsncVpr0RYk*Q4llI(rA(pN`_&AL}|+ zJy-U>PpsUEe2#pQe5O9jKi6L^PD-+JTs+SomQSk|v`Si@A3ooUe0v_QQ@%duUz4V5 zoPCP!sk8J>KO|4oxO>)Lm!@l6eVXnovh*%LEKk(jK6G)^U?V-&i+`iTGxoMMBZ_41 zc0u*y8sz<52-2CCMzm}-sxpd$u9s>!F`5nG=pYU;n>@i#h$$q=S$qM9Duo8MX~m5B zlchjJiB|C`x1i3m0JDOerQ6y=)CsmIUJb;1t@pvR7M7)P znc5q2uX3({^Y80?)Fnl1VCI6d5cj=zC@G5{APYjH{WjuecR1)(y2P9$rA|6egG5DK zQGfmn6$)8-gNWDqbR&kI@un2oZ z=dEO?QPbTyrR}x^2;+EVCK!Mz^GhidfJm9s-GMPCw8cQ&_$?tTip$`{8qSWDI9k&g zL$2rFnJ`=5wY5k32YE(9zW(dqm|Namb6a+ItXrS-eP5RLmt?Ju(Du&*PWkd&JcRa7qp7r1$-B)r!62|l7=2rvFGU3`uD z-Yo}8M+kA3OT#n3JCaHt=6B?gd*pg{O&C6zuI7y0{TM!9r$@e<7~YEoJEL->*AV!h z$9D_#6Tr%;UtPbL2-^se^R-4n)pfggH?%{z;pKc_;C-0VE^Fhb#e*Z&2@f#*}mVLqJgNM=g8uLzu8BJ zg~A>auXpvi>(BgZ?DmkC88PQosAW`C4hWQ9%cmZPsA`FyCs>Vop$(Jx)i|ay_|*y| zfFRkayZh)ve_IKu=f0WPx-0w7Fi#l_=|68mlqcjUIt{|3jD z9Nzd(^2WjPKgrv_$r&RvGvj|t&Mr01Z8z9ZzOGAV8T1=M!x77V2cX*9kn5z7rWLwE z&I`$#aG_aBm6MQ9gmk@&$Jdi;bhC-B=RqLo3TL0Y!Np2Yh#$g3$%_djD+5tNn70$X zEG(Cx&64Ucfo+E^5pJc_DBe{oN{ja*T!FrQSAuc6)Dh4p|LJko6f2oUFh(^m{t0F# zTu9*E7}t*p)pFUr#OuO!owY(6jzne*KAq_pxak|$V|auHTp9o=4Qr9u10|D7pfoE} z55e?gIh|hn!BSF;e90m+3k!llLGJRdixhIWVU^!%jn)6F+mVW*97b7$>@!?H<*>Y^ zjiR2)ym!$gFhcQWmLLvFVSmwSVRFK>EW<@u25^Uo^EPIb*+w~Sddn@5^rsMi&?vK2 zAqtruIzP^uz!CzYtXJ8@5Z(`g_)Y0c5NK9DXz0T0VCK~fQ4*;RW~~$%5`ErlFxHkU zydJ<~9jL5#Dsz=jGCI6qNSQ{^FU0l|>f|40J%9eYf{R>uhQ#^0YYe6#O;6p)#7*a2 zriQ)t5;+7t_t;0A0#9Rw%Sy$Bo69gmF3^6|b1gN2bi593Def`A9))yalL1v2jis$X z(sV4k0tgZ_BO0#*T2`CC1>sWAn2d%2^|LG+gz z81g)JgN7Z4W^}vh8SbH&`dHO96iYwgmcCk@<<-?3(#_gH$n5<%YObew6<2)Ev=wvH zVFOZxv-WU$Lp+2=_E_ZR7x4A00q?r8#{vdo5X&DS7N9PanhC(kwt;4Sb=hq1O&YND&v zSsbsey}dD0&^Pi=!c%z11tZ-{3h0ZC{Q(!d8b}Lwt=iBImV{%D%DmYdg7KGolK2E? zst4p~A{7a_!(QdkWQ5nf_Z~&L=#J-k_u0BKbjx$ST3{a*7>nZ%D$}&;YgVI_`qS(j zg}V`tAe!@TF8(-XlhjT0P~&8G1FVEUu&;z?o*XWp@LwU5y$$`2`qfcq#SQTX{$y}i zOi84*9?=;;eGfcrSM6C?MxP1$wnx$xHpsbKcjEj_%~78Z?9~Z!!}g}cR|8TSaYu2^ za|xU(LHuc?vT=>&q8VR03AFz1+w{M9dwYu`AU;&{k5cyM#``s6{5iuihY;JjMp7~1 z-MKN=g6J1OF(E+64}3m^LOGXGp8Z)-N&Cd3&@{W#qsh>nX_@z(qzXM?x73eZ0?3N5 z6@ly)?%|;54p20BsZ!rk@36P>!O^2rv5M{h^^Ff_uwU?o zYofuXet)RzXy@^JHjZamPuuHhNC$&gxkk4>Nbk~E;S$Q!=RHBRAZk1Cwj;x0()LYN zFV!|4^YbtsFy%`>b$!KFELcj_>v!BxB=~mt!@vBj;zoy7)eQ`)K^<9ryqQPiSj|xF z_Xoj)2`qt%iIjD$XKYo%#JM;yJIfmiQ%}yx$ubR@X)kPIUf~ZVwn$nq8m>`uW^)|1 zU&$>^=!l5pWCY?#hyrix=sNCp*gI`3}ng~22j5x6n` z+_5C#AR|TK9CH~WV6-ksgGV( zz~fvBF`BwRE9-+16V5(g)3{3E1|tm`mK4ah9*zU8_k4KH!(mT0e%D8KXvhJh@0pWP z_YZ2n<`&gSrGo+wHtts+pO1-;5n^btz}5R#(Yvs%@1P#rBcPw|!-+E98)Bb8sh97f z48g3Kjqjyv_Qgu34vEF7b`eJ0EG9a5a=U5G;gjP+X%NNUYvz}O!GzE@MRy1E$?^T0 zu?PfaSXeEVN9*>yp&r#B&bHc*7oi%*Kq?1uqibN8SMDJ*#s0|od(B`8d5ABW8d*mY z8Z3?o><0&fEi?^NP?(~Y<2OQ^?0b{V7Atxv8zwx?(X{N;<*MBT1~AH+F!J>nq2K1~ zaM02$WZhH1JFH|t7!pG17ix&nnuUX6Z4}9lMUB12c1An;BL;N6B{ateWLBZqzK1CBCV7F^p;&R}5As<}by;7C}zh{&w1FMS&q#wum#FrhmwMXhpP#IqiQ* zRCqrxY_yDQ#rXGZnyJI^$~48<=m@hrY)ANCW<}IT^fU&LYBV9SR^&HJ8c{YECnl8| z(Og!sA}S{Z0hv(dyiGobUfEEYK(G|OkZFV@bSdLzxVvWz`(h`l1@%njDZfp8zq@oo zz{Il~!W4cA+#3}B?fRKdQ6rywwSMwJ>-xBXOslY<+_xop6>AV_&#F6$)s zxHID$bIh-oEk^!VdA#1$x*i!ZP%LgplU2M=hTR`^d(}{X%P?cuUzNr32R2}XPn&*6 z_;9ody%#L3lz=?KbL|eS?aID8Cb;7$D?8mi0T21M46$=m#-(#eo@aznQ2<=DSyZ$m zh0Zi14CjQ$Tml#aV(P}G#q@o3B46%f_KqvWf;gO0@!tXwB8e{ZKkkn5=J*6sTrlG9 z*B1N^!HGC?ys1e{K4IcFp`Wiq4nyJbyG(-E1KBh1FkzDKhJ91qpYP+|;bC%3uFyN9qmXJ`i^#S~NMpw$ztC*M znVDLK1Al`im`Fqo5~RY(q|QCvUSF%!Z!e?ecj05C84a;QDop z(d+}P?<1?rtWdJ^oQr=-xqlyLhG%wkN-)eWSBoApj7LU6Yg zW@^0?KQsU*gVRo|!_BpXY<2};wZA>qPll|i0jXI>pBt+NH7+DC`H8rS;s zG#GvgbRwu(9j*)THjx>SZ8f!GUKUuw)YaH4wLn&G%1^3G{>1dyuU=3t+-iaYtL&f| zCm9{{xtx5!xfivO?hOjTmDB#KpGl@FjWXK{1T)!56{v!3W{Ocnr-uo1-{Jbwqx$o& zS{-R6lLL!1v5d{7Ke7W$Tk~G?3*Di3yGMr3c>)7-)qy`$A*MaL!^4ZcoV@M}br+;* z0gkYxMX=FFRLSCCpj`FkJjs#uy6l7CJWeb>Zb(EmAT-0KiHvlX(}~+7KV<0oot2th zh|W)yocrRCMp+$_+Fhf+YnEC-{K+^$ zIP7to{qRk%>2zml{3DcsZ^9DMrVM}__%)hI&sAqj12HXBtl+7Fx^T2$&p+yU(Hwi! z3}koD^uc4&me*j%l^yjvmv;n&WuY10lqEPK`X2K$W-*(?kZGOsHo@}Y1ILYxEiu?S zlDOK|uXK|p?{T;~_X&AE_aw`c8~dT;JcHU!9m zEQW)xg_jDPB2Z!JV30cq3ag}y_KYbr{s@fdgD%DJ%ZmgmrE`RZ-AmbtplBOsk)!gW z8Yi&1IVt@9Fl+4EM9oy2uU3X023S` ztjnweQQKH?q1l%O1zAwT%qX`g8QZ~iX0sA@l}ER(%2{0$O{lXXo9A+7uM7_9ai3AT z>;!e1n`%xxJ^@|NZL822EC4Ytn&O$h&Xq_U zw{aS7zof}$muySFE}L*5?-1{Sy~I3*FYr5BW);zj+V*3W;4#n|yfyL(hlJ{<#VdEh za8PJB+;@D34N$Lt;2NwP|H(BN*_fFATdq;0er~tHhVY%;BQ)SAsB5H(^0>JSWO0B( z`<8y`gE8MPZ{3b&Dpf7aIuY`D-Ep9>JW!rt4S|3c+qrUmB|g6CxErg*YZ+=;S7?_grc$fR$;_i$znk1|TeBfq zZ=~2N3&>2?=FO1hN!!2|U`f*ukG)nt`b^B;cx`T=VWJE9t)^Y6dLKSJft$l1)rBKM!VQMSN|RnHE|)M#<9oVfG}4_GnpK)B2`Hd_PY7tydo;) z58)1Nt>tXsT(0L{Ddqxy9{apT6&2&A{dO?~n@}qVd*o)Qmgqt9v@s$bzzAnGRj1=*`(jDU)S zU(t1(VO%(4bh_gV@9~$P*9la)@WSDMJLYorheSU=E27U6v92P}y^*oEaA_~X=`2&+ zv7ZXIjIH;%h6WaU^a>$r9w6lBGj!{XxkT9K7qegM(QiwWr6f!Y9Zq?@J#Ae_me3zF zYd*AXfY?E>1eMLfd27+C=)r7jlYkC3B73|a%?E~Z<3VRaXvVY^WBD$ko-yKis19tg zV*xU%!Y?3UnK_W3kTtuRQtZObnT8Q&b53vjvmlTzf%h6#JGH3A)j?$~c$liw}`R&$t+?m!uYuS^-bGY)?8=1T$+ZwOQdzPu_$>fpoG}jz)a0~3TbKiof{kjdS9@m7Q`qG*+3}4n$ z{AJ>)EP3+lWbn02mA_igE9Ur|&`GBWqO|ULfI$8EA{U%R9(&>%CiR9&b8?&iH(S~i z-Zn!P_bJdPk}H-?u7T-IV`nCxw-3z5m~~uRsBvx^AJID+j(4i zBCOwf-QtI;)5AbG{{H(75P!y>94Sz{uBs@q88gAZ$ax#jix$7bQ{mrDv#X_J|AyxO zYV}EKR71i?Nj#H%`KV3zc<^w;vJ4p0M1-7vG#F*y;8(zf@naI5t5eo-Wd(9~h%7KV6I#=LBHWQwCoqLB|FtN@?A?EN|(Z!i5K5c%}LD_kjQw$fP7F{w7)d$-M zIAFU^OZiH`LZS(fYDdU_&p(VWZG-rVZ-}Gn$grq&+Fz@wumwYkD;KrEGJ#=h>CCA+O_WN9Rb(#JpzB4 z7Vh~Eq2Tz33Nahoe;{29&LPRLybd3Qwu47*GIT@q)#fPBAn*#V#erh%498 z_3vO|U|O4BLhNND%-zjmT+e?tLybcyv|$(r!gHY<#=_ZY@1fvUEukn# zd+fiRjjXQqvoWmBw1F)`@iNQU;44%G;22!u27SVa;-e+A^$fxhn)2fh7NbPaB2PYu z6s?WGNf4<;vAcZ%yX`tJERaB6lyUkwhn{%8&EiM26%Q?;{hBAW1EMav$wqL=l1%N8 zA)+Wv7d5ilp#8h&%+9js{3HZDXC06GyE=M{+uRQLO7qYp*yx@PyPHZs?bW!%Tv7!U z4A*ltO?E$n3>cY2IfZvTnfRZCrnI5TE?~qOC9=d}X`ICuU8^uEBN8P>v-?4)O%xR^ zbeY6Qi+pA%iSIiww$!u{$VwlX!2x!CP6N3j9y2k@?~O%1 zt)RxN7dt&8viGmXaBzDdJ#P-Y4f|FeDk^SokzEDOKwgN%>)q^d-KPc7VZJsc*o_=b zm4@n$rAo@PHu`iIfFwuG1DBmM8u^)&FZveK6aN`?EZ02D$bbTZbH-fyZMWV>Agl(C z8;U2yWFL}#;+pQGS+b<7vhc9ryQ#{^&x4KWq6%$f_*d0P-KP`Oa2{JX_v__b@XFHN z%*KZ!gMK)|-)(Xl)Bt{32I7^(9i*b0=~#OOnFBmNt4-NiWiroO_=uV>iZ2fQj~}0E zNc;cvq5mW1u>F5vj)Yx5148iiE2@(-oP$m53NdXFm10rzp(rN-uu5TVgza~?QRojH zxGEZx;puz!Yf>aoTF80In0~+c2(1!>=E-JExBl=Sp^9Ex!@nhplqxzv`gnPMd2Jit z3D9%>b=LOKG(`G8_=RlflO{qt3U+a|QBY$vd>PrvA164bhC`5DxOk9!@4x%2mV5*P zf%t=0SZ7|3HaG18TNrceL~vj+5U5cV%a*vEcgkn0&`s709Cq{~I|G;0>=M580mNU_iHJm^frs;sisZ7-!=Y>= zHI#JaKT{yGTV1*`YS3%(_EqaSrdab@xia!Xsm#9tu--~H%!N=%m_8;5@Mc_{KbCj! z>RfCj;GpkI2l;}GXXF%u>AM`rBb9~|LPRK>n~I;N$|4#!O+DGwzWdq z*uBxCI2y7Y-`&hOn(#F^9RAU{z5Tt897Lha`z2`_$3r(pcuEq9!~Ih3 zND@O`hAl6RVak>Jn@+ztviA8pBDCUjP#h9Hu;IVE^%%@}dD7s;o_saweB4Kv=uzV* zN$-=bZh#MsZwxg&@jqMe@wRCL`BQr63|U}I@l(2vFnfGMcPvc!MfFj;0`{<4<_D$r z#q;TRlLO2P9||Rjt4TZ_O)H+WECLy#nfXbd$wCFJIa^W7q}Nsr=@Z?>ukz=!hNm{a z3#?*A+^k_`gTJM8(tXV?rb2;B#A9zMj+h)u{8|8J&XQPl1d}3;Trp*PtpkTy0fc); z3UtV)7lk~4w2r`>Xcu}JZyDg{j;e)3W30jf{dKz6lC$QA!d3gs^;sA#1W7;{a;0_FIVDU*i~s}>IA_z1q3J#Ug!SRe}+(fVKk@;XYQe; zwT+20wHr7J4sJR((yFT>tS}IHi76*MMdh2LO8pTRHALkFMC}XZfP?%IGp85=&XE7! zr6n$PipqScEqOrXkoys29}{1_*67*ObWW$&)#2*1x2`eyl6CbNGmsLGbSo22RsOl$ zsF&h6FAT%s@0IN+FUCO%um=X)1MP<(Po3HWJ;Nj4T$|$g6XtU;^L5BGJh;FNSVv@J7pX>gH??Zu=;2pt%)sTwuQx*Gnp{ z;sck*wo&bBPc2nojHmDMaleWPe}5C)iwMs|L1xvHUMx)&SCdZcvDH-MIFUFfibL_| z?sV09EM_&;)X_%5jzE$M^88%Bj>nnrAm~_V+I~>c54QNCvh#p}l0*RvN5zoslK%p{}%!%2Y3Q$0dI!hEXK<_uFR*-PY5H)!9kb^7V zx$xDoGk4rJ?`f8Mo`~CzMB$@D{{~_SQ(gZDgkfa;PlRD+`nN0bzoM99|Du>7*B%j^ z?V%VO2aoC$BFaL*0IgF(NloQ4tHk; z9kNRDDSuKD)mN6mn>dx8)Gc1PDoyQZHW)klrtbuHo#-|VlrRIKc4f?#^zZI9sZyJg>#E-G%5ZU3Zvn92I!J zG6{?wyQu99b?c+j(yviHu}rw4NGQ_ffS%QxCvV93cBr%HNd6_7bMUl*QD*-X5YGP$ z2qP=UznSL$oAXbp+t_7tAbe%(^@*uc@nJ{VTxrp@sk$jT({I_yG!gAi<=599k#>E& zXVk$$V*?r`oVi3Iru2`~F!{4F>F+5%7-Prcgjt@1@Q?`GQZ8q@vk@goWq8;@@5Mf* zEB8&u!GTD}J05SoLz#~o!2{p)^S@Ib*W|9#?($Q^gcJ24?%lKnJUQ*&DhQ%JJLy@^!ak*_N8h@tRT)m_t4k}u zh9>xcGH)=*5z+GkK^nl+&|>};B>)@`-yDT{zk`hDd**F2w%bGRyEh2yZ#sw?Rz-dM zT_O2b8fe{r(D4q7BaMK#lk}=F24K6Vy`;2DMJk@;VkhdJu~|h7%qf)MJ`Cv!At6Qx z;)0Nfg~7MaM>jA?3-MPuvOCa?hC@@-w7BAY4u$sVxzxWHqB7unC+|90nXIrBt5NXx zm>W!2Hrhp=Efcnu?teg^Ek0i@(71To>Hlc+9z7o)MAm6=XsA8~jsjM6Kzy}`Bz89e z|M3gjR&A2rA-~FfLoJOJuV-w&zR{88wc36sKv5V(S8iY&g*bChf^9XFZR>Dq%QVLn z`+VkjSya=G>;2VQEj3ZU6^E}TgA{^;QIeLBBRHO1oQT*Y29ub{aA4nRyi7}&JQ6fq zg`*M@jQ|7>WTP+>e3{d^B*XA`&mUPNfbgy0J%Vb(*0o=iLJ(g6sP`s>7hj>w%6eG= zuq@-U=~^@01XkOPjn|4LL;m=~47qh|ei?`&B9>rxv=EbVSN@z;MH08BziYP_)6Hux}@#wPqS0UY@V?> zXa^~~vtq67WR4IVZZe5_DA1#?_oRKk#lG%7?YzQUIz@Stt<`pi97EQQ7Win}_xc8> zguvYa6epPFavD}bQOwGUcd~)~V5y4shCA#A`3-B(nT?xshl%u(Nmhgx+`QX zjk=MaRjO+&2B`y~fzkiyL?D9wWHD}|<+4HLAZ0QgQ6+4w>R)g5sTFOJbHkU~5@MMP zy96&te9Kz15o^-6oBO-e8AW~l@v?ZJ|C9|dLzPCt6A`-@Slf zns7#>2b>hZ@CZW|+U~-$m{Hj*6a7`f>>}k)*lI<|0+&ILq2%53cj5Cbs%)bo!nb?( zb9Fc)w9acrsl>!ayT7VQ͌HrQ~}scN4o#f|?I`_X1O4;y`H;YLwbMZ#8HW3g+m zHX)-L23htYRDo4)#ry6|?1}27h?6hF33O13j6r`DxaBo`(Kfc~MyU*ntfl7}4bD1G zVjD!2@*({#js=G3Y-Q`u4>|2@wo~0-^OkZo%z7i-;T={C;x&Y^H$r!(%#V)l;8R55 zNJrkx)X#V&laG2u&xlt%c9nsMRE8X7fZ9U|T$CDIDp#zFM~iVebL2fwup#g(P3?7a zl% z&pS}oI}WCkLG3?EXlaM<_exu&GCnen65ur5(CUE`986PUl3W%aQzvk$dx^aKC*V(q zbEV{7&MDrhaAWFQ{YLBrHK3fu0si%JvyUQi6V6$NvJE%L*4`iw{#8m3kGN`d%MdUY&VS&W2f&~-x}4lrgPp%P#C#X$LO+0E0g)>X4=P+VVyHow?I$NV zdqR98b3u6>GfWRAevvR)1TiMxf2XK|)e@h8x)&bL1za2CdQZumuO~i}YiEVr zHBn#03aygzj8Ee~JpeT%63o(dhGg(p?mdLg`vR#7ihch>0%H0n9|qHZ?}h8q)UvA> zM)R4e*+rDvSZHJBIlkCZEmuBml*oCirZG$aU8?H>BA4;?UeWIT)vFJ4LZLWm(%EhB zvYc*LWrC#tLJSm6VW@7)bnuhee!i2niB?5uC^Sf2dE z>o)n${!$^T%K(HpNRg~;`2kT(Yl1Mu5Tfqf&&nc=R3IKe>vX&FX(*x6%4xeW1Ykt- zsY72LNpWuR3uK~f_?(u;B75)376Z#gQCyVXKhNPSFhPSYP0BAOYRLTu_oB}XJpp-n) zm^BL`Bol?D3ZXn#qeUHyLz?9osSttE^M!Hzl5SObz23S!yNaF3@$Kxe>Y*SaA&Qvs zmm!gd|Fig`hr4>kLLrxpY3OFZuSb-)Wd)B$fA^#CnSFaW7$zx#0GNH!(Owuq#JP?H zVlxUO{c1Fwc>VZQGTl~x_WlqApZcR2bGd|Z#Do}XW z@6m-7YhRk?YgcngInQf0#tDD2+;=b+Q1;t2D(MfXHidfH$4h; zRSWAYPsdLBkvM)>>CF>@Ba01wE zH=>hyw9~M>=QHS-?JyizO*G|C##*iF;cnqQxA9WsC~@x&UYS5m`mCA`HITAbj8&2T zwDojEUz+Ip^r~&)*@^f&l+2iR;8}5i)@>~9!##@X|DBFE6@FB*+D)(535q&J8KRYwXZ!nrE(!(yOx{OZP z(FDamgf}p|sQ$b+?-A0f{pv@Gw+hsw_4AnTBk;n_cq>z<>-f`m_7?|@oP($l@3b)Y z_MOqtNt~e%=nbQ4#}}PUIbKy~*EbZHVZng2tz*+l({&@bn zriZ}(vNKT5~NO| zF%;UOPX)6bJL)tljNok{23l*jX&$b$U#70BUZncu>CvT2U%ai2^d_xHw4s;lqu_8jM z>42@Mw81PW$Q}$4zM7*syCFgmW_(H!oZ7zYl?3c=-XdX4)D-89OP#3X^5C^3Zuu++ zW1#ub2rTIkuie~QC$bW2$JPgzh!(2+@A=SM=;i$iwmx%~@cRX8j%lfz42pC?KgLv4 zvugFtndb_Ij?=5a^xUmq_oub26W*)S7kihSRp#1ORVB_P1#V`%C$t;3mq*~|7%?{+ z##>^8b+L=b2B9pOY&h_3U%(lpPf-40h6822NvT`H4}w+>j@gmS0xQN3dE|w_ zeEu3b^@j-Ek)o;6SzX2*E>qcsF@4c-HY}9|z6`%nqCOnwA|bbO~55Rf#q3Mt@wm)tG5y@EH#_7O@`znZN6&>n9ZYE5ob zxPaXR=ta64rk>sVJW-?baQe5Ndmyu^Hw3$Ow2FM!f%j>SpnWp`UVPWuWd2qM;!lHz zfaW$BGWDKt178fggMQE~A+n0#)x=}Eq+UKja#rw?wOTwmFcF*v%=8XrVR2=w=ltU< zm{k?079hUOP2A{B-QTqWw~faisBCn`6pXJ3_fp~?UXT)_QW+fpKwp1+E;?$AbP>f= z!^m@c2i`62UKc$TtDtALwN0mjL9({z{Y+wknE+u-i5!? zOfggfc^35fCxqfneZ~4g`>gNf)0>r@Eq0JPl?+W)`{a6Ws4Vk&DaxtAHT2Lo`j)BA z{DGzBI@44L?0N)Yu-TZV;mt~_t|~)2T$57qYi(ebDFUkcbO7D}I)TaU+{O@*eg)y& zcatfKhBR!pJOA#g+pAQCZ6Yj6j3~WMWTU>|zJ<<-1R2dGX(v0Q*bJv3ML)XpWi{{x zNoTBkwf^{h*4=rLXQ-_y(KT zm?ZDrCRvYn{i!de3GXhXQkIA3+`4_Da?^DFY>@VNov>6U>^v+|@$+Fc)aE$`lgM2Y z)u%IDa@F|*4}y|w7+^xlK^Z|@97S@>*q{5}CZL$DD4=dn+CTI9-uJ+>`y!RyMTb#W z1jDh?b7;!3nYtwx3X5Rt298U72HUa@Kh=^jGLP2}!$02S3q(TO4f_u~i1{CcI1>}| ze=WqDG_{=eIsV0iZVJjQ8<%x_jOTfEc$;_|GK`N+JR=+fCA2|OpGem(YIX`D`-X@0 zCsoS>Xb$gjC32=kz%RgVLV0N*^MRfrh{eT^Y1!QPui{{g5j?Mq*1Z<5(-bCIG?owv zj(C5+eV=e&6v|QGE~J0tWM6&VGOOYpi3b7ymZP2pUO&toT9|)d_(s=iio8fv?=(;7{aJl#0)~NI8pJtMdzU)%I5vtIO3CI zroe24kvcNPotto+9w4Gja;o~w{LPmo9sZEQ5Ct(=6x)^tIk`Kc+XkgVSr|5VG1CKV z2f6bJd@la$s4FcVJJunBqhMC|cWjfzPY5)bzlD6StF)BfFeDT5Cj@kp=BBeAS&rud z7tE89^UY->Wr9q&xx3-N&9b1+Bnn~BOXS2qR0)cMkmq#KV5nmp{z!--9@*-AJ#u95 zfBE=+pWfDWsR)Y;^gwdN*Fq?>_2uZ|dJ^6!D$-R5f8*+4-+-c$VH71iL9;?eg`QeXS?xj;ds?&j0bKtCWuJ=Hr&cMD z0Y(rIVULp_I%Y2o#Q>1bPKywTnoY={Bn2J-MnW|N;DtS$?(MaNzNYAXr+(f~jJzJC z%=AoW`}n>%r>nEin#fhQGZlmtm45fR`qD#h%wC-BE)r?dkGnLY-@C8@-MiW0Cx@SJ z6$hJaW(R=h71vEDer{XUS3)Zi{2{>yr`OJqA_!n+jfovF(Khb@GZI%e1Dc{jp~uB!_D}R)Sio3lTgx(u zk6rx&ECb(87K3q%PxRya7FVl{;@x10v@}C^MAYaA-JDKsk_{n1CcnQ_6$GREbgX&rz(v+gHZB#y zW8q~xc`On`>6J4|vwapVXN;|MbH6Acbe99C|Uw{jw&0`gOVp=?<4gw{P zhe<&CoQ&Rs^vIIWEp?qs1shRK_P~CoO?;J3d*z}xggzgihk!fGc*Rn7tpr7oK*j(^bc z+8C=+Qc1C-gx{b6R*DSj@;aoQG|FTI!Ue~y?&Ko@`Y*wS!q}{KzwkXKoMW^muZ}2O zUBrPyk^!3tLxUsKydEY=@yM%a)GhLpes8cYu80z>Epd zRCR~`DWr(N;0gp%BX~ikk9@Zq@2Sp#w;5j>(pZF}0b&1r7$v&kk;_LtrNR;pgqn@Vm{=bm%V`9Nu?J$hAr z`4_9YqL3g_Jl>t18C43|=9 zae0KZz$>R^%;|FjA@l_tGFqbjg<^_GXd+(>HGc{*xo2gv8B8WxL7Z`HIB z+>sg+g!VfMngEO5L_kuKo?1Ha-ZY3R)FsAM$JBTSw3>qj&jdNv$|U*i;RN{{H+{CC z#vug0GMIGt6`N_s$b`Yy%~kE(?t)7%nl+ZnR4*8zD-*wU!bs*TK8?mq>Yii zj}YeY=li9v`88C*CzFgm1=d` zLO0a;u8J~3Md5Kx)JTRF#ys`zXbd9DMZ0jKghwC>JDXKh8g$px`0T2mYN)ZO4uS}UhqKaJRxbz&Yh zOT<4)xD&xgZ{`_RYQBRdzy_gON*rNK3ewkx$GHV_NhOJEUqy7y0U`Rk%PA3~W~f3f zs1D%)5`}|rJ%Z$b91Ns0P0w7G*hfDC0%-2YKnqrPtQWngp;vc77rK=`1pJ1`o}-2U zVWQGZNzx;EKwODri5Erjvv9-_r0LpCY*P)wu9QI+f;Ex{!BuhsfQZm^%0?BicHs4A zS~ziGbG2p56ehZkE#X zcxilKlh;UO+Q5(^O%Q$Ik7qIc-Y}i-a@B8@5Z`Q`x-j!Cm3*5n#*5g7ucz=C5bNlS(PM3px{|<)(_vst! z*5SwNMZI9iMZ{@~57Jw<=qJ9?QLBaQ`BypTULVcrtoN43rq-|RDf?0ZT7UO+H&W|o zo9OPNJ3jI3nq82Ua<&~qXqE=ka*N3%Fk@8(lQU>0hN#x-(QJj-*2n0V@+)HqvAa;0 zF}McpoWX<8R3Dr;;gtL`wBvgen9&^u3>l9un^uNklZ};9IlYaUX%$i1-uc(7!KIGw zuZ`*bmHF53BdhJI^~AyVJA={MQ2~8rZ$r)c0Q$&=)&-q8^%NVFCt$e34DVx@&KsSX zosK($w3{>pmglnfr*p%Wp3Z!E@`t6-aWLSjH1~Y+O5wSpc0%Qh<^WgYuW}X-Z9}B7b75o zK^oVF3V=dO4!gu4bAcjB@rTUD?Dm~FdI*4s&H@z+dmYZkh(Z&D&lrQ#8K~?a4_fGN3RVrT85@U1RHBSDs2#tHQ7mvmAHlD;n4x4HXZG ziP8JCa$Pp>; z(Vi#FIh)3)<|iAfLt@!#e(A;;2<{;r^EoXm6MM3SQ&~|Y`Y_QMa@NEytD{)-RR-Ex zj$#g2WzC^J@0R?mP8+tj)YlZ!GNI@Sa@aZQnN>dMyYvc!O}ylaNXt&Ki`s;Dhh6Y~ zdxsr`hxAU0%daiO`aGP%$JuPX4P#H|zGuKToZ;jWh2q92hV{0}>}m%3ukLgzDNBw! z{T6IoS|^jSqle+vx>|qc_csk@UT7VbccNJeQ|cRE*CzXeGE?f8@AKEtt9n^J6IkfV z@Y06>TcPe_&G$87R z^OI@yP4}>0I{=DU$ZwZo$6mBi6&Xh#ajLjk%3(+w*pD*mPn#nAerJY_s`H1%^=CF6 z+A!)*qegp*zo;T4fh5mBh7J2vZS< z(f_*szkvzW8G6ozl4xN!4>WB<70s=^xb%9-Ql?fcJe4!sQ?gpLC?a%zaKg%&2EAp! ziHRtS6xB(L-h0Xr6$s@;XyF))kj0P(2MTjY%G-|Y?ff>0Lebsm9@uOA|MpIb-(4nP zQZPDIHJ5zv>>w5K(;tqae+po5^!gLU4TB}skS*^+7X}!=5eyrd`Zn8}CnHABzYLG! zR)q>Z+bL1E4t;WTMJ4tk1=Q&tN>exY2Gx}`rNA0XUdtD^gb^_*qck-n$9K+Wa6ePW z2F+(Mne7}?e7K<6NH`>TNVRR435nDROmM=0jtU`62fe=G>(IPjlNQIc$311mZffc> zl5qwfjAdz9Ns3E40?6QnJ{w!$bs|V;;S%*q|d`w z{S1Nzl&6Hy@~2T^j>nM2i6vm;&~>N43A8$t9tbTQ?a7 zulVJ%dPHG>`tgUbphh*9V=1`uzDsu)jfJWN95;5b#RqNM^iD{V%th|WIb%kK_&uzh zN!GAqV;r3C9hu?Pr_Z3O5@g1Y7A@~VVX&6186dnZu^_0#Y7#^kCGkZI?A(|=QjK|n zU1f+Iu)#N6?|mSKfHz^0DzBr1YDHdI#+X9zu<8OTTScAA6mIfdTqL+cyvB=lQg%?I z%ZqOoxLC)5!Cm!#XZPsigz;w}f4~b7{zgJSE4`r}b$hEw`#y`t>!L%Pzt+XZ>+3G4 zJ^zx=Z((4p#NGv@lklJom+!<1!N>vlN=^g6^W+ zgxX0%r_)~P={5hxY8Tvwvu#!L%O21hJ$UH37^-%pK6&NR3A0ZL7YF5=Vh*N`8!hf;t-k6VBv4Qa)qv8Abhv?_19xpFeMGRKGO2OG%AS*)b&7SG0PFi2_Dzqw=k zte;bq*B&Fe3?f+Td93f}NS$>U2;%&HW%g!?<@M`Q@E=kqHWm85-HY8Z_o$m!Wm=z| zIU!ewd!WOT_Z)wND{|VQ9(OP~TY;cQFW(e8PVZ}ops@c$al7Gk5Ls-iDIby+->IK6 zk>S^0rF7m=EKO1aodL(hp~sKrLWgAML(9zoc;Nuusl9M=hWwM{qmM}!FOGZ;soy~4 zw_G7yYH&)W=f}S;BwpSca?Z;XhUBB3_Y&Ux95{JPlpf92?%V zlxipXgY{lIQ+uTzW_r!Go|Fce*UJ0lPX7D)m#$imfGnv%697%+8p0R5^St&98fSlSYdRE>%f}Eh`)0{8 z_)Hxv-0FtVdLkG{upj<2tn=$vc(%Tw8b>4^IM5mU=AqC`{ja_8zh>r)KlF|N;odl{ zrDK1<{(tt0=ZfHBw3NFfwb8&gWzE-(8aJ-6IuUaR6iv90tz-!Fn5Vzq_`)$W8%!0L zq3c2eZ%OVqUvpuxF%)0x1BQ|JR3Q>0BBI0+Zff}T5;I0v;cZw55gqgOf4OM1K}#p? z()ab=)Mk|MyC0qqeBPvM>~tAR_5D&RH|lo+RTdQBmaNx>>B|*-t1-lu?6Vv*sz&*9Z<(-AukeF4(jMCJ zE9=MU`GkWwvPAJ&rg0BU$dT;--3!m}@um#2EOH_8uuc63gd7T!`kqZSW-c+RJVtPs zbBTIJ)1vvOSB2rNJ3@# zFz&g;#k0dvY-HU@P@hfjcZ8;8X7mmZys95KFdzQWDlUZrbeUB9sfs zgjE~2Ti2|%c&psBdblkXtFL2zN2{4z)G@_o)TwgexU%$zi;?X`&W@n$2a;IA1K->BXhDoM$I`EW**r8K@@9e%TqonvK}2fD*uAWD^|XKX z+QQmlpkaY1)U)nDK$#P(yfDr7>a0eF$q%=;y(?#^=z85i-sgH*GE`2|Bm?@07%Fd; z8#=usH}KhdU&w3`Te*pSHqXQrc80Jm)=zZrH9)lRLUI1LVlp$sOcC;7kg}1Ywzi#r zw+OZ%>oTuEDz%WpmpC2*+bDW2`(Z>8hZec-sN1z$o8TrTeUO;^5mKL5#tjf|w2umJ zxZb!b!fwUqtdbYtxNgys}#Cn6o2~Hq%fKXk{CL z7aCkpw!69T>&#m<92AgTGD@nD`^Gr(VEsH(lpjUD*<3SibzPK$?7mw|T+=Nk@d+;t zl-=T>Of43dvsh`dwe6govx_&IL$mF@k~NT!v|xz|_+ycWJ(%t4x^u|gJy2J1MPQ8_ zlbS(%BHw~c#4cxuaLbCb!tQ9qTC+SXF(GEU3?qjtf5$J93_^}W8Bx{fSDuEPGIXyv zAzGTEb>3LNYr&u)fmwkqhdfCtPL-jh<7|IfN6*e~?jo1(&VC@9S65@G?rE#2`vD#J zb$>rZ7e9UPsLPAt}k>3<>LWn|I^lfQQghSd>DAutLM8k%uSC%A8alc_6=L0?i*#2E9&8)1z( zW_aV|C|o9@r1^{!Bq$?TKljK8QDR1gwMWiI;B?8kj9~d%W>73vX$fbbC;)uN253&$ zkRs_WT0Uy40e!zz;p&<2N5wl$o9QY#uk{I+#;TFc;5=k`THT9)VxQ%E<Nx%LfdydbLe`;Li|fjNVkZZA#%fHP=| zrlSLZyfX2E0=h~5JKny=Z-u)T?yGV=QNzma6+EKO{a1dIQbn}$;LMVjI8Qo4@>T1f zw)du|B@3oJ|5S0vuD%%pea}axC7xh2uG6gzLCL`_>k&8>-3I??^$UBrX4}^(v3|%* zXU)}Rf24vFgay%S{t6whH52*Vq)s5KG>E;P@c?9-Qd=ckRx ziKM{Hf+W9|i82RJ7-Wyt=pVyr9E=7uBhu7bV66(M^zz_K@HRj6Nz1l3UPQJL&p$mN z){tuX&7tSEh=2A&yGOamOif)s(jXW&jBps3yV_j2OTHud8l7DRSNr8qh1)_q+6xdd z1zAov91&i&FE@P&xrl0QJo54&o}J-cV5AEK%e}Dc3`7TkaOpS7V+?>-5{j^m4Z@x@ zm~up$XB~Ax^Cg~X99sLH+YyIZm(LGYB6aj++(Wz53G6D|!ov+6`);*%`82*zr+|RF zoO;0AW-0cfl2DbIN0PpB?TAF*1PUEMFw-oErQQtkKKAEh6d9vq$TMX7>s+r;PIX>mcnNZhXE-?4XqKNf@*3NOk12LP zDDSnOjY#Ep+aG27Ct#4v=Pyz$!G)4Yw7rB^72tRa7+#usKkR+;_&T5>;Q zmHhQLwUeDxYar+^h=_J+TowBUoNzy0)+d{_-UZw6HJ6m zk0MQxLcm{ysg(j=ykN~($l6oq_EM4h`@M;aBAhN#5z|kSCwuAX^$qk}5ThIdBTUNX znXKH^52KCgkWrZS|L6)={)s_Fnnh5_La zgU&T=O;+R0Mbqk~Lc@leKrHFHd~h!tHU_NmT(y-j#EYhDuK3nX#KSU^UK1dAu2 zHJs7c&Hjayo=SCqph9edy^kCWCaySC-O62^E8GJu+$-6GnOwNYfjnU7(#HWOmZUnv zBwT{=2In?QG;F)<`5UkQgP9G{w3Q!4I4=3~vE;(mk~P#X?<*T?JfS%hXiij)<8(aP zw4sLzJC{+FQS-j9ZKb@qNQa#Rlh3VsYTq$6&?=q8+TXOE}mLG5|cW;WN&>{4qqy(hOopI?DZAd9V(7fTW#qF%uLc{mii zr1FYc>laLp_(~CcTXoo1H*oz1-NVChsqV~F(?tjF@*Q>ki%RFP^tMl>N=K+Fg8rdaGyXlS>vLGFHUiNLI^^%v`BarkYFfHUuk<3m{HenhzS)l6Q(&2 z?HY5bmadgJ<(-40X>yt9VQJDl5Y4~8`^Trbr(hXPV0DL8Y%lQ5V6d257N<7z-dR6m zsIq?uWX!>|vG{h6?3V;asNpHX#PHdMn!yY#xA56}1t@0v@=HIR3(1^pieA>=_Q6-e zTkxOJ;Td+SXt)R=YYwjkqC?moJ(3NBRbgU%F+_;ZyZRJqhMMrG0a66lwKsu+v<0qK zLOd4m!O9b4&RTbCrL^2w@PQo^`Bkk_mLPFhidkX%;?1XX45Vlar>t+JaU>*JZ?o`T z7>?|nDzAa6Ofz(NGzAyD8YV|*Sa)$`wG%>4*>)2?o&xd#j=BtsK0l{tk*ev*CqavJ zkc9TLv9cP~>^Cj)#+Fu2BD{NFfAi*g7!uC886gisvcdgav8@9~B_M z>GKDxP(MVOHTaz#KMPVsGDT*%E)h}9OA!A6V=iEqzz~*!xPWUFRyWet^7}yMo4^}~ zBZO|(BlLgjQ`-eJdOWPu*Lq}Wm^R1p0Gs`4+<7(DOHsqwt0rVHkUFf0fiLDbn_?*y%^0`(rDRdHs)sLMjdYt8Qnbz4@=->j8v_|q(r!lGQ*+q|ez0}1Sv zkMy{DN)QM&$j|r?JlvL?Ws-P{YY;pTsx#pB?6_X{lSMxm*&!zK7sP zf#0ppZdiYwpyS(;qTk~3us2!59$qWNOKnR>Tc-s&j`{Q+c$dN(I<3uqUI_JA6oZkN zs3B7O44L6jRRl`IbMP!8uv|j-kuXUejwINp6;wB*#?HMEpQjXO>p5fJpfDuY6?g11 z^`2DL*foL!;hTQ>h~=Qi^PEE5r&5=6VF1kqy0EUrqFq=`@&yP4YKOmctj|Ea$)~rN_4i6GQ{&=J z@xMiW(d*IcJP`=?#+1DWth&qC!UcjwoiXAeBpEtFu?g&6qH%@{j5&C;;rnGx*kLWZ z^3Uz^Y4Qfzg%5Yw4gQIAxMGZ9RS3CgHp?o-539|>8fTeeAIv0T@6Wuhiz2x+aw+;J&uY}mvng&L5wJ5mE!5j2X9H$D zz`F+Be_sbPfcw-R@^jHI0SfiN;Voo5xyuRoU)ZC^fl=FWI3_)TDxu#_VeNL>N@&Qn z5CV7G7YSaHc46DwjW=OPHkq82?Jra0fw@-3xDcczWRSvNFANRu)nBn#Bee~WZlZx) zX2+dgd{IXJrCPbvsY(CRby97A8ucD|`uMZ3EMTyNqoe-X6W2-qk^edVgO~mPXU2M^ z^}pr+?snQBpbFG7_;Z5#b$+ryL75aWRSbLrw=IL6wP=zbAu-xk!RWq#W-|Aab$hqC zU%+7kCT%W)grGk_sTZq8wx1KYBYIKELL1>-q5oW<4PIeAV`Qlk|n*_Qd>} zH~`8BO@^B78)_(xIl?GIgw{Ro6flMbI|@2HK%$k(A(dDIp&FX{)i?OiM4MdscLrx^ zX~1{7R4Vm|hUbix5Y7^927n{k=OAfR^wVD`NnB{ufT6My{dmQOWO;oifSWKv-^|Qh z0mg)bo&j{h(QCgMfh{jChv&QVprwHArG?#6K!^k}L6itSzvCjQgr3pnB8KVyxh<6? zH%(P_%xaZHEloH?8)8%yFr3<~Y5`)3sQ$o{b5-AzuSq^DKF@Nyhi2)S zm>52E19Fpzw(+yqM3qB(P6mXqQ9=vVBjuI#by~<9as+6merd^7@S_)EInom-1r}*0 zii69jViz(1Y7aO=I7&vsk_>a#;w$nA6D1{^A%9{WGK!1e^jX8|3__%jJ&JU#IlQHx zSx-+5*1ipbvQC&7#0w4^xQ?+C(B;6Gw^DhA)5RgCe}oTc)ABTgO#RVpo34>jXL)~9 zuVwSL$aj_~wcrKYp57vnXy|kw6o8BLK5-)bbXk{x!}bPTo$iVv?3=H<=Sr7ga+P0F zcJ^qMt`q=4uh?xZj9U|izJQ{%!1WC}C9cSn9hhz~R~~Y^-msVtg>Ca1&^u3`((CB0 zX&_`Q%U(Z@Y3#VTO?~(98j~c{t;t%t0J>i&gBlIPWz>>2iU_wqAHD9+eO$Qz**@;Q z&&MCEBzv0iO^TalnF-4J}c!pSs^EFZS!E@Lp_tQH_S1COT z;!edmG2ValuXwS^L?3n6r~ApLX?P~8MO)v3&0qt>Z}4q)t0Z`%`X?O@OzB`BBd83= z{;4y`w0#cz1;O3pTDtUA~Kg)AE=nJ(yMCG$Z76VOcSSs`{nc;9- zL<%}U2by6*!<_-`OLN1J!?_V5_nQg+K|z9O2X$}pN?cholO-n;SLI8!hSUl9VHBLV zthwz=Ai9IkV^5mz5e$Mj9I?M74o{O%nYrU|Ndd>1$PW<1N%J|>*#Ozcbyxf;Q`577 z2IU46w`%F9%eZfgoGYq+30{VFo0Vj?&KVqiQQGs!on$;YicOl0w+6+|X=-aSdY;Gz?|II`KKtZ8;%xgdLCDo5na#l3+~d{ee~+< z(96TEx+9qj1l?3T@X96T9VA1G)B8fq1*t>-vc)|Mo+oQQlQvH~=NjAuT(I0eJJ>$h zDZA={YlfK8inJ8Ku^hB>8hj@|xM=1qBRr{3VHHYr0x5SRJ*>;>)yksY8fQFB9U*v4px?)%uGh zH5Ha1`e?Z!I%ZVb11<%gEl-9mobE2p&NiZ>30i@t0xx(W?MbMN>X7k|V>cdC3l??L zgVd~OpfB{ET(Z)Ry7b?4M~*P7gX9^4AA287YLX|8FD+G)Tv88FND-F$`laoz8wwJf+3pb*@V)o#Jv; zsf8?NxZ`qd!p7?~60K=+#D(!WA#$k$EVidTHqeFbaivaia(UaWmlkoONLRU*S8z#+ zw{S_CdO3>CGs(i+*0m6qM_Oia30Cz}SM%kGfj5^!LrS}v#lQ$>n{U`sM<6g&eFU&XNl3yQtpL~*pqlzg<&?2iEoVUG;t<;QZ zH~`VzTX~y2cE{zWM{tLB?r?gy7?25XlMR1Uh+Ot=2%Q(S~^Ne{ipoeBAW~u-><3~Huqn8cSqBG0zr8rlxQR7-cU9%ND`P*`qgtq zwQ+J{63_sXydRbvnJDP=h!-x*B`IOGSHZ)E$#xVDO5~<38#rbCYrWJ0T>;9H$Ol6= z{-XUTJ@3F-F(cHkCen5wBUJk_15ey-wM(b3i>g8Qf(4q&YPBJKl=sc6nBzW~0y7-r zM*7F&Evpos9dsuKJ72HQ>GsD4-!9%9-&fCDFRcQzJ@fj6%`#}RR3ges)>i_EmU-(& zP5Ln?Wc81+#d58yBrtnW@4{M4nan|h_r%SZ8zu)eZm4)QaXoxC>6Sfy6D@?7z71b> zla2R=4=~r*@TeZJ#%eKj@lUzUQK^_mpjl^Jp>X{NWp}oC}KS~%Qsrt8uEy?)rqe<2uzruCsZeiq8 z;WeoruTIvQQ~b3sa@+(=6fs@bwSWaUs%zTUdS%?(IqW$Y5HrXiJ!=!X1B?i19s3i)!0JbD_vtG}nP*8#!a5dp$89J-V>KRax@QZ&L0b59s{pQy*(^e?jB z|4GD(z5NBgfLb6}?r{13cVDC**{|l@C@Ppqyc0533TXBGw^Z)?F6JWR-9RpIO|mqu-*Q9T0!~ zq|&LqIuNjhvbTS}FfmMb(cGjf;Nh4TmhF{{-sdgrw)P3aiYG-I9ULezWXCH_D$0l# zDi0!$Ts`uo;g@=+%78)1Rf9XU*8aA z;c{cAnW_&`NLMtC=!?&ibwm?0v|Qh&g~d-5wlfz}c$ zyeW!kaS0aI9Z@rAE_IUoVDisdEkO$Z2Nu3|J`QDkg}@{w8lf7s;N?DcDPyJI!YOVM zL)j$JY7B=pEV1`YlYVjtrgVmyYqz3h;$P-mJu6Cjb_+vrNBOwj-@3JJSW^J$?R8=- zE+$evx*x_vFI&k42JWJxv4LQKLeN%=*-;WZTRNes2(=)_(z>CCeCjvh*y|-Y+UqnK z{z5qN@1f~2=h2mG6Hq}iWJtkNQdhe_YMH)d*y$n9cJrXuZhd|uj1!}Y+cfR%f2RuO4U%X?Wbpkw`*LTpxd{9#I2zYHE90fxSD2v za&KX=@6(1z6D&`rb(iv&JIpp-J(yf*TX%0;{#H;E?jwUXu?YX; z3c~v-QB?MEG9MYo?-!X6qxLOl&QY~p!~LuS{{&*(|EY<}+qcTZxaekpURSGF3buhQ_qISR}f)&W^p z!|#?*D9%0O*!NuX3~jR>L}Z0jH)z8NKxcF8cK}2xOD;@0AGtr%Had6xN#&8F49d<|Tl?$?sz-sH3 z{38$PQN^d6WwlYh$vdB?=jRjzMxmj)Q}YaX39QhO0b@~tkp4|th6mSF0FOS~u=5FL zUM;dJpFZ1?)wB(#rLqACMFrvxf3fR(kO!mxRcKdz z?`+~dthuvYxAT=`DC?;+p&ZH80fm{i{CfMA1&7S614VgQ&7p@E{0lD$?|b;If3@#47sVEDB?!}uQqH{N%P=-kDJ0^IhfQPuZO#8g}z6+WwL0h z!;fyfaUeSoYU)^Vky^}$6-_h*3+$tt#&dlVAms85y&f?9{xdB6pf+$Uy1}GgjqfP zJ*F&~OI0rN4Uw~pGZQ2bqZW)FKor^ko^+PB0Jq>2j>T%lK)&S{D{4!o=dZUC_!S@n zK6_xiM9PllJsq!(LMgQ$WA%vkuaWPM)HMd4JiEzro-ViF_LzT_U$pP_s)MPFVkFI9sl^rQ6Q zDA0C5dX=D%nIwag!m<$h`j~V_$#}<~8Y!IfT&B@Lz>I;K+2wP;_SXIfW)s35Hfpa9 zf2N3(I$2N~UOYrdi4qB@gi^cyoU~e!M$E5%^fgAz1g1DrlqMl&rP#U401KXogZ|wo zE_Qv=6xqlt7vMy+SDB}=)-gU|BBBOs&>C?&VDtEd zY5%n1ApR$}rP+`rY*m`nP{(W{=I^*|a=|OcQqZ%WvFvlvW_7LrA%$CsAaaf29?cBd z9yrpNYkbX-ABmFc@nt$%7xM%MyBopTmk%x~7Pi(J@YbpG)-z|%Xh>Fhpry<=eT+lQ zV!W%B%bxvIg>8I^%}fwVL39erHQPWj=mjal8nQU4*7=>y@S!a7YbJI)$;Eb4l`I#V z!%Xr3nzjcLQFEamlyX5Sm1+brCPUlupP{tP$c<61Cj%W( z#cBu|nO3o-a`ss%>nvm}bZ4(rrJ8zx019VaPN>~-M(k6==Ha-TgoT?VE@G1hzEDOp z$pP`oL}PA%Md4M(-F|q36+%AvFw~s29?xA$;dQ#ym~O;$Hq7u|;C%dGKjpN$ZGL52 zDk6DhQ`nd(Ib+@)%Z#%#<#ByIdrW_algczx#C}U*lXn%>?U3Q&LzM;S6NXv^Dnw38 z12ctExco;;Kh~^Opn1aGK-E#TK^jw@dY=%uAGxg$_+yArG!7X#xJi^*k)B@mjd?+C z)(RHkW_Ncl>yAc-`NSx-K7(so$nVLG+T&k3LU;xx;M(Q&bMpsjHn;Hk(@zWP3o?Do4 zrpe|7@x+iSOj(V^#MqijBvYmxO4SXtZgtFicZ=Q8A&p$ExkIRXXe$VzW@|dR4JdgC z9~_OAMiKA&)w_!391RjsK24b!C}DNiMM)RcScUNd=AN+SP114=ai+AS5g5Z|mX3NrK=yIo+#DxIYEQioH$(E6 z;!0XfPHE+)V@375A*bb4;4exL&&eEo)K@i_wOg&Yf_96QQ~8>kvdPHSZ`8;)P%klV zREh}l*4ash=XEwU8zbg)!P7y>F9o48VRK+~rPi?IGpoSAM9=Z-H)GP)LGIoF>^6_I z9x_Tw#15b)To1!G6tHl9**W^_4m;?qbr;}u=rVDl!oh6SPo~xudZVIUq?ms{}Ansvci~q#@2s!cD!f-)@*rjvY#+$wj^q(+lqM0cC$910wfOPk| zc%5h1)6gdE)j?+&4@8t8f=YlsEE|$0s+)C$*SldTjo)uR@qkfF9h4pY8-f}PMVgvre^2f!~i`3 z77x5+do^1^dBMP_2c&;yDB*r^oVVHH0ZUa)65j|D&l5N|mLy;y0dig)6$l>*VDlEg zMM#lE#YkcD#0K%WaQgL99vT~3Vj|E2E+|8MmuXvH(i`8u4fOPOc5VjAc8QUdZrzUg zP!=eV(@zrW)J0*wI75^3IOD^fz(PVPQBFJtAO!HyJ(^sHp0>88w=VrTR2;^yuBNvh z-yR}Vwy8&f%ewMKtrbHlRPs(zS{FS`f%@1Jp;UXbQSq*h8Oilmrje}Z6=sXXyEq3#+dANc;ck?{c8VM1=a2d@rXvmZ%wDXTDLi9#bH8WK zT-pLPO)u`(YY|xNJ8(k3qQV-B{@afsN62t(^-MHSxEixX@FOzND6=@KD_?a_HT_1T-Nk5@3NSpfoiQ>6aZtteEEMCI6v;tEdNhz z{g2eZ|5$6_NN2~sNb;w`G3YNMjrBg=*?LdQUBkYTcF)Q_yf!sAWn!0_gsGIvb1k_oaH108@uNdmtptF+gU3}gNq_^#>p z&HAENr0F_#j!LZDF9PuM?;1ex)f!~bc@@~!>;4Q-6XZhC-rc<>s0uK?w;J9ee|5e4 zdYBIHyx6(+Ylnen?E7+AAwpdJM0_omh+_E%#X(3bbN zCPMwf5q57#QzT*2*^iw%BW)EKMdcmd*zXwJ1635W#C!!;KW&>|%179sKZ1+-}Kv0+>{$ zvlDIV8Im6R15@K39(DxQqhB0VuOHe3mq(Fbdm{;N@9rk10s}}XO;2veSCNk9Rdln~ z2*5&n@+djG4~=4!4I z=`1eR+iZ76kTSjsq6~(KwzO7UArfM5s?Sa0a~upVL%z6?EHas<;Yv9IEpgqwoYktu zcbg4`LQgGMO~4k5zWnGZIitj)D=^F;edRyALH6ZW){|(9&iGk#4v+>OyeO3s%gB@= zisKVd!>uIiKw)~{0h6m#VsWre7zpP1r7MA*?)S52w?479fMMgsb{!;PVx(-u5FHVO z_Q?H-6DHYkta9c9d2P;2CNRG!N*fYGto5k#VN=fRRgX3kHDpb}q+SN~5@;CERH9OV zwB$^B&~K~swCoRWJ$`1<)myH7 znyDW$WVRLxo76}`X$_)-sU2^kxSOdV;Q~z)lH?jmrQE%(0~zOAE3Vba!Bc&d^mH;a zbm0@sPnkko_)-ZcLgRqdgtT!13@vnw;lYP8LC{I7bmgd`a^bV(xG!(I+``Sx%{z@OuHO;a3zuNUwoU9WH{fpOz!Vw1XgBqDpxz6 z1r)28<&nY|Ie$~JvV_5(!ri0G%R`EiAO&B2$Yu>=1uAgWXm-cAF)p6p=259jLA^Ur zo)l0d#3PAyKFW90)TGq9mR$Z#tg+jhQ#u#iD68BEjEQDkbuF9it>qIe z0DC`MfgL=<%%fa1iQ^8;j3tc!gGzshr*5D9*A|D9v6)@QRUxhe*EcH0m!5FOU-v+|XHFi9eBa@Vn!ybKF zCy=90oS^P>qX;j8^XoL4@55FK0|^MKSyShJpT~;z5Y~Uj*jxv!!M*=7m{S+Gn>X-f*wm9r!@^ zZfS%mHHQ0dWs@~kFPX0{9)PlSVyjm8%C~F;N_K9DU!eB8-s8P@fPj^U=CgM*=CFf{ zC5>}6Q32$Hc}ZIIMY(9F+083oxqr+1-;3wk{yZWLv@z6rb0x+>*MheuC^kmnV!ML% zV@$7b1oIRw%6T0`zSuBDOh*)^3~)bWI^qX4bJW{}oK$8-XvrgqkhN&e@a9c&KFWKA z)3u!d@mX6?yX(ngnvN+SZ(Henj&P>N)Tw2Ba0;gl2@mF8JwSCf(2JXi#HU=}mC3Kc zJO{;`=~HNx^oCj^!9LM<&jFX1#9Y}zLqAy$wy8*vEt$*3@~5D>Jb5x+Mqx9H3{+_7 z1~gQhbo;sySAL*^mPOhY8blB+N-o^3`D;c4qq(s#?2t)fRNR_~ycNQ4!|A&fm6HBI~JcH0kREtVIU32(AO@g;Dwo z&;r|GGLMuZ_4rfo^D0m1e=p$P?7`Y7KsvZ1B%tB(HP*Qo258g zgtuk2rkkbT{1?AubjQB9wJIvWeQ*r8L~@#+3kc+7q*SWNcLfM&3!>Ps=^0@cQW%gR zZ`Xea!(TTm-`@cT&&S`=6fN+WUu@r>B7?)FUgl=j`ehxg*Ruy?l~wvmHCJ(0(%ukg zc*{iJU@k+J{~#S@WcabEFc8=qSwZpe{5Ny~GxL9%+-cU@NZfBh^S%BTpodh5w9xO4V1w+>q@4FPn+Gi4_5x1+C5zg8mz&D+B4A=1+{mW+-8VEr!2uZT!_!of>^jqrTy~1`@b^=?T?;(Jq_P`jxF!F#2)+a)zbld4~}~8nLt-c&I$K=xh+^ zlM99Xb*iiwwB(IL68eE%ie`vV#7Q6@+7dzxD1jhGBMx^vgLZR9g$kdhCqeYjgCqVV z9NEe9a<^ymzTEx4ZysE_WJDxHjQFxUK?#jXGc8mYLJd(8Ou48Lcf=~#Wh^{XW#ZBwahDt2n8HG z(J02NvI{akXI-lHkZ+SB{a;WhxGs#%5$d>y)x; zR-`m7Ynd5sYmr%vN-ZBt9@fMWWmoYNo_j0JfRpvQ^_6W)w$*sc1V~6&pd@lPk-vA= zipP(W6Pr{0j~}7#Z{4^>Kjf?HEHAy}dzrP;zp{fg^eK+YE7(qDP68X7rHVYY+{dAk z@kqymGW`1XEq)>}6})lqVk$@9zuWJf7d+wAr*dy|x>xa03NT;-brBZr>W>YS$f&YR zWdY(fj)8Fl&nOf@$OP||&UmU)RY<=bqbkRnb(bk2(8dlUp+qt=2 zVvwq&c#eCGAWJY-xlExp9|H#Gh{ed_D;yuI@oEj)aZxZGS=Mc zTi8T}v_n$5yQ-7VZ@{9Os(qR@D^eOJEj}g+-YtO?(Vkp&+n}=={%q;rPXU(I1PAH3 z!O*{|kG1?&%E*b*dK1L-l;p1X_GUdv4gz?uij|BL8Is>Ppn%Yx<%~lhKLi8KL0-*~ z+Jp8I=NxvhKzfjx`1FE82qJsWwxzx>NJEOV8JAt%8=^Mo?H%R2AGbWMrsTmtw57f# zP>&)D_eHBCgU-x8>gk{-h;RgRA z4v`ccl6n2q3+WjqsVO^;R`+e#oO!LfK%3Q#quTVD<85qqP8XN5Gfl4O znZ5lDah{FiHPasaLeXqXs`F25PpTSe7~Sq>C5RMBZwOxS_!SgBGg$uu5cou#jebJ` zLvFxPh}>^aXaI)Qe`T}!>9RomLN#Lt+A8^ZABFe19k6!ZI=y-7oLvy9sxFh!`>ikB{ZXqXRNZ z-sRb`it%ho2%i&gj0hwYB92!aW~}oflPku+HzDR*DMvcRcfGZi1OgP9xIl~(Zm66B z6}7K8pAxx-qJ$V|e*@j4R>mVnR3Kcg4S+-g6*s01{PG(7e$VX#of6g2C_gBv6D=B8&-u(jv zGzsnkA^&W>YYfQS*vNjWsRIY9EwcWG@BgR&Pn z;{A=K@%B5t&Sw&sv-z9O1{sLE1W(T1pryE&a+j?c^nnl(LaUgF2&w$W;q2pW<^ql~s`OVeB^2;6USp%Pk8@SX@SeN| zkweB|?h#emYhc6jd*iG*%`V_Cnm3LzWuCI~WV{Nyz{Wps7JJ_-=0R=TxZdV{-$t%a z_tc15^TvLM(ALd>lm-`gB^o8m+}@6^UskN|b#Iq3#Ks1lI*-}phhNBFTodLHyPAm6 zJ}aZ|zz7@9)dWCThIa0#day!HXfJ)z^m?hxqp+7vTc*t7QkL{n107rD!!Tg7^M|Gd zpO9|xsdPiDil@r?D@eE7ty#>h^yzAAMYm1$FGK2 zs^la5r~r2GG=v(5o^Nh;ob%wo@1MgmeM=7KMAnHuX(fFaS2`w-9TV`~DO^{?;RM`( z?2?0anpKtD&SQ#FYmy0>{Y2bb7Ux|r7Gbaz(j8&Hsp0grFUkg9+tRbGk|RFuzf_ewX_* z0T72eKmetG%C-Xs?k%SIUGt{pYQCA8s8NEOfwqZ21qpW0L`*$i>-LX|hvoh$g8L5V zid;Bj)3f#%5=Ult%wfGGw8QJ%V(h{J)CZXR)x$SqKmAEe(>`E|$3RMU-99P}n_*%e zlV%2fP)BqLyPiopgqrzbhC?hcPYl8lCI0B9n^sOiF#U;N>FF(zMD|XYiVnX$i}Bve z(>Wg9wJqm`mdF+DA>dJ({cHw&wHHr3b)sO}>bbVu$<17g9YL29+XimQsPaT055h$b zgnGo!O9zRYGJfe*J=V~~HdxBC!*}{N#=Ek2vw=X$B$sIVU2vH|6cz8riKg!pUAjdCka6du{LoJp<*aE^gBr-JHPL;%hw*wTTTcv3|0gS!OX z7el&b)f?~E32IKv*b?pHuM4iOU0Gnb#~cmMIx&3P2r!;?5YE<0FG@w%FoINCwL{#v zLW-3gRxDruclHosuLdn(cw))Ne#>f)!lJ3&bzwc>Fc}nJBx;3@|9{#oghAF~+70 ztFLQh{QY&%5T(3;IGRi}-!-uuK~WfX&uZJ;ZiqUfJRj(Wv-lvlh=G+9 z^0ulqdb~nI1_3X*&-Lxq8yRFmozYjbuLq_8gygSXRel}52H0+_Nr@fsMSyw0<~Eg5 zVBK+mC2Yn~bM0j-{P4^ykhAf}kUv6(D3+^O4 zb|4-D?hAABcv>C?hOZ8yW#Kv@-)QB&g6$JSaTy{QJ0OzAtbnndlu0jZgw(cTJ zlzc$522cCJqrojEKN=cUPxO*@$}J1Xp<*hA=X48F_bh&&Bz8H`mwrt1%aNGhUQSNK7j~L z%Hw*LsP&2HFn$`b9%(w@d4?eNP4{8x`JdWIAdOVC^Y}2C8=1VvE4y@T!`)W66l6iq zo8<<)N3hT7Xo3l7M2pkKP@csg)trk%lN7{*n+ppN00@+_3CVO=qF&vjU7I`ELy9BL zoR?bI0u=%|2r5e4Idf@f;_iAo7t4?+h3E@%jiQ>CZ6DdumMbfCQR7Z9t7pvRKN+PS&8D^a80~-y>e&ly27N&L^I?oj2N%`&p=(+ z4PafrdGgSbswULY#D)*hpwQtwOx3V0(A$SIf^GQnlI^9#uR?)M%=Am!yIb*-$h}*j zDG&rTxL}flO*j;c0NlJHX`~3sgeAFP#+_N*fSFX2)u6eJ z0|)2~(<#@gzb*p$ZqE;1TK+~)Ts@uWkhcxKL_TPYma2-!gSa3hqNySMDXJzx18A2* zm6UV9T->X;5p|X@4?TLQek5IkKZDBLoZ4kD+~rpFdcrz?_x0}FNcy9)I2AK2+ z-s!#MT=c_v#DGA)vw;Mdk8w0SrUHE+*TnnI6s$No`gEfa&6u5kI6%{Jic3AWh}3y% zCE$UFM>vqjlu9r%f>?irFlvG3IM27+x!Jvxatg8{tJa*9IoV#@bZ7-Rqc(l^-?FY(Q z4Yt4|BVULVKCDZ512sNY3k55VaJX8*C||g9wdwqFT*^%!t?a@=uWc4Gnr5ij5|(3& zCXp)mtZ_yz77sfb0lK;z>ZghfDfN?`H#8dH5WoOPLkLpZbK2x1{_F!*o@hIRf({QF zhZ6}cQb{7C+N*lT<)ACJL{(FG=PbJIsAG3+-x_ecA)VY>Sk0h}96C8{VS!~7J4W1Hs|KiA-*XD-3O*<*t{99&oJM*bXPqlS@ zljYp?*?0#4?gI2d5;Zw|KhK8vteK7=X@b9fVar+FHD=M^+F%mN!o4T6vg51oGu+lH z3>?`~+AS9QrV|yX=+87FJ`CWYj^1lxTKiSChvv*(S^zrKIwO9@G^R_+qi22YkNXkU zZmJP|W8?O6J5G?pd>66m)66d6rJPk`V@#8}Z|b|HWubRjcJ}xtU=)TpXO~}_aeVeca}{oiK-0*E6=0zKA2eTyj$oJ4{^sDINu}?VPXvf9 zo<=AQ9PL9MK!m~~cL%GJ_ls_E6tvyptI~C-!lb<+Ua(dLF0G6BM)bj)KFvvS_bW#A zdefU#u$s2rHVGM4!e$+mTm&qd>;>%^$J}7JfcMQjyl9;aAw`w%q&Q)BKcmcK2odRD z(mEM~W0Jd@-@dsMb~xc&vSo|FJJ1%7H?YmQGq|k2iGW)1TDrAOzbEi^bIyk8EChn$ zZ7^=Y#_Rfu7_cFoB5MOM!W<>f2K%_>P1$d>xO_K$(4c7wmviV9czu^FuQM$hm8FEg zH)7QCrw`>MIT9|!Psekw@+Tz>K9S&v9$+xV;Z9Tn{9|DD11RJX(XAj}86-lu1OG%g zR?+tXDy9nY<&!%Ike_cK1%O4|FoHlf=@0b(`$Z&{A|4kR1HA3VK}b5|fRi8u#r5ES z2k_$LP6XD{rY_Y?@g|BGM?*Z!yC4dg!Wg9&fDklVbcu%gOC025--?Sz12Am`foYQM zZi0|BlqhJ$k4X}*w9n!@?9={~iG#0FS;60`&mf?_hxU-92x*EDa__bq#|#XHY93z6 zYdo5}irq|j*@^o#C>YkwJ?&5KPd_aR2>_PMA_76~QYi(-qYj^Se_FN%Yg^a<+B1it z1FrLG-?(uqt+fNe=khUR@x9tDlsi=j0~boX?u|inj9Ha=wrX0hF?Jm|9(eu%K@@%Y zExkgLVd!kIKwsIYNph-BSeg*?lLRM`q5jJooWtZ%vYlmrsSC8;C8O_sF|{$-80 zlet4cbMg3&^hPSS@8!SuDSpoxS=Rn4r*Z${r`h|=-+UWUkvD}$?F~6%`~E<`NzK*r zKlkjMEFAx>BLBaE4RbOu{=XG_Cbs_=HoT=VZimB;(EY4_1IKLx)jYQf+Tdv~6s|x8OzeK4iJ>qH=Usa~2Oe{%DVo*gwpRAKe9fl)QGr`AHByQ)o@RfSBqa#^cP7SNNU>z5wuHk$ z1QL?a4H&N0yr){fRx9SQB=mF#T=}|4ezX|mEpt zf^T>sK>=&P1q3b}eK2Zqe}b+q8b37v(tQUsszNkF<&M@!T@;laK*(f_wgn&8RfLr! z_|6ShM9ZS1E!{oc-_z;n=C6=EF{2dc-z^qRZr<#HLBfN}z`(fq2X{yNVlBEnnJ>4u zc6>iPztd~xueLTOo8Ifb@6v0?T|z72{lA;VN2l@MEuV=uuk7*h>o6$7EQdJvC-?Nlp*&u=+K9V?_%AQc9sZ7MDg4)k zU4Nz-4R6?NNk;QPSmjZ}7C}o39Xm`Ag~6~wtnoBvO9O_Zoi3?4%X?uj_ShaMoNN=B zf^jjM+&e^fCU4DZa7x+G#%p8Vu!flAm~Lm>u;fUFZ=`R0g4D9OsW^&Q6*wM4Y!9L> zJJ2#x_Q|FRZaC%S4~x3@D8V3|I7c$Wy$)PT_I<*@)X%V{59b-QUp?yF6}6|AWYO>-}_;Gi?AiwF&R~dFZTPL>k*EoOU6p`71ikz z$^!II0u4baEIosC!SY@FX#L9^$|r&jIz#IiEh8)7u<94v(rGKAbynlhzy6BS96VVq z&Uy}WgHN~NEyS2IPiv_Exj^`!nq~`@$9a!77#0&^iC~>sUnfXM`=aLrO^rI}f(@eq zRfj72-Xf&+kx`+{ilk}^`W?Qj-rfqprcjKREBy_SE`HecKL^(zclbYan*Cp41hj1J zvn2klm!(O$>}kxdkg`mCs!_W3l9YQcC`V{^3_4q-8yP?H`oT! zaTls`sYSR}J?w4g^L$OE2!|vAmdrk6q@3IpzeP{gZP`QR_6&ffxS2*YrtU|}T>jinJ#_r4f1-u-qWKiA~B`{}T6 zZ)eck8NEl$Hc?EaIc}fNzi3tZ1tdUOY*8~*HoKb9XMf#qN~17i+;g|R_b)Wk@g4`J7OFV+?4^!Yhd@^Fr+R|c~lC1Y8{8C$_sI711o6#R5;=4E@sDMlcc#XxrJ7Hx zn%E@LRf`$>x<1ILxv>MCwlZ{ewU*D6>9DeeAL@J6Lmv=Zoo#_G*Wbwa24IW`y(#V^p|nIUIQf zk@UQzAOz{CU+X7|Q1CR-3rl7gZ0WQmLLwl(>AohITu>pzoPt5+beO9JNRA#{Vj_4N z%_rxBjR%VfLWESdOj5`6Xy;X!s~{1=OZ{!EGYC`&;Sx1~^nK zK2jj717|N~VSMh2T%L2ZvzHd~71xrhmP%tCc5rECss~`zBfZB+$;6 zF2+CVCJI@i$(!qzDba;lkWe77W3hGYJp>fuC^-87WxoO;mT8UH!@77p zkP-wg`X_=3HZ(OyLFB?J53k#T(+BINjnwLEp?i*QIKvY?``Pn1l+kK0vO1Lj4?)GI z(?Fm}a;0OW@@*~pL5Ui4)WL?-I-Z(4$60|!?I1f}xg^2}s~|uY+a54NhA}G4EO*3p zP5TVfFJr2M=!63rp+AB`pam?i#rm##R2Fow1B@?=FglrZGRI&5M^KFsC#2?7h_8p{19M%>IJC{LBs@oGg8ZufeV&uERP4npH67!WGA7rC8l;&C^ao2 zw5PfH`a9?HSpo}Z9|0?C`ee&m0ZrlqV%Tm&5~t@AWYK|zfClhUAzw^q#!1z{oPdfl zQGAC?VX3QcuZAQc*wf3mSB_DA2E7+H#K8EJc`g_nA|a73czp>lRx>um_W)7`J8y>v zOO_swqibu!ORCaC&>H0){ufaY<#&pG0Eo-sJORYGcPL)ct4Su=fWFoIoI!0uMu&(o z^;t)N_Tgkn8fAd`ZIh}fH4PNnwF5HpP_`KNRzW8DkOpfUJ^ks;Ae};dw8py9ImPe= z8QUS6Skvm06wQq{3i9E{<7af?BwC0WzbM)58YvV!3j4x;f}1795q$8P_6+naBPps# zkg7GeTFIay_*%93xf5(lQ;n5*@T&uej*VC{v< zz={qN!G0KIl-jo)Pmr#L)gH}QmEY?_j}#iC$yMIv@IAi1Y^9fRqnIvvD0m=%LXELn zwjH^@q5)fS;prMgW4kYtM0n3;JWJeRu3F%SCWUIh+PZ7s5cqBLhV1j2Y84m@Lew(~ z-BiBZiqoxSDak(*Y#oq3l~y|OhPo;nVYQ(ueV-xQeu#OUm7T+0Y?goH9@wI~w<#cg za`}b*>!VIXrmvsz8@9;+vi=pkfFwSE3ocn*9aM-&=a5FonQd2xUAZe?jRm=LhvrJD>TC}Z2 ze*m+QpGExBEdP(JcEq;V$%0kBHo@J)Gx;$Zy1*XISy@;PF7eAb)UQS)oMNVxwJ_+rckg2w!f8}>l+fu*;5 zOFP(Zy***J2>^8C*d}tn`2zCyJEDe&AP}oBp1-IKXh{x?GK6*PbRP0XG^W9MW`T}2 zQLRZL(tZ35M|~d@e!`1Hcc%x!tjzqmAPe8{sH@eN4nZgk6`c$VH1@rIcZY2i%hFuj z<2Tq3v+WB8saX{a-syzt&>z1GGZJmE7=b|iXYv%5KTi)r@`u{)#<*3yRI1TlcjYY< zGH#TVDo?s?4vF&HfWAHkbw0{QvWFH#P$No!F_ywlky>Lq0gY8CoD3=u7HAmLsBrnv zYcVh83lAo&Xzq&!v)IAi)c< zA49lBz>cTJHn+IZWjneJZLj0Ma70;7N?S&Ou}=Wg*ndFAMg-8f7qw$FyDKCK#4-_j zNAhQ)-p3b@cZ;pcE=gYPG!I2h*-63Rq(J%|ga%*~XhL>mcY!SyaKNaleuU69(Y;`l z@OLK^%iLdZD%uLO4p~_WLl|N3ssO{orAeO_K4~4vx%O%cRFmp8aMjUW6WaSLm3ITM zRNq^2XwTUz=g~t&{hONwe29c^mVWc%t*74NoY`+qZQwdYmHceYm=y-P?)0+l)xeaz zbH!$2g#YP~g zk5|l0r4{jN5>3}xw1qEXd2cnfXz*ICuCrpBr_7i*geil(21Qr#;9)}&8(hTGm zBTx`pLIIDb7U#Uuo&O>P4e&m6!O=080x9#=l|;KP)BcgxY@r8hqBsG5&OkS2=vj-L zt9TJ4p&*jclt)k^|JyvrL%G{m(ZsPS;LxAo^Llmg2iA!uueU>P(18}joDpe%6)niM z2_c`TY0$OBta9g0c4>|`!2b7F??wxbFhvMhwWamWvh7?wufuRi_xMw$AU;ZK>oxcF zCh71+zXs}=vPw<0>w=|QG-e)GT8e6YhS16D6sSo}#RK0Y`%z(!cs?TqmA8 z@oYYHN;=-$Dt`B~pRqqs$O-}i#V>iTup+`P`lo!5s-n@4UyG=c^QUGlq}Y;_t!02u zAtU|@JT;Y@vGh?FJ)`;KRGarH8RQO=v{TIR;@0mMm65%(7ir^NPQnDwi>Kd!9_4#c z|2X3PgRPU1?T4rGU!VW8ouXUghn&KO@^1pW3QjE&D-3W$DXdzR#)`+Purf#m>F9vX z_!8;Qh&Mx6o>k2utqcQ5q(n4(bl^_Ma!>KW_)9b!qJoEx6O#CEwVS#Atb_yc&)2b&~(> z?Z>6lt>^1iOrZh7yV;s_Zv8v_%emSYIB+t062~Fo*{{9}hKE9oWroTeYZX{AC8SV- z$u1v#I-r`*rY*B*0f;^QRrE@?G*oB|7RjWvP)4kn&-INt%0HPFb}=sx8D5k=-r(_( z8s5)lM>9!M2&AAft=mgu#8LqGL+E&EGogQs6Cp6~>fs5Ao1BG^njwsaKc6*q$y+U0 zqCcWP*ebKUfG$;d#^QKJB&w1VWV;1I0Q6U*Nnt?5>-`g0C3~io;-`eumnx}to-thJ z;djLxVOSukub8MCCV;>Vr1&Y7a47gKvtkEX^<&YJt=~av(E#tO&0h-dr(|l%3&(e$ zL7gt5WtHq3u=JR@cM1-dBP=em=#N=)>Y8XaDcrrDB~3%AS5whjpJ-Ptz|WmJY0-J^ zu5Ym$z;Re9xHiu&tg}!nFGhhKLNEe>#j&Ibs&+}DE_ z+uMtp3s?4;%5OlO+y*xxgZ>2rZh2&~PcX52MObS^SdfI@dE)0?V|#`?Tntc&P?460 zGZVv`wE}Vxk|el%PpWQdX|~Wk-8eYokWxK>u_1~ zQ0K2!dS**>^oe?H?`?FIQ#E3RSmb26(F`P7;*CArd7aGJdNi*#6tV*UVUAEL4Piel$Fpy_p9i#AT_vg58Zp$uOa11jt)L-HCvjP`}j6 zYvIz(-1je!9UGa?$Ucs5hhUsyGjlSgJJ+#xCMQTB=u^>#4hP$VQaq!s7?uWj^D+xu z9E%+?T@GQ4pc1g~!;8S{IPkD=(9lNHqinEkAhaAOoE)McJ{nwPY*Yrq@*kN7<&P{ zy)~W>086EBsc;QEMQV)YDvuMoA|~WWLh3FFU!_;D_p!-dD$8lV%MQ4duH;xsGMAPs zGMO3Kd!LXV%N+m0Nf8dkXvjCVY&cgkxbnF;YR{G5$hF6@bcaSpZ1JXzwwz`ED-_ld zxfphcevTRR>GHL4bj`1wJADJxDura}KIZQ_=d5vwIrm4G>nnc@Q33hFo-ch=8?VXng+O5f5O-i!gpR06Ghv%Ivd2fC<_PGMa#kRkt38C8u$5rUv-Ub z^jX@5c30~z)~ZYwN?l|C)Tz)t(ZXyoxEf`B=(<1;dccK8)t|3svW9J3adGEl_N$RU(J?PCcwoWlVhb={drhLQs(Z6RF29IHp}6*~|~Y5bEQ+ z#sZ)4UZrM#C&T)&WjZ%bf{Ycipq1MYH~2j%^&=#lK5>so2?9y!3(2k{!ld-m;kQp4 zS8w~<{o^^ix;nEX;0q&dZ@3+r6A=Lo`9$sd5>!q6p$2o=fW!V;=C68i$i%3$oSl19 z8O(LW3yFrPI(mW`JB!EK!}10TgBcW6LZ2h)=m z>-_wlYL9gPria=m56|;PsTH)0t?`a};W~%Xum0Ch=zJOW@_(A=*#7(Jh>WS7xr+q> zBM19`oD{v(+OYeK4t;5SHKd(cTSt#p|+$|)?w*vAO}r_Te1&yRKwx>Jf!6!vL!c2#@8{Mt~CMq#@M z)AQO9aHNf`<<{;�vTPX_Xv8T}O;z<8O>X4Eb7e#rT3BS8$pIX0-uOw)~SNhrHpB zAE4}po_*#10vS!C6P}_gNGM%opsEY-C4|wrsG^5rXs;W)2rzYg&Nf=`Fg* z#z$Z2z$Y^z0S)Jrv-Q*CuTD6fbO0qZQcGG7+a)Cspkq9k@>KMe0_%#K5PX9DNj~h= zBEJ1(PUKRVl~f6#2hPV3BnePE_vlu7H_zqGpDr>4Rr7;owVa>+n+s^xT`feLes#b^ znl>1|A$|fs-0uzw!tp!BGSzgEMwOH5Y?0^}WHX<=d3NbL(NuEWVd=E?Q^M_|zsHtf zq~sqBkqfQ~E2Tp1TESx5rVHP1I6G-Ga=>Wo`r8^Slx0O%hzK-_-*l}vO`6G71xc_W3Z?4Dtf!9sP; zA5$imJBMADOcWqsokT|#9J>RNz!B6yvEO8WJX!^i7onPHKuniwCzAbjQb3zjQ~u_- zL35i?jsq-9F%b_nk!YjE=J^gqhf##wBOTqrGkKZ2SujpOBNK1f z_b0MBn(4h?XQ#q{y#cT8n`w9k@Jh`${~eNvWSfeu z;G6F53^ffApOL4=6T^Iv4Iaf!RbN-+kP&8ZERyJ2W^knBvAvy)n|k>);*80f*&6OGgKH(QNb+Y0XalVBf^HHMrhST1TPOxtnPeW6t7UN zYWe$Sw4<)Fb#Y8~w?eDT+YAxSxqY<`duM8Jh0gSH@Hk`;1if}zk&~mvPvYxnzNxgx z$sidv4J3w$@-Jx=<7sZdTN%nhBg4jhK9pC!nU|Ac7qBUl3NA%bzsucgw;X`@e)0AT z-eFi}Td0}^QU(LQunnbdQAfm$22-Lg2Gk^9#$e5c7M=mt3&qOpl!AXfDn*X zPb8z`D}vzQNyWsV3IqkMr;82^0;mvV%(I8M0Z`P!6=qzcp>yiXALyWJ#2-4EbTQhP z9OstKto@hIJ1vfW_a2+v z5xJto68x#iGhoghZP(WDWZWR<=P)tvS2SdpKQ!QR9z8&!k?u% z{%>+5T5zS9b7y$S3Ve!94pzQrbBNjdPkQ;Xhm7g(QU{|9 zbRdOADhKJv@ybI>dly!nUb+2nN@BO#(C6N>_xy6=YDbj3&5P-Gp)Yi5>)eo>dA%U# zaOXGlxC5xzf10D&|6wo6#_|8)stEqid(mnYYwHaLl+RrKf?rHincInmFdeS6$+5gx ztKl^u>~2=VNM#LMHQ#>fiCagC9nHxCKD7Ed-Y!>jrV#_b2+cSURS4-g=fnzMt(=$% z!>}?7_7bjo-h2tA!xZA6lQmpoKfeElz@Gkv$g|t?PnX-yWrz+T;#z=_MehSL`brya z58J!zvY0u7;{S6MbD!%}JDDL4OzLWln4}vlwQQH3W2>WLlD+9(!ql)e~JuC?& zBUatOej1r%`><#)O_B;k;ID&$F8!2qkRZD2Gc#NX;I%ApJYzuX$fLlaVNy|0A8z1r z5wkhnF&)Bk5Je?{E|C*$@^$|(VTe$c@tC@e@INtsZc(z>@=&kb)Q)Ufz1<&PAI{%3 z{g&EhlsAzB3soeHsv@-g)k>(1Ggsx1V>HUeM0pO0H8v6GR?}5l6{~BY8YH`B)Pn=2 zjZTvKK05*;4AU68x@uQe9L0OO>~ywND=i>^%x=wsNB@G9P!XeaBs=|?S=V^Tx)#66 zS5ohA+Ytw^p34Z?K0j$XPGR)f$j`%40r{KTm%r;pREBanL(V>~&^<^H7_atz#v5+R@w-NMyEC4fO*_+#T@ zb`;}!2QZb10WB{Wg?F~4G%ub3xGhko5Rfr0z zA~E#Q>wC(!p?R~3F8H*+cG~4jMNgLVm3F3xSwp}5wEM72@_Nkm`hxpcF{qlOP=N7f zzNc;urlvT5=(Ya;UwZBH5!|?hnBy+rRaV&>-$GP|u$pc}Jd_^r=XW^wMb(b_@ip)J z4&RpVJ+B(zk;D)XxIFzXC{9uly8Pts^UXpn{0{&0m&e;J-F#U8g}Z$75nS&#yua!s zHO{VJjFDi-a@y_>#w4Zyw&e^aa*ely<-;@2hqL(U#nA27;J$C8|ZN(WPs4%iu)+E#5+5rMt_ex2N=Gj8uxYc6#d1z_jjFJ4C^*P-Zecc={ z{AdD~Bx}pCGQ6|tq!azUU1p-#DzohxZCnli_l@&Vk**y*TIH5ucL?=rF8`phazSIR z9l94o%*MKhtNc?(bq#Km&HI_pEjZH5_o83Pbtv!T<_Xt^$vV-4w)>x$Tmw3gP;JpI~fdu?8n0tQ9GI8Y^h! zE7w*}YH6sSV^a@LEq+nNB=y6%qCPwYPdAS%u?VIZieAkK#8Pg?%J>#Q>sN_y6Fqu0 zmMgD+zU-~xfm3olu>oE?d_!(7g^>(fhOb4hYE_i^jQ8^h*^@9oz{W%f)s|WFr0%_} z7Rq>KG?jgy_`$Mou5S(?n&cV`B(o^@j{c_~VtQtBL(f-X7P%)-M46`}mv*ZepIiX_ z>2*Mcy%DyT)*)bcT0|c#FB=hW_;g>S6u%&DCZZzYCVO@(H=q@SP|G74bL9xNd{z;B zIigl=7*%DxW{(OZlVhMmqt>-Sty9mfD1W;G(Z|f)wm-iS+4{Q~ze1dcEO|jcGJ5hr z-Cro0elL(gloXBOnhz#GuNn@MK_tukEeY)a+RP&9Y=30E6guMRI54$#@?9%~YC53N zy^3SW3%B^qe|bU=N+Yq#5hk|g0MoC>0!Bh+AR$1bc8dzLMY1*>Ut6A6pgo-fZrSAq zn^^k^5v|-B>RrAZVkw?)1T}nT;<;U~QNp;ZTKkX(pGPdU(A7TP$h|Os*~>+VyS~O| zXdpO{YK&6yvm}?w5D*%tq&UK$Ja(e*6kZGdE1S8M{#LlXeZW(C&}=Q^dufkN(p^1o z)lg%;IYOd0y)^oJRf4Ch|3R;mSJBCWe*Gc*ue2^rOYkQMQo8Kn)#Gw~(|- zx*eQYvpucwg2biOLOvYX!zRbNAB#wwkdk2I(uO~^$!5x-{Bh*YbY#P+Mug$$t>X%m zV@@}s+mi|q8>xXzYmIaRKCf(XW<4p$=?l-)+6m9w@@wayK`S56M#YzFp(6XqX<4qD zcj}L4d0!C+#(p9|vq#Dzx5eD_yls>8UP$H&J=^+qA{KpyG*6cJ<~Ra+*9v>#J@gkX zmZHcg%#0@RZHlP}mK3RofVwDjP+qGuySVMzu)&TTJ2AyLg&HJnoZ#97ra&s1b8$?B z_$E;

v}ou6B>1098cjAbcI&8h*WOjQ-l;<#X%$qm$k}ZD2baqELscZY-l>41op_ zEzTR(PgXM&Ljmh>vBEU=suiZRvdm=?CXik6aDk)s+xT$Jfr-n6vSUo|_VqXmvtBO3j8utZ9c`8k4h*+7jvPQS@{8 zNwb}&*3E}G6beTiVb#O&6h+sB(AfQ)K{hOQ3L)3PA&2NTY$ZlyPnY%-Vra>w?f+uz zoq|Ny!ZpCQZQHhObGPl?yKURHZQHhO+jjSEPoKK?;a1J5nNyXgR8}g+Y+2q(9o zhH2olmU>KRTTAaw8~5k1PRpSx`VGYqSFNjXY^b#S-JxY+US=&PFHF zx^jdom$JKpL)kZdJ+-%rz}$@!R;xsx@9S~gxqEEo#)9uI21t}lBn_5*Lw>$}D;o=3 zV1adz;0=K1FfSBu~GK78J|;8M;sa~f{#Y^E22G?ZwOQpOow$molB zK~Cfv@O^-(A$2zYEl~PbQCsF8Ig)IEp|A$ox3wdmu$Xr zzCxj>|1tDwr2U1|l#ep-`NZpx5JDsxM}%D1+us{bRQ8a?`7qTsnMsQHW9k!^`eW)N z@?+|AJZI_j^aM4;F)Vq=M|M>6=5kDHP1n}r7Z;vQ^m!9Py`qHli^{~oE~Ozo}3=rbjko(^@kg}3TU*n+K0oYG++is|E9>HYmX%K##Y zP%vKp&be{bVo`BsV?-!+W}kyPLRR$$l1ia3y^$nLATT~48F+#KLK<;MhACPr4h0bjaVVsh45<{{k;-p}pZgdkqQnVm z;Rg^nm(L-S5NNJBsi?wE1quY_v{J>zO#nDhe#$zqWzu+9`wIloRUc+JPDFp?E>J&G zoV#mOm)&&ExaE#vEcU`PYx_14v4HZ=;MdIvkir+Kyf_Y zQ&2SB(j&XD@6H%67gBMWT;CmS0bD4lw+ ziTDSg)*nUfd52|8G6_&TQR3OL%3HHLf?Nz?yEn$0eRR>kwMk#uqKLNtyAtKrHa-)R zT0D$v)reWAlHH?5qVBKF@!izt8IuYVaEz_=DJ|yw*UAo?uddYpO-i(YkQ?=c*U8#Ol7OUDj4hDU#ZS^Ea+_eEW1=$@#LSir9{Touw`Jre~0a^&k< zD^$v1Kp>TdKh-y-gN+!2#u37Y0C{Kvr09xie|sVt^F|5Fq!_W5x@gYDaY#RoVs<-SfjV`$CP!{=`49$k{2f$Ij z6yX!@e#1U?dAjnvu2o1Mm{5ySW-DJ>XkTe^9WXfjSRfJ}~Gp<#V zF@fLXqnnqAdb)j_K)fdz=-h_VA&)%c;YJQfnb9n) z-#sIy)zuM`SM8j$+m*!g>GrmbB~CCBMaG6lva1aXe3q#fUavSmPqLxsU+t7B@iwNTvVNg$O%3Dv5Aem5iIzc8H_0?x-7DbeqI<~G9F@%d%=2Tn?I ztZznpLQ}WBzg|k-Eh>(==#}Gf**<%V+f(P9qiCOICFxhZ`hIyPqWOvTKo#Y{oSbrq zV~hX~8cidI5)=mIbU@TEPbDz~=#+x#u>-U^IFa5;57fO(ietct1VGUi)U|yI>vSPW zD=0PvaA(%i{8^zDOATe4cxGt7Fe3NEPX4vxR#pu*9ot{N6MjxQP(@+;UWY+6a3qtl zfQsN|wX~nID4O~tO$GAAoeg_o4q)7qEp&JzmFVL({XsZo_xFWTsI2;4Zfm40q_)<_ zPojNdxuk5>NkRq74}|ayRqNB3g9^#j52jBfKQ^&5$fgIRE<1$KxVCFYVCZW#JB;wT zDErgu2qzChA?1a(u^p~?oE{-pc|aHEigdspMOWj>X>qZgy9=Ct|A|XHtS=k`VYp+COGq;9l4_dmGhU6 zC$B8JlxBsN;<>(#17*8`xt0b%s?7x?+lIh~k1heRi30~ReNVgj3Q&=juG!-OuU+48 z>^ETdFx!g+NRdFCT);rPznF4dEWVDza3T^AIWkX(dsd^ZWeo2!!e)rH=3+*&yBwGE zyFTS~QEtlx(!$;s^M99%6zf-RR*LSXkyuarcWrbqD!ZWrayTx)ysgof=Wgn68$VQT z^grRMFi7MOuG}`aIMuU6lNL`9=|(> z@*6bDNkAa$PwHIxF{4Kli5N%gIPw_7H*g|;j+Q?}c(9BZLg>w&B(!yi2$~R)cPOh+ zRlz$YF3aYti-8y+NktY5S$!l1DGy@u1Rr9o{{ww_R@4?^D zo^xwkbhIYkyh2z(Ur|wv)pxdcSeA^F5K_<|zudnCL7G*6_n|y8cu~H=44bRcHE!$j zE@6kosKdU$)%g||R|jxVUZH*BH>j{X@U6ypWBv> z`Ip%0hvo49E<$m#{x3u9KNMi6)W)ng7!bPNsa+F&(~soNQ;VTB9VIPZ7SV$D8R``1 z!%5gBdb))b>uI&Ny(nO`5@otxI37$X6h(H05tm>bh!BxssA*?y=iM&#Wm&=$oKD%~ zx4e#M6yZd@{PY9xV&A=1@=)Ddf^VvKd(K^SyNkf=!c+<=&UXT!FdB-&zi{6WJHMQt zn(@EReNGX;VQOvOpbycu^!Aizcm#Y!5Tj9)qxAwTi(;eo;hrvmDrzS<;kyg(4mRKJ zR91@wzj)GCiKK(S)}5X+(HcT%cR2EzyqnT;t$r13lJzF(RkCo<|r9Mq3S;g&Y8g6UY@aE%e z@YwA`K~}0fox=3X71|>jvK%|7zL4V5u>&&VI$TCF2h0unALbOy25xVqe23E>{g_eXHf|adpYseNr?%^}*8} zE%>F(e?*F~0Q&DQ!8a5W@W#mn4y~wlf~tn@7s*2;AgTs75YIGs;-iPX+4iiIW$e3r zC%LSai}qirV(yzRa*DWT?O|ybAYS2 z*~0oAh|g~?Ad$d&jER9y=0^?pRgsY~6FCaw1b8!7Uuv+VAZUSCO5knmCJSrLy$%HB zZ^np!BXf+F+WFditrdq3i(Obxy?VO67cQC-!ve+Ch@($*{S?5Yt*8A;jUXT#+55Ly za9|bR4S}Wld7L8+ygCBI1Fj(V>l#aA)yquSdb7n;Z!Ww)xTL=VGvB}fPjWV$pk{Q9 zTO0e~o} z=x{KC2{%HMdpiPzW=B*C)p{r*&Xihp{nbf~81);eb)Ah{!U6f3ZhWL{tb=F5W_>w&{_o3>$29RiVW z)o;x@sY-mdbe?LbGHRCKGA9a$HGqSRkzMHHnHx5HZ%baEDQ>VYBdrap5J^N5@XF-& z)LaB|75oZ1rbZ4Fmq9XcadSnGS;&HvBuwl;->_b8LiEG2Ku|FTt#Dcdb>-5 zV^kE!hZyP>igT^DrSpUthC%bUG1{Wy%rY}eFd}x?%Ff|~6K^y1!_(&2J~q;uPpL+<*SlWUBat1CH3`BVV%CUo%!5mqFNM2 zU@D}_y!k6*+!Z@A-Q$E@XSQ~Mr-q{6seOFYb$fNH%VUiu1>5-1REGhkFIeEMMhuo3 zMB+_nql~pqu~Z;|1j+7dx|iSo;>>|+XXpFkV&z_BL6xmh#+2oTv96M^lyJt zY3N-=6Hzx;T^=rf$ytiHw|L^!DD&M{8PIrhB=R{*ER-0R-BDUlheL}hSrF3{p4d#} z^GxM!yJzD>L_onOuIQ>DQx>9da@yqgRlC77;1h~=P$RfVWXvWEZu+Ojcd?*Rs0h}E zf?J&Inhc%etKTO=RP4K1X~wPodqnanBkmNpl)FlF%Lf=70)jckws@Wazd3IE`hR2Y z0C}QV3cZ5Qx}Z*2Kfdy8A*Exi$Mo(^VuQR*l6&w!r#Lt-UqQPh*VNC$y=UL7PB4`V zFz?}xTsm{b3PSXoJ1nzM%F(ORFa5)32u%p)@C*)Rzx-;?0i8*qm z_br^+hW?7#hO7F(7EvX~I3++>hL_S(Or>-X4;ZKdf)E_=G65Exx)d^;;WmIemUg2A zA3){Lc;JbXFzAc<1#d^#ldar|lh4zB=d85R?7uWdqaAS9Snc}`Lh74^r(b=JIdIoA zpj{MQzt)Tb0YS0gC+vdfY$=j%QCddr0v7{G=_+$>3f=G}$@xWm~)-&CCYrFF}P7@bLYM0sF*ekSL`4wO7htB_Mj zK|LA1kaMN(GB{_Z!AoQHXKpTk=H{}-DY1&zp;zL-BpTigH>I}Sm;_msn3BQg#I-9$kvS*eOk#!~#7{IZJ2JBMt~DXz=C_MpS+vzyLKuw+!=)5(i)a~)dtY(~elD>^Ya z(K6);_|uRYw*W;#v_IJj{K+HSs|W8q!hbEq%<(!pOJx*T=zu(MWLc16IV*Q711FSMVbR zo=|=>p@M=W({D^VvOB?4#!jrf`5K^yFREGv{A!?v2NnIkBT$uHHD!I;d-O_v)+7Bq zts{NA>hLkdL>X;Wj!O#gk=im9Jx&a^Qv*)*g=qU)J9~#0chhkDW;`g6=~6&4G)a3M zS@nkGQr+>hZA}X-QM-vgvfpQJnkvX37U4s3dpZwyt6$sw z>Px?@?FNTwESEz43z7#zO?QME_aUDgAaLZbO1oV806Se6A1pP{L(-`+a9nx<`%KRz zS^%%M-JEnX8@G6AWx4aRp0vUIvcCBf9W;dYH5b0@uPdA&vOsm{dI`_9P#x)OPNdXk zuBwl+AvU0RIC~By4CK2fnR8=feWQL>`c09!NVr>7x5z~hp<{4qbyy5G<7jjbJ+HV>#Mf`rXwa+c zlS)7G4D1c;O~wvq!~3ib017Ui;2D5~`MO4|txe>ADEiP_4ApBL6nVl zDg6Y^*1_L(^`e+=xl+6*eD5rCa6-b5-!DI<~esN0b25n~t5QDEEifCtU{h`1`fflY_6*-pZcFOtsZHSZoI385)IR`zGT z-5EfZ!)hVA8~_sWa9x%Lm{`x2J{JkGXGv-{op7uwa1yK0I0^s|u+vvjq^)WASpgq? z2oW?MMwn&|{~g0FdLnjY>Bb!*zlDn_8N^P8%nwWzvTS_zCAd&;M$c2KU{Jvo7h5P~ zW8nGLQnQdgu8lLhXByqL+2O;v+zkJjP~kWB^*OGA5K-(_53$p=F9`neHN{s{yuqtD zgp#&QA3qTy82|gDcZ4Pd2Vi@FKBCuIYEqvW2naTYrYRnCl-#l1 zhvObmsRkq2Gv~fYhX{MwWMKKJK;OgP`KI+i^HrhcZk=jmSQ3ycr1mi`sbJCy_&~KR zTmyoFh{{x7)z*y40ECP&%|IBJ8CskyfJM7T2=^O|H&2KK2SanH^1(4SuQhJX;Ig)j z>`5own;3)k&-MmA*Pvn49|Vphg9o?JFNDeb%ws2K;aOh}p1RJ@F7vuk^NkfKr}0<7 z_&+!nBcTk1s0gl-!Q{8KK)H$gS%tX4s}k!-hjvd$*}Bya&QRJD8%WmITFkBk)q`|P zb7v@g8!I*RcVqQ6gLlwL3#*-9n#SiXmU|M-2t2jF9kOD(I@F93k_q$)Mi}ffVWcGq zP}Cfur21#UX-Xh4TdAKBwRs2~$nqVjb(lP@jS9uRHw67{f!HG*sO# zhW+~4C~0Nwq^dqY?{*EIkDKe?y}LRCLt8)##tZ-~ixvn-bx4o3QyUGu;(h{1jKV9h zB^6@-0)g@E@}&?k5D=&s?CmcmYZ3->Aj)s08ZrIhSD^Rqngm(%cv+)55K76HL*PwzXg^uu_6KBt(IIuwvm4sz(?~^}7^0OG@)=S*FpW;Ao{@%zYUPWUSC0El zPgqN$L?X#E1U5`oOB-f3bTtT@J_;b4V_J%7XWnqqqLK%LEbD^+ts@=CF*&%4Wuc2l z-Tgsp=A?y}&T14*&ZjI&SGDyt!}fT+iv0o4Q66%NZh~FlFvaICZv$4|rE;D31G;q! zqm*4bZZOHr;o@n~0>iEtTDH!?ldWM?j|X%|XNZ@%Vw{Y_`|SNKx@CbHHwhu zZsWFqMImfs#M>2?5>;Iq!|XG*YOQ04${cNnBv#?mz9bEU$`NJUNIPS6#>yxBu> zZMY5iLU*g)`Wfq^K_;16VMsq$dD&P`1q=|$)2B<}6PR5SFd^0X7y!Hc@l-2pe<)%Y zgAbHh1OnwzPpR1eHV~KTqRm#!(Y_{x%^rBCZC?NkXHIW==>R6dN)YH=SmJz3HKahF4yo`zhV~lzvNVS~C7Z4?g z-}8d1`602P*7a}!mLwLC4Q|x4_Kr{r6LUzXpLv|=^?QCgF6Jx81QnKW^KZul)F&3N z^?D~AdT^T9?BKL<9vMYqLPUG#3yLCmO}Xn^wV>S?d8NCDN%Y8&K4(%$MV`WdTD zWu&V#hbHuMFAyp}8UwAAAq9X*rsp?A0lkBsrin4J}Z|0T0$zV1h#yhgnO9%Q{NIyp&fyE0TT#enprErSQy(J+`%_VL=ov2+n?EwQSkr!MGh4Gqik3@oDNQ zEIE70*XzVc%*r`JwXEpT`dCRmQ?;Q9H@;aggCxNtjAu~)(eI%s|F7xcP@e_UsF~w4 zvTDaql@#}Wr7}u7$5jef%sn_G3P``M^LntQKO1bL5R-ol?F=WXV?~w9$9dlqwkg}b z{~A1DR_AWhlK zw%9RM`Xs;@unoOp(V+VGeuBNQLDbK6Br!mP-lCzi1GYZdlHT@Vk1i9k3^kR#;I0Y zN+JGoH`!r$MHO~rryH#Fhi@W4#u(l6X|m}`BvHbV8pAbLED-k${Lu@5*@)wcMcnrl z9471;LC!Hn=4Ff0IbzVc^g>A*;8%YZl?Y>o#$Z2ZtZ!Y>eM zVWHJ>{bc{MR_7s@P)hd7oCx7tUrh33E`8K^SX>xtU@_M+u3xD$6#A~l33&mCD~ODf zvrCKt%H=^qW?+>5O0|Ebh=*_64WnaOmNfOVg?{fj`OUf=wl`y8h3p#PSVC&8hRFG2 zfl^k6&uL={iM0FjFG;lqpQ>UaW%M$KwP2n3S`vaQhKh zftntlkGIeB`O;2+#SC0eNw3NsZzJJu*So!ytF>bf*OspKjwol=$SkXEYnz&$P0!8k?U#YPcZ2t{ z7Wf?2*)ojOmzUI=0oX_YpPLumOssEI@+)FFT?&_9%LWQL{w{(lDVrBK zs;&ND3Behz(R>Wx!4ryK%KF9WZOt~jeY$czK`8XSzep= zSW--gaQ*EF{7kYzpiSZ>b1Jm1na&(gr|gQ;ftX)tc+As&IUGn%bksa;ii-->dGsP? zJ-$A>HWFW}%|kCnycu+rR#%`e1h`|eXRo=tL3tZHjWxQ0XaW%5YZ%Yhqww~hgW3wy zH!+=o!M(Ii(lN*xPMN^TaPSQ0Il)EJc`0asPHY9|ZT3|KMCbAj;JM!Me zz9RwNJ7W->Bmf^eiTY;y=WIpFf#Gkpq4k!>Ul^{@`B9rJje+i;r(6_HAX$Zx=~OdJ zM!XD=G8lYkPC-Ir;a!lV(u|0Hfx1-tG%G&_37wXp3+X9Cc)_-$^oq-0dWBW%@9v{| zLuw23F`2hf!D+HV4<{e;oq?%oLrtCZF4B(BhkaMkLca6@=MTZFk|RZpL*-xj;cMX* zpx*ZMkP@aq1J*A9A6fu4?t43O{asCN1mSBZrS*@ol9b*x(wawVZpw~wgq!@US}(}} z7a#R=^WUZ^VLBha8;#fd!ZhHU#i-~xytfUGMMV)Yrt}HPpzMxD>A)jfIoV&@ zpX3!4*Ej#N)G{*tTWjW@z5fyZR;6iSbHIl7!;vA>?^zX?jNcbtG^`UyKZ9AHwl*U_ zqeIK;pIwzQTuj!M%qDohc)2H4uK$Q71qn3{?>@P|-$Xb0AMY(85k`0+G$O=0{kpc- z2QX2Nemi~ohGX$3Ufzf^tz$5T_&$f+FP~OI)wjv89Jl)(pU&57-nf6L0{$Q|^0}a! zAs)1NDSb8xE;%>b{Bk}%A7^0HKT32VBbxRh+u#2D><>Vot_TI{fkJ!Yxy=ZIC<8c# zvtX&ThY(W`RWvXt)Nnj@5l~1++N<^4{ zNWI^2!KGcFky9gwnOv8c*#Qqw?8NrGad}*+`ynn1E}>K4$&(2n`mJGML@7ipxri|i zB#TfyH~s`In7n~dBitElkv$+SZYMpQLm#W3!R4osr_Vx&Zm#V@4=>8y-;pA9W)}p~ zMc6zPdTvTVnDAYznwDp(;Y#(TlR)() zGYcue%$6h?Q6v|tT7QMaXLQSwW^I;xp(NNp^*HLLdAvJT4__KJWgCBHqF0=o931!g zdR-<4Z!AcK5Q!y@n8~coJ11GWsDxy@dv?n;oSYx2CODyq5%819W^i1&x{7fNDw1gM zAB`JVIUUUDvI8g$H2q<)pJouz4>VbX=iX6SW}bg#khrAns0*+$YGc=kMVYqNCFIwi8^UK`;y^jlHnbAZNL}>B6 z^^TA3JQ3?cDL-tpdOa5uRUU4=5X5-n@l3hpYP@+zYTieg$uWyoDKACuaBi^_OE4N8 z6Q&Uhk|@IgV}ER)?_Q|1g}?l`wE67FoKA*XTF(y^nov#C+Cod(i zDR4sbtMH*AeJT2I($HN@Gp=gV;1Z97$=1tEW$_2Ut~&OGf3h|xN@oPM zA7wyeQf+iXay2BVz<~ziAe@oHR^LiBLFa^}kw8lq{{muPuIRU17Y&yrP|UW~62tSN zeP>XWc8-oUp_so;TU6JbK)G`zOG&+iJ9Z6|-v!hu97Hdy6NHd{$9J>2+&_|iOc8wm zfl-J~gxdOqGsv%8qt-<4sm%@Ca>tCmxM^OyT)Xa8V6$}W0lJ8rV@2DVxVHk5p#oEc z+E`=*_L58_AozaLGQ$$_e}U+9K-b2K(2l!7c?C-mXKC}WPT|??I+BBM$7W@Oy=)640)N`CYE}sc}OtD_U>|pmIfHB=L=2szov1C;Qoq#kcqi$FDciWYq=QAmaVj*ow6*`xNasxJ`qi#`z&vC zGPbKn(oewO=<+Nuw>h~l;#6IBqStQFHpdx;wVEs#)ZS#o8A`BHO4eDjqd**JdiZ=; ziNWufCZia1W(UVy({uu0FQ=BVF{dr6?3XmfJ6b0w#tcNgM^K#S%5vNQL>o&UR<#-L zew{8R&Pa}g{WVk=?H51Hn3$EXc8#C7q?#vQg%qID-&&(0kjqCu0qt>()j$4wlZW?X zq9ml_b!!CvVaE3J@!=Erm3{Bwedhb~(bXcx{ho}}+zShYO{J@`-om)dg=O;TIb{F? zlqhiqKHMR|c$Gt(BtJDeF4kZIBZdyb;pasV=fq#&2H;0L7XxsKn+ES;!|&+byiPR| zA?abkz1YL=z)F@7&`e3`gS_!zGeZccOb`qeFrNti6OUi#3sQ(i}58Urcl#vIs@B-J{Q1IZY;! zI+M~}KN06QRH}a&2j7|r0C*uB*9h8=P~($4j&Kq-TweKud@5;eQ`nzHJnyca@4dae z0a=d3s`#goXAy`njwE3b4s8Fx+s43#jajY01JMy~uf?0LM97rEcPlUx#(sms=#M~z zCuabD(wxnTd@A;rn?>&5QZj+QGv_6)D8ffY`{SBXbz=cgzzimJ{vyL@VZ2duJ961n z4$xT5YhOMj$|`LC7NRh-{hw^`f2B5@GdgHRs(E zJz-jX#aF?!azm|x;uNHJteITVM;kdB0VAGhEkF>GbLF_Y%pdFcrP@ya0Jw73Ua5UG zr)ZZnX1}M3msrPqbYdDlPla}1rsb+hKdcK`8r85C31i(PdEnF2J7_>1Q;}kR)`QMD z>04ubePX90W6%F(uF=}>*qwglkjaLt=7uQtS1)z8{~@P9Ob)zI>F* zCdxP3tH=_hL>UuF5~<@By2Q(iVIm?>(HX7zqZVMXuv=xzqIXPWF$2>avbH)@ht5|{ zd4+0waX7nz5WfH*XQ<;S91%S-5ipW>AW_pnnw>y*Mj+?*I<3Q7bp3X%^plh(hPUW9 zFp&qykO_l(uMg1gh%{qgPnWsK^#u5%wyR@QHTF)JYuT-1Q6k#*yrhkDTo$C@SP{H%1P2?0h^@TQ?b zkF`Cn4n!8OJy76~nusiONff+=*1UI$JO{kIlw)P3jotiRE2G1tz;XNW*J7i%SLcgVBMyMM9_61W&D>-HW|DM*Z~! zHTWH$^Y`}3Q1*P&sR3B>K=OAW0lGp>*hMmUTA~l(^c#8rSh+HQHeEQSJ;s}N46M1O zG2!lpDEaQSMV$#jP)d! zi@j*VsR_Rro#|@WJi+2Y!keG3rmq|9cf#k1QxlZAfde`5R+RO{;iIFxhMqf;i~LvZ zNqJM;u|4v&TV3FY*k&P}@=&mf>R+Vmz1tO?lnt~B;Ci5HeDJbHaPYrHdYy(+25B`PqCvIZDU5#FKwkJb+3J z!cx5b!6E-XFGcjI8TgUEl-SJL9oguiA&(@#Hzb19B_D6rZ1dUJ^WnK@1IFjJ>rGyW z4|E{YLLRMzx@lwgKSDCzFePVo7Y;dWc8l}u%Dq7&bV^G5O3Q1m)7ie0q8+nV-q=m7 zQQi2ZApOSN2DQT3DL85ryuN2lYg_IukdKH694P0sMJ~RxD_y95l<3PP(|m z(9;pbda|BaNx@s4Z+|YSI^mrVLx2sv1mgp?*xP&*{?ZN2;pXqS1%Z+x|0M9{i>fA% z!nI-K1pbWVCwnKYSq{?Ucv-b*o{rgha}WzN1)t$gGY<4~x?HJ6hcz3Vq=+Z!l7kOG zRE`ag7*5*0)w|j8!GPngxxoD_|(WqZkE&5d_VW4LrAIN`~7m_8&98bGHO zU%Bx_A_q$BTb3Vhd{vMBj^Rmupr@*NQkVPW=S`M=<4v}ZcHXVimKJk+tji4k{Gd!2 zdg&Cg7(LRPB4x0)2y*Ffh=~+ejdvhY?@95z<`qt5*I(nCyMsT%%HkT7U^OU?!Fb0X zg9LRh10do7+~|2s%4DCg=#1w^dllGD%t21lSsx`52tqR-n38__qj= z<=@<8+1UPbgjkhs5tAW?65MlBBXEwcRbJv?5*)K(iA4G*gT=W*Ledy9L#JSU7h{#> zhrSV=DZ?d>Hl^C*hvtr-4&aekemCZZujuu&J*xzS9D`&*dFsko6Pbx>j*fx7F} zgF{b&b%V^qrdvO93a=hJ<8T+$p*3`C6+U2*CG}JF?-97haE~4pHK^V)KI&PXsUk>p)SGh%>@+{kd&8gJ!U64lz zAU68rfB2f*;*gp@e9f@fXt0XNV3FHi+A&PS{>b2+du@o|JtW6m<0C)>nz&p!l?VJ! zkWT!I-}u9_PEt6ryUL}?RI#yz<=u$}vPA~F%V=*ov zaPwrdbPCiKHTJ33dfWWQBw1I+twEgOAx20Z8W}&{^Hm6Wc)w3!J*ChdrSR$0&eG&L)moPotH3N` zAx;Yy2KqoR2`A0!JhQz*e{Ytv9G z2H39*VmOZwNP!^AX)xF704|Ao+{OB1yDRIK?(Ox~_owBkEjY~)EsEc?TCFRGC}d3O zO5`VDyj|;Uiq3beTWM~(v0jeIqjjKZX=t2vTIekq zvV#ObSJAe(3yO>|#hZRk!I?nH>P?JJ15mE1#@xjwQ&@#7)EBP!pcN+gN#pA@rI7@p zhi$pdhpGiF3?9tn-{JU&p##~~9X~i617yZf-!iO_vr-Jq;(ox02QOmIHNts8|1)`j3I5_OXp~(*o1}V>*VR28yKL-Mg7H zx>G9MLMA7)`cf3FRhBK?0}!rB4Waf&vNt)@ors4gMiJ@EUf0P(_BoLwJa1^unvvid zoHZSzClRCE?d0q`sc(RmN(DI<c89vm6+F;OVEg8_Pp`W5q1_H zFnBerB6vbnl&uQ6+GFUJ1HL3!<26EZr(4}Dv|*GHPy#Ho4Y!e?z>bm=G7RFYj&k$e z=)lxUDj{hON%IWzP7+mU^_~iT`!PhSI@Gt@F@^!k|QAw-Boj*rx1%2 zh{~RzLF?Rwcpr@mZ9+0i1px?0Ikd%x7+RS=_w~aM^z-!2q280vIV2jgR_lLPap~st zjJ#9S(!RTznXXZ+S^5&HbF-n<#1Ur9^mC^1E~Awhl#M5=)za4R7j7$a@y^=dLFpQI z-rTYP20_5Yc$_d23`fW|T@&!`#J$1#T5Sw*YY}LLtwDDY zKsQ{3Bz*Ij87Iqm-)emOUV9ZxBuC{*#ZHLrcAD$C4s4EI7(SQMeUTeKaP8f)$&Q6eKJm73@Gf7HHj) z`o})tgRS+`^}(6v!|P+A0s#_ut;0^XP4uVek%RqH^dORuKx)8vl}6x>22Sh6_|xhT z409&`- zvTfV8ZQHhO+qU+yZCiWUwrv~PZ*r@Ws(UIq`2+o-yQ+Kim~%b@;+J*U4_qVBUwSF&g`{Y(RQ6?p@bfR=&Gl&9 zZV?2Vi3uKG)}yI@&E5$XE&*m+HtTZEh#64aJ?m|ct?E)SVxO$iXi&^JlR~gQzChH5 zblA!=Ps`nZKGzUm@yY3BX@=>`=V&)W?7LIXSQ=WX=6-K|pTYLvgMOiy7P#!>c>w(J zi8RJvW!s|-sE@x~IczP+xo%2uY3oe%dNP|4Ag~5jSZbA?i5>H%nSPUc@Zv#Y40)yQ zx+eV1Ez@TUPcuxgfFdD&OOI9SDDMl+)o_o??9zNWnqrg-pNuF*01&c$bd4k61QxBS z&7xh+ky5;t7#J)G#lT7DLy$vvjMI)pl~X(=RhgbOwt>82fHocUKN`p7caIZ1Y8~%2 z=309av!{U9Q~4L7Wlc!Cy* zFe|29lvT|eDalYhh?#(@H;N^RBn=95DSnVcV{s3j)I>%%BLvHu_r^(P=QfRpP03Rr zFw^iM(FY2nft2murXd?sv6#!nR*B(}2!-d2o&uhKtvt!t#9#=ax>p#0dJ!R!H)24J zzx>xhO7<2)Q^$$4eXDZyiYy9NXmouhp&=xt*^#)etjj=LtVovxN!y8Z>bA(K8z$5j zrylN)m%e2wV==U31%Rtfo6lLc8wY$IMY4&tw8Y;aKjPAYtOyz9WDOV>8!NX1dzWmi zd0eMFpj?#72m)3hG>X$qUUnxQn#5QvA`B`{92aF`<9Rd*)m)$@Do6~6XBhWgdc)ps zi-R4MEVfZT3k6n|J=Z^dj)-Z^W=3iwV}#SpL_DGCuc2;DsPLAg#-5qM zis^JNFT&I}uZrp&r^5AT#M%P$;HSvHn=x8PepR`gH~*<~TS*%AX&6hKZ&HO!$G1)O zBK%uIt^Zwud3u>bgCr<}gh`3MZ#W*X<-$Mn^L&DT%l9=Mx|#+#8qb+HF|$?2wL3RN z96=Z14Qa71vswIv_zp5+dU^%#hgju~XEr z02FcgWND7yn7$z{DI?@6XXdYql<^!*pmYb_dXbNKPzs2%qA-UYIg%n#&t@(_Nv2}E z*x5r13riU|=0-R<0}9#d(G83nl%q{_Gn#iCWAm|nfx5tZ_KJd&bzncb=Wy}tLwa(qBikAKRliFbe{>O}}0Y0aIpo=m`T(2Gr%?E*V zisV8KWHrtK$QvZ!K0ha*U;4exXx=P}S{dA&ZlHB6SKej2b*9Y~uOo6-1r1Z1c3T)@ zMF5F?7j2h+duG2E-}~3Q^JEgW~C&KLRU z+4sQP5ob3`_NZ`>9xvwAiMKnmy)a4rj=ZQSx$!Rh4%Ruj*%SAorf%&T??j zGwocMk}HXn2*`_=xG!{b>OQ6Auqn@`@1%KUTQ%;ED`;ArHaV7^${ckmB|+fgYIAht`whi-^YAl`OcIz&-)a< zjn!T&=awp^yUkzJt38XNghiwaA^|xKb=F>^0(K_M8#nz9SzfrHCmGe(eNYf1$xp#% zbXZ`;G!YWB)iw485kyLP2#@pz8&J#OQ@Qm^2Dv(d0AMTOfNf)pkcHNXo|-tGS@h^M zpwU@&4SLVRC>(uuw>PS~i^4eW)<$r^r4%zQLa){|?>8Z+?B`AU=ORN!D%8j$))#G! zMHHFbfca>RR^z49b-k?X04sk^tMU&g79%Tf*Qg2L(9^X1EQX|VuBvA@heqz0+?pM} z-T ztH6Fu@ad0?c{GbAP4NI8?JwUWfXH(5`zCzYXudJu429K*g#IXHH=wtFhFTnNp82Mu z0yxO0v?B3b`a$(uxu{!hqp+^T+7!ukBBK0NXV76s=e002MM&W;UpYQ3uzZ$8&y$N4 zQ9dzOXN?)+@Wt8<%!8~eMm{=|t$6vYt9O(;M*6CO9`K_1kD+pnuF;vjUVDe_LU}^z zr+eg-q5fmS++R7J&2fj}jycfAR%?PE+@j%a!2vY1C<1i04l1|m#lcpG#jw5;s`#6E zE&}Sk5478~g0r{M+CfdH*^}0|_ioiyuZW3`7z;sC>FPaPmQpk8YjVrpNbu4Kt8TT6; z7myTci9H}G;h@P%>S>I2?ZXjn{`(42v~6BLr;?NFn(pr|{Z{A1lA8nA5*Pu(O{zn8 z_O|3M{T-jL*Kd!9{l&MRMURKOAAWc6i6fej9Esss%H%#fLS`cxG8^@LF2TEp%x&Bh z0>&~w(B7fU*^$9sVj;aG65gB+blA%&9Je^04xs}nzGQB+{91TC}asE%)Y!nd~7ZNQ83w`^O5g0w{ zIXmz{f=BTxAw(~0s;VJNRJdPHD;?A$ae55u0I;QEbPuR7vtMr-{TM@NR_QJ5znfo` zC6F20f+f9&xA@JJI#2z%n-jCM*rImaC z*NhZ-Z={kUii115AY6|bz1v1}dT_zo##*^8r`P&F`-i<)BGaqEMpG<6gL;v97ADVg zUt-O1AK$H>Afj`NFor;$!MvmE(=9xNdaHjPKlvi>!QBc~Ielu&A@SD7_2}3BwmyxI z@qj$-t8e<&&nwtB-027u&+UXh0H}5x@vqPE7n|1?gD*4wFW>L`Olpwe)na$bR?w&V zo4J}EKma!&6wiU=H;{pME-{csF!c3QY9(NCbO?Ck(zO1;eaKspYH#cavefxmLwm!N z`@A0vx@Ly$K@SkDL0>9I4A8DPpCWUwsEi!(%%!P2k(9^i$ z6Vq<_CLopGz!IaB_vmU+_&{FA9%qk!kGvEQwBOXuB7Eb#xSQpfAibz90Vj~6fJY<4 z&UgRj1d0rd^E{f?`5)`n-t;*gQ_c2oEb>1#Jy zS{}PU=xNG?na<2;$r2*#&kmP|*p^nTT$UavDXM+?5_VP4TLKVJK!F7;f>rl6GS?Gx zg;gNh`x6Q+?l(_GPDd$Zp~v?1{7=@osJ2=(!!(@JrGoXbDBSI(&*<6j?Kntrv` zFw-Un?K|Yg)$)m3B5P%S65OCA?2pjj{V0zuW!AZt;I^;eHZ91<%bZg+^G)%SIHH*& zKfoDOjThQ` z!%#Meq9H^qB=cpp?unG~=09JQobR42Kg!!yj@AYrq@JD0coYoz2o-32ZEu@g)G`9@ zXrvar4(H1M>I6^{ohe7#(+I0s-8kF;a&nvYTM;mOGaopVe+RDj%SxjM z>Bdlyt5;UrFuH*r5EK?ZYM5eILc$5~b%k09aR7~~tIE3uRE|Z<4obOn|7Fd>%(&RZ zEzUDRw)>OMc?28uX>9iZLgL|qu^bjLCu59J2)Y|&IVBwQ0G;8MI^kBj&Q(>T3BDb6 zNq=s3nTJg_E~PzZ(ZoKk-@2}ug4TvjSxf%Z$TlS+l?FU6s`kc>Hcip<=z8 zLrD=tys-Y}B$)0kNbFcL^YYf1T1k9;4$&35!!&5q^Q+($y`#bofBT~eTf-A8w@|@f z3x-+@F;9CylM^;R=kkF0!1D_>4fF_Xkv9fv((*UjE6+7aVv_WN!+zgisx1ztWw8EcSOv#8Mq9kBNoaCCJ7KW2(=k1@U zoO~XP>FP87{NYamrPX<9#S>@B{m!ZVCMmu3W^}P5iPh*XVsV=t-W$2`Y z)oNCVHx&-qcS(D|Gpf-SlE0>(0e-$vI3q;UWCMvKs`RyG-o3?jeLP@taVjftGQ5He zZ*tyoTAHl<5+Kg`*^x0Ky=5e8W~n$U9Fg{3m#KH`!lIoXJI)i*hN%?J0HmCZK=W_4FRcdqG(z=F6@|xfT_9=a;`MGblDcExI z`e~9tpRA=aA0K4}*_M0P3)n6RRKy^FFTx?%#A0yZoeQGdPMIQmiIPv61492D<;jPx zTh5$&*QR886_`uH9Tz5}7!wh*9c!O7i`Drj#E&s{w*Ygn=O!e0=Uc#+M|cUDR5*pOUV(*iWaVi8tG} z#FqZR1?0&A<=@YSV&{^LWIA0MQ_mx1XVq%-KC|3s^s;2-ZBz}_svAL>HgQ?XHL2E@ z)|LsD#Nh~$}KMY#lJP%$mjob@bZ#28A%;8kujqq-r*YYn6@zj_lFnA1%De>6dtq`;qB%Z3UanbFTK!Z0ElR;^_`|%m z^WrN(pzEyg?5(~(W|$)FEpLIJJur$Tsy2OO=7TBUaT4TTL|f7Y_?pAxX1J59Vs;(pdqi^55QMoUGRTW zU~K=XKa27IN93QTru|kc+CPHoKe~^JMlI2E#&AU<5UA7Pxw10M5oR2%ORI%r*5{=+ zoTMd*G~TQc3K$QHXm0H8It7~In=#_zzra5tI!?*vn3Kz@TXhj-*+q&knUDDP*_tFf zia(H2GEWHmznj!(h$$#CEBi&gr5resJ_B$k7P=Sal?jJwi|x+4A~?Ek7kTs=S5 zADgKE)0wr{T*5>2`ny-B=@|k*B_)}42l8%>z%5CXGl+H4Aw78ZECPY(zoFxdtp3-{ zecJVFQGRD5mbQ^<*G^$jLP{_Nv47FtOwKOh)tg#sXb8ioJ^669&!RcNy)STC#HtYA z?wBhH>R)nKVEpj;z!NjCo&l(j z%P@vys*{fe3nHWj^Li5jOvV{YZ-Z)D-4#$da5A>`OtjA{l&82n0$tZrdl|bc+pezs z-e_95=~XU8lF6Nzi)3L!j1rc*M`2uLdE~Y=Js%p!})gNN0qILpmZevUW zij^A9GrJV1hN|hD+4U>`sxqAvxn?hzF&aFR?4HLOjPw9ZpamLNZF@-3@i{pJFE+i; z$S?S7yhJ2t77|Go812m56jdY@me1?1mfRhkVDV%N2=xNH&3S^6Jle;pE+mJN{sTFhi8Z#S(GQ*!814T!wF-9;$U2v?mifCC5|qH$ zaGe~n9zrDOfgz8k^U)GmUxDIKK*WbTSnns>t+io+p$#bx&TN}_SQzReLT6_W*MUYM zyb)5F9@sBp2xbd-pRahF@tO^9fpgv2&On>n8*B z<7~JzZY@sskJC=t)xHca)O+*rmExC!Jl9<+y*o8mTmZiKBHky8I!H4!^)m=r0zoAY zOdff1#x$2PM{<8*5@|?s>dSR#g zk~w`;5?lw4^#&aeds2`ngJpZSdh)iv@9z)Gy1Ed_l^_B1b7#7Qi5Nv7ogpI)go_2> zl|8O8rPy7aK_FvGVyI#yJoA9lG%#Q(&sbLhmK!n z*nF*o%mHNaeUq4xKe+KvF1BVf6!kQ6h0aRq9`?NPURgs74Wr$64sn6!*RM!iaO71v<;YdDZEeKNafO*890G0)eg~wX4 zvx6g7d4TH#3@P{CiI-}z94I5HYx85rN&cP0!aS@(tC9R_7rl{#b2r<$6ZPoYNlV?e z37;;6vPun1T0EpwaC$h>wA7t~IBK*80p$S?)YfGxw{IlSY28`L&GZ-3rW>tHF(j<@ zT25q!mN~}$z3iZzZ$WO3|KZu{9_`4}<8)3b@vp>dI#n6L6#)egmAg?}$AOK2 zo)6$S?E!*ZrqD4K$sT7XuAKlSmx?|$oC;+y0WX-8WOmUZ10C4mzYOxWGkx=WvrW ziQ$#1tNSi#F7(PoKNRN0>`uOl1b=RDna3o5MCLzMMZ@r&Ws64l(Elc^_l~*`1Wfge zcxJrN^Zv1qHpKUl7Dmx1*lxY80{zaTU4Zs>!$>_u)Mo-)6Fel@^McHqw}^-J#_hrw zJHS}=)yhM&8<2|A%{n3s>;`F)LwTaj;H}38cHgf;(I^RAYRI2^7LkSz?Ov~7cGi$K zJe?lD>D6*~7~u6=UvK)eXAHo@YBEP*ID(6*#_&&F2h9{*s-|{9N2fkpSNdEZ;Lt#X zO#tJX1HV19g$c5&vsa6CRS){rJr<6)?L)ZexGq*>blD{oVX_zFIfUXGmFUe|!A zFQ77|H`}Jq-`T>RhTXNbC+{Iu(&gf~Q#zup&QnL?ZK~gpIMgWE59Clo=`J(h{Env% zulWuQKtuV5JAS1OSBzj5CjFUI@O}9Su$X`d`O7}Ql9CVu#*7d4sxP9DdUj(=J z4x7;yal-^3F;Z_I4f(a(sbrh0D!X-!Htht!v%iVh6@N;<4e;rt-70ATaw01mI{66v z#=DLo3<3mMx;Uxeg9saMVul0+yJpEQXUt(n$!v8kVjIaj#4X0`x#t zUdrQx3V<~~=#m)dJX2ht^bH{z3o*!H|Ek_ zyMtfsT(_JU0~>zU%$LPLf1wIl`c|60 z$Y7TPlp?{h{oQnsA(wKQPZLM#^Ih`aca$K&zyLY=4+BT0P%xw+dIhXHEBS!R_!1f^ ziKy4P9DCd-63K;J5IwMR-zNA&>~2itsoj`?$6Jos{F2e!&9OJT)7(F~#g;f*Gd7y< zgb=SdhrdAWInG1>N!$FZx&DV39nSxr!1F)u5*yObKX<9$H!)CyJPL)>SEk8w?gZ+{ z2%k<=8AB&?2bD@XPLHkapSdKg#AG_@)Xjz#K^m29&fycrj1$Je_k|cP5-9#X2dS}l zAHjM4a`$9Os@` z;g2)9R6hLt8I6F2!on*NT%*dN{jm++@J;9Rv5g$1>#eKshMg&6aJU$YrY1#+;JSSe z9`lfOlFpU~iw=*%?KQxW79_zOBwQi06w zw3nq+4ZoA~4vV5w5zs^t)(OYI2#i?bB4PvGsj9KKi1?Ysca)}ByMLxJjc@$(NSf6< z!{>Hm8Ma$dr8vJI@=L9THN4701Ie0EUbH90)HbWG3U)B59(-kUeEdq4PCdu;A7*jn2!gOyg7A1k*a z|E1PxUg=`wBtVVtvcD5#H(r1XN+=?LA_PGG=I81*)>n5AwRf8_jA) znt+E1xG@)kMSe9@H=bBlaV-pAV^_=N9I06b$=#PXYY!wR?yl^0nMr7&xvpkg+Q+F+ zMT85!bC0BHF`THugP(1g5WbPnh1X@lX zWcMN<$~4V~drgWMvBJc793Rg-Icu2lOX5TiN_HpkAhS zxKoWn5$BJ+Dg}ne*sPl3LNZ&qM}|X4T|0==!at!B-_QG7a4LM_Ecn*f05b(EbcQe# zU?CND3$kSl$V#NrD+o@hd?YA!%rLekA@Hf;mhw(gAWnGgMS2u~K1{BMkwjS9!--df zTq}GnyT^HjkOH@l4pBAshzrz`4HdB4#Iw4K?*g$%@2ae(OTzXE1m+gwYP*di`r-%g zl^aTE^LO0~Uk^TmFO7i$o{i7QoOoos**c}=O6Yx#SVieUda(+l%c~DxxrtWBF1xi$ zrncwsFXTX~fq1u%ZCnnJNP;EeDeff|=12npX+BS8F4RDioYP8!2FPd;zC-n@U>tW^ zET_f?D|s&*;3aCj0&fy~`2C8Xd?Vg_XZ)^3iQo@wfi^wEn+Oe$U5~>4^%- z!+3at(*O>XaCFO+V>@LKMcF+bE2BQZh$dRYo-=x+Lk?&<&`OPe9MGJ|XNDfLeQ}RC z%x$Omm~-|nY3sRrH`aLdU!`Q6Sc7!wA#7`VzgNSNS&k!5#jhet7g2gV3P+!S{?E0d z{;j2eB7`Ec&8%#QcQ~&Zg#_34#UrW@&MBvet(+4?cIFAa6_?9)(>N(9lAE5P0X~cAZg!E->17!!$a^Przokg?Bn(D@9Hv&gQHRS2U`Pld*^p}xl>-SHZei4WQ z!yUzkv;OS4#O5vF*W53DfA5ZC@js6n#_o1!i&`NKZWx;`)hg}Y zCd#4vi5M#NNL5BH3bO2^$Ezq}(0gS4bXpK^Z25?Kk4I*)LHksdPD>c=7G&N+q42xD z1EOUS(-0XF+nv8vc?-V!VXaj@t58(l#M*XVsR)rM)y*=ys*`5Xuybg4&{7ivT-||P zY79@aX(g;(KhU7Ucd+0`HD<)4j^-*R>M@XtEZ-31j1FSN-n9~>2UmL9cJe~1eh~L| zp>A&j`XPLr7IZBzm9U(VGs2x8@Vh8j2i1sftC`t6lE~;Qx}ba9HC7!ttF?lyw>n&5 zSyEY0K`OTugpOo&uJuzL{TKm{kvw#=9KT9sG=a6Cj5-zC zgh0(_nb+u+pqmAB0M5N81Ur#9Q**SJ55j_#eeAI{vGwMe8K{%NTa`{Fm2+w?0V(LkR-E>`;mf154zxGb#nxn795~PIn~;|0gBI@t>3w3j_Oq3mWM8H^p}__CE~h zdKP%-g}F_2{g+rm6FE1se|K?>7&rA%K=K=n!ASbFng4f1Zy+olvO{weij8|$_?-=U|2Q|be583J~PNM>IE>bI}NuHMDSHC;=$M+;ox z&S4?50(pLklz#?RZnc@Keg4(xRN20Mz}?UoUZ@F1fOb9AnAPFX31XxTrOlPJ5X1oD zL(uv7*sA+UBNX+unc^OZbgegkFQDcj(?wIRiM=dHGXy}b8Zx(! z-y;shnhn^*dl`_d6z&n;w(t9eWiV8BV#&VOkL(yQcmVmla<=9kdi=2X&t?^1dtH2Y z6p6bZQL@l)yLdeaqhO>9S*8j>xk5raP!RL7;U)>01%Sc=Z2s0Rnszh!>EsD)Me9Nd zB=8aJF^(Wy11wL95w}K=v~OM8G&-am8|s-fePN@mdBmhg0#t|_?0#Hfk5rG;@g2l$ zaw=UA{gZd!HP57$e4ok}@p>s(g{jh^P8WF#0}LdRtdq|fnLE#!51suvL@Q5s=AN;s zDgYpX-osLHKzVjG*|dW^K6Q--@f|Q7Kog(=Xb`}LXursm!2vo>H!^$-BrL|P9{T{E zOZ?kO>r7hwC-P8vPHDh@Lc)FEF930AekY=9?c5PrOZdE zEnCew332H?4Kx~ZU^EG12YEJ507wZw^oA9nb;?0o!z_`zM6ALCe?=dAO3qVtCq)wk z0!4g)ld41MKLWL|VytVReIId7<;f;hm556nrYCH|RVzSK(VWj70WQebl~{DJY2TBj z3=Bjl^{B`)EH}jbq5DjTN^&?>k+1H!7~%1v8DLpu5XY2x$}$LMHxE63P)?K@o*YT& zJ;*^tQ28_)rVgKr@X}b8)s-?obVRs3M;{&DrQ1fIgQoVZnqt(~Wn&HT#VE`?Qi?H!0V;(M~0gbER zR)O5+jW}u`b88Q_M1*wk#nqYYNh>N+Ior8p&{_92B`4OsvCUZpA)by-*)UV1dB$jc!!a`jB( z`^iyl13Pf!UeZmJc4|v)wDW0Z9;&k(egCLWA0P~)qj%BtKrV8y7Zf*jr`9LQN7K|v zPCb&y+9vs+!q{nJls=Hf5~4p@Ay9&AWM99-I%Ep->4mp$Exoa=@+5dJ_NQy1TB6wU zDh}{}rfUcY9(ydTqHoTXO}IN|ol9d9-I|!h6Eu=P6!L$vd~yBp!-X}!YwgB-t{Wv2 zDHn}Tn=1nASs)0Ps=pDv^!#X4d=8-^7;)vCJ6e+BOI4sFlIZubg?{&qv?-DYHofFl zZabzLQQsT`doem#Z=CtZ?brz=ja5<}eLP$2!%pK{hD${MbKqCeh^CX?h_*$U9z*8s zhq3MZ=EIvXYttH3krnRHK+2>us%fflSepy5(BlQ44b~U3(WC%S^jR~J%jU{nb4BxgnC&MT>tE#zeZwwEKrQ)&?;#iKs=7r*h zYhSqbx)&O?GtR^a`Tj21Vp2IRFGJm7-7O8tT~Wc3>ZZ0#2iHQ)r&nmxRrhD`y?bq# z3&f*EGZ}j%>$;bq{<`F}{Wu|kU=a11V_PhwfCY5d!0EtIj<(2jlza-2^eG)Sn@`%D zw`5Z4S+6Z{!9IVLp|ko$xWFALZKb~KO)y&Hd`imK9Cs+M;5R71;$W|0lJf{&Vs9EL z&bdAnMp&p`3F#140>V_s;1$*LnI`oahvsrC_n2kw4ps#lD~(mYcp;eWZ4){46KeGEd1s|OvZSo`CBcwEDl2{}zNtACW?BggfP_5HXSET<`7Ewm zy?El$Wo5Csy4i{5&A75R)Ju4|@kP67cOvSYM`@G-92}(*nL@1*u}8f`3wNT}G^pvj zrh{juGTX3P$Qy$^JbJpJc}w6hIgulu0G8k`ixj8i9+OGWvsb==m+U3xeCl?zJV0Py z@30LXh&X;e47D}M5GWNAr5~DBLz+^M4?q@B*2tZ9T0emiC*auJf<6+Uh6Z9IqMjiL zq)v0tQN20IP)E>kkox1O6a(Lx7tq6uh35d^; zInwCXf?SwmG&zD_a-J3fzA))Md^b~jPe;e66YrUPoqgX_?MGv1$Bz#?9-GIRN|63=Km?Kh0n*-Hzv%CIJiY&AeE43DaW3a_2G(pg z{a_)LJXh%E40DYM#;gO}_`3CBCcsPFQm|y;$G}{#ap^a9IrFMM-wa*&;(k77O^%gp zto01Kp&=+FOq=!OOoHMz@EY2WK;suB1n)7shgYyP4muXgNxB=dPC%awDAswMh=@5s zAC1)0bIDgySYjNPV!$W%d$tSOywc9&j7iZ=QO8$W?(Fp|+Qsx8;cB{p&NMsR-uExC zbg0$xe-dv0%&z~<0%K(T?}zJpG-RDO+5Uz2s5_LRTagI?01*uA;Edjo*p}56<1jgj z2}>(XsUe~I4ZHgLx&tPVk%q<5%8G*r65PEQ-n*d_kOn^WdZ7IJaT?==;y-GjAjp-V zM+Af<-l6?zsxv1kM2zKqWxwG&;9-`^C@trvPz2L!nHy#OY7hN2b9?!SqKubD8XqYTRy5o6YThjT?Zh_xBmbs|^JUCZjGoK^BV>XI_|EWDh%v%2 zDF{IVph6ib)X$XDXI|u(|7F^;Qp9+=c&iMLSpe%khyfXa5sO)}M4z}mG{dkg z-2-&N^x!VaL?2+UIyH$+MVSOT^j5(K*#O{mj3jla~Id z>)IuU{@9lo>c=pWQ4(P0DE3{cVSe1*e49@n)SHO(LwyF>pc?2aLD}e(( zXF!tXl+Z}fU<7;m&P184?j{`lq;E^%uy6c|!`*rN@l_lFk@uh+KmV>}-=C(=hQMtAvEiigE~>a`VK&e4@E$uG�wJH`2(@_$7t*N>h z3W@*NETMC_0=3F_l~gz9JeWIGVCXpubziLOSG85o{H)>g;4}_GU*B;DkuwsMM2SwKIGey8 zNbL2*g~VQ~

{r%*daKH(X5MvIVsj`}L~q^8Ed4bu#{Oee`njeV9)tukX(qB2iW}gLlHxKI&qs?UMke>PoCWR$8^0?_{E7AVnBUW^(RWsJUi*WZ%RWYxqUdW`3K^C~w zhTKqV=?9Y{=^S)i$d_eZO47){V})(hm=FN{)oo;B1J|@%lz@^0LYSz)(qdtT=Un#- zUy(fuU#r)f8T2+5G^*%nHtE z(H3c0#SQxGGaRQg-0?jHtZoB)I8jIlL!a#0_&|q7xIF~=HA<7|{dU|gf^aRi{7dxp zt5w&{a^4JBiVqOCoWf1BU6q8cju~s!%dLveiYr`0%(xt<9qPMJ9$G@YFp{^eW1I_c zgkgrkMJyhup~!^&kUbP46Qo*}efXml^vtVOgH1E%dyIsANEvR-R$BRai%UL(XLBjf zQDuky$f6S_W$~%pK!C0BKZ0$zp=ETz8^Tf*(S)&l?ls{bKp<$3hb&$wVaw$aq=rJ- zLPaQX;tbd4BJWIpzKLwHueS{P=$Di;+=Xnle}{BMqOBU{K=EGTYlTiQ6m0MIysa;q zM+`k*J2%hja=YENH%QoSH&&N#DvEgs4$Zv}1cHcK-Rq4_zJOxzzd%U$0;VqH6_9n+ zIyQ;j?Q5SF!CeW7gj89ElD&J|28$SU@*e``_J@9yD_sMrJU}dmw(qBNTtD^? z4xG5IAu|;a3WgtJ+XxE(wN`q8h+K=#08sMTk>|!MMjtYKi@lW`VdBf#UYOKCQ=u~! zIQ*hG96{<1bg}IcraaL`e8es{4oNZeOpggZr3+<(lEx?$z(+BPY{ht zzX|QC-&`NBY?d`>r+@zi(8|{^`VVi-zozd0{jFhQ`tQSddoVTQH%H#L`-0>_K{b$P z2C96W8r`x$0JA+l6@~-*QO!vQQzV=vHaGQmZ!wgL(;C?6lxXU|PCjm|#h4=YUpIBJ9Sg|hecdboDIf4_{HBNBl%)7z6zQTzM?`5(@ZGa!I> zj3K8Ie50(%B@s*;#+zJ-Nwln6)ePlb0RywQR`J;!aL{~Iaz5%f(qVcyo>lX%PpgHU z#!d|SHK}T1ofbq&g6(~O53fkjPl}XAlt2j8WjQ72D38* z5(8ccxelFr(<>rL5I0LM=@g4ZSx_qDQPU^Oh-W^LAWt>O0C;2yOb6=etF(v$1w4&(`l`2xc*Xrp@I=5b4X#DFB4^fjGl9>j z{-X=eGtIfdVi9d=pQdMde~s)9t}*A32IFqG_X`9~;#)nCLn-3QY5Y9~WC{JR|#a0fuwAO*?QrN}KpSS#Wo< z$f-{z+s;47AhC22Eu$J!DO#lL{3)rxoqZlHG%qi|1RM9oQMag9v|M{T6liEXtjr@Z z!xS+$Nbws)C5M-N835##=haY1kV?L@yTfV6qs%{WblGJk51Y8KEpE9MbFG%xbXhJS z61GOx9osi>AysISl<|n(+UMDe!A5}x9f>S_q^{*sb)7Hxj(IYKT>Lj0@caiI#z&mX z>=JM z>p^iOLcj$HaS;v}o!Z>ORHs9YO?EKF@Om&2x~X~O>hI2t-|N_@^U>iSb+24C6cSX^ z`T#`r8frJwSHssCzAK701wF&LhkH@ABugNo@q3P}Q%2a#XpR{(5*{L45+ZrmkqD96 z=k`-u6QVxKEL$m&Y}w{k>XcTpG@;V-1v6`;b$Q#xXKSRt4Gakryr>OAq{t)1`gIK| zBJ0JlQY4l!c#*lVh;R26vpl10GUk}5;N*E6^Xh_PEh(-OOOY_!4VV{6hHmOK5RxdZ zt_^K|1zeA9cjgzR=H>U$I%0cE4QEnPf=6{6L*uwF*`vbwYH`r)2cro(`Rl@VP1{*| ztWT7hjTh0>c*#Ggj5ZM`) zKRDp0FCyZO*CI%i;X$26eFK!{@a5y+U0%Kw9BYaFi=3@9Ao1khc0X-LyC^3|&YG|1 zxM_$y@qQfKdT1w(6 zcbDIa+-eINNnQhp5w>}k0+E$Zlo-%i?n}vW2NT!SwLvxp6_1EyijDP&5Gl-6QAhDB z2mkd%maJ-30Y*kFrC-1_3$coUfDB9ZA6Ed38Tb2|0*hqhL5L;oobPl=P>;->161unn3*_ynozIbSru#;|k>q zSQ9kHw9F3(hIgG39H7xXfa&OrW8MOH3@c+;>J}(Q<+(DhJ@TBkQdFdB{Gvh?5Z6qw z^19Tm413XwzcYf35cVI z#6ec1Q=#L(WQTh&{$z_PazFmIlj81oMG`b$h1uRYK;&1{T15s^{~o=$!SlM@tNt3r zAf1aUmUmecXK{z7UlT=vb|6>X>pTZ~_9@$K&F9r8lcVRcTfO_PtDZnrJBF%zcNQ>MyDjK!h(E{3czv zf09SY@4cXe|*4_nz4`0jji^8-OK^Td4;N(a$ugTeU*x@b#u6NniuzTR}zkRFqs%5;O!#p zW8pjA_Oo#QVYlW@p4Hs8-zpRauYfI(2;l~x2B9MbkrD4Z=Xc?Lg9vA^t!?-{{2*yF z{&}rIcfuZC^N6*MOze@l{a7m+kwSeN!`#W-fe6i}H$*`o*|{+y2ZKmvf#+lEzUuDL znJQRe^cOCNUo9rU{trDM&tYTp4$tYrOwndvQWkU?ULHWc@}qF4$bMLo9>_OnKYrnA z(5Rjy)M>BL4c!I&c4+QSe>a>4-d5bfxH&zuy=_dGwv|tZuBaF3=rK`JJQr8%ft{tm zjEIOF6Eez}y1AO2r+Is*k97ktW@AM)4@X)0T7OW_Cut!V*_sdL zKH@ogFs+$g6pZ9Z(WJM*>Dy?B#M~Wpz|vPy+IKxDV;}vcg+6*SGM~i-j3&kI{n{&?EhEbJ>&lac+d2|l63#S5s1qg+g7;j2)+FB z1>|#yEPX)9(QI$E2n#yRtQ`#J1t>wfHsA|wx9m&kA#?$V5oNN608(o##MrX zf)&BxO@+bW^=W&Mwe?6ZP)DAKXLM_>Hq8tRT>${i&ToKYH$XsH=vb#gjd$4qnwxu+ z6tH+hjcVYt%EV-2>JerX!k{!a1su&*LWX|^7Y~BP?>t2cq5>NShEPukr)lb4VWU05sYw|AfY(3<@SYNB}gRBh|TcUO%8DuDw@IG>+_&#NIW7F zRU0CoV8jEGhHFGH5{0&i7M5ul(L1Ig(hMoD3<66+#v0*-y+QvP3c~Nyqx_f`1qg1` z*y|GK5RW7H+z@XoKq+x7z=BDh2d^f_xWKYYl|$ea0cq_9t|lpvhzU1Bgdc&Sie~*Q z9*KbLNgbIu5U8>0ggdK^aDtK!Ko!EHEjiG2B`0tHxN-@1U{$`_Zu~x6+W({7oA5`P zgyGZi`F_3my-YBVkUX>SGkv+(?C<{OlYCR>_4=w0Zj=4%xOVM7+!7xB=hA}YFl+ng zdjI2LaXEbG+144eI}fh!*YjuS_|!$MKY`AZ1-W+p(|gO^50o%4J&@lG0O@N7a3dVJ zduhvdTzhnneut^5gMj&@U$p>pI`FTzTCNJPDa80Mp#}WmKf-YxBFn<4ps@1}7E2PU zAU7C4cJs8s%hZ{tvO#Fg{Z=+G`XpI0nA9VUE7BBhN3b0ms9i$$mK0jQ2bXCcEEL{7 zCjTWfMsI~v8w1UgsMDWgM>}TQ8QT-o4qq5QHeK}opkgbBomRbH)^1AIfj_=Y>?PHA zCyZ~J_I6y&8y^6pWjcgZ%l?XbWcD@sT;CKg*@?m4#9HWlY4 z#_yg}+QeoFh6ioah3VP))+v7@m$Jdbp2{StY&aOT@%dAn7LD;)@=pJF9?y@M5cIoY z6Qj0Ps|nSl=#>b`WjLRDE3}@7R@N@NN&m84PImLWG}8=a4bcT@7_#2`?^=Ks&Q-yD ziCThduFxtsc-qg4Q=o6%W1gdm^yOmtnU-n*oob+2Ev%*tNiXqUYMZDval&6k%Es7H zpQ(d`#&i&*#oS3ObHV++(wA7k0@Wk_a0T5orpx>A*z)^>1v3c;U-Ea4VN#W}q^Zfo zN0alTCsICo#lGsXLd&k@&5+&T()x+rParS=D`zT{q**1 z5YSTaR(ni>;Vlzu*5C^i#d3l4FVtjWWc**K`9FeT894sq8juZ5t=PgLfKRSoFLBDE z_v_~5o+*2{Y!NYOI;UKFyoi-))b1L{rp)b`l6SxUHF&=g%PgHuM)~P!&Dkw*IKz8< z7)1mI8u9_E#9-mUd_wLiJc^O+^=@xt#kExkLGWF_{FL2(!&cYpkDMgZ3J@u(6l=&KXy?8=0BkU9;V*C=>PP z8(vRs^i7vY%b3@5I?87gcocAE33K;0mhp~{a&?PYhd3ui_{MrjEyM(`m#)5Y$osBdeS33sv8aoS4hqWD2(yl_y(M(yN- zP@|ysl=zWR_%piT2Zxm(h3d*0*6~wUh^&r8_+|5Xf$GaXi-9RrKu@V~2(zZdwR3<0 ziwZO!tOJVt#%=aWnltw}9Xx(&n?P6kkWPN&DE@$+9*k>Vg1sp$aTxX7JR3EiNrK!L z<9&q3!?ca+V3H*$YVXN5VZy4BWbhc|9Yk^?D5ake<)3zvC4|aux$p1qJ~!`Qi1=N; zK9`(iL!L;=5N9@Faag;Jc*I1{aS9Y^i3)2B>I2yfC}ThzHy0p8r~(y?nJ7{A+ABmS z+f(mUo~+M_H~G@&q{^Jb4hr5wAlOHNR+~{Y(iD z`A~9bFRbt4Jo%rnL@5OXXYy0Pqjh!Czp^=RrYkMNQTZI@`$d_TE=`!D{Pi%2;!uyG zmhmRC9}I1!zcRkV95y2ubtwp5g60i@6`mr1DQGrL{I>2^DLZvISL))bH8rTbsq5SJ zpYGlzD9;-xSYYC+1xGxlT**ikDG5nK(1Ij)L^2ni{h3kM#7+TqPL2`h#pqNqAH=P~R30f1^6>tSdw4KHg+QMdEoBTI<-nw~cPy35 z*GdoQ+a@EnbHNY3$=lpqZ7Y683y$wm7_pc;*kN@#T#GuY)Z+=ur~%fJMZm86l` z2M+n=lSLZ@er00Y%40rfjrEu*Lr6az!OQWRz_}`+7ZV5~u_Bxl8oL#t!2Oy*xsT1l z0HkeR;^Ql=#NL!l+4P(aKf67!4rHEgy%oJ|#inL-Ci++9%sM*K@TO_kSXJxk3~kEa zwbueeE0gWzu}g*o;z>!1q)7w+Tt+Newm$w@QjhN;lRfEi&2&pPtxH@}wsF_rjjsc| zy}d;0+b+&SPo!p^tP8fOf5x512)O2WbV-6jLs;(x*@! zLj>r+Wef&gGs2BiAb(0DLl+Ey38NRH8YI9Gv_YI*0(6Ll!SDmXC=W`lF=%#W(-aJV zXtadUyQQ7%UD#)epJfUnw|Z5z%EdkFLxIS`1IvcA+$ITo23pAR-Q-wxjPcW9_VQ^~U)qgp@CPa@C(6i-o*aRB2cmS zzVbmpu($$(zDH9adgj6TXDJjh<&a8XOjkt-t%BUYD0UGC^&sEsV6=T%g0YC}4g$8D zUoMjk^aj$6YTVzgPT3UA`r~@e=T0mS=z9AcqrN~ly|HfpZPCH>FGtjj3~U_#sgJEH zb7?M2BX&YNMhF2{ltT=%I|OG1L1MHz9#oBL+oG)GsXI z#McLbFJ_3O?^=wgfWlB+I7x}*N9^I*%wJ?hbpw=zREeiW@4tU{eMT}NF;0$o9lrQt z#H)DC_sMBLTpMQa@xx-$_-DldlPTLEL-(VDR>uVOf=Fuzn@C;r z!nI09T!iNUGx18SwrD8c2%d4lRQs{{ zjT`*myUOrfR!CCqODelztC&6jH)_8HIjY@K+n+ubxg|8P$bQLbZW%=>@t>SWEIR7_ z*{sMCEdU=yP*cYuk*aMu`m-$E;5=Rb1mSre`(=6(Fq8o>Z=(r>L@;WS(h~^lWgfr^ zzi{dA)G#X`TYyyu64`_Nzo4E^lI6o0 zyyN-k;+S4pRc>S$V?mb@Jg$d$fp@^+Sdg0Fz2J4U=7P``ylf(OsqEOdLSiT<*+h>1 zOd5Xq)GS`^wNF1CTx|9bSLSgfw8+?Z>-_58buaCR^v=H&ifzYT7@yD0Y~roU<4?vA z{dmEuIUfUO316R%i>7a?y!9X!lIkcwAK!?X2D3j_k!t~UXe9beZx<)bu^=c}YUUxH zTqXAhNJQW)%PU8he6EI_{p$A|ai|o3Y{|<@ofbfmxc43@oGdhtKQ9k)C8U8Ai|$pC z;i{625LJW2euQFV7^OhonnXKe1BmBOnCkuKNmdw_?PoyhIHG<$ z#xb<2$sHD?R3s%KXidf|FA_<9RfXBT(%_b%j0GJ@aP7eRJ5@~zr3olf!U+a0{?RNe z)H(Ht>Dm_#^jqHR=a6f7G0MERpdBJT(o?&1&U~b9SIcyFb$vzryFV&Tv7()s z1U2bZvwJ>|WlV*;E&&m?OZaO`j;#a8MWv1n`zTBLMy~fgc*l`0DN16QU&!SU3lkjP zCcqJXm4F=!x+bsVxHOiJC7O8ji=yOFA>g1lKlY*!L7PHM+D3x$&#OE_sfg|J{G#6*}!!aY7J3_cD^)HC?2K@fLN7FBE@$Zw1bI8QsF`WN) zQCR-vqA)UW{KwYj4K*p-HBqFlH#MZ=V6d@;t`?H$Zy2qJMC6I%9?YXc$W+r5ppIT6 z6MuCz(1#bC4Ci0wBN4#6njK}PXTNX|;e{aHh)W~)$BS`_5FP6Jv^;zG8{+KEH}LJe z6mtFk(}LEj)kAS}`Sao947_ep$c#5@`OCz!u8k~wn21DCpyL9e11LSGV;OBT_w&%y zyA%F%_0z>a*?__G&reO=>o>$_j>$cGkcu(tXZL8WC=XQPd@tZ;!!S`OIX_nkk|?#S zM-A=~Iw(xp_mLJ?2#~tsZM29)_2H0C`5x7b<KV&6G1!svG| zo)In}gOQN>GIXF6BT)4n(%o!3R}o) zzkx+U;;oVFbK~ss23VlD5h(?#(pn5@(ge&XXC#N5*G|^LeH@}Z=mEt=6K~ta`f^3V zU3TsUhVx=%7o+U6yay%N7og%<^*9~d6iZ52jpfAXI%T|oxMyop=S%)Is~Rx|YqT*Q z?Det=uB)zQ^1M)obsc;oAEWog?5^LNG%=kBbLSQ7 zST9$8LtXEi#NePRY*IwUVQU3n`IUDTG(`#|#swIRs6sys3ZLf!$}k3boME_zATHb9 z$+#Q!7}AR5Pu5SqI<&{@ek%b^3ScCJk-&)wrI7qh(^FV}d^%HB6!1}}E1fW~^@d2w zxI3Y}qDx+%ms%`dZn|7d7QW6U-1(N(7Pp#HTxw|qr0_3S$oQ31IN;aruy<$VpE0hhX9Q=v* z-b}s-N6#%H&B!D9?4D7)|IQjGE{M%t6g|m4LM7biEu)U%(O(Rlc%|(VkiFMbNAW3qBpFy;hPcv^72Q0`2 zW34!E^NPmCI+o34=h&~^@=V`6yEM~)&`#t1SCdpbcl77fdf#vn&P05Tdji)2Le-Z<8YvXXL!e^fq}cMI$vrtg!AyMNlm*muBu;+hei4-Qd;yah-nCQ=Q>7fFQ`rU z%Alq$d%BA-@~cy8&XWd1)a@nZSkC*s0K!l(X5G>8l}KZEafyfS;DgkA$C~|xUZg=P zJ@3mMl{zY8R|;xrRXgYW^l4SdA0OG5x*BjQ-2uq*Gr?G($(t5Tqu^Z4rWu|r#ywkw zzCik%;n4pEq<>4~U}R$dk2BE@)HVJA(sv>U!8AHdsj6qZ6qX2Zb9o?`dHm{_5&(mx zH7Q(?q`yDp%i9c5l7v=666LL!K_5P~!O@GEn^|gC|Cty88I|#zGf8P5_Hy7Kqn^0F zztHgK#Bi)d?%{66{s)Mte}l{X7rWVjWbV`M5$H>I)f8GPiCtRg`!x9!6*#qD2{*NB z_}!?Eu8wxKsh;Z9R4o9`@JrpA^s4U7_W6ucj-kg<5cPFl?G-%j;w=WsKNRBvFJ}@H z0pyadkPRe*@u{tZh9_Wo=!OxFV`&(8w(I}l$M zryV3QkeEL#pKawwmk@{H`fnjfuYl`CP+_yX=|YF#7WeLXRLV8FW9;WAjQ3 zk>TQC66$(G>%{^dcH#7Lz1=3)S(+jpWXtn=rD6kGW@3TGXbrj|X=B6VCYJ7%k}(s+ z?uGh?SxrSgRqNL3!qaL!s%Qv}Ge6cbr2_yV#XZlS;?l1Ml{9$Oh{H=h$#^fTxYdRh zV-$G`{i({J+^_j7XrGFe{RavaT zPy~#sBqr&ivo(JeuB|7;Cu69n=uCwrh^}LWNh2d8RXr3oM8Gs4v&>toMR(SVcgR%j z_Fd9m^eqPPdMx%$XeuOK;QckZZE(+CX%>32mC-(jHEC?rhLAn{e7O1WbP^05l)KB$ z@LK9zAZs5Znu(1wN(TkBgFG4O7unV-K^KunA&_KI;ZRhUO^*dVd zS2!Zb^T_SEM$h^MGD}_bs)6Vj7wwr0GYk(tE-Nl$@l;Ow4)hudeY8%PIs-^79=PqQ z|8FD!M%2ePq@Y_KctzV-oCOn%SWDW6JOQL+H>9i!>XZUvt|2r6Od4&hk%a7kgB}Vb z0VWH@Ww*HKBUU%^AYs@$MOY#9_MpHzJ4gpjSmzKZf$Z9L`4#NwaY*%8#VP+H#$~{% zuKnV@_lR!r&O;ya9LDJ7g{9--8$9m=#ZNL+R9@ zkHlR^#~nkX)m0*0FDrdz4U+mzV@@(ysJ- z63&;y9M1Rq+x@^0a(Vvl1ILh0yWX(9LitiuIou(kpfVuYmY$f9w4OD1Mt=Ha1GqMO z>zps;GYo)`XZ~V~r%st1Ms*Z(uqVz6|JjDZDi(kyi|dhoY3k(h-$=^N{{NL27@1lB z<9gf;buGEQZ|~0c)Y?3{n1$)lX`Px1X&dT*#hMM_1#D%UJ=uVTcoexKE4-uuIx?7SGs`w?TYvCJmg8J@=W2}U0`4c9kO-P4s z55>LB&yO!B;jBlADxcZeuQ{jt%b*}U6pApAU74e8@Tila$difo``Ev+vL$=;bFsvg zKLS^Ce@7qU`g|ey{@DkD3_{PR$n$Ta@4X0 z`i5N1ymOiF{-;Q~nuIy{-v#Xhi{#RqAf`S+J*2&#Zr)oQ%33f&sET`&2k7UM+s(0l zxRHWa74aQ+|0Oo;6}!&Bz!L*Wg2Kltp-XLlFZd9Dai{qatcQ~Uoa9)9Z3_Hv$TA+G z@9p~WgkvaRtCESsv?aSS?bJi$CmtHp3nW zt^~XPksL#9N;`nV%kP%0f=EVJ{Z*XQ#Gu5?O~0hd(>b1UDyv~`rURRimn~4Ccu?20 zd#@t0mo73y_r+Q=s}>7BtKPwF@DqwcNE!yV*Y$)-LzUTt6xv*(&s~y3&kEdkIbVus zv`~{^6u-d%J~WxP6o=M@0*)9JtRv-X22YusTR-p~N+2GIjFn6nNmyVsNCc{WXi-CZ z$nKEkT2Ap#){kt^EgT*r+POFzWb}>c8j9Yxguy5a+sJ$TY!_8+bWxu(s{MDTeVvSe zStg;ZboEIT!Fae8lqoB%m7~o|CQ4-uljtRxxDNOzKUuN>&A&f}&cg{j4~2dy6*1b% zz{BK-hY$f;uV2nWe6x9R!ub5?$O=-!@U7s%2!h70ps;-kac4MGt4`G_BfLh|2)xlyM~)6{gJz%%pK;t}+DWiG#7P&Q%$|k#H(YFUHbXpXB%J8Fy{U3DIgj5AK|O)SU7TyIA!zMSlN*hls!hDJSgE5{DK(0m?gO$a^(L2kN{2tTDfk zFXES)IZHG1UHxq%P-gj?8XUJN>`rWh1OjyM3FMDRRP%Jgv}r$jz!{}#B_n9pi{Pk9 zrMT~6w|q{zxgouu4%bJyN^7DNUm-){pRV%^-sSyuIxn`ZtER3X=y1VTy{^D?dfg~D z;E1Bn>v^y1UAsqtX)=oZWh7J#{3Cf|I1d|}qwZtp$)XgGsgKBsi8E8&_R`5IH{Df2 zj-}WWJx@7R-G2czGsC~_y_q=~|I-7J3w15qO!0pJ&A*CHL%WA*+9FbsoWN10>8!Rf z;B7$_*|RLr$FILm@!efMG3j@)tntTNql#!SkTYxCwac-0p!Zq~2k<>x+jEm1+ZV>U z@_K#(_uXC|Zp7PhQ|u)x!RT!K2peT+b};gFH5E2rMWpCDu&VDz#^b*QU^G)cp7u7r9?ymqo>K6z|5OM*DLl!Hrl1s29MpBZv)g~M@El8Q9&v70i)Y%qjR4{tP$$l zSRlP#U1EPHq93}9;gN-N>5AMv)wLmpHyMm@_wFwK~)Z*Dq7hNs?X)kOg(>&fzqyviuJW1~S#d zT1tDL&HKjziki3*65zkYkOX4DC7LsnBqf(6W2ogY_BUxT-lwe2k11m?j%N^;!gRK8 zR#7{kiFncSf**wPGYWZbk9HV2X?aM)d{B6`^^sC=n#S;Wy`(WTbaob~G#xsN7n(#U z!_`RqD+gxekKsjk5}=D$TNpsPg3t zyfc~fv(WO@Z@tQdgbkPd>8{`)okFh?snk8bcl;bFAc0`I*VM$Iyn^{fCk7z9A?J$z znir6y>|-um6$}NBfgfd<@{1w4xFNl7Mf4MY)APPoUi+PHK6N* zCc5}=C_*hEgvz)@yXiqw%Gz6R(L`fhEGN>U_-eywOwxy!sP8^xmhcQi662l)W?u>} z^2$5FH3!pPKAQ&ew4>1Y*8Cf!x67+354D2WH{7;D7oA1zq0VzMtCN8)~TIB}(HhNfS z`fzE;#Urh*ecBo(9~vu-GgOO>q^Uulq54&ps{$rYze~lG*St|S>E%-V6N?JiDqz3) z*&j!(GHs?r&Q(#n#{i0CDux$zD%Ob5o#D&Ko3_nHOtH4!>1+x}4V`6Vi5{Y^Ew01q>sQrcoi&=N-1)HC+FzNp#G%JF%9mf=tT8rb-uO}t zluEr-f3wB&*YoIGL3JhvC zTOr;?@#3E>1oXx(06Gs?XFR ziD;tv{)S}d+)RympukF<%G@L-N%({&8J=`PmvPg22)qu>cdtzyYlh)x3hRcQxp-S# z458zo&Uo~2@i)DUX=vyF>dyFTTEH1R5A^BkaVNtqoTk+B{s?`?t3a0s6Z9EgZx_9Mq5BIH?r92LoFkhmh~L}4 z(enw6hd0#sF92s^_+N7&{Rf0LRJvy&ru|GdCU<@9q0&9WcK-%D&-!3 zMl{P>e`-`3pvs_8E$LkdgtB^4JnBRcjs%9iH1!r*)=Sb|sxt*h zg(@@-WGPm_x|+^7F>+CKNrWDxiS>+#vAhwiQkg;|3g^C8B!c-u0=xdKxV6a*qp|t{ zycDw0xG9a2^eheD1TmC48wO!7Mx+TUb_WZ_Qsbe8z9fV+N+^(je^C`ITYy9#(xf1aGk46X4dD0WzTVLpVoIK~?u_~}Hak9Fj?D0#VyZcZkHtcjFCA2q zXKFFuva+#}MN(@RqBotnm_I$1F!3YC)EyhgF~d0}PlNm=gAYzfh+7ye=&>p6jP_kY z&PQLH9pCIBd^u+5^yttbK`KX&gr&3%UJ%zTC*J88zGS-H(Fg1cT7mm(esg%eI&=8& zlJt>0onNeEn#-t{%|R&|+qXU(@vX+u17lJi#fWdgHl;Xa6oAU3 zf79Cn{+>JjDT8v8RX@&Hjig?NswDmg?qQoy;K1RUeF(SEV}L!%vuGI8D>TU{gIrFT zgHE4YF!k+RZG?s${R{J%m%wNHEijC4%thmf#uBwTL+UON%DJDFXVxr+?oXfed?;Pt&@qeu zu0`OYXB7j`NIqGLoqw3*!a1+gqtkdRh|yd_WMvuDCm zZDEp-P;tltLfxZjt=WUc`v?$${XSqafJO*j_}IZ zH$5P?fX)!E8XYnE@>fQcK6qcj=g)&;hmc#3^LK><=K&4-vBWc{6ptvkQ%BRji4yOr zpcKu(D<{=nb2P4Op`Wi@jF2RD-hFFFG=4iCW}=iPTbvE-c&({su`VH8qw?$tU!Z?! z@giH~7OYdL9+ZT$tmJ@=Jz)selz?U?myNTn>Sft9erHzB$t;>LM_C^} z>tB=pz?Y9wS*7BFFGJiWe1O+UaOlhVQw@`%_r2#^>GpQXvpG5CxzDA`GR*{?`bjFn z&oOv+pn|gNw^&ABEs6*prnT@{a&*qo6a1_Fy z3+NWeCK@y62yY8~_!VAgaoaOK*C-!y{^+PXPs{6X{t|ACyx{^YH>Nt9tAQMoKHj6!v#C{Bzm6-q8YU5skP4Q$q2q#@UHQB-+NbhMJ^-+;yPd>4R zOGvihQr~-*h^4HOl(B|`6iRDeBQ6>3&jMYIENx7sEfrk(K`H8Aqm9YB>8OTghSnrY z%kv0|S8Po)Ejm2|Jb8So3Celg${J=1;D6Z|n+agikDbCbm_xL>fWcQp~6A3v{#Jt|t?4b3;qvJ*AWKxm)Ug@!T zvu*&bi6qnT_>$8Mm7Bbd1%2YFqmuIY-7HUg{S;R!iSqPC2@~WW(jsskB&`;Ly%E@o zt*vGLLS&;vr95s9*M`3+;Ei$AWtQ}kc7Q6I{C(B?uB!)Kg}=w0c-+2?Ph7i|VRc>F zrw%EaRj=BZouWLis$XG_-iO(3*~Qh0i>HPj@lLSOGy}Eox>9ds6{#UQD!>Eg zrac+8^2%24b5pYPb|3vt_owl}F2O16Jwn89dPkPl4j!YC(MMXLKHbu-_5LA)+}E-k zW`WTOxQj~?eOT%34N{p#tfW<;r>B3)M=t(lrO3?4`fq2k|M_t6hPt)wcM!!tt(f|H z#`*;k@qjXYj5u1UnF8##fsc9A5Tdzo1`P*NPK~dR82Wn3m6(N+k2Bq>M$|c}#f=_ux2K%fx5Fs)3xVIf zcK2Uw+?l$_J2Oy&64D(jfDS+BmOI0yYu=aCC3Llh(W8}i=1SDSRX$U#Nyzt4Y@h6X zC`clD0STO;FNxJF@a)cmhZF%4Dv=1}Zm*M89aLPz9~A(BIu|^2kN@(Ucb> zTi_S9)~zR{_iY_Q#i98mW5d_mL^)9&2+~D~Ypq19SfjC7I2s7W$|z1=Ha2R_y=jgm zvy8<@ICzLa_68&2?2)zP-ZD|M!J3mm+mjH+;@n0=Z_`6M*$-&ULK{CUIco_d+=^)w zhJwO;3nyvLx7``2_v*mdEn-lT1>#CX1jqt}6wrA@!iEy|=}mFYSVNyGbde%+;|FxV zlen7v&7dQ#&ijsA;i2))Rg`P4Xpd^1((=`GfXE}N;xA0$N!bao9J3<~2ZYxtI|kD< zZ%}-oILJp95sfV1VC)7MvK##5QDI)OIE+;kihAxEIe;O4Ly7Ia^(=GlEn|m@3nIby zF9{E5my7*Aj?Y6n-7UUfUcnwkMyN!s2@iW$%Z^yDIei2pna08J=9GvM$cK9@|}t`f1F!zU=3- z^wE3X{d~Q+KB0DI*sh0N`^k#9P@;Y>sBWvQv*v9wS28`6NsQ5WqGOO+wvbl6^+)Q*#%SFl0ywq^ufg(KGnt6#P-~z*CWlfMeV|WM1?HutHIll zR2%BD(M;93Fvw(0Zc`6`t6Pj%ld5Td!=9aGeW7z6&^)`4X5Hw!ZhH74$T{%q6hnbj zkYQ*zCcv%R8o^R8dtTlvaMkzmoSP9bHy7U`r+msl*QcSYo)$KFnw{Pk6v1og!Q3yx@h8C8q% zL|h#>f?yu}31LXRB?=*AshFs|zwlXe$tRU_R3!q1r&XuH>Z3B*uA15GZ@Onb`zvq40QbgKj!gI8(PA>vnHHighDvL77lwuNSJrA<5uMKjv=Q-bfv~ ztyjgNIb}&`rLSMS-6hV$*FVVBt=Ysr{<5}b>n7^U2Zkw(xi z04xGr$S{?i>CcS;%mJg_(oy#qieL~{KaJ0Y1PEfs%dkoqCf!AL7`o)3lAevnasal|ucE_4q<0X}|s$F`?SAkn=vExqAx=$HXzi#AFS3 zv&~_58;FH5s6S6=vnpz2Si;`Ti_fa*GX!Tt;;D)yOsquKCgiGrFxAN?W$GRPsA*<8 zh3i|(idB1|vNne>X=?-rx9<_MJP*A}L(#waOiU77%UBYE;7ABVa18&!t>-_uorfiP zm}{#d;9pVGD17?~BNEgX_wbEdw-^+HuDSx#iyK%nM3W;;mCh8{tm$N~#B?AC}+jg_Qd`|s|$^l!6ypx<}{q>sgnY^zN{T>9*4 z{yf=p8<$lYNd1@$gR9&k%p9?GXxNZ)IR!dJ9^kT@MiA>CDO--_|EX^8dP}wcYMsFg zQtS(oR1nIvFtM)Zsq%zIgn+v>-p^V2WJ;Y8mjm=0qfdg|E~CEpZPhz1orYiiI@R=0 z{{@$VvOur{B&ol8Cw&4(U^Ir`oSMPzfJ4F^Y*_qpmL%C?$Cm5^-v%1UsCPl)lh0rs z6(!0u74pxmamVjqvzet-CnrTUcdU+6TBEhT%}ujO8_%24iLi@EZjJIEZ=3omYJ-j4 zrMKF)bz*Bk3}H|vtvtC-oSul9sIMGoxW|;S&T)5r12#Dmd~DOh6G|HB8Zo0dh8O8d zhaK{pTN$*uP43L0MwJouTw_$NFWW5Tz0KsaJLGBEh}giPwR}enA)kH%;V1=RO8Gqb zG=j@V1khp|cFS<#`fG5#&x)9$gszK+pK=d4Lb`LhrDhYI8Wr>y)zVDCo`5y}vz422 zR-szE)8+04r9tt3rS89US~9Y7{KwizQk4pS-T z)^M1&u{tf+|4r2krdf1T_3YXP%)^>_5Ex!Bj=hK8e59tYu`K92nJYj6%dcDX7V2BpGPOSr{iWx>W^i1JVa%a{n3f?O zjAWxr#vZx*c}SPOW$b?2y2$?H!+|y3p*h2@x%5aF>(R4wK6rED0W8X+&oQt^73x=_iCA;r6wgi4hDgU3y&p z7ChDd#F@ws$j`3Q7Ka)tsNvZ)`L;C%pudg;R%in*Yg2^h91cCf?6q$gw> z>i~LCqPCG;~DwJ$O`d&^wUSd)-^EZgyW+X+U%Fo43w znzqB&`Ou4@*a!g5Cg)paBmarfU1Dr9=3QE(A8XW(hVSTH#38A(;C|+VU3CtO%2d3% z(fY_!N51NR0VP{nWzFQQyw3xdMqZ#atgEy^lOT!D4+P*v-I+t$)&k>#i0v1!M;p8; zvu}9}S}!^{?Uo1}T18k)z_zLioeG-{FX&^NG9E}YrJOgGTfa&@P zI(^@z$iaXp{9U!+g0~zK9M!L1YWO7BpVl-q12Y^5t1}hJ!oIick31bHh$4prY!IRg zc;U+dS!?|p@OXKe1@W0`Y9plCc66nS@-0q^TFc}Mw~n1Y^lj2oRCeeZRWQ?l`Vl6` zS;|NyB&bW|plj$BRn=N2g#o%!R1|y8r=L=?yy2fCmLV0iu^gFQhy%}o3xPXGd@OP^ zD+{(fTQc5(4*#ILk*@prH517y#zeL98jE4zd%M8ZM^g9l>u50p`?94=(mTyXcs0fu z&iABFB*q=3-4W8}@68%Q>?MOQ+pO67cDXY{tbkAKC>!cWBLerJ3fnYfi=WA8pl2Lg zBrC%gzoX7lQKISD*()BK zxeZ2c7zb*Nf?D$1nd6G$6=6$m{f3o^3c?%5+7K^7GX13XLOm-_nY=?gSD>td0uP6WR4Aurz)AdCNn_N#bY9-PK+ytF@QG8 zGiOPg^~tBp{ieWNtPp)N|5n411Y4pZyzHkvUw%rcdqH|_3-L_vVwI_#EDx5s+!|U4&Quqhb#k#Mn zUqo8e!V{3i)+D+uQ~pcZz0Nk1X;OQSvJ}A))wnN_ivyp_2lw3xlhu9Gdk{&c*>b~b zfDNoWT>6FDN%mD6aMa6Z_e;5D*Os6Vj7H@)UiXI=H7G|!|K$KC_*yv1FXj>`n;}#$ z-$<`ZIu@5>@iw(qcU#%)fp7CG*?5GwoejnuUn4WL>%aZ`d`El!&oGkz9;@g0A6X*= z|7XSRPqK{M9>YHqZa;WSLb*OAckPT$(4e8sT~Bg=R8|IxXATQV=)!!vjkqbz&GW@8 zsaTCXd3-)5mP^8VVu`RACnWsR^f{uyB*$m=pu|Xs7*BZI>?yw;4zq$ zVlOTq(mxhHayI!9I6GVw#@m*p&Q!7en3D%LRPBczOX|^-Lka*M_TSb=KQ^t!4FHbu zhs_;#y$?lAynwI^!bJEkV}`m}w5}h?_$`uN6zP%8V>7=SW2bO%VR2(TP(h~GMboH& z*gHtTQHUcZ048X)&MoM6#F|6^%zWmJP+9VKYB4lrU4o$~oKYHtf=kw*VLdoAn)HcH z#o|Wu-Xr;!S+R2~U6N|LIZVy?{6nk8cHhH-<%km4IH@<#&d(!{1MPN9P?1GK){Er& z+-})@Spff4kQ5McXiNWIOCq1D$i{JCQdyDu*f!YMJ@J?esk!QEpp;QS8Jt|`8&(-^ z4`8!RLC(F?-1%nrRV$lC2ccz;wz)&j1RdAxDUS+82A2#SmVmswfH%KWFE+^NHQeF6 zxvMg>{sJ<&kd0!DJfq@6zP%5AmK~Kp??=Ka^F?83=8zrV%r)P% zbou4`72e(x!yR73vLTx`CMt^K*kJ`7{K}LFey<2$$>y03$f<|5`&usKouZRkbbOK% zs5hyrn90g~@!jl);dmQ`1@i%C4c>ZMD;unHlh9nQJ+E|rPo1Axj1bx0C3uTb()r|y zMCqT`px0v0{`dK>jq;KQ=7l78fl|b>oTABb%_Sdmm#a(0SZWVb(G0p0HCfg?y?0~Nov_+%Br_QIqZQ0NS$)xmN&g2G&c_-v;9bKp8)D@Iq8 zh@+H{4p)~-a^2GF+Znw3+Wiw4>CA0fetYjMuZ${kqo7{ep5qfF=&bzdVKi zJ6)WG?SJaxtp7ipshTpjIP8GVGqrpBr`dk01Q9fSuo1|P_8vNY63+8#WGJfyYYYjJ z8XCya?kzRiKQvm*igHYCVBr@QQ`jyyb>+|Ho?#2{HUw90c{D=e=K6A=_A#L3aK>0X z{}*fT7%NH`YzuDNwr$(CZJce}wym>m+qP}nwl(Lyxo_@!nVZS|F-a%Ay7HxyPIsy+ z^{usv9+=5JfiMai2$3&bINV78S=gB^PZ-7#4P`Z*)f{U`+&ch#+_s;j#frb^2#l2d zPh`5L%a|e~a!3G9IqW*FE*o^L$Fo`8mjEL={K`Ru4Fs|=7q$|y z6(-ZhkQ(G*r+X;9r$+zEIbh>vAomoZJu=$av`75{f=-J`kbj>=y)(rAhz$cZW4cLJ zn2AfYs(U{#P(S31@Y5QI96>+0xA|o_-#+|U9M}Nvoq7{L^jPR}Xk7#&jW8e@P9%WH z{f;TPULvev#SpZVf#e96L#7Pd5#ZST7nBErxG5ktO^Xp+P_X$WhzrpUQ8*~#zzIJa zHK$pl0b)ezG4h)tz6N)}5 zXw0CIkZSYPwd#61sy~yBUiAIeUWJ&-Vt*2;HW83yR2lyC-{Rb_N1>Z_-uij1hHa;z zqo=L@yWo>qoqXos)%$X9`Mh|jc&=PcUA_t1-gWz3^ZEXp8r8Vn+N}p)%h|?gz&Li0 zQ12&E&!}C&92bDnMjwVwAG+-}cw?8gs}I*{7uws^+w-ANyW35FdU}14_W0=Q;N$Xs z)B5;$`M4kiVIl^Fnw@nh&6nAimj`ATFJ2V*q6wiQS*b>%Ms=Hf7jk*$kWYM@7Y7 z)<7kQkpPT6p!)tCPw#Tfd((?Ec(URMwTtD;I$$}p z9KS44nSg%CeClVnt#m|IK|GU?uq8W0$$^$zm-lUQIlX)w=BC!L^RrNUXBVbev#Y0< z)k~?GXr)|jQIO+R<&mS1^2ibrec15wX>tjVwpC^<0FHQL9?Exv0iQF~TThXT535-Z7iM*j%_J*Cj!LwJU5TII{mmpPn`-~K(NcP#k{YVcRuW7Ki-pDqrO`-91hG8zVu1k|RG#XvO+T?7SuX!d>JfS4<50QH8l)iK8?vi%YIA zcg9nKYvR%5Nqw@0_kvS>%m@Fy0(8VY!P~siWc9kF=;a8bJkG~A=cpGq=lI$$Z`sbf zH>hO`|5lf}3Cve@{1O2FA0hm=ywpu_zOv&Ne|W2QpS_^}SoJ?cHm|u7ljp*;=nMEO zj;+wzJK0-Ul^utw+xHbW?y7EG72Li5^O&uypSfDi_~vTVH+wlxR*F~X)39yApP?Q? zeOTQ=1`V&U345O{&dJs9q5l1xv&$K-8{(8RI<~G+FeOsiz5+3!E4hQ=iX1f8jp&vz z^vXR}Om_0UqS4%D-Q7i@uoLH?E6KQw_G98!F?PT!eOpqI_wdcr691hyDRMCITskg& zqci^@uj+J~W=-D0nbqQEOujstc!KFj5i3f~4x!706CVrTm3!rxMZ#uD#29sYv8jN- zc)-QPmZM6|i$w}qHonEk7It4cEM3dVWb(|4V46O%T#iSz;UX}C6Atjc9q~37Z+jw$R{ul4^;L_$IdW^G6%AxUEC^Fj-0nnq_4vB z@@gL1PA`e8rAiUv=h2l_yRYnX6jUca>+^{ZHK(JIRy8y854hM z{`cX&G<)?WUNzV5g2nPhJ5aBUI_K?ffS<5zz?ZNEXu^ND{lUl34#U}o2*r+I|B$&5 z`)uA|vtLqlIfO&n77^M8=g(01>;w1PXoi=; zdp_Bj`UR)SXs7xw3Qm^)TE+g~pYyP+p&gebfZ}^wyN8G*crtQa-*G7x!)Up?gpeAW z+*SLLTnUhLc5p zHi&JsiNC|x&|PG9uxV@{s}$_zN$CXpH`p!<5qQGKJuj(D&ZaFX$FZ-=#a!l=Hkx+V zCZj+$XaavCPr~={A|;8i9hXz@uijW{8Px?Eb zGQuNMo9x5@Ljqm%F=Ybmp~M0R0?b)*?na&0tedQg{yk4SJI12bFH3L8c|&`~DCg;= zR7jC1$R3zZai=t5^rdEg|4N{^y-B^a^?^|(;&)Z z(>NgF!4Ir*|D;XHRm=RrhWLIM1FW%qk)eALtq0*k>3GfzUbz zhI>FB_+R;b-$qDTWCth7`nq71gm#+(Bg)8nrW^B43$gK*a+J>JziA#wtlRG{tiIL< zJX2~eITIypA$YhiDig-!RbV(s{$aCDkdY*E$7g3UPbKQd<8j$cqvj#_bYFR73O+rw z>euc`B0=ki&n1w&bcW&}cwj+<%K3T(8i)A)L5`VW2 zw?e|gknrvqqmYOtk4T%rha#4W3q^ms5uQA;@!rJzsz$Gu&X-1I1{nj?4JTP#bkws{ z=5*sSka~d?<}8h;sn6r%O_t^6KuD{j1|?eB!##Zws%1O=8jC+|8Ceu3_`GKn31w0I z7y$kCa63S}$0vpYkZ_1?PT!p*xW=77bUdat*evix?NhrXX z{PS{^4IePk046_zsyX=JaI`jVmebW=pqL*)Kw3H85D!nOwVi&jEZUc-|pPwRC)VfQNIRqYygZtHEU&N&0n-(Hd%x9C(QIGTZ0wWIo6aN zqrww6zfWV&e{%Q&8aoemO|NLws(Zei-pan>-%lY_K{l}82Xb}+_IRVSaJ|}oWx%)e zaW&M*k`mdnGE5Z&PA7KnT>35p(Sdh1`yJOmc)y7iLka^X6HnKM06C)&`T2m-R15mX zWt8zVCgW!#nk+5m$+WSA$0d(xYs2N+@1GKb!bqOAUNt7?`BJBHO}o|-IG)p(OI)E9 z9tUk1hG{edJ_xgi#%0Ogj{F(1?&N+CWX&WW2%5B#;eM$@Hvu5IicgJHA8Qy~Z}JlXH-2(Ju7qRz>6H9z$BhBt5JvW7;41Bve;N01fx;(qm;CmY7U4 z8RN)k$i37Pgy*^}0l4RWXQx45SS^DoaUJAF>n36bEl%$5ZCjfV(UVjC?F2zyBdhd5 z^18cHmr@*EBP?e~u_`so*=h6XFLkh)rZc5bl&xrx0IVd0&Y1BudNtx|)Z6@23qJH( z&yl6gXmmvPTV8e;QJek!boQNj>iY(l9x2;BIdmj&(3OX_>D2%Ukg^Kme`+>RN$<;{ zHP%6CV~&J3Ky~z2BP7{##y;g&0)q?D8N75OX%9qLqgbUt&6L+lpHtcO>%90Az1#{J zaUNzw-j1CDFZA;S%M4(F7u8VBv139T*FI=yM~_ZXM;3_))!(s;(sK5uZ+b{%_;~ZN z(FJQ|Wm_*912v3yqaWxZ4(unXH{aoVY^pYyf8<^urwR|br5gyxJJ4`P$3=!z!tAk0 z6r?YD==E@x$K3U86G1M)50d60x~t7sYbKM)Rk>zg52zC$osqNeRiRTBN1rl2Xe)EN zW(>F_H_Gs@X9;HGS#7P{9JMpPB@ijrx~tAtp15>S^VQ&FwV#hgxDv&YL{W$U|9VOz z)%z1?c}}Mm?=J(OsRG+L)D0CmWPy!;4;FD|-r2_$WC2;E_VO9UHmDvY&UxWuj>L=0 zU5H$=hCpY#Bt5gzvdZ0X_GIR~(FiZNUyq~wF`Kvg#(y2LbvBddYw+8SznbPDi z(SW~@z33ls6jh*CeF@{AhL>Xm+p zsX4=d#X&R>B2*o#$=HjpWq)-h^l(Tl0!snI=H;AL*VawOx+g*2! zjFXa9!Cm=@xRdw)7fF+u?Z4R_WMp9cPsea3PR9SXH*UAKtQ~GUV%MemUAoTOm?`@@ zNHpjRupAIcpV752Qa|`8HAoaqQ3${Pbgw+>Zd20?5i&96Y(Ep}wABhr=Jv2@IU9C4 zNhWc5@y665O?lb`4w59ADvbVbQDTIEJY%Ew0Ond*Ba zBlT8^cO0eU=blp|>2pKQVv%x$rB(xzxyQ>NrEmbc))G`F8Tk@p&5Uu+0QM#WMKJFe zMcEU3II+N#{L$v7C2HOpdn0rXL}KY|eTIv2Y~C7%Wv^Uz437)F)b5NAYk}J4BE=3z zmBq58M>Wa9`BE)ytPM`PWfp74SWAm&RIujK{T4pPh4dND3i8?pn%N_xFA$w8XGSsB zc2!>?5)by7faCl9OHNt7OV1gEK&hvN#VR>3CL{v%DMAPZT{}AFf1FRaHm54~Q7c(} zyI6$mr2R73T7?On-jPnUglA=MeT*B7fkIL8Q$qr@U{JDy4#ROOotfP@$zG>}gGlk! z%w$R{UyX7f-n{gx4g~zcf*HBSEiI)~a7?L&>!N-e-!5RdV+!Q(;)DDReM<#m} zhf>`R)Xt#UnzHK2*^xU$eSG6AhX95@0)K1b9O7KkGR2`~>y_M@9d!^I(e~)X! zgRa(e-+a)555L3k{k&ZshtWUbttOGF-z?zOHAY%Kio$IAn27Ed@zgX%WO?@Z|}oaB>eLpt!HB`|g4$ulA_QXs zhVq65j1f}BHSi2Qf{zhXd1<^fUh1w4*9RNIOyDQ+{%0V^&?EF1Gu2Gve+Ray8A`4H z>kbBtXN(w(cNoFPSgBSTHHPh>|0hVTqcPMRXb3ieoJ2|`rIFV7AA$CeW3*Il4cq?* zs89a3K&$2L=;(RBZGJv~FN6Vy$>E=Zg%wSzqkj*faG6?}1nqtWMsH+f$9WNu6Ca_0Q8ahyCpa#WT^G7+{!9X6aulFtrGeVuRn81w zWM%{e%L6Gg9Q8PNf?F974qym0y%-TbhYJA?7VJF9;YitzMNt-=(7)+FhLGG6l#ic5 zEAFabDLU}i1{da0pr5>~d)uQ7KfWFuK00zu#Km+3tel7>i)-cqn9Q1ZRtSG>B5g?7 z+w6z9675vT6bKYBq!|A0Ay0Eir6ao$fdj(C-XdqUvCd(hbrY=O$}pZd37Co`c4;r2 zBa4BPBMFFs72)rq00hwjvIMIuI1vyWCPy5CN&+s-wE&Ec2LmS#QA3cXSTKU}x^4`y zpud_cgI?BOh0Z;QIVodybAO#_Cp6$@L`6;IK?_ayD)w1xOjf0>jzfrhVqzds?BfE~ ztPBUPc+o3=3v#SKcse!lrPwV&hw($6$772z&s*}&LM9MKaShqRplCf(H z{xgPAE95XClAkoz#rjYdM8m}K;8Bv(KL^4w>r>@lCQ}y`9_*t|NzONUNFar;^fuf8DC(Ck-K{x`lW110sro368o!(pB{{8XAO`vcPMT zQiY}UUa={1vaNw88|iRBL$>8Na9tYEM>u^=QioQ42jmKLbE z%we$ANe}O1&(E8Dy@I_Y%;#wYMWEkmBnD=cLqt(_V68Q*;&G#ZR06|!yL&Ncdjd`F zwP39=eMn9Qgr^^j_Z7orDsxA%-#XTF+SD3*7Lmu7Ky5Y=xa;mgA_E}h@VWv#5d+F} z(RLXaAi_+*>4kV(;L;e;Q&i(Z3dJL+ZLUQr&;{6ARod{3>fsyUwKFR8mKXL3hQT7< zsOjY(FX;&nP25NIqtR-o#6>Bd*j7HwHTPw8%__#128tSHHl zFuUk-UZcPy4H_%;qr0!7F^=1sU_Wl9cezqu8p||jmwTC9I)Ru7x7&VTBw3?q*_?uz z2zQsL5CkS>3o-Lk(g1@9369bW+$9QsZ*}+6W!Fb^UB{I0z<;)@Mpbvf>5Wzlvu)dR zo)$0y)QPT~g5_b%bejQ|{b5*DL)ko|>Y;OAE6dQ8lTy?cc<4L+!|*>&s;-#PzF_io zfQx?n5hb5o{>J~RNW2S@N?dBZwdi$|rqP8m*gl4?XH)<$0@<0rzkkuzeBy_3YAgb_ z!FgjQZ87>TGI>&Laz3wVAXc@8mH9z!6sz1X*qa;IuF#;1tI>ucLngF~J(L_b%z@)J zi|DYe1io*)rjCsl1Sm;Ew&Ii~_|lRW6kku%dslRQpX@2PxWgx_a!WdkA}9Q42fp-| zQ(XUfmK4=ARp#9MDyl1ud!@8mNbIqY*kd7az(Qt)w#ni1qaJWUJ7kBn%?Rn38LkgB zgqT22qNUQ(XlvXUwuc?#rF#7XoI?dzMvAcYWuY1>!Za0xXv+vumf@nT|G$PqG?s*D zED6z?5u&uhMQMi$(2NwJ>&yOM;g$$deO#AacBV*mtSexOWg!knqKvqk&opkeIP`iz zft%zDYoZpzJq&V-wKWdBwQ6C@l9ALHV*>M~m?kGV9h!|0zf?x>$WU5~lsQ61%XT5nx_HhY zE12&1p;U6bjxHMg&3PM{_yQH;tGj_m^9iyBjP?D>_Ls`1QmI|WXkU3VCK4<+`wV6p z&ER3cPIg~Vu)-p31ertpGC@5Dd!_P{WoaPo93LBRG^u)B zJlEWZB`rWXq;r(j%la2Re}81^_VxcuMiPrTG{gR8W;tf2uC8PV!TZ7p_ho~10?Epw z&m57fjhh*VhVbBJKMnA9$6Tbt%cORA2BYHCB)>h`30j@oWv$vD`gEqf-GqEb0}jAx zdBdoA{#GCUM)e|TEAOR^>{0J&!=IR`k%HHk!+K8OH@$m{5?BBT6!t)A9Sc3+b-L&t zfMf9!AD#R&`oFZ*#4{Ph-e4a~@I(sf0F&1{GL1X0xVco=Y5ELW19rFl#58yF?4<2t zI{r*_DcgBbXnV>sfUaEtDxE|9uw`+Y&R%I#HY4fJgp`ry#kOrOuIhT^nViqnOfiK_ z+qP8s>YMGb@M+^w8wp4@Jr#z2p4`G|Qn7cy;z7Fr5FkTjAOOpN>H>iy0+1AmhOXt1u{p%G58R7+pPwTdn4rjUQYe+Go>KKg!$h7eA*KxBfed*~y`&s$ z#)R!>)X{udUAoOSD`9Q9^ZWw-+Z+A)d}tVN{&(>ReUlSRk&(+RCk}p?7)S*_<(z91 zpG_Y%n~<)Tyz`?knhn4wTO~x-iNJ9qC`t+3OR!k$rJmTbOzylS{JR1WCG62|YRmrd@82Q9ot_ z(21jXn&lJINk@7=H5nTDR&S&RbYrnx)*EK$j{46)HA!=iiEWzQ_WW1k^y33^$=A^0 z9rePpX`hC+)uGo&?#R=i10Q)RCD?pW0B9_IxTFd2X?IsSl^RX1Pj#o6=GM~7vU?7k zP1cPk!;-*dmB*m)N?m@?j4Mg4Ln@w@+%%00YtU64rg_G|lb)T3%)ZjA2^V(Km&=^h z8Idtl-80$e;!JGLdwD)Ku1g6J@vkL#heLF1FQUoNJqXGV05=H+bIlpjSzGsDn2GC? z1WSd#EBmCl5ZGW;tg+iW6Jwq#E|1o8`t&L~so{q2q!VcvGF=L~x_$j(8roJylCB+4 z@Tq_w;{mV#$1gu|HCpk?P{?72%gwik1DH!cx{I==Ztm&%cNU^V>%~uyw_Kj-)|i*A z?wOTxlfBdRty($)}_`OdyqL4`;bB&k=t#!I@8a2M8=}GsT$`>I_G;97xVE zKf1rW`5s+mZYyvh^tmW3|agsf;K*#%cM z&owXSK`eQhwR#U$h@>}4jdF;ro47KQcJ^0=dKV>WIr`F7{vzgfp4g&N2OZjieGsc# z8BuvcLJj&pCQ&B(GWM?w_Uf=z2Ko&4-#p?PHX12~5h&&JAhgqkg)(GH0N4zTKSlY#pMu&rS%HeO#DR}0 z3+Bj_dVVnZJdyOn?F`SFRJ4x{ag$&8>siCu~7U#AaHnymtZ^|+61xXbn!Sfi_{E@?#+G%5#MZiuM z+6*m{FW-{hmcZbHhw^l8LY~Uu@rW?_P7fMW8Bb@ND1x2%j%(azbGEbfes51doj*PX z!@_3WO4ap$zCC<@KI8Czyxcxc_7CA-@pn<)LLXk9Ru^~Wc6-Vn2e;2VKVNefv1xK0 zR1D5&)h(60)biV3b-E09R?pWPojp_J{5;&h~C5h^k^ z&2K!gYCS^5_G24RIKhI}#()}GtJ{sl4Qeo7%+wywUOq9JZo&yYOW^B~Jm%zI5@E&u zG#{g3XXe-QLtH0f)7S*e1;{?Y!u)_>beZ8TQHNq^x(pI6;U zf$FJSjo+C;6mX>3PuTll)||cyhTp&ob)3Szb_(=0A9G*<&zSgI=`ga4=doZD96<`0 z2T{Jk20zoZ7$Pa<0*I)ZznLNtiQRg@gmYnS7bYiS7Zjqn%Oil5+o!o$w_WivQt+T; zXx(y>AvaF-@rd0t;{^-up<;e(|4GcO$RRg7vtQ4wmwr(NVfM#LCC?m&Z`cK+5suq{ zK?r9a7M96U!PG;VA~P>`%o3Fm)yOz;Uk*;=k-`B55{z_)A9YmXMt~#}e`~e|z1L;j z!wDRZZw|x}AY@R!PO`x(4L>dm{X?;TQEHjMQ-ya_zn>1J!GCrwAV&z137iS!8dc>2 zEVKz9*pGp|%2EdGk+vVqQiM1S>}v@e#0v;k-j3dG*cY(wjEM9Z1Th3B-rx(W81K|n zeReJnP_Qo|(is?TTeskQ6ujvF`#{TY;^K!8i@~>83k@L-leQBFm>-mb8ATL|9*;Gce^#|l z7{2NY6Q@A-eKL;N@F4?e7*}OW7@DRA5411Agwq+|z8-JA7e8R);$IMf6J(eTTbmQM z`E1QWQ)qMVz4$G-R@Pq6)gVCN`++vQiyRF1Z_2r;&sd1d;uIFjq;SV^*$A=#gZtG3 zHB4+$17_z3vVYkgaa1W{TDm~cGt`Sq(C@9^9wdaNb6R#ZVx{MU@6wWyMYXVcb(S%^=}<0 zc!m<{EBBr>)Aj;F*i(VfU`J4F=)i5lbq1eej)z4j@u9(Q#fw7^_m z*rWUBlDcZ!kM%1^0OUR5@f~I!D;((0s6pUaCDBX|HfNPSP@yz0PDq@iN`=r>C_oV1 z2xoZ?vayik>DGf6kF^-k+Xr+7hbh1M@m%H&gf zs6vT0${?jeg&Qmwb^7t(>)-mismW>@SJK#xn8Z_)lVX|SOT1jsio+)c3_N%FDC7eP zAE>IN6y~!+>$i!EPh20XxgR(Oct zyW`T_otklaJU;InA^oLT9`#xIZh!!R55M<3R3anaKIPIheEgl>4)6_U&-X7;uI`@S zV<*o~ZO|@|s?Nn$1mEBNNAjH$c^>asd3b%kp5ENv$H&_rhu^`t+a8ZMQrYDv zE1A!`1^Qi|V1ya`(|6_0+`1oYSc0l`Onb~RtTU`NEFJPutR~hoD+W4XTB|yee_j^S z4Rqrj{|Pn|t)&}i$6HALPe4E3L-Lt;CEf6UfYC%8X-AszdXiDiht2LAZp4au#c8il zb%4yqErV{_kC$w@?dOGOAR$^}p&bE?wkeJgaves7W{c-gK}))NL9@$P!c6A?9}1dO zxE;Qr!Lqtea6C`zgf?8(`Ww0eFT7IsL%}~_UF>bFl-vDiiu)y|n|s4V@jFkhOXocLEMkZn`)ztGfy#fb zJz+wRsd3+R8J0WVq;7$s8jOR$glLg;djlYf&>RtxP>PUZu5&q{BpAa^06+nb1zZ~q z5nQg|0C8FxTU`aqV6_|fYpgc016}m)W2r#~XIo5QeB3}{87SES?j_{Mel`svX-vPM z0_#1b;I>1xW}o9g0YOZy@g}yL^SXqAt@IHzc}Y_PYD8B`goS`_;yMXIIqF zcu6RASuZkvA>HePIw&hy%v1Hb0mAN_#cv)hMKdh(|Azl;$ zDc7u3jpRwA8d3F_;5MR|L!k=#>?mkptZA;a0iD!ge6l9}x~R((B+46&%U{OSp3+Sb z4DFD5t^2O1#`M5g0Tk{~H{vXm64yWN%LUQiAc}GywORAjT2MP)S3oZH9wqJufc`>c z>SqVU;4Bsm`5NJVae*&D<{-LTKReYNx+)|ss3KOur1>g?IO6eFm_^fg`T~X=TN?jz zqnSw)BHeAoDg{r;I4!Ni2upc0UR|5>g6-^2h$ z0!EhqEKQjR*ce!u{ulfG-(05u1qs+0{`)m+j2pO0(&hr&LU5jvD3@Y@Frvg+_bU}{ zaVP>oG6_inQY1mQAc01gJZRuBuuB3&-U_fffd&QyS`tu{bbx>WA%et%9RU(8s7io)-*rF- zkN_qDTTSkMP-14P(*%fA=tI94KLfJ4$$j7X}uDUamO_W$?1NKtkUj7hm8T zfM07k1R8)J^>+Ss^pL%9{c!{el=IL)g06iC@jT!yRInxWMZ`W&!&?ACh)-yOA=IFu zQ(+zgd-ZT!yt_&l2nE@B0EmA1H#0sM6j*UXMj(u~%i-uibd$Tys>nKZv5xkB1Pz$I z0)A8uEU@9*&epx$K^H*+UPL}WZ8-bj?!jS<7kGt0GKjWM;PjFSe3%{3x7Jz2P|(Og zlA#b%kpKoaf+^?=68C!ldUmK6YKR{DL$kX_K|)0V@GlGo{x)EkU*Nlb0UiSZnh(IK z*;9Vt-zES9hB-XAVW4Y+SbLDY-Q|1R^g%mpzaR59^f{p5QhW@Ej<>JNaj01aFOq@f z&)qwHaT;@H`RkfQ%H72p$)FgL|eq(Su?CH@h;-t5#PR!0m0QMGCG`J4cHHW zn32}UD6%)TpB6tze6YtrLBJ$ri8ALpCl~uk!(yUF^52Pgm~pj@{C0$2g#cE}7HyX$ zQ^tM@ZY!zJ_KiR28q*u?vhw5K3}!cjv9pe_Ue&E*eEgjoe~CMFw}#$-itj~ofm5}S zlVd>Sr<9V{iX!K?LEJP8%QnW3uW>tLI4FI7|EZAD&&Ea73&?6v7YbH4^fVKTg=dK@ zK8}+JTgGc<-9??#_G`D~ZR-W4=Ti~OJuzFGOtj(vAahVvpu4|)n3r^`a1{fz@Z!{Z zoPv$YRf|70R7B|1(`R_PUzl6hjG2Q*M&+{A3>SMohk4{D44Zda79UTph?a zNy5zU(6LDm}=j_G|}vTBWZaD*T;e=B72_0*0FXAjozoFF_m2KWE+HqPQQ z*^>PsOgLFGqETld#@xa&kfWvXUIxxlvvriMyK%Zb9`O3)<49;M<*u%l(ow!aRSd`Y zYrZ8k9c?GppL9rDx0k79?y1_uG_z>qu-iIdH7`}V3afdh9%|)){M~UE@ZrFs1T~iP zXkAFl#1Sf($9bT({-mV-hNn$wn8hm?p|=xtxGnI}$~%SzWauw0Y4CJUcH^AH09*zx zuzVnqv)fH)!?kfjvGUoJ8K_|UF!K)IexmXXK#RyOI=5GzZ~rZVOs|_OPra-Babkic zc`=Oe7L;PRU1Z_|Dn-ukyJ2xNs*XR8`2<=`J|xykL3hP=EOsBQ${6R@y`V&dEkQ=` ze&w`sQd39FyeOA?#p)WRhW+By=~OiRd@Ds$0{S@08wWj}$3u+@s+a@q0xm!66In)i03)o~K7cB-$DBmuD_c5P0 z^Cr%YLsk_Kp9G05z}{F1G2`rG25Z>XI5%R646IyMwof|rUNS_U*$;|E0`7tLT4F{O zg2nrf>jghL(s8t1AKM~5_7;n6P86g76CA!qkw9nj&%=8v>j?%osP#>(q->N<(U-BZ z6752quu(;>K~Dss*>n7v+k38zv&Ep5Np1Vqeum*H>IwabJ6}VuWEa4+NO8JDiso?2 z3`t?Rvpr)Si(MAp6zKZWZUtOoGm2-LovtVgC8eX$`AX0Yy8?HTo0)Jr47+1 zd8G*yVT&xzT+i6#+#v6j?|s94nx2CmrjyI$ho$U2)xEEUo6Ws{f2}s#)P*FXlu0FU zZOnd(XZ;f_Mh2}!ZH!ZMx5I?7EF-eQ+v0dWt*yKtMmFO<20a)kDYDYL5f&Hf!@d`AQjmyKIGHQE6i_{B&;u|ti zwY70b?SHfd)Pe+Ula0A&RcrtQ^_$bo+>tTFbs#;ojS+U>(H&60q*leIBAjzFVVd{? z{|kR>Md19;0VSAq*eM^T*Clc9zOYjTW!VuaB1T*6rkmJC%Vqz547x`g+Z^5f$_hs!opq+6RVD|huskJ8(d`D)86~sT`sx_cm=*dv(Thb zwkjt(NI^|YO8PT`(Wf&M6hQ(H%wbk6{EUqS< z3N)9DH&Mwk36VI(w==6#S=`hQrW;(bp_n|i6=bJ$A2hrO8W#4;!MqxnCao`Of**Ct z83ITxGsUL;xS;MI%tsVAWfH#OgkZ7=@2u6u>!z(dM@-LUL3|nOTigT1iCc-_;(6;q zZy4zP!HzXh^WD^TV$!h}JANeaRR_7N?Pi|8?c3;xk2q0+b3uY;o}9}LX&3$%nJ3%V zTn^RGVe+1bvP#si%xV4|hBc!jSTsK2^USwXbm@}vv+wdU;Y9Z`Y9ve|={{qtk+>R$ zDLq{i(N<7d%hab*rcz3Nc0g)n(5MK>B*{0p^Ic7hRiV-c6qc|I?-XUS5=S5Xf>V<| zgmEcb*b3L@>dz9w!gZl(kM0|E>!kGur`=R`MXQ~jrw?}Jdhg3(wF}`i-IwkN>_?eS zGOKtN%ghb92@mzJjGY2P4>V^E%t3G#s(>uz_&6*cX0$jMCXg-`XCb5R9NNA-)TL6+ zetLSfv$6}O<9@%UEX3L~C2HgXL1Caab@=L|mINKSzjNvRa-;GJwh~JrC(wfdRRO2U z-^>o4^SS%28O4eGTOO81!nIE7d_6U-zo9vf?-dC*KVEMupOwmv*ZY-?h+SAb;SHRYVfql=Q-vy*mtn`DXARUqO_*w!BA-oWn%$aH#P`#Oj&z zId*t&uP46EB~O(W8D32AxaU(Pai&}8t&Xmv>9#+mdl_yj$8|BI0O9^|6kT1q z@;K?~Gu!a`T5Eo4dY)*oB-DBN#J}$k0Wk!?Bxa;(n`yRMc`4Q%u_O_+WezwY`-Z55 zm4Equ%67oUNV#AozFHPSE;~zWorr=`jEmncQ0dm=qO#jWStPo|&vCs(t?ywb0lpCN znRYz8*Fsg=m-Ao=AFIsyJN7qpc8CWb&jT%{eS>oy3Hj+<1AtdtO>(HE(DFVyx9q8D ze{!d}IWJLQt1>x7!Hwvru>s+=zfW z+J=C@kbRxKkTan(Qjf%~C*AA2Q|XzKzgc>6vLq`9C2e4MJ1K3$`q);n5z2`TG}5oy z*SvR^XGKofHEa+;?1rtzNKgfB5ijTg|4r|QH!yI?n@sUuWk42@z5SIlYOP0A{$s_l zgCF=@LP(O@vd4t~*^{`i!E?UZU!>cuJteO5#HTo5Bds?=v6*@XKl*iJgRYfJ8d3>i zhoDU#8Qb31RB343i)O_7-Jw*^!iCX+O0UGv_}G>OJaVj^Ca>FUyAc_C0GvJ}C=K15 z7k}2`jT6q>L}`up4!6;@mUEMH=$5kYfmKb|D1dsYEQpax$h-e^J# zZuu0_5{uCmgy)g{1S(iks{S#Q`c6h24xuz{a$5P=xg22pd6rH1i~d{Z%S8-@&yUu} z$3;N5W%46raTFFWEpm#CqdjR(w{MK9XF2STVNm7c5Fl;^wxO%GqFeIhwi{Qw zko>d-JL@B}*T`b{d@W7sr9Qu>)6e-3LTJ;ogod@)=B~iFA0{4s?U*YxTTaMRmXP*$7Nqb!t2MlYE9$dZI_9rt8|q^ zLB)JPG)HWsIPhGpQyw6Cp@hm6_3&-5+^{)}=vbw_Hd1wKgc+S8t!&Umh1{Wz)x&C# zkpFuV^zl^7__{Pyq9XfZd@2-I1j3;TwJ^;vx|ELgu)a(eE;!jj{#OOD3^ifISlWnd zuIZ*o8a392Zx51`Ws29m=;owuTciDc3~Wn!GmR7PP4;d0I{1ve!cX2+g=LqJs8eEJ zYWy=$M~MPeTBfRS4N41}i<^CmsZPhip7CuMdB3l%spjPu|AjL;YM4ESc67GBj@;9c z1$l{LzziAUB9TP;-^L=e9WqbYPIgE1uUUs!rF>s z-A&8Nd}o$PGY~gucvriDv4>LjxB9(Ne9#OKufyvfR@ktKy0A8Nwb- z{q=TU;i)|+Qe{p`;(4K3JJv5OXFu^+(tKiBJtzKHpw>)LJKj0*i!f5LUo6E4j?Be7 zewrcPS1rL$DPi(0RTcd!$*xbKnvo9@l4^;@w-0eUvS6_?J7D#1-G_YSEXO<31dgs6 zr4Zmo7^51c^w(9M@|uf;wuFVUGIc#0t{r#-Q>D_$L}a?Ju87Y*%m zCcS&h`R7Gco7gHidgdtxAz)bKO`p0pKPB&HM^+_sG{*1Ol_7>h=VsX3Xh$jK{;!a8 z;H5jVWT63c&>{|R?1>#e5GUw%z?(urKH5{av8Ne57bkk7(=pa<@9tfmTjgQL)3{#= zfW<@#lC@ZWr1I(#MmnNr@6Al@!s{H-&{vbnQgCdFne{lczO|;EBP100(>i%j9!K&c zle|tqSc{md9i+pfNMi6&CG)$F^)U@wo2b2&Uji;-`#qJYFked|qn%@%Ow|1b@4t#p zCK3=rW1lU)zaosPjmta_w0R46B+TRH-eynW&9MUJ)=BSQC*rD8QXbF>SE$ba5$PR> zTPQc3HEV86wuICgZO%Ra38k-_Nfcl&(ccdgQ8VJxjlD!Sjnm8RZdE6 zcgy*tJ1X@ny?u!a^>}cw+|V@^bl$W;^cqezO4}Bbw)4FnZ?K{)rM5*+2D~5jmQ!i3 ztRgS4(d6&!rmFS)3?nppB6wdJDVV%o-`WNNE$lMZr-jOS)Pt#PLI>0zl+ls`wu)fd+cYfxmF(WK$?-PvYX!=cO;Q;pst8Q>QYO6 z{*`NWWfitE5)82<&lB}kT(C4h?#J1WvZyUZM>X38@?Ir6VGhE~#>*uc!^g8QBnMQL zeKB)%b#qqn;EC-!tq}71_JT&ra9e?wizHm5xFQwW zHv}f0x+0B-=8{g*3lp@h+y3A~6YKX6G)A9#2D9Qaa+p`-*WDQ!YBG8w=zYy!1lOJw zWU|dVuFN#`ZQ1%*5S;S2kB9lojXHV1E`o)Ly5k5YX?#Jdtc@0F_xMC1s#Wbm)b-Bz zqj^!u$PtLGl%13bZci`&+SrCJT3AAD5D|=Bae4``KmALH4y0KZ=&nVT zucjDBsD8v&1YYV)D(uq$w?hk=x~%``qStqPXcFuV@-Ky*eNbPs`V0szjJVN+zIyBi z^KZ&f9JfikFe#->;uYrTa0w%g!Kx`XI|M96eX3OXHbV2K)3fax@6Fph#EkWnYR8G# zx-~9ppbv;wpL*zU6WZUvjw)g1issZ%H&32hh9V{sV{mdWUbPt1Ga<@9f747A20n^x z_u}q$BHz)K>NB1hK#6A1`;n`JMRK^eET^S$J>yRI#AakLTx4mUq*1AOch<^eU;q0( zR;}c`64N28q#=@QQhT_VAE;xg1W3yIW?j9OVWAj2ydI}UzM9itZuOBIAgtRHWOLdl8 z!BgZPBo+;NgEiA#Tunt)EaQ{mIXgKo@_LAGEN$Jr$(Kv?=lScJ^8GoV6km0R5h%V7 zWH^WdeKW-A5Q0UA)!JfU{~f`~w$OrLg7Zm7l6O6{m%RI!{x)(Td@nZKIS(QZW8=b= zX_uFg8GtsbqaCj~``ic8szP6;3Ae-MQ0^)#y)gr0WH>W3!vHiGF0PV`9h_Ch-QbGQ zRx*7i>G(Z=5Fi~h19$Fxc~n5!58Xs>rmM<<;%oOhB_S`hFUj|*7c+PvdT;#m&WUH@ zAk;OBltOv*G}OP5wN0X~LRzQmi^t;d4aOg9#&e2SbO(0(hsJ}8B>i3}qa!raq(zsx zYN@%lgz?4J#i#+u8IahHJ6|kng|nkso$eO**kJVp8Z>YA0_rG)~pN?vg`3;lb@b2oGg-wY()bLY6^nCU?ICkAhaPNqWpe+yoXg~ zfwrxE7RUa{ch=$T7P5THz%mC}&{=GjdL68!k)GB(^1FPiNzy1E?8eraqDIxS=Hyi6 z(DT2`11&gag>U2}zrQ!t4ZGx&@%I_F$Y za^IMf+9C84_#QPx5`cCMcd)kV#Z1t+alvQsG(sOzpC7|o@$2D#pV280EcuPDv%Oa{ zT#BtI?3vbBC6uM!{XC)bwD-yPWR_p0(k0#h( zI0y(Fx?mNCs$zsz;upo$TZONZMvO3YwQ-z$tBO}AP|M&Ae23=h z$+*gl(V5a^w?B{wQUro)>@+HMvmYog-c-Z276(RN( z8S(AmdnkooYUC+MSiBe$Bw>18pdE_;fhW%$YR7x2oVrrPiF5ZPf_ik2#v1Q>ss1c> z3rl$)$pv5LR^x;4ZV-!)-+f#21jEr6FRK2AHpr<7X>E+{yW=irQL1n_l~#Mwb`}XwHyBol=0%+NqmFodT&xZG&)im z78#<#?4k+=h`#`6ClN9~2(mdqoO9r-9mZdb!3~K6mH4X%01IS*hP_e_&YR_sB?HYn zK7$9q0ebuQ^-&yJ#7g7FgB1j@5K}^>!M%x44&vm+2KO6K?)W9?r#cJdYY)A?bar)l z5YrKKO1ODhAlmw~;~fEJgFJdSyY!p=^}xUyiRfzi6K_!gAdramvHZS1Mfl^m`-ot9 z_|x{3@OuH%HzKS3n;@qHAaCVA0558P ze+KLv(M{Cj#r(?y7=3+2lX zft#a$8MuPnoKx)`3f-DXA)|Ur4}L}R5<5c>3JM({A_^|@3c|n+n1nj-eXi&XsG+%Z zL;jeE&LNuJ!8n7h6-EMq3*P9P^#lJRK&HnA906hA9=>-1{C~Jhy*74A0JKw#2*QqlS>U{z`X%{nt-!Wqo zq&|Qz9(@2(4>B|W@{d0V$!Th@pW0kN@3$++n|wKSKOzhu=*#&}cZr|N5_ z$H@W!5R0A7zL`SNtW&aFwhFL`HxoSr3Z@KxI@hoL}#hfb;8ZEA7tFeyk?l&f% z!=B$03MVw~{R4R)Q#pM<9nO!zotW0XDexE29Z1Du93nr!ZiSw8;ql+nyzpC0tgpNt z0|r5?S+|(SwkwTA$4M*=Xn))M`&#Kg(47s%xM@89{>=0ZV$CZq7y_^HAT`I>)`#BRb2!j)GCUht=FLgAtFXlzdpAg56jBL3@a*V~X|fLDG3` zcOR#s8!})WNZLl}KwG%tj!QvV;5ci-YrAzHEwX|(a+NS4(>9au^3Xq6oxa>YaJ|yK zqDBZo{}-Qm6JE&xYR6LYFY;=t&!axYwL&q3i2B*4vJ^Ojc7EbKzqtQUtloBx=?(K? ztl6(jf=V(CT-$={fyo_W6x~&$Emng@A6vCMj*<<&SEr>xO<(8o&!<8wFfFO{b^*C^ z%2(;qSkX^`Gl~OP;n`Y)9Emn<*{Sqno;fWw2V+@pLqo1sO-}@Pw=AT~ZIyexjo-n@ zTXY@2f2lKF7I&T3{V4UeeoiO0%DmsarOT|YM566btJ)mEeCmv27dCvkSWU%a z8}^kUNR5pdq<$Ag)$}{x?;g0ZCBc{#@POaMD zf}#4sDD>jo@;RI(e5e2F>nsq_n@F8*qJ+UBz!yjW3$Yq?f){Csdl3&LLLEEOn@jWqOk`BiV)fR1V0 zCyTo*sH{Xk9NW+nj&l~l0q3_B?YuTRA(<4P{e7;ckKfZ_Ed!r>Dm{4ukndj|73CV- ztoxFz65(T}gDrK$Ds*o_Ji2=dv<6$_ewN#e>*I5I zY|Lj_uqAj0R4KYg>X>mc&GxOzRrYO&6*a;)jH|jYT_f@;nPeDYI=Ud55nF0rMd`D3 zUzUWgc5~$bt43M($%@As4?T+Z_2b=LG0N6#xQBlq*@Stw|Nj2FJWlahfN!rnL=H{9{qrIDtUPAOV+Bd_K zV670u>!M-n%YyX%2S3Y64kMTiO^@12c8C~OB(DGWxU#bEbCrR*$!CmIM}LO~zZ1n; z1T4*;U~BLJvX@LSO~g~mvUUmRT8z;x%28VW-$vg3tmXH0`wnldh|*Vz+25r6oR z-fQhBHowQpP{Ljcm0YrJ?>5=g44B;)%}%f#LM8Zn+0MKUutiCfA(C_HwS2Rm3O$fA zE%g*8xO2))G{MP75ALPmLq-Du5I1=b4FJ72sAYzmqn{r97tiQ7#J(oMm_34?c znTWI{`qENJ+1Xgh_+LI49F2c-Y|-4LRSLxE@hN3MSG1TLzKmAEyWhN27<;tMgy%ix z;njPwjI`B%hHOVISDpQmI=6e=qE^>N&lboDJiJ+SqY%?X1Bx&XaSmrSbA%hJ9GBi5 zx%{9O9bvdZ<#iRiXntp1@{UIjtZnDPzYRz&(r9RdK>HRYm+s8)^>ipm5eD9wkneeI ztaYbqlu>;Cgxys1{#6765C1NwQsp)>m=q%B<=^ONg)dF4N3tFy0-Fhy@)NgQCt}&y zDMgx8f!(e3=KZ|5OIf^*DX;t zo3^dN;of{kuRoL~JtZdMX)W&!*E(&Y63iNx$gXWw)pLiZ4JsEhxtM3VMx02RW#fqj z3Dy3!?MMq;ZlR-=fjCztX*Un#*bC0tm&!`dUQL9ZN+4kJ;N_qvf%y;=*mV?E({L1j-Bc?~9J+;dHE%$wIOh-ri$BZ`yVKPm~mepWAy4bWCAVa2-K zCOj(qnw1t7mbzT-X5iW`DLVD{;G8f87sW0?E_hl~h!y_}YdrVhLlS^wu8e9X!)r%U z=@zDn4<^WEyu{$Hs>*}avo3@qw6jFiv~kd%$6BEmL$PfhMYG0BMIiethDRQB2Q@lp zUdGD@#4Pcfc$PZKGZpQA&a-T9K0Uzy1l1G)~%uzDyTE)NWusWM3jw919O##haXM7U7(NgCUHJv=)0 z2>T^aZO}ee(r@Lu{Q+z*E?uTdUa&Ay(Y)Sc zpCjIXeHf{__w8Su6S|sNG5T{WF2%%bQ&d5x)u(t>Ebjx#|iQqyCf_|uc6 z?Y`)gF^SI91^2<+Ec7*7)^oDWs)@U)OW^MTSk)qwb)Rv<6)F{^rV|bCSfjk&ZB!Rxvu`SY3#w~Lv(&7GG+kpM8k(0QQu8hZLpVuV@cj3$}|NT1n4iX+L zs7&BGS_OwCKc4;G+Wjv4loG;}nv+=DFQ|G798~gcOI+qF4^#7ho9D8N0&8sP zmhh`;xH?k&oy2rY-&4Ah%%&KH>-S>pV@s52{mH6>GLtqrB3NZ_pXc@4ln@kxi94Y4 ziT04E#v}TaJ=(sG7z#G*6D zH1+>bMXR(FkS^f46R~MQU~?Avpp8i`g&a0~@SKE^&~)lB3ov9Knn-^QmVF^Qkdvu8 zwQz*bA2-a@9*vS1#{EP6;!G9+m_+xRHZym3p-q@cU7t40)t7!lUzl>7;yPn^=`4W@ zGX7-LvQZ;yevI#Bl{-1!BYS_NZgsZI*>hMa*(u5?%z7>}gAhr=DQ49;N@)n=mQ%q_ z7;!|ppZHU1JoC`R%x|7}Vmro1V;5WIC*E-`Ep&~vtqP>YAC^Az9Y?V#t0ed!Q;2?k z2>SJzmq&QJkJozjsxAtG`HR95s6Xoq;$bG%MQtpFPVsM;?5#2(2B_IuF>R*v>={Dm zuIc$5l^BxwVFbDSQED8Ip}U#tYi22dEHxl zZ$Ccu9?H{Ofo25HoBeNI5e8pgN3q;b*RN)?62HNV{A@|GFoWd+RXNFfw9kgx=XB!i z)aV>4C_qpsvd@YxGL(uIF){O8P+u0Y^!c6n1&@p3MSy_MECH~{W^1(0+V~jAMCq}% zTb(RCQXtHFESR-mU@77?(a-$Wf&vEnxHRp5Kn{%;wiJP|*q*AE+wR0}P%}Qkf_g?a z%*8=!uOzKTJjib}PjT+ciP~sE+zE25QZOjh=Zj{rkM8-r=AC;*Yej%`P~$RF$?h;o zVYs@jXNP#z%v4Re;`2kkr2;eAE~`Eh;X;$r_@wu5m5kYZv=-=k)P&Mwy92rAIScfJ zkH(`hSo4O>ywx{J4I^M>P8@!i zDnTHsL9@ozG;P~;;iJ&BgyIMaM!pukda{5a0}U6*=AUcjrc^SO~@Yi7Q3`Nl~WONd#0x1v1p|t=4dDgx4_G%LYZr7 z@A$g-Nqp_*#6JzK5B5N!-OS-U3?J*{w^|Dq`zSg-DO4qf?=%DR>sTwAk5l6IFtk?h z_oHUYAXB*3d+aFs=4cD9?yl@X-7$;N_HQi?zVyy+UYe5m1JhAI_u+;J5V;Uc9*epy zb#E_<*xv?K!q+OJ(mpz8c(xBAx1A0Lm1Whx`>!Az=D`d>0c>bR&E_! zR&w&Y%Cw|U*MVX}oxT)0Qd|4ox6tWDTcrrCt`j%a&fO87ox=qD$~BD|$Oe+tY-cRK$*e)!Jh)>mvstV!Q=Rw zuI{;(N+lM$h?Ws}OW$dy1KZ1y80lzdjDI1fnmAE|^p1TA_qy()PD4GX*;6|%_hW6O z%)9-2UFR!==kGfHb{pO&x*Hv_j64C}AV)LV7Qj0hBKrenx>~YDqsq_sXmn#eSK`j; zr_Vf89euGZxg@$$0*Z+Tvc}7LC)<>`B578`V>)?5`QgMZ((GGa7{mV zuyC(EXjvDarz=lrVku0}y6yXH?kp`fw})0aUkg~MU9EX!$|IZv4AeZR51~G_Z;?>T zfF)S0$j=~StcKm-S^V}+Pt!AqJ@I)Q4~Kh@G2WxY#r7p8^P-O6PAl2Y3@OP+ettpm zoPL>yz~u3Xm;4e^om+OWn$t0$FPN;4ox%sGuBIZ^_0T~=yD@)G#3n53t4C~YWA*Rd z3;0-0?eMX-ymBa}Y(hA*`-RK#xV0gEr*l>)5A$uLJaPAtNkm!dvC*vMKW`Mq_P&T0 zF>J(@W7I^_KHYL)hvqy%1`rH#(2P zEy!+IPpZl$KpH5Vlp8}Ig@V{j^R*)$7-h2jeMP3v#H4_jV=Jmg}J874TZ`DY1YAOP5XABHqjb;6pa%s0&;l@RBO1l+fC7VX$8cEWJOz& z*h%UnHTMJ0!>8QNam?LmQtJBOVsTD$7n!dcSvfK)83TxB{T7=QsSu5d#{FG-cP_>F zS22$guzs`H&b}+Ft5>vHq~)a94JHCYy5-Da{`8+KK@JDenFwy!+S10ITStnDDrKrgF(Am=as&8R$ zZEl^bwFR&yW>;>#-ut|u!^zsssah}F>U<3JZ`0!vWNlG~$ir+=0PJ;LW6%&SMX#s488>{id&g)qln0iY6TfxMcKLx{Q@+<4?ZEi5x0JBZuMB3%&B+Ngk zctHy4Zka(5&27}$z|?ZkZEO+;lU$u0+rN^6^>g1XhADtBJGT?t{e*3i!;7~&XtXU= zMxbM9c@>c}snO=T4sXN3sITy+t*vt&+eNgzG@1vBzh8{t95xcm)F<1!F{j_gGcf+i zWCx8@sd8=rIWt1(2KcKvL}NGe5An^7}N}qZ**AjWz4*2 z_e?5m$LE2iURck`sTlw6^FgLDwK{c-YD-tph$&$AU=l)kPUG$(7|Lkccrsn9&D{`v z>`tBqUrRQSJFpr2=lDtan|w2h)Z&!jGUNtl6->+T{*XKhUO)c3(yYg=Mt0~{{Y4g;>N*dF;T@c1d447 zl&}28c9)AzrFmcUwDoIyl4TiLcg2}u0lm;lSb)LkZ$a_)ry>S0FY(rGgU7}RpoQV0 zCQWpuv|Sa&WMz3KB`n^cm6AmdCRN9`=YdvyV)b}1W|`td4A8^t*P#Ba7`l^eL!CD5 zZ1Ohi-|OuT8#=mnZ>g7(FUyYZgSN_5mG)ONuX@t>SCyvGd)_mu@znW7jlEcC`cR_C z2n#RfrN_kEdS7M^9NWYXLeuGTBjt4p<)M#gUoMwBt@|wa<@TrisP~>UA#b^QCGG4B ztPu_8RUnIo$r|GvT9n+!s=9eQtF9afymWPZdu0bfVa)V(WXBdpdlFNr>p_X027ehg z>!}(VR_W5-0y+_LscN>Agwx8@*p11Z1>@04e!0-k|;>VzVquiwwM$ zZ}fYPnygAyA9T_lfd&OeFp5A(rbt2lfN3KwdOn zYt>~R;&_3065HZa(3vYty!Ht5fYw?v`(Z7;lqoqHq>lpAm%NjN-I%YO^1OXTQ-hKn z&N9nJEb0-!nkbhr<&bV!!%N`>&jKb>HfV9 z|AR`$%<+F(9{#sV$ISU((CxpgbZnfQ|KkRlXm=neTNzZ9@Sz&Gzj00ISoxK{k7pN|0W}Y9m}6kG7K2zHycZiH zV1S|fTcVHjBC4-d8V=6O%L^`GYgUL7iNZq{WFhBC?~=Es}LEM=Rr<82IBkzT)se|0bkaL z05b45^>+Tb9@M`0o}fNt=)&BCD`d{GzY^8oGq2yGi2$Q2*w)q;hs`op^QE#! zzyR&K;}i0YS51R@6#ek+bp$Oggzpy(^5~4kCfZNv-ruP5tzY{y!EYl=AKM>WK}uU2 z9^9W7(CbY!-QNS7_R>D!%k7t0#|-|~QMd^bv&yI+U@wmS6gEhR@DvEbK#)@_@cr%l z;Uo$Q3X*3J4Y><&3M7^M%Eq?}<@{6brD*guQe!SP_21@iZLfDEgYL^nO&8u5bK zb#5puDH%OF43(i@n(7EJf`Wb#vLZ5gfTtV4dxHMVj}BC@m!R76;C^r4L>!`D!6F8= z#DL4F0DyQB)L2ar1_X4_+-mxsx%wq1$G2m`Mqt30{ba z|4-m(a7QQfHAjuA;T`4&k5p~rCPt$18X;}yp6B!6j%FBxmeF}YJ#S-%?_ph^w#VV2 zH2`gA<(`r7LcNXn4^9RIHeS=0>XA=hf4-e~O_qM80(#*>>)=6}YI&EjFea=QjW-QY z<$moCbOgcN!xNQTxK4{~g(RnIa6k5}AmHgxP;o|#f;Tx1_YG->#bdc}(Ddle3lk~* zYS~ey8zynCrD%`?ZjtX;;kYtjKMTv?;o0RsN0b6w+Hs#t7dmcrEvC+iT5 zG$3NrBQu-3F=9p$Bw{^(gq#qRn?wBvmq=qv9B&GX&UgWYB`S*r^0&LEHQhuGsT+8( zT+Y(~4Xte{Ni6$sT{rk=k*h+E?)q7|5Hd|?Q@dvya(1hT?CxTw17)<4MT;I`myO$> z#}slENI1)Ecu>h1r0HYW#ZOU`1$BOvXXKKZ%tW8uR_T$ znG}xsw2o&9eZ67V6i+o}KY(OP%T?P9m#?l{Y-4>!dK$r_Y8`nO-3>lv1kb#aTV(DF zuJc2o^+zhB-Gi5g0eA8XMBEwmVapIPxBRGb%dxo6|3Z=Hh1aBp^X;X9YF9bk24|i8 zalKiuj)tWziQGP0;tjX&R9}421GS+KL|*QU1@%;lm9j?%0Gp_?C4ffhL2Jlp;Yqa7 z!Y#W}+*11FRui(@MzmNL?=v9=Qj#jjBKoEiic&$vQhT4a($`DToT*^BF-5|n@ovPh zLcC@Xa!i8}+Sm^vL9c*n^Nq*@Md@FvpKb`xp9{Lju`D(&ll{+-pG5!WDf7=0_&ec6 z_`Ok^XR-XQDuU0e-{0)LwuV1I5-tDQ(g-#lZ57WKj$)RRObn*8i(*1rzH_CLRJf8< zv6pL2C}x~}k>zReDZ{geHMe$f^WcE4D;l4a?o2(}Hej1n6yv8{nl}BEJ0SSpmC~9L z*;MN(Xh59L?`L&{BapRyYBS1Qg6^bj%+5kvJ?mXWhhcJ6_PUrQ%;E$X+xwN?1 ztw7}vqo)yj|CzhgtFQ@*D(_xZX%($j><&o{wNgJtk|nRT*b4Vz{M;Ym`iwwXlINam zY?D!Y&J3Cqlo!q6#=!1oFJ@U_m&rYRgR0EQ!iEeK<*!I3zM1ccA@jMZNQ2ImHBe%i zN*?ztS2sRi!<@vV@J%RdMA(667GC1_y}xfSD4 zbNhacgQtjbf|@2c)jk;Mr7Y(;S*Bc@+x55Gn| z;y^8=ivL(c%bDX54x^=kWq?Gv%mfRe6%ELX??HH&%tOl1JJ$=e{#{;SuiaBsn{__T zj!U;E`UOnc^a4ZXvR4fvQN2yqjZC}hHusDgJMokpX_f#K))+{tXjJgoxr1q9C>Xv? zpi_8&JG4TcHC$7P`N~_w#Ne@i7XGv@Q_1GXo2bTkH8ZKAERD6Eg7o#{WXO%hbU0Mw zywlMxYr^&B`_!I;?59ru9cG;5-itqcbCluwFr=gI)27wIPlI753qoZ=hzv@IpkNt` zY3JiGa|IOTh=r{myf9EO;A<`sOgIu^0p}w&tzqwQg>Hg)m(lHT_I)Yz zOrH4*!`SmEpTlc9>(mY-^ZgZ&wd^+GIddws!l#~2TN#ZI>Jl{3U=zcRZVE2p;D&_H z5E8y9VijH^Z+nj=Z=wvvx+R z^q8uXYD;)iBA;coEO}|4U?@lI(t;>zXSfV>q$qlh?zbuDJLY(?_)A&q6bjkPhw0T| zvuF|(ITDMGi(_r?ZDE_-eeONMy_lZoYGzxAJ+8C#-j*p@+Z6H81RcYm% zok?X29H3Qdi4V_s$BOb1O>2$(1o=x6#OtN630~Z<>S5 zH+tgtOkjAHxy`?>s~zVQ9Xu@eEW26Um1oFH9Jd~|n-KBN;nr!p--u_V&GrxlT7FYE z9f+A5N-@dwtKfQ4b*6Lf?x^}L>oU|)-)FeQ>hoQrhp$NE%ig_W?xDCJk9#=Z-7bA`RO>cB9_4t}?xt#}DI9RV15b{{)WokN14 z+?%ks5|19L?CtkGkSfOV6%8mLtdh4DWcgJ)`w-JM``5N(5lbtcswle7w`aORwWtMc z)uSo}c|87y7O9&{g~l}C#hol0A+3C7tIfgjR3{LPBb_vD!Hzv zb#E#2;^&*N*tE=5DlU2-vBUi==#e_$qFY$-GOLD$SW;$!=1d#|L5y7O|r z+*t1iZRT^nXi?bJ?s0*|;4@-OyOcVVm$J7l&hmh6uE`y@!DEO^I$Ub>}s|H(OnBKK${ttAk3pFO8 z>dU8=q>?}pX?1uD_KsxDsTe}XOX)ItlwXuB1hou_4HCvsIDfW3yViBTFpzJJ`5!u>sAqW3AIc+B8wpRNIx}fZ^s9yCi=HvM2sQg=SaLov2Z4>Wim|sC- zn^?%Ac##-yaMj28fVJYfFSFR0b`1&~H>uo<DAN^R%?O!YN#imL12fQX!ub6ufWN-Aswsql@zvo@^p0@YD(i#(~ zB3yCb2K8t|Tw7b8hk+@}zx~Pe4kHK48CwrW$pub3+&mSmPg!tZ7&1x4*7%{7ZT$jt4+-)YbqDQ^ zs>)~n)rg3&t3^Tj- zcW026OwUZFHkc<9e+6>s%ybFw?5~agLTov={Zc43EV_&d70J_NIP3VaX+}f6jAH}r zd|B!&1?P9VvNco2xLuyQY4n|;vhB>T*btl7Ae4L3@BLFzX8Iyya@O#dKrV6G$GNK| zBB0cd3BSG2rt@i&=o_U+U)RMW|EzGt<(#7A1oHA~-6%f(BN<;gMTY_A2ZTPk{2LVt z-uPfr)dJDMp%mp~WX6b+Gy@f)!S}~uMbsz!)f-kZ42kSn=!tv^EvqJ;Kv^`+RYuSk z?Y2RXSaV9^8vG$BnLNkh#I~t<`7~h$BXuhw>YE&&ZI?yuXc^rK!8$WX9-gQ@m*4Nd z`MhSk+TRK_edQ2(R;#u&TpA(fJHgX-4&(9e*&41~q_jYi!;DXzOJz+27O&Wj1IJg= zFrPdWMi5cTJ)t-kO@^h&obU=Glo#kD4|yRL`f$gJy;&=digyl)_pUa-YT!e`-~Nul z7soB(OuPAGcqaC;PFo651ykJ?jrcZ#YH#ikj*`W|pNgaUn$lwV{!@pVECQ!u%o(;& z*Ncm$R~{OXn?<6RGq|Z#h6waVLA-%3jCb9RtnuCz#E8`HI!HEST#TPGQUop`(7=-W zuY`v`g;vWWW=;^olU&5D8wMeeW!k9N@DRYV($L(f=7p`0!ZCNXbW?fVrzy|$Yr?1n zX3tJ8@h5sY6@q0N=N&jJEICCpEOv}?i18YAf51?vM97 zFGruaGoIrsROaXhjYtilRmU3=S8crx(FpnlGs0+-+KDS{jNL1meHJo%hN~y+7{lUG+ zWq--A|5a#hmG)OJhx)B5Q~ov7+$W8q9zV9wL(e>{gfXN zsMHwR?=zI^a$(T-3hPt@8P;54iCa^r1mvjMTN_N_xO79)vu(ChUAKuCmCK1Wg}*sa z2I{AIQCn6GJ6#mu05QIPt*Cnsmt|IBw6{uzQdwl(lR*E;sx!65aMj4ZcVupooFW*t_Cnnc&Z@OVLslpL6rhQbk;QJ+})$v66ztQ4q(J39m zEf>13IZr+BKt9kBS$&83HI3O1J{J=|~9lTRIa zP?P<&Zbt+*tNyRdrvmfILFkUFlQBCvBws0z3%n&rcjL{qBVR;rp>3F>R?9p$GZnFB zVKt+O#~ys^4P_*>Y4WyY%>{;2%F1Jhq>kI$rz1$8&z)E(Z90Ci@mm;S~&@ zptZC<@0GU>!C{Qss@kae2!*OE#&Gh;MQ*djkeh0f@~UYGBDEX{obRw{+E68lbd`rg zsXsV%mRP1`id1{VC%pK4ThG_O_<(bK-Dy+D3BK8 zd*ysVi++=}U34GcZN1M~-R&e=E&E{fJm@uL(D_lkeWnW4luQ!+i}L6#tFH+b;Pnk3 zC9XF6>D2L@U+Hqi6Ez}#`;?xnr?AS+Py(@@Ci9qWXKDsO8m;fHMg0J{`*x46JWbgi zIbt*1iR7m{mAR|GEBN1ag6IEMmIm~nJPxzXU6~K~78u!?ltvsT$4DPcJbmCjxnYFk zg?%dX|BKPf(C*+^HMyhht;&WJo9j_60tbU!%M2VdUV zLU-UI*@{WBp0+DTA0&m@WmazqO zcIW+IB@Fc+NFNM)^R?l1Jw~ZS3a`wn+!`3zygv;eqvUM|S zI3zHhyvmORw&h+H)GAp>Dk^vRX`O+w4yB=DSi!^^T> zTH_Mf&*Fq?u}t(s8I4kG{yMu>S`dwjtZLrdzZ?&NzKi#L4^_7uaDVBJk2WvsXfD=n zNN^r`^-DCT8&7t!*wqF0giQiza+%p3jt)AjRmK<2o7{@ax%tK3Jl_u)yb&(0kuQLM z=+iO1xg+xWDjuia(_gb6Hq+j?20raFso;X3MV!81crT@C9}Tw88vkk!nW^6fi|!F% z!SO6jY|Yt$vBXf!3A$Vez~)Y3sJdwt6vvP&)h$pTv~UgIn!+2D;D#0YV{O(6u#CS- zR4f-isXjIRB~6iU$Xs(}rG_dio<>jPM<$y#Uv}=IenTy&|1gRu$nTslc|izY)&geB zYuzSZ$sW{j({rta2hhi?M#7>aeNIFNfYKN=o+sjnCC`mVLw?wBBwTc|x^e7cBI4Z` zEB8QK$eOA=UFi_7NY-Qrpq*&2WoDfZOP%&FxRZWBVIX#3iM)-gi)UHd$*?IqIboTS zDwCukwZfL6#>B%YMSF3H6gX%;8h<3~6)d3rn5W$MU;tIWP`O-W3qDd=c1;&7Ydv3u zGHAUdjh19x7I~UwgeH*aEYhdH3gKz&g#$#ss|Fz||D5D?p{Dc2la?TQN zr1*#f0O84A24^=?VjU6_|01G5|HglFIz(IefzYrYBOE6meka>aK%ItV_MMLBhUbpl zXP=zdM4g#9y=_DbIAuYS*$*NRK}r9D=KOSQ0R;t(eaY#JVp+if4_jOAMRfrrn^2h4~i=TI-r5GS3w6Z?*dZz1H|eRWE1Rz z7Z)G_c(``;tMFqDB=yA-&QmC=zy;rf6XyV2?$I&$S4XA*)}efm0D`NZphDU_acQ36 zSl~d=x*>qCJR->7(F-sl>_ERW4*^Ac_Qo)OsLdlR(cK!hG-WlhRVor49Rujbe_-e} zX_pck-RZKsm!JJ2O2Cu!vr;poua-KD`cg23s|f=mp(-Vwfb1=z$u9gA^#_F$nnj z=DwZ5fPn_D4HBLMXr+PS3Et%b(-#=DDEW?-=5j+}|$2 zyr@LCX1^yHKdlUFdO&x-tPlx$`Mu7F7|TOITE9shr3Gt=(C-1Ce$tFb@U@K@)bjVt+jzGkx{2|5?Dlh!8Tce$fI?@A+-{xwgQZhJ+x?$OQU<9Ft??sRGaxm1CKIv97~FD0*R;D?PAc^VPSb z_V1zQl~L@OQo6((W{$bk3OM8ZTY=9sNA_`KMp?}O(HN`|9ZFD zuM62`c+hRp{aLUHhqn{eJ`(e~F=0Eyd}lzz{;j58qVR|{q*0^U2;{TCr7ko&nHflQ*frx4F>|pQC&SEYDAFyvsB(Qr8(((rwUCY~xf=>VwNNPxXS;IWC(KU1>IT$0maGo^Jv8&l-yt?0cX((c0u;z36T4Tx^ENrayxjpx1R(Mb>2q(`hwHePp=5s_U<`m9aoq{&$%+9qq{S6J*C z3C#yv=l4Icg?6lBLK|zYAwA~h*)a>J?6>hpPgU2}O0LFO$C~5GHqS_}@-mg(1^Vb* z0IqFU!aM$so;(SYb!g<7cr8cs5ufl1^eJdHp9Gjg6gC}=^k_*LhsQGivX6jESTT#q zM9Yz@xC~Mg8Ce=v&p?Hb<^(-{mdwV2d)gKP8BI96VRUa?5h1&)hP>VevDQx9sGrB1 zW&g62X(N{(;!GAendOyX3GaoDE^)bCkLQKET>&$**Dyy(*kkGS(j)n8$t{6R0g=!E z>BBz~`}@txu1h=}2{?+tj^(d^^#3Z}#}4*GGf?1>TG09G42ge)jbLm;Wx~~OdDrn% z3)m7kwU%g&kB;hrV;X%+pQ-eBL)E2$J3r}Bm7C{X)}DFKR{`p;6o+cGvD4(pbQ_JDExM~W8v|aI7Pg4?(lq&r|}ZF8iVu%DS57A3b_ei z_(u2@7Qzgv&^9*DX&US5`z!Y3ko7Y|+@chVp3`u87Kb&ypY!$TM=-K=3{t@z>QWdm z_6edV_#$RwW=AsqsKjQDN;%eZ8`XNalEd`Do=|ao(KU?uQGl1}7WXJ$1w~}@ZrFL%Z$PV{c6c){juvnf;5%n+#YqvKl zv~WEpz8&iF9MK${iWpca7Te7=2@R*d47}%pB_3wO*&?;0Wo{ptu)|Q`-I^JPDpLtA zMbnFMk zIA%l0bukZ>t_Tg<(D_0tyTVGzn&5#=|5=CwRgj6qCkOPDV_*p3c1SSfs1OSsH$Y#b z1f}NI^$9eWi`y{4Jy9^bCk_NqYa9;ipNB4e=D}Idu_9nX|CmI4KBJTq^uU!ep+xEj zJE0`MGe)I_cVK+BNrziA87_^{iouZW+_ByW^IKsPKh@_Vch@n=1rip*j&NDK!J%@y zfH(Io3xcydY_+Ab%B}RJwwuEIV0zP-mZ}Inva}O~`aE&mP2!1Y2g+--9zq-SOSMtq;(N{%!HGQ_C4NfB-v|;roVmr z5reqbI*4IRMe4-j(R64MrsX~-thK%!z0t47iDo73xXCTB%UQ_i z85>^lJ9#NfPP$ks{=ogfo<9D#&MLcPK{Q=l8X8dV44kPfO4ZF_LIHB z&=uQ|OF(llC6ht8ca#9md+M1$%%PeBf3G?_W)3uLbR16Fmf14hg!ov>{v;g#KES8r z&m~Ig-7-MXj_XhQckZYj&^KvL)?43BB~cklN(%>Yc^x!XAPlj{9+MtMJWpG2aW!=V zUX-tICW&yEBE&?2fU~t6RPLrZ((o?o#Mo)cewX1wT~fwkO_Q*opbVjziYYD)XoFcBFYScu-aW_P;6k zy}NzNh6b^fsrcH&m!?S>ZXf+NhG{x);!rzW{U0){Y)bRpc1%~|)_(`m@}g1K2$kS+ zqtnHS8^!Gg&&wDecqn}ZZrl8ZzN;m|sv7a4J*<+u=ez~!Y-5@Q4l~+KB9g5YC;i>! zEX7_GJvLOzYl(AzyRZ7W`zdm;*U8!rQRPKRTe8b8$40kx?Y`F=y39KG_`6t5#NV7) z!pu|MvnAt$vf*mp+F*W@l;pSpIvEaY zaYBd3u@7-wqrb-bp=<@?vKJ~@n|4u{mdAuT8A2lBup~LI?MgD4yM1eXI_vL(2t_p7 zz`BTona?%wES|grcWHe$r|R9=thFk-^i$=+%2e#eDqhLQ`|%z&)!eu-_z#tRSclo2 zuhb{0Yh`MH+($UN9%+a~(`TYeRxeDkg;aavy61m_$FLV4hL=wh3srrZTb0-7%22m; z!8}CqOX`O<9yJa(;tZ>7oL)RO=U5bh>ZbN7z?0oq3Nr7BVLfYuTa7pg&N59=|6szjInneEu0?TPiWU#7xAnXW!syGxH5t~=<7!<0 zm+_8Y#?s&_{8s3v7^L-PR;@LSgq9b`(f?|&8v`}%ct%TS*0IzHY-d@bDy+q_=~aa8 zqhjjTCK$#rj^N_2Bs~^uQYve}Lm#_q5iPn2Hx+}o+D!Yt@x9uk7pG&uX(_kaWY69} zl#qAZ#oNv|X#3MK*TEu`nkO3?aToCcX&LihNri`Q&u7e4u1!N2oEPtRQ%;huyJ~&& z;aXZ6uCIVKanoj^owvXUm2b}Imu1xa^ijQmKw3H+JBdowM-qtMB+K(b_MPeNs56F~P9qE6`+A*|o{vi<~?!{ld!cKhnY z2De?}L7^0zSQN*!gTdAbiZQGy{oT(=OoXea3R@++Bk0i5 zNV``7|6LWPqeypPxv)6L4a9iuh6T6zxd@e&!x1DM(@my2Z4T^%8Alp{s0d z3!#(RMS(WU>dWD44{BJ5ET(9`1Pf>8WB+YZXA>q=&OVhGLZ$6`InWWtww0 z6xofY%V7{RM)&Ib-U1&4k-f=tv2Uibh+d|7;!yKPE&X{^kLqSNntLVYV z=lD}tew;=CA|N(4>Mg7+5+g(nZ*%tL0~r=orZqrQyOGS`EdUC#fd621ozA78btS$S zAp(TPV&a=!IfE9KGjspv>0;!k1srkhGE7u<45A_hPo0K7sChQ z+nB|thwaKo=;p9I0Y>w>*?+{a4SO*}*(X-AauzZ`H6?A&5A0qDeXuxpJxs@ZCVr50 z-L9OGW)ZaWe-fT6{e`ETOVk)JyH;r7+WuzKY0s}*koe)^riJ07+fXL^)6Us2J9%VY zS|HgABhF1UK1Vs5T*Q50T107jS6}UX9`BCv>Kx`2gpGH%G9(iXv)F9&dRg+qGiTj? zWAw)L(pxtsD#0^D+m`S1_i$&j#}ssG5xma-E41;b5O~zMzm`4ZfB%FdyZYc)yXBL9s$^9C)D#Fq@ma71OvSRN z*1v|M!!{Ky+xf-4AL-<6eT0p+vYPVcc5c(9c5?2}J&@TX&>2}o=ar)dUim6Jk*2OK zDSZiBKm%M}C5EnwDy;D-@YGRAbGTtfDEBF?S3vV9yN9Qd@5q_~CzNFkz%K2A8x{YK zT3X-WcZ61&S%8`kgQSm_zNdM56oGY}HPfr({aFCb>wq|MDZ)4;o>^{3s}daC5iLZWo1C)i^q#`$BMP=Q zH)J@jB0g_$klQc3vR*E+AIH1!73eI%(2?^VnFat<$1C-<6JB)<7pPKhMnyFLXh+|_ zFsr+<;ap{`JQls{n=gP-QDkbh5M(jR(96Bd(rn1&y?LP zBXK{x6}p-5a|~C%DT7%Gp*)x5cOL-hyMEw(HkJihtlEx1(-GeW-vOBuvNwVJmt0#D z`L0RbtuJnJIMm{>heQMD24>GL{ufg|tZ0(Mt{AZ|#jf6$6HS)Bn#Y5*ukdcP#Aw-X zXXu3e`3~uyG;BTd)waN>c@l^g-bq>Kf8y!I3i*XOxc6cI9H|F)fg{EQjNMJLrj>A% z9}yAnw6@l8(*z~auEYs6iprfr@A7eIv1$c6THJQFU9r1Fte1A=^xZ!)5=y#)2kMde zDJEs+DHFqihOkbtCte3~n{BNIs-qn3Xt@eq1 zja$8|XlJ|vH3AnVHnKb7HaM^giD-R2` zpS}PaF}fj8w6L;OB60J9?-NF2%#wEpAD?fGVH>^W)lZo)gY_px2eFWA&N0YbN9uyW zNX2ir!>0FYi0FGONWIVGD^!^=M~MrS&bF1W(A=fuD+XjZv^qpl$h^(5W%~<@e@d#; zp)6&5hPP~aBe8rGW~jzjFQ3GAL+-HSgfBmlE{~uj5l|&xImBHNG1yZoRvXCW#%5BH z2NPflA;9pjt1C#myQ+iyXky6RcjB2T0JvWeL?w3V{Vj8HD~5Q7b*Ti;r|o<0mMW%hi+6qadCInXEuL zZz}PKh%r>p5{L5)JjHruY{;xt;MTemA|cG)6OR zly*0fhT%K3sP(O(5R1$(?#X?$CK}DT(@H5lsXSF3n*@vtnA%)yAvy7}rqKsvZ;$x5 zgr45!V_z?M9xZ0`Yp`_!Xy=bPJ`t;s^!R$8yxVq8=pM}hEIM}sQ#wngTz%i#nSKq9 ztM4&>>z?8b%71=kF>E)SJ~OV)6Y(2L#&20gCC!@iR?){5mJj7hcRvd1PnLuy@_2`C zvmL4EOHN?b??Owj@&>qTu&a$v;Z%bt-qg@+ADV9)Q-sXWn;Q(D5nd0ek!#a?k|I55 zR!u9pfry8#g}__{&1${5N9&Xd&#J+m%7;XTNU{Cs!_7y_#09AO6B|p!mdU$Y%3JOl zti56J92prK&+au(lABYp&8d=03bMUb{1(O$E=@gaN^Hp9UtAtv`v=^6iSR0Hwx$Cw zk~p7{!OnlAtN0B@Htz)`0!#!YTNlh!Z7%+{NS#{3Y1RKEW~bHCfvHUT!{MmWr0Ubo zC1;~{VmTK4yy!2fOwpwcMDLQ7uMPdeXPwYDaA(SM?fU^)f7plrpD>Q?|A28E%>SRh zF%vQ~vi#rCmCTG>Oq~CZ#z8ZPT39=qI1)05S{pc<08EVRj7^~V`JtVh9Zd{upxrmE zJ&mGkXIgEx{&)0j-uV9SWYp5B<-g_i%FSm^&+RS;MTf_abaV!`)3WqQMe%q9+10i7 zGA|y`^wTt~G%uhMnfgIGTUr_*4O`84d|W6CM1mpZ#lu8`0fdkM(Vr}iw*Pl{T4;E1 zcoNZ_CN?=BJ^EHn9v!MP*GA-f|AhL6VsDb5&@2smz9+jpVdSYlvD*Y zBp^}=1e6d3?ms@g2=SM+vb>nAhEM`PR&f_4j;s%9&)i6)=*ZUEz)FZ}1;|Z((&HVunc9+8ki~ ziL+gFHGKi#{&%9C++P&W2t;RoZ%7K?MMP`~RQ*>3%~dfmfeCc};gZX{s{Tk;V2J}t);E${;N;wXKAz#-550~9!(*!`1=;<>p!!Q znW3Gfg_&&e#Y0@GsBGyk+!sxavGM!u`8z_!uQUqMRNJTdVL{_Yd4bT#0qnpPSxjZ3Qy*tVwa{f(-Ps7gZVpFPnF{9T&z`|^WB2HFQ^ z4A9VP;5dM5khFuUxXQm{|M?1;w3TC7jU+M&H4N>Ak57 z3dR7t9oR`U!cj+60prFEvEpk~YH_%wZ~5;vlt31?7-5s~4~9_wm)PHU+S9-Dh9AnC zQjyrg4URB}tHH^7vKypk&(et_P93kW0+VJ1O|jN077DK1_eP+F8l?_hb|*D!f~{M#(zeUTJykE{;@cbPrT{vb`4< z`k1p}6u&oV(e1O_L+i%S^#!20H6!fh)zPj&Be7#F1mQLF8zwoJt*>dJ(jhYMwq;)8 znF}!Ov{%NX9a9$R8syW=E@^4(-@DoL-Q9of~dz}!xJJLzj-Sq&x_RRhK=Xw&L8w4z!9BZk@fW?IP)^Nr3E~FU-${CSwy{A z@A$_($jtR1InQf#0uShDQ+fy~8S1O}dfq!coxAFz=DzEcCtTM&t~t8XwA>|YC0dyl z=`3nGB<3eLKzdE!3(%VAuWL-(fjNl`JM26%4tGNa2vFi9rrhhdrgjnhHKf->}hwbUU%=nak@*cfM=2~4`gSs_SG#o>lJRy$&^*LxSxwu zHssySIO3Z}m8(??wlpM=j>T&0)9Km0vX0cCY`@-N+ zU94~Cc6&`vv+?Qcv=?Ah#I)6JDV}n6QC2xjV-37^E2DePEd>oo6fU>F>luiQQ?qD@ zv(y>rDrBs@X2U(?VDS#^^@gj4IK;g20XZZ3x?K{`gUcq&>nQQU$EFV zY1hGZBdgH3Ot=Oa?}|qM6Ra7sOJ6c|ot0HZ8SLT;w7Xr4QX#1;cSM=`@SobI2>FBO z#SYCfh;)2Cx2pSl-yUKOIOL3s^^&BRzdfY@yco|e#>1doR#KxX*56_zO6g1bl=@hz zfQRW@qp)hDG1lQ<(JMWmAH{8D77v_Lj4mRV*@KHBt2KTGDm*Fo5JG>Wbr+5rG6&rR z>(ru8fvYcRl`o>+gljnYdVy*rf(>8RO^E_h_&!e`l++@}u^1c4b}rzJTyS#Oc8D9qQ(`1L%GqsJK3|Z+RK8>}ArJ8QGT|oQ<7sZ16cM zyn=N5tB%H^5R}fg9a!C}M=9#WgnLgjXDtpR05LKnWqS6^I6?k0$8DQ{!Z}@Awx_a_ zX&p?)(|YY(vXK33H5J;{SPlr5{Kw=jHo+_=;ch~j8zd!n|7S8NX>S7wV(3_o!Ah^~ zb}(6KL8Fq=undW;RON!jOfDinWz<&Xx_+_+-}kw_kz~ph671^yk~Ff^y|{-^UBwy+ z=i8F0{fLZvW$EI|CnxQ^!rgx%P9 zYRt4#nyFd{tqu75yl;8g|AQH2+GvQGMp`~w2I?@*N5_G>FJUArC}GSk(dv13Itk5e zY+`qzVoe`huyS*;L9~PE=28AzetIyQ#k|%Q7zxAnfuflPpUq}Jv>egms$rgLrcyDI19o4}Z~Ts#M5udb_dKB^z?>gL@NQT( zk)9}Nb$SU~f*BLs>oj`KSqT1X&+}~iPKSeammc~hE})q-d^i_TE4Ti4X_16MRnT|) z_8?O9u^5M(ci7sc@Z#2%Z(g?m{t26E{~-&rtF}m{L}_CC^xpCaYcv@$%J0>T&~qMD zG~}!Nwk%0EVQf%!^_e=?rduu4ku?7eHe=P>-N~3O0J2D~>#SzM_JJ355bOQt%o9li zQ)i|1FQLAF1)@Zt>A&clq&+F5p=w0g=#e)Fq?nCB6=w0{nmG>-T&-w5`VHwC`tzU- z`_8dLO|_rS5a;##q^r&j@5JH{@MO^2>BSBi6V^Xc7Zs0AB2?A7+#nPmf5bsm^8%DI zet7s_WL$K9%>OE7seiiJYnQH(1}9ve*s8$_2VunYye6*Z_20l)mrAg5|H-?~a=?<& z>N@}yHHyvZQ?XV1TDUbwKwI&+#jKU?FQ|{=Tp+$ffT|FlzXp!V%qpQw#;7k8Y6-!c zWJNJfp9@W~@~a~A8eS)-p3m9g3ZwbkbKFq&Pn$k}xcXj?2E8sqa1FZTF#v?vG~@E? zwvP8)JZY0;LP(n+=(jt|&pPx5Bv!3>gA2iRw973gmd==ux$0`T8h|;_OrS#GUvn%F zOXE}IuD`HVrGtS|M%xa8a-fJe5J8{wZt5PLo{b^2U`E?u%FTG1c_i0CV?i*Mt|;?MW7oS3Tmk; zBqkdo0e~yEk$?Cgss1Q=k~X`e{0ku+HFw-~q#OF2;69>)29~qV%A_3b&N*%n`D7HZ zE+j3$?S9AZv@opO$zLw)=`DtV3GlAO3$#XSq2-f5TFtUWHk5WrBG)))V1VSgDMM%C zXK1(E!ChihG)qhX%)7iCz;{8J#TO=NwrE4ei^>$h@OR6V#?FXSyx6j+XB=m)I|uFA zr98B*wAu$rk`BDZq5{QH|GVE426iv-dFOegyaw@$bK?T)3pX9RyyhbN_XauAs!`V8 z<$t1>b3L;A+n$JDvOm;4T<@)o|DV4)>MU!wDH6;0>(Jh!?o2l_fykkIq6I+6WUtNN zdpdjIYBYOcEtTC?dS%emwD>ho+++m=eUhWCDf^Hy^@yUceUP7#&^kYY%*}8`mm`l& z^90PcYtlw7u9k?mW~NIK&Ceo1FkOGm+a)h2q?2ISQclSBfQ-phi|YNMMb}-46f-Uw zYh_*|`OkUW+>oa6enhjzo4ZF-%?g$vYmKwRg=cUqw|<%u9tDx$uHxn<8SotXN}eqo z9l^CkG=NMJIP+#vf3Svm{1+_aYHXlgVo_KoUC00Akt25cf)8`Shwxqc?{By(O$*`q z=CZDR_-i|(PCk{mv9Y5oi*NRtEvLlGC1r>&&I&iP#Sg5w1%CEEZ!*q$?hLswPsMnV zRW}+DYicW@=a+=1JIoVp3o>rhb}|Vp+WK~mLt$0$s_xsN)j5h&e$=ap=SLg##Uyay zNFM8$=2Hu3bXoRvbLJ%pu*9uD@~2263xRUayPkJ~z#ow&WoV;w@c2%;CqXjD5gh8N zNC&PMmMJl)GOIAFLz>4mHyxk294j^!eDJ7?ZTlTaq2{#<{D#TdBUr85CvO>WZKEw%P{`xRsi0b{ z{DTWD;*iZYH*xwGlpF7|i%onc7>gSx1k_MvpV-2KoZ>-Te6(+?XeGnHfD`mHxo?$_ zQ`#lFXLUO?5{mRIQ6Caoff!~U88tWmK?ll?Xqbo`LC%ZGAFQyIOeW^LI`N_34DTd-QFUX?tO zn=4e2v7V)2!kq3TPq=5-S$8dzR)E8nMwZThO@n|ZDB+~koH`pEiscMZh%1L5V2-DI zQ5G=tb1ng=T}!W;uyu3jZ+pG3DaMwt3(SBlZFE<;j|>t_c{t|raVp6)LU1Y1!gK=O zZvw{|)8)h|ArP$6Mzw&}F`T>Ul3aOd<^M7)rhKeVOT#XSi{lP?`p?He7 zYVGn5DJrHW7FjLd?82f-eSun3mm~`0qr;$pC~wiIklC6@zmws9c+9c~R?=D;Odvs^iYR(|nm=Z8mbSa0ho};`xOcZUV?^+foz68_ zzD_X!Z2mBHIs9np5!koMdCvsvM}r{GAXIeA1_t-iOsNEdpB)STdCnYPQ`u?6?gN{| zZszS+D*~XpkHXyt(&zMqwdRsRJuFV?c|SQdwK~g@(Tt0I_=1U;dxTl8&`Z;sNz3>+ zmGXarix30GsAv1~NZ@8^hJt>(jWBM8Z3Fou?I(%3aY6sEv!&Spw&o*+R6wts*d!Xm z)lKNmu))><=LV(sYb=km<%A0H6u=<9&N3&!)g^}5BN*$6NAOH|c|E!<=n*2_SU~2U zyu)Ea#D9G=?#foxkb9l!tlap0*$wk9-(tN$DEGHw6@+82%Rh8wA$SfuOvZivHS#Gh9zkQ*#C{q0CP5I{= zj={#MR4kMBW|c-aH0Qv3B$MEqZisLZ+JZg%RB2s9y{*YDTjq7`ClQUbxy7&DSJkz! zIoth3%GXfPAH9}A^sC@WmJ5t7U2H(Xv@g=y9(`|CJVQ_-kHMvq*qAS4JI`a;L+qvr zCW)3{s_08Mx2+u5H3qK}nLNfp(Tvjz_tf^NLUM)_%c>(Tp<~`W zqpE>&`Qpo;vMxXPW;Rqju>?z8J}&>NhZW#OBB0OeGW1HK^{EqI?=c#p(mpFRHyA4P zh?{90KK?gV59MqeG1LW3v}`r?p9bBt9k^{DIMYyIHL+Dyp21v^bo`J|)(c|VS{uux ztkj09re$AAs`1UAcZiZHV{zgjFvdq7go8(hV2A1JB%LIXXcXQiYVQ;JxwB|6Xd>hL z%+~^M_>pGjC$~9Vl*Ta8s;;&3!h(P)>}jNo!*F#!%!M7wbF?7DQEqWUypZ)7Eoflt zb0sU&%I7+lywRPJhm3QM7L=BO6`J&C7d!Xt7w!{W8L!KV0N!_v)1G3wrW3ZRGM@cI z&N0|k_BKuw{wbH)>ZV1 z5F;fiwjC@b?+@S&2Yuei0e`NT|6q1V_a^Hc7{^LBy$K42y*@GE5Q~cgwRr6EJt*2N z7ocQQU_hiw7%8I+i%t3zoby1#v7*vLsRoQaPXPhhwm+2^_&VZTVYqMSky%_+M30jG z6ZU~Be7~}YQ5Esv!a-#z5mONK^i^6&nJMd4FvI_Zxdu|{URi$-(wjT~ApUIB|2ihh zgZP&9#d{OHHON)W-I(Xcv>iK;3}enqmMso`#G#?Q+Ae9#F=x=-9P8wMg;<%`@7or$ zL*OYDMIen!u)+29Ar+s74sM|9-K}qcGIfYT-C4f)r&XUhJD@ye}9nI53AR*R|qrlq)JL8AA%h-YNWItrk$# z`T;7P%_rI5gT~Dpdr{Z`ytRE~ucGBf3%`)D&;MKsd0dt=r(^g;v7^GcA~M;l zVd7Gc4mef+x6Fc#05d2mx0-3&t*3N~FJa?v1IHgKZv!Sg!F^QCPT2zx5i)|)ZekJz zetvOXqKM|ih1Pg2F+vRq6&k3_7RJe0fj9-}JE;v!Kz*em<3h|uytWwQ(R_k-KYl8S zCJo54?w8IJ$AUnzzBARpX#yA(YG<6@As{V1Fg3Ddc>H@mvy;~7(rq!usC4%opg>A3 z#jt}4(>jeARnW%zzKmxgN^#+T;nVWH zFm-19TfDnTsZC?FcEnFi?3jPn0?BjZP?z1TU`;qBY}5V_2(YP&bIpq{g9+T`2)>gz zXBP$!FFv#4K@y$BwS^ zV!nYYyByFLB2uSGK-TfV!jZ(mm;ksC&GQctBJ_c291rRKBLsyn3x2&m2V@FSu7Qpm z2IPaFqp>M--Ac268G4Ip;ORF1;NW?Ig_>?cc)CaUIg+AMkZ=P{=u(A8`{_jYK9<<)z7(f&wW#374Q1f{{oR8@ahborW-(>?vT#Is-1 zu=+4EigPg4n?dyBp^7B=MI}t|pVKRyFz$WA_I>Vne2E`S??h(>KdWUKRohDg9Zb zU>AHx7{NAOH4R*-~IvxBm+;mSb2eD$|(d|+Vcn{-Hc_O!L9Ju?)-;iW8K|XQ^bvj@rZO7 zf0)hA1uBs!mi8zsIGcQs`4X!wT48W^c z>JI=KT|@aEZ-CbSIPy(Bi`6AsFfsBX>Q6$u1J(3vSih?CDcOD!{4Sg&(=Ea^luQ); zgtt|@uQzm$MbbUB$NErAB7HS1!4Ss*7an(N3muok*#7GXCkoWgIBJnUHUGQdH+RR0 zk}KdpL6`@kv3B!inZol|t}z^NO<^cX9nrdC^n(WI4+39I-n@pdqAs6Sjp%=Zrdj8` zf*mV=ymG$6$f29yHDN-w{^pLzMyD@lm&8|LB`7^(6_*|mN+|7gvDCJ)>1!8nKgX5KnwUfAc8!8G(x`?#lXll8d{B`^--ODeLL(0< zZ_3ppOq2=E7?c1%C_zz+Tz*?qqF6oB!Vx0Rnv{}5?*_$G8d*G3bH%*E(vC`|F3A&S zStCq-53;eyB>M&O{U(a`5Z}tWO0@Go1P%Zc)D7eo;g3R2=sAh=bYYaFzm&ZuqK4F} z9CK$LvX5_yk6+y128+^M{Cu|RWnGylYU=EDCA3?V*YXnFxmrqJIaH#m0(@zraISU; zAXX5O57pYh*0})2MDW^RXhlmQKiPUqLGVfd%wmb@PMxnPOlC8>y>1 zZ7IN1sE)+kc=j9gK@;Zh`+8j$Ed@@B-9<*n4tyFY5$2r7Rs(cD%SiRWQNoPh4wK!E z{w5Y%OS$7;+b=p2x^?_ismJ8DSDtzn2roRyw!>VZ%AQO9cL> zq{)30ZI%)+H(peQ!3n3V+DfF0l0UCo3EzVG1yFw%v1v-0AGeea>$pXOHRX|*%Fx-^ zJ-E+PT*;axBPI~>^jQ?M*#-|U-qn2Nr{bG$Ukd^(xsf7eY%`y}i&Ski6mRpgE9_k{*RWLRe_TB!ewg1hwO7rqYOzT=_&jv(g0w zPqxM4p!b!LzFYkl_k}#pm|mqj3iouZo#5!nBvYt|oSwJubXZQyG(i(Fr_%9i9*h)j zQNcP%Oe$4ZY`~;kiS`8aP~2SpK7AII3T&Oe`(wjK;g;vqoQAz1JzV5HaWfpNS+Co` zxo0yTd1v>0WA9#M%vuoJr3rtAEx&?j?*~sAx}AnCB$MUC`ub0GLSHY@Xki=4Jm^}p z1=Ty*ONx)zArAJg^gWyk9;Zz5Q`sw3(X{z$qvVRx{;4}`?yj*ox3+bdRB*;j5^vLX zxb@V9b)w(iF6C4x7s#Pht})^tspA!LiAS_P4HXbxXK~CYS<57ei`zCl8l1^-hYj@5>CvU07lqg<)@p-g$E6wnwdK8&lP zoQppjSu0pDdDv=*fN2JPAUMmH`IfpFM@6Zj}I)Gvqb zsQSH}aN}5HQ=8YbTL)iTm)v)&qe-GJ&BXHkrqSehrudAqzvsHLS#T^g0`nO3Q#bRs zfcEV<{^Hv`7k0`eY~ZNXiw2v9NAOfg!}=+WWM>cr$66T^e0rSCgibj}XmDoIaxA3- z@srN+J#n52;Ay<%0gOfd77TAYz6(VsQDC$l}Wy>KG|UX5aPwtpZo8jPOol_0HDZ zWd*j)-OK>C-xcR2ur+bbdkaQytTaJ4_R9J283z9Lj}B)SgLkPKKPCq=^UNKc2fNM$ zj5WEft@mN9DvEL;kPaadOKS7;v)f|+?n@V0{Pyz;w%)==+W#K%0w8{H|JFqlE7!+oT1cVZ0L%(7Ogz zCmXH}lv$9}CLyy@ElF&oCC4F=_R&mgK)R`B^m>uK%TCSSKsGQD+?$Hq&Eo^P-n0e} z4t7(r+(M$6cp;07f=}QP(~_X5jxvg%CVAElFHgs_iAetVXS2r~Ckvw%zl192PEm4B zk-A@_?~Ywvy``-kk`^88L5HKL6e6xJybOxeI5jI|2<#{t@}V0PQIdg|{2+l`iiUiU z)o^jhReAo5H#Cn>58kRG@jhKc!_7iR4(Av! zUX*jXBwDeiz7pO{LDV8IdL^VfiOb5N7Hy}PB%V$c3J);QXYpGM{9WxrkX`iGpV3+6 zD8Zks+V~goUz$b%JW_F*SkyK3qqh|J>rYrbejPLowpet!u|#=$6qc{${Jq-HOPxYZ zrTi(%e(G)paGt3^eO8Bc#k<8-F?KPEL}`vr#St1Q&kd0E;PixcgOp#^S~WnO7VOhH z9~Q*Q!GM2+cur{sl5lJY`35bfD}`!F_+|$D&};z%`7i&j~L(;&2jrw)mQMj8UIIM(Q3h&I|c*Kp$!-^7qIS? zQYOTK1_%>SG^GB?As8o>xS$m|V8jm&`6G33i$upycj9q}*21lRcpVY$2|TU6KOm4# zQec{I9oB6T{&}536GM)4nB2jyil`5#9N2oIZPcM37ajL6)X~fWutoO-B%XApRpV5C zZ|0V&6LAGY0>ebNw2+9yFn~7oJ|xYY`8q>+g;Zo#E8piN=lF!eM3z=QHL~1SkQ9ys zEotT2WAdiZfOWl~hU84!C+&&lnT{`$`lemMJ96npdbY>9h^f$igSTGsC$Fwk z@^ynVTD1+y=T_-)qfvqTBq3Mq@1((AC~-4*s{_-N++>xoa15Ok*tJJ59QZ&}Kz-{8 z+`qaNPEsiU0YYq9{=tZW5BXi~M$Jaz`hPjlFyJ^O)E}?40W8Yv8iREi0dn=@93ElxhKN2GEhtscugS2XlW1oMXCMzn-oDA z2J2&JdaYl!kof9|hji!t1z?2v0fW;cxSe!sCv^#_c8SlUju1iC$)<)fMt~EW3VPNDFCbMt8BRGKfT9el6zzjwj~fOO;m#JnGLHrA>* z0~wuDxSOubGd*(`cXBhn=~p>%IGLP-sCH}Z?#$tg(9qkj1+ot-poJu=)M8k4_*Yoo zH`&FLG_DSx-GGqgbo?7!M%}X4E_^G*>|;_4j_0HwqbkFuI`o&+o$pv&^#PaSmspBi zX?V27{KWMnEySQ0oSGm0)o%nLjNZM?o_x-nbDa1BWbH+XaE ztQo`F4g=F2voDudDfQ~T>eDM#$O~^ik+p(ri87F zP?-RVmJ%7OZtnB4J9+VX)};7$)6XX4oM#!*HNE-t9^O;m{PuhzL=>$TdI=_{UjphiWBI@=shf_7h?Taj>F$PShfUY^Z326Y!WDuwklu-r-Y|3Nz0E zXhX(q(}Ur~5qOwC%*J zf*|ZD&FJr!c@G8fm9IQ#!?553E?*#aRE^HMRhD<$mP%<=f@{n9(}7jE#3KA4*|Qt$ zvCe$YX3dW0Zj?qXB1vyb3dEIVv5R!3IfrfJz17PffXEK%$7bs1mX4aL7R|;NGk8ew zRu@Q(2}Z?*>%6A#_nVHY1Dog<7?PEiZDEjQAExiXA&vfn(q|V?l;$Nqb#oi23G}9{ znz$?Hnw0`?vzeqQU|k4b8;UE!qP>D-pi$o-x_HZyt1$7<+Eb^&!&XRF0f=E;dt8<0 zZNvs5zQIq%^X3It#h~TjLv+FyDYFd^ z{7)!sBpMG!5>&6OoalRuOqBZ)&>`|x|xw+@?`&42$=g@ zl%cY=HLl*TkxBOfmf&XZp#|*p#mk{>*5KY{7_SRprBR%?M*%BGJzhpPQ`L&IiQ5iA z_P!ZoW^&dXKS)NA%$$+uH;&YvIw6c7{iLK8Jxk(?5Zy9(D8MY`@<}Ypo`k~x{@l-~l6oE@=gK+gR6(CE zHRuk*ZKdt}VYjWH8Th(6xCapzU^v{V-qyax-z(Ph)j0J&;60+Wwh^%qrU&4yVHtR2 z7qQ}_?wyKV0T*TZLxD-c+V-(A82+xi9|A;3erRu1Y`UE8WiM08trW?9BcR{sSWrcu zvp6Hqc|HQ((a^f~?u+;EZ|L(VXR)^(zS)7sSI-s-#`pm=hT|Vp%055H<%;g9Yfx8H6JB z&@XP+fiD34#;LI+37b&+bLAo1n;gLkFpqc|D7D6^PkU!yj(TtT$o;!wf(O)-Nr z_N`Soh;Fz{I?AwWj9+5Q(>z?t4&1R8vk--?b`OZBwxHmuboLzcS__X1T+5SrQ*clZ zcioS47t9EIGEBOGMncL#MrS@QzPxU5KhthF$F(|^sS7lDpu;+9yJ;^#IMW4^L*E^- zq8B@{-jb+0!#$OX)M|3Z&OitrSnFdY-+`f~sz{j6JMq}E`$YkiKWv60V+p5u_{*KZ z%c|tWo5WAAbxFNyGo3cXFm3O4AQ+ELZ0hf5u8By+v+~k_M>02-LA4Ylu|Trd%mO|J zH58pd^pgnn4ThAeNuoLuH_Vrra6BT9f6`2Vp%^ z=4=GH_lmmIG32=t=nnEsewt~4A08iaGHA;tQ4l_WOu1?3sd2y)6_)Y+l4RHW4N1GM7ANt!%ZojRjO)1w|S zzlSMTj`$E)G^!~hU>?Iga@tgG zgV$q2-9nCNRxz(|1twCBMMlhWp8nuEx2*s0>tHydD60jL=YwtF^AcU?9$J0UOy$C* z5UcixHoX2xo}q)dVYZ1}6kIx=52N_B2uR18zTd|jBH0P+2Mma!g0HAgAFJjQpJ88H zY~k=O!to*%DUxl*IJcYsLuIau(G8l*p2h1z<-S)TPyn-&^XeYrw7=lwiqghP(v&0< z(%87|x%UQZ*D&$^{t(YM=drWcG)`QyC>zOBU=0{5D6MlZEsNK6x_@gALssV409>q4w(?CEPHe}2%e6k$?&LDGGIyz zYRSz8UG%!@C>{P-VG>1VBgO#M?^~{A-J)@G0rm)X`wnz^oHV(#lksbt&K;xT@g5oD zjh@xL|H=@Kgt0r})xKK?>Bvn*OUhrQ#ND1&(v+dM%`ZZ8-mO*AJEJnAuIxQm4c}gT zUs~&G@G*^7GljcpFQUVNg26#20bdO#_-(CAm-xhv%k?DH!vL{)_HtW)Cq~{4fvXzr zvLO&r(!@wtZ#2UdIn~;q3T8(hfgcijU&ho367+4~l8~Zl$>th^YwVhfO7g z(@25peAV{+XB!4(k6{m!kwofRV{>HF*jC1xPxQ@y&Z&A``3i!3Z4Pjz%yC4#ZoX$U zgz0Z4)cv|WeTRcuNGl>KV}cIQyRihFgCR`wy{^*$iuN%~mlV{(3z^Xb&Td(MxRw@1 zQ;+f6rf9&MD1^Ob`9mxld1pdRRIM?>>iOyap2!s zS#{|cH^<7tcD)Q!qN+w}tU}Fu+xfQ@_eSuS&5W zv6Gd(RU4D+FYX35yVnn{Ay}@dPMjq<#Rrh<;@BG=EaPiGx1x zpgGOJQ4=00k9GHd?zK`7A%{Q3p89hk=k3ZuMLZa#i$c=1(yt#wrO~0^X^+Y|?+d1N zmCdti7vz9RW#*6mg#|qwodG_T2j#G$pK7*xqhW5tAcDIs5WjB~2N)M@FaqDk2>gr~ z#1GSV9r`91Z?W0C)0dQDwiI^BNm}FZ!otfzHf?3*w2p2=5Z|J!dFUmupU#A(!TO)>(lLReE#qE(1i~w~-0xWW#Ec z5`y5^;(@o{l*B!4s1T@XeqO6cvDlj>;2lEP5R~CL%Aq`*g620_@mi)PX&t%E@N8|A zezc-76Ds^a^p|e8!V5F1chzhYh~zpZV&Mjh!LfMBj^t)y3LnGMfgGJv3c=88~LK*(|VKFYnuv&v6=yo#IKtQ1e5&Bf%W7U`n{CzA_ig zwfz$Fwz^iS7|UOsLeUdCJy5*9m)g;6T=>C46!-=b+G@OhJ_7I2ZsR zKSA~=7p+0FBg%14y!}4KB7pHjh9a0>r@Hk9{AU6tT&)(`5Mxzi{JaXLUKg!?6S24r z#zF@P5e5{}`-Q6-uwAs%3ZeBxXF*}H&F6Bd@;FDBaB>Yu8d*hb^SXK zw&AzzsLBV{nhx9)s@Dk#uuBz`w|p|>awEX^8{@v1a3fg76G^=3G*3ObYLc>d11##m z{LIGr{aa0$yDC6g5Dl0ra#MT%j0+N1KDK(Oq5#_0OpECz9uOL80BW%R40!mY$hV#N z#1Y7w>adR~a4H$$fVtv39cIf$64D&l4tE;pYXZ8N&q{PcHXNM*HDWA zr<^I%!l6gy%*bnhzxBB_ojEm~sIp}mGl{dg=%8Em$xAthJCmB&;En9hU1S$qK)_Id z|oTgUyfB=%hU&ximSt)Csaw6LOJu(xcTu0 zo0P%2Q}G`$?lM>i$O3sLz9lNu-ENs_nH+)Tit4Mm8E=oy-mJ0o5jS#N5`xXI^=n}JSImvFzWD|y1jc9n;npby5#)f)Y_%U z6h2iO0j=X#jH5H+%0$BFb6ma%2m6uiBZC#)SZH-aPYFnF9_%~|9;1Y@w!&+vZHQLJ z8SE(>sON-_lv^}0)2q~meb%`nv<xQJ~?)_Ow*uK={pQg+GJ# zSQ;1*-TAigdb_^2VPj05>71L_&9cFUGPz&I{yA4c*H3h3GI>+ZJVUkV1Ob1T|pG1bQvx!O+HKw6P&EzzM3ALu` z=EraPoF>DDOjI@T(_S8CUY(hmQcqvpL=YeZ-8>^bMQNejFCLEsq2{juZfHP3^;EU) zw?O2&;`~FT#*Va1tvc~Ha9z=*OEvwQm{C>riE{1N$b|TikGOdB^Jk+lr*| zB~Le^{e8sE5*J)fwgNO6mm_@#8rUKNTO>mkUPb^G3_WWK;YdiPJ{#f(xnG)FPC*!j z{9#Y zx|2V?(Hr~#s_C;PJRIzLq5=A|=P^z~IpE3Te(m~7n_QTLfxV7r`oT{Xr>aX_@N36a zI}-nnf_N(VPn3@H_cG!x%j;H&OH1$S(S@MYhC>;#5XX%4lOOG_+jjq%sfCuf7XNAw zv*;Fsf>^6AdD;yyLWY^9nAiIN{T>g}f7Zz3caiN!P_eql67lW$SWq~fPDuavtSo4z zI>c?OzY5_7VoUgMB#@iaf(DK6{=wkrs;ZC9`vu;T)JmWSiNP8l&%VZvEAxS%wKWHR zKj@==6?uEa_Mld9bYzu`(TzVmKjYH5RI`4aZPZP4=42yG$VTJX9!&joyOJKtf%@|T zLA`GGC9iUrN0Xn^6~+gvC%4_pWs^g#sPS|)n=`851Jo2s-y>ffcEON$6K(F2vy`b> z_vUu7ZP>+q6eA92$2q;iUkKLN&%5{HC#XhAp?o4QKUR2+W^kMrS(6QNbFN8rI>Z^! z&KVk?hT6C#eE-}byq1rd!WpfSuG}8zODi=^Fq^{3al8uznsOhccg5VJT~+^N(YAVh zlnD3Yj_4nRfK2nC@9@zBxj1jvq4w&n(pAOvT(%N<^znop$ST^Ph#td6R6P*1igpb{ zIn^p5qjk9vqL+UL0vqSHcsy^*m8RHfUtX_kI?5G3P3FGcRF~(C`WJ zMR1VzQUG=pLPe(~sWr7>0%QW`xHZpAB4PqluHc|}OW}vG*Uy?mx-~D-QtRMF^&8qm z<2GNe{Qlx2atY@H0HER$#tr)Ss3gMsj0K_)p_uCQX34@#959=&9^W|gi4#7(S?+sD zH57oll~tjKUl9#dTuph8ds#@&zjsEnO$8nD!Qq|iYr?Hi$5T!DtVd>-xP13V*K+S7 zGF7=7o>1Efc)sTtV9fyP&*Ko#w~n& z7PeX51brWDkhNt0gAQ&nGaH)$Omy*KY?X-!Rds|!~l&<_MjK(r&r zg@ql}XsD;=U6`iieSVChWubI2$pIZ?1y%z8RK%ZFqa_0Qn(1#5G9EqaKIK88b}Qhjyb3QNx)h|%5cBL%4x%G6G~q4dA`-b zhE5$LWLiNK@L>TM*@}*aW5+yLi9z-G!5FxqM(1Eetk-lGq-s$X@3Bf9g3vR>wS~Uk z?wAVW)$UHN^uUf-+a7PkG42XH{xj^ZOK7qkPmlY(+4!raz~;DP_&{(Itv|MkUxegs zFq=BTy;9nz!(yi#07OU`cwCK<@H0B8bYUVjf&G+4!D+`0%p8L~2Gz?&z`M2IZc3-c z(T-zi-};wb1SmdM5pWIH{EJr4m4jh=Z&bOmLP;}72%+0Kbln)sAv{J2!0{k)87Q)I z@t)#kIJAE7{;M9h_JeJdW>U)5j!`o&g;KESV(D z;EoV-&NQM;o;;O;OCJ2jE#QSt(f5sti`!*_;`41Wj7t?-3KaSHChu!eWvej9HtLg~ z-wPksO=KvbKK5jGDv>YPLn4n)Sh4Jf^2&jO$9*p9F%`UqwqRH1Tuhosv9pVqdU~(= z>c8sIh&1DayRY) z2xes2UeV)fDg-S?6MNt}&?$m#u)9~jnv0}0 zc!g@E5>PP4+#Pb9@zL8iEZ#D4>`yVj!k39ULG1~N!6K>?tExfmUr~<2)}d}{l2Uzj zW!vz#<}maNv8@t6Ma=l);MVYqZVK)daV_Tg`3O1OJrvS}f87;5E_Gb=py~7#`4;l9 zuixKfb-?3*p*S+V_rv>AB7s;W(-Fu(b>sIR@^#vG=5-oqnjbR6WWwp@C6*^7AWUq^ zXt04B?MpL^XKS!L{xL@XkFHXrl^$v&d}2z6e!7PVbx8DN7BPmQ8y7Bt*q2t~fGC}h z_)%dVAW?jz)gmrSbqv6uk&#XqK~w0|z!cA`Y*4L#`*t2c+X$HT^B#OQ#DzHDD-8ri z=2(wATxis@c(;+!nGQm!Df6Zy77Lau%gYl zfqsg@*cR4#x5+R+eJQ1n=Us{pS=GOXVkMwOat=BJ6l3B%cZJ#292oXm)%Iyam7WLZzj z{o$b`PqrP%w7TKk%oBMQs2RI0k>ZQ9EW2d6b!%kG*Y)2fj6qK}^uJ3a9$0bQc9Q+Y zIHYsJ)tf0HswC1+5FSoGt#p}mYj2q1|3F44ue;z>vfQwgE+%}4b0j=+jkq)srkhj6 zZCW3URTk&@=CHD_(3KV7_Do_5;GTI1r7?!*&+WQAcc-w{N#?DX;EqABQP0zYi@*wb2(}${UU3wYk@A%%Ni1l7`dC?KWn{SeApLzqAh7fO_~Z3-Kl( z9?vOT8VbFjt%oN+b*(8%s5nR_ zor``ZWp!?#BRhUfYtaV))r@~pUWRBQ+K_waU=uwXw_k#^WO`wO9Myysd+n#9p}lj-UDhEpD_G-rJe#g` z0^o&K?VUnteiGW>QXDti^P;B`1K*cD1f3PLu@QmBmVsRKWkM03Vn$3d=1;6b+K+sY zFFzT@1v#rt|Kg|t-t^!7ca>h9_!%FJ`-c8_k7`A|W)Yz2_cRlwdejjG(YxPb3LQn! zZ{Hgs5wo}TtTYafX=y^#7C}|(l(H~?|I`sB>6#WM?-{B?EoQU=wg+;&apA@voX8lQ zv#N2jf#I0P=#IqR+29s)Q{B(NfpVwzHVoz*>Ar_z>NvCD8=bryz z_-i9cqBGW?xP2X120BL`O{npiiJFR~_L^js!CZf?OLUCY?~-YcDYptBY1z!?Kxq}hf=|Ls}MAl$e(eR1tv3*yGXOx zw=NK;UtTg&zTK3-hKx`o3U_i!{4<~g+3vaBIPhRBoF^rlJ2)FH!#bAPa~V1mRt02z0b?lel8Pip$pM zZ*ZtE<;YeJgmuVJ^eVk#3ZJDzvu+7c^n(8g4m~)7>x?|$7GJ)nMw@FXKTT@eSM@)6 zK2KeQNk~Na%b@C*NFQ94270~d8D1kCr}IF*B}*svessZMx)gbnPP=K+<~+x<-~cYN-CK*7E2 z*2v^Uzn@Ma#c7}8+MkV-ud`x+y7(QI~Fm`U3U(OivEO}=N$)l>kX#l-g zqN(+pJIT_p)DU(i|GWnFiP_55^XXA!Gy1V+Hv_C?lHOJ*pQ5EeE2Mmg(B zp}4VD&SWh?XFF0%8d&2`@|xg=5xk0#n4*?AhFOt5oAe2{>(zwK@t{(UvUqvW#zxOD z(XqV}?5*@+!6cjz zc$Y=S>O&il-%bhn`8QT)x^Fc|Tv%QMcir+ zISvIgFn+T$YhjDqOnC{Qz|~!IC<7*%j^SPSazFRkimmm5)ku4AByxR{Sp^JXpglPv zdgRj@a;JmQ)GCN^Q>*tBCjx;~xFBguFLRzuFpw&P#Ts#Z4yh(PqcL!zB5RM2%eMyQ z$#IbqKiSah2(q?u#Xc^(z0`dEbxqG%Xs!f*c9O?)UW{=DC{$p^ptDDMxAl~*O)Ojw z{!Y^KUmaUy+KMd_OQ}FA5>aUfpKDPa8A?dumoVbp#@vcF_t&pM?dF4&nw;iGd-f}k zGK%EaPED<)+)93Rjv3fF|LNs}G7k6^YrE!=V*>H|2mhBq);!cRj44U>tbqs#b-Iy~ zwdub#C}y|QufN}wdNW6_?9?rws25;Kb7Yi0tBme%S2I=toU58<3xiY?a{~8N0kp!x zUt;pgQ2!bRql4iNjL6wDbZc#$9IO74o3MGLyE;{&T{~IfXzLVtXI|tqtFj=KAJ|~8 zv|@`_gvCoryOKEF7PKhN^#NlX{U0Ci6?-bHvT@k9eE$kydAQu0d${+E9dm1v+?TH1 z%L2UezrAobn~QJ~UkB4uBur?&Z@cda%at}N{L4+ZcKBpFf|&N39+3`QFDeb7A(=eP zf5!77Lz!JXWKQ3>jS5^o_nW*lCdVnPJB<4zS=sb6J_Y$0-QF{z`x8~PkrP_8OK{F6I?Anux< zOi$284D42++hxv4S*2dAzo5Qd(+R4GBI;*yu#AnwC??xbsoF;*W%v^s|GDTpGMh)w zN+fjy*;pW-yvw0j@mIa^uOilA)rP_PR(XiPNXfnG42s4?ovQR?ij6~#F!|DSFMhxa zV#hJL3$>myOB8G^iyu&Nps%}R494M?U7)|;#~8^XdTL3Le9euNLbg_tq_e3MXkRD+(ut zaM(wG4zBHrymSU{FQ-_+aur6X!w+efXwujyMidgb7|>b$t{lHeue;lO3MkLWTIWKU z;K89gM_&(#RLO?VI>ooUO1r(mvsuB2{&i76|v6E-gd{nIA8)j1>cD*^kH`KBqazkJJpH^hg`MP+^2=x8@4}c6j{db_PoUhaxmlj{A*p&Fp?EXehIwfHm735zEvhSx zJ&nAV$Z%uk>v`ocR4TXNf)zn_Um@Z=3Z^0#e7P9UOImR;vz7un)psi9{(`#v&6#g8 z?q3luB`kh8ypx=i%&4;q7E{xfW>#6H?KOZ8jL=I}Tm18vPL&G?34JQrNni73JHOLp znG#6dN~`*P=T4S?v@<~x`7$&`bb{`kvTz&QEmWQV@_%fgiS=ooIz@ar$slRAPTUr@QnxG) zVVu&PL?6dm98^K|HR3&f(62rqHU-mNcufKacoW_+eC&Q~AB`wnb)fue-MKlj^V&BX zkP_aR+tfr*F6{9dt0;P z={WXh`8V2@)y@aAVOF4z*z+EtI_e8|MokKN*Nz+I&L7;AoNvxUOH$zCbscwg$2ZHD z@)su?2US`@YL(?l1VFBwI}q8i42#H@9)~3poB5&J9q3Vea7T^oDLI~krvpU4-TdH<8BVUfF*YK@%9pW ztQ12CVOPR7|JPh3`~R7XWMSsu{BPIof7)$KES&8B?_6ZNlYQwd8ZC~T&1Xyud-ht3 zEjRMNQlyN{f4Y$~BuTe!Gwr8a9jf}gzc$sn-7goq^6D;0$WiN?oK@}|=|JZJFfuv- zri`ST1jxw9{t*G7so6Sf^GkE<3p;W{bL+{_`F2)73T!R_02zQ&GBN@hj{bkUgTjhR z+C!NAC(=K51^qK)3L^dmBZ&p3cSd%W7uJCK4lgdK_AZVF_Ra=I@8lC2Dk%Hb2T%;m zERCTMQq|{@laav{A|@+yiVqaPSG!;<=89g{r{mU7OA{qMTW$YOpV|8C(ry=ej8$Me(Ny|0tEacO6r;W#+J4g;8O4PJ0v$U)`8c4k=Yy^ z-u_(R3(5W70W16`7uh$o^e-0~6%&(PP($f2we~L;IlR7vNMQZP=)wYAp`n$v>63n9 z?q4qQ@E85n4a-+j*S`PEoN_TtKh_iH}xxAFEG7(I~bsCCiM^o#B9S0;KLeJx9KJq0*1^J`&w zX7SM5*SiQ6n);iO`W&JM~`TV`Q@ZC#6Na*E8@3|*0 z_itEYMgTA|H3qkDuz&mFcaG7;!Iizv{-u56@BUi-eI>}q?8w3ztgTzab^_NfX%0^P zj6|DO6e#WCN-Wl*T{LII%B7ihQ5hcq6E!jrWwlI_FND z?(ibFPXil`3orsQ(NxavA}FUx(j90u>V=X>OYe4p5q&T$vJ@7ixa?t4dcP=R4x$Ke zqe4mj1&EAANxIO{Dk+#;Jmy#yd+Fg{gw<^vf5uiR`#4{Fyf0J?pi}a z83dX^bQIN#B=J~@0Bu6N&S@xG_?!m?IE1I#$gD01luLaSgsmwz*Fb`A{#h?7>!OBj z*myNlOEMpVjV3fSamAnP+k=bywP?vh@L#uy4j*WgHJCe@I=X%%X6QA=7r~W!V?!GL z!NoiEbHKCG^v8GODd@3}vrIvq&Po~ttBKj|MRCx?6$5_0%qb{sce}F^(hHe~2_y%! zoK3IvCgsmJj~vNn513)5>e~^H zD}p-cB-Tn;C@Q7U==@>oLkkSgK7avZxj4mOT{Fc%>_4^XPp`3p`D{u+(rxh~7%_JR zA+SaX(?fg`o&(AxsAw6>f%-84gh+*1XmoEMK<$feQBVxRD02F!(qUCimI@B%Tw}&! z8a-TdxctlBSD2=>M?G5xWIS3OS0$5tM|oi8a{q@FDKi3)$LV3$US;Al%sb|)1>idN zZyJwNT}Z{z0y{%}Sp~x?i+_Or+N6m(rHpED5J5gAsB)ZQ^!Z=%$gQUAtOg1fmig;9 z|JL?nO^o8>B{QbX4J)EqmEp$&otx(RazjF@<+YTD8I24L zG2oHSpvR@;qMgy<&bQy!_n&Knl=xs`t=Hj=&da7)NgD&C2{b=$abjo;IUhrU%B6HY z9&Yhl)bPXHOUnwS96GgNFM|$co6o@0uG@g`q%9B6!Tkw6sh1XrObcW1;nVsB_B7^C z%+pOkimq*0&d2Rxx$e zW)Qm2*))g?)kh|B%3aG&TLSyrI7i|=-B6-Y)OMDERiLvRMrJ`we3l=7Ul+rK&_4e} z$?Y^4iz5tjD%!(=*NRebQF!&^i^;xq9NBesvArNL|X3HH!PD zY7}p}_r}!HxVgU;!`c`(UzfTK~$Y7S7sZoLk_>_iFU{jw*9RHvECy zRHK8nf2;3PyeKrHqmQq|Kcm>Qtn+SV33Np`B)`)!RLNZbcTBUHWQJFb=YHiErovVX z#W3yRBiuYT9T+v2l!*5nvHpxG3}71~1V~@@8IzNpMUfoW#$d{(48@y=(?qb_ynzSp69TiRe<*W5W!*toZym?{@cb5nR=KwwxDSvz5w1Uxwj z#Ludb)78c|X(SJ&6mo&R-N4sC0pKE<{W2GrZ$fBd;FWYu39C@=Nj`p0;&9nv*CdURH48Hh#o4he=GfyKup|d--@~}I3w>3Wf7+H!o|c1YYi#J~c9bB36z?NC6`e7Xy0Vj_0g^7>rtN$_$pO+ZM@w!Ysoce|&wA z?V9M_*he~)*(~8#fw178{y?8(FjguQLWcl!4Ye>xx!>vPXhW+$^`?YFa=}mu(lmh? zpw>4otGcmQ`20bqtH+(G;oE7uwAE{Uyb{<16EotVYxO$v2|!^^KfuWeZs8~sSa%Z6 zneH)tT9-AsVDXqi$d`EN0O4aFNd0=LzUBpq$$M?>q97x#9zWLC2`(TGU%?S+1MPJx zv-eOSKU^nedi>-svlZ)ic1ha$2ZHf-KMAND^YWuZVK6LAMViCd`^j+W8Ea5oqK*IQ zL*6G{S^<*DnJ;GFaUMo0$lCBXdQ8H@D3e`^Km@bkP}tVzEkEpF2*_dE)pMua(E4$B zg;{3z!}k?22jcFq5-G#gFQX~ZY7L9^4$FLIBr_8v_^;z_YAjbKA}q@^ixY^O{&pDk znYLVhT-HR0*kw6m`WCQN06OWPU9SMjQ~6zgI~ zvCjI>c>D80jj;TRh=c}-Gg`P~a?Jd?#5i8Iun&I-j}RC7FQ>J2GpG-c{Vvg)<1t}o zLOElXS~<(m^DaojIKqdtpJ6-p*fSX?+=1#c@);bVex%fn!YHn3hT=fT9?#x7!;q{8 z0?2$@7gh-mVz;8kWybiqGcD`i$}%?~CCYd%gj{B1CAm|X9`0DY6K>dz^ffE%nPN)# zn7xT|ec2YQZo9~km8uPJC4V;jVdj+3W09qG#ahRdQx(|v&-GVG*PlBh<8_vhi30~? zV~xpiuh=_A3D~c^=40NTx@^NVg^LlxxT=NiXw3YKm8s0Rel}LwPa-wcJpf54`BUC< z=NH-$#Nl}1YR8p4fV(2~m_NG3@bPJnegk&|j-OIbM~rU?rW{@YM|$v!BhY+?9A6DFVs2F zJ!98DTo&%n6&UT^W64Gm?f=Q!SG0^KL6IdS(CE%Ka5qOc(4@ryp$ha-P{!wd9 z|CstJuvef#+_z-KG_;uX>j-8sXSd28@j&IH44kuicnjRK2h3KdL=Pprug_8KP-Uf& zf{jKwg3+538dcKbSYdd8+XkP9ryp*}E^4#4dAGrB+ z@j=E;W&~C99B-Q}S`J?qY$=dC%|kAbo5`VmeT)~BD#!C#1A&qP;4_Al7njQC7}BR& zz+P6Gg#{R{aU3;g9&@DS(@G&L#`e&FsX?8ZvHX+E(}CnLFE8sXx9?|32awk#;7 zV$5^o&`rHon!wcLxe+hWi&kQ{WlaK#5{z|^Z>S+eM^?D5*zHpz3pZ~^xQp9nVmNX{ za9R{y&(#+x2fe+#GfGo}|Ll&+s~{j#CuW*LG3wv?9&HwMi;7fD7h1yndC2#6uyxQ#UTTr2C*Z z^vkTIsF>m64ADyXOqHHLwt4p~i(2Z1?=Oi#Fon+sfz5Me9}O8+Xl5M-0`6bLxU@JV zZja@NZ9LcABsVX2=sQE-mc~08J1*TD(7;m81uIsGnaa#|@5wWQh7#r@_qmP>z+nLSKJzY2am@{8v|C?c~7?!JkV%%WVI#x51OcHC)%ky5NWC_H4aX$UWrOT+~K18E||hv5^Re`;~G_j z3NU_pP$5%xH>De}JAU7t3=crBc~~vJ;*{YM7Z)k*rvU48WI$>N6VTNBTFQT!7 zpFb)4_x+JB;L%FbPFjrZ7}twgm782kUxLNM>PWx@g#LK;C`FnVe}AR_J=35tkxmYC z<9sOq5J3ro4bVm`1*5r=a2(lT(cmVm9!z2>|>d@JaAZ&nFuQja412NYZYk(|N(#&I*Y=rsGf^)X3KNWs9xHsPBG2w+hly-q}HG{PwM zIxVx0haE5cjsw7vG0fFm7?>e);W*#sZ5r`(V!TE+?rPfVxe9UYeDF#LQ@=RgnAr=v z%^RsW>E| za71r9`9#Ta#lX3a!2NWGgTy%Qt)5m<9=W*ai80GFF^7%2W{N7E$ma8SlyKwR$-jLZ zl~828bpUv_momvsK1xhmi;gZYaj4bCcPXvF^oi*}9_FV=ca5E`B@>zFHq`x;|{a|%WE9|GFsVdon{#_E()(dH> zBO+=Db*_Q}=oHxT7mK9BKMfZrE1Mz|H_E>LfefKRSpv7xe9w1o)Mb_&KT_?LuA2(# zeh+0ZM zQMjBAJyPrs2kvLe+#b6Ii4iYC=aRO>-onD5Fn2#e!Rm=`Ht$j^48Ztz7*{92C*RT$ zu6n(=EVAzvL3vYg2*j^QxF1mrcAUS7zFLXiy?mQLB?Jw{rR9w=p?Ik?n7&3UmF~MI?Deb3d6FYf>3RPm;o_wks46K^-6|%T^xNyZipv>w zl?isHpn&YqdUOl#AIfhUGd5XyEJZm<2fKL7n3JBH>e$FvWu$cDstr~U@j059Q4OMF7>AOWN`|+vr zpV0fpm9V3wagnAySic^m`ElF`3z8U@E9O9uKg|$V#1qX1>l>%kp>A+3w#w!Z}7TFHAcS zK8Q5M!kD=+Q45Dz9#M5wu~Q#<*9XpE6QVt93I6>0=2vS5H5g9{_m{X$3J56>2FML( zY3AvPC$M^?Xm+9BB*Edr#04W=Q$W6f!7ml!p;5Nx`1ceW8Ni0<5ZQJe+8Lt_(#SYQ zjmc9My>3y2uzV}%&#ErLu;~Oz`Q)LJaxb3>-y|$ErUlUu<5>;9qsP&>W16Ro0T^U? zstYiQ2$^n9Hp3|WYgBxS6Rkj1K5z?w13jR(4qK!FM-6hTWwR6sx8&d>l5yv7YgzgZzon zN4+gxa2cV+`;us@1-1S^@Gm^u`X>$nFD*jKP9{1W+6zI|OS0Y(?hH$I(`RTl@|yVE zN-mHU>o`yf4JYT+)`DA_EZ z$GxsDJRj_ZpAD(LP;wugWCTyJ60=oDF6~WcHof;6p&14q{6J)JNb&9x@QVp*onRx! z`#)a`)($$k>bw2o1}$L9y0~GlsWs(b;#hnSks`EfZ6Zz$^VOYgu;^zILd_-X{ZkE4 zsa>rgEjkChXyvY9Ggj7hOb)3Sw%~t0dfvwfvb*ti>KX-p-|B-;LJ1g?P3?lf@O8Nw zQw!V?R2vQC_&Cp5575&v>?j);lHzemgvRPE+9mN3-`&0c z7SkE$^{%FAmNHT_@A$p?7%V#CWYLiFLmO6Jn7Ij|-pZl8V*0U{v3v~FM{*-VrH;KsV0ZCF0%EG&8 zWCI*^f>|CfG20wfHVxPJHukgM5rY^yDp(Rwu(J50ZzzMlrt|Xb@CJ1?*YG+F7-w?o z$qmur+hSGog$!8%7!TbrY4PR|N7*UNFK{eMY*~ip^xsZlRh(Oo8o;+>{Bh$P8b;g( zlJ!Jk(9Nb1E7RZl`LzJBMG_dKw)2^2S`9sO)-!A3Sh$r~)fLN-qB-`jb|PByW2dn* zkDJRDn2X-HQ0k`GKY7?YM6Y#uZlul2=xTw-TrAQse(T%;Et^q412X%an~!jcT}U?! z&b8GWy>Htn-e+dDu1x)&1RFPdoVu1`s$C^OS(BVJN0TJImF=q!tYm1?lAuWhORMm< z!}GdkK|ZkI$U2+I9(hH4Hr$YYWPe1yGKEE^MK%Qy5#GfG=$3y5Y%;~V-|2SnDhI;! zUC~F%(8%j`LSZLfmbeo2tk$j#vWEG#6KLtnXmT}BpWzOen8($KrKB~FDaQisFy5QfxQLVBYAuKdO}SI2PnV@o+mMbPFYg3Q~&TGmXdJDGd)#Re`0dxNcLAbmX91tND5 zYLuxM^_Wc4{$2c~l_`zMSb{${#4v7`2WH)rnWD}gfO!kqN>-MEdmFaS=17f$g*c}y zSW=%SAc6Ijbf#{JN-fK2$c1@WsN?p^h0?Dx&nIkjdQ{jpV;;_-PiI z672yX4w_xiu+3zCd(iNVcKlp)1}lTDtrsmQtbN(hbv|L+roWLHz_0|xFv$|4l3^>P zi|qMF?8);iOAwM%B!Rl~x*iroiGYTo@`kw`k6V>Y<7Wr=@duuyef+D`PRgvBur|98^wOSBWv)3-0FUI#~I=EFDGaiSc#)@db1$i~nxf;En zK9!^K*CBY>98NtFuw4~0<(ZysFH2DBoGU`372kkwhelBk zPCLoGmASeUKcofaLN!`WC`T&V-H2M;w`BWlUg&ivdV2wDdNf~%-$WThirp)?0)J3q z%95(~iFuqY^^;Jyi;JHWj(4%3EwuBgB2MUYS^)c9^V^gMOmUU(~7I%u^17x6BfY zudUe^NMOXT?{ty}8gxG*fX<5MjUc4Y0&j@90 zVv;%>Z|hBzddNq2_6vf~OQW&*?QgSd~x{$&RI7eO?YZZB4u%j%t6b`8i&BKpKybL^jm^^q^lx} zuh*P9s{0nPC7{C`x>w`k(Jxpab)(uN4lVpPq&wWv-ebDg1%U8B z{5uPu<6hc3!$pQ5iidv~4nZ(_!4|oFPI2u%$=blri68Bq8Aha-#|&x_?fY< zUTQ-B8UY8Uwfvew^r^v(Ar9Fn=uFLe#_0{)sg3&>&0b7V;a`pVnqI{~2E~+0&Wo5@ z8rS4dX>+_^z>?P_XgKmrG+2oh``*nDIbLj7hIorMI%!vw zfdndkt`gzRR{wn`Rx;cn1js;rrHRWhN!-tnP6S_%g7+g{ws!fgo%tARpXuw?A38KM z7d-*ugh+xg=r^%zK;d>#rMvw0g~DJbC7jvSGtHE3@)w$H*&mSK9NwD6q4O?Ia!YJK zUh{AA_iWS?kTSsY!*nO(z={An_@wj)1Q30(75BjoPGKN}mY^ugd=DQiHE#Y23%=dj z)??*?O7T0IHT8wTkw2;rOwWJ*TpXwMRTSE9-QYb{TZ_hxyjKl#2jE$k^Mk^%rVwJ`|&k z7MmK-yt(QcWZ(RGglJ;Drt5`oXNh;kP(r53iyGy3tCGQK@g?Xuo)aPMaoY+_NK9CN zOSE2iVL%9FEDRLvqugCBWJFytag;!*5myQO>f<6-ZaOTQ_x3-h-_k=+LRS}t0C&mk zrW9|V>D8R``FdSj@GP}%3%QCL!t4|#a0U53Nr^kjSVVDYi{|8w&RwenB6E0#n z|60D7L2s=NrZZ~KYGgT%K5v8KAphuZj9EudQk;4f2l)ik`dbu{dJ_5zO>0$6{~*Tg z%d$eztm}*b68uB>tsc>=nd=z;!a+L?;Orlkg^Tx$JLWg-$B?3-UFk$^DXVzXAM03z zY=_*-;5>&uW|PyvN&kzi%CH*}WO@L9M^}kd4};oMSOyw^V7X?UO+O@>hr;Z%2oz6w zGIZ5kQGeHQY`p(r5u^Y5(O+?;W~Ke4g>shxB8OCJEj`m36xFWDA@vTcG9S=0PIp2z zsiM?zGS|}|LnalSCo0Qg9$j_aS`ymJotOcBc)}Wn~4K@WY%v@Ir*j6KfNWF1fc>fqa5qOl6c*E$#AV)lY zulp1v@swnI7@1x!ALRy14O!)j|(NzeLl5L@%tq@zKo zRLB%Ys^DHbHWD^FQ9(LO-NUy#YxQw%n38dz&7W#DWxfw_lQ{Rk{VOS<@bf$6PY6as zl1>s9x4djUVc`|)fH+(_O8zreFi?Tm@U3qE72<;TYIrun*aoh!8exLlv-0?hYWWA!Y? z;)Q(SfHC5h#^bB~A(7uH7P4H4J=J6Z!b8WQ$**7Evbdjf5eR)MF?fPap~Ff3`<$Fu z87UDja&u#tX09V1ML&PB{_$l-RGHB+_5-dgT|b{xk4~~20&Qt?e)(=RVFdj5q2#q;3|vHw~bqS|#X2(PMqg;bv?yUzK4i zPX#o%AjS@BdK;L)WN+jseLpWXDgI#Wtq(2~e0RTx#7e;8TvxhQbY_ zF)|5s&SVwt%ycN>^88auD=0u5jjUw+ZtmGDWmnF~8buPpOGCFZdTg>X&C7fwCI^-? zK?qj$d0m!rh?GBzwfE&uDnlD0K-m&V4@*`#@sSafN~c!eQ0Z!`_qyq<^WaDdkI#h=i5S#lb!o|FxL-eA$7=bI}WWK^RlFfl{8H8Xh z$)8B<;$MxA9;5KFf;?7zZ^_E#qL1rJc{@S}*yX}n+TQ!S(xyneRdcWa$wV2tSYNs< zzi|dHp*mO!hfaRMP6>`5uHRaYsI@g24V>|!rB(`=Mgbb~Uw| z(JlaKdsfm6f|vtm1a7xSmmHne89DbQ@w)?JyW4^=P|V1ii7S{f`|E>1w(PznaY*v7 zR{LXoD`e|yFbZ|{&*sp_3P7pR;Zp?OLjL+;VZHwDnshq z>+dyx@4V#D%%>)_X}K+$>5>HPau9Q(jWvKIUr@jauwGv_bvpk?|N5gdt^I?g?uN^0 z!YyxD~#B?bNNj6)4=pvx}E+u}SN%rT>hfNO&a5)Mbl_POm z9s;M5wA6Wm>P^ZwvX+uz>t)|ZWo$oN9U}FCS@W3~Y{!Pg^`|6LPC(qwShCD`!{Oz~ z7*H>BmX~U9`{T=X)$kO!^q44=c{^HmRoC>Q@pB zZf9`zI8PSs5>*?WGB_8qK`8$~f9VHJ!N2@x`nDk=huzbv`%aSVEKlJlZZz>9eK_07 z0!z?L!>U=Sn^n9Fj)D-yvRPCZ-y&DyIsf?@E@%{ls}OY#ia5y1{gzmD${wx{h z2W^*)+S)*f$n>CT_Q)~Wxy(ly2tOY5UcEh7EF9H)R;}z=Ta-+C4~F8&k+zTBCVhFR zTLoX6yN!~7q5CXb2Y) zPptieG4WaG^1as4U?9*J7Dc6OO=uRnFq(?fj}#!);xrT|B*l5(Byx>$gNCxZHa`@_ zK7?zVxHxX+WbzG3jv>8imn=G6)2+1V;ll{Q1r5T={?^yv;&6CDLKcN)-CdQ zAp<&Eu#jSQ8wUhxeMacN7nmRMuIL{X&?*d%zQ6vBZG7y~328BgZqL@*{uBN(5ZpQB zCiiwoCKIMrT{y&4IpgHFukzPgOZ9*7Qk)!4TqKrM9Mh zXp>nEPQigLn`QWjg;&Q8`O1HqPte&Ro@b>y?_BKPh=AgtnA-$1zT~B2^~0oB9l0F% zG)izPOFwO=%m1c0I!H)+rJ*zY2#61?3HX;KA`_`Q|1O`WEt`%2u43)-=fm|1(&&sJXNP6K6 zfOvNzsz!P_%&Js?kH*J_S5k2BXsoWW+jsN~|DaFEJC^U~Y1%W&x5E)N@x53O@xe9= zl?)P`VAQxO8DnpdzWzJc_1h8age1@#t%Fn14^E)ecV9n&64 z->+@IhnRDO6UzzQ&D-bK5IWVzTZ>wMkcPZ zWryrgEe!c>QQ6!&3VPoFP^6T@#q%gWJP-vk6R!`|e>O?M$g|{AA1!rdzC5!{F=Qo9 z0UfI1NwnD`2Q0@|=Oa!t;ye(~AmQ#N^7b;s`!7wlddxVBZ!!hONQ( zl}b_-Q3u*qVRLH)=+<|dA*LBqM&GGp80qDA;u9K|XDI}HbOe^?_bk!%x?w0)%_r5u z@rl-tNMkVbf)kQt^3(M{wh{cb<;+K>5JT7Q1B#5bvq~VxwI0fVvQ!%GrpWW{^FV3; z)5U#*eJqk?z}2sw2NI6ARYfjJ3g zBm8EZKebLu#3X{J`&-q3BJ`K{pw^j69jhk->laow{cY;Mni6JD&b3yNmq zs@<&*je%$p@%W;wRb+N!4z!Fy#`AjP&Fw{Ho7v}4q2(u+!ztryt{pqBePaiDITZum z>9E-?y1_cELT@JQ1GFfP@EA-vm4MkA=j^|wPTDsa%F`VU5mMN*sikLVTpPc}k?)76 z)2ujJrMW%6B6J(;v;Rtne(oqz2$Ei!59Zf<~dHdH)G*o*lo;2c`G4H zbvEHsT9@l<%+E1k=3l!JWzmuY4u1v4;iwTCU{&vl{Fcs3H_AI!iwIIbgcLmxO75T( z(`ao0TyoUzJ}S{p`*_KdVGfWR(s2f6PTMe)*|^uagMT$!n6qL#w}TT~FN-K4MJg;1 zVY$scy-?O^gfU+^zhwPzF~Vu_^=Q6u*7np3wiAQGv3v#Os2aW zd;&k_>|WAmbD4KZGKVp;C8i~jYq_faDA@~!;P@bJUO#*W=bbW~z;huM(|aKHtuMUp_~91Vc3-QVPT*gv2ryndL7@*Q=TD%*)(qMj)tb@!Q=S97O$Y?u-AR zkUg5sHz_>Df^I%Kiqr{w3D=#qPfmj}3|aE=oS#5U`mF+t_zI07mIFVi%V!oOd~mUk z{f&wN?4w$Yi!T%|gVirnb6Hp)@Z#nSEO>*YUR-k0)X6)S8t$q(r0ZkE_JHl)-lFs) zM8D!YzvIfJO6%2b*S#b?$P@^g60#j+Uyw%+xUg2rvfsG+RHaPgD}u^Qbx%`w>`4?1 ze=|466tCVyCmBYLZ{g5G_*~n2~^U)UeV7W&1l8p2sV! zk+UhvvFZ~s+UOTJdkNFl#vm^%W z*~tFwanBMZvvzPK5v(6_nvC%MP^GmY1>RBPW24)QR@a;W##J^xF_C3ViA?NS zeIrXei`*i!$BqJ4M1mPdUyH@)K}vR?>&R2qBC`Os(P z3?vr*xM{Sx=-hYTK$8I__&U+^a4)RgRiq3eyA0=k1K|xG*_Xa^kpceD=0;n})GuRx zQX%lfMr;CE$Mx{#Oi1LE$@*Ve0jb%#b05iR&daA6#9~v~vyIvzkX=u@WGDa_h5P-V zZGvDE4FOLF(dgh4zU}&!RaOA!Zu> z{6VQ5c?F%4%_{4P22Peoj&8En)p;+14A6(qc7>f{l;X1T5Qu*B_|o{q*j;sKjAA|4 z52iIMDZg=;oMpASILz^mV=;?q7p3z7BRVu>_(YZ^T0cuHguU|EsFDzUV3Ybjg4$X; zHCdl`Q{LnEIaascmHI4PWU#Bwdo3OO*$zB4cQysKjg{FM#;A6c{CQu#9Ay$)G`hPH z00_PD6^KdU7ik{reSPR$VJ1DH*>v_F@}doXr|BuxCP{W}?m-pH-?>-*rRHm z$0V7=Q^UmGed2~={8ROyUTFx-T}9}@x2xpZl8p{zPsHeVa?HAL`i5a|VOI;ZT~L48 zj?aXIiR15eCjxf7DJV3)g2!8aM$}q?t-5EEvmVdTXNeFYqC~35&h8a?QBeAmpW^MU z@m@HN+jU~lOryn5`M~9bcQP-=qn!CnlmEVI`{`o{bC|xEsH(($h(_@w`5SQ{p0D}Y z+M?{d<|Q41x2{O6(1CX7#1hI8WSBYB?A7m8usW#~0)Z|c@qu_DgP<-3Js~|!IqlVQ z+|6_ASk`hRF}zHuStyIvJq|O#hG#yDeM`g!WZt;Gd$+61tFlJNsQKlHC?o9)yx93C zijn_gx#Uot?B$Yi&jh$ncUEx`o5#;St=PE$1&Pi|6vTFm7MvLr=&Xe^sW@d7h*WH& zAobs7KW?VyWba$DmJq-O*|dI?{wB*9WH`sh<3OL|BK0-_@B4ys5o*(gmGJ2Y$s+@e z@UqcW7<(b1zSMdJnyYwVf}R`FhbJ|ilOBFhSQMGm`qllEhGTH<;3qA(TmY|w@Ei=G1vb=mCt%{Xq9X;Sl(lX* zAT2a&v4l^C^2bmm!;U0AQQ5oy0#WA!)3Dzo66$ICwd%6$6OC6q=c7cpMW0O>b?=g_ z7YBM;q2b2wd>#u2sK*rOAdf{ZVBbY7JM+h(LO7EROpnDGyaRjM8QXQSS{TB6&06yM z+Y@)8*lo}U2aIcscLSRxQwxF`%AD?MK0CP3a=^-6bZecht`-W2W; zx_>LTM+sM#TdI1u>7-<*4ihm<|LaK~Rn{ce5O%V%@AB`bz*v+{_i~T4?jVG=ytF+E zq%33+b#SwGvLcPp)9O)N_Q=PeOWyocAzrr+i;m2UaZGnRu#HQ#jl z&uPKREM<%@`2>QJ*jYN(i*#ocbD+>qg4W^z=}mJn-MI^0GBy;0n5JPxLAY|x(B__e zBc~m3;p&H_nR+@J3EJ3yGgH(oQ+ zVC9xSJ5GQ2Jb9*#x^6VKD5$`5E+HwJ48VgX9hLcA$gC+viSdRXIa1by+s|{*ueug< zkYzzlQu+?>i3~@GQkLCnD+S$Y;C19mZ1|TiYTb_SYr9Z3EB=W`9YgE?3+x~h-+$(6 z&K0E#B)BYS@%VwXvnoM0M~qpTy>1l-blyN3RvsuDNtd4zn5d*|HfK{>_l_9_(VO;- zp4xgRhGYQE_I)?WE=a@Obv*vc$&E42dOie;}kdv#EpS?KZ_2gB=mX&X`2^ zH)|TAC_ZgB8`Pb5wcA?#Q2q(mT}E2|xu)tT|0M>XqoUazy}Mak{e>E0pN2zBG;8<~ zQnBrZ|cPWamafX4+SM01a*!=<-pm^Na8J*e8CZ+G%3=9 zm`$Se>UU8@EtC9`z#R$$ahb5o9^WHwXB*gpJN85b=cRPu?FUQko>`_Py7;?fpJY}w zww9NeUFK+_)66OU(+Dosx(g6e*54Z|4uFPwd!BCnAvJ+!tr`-TtWnORtbMBUQ3qXv zJWPgj4XDwpsfFM6^LmSrxaX_-_;nyPN_*@xSWhjqY$78khoHB^mzCVN$WA$=3-7Yx zdMor|bQ0!mY)&$0FP2bHNBG!_nA-u-ZN*IVFsf66tlaK>181s>!rBJuGmsq3TNC00 zD!xP#wEZDd(s)m*DahisyY?vjv1SiFC;*iKfEIoAK)6(7$v~0=i7uTSSdO)$sYXjb z26XGjC+uRYH1{qzZEY4!cTQ_}$YTp)@0o&UptqxdlK@IGOM_xf89m<8!VQblQHWJY z6b?dq=8>NdgG-9omTvA-6H5d`D}f*f7s|h!UdgXybvytooCc^HtfxJ7m94h29P++6 zA}QNCfLT$8EXu}BwPxszh!PgVVD4HkRcT8bZS}iz1Vr)Ett*5b8GLGpE4CtG-seC? zWr&QYmxw{cbx`>3{|K|=X#|ac-=M`M*Bc{a)cq4Qq1@VxJ*qmxzlh~zvXO*<(D&Gu zUuY;bS}F&PFD(9wpkDYCCj%4LABX3!7EGdLv`xv4urIas>uzqrJc~UEz_@RAe?yTl z6-o5YW2Kuqqovj#Il2datWdv$wNakh+x1g^K8uVbRx?e^Sl1z$qI^J%^78&FsfzE; zmN)u}-?9W7e{(%J9=c>n=)4cv6?CC|XRBAH8TuoF=gL;t?F8&<=+7v1yUl;O6tVc- z=GQqTyLRqGhmpb4YS82Vhj+g>Jw9ZZ#Nm>*+Spg z${hfg8gm_)nF}#gMssY56JD~?ZWNN|F2iYe;f}kRRSUsDSKHWK=1v7ipk~#p=teC>78M zZCm2xVIe9}3|?jW!gcZhzme}>zUzL;vx)pdN%@d=&R2NYh9N9VatCJU2=hr;S4Byq z$Ss|d54KABO?X#uN!{2Mv&K};_aDZoQVDfv--rasM%U@)Vp5o8`tl=)G$#tyIzbw} zb#gPzQyq}Bwc2q>nfPd`zudJb&mGo~Mgy5}Te4{4fpF*9+E69%Qr|4#T%ihzzmpIy z6x^6su3+EAc}V9S6T^i}XPb;FPIJi?>&NN_rAd^{jt(+Do6V5@F&1Cb&pn1yNhvKF zDT5{>y?DTEC`e=zpDpHL!rE0*R!_RNoS3k}YfFQ-4yIW9Gp%!0eJLUg&h4NDTnNTr z0-YqsEYZ=(8uk$hwBv7h82S=h>waXLx(|K)40+*m!D|{QzhNY;qaa}NvKdoUQHr+3 z>KD^xLV~>HfE)p3hEr6HCJU?0`V>n$FAq25(*Hg2E3lD}OJzn)AclgQOCip)EJH;; zJczg+wFEQ~ZV&Jud`D<^m*CR-&^G4xu~&A4-c64W`h zou#0En}wN@YRL?4t1r@>+DeIMYDXn=q_=i#Yt6i`jX>C=eX$Jd!n!_{`wh|GN%8&F zf05m<{{@{41D^o(R`oX+`kw)0NtBt?>Ef)3Yj0x*S=VONv=*HH)Vp*S*^gFFok8diEiCEHIJH;Y*Ivzw7w_1+{!3mmEtH0c^v&&&I(n$WhvbkN%POga zoyDrY+=NB;@m|g}Fj$KXjX{H>8uAUQHj9Ui=p5X?So7AnZmIg3e-vGApCENi(pPAEq_9iwbaE1LeXk-P+w5t;NC5N7fb=NQwiM%DhadoKb#>N3;BEMujEfRo^VqrKbHtu(E&c?~(=fKRE&GDtGY7!iq8+_`*vX zH|uSrj^bLT`&(w}gOKJAxInMmx<_m+20 z@g)1;^C;wYX>0I0UL@EUcUt82AlI6|h&1vPDlC;`39ye!4#&k|opvcC8f_rf*Dgt?)h@iWJ6Oq~5j>Mg7=d`HL3Ug|9J54jibJbrXM@2Tt^l9(^51-pZ|s0C1&ftTlh( zu}<8&;toI_I{`^jM<%0~hB?^mVqh&~evwv~Ud)KVkE{krz8gJm5&f~voaVuL{7eig za^OB0w(e_n44o^d*B60hBajg$Cd=`mb;!oF>Y;I((%gG@_8pdys>y4Zln*=*z{XHN z*lL)Y{QpIBFk8wP#6}ZqOX^8O=N?ROgCg@91gDYHlNbzFM%U#Y=foq?bid?sUhFUn zZyrC@eygc%`d`JNx4<;rVX*{(mZZ&r99t}>%>;Ut@yZNpNeAN8MP>*s&R!n zTq6!&itEZOn%#vv32$0O#lfY|O7NpCDz!sC#y&*j<7NHkc;U{=S)k~B5==~ExLma_ zYTwe4MjO7tAXC~ttpxxSzb0<3CC`<2)=1($O~H`-9*@vF}^I_oKSq4a+b=&zI)aNf3VI$295&Mn=-8|^w9WhYaa zFlpEi;})=zvZ=nH6)^?>1Y)M8IS-Afm5JDJ{s=uaO}u;$k{__YLpw?85D$MO(Zqvo zR5}&Gr)a8+XfB(#`u~m-1M)FjCS23nv0N8sVZ9tr5jANoP6YGwT1dFb*f95q_e!3d zPVg5*OLP`%Tn@W#`lx&tPF!LSeQ}PuhZrgZ{?sO=wOdWM^ck%Quz91W7dBr@{PFOc zcGES{2kcDKrF(-5sg&ejcn?DRH~>rx>gJ@>xss=kI9b9@j}KF>DXE<%#roX7gm;vL zCkBn@e5Ve=_*1<<#@+ZD|D8D>V4$ROCRCGG%hN^bJXIe?<_ph&zaN!$89oWa#3m}z zr=@scyno;v#)6sx?9N9i{3@63Gu~>z{55ce`(JpIdE`@f|4c4kB&*RjV%E^;UbY5X z7~EawZ89F)W&jJ|?Tp%wy9!FB*dhZG^Uw#j^AKmzCn_Gw7F;iNNbsy6UKbn2GNx;jwp{IxSF@^uT@@ zVNZ@Tw77A;t81Ole6WKqbL>Fw%m6T@ap(EIivErOm_ftPfS*@QRB&op?B7vfX%TlY zIR3x&nUbh=+?+34i2RLmS^d-e8_dJLLZVJ4rf5r$pKgc$@AYYB`Wi6?(Usk{Z04A& zd{;X&jofr{ner_pdZ*^>_1WI_BX-vWuPi%S63gUO1Z@eEe+gg|_lOD8P$TFT)FGYHt6$Z%2kWFE z`@|PAZ{eSp3w1OD6rBHOc#6)kac}&DL`Cc+R7m(9AufkornwxINKy!T#;nq_JP#}j zp;0_Dz|sxyeNs!nA5@`i-Gq3xRjnRqH8muEhnue8S$BBPyT(M6>QP@UuJy)`h&aNo zhFZ=iuuWu|`OFYCWNzogf9qR{^Mq$o3ecKCuQS zKO^t5iX%do7>4ck4hPzC$HOHmvJ&102P}*;exVi*`l;jcM&F$33eqXyh?_9;?4(8d z1`{oei1tW)FT6pJCKrS+T0Ar{wTmG@`NF)${Io768)yrYz%gH0I?m$yy8X3@q@gN3 zB7}d7GK{7Z4Cua|9 z1PJ>XCv6quvo1kztQ~*Glv#n(Qa-4i6Rv1Mz!*^m?QuB%HDbBBlS6H^;r^9Udgw8j_P55k&rR9|&(O!02S=bMIilyHW_%8~F=I`_xzvMb=Am z(J`GFMoTDokQKP>4dR>`FYcG1IxE)InFnc%PBwFv zJukPoZ+}9M9(PyEdm3sdPUh9ofyfW~1h0b>!k++dsEyU%B!S&m5~ENgOwU`?*C-+f zk@te3|8;{>vZT(;XZq&*r0~8ELYFsJK{pK$dz*$9hc*CBD|T;z5A=l!Nahxn?)yq1 z`ZzMj@T2v?sV+X{i^{1rlF{+EuR@qJjh7}N8M^fwH z{eGRgV|^$t>beUINO+J|%{5(8rlg^@7EM#3qA{w85ooWL!=Gv!$(gj(mPr-ku>XE&P4^(Ntj3?ZHew2|V38=Qq#!goi(*TZpw1 znue!hJH!mxdxR#xLHK-Bz-MRy6+eas%^09U@LArxAvaFI;))KHWlonm%bUR)KNJpVlcDw)R(JI-cn&}}Ec%I(k zTw&OdlNTw@KN@;eRvB&1#il779o60IuFOMPRGH8vIBE6?7)g&hpG$pT<<qAdg{TubsLJ{9VJ4&;RR25qLkd5?61Lgy(^MyVNF) zs(+q${cZm1))n}l9Jm^>KFe3@@T=6dBBH{0mgNdZEMp_gtZ4M^E$uI7YqSP-Ev8&B zR^8LNr-m1!$n~`1rX5btpDNY*=i&LPN_N)HWUK=H+b1rR`@rekB!-?}@_18-M$xbc z7#|Cx(6&H2`nTBv|GF^HLy%*kZ<=sC*2^{;i?M$A!!Xd!)n#Fa0_3Pt3s$!P$ziF?vUg+9Ykn zg*Wf4n8dr*&ve((^?A(FKaOhF62$=KwTka}OI;LE9Gb#OpXku-OM($ zKA@73QY70Ew49VB#uCp`3CzdaZ^(^X@;`m0ggR7QAZeL2A;MY^_djkzQxg?Z^n~$w zO`k8R1!~4QEiFThIT2fgWEij5VPlk3ND)^3KG@UOnvQ&BJ(joQ)(j@bx6Xo$U zggbqLs)w`aIlGCp4duarz38o&qq}m0#c&o;+ZFcv+G*kGlbfdc?jZ~`VbIpTV@#sJ~IjEBuOy4mo0p#>3d zYrK@;&eKkP*|Ry|k=m}o>S|i_u`>uJ?<{&&lD98^)^b|o23UzKqU?H?x*o~=I~`at z-!JkAvbGb=HK_Jdek=$1EHp(d(3nd_1YS#{d%1fX(#t=48U`L^E=@COtJqW!L$$zE z^lD+DyyviyYu$WAEDV@h=0)+#sgSIH;KwT^p1mhH6=O_+Eq{pO*iX`8Adf~N>R8T! zJfOWu;4dJB5fe>fpVD=TNZcHzh!5P(Fl4^ZaRn#)HtHrpZ<}jUcW#^79pv1G_Rk z_*AO|WL8QOJ;9d7Y}=noG5MM7$E^u8wl9~5V>$|3!7R}DW--tQd8f9h-kUCdIJq8{ zaI&hT+VJ^P71fJQU85vfA%ls*1D!a4%^H^P`fplwmf9v8Q)O8GRyM>?Lk4i>{#HN7 zZu6gu4u3b1R92nQn=CnwAkW0=?Lmt+g~M?VDKVJeGaSAaO zR^2pfm$li82;Cz=1PD{8v({pO0%^(7=#)qoy!VQWJi1xKqNxT(xF$V2$Y_3f4whAm zd(+Q^m53#?vMc{B^8BJZSKct$?7iL{ER>~b2p#0Q5q;z5spj75&!Y8G z*hRtP-H0s8&-ur9PSd|@Xe)`0qr?eLX>MN{TruwN^Wfl6k*4yrM??DvCd7jS7fX(k&-cUJ$Rxs44-Qm#Lo6u zbO{G0M+}UCp`j%Eb{0wpYj%kXDd?O&YFTZi5S3GWPt6kCF@bmXNy(-nFOJ02o(;DL zHWp5hf2OlI_!V*`q)2A&bCY_1A=_`>Ot9T1(Kn@OP+yDTBmb7v_(c@1yAxVm_@dvO z*R_S;h4Z;%=0pc4M~q=SX)=QcX`q&jGIta&#OgdI@;5ioXyys@seJxULFiuBj~SQX zV|yj4J%hxnNw6`}_I=YHIxxTFXle7;pOrB4svpm4KqR@lK;6pbE2yA|RLe=#(F;o* zW?_er{#+`^1r4GH^fio!x|l3YV%{jUA zHbZW(dK4Lme(j_#?U`}l|Ai(-|K`oY%7aqA5F}SVfFv^s>J)R#*`fqHe<8|I)ofl4 zcP@a}z}WH+drLTH-3Rd->X~3Rxp;UK;)>xTWJWM2UT9wK6aAAwszpXdSaZL z4(pJ{fJ<57{8fh#p51HHaoq&wN@*>ToM_?`Id;=`zZg5T4_g&)i3F?-$>K<{{E-&k zKYPS@Fe$RpJD#Y!LrwCle>%PD4&$83f8=>@sn()7I6FS}!09{%Z{C=T>B{&)_?xwT z$+lvQN_0FvaE1oIXvZu{-vMUmOUDFQuK6okHSQ;e-L8xy2IZCz3|AZ-pSWUr{#+d2 zQeP32NmL{>Oea=1g{}eTk&h`V|9EB|T1~~MOoeZU0p_k(q(|1BS+RywXUxlaF1s`( zCQMIHLko9FGmhsRGD-Hs^Kf^L5^_W){5Cl~0cx1BV~B&`L|@$4UDn%na_iAOpsETrbB}*_||1S!HiGzuYiSU05hC$rY#>Lc$kU`wW(8W~L)Y#s{6o#K4#@WTm z)X)~jW5cEm)PX@CgDwYm^Ms+r(fEG=#QzM4SlivTmg}R>*{N*LXF$&dpeDBYvZ{Ng zhJRa5n$pVrvg*pven4_kaSRWc2N+P&CvoW(gFoxH6eQ_~y zdvPRudNv^Qs*soz3Ej881!iDnXbXarl)RddfDWn{F%AG4lC_b;gRcU9pbuNY5C^h^ zB|+7uK$Q-t$R+9f_|JhDn^{>q_|Jhj`_F+`SswbI15q01#twvyYznNzrD+-vfz;iA z)YrFyMM(Ff&|ck$dMaRnN+OZ{p92Be=Pp9*Vh!#}+h{!m=sgNTCn@nI=I#;A+_bMz}K4G`?)Krlo+xZarNs1gA& zx%H97bb|9UBYiKul%Tk<*73jkTfah*oVZ`b!2#9l0uxMM6ejzmR{M5FwD$X7@k^x; zE5DLYw{2PD{x4!9Lu&)WCj!spzi0QeaX6dnTHaszWWSb&yRZwBR5X;5lPbUVKtH({ z^=u6+Ep=?5lw7~X{{oBee?flbCvi2t%)NeOPI?!?48D4MVgehBLwN+F18?*X`|oNm zd(&oq#h_s}+P&wQ8yZ0@GBdG&VrYN2I5jeSe*Scb)5pb;x6J%veC6x?T>g3|$jWZX z#T2ZjUB|Qq(Jg9;(D;Z&oly6epPD_Xm8WC-SIfR`SrBQ$W#V4q>lyCS7@v0bA524F zJzVMCNN%+vVGm{Y5h%!up@v=38uz9l{mpt`vFoNm>tYMJ)C&d}tz(S`?TBu1nOD_< zPpHV%n;hq@N^_^&6Gk$LU#7c11ryng*3$ECL@8Y)keFNf4Q5@btP;*-hNJ1>K6Kwy z1Bd_TKn(087@cQgs)Mcl3A5y_Q~ugt)3hn;PHk&FckqU6qP|nKzz-dja9-9p*djrC z0DKm5c8v4yWwQU&%)1vX-+Cb`|2KXY+l1n3+I&@%dyx=<>Vnot=%%oo0cGC#3rH}e zprFi&aMBKx23;)cMG9DAakZ-q!A1B}n{^>CxJZ%llkpOB{1Y?a9-+pf>esPcNxV&Z zY{%4Q0_rM{2GDhijliGX=$os}cgUm!*ktSH$(BP0FD{?tJ-|v}dSj#)iuN_e{U(Dgn z0o89X8#A^DYbQkx1cchyh&y*UyBgUY^`Xaan zNoBGo*{7L*Ew|$ySTpNs*AzX?TA&Qd+A++xoL?Qa``>~4fJ zr9h^IzT6SBT2}(nd;z2hr0aaFCE?69QGIx3l(yFmI;D2jh1XB01hU&zue&r|O4TwN zryw2Xw-f^lnWMW?Kal=9v*rN5JNOdx*=;r|&$m<3MAf;k1bi5J`fxI0TBb1=B`Z}; z4)AA|LTVebyya+V zA1rB?=A_Ki(XFSRqYV5EvCld0A@3{q7=CYxkloc~=) zP)E)Y6Neq$vr@z_<=uAuXh+aZv-b=}S zQ!Zhby$3q!b_G4C(qpHO7uelkVz&7$I3?%hcxv3mn*Cq`2`?uyBE{l`cw%R6`PswG z#a8;P4)6T_v!?<;KFBeQvdDH~jM=}@U0G52Z%L*jL?R6Epp#4B>~24BhIyg}ce79j z8Ig>)XWq)Ua_^&A%NYCW<`vk{`B%K~e1~9gN#mKJ=2Z?6F-;Z5zT&8-_&sBui7_vS z^*}2NEF%%~As*TU6>1{v3KNJ|rS>*?li0|>vcp6uW)h8XJJb}$!n3x)26BS0A!iTv z)^C>{AMM4)AZD03?;U#J;01$<-1~covruXSU0kP`1a6BA;$st?S-Zn7PXGgDur739 zk!;rmmCRubgpjkQkhCWKQle6=420JruvV;doSImO^tba7>HV-gR-sR8vo+IbB93n9 zoSS^SM#laqK{{kAf<@z(D8yulunxe+?T5c7d0>2)W9eIz%Y}xQm^zs&2wb2&cICV( ztBV8hzx@;UuA}RFer`WkV=HpoP#CV~Lm9^EyZn$IursBVG^} z*-9#C6=pSFYd83x+Jf7&lo7^(`qfFFS%(-y#woTlELXPkyh-4jodBbAXlf6jKfuka z`ZwvL&F(@%It95gDdw`BaoiLNl%5y9Y;VGBl*`!2Guj(6Wnrc8%@kfoVmNNwJm>q% z#6|7ZD_)Bfl$~8A*?Ic~P#Q0|OU=JfZ7*x7k~q8L=VVFZ^9}E8Bt%f)6~gBHOX|kv zSYxLLFN0>xIs5JDGnAMJ}kBu0XdLIf9}83-MSKbSzptiMq@4*zp=!L7LtxN zFiNtXtr{zszVg}mE=EL1ju9$Z3$yEmPCY2@MSP62A$SRKBD(EQ149X~?IF}=1))XY zR&3pV(6~mUaJGx8h#D&P@`vt6LoGp?rs>aaEldJN=06X`jDc!4_Qte5VGGg2v3O-M z?Y^(l5>~5qQ^=z4R4>B4Bi&9!1@F_@y`lG=+?$%iP~`+|yk%bSlLm})G6e0%Fo$7`6& zFQB~dffgVRP@D!5NdGuyxaZ`=OdQ>wB#wol!u1|$VMjLw(Q>mj3vXBOyj(O|sK{U! zK7e5(_~pAR0o%*4WU)lwQ#Qc&j~Ht52*r}ebnP@8q;71b;`<|3BY=4r%GF}gjG0$!gsxf5SF3FL+5GMr#yJDcTX&AFWvQ!{91HH7)P4S zJOPSZW!c>k_*QJM>@WmfHVD5fcC7$G6+{WPlytM>I0xhdiZ6`!2<=f)cUtfoTGiA+Iqe zNm&GE;&>e=pIn%j;_w)l<&LDd$Jym;7ad*rkGjYqIf2^$nb{dCK%2@8v61|3Y2*+t z%>pH~TxINfdvtD{)HVYl4rceT`~pPC?J#|8s`-Fw*@S6SvVKMXU=07(KuN@#x`Z`+ zXE)wzVThdG8Z$Ca~vMsI})j-GQJfU z-h;8OIR`#mY8*k;qrwQwns1NrzJu?5rH8;!40?3UbMN#mk14Zsdeip6UwIdEdUq$c z9D#grNf_f3ir>5Ag^w?xlYBeg2usND z+czNN6gB+M74=!CIUYGQ z!#Ik8=&4JHO+x~%9a2}?dHTLM9)MP;fbk+xyK82Q3f6|TR!ls5qicN&GXAjWkkw5O%M%nz-lZtK4e6XQt%9sb5 zk$<$cKwEJ7GyE~$>Xb4{@E?RQ?nqs2^PW_qndtRw*Gi~qXdpgVG$h>=+&xhZ;Fyne`WOdsG9qR)I{xE zvhy02b<6-PiIUu`3KgOmLtY9{S48#%<4au5(vlv2*DN?1_l;6Fesx71)77nZ z$3O7DxqQk+w@>Z!g~SEyXK?jIk&T)vi7h^2-=t*W7J%WS3#DO1!{ZMwy zL!-9g!AnoQg8mV^L!~?H?Ol*&kxNF_s9VH0D2?boz`igPw?-VG3;3YC4&bxsoQlJ? zQhFQy#f%H|`6bO0&n1ZR^hKi-gMbl@ojY*W(1jy*W5b6E)JCG`PKVBpL6}#fZ7wfd z^GKekTa-7yp;QqB?-|h#+8_O=|6gnT%;=cRlDDNFK5RaaO-}5|Ad*EpG^=vx^v`h% z)?+VslwYU@lrHIcfSbGl>HWuO$*C19zv>GznSkZ0So=yrgIM(>;7$I^TXy6FvcWCIcYn6zqm8I7zU zSRPo#UJXKp50n4c2R5OWMfOGHTAfaJJlt;)pQkI%%8amKrPw8Ej&j%Q8$aUTi4=63 z!zq{}KhsqLQ7Am1s}`-KKwheTh+P)L1gX5K-V~VZ!ac)7VEUD|&IcI&Qb=DNK}+>g zO{}e&th+a@FE<&H`KCiw5{;sNhPtXA$d(zq3juU6D}LMZ&g3B*Dw!%9 zW@m-#k-#$M(B6DwF=RGn*KMZ~Cj0R{X+->92M|>Kp^v~8&5DkgHh|3@&p;arstIh8qQbX&AMwJ{e%6S^|{ zzx4+vMMMwZ)u`r8@^}l^AQgFqm7CGN!Paaz*m~cAFzsMCuq%cl6^a_^Aa~7CHLW;{ zhE-V4j{R^?86>^}pLZ5xO!IgC!71hn9A@nISe0vZws!f_>lWm@&&)W%E96-2_b{1r zj1#WY|FHzL0!xM%{uWB2byf`oi3Hx30^A6?XmR&H-)L&HF8N_9wIf$!sh-E>$*UD$ z!{b>_&Yy9~Hc{dn*iMjzSYlsT-Qg|wHCuc_8#=0hzNV-D6K`ncV<@?TX^ieb?J#-AuR&jhomK-ZQ8! z%fEnM*MKM}FQk znT*w81|7w`;hilNasqt#zES^-k>meuKyT$*OpF~17nV||c@K_07KBE+x^{=0^a&V?cEI7v|WqAz#W$&T8+5YGVHAZ-> zYG9LndymBVUEoD9eemEbJ}37UTo=^Se`gK~pOe;ttSf@nri5mlARn89u?I_2r3%Bl z9nmJ}HXf%Myt>VxBpL&UZ;*9s;qO#;b5L=Vp4La~Eag1aN(X)qtR0TEd`G z3*(+j^U;!zQmSQmH*&||a(04nTC4O15ijq5Wa{ptO8^h{8Sja2XO$;NNe3a2cAR%* zN`|pgF~@^bo%bpND(}jF&}7XdhUsJ@x-O3EI9m)rqaxsuW3DJR!SyAV#&0eX;Nz2& zAPgo$cA*>>L_URyLt3zE$OZ%3CzSW({dg|Ga1k1vRjxu@b;{9}ny zlI`aM&&UXgi(=0|R;lL-6{VIsMa7JXU&wScDmo3-unO&|d@^v!_su(E@D%+vJM5P(eoFm&k&F^Sr(YL~g{-p+vC=`=;V7y=s}0 zC>JMjN&~KIOi`2?+LOiL<81@bS_+cqQyJXghr+2IzTbpVRPsE;&o0XCVCdhgv+6X5 zHH29QHky!7$VVmLg0?w$Eyk142GfN))50Ql8Jlt%NI2V6lQm~(WV(N?2)^DoXI5hF z?imi)u$3XC)Nj5gljA3G2)w4+4$s6!oG4_D?zZ-K$Ddd+L-X+ZK`Zt|iqNb`Pq1zJ z5{C~*H3JEDe<>v<%=cirAQ`VA@_l)r<+wP?E!p`6Ke#@#ow6;sKe@9wgm^)J@c#=b zY(xtn&90Zm+?eU8Of9g#*bz|n5*i9e{yKE`(R+y1^aU5WXcQS1#J3kkxSu z^zf-dNd6#9yQmPP+W%d2u}|`LPTZO|Bs{QLD=O!}E)WT~M?Jur=0vQs*OJZ{8?8v_ zAd=9>*1D$$QEG!WM6W6!4V=w45;d3ot7M!!SsrN7n0Ba_g6TfH5svUJlu+e>|HvW3 z7jRV~JPGuv>UH&$4wiNHsY*>)=fBGK)E&y5E3zZ+S+F=9j+K6z#5MF6qO>rD9NU+f zIEjkuIp?1aI$lIL7`YRX&daP{vQL@EIhT7^*PPkaS;7Ios3yG04=(PZO-;X`;Q{c+ z$4!JvU-3n4QaXUt{XcXJdu?y?UVmfhn?E`t8Naq_6GwWMph{Pi*wwuP13ZEME9*s zPXFVjt>NT4-E!|?M5-c z$-5H@Mh^|gnY?W4VPP6#PV*^!G0*U#GDs)=-mJ_UdSSSrpnlVJqot-&ufYkc;3DGWj|4*$z4^`9`Yt@%bk`@se)dr?7E}Nd!^-rg_ z#1CQPbX~(2VfB7qh>R4BR1Nj`=AitSOq5YKbhA8nlt}`XsGb|o>RYf2XmHF?)s4dD z?MO3ZYzYgTYRPp}vvOcD3kJ0-XeC73!m zMDp#y+1_uZqv8*f+KZ=p!_o9%vS~Bl)a>>jadq#xxyU|~Z6_5)!VtkuY5La>>_rlK z5$40jaw3>`^BYGmd@$`lq1Qh8ARNm~x%B$ravx>qAgn#Z;G6QrykzR~C9k>WxWaTc zS#RG%(u?*=t8^qrEZ~=Mu$dcp$EJsaIl@Q*3Mzv9rcI!xz1}Mp70iW2HK!mt0tEws z@C4uLZ8aX40I!EJlRSRIL#&!CnRPzY+J0>~4>L{kF6)VHXgpo?qxrBz$$dX7|0j`Q z=qFxet6AOEG__>|L9<~eR@5X%(!W7li}k!Ld{$SzG}me$sZ@e!-ZnB)Fob1RXVvcxV(P6-h)?+G~1rTj$z^()S{Wk-~B&BRHC18=ViM}zxB=Zb*Q%I;s$X^;7*0dL-) zqn*bI=3M4Z@x#M`VANxI;M=jbtR7s>-&>M$+R5Ux)#V3neEQPa=~JWH;czP!;P7V< zWKw~FqZc)rSXJdz5H-b$9}4?B`1Qolh?15}gmFN!TCXCe+c(v`&F?PXKy zMFI4f#-|6)ijMYOE3H{XA-!M43?3(hl1ffvHQXQaDI`m-RSb1!`h<2Ak?3eTSjL_(v)r8=*HP!BxTIdo4bVEH!?C2rD z#fkiPH=gZl?-0)qB7qfTrpST)2f$79S%*Ei+gEHjncr|69>+7mJ>=epZNW;^s|`xB zU*lVjw$Jp!8IXZQG8d$a9RLe-WD`0knt9bX4XA(1o{o8z*bozKNUjLs!%}I$-^be6?AT>|F`gPNxH< zTK-9fQ|PrUlmiySnyP6sRL4f0L@c4G>+k3b&PAqIUUj+Xjdz`F40}X)l>If#tU0p? zpAfy^LO}Lz3G3Scz6(1N>uA)ie%OAO3O>HAuiAdJ;Ba#{%jWdFE**Ti_j1c{L=THg zKIW_e92FC2Un&4wZO;DUJcmSTR4gJZ5rmJLw|6Xca)E$LzUMqIn`N3Yyd}8DKL|_h zOhg9ntNnxr?Ht3`n5n`;t@oGpwvoW*#N3|3wK|zG^MGDgeu~12Y&ZTf5u0*I^{->e zDO4OqdYe~3!sFwrs`{UYDT&*WR4BcV6Z^m-Q_cY0CmP3zBL7R zylnzfkZK&4%H>G^K5s7uv%`~O8^RYHamZ1aDTvetzc1r)r`^%L+k_M)h#03ndc><( z8e*Iz;(t~gy;PD4QF-v_X4(^|tU!ep7{#CPSEC#OQ&wMsFhnmI^ni!#E|Fd3KNU^h zGX-jVYwfR?voym@rD~fsnq3nvpobv)+;Pn6VO4B!7TBy7mdoJ0LNkB=RYwmgxh z&d^W13Nv|m&`nPArkl5GM0GM=l%+^xO1?z$L`};OR5}%Qc*OuSI1cMh2yLHmqm77P zE|D7_aXl;Rm}+DQb4cyg8X_mizi}La#@9&c+ph%F({#dmDYtcaj(gC*!jtuC*crYU z3lzkY<3A15*;rB@vOg~-T^-F(%0vjKs@sInz`kPbaCwP}$XC5HrgAZ9|7st~LKWYg zz<6qxGt%)=eooA%c`3S;=z-^{{a97W@c`zxF+;KemV|cbK)Q0y8prQuPGHC5oti-y zSIrSvjMm{I+y#*himrA8MK?dNm8|66LDXy|6~nWqIBe3)ZQ$`FVDWh}uJgV&93Pfr zmEkMo;g+v&I=X9~?j?gZ+I<7}V6ohS8v%0_4`<}mER)if93?icL3(SCQSo z6X~B8=l7kHZ|&B(5}u!a79z_>Cp~-Sa5R$La~gS}jQl1bPa!p{$*`gc)_oJZPhZdU z7bz>d%wnV_vKKPYran&7YAY zR^kR;cm$n4SmNthAhASWQ|0Dt3mG7dNN#jX=-~JS+;J#Xku!wnwqP69#}?{F7PsSF zw5j7x9?h7A$nNDYP(x=D!x~|$R1^AFPf+GiuK2tC>bY{?iUxNo94~)|yey zf4xGd+`n^~uXa{;2;)++jlaIU7|?xvZov0r=0Em0v04<`v!z(q)c4ksxaAu)tlz0T zh6laPzT6q@DB6UNuWHnOTR8g+q&c|;q>zf2qk2>&Jg&Bh*IOjkDVX@%%TeANW4Lcv z`niEN|4U899>%Xvt2*w9KWq&!y5nRSDr3y(eoLbqh4XOQW(;c!QVoh5)UL z?Ru}ZFQxH{53=Wd>(&VleQTv&WPjbWDz0C!&_C)BlE^sa4*$S17IDcR>nFTNn-IVX)Wdxad|2#qQmb;cu&9TkpCjy8F?th6E>vouy&l}6_JE23tW z5d+D*x+{m+C>BHEy1{jSc8W~y`Dm^hOFfSEDLEZ%E;_CEe z$rSStbBt3yu0siCqF2yGP*BZZsH_C*Y+K=mz&*^v6x3WU|Gi$x(k-d20diuXvd)@` zXi`MuLc14T`M}NV4%!yed38*fp*;42Aw+%*IY>D4zZPlS#|U$|Lp|H-eu{Pzg`-<6 z4Y5-On?}1^I6aHb!A^Kx3p)y^A3?I74>-1A@dqlg;Yp!Yr|NYd7A9}9tP#uW>6K!o zBPO7Mj|qbmsx|Hmw<5;JMKNS^ktRprWtC=LXG!_In~Z-!gd57Jy-vkY&7o7oR$y-aP`ZIf1DjX%&`;ynxo$#5y+ zit<2OVt7&%7CS5yt%{YU%O7;S;RM%-vAKXKO@g*q#ju=~s@WIlPhiz#0{k3n`lt{Ljf`T?+4FG7MlpOtDo>}AnU*=**{5m_w9d1u^>Yn=5u_3 zWTprEHrH{@kx@+WPSw&|;bP}L(VYvoX3|=-8vhzWD==CW{*4K~4XCaxlTW_^WVRXC z6G^$*E_*FVhH1SF3sq*86CU(Zfc^leopl+}P*s(ADOH;fZtKsAt4i7-dYb$LgBTyH zZ3*4hvrZSo%+%}1XjGCpN-wpW1}d_`ra6V55mBqNN_3lX^oP!x#^XPEyIK4Cr|HW|E4;_Y4;6vz}WhC06o^}_$XFyVNBe)ll zxlXYWKHOHyI+%m70}UhF(8m zLHPLlsXir^mXspDU$DQxi2aq3$1J0_3SnDgk_+JT1q6k0E6~!N`NRk)%+uAIL8!tw z8^aeTmnm-2dT${vg^WDM?f=V@IUJW?+@ZsC>taJ%~fvwRfQUo|ZSU?(ME}@N_^bD(W{r1e9TLtjG{fwz%T-gzWlx zJ}thpNngmHxJusW1`puKY+k4+dP{c5->PfPX&Rduha33*pm{WO-MJ+w-U9m6%lsRa zgNllNoKCgrxwz&?HU|jtYmFRvz(v;NAy5%KXQhNMS4dLnJl6L0{g8r^6)a|AoPM6I z*P7?a4yB}gs9W&&!~wbAI_d+UC5OheIE?{qb8F_m6QR=YX)lQEOuWeT58M}BZC{bp zd-+XVL;b8&-AylE%`>9Hlw4W$-VAxo@+K9MUAZ+chqgPd7z?y?V+z zfcu{adPN5=U`_F~6D>QMZpqTz6DSso<-A?&C`Wv>hJ!r`hBrg~k{EO~lES4;c;I~K zd2lR!`4PPbB&E(KmQ6M+`ak+ypJ4SFM!q;Z^XSsPZ`ATpF+e*o2! zu!K=<>qB=(j(Dj^QCJ*QH^pZAOvYVyq>^lavGj%{)2ew(5P2)pdnU5y zX%|Wl7=VgGVByc&?|TgpANH05U)qxkHh;5Zc}ig*&XvD88ait}^ptfJCnqughN(JO z#%|y4?VhFdFs8mB!AE?oF;HjsexmKrDViN^ra44~Djd`j~p7CBh^t;Fu!_zIE?%M*K@ z(ZP|GiZ1xV`ImMSd3#3TrgkMO6s%offhorKKxup3dK!<<52nU$YcF4)jVP8t&rexAr|m|7(0h8QJ5%Mmu=g&ZQHhO+qP}n zr)=A{ZM*t^fO}W>IA?p1D>HV)7wN{4!h>#2(VR85)1^V;-ZpE)7gl3{1`@vN^uKlV*jpt+xfz!0x9#_2`})}rtK{=q#JNs3r&KPk6bCpboBe_C;c@$s~g z@(m>smA0ZaJFlSkEOTM7NBt&{`Q2bl0|4xp(Zk3RRyacYfD#QTA*m8q)P}1wUbK#{ zJ5qPzb-p6%x|gEb1ov%LE4Bh0CXmSnCbv<7sdte&OCjL1R|w?XQhO6$k9=uiz%r-IjdY+u(MWhu08d*mv+V^K>=O1Ct%X>+QG2 zf7l|1GX$0_0Sb!qGqO32)0FC_9I@V}j#-U;WdXXdW^hW@sl2abN=EnEQ;qJ0AH1@! zaVt?sFj>T4jbt*|=R!d#TtHX<`KoG%UDh6=d3=^w(}s7T*xDUs8Zm#n+Y7H$H4epr z%5Db8WdZMd6PIv{bs)nj<67Td-{c+48t3Q5g%OxC2bZ zl_8mj5k4DpZebx*J{Zc3AjMKySZ7U=PhXiKCS;6YW+;}G95{m&fspc+*|f+1S__nb zzFi`d{Jo!m7}7@C!z=5*tJ=3gnr^wuEp$ZhDYD8o&668n?kKH1I?N$*;izZIN@)+O zqzG(s9<&+H)V{J355=qv-LraJ!4b1L|MpTc;vML&1M?0XYa3%DYrx;S%ZT-t(x>Ujy>WEl!!{2Sdd zaa=k>M>^NY#c)nEalwp)tL#6uas1B;&v_t> z7Ee1=A%6~wObf-|XaFj0DI1dHw48zQAKT9_*Tk`Du~R86|2N+}B9^j$lPR1I%t7IuLYM8gTKp1!i(fLRU$ zw%!INP-;mxr-$GDmN;L#-ikopZj>Id!Vnh%guVVs_Wr><{*TP^ISK{c?@HlV{SUPT!>Hiw-u#$~>Gx<~pmY zy}%={dFN3|nKU0VK3ZdBQl>_!j}z#EP&U;ZB7uaimrnZ_B-uZ^j~S|(DxbP~E)dT^ z66dsLpBW*F+47qeuJmY-aJU$|oU3!utXqlJwd`lN(64eVh!cfu zc|98y%JVX9QjB;HhlOa<`#|Y+Pt1}%(+qRRci-KvJ%0D2CLCVRt7atul4X==a6#)> zm-29!3&rYIRL10^>EDiT9d7O4*ZU@OQob+MT(rlGryd^x2gp$$wK=>>KeVo$tg@Zm zRdFtrp;N1Iz6phMYf3}Dmf#|(THU7-+w6uF`Y8Mfwt!XHL>eFBrz?;U%RzGXk^7DS zUU83c1DQyCqsp34ZwBQFg$nahZwq59$=RtMb2^E z;y~%eAmhXz%ZLm6K*bSSqfoaOHvBEZaOwFEJcqpyMA7w1Y>hVedOg6Hyrt%kJXZkm z?a+og`4xH@*>5Llt$(1iBRuf7PiT!<@aE4kCnS`FhNrrb6hWU{8LhGvl?)Z07uNh+ zJzU~sb%ueaXYKG?z*z2{P$p|g^~fFrk1iAFoMrW=zm%M@iX zC`hK@nBY{oWaq41=XQa6rd}o{ci8_qz*&!s&W;NDJYTx{&>VQU!ZgDw;%r>^@2_pN zD4ddS{^@G+)6E`(3GJE@&`hekN)Q^Ba36Coa{kA=8aGI{|Ie3~f|Z@J)7R!Y|AVUx zg|!fY01D{Pt`Z7u)q@JN{oc|0jAXv@!{bZ^5Wi(QC@RfyOaqiOtkylITzgl zzG_oq!f_sNB-0{&3R4`v5#yE&C2P*0L@e4<-J^=WN5oIMEUqNbKBumtoShs+c`i)N zd)TRn2OLv35*h&vFT*FUhvC?`I;O&>2JPspv$`Yd%0Y+Y&w`llrE8>jcs{Md?Dud7 z(48}~;?Ue5H4X(!vd3LmaS)ud=_>Du<$RfEH`#gu8`3EU7m@eVi;#RMLbMX0fXSQI zA>_N#BhgN`O5@zg4btc|;H0llm_r8;%VHz#qR9k- za-0#p4rcf2{XciS8Roa><>>fR9c%g^a~FK42e%d6uL@q9w_+ZjsJ_85Nnh?7%oC+r7@3asw=AAJyz z?~meCvYye$@5^30YI%Rya%KDwa=JRh=pez<0FW=9DJYrhKM9&`x~q(^huSWRPX)}PMBHDlHnY2f1udt?gfF7!fI z<@{ifFXA*S&uMc(*Xfe^DivAp1?J}sgrYh0C4b@&5wFG8U%E(YzvTF%80!kM;Ho$! z4YjFUe7O`Xq-e7OBk6+Fs1r*-|h$tNz zp8IW`c47Sg?w1HsoJQcx6X=;Co?dd7Y*$dt2=KSizD(?)p=)lf3UySvK1&dvrSm!n z7)8H#HFYU|p4oIKD4o*$Qt}n2U6wAuS`2qrA1UzH}0bM8qL!b&T0 z`_I6DvtSR;WvbQeN^3wnO%}b)&_y(q_Qnag=+IVx>qgj2&(uj)oA6z5k8T8nPzG`b zuO-je%LBR8&31B2q2DoAg_ZF&r*|=5^6&hP4;TMXRN?{S`a4O&MPWTgsFJE`S@&2N zquMQZAOPiD<@TTxO*#P}=Jp*yf_`q$b12K$s>ZHEixD56$84+>=5M!@@Mi@VN#~qA zk}N7ymaN1SVUE681hKE}ZE2WA7QyyL{Qtq{U}IqX-}xMz|35wl8w1P#mCw;>>`*p? zMu)S7{3OZL_#d1jm%P^X#l!3GXUp;SWE#CK}BgPJs<%}!g{a-hGu4GrY1m&POL2eS%4-1WM*!2W~zXW z9_0R0eyIN8-C2}(dYRehKQMzcv(w{8cm`*3Z|#7bjH-n8pl&JwnGiu$5Cao)sD#vS z@}1d{%&&Y4W@Pd$e^qg4hmU*{<7fVfcmKt|ZaKWa#PfrU41h8LWb}Z>Owf6_xC8xe z$&Jh{;PpRaHdoj8`YU{a*}r{Yh2J4U)c)n^?|ch&Y-~?rZDxSdh@RTu>gY^lf!W>V z=?S<38+&V$w>=7C?Sj~|Kl|;!*aRoW&v0-;?r8rEpi zC_h_uhOha)iOkHPotwYpd)N4UzZ;6m-rU%8e_hA?rr+LzV6vwFbsWiN{jv7;04R z`lFZ9Sl=DWj*ARN78n~G1~o7`FaU9AZ2J85-_L62;>_IW_|CrfxB966y%S?%eqvw_ z)YffcKY(nMvW296L#EED3@FLWWKt>CGy>AiyY5{T1clSc!otxx+^sx3?I1>w`S0y? zqhlkz!_Vo!*iSDqqFyUX%AkiP+sF*A(r=NDHu=;lUE|g)4;5gZ1sV zzi*+!+`0nlir2gx7NC0nt_J|z%{@6^XjndQ(ShFzUG5;5N++3>AMH3DvvvwaWM?S zCz!mCBoj+D;-5!O+>|sNPt&L+1|7;F8{h=NrsSoaXkKP-^M+JW2AyxnsnNY z1tXc?PCEhF=-`9EiYL!wR>6h}Fwd0<4F`?h- z4gmze3YETBQlEn*rf9Gt$e&V0vsTcB0Np-i?1FtS_mVlIIIT{*Nn$~5ToHd|Ra?HH zyD8JeW>`7z_r{~U=BEb)=3(Tke=w45G+tsM-v9Dws|NB|TOmp`n46r(tB%c>2?Wy6 z*zl4p{b!XTxRVUCtrjO^82z1juheScedJE4VXkv7=bRklHT8mFQOFyy{lG;{aATw% zmRX#WUAp#6Yx{57Z9|gLVRxhaCUMXw7j3B5o@8!<*Od|f*>6dc=!j_t1#^cgg99wm z<}l+|`aXL`5>&E6b%)w=o5^KyX7>rmqS{L^>AP50sn7oX)^GaREXqe;MuVEzYbBs) z4ml&TY=8(CxtwIUHT<@ukZVyt6uuXevG(#d;Twn!acOSp_ZVOVTTk08vXChk6iVN6RXQ)bJgu!1>F*aW;mG8C3e`=4N z0qQ8gVC(E>_K3)1Q6C`#nLE{I^{hOrSOv$&_KkgjBt)=MwiqTMdjsh=&#b9Wkua}5 zJ8SD>gzo?aH&KmC5S1yr51O9-8F5qlqd24)%Y(0nygo9UYr_EpNLq?xcltj8XSgq< zwIWqP)^ZTb!FDI!N@@zCjxi&Os^6??en!=K!wIi{Ko4)&NdwB>yngUFBX6jAH+K6_ zADAv{Vp_8D@+Y^NeXql1hkTG1bjM#)&AHt0R~SjbfTpSff-0>V;te}3{PlnxrU;|W zgI3p2R!R$17wD4be6#h;`B_^OYRW-#n(Mo)LTFMmQTwPbkk{fWp1wNSTU)* z)8RGGDVI~gevp4R0dDmeXer$#PFg)?-o6gFj`zPg4%6I@=5CVuE0!8K4OLp7c04-C z^#6g7YOd-$GS#J2$)<=rgpOUho)M>)!P$>`?7`d#&l;xg{;l$wyQlw(Sn>0`gOSTj zOGIq##b%X=ut*0f8jmrJec3p=wa-yqoxd*i!pR6Z;^W;dll0=;^(Ok*vsoR&w;(3@ zb;V(|6@c9j*Yi|(6>Wl}xSI05<|2S7II;k*#(4Vtr;nrnwVLJ-Zy>zEykU&GJjV`s zTr?G~MG!TF`>nj=ASyo=R>oP7YAY=jSkIJp>j@hgFVc!v_9*9V4B=68T$EQdQa=d zyr9QsaTFEn#^!@SkRXFpwI9X`5ICN{Iq?mh10 z`>p~YR(GI78}E9C_W(@xpY_s6S_rJ#oE~X>k>=C`RweynNUDUthTjeczR96*^_jv1 z`L`wym}0Jz3Tz)C&Jy>|S{srOE`aE(mAKP_R@pie0Hv3BRt8xZ$f+srNi&izUnh$L z9D{m~aKOXHM7yMb8C~h~DDA!qUA!2cws&;JczlS3WHzS=)+BF{z|khLfqSsF?i^1wIw~_hu^rw(lzf z$}!PM-fJP$bCP~#I379aIxSqSEp_MeV;NwSC`NY4xXDeC63FJN0)X5g3^Y*b8d4P7AZL$az`BR4=e_BViX{xX|kaJqCo`Iq6y(U)~=N1@s}A-#ci&qDYL zkG=W{5k_!ZBCpdpeQ+kK+4%akzOMJT*=?DKkdu2I`+bXP+M`3_GZm2fKK9$cP}+ZT zmA6-0P@yPW4ESZ@AWrH_0yi4k{MQ~Iu#!b^hNXx3< z9D2zz?bU`!Gp-vxvc|YE17hb3ko$vN59ZputN9Czv;G`d5^TO4g0W^IBFv%RZ;0X7 zGB3HC5=@I$`7}N9;|~DoeKE^3^hB+E_@?Q`!B4V%?l@_^{toHZr5Ofr<08r?7{xZK zyy~kjl;99de<$qq@UC}K;V6E|24-Pi3it;X{5y{uO=>(;gzHDxIWNpQeFZA*FEJBN z+yix(E1407KxyS|7)SPcR&13Avh->aXuLN}hTyaUCI1nro0vR&vYx*t*tgn7DdJ2F ztLdhLiQVBgahuidLE7cGMPj=g&m*Ingg-ad7R1tQ|+HCfkW6 z-%0RqU@O)RNdErTzyf3ShX2|oRvX7Tb?G#+aA~x;2w_<*#sP^pGjL~Z5;!>BMR1i1 zZL>>d>1jwFecZ#61{N>l(p;QujQHruM~-MhO3n|PhI><9SHOT^*#lMsi^K7fbCF-! z2`!J0ut9GHIrLG=QW4AtKNG#Y0QcX9AumEIu9Ek? z2cnqK7m8DbdhCsop(m6JE8h{3YjSmvU0}?THtWfI|tLP6ja{b_nW zV*ycX(|LkVyDAgS!VX%-!8~_;NuV{qDi#^B^UoG1ly3WZ>Dtjs;|KCyk|4q5nGU4w z482;fa0#j~jDFd{L!utIKtXfh$Iw#`+B5iFw@7yYtEF@{nP8jh#0 zP&`X|3`rKZPg8|iT7q(c^3?U2Sdfr@!)F&4#w}Al@+B{R`7#phWYdHq@s;cwQK=xI z{MPk1aC#A@=cdjBtHx}DDiq|rJan;kT%-gwqpC{NcFI^iLZL8_{5L1ru6UZ;BLSkN zJwg>RYiO{|%={ycw(4%4b;cKcEgogT zU;=$ulSKSO!k0rFvEQgKV!n&20B8TcaN%y+yTEMQUc|#)ocoVsX*kd-H85iP%L&?| ze^U`dX$^U3;3-{NwJ-$GQ`?|81p1jE@!Qs7MjKYW+*SI`{dELx2UxX2{?qhmD{R4} zO`J<(`-K-<;{~ceQi4l85FTE{3p@9);;k{vFu#g3(tddWnm3KpuX#s8x>0gVqBi~} zCS3r$v1*Q(Ys^DPb?6Cgfi&JGmVp3%x*W9@o@j;;7pL|(BUUybwc=% z9qW=IOQ0~RRi7GDG3QbevxzS_P#KPR+rK`GB!S5#Y?aC70A@V4B1yewF*yX z1Wfp2WEPlEI#P1zo{k+**?tbW1V(Mj(&>j4*HJEU%xF`d}lJw@SAcISN zEh61kH@{N>f8Atr9b`1C$1RO-+YIiNTs1x6rrj8lMrLR{Ln*3TLJJ4$1W~*tyHNkX z3nPy``;I+53+-VFOO|oCKG>fT?FEz4DqjZhF=YS z;0-c00YHOTt(~1St~4y)rwO4tSrL#>Yw19?S~+SBSL#l)_E4{*x;gM&4ab(Wpic&Y zK!Ba>h;$KZKUVaM;sDWYutrM!MoSo_@8^aH3t?M}!VXTvAklK~GWSCQOE8|FO2$@p z)W~M5BPde+-RUGnT>xu0{>VRSZ-vOO%7In6REX0$N>@zN(brUpRWviaCZ6wFX z7CO%s>bK=B0lo47h)YW9I-AoIWT7ONtVj(tm9WzKO<2bU}+!d*7P8v8p95$cGluyARq%`mp8>s_tDH zz{>hKtO^47**hMoxoCehhK4?1@dq%)Tf#+L4P%g?Fs8?22GphsF|!{mM!r|+kG z*%aD%R51#}sx(QEnkWcqTvJeeC2E0d*;Y;-I6HUr(W38O_f`u(SXX=0+wHmcB9Q~k z8ejrDRcALXPdj4aeLv@t7O-dI{MVAwyatoXn)8k&W{wJWa$DY6MJEOXj_i?L8CnN~ z1U)4gLR6HbQF1(I>XXB)UxT-r?BsmUIYR%%H=AvQXZQ@ZUeYA{g4zusyGhBx%Th-pa zax&fwXk+B}3|#V;YE~%TJwlcBpD^2t#L-Pfox7_s3cauqvy#nq*xt;uoc~PJ^{Uf{ zFonpcI_qbiJ;g*tUv4E=-c>?)k>P33f5-sBTPuFKdO*V8_n-9uPY5gWEo)x$$B5r_ zp*~d+-lVZPe&VvTlGK6VxAjCve~0=9kR%O{oxZ#F-ov=Nz953MI#Me|@Fb%=&V1i|aKGR@^WlGh?^L%FZbFie-5tsKb%@;DLxnbbS+0TDQr9y=sc7M+v z5m|3PO>DX9D`KlcAFyWaVwSZ_79XyH^W~}AqG^pu?ee4`bnp$TlndVGQ@c#qH?P=c zdS=xdoygNcT4rLd{-BFPP7)+F^?0z}u|X>zg(!6Dewx%!#b|gwRp|U8X~iTd&XCF{6wP^Ay$7IY~hwrPabpZc%TPm6{j49bP?_ zr#J%0BbN*uHXsVx)FYx2CAJiKYx-0OmBCxcQV$e9-Kzt3%&AtRp2+!4 z@xx+lE>~aBAss-E=`{lVm5y^M3DTRaa3V=M__x9^Tk38=O~5Eq97C{eQG5GrJh)KL zTMx34$jB1$#+;DsM6L(^q#lRYUMPNgR(48V?w{3ii+l2ZiiBrw-g8}1(d38iFeKs~ z^Hq*llhTNjC_kqS)TfLXCJAakK2ooZ*N_@kO&2$`jA{`uiL?zS_^^dj>B)~t+ZGjb z3l`~up9>XIkD7a+;6e11`p?Gv9Xu$v!G#+M%%aAxDT_lo>?o(!8G^Z53lZ3*bEy}Se-BAo4|iplsp8XCD2ahY#iRWP3;xdftz2T5g!zq$WT_IYf*L4 z)9y$>&Lsf0;B;~aUZ9{V;;691(UTFxxg`pP+SLaeSI9f` zG2c>^`pU}}XZjaj`@z)J_JH8LH;N|&aU&M2T_OR1&C_>eY^1KWbQy5rIixlFco{W& zb5V?wn+CO|V7}9u35F`|nmWPmy)hHBdx%Fy2%R6Tq;XU66l6JEJ{Hxzbs=X{o`$&-PE));p^cU)I>rh{c_f0}T5pk= zMM*$Jw;UGG)w3fhYLtUr<|}0t>5EQD%Nd0;Cr{g7XeD4e{Pguoea9>ndx70xT^^6= zYF~2TQoyKjfYL1uqDSPSqsOB+ zK_$FVtqYi zH}!BND;>#N$rdHuDawd1=>ig_vJ#7zS)u(m_EtfKFYo*=f;*{m5<1$5l^bKe206^k&91Na6p|JU-vKGr-%(UTqM|Fc z3x>eUrhaegbvUXHR%d*%3|EYA*Uzn<2O8G3Ut2luJvUFnM7<4D2_gnaYZaqjL&-@; z_Shr38@F=-zK~qfxfKzN2e}$>&FpVJeH_<%+~aZ!vD1;c)`#T__j}4`6USDqa|2U;W!h1l?fj4&(16k_@ zXZ0h%k>3U*3Bs$c%!dynr8I{x3+a+%P{B&?7WwdZHMl6Fru^C8sk#pe|FR|&vbm8) zT+=&|3%R=$?u8g&fw1i>Mc~c5XRrKgRXrWg}PrEv(y3#uD_5I1qnt@b1!12!>q!W$-M<%x!a-!=;2%+y@%_2$!ZH890 zvbUD=&^OZT5$0+-c^E-_d!34Gs(;2Q>GjFe66`_FaX}dGZok&|zVDW==kn9eXFy7Z zs(Bbwk_F(e-ab-vnW1SO-Zv9)Uf*PpK;Djy8L~RO_)u+q?gLrp6G;Wny88Lurt5DA zv$Dd{;4=0BN5H~bzNh9u+pS5^X5qY}^P%KTIO!R%O)u+JHCRB<9}@3C5+f3>p|0u{ zqZy;~b0q5qpNRAIX_4pgIr~iO@X!3#ERIbevraqIR)`HcepE5;JyNtV-_R?yXQc|z z6yeqS*9E`07>va83)!GHN|%Z9ax2j8DZ_1+0uBj7VMOp((Pfb~SO|TlSvV`FV#@v4 zSmQ-8{c!%)RlyamaP9J(uX}C~Yez9Dnb;DWRp1T2>y28rL`438G@*EvbOfMnM;M`r z`g|ZTQJQ;iQGI-<;^i*o6#Pi@kcFG^{q`okKH^TBuNh9fz5S@_zS_%O*0(>JfRV0a zC;lL+2(il(J490+AZL@X*@a_%GJUx1GW|#>R&2@u0?bKA{1ba=XQT8X!7*-w)B0mF;AC zo<#O^AySy6z9y-`zin;rHpYF0{0?g5_TO6O{u=ls?ESkG*q{hLq%jo3q0vuTli=rm z-{z`c`B2j{65#HOdlP#se5Mzw-7uv9L{Ww01qa&C%88g(0x{e!tK|g=#533+&MQmR zr;^DLP%2dk_NLP@IY~BlZqelY>P53;5hEj7g~791zSSYaw@*LOt+cE3)OE1KCJin7 zW6YPiZz++5nlpxgD7`2(J1NAiZ>X=7vup& zW;|Op?(jE-g(q^o#F0Tt*1b*^^eM^Ctg43eRTp1`mY;U#i{*XVPmtT z`l{atB;rhv7tzzvT1Y>-F}Fe5UuGvKdnx8Lb=~Jt3O4TdSV`Mz3wFlRlQ-C&IrMgz z?fXE{C?4TLQVTj7ju+rM#%aG|4?JAr2nQqO_3fLTzFLrbkD4#D`Ny-gO@fuwXu~wS zV^k1w5<9HKiQr-Wa1vwALMg+1_WV2HiMm=ElG;HQG1i3v4FbHTX=l&9vT; zQmjux$fJ?2iyRFhN~9h8kIHq$9+aWreGn94=e@=n+^3EpY4Lt@rw!ob(7d%(UMSxd zr1(P;WC~oItcKJxPu4XZrpe6grrfr*A49Y#Hj85jMd+w%_Cw;8{k9#hME;RnAx6xk z*%rvgajGAq3IwjQw7;GLk8WyFB?CF+XH`h}bIScyFa9}nqZ3DPIM)K}DE&~b6qoO4 z`(}Rwks7_h4-C7--np@#FZEC9zDl;+t<+q*iax~0P$SW7^ivIjmhJZMQ41whqjW^7 z#_(b(MZ$D2G0H$f6Cllh?j^i;N=rC?>>;&5+$V3$qOsnoJBw#3gDMSwQ}#b+nDCiJ z49uy7(@Gx9!CS$Flr94QE5i71iR(G~Xb)IXVUWFPO(@hbsv5 zU4-W1&E@9Q)%YG3gle#za93iu#B#qYryl8zOn8cdvr&8pa0U^b8X2fv5|1V)OjaXCri#z9!>;&4mb2L-dk|^ zf~aUJ4jMt0PkTtgKT3X$LCvH1%V8z#8>ihl<)fe_FMg!j5Bjzn?3Ru zUN@HEFvtLZY~AbxI#C;B^`&jb(5JwKKRY*fD}-YaCl0d?JJ8F-&E{J>#|dx;C4U zs~VE}HJAiPF&0hijkSpcS{(i(49fhVS5#M=?mafv-#4kEbE~=6VADY5o#pUM?ch+{ zRY#v@%W<1XL!5hfy`P)*nuL}1805Eq`)+$b1StaFpH9^pwHKrNga5X#NqBYlGZuDGP@=n=@S@w}bf!mx&8h?|RN z==OiHQx6JS2=2!{#YzrswW52OS8_#9M;jYb>>-g zMkNM}%b2Yy25$mnbcRsEoVcl=^B+s)-T4}xVTb2J063yZD%Qo0tQ1~ z-1GzmaV!yi#B|927^xDy6}l&>XN6(Lf(tDeer!o557odfSGA4<`MP`vk|+|+&%$`+ zMP*KRz$JYuKbdLG9Z#c32FZu2Z_R1A7Jr7(2fGs%okeN)gboA*gQlOK61H<$D;0b-Bryg_ zw(xT<3<|ZlHgP9Fi#XN;#|Cp1naN}QbL3-Mj#*0f9q8Zr**+hcks+5cDJCjkzApYl zuGcRA!>UF(NVN|P!$Sx&xWWajmg*yx`#M`_EmZT!y2rjkS9LLTL@}TL+3fV&L2cP( zL*Ps`wjDQit1-8CrW{Nz0FKzAx}2ZxOr5V&ZAh zEo;>|Z6Y&fLggMlAmmd6`LAzw7EPey)onrvf(unp4?XI? zIHSNceU3vEDgdlP9xSCrVUdmRD4Cy3F)Q^jcf%RG|%8*VSACbtEEfXeTTnK5aZf;N#YN(zC7s2{)QQI&)@?|Oz{X8 z{)aDzl6g=%UT{?Le{%W}fQuVZ->gcKtWk+Yn-o$Eb^paNRjC>VlDutwwV#!5h1$GT z91M|Nd{Bq==3q(ocy3cgDd63Te_!!&imBT^+v{(i*|aZl*%(|>##!ZDO*hJFu%21a zoGuq8QW$C-G?`*A?g=G}y38AkWMWBV*DPrzS^i?KmV1jrO}UJl?Fl00xAt>cvg}(%Y8}Qwb<`yJKK9P_U!taa>f6_?u)6eorx;bWWU_c47U`>qz{tZ8RD!xr1mGWXlQ6 zTtLH027dS|%MX^>YEdG;U6NyPtuUdI?k8%1sw{D}dYcL3g{vu&*O%H2=#_V&cQHmR zz2BcxiCEJY!yh$>q_7R--v+({Z@FM7+vbDs!j^atd=n?AX1GPPwpw@|c69}V2m~;> zBS7q*qb5=f+Wx_>>`;RhdK!(KhP<`q-_ggp1$qRqqDErN%{p|x381jC-|H?BkB0aS zssfwC?&K!(6`5ZwC%hD8HU$M^?ni_M1%eXxny};#*@Lc3z;L8~d^zW^r`DV}IgI^Z zRormL6rC_}2rq*r`F`MsHyA2WUA2`#eYsfe^zY>?KUi;;T5+itv`$F!)Eht4S^7@` zxEqA#_Xbw*`-G=?K~eS=p_5y+Pqazwy8PmrQ}Mpp8DRqU*89)wo4DJ^qX!6fL$&oyT!0&ewT$ARZY169`4R!BRm^f zdL6k0wvUMnMA*3NjbJGOXXtdP{I0;KZ>1R+oZ<3+)rebS5Ps^7C?6)BY?9yPZ}>m$ z-(}*#?fB)3PJp9a)&dc_EF6Xmy|8o<$5m=$u(Q;ja5o8G=mc51taWz*87{WIX_1%x zj=7KRa9S@cpMD7i+@rrRJ`miQ&97zRY(JNae1N~puwH-StC(UD7S~OS}uvZ!7l}0PogSBfLX0sQeQnJ4b0HMza?L}Xn~ZaYFc8! zaJ8@!(=aElistq?C@`J3v&rAF?LRkRztj}U;ooBC;tTMP>DaS~!DuSS{|VY^e4KZB zsao2uYZowhguNU8!`L|l3Bv<`b#2?WZQHhO+cv+oZQHhO+qQT6w=u82@7t1A;!7lXj`g;fu36hYE?t(?V1C z3KAr;@zO-JQ-UU@?=Yydpf=!XyHJs^W4!p_P8EX=c;1y31j*%Ez-VS9?DQ2<8c#f3I&ODkB4z80LA!dUQ><@upNMmk6(sh&}-hh z-l!5?EvR2GIuc1H>2XNW)ZoGH>ywagkTGn+Mq9^;Lad!C^6<~Ec*z454J_h9ok`+w zp!^yP-}K00;fw3tO?#Hm$Y_eB3QAO+3}HWYXK6)ng}vb6my*io>>)M$uf&&jiI66( zI&09#=*;c7MJNa{73tl9Szx`!-{?ql{JEE>K4YG(s$7)-n?&HD^>BhlapZ*e>>S|`;< zw%C$wzY~v=THtm3z#TQ|)xf?1_sk2|D)nL;CbyOx7?MaNE%2RN+C6JueUOK%?w9d4 zx*0#7Q}H?}$>aCF){bKPO`%ANe`bmiz%C=kOXC)h2q!$M^tFpdlg;;LJ#jY->|z{S zv_|?4Q!zZa$5On;sK|(_(Ecv_`50Yp82%~o{?)T9EwxSin1&l;rABaxNgLmxP1i;} zAC9{4QeHhnHKil|C+$JCX9Ou3eg&=|^jvDGYyBbQjO*g}#`R*c&43|YR_5_l z8AQe}_$n#@PsNq-(YOQ8}+K~1--@vGPUm3{&DxM_Oo%Yp&NH%9t+1b#3 z$>v}5BD+SD=YLx>*2@aE=+KAWvF>_0bnwFj2HIj)*0`aJVc;?ilu-JzjX=zRuIV+? zDB9l3q@yDw*t#eDiMWvzca~TK{9Xxc(x$ue{sRzS=A-`IXfTCqPSYb}GoomLJqaxj z5AolU(0F!2<{Bb?1_HiCQm?NxW`E!Fx-U-n>;~4HE$oWB9H`lhNGtp|YiWI=eieEL z=a^e%?=*%_ER7W6G|A4e6K?Atl#EOF#98X`T8>2Q=*JEj+>$Z%5bS6rvC^5T4eJ(E zHNHugbVXm22**S3Cl0wRt2j zmqT_Wau1hI09DJ>G%uzbqxy+5nt~BvDC-qH%!hn?q_!?rM3~Vn+~d`l;z8F62jnj- zi7$f>2T&fU)l{f%YXhhG)8B`CjL1>KLI1c{vmbHQ3p)Kd!zt=`lR_zW^EG zQaS~x;yM(`sjFi6B*O^XCs4KcM$Zja2&hSph*2ryUQx+!$qLzW>0(QUv;5x%G;&@LA>KRv4?iI|7Anc<`Z-S$!(h!P*XsHD$73lvO9uvchcW zEDbQf1t3#Olo!mtC68@P3k_i<1`zfaAR@ajpG>vCmbPGPhj0VsIM%R0MCi`)Q?$y7 z&6D*7do(A#aH1>n0$s)jrEs@?`$)ac^UEjo(uTEesMewho z9IK5d<>NJ3Q_gUc7SrCxs9XyhU)Ow8$IrS9|AD&_hcjpVBI$U_fDOQXs_CsV-}Ndn zSfZETn3=RYd0V7KkugX@gja!vC}(osUSy*UO8T*N4WEKndjXIo1v6mX-7 z9nthFd3jGQq@=`@sz#5w$YTMAjwVrN{I}PgRTYW&cqg0C<1wYQVF zPANy8&cKZdB-C1ObRz;8EOsvyr-=R*(l;VjI0|L1`qbv7bM7PnH8zBG)UYxl$G+XD zkP~?~Vaju(y|R*PNM{`3^HlWC%g@JpT9F5Q9<^yFDFR~Z6co+IeVR{4adskrl9F{O zti?0xrMtE3SBiPJ4n~epKy|ssy-mifYc42vi&kZfo4-5%^TcidoQfy_VU#E^U)!+} zpS?12E>{y@UdofB(LP9b>Z+*pkcDnHN@Hc~@`A2wf|yJ{N+C?kDyq9k%O z@CwG*V5)j6_3mvo*dWF+NTIAi0z<}~oSl09E=);W!jDc7i=uZL!16Z;y9vFWYNKpt z#`bkK>`gdj4wH>OF0*Z0GmsH8Xh==()X1Kb$)Ud?S|+d{%>wp<}lm#9)ow-U&C zcXG_QLFkjy;B02I`f8G&)pezr*+{?TLQ>FwEiLV8ESx>TQTIn)^eTJ7 z3uov?h2ZF!tyx}MHT*fUic$&C*(8hd{Dfp*v8qso(z~yu>NWc&V0XqtEbJRmcPx+c!bm z_$ZIwTN|6|crf2;WlFV$6*+X?6vhW4rzXZUnT94{(>T%Vg14f9(IW~^*~t@QIx8-(#WdKEaeAzl*F&ACxo*A~HfyR8@bdc$iSD#hkPZ!9U9 zc6Bj7>$Rvm1YLB7ou=ib>ikGqBkc(A*J_k`gKXR~S|@U`M;Y0BQj z06M~ND61`Zr5dTK!k=lko-T#*n(z-jQ9#1aVe(hZT&DuKX&E^hpdiQ$GdS}_e)zH# zw+ql%DMSB;)p^p_lWNgb}d(JQca zou_YO-&4J$PIl$f_aJp_uvde(eaW!+gv{C`!PNisJaLU^Q5?_xnndu(Kz4KwBWpY@ zT_3yRtZ`PyTenHdA#^bt*=2p+0&5ay!A`;Jz2-5h7jj54=;d1FHZ+MZH>d|^7o>wO z4aO!umM|jAuTHf@Ub89R_Zc~TF#>MQb{%Mihzg*D(F@5=Su$6p9R_j%;VN3DS92KT zo5;bUj5vm7f0Y{87#0X$&&%(;vDC^C`~V_2qKr494CMs0h8*xhfoq#L)u*JBKEwqC z%E_-jSSV{iEk22I)@JvCtn50s`46=cF}9s)ODC#}5bz>gy>1TV$M%cl$>k11WjT+N zNvA}2kFR0S)2j%&9;w#XXfDvenB;w?a25mazZW?CSAqV!c z6Anzs(%fupu6dfD?uY((TufjmKUzS=K7>zc+O-pU9KiA;QQpXSKR!7oT0q;5D3`hh@aB`n?PMw#qUw_3+b9aL zS~!s^$L0e5RMpp}Pr=3)BKch8rRvsvZ3=1Z!||5Ya^xw*Ku(MdVp~l7O&d*frRe0@ zkmZiIny85Ja31}WL8R5`OW!rQ7Z_n1$)=XSZuhwBLlbIoiU4-iCT6{QEYgl&Am(z% z6D$*AX>z9bD_bbZQCjw4`@L>|f1pt9Q=(X21ajC$cC9>P+-W*zINS7ruuB9uMs zsP9hf^JNgd0jr)?2;Q8H&_(Iy9{544dIs+m5$425JCL(IaM0%=R^bx=OG7In`>*FD z(_8;;VYI9XVi~LPw~K_F99x5#jNOrLtRgKacld`$d@^v zig27e@q010xNF6P%4>*jnwGyT%U+_pF1HeY-sx(ehMl|M<RScWmrF(R~^+M!@5k~;u!#uA{L!3ROAw!IcO)RwCZyysbU(8I4!upDO$k^m#!$^b4iVM7&~# zX_D8ABr$v+2?G2ps6sgBGkDf4I@+B+Mr;gzRask#u1DgPR(n#{8|ONE?$=4v=vfF( z-YH10X+JAOl3guwfzvYhJ#;nfmq|2Z9UwMVy?BnEz<0PEtaMMTjiZceO{SO~@>ZoX z^!)<^1hEyo1(a)2mOC25UBCF*BmEAD$*w?}09yC&?~&NV7JD;pWJ~`|)G|Gj%?)*h zFP&2jxd0h$lfF{N5xXwfUi;MOO6@0ZaG_}xyIY^nv&K>jC}(kFZ&NGa4}Hc$W*d>T zlFGYYXM2ENU4+^5s=GSXw!huhA@<7ZA2^KE9tf+vS07*m$7!> zF!1hjZ#Rt_sjm->8?fIGDbs?)Y`^QAXz!#6FcRN_7Px@9@JtZijzlWUDN#h*&?J{I zg9Anky*rG(W~fPtnNTW_EG7me!@s$XtG!Y8(!O(h$|Iedc@yqYsEof1iNX0Z@)Fj^ z|7m6{r3-?-#$l-jGu3&|f*c&sYuXLI(LDTy?uEYG7<^?N>-*6A=erDM-$=a+Z%kzsE^R!_Zajx(g06Lg4*U&X zgRp!p4+@i(UFhDh=jgZ&6xHqoD15|F%e_LHA$*x}npXJ!`ocW>%G*J(LC}0lGn_Qv zaqz#rQYFm#4`=)3{SI{$YB6T^9HBD8>0UH{)`)a@Rj*m;!LTW1;`W64?Ey7A<+wN1 zxvUkrKa^zn$%Hq`;OH}HUtQvX>>@cS{pndS?9g|^uv`Uyewjt-dLE4wd$+djpbyxu zGaTOlR6?MT@H}Puims)C0bKvD@)YL(mpp}&k(C*WUdGhU+{NO*#s7Osz{$?a^uN?8 z1W@#1mNqV?P6YH~Hij;yBBsXnCZOA+dDY` z1FY>=U~G+!khlM9U~TW{1_{>#ba3u;C_Czm4}9e>)RIkE(N`l9Gn~(e?A6)EOvqGb5}6f+!A8l3sV{BckDKl-CVLb!lu64lafWk7*wmb8W>fBDd6 z*94fR=ddZ6YnTP=WL$QvjsU=FW@6&$A?;Qmo^}u-&%I|s+~{48Z?h(0j{zmblam#V z4?d?s=0#Id(fC-k>Zv~JUk<_48n8gv$f6q74%z1{t*rqiUyyS$JI`91;7Wxu6t5S? zOmcl1F0>t~q2u){xqPyuV{+k-_xpxfJ!?+w2T>y@ob|Al&v*Ch9$QlZ2~Pz%`F{;5 z3Z2lVZ=7?ITBM2^|`u8Q_eD`qZV-a{2^jq@}0WtWx*!mTxwmVYz zRwUj zB}G4In!sXI;5ae`NqblLP>%|@I${IZ`ygGc_ zmwrWngX0rPeAg)qzfAV6K5w5A-Px#dDV(2DdnfkfMr^3t@#l$aqdM7ArUzuXkH!x| zY(|vNzFN!WlOX%q~=cQz-x3q8dAx>sNGX1-iJ1dD8OmiR@e` z_iwf31%M556fbfa(kyN`g3g=m$GO5{;XzuMPO5eZ@=a7@XxuMm1}v*N>$6;1y#pd) z(bS7Ev9T7FHdts=s_6ZLzS>9JtSm&Wl$`}M`b1KEs}`-*pa%6Frm#026j41 z@}Bl1zsMw<eLd&b}i&0I}_zYGqOd#il&a($+m%J=3Ty|Qj zb`42%h9P=UXJL5FnPV3v!58HxYR8o^&C$DaR~0MG_NL?Z$q<<7--DEsGY&}6G}Em) zx~i*?G;}+mFu>@vJ?s1yp~A8QzRaY{L0~75_s_?-nG86D_7L=jpj)7v!ZmBwaDoOP^pw9SsTu&OnGb})LfB*WnXOA*#IPMBd; zmMXWx7A$s=klFSc+y^k&_P7B81AXqRwjIUabDamPlhK}EWcqdG*|Dq~_0^lP z51x04<8sece?A%m)$gmk^rfVloTL=61jcqcZ3p(0(a^JtSse(jJSIE>9Q;bgy^S|m zJfR1)4F-cYwWAfPaz9iFS&$g1nPj9qf5bs7vr9>@liXHEWs*hc=9P}~1+zbLdR!<|MQRI?PX z+bDhd`lgMLsRDvEUX^UX^tZ`bXc(Kw^5o&HYhk>UxY~VqVx}#yf)(2`!7U|J zLW};ZHk|d0Zy}P4inE3O=5uLQJ&HkEvaYbDG$oioMn?qMucNwle#8(6SpGsa=WeTxAKYn$c-A4_x1{QEZkDVA+4r zeUhp|rbD%}ofP8@f04_07V zJy~LO+rpL=C%~reMwkes2-d$F5u*6I-i3F}^0xCEkXn|QF#3@7oD@rscqoH2;+JOv zI?tPF9CYCO(<$L<1w@6E<3J4vqaB0pC2{0gt=~jQgwEu=gLg#_Y^!qzbNbE-2F;qA z(ri4TWX$HTi#o$GlW2K(_Wk86b8(+W9Q#g3T7y>wv4914x-{>S*Y_{tN)~k`sgPit zXDq4#pD_oGe(RlrTz_#-mBkDT%`FP5ZM`Z|JcFK$>JtI%y$qR%q3`gdvnGlaZHqmM zxX`7TZ+J7~$6KZ8mKkrFBaQBz2#hZ}juE1igU(;~uxz%m)W>0= zOECNUee)8hnMxu4NwB;qktqbU^{7jMxIxg0?oKA1)iN(4k=w&%f!S3*R$n~V;LI_f zjHG7$-Hm;mS{=P8dhE7}$Ei5LvDG@@#s( zYA-|==54iwlxZk5YnJ_9k1Xlrex>PhPDz=NWD-YlQD#bj;)99ob@8D=H~IKfG3Y_Xec*9POb|xpLY5 zQHrDmCzPMuk5#FQFn}0FNl_Gk6miMF8lbU`T@DJ+AILO_13uLw5MCbHL~Xwp8Bv^7 zn};ODJ1Kqu?}gwj@HR)$`1i!*J@{R4& z1F<;*US!peq>e%bk}0@mdBUGF=)Jnp7-55V1>H+OVU`5kOzq14n;bqsszU}ed&Bc4 z8%Azw(aVwMD~aE1vqJ|EGBzZ6$1R3RbHz92I%4G_#L9$RLyZoGUgf?~T)m<9gi)dY z+U^i8JI;;r4q0O4+i(zS#2?_`DMd;gj+UI#-+qa^9@z!Wka9j+s+xD*nE3p=Xp#HLgZ@{6phXh4`jzIta5R5?LrPwhQn)zpe0#aO!UF|sH6Tgg{@{HiR- z=^+!9ww^TP9Kd=1A}8weF|0<;_#Z=15|UCcBF5gf=AsT=IOcMWyRniJznIgf-;Can zuebWj2T4{r&MZaiDSKvEqQNDqBb!fWP+8d3c{CK3G2*Mlg$tU};l9p%Z0|l!`2qbw zMBi%;8#Q`dUqu!m~lHS-h^37ea6{}q3K z?t*u1X@Lu(y%;c$=k7B0lrf8oOT#G&BDb&Scf~XO!6e%Bf35A`8lPz#vBB6g`T>vRWl=Hq#b` z%RVB(3jx$DtG~09G@uVnpK$liOrJcK!(Sx7WEr!k--C$KmiiP3N?E$1H5UeVCZ@cL z)I4s+9lb9GRhX;MVWJ4YkGoO$x9J`F9&lnD@5&Uq+L60|jKy156sM+OX}uq+ zp=DHAvMObeGz`87geufy0au<^@!Q9y`CbL0l0fvebh6alFUAi5 zrB0vc-rv->Q-esDB=QNtO<5o$@y}v5?fDKbrIt~R9}oM7?{9-ESh01N6B3&+tMK-7 zrBb3WK*<|!CFH3e^Y%=Ax|(&ot!~*IE>!luu2|_e#}f;^#%{X37qck3HtxFaA?PGo z&TY(6^x&7)fk%mMF(-p^Z3kLXI2~USdkWd7!d`QbOzDmyoEUSlgVdu8bSKTI?{x=t zDMK6~Pv9#@J)`LxwSHO(CGEePLJQ?Obn~Td0F#~#!E+{AA1TOtNnYy3M>rgd!OVjx zT9>QLDYK>vtr`;R5CAqV55KBu4JsLLWZKH~Zx;W1c+H75)HiMb55nz@2L4R*4g*g( zrqFwk)md7TQzvb$4~jL%ex%i7;Zvw*79N9~9nC%-y$S049Ech5Hna&~ihn-o%sfw) zwLn}xLx0cB_)|1_28EpD>&UexTP-i#X$>E5LH1=nzl5_sOB=G~#3Qo!zktD`@R{~K zx;JtdDf;bAz^xzR*kVS<9DkV7ZXpvk>e3CD%2r9ehdqP8oDUfnRWzE+73UemQ~N^N zA#(?S!wh~M0b#|XdkBGThA7xX;?3H$ns4AW_EbSTNo=unjUH7Os3+BgWhUMdS_Zc- zAJ$5Z>!sp%fc9{rW4d3>J?ErCSLN|L&iAIuL+9nAPG6$>zhJRIui|dzdtehj3sIl* z4M~0;^tLgsy04@)C+2ft*>{<`)Ax@|vNfXMPg+||R!Y=x`@Q4=5_-#Kr%}lBg z)cqfpw61%ATxtE+H0vLJ1~uPFy=i zjhv_O)%}**W<1A1LrKN4Mi9)N&33cULj4CIpj8M>-1z~M(jt8FR#<8FCw^^I^kgIN z<&l)C-8)dOd&?e5M**o7mT6W8e8dk(^<^J!$@i(BN97f5?q==Bv4%SdR}FqnLbJ)4 z_9v$4sS0GeO%{{p8K<=N+gMm{5;MW`osHGXgIY>VB5^j1FuBPn1md;$(RAM*wW!r` zHQ7aK+$T>Spshq%O|Vq?z3d^V%%49Q#S!e;pT$~QEG&bH9@xP0gNSJKEB#!j-s%-_ zXS#v7YeH~q2>XDz@=5z9ni{AK@($1x&cA6sR^a&O_#h>Vj7?t^zuJ!g# zZJ=QLCx@(zqgQ zzm6&%BI`#;yb>@T5X3e7#yH@+3eG1-EdwQ*eK$)daUA~ydgPP3eRyigMqmuT*oCFr zQpB~$c@bT%9E+5`oa6wn&F}`n6(CyYQt9n+MtZ`hM{a?A2|SLqG9zTdb3HJvU5c&m zR~(Zfc+bCjIx+=|5LD7M$TEkyTRhGH-QG!CDDmz_s80X2xu4C<7AfMPMkQ$nvl^pQ z=&CKr`9^jLR5X6Y?HFpYL?}z>4vPK7 z6w#QS*HZ=2eumCVG+OJ(3P>S-j;Fzzl1NqzzLQV{>eGW3Gy7ZDtoMpO1PUu?i&j@! zU;F4~62Eb)g7{C>;z{;Jn5K*Tmq|%Ov#cDXIjxUWG>x^@wdD+ZvbJUB${cWFx|>T` z?}GU=^CGdh5BLlA`w&(%;RqeyMW6rD{eS>(6xXhe*s$ms7QY3ZL;C^e&IKb_Jm!6+ z;sciYB#oVA3l|kG@Ls*P_TN!*MHSUhZZlDJ&}~BzFeuV#Z{2FMm!D`tuXsk_N!rcl z{`z>LB!p~+8|9#>W0KH8n$jvAr-Noh%+40vT)k7kc02cV-s{ZsLlCTuW4s<<9zULj zyM9TT1aoa>mfj{I`CzR4XOMDjDDt_ip7Gm^@L(ZjFL68pX99W%vLP#`xtj+b^zv5q zK+#lVj5rhe>@wLjnx-p;=o1Y@E)M4))rh%4e>sdr&RDfg>a1-$Ku(72y{>J>S8{*q zH5h;Tb`9s3glzNEfZt4F@Lg32d~~9~etAA8tfY)`9!JT`P(^-ko;Zt|i;!yfLfrL@ z{2!obQrc)U7JzSw7f-+F;Z%_v1+te4Oe91k-Yl{cSgz0%lNVZzErR!AdFGr(zj>2H z?^YF#9%FwWy)sT+?kv{~ts^M>A_)r=C3CaExNh$Qzjy6{#g#!&4Mn+7=;o1p=J zeTC-CXw=!z_n6&l$>V$T5cg8wOEV-HwZNL+E>A-IO2=DMYy<}r9$D;L>i({bS+pGO z&B}4};k|)6-`!r~pjJ&+7p6GTjH8UJEc_K(hVM-s>i5w^q&RWXflYYF&Y#y8uUq=Q zk#mQBIQaBoOk@bg1xtIV0aXnB}uaC0y%&=0U1h|l2&kcgz3ukmONJ=Cu1Vqqgm;;?ZdLTG{YF$ zusW%YL5xsl!^%S}2DVD0QZt`6gJSqmgS$-oPk@%5?<~4_%AAYO%W*gtlHC(Et%PvJ zBi<^Lm2ZBfIX^7#{o3$1hY!__4Ep3`BIVT<^T?j-s!%@jl~AP#f5=I>%_R$Aq^QP8 z!v0i*M4I#=3K}f2SmIr=VH+j*hpf#bu=L>{6mPc2gvs=@)5*|JI48? zGw*W;_{^D{2T={F(MmVU#hNPx!=MKZIOJ3nIO*&4ZEmZ~6STXz3HJc9Mi}{sV?7?~ zTctve13jVEK&goMU-p9HB|=1*JFQYMa%&zCo`9muoN?#sK6nh@R7JSJ4$9$HZ;E=o z2PtVus)+y~YoO*JmY{URnYqQI_I&;lJ@ffLR87BTXb&z-MGCNl;uq;o`Cl6oc2(p! z&%Tu?cc`?19y*~KiD#4SlD53(xam}{%R6yjVT%y~I_IZ&G& zcu43NjBc5%-}MrLNhm=@)}8~sC44p)2yWctSQKvd#a)2NqucTv&@TX!osaVtRQpbHV%!D24aev_fojhOrjxt)U8c!n?=DOi_DaN?1>j^+t{Zr}Ok`TujEFl!f`9*GW}K~K7xUC%r1NZ(xKx-{RB4YLX?F+P2H*eClSbIJU?Sz742!+7 z#y(#f>()=!ZWgttRU&P*W+~wbOt7KzEaH0VSy}J-q%Ygr0Zs47TrkyR-b5&lKcyO} zLf#kmO%8MS;vC15wrYn)wG8{gXTNUvv5AK-W6vEKC>ZXyj(>yhy#to=x%Q;#awu~A zV)(S5n!cFB^k!{?!L|)qbiEO3p2jr=MmmBiRJ9dYXh)vLLGK+TfLUG2!>=2RDVVRiuU?zJsGAlM zC<#r*3Heb>#f9&N0)kDEZEM{G04tYsH+bA+^db6no<%E<>(HLJ!%KkQ=#l_Tl)rE> zV&@EY#$bZ&Tegy{(vcgWwtk8%G!WC0L{DW`$k8NMaREl5v_$^??;Kf?^UKXLN&_zp zU56tq4zY<#X#^7z1sJ2Oa+AaycwRzxjZK`51qHnq$~ZHxSx418_~1z-ixiixwsL=9 zyl6atynl4wBEE+Bijy~D4gy7}JV-oP_65*<-FEJ0w4g&9nP_A?>T`r7G~^EdF91_%^{&M?9<17PL~(&~iTc16@%oIrIb0}pZA5YSbd zux;hJ8&W;b}WMYsy3{s|FDmS4Zdo zKjkPNX{XlW;t%=@WhsD%qoVl5c5y$wh~Cr?uP8lMk5TNJWP>E>i*Mi=V@$^5Opw$$ zyMCq@9IBN`Sj-^^4|Q~3b#9IA*BXP_o|gn zh_OI+S=~jM)e?d$=!E%nyZ^An(nnBP$FE@g@YwNYj;zyPT70&Ol%!$FWD+!@NH2!7 znT?R4K1^RnXk`0!;&xQR|1}{t1AZ{xtRffU0PEF?e+e*5LDs86a(9%zkHnLnXG(!= zIg6+_lCFhH{ig47GeuUI3^= zfDyl~(V4Hc8e$(0wCTRr=b9SE*UQ-TFT9}zfytFI-H#M@hoe;Cst0r@8c=r-)fxUt z41gF_0MmCzzwF|hKH(Mb6Rqtc%R;7~L~jJPZsU42&LJkKtVvZbtY&aI#7?pkgdXa% zlw9!%4QW}Gz!0lyI2`BoVi*Sr267t>&>hpHvD*AE;Fr|iIZ|{-E@MdBmbN_`No-jt%#{?K$m6b=Wg!D(yh`Fvg1btBcl+OT z`!7$7wDfe+S3=_Iq3^x#5`RaW_pL-tw|k z^)k!T5t!-ln*l)ivT+~$CuwaLR-;NH=(~~cb}A$;d*&(d%oG~fQ{3wXfZpfHOFMzD zb+!6@q3>xUeZxM6w%Rn0kF-n{Ecc&3fI$9epl@IEPnR# zZ0jB@cuTQolsHn)4#J88@KaWGLTYQ&!I__euFUJzGXIk7eCy}G^fU8|ccaTY1Osad z?2r+5^D|e4w>*)~B$gO#ha>?I{1zVV2z(J2>LjgzYOBDovwOdp2#`{e-|-1eRCe&P z_>;+ZJsu@iZ6z*XCeYRHUYI%)2-NAeKL4OX(%73iM}&|SpG=rxp; zGWv?MmO2lDjy)Gh&HYA5F_O*V(fpY_e zr-qo_POP?tLMk7JQUmc`BvLXBI$qN6oq0RNJP(=Z2=ZN$|QNB+eK+1;gU~jKWD4(6zO}a(Xswt5z^6De;B~>>G zF%W8X)2?Gk^?QogUwRaw^~AQE<#pZ!Y5NIv7K87+MTLxxO=s&3V9UZ1a}h)7vlDY? z{x#Xdrq!+x4zTwXQJF}3MgpN9UcN^T5MGg0u@uUCy)BD2!s^!bJS$-t9_16BEBtiq zs}%B|wnSm-#;-|zA{t?C;7|r!1+b)QpAAcWcL14?J=p>Z#R$ssm+9K&M~eILS~^U) z>6niQ>jN{sfpQ3lx~K5!4iJsnE10v&CB7*8Ib*-Lr^iqjIOmYBv0tXusTTX`jgaT` z=3֍(6pr8QjpG2InNz)9UD=j*Auo_CD>s^FbN%r=I>-$5<#Qniwy1T=&uIQ;^ zJjWo{|H^6UZgD(vy~}O4h!3}RjGw1wD7fciu@{-(Zxu!lccHwKIM(lE-K;6wT!Ho2 zQ&`O*8R}D{=8Pp1y>}KyK94bPxo-1$^I)gVg2-CW(HvIR<8IX)d_{67SeOwov&Z7yDc`{xY%ro?eX3H2cvyf_Imxw#Hd|nqAdg z8NwSE855ZshgCpSPc=3>IR;@^Z0b)+h~xl@%@%ZPEfkv-unPd2N680j24`RdPRGQ| z*q;C(a(l&#BXEW`2PlDD;TH|)Y)POT2RnvPXlrV92F=g_@X*!O1=Y>bImgv~zxcyb z0t5p5&n6InIgSN^ps28%n3x8jAT?eEND|O0AWm!@P#E37Iu1er%>=l~1y})K<`xHV z326YuujLQP`EvrE|6TQ8%nQZh75&D@me$?`7(^jzePg|g0~i<3$*ojCTsxpK zCpO{6UqOtGz&ieq{?;E+X;#eN6`_&!uL|d=Pnv+-@gMiR3gYp%x)n3=RUgui@*2Re zH@%a9^1tYrzB%B(%Ln(OQn%Jsyg%=gJ;vXTe}bB-a%w_>r+xoD0@IpV8<|5jvVxa$ z{H-jGFFf~!`fo;w<@j z4^G~@AWrQY_Fu=jcSnc)%V?F-uC#9ZFKIGYZfqpavg&ZG^XH{hKG6$^wb`s?OS3Q} zekRBg{Ltd7p2hM^`^ks5HY61<)HBSDyvRPCEb3*9sKjqcL;uq(l!%7iJli2EW^SOU zpJu?1U%DHhlaalaOx_}4I9)TV$QqRUgXp&yZE=e2#GTm<0!qaNX16s3?n3*|LKF^l z5xUW+mm3pQoE6|m2c3uxwWw+Jx9!0 zG9#dzL|xIUdgRYbdB6q%b6UMJjI-c$m>g7T74SW*Jgyr!!-dk-7hJr1eUT?fY3a37 zS6PSbSLH5eIPz3JFY^^cI2!Hb`Jy#$_*~L-zBM=wUsY)<$EfZ9By6QI#o>ih9MkqB z_B;3%>6I+M&uH2u4-SJmO^)H#k!-vsBU8lqpfXh1W;b~F9+8!548yHI1wLXMJO{?} z3}Ke~1uEas&GU+b9>sY%D8L3yK z!*SLZWnQF0u>yP-FyTtC~;O&)Q+ci8)D<%h8+db*2@z63N^z%h5RfI^I}BfRhv6 z?61*tR2!N<2=>LDClYUuO%b}mQL_+G8i|MXPgHb|prXr;JtI;;36@RzG+~0ZTS&Z- zwyDE?Cs6u-5Sioy;0+UD+62>S@}MF;e}2&!IFg}q*6Q+?n#SJKrTpi{jQA5_1-(;( zWgeKwR{oIH{UW{5;qc3UV7e`*dGcyk0@vc~?r9$HscFlkOpLxCIDGugWGj!h8CmNZ z7GVXrczunq%(Ve4Ut92`jzDBE)R5*QD+4%@vfe-OH_fPOpb(^pZTOb!B7v8fys)yP z<&RaUws!hXB*4>WfzGU;U6I$5V#-;DCxK0qt}tE&2@14q7x>K<3BBWTa15eJErXa8 z8^lrmNE6^?1~z+*wx#&?6wg^uv;3Lrn$UL+|Dd^gt zTlnIzQ2pB2g;hs${L|nvA`_ew4a#$T(fKg{mD(J!*J}DUa%X4=E|%Lp{eH+E-uYA5Vf@6xj4MkIqO|8Y{d~; z-mdcF*zn77hoWa)VXh?K+;P4k-Oz3iW4y<9pExr)NHmtNMLf`MtFSdK{u2UgXlDe! z-BH==LD_hXu+2Ex>hU8ymG1;lLwA;?OK7QbiZ!?G15ZZx#V=(O#aj9!98eoP%r>N; zc`D+oomBhCxLxOxUe=)gL_-@Z5Z|Xn$|`Pt)-B$(D7z(mCbS-C<=q4f51>%b5eCU@ z@;Du-M1}sDfdn6TThK+cg46LzvZm=oicckifv{SCJb_*RC-82_uuF6cly}nl);$Yr z%d>B3%9X7x1M5|(cqVI3RHacmEjBBWRH{fZphchikBhp%7=^8)v*%Z0N4is(CJ)nw z^EIFTWLyPgy0k`hY^Cyx>4ck#o+sSW+^NUAnvU(E;OmzezpljBR${?;CJBUlgRe+LPhW;JR7iI&0mh zbYo2p*lvCZl2$UyV zJt8LnoM~}q@YCX4kx7#c%gJXm-&?%mtP-Yf z#Wz)?ftGIOonqHs$9koKckM0d%$@G1iaq0bqLy?50uMjJClPQP`kExpU*&5CRBD$= zxfE?dH?gdLua&KYIRX^knYnn>4K+E{GEw%1?|KP^l;F9v@l|i`o!=0z7;NgDz-)iq zNkpiJaqg^ztbNKzC>U#?nxn?Pe3p`0gD{4H5i7`8_(c{BMG}C;5cz8QEfJql!Rf%f z7-W7qsx%~$;~5(@a)WF~lMr^9MTl(Rs?mB>l($aw4_G#QF-Z?^V45d`{>iWN{fVzOmn1>HRBM;UJ?9O+r~ z{z+ir4fiTtnaqkXH5@%#D;~OQUK%0T)4nhtR|LgGUpwN~H#(SgJeyZWgbVJ|8vkv& zT*@j#aV>M>@_ls2Evu5I7-`X${(o#l0S1bpQqs@=j%o!KCd%ahg$A|NIyP`BDBz28hA~vf{1Ux7sEkVrC`v3I`br;v zY%!E}aShr66*mrMxj>SmcT^0#7}-vvbx6b#yR!UqZ=qXA0EU-DQy-a6h`o300t($@ z%#W>+Oa6)DutMJWdH3bFwqe!xgdTCWK21Bmcjo|=>;cT@*Yu(J2@%;};-(~7;^+wI zK!b)i1Y-+JxCz$3!c=B`Wx_I#b~oMiL5fIhGnlBNq%O}sVs;>;1mZhqpPsAX-K*ux z#lheaFE3gZ*cPLK?BLCGg6^(T4;pBfQ88@@%3Jh*tR|8#I`(VPM7%YR!nI1J!wQ`B z1&P)~%LMY4(pm{5={%Jki|<^BLgH%eY;zhNQBXOH!-UV%q>Bsfx!)()YyPfTyc>zF@~5P+zTO`*bJSGrHk9m^1z%tBh%(wlk|I09`k?2 zC7XaiN zQGVa-`=&7L;l!E7=GuK+#I6kpwbXpoFcTz8vGqKv6iI5bOQF@5WOXbFajRY6;PGnR z&JvhNasfV$6*$RY1Zr?PFnYpGhj$qJM++gS1@8+v+pud%sltN#13wmLlvY{s<}!=) z=2bw^hG=R)I|raYFbndO+1Xsl+xpmF14}FMh0bAX1xK`xuv=Fg>~6x!32chzf(EGU zPKs`B2@WOE5nu?AJM)%VHfKCHE2Dgs$IXDWY80oFJ=cTx+U=Fhh$$JKH^xfX|ODuDpG-St%Bi(>bc(B z>6MLACP(&1qLk%MNU6F4c%9S!s;uO`{8B*v%b1Z6R%{N;$z}6qaZZ{w0S4vzFN@y) zEKa1bjI4b<;?D5D;8c0bs+keKJn^Pmk%g+!5FRtCHZ|;Ug7I0gOeeDT~FXufI5Z@R#1aLhmsSggFgfv92C=8k3iM+I_f5XxorFNRp2Pit=flT<=!XzwtcwX3bf_G_3cn`S}xKi%(rj58VDdvXq(&4*N8Ptzv zEFmCl;TIR>NOl>|BT%Ih+}rD^a8~=y78lGMF=E-g}{LlALh$hvRH0~2z!iIfr4Q{ z=y!4n?JC9QF2(Ik$XZ3`$-$7!Np{ajGX6pLG(Dka8mKTK5A!0>GAr)rFk)CCx*@?P zoHH(~n=o)9UCY3lk~bV$qSJWkEV?=o3;ZQP*gf7t;pRW>Smoc|L9dW=9^VdzJ&QcJ zXJ~gxBA2YtFkpdtDU}N7bSU-FjAvtd4<=d*&ei%O^SLuW5S4+YzlO_+LLFx+N0EZO zSyTw8vkF~p!)|nw)T7R5yQ$R~U0_ST-k)cZVk>BQBxg=x@fCwAbR6?&9S0L`NGj5+ zr4*0OovyY1R6#od<7*t}Jt($Y_p7Sz#3xYvBIPNDRTguZ8I-qc4WY5Sg!XlYtRpHL zGpg(^M3}JV7F2gt(YA5tF{|&iWbT~fHPimdc@*ObQ_j;Km6!K(oI>#<-Fh{bmMh!a zXgp=#8^3TOy^De4-0GBODVGP+fNC1s>^3ckr7=#U)7R z{ojGT%hK=e?Z5hko3SlwHO**@dLnkMvG!*hO1O?V&;NJ>b**~pep#=l*m&ZtMab)A zv6J6BuMsD%s|JE{+yrI9r8^;Zl2P*u*UJ21eVXC{JD#aFkfNE+ARc-u?WSjkIiOD$ z)_&|(_c?Y+xC6!d%CYKNeWKg{WZ=&TlJyWo%W!HZ-r^&+YmtyvUs4@Ku9%1q%<)H)jUSr9o+U^~7Uazlr8PUOKP zx$83MYt!rhcDo^v8-rsgjW`?*k$b0StWcKAWcngzd^=}*wI_I^cw1Rvr*jifQdM$u zv_45g;?B}O;&>=4B1uy*dBlBJ#M+4en`EO!;LoP+w`Zu>uEykv`=g0UQ7BS5-RsK5 zTljBNt&W$qzC46D=|^?Fh~X8lM9QA8Y7@A7XjwHiF!{OtlUait31$>A2tbFS?c&4X z5BhxUj-_`{ay%1I5$`XPD5uMUBbfb_dJX8Cg0cnxxwmSVk+oyFr$getl0Z{*DNpaFZYa7)tm^l6hzJ}4ctlMP4)c3v0&s5hrX9F&XsecN> z1={@jRLujlz$j+M;O9TGb8;@Ji(NVv(;73Dn?%JXwp6FbX9KQY2Bi)$cx-e?D9zqQB=3lf;Z` z+OAt2=iVJX{p78nx?P7-Tj#G(_n?n+-)L{}_2@cdjBOqXf8>U}!0h!IPQ?zZ>u{LR zNw~%knl;;VH$OHsy>TePc7|mYKGLb~Krw0wi@s~4X5-;~6cHY7b!kWjw4u&uM7@C7 z(C1m9;YUrp-cEl{r0^`8AyR1@-bKrAHpv@7QtkGYLA?>##3GiPt0V?sQBOcd!+#m- z+oKYH4~06ii}T|W$KOk~Tv$H@iG8L0&h;8|=p}{Z|LVAuKf<~cjZVDEN%+fVt>#Im zT;8lzvxGFAau5akH4@teF^8X^;nqo3QY0>z^PNAk7nh3JK=Mnh%uF+IIwVDyx_?_5 zh=7ePJJQEkN!EV;?_N7ZC)2(&Dzy2eDq0^TQ;r94`{BA4bte`3OnP%6>I-%uqKHjz z)1+E=IbuQ3#(7FXsNDEThf076y{=|t&Bmd=$RFPrWO^cs%5+E-KV{8ANWU!Ce_|qi zs&~&fp?>PW$*^)D6WDs^JHi^eiW~~{Y^k}z<_=-7cD!Z!SxP{*)$W>VF=Xf8Aw$jW zd;EMk1eD2AXimPa1n8J4wGpr*hyI_;P2&+~sw~)%M!~bc2FHmw=bWv9e%*SwY`6;{ zhThrGVo7r}kK3iq_Jk&5wBNwb?{bjC^(i@9X$`F!P`;uo4RbNl<5(;`42Og(tb3FF zVtFNr!lm(AQ2#kUJD&JftuW8_fzj5m#G|w!Bq#wqIBCovoVI|UOKhyL*yeF(MQ%%_ z4yzPQ!^}PSxEi75UK)H|Hc}|8>ww|U25H+#Rv_Ol9ptEa0T+!hVlja}XSQPta0(AQ zeUo-=Qs8!o#QM8g^Jc}rLqzgqU2kxk5bk3f!pnC7EnaN4EsZx#B_Y5X3271(_=a=3uaTBmR*o_%v zO|(KLiq*@=W_JzmUQvBvV}B)=KE zbgK#nrgz52Jk|WQ(vvMrY>w7iXh!a!un+x1vVH?y8UIh07`hVI7(Lmvztb^myx#4< z8~&U^2e+FJFJma1R2V^uR^ChJ1E$>#siQ51RJ;v)qv1^Li&Ra&ODx-~hqlQmxZ}Cs;Ti|;GK6(!H3VoZ&g)#zy64^R z?3r6Vfj3jVfM3(PN=ZsIXw40u&O#Ga4H&562PwLb!qn7-u!#Sa+`ZMVb=g*Yve zi%MlPk{oHWv5rSB5l_1pF4+`c@M7m5JnpTJw6F~O`RXK9^q{Bg{v9|@^AeIfuCrUk zl=ltghdN3H)vWR>rMU_!;+3^!e@^esQ)Gpfz%5D%s0;!kU4E=3bJv_HkKYwh_R7+gy!I%g`(tnM`|5HDYTpn2hR& zA};{xqgCBj00EV(;`?7nZaao9?#Sac(UCady#{Aw(x&#EON&^YmJUzXb@vb2s-ss# z?As7tWbWOsrcSSI6QnTtS5!bQ*H3H&`}rN-#I4lZB<93pA{U}|P6?ds*G-4Tc}FOZ;PHZ2A?2+i?4<{?9JOgevU{K| zYs-OL*JT?E{O29PKr{(>gPT%Y&*0AClxBZDhZ)q^q(d74CRO;}9$Z5kAFqiN5HU)y zBJ=8h&V0p2Ai}}&8i{URVg8hsmHDI?W#$k9*vKO?W#jciT5Lb3$G#5PHMvSV+socC z4U?=&iiD1?D1g7FvIw$1CbokiNQm*vW+8+?Q+j~U~8nBc8e6wb`6*b}6csTDFQu1wA==>p}l`x(ls$xwP7UUU~ zTbbWBU)6z>$hVn8oXuO6mDnDh_S=@f_c%JA(jb^3vRw2|5y!n~TaP%0)`jsj1EO|Os>@P)U-~Ds~$hH6os9EAYkAA%H($+`t%do8VD1A%q)a|LRim|0>Vkvs)nyb8H| z?`QxotaR<9g!YzGpe|Ub!)8&;%b7}xZTxoznrBjV+q9`^aa0IrHGs;w8%%rt~yhRE@AqRTX%e+=8 zGgKc+ZH%jr+7+6J1r1GFoB6U>v-@cuJ6(;k5T@B39#>65%oC~JJ~puz1;neb*?^(e zp1Z+fP@M*Ix#w_L%C@RGylKk19!~Fc!$!R}O0Oqj zkr`&GV_dL&vdsz$JekMae!GA6sX05B@je^*Y?gx3Ol88xa>O@uK@b|zBGrx&>yg_V z=PTZ7x5=$c#oP|Pr9jjQrKlaQE-WtQ!t1xH&G!*)gkFK^%eKoewDb^tHUYNEtn%tn z>}-%j2k8p$A{0wqVm?uqXm%L3-ra7Y11sjGBhsm4>&vL3ku;0h@05zRs~9K8t9?mp zZQY8)N17cWB)?-(FG0f=Wqh#9CpODhKIm*g$BRh_jMDTyuA4dN?Fvc~RTxGzm&_c9 zd`RgkdxC9Jt;o=9H|fKT7;G_u>G8%V{zTsEynYSi(nKZ@#M1|Ht>khA2UQZDBaWI8 zs#v&_`-47a<&teWTsX#&OvD)!IYQG@!w6WsdkZZin|=<;Y?~HVj&6M$graP^5d0`f zF;--A1FNC-(B;V|^+lUaxb52H#ilnZ@el^|kP}gTF`&hka(`qsj=JM$vV-c7+ig6TQ>jJ8sNYkWqaP zkv90@N(>I?1iOGlM)+S;6P&FTyJ!Y zeALe9Gp`Ub@q@w`USlnf!0hc3g!>)V;-5jizPCA>c-*YaIzZ_Ba*I&oP*BF&5B zQb)v}%+j&p(0i{UnIN=j7=L(-!AHw((G)gih3`X3LO+ELWx`!81C3%FeYClxBHziS zt-7s1KCe)fQ)v zA+PZ}-VfI`g=d_B-AP7ER1xpy<@Ksz8GB9=mv18_!#u}%*<8gIi-72S zdzw$~;GaxeEzv0c7D5@^;4+!dsJ!19u32szhHzQ|4@uKel;yPj-T%yH{a=~cyr#!X zY4!?{!=&uX7*qp7nyC_&u;vczxg*<~_-SVwp%X6_m?Rx=26trq9&ZXo}ErU2M!Ph-ub0vcchrSWzth9^bEo49;NC`DZ4|N8~zZziZ^A zd$wv^Jch=$Q9K1g{j2#AGWjE+*fp4AeQM|==^6AnejQxFpe9rsI}pg6l^qyd>s6En z>0F3eZtrBTSD%&@@&F{G7&a5)k553|aX0)q_ez`oiC-x^apS$CE zQy*O}GZ(gALu}y1wSMR~H4`EdGJkZ)f}vPS09Pp{oZysT#RkTh1Ssk;UUjHS7g2)z zyfnY&d(lUa5y2ovY`AVP;ULnB1huJ1%^`tAh%f`jGtL3A=9aJ|mNMo6&z z5XE9GlZ?sjIs*d3!k~5UYbX4&XYgs%@DB@Bb5y*Q{1VMkM6}GN5Mxs@3Fon(-%o&; zZtXQ}>HE1YC^XqtY@r?IYt0W*MGIb7t<-U&FdfX)!&m9iDF{LmN+Nz=8_L6Yf6Y_j7M|olM{Pg7ew}; zE_c=kMRD7W7*i7W>X2i-lrI(cJAM2jMGQ5Xu8Ts$k&o&3BboPhzH9Ns&~B%|Ckd;S ztDk7kvz6qJ#VPaj*Az#k<~x6w4Pzh4>?Iy~L+%53Nb?ebz(b&4>EW*=(hz@^ORHBT z*;@yqT;BV+Q0L1iZB1?~r=P2g;um8-%ON6cjfby2uAU zUcOn^Dkh&@t^l8JHkOntxdu#TMpzjF4X+6gTJr{F)SwOk+xMVyyb66Yjnj^9wJZG) zV%Hi#RXb5=z$v;kdA5>`#woo?91sXcrGiJBO@Yj8xXr^`LB17F?ILY@|CwyW!N5M8 zIC>+xI7UXT?}b!ZiD|o<`z~YWr=UMe50cl&!YQ$zHE$vYQAs%ivcfYxdz$%rhSjW>nLrfefa>5bN$DaVYCEY7bh){7Xq{xX1GEkb zK0Z9}@t;OI+t60waP4oq^qYHm@1jg*x8^5zy8Vf$O5*7o9Ut*M+D`ElPFu+JSq?C5 z9^mD*FCCdGAI88`Ndlu92d{&&3YRQE-?U3h?7q6eI) zQA<(Qqj{PmO@g0vy5g+9b4->gOKc+d3*M-pQ@f$RswlT;i4KrDnU>zNE*`;GvVmEd z>oW|xF%wWZ1Rw%XE*)o|#r=!*n!RPyg`cu!n7zb1^-Zry{;DMtIV*@9Cb8#DR|El$1$4Hsy6!C<#_xNbpvYSflUu}wygjy_@^V%-43{xB=tmeNun&>n! z*_!0av+YR`*|E7TOX^4ad=zgmbyN5gpRKz(bSeKBShd@aER417GK+yw?StH5X|~9; z_^F7K)ViIT#R}-}XKEgt0C_l$f2z(2&$IWJ3=EOnE<97ADoq?+zlSgXCCS9iPQfGm zZU35irf-Hk6bZE>%*ymIIcvuK>UvGrSw&Zf-zRuBNY>nHNI>;zbzuTu{^IPQw`Vp4 zCteg%(yUQ8zAVh~cjzES$TXKzDEJIKiv8}MsJ;u${PfKwyC6`RB|{~KE~&DrTBiWV zv_IetR6Z%5cW07nyWD5=M#D&d7w&yWP$e$Rwb4~AT4JsMrq6`CUKkj6?RzYBGjq}pF>4c+XIna{AZck_xD)y}ywey&zJ z(dnsdOlW>^pJp_U7VOc4uDudfD}@qHez35kH8BZ!rM1S2_s6@xjb3co41SU`Uq`{$ z0=AnXq<{K(qZ^1eTCWtbF_^nbAhm;#DXKN#A1FlYssB2!$6f}k#}bS!g%85e^XDC1Qj zawoSHQTdAgOF6S*VyG*V+ zAj};4f#d{}kU9Ieroh9*K*%*nGX;gBKrxB2`oCp?NE7@AfA&NJa8U?7iY8RJncy6gZ!RU)bJV#E{g1zM9p%KJ!g58RI)cs{ntmVCvL z7*S#J>m{l80^LSX`k4h>SV#@R{SW4tC!?OK#3)1y9zloCup>b!SwmxA2KT3tJXi@! zMTV2Q%Pp7ouXl`I8SqaOkzd#dT)7;7M=J{1Y*e0oV$K`#dVHv`O&Qrxd|=3NA{q&tPJud$*t@O zZX(!~l#r4``H?RFaGpTaFfcy=5sY&&@_%f7k%9BBuSvw1VDY7SNe4ef%|+s*(H&hnL-_Pu7PfHD&BMpL*``}b|E#WG zJL)l7@(%J>xeVxz4a|1KexzM8ItMLL+IMpzwA|{ zDdbiX1l$8(wly4CYeZsl?&${>Izu-G!(1UE0nrf|(Yw;B4+s6b7oQKkrMBUudtCYRo!E(^ zk4}LhSv?C@70?Ro>RFVlO5FG}uJc7W3Niev)dEE2w`YAG=RRImWM#F?592x!^GbY3 zy6a<7L{bS1NSs*IPTsUMW)9=QzK)g%l9z-_qZ$0(Wo1mz zX`{sf8UEf!o@u(7B*?euO|Kc#w}iu-?^xzZ7hEvY4C&6l$jZOA3Vo#iN!L0840P zvn-w_b1Y+*OReEwC^GLoiJ8osR>?N39ZF)xh2cCi`p%W^v$bo13xwYCD!=S5j_SkA zpEDpjPJUSUN~%dT(;Z8pC@FPQ=Oiu=_~0BYs(fIDGFZ2@yUcjS6U58Dph<++(}3q20R+L zOUYd9U#XfMP`Hbb;ekVA1U)xCJ7!5(ikfr20)+3fKFiw^N0XfyKe6R}s!!WqSL&E( z3UTkHK=|*C<7?I6$YPg4^`a$uQXg?NNyz_D3r0$@Q?c>%ht?&}@Zs`!ghrf5 zmuO_DMP~ap8d90)O!E31TO8m{+$!3hN0`9D#k5&=l7k9!!6B)lmB?CY`J#HEb9aw za9-aVrU_}$3kXbm{Lo@YJG3+Jdkb)6@-%vID`hJid^6y#Psu9NDq}AiOZN}T#D^1KH3i1a_ zmKuS!{l5G)*d`X|O=e$#2+^7>C9^iV9#TwQGJZ+1E%~MMrDoFH)ixH=PJpTBl#9lE z*Wr97Br!c}si&1%xQ*F<=C?lGji;(-+LX+mmt5Ta=1pr?3_0lUDpS1;l3zD5*R~tc zAaC15chdv$Hcn*9TNiNPRT^2x*y+roJn!YPhsN;}>=f>l7Khk*^F9gH10D`k@FcSi zr$NGjJ1Wc36uhg=etAmkY@?lvqjU>%*XDHxor8}?Nv@ZkGT+NgOK%ylpsL&it8aVI zQ`SPvIPztLNZT|o_!HuJ-1cOMC2TWD`2JM9H_13kT;A_%2-8um0XO-F%Dl1_Ajczf zGqQ60(iARJS2F%bQ994WD#weBMwx}x?^7KJxnl`8G)GY_mCsWd#NTo7f_8v=)i<`o zRn=Rq@mG0#jx!7r)9I-TBMALsZABboyMC(^%M-8~ug{tp2XhG7&al{Bf)mTlIsiIO z9!0EmA){-9PT{;Y)(9KqGr#s1C-wyUpq@_^BtQPS z5wV9UjqCZneghbM`&_(@PYh)e*sgiiitdPOn{Ki{5_L^H! zIuz(JsmO=UI0BOmW#?AhBM=3@W0;qO`3L?EBTs9%xU|!hagPE7$+vdmU)2$qycJD# zJTZbqpDIM;q?Aj8Y2iNVK#FSx>sV=96VZ)k)>pd55Oi8Z$s?x9p{>rKVL`xAh_-vA z{c=T2`61{C0~zPb{+O3=bCiy*k>lW#gNyTZ@{U3DV5ROBl$|f%lN~?a@cJ|f%WWof zlD72saq5qa8#dPsZN12l19jvHp{jeaa8u~NoF^!A^bS)RLR5$~9Lgm78mWt2BJi^x zmhdL5I>HYekalC-1ia#|%HuI6!sL;Lkt@bzUfk<5O7q63yC@x`3jejui0iRSG5U6y zG_GvzJiK&C!hZSl8*K1J?gK3U-f*j+G}1!Ox+dcBJ8Fe}y>Z&M?No4=Scn?K0J~U9 zyWYNW2h#J<#M09ZcIJkp!KYP?0b%P2G@1RgrRNI#Va~13>fa$p796Yh{PF<1rZ*~K zSm}m9wP4_@cWZ)E@%bdm$425#rfkXVLH!P+2uXrjYA0p#Yd zPqL&?8c!w^)3!_M2B*t6rm7=^K=RYct(oJ$qgl^a!OA%`?p9jvRtGuL(o4=Ul-35l!?S&6D`M{bAE?20ipl)xUYUIZ+lAm;xw^>F=1>S1DM`hO!;W14!N=j}figiv1IU5Q%z%DjU|`T<2@dZJEKMwK z4T1|+lvWFgiHLmar}_y4jphQD9^K2DN;>fTziy*&=0|r1&@E0MFb)7-MKDNE4h=vc z)3mn!K*-=?bX1L`cHOY{UdsE zDvkw8xRwATC{7TVz}a~I7iSiyCU-l~kC`ee8i3$w)-sICA z=*MRO=x2xV1xT}Bz&$!9VF^I9HNLty`Ut4s7XW4R2avx50!WUHp4za4-A??#4U5gc z+7=cyw-!MyDlN{9jDQ(g8s9f7{MJ{lWCP^cQ{DReB7dqffVj!UM*(*gS{j)eo8L=b zt$tnpZlwUJpE^lE;cPx}5m_OT=wqJyMPDH*!0NW};veGqFMv{PcIU~D?q>iAz4aBy zW9geOz-5{i7wDxAnkysy4*+rf2Yl%1pQfG!gF*(;e|9$!E8|D?4dC%(UGhr6Xyiuz zQVN)kjEqXiIp4ki&=2+7BCnN~_f!2|ivVcf0dxS?^8td0`OsGvi9OK2!&SZ1LS_E# zO2(7RX9Wp{ zE~hdO(s#e5309aI;vdWyJQF)*QWCxu?(ea+xmtF>kD4-Mf zuC$wK!-PByWvL)LElRjYeF8@~bkL(}O(JQUhSTw_OXT461GL203bN2rHti31(5Zmu zu0OTU?|X^`bGJ*25mh>QbMpxFc3)4m<#|Hs(rT#hbCB9=)iDSkRFqq|f14{FhGPN3 zc)#BnpDFKy`$}4S&A4o;e&%uH@hJ0&bHK0al=u&uOp2Mw{T;UeL)D==(&AHxGxa`V z0gcL+D&Icbs>d&%@d~bG4K!N|#DU_WY{(bwerX5RY{KEzQ|#dKd_8Mu>kJ4zk>j+w zNLS5tqL+ISzpAB&m1NV=^tt2tt(n??XQFv zY#~;o^uGW{egw-?{veNO4E(R$8Uxd-t7 z)^G`a95j)E(y{tAQAEba;R6_*Jwo z?A;mS;Kl^7lt-G)SE5-zJr3;w+FAd(cfYv#1H+4s3hl<}w?Q+Ld1b9*27371gP%2v zpD5g4#8h$n3(ORt+*%f50@BpoQlwdA8YCmJ_4f)d&g^AxaKl#BvYy?MENJynI30P* zyb-Oqtp3jOT$n7wY?U#gCOTfr6!>OCL%W4vPL?>83pKsRKIQbM-)?u8LD`r zFlB#lbR{B6dY%+BIY&L*vT}RbL$JN}uLM^-YFIlU;K z?tq2WzClHf(Xi!JAx)IDoQ_Er3%XE&c)OOTdUe6ho+Mm-hhoObSL-_5dP5wk^&E)R zLuL$SQzxUwP$>~KsTv;i-joSjtH8msWj)e8`xdBcpr;#>({Z`1SG|EKqERab4%>wS zFU0G!BAbq&yobL(Uuru)PAL@&8|X{Lr}VE)ddq~?xG3zrN>)KWAn;M6;lDz(A%rd$ zR6XSLr|)){%f^LY=DNlc4f8K0G~emfVZq9keAr@mrnVCl^ln5zto>=gQ$`*7#3<5!_+dk}=e%(FRy^VgFB{&*KOWN(5j#ZCS z#|u&t-DC(l#~GAPz8zujmelA*j9}pliQB3b=2$w28_cJ7A+}`qvpmJ}ox1~%e>y-# z7K()J&=jAzGLyysb=O*|eKvF3AF)%wSQ)MD0#_lp zyr6SrwwQPKe%0R9-VUas?xHpkLu&w2aGrEK$LHd^xU@U@lZ+4n!@{FS6e!PeA!de$ z%GmX(56#CTF_F3>$N^i3i`4f-d%uuFu`j(%gDrg?8o1l}g?dr9H&iAEg*UPhe+nw% z_Zn(<=mTA6haS~Gx;gcC)BguVQCl--B<;(%fkZExjhLn5N*EFpTz6i=EsbQOBePC` zal?t6BqK9S9sIEHpl1gk6%CHgX<>PTt2|>{&!qlc$H;-OvX3E|Cu3rea7wq{i-!!6Ct6 za~yHARBMm~X?23tz)69}j?a9CNj{E1($h`l1X_NISHH*T(t7r(T-F#`(R)tkTb~n^}>tiH^gVQb=mITA!`DeuNN9Q6lD#%7@$;w$v#Iv@!PBl z!L58GXogtcrB{3NhTqE}3qO27bG+m&>Dq_gb@(7pnS}i%CuI&bTw!EjAYv+~UJRBS zRmeu4!E{%CHBju6SMA^cTl*!q>@Y$DgDrwd@=iUV*wqs6XjBExEnSNT$=k$hTZ9KK zkI>gDztGi2Z+dC^Gm+paH0t|~)_MBYKwmL|pP9MS2J4AEWkKZ7Ol>m!>0IOCmafBv z8b+*faN&Odh(LG0E!gQtafutrL3`opA$kS1Id(!Z^gNIp0(+LAKzRZj4=E9hK#A-d zeRymx>hT?Qij-9m40E{c%uhP@_zk9aYU=cjc#@waW(g~4doT?n5aFcvH5?Hdrl5jF z>WPT~O_CorS1oICG6FfZcx%9SbbaI&ZVEz@5tTGYyvuut4Y7@n9NzHXKB&OiT>Bi; z0{ojNLZ>g~^5U_K@I21rv@lnP5ZP0RL1cN#+jiZ3LVdZubmfO;Z-rSJ!lsn_^6{zY z0Kdx2#g)w!jKWy&t)f5z2`Ae60zxkH-VH@U1MG*k7cw!uLPt_oV2gn|_%}%sJsX0U zHK30{TmQADus2#b>agXnS4?U;=0hYG!TZS{_^h8_nqISmAX!`>2649?c$AJ|p!0&@ zGJ=ed8xzSbi}~&`?>GXzev(NdFg)l@oiD(^=XgIqc#4G;1Z&OkVa5!MqW5 zVUV`d7AL9}%*SRFs55}{!|t5fD@j$AL{d9XdBLdl^Ai8TqE30NgYc@QKURFu`j=VH z`>^g~%8pd>Ukq`4*O-#Ds%o2tZz&9+8_pMb8tY6m!N>a=@|Ym|)Z;C2{12JaQ?xMIr zhzWvHT_B{iwcjiX)oLfKx%1e5B~DJNkbTct?kec*T7wy6K)@nHf>f4}_DbbPMm3xh zK#*YFi@7nqJ1YU%Jd-flvZU*Haz}=i%iz1#K;dU|xpI=Dbi5P+)hKu}^|YpdDP&Mg zISU5L!$Uxy)EYT)p|{sHCDaf_od%ls)t%U(74-@YQjr-oQ&4o3zqM7>4T8?bpWmt1 z8n(WLXC~4?Vj-evn&68f>X0gB^UkQPKF6=bpWowh1H;#LHOr;o%5HiN5^wfZ0^V2%VnN~9G_N{<1W&FO7JDUD@E0cgE=Y+_JDnCk&deO$_hI{og0u zj$!hse67sOIONHZ^ITDl+~S_U$4)rB`6l_X7ao+}$-BzNuAGrMj<>v3Dj8Vp&vW0N zK>454;5*T4Rf9_wF?fJ?06;|cGL0)ujB2&H`enWknTQAPS-k_A%twujf*fq-1#`gC zRfet!b5qr%fiwZMMUIP8yV*!h(3x9@CE>P)B4YA!P~73T3G)N(iYz-dnLrojqj}V2 z?jgGRf`-6zNKZl}wYNZSf4y?RUK{X6@uzek*uajtfJC@ywLePSs$mDyH3>AwzQdg*`z`8`OKr>{l94#2d(a65W(v9LaK0nd-k`-a-oB~qP)1SGB0VR- z?BSydv+GEZ1k~K%0uB&=2Olw|%H;C>pc*q{(JXI-4A!i9VN#d1Q-i|_FZ(4BieO{h9sjzljaODDAG z)+}7MJg?XKmJCZ@I^`qoCVk!-reI+s+1eFSuP9S6&s5WiWU>T~;Bz?RAwRv%_OwBa zT3aCrJ_Y?Q<%^8RQB}6c9L4)FtI&(B;BI|0ux$Z1Axa+C3)vvKLJ0XMyv8F}*n$bPmH7nE*qZyVvShL&NQ zRQSEwxzErhEbHY9h(`73|8V>9wvQ~`IE#8?$f)WIyV0jcE_)Z?5G=57&!6jhX_7Yi zQUJ6LO=oyr+Kb5cGV`tX+T8IcbniTxvu>z@J&SC$;D2)#Ia8bF{d{SGh8p{folfDa z6KLKqGMT|TpLV!EQj*WlS?8)7Mz2}7C;xhj*K8JlF!hn~MJ}M?IMX6d58Yz8eW^Ux zDx++>Ii1c*^Fvzpp`rZn9Ek>NPNBtZAw%Q+8GY@a&Xm7Xz;Q7iV;0UUwV_PT{=4nX z?#UF!3vycq9hrKL=p!QTh$r(xhm z=#-Gm$q9VFY8+b*k0=Gz3qH>pKvgAkU+8!4a&v2>R@jr4wFqQ98ZjqZo$taK_XYw$ zjqJUVtQZ%p8$*v%bw9$u#cpkLI_sZOr))X=VG8^k2k&+0(+BeP0X2J^0?B~B9li0o*8fE2La4Qez9!zbGHPs72~me@kCpdsn<>ZjF8uFd|zi!9_u zm|Eei>P|#N)x^Vr(dHRdbUYs;n-@`(f-gUJTU{;Vzas+ct_lOUX-WpRv8+7U|K!|n znE>rQ)*IOmNWLC;J43uy=s5nFH>NVJ4QLDf$@G+(LZ|m_&TCp&zF>H;ukV1B@doG} zm6Sb4yK_^b-gfhO|6Fp&_jn)?JMTh${Gr`3zU6Z3j6kQl#aYpEiHt|Q+oK3ql0!xX zvg&tII)2#UQp-*x*(7!!QSVdxO(+@eA&^E9=JthZ-GI5>6T=artUm-|bt)oOg##e1JHvlQvu;Z zs!OTWz{3u{=LDf2Md^c|OGH@R`Qm+BGGCd6AN9g?U0F$`Jm}3e{i!15IrgAe7#zRA zGAeUrn+jX0R9&jBV`#t4%PVx)BUxhis8P-%xlSx)s07OTZ7j~y1r8k{D-gF1gpaZh zSj5$+afXo+%J#;{rtfY~#uUP62T1X$@rA5Lp6z4NAPAM`wu3j>uKSpNKJo1_V81&wOW)vQ2Lo0}+;!4_-)y2gi(c2wfxYS><>IpP?k&Zv$Ho z7?YJ~M9n@`*{-l~ZoIp3Jk#nwnx35$SY>OAL!Q5^0}UEy^`BFCM5r#ZVXf%{-MA@&7X>3m0EpgmF=>J7Kv#~+d~m}XF&S`XGG(MHoN z{l11e+8D-i2QHZV1()4_oo?px9kwTdYdmkY@+_K>1&2ng{bzNR-%gY9BuhYu z67$bf^;P<#j06mgMBN1aT1^D0|jn!%*j+Z!ML-bW?Tsvh(pSxP4ON;O#9`YO!Ye1~uCgr$hi!Cn+&L1&5Ah z(B#?ueF5H=-{5S8iYZX0a7s+`m}Mn1Yudw%CTpj14U2HYF~RIKEA}4ZlDIGiVPKVe z>z9$ocxJ6ma&leUK~JZdy3T+%A;rG!<;!=w!&U_NV;#=rMvt<2&3kOmIA8fYQ0OVz z=NEh|EJ{j>wF;sVePlXIGD@=O;}Q=MqEWP8AvjUzHB z9V*HFrYN^d8#^?k&7o7sF(yRkw6C~qucOA%5W|DW zq~6#;iRuA`14yxXO0@B(>&sGM9FN{9)KQ z-QtysXJ-si zclS3p6uTL8%F7$iAr!wN8M0XQRr$k~$uCU>#I?-}l&xTo+l|rac^?wKtVkC@&qu_n zMd9}$#8suFrZ0F&8myE-)t|rbc<|KmPKIu0vgfF3_#YN7gT(9&ZjS3rZ&)3dnwil- zB-Q=^0XuN7hubLDc?zpgvw6mk16*hjt#w+p}F!Xd_sAT z1;RBIQ!VrQtM}8inlll%uTunAb%luYG8iil{Ios#E-ytq^|6U+$PGS8LA2$8xptD| za%`8iGB!#X^Sp3@&>E~$=uhPK{I_!=*|_QqIJylDr-Y8)z$n0lj~sxnW*TwfS~+Yr zyd^&o%My1|S+S2pSTOop?!_Ges32CDdrwT zmSP?7`9ibUBvD7qen)XHFx->mpBVx_y;V}JU;3VVYyfMr82UaQUS{R~K(P0N?~`4s)UpBs(_1fkUcU*0kItNSscl?xf@j z6?_JD=a<98$QYaY$r~9s7FEewL#J|O4(l6w^%)^Zt) z6ex5k%p8$gI<-%zLeJ~k63i)wuyQ!+9^3ufm2iIN`Vlj-Rbwh@khT(0#Wt}dfQB@L zeHCbsK~(-=$&cD^ud$$2ULhz{nkxx;f%5WU+l$OY)Q7F8d7nrefP><^jz}thoSeW{CuS_dHVEVkj|{Fq1iH#Z-4>G)**M(zi-Kl%57aKsZ737><0swvdmuw6O6 z+jG|k%7`!W1#%ulsd0;ROIJ?v;dAv11qZ~|_z+98Ce89b^d8qAMy^~aKTkJU9;dPt z%yZs;-$)+7v@SO5So`))Z}ZPqg738>rVJA^m1) zQgX(`92biEhJ;Ph&}cXsHpWQ)m@Y|+yXKM9G_xM=(~B-I+y)?oNKOZ2X9vpOHxVhlyK zZUt45!~UaNUyZ~^2iCLD@$$a?sYDxueY^UeN@%%sLX&1GGwbqZ#ACZ)9j15~-HsVv zxx&4O%q%L8X=vc}rBiNohg=>`YWQvp>29)ba!@#ZFpjxH&l8-axx|s*QW-xkDjzp6 zzah@SWZ5NB4BF=lV-x@Vhm0(Rjbpg2e4w{_uWtvB5{FZCpf*HjX2eJ_<5W#KgWe^? zOpSm4SO()ZNRrGwqEs!P%R)xS(IKUaqwlgl#&B2T8sk*Nnz9mk*d?KIPG4()-EW?( zG8?cGRsVu$&kpMA?IVmDxJ`d3sIZH(%7TLl|1s;y=c7|`v{R9x)UybVkScE5GQ4S70nr1~L0u`x_ z{l0%sf&iN}dM4*cavhW1(|a3zpcLd1Glg#sxoLy5&B=BQ?Pig0C`-`X)xT*DGx;5r4uCK2BO5hR&KsqSNM ztN>LxhZU@fWVCE=;#2#6HLnYO<6Vqw^_TGqy%nBk7vJ|kCyFBKNOzZbrc3mmR-JPg zxabSda+-*y<(5wo0m0eRThd1Cyx!ZXM_H{7@xQQ`A1ztwRshfhoJ4=fHM!Vx+JUys ztb{1-eGX=fT$(8p*u>Tv@53bg6TG@W87U>gzz3j^G;!dJn06#T^WFenCqq}dB?1q`0ceewUNhRO+9AnJAI`@b4wQ_a(YUmDXqcvAQ zf!%j*wi0x$jVufH9V!l%L=E?bEkq&aiJ~Y(^zZ}~Vm*&vpa)u-&StsS6sbg+2b;|( z6&K6)v7(jkhg6Ky=CADbJjn@;ls+hur@5%BnBb?o-=ln4E}GFfbBn1K;)bd?+N!tf ztVZbB{)&)Nlw55jy!ZzI1dk2a;!IFObnq?DqB}rF7nQ)cz$;0@{mWAKvG4D2Sh|=w zw!$63kk;Xp4BqzfV+n#a7FRcq^dOfR>YYF4T965-S!96q-81_<8w+AVoK^*;br?6) zAde%-Izu)Q9Px)DWB?Q22`=8IK&4V@{|j<0>JUU&pSgG1b9f#AH)Ai)Av;q*OecY> z15<+6wPd~K1)c5?f|Hh$;c^yY*nC1>wh;v}O!v~omW*+$E?^Lf{DV7h#3owza94@E ziRYnCY`eMNK{hRNW0|La`%G>H)p%J4qrlO`NuJ%Tpjv!|SUysD9hzYC2TFX-Dbcr< zOGvmZLbtVXV#c3xzDdxLF8<{D_ur8x!FGt?*QJY|;kNI!b+efn7v`Td%u37JD)zpD zQu53h3x076B(>|%_m`m0RPFS_6k)%fZ=t{%b=Swg4;0Fic1bDb*1HGBTtKPjCIHO^ zCgP|}dDGeH^}hU)D>RH@Hnxg<_;y)19~fx!!Y-XI25mg{;iqQgv7lj`xtgNkyZ3v| zpj^bf9A4u(e~u=FtV*dD2ucQdj12+489?**4UB~2jehoTZV;m6J_YiZ3MS%Waj8MX z21KGScWQok-K{w}8*Lh}sy z7M2*%FH0W7Gw-Sv|fMSOlJ zK_}>RQT(=wmS_7SX={6iF+w?0m*&%&g5c9~#M=&T7ysgQ%8f~=3$wy{b_~S@jZTb~ z2!RrQ>JY+6ADMNk*txW5(RTD1@28s#N{>{@B)ybt8#! z7Ub5+mnjju>)_zgFqPCL>EasM8UNRM_L;=DmeAyHb(oly=<5*=T}H|4L=e%c#HGJ! z+Lr1^Itz8PyF4r-+pH2*WXVud^bfloYrmZ!HR=C^Mr^vO<~9H9nh!JGj~X)XZR^Z| zG|!=eWwXkoYetnZ^+GAE(VX|HAC4f;cb3f3WWANz*Qc+p*K++qxLKUOOv}W5Mev2@ zWJb=9ag1vpW0}Eef{WZjSf^s&p%`P}SK%IYagpYq?eWkBK_T*x*8ldW5z)THqGm^GB2|EcQ$_;p z!JU*lF6R1f+XpXE%%KMmOTil~^(=&Blo1zK4Qq;Z0OkP9E#PJ5yZX7z!y(c|ZP{lU zqUs$Hf>nVuDDoDQ6-LKOI@NvTj(U3^^?ez4qt?~VYC3`$I5wlmRShS6<|Y+H*%041 zsjA}q1;}_7!jqax;lbuTbtj2}g$)VD$G+SgYfR(4(uz_L#0K>{gb?={Z~ce}X;D!L z5LD+dF7x6q|0(4K3F`qKeRBoakEgusDZX7=m<1bduk7qf*BD+R!u4lFbA0>46r7%l zCBIS@6GrZC67SiF`ix>4jz4b>Vl2c6F-rWFD zd2+%h3(-ZLFAx_qiwKKe3Zy%V=fwxi};|)VFu&h`|_?u1y*j#zX5j8ek~w z6biSIr)#d;!m4jAexg}TqCm*;E6iXz&lP9YY+T>Ek!of%~Y%gTPosW zo!sYsdrfKi;nhHdZLXC>l!ScODLC8G*`c#A89&Z6tSdho?c5DAWh0tr6IexTs;(Cf zLzlZU`+2iD8jZ6TG=jeXVMY z%HYeeRD9~c5od98s2vvYk6v(B?5qpqHps9?z$^Na^t&iN)>L>C-}8W>x8F=kZ($${ zfDb@6`}osIJ9MDRE!u<&3bsqi?C{zRGVErMuK7@>o~WH-@--ks4n7 zT0ceerY6?N5a+-&SO}<}TH^Vb)I)BbpX8Z8Dj_@fn00HRm@QN>pzE7=WSgGNOVZY< z`X#Puuqe9+LlLBG+x7JpBl7hO=V96{pWXNi3(B=!z50B(SfNL+J2ITm=4W_)a)yPK}rfxJ%Xd z&pP57DFYsK!t)#fN!Nxn3uO0zopi`HosM+PE@d~U>RW%@c7FHI$Y6EBmR{m;EK@uw za8(byoAq-TiOYwi!>WZjtz|-_Qm{N3M5dc;8Zn@<20_ z(h78}`nfRb)Dlcop1XPcEE&b3>qtEzCirfcfSQktgKkcNPqDD?yMtPB~5cnB`6{Z$p#f+H9%Q%-{2h$~{7>oX<+T zA-0$2y!#i3$Z87FaNbsVIfxDqq#(E|mmu`HyT|Fn1U? zNhdE7`(5Fw5X+xGshXYiFNpn`CvPW&A&*%Ft}+pQWHQRIap4h+cg}<(=q1W4uHY)6 zhf0bD&1+_)ABL1354gFTkJaw68EE;XV$hibmU$L)NoeQURF)n{In1~p{JNH`g;|15 z59Kh>h+_b}<-$sdPOyAm!uF<-Xk5;%CH*CIe5$ORYcbVRN$UPgN}c}BWbm#39^GMi9Yg~*?0W_BNC z2h_R-l@y}XWS_?D5^U;k0;)aB{JJ(&V9wG5O3uFnw2F~FO0M9C!eH!djqr?CE;x2c z>6v7AisO@OAgIzSoiGjaJBABJiL`Vm9-Rz{9l;QgAz^wz@vujKu$HTJhIVUud$)3X zlpaH3;Nq+kth`p?W{dAyu8vYl@NPy>9lnir&1|lgH)GiWn*tY#kP>5Zzmj|2qPVV_ z!HVn?$@paVjO1sGHIP*{g;oTGy%)u_R?edIZfpAPc6X_DnaSDQH8g!5W{Q!1gH?B- z=73h_tiF-=lqY|Fih#HK(_-)M6(DciA1y$fH(dYymwc&?Ep0?q^dt|*<$SATP^`SS z8Q3JY6la|LVP=@1v7*aZ5ty|>uYqAKYuVjhsSZ+~@%xr?Il?w>-af-y6T+1{%ZG0N zlUBZ;*qjk;3_;Lyu8aH%waq_7-($oBLtHkNxIDRj}2f$rsFFK)BY69Z|(cm-S9ET177p|7;8L*e5Er*hsSxQ+W1Hjpf!0S{yeoAXf=FCye(;P_js0?qFOe72Mt3|%BV7lubYZl zH@X)>v!`r)RB0_OL%zJu!2o?L0+l=9pQ4&?hSlc70r*Z_TX!`77 zyAYLIPzmmky9+hiIOjW*^#!8|Se?GX zc90yi*2LQ&%U|09d_aKCs)M* zr1Ipnxj%A+&B0Q4mItv^B)?Cyu24qJ_}oDi6#G%Ow0PxlEHZEE0J3oU0n~i=&lCUsgE{9dYdijPdG*+a3pq9rcj-8 zui~_&Pda!xeNqoZqa%8FeIcsYhCgMK%|=Vv-nYDg1P4QaRzDjqN`mgH9O82)L9Nwq z%Z-`v?niU7nF>&_CkWz@!G#CC%>238gfyB%D!Hm#ZPSu4uGDRa2aD zO~^z0XX1k~d|KAS(@Nvc?=-ioG9Ut<*r~rGv{c|r_k!`!nccR8iJ*$G2#Va~s_1p@ zECMoKR@)Q83wX?9epYU`7TT3&-(*1ZKxp_dNd$Y5if9)aOH_2khX~)i%&hJEo)fhZ z(%7Gg)rIjQQk-aT1vh&o&*cjX9kuu^>RrE$pmK|Yh0U4o9fw2f!7+_0$;e(lck$|_ z$Ul$8H5M{AsU66tb{GVkRf^aJ0pWR&05ZZTAJa5qWT72%N5j9 z1CGXGrzvVSgyLKh65bypXVL=F5F))x0m zUV7*PON~8|Ja5V|4=_2&;~!LpeKS%&t)-8Rk+Lu@;_7Zx4yu!3TR@EO+4H_MejKmKGBb3*-n9-0H}j zf2kyfw2zNMZAqcBF4FB3B&~Aes&;Q&|7@OhFwV{6==<^_N|)=|gwIp~+cg<$@nWWS zM`~Y&|I9=$ZVTo#uDS}u6d&cc57)p8YJ7?+H+gDzOnA%*a8JTbq=m~Lqe}luG5iDb zWB1SfuYQ3_EZ7@AuhlpywN3BHjEoxJV7fbGRKgD?DQ;bH&9zT9k1fSXooh`;;5dGH zN6l*v@?QM@J9A?~7Bq+;;!zW2x+xwS7Msr&f5_q4=ts2p+P3TrA5~;ScOF~7K=eu^jRqMKkkJam45po6@XHc!z`=x4M?|7r z^QeSiMJ2Wrrl?NzteVlJUT4WWa?eB0b>WjTabGZ&&G!H2?uy8&VuMT@kG-a%Ji%0kgyYnP}Ko&ABE&J;7 z`{-xY_l;TWB$@k6Bf>zV5jU+Tt09SR6UY2;NWwksT(b;#6_%~22YvQsyv`F3LbW6A z9E+Qk`3c4{{ol?fdb1UgNcRz81e2U&&SV{F>C8&E$rTs|rXWzuE0SCXmuz9D+B)UC zudv#9U`&llGGc3Uu~^{?G%RY~E9xMbnDD$ml=|)Jaf0_8ciUWb zOMYo{CGyntE&6S$qtCnAc_Zs~V@;3^vqxvOK1xf?7*5|MClFbi_pqb@a}zNB+hwIi z6I_mUn*Ce2zOdNVB7+c>qoT~w(>b1=gh7{I=f$QGmaEvk&jAwaJ=CQC($j{`9nAil zDLp?rVd=y#wd0^)+xgPLW`gWdpMWanFl$L?>v#}?dvIP&P=f=Q?U!-b?DtvP>q zPNw&M-iSA=v-Mhiiu_q66@iafGyMJRRQql1WA~;F-oTP0f53;z{o5ZXg^!z_913qj zoMzf4pB_(JiI;-CR=BPv3LHm+x{O;Vi!{?V#={}0d&n8%r<*pU;*2YUbefk|PTHH=G&363m5Hbn8Fn6#T_%zYw zJLyJyPz~m>#RYsQ5PGAJJvR2Jio(~V>>ORI*NZ%>X(!3e6-LR^?%9;o(X2&+2uyaJ z`Q!blV|8g<4ZxSaZ4|$R$Al*d{R0korNbl=kFJ}@?=jQIw+AaTn8@Niqz+{#fhGL( z#}-dve0*B8!ZkEJ`o$1TWm!t}^Ru}IX57QsNzI+Gqxk70OXLlh5lNk)oMz8d_<`qN zi{nYvxxUMNb{$CtMqE0(G8J-9Xl!TMm5*2m zzK^uaRFKHo(DRk#Yvr?P%A`lNtFl;2M6Q`dg_OmO*M&vsx?<5Crk`%UNo>pYFZrbt zv?_E3cyfIj!)++TvD9-#(|D8z7&3Zn@F5ua8-qS?!tHyzDakKop#yK6wbN&bWEiNt zImn|o$0OHdVEzvIeEX$V@?Uo+*$l8~u#o($3F}&&&F)*-M`V&CUH(?*+ws>ge|m7M z>%R(m`CNF;?+nafDM`n~1aP(o9q39HF3CA&O?Rg<;%dHv!h2B+rk}r~Fkx?s?JuQ- z)UFUyn1SIPn)3;tGB3OT#&FH#M1{n#<^0T&kuAdXw+_4TW`uW3ByifMvx^T}W=6Jf zs&-iSOQQF<^9?uqbv;SGaHX_^om@F<2Tm-w@;XOZ%IWx~=Z79WMimC%14dUk9)Y6X z)D>g8S=k&(55zbeKv+AHFx)61bCpebkAZ+jh6~K&o>qJCKj3>SYLyd^b}SFSB>o6yFw_V#(aa|efxSn#z2l%bLF-ub*8%j zIQ+mq!1a0uR#LyITUuH_u~94^QPEk2dLG{IgPSy;@;&s{) z8H2CoZ6^c(zTfBg*8V|eGmy;^is_vK|Nkc=HmY<@5ImUJvvWFrWF8ywV3fvigw(pYY~d2&>bH zf5r)HJR*}vQb4KO^2bTf)mV49J0`X8#TgOO21vlTXM{v1{Oo?!a=o zf#9(_c#~`~X0qQQptUY<{b=bij;F||nv@?a7&)a`jCFic z=E2}=+}l3j^J_8^wxPw)HRvn5J)?Zd6%3qE>*>%sqw0AFU`K{7^L(%0BMGoT^>s-C z{bB3?(S-Ez8$nrrZl33JD{Z*M7ZF~$M-&@oQU|zO>Ie+vF=)voqNXS0p`Vx`;$QOu zC^wR!gD2&+%3_mtlv|S2`v^3+fIYu!M=8{JQm24bTyKEZcR>#(_3~5stD!NARkcBD zmHc6yBe63@iufqMFLvB+k+;P;*_jkWl% zurMjjSaPA^?`)>N>--SrX#~wa)KfG!9L=lvm^3zRrs=d{e8ayrx*yxqeR8+=U$6?d zi+V9@R+XCc)9=N`NivBZ`|shs%!jv3M}%{dnFsj$ zSc%=R!f}~5=1ga!xSV#v&~z+F})h zb@|TFs^2mQH3Cm~BK8h1OiiP%W7jOx+tOz5q0w0ePV1KeV)0rR^UXQ##gZfu$87RI@uku2~_g%rm zQ__s%xD50j_v!qEe50M^y=IUs1RcyglfMz8aRQzu@2`I<*8nfmH-h&*W)?B>Ngl zKu9mfXbEbQ1p@;E@iA+J{)EpPH4No_S88VaOd8r-A`K|C2D9>bpNWkf(klXIrqR?08d8CizI<46QDbO2@DX~vZTweKqvUcM2~yP&QNAGDl(z+)_`l8H0z zDa6hsZj*MMZLP7P!!2k!=?d#Q`xTop8vCSR8tRa6MBka?EN>Oy28G;^3G)4{^);mV z8ir!dys(2g(9}Rhf(3WWe_vLFbjBBu4DU09qGkdevlf%(!^zJHv3!Lm#)JzXHcH;+ zjtjCP;a84fcGR>Tg_UOcNn5NK(QRnU#+gFJ)6slV(i@gzMVU-EZ3DSS6?F zm>gLKWvLN<+C_98OrV%DRg?GVv|d8P*83+Ouxu!LwZY6HM>#$JxG`OH9)WcyV?DYp znN3g7>Z8}5)TQ=DxT=EB8&3Ym_i`K0A~U69zPg2rTAeLAneak58bw?vdI}fAypc^P zLmijPDs5XJiq$X-jzdA#L&d3feM{gsaoJlRPyQ0c-d}TQhbCq~2^Rt^`pga*<;?cO zpiaU|2&*y|h-#1zIblJD>n2%!m5DzSiWDui8KFi=g_zrEekC&a-}7dZn~x0eU$1YF zY76%5O5HnpZ4SR|V&m!D6e!zbb-ZS=L>oo7NS!+BF~2cZKrzd-ZWPWv81jo$S%ZsW z!6x@p55K;9ZpYNa2^Xt@K}LL#U%Q+}NV3zAljBA{rv-h&&bxsvqsHcYB-8U>YDy6h z3h`mS6rnV7Zv?IZ?hO$fyBtptox(Ix0&q4W{eUsfvZ}vj53WCYAX?4q%8lL&e2n`3 zp$*pDMdLIX1b^*7o&gJF$uP}s40GX$E4%^f1`j=sspki<5};lo%P`)tyiLhN1YU@oKXVurJ+mIBIK@MpgKFSjn;%>dI zw-$32Wu8f~#8FR5pz_a{th9bU_`4eSFj`^Ag0_4{2a-x6U;q?{J5U4EkyH{P;bRU5 zwmE@3V8jq*Wrj$r9wajI&sl;n9j$84ww?_(ijbiFxOPqtZ=8 zHB}YazO*GRXU7<}eql~exN=s~>|=LI3QV~J-_cYPuf4u&k~^J#@qD+=N^fwe(1r0$ z<~WfOF3tykC0PyO#$J2`!Lp~FM1@g34Gb*?uopY+(ha$Rv2aDeQ3M2Z=f{ppYss^2 zA_wDov7M#yIxquSL@9y)(-1Xo8-qu*h7vJjoP&?x0_*X@)QTS&$yQ$OTG0%6l>@M4 z?^=!EUvZ|XcEOYiWo~41baG{3Z3<;>WN%_>3NbY|Fd#4>Z(?c+JUj|7RC#b^ATLj1 zYEyJ=3NKC|F)%O+FGgu{b95j%I5-L~Ol59obZ8(nF*h(EARr(hAPO%=X>4?5av(28 zY+-a|L}g=dWMv9IJ_>Vma%Ev{3V7P>TiJ3ON3wnASM=jdIE1c!iEvDWHhMe~C7G19 zh8`fQMdFGiBmlJK`}Ox^Wi`6G(ZCoa?WY?e3yE5CIhmDN)oe-YL?tR|ovftRM5szR zLxiq$^hB7-sz^kr9EL&I$_rlwEDDn5dJt)fS5+|n0EDiBC4Szdc_3UBJc;t5lFHDs zfUiyjqGY9nNPUn`l0ZQLnKTHd(pC_+V4;)=5D;8tOmx&2D&vwGQB)>q5*Afug&{7H zw1>i=TxE?i`R#6qR>LQ*X(7!ox=x zYm<>cB|ta~1OO5I0{WwXEm0}_VtKHlidwq^2aTcu&d$avItfCe$5W5ARgCBf0&Imy zlc2g#X%?Um8ht?#WhGE2c!YBiqkv2V84o-uBBFvwGL{xY6__I>>4Nn{&^mmTQY%<5 zJdGPo9rRsV4XdRm(h(F&h4dZEbXpdifIA$`ip~>4&{zqTz#=3hF-tltWys^?E2W~X z9D+y!ewZW@W-y@@;5Sa@F=8RdZ`Hy8!WEm>|fBHobY#(=9K%MslQ6s@pP zBd}=&LKGCO@USpNGa?@I$Z|{u7qT3z%)yU89@H=Y_}WzU{j00_>YzTk{eN+SMkICy}M{f$qGX6T|338WL^XNL~qE_IL-$^tI9iJ-t2 zdSWB%B*P9Mlqi*WRK1t9FGY1+)o|UcO*NQ7OSi4i;EBKf}On|dToHv9!x8>g^z-xjAhsK~9CanPdTK@ig}YEsQwDBxT`ivkZ|oI=`# zzcsB=C_#B9`IwThov6e?(-8opIC&BrX-?*xIAj`UOe)1JAy-k~Wrk16YEe;VA*Y+3<)O-wxydWtS zf~8>ej`p%o@e+at%`=TmXrTwEU!P(GQ9~zQsIST8Sq#riEzY~5 zTbx=K)c{?lxxYk?N13%1R6a^tTSM_t%*oiKeq=SY+`}HrYm50jCwtGPI7)Om$|fh2o9%Kg6%_4^aJeGrgidOCb(wF=ex^BhW}b;Zw>+medZ*c& z`Ebip%GP+b*3FxgnM9zBf;5dQ811qkV6C$hXCAx4=6TxDKG*B2;1uncC@E)VPTZf? zX9?O)V#Y5?;CZRd5nFaqjxJ$fntDsPcr3dy}JRmzMU1LZ9bopMoT{c}_VhJ=s`ryG_e{xMeA2YfN10 z=IPwzDFL{^o8A-6=Pll%pjDcuP1;g{@TS$Y@eSdP?Hkez=EZbrVEhfo3d1W!5=d_-(Yq}g|wY_C< zB+bqyYGxiYGc%5v?J;}I%+O|!nVFfHdCbfVV;VCvGc((_-*a|1?u|XW-}mQsbY!bk zDy1qbRoS78N1{uUXDAl?8{i%GlqPSVRHl@Ts)2EgzJ0PIF?83cL=!*gL@QTkd2)r? z%r6xvSW|-4F!!czj)mwk{j1)RQJ*9X>6FVoc?L~(vJ}2O>#I;en|)5Tp^Pcx;5N5% zcn6`P7}3d&=TdND*><@?pRk+HJsaU}&t=p)<^DG2FPuY#=G>6c=i7_dr>Sru_`t3} z$j9sRk*nQkZDPwBUx|@3Q@ayZFYh|OJEug{`waGAL&m{w!(XX}1svm#>lD%rmrKZJk`F&W3Iu+aK3IJGwmqGCIMU>=U^=bv z(DSY8>Ce4Wcqq_YsJIiKo9|iho&Q>+KLjT~7x=;F^>)5-Ru}|<1gaeuw+t^NGMi|} zv;2Y-o)ah@8qf+0fs6(ddp7V|df#{_^?@G8SCI>zVhnOu|JmfD+EcwXZ+GVEcVhf; z^SWE030gDvGV~62ad5zHm`aWkaL-mTH)ZE{U+~G-qc?B<;O_l7ymWU62lA!x0ZFV6 zc382Zstl}Sb%c^|em@Y__jspvZ$YqbV;$`%>Y;!M63Uu(qr*h$8rr4a%BsoqJYnByv*7Q$Wyq|%UFII9s zK}DV_DtVeQaqbZz7<^ye2Df@chkbLyU+&InvWqE5;CqyGK>5mZdf8^*RTIxdf_oUx zqgEeoW~-V(kK6r=fu$#3H_ncCw=TX6ef}=j^(JOiPJ{xWHkcUs*%!?+8MEVwmC(e5ZQ^gIH?=X^#*f*j=5oEtkIk zGv3ZRQ}?vS^W@~CDM_Kr6EX6BU5Zb(5tFD@?8U=AIjebdS2`sW`s;Ng;4v3mb@(<)#%>?@zb15oU90n0DEo&Ya>+PlmwN5Z zabc?S%K_`E-@}e|ozBnt3j7lO>}LIW;SY~T3+L|rmTif-XU3O6Ds_XHlWE}a&=nzVo%tU zO3P-Gk+X3%%-RED!9x7=yb;Z{VBrwbK(rzn;MyIUOx-m54+F=$xVMg3xbn*G({p1Pd z?9$GKO^h#k0-zac?WD|XQb^lkCF|2{HfcSvFMP}&IC74zkaciHxV%;Fz4h3BV`zzx z`WhgWoL}8y*tdx~SrokgqW#2s^qJtX8|7dPG@YtZ$7U}Mqe zFuCdc?v~)uhw5?j-Ywejiue2j^W43ONOa8=&;hzCpPbQpi@ipZGN6-e=);5%)H;bc z83jK|8v}a9v#m???4oUg(RA{A*)mH-$2eY91)QY$E{wo!@ZP@G_?H+X^lxI5{=O|e{7SxVsdxChk=>(L>qc@ZAdSwLDjSZ!Mce@D>tDiQb zZhMK~TI(VLaRz++cTRuRXJzeAUNUjl&!6C5_YTdf#=QE@gg?!WPIG+k(|lEqh$vic z61t+;%Tv$Si8sF2bb9RL^v1xj_9WL>Q6i+JV2+3EA}v`Gv=Js4Ngu%E z{UwIyV`S1PM+>2Jsw+7?9#s>=+p4jt%6ir9%w~>*&vn$anFg$q+b4F{1{!GOK>u-D`J@_D8{y-|1e`S5zf}iRuA+$?4V9{Onhx3~ z0h0w4;tjEjhjCfozaGb11iSHSd%pO3qS@|idcML(h&<>;Tu}+!J2`g<*OR~^W*!?Kdc}DKVVk4pq zmL-CFMK47*JpxH5HQk?q78^sSDftmUZR@+pxQ|O-3RBf0vQrUu?y0x$r-3GJ;DM>@ zC_V`l8t6tMK%7zxRbPQYq7G3*JhhjU`&OlUPe5^HyGdcCodc*(?btu=u4xvevY8J` zJ_BUT)JK&-Z@)Ms@3VTpc8@J|j3@7$mZ;T?>+CxGOc@tDNjl;wP|zV+eYT0$_aL=c z2zLYZjC4bF3D*#fH)CZVjl@UMmhfWRt)R-uW#iJ9&V^y>h3;==qUy*X=71@P3897U zw?tFX60i7HWEPyFYYg=RBAz=W|VhN~UM2 zw;z-?(T#m05;;ShTHdDo8sfX%752hRZFFlN7n;qNb>Yb=tZ{n`PHG-d3o9aw;t&vr z6_icfxe03$pg0kkg~BF00+Am~e9lL6spAlEt%brWER9n1U09m(2a9k)0~XbfQ3#gt zLxYuby+F680CcJ!nsEJx=lEItwHj!`%k-H~$;6w05!n98Iy)nQoi50o?Pb240QzIkYx)pbJbHa(k8GOE1+iUA3SO;Nl-2FPt!M~Y-?w*+34OW~Thuvs{1XnGyRGXUw zn@z-KH~9296=cPx0coy|*O%BA`=eP|6QkTbZBwfM3_I)a;r6m?H5-p|AAY8lNzHU}!2_w0P9B!GZ9`-_DhP)V~Rn468l`I`j!%>kWEgqqBJ-g-o6Qh~FOy2CDlG z#0lP-bWa|h;d^f!?H<7|K$_T(4U_{>`H;e=Zgxs3D!4!11ZG322&ht9ouu=;4?ddBU-MmaoJ9 zah)mcOnmjWD;NM#q|P1VQ###D(4%b|`;@apD!mr{s{Z6UX--1B;GvyCXc&2g;22=t z^*g(k-ag_D7(USd?u?F|z9VK|Y+i4<*%{sD7aHE)6DxS@flRF3eGRY4#Z`|Vm-5|7 z3yhlH-q(*Uy;;Qsm-Qi>->I6y`hY3*~-Ew`@FR zB3eor7Ny$w-JLyAQkHPWlyS)`LPi#nrb6eOJzn-3r(7$8W7`DrikX3NreLkNm?P(> zwY9QAW)@al$85Jh0eF5pz5y%Fk2_MT!6-M@-QQk>2EI_gxez>X|4fXBzA%)?-<&$R zwkKKdM~tFI@j&p}NS8#vIMrIDj;1?BjPmhlGy=VLF(Gy&NX>E8pz*@}*46bI+4WNYOVn|42j<1DJ@BPnYU=M| zXETGmm#=*Mz)J3sw?fR@7pUsq_}G73%{l*jt2uB}g6)4T=N#PMIsUuLd6SNI&3@}I zpDq2FSVHj4gJKPG&;g-1VxhQRn1oKqKcGY79w<|n`+qeDKA(QmO7Wv)9Go>-Y5!n@9ONLizB+NvK($Dmsb3Gt(mMr10w-8mEq+H0@uUkA= zNg@b49{LeeSP``?UNw(O(usyY9vn6?0hHD8rx}J+E7vT71^ZQ0(yZWSvy>nisBGN zaxqk?*gh$mk8jDTlDG`GX5j8Qq+ytq#K0ozvw#`+pE-krBeU_#tP$wNGb3qH^=i`Y z6yGNt0*fW1DrG=C5a^);J8-Jf$jG(1RzbdD@bL#2asu!Rf7We6tOAIzMT=&fgv1NQ zaib;73{6BsKB;2aGwN7_#X?w6G#I085ynvBCD?K>gfetb$wx?|&60C8OC%?3_^V8f zqwlspKA*NeuJy0BK9wwJrVGAeuY8`NwR-O6dPTFXLYj{At}&X|KnRLXgItwIVE8SLupN%Q9Kix@ zbXnOCTam|UgbDCuagDfO8FHKgSG&ko?J!>mLImmXdpmln$=$rP|77rPS6D#)dcI?t zKXdK==4-xIE_ws@mk`DJ5+ako&up9~grOFr1Vmd^-!EPMJ=?8;D#r-knte$d%%*W| zM~xt5=iZiY1KBN?l%O4yD0%5gbH+ZzR%Ul>Jivxm@{EYC(YE#t|KtOo0DIM2=^A0t zB}5I(T*HG`^o(e@_VQa1v}pJrAk5NJC{19h9Sh_oMrps_xH}gYEO!PqFsSuj|h$JeRe51^&+BnBwJZ zgOI%^iXh1jZ&VUiT|vo&g7op#HzHs6sx9+!_pdvJEwY_lIWKr;@SVB=@a<}G;`l|v z7|b?H!}sB(T;G@H+XPEmCMH2&*{?Sl?_q9TY_*>EG}*rb@>1H`eW_8SR!2^Yh{WZ; zEmJ@aWku%0cR52+X5^a16NJ-YTjQM4dIJr@pwTw<<`i-TB9eb)aw}R(c@`PcZ~G7Y zlo8=e&X`_c7bf?k<;5#05s}apHV+MennX=ZI}C`WwSfFBGMk(*LSrdQ(MWTKuJQN0 z=+bEH?5$@}{nf5GbWp2n?|xdBy`Zl$5Kiu7R7|?i@_q%1J~6kK{C*`IzcWSDQBF!q zbq1Y&h7v=&oRb@JAx&xJJsN4r0Z{TY(=6a_RkWBROC{S#)&ne+I1+zp>bNE&Nk7!w zgm`$CwkpzqxHPFkDX-6eVq*D}MpI&HHJ!?gK{-aJBZiakvJ4^4*X>Ik}4M08Q=d~I8qxAICY!qucHw$gG@ftJkJQHiWf zzD6#9BQ-?{9p_X>qR1)rQ6voypfAJGly8v;rG*x3Ch1fMp7=aw@$A8z`e>gjCXi77 zRpMwrG%c}aVw~7CQMz5qIcGKb+hSq`*QgOgyCQ!^tvvX*R#{!am{b{e%8lT|6%!ND ztis9gtKm(OF#lYFIfl}t34R|6coi6qo<(_yhQs7?CCr=xoZ}xAYRiHRhUPdM)gj5- z^G3nh5_G*A9s#<_gezD9)lw}RmigZj-~yp&7GGA05YgDx)(0;%uTWvt2!}sS$TZ`( zlftLDubkm0(d{gdc`)GFKI})9&lCiupJ58MayE2+3|UjbAwcCVj2bbb#{w1>`EXEC z6d;7u5CbF&jVXW?N}iOw#uqe|W&K6khI*g=ew11}s_oZCs!l=_WKC1E!mNq>En)Gq zHKo@aka@j-LMA$0JM-kk!?-po=?Pg&B#~5pSx%BrT9lj{@#IZjCbgeUqm$))&2!ir zsVL}~PS|h)U-*c8GKcBabgk7K-MFq+dMddF%|>g%YaDe$gt9 zTpLyJpR75t$#f&F#>*l>x%>hcHEM$ci7(g?`o)5JbU-N@**8;#SJ6=cZ2CV-Q4k%t zl@kgq9a7q*?0Z~PAKsD5J1}6;`kJ#I4vok~Vi`Kt!dGoQf+t((#pR zitW=QKNAy07PoX{?;F@|l3{Y#f+PrZ^PR*0`oO0sJ^vwB>c{kF%LY6hc5aNF8{>Uk zrKg;)CQ)Wd&mgENobp=H#n;K|^711pL;%W*Vw379e4MXs( zPervN@?#YeE5V3K*gx%;_I-3qCYV%6C4{Q@gmyf zuqB?kze3qdP&RyPgA$u4l)RR@1DU4}EEa49?WVg+D7K_|XD|v6aIWN0R9<3u@ zD`2A0R;L-y9idw+Ld!K+mfazbAij&r!=_ToX)a}%BMgTyDa+`Gm+FfWeze8RMMaTu?hvfo2gYnF+g> z!GQ{hp36m#qJzEJk%m#iEkcwZlKrKWu2lF#II=%fzN%<2M{rq&1pl5JSv(kW#dJ-F z*@0F57eI*|Vj&sD&cYKmiCTS?yQq?1R)Es3UPO{^s1D`hy-1J)wFhcaS)y*_HW*Wa zW&%56GN~An3qz|f?nl}je$I_UyD~>N$(3{7H0c2sT#kd3f>m-!4XdD@K5TxMVP%+s z&`S!n6#S%nZIXLPxC4zmdw+498GqF;pS5ro%L!TK8JO@5C<@}@+Bos-C&A=bu2tD` z3JI?wn=E|9zfwC3DgrWFv`>cehYqa0wU;%AXeD0WPdurLs{~7T5p9DGi^a_pS;OhI z42Fw4!pU!CPio)>S=em^9G%LGC`z;h+jRm{SeyKXw!>!jFM{2{Z2y@?B z?y*;rsh2TFp@grr{96whA|*IS&rtv91nq+Epk%jAmGq(Vgxm10MnPb$%csO+rM8-i zBV{$yYEbZA*>KST6Z;w4e{LL^4R2SXH0@1JzMbgCcOJ}k_-CVET#x+<+Gt9+pCFu~ zkM*|W^rMpeR+~*i=e`spFA%1EH_;|EidW2l7I&AQZ5Yt$dV7PdL;`i1pB+R@vdc9=bl<&4t%%T!3ILNkR?U+zj0AZZIBV`T56g zsnNLLe3FW1al?`i3Tw;T)&*gbPVo0r2353lm{DM%mQ4u>%B-->+K)aRGY3`8J4)$FY9 z`KgRl#-E0YhC2Mj=!;9PLb;K_FUf~fLwbkDBsD9Bs~m#<3h28YC~i#2%OJY>ZX!z< zx8?eK8(nb>>&Mk`R9C+UF8r+VVu^k2y0NJ06F<9>`}x<<>$!#BszGPt$f3w6?+yv+eIs%yW!T6v zR_$Jjdtj>!zd59aNAW;Xsu%%*){E-gKg@-_AAha4f22<7IomHZRrtshzKcSuEgeIP zJEE%U6B$G!&pkVb&$)*czP|@oG2LN6n^s1}&#kO=18UKLB3`tlPtH1Db@T$W)C)dc%oQ!XO$q36KxlP80F0O zs7c-QDfNjPF8?Qv!zD_amo6mPKCST>#_}vxKumL*Rt)Qe$Mj}og=>alNkZEtWs#+(DG9N{N{`Qck*Ks#-6kSy8&Y$e6!GuVio@Y*jn5anXxNn?wb`nM$dwe})$iw@YH@goA`_pI-X%lH6Vk=yO)Iv(ii0gt>0XKJ{iR z#25z*qHM9ny!hi2$kg1i45${kiCp_WnpLHmdcTyRm9(%PmL@iYnvY%kIBuhR$&Soy zUE_~0E<&;)xrkrwN}D2M@x!G-;w}|8+?tEmnYXZ-fhibbViP~XrPz)r9<`pxt5F7- zk_Ly_ymafxlbs9J;fx9a^!4k?oDV~Dk7s?ltIA9)II>BQjq9w-mZX-6MtwiNE8hvf zC*Mu|l)OGSK~PB)g&KQJwqQ|*i(HYVmAg7b{>Vw-!0A@~9d$GvJR~XlC_)2&umMTw zeqc!;Kt)G&8*f{W&6i}r_tKR%BGKEf5{O20+V5Dem9Jq<+h!yebc7Ectf5Vy)Gm3* zn|aax=#$Rr>9w+VN;mLw`{Is&I0N&@@O%)&8&GBz<)$;dacO7c;@n`18GF`Bg#VcM zM2tzK&&9XRf9#fD9RKU8X1Up!_1wFsxn?JpBc?Td3*%&u)*X)kxqRO=LBQ?g5$2(8 zuPxw~R-%JU=$1#kW>`@d<0(S2y|D9{C(B@8?@4{VgO;g_ILi_y7VcFBvJ1h(b#1Mj zxuHrA}10J#vxuP|d`;>wc z4h2XpZM@i43`&p;euLcDBXvrpJUz4sbz?6}D^tFyjqu?1o|loG*YwpG>e>!tVfh() zsUqyAGObTbJ$GqeD1Ov>_>{3{c{m(X@gi4Bqz-<^UVXTfb|me~xi;J#n(;L8oP8Yb zkwm}qgTJY^;ei$zk$gW$I51h?FA)mO3#n_)pOFl8Nr%3{wB_BUQsGp1grndxZH7rX5=qhtsm$)v`@Pb#439zZ(2R4Bsu@x^o!5u}0 z7Tj_6qXFp?v^mt=`U7}NvoV}EWE|d9Gmie0D)lf9X@GzNoWpLtO zu)f2XdyCfaD)>v|?)CiDTvoFL!w(77D|Dp0B&ZcZ@TBXwYrU^5C<5nD-a0*EkoG=0 zQxV%zzJx>@tvSQPZt{b=iT*({q$y<}n=$^xOS#mi?pADyPT{yHAFVleo*c(L-?d9W zFi;2e#Wz(vfGHAd#o@t!(uw6@+XL0;nXe?>e+I+{)YpZwlK69qbc2z42qg=X`YU~5|U(IOB$#= zGyL!6c-odmj7MX*-`$y*X|Busr!T`lc-lJY=@D2uT-QoO|Jr_H<_+u|PJ!~sAAB~$ zWq*ug*e)=cwxv}WajDyWUij@OnE<;qUKX*u!q``8x!em|KU?flkE__wa#b0p>d=)* zssXu=vur`6E&G#qu$al2EhxcVdxCZRZUs>iO0@-fFN}JC2e;N{mnB$;9fB#*V8a)} zP$`1!`B_vD3M7u`_C-&ti?P(+OwW!2tMb3%^m|v>2?HMc%g;(?;VZmha((OId8-e0 z(=G#Bfnv^Q!3DptpVpW!75e`jP|u>peIhV`KMve>f=>xnOk2rJMi8#AA`g?re%p0x&{YRBUM|A+$9D%Ca>v?aSeT8yqogMqA z&ell3s!H`FT&V{U=6XjvH3oJfx0N5MKfIUgX|y5JRT|{1-dCj`eu1uBpSu2sm_8TF z{~KK(?Cb=vbD*YSQn7HdHU<7FI~!S=8an|gQ6O5t33yJ{P{mY(*ww-bKnwt45gZ&$ z&4}#{jjasLO=*}E9qde;jZGb>?M=*pVhk*d?97ZToHR@_rtYqG4knJ&G;sgcWMOA3 z281IJQ;YGiG6ReMGP5zWuyU|+urV-mP%$%80p;ZEO#Uko6$e9mds7o2w!zTa(G-qJ zQAJ#XQNr2U+Q`t>7KnMERsmQz5(B^gwuhcr&D6mW*flX5Be2{s2RADx2Lmf3=l`@5 zC=a|hSqm3aVxUnROk$=+7KXMo#8&o(P5?(!Lt>ZzaXBX=Dr=mPcpb1Yhg;)jkwJU@$f-DIJOqjF`MoyyiqWU5Kb23xa zeAtWLK&+dw9h*Z__iKK}H`(&DE9r}I;heq(ltfbK33ub{R>^#}<_c>Q-#hMCX>x6J9=+d%sFLyOSNW4 zRdMsuZ0&jwc#le}WCNuoxmuwk=nmf>yyO8EPLHrS6amus&Z;wht$%3X3iI7`c`I(8RSw4?=2KkT4;&n*%Q86yU8g9pFnYA^yoB7h+1)c|qTo&BPKNjKC5v?^PXN=3XQtfWRCxqZ51hBgSV zSEBI@z|&+q9cVVA)UP)kdN_UG!0GSP*a2V&0yjXp5XeX|fk7y&%A*J(GjLR<%Mi?0 z^8L{Yxep)!&;@DtaW*ahkYQQ^2>@2pDX^{qx`4Ck6d1`q+eX{Qw;<16y+(mX@qTXu z!Bv=5{(kUnVqCq&E3_DYQ2_5WCJb^Q8NhSq5H>cz7$7-)i9!fXH62s1LCFUzpHCo~ zNydjbnMWYmA^sg{vLIW+G3eVi{wn$^{SJAW$iUXCT>srR81CnyISf;P1^auIc0X=w zkPCE`yc>>=aHeF3up5SssJ2jtJoUN|8S?28%mXB*4XRw|Ni5eCZ51Uz9maVVi9viW zcRn^pH1Q}Erpdr{x_#QIUF#gO(WlWu1jiZK21HI!m2yiGPpm_z3_?=^Ph^gjrcG@+ z30gUb+-!yZ@%#>!h#E)ZDB&-o_O!&zB&rgIX+$$JVyrZ6d1c<{bVHDe@k)#f7^1HX zZQHrfUV);Z=#RQotLawi`O)YEBc`SNY;j(3AWM}!qDx*c8QpUw*ahbTf@Da~R;)1W zY~MtxE|nk9G981ebZ$ztijVuE10)1jZ5qjf&^@`sDEEE`1NDT?P(Qwsh(vT*V|uQR zOqUe`d5(=u0BBg6M+dx&h%{V!AOWpKwdw;DS`SteFZ7WC64A}5HcY_IF2xh`;hOGz z8Yci9un(a~1vbKS>L=vL`3HawmX&RqRzH5r%WvMp3{kEb9UKs$ru| z5bHfc1|$0Gi*!f>U@SUIG29910zV@~Ug~@BpNahL^f-D(ro5AaJkwIJF$;EE><2@U z^3u*AHPJ*<6+L&z3#e6M5>;(I(T;G+4w}bXs0_G{+&Cj923)LhSKcgpBCqzTM zyydRy+X`59P@w99Y2h+tY8R%xrpWFjqo;O|#&4%V)GoeIa{4`lisyP*!EifJLUnIA z?AcmedCMR4TGGq#)GjrV0X~bAK*hS~S}@QcLzm8=(+LRwC`9Tro+(5Ho?(P*TXcd4 z8X=WfgJKIgaq#z5Ynl+n7Mgdu6>on$h_{cik+YGa|7R^;w8_ZTw@XmZ88?p+EZ8Ui z55T(At!EH)uP{3!--~WPi#<$qheWrK8#cc19#Z_&H$uqa=^xeaNISpm!J;E&eKN1f zflmaIBKKde6|ern(ErOG(}p*LEDPjlx>a$%At=!RF1j@IopQ(B9yGcWSY_oO=enhB z3F5GajmDGFqv}Mc&btwd-y-gWtIm%u)TKhV&HDv9QiFO5PmlYOaK`*`lL^?D@d;L> zx}0te-+xVfopA*4nePAF!Q2W)od4xvo`AU^)>Fb&aP|+CbT6U{l2u3%iXUu_tme~= zveMNUjcScF{fDRwkrPH!TXN5Sq@z^87awR9F`Lu_BB93ZN09ViegiISQ7dqaM5n3( zG7TL_o?gpZs7lB)A*!-~hdg*|5IkY7W6-WVWNWYw0}zA&5@rO4S`2IOwLYZUZ|7iz z23*VFj{y^TUG9^<^W1cFCf;Wy@W1}X{Ogx#fcf1X{;&VqHc}ci z{5E4NG-jW7Erc4#Z?uK;c)a-auzd+xVJKQZzOV~F^spi!6*&4pslIJq3T1*z0GXaCvuIQw6VY1gHLjYxvo)7P{zmw0!5o!$2& z83N2g;bIx$XygJQbd(?cpce(O!j`k?;S&$@u|JggE5`Rc7fACFla zG!^>UcDUeYK^0PdERVmM0#Cb zoqa99<1>4yku3*nU)cW!@(-4q-nP5{QLq_m&CIuKZA4l|>K zJ=^^Nk4GdB=bX{Lefk};6n?QAo9*|P|KnUQWCwh-f;H9s>-g*&HB1{-05qz;Xa7GnyOh7 zwNlx|7fpg+gwrExCpr}zLOoi=!c}^ZjhPE)lxJ^UF?nQFi+!YNEGyd`uR?bvnt3NP zeA9o!y6Z^jE;Fr%YhCofGT`_@G#0l5LkKAp(#|Vv;C_|NSk@a)(GK~~*i(p)cU|giA z%=6z^PL*cp-q2I95uxmQXXub)c~qrh5&b45SCr&sVUTwixo_ zdu{TB{RA|aSB`j^oUulPqb&K@SI!ttS7^}eWFOyKMIO$RGSo|}7x7~|aUGnuzwa%$ zR%q&(*W2}!8}owNx;ro8X~3imJ_Xn&dOzhoDhozy>k+W&c|45LcbKnyP#?3cL<-KK zT2kLkC=nr6$o{l53>kFr`${jEx{c^!Y`g{HNFg`3)X!!BVg-@}fk^^}ok z`OFpP%DCg}o=VlQZEQtO!o5o2u#5tM`}xg$fL+S|lWEH^g93|t)(xxp9`=O(d|*>R z6pC_Z2p#eap!T)B7pfN3DUfg){vF?XCG^WXgjlm`$*Bn&f1y`2)2KY+hoWwE(8Qr!8H6uh4B}haHt%!LE8PFP58Q7^I!&yh0hS&p*JDUHwEdvgT zYA>j0=Z_9kBvb~%hwMgp&A08|d*^oqIt88s{r?+-nS10;GqG!_yotx6{>w{8yOqdZ zaNDQ%!|x6B3H%az9r^#nI1xI5QX*FD@sEP}KZ*QHNnnY#WxxY*f&Xtx%?ydr=Q+x^ zBixGuiJK^kp0}cYm%K+s$DfEI9Lf6!7S)};DXaQG zJnmqj<^r_Kuch1N+je%o>AICW9iWX$yQDqkXWD^+R?28SqZ-rw15~bX)j_r4N%I9` zFEHKi_i0w_#!lGgzq9mHV~-%;VcbMb+$l_OF0?jLHK5v4V5?0{tWMOcKDGTmi9i(e zQ@DE$jkBzAcLTzY| zxhaHs){~}2J~g{noMSD@)|9#)Q(G&XN9~d(HKtD-e+{TNwX1jcEo1jSW1M-dt~)A! zBCd^BB`jNh%1ENbq1e&gVUru<*+-VUuwk2$kH{YD%l88!sxNScMECXoJs#ocWa!}J X1`MOYad0w!XXS>Ypb%G(fct*{i^jr} literal 0 HcmV?d00001 diff --git a/docs/PSA_Crypto_API_Overview.pdf b/docs/PSA_Crypto_API_Overview.pdf new file mode 100644 index 0000000000000000000000000000000000000000..ecaf3991c7da1d38dfab829c0665f058dd86c7ab GIT binary patch literal 200980 zcma&NQ*b6g_pck<=ESz&*qPWiC$??dwr#($Z5tC?6X$&U)ZTS=)%h;|ebrTc-Tgdk ztzT0pib*iAFmk|A%rB3u!?6-G6WbeG!SV6IF{yewm=QB67+a~h*upW%6SFWg!!b!% zIyt)#16ToYOtNNn<}Mb*EF7%d#Q*R5U#B)MW=_OR5;jIIW@2V0_NHcV0s?T(E>31f zws0PsGg@-?_*^JGml}5&7!Ex{_F%#RoR+~wmiX-FGuYy3gad8lnoWBD*8VAlb!O=$ zX>&WF5TDp}Y-e)aB8KZmiIK%9lGhYSL=j8UY{PB+C`F+qnJB67Zj7RH@7jr!lBdFMNtx>yHw#^jDCV5VFcJ!Zyq%KuCc> zk8qq)*#1~+;sf>|*E4q!D~MaZy0d>QJe3jxVdc3(FpE55Fy4&R2S#&b-yq(gFY^@O zyYP55cyuUHq_+csiY)qIdbCgk=jvIcTZZCe9jJAzjA)o4O|L}4uzv|e1_6KZ5yJ2$ z!zD=(pcUm5#kla|QTP+GQ3EL%$PW5TDM+cPi{+l;uv>&>AzWLWk-e-H8lic@C9%mD zNxC9hR0t3fW5_v32_XYK!E}p@pynse%vm_?(kT$=J2P6R(CnMN+xim|CCwLUwO%Pjq(XZScT*LBDKpk^|)_W-VOz10HVGjE|x_)Zv z*meCt-wE8k$!iIuoM#X`GWE|x$g}J7%j&XUnwOFhrXb%zJ}D0K9aNPEotZF6XY={@gVZn4mi!} z=CtHguXmgH`<~$^g`^Iiu-yVqXXi68(>JlEhE|e)#O2AHj4-cVQ;2*x_jDN6%qxE~ z($*etc}8w@q3GAg|6Rh8eObN^RKS{-!;D$RkQSMJYzePtOCF^WwK_!c#bmJu zzkTAUqg87A*wZy1gV)=v0ljk8e5%TmzMT)vmTIi!rBfYeqPL>bzxXfU%`Ud312;E}D6VqE9X6E}Fe8HNm#Zb}xy_U|`V>#U`>zFuE!`J%pUb&JiO z=4GYjI>`lLWGeXnr_sj;zJH_-1f?$Gc7ET=^uD(?J8)LKPb!;rE9}>MEOegOX>Qm< zYCQl2P6rv5lsycF(kcV|OZa+@X}XTJ8gKp{C!HR5q#UTVnHFkq-$4p!SWst%@!5ZD$}R+rEE(BOpn8$O68z z?OngjyiD~cS1MLqg!^>r+)7A5?^q2t;SadhOKYox-iB!m`l?DV!HtT7Na6d9fLoKw94t(5Mg{rT4u=F^(am7IS;M(?gf0+m&tmAF3V5;vVqKSa9mNvt@rI&Phq6sF8hf9_9bS+msz zWWGbkKZW@>JbItnv_7D#MP4AUvW6np5uOv+SHEHMRsLyNy$fw!eC{gcIhU}{FxgM}CN;rnVR7Q-IzMj|423nH4gfyMtY&1cT+Vi1497;a z*It3MpNGopOD}Kq^!?!x719O_+A8Z6^snu!i1k~oq1_`rkL0RbA{3L?tM#mL?sg|m zf@m|W`9%sm1M@eX`$QBCGQHRtr6m{km1Cvpt36W7b2GD^QzZV`i{G7UH#U8<9zE5@ z@O!BtAMyrEJ{ouR9?C6I#9=?6hfA5WaAtO<|C<5-+5IoRuyS$yU!?ipBw=OdX8WI# zq*QYvX-fjF=aSBY4TmHxP`lxE)g+$kIC=1JCQFnfz>X9Gj2-K_rEj+rQ_>+bn#oj6 zeKl!oO7_$G=U~jh6)081%DIyLHATrHVP@GYrB~MCnC;v8M)tmJD~Bd0+P5>{&ylXO zw(=%E~R=P7O=#Zvk%F0F@|@; z-WmB`=evhxS+XBP9w{Iv+4iYS2w7K`@1gjz1K?PSQ4kd%8Xq%ZOH}1STm2T-jCh?L zwwKeOQP)b+ub@|QG~VwtgjnpM;jE)hX&(9GACfMJI7W2GKp7{{?gy3`&-bC6{x~nI zle>gjuv~5gPrG|T&%>^wC;zC(cDc4blHbQSU@#aWA^-I0ezpY_Lg&f3ijFLa^qP+( zdL8Np@!TJ)wiD;D@q3XYqJW89=+@D*OxH*&gayc6oQ{QSG1`7>2+Le6w|KT6et`&i z|8xijr8g2>-`GgZV&gkR6i*73cOao&5NBv!uxb{pBXb9{4%(Jnofhniy_>gwIc6?j zD)F>8a{s3`QD*PffY!}*HHFnZEgmYp(k?TOV zaioovULku*4{tE90KILz?mg4`4~I@7tTfe=5l34H!N;olhPy$I6RDm_x!27C@B2Lrj=-sJfCad702@pfeViVx$yjyy6hzfV(@;Q&Nn_3k zarD8l<53#ek0@Qmed1Qf4x2ts56%&vH}=2aWkFhE*>}7Y0~-o}q>RG;<+Pkb;A%SQ zL}H+X%+#CmRRaDh*d(OJ?}98I0iSvrXGUHBbcynf53(6{&BEw#xVTOQoiWc< zrNHjjLDozzEvwQ!pE3+70JcRBFA~O_E`S<3>{jvdZ)6e3KBpP%b!LF6LS=?)^y^s>9bkS&^V7>P*LBt|IFgIVI8i{~h}@;7q5jn7A7IiiR3 zHQgUEO(Lxw=1Ya|xz0arE2z-@X;?ky0(P3|Re(7#J4K=HLpvdGZuhr`b)#;Ir+xvtobagnJ_^WB4H&=zwloXGi1Vh2)iN$7EdC;qsA!GHdtL zy8<1w*~>+LJx}CqYLvE_CN0_=IuXBzUquJ6Fpo~Yh9P~TU@+u>LfBFv}%YC zb(lk^G^k|3IHav)n$MvQ_fT#HO1W}ywWJ4<<->AHFQ#|F<;m&0t?uLAs;u$vKMqMu z6COF|Sb{sXJCs1qrO8p)zBKCw|B^)S699XC_>QvPxHpXf8e|U8&tz7dAv|23Di3(9 zf*_^6nxMkMSrrYy*>4ANGv`hDp`79bP3Sqn(2&W3R6Ssr9i=P3nL6tUE zHx<76iwV(G)ll5bQq+I_q%WZwiot8=U|j$`%~Y(UjRG8vc+(ZFDpo4ny}5LC2lrZH zh6Vg|+i~(=WD6QK-JcG*VXNzZynJ^o*Lf^D9Q~&-x3A5E90C>+Se2Uv0#e-qqt3y9 zwl`GSw7G||dX>Cbgbn*t6E<3-l&c>!@nTJuIF>W#&ipooJy+Cz>IuYI{ReR}@wa$E?9Z2LmrwdBX6VqznsXY+U#AnT zSMLDugi?wZ9Bsmry5u~_1_A0U=li9PRARXnMlCH( zNk!@AIlU%RRkl(`U#PAtQ`;&i44uzS=g#@Ab+l%WhRsAje1M@*M_EU3DQ zm9Q(^E42P)%1LGk$tyvwby|7*1>{4U;9;Su(|d3I@NrhX>~oDprg!G4kVSf*TN0G# zD#E8z6;ERF`wjyhNZ#LV;3R*cX=Y9z#7lHy{p>{(;r~doU1pcZ$C1B0Mq3|Z*#CO{ zPT!rGwzG*ewbZ@M^JY?P%lFgZTxmvYqF2Z_qp_-0P+*XJ6`#nFx+Jr#JkSn2*_#Ot zy@cu&^JdQH9894_`;q*@NnJvGccoXeYPV$P5}eE7EIm38LR5f{HD z__CX$&|uGDNIKYEH=?`+J>Rft0X)(Emgb-tbZ!#ULO5!3lgL{5m{xmDy@>j{GC}=J zJJIupn}0oL#-Tdh#a$1^a`MP-Syj)h;cew8*EZDyAEE1D`-mS(u*gq6OKu{4>hVy6 zGGG5JonSm|;}B{tCjzu{@o2&NsK<#RhEb}?(O9N+CtcTC(ECAL`DTCx8-=;zEhW0E z3l368%g9+&*8e%Sn|>f!N%G+@kIpQKkZEp%P z0p20BZpBo`tDYqo6Wd(9u^LX>W)U=N@p~DDno6lpJDYczt=Reojg`n!!@Dm;RWTal zyCDpukn^}D30jG~=bic5Uf+_$OK;LVO=M>WdqpsNq|Jb5nT7*rn9p<8HV0TNolWab zcp94-EB7HWo#1@x7j$5t4xw)#0=lwK9}yV7zvMV+``^T$0MEx5$NiIMKa4AcNo{H! zBHSGF$v*`%W-9h$B1vpR&?T)_xO@O|ty z325ZLIKO^NAig9!4w4;_3xy#IUn|h;=``2?+pE$LL>I7S(W$ML{);C%7Z&+wOO6^8&i% zrLl9m*s3+zub@?7@M5-mJrRji+37_!@Lgjn>pI6Itt;L$h$_?s+~VV2BoBkK3H9UL zKD01Iq{A)z4x=%NHS42BqT7Ivl|m_pM7wW!_~TJPtb09MUyLgUPW)5w~CGu zZkrr^zQrooP`Sa`QZ9?)(CHK(;uB_7mH8%(zN^eTq*<)cxa#jIsL>GN0IY~V@5ccM z_=L?OT)oJ-vZdl`EEi-%YnDaOM*01rhx5McC?I?jCoM z!NnPaVDj^k#oLhPVWeF}5m0b-g_Mu}N^zNK*23ogd0$ChaHt7&|Dtt;f!8*Ynz=eh z_Z8>JL93dG*e0?UKUSZ({Ef5?4zW)h;BePLR*o376;+e`#4twP_bX%xD`{**X!hT8 zCby&nV+*c;fSIzyjBo%58Y$ItVVbdCcW0OqDOXHh8CwbMn!)K8ZnK7}H7+=Fz%Ad0 zNpk77C>zF|op134U|*Zs(zk|hsUM2qt1!Wi;zV0EHyUV6{r5fe>(%V#JEN!mcBZp? z%YcnXY6S|}g$6oT?~pN!4;FwQY=<%wXh(_y#R7hzrkVMOUK3qK4FmoIc3cWs9$Y^2 zi=P>s{=Rm&*H7nw#o~#@!i7fMOb!7LOvG)>%dnWP!@OBCWsrY}tJN}T#E7jgf9>4W z&0JL@V-rLb4$V+N-X8Op<=Zqe8I)C1h1DnwL3l^0Y2ajW?j+7KrkWRkU%V-NS#fkZ z;67wQ{4OC)J7OSAgRlx#3Dv89Wy7AJ!-a=z)+v5Fqu=fZj45xkfyIu{EdJ`ZTQgy` z1EVuy)Ic?8!{8VTuPa&Pt|%u5uJik9=W(m`T}s-ScC4xDf_ecZ1BQuZD-wi+eh3)qX0r3cYb;v#X&qL|nUL+9DYYogcCAe17!$7O zg)bfc&S*Oq6g`t_zG_UkE@R2WJ4wh?=cum_w81g4kz>3&Q`y=gUQCyorTdkuHK=!f z6Sg;8KWp2^Ecia*R4Wo6IWFh`gC>CiPmkW`48PHi(2M<5{X1x6!54iIm5JaP?F6ZB z!N_L=b1M@EPCZJ$(a#Q(erYAeF1jJWv)@;hO9RsmE);tH+GB?NFs~Y_Pd~lc{L?)q zt7vKQ0Mc+jL)Nu?n<~_zFN1v$#*)x%zv9Z@n=pXnh$;tgQ@Albvw$p)t8r*{y%63E z*Stv5D1kC8K;Z(#hKLU&6)g3VwD&T37iKq&4s}1N1Z{wt{CkqJ-Ykof5YyekzpFlC zS0Q)=9M1i?sXv+JMj8`og75abL4@Y&kfj7X+BQM&&p2B>4%3NQ1n8?LrREE!3=+^- zM1FCDhz$Myc1Ne5kBqz|0x4!SbwSE7u%u!LKT-@PYPu5O=MoD90cSZrO^;mME{T{n zGET4F{R;;X*B&yo-+mg$WUYbg^+Majb~Kx@D8&vnSv^Lh++nsy5WW0NVTy>`0lfSU z$bq4;u{Du^duXebGfPtpiYk@)rSFua?=+1IV~QpBD}Se>VXI3_#~%ZxNm)c%UEpF) z@{e(esr5dFHn_Qm6vZkvmo-Y@5yP;Yz81K7S0Xh5;u4mLh0`J4+g>{opVg(`ZYMag zoYskm6Loo19Y%QLAk@-DXNsX0{0}CMMgKzey64nB5Cu=Xu0t0bm2E#l-Lg&1QWIJl z4H#QKf(7ZAf1YoBr~$Svh%M|S%X^(TIvc58h9Tq@Lln6L2%{p^=lk~Az~ zch*v_-a$WaFP};;nPrZ9Q|&TTC>?)+XdD=g;FAznb%>0 zO)t-{cd{m!7dCFHlaTKL z`Y#^UdS4=ApxH4!vX>B5Eo3>P{YTaO2Y}%ONj)93zeYvFH}(8^bG&)K!4jv?3^r1&Oif(& zA3h#ZG`}R>>$7s{lLk9+o-uDF=xrG;F~_0>uB_St7IEe7S~w6O_T@3@UjmNT>TM*0 z0)ki?D5!K$3U_lt?oD6?J7z}zHmnUyyiL6EMMbbL8D$;Uct1l2%r;U=AnlM3V%*)m z~tBG^k3D~0l_`; z()#9*r^%K?8!g}oOLvaA-Z5Yz99|opehGk&?faUG_@cj0nB`~RIXn5#P4J#XVOE-c z&LDiD@Gv>U@*UFj@G-!yM7Y|AbA9wGN|pPy!b^@;l@QM+{?DZwZk;U833 z0A|56LD(nQI39(F*ud!`D@aTfX(b~R+Pm|zJT11hwJ38GghUS?C`{S`*HNHWmvF3} z;^T0>2(D<}(08_wu?`EMry(qg6B*dTTHHjRlnEa0`eBlMdMu4I9fB^zU$p$`$3x$HenI%enyG}Q z&ew4l{9Y}!C~`|E7Oha-h%rBBYci}f5#A_WF%;ldr#`36)M>zoRuoz(ti)+RjMkV9 zv5|+js#FMHD;gFclsR|L$7(JWPkT9{WRgUz3Un{BVJt!oc^=0U#!!s*|If_DNx*A& z&H_1pBGKDjir5iL%-4!iC(YpW&lycrp+&V)7w(7}$2gS+>ItUzqcC_uA)7{{KBj;r znhU0Jii$6-E6=B0ov*1ic6}YA`Jc30HG(3ljmv;`S)2DYyQK5jVYDQpyjdTN92lJqpslr8VgV*s}dLgZ8 zFIP%&m@Om=5xQSMcN#>shCqE0ubR6~8i38H=4r7Bqd3{FB*9QOxhmc23~Xn;UD*QW z!ra|nrL3m^MK%DeJnG;EUPWR;4cd8ahi7j@h~t~_ifvcY$a6@L!l(NER@D_lNXn{F z`lPxmv*$Ep2(n&9qbN+A&7GY3CR7i)^KpE}a9zh+m$m9oLk>wU9eAHT9wc_4KJbV9y0opGIv3^S-r>x0dy&A;Rxkv^&HVav6cNRd2A(0B;xnnAlPR1kA_c}T%RveD(=??Qby8XTRK2lm2QHG06>TrGjIav%@@@!*|aFgGLA!xTPVfDvNh1}!q zRY|^-Ke6q8;ag=<#ZrU~Hc7T=D*CbM8B`7{=fq0}wu>9!Cuhy$P;fN(c%(9yo?2I_ zDEURm$z&Z9RNC%u%{=qTri)cL-en_WM86*{{=8z|4y%v2kGrB_uJVpD#(8>q;7FnU zNz~dA9-%ZS4+2C7Bu8N7o~HlQ=seMbnH5qB@4Rk@)lQftB3 z!R&1}8gahmj+q>#@-3NI95P{I&T6!fFs;|G46m}uKvbTEoFdU|Y=JL;upLwqmFWtlmu+eZOo z#MA75A!Q2|eH=M5$7ap2+ub(NM{9qX(N#$zFFAULgI`(n##;6<_T2b>yCb9aR_~;*k|TN4R4sXMRIIt=JJ67b z-YQEhYsA}fNE~fB7%t1Su^zo~+S@)7FtOyc+9@hnw+;wHr(-bfq7lP2Zz5;-b;c=f zDgnH#xh}TitBi>$E>-7UitQ@J&DECZH-`d@OpisQ zZtTrd_nVla@qVd;5}0jHL^bcRE8f(FsUr%*MTL@RGs3Y?hF3EAf-rA6Pg!f(lHKmY zWKABzdslHKY1+|*pWk~-9>mx)JLFkBAh$;g$Q39}0t0T}`e4(l!;+rvngieFU$5(r z*&`s|`$lc3fVbw!=+nCaqN0nL;G@0%BFxR#I86iJ?+zNY=bl?uHDx#@ju)+67bG`+ z!L!Z>+e0>BiZ>K^ga~V4XS$9q6j4Ed+UmrVZc~v#M2#icpOwSr9S^6Jq7=TM^xIHp z6aPs$K6wQ?4*7@-ec1zi-BWoCm)zK&1IC0)Clnjp(}P`%kJ99`3o>aqFG)D|4I?uC zR|E5F(+r8L<`ENu^CS)dvM?HH--9J#QDCIN@4UH#u{9j19`KUCAFW|0Ybh+$#k$Klj-lW;Z1_ZN@c%wQIeum@jP5ki)5 zI2ttA;{u2K)~?;`(*vwi5rg8fh;y)o#9+=#>z0ysH*(L>tZA;o7eq1OcS6#Yiy;NH z&Ig6sUKK?^O2r*d%s{@j3OZ#)jn7}pOKEo(=K7qm-l5!GBN6}by=sC1L5F`_!L8Y5 zjK*%{W*+%wDe!l}g~1Z|%g8}InH2=SkeOOQPUkLYR3VPkrWJ(NqXahl-_XFP5tQBVK&^3tSLgH8?QfoQO$w2Yo)47jy4Z z`W3KIg7zmCWr#Pf8R?nUpO#)c{^Tx@)`5`TD zhN?{ow3Y8V8-j9?!C=upWrW>0f*F7odLP4Co@U>HoB-y;sA0hi1LUa55C~d~`-Qt+ z$oq+7t69l#K8sEnTvF#=?VA)Dh^iLta~K1{3c|dexhImt^ZkMq-l2FFWjrF_ykqD* zmMzTjUa1sdAT3~OkgJ$JYXUd}vOqt;7)#p4uMJSMxDqM@z@5&1@j(`O6$NCmgQUbj zhzsN}OVy4rC>EHB2O>fg2hsArL4p2b=)o%J;}+W8PXoqOQ~>9X3nXA(hG@ZehR#YsxpOz(-HBZv%$FgA80* zyM7#gzWhlf(2V&2?BI|XzZ>gGK>xDP)DtI`IO0v31cbmOprj|DKtw)3z@j?j4NhK; zVWio|#`=2*$7TzxSp0~GRo^xj{U*|Xo{NbwD8)7Ly+#IbK*m>DlY37>| z)15NDX3ac4X3fMXCt^(SIA9`=DS&)Qe4Von91d%_o1@}DvBmsPCd~njejR6#eu@k7 zm0N3wNM6Z#NdwFzyRhttk@ACI{wj6P#Dluv-x-T=pB=q3kv{IFfvrWnf9W3g8G3N@ zs$GiGKGLlRJhAJQw0*>dX~ZKk2@Pd7>A%@W0ijbVU9W!!2RnVP1>0BujmG~aoy5Y$ z@;{#sY8b?C{fEZ4<>STR>~*$ZjbH0^yahwd7}mROh4UNIq|=T3I-Qr-OYs<%R4-1K zD8xyUQD_rHQg1`wGu`3zJ1LHpY&{!9oRuh!b55J;#}LF5skGh#Q$bMhvRiZjB@ z8xY%pgTI3lAST>=5(4UTU>ww01Mwpub6f`N&y$i1 zsh*Fs*KzK;GIYB2VoW1O?i>=O4Iu5mAFz7qEFC7IWqfl>pJk%hgM9mk$|!g2n#|nq z#^u#H_ubUM#ZNbDp8KHE6mlywXOclanw5YV!KnxvfoWGD8=Yw5&CKKmB>XN5;z!~; z%!M3sQwC)Z^2ZJ;Fv>|{XHdUSx?} z!(fsYoG!c#Ak-W$5Llu$VZt6j5XpvZG{aB$|6qu)5sL?rUD?dx*(+nQxS%(kY9kgX z4wM#D&2J;E8ib``*|@^?<1xjW8@C&)mswr~=!bc|jwshaEuo}4(L}_W%1?9#quOa@4~+gMg={d+n*L8F1a#8gbC0|NXx3QjYo7oT2&gNejeE2v4G(dxpZ9XP=r z{g`B8S{0>DhgBLkhOR-kM8I2-Th0cry7RW(Iy1E`*%3fk*5rnM`lHnHtF3f2Xg<_* zC>>o_4+Np#g)1oTgQaI@~y@uGRWskmflJ-@Xl0wiq!ShBU&-dbm zJu{z-`t2$!Y&^J@-kpLJC#j?5rXD`I|8%+2+y^Rj8_Qye4h3C#v}!qrJ6Xe&)Eqd& zm|3|@+^=KOQ44nsnW+~Y8IrR3BKO;UAbU-0M6y^nf*q|Pw5X^IO4m})iC0J+1PjiY z*Ms5_5@_5iYp-m2gH>rPSz6c`BWA@w8V|?73?nLZJCxjV*=WlNQaZ0F+&|B}rh)SJ zFk4;=kyl@W^iCA(Pw;i2Bv|yvE8>s78;r;3MbMGZJ$>ChM1p*Om>esXvN?Lw!Ffg` z?gmfpf~lESROp8bkhugyv(T7TM}@6L_bMWxy`s&Dy&g89u3%<#bpT$P$1@FY7y~2`N8#*ws^zDa%sGeT%VpIe z3{M0Kpd+IHZH;hJB)L3BIJl15Tw?6WiCb(MW#`tNii zlvF9Sa&3hQ(|%pvVO;I1g9oGnV)DQy*t(}t?|%i!TMuz}{qa)?QePIm>O(TO-StR= zu2eb?q-oL$4_q6WgXKAJ8=X_cl`2|7NpP>rtK{#GrmSTYx+?@j;n=2SKi}@WP#mca zA^S|Z$XF=D%xu>=aBy44I({8bzDF?CF~^Ubz#+bS)VVw3?o)IDZo25Z$Tq;+2V+-f zH+2D!;#_$sg{osmIPb?+!;`JBSdor6LTq?HPEKi5gl@4+@o*;ogX;%GIofOJzwqxr zr2GH=f&8C*3_IKZyc*Tgv#*{;?G@}BOxKM17pmtL_^+C~- z0hDU&rIOf99~Z)SRSjE(L1-`t+x8{?21Mx?BDr{}IcX{ng;V(da>g0y|! z)J$J+-}<9lIT|6mXLjGlXqyfuOD~!yWn1kk182PtE_uo#f`!bE{yw8 zB@HSi!$_ksSSmJ~E^Jv=E1XM%{?V3W|BFae#?#byNq1Ockk7~a{OH;_NYe-W5#q_c zk1mddrI;2UzIjtb>@YZx>#Cg&LjJ`@_A8ccEQ=T8AosPaaf+Q<-^qV|~;@S{|;)xaUfAtCScbwd3F=hvPGL9Qr|D+1op9d9 zV*Obb#Xa|;k!RJ-9WNs{Uft1I2}2u{ebSVXUF>jdRq5+qr-J>_{n2|2Rv#F=8+mN? znwlY12eK1fXsMF@HoQcz9+n(z!NW)SCu$_N--&mDslyZ^E$?-yWw zM%pG;x^u|P1PaM}kG|APt^NPzm(=dc;s?H=q=`StTk zpjX+=6L{fY#Qorp4&1;3-Kn!?iWJLfcmeD^?{n)lW6?73XX+qqx1A~dQ!6h6Nm`3> zr6dlExEIv>G|!?jZ-fTR8X*u_0@hKTLVR;5V1B&;-0Xe*_*5Zn^H14QS_m7WB04wPxIeBLM{!?BzAL znl?NN?3Is9$@HvX2w#L1v}%!45%K`dCs4$Cxf>${sPt`k@D``R(3mN4=Jfbs^vs26 zO%9;{r1Px~B9}PTuM7_Qoo@9C@j=|?8saVLEge!ZSBnKDNfD(W7|R$WKQ5gcZ4H&+ zi$V+G4!asU%bfvGX1Eit%|vG-_)@vGeD^W#Iz^gaDl`k}IX2f;Mg^=s?>x1&Ad(vN z*TwI};j+D#Fj+?1>rfpA1*m*%(n%{2ok`LK)~JPx#lLlrcC|4h-cp(DU0fw4&9=p(?}L%i4VisgsAcyMKldaFH5wOZli#Q==OJl+z>v75KUFq^lLqxeDm`PQ_`H1Kfp7% zr2~#FQPXH@&TWWJWVAHLI=pOrVI>v>{iYtdpgDZD^^dSv0 zB4z+sdQA&EoO9BAqB>)MNsvnF)(#W>w#^Ni&<^xPEIG`yzBF zI~6hI^nnNoegbdbxWRctnv8LRz5^LbP%p6Nqb;@8QOqUsV`F?2ZGibbMhiY;TEw)s zc0QR8vphHvgW&7FX_Y|Zm`MA~lc7#adOv3Gfyq zOUvmgpJ~gdK!yho4^yYJ4YLde8s!LdQw@eTLzTw&{s&9aLwbE>r%G^&LYt-phrf23 z#lI;rM*SO{{{Dc|m1S7e%}$r*UsQ~#PqU&{Sx7;N`|r0YgW5^_+2}j zo3~WXOu?vzp_&EOWB?nQ@cbzJommYYG$D4L)bAzHwHnMiKW@%NA78GaILSYoh?Y3(lSNy5 zdms&i$2f6RU`^z!?AZD31N>YQ(xV*^SGmxE#e}_Un?Wkj0=?j#h0^H#x_{gH0XZpP zG5s$_$NFD$EL>dw)5LSCmTmlY8|rtSK_iiCKsu@cx%Ar!lv@^-T+C|_XGL_d{L~JG z9fd7L?e%s2EkgM6R&NeCxPBrU_s{_w+uZcm-}~;{y+@bSWDXgO18L&+_tfQFw$lfJzstA?V{PO6Sl^95`0d`lKG^d%snzL~s7JL<*D)3F zm!55%{k#I3yCB($FJdam5%&!6RHVz6Y*OK7N)}7bKf+}@j-(;84&&pxe3xD>cUv%H zgIy0~8ggVIHb#7{zP(vp&wtOPy=>&|=eSC}3`e4kjvUM{jJx?Y)?O7_;AQ~U7EIQg zn_6oXk1M-8A@Z0r;dw-CrI%dA;n$ehxYb}Kd`0`l!a05!Z*_pkR%|x7eOEiZ<+hl@NcK~kv-z{^ul ztS#e)l#cqv`lrzc59E0i+4hfc%V&p533aT!4q@(^Sj7qZ)jqO!*x8l1_~k&J@JSti z74LSb8CmzaP2%6H-Tv$U^oT{FMiiiwvfgrs*n*n-DJ>fyy;H#hPcw=hia7sU7YTuG zrXmTy?gSk40gCvb-q8oF%isG54pJ7p%Ay^*oo0sBCTb;8)PV!`(}za>`t&aKG?aVH z8b`!)i4$F|KDDv_`-{}3JQ%9ij=1~P6F^5iIin#9xo4_@-bfmmsTl=HdVW?pjjC$y z^^lkT8)~uCe`Ef38vAQ4WOI8Bh1=2Ub!T0nQFdynkm#l3L==upYWi?Gd5Nj^dIqv0 zoza-*m>9)GMkeH&FZ^p1tGnwQm=93j%B|Rx(*4gc!S_zS9ht=n;~;abLnE?$2mjxr z(@v(xXvY&LVG;;Rtg*_|$jrm<5tbuQfoH5#vw?BV4gf0_Lcnd%P=)MJB@6CBjWc0v z-BHq7ZUr(6FXZDKId9k9iul*jIWD~)*{cFgFxVy%7w6WPofLj}2|lO@7$k~xtZPKG zK*VSe-Kf*(m^8tDEoARWIT9~5{JZaS*eGb<9Zc2GX~CD5=?XJ{Z58qRs}^;XoLoEu zh9ws3*GjbbH!Z8b0Cg5icmFO1kU}jpuB)3w>lUsRIaAE*G$ByZ6rGfWO01~B)uEpM zuz;WgiX531^*zzjunSx?*7OK&nR#c*be1Ef1D3;w%K>qO3Z(o0VeFljM1huV+p=xj zwr$(CJ!70mL2v0v zuxVidj1I!#c5mUu(rbYQA@)ry*U&LAI^~w~6{-Xv)237;hYy zxEQPP?1bEv35-?{_8iLCzx(cN*d>AFeGeT)cg>9ZDYbtEI;z=y0f$FnXut@+-j9ql zPd`Bwn)C>{dN8R09`m)ICGXxoaO2Xhpcl>?M&m=#5mNV9nJ8UfImplk;cNMX56cJaA^4H!z;)FRNh){p^MOF($+rQOMadIe>Vh zJ`;%@oM8MDH?mlH`IXZ`!FHg`4iCyc^+M&D)6VmgY8FautDL&e#u3m!Gl;4 z(T6nK(~60aY(0; zc~@p+1M(9ac8c#@*T|!B`W=ntDa(qxI0@=_E2WkDPUZPp9xRp0zFR#;PKXNgfPmZx z0YSlf5H`bxYk&egY~f>o;Wb_L&k%Tg7+ z8>gu$QIz;zqL%vZIXRQwaW?SZD2^+s03ziuGOII15ax}Peu_%Aytd_EVaTDB|GPZ* zr8FOFaGMcSo6!Yvs{us~0XqbLAstQt*M_C<^LlgN`3p=?QfU6a36qI|`Txoc|6lGH zHkSY6j^SYbuV-rAnwxh2+%Z0@>UWHkd#L04s1QI$O0A$;ED}n8s}I3d^)`h}sw<_D zetl-EjJ1|(*rE@f1a%U*adJ7CaT2L%o8yI~$t4c=LmKofNJF3yWodd8!#^ z_ArAZ;ASbZ2feC8qFjquBg*pSxDjceEYFg}AY~OOcu6E7m*oV(P;-GjQ4N7)0a1ag zQ9_u&7BOQYUx{rcC{78YS0|(?Smtnmf@xXA_vX>M6JzQ^uLTV;9go!C7(r}3_`>W; zJ+Lgyo>H}AT|}du08S0lT``W=p>jE-Zc_gaV))XRf!?x)6Z(n<%76s>L%UW_wk;s4rk?xASEdiWIcn9eoy7oa4 z!f1opWmpBqvSy7lIJ&mNju_MpBLKG!;D+o=CISXakHs1&FB8n>J|M-?*PG%Gzf!$W zM^FI#)p$R^^c?J75Ayog4ijRm6--#LopmQhpsAUMMWD}!B3=VrxxdC`rPthfl5 z@jS2qTxvlerawBWMGIlHL`%XHufkbBjO7_50*TBakT!g-?hz@VFyhTtVMy8@Dx*J? zQ0g8~JZ?ysAL4W&x%|*u494$Lm+jD7v3pZR>7{1lTYkeuz59pr(;2QuSe_p^Z*7}J zn}$>UiP6Y#U=%dnjwJD7r&*_Y!*<(=QErF!`J>L~@*$vuCwv=y+0~wAu~8C8&7aLo zlRYa4MBLajiU5n!n)dXP_gQ7z4Z=4vd=`i~XTTl_4m+p8tfN`ez}=qiEAT%VMOyF7 zbbKd1&n;iPhpXjlk(GqZHmlL>oYq-I7OBWC?4P{3eo0?6evTh_49h(ps znao%BFC^8`G&Pw;E;$EQi?@AVEw`Q*d}v{P!*p%tmJKd}>zThj{8DNWzp8u|31Tb2 z2-#OcZ@iQpQ`H?=KB?v%?*? zfZ{A3AL*_KmsGE_B*o);KcO&}>wP~G9Ij74{3?sWWGlBR-`VSpCnxWze-<@w7rjND z(T_d+E~;LSR|L~PUCSqPW$&wy4fUtWyj=5g0M;EhnB0UuU(CiJT2F`O(k5PUfNx*l zU_Ly0P-(e^)xI-sgXwvdy3h^}*FTcyc|Dl0db`_ehToQt3h-j|S)yFJHEQ3ih7t?! zFFluSQWrg!cMLXab}t&&k31eFvn8B4vQK@MN{P!fjA-aU^TPPFX|T$;ENeA*Xm{)E z@-7~g{d^a$nYUWx#W9=IW-Y$V9%nmjf4Q`~@MH4WCmTK2h2l#O^G184^|Q-b`u~<% zI~M4a!RYT3skT+_Z(vYmzdOP*r#v8dk-2uesnwdHM-@hyG3htocySQ44S}d)PNyM6 zREIg9L%H4P5mb&ZKX>tE(v+q(vL@T4J_`dInN^L-hS0ayL$xI$eMr6#bM4Y>jO9+5 zUuG4a2zP%mRPyuTkm(#!M|}PZtc)v8tu;{JJ8X4DzvIoO=24C82Kr)4rj1w!X>2b6 z*9UZQGME9GbI1P(_pwn|mE4Ak_gl}1_oTKs78O+ODFU#d4i6&Ol85pCerQuHq=<*5 zq3Iz;O?&%x=%;FFo_Y`Cn@j|E+X|vXT2ohsbI>A-?SWuV1_!hz1~}~-oAjsl8~kkMHdZ7@FpR>a;Xgs#9ot;&4}%EsgTOiDdHt`$ZBIH6UmU)4=Ii+ zWYMC^mg;BYyb&h`r!KMfUy?5hrx~>lx#yc0L~LNHWH#O6Vl5#9919@`lfmy@s641p zl?oopWth-~PW1?lPz?*8=x=>=jkv_Izg2g;D8y1O#w2*|L#MN!@b1p1jj7I38m5&1 z%rQfnQNQ7HcsL7vh^HMHvn7q5uMUI1!YHG4i9V;Os^tQv18Sp@o-@?l17NGj#@_i1 zsfoo(hIMDo`2i>b&9up^h~|$l$=)~8fENfW`aFUz?}lD!OSy{Q#v z8f|{!zW%Hg+~UX!rsBv%jaj2E@AD?&u5bRk)HcL5(pu_OZL}yEV;SXD<527$f3tawD>~9an2{2R?KA-@E^*kmm7xy)Eta`I#momI6u2cSh4T zEHT09JZS&({aDG(kDukEnhQBdtJjp;7nMyEaf{a^Q@C4sZFf6cE0R6N`MNR0R0vFZ zx7I4E%55ND?yLzWWjbU$zgScb*uA@(6Dw}O6O-9uKGt*2jrCKumyD0A4L)_B{sJ78 zau^eK04E@GpRMyoH4eiTHeswNAb$*R9nYa4CKM-WhBOn!!7k>RUu~eBtr@?ErSSFb z&C%9VEyaF8P0V?8>OS^BcDvy z{bgZ#jiAK6qmkgR+etYAu*pITXX5Oj8#b`Rm04R^ed)RL%*!}lbLQ$D+FT7>*G9h9 zT1zpd-^D;aL2nH0jZtZouSA4fzwhFlmaOP_;r8{hEWqD4Ir68)bx?LeY+E9^t(5CV zXOpqOvpamAacx=e!GahxpRXHVCb5d;ZJ+6s*SX z4IoEy4n{37Q~|6c!7~XMGX^}!*HyJ!^e?w>UHntX(E3%_uaVI7TpMd02?~*qFutY;KrIPKAj6tPuoD5y75DjW)X(7CT@ZR z`o80x-iom~!9H}JLT;Apceou?pUxJ6>cW&7x6#;8AK|dI&!#;|xF)4JpuO3`gc9H~ z$gH4*!<$q`bX?mF7CoXngYC5P3?Z2D<^T#1*9ulgAvSgoLf{0t9NW)Gj&6 z0Edhq`~!pa=aAKhRWB!YZgrenN-!4;YH4?Y+|C{nLmmi-#eZT(yoA|=)?*Tebn1?q zdN6v0t8U$N9^z}(J@t|oDTZ6SZ-DDRSET0-f|a#9<=K#8YTa{@I6!KtA^krydX*`a9!sCb`4y3(8CB_=a19B!kb%fp(S@v22X~i`x;XKFk_>QcW`kZ85kcP@ z;KLY#JidS*(Yb){5QLwywX%duhP>V4nXaH^2%M4VgyfS4VMhW_xjD5i=Q26fy!_ps z->NNtj~M_aPf(DSG1;QUM(UCsLiFK8oM+kFf2e*y7xK;KLmT05srrrzNBNDgcnsTw z;ZsWqb_ld3^TsqX`yX zub8uZ+g5&fRJOyivN)Tn>*+^=lA)Igu-);Q_ z7XU!P>2Y8H1EkDAawslpznO^v0zs@S%lPVcitOE}eCS?6rN*;_Gt&(Z*6)9&uhir= zdc23Qr4h3fHeeM`ou7_$p=m+&t!xlB5^sab;!O|T1YUiy^FZ%m-^PAUQ6@FWr0Kno z&krUik|$EfCo?y97{~i}9|k`rz*v!(l#m)mywQ2~Ge>?v>7v-W`go7uNGV6$2RW4c z+H2D)?ZlhG|84<%D3?9rJKHg!+ilZ&_InMnCC4YPTTMA@jb?&3u2$%|v5*8dzBi{u zha_=3cv_EYDs|T&OksB?4!nlZLn5TjP69TZ(5LZcqWrlrX5q=0lF62;fsvTp)T9T5 zDmTKe&}L?P(+Jv@)qCtj8FxaN9vs#L+Ne=u3RxgI#=5|NR+_I_aGbyS6cARdY#;=f z)4IqI`)Kz&vL?n+xIBc_b!o(h(eyZt#XrG9@EXA{ae_M1l2{9d?Qti=zRL~uo^8Gt zuu6B=&A^^588GiP<#9FQVIJp)h|gVK7Z1ssZlCwa)J@lyi*#3s&O%OmK?k79v;F;Wi*sFxW`0H%J)n%Tr1_a+4%g2K4a9qmEn^q&iIPiUjb> z`Wffor-HG!%Jb*QDYwD8LeEqfKp%fdEPD?phb>J<@^bQ-f5|IHd!$Ypf&pA>d;Lb; zn)y!2#^#2w(p}Bg+C3P#{ws2}`u$6m7RB;?2|%61k9Sb)n->}<-%x=o-Gl^0oh4S#GHW*5W9%EyyFLd*Xb?M2z49^_UfpW#K3ZTSpH%ykU%M z;zMhbGtAT!9`)QYV9e*ooRZwE&P2DVq*BVC}~NtdyE2zss{{gs!0D6N1PmEYQfp7VCO(-AjI6e$7F7? z_5N26*PVL3_aqhn8-6G#p zA6BX7KL8@je*#2C2A2O85Q{aWz%YNV>A?3mn<0~xB? zLXj>ul(Bu%&83hohV%=mqgr<`u#cCH_sYzHz2Y zagHQ1g(qa&P)1|3ZJeFmZMTqID=pJY-nt%ga0mf2f^W?I%(;oH8Sq z(V`Tse-Mnk@})>tOze_@PO^WHD#DzDPVCxE^$7ej0sV2Ff47*S0k>ZS<6`#iJR2y7 zeCZQy!u6ds#vs8UOUq=Rb$x;zftC|v*VUSBDk+Hz3(RwvYqxBWw-G>iP;*i)&LHf! z-h3rQi==U%2B}3Qs&@mzPNgS6tpaK+Db_~8twSvYUb#4dsd>6#R^|&qFh#?_K+xvh zuISfKo5^pnM8S~pBX%@YB3xVP#n~sr2*(%%m|E|M4QbAHuH$<*gmJ2che!7lBju5$ zr#4*~1VG3pF(<;BH~eY)0RkEVAnIp6d1=`v7B~z{F=w~2hMQ4~o z4rQD(!r~I|e4cYLL4@dkvBb#lav_vm3Z$rOJp)1pYGEn|%o(F6WE&)vUK|GwbaRWu zn5?YiQ6<%`I?tPvP<3irj2L82D+?uK{rmFuGU<0FBi;pn6L6xlSW#Re7~Im5??Apc zV4XiC&!gR5B9;3|n4Fi(!3#F$s^Kic(;(MOuR^I>L7Mf`p-V9zDq{E$&l+WPg}?T8 zUaEgfsYVysT;o?zQdl&nXZ;PUYF^ig-MSI3g8ed(f_ZWV%G{>mjk|0X#?YjuEY7N` z@`#pNcDm3m^@q0YH1GyOLxQfP;V(__%K*(asNLrxhYrE#0A@vWooCmRi-j`+Yk;Z_^CkkBPbuZ?8&9@i8qVw7?^mI&4hL{4upod+{5Wy6(7&F!3Kz zqChYl2n51a8DsTgz=*lV{gGZ=qs(!_l97|cmUzh_evL*zTEn{|PmmGA>>CId)xm%; zu_S>Dv#qvk$oqarQFGcLDjYENT$^1PTw29SaQ0kAj4kP| z*oRY(h5>uO2Ay}?O{F8b=)KdHdpyBoylcECj5~rLybN<~30R?}h2_usd8cJzSWTy!J`p<$Ydr^O z>UmbsDJHR#n#K7M+6=U?@&jpw64ChyrbeW%`x|xdr2;ntzlZhP-H;VQ19AJNxNzy8 zecA{3HR(Eifzt$B2JpqKKeZ|*{HvUBPVLX57lizWDp*bVjQwKx{?}%35y@xFhke@t zpZ3t@Icn1WWSI5vSN<=vX~Pe%hw#E@2J zn#MR^osO-o&_b#uSULq54Q_L-d3RPPD)51~I3gC*-Z8+7*aZF_0EY-l+ zf_Y%cv3OD342v=ey$;N1rT~=YG{>9qrFiJD~ zdBaG{+U@yK_%d%(DcHs$zC?F{R1C;!pl2pv{y+{p|LyJ(Ff)BSb>yPB0;taUbh<2$H2q=ahgjKWM$MZ9P8 zIeAlyJtI^PxgTfmp3HzdTash2Azy-@nYO82JxEYnX*U_vgZtp?RcV6t1RfOgarmM( z)XyJ-KVAWZol`Ger~87-mRU6|SHf;P+S2Ms6Nqb<+~>>@M~2I!Aww`|5`&bC1Q|$k zrB>R&RM(wMIM5ISuDpJ@Syj8qKW~uBs;T#)?f=;%YvK@eFe;p3FN%ayr(M&^m3fh0 z+W+x0!08Z9iL(`7Y;I9(q7*ON*~7X%o=felz%*zhy)othJ6lj>YM3_566YT}zaTO2E7KSSVbrjMQu}4q4Ee&N4}a1`3tR zFz4STBPSqpGHO8cL9l){R98T8J3~AfK-VY~c)cWm(f$hmKCG51OGpEoFGdokK6>+r zbAT&=hXG-IX1YkyD3!>$&y9-dppojDtbK?o!P`lPqom~#9z%1)_^Q2A2B>Sn-R}8) z9=3%HpqT?F50gdH&jgmwhovRk-d_;%HrrG}S0Q?30sP|0>OE&);V~^Jydngp9jT5F z6S@w)BF-qKj=}a??ibWtJfE!m7P{1Ii|mtQ@uX&6nSu4yseI6+y<m9!AI3lEA)%QCUizbYU= zGNM~bm~3@3qSlQwu2$^4^o$q>T{U=G7!%W6C?k8)4$VwvT#ARwdJRP;kY~>GvFqXl z3#7s&2nO^RPIlB;;s5~hnmCRicTo1uTlk%Oo~qmO0o3;am8@~5sv3=&VQPvGz^Ag{-%%d`*LGY;;v(M-wXZ#{43*RP{wGb%HE_!MzJcfxq#|# z@hK^yl@vCej>;~=QN9c(Jm-%T;ap{m3P-3&MRPU_12*xBVLg~S!v_>NOqit7K>Vqr z#51~UZZa^gF6LvDjJE6JqL7$UnJaBDf(lvrw%H>t=3Jr42;O3lT>4H1Ndu3+Cqg(V zbRm|Le)i2!-e!tZVM*iH45 zQu$hgq1EeG_MwNy6fI0cn8V?Z$MztGkUymPOzD7)xxj>Ow`}9N>aqcg6tpMW8arce zP95ZYRDf{RWh5CYDN^7*FXLw1;>?>aT>)SU6J~lacg4=Y&f(-o0XJ0Qa-i+tv=_;CtjT&^jq%um~}uBoEM&-AsDI_etL z)XySv}+t(_{S zV+aGj7imhFDMIxk;wZ&We~w$17-h&iyz>MZI&b26Aoq!>^=jUU(z0=BjD}I>4C^Dh z#X&7sRTEiPoOLyMHR_#G!}2nIDQ06V9`MuMyvwvHXyun&j#SfY=unlI0_hFqB05=r zu_jj178l9Sr#FzXDw-xg$wfF2?>t;hjzsC|pH_R*ipU8`%O(V#=S{DlVxTaz7o%zL z5vMNn?!t_>y*rQ}XjTA8&s&Es885*SI9!kA+?meuLIe*GKX5ktpsHYbW@kSa&mh(6YYx*2N{Ji&Fi{t_pwie10|? zXPeD2KLasq1wYd+nAdRQ=X)Rxes6-nq4RQyUYc*UN5O4dZ!traYobmVy zMF$R4^yUumDw1#Rs?gT461}wPPvjjNz21SkzO3(saLzVA&ZTfx(E#fk`+oKx^>d|z#dldq|cOKo+l*J`F}c5pz?Zu(b>Uh5vix6OQfq5Yb zp+(T2b4?Q?%rb;PMxZ~(gUBnh!NUlF1&{i(NOagilxqU^sbOk2fL=R-vH>-2>aaD* zM}>IWdHcLRLQ-@IeDv*)PZX+1iv-gU1`{9$$6rczDKw^iqc$hU>Tq+%IlGLc4Bw#koL+tD_`g!Ksxy4F@*;=<=O zlsr%Zcn;3C;k$N3fJtevFf1*P%+>O5ko;Za+nDNS85Co)nTnTwM?P|F6VONI8|lCu z$Hpqp`q3ez0{)xHqO}1N3^pu~Ekv*hq)GOZ{8%TwA5yLM%Zoyr+W#iYO$eNgYki7E znGm-ilaRy_RG-3beto2nFBL_5Ga8iejCY12(u;!8&*2XWpVr4!az>y!mxmCi$tE8E z0zSC=P0#>6hk7Ud9Vetfwh%yJ>ye9E@$@1ryF)8%7rqvi4$LqPK7l}oO!k*4&&O~Aq52_? z8g3wXoFF$!Fcyl`O)q>^oT9%o|7_XV<8JSYdO52ALtXG`kI?YT7`;MHl=d&jD34LQ zJO?c$tx=@hPyJG#u2RvZ_7UtJPs%Ci#~`XpIhp^+bE~%1n#tPw@zbf%@qsOaNkrbv zbUJ60Y15*ne)RF5fq~-m9!^YEp%ED}v_0aw5(ma+aF!?jzBNtxkT@%R=tr=>8^AF* znraxy{7R?Z>qSnyYi~nbqe2_HbaL}n7%)g}bHOca-_VzGD8S;K^s2J7NwXwsOk;5L z*l9&)kzz5n%Biqq_39PO4ieZ4XJzUdhT7(oABvSN-8uFft&bbF!D==+GX>lceh8ye zy!r@*fVlsvT0L3_;tqA3hYH1BL1&=j27aj2>k!A~fGiWa#+R zj8nXEwh799?=;WEAih%U*6`WO%&+u~NYp6PxfstQVI{>bL?%p4|HiC8i`%SfEb1W3 zGs$p8IQ2{}q4j-eSWX3|U=P!$n_1iyF+2Ut9pU645?FMya0HfbY_q>oAu=EdGAWf6 zc`Pw&1aW11Q7fv88<<2viCmzhny)rt!YYhn)}G{yP*o%gf`Arf3yrq3|91<<7G#yZV`nG{XjW{kkTY~E*@C3P=ZMG5Bdz)ar zFL#s>*S^$5)-Jor6%>vpHx5#(~HpkN60kqIZPCd09gTr1&ba<*_43&r7VneOCBE) zL3~lh;epfX5TpGIf-nOe0>%?kIyJTGnOB7FvJ%fw(ec$wMpORG$%fxCiX2FWr{6Gw zB)Y6)oH26FQ71$G6z}_sU*%5kfB^IqHcj6(6=oE)2544JeDK~QD+s}3?m3<{H$#uP zm1>g zbPW*6-9(%vrcE+2Bv8d0yni}nDmBFdmY17?05)Bk#OIpYukXpyTVJI2{Mbt&l(4i` z;ml*loZ~PedSk-J!O8PG@uyOWq|#o!pZjfjOT;@eN8OaLe-=F9Om#;^uv1TtR}XhC zDNV5xNtOB0zhqwX#EBJUn7IpQLzgY8D@fMXU?#cbi-`H^v`BQ*e{JQ9N-odDc(dQZ zPDC%7v!3g(n+l>V#9xg|W6Oe)I@Y9NwW1<}Z{7`99cQrzM1Nk43wn<|Nyae}6cmm=^H_ougjI#@baa*UF)+i75WN zZg4O*L*y{P>2gRXjXk6gc)xt`Ah6X?2IrAGEILBB>Ku}})5k0eT^m&aHw0>*eOD+X z*UHWfn_whvWbvFAF{MQ=_T@Zf(r+g4BDa~brpQvnv3wC@b>qv&fN^r`T&u_q*AesC zO_dQIl_|RmLx)5v9bUN%&J@LyP+da4ydBPzzR!_fu8#*jKpu0+TdGm`*gCJlkuU!?ojhAi-1t zF4`*rPl8|^-7vBEf)HPYMXL@1GGY$7UcDR8gBp>u7#X4Cx`tf+n=LH;KA}t$>6GSt zxg%2budF~HcJ;Psn?>m+N7my~H2OBuc*VJHD;?HaMUUqKm%XmWa{n^-@bz7fOG1n6?x;Kz(J)U_3U24^z-$IKr=5!)XCwu=#HX!c)W9Yi}O9fFyY z_kU+WC>D^Q^4H}3FDmnB9XE_sqO7L}wX8k)KiVC%z<6wE1%CScLLs86uXh3XQ%#Q| zyYLBu2u<31o$n#=G4@BreZ)vSvX8cE%!Qw;O|BUgDx8|vz4zG-uW>a`=Iy{TYwWOS z8_Vv+c9+_49KN7QshBt|6C%EmT7dJ=oyc9ZCOKr+4nS5@*TIOB5VyJp_=YX}G7`iu zbMpz@vLfh#1UDF|5C zy!LM)S}B0>Ix&a(GZbf0_i`%P#`Tqjp&GX5_%Zaqhx$@^xxELxy1x41OKi(K@n~$W z%S^8elGTyF_NDFqJU5oU?ZUS;cjOs+<1+P7-)w^7ftb5NU9@Ff6@q0wj7i9a$M$qH$^3}>PgK>oG!HuSf2v^|dNBHV6jT+)Cq!$S#INv?n5 zN6%l5w7J&4+2kURoy~rIU2|aRK;Eo7WGcI3K!!(x(7Y{)I(7=gKby*s4S3zX7GnxH zM~hbgeW7o|E(X%%`+j>k=bt?}{rwN5@gI+TF|acHx8tN@4at9dEolF<*TRNkkTPCz zkebEp005uZC*UcU#HnCXE}E|0*0lKk{MbT7nvpXp0N#Mc+w<(DzZ@rj%lCys8m4m` zAqOX)CR{W?!5e%R1((1`CEFm3R4SGAcDIE0gG{5m&5JKDW-izt*I*yV1v}%SKIO7| zZ{oLq+Kf?Y-=-5S_p_|}#q^wpscyjeIO)Og+Qk*kOV_hBN>TQ;p=z?EygN6#bZ;Vy z#-qD^6#MJ*u}Y}oQG);6TEBo<$=^{>{#)=XM=&Y&VCvpZqbmv4r?c4gQ1oeBt{>|N zq+G*Y0LP>6_LaT87D>Q_Sz1F>_sh#N5>sv-Dhzn~H?kcS$5frBf&V^E~FWF*Xvocf6;3S-^H~_+C3;Jh~HRJJ~=GuJpHj8qZiEF3zhm=@d6%^+0aagC!wem19s1syt^mjl`MGb?-An`SVdl}L( zJJ7x|atR6&yX!M-%_A<@jmdFHc;VNSS=ya zhc3OVb2l7nj4Zet-|tS~prJs1d5~}^hNncn5+3!Fcksgs+3h7wDp165kN89Ra!461 z`~?+|T4f>ibeYXMy02v7^($o@Q9gehVI14bQov<-XJe)Uv=g|4`#~LTk6r^;>y+xj zJety^Z%vK2QyQQ@V0%@DX^d_tM0<+k{FCNb+;iLUufk?Us1nYW@w`XY3*$z^xQFzV z0|~jI;$v+Ib{&x&FQWlTVjc>wvkX<&Qh?YzqwdD}X5k2oh6 z-Nyd>IfbS}KvW+)89`0z0u?@|@d?3uQZK2Tf(aQn8l`3gd+j0UTmP~${+Q69N!1sLA8a$!DkD%yAq!th zq1w(U!{NKC*d~l+w@5mpk~jj6d`dM5dcg1UFVTPIIBHCZ-3Mqy*x2&`tsK9nS!M6> z=``|@W$Gp3p7^WMH(ld6yD)8-sYIB%2TD7v=9xA{m z@}GuY7pPm9kn(3+Y0Jfk@-tsT%g|W>5zC7d>W`!MUuOmEjK>$NN+IGGApF~RcQ2-h zQm6=zC+um&KoZaE?y(w=;#XyA&M;de9ix>J3ZphkaxDs{z!D>;m96*6Z;F6vL#lIU z%+HtnKYTd*hM^3mg(ooTWNXFC4mOG&={rf6`l)6$@}|ndu|O`l8JuZe$)C5>ft&uZ zf-SP%*k#8kXL%qWcg}ur3Iq~)RJnUWyiI4%CcU}1-QORdGqKjZhh-3WnZte;KUG#Y zWqX#Sws8=JwjijqOQ4vHO1aVZ}l zbiOdyxoYqM(mvz%pjPnA99XVb#5Ak-B-^}Ur`3BG* zJ_ob@IL~zEK-{SVBxbTOiCYj6{dp<%R~}e4&+$gCP+XvsQ~_)AoIpw`$wZ`QYJ0g^T z1Szi#`%g&0`5(dyCXWBQ!`!T)X}>l0KN~9P;!t&MS4l;?*)i;$f@s(RP!9;;V%BR5 z2$RMONB>qSpGiys!$xUDC2 zs2V%%U4O@Xd0qZ^b;8e%dhmqapQuIH+?HCxFwn@J4E%segt@+azN36i^WXk{4ayJP zTy(W89JGt-sdobX4822qD%as8q}B9-t=%giob zd118<_HeV-O+B{!h^b*7@Va(+!#A3rHHe)F06i)D{;8Br*pA_?h24=o>=U0RW&#SQ zcaSy^qZsgUaNjlmLXZ3Rj0)>g4h$iIL6`fkT7D;cxZ|>!DOYie{sTZtUrjy*%(ft`T*xru|lH1 zuN;ljx$)OKu6V%ZRVH+d7d<#0XLn^g53 z<)sB72If$_Lex%CwwS%8I2i;tm@$IL{>i=a&;aPzWFW1aExwx_0>cvox(?3FMml~L z@lR|7TQb@}anbqf*uGNH9$0t6dGSO7#4W??bw z3meSv%{}jf{n4{&zG2Fs&ALsNn^-d-kPS_}8(av7n;ONG4yubBMPm7#=LW{mxjZN2 z6l0`k`e{ls2av)T8(jX~FKC|OwpLf5aK>CvJG14u!l;wMB_3dd2*QAmcIc| zLBqM0GLD$3Hbo56BEn&j#~wpt){H5JRyYI)7m+8WD3k$42F#uX42Igtmm9Ur03a?g z_w7=#`cDs#Sg4}z6IjJFS6D(OQwFF6NSn_D(@j1MM(Np5rgj*g8eVd}!FGJjzx|Nu z6JR7_$6`%?JFb#wJeCit8t8G(+wKz%p8KnUadOMalX3lyH?Beg&EqIQ)>;Fv(SkSSCcNVPLXRD zesU$shye!X!Y-t*VLS;AV59#KGCGr2&+3GD$gidmNj!VHX zt5L%7H$n~=CrtgR8Y#C`J3Vi#^*t^$*y>WqzKyIGSC=5v1?###S6MW1GpYr$vO$qe zrDz*n;a^jygp)M zQc@>nWy!K9nFhK4zk%pqF*qDT&>`k20sTn1D_?F#!a}Anb?KJ%hYGd@VjKryFF^-7 z`8>YV-RI2r_0*`6#>a^j0tMW!^m3DX^H4mahJU+MeN-%=EESgAlb^=9j)#6iBEnVC z7DY+HYvBf_Dxq2xB}y|a@N8W@BwoVcFjMd4OC)D76-^+msq33I49ujphAb0s^exiu zs*8k#Q@E8EVmk1;mHU%;u4bVvCNFa zwRhDcT7_7~`Zg$8h|j|2j8iAyvtls?^))bY&ZwyKSHx z71zAss5dK&>$%^G`NqvlKeJ4?nz?hcGy!QVpm&g;BAY7uNz!|MRe5#PMboZp=ji$5 zPb|@~Jq@9Crj%a9k>$CXtGl8L-#G>!8-Xitusr;Id!}Ih2u+JU=?*E)2Bufwcrz3J zFHsttPTUXaee|Dn(P5W>%as9W;m=;Y<`%MXCzkjsP<|Is4xH!jz-yhD&YK%yf zHD>haoKQjOl#vDzE6=rwe>S5kPfa&u1B}3-UseB3FZa{s!!`o}u(Q$c*q}3$4zBwa zMYXKt@nLGnnF%M~hr0FKz}uW}@Ap^zUvCQrHDxwV2Lt>+!yJ+S@{C&fY_#o~mL3Tu z&0Le&ZD&x4?L9JW5V|Es{5W^MkInqr+IzqM$tN!Ver?Y<_3Cubh@6p4##tVXaO;=I zsBGgz%TV}K^wh}m z!;R6msh?xV-&6N#$`=)&D852YR#F3LSSp$E1cN;ynnr5d$w|#iD;=cSfsPi}(T@Gd2EeKb@A-)X z(Oiu=-0wZJW7PpW0;k8=-zsA=Mk)8r8VZs};q3cxHiK9ktl5GdvxMCRX5RVh)hoP9 ztn0aGD=494iW8%Z2Ed9U)pj5gi)81In;$Z|mIe-6uk!L`n3{hTG8#0iXxalALYgh&$k6W6e;6d#9ghTv!8Yi zv8}1g>99b!sKGD#U!)T84Pe^amJPI}BG~`nuQgQm;$=Q4G_cn-c9MSvVzH}OY^fiU ztV`Z!@~|3K7m9$^(?>G6=sV_{r#W=O1NpRh&eW)CnVVbmGNtn(6j&zh8;IAA<@hi- z=&bhp`t>C{vcmoSh3H|cHy$0a6+$Hc5xT;;OEYtw-n8N(p z<89ozTJbc_hBUK=BpiO7?}S4r6DrzrN637sVz=zIrb&YQpnNGl7*58JxCo~P7Z;v} z-=#m_g-`H2bJ$1k7)mnv*-I2EW?67NFs)t`_6^IBv#ci(3|+NGxF+&F&qrNZ z_!@zfavyzUH~*)9Yo3SN6C-6F<0#QE%34Nddveow5GZSS_wAj^%B}|*ZF2xqqj^xh z{P86$IMmQ&zye3^#~~rlYGT?wc={ESfE$5!7{{`SUgVhursr7?N?B9 zZolj%d3npzhUHdFKkKgz0&qY&6X+6#%u@b<-u+-0zoPu(*B7#!uEPqG)o@8sUzZ?$&7DM->67t=0Z83gpe^s;6&r%Ad#TBO(TlUJ?^v0 zyhp9A6|I9tH-^=T74z)=r@H=kq#bVj9qdS3ZgF=D(`p)*@xTrr9*EA_adERt3;@bq zEnthdMxcf)XU!=D)iJ>s+$|s&FAi2sB3n+lM8tYNM4-cCN;o7^D(QY7a-O3N10y;s z>vpdpHo%#0r{-;I>Si6q^QDufAY@6MB@o)!vjyA0fPyTVJ6TDH!ICAhIn@Rpy$q+q zv${!k<0f;$2f@pf{>feQgVHcl5Nr%%&_Hi(R=J`*fy8m^lInFs84>>VJ3*Sm>4JXu zG`8vl(qC1Ne`RYLMt!@Ysg`?aS5YTS#(_6;IoSyTv=aGSrK|QqrP@6%mj=gFRaLEJ zNV*+RV9fZidLtD;GTQF3k1A8Za46^`rU4WzUuGCEA7^%mk16pf>=T-ennDsqb~%Da zri1-Uh7Kx2>khg_eL+hDPNq6ZK%N#KZ%#dhfShASPKUtoEOV38pl^)1Jg_YxHM+J3cj%g^RZjjy z6527aq$*!^UuYqhp?*N!xy44xm~it`MOJ-^_b7RW&ARR_KHtwIAznqh8)I5CZDFgZ}=#_T{2 z`(xM#mX74kpp*S!Bn)xB-5LhZhyrw7khr##fn4ox*c?v@Q81mmybjO?EaYn<$M<{G zrjBv}TQ_^)T^JBt#iKnn?T9u@(a257En@+RdeG9%k)RDRfxvTjvhPbo;Ln(PgaM^i zkHSsIwG>T_QL0l<=kxj@FPw3)6PAwiQYP~d#KU#N5QFpBh9!Ec9jGoB>bFLB9MOvO zNMyCJ&14ZilaT|IZl3l>RyvGNLT0S8LVWAF>822UEz5|;rEWa4EqX*cUheW3#t z(mrtEf&f*-si}N;`@K31#TK<-?3TTOK1YgU*4pZEVbEDyaC%Z_QDY(UzoAXFOkqAC zBt+fM{S>ht?VVq5_ul;2g3K5)ttErXleln;#+X-MQ%F<-QGh?Fd!}hdDo@5v<9%Bf zH?kgg$DjL|-6xt+zZ`*%)C$R*27G3k=)=muY%-s!2w&FA8LxtC@YaLIOq4*1cTZ)r zpc%X+8u9vFl%D^^W8aZBAnHxZTlEf*-J(yq|A5)Je0u*UO#L5>`%GNS|Fv;{M#I+r z=wGI{U!Tw}HH2Phu|&_2HgI+zDi!WqYo1pik#&c8L03{$nsjYnFH1HNSxw6*k;Kwq zfI6ZeFtVF(L?8vWYszC=4}ZIUReUs%&-zc zj6XOzwG3$CyDAM!RZH`>obY%j&A;#IBr9L~0iG|je0|wh>q^~~4d-j?=BS+J-5aU6 zjNz(0ZFj{Os;o9$Zm+C?z$V+vjFcJ0Tv$u*nCM2}P;ipI9s*Nm=M|L;sz1d@8DIz? zA3J=$y-fKJmW^jY$f!6HcK+U6fqJS-T04{bHZ74gIl|eCg2um##l$lxQRvox2tttw zfG}q&ut1`g+IeaVZW17^O@p-kyvvS)G?81E7U+LVCSF?j2iW?Xv;y_=@j4VA7QDCN zS;VvP6y+>RW*$F%<1rUqN@fW3csA{)j>3W~pyDxmDZ5pP! zm5ZEsHYa;3l}4eymlx-kWN0wVC@XB#1STWeie-3MZ8Ufs4RDOrZZf(8h)w@Z`Dhua z?bT?ZM?8Cpi3UiGYsW>r@M`ZasIU+s90|%k^Wj;PtlfSC@xTZ8QS?kbwPQAsEp{q%1s79|}{Y%&SY| z;LT4D0Zx4R)-Tpy_97*eNywmou}1|i^Rr(~y=I{E&hoOY#dtVz6m)aOg=(2vUcE!Q zPBfNjt**^sLw4PD zrkE8uum90~BomG70={IJQm5v4+b zu1(1eRm>7{$4L&J?j*1~86|R3IW?}HJg6|jO2$B@|F)t!pr;$Xw;CAYpop^90-!Cf z!7^|_hLxs9r207;9c->Fonk<^F1gD2n{XoZKxaIsv>u#twliGFVh}uk zd>?~=-IHOSdUokZp)sdj8DL9aU^}4o-7|ypwjC?-UEooI@#<9D8FSKOz7CyoCv_5G z`GsAFXDl4*$E>(x%P~~&Ug;P#`>`hd0w7neE&A!`45XXTJe(l#5xMWCtEQ6<2v0tY zhdKOQIm&vfz1E@I`I!eCA>Rv!diq}sK}@;BKLxy7`{1f%NJE+Y=nCCITF6+T7wbGp zJ_U^_njGrqhMdbnvOPmbGRlrak1J^dA2Vsgd2o>~5s%qtx%#?ASu8M%XIF8){_cN{ zy&@pIBE<9m{kpmN8an*`{=OgD?fp3~qp5zhD#1?n?%0W?FWrJ5*C%`6HTj#}1L(UB zplR$hgw{PINU4#epCa=z)lv8T3B~70dr!H|5m?;xmvzI8OsEgQ+g8tY;XVy1)A5cq zfg{6>fJY};G-Ah*aH_rNJv`M6Rp!f~Rww8`SDpV!@}uUsoAT4bmVH;9DyeI}>ji#q zFisqiYl_H|>}HQpQ}B;(nya1qv)1t7()4&<^+hGXD;fpg+G=mi2#$W?NIyv{~xRkSI9=q`r!qo(qFa`?GBtoMQQ_E&O9 z6|{xj7dA6I{>dOZ_>CA;Q+>AVmPrHEr)#iNBe!$#?ZFN?^}y>x5%a?9D2kl0{%@UgDxCy&L?7 z0{RCUU9{+OBUl!)M4`~Yp!jU4{u`!}0GNshkHszY!2EA4xnA!+|5pO=ASkr|@ToKX zr$reX^M4=LsQFJH-H!Bs_0e=z23pcm#rR{i_0cl)IE21aC;hEQ4UCN@5)Ur&e!dqK z>YKr!aLwh!qAOj$QvH43pQdgj`BEG+$kz9dUFt2dPc+!7C&KoE z>PzuXF|zS_*f~W5QjF^Hm+;CO|_BGY;B>Y)RH_8>lx5$Fy32}JdXA9tblOwQf`a+lc@WWIM*vO29M{iT5sZ-f324%k=Zif zbB)&?cJ#IUmQub6-ti_7wj#0YN3eP}nw1~v5lOD{BqwF@Phm4O`^|PbPs92I+_}5d zL?#&L)Q`(J`C36h4`3zQ_c|~Q)R%9&kq}Y_4jx~RK3wEvGRh(01Uh2|p%Xfgf6xqB zL^kGP0%s_|^TtvPL9{Q?f(1AB?S|X4o}w7W;GN?`-ZfEngTRbdJS&1Up9M}dS~OUgqEK7GLjLO#{$BLj_r>?ar!C1tdsOmVBa9HMr*iCYKH^eEE0bMyV8HVT`)cLxyG(ML zzwB87TcV$mlJY25IXlxV2X`mXkizg4qcxV%Po9ha#pt#5pcHXnMZ?VaS zi$2q26!8c1{U2PNH#P{2Bz;M_b#DsRBngYZAt7Ru5Cw@5LMZOe==I(ZE|yr@6s?*- zQR^0vdXmBk_`@_AoPShg3`k)?^qI;0qNo82UF(X5rTFx+5J-|1fP*7Z1z@q9YNYmr zB74fy_uNO&Nok_ee3wA9sJKu-nQt|n6Z8BTriY$_G7vCff+8?1X$`5qNreYRL}$vr z&Lkrjg=x&N;CEVnv0@b3gS)hh^$Df^BT-y4Z;_-Sv zgz=}-JbPGE-k9A{TQ4Z!5-8*RFas!$>muR1MLm3HF$fMnCvL}~3+NKhk6nPlbf zUT<;`3B!EdkAfP`Peumm;{;$2`-Vi^VWmN1Y@iWK-9cPO6!lOpu_0->kOXp@Yc4H( zM|e)=nPJ@ih#>qXIx3Q-o%X8%i|GD|G0(y(EF$ccvoKhmuq5DLBquC5T`H6B{C7=UAdc6e)**#8GWNk4dQWcZSbemRhaO!HDW=(@4);l; z%$a!<2DPuk;+*ncg-9bWxHIFT;xE#=KFPFn``fLb>L;_=L6x#FfKAe2WV#D%bmM3dF zqha?(G*g538pb6-!4*Ov=c)sQ*TloNe&D+=^ya4fr2H?QonGTE2gVGqWe}N96;_J{ zC--}DJE-61zyDOI>GqC5jX=W;;d%#KAU- zg@Mfjz>i7kgK`=NwBixj($%)%dn)KCO5bQA-DGH;q$)KoO57UF+zkOIsW{r9*ga#a zfE=!arQD{{XH8?^ZAJfF4p$Uq`P}uVtEkz9v#prr)y{HX0s>eZMe)aF?AE>EWDRY*V}(FV2g9#;k6YaOX9PdU}SPF1-pHa zzgk%G;&9QVN=QY^4Z7X62;@r16o0~2uYHK8qtpN%tTUm=_IOgR+~8S|SwEG=Z@E=I z$dyIi0KFhKm%wa>8lzG!6=U-x5Tu zu_U>ECw!?#U#&)$GP?P(@);6dQwrIS{_;Z|Xmh$`TA*QYM5#_;+=-!>slm}rxo*+6 zM~fSQMQZhf@cdSq!+o!9#=X0--_{ckL7G+dE6DJtkNpQ^%`%#pJ#<$$U_e$vKnt3jrB@1e((b<6$AoW8XqUGSP* zBkaJzPUh@A>Ha5*M_n~|5G-bsxCH&N6T(p+E(@0UDzhXGI|_?(H7mVOeV|(YfK<~E z`mu@Br0sdl4%LeE?fUO#B+)pbb5SAJ1*B|Jb5;PKlawZvYY^is4H5>$yWO^=mY!iJ zLJ}v6Fkfo!q;5^gLdItb{UDq-fS*6NeL{eyIJ8@q%T5<%BClDNQP?@g9%*H!&pve1 zL_Wu2Rw z=~-Tu$LVj6pOY?kZapeAG|58s*UjI|zH$j&`YJA)OO$4`5KO+ z;#)zxE+CVoEHvS5EqdJibj z;l!DxWjNuW?f8=(!ior)Ftb9g_GgQWXm4{*lVsNE`0@FCZM&0t3Fu}&;`%jDr?lAh z(z~n8o|tBJgDQr%IrkQx@#e6+A^K|TR@*jr;pNFRWWNAG&;7`6`@zgwzF*gG$1MIB z6)}u|nFgu6;HV|lL>xyU-Wu>6`gn7BT231(sV)ykAEWI>JbG2Q$CRh&c{oD!8|`j& zhw_8c+@j@2_9iJVz)cT*Dr_@Fr6PMEcv-2S%*XO02IQc^UKI5>u1UoXU6%^E6X5nx zt>|F5umv;1^5&|WH8BOrZQrSoW*B}?*NIFwyf&UXi-NNakd+&%#&sfNdU1S+(aC3# zBIPH+e>z7K=UK*94;!#(*}&l7>u{(XH@M;DHClZPu+hpzUKrW(vjRfbPJUX6qA z+Ecy}@qBmua`Qr9e4&9oP)=zQ_xL^@MRY4S6GLI}+8m+{Epq4QEr)R6HWojYNs;K}Tt{CVmFoY0)y}eM2e$a-1-aeh&Ct6(bd4$k0GwXu$oma^HZ_Km>L* z!-hpPUKg}ks}DY3LzH}(HvZB#u~$ZmF$@bR5BK8^q!Ravw}FVB)Hccld4+L9eHUnu zqk=6$Q517TGDtDk#rySK>>L+R1>1*~$uCKii8X~vlZBBOOIGO^D5uma+L!EPzZULh zh1XO+8!Dh+S=`uQM)c(0@p--f-4^eTKzIuL?Tk|L-aQT&Qd&Z;f}Uq@quEnPq%I!z z!|pWZ!j)X#lE4rsamDAE44-OteGsZt`((+*Jx z&mMUcAG=LKjjZZlGiJNe{mIb(n4mH^U^(a_p1$=MUS?ChKGk!x(eeEtH%tmo(W@qi zSM3Q@s$G#c-p_mpAqB6qMmz4f8*7ky#?{%Z-F9XzYUOKS^`$zTL+-_%&}ai&uT6=m zzwa9xWjAy-Ks4^X@C08r-x!w^bO{&M{jDB##hLKv;a3{=_gyNzeMEXNz--dWF|L;T1%dx=WH{ieIpXXHyR`9+{w#OQV!Z?{?_bs;+S3Q6LY zsnvvCzzfVI4W_?3s&d_W#lwX$?j^d-NxO7BZ1&h@!eGH~14f7Wh{^%aKfRN4^KB%; zjT+~`mZ`CT&KCDZC?1SaZd%x$+g_OtMs9OWvwcEzIm;x@pk3oV)6;&Q@F<5Y=g>t# zJj@cc(g3y6!3n~g!y~Vi8LBOw9B|h?ztfuLY}nT)ka%8o*O@*sr;qW2lYTh6e?D;( z$0?alQ(sXt3b@m?=mo$eivUJMpb)yLSZBqPJW?1+;xjF8(mu= zv$b50;R))tIxDOLJ3@k*h$sC?T(*)^)q#4BQx|+t9o80l!pmc$iymw2-LE{ifmsVE z_E@-1^ser-DX8;SA}^8i$=Cf4BNBe{@<2}$Lw&< zIN4##Ji*IsgFZ|7-fvcLRWv*s@97-Lo3lmblK}c5Cj$DkF z#hh|(qjV11i@eF@n$vg|(?yied+I32{lb;Rwgv-GeZ(0MEm`gF>euv%YO__wC(8O4 zxKp{vX8=We%Z6=*kySw)dTRyDZQu{gjRO6UR%x9jpa!Yo(HcmhKB&Z%w9#9KZ>>oO zT7 z0Nm^QN}{rimuD(${dj{;D{~HB794i5% zhi&?rRR!)-k0_XI>=T7$dZb^9 zg+0>#5?}YC*UmK1g1fdn`-3Pd;)7PdNBX^b^_@nEgJsT1!TGBOX+Q0vYOpJHc>1C7 zwpbt1oq-7SWf|x$Mxgy*hPGHL05^o7xrmEL|M=~CX8SAa2QXY4aQ(kQ8Vd{C{}8_Y z|J9;#u>XIxXzZM9|1F4{(Ui5v5r^%$RG)6(vtT_+cm!Yq9s--evL^oqpIoKF`KG_q+L}irE52t5G#WqP-wpUJJ-AcKly#?7*evd0cUKN6GMaUj#F%eB5 z2_}~>AX(>%fU%nm0T%%p(J)oBCfX~&>En=9D(CsovifD?0!V!b&8JBtsBBnbvOou* z^vg|Hf^Z;XCGo-yXk^-v{_g`0YqKZ~g&^H>15ph$7FrCJ{m~UjGOi>!qp*dmDW+&+ zsD1%$^cF0M705tFYKl=Q;C`wsyt^714N^e^e7*2rBYF%TJ%6AlmPZV#7~vqTMvdr6 z&XgDiS(WgSYn*JvD(z)tjg_l7S-D6k4cPm*&XPB!eK{S@&Td_i6%P$S_O4>4k2Qp40ZcL{+CUBgaKRMv zLOE2i~ zt^yEFBgkUCxCh6786GhXPUq66@rmRhbOoF{-6jt`PF&5Dxn~*v{WN-aWcFUE+jYMb zbZJlj;{LRK`J4T(E5$idwO&O({AyYc@mr^HF14Xi6R*B3_;{y%o#AV9XW)+ixoW0R zf3~hP`tsY#?v+2w^u|LBey=&kky|zXx)_eOot*TLoH40mbqm_;LF=7}`MTaDT+^NM zQ8v@?Q&{#6)2!l(31;&!aaxI+tjR!0e&L1h#YP(xf?$m~)ML@n%J(dF+pG6{b@i31 zq#;MCYfW29FiQ)2V4OH#6-NWj1TNNK;)2E*2eTxQVUd#Slxd< zh)yYGUk8NFt~{Tio%lLKJN8OE?_CLAv$FM%Uv@2gs&vL|lp=>Z$I950C&@Y8te%Qo zh3THzzltR$2I3Z=S{iZ`6A>I{2Z=TyN=Txs2CsFtN9;PHtZ}DeiwtabIHB4C(IQz- z#TbkFV+vSk5>$=7NVsAv~FZmv%HIseInrP|ond!6|Z^vCy zfq;Zt=7B-@4B}e_4uAmw{sm48oRdRS&uPo0KlQnF-?}<-9A9I0TsaK8@^u(f2>Wo(IzT0*37+lB-q9$d4Kjv-(kczpAe0qnr0NL({>@9WQM}3 zB6!k&Z!R1J1pIPeNPA!_tOG0g0>o$_ zQp}7Ec#5=)8=+!MZeZ{fGx`4Db1v>6zhnZf%<#?btkBrCyz*Vy4nU)T+k&tlQ%iFD z=-Xd!^K}jp7hK_R;B|ayOMj(odXd`qZIW)18&aSeMik!&E492oP-QarP2)8LO$ zmaw8atkf(Q1pNyp3itT%GoJBlw{&A0dC|M3T!ZE`wn5RTe12FexLz&V)_>jhzp6F8 zPIaroueXj30(&n1@>>TrOVQ(AEWm*fS7~?Gz2jd9llc#Mimc54^B4SoOUM}6{(Dvn zb0ThY{Q0JCo(|Q(Q3Iy!aCn>${shs0yNnaEazZJ(L4;ao>)gk8M-6o%^$N-*`eGzE4^*!)FST+`8MBjSD(0kv((Fv$H$a>U%3qw4uw}* zf0-LK-2tt>PFH`++}PJZvE-41f?|t$B2S*D=NT7b+;>Ow(gvJ*}&tdhZ6~N1TEQmDg|OB zeL5Lojlp6}BzQh>d9)^Lr%v=qSQ+i%bnX3LTZB0T*-t0^>POugy6Wi*da0qaa!XHK z`I-JF72W8g*l+$rSmm6u%wZTBbOf0=W$jqm)k#11qr?(7{45%)N&+lvce3;M9lW53 z9n0S*K?wzR&3KrJ2+=q~n&`w-GH! zN7rpa2Z2ZCj-ANcH=;L|wTRf*8P*FVNG4I83jqm_HA+uR#$&1pu-x;|R4gPcDS_fC zPKIR?k#Il?G>yKZO*Ljimb>Iey|C5<3lf7(05c=*+xHnYgM3ve6?w5!^6_Tcb8Ki( zap-OC7oN4;K_lc2$ge!}k=atsYGg7b{}pl1rSMs&MTm72dNr*>y0IZfzF;U=J-0+r z+(^;vzkgTffDu|7JKo;VH#dKUYC5~knG+nOFKU}r$Nrv4$8z^O|1jg#1&38(kIa== z?B9q2=ocZ8u|R<`-tDZW(%!Zlm*Bi<@Ddw}^xumX;zwQ~0JG5$`(d~T>QuR{oN4?f z_9BOO(R4pDTW%hqaTEyZaYw_?Ayu5lr7LiK+RXF+epc_*a7M2wouc;Zk{i^6vfVav>kg?aB<2o_fW5LUlMi0pmeE8iiZvbwfha(jL zq%571h(nT|e0k~W202U)W}=7mFnxea$_{U)qI2|;7~EieSz;YL6bpGrPB9eU1J7!& zgh#P4Oc+OFxnV6TnP z9gKS*p%bO147XQQzeojr%M4nFoz6KABiTbTyq>1j!z^{arKUim5#GUeQ+a$GyCK(v3cw}no zOc!?OD;E=b8+BVcS;*t6vNF+kGOgpzv;HxvE5Z1#l0Bi81&$T;w7}$+6MS`R!|%!1 z6l+IL5vs%AuZFR67>RfTy+p={cwOI&6rc(HHoVklFwi)9N!!#)Dv?phVv}?vYtd%M zxUJ}@$|ZS*li^HbV#wMo%@jLpDtlOuAsjdNpr6$-*)AO0N4X3tNi%dr)3_YoPK2>` z@GsskI&YE_4-(?@rBtSEt^^;tlP#qSFS_8v!sh|pVGgRxvfaW`wDre_7bv2e2y5-= zR4sS)(nh-&|}sePr$0@xL!jMZu~JGoz(}QFBTjR*8=Vq5_7!erg|rOp2f>yM+>k zZ%)wpEa!VPBhA)1l4Xw)Lk=o*Cxfirru@P5PBN7?R(+$$S>NYZjIzrf<&yf9rVwbQ zjuj41tgxJ)iBIThn5jzS0L7L#Zuv0wuqgeeswDj4Q3{5xOCC8U-!Y8f(SXi{zv>B! za)T4q4jXVk{`kpx=uE|O=NF`dPBRe=Nq)z02d}R}7l_}T5~N`9S9d8-;>L_cIqrgXMW8*A|(%i?UnQ>c(ZZ7m% zT!gxIwCu!}V|3`XjqGoG1s>66Z-z2bab65wj=)1`Va8x6UJQ^Y@puWMP(;U}Nq;zz z{OL?x#h^c-7^=kM;rx8QZv?=MOTPbmv}R>t{2!zB{{t$RIR1P6>u(Kd=S_CR-c$86 zbSrWri2%ZZEhTwoS&DGEL+$N*fqxmz1ronOuP=7pF}m{c)o|T?5P^WBx9$6U`}?+f zJ%6}nFidq$i1oMr)x~E=hywec6aQwWcj_5eMS`h7Z|fS#Tj1O#W3I#Aq!UHzIF_2E z-FO0lS2=1;Rr{E@rVx+*Iyo?2MhM1xokEj1>*_qmw-_?Jpk962W{y2Lrk+YZL+EM% z!E@rXZ7dzkYHRLfS)T91OY`6U2FKPv%c;5)xl-79Mduis^$i8PD(GrM7tS zo-eSaZnE>VtpAazUx9TSD~;EaZGZbR2dtJlR-_0(CWB>1xWap^I6U7$eASDGSGw_Fa^{a8dG~y z;nwAp44qils!&J544}HWt;HTO6{?|c&;MyM^ck}=WxrQjTJ|x!uDENf*}`11b$o!O zr8+1~F*g{{L`d}mPc^aE*eO-N99?jTwc+99Auej-{a6I6?IBH;ZI>272JPoGbu$Y1 z!#axB<8E+V{pekLK#`;&9S6pufy^J9%7lfWd%Nwj_AK$(z(*TsbnhxR$+{xyHamfq zNi<>u?)Zn!@VsANPkf1X&PWv<;3=O*(9{f?=Pw?@`@{&AWwBQgNb!kRcO|dNha{$- z!;#llUteacTyRGhz44-~z2qT_1L9BbY*tFR#yl`_I(|=^JbnL~_jrUFK`0Q7>EZ6y ziw*C+x;qDG^~I7`s|;SWMnH&- z?BW#a(yEs$xtC@KQ)mQbR=D>nk^+Q^2gAy@;B^{dbJYWv>)^HaYvEKXZoag?M$*7M zAO=T(*#7NrR-;g_aY3f=?9?a$+haH%xd6#EE$%qN1{vI>c#1d}*)h82`r>|Dp5OCboL=b?F9Mq6S z6Mol$M^oo}N2aR-#g!2-x0Tv^;r^6$@+1v~3$FB5E`6Xh2dj)d4@{<1j$$e)#Y?Y> zl;I|%WkSV>IoXC|Irs%ps=LZdFIYK}Qs#45fJ%;^C(#Is97BO1Tkdv;ae*O_DGb;_ zOb9+tPBo8G>U`ne6Z_R{%EVzR2@=CWcIEb(W3`p+Bo zHJXVw;bYWC+Uk-Yf9B`yivxdaPuC=pi+nyLYK#++E55ZZK2#DFt?8c9fXD#i%dZzM zWGLiz;#rdPRG%=62h2|oyEc2I+a~tgYY7O-v{zZvI<(d)8?xWPna*>LhfT{v1}_@O zKDL{g1%87cV$Uk(^EkH^e+1iJAO8L-q-B+li5sACTBCO;NOqVYIRPgt+RzDch>o1}O7ioXYi+n@-i6%q8aVhe zzK!%}&Y2ysd@qNJlXApoU=>cz;m9k8l9GGBG(zm4eys6iTtN3PqAvbGaXObCpTgRM zS96xYRp&x_&oCWi)szBuO45Ju!-0Dz-g$wb`j`%>g{Tes)qdc3SI-MjmmIYEq@Sj5{-eIAx*sv-3?_m-ghwe3x5(jurP3Ocs z_F$lnoo*PJd&I{Q8rOE(Px8&}At)?Pg5_C#$C8e6944K*?dW0rO8&`OEf6dO z3Z?Bub*WfsAV)W|1P5R~7AP9$AVdw5RyIvjj3iFg{^C_=_cT39{{EZJ7V5|29&aGE zy=b@kI0y>&$b>uSEX?b$8>fV(2r`2+RTN%uzp=DB6ZSyEqL$2Ln@t)AbEGVZP_!Pb zJ(N`rn!8KM31BPHzgkU)j9cJf0WRVBOP;BE`&2km=RTlDqkuG|u( zrDuL9XtMDAm)&-aalrfuwyn2Y!>t(L8Vx_0X1&O0E>w@cg0iD5`cRU|3*iru}v zRidy=ukY)J3$Abda>z(kEVQii)?;sG@7lQUKttp5sn{V|RE$kG-4$XQ=y?+(m#{MD zX!UWDp71q{*!IHluRYk3GQ-d}dvanw1Vg)0+@i*^djRM0E1 zv_eZ|#FmY$zx2US8bkb9)1Z0fh4U7Q1k{m{2G4QD;$K?_IA$DY9wTy@<8{)$8NcGm zjI%=#$!^o*P3P_lGqbQ{J6t(1aMM{9W=jWQt`wP&#K>LIV%<>c{dt_6vqDl~5odqP zl~WgBROLi23bKxI6(L|f;m73!3YoVflq=XRhJ_Km?cWWLurlmLaP7vT z?xh=oY}pWi!sKn~Vd=8iVjReFyLbyS><65xAni?%gPI_Z5dI=w@l;D6DytyUOmCj` z2bQYhVq1hKInN1OgSZJ+rWw|^$5epzBz0oN8=2*v5D~Hj!2@X)}xnJ zfkm`X^3yAFU{fWO8%B`d&u5Lr;R^^f&ZZRC8Bumn|Hwp z392|CSVmgaX)TC?Mf{te$L=y{)}zMC&#Gr_%?kqbc@}Glel6E)Nb)Uam}VsT+1d2S zMm6H&AQ`t-Fd#YycA7D~C>jZAD`k=rRzNV$Si=8^SFDxkm#~dRh#f&xD4W+0os}p_ zTCFgOLSzDfYYCU)Xxa*&Hd6m&!uZd|ocwFO3Dl<^rOsN`eNrmhrANfK zPY5VjqGUi1Gw^$P8g2=M9p-gv6>W_CdP>;rTo14TPu{1^M2YQZ&e~l9w{5*MzM0W) zZ(UJ`-4jPm5E?1i^em7!u*Sd9c$$|GPCcGLzCr8&cxkZ(_N0=EDCe@P6BLJGZTQ?8 z(SX9zo6?Epvi1J-gJ|9L;H2NAPhXJMB1&Y=aVLVG?Hd!vRu3CRdD};{o8k&;+S09_ z{fxCID1f>WDks9tH+X!YksP9ZDKi=P!S>Z@lW`u>G+*V{`n`gZ4RI?(D)V)`UNYxq z_vYF_y`rd-C>Y|ipe84BD%;K5(*rfwSd?rv#` z)ivrEwnWSJr)IzP`&s~F5Hpjsc~T}3dYYmVP`zA@4?_5+5Tg;Wax1NjhfaXZJlGG; zS@y4aUuZxY_jy+OudzK;TP>1E@#V&ATZVAf9`Ta7IX=yg#rrCBXsx3Hru4)BdC zk(C2r(u!kVr7wfd;Q|UIXxmU!z=zT8~ zhF1w9u0(1-oilY@Yj+$7!EJj7*mN8N$~hdInKivG&4tm_lVd&iB6&gOsJ~UZmHCT1 zp-9n)wa7HpfZB)VC0O*gki?EBv*#0zY$joY=++$W=g7v!wO)ry@(7rzqamp9$UGU3 z<5~rUXeqSAQrq*nm87#i94Em~)wW)PPovLscbzy;2-q=KxMnJE$|~6KjnS&mrfo|F z2D`J`E*LO|NlQQie}^}vksNg#+@+f-^B8poeL$!3et&(P|8~@+lK!`D?!Qqx85r39 zx2%Ace<=yY?1;Uub>l=7DxQErFkY89E>bOud`mh`>etnh%;(bSVA+iF9nZI9g9!1& zDJ(rj89V_*U*T@vFMPN=U)MhWvTDVTEHLeG|H&343shPaDo`7w+2B5B`hw(yOtxIf zTriieD;R3dTNxok4a;rBo)%nvde~-@KCb<6e;~NTvb2vVRoflf*GD4aB^OiksyZ8b zcvQ47!2i~Zkpg@5+aajjmMt~wp5)Y2(Og(vAZHv3@^?rXkzW+H~&D-tk`#t~J9t#_TyXE!%c&OV|qn$7+ zF!Jfi>t}gPsP@aGN*J7g`YuTxXz&#ziNPa1l9UIQiK=Y4{8F}O|HjT{@Y-ZtUXZkh zs0OaPn`>U-Sxi1?9AI*ggPCR#u@hfPX`^3J%z;25A-)mY#8BT#$8{6z=qAT^gE2fA z(BCS!YXIb~!>E5Lt&7W9e}t4$ez3&Nwg@M%+*)K^1}y&w#@^|`!?&GjVD&y4;54i^ z-5Caw?oHI9C|Jlo>J6rl#Bb$7F&W@76-xyz8-#J;U=8Woyh((g9**Y7*{kQs@!vsh zpJ9Ue>T}Dfc@^H^a}&`@rriRpX90n?3-?oBrSCE- za{A301-t-VS<&Xsw3H4et{A|hVC>M>E@X)-uWT_1o9;3J>oWnnS9E?ouC?4_!yU)Q z!J>{^s+d$80v&)^>Lj?AX-(-CuQnntP28x8>MRfFMXLEhI~}urq%HFj3N7NNkl`ZC z!A_aif9Wp5m%jKM+60jEPKPHoijRtxPp@H-WQ^e+ncRR)Y|E-F43Q1mX9!B$Ku!`7 z9I79#l`SiyLtCm;6n-yWialEDVQMNSO+{+$FLsTS1tM1`5O_vfk> zxyZr^)Ssf5D3_5AP)fIQMFzN3F&IPY{JWvn+?@Ggdc)NEW&^mjg4zC@eEZR&o@|T+ zHM8C&DQ4drz&_%E9brHlS5PAjKA?e^>URr?)Ex#+mp}$2xMR*k*s3qn(fQfG{UM{( zzOVOYTA>y&Fis*&w3+G*vPPc(T=yhJ)AF%$Y{U`Pmp zW*;E86JNOajTr(Zz1ehf^Y5#0p(PIOd=XwEHZPZve4&Sp6|KZn4y?#Fd zJc#_jZX!AOP`}OKo<2O>oZ}s(a$Ri`up9u@7DCzCOSSlMQy?H=)mta81Y|si&iP}o z`(+7kJ&|(ySLdK~NM+l#a>X2=!k#U&BZJx#i++^T+X?jA4V*Sc$J8hP{!%GONOr*q z1%WC$6A{||R>ut)fB#Q$RNVS*4gZhwLLGnP@le5hu4t(MFr6kae0N_2>mfB_#&qq} z#~KX)y2TJ*FqG#`R(HoJqmkWOVL~b z^9H=`8U}j>aP?7*#qA=R&z;rrP6Y>AbS)J{RI(_$Nr)(*Q?18#)N@s~RUy&uks-j9 zMeP&5%))~2cTp3kY=uWd94twu4y%o#1>u6WsOY)9$S%(hJ0l7=Q-kYW+s;*{-uw4G zSx0>fCBK&r-pOW!l7~_dK+U46{dP{xbEQ?NVa|YJ4=TxvGEfGbtsRkIpfc5vZG1)h zKK7qD1HUjppq(8ChWzFOyvyFhASbI3XeN@v9Ge{tV)XPwD*bEdme@a3*t1|ORshhi z&Zi7luv*Zgl!JL)778*>ptU z`mIZriR*f}KR{_88T-Mx@81R$V+Sn(lr3_QzH5h4B6_bXsuc-ZOoa(~3aDZF|8FI@@qf5Dg-IR5vk zm^J?|yUE5xzgnEILd-Ffn5+K?`HHzdEJq|i^{jOvu^gr3oc%vI)B2$W8OJ|;^7ub} z@?lk-Fk4BIVJQ`G_G--qoXhcrthwT&xBrQr<5t}xfvyfdX#($8Psucw($=Dv-r zVU-T4J-Y3Z(&)#7ixxm#uhrL2A=S*Y_Sl()j`>Gtj%BDg)6YJaJkf1y6WzEPEYVAo zQ~BE_M$Rb;7qZiqsw+KgJ}ciRm!`j!XBlQU<8oXF1XEX}+T6DS$hUBs8D~TG{7t$n zAYbt*)?-VXfN&LsC8$ivlZBWqs+1v6m~FGqNj4sUErK0wSx3ZL>-?y^>+`eE2d287 z=c!0^Z_i4F52Z<5Y$%IbI4O}Tq_e#(5BbiJv6)@>5MvQ%0KlJFHmc1*ul`x&%^r?0 zz#WuTlkD?sYBIe)B^iGg4}8x@Z99UZ?Sm;F-cI~)-%gT*QuO5YJ~6^vO<{VlsO|3a zFSY=MQNe&Z31gC)J6%LlM=SRhzky_HPf>?J=m&EVraL)X!BSZnz`$%1k93q6vfI&1h z2)L{H35w6R+1WxvVvOm7?$PvH)b+gy5Ok&Lmoti?AN16>0H!=2Li&%S$zp#Xhb*j< zKI1`tLOrZ76J-NFQGP}JJ|Y-eqMt~-XQkQJ_s?fSL)jQgrXP$ihGsLZ)kj5}2{L)K{4;aT#z9kk{Hpk4}OQH|VrxKJR88ERp z*Gw=i6MFQ+e!Vh8N9AaEsp%*_C#^H-5FgVw!$I;U>K0H`4P{PrR@0~-85w-~kVnxa z&bAJ~!5Vf>WiMT9JE4slD~8KMOxM4;k=ml)pip+3S$X$-CaL-p6Y)nk9unzNJMd^tq5KSH zqM!(s-z`G~xlK@(&c*&FqG5;Qo>462Dp2Lg!OxsV&B^p#BMg|7<$hl=b zG^(k`^EQ{KBT~i_g`$>2RA8n+({ONKbbAd7$kZ)Kq{e9A%-AH~l-!cRAl59^1zk2N z^Gweku5aw8OnC^#XtAzF8#NgM{!`K^X>?SaxHS>X~995s#J~*(bm;p%M_gK6mF7Uwz8Sf`t!%@`1T9 z6d-RgxV;-5f84wL)58-&FgF-1aR*i-tBkD$lH_PJ&=MshQ)mm7gDzQ|+rIK!luhpu z=7~upQ(_858K{UYMgMD!iL_$fBb8EqaS>j%ys2pYaMDGUmBXQ13r!%o*V+T?o>`XBqb!Z9`rW9$D$SKf(hjf zqo2PauVW=(T}{$bUy(8^yvL`c+k57}W`@DTm74U3ol|na8&Q7TNJ73dcC1OCFomHr-#F%Wku6%hGoqcc-EPGBcAKA`gYE?IqZO z{ByhcS%dyK69CvwY&WF5Q9P3Z9inUKERoQDDZ-LInjHN8{GEf-_r=!R5SMapeTfP< zF08e(|3gLep#(bEt&K-DBEpFXup9$TfJa6qOFtwEHy_mG$Cb#h_mKR_Mc8}qss`+_ zlG!@{aWnq#!Eh>1&sA!bKV2(bH^fi1g1zn`zH#Z1&??AMx-N{E6~dcTV2d(^!T)z# z23l`2IqR*Qs;e0JAZ)KK5l!!lF>%Dh;>h|rj4!%hRXpz~k^iw2&_Ai*@Wd09&QHL{ z@)4`v15<(sdbfGHVBr(Y729rdVPZw;EAjzc^*p}R!DL!b?Pt4)yvrJuJ>bXtokrNf zZ8$Pqfewdk1Xai7*+!5X)JFAGF8s7lZWoW{>HDc^&_n4hV}na!>eY6=m(fx|+IM0; z(eZ-vIJp>m0D+gT3VXkVp3+@&$$RFmL|14P|Kuk9`x3;~T8`}Y$z~DVxZg%gZt=Ail*Vxxr zES|HOY84fyTFsV~9T*wW;&MSUV@oS&h08>v< zQB`+FMg;KugrpK0@uhKyahN^(Mga13_8xFffOHIuj=c#0M1J_WeV;jG{VUjbU`~vR z&P~7!fMiiWKoKo5GEO6+u~!59@hwDr^8(cwEYSO8LgsJVgp2e@lL3nD)?us5v@ukwtbni)M107)n^GA>&%Ff}zb zPbV`mGEXgVCr_@+zNZRJbxt5{8=Pu@TQ%@}mbBQQ6s8fT2F?TRwiJNIwV=AmMBr>>vB_@7wsHK8qi<&id=mY3CZAo*3<4uaRi} z*;w4)@)N7-+LdnfnOUYaL#}77=AB+xtZa>eYj=4 zoQJXLr?D?xAUioOEiV6zgchQ?%?0Q;-+)(VW=BAvZ0ziSo!npSH#v~M!+`WH%nqJ* z53eymziO@&@fkG!mwG2|B)?owd{c7otE45Ky9K4K_*QQI6m!tI0y`_`Js9M_zgG>v z2Z(O1t*LB{fQmn60>7J6o;6(lcUv|SF`tfgA4FKrHKcctZjDAIKyz71QTzOl&XE|~|c2BcqcXq??vt@5= zhG6vMzcD-S%0Hsj0AS00M73^UMgNWl-Tyl}aI_o#%rkrBL-l(-GyEoN`2qLFE49bB z*Y&5VkKoaZm1)Wky041y7u;LU?w)PkOM!apn%Y0#&%Jx|2jjPP>jLjir}LR_k1K0t zH~w7boKKOVhpOcp+*{4^mF=~wE@%EzzzT-h>0@*9iEqWvX4@}ocXbN(OyA-&j+4Ge zZe;)8584j-_Pl}@`Sw1Uvws11%l04s-2!ISZ|P1a`19XgY~%X&{A`g%_+G>MV);h< zUT1!{*nbBpWno)Y`C+6MU&BKE+Q%_CIMh4O>3j2Zq;FqdSATy>U-3YU{qVYe!%mBkh~-Ze?8oieWPuR#D> z?u`&?XLG~MPb%1&tB?)1A6}lh%~uOSOHrl4t(@CXl(%TRQ!;4n%i6%F*T{=}3vQPl zL*EJ14;ScNeR#?@m@D2Z!D5!B!b<5CSbW~xSt*n8g<05sGk5Wr)bOi{|EMEjgM}oV zMdXAInt_mI1W7TO+*UkSuVO+{d+Q6IJS^w*K+eda@`A$-3S*k@*_02vdnzj4<=VSq zA%W@RO_yWvPpZk<*KFf=A0e|Zjg|uSrv)A{lsD9x5aOt#`SF}-QWke zN&@&yFNyFMHO!Y6!I|#k_K2pJswapL3YiWL@`Sj1(;9dOmy7A5NV08LClxi0r(o-~ zeq+OHsNzI}6rKUKSFz;Vk*vPmpnWSwx||H4Oa$3=uyL&IWxP*#;IUVf`vs3f4f$Nu z8BmwhUu@;r*2nuGU=&W`0n{7Gcx#>`edl1aYBH>)Cuimf-6CJ3RL$P|IKK-PA?+A( z_HM(#O3p?x`sKF~e1;_DGbAF`E+pLyBn;tvW<&dJ(@%bb1l_h@0BdHep1=C zV-$~Ru}Ft&?#BW z(L5YDQ|A5=9p0NQK;JcFDB;l6H@1Mchc6 zS-WZZ!LjQ$bo+tWSq!zx9$)Yo<Cux$I$C@CefY$9rQ~|`Z z20>?E^J-@cbv-kv=Jb@+0kt6?WC^<8>Po+k^%pW;+Bw9zp!+jmz!z9=_7U;9 zp^5Jgs?Isd{phu#QXd7x7|<4?yGbljK+r&K+$n1!mac1Bpy`WupbKGfwUMpjX7z& z0^Ko9wVhw;%73}+Cy4tu=|2>0SBi{kKc+7KyxZr$o6o&ynGskabaYb~j|t#&2{tl% z%z3Iw<@;VlXb4uXHT1Ekmcw_%Q35*q*qj^N7B%XtCP(!KTHmHrX2)H!(W6T5!(C3c z7P}De%r?Z8%-CkF=@s8CTA;_ILYPmv^M$NAliVH%J?E=o92=)R{7r#6p`!{%z?EY} z<%ITg1)pp_Gp#;U18l zC|tY>9R(z6RfmV=2U|b#P)fJ9VK9_{sKZ>FxIQbnNB9Zfn{UZd=H}(WDp*zC%Hh(-E_jMi=19yOHfwSZekKj}c6-L*Z@MtU->W5QrV)-A?5cTX=8C(VSi|YXs5{<39u&@;4>|YWOEo>6lrK z5O}sJMZSS_aS~sL{P;4Cn*h#VcKDt4E-_?vZiuF7Yp-k-92py?lWj~(BoDXM?eJ}Z3S3e%?@ z*~u^N*mPid+;V;j9!H71Pb_%hn{UjPnd6NazZ@+ofEYnCf9HBN+vIRXo1?#}5?aw`u3hqyHl#g9pDC`YQ-oH>w6Xo}yY>VXc!yn;VZzZ}L5aiTrZO`~%6(^` z6R0o2Sjg@!s$MLHEp4G!mS@d%i0Fr7h zF~`+!D{ZS(sUiot?xukS>+7h028hQf%m}dYTEsKBSl}+Rttrj>hlg?gBSnU>(IgFy zj(SvzxYver4sqN1o|y%u5mDiH;(?0E3jg9^lpWGy7C0OgxP{d?|F^swVY+-xM0e(r z*;yt?v;CeFi9Z0acRECr0GEdilL*AX;5MmkuL8RQ9}E84D~dREkvnp};LB5|d#{J4 zRhA&wT_Soqs&kthO6PH8qpJr~NZ(}6y)<8rCQCXu#zV0(WW_&{WOTYv50zu}9S+mfekFP4L zlSWbjVbVk=jjy#Oxo_wU!D87{3=Pbxb`YIu(wFGo^Vq0n&AbU{i}y<6Sl2&QTU%Ui zXB8!KH?XT=Ia5(LLrSU!6FPoLk+(Ngd3dZsMk8+knb5Od!p68L_@q0v!;uQQob9$D zb&0QrL-Sv(WW2S2xrAx7qy>_C+;nfv>qG7Vqf|gxH&}j5oAH@6!ZWg_936{q^q0jo z;_=%aZw{tRAj_*M{;;e4^r~p{ZRpM2;QnGh9MNoGFFdyM7emcFSu8hZ)@ed_oF@Gt z;s&_$i1WpKS~T&JCYzZ~T%&V=PHabU$ra^j@+U?s=?eSCmKxsN?dilPQp0LLr`-rJ zpFAi9fX7R~I!d{!nY*+T-XeWLan$5zRf%eZ1$fCffJ0}%R~5C{jwHMmS``IcBWfwz zRf;U!FPK_ej&ATv2H?)N6fmkb$+M1VnN>p%_|3mrf()Gx77kQV_cAx2G{ufdFKW*| zFx+#XxtI!=0<2O5@w3(sCmkTF$6fln%x3_@=9~V0Qh4$~W(c?d@^D1nbi~}(eYTLz zBsGw(N>P_7r~Ggu(L)6GbA!YLqU1C=Krp)!FZ-h)-{h@Z4g6d{BD<>%uQ`31uz;G# zqswRlkT7OImmE*6CWuYw&A!+F@HYLNl_GcaUgLQHKDmF+$N)x!ny{E@fM^+?Fdq$Ww?Il$8}j(Vr7AQ}1lf^UM{!xVl5$rSn(eDAZCwTgjW%B4}M zb?r^Vs46^4)V(QMpsu!r_KO;Vl-3Uet%hX59IlxiHmgHVDnyU<{(I>7Ug?W+EL~rQ zpLNR1YKd&;@~>m_QuW|Rf5H<@gAL{KY8#n{?Oay6xkX8Sh%gC>jolkJNj&S{!9hfQp52J20gRd`b$0gfc9>bI7`$>FV0R zXPG7TPv3j#1eyC5S0Nt_3hKtTHHZMigd3Sv)qxM&;!MS*8d^Eps5m7gkDnQV zAIJwWh~QC_I{C(X^GNHjry zz7;MG?5VcV4N^;g;sBU%PJ%Cms*p-icy6P>KNpBKj=7dnQ`WB#S5*_C`r3Bp$|wSL zYcs)eulOEHPUD+|sS1_h)a;dxJuzAPdj-qD1PA#G$c(@k%L!NdYmjqrLH_Q9_A0M* z_EYxE1b#gc;4Y8j0DoJF#}tgIa(u^c-IZgzR@Fn3&(35f$Xx~n8w@`mDI(-@er#-B z+ik|ZRO@vnAxE&g5G%T~GPu+i9lQDm3|(K%}`d%>7`u`OKx_v&pzR zdylni<`k{jwsn?-N;%ojUBQ>#5=eWSVjARl{UT6S7>E1XVAh#-uo$oLXr~ZYi)R4E1KCpdw7FT!a7|^u=A7F~EZ?0sAlmE%%brtJ;RQ;%#4iX42U%c4^Jpj6L z;{@fFE2khEWpPyVqct{S#TVljGhQE*~JLSA`eE20Dz1g;SkG4%1KZW@SVu zO6GAZ3TPQ`xSG=)dH4v_$yVUa;j(BD{SHJaq`@Ceh!+&PpK6{l6(cPIL~j%FYm4n* z5!x~w>cJ!aLbi1$A*YJy(hqq_w_qANrpa{+mrEOdcn#XEimwXTNk61KIl8>kP>|%Z zOH3a@$-IWi6^KDp-0aF!v{P9{Q6V0N&@Sekjzz+&s*`~5Ucb=I6S)EW*YYsF-(Tfa zxfRD3)SLnW7fAS0O`1T>9+%x1-Lu}V^iO?F6v5g~OFD|9tR%&;8xXxW>bArDkxWu~ zYOoFScU)!1!;GSf`6#qU;S#yaY(mP3)*unETB@0K6VL2<^jI@G%SwlwDL7Nt*zAP~ zROY{NgNFrq+>^JBb{FZ73-*{$lu}!rgdB^AyEd*(l0~qsg!eKx7q+pAIUY26v7UiW zp)e6PD-Qn^vvAi2nIRl<6P|I^3$)otY8usPh3{zfOEkBEu8E zmhdD2_=o9W;KXCBv4afw2@?B5h34`$C=icX1XCtWo{1EPY#wt#^&6$H!@UX+2GAfYF0SIo#Ns5_N$4LbKfD` z=E-Dwe%PEluQN&DM{-LO<5GX)645OI=^_EwBd#H%GSqVTKCEaYcpw-`M~5kMw?VCX zOX#Bq?u0-xc=9$K+N9@ghwi%Wq|*9pGBolv}RS z)#;{LF4w@?$hC`Cog{iaCAoha07Us7rWaCg{|Miy;wSldu)xgYL34;k{1~KO+Zd%< z|EVPO2oL5wQj*0>(LI8f@k%ue#)MsOUiczbqK8A*YqadPh0;QO@u2mIjAMW)gTu-574~+AN}3^dGL`k^eXQ7Pm+eOua9?5pjpP4rlShasn^&_6CjJ}Bj^ zDSfKFu(1rw+`7yb+m~HZb_?KOc);o)djD%O<5DqkZA6o2sZb;G;(~ypg{S*19J97a-_S90X|4d%+8Y^UDxEyJ&D*wIlz^N+~?S!^lyOYW?_srSU zF#iSEhd7+AA5#QR*LN?e9|F+QI8UBzzWG(}^oToEjgl1#Q)5{tv8V3FPj9JQjI8h~ z6-loU0od{fg7i{*Y>25w5&X~^1_G&f5&0WE^`CR(xSG1nzccP~T?cr0lE0%Y zq1w=a1Ku2`7B}&R42-9)c7!(uCt45_JjI1pE!wAkw3zxuuPPs-S&}cka__ zY{V*wjB~v14`YBvJ8hOB@p@3y9L{o%w>A$BvAkHar<%`a^@FeEtM*CQnkf^mLKphf zZ@Qkd4@5MsJF^)3OfcZl-|*KM1^hF;Q>+am4it zDw9aDnBSR-THfT^kAN}ZbMw95la-K;g7sF@rB+O9b~^9XHWCm2%F`c%X?W5o!`F~8 zjg{@=V`9?7)`EU}w#A<6Z!9fB+#|xmc*m>3_e&|C)ljzah9|odr=o~0Ean+$)2Xwzjh-D|>L@wN17j5*23PHWlom2dOX35O#is+O?gzz+X}p>f&W81F`+ zJ!vORj&eL4y@%hr8J*ihbVU#^Jw-&?XHZnh@+d(W!{#&?oJCMpEKT!8+w62wTTt>| zR#kC4W}-H?R>5H+AbxMPA_^ zwBIl2>?;@;3x&n>cZ|wHP>ZA5FTURNZCk!|xjkfmeoSfGvieIJNFaBG-d80POKdj= zg$U^KOgFEppBU2KjS%bm{XG1e_=BjIM@!_(O|Q((X@8PwRfuI@3bAS{ikrP>Tudr& z>2N5hM0UZL6581>hkCnG!cQxi$!cTGE>#z+m6mEYF3E>mVIs&Xka#S_6=@G zTnO&U=u4Uy)?u;v9o_9w#tpOjtH@$T^c56VpwP zvWR-^)%l5Fp0@OJOX=N3HOQ`*BXym!6bH2HuV#}Qc0)^Q=or0*#579-bEJuTxUMB; z9vPDH9@1u77PvVgmNgji4tp^t?Nmi=*=67ODf!65G6`gr(M>$~WA=6Ai)#i_fS$Vd z2}&rb-}p8BSW-(U>{|~63h3x$xS{3s?ZMPTM%-`fWRBGjmuw|Uw1fmR?(kc0NF-dPcWT_ z*$*db`dU3cDc)^(^U;!=K6bo7FBDY@Y=|o<$j5n($a7!yN#>;{Iu#d+263Nj{cL$RP@=IZg>%;QZ zRJVrjs-oq5^UF7G;vM=ZPj?6#A2Zkt-ZAWlC0bFYi3Y}Vv@6aZrU12K82F2_2)cJ4 z@z!2YT`STJH+p*&9Z=s@6$p-RN2rYS$^wnfuX16y<4_Hitc#Flff(XJmmC-2r4WgW z^gOJI1s*PZwblfH9Z3cf+zaRCP~`E^ICX^J*FaHYRidWCB*6$WsSSsZNUPK(nON#T zOz`c?@lT(e+*FrxtG|y@FM(-#YZVX}q+xuB9%gYzGya^S3>qrc{hH()GCG!WJH>r^ zrjvy{5VvVQ>ff*ic+p@La8cM^JETpzs$BU@VS8tU?m2nDbPd)1*GXOrZrvG-8edYX zBe6rm^Lw*x2I>N?yjW$)a|~aLr!*TB(;C1}w}@G}Zt2A-uCE{=xZK#*Qs(T43ChESB-I6i_sF^Z7A zWeuj5k}aMGiAmiL zUJ8s5{HZ-&W40cJnoglWpNCfT4do z-kbkX;u+6M3CW32D$GqEk+5cx@G=6=41HERdnWU`fwM7w7FQ~}DK}7IqtSaBi zYpL;+cQC{%Xs+jZdm*mRG%Ws4Sf`rM{&ea(Liws#P$aHutf0C13WufG8?~{|cDeBu zEd$azPO zca|xftQgrosBpUO4+UXNpRblNa90#mFW-pOR$d=^>5Ty{Ij7@<@rC9Yj4`!3GNWH*)A zXJJS21g~Euj4a%)WJS^J=I-sLGI|BQ1}mab3JX8ion`K#IW66<2lFsksOQNZe;PLV zX>VM|v8ib1yo-Vd#V|V7fN55~@Z8;}Wv-zJK%ENq}!>x$vfQy&Z2cxtn|lqCb#uri##7`IL~)U zrgT4=8_dEMnxYcq0aUr2D}W(SH_t%znIvy)XpVQ1#8Mm&gNsRs+?_babDQP>ou6(LGC6CI@#K$He(>D3My>%pfMxNg2!GHiAOPdEwgIh-w8snrdCb8gOg22p(00`A_x7T#jkcj8d&KXW6RsUlAy}DmT`a%fCfJq*j`7h z*N^pap4(6hHT4_k9~2pUY2$r^W{MhkfMJ{3`^hJTs_xrzPP=tl4GR)@(v?wf)Ri=2 zu%e*BAO(mH`63j%p<^(o`%O>RMcs|>k38~HFsDKJH!Ig7YJ*jTLX&xf?4_%i(pl4y zm7-p#5%W-$!}lLc`FJJuEq8C#pjqL`*GBPD&15)kDU?XPk<{+gHxFX3T4MP*>U^BH z;_j^tC%*XbL})}&R!orBs&Ar{T`;xsI zlV|;WGYx%Q>%o9*1O%jX41zbPSCtM#wpd z`Hi?6c=EyU4JUx-V79vbSd%**$~Qr(Z*dmPbD3C4BRe4Fgg+oYD+*QLeT)zKK0rFR z@o7s`#^#ptITv1bufvO9<>adZdZJ6xqWuCkPI!@vLM%M(*qjTkDKESyh1wDb-VYxi z)eXh>J`KMq$mn^a(O#|qe%i4vMP;CK>=Cy_QZSpB02fQIj?@W`wLV4pz=RRjrQ-vO zc`>G%FHd!GCmR38vs-|OPp;WPAL3FgUbDcqt6 zVY-|thh|GXYNx#QVk6jhQKZ&&nyiX93csFQZ&&PC)Mp7FiV?p`2+=fWir>D{7U)Q; z>dzqYFT91mC?tW!AHvTM51Q0F3SwQ-nw_gqt_1t%{O;we;hOtdZK?9D$nx z2mMEaje$-uqg{t)tJh4BygHU!?ayKvVuy;t^N8IVQ{iDwKT;xUCdXe!6Qf#1*@=cR zX2p0qmgw0|y=Yr*JgLO{SAO|V)w4Hk%c?#>@A|kj zZ!;Yq01w8~NKpNw9**FhW#plsA|3Rb>RIo7a;Tpe^45x;N^WkvgSw|n*PQ)xvNVEw z4mG2aY~fZrCk+myhgKXngrua~w_oM6j8?JoR?`{4uWQ?RHg z6K`B|FWm=WvLLyhx?U;WG%_-7@48Uk2JHNVE2>crJYX7zfUijzj2E#P7OI3Jf~rX= zUPNY3*Do`=* zrF2=>OXV66XRXtE3Wz7pu)O$fN8+|Q&Zw-+7Y8R4ed$#_Dwq5+LuYFpY~QRz9estJ zEU$m8b&TkYao=l>d!g%0PrH~jqw^7)Pdm6|CT{`>k4#O{=FkraGdOcLoMVmFrnLO67T9TZ?rzc8?J6 z_}ST*Bv_M`jnr*C-rMf7w#J?Nw$kzj%rU@7I2b+*OLF?Ei`4Vi;(UXCPT(uBobg=I zfYg>~zKXz%`}WaR);2-ldRmaw*iXIK!H*=UXm5=yKa2m8SYDp_&=5h9TYJ!(aJd4VJ@@Y9rRe_7fU%F^2o{JHiF{@cp8aJoYm=h(N?Lkl zfsqRxtM3NtXSmLCa(DYQup91H5v({CNXE@FG z%)1&;d-+9#1L=nZz6FBucsN{YP|<$jAD7!TgX7$E**Va*H%WRFNLy-h>O8i%sbJBw zwTM6Fo1JTeh6tAihKg^T3u~YEroULY22=Z4=96Gf=;s^pgwWL_9*GJ(uvAN+H7R0`Y;tdCDfFj=W_R^CQoYekyG?T#EH>Q)Do)58WcGY zkG15mkq{FPwZLu@3J;wT2@-h=h0Ew6gGtdWg0OV>HYw00fV23^GU3zhXdty;dI;$= zXi=bK0A6Tp1oWyiccNLXpTxbKd4~IYH(zJs7EF+fnZr^iVF=BsXKE1pjwo-;P6}f% zC-NI9e;dbPB{$Ua7s~qs<~i6sNzv0xBT~)tp=lAA#sjBUzePJ?SWXg*5h;cf3Gjnc z)F&-#+}xcxYxR@WRS`3(+%4%^>9%}nkX^BMNm|1fldRpT9VI*$mK!`l2Pss!Gd6p& z7@z()zYl?)Bk#|x{;*rCt%fFu&l)CNa9GAIm({#=of|@cEs67;Eb0oqPAfTLh2Ad6 z#@&zLsJM4OZAy{ZnO$k_frL}{ylV*$1ol%sN%rD?+;)`xT~6Z*pWk#_qY>6Sig6w5DsLUS-<5EN30zuK*X=$&7y)KHoL~+ z?GL#T(BxnT7di(UGFIs5lFlT8DO;@P6Ih4;2d2(DVI8CyWjn9DcSSQHB zN;S4eiQNl5j*mpDbb#*0b4eEQKuuN-UL7K8On8VZ@}bR?_oY{i6XKOFV9$qo9Y;4v zJ_kblehjibhzakrn2z)aSJUhaGY#x8s$B^79XmVU$K2J|B0XWsqNG&OH^GK8o<`07 zRYfJR7?S_vkGQeAKNI4K_LzqaWudd$yJ<6&7~EBRu2a&!DS`#PIFGYm@gf}Ss#Q@$ zl`bk0mRbA~8?3f5bx1R?br_9F0(Z=0Rf|yF;QTxphOF=l2WHx^JL0xtTy3u1LP3q3 zcoK*3`Ouz*PJ(1N$dz9AZJDn(d3;v4AQ9eR2lFSL`aXg&mX30|)rJ{>$b3_-E=Dun zXE=ydY3EK9PXKALNZop-Euedq{~QspLxax8;e^4?7K0*6dD)v*% z@r@-rq$W9diUnPcsjHosveFwgZ^aTxJ>T@+iBuKOjvnLN2QYJeVtr)$M%MfM{c2(^ zLfHBe8Ra9-+Vvj464aVlK(NLk57a3kRuH?P*I4W$5xXh7vU9dzaxHSz^HED=iw%_9 zX-@;!(F9&FbV8@UkDY?ktn*NL?kDg7cOSz*Z71Xx2jYl6oy5`RrmsoN##j62^(6JW zSQq)o6t_M#mRhv)gcWTT1VExtXGNB*X)I^_&b~?nHfHnsZXJKO{g$u{7FWU$3eXp@ ztE%IpRw`lhk(OyI&X3!7qBW_@6IWpN?jaKqV${1PeLtaC0|8dFq4NcFg%Y8wYjHN7 zP*%LFr$^0+sJeC`KliQ3Y{%E5D%#Kyn_si28T1o_+oPi6N<8V6ui6e%RI~gPZ}r(4 zt23X!^QIdky?yoVFLqHx{vMy14|bANP7@y*}Z zu-7c5Ba!8`j1py_wL+1U1NxS2?YRKDTa#$Ibv64m)8-fQfLH?M*B~wYQ7@X@kxuQ* zayPV=jqdvE6q)n`cve-MXtbI@E;BkT`D@R66Fq(SKr8ah2{Cw+4+(6;$X_E8XJ?K? zi@yew*3|q6os}dEPn&Ro`d? zb>5qC9UjmzdR~mGb3|Q%f>=y=c?*Y0djb$XD~f5xB;Bys2o@uA`aM6E;?5o6h%aWf zwvnGKRTJ$A4GuJ$q!hhtGRJLF(P2Yunbt5dM3Ed8dj zF8ykldghxZvHVwMzl%;3G!SMTdi)X)^&b)`m`ky=yyi%MZXwI^ha4L0a}c)s+2?Ho^aPB`6&!Ap|eC zyJ%HC9w;QYWmXz<2}zHU%y>!uQ_2#{hvlHYd3_H1OvIDq2V(|1%5TI{>Hwu~byr<> zs$hG7ba@+EbjiU+o4kGjvQP?ecUnbMd>e> z<;OZ&8o}|5)Rp2IC0L`~@8syb5ayD{u*b-N0-SAQ5<&ze z{WhD3g_Y->Z(^cXB*ieKTNq#^7DMy!rv~oczFfU;x>B=M>0it%;4oMCg0o=C;hQ8HNl-H{sO=T z++OSQ3>6dtO`8kx(9lZ5zA&do6rln!QW^xs zWYU6jN`zt_ywT+uNvLtmHzL|GOcv~fI0BYO4ms+B$dJfS4idLMWnSO=bOAXjjz7TZJU? zf0`5%wRmd8@p7dQ0}>sn0G1ZxXFs!DCtI)2^%~~#_(%wOs1THAT2Dz&1i)S~ZH*LXPggz?QKZy0{= z2w}?JJ-9y|s)bo$O}_+#hmoek!oy&yGODGu^QG2dyd+>g4Y_zVfqne_=KXzJ?WHz( z9*}p!>W$7#qpD;!C69FVRQedJ@e|=}PJt^8w=j=BoGNuGD4N5Da})zK|ppGh$HDA+xB$#KFgOqYmpz#X>bzZrw~qdHLud zHHf}tcUb9a0mZkAKqo|;PlQVP5-*GGPq@=@o8t%CHJPw`)+rq58f2^`UY$hc(gzL< zfhkG!B?9s^JNT1Uffalc!QzMJud_8MA&e24<(uP`di)9a^*LyY&k~woVVZs=IjKhv zw0PjzMVzU}FYE>9uP@BmN5rZ0lqhX14W=X2Z>TlI5&7R_KHNkLv!|bCDzZPsGjPOy zRgZ^oz)3qcYpvt2VcnDgq;q4bluXFtMCfmqA(JqzzXc&)*+pG#vg3V z8aTS)LL2|aWXYdh0Y=SaB{fN)&;Tzp{j!%7As*<^-T|)W?BaVx9(fjsZLiu*k(M6a zE*98v3Y#S!E6{OtSy+TI;ecfalKH_Lh4ZV4Kz*Sg86tesz7BD>b=r4zu&l}U1-WU_ zCff)=H0#6x-F#m4QFhG#$FsvLr&VP0@xi60!8lZYQpr!M09xYq0p15;;%d?_wL#EE zK}&PqBP+@SZz18|FSenc^kInFC_Ox?3B z355u7$cqXNp>SIV3?qq_x?bt@;eeiBIH|La#sMUf6=&4XcRLc|djKD$>41DFY&)+MFW%$Ow4TTPIe`y zV1QDJsD{lT>RZT&l)rn% zGM3^J?k9Bn##B`!FKF};`tfYO^^INDdn(vZ%^IsPs{>*hL0^n)z?OXQe%H{AbsFLXL0kl+T{ijXAs7HdLJ$lUDV5CHJyR1u_ z=9fu0_S4s2et4@f%uG!|m=rBPg8k1XsdpPAY@u^HxA-BB{LQNstT5ilqnJ<|;GMqu zwa5fe+%edhn=O?VX$oOZ-!|=FbUklOXc{soVnrJa85jevd^^sL{>>c|j_UAAO=mpY~UD%k(>y3JeJ|@ync~aU$IbT|`9LCortM63t@LKG|A>-4dHh5Q%@fR>6 zSWhLZ_+?e(c7Q2ILF1dOHC#(46G0w5%rvjrkThzvv(SP~n62*0YBO0OgAJv2jsj(; z9Vw1Yjx2mg>;NB~b$`g@d-eGQ3I1mtA<{mhDz5}^8a;+_wL*B$(2K=NmaYC@75(rZ zV8boy#8NQeENYr4rAu5U2a+g10c03mPotX-P$z>}DC({aF}Pcyp>QydOJmBRn;=~rZF6$%iEgGD>swsRi`Ov zI(8X`LfLYMe*(WWFFmwjo@(iq5^5N^B}Q4H6Y~7}*<|5bH~MXJ3nGBy{>b-jJ%Fl0 z9clS#9O*5mN(G-9C3u}PfCc-ekc?Pz|$U}YwR4q8)=g*{I$OXQT;3%U=^wf#eTqq&CY&<_EI7l`GHoZDE5mF4U^e7qI+qCR# zU5R}d0{;d6sTO~7&It)7IC&m#v!@;7Ctn)u#}NV2{;X)6!O`kbR&CoPdzc^N{>I0| zUuJ8s3UZrS3SF+I1U@R7-ysi73jz7~>ybYM;akvzchDHJU-|1>63CQ-oExP(NFbO4 z!Mi3*3&CuRmJTKgq#3;n+*K#8>H^woC{O8bg>f=aOzagSVDBd>G zlkY=$*@@1HLCk!Q#Okr1;!-qO|4GDk9Hm7xJ!?!LhM)}kF*#lghMG4MlOD#wvbX7j z>D#zdHG?SGxz!jFobeMdbYJiX&danqbPz zW{CwOE#QMR$wKxIs|y7d#hgrm@V*35yhzS|*(~j#tfXwk3f=@5Ilud1w=o z8mO?GTD&=$bNJ7|Pe4F~*M)vS`30Emb=AvhnhXr3{z^NWF@Y_u>DB(UQ#uDogcRDrGD@|2hlv`}&Oc3~oi$ODYx1$<=-)v8Dqei6p zOr%bI+)8;n`2QDLEv3?y!Jy8K(S*V1c~$*305!XFETut`=F>-r(A~NT2-61dI73eG zii!Afw!@IVlfcM%O^e_^bBD&40T?u6Uxo=>^sL;(&9{cOjouUR`DYt0eoF(x57L(l zL>?+P0sV=OuTUaEI>ef(EAFCOx4_i`@|$eU{W{Gd@DqwcE>Y-w{*N z8eD4klZ-&bkC*eQrE6{IwlG+VOT-Wc|vH0~>(sqHd&EfMUm)!jf( zR8C(i63vd%LV0|S3~$la@z6L$iZkEP)c|V7S7up;p#$-C;5P7m>Mi(f^?H!G_Fp)riWMFa?$fSN=+00b;(ALIGE-Jp>tQ@R(7Nf4dFG*JR@ zHs1N@cmoBj>Z_xMyeF5IR`I8VqY?$@{MXH{XqLyV=3|?7d4sInEiVFc4xaFX)9HEL zJ$3a)^ukYkpCF$!skdB8ujiM1T7iCPH|T;+!w?%68u`bv8xHgF&Pd4EFlH%j^)_*IGg&}TW_!U3RU1%X)a3ZDv`n1nL9*|rR#%2 z!goC5jvm7kDk!mB2VJRA{*l3vb;+0mDWR8B8mr%KS&dq|`StME4S~S+?-IE{BYQdl zq2jzwc52xzvQQbq#Fyb`Vk|Yo^Or-DL`mb*rnD%ABB5*Ph7^3u5-4_UyF-Tn-r&id-W~p%8o0X z{BIdrB#8((U&JZJ-i`>k_%noT?%Ll%h^cnwd=&Hv*4M{_frzf4()k@6RwN%bCxuIg zv6L?H-&kxl)?RsfU-v^U!Qr|-ysmZ-q`JQz$Sf#D%+(&gd49Y|PCgBmCXo4!TyqmG z^ZC}j=Y7?O3f{<&4P!=?dxXyWn(Rfur1@|-CTdS1nbdKDfP_u*!#xwUPMYL=?lsDO z21D!l55grvkj)?ZTq-;UDKRKrCBPkgQT^q*r6?>T#k5=}?9FkhuO1&c?5aWGJ`|iX z54>Rhn@4qNe!Br{#mvts!4_TeDH$a%2P|5dryv>9oVZ2s3KxE@7>Gya#7H**Ms=YV z>)pql2?2_{m=QnTxo_qrhkStl=n(LB&<7C10<`7mtw7ep&~EHsEXJ>8mtLmYiNC9{pNS_&h0UW@@b4*q|0^zc(9Zbtjk$3hfdCV-f?Bo+$Hq z76Z}X;e~P2D)MtN`Pj8+8A+Ut4o+5Sj-9!b)LXc|$|5f_k(oJav+dlnfxw94*i@sw zW~6eyB&QhvmcD-Xm%5NAg#IMQBl$@%rerW(X%O8@+Yn(oh6@+FuaH;VE70BFwuHrW z*j}yShbXrHY>}yvUhC=|w$qS*T+8823P$MaNv3d(a>pcoOCj7r5I*13pyF%c%hRU# z5`me@XK0Dr7Rcc|-Zt_|ok#i3TIO0Tc!DD^LZ`#B2?tD49P@cnZ!XT&&F)H48MSBk z@|AwP?i=Tf;x1r481Mm@s3mTHgU3R^Q+isf+c_df4AiQ(Em>@ImqdXxl(bzE>OTRz zRTB8kIxnS~%5zr~sf|NycfE{_Gc60u(FASOeCAMH8{|95wy~MN+iqxt(1Y@YS>_8c z!XTpG@;tm0aiZnc(8ezcyoSE~vG!W@&UXJ8QkkE_H*`mVnO=gChB+8&l8*5$0mrh>(MEw(l2(yxcy0)q0LpkT_2JEx=O8aFR}8fjF?t40cp#KUuKumfb}AF!o*Y$kqQ8axIpH{ z4*PSAQnj555LqJs`3kHNwW^yOqj|QJMIBnJpb6U0>p{r=2lWVfkTe1fyiH@&w5mBylH$7_6qXs z6o~BfMvPn7|G99Xj}s6{UVkQ-oAxq>5U$sa3dp8XZlOft`GXpd96XKD5W$fE77E`y zBtB*DP?WC)wcRKj26M_i;5rUv@Gi@SNjHUdhqNJAPXWr;T(vgKaE5kV((_n0##UWWrWU(NHWfLi~meDp%2p@0F64Q&Bs@Ix6ex z;8wdf6D>KUL2ZX~pP9u+6+@h}Wl;Cwc+^Qb>_VqjU~Zk8Dy=?|v!p&Rd5Yp0u+YK^ z0PgJpVsavT1&ke2oS8ksN@qAIS>fd@OY5vQ1)4VKqKqID^})dgqSLl2;MlmWk<+{> z^M^&I-mN749peCH*P7w`LWCcYg@E(wL(+t;Kl%}sO`7Iw-NrNT3cqC=(^?60Ys$)_ zxp`elJ{J0?QHJN_V`d*`K~3?bp6~TneG1&bRVGaHfN+C9<8MBmb?sxBrCXYN+B^Go znXoQe5^#w}KJwNgL1U%H!HPm}#<Gnup*siw+fkzpo>ol8{iRZZUEe9PdYx1pfG zm{LTb(%F6lm!dX_;g5sEIO`-n&ycu;J1SQahQH^$ZrctC_#*9pv(`-xuWHz0$$ zMQMLRQ=4aUm&GZefe%;xGQcjO6^tCb_z~PJzs?7Nk)8mIc$oeG} zus9KfMD2gY!1M9Kle_kT^gfJ7kl}eFtOPwGB7ABI>C%gz#y=@_&6~F$rkGb76i$L^ z%mUt=TWX%tQ`wWn#^!Wc*(%Qx>yE7c74r!oPtTY?Zjvu`8<-!dE}^%s1d_pbZ8FNvqZP<*tbcH0NxyPTI%UOMQYoIt=93ls5zAD3x*7nXfAN=wP5Y-{D~7Ra-Y z(e7Dpm=HixlnNul*3Tlo%Xq9h-vT4rY*cb%Gy)S6i^cs`Rk%6%F1N)8gn=m-)6{Gy0KC9?`Nl>vrud!4}bzqr7`=#!0!7 zI+8Ry{{Bj(atrO^(vqut0qJoqaf%`J+Z>OcJdKN4Nrv&`GA>C=4jqPF41=W)2Q#ZO zWVK!ctYLwT&E0A)1bs2rqiZ5D znzU8~!UKLs8`4CDr*cQO7(4UM|JPNCk>Z9vHCd|*m?a;P8MG}BVKm4q!oF`4Z3H?0 zTP201JbbX-=gwLrBYwuUixMRyaP0bUH@G7-6#1=_ zdd=Sa_O^NkY#{dY3H_aFrbMF2n`p+ ztpbqby?LyA52_(KR>SW~B+CAHOt^FNdr_NQumf)XIkvg8JteE*c^R%M#h#8W_}4fv z%l_oL_zKYE<(s9;z^BVKYvE32APRjOvlNi^tfPg*B+^#n`js1jduhJkQNBn@Z=tdv zdAl;g>_`F-;JO`C=LGsB^-%}t#kt@5peE-vKy(L8C02&FbqNX<_LFRy3dUPCg&aB% zQ^}w*c6_I1%!rG#JwTfV+SBu7=vkl?WewTI7XR*OyuPPFp6Kh1ci`i~cH^ZHb5Q7a z|M`BdBrg2tsi56RcGLYU3L)ni)n|RM=1g`_-*4EYTrBsoyjdA8ydP32%?{_pR+_9O z1gAYSnY{ee?z`}Ez+13Vg*WZC?3u&rGk=hqi#JY5b?H5y(=GZ6=th~*fNQV}J1DU9 zO}mo)c|N0k#(k5}NPd3dFFi7pzpGV&or&h-^}`sWTnT9b9+qakk&2zU2XPpnLhDlN zcmOAEbpqWnzj5?ptDI<4yc(314;J(DZ4L#rLDOi2Q5IC4FY+j);!{Zv8p57On+XXh zT&?r2bMVz3f!t~DlM>NFe@Fb(C`(S>HrENuZpxlP?;>S*f@GmZv}X`SHxN!U0wrpg zff0qIf9YN8r{*s+*b}kSD|M^RYHP4Cb(hH;9{n<6w-K36=Yd_4!PXTW9@%F@s>O~t z?4JvG3@L~SU&GXxz>!4c8t4QFGGROEEm|upQUfC=46RpytMt9Zj-iL&*2k;UC{J6w`B0u|cy)2n_ zK7z8S*idqGG!xVsR#u*XS{`~Hod`*7njO|YA-6W;-?MWt@qt^nXuH#%3+A=r=mzcw zLr-5ai*53N=sI%>MncX@y}^?aY`dO+aLh{16sLDi8yEFqN@M4}CoBbyret z5yEI8R+a~FeKE?u8(W=?iTO{~1-2@tBW9MFi#v>)(K>JO^2-jjDA1h+oZniSctwL_ z<)u(fh@%`X<*JzsOf7Acf^_l7(<}lCU6}R+;zr7y*5NW!Qs)Z2zxF=0bHjV z=Q4&>pL4O_yd5UBL|^qcOZ|;^^9c0+l>_~D+HmvL0nR&iY3`-OYVp|iqw88fW?WjB z^?0B;NP-?f(O`(vvZ1>B8*WcazS!NOwUz;l%O$O_?ykdC3MB!?gB&DqG+M9x{udUAma`q$(I)f8dU z>}%1N()+^-p!(eYlTeKBhAa+Ct>a>+v{(@qn^^L{ze|li2>>^NuGPNq#e94#)H7^* zgd<3aJGDx3M)`@70umS2X3ElJhW(08A3!7C6~2@vyAzu^yo@0aQ*BTPa{iVaVwqSk zDckp>(WGX4$)VCV)Y5{;Ud~&`M5LnP_mo}CSy3gCFA}6O*oVd*_hg+;mXtyZKX#g` z?oB@|;6S&~`_sG?Wq-;c0J~CPQ>?|n|6&HRl{}MB<#t!Ia)s#D1v>1W;?J#7M1Kut z3-{0W>%^%tJudBpxo6HX#qpgRr9aYNbU*#5uK0VLwF56i(H(NS0eOi7-}+$otQUGW zA|U-!rd3r|2%6fo+WEL9yi?hGMW7l)ptj?wp>RNh(tTEtv4}(L)F63CIJi(MkF#Vi z!gDo85Ofw)a7sWmu6#+V^C3;deOGl(RnBFI%@5t36(6piQ{7fMH~%nJTAVT!F^(9r zZ|2*78o-MJ5(RLH<;>JJi|?grx-EPzjZqHN(YO6X^&A(vR6n0NL9;~FKl{_;z&fBQ z#-zvxGwsY`m`bacC(?XudG(M~F46VanrmSPko|&a8w54S>Wmr+NZEAfcZCt>o$**> zcqTh!!_P?wGa?sbmAP&CgP)>gYwdu5)Ivk&M1}i;BVtW4nJRg!(lE~ygjf0&!HQz~ z_DiW-O+d<^!4y%5 zUWZSE?@a-Pp$W46Ep37`OnS~La(QRS>Aj-O^Fl^J1P zx`vW^QFmf3h9;D7u#Jh4gaN`)Kl2*I(>>fPe&kMW)cyG-Fep%0qIQOKW0%}oBLZ`D zq#T;$l&W;q+D{dZVoW4AvrgmwFyf}3@L6?Cojhd(St#h8A&(iiVGZ(oc%4<3{)oKV z(vn>NVD+f#VACPE^SWqwJ7c=t(_k5K&KPW)U~~5@NOHD$IXxmIHy&x0YIvWb^L=wg zjNFfc{p`kXd2`!gI2k&-C=FUb;+GC_nqdE`-;r)2iU<5dGa)$9UCq2SplSReidH~F zyKQ$McuTL!X4_*PUQi>0y0MJvSk;!j?J=gD;I098(z%&9zHTT6t~Mu%iLj908*Cy* zSSRS9w=g%LdYdtvIMgB)cEK^0E6i6Y)?0v2ha`c#`?fx=Gq&g4J7eOOVN-g9%be4E zexGyX%+(rK*Jvr2(@E5~zfd%$%0I9x{X7s3dS!JPDbRU+93$=n0@E&8%wQN`ipALt zioXnZ)WR9LTrPpq^^eax|6A@BWaFd*l>}Xj+Xr1CQYlsNRj*#mGJ~+yi_f-U!)6$@ zhqNO;X)uo<)RC<)jkJe^Z5Qdo>0Veu)%$u?uf=oVO<)Q06juw-Z_Q;`C(KbB4(b0k zmCJ2^H7bXHhg;bL)tlD%-CD#4jK~s@S z^6AEe;>Zb6vP!DW@hP&qggQ3n<0pwSn6f-49@tH0EBJRq=UCG=N?nE5-JA{I@Sd-# zjc4*-fU}=USWA{z9f3L`@HxuLAR4v2QP-dN*cj@b`dRn9f}-x}hdF7HmgjjVKyBp} z@5`OPOhj)lTSfmQEu@nxmoYi>DCg-YEu;W1V>}3>>)#^&`bTS$(Xes#LjWY(cieUa zcwLSA1hJahinwjSDe0u=FqHPus7R(ee64&2+n;6hVCo)OC)83; z%ldXD$s(;E^LwA=LOLo*HG`s%NOXPle0wyghuQil$oI=~I6SWWbYIWqD zP*yP%RDx-B0U$6cHzxz3b=tt{Jglp9CgOO{%|;5LS9ia@fmv0qxx;z}lz6uMQlf7+F39&e4tgH5L5q+pKgf#>*lVS~t^g+$clsy(b&&Fm4zXdRLH14gT^D?foU;W7Ji9@Bdzzo%;aC-!$W7Y@d_9L_wd+tJ^xSH5XjShd)&gnbi(r@ zbAP?zz8qJTSjq3uhr0j9$vXJ{GmdaLdrupp5t$6^bBPKXVFgjA zB&)Wt8@0V3#Tgu)lZxc9-;H(I(!xK#(IP-e~QwE#FUkXIdQ(xh6G8*R)>thReV6o?P~|tRIYTV__3dy$*RgX)|VH~QXq1e zr)Ci~T^zv|h=|AVU<#r=MoWg#(+;-_YYvfF1~uy40=yIO5YPRlB991H+!Pm!VIXQ^ z_C@QO%%ACfQSFrF`50fR*6-H0_!e4ZH}_x-1|6x$NjuPG#q*}25{NH#!m zCjcDiu47{r&YefGpdcx2BmD|l)~zV!-VXE6a9E9TvGt-|kv$vlr`Teu7gt!K1WM7V=eSeWXF{8(l?kMrGCLRwA^E>~v4{+#tI# zX5TzhiTPl{CMqU95%a;qOL0cEf0=CyA?TQL{Z>lLHp}o>rp+5Uy}UwVqHSlM)YyNC zveW+>h_1$XvPU$mkTN$?-a*iDd(Jw#`nk$6+(ba%6Jr5}Kx&&_sgb@7%RA4>r6|*$m5#jlzvZP=j>3k#dt_Ssc)yV&3;sVgxS;up49Ebb z0ay&9Zu^nAma7mPj=$uf;V#TTWpx;0N)~{8Y)LI^Mk~j@Zl2JS$h4=oQVFU-;`8mR zwGq&0$rwAp9pCYI8>G!TFP8k7?R}=Ju-CD?ttbl9sneHhpeMH~m1p>P_Z0RIg_B#` z-NZk(>%ShDGJSm0tT5};rvGVG0t5uEmm05M+;Qh;^Sn}0SC(JqfjXLEH6-=?N-n|R?L1GE|{-n5vwCY|}0%RR*c=FV)U><>aZXt4Fkbc8h2L3_P!3Wzx*rY>`aDqI)Hr9LP zKU3Xv4)0yYLzq_NL;@mfwIdZ@%6*#qrI`gbD8VZE4BXPdr&J|(CB0oZyWypKes=IP z5l#;#U_1lK3dO3o9FGQ=$ZuNEO-YSlIIX4hn3}kwVL{{xR5^M)Mp>$IBkIxt2_j+` zWAk4>kiFR35B=5^w$KRYU?6{MV%8YTSsQ)*WERz&=^V8KGzUG=ANxjq4t=yZ(O*IL zstWDFtd|M>eKnBJHb&1IR5miP{@%Wztpj#iV28v!tER|lM(q0>PNgwQ ziDV;dqr9|=F2h*M>)`Ltm_$Ui{lom}xd{Huf5j5`pp2vKYY_pYy5;SDw@fI<|B?9F z!`^slk~gpl^J*fC|4`q@tT(3Ft!bNqCLP}g& z$?TutwP%=&okNf&z?Ox}Rb94i+w8J!ciFaW+qP}nwr#tM|MXkD#YD_vHYegnQvcXZkbh~@@<^4~u*d&?pl2YQ-!lhd;nvIkjDjn5y+DC8q z@vO}#TBEKx)F)bqGEElN7fn+j^uuPH7YoL)Q0E>HxD$Y$Acas$V9bdH0rN zl674ZNwt`mdCTo=qKUuwtGnYe*Pn?;F z|Jd;xx{AghTKqV=+u zX~&h<#cx9f3qR#%&^jaMdF-hhSIL}g3H5}aHgWW^%9T{mEVvbk zk)p8;=ORY~Rp}eiT6&$rs&UnvrZM4x#kQ6yQK&<@mr^w1E(`{Qvw@^56K|q|B||epf!Y4P~f6p@98P#(bQ_{*h4RXw(oEMO~6V>O}46giHX}nQrW{Jsw6Gw{z{Xzht zrNV&0x!U{#vN0FV*?3~-dO;iIYjppPu$;tqtIbnQp30nN3F)Nz2&c{lxV zBL}QQKq-6@hW=Xz5-UN#6yN?v4|62K8#k=wbkb+^Tt+Fz-5EBPB*ZLDDQe9UrnlTp z=d~QTr&qHj{c>x=R+hKAa3L7TFEKnB_I zC*#s{G!ssLvs8AlOGB$h3_4A9PqHnBfdnTV8?@yz0Z>3F10C)Kxk?OBJ0_vg_Qfka>fidBu}rt-t_jF@_U;ZfRGyKU`sqkpgG=oFNFV-DmO=wn()bY6CT(TybXRn z^rjgU@l0z`EC{hqGuSEk_XXAvejvR;(Z<8VTI1L6OfUGe}UM?Wn})hvjeM zJ-gbzl+iKeBnnTv&Y2)eYD$D5uP^;IMx)rFB+n~uN;6fUO69e!Sp!G3q3N)9XUq2OKsg%(TTPLflE|Rh~k+ct?PIVnkSk^ zshftQg}UY`&1*nG+H(ZvLs<*RNqo-Ol2qFEc6gsKEZO@j8{#MHP!ihsh(FV?9XmOCc;I8 zLwxwj`a*tP1lSdwW@t-~c*I|@`LN@(F!}ZIkw3elDYDqPnsq1FanlliO4C^Vt0{$z zCj`pKko)fiya?(3mN4KhIbm7hOTNWLlPD%Z3Zo6JoLfL1Auz$yI_fjkCZjv5#sR^Y zGj6Ak@RDtLmxkSeu^%|Q%Mwi{MP=?Yt)W%4z`P(5>38bx3j(&03Btxj>vF(EnoPXvn0h|!3Glk=vO6m8Uw3EYONZQu+xAYsALq&W zDjK}!NB(}rQDyg9jQ%bBnD&GXuI!8_Z|>A<+rN@rXiF6Rq%f<7W_j%>5Pfch+pdBp{vjrAX%aVH@NXI;XRjZ%|+!rSVl7@tyWMec33!6eNXO z#+#w+cD2F1iBc%cE@N+Y(h67W5b_-&`s}w%qF?*N<@xJ(a&7=D9JZt8lMH>$K0%vz zavyZx#Y-7d**=HVO`F`1^Uv=|`MshB(bx(&b7Z97*;reqOYgl)aM)1}Kv$M1OC!RU zOd_y_bbWye6udN-WUf0KSwOvC$Ef;rR@0C@=5QgKf)JxX>q<ipfJ2#9rb+k{R_CpB!>G?#~}4QnZU;}xO<>Cz%sC~ z+4sjl4*78NKRyeXf6gJ|!MU-^+c!Y4fRiEo0zk$G5?1H?4}7r9jVx_J{{!8F*y!BI z%F5*WnHZ3f{-jvSGbiHqPYy^R8y^{1#QpQf2sXYjsRVR9Kxa4R6i6x_t{>6d^p6P$ zPzI2SKQ@r6i6WVae|utgWgs)!j+dbcg|>G5H^3a}AHEK)3^*KWvLYPB-;x!`LDeKh zz)#hm{q9570?3j2?#l17o9E|O8k#DS%7O}_NipCF7D&vWWqxYOixemTq*}2>rCjS%&lGZ54xA0!2_i8`!&`7P2DRW?Y?f5 za|5%lZD|4aZylIlD;S}XEm*Sy(9bXAf4S-lA3Z5|f_JWCelT8k!AE)7Y5+$_PM`pQ z;^=h$L7fH`I5?JnOF%~q$^2;l==sjVLjS@9a6TaI<{QKO>s=ot0LXyC>r;Tu7~nSX zvuE;;x`%lFJ>gu<+YPJp<243rosGKXg3UWy@DVm^ZWxNeE6{LXoxQ&I*F04E-+zGsci5j;9;lf%2iOHb@4SmK(Zeqd& zRoCpP^7I2N^1|P}@^A%TZJz;bE2->+7&!j|Ni);8FtffcIvbMcdMaZ&a!?eMj{Us% zWbgg9WCCJ=Ab{rKft=ZxivY@(b&~H!re8+Bb^&Q&bmQoM4F8+}Ju`Cv_xAOBabj|U z0>{3}{bq>sqyM59U}*%6p82<|!oI%q`vEDsi=$v*`(J7Ax)T8U@3~jy9~X&=UHNjR z@zF`RKd`I;Woe*Xy$GNufIOC0{g&bE>gr?I>VRax#ysGaxt_hv@l(DJ;HU`slOXl( z2bRSXp3wyogEoy9GySu&;LNG*-PnAzKyz!@7F zfnl$2;I{X%cFp`FQqcAX{_;;2I}bjkGsds+(PB4!!3r?m2p@*uVab#Qe^}#M+g{1b|`zKll6Xdr2ns zC0y{W4u26$-C@fB0%(CeoBT+ox=2|#v{~|J1bBCC0MUMH7Vik&7?v*x-gTzm9L&8m z-{RDxZYBAC`&~*~|Ae{gKl1rcV8i_OKSMcxK=)L+zW*bDf70<)M0QuH0|>aQ-2NE^ zWb1?osK4rSAP?;oeF@x|_%$>Z@r@&w+uDBp@c$rSXo8A+IjP%(zFh@B?EL&Z^#Odo z<3Nu6_JaQb^pHV1Jm(v`5pd~HASwJ4UVPSfwTEtB2pYryp4#tM)LsHkfGNLQXCTCL zXx2deY)C8zNG(zhur&9mQ`uCZB&S8ZG@~aAi4h^XQrT9d{m5hMM4g;*BfkD&I>c7~ax666Ns4jZSP) z8l_9xhT7pkl_X(<*)}-{2{K1^=4q0o+$D5#=AH#W$l(sIX`k>SucCV`#4}|i)PWgU7G|O&t7)hqI3-pt9MGeZSd-+?RteKLsZf6!9FH+g zm!;DQ5S(6}1a`u6&9%#fw`Q3OCP-xv2UWreRc)b_)*FuyVoKH3#B=8DKeZ>5Hgdes z`4w1CW7@*sHJhr>m3)!drqejk7ikIM(u{u+jRuZ>@Xxi#V(NdgkddmXLimtMQOa(V zXLDG=LXE0vAR}Zzo4K^f8&GdJfa)ggo+~V>M~MeQ>M=Hg`hN5D{r05BOIa!Y?hYj1 z4nO`?{g}<-1P!7Ad?&iV4P^tqsE?R z)zPdO)uJUtD%Hgb3i`-{x|DB_2y93yIUx1>_!7Bj@MdabsSgV_{f%T=fz4-W)xGeb zdG2IdS$qyy7j+w6>vqc~0pePYEaPFxnjD_^i6XL;F>P@Yb?{ulN@6Nn9Dtq+_>DEq z{g#lc?-~O6j#fw}3G1Qrd^+-!^r2{qHY|^8z6ca)|tXeedCX*U3x4_q=mL^8pF^hIpxPD@;X^2p3`$^DW%yLtk_dho_FGU`q9vUUU&^Ww_tF_#pj*=| zZWtrDp-mLDww51}p;`XBh2v&YxCaeq*6MZ_rWx6>5)DKEU_oYA#{{d?vzMEw;2DX3 zp*X7$zFK@K^itE0s5=E_p3^A%5;FTbOh!Mm93*<$`D+=C=mVbcW$c+OvOc z_a53(pi`rn-#!r;ks(+;k{23v3C~k^~Z}BA$ z5St}AI0)Ir06xj&%7tWA+xHRT4#c@F=vi}>JMIj_%W`EUp)NYTQ4cNT-L^HK z(vD^NU9|}kejHrajc^=Hoc~4=K|IMpV0*pwky4^*5xo2S(Yy25e9&g35k(+;#w<(= zf-|CeveQR{tqY3#oUt_CRoIU7Ha)HoPXfPt*i`%w<4>++aykoki-jL?qoR88044F0 z*0XV;JL72SlR!cWb2g+Vw%w(eNiW`AQ0^@RE8sMEm5ZnzWjeC1U@A*t#!=goK-EPnm0sKy$EhLjXrw^Z9Hb$5lb=qR z)-EJQe#Fjq2xrcm$(JAbP8%0$2uTMZ_pzKH(>#86`pW?m=xFl1ob;iB>G7pREK0UH zaLMMQ6ZMQ@!@kB<0XgpF*GO7Y9VBV3I+*k27Yw;%RKXwOFBz26&7F9UlMo{LmNk8R z2qQ_z`+imt)<9XWG)h0z_*UFnk8JP5pUU@_Q91BmYA*>pR}0f`p}eGvff#dcf1tHg zEuXK#9)*dE=g1#d<=O3s67Eeu3i~JI%F^y#7R6hsjz-}h!@QcklN`!(9q2GR=qBxq zFHd7AVCUk>i|?O=KkaG3ICwg-)sq)qsh<4XIX@5(;iYVHCC^bvTH9N)mE6i&XR|v? zdr&T1@fa<-1U~2Q=tymNb?w^`(-6f*rrjly2FS-*Y-cj(Ih46X*^G1R^G;c*YWrSr0l{g1`IjU4;VP^7({Yo{gsjG_7c|Tp^#CEe zrb?EkM~kHYpp<+Fj{w|;e$*yLwSz$79nn|=mIQ@(AZRj@gpGY3QN-~)@VlK1EYpWI zTR!g9XZtWgJZ88>o8);>B!Xnk<@on8B|CNFhk0A)T5m%4KDK@C6npahJ0ht?YHimE zgcLUU0R!!+5qY&k&UreIS+KcUqYHj-=ko`>xhaY*N_n3}6ax=(;1aa;S}!UXlF>5? zKctJDkwF~H;&MT&FebCD??iex+mFdi!BPz9iOvmEYMoJZ`9NF`Sbd4evO<_VGc@JQ z>vn{jk`g;XtAeb6aA+?fE!N*hE)c0tl8$etYijb1X2eA5_NXlH8%uHVR6^&A=r3?R zEX{s%cSyI7>aFtw*d$6Tmt9akT!S< zPg;zfC8!Sz4d*J94%1f~UZh_AdV6%g-s6agp^r@kdDHlt!Or;`S*hSGJBBLj3b8LT)&5QUZIRF#{jC#=+g4v z=c}Gj2)o22W9R1Lp1%<6;*1{aHO{kr;t2hJH-G8avc`%| znEBBjDl)CrDwcfZ?5EM0p&y}e*ddnRq^fisq9BizqS4$|F>RU*M1kq3D{$5PkQ|K_ zJZse721c`FAZnXfgUGU6W=(yB%tZTS=ry-0%#1S%R`h0lo4td$;vFp`Er zm%c8Wa^n=uN^oGP&lsWRNj+p`A0P^(kT-0o1j z`Wn?f0?(Mq(r16o2VkW$7qS7OHuW%~t|noX_mwktJH=id>Q`Df3kci{wz;kRi1mV- zSl*?M)(1OlJJYLgf<)dm(#Xz0&8y~P=lUGSw@Q9Qb;$1&{G_Wsgz`HwCT`tfW6lJb ztB)OWrKd;60pZ~2a4988ga6J)n1cxkYN0up>JE;R9kAvo}ksl+*x0#j3yf@%7 zJ>hO=Y5fu$aiE!_3Bs@WdV^p%-g(G3phwoVhCt;1YVp&bC3Y@>#@p<_ZFwE>mYRZ z9bP|w|BuST1heZqG&nBcEOJh57f+LVeL%Vs^?fL;XF{V&_e2KuO_CADOv|Y934i{g z?NfbRJ2Px_Jt{a$B&z=D?aHbkyOkwTTF@;K5j_TmM0gu(#hF3HdI!#XX{PzUEXBVt z06%RttY#mpM}#CRcR07WE%WBOj^gHZ!kdC6>WITd4Bg(@$2`(8Ygrx`)D-)-c3}~apxz%{Z<5%(^C+fWPGBCib0OqC%4e|y7MRs1Q`5BUp@My0I-tvJM5!6Qz;5@M^WZ5tOEC1Tdz-Zp>u!|mmgjJ%*u+cf5LA^uUT z-9ZMAYLk8+KlRs|fy6u9uupg!s<|{b|2fVMX(P75QQGUSkkz9x+=24ugL#=@32~q4 zql$86Rw)yarJ@m7B1zqV*@ED8JM}bjT6Q-Qh-4R*Ry6j|Yc?GT%|F!mYk>gw`gCx6 ztd+n-wUUuvwtZO<(&^)i&60QvIjnAw9pMjbEH`sIkx;Z@$j$&@5x9_aB~zW1de0wu zp?qRE=U9?pkerx$ID_&gd(^Myj8mJ8N_*}N^UA>F`amp7wKD$;slZcg$cI_p(MWgO zpM$f*(aqOF*2Y0P!e2}JQ1x-Zu#mgliufl{_k)@##jm}>zqLMbQEsCIYfW{)QOf&C zk>h?V7H9BQrb%ZqWhc2MbM24yrr_`=^h1n3D6_Wnz}8CDRr-p3-(Nw7*j%e3!$%G_ z@#950^H*bp7K>n*SIPM9eiOu$f_ySA4lHmByEz{x&vMzu&UXyNY!Q}fCvG(MEwhl1 z8^nXZ>b+uy^ycgiiha)~_NzIV1>MwMZa99LVrGi9#kG3}18vzRpHLkY6Wg%fa1iun zvyP#;UEzsne~!Cmrs4bCdRWUU&|v|hxszx#1t;oog@}#4;s)}vq%!298QP;bFnV~0 zIGt-W^Yw__f4a_PaF;LB)r4}r(<20`fNoHu>4qu~x`coU{Co0v*qumj42Z(=ZlpGRSdS0W-Ku&X|qx>OkGGFFY5;d>H?5cy3@v0uN4;U|lgeoTdn z0H!wUalty~+jovK6|;PXXr#T`#1-EG&^F8R5O%RV4rtT1GZUP;n7xm*0jj-x2k%oo%yC z##gUv_~-;p>+-24>RVKQmzf?f+y2D6@AxZXg^6=OHT-3ql}>A%LkW*`Q#3}81HP9i z+|vrCus(6v>>@}w?At?tCTdVgsPbJ287G7Mc0FM=Bpl4f=Eod!6&AnF!pL%$d1&rr zyj4ufRmwL&^n@4tDCBSZ>dEPDaPX{P%HjCoM; z!{#(+C3s?9Xm%HlWId7h9y3q#Gbwdx-llbPsho4ZzaIk8v}w}gN%79JV3n=je?#m1 zHNcfE56BW_8D4+2su?Emhl&qdp1ckE0-1|clX+-sEFp=~Cjj13BmNhTkFI%fJTa&OTXOKZ zkaqFmco3;v2Aqg5|D%h?)@>yw|`1BAMAI(CS zK}irqH@9zVn3ih2euT&W(UB1a0mF(^&RiJd>D4Y&(aB=%um^BySy(u4H4r`EBA)gz z25P8`sh1H(${+-OBJkf3;*+G)t|9pw)l8H}oxx0Bo=3>F38RwlWYMQ_P?Kw5l+k5v zJS5g>8Ik9R6R9tPJq$%O9!bp4plo|+;-q~Fro;7uZgTxMjPgKME0GvP+{lk)pK*nK z!ySbqKq$fp_VG8ZAP?MNp6#})Wn4sUaXI=Kpwa!mC`K#p#)cKU) zUd+w|?Ed=kDh-=ns_K5Yj-=H(`+0BiT660UAS(2FjT7pvWFf&_-Aa%uXbLl61Qua` zGIchF$GwcFyd=zDHX5Sl+tGh3*K5~w+JN@X5Pr={0z|aqGL#|3anqd*iJA3G!N*x=Ln)z_l!DthKOE(v0qKEKXrvt zezZ5xmLhNdwa=zYonRIvg7sC|6@GU@GiHlV=}&n;aDucSUl+6g11yNC9O)n}$8X2f zu@Sk1^RS8DNmCz;!49PxydUK4LsPOj*`ZOt*3`xw>BAiOG%Mjs?eHU@TX~l+c=v8G zj&{Na5Mr39&$g{DpDFWJzGuq$lN3>V=w31Y!y)ngMugG-U5^`Ve)FAJjxkJ-yA)zs zs8_b+eaK=Qu`LQGde>@p3iANcd+t!6XpYgxDT_sbj=S@L#c5>(J|)lI;N@q&b+ee{ zT$wA0ps@}X?eHXSc`r>@-NyF8$#cYc5$vQ!W?u=J`U+i_spDM z+VOtFM|e$1l8wJh0lCCAnMeaD>>XlcTxc{wNEpNii{o{_p7FYzgGS!@I=9T*a{yhP zpeLa#O>Qw4oxxm(et0%8cxE-iuVWsq^u`c86vcb|IcX{-c_Brx&r=P+U3j|q^lo_O zi&j8p2dR*4H&lwlY_&PB)}>z@8h`7C>a&;-L5t4N&`b+*##dPQ+Vf{C(tDyiAWZjc zpmq+3y3|k*mSkk=1-aB^R}i6;I{z)7v&dmGZ()YK{N5F7=(UTzeYg`j6g$96TT4OX zX%`*b2W<-iR?%~oq*`yZx3(A<4O&m2W6_7QYi(|rDTa?yk(J>>jI zJk`&2AmTQSQ+>O}4c70nog|q8?Je=kD{MeHstAgoFKXl$R)j{erS={b&AP)Ts9ZEv zLQ@K2OQfzMk3;?EEP}6XY-=M>1}$m&AjR}~>gcJfepE1g7KIdKZcTJmdPt*ch2=^^ zmQlTtiPRRxCmy--AS5OCr=mwGCSIxNcxf==i4UaT$5hO~3Ti6h`xNJE^~rATJVs=_ zH=$4>qWD9vR8Z(ZyYkb;zKq+s$Fm7lfjV-q{^TY@#Q0yvD%``22$+cAGEYvZFA_Pl zZP{?qP-3dTO}E045=2MhSZcnv6!I@G-77@y|MJJZ?~@4d_Wm{rGXlYYtmM!H)VPjr z(UH3aDACi65t%_x!W2C1?86o5$kd%V^QK9WM)P~*x1|lNl&**X?<^Q-3nnq`Qb}dY zVE88llB>ARRTVPOB(LV~>NphQZzs%N#laSf@sZ8COux|bC!J)-+wmAe;7fx{%*oEd zRr`Euq37qu}S=YoQAh)&v`dNZZVDQ`bpI$yPq`uA|`DASyn# zL`C$d2RRC{D=VJ1e}_^$O&D+FszL0ZZSZVW{FC7i`vnE5oNmtn64IEZK>mQUGzUDoZ86Z7M~;=FD0tH#s8bb>EBcFG zpguTHZ7YQfR2+*Wk z3#pq?F+O~vQ3idi?8R^*3iU>Lv{R^;Z5H_y0d$3WN`>X-5Y1rbg7Y#6W{-8P z?879lE3f64x3L~~`6(*%KyE6jnlb(9x=9vKmK`|bHMNZ?_AMfbSyP#`Hye!Q5moanoN$E=&{W_;Y+-4{_o>>3 zHdf#|?ipSefe7Q7-K)((pym6p88ZB-9fJj9s{#a{-axsp&WK%ZwQIl`T5K#W6KZ|6 z`?pMIh$iSX(W<^wF7WU${V>WiVqoH-P*qsr{-edadefl@O1lKy&RUmOi3?p78s3o@ zctJsxJLQ!Vc~xifX!g$TF6*yr)M&0Pk@cjPHE1eW$Nnml8e12PUNhc$aum}1{c@F@ znexbS6h79GBj-six*v8uQDJ=*Cb1idoYH8#hq}I!lJj5eI3UPc>r&c@l&$4X{L82p z-nr8IA6%_W5L#*K4e}c+J0IZe_$QR+!EZ42Z1FAK@K@02!%Xp$4OoJIE>%c-e%t9d zXgQAP^P8ybUeR7_9+n+Z7AtIiyq#_Jbj!9b3u>;f9H;<91+%2zg6qbeoFB!B8ZGtIay@kl;k}anMe!-7)gsM2ROt8st$&x%G5pJsOhHVq`BFy>V^}Pwh7w| z!Vv=;nuEx}o+~5Bxh_Q6qK54pzRBkvNIl>kEg1-(#b|PX?Q+9K^dWLZB|N9QHs|U| zG#+*bKh}A+6o)S2Ez)lTdXz)z*>Q)#m$VaYYJc>xf(uHwV>qPc#f^a26J6S8i{L^5v+GyTg zb19$MztFl%5gOqk2|Oy-d~QuIV-IiO1}m@*hh~FE7lW%SUHZ!$zt_*#l&6=1Y&Ma& zT!i`0Qo$rz=DVN<#1~{!0!D76nelchtdJ1EZxfZ6PA5urfv1r^H^IV7!AoI ziwO{am@YD^t#O()JMTM-XTD0m&y@o|Ve;FpUy>Q1%j-C%pcDmPLZ6B6jXC_?wD6uu z!r*QZP7_aB0oVsx9qN|k291#c6`wAFuc9a#s)ki=^tfbmVMeI%=+tDRTi{;wv0txO z>PunC9eoM|Xw{L5`L?=wrC`fKW?-anxi#NQ|*` z`xhrGWcvWWt0F*}$I!RL%*Z%el){RCLlY|C%8~R8X0g%^qUCk)ST1cW%_wwMn6?;- z>YRmTWhOL%9HAfi${=8JA4VK^SlV5X@R0a?ly_f82|H@%n6z#)tevr89e&WBUGWY) zLQGcW+0FcN^kmS?YLdsY*px%#4Wv)HQB|`LP>xo4VJ)&ZVb?U`Dfv9QWPj=wt+c943K>tiHGzuxYF zZO(VB{UZ8wSlnsrX-rH{pYt+gwn5eM4FEhE;_b`?7~P_`T5<6Bo2`9$*NL&0b+c#K~Y*)B_qY5;WW*ff*FU1nV)F6v67NpNW#Ac=btKF() zGd8hAhh%Pm4%U2YKOs^!9AEG3tY=f!P%)>xppk&(5!-qO3f=P(8kyv)7}QHP_7o^o z;Jg+O{M5<7ora^%VqN}7Zt=o*g*-w8M8bcl)WZ{2jMJjc1oq**ft%Dbx(vP5BGRq% zvaL#G~%jMTRu71~>vUGeh~N7p&!7k)smZ>nmQ4GFesFNP>DoIzuL+5@d0; zS`f`F@&hrk$0GzNsA*Z0}2@?K~o>@Zm~*WZrK*^H;I`0?KDe zjCAei=mpFdZC~XgJElKmazA1oWtpR^D4ri3nNVC7dfDtMac2(fJLMalK&oe$XP#&} zf4_`c9HzrVZnT@)g}?Mf1Q>J18gMSw^82mR!RY}nYKIA3?{{!fJZ&a6?pB+Yuw171 z^)i*6Hwn=eb@N_!x`8rD%h(~S5)T!Q*H`3DL4U>5EM49_Ct}ffB9fh3ue5` zt!`f&m0})tg@A2r8+MlwlZ=EHH?HnVptnjt?DNQUNqC%3_hFvcBNWVm$v!&nCMR!B!c~nD1xBSVVq5Y zHGHKHe9}1{KFp@jSC9s^-olT0w1E|@ZVD*i%#yi+D_fWN(t^*@)+*0qaZlV3MrPG${$JaWvj;0P5H!@^eFYLn{pRS zhb{%(2rrRsx3v!-;LTYw9aKLc-pG@@_uy+}+|V_UBVNf!nIrljy(~EK?l60RGo+x5 zvZI0*kVnxGkZT&ofm5?Wq z>h(6h)S+)oSkR=5w?UF1!e$ojUrw}*m}yCMI~H-P))-Q|d#*&=Tqw41N^oc!;-gVx zB^NVAtF1$?0B3RNXo*)=rSerQOz1pE+)dTSZ%}Ya(f8~IB_)ITEhl?P-1y9tF-xup z>>LU!k9(l#F^glh^@XA!%w(=fHg!N)+h&&~@H$>?|3KTrGA%f`my=(VQ-HOba!*f$JTx}n$FRY-rdK6;-dgHK^b zn@Zom$39Q4fHaapMX9-xmq=GMRl%1yt#5>7ozHh@T?BorrB$s8YEcLFl%>$^3(ZG} zysk0@R1Fecj2mQ+N4bFVHT&|s=-#W@KW~Bz==z%DSzxwhl~fU zZl+c8*SM2P&9*Yq& zUJX}E1iun-yHYb{n=oYazwnv-q=yQgj;HU9(CS7L@{pTGKL-yDwBll11trr?c^V?J z^Z^hC-VWJ;pSanmSI9H$Wet{n`~gF`)CG>~j(aS!4x7ZUpH73;lK8@Rr?F+>Fe=;> zEMoiHV3=`f#eDKLLhPzC*czR`-qRh`l+b1X4>hd;9>N=z{$bRugT9z0kqQ=0w&ZG6 z5u0^pzJk@vQ4wA=Hs*P$c89!faM`a0h7g$B6Q@OS!whGAx}iIMp025l-r_FX{mv-| z-~9mc9kH0%!jWHuC|rkpg|kQ9^_`=Z&i#k7gO};V6p33SjF*1It}rf0+$#(jZ*l-| zg5DreS8!vIl-6_PDexe%6gzc08fq@4#i9p6nrB(`iuo$(nrB|r6oO`O0nZ$rgq(RU zr~9l^LlSH}5#>P%#4T#C@-Uk#f=tv=kVBg%3tHiZ9>0E z`YPd_>&`uq4;5#wDAdcxcbP3}bES2cPp(VJ=&u9#5=^pZNkY-#&1DB$}Bb7D3PAx*KC*i6ki zO(NAM3NGk~${AMcdajM{%PmaY1O9f?FPH(znoL&Z*L1s0XkYP6W5_>XAqRkyFU^nb z{StLG&T1gZ<56sz`>@xmbgqsl)BWMVrDiFI}ag+Yu zb^Q3?F(SWROCAU&5k-cmZ5)3&)`fDINlNmK{_R8LV8)3KBHvsO8)~+vVF$*NtAaCl z9rv|=m((?S;F?kCg=qE_R~TFIm7z&#ATXe-?0k*}2RJmcHY>dBiyM2g@;-OqLpTh` z#_t1Lx^;Gx^m``jFa`yU@$){_YB2rzWe291up<%R+2A?OWrKe-diZhBDKTm`*00op zy%gaMv!q!lref^s$W1H>qgsEdk_rWwKvr>oWt3;4BN52tl|yl(6XLCpsBhCl-FeIy z{i2sA^_4>9Sv(233S)uqOvFl-Mbi3yrHpY;GvTuZ$x*viD2;z^yUgMhG#Q@PCaNf- zUYUEZW)fh?W)`<*AU8qH5fyiV$E+UqgSQSJ7Td!{&pvc%A~KKp`;Z5bzk}_;c5Ddj zQYTCS?&}zHelqzBz7XW%JrdCqVj&QnH&_lT{uW%0fK-g@o-hj@*-^ZSKXbJZBgIta2iU=hgUjs?P z`R0Q6n^bdQf_W#jX&qLU#=n}#Seo&^y=21fOUqgQ6fQd{P@tz5^Uc!DQOYZh%_FzHE zU(h-pk~zDcR?GR2kFu+K2u{Hv4`6;zA@(!e>JSpM9@PEzss_+M$?0Ih#iX;k0l{0URo_THul2R@y{v1qh;uFNB-_^r7(G{yWn*;;s8W9DIH#L z;0bYtcJCwl*iueQE4_Jp9Ss`iWjFx0YKO{c8TW%%5_J{F^*eLU)KC-H5gmQCGkaXt z1TSgnay`QpC_C5pV~_W<*-;exKGKI;mxbnH1n*-T&7(AQIoDvmf0&hN3lr~+^m240@UJiW;J|V+YP9t(Yt9OnFsPuHPHzJ@UMVWQI~p-r z+U1T+$BfF!$$W)LkBUCQ&4{EQv!q&6yK$Ycy}60PM-IKE^Nv!~)9t!_4b%U^@lyl_ zE}P9x$?z_xFa8f>=Mbb>u&vRu*=5_dZKKOJx@_CFZQHhO*I(|k&DU>mBi`T+-XtS3 zCmCmuu_N<*doACu2DWc92vaeG294kIgxuRL*W;Q3;p$e37el+>ou6fD)9#Qm%X0)G zZEGrmHVw-8IF)CIXl-RmZpimZC50E9F4GpL93^41&1`*`;QU!6VdzkT>n6XaPSg$U zCzz4jgX3^$UGv%y2F*NdCkun5{o5>XBXT*m`Xd=fH@TyIo4FzX|sFpCZu|A4s}Gcv>B`z)`-sP&Rg97E7hp+ z;`CCmRR4ZX$)oXQbSuU#;9OsRu(s8R)Gi}&7gW_ z9=}!b4o~HC(N@y!`<83O9tY7J`gu1hMVP8Cia*7)dt>%D8BVB%;BKyw1ITs6N_2~N0JF>aDq{UI zTsn*)Yy7I$YqWNpowMrlDy+gq zibfjrXO3+(;|oF5x447q3Fk>fm&2yC!cW4o0yGKE8B!;KaxpPn3f7JU$%u~5>{MMO z*MGpm0*WE{`S#6hEtNpF&NXBCg6*(rzk5q{rG}?tkqtnLu2rl{c3W<}$ zsa`eSaC!!Jmj$QgQkkwojNO5rj8sR|>Tr`zdxR5jtQ*FPCnY`uRvPh(qFz^FSK>l* z(-9{@yrKEtjRi|8rA0MYg?T2SA@O&iC*a{ht^_p+(VUm1lg^FUR$cq}K&9?z?q{hR z_~v8fZ8Hkot1(a0DDydq-}W-?Z3z`^x1D#hkj(#{0Y!FCSl>N7M0=U5SoI{fppdn7rMYO`y|3~gUa04 zvzL-y6X8x9Ck)vN*5!1H2B@_5`jGX+TB$|d4npowuCfyX4VU{|GZI#y@7_;+zoBn! znmS<(xe^lNV3Uv<7H^Ez1zIk&m+(}=?9A}zOngXx!R~8kmqmjrYtPB#`l|*Qk~pwMfnOK!QvRMl4NoE8ne;l%OCqXvhEjulpU#5 zCQIfmtEp${t<221Nc332Xea>-`M?dFEf(|y<@T}7tRC2Z8cm3Vxn90Xk!CHCN)%vo zW%GS?sRv1JmP8(x4s_kvgtp}TJIVDgc3r4OP{|&U&xB5pe(KBr*WowuA8O)^NXPOW zsUD;6u7AR(9pb@|c(Hgxj&79eFQz?et3f)w!3&Mt2jyIc)^JXi`H~zRtwpDk{FT^T zXv3s7BX#lSR*Q6~TcYJXQ8CuD071BU1We9|4je66EA=9!7pvU(N`k;X{SIkWx3PWS z95&YdsU!C?R^sM1`IQS8IKDL+5(Om+wWh;zS;Ys8tNeBZ3!lgV-)r^21&0p=aT^`+ z%-f)t(iLm|oNSbq<_Gr#HHNW{FQW0*5sd_2C8upKcUM;Ev!J*rts1t3$(#zsDQWq) zSyBNU+75wg_dkTOS=?Gd>&rK_MxzNx-+$VYNHalmJcun+)3!-As1ER1a-F=1mMv+SX2mj|SFxgZ zA?XF{vPs)%I{jUeh)E3d2JE@L>BAJG!obKK18HC%V=>@r(&k9*VupYG0;MXUA4qo2 zqZW`jlZnotlm8}k;6*=uq$@E!xDrJi|BT@yH{y>`=7YNPXb5-{lh_ChBs??^=pE|0 zQT1u9zb6L!%uLL|5w;S6t;3aSDM$a5aOEd?pF$yn+G4~#1~9xoJI$&{9OXQ^#vjp( zu^i(YGSMqD2d9Bffg$c5JI0T!=f3iOnBX0rmM&Ssw&80UO4hzNqNjgYL{efnJysyG z5*!+df4#}O`VBnTn{(Nrh97zpr6Rl^>ozxb$acq(igfELwdEd}(s@|Ko&GYw!pq!8 zq%^~A`CxXob334tyqS*GrxYc!csyQFA|1;s1sEG9I=7JWkJwcu1@VMcGu|F!Wl7ZP zhZF{4i$rq^A>fvZzntPuP=k!}qmSAu@?}gv{o26x#H=1q#|bFilW8ADb3;f3IT@xV z@TZo*zA_cuqmPI~1PO^)+t4W#4nFR^UK&KH#n>QQnhSCEvO6y2F(Gp?|1v>MlEH+- zgBeyzXqXJT@ohO^Fv8k-b!G$JxZQme=&ygu(SDFApPKw~Htl5Bn79Qy+S15BXV(ys zADLo`x=a&4mVVrZ)Hr8~exATcQ@$3g_s7LE4SSK#Gbo$VbD=OQeFtdX35;Y~bB_!YRy0ce#1t1}kyz^(E2G|}8V z{@m#4w>wJnGTc#mQWlqHQWxBMiCe)EkV3rvsH2rC*l>$h0q$xX6L%nTFXf1;UQX%cZUPVU zz$(4DiiQOL2nTAb7?bW>P89pIi9w0@a_ldfJsgL=)yBQ>!gQEl%OtbS2Qj)oeeAPm z9SEZz?+cdMC_I+dTdg)t|3;}Il%|G-`Uab#{Ro=}A6ws>6*sdl;19F9w@W@Nbhw#~ z zfflqt+_g|&th?S9z^vY;iXblIN7VH<6ZeCe)Ff-Yxk>{Uh_|(w7#$cE~m95CH;g_pPtEhHRJIy)F06r7!itu3aBt(BS-pYv@X(2QWY zT#=hlq`s}Rav4`(4x7(v`qom(qjKE}c!!e0kMLrEd~C(!qfC$dF+EXN7phfEDs~~Lzgu>T6Lm&Ey^#&aiK5w`|+&e;*ByyQ|{%}P!ew3~5beQA?b_Eu#HQXu?@Q0g9B#+seX|8ka5oZYc-3%)G zG=8TXgF-dB_+z&$s zK~(ck3R(uT9L`PyZ;o^nR8){PGaSyz2Vt+LbaNF-LsJY6PvQyYo0g@L-RwADu5PrIopBFw0(2hm0S+ChAT5gK{Eg>yM0c9a zsr8zvwXZ0-{jk(06#4a!HLQP&V#z;TJsJne@TF#0g%y7ux%6-g^4f>Mkw*PGr|*%# za>(f$=C^y9gQUKUEHL6_=`bRH`5-=Gi%lOoRigM0a%*PweDDS<#^K8!%^hJ|*`Rmi z;t4&E)d@TpcoczIw5|sZa~sFcWvZdGhS=EX5)bT2l(-&`o-?IeRAeKMetvdVz;o%s zXLWhT>Z5|I^d@*w&q>P{Ask^-zwBm~n0ryr2-2K+Fzd%C-4`+rZ>aVncI(&Wh%n zwzN`tatl=`(G%t9WdpP81ZQ)h&h4{!_@Pt5;3rQ0t1+?VR5b|?(|KXJ;8cAmk}W~y z)b%&-gU%i_W*IVVQ{zJQj4EmGt79(Xx0L)U^$$x#13j#V>R1~RxTUw3EcxGtFq__f zH=qRiO>K_|uM+M?(&MRi$Z@e z3hsQ*>zTrvjMOxF+=xAdYE{&mIdmu$L0D8QPkuWGSg{CXG75J>qlhxaRp7+$x2&rkHzHjMBp8*`|%=Lh(qG9*wX zYb0a)jyuO5i@-J^L(kO8>XZvg7bU00F}m4x(L>{96+K4dnWN|DpAHpqS=MPBBcdOW zTkBU-_L8(ebhnUQ!$NHfX8%%1Wr7b2{k2v&Cs#8;^=ZACv89YJ%Hu&^w0wTx3Zlx7 z8c{9bO+sGINuN&qvKKKPPLO5BiiZzX%x}j`Y{o{GZ8ibL;Eee6k7Z3KHzoICg!ft- ze*cmcn*JU1W~9_`Ln6b7g8UC#=n)uck7E41p0$D>7;#nao-Qx)V%ydcN26U4Ijbj;CwVoAA)6VQEA=N)a@rqQXxGKoB6S4LoEz|9kbD2!qc%c z@>Xb;Wp=})iVTt?$HggN%&Sp9p7KKqJpKZD{p(?zx$SIC@~%siDB4ow3Vy2)jB1l% zi-;$`=ne8@SoyJGm;garJ~1{P16DF-&!V9kzv(b|cw`yl9dIqKj{mq~If zn{p;lg{Dwt@@um~47S_wI1QJp3^M}QOfH%>EoA>=A+S_zka>G<7xa+P^SPE`J<5(LuMBGqHZ*j(b?S8)?n130S-@H23 zuk5goyI7#~<^>f!;(QYb7@`9WRI>gEiLlThB=VlWU8YOia8opeDM50i0XoMsE_~Vo zSUI(K*1e)KpxLD@%fR@|+*~TQiOnzA5Yihye1DHaofVBef16n{X6ooY0nrx=Pa-LO zh}Kg6A{S)<=>P?fNLFaPUW3sIK7#HTf?7B#^j&Jfa;C=f3K!id`_r?#eY;t0%K)$a z#k@ff29B9_EDOn3ZNtTJqX)cD7wZ*$b~(St-fDOLD_Aa^6EZEIXQP4YlXbd4nSxE6 zN5VktV@P@ZUC)`3DlaACF>aF!Cq?Tx&GFYLAsp+G1bAsR9`*!TiOmkJRTxX)*F*d&XY~gx?tl#r#99X25H7Q_3*F?Eh-!bt(X_ zlutvgW&Ex*q&G_c1J>3y;&ILPiZ7`&5OJu~5k$8DLrn=I>Bv|wlB!yANg8dTPxTDJ z2g(!4eL~U*3zUPm+j%kT5?LPqoYp&ru)AK0Nm94z&?R^K$As)lO-!|fPWkF@KTSR` zM%sb!X5eY7Y5%BC_bZaec3nEOBskErVs%e2gA{dGDy7L^ehQ-A$RF!BSnSG# zX#-a86F!*LZNX{TZA1D3-=XN)PM~f zCSqNAitLHW-Ezwx*VD{`W+}W*=l457vBgJ*) zexpa@M@I*{Cg$eIW@su5?HGevYu9&jF&T!9f+fWQ9L6sP%qPtt)0e5Ox*J3|hfj9dx8RwJBSp&lD!+C^JLj zJohOPUmvi0xcWLP`flIDnjXI+|>@mc)@+mpgFs5o=i8^bN z>#W*cHj?(yV2%c{jiJzJfs>?9kNs)k=#KSfgre#6qmVXODh2%xCwXDTxCCTn~@k%hjP^8E0tr{&z2wr>53ca<#b4Fj5>^OKZsAh&NFehX|~e zXQp-duXbX=$bbgi_XHR`AIkRPqWS8*v9N--1n@_y(P~drLJ?lVIkRdBVqj;-&`@GX zDjP3Mf=nK59F4%vCSF*L;5Y_D5^DF598$vl!SP^$B(|qOzbMmEgCZ-@o;S;TT(w_M zTZFX1BL?WhKky}wjiS3b8S9ke^I8LegF!@iH_NlcYx}`#Bp0v7JBh+9R%Y2OpY-+W zFNdQX-f7n0=();g)FZ~xiZAz*zD}1Gm_ZfX;znQ{qIv>+U`*1wq*-3v2>lW@I+xs@~%W1_4v zS4L7|3T)8zm7|Y{tCACGOxagzeM(hGE>+eGVa?|F?B)YuNYe?s87FSH*YW$T)B`VJ zU+?THe*^I8U9!jOemnZRl~J04O$2&LMSe>#hi9*u#-J*Ylxcq{G^adu0Q~M91oYQ$ z2vrhpmt-{>dGRAc`Q1!=EE#>iim`^x= zYrbNaG%pQOa+8m~dQ0AKRKN=8xlNW52?kg+2kaAFq<7AX7ze9czW3%Fb160$^eFO` zEm?D|r7aIIBFDKtQ(mWi>xAa}XF(3wA`3U}!$2AF#33x`f<7^rHC_A*C?Mud?Qd3K0XdFy&3yueMRQ9g zhDE&Pus9~2`FQ=vFGngCi@$^+aCFEIJTX72j#c-0 z&V2d^srU-6?p2_wl$)gHTHW_j83(Vsjjw(Em?Zau$K0kr|W)T^5E zBFXaP`Jfp);$yPAesS}h+l-JmbRV7Y^PPi(--l4xdI)X!R`(U!4oA|} z1f@`5-0!fhu-e0hAq6!eqU;0>tD{d9$NCkd-^0`v7fSe=R#M+hKSp%ER?2Q1qBL;S zNvGG*zpPH33?j54LPuydWIwt+Twq^X%n>0lrr6@}$UEg?Z>i&WS` zKb!Tk1kuLZsFHiee25e2e8YG3+(*pn^$sLe45n{=-VS=faeYWp-0k-`lN8E{vbM(x ziW*kv7xFjs<_!DMI1IP)8-_l;YiCQs#KW)RDmQzM#DpUG-Ax!GEFUcjX>RgGVjlMnGL>2 zTA>_PB97DjT!oIgy!yrMlvmsL8l3aISn4+NevK!V3JQ2I(o4=4d(mR$y9l_exw}*4 zLj)vL_^@c{_O1>NZf+G`S83jqrW}raiqX6NV{6;2+=q8fkYi+MR`I6L)$GSa`KQ*W zKJ$)6k>w}6r!xW%m?uv`(7CCFzo##$Xk>Pzt+eC)szh^;zCnWC@6r)7xYg{-i#n(8d zvbeFaP{PQ`sAEz>r0&{7jH%PZXT4nCvupcf^{6<(Tw$a_T@6Qi>uJ&W#O-%a~9Y)0rZ|A*dqg_KtfJh&CzX{&dzD{OD0J= z$oL%P*rt7V*51c;`$N}oCsO64@6aW!dXyjP9W7@!q-a!SRf57cV6q1J;Dk{;P30c; zf|^&l0?b8=Jvq7S$j)6S)0H)B+1^^Nh2X*6`QPG zfNZKV*tO#*V-AUX=% z0~Z1Mew9*;Y}u8c>N_X?QI)LR&l#K+^-nrpD)089l5fz@{6~`*KCBR7A%j&Ml32mx z4*(Nam9tcENHETK9N1nHuTwr?A+ZHS|9H=xD-3LlB$CE-l161OR-7?Fabbv8AiP+` zO&|O3oqw-p8Rwr_=>yQ4?GkgYD~hv5qq{ZbH}X|tE3A4u+=Gg%_AsG(n7hr=bJjoe z&GxeM%P?*>*~+6ApX?E2WmT4C4m0dRH!ITO$^Ez1S^v1(@mHwaPrZ0MtYx?|cTy~} z!244%RKaS*e^g%(eiT7r#+mx+O3Ja^KjMualiu&p_N)@+n21Tqk%N%~Jk%_>F|_qh z^9A8ixvdl_6S1O)hD;yTxTyh&Xs^*Ax`%_|^1-E_?J;mC64@;Db_e(W#JVysSbXja zl+~ec;7+l3J)w+w{DxZw5d)0^gv9Qh*>P?x0~|n=u@~V+Dqlcm?PZzYmAca?#-Wou zOS&ux^oJ+SDb7rFa`m^)Jj1t=)tIT~@O49Ie6lcU%xr_sspINrQfd8|Y>cQsOi+sr zVsPcqjYQd7Ejs3Ehi*nHqPBl8#p#9}KngmVLC2KJ5rnhuZ84h2o0rpPwu>|vb zk09hw2~;X^^F6P2ltmI0m{hA|-A~4fP_^j7>Xz|qI=c~ah0}Ex`MwN|UROxN4yFMAG zcNgmzn1`&ATrU+kIe}7-6R>=jdm~;e!?PGU=b?s|`tSyVnyV`r>+W$LU45+ghKxnF zs8^%z#TgbZ(NQihZwoBLZ8=CSjs)asinNu^6zQffdytMbYkJjgmj}*Y)d#GX+{?v3 z4J-K<&+o#l2ROgQM!TLC%ofy=*N6lvv#RulkF}Qx)&i&8(hV#FP}Zh=#WP&vXU9o) z^eVc@hs}HzRHrt^i|U#Uzpv*Y>|R&|p<~CLmn7U{v^l4wOvOc&;;$t@)2LKbV+>?D z_Hl%-dt;-QUNoN=@@4v!sDiRVlyU!nLr#r<_(`0IVvAh?ki>j~Q8N98iEG=4`_H9o z7493TmJg#62l675g;3)$p^r+FF{DNhZYW*)Kw9SX5P#v?GJU!MeHVVgxu-6yK@QaCnz||au%v&`|7n;d(UR^WDPjR#ylb`qtG;LY+Si*MHUlh z$=-jG;Rqs_mC5^-fZWvl5HeT@%+(aI5Ww>`|pGntA*E?59bh_;d^hd%UZXM!dM?? zzA7_F8|jDT%j*NH8Mlt5a5Mpe@ADM{JWHPpU@p^;8zKJIEiMdzVc<6#=YDLlQ}LY> z8OGjYL$OmRw7G;gB|o(6Z$icj;k_&$!;qDY)xhB3OEliGZnd?xN|5sxsPN9l_2!G3 zdnENprR+g-F`3UAJS*~}9olbn8vk_P(0w)x3S<>>EoAt!_gsD7{LsY1G^e$T2gR~0qG4^tIG_!_Q-ON z4Q1b+#%5OO91720wC~py_(xdsX3u~DPra~mu9<3OIjkJF<;LRt#fYwZK6VA_LxNK4 zj}ShpQ7yBX<8vJmcdv0K(kQWH>)Fa@4;OO_waER0KSA_ZbR0faxxi zXwrFYut*}7uI=alY^YhkaXnCSTLyFQtp>g2>Bs#|D-Ouhbyr^Lb&O}Yjlx^(9KzAGM4f?{E|1x_&sS6(T*#qSIk)6mOh1Rx1=LQt5b&`KBFaN#s?QDx^T9!TgG{%}3R2Li*P z829`OL^P^)qmXN`w&{~D}@ShOOt$Mix}z+k9+NJvN(Cnz1dy&stc!R&(A(N~3XQG1v-#ybC$ zEYUg1P0-ET#^U!LkOX?X1i!qs&Z$k%3BRHEo*{$o1ZqV2OI?b!=a=3i(6>mHv!F~k z{p9aG`O*c^SFbA85-~S&%S^7iIYl^HD1OXmPvz7lv`IfT%{!epkpAN3Z$-36JHIIB zPpX=%q5zTk_+#FU8hS;yU0hC*Irp`Vo6xK{o6?d#JlxwE{{yubs4{2nleb&Uh;j*_USJuG^NbEXIyUP~IXg_vvME|-Vx&S4vJUD*T5pgdy(k8_-iT4K}( zK_DMSa>)9P}U7a{Yv{UdpcniB}xf7qc zYnzPw0yV9laFQZEckho@sysXBJLlDY3W~A3UoUUzQ0OuHwlSO31@<%T4+p;6xixDu zP@W1oLkc}~CaP!MhLQQjnt{KUCMOg6```1q$uPX~&6)F3w_Vv{bh^*O#=Uud!^d*H zdRV%M94Xz>{)?ACkktD#_C+eAj@_w=SaUckmW7%h;T-sdgLk zLZvKxebn}`@vo7vvfty8ssZs0sqhuW)}+SMN=u5}NX!G$3*Ga}(HM-H2-fSygssGF zU4?fa6`v7hbS6ek)dYFS`_5TynzsGXla)h_E(Dzkn-RxF82E*-gCC;!1on^gIeQ1M z^4sJsF1?NWI)JpDnoX4iMFu!K?RrUyX6L0e5-Li3tOQR5uT~g3+KzJ^?LXCDC5xn< z)zmTuswgCNHIPL;(YqaP$ptX^@`o(#Cj!|7nyBdGQUx$$yJ2Yo-w;`{myPr-V_$F` zM0OMzZQmPR$`#sopeUIUqk*U;EC#(Zo6D2Ay5%p&{=1+w826r<4IP-YhK0ahX#Yvf zN>G_j9Yx5Fg5p;k+u;cPq;AJ*$_ss5SZLiS5Rj{=C$Xy4#ZmqsmqLwXZyBJ>WRsG?8 zL%dfMLjoLzWR$=-tz_w8b@qdPYS$M94KIzKo6Xx@)k+(sD9oQyo+WUECi#bUK{=Qq zyk=@O@f~^3G1eI$5MG2JoycY{MP~Grm@Q)~9%}H`HZ7S#6L+Bi-p`O^ucxDN7+h4t zg|(aEB^{Z?dF85)7NQ?Y<2U89(wO=*qS>#24k-I=KAQOO?2(M^yGK-KPx>9Qv^-VU zSxwtXP`A5yt;+vn|EAFEj?q3ALx63Y{lxJSvk56Dyy*-)E#oA{mU?s|`^l}{;AyzQ zJ?MCAK-#)I`*%_%qZac6R)H#{d*|}zaFHpCiM+g0c8)%Ke#d7eXA`vQj57ID%j+hR zz+>Y*oF(J{u@-KzMn5^K+L$842O!6JX1HWI3)y!Q2^RCt5$TS+fLT6R%H!|0!Vi2p zVs`zYXO7DKrz@IJbo2{DZb9>f=PZMP2CPPBPjSoZF+jANU$ws9{raNlgid#37*>I> zZb>qPO2?JZ)SZMyHZt;;)VMRJHHi+%0gDL!eWqC=E8IF|fl)^@J* zik(5{PqC3G3C0;A(_QiMCzfj{T!goT6}}-um7<9~?_|Qi?Dw*c4_@|U?a#BByy&uw z`w*ipnWPcu5TLgALHr?_medjMrAC`z3#0+mYBX_q0z&oe2iV_@TKm6wez^Xd=ZBM# z@jqf8WMNj9XP){IOtZ5P`MwYH#=7`HqWHF++1hG{YG=JPgI?d;U{v-9lNz95nT z{H+*Ny4fC(^YaJDpgBlTCzy+~ySsbchHsnb(ttzT6{D>0^=y5k3$(l6HWui#3}+tt zHH{IU(5gHeiDwT0?t23xII;@^I+zf^F#Tk*yG*a_I*+OikrIX zv-uX$#fH<(Xh_oc4_W)UP6rW@OlAwnIXPU zl~R|KQc_ga43&c5@gikWV^$)B;~l`i(Y(9yRj5-B0tw0c0;M4__@i(aHxmAPtZHIO zZs9q%d(+zxaS8O_@#g#n47h>?^a%R?2;j0m6Ix{fHnqLl?N0+Qb@}`w>%JLq{|J8> zH-QTSWdr5Y0G-;Hj@@p$FYO+RhHp%M4bfnS2uH`qHuLac8A6%dsBUZdv<0u9fA zV(z^tjP)T?rvdeE?!tiJxtux(eN}Z5k3+yAy>G#p-V?0-zylxZOQb-1%GV4KQV{sF z%|oP!z{3T^f*t<&$#4EVCO+6ZDmU3fFn1U!K4X4iAoh z2nd{MYjA}G-Q0j~0G5K~NIyfEmEU%~KnP@Va-iUJsXuPk-;qh+ngKOeLajiy{J#Dn zSy>^7)D+I>?QgF@zB=;*tq`6+Y_vcKu1J_5a=`8Gf*?Tb1{})(oXI)Jz4&*Vcbq#= z&f*_JV4$#R0#c|w_a{hbU`~^tC@@Z7Tt`1741bYt!~+O>%18B#6VZ| zx1jtT)gM9&x0e51`s$NJ+SENn418XC56b^){vp%@3Y#SWyQ=+w6zaP85}Ln$_d{y_ zxcDI^DxW(*41A~kiE4K*Sf(v7hUQE7iSf^@{*HRhzf&`yI5qej8=U&sI=K8SBgdd{ zmRkMsR}>5IqZZ8gW~=rCdG&?l)Yfj_`XYg*4xS+xhc`7e{waf+vpan&qsBmNE{j>p z^9P(6Ah!9T2A8gXg9=;zSdPJ>EzORNAV9rKfGwN-AVM8q-6BGzEZh+wRYold5GL0? z5R8M9y_7K%u%dzSN&MW3fCK#yfyzPrOu_3$PZ4l5r$>Q5Djk9~zmX6#to>;2e3#HY z-a57e?OYE0tRvEw|Em32ccR2oM`V1IGCF&#OVsHO^yB@Z|M*aT-Fgymr7y4kLCS%x zEcnO^5y3b?aBls10lNE&1@`&#_mjm^ zAq~fPC4ipC#{co3FY);INf{nr#+&&YyZ`3*{Qril+b0PNdy z*x|ba{pSYljG-Fd0h9;i>8hrnF6;+Nsl~s2!wbhjI8Q-Gk>~M3pfBUI3V0_^;zFRY zq-0>%*SdQibYPSYtVhnHKqf3UUa-Hi8pBAW!8Y~C06eM(9 zcQy!>ox3Vf(v$aUSwq!fgIta+8A?UNrj_xFDgLzN5nWox$4-~3m ztRh@@$*)@I{8|nzyMCnnLLawhG$Mr+`Z+I>XqH_u!b6lR;|D60lM>(7I7ZX+VTWfK z(v*Gd)8a^My+x+gJu=@dx|m@KEX5@zAsypZ8EDK^t&ZQvj*s&Kp93$hl-C;X$HtIB zGFGhQ?-<*;u`ez|jIY3%tY{j-!ng}JB<-gNAne+&A7Kv}Qz9dGLy`{UI1;GiO4&lJ zB0K?;l%SCzIhhf|>ZwV~Q@U|Y((Mzn{YGe#(EROdO8DyG9z^hr`>{kZPXRNXR`+-D zJfnwlXm>n7ohXpm(PD6Jxb+iw6lP2P!QMMAfd^c}l*X4G-p<0v>DLoVE z&?bV?l$`EQ4WpmoL;M@^98Yr!-f@Ec>U5p(9-%lHbE*mc40V1J)8m)B!}KkiSpohT zl$df%1jbUE8$61B*r9d?KL`GzVFg>2w^jIxcBDtT)LTdOt4jPweCXdfH;ilgoMgrV z7!eTBX0@_054ENmg#t3i62Jzd#%WD5HL3QayXPDxQH5Y{t@^bmpiJug;Y%e@FniZp zNm*~BG{tEcNo=*fytXRfIRo;QU)0nTC8eBSNFz7F1%m*7#O#^UWEo1&#eQYD0``$P z3aMt_JS6OL_H){S(7bK6F6&YfYTre^%aSUQJ#=*cw|JY#T!^|@L@x!?kNhgQ>f5Fe zJoV?t#F9y^csv{jN6EWRtr<%I`zFyDWcVDJCO_p>7cceZG3@J@*?nz05Ev74Q&w;! z^7@nml2~AG@R_e26i0?plt!+*tsg=3M1r)GgCwo?rAExb+$N8@2H5X@4Kox$HMEo! zea-MPl6HuTOR|oW=40=w{Xq&0#K(y@SorCbKb`y?+K^78#Mb7mj(5z(yA@hAQnq5~ z7@4dq6G%9+1bAU>r$aSyP0Klv^*UFLX3(`Bf`o(%pq$v2UwRK>0Jj^axKP)9K_mA-19BY zuovUCN|fTs9GqF-}G!~a2LFOr4+IR^4x7b0ql0b)U;%>MkxQv4~~7F&HI!4 z*5|+5mSPSgn5;N~FLq4KmkklN?-?HliENUNQ?0!4YX_5>0;;wJ8il_SJp83Y|@M@whR) zNe{C7dz7U2LYN+<%3qD&A33DnenYE8hA$27L>)Jno9}=x47=At4g-ZYtrnv1V-zXO z?Pgga^i#65nAA6ITfich%rwMZOZ$iSN%Im}Ip>Ju+05EzYI>p* z78r@)@Xlq%$As=u*E8lz$1hX^jb`h6z)6LKb#fd(-mso*ueXzsTcF=t`YGERevwU} zcRKAEO9cy3+ghB_*IiG0I~~Im?Dc+hn64W#aHEWq9)D3yPfr;x_3qVD?Od$s6D6>% zl-@P>??e!HP>(@f?FKhgoB><-9>~?l6n?$?CT+mWE0|IJjac4g%vV#-0nVz1^R%z8 zbd0%x|5OI#VjOzWz|wpcyCj^cO6NaBiYPk3ub`#)Gy7jJ0vX=+0BuW>vmz4sEBAd+}Zk4a}WXY>0 zcH-@>yJvsGEy!9PbuRHn4a?QDoNOcl@E5(Y`}q%geBORx-j1RBqm37{b4k15wK=0U z&yo6QGy%g;uSqa{;#`P6+hFJ}mCsRFOzH>;1W5@FUJ?72U9Sf+^_yJ&r18jsWJ1Lz zb7D=c`v67K{MDZTqG%Ik-ja+#N1evCVVo&%vZHjhk0_`8XDYUlQp)FcTvrpmz}_Wq z(x57>F~_0MuO52X8se2d4lYc!Sbfd@_$T4OIg$&?z=$zzx&fY`CSLLCWwpqC#Bv$j zRs*tbBJy&bh7I#?3#Qg&XgUjywkGBh0Pn&-Cb29ZsB)>efFT;VsObFLP^}w$bpiqG zshx5~dM$}6TRWl4nu56S)MRzp#=-EQ!L+tCYO129k6Rt!9$c28sO020{k3q#oJ%FX zNdFg)Q>u&9_#TCBlR<7Y^iHr@uw>QyhfpVP`&?s&?!I4d{AUVSJ;m^F*r-@uu`2iW zs(A%II?V~nSv=atKB-Q%(g-s_3L2PKjS4nlr?D{Q;|{wr(9;RDRHf4m@0U7H8J=ml) z9OJV`IPIBHcBV~|vQblrSx+jA^Xj2>!}eQjm9`7}XDie8C>AtW-~kj#71pQWUGE&> z%3zY8>aRZ=J$df6`%M4H255I&5hv!$JMNLpL9-L-z!Lje&QKh_OWw*N)z+m@syTi zn2hE+Db1v2B;_Q@;;ye^v(?MV{wWI(_{o9YiTdqPgx>f3kj2);rM~^%sjyw3(~~nZ zsoj@2U!P*QcEcA0ZW#-lw@(}*se}(wUM4>;qP~!6`i+G!cIVgWBU9?H+%Bm3a}rq- zTV;rrRGZ+9BEVof=Fd%m&}1J+Z9Rq}w5x)@MU($b`t<%|t%fTbvLr81F22aRl}%Kl z+xewmMhiW6{tNzPELykNb2IOu{pyjUdb3DAY4tBitGgJQ9i^-cBJ47Ya5#8YQRB=j zWbR3=FaztdC7K1U{1qXtJXu3rg6c)|*?49^VfrxEOl~h$f}@aqTi)kf`eeWJsk`fx z+lkV+GD@PRV}3XfvWm6nE%Jm%BE!Mu1bB(dZ&<5A>b9moFdJKd@z;^V?>v?cMcr(b z^hksrIi{>00=Q9}90Jvl$t~7=C6)vvvV)YDALfiYyN+pe5zXqJ_MKwivCkfi+sG2A zeg1&P6>aMUo-RWP9o=w1rCP~i>kKAEk@f4r@Ta%iwBaFW;+z`7U=#Y45IL(WnO;m6 z^HtabGi_q7ce;9>Z#n3RsMAd=bR1SRA0=0K&b)p29ka%V0)7{nwm74VFxZl@;J40H zk~M>O66U7cLrU0{Et=A$zd#J%yY*pjXBT&fP;VZ)MNtUZW7G%7^~bnIUW((~cK`Km@5vR5ocgY|))mNmF7|vQg`;z3 zp~DW2{(L5ag4`#AG1wu}3EWooivbfJKYUZXpG@kdwy^QwRY3=3SE;mF=R zvYeADsKt zp9f;robP!NF0E0TyhO7OX^TmviZ}8kLe1_Rt>2yIDIrcSH<;Ey_WfFR;xyhq9tV1+ z;nD8xO8}+6%;qCvk)`$x_pPcJA#g}Yle}h=P0NWB_Cb0__n{@&%4A;S=ZiM{zJr;$ zRL@L(k-I_V9`v3o)n9NbjMt>hr~Qw8?n;6?nf63|9u2?B@9Q?iijr_M;*n|7Mu%*6 zuz~B{Fq$W<%11Om@TQEf4Ryx(`&p=KJdgM6Kx*+v+4rX4-s39!!^TqwuXD%tlK?VK zI|e?KTq5;CaY+?)E#P%e-(9FW4R>}%f}qvPhTt6G-2{s(LfqI}&!K&J!S7;@9hGr! z`Lru=hSrc_au^8|=S9^~QYL7wiDoe-I|izKSuxsw1%8>w!}e^WJBW)<(&SG?QJ+p1 z^JlIsI{Lh(ygsYPXClS2qNmw zbr@(p8tQe${pk522oQDmmT&k~k8*O3-^X%{*|mpP^2N5`Oe%tSy(k9z?K(dvti*7K z22%lQSGh?=U(K(+c3icE8YXHj`}s7V`Z3L*2#CfwH+_(2(U)deQ| zxRC@xm0QxDjMF3bdR~}DtjJ%U25x7S^uCNc%Iyr1uB_W*_Jfn_$RA6|ck84t0IfmP z$-*-7rCKxwB(f~J%|^Ttv#v#p!#oJda|>77{tPJ?2It!~8_ALKOV=v}$g;^#M$&WidR_chojlq6wv%4Ha}1jf@0HiM$tV0@ zBs0U#w5C?1*PQgG->@Hp|{WP&k2j?$aeJJt+CL0 zy=yf*t$Tl5=(l^9a?A8=UokqRXMEY}@IvHeO2vKg&MkYA)xnr(lov zrGmHvvs~8B;diyyDTC+@m8|6ZZM^zVw5XZBxB6yAozouS28SFUyH$M9ba8nw1+!f7 zj`c+ZjBiW|CWIaGWeU0A32#Dh-dB-UrmMtB6%|vu??@Au7f6+viH2lMvAU4aJn70gK3cmdxohY zDhgpvm_5?7p|@7{Jd6jW>!Q|X>^p#pi<5L2 z>uI8hzFM1GiU|xF25z1L?}Q3!Hkk7yaPo8WwNFlw>!_mnXJ2)G{lI3x0&_@6%gQ>~ zJ*r)*#I7b^#+T zk%`~bOD`rPcYoOyw-4UJe6ms!x2?ai7-o^YbJFtcN|S@@iZsTI7s+W=Ii@RblY)Q6 z-MnoMAI>w1%wV9!Rppkz-$f^PY$jRAq5~6Zrhb}!D}-L;gKii z!W_=^5^_{x*vswOu1`hpZt5o9bO@Il1N>fbYEW&R6(ie9_v)=9r6H~;X`DKf&YWW+ z?WerC^N)f=Y#n$3o7K8c#Z~H!adXbK#K0yes*Uf{qXIf3!7u4;KSeT~HomDa`GL&g z^zrZ$w+PkTn|LdSRqsrhN=m9hFLrt&E4R&}m#^pi)4M91oy<8HW~ba;risPU({4TC z%5%bhIUHMRFAEv!t}o&EjXVep*P^+&C-si@^tyif@Zww#LHr%D8y(mDp!Kh>o-m?9 zm?}2T!FqQkSDY(2I+vz0Jln%X?IXAiw@&<&5yFj)UxOSUR;9N`0z~-FloihxT@s8a zy}V{~lofP?{i#!sRCQ=V)Kg+!#178PN2bxvsI%^;%@gOBBa&Jn4`SSr7p#aRoz}iO zd{*=b)C9zw^)BrqjmiGDLic&J zu=dGwbtpNbw;@v0%{Z&QF$lDoeqJGd2Mk3`Z5e(6cvemz8};xZTG%<{ZT?cRr<_HI zR+rcw=byq7gB~Yirwek08i=`?dzh8|WxpYh9`MeaL@AsFsqb zqona8l~!&?or)#Gn;7aw6eP?vjI(TVXNS(jkBn3jFAl1szd9#t29|z!+-C9~U5d`; zLRwa^c&N8lkt5UxVrY!=eNkvKS~k2V`b9Nq`;2B@o@*yWG_y^aP>(XTTkPafzEJGJEbK(D*&8a>)pt~65!D&=Am#s3L-(o&=hNDU{ z+Xic)?W@eL3$AVRyHa0524d;_m^cffT$LB@O2pU3cIf19Oy*?Ey-~J+738IJ3|-$a zDRU_U!-Qhn$`+A2)bq{f^nZ!hJbSm9y!?JDFAGH^_?2>O-rPHmdDy02Dym2BvmAx6 zw|N$LAxn;%xN3n5+7WyQ{s?G?bCMZ>LK9PRU{F}^M$E4OKA1NXvBPW_^zYV}!5aku zeFX(M(iU$bIcO1 zCfv4zY8YyKrO2vjDmn;GaGdum5G&(xXncm&X}%aI(75;9&aEL+g(<{K?Hz%XTHj7VeD7li)br!6x#UtZrHc?}p2)0&%lY?3I zfvFuCF%sTG=IZsrsF!J**_e9QrYd;m^(-U=6AEJro=8(6?6j&HTkxzkr!L|tB1jvv zcxR;Q+a}1|fXp-bno9*qO10WDzi8dIfPoOp@64QElZ0o^dJOrMFuIejw^^s7B5$?? zHYC$QrKFqJ-wK2evaQ~H{pQ&gx_4|F%zKb)t(1G4SsQ@34ujV9CECM-I^k@E;`R8} zrxCkb&5IKK^Vvx|556@OkgL5bz_n%D7Xe`~APbvU{So`ys; zJM-iV_s`vBl`mXdW?lO_Tfv(728Ca6(u309n$2%gP9n)Xt!HQ%lpMd7pV{q>%nZm= zX;_)?cnOIK9LG{$9g!dlz8$7@3mYylVtkHtTcG2pD|gR`q}E5smwRu@t@-vWmVJKt z3<7!hW?O`2x4nuX7S-Nevc}kUcPfcRRibCRYKed}9Sz@3a^MTMD-p|ibW$)v7V9T_ z-(1$Vj(F4@WfwJDKJcYVu3NTFc^}EWNx|eG6aT#uQl=1%^%L6Zb99+O_Pa>2o=oO4 zO13o6c+dC&j^(n=@aN&iC(GSOg+$iiwRVchDT&#(3nv1-5n4cBq2~&uOEdZ86d0uc z(a)FjJS#I$11Z=Mgg@pAi>_T&%U7Abc-WYY*`Cj1vjQkJ*nV-XEfVpv^@hQX~rU~HJ1 zGWCHl?>p!B+LnHB!s;}--1!q@h~oF^nv8wy9@eZOGT+#-_k6iGhCS2wWn)Ij>SZcR z`&V+)ng#{+j+e!}18}Uns#eZu>$in5N_XMad~hYvi!>Z7)_pTF-@(4F2?rsEwVtA- z)bn0E^38!;A$E5XRIqiIu|>(gOinB%V#OieU*DS*kLB}aCeF3KR(?HQ>G%$T;*gQL zMm6Ty=N#gQU$X)p5|jNjvpW+P0}(Yex)h(6j8N)5xy7TtVO~e zYoC2f0%wM?5Ie37+#FXJvm{8_l#r}saJbWFZ6i9qY>l#U-E2T6t+bTe4Da`#H*fL#uWWNCK8M%=;u{LE}!TB?P{ku z;o{bXc>4{U6Lt8q1x?ufOHw9;w8%YUjgyR@(w$acW+p^K(|@(;EO9kg5Y;(cge|0> zT@w=m5z@G)bt>0j8_=0ll2Y$h38?sF7mlb{r!%ECJ#pE^C(e(vP%m6o=B>X{IGHlCPHt4BREocY_5A|Q7twFiTol)n?o zE`uZDi`{@ZKG!m-$5WrE$}EiWg>m7`{bT(usTHHhChq$2x!vHsX@{Ih5@vT=32wFI zdTF)qoOksvoBYPcTYYJZV^@g>OxQPeS7hsX&z~%I&9w~W^*-ijh?3p5j>9;*yiBKQ z{?s7b*>X$aE$D<*-sZkCD=uC3#SM0LjF01X#b{^uB4Rqgonjk9!Bx-~;<>!_OiGB1 zlt_n1t8uG?@k=HK$r{2SZ-R3+CO~)Z61b!Vn$+ocZDlTFaYDgR0cIKF2v9K%yHC{2 z@l8aRaxU~O_^j2)WTY!?4=Yb94e4~Zi$#jj+p;Zo%9y9|$X5F;lMjS-OW3f8za*zC zw6yUti*rZB;5eqFia|`$9$`VH>{dh{q-r8G5|Z|oNvZq%N=C>=OK1FnSt1JzL1mZv zqBaN28X*JlyIy?j5uqcGi3arLY;tlOeH?hVrIDOYMR{JDw%~Cz{(j)2*J+vq+Z$)w zN>d6Sw8Mu!0-Gc9R#LCexj8GZ=r4A^b68_{dhWc^%wQKQHKeWCdG~djw3cEz-ClUM z?GAA`vV6kOQ9kra+O|IuoBM~P^S;j4zp^^j|E_pnQK|0Zx!b|_Ix;$&qG|TrmiJgt=o>>j3E< zm71r6fyZR5pyx>cqt$EzT_i9UwfCsK@z&dyhaYQvl!|JcR@?Y`$x21HKBNR&`3U}^ zjb9_87nT!8VQF(c7*l+KXYS~sfJOSU2+YnAV>f?tZhSHVDy{i?_&834WV{YP!8LO` z)XchyBiivf=Ak(wRzJdE|6Ns{Y*g;-{Kukv!CDR^c|5-3&-bjn^txb}_mZVb{RiFj zEh0o8EjB0+!NJtITW7D_a%~op4i4I$^2saR&T)9(cd@jl9paM_q6s@Tl$c=#Jt1@- zkO#cs_-H0+^HC51Z0}c*tJ?jr?r@LA0i#EqxE0^{jSwMgyHb`KPr@46Hi)31R1r6+ zyHGDEwM-X%X`N9T@RHkYr-7cc7l_aGL09Rk2~y1=1qSWDDVwH)jK*|E2T5R#6Bz^I zs@%=5HM*Vcp0Vx3=Dl=O0d5DBUM?bp8lEa6GURQwQw9Z&3FHgo{oQD#X>=FA%d-%$ zNjN-l#$1ASn&MEd3T7=<%CsP#^~#>~2uZwb-vc1hN@JX26+#sEuGSt4 z(i5M#g~Oe7)KJcKZSKH`i;^Mi)({7L3uR6lHwDTse#Xw;GLvHly$O;rDeIH^ra2;n z3kw2kaPn3xfEbZbVzPZW*QW-UC{7toAx8YKm=*?>v{@HUC<31x)m15BU+iU0Sp0lg zz(;Cnna*2_hNVvi)StPUF3j)72a+zsiNqsZkwR9BD@!T^{NX9{V~UdTHt=?N%{L3c z5O8kz*VijEd{^p4&oR=ZJ{S^rTcJla-HS=KV`>vHJ`Wnayik7>=HU*cC8CKgy zu+XcauDA)tbnb{Uq7Uj8nyg%bDcBVSs?1++BrcL0cWD*aMs6ZLqy1- zZSMCtoE6=%eqyAqUb0YsW=LxE38R{L{>7M((2rQ*aRoGyV4QGlZMt=BBn(a8OUg;SU8Mn?y|dxb0pU_hO?{v~=f%lDj;eMWcZ>_Z#rz|Pdze{&NIL2B+LL#c2IxtCxjHpG0 z=G3@8=kB`Qzz4Wt6LY5%3-uqvi`aaiZ>Z_YFp}8h1etbKL313^mDSLWpIC^d%

ztQ1-}@p9asaB%14UiiaIkx{Cm(Fn<(KCoz{td(3*rC%`X=2Zs-UEC~m+b z>J4bhSt~UmlP@IMM7C_P2=bF0VWrhJY~u)$evOz6cS@=xPf|&aG(}r4;%sl6ORP~) zqzO#`3$8d18apG88eli??R^*Te}wPQHX#VKAit!Llo92_xg8YPeRGowo(FA? zj|q0cyJ7h<3A8=`f{(`T7e09m_`IOJ{?3Q&7Jbk3b2_}Bxhrqc=vNC%6@B3taYu+_+B*F zOzo%YT-z_hI5|Q#a$im`V!BbHNd-?d6X+?`l znZ;!DxtEG3Ar7)P?wWo+Soba>Qf z%KY)l$U&BS3BlltOkXhM=VG>_1ya&uh#lDrzAuMyq^Jr@E@f3TsAN9A4&M2mo8-8S?)gddZrlq(+-f;&D zE0((dXgP>-bdojK3&rTa!hOJBs&SW^d*PIE5J%J(bQMNO+Y0V*YG*(;6ECRxfj0^A z9rhIjaZ%JFgWa3_Gb>GUd1|s-NpE;ZMUaRy2n_6E_Rckt9B%Ipq?IwnYQZdOR*G;9 z#?`a-Uil1x2}Y5e#TkTFgGH&_PFSO&AH{Xum2Jhf|MM?T;AbmTRnCO*@h#LP+f+t5 z`Ra>NLLh&~g~$|U5{nYDCB*DAC6wni zXrBEG-i1&Y>vG_ae{!juk>`-*SD zY}?CVKy!K!7!u8ROJD(0N9B%TNf>1+BpK+sUqP{2+-F1sBUnj{-_#%z@ZQmHQ3+e& zjfyDSNzqnK>vmZ#4>CbVBk>F2)oSzip1WVmcE8Jb#h0?&&ZZ*>84Vt+$_LpYtpPF_ zn<6;{jv;is=W(yViR}M?(2d&|y*jZ*bpd&)@|Ne9Q>k?z5pS;_uALY+i>(%pC(G!q z#mTXP7oA!SOi&ssAl}(WBN~Ztj=CsSkOeVRg0ml^gUS`xL2Au7_llOiLiIkH3DMw& zw?C@!dAqPw?cD;pFv3N!iVRg>um23@_?Gq>mc0)v1p2p)9csFTlncQ z`sxT5qw>4{WqWfu59drv?>Q&x6F4^SXU?=3l`663><+T48~TF%${T=gWbb~8Z9;~@ zb<2|}y4_sks4^<-H(6NqZ%s8Li0 zWv>@TPG$(ltR7!|!=8Etcl6^K4PW_X&NQ35kG@@SFLRyW1K^`TW9?fy7A=~vj8GJ>T$3?N6*4kS$x;$AX&VuUP_*UE zy}XO?jLIQ)Gb1q7X@=Z1kh4*JbJ+9{Kf=lU)c9tmK5)`^F;hf<>;!h16gU@%(a1D2 z9zm`!QB={8j6&GZ`~YY7VqV$r>YeAisrMBy2wXGfu-b>R zB4VvdX5ejfmPmXZS&%PnlxAJT@^M$6g%L38oT%&&INUxUCsromE-|d)V0X9T3Ci1~ zpzb1(PP)Er(A1fE_ISluOE9_cE7U#WC(hLSO-Tj=?Jerh)j^AOje|^MEC{%pfu(M) zR_|yk_b4?~%Vy>4_9s>r-$XyRgs#Sp@>IB9pmyXfg@dtR{kSfl`rDF=bxH0s%rTIC zc)or=>U?CkYdUW6P55RHu<1{ysg|PUAWsI(=aB_{-2YN5)0awH;WuvEWO#|!J*;zp zs42d~qg8K@9}y~G3RfE@jrK4gu^-G^vl7>-e0BKpX(W8l8=&r3w_Wv>^rL{UZEsl8 z&A=erFP@d08+_T%{I(HBGbtO1FU-{t8%Rb_OLm4zRI1VK$sBsbk1ylECf?iN87@rK@%qAH>n)9;oKvB+Is@IpL;G^(j!QwqoT|4uP|nsUFB> zysK4+GHE7SRn2IK7Dlnr#zTZeh3ONQ;Kv8z+W zTT(Obo-5MZKE*r~FttfCQH*ABc^&U&E)KyWV_F@yy+8!k`>A}1Rd|8Q%5r`8wpr(X z)bbV;^$k7xgjLmd5(_Xb`*oS9ars?-@?vqEYeA}lMlL4NyucQMlbp*in;ZWaIZ3Vs zoi1VQ#J0f?VTu(aznz$zY#CqNpYvFg%~8Qbu&4u?ML%F*mk z;qipbf?*(;mm=~pOGSJ7ky!2R8>Nd^6i0A0Viq^%j7;hih1l=g5U+$?&|&J)h2OpC zD$yeCY8wbd`{+g)syV0h#WQck)HBIwSrS3G$BsqpUEfpkcu1eWAY?X+;?V+Im3ZG! zyG59?5~Pqmmljnwgq*89yj`HDj1F!&?C`6#DE?V=di}-=kD~9u&|V^_5_Uhs7ytTN zc;@QX=j=sY@X)26JUUm?l~URFY<*c=Fl&8(TbZrdu-JEVKYGVU=VlUh1V$T$M@R#b z7p)#@dEE+VSQ0yIJ$y8l31c+2=ViC8jMI;94OU6K&;9q={*PP|SxIV4I4_Bmq??j8 zr{b{Xud{1FUqRC98>KfiVz=d;YI~06BFLBO3^D1bnynosW%IQr%6H2SW+_F5g4B(g zMuFSR4+o6*#u3Aaaw=|SftM0O_sWx^cJOGWXPW{_2dW}EjFq|}yaV>;ucYi>uGW|Xn2JkH%HO+LEv|XD z^U5yi+^Bxce8sF}*VRYku`>ji6ci;*#w|^H z^tcoCoy_H90p!|eVN8(zL)1@->tMHyNokxNgis7gKE1M7kZ$fXM=OEXh%)8x3r*YOGKiDq>Pl7vibM%86_ z7e9cm^QaO5{cx@dIR3LpV(20-it@d7%NyL?u+73q>GH3$R?sKogXLq(+=Y=zG)rUS z(+3u>BM~K!Go)noGe{h%UofiBz3D7>)G|J?$Eb}HM7frv+L~+vO&*x*w^$$2Rr%Nn)eO2n?oD6su zlj80V)DOLL-wbcUmQe)0NQOe3Dl2pY9`uE29m%X<4d3upc9WO<;>J<4jkcmGvF;+I z5)O&+3!B|``_O6%^BMDFvrsDiI98@j`SCW}#R~Dd2}O(+V#C?WU9*lr6GLWT zPk?$yd*UbM4U=aU5%VXHH4HM}2(1sOeO>M6FYs;N4S|}0?HmT!^a+f11v+*J#dcv| zxL@-+YJ3s1vy33d!V$2oje+C##6$Y9dmMSM6!4zQxXS+L3YTgxXznAN)*1mjDoz#F zwVkNptmQAd^O^ek10Qex5j1kspcUNReyp>eJM0Xum5_1#?C5?1Gj1Y6U}7$%;~7O9 z0uvh2uYk~g#e|Pd$cO1kIK$Uf^gl}AK9IaTzN+QeW@^OHg~5%Y?qgl5V5LDf8n1t< zmljp)aR&2i;1Z{Onts!NZjT6*Nj?6wAPuWzC~z!B(UbZ4)jaCw`%!)~u!bx5bl^m| z_*-z75da03zEfL6NlG%SEdi~sxHxq6*hUMR6jw+XFN>l}->Yst>AfxwA$0``20DjJ zhR%SYfn$I=q58A5G`hCc+538iV%Tl7rr|-ZiSRxwxjXPamp?4y1sHq<-C^k$BxuAk{%R-Py>c~M?Tge$0OC@q3D~Br%Jqh- zINMzoww!BK9*&t}Vo;4a9^|>?p)pNTij`}HD(cGD{ah)9trsxzt|de;tp8#boJ3fJ zxbsHj*URzI$8uNNjg$Ll09aZyZHY{HTH|45eMf{`M*o7tR&o*3G%ptG^x75B`sDdS zZ586oFcG5r>zU#x`K?qjrnPwR`Vxf>(eN8c+?NWS_R~`3Tc&%r+ZIE3N^~37dRwI^cxopY#5b|DIC~m7u77>rI zX!KHPR_!5cyWG{0jkCJ!#BDgtr%u2}PU`H9={n*16_vaUdF_ko9n)49+x7<&@N(^F3@3IBQm&;;z5vDNI?GV+w@3S4U-G4asmiP3S&p(yJG~nc# zkrL9BD2|R1@DGre_Ohht)spGH{c+Ib5c&L5)eF6+!>ui*w7!+JFS8UqimQCE>|+t8 z-~6@}u}2Hu?Y?{X!|B~aESjitGq#Z!hHna4vkuX&C@GdtEuE*%sH)2?M&)UmveoER zj*(ty?FYJWBLbsGH|rbPeLq+%oOSHTYz1Cm-a)mCrra`K)iS0_HVWZelpr2fw1>-C zA0R>!%4ZFyYE}sXK@+lE|F*%+snNoZ4Vfek%XT;WA*~WKQ%S9*@WwZ#`*^wOE5b^t zH65$Ix&RYR;nUgOyCAQskY0Dwl5O;ER%Xd%9*_LD_#WCvb!I zB6as7mMkD9&w`McmA0+|BjslP3FRg>4xOm!JQ|IrFNK)p=18tS-YCim$LsN6K>4X{thL4Cgdh(jw!G7}tI*@=b?`g%2CG-dv7oYSaU%Ql8*WuZlqX82P~-EUurHiAf7Ae-o`OT z_%pxRy2DX*rP92*G5N`q{e0Zrs)IdhPQgY_gar#>knq6(+lGFP4V;LjnCxM#Yha ziVEnHJxVV>P5T`}GI}FDEq9RI2kS$?J~;mCqMDx;R+!ZDQqBg}=TQJsQHa}XG7_PV z%V_#{KACg8QwUru?~3E-p5SXiYn)?>B&*yrbroIKg_qK?f@l?!J)I>0*Q;6`h@+VV z(`f#Yvhq<{H1g1>TQ+ar2SG|t)*zRSS)Xc-)~mJerv*7nxb<`$>v7=mF*7S)OdoLy zJx-}#23m{G-AuE@5(o%O+1x&8`jugcraE)BpQA(&8En!{R_c}0l|HPS1PNu@h7l!q zDt-_TP!8yG4YeI$2?cXLjX(e$m_)U}CGYqX<9=!^@fsH+ptPuvH83CHC+=5_FD}bH z^cR?q1g0cywF|H8v60A3DR)`KYLwscoIZqpEsZN77|2~;eqD$w;<=xzJDr?UXh!os zUsQc8?Uj>m$$IPfn*30e4Lw{wphXTF3xzEdJ{ z5>tiyQB&~q>~z$)8n@0B`rRHw%61%6A0zK!wMX*w0*uU{x=@CtMO#Ltffvb~yPn-f+7gMuqF^95o9-a01J- zd-$Q!r!x@;U=uW${hyX<{!dSTXB?(5I}-DOb62*i1~$EGZJ2B>`+M*R0cZJ zlO&ta%#04qg_1lj0v3)+xrbS{*(RY2LZ&)yyum6}&%fwdT^oszcZ=aE>y*edms;8R z=I=??Ts=7%O`D(6=xb!i;yOlZ1{Dt+&@$X%uOyT^rD*ygsScDu3yG_JXf)Y#;bQ-H zU(&Z{Kr4gqWh|&LPcs86k_vZkacFDt`jqcX6wKZ`mp7w7-e@!)v95maWHN_(vFF6r zRK4Bk8WjU?zdtcBV{ez*QQnASghAg~E8%=)f=l5?`>&YBHr;tarD=!Dga&a`XOD#O zU3wqQ5?ePFDegK+UEsTBE|4F;47NirSX-=d@cvd-V9 zgz3n)I_ys^}rWCojlUmwEBcg-Uy802F#5tG~&(4f*bMbf6Fi|-ADPN z=nc8r7u(lj8ZAEO`7^z5&5U4(hQae7|5$1^VLcv!$d55r3at2Obsze2pK(W=s&Yd8 zYAPkvrSf=O^O4p)8(4+vFU)#nvYM0*PUUk44vLb~xC!OJTo%)}XxZ{Tnxoa)W%EF< zFD>IOjYbq;lw?KVLKBJ>v^*j2kQ?G-pZV)hkdg-vNw`%%TC4?F)_u#9VqPdMtzwRnH=+K=oin5 zK%tZpk&<6pfU?6$@e`JRh=CYJ5kV-nLgU+^nhM7@fquQYbGUYI>-3&z#2q{2!4c}yW7qm)^t z4i9}Po;bO~2%_~bm!rlr90gKq4ER2xBMy!R>WHf^>k%L}8a^gL-+z?jf{6j+ITu`2 zYX?Ds_~B^*OnEyA&v|^w)fV~fDs+-F7tCvhIxVSNMF@hC4U0j;T`;qN+dg2 ztsXu@Yca(?10{<`vq)T_8TXBkm^YOSU59-6kS7=9RpJS|2hZDP*J;fYjyJ07!+|gB zl|=Ng1)FAuk*yeDcjQIe)#-BXw2YZ1{#F~>v2#_qrTlmlK4QO3=_}h$n9c-!0DS!O zBG1c@EOsftBFe+iV57e5%h&5@Vphnh>U2aaNHDWOeQVv|sH6@qv>+L9M09wA;Ar-N zgr&Ng;H^s8JFmsm0^d(E-S<~1W+Cn=ZCUVS11b@*d;*(k{AU|x5=+`0TG|41w`yxl zfbe1*V7FjcFCGJyDH8W%_RZ?l0JhodtbVS#{n<9G0Ixtt)|p+x(X~_=b$%YIHe_42K7qt;9r)8XsCbCCT zq-J+eGO!`KB%&CuL3WSn9v^XZxBZ|;^+4yl7&^I(4DVY61!BpZw}LbTVyMY~d6VmI z3(C`Yij_mk*wMg=LuV&#(O79KJA%a>B~-CCs0U8#*-i%;d)iuuSaX!|ajt2eInlju zsw>~TCSjRcm{%IiC)E%Wa`US5a#z~${dQJA2-C=$;A)eG0|DlpROy;;r?E?*$(BNg zQ&6oe0sytjOIkd*-Vo}1leoe+sp|c)Xud=-u{aX@P!2(X6jq~7Qo<-BxD;$x>cKBa z`+i9sjXNRkOM4+=J|_DmVN8!BTlg{}lUTHs`6AXsQ3)q{q5WtwGIR5sNk4Iq;6}$6 z`eg8@=+Ur~|BIhUFxKC67F^?YcIAt7Ye7~eOkfC0aWXje<&@VLccbniHqUV`%PF3y zkVQ<}q8_3ZwTgYzsKVyf-yQ0D3DNbzh5Tj+ZEg~awx6Z@Dj0p~zbOyQ23!KPX+vl^ zY8?nQ2_)c*Gd~KBZBZrmvo7#e)FzX3lz=&I>>ZprdPzKEP7hodR6%e?V?y5#@8+J| zKC38!e%ed4fcz}G9Or@6(hUquYL89SSgzyzND{}gu?l8|0yjm#D`F2?pfMs3t57k; zNdmuXqVB%r7WyRdkPV?!Pmec5yS9=VKhd|rep^Rfm3`vTpBAbk&fM`}tZ#W1d}@NRH`EN}4fzJbjnAkyI> zka9E^Sz7p~I=gX&m_5kT%rg(GfKG_{uglJl^FlV{#>=hx2a1kdXlrF!@s>=u>kJJT zLEZ9WF1Rp z6NmC<{|Z#B>`hwYWL>sQk|*iUkWEj%v?&ws3=-ALiQK&W%2DmS3Hz$z1?96^W5GUAsTfPti7ezQbzrN$S#a%4uhgh9Xus-n8#Jvk!Uf}4Cy z`p99s+QykM-7msO1bq7m2TNCG)L9{WC!WhuLyN=^_5H~(Oi(#C-d<_PfaBJmSk^0J z*WV7?`d$pLJTzJ^6}VL>+hL;U%+$~So)1{j%I=bA@iM7sCp#32xilefod5uRyW?+% z54i6jcb(OV|I?61jV3%Txa=F{nck#?X`in#O&UqB!iE+qDKH3ht_YE>8y9f?%|XRJ za*fExElS|YQedoa0_%B<5xfdcb2G)C=E1`UW*77 z;k=znPv=}|p$Y;%jz2ww8=c;PmLG1Tv?#hMC!dNHCl>zYUU@hxAQdH-!=LA!9&`p0EmdBRMeT)|FErGDZ9J0d?jcVc%@Q*54 zU^qBz>+Q3f8fL9enw3(Gv$)U2eY@lun=w+P(18hRIrtjy;x*pC zd;eg~5PmK(hkpEESI{era^3Xpg-J+*Dnj>25!;RV8C$?z67yGHhrs-pz&=)<>$!1k zL(h1Vhf+T7SOqv`0c$Y$kZjFtTBaN^Tr-FMUF6$xMZa;C72}AXIDruk%czPpQg9^b ztToyo{|nyMIN^H$U_hV0K*T#T{_Qn@@Ac=I2|;@13>->X6oE=#_v;KgbpN>N5J;NwU1x6lQbi1G;ti^pIl(E)0lz`o8XcgPsZ}F6$kbq*6WuP) zn`_!cdyxFgdSHhWm5pvJNS6|f6E7pW;{RY}wy4#ASbDhVrOT|H9I7=7&BqIL|yq+mWdZ_2ENsRt-_JXP*u z<9)=%u;YzR&(qf-!M`w~OH#eIS<3*880U(}1Vd$d@h%Kw>`bc1 z0%%+t(WX;%(_|M5!r%$Yhk0H?MAs_hYkYl~o(LACqmnXh8-t-V`9x;Ebv5!8p)?~a zrhB_MadH!o%sWNB`cN-gszHu-*yDj$2+EH!HzL&X0%Xa#5x~fRBSADwj`a|{KHXq` z-Ffzxw4X=Em%XvhKv&M;#yCCibzrpEgp_F0+N8R`38t>zN(!h;werW9j`7U|rZ_ynV9!-#)j?VAm0^ ze%RrPO0k_yycV4m%GWg^^f~B9H4;3ZVc&GB^m8IF=rtwlsaB$YC(u|-g?@>jELN5* zk`K%n2jvC`er-=@@D3e+p+&yDj@po^ZdbgYJ77@MA+7H#V=iQu1XO5s_38V|@RAUh zKghBkpqoX(Qri!9=6fl8v?0;UT94Gzy|qYsmHwLU1W~{VMq{aUDw&2NFArfz_}&~U zzZkN`o^5;MzvGKkahVtq-y$$XQ}dUX#Gqd;&Q>5Rkm< zRG#FTCFopL{!3F_2klbq6BgSoG0wagd9=npf(oXUlnR%ky}xktN~nBB+27Wkku8Ud zmoxY&jWk2;I&|Tb_O|<2n;sVkh;{EZ)2~ZrGP=O3@15F4^)amN>bjflb;%k*3&zxD z9EhHR4_gZTWOJJ%xATBZ8^5AMo(q4TO>29;HB2^Ip_3v}fZrn;p?)CicA97g=#T4l zHgB}e&=S5x^;~i|%~UGK_;V9~OZC=EdB+ zlQ1gjF+sS@XJpTSsy_PQz9)%RdZLc0?CYLFsPkce8fi)R2r3cBGWZ?6@>h+Di=RPo zwK2x&Y{)T-BJp*-_@?wgTd$32r1vYnk6X!gLK0=T4Fwa%0>mtWoATo*zWQ2(E|rFI zy)2~&45LR}Xall4TDn4j+8)PRMhaJFAc z3`6qn72?;i@Wwars+CigH*d23;kc!z~I*p<0r0|Sy=0C_aN#G{4j4N19%eUP*7+i>kFZnDH>x89!nPFz9ueLpwNg$t!n{8wbTuM zk;%XF;v>}>3 zild2FRmTx6HtW%$%SE+snIs0< z{w~|-p+V2 zu1onWz>Sl+hfn5;W3J(j_Bxq>cEgTaIKz;LVS^GAer~gB>l2)*FPv+fdn?)}BDGwN z_NLIp6{>=y$q_MmyDiS6*JNu-ye(}puxSyPV8O79z z`!4!DzK(u7ndJRz95EH+VTidMF+E46*T4KzqA+JNK3mB6$ty*9w!g8y^DBRtfl`O8 zj``;6%z_bZjwEg7S(ZDN&;oWgn0*2GHD4fEI%z^FW`Kd*LPi$CRA^3&sj7Z|L@SYu<~9vkP)1}=PvJG9sT7@=us4t=;d z8~%XpFC?<{U$v!V473_b5NZGws;+5iFtVii1HUPM#2#1Wps3g_i8jrCl`+~^>ysF7 zYPVHNgRS7XEGfM#(v_OUoA=kaMMmqvShr?o0`8((Fu*P2d#JktR{+#VkE$UJP*MJn zX}#-AES>Ebc61DpV%r)|5I&2)4x-%AUAdL=P2W6YZ>l3priKx|B321D&=7y*6-XAr zf98RlnAzV8!+$)-p}3NAAHJ*(>J8ktIU2;5Dd|F*g4bLz(H7=Bv{Nmkqm zBNof}K?18xH}26DmpBYx>5**n_bha0^p~tC23Fj_<-PFk#yeOiGx`=J-A|E~$PnC$ zi7Kfj6>)Vw-o`+|{&8sgLrH+S{rE^Uh6g$@T0Ht$92 zhYP9j%fhvri-s5jV{@H)5!Y=v z<9>G6>5^YPn~3pq*23wRu1MuFRW+x++(Psu8?ie|mS@hjt+jc6rOo+SoglB5Zkd_D z+JBU*;@&iTZ}eT6dOT}GHr$nqP`(3=P0#c z98_lA!7hTGM96LBNx0EyJ7fC9bp|dxTl!YxAS`i`My1r$GSipk{nMj%>t-TInm*yW zRv3Sw4L%7DBe_TUc|#YKQ+8;Y#8PAeY@>kQVs)u`p0*S{`Dr`^B2D*dsCH|y3>nQrI@w{kyxRbX0 zx6f@c7@NQZU|K&Pxk02* zQlx;Myng+`*K;eT?f=GI6r>zm*U?yCOe&N#D&)uF+?E7WeM>(au3ptmaS~Wu-;s(3 ztSmAFEe%!k6S`8Ri&U&zcf`&KY(UyZXa&kTLNVE1&I^v0&d3G9;cb&TT4L6Ka<3Ln zdH|8*g2Wo9&^wS$phE3moOqT@q1zf)H$!>y%7UClMAiwCzkns^E&mK*^Y`Atzjd{* z|7_;wa1V23*(;J?ZhkB27h(Ezb3>se*Uej9_3{9X{%M|X+$&z~BIiBo#?A^Q?(;rug zSq8y)BbL5#C{K+&@F2=$c)5%1RJO(iu5ArsnFn_?9b^=rsmA8-75o?KoBOpGSp$Ks zS8q30OK8d-A2;{~xy4g{8zHSMzR(h&Gv=e~YqodHIAcLJ`Qfw({Lcd%kp0~x5};+z zXg~#@;5lV2?k;z#=7sZVasFC>e1#vb+c6S4{D1qYf*MXI{sHKdv|oxG5y=? z;dWy$@FC`X5`9_`p!c3ldt_f063JQrADADXV?{)3Vgqr?yh$t}n18(PdxPP*bVEDY zGR~ZKhe^QU-m1>5m`PB0J=J_#0#)(@cpftiZ{U(QfMtRcv7umtQykB3;Z@jhk0>Pj zax1zM_GIP?UlhXhIq%76-vWjcm1=?Z)+1#1SSy9~2KNAxF?#g|$x12y5IWB5^x;u0 zDlMy0d*C^N>RmQAvsN!RAWWiNXpB&QfdfgS(T5EHFH{c&MF#U`qo&K}2kw}6R232D z?oWqFM^SEPq{45H{kkQ&T{SnHf@i*X65R5nN)S92t*}5W+;|mLBQFWGrd>)A1Hotc~*J}7c)8IYsZ-7~B&_RDNWaVCm{+c}n?>GT*taKPTo1sq=kGp)e|cvFL<|Bl!C`xd zwmBt3-ZTmfk;q|={8D{xOkDElng+_G|5ZoAa%IMI(eI1UTm5|MNmI4M!vM}zZtjH= zi@^gjl}y^OhVNs##px4XO2LG!V0XE{5VN(W(8rHu1^LosD?>%$5|RIXO)YY14@dB_ zHNs^FPH=vIGTIlE{d?dY&+EQ*@V|0ETuX|Aym7?B;H#F|-D1U$W5GKvA$44&`1#Af z4%I8yo|tIV)^vmC7+xXJ=dQfvEzw;)zj?br1-_2m-~|Pathk`4RF?=M0S@7?*PRR< zfrk0$Ve{OBb=;wgh_a0?;VL_8;}hUMPEM!rAcgY&&c9vXS)A3E{anFli~cLnt&hAa zQPfS!hv4c^zZN(nGkcTNWAllaQla=?ekg>9%iy0vl_Lu;cO3%MiJ(DPvXQ;cT@9D~ zH>Qm9Gzaps)0<<7M(t=eE z0Q-$JMwh=ZzF&)84a6Ntzj`ojJiw}#!*!upl4z7-GVI5U?&wy3qwhK3*B%%9%Rj1n z@dqcfi}lkhy)t|!h*J88md>n#A|A4?DH`YOj)P0Y_)xfo-+oV zWW=snaBic3q9W0aXdwF(YI`T(w|_ud^y|fy+d4a>%9c_F;S9VZk^$;2;NN89O2kJW zt^RFx6V2!FR#oC=jz4-yr0zU^B{1{2-ejbE;hNLcoUsBzHHyu%JLx}VSyu(thQ#er zpNWp7b0MQ#z(+UR!b;9Ft4pif+FqkCZ_l4R3juaGXrVSm9ZM z6YxKYMPQ`0KDl_TfW2qdSdST&(={fcDuoomHb@Dza(&&Zm(cvq!MJQU6N7q^0t{O$ zgyX;ar>$Ep+0-#K4~eOs{g=H>U?Kd(u)2hh$VBNIR)PHJ-1OBn84yb~1|gs+<>X^m zqa~hZ4MoA-gFigaEhl7-{Ga3F^GD|hvBLs}ns0=I%&d`bQSdHl2KZtdrsJ}SQjXyW zOB#Ukplc3{oKu_#cACxKAp7W=zId58EVRJ;!!7fLxT{}OWg%;(zT*@k5hz!vnF<(M zy_~jneWuYOI1gtcez2Zw^v!EayZiK7k-ZrfL6EFySdQ}Gz!Azg+8s^icIV0kJh@e4 zaUmu+;3GVLE@#TzZ~F{ZHSSXnKfeo6N0)*}h9xgc=O5I(D5s0AHXq z_qTidOcWfIi_g)I3~q}bTUsb?X;hk(2(P3HW<67ASS5=;ur9s{=5FQEQInJzv#k^` z{Q;P~w}j1LKAOlBM~R*A@l(8}>&9-soRk2cn7_aC>~65wgtOMPsv`zrtYsFWX+B@Q zXMu1N>>+KVMAi_)D|}ZXkO*vebZULdP4*07*N)B=|MA|!*}@(GsWTCI{WHBz?uW!q zSBYFP(pdcIJ*2HER(dB$ztLTDZL*_1sf7Ti$eIf+ca|hUJ$fp*+{^BpgArz8>_+hFZR&Ie^#q1NvsnwZ>gw8oTB8cWqF4>>H|IBvj`{z~wr`&Vjv+Y!I z9=R4sY)%vZWanq5fH=Ihr23gVJ zGezizu_{tUvCpt3&wDSt?R*XR$id4;91@*m{^v$sjy}HV__ql;G7+wH=|)XcX6;=< zNfQv`iAk7-u35{TsX)y@ijrGz$cech7++A$sQshmwaaWMc43(>#yfCVkR~P5P>;a_ zL@Ukkg0{j!QV9L*O)EYYNm#v6s?kb(cO!QdTm9%3=>e+XubVIdKrknMiuT5P&y~M$ z8MD&Dh!TDcIf88@=mbk`fEd2^-~fA~GA@II;NSYI!DYpCTCuGxv+=HF|Q zHuKRWF`eEhkB^UjVgA*$U$~YDT1w?#=TEBmUXyrv+X=ysUhiG-YFhs%dAlWuxEIk# zWb(8;#oO{kPl-!IL`P5zl= zN7YiL7`s*)dB)i>i{W>uaK@ix2!cPDr~mxOX`VbwK-~LLa80Bq1p=fNjB@|;n1ZlZ znn4WeZ=TXVi$*c`GO^i;~GA3KA=?MY&p$)^;@8;P_7y8Ui+7sFqa$v++B@G)U7EUya|(Z_xn z-GacW3mDx0ffVOi3AcORNpw${p@HT}&jdvtK{54ixpsnq&}28@enpWd9Y=^%7PUUD zBy16bC`b5%fV2843A)t;QXdV(2PhdG2GW;6g^84JR#jVBEFWm$L*OMz-F}zWG2dR} zDL>>yS;DfjC1tI>kR|gLqiN5hnz?Qq#hkO+wcaW{g4XYkKuKnrVKfX=iVgFa@6bi} zHQ8xId}pDon}Jv~0xQ1(D=`i1_-YPD7Q^r&mg>K(vuGOj$+@TI~oO%PrY&z@54 zGH4p!99Enwt<<6M4Zr2;#DdioGuM@Wd`FJyN?(oiliTFA)SjNpNJD?hltUY;1_88qdP zc*q{{lnS=%27LyWPcXMzysv=X4^|WY*QK>uQnAJp>M~j>t7Xmk#zL1o5M=A3^ZK=-#b`1#@e3i-$T6!UCYY6;y z)Edg9A4W5*01%qe;0EG+WeiXbnA01V?;~#^rqDxT55bDd{xf63?7I(N7-`!n<6qYH zZvf*JpxTGm`@se}RoNH?9k-8LxYc#mtrWf91s%$YcH&G zV}dGGJxZdRmIkUjcu5{5NFyc>zIwwPl_ip;nK!q~=f{1YaT#eVyZ#|X#rLC4s9I9Q zd}n-_uS-$v3t#U~=+qiPB>{7R*}SLgFqs@f*B7B=ZbUz4}}U;GTp zRumcX26^E$&v=vFOn6Z8_C{uLwlVJ6!CBH+bC=2FIZomdww^_;6do)$_aCQnbXWW5 zRLKLYlX^GBpA4F)Xvw%NzpoG+qJ+~)*Bi0SzfYLmx2>t*YW2UuIU7_L=>7}Kk0wx` z!vpyAq5B=SD(!v6$a5AJZ}0_!M|_5^{e@ZVVyP`yZdAXHnmkex1BPz$;EXI|v5ik- zjOmjvt!D$S(5VI--lJ`U(~~zWUN$b+k!~q^nE9IT9KV94>F5hM zi^2s4E`+kVw9Fc)oyM0{?zM)1B{KeQQ}ukJl6+JAFwS=VO}eoM;YZMs!eu;j0I?ll zJ%=3rm=D~&ybn_pajk4Df*LX8M3{Wrtt(E!tI`I6isx;-5P;dVKI72Q_%Te8f(Iw@ zga;`J@D&G5DF{Mu-8{-EF#q_tx$&!fN(r5GE@VR2;@TTvBt0&e$uqb488inYEQr;0 z)7z(>C3?@|e)edv7qtV-72N*`@8u^`n-2WByM0qFO^2kB=AhcTiju8_;R1#{r`mRG z^xl#70SS5JCLR1ovai+1+&izuPKMu}*P%xvcZmrrKQxSr4}7SdnylKpgfQEGZ{H{t z*$8EqtHRPL{S<{BpF9$wOq37te#q4?18=gCMx($yPBmN9Q)&2Py1!_XnW>yl?dPqv zV~HBLH~1j&GDCV)qkZkBFBU={fYs?}UJW>-%C783Kw8nMEQn(V!?Hj4KtxJtCr1QDNla^%$b)4d>7fMUx z===XG8Z|4oUOIZS+L7E%!1&d-P7YWzM7q|-si^}t%M!zTb%JevFrj|M+oK}(+weax zX_+mo0%~Sy8>)MP+}*yGt}QO>Uu(i!?c23>md&ua3t(4HnUF}XkfE|@>fBhY$e!Zu z3-djr&>zcfCFzRXzU%CzJ%7r7r3T*%K$Q@q7W*myEN4B?v*$(u>f{`IsCtXA<^c?* z2a@qol@?-6*{6w8r1y<|lRADu(WmB^7nO(31bn?qCwF{w=j$;D8}4w*BYRI9-+iI; z@VX@uz~G5Ba-;la(GEKw)Os#zasW?zF~5qUI9ZYt2d8Z}DCUTlBeM&%Y*OVhl_L*!nZprm{esjn)Mm=xxFTSY-zVd>)A>!9> z(B@mqX2M;K8Iy#bXx+A@kw-Eyg{l4@NHKC# z#nTG!$hhk8j}s~|yKbq#B|Bxu8Ki+~Uksh1!|6dAjS<3}>!C9%OZFb1`Lk<-b|m## z`eOYQ?zL0hjQy~%B#BkX-!0%(o18Re-$Dh195~r=K(xv1-_RQrr4To6mtvx^yTi<$6Hd`PzP!p;*&gYx3TiB+}wV?1W$)38#Pet z4tr5M6+j6#d>z_H_S7jxea|;yRkb}SfOG|TQ!$zYf46(mJ3&)J9ABw%$MQ2F{{neUu;&9W z$Ey{`QIs_n@Kl?rZKZDP1X0v&y`mA_(Mt2l7EV(HR?K9bG$S3dHLC@C50`d{9<4u0k9=u3T?O|gg zh4Q30Q)dm?iMWTsoEn~E@=9m?;5PD-7+R>IVON&d|ID@t7#nX zftdYblYIyE1m0zq_-o?oyKsL7DSr3xXcQ_|yQeCuF{009vu))nEKAkSp3iLESgO*| zyqp4|Ki4iv`dXO<98}8<95VERk+2}Z3cnHkX#p#@*;reRvDS>ZvM&Fuwd5Q(#Q4hB z7mCFd?4MIR5R#6B%#Xlc-v(!7R!X2=+zpQvM)idJ}odms9!^f3fDrx`i|$^DFISa>zMc~T7MZ&`)t6zn@|~xJM{ySJ1%c75m7_z zKnfdY9jd!21rGUR!r*G)hSNP1|GeCHC`pqce{`Dy^-<*TAfnfEX@RyEA1N+){S)C5 zkNrS{Ic(q|{hu+gLoHI{tuk6_ zLTP$}#$ujlW$gcCb}H6;TQa71R@0Ly=m=|=2ae+ATv1h>y474B zi`u8_R*M4LD+!{5qTO0FB*S0|`m~Z7Tv+4@?-08s=#U3HVu1+m1L>o3YkM9+XQ#Bd zJkznxQ1^(WQk>F;1gIe1bhLbb0ygbHJG#!`6^tQ)ErzIYTNlp8^C+6GQ6^e=FVpNQ zy4mGy<5oZ~jw8!#-#jnh2_0X(4RnOr0%Ws(%d=9LI8fQ@w8mi>IIQe?jOLFJm?a8} zV|qC;@6P68kOyg7S2+e>IRb`|YND-c(BsZ z<6C%*g4&_?rOSx)sGYdLJCi~S6E>hv5C9bd8xqd^d*M|5oRufBQ^q31Fk{3xzDNBl zF|7nPgnZ<{BN+;8PSlUfFaRZKS_kSnTK2~>9|2e6tEaeWtF=c^L~3%hj0(Cx7Z`hV z`*{rqny!Kj6-cL2%QmssTVr&g>(NdmPUW$RTqjM3!PJkvVlT!Ie}isjWew3ehX@cB z6jK2}-Q4h^YP;jJCO6|?h7%xLqFXXRCzeY#!tV_@(4ygG0*>~Cfa?2(g&2_%H79iO=TS)Y1kZ6&utwjPiMt$XP$wR zb+Nw2Lw-&($*MmH^OjV@ai(x!L=wK&CvtYsuGo?PV3sB9wTW5D&%kf$xr=VYocBcH zn=<>%r;m(DXYL7b9R69GjvS#A66|u>AeH@U35Ei<(~L|A`hx@3k*WPeTpz2_WUQ}( zw7xkXH`bR9N9i3G5t&%=V_%^D*RLm5vIOM8L&`B*&jM7@7K4iyy7zQyl!gRTDUSY> zK-T>6`iWwYDj&WEuvJadFPB6zbI1pyK5+vCWUWN$CV`WpyN%*nxp4uL3-HhHhm^li z`_souv|BgJD!Tgpsmwpb=m^LgOKTpWgFoTkPrsEvb7?eRi|(q(m9_Vu?WGH>i==Vw zk}oy}kgIw=2M3KH zMCDR&z8c}=vfaB2~>tp#oBWs3ItcbRaK+RR6P+v zTAC7^;ZexvP>xN&K{r!wb43+9=)I!LZ8B|&MJ@n}XM32pxxIH>uI+V1rt^LgP275Q_tf zP-4Ne(qXc1i2u7JpGj)yRP#XiUIuu~=qtK56JYlpd!Y<16G(QT461Hh(z^y=WE)KV zge&hccP4-X)@Fj*#mDbe#2P@GN?M?ts4S9u+XpBq$mlu&onLST_nP^Aq3t- z5@0g4K)g`K$QF;rp<~_}@k9Q|KJ*H#EVw-gZ^cxfpJCTOB~zq#YIiWXKaZD3LHTc7 z!5^%ryvNbPajUUw2wnuJv~QjRaojf}m0OS%lZp%u>=-Pe?ZLE1dIz<4rXG6GLfAsN zya})nsG**y>64La$owAUNp0VwCzvCUa<0HRDD#Pp1R=JWbFg=rJ=@2>R!RNLqWgx# z5>Hl#7D9zX+Drda);1fmeTs{ShpoR0+d-}D<&h8dOfhesUvoZ!<81gU^s)c@k7j7;}y)s_!7jXUMKtP9#Go2^sDb(Kz75Gf+3P|AKA zY_>Wg{Slx6NE3IB8|6%R<|+zXY>}doI_bg~9ud4Qz&+VOUG1uwuZWi~k&4m*Hb<*~jsqMfIA`bQ_EM!s#@ zv|a-_1+C=YyDD0}fQr%hpA78=kF-x~+jSkGj#d%pr@$dPLl3$uVUIQ#ta*)>dSIs3eWz4K*?fK?S6OgDoA}!Z+)|qXj{M>s9NDf}NKZ=HC zS3{zCSg46I^3N{FC(Q@eUK?)s13H&`uQ-Pc{SY*vUzmZ)?7^hs4s@kogRWk|;LgxT zxh`s)FT+b>5yXL1Mii(zJiQS;FQ{y$Zj^h4X}iEie@QwJzO$#aHJ?9IQ-TD`B zzdy&Xyi*P@f5S&5V}GjA6v{D^L+$>MD*cE4wxYOAv#U7-O;L6XN{}p2d(?My2DIbe zipo5urb2=)_&Kl6Y+-a9 z%P{YlB+5N{A!WuSP&T%`C}up7kS>Q8RI&yj|CGv>qUcFp1_-ite?54I!e4t>z+TNh z@z2L>=P42kG~6-lVfkhXm*4rf$cbW!DnNEHhdbRWB z7u{EYS&L#qrfocAbKUv_U1V46lR}bletdSJD($~FoN|d{nsI0K8)<`2O_G!!Vcp27 zosbxI{|$}lx@%6m??OXkld;-RTqFRqb(45}w%xhTx-SWDA?pBkdY>~Ah**Zt7Np3x zx2+YQA?+d;aLvL-r2xzTN34NhVz}}L&_@u2o)}s!A&P*&Gi7MuxeknHMHA%leGhjE z;|@vw?jDbk6|IedbH_LNZIHRB6URa#Jn<^gXmOj471X5jDt=6d;*2>wN~InVSDf}^ znT4qzmh_V))g+hcFI;2SA!Z-;UI~_sx|{+8d3=x3Q0;*zXS{hn=+sJo=#N=SdfNeV z?Y7}_tRX&EnOrAGVHlB98Z0_&w6eoFW1&rel-!24QnwccQLVv`rz|c2 z3gHhWl(N$N%u`uTUt$B447t!u8oS$^Ut|f&GlRo<@8>k*SVwJd$En@P-o6!}S3($pPSrfF;A4lyc(;yMg_p+NHvvoMqbjBm$@C09Rb`OueXeC?U*c zdU)s8{*bEM77P+*lVoVz+mf^KZ};Ayh)=!b*TmhqK?6SfW!BuX?v^{p;KBxAcX2y~ zvxKSk?w$lis#>I=8N+J@rr3Nd1%Oej8H`gS*8F@%Xh6@hiXv;b+i6l=wI|LW6B!PW zemrX5eW6c8V!=V;p+gO?N397!X_#Xg87b6w+eydj!$8V2u{IjK$hj_% z@30w0I-{Z5ovOx%ZJNX{dFN;*1kXHQd2j$nP}GIi3h4c8V+T_Z;4b@KX!*YYeg%R0 zdu)vMU1|EM7lwUwZ%X4Ua_+x;N-q0WutZK`rB=d2rF8SdKYqwEZ~|4Y~M<{2%{vgYC1pcEpLA zEMhdWQ=@Hybptx-lNcdJ__XJ{#8=|>5EwHmSy}1F|7}isEkzslzglmgQWtHcLpzHx z9EU$k0U`wiSIvB^8zB0X8>5(%Ikq%CZz~xLu){+Khl3@X;a!AqC|V~TbyE}FDv$0l z%T7eUQIIYB!?Sk2IcD(DsUd!`2fNee>vyAmk;=opUe5qhJUMa={{%fI-ip5Wr{K7n zwOo1|g?d+N%0@Z|g{eFxeHf|b*9bN<3P*>zU3#9UUa~1uKBn*UUDboSF^|X~Ky@qm zN|=z2G?%f42(Fx+yd?X@l8v1N#`rX&CtJbsCVqGVLd+!ZNHpW+SChH50@`)umTzkh zDD-g`00aUAG3-ir_2>R3W88?a1~GOg?GVCuZr7aM?-zKpH?|wO1iw1mjS|PU-&95m zG~G*NBRTR0F!y1&h|`oByathzsk1D==kQWt%pIYHfGc=^M~l8!Dkf^q zcv#^r4t7za63V7OqJ23D$&BK@-RH`f4(tDASWLD^*a>DJ^Y>?!wWd9mvGjhHJCCu{ zc7`}2C3SjTdOPzAWi6PQERE^(-&mr7G^y?nc#1~Y1N?>QzLm{`Y<&IlZF(nPwSp8q zgrp67t=9qTMA957Wr;C7*S*zxL9v5y#HPpV7uwfv*f@}%^03X>9D4F_L( z>|U924goAOSedDRKAg@pwDJ1{D`0jg0-%tJL=?E^D??KD`C zmWTBTems;o!O4Z+>W6y_$}BHHtZhi)b310D%{<|O58g)+6unhP-B88ibtBt)y*kcmnvEnkt0FoU2 zz?dGA1b9o9V*sM1l;KpRx-kHL7sH@@?XMS@j{3hsl&;0PrltzeQ8d1s{_L?WG=T^) z^g#xs?#!C(Aog3ZC~YNp-)Cf6wg*-QN>%(U<}?G2g9~J%PH_>1%k8|Ah$hjhMJXu- z7uitg7_swl=`hd#?jDOV^{taj5v0=PScpyh1ExGN!A8ZLDVgQjjGx@l#m=P98{S^l zqmaV|G&OCa}w# z1!n>?;T(Umg2ZXS_BjeAZcEVm%}T9Mbnfr51N3p(pGs<$V8I8RvI4TbSl+4tf_+Pf zM7E-(i2$2(&X)@x{u{s=B#aqwkMO>}&c)#z3F#|yPs37s5<;7rEsoF?(t5y$bY*fN zFGg%(bY(BmMuYSs&npHLDTBDncNI{uS(8S)zRLtHENXJCa z$PJK@RkF7=v}0nVlLQ*tSQ-PE=@}VW;mF8@olFgZmiBfchCowp00+w6E$vLHK3s(D z9Xy;Y%`Jd`VzAKB{fYF)TZkSYWoT?|@8)c62{5!X0Z7ry(gWn|-9Cht07`p1fRU+% zp^X{9-VC5(ssT_{7FALPh%3pfDkxLYe*{)`ad5DA`k!2cl~q*5X#paFaw?(#Q#D$E zxT>v>QBI(R>E8kVGzB1IX>4leZ2HGZ%>Hks?MEp;oId2h|4ra~ zIGdXO2aScH^IyI)3JNj+TSH4bpsAgqo$-eu&=Bb23^4dh_VG3~q4+yNQ-H9GlhYp# z*?*~={+H%osSDYEtW3wo%g4~|zdL4V=i==7kJ|j_vW@NSoGqP!&VNTV1(;ddnEuJ$ z`A^R*?f#O<3d%`}i7Knm$$Si+9i6QGM|JGzf$qS+tpCIl6p`Tua5Az3n7CL0j2}ZP zYG)#BZ)^LJwKLqG@`+e})Cp+s;YVVi$5~?m+F5;fby@6 zO7*czP3-M#JOC!9W^fF0_P~#Up#1-5pZyn?n2U{#oT05L<$ss-zwHcdEp0sh)AGMe z)J^{+ODSjXWNT>iUph-?F-vz-69r44vBlq&{agMwm!O@wjVXYRiItv_g`N3tjq0Cm zW%Dt=A7_x|pCjy#p8dacAERk(ZD;E23}9vaOJ({|j{i#hqX&P|1~4dz3o9#2()^#< z`O8ey&e-0>(#{;f%*GBdbaFEEfMfg^2xc}mfEUxpY@3+6|1~iH26{Vt;D-yq!3F38 zFtc}p`_okp4giDfAJJcklLf$_{BOhtU{L*E#Pwlm_;17sU@-bO;sP)j|1V---PM4qyQO1Ae68@{cuqME3X#{%6w^{v2L^?MudgckzEt^}nz( z(8=D~RNd0#h-HVQujT1n} z%=OWI7Ebm*t7Y@~4`1WI57@sp^vAgU3;#LY0H&tyrp9n9i}uDm!B(l?L(6?d3#Tg} z$++mxsxbLAq!J)jGNwE5utoBAh)o5G0$Tht$&2h|B)D~blLPEZG{}N6Y~D6nzgAD( znkatRHT0GB#X}So9LrUsR}IXRUG}f&BBnZ)$}P|=Wu47zOK2kisE(Zob9Hn-#V}94 zqx?!C)~RS)%ZGF;o@Z)Ccd|isUq;65#9N;31O>i7p~poV_6n|0&lwbiVvb2cIsE8G z+XIa*7Wf@SxtGa!1VW7tU(dMt6&$m#ET--4m*lfyleVaAHo z-l6?AHn$r9v)0&(hLLrf2DSZ^m)K{rJt)lzM6N4>E`gQnY8%wJSbfw?y^(F79OdYX zAQdMMu7&!Uv?Tea`I32?|}W{)Iu^KL-^)jYm+3C2cR2 zHDzqBy0obVRx&yaJmvZ233scy#Zni9#q3UD|L)!Na2h#le6(dGkcL*QFAyK<^zIe> z2j1aO??%ZS6B^Xa%_dW~boq>^Nc4oxK9QS~46i31=vGiVp+7&f9}8-r+mTt6xhCx+$bj zFIB``)h%xQYu;O1#YS(QGgRU?a;4t(T)PwlJY4t8EkXT|u}D+i)k;!QO8S&?o5JQ|B6}H*K=E(3IDW;jw!hprh$N}>k{xAh%AbW} z%{Y)fs&}1aKf)JVAjDbP?GV&Il`y&s-s}zjIx*W~@)O1Hog`^JRp>oG(MwK?$F~mk z)XlfgJ|p0>d4;_$aDof^wG=+C<`!j1gQegE=0JDD3&pR6Jr&!!|ukBi;;mWtCv(8c&1*8^AG|Kk1fo}zX-Kq&?=q%+<8aRtx9jF=| zg)$^#7)cgY=Y^ZWXYV)NykE-V5C{tXJmZZ}BJD)XU~IH!6O(pVbgA~0QtrqgreNj4 zNiyoL0fx8N?yqXNG1mm5_j3EtK}}+&`H#9AOgFlkhID5~l4hK|wuGx^z~qZlOGUDU zt&r3U%beS|hr&jW^j?G!C@_=CxhuvNT)Ph z-zDfAKp#v9#(nez67Gx$b384gJmg7&BjL_-<5ERe`xxNGTAcfoN@@4eou&?Jz!iuV z@fzq7PjWk&_f7nxsZIycp<9{j=*(~JuzqLd)pd$OO@o_AwvlymG2@5ox!fPi!nYqa zJsx_NE{KC_QM~N@2hx>jI-YG^-@M67$>zTsS?XgfRwVYRL_Zr!YA=Fx{Xn_*JB-NW z3Qr+I4(>A2ktUpatQ^vr-pK=Q8Rhd`tNGfW6ay(}Vsa99Y7v+*kCW`H$ zgTgtOp~%^nFfYGcz0zqW?7!KVhPis{RKm>tJg09!uJWou?XM=M+_@sm(u`X`4^^QoYc+M&$p zOLpaakjv_$yB=Nrb&gD=OiI~pbfeYp)>+o2>acM2Ip7 zOj9ta4nq>Jheol_e5jhKY)Ir`Av#zjZ2+omyZ{|$Btn`^=HI3*fG%(c!kcW8_^%-U z92m`C8-|{A9K?innO@8<(c_{C#-5bT9yE7!=bDKqvbV6d>cihA)|NWUY)Kb$Rd#T(3)#OoT&(@sZ#fZ=`pnxbp4>`>0YNG zH26ypPLx!45y3%h6Ja@sho%dP5C&i=GIL3Srk_&RIkRb6Ws#IpPo}EgQ*G;?aeeH5 zOywOS%PBZG(_FSNUA1z`9mT0lF2Pw8v(WMx+GUFd%)Ce!M`@Dxef~c*_`hu!T35wZ zo^pc-ac@9;WNcG{L%TcvX857VpTHik%=AYTHMVPoBPtM4rk4smpdc$Ays!y|cqO32 z(HlNWqT2|0K+A(hBpUjO{w{N&E(;XI9f)g>-tqx~R_{Qa@WB%)h8_EV@TuDSWy8pM z72dvXzt{Td!+|x+A94=C@72?@s{_Ftrdo-BYm>T`A7U7nANy&Xdt4u&N7XC) zcsPCteO_^k9%I*Q^jPhY?Ygd9C6~3xMk42P+q6eD%A6;dg%Ro^YYkffE39Ol=t0Z< z-}E_H>iatMu|QI$M3-MRT@1HnBA=qel1vrs;Hy0ba>>3qc!r>e4#G@I7bZu$&5k1y z-Jb6?YUZQ&-Ph1!U3+n`j>#*gF(o|g4z){e<_9bN>ul(5KG=#RuJDe82!Yk#^EUl| z_onpeA4_|gmtq637jL-Z$V{Phf71$^NJ!ZM-t8g>%6`M z0Dl@6gwy|-UO)U;y@sC@vfI2w73E-IY}-oR4UT<1meSR`Gg9)8RQBLpRA9WHcQY>? zpv!R_twEwupp3@pS^_Ue4KD?QOHBv(2uDj0 zrOFtK7%X~8isR#3P@I-DRw3VY%W$%al|n_~hap+t&6@K)Bk9m<;Fx{5Hns`aaT+MM z(ng6^S@TzkZJSUrX~WWrfr?H$7?9RU6wi;$rs7n(-X_~FWT-g_tP8pPD=g2?i>fHm zNBW1Lt>liDBDKW4C!BHtF4Vecu)~j!#Q)VfHJ=XWz3cjLJ=?GC6tVCMi-0MP$9L|n zZN}>@t!b>t(0syAz*ds`zVF`B(w~rwSTU|4P0c>J_kmsJ!CPt8HtnyS^f`mUn{l*a z7B6gIi3<2+LpdK{){9l#({qV`;3~f_a&LaXy%F*K##Vxe{a<-e4O}+T3h%3xNsF1< zEoQ5Hh)!#z-S~i0TfMC*G_Z5p|R1=zHaJHt4WPc&tdzDL`r}jbtOM ze{Bsr4YScnAtGotikTD>lWF2cK#{+0*7yte-ffk2k@8f7yi!&iPf$mJgq&d^1dq|- z3m+{*+0^fVEN6tWU~2y40f$dDZ^zXD)O+a`d0;=^O z1qL3IM3EtnlMR1gUb~i!-6wC5;b$O&;=ao>(9?R(FZ)M1_95XBSGMkVTCY{Fa3Ghz5v^@v;ZzA#xikcl!HYkGKMUQ4dA^c|$_-8_k-=;!c z%<94k&IR|S%9!6aP&E@G8vSlw=%nepkUAU4M@J0Q%6Rk^jB-$<_E|0rHSh`ABC@~$ z$1c&Hq-?^1BQt3|UUju3=cqj1%jUW6zLaSA^40DEeARq8roS^nHM$qQn5nHd*YAS8 zL34w|Ih!0~hFyfg4e~V{+DL*5dM{yYhwCkVZQ?Utp#=UinI6e8)h|NdSiSO2p+_$fXD)S7Ab-L$lD|i#7dSSNC|Dimy zjsZ#DpKC(2=3B|eD%vl%ISi7fGEjXc91sVcor+>64J3@l(3>62P&Vr*c>*xX=_ z3ggaQ(S{tNs%Xmd_mTYff$h?z40uW3s8+AZ^CNZLi{}5}Ws&TZRp7OTi+Fk~mq~s5 zk3&VlCvDK_hP67fI6Nh|ao<)v41;h|SfAw?hH3$7UlN5$8Q}LpaWP9F5h;+!zQPA+ z>l7ITWG3hro$hdE*EEy6K~+A_3sNU`{@q#Cls{Urepc1pqRSVJuv6Vk+{4$fc|Jvo z0+m7?WyQKz4~Htn-q$uh1gD=6?EuVlyb2Ov(P|kcyBN5nZ1RB!&(@1QlgY54)n$T$ zY_rYQ3;W~D1UPC!U>btAvuBTAt&YifrLxqjG?R>PoC=?%3|sEhPtg$j+w`(lB1bZEsze1NhH4ws&jS*(VvzZ8=s7zfvo}7QG&nA0wyl$k;!7BwY*7XnR zeXsi~H8>gvR1Oh6)K&^a1~M?eQtCo8O&KDy8gS6^iOxo`$M-v*Wgw70aiky2ib5 zF$j|h!lP~r8V!&|c_pwV;)M|!M4;KHrG%)W5eTlaiLOTs$EQw&b}Y4fzaz;-_S|*5 z-uW|Z<}ROBXL^A&?%g%4^iXV#@Mb77gu!w3Byp+k{W&V-ynD}jTs3=0P^d3*a^;;@ z<-rD!`DT;R7QO?83aSFT;nJ=(@=jl(OTTe^*(1yK;*brx^S?#oB-bNQ#q3#<)y?C`U`E!dP__yC-*)46H>+I16R;1CwbMiN zySA&9ZDt%c-76$nkaIj%!>$h1&_OTTS_gUvhDTk(vhbHk&vZoU)CeVQ10QBqT94pp z@<19Qx&tDdohxT6Yri&?z$4mWBzv7`>Lvy&*BYJ_Z&GPy84>JsS3r{`d7P{U0JGbq z#-^E)1dbB9Lp5hqa}eJG`#1(XqbIt(Y-C~uOR~RfNv1PZ9rjdaN-nS?J#8{Kv}s~Q zO{wbpQpCoySfV(`CsHat4rJGS@>hLN;Eg}Tg8uqHF#ezz=XA1ib2c)rL=K<*(3E_&ErTR zn2yKPcgE&2QtQkQ%c<4VC_@PR$LznKizosIU#Xdc!k>ByUz!quKiBA1lV?DfkvxU6 zC6>6r7`f-Z%bb>MQ_BdLwR`5K$Y!!-0PKs4=qm6jV>4h6s-J$};fF~SUU8-VRRp0+ zI=53|cjf1R%eE%$L<`EO8%Y~3H8M&ur5<}R*j zZwPLxtR{A^#?)U5o-KTkWg~sZ`JAkbvSe6}e5Hek=DxBkjxMtX1AY3k z4!%9^xSuFmxfq{Rp&}CDvZAbGo1;GpVsAmbm{>hY{%hUu>Tb|K;Hdbne+9h?!pj2+ z&ZuYP;aP8y`<<@(`L$&S2UZ50$ayL(5MVs5pLMKwKrNBD6`>+fOFNImt)@{n)N6kSrZWmbc58DmvRW^SD zm-~&2_K`p@<}h$F5j5P-@cXdaRtt)~X_eD7@b&EmLty{J=;T`tB1t~wrp29H@f^5> zAR}ia)e~QqZnKz}nm(QgaEzb1u1?UJ)xAP`F$T#mAUz|?ut~vF{`p}Koq5v`2)Sx= zU)bvbtC;033!~ey-9O&^!3m_@Gd6Lr5}R*2!dB4s*syoub)>Tf zKmnkre>iSchm&{d#gL{F!z*ctc|giUfsrGC?+?5WCg$ z1Tw!f-W5_zp)-nELUyEiKhaeQbWMmLMAp}MU{b`|iRK|$h}@zMh`A9Gp8L(HV%?E| ziC+MDnv5HyoA3p6`}2Iq2v>URuOqqA$_m>xPurv3XO`-a*N8FfKhKj?VqVUn&EG>(AKC2 z{LrgnQo|qQOaQq#f?8c}Nw$U2nE z93*ICv?K++Wt~&lo!S1?Qt{uB)-2gBPcRYHy~em@5NvBp5{B80^442gsDf#o;6eft zPKu8_Re6QSfDS#K`Z|!AU*WsMA5YQH#@Sxv#cdpMewHs(VODs+U0}KG>Y6U`Fmm`< zB$N|;nwP$bTUI=_7Yx7L+o8J75=nH@fPB@yb0xyW74jyY#o2H0g_Zd=0> ziK{65;u@^(`8nwcx=1K;ga1RS-Jljj$RZrC|dys*;kB!eVstqB4T zwe6%jyQ|PyXC6xA=}PtXyml&+qf{zsGD`RH zN;B`1O%Aq;03z{_nFM8*04B3}4-$rNrzos9KJMs%qd^vpomC=5svj-E`}@~d*n%*G zPp$w+=e*DX$LB?A|7>O(86KFDd()!H>*F$Z?7t;5QuN^MkR9VtIU{g1O4~zn5zQlP zvIQinX6fUi;BOvo*vgll7BASocHO#K-KGH3E;QXer5k8v~jt!?-%QHk2IORH;A+3W=mqfJTF zxtXpFAyo$)b>InN5N7NQCKY#UI`fIM0G$wEO<6t|ZNMJt*wIYIxkPUe)dGra9Iy{c z3W_2u3baRJ|HBWzvjRGfeUcO?c_Sq=(A#wxTiJGy5%2UGgNH#>tNWxsTPALln`Ov1 zAvYey|9%##;KCRM^f9f^&ek(b?5wEWAhcCc`u6tN6^rQTSHq{!Nfgkwm9N6?DO9R< zH6lSO4P31Q^v7&$okP-V4q@ELmcjTXooJ>R+R}CxObnG%HdObF!9zb+!jf_-7c9Y7 z$v|6Th0lGnJ+Cf6VVD{WF7p0D7f;TZH-Tsl)Au+C_1A9Un6elp$EMSTm^wF#WQpLi z$~kq}ec@8F2Sh>dMBNedngUqtGjmcw@rN8(4ivA z5H8T5A5N)-I^=aR>VXyKA=pfC1|ynvHgzt%|G6eRj??ekjvjgcMrs6Jy1rY_MINQLW>hD>=w$yR+ct06WD-+D8! zo!kz2ANeUaLXd+KDV=Q`ZckDM=gO2^!0ReKygI_7&uMqi@4CLKZ_Ycu*4_ zpGXjgRI(Wr4xEm>MB%vJBEhdhBT?Wth)|pRFcK3Se6b)S(w^KQwyRI0P)AqcC~;(-)M^W8`hHg6$M4oh9+kP=dDYeW0LXTWs;01c0;SUo`J?SJR?9?VH3Q7g$edIF zsTUi1R4c;a{a~Z%@$cR|m-WJE9JtwNwA&ZK7G2&%_mn_XB~yRTsp6Z&CDC}R9CnxD zglk*X-vlz2`@{hR`AP&`{20-&qvki)Wr$RwlbW5KX#UJrBv0D?$|fPo1gE&=7_Y!p zoc+RLP@zV^uH%aRW0eCWw8iQq=QdN8ly-(?_6|Dl3hrTNAK3&e5YzXNQ6w;j;!WAy z53Qy4EL1vVhWr5%hXhv~7hM(?CpE|_=LBI7hY>#W2_#0pJw?iX730$)eyLH^sbZ{U zppY_`xl%wh{xuX97TyG5juOPo<~SC-7=*evo5D7t0Bkq8l(~Es4m)p)wqY87ZQozF zMFZbI4o_~1b<|JhA&ypHE1Zb&r)&xnXSrD&4C|0A=d)h0f58kP(ag~1qN~Glkud{{ z#`wVHnA#gI5iBOVC%YTz08Kg%OZ83h(n4s;YRkV06|z=~tkBbwUFaZH%`#q*QvttE za{=Ew>a1*rg{@pp1XkJT^GuSjLh3Uuxr9 zLJV0qUwq4&&-eS34Iw3ek%HEr5-r3!%)2+1p5}MY=m0{TDRdP@{hRL)cARYX{Gqxl zbUSWS)jw&FgQ!F-TO1p*=xE)5kmGE*@`(Yv5cFh9am@{(9FDj#%R-^XAgf;C(I^wxl_>L z<5Xzs{){s0!jT^P*-5^E_C^F;El}BydNg3j=qb)?uKdsybHk)YxERybBHYox{fyO$ zNU?*6neiQ3P`tGntIr5&>$Pc7t522T*dR!NvY#4`! zi8$K{xC8mXa^mlglYLz;8F$h~5$r)1<%g{$ZaCvJWbpQ2V7!B;vR;Tb#Nz}@b3xV) z#tLjnOj~#D`g4kB5JR@W602tm>jxoVj z;k_J4L}Urwe4*S?H_uA)dyGm!SVX7c2u^Rw$y&fUR@w9cts*Y{hO+M&EPV1!Qbw8|2~e|~9& zYv|v69zFhMS8dyQ-HXp0F+=Gj4i&`kFBc z8Nm&G=h7ei5;?z?7lFGbHF+=*nid=JGb^lmq{V%;yKu&|y5UNZJhGZCfs+Sm%72(n zBCqTgVCKCZYz*kc!RNK`FMBN5W|pxVCbP3yaOVOnK1vlZ-t%_zBh_|f$n40r^=Pek zuSL=qQT%Xh$-JZp)W)+^I^#(f$J)$n+DKT^df!yXnhJk9PH?vBe_uQ{f~*|JDcF>Tx3z$IQ|)%p{V` z=^-(NOY=OV%vmkZiz7QtTepatHL))W0>`t;@YzW84TFGO%->MNDcTE_5R{LDX%SrMGUksL#y$VXa z@O%W#B#02l3%(mO!|W(i|(cW+txzs3alNDFYGc)vMUc8jC_M#IvT! ziAD**L|b2BsA;e@$W>OS8*FBtc6~PqID4$=n}GN8Ct89IK|0HOdUxm;1mmHO^u(Jm z>#UH+X1epQ2z#iq8q@~6$j9{P`7=~n<6kpj2PN1y?CAkUT1j7Q^b9&Se|$qKt5fjj zzCJ_MkL5~ntIJPz@DfFV!sdmd8Q!FC?&!W~RZ?HJSIig=>!QrIKs^$zZ2R5(xTp@3 zWOB1>gEjTS<6&V84VQRZC$7nt)m2jd=k#b$QdXd~M~2#XQX}Ga=z2?ck8NdJ>|Ci7 z`KAE~EMwYu+1cwiHXp^YrtCo->jCVz=C8``CwQ0^w%OdHoujN>1uEO736&SOyOL$L zn&sTcjY`*{VP=z9i2k*)HQ{yA*go=l{?S+3B$$=5Qh`LiP&ri~q6u0cx0hKh(Ss}z01fSvkeLv3h!dYN*FouaG*DfFYQj%^AG z-_(|{# z)fC^1>gy3*I|UREZ@@%pb$@eYmtFcqL4 zcVcL}Jauoz!K@T@E-@bdD)75GB_$i%ax{Now{shhVB3?qiSkbBc?V}e0UP0Ty^aIZ zkdhw_`Q$e-sRVg2&wxb(aBRZFFFAL;gXZI6j)kj&2~ z9P!lZ&H?gb6V#IYGqfes(?6Ast(!bJM?SrH1t=d5O3slJBQdH9OvGXijrO*d`BZk& zO@O<~SKFtb(sEuCeZD)$?T=V_uOL})hc>=GtB8i%euvR`yxsi|X~&A~@TcUtdo1;$ zH~$pRtG_uLrtme#kEmR1*?_0`9Y<##;axE3oTv78RhmhXw~*&np39NYLmaKW!55b- zzfn_512+JMmA+6Wxy+`!eM4k80W$sc0W^;~A`!oF)P zKyEMR7k!uz+-oX$IeyvY+GIKAzZ&3WGL$#gmK_-R-X{b<1VJV6`}}BYm2+nuwcpdk zw;brjcc*bx;PKo^>m7u7)fi}cVsjzyQjnHGbKJ0}G+r=yb6S+_M0JQy=1Z1)oAZ|# zs05Gf0;1hZc42`$5WxFz{U)$tAN0^73uK9;c2pcsRh6?h2Z>hEH3{KemUa(HQlyA= zqBSW%ZD)uC#RRe~*i{((5X9RLW!DyM^`mpEkqYJ_V&@$Q3H;xNdnV}^zcQRgI%BnS zS?#`1AS$t(7(rP6F2BE#r4Q4ax1Wi%h_pZn$sNa`O47G6aKa-l>}){&E$cPlrJu{d zs;V-mAS6*&mZOO4wBC~+mT`+wskHkFaW#YmQ2k2=ZFAxoCDx`ZW8f|WN2=Xlgt)?e z9G!w2GKX3$(RLaZFB>B6{(jN7F>T3ydBxd9zB>!SoW#g$z?CHWZ?tuKzAgbTeQ=!oAw?bcH_5yHZi5oEL#{euXMc#m~xO^4VyVw^`! zr&j2#0WiWzGO7L!-fYYoXzv|1u?^_<+5x0J(H^4IN#OvpN{yp2^h2(^eSpD?aZwNa z{wn?vCGY+Q2znT$sM(>R0JBL@C3FfgG;2BqZP(q8+_vSC#QF?;wjrZma$q&NNYL9Bc1z`=@ zYM0x8m|p^j#O9$^26;+M|J1GC^2iA}-JQUt8YUA673s?f&#pMYj|on?6lW?iZFXlT zDr$OoG)lmn|9hPO=^u%}Y}9xp7NeIO-0>ht=+Rf{0mxlpgxYS8f$+yxIw93OX6YnX zY755EiP<`MyKAUDRIe7|Cn$3n09zD<%@={qmw~tUlOu_w6xyhpL>y2dKGZ0y^X4hf zqIV~hI%~D3Gd7K)KE*~Wi6W%h$a!c_g=TzsNYD^lsGpF!MSh^`eR^0@y}>?(Ro851 z51r&PPcYVxn72q$kW{)^HxKXijjVVPf1PaD0KlR zOVy$g{s`%Y7<1O{(UNYH>NJ9^k)%(_J-X2>xFOUa&DYsKaQ-FW$l5kJ7iqWmmr#4~ zjlX?d($eOrS@5n>mX^EJVmW#~Td^haLePCQ@A8*ELUpP+A}pwYve+9JR%)mREyC*_ z)e*^)CZb106!OME1B!Y&8<4a0L~BXv;S*2`Nz~N8r9vNh;bhOLJq@oDZX+k)xv%p% z_5s9Hu}wMgKSZsMmr3*X0psV26#@5Ht zxTyB93D;|%)shkqSZuw;NDZVOdp!`LJf+7ANntqeCLr#PcTQ6T8(E}o1g_?yKyu24 z(g5RO3vF{nW~LYGrRA&3c=zS|c!$mh)qWH=Q>v&{9ME7#E@zshamBkKLS+GEJCxZ- zO#FC8S&FPgL`yJuWs4=nx=ylxgcSG=(d7z-V5w6^!&bqNPcrHsKXw|wOsP1RM9^7D zFZ{}wOwH&#+<#hY?`5Jv80#;#?XwStow@gZgTDW{9NCofil-zUhR!>I2{RpY?45L!*706Jq)ii?|_AWEL z8cQxZ=En`eb0jlA>4GvkeE$Q8lrHCFsg+d)`w^#MhCyxYEp(x)UK>m=yI>K($aESM zH8=M7f<99Y((XE?$d>3P9j;YVKz}B*Ex`FdC7?qAEBm3EghK?2d#%oY@zQ(OCxQHv z@i38;3m&dof=ZR_L#-_*JDSOX0rLBr=An>Hj=eG${QSvl?l~mh3TsQ@8?DI+9xm|D zl8e^GQ){S3&FZ|s>NB$P?aqbe4;wqR!( zxbV#|1kpC(5O7AtJs5Vye3z#$Uw>$ThqI<5++4WCFBx+`A3j^pP0Nd_>R;$UPpqdU z^C-$Y&GG@f;9=Ud^Y>c56Gpm77W;4Ha_RAO``sqC!&kF}w3)h+%ISflSnCG&Lcbt$ ze#5ihB5t|m$+BJ!T`Tf%R6@(Dox4u%(+MfO4~PsQ8rDEur%4&_?OWM1ka~4Zq@BJf zEJ&ki3AA_?Ecxc5sz>*`Grpm>^#ZF=hC_|_(#EH_mN{#V=B#B^-U43>r&LDXd5s0+ z2?WDW=D0}IDCK?;BE5G-O!$15EG)Px!d%=QG3;>qLq+N-#E&1ur*vQvnp@UwxIce0 zOA$hTHv$&&Qt4CjFj`VTVlNkQK6v@J|;&Z zJ}8o_SOQ-xwMRc8u+-pQsd;s3BQXpY_hNPvH7l(&S;S@A4`ymg}Gi$n%5i z1;70g;DS8w88$O9#0iRpro^?#0FQO(o6kmDyE zjL(<$QwQh~fM_R@5$l|r_{@v`<{}394glEP@Dh`tGd`Z9pnq0wd*KP%ltKS*PgMJJ7_|0lSw<=s3)8ya=94kBCwc&~VUR*oYB*~3B-Eld zNi~Ck`C+n4iVZoE7Bkhs?3AawIZ`DIrN`Jm%Hr+410Wu?+RZUN7Lo_Q$Pc?wUejRC1j;^pQgZ{)8L@z;*BbNX?{5+ie_%aTNcs-`)u0E*7^} zPE~Wwb6RE&ChjQc9E?dix}P9XCrB%tf#@+D)9D90^#qjQYK%lwy5)2xNN1 zZy<}0-ZbEXQ||?`Q?IcuQ~MX1l5(&}5C$W|>eqRkK@Lu13^#^p$cy_7LIrKb%ooiZNd@EhJ&*t~DGJq}I_xHHeZ{bL z*t5Vr-k0sO=9%_<_nxKV*s!c@6B5X!9Q3Ltsfd3XP~TxR8^e&ic)K!zklMYQB4(!Jkd@QxYD+msF9773F+HYukY{ zPbY7$ zY_PA%Itj_EtQ7P0EZ)TD)A-n|khdT^B?fn764tqLeah`-7OE^8JJ%k*ht$gD^txDw z?<@AHj!Yoz+$iN=vw)Ovfhv8#SP_g`Tb0M{^zs=o-TZj+Fx&@IR&JZ=79X;-(RAT- z<&uRJKj1-|w5I;6SLB9CpAuG0U}GsAHd#7Qv#2WzNunX$ui7VR!>J_TEPVR|$SDw# z^gn3~zr4bK(-;_-=vn^DTwuUsV5MXDA2kLBHYPfj|E0#z^s6ysO}8*dbPC#;GqrVs zxrXBPZ)3Us9<2xgot+@A0U)l>GI5*ZJf^4HA6~vUdVGwjOIeo76&@X;iU}0u3=o+B z(Ne^IE;BGxQBz$2?C$P)IB~)0{KHFI!y|KueG_9-Q!#wv8-+0d8A3)@_*h9TCH?ZVA^Ae&a}e_YoPaT@ z0hjpx3u6E<1CwK11}UqIs4N2_Qbt)$Rx-!nhpy~c+XTk>5sfUX$mk&A=95z6m&Vq6 zkN=BTUQ_Y>QJYczTgAlA&BqUW^fL_%^_fjWTSHP+QcN^6@Yo3k0NuB|G(UdN`p?(A z5QrT3GZ{>R*%4&p8y`SUlZ|upfq}lgy`4UzlZ~Ab2xl7epY`{dVq={XP#YjlHDI2q z=r6^<8*N|D2-v*1KJcgu{kenUmsMO}o}GApLj<|ko7Ix15|F^>a_S2W%slY+lELx= z1%)+Gx1(V1%*^gTwEiUk^5~+YyV$>b z2ZvAA=^qJnzyONH`n!92r;i&P#wJJm`%h8Z??x-byzIo{#Ky&5mH$sMsN6hy{)b{% zI|@cEA|6s+#yH{&G#$l*2XP*anP1<2lYP8-3K~A*D;yh!)iX8*r3(yE+L{qUF|&kL z_!o5B>1~jb$HNYc!=3g$tEIUKxP8_2UAsNCFf(-JdMd4TmA>?k3P($-c=((2kCDKu zB_pdd7#*+_4nWEE2%1#y`M1=hE#vQ52Fs)K%;)Kso*$i99$TDFeg@hap3!WMKNNI-_F}=sgb!f0cM6aA=kh%lG4I<^&YZ7w3B=6w5Ri_Z zSx`>_fFlqr;Qc4p@mW_3iH3y*Dx{@k>1TW4Cx)@9x#{jTcI+o&j_#{ESp)FQ>^}|z zk0dGNe;fv4NmIi}UhU6R^^J7|ruPAt6PA)Z?l(h)AMXq+K11jZ4=UeXEdVeynVO$_ zf0Bi@jhUr!$iDH1QDdl!0pD}b=I>SwfW)AzhO#c~?H|l^Ui|}?5k6!|PDcPraMHfH z`T03u|6hK;3L6`M7Hv-KKL`UR3IK8;&KzbEP@Sv&GhiAZ4x*1O2`RXr_-pIAZWwYO z(LK67V4Bbmfek?7n(h#=9?}o%fdN?gXQUc{RDv%erJwi(tpPBd_>VB2%X%-w5X}p^ z|Jv~n0Yc}1E{K8ZC+h)NJ>{1$9#8V`V(B}2J#gC6_wVYvF37>+Yb2jnhA(26?B#A4 zILd#F2e<=9kZs(U6qyxYLB4YlUqrI)*WIvS%%asJT!bZ>MPI==8iud*L0=F*jHz!x ze&X~W-~fw;S8xzi<2QJS1&goWi}3?I1d_=IdV^ok`WJ9O5a7=WWCZ9&`u8Agg7MEP z?1DAC1<);Sa=l*>`!{ev5&IW4%8^rp(@!W?)4*;8JKxa^T1?5$8H`wVBi1c0WZs6> zHw$LddoF2uBK_Q5E(1St=XY>bp7J;U1XRJ@@6DHw-oU?4^_AYgsNNl?8Gg94e;(q# z1C_IJ{8vi;q>$vXlKnu$vpTsnIsFX5bP%fZxy;S}e3yRUf+YFYzW5qNh5>AMW32I4 z>*)bIhek#pzcksse~MPz_5MxutudXWzVCf~X@t_VxUjK^s%wB?I)QGHu!O3uq%3Hk1Bl za5gOX)E}Kw-AM%y)^g*zAuROJOZjZ@HAcsrj+fHOSHb+SQqdH^qUZDeR7)x?{GbnU zzK8uXrAU`C-qZkW(j4cKWK1c94f$aB<3rki??l@6ut}(*)uf+$3-vFHU!Ux`4JOLl zmNkP#TO&W?#6DKlV{-Xa{@^W4+S(<^isd_@7S};}22vu5A$)>Y_!zAl*p(uxsi|Hj zmnBZKW+l|<&r=1FytGY`hO&(kK7*SavB*5y(;_gZ1r$;M=VCoUb8+q2Q!7V{$zu8m zJk}}SYVmi)LUzH;Xb$^EY1V2svc>WCLwch2V>KHD?@c8g&3+u?D%E7E*Ss0necd?m zPewe`g-!9Pd+=6XsfT!Y3KWu{*A1UQ={C0KV2R(m1DmFd8b#rui&2!cmkTJ$AlG1F zu~zj5$MfaT6sTarYg7%HCi)*E!QPY?4QD0 z{;g;E>kMvBD`<|hm&y-!;`oKijN_CuIv( zOs{So2p;m4goK@KNW8EQ7yr1O#H<{hmnYPUuF$P*yU_?lrcyEBVP%BltsD^fArimK zJ2fnnKO0f$L@CDgIGK5wxKQD`L#+t5MF+P2eat6wjyn&sf`6Jfc2V7<)*9BsAE6EI z!t_N3XM#%aV;{pclew#yxsspx0sI1X9sPtbdUF*m!!BkxF_--_tSUHRdMTZ!w!8Wg zjSl~=a=P%)3a54!t>lN$;H_&2cc7`q7V=J)u7X!-VY;t!E(O@#2PH_7%8YpoN5 zJPlGmb+wEy;d~NZ`%TSom6mK#vx;m>({G!QNV*)nh15hpDXx1?74Ye?l`hXjkiMVS zoUK=l!tpk)BrA+#g_ybiJ{(hsaP5sodT3UQ*&z2)%B`&OIX1Wis09gYvFdWJTsq_kf!gZ`X(#n8v=P`K`PLWI3kZ&XTwM^S#}gf+n&;s z(ML&dBpiSnWX_S|w9IgA1ero0-UEB=5NSjMSz2i1>_E8nHg7?Y0IiB&Z(e9hg|BA| z62VjYN;CTO_m?9P=rMZ(==vr?dVkI<14-ER%3&;)%>}$cTM2gIjX1Qv<)5cXWNs3s z3QK~sUeLblBL4F*jiSV7Wc8`GD1C#6s})KtgB&AOReS~={3_b*)(-Njo$&zT6rlHJW1ttL zDF8gnI<7oUH3KHQeLMJ=t0GTuYchv%S@aCX7P4gd*b^kWuv1L;L^7*hRAmjXCz(>d9xdiYiI-_U1a)-Ays=d0fF z&%8wtd(e)pNRwe)zP{$TwV-+`#Xi<4P>H%TV0Ke1iF~^>eabC{$K=3KVX?vi`*ea} z7pu+8IMv#C_2_tIeWYi|rUD@C6)q#pg%Ep%H+8slzVz;`?A@f1dp!l?NVc(KhA;t6 zfICH2wSH0Qn4amQ_nA*wJ$p7Kl1a)Qe+yG$-O@U&%zY!_F=hcog^1Nzrd+zIK+|&7 ze?vX@Ih?p~ZBCQeOdwIW$augjd(6ATBfH&uuFm%@^nVWn_CrN#gOGH|HBf>WQOh91 zvk`*ApOWDtdO@lZdMyWqOITxTy|oc~XepnBXS@WbMFKzQ4M>f3E z$Wlgky0aC@pyZf+qe6*;iZ=er5MEb}tsUmEQ1=-2?K`RZ>f!As*@i$Vyk3a8c0m4N zvo0a)mIw75qgIA|^=Q#-)QW%JIqZu>PI~IQ4?JDQUHne#XvTGO&c*Sz&6_>8KnEU{|zJ&!ipj^cI}jyP|Y|yUF%39bJesW92%ev42MCVXdAmd|^lqz&g+O zV06{jP`||6xk~?OUe@27muW-P$9~3*G*psZ7|xA=L!H2I&9?bNcg+>+R|@V9ZcC4? zaV*4>afwpwz~YUNl&_36a~Y4#ez2g%TNa1h_;HDy{1i*qQ)0ztjO)Nnw$4L0dQ|2H z=)G3Y`cXnv z6ogt@2qR<%EKwzSN~pU39@>@v5dSpKTt@B603d23MPNOpL~UQDTaEOEEe@yA=t#Zc zg#10T(EBU~vGX-76WaQ~igCpLUsokNecNJ8)S#2U@!s5AHEb+=ZkuA@GFm_c`ldZ^ z{=4{wp6|3>fRbSAv@(QX&vTcllrTIwG)b5S?o+SD?jdOfs^y$vKQ5KCU=zKVh(n@W z#1^6dgvoMSO@6|yXK^57Tbi6rshf#V*T7h~-SYaFPz558MpMKU4)w`fX(&e=S?OuI zHwyBjLK8kR6)r~6*1iTsZoA}iCT}HS2~n?dxU_D@EQ_|`{Jm@Q>NnmK5|8?@CPs75 zRs~AJ-7}60n|$a&-WL?9!ZQX$_YP5+=UM^sz@lohFG?xuDbL3?oIj$~cIK9mU@r2< z!%imm7NXGHH^}C2ofluMd!;vsNQ!u-J@E+p-7u_#k5hSs?Mu2T0~LKM^%Q^ZW1jLp zo=@C%mHT=pqUn#Y_`7tvg>`>@$%L_yJN|K|NibLe=_!xiB+J`LpV^8;Bbf4uLj1c& z52cR(&!gAJ&G4WzF8zqDbWnVic3*Y8_x%ZLbkM+-`*wU56vIXS6ubmpbWkgJQ z!|DSbu^%T5#47PLPtBp7p1nj!drRFKFi$D^ateOVF$=#HN*>5WV$-d(Q(-!)wnb^; z2_I;cjd^#YXnI%Mb2yaaY?sZv2B$XLsYn%lQ|kF{QQ+Hx4xWbfzRa5&ulC)*W2Y)A z(^LVqkLT#1Jo4JiZ2h&}{qkb}PFO4?eJHo(Y0kJOefWqj#z{1)O+YD%XR{)HUTeYv zx|Ae>r+MW^vE!$?<&cmtmV@{>>{d8btw?I21N;!ad`#$HPnmRDzCX#~Y7UanlO2s~ zq-EP6YyD;Vnnmw>z14+B<+j-}M-o^X$R*em| zb@8sf>Uq@6ltDU~`x9~_`eyb9^p209Jrm{a{!-`r#ogrB?MbhWcK2|#ou?Fn058j~ zP30~r8DK#jz@weR#vHKI>3cO^?D!s09*&lnjf{yTqu3b?u>~c+daD=bSkPnPv~l3> znar~!)tX44AA$@9h8RMrCKGxJFXn+kk)EvOeS$W`-0~+Ra#zbWoL79QS(NgglL(}z zYhXLllY0T4-xL~s=ZIIEDEmGX8JkY=1K!5v5E^e~yd`Ro9KdTTFusZJVP;EZL@9<% z3JGYEq`gqlA;hElxz1N)n?*`#7EO3DI8U4Xas+1)B0T6hzhC4?zeaU@wS_W0_C~Ja zL{!|%4E5EuuI4gqQ9O>0C>eHKl@lBxvJ-1|Q-CG@Jh8}!e@*RfzG&A|m5jcdxh4(> zhgxTFQUzI!CCuPLHF&EdNN?fE}zJ6Q2CG@eJ8()+ZO;S z$>MvB(s7~p^2JBe;F-MYI=u}->}tEQo$!@C^9DX zew%0XPOaM&^1=SHvO~PiosBlDJ7?IwNQIRgkdj-FowOE0-du4o9Lsc@#at-8AM04_O-U?3Y z(#CM_LMp!N+tSqY&>({5uuA}Bzso9Bd$OxKph&~ZFSfL(p$mB%)mff#qzI)ghRX03 z%@Rqr)2G)`Hh2d69LSUgkBd}VK89Y6CHVk>@8)>B9YU4J6A5oDfQSxN@~DHU*0Yz* zt(;WM-N4}kXLbSmUP(@>H{-~ipgP>eM+jKkKM`ma?9(*q^d&gs1q z3^6u>EzD@cwxTRJWeZ(mOScjt25Rmzcn`c#LWXZbL%f^A`|Qd-a*kNrU7H83smcy- zWY;)H^b;S113d7MEqHLQaL5X^?)~%l-JIve6CriUp-vU!gB)zi;;sFqtQ&{p!>!jm zdQAdl?F9J+Ejg`SvN)KmZab3oOI(-dyVq6K9Dk@!#k_cbM4GOi7b&f$dQWkimE351 z1QF!=-oa7Zmmx}cMDN!bo{o7i8W=|o@V+4du&BMSX#+h9jN*pv#))FYM&cqm@TSg~KpznS~>7exTJ?p(> zU8{Y(pYc2X_EMG9EQwKb@XhwzaDVyt8K0)fAN3pxi~2P0m%41fZe7n#>g>^%naEdz zLvz+FE-?sp@~ge{!jROgS77Y=4H3cL$gtcmN5Rse4agX5Hfei$IDJRvwWJxbx1||* zl*ofs!8bz<=zBNm(CQz$<48xXfu>?cyKi<+ISP!1Gw32@e06S}xZy{URQD(zmEFxS zvM)vAzC&WsAaBxloi5ZgOD^IN|23^&Of8hXM?TFT?7(tk2#kvvsK} zBwwVY^3$uvIDg8n424_?HxHYHLaZD0({GBc$BH74yK?V}n<$3I)-`TFOvI5kle(AK_Zn5*gOj-<^CkBvp8gSaNwflJNn@}5;ENLo|qxD z;K9%MG|BA7@@@=_`!+oTPx(h;mxTBHr=Q&2V0}d}6KObL`V;K6SD(|@&NOlnJ?zIq zv-ch&Upp`pDoB7(5R;3IR*mLd@1igHEENagU~_o6L>HlVcVy%A5@#P`MigLn4=$rR zvZA_rseC6YSaxo7NZv`vi*A>ao3do9IVmxzexfwF;WbYXoexEn);zx#H1uEs<{7Ks z+LoYAP9!FktZU+Py#rE7&VGyYn!7;q;HZ(uih_UqVS-`+%XBU{_8JGZI+r|db(tc~ z7q6vVS4P+WSSlnn!u{B1(rVzarR$9b)rd}&y|U73fU1NdWC_(IBWj~E8($|D-~TC; zUxq37G&dK$V*%;<^&%@|ml`X@uxl`*Kej*sL z)yz;g7RfF#Mh+}>3^f#wg+W{7RYBHJ>A@_y$remp<09sMAMD$l7(Pxiq+(w<((7Vk z;`P-;orvRdz7-;ntyPI-Gd(nsSprxUO>wMU5iJ?HQ#(p)hB_*-mUfTX8;8pe#_^UP zzchR~uJVrvC3f;`4=z(Gu#(PLD9Jq0uLhQo*aW_MzTp`{;s@koOruGpw=svv+rl${ z$y?JYlw=@Q`ekN!G@(zcMgJa5%3fh(r<0DBv`sovN{%p&Cb}S=Nt$3eCE;}A7nP$$ zXxT@l{)7yp8q8$)!lW(5DyVBLz2IqL;=ZA0nnmOgE*&Kr79GcW{F)z*1b4M^OspvZ zzD|W706$Wdh2YVZWHp)Jt@^t<37aIq1VWDN={9ln${leX?ytceS6|rvouVK2%*so^PZqZX0)=$@y%BIWw4xWAM^>S zTYcRP6C3XfulOBYriecC#)Te!Waq5%7{o;!-%FZ1Wk$CuW7-Vm zJme`|rq4v}r4U`~LHY+cM+WA~)77*Mf?f(AL_!X6arJUpFQhe98GMSQ^F#Iwo_I0e z7BRZqSHSXGri2_C`UD1`BnxLT?AM|7%3!~!dm&M@uBR4oY)~{1!=9v~{<7w_8yX>1 znRwS4(#`;e=XuVL8dQP;UA~|H;-8jd*|T)ov= zZpMeQ_bwq6ds5N{J@yM6&yCpBVHFe8jcr}4iezV?;dNF4wTG5vKLqK=;2(wM1yfIT z(meB{X!1oN)l%s+(ZTk%TEp)L^;&EKRkbV+pR(iMbaL+-q0|x5d#rHh)-1L-c**k5 zb4DH4Up16k!Scd{VX#d5=-t^C9CEz2P(;o% zod_FQel>=>S$OZlh%>6IZ9-}!cX0^pKn|@2!*TR3OTYbAG7_XDnpa1DJ~YQy`XQ41 zphsw!89tK33R060N8}hffwXS}?+%RKG;(e?chw8Fi7`W{Dmzu{3XHgk0`RUIQCuT?Kvn)wzy)@WLxzFE(v^9CbYEPi}`7tCNO|7!^Es_~PCQhe@S zg)uSIoe#^guI!y{DEl%!FNd)8!G{uIWb?0kOaqqRAmKW@8)TybR+x;X2q%BtP$?|O zBjc=?EN^jOp4d5F4L?884zQkSsH4AhSv_w%U2t>@vuzu&BGu>O;o0|G9ujrk`$jqZ z%5*xYQXGeksx8xQpge~E5)xAQ;`{*EdBiQ;Eb2ZXzm3UK-F6?BLQ=xPLQkz3ecItc zOL3=t76`^-dEfqNz;+Auy_@Ku9Oo}$V5861$(dQ$HFCOvx8U`d&?P^r)6j2vLguRC zBrca$@-uCydKM>CwBe_elQV#CU0)UDF3epnY%!QqmXafGq;_+9d zwEz^+00!A@n%%Q)hULaY_QxAc&RhgW;hGVEAqUq2Ak|NIHSBSO`A*&Q({Qh) z7@86PVK#VzS<$^WCWrt0WOqoMNdF&ROr-G+dfGl*2@uxk5iY8&7$vSH+? zVPm7+_zp-m^ySk@?uIQr5?pR^{8E*%|3;}t#b>0w2HDyaM!>6iiJ45$D>UPV+bP~vJltJ;O;Pzm z>$8N$2%o#h$AJwG}ZDx9!d?Bq*WrdynNhd zGS8~F8g{EEs=<`ySj+OMS+x21SwV+P1ZRG%j~BGmv)f%ZZC&JrfIA}!pL;0k-urA1 zD}Dsj!aVD*CYO12Qv^`A{rLoZv!aR3d)xD5n51#E<8`;3grQv%)#t;|SC?2)DgI;G%I@ zSr>8j2!{$ohqa}vW)97}p!$asyOwLmt&r8qdd$4N{?(OA6J5VBoB{zZ`&f#FM2N=^ zoAJ%FshJ?lpPuc0RCZiWrx}>D?M?9-P*WUB-O>DYU%Qx-9M3MlEkWiQBO`dVD$K7l zd%~t|4h$qmx*uLKYiOaJvMSDQrrA7`UeZunQY~&q@)mT(dDecf^Iq+u<46go+)`~l+EcEdm>!7{|Y5%iFi>;R+cHe$AcE7k5~I5ytX$s+8D!%_w=&+ADK zl_s?keC$}7b}zx}GOXrgsvwk61% z>`QARNeTm=h}u}`)uuaMMm&hcERqP14{(kg7;dKs@Qm8e{A!pu(O<9C7kfs2r$Y<{ ztqTmO)&o==MXtLc-uyqlWkE(FtVtu}c%3Cg#XbI#zyQP^(N=&WS}~u28jIIwleE=t>kJy!fG|^8+=(B>6l=i5{E3*NxPah8~C+H4jEQM ziIZ*PHQpYRhDDK?>CGDBvpk`8c3^)N7AEmalhZp1QC_LnpQ<6{4Wl}sYiHIwIXa>o`d@ve2b@r1HM;h49NeV;$sk+pzdB<=H*Ba&=R6jQ;^#w$N)KIDS?bbzsa8eIfA% zSMhU;bdkAL434hY0UmEg%G$+u4n;HQ=1*(w*V;(4rFL0{;H<3mQ&K)iU-N0j%fM%%mZdUaj}F5|>@3HYmQ1ocSkr(JyHQP^~plN@&k= zA@4a%SSP@Q9gpp}HBrUDZ;eH!B|tAw-&m5r#n%2bQqmREpZ(@n{6TDr7%QLZBgqg2 z_a4cH zR_Qw!|BGNPKVr4e7mquGfpvm=?WL!^`SMgxNF3JeXT|l;&REm9qlui##N*y7%}w+6 zB6Zd}UOpHb#w1&FBznhLgWO6CxTnQqTOOkmMr0SCT^?!xUtpYNt6icbV_$XJKPz)D z?tZRd_g4L-*mh#z-hh^*d%w5c+<>nd5tA(EXc6IE zVLR{|j>ZS|Fa%9nIU6iyvQngDnmp7Fib6%xF>t-5scs)N`|y68Tqe&o->DJZ`p^r^ zL0sU6kZI}S;+~k?nFJWV~%Z|#X)Gt7$zxP<;@w!?Ln_{t}bXtLl zJFysuBKp)*@mTO9PG8%6F{AH=I&Q`!74BO;FJGN?Z6JFI^(S>4$Yh)m1z5!6g%7E| zJX13gK)c|+ACV6}9N-cUYu9>7+J+x2*#+^TZReDVCO5=rt_3hIzMiqOKY@E`UKGUm zoaTyN_TW1>6Jx}@+rgh=Lu&9;5!B6;&PJ0Q@?HmKSNAOR4@HWyq=O?Rw?wwb#6W+p zmjy^h9mOCme&9tq59GlwV>;}Ck=|KB{{n*_O|!SxgeiJUT-@Y~&Ezk0Z>GBbVPG>R z%__z4zOcBm(8uKvtTs3n@=O7<7PUiKEe(8zX!eAAs!V`2uB8JzmVoO>9j=V(8vC!*40z|@>!ZbCggp9ON0lxjipZuE>4RPL;q)&k zmH+2URmL8=VZAcOYn*%A^(WqMT!yts)<2mvbD4YTSb{i1C<8^tgEQ>K#xYa!KlWn$ zL@xRY%b#-wX=wtq=Cl;dWF>UWjJFSl-z6$ZMxq2FK* zA#xNoiV|m?;(|>kB8R$2*}!C*ztt7#>SW2svczDMH^ixYKD8be=SVB~iM-w~u{Chu zs_s>OgI}%XR$=A8n{An5^d*SX^pqqT`Z%{h|JA``7T#(%j@y@#ygzsKcES&ZwgREd zviL|m`LRBTSpNP^EMcV3jDmsNFh`>BVh)&PJ8gf0md=n=-qd`I@6(`h95?9?KZpEU zn+Y)!T`Uo?w?6*eZoV`eg6}3tz)M(vvPY7eHAG|#NLYouBd>n%^7E7_?X_HAR<&&( zDlL4!E1$|Rm$=rU9B`7Xax$zE)xIZZ44ij+E=2C+v^F z@i6ue112#-Z!iVYnL56p$2rh8Um`{)z2RsyZ>wPgsv!_dpTE8`UhSkD%5m;3Jz{vl z9nHj8a83C6X4@y?ZV|~2BTarsa=CtYL>YS7WA%c!a)PNrUwidKO_7d;=gGWR+O`_k zgu%25#pw64%-}VRzLV8h5!w``!n4SHqoOwXV{{FK?8IApR>PXCpBmD7WJh98bz6QG z&LUJaJ;9<6buvBJEjtfLXd00_5NXG=tXvNF2?`RJn2;1s>p$qOVPQrPMcTP=Lf}sH zYM9^xk_+$_T?MDi40-l#?q}UTmsB3BS9*YjWK(Jdx36nPucK{LdK|Qs9lVuVd;+iY zAnj%NfqXnz4W+`tt-;XAdx3B3X(huiIH1UFrt^M*%6=32WZM{wfhW)s!hRl?eNUN? zosk?l?k7$P`?(^+o8cvdbmR%U`0`ZrvEL@-$H*H6#@!Vc&2hL@lzo)b0@Uauq_urV z(8r9<)M0|4&2*e!;U-)k@BZnK9)dlAcu~7nq=twQ$ zRRW$4t2hk)K=ndUT+;^aPC0*Vrjg95zQ}|W{2FNt0ad;)AD4{in(j+V%x4G9_%5wc zgeTecWNf{gFG#q&`R!?P;cFvtuo&zQVU+B#z3cfJD=QT~9n;y^BHNYJPAH$6x-;!*mb+U0wXHnt$a-!uQTc%TTl47 zN02O~_)Tmdw-vy5GuS`A8>8+_TvJ%paU6QUTo5A8=3;LlWH5zAxC%4aaEi;!rwzRz zU-%hKLa5r@GD6xwpOov#W)zX*QZa_G~9>JN6`oEyCew4wie==^%o$FM1XW_zV)a}BL%o}ZE3KfDq_XuZ-DfGt2zbITP0X0lS&(N;;)!!} zv1r9eN#pLVLi|3`j{NmXc{K5vU|D9A6RNqXEe*hK$B5m_tSRQ2g7MyopDE$Aw!^7_ zl7>EHF}&18hrz(o+dcOWCrkDgz2!42)OBQGBx*Iy&f_FW54?Va_A9Sk&+{}>!HU_7 z$UmfvZ~QztVN-KwQEPSK32gNBCz`Nt^j8muRAMSTzq`9Us$tl1)2bnOd6l^mKJCF6YAdo(e<@!*Al@B17cP~uElZ=b5!G^ge zJAF0^fDQn=8$_a;PP#@34uvJ(9+Ye!5V;+}x&9f^9($BReX|V(40sb_ZaP)&i6Q9G zQ%xezcFsieJD#pffVsPI;Z(p{304#Mxuj9$w`J6;1nFNOC5rg$j4=}={HrF>H zwxZC7(dC=KI+A8?&LxX|FYT)H4_*KmimA|#DH6HxPll3wOC=xcBj0|(Z=^V`@q@(| z!Qh&KJt4XIv@>O;k(tnuiQQe=EKs!^B}|WPVjX@gNuhh2b6@a!dUf0(e=QsQJ|O_5 zPW7Vw7BDUQ5bS~m*a+YLrkFzLYk$JR$dR_b&7sRO)qH{{f=Eh=hk-{nk0|raMi?_%8fdx5|!-opc^pm1&W}U_7q5(2% zg3{$&lNJ&l(h^+EXguMA0a-ipfjtmBB{KGkcuYztvu0XE@g@9I+>#9~ZBa7?7Q)q85Z)FbDT^ZLPWU~#}{KZ z@JV$QS&=x_W5=3v$Xf18mppt*Co59B7EK4el_p&Oitj_?nnirlA7D~u?oK~armjS` zhLH*SzVSi`K#_=_ab6n7sR4JyiJSUVtqH!->MaDAEHhoY*PuvTe3Dd8n!zX2Y-gX? zqRPyOB%Iyyf}^>L@=)w55ICR+x%AvK^*Qy&+~AG*P9qFf{c^+-BD;O+wmwV4`qOyG z=DL!2AXadAe9ijT1V@V{`IB}{Hol*MO?5Gb-jWBTjaw@5kB(oOFiB(joF_uogQGE9 z71}6_;51|GxDc8OhlNtsIR)^^f*Gq&id2ynP$&*po*P4rv!1%VRjV((p`Ojc*F)P4 zG8JkbyGH?RN-~m4S^5NDw?28xx%Bj)4rlzb;|)nS1rx|kpyckZAterX&5#Mb}8)3#HV(}-^VISXD%FVxvnbyp6rl#XB1}quCiMtbF!peM9Ah&+P;%Fc2q<+TdznrWoc#QJmA|vd;RofnJ*fF zj*zKTNGWB_&vg5sEkUUTT?YyA%kyL~3}ZYB#J7QC4!Nt64(i)V(7^#%@7<5Cs?GpJ6=_ zt0aEy4Tul-5s4FfNLBNOwE?JiQejDiR%7ZUhE1}---r@t zjN9m@LxGJt@_LnKb@#n4x)9sG)=9mDuo@vEpgKAU&vETYt0hl0pvc zA9j-rPAyLxKk&YPp6w;>S|#cMkJJkq5o~NJ2r36M|MI!cd=2Y75k{dvsh{K;3fDHr zsXwqZe$WuiuB)^n@FDZLzV_8YO~2=(pB}4AAc-J)5JLodM7p=!}!^($*NvyEi`K z{}>Rr+_NDVy-<2pl#+?H8`dbek&+wK_(JAdSct8xl}}OSXoP^g?*|nfkF8;>YuFXZ zXn%dCij-=|;0b_PT}a`R2WW7hoBygOn^XYo=eP#xg}2i6T-!%nLBoe>3OCfQ0dfyE{Va@e+mb)(bBRp?r7y?eHRgLRVRXV z-6K)(6YZe3k90!>VoV&U{20$B;5+IVs*~V>Am$?BnPakXm85{u%h%yxhj=Cnrb_4K z*NbX%X&|Hg5jyO~B)`(^R-R7<+k8=Yc3_j`&|4fKf5Pr) z55?;cliC7km_XbpHa<3%1NA7|d_L-!&%EAGU@t?NAlq10ch<@Qj}~Qk##Re4E`1?u zrNK0zzsJ2CIkrV(=3NER+|Pc({TeAx!J(dOU8Je)8HG8uRJw<{+{LR_g&u^$QN`1d zdxc-*2F?5ff@7vMxY4hrrpV&U3=Eo6mQnM-vlwRj=hY-nL7I~}z_9=fZh~1ToGUlY zW#N}_aNC>*{o6|qJ3Fnp&u`7ceSBU)>y)%EmhBIG+*{It`cp3v)uUrCjXpgC{cUKp zXp)VGlg+mZvGRc3kj4eatFi6dSLa_aqn_kBFX0roi~>5|s6E*y;^})~x%yrYdr5hX z=jZ+GYC+JCU5O6LOC6!8QbV4(%wV&z+Qf_4q1k?Xv_D#oEN_Nq6wA6rY8Z~8mM1(I zj?}rjQflN*`{S3CqSH4*YE48eb=OD0*T>F)b&QEPP@ib(C{JM+C>rHNjRyzd-&9f ztZjJoVeThHNv-(aRn#+!hu_Tx{k6|5u}$-rP~IpVVt1ny7qOGY`nDz`g4*@ za`0KYPIq_fHchIi9+IvkGlpJbJbQeQxdTom7T40D*?cx$C0LL8qAryf3e1y#>CN%dfH$u+c z(k|u4A~Wpp(BptNuEhp|S+-EbQk!PAooU{VD1oAzyT0#g7EF$t&08LQF%VCIta4A_ zMPS?xE;Lpy!!+ntVvEZBEt86fSo0^^S}k^f-3Q_y;FixBRwb~SSx8+O6GF`6`}=-~ zlH^NgZD}U2Hw|(b-3(MfMqHTvWvC0RL%q)TRLL!iRQez03K_caQ6a&8<@MeW=iDK> zd_6=E%94W$#5lc2qPPtpQ0?RM&^zdb(N17j%XJXBhrsnN=^VMhkPw$6QzUe$l7dMw z4wvHwmgp(LTY7q9YjfVDXRB~!lSX>pS>1|7TLX$rwM8bTp_Zq+k)|IgbcR0*cv1@; zYU~;yG}Q>2jB>?nEl5*)?x?OxeXZ`y`NkBmGi)&6f|I=3EJnO!|0Gz~4%~iG)mSgV z_T@(?49wJ-Tvo8kqM(DSI+=AexYWAD>bzkHOY{JKtCCt#iLox#8FSM+M$RQ)3cz^J zGetiv6cMNg2peoS92$M0q;dLTAEWV!WTg4^v(wO{GgJQ-jh|b?Wf@5(!M(ZS$7Fb= z#totMmrB^x2;XLvVhc#%M>}|9@@VvtlR;0szt2wr$(C zZQHhO+qP}nwr$(V-D}MBf{pOw^ku3Go+H1S>E{`$4#~A-qa6P7T|0p5+tc zwxp8Q?DBGhU9Z5|E#mUr8f`7RIz^woq;!}kdw%HM5JzqI8tsB_qA!U7E{o5DA~(=qp_C3@;o(K@-l{*c8`D?P z1pamh0wj?yr;gh~C-^f(vjlHDjsJ2OY)S>YjbaWvK7VzZuC)o1m%$`{zP08|V~S)v z02P(Q1~2!P^%~IRG!3H$0__P|MRtM2+4MJ+vK}`E>0iIvC#px2-ZqM~fCBv|ogPaR zVCHBu7HhryC zrK1~d1y0D-)nTJvlZ4R-MQijI&#{N0nOOauDPr$+nH4iHLL~a<3pVh`he%PM^lop! zSK*0u$~tasDwPUss5WzgGC}VY5`U|Pa;@qsTI0rW45ij3NnQcCQFu<%9oY}9Fp1`x z@FrIxmb9n1*l6S97jiG35!jc^TOq?b#DGLzFm&ylcBRv>(C1UYV zXBxWLQrtDvgC&#GreF%`TCO8@9dwI1~B>bWUP6IMNc4dm71DZ#)S&bo*ZMj&PCt!kT z`Ny5mTWyiA3i?m4mrtty*P;uK>Me+Xk+L5`rF9?>Cs$(Fu`D{m00KMkI=6Wj{E@8S zreMnH52;Dbda{nYH0WEnM#9!ZF2?Y+ngb>oj?m}|C3bOJj6Vf{vUnC(5X&Yv1K)OE zPP(%W)pKec&Xw#pj*nXqLI$#-fe>cc0%m91;>!=RP9Un%z8eWJGkQEX3{^@T9OUIivD> z=ViBSmfX>zFoO$JSMwZ|%7q|JL)M~*g;&tjm;|%&qxlAG&}h#NeYnVb5$eKTh=ZZa zOETCc&DEPs`k;lro$a1uZUMwL&)$Ie`BM-Nw^d>z`%3=pJ-Bl~2G2+hJ|3%jw;o%T zacy+1I+T_s09i}L9B!n5i!gTmek{oA&|FYl)a`CzW;xFmwO(Fd*F zxkx{~N8ZW-70F00 zH^PsHUUfDb-At#NnL;96DYoO6$;Gj{!;1r~{UP9vX~e~2k$VS4N1PGY=Dc=jh%_i2 zrpnn^2oRF=+i)kl@KqT$z|bYF8b`*iT)NVU&ura(Q2(mVI^WD_H6TZmns!>%I~G26 zPqySw$>d>gPT}1Vf_%cnSX~z^1wSOoxkOZ!X)N+bieg@rymW@$Q>oYVw9Ykv^b#@Q zD{`=>WEHx={p(}lhu990v&W|Qq$d1;eT>*v#f;0LA%&c^u^_e@Zmn&pvKTBRB8#4u z^@S4h#$~}Cg}#EQ9%`a71VoftC1Z7HzmqyAlsZG}77gTPwBpg-%ABi9tTsDr%wBEP<;w3|6wW0nF!lPS&Svpfn39@%A%oGk1aNPc_0;W$`uwSzH?+(pK0f%)O~t< zCEAX!r-v0KL&G(6rFsFCgUdGKO?n}M1*X6?m0dSxKZdyGQepY<@+0nY0&YThcqUst zqAkS<3{c=a&_)JZace%tC{1VJW?p9(tDqCCJgiPG-35KGTV%3RL`!2^|DV5l6E+J+ z?lm2uPr(Sd4@#YP{PCX*-cV5^nkEq8BP$($c}$}v{ls2h=nVZ}X^78nc;VAYdgz`h zI{R3Jl)Rp-DK-i;!V&#Ot{{J%GH*_uSH3GTczC>pRFu)^ZV%I=Kp(_WNxO@j7SI!Z z`Wbfk48wLm?Vf_4ttPu_dOHu7aL=v~f2f^;#2wz|1?O{9 z>#qv(EmeDZcP>pDk4lb7_AI;0KG35sjucI1z{jGS9BB^il)m{=YS3INYZZr9yG;7C zQpRr?(vQVBOUpIpAVyYL88)k^JrFD{!WrV_FMZh_vwV5WXcfb6l(|bpYK$`poHBpc z;bwk%Q34nk<9;TX;t6$QHgSUFFgI4J5yq=dFq~r0(RbRJDz&3iL@>@S$elUJkI5E7 z^X7ALC=K>#Kegex1IkoPb*FeG`B>vlyK!(UUHd^m7oKNWqCX&^tZGR z0|aUM3}^Iu<&0%FVYvsnN4@5XE(N<~0!C;u6sdStHKn9p5 zAJlw^mB-Kroq(1C&m>K^NJX6{-%k~FV_SW=Dp&F0#crH4{e&s$E`493t2#{XUNWDU zz>;^j+GpMSm9K#W#~$M8a4@An^Or2^M+(lEX6Q5GA+p;DWsX!pA%W{2fTmKHuoz$l zdvIyQr^;z7{MfQlZuwr9dRd$n)_5S&FJ2~xAES*TB&#j9T9mQrAmk3d=zK=&eH%=5 z*dNAi@x9?bC|iavYyhQa9#f_H!wz_M_su@qUCNn^AG*T*vlueZUtMBJNj4ektUZPk z+@IQNW?$n}zN6ZR{xj2{yqxg%dAxvcc341USK(`(`CfAZ*5Mx~_1DvIkHRLMpzj6W zuieS-UmDq&Owxs=Vr+*EfYO60Mt90wzS^tAtp{x9>+a-UIhrc6V#sQ}HbN-OK+-xG zbw+F1pk=u|bc=R1bU*w-WGJ=Hm~0$4Z2QLg;4CUPdtkCoMhCyJ5~LGUX1X37MfJ8M z+TStyCO1m@-&3#k{C?a~W2bsVkoMLkm~v6pdsXps=3i&EVc6xi1)SM%}`JW`Sw2A9o>X*UchhT`hfa8=_p5_ zpO9PKck{A2o#|wbnNy&t^v*i!f*=l&@C3n%EapXiZjL`fGfv|Vs^p9>^?EdEmXasz z@wFiJ|Mj5yfHi1wQJILslJBDQ165zuSa9MAsq95q_;*f(Q!9(<#)0hZ(k|-?<2;v) zI~4AnDsiLqGST&w6|DyRG%^j#5X*xSD*IFequ14art+07wsd^5fadqU>BguUTCrwe&w%QV4he8@J z?&j?YCRKy3sj|MSCHHsF#QNAS*gHbxQjUgut;n^ zWo$+X{(o69KAf|cP&>j93`mlMRdEmA(r&$4k{mYbboi- z<8#kSm0-Dj&tF%`f_s(>F*U%zxgJ|$rM1rkO8gEsMk;H-mrQM~L}dwc*0AsbV%KnB zi3J3|=C%X9QJ_Rxzb4D&Odj0{pyc0E#h*C%&xhKlgQA{cTCAS&l2OPpHE_Z#EWMuK z6T77oNd`^)5zJV=X6!7uijyrDzi>vsz=;hgYUN;F;fl1zBP`}4&4-pCf9$~JNq`_>sqmDuYg;|-7gL~YwTl% zi~t+23AVsG&5)JpBPWL0%)&013kT=$n2&eL+|OQPr^$*8lT$X~tAA4hf<%o{BnYh6 z^c0MIp!5ovxE3U`-v4-_7rtX?j*mUnM<*+5a{$NV6_M;>%iy9@h$%tUX7acKJhzV^ zUjk~%gaQiI2v)Le3F zKsz4K+LNY8i&xW}-|gwt8Ad{WtMvy&nzJ6;z;LOU7D1RmyF$|Whxze(zNb*I14tu) zjh-xAA_-8h1$vqEO-BWu4?!KkN{+lJvBC1;jSr;)pau;7sFIV#_j+Zx@4C-n8o?J> z>iTiR(3;1nz8#HmWmNSq{cK^c9!Y!nU^-UqIY=Tt(KMF4{5G`riZVf5WrD6G<&v~_ z8py<?mLzEcm!dC)+-sq$eA`tz69u&qOf!?~Yek}3BsP1$?<*Qd_B zsm|b4!FpBG_EC<@vv5no9dyQ~(AmO|oHl-3B_w73 zy9^Jh!5Ndq;8YZ_|r@ z|24Z>5{|_xS@SRp1q?>Btvvr;AShmF8gLZ|^h2SDZL%~Bk#5N@u&x;K=&qeKPT0$_4r8za_V~p=q)}0r7}^t7 z0|Ubxr}wve$JP;&v`)CG>sLW;;*611=e24yC5hJ%5;m}>p&v(mg}2fU&vlrljmOEW z)6=INEd6#4B-Dux`_Zl!-|{bXeR{l5iUNCzVot7e6e1DN!K>;{?NPR%S&Uj_aWLQo zkxS|ZOYd=j*{Mo!Y@q3RQ4>WWVC(HCxoVD^fJ*3Nv3{pMI1W}NZdy{DPg$Na&OiDd zYTfDAT6*f1q})8lbr~(JSG{R83Emvq|3J z`XQPtJL=F_U2a-U;uB_&)o4Y6^6T3pcMvC^%ue?gugm*oenyUA zPttQ0Wr})y(0~F&T#Hni8fn8Od1Hs6NCj(nK;)Q4YG}rQq2yX81bKm@I_L-Lv#EI* zJokWqMzyNf|HI7W0*ov~@D@dK$V8ZA`5Du{GhN|7T4UeZ>BCJC2Vs#MrBmY(u0iE8 z!;JpUe^Qs_R`q20Rk{z3>On34_m^7M2Wqw}>0D1lwsyD%ZUd;K-7eqN+-S43L#T0_ z`$U&SV1FkA?6CwLF^9@L=KY%SDhU%{v9RV#q+Y~nM7hC?Me%Rt zH5WQ7cfwB1Z2$6NO#3sic}w9<1-c7^b%(o_Are{8hzfgmElYN}48o10d`2S;;Z4F5 zAOP7A$qiq?9Yv!2;mA57Rk&*w%cdQz3t^!J*5U>w_@K;E-Zh$TNy-vw-Kv))16bvY z1L4qR4yX7Q;G9mWa}lw40YzbkGlPuj@v%fZ+3Thxpppc@+wt=1>;s63bp7wK>RGBg zFg=d5MxVq5;6`66=ElJyYUQuJt#f=Y^`@61)@xEWhYEkS!$sW|`2%R?X-CxL(S6T}U}+qUKp%zB$SpJ3sK9A?Di_8y&K4t{ zOdsskf3i7Yt*El^{fXY-qU=kJwL}BfJs`#o7jeSC;<9oH9j8xBR@Ha&g-SY)ait=IoRS#CxUmoWjA0FjR(=h9BW7YNXy6SWW3l0R~^Mftqxp=vb=jx$#ml0FI&F6JN-_Yu-??skk$ zvK2$50txujtun|J{p1D_i9;vy55MW0vGnRq@AM#o?JRTAzT}g`RgPxD5zx6E#5V%F&auxdkhZY%}Y1#s_03qlCnqe5ZdxTyjQ?bR zo57GakfZ9_9HA7z<`&O2{EAblP-?Yap<9;AU+zsX+Xs=_bWHWgMN;}UP87P6L?05Y z{dm+Wxfj!7FGd1SV>n#T!mp@P+3x)#BLe2oC!$H)$OVgkt9G{l*>5r*!Fao^D|1Vk zNvdDx`3F;rzeZw*hazS?8!)@tcF<)cT2#J_W<)>Z5S2OcjGy$UNj#)`d4^yBOe2xH z$Oc;rSc5VtkM;;4>91P?MeGwN4|*fd7~iouqBq5$n8CF^J=B5%sp29P_ zuAn~tPpYcJe9HRyjAAGp;e`7*DMtU08p(%?{yjxl#jeA<`=Yms7G6eW;l39DJI@ZL z5#2zrLk$MhQ%MwBUD{U5H2TAs{W`qu0{2GYE~7iFMWe|*&pDH@=$qBXBL=;InFXEaN644%^%|53do^nR^oKHpQ&}2 zdz&9fk_jPllc=`tte@35$r@GWVsuic;KmV$q&vx0yav0G0fTh{NSW`zr80fz*FW}D zrT|}Ty@WHU+^3R+nwGPP6X5XlPp(_1dB2ev8Z4!N-&F;USpj!3_$Gv`2VRv`eUth= zWUxN6Jdv6ECi2(QrrVPRMb(Em)91dKE&Z|vX^_!L z_Ka~VJaiNA8ze`^bZ^75fw5sNeE0kWqU~4c;3(A&YMs21(Ow`75)j>>b`H*(b|hgi zkoQ0e7-;j#&es^pt~AyExer>AE3oI==S}6>6E-8Juqz*Yt+rltXp2}t-U^; zPTDOR;VC}NFYE%4%*v*i;38EvMqRPsI-pl^kkOC={Uz}&33OwaZS^r>JLwFRls#~n`bm|0 zW(j51uP*3#vH*Sjt0to@&@bcJX4t?AqYu9%w60nU{g*#?70Mb?US&sfQqssi=*R(u zUN87fKIPQxl8&!PX#>haW7^x|W0!jVVq4@?m4oh3@_?w=CaE@`HF;aEU zUUZ!1uv&Fpw|t;)U`wWmsKOql`>SS({EaK}yxXO}{3e90jPyk=;z2|r&;eW&zkxg@ zmYLpr)|I@TY^`j;wTRe%(n zY4h{g7M(tsu6(9>Sa+2YM$gj+pi2S2!Pr2RE6KdqVSHTuiP-P8s!bgrJ31EQ9JaoW zO%r4@A~zJW=?FgrZ%v~p20Gf1okX?g|jIk zF9OB42+mi4J#xES81WZpcN2rll&zTVnEkK?GOC05*j#|ge*6k`;xcm7*WO$z3g)VVw$DAb&kZ{DT=tAtZC#F#`^qk=E=!1h_mQz@!dGbuf{mU&q@J={7eQ=f=RCvzjbEu-G(y>g@C9N~k3-7Uf0U zSAsTAOu6W5!*gz0mmtUX`NDYR{lgfG=?WukV*4@jCG!t0J?;-^D^WVdcYS(=!MtsH zwV?=uoMN%HA0WrBj)l|Yfdl2T0zHl7gr)g68Y5ChP9&&;Fx;YaCX8W;T?89t z@7zphd%p;r;4XG6v>-#dwIR02DSa3S)Pnw1{!(>u-bWYhO!p}YYN3joTxZg_WhNeZ z8F;$&1WIk6-@GlC!)9_usplxwz&IVV-QI?X{q+b&U1P1Q6NTLgyh1AA!`opS#8gv{ zXg@k9di>Z@#x+cYBWEgJvUVk#GPS`K`jC8Zr(7R6u2_q9ErM8zaJk8M+Igv(F-Zre zo-c^;F!WYKG9o6)MJSq^G0jIJIPic=ppy;;GdY_78;vnRx{WkH#G2d=Zc18nDw^ol zvd9+bHy{$Te_*2*y1I+uv`hw+wa0&s+SI%&Hs7ZCkLMW$am`A0^|Jq3veq68 z)M0IU(9Lw{7^Qv(Id80jjQEE~yW|*-MDDgTRC+8G8xog9A^ONX^;}_H=6!s&n>d%l zUX*P>56$i{AReMMUGshUG&?{80pu`!&|!~ln`QrmUhgm4mFTy$8PzzDwtS%sUM+y? zSG>0D^eQB|ZF~*kZy+}fhxt?7)&9TDtijQ_t`;vHN|?A&2@N?_@MZ7kcEth?!WLX1 z-PM*^ofm0@jXlNg7y7pIj80dr=;9!1=ktx6=Q9HO2t<^gMfIp4U|4Y6M%eoCPwmw! z#Hk`iMe0d_fAh#ZMxvR${z5{%aN<3j`36#IG+cVOA@VG3bJhNXnJ>>3FB;Pdj9Ppg zE-c+k(;J4oEkczRsjL{_llM>j%V#{0`qq4wIAzx2R93f;27Tw7=6*PiS?=;?BF&~0 zXkn>mKNL{ZC*uS4h+-PYx42_zgK?jWZ6%mY1x+u&n)fz;lbPj63f?PrlsLiz++S}o z{hP`@UeL1TA!LhrHHhFK7%%1!eRRWM-zI8(&G-m_G+s5hKiRM9qjiEnLX_E^YHxTF zBa$;c;{ee%iJPemmCfApm#0eV>IN>(!Pkx_;~&-}4~T+rIE}h*Iv^R(tf*D4;1y27 zwY6tUVOtH=N0xX}NnGj(C>&E$GuaiAHc={b5@D-iicMUE!vT%@)Hu{sF>Q6&0B^_j ztVRwYfwX?e{K8WxmOn${86>?^J@l_pdSqcgCZa&jBq#Pk6XOj*nj)3#AM1GWrb{~Y z9?uT%pvfrJgl5dnMIKDn33J2;#Av)*!IMy#!q#N{U%nHIb$u8?N8u3+$>W@?mIMfxI@IZ!h&wl*rp+9+l_(N@A4#cO zTH*vu1L2ZkD_Sn0Yi{mY-|M^RzpV65)Jgz0wE_dg{Fk}mRI&Txo-k9FuY$VM?Zk`N z?YsO5@9Uupq{Cy0QlRzIlOJnsa~F@%as{RnFRnkk|+7>XgW2mrX%(h2(-4u9*_UrLW%|q3c z*jyHor?mvxR%m=Nc`P5PHuy@vTU8uvhQ5SXch2=hmiUHkM$#oj4r}3AddF5La8{fu zF&s<=yy%Ykr^N-TK&w{*3z#(2d@!EY{dd3Ns73{bh(YEN%Oh4J+PCibUim{}6|?fI z?3`8;6(orw_*%v8QkoOpCZM7W1Sq%c1+Y#Q#*1%j=@Vnl}A(!FXdb~ZH;&y2V z3)BtOHDNH5;hw)Wfvu#otOWYWjssgXs6t+=7G>Lv_vmHVwkso{hTlJ`*9@H>$1hua zuxADB>5L}_MGqlxiN3lHhdxo;C<%LPG_m5MTY8aTiL+8z)Zm4|%Wi7^?u_k{4}rpV z{8hA=X&ejW+oV!h5ym4BrFg#j8iefW<1TtB`jqxRK26RoS*zqVx0jpP93xYDAXGnz zoel7NMIS-p)EiB5rr4!Yg=+dC!9af1{*(>o1UK|}Drm}6&G28IZrp6Qu$Qe|+l{+n z*+26jEqga+n;Ao9y^Odeol{SWsZJh>M^#vS{A~?-#y90z7_81${j@L|id(_r*|dAY zR+=sRAwr0AL(1&3+Qfv>RFx#g)I0et=4)6m(*N97T7K!H+q9Y`E9XG&o#)|NwTTc% z^_5L1$v5^-+A!0`w;l6I{q4;&9RuMgd6>6Q-l~Bgh)k zn$_y{!ZFecs%yaeqiQj@CT%%R8b+RNQ{NE#FqSz^=}m8Dhv0-EuH>h+{zj}nN%+`f zTFIkMIiII$_R<929hK3qIEJ=w*!IJHx97IShhcWce`{3WCLx(Pc?L^;Epy#Q{Z-(27DuG-MFO z2g}pHn@EDyL+qNAfai^^yMd9Y(w*ZqWRc%c4|x#U28FiYy(7|sf5p2Dmbbzc33FMS z0vzPUjCZW5Kd{{B;f7HkzMBS)9Tl$@=6OkHL_cl~^+D_Nu1NPp8H{g%NxDVR@Yb4aYc{Lc z=ryafnBD!5HDd*7+7dzQKCS;2naHcE51g(|U|k{=h~wE#t9veqY_? zP2ua=J3HCIvYr4t-`vqts^y;E;=T|*hF(6#=;_Z>@l^*Y#V?3eV*wLx6rdGj|W>6Du@HraGPTvP;I4>!zG z+P3C1Jt%5s?7f!#BI$ShMCIJnR0#(YI#6a{EqU_C9W9NizlgQVl`v5~<+DE8#7Dmgj|9f1iz_^f)l z?HrC?#mKjmPab9$6$+a0U%^j=x>%G26%33-av00d^z16IV9n&RY zKuE4y6_eA~%g@LI7gmmadQN6eI-BAc!AOBdT`E8lX*|p8qCY5m%so{`9hiu06oyKm z?B_U0&?2yl8vh!_rZ}>+cat#cb70R}kl>ZZk)K~6stZF@34G7+3dvtcyPfR zj7Im<7Tv%jwYL#%z{O%_wG{x_=ioiSkY4@92(fVY$0j8uP}PpSGXi(Wc!`hvJTkq4 znRG=7^8&3L`R5^448aHG&CWHqJBQz@Y9rGLBOy0eRW6qSEnvq|9xothw)<$#jUQ$Q z1H0s@0t*$lSH)Yp=-FLPbtMGEM3ioHE+QNl*TDMOJ(*WX=_4jDm&w3eE}IJX1cuEegj$Q}P-VILSIBF;Yz3$lQmo7xiCAPf&0$ z&mtN8ZrkEHY?-P4wI%ZaqI(U}l_HEtAp5QEAy2^te)r|Av_{uk7~&5091)A8Glw_y`mn>OT0LI- z6i~`x)U~1R07QAVL_1mkf~{>*;o;*%LB3z4$JpR5@EYy8iAJPQ1v%Lf)OPfhv!mis z@S&?le41O1g~rscanG?A_9h%2j*2*aj2Al&8IT`n@@UI>EFDFfST_aFFQkORb~uVH zdabSp)D5m3z0eycH8<3Hy~9SuJPq5PZ5`+q=dnx2k>xvwS58iBL3fB)u1Qy@_zMJS za;<=r^gAZ--~fVP=ZB`@w)CMmtO=VJ;!$g`OBz-F0_lL$_o%N?NFKc7^8_|;Pk~p( z7x;9C3e{cpg<$QBwMPH3%&72`9muf8WsU{CnwbYqsGlCB1_AYkxs}Q{T>}?#@PMV)2$a}@>O^!j5Jsx28eVM23F2h5s!op3X{7JbHds?rs9 zun6cj7}=w4L?!4#O{+5r)fT@uF29ij%d*tM|Id17mgb0u?B4^LFf`TK9AmL?w^Udm z8sjc6z6qctdzTI`QtCRY0Yp|XenpIU2Y6GwbHQELNd z6JZl0J7W_lUS23CXGaqQ8z}dUYfTNi%@I`J)!IFyC}^h_7zn5#iS4H8iy|q@H-UN! zt!nD_zgeXJp1)?MzFOAVOS$Y*f$<#56+(0%fTb*gqv|pilqs`s|a?6~%|No+#EC8i?8Co4eXTit;^Mn!*)&`&)X(@imAF2>Q*xwbHlP(|V z1>NLG97_)!S_dRlnC+( z*bU@w;GzYT6&zxnxJ_gp`H8=!e5^L4p$tM$GKkO}QBfdD9mb!2!*RvHH3HVXctUsc zlr&gC2LcXnsABjbm}c|8gOA!nWg=Pj5zkQoa!w@VK;#F8(q0pQdom7zDUi0r*beF- znf62b0P%H00=5V#?A-Sn2M|xel^`IB!ht|PcSQh5K$A$w-h`sK!-ewd!$IIguFSdB zk>GGpuEdF{?hethb@NK)!23rtJJNFT4(FF7Nx#VW8vOGY2gtdT=F8@VYakp_$M@H4!-$EP*&t2A+4kI0o>FH0?o zJR`S(>`LtAOn3+u!zoln-;S<)#IjA!04ZT6xvANbK=O({&kH@@OQ#O+#O?$%{>QW( zvo}+ktTGP#F)AqY-q2g8x?=c2YoPQP&n4`j*wb-yLwTpmi%zU9jQN)oj^( zRFKN}=K8zt+ShFtD(@3V{+XxDPzv5Bq%&3BswihC4*j%N(Y%$6LHg7{Zk$qIs?Wog z&ybql+SZ6G7POQ5>siWwhZgXChlHO@>rD6^MGCOEr|_|@p}4uNBrkWg z>~VelI&g}c9ZRk>8}Tm0Wt@t*cf^7}Wyi1)wxcQB0R=f4Nl!8L3FqSP4cGgd{Kei2 zk?Km4b4~XnpvfwM3p;?Ez19SG;_~^~5P$#APtO?~`N4wnfu^kq#lDZ4XGcYHTRQi&-+k`;u&<-oq5*;bQy9-z8fsH%$YQ zSSt17U<#Z4=ziUO21^GzfKnx9%=08RlL2r7SXe5Y`1^bk3Q3tyji5h6NDNb$h$h~l z{Eiz$kdM(Ir!JGsSvE;$sCae{m%5@}JS!uCqQ&_v#&RUHE%8wgMd}|?zX8COwpJ`{ z%_LpSbNn9M5oHHThk;r@Bwmk9y15)AZBWFT9Yx#!{i1o`(5HOU#0L$pDON#E0g=W1g`n$NUc&1AxvGq#G3+U3p1gcbZr!IJHRpn*Q(PcqHQXcTh$3?&RG8*XAa0926WhaV z0@*K)HzQQ`fvWh2=j`1FiF-$rU~ft2TYC}LjKg~rgx4n{Ln9!}st%PNBKuEgI8haA z6_truZYi;h*}Orx48_|FWs5T5IxHCu%6=V1O|_O3d*ED_vEF0wEKZRmm5KN%u!#Ww zB_s`XH2Gq7*q4<0i@14xzx3h|vb0)XtA#wBrP;bLmCD^X^ftv%7t2`)a*eRG8XONz zaFdjPxZy6VqM8X7gN(w-?6fh`Ju}1|munFxIMo>q5MzqGV4i1&DWMzTZMDH% zD>JdOW?OckElA#c_}JvqQ4)0YyI|guwpDc!4-)6403|M1T*hnFiyFU~9w z4|}Hc6hAGN&f!@+DeQj1Ag_~=rM+uHM^W4f zoIN*gEw1w3+405Rm7^LeHt4&e;~Pbg{?W@+P$ek3@;)%OYPT-zDxSwMZvFKt{L4S_ zXZDK1Yb2);?TUoUw00ef)%11^gDX={FK(Tqat*Yz?+3EeSncZKa9V}M2#df0Z|>jmy(jMpbK#g{pteIxDV`rRr1`+jsk zN{z3YAXzA$Gcc(qiy#W-}PG}e_?+rG|8jG03b#yy%XY3>7 zYr@y4S8Q%)e?+y~5MTDRQI%cvysCp2kFM6y8ffk9hetlA0eb7MlmDkZ)RQ$`rO)e^ zvSsUg`nxB)w&KxkQC!{)QRb?c)Wb$YNA7R(4g;1Dj}?im#AH89Y{>V^^}lj5YG zYW-4qKj@+nsmPLJJ*zRraJ?aX+rgB}<8D<8^NZf-PR_WbMipz;9ny zR=(UR+WNEcVUZB&yxURPU>xxP!HKLu_AoOvr3)Qt`yJa;F}v7hXikQRpVLj8?hjWy21N~NIl(aZars5k{;W*T^(E*)Jc>OvMv@wxzTna z@)p0$tlFBC`(MqsYMGeZU9U!mu{xd3rxF9-N%~y|>83x6dV_TVG7f{RlWaCfu4Lv9 zR%|9{GK)_o7MeGLG9N$fVk)D>OIn@E)|h5*Ee=nC1`>AY zwiZ}6JE&`)1^cJt91oq}oN2zENxVjasF9DK={=3AgfDWpg+acqh$cm;nr;7%W|QXH z3{E`gZfl7)YXvpqPAL6Ibu^E9?s69mT+hq=^yPciYxHnd?9v}zKZF{JHGywsz(|0z z0%q-;ScALTbY$xNsGWk5Ig%)N5A3`R>B{Y`X2zkgD8KTkx^W8hq>D{;bE=>(CPkik zzaz_VgwwTZ+8-h9!QFZQ>Q0|31T+_kDrw7!C!Z!KwtP~SL{i#BQai!$4H{WV@|8a5 z^PTcohaZ~PvJPTiZL9*GGK*somsJ&C8xZUBh1q!Luz2Tutd?OeDx%&uqJuk-aSAU| z!#QZD@)Rl@!Zz&1Xjmx}Dn^Bu+k_$rY%w-!RBGf@4}s6YOwwbkcsq@Oo0Y#B5L^HF zY{A?a!n^O(3%hOObJ>>Z9hSeXRKw)Aft6)KVY?aH2PlFM6M+ePeQT5*q3Y=Ss$6N@o5 zy7W|!Zd!-JSXx`Z=1jIrU{*HjKvY?+!PN&cMI*2&oip47JC(FnE5}hp|Ae&M#rSQ7 z`dN}l6eseOwTZYC}B+kD1Xy$>XtJg=Kz?#19Hk#IG&)7NPyW z0c0E;{|%4{xHy~JIg(S*DO)&OoBTeNTnsHujGTW{LcajZ`L|BmK-okc-_63=9N+vG zzBxLYnBvleu(kb#hUCiT7EbuT_y4qk8ei4K(dloFf;x?Q1*8Uj{j3Ao2?;JdpQELy{ngRqTSd1*#8eG5I`UhNMy4~ zd{ZSMQj9~6w8-ZMQDXp@oj{BRL!zVza2it<%MKz#9|R-xs5;ORYo6FPDXz-XBwjA zlzQrIq+c5%CWLGB5|W&I(~8*Q$51_P4Sx&s64Q`paxMHh3j(G-$EYw`&yxr%mLDvo z5t1a>7CzA48wEn7*B(MrVtVH7!e!7h!=?^3;kfLr69FPlMt#s1J@G;DA;uVy9msG@ zvjNhuQB&hXFcwn=aUvA*!F@>jpFdV8H99qiFLls97FczJ9Xbm})dS+U`e>ueENp}f zy1;%&8cQMbPzeJu0-uussI#_FRv6BVU|roHv*e)c@BSeZ5wfunj9EN8+6v^Bc@N}w z$XYH;coG8#0XonEDLBq3n{_nM1JUs0s$Or`ceP&**G$YI=fC^oXRV&%`xmZ@*Fw=aDru|zLzN5WN( zbnoc=D9t)UiNHFqC^dT%8gRq$0Qt?5KuMZqfoTkgOAu)*F`?uFD5j5q3aUai1r5$c zbXWDK%J+12j73zy;VKb4rIn?P%v_IGs|_;n!dA(Uf9a;R6;$BnJp+}w7B0SAf~hNS z!kg&&!AxN2Jk~>}C&KI-_sOQiYJU$-irTV^)|?w1k{jxnHd}O$4ksj4Hq&h?T{}FQ zH)T49#5X`}t0LDpkgRwgS$Ak0pZhbo| zR5;Sz^6%nx_GZ!UH~_Ad69pnAnj@QdPJs#sR6?92gT$!$dno@Y_ucHob>)L%l$94B zJ-%E5cpNG`#29p_-q<={;($P79WuTQd*jMwr2<%}%t%8-1~iadB%dF?+PThh>zou4 zf|2483L);pH9!gnwHQWSf3%1~UVpSio4n3Qi57XSo}v`$YK<8aAh`r~65F(xlN!d+ zS~3KT<4`?|7=N_n$o#E|f&=p?y3qbF{+$_4bJAE?$5GL?Dg^W+Zo;M>CM`&7xulx`*C^f-l-?I zedy55gpG&vy~6YUI(h%K0TlUA&*=NzmQ`26^Eyj6dU<;D-G2KG6CytB<#v8^{pjhJ zH)T}!Rl3>!F{Cf%_vd@QS0JVrW`)RRb<_M~jj!f(pMvj?NaT0#oaGAiitV*mShY&~ zuf8}yv7t1jfD?PJ7))3J*kG8l+X2+9EIUcRIJ0oK@5DH13rsHtz% zTT%nyPy7i4OK`h1e;e>7?#jkyor8TmWmwE$kTQogHhvLpAAAw0HLyjFV6>%#CsLbk zGPBh!0C=Ma*1kPK6z>3_PzE-kJsKmumNQfUaVPL5&VR;$oI-^W)o(eY2O20ChL}Q~ z7WmD;0!jFG5(StRcLQTjp~{H-7E$6)0b9*m4YH;wFOq8% zfs{`dM{CI}x+Q3eLx;mE=1O6tEm$J4&s8OL163n^J_? z2>e|Sz=5^8wpl}+$^c?bYX%h-HgXEbXT61!{^)w5ziTxkvM=f&IWYT}_2owY@$PDN zL*?t_f;C2(ssM_8SK9aHetVPWzz=)6zn(bV#65+pjvTy44fno|{)YR)sx5q*5k1V@ zxO3ZZPrk1>Q2DvA13l+bYU1rNgZb%GW7YF`nN^yPi!1XHz9zb8i&5at zOZ>r$<3AtaY7d_~L-ef?E7S!2zj|XV^z{FWOQEi4VhTkkVQXySj;}?J&qB|j14XA~;c4=pBov(* zz7_*M6aIe+747Vt@tHZ;e}_=~PY+YO-`s!PyZ_{b@wK>x>Did*8CV6`S%ld{+1Z6y zMOYY_gxNWmnV9GW+3DGN@&Esu{LUk7Vr%y6{xLAH{vZ1?Bq^OvDI&-tuUFuJh~jM| z@%E7LHKFlb@Ia&t@DLL0{1C1D5dHJ@_9OKUBdBK7O?3+kwq{k=MU4v_$F9*aM*DpF z*3Tb2%(Jh&v%a@CJ*V8KS0zacejLSF)WxwUa*?kYv(M}qfEd@@8w}>aYk{o(E703e zO?fbdI3c#cErl@!H~}{Rn)9^zIH4_oT=S&!umWy?*XC;To_RQZwoO*%+jBg9x=pY1 zu!66EAM+)1u>4#Bv`re!ISpX$L^XxybQwv@2Vj_u#x~*EBiI=wtD|?x4$v_;#-M=^ z!`vAyCHOh~ok1fvPI&f+*C-jhm&o=V65RnKsi#bR8cj6jP~#l_Pwrfp3X@*|=l8J8 zAx;2o{w?4!;im%n5Y<>R<>+9db4gMS$zlNv%%o+KhwSzUHt;dhr&4_;%wQGN^nls| zO1=&fIUwSNa(Uyts{o286X39uN`1^34+NLf0C;&6Gi^+>K%c`AP9C7$fbqD!F)e`I zkarnK9}kF}aCc~KO)h6Zb>S}n*Pzajdn|eaT0xxlXx9`QPG>xOyc=oD!d?+C$nOyD(V=h?NM-zsiH{HH6_Ctds{FMU_blenckmVeR{-Gx9{r7L$!&m^ z)JJbXw*wEL1T31xJ~vOzmz@B64k8{Ix(m1uC0n7rV7S8f2AK}6i{Z*$C@u-Du^S*( zfy1H|iV4ddDDDg`*#!{iz}cbc4*-i$sv&qLTL&`?Pd%ZwA8+-Nr!+D;4(07 zsk>JL7lCPD!cyPY(yjoC+Ki?CPHEIuxyqBmjxl4w(#X3}rAN6`l9hegLVm$bfz1N{ z1;z{<8@M=dookj=OOt==iTVh<8&p)_*q{bORWW7h=XE^kn8wZ0(x0Mu(lNi|I>+9Q z*L(+nn;ctso2BOZJYitRK8`nB9dnh;ANV1F>^p99a_)G@F^%IA zKLPXsCxKId8aEkqwQG{>YP9{9KIzhu>d$Jl9EPqIIc(|k&oruTt5&K$$@%6SUOoeG z6#1m3FW>6VYKJli&9bOtE&y|uUJvLmn8wwX)UOsTefzNnmH_pkdzOB9BW;;k6d^UE z=fERNKYpjtC%`Iy5nZ$N)4SJR02`M7`A}_yRFr1Qe)&jLZG_zy6>O`eU-epP15~h_ zLZz9M-+$8pNhw6P^jNCjOCukJI2YnvR6Tu`{y48u!d^IgifV=s7ml66Syni_3a3>W zvh>%#dSlpZ`BOcOn7vui)2QWH1*eQz{%TWCkuXEm&4}z*maIBRb#h{cs`C=7RNahp71G^DmmS@1 zrmbO{$r^31)BkOmV5bUYZe(+Ga%Ev{3T19&Z(?c+b97;Hba--QW(qMmIW;vk3MC~) GPeuyxa|`|e literal 0 HcmV?d00001 diff --git a/docs/PSA_Crypto_API_Reference.pdf b/docs/PSA_Crypto_API_Reference.pdf new file mode 100644 index 0000000000000000000000000000000000000000..23154711c475e98c85083a19e5afa4cb051127c1 GIT binary patch literal 527887 zcmb5VW2|o9vhF)<+qP}noWr(l&tcoPZQFC$wr%UqeeOEh>t?Uq^FMET-rke`p(QQ7 zo?q2d)kqaY#Aq4mSfNN~7l&7&m%x5iv2cGd6+Z7OK)0SY@dgl9rk$vy4<^P0dU5kZzs5wFE(c6XV_bz&Tqa07FY`Tz7ZGzz)fmSb$q zVLVXwtObL!6eoSbD{TUe-Ee3~;zVl5G=jQYBoY+P!fKLo2gJEFnpOnSe*7DTd?3mj z)+G>acT42p*a#TKHhY6S8c2w66l*9Xbrf$Xs2-(F5ZE**InV}%A3`sNOKa&Do$k(;cGrR-@%;9Lq{_?M;#B8vf+9Fk z@ypwa_vNYhs#~y>9fqq@UcP;GGaru^j`k-$&x6-Ft|C(aY;)|4OD>d8m;6I{=0lGp zw4F(cGbPSUmAFs%3ihGZ=-C!no+PKvCG6abz&A`YFfvR-HcDv8%`P6+p659CRZ}<5 z>1~@2d-dtjU~Jb8EE{oJB;ht_M$=BZrWw%=^7hG>FEcuI96NVj&mCRP|EyQ^qw2BB zF5D_?ZGLwMb^dnO2|zq3lc)h58$EtzpFE>>>!5q28m*qNH@g^$is;mSWR>;%l?V8V z^{sToUd6pabAmJg`Yiwc709?m7Bvm7nihF;@v~ zTn)`*(1aS~!91(vk59So(yoln!(D7BHT-RPil^W(G7PD=#qK_(BUZVjtPA`6cAgg% zYC9qPGIEgRcEIjY`k~5v?X6_Qy(gLK^{j}gwUAPM7I+m`Nv=&Zj{gA0GdYFr6nn7b zzinU1$jpCo28G*d!&>KKZr?X4pMFHosutV!P!$zrB|Y*acuecYd0=+uqw6-?Y1c!m zvID-v2)@^}mtJk?Hd%<<*sJk*!yNI|wa}_Su|UwYM8JazyIfJ3E~hmcYjZYQD&&_? z3%EoQJgKa8d{)kod(6FtS;%31cS*f=)<*b&x_9C|gS#?KxODF}<|(_}L`kxFhL=HweMscY?i8lt^ z+o*%t<5wGET50`!PCjq-St$~aGt6n|KUjr0~@+&dkJzxeR?>A%>+#K8OyDa674-xOkIVEv~Q8rGDx!)8b5zEHbO)3#1v9)u@= zh+B_QUX1~jmc1A#MdN)`!e9UX=~+WdG9IOMOK}8@=eju~!Kcol}2TNcY@t zAV?wMk-n7_%@bS^D3ClvLWXehwqveoZQv~o&bq4Fb#-vXrb*d;8Y_b5Rn z^pk8Ryp<2qMkpXR1rY&5UXg@M)$iBGV67mbLp7He)2G^%9n*idCoyLDn4|{Us2U8) z(~N2M#zyzV2lCj4S4-14zDSF>6GA@fL;uH{bGp_q(47TR9guDol$YmfFavp?Ekek=d&iChm z{OjZBgx}Za^D0RGlq4tUcDdWH*YiPub1xA;j(Yi61lv;8TGf0i(5!Z}nGM^9PbL-k z$knlW>gf9j+Ge_mbLYux1Dq|RZ=_#8_vxc*%7+}B$$@}7G`2dO!~1+_oGhyg;l%A~ z`{}#;A|-03ddJnU@y2DLAlD@U1zEB_G3!>h+1UGXC|!nQK`86tX_72!E#_h4*k{*$ zuIfSVa5$(7Mx0Nl-R^vcg>AvU*NS&0M^-s^ZU3+US{kp zY|IRDhU}FGsmCTCX*ft*jOfRi!{>!ap6t+q<9_WTK23J)!T#{U?AcI=uW4GZ+3o3D z<7Yy(i%!$YNqxUHTc$GH!UweEB-F(7{G}MQg;venb-ZMc^aHdb)AjA$K81}5maIe= z`s4B?rU3GBcA&>1mHuQ*mh6xP=k3|v@^$u}!E#u_+K|f`w$3Idll+7IhodSJD!Vyi zXh=#ocjtsbDSItcMiM`TmfQpg{@!3|5}7^~-u+NO*%-cLun z@3Q*2tN*z2Yz6h6Yl)cZj7gB~LPL4S$NJPgi-a_k7sY?Pc=HQclcnUBL*xoqL%z!a z?T7xj-57+8h^+ltkuckyzf=)C*Fja^+i8Bx%lZbrQBZvPpGwTa!1523n3MItm6(N{ z>7Od`RECxvia0{>&WqY3aTkqG`FUheT$mj}AAz1koIB)kf=WPiK=?rKOgUoB*4=t1 zZ+13oLTl@m@|IH%mrr`V3>${k7@07j-kLi)ETG@wp^FloO0?TEvOzJGLNn;aolDy?U508}Bm#zD0x zjEIM{hmgpKmk^BYiBCL+IjNW%TK#hVesnCNV_LL4ocio3^bnH1clar4H6&djDHyW% zEpmi05NA|ijz7^z_*xJ}+jx3h9J17QP!pSTXkPthX-!RE@ zfawN0&QSvH=zt+mg$Ybl_OXFOVLtkXujq+UfWSrtOa_}|$27F#L$=1Ja?6nvp-}T9 z_6#2F=r}TXAq+S&Bn7+rL_&Wbv=b20P=Lik0x1cxqu?mL+LL5kW+&_!wB}&Io!AL* zCh^!9aVD9RG2l$=!}jz|(?;SF3SE%jK#u_sQk~qOInpA3#jP10>E?k(H`P({Nl3E< zlQi4cAskZ;_9F#D!=;S*4%pWjAHt7|1Nwq8w7T6t>|Hv#I`9=+q`g}>zf2X1 zCwke{d*4dhRX39i|BA?Ct!<_VPTZ$u8GE6oj45{CWHqAv^TJH|T;$%k>Rmuv%d&gE z9s_qTRLi@vZ{haji<@e6XlpogP={|mF+R`f zSn+X{SKY#Lm+bJGbE>f#-K0Dkcc~CUHxx5?`%ApT(xZyjF6l;eXZ(#*W8yL+ZL1{> z{dr%CUK9NjS)M((05(4(5^MbeZey%-2#M_qij*sJ z>##SK)|&buE6NZ0CHPw2`)P;#QRq=(b!5bkpKGVXWmCnIluWH|R^jZ#tf*4^YZBG0 zUwfe$k|py7z{*ugw;S|s#uMoFJUi5G+fKJ^z45!GjpotF?|%CFwQkoX6ttF`CZroL z>$wnK^>cJMhEH!sk6i9N>{EfL7qwvT2XXKs23glF%NoP9_NQXO6dsnepg!Dp!T;o@ zFqwe|B}6=ka~X44hr3EROc-%L45HRfo$iDB`>sa?r;p50jYC1f(%Zmg9@aLebNlNE{sh1`H;~e+rB(&7Hpn5`yoGUVZF1 z^yST3e1U{wVpEwcGU_4)Dm@5}04&BZ0_BfSZ+j3geOl+nAXuqVn%2zKwC|3$8@Ca) zqF1rXqNGP8G__S!#0V8OPK}%gRGSzo%$`&POr?2qL72xfg=?E#w_$-~lOU!r6CtHh z^`yQDjuE(7@*SENN2yF40i7WN5m*t7h4l$57{eU4NgJj+OhUE@{%@Laa!M=G7;sg) zT}Xfn10n=1MnplIBw1j}%pmne43b!XMLDBE3|_E9az?PDD&WO51_GMcDsALA8n7sp zTQ0`<0>`5MG>LW+Nmn=V%iBxM05odEF$>Rn{&8xu|~7!VBNLBW>Y zvaTW$Cc=}+h$dCOeqo4nOk_w+(5nFv1du>j$PQ4eBecrhF=4#QfKXkKt2muVz@bP@ z+juCH0HQH;hz|smfn!Kuk>etAW9()^dX%V=bYdkza7UsX>vNJ}1`>NjMBoIRe&P&7 z15OkWNtzc}_8bHh5~D-3XJ!d{K|v7EUvIl{z5(v9gB1k2JQ55MASjSz5sN%-Lx5mV zMDn&m3J6LBU_vC+GWq(JM1zqiL{vl4{Va?Ow@AsqA`;9X5<%$wwG0D~6c`L5Aq555 z#u)$p0Z!x-a7T|R#APe^Gi-tc1>o50F-t-oc7(y!hZ26x8$u=n4qr8T=Blr9MPP1 z062LY#Fb5#A&&=oykXb>v~SJyquR?oJ}~IuDWwg$PUNHG-_c9iz&+&UKfxBCIGJ&( zSVz7p7}`2~>OybD4e8_<+A(gT4O(-|%f0rLL}%F6Pg=>dDE(tt*XR{F)BX2(p>O$xJ?ylX1sdtT7P|3;t%bhO+1Rwrpx`lEnv zRqHgQC%C49xueMZap`8$rw|%X>j9@N&zdFylS>u|zX_>yS z7cKfA70cQrD!ou9rR4HvDkmuGZ6v<0=WuTaH8vn?Td~S*ky~i``r4|q%K1zwVy)q9 zPe5smNxx~pj{QFeP+P(lCRfY z07kdM9C2aB`8YMv+!PH*-@7@Un)y@s)Bxh)Ub$jk`64MvuWrO7hxcjNg z=6|X`2LszbRDVvE|5krij(=P(Y-wuQA^*Sa195kUW8ZiLBw6!_bp@0G;mR(K{-83_ zaKlix&v#$u=$Y$PtD8wMWpv1q1LoF;>>F)U_UBE8X&!hP>0?l{1TAkWvgXlJQ!HU! zj*^8ov*~?hD4KpIN)3j)P6NW*_|z0gL>Lf%$nv_teHrtZGpYQ-y3~1@RT76&^XM3} z0b%%BP_8@eEK(01b!_J*91ojx6hbMWL?r2M|C&F-h6N2wQY?w8g185>4y&{7WZf#0 zTK&dhV|m?3zYnSfN7Le4Qz(;30CAyz#W0(|usB0y1HfjR{_(Ir#ZlH35MugUvtI}YHz3ZM<( zy9%fT0H`{}8>KIAm`MVt5ltJErY=6|w~=)aHbFBW1dzGCwkYJM5P%#&pq$|c09dvZ z(jd+xBb5GZIzXtu<1|$tVBj>c6hPqgAbUXy-71B{T)%xsxUM+?V4!ZFCgFRo6w<0< zFhc}%7oYiJ!79i(<@wrbmgCgH ziLAA0eL6|Kf<@@Vs`h+PY<>F3aSN}N*uIBW*0Rs{3(6oq-|zwvOAT7|ho$+o`GD8D zft<2e9s)!^J0U{-o=vje?A(KPD|LbnQV41Gb}PFjS~hZ%SHPmRv+M&J^-n>)Sn%*_ z5Di!1a5N|TS)=igq?fh9B*-`E6CB%z)WnF9qUq7`#r|pFrWtwA(Tpv|)Tf5+#zb?= z)rzjFIsL{uPW*H<(aP4jFF|#Uqwk7)zu>f;)O;#=4uydss@N% zDLHRccHCibI3Mj&o>W_GX4RXZ~EpeAGoj3I79S#nu@-l*=< z`sTNa8gCLBM+CGt2^!G$);8bAMncu|(I~jjBOTXu7D9hUZw#Geu&e3bd81JWk^=Sr z0Huv??Gw*Gus+2=tSEY&XLkL@J*0-em}||igxclSX%tbMLW(WdaDjBOLX|~PVYy3- zV1qb2xX?jYVudJQr<%tMr`Pn=g_VU5C~1Yda{9*bmUKDmIq#Xj$xWxnJN{;#s>Pi8 zA|5yO(Wox69MA5yNR2`=p5lw+21i&?GXK3&v8lP|L86frN4h0y%LpX z{VYPL#0hFX9AJbP=Fa#5j_xMf&J5iTM6K)@tEKpeCQWGn=+;qDCz8G(_wY|YUV0vE zebQAq>UK$uotiO@)IewDbgnnwo{6pLD|UMep)gX0E=emAJeD^yds~f*R0<*k7fjp; zaFu-Aa^CYwdjhv{=SOJ40@1R8ezsYG&iDM~i9n?jZ24_ock-5*C;9F6+vBUbK6f&z zEjP8h^hrFVnEUeN&*a>EIe|r4cDHN_4^@qaz-IGjbwo{A#Z5#T8C?pqBDb*KVLY!+ zXcg0}${er4(-!arz!Ipq%HuP6HH{$dLb+PeDr>qcVMYu(Kl0g};M#adyK}6o)NH>Ky9F|8mPu9L!&^2z$5e2m6s*kARSR9e42T@tNsKyG|87_M1<`Jk z^zF*p-i&?kmdD7PmKH1DfQF^2RQ+V62C^O5l~LI@A2dvEcqXRR>rUY;ASy0urvG{pZ?Xp zW@2Ice~S--|8x5~IIdo9hyf<#g)ey2*}P79o`o2KBOEeZ3Z_qCzDW(YsWc(+bR%)m z4H-Dn=*zLkn{faDq7&wa(=PM!+@B^cAw@!X0hmx~0IP{eBNM~rmMVvDWA=nJ!ebn| zcv!8f1Z`$J+fYC=%HZhK)Zv5C9bGQ+fZ4#|FXR08)lthdc3R z4XgI=?Y}e%9ns7KCf!H~3&dQ6;V{|bsC5yt%yv&SP{biden(1=YnEZVZ+S4Rr$#Tn z(;%-cL4JqHF8gq-b)Nqd>xBG`ls?-mgExPz9Bz7VO;t;a_U)}~;FTfo#MaSCxv_2^ zKT`ruN~}kO*^(k-&zx&~5hcesBlZR#G-m$fF`~ixSMmzxijChw~3_7&~ay+LC9cq~LL)Fu3h%g}sRrEtQnBSJMbCZg{ZGR(`fr zfJ2!)kKO4HDYF1o0KVGr#Y+gAuKHNEQwx+K=d{;r_>zvDH%?=%V z^%7xwub(#;V-G0g=r>K*r8kGz*Yl6@2fbnwHkF*YVRV``eY40Elb(fIx7d6O;~$gu zE(&**fqT${_f*JlH%Y>{EGA&r)#?e+3JyDiCSclpS7qNVYH`VLNLu%Rgpn-j7&yrmc-2HbXm1eFwbmJajlkFY3$}kPl#Kcu} z@IrKY_RBW>y8q;YS-N1joQ5h|I~hMs4dND%M|gkypz>RM0<&Ec)%~XsVP*WEddA85 zuXOsKgh+-?Vul1t$juk3PdNJXGx?T}Bmg8PC^|#=B8g}_Tza#mn3;HK!`sUSg>6!- zqXbi@uZ#v7(0b0xS*lY9HbNUHgnKr-Jn> zRnNr~F^YW=Vn2L#o?V74vV!7|+AsQAe;{hSHjBV6pE=msvA-|7m-#u`N{1PN3yFr9 zV7jjmp^j=yzm9SY&E+4wtaiD}Q9TawmvxpS=is6Fgx=aDzsDSL_-`w^WpxSOQ-%CD z@(5%p40oWbjB!+|YB~5!-h|3|0h(Y4AQGJq#f14KwM%Jo#`N%?9WVoy?!rb36)~1> z89=$!5V~N9ny&7~+@6XVAv)h>NF|j9;&^Dsk7y_-3P$@?5PTunyq1vq&}Uh5(!THK(-rCu ztx{j(w0a&x#0V+H;mMW6M$#V3Lm*~rD1VWU@9Z2M3Qwj^?OhUH3Tu}2}XtZ?v94rmDXGhsXiRJfxW9}_^H&st_co6YKApY z`F6HCIfbpW*;Q5|oTKVx1H0LQq2F58a(V-9nq%7*g=krV;#0E&r*X+kVF$a&H`)V| zT0GE9JkMbvBN;S&hNF&P9%h}C&l3S_lDm8hAR8NCMW)pVrbcAGN6p^yrK98g}V0`@hk0XXI#{+lvhwS zRcokNTs2wFx7hJ##FgtWOnF&I4@5#DTx8*o^8FY^^|1=*<7BU%PK8MkxsKDoKb!TQ~hEBw{%(X(OsUi0Hy~iO*4fK_6 zobDs}SDtTE3dB)C`da69fkr8hVOCG~0w8xsE7+{mLJYREnn6R*BwhdFxI;Ia-q+5lK@-Jg~{geM|?jr^}cQDq;uhpJFKJx)*@f5=SV} z!Gq_yW9e7?0ybC|;b1i>X*9?rh(8Rg!StF3HJe6G zio74U(5|M3$JAt6r-;wQzFAfvZp_MbOz@z>n1nX~phCFY25g&vIdhA08dfDnrfr<_ z9wOlx)l9~rmh85~7Ey<%T*yHa+)?0NGBaVVZQeaAeSs44(NF?UlYv;&MH14HmSfV> zQIvpsiCRwpNJDYoz~EWqgb(Hac7aVHD4-p^tunF)oR&ceYj9HG%#6#;IP^lb3tvc;#--(qvhb5HpvM!Z+EGx0*6I`}*-nQOPhzp2mZ6A0#hzI_jzx+Ecjw(2&tNV*z3 zpI;x?pI4c^kc1V`wP6@Jrd^}y&=>`A6j=y4*Pw>O8z7g;RUt&^v;qY#Et`&uYDzl5 z0o_m_V=>Mt)1|~z%9pVZ*c`kvwI?-YgcJ?Ev~ZjM2tp{e@CD;KFwhpniOhu>iz{7e zK*bTnQauA<@S4BU|$|*||qKYF{WxeVe zWn?p`{nmOJnR>fJ1XV`naYnYPrA_1nn>kE^4jGhJ91zJMxW8h1pHrPfCHHk`Vys_Q6}i%mge0^gqvy?zHZl-;}^F}nPIKMA6d-R~}i31PbY>wcnH|A+Ba89A%JI+CIN~YkGIQ2KTId{j{Qd_?- z+jf1*d&E?ZX1(3;)H4RNd0RWTgxhp)Cv#V)%`h{yE=&j9w3?6Mu-)K6DY~6k_41c6 zwXa>pXmn;tOlFVM=G9&8&x^yuqQk?g1AoK*_uDA=;K7%{@$4Iv*|~4~;`R6&d2DC| zdQOvXZtU#q=_JsBc|tkMxO&Dj_#i)CMCV{xF05Gh7rZu$1r@c0qUtxHv{Y$BL1cp? zTi6FMzaKcP2Nmp_UFqKO>}hNM(H5fak!Mg+c~BB!5Kr6KpTObSmGaXIh{s--sNS}w zxLo+F9GDSKb!&GyS}%JVcrLBaK~YQqMHvCxl74nTuVXtTRujj2y ztxWmrVihS?k3SHpr0+_4H-amSNojDlPj0w60=J*TH(|#{mKF}C_P*a2yFpI5UpCM6zs?q6uX@<9x_L5ac9=6}^u2)rfF7g) zXgnNn0V*@a#jz=T+NbU@=xN6rk#Qp^?XFWUm2b@F>!;7EANW5UHZQT;xL;;=E>=#Tu0ER(P_=6Cs_<&9dLynz zS$G3*n%zf*QM~BE-Nh^{bt@ueP76Lg1#mxK$Af3@?&wR?K>1$@Bpl#U;0yx&|N~8g(UuCS^fZ z_Bl1kbbQbpks|25Sy7qDQEwCYjP&+s_)0DHaQncn`=#R5<{p`m?v7VM5JY~q=un!s0}>CKjez-nS_jHX&9`+>Td?rf7uYC zPU2nm5*3=lPRS^Qq8QW+*Z?`nF<`qI&CSK3=~JS;b{p#5tS0&hmY<9MF_-89AQ1>( z#pCEZ3-ci$)tfgLX#gPV+`nAIf%kS!I;Wg7m#_eoK+G(8v&gat@WBrhm*T;SpN=gv zWJ;r#sZ*`H2|N_WvTNbtC!*c%5n-+hKD%P-QvOp2nEddYMz;xm9r-}iR?ox){dB!m za@EF-U7Q9}xeMoyad4MaSTfTF?RZO?srHf%LvKQ`o zxAIN4=gp#5={EP%cDYqaO?rpvc}Ba{aZP%s>2-$2F%0BK(c~(LRekb=di$`+q*C^- z^!eun$w3l2ERySFz%DPe949itm1Dw#VFaQUDFdOHK-Mmk9ESl^Nm~$qKWEb&h%Xe; zdj`1;u!H}XR=tMl2P1qIHusdi)c_j;`f3lV+D1BrR{hs6sBO1D(> zN>gaKLX(%z-GR^}rbt0;`(jE&J>>1T5S>yPooe)TXCKy7z?9_|?0i);=`JO;~YkyP|yH)G8A=M@O3LbQfCrs?8QUhZ?nWc&U2}tY@ z@gEPMHgrz;-ONhYv~R+M34@lB^G-R;OyilD-9C0ZgEaM+wAc zka$+?6UBKj0m|!=k*dmAqY-Mf6Hh0Xy#|F7dOo6Xjk$bT=3q~WKSR|ei;2D!(jNXs z8>sx^$VEx?;wd8CS9i}}Bc#Va$ONLKOF?4}O-C4(lZd=4CV1Aau=+k!jh`5= z7TU?&Z0IFiC3W{K2=n^aCE;1{Zx@tQhv`{Hu~kY9=hJaHyL`9D`INF<{D7mnq;i8+mx5G*S?eN>Tzb;hJ~UoLhxJGG2mABwSn0!WRFgl#C)*TZ|Z zUa;(15*#VAz(*>l^pchP{hn(y0kH`H0yZ8mt(&C)in1uAu*(M!o`(b^A)D9NrxQ5w zc+k3?%nb^|C=piU_wve;E0>kd(dnLwk?JjJ{{;p3X$4iBM+DQ=D@#|4&{ngP4FpoI zy8CgE+WOl8inH+Pi(Ef36;d;}IqT%xl+~ae3gseNfKfP(8nmbnp<37^P6!C|>WNkO zY|>PP4eOU{+FS&}GsgKlf1gP%amIjdu2X&2ExFjt>!F*tpWk@~taQ2d(M4lbt&dRt zy3mN>SQ`g{mDmXJSQ%H@C8RM?K$MZAKufrcWjClS*sP&x2;vHOc6D4iM8oVP+!$Nj z8G^>pWJiolv%rXA7>%JRxH0yaJ&HybC$ZP?xRZ|@mc+0pQ^RP)z1No^Lpj)p%HSlN zkCI4yx8VWnldZ88=+qzN+{n1L#O0!mzI{dY=PJhqOKTtFh(9q8x1KI)Ir8_D=?9is zPZUxQeIYDcD)|hHU{Ncvy{`EjEFU}fpC=Fwo%bzs`S{T#ZyL$yjro*nz*=35e7~k1 z>3~<4XT@55OzEiH7@1W}tyj5;T4F8N0!S5LRMWv}iHj=|>m;z%Ie@5VMod|#8u}W# zlOgbROPGM_nTC#wyDM9yi#nQAD0&x!T@J+i=_mzIqm9pQaP za~Ut;Hjf_vD4WAhZJ@L4CIs083$^xpACj~xRY^xePjp_-TKw?DMBRh|$^AvU0X0^= zklR{a&~l(dMc%y9lgP-&)}V4yH)?bwSrqSjBd!KgY@Z{jBQ2=YqfN`vz=k89qjcSp zm@be@%sgG|auG6BA)d`lZdqI(ghZ)scpT}!yo{xlj=D(F$No=S-=F7;&yE#xrQ#b; zkYf0WkAoR#=8rpjW$^I%w`}}he=c)3<1Mw z7Zg|TQ#l9{6(I#gjel?+3Xpn)fWIIEsG8W#0JJteMtW`l`)@`_&eZqw$42_`@fd99 z?{j@0IKa=6;EE^{)jbSow%mB zoSGdBQL)SYF9%dwKg^Z*zhZ~h(iK&B#NIg6Zfk;}4X0yojl$WhyNI`G=F@qxGZ$D* zM~W6WLudN!nc!Pb+IwbtJ_RlnGs@(EZhvl+E??nVQU3`g0C7qE{NcCK91+?l1GIEGFP17Rte-JDBSN^JIR}5{qVMvUrJRu+%IkqH z!?R8)gpB$n1d!U2f3F+w$pAcVtKYFoP>g7#QA!!nu?*W_ToWzfegr}{^bD<7 zQ5si`3O&|YAqi^MclHknw&nSmye#M(32FsRft?=&E;j?CpjbIl8JbqGm~n-5VXw_E zSxzx+TxuxY!2RE7RQJ-McC3)Se^^XO>-=mpQ7{7&@>R=3$7jRDrdfI#z4BcJbZ6kS z$$8wm1#deHiHkL-@}%qGGE$&}QsiVP*;<6&>S9Xon%78ESh7@{d&5#Q$4z@QQ(RG^ z@T3)OHlNrPP9#noV}!D_%Y*8BGJ_H`*UnX2+ZlI0>mk@lj|i)t(sJy+&QY_BFvS%y zwyZKV2YS+iupQFLlh1=s3eoIK+yaerE7+hgpl!QYn`uT&3qZ9n)n!r=HL@TC5i3Z~ z;;S#s&|x*$$^Y7+zYL_5#wCW~TScjwTxclkW1xvF0OC&wrqN+n+6l-Tr#Wqmy*#q7bZQ@=a!1`v7AEBKr}W@u(QgmUzz7w>SDFlT$J~))<5qdi zLUttIGWYgLJ7csA*FzJ3g*Q+9J@}tAg5%$(QvU^4PNx4GxK22(GoXaL@C2ur`d4%w znqa{Y%KkQFx5+T(LBTnvY&9&k+3sOVgLxGqkX=V=1OR3e^8R+2_M3+A2NcND^}I;h zUMvHG%J|FHO`!k9)*vJyu8)pw@w zCxUV@iew0H(r$V_cGfjCa9l=j1eX7k>(Ahy<|mKhvE?9fd~jEEXK>w~PZ_5jQZl#Q zVYY|+QQx%C2qe|tLk-X}J(#AqX|EK7phaY=WuTo$P*Jy5%Q=5oS+fMo$G9fKh|xCP z)l8**q1Bil?F#>_K!3%jikMSrgJ3`G!;MdNsssrjr;l&a9m7#F<*CqLz6;mlV=K^~ z4v%|h90@ja8-nj*`;!wzrFoTwJ$kgVXVNh05sNt6ZcM*P2SbH3O>9}^z+d~WVR2e5 z(v&*bw%b%1v0s)YW^MR<_7Y#iRYB-$o8Xk=Zh^DW`L;dL0zRIjPDVRsr; zR!miTrRfL%qLwNo!HyWUQE&{1Xumx{CD8?^I)J+0gf3tkHe7o7@<$I6>_FPPS75UJ z5RU8=WJ3$5a$trd-Nzp>X>h63!HXCoADonOWKtx_!C51(*?P6+-6=`pg&8p>M<;_9 z9a3(VT8T5ZF*`t_YM3x>IojsZIhN`#ptX`QQUB+$E@hBVlk*p z9E<$yz(19=lxLEYyJI&X0qy$_!Or;q3HJYACzk2I4=phjN$v@<9Stx=zfX|EzK z(xnBi=9Ubpie|-%YOO%zDbwf_EItw8geU`8+3Y1O-st-2{$A(}NuZDQ(q;}7vTni3 zba`%h5|v^Xyvxp-2m5A?s{|$_R8*@ekzadxmXbr3Xs@D5lR}j785$~KIHLBjHgVJw zLP#qOG%SqGCUeLSEaQPlky|8t3HH{GE+jcl+3d>PTfX$={rSyQ*S(B2bCiF(`t44Z z+12#+S~gKGcpas;9X_&-=YiXa4At`D3CkDdP9l{)Tv7=&uFZToiBk1BS)}DP(;)=7!y~pz^X-fBa@{mf7z1)spL=x=Rc&Bg1rtjAUgum@ zddCtzxA#2Cxr3e%a^gpZ)fr%Wrn6QVV#Ke5>UpfyDi8(?%N|*#`3`}q(hFQbw35h! z`n0l6Pk_leCCdiY@usbe^ix$5N6M5>nRAla3nt7Cu2g($y)Rla>7W1Rw$|oMDf$>dF7)3MwT$}>uazZMx({G zOgY5bmR)3d)c+nyxt&e9a}4~=YWBRzcINuF5NLzjIFJvkL*6GKb;e$+yM?p;b&)&j z{QCU-e0_I(`#d2Zd+}PEYxm>e^m={$eRA;i5kR8Ihx6_IIu~VW}JHKbc^?7!^rNi|Z_kDYNME>FbcG9`A$z&FAhQGkR zv$=cXnP99W2Cf)N5|o4X$3z$@89@n=28#f)qoQ7h=SbB`TtN#_7q|qKiztV3FdEKE1VritYxIScAqlaT zjD0qy6))atHLfHeCXN*wNSow99HC@Ao5<@?1_wbfa{{6%nuzjLl>NRc!X9=8kRt~% z=2LMvtztnhia~QeB|-QCK~P(?&P>Za;p7OFXM4$S61g$47O4^qr}}lkg}c=`l(?b# zZQ&?pC4W<`5oP3|*N~FmG%=tY-vzl`WN0)a^&w(WcIHrH`(;rG2g~xz@>&f>Lblu) zK=T|_ibEVMj7O%!)+gN<@Dd0A4`uHdC42L13Ab(Ar)}G|ZQI?aZQHhO+qUh~wsE@q z?W=X~yz{J?|J1KO#LD_mwX!lYBX;cAiTYMn;}gJ2g~~t-f0k+mHFii|yNB)$si|2% zAcA<9YGn!Nj&mknQtTK0l(ih!La-5s5;qbb-64Sm3>v9&3~>u9(kpRLdt-~Ax_+T@ zUnog?CWcdug;|`ByT3G;`Ozt77mE-NXXoRV4R;gM%UuHB+g;0s|LxPo;RPQ%x;Y9? z)fBp(`8Twa?j<({o=mvz>!tN@HkZ%m_luO~Z)&AFKSmGvhqSg-HvF6YA?Dk&zsnZz zZC^x;q*j3GN`>fl%64&VYuMA+2e40~FCm`S*Y0g6`#GUnu&r3OEL)Zx%g&W&9wis) zHD(<-XE~*wIoIwvJlHNAY_d6g+H6f7QQV=ZgD%0IVpZjHfBI4Bv42l_J++f67Z`~t z^;vIKR-fls3{0uHGD`?+o@(S+C{B4b6;kN4s!n-DVyXY(NHjdK!X_vLl^%)ceMl#n zV(B2J(5K}Uswb1kl&=C6WJqm-940}CfNkdMl$HicU(=W;MM~r+83}Im#%+ikB0&m& zig}vg{r9mS42;7mHC%!K`OwhM#FmL6+}N;;)$@-HIcdCnlvd8BxHM2a##2giOMDs# z5d#((OmpNAGeS56Slt{i(xNyCtCXni#xFxG@u5rTa!vQlFbe|2!-#kO4_3rQaUxTW z@)aAR5`W=Kn9<+_dbJri=+sP;smDji>~z6 zK=pVKLtv_hEx+}V!=A(mSR1bpHb4wNzrlx!zVO1D+d+rq=Y3&^tRtr}q3YQ(*oLsr zqpzd)VMC>s_Z6#m>}QvG)Lyi=om`w8|L0?HG%yw%?`irnb)CM=)M;iL&p$QyIh1|< z?_UU$*m%#1aN*A%1)U=>v_bpt=6FPk4c-c{`x=M)^?e=Q=-^sFS@X}xp&JIYsUi1n zCwJB89sP*kI&X xIW18ftSB?2sr9!h`P5tPm%KX(ZRl4T%yUK3H0&hDD1Lxz?1p zhOdQ@7!J8#RqT)$632zD^G5lLoX{d-uS)NO7ULRjgsJ0J5~wQE(-GF2d9VY87-S6V zD+paJoEI3RDbrpOz&L}z99q}Hi;uUQVOo)L3#L+a7^-5W8DCJI&_5MkX1B9w5>)*q z6OdEfcmf_xIKU~5=2|RalkR%d^Eg(cQNt~1#1fpSZ~YafFne~Od&S6rhyn-g>j~;7 z+;C|FXw{;?6Y!fwxSpb7Y_4OtQ(94&Y&ifl&$~I$Pn6*1mNsz+u?^b2J@+-Jo1!W3 z=kv&XooCB<*sKjLI_#!NlJVw;SV$w!a52t^=6d@Z3sOM^Bdd`06+riaG2X&m7iYK42PG_93{?wS5FG z9K%qd>3w-8_9YxRmLIcT$!T_)hwWu+tFbNlzaDOlc03oJbC0E`GEdc)s%wqy#*UK* z*48pyT_dd(o^OPZJBDu~^>&Ec>LfDL7tJ%Um zAsX_Ew|Uon)JjFGv-=|r*2tx5f^_{=|Ms64_1o|*12#>7$ziI7>9U;S3}&) z(`FoLg7gWRtjW>&yLbwC1nQ3`OU04-1tS&ZKJPhi6RY2MA-u6g|C*)zhscYGf#ZM2 zFxgrEGp_nq$R!&xP8s|d;I~}4hOzegoi}u=taME27MwO+zc54hMAO5~K^NbzItf^z z3gQ?-{X(M-p)cN@)=%EB5io#3YO-sAPbN`S{*8JG8fZp;=}L+tw=m4~7n;AeNa#z(|hKd}V}P^P*i z^ZkQDZ!2cBZcev1^LCbJsC(gnc4*kAH!NMhlR;q$;aKd4f>AK7jhPfDc=?uQu|Jcj z&kmU|ZqLdF4NuG_UZ}w>{Xk*21HJX3O^)utdt&H42)|`@oA9#3^*Of^)*gVC+iDHv z6_MYdS0YEQZ09$HCr;s7o8pk>@6H=P(VZ4NSsuQ)RYzS${{5(49m-pv6{w|?-M?tP z{|3{327EB~wa-{9`u@O}4TGXWBe8xDNQfjhUL>n%v4St*s;+3+Z6h(65-ySYz$soX z?n~ev`D=V4YVwU-Tqc`XH0+6Az6s&Tq+c!8epS^T--*pbcR6RXO03hErfjylfT*)- z0xtygcW)*M+0SBV4V@(&HKw+T>P%^ryZ-koL-U%=8m5Tq={tsI4xC<{7T& z3ucJeV#;CTR5tx(N|o}iZqCvQc+IS)2KLxc%89qqQO>)O4q{2k0tx1r*kh^@h15@H zXugiw8~u`krpaC*iKT*y#cZ79JKPwBDzWa~AsSUeI);>nrFmpc#cc_pg#mdS25vV+ zXrd3$Ha5R=BEOyL5~V~mXM=c-!nYx6%JM{{h5D7_!cNlhjUi?4m~#B#=!u1sI1kH% zYMi=d_ESY^9Xp!nM9a|@^A*a1b0=Y*w}q{d?N<8CqNT6DgOc|n*ypy~G|Xb8RNBm& z`ip}yn5AW*#!Zr@2Ve2wXvS5NuG9<)8-?VQ*k&F&P=&$AYeShE)*+$_l=;e{$Dc6o^U%sGH>f*}j$|`;#9;8WZ^00P~IXkk0SY$HY870Y%`0@pdgA^lG@XZKk1VaR< zbGuyhywCueGr^huceWcZdU=reAvkc*YTviMePpX()(Fz~+JFaw2! zBcShYdGog6eC(|C&OASH_rA!%N9gbe?#d0MjU&t#xZgY@&y^VNa>1shFmx|&ml#E82+dK}}Tv5uTME)JLlkmu`4bGfql!ObF8)TkZ*7)*LFuL1WCg)u7D@t?-$pYcmE9t&Qhf?^G+1CG70o31~5m&F;v+Zg?CI;H^_ON z?$EXoB!CgRsE>s|M825HX;aU^BP3eETrU|hq>)hNM_u`T0VYv2xI;v0 zatcDWl`55a<%L)3DG+;K@9Wo*g^6%_VU1XG-MC=sIe>nz`rvJxQ-@MXv!Ci4(}y~FF>inQ%7!dg_4x-ESvV?7FGB^oL9mvQ1o^H5BU%id4ZT14 zu%qy<4h{PFnNFrpwVKXAO^+8^k7GyDTVwe_w3zgOhAPB5SwXX!GWM2*f?g{$wqk$K z(JRxqCC=b5t)&6U%F<`x< zRzOBqvy5GtnZ1mO{Xc#z%nY%COhvz0oH;6R zrL`s8sxOld6K4Aj4;u!%+Km2@FMEjr;QNKHh2F-M=feRuf{BVgck~Tb6rQwwYBdVD z`tWE{2|=KS#$4bdiITsn?3rT`UR9CP#%!NjOe;?Qav2OCoybsxj$)=bxy2nm0#11t z1cm1{<(P2~r8t-`Hqpt*x}c>`!>%nje-#+QBtXrfJ!PQ?bmiI%28ktv1g3#U5CfE& zK~m8|Un7AnP0g16AhJ0-+nO&%5k|^KXK{o?#CDWO^~~Csj|k91Rp|`ZaW*YA`{DHQ>P;}^0ahY^hmkE9ljrzN0fZTDn}l_UGJ zAg05s-og+i6&I3rPT7HBXO3AW{_>)-W#P4PJ)yV5h4H&4xka_N7IaL1XMJ^MhwGvl^sw6=_=XfW3IEe} z#`X`?R`&mwLXgI|;vqdk_X(AA6Fk}m4ZaY49O33r2^6VNxio^bB>{bSx&PaHd@6_; zp?(SxH9A)cPWkS|>Um0VA11$kX#=JzYs*g!$m6HyJqHL~fC9vx2M82wAM#YA*_G;1 z%RnDLco)D3i0A=m;vI}l!fF_v%9nDDnaHnHNF4H)L7uO|87`r{;d>7tNI6;m?&CCc zAA4|?!ovp+Nb(J8Qf6{A6XzuOWeuaUzLA_QMJsL;LxbhXyqh)GQ1Z%($@jY;{2@7> zHk^_cSt5YwuOmg-JpG`DueWiwmU^|cb%P+meiC~KCWwb}LRnJutqv@)b7}aeG1e5} zdevT=0P1XQ+vFCC2HS%wx#$rEQxknnoT=&ypDY&VCyV{wYBiCg0yTeA>2+BEO&CqG>7PW?Yu z5MmFOAta?8<#aL8X-ox$>>l(r9&quek&65bNwhjk^b#sl+y*qlEmB9NsHakQys2b3 z`vR#5d-7m9>FxqY?uMJxgnt%6ycILXKnWt;4T&|Hrx<-bQS~;ahNfz#GPpWbj{#@q zMxAewiQ{=GGo?RolcjS;*+gINuBfGUiKfY=l4?f+eOvOiViT>#G3a&0a%0@IB~Oo} zPG^rYxs_SACH~e}N4ytKLeBFc5)BGS-VZJ(eo!tiz9(`h(V;?Qr$}YzRaE%6NZGtK zUmK7qUwzg!;#cH-4eC`Dbv09K;jJhla-@r0x9-q6YLZ3}&ZF_8d;m^9XiXMbtpZQiG!} z{nn%!RJ?bA6xN+czy5Tq-1k|PBX+$&qd$hTyeSoR5eXNMR>!n`+ghXO{B zOp*#TAZcWWaI>^uNc-l187+jhzZ`4aLTHm&GH$DTS=8crT8ge3>kQSXxe4Dei z8<$n|xL**YJG~Tk153@w5<1LR2k)E9APdE4Lirq-p!Z{g+GawTPt$6uJ911itA8!b zEoF7?D=uE48fNl19}YQ6;7rDdqySKkDog4BQLM@8xH}~)?~L`y@F0s^sjH+1flH!~ zd1aL@s$;+t;#XsK9t3Gdfz~?YSHZCqLXOnsj5T--t1ZM-mAvD)EOcB0Q^Ie-mV*{v zrtUF;sI6wt8FACR;_QhQDXVYdew4;?+M{Q<77B=_Vd8`deCb2r4DybGGqRxRNoM%Q z%7|w`rE$|#2lE&xt9*{rQyXyNk=~>GtvYxoHRGCH(e$ zyE?cFm+PxEO7}aI?naNN#E$Z%%Ai}>v43Y^$1vQiIbg8P3=J^_>v6 zN8H!r=M3B*lQ1b0`{5aE#49YoCm z9|Bpz4S-}eRHjY+e8lOKIOa=^{i5g7x=XTQlVm zLJei-3nWKJI;`1y2E(jeFzT}dK@;TL%=82r`(X!$$-D5g9BSfg(AYO){oVj(;Xcy_ zRbMYby8De&njV<&U;pk;A7b2cD_Wu;xUHnV(x4F_?Z3k6z|-yUcDv7A4 z*53GfNbi1miPGtQJ$zl?a**uwx_hCE2*ln2{@osowbR?~6&tO%WN~Vtz^7G^ zPMGlqsTiD$Re-4jXc5@RT(|{JGKE3ACCYthB97g_JUGiq@Dv}j24Qm%$GVoFB4XgH z%??WwPb8xiTGT2l1OTNXcG;8=_=jOBM&_>|-hyrKAJqEkze!o!@aX2yg=0^xinRLMhHf@z#c zEbB}6O5>Sz2c?^_M{8fwD4-i)#w@!d(xHU0rODgMSrH5dRCr}&KcR|nCtVB5QHnw0 zKxIrKNrVVC_OjRGXNLe`B^!LwE8Y>}ulFk5(p=dG6>AGBf##=98=C3-LY-_h>>_?ncy$8`Icmg*--|be*9;j_}X`b`H(PwuN@&Vw9vFC%7uzuR>Lf-9At~&H4~5U#&?9+Z-bxc zO%F+J!I#bfRSik@D0(VnCS*EfRx~qO0%-Z)-zpi=6z#I(E|N7$jMMwfp^G@OPVE0~ zxW9skB4fztbN_lsno?qv8~iNw01ea1sGw3wtV?&9?9 zZj{t@y(z-(UIOe4PR-kb?XCe&vV6vadnzq_jp^Kc_bD?%qwQizO2PsJ*S zxKY0d5k=3|M>G@_gJ4W_m*>#%i$Ig5SIMNqa4K!HaB~WE7+|W4y<+FAC-Y>$y({G8F{k1 zt=0DaZj_C&*g(p{O&uY+5XknMqL&KS3d?9;W$Db9`F+7{%~A8#Pf-Ccnp#$Ew4pB& z#b`7qPgWCG?=`%VVl(Ip50-kU4UiE|}=`d)xJdiUeMPwUSBec=~ zSa2?X^sH@}!oJ3^v^>4au+5!>C@9`_t*_q8PR0*%w?RAHfcs)Wg_Lo8qAohwZ#0=A z#+r@&_U5HO1g9z382It*wjB@~&!T%Pu!f-9WU_-iK{*ie!m0~d4x8o|owdTS{RKuv z6gq+}F;>ci-bVGW}$p|E+}gpPZu~fc#(PCH^ZK2}~USKx|@V`F|ibrO7yL&?AK0{Ds23 z3Pi28_HJWaAZ5NfN^q3&xLpHcKCJDR)%x=OMWVmJnB4{=QF<4gY|@1EG1b`_koSwo zoRyF(lA=+_$~1BE?dX6L4T8j!0-RZoK%njj#{uzB*q)hg&imFUxw%_26tS4m@Al&F zBAri*Ecq}){1PW2`2mVke8*F(%$+)A>)#SuWe9}7><7oMgxio5vVdv7ZQ;g|&$56+ z=z#>oc1xUMx+^2C#N&r3PU`irnWnm~H%(zI4U8iij@A-4CHX!k-aM@t{0txBYfeM z7RMi)1cF`L(Xlpex1I(9LOu6c;pp^P!eSYlkgYGO?h6l{kOa~vTc~2<(z0dBnK|-W zR{4-GDT|`InZ&tjsbzPh1$$RHZ!~W4DA^5R#I$@NxqeJ$N<5G%n#K#Cf5U92vYNhi z%7xgitYg;%4qzPQ%qyM+x3G>ZzHZdZm@Iv=S+hO;N5(+OG@}n<{|zA|xq>dULb3bi z$?GEL!nJsX^u8V=aRXB!+`z@cGICCUbmHZ_Vg{D?!EzC==wbWuN>^QH_2~WfiRj|9 z`oo`|u{*-Fde!~_n zs0W!Hb{se8lmTq_orZcTvtSo}^gR?)N$4w-eS)!LXrB_>un$A1ax9uXOvXyDcNe~S zYingBzGv&bwEM1THZ?k3eW4lOdGtHu8GeaK>YwN6f2PgVdyYOlS+9Mq}FKu{0JR|FCGS0(BKA!y4M}9i<}Qb^JolB<4b*t zQ~|KYG1>}iR&*@?{03#e3e<%ttm3$Z05r|~3Lz=4c8ivs7?P7MeObJUO}i|3h!bV{ zLExZ#ZHEfy^!r@w6T|1}ISnAc7c%lv&nQ?&O`x%%91rE-aBErrqdtre%|A82dC|nj z)^Q|_&C8R-VF=3&EqbiDHYgOZw{U`XN#?;STtG;8BN0zZWu&ibp7aJg^L;V32Viti zKIyM)L_h{*tQJqKZrBufMCI+&=5MO3l*})Hul|~c$xR~UF|Z44(J_L6g3`#(KwGj8 zmABNCuezpPgDJV&U62i6w(PrC+MHV49P06O9G4+!9&18LOVAcah~l}E1^OO-+Bt76 z#D3B}D579s{B^7|udTSmZE72*`lq%0!!P^a&I3mJf1RhE99wS-#PFj%^dD;(iR`Yr z7$v!y2-^^V*2G^ZSTeZPj-4H?M7HH}H}@~1wZDFaZlj0$3s8Ve6y7~LiC{S554@>4 zMnlbfq4Oiwf3uWVoaQ#=Oe zW<#kW?f0e7%H>YO=AAGY{}M(uzX;q3jAco}WXKFtC{&h?{+mq4I#UwJ6D;Wa!q>m( zClLEtP$li5^hxBhDk-5~GMnjhf6wHxf&6^4{jyRp9vw1($HH8ZR4RZqH3 zI*A`R7&L8tk^97l-VlUK5jeFD6ygYp7)1VOD%bw+-|5GeqyyH+lQI$JcPsPwf)@+ z5fRjY<=MKdIq+?O-dE}BO|I$-5L8UU{ZGq+@gHIw#{cS@{})&V$+0|g!2jkre5{p!#+l)BU7pgO@Zfk{UMrhjP4l2Wms(FTT+>sZNz&=t z)U9TV>bX+Yzt*UE2^Ymwh&kJkz-D^D~-9#r;;rDy3g)eYZo}}tOO%c;S>@92@{}pWh z-?as@m1SZx|E=_)_6nhRw*dz8xZ>JbX|pVqylIPCzbCU5Ah4%A-FuV9@TQm`*}Vto zxzpwTKu>HnFm@O)O@&$xy?x*I+NQn5GlaR%Ap<==ejjZdb*zY#KFmB$qOo$s@!CY; zSs6l)LERqs{ zmQ~sVfRHQ^1Bx^;7{)XbP}*X*gvW>Fsd9!sA{@MI^+z|#HIrDiS0Q#D#`x~(0EYP< zmS&Iy-nF}8c@r~2?*`9Jz)@2iv(uT@BE^gZ3DO0KBMhBzAyN4rr??!3dH`sf8eUb4 z>AYFtiSo#wRkd1ZCZL~Z!t_r}4L2BZ77W}N=q?#E_+0Ftb2W1Hye*?vtjw93OOXli z^8`Q_(#R==(DDc(QbalPc#^SCtF)=GvBiEvW1Lo-4=7s+4gOm9KjItYwB(Z#Ne~kY zZhW(!!Z*n@E`^qM_$;b{*YL;f>^&B`4AY61eq`J`^OrT8_Z?(#OfG0g`r_`&hH@SY zI>A|bD>%$(B!wa)ua~s44@;Ast$rXyfuJRC@ZUL|TdTc_A43^aoeAHw<}d4Ct!t+Y zQ3*|HnttK|8Y+Bch(}LcVzxu@HGLTOCuh;aAGGO>XBZ`&Q6AJjz5*cM^E%NkVOf@>$&m&RrM2vOQ&hR8+CI*srh{y;cz@t~~vWRKS^= zF})qMDc7P1>sz} zcfXUF3IxJ!{2GZEoexJ;?V<%2OuyqmmXUU!jA!qcs`%PS{brNWDL8zCuIr1ts~Qrt z>NRTB)?>}UPNmhhs`Zh41=YS}J$(a(3Uw$!1;xIid+Ej}{Jxb48?3Q8Cv_#~=(=O8 z=_g>lwM){kPO%n>L&j-VFUMJEPkc|Tso{tgbc@X~(vSr1=N<3938WESDvYz3YHk%K zeAL0Ecnf=6E0dj%&d}m?48%mXw?ftpMdkn;8K&6k60Cvdbugk&{}2Y%+5;k)K4rs7 zsb@T+28s4!5tDOwTtPt5lr#An04iV|G0ql}clPm*jB-;l#-oSj=3^X(3I*f!6h;D! z^dU5)9b`k+70Mg15{c#AqF`w_N1zAKabtOz!=%|`TV_3&(4DT@@&_dWuMtmc!>>+q zv28R5WxqvN5#=25y-JoIZ7Vnc*gnp-vr_-t0DUZB07Hg1D@Jc7MBFQY1x`@r^pL%R zb!)7koibehA}4+(I*bnkE5AosKpmQz+HL}<(nWJ#S3A4Seq-kd3r-wb(;l{n^fIG79w$?9l$H2_twalg?f)7U01+Ws1 zOSrE&aPIjv?7?(n!zUZAxvZFN7Z4jfS>TtFV*1NhD2A+<(a3NL~yTgN=k6lQyOmkovw#1ei zyFJpM0D>`90TA+fA$4+f@5RPu`mCWr^g<5&808VnC{ui8;8agcSTx4!p21?)Ud?}* z02t$JEhqR}5gd#Wg1iS+d#%?Ks(n0g%TOFa0nbX7#(7m|O(R`6Dsr_%7}SHyjT|Z= z$`N3hfib~QRdsGye`>*%OD9!Zf99A~)(MwxfiOHE-8%y7Xv&FYKzC;|o%~xHyX;AO z2PT8PLuZe$=cL4?LwF0HZFtx9pJ1MDH7%yNsY z*C!{4$=1l{rSB5qy;WaOOQFilD&@*yj`+u*evDnBl)$-8o)*j`fghqRL$ z92{pM<*L!uE^?~u&Q_;H3oj5%)gajR!V)Z^Vhp7n%Dbo?`&QzQkY*U#q?0Y89WPH` z`t(s$6q7EC>Jt)aQ1$Z%|FRym7j(g*;|;NeXh%ExH&eR?K7o$mhVNF*Ixii&vEcFn zApJv0vFi14H0d(Egd(gE%ko^hu@osM)z)01ZHmQ!H;o7Wf#Tz6!J(c{Ov5>Sa>r`( zh_YtluW{QYF~((>+5c;U@)0nmHE61Bu@$nMh8a$k>QPz%F_B`3DO9u zz?pe54{Igt6vl!s!MB15dljO{w^X8@dUJk3as&cWF)O-1?I=hjS3^bB4Nl5SVU6pEALki^~d8T5?ReII5A{UIwdx}uc zRl=!`j5HWfBc|QSM|s;#NtcQSgNkd#nke2V7(_9HH0O-#@=6qNl2vQ~6Is$yu(Xky zome`w^G(W*?WQaeIN(Y*?20aR7E3T!0JA8ta@BFxUL3-stWoAVw_z(K0Zt}~WA#P) zNIT1%l5=X1pL^3#55lfUL~|!`gzH7d010WQmWn|M8=k0&n7IayN|dC($S{Tcf_?`N zk(@48LZXr_|0Png$70L|=mJX%Nm$JG2`(zZH~mp1A(2JiY+a#M@eC0#XT=}$tI@9d z&7NPuAss>~ZNpQ4V~Lqdq6V~HbWj^3*Fc2`fOJT=BYB+Oe;G_c0a82T7Fxm6ANk9~ z6WU3ufsk!6Wr7vU%`Mtg!0AV^5PyEi;2s9QNtt1GN?tzF-DBp`68FkjFNi&3bOcKg zORGSkFRL&!>MIas(P9R5!W^O{57M}M(=2LmDT7DUEEJ+HUTiFc!IHTfLON*UlpJDO zTtKwjEtPzJJQAHOvej1`#`f-Tef{m(`0n_@k;~_6bhL3-7L704PId5Dhkq^fC9;?1 ztLODi2Zt|<+6VK!+LLVAh%AXux*A+k58m*;n6>b2Zw?e?(i zn%i6B$9^dCU+(Vj1aAhunw-5`l*n3p1<2*fC2#@lgYMW9GhMGNcu|;h)SlrC?~qnR z5qMu`7_W>o1A^St*1D;1Q?n%P?mn70ByZXjhybyj9U~OZ00js)gxFP4iOc=Tk7z-$ z^a6x#Q1E^i8^C=GeZ1@dQ`ya;^L5AG2>7v1aaP{?YS2p&Jh2DRJPp_-0*0*lly)#k zAEkR|@zFY@aJCq~!H9*>5w5YKM=i&{xPMy2oTu&pG;IJfta7@sXr~72)?ho9)MWnWIXN>A`S>8kSZX@ z!-y5KN7;h2h>?#(@reMLV#6aOxS3qhH6yAF4-jz>m;YGGFS;%b;+p+#B`d<+pWL>yL>DxH;{|duUz_3KaSNH8N(MuAQtGJ22-;f8?BeG zYjxe<_#uhIvvcfOHgwguRL?yEJ>1`2XQ7joKn`Bdvj$J~A7_7mv&AGZ01c@9606gJ z*>h?2N3yrTV`z%$@vDdD|MLN0$qC_?EN=ASP(nNZpgxzOGveV&Hbg3qtcdK0+y=P- zVk2lFxTu|ZyurLmHGOk(hYyzBN<>Gc3Xc*T#YhaEw5Gl`VFcoMGVLyF=?p6jGA?H4 zNA8vJ0+`R?Phtm3I>AFn?osP6eqVo%M{owg&$tk|(*S|yHSs~65DP#O9RF7vSb(>P z$kXo@(XUTU*;WH2QdrUf9)SZW&X2raCI^h9LCka$Soj1yf%2TM2ek)q)*@GA0?{we z3u4S37UCXl<-!}STnwO~f7Qzf(dZKAMZ;JY$|)LTXp6O^CO*u=bSIPq4^RS(POjB@ zpe*QRpIy*WCVZcSjouN+cf%@xjadlZux z836*NRupNL*Z2MLYktID(W;6(3FwbSG^Ve}#P&$*Yo-m?C^xb1Bq29{?gZO>DVI^@ zV%0M}+voHASoi!|%U|U2ylmhokm(peQxfxEANo|$HrynYJOy$v9;U+w#Ky**Z(DYB zw4IBK@Pq4hXDx$gXLf`5rKNQOCc26U+Jbbu^m4Zx`q zh0bITz4IUC4{z`#8F=@+p33u$LnUSrCF^(aWtPZ76}Oh9-OWDk`mD&tviebh#RG6L zi8?0SpdejUYX+!>Lw{qwPvfI+J}ll}ApXz;EOXOm)m@+U@00c6A@yImS9m$Rmhnnc z@xR%$@kXi1{UU|}q4MZtHEIHiaN;y=*>*BD@y!2zDnW1W9@PzQmzJPS%qD0q0EZ{Q zNhNV4dzJ^gYSFYT(;E>H62}-$G9y7CK`tAg*d1ypc@)8Y)Ny=!Ie2*7m2cL}vVHS> z&OKQytDGBaaO#Be4yoiiYNP_f_=RlEqHDHPQ)-S>?A6ro|Pcc{>{;^xMs(T#q=RNO?s zyQv}Z*0fIrCwCi{gS&3pWNF?c<|1UxuYcHT6S3VQVzZ4ehNO`=S_mph&os5oXty~2 z{~5&=DJ2>irWP6htC4AHlhJIkQljzS#&OF{_GZs-+mD_0sSYk&i4o>v!jB+|C>BrU zA*`$CU>_P8n$F2s9!KTtj{%oF-J%=C@NUC;T^i&>*MY&Pt#L}G&WYtZB(u6CXNa}F z0!DLn*Da}1>aFV4a@ZFg@MMTx%nAHSy;byRViF=f~B(*Nxr^;kUom6V8 z>Pk*}Y3gz+3!XxgdhuaGZjA_GO*brF*dny94V z6*@;ThU%8B*G8)^lN?TfVUj~o^K~1%hi(?OoNH$E)SJzM_WVUaOGreQLVFbI#f}8J zC;74Qj#nW9p|sTlSeUFsJ|jk875(5S6kJtfjb%!cgzCBdH2|1VR)YpgK+gAn#TC9m zS8`Sc<2YFhYf^>G*fNDyUBaea1S_%^4Fr&dx<)MFtU`0a{k*{j6>)iz8v?Kgj2bz_ zvVmOJgXxO|-VG!s!_GrHk-)Ft`Ee&wG3ETDz}Bwb!B|0?jgEx+cmqv{`8S$<>TI!S zq8%9~QR-NVRp2gSIBOV!x=Qj%oz@9OsZE&hq&AzV!rXx~19Y@FK`xju(2nM8$6}I3 zkkp2tv=>q8G$$=(wjA~h+G{9kT*8AoX$_+FxT$u5)~w1@IW}yk0Ofmob=o(ccWB(+r}e&Q*)43UHc<_uFD7^A?yyFipF<_0M(Xj3x94f2F5QZ zVKYzUS5KshB(J?K%l>+wxupJ;P@q)I5|B2zzMj6$(Ss?ehKH)tp4Fuzx1+7zb719v zp*i7E>DF=FS#tnda*Q>>smNQ|Vk&D^a#Crhfg0Kr^@^^;*4P&FP?h1M<125yxr#Fi zUVk9(H#Ba@^Tx{HS3)(S+jL{qV?kxW`Sw>ujcDy7?=%DTbs}+38g;Xtd9+18o4j(o z7Fj2w(yAm-%ByL_lX#>vq~v$isPAHW{zb>T1IsRT%4FxC0m3$95lBMe@7P+)AS4@50d-TFuTJjIkW57UlE^l9fgO!6!^FbypplhbYuiI zWosoB8r#a59cG}H{St#Cd~J8f0}!08pq0{MjWVfK8D=OMUFDG_B~OD(OUtI6*_s^_ zQU$}PJQv)hBFPOT^TG(BM3F?{LZSjW8X=V-)Pup`ktBqQ-G|0FZPWmVx3{W*c2*r% z&1ZhP9zH%hRW)DgQQE_eETh{@rPS0;NI63))5MCHX5hhw^)?L%HifNWYJ}SJ_DgN% z<#<~S+ttCqI4r37LRf`j%hn9(gK1_gxL9qlJWNb|qN{ZV2Il_6xXQ!6asq^-e1&*j zl955B1Z^$_XMuyi-4lh|;Fb!GstQLfnVK z)6AUL(02qS$0%u^c(2+>(7I4GAG)RR!bM(HAt;MPjwBtpYkoJ4hsD+1D|CpZ`Z%0! zeBd-a9pW^>K0%5|kpW082N9mcgYC3RKY7Poqfq0(f3kogpB2@Nh{1sxPQ=}CjnjJ4 z2I`zKt_i04%M~Nur95MH<268rbCH?^;>%b7OC5x{Ia$ags>mqpVW0a8m!mbz0@pl?>&}UrmES zDiljAr2wlNCy7APV9y?wSj>rTq>KqcyfpK`*XdH_F>QfWLu-qQWRH|bFJ&YB9ec&^ zI15L@eVZ{6BL!y=h2VS&k`O0ADDu(l7Gddao5*MszC@c?SN2da#XwW858)HyAx0Sn zu*;+uXY3A^hJYA(DtC)h4?12D^8iAdV9zOmBpoyal^J~sc$;(2Y*z`+hy`VMJh0y0 zbhK7TUUi~CSS&*7*D zdpmWH1$@mu*KbyskLjG>$KCXl_j?pw0RjUS(7f{F;bGX41%QZ9EC}7iD731=CULHl znalP?#EPx68_5{mU1gYAAuNhrsG;&&_p+9t3|583^-L%i_EM?V{9BnSPE6P;gv_K_ zz6JhQPfPyL6QJ9EF|w=|PaEt=K|FLguQfIh%aEUa6jljO1lJXY!Gx@4qMs%!NQOg^ zP8t9G0BP4>Oa%zWf@3X1EGu+=pFKy_Lr>fUUlh3Dej?;f^c2|2qYn!cKkOwqJq%&a zTi*eF`oyrk_Kd|`xXZ#beTN5!&ks`<@6fbHUK472Uv{+1Kh=6xX!hSGC~iS`74v8@{R`OzIT!@Z6Cob(#&;5OI!_=}2%1DTCqZ5DEF z^pleYT3oD*)E&oU=TU6pYknnxc*8^(ge934boT}UcUuD3>2Lk$#4%v5S(5emkKdH) z6Vl@$J)J+dzCA5>PJ6k#`!=@e;P(?u2eX*X`(_Vk7g~Dq>Ggat>(T1k!SE%#Y9hC} z9Ms~W_~B9!18upM@M1N10&~hD8cY|?*S|ZbhlZ?C?DV^lQL6YDbRY1uJuhY)TJ*dz z@l`eVe*fGS+U|Nn#=JSNt=93HVAf^qDUW#jtM)G~I_$#-v1!IcV}9^Az@U%%#6LhX zEKL8zp<@3T{a4R9jCI>h_S}7ClYkRm{2$~mOJ(pBqPsm0z8Aim--V{GloPk> zh>!WN%>I+wn&g2Utx1=F@wE-gsc2MDf8^jX;zm61Z#eCQMVG%2sjm!*u`%Mfo-tNK zaJcwi!-LSXE;=9kca9D`ncK5yi!ZVGwzef|ix)2s!^?jL|13LyNkH1Pb@zmOTOCP@ z)`Sk}Tnyy0-;pmke@nh89_6|Jg*HZAKxcEji%rXum_S`Ob>#xc5E({8O{* zl@jJr>TBYq!8LIf(o=i3djiRz|K4bQFU+CyN$I{#&^k5~uGWqABPI>96Nt$nzRxt&@ zk)p4K@AQPSSen3TIY7|+e!1WUQ5fm7iGuN%d?_T(RsaFN_)-@MW<|4ggYr#)Nw`3_ zX|o2;;$UdjFAuq`(`)w`l8EN(?7h{L`=~`Pt>bmsz?=|X_erb7_670H=Bl=zJKT}h zO3eua;+jIc&G4S#xG$;Tdlx1vBvw3%trE<9g&5jWKo=y@!~1f4mNq#-auLmgv3esvd4;VuQBng%u1>$e{~`y9hmE#G$KXd5YCDSgOwA>j0oRCiN4aNSf~}BxJXR`F^(0*zKjJ(UbDYp2{p(^Vl*Oxt^D%naWaB}O+MBmt-DtwlN0MPb|`EPFcyju z+$k8|L?qqubX~^^$ZK#6O+0^f1(6>SfC?Fq7AikhZ~=&qQ!^5Fm8zbE`ICZV=`@=c zkkj+|MKmd^t#T$%y$lL5;oY<1`TwKr9b-HT`f$OvZQHhO+qT`)wr$(~H>YjeHmA*L zyLWE(?#;cMH=B2platCx&WEals(SR($YWT2$aBa~m5U9>)c$3&QJ_F}ltG!?b=mc? zfzN_`R*7aZ91- z#vkU%h)W9EkWLq)3>f+QH|;62Kf0c(^}+{kD*30fL2CUBpUm zB;>Hls6AeXS`{O>i4KZ+%c3^w+(V$U^y7VsA|o zO@j1D`97s0zTLi@e!tsucl_H!d<7)kxC%YXC-1r#Il-4&x1Bl(XtdO^3o^61+(dt% z!&{EY_g;eKN+k{#WD&lGSka#(%6ajX-$p)?aH zlm780NMRfE1{cSyqC_LfxE&}Rlf0O;+hnDf?1Ek|ccxey*t`880b=Sv7++=(WHJ^3 z0b4*s8)=J`DkXsFZv*U(Hy9<7sf6ipJKl1KG_9S#**c)Qj(ni=m;%_nE`LJN)r^4@10Z zIKESc=@ff3OA*nlle*&exRnoONSOm;Qwq|fS1d94%U6w#!ie4lJz1<;RX)B3D`uVxK z`!wqKY3(r73*>z@^7Zuy@Cq6l=*#%b2-ok0*P(Mui&0&WuMU>P#VxZ*z>Z0tQt|4A%7>(*6%Hv?bB-=2YVP4 z19TiaI&z!y8Tm|ZYtk)k>P)mLqJ5r7aK7jko9etac}iTzlm%cKVZv^^F6R4A@@;>2 z3hj{M`w>Y}bk%{bbrwdYv?nb#(Dh>_Y|3{W*{H3U>z14EPFoxG1#=gyBkI;2hwoA+ zI3>5p$wq6)OH&?9+2BS*i#*c3 zNu?qsY^_HSQn`?@8C&NNPHg;UTCeT_du>@Ed!xys-7Ur}B1N_y65N;lI#7ouf7A=R zgI&=kNpdhlx{`{bMY{4;O<1qFpo08+RF37)Qg{~-_u4XW$tz93O^$p5)9`6-vo+{7 zyVLV0eBg|f?Ny3N_fy~Xyq4~+V2(;$EC&@sn5A-8OE;7F8^3@g`_-c~yl@FY61LX& zB3XMl&07elp^Aj6@*9BM{R=`6^*}J$U-q$a?xYN4xsKe^W8^G2ox&#h=Ro6^8R$LK zXFc{?f?yJz92@c4HVMsP6(|;E^tPXF_H_etz0Jc2@UTnN9xY^*{hYEh;0YDg&6gs1 z)e;Hu8KULbq=53QTJ4BXUPu6$of6oa0n1-t?!-fv;qG2*PT+{gHvEW@aZJBR#g&Ov znG=DcffIjmr=UPV%>ki_so~h9;Xa9d2BiakpJdjfurL{d*r-RJRowyMV9`3Y9|RdH zwP0M$T_4eIe!V^#h>hvFekpPZ6vku5(N=y~f%j+|806Io)-f2=g%hats-eRdXp7@I z8wT=7iR*_M-F#sOpL#s0T$do$NI#IQUbkQeowM>i{u0C@tz zDRHS^UTd6@8?0FYDMZI<|FM}N^1P2sJ&xQRptg=;Ba+4g&t{M>vU2F;+XH1FAN3Q< zm^|yxT?(mNs;9XHsjN`-@-RuYmM3892Qc@D)netFThs8~9hb>v zTyZs=rmeRAfb1EOTCx1#8<>`vQn9peC@l(Z zd|=W66jr%;_$y`9O=%jDCMdvGE6_dD*Sp?MA@#eto00ACDN7C({vkLsJK@<)UHw95 zf>jO~hd^TkjsJ{kJh2ibE-%gM;fpAGM)}1R?Ms;)AAD&$$A;=-ofBWpZ^MVY6BVyT z!3Io*3Ct9d9WkW&`JApTh%KG{qO*>(knz_ z7{YjAt5zJ^kd;o znAGwYI|{!;BxDap4$x<&{fA=}bD-k6=0fQrwhI~WbbTMZLhMP-D0awkU&Hg_?L9~XKMOYO|LTX9dqtp#tE)l*HTKi zd>*w*I&w5S?Y@y7+}#6IZxC74Ac-oX73Hm%F#{rnOpm`vCG)u=R~?Ik96M@pV(C(^ z<#0(n{N?#o+JZ-W;#dk7L3uC)z%ndR)F3wS$!`xjx&O2BE$mfHHYrH$46M=C3Ftz+@>Un#Sj85G5td{TS4JC&C`Fs{WTiX0 zIV{+UQEa;z)XG#wY9DpC3{CHV0wImXV{M4DH~HlGo%iOrRRF*CA~)x5oL{_)DV;L$ zmWIk;!709tXJ!z?L+@hNt7Xsl-QEzi#&V@`Vq(mIHy4SB+4pUM4ITSsr&W$iAL}vV z#l*MA?uWQG9$OI;psxj}Fy|3)Z(PucK-Gb4wYF~IUkVCn73^!GpUU?0(&+_o^$0gGrO}5C7!AhM8qIAf*uDd&F{7HxC z)9DQhpu@XX>TML}@W3Rx)QZZ0v0GJRd=di33dw3s_&MmW(B-|b$53-Ia^<*nm9|te z7nkp8E^duHI?0^;lPq9(8qaQ^wYpcSi@7{nOn0hT$8PFfM852k zuQn-&qrJjXq=;OCnmK9ST#jJfxeF}&=kN0P3J)l?<~yE&x%8e5;`&MDQ-SMPK@^?5 z6;3ug`|3sYWdk-r`rHthIQlg-gQfq6&H5CyE>ZUO$IZ0Ha{Nqd|I3*XhT~kozCQKa|{9GGr8S@JJlNn88FWJ7I!C8cxB0 zit8f_uQu-v{W?KGM~xrBx>1lH3bT#bfAwf0c5cik48G%cDPHZs2$l5{VY``A?unBu z;_}sR!ys}qJ%~1AR%^1Dm+ltYWyNM{%*54`YF>!VZQ+rr8Mw0OWFHMQgD9j;m1PNt z$(;&m5R$F-@6>gQG#6itXc<7~)q7)JBaU-O3t{###GdVHEw7qb+jGDSpGCqk*{ zn-l32j%gxEOdCst&9g{AxrD;AfTo2BqB&?fW<@%{03HPRsb}l8bnT7e%KGasreIu#by(H1eTqqi@$_~I=BSXA7@>F#& z_m?~inOI$LBD<_Dx};sS#825PXrquBo4~K3@%MEcDmh(KhdB<$wSClu5Q8UQ* zd!95S!2_N8e8CB((or<@*)&Je+S3AF4sg%UYy{kp(5$Z-baxEo>gqgkgx!Ok)0hG=`Ak|> zpMxJWkmRqkPVYcsln-2_5y(wqt*5mc#4=S-qH;lfYF(+~U4o^!!7JbI&TO^PsKwp$ zEKo7d@l+raVN_(@XP?4}D^93WPAh2sbdO7hJ@!{m{9@)~c;B8sN1=I)!7Ga8k9C}P z#*UX-%!252PLjHywiVT#Bt`Jv&lN*j#^ZLy6H|y1REr{1=z>hUBjYq(^ay?k5~+3K zv*1Bj!0Yd7#ZJZV>^^qEd;fEHUwJ*3l*2?XY#G(eNP zY8?W&8djqA>zDSb8o%*o6q$}fUdTNtA0&Q(KOi3g;^~*Ciei9LMJ{#K*KPVTD$7q@ z_2x%obv7fQg^MaetZ%**-7U^zJ}Q|vsU`N3IsNL!)?5Zb7g=0% z;!|m+&>vK2C1+bohWXj|NRuWo0q7uNy2uynJmH9!^n3n*cC5 z7^N1-8-^Nb=cG9zNf{N&q2EJ|IXAQs89Mgh+JnW^EXDLHI4-_*5o<5>rCU4RK!VJu zykJaVrGCoT<|cpbJ8d8f8l4D?BohtQm>hZ^CFegg^PGN&LU5JoOQXGH2yZivIo1#o zFAxfKItel>Or!Ly@2j|h6kafRo`CW?a?KP9*j%8Ta7#g)X8)0LQ)ub=Q2*$pDC9*f zS2U?0M=or`wRw=HuGp9EzEdD9ylralQwX?ItOAzTm>Wowa*&xDILiF9csb1!6Al_J ztUBP)0j6@_=xu^l3Hw&H+4B-Y3loVvd&k9aF_mEqRh&Y}V^eVE z$CHWX+bmLU1KI(n+C3kIrxI{lrL?Lf)>!K+e-F5Ji5k>TTnA^0`)7sfj@$sR2KlL+C)O|j)e?{O-Pg#Ra+|=>>hUt36I7y z%B2a03xQFz(hLuJq=D~C`bJr&Uis&ez28A+HOJc1=1=V)ONLz8r#8hp-S@t@(Faae zJ7a{trJbL%vPyR)jw^)YL4~UmZ`K_hZ{{6um%$P@t|xIY-y8{s->gsm^^63*9XH3> z1NIv6byQz%KT8!1mUne_ZjRaW=7yU)VT@?Ym1UF+yO;*Y`m zt<`6aJ)7So;vrZ9kqV&<{S%rpnFyA$!d+YnI#UT#BR9)6zOlq9{eGkmqx*A;BTVy+24Btnw;ZF`b2|ZVpsR0fVxXi@1 ze-Mwhd_I{A4?U_}P50#xkndp3Y1pXW$FY>y86MLvsfYsslSyOtTiO0XlXy+To{PJ0o4mb1!B{!mJ zj+kDJnChdx6T`U@o1>p}dAk5NWqJD*u0~@;Q$9sjslRi1@GG{9R0F=XUP1u!Aoj^J z6~#urme-_mhF?wG*>wyOD^3^qU9QNDb7i_H?Mg8!!Xd5G0HIbrz<^VlNJpAfq#^t*uS#gZ7)&kLVM>HV&kWY~#NZ!iG4 zEq_kJ1VKiBdWY9HfV=rOrQ$3Cr-QkOKD^!l@vr@>yCD|+FwJ3dj4Q?#j2*abokz>Xbdoig9><{+%7Z%+yzgIs z?@93T!v(v0x?k@eayXCfzIPr^u9b4&wKI}bu_tvTa4~h)oRgZ$H)P&SUr%yaKYh5g zq{#a>zgMB_wX)k#zQ`h){T&CtD;OtyQ%+d1rlUtCbe+2sZPRT?=Hx}eb&^w%? z4R|~U9!sBk2|dqSFLwt+2w9;vwhX9Dj>R_OCE0QUK-R>2dk|OajkKE1xHnQX@4rUa zDbo3k9=c;USIuRnXD~85;x@reBsH`1>P3g0tTPmV~JHV@8d7ahudW zP@RT>-)|XCe*6pfV(I1=43J>xP(r|uq|kj;S!gztb5Ga@i4=XO3NAyc(&?ER_Dp-H zD#wK}>$|HdgJ&EdAcZ z8~sj6H`)1EhDMH5CiRvL;pbRXFGw-@%m(y9C##41o=9(K#HFp$t9?}9f zy*&!Xqwv0Qjw+eNKqZM>jqB=YxI&^qUDbWFlH$a}>*BlZ{4Kth_y}czlhwEMx4wye zUMBNrHk29<7>PEH#BW_)IzGKmq9V2Fk8C|af5<7W5@ulAiyY=EPMUOKK*@j2`lbw` zohsIrJ^ok>-g2V;nxgND9I!v;jrw=G!bRS0BwC}~;r<0okhsO0nnhK-h)`Hw**eu* z#2W37(jl5vDkf?WqUgQ8&fY{clsbnJqIflc^3_H0-2K?m^y4bZx=Nnbm4A0&{)4%X zmmM(0ok}>(UH5_b1zKclY>MUee;-HWZzpw4(7KjHj(NbfWAr~Ajwql*Yr*e`v{|Sj z@rBLRl&dQi;!fP@u{eX?mnH?Me22K&2a(qYq0k-pWTAZZFE0^cidVle8J}}l$-!2Z1?SB0 zV6S3`wmkPZ!Pr*4>MD1YHsDJ^RdMXKC~?ZI`AlHPT>(#}>R+@vKj6ofqxmWNdlvJ2 z^5ztP=y8@yzSZ=smF7jLF|Ly~#Vcwt$9@=3v=7VPj{yM_)#H*Ol*RDhr!&UXZA+$e z8-@eKV{ej)E~rgPTE~7n1!KQ2BpvD5aiT40)(yWG?i@J02@CVaE4M@9b~Soa;`}AF z;Te|9DqJMEHO>&sF)}Cl@ToOCDG~NGuYY&nv^Ej>H1zdEbTx~8gqMfo`Ja*|2mBI$ z6sIDM|D3X;-%1Mj0wDUTnmy|BXm5s`o9*IgbS_BmoRvCcOuARuWlWB;O^veIqfSb2 zPf2jgzNKk?U=@^ipV;t z^cliW3M7Qqc}=8cQ37*pcFiLk&!()WMI2@bLma^}oYitx$zpcYcs6Ha>iB9zK9TDm z=!VQS)q={(h&&jjx`(>0eKKpw`S|%Zn1K3HW*0LJ=lT@J+(*+{T(|kQcFao&2g(=? zs#L@I7s%3bZEB+pJ3{*8PS_*aGm4OB!~OY<*40JJ=ah+23iY%reVfM^Y*Iu`gU92y zphfJbc|PF*65;B{Yv@a`kKG@E&pWf;{aEIgqn(wnr|av8tq;Z90H2?Oxt9}pAKRJk zcH~}EAM0r@8}nHbqkN-5s!wvw%VL#>u=YX)Mt@`EAw!jTW-AV~*ey=h`4-z_zpaTn z$J?$b*aiq*?lHmkyTkB`l8|6ofzg~R z+6vM7&BY|l+6i?Hcf$6m^l0ti6Q5BX-DIzFsn~O^h?nBf0M8jN!f)~ftr*>DSzFU=4rIBy^>U54mmLWjaUys-rJ9{+d z`aE#)Ez2yMEjPpTIajWqw^!$r5oMZjD=16M34uUhaYt@M)EBP`B0Qsh#qBk>RYa=n z+^Yf?GL<<+iC84h+}K?B)hs;aV%|&4^3uxAe!^BlOEFk|re7?uYCN2N>@Wc(odm>q z9V>xO^PYO1q6m%I!AkAVRWSMlmippZt_@}8VtX$UBtDro-$4eInqzUk#Rs}xwe5Ph-QQ~P&oIoAy(SeOvv%g9<(=Ip=afsp$*&X2#ZUyxy29h=&m<7 z-IO7#XC6o(nv1;Pj37=3sY@Y)*~Pr1IQudy45`Pn9d7RyW31gALS3YvT+ool#ALqRK>Du0x>TpViXLa* z2J(v#R%q0|uY%ge8KY55EoN^%E|OJUpkX9)7%D~vDG5O+SX|Mg`Sq*1F7yX&Lk`Jl zZ84Q59?e4pYK&U{&SA1Y#l{Y`!#A#E#6WqCYQ9L=)~kYy^2q)d(47F|QdSS)9<&}o zBG6fxx37S@l4u=$C9lWHQ_ZwyJ$uqRb=Hw*b2i-RY%i_S1zF7g2#U1eO_j<-t4kXG z(i7!r4U5nU&mIAbnCz=Xt-fHP8{S#)$E+T^Ym$QgNkkKG?xgT0oXh)zaV*3~@};o*uG)N3H< zoEqYuOx_p*QGdl$;+^9#-AOq8AJ{z-o36t^gPH9!TM`%OyLB09a863U$U-Y{ z+NY7C3CC^-YM5`rGbp1@Ilb=a;MD#)&LeZ{J+Nn1{_d`G z3(V(SzYRi0;Qz!858?~_4;TW+|A8U=PmF+r`G5ZQ|BFzR+Vm-hO(CqX7yoGO%^0~; zf9=juB}sOrt;*_RsD=Gv8NFq+&6DegoPYV`3?p!`Y*3>Gh^M0Y1%==wR{K4S-5!1p zi31wc@zIV_sCKC$n=Ak-nv=8H3X*n42jmP8*vW&=uZnYvUfuKo_@&WXdjj_wm!3TP zKF5D62S$c&LV~a!um#X1EW1o0MB3Y%{6cPDj~J+v)xy1xJX$icF%`8Jt>W#EKS?~4 z19BRUHD%JZx+=8Mah0Z)$L=rf;epeyeIPVn8!npP+ZDDAwbaBQ5l><=5@f9+_$mfj z!pzDj)(%DVe$l{P2Lgxl>TXX*#iM3!iqYK{Q94vmcs2u#;Sew4aSu+}ip5m34*_jM zse$+QFIx3TIs*aGT}0XbL4^va-?!sY%Dg5psHSz7P-x1)Rx!0L0q`T*9Fye}Oa+f0 z(y7BkCfTFsRIp@!`*IIzZI>||Gf1;%vxY~tI2{#YH*w7~r!H-la99U`YME5WHj9=rS=Xn-N^@1kpPH#AM8y&ssjiev zq$e!SG>U=I*dPTFlipy3j-elG)_%hs>N_YV;Y%|O$RCgl z<_Nwc?aRa?chdEtTyWsDEui#;Q<(jiW}dz84;u8KtRPLJg;0btP6A@e(i>a$^>Km* zy)>2?7IlH2?tC@IW1vYi7p8y1oI=GCmpp|iCa@0iDh6<4pfVGXAlN#siL`5pC&I`&Jm zLI4qkfwxbmmyK1&t#u4GM_CW z-t9P_B*B34-hTK3+wNY0*e(*wZEF@>2j{PC&Q7rJH4O#&{nY(HeX&e3MhHA}X;`8( z$V9lBIBcju-{O-&?q%=H`nrok$joduI9(4ObL-}pdEF$4aP4@jKYO56oQQfu=S!g0 zm;_w!d!PmP{mQ%quhA{1o?Lq5-jvxRvm=&qSg5u30u7rpkg;sjHd_{jdNNfZ^-`@- zd#fj+^uB|Me~o~Kj{cCNP6-sMshe-RyHI|87L2yp;x6L)K?iHG|y4O%Y z|12;wk#%Ll0f%FhYzWut92WBkk+gix1;Lm#fz+Pb5o5yDRG>gi1a*>KLVLTZ(&T&w z_|wSoarcGJO+!B91YLUZ&y$ z1$SNl778}gVlkteSg&`_t|BeDz8hv5JlSbnC=Qb|rYq({{4c|UqxNxLL4w0I#6m)Z z?MJm!d%HH_L4X7};6KH$vHu@sRsKKN3T7r|*8fFUu(ELc*SQ!gy1EJYZSekkhRg}q zF&ZS|Dj>l?9sU1OkVnL-v+=)9<+C#9Ex|LB}-(tkDjSyyEJ>IjhA0(0r!&!1dKX< z$o>`z9JtdBQv1@#W3lWTL5kL;I8SB$pr;x?Y3uGlYPJo9nfc()c9D(;94_eW%(I)q zEyIIsLElnHGGftlk^>#|%q)n|U`b1XqY#9ITGE|ORI9)yj_7->c$s;jp4=!K1D;$ zu&Pe-h^mmW&bS9FyhxT)f952~tDa!kP@~0sJP<`wy$>SUk5kkC)z6&M7l@19d+gYM zQ%rtK(oopg2M;Q@$uEa58jRV|?o-m$)EPiNh27)q96=V5AS@rMK-4KweAwWZdQcL- zl^4s#yM4u4e6^eU7ijEkys3TbHS;C}UT|03l`uJUSC2HOWL0lF&RzGt;ZJ+c9;Fq< zmiS8p3V>N7wr+}Hao{roIRbBHo!>T{-%~SdoJ&s`O9j1tUJoY`r*j!^D;}2*j;By_D;CaK<|`XW zG$*@W=3%1sRcnHZ1^(V)0k;Y4X?SoB^}S! zCQQA*uOQJ!ZQ^>WNYlU z;40GGlD3hTh?mic+h#FL1r{NO5}!%$)H`SC(KnCGCmSJ3J{9l5oVTQQpG-)^Bu zI1NTv8gc|)_zuu17*-z+9{j6T@>zK9dCJE!;RLX{w9-o{>#0fCvEj5 zZ6i}{mC&JQZSMrx&@Gou8^%oQ<_nj0RHDy+#aQwQ#`B1d3oB-7yIaI<9Bsj(TEjhc z)8!^$P(9e+xR)7`y@&B;1S>8BzCHv~UJ%?>6T@iER$@5!0)DPMaCNtFbISO`db*f# zcO!*`RE_2%QrJQ+h!)QX+0xZOQ3Tq%EQxvL*_TQB?g`l_sEI?;&|$#M?lI#Ew!1xh z5=K(;*n^F(68JaH$*4B2(=z0-+Z^hXRkiLqx@aq&D}!$8o|FIev9sO({odlMdVsY2 zvcgaxtFF&Mus1*dYjGlfcJH46i7~LW$Mb7);u~St?|fw@C&SjqP1p14<$Iy^_GHe{ zKiB<5)D0P`l^&aK_OyTLjXbp-q1V38=Z^NVPg4iMma*9ZJcalSNdmXaQPmNgu~E;{ zUFiy2tQjm)khC~+=4}xxMLMzpT}6qiatZ2cNSp7X6o|vk*hu)Oy#W&-9J6*MbwyZotYU@iWp+Zq;Tr(u15mKo0#&vkBY zE-p9L@=yuLFxM1G`tt^fRdVXq9;(^QUMR*NwdY7LO_%f`v(t(WM`kZ%3m^8=ia&7$ z20aq9Z3YZ>o4*kxV_T-$pm9P^TDC;TUi5snOf%;yPhVzF{q|ZKpV(EO58QDIC&$=Y zl5`^tSY>s2pTqqzR`~HcihYCk3 ztgcVMuKAjn_KzQnO~YYj{San`eTQqmx*UD5#K?G<72PAiUiQyY70TwEqU#E(46x=}?N>z96a8wU2&R{CQb#qDwS zzdz5}Bc~rCEh1S#@rCk%VFx1&ge!$Ju`SKZiL%1au>HRph%;9})RiFnVLmtFgpV!bqd)@F>lbkeEVlmmnTP}?ODC1+Z@4g*0Lw@6|8eo`Ohgis zr*r-vN5k;TYPCo^VWy%~_$Ba9H^u-OIFAMG2`0)Q@6q@BeFdSx9$&!CSI^+~t?h3w z;^E2`1|8))2DzLcWz@{S7<2hK?sV8w15%styTb`od)ivr>|+D zftM}973MxP>DVWy*E;(C5!f(z+77`8q&Ff&1p4xfGB*=#yoliQmY{!##_D`rB@Y0ahGDGY37U@hgPU^lGB?mo#^74g`m0*GwRf7I za$-xw=s4|iAakc7at5qUjw%DLNG$d1$5p7_#w(s*Mt`-PK|;2bKvTN)PkutF2k)7m zb32%zv?PfSJUyHZ&cCOWeP5l^3T9x#KbK~qD@RuYz+V-7W{Pwix>`bH&Nd->4$0zP z@4EclyF1hJ(K&5q&#T3D8r}8%E($iV-HacRgPPqyI#m+qv8qo%Zcm!H)DCxOYzAyu zTrMi7*`u`SSW#?{fINABvQ0Z#8zK|^4eP&%U=`(~-JV(TE`xe8QAko^XN22NU(G(! zI82Igl#!~`hP1HsaTYQ%WIxn`>UZr25 zdB8~-nCc=Ea1qC;%T=m|o2Mi4{6G%xoDoF)2x_OTL9g=+;QfUPjL;y1hQHK=TQjcoq$$!W;ZT2@mG~Kpr8 zkN@RFCbgKa!6x@v2dJH&5ur6$IdrE5lcTG6#DzAt_d)&7zFUU)^zLvP6oDdgE~LwGPSVH} zT?l_A1v=eej@kRQ*&zhu4k^K9K;}I#78UU0>g%E)X5@t4Z?wFX_2R!p%92QQm<#qW zB_u?|jVKlhEIHtdof{tcA~+`q9;z&ato$(9r{IwBVi@xc1dDyM%WzX4le6-6F?Ais zaYO#F`$C}7$|R&XmWm=J7c$~@`^XBHZgZsy1RP~{=V0aP(_-bYe^7i<#$l9gYhbd@wI=h~L6oJtP3)JZIDhta;y4`Wa?t6huAiQ_C zPRe%=Lug!JoX}wDS#PZ9J7_A`65=HAph!aKc6Oqga>Lb|eKEM~jmw);D=W+P?FW z#smoo&neCC`Ibk5s6!+N7k_h%o#(?u!y`&Qxw39%7kzJ?{-rYEW$^`r3E5zFPm!M* z);pw$BEj|nzB@U(Kn0|WSAy@`y6T>Zx3QouO>{K+y%4uf?)#Di$b+=;xj^2j!OmmIhjR%SgMYXdT zOZPSFk-&X+rS{A2YG zqgCtI(pTbgDGv6_F%1f;rp>K!N~9u}uuhgsKL7X1B!dR$UAcD$5y%ozUxfN|N{@|+ z#yljI1|m_uf;se`3N<<0{rv^=Ex@>yOEC~ zbez40zT!$b5B1l^sOCqlyRR}yJ%ZW0^~1c&fjU-`2SKgmukj9;a54PevJ>N01SNvK zBiJ&i?pMoEZQ9VB#?}_bZyj3{CnV@&z@jXO)OvL>6`xthha ziEwm!zf3T06V9Eu5{O_n$^p^TL<8F4cDM;J4azau?ikK&BX^K7?&@Dh8TJ-}jpek2 z(F1q>XwI{Yet$34&a;Gx-@NA#Z{wGw@^OvdZ=Xi4J<4(kZK81vouIqq3PrDR^};rY zG0^pLT+2a@+5I;J-l~-IoPX?+X=7Ae>^B+*9c>)_Hz5TzZEIIDa2?Svelo+`FL|Ys zs+*C1?mk+1#HxvWSM)c6Z+l+s_Ochat#6~&uH*UJT&FDNL3!F-ZT^Lx+m(437z*mz zo_Q*2z4M)}Ei^saXN1<{)GE~6*43Al-`uC2lv~nf>ih%qQ_yEp2)&VW(~V+5Mk~D` zbJt*T&^bqT-m0}Ul&z-TG3OW%Re?%LQd_1?vFH@%?3eyoCzTE^%uXG&@Zj5OIqZ19w ztwn-)mx|LBI;Jv0&c~ve@!5C=PsZ1}JXW}y{S&gP)TCHfU6g7@EE`VbS1HWmIw3;* z+?Y-{J>lq?oPRM$udTBbpR+%7d zXzK^}4qyWqgGldy$^@x|3s-Y1o!p>%WV*L$6}q>Qf-5Y~%ml>*6pH|-3?S-|HT0`V zu{Xe6%@+s7r6jZvb(m!|fTlKts|*@&(Ujqpe&|$zS<^8nS5|S+a8;!Lu{HWDGqYBR z(=gEsVO>en3n3R))(fFMpX&$zZ13(!<*u*Yr53EwCY2S;abb$5GwCNMGIgrBJTHZ9 z+YnB%IHqHT0F@kO@rA0joy=`<)nSaQM>C-Hjs;$`OpdVXl0lZ4wG}QjLv1@kLI7~8 z-#X993GIx;lFr_-2&DsA?u4Rc-WJcyicwTe*owV&LMB40zrje*0|Uf3_;ZXr*Obsz zwae2mcqdXHVs)i{RCZGNp$Q@_`z`A|3aN%N4c|};nub*-U|@dKy(bJ3*j=_QX9X)}n*m%^w*=*Xg8rIgRJ*?>b4a1ij*xlyyad-9p zni?a|?ftqtc>X?lym;{3EBJXoiU`=r?d|Hx$>`#QhD+Mb|Mq>KI{)D85Zuo7*DC+G z3s;GoMQLC~NhgzESXMNNp=Uku!_DW1tJ9y;#JowtVK25mYmG|iL?e6n? znZ^8ky!i@5O&V!G?^ehLD44eLm3PEWbuKS{WA(nBKm>ey%o}A=K~;#LI2$?pQfH%r z$=W?-W;S;Gl}q4$XE50!Z3izxL*~yg%Gbm>p>f5)*ZiAklq2VWV-Lyeb{ zhJrwhKJoWxQfwGt0HNn2&$c#`C#Ns=nrE4zp5rQ6(y6;W+va+ATMQYl8YiRZ9bc-Y zr>+;RE@1k`I3;w?td&l5f+HdVQwrzXGww)DQE5?j%+qP{xS+Q-bc*VB;=D*L` z_3mBgsZ-CFdyeYr*>iSRSC6~z>l(iyeXs4uDd7@g5>b3ip63oI;qH3}Xpsr++iN-L zmY4$4dLWLi6z%(X14__@Iv^q8TWs2T2!+hVtk&y=aK-HINcRWhEAVg~2FSybj0dcq zlke(@)rZg}W8<2|ipun0Zyg!chJxez5qIvNe7|{~RPSM z^5QTA-$gvNjOli?b}e6T#v711uzmCr{;jkjCJhzSa6>_#OGtb*)cC!=v+D1Je zr@-gf)&Y8o8yrmw-2qLo;b+rhAUlv4Tw!g6K>1*dF_QU~yp@@&MJmX2IQ-hv)H$1dtThP*MRrDq-< z1MNb#DlZ`OZ31kB*MlJWewhnExudf4iDvd@)&WXnS*$Yv3qLbWw^;8=(mAF&0f(|I zwi)gVlmE{qP4=kqN;U}t;IaJv*zts-;7``QQLLq1 zr4-|xZun*Bo-o&cMidZe))aOxc@SQTO`8~V3D}U!%5m%X+cID1i38vih(6IN#OEvd zack#}vmiORFlW?3f?6wY*g=9mb8=kH>0s}TvOsk%2`2oAI;54K5$pbWA|kDKOtoVG}j5~@j05CoqS~R@pn5C zAAZ+4-}qmLCL3Q! zqxk-sM}|XqLS&D7%#u;Zi!9ampHPT_&zLHBLgx*bmh*=k*|4||@E({vgme3I)y$?= z(kos65T}+k0z=yC2N@hi*3tUy)R+Rz0BY}>Iem9k5U{Pi!TMygO#)DFyV|-L}xjPstbU+q}P{szO-Q79rbWhTJrVyLzO=WDaN{xr$oECw|b9 z%CLlJjlR{D%eIN9HydC=0U{c-rj3OGDWh8`31l7;)NH<2h`1JD<#?!$^f<~lTN;t@ zbBYa(zYvC$_F)SLq-B~@?2WIBisK~;xMmijbPJn)amn6NP!{2#r=co!dD(=ccEjD} z4K!RE-*xKeisRhHk;50$4}@ubcEprO=ld}wa4?fTaB|2|{Bb}&<~MqQ*+f{aYZI$fNXLpWk$LT98~>j{%y-rDUxVOxzj z<;j`k5?{E&u9ZR4YJik6!nIVMC&#M!_XQxg(ygv_Z8^l_&5PgsH&wd(n2(Y-1NWw3 z)X=&@M8xUmS<#XeTheaN1*uC!)oKKUuGD;=`U3r^PCgQKUXB$@FbhrVAsMRP zfB93xw1q>I!?P*@O@~o(g4lr{K^Ub-)^|+(u8|S0?Ae&MAsUotxjTqaqk@2&Lyu5A z9`UI~)qCC%+jtt7IKbDI7mou)SUOF?9nE`@CA6{=m{A6giiTRUWk}>yG^(yaw{pT} za2aH+Bzgv=5O8%p?78@H8b;&CIA;sxr<8?j*Aq^s&<+-WOev`dg1#C@0>+3*t>oiV zbZKp5Yx!vkt~u`+UA- zG6danJ%O|{jj20&iAJSisz}hXEJJ@N?ULTK#sNs-5;Q2Z>rsHnsFTc?hAOr^PbSo}JyaU7<+)WKtAqwsMQsaeEK@%-n0N(IX zDK#FZ%Ev&?P75%f#Z$Nu-vhPq08ruLOd9(P#wc>k0m;-gyx-$I3~6Pb!9ka53$B$$sf7w}vT} zrh!^nkbxzoaJFA_7D`=g*KGX8#qfBRma^Ssk)vET_hOq>yF!3$?;OXD3ur&>j_2X2 z6^0H|p?^%m|1;piV2sT)3DknCmV{rC*JO{xMZAHOg4{+~AQ_ZzDBL zzPZ+;t8E3xsUY$hs&-3S+{JvUf0f%WA0>SoS-Vln+(%V{vt?=s3fMt*+KiEC;P+>7 zb*qYey%v^crO6d+<6aRgpw%kPwmDv;q=sxcu_y01Da9<9RF~Q4DoXt$W##8WRbyTYOozaVY9mw zBElMKyfizg75<3X;6T9|xDD!{AL%k@Ye&d1NJ4mrs?l4FZIin%z6nOfw?T7l2Tyx0 zGqp?_7aEQ5B{FCng$rIV%r3WZ{^+*tVG0d^NIyhj<9Y&ffUE{jY?Yd zPIspW+#idk2q7F zr>0Nt+g4vz`5tDdoUY1Qk2E4#w3x6D^s!>!O&fWR+aO1$G>RtM!+<$E;Di-X*i{T8 z`Ji4~M3F&$Zq825dpr(EYJ_$+2I6J&76mAUN?rs>vqsCPOMawmN0IgPf=?RL+1$`k+}&z>rKe4)t@oUY zg%0r{QeLfLgM`hMWV2AtATz{(dP+dD&_(?jr(vcOn6U~Ks-JJAI;Bw?d0jfEJ4PJb zty{<5XD|F&E6i;`GoU0UB1b-RXcWer68mv|EWh2u*GjXvZK|A(0;00K_G);g#!S?{ zW}}{CO?K?i(Nr5^uVn4pR7@M{+}b_hGOUwWI%vyf(9KO~tJRlflNDPEXP3jRYWB$L znL}%OqWL_-2B!|WpQ$G+b2M_MvredHCjT4d6Bg=|BKx0`!grzVzg#_FV*0RT)}5XsnW+%$>6T=jozm+B}r2f7UlR-FsuD3 z9c%p~Mh@9HK3KY_2kiaw7Nz`n*AN9=SMkqu51H%+cbSMpa>5BBV_Tt-1ZX-gd8yS) zBH(oLuVmnACoeydIYkV^ymJk|WYGc{nBF9vaa1lVNp?j#U7EDuSVf=^O{{A!Lt*cR zC@vfdVCY2JVj2F44f3CfMKWonf_z21QZc#>QdMa(;IvL{d4h>5QNZTo=g(xa6=U^K zvKf}CShSj{#^Z|kgb?FFeZ&XUGN%c$nwF`8rOr4)UNxr^d2(e8Msuv#loBwi5RCLp z8ZGo=#$vyVP}Sy`_N?>w)0Qayy2v&Ee72v=YtxX!B9+jH;+)Sa$rz0fm>!=~G|8#B zKN$8{-oQj(T$E)$k1z}?v_M;tDN3Z=1-TGeyU(0oO34`xoRH`&>)9{?op5R= zJ`-8=>(8E{>X(Kre-H!d(uVd8aLi@|9>EAd>^25or6KEicTn}Bc4Oq`^eaJ;4aqcr z;!LsO8@Xu&Jq4zt?E^8{gBqc5Q|l`dj%Oueet|2)uZ>M#rmlVpnLjVSxtCuzGrqE_ zf&Kz%rV1KknYrCxpP9eq`Cq=WjbIo9MZAlX{zm#%HSQ$GTBP83fyX!>;++~`kr5Mw z#4GuY;h#-52RWg!V8VY7xZwN|*!(=B29pVac*B!;_l%|y!~-G(XLxkI#rS7gqJjOz z?=^Q5p&VBwm<%OvsaU8rB7_2u^PuuUJnkN$@;`L`F8n^es_F^Mcw^Y+uhMIFU8p?y zoM8AR_oUaFyDgiF-2HhF8X_>c-SYcwhDpow?oz@P)w}5TTTd$?p^wM!maXAfYhTNC z*E=&r0r^@I9JFWXEtq)Xq*wUi%x&SZBnPk4uais;M1|K=CT8v`0<7F1=Ac(9Hx(}w zV<_%#u^d+zyZ@PUgt&-!7AeG(Aj94KFh4!?zk-x}%@9-U3={MJ9pGm;|3~T$HT_?~ z|J2Qo^4)2bu_si9nUg1&S7)t68sVqdS=aw(;OM^iu1B#}eSG;@nVaJJ@uAn_d3W`F zk_1~e7uFnu&r=_{S6>caFO`eiZ5K6l9s#=Fuy`$ymei}UEWUKVM0Md-`8S9+i;k~_ zffYp5$0NdS@3-p(#9F;tTi=(R&4IHO{;k;Bo@{lChVTml0*<|87mdxVRxK&O#6xWN zW=$ZM!!@TRNxtDaaWH&NKt{iWao0DnA*R;{oDOa9G&)d@oM@n1zXYdktHQYsOvENc zMF7h^Exd2RM~2I8k^_d@-~2gQ2O1b{*#O-D@uv}R+}sw$u_%}EomMeKo31n(@9!x# z2;(+0#zY%;(?vJ!h(>a1&k5LwaQHE=P3v}wIY!;*eg9P!=C-(}-gh`&vwdqQ3Cw~i z;Ur~@Y-MyA&*piQ+I5VhMZr+>L=%a*8{ja4JjjJ3Apy{ZaUk0s=4>t%zGnF5NzWAP zO2;u4>2bA|_7?bdD{JemeNaX|LBx`oKp%(_atN|g%mOwDGD$PWtBFa+L=D$5T-(eG zE5|D8Lp*hx2T-JsAopu8f;*P$pBPkzxXfWG&`cB>T+OiVwoR+!mf_LyCpC@9bbZ!m zCE5p;9S9IJ;q+Z{Jy9DonqGf|;53deQM*mNPW zOjL?6XGb~S_doaqeZ5MWHOfdZOPW*ioGb{ZEgRcZWoe4(W%g7vr!2LsDy5v;`4=!} z<$v}-9-HZ}kv%gF1p|Vx;#tyC+ay5wEgJ!a?!hZt>c85m)RwEgfC?ZFh3)~9Grf*- zee&20ylNZ(hnU?%X>?I#OfCQxBg95O_F zDnvMMxte|}E?s}_bbk_CudWWlfQp0U!7yD0)nHHnySPBx-BEnL7B}eH?(|X+8f=T* z`bu>%1|P3de%9kzU<$~@BWP!i@AJZe!c6w|7#_MN|0jc`4QxV*ii_{ERalc{dad~^ zK|3m=w(xB(rMRy42S7vk)^~51xPbU&&nfxu%&pi`?4X>gW)$lX3iE<{tBDlU-}v!v z6RpO$14JMkXs7-2nYX}aWmn=N>CyxxtP!1FOVibKHVd(7#q!Z^4V_dc-Pr(Z$UBiK zK4cw7F=0BDz#JYmEfU-VRsFuPq9K(d4W!Y+-q&xgW?MjSG+TCCzp7{(Pg3(-HEF-J z&4VCLP=ww-RatvD5-b~I18)r!hoa4c-HMSx@Py#UxD7s3$e3**T9RHX4jgJrt{!Z_ z%%~FgaRyeRVD#uo3qAp9f@O%i)0LGEC{>Z86dT+Odxw%Q(f23Rh*b!Z5=&b zoIe#BIanG=*>B1YCk?FPuFR$KMHeBy*Qy_aw$7SSw;oYyrUZXRA0Ii~G0552omcO6 zV8mhC{oH!0cnDoiOS>oq!(t-h+*d-lari8-Bw%vY);m82-B(z}vd)9%M&q^$%12u} z^$%K{Gc|>M%AyOyXzj~}f`=q_-q?n2=@anB%@pV=TthKTN%_ca0w_u@OB%;xB*v0q z4&93LHV2uMtePd$fLu*Dc2ETBTTuGn?DPX~LEnwiaY=5Vlz2M@->OOE^c*I<{Ef## zy9AiZ(NwdYq(aX#Tn@l=zFx0rMv&F_MS&_;YI8JcpZ zV&-F_c=V?;v`Pfrogi6~&&QVhgAH%n^ODYOUcldk51S4{@O`ueNAXW7`!QAqDsGPC z=)cbi&=;1QDTqKBipV%=reNr4Z3=acuH-G%Q#gFZr1Nbyj_KvnP3_YD>Y6p4DK(!{ z5n&lWZubm4dTyeG>o+PgA?m^6BnvzPv2;0}?dY>*t{IeHc9fQxv2WuYojFa<5x1+X&VFg&P*GGHzws{UBz#~rY`Z-%Na)&h zdK#wRf!#?^e+bx|eAV17Jh;90D((knH^0t3)OQDv{fu!j-ADF73-(p-MR;`n(m*Is zNJ39v=$nqX*WK4Q^F=X(WP_Dvn-1e>$IBubP-rFy zCXPkE&@kK2pM+$43LM+^$vhBfvM!JOhefD>Rh# z_n0~RC2yvS58o~Y%OK5Ah%0&m zQ*WRpvRBtTn=8LxKK7ROLPI?{+E_ANK2LyRim|J<0dPz|jjt}bzd60%(zLYKktYOa{otbTg z@ynx2Qz6?vC^L)VjUi)B+-|&?7|KSOcXxXSM*nT0X^N4(#-Ra!BqBCshmU()nviw}t@5;<8P3Vt`yk${DlLfw3{u!;g<4 z(MsY8^_!o_m2*IHZsgF)4lMZ^vXWhj5t5A<7D(~tL}?^H%|L++i*?{=v27o%II$0Q z!9TIF0%#EZQ0p4{!*v$96btBJO~-=Me%_WFO&bXo9d_SsxN@~dZqIN`2zEOu-G6>M zu!%76dtD+5KJxQ!ZA}rtCUmp{eL$dfh31C!=Yi#mGdN=avWr#nrxo)d@bb#+L@7Kx z9}Zkv5QLuM-dg*We2kfYyi+}6F_n-htrbvDB)V({gZtw~{tSuKK2ala?2>aq6ju$T z%2LP?O$zpm$d^QR4vyM|`bP5Ga};nEKrM9u3pLB3RC9SCIcjqW+5{D7X}Ql+v~{|D?3Uf1lOzP`8tFV^FAH0K^?3Et+_^-nZR%SLt2Md|3a^r&B_LJX35&tk z)GpPjeZnRs{H<#0k|5wcfrDe`iS?1=IGQho3P&BJL z(4I5b)eP?-WhN*cU0LtOdj}fThgM#~`R@Bo(LT6T+CBQPifDhfH0e7<&@j`gw_8vC zz)?xQeK<%Cq0!Q4j{-Xy<+?x(%YXMp9%zP+EaoIdy4)czBQ|R{es~eA{CatM+age#2jwM!u0J6I6q?q!KBBbSkl_`}`dh#RZ!l{2QJAX=@t5o-;R+-w?Go0l_FbbN?73uC_m zFX#e0uE5d2oLI-55j1)gdUxM^HX%G%_HvdPJOiL}h=877)#?My`hW#ij%`j{1=R_G z4Y!@Md;px3mmj(CkSGjdj+TP9wKpS=A>_2f?tZso_EqzxRE16nB<>GlJnfuF3ewd_ zn|QWGL1+}}KA-VefsmSX5nf3=^9N_PA(n+ zd3+2^L2r}46W63rfod@{%4LgEh4S;sR7F90fG!jue0lfCwK9n;DY7Mj4@7=kjhrQ! zSbQY5+;4b)%pDagkmdXeleXnniMA@LU!_Sl*w9HAo{}}Prm*56=8vfRY)IS3*=tuT z?9hNRI^@8KxtGt&xUYe^lu#7wl47a*i-s6LO&#wRTtT8&vyf$t+8$>e^AG$>2?J%X zDQ2pKs;GQOSBUsdEP2>g#ib3@XAn(gCpgfqkq@VMHM$aCRmhJ4Mg8719JE1Ad>9yA z`3G~J(3uv5Q9@Vv(#cZy zvx?Uzl@(U|WX#C}HU*LMDilCoYF-Z1eVMZJ`Y%))cedHzn!h8n`D)04m5-k;>y&?J z3-6DOS$XjD$P#vmZW(D>)=iSu;qj!=vh}rj_t)<))dMgmkLArE)a|AG)e9CI=J95( zj&f@Wj#gkT?#y!Mww{*!0j&~m7jN)1!k%|;1z}&n%@>|KD88%*gbQDhAiTMhbU* zBZb!_k^ZA%I4POPnAmQ+dMi0Q;D#2t0~nsQRIN?y|B~sTj*{=!ygYH7VRo`x5&@_P zd($2|d0A#A&jY$(5j_L9&WfJS_!n}-^OGiJrun{0YUh=S#S+}c2H(yd2Lt$3*92g~ zu37FL6*jP@C=P~}hTdH|+B)gG=?QEae*d++UEa$g&c~vf5R0GPxEPYU$|dm6{6i`e ztwk!^&e478{Ta~({r%nX#b>E}!&miHNN-YSwLgp7L<YL?l&278_!3ECn5+mncTL0>9wKpAe>%5T+btdx02Coi>w_gn zv8Z&jV}~o6s?VICnp5+B-49H9fJO~V7J@HGQ`AJiv8=*Ch5=w2MDvfeCecL zh$*1QC}3u4Vuxc0&7OjzbSVYBcbJ#xlaW7Wo9sjr4eH$2YJxQ~cR^mf&Yf#FvNf!F z@yuuf$zT$F-P{gigz^TEka%cryN#|pba&odpsmg+%p*-`KoL82W$93U+oDStE|{+t zd$b4x$mGt|NozvM1S(0ef%s!lIaMK=$BoL-kM@S(Bw}XdpB~g`jU&?*e_TTW!UmFv z?;Ky4tF!v}^n}2@=Z~F`bWxC_sD-q-L$`xsUXfFq)5pB7y#lvz&c_IXUX3`Oi(3pK z10F&xUS(A7C#BwOpfd+}%{H-QLC+q5+b8~07s>k$xT9Da%;ESAq5@i+=@|aIt%}#M zL_}M)xD=ea6b4Y`3VMP#6(n!u`fiHIjJKPUI+c_2n3GWxLC9TTGj7fe}564YJRsWQTG0GM1{m4X~d%|~daRYLYQ8)F6k z`eN|AU;FInu4oMdPNc9+eQHPUG{)>AmabB(5vcy?C!JsV4;EX*^7#3Jw~A<#z-WyS z8cIYlR^yNx$xNQ%VK??1`I5%S{xo;MV%c-u;u59Wp*}3zVhd@*Vx!n{jlK{NTsu6* zs#{jfRsKEG`4_Ijj%$AX6#oza22{BPW?~KJeM1NvlU`th_7D@e@3Yz+cT-1hWSMwx z9;*o+SR>3YEc*Qj%Egoj+#{qXl}>!2auUx_34Z%>xOE|O$cf+bb#>N2(2ViUQEQ^G zxHA#?8R&89hrjz~#vw{1&)v<3GrM*aJJlF|IVz$G%^4Vrdb?9UT45)Sn0-^K5ARQe zyuVixz66v26!`hQXD6UmeP6YEd>$P%c8dJ|qQySRtpEpn1*e%(1&6m=dzy-Fgn1De zZYOLkp3G*r-4|wo^udFVhK>#43JeshH%Tb?0h)>>`WB}2`)0wPkquhO9{gY^x5uaa zZ`GvU>tLg7E6Hm_fyl@mTvv-4i&##q*{R@BLvaau!j$$8hQVoC?7^!j!5+}Y0@E{l zuMp`|5ZItVGpe9Iz7?Mi(Z$u3a@NU$771HFW+8-dnLjjU0&@7{- zs~6_+$-d(6CQA=p?m*-RZv(-^k-1ZA7@vru}*ZP@xc;MBR5p0iBG{@UA94*&#BM}%tC*%|jfMfrew^L>Rl$?jW@fHSk*e!&Z zegFqOR*$wkg7$zTz!4Uis84ZG{6Sr?%u}F-mPlgd&t;nCPA3fo@HuUUyg0ke+XUz# z_`J>f3bdW;H2bz+BEDW+{{5bXwSMtOcG|r>N;4JJ*FrZFKv~#FM5A#%a}-|lM-Y2E z6Fp**G%|x!=>@35D9x9NQ9l-s*9V^b(M$o&<1d*+TY}`wz*TjrH6c3`FTg-mINi8c zmq+f^3Eoz{t=uo~g$HWqgX17J|@JjU`7!t%5xMeY{g5CX)G|cJM7&T3jGksYD)mdiD8{k98Zp3`kV!$g$$!S|UZoE8-G&NYk+_E*$>EEqBG<>UFbqu9x@m$DoQc?FCHF&DnYdiKOyxN(-MPwAt6B|;!dAq1_1uKMuo#xUc7mp< z_4@G_w8@W2`9IYc{NPZxHUxmiMXbZiv^!{c5S zK30q?zdIk)+nsf<@9Y5?TDCi};x!5*}h|P@2Pm-P$)YMR{#F+i-6auZ#f7B zJ(^+EGRa^cTuLEAnQ_)?Kp;;y${>mp=d_RXa+K!Zg8IWgjhJXNBB z%W<`p{8)}LE3dBJCD#Mxqt3}#+<%TJ@#AN5*;%UhivT%A+F%kDC52AyCfI=SrTDjEQ!#2X|AX11C|c+1KzP2i1rV}Nn0BbleFFvx(_>qSHH z;rWX>hHT*AXJKR5g`qf3%u=VvbR zph13jPhyTYByb#Q@&Fnlzl_dh+M z*;)RF?)=|oBsR`}T{5((A>+8tj?{goZb!j_Z&4x)6!&+pOrv41&0bfA&p06}B;Gtc zTC{>hMdIUO6I>7`iE1Qflfa`6oZfE}@eQJk#kI_F&Yk75lmCf?lEfa#ZTfi{nmRn7 z7urY;5-Ym^u7(AP!xukEYD_#gJ+Pmmr<*eDDEET zGH)0R?b0y5extwGjKY;h?>VVwP8r?>Nu@9?c8xqicdxvE<={Ns{XE44Ig#KDIn#eF z{GFk`0eDwbEuP;B?-JRee(2h)oEa`$yeuYb8UK9@{qWCG~3&}o;1e=q5Pb7`_bOp*!sX-2XReLl6i|GF|J>&w{I+3i-tj@Z^!^~)by(6`_ha6Ez6iNh&-A z%)?4WT6xrC<7X$NzDE+~t84b8X`PnlPSLqFzfAK`%I}N^SG(i9s0~dTbg8xz@7~WL+c?XlRdjvp&avM|FH7Umh-h%vK&i!DtKu!-&tTP_g$k?|P!~bmgYT z)5d6V<6=yeb^1$IVg_em)?S`AO;danv@$Phn@9ZQNh?F|+L27&yLV+;y?K@%Di03^ znb&I;5^l$*d+TOATy<`mPdT5G52}m=G~KE~<_{2E+IAOk0p)Ut{FbJI73shqKJl`c z8C9-!7x3#=)NC&{%2oHGhEv*~-A83g>N9siT=2B~F<5;uTz0Sv1f%wYD)X)$`Bg=% zq!4B?B*WtaN6s}EZrXmawqq7uRTWj3uQjyy=W0u^SofiY1bd2z_iuN7NsA^w@i-5D9^^rPpr~jH@rS)6O_ZY_m#YsTCfK{R-ryP$9tX+sfBJ*IygtlHW)G|oyO*D>OTQQyra0F;;sM*797)ELX zsZ&9vhiKC#I53slD#P#CNfiCkDP};QbuMueeBPJ!WnDb)?=>6|mP;$UlJaemgoC~d zB3B?Ug4rSHm6rwYyolYB+j^2vZ`&2!I%>2P=uXm_ zS;!nwCzm>%xCD4Kjz4gUubIC}sp~KXx5pCDndLa~NEBA4Kut$4VH2974 zan>9OPKN#}3P9=rM%EVE$s9FZ)I#^OU9lzYV*h#~4z0f?dPZ!F4ev;iK$y-;E(c?E z6mQ&vmKsdYW^wxCk)=)(81FzD%d#gfsfCMrOo;?2n`!_C^9J~5k2z)3m~aQqpN0B+ zrdv7?KRiGW)6kN`v~NMNU(2OdBc*(9z%X>J;j=WqKLGVcA& zXYmH>hIHts1722eELR6!`0n+CVnGURksw_%(dpO9?64zjlDFTrigyqdqfyZ^-k<9u zQ?7k>aVj(mIlHpzO~nZ}>7jJ6tA-aaVgEtj3_Btt7n-;8Rq8(Z2g1=lW1~qBGi(*; zD&8`jHnKjPd61QxkdnB>_9kg!mS3Pl#IT4khFUnj$#F9HNy7INxEMk7wu0d4k;>@f zlIWJ^u!hc7YJn=1ay!xD^pQL8W)P}@CH08r;)%~1Qh6D%=rGdmQA}mr!ww3jdWBGB z%)_kaC4FXjAqdjYG=L}r_&KH!wxSoT?x@pQq;7u;d?Ss4TdV;bH81!wsfk&_mRghZ zLc?h8N5y*au5-|ER>b;(UEaIZdiyFL*57a%%-P{RE+A1?=BJVALvOyJ*1{MH-;BOY>g3%xPNKzI2S5 zw@ahZE5jPFbvlH5VA9@E&?>k_csP-@z{#vG)tUpeTt_?s09FktA}>#k)4wPRH7s7p zX=#;k-N2-`Q@hAC4s!!1xqrDvKA-?ytT z!CQ?8&-!nB)y%Jt=RH@~T(8@&^zg!dO#~*9DMfvtk+jMoxbj%0RJ?Y4^g!jH)9qdF z_v>>Lw|lA$0hds+`3dbb+9xXlIPLHh>OiXn= zqc5#g!jc&R9|U<62sG_L_&ye@ozZ9 zvJ0?_!D&)=N@GeVN-N57xy9^1X3O5DoBuF$O}@t(Lb>HGohCi#w-A6ffuwN2#8}&L`H_Z8gzsku7aL3Gow%kDD44bL+~P z{#^IQnE88q7ail?3g`tVWh(929iV1ifAro@zlFe7t6tBfaqB49y zLE)M^12-3trf;=aATL-Jdsrh$$0P|O=!OJ~RlcdIYOl3cP6%(O<(BVINvcFYXuHj* zy$UhJ>H4{cV|fVl7DiPzGg{U3$Es`+>18?Vt*N9N+fZ+Y<&I39)x4Gs4~c3hYL~UJ zqP!b?W`W~0NCOy|1oV-p(>Q+kW&apQ;rcSaX_)$6xuQzZ_5^QEwvh6@hRThpwsVHiZo&03gtI6U(} zKWg6QXuQ|Jfvynz>E#I2ER__lpMyw)R4Mb0XqNK{wh3gN@7Xe-1UjzAIR4jp#?q!8 zcL;Tzt5!mPH*&dR{4#B;?#2xjUniof(VYcO-(?n;S&l{ZdKO)EOT#0eMp+zp<#L0gzdNKNi44+o<2M}x-UCqE6_e$ zgilk|E**)jMh^fPI7O{dfjH_(dHamAYv{crH^_GmH+CegI0`+6sr2yW1gnu)9*6*Obby9A2VEGTj&sO%%cXT_eIm@2YB!$gooIA@qBy&skmYR6lZKfM?Ot?jt&@J8SDxFR?hgHo4J(Z> zQ*%nukGJ6r8^UaA9r$HfyBU1Qgw96+?*nduX0{^RvTYJ*E~Ug>ge;-I6R>7+YI*iE zrA8BbAh^q{9`-`_8~O0bC;a6e$6c5v>c$@1>2sL7U*L|GP2=(Vkl3dm9(UP3?iVRD z7CRH;SUEd#agBa7v|&#sQkTsBg-Oq79?trO%eQYMXS<&03Wd0I=$y}9 z^khv=)9D9uYUjh2vv8i7nzn_WqeZ8c_G-mBaE>fNT>nnwp$CFSuw!@EZW>aX~Y@6ecQUI^QA~vNzKbdwQj6X3<;@ zcIK=FM~@{GS9k4i418i~N>Bz)Ce~D{G6kLAOtBNnh4)bE58cD=6zdDWwT1Z_2B(@O zYpe{2sv4iEaxrR-wQ6T1pOatLZQ{ru!ZEnq$&OR76S~;I>804tmjw-W;7ttu+TWc# ztRSt+JFmU8JmI?FyI?P?xbk5~PDYBgFowPy6z^4hPII*#VT_ ztGM|M87n<(F2-wANhs`ix&r;xnLYIhd69>MLDM^?91<_ zTE`FCLWkM#-U2%76cCXHHFPr{@w{QOY^JT9h{-TdDNtgK4o1_t!UG$rtx*bm) zPFK#W1fk!l)z+gcrftQ-9Q_Yv2`d=c?eE!)j~p>ZP>p15K1B(xLp#E>ff=bl!fi>A z%d*@0X^$_+rbTAue_ELNUj)qmcVXsRb^X`#-V06b#D!7x|9F{HE0kQ&FE1+T5#1RF zfEsa8^gD5t>JH}r@U;Yxb0y%VyuW5GU}`2D`1?<-^ZRLSN*ujDoYeBM{()e1V{-4v zdcW2g6#ALKh}L(@A4U~Ez!-)iCyYVM(f3Au)Toy#03j?zlJ0jkd0y$@xN)|cC2@1F z+0K91VLngs0~Reuhk^1dhcT`g*wT5JDZCwS`DOp3mi15XS}ZU*NqC^VI5T1qil|gm zJ)#YzEyd!C6tp_$VCWM!&JDLQS<3Xq3JZNHAo;LkZYioBV9k3+Bf$rD2a<#6PK6dO zhw#}=gO#5TLjvqS_e_jVL`RGnu55sUGH)YH(oc>^LfxxkjM^Y`wn?*TI|DnYA#6y~ zv&1aJor0}S7OuH{-@gmSS4V1BSY_&1Qli;7aj^keLG=oee@z4&%*&c@hcc2Mx_P!f zWO4J|v)T1(OLH~nhB2g0d-ZFw4MavFbpEx?WjRxKjgwLTd1?7z=OR+-dP~xcg`>4H zHF7XOct0>fQJ^?w?fge)5UctsPuyV!kYIM?_OusOA)o7^pPKA0F+F<{GK0#b+X# zRt<)hrR*ijlfbO*YR1lq)fev%OO4v0f4SE&sQ;`OF|r4P2pmSmi*f}DU_J=dHX~-F73gFHDkSdMla0eV|T0KlKmi6&UK?Uyc zCd}&SB9kEpC4${6NUv`O08UeezP-a_1#oOareLh*2Tt#R!mCCQX6#2*CwBGu7jC$| zu2FIhymdo9qgkIa$yaSS`25G1`lW@Ti{=kr7@l0ph@ghe{4X3PBxDK|34tNst^C9; zfv3Fzn+A{Owhw6Xs73emqbz%2QUp**u2u|sp=;En8x^Bohsgfvk%??bnRSDAeyp;} z6`pL%9zvw%;E~zQsD%?V9v`2(*X0-uyy=6)dJjzlPIr2?w2 zoRC*t8rtwU=AaTvA4C*lbT{V^q7d3Z;wn=0h+uhzex$a8R6OG}{B`o$*wFh6 z)2pZWDpcb)Odk&p1=m1FFolsNfjQPMzw)KS_uI$wZo<(0?x}|_fZeWNleM>E>#9*? z0BQ<`Rr{2MoJ1_s0E$Y9fS{#LSQcjSVaVE4}RDSM5|R+qHD5iL;PR;ah$i!=KeTOFV|`LVnk0B@7=0O>KA0cI@04 z{{s(NT?(GCN|bN?)Ib|Cs1dyHNJM$90B6_zk9*q@U{6Hq33JxGVv5J)Fq_$tFhv_M z#ux?JyL;5TOAn-yxZJFsu>6>g9$J{#2((Xd;nfM&<_F!(-_p#={g%un!1q^!=ns?m zI=U_cvJlh-Od6XD>#Y|31Wf~3mE_@u~rsRS8TD&Mk6E#*apo0DT;VJizlg|Y>hvey?&@Cc}X(JT! zYCX&Bi=C>GlC*Wxk3jE1%ns%aHBM_pL)c7lp0l_4SqLm|5REgYU1?%}>x4TdP*IAT zp{7lfkRoAfKV$`@bL&d(HwJNA<9zQW=k{r(2{4q?TF3gUt{ctPVB1_yDAc=erZxAi z`4${^ieMw1t^@*&Wy`}Kt?iPtFsgQXvp?!uKgrw-Mb@`%qi}ET33+s*_EiQ2Px_yC ziYkMMf%apQjMY{f`E|DrYN+qP|Emu+j8ZQHhO*Dl+xuIF^0{!Vh9blzUc%K8C!GS|H4 z7~>k)uwJP&sQt;1>v6fWZ`cfPy=|DTFhGg#{R$SpY zdy_Pr}0I-@@@9*AqLN5pZk#&5px6XUln@iLFp7tt-`s_ zNJbsD%xF#SEH;l-M}7m#1+JU@+s42_|G%XiMn;zZcw^|&&~VydNBr3s^p{j+6jX?y zZ4u$#bJ@ok#yCT{8`33BRT@DyHpL4C6*F#ar+jxn`EL+u@W!qJW#B>D{Y8DZ^n}=3 zA?PhwRB2x$aE(lR-cW=3#~i3OLn`#Mqt# zeV82|Sb9TB*zWcC4L>OO;pkeKT6Pb&fODPQE8DQM3(}Z4Wa=q@w=nemN*! z+2FXn28aOz-Co#z_KyyaxiZ@E@-%pCQWFc_Qv0S*gquq}B*^AcE+-?T6{Xf}9PT{2 zElaX%q+w;d<;NE}_1$j#m7Ueg60-zQ$Yy~b|7sC3Ls=)v4z20L>*?v;L+W$SbZX@5 z=>{AgZ>vSu77`|r;2(>lMp%7o5&cqm@`ysbHwY(fxc)2w#PGBi zh6RLRC0UYu1$q(?3W81khIq1TGrF1WZjXCUj}0ICN);DW{L$E9d-lre=wC!ADJv3r zE7c8)6@qHjd^8=vdAB3Z$;U&SQwf%W{q0OW*i3QA;*G<4bY_WVgY3Use(z)Yy2Lj5 z`hpP+qs}1YP3 zkfy$=s34%PM}_4@VgdDO-i$5_i!+>ZRKV-?BMJd$;{BxX$KtN0E8xAMDK8c{0FU@b!=OY$D0?3iH)yr)0X@)_mec+-1 zRKWni0Cz^_EtV6hSew5b8QvFNNPWrY##PWG4S7seP2U)(`C`wKIxCPHnTI&tR}F%6 zE0Q0Gl3i)Uc-K$h1ZaU1Aw@uZlgAExBop+fkh$QGz;9hWTK`*YMGQfFxdA{P#oOHz zLt^@KtL!%Ux3$*p=C5ncsB5im10!k0B9CPP(<`NcX=!Q9DR2hEAZMYOi^u!F?!EC0 zX+;vIvgf9HVsDN;?N5Dp^A%1gMmhWCtczYqjS?UZdeC8hYVVG9zgfO*UY)e|Mfw_&s9|Nm(8&d3Vdr=gpbn zJbi?d()a`%i3keV89YLS=7`S9JKc0$AvQZMrr@Uq62fJip7*hXXvmqnVmAl~*C(L^{(*w27W6)S4K3cOjiP zV?@l&{N-|c*6PRzs$Ac9LAb7=(ooAj-0Hfvtn02>p)UVUx2g@2)C#MvrR}c$%wX)5ZexSr}Sk5TMDjG*KPele$)VzZ#+62^3rL?9?ZAVYY#OZdMp z=`E5z-qCt_X?f9Z{JP<;3s)Srfmm1?Bsb3=Nu5~CsxY}*H6)4Hz?>ljPAO28jJ zr3=3d5}Fb{lu|lmCFQ|V>D`cOvFI+Z3=G_i;ZyJ3y*Y0R3FKBr6iBdhdQM9~ADZi< z#qQ3ln_Ei`&UeOLe0Psea~WwSkl?vek>AGP^IbN`12us!;FS; zF=v8Cw0cx&gdGgH8#9|}hqwnxSH9cP9$1TDD|Z^xA87#XgN{eKWAL}gPyT+ylDAb_ zf#I|wyQ%G}&zdja&+XNhsuEVbTjKkfHV4^K;IpUjNxi>pR1AC7e*hEVPK*014+wYk ztjy1SaQ}MzOw9w(!75cKh%x<>Jr9#$k95&_;DBxoa7k{&_C=oxnyt)ilZ9Ng(`inJ zOE^XCbKj$9BVEM-o3-zm)p@JLRvr?;T()Qrt5J=8wyxiRgX{e=X5U{lMR`+!TU~%? zi)QRvV`TIf@a+pP2-l8Ui@i0G;G=kR@AUGfnfwWPVwIgs&_Gy-5tP$kZ{mcoc*QX_ z_$_zC)gbs7?{$%Z!5Sn))(m= zeHfzA2AQq)*{e3X=#q5RIA2*`wT`s zaeYO|(|?#Bsy*?N(=~M+m*6JI5-N;;4)u7XJxx1Dt2IB#cq`6K1ZgU?_{ zALdz4o!n(f1c(dUtX6boF|a^0j|l zc;A!xzRJ?ns-{zkt3C2gMU1GGGw8+d*Id%qB@yHP3}8sUD$=G-QOGyD_Cj_mdV47* z%h!nAwIwZ*BxY(#E5ZnhbvrQZ7B)dOEC^E8-0wX0%w$77Z*yqJF58W-)=(xdSmf78 z8Vq)pT0lkO>98u-op8Xg%lBd0cu;iNdcf14Hq)2QJ}Y^aSO>1aMeO1l-*9PTQ_S#% zYZ=dMlqT$k**g6j%^LXDdMeP#0z7R+oyU8LTISO^zB?SFA}_oe{h-Yo%gDiC#4&B0 zH?lyjqY0%p+~oU2p4k!?n;s|q&}?X%Qdv0Jtv@p}HS;J=qc?b<0}(g5HE%la?T3yT zuDKmktWA5^8jw+3qfFRHx+c7SEdQ>hC^KU*@{47pFP6CsRCI)KYI1TpJ>_WATzs+s z`FG;w75YFX*o2x$`9Udf{*tyA8nLUBizWHIwB+X)+2*^1>KP*b*O?t{W zLEKIOwLpn%B7mpdObTNVkcSi0=QKd80INul{XWy^jr?(wO#JV)V$OV|R z5sv{l8iO?zba-J4^|7=j?5KfJH}2Bu;XgZ?gZAX1`pz~>d~+u|B{r-C=tE3uq>1c| zJtaJ&lZ@Khe+dGlVceg`g|TJZtpNMv5d$P|)Q2P46&^w9T#7sjdIH2GCGq1z*$9@~ zG{q0*MgB}aoB&oQSkJ-!_JdHg(QBsQ=RS-bq5RS^Xa+SzQ-|Bo4*mW7d2cBu{+ zHOUZ=hGDx>Z^9h>ZTJhwIA)(vEd+l`of>s9m!B34LKi%4mq1!(k?(!>%>#nT;$AM5K9}|+ zFE1eMfk16`*-8WnL7Z+}x69Dy3b_Q!yoFvffQNA+4@%_w!>N)~KE!UOw6ayx@=$xZ z!TD|H_<1S)SpH_>R8)>F9j86Q?_QW~zah!XC7nP%O%AhC=?w~WTBa3s*4VpOBJqij z1VGJ3jWz5HO)c}Ds=rSPD%AyI{ql5z9n*9MejvFi;X0bjj;Im+{2z9=FWS}SFW*-e zZx@H?&!K=xkvC0Sv92|kV9SDIOt$N^vwq-Fdf=)f6YTXgCiYsttr3q@QO~LC9Nae| z)`!x8@+&%p(ryFW%ULH&Tb-+v|59xcCh zP_W82NFP-olN*gqTFw(;Ato?1G9;1>;l?Sn8gmZbXHPks1GKEe>4M%3nOh|P*|D;3E&(o=Bw6*c(k4-X=lQ?r1WXjv|h`(Q8IbOPo-k&}1uX3NO;?^CGC(-G;Jw$opZYXRJm9P_-3#3Qa zsOgpVdSh6lxVvq=#X z0I9o+0DI*9(%g8(Vrrq5LQd{9;?naS5XqYU27WS;q! z@94+yRO~R~ z-XkC3=ba5fhSrNAw3rUv?oXd9$y@*+hIXmh%T={pd-5W5{8c!V-%VL8_IX3C2o?JN*$5blvp0~zg=r7y_s$JFn!c>v zZBgtc^=A}+Xk|?cZv7@6nd|%qXb=Ho9c-GEa5{J$q+=~+WbU$-JIb@>WuP_`uAm~{ z5v>{$1WKnEEhZsj%C`M+<`xJw#bR&Q)7(h{9$pO*83=(_qp4j8!Jm(Zt>=<-Vyu_zD8W%T1Xh6i1Dn0p{QNVVTL^tuNRE6VNeb6R?IhK z?<=3oQQa$uTkf?f?h9IL69D`QyjWW7h>J@sW+ zxna3rmHwgZ5Ts@Ir(9i3EB<)TzKsIJ67n<7SqC#_;&rOt;m8?T^?ImvTY8V(crLr}x%7QV+YLhkeIH-Sux@mhYzO=a_sxVvS|p%4 zFpMewu=7vczRuv|hHy1b7cniyyY?ELzEQl0+@I$DN$+{ll9b@0K||PDb9;16)8Slv z42D5ESeotu^Vp6EoG2!O#M{zgKM)$ZpL)I|nNjxaSg_lL16O}=i1^_TT z6RY8(kXp5RU$-&u5(OB{(D$8 z2)Ow9513Z3DXIf~d* z6EwrV-wdNxi$vY%f+v&Ois&B-5qfE$e1xO^tE*TX%n*%ivU`n`7}C=Mo%SzhpEb~# zdVpL$e30ONiZ_<5nS{MVs9|P|wlkhaeL?=B+H%P)STM-FITULu_(F}n&axY>42&A~ zr^xZc>X`bpvXYkg4SZ+>{|$Zz^gpz1*bKr37{~@uYBu)XNG=$UGnNu`z$)a*Y3SZ@ zc%TPr>@qvi384~@V<|2?W>{TFw$`bLoyxQ$^;LnE%lhs5sLNcV>Wu4bRWQ85T~Hl* zW6_`RxQD-oOnsZv zdK|6q=zO0jUeJ-sRj)dn*;|(T=V89rw&%Uhi(_FBWvB6d4=!NDv0Zq$tzv7ZZ!&;u zu~fP~R~G=H)SEaNU8P6-!pHG@0EA~X0D>*$PQPs%6yLvLS-4iAq&{$>ML;;DLC=BG zp1<~w^3DINI$V?fm2=wzbAYE;Yt!pknwneF|1n1yWBePHlDO^bD9U$~_;aSV+p?Co zQP3G73s3OP5bl(VCG@7-{IJ3lN)$D(J?pMwhu4%h@(oRmZ|AGq(Cq!?^Bu=<`cxHY z1&D#hlKOpvonlx*cPhgYgk^7@6|7=i4Fr!)-&a#QW z+DyZqF%54-q&tt1T6|^*hEzjPU7|%w5OVlui6NwsoK=(8QKxJuiDo`C;cTiMf1|Jx zvg+}MY77jFs4R#C%QX)%x7(O&~V7hpj6v)G?(j+ZGzz``p1>3sDusV#r% zjZ#OP^o2EZ!YZvvTNh%-Iwr|LF)NsG*&l@zX3K}+C*MF(m?ojL8%0oeE615HSHx8@ zI#}+4blm%*hBrhg>r!I69rRyxTwuCQh0bJ|6~r=kk4bbhp%Z6V)*iK5yqJh!?dI(- zbU|Qfoc}ganc4nrqOx%Or;yhr^$pttR(S7cHF$D)@!p6Dt|FlK-PUd9j49HlEmQ$l z1NIn1EG#`ssx8oy5jS#0w6_#?hsY-a1exfNfxUDlF~SpA1m{imGnVb{V}=Nad}OgM ztwM;H4j1=EK4GiDDPxiq5i1j+&W$WIQg(BUyS7pwId5MeSA-Ft$DOkCWaG^)XC z(dJ_l-xdvo$s*)P@j}9GH8DSJku?~j*a2NZP~3jb<|zX&_ML3Yr@_m^b@|FgR`c_z zMD_SC-_7xh0!9nXwAXx?0&bxoppRT7{kK=mZ<%?`p)$45= zhK*V%ER?_E0?GiSVG#ooLz>D45G_)Yma32wX{fAoAyXoP;@D8BU=}dCWjIWk zz({@sR!<=p-~{u2L=yI(2Dmn zD*T){{R`MWGYz-a?PFxktGD#+K=Mc&BS}tJZz7|@^y<*07NA(U%<7&u8_GPA{EwyX zYLD~~_|YyJJYY`-mQsX6zfg(S{sLG2GA3}Ky>nD4)UEz$^zKy&z>wpyP{ELF3KvzWhm$hlNfx~x zB#S7YfwUh1LLMhlgua_5oea>a*pVNcT4hXzXUH;s z(8@>R*vTiAt=6~j#!NIf4cbr$e$fi5FAT~U#aSqg z3h;z7&boE1KFo+pWrLD(+G})w|Mu6!4Af!X&gWlq8Gm<5V;wDe_=rDehSv*>T*(rH zNg<^M$D~HpWvC9xp|gCJt{Ym7!XWyx=z*6|l}0}15(aT102*4CHDD9{I%SlbS(&P) zLQb!iB_Ri|Cu@&4o>hGi%;vKXHK#~5_XbU%fo@4@<3i>zDdv@suB&-0x~+$zReM#h z-}9L7B?d46)V_U5H9&Jvzc0#If0!?-^2dOSpj*|f;9l(=l09vTRIK9BvXh&XLHgCX zNa&hf0v83&(X#sG`H5_<0j*>WC=i4i6awZX0^&LWvnmjRR)~Whq_P3CSseSAF#$XT z0)zto8@omGN@%}cH7OJoPJ41Wl><=jc{%9ot2wRZJO$0@M}Ph8a0zjFz;+?{mcm0B zuVriAR~!O3Jvp4Ma(`v_-#(5C(G}YIV(cm4lC)`D#?`Bfu(P-4)C|Xb1rJYlq`YCz zDvlHgpFdwG3&S%jUjO>t$At?CE@ihN`cEj0T0R%w-?77v7V0o} zFyew3R#D1af!)7XF-b}cov4RbjO3^ z;^Xa)RpCFwa{wX&Vp%ee{bzVGV;7wJo!%_m!0apP3vhIr6{SYrn*Iqzh;*@U9%XI# zty^qTmxlFM)^7E6GcQ*PertUZ(~4A{^<3MR&>Y&!4!)0j?j&+4lYoFDrT--@U*Px| z_SOM$vhdY1h4QSG#8RXVmG=UU07;--(##{hMo==aDY}wz4U?etxE41oPQpI#z$R$M zI?ynmID!K^`b3D8UyGj=(XPK(IDRW>FbyKau+IUyt)4=ngzbGvf*2Hpd!9tbRa;T8 zF3Dlb%HY%!RF>UeyU43|qc42V@#Oh!!_K#2dgb{G~Sh0H1SfIJ_z!G2j{$?a0XbR@r#7$+p4gp z7R{RML=DV`#H~(u$r7OavY<|6qmlC+9W57la5z~|=y}3CyBCcfPp|ov3HqdV#Nd4n z)cBXkWb-B7T^h79*a09WygvGg5{T>%D+cqu;)fO3Q0OJNL_kiH^npl9g5oy@vp6n0 zk78(nb8ER;LNQZ9QHg2tMp3z8z{*7}_Y3Sf$WA9VO=d&PJ#xnNM*I}uj8CCz(bmh_ zb0A8^71n=L-6Wf^Xy;9LCD@5GV>p)h1Vt`JUoW|M0Bn(40foMV<>AeT$KlF&;Zt3# zZZKuVJUfQn&gxo@_>YPb%3ibaZq(d(ffjbfa~9&Y!NQy4?2w2i*(}H1)?? zTJC;lBzq-?QNX5h1bYTd>cw#J>bZh-QL2sD3)uIoQ_-*T(tFlSPv-z)3{S@Tg*+NT zt95TbePO!1t95OgTz}dxUc*!@E>1wYlm?scSCG`r9oYE2-?O?24Q*Sue3fg_-A}rl z<@xBo^Z3>sEm+i1Pgyg|rKjuAPhOB{&NUbsMvETja!F~?8FQgXi?{|nG$i;9b7$BN zxA~3_Q~@7fOpj$Cjg5XmVECi0b}8~sF-;&{7GxFLc%I6LLqH#F!b{Ov8V`(;lA@Xk zw+d@kWH`3n+F^X@FJB({a7Hmpm8_AL*VjUomK8O@p=XeKA*-((K#(h8E*x5bJXo+| z1Ded!x0(^;N?TGV^GfpLoz^G&E&u-N0Y5plSOxQYMHosf@jr3KB14oHHIhDMx|K^Q zy}pt2H)>^ob)pX_I_kilOlvS=jPE!=DfBvEvB)5M`s6W$R0DPJk}(_?I0~s+dmLQ! z{`tO?At*Iy{d_evblZ|SEw~thrx!286$xL;V#|tMrZu*BQgYXe@6gns(5hsdE3|S> z`21?dLEOVC=Mc9grD7OWivje;6m;+Crzvw{8vOPU+`Nr8jJe36v=^azZlXJ8J*?VPN(>66C&?ssglAS z9GzfA)r*)DdDObiSxfdFFlsyz)ypmnzP^GZ`mfkFlorQb#d58ed_(F*%Rmzp)Nbnx z(cO*u4#2`fVswGPJS7=A%d3z-{o5|(A@c@ zL785CJ-%T~l8d`FXG6qDnKKy% z%xWD+{aVs1GlytG6qX`)O}piz_e_T-s1F4b`641}%!ESQNRu1_;!FP6vQUHMncZ*s zS5u?EDk7X^ytKprVT!^;1vTJ!Z80AsJsCu3u^~&@l(R|!U)mTG5JvgyEqZ*(@56myURYnq->eK*H zyXW9f2c`Ch!;5B1KHWh4Bcl}Ry*AlNJG>DAdlS$))`+j}{XftHkJwQyF zzE4_iHzKXT*moUzbEcx+2^HB>y;C!=@A5KHGVz!?bA0^y_d2I$<@k7eZ|Sw9`d9&s zhN{vNGvcAMe3KIkek>i#YA5)*hi{!iu(1TCBj|2O!-WC1o@qiG~AZ%|d0{?Q}{XGy@T;rJu7fY!at z966?VdC@5QD7nKRzARELax^}#CP?fMMJNguKgY~(-94pD#$Uwn@lNX8!kjc{*$`dU9Sz|s(LMt7u$=s==t1iiU0A&o* z29jOc&UJ9a==2b@I>a=&2MN@cu;s~{YTR;XMZ4-yCAF|-vk}BIG0(nKx+{^%0BCUc zYP;HrUVSyVeR|BOb?5tX#o_hAk+$oQJ6PK%)5oQ&uF)=)Bj+})Ue=?1zqKUVE~)p8 z8KB#WJ>Tg^Hif^4_XleetAqi3Xzmauidkm;QYzHV`=+R|S69;98y+E=BQmd7s&|cp~YO(%=`zt&ny+N#bcqPgUF# zqcyXray0mkhrK|v6>UMRF%x|{zL8d4&tz?uWF*Rgcu2v(U@@1dRp>FdV84Lsu!)06 zU(s$|##W`1YN8H1=1H8jd>0l~gg4Ld7gQEmI{r0;k_249hyTG#K4~)4Z@RINGJ@O0 zT3o(8Vz6BAaY$3ENqPLX48oHG=mdsEqCCDVi!_JvPL;0(KU+!!GlTImtt^T^?Z;4{fPN=t3m(T69_L+@~RHF@3^n%OZSEe7bp);}EnxI`CgqZaC+?jqfu&K#L8Jq|un<7W=DsL<9)C(xWh zO6~;=ZX3h<%wNEVZPUispRV57O!R1;2`5=});)$7q3mz0RD4+;=eS2rfoZAi-V>c) zP*V)2$t=anC0Mws(z=N!J#WY;J3^ttarSCfIy6J`=0wNcTFbJv%)wrllsnP6jC298 zeEvC|rh;xOQ5*Lw)^6gAm(bf79%hStpIw8tOqMqBYrf*a)WV|GQwx=WF;fYu^ASHd z=w2MPPx|>Z(Yb6YEF2`~iq-m8Q08|UyM_`!R!dFuB}p8KHv@5;Xhre+(urj9u1T1< z?2n5yV?6xL_}p3Z;D_>hvY(F+4qg<*z6~-%x8f&~}3L>1$3uug6M=>)@?563*zr|%;KhA5(a)>prvWfrXcqfdqUf-c% z#kgx<2trB1Gv;mwrIZPPW)?r~7#tPP?HsQfJe{MZeB?Xlx&q*Ay80x+KCx#I{58oq z&LlWgEMv-IQ2FAWqBiS0y|{Lsa(q%^xSvcZb8mLFzWt8t{SJYSA$V@sf_bT&fpy=~ zsWA2k_uDxg(7E9j!TY*J$hmjsz2a|p#Ui{EA>us-Cj4r?FF@!SdG!IToq5#-tR2x{ za3O5b|A4EeRqgz@m%x7uz%VfVv~2#zFM=QBww+hwUR~CIRek%D zla#@dSf>buql;Nx`dr3hh6;$fw;3VNiIX#CuGsc4Fb1^21u0;N9eQ;;$|ix*2kSG< zS9~fOZAWggK97SNnqvnzY3X9fYV0km6>HprJqZn*!wjh36j*(IZCb(p!RrW&G`%*o z-@4Gj$+i{PuzcQNTS?8K{n7ZI1E)t!-GHB;Xx=`G2mYoA5GpE9Fw&N3Db}?SLR{sWXTzsN zt(*~L-7y7~N9Jk90B#=0D1h6~cQd4Qz zhc)}f?)sb=HIgtNN+PE;K8~Y{Tl_IcP%!E@La)^nKsJQiQ%|sQ@&(U>2XPNC4{-Rc zsOlZdK$qQNLNdgDpbU(l{A67$mS7H&I#HylY8+$wx+H6Al_Tx$4~cU}7G`SZw*8f1 z8@+i%b(K1n+dieQ!r?T-;milF2u`oVLj?Vf27sRwuIn0}9iwn&N+O~y1AnywLTQ+E z0G>S;ty9&|_y-TGsWg*e5JI@4k7yk76i^WK4X*eg;l@avR@#RI*#vTjot?gIB=kqCJjVJj{3^dQ!{slLNY2<$0 zl{t#cC_VcN`U}m)Vk9Ux+Gx6#7d5h?P<|EyB*yhHq0Zq-8bHGcGi1fX$uINN4~I&@ zGY?o*iOev1iH_-PZ##4fq+^bE=9dnd8Ujm&znkkLE>6qE30CZi6t$`mkl5} z_Lo5y*l-B64zk3+-TCWGDaS2LPF-4(;-k@#(x0;|@OVxQ%8D@g&pS?4Iz9ITZ2@sR zT{7^AU@J~7VZ?-V#N^xBa&LPHjFYHX3OSVM6uGM?2%j5^AWs1*bXvN|h7%U7XCjLD zz0wIYfI&>5hQT_qPzexo)h6a~Qo`9@6HOg>M%Z5cX5x45eI;M5CMfC^pC!7WjgM&9DW)Gz&410$+t91dsxZGy}i6T4$?-b`a9-0&*o*ZZKBy}C~a(tBjHiWGHPZ!ca;2yG6k=+T#b7i zX=T1BNbnmyF~IV7u6$>9#@npjRg^Q41U>3t9GTEr2;PZ|oFgKJQ&aw~annn`UD zdSj91ki&f7tW?h8F@Ff0AzOr&tnwsQvUIe3)74Vbs48Qn zg!U+qBZmwNq^x0O(e%&fUDo;Ehj_MjruPyY+3hQLd$d&hbb)UFB|GI-2JA0hHMa*Y zx1a{g1e^#KFs#!1R~J`J(1AqnUf>X>k%4;G5SNIH10bPZpgwB#G>1J0{LmK*bS!fo zFmsTHMBPhxhoyy2xwA}7SYs)oDZS9*tY|`86ha6bk*JUp(DZ*#GUM;(`3-` zY49<_LrVqo#hHkIl$N-V2lFr$6h!fTOIO73Jl-c|iNp}eAEKaQC?}Ukf!{uB(y|eX zjHrgLEH6?&zR=RN8R3{7Ln6LUPTSA5$Y|^pTC?GpZTl-y7fMGJ(M^OCdI@?0|5zWE zJlCBCJd=T5=K>*Q2?zkZ3&YS0;WDPqsG>ATUm$2=PDFKk=DwEi%!OhEp6q0Xl_d@Q zw7WPCZ>V6b=@Yj+E)Qfdy9`pa8UxdCd#W;)TF-c_COPqEs4I#Oma1KE;uU~1bV7Ou%*vI$b;LAI6gcl(%> zDWY^9;gda6PVzQa3-Ys@n`#lhLVEP(b`Ap(eR6u!M$9H_D5#V*D!FXoOh5U3ox`P) ztm%vmw*=t|g25^ElFWvgE);s5p@W@%NIIyqp!h@G4u`i+AeCb*=3+4_h8%`d)L5dwk9#l9AyUWi|8 zMjNXNqIMk3_~4--gRfR@OmfIpG^KFsyTWuY^^+6qOjw&wz^AIHe4gW2q* zck2r?_w|F^)-9g_H9qXXmz|h@Zt(9Q@5k{K9J|%Q-Ss8sxxiOK&R9Zu6U<7`8Joe6 z$J3_u8@O1`&nu(ZfO=aY9kQsk{K0km=UcpkNwx%>O(VXs$c~F~lr3{13sjbSdn*+Q z5K4r%G{YXA89>D#w-mWH^Ftj2fQlhz%M`L9BSF6+(c=C&f%J!-Or+v=X9PRr6wTNt6M zbWA{pKpA+1@MxLRC(zI6UzC~AqdNBKU-jcJs$Bxi%0n{)?f z+gFn7h{>Un(v%o5sqLv_dazgTr;y6Iy|Xbi@%)j=E6yRN$EtBIqe0o)BTIY(!z*R4 z5;ii03{Sp;xHj=%m77>^se#GRo4Ig*ecu~)l}-9Pf%*kD4=7giFY}R+{@;Ly3~c{- zM@ZUM?2iY$cjuLgTBRJZto6(F!yfJ-CBG|n+eM&C){9KI52_R@5Adq}+k2#LfW-fA zhvl`wN;p$C#!S?4D*r4x!lK2;qSeO>lbn1&v?BH+ZX7AQ0;I)2ZGI`6;4^~RZOJy( zU{P;?qk8I0w~W}i7#3T)Y<`AwYxdf!W$mA0C$h~SDc+Zbd=ycbjWZF1?7xt--{H9k z++M-pN2CIJj$;^z2}Tr|(PBSR{5pQ0TtK>Wsx5ivGFPW6G8tj(C$A|Xrg31p&Kh+w zv*uAY3ZB@G_mKwUb2h4bdvC&fo1V}IWTdkun-8!yEt-1*zjR#`odo$ zn1;!r#y9NS(=qYrl)KW2i%HV|NK5UO4J^+rK+Ox(wu%@(Z$arf88Nx$#dr_~ae2Rw zh~f{OCW*spgdB?Ce6)FJtVeU5xUj&!uQ_3ybEK$K0)3XGeO1OdT7f~yw_$mou{$V`C$Ra*fU5fUL_(($wjY^4AX|BAv0uY7+-J{n;lQ82AKXVWdt zyh{^JT!W*Zkr4hkaAv7nOFf+*#`ixU9b`F^f#hoFqnGO1wT8cs&YBDcfs_+<;xj0b zjZG!?8P{+jdTihV?)_CL(?BHHdrpv6G6Z`6bxzA*02&}y7f0jsaR<*m zK;7n>tZz30&c_5+r+Lif?GfAJUykZs=;VnNN(o}BVOa@WaVuH`IVaXr;iR8cA>RvdI#Y^^vke^5jZ?4O4QmXp3 z_(!H~SXVm%J`~R0*vh1OcjSyhFGi=&X}^Fw5x)ukZPxu9Oa9j;|6}X?|8YY3pC%;! zp}$#*{@(TrgHyWe%nX{yYr%P|5j4yxI#L$P{CwR)@$G9dIAj#-yu?XkbLo4NH`wbS zG6({J+inBf8BDnO@M4k<%$*{CcI7DwiGG&B0f_b|kRzX7=aa7IvIoR_I~%fn>wVm- z;z$+E$)hKuI$hGXZ;uyPh`zc-?962O%#5||)7odT*nVPx#wYX;c4MIE}Qj_@8AE^a57r(dP=G1u7t&Io7oFsnG30LP1(HqaWJo3@izLUq|~<>=Q0< z?se(JXyx`v*)wo9B*tm-l<= znuLXls9=FAYM{I!t|T%&U~v8I2d7koM!lm-4#^XN9_hgY5&^YE3z)H{r%Y^Nn^r^M z7^i>bb?rzqau%VTGCE{GdvWGQE$wg8PIr`^r%H%37KI^%3X09Nt8IpKDADhmD)?id+aU7MEK+SkII8M)jlH(sNT~XUi*CxNX^= z;Vg(YBR=2?3;?nP=g=A+Gs2z#W>RS2%nxk3?{}(M!sG zsOzc4qy};%olFCGij3m0bhs>17uQ5E&|0!8yLQgpsbDSN z{8HWh_0!Qp8*(3o_tB3hItWyovXa=%lE8}ZeI|)`8!3#*USz5FRM5FF-bU(R>2-HR zZB_*M9@!x2o5a9b08dr)ZGFDAv*#A$_G;eYro%&glFtozV!;Ach=}a_kG*3ng(Xf` z*u8FuL2%+Zyk|;xh<$(j4|_GR|5ZAbE4bm{{+lH8$Kluk2oS*dR8Pu@dmz4dsJ$0g ziw03*9+X%r7Ni95dXT$w_@Ofsw^u9oV$Pd}_$oL%%@5&$~ zq1*c~$`9|C55SlWETnG7TE(8JPf5(i-yT-t&Pn0q)CRauf4~dz?n~Kt@yTiT#StvFVJIk^TeZ4>1V1PraQyrL0gMVTC*x2x`~By z8@x)wtxmw1D;RgzUV1dHhDU5#c0xDLGoP4`$WRTCihns=0Z3eU+lkaJ)4240b!s z=kaT_kolgI{T0m|lnp?0*}r|L&M)`j24?Kius9$D#yJ4j;$gw)LD4ij7R{ zfH_iX1u@zO0iv33lb=$m=&bntK7B!J5}!bF9xvo699F%zoa5@#N!0 zmw-=Dw)|s<0SQSEKJP8eG)ILd>vJJDesFnVfR{uZ1L-tVqZ=O^@Wvh5B;MO_{GgvQ zb5TY63k~*wtn=nxgE4G1M%L(|<5 zTC`NvA7K|$rrDs^0%A^_CkQ6IxPpKoND3F7BFtZXEzbD4<$O&7#UGMgoSZo=UGYe}}Mo_a%_7`fhma%^~|8I)81c zs^$Bv5>0yp>0X4@vI1kNDl?EH*DwANAAGvc*@GW_843V@(lu;Lq>*npyDDEvk~o=G zOwHp{ero-5ZdCSXjhxM4kOEI0@0!Y2cf>?xd*M|kfKz0jZlZw@B3GH3ym?#+Hr}PO znns2KOU?5uuBzb9XfJYL=ot{K+o%KUn$GO=T`)0?85j)mgb3OBU-*u_)AzCF+um=bBbAV0v znX%PMxY(x&1qQ`liU#ocD=O@d(e4YM&)1OFt;}p)iY5h%=RA%P^2|)G{F%5Mj1o$P zg;YkO6O{kj)8QUFS%Je|csI&9rRbvd6h&@Kh9s%}4skNPV-MLsa~QR)8Sn2@T~)cd zzgW_}tQr-^SnPTJaWou=37zCUv9=rXr0bkvg%nk>EE7x2B(cb>w};A=_MsH8su*S8)|$$AR^BVeZSshHYOza-u~t*4eta@7No8;JEhWb&JcL zRgjCCb!gjn+Om$PBFoU)o;pFh|69i>p;2 z?TCx9B7Vzrn-^lrI>ss!_D0b)%vQwNFJHr2_~$8v&^~NaqhR7{I%E zX!jAhcdYR5_Z&KC+ugC#{#@uRtmBdH78(FSL7VO#-_4ty#un%RV{7or zLg>vG%rlRwqx{Y#31<;y_$m{B*70x$aVg;f|oP+c{%Xmr}C@^AhhBq2kk5+FF-L<?E!BFS{_MiS@uIh-dPkqRt~Boj4B75|qlVv^y6h!7NmUy3GI1z$*M&o!Lx zPnQC`EOgLO!#I)p%fDVsPK~bM>VEXJxG&+p5&5kkMu(sN0|iJz#)F8#BJI4 zkOyd)DY$G;If*gz#aVzrTzhb2oUG=WW%>~YqyAmm{z7FkT*N$mNHP*L7gQ3mIN4u3 z=!f67#*2{>s_ZO$G}7Pfj|(w#QaJ%CmHYiv*~GcuC7&@tD&j<)E1MZ7eDZX`dy zY4squVtWpYbU{=p@!0gR#8%F#XN?9Be$h=m%H+p18MRf>>|pC}rnYI=*yXj#SFm>E zA+Ei6+P!EPybE z80-bHDT!jynuzk#E0Dc zOD#frFxBT0i|6UNYA%-)300Dz`fE@JgMwONK`&6nY-m$Q55>7_{jgm%y^yLi0J;W| zLw`E4xv=SO0=4PRTAhQxgJcL{bAGnplXe3(@cQ1nGzG8EeJ7lP6kWcd+_PRARgZlM zH-|4AZ4jR!4@*LGLws-Cp?h*^R)h5p$@US*s8USQ&| zoM^6SAiF^6x1kh`NUg2|tzwEg8M9hS8M!=RP9ol1A$(1>2>fObG+)e5y5}_#L_oUD zG!*^zd;gQrD#H}w@#WIrq7=+~Kz)&Sp5Lfg8r;M(BT$2R9?6Mj8&KFApKmB~ZN;gX zY?(h6h{OL-j!v8@=ZCQq1-6v6=nsF0isQ87XMh|HuXdreta7E!FLx*j#P4sikL7d^ zcC7n?M6cphu^%n6yd3)!YQDFw)jNsN*)W;DX_?0GBX5J*cf}L} z?TX%;!W_W#u})*aYrA1Qj@dN<%E4PR0SmG<1kT%evAa_;RtB`ts#s8U`=%RvYvK9IwWy|F?H8%fDrAF?0Oq2IrN! z#y^#*?`j=BLVmu#c^6q+4@K;OHm#zP1rTvSpLkVK0=Y=Bi06WryCmdEkJ=s~giQrK9Y@qK8Vp#ewI{>xMD5;D6=(|CFYplQUiL%ou}R zCqLFunZPK zI6=AX9^}c9Zhn1q{8&R1pbP=Ai^gpz`89#iDwGTWBFulqr`wMQsYB7DYVn(Ta9|%t zojn0Cq$UPWyla|TOfw!t7DHNPUTfv%gS&#*Re0{#sqS~a#C8@v4xlE%~)3>-#*R&Oz@no5#5(C@%GCj9%?>q&$ zi4JCapvLCCGLyre0-R=RpD>pEGn7?#;Img2O@N$^4q`LK$x4?KgqBq^qIT%nhZ2KN zInM*+np2-o*rPM7Fte*M{Of^Jk|Lo`E@&mCwl%9TW9rKTfawGzQX-BdSkgod-ZU1r zXxX%A@~IMIHmV}0a{@GA-ZhO49fiTC{RGA1|s|$9BOnhG$t`V`y%-Thv_Qm`M zPl{XMDO1m|RxDFoc@O$mho z{pIja0~Xq!I1r#71w}#9t>TASLu7v@QyRQnAHEr^@>L_<&k`-3nlVZoNiF~ckmjFO zm3<0o$en@)VCO7+on}Z7`@HN16{#OB8RwZS>7KNBeQGWTw(cUwCSehU#0_~c{9SWd zui0?|0~}H`7-)u;tUF=h&YgGO=&35*85k-na%R;(rU-x1N-}~bhByCx{Sv+Iw{4<+Q_?F6RTKlb9%lIe;G%l1mAH#^t3nC5XEd#{V#byrWwEpz)P~#uXEON(CR+>qo5v8%#TN)1XvjaoWPx=v9x1*F>%kMyAct=_CWQ4N;R>J+@{WSj=~Jl%?MF&!`q z%3NfV0fN?4y(?7Rw;bj#MaV4}p%tejrIY%1=`;OYP%BP))#jLV)9}#m?)Lr4k>*L~-!>5<8N^K(5@v zqvbSVgcF9l_eN$Ik#l)R?R}>X*fpZbNqzJX3T+l&CX6Kj<8gE~6ySaFnLzJs>`WKrVg4l-T6 zYm1Jjw*~so@28`@j-D+Z{Z&Y4%EK$lSjVp!%4>I@eL|ARNWYsm$H9#Eyv_!4dsSvH z0pB@j(-XScSuiqPrTl`Yb4{*+oJO|ylw1+lVuPy$+hE01B_6H!U35Q^ziI zb;;+2vbBjxQA2k2Oe(-mlh~6+KtjFvBD1D}M2|GNyst&;V1k6wb4m%6t>lux!n3W; zK3bw(l9|!Wpg6U)I`4O0k(IDccIP`gK}KoKe_Jcq{sr}5WB&ibzy1U2(V{Bjl=Tnl zLB+fXjU)dU;%~%hkzLBu9AoAw&WH=tXb{-|-CptS(;{x#XR_fw!t1XZ_2~Lyp++r0 zB|JCf!RJk&+dBQ-wn9U&MKrOBz5u0yn!3u0i3E$P_S~9>)-x%rFTkDjYkm$1A%-LI-uZ(&-B0;XHK& z7-FQ}wXcjJR>K(KxMM+KbfAVua%;$F$fpHr`Ep`qEUN?)nd!sd1WMPdO0WM~v!bQ) zGBs9tcGX$Sw54{vq~miV{VoDQ6}9GGK;Fc(nQgc+>)oxAdR4+Cr+m8HWw@0_kx9x; zb2{RE(#XF1M}R~h0hj%U9YT7KqrDH)MK7{gLG@Y@D42Bjazd8Ww#DK~(qu%Z=(4f8 zTxBEGt823``V?@O^R9f8Qc6tGa2B1wjZbq6g%E^bm*2AoC~e}xs4{G2yzi}FH%n_2 zD`jOO5N+9YHOlo91^%FE=`8Qp$7MB{O+y8k$wD4ED*LxImQy z1i^J$*v0VE$@-uD>r6Tfx&J>ssb~s2-_AB;P65(_K&$J2?g|o3E6xlML9|8Ah zq2TWoDy{Zi(^#-|*6~8RZxJrWI=+kP>q>Omyis7ekuHsv*jTQ z3!sTv0hm24KP(@C)tkI*8RCX)^edZ&f><8ih@**3G0VIhU#jN`oaX)eKC7E|co z(FExh8-en!R;A2Vp-Bpc#hA5x8f3uKh0MGP$z_QuYp=hIuN^zqd%a&?y+G$WD!;s5 z!RtN~wf^Og!@&A~n#BHZ^EIrD|1)31!1~`$UamAZZL!(@+4$Zz_-G_J?ZW^P@zegl zsYUQMF@5zkBoJ8Y0apOyyDw9kj)$J8b=Fkk0o}wz_wi2qQ|tS+65L0^CC9{A-)T#? zS`?^gAF2|=SRe;OB*B&ZBg#+894qOhbSw(TiQTD?7Q>`0rugO(!_Z|b^gt{mQV|qE zhnbRA@lZk*A+?4LEdo4G8~I)I&dAT=B2#1-56a1J3{#fSd>62>%nlJ*lW2#7@hlu9IJtk*tMaBs>7*yl!p_EH8!~F_N{+KGl60nMg zW=7%)6wyqK%21(uVInp32D_#E0VDFps-d&?x%6iUgjeF2Eh}c|g2#t0jcsfhyi(xg zDk3Dk;){IWZ`h=+x(>33Is(bEd_8{Op7*EoYW;^B99!6+V0g~APB^NTCu0Ftd!NH+ zA{(1hi#}^=k{Yy|C;Gs~{YQ0s(EH0c=S{{-$BsW*wV_Y#FJL5fh~UFa?4l)8&Eny z)Q<_Lf(^cs$@P%H1+5WgHX&|5qm$sE&JD(SkkC(_g4mIuUaLdpf`g}BcmLGc(~r7} zxyPxdeSjEcYN8S9W(qzFe7Wal7-n^6dC=&n)V=cA(`0AU$F{rBM#`2xJCXQT+qK`D zlpLEoS(VsOlargX*Y4N|IoYm*F;hn#r(5axp%wI@CP>ZL)V(-98d$AWwk8%NZHs~P zQ$c@xVfpf)?@l#S@nrPHMLq=~i zZM&39yO+<&r)n}BEtcA+ssN|>I?2Tls3-Gz+YlP_2>HH7PAe&JW*Mph`+uy1+pTAVPN!kml`#N)~s5gP0YQw<; zg73Av9=rSPkmm0TZq0kT8x+7OyMcf!{cVhW0PUG>jOt6k`Xb7V590O>GhsWGFae-j zgh47i0Hk(0-B&o^BRLvRwkDq~qK8!IW#ATy?OW82mM?Ta`tkb`vQMdTJei3&QWL7k zKRo1_?|6J8MO-`mC&Eg4+>N6M*iHpRfEbNRJG3feF;?8Z&Nx zuSfex7;fPv4yFH&s>3QLCy){hJb^8dTspdfs!BM~JbP8oZay;NFwIR_ACInZ@O_B4 zmgkDAix}&EZB9+7jzA&Swk}h~Zv;iH{`u`dKzk9zA+vG?{pq`z@X>%_nAx%fE+(Xb z>5+hn0{F@{ks|ynOc`zlH$$R9#HG4p`0dSVwGXyaXJ>!x$FD8?=0h+VssP+%;<2uc z)5^sJAgo!(GTD=?`JoAO!A-opUR6;sshsT|CEH1Q)dRa<_V4yKo)vf*kPCu{p1f2WyVVS1eiUEfAj`o{%+GtrLVRQ`2TMeK`uJ7y0%PBkikE#15cQkZ>qM2GW1p zyzZgA&K@Y4cFqZQok_B$6D$8o@?n78_N(x2f2gj^PUk(V~x=bxOL3CXpu);HJR@> zH!#Z0=FHw;eY`#1T=?JXe!1p}D)MBA0zAQBO+PP{Lz(-#{f4(Z;;qcf!TwkG*U@!7SEXI4yM#sQ zYY9~zQTr(jYqEgBv7-nB%?-l{ zn&PeMU-20d;%1FiWyo0;56H*({xvdfKjsK6qnhRUfoa-bIv<=l*?@0GjE z8ncc{Y^;hyAw@MC!-EhR0&$wo1v5 z@Z~eL9Q*t4k@4o7}gamss0nBT?yAotwUzA8R43Iv2=fA zT5EM5E0epuswny%XU@pFz%=xJMGY&8c<44Im= z2>6g7qMBNk7K$VlonJ3G>q3Mi6ER85KH{z&qf?h#dD2Cj;i7b+eA;ojIT6$o;i{6t zt85CA5~a$?ma-^OwdnJk4a9~>56swl(&~(?ue(87W0N6yC~YdgEz{htn|#!>Oz*$m zPQ)bz5|sg%q$JI?e||f72C1!T+Yy4BAuO<7aHhj)NaU+ zOz*<|RUxveH2^2O*b(=h~UvcNbdJ0QLFxSCfkyw*4oa zw6}ORf^^C}r5QRog|!o}C%fGDPxt~{YrCBw$L*=Usn_t_+`JKPg-`lXk%aLclJ1(> zz*u*r0S<}Lzn(hP#~ofx+Z9`(ZS1E}RJb!jxnof)yUm4ziV1%7A$nDIZ0XooZA~-S zFHmbhowTJ5hO2Eo&U(KwMC`WLN%LH&*`Sy0pH_p(jHvSAAy%Z|o;e+#fp&xd-Ni)C zMbb}15QXa}N2u*_8dJRzke>5>Qg|#-{l5aVR>188dG%A0qOF3impCP4?f`nE3Kack zPh(g1WBcQJou=}4&^r{lPDFTF^>3|bqukO~J=Xmxxy{Vb)*ej*GNv!JqWTBADf@d$ zVOT>+oXxqJM1BFQkhxzihK8dM6Q7>Z-$_Uy=5dYY%6x7Vnddn^{%+qze z;IQIyK39jBc)R6NFBODHnIyqDyI7e|G|=#60{Kcp-8|nM9jiE43a(f&k-y4*PT?_c zHk}kRC2ykRo85#&YK70Y&%^OFzi|~z?r)w8N0$bMf{JW9 zE}Or1A8|4vW)F^*?-{>w{G^phSpr0};au!_I7}?54C;a|N+ajau(t?*CRNCruQYuE z`{90}i4$KoX@6CqxsKmH5Qle`)zZaJ_YO#NTm$LxG#SX71(I-eo zh?~G8lMJStdopx=nYeO%q8ksf6d)jcM@9p6)WyaD9TbsM0BUjtdD|p|(4fj1l&K&V=YIz&#kiq81-{Y~l(|u{^seAhYdUzx+ zTUr7=av)m6zAj~tMt;2^cRTI$!*CJmLc)9%de@7!=*O#N;bZ_D-x@BXa|e%O%t-7;p-@(bS! zM22MTkoV{YZ@-RB{_3u+Uk98VxiC2{9KDp;h4;1UHZJ8UK1}OUW2AH|?G|sS*)H*4 z)_W%U|I@GY{~OBK{`(Y3%l}^Q<@4iz4q4I1O%l-A!koxrk_q{dAflUFA>@k*6Ugbn;e4{?^U0}uuE>_QARmc)IPxWGVx&#tRvIcIdzf!S1k}7th%7@8 zm%pZAE0WWzZwqvz>oTxx|1S=FYig(ejMtAVsc0(XQL`vUPV~oH`gnUvU7T05o|GyX24YX3IeG z%TB(C@p#63$Fi_TITz`R2YVw&fkb3q`<?W*C%xN}hFND-C0uQAr}d^wLFOYw`lK$RwyJ-0KXc17 zfa^+v@`qXkc#VcsY2#+m71|oJy0Cl0;Bm=QDSAO#JT*9JuF%r)^==DRB_^@ z$nI;+ncOY2dW>EyPzZoFEyf56GzXoA5JY?dqUlFe!l!oq+#gO2zYg#IJPilW-xZ~r zJw^zjgrt*?=#ztSY_w7PX^vMB1IK~5(R(k2H<$O5LGa(qY4Vg`zUYr(XSsKXo4D%K zQlT$JdzU+YK?&YxT@mNk(*q@Ig0*U@YV{zcKpRroOo#S3KEF#I{9wFBQ@g&aQcNvzd8 zbvt9!8bN(S#bEHilb^D5ORN-jKzdfMFhix14b(kS1fisS>I@_$*BGfdO4(F7!f81> z%uaHbdits>*-DMo&~{yGb!U#u^>i!IJ)6?+#ej$>cz{JcHOWPlP}o38)>~(hveVH> zsZBKMq?-5{BYF!Due^5=YSNjaC`5QnRrdO7P5yP3GL_oPmD0;7coF5}`mtC3YYW_o z)Px|Ak;w$bu`H&F&4c1br^2}rT~I?}G$35RD%Q~|chn+Nj(;BeL8)Uj$6O<`5-jhL z8?qRzyp#8;8X<`4vtKq-taL1VB76KC@FR9i9f+)hX-V&haR+^Yp&`rl6S#3>Qs=Qk zX~3F6_F%iku<|)y`q*{B`fW#1j;gK-uj6Z@PQ{YJyrLKsE9G&ALczMP+=r(1t@+D6 zDLKU)Se&RKJH8b5tGuN<;qv(JZUw>vs_HC#=B`vPCWV? zFoUyxjX6mU0;`CHJBwXbcq^+XiiTC&2$y?} zah+xP<&IVj{F%t>fXn*nMPrW(;Xp06%{5>7K5HxUXDECOb7*m~+wb-!18$j*8xRH!}*us<^cr^p@Q1^ z@O)}P1V<9)O}S4vpelno-?h9R1X*}_L||MIVs=Jk~ROGj$Zu-M3KNR!bKYQD7@IYvj*@c2`lb>RRTjZ`-m|@WKAx0hkwRHc?;Yg z>LnV7=(m-@Q^fdwS?XDeJ}(&j>M~M$L6qI^O)(&8uEB}BiS2$MSd79NCgh&_V}7_D zG@8Mt4l*Hw@p;3hE=IK`qgcz8e+f9k|C$^{Lps1k+X@nGdpS0YHt*&c6GbyD3oKz{ z*yK#ty42KprskZZRB7gk&@RP>#9vwbrx`JsQJ|8@2KXi0p*jE8Ihv2lv^QMk_IHr-5UBR9@;lC7-Y`_qfN7O9#-uLJ{!W3h z4>EB*wJqH$sey*6PRcKEeKT$nOrX=i`V zK5UyqWgi#SBE0}3fF|UToq-OISHBf;m?&m+JNR)t`@L-e0GAK zvKVt$YO_>patyH0nBFoZA+c!DUPFICpN4V+obn+O_n8eA4U%J+W-Rvfk}Q=*mV@f_ ziwB}N`z^&LMLGoP)3Oqek>mZ91NFMqBDpH(R?CN7IQFZXg`bcg^i9LQHw~#&Qw?+` zZ*TL67YcHg2p*#@)+GGWz2QOUvOc z(pT3oKF|@Sg-R7oPILxQLOo186N_9^V6Z5iVlFqUJ5zQ#c?+DQ5RxMaL#7hSsfU%? zsOf{nN_8zs+r!;XCL!R*$Wj{B5f^_Alh?f7s8HL2&nbCmjn;Yg(es^;H} z@+g)|v>q#sRVI0XHvI7|aftv>ahs#()51YfN_p}MR!OUG*BYVJ`a@xBn1!&`bZ}RT z=T><QPgoG7NN9oYi`-*UydYv z2EQ{q&5GI%CMQ>me(+kcRkQo#fn9Aq&qG=)C;{WWL8U}|lpO2|rR)UdQa^0z`AX+I zg|B0iyZ8-o)F4MK{ zxy67A`kRoLeKe2{8K?yU@r5!7C@dw^K4K78{&fyRpX30DiXW5W zp54)6gvJGeg+N(!s}e1n$43d+O)eAJL5AuS5dO=eD^Y#D;Nw8cW1hz9Fd+DKH5rj{ zv>Ro-f$ij#Y4rz&6P8&+8g4v$(j-f|gEUxBfJZ`~i`6magB~$<0o{`)@&y#Lh?8d# zB06+Lx1egL(1;KN0Pb_N$rfHPjSLVtN$dS=?(?T{d&v3NBuI^=ps^F%ra`Wf8+AC9 zAC8n)`+xf5PlpEQa>@6)#n-Ao8_E+$!GcsU33${bH^)`xc2P_+GMQvyLG3jM=V{QJaGztIY94+VT6-W*u4`G;?KY zr=!n;;+;GDop|;Gs?-AWFb=h2OiP3^n)^YQnW`C%Z|72|Jj8+40q4q3`?1|~tJ z!4U=B&}Lgh2+;n%%^*~*1ysX zEg}QTxbgFErf^0&7*QG3+L=p_NwcAO+M29m#{-VNg=b0598lW2*w&V)4=<!zV7r$x!Srl-Ni zzF%wm!HIywIyQeSmJDBB&dqJ$jaC$A6S0_aKEaB!E%6`?+*`X4W7RP)2Y*$b69FY1 zZCq6si{1nUL}T|_kPEHy*KOXVXj8}RE5vzMYDkLyka^3D8Z`@j%?(@m19 z@1Q$sCJ$r4oZHhvXuPrK*Zx4$h}vLh0Ap2wz9&yCuAu91ESV|1KZy z9mlc{j4FUkvUQ)}8FGm=akf!Gq}86orv37y;BK0mlys19q8rNxIN+$pzfIpVG5t#f z00+~5hpU#=bnLR|QG9+vRW_i-qpbS84--l)mTPi4S+kgJRD}CwdwvSw}*#p&<5B(SyCTNP?V^Ij}5 z+M3zLU&%|$U>~dePUGGwp2E<`t;@SLZ!*-tOof~s(zoGU?6D+`CKq{eP%Ys)a7`vI+{-k5FKl33i8Zi|Fp}@WA?E|7tjqH5-AwAA{D4*y8qNJV&T+Kq z)yPMYU*4r%Ziy_O&BZmOZ9#3Px-edRqFzkqRkwjdD*K>S4!G7G)B0nTP@=0+oVDW! zMNlkuWvVx_p>jZQds^$3D%UIZosK~@lx*tDt%Ht~LLsx=V3GP({3@H;!}*pSk!#F% zYYxUk4(g#8U`mxY>($?%RYA|W9E}dB*?RDbHLiPL+=1NezHoFJdqX`FNTkCz#bcW( zfi4)6Z1+I~5x4~`9uG*k**@IbKI}d0dEq?<6a3hY{G3~9^LJseA;y-K6`D0S*T?Sm zE?zU!H9Z=gYxmle*+uq#&NxtVmq3O``u6EnkqJujcuREWdwfc=T-o-=wUj4Bk5;J5GF2DN~0 z=8r$z-@u0$VLD(wHDFt_j_mT=jcd%gB;CAZzrcZ^UcrG46OvdOjaxXRMpGQqP|6pj zmDj%#gi~yU#<4U-m#jY&Ea9(kz%N1zcZ8n86ugo_BUjR5paOX+g*nL1SJ95&0YSFj zQ3gs`zzdF8=!O&x@k0KR5J}q0J>CKFS#AyFlCL_%RdqV?VgsRU@v0$6dW>C)-{w0_ zi4XCFpDPWWyv(s}?+*m;d=Lean2cl~&sMZk6bGV-1|++XVWH<1L;ff_mKh1StL(e= z-=<2R=KMu`D=TB7qKZ0G_oZ55(O!X|Fov zRb#Gr%yMrgePlLClhkpLLYU%$Kan)Ti&73MCf*6CQQys>`HcMa}}dkpY9|&W%bN)RWS91j0lPVCu35L z!74&_Z(|7-m7qu;h1U%gllcu9l%;qd|Lm8JE1edmdp@tq0G!Od6f$d z^7iEZ^xkzbxmx!ba--LaIl`S*u|$LBmq{7tvDpaAnPD=Xw2?Om&sTlx##u(<;QYAp zPAxp|$YYl$Rj58u7BJF0TIswaYu2=eXnVuVPZD|7!Kq^iR!hJl3^a#N;;s%rMuNs` zmv?8>*AO%b&=yYp^4r@NN0-omlf)furT61OPk@GX&q*j6tMvWPU|ny|TkiymiwR2v zz;4LIsk)HpTPLF_4G_n0efOjwn=nIHzVoPoPG@ z9&I-@*=Z!|%i5)JLX;0E(-pZo+R+oH6&ZCtpAX_{y{TTEFtxU{Ka2a*-J0LgZPVzh zH#w?*-@JYtjh{zhRSv$rMHauW@E#srU(fE_=Flm|VD@BlFo#UledNNZFdRO+7jG^; zcy@Lr%Da|1PIb$@3Q~jWtvp;b>&rD5>^=}_`quws9AJ|hOwGJM(^9pOYtAg5N#o=k z22hIGNA&<9LxJDbk6m@=&_=sNV(_xV&N%c0!)4=k4*&wl77kECh99yRq`GUrEmo*! zCYCUgwX`lH0&IqwDot{PR;S8U|MA>A__R3*O>MSeKHf?b5=Pi$&GEi)Y|ykm6(b>=UVsoC=|Q)baO|ah zyToQ#$@z>2E>MVR&JnxFuY{?YftesM*y=Eul#RryrA)sVsDPFX`xUj{KY&DCU6hZj zBU|awL_rf(BC}2}#~g!91hDuV{8yqO7Iitp%y&)$jd=BPGY|}?#tajaU%eW~zw{Ni z6a$RoWdml;eu|u|)uTEzni82}(m0EotXR3w2D{lOA-ftUA={SHuX_46{!Y*Y<;Bt^ z!;u0MM?8(f%ahKefN=u>e(&kv_hJtnZQ{15_1IA%JWCwaCnBYDQzsh*fFneR;- zE2yi@?%tz(kUMR@)WUQD*3KMXLTJTfEg$z4$MC~lpJ8ZAu_x|(rz9E#yX0KZL^1)J zMrr3t`kwK~Za1|(0&H||S|<3fDayEBqYz(0U!WiZm(^}u^1cY0efoJ#29XGGpdJ6I=>TQ*qSLW$J4S0E0L6T$E zIKd}v)7uUQXS%7;ARbXL6Dm=hOQ{S#jOQ4X=nondP)3nbgmbOMU;o}}P>O5hFG3|@ zMXtpJ(WA)wZa-zhFIauW`1S=pN{cILF-~X^3p9W1idRjDeZE9vKpiRkJQU3GuA63w&>v;fD_cWI(v9EYfUI0Q}8jkd={ zojjc_T!g9mqE5UwR-IE9H1b7QzAtctn;Wu!Da)9c|ILNOz`^!k%dQ%AoqsUJpTr9U zdi{F5sYH}slza>vIfq4Nb+oQujkO3U8V%iVL@k%3JA=OOv?3d++!GPdC;g@7=RXPI zGr!Ydo<(t=J!2jO4yHruxI=&lyzOrHB%+fMa$(4khOl9N&&q^;sAfqncUvOvNI#8k zNDnm?{E`-Z75+7x3y_qu{lAHmbuQjVgS>@nVa z_ZRv(^mfw=o`_F=N2$T_oB>W>I!LD5_uvJrRaalQ1NXcxMs8t02_GUYTX3(?yajTk z-DB}aSZ!a2xxEXrsD5)9o-Jo`)36Jh%Z?W0i5QBQ6bsGE29HRhSm47Voj2OdqKXD? z?=$3QfB*nBIX~F{w^W@B1Qa`)`?%#DPm9&0X@wx+nkWiD1Vcr^#gyntj<0!rF}VRE zZNh*h@N?T>w(yV{iBG7&ynefk&KyOo$*O1m)obr=uNju3tNKpcA97TYO!C zdUpJuoFmOt5|Q90)K13b`TLHmYM#mG&-AIQNnn6CvS)Uiu)mXcOQ8(AMLKH7?T?Z}con*ixO=6tpQ=cPT@KhhwU34zmc9_KAbL`fAtIP*eO{}p44WxP|vHVFEP}y8Lk^8)I zOQTi9hiFR=*lkbuni!EV38`F{`+?h%UO8MJlQyx>NsiGTo-J-vt==~xiudd^NG^T( ze97C+yzRL52O!rGotc)-nO05A$BbQ2w?N@eubNguyByYp9f(>lHkjtl*(mq=jOEZp zleO1TAH&Hf_j`o#?*k3>i*-bgyT<~1T`@qCO;{$@DRJqQMd;LEK&5Iz!eQ}e2yyFk zRnA&3;kPqS=EsIg(q42)1{{GTbf~rMx_sId`I_VtQoY_%$pw%rnJZ0ClS}a;fiqOl9%x~}IQ1l~GKrC@^(c6lkk9ZH8Mi=|V+>VnE_9H% zs?eHi;{58oytK3PT;~}d&kt}L!r3z_1$QY}9K7VTY-NJ*?A_i$jb2_}M>UG^ZEL*L z1SxFT+Ndt~-EN`fb@GVsHeB!S_P%7K1qBJgVXfIa8CP0w+cY~~yX7S_M3J-b?2@_R zYd|@&3C6>_m>4!oRJQNQ`MX%G?CSs)99wU~>4RC>CaJtY!+XJQ^Ss~DdijT#=VYbl zJr{UP8wj@ZgX7Q+uNCp)oYcUw=|+u2*C+e(ch=&bFIkr~e&KwBL-rzn{HO89@*fNf z?DYTFpZH%S{jODIY&ZB3x<6E_erfvPwlAA5#n=!8ki9e20b+S~r zBtdP{F3p}Ay%#Pu8P7NNot|qoCDM;HFEJ=Wyl~!vEQA8MWNLSFe%*hBUG0HxDxT$Z z!-%oq8?6w`&!ZcA1vL|mjPi~49wDuaMrk&=%G zdx!Qk-n@JZLX93<4Oz@%!is9wb-lU~KTFzo&2_U_b{1ZR`UE^W;`GXZ4}B5>MfUfP z-prk`C87d6OkUOW2crK>^+^}>ihmAn(~T3%;T~FjqF?M5BAJftS^u82ZkV9FcH1** zn3b%}wKhGAt7(7%qUBdps1%fYRJTyc04|YcB>1i-k(4iuP`V}l;hU5xnV*axw6SH5 zF0$VW7ai&S_EGwvq6{ zJ(`_n+AE!=%P-~1q_RxK(a><%N}JCOSb9i`VYQ=}*!C7=EC|t}_eN;1(~7=u{8?>$ zl+qpZd{l5cI@p$tA033_1g=g1w#w8Fp~DS-_s;9;*>%<6B7_P{haKD+^wA8Ywr8mZ z4M9Sq04bS`ZZ!WP%$^k%HFhZwQZ4;Zx^pEbVF%KoM^Gb9oP>t0@#AY|;cc>R9=~oj zmN!ByS7dt}b~!go+^TO}q)&xD)YAE~>FScCRHiK84f5dsJuot>PV2Lz+-A4_+pV5N z7icc9rM|NY_EKQ1>0uO8eN@|NC60H4wW-DOP>Ddir7Aco(-$lz2}q1K@SUH}s$GIM)AEV#vV$Uki?AHO<%!_W$YBc57aU z5dX94g3YB~4(}9#DO2jGKIX(?QAr*QQx_a0Gtkm?WxIPgUM?o|^i!0KlY$|~};l1o!iji0uDp`tCBX%r|EV4%PN#Y7#fuOKM?QNMd{ z+d13w`nmRO`|ta3u@jyR{X)LRu6;3+sy}Y1hFA#@*+>J0icRs>eJxQquqy#>POGe?#s0wciT{n5piE(Zh zxbL7S8&&r(^=s@=F9Czq{4jupMaL!%>FLBMGS&ec&+}`BK)4AWpO7DCfd9h?%tA!j zhKwltsQVIaY*|U2Ea=Csm^L;$Q)hY%$UShJe^&c#^CY0UQ=whSGgH1qiXL@_!wpq< zSUI@XJ(`i;RHnbyC^5tYTP9UmVr7ol3 zc^(18V}bCq&_r#z&sjtP42e2_KItP%L)g;b=Xy5S9qVm(pt!c>u94It0guw=!Zz_M zGdNXl%ILh*?0CF6XdK(D7`v;eOLL4RbKbY7^U|X`Gg5oJAHoF_IMqHc#X03lP1qbP zQolwGra=TLMMxw81LeR>jVh|)`((X-N^i_h#NDLopC4&28?7s3p#XO#xH;AZxbC5q z)>iT4I`xufDr#?mYX`%zu)UE@Itxt0-qDtm>(R;R?;eTJZ10uM_Es((*JYWh1<WXl7TWXqA5X5xexTrc;_H(`T;HOXw%p_xhSuqtoYIYO43)1O&X zQYhqFLj+5Gde;~sG#1YrD7geVvzSL+)Y?Q+r=Stcx#2q zr-7(*5O`O+eK4vFAC5W{X+S@fPY=E08J~(r{imVF_8*5H8_R$DmUa9;o(@)oUr&cX zQy)Gc)1a#)-u4OTc?YR84~)7dMg$3$AkKL5aq;^rS40wZd&RZWdMRj_NbXo?s4M(! z45^tvLd0W>Wt*4SMD8ZWZyBT zz3h|5Y43z&`Sg?YbZ+)cm>xLtDUvW&&OiWg>Adx?y+hLg1GiT&#Hm359wnyR_&97S zeJkqu(EblVd-hB+lLeURLeW~!IV%5T6|^&U3O13J8olcaE{;-tOAbSfD0p+f@Hm&} zqnT^_6m*dWon!SZ6KJY`2TTVfCx`P;D)Jg@^6zbuUX(mn@a+gY$6IN99I7zEdeIby z(NF=X=*>cvB+FH_q`{!(T{$(?-_&&1_zo#-tze^!*P-J@Q!`s~TeFkxEU3nzcqoT#!HmRwgaW=0d~KXHwFpCBp(B#~h8#ci$<-WE zK0F}r;>7?!Q|Zk7mB9U1#;nA6l)EdqImwIYX4dNx5^v9-PQ*k%ItzJms%@v8G1?a) zF#?h6Z!NoVjG^kiu0*^m@B)1iq;bOZ1C9G*JCU%-Z*Nqf+~yXZA^=Dbsmw}Uzma!; z*Z1M_=H%+~Yo+638?JUtE=fms#wC8>LS3;E#TvL=oC5YrMr&xDVXi&)!ao?5_#67M zstrlsdMNxKD^&4lcl=f?_VfCJIv6LO(#Go5!twRt2pr{!y0yN~h@;WrYe7QVrJRr*vmI_A?|%cFrKs52rq>J8C7x$^y#uh$g9)Uw*F~ zN&OB-&~~>FR{!T|v`c{uWL7gyWg%H^d`AhcCsN0UK9CjkKje>h-V~G^>Q7fMw~iPx z7h^4XY2`azSL0F8J3U*l7XtF1$sOt?H6cvAfqCL>iuqYFG6HK5(O|s3Z#I>5VOb0bYprOs3sVd-nisVX0-M1vS;P)^USJdjLX=MYE z6C{(i>0~yIYCo6cq5ZWLP0N*hM|KftQ{|iecG|~*@PY$YnrcMw5*Mk?P{wbIjV)S3 z&71~{SX&wj6Xvrx`KN?=AC8iI?wCj#?^$s%SS4;dOEW}Re(Wk{utlhmz4@gR|Aw20 zhBrMzM)te@9^j5OKc3@nou3|nY}T#u=^2oxQUxeCgW@gNFT(KzpgqpC*6Oe9laQKS zTy)YEyTJ9}H+XskV7dP^=s5oODc}EV0B2=n{BH+c_5Y9!*%7>7RUy>$2!Jh9P$(ol zDB?=~wq!C-liK(f(7=coSmieyH6N9{e`FI-Xf~jZc7xba!-+W_YQf25rwe62_E(PY z4P(M*#|bMqm^$2oBn2sO3LGJhXGvUmIe_jD#-j(_49C6K4EV-|AfT6fkC`4*R-QsP zR^g>qVELqf9zyhobLpv+1eT?P@iRC}$ zaiGWC38eAsw>xsZx$;+|C%N(R9;hBF&K)Ki1+`=m;zEAyhspm|NNgsa55FBcJ=}Y6 zcl!@Nf2gL~{*5o8u~F(~Ps~A%BhP~&Q8XRG6h{<2!z=HYg<`=THx;%BnO!P(~N zL!APPe;|SY75U0RsQWrd00Yu{Pq^?Q4Sm0+eTIp%3K~NPQ3qx@W(Irz4v@o=wrcab zn(9Q{;Q)eCe3H4!6wEUqR${WaTJ!2&UiaF-+U8trdE{yw zUo6s#A8MA2okWgB9%+9zKZ9h`8HQFCI$=0b$xb>81Pllk7IftS0mestM+5!TL6pYJ z%nP7ruL36Y)8vOCq!KKIlh`aH!q2(mM~Ne>O-#|ACCUW=`H)D?&eBUl#FNY~d^}nc zl2w*BU5n48^*_$r6wRu&2B*Ajg}6OesnCR(+NjCs4!7)B?HHf&z+DYBW_5l$aoK2V z55=O=Qq3WfCYy-aZ@CWHl zF!1QL&_R~=BbrQVH%2zxtm#&#N;SdGozJ(t$^e%I^u;#W6Jf~1SnK z0_g;(04?G$Jrdek@8)60c zIjbyfW#XF2Kd2jbszQ`DOgDv*im0nRz8t0s6LLwk);m-rycg>`mBQt_0NV3b+WV^=HosTQGk zmyWE1@=U_9KunyLUP@lPL0+AP=c1f#G~Rv!y++yn2C0L7YH57Hr+fwOGWhJ1b)1He zv}1uTGRp_sN2aju&K_KLYQ{;r=DNOAK)*eNfrnf$SsnNRjIKja{}0b8X6FA5D*C_A zsoxHq|GENVTSLn6SCIEys@{oDD?#9b;EA!hFxps>H7DyNM1>@nMJh%pi7EOkgLz5WcP=LSne1(K;gj_V?W8J71`O0Sa8 zwniD=4;4Gwhd`^C24Sh9S#{vvo5z_ z<|pqAWz1j{FMT>sq+#xjB9l*PJ6?`{FEQYiGOfbMITkO1>^Cg32KDr~4R?h&r^{fkGMH=uNufOQ+0k+-&YOIQS$B1=A|HN9OKxrze-ncK zIXx%j;t`T7F$vn#ZpfXXwlIn0E6obP**h!;%?ojS1Ws1sy9K7K1M4GtxFrd1s<-gomu3?TllCCKYl&Bd3PI@|_Ey#E<7tw-8 zj_RSb$bfd=N8mBFG3!M`2>T=IUlyAXSc~S-LvMA!fxt7yCyHSUQD25D{3p0 z9*Dz(4j4nZZs~nohPI%!adD}{8$x!nEg@8V?qgRI4$4rb6-9_U=1sD)vqgr2 z!zf#Urx?K5XIW$Hr&#hRM|De|Ek2(vTALSoqV>zGOzS6D$_hM^jeK>Dtt#MSLB7~0 z2}QsnMkJ^G@l9K}?8i?trMPT>?YD zu8#&OzeLlkg5A`>i~IfT80gmVRL8Cw*ABSch$w$9?e{ya9flJGjltZ?fnPoh_$TrZ zV%KzUCEd@a_Dn&8$VftXr&su8#K1Cx!oiiTfaDM+elbawVUZJv{$9)dG5P_kMEF6d z_&O#VzoZjtVxa_w+zDU;Nfpxs_X}Qz#$@~$npVVNoJSSn&kkw8afW{l2WC2+a)TLHD*OR@=$XYR;*=LL;a## zH`=Rst6C@4T|UcQn$?~vR^;LyJ#^Jx2=G*4m6Z&py_6)5 zG$X>4i=t0}LqF5oomz?C%|<{&!LVjBS3rLj;D$Twbss`Z84xgN#hh8SpZlCxyR#oE z+Sv$vVirW$U_q=2pCoGZi>=ekqfFQ%w*~K#Qh@EHhWuAg94y=1yonoDeoq;_Wsh|& z2(Fp3`~dGdn(HL-CW>or34)dcNK`a)AL|;aGsXb$FDv9ShhB(gYWEud>WlEZ(i;zK zNP_#4r~pu(i2iG|1v3N2|Ah&vVr{-en#~90oN#^>+S0=svuIMM-4P_M%1&}+6O98YqF+#OWXwb8~*u?dk35fHFp9)p#C5vd}GIy=GCyFayxcH z#Jt=KFbVA3Z{vD_V_NkOk2w4e$zCZ!3FW&S((fu#dElIkT+-0!)Y+m{3$6ox(EIw# zxfeb-43MkgxO17HS={}oqts$y+8i|&8Vy#P*?5^h6a*vGlE*{$F@)ikN~$~61cB-z zLZDacW2I&Z;LK6#bapPg;BOoS99LW={BeeANrB`hFU0(joWDjEgL+QAY&M>i;(T&2 z%!NahupDhwGR8e)*IDeT1Q578b@yZ*x@&j1WzK3xvVg-`b;Z!`pnMAwy)WcumoYtA zt02R(|MwNm0L97lr$V1rwhd~6Qq9&KVwVQwAB-vP5{?`t)1QmIh71o+-}*M+*N5Zf zuP^;ayFZeI=ib3O-VKg*i6mDoXpbfaKm5UqJD^UQe|Vc5?FtWfk|qjcqVcL4>I5>Xy1Lrlptahb zM7FBBvaLS8FCSw*VOAa>zA&R^yiNwlAXSG_hF8>Rz1wTS>40gEB+aV&2qtFW5qt@J3jalL57=ZmTkt>I?TAla-g(1aN;x5?uTT`#e*%z#{^1*vh0 z?VL>5=2ZtZhgz3iXprI5`m*u9`m1#ESb5T9Ul1pF_^0`i(<#-w88|7z^*N#Ri4z69 zP zMbgpaA`xzyK<)1F9iJ~cBkO+<5=_66;s3)t{r}loSsDJ9t(E1!M*UA~?Al`gkF8ZV zfAmF!DglWCupjUh_}A9jx1SK&BA_=lGj$Rmb=7C@H~DL8JxspLa@?u!2K?M(5gW|s zm0uE*WHKru2%bV|0Au`{FRvGmB#t6j^L^+`A+D)Gj-m+yr-CLRh#V+Kj!^6ZL;-4G zNq-f>-f8ZTxU&RgtdRktAdtvU4q1@`gOoFKAm}I!2~X)Uy&h~qW~4Mvd*v-OZFP>V zfDE4N&!%n<$)|+|$=}!(^sP4U{gN3$wdY47wG-s2f&`WasX#@54ync9#@z2xJtru; zwMIa^Wkq_211bSsF%+lNMFcB2{#8mcmW(b1M~DGL+=Qxqa{&360~#xlSWE|?kPE~C?&8T#l~=-kVpc8xzdo(PgMC3MG1LT3{7)lo{sDcr zvC~B^vnzV)V8L;3i!|q&8+!~|^>+|&^FF2gTn&7bmmV#P-=E59$EFsngpNP=sy-=$ zpB4-7C`ajuT&3bnGcYX*f{tm^LNY)vDkJrTNh}em4S69HuoO_i*^&{kQmo29p!5b& z2^Q2m>(#9116l5IM)?omFHgDBIYTf&*?{{R{>6#bA3X(TVmbb_2&GWeHuDAB4 zLKT0QF}gR1D^+5WnV&p|%HEIQ`}_O4vD*u^RSq<10z%!S;Vch5B$Kyua5$mvwyG+G zm}Ht#Z$SF=Ec)qT6m*SDR! zkH^KAH@7#_Q9ElR;uB{K6Iyw+JJ(E0=IF)(eRFR|YivMzgfRRm92Rf58VP)#)@7C% z8}W9E1`4s_=G=x0_IyLOa%^aNqA>7g*pb;)(d>L(3_~r$u>;=RFh3%VYNiX3^jTZ6 z=qB^M%g*$~vs<2Hq1sR*dO<)|tkl$=5^H$gQYZfpr`IQ{+9{5KM$m}*$aUYQ0n_zJ zK~^i*Ml%suaLXC7ih>gmnJBfNW4tRvfQL~Lv{?S%_7n13>>w57;gBu6%sCs%+x6L~ zg44*(WQN6hLTJKdk!9zUWoi#)yS@fN=yMIgjl?O+MNoZBekWI|M#(CO8)=r4K%uQn zQG=-WJp}nUVcEN~LIW=Lk#2JojQRl(F`@haJoHDF7 zt{Lu><`&7|w2DBAF{6gK<$WQN)rPc3`4qqZtI6bos14+ER>TFl5DRGetTE6g9{eNk zb)iEH`DeF>=7s(+RGjU}iSh6?uqTf7juNkUCR_5pAU#6Gtx>$hYP!lRRKm#iM8ML) z2MFNkamS2<1P7~5X=JpXmZd5H5Mtxs^a_!JWO4}dgn0s8{!LfU-4Mo~EMh$A$ck2T z`Nu-@dM6F)Y_#UpYs%dKJo%q}KHWzmR%b-bky4pB94E3da6g+(0{zwwD$bQ_c6m!< z4CHk^ckr1l+z47klMk($`O}dZPDzO zLGF8-jRlx;IN*BN#3l{s^BEgN&su90#1EO{z#$*S^!($Y8dwS`vutw_9!lNgB|7O_ zN73>FklqOg3QSG8-{5k+;vP5y%Du^@v{VZO(r-7UNJ#EBL&dv_YK94XWRpW!62hH} zlg-a!!fR~TkMVxhxOK{?G2n+JTHUBApta{rt51}n7*FN7DFkIp7S0nB$aF-qVh%0I z@-cq$fdl!*p2Yp3?j7YLGAJy(&H@kOx10=){l8TzX{B}TF_ z*xUl(p)_+yLQP^d0H052^nP#R(M`6GXPk)@HPc%qRwm9 z@Y8dtB6e$nIFdu2oV=CNfG8D(!q74>fUA;MX3hs&3R4q3NCe2OKZO+4cQ>-3X@{yr zEax%FS}b9~i1DGu;g6F=G_~}5Tx=yWM}3uBHCOw6m~SY)T2;8f0QdRSrkUMX;}@# zrLmhC*Rk3buTj9)#l@pe+&{~5Rg2DM`1TQNtse6oO2pB(@(RDJyp5^1d~0{{gQ2ar zSH~Eu5xsp0c%lrxz&AktlY;6}I`yhpSEux9JaqM+5V?qY_<*bd)bBnEIR)}2fvp=H z<>aX3T6EQrz?zSI%b^dieI>|qt?mYc)LhoP3S>rYPlB5gGzs)YHq+8FZD;H=(i@yD`nTZjDCU;uR@GERY@a#Eq0@-`DXIv z=JeprAeh}E;!X;%vl3E@EJT5-fzeKM8Xdw2X1i`W40Va&9EM_{vdmA95!N3#}YO{-h$&`ZEwtm*w8ipf4w;qamZXzr0PW6P)EYodvIiA^VI z83K^k_Y>usws+6K9fEn={Goe?shWmU$GqG_YQA2s zRTbZeaT+{H{giS)h;cj6+ionP`ZG|$2z&@@dmqe&RDzn{>@0azmaG>5xyw}b$(Q8s ze6*GUoc^r+lK@l1AwHV33X)|@ms^w-4bu{+(LaJw^wD!7c%m&XgmWEw?SW^-ipTnK zeKTm{jecdj`pWmy0$BoV!;W^e_ya~|nOV2{yQ5vEUb5J1?n+$XLNO_&)48AM6(@I( zb8HOxY(-ZQ5U-|NBR#3Hl^fAia~ntEPO7?Km{wAO{H=vG2XsJ-q6;o4!iR4SdVg=N zxyFx+mrAPP_njP!CQWV9{zf`LNhu;xe>eYxO*GI$oHPNM`eJO(?`X1s{yrTuK{e4< zSa+$hh3Dw=n0#qrO*c9P8%ZcrP;=;>JTf71%(V8_d{dr4ex2_`t3TmZbJ^a>#DU6D zJnj!IE`c14D3wzoCroB&loyC&8YCS|GI@NHAnYuxgx!`BBSKl!6cK~7iLI{*LQ$v{ zzzf2)=~pqbE4Ks;vPYhzza4j&}MqEHsTGjUhV4+ z!TNf8`@+^w>(&WvqvKE5c%3C0AER!m4x_BXHmeI74nT$CV`M*&DYE6mLn=pqD1!c% zU;a-3mH;;GP)Ynu*u!FYWEtanxq)>wlYW9q1<50M#YBUDGZ-up!VFiVp1b@BV!l$j zA`Mr;liF+78OHJglz$&Sf|DfqD$6=T<0Dg*34*>3+P#CAS1Qap(i&)ne$QS+;h!3= zQ?+KRZ3lr4dm=a*xh=R{>9ZOj{1wURYa{!CF(A%!>(^)>b?ep4}|pT z4a=fCLbcvy-PRF1WkNp>yS+CEF6g{Nz>P7N1`fjo-SX4ubH|11kig-dv zP)-UEXr6TmrG`>@mh*gJc1-@I#ik0qJe6xdtY{4F2x)sQa6NFsBjdQT2sH9ea|qy~ zgA%FWfxFI3BpdSjxLdz4j7}U*VF-&(~<%f^%#Mgyp+WE!f;$a zQNSb-_8X}ki;PnM?G6ZwUA`5oN25$Zc01qfIi3YMa{*wWgp6~ricH*oe&S?@i);b=Mfv6~mMy@xTNzXtpK(cJR0ZlcWKQL;!d1=f0DBt^$IYS{-) zGnjqZLA#Fw>Xy#)fF(=~3^7S@+?9AwNn<9yKyJHPIz?N}BcJZfSO zJm4^p&xm->=s6dK<)Zg&2QaL;`N#N~3p02#y3&%J^EF$Ftj`EH-v?cuRZ2Nt&=dhE zO7BZIn)}^wlCT5Ec3<^^({pyjQOmN3OynC`z##aM#>AL3Xivi-eaIk-0|e1*5_Ckm z=HR|c7yaXRju2UwK4T`RJ}X^&D?HuML8O21a-V-M97l9R#2y-oAW z*jxr~s}|LE)lKJu0GtXVwroDa*RJwmN^&KWb)jCiM7Qay1N&q1?|Nrr#Gp|-GSY^0 zUjUJm1T{4^Eg2(z2ekLrwU-a%Bf8C9ZP)hSr!ETs1WL`|Fn!n^eSWqwsh?5{;kx^b zA5`T&%(pYL)sVrPFI@B+@y!K>6e4ytH_jhzY+T^UG`pfHk3>1|ue+P;7reKvw@l6T z1Ka@{*fpp$l*D@i@fpgbq8D0 z;%^1g_B?9NKR)PNpnvF5Il*aEsOsO9*eH4rWF~s!IXT*hITmsr+9atw)Rk6t$YMD`xv zxDipQs@{g$qz!wfW)&F=v$%OltsIDeB#Z~$xZ(Ujlx3z9~@$g?9Bf)DYsff-SLnW=~tuZE%%5k6T#Rdly87X)67!d zqe|>dT}exlNHtAsXd_Z^B`$rxT4NWvUC@6SL=xXQ7k19SVF9@0U|)IhelT->xQ%m< z3iTvSVe)X&ismH6Tq+WWGi7k>Y5=wR;(cAw_alEW-L#8yQLLLR0I+3u8iV+;?}4ZypO8ESi8l>K4m3+dLq z^<+Ecd3>iO4(YpQ*NYK>X}#-bbi0o0yZF_a`=7_^pV!dCo%eQ+ zp34{T5)lk_`ZH-^%Rf!w38K8@Uv^YJEgRRwVZWJ?((Gi|XbA{`9)uBMz~2vTakqLHituk@vND#!1kjsJwCHU<;rw14hR&awzm2k+A!1s+yw&p`Qv{D z?NJSOzKC*vj)j>nxIyfcT&rZN*VXgk$z)=s?=mpx*{ zxL__)$uym}v+#6@X9P<<`r?k& zWtkHTENWAhBdqN!5ngB2TjAUt)T<%}YTG zo{*~1*mifOc9Q1L0$tAyog^xi&FHVdODsk5iK~^9i8nw7bc}AlWGtKF{MRavzi^?U#v?7qXJNupBr({UuUzw<$-LDAVB+7U86%w1Am6GaX=t!n z7tyjJXWpNqiEB07!$lv%jPC&xo|7 zgyL&JSCuQA)~i--sTHh*{?$UKY?8C30+8I2m21+MtEb9FRO8Ig<=`?nd%j%_ z9Q~}6Ao_V6kVbTq5_!Xdzq}dh$(O}Qx=&r1(oN?yqYQ4QP;^A{kcpQ)J$OlRqF7RY zPy||AjI3ySD?0-~oWJl@*ugG{ayoM0z@e=*+SZ2=ZjuG>(SlTk98}J%;bfizZ`KA> zgX~n#i!bt~veSCb^py&OL)VUS$OanA-3;FrRB0F`gFSlO?n=k}KoASeimU_l{bSyJ z8+dczOvmRK&-KIJdUXm{29{YW>dgW#qVLKADad?V%dV8ZJU0iG0o4M*5{jZ}(h&g& zdyRbq38EgbbVK%SQ%Lm~YO%EZmPGa8A66(75bN|btb=v&XOhC)_IBh-Z=nl>uK)>Q zL<P*1RfmTP_U~u6z1;+|Q2l96{rh*QxDfN5_!O8&hvnULQDsd*g~MU=OZE zIY6NT(U0MpMO@SVI+jgRkd3m5z#}2g%T%; zp0^C#eSdbbVXtV0N+P3^RW=98Wno+#gF%G50}AM^Oo>F(S4Gl;O*Xi?AU?*CaRZ!= zIl7yin$ox7M0u{d7SFi}pYd-F9w>AaP~kuPaf3NShG7u?W%MK4u)^dClG~ zZc*Z~L!U!S$tpVDX6fqf?8L!7tx;5_?!3H)2rmcpzY$}t+jjnD4Bne zzt)f)begS@jQyNzC(uoQ!yg5r-cdqbwR-!MJmIOWB4{YCR=$rty%_VbD z*REM`?Ch(_x{T(1^n_I1H2Wq}R~}@~n!1+E>}9pX&Q$>4P^=u})QLtl_?mAviT)ax zH)>Ox4Sc$=G)1clJfqiHBd&vb2q%)8)+}S378V{-HIT_4Dm=GA`kG?E91MX_uxx zRi%fgRynoelpMf8&z*`|QFT{~ADd?}`L0d-G5!QF)_Q=BbGd+5h}SW1juCt_4%uVd7lB@Ji{!UGBaBl_G-r z15ciLzxtn)HVec5IBZPQ~~vcLG9z5^S&*k zR71nZ$626Id92!AAQXw8zPjfEUN(2OUfC12);S^&q+qt2%fqwlYKH z(FLsBhQB@3r;`gwof!Wr4BpewI-Gi^4j8AIzR<)f__+)heQ{Am7#Xr1Sok~)(BMr% zY<6AJnL#RCJe+Dr?VXnqheBgQNm{u}{<5h9#s5lr$eX4D!bbm*G zH;A7^76D8WUhBQvCwM(_CrG4DkQ#D5-kqNuXrW^u=6qwLE@ZKxXR#CXrP@L23S#c1 zZYVQpQQ~RSjnWUrj!)uu&N|nEoiV^68m_%?f`aa4oi=%CrT3Ok!pGf$ww}32&4(SQ@ukF7;sv1Io>~^me8JgzfZvWm3R?^m^au z=Dbc{_M&uzg$fE{vjKo=s4#nvq0^%_)=cu4z0UN&lLF*E@yei;qNP>p3}=Am3G<&e z_KSy~!-%m3PQHph_bU6g)@;h@MmF$SVyl|s{W~4W5UBO#z|w;G$3`Orm=I+mkxs40 zz(C1k_b%dk`Ai3v`jz9u!IUh+lU;c^zjyJlUHVVX(s7+XN(%7>Q<_A?{|;6MQvY&l z2;){ujr%?4Yzt<0TyPEF?LA+VAlQar-G)lpr6%;&hVP|!E2c;5)mGr*`uVg`HqcSM z)g%ZdNVYlUnuTw>u9N~Fr1(j%8^$ChnRjWAfP^b%~j{Hw#BO(0^jKBTP zy#xZ*a+3))aB3*3#HSSloC1Wxx@cT%UCP!(Abnt(YIT2nX9%nh)F;@7z5aSElhBUd zzvaBu0;rW+=I>+G)nhGG4DsC$!k#%9q2F~{7aitId_jql9%!~R{qF8#W zhlj^fSsIVTy$DisY++iOIHzit$BZsA`#m7Smiub zmPRAizi2n?xn(eZRXxI7!VsO)J$|SjF__F+$+CPSuRRZ6R(OS@!jCgIpTn!cpLy!U%sid)<1lYC3{Aa zJ0RocDj(@VH!L3NtO&@u>@f(aCR5!FdUk73Lb6Xs znSGX?ea+>b^xQW2_-Y%QERwJYinrA3W*8ZaWGHq7S2mEJr5*8l;PmYqs=Z`*cGV76 zU-uuJwO}_^m#CpN%P45e=0omh~4$YvTD zC7GD`MY0;|rVhMLGU`B}@$)Pxy10wvOu2=_rkS7#uuRbiwSpPmn6GjVS<&qyAdY(- z%-XwL^10TjhEa^8%)%b zMuOu^z~k&$h&mw^;Qz5xj#tQ8&HU3CAQqyAsTROA%gUld=Sx7_`SYU%= zzv|adHl(NQYEcisKMubGz&Cuab-zguyp?9inC<_GH^DlLF90DEiovc%$%XqU~4 zl&te|<3`$ISUC~)+1>JiKNVh^U9!NMp^M>5xobucOss$Ne44&tym;J4O!8ISFq-C; zGg?YgPbx<01Gmd?EVAUHyiCL|0_EOH_V!3L?aA4UkxGOvOS`Ko)(w$%C4O3ztt0B3 zFdjVVJ`z~M)5s@(IdXTk(zG!BlWgY8mrVm7adlAHYL>U+p8v=qb5*iQZ{~KMAV%)a ztO0p*(3NifA8Lqh#quo#?FeKSJGt(g5TDrt7fk+!n z?^KA>1HTc79ERV6R8{oPpT^j?%&}alC}g8@*t6**lh>h8=LQEXw=meJG4WmxXE+Rk zQNgot*{mC#mFum)hVW)#v-HclJTwQn4*tj<4p`XQs$>)1^#{A9Ih8k1B)O#qi|F;8 zL}Gl%7?X6j>&sF|=+8wH*!-m)vb>L!AxIdxam-#nH{Bm@{4p?FEI{=f1n^#r(gFlP zA$ZIx?(j;5f>0udgNK1t#Bo5zrh$q11oqF$*mTosUmMT8OBGd_S6gL?m^6Y7*C+#F z_S=^m4!hQ|)(e*gtA;ffehwy<@i2W>x;0xsPZ(fgArdT6#0myu;z17=7-KOS>f^iM z4<$lQtOn50A{DV&Z~p$b(j&5lP``3w2cfC^F>7i2eo*jH7^K9Qx4sM%t@CXeKt4aT zA#EDa8gO{9LWTe`m)W$g$GH#QYoY}}xzf@RkPDMC!GTQn;6WMeGDyzd#jQr7>6g@_ zH@jrPG%t{O`Qy3MnClmHpx3)Bss9uhVh-I<$~$(B#$Z7&I^=KrbB2B(scD?5 z(nWXtHhYdRO2B;$UmF4nz3NIBv@#&NTInW?W?T`7cN@w6M#GCh9K5j3utp`EnNd*s zB$-Tm?`p}$(Y`UEO7dvv8=6u@dH4mAzv*`UpXREZ|7qu%`P(7>e;qIkViwlUCXPf5 zV%7%ECL$(AcE%j$K0QAo!>8+1Vu=C~ z`CX`d_TRYp`8%)(vYSxUD{bM~qpJaZUJA~=;6AUDl9tFZQyez!MfK>4A$OL@Bgxdk z$TmIiIc&Xm4wC@O&K%G|>=Ca8WT zcYfGjtxqqkTAYLHs;YZng&Eiahikn1h#c7uFpw~Qvr$Oc;?Q=&M)9DqiHT`|{VKPL zBcrc^ZWRZV5J+Gvk;WZppf}+zr>GoOC~q?(3f-iU-0 z^P~?H)4zvD9eP~RBanL847Utu7_k}QIkW)I|WXZ z;Q2(KL}o^TfwUfbJGuLILd4p-%+fPjkiD_qjECvplokv0RY{8U8X?$wou zp$O5P>KFtZayjp}De$v%PQ?u3%1YL!`RZBp&z6gf4Ag(+l}EeAvC5Vi@XI%TE>6b2 z+Po(6qhMNGs{{|Z2$ESM*}Ud8;rBL>oX`o3+KHHy$Rj{@rYVAqk`jub%G&Yc4C6XR z?#ccWG&b$1yWtgzfbr&4V?XS$yYn!~#KM}$VcKkQ_Wgg|jSxVT?v=oQ@WG>n)g1CY z1~MZ|tVN!5baO!m&9-WtrUHM3a@;?ypVy8z-;%qlJwC*b&r0t~gY2AvzIgCae5sUu zi?Q>Ke7U*O1R6o_pcNq{D*eW-lyo|Y?z zdVcV>$W*QY`BEJd{s}6>k)_F(^JM` zp9)8^7#Zf0^QQvai3^GXF!S)MF9{QbBUSbyB(GpCUp7Pb)y(us(t+Ayg3uf*ZdgFmnfm$g1# z+b3>U-BH!t1Jj3+__ii&u!&sXy~_%mqhALJPM1V5s{YBX55Rx_L5=)V7wQQ_S5oA? zpY^uQhYbe~IDq=QqTM%48<@!sTz19r(`SRW4W7NKv%&U(zG&@`kZFn{QRYaQ{oOlG zcw^X*y?)|OKKrm{}Ml91Tt9VJ~+pn{{f>5!lxsKf3XIZ4)Ek4jIIH7CptB#)i|~w>Sq7op};B= zv3$H#+k&uWwWaOYP_HS9^aT%GC>VMQn)gS8dO2cCN2>~50ySb$wKMIcLWMwm%0OQj z(Me3iUK!%1%y!oaR;Kd5?Kkde*}V0w&~La$3krjq1I|9+?3#< zzw!Txj?~#|E1Q=AFQuABXdvI4vR57bHqn7B^i5k)BXit*FVD`e$T9Q*24lns#Edfa z7r*2#56*9H>d5FIVd7daeOWDBPbw4KnK=88wB_5Q;TO`116Z=si=B~YTx`)-FUKE^ z1@!lBq+Rh62}UH7YSQ;-e_s7^4S#yu%b{pQ4S#d{UB_H8#0d(ul0e20MT_+-3YnL4 zzOug>yGT4pF)W>r(~|@142BMVShuXXhYE2x-EbnvLESnFFsc6=O`b`B)^(D6;D&K+ z!Jbk@s<>(aw1gWBqGSb$)gCw65|GJ>qj)KtGn&;MQ(z|#?$)vDGQe0C0CWGDWb|RT z?=Pt!C>d?Hud-DBFQ^Hm(&pjE?~O~RO-49@c9@rMFeXy?kD!R+%GI9Aa-D>_54e?; zE`?7^^9nraek8a;9oAc{G%n0xxRYqShdx`TY@FY{6zX zo)pIc#zdxBr8va)R$`QOb{tNf4V9Iv>mgaWj4%C-^C*;CKW_)+@1KkD2e_hbmjQg# zyR+dhYCY(e*Mm;b>W>)|&zX2DhND1IVou(;#QE(0nF7_+^OuYlJCyXvuTK6m*nBZo z1}-Z|ice7Ol*j)_-unjT{wsk66C)Gb|4~@5Ff#r3#^Kt!cK9vG-wu|mBaa~|ECbl_ z{>Vgx_S(4+Q51+aV8W|2ixMQ*@o;1x4}1;nUNtI9)70yOu;AkxUTqV?j+{=@u}5fS zf8a|-;Z0nHaTHxh*{Baf*|E3#Ym3pGNIB4KY;|$=SidxIr4A64tR<{GKq9Z_Gv9eS zyD9vVXH#2SLkP*HdtQy!zM%9hPrG2&(I538{4A$zEl7>gG1}22gZY&LAymennWp>` zwAXsdv0%lc1|UtgKp4a0{E`eN!DMS4?AYtmhM3Yi*sLbwdsZEdLb`xBbzGz#lyVXZDo~C9iS6$ z3awH}*uMbZHvW7RUDL2t_TlOE91E)|PCrryijN|e)MSWt`hacXqPGw#F3PpMj6+kP z@98_SOfT1s?qCmdZ}rNRmo5=aq!DX8y-}#|t6oFnsN|;3p)VBf^=@(3KgZd7CIQQ= zZUI~FdSpZP;cc(6OcLp@i2DyM$a%!wT<fwh>lxSdLd=Ftuk=&Gj2V8ffUoSo=tc-=Gk`Qlz~mH6?e<>*eVzAJz2@y` zftZvQ|0yFIx@Pp7V#2Bfjn*k%89eDs!x~_pX$-NEd?o-BAvj4N(2$o^#wTX!HHO;7VaGO8Y`?yXa0F{_(lW+ZhRJ->%A6Ae0ljF(iIGL~-TuIjOXlEW_f`Qx_wkticr^u(tY7TQFF$AP3e;atXXsxA} z(;sfL76@8O1OPitE&n4FlIX=?Nn-_x!@pVuQzqFmx_POVJaK?jmLy$ioO;k*E_$uN zA91YP5E`gLL$myIr%P@Ui2Zh!FeI40bP3dW$Wdx`e9RT0)b&hPjwTf&DsWIMXs2_s z)}NTDvw9$fK2rz9-H?g|Z5(IXqXGPs)WVQVsoD#1?BEkNETMBa$BpZXKrwO}qL zSTKcHi;mLk%tQ1o%JMdUSzCx#OYP;=2~l8j>LQ46CvYm;Fcfrch~~FmKr66Y2Lv${}rhBmj`$APlq>e;k%?)FWXcoY<9+Sj#51>A` z@IG&5{MfpCrqCG!dKZswKM(~vUjX}f$HQC$n6ch|LBpV1B4_K=%{)Ql)s}EcgfQSA z?ZXi=C@bA*Z0kEgMGnzO^K;f85F{(x?g?l*VCBe?d)5?dtllnng&l`}l)265OwJfbAQf-pv zz(+DTX@K8-Q*WPqOYdrZhUfC<#|$}5*bwY`8^DG2bZ)j0s~u}Xxt+J@e=a5t>|54o zsl9JhQbCOPlhcZhDrIWfHlg&& z@~T+?rAX&yli>T91FPT2u~Y=vt-%#*egnzmt14iic%vi+$;TJ(62l0PbABRK@TwIX zlxpAgsAOp!qJBv?_4_UGzYx9?O%4G`zk-qx6y`hj{h;WHmUb$Nz-uC44|Abn1II)+ z{L%wY#K#QtQN-1dFpY7t4KGLP81@%!G^$A#kZ4|RK#P}V*cst&P$3wANnQQ?FxcT@ zcb*)NS~pxA&rlP3XOQ5x2WEnBkMR7EP5-QMtLXq#u=GRVwz-7!K>}V3TeK2k2I@m!pRS@6+Wp>_vo#>q=l#*LG*`q za-_tqla9&QAu(%7uy>)iH3N;WFsq4s52sjf#s6X*OB}n3kms_uxHl9gdi^m@n=z`@ zr%wz$Z3IeDx!t6H^2wy6Hf1mjvlT|fo~`B%tF}z*EmoPDFsC6m~gf9isnD0uAp%o!|mxzIkMr9S2{T&4HyZ zU{3djc6ZsSdI5(Kg|g?HV@Qxkp`hEytF1>9>t{zNKia4lrrpR(qA+Tbqm*q3HpxZyfg`Grwf7YU_wX#=2z_4M~uA z3`|ECk~MpcMHQBD->l&m1yNPlik~Q4PN^m=RWs{I1ZGkc$rcSFJA)!BmkvWXQ%Bts z%Tp&uY2>auMf;mW*>^QU)Xlhypkxw=BSg!G<2~UrXtPsNa-KDxk5K<41lA+Y1n_qT z_&re2{grnU?8)hpOcBP{MR0NETD;M&6gOJyIngk_eybRyYk16o&ma0E46)3V%(TXM z(49ehlj~3#(ia^%y6TdVLJ`H(;#{qgPFDERIWr%OT&loNWB#p8FYBO{H5ZMKb#kl? zKd7DQ4<>{g^o%jkA~yz}(1Fb+5jnP-__q>BZ5-1Df#=g7YZs4Q;S^_WG0UPHzrLO% z2P6`?gtf?EcB+8hbZH}7UlP2%mq5dInE2D4Oj^BHgA~54b<7X%}^zZH2jGtPxwlir(rA1?Awf{gk7 zo^`dat!=%hG~T}Hy560pF^5De&1r02&17ORHrn$=qZG^57Cu)FgKuEeSzE{a$b9-A z9xIqzowH}C8(t@fJ2hWNVUk}nYjzmNaL{9dB0q^z+dY}mb>E)?dqu6|e#h(+g*jT? zxZZroThr}s+2xWs;h&kY-%jm;_O^m*Yc70iVRs_P*Fo0+0kTN+Y5r6wQnFEAXR8^I zc4y{bJr{b+Um)ypTW^FKfM;=LlRNbJbz8lt^#oibGi7NKb;JBY1FK#rNAQ(+G}lab zNt~GknAis&K#B=XU2W89I*Rr1B}_vv41EY25qMkw*0}%JojW=?kCGr)OJOFN1atfw z$dUIdso6+rKw9ZgMEUB0&qWJz#ju&9JaT<_Kj+*;{7-{Db0NZ-BHeTg;OL=k%opVF zWN%86Ju-zWzv&6NUIPMXIB7ZeVBfYceGBNA#!(c?k@sO3!>vZ+n58xoWs${UqT-k#p2J@XV~8#FKEF8GJv7zV}5V-?;$vr zf+|wVy3m}sVTCC4m&#-If_)sgVyQ1z7pE@f{L~KyR;C(X5sP{`RK7P>UBP1f(&x#9(`m+@u>B7ZNRjy z0YXsjaEdC52zJ99+Hc&1TuPUhqH&|AkDQjZE4`EEdm$^_e8}OuT1s}vqm{_h@AU9a zaMynKnHl=_Kp0$OyjMjgSr@8-*jfw{eHxgWlcS53ivJdaz<6JRMDJ3qUE~P*-WPpX z8okAc1e7g16fG&Upz0q3hAyKKBdhItXU!YHP1Tz2(&|ntX2!P zf-;TG_>WRc;ih0D0s@1Hl8NZ!``Lz6ewi(nYm;!I#Bi#67KstDi=jwGM%@2O^i3xe zAQt?{de@O|69`%wPlPd*$P~$-rK5^C4bD)#FVB?UFXUcbBrK{OC4#}HF7wl`i?{O) zNse5hdK@s6A4RQJGS6fc6>o5~z@o!A;Z|5)#QTow4X`PKjdSETiogqViTopn#ZA%L znAZ}oYnabB_?fyxA4E3TlJxlr;8eCYVpJLQy}Z*3F&NFW#H}fv*6qz}?%!3&+Rx{4 zPenM+5#K&)utO|(S*g*-rFK~n3PwNd{1d#W?vk*3?xV5mmr0M|iziS*aUE#$t$x;M zwI!v2)j@{=>xbCuT&5-0L(0Z+^N6(zveEB!CQjRJ4+PW$3Ff~|$6&!`;z)~ovEbgR z61pZaei`sU%nNP*Y8&gVJ#Si?*gunri@s4!F5{jCyK%{0J$j~&{7B@-l+{RXWxJ@4 zKVpna>K`K5w==_BlFiE0G;1Vf>`^bTlL<&d_R|KW#gq|TMFr>%{vwoQ1?MsurHi3+ zwgOF}5odQP58#kXZ=R6iB(P0R_U&XG`loCwZgV66Jnehtn{D+)SS<46U({q@0ry%^ zu^L`chD+GFi?Jw24V6^xRLZm+T%>dVErOs%QyZt6F5_k z7zRLFs&zLqTy;llJ=+iuOeH>P){96&>lyc)@jYkLtty3p4%CbN4ejFWMo^;;1bxLwzQiz_I2od-v#TR$TlCDz(|>MuMdDIg;rP+N-`^sHHCyNr-=#mg}2281VCue~3yQPDjT zYFFriz>b-KdTs$OXM!c)fKz8ssA(RhdeqQjG8da*UDw8EVg=RaT(Tl47@SCh*~D;N zsV#jye*P$N^}CZ4FPCR0P)gvLhkt@el_?NxHIs46a^Gv>X@OwtTMbI!`ZA$BujLhF z`B^f{#c9id@C~}+IZ_$^eqXPLD`%GYw-_*J8|f*R!LO(PmtiD!=BT9r_$H~pv( znDhV^0V>m(CceV}t3;^h5|3Zm=8DxxP%0#-P?;u<;mXdA@M<_^VD0(S)|U^@&m%K) zuchqWZ(*a=EoUykXOApSJSPCURexq8$W&QU{hoK#vMx-0? z!W~f(xNXyQ34T-`h1RGhr`Q$XB?h5*YSMplLcim@LK{%~E4qB&I-(=kMIk$3vhU+0 z4~J&d?OM!yZtsqNoyk5f9@P*@?W@iOgG>InsN?_CRFiX(^TTOm zEOk9iD#+`b*MHlscNclSTiPaIW$R{3a@o?Wm5RhP$fr2FZ;B=?sUX{O>prk!SG-Ae z@;G==_F`BG6cQSZsnN;`h~p{xjEE4CtFTW0!UQ!T2Y-010~w6B$!Lhfb?H4O=K-JS z))!qX7<9YygX-U0eH94Dz_|ZUlSa<}7i#|B=Cv$b|FwDTw@&!vX)bP_Paahl?(bRNl_i*FA+of1jLGzl52lKvXZ3}MH&H#`SS&88U5 z(_TGMURTq2whn0S*+$Vln*3rLceDbzqom93mYb`S7k>CXEqF&HDV&V*O};WEXKnuw zOJ^LDID$XI4?goNf|M;3lqn<_7KiwXQYWtk_`0pEi3x_ll`gV3wb=&@WTXF^JF1MUxSYU#bmDc;(5Cl-l6Dx60 zZ%3N^mnf@!F90*Y(glw~kvlpeO^t$0if#x-FSRTDPDds>-;s}nc5X&NfLiOJ?~1+r zWYK;xS0x{8(K377Q32-mn0wqLsOJzlDW4<3T0kIO^M&A#52fMsvLqQI%S`s>*NHIM zy!)%N>5yb*i%pwaKw(BgFU1N>FGYFhZ%#2<`^W_X`(V;A4q7+GUP&gg$W6n1jORcg zz6jUSkKy4fOn?F2^uFKWnp7jGGLK|c3q;Ao_~gXGx;Hc*Cw|D8hwbZ?@Le(Y{E{y3 z)MVm|w^xq$g5cEEP@da(f?)g~oq6ckS($VAK_qv=8O`28fTCGc`~F?djXd{Qox5&(LRkLi7Xl;e1b(QGZ`&vO)6$8%|GsUedhrn z3&5tti|n=iuy{HboQN7~ij^KHgblKJG$Z&V>)hY8Q1I?A^UWW^+gnPrCX<;pBwiD> zv6%B04$+0f&?818*!)EoXDNG(0`3wpA|~966oQ410?)s9t!ENQ4=`^%Oez3PrPVik zs|CIGmyrd6czMQ;A6ax~^k;CrRz0o+^d83km`?o!={p1jf~G8$nexo2gcrdih{wF* zi0zE1Luanh{FoLh4d?k3DhnqS(~ORo?g$*hi{K$Wx{*#sC7L{Qqs3$rkqLQJIWXW= zZ&4oK)yAmWGtrdY@`+O>*NouRixZFTtmoB+QW1^OkX)qGCO;FmjTFcSk@f^}^l7O# zwh&PyvtZa4@-ICs=p896{bf{`PhQj&KqHkYNY$xkP+nmaB6_a*Vf6!Xg`v@J16FXd zJRplskoGq;?%iRvh=!sY)upjA$PM;r+(c(+ZOCYZa%aD)a`cT4+_6d6t7T6x%gg21 zn-+BmZz_LLj(6D!rMMJ?@kkbSu4)1w`Id=ODX@OZP_g(@!cA3G-9A3LjJ6)BRd<|1 zf;naY7j&vOVRx)7c{7&9Kci2O5N^^FrC#xmyy`62t(go@ep~+D(^7SncC7D0swv(c z3Ew#ie#U?}wa_(^S${%eooRfybsVeeJ0h}P-~4~5;2ezqAzPe@nd84+_HX{5oQ3ZRxpA&qsoP7z z3a5}(aUMW_e9#U+jRs4&~ssu(-`kdt}WPKEH+h47p~W5 z*7hz&kXnE!zL{lHnkh4}9glQ@X1JL}Q|XI@ORP(KSM&DvUOz|_V+*{HII2*6 zQ#;m?I{1|q5cO(D-9&`qhCY2T)L>$(9CEGvp*fr3F1<7-G6G3k3l`Z3BK8#KKlRI|l}7bFpXU zVqT$`rywnS_yVms#itmCJ<{2np%MMY}^XuK?>kX{< zG~^YupHEoZfB5>{Mkx1OJ5*ML$=y>DG}bLreF7o*elEFeLj67$X%0!|l7 zj1QIrIi=95Qq>2HFu{|*t(kyoEG`xqg&x4Vdm|2+23~k#C5t5qYmV6`)%g7l$AprO zha>BxJ~CxBt+3n9CD_f^RU4JuL3tk61K1MC*a;O%Omg)?Np$j}(V{C}m67Ao5F=By zm(_Jcv_*?(23&NEggG^3k^`R(R|+7PYKD@SWJUXdJh@uTYIf8tOyxXp-zg{>} z%OksU_I0+QDsx_#s$Z98S!lPNa0EKIs&_rc_qF4~GoNf9zA;pRFt$h3Ry$|xPcZlz zdX@iBNZC05OIyot*2VwzwPa!X-^qFZ|IE}WZSDVIUHGp259`8YsLes57b+HZ1H(KZ zcT8BDl<^S<%Yjz7IpBHwDT6Oe+%;2!=2&DolC|Rip(hJ}dQ$wh7X3_V#B#CBrMRi0 zwQ&#sPly6H^&AM@Rf2$g?R_GEV_;9&|Sglekt1k+(=v9ET zO3Wwq8!S}na&?+CSI_6^UzVFk#dTFQuaT!z9|;Sz3XKII4i_h~+H&*zeN(gc-Y9?F zoahh{R6-9W>KNK{gu66A^V29&-<-e_1gR&{(}InGdBt5f%F@w7GTFK1{jhD>oFeWw zP8Lq;MWq#Qu-z8G^L3I2v*ZjM9DzQjysJ$KOC3PU{+(dAe1mkhYm)1as)K`n-3*5s z7G9^ZD}e-po89K}L*ubF4h+{}>af2bJiZy*C6)GB149c!3?`UO#9eZdS0dw&5i>M} zIOZLe(jNxGJ1OvKLm&$Z!_Keuq?5h5g2)NGcFNSusI;%E%Ugl355o6ShUe7FMM{|# zOuKA>uid>!2LAQ6)_eDYtSseIn&O@6>3FNF=iUx(Qlk4zZ~bE}ul@^NpYLerv$yBd zp|i`mg3H^wVBuK&Y){$@%F`Q|Z|`<3+$DQ+TN^x^t@Z0Uc$NqEq`mSc(L~ve#zAqJ z7kdcClx;nI*=@R-4$95LmTlfk`W}5>kIgK5->=8Rz|h^1!@XN8fSz8bFZ!I-f{(+? z)#1`o#+ikOOSn0(%a87^VYi|}znv1Aqf%=ItAXmF=+plu)QU=oWOU?HzuVmbqDUSg zKmcG9@I{p9jCLxSOJR@N2|Y4GdO!$a6Uau)(U)QGdCF-%_*x(+yFgi0TFHg|k#c^ZTVy^FKen$?F6};_JKRgoS{U^8`FwD|x6k+>QiPKi}$o$~$m&uuO5S#mbpd0G@*qim@4)~$jy|=}nbFgTXW_jyL!zpxKsF+9H z#jM1Ge+NzkuceS!9MBmO|Lzt2_f3_{#ye!Dz9e8$jB`L|i#Ppg=~Y_F6yzz+Eb?nX z9T+a8-vWbWM~b*4T1pb4+#0&`CC2|sl{!?U&fxVOdZ1j_ew}#7+FM1TPJKr;%x|py zFA6aB7HmzzXc1w(-5YvRbO{pa&U=VmM0&f)4CKX##Wglji7Hs*%|W)V_ubbXB}_m3 zSqWwNdmC)oDowq)FP?5cV%`41L1>xAVu(L)?7G909v3r%ia@3Z0(u8V9{y^A%1RZ+j&RE8y z?#_TNj+5PX;S2*UMgw*$z*V+J3BOqfsrNQ^g|{EVJ0yU-#zL%@i%?D6brww9zCBGB zP}cQay=Jn&8@P($klsX}#7wSI&gP)?Q}ZJ;@5fKL`I0CqZQEX)Crt~)RgYpFNF22o z^1w->CYQ=PEohV2XH8*{2cTA;+Q$|E-8j6l29BPTJhAT#aF#wCY^d=qAPEpAx{f){ z(y99qM7@f#2@o9;)_ejSLOVGBfN!y2)xAkZIz@B#{c*FxvaX6QNzF+_{LqaGO_jga zEkVRgGdT|S53{$bQ{_)?6B033CNgah^bj*-C2%Doie_shpWvCDI#V|^3$tD&zB0Ut zUp`fbwIJrEhx8*V0X`(yJ_*|8IkfW2((!TGq)n-Dx2+<7k8RxcGnFdMsYcFttnXviNRXWS${_ zk7H~zsmnBIfCVu?YSMR|h~HgKR2*6LtNvN z%=9WT(!{lnJj!T($qVBPQQciru0Do88UuN9Kj4~0lK^#pAsR!#zC%VHbj_{s&&rca z(4*Y4(6EeJMp<8KD_!M)FqT8*l#PMup$VJN7iP6pdw%Cc<<^mL5`3FfB*wdpDP@uH=l2 z1jS<*iTevM5trSjyNVOBV*F+l(u`G^voJw1d9JOn>t2mE$^5RIbW(St#)hRsM*G-K z=Y5AiO*iu^^4_CN{+4&yXm@T{)%(N%C?;U~l_S@~546< z4rP?89mRD-Rg289PxrV4m58jp!ZowUj%5uSpe%b=eo|?UeG`dnEpKjcwu9*=Gbv?UC9oowkGU0Gtb<6)CL|t^z>R(i?BovF_K8iLr;D)}l)t6SX-b7JptjrPp`FYNHE!-D)pBUaT2I zm7K&ea_{me#3!3PfxZWnO8{WZ+|9;*cUP$!&$jF3<6pPrd2RYPZZonaV`u4O4Q*G( zhrqzfb^a-_?vM`MEYg;Y^Ro$Ljs-cE5fll$bOR1s)*N zruv>ivh);b)#oW4X)6*kYiI5&wfK~C;XmShUNfb+HSCQzZGM5I9%%&shvf(d3)}xg z0{`F0Jo~q2+JC8otJ0KqT9-iTzN2wQQ#D|gk9H4p2_&Eck{@eb|}3>sBqGeBAHmDk{Pl_^5@}b%Y6QAjkFe%r?CIt z=Ro;Vq+)C3YBjBIo1Yu2uGh^MlSdr^6ArrCgf{DKOMuV%elQ%SYmrdR>I5mO5UR6% zoj_>ybSh4;Qh*4{$Zh_(`>j)rCPGV|@a#8 zr*Jn&1r#Q_uQ3D)jYHfcWR&8HZ)lx|UR6r@o;joPHe+#Jx4dnxCO@op-vTk>F;enR zz}SNqOyZlAB@~pADv7b{_~ExbTEwTP`+gopW*I&iBb+S#@D4O5ssz~Mn36P9>-sas zx&CDekKVqZAMOS9hEShY9P6TBpSzV+I zV+3$8fO=vE0s>QWDFJBc8v|^SD7108Aeqplzu{V3JhfV2`gso&UCZx7t&k-&eU%@L z?b;Ujm8yLO$SuN3*3Lh2F>X3_J||Vv#xN~I*Ub#b1P4pZ>I||#i5La54mHdSutxS; zB^Vg+L!jpEBRn-zP!ti=c4PN#gyuq;E?}2Y<U`m1hu7m>V*7et{W}QEiZ2JAqo>kRi#rxufEN z9Z*o)m^#=^=w*wL@{mb9u|i>;QkX>k7GN|Y4osYU7;}2ay5m>rznzNp>1BGz+LR+0 zwz>OPBMFDC64sVSyVnP0tTv+}N~OJRc`D0z_|nDm>aJIl=ov@aw>``2>$(o}di{iL z-P{lt3v)@9VKY2d`1XEgn%>N)T$^t+b+kgCi6~QBL;Tg6qDI%8_PC@WrQHhyL z<%j6Tw?uyVY2@{E-`Zc*ZU1a8nXWrBiD7Nz9TWM0#*Bbz_u{Fa6ez%&V~J# zc8(cWQbvTj?DedJNGLtmTr)BA5s(n*--5Ur=Hrj0i7aMIVP}@WaTQFSOrZtK>_rr+ zSi!~wtuQraEon(V?rPx8s?C0~f9f*sJhL}j9Lc961m za29MtO4L{a8#*OJ%ai}E(&p3P+f?uBTKukH$dg3~XiPJ<2nG^-4SKa_% zCxlwYE7C-UBM~SK+OCBnECk9l?}GXeZw%Z&Ad7$@Wk49?*4&9wE^^0eK$+O(q{oc1 zEMtJ5Ot1yyDQb3&O%p7{=yW;Xz4gqCYWAdfe7v`d`^Z2DdpHe~cut}h=E2dAP1Nxs z1rje+kg*dO9f-|C7lZ;mi3JJ|eOut&=x)Z1p% zsB<+NT8xd4$ZkF&8Byz4E#>)o#{?KagDxlLUafAM-7wJv@(LU>W?I`7E6*%R&|=rq zd8jA_1Y-qy|2lHZQC8 z_w@JAKZuxfaptC?Dx%g^t;k$i`R4PY%G;)-xqleNpS*1axd;t|Bo;O%XH1;*d>| zA0paCgEh-vW$^mDH_ctly~Q~sWo)bb#Lq;gaW$U*L(>%RUcREK&A;a4&eBk_RsOg#U~yQ(ZO<*@CCxC-;@sx48I|d z@Cv>*>rpp$F94D7%oQ0shGEIC^p_m}C-AwMe&OJU8F!u)*K@(8$yN<6Yl=DTfc%Gc zHtkNq*4?Af5@vlcAwGr?a*~qd944Nj{s?i43d+MDlIK7@$C^#w{AX!3BN>y=5NIIp z=`h{0H2ckO`|@ne6BFW`PaADo(cJe)JQlP?Z<*AktORQ_FxnQJL@F%5w{fp0f%?ry zwjHjx6&FCbC2+L?7a`#AbAW0$9ry`vxxUFWTv=qL*j58j~axq1aY;}hG#T0ZirO)f^9phMo#VMAcwkNz;%?1Os{HY z(}alImC-O?|@gy0i!jcFj|hD36B`X-e0>4EC+iXo;ONImvh_JS;hp1 z#XyRu5XWXWMQ%mQ)PXQFWGK!yPJ1q%N^(HWD9eCH#}9@ zImPY+<_9#uDjWSjg(8ms1Q2HU?@p?tpSkAK&O!)xwHG05SQ zY0_Y9waEz(Nz4v>zADw+gG1Ui{=zd8XkJ#;Z7lax19;ctJ=<~VljZ(=P65#i6sAmN zcYE-O1*YWTE0IL9XL|2;5}kf=zKs|M5zArt)U|tO&#*%;UnujR>XkQ7E0KDpj9C`p zU&D~+_Hl#cjo_^tfdN8MyqHbSwDC8xhxdIQ7!D8ie<<>FJpK?R2#stL$E2##E6CqwcGgAsAJcC=5B&_aeK{%K&URQL)qmYv7&-NGFWMRPiAxhg^+&-GmIs3|#LG%3$?n#h2SFYN=~<(oD-AHfhs08=)k0c^ zZ3aO6x-|`>)`r-}VWg=JBM-O8;ro%FzNacpKjZQ93{M(LGe_meER8U73(R+Qdi5F? zG%tlww!GxtGL%DlVAe`e8D{)z`&Ura#MF!#!_#y za+v2&Q!o1iZi?iV9-vF*K?Bw)sJG(SU{3jSAp*{NbNCi0=vt@ z#wDZHMn7n$;ZzE#DOayKG#M9FZKbW`B@hBb&_cjZ2cXJLi$hBK}F0ajpHk5{F$6#_| zQ;o3~@BQe!2N)1mVu6H-*2R9h<;dXU)76E=$B!QilUf{LakB;|6c7!Fun62Mif-vI zyJA{`8Y+nZQ>Z2UI6@KB9;bYu$hiS&){P1~y!-O-@^^iDWWdss$M4&D5#W%WDX(eF zZb@koXxJ|Ue8eWSPi=C;U^C_WMTW`CVL~Fn5tw?JQI7acTwjwb=>IB*565rcfzPbY zjd*p_iQ5%EHqhtkbZZ%GI!VO%{xsxg)6pcB6hX9?eEW5Zx%a{L#?_Sv-%T%G-Ch%e zt}IP@jnaub%!7dlZsclRG1!c@ixlGf*p1eplmLCYAo->@RDb+R$GYa14VXInvcGvS ze0{Ot`4d{o@>ZJNID?`&2wuw(XUuC+!=|x-1xE*G>zJW{Fk3~BiIp}{f4DL9fA}!q zu}Nwwlb=F#2w)`v)>PUcO!#$^2d;)3csjc>_29{e zs^fD_WVdU`FP%WpZ3PV4bJc9Z4VA=zpm29GXP`R;&Ocf}GnSHe~Ew%1B04pXX71hg&U_RvT0Z<-(q`QIIx5T7SCk)UR-*)k zPa$QqgE|3*NK3;=eZEWufk|E#X?vu`S?vX>i2=PZqa>w1uye6_59056!`AU_QG=ge z)W1kIRzHW!b##8fL1#lF{=?CMgYiF@VKXwa{`Y3szpAN2Hkj``{a@7-j={X-{m0mK z7M|0Mbu6r~H^i2R?C-3)8MXDtjkuJPO}XpFPRolS;KpB+uQ?L@#2C!qLS`q{Pg=}g zZYx5B1r8{kM4iNh1qujhGzct*MB3@vg9Srg1cMWQbjzLOyNfx9rwhyZSR%Fd->de0 zo=2Ya*Bq#gZ#jOk3yZASPYeeH<~}#Dq6qPR;)s{acWff*)kOx z3?s9h5Ej_*mcKL_idcEY7v|&ZIAkoB;vpbRQG#p`SkVT7F67qxCFvpZ27HEI+H)X- zA}f4|K#dxETDdl?H78=k@-MBGWhLdZ_3d^a1l5wumd6 zEBA*NEkXa&oqdd>gKg8fB|Oq2XPfC`pt=`q7+M+St^W9G_3Ui@k|xtn&abo2XKiI5pcIv$MeYYu}?cr*E?QDIY)M@Q3b0r4p}mr}Kg?Zwv^o)PL!BaoCND@Gup6>qMZ zt6r72%K`^3tp)Ma+tV$khgcCo9bP11gpm2DDPYNz{RR>a2m10$5xih{jb<+0YtPVj z79<8h0|6W>AP7s#+Cu>3ua>kbPfAtr;x1Q)=%CLyP*%meq|S6x!X0rnX~BsDcNaPp z%|PX>cUITFphXd}D_*4#olF_lcloU^aeU{FH)ic$!BBYHs%4{>A`niUl%0&`61@}y zjH2CGp>gE`O}aEQH14FAqA7Nb1~^qdo*&PI2e*!*;hkHs0&vBqb{S%9iH^-`6M!8q zTM@418w{DSpe~xL%yo{%#-VXDK#6z)g42Kp^AM!NkdY95??eHze2_Rn%OEm#&C-_F z3PPiMl4jo%Zsw=GiK=-^kN_S*gr;hS(W$^Yk+NGOMfCIa64XPJ#uI7g^509>`GRvR zx32MK(K07%XG&|;)ON>md~?pfb9vr)m&4oLQH9-n9P{52YVHB`$;!`fAuX<{NBW9?r8#O^|za$V_H9^uAq3q?jVH7-#66`61DAUax1(0T`GF#hdB5E}k z9!KBV%*x>8BGbWCqac&aePj)vO-ri(nS4mUVPFV=~swY^2GN*l$A3GyOykE@!Nd zR!h~UwDU8OC@&eO@C+6P-XDl`t_1q2vad$(0NJ}ZSvvR}Y;HFSPRi&|mO;Ei1p|oC zYF8_`x?T#bv(jEhmz94^LrQU)BA(Eha0L3q>o6fSHHTdgP#B0HrUPLM8fu#9Knaazb2Ga1Q~@xg@Kb8_wxUGmLN_@=!bAz z3$6tbtM`8IxjwTrz8N3dalH^;^YR}_DNjgC^4u>*Hz+B21d>f8(c^gH`#@^z3&ZFA zKhb&PIm5GNh_S`%PKM}hUWOOu(fwMNiLhl#5{lQddD{7XM)pv< zzK;w>TAqE$sk3;$Z38>osUE|NSu{64BazUra$gfYaJ&Hu1g+!kG?4u%`#2J#E4TrS z55sKgpQjO-Y2tR7YMr{)RE&)dgc(&2*ntuHmxEni6`KD%DkS(nyiiQte6b9W^(aQCmH3mi6(1I9y!raaX2~$Q zm7a{zl%MYQgQ(2dQHait?e@yo@#=@>$eF3K0j`1FRZ!C?7V?$Cs9cd8>e*1fW-!{l zp<^Zh9~=>Y)r9Myl!6E{2*{5hF-IDS9O#Ncz$6vV7_X%|RL7}`TxSsBp_e9yppM9O z2&1Bh!U!^oLj1-AZ9_He3NJdkbgv@7fSju|6_{;GMAI(JzAS?d?*VLpgAb!>1*vnQ zc9bdjw3Zu;AQ4UmQXml>Dte=eprx64a(^@{%X8+1C^zUU7Hia@sm#CZ_Nf$kGBaGA z{`7e_tC5kq^2ATKB3G#C*p^RPA);9BC^$YbR((t>rBC&HVxCTSAlK`NKTL{^ik(Je zMS}u8xON^e8<%j3vI-*Q*(Z*?ma*^JQc{7y7eHOZs6dkdt*UOpcNOmsjfmQFY~kZl zaf0Ztx>whDLn$7}pyguNf$A3;0Fv|I+_uD~XEZ|Ksb=l$0leL~dD#gBPZmqbtPY{|4WX7yq9QXp59 znM3NQWjigiQ@vIFG>Q;|4!($NCOqAOvne8#m`5Yp0Q1C;pUbWx$?xN%D-e2?DjTqa zQ+_A(2#F)&J_GT zqr;}DQ}oMprYm(KG2;_{@DCFA(ir5azJ9;Ram0_)rYco`?21Hw;Whhrd}mhwh&!r% z);l;l#W6`-Eje8CJND@D?sE1)z#!R((AngJywr_t@8&Y^$!P>}ykTpZp3RDY8xAP&k)EI=mr zHKfQjY1gaiP>MY{iA+>Z8u6Eh|`qjMBgqr$-DHvm=S5Q}ztH|okpL;d%($#vk zR8!V^K~-FU_#%p+eBS8)xlwk1ke_5t{b}DC(Rg&xcMUAp$RY-9WhO`OGC)_d;}5bUIO? zqC59Obw(ste-hML6b+;{VyVrlh6n+*lW?H-=hFct>aH=#x6nn)`jo6wHA!{By*}t{ zSMlkdu!4+{NBLhG)}h(Ho~*7R_^;--gWIcrli6?ord#Ua1OZ;}4sH*9eBa)!a_Zx$ z&3c~eJ-v4Po!_iqI1Yj`LO{yrWCX9qL618JNqToKD}J6Pf1L#%?-&dA78nb1K&*tg zASJUDvJ|olWE+zEZSm|LZXNT;(e-^@Pe9dS(8Kff;Mp&3{Q3OfcB6;b)72M!T6)EN zoL)cn@x$%$7vG0=eY(%^%2RIDK-E$aqTO&PO?*s3Qv0(CUtC{K72RJexj(P&PbRN# zbzjoW)zj;LMVs&E_ahH?ZRNA?q9G@y6Z0&S3S}0PNhUdqbIz2F-z~sPzq2#Yuh*Qb z3J6OSniAGa2?nBkA+D$O`SAfz@b#v3j;E$Hyg(6;lY_(tD_jdkAA+Q10qs!;6o#?4 zjA0=dDb8?-d={(dU(-&WPyGG3p69errgOb?jxj8;5}465h>UJChxq{Pjv5bAA(gnl z(1)X`tpFM@cqRw{LN6V3=ti%!=t8^uV4gTCw(`c5M)OicNX7C%(&gU2G9QMupnT_& z#bK=iA8uolp2nB{=uDjf?cwroO4;#LhA2U`zK<+_cp&}b@1aG`!10xp!?mR)>x)lUK3P@1fG(YL9rnv z8><)(ac(17vw7{xkVoA$fuc47e!D;`8I4V8d{0IaM*-Z}FFo@zEU=x#8gtnRxju+Y z0IvYfuz7)q7zse^m~L5#KZ_mXx2l3j!Or8qU%K1lK74|;ZlZ-~rmR~LlP9wOw3Tvb z9Oj3eQaZF&;J%HL83_}nOO_MOCp4D1`Cu_{%wD++BWK=Ti7eD%)nqZz>Ofr=^WzM?7j8xB_b+xQuC>)m!@aT9VK+up=@-@f7_R?*U^spq-B`XE z2P?$0`>uO<{)xW*4q4d^!;Q@i(~S;)rss)RiZk&<2jcaVti>hIWFF2tMkt8pg7hI; zXbGA5Qns24E?Bl14OpFXj%>LmbCI{M4Z^_24*zFC_x+MHwm-y*@-*r zx#@RA%ZIxA9?J*b3D9BH-E4}T@|da~nlS$?9?OnO2N2aZ+Nw z5pw|XeG<5@vc)WwJ>{dfO)pXZD7drE8H*QSf?qi7hZW&QxfWe(Hf_u^DoU8qPFu`oz%K+-#s2|k+fV3mOw#X{#+JnbtxNi*JeDNJ?gL&ba}#e_4^Cbu^R zD1WAzI?{C1#vRMoAc!&7QXR?AZQIe#pz%^^{A4}V#jGO7zAH(?7033b?nsJNl`rUf zSGD)bHn6Y3Mw#xY!>+ige|l%r&^w-v$$&!ichfeT{|+U+%LaAlYWz5cpB1WT#d}xV zD_HVg_xmBGwu*VwBI;S!l2{*YVEsOo)+$ojyUu;icE-DAYij+9za-`7; zD?Y-2?`YV__;lqd5S}6ogO0pM2H$tKUD7_nWa2 zz>WyrL4RahiSrbXO_o?|n5#x1VumG2cbKIDA`#QJXiXLsDr|y2NjsrsNIk6VJTT{J7J+3x z-*`Fd%*Fg(40cb{IF;e~0$t(3l(zz&WG@yN=6Q$GlDq z;$zu{9SqEyvXDa&0i zMzt5@PBV=o(pHrjTxQYM(b<~Vi%e?&#fgy}6uh{2;=`;%OY-76ZmUrA75eP*t(Q|1 zvwId>Cp+CGXG*qGLZ5oqVjCW51)~RUrZ9u2b;@Q=#}C^qh5k$00ncQu`$+IZc=fw# z?Km;VrPwaEG2Naed|)o^wl$-|9C#DV_O^c}|D5t_ef*9a&b1o}_C^@Ic_s+qYXL88 ze1cQDfd2DvxG@uN&3#{V^*6een0_O!+rqB+{;Fa{mgA~Y$YM6B-P&L9RO38vCgUS> zdbsH<<}H|L@dt2o;D_oz9DzAF|AXBXBPSE{e=VK-?F(mfp!mM1-&)kCTDTlOpOV>; z<+9DJ%{&%f-4kgdjENs> z;@#thYbKLVj{J4TnS7#jieSyu-0j5S?2$hA+V1ljzJ_{xsKTcyD#shpO%#`&|6qJG zahyrGV(M4Z=Mv$&f+5Sz#|46K6lH_;z`Lht8#F!HgtwV4xK0j5eBiwh?dkZ_4r`zj zL|fx{asx+)E&ItU#tpJRcwX&^zz=O}&WElYtZCTbmBe#qT|ocyOrbJ~zc^x(cqH)z ztDT+_JdO2zp#xyG(Pa{1>EqcPJqw}w+C(;&j_dO#aB$JZ5b;DF4@RTHn~`}ltvz7m z2T61=7&S{6w&znaclHlJl_W36Q~Vc4!GDjJL`Z8@TJh$xg`&%Hq!KUz9^4Xqo+ zC(;G=&d+RKpcR>{0QN25Q=t}k`RA1 zhE33Su&ud)zS3@396np-yBsRJWVRbXpfiB^0&!Alo}CM+XS#b}CszO<$tPG->V>In zrjO>1INzxD{XcH)d(tv8eZJMB$u8J8Q(bIys&6{XHrOi%WHL*tK^=6eL{NFZCkhwC zMz#@LT1U7v3&K=HS(kxaPjz&l#XK6Jay8F;nvbHM-YoILI`A<}q5}9mP3%0_LxmK9 zcB=z!Gds7xm!1izV9`B@d67Dut8_pB?R7;7c2sGCDCV79f15~R1l*Z*>3k$xAw*{b z3pwJ^I@uUpFUDj(buJ{rnLmj0EsEw!X_GAI7CB%<}mRXfJ4gZMotH++sxY2ifZ(H1ex1t(V}3d2a)V26;4mJy1g}|M4%x7nj$r;DuYmJ&U$f z>*8Z=7How(;YPlp8gDvf)Dr2yVT4%dCa{vWI{GJOMrCKYkgg0SoROt=kIKMudH z4(#yGa8*G(x~Nk2iKB3ja3-e-^w1R}iY6K6YQ7Funn(((O{W|LKtoz>QvgGWacbq$ z1OO?U#SoSIZy^%SC_%WLCvJ?`(EQ``b^iCs=7pud%fqdy13PE%ahV$4euvGX8P68C zgKFADV-4Goi3&}LHSxiC;uF9QVkzsDk1lxzQGBwSmUU?1$fz#3nc0VjdPT4RzwDA2 zPYAD>W5x?*W#yF}N8sJjw;x9qOr5-RZAWZ)ORMp`nDqzKohDHX&4G~nx>t*4r#eeo ztq6wiSjIVNthzLH)%cHE(1_Q7vbXxVHlm66$*Y$2$;`c2-!!ila(;-x-W(f{UAQ60 z)USBltBE>=B@2X76i12mn&a%& zN?Q(tmLbMyLpj*2yD7|y3`ojwBoFLkRfz1n{xx{@yvlL1pZ7yX%~m05068!^f? z7znoa6~*sIpfsiveSLjKY&DQ5tlK1+Xpe1&KJDGIx~(qpJso=FJCmP*s6T$j&D(UZ zp|pkLJ-0P)Mz77Ua*oJ_QN@)w^*vC*h5U+2a&7gXU13+m8<;recjdDsTN}HYIq@tv zDgC;w6yb4m81Z~zhGXPa(11JV_RxgiV0@15W6DcDqoAHJo&qk$EnL z=YC#XlhnWT)xx#%_64O`_~{?fj-~wr3~kyg{2!7!C-Z+0doePx{nu{s+nTn&q#}gx z>;LK4k{B4h%2f$4noMd(gPvj;~N9P~J%j?XA2!6)3-)f4Vymt5YS?`Useq+MM2K1{C+ zIn7mfOk5uq29Ha(7WLr$x8wAe9c!&bg4xXiN#t$KM8)d~l(fp@V#}dph-^q@FwYf33rZApSVlT=2 z{nYTx7>a#|9@#!kz7vG2P#A#%A(-WnAHoE3b1=)vylP9lk9nY4mo%1ANe=cr{90ap z=E5vcBr<4WkW{#6`v(>%t_MXgG03<@5TQO0!-U1!nf!Ti_mL7e9dgKWTz{tI%j40e5TMQ z`3!w|)za4g*r27oTj)-%lDgM6OstfSo{u-1nMlvCwga`MK(3Lhwd!Ear>t*deH;PJ z=z&VYBzN)$sD-?tfmFSIz*xO%xTP+|485C}_JqKYpQD@<3b-DUs=E_G61jx#M%Br& zqg!)m6QH+7-R%-XlE_0pm6YevTJYuiJaVR>hfrob8Bh+sv2^% z0Q%scM9GcTJMyBPa<#s*|F-SLnWrIosIJ_#TZithA}2iGjjO%zE}?m|)hCW34xeT+ zH$lZ`Uht-_pnuXozgYZ5OTHTcSMB=daXFxM zI&kAZMbBSl%l~63@_(uJIT-$Hz00(Qbn>PMLhpzADTVsJ;Z9P;K?A~lfdt}TJR#Dh zG&Q_>&{h+g$OeT^cP}$966qB#?7xB0PZ^4Ref8cl#a$6%vuOId^nCtQ3lyZ8D@2_; zB9Nq&D~d^uMVc->aXX_)B$KG}3$LY?Sw7_BGq57f|-Cvnv)*2sdMIt7ak2_ae;!1%GmZ4WgtI_yq zD757v)ZW(g1Mw!K@Y51h^NH%xbcdfAH?r1o(xXP^_Vi9GLJIVI?}%uAMwl@QwM8M; zNtAw)V6g`9=18LL2^L;hNg)p7#UKmG0yR1k_uJc^ZcL&DWZ$JyX}J|9DTt*>jWg8x z?3>-|@7xSUd_u65?KW-RKi9abOIl!jw-msEI^6gilFGPJ7t0sb+0{3B+ufcIqc^ye ztCX*sH($Qvs21l9R@rp|S66KIjc_#&W85)=@v~_2+HJ%Yo_FuZZ_5`a#YKSQ@EH>( zVo59&V*>Jr$q6!#5`cnJn<{J;+3?clmkZ|Kxv;6xTL0>2_4Q~$WBc6Jv>~AqlBl#8 z!Pb>~?!ke1F5GVJD{seMVc;a!xowqwm~T2{0NyUQ9$vJaS(uYR!?Tv+5o!uVH1QV@ z{(d@5YknQ!KtxGX-1rBEIKu^)?gjpg664b!60a+fV-})BAB!)#jakVg?sG+Qo`9s( zX-HKJ*Vq4YfC-UcIuHOl?q^Adv3Kolbk|YVO4%;$;L0d=6(^=Q>O*FeB}e}{m2$-E z+mHc)xh@v9Rkz|?YN@t;kIbVy>4t{Y0vZZAdO+q0XI8Y|Z&F%y4W2mpuVtnJ2g{cGw7;x3#>CyF~jumW|wv6(0EH4treeXAJqwDgaXax z{H$vbBMDX?G7t>O#ifX?PiKm~fj6@yD9$OrOYS@kvxtkj)tOg_N`SY>1bW{p2x3ri zvbe_<$9)>W$=%C#BiTrVb8r&EghHO{SK1G48Q_C$%6eW~?>_bHm>!}P<)2AH9PCHh zBLZFGDwt%2VED}pdc4pkS>uBLQ&DzWUb!%fsyg>u<&&Y{LoiIolk55YIQx563%;u$BeOx&% zCxE71va)TruU5YCCf_XFmtK+QjaO$J&F z((12YqZI`|k^Vo!YzeOT2goCn|7+c7W^AI1FN( zZZQBBoiC+AmKW=&6duSy>v+KFNczR(#%gl~w$>P~<(0d611y$|{%Pg7OoR9-XK3|6 zJWB^7=dhVDVfNwyK8fUKK)@kGh8Ov<6aghB=3WMgO}_`-kiH;bvCY6}oxEx~o^D6Z zLF~hTKW%yq1HOq;WtavEif9fnCR)n_>qOs;`B^%%)XlHycIEDZVbnx3y#UO$atzCpatZYau}%Zu#7f4waC}G$Oxa7Nb3;+8VpbQ8vOPjO?m|(*5hX zv1{7X0uL^L;3Un8V&s=0HX`=M!GVF=eeH!rbF~i4%Q;^EeNzAN29ugoImFZ`qZmhB zl4I#Y#c=w7=5x?Uys{l1d9rA8pr>fYEtNM&fNJ8!(Cvf{mKsSEWpNgib<=rep>TqNT+ak!!3rkf)i|=@!zD zqv4}Ty4w)UwdQn-TP22}Bom%g_dmN^y6h`bA@E(iG0tmvwqWs@=`YgEFN_@SYZw!~ zT5=R!Lb<8Y8)`BfmY4Y2riYoaPjRGg;8l>Bp8KO+gvyAOwXFQii9w4xPM*qb2&ed; zAa!NvAHZkQWtjhvVmVm<-yl8}PX|*1dU+!&Wfxm0dO3pMZu|cLqMV#ves3As{_n;+ zGvhCI>c5=mp8nsiUH^+86?)(x0SC?ibOdY%{YN0-sL<8`qf5HZm?RNK5-iDom$}=W zl+!Y&=We1Spq9HU9Y1_%e+n~+Jp}=rKLlw(K#1%puvj31g`_(aA*^Nu1W$?{`A`5) zK0$$2fj$-dV1arz%)h^lNu{Sj(9ASaPb&!@b;7#TgDwX3t;R!>? zS~dh(WY2`Kgvy+s&={rmNQnFTi;>3^j-WN~!R8>ySVIfNeeJyMv&5O`V9IJQrua0msmQo>_lanFd-pYevx z1`;$;dRsaYzBi38+ z4VhEmTy)7EF)W5&J!1HZUF*LE8F}k%dfBR?Q8$Md@pOww&(Q;_IG@Hne^B3 z`=)&g|9xk}hutT8S&{jvwRazvbzt zO?G;Hxx=fAw|~|1CT7I9uaA_sBAiH0I9Xkkrpz1 ztQL!8qGe#kv_FIREybs$MmwAK(sbgRsnsGi{IVO$I^;0v!b7c=%8omnA|jA_W4r(6 zMUke*a+5eI9s$~ri906CQy_c3hM3As9+1P&_N%y3O6M71F8XO0HmJmyL2w#QMd$b zp^Pt9BCb+iN2GX7i-xES{0m6nk;-9=5Sa5SJBnphd=!0R3KzYE*(!w^D2U}DSj!C- zD*P$b&a~4UMqdGLKg;Yzs6krXJhrDAwfI6`#n0+SsA5{YH8uyzUM87O=Hd%DL|q{1 z_iEMt`Qrc0y|xsDh1yO$($wMgF$7QV*WB=`rxB7f_P(LUF<2OAV@oY_iISfUWge6d zez>c`5qTHf)aYO`W-y-()l9|nEH;G$#K&$0{8n&Sn+&u7#dQ}wI9p$T-HFJ16N5Lp zT+RCnF*vvzuW%Ty9{Qzs96=g>%}^L~;&{X?G( zpS0hQcOQy&U!6!ltafvJ<8)}L?$SO)Y$fY$B6alsdN#9b3lFL5`%tg0ADgZ7$9kud zih2VBI#Q}zdw+H679?H~<4U=KzC-(Z$yqjdN_iqM>4S1XnRqYT>VvHAuSQTOtQFD& z)eIHZr+>bKl8DXyccsbv>x-z95knexFfx$bJ4^4g>*x1&KXwPj^^KUtXuhJ6a7*$G zo2iQ>JYjgp)W(+HDr0$rk(hW$(o6sY^uri&gpjra{%+P?wR-F!h*0G*XABk`*|HBm z2)Zo8gWNt77spQA0eOaJ%a9(uFIjsBzSvhn#NNo;3zFs(1Hb{v^F50TN;cj_B4{;4AqRRObRk0!V z9FC-_8(D=HS%s^N1F99;0M!lUh`K;^q?({gQQgogV?FujKVEQF(uOviG_>KYCk<^m zYiPq;{tBq9nz}`@D$_jW&V+yv7t~biN z?cqYiR02aAM3OinilLo!kdTnKE{323{s!IvC{ve@@y)kZtOu>(IL|{Lk>FetN%WXS zj%rc^cFZ-n9-r0}6-`N73ITwoi z5ul7!nPc_-t_HhYnf;&D6ChBt&O&Z17c{-JM70B$1b5&*edez~(%?V(jZNZe2l4~I ztNY7mTCZ&Z&Sf{_c78yxIf7t8Zd+UZ@GlkXlk)|1`qe38GWW_^t6~uO2pKut*H^(V z>lUL@2mVOMksEw@upt( z@kk^GwDqQp7YOEFu$-b!77HwuvK)4<^(z?#$j55Jj(Y?t@O22p3nqg(AepO-k&bIQ z*SN=s`lBRns~XbM(m47hC@dYmNkVNgi!m%&kZyU@IFON^L9Ncflr~QcJ-a@;^$01D zei>AP7tVId{dU;=-MA4nG@m}7>ga6X)M zD1#^x-ahbgi?Mj*3MX%b2h`A7T#NQ}Da4S(;g4i7A+3cq<{7paT&{fy0#oDlOc_@t zZ-~b!FcdFH++)B6`p7~2sv2q>FIrw1XvBhPE)-M?{^n8 ztb|4627L&Ft#6jst`SlB4^m)kOCIA!kXX`)7m`I<8kHu_xz<$(SoR(XB~usrFZeT0 zl`t3nNABK|JrhV*(>(n{C(daN5**bzRC?jsG$t+(jFus`R9#3rGi|Hwuh0a`e&g1! z{Pt!$_3d^rM)NQ>w7DUH9roe{MHChheSfeTa^`p8L*myD$FY+gI!5 zX0g*he?`l(Hg)CeHsatu8fVCS>D*W{~3@||e1lBm}ndDlfTcCYqfoOdV(0O9?e%nbMY*u@b z0Y66(Z@c}Gxi48DL2znZ41=o^5l9&tFuv+PR}Os;Y~ZeGAJP?ORGN#PJ3_Eu;P`+2 z4UjkdSB>~zIqG4*0y5b`225waPG23CH=l17G;x#HQZ_}ECdSu8J=bb%_aC*f&BK=5 z9E341!STe(f%X^aWQ04iXYl!VMq{_}8}Y4h3yZL`Uz$U#&~tb~QLUiHMf2qY-tRQd z2h;7p^Ky9}2OuP=@!YrK z!!DA9g*#y}64ztulQD^?JN$=y+-pc8ig3rOrwcpRt>HuK3gg46x^LfqSiHJ} zzyDTo6hL=uhcaX*+_L z;vov;L~rfl=^Vt(A%sX{%nkM5SZF3+c!hN9seb5W?@2aDeqt)wqtvrnE-17ws-wJ0 zD)FH){tw39F-DWHYujzxcHeE=wr$(Sw5@5|)3$BfoVIOE+uHrU`LeT<@5#=S)UV35 zs*xnAp0M1VMeE7q(uKDp?Ek)T=(pZ)px126T_q6I%ntBKhQD70z#TA&OP$_7KVn@LvkKbA zfd!WF*z&)=T|9jKOPh__IP>vh$=&YhH`80P?f41&=>xp!I7!*ZCq;Uz%Y$+-l( zg~qb?k<(kjziPA$d>`9)Uoo>vtoC>3!}M!1el9UtiiPaVyjDg#oex z6A!p;R(#G+R^nZ*fmONAF3NM2Y4SF<044KR)>r-;Chg4bVY7ptZv_QD-%y;%zgRa& z68!q42PxQzmGmFu>H{XdbJiPeX5fisLbMF3`=Mj28Va!(wL0kPf_f91-^@%^Daqr} z){Y1LpublAuvpw5j5q6L`emJ9N`$j%VkPH4nK-nr`6rlp_;>!ah;&7340C3As6TMp z=&{XfKerhKKCm3yJ>EH7a5j6bCx4gj2}uzf!opMN`{QVAbj-=KhRG`~4CS6&?LG?6 z8Fa5mC|0L*tEGoM&_9S$o5$z5SZxV@T7zXAiji$Mgw=Jb-6loDi(CA8S68fs5dZ~*ccSGB$1__PBOa%lf*f*SaWJ$wo@w6xg1EQ zVEIEaD`o$FE^vSnE?;h6mbdoTo4aoLxI3nG@~VgIO*oa#M~lA*)Mh+UWkp&0W5VQ#e`T9Zk_|nwIKt{nU4Dc)oyS_ITf64VzQPmcGe` z7pd#WBuE~rLOwK`1`vP`2i{1P5LT!b+9qnGMrqLNKbt9#<+eaNIQ>I4h5YI+Y8ka0 z-q}(=$Z&v*s>UHua&R!>kQ+J{gl2c*zF z0z5qtA}@4%SZddiHbJr#(4C3%1m$k?&c1TLyC3F%sz74_ZfTc!0SVYGHbbt2P6Hk} zv?)YO(z>%vlid8BTeL-)aig8tKG3rk25<-i1hW%Ts5$W?_+FM?4h&Yj(ycby(28~P z1czvUkMKsBPJ%X#WD{y@>4W;ddXYa1ZP1}lM7z->GPBxJ$W<^|j@fgBM~T1bHoBdh zarJfVdt?2h%cAn)@4>`s^kfo;rnwXR6c>w=SncKm(9~bOvgQUDjh)}J7ZP?lN0q+@ zRBAbVMUAOiXxyXObNy&)8TA_^gow$qPh)VX6$(`?6xl543*Th zvg07OUKcgTp@bMjx^UpV47=(#W!nS3jR?^c8G#T#j9BnOjP~)(NRhrv5n%u*NIS6J zK8k;}s?8-E7|Lm+r{wcbK>|Br9K1sJZ90v(J{jSz^ui}}Z!|QBUCrVYkjr4($#8F| zge|VTJJKP)j{pf;u1uGKa@RYNoFiw!9@9kt@E(S0uAzncqIRW1)DDPbIw`wXn zM;~sbk);d@FB1qd=4|^Ph@jlTdjF|@V*3w+EX>R-|Gnjww#=^$PL!Xm*c(bUF)Sc3 zA!7#|33*<00d-~T#>_v;Ow4A#qEOh#x%7YFo+DBFG786amwRQD)B20Gm=y+$M6It2Vs|HDh1`{S%cXLGsZUA%-9FvYF>>A0HE8YFv+gK(d&6DDRh@Df| z$Uz||R@GYdZ}=u1(S>p~CvIy>1|1o<_DkeaU7qYOtWNGdl~O1xvj=M@!fC$UVZT*53dQEY(f)Hq>XQ5VGn0lZ;17q|F zb#r-)OEYpgDmSPv6f*|PZrbT9L|_thQKVCa6pQlq1it~~m_v@D!keBH)8F_jFn_Ir!z1;+}4ut7mYpH3hICm7 z-ModUQ#Z)9l_DUr(Jwxm;b2I(|DFqGQ*SsJ%h^mT_|`D?yA2KFMN&bT8QM>%(Q zOvOI6pd}zdhHe$RT`@wFwRnsc@t#=c5FUnYpDsm&&AeOl{y-3$Jn zbBopG)A`^&GNMj>SJHO0x6Vc~t!xSfDk*U^B~jp#scH}Wrc@9pwI@*9Lac_dRubHI?IUVPL=tWA-j6`37T=;q6)USm>$w#fe7pw zl2Ss?KYqek#gF1DdDivKTKo=cU#`cfM0(0}uB<84Yerh4?_L|dKze4P>(h8BS%^kJ zG(Q@eMh}$JIIz?`7Oz#UHBzxw=^mf@FHW<2=YHk#*V~p0Nuiet{O(rP)D-g*ZhL+9 z%Ny7nVzD%6vyzn?8JreH(>+mOr0$3Uz02S5(-Ms~O<^zvz7T~*^;K~rGujEbzNwCB$yHD1%cZ;{e3Q5CDn6`b z8!MJBUXWs<*Px6j(r!t4lM=-~k zV_(#1%PmosiIdG>K^yI#I#G`I+q9{F+6qIA*6K+LBAI<=Fn^k!qU1Uf?wR=Nmid6+ zSGXfLt2duzA|qiVp}t!sw0e(%p&oiY7#BZ|#Mwqggf46MI9xolT4J8pKHrf*mNfI|R%oA4Z2w)g#vZdanl18mS5gH;$|w`z+8i+CV(j$zUgTl&2E^z* z@woA-W4iyYHdO;|pcoxU*uN;~m{6=*-}uuZ%X3RW2ee{%-C)zy05(5EbC@rQa9K&v zZ}|+CbpOs~#SrggJgV>yOL$9P06xAq(GZfOn}*Z5zSlpnTQvQG3z!m2;B{GWtmuk6 zFp9BUcXql*-$22<5tV*_hSmBT+;1u5kNJ^zEZB(IQQyq+*6kn~<+&(>u6G1u8Z4ZU z>n~I6^$iOk8ITarvLOI0L^VyzGtqkaNAet7+qo zKaf`lY8|f4>9#q+lurka$ZP$W-E+e`m|!Euakfm&;u+2kcRsf_=-w)APve8(*jJyD z;{4vajHGQbOwXa1{vI`4_~>SR@9LK!^k!GP^5Vt}OUg?DCns=yA|MTj1R z&IAf2qX*wWB6bAU&(!0$5L{3lT8=RUb4{#KpJn)9>uXD|J|A~_;AHcVcRM>6@;|DX zco6tRReu7v(eD0Td&Yk|2-mf>?`fagSC&2to$a_y;P#)7Ud!c&fQoW?SIGWiQSsX! z!>t)$Ap!}`Y8?`|Qrr|M8(;mcWZ`6$KK3!JUzD3iThr5@cHa#==Q~@mwVj_k*O1*D zW9lhZ5w?#+4aq8jP3+UAKZFNU5;P_!{UxZ-2rP3^G17uN#pa!k;7WncV14j@YG>NH zN_OE?Yal=nYf>e$ICUB;&N8R-*P4n$oPOa*zyzvTxkHV#HS4|~Q22kcZqt_f;raA~3=)nP zcbCzG!?2JYBB0_zc;iFN2;Z;<4eJK4tyPUWA&hySju}t6-4(}NLJ*3BeudNQxk3qv zkLksOnbyOpN7QpeJ$-49^Tj&0h6i^#KV8C(Od*8vFnJfk4TzeXw2WPEj(vKEK41^E zlaS3D$YRWK%U@fdir33i;WO5Yjmn`D8#QeX6_X|dRg2{eaerW&2LAflE412##Geg5 zW%8pAOl1s|Y&ZF{JoIj3{B&L^5+V#1?nVjekPv$%Us`_kxR7>Y*!@J9jh<7z4%Yf1 zVH39CurKD<)ZO!EbZ_3EnFp_Rld;nEZDt}dK+{Tbzq_7fx9aM2T#}+7 ztTe^-@D)WJ@|s{zP!9?|Gfr0&|T5ApI^$t$y+ z>e$e){sVhp<9Dl^=cK{wtdOlp!t$A0(61mgE_+C$Ct||@{cO%mqoOGMQW)rAd3xYb zSjdDLJG2~C5<8F$5^dl>b_|{q+ ze)bpuZQ^%!%-+t*;-p!J9GnG1HnHqQG#XGq`u=o9C30vbeVs|@7;0$@;9>TsK}&~3cxpP%7UH-RgQIuK zR0P4Y1EkW)T4Zr;KSnIebM4l|6cyKKlA{o<`T5kh_`8YOU87L&HH7^$Mg_ExSuhvg8@XcN-r)yL_<_sPj^M~@D< z8rjO155+MQ3uXo5wm-6lJ-)?3;Hx^0M=8OWDZpS(czaD9F^pLqVAiig1k@?vhFW5J z^ocXkN*g#B>@fl^wIhQ{?hm0?l@kxKWnBv9E=3V__+gzHk92bb)y)y04=4E-P zMt?+-z?i#>a`J5;itqIJMVEJ>C!j5ya=+t>&F#-YK%aSIuF7NEtc5?dR))h6)0g`9WrZ z7H=b3&OM4PW|ko~{?c ziKqUDw8+H#pFFwQ**O2(4VG#xrCUk9t}S{j0#y_wfMJvjyv3g-X5PY71B$j_z5Z>ogk)O_0|t9`zejPb}ye zy4lijRGM@h0o%~7FYw0@Uz!EhOH^BdXNKM0#qRqtAGyY+ZoYPqYGVyv)@lo75w%64W+=I6Ne7JJ4CxD|A|0=O!p9DElN{C+8+ z3u%nLe@d7)s=kKkLj{bFEi3O5hWwHhd?7c+*Q;vk3SYDslDkFA|M{&Cv6vy88#qq% zt$soln>9`oPZfD)oXH{UU>9~KmV)RUqZwWVAsu$sxD6^JKUbMEt+1B>d(!i!U(Ag1 z4?ktv&n9ARlA1WG*|WHuk>w)~SIVWHKT*pr82hEB_cUjXdvYn*@zP0jUF)$m-uyFX z3tQT8s)g@yHhQ3>fscZ%OsjOHTPXQFIi{&jt;xE$UJtH##4#&TLr9%a`mQ;wGV-W* zUqVp1*W%TtG5Rg@XS_L37Upy;dP~`1su)f_Na^a?M`arIp_PqNkp-*NcYi(iNmfB! z8Mi+Bjj0o$JJl&bUR#|`c*iaU&}aPo$sSh}1L3z~UV(t0dSp*R)0g@uKF zE|*!J!$zx&bm~d5Nf+Q4Sh6r=d8%YyJ7K3B6=~;+_-{P~cFQUjziGguhmR1xgQqAj zNYk*wjhIbLykR$kHkxJ7v1ya+5=jYjg8x&K%6#9Oc(*lLpbFtaMh zbRbQtkz1%0n;9k4h!%yb>mcJfh=a*gobB&^q5HTB89_>SX;*y3w;( zuGCZcEeZr;nIj&p>7}pQz zozppOXo^#{P4NDrT*i19R~DZMkIb$SNoBWsH5R#PDttygXu;b`703<23{7(}{pnS_xBCJH4KhDW zaK~$}Ts>~c?b+6aCr^Ie8RkqE{p7ZUhy*Uc6sA!PB_Gi)M*YJf#tuXAtT$-JiYA8M zp2VmqZI}x5Y<{xk7o%U~Q+#UL@s}fj8MwEii1>MkD4^16vb-(mAZZ$~5k{CoO(sEr z0xy`~@S_Lsw=OQv@4FYL*4)@zoA5zlw>MzJ&FuHS!)jI3=qpw6T}nN1V>H*i(M8kX zULAj?4R03A>pg;#(J)hLVmC`DBO6NgZ3xfn#bd^?EkxW^Yr(AcjV~611o&*{1JdYJT}=>R~Nf3 z&qz@6B0wRyb=EIKi!>g;;CW{G)7pTk3>m3~GVOP^*OXkX^uL_H8}jmI*DtFtV_gIo zc2y&74nj#_UxXTAp&|?{zQ5d1qOnW#sB|U-_g}UCc(b^(bmKq_P8xc+f|%J&SE;!1 z3-8$rCFB+0nq4u$^s;tA319si*)P?gwC0_0JGUFl^V+BUf9Eo0F82TLFW&#}P&6ak|2q`T%)$C!^D4J=bZYT_Xk-Gt#snLf z)sm3~U_Ugnz>WVyBLf?mp@YVG0UKqH|9JOXtZ|FWT*Tsu3KlZ(;cV>i5m7pnke*>f zaN5oAkYqm02vxo*g(JPJwF5Nv6BDc&l)-1&#Y=7r-Hy!1|8f-yOMF2PCZJS)hu`B@D&OL#2b=vJ;)f{}YJQVwK(IbOFruuE_|PL@ zR!XuRgWKBGsM2t5Lk2yZvWw+5t>lN~XI!yO2kl@-A;f-Twkk9{qHR`E#-=?XU+Rx+ z3lXE28$@SUT1R|oLa9{9H=``wtIPTwX&4!8(C#ZvE_qBn#z^L*HwrfxUxG2*iT0^? zly9j*g;A9kC3C8i36mTqEeB35lCpR_CZgsHR@a-cp?u7&3U@#Q3mf_MiiAzv`g;&l zIhkEf3W+VdI-sDrnZ~}NxI;Q}gE~2~ybe6PjgFB2&kvubbWzmRj=j7bTU@-zF6IWV zzNv)%xWt2yx>aqIRuqD!4@Gqc^N$aG_+^DC=q03itE_?b{^1S~04cK~{Dv#q^%pWy zTMh&$mmzJK7pJGl7`P&eYfzjAQ$>`b2cX>u=Z<`xKK zzX4C}O@_UnT^vo{7<2l(4&U$HOy5mr?giav8u;tq4BoyU{k!2}WT@Tlaw80>_K`Mu75p5;U8utmr?maH(J|wqx2GwvoyX_X&1WI!`|F_6e+Qqx z(?2~e?1}HTbI<_MpU3AbXg#>nFzBw#xV|2I7dZIM*b*LD@mG1^aPRv<%ccQhSnsC) zFM&SouZPdU&y8Gz9=y0(|15n!f7u1qCVJi@UVI~?B(fhT*a^3(j=#CS?e?JT#qoJP zS!`&lJK$ATeU2xDb0Q8H{Mg;`$>`pvY?GPc7 zF;u2;b0HsNNVi&Z2? zX4UK)8R(m(vFvfs-+uzcfB4b=9 zvt1GD^CTQWSCC*Ea73T6jgWCbiD%Jih67B`myt0R8_k9>&(9E07aRM|7I%o6ui5$U zRarbJO`SJzB-+>*7vy5lX)FMa8#orwFyyV}^&6FQBO^VOOlK0vx9($4@0PFM2I~CY&sLupBM)$@Ghjg7vVU@Xs8wdb{*4vD4+SzBN8p3lvBERy_~r zjlXhb-gM_r68U2v5>&2J&gCL}4+V4NM2dGO)3R-M3kS?5$|yIkyW7-N$3J2KEfR6(B&4T$-AWoR-YP$zao$j}Io?iE;B#NMxu z)q;E{I_E2V$(Y+xB9-+)G!%-KwSbBDN(zM> zHe~1m%tUg*YDOK>V*SLY5CvKH6gH-^2E%9Xf)hxV<1tU9dmjf_)f+p#lk_+MEBnX+ z?=*TAS7VG>Maw2*|2?->yI}XBduBero?n>l+8++(tlg@`&(wRValEJ0h=Ge>H4>Xp zo8K|aC_eW|xPmRJ9ESJ@;nQG=!ah?)6>Mre#x}8$LT#J#K=C8ZsEMe{QQ)>CZ!Yw^ zXlf`cV zlaPkK-2P(cOMJBfj*h9n1^mkUtJ}ms0U6-Bn#csBs(mZB;DuwdjL?FqZQDJY8eKtd z(}7 zJQlAhUyhzi-qZ5`=O|`)CN}Ir1NKI*eb6s{rta1_QyZSQ@lRX$oFAn+N)_wVuY7yK z*-gT%gu`|@l5k}cNUV9UQo}A*hw3nVWI405cvsM`0;z{OOMvbp`rA_YNl~kY-YVa* zTp_60kerQC8K5;ITZ>*f^-<+-F?y6od^10G8*DIim@FK6vT$0w>}%$m%@=`oL)N}p z=@Hsc-ShQOT0B7YqPGI8DJ9gZb-A!5!95BBVHaQNEj9$LWSW*A0DGxgqv6x`)*RO~ ztJycxbiQPmU=N0rqc;Mg_#hbf&(jIwsI+0!aMy1+PTQLiAb>1umD?XM_Bftq2viL) zpyNP*h&fn6Y-d&S_bvsJhKg`8IY0wl7)eN4RxjXrCK3XLISuxsg{FQROGC?8iFe(2_gTKso2?CMuwJ#4Lg>hh6`@3Ep`|_WNFp zU**R{a`T{3m-pAs3LigDwzT$y9}YB2Tpx8nj!=oMLGc1hgmaL^ElyG%5=A8siIN`= z1_mrKI35xN}Y#-T@4Dz5me$OOHzXsaG0=+n)`V9-Firbd5$Vp9@CD+#4Z!cH^_jX56B9q7PbB?=`rU0b( zam*g>m*O;7SEZmeJfhOJ&qkLv7MX_Tl=PhU8rHXE0^=D0S1Z*z{w&R*YE*jIO@P;z1 z5{sl*!z!hM=B_z4f*lGo+m*TPyY&gLOSXb6sQ=wz7?9qUjN7kh`RO=Zx{X*~`gB~y z^x@g25n&5(rIeYy6+R(<&3Yq-0EDft`zLEAlok#|9Em}a5DaDi20{p~u$fer_8>*9 zw{N1!K*ia0PIE33&)xD=oR0t1Lu0>D7Ki9Mq?gxqP7LzTciC2=R`fxGm6DzC{uB6A zD^H;e(luAGW1a=lv^P6wr?PxCmbd#Ih(=j@3m)0%tmWN=er3(4&T}#VzykzFW1$0p zb_C(pBw5L#gYhU-(@W*pR-DsH1k81Z**zS;8M9q$mQ+mfu}-O+XI!0)X69-o4!bmX zr#u;TL^TWRv<%nCsq%M^X1Jt+(fH!$MX$0m6+8sebWwA_ZYUWz_rT+qMge5GSW1Bm z7PR7ME}3G>>r^}f0+DT`!ga8YL-M<0Ybl^atzRuP73_~uvCGVnmKB7cYX$2rcA5oL zUm3urmv)+?pKdzq)@wE7&J>0htOlf>K_w!`kh30Ytd%5@MaNW@0Vvjo6iEHLjK1VH z&=f%vqd;K1eX`)wVV;9fFO0A53&x}D0U@Ni4MtQ3mXlV|j6zsu1`wp7Ih!o<`@?mm zeKNwD*8Ii0WGue@g%K7o1l-Of1fbJ=E{+MnF3~3=5m&@Uq;vaHZc#~pUxT(r9395~ zIbJ8T+V@U<^`RsxKIZN?6XNpy2{)=mghwzk8uK#RsG__Yh*M^;O>&5uwg+Sp zP;P=1ho5=-FOCNH1Y1#;@n$g3%2Ii+7(o|@E1vbE@Dw6~^5ff17lJXu(4s-`OHsn_ zZor%2sP-!!A2aclKTXk=Ff^FN%X8!5)M^+ZNd$lB;foKqd_&*j+2^~D$3l$TOPop;tP6XoELg6+%0#a7Yc(Kp}! zb`615bQTPSyWE=*JvYS4!wd3*^T^)}6htCvY%k#U>sd=S+C{`*t?Zz|{OYOD@o$_F zp54TSCg2MRD>+-v1O->T`jPv;Djx9UZDVBJBE~~S4`-3Bj{YI~VPcV%G8-|C_#eBW z2IYXSiPblIUQom5{PVF9n0hi+qyZIuDBoG_>f=1g*TFpu&=rJ!NQV`rto(x8{e@Y> zNv%8E@;9extV-g&DV_B3fqph88LeesP;dAPjjvlfC~nv$_*_w4h=I#IMdYCkFDWi#3m3jcf#SR2M*+^52` zj!h;&Ema?mx^4#ckQsyFqq5rW+&=TUAhhCwC?O#YQWF{tpq-AC_eJ>S6rbwUKQkcJgxhKAM;kazFZ-n6*kpBrRf;DlFGCuJBIt6q*yCzRGH4_+CpGaRj@ z4V3_4{)+G2k6+y}MjpoC^eArXqMfS{TmgP;_rxnc(!{2Ssm?5E%(#biNsyy^jfL+%e{=G3l8S-m`7*JPBXPH5*1+^VAp$e| z0FEcUDz_bF%sa>#d}%yOUnu8Ty__1OBTP(aw`L=`d@}6zu{oUZ@yaM>i=~8+l;WDq z{Cxb}hu$y<9iq=Qjk9x42sU;l0~q)0 zuoyFl1|k9#sgW0<1<6z?Q#`_%&piwY5M7E@Q78yo!m8{6!XTob7f1U+R8U9Zz>U&D ztvpsByno>;CNXb#;cHS9f(m@%NP;}IzC=(goZ4c)u~GQLF+#5n@}nSI--=j8RC9?R zsbB)Mw@NiF!eQS79!#~|qhX)pp+HuHgfFg`CJ?;akIDsJWX|bz2@CGuCBgbk;+m#s z9>ELj9ld^kGCuI5)Iqn&%woYl(M*2E_;~fQGREa*{E$iRBQBtF0T4X0Jej4pmuDMS zSBGb3O>Sj|c^`T2O|eMPuxN&JkOSwKNSkgU_w47tjciE`OPz&?z9)OMvT{*yNkzq+9+( zjFH2H-P3;ANVdl;X7g&x7tg>}-2(x5cdkZ@^|3-_;P$aht~+<+0O&|7(6vlwPZuY% zJ3YLcv89Lxy;J{25qo{SyF%3TEY=NMFNmrpfPq^{vN&`Y;7r)lNMc`kI<4TK>5CFU zK-ftNtXsdM39tQd1?0KYt1f79W!?Bf)Hncbnhz{mKLO0r@f2OpY}jDx`!cq%fCg1M zc6|RY*SnXSqlHU*=Il**3U|!astZNC4uIp{bL0QKfqOoLKcuaG@YF(w#MG4n z(U6_2S#|@jv@vPpmx$3;D5aGGjH5Ra(i62h8e)Qo-~{B#SZ?C+VscRKNoRDF$TO?V>hGf5RkXKvr zNTVs^*Gx~ILxq^>Ce+EbGQuuijr2~fYz?SMCeD)EanEyOY*T1Sv{1`8rI~f5ShvE; z!JM$8cdnK_FGTfM$BHiF&EMe6>-oh_uNjFcuYaS#H0T{*s1|OR7>GzY79n2;E*Nz z;w|#HG3Swiwxp33G;v-h3mzK(7yrl91GA*umwzL}=G~Hj?(XDpeZgl)imZ|%CK0g{ z97-U6H?sJV*uY_Izq@4`ub0R| zWNN_;;u%frl{dV&CXS^UC~+B&pJyhv1n3&62gyp>gi#(o@z5MTldbsP0OgICAAy3n z+*hO$q30A$SopFb4Hb>x52H|QPq=0p9)d6h$3QJk{GTs1XBlxaI7u`(`;~AbUNg_) zy;f6l7t2Z`hp(QU{LA!4&nx~aPCmah;(baga>?7ooJM4j@6_}Prw+E_r^+fIApb88 zuVnhM(ypcqYB&gS97v`m%g!av1NDYWfu>-m?rKVj0O?j6MXQ#FB#EyIsszCht~c6O zymkt%E_|yjT`YYCyV_-FRHmZ!prn=rP$B)O)cEIG9+3Nh#ag=Bppcp=(%C^_=5Hp6 zWf{E~&cos+lzjt@TOYH}vh`GI)9Mu+spu8yXTan@yKbWXVb7(^&nR^h+FkTVTe&X| zdDLd*Rbhd^%ILh##XV~VVPy0Iy}*XUidBDmGgouMtxUZBZh*noWmo~htE`JB{_PA_ zM{>a~kS1Wea7{soEcqpk?Y%Z-WATy!nt$aoY#d@`l7Zvhx6L3$;NJrJ0n$2A*ad$( zHwRDp_w8R4**dUm_T z?t3QMm#_!gcB8x>Dzbd%T;t-0=JN~xoLn~JSe%z0r9VS)LpQ)c2S10sVa1;8@6u4nE4 z7}166Bx>7dvMxMH@5MCHL4R9If@yu|mPEs&+ZSjPWLiw}OkR;(Prdx@+Fef{(#gel zOKaB_+fJBFKeIsNb7)&`PMDZnP*F2121=MdnLXH8`y5QWWoRr7+o4#B4Y-m}k3y40 zGV0m#7AR=ddTNQnVW+xRogIVw_}jFU@(Lq4>y-K=0kbj*fdpdeG|AT@+*c{mf!2Ps zmaR#_2n%zm%b5)8T9**T2Oy8!9}VEL3UYsdjdzn-*-no59d& zJ@oUBzKIZn>IUJ`I&OG}L2ws^z$}}(Usv9njak%M+#IKuhs?*^0^99~FuMTJpBJ`G zSPG@J3&XR8VZ*lk8F6ts8Qkog^FITp`Ea*36N+`Ic3g61$GE>IZ85JP!7@?O_SFyo zYL!m(xmN090$+HFv56j3-=9I)HOsr5pN5tujX#5}l>fY6;Szn(Xm>>84NWAW?y!?G zLe|{UL~o#Ph|6%Xql3uC9z#zHz*G64Rx^>@Q4xQ0!hO|kHR|LK^*}hU3Ws`Qgc9JSxi=N*wz+WGowpF8OCH8ttHs(U?sUAc9+yED3F%!#``IS7N*b*s+MOZy39 z=Wxv9@0>PUxo@j;GC>eirC`JLglb{NLW!<#p9}_17LDT7FO9d+s(*bRMMZ_8XH&*hQxrQ`mw@Udk3)HHJ4=;t(k{di7|3&I0vG1Vc4kuBnTPSMP_Gv81X~%T*+V{1fez z(3|OE=cO>^s$WRBq!+e?n3-4D?H{T&C5SglYLbMO;SB2`6J97J)zV&)=}}Nl(L_V3 zr4zYYOWS9}n!GJt-n2=?+iYpM5?#C9wH51iveta&g;$~-3{_H@4x;t{On#}Ar_u$&4^T~tP?l=JjZCf&Y}7jZek2RT_V9m5F=Z|L_LGm5x1Bivy@ z)duXNr+(j8ep%RgwmVvl!we)C6mvT*_laae)ix<)Id+xx^f`P3NPvBGQ#Vb@Yo{wx zX}eo^gWZtUXLFRWWd*LDH}-9bNb|87LAE`!i)IU&K!V|7m@dib(|dP?ckgK&v-F_) z^@^a_QY9M^8e7$z;2-;IkViB+jZ{+Xou}51(vpS{;crkTdm*jE%B~6sq-J=g+S;2bU>h5Zc+oSj%I=JXJxBBn=rJ?V-a zPdu>(=upt=R&z#>*fGd#29l;>o@*6&I6^t@~G^NWpUx$=F6>yQn!`-W4kR;qz#^(I|E z`6%xQ)e)3&EOjSK(@(lhHZc$afqF0kL*K(`>wwgja5FZRrSqD|%+0<%oX@b!v5eoSQ0%jVYh} zaemHn;hSKRL=110=4ggvFIX9q&-!F+&AwM-%xaAHUkd3o3DzZxexl0z+c`5UJyAA7 zwPL3pu9TnN?R--;YPQI3n-d~MoOG5o&AVi7YIB)N3GLxHlP&4#$g9zxe)}{$1Z$6a zc+Omo*I6!_)fDug+CLTAv6(OhX8EO?Fd0%@WZ z&gIhleeHobGtwBfT><-(kDz&!Lb)7LYPdjAD1u!JygF0(i!wCKh?pCc^`##9NCwkMtW7$FvyeW# zJc=13_*Il=h77oCOl)M^Y9%bip1`R##|)Mt&mP}q$P@^0YeuggXsown>ss+Kg@@bF{W z>xkW{|yg*$xUov`dz#2Z@e|Fp<9}#FNvqV@IvE zQ-TM_R%j!J2ijrW!JdYGD9krWThJNpmuvsR{EvaxbL@te&bZG{%W&yFmff}pW#|X( zZli?2e^j9h*a0ue(5z7848MH%31?s1{|-5NxAEmKT1B6~J3jGcbhVaGWW6k3Wb<|L z1&lR!D8&gp#bb<}NeK^pW zF&(Vz>#(khzkG&94vNMavrE^Pb0>e$6)f`VO+Obaf8YTug$2{!cExCgqZ+J6vAz0K;XXFla}@R%40yfq)MpnEURQ-yqk5fRcp z{fF9(@&9P0{l8+v7+L-oHjMNCgJ|{tz=pll%o=~>6Dt;q0EzkQ>^2JkgUI5oV+Am- zELxl!zXFkbJ$-R>tpCa4xFcE1nT$$fUjC&zNkpQwks^nnNEIV#+-9(*^RM7gB>af~ zN-QJOT5LnmDC$e2Ii*6C7sf-Q`HvGyQ^g4=j;gNhq{Kfp#%5nM%K@1xmssV^d+XW; zh-Cc%TpAa%B#_?F*Ptll90HK2jPK(_Asd#ue3FY2Nc8)RESa(Y{UwKFhPYwc0hhcpg}NGB_0rRI&q`1d zmmQ_B^NJj$I>nnjI*{!T?tVoXYnmaB%|<>wpSHb8mOxo2R;;i1}MZCoA}K_a$3(XZUi6KVN3+6*Tuy9Scq#9!UypNw`=1y{&s zNB_A4?#N74*GxJU`~cwBej+xrU4Vy2&{cE}Nc(w$KqXf*|KzbII3)ozb@;wU=7_L%Rj&n$BQ~3(KvR! z8$b|d+l76FhToYi6xeF;1-_rJb5rJfl$~3Kd|pU)-CEsV$aMGJ@83s(KN#Jbcw633YZFoIHCz4cl5uw5&7Ivo zA68m=xs|?NFKS}$nH81Doybd(i;y=V&qPjixKEr2+r#HY9nkx9LEI2G|K|DaG^%{>jMF*&fqh;59++DxBmbqa*qqA!b4r{{Pf-1;3RVC9% zwWeUsjP$occV|ip*sSXh^G~5S3ww}Ysa`J;a(Ez&HTY`Mm7MK#ZP=oTmP6$o0Z+_< ziP|_9N@mTO849dpw=gXz+uXWuDg2ok)I;Y2)eFR(VQEiNrlpL83iozYrVqx=&5c=a zr0vrr7gEQ@US26UJZ#%wqv_KySQ{<;~9-lWQ}paFS}(*;n@(P8V7mXhEBj(t z3jpPuJuf|)0(5+{F&+>ujcH`#7OOA9Xa9abq7%{8(w+K-|A8f!CBv7sYqjV#uMn+(*fq_qox(SENijP z2T;T9vfFZit@^${x^R-C_rb^q{@F!4a9B>`mUZ-yYjq^><;f)g5|~1#=Idi36DoMz z5PRS`6rRqg6ttvF3#?I1F2#nc06?(d~~e1 z-<(7vuSI+;>ZSJ(2yXqAXWe1V)#0b$MimWX^^z|+|K9&oQqHPEG58ZVM3Zpd-Gs_n z>bTaT!E-^+%_;qiVphVWQK#-f4%1V3f4y2g#L>cjv)+PHM@%@j)s#MIWc$GtbMuV0 zbH!~|^L=%HIQO&J(XV`8^1Pj6^3c%Y3c2JRzt`eIarXFf<4nJQ zKZ_hJ^Xw6##ZW5g?qkR)iK!MyxIx}_;Eh^UGOu1D+jPz@)O)j z{9sG{y8>f53g2bHW!4x-QiZXGs`h2XVn)3?IlwWIo;w+*uqKo&$aZjQS*97_bDs>c z07w*aoAE^(3x-JR64b;^yWa*>vP_*OrAQSl=VT+x1l)%d2A$)3N?y-vZ( zsWFzGHq~0fcy3^A`;;*uG~uAvuwfMx?Ep#RU4j<$Bn9;%`0RS>@}o@`0R)SkcspQ7 zL}FYeX@n{E>o}u*P&g9pMMAt8?OX{Yb1cOW`QBOyOH=>aHgu!gr5^v!&Ha1E_r)3m zg?xRiDCW{F%dulN$TBy*ny8Crb@+1@%kZJgF zkcpqijDq+qyyl}-$Z1(?o?O{n3EYly{bg~GO8Cfyd}Iv|Mei9;E7T2+&FMhJ$vX7@XMr)o)R3C3{U39pLSt6>LU>}oI*Aq{T^B+riu zxHSu!sPWn2d==^n>gXm75wR*_CpyiV(L&WCCT&nhS{q=-%=p#<@OUBfkS8`m%B}1FuyQzZJMFlDyB?2ThdE?><&g8zi znMKyfv@_*mmr`b6@#4-QLKGi!v4}FF)=uyc8_RK_%V!$h!OJ|J)!D)~1R^~3YjDS2 z=#?>79ePB?DQ@*?%_!IrajnBqo}8_4E$^_=RX#rw__A(@%l2vdtbwxf1LqZXm9@4g zd=-HhSdxRHvvboDFEoaEOe9NVCpT>=p6bOTc?RrgZjb{;TCm^Hb4`xtsG0K%F zE94$Rs-l`G*UJ6Hu3-X(*yrgtb&X*_=};lKY-cx1>jP@g1$c=+@c?)ID43hDn8)va z?~xnU*Kfyh`=luCqxz2nyzSQ!eZ)@B8pHvj`LNM@#jX?UmtIU|@xGQvy^TiOql$}WCr=uj5htmC!Z~nJyaSWC;%U>YmoSN$ydv zd$V`>yGz=UT+QoSU-3SN7&W>dE|zjmLa?*6P7LR;&WG25D}x%U$C>6yB2cZs5M_nOVcO>y074 zRKMo8%r^}`br7&>=5srY8{T4rJK>0M9RQbZ&YZ@9r8?@q(qVR3Yb6sgOcB!_VeFf2 z3jqZsaFDxEd{2bZ9_pRw-ljF$>_2Ba25|#ZGqVp(VfYC-Y8!?P% zrY*5!H>!nP<^jPtrGeM1rz%xgSlTZS#p8DN0i1p&sbqWiVx!a#)LNFes(u+yP#g!L zm4SL@iUGwsiy&^hohK|?%U`wcA6`gKr^tq%XTiwNlh_wnH0x9SxP})9uC0K>G_j7^ zB!n=dn6Ah)`rFlf0rVsYhJlw->pj#RmVpk z>bP~FQscbZx6#~g@T2<^FN|{LmMOMm(%CqR>}w-dJ}ps6l)*Xv`(2SVB~8+we`K1m zSl-*n8c)sZH|!k-Osae~iBBR#-=VfJKN5s;nv8xk95*nDMrCNU?2fH4>XNPk?)=c~ zdsbllc+!^OL=tXEg(TTtii~ShIg$e<$y5@}f2o~PFfL?Urw-Mao)(Z%M8M&B zOC?^r4ZmQGi`%ts+!6W*=Zv3wbDzI%3`v4xi48kMbBiyQ=*CKt#3}}-bg4XuKpFwI zQFFq5HX7FpC9BY5VMWq_8lt`-oA!Xnj5Sf>1j!v+wQyKp#r68-$Oro-bP$UM!FFqRvA5;I}M?}MDF z#%8~FY;-2|iw;S@%pq=OL^_fO*f41ZME(+GPo!}~_c4*4NTX=RC_8dd zXBr-w!WA$G?_uITmYKx?7UhUPQhhhdC7pMRK{!|1d36jOSgwgD*}2j zuPB<*azu@>vl6WmU7EJ*DviDJl{?W)g?$MjPOew*!n?OwwUJ)n{^wf@PBDt=^u`iH zAK7$QSs?@rAy=BA5yRkArvxwD)vqlp8dbwNY*uDEPv~Ds{JPcmyM%I$Ty8mvckB68LUD6N zBLINQBpuFgMrg{jTl>k*hC~fFnA^XN7Ai)~!otb<{e{9zjcmV~|Akxo7ffD_&=AQO zPTWL05qjZ(o&oZaIVwL?F-ou<+ILxSJu0=GF)|xBX>#By<`hG$hzcXX5qeXQVR)EN zOb79@d{c1r5;tfZj?)uk=Kiy~x&&np20?X*1c<#Im2OC}j-#>E(v7Z&3+%`PaBt`Q z`;7%E>)(tw2pE9XZD$txPXif5D$DQWJpsZ)T6(eu|2OFzRj~TQu>!1y)@1#r>-N^D z+qdJ=rz7IJBUIY1p(kTw_KN5x@!7p&IW-|H#bum=Re)0pReK{G51VxW^&Wltn{W_* zD^mAwDv{y!GzZcf6seUzYcC^BHlyF)3iO*bR&e40<3GTdQU2BcsZe2M`41RAMvnis z?$D5y?Vo)Pr0*R4y|`klS&4d*jh7fniP$Pxvp9wp7uF6@4*|$(*3codKWqAaw9-tk zA?U*8*TP1|((*0sxvA}>#v*MG=LRkwt$pWc)%s-Yxi?+CkO~yRCo+0C_yqzGBk+_+ zgBg?AH`Vf9J@URzJktooc#qUMeAUMrBG2!O@S7b=HXX^9ct>|ssxkJVNtyii5RF4{ zl#D?DpvjyKM^i65b3v4QKjJ$UU9%ego;nj?J&Ie_;Fy6_&Mxtvftet>W+nvhrf%gz%9` z;kbR`^8A@;B@N9PPHowys0F59x-G_iBT^3a?xe=pb6r7RW(DbS_0GOP93l zpr}_!e7j$Ua`Fkq0}(H%Fd9p=1}yr}D&nkfVLGg3bez?7Lt+zp)f+b3*N%-Zm# z+2kGsDpVFkAW-UWVPu1Cfd_1s`c8IT^;8L?ep1zJK<6Hyu&)V9B4qR*M4=hLi;deC z6q5EIcp+cHm&qr^vy@BZ1N2o|y4c}V3FGNyXeRSbnq{3yP~g?*o6zEda>BMY&Nn3V zQ<*06)fX6~PQd;&>4;-LuuMNa(N3c`XLn15eC#x39nCv`R*1J@lWMOKZ;Fay7&C() z(;^q8h^J#$tw{1Pdscu?-~oBHB)Ce0pE@2ihjr(Z@5@@X2kLz zMk#qWC2%V`zL)zQMsX;+ZThSgGZ*2WKVg>SwfgprqnqCJe={`zfHkvpyaSrC53iOa zxgw(fYTo0EaX$g;O+F3a^G0sD`M?JNgeFm9$d^^&9r5mK)pF?CKgjIV6wovvyp8j0 zjAmq|=`P(i)DH!KXx7fqu2KrN<-#>sBrLTinFR^Vw_gMV2An=IzYFry;pTCG=D z)+!jS9EE{!O9r8pAm&*{rZF~Y3s6m{+Eyt=fs3YxX|0r~(pgu;Wsg%c!xurI4e~)E zm<_WR9C0Nac~-bj^RR1|LeSc!&EZF8EB(}~sJ!r-AkH|D>q}`dU;Ygn-yE7?*|4*D z5jEM-LYcyba5x^;M05jn{w}5=H`TI+L)#D&Ytlt1N4N5Akk#gJ50qLS*sV7UN9(R{ zAg@$bv?`wB(YyA#P9J$6e%@_nfM}HKd8C+3!4_5$+N|6kZ0-yTsm){l(byIyWHri4 z_L%uqo45?;o_s-s8)Ag9m_h(VfK?>XsnrNIK%$Bao)Aw~3iuZ{?6ae?&|G~<5thB;!6O2a*lMy) z96+als3BQZ#RxSJ8j^N*qCh$BRR%$JKqc*qjlU4es5)Fnhq^dNl+q<@%2xVN>alt1 zv_Th0@3@DUpCsZut({~;?g75M;E5;u1F-L|>h{-rMF8Vk(DxerFh3w!=RDdmSh~ED zps?zjL!fLTxJB7Y|Mkyj3sHcL8gVn)x+uQ!D7g5p6vQGjQZxpwbOjN7b;2@TCzrTd z#w#R}-X8Y^fohJRt}7~ZhjCULf1iUtk5Tz>os?ioNGX(Z{=lO%+Fl4D6i?5@^%%JE zslbCbMO7R)wQH$BGJ|!Y*xNi3+dnOJ-dO~j2;1r>o^(FHjxJn2etb4~)V~;8PgcY5 zpxlh|DoyEGoJZ@Lf5aW5*Y8Htg1Qso} z?eN14BE~==Bs`obfuiX7hOq|Y4(nnc+?j$0X|{=-!e)`ScNHbKotwH=d)qwC%$-%` z>=j3An2?{`{j1Z@*7dLipTDwDm|njY-<4WekRKMqOnR55o;g$~64~|ozXYH$11C6D z?hCiz@{e_ySex8ZSSQVF!Ua{mF(u;x^risS?jT?f7v=+K?Cbrg>JicscLk?3_Fj7hmbf2Hr0h20WL$b=6vIysn&qP0jGYFg4mqH3JNI$mMuHuWO77vxN7b z!+|`QJl{+>aXEO!ZUbYtu1uZW1ID<&g8G+60M^z3d4W17HP;yCXtN|RuG+Wn{`!sh zxA=UvJSWb%PKS<8b7#JUtp|I2KRr0txy>RU9z9AA@Q}o^Y97J^kq+U!JJhVfd?(|q zxY$Mohb~PK4@39CIsvcO(5R=2PMh)uW(9p?2fo+DLL!dW#{q;-a#|UQYBQHnLH8ta zD@!X=u$o>})!jlFSAImZ9Mlx|>%4RCjhXf19%RtE2H76fqb1etctPr6q)f_U*Dc$W z6V62471VozjjAQX9-ToDgiARS{obg(57Sp1#Z;rVSGvBr3f?)Y8qZ&ekrPHyeSZh0#3~_jJETW3O_*U-eXaoH4Xh2KV+29Fibjk&8U3dT0egUf!c9r(TyQgsbZNJ>~7@LE=__{C{b)S4rn$zLZ0Yp>Ru3~O| z9l&9;Iw<1qqc7fJ7zJ}zlR#+uK#ZH#!gKC$3yrF=$0o5^2B4|Y7f9E`u}hr=dX8=M z3|JP|_|fH`_3MZ^R@Q9840A~=I26}34DPN=8nF4?b?eHax|jP6EB;*zL)#;>L7t|L+!4cD)iY`&dQ8-KnEHacP%0l^EIRQgc6M{1W%Sz3VUb#ASmLV;I4^r>8FER z3~U1GSnBD|9PCV1c)3GBQU4*i*R?>;t96=AxGk!>_@yIRX6708!@i{aDU}8DS6^g?K=-N_=S>)tHSQl-aq5L|wV_)oLb$mi) zeK;G1e6%DF@z78*p24T`JCKC5t5n*i%#`a7y%z|Pe>2n{1xGD2X&q&U2QsBMPWtfq z)k!u#gs@7^MS4W?|9#nB+LzqEg}9C6`THP}Mw_Vl-XgpdE>dkiFjOmB#_@L+>Q)eC zgCOf#JBK-S=7V%eznMt6*KA9&#KTYTX$PxE>NX9TlR6*82=If<&-L(Zn zoI91_{&%J6ZO66y$N=2hqkB*brX!lX~d&x8bw zdihD>Islh_0yHzx5LX%8obrTyhCGScJQwihv1F`6apd99d5h_s_B9dta^k`*e(Bh&}0-sX!$?< z^`DTW(;W(|Hy{13CNpUR}Ek2$jyI2v6?J? z+zf!vaje_$sM`jFpd*~(sYDFDV<1Bu+3%!MAqqUQM6ZZ(93BxcxKv!Q9(iD%cG)N& z>8fZwe?2{}bh1!zD7UQFvA=4IE>CPv;u(Doeh){UVaud1xGwy7a=gFVXd$*OdCX(E z{JZi+CTM@y@+?5UMQUh!Djz?)Mgu3hw+HLRC9ZF_1wgW zl~f5AO}94;bk4 zte$wedJXJ7ILu>rM*C$(ck@*&^xmPWtfbV9uUtVaFC$qcj%3~~K@8ju=?=ENnsif$ zVnmW4mv2rm>C4X?j7i&b{I<5c!l+Nnsf|*qHxMh!+A>#G#GG0C8Jrm-dGvKIi6K?C zvAhi{qHyuOdH)*slHHb?&XG!)6hO~^)tF;p!zW=Wnm#VEL7`p5eUw^#=oZpI3Djdfye zq*ZLfDKMHSiv3GVy{=M#}oh8HymVJ5C9`v5~_KnUa4B_6JDMu2Kr*u%X>{?*Oa-at?L zfFA7dxs;~qr7MWFt@`p;;7JlAjBz5NXZJ!6Ewd-ohUg%=Y5(vR;N$66$;g*dP?e9+Vy}5%XMrG zWX<}0Hs38ryqOyYmbm@9iB8whHg3g*`p3}qNauk%Jp%hXsZ+Ae!m2O6qQ^}Q-dc|s zhf}=e4pwGNi6<>5D^q2INj`#nPx>XpwD#A$I_I1dZrJ%m-e+M(`Qiv=sh{2{g5I>)NWAl25Yxw?P@-#F9bYxkHnt zn>%nQX;C1ljzoz|{3ZE6Dd{ojl5zxTB`k6e81+4~pS30JJ<(a=M8Dt%!)`>~6yuAZ zsm*+||5R_W{_pB$GNyLs&K3lW%#8nSN9QYziP#M`l&ufy*5rWnz0Ae>A!i_v)BG5> zj9vwk7}~{D)hH?MuXjDZ!vq@-rkrSSU1#GAB#+#%lf<+EH{rs5-v<3QyxNzwJ(4*Svo-dac8}=dR;YLY2SC0-_s?0Sf^|rAj z{o^Ela+G5v5qPGUzEH?yd-B{KgvMZde8fH;)>C@^KT*Ml8c-$1L42~lnei6neKPGm z*K?Xxh^8DxD$i4DC`r?H0Sjl*NJ5G7@Ef*?ZTa%fBY%TP9Jv{YL8C{1W@XJ*Srrj5{?(w|*~5*?A2Ym!OL2F1`}(>UiCHm+e+nSv zppyd^Cc|PZS9$)rWS+z#To>bqfFW30u$vQn{aVyWVJdx$BqtO)@WV%$H8hBW4Ou*z z1vn(~2s^MO6Nf0nn(R4Iz#J>_wG&HZiF!7mq#p0y+YIhx7(g-i0u^zjP{~ZPRp<(M zTdr&<)8ix?!kI+C@lU}N!e@19Qxf)?KuR{eESMU`gHm+YQ?R+Q35Cq)_eZxulY>F4nGAeDWaK~d78 zu~AU=)poAgj0+=N#2R7%rUe#wOwCyzB3WM7FoihV9`GtFe}v!dk%1&8oo8BeW9&W$Wd~gYjlLE((c!>@n$(8AVwbwl8j8shls zKG-d~ic}LTl~x^A5WRXgSl}K2S<9cFOt4Rg_^^ zqz98T0>QV1Z%{1@(&Ro%08p1cY&I!t*x+>V7Kw?$`qo_uA5(Bg7i`~+AQSDLJd)q3 zM@$yUb0)?+x9;wYtAb%*^UsS4P7FW9n`bkU5Oz||0tFm`*wRJ}SBnd(kk$33gY!J= zkerM2ylolgUMln}^^ME*I!iNQ-ne7TH5aG-K%WE3gnX*h6~AX&e((5V_7Y4RJl)lJ zg6rZI_gv|;4OG=fht+PzSROh%p_94ZCU4Lw)p@2e^1!x>5{@#57J6n7fD+z9Lb&G; zqm=-E+#&jt^0w^}c8~)WH~=x_Q)MOd*L%TpYRYrPE_KhZsbO!1EvjW_TH^MU5bkgB z)-o?(?afB(BoK1t0TD-=#w|Gv0cs8@rOq{{d>DzC+t9H~l%rGtIPa>IYHF z7U7s#fK z1<5YR>z0FdLobDstDy`o<#U(PCm`z~1Ng_jFbC2x6T zC3(Dv1HeV^P{~}x+NR^#kTo)u%vF4$RT@sbP=n1x)I++Fb8ltN5%o7RP15yF0pVk- zZpCHNWmwCzn?;G<=34DIrat+u83oD;eyN>OqVZ@QK&HCW7t49^Su0h0UnfqhSV8wy zg7rFMX$&Pu#g>cJv*k=Sou}=Nmu(u3fDA<@4=ahK)F~^Bp<{2E%AEu-RmStGs5@d# z(vgv@i7u?>Ct;Me@hO38B1C>5Y(kDcH$cSyO2=M6sQ;xeqJlI3(@+bj#TwG`{&4s2 z?R8O)+9-!uF5i_t)_Puv+tHoEf;6df$<&A`pw=QzXIyfjOJ}^``p2QUtjG}b_D&Iv zSZFUa#!1l!fg%RMR5h8!;>T#kM_870xZR4?oY;Z5H2WFHg$!*1&xvM@wL;w(erbV%MiH>mM9Tqef#v=v-o*FPLjvVwjl+l z@ZK?hi=?&7#Gxgz@LDjTV8M{N?;4xA(c^cX$#H3!8L9%MH}kn{ zt28Sdv1jyfuB zLYgXL{pp2@?}iTic67e6a?ns`hdqV!7LA%7aO7703&Zb{8vUJsvnb(Tb=&1uKaxts zGQ>8-BE%<&#Z?F^5cYh>>X<*aS=I+Saap{J_>jLJ31R(<;kbQ^7+#j$+VuUhbJytk zd0M*g+u8JWb>p9UsnFYRY4Pj+nz%ZlxA@vG$GJl)?YG#?#5|XB&mB!9B(g9m@Xt2d zE~!}a-rD*;yUy%@Q+o-!xxU%%@_2JP-RZ{C_g%T*K&xPmqm1c7!Ro7!0XDL}PMUfY z_q+OlfX=1F>*Nd@f1{xpuChyTIW^8Ql{?_M6>vvgM*mxdPyF&{v9+L5CLXp8ye`6k zi(FGvh;hAeH6oNrb_nB)>BWRs8ONz7dNJ;xw#10HyOw+ni@@aCa}q20Xt;`%1F6Bk zq)Ny&rX$+=bq?4vAO-Wkjnk;RBxGQRha4~UhrCm$edBZgq((>G$qi)#?~4TxCIlR( z9nWkv_YrJmgp_s16Tw944fTorf5;;U?>XT}$_STa9sR{MOy#v~aAeTY$j>FRtl{I9 za8WC;I{PI-tSQj9hi+L9WYMUZC>O`ORCg`Ixz*1MN0||IY{d=N_Ru0LP)Kp4z)e6g zKqX6El7{YCfN9bwCPt-m#4u=Nm+3vKf7L)=l2G%BOf13VOvT4hr$cW-g2vdqnv#(( zUHmhP_^^>y>PN#9iOhr7+RYP1kJW2{IP(-l@1jA}bYC$lPmTM1-_A~QpvIA+k_ltE zCRiLWF+_6+QDnGe>dkTdB~as40M4kXge!wsz@$q-J&SVDSyOyPyg{Q=F(Jt45169c zPztw;2u`joD&3!~DLqhBnZWP=dRCMg=U5~|7R_=XLrrWu4!MnhmiAQoM?fL0RYRgt?c1(%e7Z0=pD?t_e7m9MC(4P{0j^sh@&_%UKJnD`~NbCqX zLW~rA*d&82$xl!Di2eb(CTETJZm4%mVVv!mEiG@{_;r_&j3hC=RI`Y4-+cHP{7OSb z(B_&5A-djH10YI>XjeWzNEPqFmT4eWkiVOIjB)^k)oQf&)kh*E9qufKbXy(|rBC`d zIUFdE4n?{)GOGqj)@f;%+>l(;5QplBYmWqd7q5+iGVj(q#UK$mGTT$JRB(&+&ZQ|8 z?kr{Z8OqxBEX4`-P3oZ{$cf+2<}D@9OyfrNXoalYb46`g$*HT>01Yor-M;$o28zFQC59)CrY)?Un|iu_M&$|Op|*=)7hg#waP&(iuL9(Dc{x(MdbQ)Bu2tHAUzTV3H+FvJm5D!tw(c9~97> zzN~bjX}CMx`L7e2a*0^lw-XYXq&`gCyauTvdg^aeG$^6gKBHsR=420ATzgs-Mh zbz@Qrv=LDDhj5WQ{j-#pCR+GWej4ba>b#3yl2H$d_H>u}U>-t~&Iv2!DKSZpo?j~& zXcTna{q{;>r~RIvbY0uZ{q|ulx6^lS5-gf>vy+)hPC~P++|rGJedfg#;n>D;{wk!1 zi#Ghpm)_)0kJgWSi+LJe>{u9Y)&S;Z&Dq|mW5q>oI8MZ7_c`a{F;CZOVHW+$s2@k=|vmTXMrSddUF_HVChI8#LiEBY}$1htbc2yk-U=z<2}xm3s4D zw^P5=i}hX4K$YzlM3j%e&@>$mbJfMs>Lk}l+_ zWn;dhVs7Y*&bKfNS-)a(Mzct@TfPu^d&yE(-MYrc(2yPjKF_B+@vTr^)OKI|aDN)O zJpTem^dyY%)^~3Zr_UpK^q~*uxXWPoy6uJ~i3lae3l8cydD24fV5##C&B(Tv zrve~DTpjP|c;7&EK~e5Ug}YOp$A6r?VHUE6K@ePZ7^El)vc;RBJ$rcN+vuz0r|4D| z-5Y@!L!}dbu-gmI^#w8EdjUcMO(tYIj{zb6mxu;0G#%Btdh(DDIQqeM-;o~mFGFJN9e`G>C3^@6YRjqvFmz*|=Wx_>@pj0nk zFI$fdQVWWD=S7&C7zZ)o?6fqrA{vbnClU?`lSxpjg2VH7E|=gn2L!)s(#yKsMe`jc#{R%O$~SNyD&k>4G{^ON zC+K5*VKA-f=Vi)e#`C>3kEl9h9MlPxmV%KlvbsnH1$Kov^rsjnkH>IcFTm}ibwr$;HyCz?j^Tc^Elez<$SdY749~=Ik;-9mBNq;1;>w&C=hb8XAU+d3sS}USHR$aFFO#=Rb^j0s>x(c=Nv!6J*&S0&&CbmD92qQfNb{Bv;T{l;YPmq5!y?9E55#R zD(YRtb%i;7pD2;n=ikwbGjGx7o8gbP|9N-ujAYD~wv6kh16PdP2upUs>34L|_1-R% zb|eyc9iB^flJG}}nR78&Twc*1UdZf;D@kHjaiL4$EpNvWp|tYv6>)AWr{lX(0d?d5 zu|);dOcKYjJuEE}4EEa_XL^(Dy@@-?f_|DxCWx`B&dP8@}xS3t2^ zo~{_AfA`3#sm~WS0_Nl}ASj0dn9hn^!M&8A(4(!_)uLIc*?sDxtsvvYIrmrxn8twD z_gXht9Rdf8-F*&Y9JT3Q5Up5ygJxrNu431ETClFcx2`mKt{|%7VyiYc*jb-^5O~{F zyCLajvH8fAu}Yqj3UvCq(92v2_WaWfNKm6yf*UPc?~*eD4Soh0yrXeN+^yG_VyeFe zVA&kPEo&f0vMDSsB;bvjN-pN9-CIG3U0F{;=iHFxT{QRAD3fG5CcVbj?Z(jTn3MK$ zs%74=wdTs}J~Br&6?KnLYs(#)Ek|3TaLWH;x+bX@BZ64dS}d^$8z9{;htynbP3RI=h2xi5(G#Ll79h-M;D|D{vl zED-=}elwTvQPqGRavzfabsTS!DP$iBOpk<1J_K+KM|UtKbfUZT#0rGM7n$>rr_0wR ztcdO5vb;{EG^PC*EFss8RJnnmX>?0xh(RKA`}Rp0p@ zoW}9}nCc4$?S2q`(&73qW76b0hhg=f|BJDA43aGFzBS9XZ6nLJZQHidWp>%6Tg#ja_zm>epbhTxPtC-8W_2+Zy45Y>@iA6^#B|- z{sqyojsjGx3qAm&M31J~i)}qd74axxh8w=L(eo3-uH@C5zD#^hM6{7^jY@IpY2K_Y$(A)hs36;mHA$}R zz9)51sr7i^@2-p(5k1&QIYIBX=(#0Z+);@^!zBZsB-I{?qjyN2Ae0>~-;RCUzC4DM z-dCD$VxgdGT97%H4{{L;tj1Grp*mVqAUd%89|(w0oKLNZDT8FCB6VqFkU;Pw-R`p* z@27!uT>fTg%%~z6(PN3UzQ65P75}!~7+BzN3RgVMb_IjeF0bb$+pKfVl1p}N$nrf3 zDm2nr1cBY$Jp6=ClxBH$ESa~y64pgCi(uv7i&z-7{-`GBlL@4ak2IMwO$o&^>a7@M zRIE)ht5db=H^$AK%RcB*ElC=X{Ch znBp!$3ERI?_iJz@cjN{q*Au_a1j@W6jA^KFcYTWav2C;A`{k*G29>$#6<9vy)RgtE zG_(*Zx-)OBF$x-^HH^~6B6UKmJqauL_j6!&_(IFIA0tC*B<1B|Q;Wq7G&kZTxA zRO_dHti&E@iGPAA*Q8i~Gk<~(K=ZNkW$j-{KDM5~9!s{ebIZIm9{b0a^ zZJHE-*FZx=XdKm0bs8_du6Te81G)iqyQn8os@jmk#Xxsw!C1-hHxN91qM+}Ql@)%i zB~2cZigRGWBN8ywM6kQjGK@$#Hey?a&g(H7p?m3Mz)#vfgf>*{3ydlO8A?;`CG4?k<(hJ`O4|iZEU{C$`xoqipgI z5~k;u56z+&SZ8=)71Kxp)jd}e)8(n-tv6X0AgM#3YeG4yz_c|xGLlZ;tV!?|7^Jfb zVu?kCw%_NQ8zN5%%Rcz1nkcpIfjCgSbZ4~} zY@>*bSDf*xX`i$1u8I1EBX2hW{}(sbCEysc39&C)U#Kib$KCEUKcJqTDJ>jQd2$tn z*RDqwg~FMvRU52m8aAMBlvw^)-6fg^dcIU$|8p@?h49rK7!NpiXAC^QW(kSUJI}7=H<6n$Ad6W5br@mI@3A2t-g38J1Uw9jV8Mt1ll`9HLHmN5>Jn zdZj)#m1YD>YsHY}^>M69{K&w04lo#Iqx-g9Xnyx32t@8jaQ7t9M=0Vy=gyhdZTx6) z#KO~mS59}Mt{;a&Ik|XMT0PKW3Fw$s-og zKb_~b@8RPQPK+J6@)W_DESpQJ!yTOfiMo=XK++9*#GlV}_EF><=a?pl##4MHMktVT zUxWZzj~WcV@BE}TaV&hDJe}G*`pbv0sW$c6W{<>CKl0$iEG}~ttN-cN{{;KvQ=Y88GeIg%XB`*gP)8$M0_wa2%~9#r`iPAatQx%>#U zYX~%dbyI*J2F-j#a^!y@4b~Lz_!j}nU6H|NzjQV?d_{!HYN4}#Yp{&g@i>l!q&mOA ztyB-ra2g(H$YJzw!w4&_U-YvJ>zLjaq9Q$gT4+#p9h zn8jyVb)jS7=b$i3?+|LYj9hu(_SxV@_-F1J{`qKTKt^%_D@$ABeXe|+9PND0-1`P5L8UJK4*&R8jllcv7%;_MMqS0T;2{8$ z3iAH|s9>?A2{w9PBcgPjOl3N{w}G8UrO#8eT(ALKS9); zja1@H{-%;>Rc##7Aw>`}(8<$iieL<>B!}!$KinBK!M`oW)UCf&X{_#$bu6OxQjNhFv95$Ytu`xtsfiFNTg1oC5E*HxkC2NdkmfIl~6^ zeWVf1fkU9EnZ2g{I(cZ-r^YQ{8^-LGO85T1)9F*#negDQdjip-69`enWIUkr)32sR~8;Y1x3b^Nu{oxFJ zoI?G332CJ+ZrnNQJUOz7A})YwEQT z9KPVYOftOpd*GT^$YT>qkg1KzU52cgj&FlJz@5GC&ySsfHNJemb%hn6}ELFxxrAIz-C4mpO4iJ`>_AFjspJv<2cQPr!ILrx;L zyGIXo1s&4q#ke7^((l#jM#V-=A@@YHZkHmrGPr4(#;+PM?s4MsvO8ERp}Wq-5e7b; z-VL5XW^pr^vkOSJ57KzB3NTioHUye|#92KB_!?@}2PzrTl}RL$3`aM{3i70K$^BtC zfvnP_$6XEizBj4ougA>uxu{tD#qb+FN{l-PbI2QU`7&!BP?u?zMjiXPnHdASPIjQ4 z?NY@~u2)1D4LAXhh_9RvV+XG0Fp3j;fAGs&O!4WZ$&)$#{S%S|^HzpVJK=-1=x*5E zdd`ZV9L_y8Ib~Jun}bH#7{h4avYXfrM2p4UfL=uzd^Q>f^nM^8;C5bl7+ z3_Sd+PIj4kVguihWAX`Ae~>eVPoi>gbu{Q|PI~7#;kaiu%{4eg_=v!+U|nrqBHx!= zz>rup9bCR%W(F>QPKiuk-qJHs5ATv=m)x2hBFtg%G`#nl6m1YhTR0|UerKRFPT=e1 z%%8@_b|MlgDoY@onVIWU{xC>v;_uhB^2`{5{>p{2Jo>IBkA!&XO1{!YIULVuxBE!c zWmf-MaWtLAAO0m@zt5|d_E{H7tB>0az1i$;;)!F@hJc%+$FW!BjoA3iEM+c2F@gDe zrG3@;Eo2Jb?zVP<-pt*_-G{x*7#Mo?c7|CWzVtob~YX**Vzjb5d zQlAW#9SRQ3C^q?DPE#$;QD#IL0iAB5ew89xUG^s0{(Gz@1&ODvcH6+vr3folhu_;l zp$V6kT}7j)=*PrHV<&Xb9zo`7${J_=SpmBRU!f+$kyzru$poNJ(D3KkVYsQr#|A}R z>6A`0VCRQ3+$X2jvQ^$=TF;h7M>7I?_^6k9K4v0fr?-dIVgBJF!MTXb0}1)5`A=pj zfGBy9fO!Ev@mm~=AF%RhedIK6D)UqMeA%BfRrqfiSOUk6rHIg#!>M9bTuIJ~@U|L?833ipD}x{2Rv%ZhVly>Dw} zNV@Dgq6Fs)1(>Y14-nhEhi0sx-iR2LE47^$>cfkHBo*n!X=V{3qV!3Y4aESn01Mr} zCcAZuJ@}-^c_Z6-+zj|0z90umCFK%v^uL)s1)clFjhpp%QPXBXx4Sb>)p5K_A@wweif9$K;PTCiJz4QH>7eVCHT}SGL-v(@ z)mseRR07FW#B`Rx`v9C3)PRZTK||<3L-3%&^s(rHuAMJYAu1n~4u=hNt1>Anu>5-ve@T)(>g6r0M_>p6)O zUP*v8)aXXtD2s1G_z*u9M7q(ev*0IO(U4Ih?;KL%zvE^+%u;78Im}OyEpv0U8fvKQ zrj&*3at8&>lj1DM+Pmq9;wLtZ7aJo`S4-4z;W@0t3q@0EUUU_hUKuIw)a)z`r3wr)9m=Y|F9*)lk@p zwwxl1$l#|*$xlv%v?kk!<|=mODgUY4c(kacrvSCeg@O6Pk(_XF^0|UR-g)KyAb|$m zhO)U4dNPIXHy~Rhhmhw0F$CPn5c%#RRt0AGCFaIF!xCVbAy+MRxI;f_k6+RpRoFGU z9`(lJ!N-9;80hmkQGbO+7MWpG{v6&-Q7vzM0MS^3yZ(kG7pHdr+DL$>E9{GLmNZYE z3mb-1?O8xJBTV^rojQ>|Z1ku3C3x8AWFb*_hn-T;$`Vb!;vbk?CzuZMYskNoH?{N+ z*>ZYn0%o>2C!O3p12^sh>sm3a-pwl&q+Y(i=N;aGi3vTeZ5>ZBp}{* z!udHWO|RoCaNYmCO=j(x0AquTSz_nqt`F-Q*s2(#??0$?cBcPG_~-nuMR>KgPEuhD zieIilf1zHpx+`eEmy3B9YN+QElk;_=srR z-M8b{%xIirwddNU&h(5I2x+7ykZ`LY7G(jnKGiPo){7|^dQ)7 zoWk#Oo+j!4v&h$u=v7`ZrC$mD<%dCTe)2lYIJWrtEQUt+V23t(cBN%f^~nlvu;`m= zsmnsGbD~xIN)!LD{0&>e%A5d1Cu}~QEv24~h~TcQTKy+I>qJ{xd4GN?lf&*>iYb^y zk>T+;vd*gwhW!(Gu>0AKU15;Uz<-cE%)ba>`j1AHnErwrmT2wuCrGts9Ny!8D_Ec4 zC6x}{gJ_;es}qnNyJA&SE+m?VeYi7NIiiEq3DCH|DGI2eEvi0oTP zm-^vzO!^)S*4>Dbcrxk!&Z63$cqLWT2j`ncBiSgrkWi}aPbhT!KL+0cCx-D|>Xp;t zD6%+%gYK=#g_|)PqdV}_;L%LzZQG>>#

Cj8d~oj~_5B zK6BhA@VB(xfZRN!I{yiL(>$((ckoa9E{0&dpm?30utlk{P7WF17OgteMUQwb2_*H& z@k#n1r<+pgq=ieP$*cU>LrTNAz zKMn;-fP}XKQKHdwn_HaU|FtGmP}C<2t1pFW#T7cdcw>WMzi4OfS_P?srTtRwea8j& zsMwwftKg{=EY`&D0qjg->SE3{hN>7V$bOtfy5S52vi9HJ*tK#Y+ZFg1pqtFgb3m|zQU{C3!42J_24yB-W7G%u+E#a zhM+&4W@t#QHMt=BSwYc92f4KUct1>YvCXXginQBM2hk}aK;|$aw%hy5c%c$40nIH1 zelruln^bFsSFKzEw(k1^kjW|8ChR~lJ;Wh>*^QnPOQzgKI9xIW(*nMxq#fxDO*aqF z0irKuoRz8PcFloxXBE$-qEx`DOX)uVg6z^(lXqXW)`l#L)Ob29>=X(W1l~}tk<^i7opEO;mEltUk)0(7 z6fBtALF#WV9fiu5XLV^>uceN|Q?VXTL!{EQ(sW7=1T5#qp>Q6O&ljU|(Eb!r+*gqg zR4tMmyMVL*d*3lox4^@(nTzLwJxyxonqBR5!HyD&o{Y8D?2KoVPhHP4vqZK!>(XtA z)NeTuZ=V#1ShqAY*KOdh9|SVa#9<+AJ_5-q*M+$qajYk{2^6OW@B8fr@^y#giQjPr z482LBeASz*)$>sCnbMDu`?#bev0Pbgh=(|r5h0ORg;hX4{C>A|vd3oEB0TXm!1yGHi1>OjO8ml;yO%)Vi#cNv^$qxvkFk)7)^A#RD;2~m z+KvaZ3}dl8j#@C~^{$TBa<#V}@GRa)2^1*oKW}BwJi1yPw1`}5NpQ<7`IUYm>itju#myV~3^&yXBpc}>Zpy_^gGS{j~$He-#Ib@nk-tRvs&ZfrjM- zu_Q`4gjk4K+)!X~t;0WknouIC^VXKVgDbcy6^6aN1FJ6`8wl$%6{o|L3;l-RkYmoAUT`8%dEhY$97)-{3FS7C5!^;aJ7p-v9%I)t-HMaF@FiKs(^oorOi1`e&T<>c7 zMeZ3k!n@|X8V8=JFw*?xQ~_?7J98ST&JAH^NFEUxUY?#M+=aPjCcp0oXAgmhWaduH z6#<1W?sHGpu8p0V-Q5pH;%8Bg(a58)8a1p$&KTbTVtt`RfvY?~Ihn_8yN2-UD(7l+ zWpM3f*YC@T^Xq{XJG)<7M=rBUFV>I_K_lFa_HU<=<+80MxxeRoD7CX7O$yr|eaj`$ic2TcGPDTGh|uJ|*_YYwT*_+Qj%ar6+6@BD!|mtg zhdC>*UT#|GhV`21g)^9mogmScJSVr1Wsj-UWzN{t6mVx0yAGVU0RnO+Gt%r2`6D-+ z}5H@KZ0yC$LSaHn)&W!Gy2(wK~Yh z^!>?j7TEk!&f`|Q!ABu?ihOUkH4${g%OUGB)%s9FXn5}HAGvOLW!jxd+I1A;hPpkZ zLCd>RR+_;Q*}Hn_2)j|n=+V}%CT7SM@ifOqrWDiot}M^erJTbf{k}WZ6psysOQsoK zRPx0z6rtpuZjvz0#c8bl#@;V0Z^bzb!8A(7gn~M6Q2MduT;-b(-fWA06Dh_f=9*4EiBZ|sHhr_ya7Jnaq~tNe z33E>#)WyK@^y{+}iOMOp$i)K|%rTVeq2o2~S^g~E<}kXedG>7+{-o3#dIPLp`<)t+ z(K+

JQ1GS!7H6C&e#aUw$QANUiEj0uV^WgrDwN}Nj_%gy7ifo|2yGa)5SdfvexEG> z_MTzGtP0;dvH6wiD+T3NGTUl;TRym+8A$)m(wajO1t{xj1A0hO4XDXmTe9D523i7P zu{>|SUr}OQBGHPLrC!x-aCdYJ9( zjj5geaXab=TTQ;8-J#hsJ|Q~Pw>QJ`&|f^zY+7lW0>sXuZd+v z#Xi`7FQ1kO^&pLzY(poY>P2{h3v40PRY(ZRWCp6m0ACGK$+E9g3pMdZ+fxzrTrV(c zpXc5R31|q3In6sXMrC+*Jua|3hxiP%01YbgGZS2LLe7zo1NV@D;-ae*^os$!)44{R+%78`Fccz=-D}I`~3&no~ z1sci#AWB%(bOX{*=o{CSAz$g{m>GPk1rNZ~j8hN;pht-MrN6(q8i2)n8TO%8F-3ch zyrE^?rm5PWlgMmxN94ZN34_e)CM2R=+nEw-c4S$!^z+u7dO_^?^OozZ$Ua-33*1Ku z0%+Gkl$c3;UdSs6SmD$^&n@brJ%p}|2>))210jt)Nmhp10@#w`Alp?rL#ZVzB#~QU zto-oTY)=S3vPme32a6UPOV9&6yn}VPUx)vc?015(drTnCg2me#G8cI~Wb zchY<(1B)Ce8FY-Euq5!ElcT)yFVtGX5!P^M~%f-oK*7?LC7t3q2u)Rf|WjVe5NV* ziLpDBnhw(L;(RlP+YKma<8yTda-c2_RdmP=e|&uLC#_F5i*$u_Nl+KSB?Mbpvyhjd zCI)W)=RkRr96BZRu#{;G%h^^NVGkF?<&0!vt12T>m}YTW*cv~-NXS{+A+vpTFcdq1 zlMI&6Vt^khEJ~F~{-P1TzTLx}!W3*?;63rrjdXs@LA4}(sS}~%GxuxEB7LMk6PB*w9Fsv&L)F%--U%IxCvbW!{LH))jYJ>B!zEeumhbfSWaJ+2pzNAC=8K%Q^m z&=uCXFP=VLa?5f>CoMK*H^Mq+IJ)^4V2L@yu2@xI|v$8Xry$(b=qlM~NltcGddwLt%x*yDYx$* zKu_#7M&qj|e|z6__M^?MixO`4ILVn5?5C|O#3;3CSCFuhPR$=+lRlaEW{8;xrU-$;*ldebG^ zcD=s?i!)D^3vfR$F8Xza5k}QwIL55T;F&-|{IW=Dk`~w#07_1o(&PK*r)fueZx@}p z!oI@}z|hu$O$SRym1YM+mK&^0I4oku0<6sI$~3Xm^w^=5e(2mbjN1xGxT6H~*4qec zZw<@oIY~oM69^jAGA#XAP3!rE7j&C%n_oWXII47fVbXQz_Qn7+zP7T$tyeED{tq5f z*@lbNd8pB57~dy+t-IDPmVwjFT>Sn+)j@IgVsJbjrQ}} z640M^U_rr>)k(8%#->TrHn|xJ2t5-yTT)=@<&M?3P1tRBo7cO|zizu%i1v#*bz=BC_H(#Gq-6-b(! zTH{s2IWn^gD2UVBu#$$MZhFHy0a)N#@(7YE#_b$@KNhA!`Entymp&FAk)VEvL(Hg} z8=}Tc1M%PD_%Ek@EocVPE0coR`6!8s0+KH>@1lt!5JLQVp%WMGdQ3_!2$_*jnxk6D zYP>^Kxc=mGckapAcw7dQF+QqjEv{7oaj7ng1pG36M`Gd74 zdWLEUxYZYQcMj0M{QQ4EkL0z}N|z|WK9eL~Tx{&r>|eZ?H?m+iuGKGwe^#8n^Lt#K z1#^38r`UZi*0O=M*OXS$TF0^Wb|mTnwY_ZiS~fqOlfMm}xptGGrWo*+8Gu^uZS32G z%YYW&BHs!eFHfnp?m&^<`oCye*i=I}@qV^)dbI94?5_{zSf=>z`fgDIwLEusVb_ z+p{%(?ajsHKP+^+>6{Ku*y5N>w;OXq6NHZr#-` z%$I`>GAP*%Wr7+A(uut!fq}PX%xjL(9bpqSMiHXNlob{;MuAikrw=bT|5*WI^ln`r zHiJY4xikIM&Up+Y%w;TC0NP*K>@^DFmG z-%)Vy;7gE0Rei=C+PT;^U-u6#P$2c?$p4gR2Fb*L)rfq?m-Wr0j{?Ah$@+Bjfi-ng zqOMo@zqS2nYs#h!C9nKzkJ;Iu5(X~H4=9(leNV&p9z`@vyIl~bevb%C(iZL82CE(wMqZkEsTp94uiSY z4Y1an%ktiAqj&SA;;uNQInNIudN8@9!G4Ubdmofa$^A$su~v7hrEMBSPFPm#72n%? zhLuArb9KSjaG`ZkWT%pY@>taHp_2*I*-;^)(Z~sV(ebP5mgEli%7Lv>MBWhwag8m- z7uL&1W&)Ndb{;*1wx}@Ov|uBW;KN&YOqoHsQC+l5JrsFC;AfKSK6&Inx$6UFl!+~U zoGj<)S)|aQa#aG*dt2gO0TbIEX1^TjVdX7)g1CMoYv*R7l9_Hn@fe-V{%uJJvEEZn zG;6F9R_x|rz%jqeKSKqkkTeEu3&ty_yir)#^?7@J^JdK^XhlG$X27Xb`%?dLZ3&qQ zC>nQsi_>6DQG<)F>3XlR1rXsaPj_cCHvJ;LS!)^(aZ2^a4iSX>ON`$i?`!deFGqox z^!mO#?Zb^bBX051Uhl^iJ7dGbLVQt&A`NN=w|l`zAFb}>orFfeO|m$5MSH~gj`$|@ zVcG`SuPCv)bi_FQfRWkv%X{H680#&GyMT?r?+-bUkflV)Pd7w%5YK6x0Z+0HJ~A+y zXxFfY3i^3swymydU<)MGG?aQ2^$3cbxq>I!w?MvD*(H5ADJSGMrPIvO*rt*cq1 zo_CZO{&7Y|o-C$dUGa(dPrXfj*p^|Q?xHmTOhLAamk0^zoDQ-(@~o1#`Qpvnkvn}Y z?tz%ZKib_Ze_vByVb<#w@RwZ!Drj8Z?>sF3^GI^c_|WXL#0D5Zttx3h=d^<8;gNg& zf7i%T%a8|xxiNrQiNFWg;pDB&*I86z)sx%*V|lHgZSU|5x1H)?-s z)q1*ROt z8|NNvU0uRPGb*%p8=jCxwsqyswkGN^ewdC~vSq@v(@zmdXb_*k{aDY-Iu1F2npxtl ztneMRk&1>H(7`mm%pwvbR6N;aB3pRdbp19!5?aMXqQ{1p50I%Z_HUZ<&x7W~>P*bT za#M*EI8fpE$yfd8FeNMR!~#sPFX!{$Svg>dfaZ}r)Ph>94eokpmulT~kPxdR;@(N+ zI^W4aZR~+`t8Q2JKe@;8Xy)(sg4x}GYR4)JS6dieN9lR!lJK+QXySUWad!$#Ndpx z(S<)29Zr7$W#?OyM0dO3O};wUu#5}W)MamtO?*YGf2hP{8?wo|2Tu8}NerGtDDw*Z zaw}jtsFfd@v`c0q-W=6r;R_iN@)zGvFNx>*Xa)4`l2cR@D0Qh2NDcPMGX~Y3vD*Dw8YR;=-m6osv)Ji6W!hCzxD^Y)E(R(LNsU0gn&qS&nFQPsZ zo5p+#y{eZydUZ4)aJO!m{+b{@6%3pV-;6KPkA$Y=5C{<3=F z>VH<)6%%Rbi{|` zv8-i!kS=5UixFWh#+B}xch0lCfB!1`98$>W`;^|pVI5heHT|uYg=>CNMRdy0&1Ph6 z|ACkF3~l2hOVbWkq1q?CjQxaQnH9EQ6Rp#5_CmO_Qynl?JgXkcJ;FrngfYD#w%3d_R5<>^h~n zAYx!0xz@Eh@d(DhT~;hCTE#ksXPl z8Mn5SOOJA>J;7wHmxGTN)&IMb!oZBMC%6pC^O$K9rSaHo_EP)0 z?rel^&p_zz8XZQqa(nAAe$`idf{&kya7pLF>%WtUz=O_bNkFXF-pIX>I*xq!GA~w6 z_TScDWF|$+5i9tBZ2@x$|7pUou>IH5xM`i8|3Rn!Z$VQAqx~aj-nY|3 zrs~t5oVJ*EKiPJ-!|- zTpXoAZZzv2KpW{aYE1Tzp$|CoMuOFw%beTH4u1-m_iD3S{6@yzmdWM6N*$*-K`h&U zy7GuJ#SN(^to6vh@L|c=`tTCTV`v#eUT{m0`P00*?eht$BV+l#G%)t0dv3ArV#8!l zI#U!K!`A&e3cu`aEZY7-BM`kTAG#bwlxEdTDU^jLtQgx%-qK$Qnnr<}aZ zaL@vj{u}Xs3mOFUvHd0lP@TWwDDJFnKA&~-oTzrTfh;2wnnb{{j_EOYjw05VJ0*j! zKh5NvsZoVq#NO!Z~2v!+(mkp&8}MLz7fu{kBsWUd84P8F_PWy@|kY zD_3e~V1)&#kU*-EKoqy-M$d2IXNgHdh9Hc`tK`a-y8v~Ak71J4(XVIzVLlcX{de}O zON28C+eNLe%L1ZB2Rro!{3e}IhYg+TUE*wK(7*&BP**cGyT7iUhxv zmFpP)Yt)HfWxQ5g;K%V8J=84N8G+MV<|34Ee7L`}E3|mfPE0udz!3-mogzU7;!mm= zz1`g~_TUb(rVGRp zgnP#rj!6qvIP$%?M%ll=J34>Q?wT(4naDNM{rZVFsb?p09P8)yszMEW!t(LXdA|Lh z<}aStDlNAyyU&LmE4F}d&Q6?pVdvV(7fc$PTH{5-&mC?C{GBtBL#~+$;5t~1g|>wA zf@&a^gk>D*_C1)zJpa^jOs9M=CWPE!9KDfnW@q4Gn@++z;7XSiTE$t-|$8Ol@gPJi~cefs=JMlpcseGwM(eaptXM`?%q=8Gdj*jB^z99zPB)?T7 zJ%|x6Q#@{XUILvGK88pM@9|SyA3(p0GFMiqRWyZzk~KqgE&&#$O*=DoM*|RbhimWo z5)#UQr5r*IV;K0_22lpt_DKwrJmY86*fo--OizeHh05_r=kF4`_M7#bH{PmU)n z!!W}Yy-`2%gLnL8VtCJ-=GOhwFq$k~E7hiWPy6`_pe@!bSV{p&r25j~k3@oDOM|T` z9J_5|f}#<}nGw65xlYM8MMW+ER;_aFdgA|ijEcq!Z2(u>P> ziyxAI3h;x#g{cQFZK2U6M_BYc7kk@EFtd4+H7bgW7E&8z{vA9>9`0P)KH#eS&Tbsh>t}@s;brz9k1+0i;LKw zJN`xlnfwH`q@p*wT~V4CcKk{9Zt>9sBRqI#*z@Hy^Nym?f*&+&54&JRZBiHlk{Kp# zyX?patDM}FAIm0=i;qGy9@+*>oxPa>beFU+GRQGicNNOg4YqgX^lhw&u9aT3kUaoW z0)d#tEnwcv7ccLL$n)CH=~qoTCv-K?udxkV=+g&{04YM5A~=Shu`wVo1-L7d*eTu( zCS7B8ib{`(_GwTZOEx_Ss(8?>ex^Quh4iPTR3OZ9^@@u3rlS|Jp6A#IUJAawhc@JZ zOQ~1EBy|@fIR}@<3gghW1J2F2h_rOk9y+=!<*mK)hdVO}mS>_U9FN z!0pFQVEIP}h#2c~WcH^}%hk09)TxVb-BmM*!|${OSoZ-ib=aD0D0>p!wN4lIyhamj z(IE-pxE5#7Bhbe|t6p1VWNROy3kB^|6pQSxoshDZ_pK@19dnJ4!?0kO_}Tqd zeEl+%i4m+d&PE2QTp)?kr#o+JQNxZ1i=jF%!<>s$OrmkPh4Ocel{S-=h);QI*R2%C zE2}^*gLkbc&{^9)3Gmam z%-)92+?4}DV6P9yFVKxo3Lqh8*p{&Jm`jb4Kf0`TwYX|OkFmly2XLQ8kqwHNv58WT zoNw<9VtZ9*p8h}oL>W^Sv$OZ7`!|zmv``zGlQ;wBuH61S^%O$rimb55q$rCfk42NE zmgf%aKR+kiP-ZhAkjB_^14=kC9?f#jmhZ@40R&)D1N;{_hALt*@-~QhKkF~-S1l!O zL4P?o@DHHA(l&uyp-~XN^I!wy9_e=0ZQ%_8y4=4xI)4y}szG}Q)~Oa5{uJ@y(Lu#a ztQNmTa3I=)kvj5T>Eg7EnDot~(C!_;m<2zNeaRi@9)s#EZ@z((Q0_GUgA8M1W8F9W(R)8J2Oe{MQStOFA2|WUcVNxj)g_cLm7Q%EfJcWB)xjNw z#S_&H^t5wa*TKfuDW8?m#!}WbRac=_K^jSdxOP#cECSPx1WvnoI`A9C92o&=&rOChCwM7d|yLx4Wk#tF5 zUJnlpWVN+D2{yh%kuHt9ZKR2mdJIGbPS+PsO;&*r%7sR3fOD+)z?vOmJS=pGAwBt3 zUSufR<9HG4G!1ZKR5A!VFwD$|l4RUqrNp^-(7*5|U(2aeyl-K(M8(;vb1d_$m*G;C ziG|UwIKm|jP^uo68{V^--WY;U4E6|Z8u|iyYOm*3yl_dns2%Rq`N@WfW^wUM6|rfs zqpPBsYe`u(k>0F3)?^o5V@KULO13u{rWxw6qr8Yx-bmeH1f6T)TNNspT4H+DbAs2r z>!iV*-!tA)KQJE0mSIk_{WT#rXf9X!o2mn3;R&P;(?c5$@Un7L7Vt>23{n-jWG%W;uT87ikRGxX~>@e_y#9 z)k!$$(wi?w3Mzyi+1%at9@d%;rsF%{=koq~zT%Po@H!65T{R7x6Oz~=sP_+W0FcC# zuUyCb_bPuXoZG$#cwkyKF#1GarnLPmU(U5YF5NuO20sJwAodXI_#0R}4}LCuIbe09 zz}icFeDt(|xc`3n7FVnPy?^u+)!BM~=f2?J?ezY>A+YK9n$-fklL(y&J^4EX6j&sV zQSkW_xd#nUE^ac|Hp_AU&c69|b=BGF_^$Rc{p@hf-}M8w^L{+Kp4>>=K}>bCZk*TT zqGz3CjjW+7r`zYItNvQPJm$7^iNfXqRY1bt7#~2cpDi1rF~ihMs9>+|D59R_Y!b;a ziVYJj8w%!BC7s{ zp$SftVIhc{!ZAC-Rio621zz}QDgk+sfx-0&M!1MHqxkbc@aBk68OSKRXh+^SkayRs zN}xhi>8K?sPmEPS{7U+vWh{mws%FNU7YO8Gqzl9-Y!F_``rKcd(X)_TJT zud72D|J_cxVb&9(i17B7z%*rzJtuth#h&8BjDEQM7Vj2>8}vW1ggpo2#?(sd3>BVu z+ua$PEV8JU8v`oT3-Ppa5b#qbVc3XbX*SvpPh$aiivQdaR5pV{{Tmw~&pC^l4#2k! z50Jz2PZX`@jDjlC$WAjTV*=o{=;U>mz58JtQq$e3-NkLwk1KS?9EV&3ByjCCDRD}y zx=M_b8o>fczy14RTKd?o`>m^IXwUPckb4B#G;q@*mNV2p<{mRl=lWXnRu5o$49Rcq zyI^VYR#lM(mB+pQxDnW(nzL22R?OT#*6lgkNtp~A75K!VyN7>w!nMqu$QzaoC)@rj zXqx{WPH9FHrH@!i44Z_q+Sk9e;$CIQ&b2{M#XU_rUzjmn*gs!})J2bn@iHB+(OJ^1 z{J>0TBc`naFcg|@Zss#o!KbEAT^3qli;*f#w6Z5+H4CA|t+fGjt3(eb(uGS!k1$y~ zgz^khLjZ#a8>6MQz+4x#wW~|6!5#$5!tF|BA)ar6)y$Wi>ZD^2HWaGnwImJD@v`y? zAZ8HdwAKKdB-+iPUr?96%U)ymGW`44U})pl)!DG+C!k?uyH&%zwi6E&iUE%>v=!B&#m5TZuG+Tw7Q?mg~3PW|GNC8-&E#v6ZKzG^Y zzepY{9_{ZN%!j$a%$#r(=?BL9Ao@C*@T%$(b_M%EujhhHiBWiAY_l=6myH4lEOh31 zNrlSPk3lGY``l+>2QnH{snTM6>Hv;{rhsyQPD#$^V8D;N6#o%hx7T3={+jctYr2uu zE;6Nh5!MD%U0&~(geBJ$dg4}!xI(|`hk1GCXI3;!t*RvICHZ@9qy_ikEl<0cVOgOu zYY>kwwhJj9kNx^gynu-Z304lt{%;uT(4>T+UCK5sBZ@2{^p3bO?cyMeAQ@s)Af15r z7gvHUpl-(7XbtX*WR&cGarVu@v3>2DNlt9rwr%soc5=cK+qP}nwr$(CZBD-L&YhX6 z`PIyw>FU4suCBdyukO8`^}Y{QEB-=3WE#2iQrUT?eVTI!2qs-h<2%tpfD@|R9>Li7 zmn-^3dYick%iP%594`YC(XX+oePWqXn=bEAv&5}V^+GQyuMMa2?RLSvTo!LU8#sMJ z_dAJEGt;kLkUWK6V;-C!^3xgDBz0U`>$ z)p_fc_lH~F+HT*Dr=QD9@70l4|G9+P6df!{EpC;2qrUC8@?~8Qk0?{Tw*Kwq&Pas9 zV7hMKb*rcfWU>v|`!gr?rbjJK_7F3G0HHhKKyXk4|B~wO1e9PVe>n#M5Fecpy$Z1- zy&^XWQqC5M8_QnS$N8BoXtGzb0~Pw1G9VwA|F?@Qs%#6-fq5&XQ&|8=2fe&ri)WD% z#Dprje^xXUmzHY-7TMt-t#d(!BL?Z3DPErI15B;pg z23s_jkjYQuwzvDasbK^^4+X8tDveZEW@=Om@>kBxT@#YEIUBQHh%#ls0Vwm2$Ydr7 zX%PRkKaeg222%^Gn+Yd!PJ;DflGnXIc%2z4gwXLpv-*aw(fv!ka6tNXwhyTKC*`w$5y8eBAc8%R%-e^s<_|hhTzs z!Zp(1iRFSz* z0PND#sm*;}WROb`NvJ}sTuDo#)+n~xku?G*^6~29iNWRpTQ*I8!M$8ZZhMa-u4e10 zi9gnd`qyrEmw)aa!YE{OXXHSC%p`sz8*!6ERF+7#2 zpVJ*U^L_8=!VJBWkCe5HM5+SGlEX)>k$~z}h$3YQWAZknu1K$W^{gT6>9~Ky>m9P9 zcT@X*1ig=#Sl7mP_rP2k=<>PVXJV0@H{c=!1bI-Jhymss*a+O22obe>*$P+JtDTs@|4;&I)&^0{Ll>t}qRq;8lgBJZJ;!l73^Z|2gOHc0b zj#C*O_D*g<^-eAThY1V<16G$~+y!!!TG6vZqLdol5y~oL*3?9asu+8pH8b1cG0NuA z1F-tS1;TjeXBv1pJhKZTLh?84BY1n6x{vD zDVue==qCv|IK!2?gvboj`VRd?g<=91*n7I8s7G8j}NxpfOi+y%d&t6~hf$L1S zXeM+Z-Sh22SQhrYA*1lp@1|d%QpeO#kv^!aBdV*L;VCMUEW)4*LrxZ-fSHzo>!ba~|J} zcdVCkt6>7f^p9bBOAv7ICwrlC74@qKiLZ2WfJ5vcJGp)Ray!p1*KyD4JTBrsiI_;m z0Sq3NGQ3GooGOF_8tSvj%}iH}Y_wUex4UpgWJ`PW)W^Sg3;W>1$HzSDoI=~8%E30o zB9Mjwl=_5(mHitD#=3%YCeY6j3Z-A?eCxedi`^h`hQp*T^`AmaagHfUz=^->wD@#~ zU!>P&Kk?*eo;wBZb8zQY1DceRQvi9BUL%I?q$85WrEz^_7!AgkOCNHkW=YZ?4z8mx!49WkL{RI zM4uQu@`%pvu?n)ktjlG5mD@2AI_Dk4#2Mm@{SpzVv_gd)T3(@gBu=Cc1_8Mt3;Nm;3wNGT1K){JEgBZ8g4>NeGw7OCky*m04bT@IPOUWP!V)sgBdmd9y z_qSD6XG4D!-!5j}{k_hwejnaYpxKjtf1f01PE^{Mgedf?dG5_tsJkNDl5b+Yx<{|V z%A5I*8n72A-RN7ee^}|*8UIPw$;S9!rp9$@YTB=jApZBP%2BPtSt4@-yr#Wzzz#Bw zRT@c#Flic4*bu|c?ym=NB7$73eA`Q@-~1k%JfDw7ZlD+3Tq~`uFGfzcw`me$gxij( zOz&4N=n~70+}VW5?Dc{7jl&4NpMZ~s)+;70&LKK|jtw4=c{Z^fI91tBKLnS~X3K_+ zig-3}+Wh1L<(h5ltfb*#Gy!DdYOi4+II(`J7pWbbKJKmfitpiz>86Ts}xGra+i(~pR3562cgaU0NT)v1TQZ8SBkFa(sd!ngReOXZYH z#DIGzqM#5)nEfp$ya|7LwF$IbMpa7lM8MiR$;00&757)_RD7*~`m~PR2kt54`YRap zeg!+B*dQIzekV2AVj%d(=RG_q(1P!`?UD^%Z%P@zRBU9~e;77&8~F)*{mrjljiE9J zK5kwzJkj{krG?SmVB4>9M8^XazF&U`Rj>y^%a12vPj1!-mqq+)lxRIDk~9(HxRv4W z8q}{J>#&o~#YydWb=`@Xfi`tG;#>{s#BagmAW@X1OrCP%K zy7QdvXy}O2(=@E{;$!N#k=~oi0cOr7_HpxY&j&W3U8=flSe@@rMCKt+M2k)zE9C?b zg+H-P!Gs}&38vx5gTwOfKl`ojk*}WHOivk66UMdUzSV0tESq+#;7I7@ ztaFJcQOu?!dVMkZG5VC~=7fI8gEde({o=bZTU{{}6d_rHnbIYIuGBzVw9C_@-@bCA;T=w+Wa$Uj`gl*FC%JV~K;TlLi)qDGVBpml zd6~Q_=xMy@M6d)~rjR29E0x9345Gh0LxO9j>qrZH*)|JQZb|9vljejRhd3chK_S=V zW)-!SVyR@)moEt*qhTDAkUe7rH&<9eJ1dfvM}tpoct0GNzCT{=MeH1M_im^UzfKeZ z@8C3gzHT1k>exfh-lhQuk!{@+z!hruPq|quSI(ABX?_0$9JTd9ChEU>3_(ipE!mdF zyCzU?5h&rY2q%J|%!dGguR+h^DyyJNDA__d;*KW)3&au!`i#(ZfPw$SJr0lDKdKnD z($eW*2H=RO4C)COZ_qD`>9f_M2&lokp+QMgzSF*PeNEC!V417@@e}Ns1h2HH>z}c> zBljb3D!mzkhq(YSW>nvjX0a)VzoCpe5SC5$rur_Xe)XchIwT(ASddUz0a7Vo5C!C3 zckxz??A?8LX0eB00ZVRMkKl6;@AHKE)&5Rn1otCCTP9i2HwA?(kz6rn0O^<%F&DI_ zh!M<+o#7m-IIz$;8SQHEZQf)qA+*x@qL26Hj0q2S`#2++X}s4&U$PEFj5@2Xm=9u0 z1tY~Ou$kqTHMk$!00Q5Do}H4Vf}WJE!o9gv_!-Hs?Uo2OCm8z_&^1TJf-omn7D7ZZn5 zg1W>~$Bbdf5}wV5zcvhUYn(vb`;S# zWONG?;Cf2&A^1mvDG%QiO|0EYlG1ca6x%G-ffjrmun%Q>q_C4)`F;(*J4;X!*UYg1{vIx02q#~(F0_z*7@N_4BMJLA=V7{Z!zpU?*);G zNz0nja9wvBQGq!O_(XHM%DTR(x2-R|GmP6;J@$`MgYvg)oeA&l^2=58Zt*ROgASW> z|LVS>L(q7{q6PSLhsr8Sc$vPz?h(IJQEX%!=H9B>W}SWRVbVq%{?8=iL$Bp6<(tp@ z6d~)w&9NZWXnj!#TwR&m2hScjai>RCP2mTZh8cM~iisyIy~C>-aP30|~x~&Rcd{0IReW#X8Kw__1iZK8ja;UG?i%C&X2f!V4#_rS|?yvkl$CVvP^)n7hDqCC%oC&(CiU(Gk}^oE+Twj%VoN`@1J_rZ9AVQGJd^)*$yT7}zbzx5pJv-l@@4n2d!xYsP8CCy$ zEvne?N^3QDX(&NYX;5l+ozFHg5n3^2#wA(TS#6iP{iBQCLGiJ^!@vJUrQ#B7`>|n^ zY!@iS`C(E$<0raaXXBFSLB$YAN^e`ZK+(LtTp4?@q(#zBQ}zv+C223=5NKOfd661B zlUoPpYK!KG-Drd{+2=C5lFEZ($+CQqO$b$V)V>*kw_mN=ILWwRoU3;4)0)O#wy2I< zj|L)oO1j#$lA8NOHCr^byO?|#v~paiTAzZuVbJ&|W~rl9`z&O@?cQB0M3WV!w+dE# zuvl+Q4G$~r$FKI>IkrRU_B$eP(_&EfS+?l(c-NRc8`#flK7I+l-hE?k`hpu_p-}oK*vs}$Dppq3|6ka< zA?9XidC{-p!Qt~vOtzYboIjvMZ^KV~{`pu;5*ZL6ia6KuL{JN}cb;`sO*hY^ciiru znI67vjCNg}dfqY;AIDK|9o09II46%Q68A6I+j@NWm0iD$L(0Av(0jb6YRwkjPx-^1 zv~yQYFYcGBf&H{;RTqQPjW9<0ZpXi&b`lRdZ5t`vaCK{a`5<#bz1g~k6`iop)V+7msvat0btMjH&wjJ-TMmc>kn?l53=@M zci#-st?9Xm9-uU-`;+Os-FO#|1y5R{^C@@V9=;y#5E)&PX40bgM8vOHjlPcOrj5 z4gKyvcD#WnW%M-eRObURCIO}wLrz?w`-WBM1^GSn$NE6vxLog($Ak6H`S5or$Xoaz zV;H+Pi|$MAc88Mdl!7aW$9~=`U){;&7+Awj^-U!AxKxiNnnow*kzk*KrOI=|1}|9q z*r9D;$)C&+ci}9tZ1(ha*O$FL$eT;lVrh$+-bC>7jM2D*kFPYBRtG+OTv7D10UtYZ z3eH`=3s%`)uj~Y3?@DjnK9iE)<79l$sH0L6fO_m@0P>w-x*Hb$+SxlgT77bH$B-h& z1$+DmInerLl@Bw;9mm%n$@mdA;?}z2iA8qg>;k`CEys4T41@<2*!={d{b0=LcmBev z+(^O$`+Ep*=?$=G?PZ8SsEEr=BgknbvYtot4tCvXhrx{d+(=GfLAaYJ#QB`8TE@`WtbD6 zKVj@VrNE^tw+^^;l`H2er?3#(2x;a}FqHnU-2VgTrl4QL3tKP#C(hM?o5lVQoQp=u zEJ8~GEWC9C3D54xo*;R6+Br5?!zJZklP|6ajcPcAWABLUgk=7scA9BdGgVl1 z9-Y3$qltGgpOpL^0&l}3NR)m-&zz1d0zb%#(#0YS!{w7YL1SHP#y%&}5=z7|JAb$x z`>mMd!G-#4hq#Y@Moe`92=hZZ2bgx+(#;>*xw+KDAYck@;cg21cpnqy6QKLPtPO#Q>%)`O#uPp5# zi%5APwyUA{wlt34Fz0O)fBtCeL@IPq7fYNGkZgv%#uDheAtS^#mRZK<2Tm)T0RSU8 zUDW%|9Q>-6r`{%JV{|gMx*(qyU+R$K5eX05($$9%YaeB^Wv2TqGbepm4o@1begqm@ z00fV?e8O}>PxFQ+_G@<@F>rCyDB2oPQ%(vHsx ztX3H7S&vws#JQwLTw@qT@YVLdQ~(xDDH&=A&i~?OI5~n>DekOdjAWjKkS1OK1RU-> z+E|u{K$5Vh+`#LzTpLSm!o9^i)nUid&&r03t|awCw|DS9kS_N?=LT z)J?x|fJ&P3WW7ym=s5oX3PWP~e4)D$u&L`Q6UnGhwtkmUo=hd&Gx`$6A%AVVgQ0$x0}A>HLp!s>CWQD0726=iqhMezdBr}p&`v=(sBHt!G zLfj8|cQ67FFGLyuF{0ETYCualmJ_(@G)gnQ{I?pv+?bWl8sPrKyX8V)w7%!2K4L(y zwxQ?Qlb7gFgv@JNHI5t!e34VT3|9nk#b1ZF@snnDVJffN`-kMN!?x64`=FWSD!9T9yC<>ANtxa1- zw042#awQ%LE@IbFr19^g9uDvH@66d=E!RR}nVGvkzAs6ii#P<0EcoE#lPy0832lF7 zsk^ovAMOuGFSxW%vi98AhNClII$s27^Zu%ZgJV#$hMAg^iiyv{RD^(CZ8^*jdQ%+` z(qdKNAQZn+bU z$zkuRj)Pr%A`{b?CBa%z8}1Z#`}?`f=nTlEY6nosmqSajquR+97I;$Sh~&y<)}ox4oNO zM}&eWV@sv7jZsCYb}5|p{ue%RQ~K(PJ~4K9TJyR}F6sGX)wQRr~JP5OEz6snT^B0%Qj ze}k<3|JoERubF8)X*dTg?D_DQY(|3pY(rQe;99P*oIO$qArwNDLXMktL)X7pGPFKT z*fAP!)HG?vanGY-G_c@P%$M_ib|2BUa87*I**JjlJ{Bahn=Dvcg5JDc?Wwwv#`)v* zW;U86<6mdcF=?0p7WH{B0ZynV;>gvyVDTZ8i=H;u>_McB3kBb-9cllfw{rL{ zYIL7*hzX=$DA_cAq+xrV3Y8ozntV4rzG4Emy{=yE)t*fMWSr=B7VQrjwLGZ0;ih&s zJ!!B!4If(5DNkYc3G$jJbfY5Z33U`IomPZvHY;;xGTIraXn*O&?;p8 z&%bZMTcZC7x^l4mFQn7|OuJ`cWd48XO_G^>3~2JX+kG(adLwb|p-t zYr8`d(G(VYgc08wLtW3u5DAJJls()KcWPGWTVPFJetK|WB5`-LPqL0%y0|mt*)Y9v zyC45J^2tFb91u3p%Yqfx_wxM$f~ysil-3}UZe`Pj~nKL1in&E+h!WMx?Yv`jIy>Fs2_Z`~=b< zP57!1;>hVV&n*>>Y4nwz2SR51_s(|+bn&stwX887ovi=qt8Ot&X+IV9jR)8k6ZZ#a z-XC-j-975SVcJ_`pV;R&4^|lCZjkElj7*t!V_zVf7;b z3Y$?IL&q#JLH~l5{`SAv#rS>aA$sBi+k)2bf}3JzIGF^M#JD`K0c>s1855kdZQNh3F92Iai7)s) z0QxrS!gTshTgtF9*bVF>i32KfAto`xyjLCiVJrA5=s0mxg$Rsh(;&pS5J3`nARBn6 zoc;s`Vl|ObMy96}vgdaQDDc8F1goT_i&Fq@4|Ory7#4D(lD&7En_M1Y@Pb;8IDx5S zF(f=A-kgx7P;0ZX_Az79w5PJ1)`uZ2Tde_ioWj2?4iir>k~OT~OUlMF-ug#DEae?w z&pd2bES7_vh1SmQp3XiDDNe|c031BzJ_euckN~wwKYn*gp2A+FdBX+gmHX$X6`_vs{C3o*q;n@EgH0~K^LTEn~K~pX6?)} zNsbklT`6ViDDD?{{1~n}3G$_y@~9;C?V5g>4)sB$579sjM8#kOC4JF;DG25S#>U8j z&~WVpq$HR1V?(2twBwF3pGUPuiGx1yx76hozEJ&r8g*iHLvWyh#{-m>Q5Cuo(Qd5yXaPl|t~vBQ^0XKhU@r<3KKO+dO1 zYO0=r7J1m03=tmqsPOCGPkEIDX%Y9zSI#t}>^i{Lu~je{ByFkG_@wu-+S zGHqAp1EzNYN-8#X(VO`epf*~q$zHhg%AxYx_0U(DbL4rTTM4QC*+qgvZ`d z#F&b%B3YKO{lO5;v+7Gv@>mWhl^LTHe-5oq72loD+9L}%rB}xX_^0lYVlmV`#Yhv`WQ;5tW$l`v!0p+GP5NRfO%wujwnnY2bCGk zKiPbV7BP{DK`+$e{Kf!HQKJx;rk)BVEz(FC>84N*77#DgQw_C3YBty?R}Xb$SMDS( zPxDqnio_LfAO%yOE}m9OoOTcvlQo&%mcx}Qq1~cmsUJJ3ZmC`d!e%hIvb@f7BZbfu z2q~Ongg0VEp!t9=k6H|@8nU#)C|9u=h~Y$IQdzG&ZP1tT;s6u*VlwX)t43seHFt-l zK4g`3!UUrHjv+hHBMRnT-B20SxQN&`$EDI#OkGXq^AOZ0*e1nwl>bt)ig&|9q%Jae`~0p{673|mka6+OyB*c zuCw>L=V!!HaQ$ZUy~`pGRW4bBdI8!=u;QtIG>JIeVct^mX1>_wRlC)5@_q5~=2iNY zET2|Jx9jKLpd6iU6rEQ|AZS&*@(EY0%2X&Srr#0574h`x^d_2a#_sieuGtlaaY^B{ z0Ib|kX=WO=;BQ8dR-XQ&Z0$rKW8g#=X1|uv?7DdOX;$d8)JfN+)Askht{QhIRx-#L zl<~`AI-a-3S9u~!MWX!x+tORp7%_UXRXH}rbC^+AX`R}I)CRavh)# zhq625m%}G+&qbD2M)dY1eTLQZLHh9K)#=B*^7BU(4R0ymgh_j~udA1%<7sdC%e$3b z^077T(CZy%PNmUzN^$aI`F(c#qU3IvJ1A%Pf~GGZZz-B7@MC{h^CMo&JrfQ zwu@H=i2%JATsinYkJgvIydK3Q)b2{b{Zx+!Hijq45r+^}Z%mDx^f zLgP>H0$4?!C#7c2T}n}@LIX1_1+7gn{1`Z#Mp>U{cfHU45Xi?a>-+3e;-;6v z>{b^dn?M?T`izB5_n)N+GdeY-F`bcI2smY`S)OA$Z2!>0qt z&f+#|M#-r%A{wy)Nd$R>Q?p;;7A300URXU>kCL`g1ez$O$P_kZ2o$4)0u2G|g)ZC` z)G7CN`D(Ngt+JXmU0=02G{w|!h4Kg3>E5$%|*KnbG*5DdFXMT#9xMc%I4A|PilZzuY#9#3kw zw4wDL+=yqd8uxu^fAvfkt)Rf;KT`mRAI3Um6a58`FGKD|6 z%4^}kHTxF8rf&z_$h!Lm4W5JbM2qlz?ZyB(4z$cG@{b`I&lAq+*BDT6+(9>uTp;YX zv;a^cz}u7QU$t_Uxyii28qHwBJBkOm|YF}hdQmfJcVW4lU;MsyHc)=RITkB+AA*5UF)nh zIy1@Mi{^`uMq5ex|Kq*HXtHiH)rHlJ_M~2WJ$MOX2E>-z*|>b!2GfjYhtvR3X+$|Z zQRR8*4^22sdp@Obx;mO$pd&-Q2levzccy|Loo_sJu8DuU-ga;p8JY;3i>K~y5Eoyr zcTvi*OJPNR*urA?_5iu*uED5`8D}>nhPiSin0%Oq7g*3&6+Y%GuH#gG)6xlU zAd5gLbe1@2f8r%b%Xx-LHTUh`Cge<#9f0Qqofd1fm}cPh6RsIxxI6kgL=i_y!#ybH zwAct1Aw29}!!p{EU4ZEhRNta3OCpMCYAz8skMqz-I{3-0)E>e$S!JBbD5n%#Kv)QA z{iHRvdA&uWh{j@#e!fhB0_ThhIK#Us#sJreo9BcyVZBy8b>8!+H5wKg?2E{A+|(kb zv-+YDH8ndwKW*S}ZgTuGhKXLd2w1&XYqBk1R9pQCBy20x)M92B6+-qR(tN-s1{~*b zCc@A@HX|$iuv3&{LV)!nDF2@IhRx;i<-!a>#Rtoo%He0QNh?jD*)@kV+P%kZy zo-}9!_BYYzVyn&p-nUQ^JK<>*I6ZkCR+=h8MiJ9Qb4stEGc0-q{b42ql{JQEnAj~* zzDA>~WhNux`n}-1jpT;Yin!ubg&KUQIoeFo6)I_QJ4f2z^GaK!OEP7wNatLM*ZX7F zr?b8UMz*!A*LmrRRT(*CwSb{*e(%XRaWY~w9l!#*Otygq`i zWxa`POB6;fOe0#LYE)^M<2sTTYNYfQ5>wr!ePER61|8b94Hm)2Ovog>38aqx7#H~! zi<1p~z#39MqK?xrCc3HJgvL=Ak~qZQF>M5uWl$#1@oo~9k{d^nNfx^BRCDSDib<_s zx$^)d`u%EmgaV@m&{>vAlq}@EqjAd%F;|g^mn6|^!n%UHe26584 zRQMrsVo@G8+db6FQNZBw7h0)yB};Y|-&HG?J}W&DeOTOnN8u(u(DG2;2|SEg=XFa* zH!z@B{uaRkn;Y`2u*EmWF3HSV-F=wA1grZw&}dOz#DqT-1{78YuE%L0gCgDiRm)u=Gd`$0QeoU z{)Fs3oz5NNQWFZAw5z&coxTD06y=ovit~w0nsyFM$BBYrj>4>XTzi5L?=loeo(dNN z!aV&QYWQm}xOIA;IrR{0pz-0S5#=_={x-|X~xbRThP$ zX3bXZ4u(>xkJEAN5c^2Og5Ly|5?pUwz-bC<1kRL)F3lIe6XsJXd(?8 zzv)G+0k6cVZzQvy0W#?G*@m2gTKh^AOCR0Tl78^nwDpyMc~SAZT9PyU)J#P!*S~7C`jTGIQ;+apCUO0 z-CSn+$DT_aw;y-(b^-q*^c<22<_|3Pp4Sb>7*4cIz!QWJu9+c4*xu)^pYru} zx2M0Sx5GJq22TwRPJTLeyWbxhQBWMK`f=jk@%&COyJ*n%BW@0LVSyGycv(bsclZkA zP;nE;)RiLx2Hp{{gSfNL>@~C?2@eX522bP|;m2VRB#CJv5vw|g0SL*!oQl8 z?z;Hf>UVDb?9B@IzI@)MSCP-Nkl2A<>d-j_2bH0Lk!2U%aIf^1o3 zevuH@G|Ydj+@RAftxSoAf7+iBzrz#&!Te7W=qJ9mOtC&|H0Y;3J3v+JUw)Z9g?WU#i&Zy+gFN?~9w5zk~@(#6pt-2~parv<9kthJ?ZK z2PA7I;`!@@u04j6dC9C;N{AL|m`QlW76dFn88LgLS3v7-oXqlKxxCU^cEByWd)1=l z;CD2@yxyJP%Yf9Lfk>u%zro>6)9`_0r!vmZ6JVsN67wGZaU)-4()5z*6pcBA$JV{%Y>k~$ES(o<&VSHCnDH_SXU`nt{; zSAxBS8))4OnaH-rOc+Qi%KKbi3r5*@5)J-Ba)Ug7EHd~?W8{EPIHTz#P)?7{7GXhZ z5_v&YeIYb?A6G%`r?WDAK(14XRIJni?GHIy&)S|%>19SvAQHPu@OcLaZBByTVl~5u z77oD}t75OtA_ERwwKm+KG8tbCI1nZ?sj}O;Hqp_ac_mJT#tl{27CD-x<;vYlBfWjCv*kB;kmXAEjABun?)BEc`b@4e;Q`33f zGoRaKDG11{Cn)1TFTn|&5t2~D_<*dztu^T61HUa|>&}3spv4B|l)ilxP;F+uf)~|><{YSji z2C%4j=Y|;vH5i-d;u-=(h7EnLD|k7COrPOJM~7?4kj5&UburcoOedO2GkQ61HR=*J z(eamhc$vfvM@B|swe9?%MN+nEpFV^ zSt^)$?Y{y5ns9RH8pif7Ih;z99d;l$*`!8P+t|>X(p7rAabKYx_ARhlAEPD6 zZ2?p8E#s=H1FxQ(g&l64Bdw-76lI{`7Of&4bK`Oy^IoR0NAGOfcd<8L>BD@uZj0@k z_1F-~2M3)Ft-oit>baj6WFf(bNxxyF@y{TN0Q)iIF#X9ICYpe&``I(V8ij3RODaA( zvCFCS^uo)+zX6&db<6%~Rb>4~lKIckf4~0k3c7!h%=g9+{)1$WLu!wA8r!%UDZ7-c zm$6_xO(AJM-gM@JFJ7^Ke?Ct%=|db8P8=6Z(}CZ0b^29Q++N(fRUX_)hn7u>=KVV1 zF)il%)3oStfh5wElm+>bQ%PraUh_nOpTd>gx%WR9@J81ue<*!?|6Rm`-*{Iu4qsMo z@ilNAa9>gtqNHyv5}4R33}~ z<#Em9ZFgl0sHf#W*%2Jxt*e*MBdT=5_ZY4nZdW0Kcwk?j^3HqMX@k4uhas#LLBd!-*zP+U}|wTPNzP4hXFtZF*HH`v8|O&_+5b39S)hlsoL`kK{KDs=0w|*b#)(4 zweIb7W_I{)^t;U=TkozbYwk&c0Qfdym`;7rwot5!x_P2s!t$nYb)i@oX-_l zoTCqMXb!nrHDkR^OcScIv+&RUB7Q1_$4KBY9z1>o8)cEaB)J~F(lhNceF%9Qc6I42 z-KfYnEy?92ulQ)H?E<)`S9=G$Gw#F)-^+Yh`r7^pqXY4fzU`whuq3!dKYR8vOAe@a zbl{#$)*`?L27^L?)7q?sQ|J->0kEMB;}LM)#o_ zke>7SrqAHz*3pT=#eKpG9`i$uY^1D(cY^NkfC^xtn^#t1gLCvH$0puMd=Xm$WHAAd z&+`qY7YcaGDrl?9)kKRN+Hb#onBPC1&cAiAb7u2w!9Z32){kaUwP!n#ufYVfS58P< zkxO7@Zxw)#J;Nq@Ce3BWFye$WVN!JQJV%NG+-xB0BeoWW_VED%8u95d3#6{ez6bS* z%D-o4kOH@4_I`yictaMGP=Q=x5h*LD>uXKqN*^38x0T;~+9m-qi^Mu8;0{T+dyF z6Q5J>HP0-~rWjz{kzyo0#Q^{wOxdm~&jEwS=ysZSh9}L_g0*729a2I;=ZY7}O65$F z`}c@7?vGHq$!9sL*p3Vw>Asix!vDdc z7@HfB??BI8nLEuzWt<;NxP5Eb@Ck^UA4@+Mj1*_@A9VdR)`0f=bCX@cb#-@jbaeal zX2;&z)t>2vtK;p79W7&{sVI$OWe%q=4GZ34fG`i!-vXmJ@XPTETq5?sCQsipc6a&n zX?geMEW7`<#CJT+?9@ix9o*cCKgW0bUn7J}w%rcy!)Nyn2w;vshtkDZ;9glA%2h(ANSzWq+K`v({<(3N2s`3h?hZsyvStNotsxK~1$Q|F0p*5x9xqHCX*|;YQHWwS z`_HH5J<2r;4cq#cVM$%)fFsr>muDL0$vQ)QEOmLqD(a+iap(FUhXO}4E+AV(6I*ts zPXA*`6LVQ6C{--vapnvw>i{&x$dY$)*Yv_A-MW56^~PGX>EwD-ToUz^!EnPHY?}N7 zb>}??s%p}!PnxkU3!y28>pN0y^y#H^ozcF=Hfa+>p7FV}LcJ$r$555>Kml(JZn1Y- zh|3_ei=)j=0C?i^O5p zSL_qt7Z*WQ8=j^s)J?a!WYW z&5zA2iYVvE>MH#u&LQo-dLyK5ZMy~pq$!;u3pWuPeKIWHLhC#g^4r%rLiceC-qiYG z&`!xNq~heUG=IJlK*cU#(=Uc-K@G!WQ3wUpE-_UGK#*IS#+R-$86c-(<=O;cXG-<> zT>=0DF|1%q18VU=0gdDP5F_Lk0nu_9Iadht>w%;-#c6kn$0DC;X(WC&^KOsOzOdAv zVgWZ(2XK?R@}w#ZDo0Dl{thyb9s2`nz1^Io-!X?HFE&Q>poM$-BR3`hz~59`0qnJr zYkuUgWWg~|UqRmkfD4t8Fg=8{hx=ZWaAc~Xc613Lm8XCf^s~xZa1BpA@kn15OS9no z{BM+fbBr!szh&Fqr)}FdPTRI^+qP}n-KTB$Y1_7KbNan^Zstzzm&`Xw{a1M^zk0H> zYh~?)#xy#DO1hDDBs?6~j43LKGeMG|K%_t9r~XtD<2!IuEiem{Q-9}`ht)SA3wP}K z5Fo|&)lSkbpppBNR*0>ZT|ypdK-xc2`+=UFceU?eB|8!p1d_C;?i&o zr`7N3g7>T<7zU&7XTK~%7VO{!M(N;;Qsr&*CE#YutBC2lGbc15pA=ZC7knniW|mwA zahhwOax#k-rf7?Qne4`znG7ZFqj8-zYpv}SFWpq;jFM%&t>f`3_neKv=Ag-Uv8byI zE}lcToKt=mjn+LY{Wjj%AyX*p$^0Q3T~9Z`OnM~~z+iSK>1`tSrr=R;QRhI;_UFv7m&AI68V2(V`h4We<9~#WMloe`;@9R ze;A|Ie~LACMa!T#6RILV#Y{%1JJQDiO=OJ|X;Oi6FqQ-K>%?82mUB}`u(n&#rv=AA z4r(+vt5vqaH0k~+*8Dy7=j(pdg&Mp~U}foIH36MNKy9vA4BoQ2w)+XY^!xZib^Hj1 z!QijwX^ZRmpbf?YxDsbq=A%~&RKb93zjG1lk914bR~JDok|x2B6V8FW;i$5*#@E0S zu;4(zkx9F)9=!#@G-7BjL+A4u3hTFhyzU8JgJ^VPL{vXOGYesA3$5e>izuSk<_ka#oWr7dg0>)3z&svJ6 zSL8xy$NvXJa-bYqjn=`s;;`c3kS6ei#JyUR1_7==N=u^4s931~S}3Jl_OI`I(DMX_ z2JgA)9VWSspSMMy0e>)%9*j6Ur`vRkj#7aDs6m=ZWcM@0)n!g@@@(LuSwqwV)8{1( zq`@G-*)OXhkNsn?c6?y|DT2)RV0s%raWqq^tK8qdHUV|^=H??v>Lu_PzLJ05tF>#3_9Ok?>}YT zU}L1yi20o+C^c>W*vJF$r=OT4{{+@6LxmCz^K_x~kMfgk;qKSQL!t$0CI}PV?@eUl zHa0_Zm^C&df~RubeFB!x)ZxHqIQmoZn#E{4nMsNBL$qXaxcsF*f{=xhKj&f>CjjLe zW6C-x7Q(u05l~*eE~h^bc$-|(Ec%8w&Oh^lyOK?x4UMRbdIPzzedKBAnizO)HeGrr z{m_2(Ezg}e?~n$y#Ukbc9rTnxa&JP8S+za?T(*{7owg5~e_F>a#J)aHl3Y@x)kh)@ zu1sc>M^uQ&m$?pA2=CbdEiLo`2QM z+$T0*C5>iGYLd|wxuvz+A0FY3=g&2F>x2b3m2Vq!`AX_ay8(coWNfg z@GCTIPd#FiKx4^&`bVt#rm^4d*`iLlVG4?NYN(=;Tx)ndL|ofo3R9WJNapE8!0g!h z5q5BsXZ)ohtuP6^{=#G`x7JGFUmd7#=kX^2OYo)Tba6%i)7sz5d!gJC&xNw4P)!$hV*^t+Xy_=^wG;~q$2oDXY(8fai7gPh&y!J z^32Z?Ta6z!KY8x@mtJQ(Wc=PpW$no%geU?BtCyhrkfqf38-VQo^!8St5oY=_Ci7oNCdJYB&s9@dLD?_9c)*O^UH$KB z2|Cl0YMM$|j}C0YM2@3c>6Xl`pXB;3hE##1mu?FtW3VGAw^*e|mrpy_XD8ln+^L~o z&s(LtFZc6CP8ych7}Zpl4j@Ffpm~Hjw4CQ5`c9^~ z->_tbs8IimIP{+*RvB97VTH(JKn!|culYH|#`L@R$*L@_Sh+p3|8z^(c4f|5IeDuf z&t*)4WoyI5k7B{gC}GK*|D<-$VvvO;xW-^ApKm4mO(K-5LP@w{eq?fU=h){rnKbfS zrV1J%f`dr455{cLM=e1JZv3`qSqGA*Sa%a0LP+$Rf*=;ISJ}nba-08gnZ;;YO>Xbb z$%JQiHa5WY*eYMHv1R}MysX4Cb;MHFCx(zh@d7TVsQN(o<7%IxA0nR?^fh--5UEgn zz-JGVinJwt;rVW}zor;gK^tFknd~9F6jLLW5L7wII1*|F7O96M1g*R(Uz`usmRkd8 zw6w0kLjL27+x<~KY@L^E9;QFpqz@d*{K)2S5v^J*1Apt%1qf!BUhp-kIDRq%1Z~d3 zHixh`*w`x8c3w>BLp%U<=kwyD?<-yVd^Br-j&o3vJRBGE022P4~^pt6JH5?vbbT>b^* zOwNX#h|H*3NqkJDJGV~j{3A1i5{5RWJf7;!Q!OS`LwRZ49kVACX^bWkzMn4f2RWGS zCnL}C*_hP|>xJ-_%~{1H<_&GlBzGBdG2u4*2iwR=3cm6w-yLDeDLkt{<|4_-U(b3R zdh=Bi*)hM~wPt=IXE5=YM!GdMxT?43zEw}Eg47lj0o$e~0r2Mj0AN7>amnJP5{c5k z2q=0ZNyVUsOqe%_$s4tEMdg|%pfAf-e6{*uhh*4(bMIJ8UI|Nlp99oPn@bNOK*NPy zbq<&mbS4)T)hg>Z^;h#Hxl3L3?2OhVC$`>?@D$^~yc#f#Sn@pw0!+}0@+^W3 zHI=_^NQ`?S7kOZs43b^q3MnLMmrOyl_fSKr`7CqW7Ii;nxI8`xg8G6FK#w8AO4s|qn~AM^f|7xT7$yiSY{sZ1aMPWU)eFX*InzgFbIzkiBmkZ?uuMP#P^4Q%kR6)j=y-NuGV%r9k!1wp~J@owYwg#UOG zT-JMYv}0-(eQM?&HaGT*)IN7u+2OkZs=(6Yu zp+%#20Dwqb$doKX5@H$3daiDktY`{gW7I1@BhkI4n?$xpnG_16n8P*9`g23EpCsMI z*HXJ?)u>{L>Cba{t4BIuV)jRWYC}O44xDamFRHBZcf4M>uDw|48>I7Aw=mA_`l0#~ zCw?Ntj^!!iLh-|e;)hl$ptdSG3T}bP*FGjny!L;*#zcI6xqHg1ThfJ9e0_aS_x5u9 zD}2oQ-!qo~x7?kPj3q~^NAJ}aX4v+B)k1tvjjqSt~Ob4^U|%rb z37vX6h6V6q5x7k>c z&;a{TR@TxrU+%$8Pe0jQw2Pvgs2wKM3HYJsecZ6*Jx_4BFn@VrAll#zCly9CVEMTN zr&(bsg#TQcV1D5l{BXy$R!0GBn$@tbjzOUF@OA1WOFmc60oKH2n#k>U{mRj5SW3?7x^)ASkzx;|BnqEuui)Q8ThzTIZzP@2k+;{G zUtghPr~}UM!akPV7u-pd!2tbs)hv8syF(ceLj5Z6gi4r z%RVOhe6-T-;&`DmYDJt^_f$pqY=hqvw)}oO4%=L%R8{~2ah^b&#zjX%^+^D}Bq)y7 zW|4PMyeb$IAg-Hv-IHa6YBEhdd+;WB7$BkTf6;;oxQjC-srPuhsn92FaZVfyZcppI zkXs@#_vXf#ES+X!+dpkwWmO`rI;mQM6ey#PO~Wr*B7t*QLzwa$fgrMv_X`HUSmT5j z_Zw=AjQk;yIa7k1f>tgL3T}<=*wcShk00*b>C?D)$Mf&AsdUFYOX}km_(gimQ%3To zs}yLRUh?4lLThMrXGPA+(+N|JXIpOPESNAD$ICsi5W}?+r+<>s*r=)q2w0K1W7_%t z%-9=Xu!SgjZGvd>z|ckC(e)Tgq51bjJMecFiO&Lwr^$lWEcZPrdzN2#zepj+ld;8? z^lWa&nkIH+zCK(%>3_X&dwS&bJ@yQP>i)g#G4!{zs!HLrOKIN7{aWYtSYJ+0TOY|! z59eLr<3DLcuos)vfx6R#50;Lz4vU**Pq*26YXSq-I;e*M0TaJ-7DGWapmC(dr~z0@ ztnztk9@p3>nA+r4`zt1?7j819*K0>^3a;H`oq^sGL0Q^xqk{gJ3^(l-z5ZT`2 zGk&BT-JI3$<=}9Z(_|{`k_YT~%qI_70p-us&}$Wv56qM{Xn)F8lU-||7Yf)KlpL4> zeE*k7YVNqSba>S2<20abLwT^GJ z!9h^P*j-j_*M!6|QdX|NXc>x%z?LUjEDN78;KlzW`fVi*R#u?Zz$Qi~`y{l_%6N}u=qD<($3 zMXuXMwvz>GlQ){o^;gTi?EdP@Q2|I%VT`ivqxbJ7Chl0+NVlKYqJnIy_A<2v3@x$* zW)+<%skX%UkjBlWRU6@?(r{M)nP$h2?`ImWNeDr%XhtJ0(1ikft>HnpG*WZN1-|#B#syNF-)A!E8sXl}*i^$R=nzsbi+zG^CO3o! zzoctdYd)iUqC3e~tV1PzuWeJ+dq69E$a8<0tBRnk7XK07h`0@KUV@c%C5S8>k2v4w zgo=C@n5A4C^A89N4NsU+0KDOaI+G1fJuXgd5|>3y71Gbg%zv!+0F$rYvCyJM~HCQ zM58As!@`|lR6Dqi#$}yeV!{EYIX-dZ^|XP;QC1>+L$TxBH7Y%1`h15_%IM2Vq6-e_ zM6uo${o}CI0Xj}DiOO_mj3Zma%=>wpp|gtQQ^v5$M(?&lv=Y@K^0q9l*M#CCf~y781QM>tz50tRPd41 zq|<{hN{p~HW3#R#yx>;{#0`2`x|Q#cYR7@&HQt_D_x$9`fu^kYh}wF7i#FV%UV^T} z-w0bJCW%}&b?e`~sY!vP%&TB>u2y@|t8$Ub(Vv2Mu}aZzgZ7u%N%Lso@e9gpORCGJ zYj3)VyS>!Y*#`!wakC+Bq`%jDXtygN((siyhJM&xthwD1l;Xcpqa|8N?hgfq#LbDxbLrvO3SZ{!k2pcm_Vo%iclbR z*q~K{n{Nd#CQI11VsjSkgnc+2FYqwCrWqPTt$Fv#4>|7pN`xA^(^s0;^ zeUSrn?v|ap@{l9Zf9@k-X`YSdajHqltI|=s&T(}>9*~1YnR%Z|V|BsZ36%%{D9OZ# z$zNnELlE93zH$*YGeNt~&wUA$<6c8Tpw7G6L_9uz22F&_J#36iq(^MiGd^n_Vx^e_8^Qy+G|NI)_h_6FRP{-`oWMf&(|{()F>ZAhS9Dtg|E%Mn z9qqB_j4SNiv*J%YSQW(Z^9ZWELc=6F7ZEcPMAd7F_SD>OS%^hhe+_{{loPy9nCW&G z7=JKaDOZ%$d#4dlq@~Yl^_CdQsG%KYTfMG$6i_!2KB|7O*Rck2z43zpZZH9*W zJWWvm4F$}mG|h=Rp)(qW>YV~T{1ds&*wS#LuE4ZB!~~XBVHQqx^aS6WEGS2xK!COq zuc~N^!bVAIfreSRpe6MqbT8lV1F>A!-(Rf%D%4-HydBR+%)|#Nqg`pvBiIFVS&bf7 zVh~)|v9tg;IYlN}wbCVHA2ZTPBVs$gScb~;I7G!l$5xB$-k&mEZ{;k7tFX0QSZ&L- zXd%5ewr+7ssxvaeF_?QMLgeg?nj3UviOM2XxHFjrOUxdtwbIJC3#bP*$|S<=h6Ji3 zxO959CVB*iU!xb1n>GrY`iG31r4fcBAkkA-CAtDdy$c_t)l2?Es)6Vmr-hfzQA zd6Q+4%<|g^4Xz8xjp*6IWnPc;@u!-d!s6lFK9PPt!)4C|1!g6qY)`eW#dwhG5hObO zv&tQ~*rR0x$jHGNyitJIl70lZsL9P#45UB`H_c=1o!CFT7rkq@ISzV&`nQ1_{(w2` z1R1pD(@-4T0Ehdq7^uOtZrX{o!K1#QNL;P^Pck8~cqb?~un-at*oRPpWS86Bfx+{~ za*Jcj``u*bcxL3L>vc%x!+u1kk)JMX8R^Xt`RrK+Isr-#?0 zVC?%S>oNNSr$+8#qb@22Xaikr;{va%u9v<4cWi930we-cH|RK~;DFT%yp`|g`84k| zo2umi`VsR4%d)V;wj%=$AefQ+2_RiVHm!jQB*nHcby5J)en{B%*TOb+swywhmV8OK zgRS7{J>sy~Jb5{_aST8KM|5eVYEadi%jOCJ0`c2hl4Re}!{IXY3Jw(vzu&to_=ToA3Wy zwh()N$0hY#Y{OKt?PxPHj@Zl5!hw}A(l$MsR>4Ib#E*Q2y}d_ z_XbbC1wL;W*7>W$7o9%Z_g5M!9&8%LAs-jNAxQtcf9A@K9EnR3M+~ zQwdWxyZ~Vnb?bCbELrwe7$d2f zZK#imKMWi-MObQJVS5dcXm@Nv^f1DRZuTW4fg1i|J2azyC?1WFlDXj%i88=xq#fL} z%w;n36iljtfchx&68<2edMIK-=90B-Ddzf@EN9%*%4Va$^==gQeWA3a(5P{Id_03y zl$I2hcvLft#+!(i#s2T*4}*;8-qR(GGw==3V@3@*v`bcb$(H)i3?&_E@trf0ng)yZ zm@vIG=_N|X5+btzu<=B3`lF>%K)t9bP@snhvmJWk0@ds6_88;=NOWDalGuc4b$S6b z#&v)I+*z!UP;vm{#TY=Hb3M?Zd^*!Z?1jQCUnhQk15V}7_?#3q=sLuZYX<&L&w#x&2>#sFBRK;R;G z%oP8m;b0{Tl>>oEfK7)n0kjuVc1AT%zl$E|rJi|KeE4+4`ee`GsVK3)Hi=(eY2g4Z zrw`+*h%>fv%5*&Vwu=3fb>XnTx zV`^UEBgYg`Z5OM%I_Qqcad`pX!)`gGi?!PNRyQf$4 zR&I7$I3#apN3gO{s4C`IP5ESZ)V{;)KBS8;0Wn_nP_7o7Taaz{c~aufNhb}Bi&*&8 zGFK|4FBaE5HCuY0Of$|Zr5_jDpTp}g7GP{bn2A^fGiTew+AxYSs*P=E=KIXFHGE_QnCWxu6%(LP?pE^4PJw=HkLIQV3k9a$zUpPiymZ>1-a|cf= zl9mFUx`Q|V5h@>ZuP_P(sUCKi5>VigO^2C6ja>=~T4b};MEadCWizLU&vOa~u0W}` za41zwrYYyEYDvd)i_)T8%-i-v?Y?L)?a8>L5$RB}$0XJy{xE3pAiDp%7|lL=RF9Iw*7Gl|T5~(D#$bfJX61!CK3&#V{kOchtWw ztvDH<_;I04Qcjcl+|spA7e%o~A+-T2DGTAH!;MBM*M=|XvMvJ-A3$2R7;t% zS@l_K49Ts-IJh*u%)Wsl?oc@RGV6UkvZev9Rb!UPtF*JJcdoOg^KrLh@S1~xM0g>W+Y9=>z{?jio zHfu%e+`sMAKnE_G>i+#o#f3m3}O$;thu()fK`0_2ftXr z@P)k5A*b?&kmXq)m_r_csC>D_UV``k*%7V4T`Ap339?S$|F`!%h$q~RDgwqzl%8a9NE36 zPc88vJp@3aJ#+)MYFtZ#sjZ;(3w991184~18Yxi0pj1veOprcBe@eQt^i9%kek$4A zy2cX4t`*JA|2{JMhR;z?>^W;lUA6IF=jH%9LNdaor3BNA&D<3~e}eNF>1qOy z&&ln%9FePD^me8V)8m4|uYaC8pQvHpaiF1`4N6`{2;Ed{)&^zGA=b*r-Be?0IBA%p zR9jE!Wp;yyP&P8=0E4(;?RCCn&?S5V4J_{GCG&w)Cf7z}*-??jEev;D;kO?@%X@A} zec87=cMXoBNoDAtH=!qHG7ce`I*FWb`WdBC+!daZKcjQsv#Y45eJHMZPm;{sRdkF{-bgntcSZ|35Ej^AtQ>U^Uj_nCHTZ*AWS6p` ziDg$Bofk7ufgucBFBG!rB{HGb`?JQGxZv9LsZudf*#R?<^V1;JpHGc2`8wKra^L*9 zxUXlIkg+_R`Q(ae;V0%HOb^dO@(=3K8-34*91sAdivdELMK7n) zyEU1tBV2d{l$M7QsM7)Y$%GvYlQtNT2sDGr(rZQK7qbJ%6TdS8rQJ4VcYd94(hGGsy;u)kg^B zHbDL?5q3ItvM2>cn@l;K_Xi0n_E(8jlT?P7bZQuWdIqfHK{`02j9y6E6`jjh?;O+L zwHzQB#6Bwm^t1idTcHPcDqG%g=YabJ5lVZjd|7_!HMgAGBo;ndL+UVX`#pqaN~@;1 z_FD^t=gO7fS(CI{)F`3S%{s_ozDP1V(=T#lX_5Mvh8d~eFoL(^q~UP9?+>c8q!Oxj z>Nc^R^C?5hh5f<C^X4KGxILWptr8?ZX8LH4+5nF^~K)6DH zs`Mtv#lpab*_~^^VE%xUAtUVlG<#+p7#m&$X8*R9upRvHSaGsR#sNgYj9tf zFvmna)HBIXMJ^nIF*^bCl?M$usWlr#0kL^oi_a~?wKWoUD5U&L!~<}KBYOksubgP< zlff9+XHO@YM6e{K9rBpCX#r|AJ(>*$)aD%F79Vt|>(ua0q9B^$%!StKQn+5M1}P-F z&o6eKwpTYE54Iv54|^A97e{Un*F+s1?HHHIv&ZlFnoE6%Ft9YB!071_1JtCU#BXZE=vL-27PJX(NY zF^GQt82G>f3`mVrR(7~RU0&eSF^O&sCC1+9h}Wv6$%oPN>few2y3`S~Ld zAH~I?Mg^46Ujf@wQYO{;N-g7O&g+R{oKY65)s5nmrk_*GfUOAU^I4Zq2EoD4+&R_+ zyGu@~#0H(}4u62#->}X2yX{M$G;3;s%`~0U%w)9WiSbM=_LWLpT&~@kvrrbj3~Ef%MMi`0 zTV&gNr8f~-Zv^R=gz*CNI70VNNHxh>VuoEE+2g6&vRe18?zHB$hEFGs=KH%Z4=tK| z>BJ6;h(f`ykXdx(bEWI9TFyNsAhN-@4lE@;>qK2q1K56N+R2sM8MVohl=Sl*JU62; zEtdu_eWebU#{i!>j4R&UU}5luwEnA|^8ad?{x6Wm%KC2y{w=CW+OCVhcb}`?D8>0T zt&-uvde~(Qi2477IZN(>07+L{HzSwd%`Q;9ZF9Zj4;GUT%4p*AKoB=IG&C^XPkME% zbUfC&*10unaJ!Eh(20nnGuk@u3!@L}p9n(=6Wpp`U609{-RM6C4ugnh(WjMuf7Y!z z1;eB;M|>VDFIgL}mRRc~OSs({G`(2!^Pzeg&0q|Zmu!qTM^^q?S?^u>g)2fG-W99i zaBklhw__3A@7eNV?q8k#BYDtSENtP-sN*Dtcs6kqA~y&FkqlsXa+PkMI@7~=f9`13 z*sfqxALF#H^w_j0d|%AzgegbMC+-)b7~V=iK!&z?Xny8ui)ZU&1gVzRbXB+9nuHR0 z&ugp8NX9$UJdYcX40d()np(h2h-!vfl7sVU?9kd=MJI2V&~!HZJ`Kf$i1OYnvR?a! zoWk!1zwcO!*#d!iSGNA$$OG8dU0)8#hkVL?0!x3+o9L3D9A7LPpW1RnM6=lFS=mX& zl#Mqe_AX_L3Jvl!P3kG;+Cexy*A-BmaFwy-b!fbGWFGIU0KG=hhSLE@eidy;&1sjk zDj}~Vak5_g}y3_P1;9OhERFDgvzNn(nO+C@$=mT25$SkgznoC#R1eg_=-rK z;Z#SLt<_{~pZmtdIkqdGMH(1cm)gH`h)6X&Y@nB z`Se?%dHbbJ5q{SnPM+vAA-Qj3<<)+ZiO^H@tpp)#hLm1t5E+Q^^+w4UdAvl*^o>=O zY>icEo$)HrXKcA}0yH+bcjq+W=_VJ(@#I`4&G{^J{6ucJ!NrdhJ>+oW#;RDwAW$rO zO`G(~ah}E#Y_wdmStPLPdPULesV-&iFyy@p;+;zfg4N@2wg6I{tP z08@L(_QkVd36d-@H{uOyH~8I{{`g`LV8XptSz8FA1~qXJ1;~CQzh2x;p0cL^?zsc+ z853+*KXXi?BgRk1OMCo)OYLeL)DH=qU_>ko)sYnJ#Fq?S!&< zs1@PQCMOyhrJQo7*?&FPF#A3!z`m^Rt5FsKgLVt%VsO7sEm2^kwc!jGAL$q^C*QSs z`;Gu6>|Rq@K;CZcafisbCpZ(L*C>y%%g0#r{0ymrMHL7TZ+9*av87t^!-V3o?xt^l z_rv7+9T&Pm&?{durKM&Jhh6+#=6jk{$9Q7^{<1`q@Pskaj)x=D!pu;l6gx@sBdJR9 z+SjO<+XzR9khRV-`7ySI`m23t^iFZ?ur`*cJ4^V=6gFFtdv-gVj4M4G@! zk+rSj&B}M?$^{Uqlrmq#N?~J&#(O9Lkn~JI55U66AM=rqXKi8=3p)g&q3gq%uPt}! zRHfNMdXFt8^2lax4_%%eIIC5xFb&YHf0yubTRGomH3*I09Eq&vo-fUE&Vc#EldJSW z1fc-C-7uotEoFRpv+h(Gn3H$+)T%R5lnL&k(|DjwYF$Q1Q!isTy_W_0(#vc4SdZZgI@xZVs!YC9QG?I-gmw1c*#oy#54zqrO&* z7JD%)3~(r@|art!w% z7d=uUdVa!OUjjMp7E$`4Z0mz*opzp`i~gG93DuQbiAvQkLg`Ek#6cxA0@tIrtDh z6A2XD*uv`c8&SS7NBpA=fo%2G1y)uy~&d1Ki+xKPxLB5(t(1J|)&Q+@vg|;b zT3pH1j^OhDxYmZ{zGkI*G~XS5{Oj3SBoCRVllmKd9oYb~8V1ai6y#HR8-V=7vYltPM3?B?Sv&4iyAjEn5B)*#7^%AXSfL(+N|$^bPc=_>%@4+|~x zgcFgL2M{I-bqecS1CYRZC*h?%iHBfcBIi|g+ifL`>C{F3tu8^AxO;fXvI1H>qQp_M z)qkh}PR2tL;08}!kDor&rHnXV(8{i!tHX&I%twe}gcim$q0o~IxE!~?&KhZ03Bml1@vVUltK7%+i#?+mT zy6D&M57tZ{PxPs7pHGcMW&s4Lyo~u@C)KsTj3QQT(7efOxG($)X{~p_%ejC+`a)=} zgYva8RSs6SMh({XpX^g@qGxyJ76kiALKDjRil>n@ujkzBP*OvnWH^JKitVbsCF?Dp zkbnbFQINU_4<&5S>A0u_i@OuTj@NO(^ zcG^p6B&EZ!QGf}isgm3^UUFmlB|UZxnPb87mTB9)A3BG|x-Xp^D)-{}9-k8dT@$+I zEO-2=)6_(e2*y}&4{G2wJQ-r72FGI|41k|zOfT>5eCNdG&dr+#Gb+S&el_oV1}~~) zI|l1fiuF-t5+MT@Dw_?Xs@_)oF&;bFgS(pP!&!O{e99v7!Wl5^W8Iru6YM{JypIr@&$W@|tL2D$iEN8r7?vRXmrXbJBV`n^R{C5Qr(q*m^7n6*B>Udda6f(~; zI*n4xc_U%85eNjThRIyGxWW^@C&)x~!yP9hRb0;FqfFVUnxAi+eR3&AXW`Uc}mZ5H1zlECW|;l!2vO zlB957wimfx_3mybZr8ieH@11$-fdbwnf?nkG`fu%v05aty2d@|{&Q{{=Zzg!XG3FO z`4_m!*4UY*;)BJ7uVN4d%|; z_QBHB+>^xe=;^r4ooh^4vkG>913tv8=0)z;q9eCB2C$np1Wg2UNs&gv%IFmt1{@a{ zX7iEJ^}hYCk?hu*D`Z*Q;1b$N~)2OtBVD`q>a6m1UO1On}x6066vr6OC!>XoFs zGiYkQS_$dVJP-UZLdc6YG_U{oyyJLcx&4#z6De@*$>MlypG%NSg`s)9d#0-eI4G3H=_-e-{@PdLL0PR~th958vYWds?(*FXbNqObpx0pyeTnzJKKLSd92N%H9amLZLjF@NMGFYBHUer;xW0uxOQ@*VMG=D0{f2sB{nHVkJiULCF)qHVc;a~Qlsh4oD*c(gu?7Vd&@X>kpADwhd7p%ep0q4-6ec%-fF=7w-8;PBy8(eo9{#4S z|FodnmoD93X8_5J@c@hfl1ietBMY?JVJ>h83ue?siH694plT;|(Tb+pJq|#vhi$6n zB5Z+LBhu2|qigYJmrv5mv(uAJRQ3LwR(@KWbz-CvM33My1^616?%r-E2Tp3Jvs@`P zN4OBde9!>@f%1Tmn>=W#?lg7;I6zVvIhEK`oU8?GTve|N>)e!l>UcZnPXiL+=Cq&) zE)=*)Dpc%ehcBbY6#NheH53wjXJy)aK}u`zd1;<|NsXX{m+Vf334#>sUBy-zQ3kc( zP_niO^IllWsI3}K_kl=+!g<7>WpjaERN!|RtMD$yJ93C;$Vh42p5lS;IXBIsiORVA zS7R^{jY}!Zj*>aC(%r+|!r~SY&4YS0mNF-%_kvh=_&s`qc@R+CCEhUAO}IZau!waR z%fw&5-}wWxCUH+RyOPZTmh&*Wus^PhUkXK|&9kwnn%X%_OI?D=zH@d%!?X|#g+iB6 z2%V|)HqC+kVK19HY0c=tCA)W5uC#CPBTF70H~5%i30AO_Itviho$7V&^{+XjxW25Y zfH45yM6D$UC^?>kcj7+TDfmkKrJ_U~G;HX2HHk=Ey*)XTWx#peVhY|HAEZ^;2c{-` znM1fP+BQx<=@ITX)v_=T&I(?u@MT7fVYV>Yz_iP~+=vTd8YY}>YN?6Pg{vTfV8ZQHh8)pc&)j(dK5(S151WBtjj*nyeel!M~tJQ@EXTOw+rLvzexM# z<9$;QQvt&?lwfJPV1pghCgLzZ>)vQth0`E|d<5h}BUW?D(Ax7Td%|jh8k5NEG1KY6 z75cX5IR-)pJp(Ns z$0~Hz!IdiK`(--|m6jWWm9V@PxSKKe_`Z60a`j}-T&GlAoTZ#SdA;R4L}Ql9o^&b5 z6dc{{zE@9|572pcQuZ?(JUc}!2wAvFgAwd{_0ggPu*e9m&ZMrc!K!lUcAxf}2=HU1YK({`rT=yQ)?9d}mdXjW_PR&ZDG}6`(A|RSY$4qDqV1M)mz` ziGQFqxxYvJvv_a!w>i3Hqq7Yr!iPHW;%#hio}O;yFD093aW^ZDkPJ0^jbF!%-sllm zEG?H}9xYQ=hxSDevgTthLF>&Ry(~hA0Z1&9eZIRRm5hj8Cnbj~&6W%mkF&X_5xpM^ z2>?h?E62bu>}LR65vKI7P$)2h7`rk0+qaF&i+f)GC(^--O6gU`9>j7jce#T$`3buL z#tA(jIl8NTbeSq;A$f0)%#F5hcgKeZUr#peNzTpAbj~-(c-bXMr9SKS^m=^bZd%O{s z38xPW6#;1E-3DNoi%K1+ZsxMiAl zvPL@k$-14`XLb}D8qpoohYgN{)T*mlhTc=NR@K`R-Wj-OlZjAKw8rXXlul>uZD6)Y z^_L#Ql6#1Uq(rds&bR*?{O0U-R{lC^gk{4PHE}HY&HMdz4iJ=o<&kJ_w2-bA!6ZMX=Z^$_d^>)>S8Iz zAmcBwI{p&8z3>cpI(MzOENf~x)9J4|79qMbXT~t0;C6wX=sbq&h+7IeP0ApU^QOsb zkGqI;DUpo~iItSo{L^Z)S}VL1v{^{p z7o5Ait#m~h%s|0m08JQGpq?XfNmQ)o$S;^2sx}$nW$pr!h?m%31q%a2wx=jY?>sP9 z2TJ51#irYhav({7L0IeTvqABUA)u{q{)?fUzXy%M|KjnQCe@*;Pt)XXFI0L4*eYzf zGAeP;3SNgiMJ95ZbjScMk`l1S9oss%9lKxGC?(kW4*49GD%yH6(aqh=)L;KWs$@oFr%% zL2xN)tOdy~E74aOjqRp{EjNg&%?!DHa1|V(mcZy#JA8}H=qTDDZi&7Zjd$%AF?Q|f z2*ltT3~z|X0;=G-B#h8hRWuYz_c4+mNQ|0+KLOOxY!Z4hV2x!e4AdD6o1C6HRR^>T zmT&x8+2-qKPiMt1ZVhH_$e=O^yBW5zWNyeLISeDbI1EI;j|K;&PlD!^3ZCEWH(D&8 z-gHa7Oms1nK#tyV;@g?Md3{k)anTX61#cVD@%)j)r}yPh_i_AgnrWl!b_o3A@ba?7 z=d#lcaWyh@{ZY2vhF<1$OES4F!lY(aJieGTDgU<4eB*7J3CuaYBH=_=u@%D2KU8Kz>1RU1Ewfpl1NT~R}Od-7mFgzJPy>jaSAMBMOd zStt<_TikY9>WCC$hv9@n^ewoa>%I*~>3(Jvj4eOEsqs$>p4l?a{juyN?7r{C2p3w0 zG!Cu}EsK@8%v^1>zWIg-D9hoLyWU3rQ|cXI+2dj4qT^yhD&rO{mvWgSigPh8WL|E8 zd4^+3H&i)cIQ%B?d%BBXMuGor`^x9@#W&NPfQaT}78PW2DMQcK`>kaBJcBX0wn4a2 zG7Z`}UM+f3f-|CDWnA1{M;IoDg0HK){cnipcrspW=DLyG8Y4*g?03o$p>p0)N{e1Z zu?a#&PpIcmT*(n060!y^pE(gC1k%>t@3{{KK+~7Y$k^`EKm1y zo|$*Gg`sOL{p{*%o2udFlPL+Cnw`zXGZ#JAjV522gPAY3m7b1cHO0aP;WVRD2mc=K z3tRfIILP%2ww2DI&nQNW%3%z+09rxapnCL38l0e7h(?G`2v4c*O$rPsRTL-wJ6hE= z3CWYVZ56?hM0}`_yq>Q%&BNvNB57r%a-I`;230(8G{wRkN~<&&qm*9y#72=zMCuY+ z3w7XR&^*41Q3yuWf?{Ubu@6j#v~g+d09XJE;~`IwWu6JJn8@z&dV@-qs8YAxlm&`| zSSb>uBpk5LzSbfW(Bvt7!&(v|3&0G?0PM=Xa?%(k2|C?k16mwY++wWbOS4Z>Y&0x4 ztFYWO3TDzy=YT|-jVgx#B(U?5&A=0>+3ffr4w&3d6^JE=f%~d5Cf;2t|@-U>g{4=*&x^t!7D!nA%g)&8?k$VcVhG$ngaux;tXc+4@8ee$iC*{|xF;?H5 zH`Xs*2@8>?qf3ama$_gurI>FX9gz6SzxC9*9Qllb26oQ zT0kWY=IYGruPLc2I4`NwQ&%whh|hO~Q-<;f$1&qwvIf3&d%3l+ zhEn*f2vBgiNNYl4wV=d&5EM&pZGWj-d5&3iDP}nVmB~b94%Y=GT5TdmBWV?&r=d<% zKVo=xD26u$x3p@TW!0eq;xH^vs=TuQbyzCXC*f%UqOZFzfif)fy_j#9`6a&1;Sc_I zZdPuOZZFbDv>WOw@&#Nz;9=5uZrePy-h-OV2$t9&GALXj;1&EhoCo>Lrp`?Zb*_*h}!EY^H4jk?lF+pSs0tg z^>UxLYla*%_@K?Qef7Cixe!0}nHW~FJ5cZroFhodktZvfAk#7a4XPgR@j9A^IRiOC z8qoUy&I~%erDaNQYK%lba+oQn98#TMQ=-+*_Wv3nNi`3aXER72<%uFiiT^_CMJ1E1 z2D8-)75?uXqPuhN)1AP>v>#Z*6NXOn28c{oRgrZ15C6!d{jH*YAb#Ke7>9rA+Mr;v zM66nnLF!0#%c?gPcp6WF8C2plK9(pZ0uG|#IK+; z)6%>S7tjZTS+*z})a%L;!emMpHfSj30p}+|jI_(4nQC}>c^k=MaQnA8>Q=u43hz;B z+D`9sH6e-ilm~jCV1NUQ9l*Sqm2kBL#6dW@Fe=W>smsjD0L7q@%c0TkFX=0eR>;>J zwq%`D@N@8#WJx{CpqXedrmlVmOF(4Ey(mE_k~JH=ljL+=SNN_?5D4I(j-4qkr&tJH zDIBxYp3nsK<_U9hinZ>4d2vCWL0%zt14El&()Zj zoF2l0o-q5vQb&kpS+a?I>-Awiu?r>eNH_45T1`Qa%ajQ;kK=JyI3lul5AdQ{_qPiJ zawXsec*aLB-L^iAR4b3XR4cD*mE1H|oVaU`g82*g_6#)m=nKX8=r5SyA|Qw9F`(io zf7PZN0m4@SaZw0tJK=-qG|>K;wVZhjMuf2U`Np`-jU_s6Ir9X7y(k@ch5n&S2s8NU_f9+#Da#+Q6&h$^4l|*vM-- z5RgZRpx)!2@ul1+Mxr_CVNQ)&SU%}tr96<#!qwnRwrBS_bfh^La}_m>Mg_w;q>fp? zwEp|!&%ez`(u!AYW3l!FgxU`8^dGc31IK^Y>i@g?%0d6X?L-9s-$a!vH7&;k{{PCT zxFnuTz1pUWscX*ST(=a=!6^xZtV&}LhAjPh$u=Pr6fA?}rJLW}|{31>w19jEU50YX#7Umx^(!yd1{5&>ORE z2Psa9HVj+dJC6H=JC)!>F76q2L$ya}G899qe_|3!CLH$UwTIP)nq$yyD@M#F7zjN^ zO@fE?EL1;1L72{zk3y)(eYQ0D>d>HpVSpLEYJ5Hr7!b+a>t&(Qk)GOjBpT$-p#F(r za}+uiL#S^-e*FlxrpJm~1d^TzA=GN>6S>1GB&8YlHmXRgm=rT0!%z+|xKcVmYM6wQ z%0dol*C$vvTNDW!jajXn`sY4hN+Bc_m8{={g-8aLG3tESFYrHGwpr3*^L>&u+yZzK-+jmk2wQ`I*w z>Fl`c>XoEjuc&Q2S|77C(xA`6x7hf4H}yC_U8{=p&>z))N5dV+a|7gs5b7@O%pq(Y zU%}J8-zw+ohoT8z$%2|(*H6IUKoZo9wJ?5#;>nU)sX5JZ07(tX`xVfiLlMLH=+nuA zW=V3_I7`*#;pC!(OtozdHIwg7jwUeVcQCrgMy3mg5{495y(%BFfc$3 zFcI#3mKS0S1;yGC0aC1P6(RYiwWdzln7!1L*j}I9F?YLV#}#C;8ykZNXUT*T6ygkx zvPY&P($p3?zz{zj6E}5alzIzJ+wS!AbhPp2{349mUQ!k=TwNOo9ipE~LNgZ#(+7b9 ziY;+CMvR!d8o?*FlA~K6SzHx^2`TfJmh;>a%Q?zz^UvxX#Y(extTwN1UKWTqK_ya6 zKdQdrI{~DO|HChv@%R1u{|R;ce|!~;%>QG~ev_uP<9;*RcedVM3_WsVJoVW9S8|5| zlSM}cN-I-G!-fIQKIjfm@v2jX%lnR}vBdBVT zEo6&DtmvI8P4_Py$)|&;7LAK!BoRqsJag#y{DE%OJ!Hnmj^4rh%xgl`24`4jFfG2$ zrC5zm&!B)@G_j)Pe8}>OBZw#mL04G|A*gB_2GNzB2;-nHMo17W@BIM?ONqk`?q%-g zx2;JmDZ|7<0KPTCtRjKEx-uqpbpkd${w0NBv_}L-W*Ky3=V#@9MgirF%fkdY%U!}ho$?FILwTVB|n>bjX2PQUgafJ-3yRZ&B4f1pt!l7gJ z41i~~b2>GFtm4-*g7t40lv*W7oHWl3swk0*3{s^MF=6<(vH7p_gp**OX> z1afThAqweopHi#M9MMN*rKs~5(JE*Jg}47MF-rmCC~qyLG1pJZLI`9Hnoyr2=q@je zN^nI;{QB(;Da=S1zY13$YzYYr`DGGhLRyhFcfUJNAV6FOfKm{k^R!T^$B~nH4Cgs< z$d{6A2lRk<0-g+_s!qm;QH6KCj(*N{;mU>n6oV5Nr17A)us1za0fgg=xJnpCeLL&| zfoAATdYR3Dab1iH4|CF8d<4k@l;0wNW;~-GOZ~Necfp>3AGi%kCk4R@M+C7;ifI?wgE)G4yMsxnku8Pij0 zVHD(fctAFY(4(XVyv827>Kg>If~0)#CYl?nl3z$IenWft`5^3>CL$c~!=_O`|4PD< z&8veoGYuqDg;YI^5k*9@LyIvaq2KGL5=`DhoeVsjz1bEq%#?_4h^h-D+P>~veZWS- zj!HOKq3IFz8}@y-rK$gG9b1SDYzdGUl4fn(^gl`OK*j??!Ev2^=ElUXg&Kb!%4FWJ z&Ow#60yi^AzBsoTjCItDnf$BkSh63$ z=L2pfEHveC;TmemmSQUTz~6M4t`K?~`n*_q{Rg*NMR++VFI*a3;ut_w236QHGS2(i zIxP`9S%2_`B#s4MX}G^eZLbx_!YiS_$xlSZ6%=#Z?;g}kw>jRHn^{@Aq%1;eY3B`M zJF0VrCfI)h?~If2<0BPzb+E8SHwPeEApYhV{{n5^*>!?N`SarD`r^iRsu(N!Pq1(Q z+1u9Af@koSHN#deHitJ)EDwNO*sl4pI>m5S0X>j4v1jbYm>00(u^!3J*LMpZ1j-~9 zKYz*v2aVZ}$3?A&bq0p*2XEN6oVQ5 zir;mhSUM5{a@fnF>Ph@U=@<>;8Cv;lT%2Kd@T8J8@-q1sCCz*mbh@kqzP!!jk6v9 zZtzwih0s?=WGs2!nY)27yq1#VncJ{P(Ok*s*(ox_EV^3rT;N}Uj#FPeYv&lRaY}<==t6E*`5sOTD{mY(tTA|N}%lrBdUWuq4&mE-5eLw3HBa9Ar7+u^& z8#=?{83yhVKz#guvV%S?{(41!S~_z|a6XyR!VjuY4X5+Kav zy3@ik={KW60f9K1u4uAFIK9N+YvO_||?mjn0)O9mURp!OR+UEgE1Af5+>HzJB9Q|_QG z$1zgCzYoJoUBf1hW0)9IdXFnU+5C&%1ii+l=|N`(w%wbvJ7dm9*#v zslTq$Kx3ZZc@f$PUlfI?)eyx!ArJ)gUJVz_bg|nRr=Bkrorh|!2sYV9DVv!0{7S0$jJ%TcFG}zd3H^oj-bsD zeqeO{O{K9m&u-K*uHS7BtVTUF%5N&c_nIwleF2Psk$?V!CSs!hPnw8@<^M2M%9w%HQwEm$xuIke{LnQvY$Pv0T!36X4s$#m}qoJeg#>XCw9%KEdp_m#b{x-UO& z%S)czr7powXDN0}pUYF1oc)ZP>RkKJ#-&+=V~ABKpx1lt$!LdJ!P*+W8HkNxgfXKw zdRwAa#7RRE7a`Ai|*o zPn1OLW%J+JjP|Y@2RNTr=zV1_V66($(%#*5{)rzUn1I?^nov$V9uR+;KM4K|rd>x1 z8|1J|bAM^4Lp-U*Y=aEA%7$F6 z6%9HfBj~c{PYWVi_Cq*aYkp_QKz*%#3|uOBf3KRc>q6TUiQEW15jL2zXbu2a@B!s9 zPFUfo?EcYPzyzEzWx!;$?SdV}d!D$#!A{L# zHrrsVThWT)q1ygs1@BBy>J71i>ufS^iRj44_}I7`vSa;?Yte%p!M`CdK(1U?UMOE$ zCr(8L2U%rl*Qi1cX~xnHzv!%5f@nY0l&mVVryEy@3Tc($1Oog!Jh$h@!J$*VbW9wu#im@%%Th={8m^K0W zyTC+75z1ELS%Z^V`~%kjAzo!S$Qi+SVXcFIGtY_Lp3p|^6FvdyF~lC=Q&j&c_g>Hj z{|5k$Oo^lg4AxXGF-z)|`8r0MO%6(MalvoA-(;TkZ}da46;BV%9MG2ivLaZJf1kRU zE`ubU5A;I+f_$!-Qk5QqDX0I7LjiY?ges)*=!vH?RTZc?#Eg-y zii#`;TtQ*Jp#VF3-a!33bT)@dwNEV(tIVyjjjM3AUwQD6W#L0*;~2C;K_bG{NQ5~q z`FKFb5~qDq=KMIcKlg1D7&QKefnrS{tTvqjq3#zdMjNR3u;TV1{fR-Xk7RPwtcMfe zyDxLstS>}ATRJ|SA6^!LZE)8u+qdCwazw8~2>ryA?of4GXN( zUj0TRwSGSAr=SxuU6r0Ox1;~O7`sg;*%l0 z7*Gdj^PT#87EwjBKqqvQb%E`9I<-vKyLF3h zXZq~sQnOqJHC_01eIcMa=BjcRUvkBe;){t_)Lm}qjiC}Td0e|q^W1?AqOzMwP_>Lq z7Bw)9KA;+ykp5ry`23_#*f5nIz7L6o(rAQ)^>R(OLwSElO;Lj7)vB z3!D#S0$VPkatLwz|Bc1JL zksHaD1F%J-t{h%%-7>jQR`(=iI6mE(g*%a1=IYE987*2^4ukFIzmbwBudIyG((K~6S0tDLFBwK zL6bPJD5@QsziYTzIqquwXL4hlE*reH_S@u5OVoRHbQ-!t4uhu( z&BvU`V>_@ubl#sVKIz37BFY9$|0n9l@e#m8Pd@=twV7^o)Q#co-ok~g2X8ByY(QgO z4QJ+j*IGV(?%p7zJf%L%T9oXHy~n!3460iM~v%X zdl&<}GsP$fw|JpXySaVGbwi@&W$PCP{OWPtB zC_24spj`{$h#x?NM@x^TcHGYBX-d*KsRzv~jxKvyOE&!L-Av$e9x5?Fu&tf)?}-%T zY*q3mBoFh@kR)ho40eDn$#NP{b` zsd8#!(gWA?bzRbmN9Vziuh1)r17goD)Zgn! zVa5B8^E>shOMN*ZDtEZmI(=Jz`+ZO3duI-cllD%h8w24^8&7_6h_C!A{{1MuWMVx3 zt{9Ej-Bmbu8t0N1bo7F=#~}2-8E48*qz|grx`AglbrAc+giU#e=bj}*u=q6JEn=Wh z&qOT>@+?0yA_V6U*$01G3=}zedQ@-9QbS&Zs@EJai%z)dASoRtAp$aof_=FS1~t9ii)i%86M8JBs9DLX0eyT4~QHszFPMNhuLnb|0&^l3~o$ z_p7-!6OxsXecAv%Jd%cw=jlS#H6xcxc-G{?arWJ5&$6(NyeJ|-s}N#Yk?4qlniA^x zG~?jxIc68y0dyp@{dW8Mnjp;}cno<1TWDQ)u{w5mr7~>G%s$SRyDVOdi6lUZ2jRYj_(R~xNqg`&~ov35K@8Ku_Gpau<0R09e)-ECaL*vwht2F!Jf_wTZD8kW z1O${gR!gR0jU|=vse@SHn)qnGLh8WaEWjJ0&HQJUXebxHaf+bKC}aAFvr~k zxZ%$>LqOGcobtRq&iiRmiJayuXDt~PSV6fotmth`<*!eWYMES-Zm_C9kMs9^xh}TD zDM~*d3l1B7cF*bfeRhwn4KGIQTOw4?JGv%x90udU*V>_FS_A`(dRAQ{@R80Z^=YM zWuM2YTrQhv4~SY~4-p{I^zpNKCQB|r&Q92Q{;*NERulWr@SHRwx3nGoP6i6J5m^xT zfLD$C#h{I~J)B7Ev2tM)r!0s+U%T1=qP3jJ@@>={>>qg`^7tBZWr$svvxMfnEsT6XXht=bK1vHI z=GR`R^t;vlHtW|P&R*YpS~RZF)*G7qO~35kMJlpTFrAKfH`ev);;yW5AjJq8k-l3b z$vziCiC4};S#GM=yNg=7RB$+G(zc@p2}KOpbXiE5`y)9}d8qe%QI2?%Q^Hj`oad&O zBy_>YjWERYpVmJnrvFf0U|{$kmlviqH*5}mx6(6erwU+(a5edjwrkhMvyMWx@u2N< zJoL=X@emgqn)8pwJw6dAlnIQaBhQnDdPrLNBzE3YB6*t%FSVa_4 zNN7B~B1i?y5=3bViLs~lh~D8GL|%+Vj8QiaPlgSae0*}nAR|NVt4Gdl8gf3~pM?9F zgoK!3%kZXY?H7IiozSv8u_%VAbiFh$%x*{B$dCs?F*)3jFw{)=he))D^w#eq>Uq>x> zyB8~M_Zswab*l=m=gP@ce(`(A@C(D|8pz<=Qofo7!+yI@v90awtMX3}sS=lgOd@La zj)M+U9yL6!Ekj0qhgsGm5ECtx6KAEV^8-1jZ2)p7I6&J*e5YN{XjM6{At1J+c3Cad zT3O>w_k740pzLFXkiuYy;=917`<+XVT}CEU+YBncKQczSU`_$7hZg5)0Ezs}M!5i^B;Whu z_OhO>PXZe;$cJdSB?4sT7PRLTN5$7ygQNCK{IX#+p=U!%J_M~kTWAJ-=g|&K!n!=C zqPkn(Rh1Rj&0#0}1m2;;J#wXCY)3=@e9=rK_RnCi3LU>OwXATb5y+!cAOTVYt@%2u zp~X2AvLY0_@!~EpIqn}bQ36sCTfI@%y4PetT9?sgRA4v~GWGi(n=xTy-!~DQbSXpm zQ$IHmmfch>V(~rG&oD*WoIquW=1O^pt!Zo(hB`fE*_Q?2P$WUY5NZM~C#-qSNl@lM z1jKh0`9cJ&-Y7ze<|GPa40S~jxr-iVu}uJHgMW6YLQ+dBjHH9wCyMC#rJgl+_YlYp zJkuI@ZUc>Vh=R>RM%S4BTH-z4S}%cNaFwf8_1I{*XhY5x)&>tGK&C20(=(#J1u{-C z$`wn%jxY7NS_qI$8v$W4Pr@|>v;Y$TOSD%43{D4f`Gt|j%1qZuLaU_ZLqIHh7Jl$F z%U`MC_U9!aE!rY{qq`3r;F~}w8GVdE9@%$KsEJgu3K;gxK(aJ4lZF|(OA39EPsndo zhn4yrLT}^8`4guT1S9|>rtwSPGYOxPX{Q8KpA3K)N)kbBAThESU#qyz!~_Wuj!iFL zyJivqGk>h(6FfEczCJ5n!jzt;7y|I@j33Q2%bQB5*t!e>$rMLEyxtX6u1`<}&li_} z4S`j)SD#Ec7zjIgx+x|t3%Vk#%XR5Y>#?fTv7*b=7_dGHII0k?nb^BIPI)lpux%)6 zI3hp*GJ~M$0+B?RArSiipxf^gVTK^%;30@fEARkSV(t%)5s9+*f%eB=QB6T$PAg%P z1y($dK)&P^zs$i3xu;BK@hTIAbaejQ?U_CwT%D{PoW!&=$mQ^YB6%hg^|yNW(&x=> z9YS2vh9w2Vgc0luuIi8s^un$B=V9Wq1q;+rgBiHihas*qm?x}tqhktexoZxTIyU0@ zO~YYawak;Sa*;;)9Rkg)11R|`rk2wJjfpU7#`;Yx6eN#=pefMx(=rtaCoY5`jSd&D zCS3@fU`l6IFoaQx6|r%_1zt!$8Q5{0+j1=xzy0kwL#u{b+zd3lz!C1fTuyp}%PdFD z4Dh?Era#cB5#0#sRoc?kMAbR-SUH zfC24Z0yI%vTC|~kJ<8$xLYYq@=*Fi%kFvlm?@uq>N@JVgJhd-j(y&e$@}Xee9>3^S z?XVHU*Fe}szn&rWN&Un)#R87rzARp9PEDaloqOYN#kIX+OQ1`^ZhElwKZrHZR-tQ) z>g%8U=_c*ky|$;=Pg1#h^jIFURnDnF?_#|pVAZ*EK5#gh&np*@?$&}Cy63ct!@N-w z>84$o$s+Z?2E>?BvbBWKk5(9bE-6ixZyV9W&Of*PwjW~73lqZ1M4GiEZ_6uq>fry- z>8kG4bv~RvaDZX8$yw}BXL&#eR|Y00nZ(BFsoD=K4>SzhcHuy(BGab`4-5e>NOK}(Oje;Og zij@5I11PuzC+>g_u>ZX$`kN&!fDZx8OhaFV7ZISQGI0(fz1gD2yY1Bq4?v883v@-! z7gwXR+%%+uA9FI1mnCZfl?Dzjs~f6&h2xHIVdc8*!}{DRs`gZ}QoZPeYP)f|qAex0 ztvcY+5Tdzhd$f6uQ95mu-;QTKmqiks&LK#zcq1%ZcXCo7?mZSV*KhTX8e?BZrGM6V8g>8ZYC1lq$ml$J-ZL)BBK?cg zCns;_3)FW`eVG08n*+8fNA|TsoULuHZo#OH_VmLVz;)GI2OQ@pF^g-GOG1jC9g_K{ zpX?J@L9l#hIFn%PI~wv&t#s=HF#)Z7JjpZ_DTN3$y6@G=3-;8C+DAe0_eJ&(kb+QC z!hcXC3>*yqO_BV+v>kA8u>T*(JO}IlT(M|v*x+!${l5G^wSOtnL=lk$3IIF~xTLLx z24Qkf-O|@zWPvcd18=L?1E!GsK0)fZFK>pLCc%mUyRF4#j2S3nrj#_)%Ia)#j6^4fiBz$FV0F zHk5>O33Uutma2>+O70bQCn3ZTj$@J|4F%Wk1qQh*UZ4{}OJ5 zD{Y9xI|_x&kY;jD8babS7OAqY(Wk$E5r#x)KqzTUu6%s_ToP~ignMky5^vg&Wn7{$IjpFC55@rC!#KcC zL~UB8=p=Ejb8@JNR0(S2tq7?e0-#hJum)8;x?QYKt?`V3jMO3B9WWDX*j0QRZgsos z!+{nU(4s+Q?4~>&XNR5Iv3Lih+9c1KYsZpWf8J-;-^_j64)jPy=|#0>-Fq|YnF_bi zH{+!vGaS#aOhG?T!Chk90`&5riMoq@n9xQ(0CpI$dWGN=K6#UdVfX|J#+aYFDjW$t z(zqs0cr1_V2iUD6^586KM?XxDavr^}uNGXPZp9=o0tQnX8a0s$lv_bT)*lA?Et=Y? ztBl+*HGz=~d|e)90k*l8KyKD?a`}hW3Vl(T&Ke-$4B6z}$3>vxwQ3992%{B7obOUefc9zR--IB9;Y598S z+W6Z2zQ3>a{W$*oJn~||f3Nu3yZL@%L&L`1aod_7N)CneO3{{aXKRxg=c?9)>_6NT03 z%db>C7QRrBAIA+&B2IXnPJYY2U-%kQ(TOez)3sA;`(9Uagn2!i;x*}PtZ|1azR=SLEkVcT=N+1JFI)eDc^ z6uMdp+6fhuWA((>#sIsX?n$u6mEOZ+`H#&{N5waVNIL)s1c(mpZKK&2V4yl$JKjNc zaIMO6$Ar!iwj-Wci=1h<=?dfhUYFg%#_p~ zGRr`f2Paf&nH`A5pji+bL8|~}fsEMn*o;}xVphhcxUw_(1xT6DjilA;!3*0iv(k}} z9;A-MSQ-QBrc!LBlHTl2BAEM={he98ZY;$2PV;$=x4aaEkD$ygI_Q|n^m%cqHthFq zdgT$AS}zc6!Sg}ISNy=C(VFiKy{>gV^;$fXHOD@m(}Kx*`sLw+DS8-3(fkcKd;VP+ z@hVt`c?0s>G1M^pEZuGx24Zn01lGYgMC;l$H3FXpE#Ia~_!@uL!!o+O6~Y&byMhvn z!&HB4Q#ePQmI3S{r@GDeAds_sJ(In=+v};N@6Sy#X5tur)}cnfz*ovU3^cn;-4exK z5AvjjJA=)mmt;y_@6eU{o?J#n~3u*)u)Q2n+ra$G~god*aiIlG9u z*S-&h{p1WIAvy=R;J4B;*T6Aw6yp>mbC- z<}7zWsd`ylD9q)i17q9*Z}=7b)j0JwDBB_kvx>n38=dU@&*3OFVnFwZK+qBL6^wl0 z9%~*t9v)V{Ku;h4#_9+1I2!&}ymQH;05dgj)C2diJ7zP90Hx*=CWXs#U4LV8THiK^ z)GhyFxCj_)3I-H$APixip@3z$_py&u%y6^-wP-GYb}S@#DSf+;x~RENn6J1*KV^tL ze;FmWbZ(VkZn~7T!K{f;32o_)r6ZYB-zU)KXvuoAz@*j?)jqo^r6Y#QNH$Xxv|Z>f6f2J67Gj0id4vV*a^8#2vBroy1n@q`zJ0OA`&=j<;(%=!D%hjC zS7lexSqLgK?R))rB{HmgdOb){qDQ|AF<+q%W*Pp7|F$i>2DrO(m#z;7JArhSVzGD<3}3#KbC0cI)UrC> zdQtn1t-F<6@Ryj!pCbbv)Mxxhn8nDi5sWhl(!lD(^^O5%@I(uZ27A!Wpyc8Nw1#r+SgKau z^D2<#vk32$FB)|iW$>kM=vZF!3P5L_gw_)4OJ-848E4i3^ZCAm2-vEaB?3~D6ye3{ z$AXqK`i6IXGdy$_LiqeP@}8fd_4@-=$mVca$10TLC;r^!8AT~30y5E9p%#Cnbe#Zj zF`AtNV61x0Kc2%>9MyuB^q}Bia7bu(2N1^1V>CTqRX5ws6Cp+wqeTjGdBG9+ zrt%d8tIT6W3ToA>Irs7vMw>Nx(V_xoL4~rc<|w++nnv;!dRv}^JMchORJe%rS)){g zgW+I))2jjkxIvghc~3fFDt%N@qKx1Z3aBOR;1cx=gl5+iG4E;b1N>aE-MCB*P^1OoV!JE4K zI87*9@naiQ##eF0)7xb+nOi4rVm?#Fx?U_EyaT$v3Us@D23=!VAD#kx>GG%A?zT7G zY%Mxln76gCnrNdmQ-*`23YLo$F6wF6y300t{IGxCf<2+i8iaJjYFi=KIvsXOPjl7Z z=4j%~tl&AP@`W7B;hAmM>Tq)?$u*qKp>*=RVsMP=7b-dZ?r4?m4shOtBcdsEBAuXB zW4pRCP3H{Y4{wyS|4|HI{F&jaIrVGE@1%f3ETM80tR(t(){dZ+S_07!qWcf`xA{=J zH57kFc-2CS*BbO845k)B&m}ShQ8Ugy5n*cnPYmpW^nSw$C^x$dF-|gBqJ#yle{oso zjOS_%H&+Wys2j7K{&y@ny*H)Yu1j{)m`p60IkFKi)FjS}xx9ZO&<(wl3~=w3;pLhtV464mU-=CXU^c-I}ehBJtt- zkDFp3pck(Ht7D8DZx*w^qfvZ%#OIs0YwF>`!_zMeYs@T_K@6F{2} zIHIFUC~<(fr}<8)$M`cpIC9;D=IFxuzK|sLnL%K?Z$o_gu=M5i$-v|s=O%T0`~3Hr zcuQ$g_dpvTb-~B%4olk}iwHb-$LT99`kyU3LCJpi%lHNU_NMi^g#gG8G1LEPi|?(g;roym|6;w-ZP-BA9_0s7IYeGgjr z$DFO7i5cjWP(PV*xn`gJ!1Lu3AN_|t0P}w``221RSpTP;#aEhIj_0fhzc4ww9sT0c z_{s}na>5cPEb;IKrmO|H17O+y#8i~Yv!fMP6De&g!CDd1_gU~^^ud;jFV%`AT6Q-W zyW6{cA*Z`7=Te~HMg#){9uOpAQegrXkpPf6=GRRkj27Pr9|*x|1Y*KZdSCB`)anz7 z4xu7T9U8KW6OyTYt7h@3-3VQ$yAe?TI(7nV`J&i->Qrt$uWwjzrPu3FfCBl7-5IY# z$6mKEb|%K-zO5lS^wmHA5RZ#=m>-MK`oT`{k13x{y&4KY{bP`d;cqbri(BuyqMI0qL6Fp5R-vkNCs0qo1`#bqxAwtEW*v%+-*dN6 zLV~0L)FLcfRoLET!rIOj)YK8FC}a_{0|N&kOvAVM9TjtHykn>+C87yREk}Q3ibMy_ z_U0!1d&*WRA5LUV#~1#MSQoN-MTJFD)9>Bv+b!kkg`9>OXdEE<5KMRF2^_;Kf)>sb zCY!8x-$YmQI*WB-MJ_GXkE=U^m|61^tkW4h4%9{ptkbk|{$v-!Gz)7h-w%~~I&NS; zf#Z*;b(OlhE6%HHP5m*MLd*4hG>&FMx8zL&2VySZ0S2+3|5XCU-44RV+WV_3byRwYA2$83h~!C0yIR5~GrB&*-(?kY!4;yIBz zB9y(xEm7Hxe&L_l!_)janHEmE&YewKQ;XRuPQU znqiTsr40#yul%<)>&!4qt#yw{XyJ+(n!!m3!P*skgzec&hj-GU>Wzw`pt0XM7q?1B`E z-;TCqJt2>h9@r_QS+4;$Y9OA4Etq*wxSb*D`Gs+|w`J(1Ofm3Yj=)_zsR#2rseQsT zpT02`_p{un$pfHKyw5ENZ&uuUAF=_REaf zgyoe3xIZrvF$QVCrMpjaPvyTAz{O9gys6yz?5RcBAOT^WR>TyKfU?vh@C&O$ojL5C zCl#2Nl(>kUOVWl;0VUys+1BFD42D=QVc~?&8FFS5jcLfNwl;T!gU7}d8R$b^y4|Lv z>X=z26&pYVZ&ft9$hsQaz$j5!HM9EbrtK&xcK=isfv~CS+inIyUqPx#J&b*cDI8NQD5EYveG0`V_; z9O}grJ97#3s}JMQ6|w*Vufl(;-Cne{eb`hbA#-AYRIRiQTMCZMliM0Zg8se+=x(T8 zt2Rm|zFo>VLU!z1A6-u_Sx@Tk2+vKN5+kW@J>SDamiJ&fQ&e=}ZLoLaM>a=CsS^xq zm9Z9}QR6jqh* zezp;@A*NkG;h+Yz=C?KV+=Hd2S)snxSkS2;Y?_L=p=aI z1(d9$N4R41P+k% zG1lRQmQ3xlBTBhmkjK}vomzJ1plC*^PFTV2$G~>snojx;aYX_@_@>Q45d;iBZ+cd? zw9+)8@gr&M`SMn4SI>XsQlOXM*t2ziIs)^KL+!E1DqJGv}Kz~ z2k(2Wt8Y$w<7bFvCCDUwwgP9qP*grWxg>)?EE6Ds2h_;&{W-H5G?(BE7e4)Z<*M7u z8Nd>jw*j?~n`ZCGJbF3&XL$I6Bq?kpjWnQO7*jmJ5I-&sKc0tD3QsppgcZ0Dx>|2$R_iuN9E*ZPUSPD6J>UPrr)J7341{bS2y@F z2*aqkhG$?&@cWmUPVKjWtBS=Hiq$Ez6QxU>RGkOPe@+`%T1lGsHqSezo4R+(n`ya~ zD;X477|bKHw1hT+4&VW?2lMi4=%&VbJNa4`-DH6P&ZXu4QvoyStvyAg!st&yjWY8DL; zIhbAE`4wh9&1L334ZmxXWbOs3vDcImmtTGI)}3TZ@{vcgG`lSG!ezrv$$)Mz72lf` z>42h>t3Tu1l&yKMu4pfh)=WVb{CfjYte~Md4UvFY=+RAoB8O^qd7=Tzo8LN@c5ys< zqwiP16!^K59V;s5HG%QLN}|(kERBtq*UN1j!HVEKpHrR^sx$P61Lb252)B~bu|y{p zJA&zM0$0jpM)AJa-fT2NG5ecfQM`z<`eJ+VQ$oK(-=iF-@QPiz^kYbQm#)fn%~Z=} zW@$?Ao3L+16;`G9hi2pBkt&7ug%CX^y2dncz)0XfX|SHqFX%dZGn{x-kuLEL%9#pb zgPR(+r!nl#opqDr@{&JpF`gF+luZEjc)<(7MM@4_ejx5P!~yqmGWM?Z&PEzP3>7|n zzkqV)mLPSa&U2zlmDJd?I@V#NxczA&CenHik47SJA@qYYVow)pq4X-Gcve;9uGZ8$ z25dqs0I2o(-|6aI#CtVUKHa<9UZ9NC7Tx}pV*H~5|KDi9|Lv{+H$J80SZ><^KIo9= zcNCoKUs^k@jX>0hn#&vTf)cPnLID~9WZylhb55sA;|ZT{^|%4R@Kr-x;iYJkeQLpa z_?P&I4&d;Vf&79NdW6gv&C-^2{Dh*KsH0E&O1d-_CIpj5?ylC3KWg0VCXD)R)==mi zu|%G4`qbD+e+^0|HNT>XC0-NCptV%XZkOO#PTl$ z4jUW$zb$aORW)NX*?w3BYwOn0+`@hYPM(Hx0YrK+OdRM!#hDT~!YtAHcrjm5_UEIe z<7tqTiApkL1W^1f`wlx#ZZ?R&r(fSRc(bcm*$0^|Ya!gN8N(lFKWQ=Q5PmN(Xb|ZU z07fUX(_dkKb~72aibfMo&eGr&_0OJP4nSpv1;Cf$#EBq)3`6kwVSIYLcbVN>#$-5q zXcrwkS9S3_Xc||<@`CBDPpQLT8cR&!D-EOIe~cO&<3Tct?p!HgZRL?X$#AdP7Gzu} z?@@o2Gd&X7Tl^rXN196fN(8IsJNoYMsjrn_$idowDXoQ9>Qf-h$`}AB8f)^b2)g80 zw-C=xD9)TCkc;9K=XjzJ5~rp0S8!iKb`cYsKsA#Y>~ZO9oLWy9Cq-aNEBg6v*Vu!U&S2*nA^*kgsK3k~rbSXS&?QeqEOq($B_;V!JaskRdHV=xpdq3X1+JODD|0W_x zOX-#E&2ErBJjuY|#P=bX?uSPnF7Jym@5?jRU7#9Klh!Z&i>Wtyp%7@XH+7EulacP% z`Cl-92Q7G92Z&$;i0&?i3vgxM;xIrLPc2S48i_PO?kq{JMv;Cqk&bGP=z6*gg!CWn&_#n>S4xu3mPyF$zQXedF zKBkHYoa;F)htPe0oD(!!?7LU#;cPZ!y-94pq*2k=owm!IRFgHZFgA38q*Zh_aB{aZ#-kOnb+G=)aqzSL zXAOEtS~(?QH5w6fD`OdbYhyez8d^gKcRMFrT{bgaU2_{lD;hf^6Y~G8CZ}&|EaPl# zVC;bRzpoUxF|idgH*~^dV)|jPro&T!q!kdbb;HyAhhSl#XJo}=U}VyUq!o3rb+-FQ zrGG?G{ZvvgcC>YNFf?|=36xpr6HQI0keSNN`j zPp^;9j}0L%P#^tHV!fG={njSR>*K9U^&&mRv}o(f1=rBMI0q*|`fj<>L)pq6hxbo_ zE9$Ka_b^J^(fvrB)q7k7-q?qL%wUd2(W~@fF-Ifq|rl2f!mV zrQ8*>oD*Sd;2dj~ID#2CO(@xy4L4}q+ZtJyBE@JeaUVNOtZq})-jG;Ji~nUJ0M3Tl zCv@r4vYsnLwlTf2!*u&W9O7pCSvu%^xx1mZvZmqEc@}avUgh7TH`MbYw>iCKPH?i> zeype4G_j3#k6GixHvMR0W7M)PdMWLD7@d2Pt{$i>+kFKGe1bj_*FF1sRPKP4!d=Zf zXkszTQ~~Xcc&(fFMUVl4&>#>o5QGU$b+qq*!{}wGa6?MW)?9D!maojnj2=t-uErZW zq#TH54uJ%YvJ^NS=r1t|*LDM%EBO7P&vsoubyhfwRm~&u(YtJ0?{UFHLS~Fx`E6%m znHyT!yLNefqMmiT@47&cY&IWAvO+K*TvH^@@3vGx7qhzy3)LeVwhbCdNXeJLtrqWq z4eB2*VpGFS%tcrZN)id~Mdq5+1#U3Z_O~et13HoWg)yrZ{3|T6R>(JSt|gajV|d;T zVhNRv2y8(97R(JK=rj)&Y9%F`fFochCV_^q%n$)}n(@k1$kPhbYu#_wCn+hmhLCW| zBbTlxin>|bZ*o;^M&1ikb5{!~CkGI@H7(%)!FqwrpAEw*RXb%bgnybA!@(NHfqen3 zCt$18v}Z((J+XUdQ;6h120B|R9tOhzh)Sb5z-W07&WoF^7|9LZYAs1EU~Zzg55x)2 z1=*lo4?a=MKxq@S6DYp87&sq8ak{B&)hf}j=wc!)C<-_2*PH7HO$YT*?eF=?N}<-b zHuTQU#6_>wm>+;^mNaTW>OOkgr&AQ@S=-(Q5Ux_dA{T#Y9|vdSJGjDt`tfRfWgkY4 zl=UgLBkqd1go#!F9<2mnU^GA!M7zj$+1Si(8#|2omcEXQXUr!3r6Tvf(kDgML?s*b zWDG}!NbmRh(WjT|#f0teg!rmJRBDh0H%AY3(R~#_bwoq`05}SEXEI5kYpG~_SBg~u zp|<=|d^`*N4x;ge{5GVNu(Cw>|0dMn?TRXNgdWAe`#?WBykOI@)*YLj8HSAXgL^ zD5TFFINM%JYhUg}k3kmpYw7MqLO|m(^J_p#btrV=OrKCjm^vT{55e{li=MOz4Zh`! z-J^unuLWd^Cl>kw{!qs%X)+H0ups0@%&aPFaWd#2#w5e-hvU1e==At zT34%p4Dd$08(Mz}=JR8q8vqh8_-Bn#5Lrgj)hKX;6$iSl*eTD%|e1}x+_=K zfW}?gnwH?mW1$X)td@iG&FV=`Py8^u5Ne9UPuC5}CxTA&B!_7sobMDL9|9sdLq8%B zGn66>O&N>8w&wXRHNc`rp=8r=(o}K0CYb(2L&mSPfdTH!mRVDf3mn&_yg;`_bo;S! z1BMz^wP3JGU{CV8fW&A7UtGp<-TrEj)Aa$y!cn8Ha*pz7zNtD8SS`Zlr>sOLRnSf5 zoy0es?3Bjfq63GYU{rgFH3#=L+@Ff$WKa!}B~V~agD$Xz?vUm1=g-${$~Yj*We@+g zhxo{@7QjUs2X7ZV<;0Uhag8+>~fQKoaT?6=Cv)-3a-fP)lNY1FAGnLk4zSE>99|;3$$|8^oGK z|3`ENl*+motcywhuHjrDsc@y5Y_y=WAgiT7$|x?X409qS1mrlm9J68>voAwke=s1H zOjH>-5d*@KLk&I*n^QSSD~2zfVk{w{1!)2SHb97}ENTJ)PmvF6jKq>InMGLcr~~>S zG6o7?Mx#X_Yr=Gb6AN!f6Q3phpjuBn3SV?w)^8hHkqjb-pv-AgA!oux&9fx}ovtPy zRtw>6DaM|_AIW8%V_ui=sDi4P09B{LM=b`u_FG$L`8>?t@*OEQLzfhpjLbT$uL zX2C>E4|faW;53~yOh7kA#~xb7!0YQcEH~yn2JPHA64kQSR(ncgRXFIYfEea{2|11P z0##m+j()nKynPRrS$!+V)nkLeu=?TR>byp{&=c#Fo1zVOaO||4DEM?`8308yh)~6vadtMw>*)<-8!NVNk@+Ko|(x*Bx< zL^lno!uWfg$h4dlR32{Axl2t)(I1{Vg{gheIF^-LwRH@P;q zj*JoEw4{~isKL(YHY=naJV&M9E+{dO>*RP_ zn(~@n?!fLqe*+hzhW;xA6BFxykC*#T>)MYJ`JWo;j}GkgquA1lSpDdsLdJ%+M#lfp zI~|=IjPTck0(SKm)`9)Fi^PWU1W`A8aC*s- zI{0=^h4Ld;%L!0{Dc7XjtUV!_Taz%AcwW>C+P)#&nbeJ3Ug;akpvU3Yw7k_r$n`LVG zoetF=?}xyS2s-A9kyDmYb@&9Wkg+%KU;OMa|NK|{U)CLZ<{ya0Kd1k%`oDguscE~x zg6#8LJ4crnN1t|-y(EZ>tbV&h5<^N!9?$~cF+|-_ZT_cC^ZnYDY^@$yzF{%#ZW4&C zK{|qK$F+vY_@eu{juivjIIwh7$`cb*fq~ZZggmM#DF>1)VQ8|ZTa~BZ>xIPgir&mn zYan{~&nWJf2DGS>x$np6+4<=3^xfs%U@6w3GrVbFFBpi2LF^_>IrBo2rz$R3?Y7=E z=6a4Nok3o=Z)6TGHw`*sR{wi%*XwR8piX#r<$gjQL5+$SN6$&VnHT9V`iv(R*9*3PO#v9?#w<@y3Cz@*04Nk>~*Y_ zje9gGOYMsP=WMI(y(Zq@bL*Zi)`0d*c$=?3nsuxM$e?N07%D(zCHMCS2SgJ4<|%`e z+?m=OKqTw_5NLfg1Bpgivx(zOQ!|UJ2o!6L9TG~7c3i(Sor1(4tI8uFME0nn5~h-2 z&OXh~b;=IW^(Fr7&G~UkG`QzvABm=_bJ1Rx30LwF5L{o;<@tQqbx{XZ@>{ojDCjI5 zXO1gmu5M1whN6Nabxafrm<`3L)RK31Tx3ce@r?73{ep*;5$u>gV+$#OXjCs(pK!^7dRgEBU-t zna$IT&O$kPUAvuGu^ln1+tK=#r}ppbw0aK>#s<88NpUifhtUVpm&qzK$>!GH;5}%H zaU1NJAC{@_K@V0@yh_S;i9T$e{NO(41aO zzIy`}eP7W+&KV&k6<@^?SZRG5VA}7_Kkz=M4W6woP6WE7vmx)a3vc;-S_s9N2AD#+L3C}sMsQ87$sxVXE0oQ0wF7a=KarM`9oJD~ ztdV8+(TilW!HLd00I_w^KPs<8{6>~Fx*}~BjgB-UgRgc@!Zbyhw5aVi*ykZy4AVm} ztf*K6i?6X4h+uz)?d_DKGgM7lmp~|k{ktD?^Llso4IXd`isYmLx~gm&RkfzahaP|U z+f*#Lw~SZ1J`zIN)gcW?BK&Myy)yTnxwLg|h)GnayqlO#fR54~DB^btYn-5M13Q*1EdvQ{WxFp22cB~)Vyk*v(Sz;cBF_U3 zw&MBNB;|6=3$POAEspg54=*-dCDb?+4v46LT^j+p>g4D6zRB&;rGvdTq!Q0{``5G| zJI%|}C%2Ia*^JFq($mxZBuM;+f7aB=43CM9p7q}y zZ>BXh9XChneNJlo3O@tdcNA)r!l{e=(-xqb_I zRLS|J)Tw4QB8^otUUePJ0hm9Wka$$xptxs<#gMij%pxFif+7N!#tRPpHz}aFB?2Cd ztR4`?;+!b%IO3BAj6pwQ>?mHc=az(TaN<@FfbJ~YbO`ccdPL1`sETfu++M=tCi;5) zz>4IDD)V8!MAw;``T-%*Nk~u1QS40qN*@cNK}O*Y_~i%48*!~mBn2ZuFkp#E2P@&0 zgwV8g`X!RyTM~Gmks912NWj2|$y(DbF+htd0FVQ5r^4s4a}dokW`$r!Ygp$^9oB*5RHXrP040dCFD{;3-UC0Cp;Y9 zAqf+t@38Cbx_AV5JZ-Tt)$Vt=Y1UomaMP}yzvydU#C7+y$GFLB44kqo5RaUrQUOeScjU^B>$apB(w{gz$9X?Tij4i$grjw}|* zu2aqQ$j<3KO}&;`P1LtK_{nnTYw|s)Q&(y$?187q@)u+Zsd!XRP>Gg0gF>3D{XUqn zKxrZHnu&d)GQgX=3kULL4Gry}uAPUswo-W~OINAGybD5}WrZdAuE3vaXJtZ6RUK(K zb?I^xkWySez1TkNv6Y4i5Eo$$ zLL2hhwq8QnfFuog1$4({K`A6t&6PiVX1N|A`{egm+LfE$56}4gs=dw`H!eIGss-#4 zo`rgI&mC&a0Y!Lv9TKx^3qAPJJT_cKYq4N~{wc46U)1t1O$t+!S4%8Qq>fcP^1#Sw zbMNT#A$MYBu#eHfGb?iXZ2VTfE|pfbZYp}H*?x2d^g zSG8#JVX97v2MY`G^jVsF%&%_C%u$&9FUoXdJSuCVe?VRFTN zT7DNY_;`4hqZLpP*bcJ6cqWg8nTFjVz8wM(njS@`;77#)I|c}$^v|J*{c6-3dyr=I z4H_V)0JL??1JqxA0|m_j%s}+}VP>tTkvE6=4y+wQ;KVA}v5ejbGfA+K9lzD!kUXE; z?ouzgA|XnPeuw{75nU8=OS-2TaE}1wtok)C$u(oHLZ*#L)$6K8FAYwLd&Csk?0xz) zRS`!_@yJ%HPNgPU^8^GqkOp&XFVo1M3SR4;f})iwgX@_f{SJh`c?C7s6<%BwO6cQ- zq@U~F8NN$**1mL~1{2I`Ysz3am61+Hl=8G4nLZ_^--VppaBc5udvHZFwv`?8*&W^a zj+5K9i2vnX8rVYoJ(&%=E+xGI)|A>o9Mc)=_W|VyoP_m2I?NhLY`iW&+5Xz5TDx*k zqOMz8aep7#7G>BRb8>RMKmE!M&0OF#R5?-hi=J@c@2@rWG7cUktdKn8di6$Aon`aTK6jxh{hGZt+h>dnmZFBpJ8I9^6^)lkb25 zE?cHxVVqOnUX((x@OGc=TMO-_xLs3kHPW+!X zc^z08S3$V^q!NoPf4lh}PxnT@JYNvr5(j2|IvtBXWxpP80Y1m8>v17Uj_dR)E>{S2 z7v*wg9In7r>$kp&k+P}r8SokN8S)w91skUD)jOnKq>RQXBvsTKCK8lWsv3Txu_~$5 zjsN4&OoDStRijZh@i~>c={Sev%5w?AgJP%o&nuz$cpw*s7^y2|@%^#y(B1QeWLW-U zP*p?wZlVl(FwEQgftbxQVzC7`X_^KSL7Vd_?ywgehw2!?d{s(&?ZVVPt}|660C;jb zy8L!(%xutmVwuQP|~3Q9RjsVby7k5W*j8vj(T#XhDrAo;sO>8h0DniX~j=IMqbi#9ZG_^myu~y5z zdX+CY&IX7b7yYZyk^15Ll|BWi_RR*jsnX4QXovOoARTQ4v&PFA*$t!@hPe_%c74B$%%B7jdAkJEtT5C_= zOK>x%Q8uXJ(W^4_qxj?iU571J>QeHlF9Nh1ay}!w4WV3yQ>^sF7m_-rIkT=gxG7w zgq|+9XlS(X5;&0Zhx;n-B?)c^$4~O)=H*qrfAvw zzg4Y89e%Q2{Gw5g9qeo)GOUg3j&HpfVj6s$R{68)a?^C^24aX%8!}FdIw-uO1SQ3` zRy*o8pIEWlP+5VmXWfMtT7nONfevPOw@mW-&Bp$IRc^s@K32oR6jFg4(RvW15og4b zhE0!YUUy*uxQ+5**w_|m3*{{yXi#(uaMz&WlsI9%XTd6wkS{|z%bjhPb>%*Cx~=B6XXMf>EYbKy3#l6qmA*pZ6#J{kUbg!4X0 zJy^4{Y*K$!i^h6!#3ZvLrTmZiLfN~q^8VoA?(v9jpm*O5w6_+GQpFnV=AmP~Qd8QZ zGCPbSJzs!t!X!-bh)p@hGx?xKh4=OWNw#-%@!E}GsxE5@2I(gb2+s3jFhyUr@^a@{ zi4H@bQF&7eh1C;{;W$9jylrS;*?>fOGj$+DR;LZezL?ZM><+P5(mz;d&Uj9Z42E`akB&ZM>U7C&1gO7PCth`Mdg`N+;;JpX4NiN=w^O(3YFKN-WfX!cmuG78)zUii z?NNV`11{;cQ&MwgxLVc5jj6Shvf-Wpp)Iwf-iy5Q5I7<75XV)LTZBR-qQ?v_q@j?&>UaHQ3#JV?*kOU=_wyl24p&kSePf{ z37TuUX}PkZq!K@SfT`e9f$0CU1L1*!zb!HVVvJj4cKWDlxY#9>LaH{D8*7+XXB<=d z6E0oOD>#b{Ek%NT)GEe*7ryc3czdHBZW{1-j%@8Iv7hA*^7ws3cQVck}UZ{6&~ zO!4JxM+e5=1h_sjJ+3r0_xg=9q0=O|ESX-bR(JZ1d&l1uzfwPrfbBl)D>Fq?4Cs?FiMnB1EL98Y{=+u`(8BKeQaSb|_mSND7g z%t<agg!hrZLVT@e>n{$N>3L}MK#kz zcxpIn$+K5DtCFNWNn!inUQgsp$$iR_qy;(qu&DGt4?1LP*gUki1B#t8di>b{E`Zfk z=Fgb$gb|A6(w^%z9`9Z1k|7qH&9o_#t>7iBv8Yden-%@Zp3?hMX zBlu4fz)yV3zik2-*3^_e5JCP2(nc9#4K6*qa}Vx-^LFOc8Va{aYoP$^H2fEcO-jXx?rfgubjf(WAI zq~D$lA-sc0Wp7KjRM+HLK6Urz^lA^)yEb?G)n0iew&9K-VEC@5D?NF>_4JP)V{ni{ zT$KlTK(J3oq70|63piIK@LiSyc@Y_$$)D^4TQ;`P=2}1zD*66i>Z9afBy|Tv4wy_10ql;19AAA1NQu;?ctBQ-8RY~XkTtxS-KL|G!U_sNhDDO({&t)xbE`gg1_ z6Sfc10)ihng(}uc?NV6)F8xTsn2-|2)qfq}TG>@xstf0~ulySH*2JB!lPp`N zy1|$`p*Yb^G3!kMx7$rY+eJZJq$R>Uw~ykrFZo(s#rl&} z@!)gd%4ZcUGFwqE<1e}YQux7mjj;bCwi+C$>9xY{HfVrcF7lLDd)}LPFkUzWSE-oZ zK6bbLfNC6;M4Te95-+>z2qO4vy5rwtKwO2$T!ihmW{MxSdz5%P-_0G$x506n3>3{} z+}E4fr8@DC8z<9MY!`enTVFZslEO=Sm5YmK0{=mOaRfG8@Z{XY!-umw6<-_D0bID9 z+G&Sf(cp91M0B8ryH%76AKMJrku`byxyffLmZ98Fyi>!x11L^2J3KvSId@dL>!&+y zLKC1+d$crq^#F_phx%XngfW9X5UeO-6r^?Kzgv*WMuyr~oTuq4vhi|;Wc2QdEl9=S zkF+jz);Dw-hmXLhuVl`>*w8UPe-i?p{`Mo0glr3{Qs_|S;N@TwD_yJ8Eh_YJVM>P` zB|#;Vj!PPXfO=ZYk{GKfb3A=k&@+fDKIP}g$l%H&GFTFiFO-~99GgHo!I}Hpx@hIL z+88E_EE>g5?gCBg52qfi0rkPPCHt=Ofc~^s6liD!;W36eT2sY4b<%zA(!q#bJmN5m zv2Vfe;`hh^IhF3#SckyvdR?1ggiim9*1p$@g)!JZ!GLb~GwSWwJ|Mmg#%Ft|I|nz% z{;wM$Uw0h>b=S54=LceQyE%kqn~A@WIJALz@-9W8UFCq?rqG^Bl8^v*Z|^d**vgR{ zW0?yKf4G@eVLc|g3SDZIod%M%2OLHDyCg>hYy>`xH1T39hpNZG__^^o*x2YHU`!F60$fC9g9=Ak>IRcV?= zR23T2@R9-r0pbjBrUid-sKxF2gx{a`_;Moan3L|-ZZ$Cja?}Ks;etnx5(7Ya<$Ai{ zqjMAVJ`PrT6sP{77M`7%Ha*l4ef`2O=JEakmj(O+0&UTnXhU^TAG102d`R504pfcl z;%m$^->gxmEn5=exa5Xq_c|M(enLmA9*icdC&nJ{&Vch$qszwq%R@ujy9Ec1zo6QO zM;lN?5NI^T4ed!SPjy!lhUu@{ayA`1f_*)IO|PEPcB%@V@!ii&P-x#taB^uXIn^dI|8Rc5^_IMs{VS2p^xqx6|4*|nBg_9W>oPL@ zU@HGjH{!IGcI;6LjCZc?-ssaXVFUp=U?jk6Ukj)Pp4iH8f3sP&VC<&@!sqF zV~ZAV^ZnB;PujZGd~OzJA;rUdDOrgD#WaNkrucd&273iGCqxRG)uLcLwTy;0W)h^} zB&~&T1LRbz0^|>oNhI+WPBBo4WjmVCaES?;d1UgAZS2yq!$8v<0}5>kMWyouDf&pb zOy~W+dE!jA1i~?Q0~!d!Lx%b^LO&oDdl0_K;Lf0pFl_#Q>w30;1%J+ffDI+@rhrJt zyZH!dL<8Pb(r|peCD|u_L1*jx z^^5jd*GKkq_v$ONyC=6NcFiRC9BXuqJ54bSDW{^C?PRF!>i%>%^7L!t^h*|Qhg<4d zSK9Yw?{Y9SSGQLu)s=VU4=)vK(LrO7o4YY2ZMD>UL+eIVi$NP7`!jd{d zWz@t46q7|iecvbp8ci?QMaL)s@#V(43fJFt@X19Z7zL|x@?1D8rtCczS-rg(NB$db zfG5Zl7>-D=Yr1zJ`UZBpH*PhoX5n)6%}E+d4Tp(lWQ}J~dMu11FEw@mWRnyPT|cTh{6a6y;aLPr@rJQCPPM zn1hF=4_Ybd+`nPxil;`Nu;&ag@DZu>ESCl5I}p7Htn9ZoVw~O~sHn|p#3*pE5E=3+ zrotb<|8`YR_6)aFHwjKm1{gJ4X)&xuvv8V5#jz6>!Oh`#W3=C3 zF}49|`G2$SRAh6DAxU7`?W)To+v(Qg;I&~*`DWEjCGKiJptuqEoi_T2Ch_F zdx;2I0+{&#MV}!A4dwv9IiwpG2_o}`q2vti?TsSi;%Qy)(=nhW-8=Lb)a-LCTL?Qtg^LgudlIZBS@fB}2JBle zmR(58JLF+W^PG#$l>8gcJT&40ed3>cNLunxzCYZD+@~$-+E}Z9Nc1V$Y2;h{^!afZq#KC-sW#GqZjb3Yf{A@%}_eycO{ zg8fUWhM5IRPVC`CvSXe@jx(|6$r8k&#BG@}5bbWAIoD8AebZCpB*IxZ(0~nQwDTO+ zGwg|de>8p3wDT4MM#dB&1mEpOR{ggJip_1!A~Gc&!+IwL}#s#n7|C*Qq6taA-}P#5BvT17XR^l(cKel<-j?lJ_6-9)39TZ|r%rIK_m2SVpqr;qIQ=1j~^Rp&} zkhKSnEZtRf3CAdD#!H;U&I8|v&HvokD>^q{Ecz$(Tq@LWLXpD01p-<6j_dO^Yk{XM z)vn8U|1C{)?z47BA`tlQ`G^$348aNSS-kh{sN?o$w)Q&i6bQhLbN5+Er-*cRX;)U_WHo53>w`xsK8ji@h9YksRNwMCiT_j+IM+3HVmL> zy=F{UY|9C*k)F_UeuzaR7J9%Mp<22K91E_7eX{NY?%Rb}9Jj zGP+s%Ufb)zzUABcedpuxxO4pB@v7h3`Hg6JZM)qIY)@q~XuD}~jlLOhNxh`tPZnt^F@j!Llc{}f=SIhfApsstPVM`2^mO0W@TnuY0q z6dZ9f?&q>XkGYsmM5k+KI+m&&_haY#<4%=qIJwds4c=p4@bCo5cUX>Zm52I1Hgtux zaPMEX_4K|juVHFpUza9$@xEOszaJZavjsnSry`lyL3UWr%Gp6C#xjZVQ|!|#__|M( z+QR41;eP+xyGs*g{qFPX%KZMXQbU^jz1PLDX;2r{?CEhY(BJuKUOwFG|6bzy$1%Ep z9y^|&_673(X#g@!Hu_dJEtYje7x1B+{tM#acI1W9kB51L*Pmw_-4}GObmWC}ZWQaF z79eB)VrPrjKL%RG`=DGHe(!_viF6K`uhN#O+3nl!dk++ZO(1?s$qDvUq;X<&mTSN2D}qz8m6K8JF+Y2wgQ}{-<~?HkuBOXWQ?5hVc2DPkJ+nFf zcFIX2{~^aMLH$#r;ge`)jeg)hN!cL00EeMZGW9E1OTxfAP!1!u&5_uRnp2|9;L# z4RzZM5qO_JwRm!Paefw^&$n>^Ov3XK&TRx+EOo#F@y49~u`BZPhdZuf@f}@B#-fue ze)#-a4kwwmCN8iB*Xx5iOKcLDy-w**ObkC^k?nWLA{r917!gFb36j@c;&oQuQrn); zHS{!lBOfPMCmZUO(#bY1I3>P2(^n^nuP34JR_26Kn7+*5RYN%HJPMXY( zoS8Wju^-mn`H+anT)7wi4>i9JF@De_*gOABf+y40C%dS3V8F0aTIk{7^Oz=EQ;hf( zYx<|AhRO^wR9oF&6$kSsPmo%ySVY2(j88l!Y1PkQRT)xs5|*Ru7lmV3k_zF`H5!_Aq5_8Fq+k~AWamz2?s6>Px1ha>t^%JfUhe!AKyH^#$$twVNGkzsylT5-Sf?BkkYPwY8$YJBw(mY$Y(w5r0$}@zT`iwDEj|cZ7(ZCT{ zQ$D>_Zp&F!$}yT+FGsnMwt?|XuVH=`L*GaYt^WImqbCA0=SfCJhOa^M$*36jzLEa>`&L(%;o|X&4-JKQJ@SqA+X9Z zZf$;Ds?g9Lr6YT6Tgj&MuQoxMT$K#<#N+r6`bOtwhA+N0?%(@7r7hYlFADKf9GCfW-A_D zKE=wTD5w@X@@&~U`PhMf5`}MRQr5ba4`u)G^RQzVm->`0V2NA>tdm`5duYzT7U3@f>ekCnuv5R^@MIOD!$f+@ED^z4p zi>cyL&>$0>Nk|W+z$udTsVrQuH4K4Pfcf!|$lIoC6IJbUZrfcri6LmRwDN9XtNg3z z!QW=NG6_5zVqGUTl)UInQYVIXXKRL|BH^U&A7zoRLJFveqKzMG2Sz-dTB9%J!uAiI zZ|gqG*l*8Ym`dT9jUUzsKcFHyQlS6Jo3Q;0SUNrHUxfO<86R8v%RJa%ga4}_T&9L! zhd1fqb|Q$oIcUGYl-eAv?X=N9%3?FW#bUhxu<`u`OQI_jUa+Y|H4ESmB8ePoYBG(j zW9E`QXEpE1aKp{BPs%t*In?;JA*E=LG~Q$^#Lv<*uJerI-xp`T@bh?df0xkSn~RIy7ggf&#L_gXLsOe>;8Gl;nw4u3TYGG9NHzt_g9$<@5}JR_6hE8EmNR$ z>M;C((DSk2&5>n>_FkhY2FYf|WzXjnTzXuVSl`{ZH_OG>c44Ld?7dxYN{Atoe1fS4 zVE)Bjmx0u=N>!#YZKy)Ux2@`gYEr|-(RqI3)wPH5A(QVE%)J4NMpTY0>H^^7-ShsT z9+K%qc3}6?h>*#hp;UXUxG;L%RVy3JV_7(Ai^bK# z+~wK66BFl}OI?qy)=F&^&k&<cokV`)P>W#wbzI7}0(vS|VF+MkNI?D`CO6=q zgnAdci;hjsNp3y?+aXPs7>1JmSajMHi@l;VE-+y;Ip@q5t4Q<21*peep``ViudDBa zzP)b!qBrQNYThaLCloX~-B3|79J(Xh5*wd$FJR{B)KO}tFa-#~4|9MLJ3~6k5&0__ zKnbzJI%U$6%*$t)lRs93RESfNQ^M%xp?HJdA*!Pi3%$f%js>{_710I@t~Oo%0M|Y) zh`SJcz8g5#K8GFGe$A5@oDeoSLJ~tZf@u4) zLHO`q%R`8z;&JpZ5nNMsHCNeF-0{nOw{(b<@W^u=U(cM$`nnO~45Of48NFX*hGa&#^l&#sex~`?4e19Uh zWj8AwNXt4O%%OmBNy=G}sA!U8{0u?zN&zqGa6cyHXHf+wwf zGnMBUrO&u2)JHu#iSq)Yd1Z~OT&es$+ z4m>Oz^bCha7lj%XNTEBDXwr|UI!xZZm*v0`EYb%O%QA|;p5=k3S$M%KqM1?8DxC{3 zi_3*~Gc0dyDr5S#CExIwol|;4Y6Ol|rfR?&YLeEdT%?3oPD-k+tt&%9O=*K}J7$`| zF4_-8$wJ#H)PcG=JrlO5op|P7fOe?h;Le~Bh3hlO*PN2#MC^}4JOSjxKSzL}V0nFP zN(aV-O`BmtPRq}V7?TbEj!{+D#dBh*{0-VBgAd6HuR``7waaA#E+6&_pz0KV6{j!4 zj$&09oif;~bf7;@Ads%;ts|@Rk{lX}-;AD*{1w)>N%u9m9Kgx-g_0IdvTCqId6OlcGlLZea&Lf z!ItMW#m;0Q?+19-RVVjhD|yWAkGfQCia);b-1INSA#B@|6TSC+1KfF-Y*c*_^)`rw zBu>eb!aL!I6RQmNoHd5g2VD$-KoWIc~&5=it4vmoO+ILW=RvR_Y!p}*xU$ddwV&zW(W8zUJRV` z;$qMJL+(2(nt()PEV+26@x1IgHDJ>WhLC4E5H=rv>fQ<(;3UQE%LClfmWDg@n1f7+ z0oowaO{VNB8lEQiL~z3wAmC1bAvB@t1?EWgC)~W*TwfsG)--vhgo%=e(wC%frA|dg zUHwYuKFRx;Z^N?WJSKK>Pt2W8PBpTJ2cLP_NvIz)R;8+UA3RIz}NRL#eSWTQw*V>HE@%o>w=EB^O`V+*qAq`2=to zE*l~>1AlhM9@on|Yb!stzLk5L#t3)x&5m?p<7n&X>%IbB))x-_%J=s*9B)VSZtYIZ z1LO6?Mn&)su=E2Z$-nTa%?iNQe$NeEnFBP^=`p)&|O3u!f z48Q2j7+{q~K_L^?Kw-p(f{~+2;{>D613)84+LeIpa};2T&K1J_878pAK#J#*QOatE zl6T=sE;S;+P@T&ab_XBYfG9L)vlMo@m=A;q&+#Q;6WkPEmLd z!n=?2IG9ycIqDY?7fDkz0#!y5457oZyPhR+os*^?=j;{JAdC_=ZBI)n$r*GXbah1tU<=xLm|Vp1J2@C6)6I(Q`shVQ?Q z3itzRQ|60h?<~oEGMI$KporK}1ZN}?4Ha10bDBP1 zV6EjFXd|y(rC_MCN!ZKVg&U5?$lFC1z8O!dAqD}813ac{{yXi`D= zP8!zZXL$@!clOoco0j|YFmv;LGBt36yYq7Q9U2yf;Oq7J68huz`US_t+vWZ` zz{V4V$2JmOr-iVMehv0vYZr?@t{DzF^2Oryr0n)e!}Ymw@DjVXcX3P0+wJ@Lbkb@Y z`{MiYHgK@f>eH{g{k;f_yS^l&HN7eg%LBEN;u#!jKl7wJVC(Y$_Ve?Qhj7EO-5m4~#7UsJd3y4lmUL}|->P?T1yAl1{T4~%nK*VU15QxR#$RzAFOa#kthe*{n>{lwEY87^$`A)N4 zh5d?lks>e0bLikhO5Q_A@9>{1_;t4RWAPZ~e)SrCo8{rz!e^dc$Ii<|_-w3`IhRH+ zO+lh;0IPMv79vL5F&Jq`%l3eDj^;%shl^qs-1e-&k9IO~je}L&NQ||$_O)Rfy?z!U z*fRUyEAYRy3S8<+vqUU^>6)V&tIb&Rj$3mZnkc)`Do~Deuul-UIWGN zUvW4Fu8{oQjFnqDYfVs@2o#>_5k<5P!u4y@Ao55-LH?WztVKwcW7@_&bhhG(>zOFU zg>yE~9E;t|t&x$g?uwcNn19ox#539%0&BM+nH8xP(+U{Rp(eu0hXSEMOw3?>1U6Kr z!PP{v>E=M`fIGK!E8y3<#gZ%TufMp>oqE7zn&Q63OJ-cXhH8>C&)7G+60HTlwOHIA z+`E-M@TUyo5Z<6r-tV&>`DiN=PknwpMCPuKCtBY(dz{aygHAZ4LDuOp$mG$_HP%C6 zfVP8&(sr_kcVx1G?A*NLy^WXH5m(?!7`PpuFKM?|pU)@3*SjCg+l}W1x4&{{S=L=2 zw~-5nO|&zd&Hu?bZel7Wo8sM0 z2u#*1_rugnBuX*JRHwnJ7?QLPccCmWERvsy*W_p8o*s~M&q1j=2!Z4~A0DkE-HlwU zjBIkJwxZOW^T>ttL+C~JoI<}#GzEgU&4ysGKI9yMPPmwAjm?u^mY@Fs%l=*QOD30Z zK$3Xdd}=Jh-hJ_IyaZ?C zvySFibY%3rCeD`BIePU4l$wXXPRbwH_rDa2mi+Bcv(vTkZWV+p>GfGP*(q(0R>i6z z3HlSa(K1@SQ`5_`L1ZPYI0n?vl)tGL2J0;T)8Dkp(W8SW>K z37H5-1^%N(I!-dm|{?b-5zHWB6qXdHJ*uX+l8`_zmld>oYI9dd{Q=>^=2KGtaL znGl^cUd(rnQ&l>qQTeQFn~h%;UrKx_HO?Irxo6k~Blb~Re(g^pbiD}OTPn5~9BQoM zZ%C(@tUZcv82`9ed{LS2)O>1NVVa>%7wE`tQe=+e>yJ1h7)$W0<=@3kJ%0JQ^t7D1 zBcH!qz?kPpbD^{OlgEoa%RIS=1WX#{s9DzdH3u}FRHa@=$k(ucfsBKjXsM3 z)i~7(zdHV=inrl$d)$PS%wk#cgu{t%5%Pgz_NYa$?5$~%%%jdxkY+zB=!|+e4HS92 z91Uj7ZUwK#h{@*OK06j62;|YLrO-&bMo z4C3N4@jfwMo$FoO0EfOAsL^Cjk$6bS8kY66U6bn>t?i|9)#tEjU^Nq4P3ZB|l{zre zo(Gvms)R_vx*k7KG+HUfexl2u=?w;%K1n%>LDK4>(>eF0xCXm!V4tBSaHdQ z+Et9kU30~@HteA@VsrlmZbIdB8cO44lOTl7flYJ>Gods?GHu5GkYV2+KU?IG-;o9U z@+XN<)C+L(*wMtX0{3mUvunTnSixe9n&9Kf{?eY9PsWozTG~8ICw_;)1;2MlHgAm( z0>T^iRP{C{h+G?qDw;Tl)TKpoqYerM@OMEZwrOumoyPfwjwN~HiQbH^O!dAK`lfG&-@Djs*K!H` zWc|qcbaxqDIdw^PoxahPw+Ls?&M^DVfB`n%uF2*hBhQj+bi(4LkWZORm26Topcgs-KW$}o+`V1l2@Xfbr_fbF=aN)PCf2o z+L*VJY^0uQ`6uJ4rEy&ru+OyFvb+&|_xUYK-+EEkr*cVxR|ao=cv*mb*rjE-dX_r0 zIdS?#>14B!mH&=)>|ytTo45L4ruu!ikr#jZurL)f3Vxers2*DI!RNgG!p8)U@|JX% zyp*>wyLl&}$$fDATa5R<(Y1XNs~OPePqF9B1ctHsGb{b%w{Ui2jXKR=nfnPg&zqC* zj>3|}0v6)eE+iuMSWVLQ%Nnc(IO|SHtb&%;Tf*L*N=eyu6M{t7(X;U8H++1HGPUbw z|NMqGEF#J*V936);Lz7YBHb5Fbu2b-SPioW8y>GA-3C8~pesZpEQcr$()o~#`qFNa z#l;{2R*QWCTDuPhj8#kvGP+3yT||AoF^?;Pyd2k05ro%}(K)${9E|*%xa{^bYhCJH z)&=DF0l~%|4Za9{gkRq-wR^CgQ+SbzpI5E`7A3&1CiEtw|3)PW(|5PDwoQ zUSN3C(YU(3+{c+@#NaBmD!Dpb_E$BKzq9hO=pJ-7&=0sIc?z%I0BSuTQ*&r@%C;A2 zeRO|W)=j{%;E5Ziw!kGL)x8+jdffXE3$XCoVq8lIRK0>|Ad)BSko|RrP{XHD3hSXw z2zy!aP&0Y-x~Y9H>lm&tbTo~tNIo6}0X;jAmw~m+BUl7TPl9}0aWWV2aO>qu2~tY2 zny~40E9LEzHl>p<@uSB#!nZEH6Ko?tK=2PcE&pQ6%KER+xAbfb|0NUq|5jTW`U{y@ z|6BV0S8YYglEN_9oCH5YwcZ8IKw-K%EV`^da5KW8aO;HwWGm0DXT5K@fz{>L5(@SHr>=LWPf>2E(J=UK>P*p)r$lxH~``A)hZ#O=>ruxSIt_jmyz8FI3-Tz7_B zEtTblmn+H=F{8GdxJwTw_+J9AoNM3X(I~G${AA1#Mydm9xM@Nd4&M~J`Gu@8x4B>Q1%^R< zM?iMQd4)FzfhyyUUUE9li4*;?OHyw*xJ%F8fIDgIt_`iVI)N?vn>V;V@h1cR5}6&q0&&!H;P(IXVAq}%Wd19dgr zGe}5RBMNRG_cbAr^xyzYS8cv6is}L4O9W9AHp4g>(@6W|8dJ4k@~A2u{|tP;za*~ z(sGGt{lrkxJ00)rt#bud+a>YGj|9@s{bn6!#MP(s59T69jXSRnnQx_{7S!QHV~-Xz zS>G}aU`>P4Hrcq3qn)F76MQ(O?Ox#hszVGW0d?dpA92T)%wKH6-2vk(;Jo|Cu^M0o zuYa#upF<2XLElJG-HJ7*&I_Vi*Lh#UW+nOf$658{6hE7{8$~&8;JLqN?Z4qLxc)<_X&J0SG`kb52tbPvc7z(=wQs&J$L89OP0?F z=gvmzIlg^wx(Src;klvb4fwQ*lZfQ%GC;QPQh6EZ_lkL&8Xk11@tOLH<5BqgTJ%Yq zaX0b~VxLNOq?B}Q`h8RwR;8n32cW!%_rfy$V}FOSkTL}l*nB!y{1F5e)%Er0sNoOV z!k860O>V&B6|eJZAIVLDIu)z){S@6FsS#W!_Hm+@WUQMH(?FZblcvuSZ)?_09drJ~`|Hp#8$?zyAKmb>IPD{0888zw z5F$afczjF{mUdFBVst?;$rc5j?9Aqq5k2fpnwH5=uFNs?LB6O42c>?uO}F{?2@D|` zXN0J)Gb(6O=KxFDdt=Dfnit1vyJ;b z%Uj|e^l~XPb|nA^zTi1!e3Cv|fl>0vmC#L{X_2`b*n;@n0J&pKF~%|Q`gCqbs5PSF zBOZQJj9AjK$^loC!Z$aL%)#kNTSs#?Lz-{C^(v;Biah*x8aa@{cwM#cMZL?8njf~` z#i0qxjtmikK0eSV=~;JftT-f74%664WnU*%76-~0e6jpho1y0DUv5W;!RnP4AwV5 zSp}-jy%b+w=rPZ(j*Scc-PqE2Hvy$zILdz&d!N#~PGkerEj+%P5=S&SE4Ng>zTuzQ zNViT_LeFA}j>5aA3$p`v#UNl+i!R1qvT)9(?UL*Mn5b+lYf)Z&Fdnkov8Ekqfuj9@ zWBOdb{0q0s#`M2NivN4Z89OWUzngu%(v(ch6oLP9p=y^@QE=CVw=$@cs@*=goq44| z5T0CiiULWZ^Yi}Liw_6{vL3wE=Ad3rx3IAA<@~}r>DL_`+Wiu!djoEJo%SDD=>kIgcvdF^ z=2|~uaZNEHtM%*Dko$(Wal1P4KAG|D&^!;BivFTtuBVm*X?N;aLrw9xqtgD?_SjD} zkNl(GtWC!~7u*-RE)z^dX;tzgQAWZYgoq?+a#{j0Xu*67hqaM>(+0L)giQYWWeSHL zqY*wlNo70jSDP^+pe_YU@E;eBkKoLe(ih;H2{j0F7*=*6A15xUf(!1fa(;y$q#EVS_ZN6p^)dxrj3T?KB9XaK_=AJttf3lYuno&CJ(@ z7|i#|+fZAWV26GvFwEQ{hPd_mV02RZSiA0xfPQSa!m(VUU!#q_xRD_SX~Q87FSMY; z{R}{)p-U_oLdFga1MpFyJxafVkIx0{9^0VCK{v>V2>I|oD?=FpOqe1}J)l|RWjOrj z+D&^;nL?P6Kqw~XPv0Zx9jhB^_D0PzTGBt_Z$j9DcrX1_a^0{$%=X_IWeE%M8CQ1+ z!e%G&u{%ZB7Q_V7a=|cC&FGJn2!9a>K`;mq!>IO|AW&xlrP>K80k+{y!;8^fknyVX zvQv@uEZ8N2zYRdtR6~aqG~+e%wO^CLO^O<31T))XOV-Y$LS0N~H3Tf`@ZlG& z=U{tM2NrASj_D0mfgs4Vn>iz;$jF)CDn0F zuJJ1+He8iR-L{J06hQ7by^~f>YpS&O;|)PBbpP!B_;ygPF{Bx(AN8jf-oIvRe$WVR zk5PgWh%m$}MGV>V@-u7mO3>Ty>eFtAGvCQSndWgF<#G%4_+70tpeh`<4Cd(G zf&yR;9dcl!mjPjeO&SprY$2HGjX=AWlwRp()U7LtZoL)Lz%5I71nFV(_+2+{((Fu> z-B)&?ov7&B;^=&>PZz{pOIU9fIRb|+=!9<^5TasfQ(>tz(T~(FA7nQ`I8*3+(-qi1 zI$J?T647_4{G~$7w|SMc46^X3LkqXb9M;S*QrzFw2ex3JgFGNOp~uydqz)NIh2r{G zdnMQ&cU5#vdKU^MV1!?OFt7;;WnwC6tKJ{n91S9IXHPd47anC0`hxrEA7r-DV0zXF z!;UtpX(RN|V4Hk9B#bJUk*h>YRW2TWtVNKPRHm0AX*}K%w1RA9^(Uj8?o8W z*f^ltHgWl8>rql@{dm*0!usW;P0Y96$fuw}jBHt7>%7nUc0wgs zdvuCB6|=~NFxe_&Im~lv0cql`HsW^Fk|Uc!;kr6@vb*J%pALfZ9TQt8>O#=~3>kSK z_nxbL(O{dA9Xy`4B}e3?w81}IPwsjo0~waz>UyHx>I!ZTYk8;! zBQ%R`zT`{={>;lDiyAuW2_5-v;5d>MICOvVFrGnCh!|{;esZ`3-eJ| zuR?U2&&_E`@wg`t{&kV*t)?N1lCb`m9GB?P@oXArgPQ4}GLToL)ta3=H|&%}Xzhen z6k@pfh@OXNZRSkbmO~v)!T8)(A(_u0|0j#vT*yo|pYUx=I@n9K&$#%s{{q`wiX*>4 zfmvH>Ohrc)RQFE>jfx&9b5w;4r5%>UHc^?@cQZNLI?S+I1S646P2ah5-2xZeN2jf@U;yLKk`6mV`xCNDQM`{=3bMMau;m;xSItq(d+IeEmoqzEoz{2*w7WMw$`xu%2M<3%~dAfhU>Q_tK7Kb&# z`=$1DWGfZ5G6GK+A00ojml5g`ppO`?6AJ{aQ=D{oFoocE@9WMD#kqpSu%FjWo;4%{ zwnVG#ozvf(F|xY`4{1-^&4`WT^<;UQW) zmxz9R9MJJ-Z)Sg80_qqS4=A+h&tTLT``*GKUHePO;@aV*l@VTAw^3_y;rb}8|L3cS zS^)g97)?J42T!n~0WsDYqSCPI10qfzA7QJ|_%nqKokRnBSStD?IArSJpb02zpeG9z zGU}>SS|DN9}`m5a_Y=75+67k*_p_pb3(!TKv}R%BMm`2O4J% zfF_T>{D2SI!uR;ua=KvAz$TCP5U~te_~!Tw&g9^2zXz=qA*|2|O`zYY_k?*)as7)fzrfEzD1nR>RshL@|qD5g&U{ryb`a%zY>YGoY zF;F=OLWXTe4Dk4aj$%an-uEkOb+o>2_p~+t3Q~SNzdsKxz4TbO9-RF6d_CjQ)_i+; zD{f51!mjmyIX$gZ{&c(_i(>M2wY__8*rwvegR4lQUiP0~hBVaJ!R4HtqpNy%|JA{B zc=~d9O1;3VNv*U^{ds*mes6WH)wyED+uqXY@i1QK_I+|hps84AJQy*qBoJmaOk?a`15obABb-mBk_-jbl+JB!QT28AuG9MdqQ?H>SR<}5%8N;9^ z@T(jSNb-$f5&~cRSrI@1+`|eWk~^auXU2xoXe@4Q(m*v7|Bc#ul(XdC4&oG_t<<;? zXm}jb6xZom%rcdw5d|Iso`RF&B2{USE%{g}nk>`t9>=3<<<k! z9QDPFx9@bxm38Ig1?J_CmiNom#L;=^^UTIkDR0L^=e?t+{S(ZwjjipDCO@X#l;usW zZ|B;^N9R0?&r7R{ZYrKf+(0^Td)SgAF6xs+<3i3-z$w5P|H=Pap2t4LmYQIq zUTBh9V37W2V{(B(c7lugq3NFu2h+FG!g-)&)C#)Q-cfz*Y!nXUV`jTQM$znJ*0LCp zR7%KSau35(`pF2+)bg=X#*lAlR*Ih%O&N(*7_pEbmcq>)AdkcOSDli7jLwqfJnok* zc3KdBiLJR9Q5v$LD`^a5@MrNI#7#zVjWEC7di~C}|HZ^qN%#;jS`!h0hLX;v1Lm>u zOx@Ao+@H{IaoXqX>^Z?1$c{Tk5w{L9VH|*(sshIO?aJp%FWV?|XzZj6y>cH4m&%?omj4i~Q6acIT3({|5i{8{H07CWNFTeb+9(f2 zs^o0+e7Y&&Pg}dbFU=NvNc4c>YZ)nA)8do{W%R%xy8hm2*6MCY+l4MEX=b=N)& zra@x&%PHEDB>@^7D#8LFTyVe@@-*u+rRe4Z_t!m_W0>*_sTsP(O*tMEM_MU+Ev|6( zSglpg^EF{_nKyly5{!5}k>JqQ|D58e>1!BH zqWOCR%@hPrlyz>O(;x}}9E5wJuF9;@qs0X+V=P9=K`F-eXRhqSZZ$#MG-p2}sp*H9 zehKU4_BIk$0^c;_sBYNZLg>`S7Fx63==Stj+rEH}cDTz++x({Y1nrxP8&s}e2;!58 zm1+|MbFs4zpt@}Y9Via#i!Xmst32#@XpwYi&Tq6UK0ki`#>kqqnSv(6VvMzGm_5hI zhEs<}9Gb&@*AbMhX2SC{6|v}z#$G4+U7#}0ZL|@)%a_4{5}dM^u4RT!VLJY&qA@Z4}Fz6rm3Y-o-#ix zNV-u1!scXx(hO8S1+|{95cz{Ghopk@3R4J$8~Pc6oQk_;N`3RUplHFyR_Dfr;lw4k zP3&~KldpKWEnj^jz4;~klo215ZN*;{^FHn-;qKrgnYXp|s$^4VM~(I}vA_Ypn!-UN zXbAa3MLxdr@p#{q4WQX$5+I_*K?x3i7kLJ}>)=C6KFo2$^|7C@I5;e#+Iz!{*J);k zJiWI$Cvk+YC#)rD~>-~7DS5vYj8VuCiuCuTsQuUD!7Nh3viw``s zjYF~LRgXV%G0(C^8sxQ}pQ9TFRf zk0AmSxG3IbW4+yo5j;H@XkGvlD}ntQ%XnSusM?trmK*n;t&jC|f3_>sJ^+rv6Vhyl z>2K}Q>I*7%h|h-Rx%Em^#vR6|)cLaC;e=Z7nvn8o3~%MzS=^0a9j?pj}=AgFAteQ2WmMSqSHYkTTr z1CD1$u$XWJzO6w&bWsTQQaUa->HEgYj@qJyE9EioPLWL&mMG-#bj40Zk>Lv-$P%D? z-D(C(QqIsnm&F`b=)#T)osdJH=UJ+1&j+YJL%;xSUZ! z(KM-Knp`?tK7*r>$yvnwpAU$YPX8ar*B7&61O?mt|JT4+9e)XAA5y|SQ^GBuq>!oH z#fL;(jS@yg+>D3;8Y8VPxgY8Wv5hlbR(4w`DlEqwKDSrH zowRO@vDXKCh@`~&g~0Z5bJcg2h8c8I=4|RN-ZTq&Z{ZVwbFGuc1NO31$}+5P?+OEv z-x=opQh+daoTZNeoz7#A@$cmzhzqO^YIPVRsIqdEp=aOxDMMy=dZDU*PB;;Y&gfVl z9>J)~Jsu5~dH`t607|=w0dwl=>r{|2z4}zi-6+Y=-&uvn;1)jfFT13q7UubjGG?y{ zh;axwLRZ~@X$QGN+bqqgadszZ4kX}o2Gkh0^w6^Z!50u>p5C;qA_aiEr3SlfsKhxs z5o>a(>L=jNYd&}zMa%zk_|t4{{_91ryKre}LhIuwMzss4QQV6UYGwU<8^bL38stKW zvMU35YCE-A5EUmwDgJYl$qYe#Wj1>@gKIo#7cF0!hj6zQIg4o{K;lnFi)}vTrq3Z{ zBwNoou$s7Cb4X;bPkS=U0sbweRqbl$lFry8LeT2biRZfn*gZ&wvRu#+_UsETO*7KD zEsbYjWjO<({syb6hH1}*KZgcEtI3BZ2w77>81P3Y6k6Wb{avq*^E2*OxPV8!YH6;i zB7HqWDRbuZL!ug9oAkMu8nwq~W*OOy`HPS3EloQ9>t9}7Y!7he)mf-xFORgK)jnBw z=mid@{s$x0$;Wf#NY&W0m)B}3SfGZsTS@jU$b?nx-8j464L6oJhb5s1)D|OVd9{dF zZdZ|7i=l2U{$b6hA4}jv&dGWyq$XjLKAao%iis!pA<&J_TN`MnJ>189!maPIDQ1hS znz|8=Z}Rzq+E3ZoSxt&UnN2WP0YEV-j>i=Yf7EyB*3H%@FUeRG=f4OKu+#s8U}I}w z@#`Nb#sA6^Ffg$E+q?fOP4UK!HiW-7OU`tK;t@R8hlOFA1vY6H%@wD|iH%cTA|Pse zp=rWqk&Jt@KN#L`IHFK)FPb2T(J|k*)T{_-(2&!+KhBTtkF5yPOM}MF;S}YSCw-aQJGU8t$oGSLGJD3l0Ya&$?y7IY@mo5*S$Ni}<7+ zj#Ryle!cJNGaDxm{wkD$^iL0$k}0=Tq@|2g;E<|bTenF)`z0k%QIf&XTg*V$#V0g> zVi2ZG@6==t<+R$E2h3<3vH{6agF@Lvsa8=!cs8fd~4fAX6d z!tf}d_keF8;E+RO_?QQgwnZ^QdkmxXf}teE@UjYldL%YXgp7gXvBiNV%8kz^U4Szt zJ>cjZAS~E#@gwg#1k+W&lv1P2bCnqu%yI&`eA6&<5+;V%V5`eOf5s)G`FF1RCWSq(|XK&_XS>Y z>!Z;aJF^GQ>A8G%SeIv*yZ-q6WXVCt1?k>29(bfqYaAtM^a<=j|G|03NIYxR;g|r5 zOLS^BM}xBNH3os0bftRHZ`JIm5-Z2=*|~0c2uR5`G2O960V4g&V$_PCY-O%Tz1+58B#Y4vPOJR5p^Z8U>p8hLn8zn1Chv~)Pwsj z1QlXHUkY?6w7MoY*iVC?pi{6{h6jCIQHiK;QX6EeUru=%`k1r^q4eCO*u!lMfY$!2 z01*j)_~Yx&yRqK<`u!nYQV5F#cnnWKT1EzdnVuS4J`pKXKJh{x8Gd(w$07m#87!Gf z_0B#SZf--T_yVqP%sqMcQp5bWpA3u55ry#%n_q%z@DZ( zVGtigvhWkJ<5ory%o2i%#EtZ-F|c)o@lTbB4m|rIl3Mlx$4^)Nh+)?x9Q`){gv$Gk zqtSPo+@8hfTB&nVp@)hpJxg&I=5qxmf%TJTZO;^5PY-Kl$Rj;6fP+8*QdOutK-d(y zpP^$p!935eS>ymcZ(vZi;tKN6YB`LepmGkY1;xm&LkTxnzvNGM9jsF^5kUL73cRm@ z59R}JTurM9rl7e+pbi4*5)bfbjt)RtQIuSx zLs_enLt3$p0oFBbX-SVM0^G_)wDrevcoKI_lNtK)xsX}isR$0oC{!L$xR{$l;MVqc z98ZF?=k%z@-^%Kc>sU05#2`K8&l@Z*ACUaj#v71;fblS=;dg9mQWpSEt*wRLxiD>=QEti50KgQ!W-Kg2C7h?!lP zt7@csh2GHh+#Ku$wd@C)>&QN&MqYn9n>i^&OBH2b&rL(y^?bAa?o5<|6qdw zKjMDTOTj1ew>nVHlL5hv&lZayg2O0QNp8GVQ7YVOzL2_#6ZQHe9X|iAz33Z`44KP2 z@LH*mX5EHROH-IIe9)gV#~HP@8lN10dSHLZlS zhw6hr;@>b8c7q}>7P|a10i~bDWea!2zT*vZsFENr7L2p6qbWm4t|0Npid)?Wt@4r< zN;4WGqI3VqAUAL3$foKodvnXXB!6^Pq8y?k2{qvN8LV1i{M~Cu+g`)@h%gvaolrTQ zoPP%aiW#+(ih}>1u>$P2ZGb?s^XF6zXVdLXg#}X#Lnjf=IGe)fbfuYIP2b9|d!eqV zLbo$Mx4LETi2{2cUNgzAC37KaTkom`i2hI=A3J$L>a#TFZU|yj)@bjiZF`CuG$2pd zIhY_<{gL@)-1SE@?wp!tZo_*E3;X89J%+}o2GBoQg#Nmr+bPkD(+$2Yky|B}cvpKs zFk1LajWnWgJd_0U_*6#C60hY<6H;F072j*AKii5Iz<&VG=(@>pVAl)SO{FEDgtlwG z1a0X3v*H{DroctEW$Y;KU2rCbU2AFMTYa@RodZ~N6kNs%K>hh3#De1md(7 zM&QF%e!Dt5sc?V=HdV)M1(|JDEh)uZW70m`@4It_(iZf?+sejxE%E8Evyb-Li3iPe78^{`BpWJ_U#4Oy{I_%VcitH?>InT7SqC`hi4+coo*a z_7_XG5x?{zY^L(H^C^rc%=PL;GW<8z-T}zArfCyxowjY;wsqRJZQHi(?$fqy+qP|+ zbKY-e?)~S^7xVu&Vs=!ly;oJmUKOh{va&L>o+li6r|A*iUAO%g&W5%2&<_w$puF3^ zv6I-DIsSv4^nVVcF#bP=6cYpEe;p1oYa@oZ1t#R?gyNjBtqfH>91(E94{nv19~!-x zE&+WwKjxY6dD_4PwRVS>kEQB*3qX8@`0AQ9O5H^oAi~)X2V?ojztcpv?<;dFZ*HbJ4_W4L!A?kMdk1YPlu}Q>708xW&R} z|Dfpvb|%ag?9OQN?BxBP=sG5(9yo69hDz7D-3TE0t~5PVXUsl%$fsxi--F4}f5Hn} zJsb-XI{V7}|HF8$)~^mhp`Z53BgDN+dxb46+A?^N%P31>o%cKzz5GDiKMoT+wp@FagwD`g7gWapR)v;`@5H_x;teQnT~L&0X~Z*VFlJpJs#`1%@*b zw?h9bgDl*bMzS|dd;f9ddO`N)_U9*-s_@Hku(Z`+^S78Q)b;)C>+zkrI~NVU3iN>U zk~?Z987|qFzRq!_e%b_j@srmeswdnsVbKgccaCu^eBiDrPx>d@zP+0llRpc;LHi*+ ztob|vne;&WIB_|LY~%WyTHa?)KSGKKKwI$B!FG{-vGE*7ka5;jlB(ZKdWpS>&awlq z0qWHp*KdQd|k;NtKT{d=LmQ@n**sUbip~0I8PIKGaeQ1TLX+m-S}{803Qpt zuSjZ8N*YonETPU3j`{3>9)sKg7>x3q1rB2#leRERKQL)g%?0B@mBdrrH06rWDJr?g zjQ0D~7xX#ujTA4u!_TGhzYJ}V&L3|#I!ZoPYP!09b+>pGAGbh9C6fS2r^(jaEpH86I)+k z3;-gwZZE74Q=%K>OjwzAW!YqcMm(~#Y+Cx+V+RjjnFEY{04@uyJOsHQy6n{Gm{vK? z5`at*kp`Hv>d?O(*GZ+MI$8kKL2@`5KK15~PPH`X=m3{JQs9-)sYtb+iI&uWUSR6c zmC6oWf3U(yt{A)E{?JgM)G+-41Y+&=J#@3Sm}&To}4RTpY2$Ba}aq`zLt~ zZk2-MsHgi~6J0Q0bgPcg6I!dooQ>y}$|Qh-)|MrvTjrN%2OD2OJoPdkVz>EhSM!IsL$c@tT$`FSLBGLQx- z!hLye5270hwA||OoxtW``p~Z=l!UOctq8&wVe4T8h;@(tb@r%tAURl`5*#wq6cWHv z$Q-bzLl~fy-#fxGT~Cqu^OS=>b&GXjJS7ZFrozQ`VQL1kM|%|Mhm1!a^?IV4l(^UM zPL3+XD)kh=Gr)b+O3K-_Ssx2}dv`U$!5D2uu3I1L!7L+XpP=cNsQn4W5>-K084H@U z#2z-*4v=Dnv!?)--pjHSyA<=le-fnb26=Lb&x7EXr+uABAoaUE0@}&}7}QO<)>k*c zqsOrI+nRxyBBaX)gb_C4wDCfFz-yttU!!Lt_W>IBMv{9eAw z^&`foZ7BwD!dnAeZU~ezhq}}O943-@p+DG54Hg|-!~+LV7J|4FJ@GSDA-!G;T{B<)diXQJP3CLJ0~@4952DT>Uz4UP8Ggah zAf!wFsCqF|h*(%-+t!kx^L)LHxr~aT)9dlp zTWe}1Gez#SQ;z02k`G!L zC-dC@s%n0*TCA>L4r(H;WYMpJ;L6&}sQu^8Y9}aoSvc3kj;Ro%4x1R#Xa@F0ZQ<_Lki9hgNdIAJxge zwQrn`fX1x$=@;~TDNOB1PId`Ha@}hrLCVsLu@QC@Yo2F8^hp$GT3;L?vj!Yk4r6E7 z^FC)-_o9y$uF{kCh)3qc0L(I*qiNw0mL41r*JRx-vn((e)d4feQJhq$K6odz5O)bI zNcv>F%4aa?5!#%N4p@L5N^FPAk|Jhz-z9&13Y*&TqUkYBZ5pJ>%}SU${{(&m{df(t zn{}N;Tokjn%!v|U0?^O;k^fSwX;L_rTFs*}#-vVZEN0ECpky3Pr>d_0or4bVs!b(< zyP!+vzI83wT~5eWBwKV5G?VN_>%D;(M`a88= zK$4jn>4e8LVz!4OFZ@TQ#?SE==>CP+DwTE$k!>C4A?vMXf$mogc@}7Qf}f;! zw$pAf`?+o?`;@0M;BOIj$q@_ov)Lo5rOB*sD1WDzBBuXC!()$kY#i?VLHW} zWMkY=LTu9GFg(*mTfxDp-+FngA6yv=y(@DycD4*S_AnkYnvHheZwWQ*xT!8gA=vWm z@?Y2baPK@YA9a3#L-uu66}gzl`R4nCh3>+{(~;k>K-)-oAYK`-?T|K|(tRcFKdKNv zP-cQR%l~GJ!tocV@qcsWGSJgA{8v-Hr&Q-0*4dH0PpFu$BGc7_h$ZVc*?>s%0Q&6Kux^cNzq&pnT<(s$ISr80SJ~H= zUQ`o@nT{J7UeZGuYW*DhR=fLLdBRYEfbV`q3Gxe&r&U?H?!c#2bk6_?Y@qBiJZJ%r zTaA`hts|r@`qboQ{R#*=EA~Oj!uEr3VlXjQz!p-{4@MC5)W{!{KrS53L1rk-3P>bX zz&CTL(?mq@51GoX3Ysd$l-3YM=83c()UjR$q58YSS1%9}{TC{&HgEBOPqfuBPa>>#L|pH2bXBOb#X z{|h0|=cz3JZcmd$K3)(6LJS88T?HLsj^nWlR6BKp`GK6Jp_-7EjoH%@h!ZPWp3kA& z&K%j0O(M{gLPef<;nYembSP+&SniZ zhxv~IE^L_(dyS^^40$d@cif;_bCkipWhn?FwF_M<%6o%ZiwS?ActFkz-6pyhx0ocm zJiF()w6OC>nEcr_!9()9Omky=$|@PLC!lyuvVm>+1-k88N0yWW==bQ(N1G${nLk-c z$fgoUeaLN}a*DzPO=}-{kLxC18!HEN+YRhE<>z9^dr`XuMXrnUiEO&>DnD9P9ZEm6 zQio;^6kk*vX-0lesykRYlvxFfpKp{ss4IsmdzjGNzMGa6kDPeTpBHs6HHlYC$@WAj zu!_xB+o%0lc#F63%%6>nwwhI2If5)!PqKY-Kgc29i>7h>d^tw%jWCZspP6q*NgdY% zPO9e_qLL_4JD%1&T`Nw7Y*w+hzq>ozpMS4>Hz*;OVsEo%gxF)A7L4hZMFqH}SAPq2 z;@l*=neMq1!TBMp(}_m!)CKv3eEMcHqp;FRWw#JHopTOin@x+*bwQ)3ayZx6v(x+$ z$2dGsHh0Dy6kwE&)D&?^ADxNImQE3tm2@nMghTiSh6+&I{CBE@;Xm>d{dez%nyi6^ zv7r+rouadWle?WUKAotogZ1C@nt!kV>hYJ%SWZbqjaJm$%2-C<+8Cdlmd?<@-OkBY zSJ%FDiake%vcEJCie;{sSVk>NJ=!DPA@h{R1 z1xPwUL0dO`&3^{<7cmf@frV8YlJ2*It+UnRaODbb(xgiJS1R>oE<4} zw*Bo0cZj4+69ij9gxrEz#+G5z=j^Q5L$pYa4p7yY8qgTS*J4${oRXEAc%s@9BnYCc z!4#hq)C!(O)HzsU?TBj?B9T{7mdj&76xTJ|J!5Wd$UVs=pw5~0mf)8u+!ZI+A+#C? z)V>wy@*Ap2Gj93p6%5Efi|H0dSuHOjbFYbJgk3nmHzML}??)8FJOp@#I%$Io^qOM6 z!$sdDu}2+{S#tlTG6;M72j>}HX-9iMW7d?FG5!VNaKH!^RlT(LZ#n5G_RsN6w!SpU z=IR_<+mLv*YZ!vTK8fDL>;?$eOp*9^(#ZU8kR$(2)&H3Hzw+kvS9<6~t^Urou(6@7 zk?}vX>*(ZQtZxnJmZhCAV>5scJ$%C*9J`e#A%RsdAzxV5aahZz(F~Tm>lBX~0M2uG z6>7gE&PDuL+cP5?vcJgVY7-^b8M^j}u8*D#(>l4L2S4qGk-aKjTM*u&{hcZ9DNpR! zLyJ%{4bxzTNzSX_5Uw9Qm6$#AiVu+M28B9sN?ZHJ`GkF5v;DIhL@P+Kj!F$%wi)?c z;~_|1@4m5?gm=&`-OM+1a*klMee)`2(%kB1O>gEZFqdQuHAUYDl>L>Om_T#V=XHUf zkx^)zo-*ip>}}9Ak%c-pO5muWki`dXvs_WRQn`X$ z!>%K*d)O^@_dA9UQPV_n(p1g~bjVxz+AVMV?z#z19|#W5SqITJiO>iXFS?HE(A zJ>(PM{?q)vVBiDmu7OPT+Xs*hG5_G-O$h_rf3Pk7uPO*5W4r&~TH>FS_Wz@n_(voB z_fh^!Yy4GW_;gAR`ZkVs`VPi6hVGDb;`mMu&c={*LVsI?ja|$QjTL?i{v${Km-Gtz zztJm<9DlXZe*TeT>Y+i_ao!Rw z5W|fD4IWd`3dIyv8EYcyUn=F2XoeZLmZ zB3&>hHuD=sb%>YV>7rjHOfbId5}C3Y&0&q$zf*pxb2P@514~-Zh}5Enj#UWVBc?

~`8El6)8ta)`|-vR6#V77+HvJyp<|2y&gU%d1GBa4BV zgXNzEXULx)yPjJ^t4O`fq zq;7|eh)vQmP}6@XJYnJm2O!@L7}neR#j0BpUv_u?1t)V#n3R7bP#}J!Q|OzFBp5%n zAyCp8eZji+jr^zLcj-ghK3SRi!G2Lc{?;!M)f675;YXnC@6-y+=B()V6ago&gcM^) zh#T}9M4O5zMR;v%Mj3*;N^^0?QgvM$F<v8!AIfef^8aQ**n=SB?j2xVM;r%H3fHhI{N02k!`MgI|sp z17Yx--^iV{=#vcBy^$8L?pa}XLG9b8#F694Vv)6B4N9~;8KA#?aS+tPX%r$Kxew)S zL@Em4{?xLBwxOYlJ@QFu*>?YHcD&^lO|w809r_J71H zXy%pbH1JAUZD4${qv0_Wm(eF8ZkXuv>y#TSWJXpTtlcerJUlR9NC!?dm^LJyHB7vq z^<7SF?Cx9BcW{0ft|#)nhgpA~r0vJY@wqna+t3UT;_}R+TF7dTh-_y-CjRP_Y6q%g zA>ap4vn~L>ZhtNRG=%lF$#JJ} zL2x!F5wW1yqw0n1!d}DmuB6N9{w$<>Zq7g&_dfK9nOokjs=BHDT6Z|?>#c20y>+{L zKBLN2h`C-!eGOCCUT%@iUQRHq^7JITO;Ql^LJB2lf%p@fX4nAPqQWuy zY~d*jiZ8?N?1w~;A<%6twQT6Xc8!WRiGe>T6tq3?0?u*h8C1(-)q5~>w+6UU5aw~M zPe~rsob?n9Z}Wy9#HkPlW8P<{&edl`rXAm!FC-cYi)7q0fPp*&qCO7haSVWzz>K(WcaT?$4dVtCq_D;eDbYu+p zZ+76Aib8S}P=j(8=Kd1VY)b1+@JbB{ijX=mhOTrumlCz{u>K~W7BvJg!iQQD34sw< z#e(S!E~f_1_#!n0xBGF%NTZP3!0(fvT$S#~S5o z+nb}RgQBrVcYO1R$LKAP1=7Vaq@{uOz3|$DxFF%CkoqcN*AoK~3K6?mYy`Odo8(y3 z2c7q9Qi+&Kk|WGiQH&<6G6jWMs_oMU(P0sXuu*{mV8-DGPn_XI&WtScs`Dq1rD3B%L4Fe1Rl8zz>RDX`k!tC9}B$-uF*!;-?8oF>1V7|!i+5JFB^D8A7uUl;tU3=X2Z>3h{a%hP&&Nn0lZ-;g5^D=#yO_pbub*P>QUhNZ~G zk>ik&wlbzVD3ni&d=BShqFRms@NA5T%y-x$lnjEsW=3>({ptp{=~odUPLfPCnJLVH zhrP4N4tpn(t_HIez+=ib4gdBkz^xInr;-QP2W?ERmEv^fP6sredrklzi_ixegVfSJ zrZPkg$p+0^MR$8+q)L?VFhhLu8zZ{<8TWdpobRk0aY}0qu}miS09;mAhC)KTJ#kK9 zJ4{2_;2@#SFY4~v+LkFXNwlS;=>y=$#3R1yjJSubC5_`6%+zk!oHWCe8Mm;=c}g%v z0kz&KuXFh-G>vE9`a^b;N(85*Vr4;TYeC7vqP#9*k*zG!ls6Y;i{O}><=R{c z)%K3d&cn;`igA1A7%HfE(=mH)wc>DUX=89|K{^eXUavcclX=iG2*_{o5Z4GenJWmam5CZta#6Si4~ZFved2!2#EqV1Jd}T!Z$*>r#7POU5O^W3|}0 zHV=Cn^i{mHc_tFAA8@d+R&jQ*u)C7yQ~hpM9`!ab^B(bZlrW{QTDKAA(2m!kzR(||X}U0-7h-TYuqNh8 zUU@Ee?sDN+iB-5H7g@R<=h8kpZlI0&beKnLff`}Qn;A(epBAfGXq)lddDz@yN4u_M zTHFYiX_R{#6m|fTJu1VTm9eoLS@*Q9>K$@I=>XJ`5^TVcu)niZSOBu-IMJ@5R2C)2 z3c3A;ZhSWBNwCx*KQ~};3pKFC1GV5AH?j=P=74yv-?=%Ipa`~+*~3i-^PyA&6j+~g zbMWveTB=%}T5@R*Sa^xUL2SIfeelfSxBnTdV(fc^ynM)5msZV;-cPMuHp0Df+Gz3k zaF^rM>>s7(NbYwMUwP%9+%dRcu&N`DnM51McGj>RC4?xMwb%F6(u(Cj+=`f+G)8Uy z!$oj+x<4CRPXBIQXaA4J{{O^|VEMZ@|JUa~wWrpv)HP%OfowWaZ9R{aA26cL!QfI* zo-=8X&X{l^SZWqGYNM}J=__8fN%(%xX+yUf5Y%h2MSyeUTbVf_tYv$tbzS?g-}L;9 z3f2iDBuHb+aYrnW1D6#=hS-lT+2+#4U&oWfc&{LI=T?6K1Nr!)YK)6^)?<11ik zEr~WhUA%*^$BCG3` z-a!7;o0%&fRzzvP!_(nT4rMfM?XHi&@!Zc_XCLa*%dm_o9}7TF+O zlo88V7b1`+=m7x)Z~*!i_-idOcz=Lrg1-Sfw=j?mm|o;)JUu8vt2unQ89xsOJ#nAH zF#ec9_XSozL_!{WDn&S^6htb$sde?hWWTW+gO`OV{_kpr;jhL{?e(sgG(#HfQh_e; zQn@^e5adq`Ak&MvIeOgg&L~?Oo4?oqt_T6+`Q0C~e;js|IBHRs1_4_;r6s^Xs(w7K zq3ylb9=6l5STauv)S#+FfaCS?X#m zlV&VFTcei<#Tzt4JCZpof7VLi`6ZQ4UqWl`%6B__Kp_2EJO%cQ5XnT12{;n`p}z|75n=3|K zonbmU9o-n;Ya{udbiHVrp119oRam}OqZv#_elcOdhdYRJ?lmedHuIa@%WD~-za01GR8p|yq6oni)P7c@nEnbS`NsDY+UJ~I z4#_I^>=j4KZRO)rdwqfs?ZNEwW6UA2{GpHw%w|ZJWyy~vzU(3vS{QN~FjBK5GK`}6 zCVqq}c3l@S16=n2o3(u=CWIN`p@XQ_?~}sRYII5pNh|`M;F)6{)#s%mL|Dt1u_wy) z%PG>K`3XDmByI%y43b0<3;=3Fd&yzp;|rC+aW0^7 z%x01d_{=g5K4ZJ`g8R-AZrJ4$@k7P2fAwQ9%Ur^m17MG?9N$_xx@kC$-mG9t5ZldK z!KycK1nu(ra1b(gV}2pV?hMw5-c{^Hs|)P;R{ky|FGuLwAi^cErbWcO9@B02+Y=kl z4e`uYPZ=}H-Y_4S6CoqLasr}tyN=bvm(50R0bR!HXAN=I@lyd-_=yLY0W;=xW2v9$ zc?4c^V^M}BV1=<<%`bRDOKs<3-@6HXpMkrrMHV1B<@bQ^Um8iJRJ<^%v5|E|V&a{- z`h%~o+W!M^bMSrg@0JyY|1uH*^M7De=3x9UGsawLsXK16Hvi=x+cmrwyxdT-D8F1C zd)=O7XR9-SkUMB!QC8c5L)G)`17_8%Av0Wj;8F>eYV}0$4)AJc$4Z^_oTJ(~ zza1&TE*?~wL_t!{IFFP^H6j^a)=5RujJT2WX|H7F3kuia_#{4f!Vd@o}+JJVbs;XROOAyrW< z`Cm?!%yAIR8W;sY-W2@q7Q+4x3FI)8=mGi4#vJ0TW{T=n;K-tokOSb5^+yryOQ=fZ z&fZ7AAjoqw*obd)amXdBz`?VGW`za!wUXBp78dOSh!~1C-xVkYJSOH4lzQd#^moG*_1PEYc1=cA75(o_g z@xbrX92MXY>6{hG6HNES64S+rhQTChBzKGv2Q`;0D;z^9QbI77pa>~LSviG)1XV~? zPyjhcCnVsSWfr6@{S^%%mlISTOG2fYunPkBMKfJxhz3 z3&_DpuN?$=G^ABFA3)fERETL5N$MsjI&3Ch7a`zRIG)uwC_@ArOidK>4Hb#-$NPB= z!_&b#naahs3%A+yaznd;W=8kv;>7gwo4(ooGoBmlC;Tg#$KcNo`S<|F2Wg4*li_R= zu$!?|m7YAhMs&6QpW+Z-fQ_#6h8fCd>!EJ!9B33zId2DE*p3R*nT*!6g@y<4pM5Kr z&T!JTQ~Kn(3nhhR&QxJE-m35S6{b&5*Gj<;ja#hR`EtyKdXP(Zof8I|P2}M%nJlin1$E0~$Xu_= zQ3p<8rrxuEQweh6LRMtnJBs0|S!<6lDwR4@ED%;T=dGiV7@HZHr^(jv?TjlF8Kut? z%oKR@c*&I|Uq3PGfDEn|HHp3-o&?T0-MkCn#utazJ5KP}#a-c4Ff|qFbpW1IoZ5yO ze=qfud7fz)p+wuXp0-2pY#ky=pyibp127V)C@e-GcCZn3YYbVlMWyy;Dq#giHQ&uS zbKB367V$I&5V?i#>r5$kLEB)~)HDw?m@eXtt+L0CmULNm9J+ z>_``yR2w7Gq~_g@dP=d1A1^YC{~hNkhgydn-eR3(?R~CQB7?!GH5E@b?S}#Y_OR^t z<7IqX@A63+7zdblLu--*d*=!o=}hJopaz6W^Fp`ZjJHg@1!}oBtIvVZG*+w#es9-Z zXP$AHOkbh|CQqcvfv+;ZGQ36-#uvv+eqt#C{t{MqSibj>ivNwzAVWlYVON0U*s13C zvV@=NSGiP;6!EZJM$APg)JT&R9A5=f!p2$2B-L8SVQIN{sNKLZ$*0PsQf3srbc?)TYk zCZI2TAd%KOP_-zz3Mf#D9r`SEfhEP}7At$JuC`0|Gb-2#sA78o#|&;|;Zli4fOFJ^ z3%)gcUnX_~>gY;lk^|I+rSyuk=*ej!N1L9AUwuZVmV(3lS;xs3^cC23okS)5IO!`^ z9q!?}=o}|)oRG_{k@Ya0A8HlKty%OgStBDvi)Ro^m_|q~z(uIK8Du#A9-LjWW7DDo z;HIm(8881MoLIHnlk`yc$9L#>!lYTI?qXwl$99zp-6;&yQ5^2&DjMyD?H zg*Cyz9py7|&!!6BR?a}pfjh6^A7E7-Teij@-S?uhb?6R;qbVm+x$*Cu4c=`$ z9Tj62Y5FGN>yxHZ$@52N>^ZTbu4km5RAx(M4i$}9G}Jld&Fov;pZXAD((5aJT#-2>wc&32Lml^#b#cepxFzP`VMzT ze1H+$J=Sz@>BLdLTKW_|9P#VKnYEFzI{ z`7v^9zh0O%;k2AjWQ-fdJ(R}uOnVFy9=>im_Srl%AlK;VV&v5-aOmOv1A9>lKCh~P zGu1l@6nNP|D}*HO>Z_DsU2QN<-6K`uHs-Spv$4ra)x53E>c07SVz~@kp^Uwz9MWFX zLah_9-Wx7EiN)MLei@PEncQ(D9R2n7ON~vluqyN9(xPdjmRUOfQyb0P+ z|Ku{@>5}h~L$gk@*#x-5fUhCmdNt*073vwvbF6x;rs%2j#y%@2#$)}tg0%q@m&tZ* z0LQ4g#Fi8&9N=9O#;}KX(wJhRLfNI2+`O2yS8Jqr?z9xK0k~5o1`I1Gl*5dFj5LWbSz4o*~+SYnWAc_>NUn8m_7s0hh{&>$BcO#9AChwRC3QhWM(-WJRvb1Uu)11;R6MRdU_I zj1)$7<)eGJIj|UIhzPyHi$ltz4s-egS=DZ%K_~XDv!vQ#g4U2w&zhGkm=uX0s}`92 z%|!LlH!JDu7J0!YbL}X`iX1hyqXh|5z#M6f>^;_qI#k2Y72<2P%4TmvNH--@6Dh{?cZR)fMzSZ^*(R2F$_sA&jHwu0$@o7dmXeQq(S!Mp zJHrhZ=Z>56mU~mD)>mqaCubE;_A)kh74HTEwu#oY!rHf~-6WQb%bQdApW>nPbe1>$ zvXClE8-nnjJR*7O-LPKU%C>uU;ikkUvo$P)R2N3jPcUULs(8e$JpDWQAy0+x?h#4W zcW?pEjd8FxryYy*S>FIJW;K*&AWvnZ=d?@@vEQb=HIwo>hVmMgrMiT!MFf1s@s7$| zZcJ&K{KzZd(OXf=tDV;{w*0EK00d%(dz9`yspswfdt`F|iYbx;E6v=8s-Shx`$CJb zQr1y< z=M$Bdut`kZRYl^WD?&jnhME+EO0n@fY31qk9cFjR4rLefF2#<|&q=zpD8FGBfF^gM zp!=DCdT;|B&p|1=CEKcEp)5*s69oWLTk?9K&!TYo!H8zQn3!@ zmR0@3%-zwWHD`r3Ex(KYlCpP%qXoXI;Guz(xqYJfNoMZJjKIAlQFVIc#c#PigSMAS zxLMEn=rmdhj&d6GB&4|3pmAeQ;g zUfg-d$ds?x@6z<&sYf(LXZYZmTM)l3U=)WDIqt@sHcF9t6wvqO~k^2_>w#f{nBy9k?_aUz4M+7`w;T$U2M4n6))?RS%7( z&QL(eArZxiDMy`jLYH;3ZjUiN9`Y1obU5=o`P!SE)UkX@dgTi_wxSu1gN5 z%~sjkB)-;Fu?=Fb8XnYaM1w_5sGKdlDvXfm%_*C#tqORJfuc_h#x~Hkp~fHbj01FZ z0w0d9ZS<457oA$#FYzuMdR5HP8nZ=M@Zvf^*d zSr9Z7xYDICT2dp_Eoux$A^TSwb?3PM@kFo5jdQ?g$Y*ot)ET9wHvc5lITMnu`SlZD z!CceE?f8)~b(M9*F4>2qU9_&t@iq`1=Gr4I-06NIJUGp!znSIR%JF08_`P@XIZ&Zk zjDs9`DpRu1sU^M?20J5q*lOG111tAxbSPga>9c0aVsJF?Vs@^g6U;f7w5xTTNQs5tk~ht1^^wqaha1+pPZJ=eH8wtwpfcp;(u z{oiflIsW5Gxc})L=3x6TM}4a>{_?uAK5pp}=+QCCH53Y;&!-YtXW?sR88z3_SV9TZ zVQ8k&xTiGIe7t81DKr~V$;>1FqRimt=6=yEWoapO-u^&;+Wyn#j}kZgphe|T>m>m+ z)9^V<$7UpY z7cuEY1qqn>&Y(-hCzSGvbF{0TS|*=TIsA1F7Zg%J$)_G&DH`0{0EV@X*Tq>EIY$mICV&bY{hkq`)7E@k#4D)EHS$6Jj7oNe8ly0Ta}nNV!H(~vFPZcM;j!av~9HL2N zOPwbQ+kS6>eTb(duhFQCIfQHNskezSb_t5_)wyf81w8vtZL$x%cA9#t^s*%;z8>Cl zgF+d}Kx2j#T(~iZ|0e4haYLfsZsJCK-~FR^m*q$(DDSz0HeTkR4?`Xs)?20z3YvSy z4or)#-@TK<-tEKD$p~Uu5@?DAoJ6=`UtWp2tES(f%2y;;Z0_n0FEu2arLt|JO0z;cmq@=z$k;!Y>%4GKk+ zUuTv795C1*_Ji-pP>Z+vs3V2JqeI9pV_!S9h;*XOy+E8D3gY!xMlrxVS0xt*1U?8z z-%2&`d;O)fz8;RIt?{s7fn_`t5pUo03)XvnKdILTcYA1V>o0EM4_<%lNOgn`^JrLc|AUyDSOdh1`T|VAc;nzhdrcA^DHzP+)%uX0=QV*|94>JAh5{dS zY)-!ODEzz69R*!&+k17EWF{CD6jE&~I#vb0?l`_vV6pCy&Zewl^fF6gv*r;0Nh@oJ zMfG0e?k`ylT9-6Vt@dCv766wNthv-kltRu_#}7)nXjFpt)TePPl7)JS6m81iv>LhD zK>dNr^DAfSYYG0<3o*HrWqs39)yAxf^NOzx-U=ykD;tk3gcD48Th3vY`@6Q@EB@sK z11;@=iW8dHqd>G`tRR0NGLA?3H1W!<$`fm_Lbz1!%pkGPmCG$)*kxHAm31;EsHktLfm2!3%c3TI~Wwwl+Ahb&{wWzl%JNjYtx1S z?8hi=^^!rXR-b=Qv)2lurBuAKM*!z?=m%gRm!H0vHJrYL58&{V^p<`GYRHpR4?G7l z^a3P&ib86rOko3-bxHSy%RlQREoWA-7jr9$P-y8N(xN#VZ`{8iYqi5R={Zbv(Z_N7 zduA7AeyQF|Ure_v_5Gwm36>>v@H3VOj z*MH_vDYg5<0&|S$8^4fa~>R05rkTr zy&&g8ZMoji*YTv-bnP(Gb+aIvi^=Tij6f)08s_%&Q<4ePTd9c>xRHbkdzxykxeXZUI7^)1vSNBSNPa#;qe7I0o>=SXdlQh^Or9Vm8 znhH!`;w2#nYyQC9s|U7kCl41^OrCdF3|T?q#Kb_cq&B~1Z_Tyx?vS@;uaGg6MIIka zVlUN#m-8Q!jqr1y^fKksfb7zgm=zK#>UGw_m+K1|NH!E@w+0sQfp4*0y9QCUm$2F- ze4?dCg7@I^S^G7{N$=J{zllmQ=PCUhYp3X}vk(LqicuLqouo_XWSoUG;F|tgl@T@) zAT2B7HygT*CT(*t^|9xyx^YbFU8)FY1Vr4{DfzTh++dg*9WF>m?*3OOQGJ}W9d1aZ z5mEi^7p!0cW-d<13k&<8Sfm)$PxZX-3b5N7Ppu)!zPy3GTap}8bk5ZD&A*r`pslux zVkK=BOL!-xTAC&w#NTj04dmwkyCuLv|L?Ga7&sXI>;8K63)>A=_@C<@!QSpw{>cQy zvfn+>;^!b|>!c0YFzTA<5ml>#)?*EYF59|2T)dT`#wF$%wnB4Zgt8-^cWy6CO~dlhHJE2fPd+9zkk zkw3|F@}j5_`-D287R*t&9<7bx2^3NsQSSK@X{X+}Jy+1f**#p)#JQ*&SEnC?Ep05? z&b&Uw%h1c)8cFQ_w%&6Y#xsW@s~7}+vDSew$ru55v0OJoWIOoB<3MPudb4J%no& zP{&HmE#5LgfdLcQNFoY}wYD9wYFX;uaK{o5cRwr4IeVac4nFy;0%z0J!v$ln9u6*S zxKUBmFZMYE<`gp*D(=0tn|!pf#bu*HB&tKSrGrvC#l*GN6*qSKZ!v_p!EiiaK>Wc% z8iyBzss|rA(j7yA8r!8D&?KbLOmd-JWh(e{id=wuGZ5A8TekMy;*B z`Zl5-lv&3jtyYd)7V<>aEbz3If?gZvZu5(4lv=d@T5?KYrY3Wo5+?H=3BL2l#vEWH z%ZD|fP$bR01iZ8i@*c^#U<2%|_FBfNe4a5|Fl-Rl%7%G=qLBd*IstV0?uZu{~^6l)e)TDlJi%v&3y>~+~Uw0}fPMTww zlmtQn!G0cB5a}8Mkc1LRqM0|~P&^=>LK)(md~AlHDBRHOH_ae*M<*M8W4a0z`;%o( zdo-)VZt~ULoI4OE?L6FewuTJ?K|sKdOwV1XtlFr}*$)%u`8W;85+++l!S3kh+Z5(i=eA2GkBn948o z%*CJ4sfH8p#KywK4(uh|U$Q9PJAu6dx2B?f4Q{98wRz7kcyMNvS-%GW7+HW{#OQXr zJXat1n$0UNDl%2H_+$l3FY})vk85@RP_K6X4Y0!GoUD*Fn9-RkU7TFC_-uxX4lcQ# z!%OZGdrC+jAdNpc`v#9hbiAwC!`wQmtwWTkWKyx7*R5y)l#Hu`MX;C2**uUd3b!i+2fODLN!^o=M}d~-a?Hl$T6|oI zNuCV#NkB(QNr#S<73ZT+rh@;$$nen|8M4N6h*GVo?k@TAj|dk^k2NNaQKA5wmk125 z%SrL>6>yFR;+pNVbK}X%+S1X24w((tkrlm>-Rau6X*mQ#hk8|_fxKLe`lXdrhYxlx z4*~IMlu>$mdMusIRs&X@L4`0i zoeOl-L@rRUv-1xBJ_O*#-$sCZ^VhWZ16R(Su1HX>vR^>~LBL949@*jQ%Y(4%LF6su zUMC#5)svlCtL+s1xDT)+xV-0xQsw-CGwirRC(qp!Rf#F|P^#yKusL!amoGhWtzz(P z-%v#R*FaQIL!YYQON&=dF{&cem+Ct+iP!hLn?p;P{3rO`8DiGj$3Fw}jOV%l$C`MAvS~e^F zp@8TtVty*8TlA6bWj$JiTz$UVgL&M*TUyff<=>qO@)`r|r04NQ*#n)f+qm<3r=??U z3FgH5s?!sdV1{}GG0-X1zq3$4^Y&9a^7 zh5X`(>FE)#czH-=y28b}CWcpk-`s&CcEvR&?``dD%_jv(y0_ya4R!XdyzMX-XXHZE z@E~|=QDB*6&?l&GSb=lh>;4g|V3~?26+gnxU~3N?K8665I<0G(U?9~8bjq(iUx#}b zo_HSmkGPz8Gp3Z0laedgl}>m1>_0&`Gf+a4s?<>kobmofC&{xb-DU;d6`P=lj&xf! z`ZEn*KX<4T#K0SR3njQ^lNe`>^r=S}B}c|PxgNyi{s&SGwx86IPFftTDnvMuA1ntW z%PcGzdQ5lH@0Ib>6AJ?|(v4j?${$j^mjt=i1soWbRG$?r`w!EPaY6<0KlQ5ybF!k% zbs*DhSW(4~@sb+Si5ose@`*Lk307Gf+lE4&Ud#`%%*eBh`9+4Oe_RJO=Oe1ei=g=$li zmB9kbNceN!=fMP1oLXJY={j7Y;yAc)R~W9bkbez#XA0XP^C;)!91I})%kMNkA1Ra` zY?Fed1q-gQ2sezyZ}8d7b+y&}(ir<7jf_~VUx;2cx;!XLD;`1dWUAdPl#6Qh(lC&H zvfuk#9z@ClXSL$N7(})HQ(>YW;{gDO>%lmPhcOq^-JL=izo5wzh~5n=?&hs@T*ppV z;y=7H0T6w6c-KT%SDKG2hCm!iOLYhLO=l?DdW7}V9+;1ZF+|5z4+Zpjm7BTMNY#gK z^THf0m81*$U8GeIj8z8hb*h0ptdSV7C&DKruj+TbYo#U%^gmhyfssfrDd!-JhXK%G zD2itti(*uz4f*KQB1WTp_Q2~};QcRhw zGPIeP%?2RoWW}6dfd(FK>1JQm+t@CiT`gU^tCK?_E$n!m-rVQ9t~x!{GEl_k5CF(p z7Q9}`Y|s@G4n3;oQaND#=%c^d2~{=O41wA$^=Hjx`@M*roOlE6v;`=W6Vw ze@2}cBbQS(0obW?Evm@pzY1m@Y$_NBq0)^vWJ#hZR9c|aTOzaEv%clQtXj?47Y+i_ zBcYoW!m@)p_0A=e7M(l1uFiifG$^b{L)F&D95$>mwsZxvrBE;H>I|r;cZZ3MiAe^! zS)n^BJbLI<0D#rtTvYf+7mg&ove0{#QbDwBuBfhDo+HwVE>bSaXzJPXr zp4-GjPoc>o+&e6242MqD>=d-R#P*#AE64=O+rcF?)8pU%2^3m5MHJT_ywJI8)$+hMEI z`*)z0ll)O@ zE(ur&giJiAOf6x}Krt4&{EXq!J-RoJPsWX@TuQFy2k*?4===&sLg zuy9)g>u9&bS)3Gt8i6CIhKmjjd97>Eh)MZq>|lw zyt#@2Vv!}wn-0^u0nXukfz@K@O1Y(#a!l1)g5X81GKnUlB05xk`W-;Isi2&yto%$# zSyO2-rrc7gb>|CKHuhcc2dlqy&NZyg3n&Sa2DQFTd#@uUc#<%s*xUq1Wa{h|P*)l* z7mu_Z{j8cI;)lDFt8zid z#sd^nd1-fZ!DFG5aWjVz*ZI5ck>t7un(1j8nYwsOLlDWj{w%>5b35c&s*C1q*~{|ru-f&?Au+X=^}xx1%s9Ke zB^>5l?ZUPcra8C}&eRWQGkw-Dsn`5N=Lyfq$pIGVE5`cOy#-W#Mz|Cf&9J8IPVCw( z9E7V=gY#V3kBKKmTL-qy6fhgU(WbUL}RT-`3biNvBf zji|g4{$YlrDg+^ZV~>!tkHmU7Rz2!ktnPAPbab)X*}43hd{A9J4}Nne=DQA9AULz} zb$no9(SMqe5rKODdJFE{-w5pp0K0`jad;;|oe=2mCnkCr+wfMA?icAl)oQiiHM?Bu ztXrmQTG=9XR=j+{cy2DnS6_(rq{PbtHjEgLGLwc_qO@cT1L2IgxiE7e?((M0Ajyf$ z)hj0gQfoqSR36ihl z2Gi*BRo-5MEZ_n!ISig!Rr4Iq;i@e(9tgfL(e7i@lbiREEeX&SU#Q8`1m?#QGu1`{ zBu^P~!&!e5e+rqSt2Nri9e5wm>IYdy$RLkUj{1TwR2(s6L;F+2OmvO{MgIo+%CjFE zaxW5pNfgKkkq%ilOGt?%qpvxELE67&7ouruzz-t$jC%yNZA}^1m7+qkk)g9lb%E%= zAy*=2)`|NCVRku$Wg}Ru@k2T6YWV(fb@TGAj3o=?A^jZFyRH7xdyE@dQSkyV3hFI1 zolC}UP>++E;p*`uq~QHfMod`>ab^6`N&e_#&24)Ehv%={F>iq6xhV?6SO5k(g*=mN zgR-3U+Gped^74zfqrb(eb4L&w^5h3W9R9!h@P}2{s4yuA81+G!6V}io06am?Ix* zVo#6P(wdTi%u4dNYg08jIH&^D|X63T$YIfI&%CBpLt2oS!sWH=*Tg8-e z5AlPzQrClTDB7bIKtLbcmbqE{_b^@ZC8@Mfw&~w;=F+;~?69~zu&U-s@&rO%I4FS) z#3yipL5S3jdA6BToK>5k5kxW7Io#p;SffVEn-_0PLY==!)Dr4fhy*Os<+qgw8K8+> zj`4F^oh4F>5lz{Em#hc|~KlycM>#DPoiTbM*P=$Zv6lkdr2)RUOv6*;rhc0UlL7 zMGw=~Optka(q!&TCca5_J_5)Fl`_GU z1}hP$J!~F!0BHabk+}bLv^!EzuwmODv7`hU9={BtT<(xyrtn_l#MUqei#DwUM(c#0 z4z%^W_w5M|Pj`gOY7kZGTTo=Ao*+Lt$atK99E3EdhxaU+juO0eb&ka=$(?)H;5ZI8 zi~hnW645SDJ+=>U8it~gmv;(+;o~Hd-8tHFJ7K)~#p8w0E4TS$MEMk(>lb|}4R0M$ zhKzKUc+oEj-;ACFvHc^j4rCzt%3PSo6#f-l&-w7)fDSQ;{!gAqY5RWkFeq6~7bKGk zW35Tcmxd!ON#xdNG_B}en$nt@LeN$Qgq`XSJpP=)=Bc!@Ex43Co%a)k5rm^zrFn=O zrJfpsLsYlF44#z!V@3G5Y_B(ft_}~cbEfNi1xG3oa5-W7@LMuiMVX|@0BKvED!6eD z*a4PhAeScOLgp0NVd}uhmOt)4z|=F&R>rPPU?IY@Gn;y^@I=FL0!aeL&4Cx z5`aCUmtCZv*HibaqM;SL&nUGl!WX~$jcwglqnHD^kLlB6>0e1iv=iz@C}pQ;bVSN9 z7~pv)O)osUd%C&bSblcAdO=fS=vlKqY2fmU?Xgy>>(_j#nP$C5S+Rj2(;3X9Sl!b2 z|6H&a#+D*z<4Z8JpwUKl%O`7&A1zQP?h7u^C?^{l4L!nkpmgAE)}2nPtUp#(v8uiT z*3*3ilA~0@Cz$ZU7W-=@BhV~sL2EV}bKqUdb99Kum~n{B=?ihkQr6e?cPzkXsdz1g zpg2euJz%DhF_wN^Nq##-;j%}LVm$kPn2Tu9kYSMnQg$A0z-Zt0+rx z-dlk$E2E!2YZeH~4c-cwXH2vD+ojDc@l(KFG(BVckrqoDH3a*pTJ)41f=W>( z5x}*785B=)XTQC@rFhWt%(R`LSSm`iXZ&%gGA#-zUt(`YtL-e!xbZH+iIeefZ^_FP zfS|$J9|1r8_AH%9`C#oX!`pj;W{pCb`8K3RYRb1#=3v@{o~N${6Ry!4N}2f+o2u@6 z13wb2rM;|w-?mag+!}L8ze^#*0J1vZr3g zD|DH(pYPZ{ObG1PeX*6QO2uRSxqh^%QkVH^E>1@9EeYQ6KEgY*9-OYNW5Q^v#NE|g_EcXs~C+DyoDjW?@FFR-8g0-yq`2|e1k#7Bu!SWxDb+WSmFQpH_|NU5J zwvxQ<8UvEgbWLqzsxZ#*F9UM-LO8XKJZCb*`Er=HaDTJ#Y~+Tfw}%EpMW$gPcA{PG z?U&29socO`3_$I5wSz5BtU_FW)Ev|SZX6&@0VaVa2raM^?CEE)J_AhRf-N^2-D4jV z$yb}Q!=`eNN2sfvDf5x?WR>#>yFc_r8^yg!kiDQ+RKpHY&y7jj)8+sUFvxR}VMaeo zl)$Xp6CzX+mkTITR6W}JIWsO&B2)s$oD00lmMJ2<`p!8BYy=V4oLYTJIb#|^bgLF=Z93QLijNVeTsD35#w+vkMHxKn>nf{Ot&Nni~qr}QDvq6>?wdf&v z!eEKkX#UhZT4~V^m%_-;dzSJ?(q?JUo@O^0_-iT_z=NZzosEGWaDudumQVQ6@~qaAxO8ZW z$!NBl#aKCVoy=HTmAMIwznISzwRwp)lUXaPAB45of5fCl}#-2Q*bV5D;D3O+NYnuO474Q{#OYO9Y*pm{h-o09tZ{a$U{&@^P zz*lVl*FA9%@D)1p{o=ox5@tMZ3yl6r?bMofeNX4abFTHizSEj-;V8#YzMyI-e0u-% zHF7Zi_YG&JZyvILH+4&n?T7(kgcEu53Z5tgoONbNckB_(R!s5O8bJ6%0Q<&b zW8qLyX+A#0Blbfene1^#)|5%bIf)zqzJ!Fc!vHEOiT+vxf;f>D>Bl>6$2>Rsd^t9* zBGFdT4xPHW8FMZbHXXKC@{D790622wKd|Wuzm^8tkt4|jCp$P9>Ll$h6XBnCoUUWu z@ZTc{{ioSOUx(r1<8zT9_2<|UdSKsnoS||me*Ac}XqZdcFQ@6YsA9I`Cr%QKlqHkS=khwzG>Kg0lujn|Mky0I68fsOyBnZ z%72*|7?}UvMV!=JkHKp}_TK*1?mY;eXuko0g7ETB0Akcz@ewD+itJtspslK-23G0* zS;8@2kgTFJS*dvg)E~B~Et6w_S@8?K4Nbjc#hiAD@^evx>(+&KO`?9vpl~Yb9oaQK zBg(0$Im896p*7BFaH+78*uVu%aFBUT$s)Rs#!xR#mhi7B((p!4tzt8OH=@E&LhOgiof=MV6?t8sjBy(HBcQ{<(EHTR^5K6f!)qg~2GiD!8O+l1?hMbds>! z7UkipZ;1@lu2CV?;Yn!@sh+B?jcAsWoN3cG(L7)8#7TZ7Vv&m9+C~tZ z#t5N9jiL?i6_Gy_zc-MYl%c_pmA?hsSQ&5heIk{uB%_^b?4fr-Ut_InZt+i*a)*ZD zAl5Tl5aKC)CN7{wS3H09CmX|VMN_!6wWJhi(uP`rWtgp0osnw4o*7!^CYFaE#s!@Y zNwkeV0|fD(8rKjXO7?Y$TBY*244c;l6V#n9&|H*1ymdcv)ziT2QB-Lf*ogq=%~R?4 zNlhj$n@mc(b1Lc`XU*d9Tmx8L+k2BH(b%rRYequoC?PVttam1vD88yjC3V}$Y(+y? z<>Nz%{Pdd>%RTS614E{{th*)4^t#TnIZmmv zLnSa2>z1-Z$8k=+hXv)8)1!Pq3tN1KzA4KUr&4bK%AcnQFc6*ZM@Js-Ha?5IXLLO; zr{=CNAMfiGmwtzD>^)O%GhZCKT0YQPcN3~D9b`dI^mIMhwl%ujQFj+psg0hx)AM(q zk!RcOrpWA-8hX$GP*!OP ztXGr|>S-kNY`I5AyQcK_P&?CsKFFAaW#V`2YTz-??wFYvpukAJ95m~M0(|E28o~sbxv?=c|F$riq849 zCp-p278l2yhQPn zt4)fapZCaO7{!O+s5dR=Bn4aE4`L36QuR`D@?rrUSyx}oia-F8e}U`d=45uzB)=r89lW11>v*-@K!oSdQ1i)Kg4ddK z_jpCXjJ~7#l>^O~bapdk8YL9VV|gM*(@I${rHJL$WH1rA>U}wH|P)& z_VlSu8zP$TdZ~>HZg;{w*wOyPtM_y%=I0&dx^2`&1P(K_Rn0#96+GqCr7UeuMo$ao z_y<51wlG5!ns!H-Ce`Oe=PeDWO_7c_d}>12591!lVuO3Ct?}DJ{2lBFsEP2xyXVG` zwqN+uwGv>pRhnDO((9$)W2~-6i>qN*=RNqHUMEs8lHOhaAR50(l9UQ^l(x@r%Z&q; zRUYn66<(M&oczmMJVzxl!j$Y9{3O2(V<1910!=MH<5XDdw}eG=LGkm3j@~U+wsU}$ z;LpUiK7s4%P{9k>@|#z{9pM3LRc|v1SU)v$sU}k(s|i^pX^lV?BQ^GU;yiiXh>U>> zi2WlIv7)%LA0Z?A1oj@8ux~u5-t64_DY747dUE6I`Hf}v74!Q!TP-0pGbX$7MF` z{F>S({KT3XDvr+gxWiI6HcF0H7DZsPtR{hsZ9d{^kEuR8Y3{D3hSLt6afad@trR-p z3ab9s%{#)0%706lJ^9qQ9xm5BPn0*9YEnvKztWKisVjaY%Yf=btsY^bGtK5CWak7t zB!fTMYdbWWKMytu$XJrxzgaMHdGF3Z@fIeSwrjezAP0fwZ=$ozNm0rsQ_G zED{Q~+sX?8+yLdg0b$%*+Sx>g^(^Jn6I?b@2?d-Ydd|sk)68Pyjc$Iujam=ordJo* z`V~P$ocrm!%!&%k4=J~0%lh(h!&7FIRUdVupefGS zMytPvJCtxQfxQqY#mNQW!Zstn%5qFlVCQr}>?S_=6EW~1FW~J&B$y82A*y*mq`Z#67B)bnnxQDvQf6OWCs*gFp9fpc${C~ zGd;BAdyrR6SBh4+4NPauU z=UoD=C<)Vl01^H&dV=1b^Rk#|v3OyCA4GgwfiKM7wFV};e2BG(>!F09AKkbF$7&`r z^GPH6661+OWf+&M#Zam|HWwk-LGU!#oEjkwe&!^UW2;j*OeiLKPGQb?QoR;@$9l(2 zB4dA%&O3)G9CGSn9Ja8p=$4wuD7=p95N0`^IcvLY@4hVd?ryC;6~%S@ye+#3ge-U! z&qTB;Y(TFKyG^f#yf7@e0D{>ii7SpU3W1#K{)(*#v(HwX;K(TEEe9EaN;ZdzXRgf{f30ZeRy7KxEb$qtoO>HnzUE#%G`OW-60HLD@Ds1st>cLM!lvDD!HnYG zpP$}OyOo|W z3wKuIuQ)vlg|8i~J-0IUkJ&htNdHrbUd&wx6?tvJ0#ylbwee&jo^~{;9szJD7kgI| zQnscVHUCpiTgxJShm?1dWkeSyN*P<60=b3MF#pq-52Eau5ZgAw|Gh>afk?uaf%Wp;KD0;j+E}M=AXr6&GQhY&Arc)J`uykbmsnhwZO{A z{!i^%76#6Lw-{(j*L2)tLmSz?qkM;A9->}dS&5B69v*6`JN)stxWK+IlR?HWylY*C z&zlSmJ}uHnknkG(Joi(Ki;GJP=uiSU!V@&ZRGImijIWKo<=|*SoRA`;__TKp?N$aG zXpu?Ag=yg@3p$fxw@c?x<%!_R%j!qqyNBO9Q$VvpS+n^m9#B#au#%qTLr1BXuQzRZ ziwz=9_DkdXJcNqrxQ+9SyRPy?2_0BAyU(cVwD#vAeWr>ZNHY5tSdaJy?%~<1_QZ-} z9=~Q&IwLQX@_O}pl%jAQv(d(TE;OJSqli+H!6&^^P zWX{Pa&+w^;Sh{wuPPNei$dTP^maZ&5T4AM%sslpp$rH59bz4Eqx~G>elAi&sHQqHj zks_?QN6L(byaotd9p22kbkC_O$5-wTT3=bIhYnoZKW&^%+>@7kctAh_Q6cAWvg7mC zi%fb|0}K{KDK65L?mM1%zn~q;VuezpM6`d0LspNPR^iE@#^8`Q-_U&wa@4sQ)z&sb zY#$x6S^bF+18N+~ij}4`m=Fmk4M*{q@L(eg+i{V$gGr4R<;WwAFv9_C_aH2W2LNDs zA(81}{zAF`gtY`|^j?Dgxxx`P1}gJWx(^wD4mQR&l8#XMZj2jFDty%m5M5xTK!Obzd<-5!=E+DF9@t zj3*SwAOJtyW`=Zx8kSt&33JIcS0&RVCU9P9a8_hu|JRb#u@(9oOKs)tsi(wxKnz_& z$KLo0pLU8FIvHR2^!tS(>5fp<2Psw7~`CM~8;5^q7mB6}jQcZj2WR}gn)bsIh! zg4L09by2By(`*H#NO@xC@^2L(C+ex&O4pJrTDO;%hH~EmTVpzD|KCAaPX%p$4`0|*c90Eq! zChmn~Z==0l*Y($IHz7ZzG>uSSQJwamHQpN6srwfd09}mbaA{v{-$LzHQsPTN^-p7W z%ZnIYXFT~P_bCvab@keV=ThP|I2-2O<0W^eU1Xly4K12+H5I9QO=`7Kq3B;-4$9KU zUd%fI+5UalE!%abuFWa*6Otz!pyAM5yXx-nRl&!Rt4Di>=54Fni{FzgEe*-b#S=pS2TFOX!IOC=(pdY6Dd2zlA75ue42g z?C1KDNfQpZ+TH3hu6=h+@gCBeeDbT74GU$q=#)Zunp1Ig!L=6(M zisg^qGR=qTMRHO(iS2YH_uQE9w8bsN@uW_fip+G{V<<8Eql8ujpie}07Yi@Rt`a^N z;*xa?=?C#GlGDgjDp|_ZO~n@)9tSQ!KE{C{8!4P|LkwFu>JckJww}ZjRP&@>IJ(wk4YNg^R4G-(=C-xF>RGkBGuA;;!B? zF10a_B37C=YdoJQi8E>ddo@Z$}P4=d!Um zMO8^!2||!|`dNGl<3rG*vJR{%{g9WXngSazlMWz)Es)3^Y?A*A=!3`{)W)6-$WTK` zq!t~qO3NDKmB+c8w&(v*DMoPyDWMzElwA7|o~0EG-95|(yT1<2t61~_TRlpN0ZEI? zYHQ>srp-obyu0-)p^zYYNUewA5>+$NM~`Ws)`$hOn4x6#S2W9fg<@uOG_yJ1n@WXs zQ@cuqInp#wttlSF&7`6{F-8%#pIjKb-v_`9)!}TC>OUhmfTPnb2L+1Q!n$?uR^O62 z#cd#j1`W%r6(~&|rpwXG5rNVeGw?vukhyYp=+s^9^$yMU^hFQS$9;@@!3n~Rq) z{>_r`5jthXb{=M|soOMDqV70nV7nBw8t%TtMHtcFY>`6!rD@rdbDyGEa3ikahUW(L zb%r57%2dk)cC1RI)PxPmUWqz`!6wJd!JI;6Y4F_WD$V<`0Ec>3ZEX<~>vZ0;h~Z_X z4AzJ5RQ`uDv59+>JSZpXTyksxz@wIpFj^}1mMY)Uft|@qLzt^!ZN;v-`jKIriaP(2 zHJQtq82aHlQJY!D)FjUPmgc=!FUM?sqvdISs7gDh;I=hRqsjZtfbmTJp}H6awJSR- zIg6G_tBJ*$JLi;b!zA+amGw0WXo~4n-Pc&b=hDtx+#gH0?B$i0g|84yG;?7mTM{N>)tuEfdq?*nB zE5gOSNnL0>+FD#wy=uDdFB+WG?+X%k^W;k-J6N58Vu=}4*NeDK_jQoubY7I&hTp=Z zByr-J;4kh>F(L{JlHfc{a(mj2)EzCU$Q2O6Iltzll{4pHO|}+p#!ojh+_!G>sR}xd zXH+wlAL({BJI1HzT0C4;irs7%SO#X|HRnSA{sPlkXjpZ0nKm6* zd2h{`Ts?p5=AjmpXT7qYz^w8T$dWQ)6>zOM4Dl8jU8!_=Vk$%wyY=zfl60d3xyfmX zRR1BRh8d_fq%E(Gd#Up~K34)V9Vk6E*1@$-<90EXMG<~Qi6)0pAjg>F7JTf(%C#o$ z;RhU)%rDpwMLZGy__!PwD=gTgs~FJ0?7~9gruw*u%CX!^aMF|7%&^CyZaoHkInh9! zI$mN1!uFK~yiHdb+0JYufGRsrr!V~}H5Ea}O~Xu|dW?J_^Q@0G}Vrr&Ss53&c}>>R0X`108K&;KDDFmU|W z4FCV!5BOFZ_|JX-)3-3x|GfV1Exs;I?F!=-c<-K`{@9DiSTdjT*ct&9O)yFsyJ9hC{4`i9oQo!r(vUhH zP0TttnAL|YkCgtv)!?W%nx_`?(Phwu z4Ou>b`T~LzLyE|?3yO_Kgavon_oUc~5pV}ufLT^*EdC)%=@wj^t+1fTyxU`ASOFz+zIwQ#wu)eOp;XnRt6$ z-f;RlBtGvYkz@Xr$nDa_cY5@5kRhP*&IX<@slqWXm+4 zXS$6p@8|tb@8?a`ulG;nubZQ*Si}}tqWznTH$teI+b6^pdIDd!*PG4d*fZ`n-=~rh z+ivf>v3c3Q=yfmmm2R8*2_s(7FI$~~NI$Qhj`@7v9-#$wH+eDjX@$H98nN!NqOkrP z_t7xMVVS{MzzN>MjWLr>$MFc=dZkFKKJfgZ=2OGhTVI7#Ks>={E0upe)L1Jy2@2WAiruo7?) zx1p;B!|57K6oyoOV|9Zv{tD>*(R=nrfqi_3w>ru}o>adM(a!^w_eYv(m!yLJXFP7Y zhoyU|4a14RfFB4PUZ_ouJ5sN>o|_)#W!r)~Jd|4(&**WvAaZYBEqOK#R*pfM4xC^f z(!MF+q}vNJp8!nW)P{ou{&i)C*}nWxRL(}n%1)m zDzJ}*9|vjL=vgc%;aU-HHN?0jl40lCDhkEfIvjz5Ts+VDeKQLS5+6)8Cq84h)F`e% zZjuuUnrf}u->(eaYR*oMO_$NzB+L{d_C-wFlNNg@M; zJBL(eHbUixk|~JK{!3w80xn=)F#Wifarem>Yf!kW6AsJ@1g~i?%j&KhX(L0yE&qGT zf661X0t_I+!69;Tr3v6mOSQoBJuW#aEei|{mMQ}IS^WYMPK~K&nOB_35gvyJ*2z`+ zfnhA#xjRLs=H6mXIue!w)#*I0z`%Jo<;NQUwIKKas9`9O_5Nf=isINam42il6}!^Q zr(}jBCg&M5IuL(~3X-`>qeljr2bj$hAn>7cZX}N-RsH(H#B~L}*7Jzcg6IlKma)a9CFp>=qDINr1zofJIK#86^ zc?DuGLjrnO%nT<0s|G3QNk-yYk5lyou|C0{WlZY7Tt+I$4+F0FSKN^z_|8<$vB6g8 zDi4T}*2rq!;E#eCIs!%+3Zz+_7w}>Dy3tTyM?GWIplf9|!M%aJnYhW^ajr_3Y;(}$ zuhKeo#!Wtm;Ud@xYhgUZKp`r=B}Jr>w1fTa!T&l3+M~&74&-g|Tc)*S?{T9+g6fgP zB5x@$om)Y*dVw2IJ9;8R(6i!R3HIf=HH1N7p?Mx!kJRFa1@022`d)YA4a>LTbBMov z6Jc9=m!KU28Y*_^(To3PulJqV{Vt>S=RBfA`1uVSX*uIH<=iEJ+ZcDVA3Io`QqBh3 z<>-a{;c6G|tX=cR92Jem^|&dvItXU8tAP{{sG~V#at(rSYR=pP1u8D&U(p}qr=(6? z%sDb%(7b7acfjm*Q(sOq9x)CtY^$v?ppa=r<3wyA@hT|#sRii#&yAF zZ7ex$Row>^r-(+}zl-bSaXiz;dY=>uPZjDTaWi{h953K6w%HLy<|c<*mtts51ZcM} z`ZMLA=6oFiRB-dzj4TycO-dFxzZ{f$cn1vP6iczKAs-(!NQ54cf2k`|D3!EQG`PtE zehs&q%VNlmZLJ(kNeH85$j96aHQd$;GB7~m4nLUdN^hUA3QIIkqjZcPEA|4 zGUlbj9^S9WvwsllvwFO1qhmYKm0Q8p37N~v{|0b$Qymw zac_!!OF%Yf3+^s01Z#$mAnPpSnA5(cLSm+%#1%Z)fDR1Dt!7(G$$;$A1#_2NU}3fH zJ*|;Zal{fMXkdqt+EI0lb>03+K8$mu-9v|N{7iDAi4yYy0s}}E@ah3(p1UinLS9aF<>%Y8*xzgF?K^44We@dAx@wOZ5=s%7bdkrt4a+Yk7NYc} zFbjE15zw}VOeC_Y*EDgYmqiwwQB!4s{?zZK>KPKo@1;wR; zDBm7un0isYFZe14`fZ&(`pyD=Kb?N+&I5XFB0LwJVo%Qqz!!O8$~}`Tp4{992S_BF z#F8vxDHdavK*RsPjOZoM|KAL2BF;aO1C@=T2LuV8;+I5ip$D}B@VE>A`(}#kUEW_(CU5)ww%3_><+9w3W(~TH1*E)ENZ3e`FBuP zkBg5FLIIz;JNw}d|4es{dn2#K`jhltfId>>U4gNt7vDL&lCg^mL`@293+N zu1vQ+N1*@&9j6w5PK@!6O%#+QEU$Kb@q)iSR@+a*KudP_I(cuMOQ)L6rF^)4W>r?G zQ&MChgPEh@qc|xqv;yo>nTpXD`y!KStxOQNWtR$tRy{L3{%U+#9P)1HeaG57Y zBilsJ8#ui@E2tW;X7$&iuzksAT)K*FSDm_PiT6Q8(gFga+QQ=fW%x_ROvcx=3|_!G zm|e~JG(wf4+X;Q_w6Yy%tn%`B(&+LHm0F#!y(Yz|;PmHb?cYvF4x_N@o`!=aC}6~E zlQ&e}w&>yt@vVt&TT(<+5WQ!tH+Sk6D#0}dVaCnn`*KEgp&AR3CsrGK)b3$I-bRi6 zqrNjo@QpHW3#RjkkEHZ`nl3R-%11tyM`|}R?L{=2KR8}Ag0Z$Hl%mU~>J&$43P91s zW|PFxYfT~1ENdH2b^G1c<5G9>o5y6)Y3Dt$0{Zmd>n}@MJZOod}nmb`(Z6nnH-c&_ow4n@tZAW>l>Hz`El`qx&3jS8q4RUs26e@`n28o_4tvxz3?%y{&vOp`7&}3j~17D z^7|+}7bVl(x~ANH<)E2U&vHlv36QcpI*S7KGLo`^0y6#X~_eZ-$FBci!IDjH!K8z z@Qej-PsPjM4bGKhxhGz7!xGMHyMp=v>n}Fj*GFQlN6pI>XhgF9e#)&GKR=gW3DX*n z|4$?UgA(nVwk%~q$m6K!Ks&>1UmdQ&=>Ad`DK3&Y+7tlzeJ70X9+k~EQ=<-p=?s+? z`Ugmv1SkGVPacHKyYh#$c9uO*9UV@r$-#R+q2o`&UN^)=oziE?-gxakTrfI^zdV{2lx`dV12ob8TF7#kAq zp;$Mes!Tyby|_@IRzb!6uR&BOfM2$v0;9Q7GP^yf)`{W9(;Gr4u~3OS;546tCmfAL z0d7r$8Ue5-W4`L9!{nt1(-2QpD^Z`8A7#q05YCK(brerNEAfz#-OHf-bL6Dc9I8~n z8lPFUO03DhSJ$E_jFF(9->$sMpsH+PeU_8rTE@vaYHA|nH&aReRF@4i948pu>GyLM zkW^iAJ(dX&VN(?9@Br#}9|y^fbS9b#b12oaff)*}k_>xlVXSGrxY8QZYf)o)^z2%f zA&{AlQbIY!R(m{F9A)Q4FF@;B=qZ5ZM1k1GLFFP)A`nI)BU|4$N%c&Sn=HnqM>p}!Tz65fx z%wPO65J{p&z|r{kBsL>5Qt}qb;^t>j#l$wb`l~Q9+A(eSL|_B2rBBEl+-iftRCwj| zdAILI1myRev;m_np}!(TX|N*89o`YZT*}p;EW8aDW?O|^1rEfx4zFDneqKWruujGI zVj0E*Ti)HIv4mf|4FCwbb=?UyT>=eSnRl7PzqJk9=h=)!lI+T>KKGCuReo@^kLtZ0 zGdqbTe_S?Al$h5`clFoea7-9|t@_Gu1T8L~cX{j)R5&>c z3@vY75FpD^nIJiEm`p&uWR7R%=E)#2;WkVx6X;fdk^!!~fYjx-lDd+u)<^*-Hz}X4 zQ06oa!g zNF>VzS?#r}tD(wwYFyBhRWAl-PqS2Cc!S>Ka_e?V9Hj$IC$_9DB_2<26XYqM9}&PTW!v&-Ruy9MB7}}| zBJP#UqdJm@=i7E5IcPVML*WY7`>EuPrd1FwK7{4gW;vM>A3V(A9zB#qb4_lg%%Z^(%}d}_B0l&fsr;XE-_)ssUK(nl%_*5v}GU=1d!E&&HrEGm$Td73ozwDOFqQM7FcFX0RrY?nFTwZktF1?ik}ROZ%hSedmsUJgsy zVDmVJSDCtLHHtKG#F_xuTz*^FC4>u=bpcFyK|UKJ1FT6gxxPV%XkqcWTy$) zTzFgnZGzO5Sa1rJ_?vS@SGZLwX+I`$T?g`W#noo619CYO6r)tR9JyEnuj(KyI}4hY z8g&Vj+O0u#JB(-Tr3wk{p!cDRb`lkwZqoR!9V>;JdzC9bb_EyRTUXafF7<`8x0&?( z79hi9(W$H{$jWd#-Jk?+;pPwT_@Xxk)1woJzo)P*RLquAg8-VTy{?;8EJ8V z0l%)A%QLBE4QS?}v<%kU<@m_*aEtbwtAlT0S@#IPUcdc55=J4kfk6_M)6G9OoXB(I zUb}$@%@7F0eegk|`0;@mfKxA-BVWU&$!@_~;X?3=&T5w6)7X!W(9o;wXez6T{PFGh zDGCQc)mo}18iHZoDoYRy zZ@kMz$p7dLiy)9W4mF70lELH*C2+A_QO2I9ro7uUv}M@tHA0<G6(QpMU{USWOKJ2_8byT*|BT6i-2D9`-c&;?qkm~so zxQt=r_J-|lEPY~PJwQb-Kt%Uw3p7^nWk5V-Z%BK#W{&}5lqB=X&M`a$!6FvhTh2uT z#@c3<=ixla#41mXo|?d~1Fi7@<;KHX7&s3LS#l3W=PhPqeLFVe13xE(dkKL_{Bw^u zGkD7WEX7YBnk2u=1j2BS)n=4ka@{|?giu!y@V)c(l()t+8wl^QI4NPX$DLGOqL{!- zOg%qXIv11eA2RB}&e@p7o&G?845K)2e;YW;v;9ln2m5Z|8X(3+ z`vjELie&Sdoo^;z{^kXwhE#j;#kKqtB^8}t(s|mR2Z#Kg5YpT2gg^aUKo3BYmZ>aD1~%UiJgNB!g}%Y6F}6@!`K-<3W8P3&Nx|Bo#emooI6 z%Goi7uRl@R7Sm~@5D;jM!ZVa0tRb3hpQVRwIF{2bJC@QLw&Z#Qte2cV!j$@)2*vq7 zjy$$g52td25N8EimeHDaxMaZDGpsgb2)YAOsyUirHLLU15W>Oj)xtv8UMRZ(7HV0{ zS(o6^r;20yhG zA-alaF8j-z;j+F#$`sX&=|GTZPZ;d)leh6xd_>bHf}WIg0p8w3P#0}B;ji8J(nxt| zlT`Ztc!;*bsEDk6mj#Qrb$?GEc0XU9!Ckxw{@RjeD)?v15L3HE2~NET#~i78(=+mc z2~0gaY>flJA3iBsqEnF^wg)4c_(e?Zll{~5W87EK`LHuLKA#-?*bxrqlT=jUfkpk0ckWXR4A{j7{Dwa5TlR5JAykaAk=7_T%Pi0}AcTrreTd_d=Yj znJFKw;9$WSM(n+=F0k#(5yu%YByCf845+H1)1$jrnkNUhL0EGY=5ALghC}iIY0HYF@%MQ6wmI^s0lQuN9sI& zN5bO!V}K4mQ&1|26qHV6W8J+S8X{~}g*&A4qMuB_6A8bXoR`Ao7hWp;Y0_yd1UZOI zTwLpGlbgTKV~vzt|0TE|{4Dh&dy!s)mS@f1i;Q>7JZIL`O6f6QKrI`8i*(f{R86`( zhU`{Ly*ak%PdWXh2=58M?uj|+-1Kgd<(F2cb`NYw7OauxkTbYMJ`T~I65vX@)Ie+p zSvR2^t5s5H)f7RF45?h4AE2c?l^l^?%9^1(aSZ2ZkHB==~VjdyC z^PGO~5NtMWv}W?68EKTBs+VqBv340*$~dskrscYO*1YaKu~vM&-Vk?@e)MV&C`b4P z7ynu;_=obu$o}u$0RO+J8Y9#HLDiTU+5S^hZR&?;fHQ*lLo~?8PfXpej{O2MsHI5) zK|)BuOMu`ZzeAFq>^eS!`s0_Q)TPD51~wDOv%m^rdujRhkbYHu#=F&&jva==*n%a# z3InTbHJVRjKlKzHEDKdo!Vjr8kk7w3N-fHT)Ibtf&hpoPv}wC<96;)z1F2Mk1)Aq^ zeo7EN2}}}x5(q_tqBhAI4RqO78VQ_sa}vp(a*P^wlXItU98j**M=emE)^v$rQ#2Ay z*rV~Ufa5R~R1rau26R3_bS0=mob9zKT|t=!bY~-@27XddL=4)m(&f2)Fq*L!1!zqZ zbsqBuH{^51UqS|*yBL}V*gJ;g)-~&}L*Zt_>W~LTQg}AE_)W3R0GHhB&GL$PKW65O zl~q5j^uVa0M3&a`3leNhK?XF+r=r5aI&DSq6NFBUT#JGwEgDPn>SNGoc3DIt@hoMR zGmGUT)$QC1mko&varkFm%7Rk{*A4CI;{thifuct`Eg)q^I*(8^rweRgtMsuN4AC^3 z)>5VOw8U!JovWU@F=f>zoj~ZeDliuQ2-z*Y^^zcqu5gaomk2X@TF|$_<=R$fz?7w} z9Pep^+GdX5R0H+MxJU~G92E1q8#+SBVE|*rkv!~r>#6e{e(cS*3++mJ&xi{XCs1>G{*`D|Rrjb((oUQgQ>wGiW-! zNNfrhpO}w$MZsvo{b=HTOY~To2;wB8A_v0Ps_e<ni4%iu09YwBHgPO6E?i%0T6cg#$8^u}) zCokaf!`toNK_=5n*ur^gP5qtrMgFR-#3W2BF8&+4=bq;U(wX2n#-Ph^f{lUn6 zNhDwF^_T0{QwO{r&j-e^{!unD66$7-;WXrEXg;245PvoiX7{9r}Wx?%d@#DA2T%zMAZZ&mQxm;X9E3fR`sTT~7!V*&E6sgWz_Sk<*X!#d&o~z+W z)hso*JwkMIo)g^9Ozw2xUxlT=nCqy9o{DCU08D~WM5Y0`zD7N$SkD1*poS7sR}Uj( zivJqJDHe<)WmckcSW>ZW0OE+p6{M^V+EN}bA3NrT>RU@$D_$!|W>4l3U`!xo&NhuI zXw`Z2revV_x%`$Hr*J(>dX%L@xeaB>|k z0!KJfmx<+OU1L8u`S!B=aX>{ismzH0RDrtops}qgnxwy9CUUo#xi0BycJy_bUYT4lv+Wc|$-slv%o$v8v+Ye)SNevj<0)K8TO4W2 zKF9Iv7yG%=xL}Fxu6>R6{;O4+Cvd=xv}0#*LKn6+rm?&Fnk%$)S-^v|c96DZ9ZndU zY*pvYzqgdnwc*yLvsC@)>oy#7Ci>oJ&--l*TdZwLV|M|nGM#l=!&Z;lzUUjPE5GOm zZ8Of{h0f>OjUAe}qS{ahT&no>^8l)}&QrJ=KRNi%*0=8Z`xISOspHCx@1(tU^Q6xA%c4)8TwrrPB@V+Lp2XFmD{ua3LB z@pJ7$mvu;%Ve2YROOoMKH6J^woo6RZzP?pB&Chz8=lh_1XxX;c?1mb4BFuVFXMCx$ zKf8I}eY~FDpDvy+hpsmwiP6PqW3+MF*c}}X_eY1~BZ<|-s$;Zq+c+Iv4$nrH;w%0& zu!+;g;pk*s15&4%Rk1fZ6`x7WCT1IR@kqS?|IV{V;(tufDtwQg>%GLB&zIAMssjA2 zd&{i~8jPl^UhbN)J_e2aAxO}SLS|xlVwY8Gqn$U8#+1~_pxV?g2BvjlEXf3k- zwVk*Mm-ZaMo~pOCE+B2PepIo;F-S#;efpwQ&h(-r_33LSSOv$lM+E9j^Jj3bV9I4vNB(ib?1GB~Jhd@QxmC(p zPbKcB1CmxaKe(Dq-@Ldx)fd8=CV`gLdpRG6;nErF&*inX-Q@%Jx==CS6PninU0xWZwRQ{j? zQgi`nvNfX!;stq=f(9Ye!PlFOZ052*Glq2elPHJtf?Ur|UQe;VJ{-Ycmg(YXx|0Mj zW&t%6Na-AZC{P&%|MJMdz+PvttISV>l}?+_G+*HQLP+%m^Oe6~NDl682C~?GYzSRY zfN$4;8Kma%AzQ944Jg>3+0}HKo)fOEgjj18kQ~usEr7?H25kQALz>tGN(idUL zz?}DYHWa%NFJO(35f|{q@W<2sB?7Y{fr1!w2#ZXC$t?WUf84x;rcz~5V>;G%@7-n5 zglOB|XNai>-Hdnp9bSw+W5py#%6`St>$51Tn()rRh8u&6c48k>JwyARb+cX~kjx}+ zH)-%}X`Q8qMFYv|Rbs3nHR{R3;90!H!gbIwmxMpB#n%y|6&`qmR9{4X@D=T0m>{h% zX&{roJD;D{Qc&UWSFEIX48?T*8kR4Jl5J6C`kGfZK47kH`d#QCf%49*dxDcWyzI1D zx3<~)IR_2ad_SzGKi?mOFj^@I!9;)47hyD;bm8`~)<}A)+QkCSYoR8G^!XCP)hbIz z*M+uH*6(2nhm5T0w8ZHQz1lwLtCp`7Po216;}YI0EDy%7Lpy;0apHH8q4)_6NM`2E z$P=0Y)EZi?WvA5EVfz9DSz?RvnDewX-%)xzIK)sgcI&xHJY@VJL-)ysUYbOxud+2r z>$9=@O?r_`R7AGz+F-T@(;cUHwX4G14HESzr9Cbefq}YylZ0xGPg&CKkRG#eKXH-8 z``5aIUgpe2Z%iy6L8vG@Ru#;zT!?nb3RO)^BF&OBaT%(4aPomdRAWtwMoZKM*2_Xb zE&b;Ba%lDBzko>2f28}F+nu$Q5AF7|yMF1+(vK^|su1vzeu7WReYr}=Y;!cqDMW#}1BFeYopkNbt$d6DJ{p<#)ko^?Gcr7`S zI5gr{g@6s)_|6f`*r1-j1H{z`WETDNg#b@qVE5Lg08fE3>caV}RK>#Hu!+t@H57|z zVgWc%zD~I@MSi2cW^aYZf?Ors zkhwLh0j2}BeR`%+dz$GP_U-wM)Ywxt)qW23k;|=u4?dU0CnyeQEwmSe3&fApAKEI- zr>H;}%T@@3gf#W|5>eE<#f+!}rDAsH&ekw?D-Oen&Y-r3+-%9u875|V`c2JQVb{qzszmWBQw`f#!S)ZqVg z?>v;MWtU0+Q*M7mT`=?eYyPmCs+ak$>xE5irAaE`fkKrIngm-f&rE67hrJXM4VehC zc6dEGJu3`Afc*N!o0G}0InL1Pv&G8b_rK^78_7Y7s{|tYHo+qymrLIm{QyEm30a+Q z4P9Qp&M&u|JcQaZsrXQ-tBL);q14eDnStHo>)i!<(Vy`E0^4l@^p+A4>BHe9iqHee zjxqx?Pp%%9)+A@XJF(%vvcV)YaSj>x->WFs8DXzu0V+l1 z$%HGvRAOzkER~sRCQ1f2TnMpHa{O_Tk3DxN_7{1?$b0npO(h%~?zU^g$fh5r{2)zv z?@Wnz|8d8f1(?*d@qk};H-UbcRF)JXan-nT&MPT|R>$tQLK32!K-N~G1*VDzL;JLjAE;FBlK4D{oeXFI*!;z^1J_)u(V+<(Sms-ayLXGW-7 zP^^iL|2d*I?8P)E*sbj1kaBM>ywA3CW)+avV3Q+F`hBF9m!}Z_8)e5B*TV0>^ds1K z#1q<|w6X426aLn!91#UxZ7X6C&)Jjieq(es;dn-KY?4?QleL(JFU83G36!8tbDH9J zSvXP3N|uV(^{w;Jau=+j^UHj0s%7*qmqJ?3#`ctlbTSf=6%-3v;yk$wm}Jvibqh{q zPwX0>z+?Hotkb@oH|MIncCT+XS?Y~FX>y}7{DmL%aAg6H!>R>+J!XW}ZxF?+he507 zk~c|ks!+7;h$$Qpl3@^0Q4^bys)DrFXU(Z5db3MrylB@AF}xau0_i#zdXNv!yshvb zK6>W=%PZ>tizqR${Trh6qiO%w@gGQ6G!BmhPINkTV(X!Hkt z&8=Sg9Nm%bu^BpCbP@^9ermblFGZuG>RMK^F4Yl4GVL0(q^xqRUfD~pV5f|ndWMwSI$5`l zq~rvd*Z?P198G3m1cJACuQYpfukIibCIlL$n&}}$_Bam0Ce6metN}PQb+(m3@h6{`_wkhZx8a~y_ z{8iQb+n<86+YM2PzYn&7qS!x_i)jF*X@&wuNjV)2z*E^p)}Xhl;AI^KdcQx$YD-3z zG*Amam1ELo0~L(O^nmvBYOSGT;r#o{F-Lai$6l0oD@)hsZO_8@YeNqHyX}V^@v=Aa z4sQqbN65qLZQ``1+4g=6WC`)i9srKzE4=QI+s+qjsC!Fr_gL>{#1qY z^Y!-8h?7Uo@9k)-=h~@4uc)S{dtk>Fr(H5M6fDFxA^NQj#dB(jhu=Of)}s}BkqKIDGz7OVwIN+oSy3#s^pV!y>N>E{eiC7 zZM~n4g#$xRAkxLhcO(b)9Vn7#%L%39SkL>H|`MP)eS>Z)5U6MMZ zSGaKgu9q{vu|xazt93K08+iW*3KWyGCe5h1JUA$UzrNMC5!9mPT^LT`fI>FmXo)DqTH8P1U0eP_*y;KleR;7kVovm7>x^(kxxEl@ z*2L-;pI|7RllPe5gSSF4Mf4Tix}#i5H|WdGWCn77rwTEiba?9SMX3{gQs44nDx#QZTc(FQBtk+En zh~strogPRmbC@>Qrhw|7sKNrCUgqHeorX3uV0qty{Czk-qf%0}kKKQbD^W|}mox}V zi>$>DOFKaKfG`!+ZcwOd#}8yC@|c-Kpa8u+6MDe9y`$hhXLfT&-g!K5L@rjBR*LSk zc+G^4Ty+*U&ORy}1TrA}xKGx3VWjn1v}H&Z?j%xNpJ2aGrA2A*p2!cA48104h~_&y zY+&ovZc}%G-mUw}(1Xu5s3u}|6y|c^V%`A==`QI24U3e8aBq7N{Dd8s>+!qAvDDY8 zcCSh0>4Y9(3sHx?SHl`DSNZvbAj0X78l2_LF7|8al{qG?KsTEec}#TRWQT$X41?2d zcNyFz7)~7U0A1D3`F?q<$jA>a8yLDJS%?AWQtPYzVgyi@K#fE@8`z5ulK8c%YldWX zI5Y@@YZ#FmL0B-z4(^t@)m8^}^(%Sp zyJJP*c_+-=RlRx7vtghWFzl}@1ky@7uIJhUXV=#p-6fnjBZ8K$og0Q%J49>A8lxx# z=`l@)09O|{Fju2Xq^OD9yK&F_$h_2qZmCJ|s;+R?x=S5Zq&wl98=w*4S70|ZCEHCZ zY?w+}^HbiXTwjSP2$Dcw z;;yAP!tWuCsxI`%hW2%@IkzQ0@XsY%Ic#budG)?BDDzYT+^V zr_dR6?H8}Cy?K9&-hpI+^9GlWq4%)u!>=Mk29l4VE!c7qw$PzNtftV})fI%O zMH0Rz-k^N+?`pme&3@`UCisVybf@@#FDuM^LEF4P>g^`#dC;U@zbJnse&uaP={~r1 zVRk+6ZD!^<_|*I>?HqjmE9Wru|2+e&e}Wsx1LO|k5OI_^PK+RyAMd{gs7Je!5XghE zfWl^7Z3NY;F}nZ`UY8uF{(`18C*NOt$k*VQPJ8Y3ir+Rfc4}>Y!>{VL$@@E@@cfAO zcHX3*fnuOI(txG|ZPB3=5jbLulJY!>gpvkhfgXz$CZHCOpZ<6etFAiWmzS&_(?FmS zhO_;Cixxo=rZcH1(zW)3!z~GT^SMtK5{r=1^4OAL=ZBA?!-?BnuBxEMWZT_snR@Kc z^XP6-DWYZD_5Wz*XA272Vc9?fU(W%CqpK+b0sq6^c8c!sf{!nHD)kR*Ll(w=mo@)y zG6Vww12Y5be=h_X30Ub_82|g}XZC;J60p%T{Kw5OqTRri6F25r=Yw+C5 zc0E(#7KI`ZB$1HBBSjE&NnERxQFaB1$5RrBBNhdrP*6(J0qM!lbUkl=>z%)=E=z8w zdzd~=ZqGEVU{7bdMZch4#=Fw9kN{1^brt1kWd2vK?1UKMDMAqt?u{& zlu*D#2M{AFeh0{l4iKn!%7F$B0lUOQN@0 z22q0sPlUJ$?A5|?@op+yAmnA{03iD0Ud(u5P+-Lj7=SQZ&xfJ{(M@hPDkEyuMBCf? z5Y%CI^Z8KOvA~9|J6d*g23!OPco2F0wBYQ6y9S0Zp5WyJNg-O_fzyh|@nN<>Us`4m zLqQ_~Nd`lH2?x--5llj#k+|3S*Rer8Q9*RuADG?T3lJ*sgMVPq^R)uQd;{O~@pJ3* zQ@;UD&YbW8e>Vc?)6e3;4FO&1$Jm4H?kwHfrVZF(`+b?WqR#>am*8VSw7-0uk3r4Q zdy(`nz3<%UiBX$7%UxC{Q0(Nyf1@fZ3VH(iyo7}Ke+cFi5MYoH0iulXy?i!I>p*e%+(^ z<;UDpde_7F*~6viwR`qPHT{Ww^F2stYp-_A2f^)vuYb!pE3!Z2|6*5)dC}tPV(@eW zZu^b9G$?rEC@;*uPca3Lh6wQc<7t4w(w;8uQ->Yx>>-o2=aUpY&?$si-z^^FWe7EB z1}NZ*DpU<~5!5eQ|7P<8H&Fj3Vc?5%6dF4eeTnZ~{-+7U6Z#o45-PCZta&&afZvO| z6v|)V;fY1O$_qKIoboHtAHW|6GPkOVfftVRbSg)#$(~V zMM5(~7H>z1gw12sGwveJse3h>a<+8>QgbPYWuBNVjV7A00Fc?J%Ftb(K1_=`mADE4 zns~9Q-A=)VWhzDQ>dL~jYH8ElT~ACct42&g!y~d;ss;<)??c>j;|5LJ%?o!=#Y-|* zg{}@{8zf=oH|U#)R4kUEvJ|jcsXbU0d|AlDvWv4+sqX#^m(pQYo!M0HgJ=1uX!(~s zEZZFQH}?Uq<;6qxa`ex*TOex<^G84A%Re=S+&F@encwBodAh1c1vC3=H%<_q>jQfk zJPk9rjJBl4gz?9VhSX}z#F(2n`m!|C-b=vQs_v&)(^xwc%VpCSQJU%nX#by_w>)QAb8>aR>)th`)HJE+pS&Ll z#Qa(j-{^I%lF`tdA?$9hl4Tfjh4l-Bw77JH z_J=C^BS<+DBWzHXt=APsX!0C;^S#+}!(x+xHwC&pw_64m--zU%VxukmgOc3d;CvzAhFy+3!No*46^7mI zyT;uf2R!;RZ@t~11-HL#MAi%xGskU#I7qGZ~u}AuAwEnn}!Jc)+cX_Zr9|{V#$CV(iXIsm$vt zW)GIN0|D&k153>$nV^|-B2{M>?yOxlP1~YgqrLY{m94HUZ=9=T+cNvL5&m6fp4sqf zJ_H!w)F) z@P@@}NXxg-PcwWnPsBFyjM0hZY)X+GRDH0HrxhM<5DVn1B;Y1 z{-P^V5!KZ(NUiIuZPfgDEtB=xM-^-UeYLBT%$(s-#5EvYwDn;&;E`=mz{D1X#zLG^ zQX%TNeE&0lYX#uE_kKl~HP}fX#^*&b@7}Nzc_o=)Ng@VY?8d9A0SN1GAAbJX3#YCr zc|t03ocdO}dMDbBp*OUwulWJ5_WrSq79k<8`tcRV=YuW?xphv`ttsz4u1*)7c)WaH zpc&|2k+#am+ekr;i;8+dTUs+Wk;F(|q=zNAAaABdni6~ujBj@jx%zeL9pC&Q<{Kgu zgqf$lin12GLEWL0r+L^4+Z5>t*w3T9DtQ!Xz@&Y{%E~_^U6km*w{gCC9OqQm;_> zezoe#4}{~-UGI%bCM^>oLz)O9uSqwq6Vo8gL+@{W;{(ivwuG^_GO%Pw)7*eIXzQ0GPxK)UDG^R?AOCI>VME0=7&6 z$E2SS6|izopAT6M*ci!YEW{T}g2<(RQ(ML(p%h}{w(^y`bU7*QHc%Fb&hfKd&r$2T znMi=ogngzQ|K4h%D(=a8Fo%y;WM_xxh^a~pHWygl zM&*<~H117oH#OxZ@NZTmC96AgKpqYElZ)leJ3-+J_KmjAC`L;@c=i5ngVzQ;o8%}E z+66Zxpo+2~ATVHCV=Lf@?}*SPaqCX=`s`4Aq~L3knwTj5lZ}$vKeUyYx^8`BtIz=D z#0nbWSLJKov%|eCE94qBfFOFsT5TwxjJALmbcg?<`^6I&xadu)aI4%egUHtQ%n`ZT zts?if?AXo+d@3#|L1o!(!uRM&Tu|>h*W@qU<<|CN{&DP66tJG!^IM^bY8pT4d3~L> zg;NSr5n-F4RSy~4-q%!daLkK(*!tC>MAyQF!GTh@*w5(5mKi)^w2eBq%WSIw8M_~x zEF^jN$SLu(vfo+z}VvqtI!ACr}l@7 zC<`HSomw@^3XQ|yZ zs+6VkFcZyn_4b~>H7LUmuM^J*C&BU_npd+OlwYTJl(Ks%%-A5P;(ibiw;bERRZGDw zX=2NbvrSNL%7TsMp2=%?A$+cey5wAs&(rDabPyr5@ljmeT6ANFf6NaPkFI9a(Y=P- zIjiw(O*j#AjF-~cdnDw+VpcxK5RVJ>xiI;P@c`UX(vhLGMVZLJ|a=}ug5()qlPa$;#J z!r!B*!>&1|8^WnnSnIysNRpPxUbi9}6FRL8_IuH=&1p^4PCQpx*Wqj6)AsUTxfkV@ zoq{4x3B4(Ck3j9k@|3BWDnivL&8#kN_RXf+?fbh%*I{IRzP6?s=O27$&giIN_83}G zS$f*C4~G_H#R>t_q=*Yd;%ONTg=pJo(q%chZ*L;y=PjiiWKu3#9a8TItiJ=Jz~HXh zE_tnx4c4Kaqt1dDio>p8w30LK+?}IL4ZRp=gX?sfvI~(koV}c1_M> z2_6yFlppDASXSgYGf$X-xIx3a+Vzj#m9V|k?T+Asrh|ALTp9}|BAdzT$bzVOA4{x= zCB&r*c{KLb*?EPhbfZX?Iw^|fhH7qGKQaIPio=rP75&qF?2iR%%^11uogKFTBN_9- zT!i4rRJ84<5#oK(9Q=?RCf95=<3>MN*|vU!lP^0Lkkc_>n2ja(y3xL!j>ukb7G<{V=pHrp4Rlr{sse(NJU| zV>#ra*$7aVRQ9&&J#vZ$69%DMi=EjW2M|7V(|PQ3kcd9r>87#3OMyN=CQ@$271tKwN|qu0xd5QD)}Gwdz2 z!{jpmXUJLbl5H8%&;VL!VTTvCg!V6pV{|*<4Z$EEt;y?{ll1PhW8IOdXzSKj_fF5v zvaq8m+>dy`A|iQ-8Z2YU+}ilz_NbX#GgG_pT1PbWmBi9y9GfC0U5-DWnp4id#TEEc zJGfEqhw~y5y^cXx3K^>$q{1UfqVZ8B^16=nFb!H7sl1h*0?uOkJQXQ1pNk`+oTHsg z)cgi+KMIe>;}Jq*9xXmUej8R9m3r=L@f2)}o5#++%pAj;V+G8v{knY~kF82hzC$Zm zraUz^n{yy;{*iQRR9~5F3aU2PoO;q9TVFPj$itqazwRrbupjM$hqy?uKe4o*FE+b< zMo+JqG?~pDsl=)_r86wmas@ z*PLp#evaQH6CGsR6Q{2kH7y}pCfVfqWOfoYTOnvcj^xB8#bv_syi6R?Bf)sW z@UWgCr5;Osc1MJciyR0Mrimz@VY#lKXJLXxdj4R&}pPc1C@QR11n`{s>s>H zB~gG!dPm8~4G2u3r3#u}0=ko+=PO74$=p)?Rh`;S93PxZIFM!}qvYl{#}z>!6sRjK zpSsjipLgk6U0H>p1P@6l!Tm&e85bO4iYzDqxe zXgPn`=U(@K5q8y^HTV71wQA{NLfs+7TU+pJz3x)T)E0??k{Tb{TBYkmHko49U6E?k znN)Q!hoYBg6=rHNh)8!Dr=)fnmt|-&}tRC z5H-D1zGxmKl3%cd)^Y++S0jdEY2=;c32sj>V5c5K=Pk^kHgK@Uu9&@e7@z*d1P4+q z3$)iFN|#d%BNSM%6@eEzlk)piSKFZlj9u1|x+wJ>9~yXjgM3S2ryrEpEItDQ3nOk+ zp|2jh!F-$2WXEk%E{uvPlQ;$0I-ElAV^FFJ%?<%eQJ>0HzKsxk>2$37#(VQN4>4ms zCE9Vqwr-7!>L>$Z)qg#7xbW?7phgwZazwIgD4QqGEJNWE2~jz?7B5>2>KWnWp1-N4 z3IZR6w|lX7I}z?^OY|8|4ZuY*==^>uhefcvw=AcnaXw>D_rzvo(4YU&I7y>W_U^2e z&bt1A$Ep>bm%NQPLam80=~nb}>t3KCzrze1S{6jnJ=e7p^`vU`YRqb`e3$+fy3ETj z#*f@3ZEzfK+J>a+E~8^ld4qFiK;)l-wXs^OEO!r$rm=bQ_&#tzOZ zVQ+B$)>brqChE|fKM0VDnSnlYzBtM!?uTfiGt*UJNA$IOof4Om+?U|})QcHB7r8ek zy>sH8I0$w9LrkVL`Zv_Sk)=(%u0l$u>xwMGz@brq%jw??zYK5btS&jA<``BRu^$rdJ-s@;Ajx zPD-UpF{nXQD-R#YP171>#Vg8hpyxO(??hv^<>JW*!V1X2_IC)n#X*pkRQp`MTP0s?TPy?i0wyl5S+#gppO;u3%E3dwq#ax5#%2Iq7B7h~txq)F6h*|NKA z+jz>hZQHh8)n(i4vTdWwwr$&*o{5<|6EW|Hn}6U$WPZxC_Fj7~{)Q_|oPtTT7~nh3 z=#qOm$$e`30LXn^yq()zN zdo3a==>!8&}EB$_m1DcGP?1O#7?x_If6V?~mK{QFi?otGEaq5WkMfxNA!nj23Ce z7;)Z~qf^#8=t&&yJBO9b-wE96;QN}P5NRxKDWoPQhis><*3PiuZqkmQ8aL0GHCI9Gp<3>m(XX6UJ?#{E1`#H*Fs;MhQtauMELdYjaX^ipi z*P5?l_psEDkvy;C=n!kKLH4!igDpzQvA1u?b;>Ng|H%0M|BU%R#>dS0UtupM zLRL=Z|H$~*I5=7UyD6|37jTv2n`e5ea1df$roXd{!tOyXrH24Gz+X5NB?o(PjKHfLxH|{s?{4hgWny{0b&4m1P)}P?_MC7YXB6?m2z%GVlW-5H+E$@7CTkJmn+f zj~95IFei`!BO}uF&KVFVMmjexj35vT5hY|g?7Il%U#$GN-~mI*9sgv5G#7zCIzw-- zUESTDMD+Mw67JrX@OA<0xJN*_ETkzQBVyyb0&t5E-C0v5bNsKCf{>6jB$! z1!h6N@n%5J;oU_&Z@v0*{9{I6D&gK!QxIEVBrq^AL5>7(EBQs+xZxsu-1K|+vs{G; zyOF;Ae{pjREMKo6w&d3MghI7tQOKy?F@RkWzsAkrhk`%_iim=Vya5B)fhHl(`(7%$ z0&8h5-4Q=0VsZ&*chJsY>Vy%1VS_jNXZ^vx@evs?fsU@BVIO~X0{ykX3;=!T@S?yr z2G0&){r(k&TYye}Hm|p92Z8`Bs3~3m(Bs9+4LdALw@m_+`OZ(D|4rJAgnGZgPWr{n z-=EmA2@+qRZyp06gkD4_Ac&{{VB*uXK7X~jz`h?h;CJ~7>H&CYprCJ;sGbsk*UP6g zpiBRue&APgMmo~WW&qHKzl0q;GKkWVYx@Fr zDl#?FxdzI*lNOoy#Z)63bwp>Ho7KP!bEbJj+_`FIotE7E%y_mkgJSL#FpV}>i}hG% zPR~1&?_sajgu)4p$G~9z=TvS#x#RgUm^0Jb4+Y)=sw0V5tYhRS=$+7u9vt3#x;I{{ zsm+!5Q{Z1<8`dr6vF$1o(Q#rcLpm+ne{U-T8`Z@~jGM-*j6BOPi1m*#b;~7MT5zep z@l>HwvmR5qbW08rsi*q3_Bqa_KH=G)n`mgY2N=x_b7=7dO3B9sDwus$Y`Q~aT{Db- zKO|i@_7CwYdLe^0ze(CD9q9^JJa8x|3!G+6dF{3yVnkL@My?VkWZGx`xIPa2t;tyK z7`$2OSy3YZXDGvC-h@*!gxs-`EJIvP^L;X)xKStu7g0akRF(n*==@2V=NAtciqqfD zHM?a#j5DXr!mlFLz_Ba18Jyf9Leg6`-eNUu^0iaD=P23Wdvjj;tLf)b@%3D24XQ1b z(IFsLLHQ*E6-=eK_)>aCQ8q*08giiLjTq{7(2A z3s42afb3^*Dbuq;-T%cWFWewL0wcgkC5ro%&*XD>i6#Muk2I_OS-l_<%qtL5M>(_9$@V&vCpNl|5-yh=Gw%y1%QPo!Vi7xF_xfaN#Ki1C7Gz9>h zG8Gjo`BJ>wt+<^p=I-mobMZI3({|tW;Kj-!9ILh3>l>E?A%2}q^*93JvCef^&g>i~QnX$)kE*L<9E zMwDx?Pf?Y&bND;`)mSC%FQJ?(t?f+jdXo`pt)UP{nF(VCI*BF_aBUJ2^j7y%vTMS* zSC>e{cudgqLowZ<7ZB*_cH>szoVW{4QUBx(&DkEL(igpg9HyZwDL7u?qRJX+c2LFt)H^xaf+{MH@mNq zg)oW2LsLQ@t;LylvQOOg+4ewLG5Mo?RtUbU5+5HXBMoPeKkWo5sYYD0C?uUM(hfldv6 zXNt857@DYH8?Zsr*DO#?_*2UA4hg6_w9zffQ96DtW1j)miii4rO{jiN8CTYuoQd9u zD1L;GI(v%EpRsbJu-8H**X+CdO*S<{W{*Yl6HLcY3I0B|Gw%aTQDSBAlspD)znten zPlPNheT50`+zL}oFtX8u2OVwRfV2{6Su!+^MEc2#S7sUTSY@Z?Jd!J$pPVPJ<<1HN z1|}OOLLG_z^i&ddHda#p*H3_xi5ABe&24&>K)gPmQYKVotA)|)Xf>S2?Q5lpXZuWe z{!>0~gEz}ad&5`AcJy-f8Lia0{nHk;x(;fNK<@9u+eLQ@F-??f5ym0T;p`TUa3huD z()%Mw8nO zJ@1XRo-~beiZ61QO+_EtB4{|c4>^@;_mRKJA!6PEO-|N$(nR{i>p>zgS&*sZI2F1P z%O=jL(j*G(?rr1;um^=w1g!)}zRjqlJ|nUjY~!fo*`Wqi_FoD7Cc7o;C4B>$bW)^F zM}FggMUe#oA{jKZWQq;UGS4%R#LbeOd5E&XU2cxwv+vr5|rX|uFJ5}|(;c3IFg)A=SneGv1;uhHi zB0&PR=(SR5fy*saDjA^uv3X&=sdW&sL7zdL=ngezR7kH zkzZ#jW+!{U>54I)alIjPri#4(CS^WwO>oRx)Gvr>gdf9;lRi8t3B7&QER7A))hJ=a zx!xr{DbUVJ3kyqKF82Vqwo8gm13Wn=%)mr3OArg5*A(K!%V13A9({=e5iFFE&1HD) ziL2bhRPjIsxlEP-9;&K57`^L4SVB8Xgv}cV1Np3#`mq$-7SS|oyj1wIw6Q$$AUnu0 zx$`pKzQE>5KSZ!%9116-YD@#O`E2IMBA=oz@g~@N=6Va0DL^ z6xVi(p4wC_yGqt%;qp~ke6b+wAb{0F`EdE`keO=J#NXC=FgJLr*^$34RDF}jHs219 zjy=O@1!@dC#%kN;t##`oWx}(U6RS@5O+=chz%KSK(r}#XfT=&PJBmw}sZtg!ja4*n z_Sol$_TL^ysvrCYR_BDSW>$=&?!=||SS0WbIg!ldFOXhtqHcPmzabQzldYg|rZN=? z9kKq+d1I>0_2>CqfcR<|JU&RhTnL7P;WmO@_iY{cA*8G^^-@|Aj@NT0Dn)8~?h}1^ zv9v!FoiZlVo4MjVT9}8v<;Z$Xwp%xIH+Kt^9e`FZLfZ73Bwis?L1;SD@QyXf>)%CZ zq2|~8E=k5R9$W_;Lz&ni9A(}ycOe|^&$SOa+!;HI8|%qpNZLSDL`TN&-!!{*2g<#SS z$b6Cm#Hq=M0cEd_pA(vbE&D`kLH4emQ|M2&#?0u&ea6up(zM@@?PStkK(0~lNewd} zf_v?Aopi)O!|iXA)mt{B%Z)EH%53Y%L=w4|);9gxx!7eUcJwZrMDNOco!nfb^Ly&a z`{`I4S_aGh=n)m?{alu6yh8A;$tLWvi-n}DJkx#nVlv0RcqerhvXbDZ{PV+z`_MwT4w_w>QhT6xIg1YSvsT962mxA)UPh25kQlu{?q0b9& z%)}8VgolZ!Qj?j-W@dhiq!YU_J{tSDa)0s8b7`R)gl*MpI=o@&Grw^p+wv;>Pf~@L zm&YL5ul#(1yM5fYt2cE~V02mvt80TezDg8hINqEDq6cU^d0oW{e?9-&%__V`Z?dx`$-+#Q3uNVFpV59>YTwg| zvs2@9$e=($p~!w~`p8f!I{2ilb3p@H_|lgT=2u)UidO-AKJ!GNMK(L*b=Ib*-%OOA zYr8cm!XpL3tjB`c3x-xA-V+1N@2yCnFi%U<0S9DIxM52XzZN^v)bcu<*$r#QCs>fr zNQb#NNF0=;)rkJ`8_!dm`*9*SSrT;tAFCAnmFo9HG2BP>dRgwc;ovC7X zoTM;X-PX5@PqEK#$oh4mNojJ@S5_@!J|CkEvK~F5^wi-^?ZG&@C6BS=%)<5J1^=*qG#dJR6bOsLj-s7meTV5ayuD3sIT;`3r$m#% zG;PbXU7NF{InkRizvg_(f`q(oagUSAbskt92elLJGDrs%kO`ToQ`c2ntqR;o$?MU+ zry%UHV&}$sRdoILp38Ql8cg_SQXK;J`1iP_-KpHlkh?QA70*R$6)`6xLD&UeJ{8J5 zGY6-)#V?{8cW3@-C*XSjBcA$MJl2UX=YS_4<$j`N^KpROwV#cT?HR~got#Rpz@ah`I=U1+6(jb#oLGOM& z`ErV=6>OacUXG9hlM)IZSItRxQMr$u#v%od>|Z!ZB+GTRJ$G*MUgVZhN=q*&(CGq6 zR=>%lGnepa1?T@PYML(6^RL-Wd-UM3IzpHI2dvk+1Tb3oCxFTg9}c1lTwd2H^aPI+ zZo7NtTC0>;=p$N3;H>7ST?DUf5f1g=(`bh zO+SC-BkLN7Wy>Ygm*P`QJd!qDHaOd*#urJm8XeQi8_5qRZIR^M8ItRuDwiI*Ji|7V z?_l8Ec+#;hKuuSj(8N)gqVzcQ+umDQZf*~)a=sO?P`lai$W%l)3mB?-QXfKo>D(b8 zmtU7)up+(ykFgr{fMxSLI6qI%!1pHPb37jILB#ru4i`I=n9hqjfjO__xBya9j{N< z?Owpeaq5JRwdYqrGUX7!nm;UDj>oSJ@jIWhLV8+kBjk&Fj7-AIQjd*hFGsyom^k>s zU&OKzRgF;-O8fT6fx_?Usa$Z;#xC-$RMK!qT94XOfuhCxAo3TH6mX$ZSb6`do8IU; z3b!P^Wj(1bp8#&8a8_;#eG&>{Gy9_x@yIBX9pEQ2eI{nD5byM2TfYo7#HZSbqOx(t zl1jxTlH3xXBJ65MBgs~N>1x9l2-~TWkddFSEgZj52$>sXO^8R+W8N6D!Q?EHJ0{y{ zXs`W1YGQl=lv0>yw%k~#T##-Pyw<#L4`Lgmu}9G~!6G1+uRyhiW4GNLlb>EdR7hI1 zC5f4=PF(vi_%eLT?Gn%2lP;xh@FN!QJa>`xwvnAHqmnrYZ$4nTS(ygjq-ZkGt$*)Y zjCU3LBmv_;i|OLGvbuUjmrYVZlJhw7LTGe4MC~HeXKLh6*4#X0zSYdCZZrx8wQWGfh%5oS?HT$B~$|7?hGZAS8k6Qt_( zacTxhveJ`3Q^F!>L`vvyRN4xzjOGFO5;F3kHAT@FFvtoS*PpIf`SWG}-(S7@6+IyF z*?&8k7RXS9i}$!5);UVBsYp|6SnDFY8nkil`A}RNdNzL-Voqjf({Yu2wo0ot%+tK* zMd!ZOtj=Icq~Yf^WM`(7Zn8^0tAp7WjJ}vI(sb1TEeU_Gv@cAd#OgCG)UuC}q(guO ze#2~hYluI0lX0oY-cm(;KyYTts3mH2QEP>cTQZL!K^iCU@+L5#3uv8T>-bE|zVx2M zUnO@oXT-~*EMA&=5X8l4VB34Y=v=3rQfn!gy6~r>`A&XkpS{ohO)*4oS2&S&C7*=; z2Nf?!Ks>B6DPp*d+Zvf#4|+^YiX$MLijM5>wZ$N3uK7lX1z*Q3 zigwSW!ghQgSsH}(ot=yE?!O*on$rFmeWFM=VBr%fg^wA($5 zP{;1&S@5)Fe{=tC0V5wjsd$%fL6TaW5?qGZz!x=pvX>M;Zs4EYTd`23_mc|YthuH3 z!|Axul<)}C*JgJ?70U6wgj$ksG^MZL7S7bXWOBW>ha_Kubmt#L+kxLW*eoWjd;v$Y zYlZZa-`MVU)vdDVkD0c4>qxdLC+(>`Gb&&ZS_um@9MuvO?|3c(fO?C!Z5uu{OWKqK4{_w;Q{P8-_PDrX54@NInoQS>l^rro5Fe`@YEZbPG zLpPhU&02P|-Dyit-{B+mTJmkx*>lidwW`wbX71fUlJKU|Jo>^hsbgU16-ePN6*X8RN(0dawPE4Y%C!{3rUOH(kg_u0csB z=K^Cy!)5iFMZS3Q5V2G>M@qtZWoqo!^xl&3=wu*?A+%Pa6u;x7)qL--!6JN%EK92l zoVH)gN3NQzN_8RhNMDb9>(tpicis6diQ@kLXWOfYS8BaA?P z3~pQXWk39Qfp{|8;&afM8+3xs2=k!!S_=DN9fOn^848520@Js=vxNPapPcf%LuGTL zl0DWk%SIgXKcgEtoIaKM?R;WOVOc}>*NWjTQK4WV{zEs<0X>fBb17}myG&OEw9jmzlITSVW|<)LHy!1ho6+B6-y|A^WC zf49j0!fgLF2l_uT8_Rz=JOAG*9UCX$zb#vcae-vn+*xixL`p1+KqliCt7XQVD@Z%l zMYN6Xr({l_^Tr?x#}=_C5=2Zy%qg3*M&y-36p8boINJXBzImyB^0i)mpIY34IVU%Ez z`t%1r)I|c&PL~1=?mJ*xpyr<+LkR=}g@9RdbV=bp!&-Gx+{ zqXY{Lmc_riJc?{;9^7wvTS49pb_PadtncjVT>#dk2&O@X7Y4=#RN)Okx02ufM79{3;ze& zlInop-6SRndhypGE`XgyfjGiQkYfc59kA>ut%GR-HgISEO+hzhBbD(RJn;kR?cS^b zA^MH}Z_XC+o&y&&I43s^NX9@mgqU{=Q8lpyj1sdnXUQ|9W&1 zgou6E&?6vfP}-!Chx|*9cEM8wIPPyX67su5m?OMUK;KUvFXM3H4Av~;a~J%#J1;bZ z=A^Zy6{8R4`~D+`hqJi>2zmK{J_;ysP(&y&xXmHD&u>jJoY2n=h*$o0YDyfIfWaR- z40pL7tF!F9AlQGDO_n9L1uEcypOzh5xZhzD^8RP)X@}~E{a@PR{>SLepS|et z`1F-~@{Rl3KiE)CLcF#Y2-kY6jsx5x-;qn;i~SLJKhBC3aan@B^e48$z>tG%w7|yE z<~RuIAt>bMH35^Xh+;qsCn99yYwzD@?q{gxBvyp7Wr29RaO^h??EgU1Y z7=1(c12~!u{q+wRZ~_+={?+J2`sbE=gDIfUfDLMD01U{RO9!-+yP*A4i`aW_S?d8n z{4g;?#XxNtUqCobG-I{a=ty8-HvZj4ZN`1z65oor*T?6P8(-`c4%|Nz-*k>(11P{0 z8Q9{3WI|V!LO8KBrf0mbYJ5`2*F|_Z(D%NyfZoU}1>6=5kAfFkXRT@#%Zh)Zd%K+? zsuQPdR`&XvMjhYMVd>ZSo7nlxE4<3ryQo3w!U#TbINAdf`&%c1qEW^Oj83;*OJ=bo zb`)vt4Y$+!gf}OZW?6Etx*b}@j!Nw1{Iyjb&BSuKDMGVXS4E7E)Fh2ASA3cbG`;?(zPNo@4U3{;#qjSbT48s z+h0hsQ~0J4bust#soARYzifQCk>;3XoLNLUb{a1|sy*v+nNbd{UkXeZ`g+yX7}oi! zaqR|1eh48M2aX-oX)vtMEn?EXZ56=6?(GzrGJp{7jer%yw=zEwY2i z%BI#HQtgLa`?0&2oIz*n#qsmh6Vu`q&WTtskC!c>U=1|72#ca!iVR7y&%ob1Wp}4J z%`dq#CFg>t$Iz9svT*Pgv41&Cla5_+laII$AIffAO>)_W@er5cw9u zY$9*rP@_4?)5>frL98}%eLCq!i?Sx}io21V6e;wCWJOS6VY)h?^J~K?xKms0puBX7 z>U4=u3uwhsAQ@|)p2vud*mZGzkDqnh-xiK^cjlJ2qeqq+$nD}?K%Xh&Y)l**a0l6Q z#9g4hnpuTg6zMe)q$Lo@Xn&4xQlV;99b)c<_N+^sVa!EOG$Kw^S7+~uZ+Jro^P9o; z`ucZMf3+_biq0uLq>dmQM_qTmkT)Y!t0kjO%|<)BVz+S_;+ANsj944w5R*E)SzkIxh?O^I29-2Qy@Y@wNau5U=Q zKY5RZYvV_k7FE!3Kk{v}FxH4yt;1iGD0SM$xDc2r(MATbB1mhP`6! z>iVZkVYfPpcFh;ERR7F$y=F6V34GVnHx$$O*f?b_i5&GVK$#&L;~eJhX9XI`4L)c? z44>1yn!AGg{bys@qC(s;fUr@2 zey=R9KPj{=8d0hT!QSjHuzU zSi~-O2i4eMwbRfrurhkPDix=zy?7iEvS;W_C&4Dy5gW4?y|0__`zbYSZsu6lXuJcD zHx`~^EaG1sUbnfjZ`av%oG~n``LQJTtTFh?L%y&rOg@y)OC1V~G{A}*npEkUA_h-Y z046QB&V$(_ns(b5{8O1yuq0)Z8@lA^uA!XNxcAuUOaVuPyt#;#x1>#GIz=8GK1`~{cL5Ozu_jK{ zj$J`^?T1xs{+DdqTdKx5*>Zox(h*xw{+MZn1OoN)!)qS!1NjqMTenHohLbGl6A`Ix#SMW);f2&jNJwyIhvkTAevSTx1=8VPMj1C*``(4TfnmQ+-mdAewq2R5 zI%62w@?+i~fC_Gyc`%DTBKY_nA~NONLa1yPWOAWB$$6dgx_&YN8;ZN7GZ=?(4^oF1 z=Hm=uqyNsa+hhxe@ghdALguG_A&W<%Zh+L{@@9l&$_Q#`bO8&ve{x419zZa;UZCC}Qa z7417|(G>h_BeC_QW1Lc81czms56l7 z@hel49Fc!F=;+wOF{_k^W91*EZ>)@dhCUa1o*}OtlA9S%Wl8wt%SwtH*2@ZVmi>M31hHzSTrzQ8ysm#2jLi#B8=cf9F^c8!AQ{7Q`Hk6XjS}IT z{Igy|U+N}Q^DGm3imod%U6H>m)_P4RckHUwoVA(4j3yH|v#?ESxZyR~izu6TZC5V= z2x>p`mZ;e^OsSlaz-F+(r4dn$8Qb^Gli4BiREJPSiGq(Y-oz@*UfXgWCuPF-{QiUB zilT7NmAIdDTw!`f-J?Wdmj1X0GYI9bSQYjaqgbK0aj<=6(vghmQt~bZn^n)>6Crlv z2}|f#2&g3gmfd-JpJtfy5LoSNEqrNbWN%!?PXDL*hr~4|G9V~Mzk~>z6BASu`oduS zbQAsc8+vXp1nsil!=Cg6q00vE4>vqH*-H2V@d*=~Q%Ge4WCFU;BB;!z-djRCzWCZ) zt_sohsHhK?Jft3$kN(W@5msRKZ26yr++=9_YDdYnIyEks!kbXzP{y>O!2!IfOYIOm zS3FAjF`giu{YDs>m6^Q z)}I4nQpB|{w{zDjSdnsuNgfREGPl>Hox8B;_P&hzAL{4b&HCBpQ*y4Q`oCt6sVir? z_v6sL1d`-CTg3n^RjN2Rb{w=-+IJoxZ%6{Sj+XpwhK;viH6UQikFZqs0 zCl9THvraoXK0WN-IpTE>?0Vcgc85-<^I8i36{V=={W(Zpm=w;KJOty=gG-4J? z5+h%+AncWA^MLr)xmAD+pi=Mx?Wnb4vQZNoY)ZVoas^f*%JMi0VUuIq*M*w5v&ksR zUT3hc_j);})^Q_ej|`j0F@=kc11e3{czJqCWy0}z*@~8|8Hh4HkT0Tez!=# zuM+d?vv9fbv+?|B?}IQ4HS^=SG#0P^g42aPlNM}2%T@Caq@Fu)AAiTrqS7;pc)tp+ ze+Ca9w-5%qz&tT5jEKa$v&Vwyld+SrOCR!v0f^PiXC9PEp-q%FvLr-^dwM23#>)%o z`%iP+GDvWu))%;98O!ND03yEca?EH6Wrr<4^9(`%bqAZP&Z^J7PxSjp^Y2DY&&fuO zC`cyY{O9JCcJ~A=su)>bu_5ILNewrG0s)#s2R+|z#__tLqx-Dgo@`IELd1@?u+!@A zi8p+H+7{qcri`~EBI-t>23*y>?C=;vb>1QMuNBYRaZi2a-^%YpdZ@*eJg?;{L&*3< z{&NgL*_yr_nNqaEbw>=?$u1wWC>Qv7s^bKrrp5|WUI&@&=ACg1Tzbu>uLord-1*If zN%AyZU!5mh{{{sso%G;kR`jmB?kE9?Rk$9*=zmcwR={^a7#3+xj;inFV7%J#q(Hx>=ogy2pzxmczwRx&r~Z9>w;vE zaKwfd=atmRcF$?ZdJaFbUZqvw)KVGH+5U-}N(&6ehX-_9* zc@1EJEIqO)JKD+Ki(D*y4DigU8`+&_fOYsdx8PEjPW+&w9+fHZ<*|JJTPZHRU>t;z zL+3Be-n8gu{X}8e{i-I5OjFbB*8e(JMJON`Y(KL)KFAD;W00zLOKLyP+Fy2=pB>|! zt+s3#o9i-0 zoMD`aT-kE9OnxNH`fWp4qVRU4lNqeATpg090OD--Q8W3GMFF9RNX&z(943J6Sq$md zT&!n1jIyDG<+Tb6KM5H0efhVSH?-6eYUx~a=sw+_7Iq-^%-oyeP@h|(<_?&z%4$2I z9_v=7P?bY-#h|qY>CYD<)ra7Nk`FWU#o%sPzDz|L2cUTeOhro9Vy>w37eKuZllL^s z@Ma5gXYg}ai4eL8^qZrf4B9z1z_i=CuFPcdcEOR_m^pu#z1UKk7Z)BrT&TZGW}>aW zO_otJ97RiXNzI;1ETFAf%izA|b`XWZr;Yk2LIfA_m=zv|=^~?-+3$IucAwZ7=4f@7 zy%=gb95sSoc0U`lq_Iyj=ujKHOIu_H-A@ zOerWTRA?z+MSo+P`n7*VC~paHpm23CYR!9wQA#`oPHx=u@wCJ)uC38R@;u72f8G9b zk*^AP4FoA1PChY-2G(SjvC}{v4Lp~nNaT>)e0)gK6%!~CBEi^#u1V91DdS+-zfTjJ zgB?!FYjHsD8zq`bC|2c{88T(&e9$>JT7ygOR!XxzvC$pWbRA4Ad&t1nd;2oe)(Ww^ z>ueJ|6dC$S=nJDIEA+g?opC982ql!@E7yx(eu?~DE9Hsz0OJmC30&v&G?Laqr`e(OKY;CmW--aWchSQaH<|Ug^6F;*{$whGBpj3TY4`io&fhVo~Yi|0{F3eyX< zpm&iX^%%$7tb|qWwV!G1`{-STH8`7siTJC(8WH}2cJ?g9_>#{uh) zM33D~kJBddz*BlhrjkdeQ<_V#3!o$L8hgM!8hC9^Z;pEeO>;8TGvLeDT{(B?Jl?Qb(|V@ zVgutTSYNhzIre?g7dMWM<@-54wM5o>gT6`O?#cXcgq{g4FnZw;|C8ULKUKx)aa-N?)Zn@o0p3O?j zH7h@A+?&UpSk*9`se42C=RwRtTj$>Nfez>XF408Qk1d1dJ5AvQ($uCH+azsk%#q4c`KUtW{CIx&Wmo z9@!pQSmlcq2CDAv87|<+z9^3g`L_CBV6G*8on|sXBrfmBt8NJVetl*){lsNCnbdZ8 z8;+1g;3E>wc) zP8OARM0%@s4@-<-;<6X}mU6)MYMD`^#=)^l3M(o{TWS_vc+#YgmT)jX1;{J;3=o3mMyZhp-Vy?_e*$N z7!dk&xsPTr0!dT$sH+GhwSQ^-nF_Q)a3&gJUYDI(tO0n^b2-C&U8Y^OAvU5_jnFhE znUC){StK*FZ!{D2@DU1PW$11A+fE~hT;@<4()rrkZY@c~(vs9FZ_we`*+0GMo!q-1 zTHCC0=%qE8YI&FqG>>r;rw5&z+fv!aBmF6i$#26!vYsMa+a} z!9H&*qABrbmH_;Q92r;{`dc8jjlS=z^V0o?nb3yx&H}&ict{>7dhTALLZsu2^@el| z{1HbcPGzw}?T|LdGkKkJuKP|@bxFy1H!}*>j=R9XRK~{3Vj|PCal1{lY@r z$bOtM0Hv#LXKCFp3&o;eG3!UteQdTWYA{h}7JpVf&IC$su!u!Ve=BIc0rCQVa z*gf~_()XF~W6j*`7i?h-a9kJfBzzG_5U~fC#~T??q!xr3$S07WACaD)pP&vpx-b9) z=JopuSgR{w1V9NDJ5d1T{NM=5%|#Ud@%aU10OuZf0U4YGoO18rIo8d2biOBM?ar$QKd! z@EW=S@{<}X-}VCLT^XB!9=2~58t!Mp0LWRuW33|yNCF51;&;A7Q557N{vo`;H9SCJ z1?;pfFyB9c^@rF2^cxpmAV7UrfA8Dl2L>$k+pPs0#IVM$MS%dYh_nk78UVyao!JFt z560eyZuJvo0UJ0N|J{7WjeUU7vB^1N{zYb?l>h7|}pnU&Wcd4u$#; z5WvEM9RQBkm0v-R`zJpPI8LJh^rPBfvB}5wC{UcjKbz`UFu`j-*ldD^NCDNIoz)2R z4J)H5fIfL3&Xi}un;j#F+dCmcs3KS(O=F-w;N#ej%6cInK5dQ$Gr%VJ8f2;d@J<_0 zFI2$H^zzqE03m+>LTq-ke);z=7(O8*gG1sEn7Li=8wOsKZ|% z`}9+T0f~mwPlh>Z&G$`uJb5FGE6bgQC{qvx!AMoG3}4wS^$n`#xzwwx>dG-@r}U}f zGBY0wPJZ3lw|@6*>>jMTbOeC~Jay#`lga=e*Y{g%vr3{%{);2+&+upPGw zDiH_#@u>a7+2~I2gr!#j#Wwr?&o0)`w!N^5jXO_*Ef`C0JiMI)BK=)(EywW4)#lQg z*%5i45-#E!pF=}lSN*&zd+kh~VpW(qtHEd{?^UhNi&Ox+nngvWPn9Q4n&Rgudpmz*U0k1nc&q9@L(^`k72=AfF8d#=Tp%kppwoI{pm83)s-3L zUf_sgC`mxpNX3^Ta0QOq(``qpf&#RSnCLY!Ej1u<|47g662K)N#;HM>Hb|;kv;4gm z6dC{7IOg*!ld{W$05oZIr?SqpSW^@4Y-bZmBP+qP}n zoV=%IPR&%E5A*H*1^cerYp->c(`$X~s}+pBUmEHEGt6r+>z{@VR&p!S(vWniHN z+vU_RcN67Lc=Xnd&(7w)coUV=K&IjH1|+UgKa7v9DM;XKW+1-Yn%Gex(x3DcyPegy zDO&PAcsw;`lEn$q79mKHyd}{ky^Zrmmu865bI&D(x+Xi^i}@YY#Ufpy>-@dDR~=)Z zFTJkkgchmI$=C4G8vwMt%re)uu)KpUAsaOIZ1iEjzdj5ksKX_s)GUJ78p6YRj;FTN z>JP?Gn!U90k6?VGId`6&&#Clti`u0EEBhPu$*o0)qDKg_R(0G+ri2Bs-a6z_IB|{J zp|*3=9GIZ*|O%Eap{BS?&w(Md^ew} z2GMN?fE|v6gZrq~dS*fjm}{vo)8|92zG)kO=vx|4HViib*6*yuU1D$$A8!T_6oDj1 zorqB+-^x%AS1olS%DQ=$2(!(AYJ}!_jTRi+d)zZ5JZF#S9cEvD*R}Klyh}{&#vS7Y zH^8SuIkWR6=~jnj6U5Bj^ikvXWV|Wkc*yK42uw5@6AX|4l~axnpzI-PQau@Llt~j{ zhU3sJEpO_7&CQYD)}QkZ+o^Tj^$%tlcs7-HP4hMYtS8;B!4zN2Ac1JN_dtnLJUU|o#ZZnpFS@K{gnk9@>Dvc_8K z|1vvDWM|w`%*=5_OkL2lq%i4lVAmEgV`x`0m5PxY z!?(b|-tyhex1KY4I#MuJv=ArCCGuV_(r-nyl>LtT?B6I%-XVrX<}d%4y!5wJhm^Vi z+od1aW5X9ly^Gef>nV!h2+JFpoSL+H%FJW)! z?)>8`DOnMx4Jp_x^{*pIaYDy&WTE@b&$V~L$ z!ECtSvonm*by$U7m|FJjKUbdir!>buO)G!~*JVAw6VNx!qR_EYQZ~`C{7aY(3fv_f zu;Mklqb_H>8~W=hemg?%_S7dO0-brn)r^|6D<(==F|%6llCmCais{}YGIa!_W?vAGs@({IIJ5{fn>x3TJKHmaMX6c~cn-0l6+G)G=>s4aU*D+)x&0su(kwnGTS5Y-C-wE2jt9;F|Aq^pyaV!`!w7oM9I#mDjOQx%_JDrg?vVQvtUf`Fv@ zkf$D%J93 zl4j=+nxpS9i%A|Fm)8vy+|y1v1l;6U7kI(i1Q`Ui?yGDlbP2@!un#TH+2;a%H3_aq zr@>&7ZBF8^pC}oza(E5-Fx2R+N+g_8hP-X4U`sdLcaMV=4P_~5ofIqX7VVo#c4uLO zE3zsxL0{{n5+18c9utQPf)JOsD&+Vr`XcnhXr(gWsBbiv{m*#i7O9>)dIh>hR!t}% zHl?5Ql_Cq1o3q(-Zn!hfs`e?TJwQ4cRMLEp=0ni0W$z%+8e}&Jq^+q6J~&q^nX{8& zDk{h2VB(9*ea?F%+^>O;&D6jd$hVs?O?(@=)Op%B=H~9LbiMQ}Q?+y0|Fv0)ZH>|V zQXX=xGS9UoaX>|a0ZGh}VHt|B;7Mf|*lJgpBGZ?6)jqQD+*vO+xI|BNhQCRH!_Omb zz=?b>ApGfoRnp&`rNrYVX{HAGPeKIi`lJ^z2xgcG?J+Xdqa3M^b5`!1h9<1o_&HDp z;izy_(Di>QS)zi9{=(dZn`aGeB;|ijp>9#~2U`@JR05y&TG2+_QPL1=@7=SBTG}iv z^2j3SvaL-vJ1%9%uQW6oL&`-+ite^=vLf}*hDjR((BCBMC~?CjEOo(kFB?M+mc-tB zN|~Du(f2oy4z=EQc)D#AO^BbMG$A{N-ytJ8VOKV-M&{%mG|sx1YoG-!i)Ki4*?!N- zbESC|wp_QW-Jm>rU@$STwBEiop~4eCZ!8C|4hFB@&HBJ|y)n(?HSUPRD~1xcNw#f_ zo}4z$MBc+SL;hUJrc!z6*5%J$E{%`8ZpdA;Wpx#@$hfanGSh|Fcymz5XKsLQQY?DL zKGx5ul5E8;swr7iQ6RFcJQ~e|&~md&&bH*dpW)z83|=bF6ZU(~pa!8`YFCUy6Es=1 z=F+f(-nez;bat&#yu!bnKc`BPu333kM15KSeeVEw{qNiIAUL-{hS6$Mtj2 zIaCrDp<+5LOx8Akj!@aORTnMBtS=yid^^n~Hny4^2-#oO$FWP*7jt#=jw>wpGlYX| zt@3GjmSsF=MjnegyZg`HM{y@#i>0>7;9;X8BWovTv6yTUDk^DwNj)_ueEF05u>!$YA^L4TRSyrdmNHlm9v36 znZ6L6q}atPAyXzLYQK{(3W?0FAhVoP8I?Im^;KJ2p%q_&z9O36vkz?M9?<2+h{L(F zS=~c}`NZbuy3y_s2b18HpeEEWg41-UsYyK^(S|G2-!D30z?$yQZ6Huu_lE+KYm=v) z6sDMwul-Kxy`?{Byp5_N9}0}bxLi%LwVa&*`fjBU?-2jRe%SuW$PectVmnLDT&y1l)$>SG3u$LwDS5;uvb^Vd7UoXcsF zPb&40*V>3aj`FJ*9I?NjB7KGv(DA=&E4~_`WqFxarssaE&@^ET-Z4Mjz*;ai0{E+I zd6bEzggKUhUbe|$^R^KjX(?zS9~6dVO8cBK63z0pq1_C12h|AnPqdtr<&66piZTg& zdb|IC7pB);C2jSsU~UV|ehkg;9^1C-`d_fG@0PedT0+O{Gz zBS$ydD9?t$T@Se(L}@i8&xroDzl0?ei^@;TgtbzzT6?)<%zIO44pASFeDv{Cv}iBz z!={Iga~47-H3Nke)4yj-2O-5zCiAbuX3`K#y?vxf;dEzu%VrKw5@0tG<}60pkBLWf zkPzAKs0Tquw#8L%76FW)2b83J0{V0gd3Svws{K6)F#a7%mYE^h+KAE{L=kW&Z`rb7 zrsczk+aLbPa$(+KVxo{F6v%Ls8C+8GWFppSdYqMhzmJ5_k_Z-Iy)TNnNx%C2S1spJ zrGeQOu3)HK;bDO?aq;++X1K(4@532kEbt=1MrO{H1fd6f3l~%MWjAy0#OKE3Cm*xe z?2VIve4*5QAk)3n$n1Q|?V?CM_`%Ko-Bn@&=?9gDGiuapZqBrY6!N6iRZ9xVI{S(>QWBOhTLao*g_dDoLC|i|N7>AoHn}yA3 zGT<3-Yv=9j#crkZ$u!p8AY}4<131nWjj5hCy2EARmdLeOHJ0P-|D*fW6XH#%J;k7i z-9Ic+e9UPfeI%|l*%Z5x>YrmRcFtep`&~3sLe2&DAkCk0r&xnZ7s^=YLD4{9IFc;h z#V^%=RLdZsdv&+6<{2=@6Y~~K#c~rcxqlwU&s8u{H^b&@h-<8SO!KdGxl9GuQ3K#Z z#|>@W$bHWb7XC2qfdk#SeR*NXA2x^6!*{P_mnpS&(!thpIWn%VS?YJNf|v6y)wF0_ z{yxF0_@~E>rw#M+=+9Ap@G@~I)iSJs_q`G&9qJqhN;G53%iOdOf!9cF|8X(DQ)}Bp zaX`3K%_t~`@~-199*+&;GOF%*i*8n>NiNfOB z!Mj2+B2D-;x1m1i^4)ilj0(aZoNsa;Amol1>4|DY%PCA-DGE(;NVpH}1Bc7}r9#Ri zY}i1`xk=4Ji_~~S9~@pIK3(`}Tsn36d|D`;$=$Vl+0nD4Y^rBb^y_?bZFq1{axN&4 z_taZ4L4~EfV(5O{b=Y&`u5SkUkuCXWLSB0{qxNrwvzN3Mr)>fIu}i1EC#aq#;P%+9 zzM_GsA8wMO7;l*kNH}@FGxZ9cBKwJEZ7b}H&V|CJXc3dksB_7MCOg0Kn;ZBVE>r*+YCs`(qS*Z$E%G0{Az*crH z6IoNDB5Z`q56YYGdIZj;zvn&jhov*#V9y_`Yh#P;_A&Qx8#+EpZ-;dcf6aX;q*f<0 zRXLArTIx2@&r!+mjnd>^u>by-d@IOi`n?hSCsv7SeNiL7QwCjEb`II!<)9j7_BWk5 ztfEYYYh+j?vDNJRNiF(gLPS!O-PG%h6l#iXce2I0hX;DV;$$X>rX(S`s;O>`;N@!) z&Ywa)d1XXa!*)v~mga?-y4&%VE6#Tj@w~N}P7;O|m18q$r$>6N{k1id@!|v~idhCf z3Xmdxg_6`XrRevGBhc~<>dnUMDCLy60n{U{fBHJLZeAA|Z_+B?Qv3`J)mLyHl~K)# zhXG&2oMvdmh3E9@h}%pO1ZEe;cHszNmbi{q7J z&!u{qgig>JytSL<>U`F}cA=Q8tZ`%t3vBWPZ2>t)c;Y3|CJofVuv|@mg(leY&T^~$ zEeR9!0qYu%-po{Ze=~6#<42vm7qcRpn>K=TuKb3T>iUCvBcE3Nzk7Bhs~wK+;8$^4 zQa+xmPb!{TIc%UdRojI7RhdZ}8}>pS?lbNE?%sC-ujDPG)q;#%Funp$OO8!T= z#QEP{(f?a<yCk|P;mS!#NHhWW^Fcz#2nPzs1lm8dDIqD5Dpl^66jazy z7(|&hM;Dgc=NsiX_3e74bH2r9>3!ch?epaG?6ZCR+QRt|4Tg5{vlFOF3PJ~j0VWBY z4gwq`Ksf4)98XE*$2@>zgE)f>W=4$6D33xE-?25tD#yKm-E^)dN!F zL<_kYFmfZh(5D14arBE1VHcRj3waS<`Vww|eeq-msv&&YKKwHIrUn!LkP8vWli+ZL z>O=gQ*yHTc(FfvHwH9n(c%%ObiGGU)wRjLSy&~B{ZJ-;368%?5RFx4(fbl;eQPhZl z_5xmT-rcHhF|aS{KrUnSpiY#zN%#-}&x9Yt@mEZMAk**_N0a7>Ns z3tLcUD$flc$ki_Ryuz1suK?+HFRs3sAEktnjEo2f&^=I(SDsvt?qT%jhJJV8jxM7~ zKrWDLAx{r53m7fb6;S_2JeZqMhdvPN7%T?b&5z-z9q-o*${LfNgcQ;s+S?3HE z=m{YcyTAv>BHGh%12>~*OX|9>INJFitpD36hv9DcA3H1i1Nj0LlaMqW^ z5u(p`>Z0~8)L*_i)UWgPfYJY23cST!0Kfmd892Ffg$k*i=6_Zd{22)B_97>xhVaW( zK;lP15|b0k&-Vjj9Ey8l+}@Ug00KvrU?m6lOJjoC@e_&vX#1^C1ca0r{9qrP%GT8Zht%6*S+CS_xH$Cz*7ENf-9c)t@QN;)??Jg zN-{FRhE9%gs*1My{9W0zM{?sHq-S3AsbA-ATS1xrzMlw0Vcmz@2#qMJ^)5A(C-W&k zT`*h%s_}x*75%2!ISH#Zp}-(wSoTmwg%1tzcD+5UB#GL@AHCot&wjOwK4Tp8i|$)O znZA=tKYfU$yrtirERWvHxy;VMNN5M*5I9wnih;v$$`=xRri|H z0Vc)dX>CMjtEHyr6K$E2TSOfh_SzQZ{53SV59SWO{l!;QW})76;ALNb`CH)9(H@S+UU>qW>mf7JW|dX2Ie|-PK^^^^2P8vI;&ouJn)Ai45l{T{B zx-qoZvZ}AhWSkhkn*=;nVu{ioO?ZhmRPP&;4#IF*j$F5=vuVj1%{l3_W>=JH^GIwu zc~O~-`5nl}X%}Yl^(s#+c4Vh{p_BiCO@77&PTB7UEQ4!l;xMfxD;+~7Dz1VZRbRE| z%L&kgsRXj^@O84!_!ko;hcZW0xyyPfgz(T+6`g2Tw+}@JLMKMY30_>$+wdIl$K*=eAS*Un@fpvPUPwmld-4%*%}=L@aBJc5788D7oX{gQ8<}v5A@dp z!k!r-xOGk1G=r?X@Hp~jmk!qmKrpSt2GR38t@U?GqJlWG+aCI~%lO-$EFLgW6ukr}337uJ(p3DTNIE6gA^SU)WJek0cO&bj{ zd@(41)?i0_@WJ~Kc6<7*sjjIkzN9IC1$!9XrmSRea-~S4H~Jj9#&{h>{Z2xv$U=`P z<@CRgSPqD7ww!=aBuCe`B*Wf=ooioWf)ch7At|1Ir_o=QKC`*uU_ zBH3=ml97I?3*;W+Fjl;yFxFs~bJ*0hslTnAiCVD=YAXKDYAcnPt{B1KhbLsp_3$8{ z$E$*;gvKx$=ktD>Y$P6zQ-Rgg^iHaz=u?*1>h}JQ#_@5uhwQ@H6T#Q)$;J$yD-{2E z!UdoLX_!UnQ(7@#X6_luzM#L)0LSECFSPh|bLNtaY+7zsw*C@0+nF%=x{(z;5wWjy z?KL716`8&-llYYOev_k%R2~*#$-q;6v?2?rMbHi$=ZUg)GQWMOJ40MOn<)=~x zcs1+3IHMAHPdRkrFMS)h#!y%YdSATAB+=gyXtao~yd5)5{kg&u|0SgHirPv?fckC_Lv1^} ziEA?L+k9!cY>A_f?-KiR*bV~5oU3P%&}EC~aP_$fm#vL@*q6pHpaV}akV@83@ZfgH zlifAeMIp+^5x;R6jhm&GsH~W8Z6iwg%^~<({)T8eL**!4U09OYJJO+m zEIPn~7u`~G<&SJXX66Ao#8xu%kaBgJ@*ycI9>^cr_xx(p24pWKqN z2ik!|Cn1lTqmncMn`)oXnLaB1Cr5JKB9ycXg8j8PAsL%LV+W z&_0p4)Gkx;KbeRawy3CT0{CH&bnRl|j6(mC?eee-Ox^uAOE>)Km1ZL!eD zgDRTd_kXnH#qnhOV6hCM>xZL5GU{t3+bF$M1DvbB>CaW1fHYet$QkK-z!f#=|Kj&- zc_LeRaI=eu`lYq7riWZi=uiuDlynD6)Auf zIo*1Z3?*5aZ}H1yn(-jHfCfL90)1lfn^NIGDrE%eMgQl-Pet{V-WNV92ck;oC0-=s z%#jWTh@QQNfsj4&X3jk_(IZ@S_T8%eQatTLKnb3&N?m_K=68Z~1aG7;?MLnt@|s=gjwUVBYL@=$9~`F2_#F3cPFAVTI?p4cks~w3QGDG><=iFw z!Cp}NS(GDvcZABa&fL*8!O7CJv}Um7Cxght@D6Kq#g!IDP@aR{aTv2;u)jE za`y=7PabHa3w?V@{n7JVs19vZ3!R~TgGA})KC8o(d$J`jEGk9Syz|t?LD?x=x@?HG zq~QHC+E8l$IBeyO!3*C=h?s6|qfBscHJ`lSFDH|8hfm?kl+DY^rA_%XmqOYMV`DZ*imL?sNq)mSRZr3R?DW9cut#Np;Pezq%Q6 zfTF!!4xE+Z@D)4Yz{3_?&F1yj8`+oJiKR^sX@n!mZBV`gJ)b-)?Qb75k4TMq0BW8> z6pj2tnC?PsMh%}nxV#SBM@XXI;JuyQrcn+={*RUNbR- z@#uj~Awu@{Apssf1^cbn%^ zdZCflT1>@w8;J+Mvr9$LndW_3m>S+{=!>yZpvS>-Ca83Hq1ye!hi#q9k`}+q*`?NH z)HJ>1FXXR$RQP$;^k`R zsg#s1)WXsebVIcuC9>q@_#s;Ilj+@(PPkaL;ikkclCh`VlZ(X+$@EVu=2?31tbgm9 z(%1HXIyw5-9nLgIsmo<6f!v0h-JmE*hScdI3i+2O*@LRQaXjdcn<;OIm zZ`V+GpEFTrr%K`+?#u>ts=DM84!0xmFVyX5=e*OCA>6*<+?51^)$oeZ8TtyZ#mqST z@3XTls~R}`{8FP=>iHZO3p76M4}aNwD4#+d4{z;9U4tM@J*R*iHGvsuzbrmdBHsQ> z^+}IO`ZJt$0xw+#JxlOLHlpgTaiL@hMbKBCePvg@XRc|ALE$6kVi`xVS zv0OtP3`G~Wm~FLt<=BdJ&MHC+Ny^qD?$u{t6kYLxR7d53cr^dFhuXJy$s?Pm0CPo! z=I6hgJ-bTKc~QdM+ziU+A?Q;G`!V9Mr($u0+jV|+kT_&jF<-N`Vk|qHlEZ7Z`F%J5 zA5!pD$O3B$i-YobntlGMWr&NB1EJkUatL-}tO1o{)=@CKfyAh?GvB>Dvb%VDQ>vfi zYFFjChI0)}TY2(0os;>sZJl4oo$#+v);B4a`mW00%&2P?zAO&;S;~CeW0rst)z*wQ z%YSX&vd_ngX7gfP>pAE0dc}i_j?V=pfpH!F?hlJmQ-gJtsr-vQ-}-pQ$Tl&$+v^Ee z02?i+tjhRa+5txhEIsTKF*GZ++uMwnACyfy?|!V(C4${=|9KqzV=$ z7ExPbh4+Z-_25p(OS9-hIql|0Ecc6H^|8m_v^!A*pu+MnuN!##3)pUrQSMwIX1wDD zJaawexUXKRzPaZL{TxSk^O~Ax{ZC-{o&98T8>GQzEV9V^viBR9%`M;>Br6l3T^_ml zS?hnIX(qSC>|GhFw|tUJSkM9eiAX=deIk}Hx3$=11=r-(oxc^8piZ%ByqwE^_CykDU^T%uGw3>cl= zvNmY@&&>{p*3L@&A4-j7J3Nfh%M-BW%UxFxrl+nrJKSxD!x?Hb6kH7y!n85P&X%m2 zWy}|9NyFCDRjyahDrb2sO?>qkPxibpEQ4%Gn9CfwF=n5%cP#IXL_UDp zsbFvxMh9a9uZ1}Ms>x;{6GU;~MIVb%D)d}Q&)zR!zDNA@a_u+DUN-1jb z7mDDvg_)aFh49)oGRx?lqK;TH>_A8c`O@Cr`S=*J!yJycPIRX%$Z@n-Zq~~b>)^D; zE)e73^C*-&G52u1M!48b^tHiw?w$#?^N#tk#;W9ZIazd>(*4B8#bEChK2UH5i>1-H ziLFi!H@guY$~N9qg!$eq^MVCh+7;WDivJGp`qvtm4pP+Cx52s027M*|DdKNorxGfg#@97baimX~;7EaQs;l>ao*_;O!G_V(YMXAb}C*UtZ_9$TgF@DrNkN}U+63AE*?ZzWgRZ= z>7(;7{W}Zdd6S~A`NXK7!2aM4cf4*z>fHThj_!DGcu*y`5_j~ePs<_lO_c;NZLqEG zl}!z#CaiMXgU2@ynZLPTExLnq7ffH{xcoMKKnmf$7(|)6Z7wWnpzz}_aecUNe2MCU zBe-j4+Pk0KW&fjbX~udDqY=kM{IA?kdEKf~mmjQs69C^VuxA1`a@p(Y&&f&807^R~ zK?$spvTk+tM!P)Dd;N>wBXc^iTWdXT% zvCzcG76axDt;97h-7Sq7kw(u%nTDPBbrSr20}S&4DJd2>+m7kvi;-h?MJ)6u$Gd}Y zi10YvukiD7WnN;m8zz?ceJan?jP!L04}r>{!VB6xR*s8lN6`$8AUS7GR`Wkmog`ls zyM3eeHiCq@J6~Y0)>-BHv5N|dTpCS#|5$6Kg7T%Vl6L@e!nxP*`LJWmFt^Q1EMH_iFIsym5H@eW#wke?_=0kY9v# z{3NU!AuAl;&U>SgpRJhmqBZ7_iVar;3FmWDA=w|dGBvcp-(QLr0-mb|kztz0I{>Jn;pjJUEVibH4L5}WjOO~3Y zd}^y*9NagUmUA6hCml3*l#jOTIY)P7^l^5s)nqtVb~sm^DF#FYsY#LH<=PFBb$0fU z#jysuWSvGL!IP9M=WS({i6xiew|LdZ=$tE--52TFaZ^B_y1t!pmB`oASa~4EjDHK) z4%Ix0EKsbig?dxJ^4t|Y&Ih;LXGx*~f)BNAso+MS9$GNeZB~KRon_l%|G*TWt#13K zt}k0V+Gq*T>z{wbm^@*6(Z;P|KV#zDjF8{zn71m#-{51P06BxdCPcQTJANP zG)37=9pJ{g+icG-5xn8b0%3G<)1^EKv);}{J0s5IK}m1#PrzOZfyMh}%08u)Nm1#) zKAVJlJlkK53WB2Hf*AwaeCP=-QN zxCWLj4{Y$I)JMeX^Z51;S`+&G9fYP3OwVuAG%JibK+Iv@U3!WghU82|N-duYJ{I*u z7Mq$?Sk#M~=>|^RqAL1f{q^3?QO(_1b^?=WK?vL_`V@-8-CzSLF(@x=>Em2bCb*Bv z#rXUj7rN2qx!#WRuUz&su-ralMxW(|rs%!-GjnZqWws`=GV;_RxMU3rX4VJ-&ba#X zBg)@O^I-&D#E4$)D^DJOtPHvgwb>m(7bVUQ>+ecxPo0n_<8!EAs@MDgv^N8KhTIDogGc4yq2PEvpbhWY|KNrzZ4D z3ip4Zx9#?C2Rd9&!G)yHMw=3Y`ZzMoLi8LaTI#L`B4EagXK=EBUw7~} zSpB}|VK4$qp*hx02kGMwiYyccck#57&f%HBz$Z(?U~YNLgik_TUS2F@6tYav#u--JI>nTAX}v? z9z@6PeJnC(gh_+cYLdB3!+u|A=o`g}Cn~ArVOcMROL_Sd;h!9ycrFLuDzPX>Vmq{f z67xpKJJKJKtuXV?8OKXjLTUNYQb?gF=TE)@WQDAjoJ6dUK>AiVWAUk((pSZSDA$Sg z8Rd9b4}u6U$BnP5{aKK^fIyvWJOWuf2h<3knSWX^&VPy~&bjXZcyKqTu03)Af*l25+wj%% z!1t^ks%r71y|&@g1k*?u%L})|@S-&9K9Np)_jy*!#H{B|nphVoRuuCoq~o)Ta@Coq z%0NYBayxjKU3y5oPL&txKqE!Q=G-|{YU|2YExy&@ilZO`M@dXYLrew>0V>+7m*&frKT{{*9L50x!3qTItSG?=(Nh$1 zcOy)anOWOn`Sl2O5PSzLYGhOh<{JvCy0L2ph86&ZEl@LM=eiNC5QZ~@1}@rD>+>zq zOLHAH=rIBV`~LFcM|g#W1anz9LIL$4sF&qWZU={Z2_FjV%Ldm0Zy)-73J10WlFmiK z=xe9Ez*~U`1`oLh!~upDGq6M45y!}h9oCL(R$hR}`rt?M&3XQ9j|BFW1+M@`dUx&Q zTi{D3MCc1CoU4%34heP|D!>hVO|-EiAS~;Rw1i0m6-21tjZ0*Mg+`CR2QSznh-;6~ zO%n>lrW)msq#fwH-Y+lX2gK`)M_u|cdF&E0J%#*i!sKNSm365x;y8>{vjYQ&c^54{<~9G-&*){ zed!3qm;0+(Ru%ma77hso6g1d~l+=%ycn(E?it3l%4F5cqAd>Gm&^N_zNOwf=q*rA+ z8=3F&m3IbUx9^BR#FuI9W<}1WKL3tyqE&>N0+TSFzRBxq(3pll>X|@r3Y@3C2EpCw(O+;r)Yf@)*N(uQ9aIus(FzGrMxDTAm>x zhR3(bIpz4iJJdj-MSFctWmJSvpactue1I5ZF(f=I$QUqUsjUFny z<2SjIsFIwkyd?j`wP`uD#MU0xO zQ}ep`Tb#$=%0{#|i8KLX=_sa2ins@VQ>Vf*tTEECGoK5%>dg|7X<@TGp& z;T)@7@L2MUfmt+Ihoq*(yxxEd;u7ylG?HcC4%qgx6WwoKT&!nqWjobwdUaM&k48{p zi)s4mG;R1F@QJmFbG1cd0c=#mg&XG!F0~v5 zgcM~_(MyaBz&Rqz$4d50Y`%cfq!_+eu9R3tBpf#7uX-SyJhz*7!Bx{m8@f6|OL)eC z7btuhVQpj%hQH{V&Kq>CyhG4!x%@{MB|t{?u??1~gmP+h&Wf*?dq`1y)U~(bH`>?6 zKCMo@ZELfHyb_-)q@V7ChVcHLFZ3MsG_nT&*{$BcV1M*_Ekj8?eQ4%uM1pW;;_S$g zM~C_ScEvx(=1sSEOTX4_;XRJ}9aF>TB$nM_ex|N>58mCp~bJgOE7 zYq$6a$l_Klja<)nSCw?IG5jPzS>U7QqrCu+1^Mh2J+O4;?mkY?JKWkhg{MRG5x_ml zBwZ_@Way-lQ6TbQe7b6Us^@L=PiOdaRX>ke`g@+A62T#OJ@F1677{nOACJ4LULF)n z0qYbFhJC(J)bwY4gClc9I2jtf+?pdh#VStT0ZhPI)m|oGecRzOHwhDYdhBfE6ObD13c8S&?b};UAImD zT1AOwtbg-da9KFFB%>!O6-Ft&(-luN%<%*ZZFK5^i(M;V6n=tJCph%nD6Etmi*Y69 zwx?mBerTckvF)1_br_)czs3v;m$p2FKtA+tZjm96NkGF%3Nauwr}ck-pgjDorL>z) zVVX2^Vel$i6|&63%;BcheMVJ{?wFQ3K~N$O-5w+a6E>pp{Tzz6@$|gFF7{)bUO6Y- z3Aa&LHJp2QUpOSlsY$MI>rfA8q$G)F^t~nvE5V99>1%d|VN-L#Px1@ANIwFOeUQ6} zij*atUAE%m-{HK*QGdSXWjkLpO^iKyE@)QEn({pTc~L`O+qNilGHO2m^!1kwvrV2` zSzAf>?@Qytd%2553Y0Igpg4-hDX|BA0L2AOp76hegPOx01yAZnh}Nve_n5};ImhlJ zT6VfzuqYaaw6oBy3IF|r>Ak=ZO)Vj7kX0hO;}44E}3LrUxA96safgkg#$l>MIb^1%*FhSA@}e zkhvXdim~FCX$@iT^hq*q8b;m%i0b&v!TgcIGitM=uHdNA-Gga46`B8?p#Pb4E3EQM z(VSTF z<2-L7_Sv}Q)&}XhO;|j!zX`uIy7t|kOtBNL$+-T!I;C(nZtzbX!llOpmU|gfu#@>A<<@t626?0Tc;T1gmMgua55HaAE;^lK&IyB?!d}n`sETJ4$({Z z)DuEZ9@8YVtlm?}BfT#{Y!llaSguC@Ok(zG8?##_3aEoTn!ZCbm|c&qD->p$m=`1U zIyMwwxg$hV*|v zlmK}s6XQPH)n7t!VEqK6xm1g2JWvPGLlN&S!voX39Kgb-x!Wl->xwf=#a%Z3-VjdG zWSU{@`9@FRrpECJC4qaolWZ=QRdChWq18Bf>Tr`n@uYs5Y0U08b<+430ZJ;G?}ipv z7Pshtc=qgqo}1SCgl!JUbN5Qek;1#=Cq-ZQY>X#DQlGM9f2Ij9R`Uc!os4qGVLc$i z;+>QPU7K#pBFFNR|Dv(kNg$qnW}Is5M;)@Fbq0Cd0!{)LtWY%CLc1kv6LkY*@ZILk zlkIh;Ee+szR+*sae>K$TXJ~u44HIieIuuC_@ugs;s_+U zQL3?dJ)6pjx+g)f#$VEA)qRYUNRpI4#)e*>!f{gH7p5^^BWk(ip097u;PSZ7dX|~@ zw1v=cOuC7qu`$aDCPbc3siB-4515QUD&jT)WE)`dVh~Z$f8WZYj{}PPSutP;Hu6#A zzgTA-LIbydUyU{=TVFmW)E~>CAB&ol1UCm@h;!tBLL_b;X(-rFCng?r53)7wolam* zP#R$ugoNZvgX)uEmt^s~?P0zoj$dY7A%Icwvw)ydge0W}>k>&PF zWdWyc4#5uva9n#w@jg*%zA%a^30dCpZ%7ModRN-hz4Rl-vPr^9=CFMqV$@`!_Kn;a zAlk-#4s~VnTlq)0JkM<|;f@)H-`{1zlW!lFwYMWf*kWG=$`E#3Y$D8T7xL#qgL3WN zs#(WguUdWQYE12U+L!V2H@kc9FX%uAm-`;iZm`gx6yb)C3RN_Kp;V=WW6{HeK~mQp zmzNi^ncF}+CH)w8aDzkg?aFMaDx=5*EXRu^ltlG`#F+;7fP_b?^*_BXIu_ZOLg?-j z3lFVK#c8X(bprE)@{Tfk&+kBdrg6MnqbeV;55o%);$SBC>~dfJ5+9i|)3}t^K&KM$ zgLTKBW3GNNkOA8S=S~ZB%M_+u{(rG`4ne|b!IEy%hDzmFymL&cd^IOqjCIb}*_u|L zOH1TwE1s}AJ>#cGzd%W7isAvBhSCvLzvkA<8w%8UEw}+{hax96dHh4Ga^;0#X+N6D zUqJw$ra-nctu4tABeR2L#)^r_BA(DWjj1I8w>v(bWay??!~T;w7p%9bQ)-wj^~HR) z9{b8gGroMD$y#rTn%duvTJZ~2F~=Wfd%4w9&_TN};H|@p5&BKzRbm;pUork-fr!z2 zliktfrh0N@N#uky8p=(qsyzI?-iRL_?nMMg9cV zR&Q($;a-HN2_BtlD~3IcKzs>2);jFuzJkJ~H2}g4XDgx@oY4CgWku&2=sQ~a3Vr`t z6c!s{pO#;R2J#u|J2{Q$V`}n&Dri|*uv0uPCS0{M}|ThPT@(3bQfrbhFGnSh6^ z$9>=Y16u2w?#qwy&*S=z=57*3xJa`f2$Y&C&T!K~h7_{UT2`5jdqi@;Ps)k2EOOPG zA0Zq(?VezMswLMci@;@SESnNnbD$;uks4+`*e8g{El!Gqxn1dKePVtm!V`~_#p_e# z1T8BT8RJN+`?(2davz|x|NI%KGz8{%Jlzqb#U*%R_5c|Mbqib;J*T9jDZ99g2Tg_I zq^;Y~HAagCFhX{*yUmwrUu^0Bg-i<+#^&*5S+OSpR3{+yFBC$-UZ1*;k1rAi1TZZf zqt|r1KI!pB(a1cN>czZrb6D}V5m`HU@Y|y;@)Ch(^8-`4bK^V*zITWjWkjuSKIY`{ zMRagB4QWPj2WR#sWT6OnIVTj1Q1kdWvHpEU0A07vDLeT_v+*u3nYAQy@0r);)FHYT+RY(anQ$*72 z=J@daup)OGRCJ1B;uP$G`?fsU&3iR1ze!8%G61h88=B-NTF4J-tpJK~KQp|tD3s|S zPbAwkl94|(85h#Mh(Zd|-OqI#OIVg~tKhT^q^LYhx7ckub&Q^9&2l9%FSNj@J!(6u zmVIYw;?~l*QmL<+g}ri0Fr-^56nryZhJ5+*TMQfsJe!Cb`86aSLs5urYENUj6ycMW zY`2WZNgJ?Ecu-dOI4v3p3#g%q@*DW2VvfQsQ)b3OdTQj+ijig&ow;BPq*R%X{9YQYMhrT0%&tL;F9!`>x30L;@bQkL zxgBcfb|_5iHpXieY!z7zvBQ&?O&ElR)cCAC;f`@V(L`n|ThC6r6a^8o1GZe^CeF9!1Q4XwWw=OuX*b``Fm)F8 z(q?WSc49y+)tOt0juY_V-tvPxwJ#sx{Bcl=1y|-RW>=QiL34R(+s@?4q;=?2IuDzs z+my38q1RJDgJsr*DXD-r%`bpJbiIjRxW&spOyjf!71>r;wDV)cuQb3T}feY!r57=y#8zAN8m7t z(X=p*9wP-gsWZ)t@_ubBzcDWG^pK^l`q7l+b>I`w?L-kM`?0kFi@I_^JM;Duj6q|4 z5H+cQK>4$EXG_Tx+BoKX%x~yys#?ae;G(B-EoV#l6(Q6mU`$W@ER*S5Q5`mIja3^5 z@SN@c>Ed7Vh4hRi)Rp)G_hKkbf0X-#9cDbRR0`?a3{Uq$Uufc8v%b1_%_7lTF+2D}j*Of;dufDiTGQiGtmrEwOnDnFU>;3ID zh@zhPC3P)Gt24c#1n^xcjENe-fp>JyXgJ`ak&r)_`A_Jh8~teRpK_A+hq4NJFpeBG zCo|0Ujh;LM=_*%7#_;TZIFg0lk}RBI`G1>YOK4PPdiBr`6!;?U`%0L*(PEA7&{z*9 zi4sTj#49s^9u?!@nRQe!DQ_wQOAy{+0l#^&zqfvPqhP~&VH=MLtuR5@V-ibc*tI|c zNBw;$5&nhKSVFPr+12MA*XNF&7QYF1@{hpBVH8lngmhLOyx<0<$1iL)?dKL$dI>z6 zuhO_sj9J@iEk|YZH7iQ;zNwxvT$`1tIOy{7S}*4nDl=yN!8Y zP~+qDe4XtB4rx{;hT6+v@qwgjb`YrK6-~?*_PDx~BS`(hmlqVeOl-fZn-k&aPmm{;|(h75p`w-PUI<%YDC$>xFmx2&zd?Ea|hKRS^V zC&5F?B&J{vJ(2ZBb1hcrO|IL$nCr9cN_&7UhSV|FcQ=`KO`4ZD%XD?pmdAw$gX>Ru zb23Q-oz*+hsscUfBeKS61=8S@oVLzXZC|dl0pttEIpB@gJIutd)zN;KMpaewW*PZ3 zG+C519M!jp{oTWsrB~_ry=CIKMaFD2msBD_Oc^kA-KE2FAGo*~1U`A?G>|qj!M~LT z*-Bq|H7qezdx^&sk3ix;;V1Fr`Fgx0dx}0)8s5hC?grp3rd~?<(9wteQ{E*laQlp9 zb%1O2!8S5uuzqc)*p>k4y>_vojC}Z|vPjRknKSLEH^lRVp1UVoM6OlGX7=(ivq=ags2xsp*$$ygRJ5%eZ*?0F$uqFCJWmz*C66C4CGUe*}eV29M`#S8-+D$Ry z`#kHiN`Cul!4-nA%6o$x(ctGCjJzX)_Th434$SdWo?=zjDQkE-m}+NLaO_p`-#yX_ z75X!xB`vZ+!Rs#4>HMO#l6X7u8xVCCa|UOd=93zX%W>hLsZ0YrMb6v$TTh4OZsR=C%5_n2RANky zYdq3wyY=6@U2nbF{_XXh-7vrQzRh=ji)S6>uCn5LQQ>7h(@4(IkW19-pVz{tu(CZ7 zn49h&hD~5>S$1zuZ*5H~QU}1|2KvR?Fr1hOy$3G zt^^!YeFK2@*8qT_p^cgKtDMC5e@=0$}kJ9}Q;!+}y;{()RZS z%g_Rjv2~%z`F#@@%-X*^**~~&j}PR3Bewd7)Y#DUi*5L^_J%GqySY2C+dsQJ3V6?6 zl~aH2fA7Mu;QUVB)^nlH-oJTnUsBi-c*IZobM*!Nw02csZe@WI^*xZXg7MvT|nwY<2K-_*fi)wRo3&7^KKjH8ZTaKZ0I$A zckMsymp+aRu61DA7z~3<&EHcNhxhEQ^<}8EhkU`rdZtD&2Iimeo%w}R|IeHNw?DRs z%lyp3UumJa`OV2eR09Z>Ak&lvxA$x$ffxTWrXm0Q@jqCkzcz^PJ)*lme#gHmvA-?C z-#_oXKkDZ4;?U5Typuh^_jqWq`?s(LFbTll4r7|<>tFo?ue4IM+P`qvKUM|QcYKmR zeg_hq=U+DA{>k?`0vQ;YKSP!lbXHeDtjSC+j0}L7XPRHPOZ~3KRKoe$!DXm-^#%WI z$O3aSqfdH1Qe-Q&YVv?1`@y^E>Ab&io4-MZzcVeZxq;bb(1M3H z6S7l(=s*0vKOM^-bPPmlVCx}&GtmXXxyk!Gk01IWemh`s?ykPdU+=>|v~T{kKR7Og zb0C%gUCm~;cSM7;!As9Xs3uT=;m4q{8)18}Kq{bQ5+Alra@p*=k zpN-2-2dk%szvxqg67Z#r!a^08&uTrc7KUVq{(1+|` z$rA%}Aw9vabKEF{%G?#W&&$Zo@MX$5@Z9SKu!Sjt4mzx2;0{2L7P7zR7^2_zi$o^_ z7Y~d2FR(^;{CGBMtg!EJyfpPgO2?q!s@fgjo&oaXD&(@KS$I$XVKDO4F?Wc-LInQVZZc+@$7M~=yK2C2r4bvMw1q(({36i>vCE2Hu+nVFfY}vb8DJPr z?iV-b9^B5=G(HktFqbAq`ms+zlzi!lUTKc4Jk?@_IU|g*T7JTd{<+`aY&IlE;9KXh zR*7huyFAr-D+_bq1s42_pe`k}z%6ddE>^W3;(5INH=@(AB*=!%QQG+1YK%+IQK^Xx z^KVzJ3UICr0?mSO@c)RvWn?*o01*xL?9Cz4WuSZ!vw%!Zgeh4`7I{g}D+{~VJ6k5z z!W8HD!E}-{2dv_5S^tRnXUEbwqiH3&uI_*u1t=_%}5xO-t)2c4zbiUGqC*^h_KXAj=3 zEBTcy2~)n#Levd(|0pGa1a>nRUaMY1hKrj9ZFy+u2M!|2Q4G}4B}3lQYBTJ&*b?y5 zg?aB~o2X5Y(-)XJ@2fV^Ea{i+Kg1bx0veZA;py$RvP}W4IWuUa#9UZb0bG<=(NKGvMjcazhCh@IDyMm zzQ`>NE$Qvy&c8X=>mm82yrxIyP<%0Ed~K>XTVGA<0FTJB+5ebrm|>x0u6%VSW+5dD zvB$;1pHkHGGY=+p1XCjbci^X-!)rBeBZp9jCRb)Bbs|)Wvu}ems9Je%>an;;1;rXo zP;n|@g|_@aft78U9DnPYpom~{PQ+1o!nYv;JEi+)h!S+F$s=uJw0SMild^tXF#i!| z6~^&KYWC?`gBN;Cq~0|IGw{U}T~Ye*lc^^HbY(>rZ9z(60oz2**oG>#pf4Q;Jn%z7agBCF`z}wR1=d@+) zCyEZ;(RS!In6XpreR%O0E+MbLG=_5x;<^BZc4~crg76xG_S#x#@*u-WI);uF75BAnnJ%n~W`TPwlRx6yu`5$OHQ;z~KR&MxqJ-@C{r71^1L$$BFa#A{8p2 z^%PTsXMQNqVV4r=5?-tNxq3OU`<6`Tg$Q+9oFY!6n@sa7-u0Jy0-u@mZ#PBE+V!2#GTG zac5gqJ5PR^in5HyzVLn_yR{?_wJ3Hx2Z3h?z;kYHK-J_9b5gO{|dCvbZN zuTpF$@n7K+s|y<~#H@^uS!e8Rrngglf+X~@Dxi!0E2V34&4Sv0^JmTM)R-dL*^Z3= zZTPo5^OX1Lr>n63>6B8fvWKK-yifPQl&?-&hmEkz zn_?g43j_-_7K0R~4J3HCnBp5(DCN4xQYs_-ghZ}^Y2cg zg6@?dFtz_=o5{Bwl#ojKoU}nR&lyWBr=hJw%8{Y`tn*W(v3qW(pn``ZiEK_5O^C18 zbk1VV#mR1(@Im%FCc>0bQwhRzSQpshmatkxGM?tA>v%;vkzz-9ygrucS$XA-Fr#^N z7C3h7K4ynle)9$(3QuS7`@TQ$O({|{mW7cd?xysZx~2lxBhgx=)YY-eqT}(BDbyLa zaye@{%}jFv`XsSR&hOvYCDwmh~4rj$!u&K>RS|H4>!Znm4}P@!pv38Y0yjTE;*~23;A}fd*7EVF zjAEob1(p>`h>{n%{m#>DCph|%J$W^0K!=|XZ-tl((MXsGy|JcZhUKQ7_tG-_?IVB^u}8*2z^`z0UsXm$|DA;E6JNpc8xDgIl$ivB2odM<>ZI3wr-9NM9wv zsSD2brlXK0_sLe=w{CCJm)Yu4lew7X8l~FA(ste#`AbJ|_Oiigzmnw8$yz$|5}!8* zd4lcoWEc8AVJxMx5`$|$FY`uPixp>8-GkOm5$g%!D%uR9qF<|m!5RuI7MuziReka! zs22kXCL&zQimMT10RBKD$saum15^5@eAhDSlC5@2JhPeVi*uR8Rb!f%t(=+}l)t%q z{2x0U3DS)lDO9Ns3~leUQT-Ivi%-C15+~xd2=87%XMOXufbF{Agt`XP15A*xyG(;; zk}-%qSg?oA$o0}w2Y?bvUg(dNF!QGAK{nAm257igT82A62k3}zS-ZPv%pQFe*mXMw zK3015dyzyl(B|MCDUPKm1uJe%AZ+qWW;_KB3>*X~acWSa12{#gLn3suB&7kg5SDDwDM- zpDQqH>X+LH-6mSNz+0vH1-nxOL#sA+G{`hxhxsvF&b$va%{6uhdIyDgNk~~Ylrd>0 z2f@W+r%@0vmFi7*v763OO`raO3}HJe!4(^=9sRfkD+4tvwF!+uz)wUcswp)m`sZt=Tg)qb(v@Y^pa2Bm)?pazWtrkmiOT-$bCA%A1g%bo# z+){H2tH28SpH>ZzelAD*Yv{1mib+12s~yw|KR}5_I#U};h*aDTv5qu_^mfLBuyhSws^HxH^!`e12 zvy8k%zLgduAN1{>Ts%!@Ph)%{+F^h4g&es)w{nVXkLg-FiEwei%hDegZGN+s#I~{SsX45O687 z(|V||2^KK-50d^h3DUujw$GV!jPn>fxqC&5C&r5`*j7_~U(#o5<>t%$)uu=$_K0_D zxkqoxZi(fWmvBWWIVqWFNP?V7L?qorAvh^ucK%e-kz`Dpo>VxGR3bzb#M#F53#nRaiz??U>qN{6nQ8Oy%9g!N^;TRqPX<+%!eg~a%}A@B88|3 zA2_lkTX}~i{2`LkU{u7%^YJ24qm+2u-l;7w0HdftyNV80QjJ3%48Jy~w znVGCZWLdRGN2*hy<$aQa_4|kffhevDoP(|qphBD5EN1n@=}Gb_5;6S%tGgX<2ODra z{8C@Q0Yx4HL-mazpM5^xUx*P?O)lMu8YTDtuPD`|rFp;@V%}`*nabLY_dWTor1XeT z9x@UqPhy!n4e2#n|9E-YSUpKSk~ttYx+dp{1>&!{IT%%vaSzI-fAonF#tZ~6^>=;v z{gIPfVHaZS5}Mr_hJ>D~^d>2r2ZeO|zAi%jF0dek^Z1YAn^axH1w_GG!V*uSoSN@h z@NU!`JrHZ1qNJ^bUj^jvWBPPM1XBaiRQa)>ii*N8U>JY1$}hZcZbQjP@t{VK??Lg6 z?*0~^97Mi`oa&TPT%($y#v$+5t&U%MN>r9a@kD^M*7vsQC7S{qyAtnttg=2Mozd`~ zv3S#(_lVnxezJWDQHHIhEYp#(3ujWf_XK1?tndxzf>^0tYl{@{w#!ul%fw~R^ zPeW8e_8C^J*yAH>qWDa2i3Ig9F6kL9J7bSrnTGx0q7$`=MqiK99;@tcP&$37e?9c> zu53nJI3prk$JkKw)UsYJ={er?*dvMdz2f{PUki#qZJ?KOmzG%4!D2%2!&Dz5hJ17N zU>V%h&gU7CnP?_E#ZkO{TBE8b+n)QkeWJ2Ta4$9_=r~$jb!63(j-d?sH*g|9GmA%3 zC~uB^`6Yl%L3PIqeSX7-9mkVFeOm`Y?e$m*h5s&&VYro!Mljk@N$12I?Ne@uGIJO;a<}G-@4aLyZnMQjXYLG6Ap&{S zO|E)C$%^P*ca>&6wYN^9Z`TyhDCSxvjpDBbfpkD*SRX;6ry9qlDY+Zb3fG&L#1)1e zKjLY7E0-{?LSDUtX*bWO1mEo4$S#OeV@PHTOU$ZjqDwmmrV^m{>QK$&rO9usIEWhL zaf$Med$v124qjniOruz3gA?xX;9XXnz-p>IvXRv;sqH}vsmn2VFOaAiFI%r4@|L-Q z+7teU$TQxsaV<&x1>Keo2Ghm(ALyxlE%UR3Q*#`wf{V_XJwUyMnX=kWaz@IrX{@8D z@U;Y;Q0q&IsWfB;d!Wv(Bxd0OdSODd6;Pr5c@wLmY@m@fzg2gx;3=FM>hIZ zg;6KsRME3y3v%HCODwr%&Ou(q7U#{K3-$Sr%jBDtqQB-a3+Y?G;;JgMJ7(T2j z6V0fT1vj5D-^Q`v1{f(6NV2Ph^2mv?2$f!*kivGga8_5KoDF=JL^Xu397}Wrf0$x( z6l5MnpdcGEjZDAMoDj|X;w)w7q5e`{=!FK^{HMj#fJwAU=`7N0;ctPS2LV|SQWwsMm63oQ>s-y{ z?RSiNrqCEPt6ze&6c25q)Eo$1XEgyL> zW4RdpQb1c;vh3V0xc*W<08vFw38SfnUF^QpF0U-FsYaSAEQc03XwQ|yoRb7xPQReZ z1F??J8BEH<-?%Xv{JK?%#^_%Sz)Tsz{8#IqW~az-%)X6F(#Dm3P=xA6Ic}xeNqPM{ zO{S=-_YmrNYN)EK%88HQ9l%tO#^e+|kkJA{xT_(W71~Gs7y|+Guhb4{OL8Pz4F@u7 zvO#SBSKL8+bt1J?XBC4r^~eq^_bSa==V%r(6O>-M|D@6;+W32Q+9#Sd3QgYxZZrmw zNr-p?M=LWjK~UVV@79c`x?{q@nW!NB&VZN?ENx9x6UgbN00|+Ftq|2=4YHKBil9-H z+QJT%AzN6FF}c5<*RTg|!;_0aMl!T0!sN6#G@q2DLSk^tTobv%%9(MAB$o7Moied1 zhll}wJ*bZg6`n7Kxyf3oV^nMFx;ESBO(3#8M>&wW9cx2txjqk#)`I4J!`HkH?^lW^ zAC{)y3!^HIN8RRr;LSI{(8UCS=nE)T1dpB)>6mBRNcBhOfx@vpb|15X!VWGPEi)(cMj#J+GgeMo* z#9%{h(6M<287ioY?WM67lM6TtskrlLl-!F}wpLvV;Kq5m1-_v5NF zEO;84F2GF8ne<-AY=We}M{?GH+Oog71Sw+7LfxI@e^wZ@K0ctfh#2?vS|FNlfQTZPS`Oc! zlW_>;pXR?_YgA*{9&+>EnU5mnB1bu3`h1KtG`~ghgeW-ET<7`6qIckVX|C@wE6VYm zAs)9~W#Dl9EQ`E=wx-MXg9}W?*J|5sN^ed@7J239MWWWP-%f+1aHs z)n}9t7%|zG6p*21s(p^xY@4UQgmRa6x-LN)%mim4OfJ6>LMta-OriQ*8XC_qdOpK4 zouoo)f|!K!*X9rL?wAhB0#}#mFN`lnDED!ARXO033X0blUaYKDc5^tbF8s1QtmLpM zk>+?cIN5(?Jif86zu01}XTzV3++-$4KHJZ1Wa!G0=yOkFoQ)Ne;fec?PB+(1yze(T zO|q=961@~BFkYet1aV810SNr}ty3#-KvEM*7K8m1b@Gnr!ns|$(k9#)Z(nlBDH@5- zZ^DBKa$K_ZiCApCB$i~UyiIc2U1qOa3J$DtY3$-@a z3BOlAhOS7yEtSd7TM`C(VeS@)n1#zUdUG@lonQqYP#XN1+@SFkEeLBq8|$+|cx9o& zaeQ?^SVgu+nt04|Ps2KNF6aB|vwnoUqvf(smEf-~>FOT|*S9hwN)AeWU^thxl>tN1@QQI;Hr zy^F@q5X@;Qq zcR7kg*J89F7xC`??in4~bjlqzq(n{A!n&IBk`DEBS7bz7^U zYz!TD&T*txUgFwnDqm43N8ebuWy z9W4>^+I)FuA>!=bfYHt^722@h13KYDCL;D+2i*=m^R0n&QI=Bny>WCBvY&KqpGA0$ zml3H-+r=AxY4b(trtvkN^sFbRTFGy-`#k)}`_Hgs*O&v)E z?0m}V%y}$&6dPywN@vbISpGZLPq@AY7$n$dVGncdUO5%iqtaq^#H0iVQ2951by7bwKf(>CX%qO`HhA_lOAjT=Z|rD#|i7qW=L zI;h2Cf2z4?ng))67JxBUmo^ngCbB0=zR+i#uOl` z@?Y5*{4&*D^w^el+cTdbycmIl#mScM!#{+`r@S>>7_mQ8Y~S)E5mzKIzK0T-mXna? zx!`7(sOpA!{KGZjE_0h3j;lQUm{4G}@zBjX1*+ExM$FNLk5VBJhUCFA{Eya!Hx+<( zz!+_Ir$-d1x^IkjXXQ0_p*@dk@3tKH2ux!#30EwbWgoOwq%A7x6ldLQKsi>Zl6iMy?@;k7&&`&YWXMPB)uT+@;6%E!3@=gR$;8` zg(Bk1zC5o>%%&A++vzpcs$aRVWamHAa8Xjrn%m}3EwqT>XXnnSl%r%i%{`|ki~*H} zhFk-en~3v?a7(Y=uMM346)B9>q~%a;J4PqyZt!1@^lP8_GaK(;$WN;}JsjTkYgnEhkg7dS$Y$s_fM(vcein+ce zLY7F@oOz9+Ahd_`5a_YUhw6^JYGO8hC5O&94pZ#fjmL=wf|-rOxUATa_159z>7JW9 z`?XH`5%7|fz60@Yn%mS!(2~=usXQc$g`I2LYgb7_DhR|`<_ff;aA1@!7jQW6!|F%4 zo#5LULRK4O$I-53r#ZL=9}4~m0fGzsPAY1*oqxSvXEp}cim390tbFC_s{HMw{v3Kb zfBeKsoiNczK9US?iWb2D%`AjX&`J7GEqtl41|ZolPr7SR34E+U6rjTDs4^0`pgFL~ zg+0bz36|vN%Z$CMU>T+3MNd@vqVuwD9i(dOVuul#AEhEj6Z9SYkg#Mdw0o|`K>qQHRed&-|`GzID}}g zHjpr&S+%U7-j;J;M$atfEZ9Ed?ZXqF!u)WqNLR%M|G>zRS3Af?%`=?UP)azJZkE4ORiFupGGU{fTC4Uu)>5y?%pU1pRzhyu6TMif$fGhCFp1ZdsWL&y9x!a+$ zH-!+IN*@995)OL-EV?L*)&E8S(VuU0g3-WI?;H=sFB@y#JfU2aLC-k-s}+#1>SC&> zfXN2Gk^~#E&LF1JCP8zcLa3V}z_s~2FH%aKmfZ*(*a7B7h1e)UZ6r1k&aCiHm(QSu)7@Ff^ z*!Rj|Gka(WiCKw0Q71TnWGW!H7|ApdRHl=``b>+Y9K^wGP=d}yp6CO`zjJtlEIewq zvn}-Bq9PA|_Gj++j%<)Mh}Bs|if)=u(=|4nNx?t9WMnWmfoC<879buD(yUx}j&6G8 zZh4R2DNnFbr8^m|io(O*XWjp)!7l3%1uw``Oc^@qX#(4xa<2IThRYBUJi~D$=w)G; zP3oAdk3`e>hd@E(`TA*sTctCCuk?Aa^PAo|cu{W%UW4qUY!-Br63Myiz54xIL~_e; zP;)03zIxkSERtZ0hJ|;idaw z(%d|qI(xC-FW&|qA_2Mo0-N)wOvG#zz+29srpr+M{QXH_52UTFo8_N}(Pc15Bq%K4 z?W2|tAzC-F!m-RavCTz$q=(CGNq7|+%b&NX*xMMs+EIM8-Rr-YF=6j@tmMao{=>%N)h^XZa=6t+jrHoHq zSr?h{obUGajoL>j$0(*y{~1bqY01+Hzh)Zd0wZOIvI2pS)M1rVsdF6M(%#&)2J4~p zaL~Y}u^asXLK3Q_X$yDxfaVy_<<2xD>ijzaTialAsCE6u2i->cod|h)jPf!Vo4PZa z^xk4{8A2Z2K<;Yya2G=F&;nMpY&r&6y>f{hZ#-KfPv^&AjT{noURPcCMd@agh4UdN zAyeEb{Fw#_{?h{KsS%`l&PntKb5t{*pvtaJUWB(2d(PYW@2I3tzXpDSqqLaGFoFo6 zvxOh!y4XZ9>z{?#tH%L7k`H&AN$rB4ToWwr=7_qipIr>>OY zo1ObF_-uS-a&b5=(VTyKoWZ-472%%cXSGoBl>d-#D4X#Lyx6f4#qapYI()q*jd6mG zQG4_*iuZ4EhAmikunzWyN#uEzu<4lhFIiBf+&OuImaLVF?i#7-v40e#YVLV zMhC6%C4nCeURkwOTjHJ~2{PEplSduJ3lUM!-Ms7Ek{wMu>Tusla(!cCK{^<|l`0VW z=dn<3igJwrdV3gncEU~UBgz$s#82KJwj9_ih{kX+%rz)6C7|ZH11%3oY!tDGBmfGL zIA#jc0Owku6=q}-wHgxI=I**weXiIJBNyG!?8VF^%d{9pYAtnfUg7qcXm=ttl9Len zaOOUWM!@+;(APAc;#VX!Hu1n=&EkB#k^y za$fQ7NM+Ge~tEdEGTkShT zhazrN6f{7}W}Fnhs^l%1C4mF{dOCmV(LomE>?Y|I3M{4%KMY6p$99uAcP0KHf#H@( zT~nW}8a}5e4Q|+-Mxk1ACycDvbiKiYE|C-LgE~EcSvQYBFP(;nlflvPg9-aKx2p=B z_J6h>G>ODCxDugPm1~6si->gQw1=t|(}jObeH$)=np$w2yDTGTswGWi23=tFJFmpG zFPnzUO|#6@X&S-IJfK@E`L63nv&V499iV}gO;V!qDjVd7bHL@ZGJa7pOXri~1Q53S zdJ4sLPP89q6=2X*4;A5QP|mlt0(y1#y!(}Vh-*x5EaSRNUO!ji*~V5R{}9e@v%$W< z054)iKGtCCPEHaE+IQS~3x(U3O6oWC;8CD;gmS2HK1a*n<)#}@WD($}335n`(<|aj zdxCJJPq12qU{7KUFfvW8uC-4NDi4v0=NRPlke-C5$Ss9y3n4tc4n`vA=M~ope>9uP zd49W7{)L$0WbFfvBVM(la8~3_1~tr`qQnb!j_x zPgWz}yto2E#tyR;gNJACY>>Wo;KLLgQA}9XmG<~W&?KwH1v8NzZ!}m-yA^*1c3xC# z>P`ZIWFpHID>pQ9mciVL6ti}ckoWA;pC=H(2;Uk98BM>g=0Y6u_lA)rGTnYpg`3qn zs}+3R@`u;Fh4tKfk~%6rSFpk~*iKT`38WJnW=lWC?J!tAYiSVz!jfH|EoUuwgrgH- z`|-ER8AQCw+X3g^ZCt4N#_ft>E2t_7#T0i9s3F%tGVlC${-@1Zn_TF2-T1~ntMV1hnqMEa?+Jw=1K3z2Rq zwb;z_2C&JA0}7EY-Jw~pYoRsA9{9MWyw8tRI#Y?InasKi(j>I`(%^7iKE?7f^A6O9 zDEejhdSFyjx@{{U?&#I>AMqs(zx^r?4owt~YURkK=+EZCMS8UuhoN{eLpJz6*?@;# z7jGT6`0mer_pd0t1thB!(rZT~zm@590j#esb-DB)b8JwYSDy{~uurE8&R915VOD4S z5Wh9KL6wFi7&lmKp>Eazd)=6g$8swI?FqRTqUoJa5^0seSkLbFtg2t1^1r zk710aD&CVvwyupV`aW@zDi^k3Z5=5t{BSQz$gL|z`U(^wlmK7X{3usET)!Wv`{WB7 zN=h8fsg{fgdVK~S$l~<{5YbUwBwj_1y>J`VvfJe99Cz79sQ z{P#Gvi8&@^yRq3{`^mONA~#N3m72K0YWdt^-hp}AbQXjALno_O^{nJ=4FLL(BP0Jb~HSG7QY(zzq`2s58VG;(>VaMk%IIr zkgW8fvHTY)T@Y2X;IGEe18~^SBvhh68+{*F$nWB?Lr=V zeXj_Oxxf9+5>F|Dh-(V;lL;6?G)1eL{f!lwj9a+%am2Nk%P45Daf1G_J;V71X2Llt z1Kga}uL579vgxR3&&-V=bgu(Aj1x#_u2~xwNSQcRKIZw&kl)ah26`;K0Y77E>^vPX2nskV9tV6*UmjF_ zm@p>y84UB|gJRB~O{AM56Kw+oDPQie{~P|L`V3iu;A;^*e|byQ{4lqsr|%*>g&N6t zZSiH@U5~Np^S*^OQGmHzaqV)@8E75TsEwQ15sFXopsLI2Fc0H-_qMBbun^*~s=7z= z_%rHl=&o;)&7+h%rAX?Ztl%OsH!!-Z5ELuqdU7|>Sr7eWtZo|~7?UVUH1L zN9`Rye<8W=sh;Q$iTmX6{UPF@Z&mx*j$s2`29x=g`#1{caN{pQi=u4j%~SZgw^-#5 zC;pNfG0LOr!f}XwDE=m<2*X59FofQQGSr0Nfo!SvVLmb3QGNg-*LceE=JeI52JKPu z1?(pGGDTqg$wVJRhiI(&>_ z#M)+6QF(T@}f34Q^(w5nP410(A&N#FKOW7>V)LI#KAqy zfNe0<9NaHC`-D8bNP&z)a7bEsl$k=`9l`Q|G^OOCgNVs+7ud$lwh>$1FC(ErGc&}5 zpKR;!p1WTygCptDUJ&xiq9qUj5FBpbLJ(SEw~rRlUfP1^t4+e(-^E3-tD5<%hDf*gKa8D2upnL3WuI-^sAtXtx$UI~UxqVF~>qO`nrdNcz zsaP|0(R-T5v&?w!9UUR`c?)YdLQ(O>3rgiUV4_8w) zY2x7AY|ARlbiT(91VQB^ao~f`frz>^O$y1Ib`ow6(w#5{X_dkaADukQoduIcv@%_|nT$NctI|ZpX zgaR%XJ4xN2xD8T&Xe0Wf&_Sf~leue(NyrbU}ETpzz&P$#QoRMhVtuOeM~9f~bNxsupF> zaw}rPIR!F?$2|xZ6`&4%aT$YBnTB*Np5$r^Fc0W{Mj0&g$o5drhg6E!(Lx&&5ep;r z20GLCm4rh$mwsB0kR67LXbAOs^RZ)4OYisOfC2faq}#42C+`&WFa!h*!GChZPS!)* zGqUYB=v{skGry0}#`8Fw6vf#RXjOJw?)_6c-5X#x&jabskK0;*P<znYfxN&PT#plBX{M z9;AP+%!P!cdJDClvyJJDFv84(+rwyj%TV$y0~hePm=Y7-l_d{|HglhYqY8iQXY0e_ ze2y}tH*&GGcHCU$-5K+DQrP&Ngy=D5CuG-W>dkodH&*2dGf8nDJ@p#PY?S@c7X*MZ z23u@n37m0OV;>m1t6G(DpS^INIPU&I|7j+DR-}I!pS;F4nA`MIS2Ar61(fLSR7T8p7Da}07BDAW9xJt=BgJG@#ecR~lV8UrXVY5k^0m3?b0@~tAE0tvbJ(qZuiV4Y@XNPLu^}^KKG9p0&G6<7ogfi=fa$A)v zW`Xw-dEBSM(j%mOJPILv3t>cwO15$z!?^xp)QdFQi5`W~jxt>m0fdR@vI5ITGD0~R z^%4eoTK{rX8Tz^YO!=U>1;PwFCR>_tBYhBVY>2C-n%pu78B%mu>-J%^Kn%GKSE3OW+OH0UOUQ>m zTZzdQ4{RBy{Mz+Dk5lcx5(&%gg^c=`L^*<1eQL`g*_^SM1e>LrTH-C>nub&4e3jP5 z^b0m>f=c}d&fILdZDAhMopxI$Nfn}Ez?Rfotp(WL{L9Qy7bl&{T{({LFTr0tPtE`Y zE7%@;HW1S4?7mx)`5Jlo%S10c-4r({2c)IULk<>vNPU6qo`?h)=tBxEHphj;J%9Ss z-==npkb4Bfv-@qy9VE=u0egDXwt;755j} z-Y_X*z{uM{ldha4)JXmD>!K6r`}QUYZSjx7p4vXmV`4>-pR zFYW&}V|*4EZe(~c(XMN?CSo%})uiYm_+DsWCKwJ67<`d}FvuJmmCMo6&Byt58C-tO zKN13T0pB=RV?k}I!ci_COmc%tjD^8;YuLg19U)06G$}3ag9^QezCG!t11rbjdc#i5 zxb=x+*nLGaa{%oek$W%!;aVOrM{DH%zkt>8h`BB`y4e6|O-`zvS$*5k6_4yjt03M@ znf#`tj<#bAI&hO~u?cn}=P{$wZgkg>L7cs zUHuze;=O3}eBfS?`}A^(O}_GFX7p0JozfQRf0(;vfTr~99<>Kj2_%#Qli_AKj$>u5 zeo)jOBadq_?-vXB>CE^h%Lmv;%*D+Fkum(0i{UB5N7rQuJaVviiVkeDsbh$L9wZHT;M!TjlHEJc)ff(zJ>b~ zPu5AiDza+@vv*xpqMFgCInWQBxwL?$_x)t1y~S)A^k#Sw&mGTo8vIR0m(Wir=Pg9PPy+6=vYCz3ZCzAHfR@1#rn$~Ezs0>nR@qQ~q<<+buy45xx#DwM2 zAw;}IA@mUCj2Tn&-Ki+DF z@odVg*4_=vw1%Y?Sq-q7{E)M|2=>gc1~C8e(Hk}a!v~{^H)A?;<;^UtIcH~fP@vU! z&HjSKrY{0@>$=lY7_O7+G0bzjR%gmZH&u37%QFjN$bchvvkOulaZ1r%q!!_I6}dR> zP5)cUL=70iv!2~|VGg$KArOCd8{1TdaQtlP>k85I5$vX+3T8DC9XyqlK;DxKxs3A& zgB-3091P0wB8kj=@C-^4+d#}O^Jhs_7A%virHx0l5k2PEJg~RJF#Ia-fK{94vD_ge zXVf4cFRYZ@Y3A@#=Q9OaUvtCnF@6qjnumlfOJP1t5G9woLKIWSp-UgIl!Op(K($te z820bj!GJWXnyX|&#kfG`qVrY6*Gf)hMlMsS%UT21p$y!E@ybQ2y*%_y8hQ7vQt^R$ z))2e@%#JBL3d{?sTyK?PEkCW1*`=OZkA%B2#WmB#hVjuMQ0iurbxmPwIumuTdl#9vRKcC3R{^>yR7YG&ei3=2R>a`uI;7=CQ+ zw3Kn}EJ&eC22eaN&LLOL`Ncu-HqI^eQvWlJ-nnf845ktiaHtmKwU$|hCIPLGUD%t0 zTOgJBaK5`45!HkJcc6Y8;})(`zYX#S!H<~CPDzc!O175hse zQne3O!$V3k)5W)J@7_Fx(?wrRq{=>!_}juORTvl)dHA1lQPa`NJKb6wF%fP-pWc2c z)2ka;uzcC0b<}l*ZXjghwp^hYlR9W3A>x&I7Y6o~J?7C^#0*SI!OcZW{Yy5-eEzyF zW;=!RTy04#tb`_NM21-v7cy1W+(MO?Mz6YC$9^o)gZo z*lZiUksdwWs{!8*e-6cG92Ic>wG*2d&BLsCmxyq0#9C>UtE}mD=IKh@N`Czk7rbd( zj~t!`K@&OdoI3Tw!_cXz_(~H>%146Ae%!BfHmVX_2Cf$FE+(-Ri%@CeuO!5~0ut6N z9n)ej8NAOfr=jlLd4gWWt=TyEW?m3-_8l<20LjH6+}3Z6d!gE;=jg?gIaVJ$fMzZA2;^myJnjQNe$uAlmv* z2jVi?@>^+D^hWU0&BjNyNV!Nvs!I7 z@btQi+$fMhvrVbuTR^U#`#oUeMQYtB6tKo-l$cq|AUHzZOt0wyb60y1R(&Jw0xllC z&0HP*rxbCXe@f`pT(LXbtzxh$)A?$ZOvdzUF2=-y*D&di@baAdVhZ;&CAqdM-BSyj3O4+iEe6`3YXP`jV@(Pa3K}anSOq2JXb))E2a_~8u_?o1>_$Z z)d`X^o$uwp+K_>^;2kd+EC~|4c-#t)J4a-6y46=wLZIxthmW=ri%}#fBqZJuE~7xD zWSA50+y;AfjC;h(r}dj^9;?O3U=F=F@K_3E8lr}*I~F{4Wuhl8EDoNHx`a=EJ^{HH z8eAwEHam%7EP(mIH}qU_5U(G&Y%Nwmi>+6m=)F_7shs3F!wDkN5=nIg$Cihs_G~HP zU_Yvi`y&ky3A0~m|?EYqZ(nECh2&Ss-s^XnVt)pU1=fwqf`mnNhYqq3KL~n>ZZj$MQ`N)ext@wKAFsK?rWJS|u9&dH#$FI069(PKq!j=hkeUY-7gQe8Sa4BAQJ+_?y?>RBe07{a$eAJG8D7vj ztUhX|gYq8=?yS2Pc$+Csnqk*U09h1?i$w@-fJfqMQxK=?K<@asB)5>ZM7w)x4Hl`V zWZ*_ZqK649elV1042eK-&E76@?k8Jq8{UF299dUONoK5MGcyBuHXi&&OnYMuD;IK6~p01nU=UTQ! zvs%0a@|8rp1VZT8{%GUvT*d4Jz(g{*0$TXis#zE0c7I3+Jl?cmujB7cTP}weC%9sg zB65XE7tE{M9B(9Si>t95^2UFkToJa!@#CMF^WzM?veYM2|H#0 z4YNAer*9T#u5*m9Nl^GOq(hwor3QZ+WAIOkw)HQuahjN7r3qmHy5r10Hko~S6m0j< zM)kl(ehq!Dgz7%xqHyPVl|i`5y~jZM_$attbRwmC5Nis|_PSod<^Zvy-;*%>THYVO zQT!_duQL!Yia4x1*+U_sy-c&gyEqnA%fdrq@p{Sht9Yv8>bG1VN3Syr)-yFiog%VT zY<9-kZwcdtMKzvCUzyj#f@$HW^;mmO>_^E#sru4U=%H)GVM2*kw*M~Q4qm+$VtlUZ zbOkh{2!0oA+(DE>o=2ujU`9<$LQpS(#)vZ*R?WFAHDk{7b_gvE^q4P)+h!XizUuD< z>XsV3!0|4RX-}P&?|?|<#RA+R=1TsUV$PAhSLsT<1a%(w}B{jecj;(~QCVF4cK$5@oSspD2ZDs$i&_gubPgdws-0Pcd z0Q1&4Gl(0_O}G&(nXHCW?U7$txuROOWnBh<0Hu_i;oivKSi5g zBNbD`g7rP_JVfe_#%7W+$<+mQLv}s%^OLyTN0l`CcxYk`C7l|cyJ{du+JvOA4*K~Q zfmIfkS%5R{<=cP|E}hX(Sw!A=wItB)n&~JE$CRvN828KIw3Fu!jwYNj#-oo_RSJ8xu3Q z?DTgQZR5_!>=~Ku!zW3~5}mC)hj%@2V;4BDf^s8HYgmX@F)g4)Zj@p%2FDAAO-DLc zA^n7k7U*gh?X^u!ELz8@my&M1A#kzI@gY-~(y{{`@3XJKRb-~29u|2M#^TFqE3>AIyP z-lhn%qq7tHoRAa@L(eQNUkIzH_%A=dAVU02l4u7uh&)!f06+Vg>&wpR$IOrO%nyTO z_iV>%hw9d)w@;Up6X%DPLyOIdo-vy$20A`lEjvH-fx$JX_sL1ccrkd(>q3i52ml@+ zp%fVzs4P7Mn7yMiNPph}0C61+KcW@z-YNK9czC!zBOuDw);Bld3miQFmE3GtbYS44 zZptn#fMu^QL2SHSST~j5`+Yz5)z!%jkV`O+!dEWvbH5(I6d+7pAbTJn)CMP+g$5;n z3Mvf&Kj;-oWBL{E}M`@n%b)*J*^j6H_Rn1Tmg=K&o4y508tI5CVplh-rzOOwOr&SJhb;%Q{Z zU)fV#Z=fHsR{~d8(_X%L8{e)Ubzl%MP_9jT!-spmlO}(jla|mngNH92G!|7ZHURuv zT^CKdS6{syy;(kBgYRx8t5^{~t8K09Z-5p(E-5@3wlzaZfXiQL2ewAYVPESpqqJyROlp=x@Hk z{#pbxKEGslw=tr7y%FEGJ-ve#^mB)DM_SkT!TSe?rzhW&F#eQ6Ui~ec2x-y4eQ-x# z?2UXbd6hJ4iqqGn zqrIK_zit=YHb7H-v$!yCx6GomTUNjBZ_~tdw0K&o`fCXM&0>5O3 z_*gx@*}49DIS9Ibm~?D(bohJs{{UXT*;Buwg+~^LCZC>;Px=I^o1?~`rTc7FhsWpd zW%s$SzxC(7S-(|07+26O{aP8Wjqzc2Qxnr6%iJ^=7>dl7*C#@FVNP_FOn)e#%3Ur! z;!ztZRLq@U2@^Vfw7z>^VTPcm&4#RaSSGoF9hm)nD z9s3%7*m!oi2s?Z{MdU*DcLBbeRCe0#U9JfZ&NaaWw3IC}FI!DQyQQ6TPBTab>!*poht z(De~7cLJuV9tsm7Y{UXJUB_O4l0e=>I@%`eakn7YeM($Ag7L7Q7K9sG&?bg2C(hzr z#PNy#8aMIoBd;SyvEr#A4q}?|E*N`e6+*vRCE2TL_otGPpwj!jNpN%M?uTn z*L4%M8rzC=OoQk%udL|E#l1RlC||-Too=GtgW!D~xdN4M(lq$Ht|V**FLh5w=0L99 zDhg}C^Ayi`uHoRLxEL^6!s@H2(_dq>;b_~-1Wor1fCZ*&m)Au&${14v5OjmT^3Jx7 zX`+=YZK!fqQ{tkeJ6T#{I{2N?st|n)`)!yTQ+!YYT0Xm!&rq|4vX+Z2PT@f)^?Os5bXGwFB4ydrDo_l>>rGcE#BGTmG9l{TGOFLcf zRKM){G$>}AFu$PZ_go{*`E(iMp;=8USWESK++Jl*vgw=r5|Ck`fjWD=z6GbV+3$Q| zu!SwXkI*}ot3H2-a9-Ww@X(ugXDnJ5Et`D*5p$c3dKv)*)%Sy!!r;8V!_DVVHNppVuvXbQ`&fl|y`N~|>PaWz>8|p{Ork?(ev+sY?B8jzH~F_D znfE4W)iWB(+&|VZ1KGZv{`B&ChlDr;Su2R#Rem(%ho?Jf^;Rh2r9*L5iTz>i2wc-% zC`=y{E#XN+MUSJ+a~lb(;X>V=pvkMv`+{^vOO$*TUsh%&@=R365$R`NGl`RN zP+WIb7bld*r@|6nnj59hp#$PNNypHOP9V9_4c;g2#$Jco$k8#JF8jh&^3>3djS*B`jua^xAUw^TQ zIz@p6zP*Sj_dan~PMlbvl^D(-v3$)?)_2U*7K_41Y-IVWm$e7X@9taoC@mNi;0ZpY zW#b76!rrFI;`zPorR?t;j3Fzfc4!BSjDo;-@7KND=~SY_%X3HG{OBo|6$D@W|L#0^ zYc&3&xy7LIL&9>*f5w^lsY5U5$=uwhD>X|#SXoE>Id4=d>kEYX^N0i8zlDp))O=g8iQhzPBd=%b@!e8&!7kCNpU-3VAb3<&%6(cBxin4`(tVz+ z<L!=T2L#GGhVTf+X}nvEEldOhZgjsmr6d)y(ymw-kMg7@UF zJ_FN#4EfycopM9&TEdV*y-(5)9sQsgx1PsSb+GgP_LJyW*sg@cNQ2cKuCN>;{S(-` zjyf|z*bBwrj80MBij>&&1A)IE9@->d;PaJo$GTFJoG5k1S3~PJP2<|DO;@j4!!Yu? zyXL|bYGX*nMk1aI+J=lB5oz_lVasNY9*cQbK!$Z3vDu!X3rKXf5YjmC-H1JV4;Ke*F9I#7+KCWs*& zv(kcadK@B+^BvWH$(2N07~hXw13K>0Wheto4!(4~{3595A9w38cq<@fTa9YUT2a-- zXkUecA66eoeZtoz#!b9B*Uo*(N{oV;wbf$~j}A_GJW5?Yi?V<<>o)XOheU-( zixn_>z2qyMM3jq~uB#n3@n%#6ugbp?%@z9B_OnyiK@(HpNEytqS>n7MB zYAO9ikfFPL2iMq3O~>)X-eBuqEw(u!?_jpMd&}nV-dcQKgbLgeQ}&z+mJQ-%3chUx zAC>A{y+JDWQS(MAvcy>Owy##yaZR68iDhu~K&uL*4HBQ26#_NyO1cu*Z_YkUB4h%L z7>7ZWi}w??UV7#;dXkNF7Hyy*6j79q`_2Nc6bTJIoa)pu5Alp1SLre-1}?+x056uDc3dy2UP11} z{HsFq6UYI5=uwIq$H3Ynn3d$507M7kCF4geH2k_-g2w2YEED=LueRZ zROG|QJPu8on=K=tR74p8r3@T{We!>glV%9XySAr?2+^n}0LRRzVfYYtScmNX(nVgg zDNnea)O3f}$>O>n?pX}@Z5iP#rYOBGBc zp^CJP3qi~FNQDr;62$5f!8#9Z^_5nf->`?ybx69nksYeoK-q>rTy5V8DDGTek*`8* zo!VEdN3yXDm%Gx>lcr}WD+GwMtAhy0S?&X!JWu;tpjv;y++g^%cY&NO3Umw%u!;bq zofl3hpX{*OKlkgS5>L6_7L(uF=L<<*_n(`WC$K_O<&_oV%UPaV?Kni5fx0@&wJ7PR z&HsrC3Jt;PPi>=O<$xW1Z(2kZ!PCvjkA~&vWhF1u-}=_xiU30ya9+B1n*$Y7uN z-{HtYC4M9e@X#+1|K4?De55m7whD zXc#P4iO-E~J5=|h{ZnE_mq??90Ld?w4>l{t>K>S=!MsPLLR33L0xG;V)3XSLYVZ+p zE=TQ5u~3en5G^Q{#D=JKJr)u@(5E1)_k#W-FiF_IZvWtL%UG1Y4y;IE9DlPKdGnTN z2|Y`bBOO^!rkO>QV0`z>{2gS%?4Z_?=K1DJ@axoPy5fSG-hnEf@TLOdv%=*{xJg%t zJ^Iw4gm*)<)KQ1vbunIl>o*Gv0kb^A`{jBjbkTp>kXX!(DNgU{!&Cl3Xy{1dRUpdZX3|5* z$!k=}5V0b&l>^M@am@~>N9s5KA}1WIzkp5DhpcJl=?Fygd;j>xF*32=4IB5{{}~Q+ z8{Yn7hjk6z)?ede%ou1c(9WEd4a@RlJeJ-?e5Hl#oh=wCB}ZP`T}*rIEfzOALrQL3 zgy(R5UV--H=_u~E4;3Nbsf~N$tGU1PU;;9$Ghnz`2E^$C{fkjWe>Q9n(*u7z*541H zJO>B4>5{h=3ahmZ9q|m$T9vww%>eSjt3e_@71*p@l^SiA1x$f4qd{@)sn>oE0istp zuS!Jx2`kPYnqm;08K=3E*Nu{fs7{W4%u%N%p)7KALKVUr!-DiSMt*?sW~cj6?m`Py z>LjKH)YF*!tXBLXOG0k$7T2hvc(Ayaqa-9jo1ZIppca_C9d&I>9loe=;#gBOe2$_w zM>@LfDU+A5JG(e#^{*zxYrW%+0jF-*Y{Pa+#|>2?yXDfK=Us#LSk)dI>brINJR1+X~_Q3k%u3Kn}qDJ=VS`XAuWGy@Dmty}t8 zLS4h^lM-~TVn~g$FOHH2`0a6dsOEh=7ga{#EX13cSHze?b^w)W`fD+2P`suD+T=Xc z#EiBQ>17bI@f}bzO#qL44fN=9mEsR<%!N?poz7(2o3^N+*u9rZ!j0t z+DvlKqQ02*(bP7uKb@tzwW8b~UJdQgTq#zGu&LW;zlrO0Xrf`8e*j@YFwI4@oQ111y&$lhbo#{860 z#GPO-o93RMv<#%ATA}F%?&0APU&)RRie)0r%X}7#C0?OjjRC6i>J-LtpDVj{GUlq> zNU`?yHtBjIaW<#k_vVmr#=hR3(pzhqpI04&(}%TsB%WOV8{#n<=sGD_Ktq<%$qk3Is%|%Y>Ak4PE6%2h>@(4lns5W)I9=w^pVM#q&k9 z#5lFQKzh&jDBD$Tb;^z}C{C7q=I5Wpz^4~$)|WAZH1G%^?r_i*uCX`=#C6pnhF`FD zTa$#^hezehodn&FRFRc%)HW5VYu&%q^vic>lkm^hcpsE--U(UXT2k~Xc(WXAy-Mu` zdfb=KcT$Akg|CfXGhOd0UiLFa?=Q&1)L|!yVVaPt$Lo7RrMS|%VTPm-YmkfB$eR7? zcDCkHAnR9vEp6<2aT>oo6@_mVFsK$uex;;r9WI!UliMh@H;h>dg(k#hJp+q9LycDm z!tA%Km@T7R%9CD1Qp*7HLihf0rzin(J*kthO;sX*PGGgTg0uVZ;Bb{odWKVybXx6X zy;Cg>^2MJR@IM|>IfMMW|7fepK6@NbLG@Xl&*C3459A^i**tJxj#ivW{upDi3;%*Z~+MdauQi||%4t`RFL6~C-gz#r znFE4z6H=3yps}_!Xx|zG>C3*4>>?m%`~5rI);PW|;1DXJi}HeE+mo zzV7JWUg|D{vzcugisU(%Vn~ponc2x5ghVgOa6m?-O~jf&Xh3m1oh+q0onEWxmYt4g zxv-k7pI4vgI5EL_5Jua!6E!IvUS*z`YB$`)ViP||q1&w$K6@Tk=_R$FM$U*t*vsti z*J4OBjb?MNj3B64pq!8WNk}F;T>f zFf@)zURE=IPP;wUl94}XvBA3;xw4Zg$jyUhJK9Jcn^Br>)4&e_;Hc^t8YFb%J?VynMG?*) zAj%Utf+E$g<`B+GD48yekyK^=lua0y?mZH5u2bWh5^wE-<`s;mdH)C>?hFqfdd6dW z)l>4af@z%7xb3Tg9_9jOA?xwetwC_t;%J~3)Pn0Zhco!-N6|Sa^qVXtVE0+?6z%J% za^Pb97e3QHvN$L0Od6d`?7-9jvFg5A1CU>+qO6#xU9Kj{(qVSj_vwrfZ z^Q!f3z?h?utj0LEqwm41LM~coISw#pL(rWs_c5$7_P|kOmrEkXF;Vj z+tmNGA?fm1Z_!Axb`FKO%^6u#{|b)j$VAc5I406 zAjlF3w>$(`#=uKu(L~zK%j;w^g3}?@^Nmg$IHo9ykNb=~_&x_RxdeA{4VMhspzd|= zm^-Dx(!#eg(JEh>(CYA#peCE-VJ|s{a4@vciY{~#D)b{)pNHUJd*~HB9f&i{!F-gU zpkT8*$tM4l&(SR&HSAp)RUsJ|KC8#}ktg`9B=Lx<4nOyVQO3>up@WD8_Vg|umDKyJ zJtL@jDO(>SBFVmV1cUb!3|ed>t*nR|5Uk@HTyNQ(W?IK6Ix0o0@3P?6=++DXI-#}0 z-!yga&Hz={aphf>fFMp%xQ;=@@>UP{B6xPv<>v6K$3S@uevU5Sk2BG8Gsl)2t(tF^BgR- z%x%thkfgp)B*c0IAqk6s!fxf*4X~ zm@q61##+@o=L=cBHV{z0z%>*Mmkm}`T6*J=L~uhO$F5IXhw`-D_O7^O^L0#BbRR)B zlE(3tS| z%Q|`!Y3>UOdGfnt#GegUqdW`>ix4NbIQz7=hE(^dxjBE~yujr4qLOXU{(8~I4AA5yP=!g?lfg)w|i=re7j!zu&z8`?k zqffmjBvp${S=VafZ9Hla9Pp{--%7F^)L(o$tHKiR{k`vB?9W?{G^iB%9>3#TV z5b&xOm)b`dZCG{k+L7rpwlE?qE9$kVf8VX7mF0f!r^cT|JnjA|79uNG#(lv`<?n(e%k2-DvouJrEA#$kNS&z&q%0|MFVE8fh z=%;|HKPDzg7nqa}6;O8Tj^U+IV~HqPDb7(*VAsr9Js+K#=0pzzIU+K*3e3mR%BhZc3)JnUR^cY%yYsg#1<1_@ zy=Bi8b8?ysI**=}2D_pt`a-TM-;~7fsJCP%$XM)w!~pVZzwc#+I=!M0vb@#(#SSM> zxN5)YOcK3Un`)F0j~5stXQe@3xWQ>{h;*Xxz~RItzd%C<3LF2K`QZ4^%m+RD|4DiL zv$ioXaQtWJgMpErk@^4A+E(qPtdzZ-KqF)4io|+z1LErHy4g3P9oX4v3H0v)@_$~v z?xp_nZF_rUZOU$+?qeTnDmR-lcAJAkdPM__RPy8~eHEBgJJ1L+$8(mOdh2_Xj$TU+;J5169K z0#ve?z*=f*a{4E2Lj|ILd6S(Tl_rmCr|~;D97Q#=HnjzAa{lpq)74c11Ol8vqBw?!T`*=@+ZrSwd8k2&imG-<@Dp3n+H4kmj{Li-~gP$jke0>^VqWj2UyQg z>rDF**&DPmd1WK?6zhzI$b{boPbowx@1umirD z;w6&4meTs6Jh$Bip9)=FhcLPXu>EN7V;KLKPD~> ze-yKEjHBT`)D0vuwlo3PGx-SJUK;-4^RD3^?Zp;;UY(NjjiYC5Zft%5NCTSQ!#uvu z;!^-B`*EdY`uY_9VH5wdMSS}oTbuNj@A6qM&%y7d=Z~tHJ-Vf(J8@<#;M-^bpqCW} zxgYgjE$-v*FxI+X70*xTnJ?@Tz)#@*F9^}G)zdr}q2?nzMH)uhk3I-Tc;J?QNd$o@ zGPGZM{Igi>PfO)`1`uwwKuaGy&94oyUru`Vx2{(O8UZrZW^cw!|9302ndL|A6yMQ% zCR<@rML|^s*mbYXVs9Y|pOUM}bKNh&3%>K%diu}mJ{^p{K9{Q>Iu8>$m0wPB_~T(c zLp@O2dRzBzsFyD=!|x-t>CqL01NfO2%Jk5e>-q2f_hZp39lb#dnM;Z9ba+H#eD(RL z*>~zbU2Aw`;bCZjZ|_TN!tdkPYaFou4L|bRF(_AJtw4%-`uWTs zi-_~TSl1Wjb%)pD0BidsjBZ5$<^{Rijt2Kh?6t0IvH43#M}0L#r-I+EK!Cvh*iGhEf`x3155OWjK-tR)@F}?jX5W)@L9Ec^4Zptd)JpLex`vZ17T>; z#9r1P80ifVzY-D~es`TZ6I>Z;#~HqrW#bS#lfTrqBRKKtho-&Tn4^gl%z2$_xAM*k zCu{3G*p6-HAU|Q^K0rYE9xh01HcN);Tg9rco3f5wZ$>cgpU_1qMKFY1ZhzvbxTOv( z(a<2|fv+_sLLY;Tu?N!(xbpZx4k>uC@O3juG1+IDOAsV`de1{NN>xnApRS|!SfaZK%#ply5|3+R^!`^ zZeZlwQ2mwA&9*ql@^!|o6C)dV67KF*hC2znO>8me^!op?Hjq`R#l&ETT*O_ zo+EaF$aTvnLa@+@utR<(KZ^0fekOyn%)&6!bPk=~SF_8zx$hdIF`!nMSECzx*%#4J z7N_rQ2Y8k-!WwQJK}Ldwsvs*)>QG_Xq^xq?MIbf96n1f)O2PIXMr*Mz5-NbnLxYud zxl)r#kFP5KUyR*DkRU;ufZ?`1?e1yYwr$(CZQHhO+qP}nHg^8QZtP(Xd&|04R8&?z z^?qi{x8ZlfRDq4damQue7?~Bq$!O)mrzdLOYHLlbgES1S-n^liU5sb!f)yts#222M7vty*)K^g!kX!|t1qGYhVu*TeAhXg zx=YCDiye5pM@VFFE}g@JZT)o_>R;TF34+IQ7f23@y7t# z(cV`aY2m`=?|Dn&T+x~eolh&Iv?m^;D?Hf(4QU63<({hLB(wMH>jBD)wM$5c0HQs_ zFs_m&=jfGgYZ4Pd_nv;zL|V~;Sk+_8KSEO#r_UkdnLn1L0_12MOdCZFQg2z1SHKSX z>rPa8)JBYwbK@*8)>N~!xQ36CP@=w43rR(iVlyG1O((az=Hn=dcSDOT8-rQCV>dbR z&>k}{XgWvs;7?(fh7YeCh=?pHr91rff9phQ>^ZJdI1dRZFtpGoVNPYpgDv0ZQe?fZ22ECi6qjUfmvo`T=v03=geAkG;dJwB zS7eTeSb!lroT?}fQ4ac`#oI$vz^5XS7ay)Kd4TXMemHHy{)w>Hy7GkKTIbN?ERDja zSMZc&H&Z?oWb>Yfcyt@_@zPDG187rdb>J3=8xZUP8PDbAi40bZ9Y!b-me??A}V4HiIEyrDx2ARQM2Ryo&2fYB8B0P|1*%N z;htv5#+PgUufcO)Hb9uz00xKae}Bn>7iF2E*Hz<`0nXh`SbtM7RIdp*jn+XZ8sA}0 z_Z{SQN|r=zE3~0Y!{_5FL~OT5G@(HiMdXzr!Y-dbuI#V<{Z^D5;RHX$ddK7Yataw? z`?>0dS_I5&dhJ0UwM*I;Oe|2u=lkFy)!SZla=)mNj4L%eF6LSrRLeTO{GH;y7Qa`_ zd)Ndb=J9MTY2vfV+DaS~jSDs16t{wg?}O!eeGa^tsZG>{_60a|4c$5{`tDQ#E*$rl z)M97#mgz1Enrvw}R^+C=R<7upOiFsLMiFsl?!0XsAhdqD`trJ9lyfbvc!BP+g}TLU zXhUgWEPbm4!v?i=X)-q6RO)P`h$2=o!GMAtNhHZ4lEyTboCB&sU@F2!{A^B>MNKej zrJX0uqWdf}Y#Z#x-CbRD*w)>R^>R3SFJ!+jqGm)B?YgXKvi9V~I~Q25N#WwYw=Ll` zF0`*vQd%(h-?J0!9u70g((t37l@q!uY8+E5BW9;*gQL9>j1WthDswVl>2M#XB_szS zb>)TFyUI+0o9b>jENTgZ^?mdG6kp7OxlxL2F2+JKW1xsifUUtRNOQtUQM-<0CA$M| zqybI@b&@@Zi7!y;6$rn&q?6i=Kf>)Auj|!GAyJSguBP?T-xCrw3wxVc)$ovj_v{ar zN+D>n&i41=P8_GrJV}lA4-3dC5&DDbK~ASq|I(-0&u|&?D!bNFj|ADu7tK-yA%#6e z&(S~JluKyO`emO(0KiEG2CX$fU^*Da&|6Q7)*dK*ibW6i1_lwq7f3 z9bD)*NAGk5BI>FcyeDjw2W_%9w)@swNa7gI)lOq^Q#Tr9Q;&d?b~^@rCFnP zDHm7EAm#eZa*TePLgX+Lo-A?MU2N7FTPNGg7opbpZ0t^=DhGsrv=EHG}b z=-7*Dy*vmH7D)`z62+x2wO^eZkKAyog0=bl4mXE$omo>vWSg;{U%$Xi3cw=na;}qX zyx=gkS6VpJ@eDx~O5r#j2+`%CRaPZ?1X`2NPotd1ejc?@yaKNbG9onE(0QutEOkU} z2OYbo9S0%{wiR$tVxUC6@VKv7Lb}O@(*@1EeV8PW8Z>kwwL)y&=W^vKkB8_o6M<$6 z6g?xi5}~Byhc*N)Zme5$#w)(p;P!;wYkjg0wQyl<5xaswpUXohMKh^0Ac7YoT3tnivY>vTYzd3v z<-I(=S7I!cKic@Zy%hXD{uD0C{}LY+xPG|*aHag^J1XlxkA@`*may=A^agt9M%9>$ znYK!-i2puO8b9Ytm>Ha_>;5QMNFxskteUkF6s<5ZR8dN2j(yD*Yor9pQOOd5Cp`;; zaO04LV>T+&7A|Bhh*_HB+F!In?&#J3p3ARfd@NfyAmu07_CKEk#yeVSH1}NJe&~PRi1$ z!>d$73Vne&<`aA~pz=R}ckP03Wn}6N^;1n-H@m?ShaO_h6@ACQYpEMh7DdGyG0#3t z2vGzn3AI_ImDs0}k%l?J8^#cF{RQERD~x+QPl*#asW%Y>+KZao-pw<__^}%~dggSR z{!?@2DRD2QWqnn_1)T(?8z$X8kfGjL=ui9;#r)CXh9=Lb?4tc-l?&2s%3Xz!O_`0k zKEB??c8+yYEL1?nf&#EkF}oiCsFITT#IB-(%wNg{d%s=9_$dnRkAZ%XmVMgBvqDC% z@7cs(Mo|DfJQ;Xf3Qh8~{5jc7gWk{9Amv^zoJ?Yd+at4jLdn)P$hI?0R#Rrj&r zjQm||s%K#c8kW^8kz`j;S#p|5in&Ic8&J0dinG~y=^0PyQjjW9T(+L~bPV1EGd(Zx zsKr9tcma{msDhu2qsljE`e`hfp>H|2p8eAb(I<4Cz74ChF}!P1!bzeLgdeM46r-)@ zR7cVz5gys*xA%7E>_?7)-!xqF+`bKS2N3NgKxBnjc{)STHq(&vZ8nzMs_||n*E*yi z8RHO)mhHIrsIsqJy)75vjQ8<9N}hmg8EL$5zo)3qriudLf^sJ@z>JSX%By2l@^0YQM< zyOh&XWcTCpb;WksFLFrfeoj3SfKIOU;R02##XEf7U|2BEqAX^e-qeS^H@CQwuo-0mw07!rH!uqu3POKnmrfo zDR+)(1eoWeV#qZm<(i?QD-MX3nmot)d%RuWzX=qr{;cVX`L>!93*XT6!{I)A>|#2I zmYeNf81KpTxf{}$i2a*iO(#;_(7Lw8f&4c~7K2ChdQUE#aY4UgUj89gCB*5dlaeJK zi3-_#0U08MDJIy-z}+Y?Lg*_ZAmD~PLk{Q26M4WP8oAl7`{)ciyj%O_!YtGbzyrB` z++{0sITi_{AedLcvz{W%;L3(d+~ocvmwo_=S)80mO-@AH6ad-QE5az;S(uT zibGA)Oy(M0myg^+?N-Ek!}L&pMw0?^HHV@J?AqD7db(91qoN3NF$~QwlKZTJeuZ=u zJBDnxcrEv}=^8-2nfID!;!1nc*6>YWHy%Z;!~*-2gob?L#eLzaE>-jCiomHa!_4=R zzBeOr>e=3F^eTjP;fAGq_w{gFN+6q*6>Y(kYjBqikO4i&TJI?jG*L;UWrRS2bibxHiuzl2k%|T;Sw3bRYJ+)y_d!6*wdR*WKxlvD#N3=B*LvTOKu*1=A zU_sP*^y|m-v~9Q;0|qGJmF4Gs#B8+hO!dv2E8vY_5D!GiEd?AW;}2~=?Zk1}*Cg5H z_nCx6ceUr{;uSC%5`;N;lW|1P+52{icTdEyNs$mM`kAcLT`{13FYQfT+svPXxQkxO zHiv3WX2T7;ZJM`l|Dd$7XdbR-5DN2t4?&8<95=XwYpsJ_B=1x~>Q1R!y*z2E2?S># zg$kz$A47h{T%{e}UCW4#uGpnNF8FF%@8MVj#ep0P?#9Ru?nmuVj#TkPvDFUnZRZC0 zM~W7QP+q~t)k*N#o5U`XH3X<_NmRH|&(01(pkyrch_t?lG(GGOF5TQ8fYc@Gz$D`9 z$=N=8`*quJ1M3a{Se6k19I-;oz45!Yh;+&AL)sbfnDwlfPiyZQzc}CswoFq^c$du$ zY2}tmy|(%2(kc?Ngy0m+!Ni=qi13PrgySkLWKj}vs@9c?M+k*ApI;JtyWtk%Ecv+V zu`MG4Sf^=gKB;7>O>!}BA+>Wds)l7o08IIu9?n^K;r{-xVeXo3ABW@e=yHpLz8p;pZ?%u*Za3mrKD8gkC%kwPDCtQ~mET z`(4}Mv6i9%))WhCweRnJ`Q$z6m|8G^MCV|w(3#b=-!1i=e^oOd)!j=fiL!wXy5qp?kcqdcCWlHt`LOCP(Giv!Q9gk@(Zc&h0c<6Yeee#bsgsDSW$)AQyspZ1Wfcx0&QpamZFXa8;WtH=SJ zQP;?Y6d4U*^+I{elqHZU`O&5IJ+vA1B8mXDbr%zzedWlGx{=Gm7?$#r0yXjFohqV} zQXB`29W_4bz;w;>{xjsPz6I=409p}jq2MEee7&<8B}seC_^xCLUh*!yeUZ^XLGQp* zB=YA$CTjvlI&Ff&8D{+E39t2v7^GIC*yN7ocp*tsqlk6v(qM%hY{xnTo4M!gQXry( zoe+HI;mv}x6oc*^&#|=RskwtOoUhKofjQwe8b=#^jDqTrEPCIzH{XpyOMA@H0k2ZK zY?AEL^`U`}@V5bei#ykz-A?e>t>_+rLf7F4wC!Y^Gq3sqeTAJZiZCaYR^ud67%u?J%p~ak;AX~>ykE%x?e zp}izUx00ueIO5b$K*1gYQ~|lzNcp7<-$7W-pOAZ*jK0wILW)H!+UbMHFI(NYOLyre z0UTZHzD^d)ft~pT^y<-1qA$ug=%2X(#tZ!`MFJ{wRH9eOCA0g2OfN9gmDnmvGvkGh zM(l`z=Sgy>DcniThE`j&Tw9J=l}F5N{pz6>vw8F`a;w@myWOE{RnG|54Y6>Bau8Pk zZIT-LMsb_4)EXMT)VX;GXX?uIdCCy_&4ZXBJMwr49+#zbu^cM7us~mzs34|Rbj}H> zz2YvzVr#&!tIPP~ig>I-hUsqEFY;=b{(U^;oGe3m7I3J+4D;r4Umjvh;XIgTpivo8 zuy7A^=m}Mcjq&_P1nWN;AGv0Pl1g^cN6freeL(Wl!##(ZDvh*8FR&t%+Njo-I)oD{ zVw%>Glrw=m@l!}j2}&)-y3k%V$(KJPY3KI(BSCm^M`IAOc%?qu(FDfuCdS~M0CN<4j{N;A*84I^0Ch9ju?5PQ)Ht2-*8?&cN|jkm9>$IvD+%cMv`mCb z4bUJ_DtC34K$9zs?M*QY6oj0Y zv)XqZUoPAPsoJc4y~0Y;qPBgQn;3;}ratX?i4CZ~oZcT6djh>_8 z$%+3TIy4wINm%F#8(ypjrBPq9LP(ggd1*bi?Gyh|)Z+PqB$gscfDL7s!nPf|PD~=K z^d;n;V2ke7LK85K&>?1P-)rc<$Hq7X!wgl9I-Ax9`IWcVl#e?3v%0co8Jt~f5W6m| z3)-CZp!{)&mo;^KkA!+12vpkKqC;)d6(ICsl zx%=cshRr3P2(LjohAC7o_4aRcd9yk&?bbxgl=Jh!q_-j8ErvEzv)VobLVyfXbsUhe z?o~q|Cy~UWqw&xN9=%|Aefmy67%RKgGWTY0y>Z8%KF>UUyP0|E4Xk=YzuOvNYv={ro|_=&M|#+YqbRh ze!e&=h0&Uxwc1cBO=3W}@2~2sj(}HDr(Ee3iLNnhjtBEFo>{h0_f}f`koL8AkBf^{ z>aK{xWFr(w<_)nG1x#p??ayf*EUfBUUNcXxEFVKply%$Ka!TckKD$%+J`$p} z)&P7hE2CgRw@R!v97$s$I69HXi#k5zpg&d1=@;>K?y}&7+Mr>1$lo458|h%7j76B! zdB-f+qQ}Dy3eD4dmqdQ5fU1TpjsSWN@m5}NLa-gCD%3@Jua>@A1`3CPXxcaiubM`5 z&t^{{*eKM7poe*I$oxwGUVe%A`REO#mHmWhb6L39hhKt*3yF^>&BNFq*cf8(F$AL0 zislvZq$09=HJzQA$Ds65n_Qyw?a{5u0pmjD`JbMX5nw{PzYLCvJe*=n+Xe75ReX)9 z?QsjM+$FbWyl?+W$Kj#5$sa+enpnHg9ltDNxO%(30~E$eziG3Didh!c`N>9)KSCkeGWbuX9wVPI#cSIU6q%TPVXzc@zvL(p$7uEgp-4c!$Qo>3NvQqHd=VG(lR3i1w>B^ipVfEJ!I~PZ#x^ znD%%n5Reu;hCOCI$KSn`g9Vx$x-*OZOc=-#I9^cG`jUXBM>b54Cu zKKW&Q{$s+wQ26mU%6URa z3^zr4Pah!qto+A)M-LkCiF;0SJXJSNUym67l!kTJ+2`yW29AsBP7KgK=gy2+Z`qPG3o!==sSo2dvexpL7bOV_dqbS+_LAt(+ zBNuAZ8`6jWLa`>7XS@9z#t8#`jui12CLcrnEB>x^01YjCa?drF={%aJ4f`qv2)y1K zlvA5Ua`cI zsYS%uDqAIuv9!Zj7H@;aI1HP+#2q<&{iArqo=MXE@Bhz1*R#EG3;v82mv5ZkY|$Z4 z5QvE>5y$`&9f?U*!Pd%L6wgm(DuX1D#2+E$1Xnj~lkUB~<1%MU};F4zN1Thn1MFqrn>D zLherHN+zBhfV&r<#>KmHNpjX2iT4Jy5*;_^^%VHgYmX?LUdsZRfe| zmnO$Lk=jhL?l{9~GnniWjk8RcEiIt zJGw8n!xvF^S`lcKvEMEkLSu)jsP>XeO*RQg%a#_v&&T+;R?zOUorInT@Mdffne1EQ zz@{nylbmR$`f>z;_wKjs*ovr|fgT5ECbhw6ac0UXL+`}L0BC_(pKBa%idUFxx2=qc$l zr!SRsHai(r=P5Rl8{TZad7N_;to(xp5=O&H4T?VjXV)$?H;d8B#ocQIfR)htglen$ z)w~bZFhMFPsE_^}QzjLPLXPc?bWvPP7YDhyUw*5yz$ zFR9QDmLL+mrcjkE7Bc5Wg}ITf1jEmCOL7oR)HOsVfC8p>^+2|sUkU(DutsUTZ1~#! zmDSN^EEL)i(CB@g;6toIyzLkRpQcjX4s3~NXE`6EkDWwvUf#4)$Ge*jd!=A@~X9$ z%url$dj(if4ya4tW6-8#j%X`cMXnRiv(r8pg*Ro|S;s*fw2Srx5Eg8vs0>SG9kCL~ z6KcaVt*n*%P0Nr_8CC1&~wPRKZnYCS}pYvr98WcBommFxe+M3*vVB-4qS*XTM zs;JB*7aY7V1R_=*D|FKJ-P30C4p#J)`j(3;^vWvw#SlABgK0+~)p}XcF$aW+frgri z=tlE{aSPxw*%Q`gL1xH*hB759xb?TK#Dc4)*sZO-7V9wP`)xN|#(S0bA05-ptLFP$ zL)pHVG~a|T`Mg{ObAIorZqV8J2-dY6dglNZlekLFf200(DD)g zmZ#$w+le#puJHq&;+1bG8GCCQDqq~)ua%@Hv5>~|RcGbp{=IzFVw9!dyvZG~XO2)m zRJUOWe_*rQAR+$a*!ZyWunVQan`sR)MIV#26B(KmGaKGJ##`|hi6UD5>qUXc!i4XE zJ|oeR!Y(gDh4mHYf@z2Md%71(!k<>BWRR<{7Q{UC9%X!xmY6-Yd^h}vx?z*xMATrn z|47~Dn1B8a5-)q_&axaCVph?II90c0GaA^WxvIm_P{}BB_|XUIdL}k~Qrt!QL*b6= znt6RD*kPPW+ha=8*MG}$D2BjeLAjCLltjgZip8L3(X=DDjb2}C2}gdTJ38QJf=A^0 zlt89e2qIxtWqj}*wJdw;r~+l1r_Yws;)HK$pe-sx}FLo>3@$mr7rLBTEE4x$z$7`M$QH4c0($=c9i zr5RhF|Bw5b)@bYez8-@d;{?!YqvERfPjB5fob%+O@WRVx%8Oe;Vlx|DbA;H5)UDn9 z2f)g+hb*QMZ(^ze_xs$G21y3(BhaApg#zZL7k53+?>fe9EGLB>XZZdL5>6chnVcEZ>xw0L?&kmK5Ew_w0h&oA+uU2xA0RTcqw*k0P7juMqw|Dh3xw zX15yOETi<^MX%Iy+2}27LlleEefC0-VTVb9cx8ioK=+T4Ezh4dVmrGhYHH4TV8X9C zikapScn$fw1yvKqs)XfF1M-|q{Z;x~5)`VtYH5qbv{xa|0iOVzV(C9NNy7Nwm8iYC z%01gGf400_QGChb=cyesC*27!>Aj@!QYu6S#van+1jZz8Oms$BZxEL#phUl6^;?d+ z6;%Y&ZrEv$q)X*2AIs;y$L;QC8IO4%l&GBhP)!4BfrEf!&aWzJRu0@LB5c9 zp`(u2ZM+AI)t$vGkb2qT^ESlXe&l8N^dDcmY2|los(wJoXsqtR{Qq7RfnFj>$m>iGVGCfgpTo=e7|gPPsc6I=6G-4+3Ek0 zs8NSo6b7n=<)$l01czs})8B(CF(y7v6o^4nsVB_X4u*TpeHDBpc>TZ(aG7Bg{PHhf z0o`b04Qoh~?Y&mGS91`(kRbdrjIvgM!dLAD%&*dQ-E8oN65&e6b5~-&|B(}Nk_XQ zO=^s&t^}s!OWQ~bdcxqvczj~&9|Do@=Ae|1NU0Ex|I}vVyYc27fimTzumbMTh+V*o zP$#f`II1V`=dY%7gy8+x)yw>sqaHZ@H%>Et&pdvV?4W1;mT7{y_LiMp2KtA+8Lli* z=@fnFLxUJry1b0upQt5Uvqr?i9fr5DXQNR34&3NuCkVyd6yE!E69aiaef!l|`?JvN z6so5BDH8F!!_QvA@`md=45sEgo+)FMN;x6c-nT34dyj{9f}%)n4_bQhUb)UEjcyC{ zueXhBj^g^Y`XOOV{LVX>E3w)Dsje`2yrNy!7*z&yO3eb&4?^N9;lvV)6*2@$)X-3% zIKPQaZ?_CLrCCMZwsJpo)Z6iFVNzxRwFpMWG|`Oxm)o+`6lOrWK5_s!PfOgos3yZt zyWdh{7N_Du!h73u&suV`l!K~N$D#pkuW5SlyVZKr_)JmBSji|56^QpDL!o0~ja>-o zux&dTZz-yN00K@Bg(;TcL2qYIh~ z60pzTP*PfpP{)PIds&uuN{;1RdttXS?{=Zjb4^&6upJBbnev{DMj`SCzCd>hv}-W1 z&|a25YeY=DVyv5D<%zhxIg9`&h*u9qBMYo%po#I-%ZV`P+<5r)2|MzV#z*~!eEfN? zVxUdpXxENozJ!Ec7k+lb`$;RluC#XLdJ))GGSLT9Z_P)|gW(=6sz^9MCa0PlVKG%X zwTP3KHklvA<6ixPwQH%?GG8?8{x0{`+){0pyOX~~QaPm7SbxdRGvCOHOv{egl^*fwPA^+_!y3?~gRDDZwqwDM; zo`xm0R1}=)1qXHyhuSHee~`{NcR?6zY3T=4%+Mb29wJ*VXfgM4+jQ#&1d-_6y1xq( zoC9y$xCxcppdlC>X)~-i?gk0oeNAppzW*=;{9Zk`eEJmU#3G zEKH35Uvb}RtfZygNF4=|x*;Sggh zAa{UveTs5nYyhy?RD3N3Au@b8ejIZkcu-7WbqzpjZSC#*KnTgf{f63Z|c1K@ecUqqqOyNW zp5R~j|LrL-G}btPvixjhd<`)G0ZC9}TvkGEaO-);uCS?o;`gu2^eta@q0Ru|_!tGj z|5)Y~9)eGUzwTaqx#sx&5_$@9a$3In+64aGf6&6B%Ea(lDvG$FuEeH|$l%sbQ(5h& z|G-5iRg**X4SdmdhBt2e8qn~C`a%hPyPBBs2%%^ASygWXlJF_Ik+{b#ii!a||7xdV z{Jv&<_0ApqCWHOfHog8-LlU_G*T(psw8f4tD#xDuMq{4Y#O#_yMtl%zxjMjYQ5A|;hpuWv7`$9qK>FJyNuu2VY4XjPP*uJy>fCBQO9`};} znl15mq!aa)Q&9R8e&)Jd^5*RFnDmJcZ{G-R`5qB~GrZRh>f-3@$6@s)`Ugj2_4SQR zLGFF1b#7&0@B9jm`MRn7d{UX79qH|Z&HapJrXS~C{T{yVl5YDJA~rIErGNd!G$s|) zOpIm!q#e{XUaCYs`BV<<@KzjTX{UtI@d06Ek$UKA?wG~h?7op$yn%hyQ&)5@1(TA=jtC&{uhb@c0QE4?Rl9Dg0e z>unT#q5siAi(L0#00>c0wDS^3cXRU8 z+b`L9gS{9(j+}ZHbmGJMPz3!pOn#SKqz0bVFo#wFL~2Y8UdHc%kv4|S8ylueC&d*8 z|Bgu`L5J>^U<|gxYw$bye96b_&SHX74vE#>Sb8UnoZD`5bJMeF^4qA|CEAiXqr&D* z#*F#wP+wo)sP_c}Dd|DGFwe=7;o)9cNNRbBzKqQzZYj&4jl7x2bEVR zS+tM`Ng-dTfOz|4og@^i1(8HZ|LKCqm-g20yz*9v-0EP`opR->tJ?fGg0~U1`zlp= zE_2v^G$A38TEkFpc^8Ffk|7&SOyYLp@6H{BJIza1X?X_m?UmBGkypECr6Ikx8_@T8 z!;VQ%ry#3JXUMr$gboI6Ry8WFV)YrUFR|%Vkr1^v_Fv`im9eakr9tcTPf@&y^oBJE zVKf2!#nu&*Wp=V#7ZEEO49)lz=TZmRC+G5wbLB(<0g0&^GB>IX%U=5%2O}*Zcfwbz z-?kiq1$NP1*tdGu{HwZdy1+d!;%zQLinZkErx&S|8ip9KMVr@jYmWd1#;XTd6ivxr z3x|EpswB^(3>eSoH-IrkMYQr1FON~!X1yV=3sz$?ja=B7T=;_z?H65A9-5v#KH+u) z_o#H4H4r9b(S;(5ERsl0CM~;rUtIY8vea}>%C%-Bfx2qsNK9KP6f|4JDaRx z5h~Y7(Qjz$Oz2V~5Pue+C{(f=Z%T}?m$mT}{i^*FxqSDVfBSJ*pZLTDO(ozy5(6Pu zUywz&Jd4OmoRTBiv!f@4z=&qZ^ZiIXf1NcuLXGxD$)UADH5Q?66tf`XP_1)5KH2Q~oqgdK1&FaWOkBWXS~aD- z_20~h&FsU;Y&4TKjKM``WE8w`(^6ly4T}p63z!EeCBG;qV?MxZ9bj-{BkoNX&#-}{ zb5HN{zDZY9$lsRt^>sP^oH5C1f_{E5;5nVrSa?=?d*%VR4rFN}`Ps`3h=_|aM0j!9 zD->p1FkVsZAEO?WOrys%$Yoh$(NLL@dzruW`b9XCT=YMbeJVL36aarOQpDF}9~!#! zJLs)O;^2VJ6=YY@snH~=_Q4Y`Zhf_KQucsL$}-*f`;ml?E3|+|fGu{Qb%&v2lrR=++S;=(i;3 z;55f(YllXw<6EN&NBeIhxr^kuqQPYj1pK_%&g78zBI^{s6IBvV1(sYX=p0j(8$SiL z6Y*D1={Y%dgJ5?E&5T0I6 z@h*JgJNCyQ>Kbja{qP{N#?k^3ULeyPv$58k>FML*^hsFhj2p3QJJ?r`C%!|#1-32i z$7QTEj+%rrG5=xMBWkgW;EsQNo;9wn*_-m?W`be~4{&U@&f2`>rz+GKFGnuB;IBXfTHVEfupH1(@*p^sgsFLUAig zOCMGUITh;<7u?|!nl7CC{j5@Td%aLtthNIWrBjfpR;{JVsvs>^y3eqiJ5anAML7^* z6aSiPy$OdsQ}d1%Pkf`$24m*qZO=#Ni+`w_9MkIQP~}uyc&W;$RQKzu1z9d|-WF;~ z>?8_LhkIMH2>;wOaJrRA?hMn{d!Z!Z%9^vF5pJoA8sAK@S)Gr zHb^2h%;OibV>_p0r5?PytKJaOoiJqNAoOfdQlVtOkMpFU`}zl4g+o>qw6im_M8UH( ziW8ye;m;AD1YX`2;#u608I781w^z+zA3zcYGOO@Ui2Rmcwh-YkFr2)zt+5-mUEWPr zI>*8|oo2^U+A`p+>M|gx`m_o*{Cm)1F(Usp6poXW(-eSG!1ri{%4KY) zh`r7n?ckPBq{O&uN>w|yJoU2n%tFw_RWLwZ9BP<;!|cDwAAFWZay3G~S1KlzNR$OH zRLA3>Vzc71qWVSs$QRdbEQyxGg-vmB9hGTVci=$JD8LUiQ2~->dKz}08mHod&FIYt z1?JWBYptL(5Tz^GR@l%9CM!B-KKTG0MPerqH|<334#9Rl)$s5E zhgSEu!bRFJpQZ;dczK(pW>4&*?_sH1pd0!leGw8eTz!T{0dz!s@N4!jtE%S5ofvqm z4$|L%#0a*`e$ia1&Y9b=zu1>;Af*Dc(oP^bXJ$}UpneW45u)v?{oHJ235=E8MaiOd z4F=&7@aXBQRILiCDo72g1uebe;fR^uCs!!FG%r2e*2O4l6!MKO#oi?u%ts{t_7de- zOk?HGcn#Y-CzjCxmmvrnsYYiMs~7&2SbpeVm=XWNADv}}w#QpnMZ(k0sSy!~!lgke zovi{Vv{_n<@u`VPiISetAo8QTv~Z!azi#~Z*^jZ{Obe_hTsS}erPF`k^??{&xvBwZ zz@|HDRqWGpq=gX{Cq8zpJ6JyddXQ1=c4Dr+6{TIWs2o*$7k? zKu2cpQRd>oCn4&=N} zMoKn1cq*^jVa1p!JZ%#PZT9%s$^ZrI9!>7FNAOR`U6z94FS@$jsRkhnPT&wVy0DIy z!&&g=n2m+}InROvq>+-6`3tSqQlMgh zw$nlZ+d8BbN4qi9YA)>FIiylq8lM?V*zYi}C|e{qbU-M+Taq&GuG~W44PRLVYJc&1^-29tJ>^^K4oBsX7V6%N4;kOkaj#P{A-p6A38x#ex zmVdW$PrtI?@KT-*V=e85iXpPl>(q3dbr-(!Tqp)=l&jQanTRn2Dck(WQVg~ z!k>o45;<|2X2mMLIl%#}+vFAe9hm+(dq~#ivTg57U-evzL^v0~t9!d=S((fwJFk~; z66~zwKB#KN#RJRgC-;<)iGLqc@d{98{Jl0dT3fk{^ZR$%rxWWafq1-RhxlRTi zBZ;szoXmMw=OLkTCqWm`DQ4v}5~}ORUAM#71a{98 zk)o6i#Z-1#;F@t%mk&}Qy?3E)MNtU8^C{>2+g=w^|nfX6SBP0<#L#fciIe2#WY`G7S zU_(x#6JKZ{IH^|9B?K!h%-F*&RppG{!|K6={lLwkLtlk{vYa@~4e4rwbh^)LsZrtH zJ7&f+El`Ft4~IDXWD&1C9K+}0`s$yMuW`kmdl6i>Q|>&bW6jzGS_SH>w7gCy$ZY=& z$^6)r1{N-GVD(|?syDs)u8ZP>$D%`U<#B=OIEjfzO7dBkkX`?xKW>d`3qtnxWyo5F zTo)`APa{J#2DkC#`e@o@u-`nl=*t#_`9#-V;m+d|GhPWtR$6ba_t-{cRf+iX>G29_ z{7U^7s%7A?wY4}At+ww9RK*Rr4If)@Qt#F3#jxsw@{zK`Lt#PXC3p`b2esXn-plPL z*tk-L*`Audiz>a(;vnraBM8t~SH|BG6N_A5skf6p#PVQ09~TR5UhG$Stz!o?D-0Xq z7QO{$PM(yEQO8F#5YQ@W0uM(}D57!NG=UXVNiEMC?(HF`oNx+FiXu=>ZIT`bN|koV zy@665J2LgJdY+1-3>W{4-X5OTpvX@rR+D%YCTF%x6z6-X9KG4B>dSl;CRNy^V!5f& z7ZZ19IfM=DqCUPps z*p)$pvmKF>3O0VX*O-%?S=nvq|D?@IgWF^3T!x@PghA0&L^k}Ryc&}f7Rj71D6rIq zDGboXL#g(TJ3U2bIC;Ko-2@e{W{PzEPMisUkiFJIn1_{6`8bQOMpyikD<&g#oz2Bj zEebUivB$7#VuP*&*x@O5;(8ew-P&NYIl|0}d@7Z8#~ed!za-lse|Oee!ci+bc*hXj zSl^o?bMFc|xU%ZK9Va%GzlW4y6p}U>3~EElT^LEEHgF~<^Ou_l+q2>1zZizu?Z>T7 z?VIF1pi4jS*Sb)noox&Wv66310jChN{jhJE9Er3iobAqIKD7|`kOSg z=Y)oP`Bg{!gXyV{H|~vQ%w5GLHEq57H5k*Y=n*Xg7Q+#T%~5?+WQIy9YrWZV9sX7R zS&~5F*LUAQtB99L$3xHYRV+^-c}bAy)($#>xRf>=cQ6N+>#J17c5TJ zOd>`!Ggtcz%?k%69J=ime&OMoY2y^hPUEFY`5NojH8orZm8L~?kd*h?(W?&yCi=P< z34zN9+wT0XO-kXRx#xTRsw@x(xKS(Fu-0=MOn}Ym>P@A@6SwSaZvkl1k^zl?BB~dd zx%-8du<^>}=k7YJc-d7mSjqsy*~omY$3{Cm&Fh0POe$+7$gIE21yC|q-5S*wL2xBG zO+c^4yy&1(zKai4(ushT1pfV-+!&CgGH(g);Z<+GFYt+Z%C(AtBEm_}vkV>|LkKxI_~mEooex>-ACHk&oeRM2(mTyODmJUegFf`%rn*=gk1 z##LvoF|wwqu67_G5-*S?`e0cu@+jYhIxNI^p2TFy#aTl+WF_GmUzV7wh^ig&_S+-h z5yb6f6h{}C{FSWo(jf!JR(OZYbtJ(74y1WT?RaUE(x{}Rs1PZ=qDa85fMYe{@J`I` z!Qom<6r@>SM(&}{Yk`ksTkfiS#TP<3N1<9*yK#hqf{+$Zj4G-)wus=SO+z7KvgdM3 zciYT*1I<4Qvzut}?}n#GuF?`S@q5BU_U`f*n-M@S<4#5&$e>{CJ*(O!yf}JbEjrCf zP~jH~ZAr+cu`M@?gs`*Ayn}C+@dxp-vI=7rw|38?W5D2K$msIy*~hAq2L9vBwh*Dy zuK}fhUmW^0fAm`u&mF7_feP@ z^mfa(GTT^?K+87D$NNH82TOnGx(c$w1k_8eW~3^qc6w(U%!v@2-Md?g;UmEmDRq68fZ!$643D?0?kD zoQ=eo&lDDRY=Tjf{)@45h|YzH+HC9_CvR-qwr$(CZQHhO+qtoA+}L*huLu8HJ?KFX z&$Mb#b=Eoi*#vF7A1dm~w)JPxVmFVEg>J{pSM-HAZfCmYU1c^EuBbHyM%nz8 zhi@K_Qv7|5M1%Oo*0(6g-RKGs1(W2&-sVvkNPce2)aL1O2{ z6OC*Ef_D>I=r0?;o$8hh)GO%GoKDanFF})Q&qry?OK08P=k3Bzkz^oe-jq*XcQ%I* z3wf%ht~bN$)g9v+={?%g))brAN*vVe?qeL>5(Sb$iUZjyBZ+X;iZQI}FifAW_Gh5$ zqVD|wYjFRM1F@0%-BRcm4M{>PL<1C?O3I~R=1=R*P7)UpxGK>dBc14iJq+~PRJu4} z+Xm%bezQ0XW~^_uXtiNNzox?_=W`Zd=FG#jB)%TAr?QbZv=m<~t`W zEWBbq+;c_Q4SEf_bZI(~9!6Rm5uNvb9*EGj2lxk@MuC!;_ASi&L^3zA{#~UNHtDp- zdw-0BW--{653l`#gVnk5Pb}kyRsePB{@$F%tzprRpLfhq2aKtu6g1&8OdaNJAX`Gg zK7bC`yZ(=j{c(PFU2zl%^=2PPMccw&tI2qQ2$V)6Urde!NBoZ|_+Y$uAaRK!&y) zJy)w}>G(D&gXwX&zgv*L=JFiNQdV2sMjkJQ?{@npSw?}haz4j>NyvcD`+E#f6s7<5 zcKry=R;AXyhlucXqJa=7C%w6ZrOPX>?lK1+y4>ROz>E2%G^W5B$Es?>t^Fs>@=|u{=l9xh zrg$kP3>6;y@)S2LE;rq>8_EMOGo)SMiCkMqW~;Uugah&Vu|vu#1vW%emZHQ>WxY;Z zFnm7t8HDqj(HBxz>y{+G{~`O*T!7`L{LNjFS^jKuEMcU7`h%TBcd&G@ve*>FLs_mrW{s%lB9@7Ily~k=~`~ov3Y|gaWrG z##*-V`%`T=FiQ%{d^zeQS{8QlJu%-E;ic77LFH!UrOnbb9p;J(K%0Jm$ROB%WN{tz z9}h&%X4v)YpwhP_Jnw@( zH!~)hk&p|FI$AvGXz;*<7I@s-l+=G;;o!-AWdGr8m%QN&iS7TD3xzO#8k#gQf+Fk) z#(EyhdWLRJoU22@k_qXDw)#wEp)vuA>Yv*Q_xJ9TdFz%1jnW7+eD z;B%6BIQKGaoRk{`aYNBmnGot}_@^z_!WkawfllA^JHp|L9}G(WxV`aAox~Y)8Hw-wn+`z~OB=?IgDiU*e9&2!YYF)so`tcH zjC1qZX0`SdxRaZ5Nq8WrkWiFd2;S>H^aNC6O7Wh2EdNbBGdgJA9!@Yow;;~e`0Rdb zLVED;t#vxxH_ZPN;>g2F!nW_{3tr_rxa71>!Vy*0x zk}1!~BH)V2wO3f^@k`a=aUI)a!<%gSlEc)saJII=XW7&PO&Xc*>4b`$vKMiaQSFqD z4ir%B2WQ`6>0DVl+~q1DbJ-Dl(vHmATS6><*ygR-9uT_=rM6W90Urffx#Nl@yw0-2 z<*8^&iRyXcWIp-RuWq&hwVcNtQx-?oFK?L5D(=a4tr2FeaqEj$NsOx;Eq(ZYC5i@a zyV8nkLSPE|UGux)lJ0mZYmW6VBXA}S?q|90!<~Q)o{9xsWwCRUY7K~MbF$7f`IK-Z zdhNydR3mFFf^={(b7}qb z-vyz4*n=}C75I$$kF#9#OoA0KH0lYyj)th_=E6~kQVbT8m?_GSIo)V@@SK@9bsN6= z4O2LWAzaZvs5y?+!nv^!bKW)PwKbH*^`Yk*`*kpL)(IC~)*OfBO;0V^R4pl5@Hz#=t9jE1(bCq^k_}caDwY3DX8zDh$WWrd- zWsvSZLx7hcv3TBj)w_9z933T+A*c&Yl>a+^XqQW=77;)AvpSCcxr&&t(zQ6e&6;EHPcjat2r|kJpw*Dl=;7gcxVRR=K}dtYw%2(3_IuA3AII1@ z^;UEw>aXBnB(yfKCLzTssfp-zZQ%?+msB>P#5}R;#o$xlCdS^mWrh5eF~$NLBPW8Tv-gQa~22DHW!llI4T^+iqlXbpCSimDADYFX1(Wb^isJ4aTWGuXTPD{uC zBD3M2yDtCb*VQ&}SRsVRz*($1T$WK-%z2Fvn9k{QEsa|^MZONcgvFDH3R`t{=gMJ0 zdLr4qaI`G3wsvpFK$G_sGEG}PQZXXBL847AsbbaUJiGJnt=Q&=wX?fF*fpO21J1Bx z7NPnM>F*cU#T(+2n4(Z|2FEpJ^-!tz@Blm3kS%V9NEMNNrPl$&Wj1QB&(4(>x&Tp^ z4(sxwkeRzXEs$sCmK9nKaI*w&Wz^j=zKaHnpLHWg>V^Bu{vUGGySF*{XL=@tpA%xki%D%L$c=)U9Q5vXSLddO^Kb7bw?vp?UyA@eCx8w zId_6^0}7a|Ll$?K>^xmG?lPU%mo2D5lD=G>v3HD*C@}ieS(&G1v?5XAkE3BZ>oT2d zxT7StYRF$`86zU%!sAL3{@E@nd{xr{d!$dphR70V6l-KeTL!$)h}?p4YS!ZLwoFg{ zQ%jyWClbAqoh}tqta6Z>1Cb?hg$9-6=dp#4X9+MUXB52 zfd|?zUoA8kD;U=>E}lH-w2tgT^vWM=0K^7x%QLz5#zp> z-;W&&llh+tdnz=>b_`yUq!9>`mwGa0q~OBZ=^6Pw#xA37r94hcKVPn6Fd5Bn1RLs2 zlq@(Krp^_UV)+x48%3~VkjAlVwsBY~XT44T_+}T+<^9d&3$Y$V9F$!*oSmHq0S1Td zybX^^-&r~-`I`YJXVx|Ms=enb6{8iI=M&?~*LkP%%asA0i1XQrgpLU~cFlZfw_>6B>mLV|+%|^m}v|uU8PHq0YA|=}&s%_PkhiGV`1y2xK zR`9ih2jF|+zVvV?mz19J-!#|xb-@4^=$d2Om+~+Z6+GB6Y(3tIDH3(CC=>jda1ON4 z=wZeLL}AbDZ>%OS3xNp?l6=iSokK?F_I|09`!)Re5OAUXg8-Z|B-FxU0B%}R;%?ZZ zPaScrw$kH1tdx8=-?G5iqb@YWhm^C$^bSekU~4H6f8CLbj&7CQN7Hjl3-kAjWy4X{P31SYSsl=r z#8I@mS8hFqKjLA-&T2ijBa5XA_*Y_S#x7!jv`1z^8k+z)9$EPQTz-C*~s zyJO$gGxY-b6}+40s^SYQO6~DBcnPfX?F-h62!^AkNCJ@XE9(co*o8qMug-<~hN^n@7Tu&_=*A2{a6F{EQx?`L62Ug~) z+{4BxYQ0yPLt;dno+bdyT5*Mak5O#z{-b-qSM(Tsd+mLP55QkvLzD z@3iIYfPOH-d+ObIxk{jXFKoqz~az8_V_z zRXhpT^i)Qx)G0pYiJA4$ZUW7F^H^<_J(PE?U`be^P!d*f?3k2rNzGO$!W@a3rA%M* zL|8$|7^04w5cj^w_h*K7h^0xfmw2g%$B%4z(-qSt%E;UgVpjpz8`!6N?pQY_D5qf! z(Fc5`u(v@zDR)fLvtfgZ(G4SNrPVJ7IE?3W!-mtz;vGph7sR@h)hbQ6u`ka}M{hA! zzto(q53L)#4!Rvx+NkYd=LsE_ky<}g0d?W$O+5*W@*axFVFT>&8A(~~BBwWJdH+wn zyCbgz%PoBnyrsrf1=Q&U*Rq|%z{IT_Du%*__(xAm7FVL?BUabhGLv6p;D#!5{?aff zJu_2AGyzXR+9x&HGwGiszbktpriJGP%4EX{BoiN{^CG&-$w=LeKX6?2IJX-Mu&#t- z(80`2VuP+{P|z!;MMu{Dq(!#aUv_=6x|EELiX2MokahaNoQm-9)_PQwJT^&j;{Bmv z_TzD4uSrcjXd;6Ldd{xA8*`~LXY-3tc^SVn#bvE-c(axDSYVr!AAyXx4!K#x$7n)) zTXDf1Jr%W7>{o0d9G&3S2ac-F1Poi{MCw?;M&l?hVd;fPkmw>JBJJlk{=lB&Y(9cr z4(`eoS9;_KYF41`)cE# zn)l|j*bJU$mm$t*!epQ#MF%C~k9OyCWR3qG7UHT8{7?!*GxHn~kayeD@>rb}d%R#U zD#5YQ%7P_taAUGLlncY|8d=Uet)@hHaUy1nUaBakeF1a9OjS}nN!Fke zzak6^eS%O@_Qp!yAZ^-^+9XlL$ZRY`u6m=BoH%{=tb06Furu1V`^Z?!GMaWC>qQ7; z%pp6ipjq)Z47hp%Pq~;F$r!u(zCxO$IDU8Ke5yLg3e85Wi`l{=W_HOu3*11v#$0A< zLLy6@aM3rj$TM5sW0G_CkTgf;ER$Q_g$bFPqDA!JD(jrk8PdlIL{fbLL8t?8nF;H4Z(Wu7V>l+V$_iC+R#MF zdO=fIJ>pIn8OxOiTu&Vw`<%%n1;`k{?qTM}yjl%wMv+O3Ta?3t;ypr?eqkNTQ!F#Y z{eOqlyToNogpTz}q-ag>Mi_^u)z6(2hXGr!3m3GdSfe(kCjv(CNueaH9Ab0xENSp` zd~eM~E16zdCs;b1#5LYJTlUpJbeA~nrc(H8yVz<)zQE(>Q>9jbixp+9dM!(VPVG#7 zvwQbZxu+KjP_$E^F09ZiuDMfWwjm2dSvnF^gl4b}Al*J)eG|ec7h-h9S;u$8#7xuM zlhxTi&cLNrPqFN+tmqzie5Thm_RZ-5G(@r898Zb(n9+CWr)u1;$jv&CdBTmZ^j9BW)-ks; zI`%%;pzN(FI*6C7>QLrJMUXzZbk&gT@WW#b(vZ9M5@}>wGuxAFKFE`~SW3Re0dJzgO$S7v%@w zmQgT#=tqWD;}Lv)F-Zi>%0+a!Er`}#PQgmWQD5`twZiCBN5c^8Bfj{g^ONrqK0di-oMA9MKnqd^H z;L(QYfovE4)C%?|KJ!^FuE6rXeSaEX{9D z|9T;tY|Midz8+E!tl1=v<;=^LB(uH`q0R1-)h7Wb+q-?)5+l0bA_ax+LM0k|PF}=h zhEZJZ1-ciyn+($B!S93~5@T0VNMAa$l8H}h)SA$S;5(!JdbLYXq9Qk~OCjFLI+HtT zv~PPA6I|D}yKHYo`G$2*gUgolVa9t=8z|0xBjkMSp;?YpSc8gY*gn3e8Sg4gkdkZvre!af1U(c7=;}FpxiCE>>?j43%+TqphcYa`Cnj9}} zJKbpRBT!%RuMXqMe~2TMlkm9r`sxV%dS+F9CA^Nh%W$fdikf|gU>E^dk3(rDakPW; zmQe>^hdL}CK5Dm1n9x&jR)oU`}WC(d>`hWpO8@ zgYf%Fb)fk6iv|?6+|} z>uEFIEbGfUDv4AT9FZA3*+~+-fI0-an3-NcP-|~wc61e^LZ0C0_TryAz%fHuae+d! zTPyRg{*%7Y^v3r3$|f*{-PK3Bdb1O#53?IY0~4r5hG%A{C#S|wUFOEm)cjy3py1fX z_ICe|0+Tzdds{QaPw5D*%+A$JU|p46+@$m2hBG>#GfgGIy*3tw454S@*+p~lB_=!JV2~3b#+`qD$ zSNLsG=wrxct98E=00G;77Z-o0Mvg5EZGHg8E{z6YS=~$vU$QD77Gx&|zX*_Y4!>ua z9j(os=X*sx89&YT|1l&81#`bav^9ZdzcdrmGl`P87T3pSbi_aYvA;qNzhg8ry1+Qo zHPbxPH9*ef0iETQXiNM;Ri2z#zsV-=kT!5EkB^Qn4qzG>Tb&u7n%Wt^zJu=_7~R>R zI=MU3-#$P6Bfr~&jSWE4HL|+EWG89<<9GJA{)W!c{@4AO-CWw)vU-sia)Sm9n=IQ-ZU<$v=4J-k_=aPeiE1SzW0^jzD zXN=AazboT=fT>?)p5NeKf2lKmV~MVfjqhf^3x72DH|C<0+KNFqU>l#_nfHb$?9WrZxq_w;=GpV(@a7-W+c|#7r~hJZu4!w2$t>({EbU<0yN(Se0ai;Go6kD*LAQer9HVT1D}UbpiA}@5 z?!dd`BiRT5kGFy3_wEONipO;w7 z(B#uBJR0rqRuzfwI5(Z#$+GHrv17xzuQwaxV_OkDT1>GS5TyB1>5)5AoNI6=^d zO80fJ?Pcy-sXIKp$-Fi7YrFo1cnf@${cq!;#BwPxH~I@v+{-g834w2h5ow( zF-2KV_nbrh?kfIYjIuE0%$Wp$9Jb23X;;XvF@; zu{dk`oX^|K3h_W{5MK23fXKBd^e%q0TvW$%q}5}TmeUGtWx>)f32*2?0sQ9Q&eg$;bE-+PkL}t5nFG#n2KGXd8;;jQWrO0}!ar~% z7JK6B>1dC6!G{%3Npnuzc*SPrgJ(E~V5-z@z==F@gBvPiXSX+vcm{7lrC(7kX}rCA zPu|X!c=YYk@_y_g@hv)r1kmxzwu|iaS=zHjc!(AI05*%fK?3Gjt*mvWXZ~6Z70ed$ z`tMt@P9iF@H(Zy(_=tEcdO5GvTO_i5 z8*-4wQ_>6V8Ra%Jj@}j!m>S`%XS$96r8tsHurG zis14e8{N5*PkF@6p6X!MAi7>?+7fk*Fw>8aKI7N}PJ+u5We@S*D(w3gAMZuBJ3V$BIT-+0xs)9O-(v! z=^g~OzgpDLkWlKeN3UNL3+b+R(t$J-AYPzYPS*)(f4iwU-$G^@?9)W;`~QMnq3gW+ zs~ua7Gc0>?g1I`Phmyci=~R4pPUYq_){-R>4qUa7GPvbTG+<`gP&Mmv!z8}#e~R=I z2!ZDx54QPlKj*S3@!YWXmMt+8S$CR>==d>GkUynH8#)C2#aO_}FAzVAP6^U6Du1tAF)9U6f24kxm0;7Y&NVK>;7b&N1rc5A@9!7y3^%*^xz_? z1m>wTtwIBi>9+#b*?wMgpXs9r?O%y8q5IFm@wF*mPiS^T?siWEU1qLc>(!~cmof%B ztQ~_$GnDBcdop z&`kKn_~p%^WEsx0y1sM@!6l80?vOaj+ z=aJX{;>4p;q9`$COqnpqKrz{os-LSng+=#eijfYg%4|P;aI3qdCKZo#RyH=!>%SRa+0n@p;~nABSCghv6AbF{nJR7j@X zvik&joT))~t^6|@`OwsrX=?O6+Sr%N5(t!&zz~y*U*Q6q8|3MLxxq#(KY3oHj|?%Y z>31`|HAY7{A*=}1V>p{Jm0Y5`RG@1>x9A(3k%Pvh?yMvX50NwMayF_u@2r9F5o&g7 z?oAwr?uvF@$Bf@U7sF{eDLIdg3g4q2yl%ueiTejF^<|d7MlzXuC1{XyJ!VN-3bD-? z59c%$>=33UgHBhB`^$#ku>Un$o3>124s>!%SPQ?c54*Q1CQPOaOAnK<69^+R8_E(u zl*AQuHx(qLvBAdyuIIX{ObD$EoR>)bI12Z=e4ej>coPvhlw~C_zxtiGR*4A6TGPm1 zPxh8j3-f>i1ixL|j6zsCZF{`Hul*3iz^kB_NJ`L-US4VWr!QTUr-$q*2(1AW^wchL zbzIoS!)9+%6#TAwZIVb^~JXW5B@2{i;g) z1AH+AAQYO#OOww`VFU!tLWhpRvk2xXz@NhZ5Qb5lNG--F>LkQbq3C64ANI!mOe4bD z#`iL%T1?v&BQins{#BgHEHVc?)Qy<&(LujQb!*CLxI{Kkd5$|~Gtimf)s~U01IzMv zyuK_WI$6%ciP{uDpdabH;C8Oj6G`nK58_HDXUnp@$OZ*m68HL*WW5blj>?dpU*0^B zQS9q!1Qotqdw~k~c^jkF7=P)B4Bow7k;Y^nN=gplxh;)@-pO%vsuX-fzk;M0*0{l9 zenCvyIe`$$3R`rTZ@{KolsthPevj)-5@jCTuHeZv?l7p zlmgw2YbBMNE@7;>8SlN)SZT3JEa>8Xw9Vw3P)~pOcjW*HzyYx{xb*Su+v>Qpzh2Ed z6W&hPjAuh)oIw?ph+CBl4dI7emmfLV+<)J1;9m-Bbb=-5C!Kc(2Ub)Y<4W;{Q#)R=jD|CJn?Ia&-s=1U*`ub7AuYF2dkdg#Hr_R&lwn3`^1-V8w@Qh)!==^UY0$pOp41eM+TzDHH z)_IC#M`AW>6=?UN-ORQM0~!EuL8`1ep*1%K`(-Bf_q^)||BH zCe-8p*-Im=i^?IXQNudPiFL)Hvz|5B#W4&D0zQM|mL|$_(?oijoA2I1us!14Lb)J| zOemRboQENRAk^N_y4vti1E9$+p` z?(v!#*)KgMk}*WBts0kXi*5fI#hS6Utq|ncJ`3(5`N|Fp&ZF8`)8M*b37`Fp#g`r? z8MwnPp&0LoOP+7T_LYzOgs)v6=XpoR_ZAZQ#}P?Pj0@p=^L>jSD_lLOSZP|cBt@4h z5AFO{_HlcV$mb3B?PV`w?zCNq1rFMf`&eepi3m}w_X!s5&?tU!%JW?uf`>`FHpo(X z1LZxR5p%SBtQzz+uTD)GH7>>nHl>4UuogX#fnwVavEwHt*+q3w63t1|Ej+NqR(0KO z!`#-3-OYvP{Xf~?Dyh6_NT+S)H9@R*ux13+ah@@B{Kk|6IA&VRJ4`+yMxiVf#{p)Y z`o?g&6#y?&!QrKrK22UWmwGkIBqMCto{6POH|P!eA>m~D4AZ4g?k_g4j6Ov5ffW1K zTA>r=%D@5a-hv9GsD(;vUGupoPl!F~!6Rn}zgLY!(s?s3TZ#utOl3oagYlqgPzxIb zoh2{PE!u0t;41p`g^nG1B+EANMZYyIYJ{1y%tJ#$?arO_yjm4llHY~ERk$C`vrB5s z%ye@!ea>gY9@J$aGFL4M-b}~&3jK=BKORL(@*I3RVZrN5OJxXm%a)^9X`8^}5PEIq zn~vNte{(NfQ}}I(A6u`>5Iy-_$x{O-r3%+ToGGT}Urej)CU!!mC(_tqY-LipguM)C zXWC|_PU9xp1@~+(GCX$)2GTNiqB!bmOyT7~B%jgaRXZgbUTaJQ(lyPcum{(u z^o92gUr z30xH1gs0Xlpk~zwfm=E@WzWXPzFXGhk}7WfYc#uyuY3}&nMI=Kd!?O{x?o8Mtn?n2 z5=`!-bxT9MSe4P#z^;cmbR~q&z*7L@q>YNrKf5`S z-k1nL#`9I74FU<;outfO(x9#(_u$*2m7D|vaOmi{S?UVjQCnnOds;<2{kk%|Wn*g$ zN1zUJ3V)w}h##ILIs(Z^HTngw;vXi?e>Uj#^xdR)M`F6j=gujEu}?JRwSz(M?Egda z%X42-I?L{wb<>crHlBLCG4l}ZZjve~$+NsZec1>`|7}CHCL?6X*|5EFT%xnI8+y0EjQQfO1&)oElW;cwx|w*o}?0OnoX0Pt9zM zqM|cS#JmE*f3dfEbz-4Eob5#$IQkeYMVFGAu|nfBz%ZHPa{hW9i|W(nlcOHyz$5D% zu)1emgsWq0-$xDINj@je5Uj^l*V6>*L)fbf^3%x%K+4_T!7Hn}zwaErm0Wc#+4oR|ff-X0w`4TsUg%{MG%*iH7Z^h0b0+}2z$Q>g?61ed zu+j=^rL(yf_^EH0l}ef_S3*(faDWfz`e3(jNZF)qz{csrGt$FDrzLG0imIbiLBB-7 zl-~F~(5)mCQ|Ea>US}O+6`7^5kBK>jrUhBIFVA3JFV`wgVJhJ7zYe?XHalZm}UsfY)7vvelR;OzYlK6Ewo}&bGE* ze$2?&qeuI9W)1UZBupQOa4DVs*S0wRV0{fiS5C7?o5k@@fz97+==h?SP@9u>7OUf- zvpNhAx(m~e}US#)=v&+k=Gd;@D8jWkG3SME4U`pH^Us~RwHUq@O?)4!#ycH zybj7QQm)?P%4(KgND?nl{loc?1ScvCQo>e@axXX_s}7SG3iC&R{69<>?!Yovr5aJ{ zFS#FNoarTvvKn#a>9Bg*B#&a`L0PqJgHp;)7}ds@x*hry2dXuK-g>KIdOv^^(Bz%y z{}A{dN8lBo*ZnLnfV8wRGjNf_`yl~}m zclP`00Q2*$gy9Z1{xj~2^l`|*RppKL6ePz~)u3A^D89q$x(9A6lcKX>>N&`cgrFaK zk~teL!rJg2s{IS}b?`|_xK9zXC)N;LN|`PUmK-i?B{4hNS8hBm9*)w1m6cg6f}byh z{RX0fpZ{V8IxGpd2V+VouZ)!@` zGIjM=YKj1b{*_~KutXU6P8PfOSrSHju4KM)D+_Au_52bJXGbZG>2ft;vh3)n=PTSV zmbJk|`eX8hVMvmLGQRQ+OCu9V#YsYbdWlbtp6xX7cpSVKse!+msPn^$8jL$Vzf~t< z^3E14sFd^Z=a||Ve{a3@q72e((0F>fI8J{c&bLl}n(PZxt&&ChxalJeWR0K2Ypo~H`flJ2b1rDybC*)}Uv}AN9qS>U}40x?} zNbe+d@tSjBEX4^Og?$se$BR1kL-muya>`TIW5h^-;Pvv<*PF*AkBM2=bBQXO+TyZe zh&yBGIX?u~r+;UGx?Q{RCeg>Ag1)%`*MFSzpl9T(uJbrrvTU&>A>^RvCBP-Kbe>Ym zG$h*b*2nmGZE-ZgW9fMap|Z?^73Y5A#PgnG4W}z)>_I7L&LA9Q!3&N*@1XHWBj#g5 z#Rv+@pUq@gPX_;n3Xl*d7ze0 zRw;zI;O~Z#3nStkQL;uITHjbVRQ2OE9qv`%o5_&Bv|gA_anHyVQg)87h2jb8rMgHb zn>2G=4Ef{=iwyZ%NJe={UF$E5WPLh|*~3pD>Nxp<*IE-VbBPSBCfM}UYPw;XP~-(`KltGIwukH z3)Gf9Ag+OCR4Gu~I1}O9&)Pfnt}?KGd!=*4ogUe<)#w5jj=}G^f&p-Y`d*6 z&^-!ts3^aEWZuH_bRF$VI{=q0|0BInkcWgyla#ZxWXrYx)AgbBck}XOSVtml6IHs> zfOUc@#ZPH9EFJ!Dc>xPi4RrVUb{P4ZwYe4L*ANQCZg8wD>?0OLqq8GLnG^;=pvoQF zj)7Jv*iyU4l-ff%vtb0xX&oX!+nbb8f3^i3qb&y?%}<|*+q*l{=D~HQsEJfI^I9d= z2k^Jg8UE81^a0zS>8@+5dn=WWdyogyPwC=J0g=jhU+r8ia=qplb4Sp311vBvApFWf zler0Vc6zK|M>?lO6&7?lSxoVWT8v1ZxCTq*&nhaj`d#fQ!x-Zs*hj9^s)`LN2(sI? z;@4L2t>QHm$K>Q2RyL1tCb;Aa)xkb%A1yj~;I((Q`Udt%$+RjpJM?`mi%iAHc$g@k7@awibbA@wpCDF2-DKjcP=JSkpQX0QLL5G6Z=$={=#ffKb84@HHpO$oL4DKs(J_g zNxy7<&^5Ol$wC-S$ZbZ1WY6McOZs`0$2EbUZLM-+;o>^f}L;guX))gay9oM0o02gTT&9@a>ov6+UBd!tjugn}LhyE#j z?gF<{n55HI7{9R&?wcQuo!<}HwCA4pLnCsn(I)!NpKGjy1?ZW}@YV;PSn%XzPCv8EsQBXb{=`P>dim6{!zQ8{eq$V> zO&`cS-HTWjrrFU+`Mdpo_DCpzf8#T8AUIpC*6kv-$bK@0@VuWcCx90v!+pePi)j}! z#7;v+tKu%XKK@ju^J9tQjXRU-Ljm1|+;{!Y`h|}+B{!zP)H=Orz^vKvAeaW4WkJspwXmvx$s%T!Y*h{#v>q6^6Z5DDsbD zO-i2BC}#Qu^?P_%&N!zdQ?U6+cd5ePT^Zc zXO$1Ve>y;UMjlZ$WK%m+vvm6qY=vxX80Hoytx)S`ql!BYFU1;nVlQNG06|qYxjLeA zDRSeyf`usF@&vy$NI_2ac&v+kx9xx+bIdHUkWjiu!vYE;!E9h&S&h4IkHEqNj}j(? zJxPcyyD;H=qzWs7m$MFc()!Xe%ZGxEMB=hU)r9jume&@^^I8eGOWA_=EcCb0h{!N2 zaoZ%rR0<-lu@bfIGsgHJ$0IiZJo~L;%*ABIY)t&1*wg6a$3(CWb@>6lfw(=PdX^AL zVBO9(Y=}KjBbok36k@D9e4DbyPTsiB7>=P=$zP!_LVi3-9z<9@uPJmM!2UMXe*w%58EttG| z&?1=pS}}d2yh6E?0PzQ|5St_%4tg;q=R~C&lxe1k*FkatWmuokPuk?j1b!xg=xV%% z5uG`|G*}*YTD&B4TXUL8ua=i_l|+VUc*f|&bsL3Jv*%6Rz@tI8tjbEmx)3@R!6Aby z77Ub9?twarW#ec^k$k&sF>X*^*(mAjr?V~3u}xn@=trp(-MTNe1_8{e$QQH!zCp0Rrk!OH)h5MqU+f?UMxJw(ER;GpfI-l|{B72~(=7>ST$q^vAH= zDQ?p~X(EqZgkie+Yq7y7pre-bW+^_npe;h|WS862JU!ypqt*D$h?z%(1`2on`I4A* z@uFfxbI09D2$Z_loyjyQik2FwDD9o6TuI6pd)`=#1b(t2x`B3eM#2!s6ZqGRtC<}C zrdJPEXvPh+acTFKg8vhKqkH$;F!A`JVsq8{&B~3ZV_yfd@9q;~KHo9Vah1WGK%8OE zs2Sh5?AJ*HJvp5zw(%u*L%qto1N3rWg6#mwx=2hcTU_Em{gA1ejeAS*{O=Sm!>7k` z9PeX*F<0)@BO&ySx(!<6Y+_G@6Qq!Cmle|Law|+BDzU2HdLAV#1r_V(nw9sn97~xO z9!Aih7jcWcAyO`?$Y)!aHmPn&)lEKWo^j%Om9;juWI6g!N%Fx?KF`?BoQko=)A`Ti zHlFmWW!Hyj&QfttE9mJx%nkwbUG)H)OwwbE8vI|W>MAPad59X}cMKS0ZuqzGc-Zs0 zPZxBU$r-FS101brb+;RcII9mL?OyiR-(SSVFTB`5+Dki6kNKi(P-8YTY$+ z4xN?4>0``>G>pO} z^&`Em92LDClioe+$dW@>B3j7*nv)lx)>njVr#SgSZeb zEWsW+?m7v3<7n$7Z&>=bIQX~2e8-j1nLU4e_2hd?Z378a1z4wLG6P!gd=E>-{ENKtCNX(XxG#8}+~2x8fL4M&Fi2s``9N6;BIS95 zAi>5Y_g-CVg7Dvgx~UKQzWzKFq-cur^8X6%hgN6}9^HkS<%S%v!T6C1=Ej!y8#MQO5*YFv$EU&EL6Ai)` z$y?c9Nkh&htm7UeWH!0c$x)_a`c|(4&q^y$YT&No@FPe(5n8KZ3fX#!hiK@OG%t*> zXGnFFeZob*LB0ToY8&jrrv-e{#(^mF+*b~eE$d+gQf6=a^;2&)yjsFu$+264pd7=; z`;sYUt(&HIXSMBHC#^n-68$(2G*>*aSXSI8Q6K0siMc%8`?s(rg2Et@2#x-*qYI-S ziPc3@mRo8=12AEi@!?_?^=)5BTn1Z9r;7-Dpd)P5x~4k~CsxgBZ&I$f2iMnF7VT5$ z&SRe{lO#FaXQtBH*+w8Teax`;TwjXh`mG~nH#fMir}-;nuM?*dJ-5pgti67ZvY5JR zk9EeF+29ny zYS-2+uC$JH0|G=b{zk_EpvrdFPGq>IN^9G9k0K0BP!ekq9Qnkz^rcBy=3aVbxJei$ zDLSOSmv;>-;O0bYMnF;ZE}q4OZ|884PwZF*AmdcAs_kwyFp84kWPA86bsf9rp3qKD z=rR;rwFKa#Vf;&X1GLWGQeV#HJ&D!{?S-@|;RuEyFnm{*nb1$5J5EoPs~Hz2+tn8h z7$(5lI&%;Gx)7BiOzF19ka8`l!xa}A80E1&5Ci{;4B||z?LE$tudE>?&es12O+d20(u~VBpIRKe zA;bm8TKt#Row*o%e`o3pBPkIOKf;qFX|&pCrYS3KC=CV8$hD+}VEo6j`c9Vn2hpRA zrnW9f)#(R>AJ&z?Z(k^G6OSo6;~l{=k$l}N*v|B9aG+bN8JPv+U~$%GNJ$~6#I1~8k~A21@pHLokl*hmnIH%n`>qTHX5-NU5xYCNLn=d?d4<)>ggdc znUsg3nmzzuY~2JNk$l#^V}_Oa?_+P}h&Tt{lqs1y%CTy4X9W?VH^ygt@w1BkMxK^&mLn6kc!qdF z&>TPaLM2>nUg}DIm|pK)uc1L9Ya^OglmLd#;J#v4J|Y;zCmj52Zpf;TO#H@1Rh#sK zDJ)l{)UA-etDI}=CL>zM9kX5s+BictXxUt3kKL%b)>@F~U>5;;!{tHf!(wtAyQ&7qu7;WalSk?)ZUyLuAYZVpPvXDr5masZOxEZx;J4QR&xD{9CE$nQSn5)hm52gV536Sd=uUm}()jjqPsX zl;Sm7k7DvlPGmT5 zfZZtY7Y5u=3T)${u~mS8hl7?GI;#5!E6yRzb)-RhNS;o>bv`6$>&ceP%R3<-VUoB{ zB?@~$Ru1EDia$uFTDqYGd(x&)4%|&N)N0ZHZc2n3ludZ)O+^++r>U>D_RFK_#gZ9t`8Mh!;0P znmOz9t!#wObbDL=umQA%=p`<&cI6BFJu7UWzZ%^|MGe=UyII9@9)s;*El*;LPC3Y5 zj8&1@W(i~xd1!7}kgytklQhg?L7WkwL*fw07mD2xpdpG;H(BHv-mPqFf0Fa)ShGni zG*w(Xe8-EXqGSN{3F@4@CPrMI3Fh>OhP3afc3ZW5CBBZIcnoU(jvLO zLI>Zm3~;6@5tGn+vl5qP3Gb@SemMP5`1ZBqQ!pq~KNzB7RPL>XKw!fXF;LMGrLhoh zuv3mt21A!77~Ex+1^IcKxpa`f(O%dSX)C!h>^qJ0&eY^DAvgHz#)4(1R{XN)qYHCf zN^Vr`JXlDtzgvcVEu7q2V=6kRN+sqn`vWAvrd3HE?A@MRG@^EW8dGsmI+Y^pBjLw< zlwN;LER}rNQF=Xm#u}$$wRV5ZsGsZyy%WMSua^1Qc08dboTZp*k_uAw{FEf%_p)md zIe+tTS$VsnOnOK6;|jPo&u$gW&&Jkh8~JYC&0DI{c`tGSD4y(JF>WGi>cPUEep9Dg zRG32t-eTLCD=2Q(GWh<9Z}T?-8!TbH$S3I2cGa#dUjoLKsYWcf94XIR=ZoSZyNxTq zkvv+0ng_Qm^3c8)YvVro+uJxhv84{x<~>ljdj#%BkWgbo)wIeWD;}joBeg+-G}%_t zW%jU$tJ9ax9{Iu^9K%Nh@RjW$<#=?uu)BX``7+R&vc514k&5=OC67xl%uaup2V%Ii zc6_&pUMZkm%{lr&8Ww~dg{$nT-7jfvZ7UN};#(W!FAtQTSDVLxx^N(er$9}s`^mLc z)wZ)@@?1+TZ9x2?ag0r8ur#pYI1RoO1I+$W7{jDdD~|=JALQ+@%()30y524d`%|kN zJv^O??XEL}(~B(ydDuOX-XI;l4%cKj=U+?p*(x!9Ge^wPxi}Sc{0^Vwl@@9_zPue$ zWV*5ctsBV^Lmr_r8zuK?VM0*oNb#$f6f`nC=@}On16D^vp|pbyLl5hZC7EpBi#FI| zmwt&s0USQ@1N8D|D2?MR`TO~RC^jVv$-AuzN&`=Kr9q*fL>swA_Ujv}VcIM&;WwvDYczQ+_sBhGl^VaInlm4R|9 zr=oCOCSu*tn@$qjY2oEC)HU1rZl+6=h9g#WJT7zZA$T2BDP$iSQ2i(b+HU_%Hc$?YUGL z{8+(aNZ3{U&94x*327AS>2d0#lE^GEk7qk)8R`9&8%g8~f$fW4>T{A50UTwX^D=Eg zSu?)`uV<##+lHp)d4}Bi=3e2o;B4HQCvND+pWs@E5yKP7h1nXlj(OiNdq=$De$v!Of9I!R{V{)JP6`t&8(|)t|S&kNse!EgFi4&4wvj87#2auYC(Ns28PJo=Su zhIC_LveEqk{r8=EgLLJ`^%tM^e?|=@7POXx zkXnG%g`>}0mclS4#MnN~2t*P#s=*iB3IHf298e9RYNq$e5YJ~2A z*8tkO@G1;jn*Cc3^L7kM9~Mj?rr*c{T@fugow~BD0s}2ZqZ*i=Qk2Cn4QmRQI8q-4 z>c&%wyuY2~K;jfQt5_7)ZG$ou>Nkz8IxCI>PY0V64yI)41t2{MGOvxL# zYQZ#oxO+)OdY9##*htM#X5gksi)Bx5mqy{Qj${Y%w3AWhuu~>-kRG;o3W}7E5E0Ci zbbqWZ{W0QKs~4KD7AO6LsrvAR|y_f@OO`UT@ZZEUcRS!V{I&a2ApR;j}jr$SMwc zA4>RGc3w#vaod@I4{RX3+%R$P;O^V0w)eo78Xmt&&wOpDKlrT+-V?cT6oCNOP|?>Y zX$_{sNps#KlSP}0Z&J|OS~rYHP*4ngXtfLY$!JBmH%h5_ydO^@qq*}C;-JXW|IBh> z@+g}QkZNSS)o?2aJt)g|ohaf{F-?VKkkOki{ikGJyIXbgLE0!D9)i>RB>+*Orca_ml~BHwqN_mXRn`t$UEYDaNYE8yEzW(p2PFN zRE+JE-yDTvQ$RcqLxq$kH9ILrXzj1*!QUD3Z&R1fr5nuEDh1TpahwjKFqYO}%wR3U zYC0oWg$cQQSmsf0{FPg{r_K5Xt56*H?ddb0nLjLS`f>}X}lyEID1Gh zW8sdPLP_6pj)IbeBVRId`!sW%I$!wtJYw9BVCsacp*gFQEx+rzq;+*W;@_>L8Vztu z{t4zyx8h=&*m|<0Q8t2LNz(V>Vf48T65IuOY-lC_;v9(}g_y#(kNsHm68ZnqWrO9$DRJ{M_R`}YWJAh z%s7^=a`n`Vj9rNhdMYw9Q4CZ~{w*(bxB_?DUS>3}hEb|>EqH|%s!2t%I&u?fgnYCt zz~8N6q27~+yzqxdVxqaW_zzDB-yZ3~HRh)HkdD;WjX$DdzT#b@uv=daW)nN_CwvAG z>lMa@&nr=TcdCp#b(qs8VMuKoR6S06>dCxP*PG=PJ{z2*6u9;5OMJ9~NpViSF6a7( z+UV7_J>-1irvVWox=D7TIQL3)i{9}K469g>pzK)rOk{A$Nd_NriwCJda$OgV~xnHs(CO2|gcC*)TfD0Gw##vUAp$2a*kNZVAm zjT;W3e7P0<7xv#MO?Sz%5Df$d#28uKbv_CR4s(JcZx}H+ln_1?l1Z4&(O$k^ZnPzO z;AZQxKe^PjCG1o4u;xzhZxveP6@Q(I8c1WPn7mB4uf4?d9s{U^g6|_y5``+eWYLKR zvvLulH`pyOvfpwXTG}c(TF>5##0RF;TPB)Kv7bCqatquOQa%TM970I|Ho^gx(LHyO zP5{};ARhOI(}8b@l+AVmb{)AxiMiQ59`m!*>}5d`2oL9w1z(oRp2ib8O`?l!m%=^v zJ)_RuKNfH+Q0Nrw2Ix0RL!K^{J65`}34Gh6kTW>8nZ3N>m3_~r^FgjpOpDV zz&inK2btwI(y%<{OdO>?R7Sa^1j zMAyq6eKtjH^HiZemK*@sbE(dMM6u$XdW5`9z zJMo-b2G1N!PA+d=;QMGHI+TX`t|3tpdiMuuSDC<^BrmAQ?g|xrA_8?D5QN~&#yk}K zgjOGQ=1z-@Bs?$%&3;nfb!+q@sDxC(S`<8&OB5Oqj<1-Yszn;ZD2;FAm1aC#zr7s? z!D?IX#a8t}R+^(N5HTQ6T)ZVO_n8EV%l|P;xN@w6wnCur(4d#+wd**1CB}IklN%qG z-XIr}8tP$@7nr(17DiiEBCqnpQH-j0nufR!ltwLy;>&mHYusiFXwiq{oUqt)4z?9q ztz3owUc%`fNTPtaagf!13ug?B{9PC-#MgKHgZ}Zx5nE|_`&81Z8`7d-Z9aVSkIxRU zF;x%NysR}~PxdKbrt(c25us|BEhT=bM=-_PYt6xm^#|>;Wn*GH#QHAy1K_574a{u=)r;Kca;6wc`;o}4MJk2%kL8=oW>UX2)EG#|KIyWIguW#ZvnOj4XiMXo{**O{T%5Jqp9Y+4?MoqerSpJk3&Su z1A`m_+T_fQyX1P_29iyb6W^~~Jg3xoKxj!TfV>z6mujPC5Mt||WtDcl77vtRB;?T7 zhRy+~Qt?<(LFF_7c`Re2Rytez>4vCe4j;5;>~-IW7^k4)5crTr@43t>FeuEDKtEm} zBMH}A`PL}vep%lGcTo!^4SlSBlYgW54R_1D6IZZ%gXNH>qnz#ThPmcrv)+8Gyc`P%H&Ct%Ue}mW9RGqaG!bj!cBKAf&zadZcgJ{qj}$GBq%co= z=UP>2S~rIcA7_6-S+}Reqt<9zl1p52Gj3@nTCg0U<{x~g!|OF+m`Aj)Zd9&Q1#MJF zZ#aGh_u5ZzMX^r_sxqtCZ!#}jqq#(?TwH; z-42rl&$za>aR~c}rQz#UHiXj|2`LWhkKdfSpoF9zU?zAr7>WL3w+<#V%eC_JRQ#3C zpx&0ZljtynwmAhm=3(8MxFwcEYR={~e@fP3`v$C^Hz=#m(tTr9dbe$(;)D8e$X$&R zV&@)$ESu7gN&n=E+St+i_F*FB;=+WO!Fd0yg0`XoSM;qxTUqapT@lnhlmd?H#r{Mb zyd>b5R`6F%9ZsOBz62tT96KIYpZU|*$7_ZZ>ar&R+C=v{uNveZ4A$^gqbi` zu0N2MKis+1JTc@VES0NCqB@Vp-MX7?Hxn77DY?ABUm3q9n?>`9&q1K1+1Agrm@3>R z>28zC$V6raxH`&cB#1cd_wzbX5i+Vti^xLyTKV4A_q-?{?ldq@4z@IadChd5p2{n5 z*Sy4u{q7#|cl2~Bllw2PbMtjF6Z$n&lEn>b)r)_OY&!FK)R2)d6j&)y*8Izyq`D=0 zRo~pd9p*<%YFkk|aTYu3_af6i?*V}lG&`ikudoi;j^t1UMDHSxa})h5A!3mn!CZai zgCw(j_RG83tHMmRg>f7n=oo7O+HPWjUI~A)m=SE>Qa%P!HV&v!!Tcq8aELE}sc@#@ zp98*BHQ*g6M$27tNPl?y8mj8w5#>V@-oU5qUS*L9o>L?Vt6*DY0~UCPg;(#q5GvSn zDuoV6dD1h97W?Kr4*&^3_P;}n3S+<_9P3wWVlHfUU|Cr8?+;y(dbkngyK-w` zx(%fA++Q^KGXV3`Rk!SQ*yu~q%R>Nz*sj-aeE0KILt=F2W+33F|A;alK`nCI=N>8x z-e5msgTf9-Me690c~eP+p4lg9Kr;;Gl{+>ntqQ-DeLdLt$G#S;v{_y1N%yR^;(6Iz z;NR~E;wp+u=buW`R$h5eY|2sx>@BHA`#eUpT;oL#d5x(2!DB1hPaLtvS(%6@>2Y4P zj-y&sb5pGSKIoM{bKdq&L~>&VLKF7Mvl|nd+%vBwqLP(b?u4ki*@Dl`IgO@tu9&sx zVQS>)=CxUM2AwpIaJW!W?GjB!gz&GecBLJOjd@wGg%tnffx|K9_HoTPiZd|a?p|rC z)#;n_yn+#bl?t3LnaUO^oDT|ILuAHIzxf>|NtH{k$@dHGWoLfdQO$LU@I#6d5l<#K zS}_QzGeMB9vuKyGai`AJPBy8+ng<3H*-nbwr-w$yi7SeK2F4P-U!77@1e*1&-f+V6 z=x&n0v>-9xQeW-#u|fr7+d%68-!MD3&1Rrq`;N_%Z!*iR*LaT+A0ReXb<`4MejuHn zcU!a#ud$>~*w&t4Ywkn1j+7bIg5Jl4(4O(%>X1J(3z)k?Fy3E>Y*@a5R(^?V)^I%O zqR*MU?N&f;xbEu=f_E9VN~i8w7+!rK8Qz}#Y)7ekU{OH|Qnhj>*m2&#Tf|w^JLt~-Q8#@8z_5oHth;$lJ2=(j9%9`RTtvUR z*c^4uEF&(VvlZ@gH@Puq)cN}L7j9o>3^DS~ylsC)jk3?HezrX9=ztJujpPQ}5U({7 zcsla4_p#1E)*B5v&o06Us5_wUI1$5m{j`Q|v+UETzqQVFqCCj41>FaS2DE!r-#aZ@WdF(JYesB4u z2{9G^0x&X#-6~82v&+6cyxC++7+e_|*#iWn!*@^K=FTxp?)-&pP3UaviiTa3qUD|$ zyd#h4Nqe#YRQ;^mv?_RQ;vvEBy1nQ9i|ZunwjylD=aNn4z8Gcuex2-r%JaqLklU~g zDyO<{M+S~a1GEBx1c9E25Fn$8w3dTBoLb zXAX7?YT9cMHx?p{+(TTWy89O`{;I-k1cSsUJHGim8^A}*tHvUg2oQcXfIsEQ zEjFo!IFG&j-oczPH=2no`^NStGW9B5k3baV?U^w*n$NcRgDt+G+!Iv+X>kBPhF(ME zbX!+bwVJtF97`)x1YhDrnY<6c&@NXtgaWO=! zJ9_R2azV+WR1nnSS_creLsUse9qAHMVfYQi3NhoQNg4T+o21vCWE(KZ6y{{vLM1?Ep@E1|pEiI8~b|9Mt8^4J1 zOsI<^8Xchm3?T^ZTM+dO_PN2MIvGzyXDZh>)4o2*3xNiHHa7&pU4mXA3pnDUT5~31C)oS0R?5=KdEBFbWbF?K&xca8 z!>Lb1-38VISmT##{7vPvJ{qeN<*Fcg8iqw_)}DERAP^6a&AEg_;)W~XX|h9hsTvHk zrj8iK6I(c_SKQIPdT;Y%^~y7hXEh-J+-hUm)LT3|{bL>oFi4#?y1{rssI*ZMe-^Bs z$nU1t_%L+&4}lEf4y*+<`%-t%4_$}Fzl^5oIqmV~0eQA;?bPu8(5VY$xd`;gi~N2N zDcXfN&R_42{4({$ObF$ude3gIR!C_Vpy(&Ruj4;L)NAsc|85vHt-8QKti_jbD2{lK zgb7`-ija+PVUN)Vrnx=m`9BvKKvruvNntW}nC*is1jjB}k{0GX5g9q=)sg_{IANdH z!}lhi3ZFO%opz%EbGg2fs|Ziy7l7P5861OJAtaAXA=-cB##G6bq;vUYAA_>^`YqH< zIS94th5I`Dz(_~T91XY!{zCRxp1ZDMfvGh>iIq5@E2|CxiTa3rvt^K1hh45&3?Hs5 zCF+TIS6{zbsw+PA@>7fPjeR_m3 z$a+O@GV2dwL!6CT2F^4kB<0D`hyH!Q*S;~Ww${#+)p&7T6cDq;np3&OTFrhx9&zLW z3<6;u^A?Z5yU#99dCx44 z%(EJ9k72Ij_iLU>5d#C%oLP%y*kkh-ADRcz>LCPR$89Fwgs{@SM^!>(B9))~>p%tT z6y3C_j+Lw)YFcj;=Fco`a@3^_=7@{Rs8!Y0CiYpXsuI@1aX`kGYqa2ZudF$-3}oO8s1E%%?`t-+ z^u0zaTc~c5hkKsPq{3yaDSOQxr`_8Wcef&5%AjQ}m3cbYvLp4#UmJ#85m zu$4tDQ{4cMW0_}nKhlL5OGpP3zp1_Otl^f?R@2Bs%q#jaSQQL-nHxv?HDL6be?V-L zPqj)Z&F${`(wnPl1Kea8;7KG16l#`ABHts0|4#-(a~#ho6Ee66mP+>6;L z@y?FlzBQ;(a*x*cWe5ZGdP3R%Q55D;I;2!cTZkzRYN}nbL;pC$scnP)g%^E_$M8U} zX$Ip1G)ng_585*fyNe>coR3zBL|6A4#^Gsga))FL8CcG>afoU zf@~nwf$8oGO8&$h(Jb_&2e)``ThSE;=$nOr;-7M8zqxGh+!V>cs4$af7AB&`*;tLF zvDZY`0b&yqERU~~bpj zV%g+eBxhEwpft-jqqK{NsK(`4Rz{k1)io{US)^TW4bxB}M5glyaTHalfg#@7okOzC z>O1f8jT^1q;ZoD%E3+OO>6Sd4#CN$I3Zd z$TgM#<^~X3?OOWQ7eLGG4=r}M+E&wY&Yxb5kn^SzHR2@Vz|iN(GEQj=7OPUsKS0%) zqZ(#UUFl&Pwyo>0M04pEuzsfbqE-z=Y-w~9Zx#=plFuPN5PV4A^1$C*XNoSn*10Q$ z+HtK~bXOdMLg`VW1FfxWsM9QNb@>cL+4JR-u#{8IbQ5vK8x#Wf^Cb1BOf3=ESGZH7 zgfK|Y(3Z&vO@epr7UeV+`z`A2hJCSo!9X`>B`0dMTtjY{4$L zcJ$Oo_)xz;+RHqk5eOqrh9b05gBWEq$#9r~Ik3%=bFhVNuJ?Q6f?2P~sm(=o>BBPr zM?S8Z!YG*8ypUiF)nedOt?yV0WPapMGC!4NMPENU2u2v-BT?Z~O(kUEqL+2rr$f`9 zd9^qdL^l8DV81K~@-_@~%0$?6khU9r(!BoAB?_tvoXva=sC%pBP6sDtdHaTP7QDQd zDp>u-I}dR8)_%W!K?a8T2l+RyjZA;}h7LfYn8Mgts6#He70;I3f9jJFO2 zgVkS6=9jStYUE?x3q~9UNd65ExXlAgA}%DLO%L@ur;Kh$w8y6h#7)*(ae+`$pqme(Ev^}zlV7U!+mjmZHRbH;QbEHZZ`==aVX3Vg5FGD9K`7 zwAT_Nw<|df&jr9K5s_?Mw|Sg0D7cnqrXB7aB6|%7cBe^HY06ZT%1F+4b1Ig65M_eF zm&!d*ZkLXKrSKjM$@({7@km***yRSwly~r{J1|Tc+6ZeFZ1Pw_4TNWD3dcm6Vh|FQD6YwQFIqv#_wcF*5TkQYApad(O zU@q~-Wt+c?T6p}3PzY|a4=G3lLsm`fUTaaOtY!7EH%}^{`Yr~nrT);n2LbgQ!<-D~ zXvI!uJuCM*GpF=%r=#U)SI)=V1uGkihq@HuCiP*U@Ep5Yp#Fnn1mj`z zgA{ShdOT?q6$00+2+~}NCSd{y%j1^fw&Z!h{i&q#Aci9t;DPX(UJ3Ss7_|WeZ_O%V ztLXn=%EMcABBhnJVfjPnniFSroZ`|wMQm@%vCT^3gaFs;c23k~zXq4E(Yo@Gd% z6wyEZEtg`hIhy8_lJaf(R9MG?5V(h}_5eWqPvfTBMd6qhitbliv%~H=v`m!AU=+qL zM}ej)0n=9!w`{lLIF&WtT+8jD*ef9^o~<<3VVUcbS~u!_BL%nS)Oy+-toOUMThi9- z>MiZsw7LF`bLP`vv~9JtCzE8==FV$^Cls-~OY1huo~7W!c@RuIgWv~{v6coBTL@Yy zfE14c(F6x`TKr>^Y7jvqO~cl-gp2=b8?P3!u0P&U?!oPPw(-wRhu4nF~x_+X~! zb{;GaA8d`y5IQQ+@Yh0Wp>&13_(_oV?x0Luc2>8@4VN|n=HkT_P0LS)M6O>T1z&vc zXHncR=Ncly_pmUC@W}G+uF%(XztHlZ+@`|81ksI++Bd-0H&kZ&_;v`aprU59z^eO* zpc&(@*!Tz!hZ^~$Au&GujL0zB&6zomgl6Tmc_4JRt zaeCyTnd8WgO`~iV63Y7TEGRyoX52o-3rrUjC|yKaefi3&OH+6myF5<6VJ7GF8; zLhE-@!eHgkz;tSPNWRi90Di6{hqd7Vqo9BL7exMG%5P@=PxCaN+_X*uAi5ZA&<{a7 z6)|}0DT}wt3cpA>wMEiY(F>EUfTKaF$>?Q}!m}%9{(qj4*VF0L7~TR}&7~;)U~@I2 zL``tX{KjuK+EZw_*Ye&%6jcfhZ=`;)82sDDHXSqDH~?%6zJFG5 zROyE(w*V1!0N<-zOagYGhez3W>&{-JUYD#ga>*vT-fg*{?Si>@s zq}6w`S|UU>+D~(rpHGtXnMeYHvn2$mS-=6Jkr4g-aKqKC)qlx9o|ptw$SivftsiK2 zo|e8#6cdbxy>SQ5s6B+scgJoE3s0Jnjs7`Wt|K@N)`mHIh4}Z>DKiY8yTaV27t1M; zk2F`FBdpc^<1xlh2l88Zv?7aEul3nGS-Gc&=gDYmTondTs;`rV@CQpJ@ZP_MOBS^F z^po)q%23a1^KS2YJ8Skod^GG8em$8o8X29J6fq&&8J*%B0HrQqeVoVv;|BSMf%C_w z^wqy#g=O)dW|EskXpMW`!wzcl_q;@(}&z?U4i0j(aUCY3ne75Vx3EO9N^vhG&NATri4e z-Pj#5v{mRUiL6Qvm#Q>2&5akjMcG~+*Ne6vjHh~J}f=w zNof@9C`JzX9z_5E^tvu$;DPLIdt#pq%@rYF*wWl#N?3)LBMJ;0?X5fe=z5?1UruGn zGnT+Pp=F>%I6jQ+2NW~l72!-0NspC=V_q#p+CwzPTp#(+kX{?|WS9>X9t|0jW4jDs zk&YRR%BUtLkEd>2XnU@|)}fb|pJ6QxK@Tzdi`(F1i1hPkf1a`=H${}_yC-3F%~huz z>Z!F88T-_IL@+mQoQ+zf%L3I1f3_^w=u+FM7|sJxA|o|{wNMSm@I9H?iaA~bOIelg zX(0D})!Kkb7ovo|4fEbnUja_i;TBV!X)qM1L}TujmM9(D!fm>3kSO>oj#618sECuf zglxuIj@KMZpgUO$Nv^@b?^^G?8fn^ox!y5S<)%NQ17X z^->hkZc@Gx!7&pso&my;L{(=w-@yt;ZRP&kF1k@QBotST}rg0)DthbxXt zufdiU{CQ`E!wzwAKzSJC{fk%-%L};x-Cb=RoJD{FF)j?@tlKM7`hWmCaoDXcTMFY? zc$?I5-w`%h*$ls`#^ba(DYy$ZC&)vt{`+)kcGIh2+{_oBPn}}pv5o2bn7AK$clvZq z0JWXHO~f8Pa?;e>+`ZvIPXg8y(i#Qe$57K2+hFr-aRevRr2g5)*K?0LY8YHaGYd;( zUr*U`+LMRDzY&2M6&c!Yt32I4E+64HuPW^M33ezdVcY{%3qy zO~6`U43tbGT#abH2pV>ji}B%CqjR3%JKdyIOF#7BcS@k>ag|$FXo#FxEY9{200aBc zLDY|35tzQ|&ci2hu}zr*C|%JGb)@}P6-L)uNJt|%8@c<*5j1ku5vIVCJ%P!_jg!}` z%eD@ccXDgUO53Dhex+FRm|mAk8b$Pdi%(n)_($PAFf7l z?HO$fyBAV)3UKR=niwX!#qR4yD=6RDHs5#&syD=(IB}H>9ZkP1v7sMxx)zURVHQH{ z?1$xuMpD@2*#W!Y$~uyuuSgKgU91jSysyj~DK?W{>I{J=Py&_wxtLPz3T<6tm+tqA zpMimDm5ZH>Rh-FBv(b8WF@h#i!h&}(xh{1(<8*uUl2M!^i+U*0lIMV7x;bbD(%H;t z{hnXd3Jyo1BObbPq8;AuVyIzMTp)h1mHFH225Yj#qkv_hP7zd<^289-Tb@x=B%o%~tAdkh9kn<%Np(U z7%re8Lw6_EqY!B#@;AGMp*n=^6tLn$8tAnhvO5v6W;lnki5u&MN##-AcM=mlyFzK( z=lRxMDtlFs!b)S_^k{VN+J2E!Tzu-6;7;?Ivw2Q2r%*(=fMA)>XYzBwRRa(0`x&qh zbb4@ZFLS)no@P)lX9rNYpcIHO*Mz$Mpm$wfhZ8-uC1=j0Wz)utJm};8)HB!w=AWy?bBJGL#ShRsLR25I%2Ak3rD4r+>X6<1I+DQX#nt<@tS_ zDFhvX_9dXT?-(KGCc?K^i!*oz3@f1tq3V`Uu1IljC3EbIJGUxcy+%19XFGY7u-jAe zsrU) z7`4n9B_u6K-byiNS2l)ItM3pF**v!w#k*f0kO4t(;zFhBqgK(2T6O7T=dQm}b$0!W7zW*nP% z4LGFDdfBySP~^@Yw6s?3)7*DbI(*gcbbjc20JAMKBwgx!tFDl5nf4KS#N`y{p@W(A zi@-n_dQ`PB61kn1wJ^`UHdahAfa2@hYPjMp3-zVh0884>DS z{MZL8X+cDz{K97in8723?ye2^BRVn-_UoB&Cu;5Hjh;FAtmu-6iUE#v;qA1$>J4 z;kvKWf@cW?s)byY;h_R|yz^~_Wis?9OM>G;B6}?~+HrML8q;~A4v;w293f-20jfhI zIyA?(#VU<@r{(xPRM-s6b>(gYOcS}nvbeYmZYN?5-a+=XmE!0x6Jh;G$df)P>K=iL z)H_4uvp_E7tss~uBEvpiBvMTlW#b~kf=yTUF`>ZIi3$2>f12c zA>YOPb~Ndi()TP;SM!(=B583{9*!9QHRC^dWK0qFsxu1?mas@}e3sB)8-|x{WKpGXKnd zP)#mG;*Pp`Cn%e9L2z1OO)apk=S z1;1hg{d8_j3G#{-r{_}HCjP)VuwP44r~i* zuc^5Pr-P|Zsc=}LUNgHK6PD4qj)6w{e4{yCh*t9Yw|ppz8~_gfcsiT4iXv|B~ zpAk!ZP@6EY*G(<-DSMlVDzcc15HPo+e7{4o45HuJW_wkxIS0x*=UJDzshF|z6v#k? zR4O4E```D$Iq{z)*^2|MMeWi_FWvzi06dj+dF|UxU203@7{9d^=%EczWq(_QUr0MR zaifSCcz!qMSqFozhF4SJ>n#lZ3`ymj@M5=*FTa&QC5$;~WC5OujmY<$v;Qvn>&au1 zecBLX!Mvi9;j8(DEXksVU0`d;W%o8ROtSC{^=*isPtybd>fUKIXo0AG2Jys+LrUq+ zkkS%mG}q#Fx@Wx=c}`uhi1x9}m_E($@2VqPY^2+N?;<0TeZ3zbn()nXufR#N!B*{Y z?le7eELLdTpvkTEa29>kVMh(S%_jvj#;3D|tbu^38eeEP(!J>~5ok~9RtcNz0E_B+ zTzZCXUlHCxXwC202u|>D%cX%bXYWh!R+pZ?B-3In>qQ)anj%Rv3G+Dkv9v%F>I5%H zG|6frvvV#T3YVE4&s6-ZF(Q;vRwJ4^PY);nF*3cYhp{gaNOgb?WMaTHm`7?7VDhaD znCm;nMk-S+AaCTqgtGs51lfn~98z7lf`#)j;PG+q8>*$~cu+){ZWT5Uag2YB%q*Q{ z0T*2M_)c8pLuSrt znYXE;jv(~Zr@ebxDqiAcv#v>VZf~{Juz+y47JOF z=YvDhxfx}bap^IT7JcE=`5%3pYzHb&@UE#=!wJN|*3P1a=PL}6Xz3Ee?9D!Tin}#K zJ{{T5%XW`VOb;nUhUA%O<}r}b{rL@Vs~N`B5MWktjPDs&1FCX~9#WYewcYC)a>Cn}f)L0>h~VI*%X`_q zvFD4%dVR~nf2Kr1h#~Cq`^4}Wb^t#>z`qMVeuN$TzmLn29ZrGdzw(~J#d9TM#qu;% ze-T8dBNg7~-&~@WEoueWxG*d3b8q+-QjTP6OwR^rqhanDORxmLr%XH;k2XK;lQ)|s z*%hPo8d9$UP#oUtT0;gG#OGYrfLm#QrpnkREMNXBe3k5J9m;WVA|fXV@yp-%xwmid zr#lQ3A?yn+td1K+NjOTLTfRXwHALbXt%=Ijtx1>4V8E*qh}p5h)f^_?m3+c%q_<0@ zBD<-#V1!|q$yZM6hlk%?_0Vp20|Hl0+IUQ<2QG*Ja?*HQY{2nFuG-&;kF~Ijvb@s( znm*|t$PhI#14ls?Y$v;+(k8X!wv<5*Ij!1+aN$K-?%uqw5fVI4>*8}3RX3Lvj8h@G z4*wcwiVcMtdUOUB20Q{hxL0Q92}l1)F@*MKKq|~oe28KM)ZKacIa?;_l&Gs z&i77w8v%B0UGFoYVxdVd{ahyBjV^$C%m=s??1D_1e-oJpJxns|qZudvP6Q4DkKrV< zu)a_LznsJbF7w{|t#vmjAt>_0QjHJJrj!?_m^Kc*>g>dnA@2GZ}KE}%)+bL3l!-6I$ibUr9h>gX4&8>|?CwA71*U?^!GIjtHVSK(5P z-4j7~mXTZ#tw4F8nS{U^D|d>A-A!Jw>>ZpqOr*^NPL^*vfs>`Jg0(6;BmWmK!{DF= zv*QatdBxQ&A^+s;z~~HjU*cDKaAO%IdXZ=~o`KXsFnO4PZ|pP(0Wq;O?MvTJlS_kp z5r-#?56cm2dR3)g*mAdnQmKM_N%U0c{61G;N_4gXZ1a+ic3hc)>b_3Oljog)@F%s^ zSz*i*%77sL$QY3J(OZrC-L-4v{+h}>?s=G(IibeUVW z0V{!gt{+JC+&e1s5bkRjU9GK-L4^&QN5iUrinGiB*3!DRPVXe&yx8hNRc`l@QA5Wo z?C5OFT+sr=3ozZNmxfjHJpv9U^m{9`EZJv7*rQolR>Si15)ewDBfOG?Z!&rZfvN97 zWFZtUS(XQO@VT#wNj?)ed-!bCKF@nG{!G%Dw+RR*cQt18;@~EtQ&L{yLSU@ZziUvm z1Lk(UP$OW&z#77;S0POwNvw22sFJ0vg@!YfpgbG`+#Kt{*L(aHyTWQDQbUJ$l8(~vE8w@$#trYRz36}yL0mj0Z3V3(?w3W*}jZ))aZe;eW>F!1msY#9;0W* zI}Y~j#%{Evu@8CvF0JvK|Flx+IaMVHr+GR&;J)WcAztdI)$h1fgo&xCpKobS00uco zr(HBhXVwrb(wG$aM-XAzT@aRDvz=JpBP~Gfi#rbSFO_<+*@`_8mB+aL%ujGR9Ow{>rvX`6Ci;gLr8B;4PT(eNL0w#3r663f5s*-QT;o zFU*e@8MS@JOBYE-_4%$3&8})-#GNxlu`YS$$iw^Z7oVf zeBOCS$=Jq0RV9sFC)C^~j`@a?Z_D2zv0OdUvc2KwO-g59qN8NXJd?0DBfLdDEIs2h2J?D9^6Auz%}0i)0R zny3P8`oEs%HR|Ipq}lsj!q+!gSj|R?g??95b#y;~d_KFBM~49ySaZdU0Uts9HB9kY z>HiFt+5cSxD>ITPT9gE&E#4j6T3DD-q9PX?`m+~O&^Ls6o7g09sJ4^M-aWg{3<>%C z7wKjBXk{nU3RLc>)%%mrtFAv8)PXtrCSI<|6g`5l*C#hocGlt=?Ip3*`{^{^SS8jA zTyGy61e~l^J%aB5>Wjw)SM?EwRune>TWtZ!B_f4yT1NXU@@i3-o)a zyAhj^?Hv`85itj#UMSpfWZ&bye|~A!g^Y)P^bVFhlT{H`8ZZ@j{WsMsm%TV5`Z*X7 z2tgVxw%gguhBro*HaS@l;(lbiWjKg9b-VemS&D^-W&%QL(2g-13K9N~ATk33=V?jX z&Y5~GG;(k%b(VB(&npi{nmo^CSluyQhdpxIK<9_Hv|G9zaqF=dQo}-y)Z_qUVP$Pc zjdpVxBl(O?GjsZIA<2#mn(?n^ZE`}9(2Wj07Lj&jZ}I5|{Ik5rzq=xT(vK;Uph%qo zbT}2Zv%6EVU@+lF?Q!1*jvl~*V83Zim3ptaRPNx)Mnqc$qRK~Ot|^3A+!-zP18>{} z?vKy)tac^uYGV}=N{n6AE(ny;M!O@IXs3RM;P>+ZdL7l;oN?L0t6q*5y<;cQ|Flcy zijfYs{Kw%y`DFwuf?s5up%JthZtDh4JaazKqxd)DmW{fZYhY-XMzMq|JTS|fw=R+~ z3D};o=8s4863yqwx>CAxn3l&FU2ekMM@qMIS=9j#rd1&23;-nBDv-c5R>2eNBA1ud z{NDv#B3FocK;tdI(qT$TzAS03KS@IQCZt`T@yCeHEBk-yIj3FD-X%6^rl;sJRnXm{DsHZmEN-G+jl=k`0T|Y#jg3f`FI(sPD>`STyi47yh zD!HqBxai=kKk>0zrM@0;5%YilIs3OA7wgSrj#p}g?;L?07cmPIM{03ytf_hm8)$rh z&MN=YW=}loVS2JsdUFJU44gY}YPdvU`D_*TcrniJQOG^xmziFZ+XR{pyqV?w5K@o2 zH4Rh<>-EA9EjSVAyr9i#^~pA%RfOyn)E43%zKxzgxm)Sj+kY<{l=o4o^zPeqN77hl zMy-bZR*j&*eVAW7r(N-+ZWw3926gdFPw1ZBX*!$tS^eiZbNr}LSozMc-Fk56-wp>C z^Y&8q++_$Qy8B-XE#abhbJN1DMbk|f@`t(+#3N=#sLnklO)`?m=0KQ542iE@&PLQp zWEp^ExImNH1s8bxeFBbw?phWge*qT3BTIW2Petizn&Se!Y!c6&P4*p*FeH-^ufcEG z`%Nt)*ZU_blnHC{c^7%(a)Am+gw^vRzDfnRNA;E^Rg`^Uy@jrzxWViav9w8|C5MAA z;FYYxyA<=be?qqXU9c0{Wlg^U@PqN4V-dP?W8f>Yg)?D#*KhdeCUMz$Y}ALjcg=cm9xqH?9m73S7Mg z^U#~rw9;~=S$aQ{?&iriGMBSzyRz?a(S#IKH~*iY*nd1IQJklddRAE|3)_G@_pAE< z#dY3A^M*v$@ECRbB{b4AM(n2;)cJ{|VQ<-|FQVZsRv;f7g2^v0;b+Yu9WATSR#-1H zGlYT3*Z`G8Z4}G*O|R#!CH@=)CCf5&MN=>|_9LPmj&H}bK<0;-b>1b2T6pp1$EG!o z50NfI>&HaXZ?==i{(hFX6&bm&$eRa_vvAYtTdRmz4+>IDnLpmKO3_1m=85nsph@Hvx`Jx zfkqsjI1V^c?wpTza>%+v9GpL51J{Ig796UyF8yKuaH##l~2KJg&>^)V6I;+_Q=c410HB5SFv9;mh#}0kFS6 zxS$(V1}(%)2Y<{Qs^l+a!hMOEKO5Z$d&QQ-%Q)y`w?U#)fn}y>8hg61MyhjN%r~zb zL)fB90TAA~z-5U@aFm`sbYg&32={vdT?VH(Y|BFy!P91B@yKN3L2jquB8nc%Uy_4^ z|4eBC0P6E?@%w40a@|JBH*Hq_)sY@tf2dA07%H%s%LKT8m3@4vSm*@w^z}A`3319e z#>b>CNtBUWFjXJ;y=UG|!FJ#=#wYjlxk<^_kHzfUA{?0K1GUD6!Pzg{^-&2Wjk_b| zKz_G_PW-Qj)-nru%s*bY0NJBxPd$J!=@141czj$n5U+XSSyIKxLlLn~HXzzWWpVvl zl6Fm0iA!+*@-^%4@Ru@P#@3VK94{yKH-O;CjE(r6qt&lRu zs+Up<&4eK^Wbj>8BDq*zKX}*jj=^-?g(%g8=!z8a1xs^S@%0h zuyE)Iw6xIg9UEmeF$wDj$7=q9pcL9)aKH;YdJYMmtf;4sPY~5nmvXn&NKZ+}igHWH zgk8j;c6bMdla%QoPO0dVMk^3w%lqX?24GNnmQAaTg)F<4R)#vv4WLis$(#v~f)agY z(Aqe~UuP536xa^NrcDuTQuO`Uxs_||7&LEXFaXn!;Z!V#J5m#w>7eO=edzoSlyNDT zoinAcOTF*Phyy-zfF|0p51_;$M;^|W%yP==L%YU8WoKgPb;jl*&>w(nj4v{2SQd|k z6mBNP1C^{uvVw0;&b7q|<#k9l!<}Lb2mi-tBL$n18-~PI#kOD$SrF73dcOPMam;I1 z${etp{RNib9QGg@7caT1+*qR1e3I7o7)JLy^>1i8cSd2gKawiaC0mNef8rM>Uu*vVS#2 zj9vzVpTlJ>`mn_!cov_c=U2*>89E(~nk77HvZUE94>(~L4SsuTrLap`B0I15cf@b4 zP>agUhQ2RfDeweuuYHj>c8F9Bh+nO4myTT*O$E8frNjj7+H~x9(dWO0dKkI2$lL~9 zg6`kG6EM(YVLZX~9`9kr*|H<_lit`glD`6i{=QhGQM~-oS3`(aW-&rh3l3No1JEEi zNt>6^8z|QX35?xxe!jITSsJO|8K~A3&XCNAc~!5lt^ZuE4%$lD-S}dhgftwLwH*eI zE6cpBMGK|(HQ_Zo%0m#EPZ$?@8bN$q#L-ubZ(XuPwCi!HtBBM z&tzTr!N)o6e5A|;YL1)0AXJg45M1AA;MOX{-KGW#VV(f7Dh)fEaHBqJeOoI5hR~X{ znZ#|i2BA3;#=L>gFb_6j8)2-~OjaE*hj_(L`VB_iDgC*Pb(?q<5MGkntgL6>;)P|} z!vPG&b&w1firY4*&`UBVU5O0g8o?1c^QGt#F^YW!{oB%pXUy#DQtl6%HDwpqB_k#y zCw)qz-*#1}QIW9r@W|sZ2eCAnoNp~Cu9P7z^>A%hfy#Pnv2^s6D_6gq6x-?HULIz( zZkw66n`ZfX!U17wKF5bBOfJybE+|6e^p*5Gkq%L$>Cd1g%mAqbKt-Pyj+B(+?8E7M zQZlA&Hts=Y*_TqfTQ78i50?S05(AwwH5)+898)R{Zg0|s@lFdlLl3q4Do9Sjp-bwHp+P;b`vi3yozPIq}; z9BB8Vi7W?iEly8oD^f$`eNVrF)(;0)=s~ME(2fUiz@;|n-4+x;B+iIGgm)qv+o7TM zV@j{-q5B+8V24h~>CDl)1TtZGS?u!j1}b>}*WZJ^8{s1gEnC}vTU2KUP659Bb=_)OuTR6P)EzIE*zD;MF>BZz>x z)qUu7#CezN1#R)&kGM^(y8WV!;y>+@Amufk*9b(n--{up>?BKj#D793HK|F4+GVH3 z0k-@u zG23)>pg5s}6j5wefUr{;!KvEsvRsGy>HbqOmJH1HF$_Iu#gtKVIqxS+$O6x0uZM~# z-nu?x#yLL`qlDi0HAIJz!Wp0YYFyzhq6jSAO#}WihQr8^@?chN_J+d#XEGTmFvxA3hwr9$s< z7SE6=b9MBD<13x(Di*Y( z!SwvHYRc0VX(jl$C`o|YMX_N|GOhXHBXT*5w9uS*aDGo&;w<8`()#{Wmd+QCd#9ht zdxmUWnxfc4a{~Ih3!=Q2w!Iy!TMW$VC^VxPgz^9*ZrA^$CA7fMB(gc!t33WdKD-=P5Z zDiLbg(K=%ov6`M1ijWT3PZfj8hgMyMM*gBihQJ1VM=CW5E8i}s0kSDg*7JxP&=*o$ zmEvYX0)oNA(kuI#y_Qy0r(@B)6oF^w9#dQ2A=Y66P|I`H7YTPyDo&3!!>%AD|E8M* zY{E34bQ`r>Ce9Jq%D|E3Sh5N=A~FW1Nf{XTUYBnab*z1a+|%{w*B_1NX|yD*GmC_y zL>VZ^UMTGnpY%vi%QJs7H?$=%aYNR3RH{T!>yK^pa1)S$DJ zLKZOzmKgK2>-S$v36DIT_F$?`8)n=5r-5JY-yKq83N&}>@r2F<$IZ>c?1DbSqe34Z zd5abv`@d`(G+yLqnv@qLuGO;?V=F4~6?-@&pU+O*`UJ_y#P844hyxXmJ%ANqbU^x#IoIXvCGEu+Ylu37LLYUF2Lr zx!3~gbu7E=TeMUC_i$81FY0W5btMdQC6{p%Tg$WmE)Bs5fg;LcL~T4fvP2TB>|pu_ zf2twSJ0Y5t#v_dSI=KZE-Q*uwPCJ8@lUi=}n_je1VPJu0T~Omv&eZU0u+*G|J>-3^ z^@s@rK`KbhC_4o#NW@xf?Y_U zFpUE%dw)y3Qqqe z>Y&8JsO^1b|I`qYNRje$AQCP~4frm$9|r5Iu0bo+3`3_38o!!r+TDAqDbX>tQ8%qX z;vF##y^vgpX6FuFSi9Ou#dV=>i=^2M;+`(tbJsOT2Tx<#N|*|Ym;M$h`5P7OWIY)h z%SbL`D^w^aH9yjqt7A!NH&oR}qfc12rM8zWhW4E~Y?$b?j@=p%n)+fltHw!36x8#~ zgHO!c#~Wk1^X4{@(zLH>*c2iPL|E-x2UbMG9IxQ-e<4By$mTnxyng1>4M- z(Z!`$CM=wO%h+xvqDy`B!vjPPLH{q|>X*}sF z^=EG$4*Z5#hVM%`sTC(eY_J*b3kK(!i#)t)ui^!13j;!0HHxRMFdw3EC!1pYE`~Cr zv>>nGFousyBos>Cde(;%pxQ&g8d^0{^2pscWheH^4~?Efa#_CuX#*7%FiqD1for}l zkRS!PUa;9(MY1>*R%~pox-e%1Q?I06!&)-s^dCHPC<9CC%1T>#z8U!*~wwzk9 zl0w1yD#V0${B)PrxQ+@x%CWBx!G}O(f*0sc!3Y>Jii)aK!=5}C>sH0FCVd41lJ0ak zulMg}(f3>|3H2@l)Uv;U&KSDPW}N!+yVJaK!Y3#I6iMx7?X4TVNisbJCs>w@g#(Xr zjp{WW;x<+P!6>XPGW#zBc$H(HVDMT|Klo zFUG#e=%9vcQyN~vikWB$^JO=c2><)W@B}Nz1MOzuP>RKWuh$xDK~svSLSdhN(8-e_ z?7rZ}4m1Ge$abS6r~`MoZ>Qe$?_;)bNvnRLFz^CS7W(zokzPo{Y=N@D6UfrlvX)J+oc%a4 zs4BYoQgzt5dQnV-_x=mkPBk^MYT_md9x8oUDaz~>EV60pP6gU=Rj!zQ6dyjAJP5Xc zl9siA<`4_WWu$FH_E?@ewnu1P6D2!U{&{9@Lt?8v?WKfSmX{U7+g*nE{`zFrB~^6| z*#VaZ{mcijw{60_@(dRm^Lf(RFA5S)R*k%Tm>JGaBbbf)kjNqo>TxGZWjxVtG14deh-T z5y?d?6o)-@3w>yKxWgF?K7=&XDN150)^KTwNUBR@63m_2hL;qH0y3D;%U3NX(Jl^; zcwGZMFFYXRao&nmO7WZniO+C*jKQ;f^bL<;P~{W%;SP&K$I7O6 zp$PL=-Qwtz{)0wdG%HJ~4y?G?WE8HXeY6Bf-8Dy%8`71hyVdURFENcovfIvuclV|M zWnf)@Gc-|9j)DQ66VDJy(OP#En%WjxE~_jSw{t>a!iuoGUAiGlVEVU8h)nyKGWWw z$WsSj@U&K*V^Q7;QC?I5HB(YohZ<2}@YlzUad=L$FfKV|_)22pkkIWOCcLqXKqrEr zR2$S*G1DypJ3bk9pLlv--)$jH(3H}jgjnyq8w(q^yRZdjC`@br4Lei;NcB2Mu3b2jSM?MROb*(In(YU zsEx*1KGh#+9?7(ZpezA9lNJALi2tELJ{yGdqq|%w-%9S5OS+Xvz&QJmq6hDvhAeyHz+Xy zZO|;84B_Yc8W`znn5G}?we(5VSdl7MfSvBJ+xz0qAyTz}v%1~D?cR>sCDUY$iP7W|RZBj3?){ z)1b+=(spViK4Ti?rV7bHQFYsu4z9TFJXtYuhg6!GLVAz90F$eaNio9_67#aCO~ZJ5 zRiti;_->{@#7O^8UD(J@?uofHJ_+(D^;{7z+GnEsXFiY0(qa#xNs$_A%yf~LLvKFa z1-|$8m^57)A7_Xdv?Syh8kHBrGBMtG1{ zYhf5-l#Ncca>#afzM=Nt1ch-%O8QPkfpog?6xRC+6@n3 z-6(~_i~fOgK!2dkM68(A;aCA2!PZ(@@H;(Rg9sFKaxWLWV73#642y*01Xpm_?-dVM zrsqC8$JnEl)8<42?9p8XZoT4T#OZ!K>s}KumgD`;jD4<#4D{PiEEzun7>QEvJqt-= z$?b-SO^!DNkQmat8`u(ukCs>}q8I>sNA5}JAyG5|cA)qkbiIqV?CCP3ovWw6YzlxB z3)XDgzBuABYC5hb8qWBTd)!vp2z^~NP5rW!h8d?htvj?eo|SWW9}5Rio-Vr%QtWKu zMV?w%mL)&!igtE>uDOOx(b`W&wg(2i*jfW@>V#6I5iLEasaNP_{>bu)CrmiXs`UCR_U^lGL(TqC0LNt_{Oi~V zdaS3Uc$gr@yj@t>deK3?1kTNKFl}*@|IA-)2vrgJQ4s-LAb>?T?Da)IQr*DDrI@3m zFDjJTZYn}nbDK}72$j?5HouzF}Z2NE=**MxX0K~Ynh8b|){a*N< zW=a4@sJP$p%JlZT2%)c{PW;p9T%-xX@k7(wiDgD8?1q}?MLp){k%!0BJeO~NC;MOH z3@vgvXb^5B*|C(Ajg#BFnwC<~z1l`2$ha)hd7E4MEg1n%oh_a76?PsR9Zsz13Ulpe^Fjph7-CGY5;AD9SO1}nI}S6h^wV~=+)Dcmy9+dsABm%u3N-O6&Mg%O zL(=MYQ!#FewdPjzp8>M&uaAmp78A%AiWGX*@1{5Q@^@LyU^tj>0Vm1ybhh;;}5bn0@3#YsY(Fj3zeO~&J2>gkEi$o0QWxlBE1 z(ow5*{OtXjMR5bGcpOx)b{$HAh)})J(VzW>$w4o|5iYyx&mGeURm&Z&s>T5}+SqZ? zSxVcd7ZXcLf2vMJyz6f%wk5Trhfe-h>5J+9?qBI7*M6f|@C?7heRDR}HTpfvVQg=j z_w+oF>aZO3JU|;a9E(KWMcSKE3A#@3Q!%(K-xWBUt6O-=mSlPlsnGt5cJi5K(TeDB zY|U$WvNk}vu${Y0mlwAK{Duj-dfX-VcsIQKm7SBL6B}31i`xkA? zA4%Pg{oGamdn`|EMXm~G{&}nw8)QW-ZkI~bPrFl%J$_kgi3abRTzd5twf68QP#S27 z4fI;-H$tLMZQqt$FE}ppNR8rLOvxJfs?q-h)pcJ6T~Bc}Gj z6S5k6{EK;`W0LqQI37j$))$|`WxkT>3EU6p{vip4z7-Xj{7IPw7N*H=LkcO`4lCzJ(PW z7}f_*D_7Fwg`a>8z_53!=ixAWqhE*Ndj)M3R+)7ARhQ@nw7NuzW%&g<8Jvzc6&;x? zG1ns3k(t;S8N+vnP|B}4`#d72DJ81d#F9@cZpKqpxrm3G6Nz% z9|leYGW`51#KUw6iEj=AIToCeUs;38ZvUW8IM4&zPsAh zP2bAeTMsbfoVgkSte$Xl;kexKD*b}B){)CP8?SX#1(%js$&H3G5r{SNPUD9jnktB? z6;DHWd-l5$Ce4{C2d5|6`qoc8nnbxDH!!S)Uetz@R0-;Z{()JQMNjXDFE3|{j_nP+ z4s~*h+Wi-}SQ^ryBRV1Hg*X>G!i1K2Gb*o@1w8r#;)^b-G%dx98|$5U#!sT(OZa4* z01oK`iM?Gc`zXD&xla0dH}-Gl{_rrNaP9T%j8l{w9 z7czI)n{7r!AVi2A5se3&JOR)zwc_y=xI;D;y8v0D7a-@SoIt@!970{?on0<%LkL3D zW(swJ0r;!(q-mcPNz*M_9v~}G`ZJJpn;?EyNn4}rVYHcnZC$GI3AGIx@{jQ7;+o5g z(fVupZlA4j{HBxqCA%uAjZ>;m%`8alrfzb7m3Hfp;bh@pOOf_w1vkt(RfP=^mnxAe zFm!JnkQ+Y!;J-_NR1(2FByamLc!R9~NZ?1Xh1M|gp{f?-4i6+=gK}w>wT02vza7X> z&(_W6?A`(|5}btYO*R$sdo=eDajkEN5c`Q?t(G~>*;9&v%>?Wv^&d?S%Hy!Q47)Qx zC;EP}Mz+Es&SxM>$E|LAwlt%*KSP#lBcRBTCAA0vG11geD**st?{ zr;1B(8E&olw59GX*`6-BX~WS!67B9oMPi-OyNk=bn8e)$8OIEH;uqUMXXbKZ?YEU- zjC}xGXw?uRfh}fK2DMI$_F19!6ky|RVFLG9Q&0m;zYAx7n=BYTX{E->ujlZ~+Y?&k z8mpT0omE1X7I9@EiOAH_I0>3wt3&(wj+T$>tC2!dfX%1E(9syDe4o`~ zDU-l+UKTHD?7fBUw_>!neca1<-75v*S<2o3-Owu3t}!oLLaGtjnpo=Ke`{si^O*;j zR8I|!`fGspk2cw~w z!n;QlOC>V!<4$cRBv+}TKFxa{(s?J zMRAEyv=jVcn!*$PMu#7t>aA_yz7M-ilutZDtv7~Lfxg)B zMO~*)VV>nApF3wU0%sAla=C#n=|%^i3SAN#Vzk~^KsD{d+O>Y1#9jC(NLT8Q70>r zqbdjok7f_KoZ~^E;$Ae5jZ5Q^FpZK`*USU!)htl_FeNCKtQrb^|XnO|s^5 zX0Pud7J~_+Auu5~yKt)j{XBvaW*Of6+Rx$ox{)E^Cv9cT%@~yBdn5gdl7Jhz#G6)(Kracp9 zas>DNOiVBj2eIwKZjsKtCb5)UF7%GcSkyB+gRo;IEiSezks#=bxfWd!1F=E8_FbrK zXY6S=RCDx2zL(95nu;M3Ni=D7w%7fB?b2VU$&deUUHMp^0ilsxljGbFzu7t~9T7*UotMro++*mcnwD%x{`?n#NKIvCJagI4;xup_Xra66WTZ(U{&wcag~ zB-QCWBUEK!8EtA~l!Ru1oQW9r4BHKJY8{7pi6|bigg>H&emZ&zpRs3=BNYvn^Kf4` z-G{dfBLJH!Q#;VY&~foJ?wkS7{u-S$oGc7HgDj>{HCH{4FPE}l>aTpOVN&f<*i^`2 z6BZ>j-f!va6-T$CP3CKK-rdf;>81+aDD6(`U&e9dv3$5xbtl30@X*NeU&soA2plvo z(b^lr+(;H3GUy$F#BTJ_4?LSy_?`v0Xwt}-070FBTHk3N7#nG$3ka zKd|z2(ekTlmP`V)l!K3x^=jwnBwJRX1lLhvCe{pO`d(NW$T^_ zRX2F|c_@J_RtqVV%A@M{#Y5{yNW1{XeP^xV&xJe3Y-!^%e;GJkSH z#Bf{7Y~UL%f+A8XrJMpUYL)CKFYV{MI%nd+*OdUPjHK(LQ!}A&{w*Bv`)AVyD^i87 zy_mbLJyANXV0$hH}o-?u#67sOq%>WH{X|d*2WEfkmbc5ZX%KSWm z*$o|@g9rx+ogYtHn4J-@A(-gM%<$Nk6M#)=P-fD@C&c&{u6+F)ThUrTj1@H35&Iuc z2k9xt%MIv)pz$|+vW`Gnbi17$e}GERR9YT$h$u3yJ>dpsfw4tIHR-qo2Fag;cn^-% z_=a4szeP%a!6)lQ;e8irx-u9bP1{3hvl5TRrMeTbW+cE^R?%#c;jfo0jQ( zP=9TdY^{N(y4SCC0|b95;x4T7ujx>fpuTSooyRJwGJ8yjLMb% zCpgOX;ogHe1V~xI5m8+1jf?6!?ott{ngzQ$#8ynOE_W6Lkx;hcm2&8+Ei+iBx?rl= z|5PABHLO)B#g4cRx4xi{Svj_dy4X~(gQ&nW`ly~^2dWi?BJO#n=jO1~twL0_yobQc zF_eO!p!mtmCPlKh8h6~F%t33_69Dnxk67UCbSmA(WIQQ6`S<;x@9MeF`9A|~Zwkoq zX59t>-$s?=S6=(Wa)xH`ZBJqTVX1fbknHv{a7#Mg?A_6MP|VwdPOLfEMf=E9V^-A@ zU@V=NUuQpHg|Xz?GVMA~4Ngy5R(6E6{mi>UD_BvctGyR<33RiiYS4^2Uej1o^Z!q` zL9eA6J=5d6#_j+AW-E=RvTm5y>N}-Q!vPCNVP>}MysXfXiS)SD($b4rA{2bEJ z1NWPHurVN1UX(l(2sY? z+L0Q)Qu?1Xmu+LZO=`269l(eh=h%S76vK~$O1fS5z^leRwKCVX6YHXVZofEs7O1}3fB-#ML$2YMl_$5@n{stSk}D;(P;3)0jqHv~crj*qNu z5YDMI41f~tmO!6-6B_{eA)kq3)ni8VplmJoI)+^EMM6u-m2FNpC5olZhlKMS4rIt@ z5h7lW(9Z&9r+=Y|`K(q%3LuZ1y`Sf_cU9p=v z1X6APp%91y$eA6jH+JnqrcO&PUu*1E$uNsD_`v;z;OGvqHd~$s6}`hidrd~xv${!?^&N$#B`tBd#+e(=ozdshr+i8Lc}dMcJH09E#csP48s0I-PJf0f0`V(U1zkHI%9hhb@m8CAWf28n$c-94hibMA1K1cBJfrDg zy-&~0)+GPMoA5xndQBht<8z&*q`bVwY^b)&Sif0O`MM%sp>FzhbUO}lsWn_1uA9I9 zGb6v(qk5-_3&h*^h&f;8 zv%V9Kw)3S>@Xx4>hG*tsTw&v3#D+EC`f9OI$!C>D4t9{!UegehCIjqDZSoiR3oBcIym}-U>-KgCK-vO(gj3w2MB251;`t51Z1(+>Cq_>lVb6msvp&?lws!ZPlYe3*HDk# zt3IX`V(|x85Y@qOY4INTm?bjs;Desgr{Q4{*gKY%COD2uu9gKqWFW6WNh<%OA?DQ3g*r1Q@NF z5-UH%L0rV3*lv9QjfkAU5n@f9mwP(CHl<|n{*BLEnj~J|4r%l22G-YTF&;EGFv2Z2L){gRV`+fn9=&C5JRk*R&B%Le&X7T~{# zQq*VU0C1R5pX-+b6xNXdW+WxQnvh4=wtbp)-b zH(1H9hoRZX=xHDF#>d$!bx z=Wokt%8$M_Q|mDeLY#|Q8gegVqj}d25!!}u)l+?h)o-JwCv64R(~Nyna4u1}Wo+BF zZQHhO+qUiGZa;LbjjG-c-L-pv-}=_dC_!$6v?T9y z;=XVAP4#S3BY2dg}bMlgm^KvzU#=@iOh*IiW3Qm zD3o14^8x}D<26myZRqXfCGSeT!n8C&Fxzrd^~on*Ia-=$@|tUbMRL>i{T`9Fu;4kE z&*q_7(|oY^ZFM9z&Qxx(vWfQ+*hK9PEJ=|lEgA&b1TukXQ zFH0m{!sw;E+hV@xuYqm`F{4;^D;w{8_kM22G-)*3d2vW_uc7Gdb`ql0r@3XMqQqKr9_kz7QC)5bK*&1-n45pnGSfg@zIeMBjsM6$v3_$BADUE}mf@Q`04dGG#gTFTR{_f(6v#OBpQm^uI3{MhR;>H**&vMhQD(H*+y_Q%5s%7y$v8 z|MN7jHG5Zgy}Z#mc7+f~PY75fJ0dQ?Ccn^(F_sYs+?7I7p>PNZv;+ggtRBg=!nGPoi~s`E zScdTZX%-X~U!BXpu+fLy`?s`aa$sWOjy)L?~ASD?d9eIBR-c z{g-|(@a6Ld+3zQ$n^Y#wr@-9b~q3}WczrptgV1d2x%Z7G5*CqIE_5o z1#*c1!n@2TG9dV7yzSv-LqG_kM!SGw3eFPLAKhO3WfZmg%a=T5%}hN^<#eF3uOnc-qXv4Jm?k?l@<7_HKie*6b%lT>B}C= zpNR8jlvYtNA&`CU`{vuGEUPA@EOa-}(6@-tKRkS8y9t198c_-J)X} zI8#Caa{@jnuXJ&LG%AY+*@ll9VtFj1+i5s?gfn}H9h4tc&6fRlld3RrG2NHSo8I9u z9ID`M{C99nReEa<(3sjcr}U2R_YRob>(aklTZmWB6ZiK_uTuK9p?OyQy{ruZRbdvZ z1a(OYvwz{8AlnhT+>UfQXktBp*7}183l_Uy4T!%5tDbst`ha@Yy!^^YJZe-?V z=Y&E$8LVAk&Cdz6Bo&U(>Pi$NO(zfFRjv_HA0H~#gBJiOHSS5O8`iU#G?D60jGI{v zs)ls7N^yW~bo_g16nYG`7BeXt-SU%YX@dI=SSTS9C;Yu26Op;4VWN=;<(HU7 zYlh?I0L&}@Nu>qM7yA+BuOYR)gd(cqG;QIh>mdD3)uuj zZHPQg_Y4=?)eH6v+u4j3mkA#bXJ?*@48|owlLoea(3T!A#V))0FP#KQ@i{pN@j{%~37qz`sV!do>Tzit0SFO?spp z+VjK0R&hGS5Mhq{6b7tW(eWhSGUjuunN?{5j-RtfFO^E__#d;ZaO}rGKGH8{$*?i) zkLCWq)KgX{BhUEkhtbS$cYv@w{4GaHWY&S#QuVKnGQhK7 z(Kwr+Q-p}JRU;8C^XO*hz@cDaVh!8F$eZbVZfJ{uSSF-ctJqfVl)Z!_j#rPt<53Q8 zoX_HDIv%v3iub8ulfbB=5<_IM;q2(pEL&glXT>K*gW5M zwbx)&F@tO4|8U9(=;+0_0)m)Klb1GKYu2#lt?%ST%9QfJ{?fu)mWAP8#KlcQdDbjU zF~U(jrwuM`YIfX%#ezfPa4)n*GWbP&Ofp&;CxINFN_iZr;LD&gv=^vNI*iP604VMf zs!gDo>(!4vrE)Y&hL3+RQvcF0HS)QHO!V97iCbe$_fLd@-q}?s1@#|)l)fCYKmEfu z8&``;htQMfoSz6G{3;I8n`LttFfulXa`{I3$9ruP1$OF=j7ScC9_dN@UegIY*jDTm z!eD3ef~)FvE<^!LS;fy9me*n3X+aYhguoGP~-m zy#uP$+EZR$HUxuLKkR&5MVwTX^I6mjG7!A8Wdu-oc;hGddj7Y>ygKp8i*SG8sAN!p zZsf*~7KsQHg5Q^}z>YAhG_xBg=CbV?oO<3sf#n@cWBY^};pO>BPMn-Ix{Ok18h`Cb z!iZx3BGx~Jo2UvgB)}bl7{}sAZ)ay`H@7Jdp_mua!Y56uH`)T`cbh77xFz|;u9|p$ z=E&G6eA^glRJ5b;Z^}KaH;5HNK?3_I64!+J8&Ug89&(5fw{m0t1DsKwJIr?}l(Hx* zQofe?^IDP(R{4Met`+P6%&E`5{U^lI8ya*<>jMT+=|EO{Jw_+422elJnWSqfAxl0PBW*{xJvl#3R_7-5ZOalVr? zk$v&vLU>m1+TSk(=GU>`i@YyWiG*Aa=S@JbsnA?LCddVv zNv#du6wJPC@1>fRp6Dg9@#g@}k>2xntJemnloIE*3T=SQ3~m^71c zzKkp7Ra}*>0G|Y{bMxZa#iC6bf(G)Oj^0bew&k}h-bc3VTUykp?bAxWnOCr3dJDy_ zS=%BFQ$PIrD{p`D+@@AHjMqF!+nBxBMaLPQw>06&M}Mf>j2Qj=jFRcJt7+S|)Dcz| zW*)@k)C!HIg*Fuk3P7z&mi;n;Si>eKOyF+~x$JZXQwv^#Gj*tKRI9DG-v(AH%hge^ zN(D@fMgAvukcQyfJvE2adHO1Eaw~_?$*+4d`>U@|3Z^{f$(K9zA1InDu#4{IAII2? zwipUDTO`_??EZRf5FBecX<-LnNL6lzFme6Y*G7fh8?AN*1BPy2S~uW^43m=$H3#hO zD?rZT{dD`U1-^rJjO;uiI%lTY&?ZWWLm7D)LTYyctZ>82_ zd8{QLtBl@&utP#&rBP>^Ndcmsf-h;``Pa_<-GZgvTT}s(QQiweUVBWrcq))EwtMp% zBnM8jEtm1-S5#-@iNP0=^KQCyvB7i*lbQ_1K?o3tz;-Pfvpf`HQ7u9D zgFO*q5OfcrwAK>>0626$pi}ZQF^p=42_ddy!DXNFS&(3ia90_7QI?`EsF4?2*7GQEc zz(Q&Vj9PuOD?esr+GOv#v^QX;eN7+H%%^m|C7bHR!-Cts`ic+n!kW6Qa6cRU3s;fz z>Z0UF+Gry0I_*r;@t&|5ZXKj`aH$mPKdq#ULm_up8Wk%E6lxp^JM%H1VyvU~7|W2AK)U-{n zTdHcH(U+9Tb8|yfHj)ycTRw=8-bW$4}6=SZK&xMu5+k_NsGDP$LVH;uI#^3 zjXC<(yuJ-ys@D{`gzBQ?2^_iI@1(0=K*zDA)DK6_k-r@*a|Rci(;0)~=Ee1BJ5n*H z&3dB3aSd>TdMUl+0&!gfnYe3JXe8`>octCt^4qj@kiS_LZdeW)Oc59;aqP9hn@`dr z^I&n+mGku!x_`MtB_ZC;wW1R$tMZW`xNMwUmcjT9V)Un{GD>(&nGFz8NN27=JSEEo z*tz)WJ!D}Z3|Iya7x0?B){iwC5+y^mPJejV?PMH&ViF7ruMLG6e_TEbtWmB51Jpp> zMeet>q!@>AA5%c|{1)+-bCNbBCqOBPLC>`}2kMOj4n4+>n`Q24GP8}MN+Ba; zJ*gq`M;^r?Jt7Yoa($`v^Za_c=y@2^Z;i;HI71~vt1I?>Zc@!rNQkwo0L0fJ3|(@H z*%CWWB4UK&!gT*eJtEJ3H!k+Ot#$QvJA}dz1G7;bem?T(O@lZ?SzJdMrUN#kQ(W;z zrgknJ4#A7F9=IGO03E0HU`#5xMDOsBmfdn^h$-D?iucKiC8=F;;w=y%)XNm?vkn0T zD6yQa^@Ogmy25&}+ed1bHQSN3&#`pWP~Ua9zfP0(gbQk}&Qw);SA|x^`VOzg%Oe~4 zR#ACt+NN=_Bk%~h8_EB5g}W1SAkNeeu%Yh+cy(pi8IbSO@4@9u{8=q%-@<)g#M8w@ zv?IUd!c>IOLw^GvBrWktWevVZ-ta~}ovDAWL*d{Ia1-Ds>7f{#(Sq$OM`qF6-%8^$ z@PPWfkQCahU8ShQNF)d9QEVD@$GR@*A9ZcnJreQ5Uzs4I9O*c5*l*U_&6*sTXIVAN zj4KU@#(1;JLW_?M6=nu8Lgj8MGrLQ|IB>PN7MS5Jyu8&uw;;%}rCb zRsZtNOhDqDh6(R(YraMe&49EkYj&#J9JE-*|AG>?dS;%29WqG2mh<9K^<%)? z)vMk|u6s{3LPrR2AqWRe@Il!Ky(vD<@DIc4XEz)c)nRKqD*pr7#TiXkg}m=@#QxyqFPzs<9umDUDBkHq1|GM!12(1a zl%K5A3x}VL#1@`~R9@2#2y-8EQ9X?{VmQAB`_E(xhh^itIok_rU7%wUe@cb3y*DsB zQB5R}G?PDO8jtGefR0i`-j|}BJYNh+{llw1eoi%_Wdd+3JQallSY1$Mx^2D<0Zf7P zuNgI%edRo?E8zZb%sKkd1X7qO7SJ0L#DdXOR|k5*^ztMns$kRU6Cz8}1|sRbBn3RF z|G*<$F`&*Dbs3W-g}d5is6`zwn{eRb-!a2Qz{uS-g{tMk3|B-m9kxmf+@)X0f9n#I4IR2dm1ZB!!fM9p zJxVlPdr*Pq$-!_8;r@!Hi;)?-!hE14JHhW9BscG3+549y_xNGZ(x4{8um)#xd*?aIjIN( zvBi?E#sG2fYl->!&I^TB-PMPAw3)K>JB?<7onGJ&OGn;#|JNA301>l2jr}o;Z<087 zK=>jMrga7Tabg33q^eEK9E|ne6xlv$P}Cwt}7RFH9WdB{B42$pOp%+ z7#G^fGxIfZ@cu=zX$cFzZCsdRbB;RyE3iOf$zp2w>RbQ`C^A6S@-i#Cu&ch=PR0-I z{P@FIS_p5rKz2m7;vv?+=c=yqt+fd=!B}kp(}iNopNjHncB_u)^Qkf~ zEb}VZ2JF(oC__|bFP@$Gz-zsjRSDMDWVtY04f zl#g7RNl`UaTO``0d-wnTYh2*rx6%o{U=^EUo1nX`PUpKblGDx|+-cgc<&YY(kZOZ^ zhijdYgcG?IbySNGHH8pc`S3!B7ii_*AMCC!yrcBns@gf)k~wV3Yv_B3Qp%UP$g_j` zu2^BOCVh9&c>?^JAQ<&p{LI*Z5RJHF{gKM$X^zrx^}bd&~_G8L+#g> z?7=KmMAy5>X`;$^vPUG!^cA=TCx>Wh$1%W)HL-jO2tWV4-U$jm@P2JZ!;ly;2(6I= z)hC8lQY(Kux@kTv{ZSd%aU9EjQY&uR!{xC>oUd3K5}zjLv3$FdGcex@;7O@#SYqO@C9lMcJ7)It(;1c&P9# zs4~HP4$34MMuqR~WG42E2d6g0qzm#@QL9Z=6M0c|JPooa5Gj|e0-Xev*6C$VY0~Q^ zy)V7QCJaX_5=4pMbk^)7$5iiog54781oE3rycGL|5mmSn;v$NreDWW~>5pwsRRDJ6 z7XMD1gahUAGfJ+Dz0?QN;dAqZyV@5^;+Z;A%pbiZU44z=Y_w2Rm|%ma+Gj)MZR|

^+bQ^ajb(w6bIw>uTsJw<~3TH?}l6c!NoWwD&8c>X%B61l#;6mT|SPU!-P_wQE8Eqli(Flo>lE0L{+x17-) zD~~oBQ$!s|{-)vIZh-~i!q0@$>A-*2zL7n^Ez`oqe>3*K#1P(FWS&mPjIFX66QtlP zpX*PdIl#9S90CtRj&?YnIe>NOiv)4VDfLIEi(o~Edn%mmEUU^r5fOWeI2*Y+rg&tF zAktmsTt{+1>;Ua#}D;*gue#+=Csy7<0fP2`Dvz9h^du@S;XD%1ABE zD_!nxDZ@fL7yz(%{G_IUTxD_Jj#n@^)k?+5397LhWy-0;oAH<7J?8pGNavqKuH>r% zUP6->8V^H|!*s5366vO0IVBo!dl%i%zEIT5{HtC2WRBMSrgL3onsxuI5O9nZD_n|) zXJ8>zIC@WDTHpwp=|&gE*-a!G8Sh~VhU`v;Gm`v0*3}MmEK!yW0F)(q^{U<=!(J6@ zTpn39I^#(H5lbLA^vl^q-cUt0X(iQtj-UGmKlXP)<5&1HDLG~R#?$#N6z@DTR0zTb zq$*-C3O4DxMV^3p(!m_uV36b8d`}FQe0**~y-o0@U9Z&M6Xe#080lq}ztIFvl9GIx z;@KQrC_`x!JKME?1f#zXo8;kEI-AA^0l2 z@*L9*lkbnj;Gz(%|GFIuU%9GkFGNW;Tp&KNK_0aT1#-ta9thj_m|F-_8ciOZi)s>M zIORhQ8lVAedTOU5{UaGq1q^+O5>Zc{Br2N@k{;xZm`$;d)nCYKCb8;RiH^LjbCiEX zP=z5XrCzB*+cm)M^0E-7A5L#$y4-eK%O~CIJbXcD^QPIMG1qGq1%?va7pIKq1BoG5`qCcfP^R&atCpV_Ckwfx+6A=dE-gBizA*D@#4CvtMF|2a80pk^_(W{P17GR(hBHM_kqXhnI3=PrkqpE9k|$TtnTxqzu;&4!!V0u z5wtBg0OmaAwD`TZ@*j`4Cn`d&?}z@8G4XW_jvdMul(#w^mRboFc!nE=wv3DYa0ncE zRx&msha&&jswR%LuY=_XxL-*a>jm&)pKFOhW>>ew@y!anqTGLd4|0R^Fp3sGic6uj zom#zgtKgy!IcO7Bw>cFZ>+Da9Jef6*tw zmZeC6yNrz1r7Nfv-i(_<4-m-NX=4Z<%5f1tSRp5`{PLcDOt5;BqF_jK8avUJWZe2X zD%yp9z?XNh5psY8Tr7cll5~H2ccpY;=;DZQZGQtduzp?tcRU3q?*E6UpyuslPQ<8a zVx#J255uTH#LV==N|3O2adrEFY+V1vP+((aX8WHq6fSkOUDqX+{FiHc_vPfVyByWa z%Tq3?ocF}*@pu!)5!1kA3*Q}%H`X@`jhYbA zYvT|)QDjs^)#h+)Mr6Px;nlIx-%rML#Nk!jk=|Emq!i&bp&h`R{m8{;Ag#brprIo~ z+kP}ticliJa2RNJOG+~;!Z_=H)rdjW|EeuXO3{I!m-Pg%Em5ln$1UZ6v?`bJ!K^)% zfo2(lQl+MrimbDe7N*yv9+ob+N!Q>ofKB(HDJ1``((BaZ)Q{5uGgggs(=X++o@|z7 z>rX`Ov<9tUii}+*6(szU7ac&Q&y6V+*^qur@^qihSukW{;7v$BgR<*-CuAFmA*QLL zYY2{6y$r#e9utQQg~1sWa>Lw>2LpbJ!i4-=#YqneniPCDA{Na6R5FYRmb`TVfD=g6 zRAf9wTBDZ(g%K~b5QY{8E>TPkzq4N_D+Le96vu<50>Jl?&SX%6R78oQ6M?{g?~?)# zMGPa4mI>mRu^=Vp5|(vS1yT_C@j|r~l37b5hM-BQq{~ask<%>j+Tl{BA;OtU9nKM{ zG$P6oSpzK{b)!!wX(}d$YJow6izm`-Q^ZHoO$u81Lm%|RFv<3S;=c$wT|?c#D-q^` zW)*e_{ZYJ^FsvI4!A_FeU35e5hl?w;D4da$!3r6b_<(2L4tXOn2^JblW9jo!8Gx4G z=XYm{X&C4eQ0SwBT%H|ZqNR$`GtElRi$KoN@KKb9YlOm?jfk*TA!KfmfVP=q!W|W( zv1gH-VZz+~lcnvr3EA_JN!M$rN>pTsMHvoT zuyP9qgB^3<2O-w3u-L@QYbRrkv z)HYZk@wt${OMbHDF7I^eSyWuXMDFqFjX=E7SSrMhj~OYKzUgPyj{v2^ zm{=egPrCT?9TE0!?0A8UDaq7ZJ{bNYb+T&N{W{X*<>Ci;{ncAH7mvB#p%{EY{)&~{ zqw~%f6#=hkB!9k_Aa%v+ikIrMmTQ-xHMu1U#C7+Ze6i!iNzZ@(-aUOp-bz|#Xb;H%%9f(iFqWl+6mwG1wioxu~&P}9I>}3 zq)DPr`Ue+xst@5dh}`J}p(-<25U(jH30Lr)gy6F2Ybem7AT}d}+T#~0A$M-2Nd3J- z=Wv?kq-$d8O;S(5or~4pdg|2Y_uP-P#|En|=;*cjed5D64@c6=8w-EEJ=}#LHqA{3 zLE~eEq}x`6Hq%?yD}WSrjA#-+cKnt95nTN?*37V=3qg(jBQlFcqxl+lneuz;G!$i^ zh~V8%!9PWs;9=$vFZ_?I0_!dbcXY?fXfWT_a2j$(Tf!q^4XI>u3<7L36(RLrbikG} zO}mg~RSH=thzA!2v@qQ>Um>bKw0bYkyfcm&yZB=}>(|Kgx9Bnu|2SecOk-;NcE zi7L`PQxw>zn3D6K$B1La61o9PpVkx3&O@;D$68T&g$wiLl$G!4SQkO7#e^zWsL@R& zbE&i{IPm?XQ`nJRAN7iAO`_(sTNaq@cgoXie8n}m`dwvX&AT>{Bzc4VNi50i2qSIg}ajsd^s@TgyaeNd2MX6`-L)ST0g+8gmZ%$dEHc3U0R3};+^axTBWk`_c+rt~Q9+jv{ z@2c@G-4Mr60RF<-2X4Q~bVFI`Lv)kF;4%Z$+c;AOua*)JOqd<=r%{d>KxMwA9{puTvSkagj9%?^J46&{q5!f``R5Zl_*!%$u&y91N0~pZjHSwboC4p0Ey4ZqrJ}DO%z+kJfNN>|NizeV26>A%a-V zTZYh5sJ9S_^zl+OVcJ0m1ZYbz6GR+ashlwqP|Tv{lucgP@pKj_{`nDm7zdzV<#h`3 z1bjRhDjIZpQE)lLL0~q@lo2EnDt2oS5>RXNr`$$T%OirED9`U+RAEn_S_6Q6S=zq3 zu?_U5s2dTm%76PNo=}=U*$H65Pa_Ot7DH${?V4@rb%_fhtT1|~X@H0@K&tw%Js^58 z+e6%2j7dz|Jx!Yp&mtAWKT$uBm4Bz%HJUmG`rI8I=(|l+Kg*i6hN1epjK{`1!2g*a zCCp46J*M8&cbT}@TiG`($osglcblm7lsntQmU%4zx^D$;IY?O_EWJ+H>V8Ys9K3>)SFX_GmPuTCr$jk}9ZY+4>17kd|# z{e)Xx(o+s3e}Zct&Kn0tz1tBD`#mfYaui*;e4e~Ha3&a5tz4M-aN{8M@4L%nF7{5J zYYTe(zFi;OKvmHx6;Bm$`0U+(WD1&j3;!X=H>+lQKRs>U7h`_=aCh=_Wp`!8{Sx%q z)Z4J@O^2b@FwWp;5^xIx;k!Rj$IML}9Jyn1kE(>wKZx>2usbz#M-KRREvavBt+qb377AWWzMaGX3%Rq2Q*c%dTg<7?)>_eSJH$U~!yMlq^Sv1okMoUu4qevkh>hs_tnR_~6bpRLG5({LZSw z^dD};A$5ibdaVlGrxbFBwu8b3F$V#n3b{W#8CanUH!qXkSp^h^K|JMIV_0hQA}8t)dAFMd=imYWL})8*dmS|r&AcgsK2nc3~sY!Clv3nfnK&w zQ8NFCI(<56wP2SWSThA3Y>_9BVOb3KZUukW^H|?=&9;#5Zy^dZO+ei+FLJn9*(%r_ z&@2buXOD`{XDlmN?z~+Viuy^0@kyqEdyK!mDsIH<*+UnwJ-P$6cLug7J@gvk#SpGi z8*#UOyLy0^1ZdqYQ-miHu(eo(#P(*bNINNt+4LmVfPD*LO}~SsG2N~&;Jp-~ZJ<=< zzGvo58xfI+jUE zcdwTb`dkV~1Vc^Z zeh-q3(e8bKIBWl$m5ZqE2dLk#xjvfiA(Y{7F1}$Nuv0=)(Lj^zuN{>rHLw$Sk^)?V z(g?Z3+x<_qQ4+-=LRy3QcVX>zn$|Sc(pw~T8Z>y~l8B>KetIu!vqK*F>1VZ4_2lEm z2)^w(S`h|Lxu-F%FCg_lT&A(COXh<4qd*8>e2-n#OVkB*s3Pt;gSyovPoG@ zud2o#)uP2{qDGU`NU%dAnA?@zVqQS+yVTKR$)~4AA8#?^!&=?r8{*}-!M6X_2LrgmECvyF&-V~0Js znF@zg?R#b8*%bZ^>T|g5sWjWFhoVo!f9bfgN`Cyfb!SJ^)cE*>(oxF&Ot&plPh~7n zsNS+EIMhyy<9vc>CL4|H8xS8P9PMT*W9p4vfzsJOfGhMADAlgOF~Ab!tkW^Z8DBH4uNI5x_W5n=N!3^Ok+Cp6tZ~i91fC95LV+aewWD{jU|kd z!D?8q2T8P-dRv$9ukou}rw$%Ga^bYo*yM88*caS1tKI=ubWV+g<%ts+wW|=pkf#v8 zyjQZ2E5a*w$g|0{r_k2#P8~%YBPx;Kbx=thv6#sKbC}y3yA@=PuQRTzmDe!zzgIRk z;H9kQzO=aOI2@?OI_i|YY6*yG`f>73)|(fltj@n^c;xVp4eWV&MKSoq@}>h+KHU@y z(#gwOTU8TIbtz2-InQFQeakxQvu(O}2Jh$k4+ggWh)`{-5Y=X^Nmo|m)9YrCb^Xgu zj4(yP$b3=XN|{Fy?7}4Ip%AaZ=gCXN`Inz*5xFqcF%{nEP3z8QA5bfDat#&()Q)5% zqA27C>qkt~9p5bxa*GdrgaQ3}F6+Zc+kM)tP`dr z33?&_udREm&@AfTew|=^v;}&qgKa+DV2gaAMPTtwkeIX3qUDexp2EMnLdpJ03pz?_ zkZ9hpR1JtRI;J}5n7Nsl z{-?1Ne=XS>GI6+#XX-N$E0+1}7F7{aVloXV;sJ222@vRDHn^yL)Wt=02H%Z#@7ji6 zg2)MOl07x057lXYt2sMs%yHqJz3l()c&=;R@SIcd z5T?HWDc;j-(YDS7eUuUJwenh_b>Fn{7kH@V5J^nf0s~4#+JJ3<2IMDiA@PY3pmx#D z570toz<{9xSdjIQt3UzZ09Qyvh3d43$Od+{b+jg&qFW$?>ScN1s@a{$5Nrdb&XAqp zDHtbvIV9lrAr%hr4vPHSAR}=?@E#6Wm=L4fkPsrNa4S`$lC{U*KPPVze6Z+VA>kw` zWk~zKq)Ng`5|a2I*+XDzNMyj2;KC>q8qS6I*IQXfREYFVk8@tB+^q%xwWHopAuzcT zPB`I01xgw(A*SHgpup?Yo1mRwVkjq12vB1%*~Lhs6MsocP(Tdvh|tXd5?Dh*2(eVA z{X#^Rf>)LmjIl(&RM-$llyWxG1~Z{G6hXCM39(mDhZ-1c+NwHU-(OYasy1j9BtB)kXaTem+&#TkPRnkEU;`E!Jk_pTqx1=CnVIJLXvP2HXIh1b1x#&fjx(EYgfMp46;V_+!Zg;M@JUD}3VpvEsKt z=DqjZ?(=kD;A-))^VeaW;K=76eu038__I|j5w`8)zZWPJ4*Tfau6lz0 zZ`aTzkVb>RyoroP>`%n!s(QbeCAtuW{B#MPTb8}1YW&#~%J0uAE>^7-|NQRX3zg~f zOwz%lS;Vb4f3QHaL5V(+FW7L6G6|7Jy2#sruHaHSmySLqmG#frB39T|xjNG;<8(Db zjSS_|yXrr(L$FhE9&bd9s?u(;W(tAmuike$_Y(0&Hq)PS%Tg;omN!6>1#!+I>8Ev( zaUvpP1UR8MX_H(~2qU7nQ3_9!olpondOrbbEm7Q3gF?U#$cPw)Jy9N-!OT#UrgJ-q zEKri9g83cx z);K5D*tI(TB_icucje65GQ9!Sr_tro`IZJ(G(y%!@!S`fx5LH@C)vj)PoK{?$1OQcY_*IQmg+MUCeH>ps2Q(!;#}bx^P&y zc<%FVso~e1Y-IOp>6xJXNV1Q4STtz!e6-y)@ajm7{G^nP!Iv-Cxj*wWpiUiz(+dr* zWObT^)0^yN$9fUJIoaeBK3@IzWXC?e^kZ(*{yRt3*69@L>}n2YD>rApkiJ@Ua)Ld} z8;J+p?x`Bky_vt-W7Gz_C%Ja@9j|A$wSnE}2cOXsIPZ+BEG_WwuXlR^$0tSZRgi59 zV_E2B^I6f-7yV?lMnYv?^MTtwXLCfQxZ!fjyv(ysQq`OS!8(4YnDZ^t^KKoqCWc&f740y$Rz#|GFlqslp*}Dat6g%`+%zxR27$;L2Cq z`+8-5hT?L_1>WPu(lA-_pail0_Fr#}!@AdA=^F1ecK@7b;*YuxN3IBSi9|D2pSxCi zhCco+G1WuR+j7^d==H0exT;t3%1iu_=9GWaT5{24X`nylxcstMlYD~J9BHvu&GK+v zS6I}KLS1ntUNMA1kRLHCq!N{gwp*~T5n|^&OTB_6iRT@-f3O(Np`Mf2x?3az-H;2_ z*uKV!?P=J%;c)gkb{Wn&)#!5I+k~%J{j8*rDm8CekIlIhXRjaATclB_LepeM578Xf zQAo|PHZhZ3G+7~ECgrVfJyVe~6jb)#U zKL?H6cVjM7Z^Lpx9`Ec}rXp?Ach?Y&xgl+$t#ZG(`#{c?q;RU>%d7Mr9pim$)H1Zo zTTM-^uD-Hge+a5^@E#i-Pds~a9vzr8ta3y0_B0^2q-+v3S|BX>A@lhlJ|~}r-H~_& z;Ea5Oo47h5AWUWBHng)rW+D{k{nB?cM2eg@q7zi9&*p|?wY2Qb%cjWncdfh5xwmBSK;N|6yf8s(qtgeT0^Fmr8t}aF|veZvBa{GAvJsgm6&JJ~TyHOgqPT}Ut z{eez~*)67y2G&UWIb#k$J25>d~>zu4H-BiLIzCYkXihV9r9A0vF2_$U-tY3BPdF?1$6W|m3;@EI3L%KA7>#{bP zvxKwZL;Gp_0Yd;-3`K>%agkk(S+8~1bQVH*LnaVu6c-agbG)(GN^bxY2r@Yg*21WU zEMRe7Ue>~spPn>k?TH|hu^#~aGc*yJ-%hoPtrVq*0Fh?;nFDMtxCGx9yJ$<$X~f7> zIN{C&I;N+}Qs^XH0Y}wB62C7VH#ii87yOE?6hX)KL*DsYuZ5}2y|iOC8FVM{3s}5O zye5*m9b)caP{-2pxY=b&28GVT)}U%Q1h}+*1xpDhHXb+akxT(%z(>FX0t_@E6c`Y+ zgoOlW6_0yBz;O--1!0!kt>Me7xN4KG$x4 zdzpjnonXel-Z}ew_~Y zeC_57u8fx{Dn{On+$T9}@f~bEsR(uwEGl_iKaHOU+EVZ(wsoue4GfpPM}7L31>&_| z-~P;8PwpTGy`H~bx^v)z@9aKIG1%+US+u>H?wV`=6Z%WzX>JBqo6&Gg?58~a`JbZq z>0#3){@Qa#<8Xgoi}kCQ*xD|1K%93VpUx{-F5}>qx4c87R!hXLEtWGp)IAB`)Leh3 zW!5^br@;BM_oGh{qpe;B`J3Ot2mxUCe75VKZvT%mA>E^Sc}7=X!(979Yhm>nxiMwV zrI;V3iFfV$=IS`nlqQ28vH^s(aWqPI>Q(O)dBQnyH^jv&aVs)8C?X`H|M%~6QkU)h z&Ry~!S?L;!VuCeGvj+M`wD5lE`o%^WH01YiHub zmewG8-@P2h5^HbI6{+bhu;r&VE8eF$(oX1Ay)%!c*!NFreElzZwJ*iW#LSot;nYd$Crd^QNWyW>UYAQD%f-K4Po`GomFXrAlIFer37c?_7 z!OEyKmp08{MH+rBtd^wUn8v zO8qkB0(DJxWP7=adi|-72-gR@<}t}{uGV5heYN&0hkVi03sM14m+i8FzwjB^)~_z7 z-8o$rt&4rH+@HQ+$i zS+or`NCNV@{q~k#KhJ#UIV??Y%BOha5v@xEX3hAgU6h9!;J%$+SdMRly=6A!&uq&) zVy(@_cJuhqt?L>&;`+Ee7Mlrz`An`MTMGWu@wV7^r!P|7*VD!?QXPd4;)UdhL2h^2 z1xNjAY&WkD&AO~n9j?!hN0r9(J_EMLKNqED@qGrYUm4{_Nh2m)A8wz2dQWDGY`G)* z$X_ox()0bzpz%70pY?HT{VB=spB{gaG#VX){ASmOic1b7A;*p;>KM7gnh)s$R@gi_>b6D?_kt zVh7fhPD-t~69en&fPTzE3rwx}kxskqzuF!9|50P%jjQ*)ZF{xv#P4y5-~UIQ_rJmz z{BLv~5BvX$U%>r;j9-wOyY-WtCn@*(jpoi-w{PYyU&5%N&jb<_tR#%&R6&dV`TJs^ zcbBq0nH3QD8k?w{m`J!slp0c7C8bEUWo6Oqf+QXPW8`-Rw(f$g!ry%ZyMy?#7?*+G zz2WS>-lO6BQD?=-&Gao<;AZ*(1@4vX9)7Agj0+sLXj7qTopC?Z5_pb$zZgD;wrIBD;W_m(S>+YzM-jd>99OfWJb~^u^(Sl%P zKCH9|*g##Ns{c5u=yRy@nX^DDc2rldok28y39QE@P$WCjQ?*j z9m#=R2GlJs6d~P#D{DzD;9e$)cawc_&BI0pD%zM)jn22Uc$!lu^YYXY(mN-7j-BVR z#UymUEK2oGZUuIAzm;-W#mV8bMKh|$$Bdii)jbUPY#gBVu+0&M--bfo!Gra1vLG+` zv(%V<>ua-!Q7#~4HPpofXx$#4gY-oh>c;TXp&Y{sq> z1Rk&;0y&5I^2MJZ8H8 zyol-!cwK!7=v|<{%Ktdc-+nM>dDJ!Bt7r09Oz&7t?|n4?`HJSXx|*HZ=7*Zo)Q4BdS^XJ1zp4+T?fqy<5ipeMdO#K1A34c8A_;roY{+m1UFk#$9Cx z9gPUNSQYe2jPFRCUgBa?wfjh)))IM~R@_cs+&o!CbU_Vv6xTYGP54#U3bZ-TrFQ=) z>Pr9ih=+v#v$Hc3>1x}xUQ-f4CYhaGWp+&w)zP^{(6P1IzP0Vr_22nTmp9Cq$)Huo zz~||K?4PyVdPsWy-~*3DForDc1kZ0!f!BN2nEr=-t6Xb7$li5hbkP1iL0di*K9F0! zy9f9~-O%ltzo(%EdO!g_T0UVLzPo?$bGo6MG*jfE8GC}(d|-Sa*Id7dzq+AYG)v;1 z^nIk!H%GR1FyAbYE}n)H17M;kUc$ySCMbL+17l*^@A36 zEZNf2?zWjf^Ll(iOgsSZm@`#8$`rFkOGDcvu-WBU^Pf{tBcoCYrB`xMh!d*z|K%6X86_ zU~c2zjSSYiQqNHn zAw9UG!|bW_?jvbY7Mr+7|IWMeqU!^(%m3r>xQ>|U<8mb6&1&xuJBX;LFIbN7LIChM_Z+FUo}p?TMH=P%Y+chKejLfpIM zy7Q}%?RXjgo#~;i?tU_0?pISC#uH#UH@ZzTXWQK;3VOrYC+bJ%+sf^YhsS$=Uz_1x z+ShD=9!7IAcp4anQ*m$adH6){Vg8G4a+zgut)+ z`SgR_gM?T{WzO&9>V{?;^{x5_L~#>H=q`+M`AhZ#p%>@%r3bhrl#5c(KTefxkL_H{ zajlI)_1#PndcXt(TQYJpgbUeNh zvra|A5sw*qb<#PlKapKXv6?1sLL5xE$fw8RZda}>aK%Sj|00|3vTc7(4d%o6G%klV zJEpIOM+YM4mx%6Q{ErszD_?;dme40$g4JfV?WTDvLP2Yc});^g5LN9YBY zV0sh8)k~J4tRK9(`}uPxs^r7WGHcpyHE&lZvuhfZTC7T!6LP;*xXrK(Yv^dPA&zhV z+EcpLA{CIexAA(6*Ma9gE;~gdll@$8J11_#66waXR>?e=ZWTXU zVzH1`Hd6?r{$#d3%ki%jkfjb4NHGq7SiwWLC#*HF86NCwp*BxyJjk}K)s&=$7{h%Z?$)^cjskn-|3OmRLmhxj{3KH zoZ(97p%5#qEiy-HcHxTlgYyRpeYadhfim;Z2D)_==Sso5=N2-j+6V)jbI&R(XOb~@ zQ4@$GrKT}RKc$`kV9c#e?n!3?NSS^_$upmQa{!eCwKH1bS$mPz7F65&d6{l_w8|vt z!EjGOJaVup?a}FX@N~{_#*oC@b+*rHta+W76(Yn9-EgH_p2qd=S=Y@~U!n~{tVjs? zZt5X2B$aD&C)edCV1;a7ag#h^*5F0GXs6Cc$&DSmfV?p}dKr>oVr)Bz2Ad3tw-hvD zW}iFNFnRyJ|EOvmgVvf^j41!tByT|HGLUbo@LTl_gYLYh!p?on3PxMy^P` zx{8@Sa5F*E6?;W0%m3K89QN%!tzYUPou}AsR`Jf|V9;!AbLT$#nd>*_+FAjDRT^wC z>^7zZ2bS7bm$J{fwq=j^y-GJ8elPDuUrF8pD7m)7gP+8Ft26 z=1f4d={HL}q^6t32L0CJ>j^0QOB{7F-=c1K7ye<9I;!I9#rGC&1tzPx#e&+oB=BP3O+dfcwMtHx{2J&Vo=*=FSI`z$jwSe~*@*Jxgh-bG+%)zX~o6+xe$phgMpz4dK zfg>qnyKWJ?x)spjoJj0uI(KL1{6}E(0%`7%2;j@D0?({06HHhxI-252J`>|AzOqPP zkGPvxwd6s@-13fsGU-RtN2Dqi3ndIzf~F3~qm$VQzeE9@)z}$d@`9|d#kw?gTJn8gJdIdn z_-p;5bmF>go{e1mm=gbG??&9duO%`ySyr{gVK5U%OfaifND7f=5qsc!{84~pSNqj| zF=f+^)u1J7myon19#fX$v*#E6KS|p^(WS2aci-LC@DH-K`h+y)%#y} z6Z%ZAfZVWCAc4YuV-%qnzLokMMfnH%_PTIm(4|ie@L#u(_pA$?w^v5#R!|He&4`cI zn32r5aZ-hA=>TbylcT=OscJj5S@Tzb5%Rqd-tY1oW#u6AqO63n5Rq~h14np8SL2AF zF8|EG7?VdnmKBLw`GQoMo?Suj0nV=wc&FtOl@WA>Zpx7*A28d5j_S$I>EN14^GwNt z@=8EqOM_p7u}~b_Cy2|%l8w7=F|_eJZb@TPtDPor69g8iqd~HhlhcPPDpn}1C_*K@ z55&l7UaOxnT92Q<247Z-ZBc^j{j7#I%2y@eIl90v9V5A>(eF6NQ*JLfFb{f&0&>Ss zmrr~0@}CLi2HN6f|2bw)wwhfiFw;n(yhE=&{NUX4sQVNo7eNv}!a;vv3h=hZQYSk{$QY@B7uh0gdjt22-co zYC3ZrNM-N?2~>E;L>PAYt;6k$m0VYrt+6c+VGG^Hrh!`q4jQC{en&Iz{&FKAn#^<-1^_BofjZ0*e_wn^jV_Cr)v$?i46cZGPN4jc7lR|F+JX23WOq1+r|Xs3G~@oIfSYFKowdWdZq z+4=y&QofP8l%q{ne6^&INxJ@1bdXaE0#XTzMqk}YllT1>YJK|FJkbC)MaCPiNZd0TD)mm(i3!QI-Yfb_@6y<@LPgh2UMFgC%u(AW z5;HG056zI$-bqCKP)m09Y|oI;Hjx=1b8ZEAFHNRC-|7Zain{XD!AzLC~Td*#yJvA5^^TU5-``mlj6?3O)spLHZ)Y@A`} zv~@`G2t!Tiji(k)r52yptLfj*i;{08zhm>d|5;wb^`4)WSvAS@1of;+FmWC_nTJUN zW@wHegyRUK7sqlv{rK8nI>d&K)MP%Yja~1T3N-;LZD$EpvBf_$<5Nwgi<8E43YM!G ze87MqBl29(gjnJ?(3*R}7trecUrgl^nN%KH^@e#yQi@qvyK0~Kbo_4dZ>4HTjh-(c zXCbZdny4^Gl5)vJXKhga{1sD%k6n>xjV-lQNmvk*QDLj|Lv#~X_~*c-b*L8pUuZU9 zy$P-y0rJfiVI2MFSb>iMVhaj2NfSAIrA);k3V!HvHxhZiYhrO8#kEvEj#r~gW~H1O z$geccq4hgE@0^i;WNI#vdU`ZCh9AyuzD^c8Ti93;oA4H4M)KMjtk{yBlms$GO{eSS zJWIg75a`A52)YFJc_XQM3xfdYCk zjRBne3jZa!;vwov^3G~ybt}OZl@;BEiBL$bs~5hF#{R_R)JVW0Op@J`_p&YyuMLZa z_2GFVA5{5CDn9OwB^a36X|ymR6T)N52#7wNg5!^s7eS1vr(#01C|9#w2n%UmeVQ1r zqJe}H8*C8;tz8DAqa2K0w&x9iItVj5nh)^IGnwJNahdo zAkx-bUP3?xL$KUtWOhU@IZdWGMpFbIqFylM7>yJTMaygqrlQM#STbF}!>@9570+`& z!KH=EW!O3|aXAXDNk&xmsF`a4Aww6ORTi~v?F2L4>>{KpNnnhWa&eOdR3OMnh~BChvwesBL7`zILDUZ^UsK8?OLDi8wt89u?0+X3*(mNjnatTPYv{gKJ$E_^5tl;^~7L z_HZrLxzH9~wrC{h)}M1g?krJ-|DWL#GctP_=fL0eLSg;NEFa+5!BEOcBvgU4qfcS?7jf5)h@m;&Ot zqzCQgO?c!1ID2N_S0b!Sy+^L9rtrgfc94nj#WB}D;t=f^Sdkhd!S zx*OfhM|j-w-?IG_h~qxT&JnZ$3IFS5%(7;7_?bV?R|GC7h&MtP9BPQFa=BB_P1W$5 z`b*=D_rkCDaIU%Cpbr)u|kku#p z3ggjD@E62h1DyKRJQBC1e(t!4%kL$R27Ww5Qb8nAh0eljUm$IMUq~cwmlw7=x(3;n z9iv`$0`?I7OoLJuiZA@ zjjk#>6m@2xHw&FTu)id~)znIbaQE07`{)f$1cskhht0(AW-n9{4D^wX6|pnMoXu+d z_o&BEgFfq9UZR9C@Tu(@ap$*g$6kJKkgY0okIR#jp7im)#ZkUA`7?05V8F<|e)5Zw zRZ~VXSDKRpJLjQvFA%^MJ=?%2L89bp%gQ(}Dy`6~cs~y0j{C>3;pES- zAoSl%BH~=+0vT}nCYQOZ!Sq)D(xypH>;_8W!4@K`uGkY-^26O9b)RI#p8q8N6dqli zv|l{O7;%%ABR*-W679_fBw$JQ(+NK z;cHi0;TIu4E|~Xa^Ao6b12|q6X~~fdvL2cAzw6)s%hMufKDerKt1|An47HAu***5~#fC zl@;$;U7m`DVUa@;v*ijW<=nSMu55X?z7Q)PgX*65}Q zX`L}H+I~E+a#i!ECXn9lb&Rwz;CNtW>P`00N92PgwQ}QV@-vhNuI>`ZNmBOH6B`gO zL)fgkiOUOfqJ!Q9ApFp0b=HKwK6R`|maG4^oE75BEPt%zD8qlxb3?tz7g7sC%laDm zD#^Oo;PLpJI9eA#-l};Z|1zH({@d>eo{@5iLo!LqfXt1DDXn^aDw#$DiucHSpr(BtOaEFs|zQKFJU#Con|my0G;<$ON% zm@QDYI=g{A{5g83Dk4D~Pu*LzmJJkQs`@+DoSXGugQe+_PFs^`}sJ{tN{kHMA#kp zCQXV=g?&rs{46=pXKR0`I`tq6w1;DE;AWxh@+;WIN?O}RLNXg@ck~>qtX|LrskUN7 zXO7GY_KHVdd9r=>dw9UYs*7B`KP5kfwkjB@=#q;kAUc^5CIo-ooIkb7P>7AHlAnNQL2a2Ieo+ET%ahEFtUPGQ~mH#S2*&8&N8_a+iftJNn84d;w3Gv&Bd zu#MYlxXYLbA6LA9C1)o@*06q<2?{$QR_eWgNSIs%v*|oD6(NS4Iqu=kO2ZA-0`m{& zj5&UvmH)Dy*MT_O1LW|H4Xleor}OA)67hd1{lrbm-&pDh45#-JjEK+&u zl;oWsF_MXsh`7{a&%IUC1S@0^2EuGAEbO1L0MFZ@RMA_nx|y|2%7Zbqlme9v+`lU% zxxVnK5MWVjkCB8bol=~^;)zenCv5$|R`o(pTByW>#O;b&>BF^P!6`T;j^o@RHQ~E33}b!9 z1=M0&B1(^CA%AC1dGq2~@SLK1=%y*5->?jpY4wT;bT-C)uaz!8Cz=T}brPP&>+^4I zh@UyR%MhJBP*~tLTh4o>Iwj5IiN?_7a^TB!20t%cr( zdcvvDkNQ$pw5B}n@i)JA-I8OA3*;zAF&z;dqL})9bxXz0cnj{9G-ww38Kg@|>{;P^ z8n7fHpK~U(A~EK-KrPW2Wo= zry1!o|G9U6ii-n^33FhoqrN>Pip9#cXJ{Tk>|MHB&z(D8fWiIWl7l|p9YR^Ynl4$> zfQ!J4MZb^7W4(%-2dVkb7>(p2TI`r&YO)#&zq(!Wz5BIF-o+ZDA9y3~NM2DiWTj(Yjc0s87` zsZFi#k8jdMsHeL~sLL+W_ZTE4$fOX#F!P}?9idjwXnf<6odASAuiB} z&AH%3?qNJx1U(-n{YDXB3`1?WH^71e3<6WwV7d)+QDHny`ZXcFsQ+`%Z3}@Bl26zQtd}$Y*S&DOfTy&)TAmr7oz2<^ z?DX3Q%cGe`nVNt4&DK2F(HUOgO6*UXGO&mwxS#|XGSf+8&nKF7@a|+}aq3Jc8fHy6 z1sFJ$agw$F@F5sA%-lDFC?ok|?z1Rrm6+p|nKQc>cs7Lm$fMf#BGCBeuE`?qKLD0D z{Oi7b$Xsfi(IR8287GUyXq}=zSUs`#^Dh1K`R*DY@M9qfPC5P)+L-4Y#6Jr{1 zVR<%yS5_l#TxRgf!kv=kEZYw;+-BS_#sOY;J8W3Z=2}+t>#SU~$8F=YiNh zm`||ffxAyv*##Byr27bitfZn+k`iCMHV3yxE?x;Y1!BiwVuQ9;pOjFp_MTM?Qn6g zc)T^CL%bWoaN^ItIoT6u0arm-r~Wn$D-{?AcH?ElrVzns^c)J$aA|hQC9!i7 z%1p%}bsi-z&L7N_cUIwESxvh2SVGIN+bX)@O=&E#oQ$^NZZ$AG%mZYz8L)h0Q%>hq z4DZ^qMClh+NfcHS=;0RT23YLzO@sqx&E|ZznMUI@k{JowRD#gwg_Z3HijSGl$hoMd71v_24zZh))Sq_cis5eBq6LjT#0TiU=*{5 z9>bb}xjN(Wd;VekY<>W74^l5;DKvJ$h7@H-kn#HrdDDPC zZSr#{tSSr{1$Pb$S#yr$5SCW)`&oooh$qMKTVwDzh!rLMw_>))VF~O-8McW2P|&6U z9`iqW%%D1QFf-%yIGN1cAgy?LY34GMybfmvA4-CfABHEr9A}ambbs7pA~{F`8=4gT z@!nBLK#ZdXX2fo(w{D&eFGtgfuO~HsI5TSR&@P+1x55wLnx_32NgL?LL~PWGZAxwt z#o<0<4n$zb`EE?vH-oCnAW&O9h=8k6??x+p#wHZuAh7zOH-aW4WP5Z#V=jkY8i^u4xqcc?MYhyOl$bKw?KLi>9YA^zAfWRuD zZjTU|yZ)L^C{H_|<;YjOY0(*DA`5$4Jo|Oi#S00fa4Z~}kNj!YI8e}`1J{l^4|Zbv zQI=WwBZgZOl!h5u5u-R^NIYXV;ZZvFjhVGOx%*hBEc#IjW0vgPOf)QZh;&*Po0FIu z5KzCq4Z^$NVf=0ujh9`-LBMu>V@-oU;cfo)^C>g(eRPf3#LYzzRt$)d7)g|owKhxt zf<>8c?IVO^(iX4jeY6{bfQo<_7h7EdpuW|E*eZ&wrhmg&rrF6g=J6cg-YZO)#Aw8@mCnbJDt?-cuPZEKYJ)Sk zEp_~OGf)YC7sZ0qy(1EN+*p<;W4?0gbe&mH^6&9?f8MDZ^yXh|U|k1;kzSdF%-_C6 zOdI@0RzD@#39q~7@>JlSaZ(|XwHqNZ(r&&H-DhXGk${q=Xx$*nwv4Ko>H`m0cjQZKSqWRU z&W%VECh}mbl0R3hp(TfjQ?FAN{$NS_!zx5KlmcGYS4)ChnI?mG0F#Dqw1GS*HXNSP zXb;1PDS8E>m!NvdFCTc{dSMWFuO~-C)h9f|A9sK<&yJu9;kjfBbDAnlYKo$=?zW^l zFhCEyV8Ltwk}zX&(g*<7JQ?$Q{nfr>D?(N009Z98$%U5; zPL}s^lXhx^1S97Lo#B^ua&~YmB_hjd!f2z8i%C4(Hw zP&DTCU*Si?rZ0}h+?m~VxFSoQ==#sWs~kitK+w>pK`MG9HA+tSP+ZCnz^f$XZYGL( z{kboEK!!fi{g{PUNqH(R<3Ti}M>R;e8*Wa>yo@PC3|6B)3P3p&bvj<)Cor^n>HgXS zsRpEz8V2Lzf%j;@*&vbnv9}XUGTclIBkj$NbUZ2PIi;g!8%gy=|1$BmUWtBJNL{|g z;XPv5Dm3H4UNR^mDe0Hp7pB${FVB?51g9L(d(a1Aq}o~`h|m&9#fs3{eFLLubU^+g zClY;3r1&vV1r5-O< zi7$&7z0`{y@S9Ya(%3ht;Qgy_OK*%V6`BD5P*mi-kI%E@9T1SVLOi>KmT2pYy5 z8MKlN_#~1C?r#98BHusv)^E(emvp9*K-4838n+51lU&GPm3Xk;W%|5z|6G$tY09Ir z$n;<|%yl@$5C00&OB-9k$|Kd4PrnSC%*v(7aa;*SzGj(4+W~xYokrUROiLjx9FCf# z>BeaP%vuHLs-?~4MUPQXQD72UZiR0lJdUzT`(N(3-5;3nCe$R&mPd>!sqsg?Dz_8H zhiCEA@T{2CnbnSG-M3$p2#zVE z)V%sYN3%^{Xf;hhfAY-!lmektlKNeEW!*<`^O?l4sZm0EK#m8ycKp`?cyh_XCWfII zZI#E+tj$@=GhTI>j$9Ntzj9pTP$9|c!eXni2gmw3(N}sR8u6LA9e>Epz6imah zK!SGLR?DSTd!{YKZ-*Xa8EJM)c}Z{7%8KnYgW@*57<9Kbjrfi!u6-NQHj;)F)!Ahg z?Wg2aQ9_64?qr?n){>6{pi{-g9lGBFNEf*`X%asQsNLnS(AbH1vP42$i4-)BgY6QU zYA%YWGt~PivHGt^7iKJmwNb1rKh@0#uaRiS(*&DIdZSd;t|O7EBhAi;j4%`Z9y0Wr(z^CS{70wI2fDd&P{4^Z!9&qT+?^+_Z>i%LQ|{BuDg+cZ*t>Caw^@V2%13z4tp6h^enBocgdEfchRTu8B8L~Ssfbtg4LCdsF`&F++SL;*Eq18d*EBJB)GT#i9H2vvplAdO zFiGOc$BLrjjxs@NBmz8O#I`BiH!OO>FU3lin|IO!a*3ADo}^7*B^uTzlJ_kjAHGL< zH{DVCRXH94N)l zm_ad(8adpf`he@Y$Gf*nC_{-FIG9)l`VmSJdZ`p#antunfvth1$k^rDKiT zs2GC-ge>zs9tjW$oBfHy@oh25o-LZp1-3E$vM6RhJNJN0?$JHCDRm%AEn>l!#!jK4q zQ5b$cV3L)hVK>_Pq9)U#TdZ20MZFIsisV|^Y_c?^jp1<7LYmt;^0ppN_6a0Qn+W}UZ3D1IV-#9zO52kHBhisEa zWj)6p$Q^kVm+A2M z{T>D+Bn`VU0d%W?GeSPCy4v1wXv1tigMko^{q25HMl*gQ#XOC<$vb{O^S`EwJC_E& z<-rC?0prEabY{ocqVC&_J079`y2IX(oyE1A&v%uY!XtuiHwgfvwrVWJTdS~()8PdE zQ;yHC8+AH$Ohg0#4^)8kL!4XGyngkFRSSsTFNICkL4A|G#j%%eFKhJ1!Pn`z${Vuf ziT9zM_1KX09*=PE=ppm$XFUOu*zMn7!1O}$6dqy?$j@g04vVNgHe!luw6PqbTPc;> z$J6t&hUAl>BFcqA?K_YwD^Dy~Iw~WHK*Z4jht6r1@?CmAcYisi%X&`>Y;EtbTRVAz z!gP0`<=Vo3ds5aDo!7mh@m^)bCh;xrwh)!C)`J%DmpG$A`B?h)#}>ED6MudU!xdlI z0cL`WM8z)EG1_d0cJ<@1EhXzPsft~(&6Z0Zk01}MKij&I!(JHZ*+M1sC&#x|xEO(xT*tj5r35=DPt)}&W zd|pUjOBUu$ZhFWQoB5rfA%mT|fC)s_&B8wSiRGi0ggn0j%tqs^|1lXDdQ?-+_uO9L zs8Y!9>t@3|S^xu!kG60vLADm0OJnD6$4W7^iUp?nnufwI{8Fzd zSpakmL$qs~Hptbd#f|}4)rB5b(CMrVJ>!Z>6-(MKC&1f@jNP;u?;@6upt3%+!?b7T zhOkxEVuud)wEb$W0eV)gyHwV&>jT7sZ}Gi+!1Gab2(A zoGVpxega|P18G+s!cyN(U!!p%{oO~0O@ndSX%K4y2t$u@m<+0LwT#wbUl6Jj- z%`x7}rM^$i(_?dYw?Q=f+k}0?gRpNm{TbVnTAd3(_DKoXcFAz0!gYPSYt`ZI@nDOq z^vG7ZgXZB;sRv1%d{1mdLuJRHZ&l^oK9E-gu-(5}m?01*=oQ|UZeiHL;I1Ok5~xkQ zqp9W>q6uCRzb}8u2=x11qu(Qt*t>hzkM&CQemOu znd7XYV(B*1S!Gkjx#(ZX6`=5ze`LXxnj`&z4Gb{Vk2|u)10Bf(USggjeYDwdY0+N! zGr*GHZT^3F{LS@$3rsBR=4$2WOijb2X6iU%v{fcMo`c)=ptY)r7 z;$iJ-MPl^@5A5u0Zb9N?Y-($4X->nW#}ng;H_TC#R@5c>*YOhPTj%gW5c&BDUU$->3L#mu4eRYTs9Ehp*Vk)M{4NE+k*y|Kfq3M8n+KX`IEF3(n zoE!|SjGX`B?W_J*f8?y)%}Kr(;bIaqH?cN$pdqn!GIq6cF*hc0|M%&fjI4}oH2*|f z{!dV6E@rO(&8q{puVBvqg_X?4$@0WW5BgHfl)ya)u zw0=3RUqE$@TN}e%IH+J5X$M>QI`s$)r{%F{T{VP}^t9_;9r-+HnRVw?C_r(Exmn+g zKan8Qn+3J8+amuZsTAC|mfFm}z2beP5_`fJ-^Yn8lyzSz4$|X%t*RzcN3~g>)e_zu5a0OTIo$_`vu_$x!{fP~d zuJm_615zIN@n5KAWjP7V*Bj4%t|H2|IzC+!f1TFR(Y;Qb$m9FCzkYbgdD{M~Sh9LD zNnTR>a@}c)iDBK;zr*rDU1O%^B0*I^nz!e>?<0gYPkB$Q+fa3jeA&sbTmuSG#aA+{ z2CDU51sTP&`SVWlLC&49(f;CD*H3>ofa?4Qef9cIun;Oa#0w3IN9^66!z+OJ?XI3H z<#Z45{&96?<8hzg*(H--8*N)NUF?>YP{Jz{`6CN09b+(MVrj*72s|2vIXDm`#e7-Y z7A}u_gQ7o$J@Q^4Vt!T{?pV#wYTDCKaMQ25x0ANZv8~PR(}~S~E|?Nb9wMtk6yz)( z-&M*s%*jpvcXqJK-kP4%e7aX!;wC$4=?dkwVWd3QQ~p^eeYuGpQF<+eJu0=nx7h+=X0d6S8|4518?svtG35!&1`# ze@=yEb3?TCnlwdCk`>;w?6{OOuf~O#I=e;c6=u$^f>lg%saz7b;3Zi56eV+a$6tL4 zswE8%)5O^+tjk*OTB`R!m$6gjbYtv*ZVShakJS0c+VztR+idj?DZp9?!Y~`gtP)>w zA#2st-3VM`xN?X5B8Kc^5cPyz?(hsuYuTkMB)WXUMGk12oR0&j3)_Wi=9`v-|9$VQc-Ei)Fjpzzz`SYVZeko zPr$%T!Azk{!+#^7O=W}J;*y4OfQ2ys^AY8Of}hETsq`t<&wb?bF#PcDS;heU1+E2M zkCea|D6PdYJh|}#dD?>PBLVgX@(6kX&K_%o{tjD01>W+;`wbOqv^6+}nye@`lGUgI z0!#K!6}SPY)l-4&8T0ud4{jz0>qM|Ty0EsBDi{~VfbLiXb9e*n?0W#`uJI&9s~m*+ z00*pIveXCaU$8-{8&kdg!2sC5>D19-Z>a6W^Uqj+si|(b6a?&2`Xr)?w77ACLJ|)G z5N5N_%76AsM4+Q_lS)%#UWx7ske|lSeTO6VP4Q~`5xS=ju`SMe7Gj9<3_0$5_I;vj za8?j-hlxTT-e)2uLGuN@+rap80F568P5{_2B?v=R!U6Sr6=@1Yg@CxlP*?)bN#SyW zu>G34qxmDchW63xRT(w^NzT{3pO+s$S!1GEs&ShBlbo}>^=1#NimI}tVybHYJ9!vV z`w4vPQer8^RMq)+lKL|3vG>%8?V|g_klV2?j{}SruEPONP?P&UEe4q0BD-0}GxRF0 z$BcbUwz{=HcU(*!cbzxI1Y`|$eZUVkzOD~D8b0Ma_VASv?fAUvo4@$kzIX&25_`CG zKR?y}xutlK#XUdXdV9j|_3z$#Kc#=(FVZtuK;zRhcpW_%JUo;nbGZfhz27Ys0e83d zOU}qY;aggHEdNK<&+-3IUs@{W7H~|`4rb<_B)ZHb99-<2`fyCD*52m-%EK{flIXIK zu#vEQQB@orUH_r}1B0XT&q)@J{~Z2<5b)2T7>O>Q1PhCZxVSivD65E=m?#^kh?uaL zh_EmZD~l+%I43iU0LlM%m9HzwnLAj1*&8fuT>nPT`A4(bxqc~oCJDPQD?-fN)X~iR zAJy#Q`emlr!+CB{Y*`zbIcn^9=wFtqFq~;T^mu4q`&2*q?L7I_7{q3R+#(=?Q(F8Q zD##2%k&^+BCCzAH$zW}e+=7D%4#(viK^TJ_L}SKSlgfZY?XMaD0U!+`02>G`0S*~q{;lwK00fr=%dVl;<$4hDRysRf1ZX2rfO_k6 zIJ|MfB`<(-5RG2Oo^5iC6OS>R!p?SWB3#xO7ogLM7(QtX3HZN?`|hwPmZo1N=Oj62 zl$>)$2}%%DK*=ByT#|sGge5LXzyktGPDauKx*%!ENKS%_#04bhu!M!(JK#Cr@r3u@ z@4NSp`#km3_WX9Hr+TWZrn{%0yA$$7|#k5VN!#5FQXdOrxd1^O;+S$b>hm zA+*Ha!q%V0usl+&`O{k@nZ;p&vp;m2?7i?YnjbqR zFKhmUf@QCWz@E?fRyRG)DCytgpRlj(rZ;II_d{e?>@!bA27tUU++-Uq;V9Ttldwe< zQp>-Ueo;(wNkZ8!ZugtZA#HYf+fm$B0EHNWzTy*$=?vfaBN)-7*;cwppLYf_gZ7pS z)GrbCg!_*9vK6Av;X{@i%lJdB9NCdh+13XEw@^MGGS)fAZ)oW#jC4Pa=xxwf(7F`_ zN*l9gRII&q3i^g%?V#<~|1q{vt|B!*@}7HKOLoyVmirAolzOXH0P|*eBJbe*|RfhoE%TM2!LcO|_f-`8I+$uuEf)2>8t$$^f z6+pA)7!jl1`+^KnwMvk%AXnTByyFDxH+bl;+OQH(6&XJI>jPLl=%Xwj;w`K~k9O0Y zkp%UA9TbIF^0^K*TEDN<`?&WePCe7L{0fcpVmJ|TFKo1NLDq@zeG^zSR zL{7Zg#k1u*M*Hc-V&biBFSTwOGPP4!*^_d#EzH@LLPczq>=*@Rna4?Bh)?n{a)@S+ z4ziYuRS4b!KQD7+of2pjk-!L<+bq{p-kg0A;f#m=2&UMiV1mrxp?wbJ44tCyK#e#Y zm24R`8PU8#jo; zmhO&BwM?w2#%Uj70p;(oOsu!^Rc(*lSA0(NI_(Fq&$ln}PF=rxtKBD3c-OZVweAzcL&Rg*J59BSN%=9QF>YuY6QtmAwULpWJyNJ^p>EdL+uy(M|Bi(2yS8&(^P~7h}xFx z$GB&d2#rG-(yF?H9vgCIc(^d#ut^9dlG=i|i72mQE5ZPOzjS!(in2o-*qS=HpDV~> z+Ml=TaSKV^{kVDhJT!@Q<+Yy6(`qT&&gflf1jB^$ZbTy!sRhnDC{q&k{md;!gV$2* z7`0So(}!wfMet-Eq8+8U#?JyaWEnWJYz<( zJgU``i|hVih{vncTyAL1Er&Z;Q+u^5;ValJeNsx6+JKVbRtnCW%pt3DcV3Q^hk!9ss57rcN=fb`9<)S?e@V3)zi%FP4b;_C9uJALBhGl_Sq!SCO)VF(AGfV$ zHHBWIDm&L5x9%uYDFk?fi9=$E3|X;5oOeyTxa@QH&*I}P^d51P(_iRkZ5$bu8eWOO z7&w>+>r+G`8h%>X>r?YJ_sq2{P=jf_h!mO5`U6s~pLe$-cQsh6CkI*i6_$=!>2*MP zn4pnQenpk+{d`=Cu4Fhw2gzu`>QTKYpJ_{)BPM>Py1;rS(r?)iDG=98KJu=7 z2R$+0eJ^%VXqIg^i*>{e&~GzZCTU0#3p_nI@($1oQ5Zty} zT~$a5i#6}xt!)0>%4BV#I%>!{nt5dDy38X69Q>Q<6_=y~N%|4o@3jwAq8LEi{m@A$ z&T^h8Yb@ilfgt>{F>bFaCKA+VX+)J3U}Lt-#2J1)pDH_-c*@9wzFP`pU|V@$a!y8z zHDfPOJYwW*KP;afl1629W;)iRQTTD^LtHR5I=+F2dL*QW;E!T9G``%5itw$LJt)H)f4Ew(DXbEOpG`|sK^x9aw+BhKz zlTRRoJ+#X1WXr4`Q3^zh*z23**X-BTw0+jRiZ8ym15a+!`_m; znY!7@84InOnIKsK*Ts3bLb;-VLto5*g2H1%%f5B|L3uemd(Vvv(RH5>b+={x@C-w! z(v|RWoHoda(ms20>Mn?e47{wx>#)_T>CZ_BN_EpI{Oz|xU8JNRK3?a93>CAtoVt3? zB#xc9A7M0jgT3{AoHw(8QXSO>F+5UBi<&EC;AXVY?X<4)U5-y0IO_u!vj*@dsXma_ zvl@LL#e(Vz7$gS>?=D5L&gWgY#u$PRr6S0~i?fvw4*vngF>Mw!Cx2)wQXIYyz1Rh% zmJRJuJWzHS-xF||&pLjzw)_BrV`0YvieiIadfeoWzzwkDAZrSizd(p2Vg(igvl=$) z$>Rf_AT!e2lU=m&nmpc(WY{T3Vpbg<(2Fc1A9}L6HyTvq13hLUGQg9Ay-~{_#|X)! z9K~=mG;NE-TI)l2srxX|B=Jk-B?>m>uok`XyndY;g*9RTw6fjFttHfF@^Nass^Lek zPwBJRSg7uIQ6JxjGK4r}BXWiYd|>Zs2M@SXojG04YT3GJO)NU;S4P0FR{Jfidv9`; zi+5k%MF~atevTthlA;|Sy&+kxKV463nYlTIBiiZbfy*#k>lf0!Ia%9y?O;P?#w6fC z)l;G#&B+=j&!RJPnKgXQ6UVUmiafc~j4*Jh)%EYCmN8k%gut-SGUA3OQ)wgcLfvmj zf{6$VPnL~Ft7^gn;JYVh%gX%dPh!IW&SXB`Yq9e$)C z<991#Z-1^Xh-bp}oFw!%QK2R$9nO0y-N;`dvJV-hUHLu*$>qk^28k$5mvSrkT+l3P zj79_6k=%l`#$2IYsKWIkRgV4*6ROrXsFns`3$B4xly3hD@!ouL5ih@V^~0IyFMO<|P>vAp2bb;t2Mky$H_)W7 zkDJu^j5C{hI3+`GJSxgw&R+AmFi;Wy!fBurGj*qw#19>MDT()0O>0B0=7ifW36I(} z`sKS`y|la(EVY;nsrk~sxFsPb!7rF=q*?lG1!oO~vpr7%N`mb)|@BH632k1mLn{kh%2?w3AWxf%LyaI_ARd37)e!@xEXpc7y~z0Dix}%!_6^vR$}2gxbEjMn>MN zOCnXL)`I>E+Z`~3Y2Y9=O0zy^e+)Xx}myLL$MSgx&&eWqRw$2FjCHm zLw*X1LOrV549WCpmS)BL_)t@km5oQ4U|+!V%n}v2J2XE=~vx6XyRO+AnYz z81_4R8agK+9~?F(Fd7C;H>cEe%O|7u2uOwk5VYl}KCH(`zl3Kd#AIYp4a-PW zd5>2vB8AsNUgkVmHx_(vgZU(z_??UYrhO{+8-q+#OuRbyQbwquz>-hcpKOm`*CUKy z0EI(sNQK1vzhSK(m3}|$rM=CkbC1iZTn#8Q5{CFNQmdlI z?<_A`PPK}h#yRTu&ao6pwx>aV%tiR*vbydJGyK(3z{3S}$?|wphv&$^+G_4{N0ks4 zKV*0%&-z)=U9uatSN`4CH~nYlPQ?o0@uY3-`S6SH%M9Q3yeQhtS50O%Be*nR?#rer zEyqxWb%3`nlq5N)TrJwBpedoZyFee}TpX*N z{8Z)6ptE3E$Apzp3Q;ct_)Z7(dc+;>Vj8;?iVr?FU&p%|4UJZF1gK}-St&MgN>MEO zdiQmops(rs%IkkZE}GD{zij@oN6j=+&Cfcsv&kSg(f;P{m%XR`>EFRcQMOx99ppRb zJkCKuI}k zqN`SXE3O~esC{M9<7aEKi&}XsmFhbvvLc;VV_=j|nRpAEom)`_{1!x=D0nzKiF~m@WeL4cJ zUx82M`EQCMvMA0stoLm;2mNI!G&*`_w!c2^xnwpMGwezGn7=bNvHk5j?hwmY0V#i) z1isGW>1ZdbIrc$3sdp`oTcDcv4`F^hFh9{CpW!WIvi|UNyRF+vFW^eDRQB~m_wEst zy%h^yV>6m#s~XnnC$nkYGCY1~e>fuX%-o-(D(U{}W(R7c8F(p5!-kgi3Hi1?e)qWN zK_%}PTM$n;9T9cIj<8#un^6*FP_`L-FaX{eF#Y&#V#C;$g*_r!^>~v^jlE^5Gl^pQ zF<)nlFYLs$A7OE{SwaD=y7zfXR5z(ojj>-;e;Q59a+rW5_lf9ZVo-m_G0%Gk`rTBh?D;$BX*&ys+A!BZrr0OZKYAzUK{p{ zQZVmSxlqua5gAw*@?zJBT#ZF5)}Mu#FQu)wEOz}G)o}Yb?(%AT-CE-^lNAvJm!$Y^NJq3oV}2- zqh%D!@@nu{9G27igi4yPene&u6`XWCyH$x+z@xwxdANMp;3!a$88RQf?0hK}{HRV* zB=c<+dU;^R}GFgL8Fw^NdnNFF`!LXkB(EGx41wm{3kG~2L1Ho5ZsYWWpoCAJ`! z!RU6C;X!746$gRj`Ee!tg25#E(+3Q_&)S!1qlX8j+OG@`UO^$$u>L6bq`*av)_@$| z&i=Z%O#-U{auup|^EfW%oK#I>#pL;68;;HBjbh#2x1V?>Bqs0%V{b#Q>FsE7#4zX- z-3~m8X@4t1wXSEJ1kz9H?`d6yH3dgQ@>;0eG}C4zm!|H5#r1;ss%F`AG~@=3g*;_c zz;c;akHox5Rd+%K@?9G!g|oA6wX0!R_wLBa%SzyTmPD{*h#+{rlRJFO20JzZx+4-g=X6bg;R)K5ubI@Ej}25$S<* zB(__Hv{1)%pRgU89x|R-F+#wzH%IK4e9g7lQjMb=U+6RO-O}!SVJzu*``)Yl6y7HX zdGaqKb2$uCQjIelUpO*3-kt7}?!av0#H$O<G}A_={8#aH%KOsm zNn%rpl#(t=G`;s4_DzS2(~gV-unwG9$6!|1t^OH-8E_<+0*j+cx?{7zR!0a32X8WJ zHfq8I#lsQ^o0FH>F{6+ zElw`AMF_}(p<>0TK-JovzEq%u||iL2OV`hW{(%{8fq)*d?rZ7W#%xEj(|SdUHSvgo}pk3F`;u6m!A_3y(~_ib{H%ZyIH z`4LgHP|K67z#D*jGDc&q>4LMB#b+w%;u7Id*-t4z5CZsE8^P9Ry(n;HE`Kc5r ziD`?XIVDRj8H?Q|5aiEsA;TI(1^`xR`vXjRFLItc*mpo|H|?dPy5ZlEm9)Kttpv|` zec#lQwpGP*OPh<);VM`hp~Bn?sbK0aPMLx2ooCGVAi;)ElNnC@RoXCOuA)nx?O9a1A>aDA z8gqbp@m#Co`4Q}0d2p}mtYz(#m#D}I60mWxc2I1t+l zWKCvPA3nbEOV8sZJ*9Gen)Pw>Gquu-a1Gs&y_p+!aSPvmP>GZY4I3q6D|T#5G2LC@ zyGLR|SjQjm;*+$Le*;yBIbyV;>A#Oq#aBM$`tJBmOS&_a>z>1Yy}RC>zy-s#W&UUk zVu@;qS2kzqW49>xm6@(w_+{Xx+t*X`t*GnuY!rqLEL?Ma(3+-a)4rc!dCiN#I80c?&MW6|cRx z&Nk4Z>?%~i1<|2eoB>9TPFt+j>biR=ei6O#}>&{e0_$9yX2dek1e z@nCxGEs`VT&vs&}d6-|rjgMLWU|}r1;fIVO&FaUp`!*{tDZpw<4qn&3!E|HX*QReC>z=0F!8(qB@9x`}{gHG7#a z!Q_k$Ej!=q0b5B?#I@^O33yTQlT~T>#19`{j!!h%zD$>BeO=Aqtg`(g?C}WrbOj!~ zZv#IrvpM}%hFLW`htt{(tqJnk`BnxWs*e@CP+{(Bz`w6_9ad1N{8Z5ey9AD5gOi8d z-wUo8bcEHhnl@fH#|PX~E#}+i@t<}1otA-l0xzSkJ3k{iYq_AbwvA?M$3vAL>+C9q z-_>NPYPTUJ4ejV$j|+3x;y*U}k(~+zwCm z%mIUG8gK!}i{(Jp&Va)DYtm^Y~6kEg|Y{Hnssw{dPmRb&_b2 zYs1EKxCztUz@)mfBsvj}-nzi9sf_*^{1MB=5kuaoN#3!+F4`NpJd$knm2tuLY$M3i zGeJ=lxviZyXT1|^l2Oz8-uf2U{;{q_B1@WuBxZV;}9<7-G6R!3sxW z0@xq(Z~)vrm0Lu6^quG!o~Dh{*7ASl_iHqy@<^_=ql~WW4C1sEI0$ciMaz+#k%Y<# zUFqw54csV8RlW6bn)o?PCT<{l)7k@bgbyd_t38*m9XWa0hJc?Riz)X0ywe<}`M zh{iNi%M6()J7MGw=nloU(tuVwoj3eFc4x=N8q?hkesUxxhW+saUU!m~_BXJqRfi-V zGT=;f#-96y*Rk9PX=mxSRVco|>`{z^9MVlnfQ@*`n&NKDjW#P%xsvCNQbEbLN2xr> zFOE{##t6! z+dzWh2R^Bc?JdIYtibDz#mX?QMQN-yEwY?pcG# z?M9+sr6bfrhoc**dC4_~sCeVAAOH4CEx#21a($=URN-OO-aGN1VY0fMq+Wy$t)umY z4o7Nq{vwU934mLyOPIt+?spJ$W8ga~t!f%FMgEFQz4*6gK zL&bJelBG4#BS^+=FVQ9?1bsey_5(;ZGy(Bf7F(W7-73IWoL^(C2`E^Ji2M%)|IyN4 zWGu!0u)=oNV$%Fh#XK-PKWP)~F?FJIMhDY%oA4*o;9W3#z&}zHKolz(s<147!r;Z7 z&?q5ax_FwcbC#?yP&2{aIPY6W@K_aj!o}gd-}{yZM(7I||EP=;OE(V>J288XCE2n0 zE4T{A|Ar+g#nM?~g{m=T)zmow7wyvzXe`gPUfSeaeNhfcKM{3Huj4b8kuZp5qgjQJ zEj^GZaYjNp^z9Z|b_?k{^}0E_I*8ncyBn_A_dZ}^5mCXx%O>}58wA`Xf%ye}@uI|| z&Vmfl5#NB10?UVe8QZXGjVdBss)J+Eh#${mk4GZ?ttPfC!W@^0lm8|okn{E@N>s<* z03vVrr(%(dTR3}gTI+vl4Q7h)u>)VLNHY+5Yt3q0Z90WJb{|}?kqg9%9AYf~6HE6MjQ=miKeTv$PT=%^*DjbHztL9NT7Ew%CfXnGx<3VZ4bMMdI$k6 z-#V?z#l99NG;nUp3B#l{D+8@O{!=Y~$aOAE-Mqh(o(GKM(eo&r=;^!LN@QE_^R*Drt_7K$)Os^@BbKM z(Ca|NGx84*Tj_OhoZd$~dJZgJmS<^E{i3Nxn@fZX%z>IYU)WL$L-?SysZEc}e`9}! zNz4C*W;;~3lFlZyZ)H!#t^xE78w;4A6;`MVeC??0GM4TKJpaV(1vYla#u)PpIGfl; zSQ7dPN-<$=7DEC3ecBrmIJ6yy73}MNinzdHM+)4ep&S(Fqs8I=5v)mZTh!Z>U}NkJ zfCf)={-k|){!t>(cxOz(658W;{9yWD&WsHTEF8y9%$OCo?vN~U(ch^iDu1E*PKEwv zHA$+0XNGNgh1Bxl4m_SG@ijY;UfiY@gT2uFp+977!y)#WBGtrG&USDz2@<2wf^|nhkt+_+V%ojrFB0&YIzG&PNl* zZEy(p`89SG4i~yw{N+OZ(FTc~oMR95Q@LCW%S|l#J1oIhFzyQc;{J5VISl=h-Pg^s zt1>{!L}d(gJ?pEzaaBjk(IrpHWyD|$422fuMYs!K!ql*%#EZKexC?3oJz%nzSVnQI zge}IQ@uVZWB6vs*#F4hfX*<38r znCXcNc|t921F2Tj^jyFnKG`Uo3%7}LI^fO9vU#Qx)fCIU>*X!z z)yqLx6xEYFRwtvi5aT&@oog3Qnd255PuZvuDE(x~XV_}+^SQucl-DKuc*^F?#1s`G zZ`ILV&YmavufW7Fq&T|tE-i(y91y6csVn(h80n3|p!l-funGy6Q!mEIs79PBXZ3Xi zahGeEK4$q%WWf<~bgJisq?}_v=!Fo1K9bht5kBR@4SF6K{6&NPzfxP*p+xj8H0C5{ z!8h;?C`1wzVE|=@_xF>)VK2OSMvWO-1 zg_ds(UO`Z3=`AKqlZ{`i#`}-?_n#@5^NBUSb+eE^`PcjR9_Q*A7`VEc+^W3f5AQ@9 zOnK}CCm&?gP0ye5Z^}J^cTO5?xIglf^6}(fo~Tom%`s9G3vyG=59eo-Ue47cG*EON z(nzLA_ZcYsZ$a~s{1VbJd3t09_Rcg~$&Bf(1FSf)&L&rrxzlL}3#0k3Nngp=qc->* znwV53cM4HY#~b2(&L1ib$n$p*Ki2{x(m2y6_wm4K7ZZikc?Wny`H7|Va`kWkJV`wn z?;nsx~YvEi7O2QfOJ^n08v$j0;2rW2>AFU%HN3ebwtn-`1U%1B=@9b~>oG}^~37)nt9^cK}7CxERLwFo!DwFoOH3#!rDv&q%@JgH9P zq|S3Xa9p@stICw2h^J#K1;n_h7(9#`^$-^_ax;ArrV84l7T|$w;6bEd8CfilR0j_8+o-xHuTS4{UjksX60C7= z+FV`N^%jkK+g9!EWHp)JBq6IUuTr;^r{5FK(I#stcV-6G)|t3uDl0$t!C11+h`W&u zw?iERbXaG$?wM28sr8^+{$yUCC0U{T%O~I9RO7%$C?$(=zcapxw>xKwjH+a<;`)Rw zKH~Z~Exh8aRkoP~n#>FBcJ8d_EWtVx5Cwj;erRdU#$RYR#hfrV^Uf}TdEp(hI@_Oc z<4v~LX<11;@F6N4js{BPJ0ZQrGHe#&vILnL-W12ev|Zdb`P)xRn8F^JhqKf<-;Un(75Q41?7C)Etyo$twm+r68ki-v%H1G3yBcWCubb&QCYrx8Thc%$ z|5EkKR~K?l&X) zGosbZ<4)`hwZ~<3`>vtt-{p2-kUt3 z%*0=HbG30~Xx{zy{{uRB$fjrZbb{UZYCMIj&&`5xX11?Ox!Qy>ith$B{@)%8xXlc%iniw{91619ZAj7CU>l1_wJ5;D0U<@ zNfYtE2TS)JD>Hpjg0w_g&^eNhrj+bj!z>?;+1EQ(*}j-uzYAM%8{@8W><&s3akD^q z(>t#Er-;m1!E`OhTm*ST(vk8P!(=c+Ku^9A}o^1r4_AKn-8SGU( zevRx#f(S!$wns2+;$`~?Zf$wT2x0B~M?7)Vq?U>1U4g9?qdcwRnq)lXn5M46httc5 zt`CK)50)J7`ws2POw%Qf@>=nLfggS=wH>7YN73cu6OOimeZ6m+!HVo|x;1iYF*-jA z(OvQWA0?JCsbZ}K26_iZCpRsIc5Q_rUX|iz&pg|R%${8xHY&auD7JhwpZG=$lkIV1 z`*eDZZIgI8=tP~Kt3ENOjl1w5VlVso)TN;S&8J4Xn{y0pvjVL|%PL&;0%w1z25ZGV zpXv~Eq8>sY)(dMs<$xz$19qz_pN(oE0_w43(c8We66aXqx*nGcS z--iTLx0_`imb(X5U(P`&Hxr8~pJ zroi#As-$1Z5SH`{0mpxOo+6$9lSFFL6*1kCU-FCon&bsiZO_A%|8<6X5qNH?7$O6u zA8mSyc)oYi^}}ZqylOd)r5p{osQ1rj*1Ub}9{KnKkDQapNJz=cij(m1T{F@q`CnS2 BJNf_s literal 0 HcmV?d00001 From b0b189f31f5742c0d6afb7cf249ddb57baaa7554 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 28 Nov 2018 17:30:58 +0100 Subject: [PATCH 0824/2197] Add missing compilation guards for GCM and CCM Add missing compilation guards that broke the build if either GCM or CCM was not defined. Add missing guards on test cases that require GCM or CBC. The build and tests now pass for any subset of {MBEDTLS_CCM_C, MBEDTLS_GCM_C}. There are still unused variables warnings if neither is defined. --- library/psa_crypto.c | 16 +++++++++++++--- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d100eb1fc..910de1f03 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3146,7 +3146,7 @@ static void psa_aead_abort( aead_operation_t *operation ) mbedtls_ccm_free( &operation->ctx.ccm ); break; #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_GCM_C) case PSA_ALG_GCM: mbedtls_gcm_free( &operation->ctx.gcm ); break; @@ -3259,6 +3259,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, } tag = ciphertext + plaintext_length; +#if defined(MBEDTLS_GCM_C) if( operation.core_alg == PSA_ALG_GCM ) { status = mbedtls_to_psa_error( @@ -3270,7 +3271,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, plaintext, ciphertext, operation.tag_length, tag ) ); } - else if( operation.core_alg == PSA_ALG_CCM ) + else +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) + if( operation.core_alg == PSA_ALG_CCM ) { status = mbedtls_to_psa_error( mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm, @@ -3282,6 +3286,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, tag, operation.tag_length ) ); } else +#endif /* MBEDTLS_CCM_C */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -3339,6 +3344,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( status != PSA_SUCCESS ) return( status ); +#if defined(MBEDTLS_GCM_C) if( operation.core_alg == PSA_ALG_GCM ) { status = psa_aead_unpadded_locate_tag( operation.tag_length, @@ -3356,7 +3362,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag, operation.tag_length, ciphertext, plaintext ) ); } - else if( operation.core_alg == PSA_ALG_CCM ) + else +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) + if( operation.core_alg == PSA_ALG_CCM ) { status = psa_aead_unpadded_locate_tag( operation.tag_length, ciphertext, ciphertext_length, @@ -3374,6 +3383,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag, operation.tag_length ) ); } else +#endif /* MBEDTLS_CCM_C */ { return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e1c1b0545..6087412be 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1770,19 +1770,19 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS PSA generate key: AES, 128 bits, GCM -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS PSA generate key: DES, 64 bits, CBC-nopad -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: DES, 128 bits, CBC-nopad -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: DES, 192 bits, CBC-nopad -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: invalid key size: AES, 64 bits From ce6ec7d5e79066837fee64ed49cc081586070a13 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 29 Nov 2018 15:51:18 +0200 Subject: [PATCH 0825/2197] Add github issue template Required for internal issue tracking. --- .github/issue_template.md | 44 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 .github/issue_template.md diff --git a/.github/issue_template.md b/.github/issue_template.md new file mode 100644 index 000000000..7d4f1e840 --- /dev/null +++ b/.github/issue_template.md @@ -0,0 +1,44 @@ + + +### Description + + + + +### Issue request type + + + [ ] Question + [ ] Enhancement + [ ] Bug + From 58600557bba1774479d7aa29be46d182ce9e072a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 30 Nov 2018 12:04:38 +0000 Subject: [PATCH 0826/2197] storage: Correct typo of PSA_PS_ERROR_OFFSET Correct typo of PSA_PS_ERROR_OFFSET to PSA_ITS_ERROR_OFFSET. --- library/psa_crypto.c | 2 +- library/psa_crypto_storage_its.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 910de1f03..fc296d365 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4259,7 +4259,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) return( PSA_ERROR_INSUFFICIENT_STORAGE ); case PSA_ITS_ERROR_INVALID_KEY: - case PSA_PS_ERROR_OFFSET_INVALID: + case PSA_ITS_ERROR_OFFSET_INVALID: case PSA_ITS_ERROR_INCORRECT_SIZE: case PSA_ITS_ERROR_BAD_POINTER: return( PSA_ERROR_INVALID_ARGUMENT ); diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 29394b5d8..35caa39ad 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -52,7 +52,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) return( PSA_ERROR_INSUFFICIENT_STORAGE ); case PSA_ITS_ERROR_INVALID_KEY: - case PSA_PS_ERROR_OFFSET_INVALID: + case PSA_ITS_ERROR_OFFSET_INVALID: case PSA_ITS_ERROR_INCORRECT_SIZE: case PSA_ITS_ERROR_BAD_POINTER: return( PSA_ERROR_INVALID_ARGUMENT ); From ac41c191b90c94c0fd2a5b1f1eca7675ee467773 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 4 Dec 2018 10:57:13 +0100 Subject: [PATCH 0827/2197] Add psa_crypto_invasive.h --- visualc/VS2010/mbedTLS.vcxproj | 1 + 1 file changed, 1 insertion(+) diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 6535d483a..d305c4515 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -231,6 +231,7 @@ + From 79e213cfc8547b64cb645be0096e9ca07930525c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 4 Dec 2018 12:25:40 +0100 Subject: [PATCH 0828/2197] Don't include mbedtls/platform.h unconditionally Programs must not include mbedtls/platform.h if MBEDTLS_PLATFORM_C is not defined. Test suites don't need to include mbedtls/platform.h because helpers.function takes care of it. This commit also removes a stray `;` which is technically not standard C. --- tests/suites/test_suite_psa_crypto_init.function | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 359650429..132fe82f8 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -11,7 +11,6 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" -#include "mbedtls/platform.h" #define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) #define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) @@ -41,7 +40,7 @@ static int fake_entropy_source( void *state_arg, output[i] = i; ++state->step; return( 0 ); -}; +} #define ENTROPY_SOURCE_PLATFORM 0x00000001 #define ENTROPY_SOURCE_TIMING 0x00000002 From 5a3c50e89049b4a5efbeceea49318182fac28456 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 4 Dec 2018 12:27:09 +0100 Subject: [PATCH 0829/2197] Don't use an enum in a bit-field This isn't standard C. GCC and Clang accept it but not every compiler (e.g. Armcc 5). --- library/psa_crypto.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 233a19ede..7415a9a4f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -147,12 +147,10 @@ static int key_type_is_raw_bytes( psa_key_type_t type ) return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ); } -enum rng_state -{ - RNG_NOT_INITIALIZED = 0, - RNG_INITIALIZED, - RNG_SEEDED, -}; +/* Values for psa_global_data_t::rng_state */ +#define RNG_NOT_INITIALIZED 0 +#define RNG_INITIALIZED 1 +#define RNG_SEEDED 2 typedef struct { @@ -162,7 +160,7 @@ typedef struct mbedtls_ctr_drbg_context ctr_drbg; key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; unsigned initialized : 1; - enum rng_state rng_state : 2; + unsigned rng_state : 2; unsigned key_slots_initialized : 1; } psa_global_data_t; From 3cac8c4d7839c11b5742ecb282f20aa19c2eab19 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 14:07:45 +0100 Subject: [PATCH 0830/2197] Move declarations related to lifetimes further up in crypto.h No content change. This is in preparation for declaring the slot management functions, which need the type psa_key_lifetime_t. --- include/psa/crypto.h | 180 ++++++++++++++++++++++--------------------- 1 file changed, 92 insertions(+), 88 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1ca64922e..282f90965 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1401,6 +1401,98 @@ typedef uint32_t psa_algorithm_t; * @{ */ +/** Encoding of key lifetimes. + */ +typedef uint32_t psa_key_lifetime_t; + +/** Encoding of identifiers of persistent keys. + */ +typedef uint32_t psa_key_id_t; + +/** A volatile key slot retains its content as long as the application is + * running. It is guaranteed to be erased on a power reset. + */ +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) + +/** A persistent key slot retains its content as long as it is not explicitly + * destroyed. + */ +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) + +/** A write-once key slot may not be modified once a key has been set. + * It will retain its content as long as the device remains operational. + */ +#define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) + +/** \brief Retrieve the lifetime of a key slot. + * + * The assignment of lifetimes to slots is implementation-dependent. + * + * \param key Slot to query. + * \param[out] lifetime On success, the lifetime value. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key slot is invalid. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_lifetime(psa_key_slot_t key, + psa_key_lifetime_t *lifetime); + +/** \brief Change the lifetime of a key slot. + * + * Whether the lifetime of a key slot can be changed at all, and if so + * whether the lifetime of an occupied key slot can be changed, is + * implementation-dependent. + * + * When creating a persistent key, you must call this function before creating + * the key material with psa_import_key(), psa_generate_key() or + * psa_generator_import_key(). To open an existing persistent key, you must + * call this function with the correct lifetime value before using the slot + * for a cryptographic operation. Once a slot's lifetime has been set, + * the lifetime remains associated with the slot until a subsequent call to + * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or + * until the application terminates (or disconnects from the cryptography + * service, if the implementation offers such a possibility). + * + * \param key Slot whose lifetime is to be changed. + * \param lifetime The lifetime value to set for the given key slot. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key slot is invalid, + * or the lifetime value is invalid. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The implementation does not support the specified lifetime value, + * at least for the specified key slot. + * \retval #PSA_ERROR_OCCUPIED_SLOT + * The slot contains a key, and the implementation does not support + * changing the lifetime of an occupied slot. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_set_key_lifetime(psa_key_slot_t key, + psa_key_lifetime_t lifetime); + +/**@}*/ + +/** \defgroup import_export Key import and export + * @{ + */ + /** * \brief Import a key in binary format. * @@ -1872,94 +1964,6 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key, /**@}*/ -/** \defgroup persistence Key lifetime - * @{ - */ - -/** Encoding of key lifetimes. - */ -typedef uint32_t psa_key_lifetime_t; - -/** A volatile key slot retains its content as long as the application is - * running. It is guaranteed to be erased on a power reset. - */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) - -/** A persistent key slot retains its content as long as it is not explicitly - * destroyed. - */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) - -/** A write-once key slot may not be modified once a key has been set. - * It will retain its content as long as the device remains operational. - */ -#define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) - -/** \brief Retrieve the lifetime of a key slot. - * - * The assignment of lifetimes to slots is implementation-dependent. - * - * \param key Slot to query. - * \param[out] lifetime On success, the lifetime value. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_lifetime(psa_key_slot_t key, - psa_key_lifetime_t *lifetime); - -/** \brief Change the lifetime of a key slot. - * - * Whether the lifetime of a key slot can be changed at all, and if so - * whether the lifetime of an occupied key slot can be changed, is - * implementation-dependent. - * - * When creating a persistent key, you must call this function before creating - * the key material with psa_import_key(), psa_generate_key() or - * psa_generator_import_key(). To open an existing persistent key, you must - * call this function with the correct lifetime value before using the slot - * for a cryptographic operation. Once a slot's lifetime has been set, - * the lifetime remains associated with the slot until a subsequent call to - * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or - * until the application terminates (or disconnects from the cryptography - * service, if the implementation offers such a possibility). - * - * \param key Slot whose lifetime is to be changed. - * \param lifetime The lifetime value to set for the given key slot. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid, - * or the lifetime value is invalid. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The implementation does not support the specified lifetime value, - * at least for the specified key slot. - * \retval #PSA_ERROR_OCCUPIED_SLOT - * The slot contains a key, and the implementation does not support - * changing the lifetime of an occupied slot. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_set_key_lifetime(psa_key_slot_t key, - psa_key_lifetime_t lifetime); - -/**@}*/ - /** \defgroup hash Message digests * @{ */ From f535eb2e616593807cf879914ba926a97cbe92cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 14:08:36 +0100 Subject: [PATCH 0831/2197] Declare the new slot management functions in crypto.h No changes to existing functions. --- include/psa/crypto.h | 125 ++++++++++++++++++++++++++++++++++ include/psa/crypto_platform.h | 3 + 2 files changed, 128 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 282f90965..432ce6a8e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -314,6 +314,10 @@ typedef int32_t psa_status_t; * generator will always return this error. */ #define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18) +/** The key handle is not valid. + */ +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19) + /** * \brief Library initialization. * @@ -1487,6 +1491,127 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, psa_status_t psa_set_key_lifetime(psa_key_slot_t key, psa_key_lifetime_t lifetime); +/** Allocate a key slot for a transient key, i.e. a key which is only stored + * in volatile memory. + * + * The allocated key slot and its handle remain valid until the + * application calls psa_close_key() or psa_destroy_key() or until the + * application terminates. + * + * This function takes a key type and maximum size as arguments so that + * the implementation can reserve a corresponding amount of memory. + * Implementations are not required to enforce this limit: if the application + * later tries to create a larger key or a key of a different type, it + * is implementation-defined whether this may succeed. + * + * \param type The type of key that the slot will contain. + * \param max_bits The maximum key size that the slot will contain. + * \param[out] handle On success, a handle to a volatile key slot. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the newly allocated key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There was not enough memory, or the maximum number of key slots + * has been reached. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * This implementation does not support this key type. + */ + +psa_status_t psa_allocate_key(psa_key_type_t type, + size_t max_bits, + psa_key_handle_t *handle); + +/** Open a handle to an existing persistent key. + * + * Open a handle to a key which was previously created with psa_create_key(). + * + * \param lifetime The lifetime of the key. This designates a storage + * area where the key material is stored. This must not + * be #PSA_KEY_LIFETIME_VOLATILE. + * \param id The persistent identifier of the key. + * \param[out] handle On success, a handle to a key slot which contains + * the data and metadata loaded from the specified + * persistent location. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the newly allocated key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is invalid for the specified lifetime. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p lifetime is not supported. + * \retval #PSA_ERROR_NOT_PERMITTED + * The specified key exists, but the application does not have the + * permission to access it. Note that this specification does not + * define any way to create such a key, but it may be possible + * through implementation-specific means. + */ +psa_status_t psa_open_key(psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_handle_t *handle); + +/** Create a new persistent key slot. + * + * Create a new persistent key slot and return a handle to it. The handle + * remains valid until the application calls psa_close_key() or terminates. + * The application can open the key again with psa_open_key() until it + * removes the key by calling psa_destroy_key(). + * + * \param lifetime The lifetime of the key. This designates a storage + * area where the key material is stored. This must not + * be #PSA_KEY_LIFETIME_VOLATILE. + * \param id The persistent identifier of the key. + * \param type The type of key that the slot will contain. + * \param max_bits The maximum key size that the slot will contain. + * \param[out] handle On success, a handle to the newly created key slot. + * When key material is later created in this key slot, + * it will be saved to the specified persistent location. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the newly allocated key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_OCCUPIED_SLOT + * There is already a key with the identifier \p id in the storage + * area designated by \p lifetime. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is invalid for the specified lifetime. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p lifetime is not supported. + * \retval #PSA_ERROR_NOT_PERMITTED + * \p lifetime is valid, but the application does not have the + * permission to create a key there. + */ +psa_status_t psa_create_key(psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_type_t type, + size_t max_bits, + psa_key_handle_t *handle); + +/** Close a key handle. + * + * If the handle designates a volatile key, destroy the key material and + * free all associated resources, just like psa_destroy_key(). + * + * If the handle designates a persistent key, free all resources associated + * with the key in volatile memory. The key slot in persistent storage is + * not affected and can be opened again later with psa_open_key(). + * + * \param handle The key handle to close. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + */ +psa_status_t psa_close_key(psa_key_handle_t handle); + /**@}*/ /** \defgroup import_export Key import and export diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 9af320d1e..c20396619 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -49,4 +49,7 @@ /* Integral type representing a key slot number. */ typedef uint16_t psa_key_slot_t; +/* Integral type representing a key handle. */ +typedef uint16_t psa_key_handle_t; + #endif /* PSA_CRYPTO_PLATFORM_H */ From 644cd5fd8977ed0a0eaa8dbd1cc6f66dc4865446 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 Dec 2018 16:47:35 +0100 Subject: [PATCH 0832/2197] Linkify some macros that were just typeset as text --- include/psa/crypto.h | 52 ++++++++++++++++++++++---------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 432ce6a8e..0e57972cc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3266,9 +3266,9 @@ static psa_crypto_generator_t psa_crypto_generator_init(void); * \param[in] generator The generator to query. * \param[out] capacity On success, the capacity of the generator. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_BAD_STATE - * \retval PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity); @@ -3284,19 +3284,19 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, * written. * \param output_length Number of bytes to output. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_CAPACITY + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY * There were fewer than \p output_length bytes * in the generator. Note that in this case, no * output is written to the output buffer. * The generator's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller output buffer. - * \retval PSA_ERROR_BAD_STATE - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, uint8_t *output, @@ -3322,28 +3322,28 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * \param bits Key size in bits. * \param[in,out] generator The generator object to read from. * - * \retval PSA_SUCCESS + * \retval #PSA_SUCCESS * Success. - * \retval PSA_ERROR_INSUFFICIENT_CAPACITY + * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY * There were fewer than \p output_length bytes * in the generator. Note that in this case, no * output is written to the output buffer. * The generator's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller output buffer. - * \retval PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the * implementation in general or in this particular slot. - * \retval PSA_ERROR_BAD_STATE - * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid. - * \retval PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_OCCUPIED_SLOT * There is already a key in the specified slot. - * \retval PSA_ERROR_INSUFFICIENT_MEMORY - * \retval PSA_ERROR_INSUFFICIENT_STORAGE - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3370,11 +3370,11 @@ psa_status_t psa_generator_import_key(psa_key_slot_t key, * * \param[in,out] generator The generator to abort. * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_BAD_STATE - * \retval PSA_ERROR_COMMUNICATION_FAILURE - * \retval PSA_ERROR_HARDWARE_FAILURE - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); From ae32aac48e7181f1e2bddb5bac77d6270a56a825 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 14:39:32 +0100 Subject: [PATCH 0833/2197] Switch function declarations from key slots to key handles Replace `psa_key_slot_t key` by `psa_key_handle_t` in function declarations. This is a transition period during which handles are key slot numbers and the whole library can still be used by accessing a key slot number without allocating a handle. --- include/psa/crypto.h | 173 ++++++++++++++++++++++++------------------- 1 file changed, 97 insertions(+), 76 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0e57972cc..6807c73f3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -36,19 +36,15 @@ * @{ */ -/** \brief Key slot number. +/** \brief Key handle. * - * This type represents key slots. It must be an unsigned integral + * This type represents open handles to keys. It must be an unsigned integral * type. The choice of type is implementation-dependent. + * * 0 is not a valid key slot number. The meaning of other values is * implementation dependent. - * - * At any given point in time, each key slot either contains a - * cryptographic object, or is empty. Key slots are persistent: - * once set, the cryptographic object remains in the key slot until - * explicitly destroyed. */ -typedef _unsigned_integral_type_ psa_key_slot_t; +typedef _unsigned_integral_type_ psa_key_handle_t; /**@}*/ #endif /* __DOXYGEN_ONLY__ */ @@ -1428,17 +1424,14 @@ typedef uint32_t psa_key_id_t; */ #define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) -/** \brief Retrieve the lifetime of a key slot. +/** \brief Retrieve the lifetime of an open key. * - * The assignment of lifetimes to slots is implementation-dependent. - * - * \param key Slot to query. + * \param handle Handle to query. * \param[out] lifetime On success, the lifetime value. * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -1447,7 +1440,7 @@ typedef uint32_t psa_key_id_t; * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_get_key_lifetime(psa_key_slot_t key, +psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, psa_key_lifetime_t *lifetime); /** \brief Change the lifetime of a key slot. @@ -1488,7 +1481,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_set_key_lifetime(psa_key_slot_t key, +psa_status_t psa_set_key_lifetime(psa_key_handle_t key, psa_key_lifetime_t lifetime); /** Allocate a key slot for a transient key, i.e. a key which is only stored @@ -1609,6 +1602,7 @@ psa_status_t psa_create_key(psa_key_lifetime_t lifetime, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ psa_status_t psa_close_key(psa_key_handle_t handle); @@ -1633,9 +1627,12 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * minimize the risk that an invalid input is accidentally interpreted * according to a different format. * - * \param key Slot where the key will be stored. This must be a - * valid slot for a key of the chosen type. It must - * be unoccupied. + * \param handle Handle to the slot where the key will be stored. + * This must be a valid slot for a key of the chosen + * type: it must have been obtained by calling + * psa_allocate_key() or psa_create_key() with the + * correct \p type and with a maximum size that is + * compatible with \p data. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). On a successful * import, the key slot will contain a key of this type. * \param[in] data Buffer containing the key data. The content of this @@ -1647,6 +1644,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the * implementation in general or in this particular slot. @@ -1666,31 +1664,30 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_import_key(psa_key_slot_t key, +psa_status_t psa_import_key(psa_key_handle_t handle, psa_key_type_t type, const uint8_t *data, size_t data_length); /** - * \brief Destroy a key and restore the slot to its default state. + * \brief Destroy a key. * * This function destroys the content of the key slot from both volatile * memory and, if applicable, non-volatile storage. Implementations shall * make a best effort to ensure that any previous content of the slot is * unrecoverable. * - * This function also erases any metadata such as policies. It returns the - * specified slot to its default state. + * This function also erases any metadata such as policies and frees all + * resources associated with the key. * - * \param key The key slot to erase. + * \param handle Handle to the key slot to erase. * * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. * \retval #PSA_ERROR_NOT_PERMITTED * The slot holds content and cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The specified slot number does not designate a valid slot. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * There was an failure in communication with the cryptoprocessor. * The key material may still be present in the cryptoprocessor. @@ -1708,13 +1705,12 @@ psa_status_t psa_import_key(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_destroy_key(psa_key_slot_t key); +psa_status_t psa_destroy_key(psa_key_handle_t handle); /** * \brief Get basic metadata about a key. * - * \param key Slot whose content is queried. This must - * be an occupied key slot. + * \param handle Handle to the key slot to query. * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value). * This may be a null pointer, in which case the key type * is not written. @@ -1723,7 +1719,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * is not written. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT + * The handle is to a key slot which does not contain key material yet. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -1732,7 +1730,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_get_key_information(psa_key_slot_t key, +psa_status_t psa_get_key_information(psa_key_handle_t handle, psa_key_type_t *type, size_t *bits); @@ -1798,14 +1796,14 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is * true), the format is the same as for psa_export_public_key(). * - * \param key Slot whose content is to be exported. This must - * be an occupied key slot. + * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. * \param[out] data_length On success, the number of bytes * that make up the key data. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_NOT_SUPPORTED @@ -1823,7 +1821,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_export_key(psa_key_slot_t key, +psa_status_t psa_export_key(psa_key_handle_t handle, uint8_t *data, size_t data_size, size_t *data_length); @@ -1900,14 +1898,14 @@ psa_status_t psa_export_key(psa_key_slot_t key, * namedCurve OBJECT IDENTIFIER } * ``` * - * \param key Slot whose content is to be exported. This must - * be an occupied key slot. + * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. * \param[out] data_length On success, the number of bytes * that make up the key data. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is neither a public key nor a key pair. @@ -1926,7 +1924,7 @@ psa_status_t psa_export_key(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_export_public_key(psa_key_slot_t key, +psa_status_t psa_export_public_key(psa_key_handle_t handle, uint8_t *data, size_t data_size, size_t *data_length); @@ -2052,10 +2050,11 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * Implementations may set restrictions on supported key policies * depending on the key type and the key slot. * - * \param key The key slot whose policy is to be changed. + * \param handle Handle to the key whose policy is to be changed. * \param[in] policy The policy object to query. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2067,15 +2066,16 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_set_key_policy(psa_key_slot_t key, +psa_status_t psa_set_key_policy(psa_key_handle_t handle, const psa_key_policy_t *policy); /** \brief Get the usage policy for a key slot. * - * \param key The key slot whose policy is being queried. + * \param handle Handle to the key slot whose policy is being queried. * \param[out] policy On success, the key's policy. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED @@ -2084,7 +2084,7 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_get_key_policy(psa_key_slot_t key, +psa_status_t psa_get_key_policy(psa_key_handle_t handle, psa_key_policy_t *policy); /**@}*/ @@ -2341,12 +2341,13 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * - A call to psa_mac_sign_finish() or psa_mac_abort(). * * \param[out] operation The operation object to use. - * \param key Slot containing the key to use for the operation. + * \param handle Handle to the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2363,7 +2364,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * results in this error code. */ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg); /** Start a multipart MAC verification operation. @@ -2393,12 +2394,13 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * - A call to psa_mac_verify_finish() or psa_mac_abort(). * * \param[out] operation The operation object to use. - * \param key Slot containing the key to use for the operation. + * \param handle Handle to the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2415,7 +2417,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * results in this error code. */ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg); /** Add a message fragment to a multipart MAC operation. @@ -2592,13 +2594,14 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param[out] operation The operation object to use. - * \param key Slot containing the key to use for the operation. + * \param handle Handle to the key to use for the operation. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2615,7 +2618,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * results in this error code. */ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg); /** Set the key for a multipart symmetric decryption operation. @@ -2645,13 +2648,14 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param[out] operation The operation object to use. - * \param key Slot containing the key to use for the operation. + * \param handle Handle to the key to use for the operation. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2668,7 +2672,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * results in this error code. */ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg); /** Generate an IV for a symmetric encryption operation. @@ -2871,7 +2875,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); /** Process an authenticated encryption operation. * - * \param key Slot containing the key to use. + * \param handle Handle to the key to use for the operation. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2899,6 +2903,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2914,7 +2919,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_aead_encrypt(psa_key_slot_t key, +psa_status_t psa_aead_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -2928,7 +2933,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key, /** Process an authenticated decryption operation. * - * \param key Slot containing the key to use. + * \param handle Handle to the key to use for the operation. * \param alg The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -2954,6 +2959,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_INVALID_SIGNATURE * The ciphertext is not authentic. @@ -2971,7 +2977,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_aead_decrypt(psa_key_slot_t key, +psa_status_t psa_aead_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -3009,7 +3015,8 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key, * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. * - * \param key Key slot containing an asymmetric key pair. + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. * \param alg A signature algorithm that is compatible with * the type of \p key. * \param[in] hash The hash or message to sign. @@ -3038,7 +3045,7 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_sign(psa_key_slot_t key, +psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3055,8 +3062,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg) * to determine the hash algorithm to use. * - * \param key Key slot containing a public key or an - * asymmetric key pair. + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric key pair. * \param alg A signature algorithm that is compatible with * the type of \p key. * \param[in] hash The hash or message whose signature is to be @@ -3081,7 +3088,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_verify(psa_key_slot_t key, +psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -3096,8 +3103,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, /** * \brief Encrypt a short message with a public key. * - * \param key Key slot containing a public key or an - * asymmetric key pair. + * \param handle Handle to the key to use for the operation. + * It must be a public key or an asymmetric + * key pair. * \param alg An asymmetric encryption algorithm that is * compatible with the type of \p key. * \param[in] input The message to encrypt. @@ -3139,7 +3147,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, +psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -3152,7 +3160,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, /** * \brief Decrypt a short message with a private key. * - * \param key Key slot containing an asymmetric key pair. + * \param handle Handle to the key to use for the operation. + * It must be an asymmetric key pair. * \param alg An asymmetric encryption algorithm that is * compatible with the type of \p key. * \param[in] input The message to decrypt. @@ -3195,7 +3204,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, +psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -3314,9 +3323,13 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * if the implementation provides an isolation boundary then * the key material is not exposed outside the isolation boundary. * - * \param key Slot where the key will be stored. This must be a - * valid slot for a key of the chosen type. It must - * be unoccupied. + * \param handle Handle to the slot where the key will be stored. + * This must be a valid slot for a key of the chosen + * type: it must have been obtained by calling + * psa_allocate_key() or psa_create_key() with the + * correct \p type and with a maximum size that is + * compatible with \p bits. + * It must not contain any key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * This must be a symmetric key type. * \param bits Key size in bits. @@ -3335,8 +3348,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * The key type or key size is not supported, either by the * implementation in general or in this particular slot. * \retval #PSA_ERROR_BAD_STATE - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT * There is already a key in the specified slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -3349,7 +3361,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generator_import_key(psa_key_slot_t key, +psa_status_t psa_generator_import_key(psa_key_handle_t handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator); @@ -3409,7 +3421,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * a logical zero (`{0}`), * \c PSA_CRYPTO_GENERATOR_INIT or * psa_crypto_generator_init(). - * \param key Slot containing the secret key to use. + * \param handle Handle to the secret key. * \param alg The key derivation algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). @@ -3422,6 +3434,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -3439,7 +3452,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * results in this error code. */ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, @@ -3462,7 +3475,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * a logical zero (`{0}`), * \c PSA_CRYPTO_GENERATOR_INIT or * psa_crypto_generator_init(). - * \param private_key Slot containing the private key to use. + * \param private_key Handle to the private key to use. * \param[in] peer_key Public key of the peer. It must be * in the same format that psa_import_key() * accepts. The standard formats for public @@ -3475,6 +3488,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -3489,7 +3503,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, - psa_key_slot_t private_key, + psa_key_handle_t private_key, const uint8_t *peer_key, size_t peer_key_length, psa_algorithm_t alg); @@ -3538,9 +3552,13 @@ typedef struct { /** * \brief Generate a key or key pair. * - * \param key Slot where the key will be stored. This must be a - * valid slot for a key of the chosen type. It must - * be unoccupied. + * \param handle Handle to the slot where the key will be stored. + * This must be a valid slot for a key of the chosen + * type: it must have been obtained by calling + * psa_allocate_key() or psa_create_key() with the + * correct \p type and with a maximum size that is + * compatible with \p bits. + * It must not contain any key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * \param bits Key size in bits. * \param[in] extra Extra parameters for key generation. The @@ -3569,6 +3587,9 @@ typedef struct { * \c NULL then \p extra_size must be zero. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_OCCUPIED_SLOT + * There is already a key in the specified slot. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -3581,7 +3602,7 @@ typedef struct { * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_key(psa_key_slot_t key, +psa_status_t psa_generate_key(psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, From 69f976b1d6cf55801e5a268296131ffabef5219b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 18:46:56 +0100 Subject: [PATCH 0834/2197] Distinguish in-memory slot number from in-storage slot identifier At the moment, the in-storage slot identifier is the in-memory slot number. But track them separately, to prepare for API changes that will let them be different (psa_open_key, psa_create_key). --- library/psa_crypto.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7415a9a4f..24ad06d38 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -126,6 +126,7 @@ typedef struct psa_key_type_t type; psa_key_policy_t policy; psa_key_lifetime_t lifetime; + psa_key_id_t persistent_storage_id; union { struct raw_data @@ -720,14 +721,14 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot, } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t key, - key_slot_t *p_slot ) +static psa_status_t psa_load_persistent_key_into_slot( key_slot_t *p_slot ) { psa_status_t status = PSA_SUCCESS; uint8_t *key_data = NULL; size_t key_data_length = 0; - status = psa_load_persistent_key( key, &( p_slot )->type, + status = psa_load_persistent_key( p_slot->persistent_storage_id, + &( p_slot )->type, &( p_slot )->policy, &key_data, &key_data_length ); if( status != PSA_SUCCESS ) @@ -763,7 +764,7 @@ static psa_status_t psa_get_key_slot( psa_key_slot_t key, if( ( *p_slot )->type == PSA_KEY_TYPE_NONE ) { psa_status_t status = PSA_SUCCESS; - status = psa_load_persistent_key_into_slot( key, *p_slot ); + status = psa_load_persistent_key_into_slot( *p_slot ); if( status != PSA_ERROR_EMPTY_SLOT ) return( status ); } @@ -889,7 +890,8 @@ psa_status_t psa_import_key( psa_key_slot_t key, if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { /* Store in file location */ - status = psa_save_persistent_key( key, slot->type, &slot->policy, data, + status = psa_save_persistent_key( slot->persistent_storage_id, + slot->type, &slot->policy, data, data_length ); if( status != PSA_SUCCESS ) { @@ -914,7 +916,8 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { - storage_status = psa_destroy_persistent_key( key ); + storage_status = + psa_destroy_persistent_key( slot->persistent_storage_id ); } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ status = psa_remove_key_data_from_memory( slot ); @@ -1121,8 +1124,7 @@ psa_status_t psa_export_public_key( psa_key_slot_t key, } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key, - key_slot_t *slot, +static psa_status_t psa_save_generated_persistent_key( key_slot_t *slot, size_t bits ) { psa_status_t status; @@ -1140,7 +1142,8 @@ static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key, goto exit; } /* Store in file location */ - status = psa_save_persistent_key( key, slot->type, &slot->policy, + status = psa_save_persistent_key( slot->persistent_storage_id, + slot->type, &slot->policy, data, key_length ); if( status != PSA_SUCCESS ) { @@ -3119,6 +3122,7 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key, #endif slot->lifetime = lifetime; + slot->persistent_storage_id = key; return( PSA_SUCCESS ); } @@ -4437,7 +4441,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { - return( psa_save_generated_persistent_key( key, slot, bits ) ); + return( psa_save_generated_persistent_key( slot, bits ) ); } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ From 7f6e3a868af6c7aba1a16032017b15aca616eb3b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 18:51:45 +0100 Subject: [PATCH 0835/2197] Change ASSERT_ALLOC to take a size in elements, not bytes `ASSERT_ALLOC(p, length)` now allocates `length` elements, i.e. `length * sizeof(*p)` bytes. --- tests/suites/helpers.function | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index f416b3035..cbe3fa0d4 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -95,7 +95,7 @@ typedef struct data_tag * You must set \p pointer to \c NULL before calling this macro and * put `mbedtls_free( pointer )` in the test's cleanup code. * - * If \p size is zero, the resulting \p pointer will be \c NULL. + * If \p length is zero, the resulting \p pointer will be \c NULL. * This is usually what we want in tests since API functions are * supposed to accept null pointers when a buffer size is zero. * @@ -105,20 +105,21 @@ typedef struct data_tag * \param pointer An lvalue where the address of the allocated buffer * will be stored. * This expression may be evaluated multiple times. - * \param size Buffer size to allocate in bytes. + * \param length Number of elements to allocate. * This expression may be evaluated multiple times. * */ -#define ASSERT_ALLOC( pointer, size ) \ - do \ - { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( size ) != 0 ) \ - { \ - ( pointer ) = mbedtls_calloc( 1, ( size ) ); \ - TEST_ASSERT( ( pointer ) != NULL ); \ - } \ - } \ +#define ASSERT_ALLOC( pointer, length ) \ + do \ + { \ + TEST_ASSERT( ( pointer ) == NULL ); \ + if( ( length ) != 0 ) \ + { \ + ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ + ( length ) ); \ + TEST_ASSERT( ( pointer ) != NULL ); \ + } \ + } \ while( 0 ) /** Compare two buffers and fail the test case if they differ. From 5ec7b078ea0f35c16403cbac3896e158919c0a83 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 18:53:28 +0100 Subject: [PATCH 0836/2197] Add tests for the new slot management mechanism Add unit tests for handle allocation and release. --- tests/CMakeLists.txt | 1 + ...test_suite_psa_crypto_slot_management.data | 59 +++ ..._suite_psa_crypto_slot_management.function | 391 ++++++++++++++++++ 3 files changed, 451 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_slot_management.data create mode 100644 tests/suites/test_suite_psa_crypto_slot_management.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 56ce9338a..21cdfaba2 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -116,6 +116,7 @@ add_test_suite(psa_crypto_hash) add_test_suite(psa_crypto_init) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) +add_test_suite(psa_crypto_slot_management) add_test_suite(psa_crypto_storage_file) add_test_suite(shax) add_test_suite(ssl) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data new file mode 100644 index 000000000..133f4c873 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -0,0 +1,59 @@ +Transient slot, check after closing +transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE + +Transient slot, check after destroying +transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY + +Transient slot, check after restart +transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN + +Persistent slot, check after closing +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE + +Persistent slot, check after destroying +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY + +Persistent slot, check after restart +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN + +Attempt to overwrite: close before, same type +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_BEFORE + +Attempt to overwrite: close before, different type +depends_on:MBEDTLS_AES_C +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_BEFORE + +Attempt to overwrite: close after, same type +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_AFTER + +Attempt to overwrite: close after, different type +depends_on:MBEDTLS_AES_C +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_AFTER + +Attempt to overwrite: keep open, same type +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:KEEP_OPEN + +Attempt to overwrite: keep open, different type +depends_on:MBEDTLS_AES_C +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN + +Open failure: non-existent identifier +open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT + +Open failure: volatile lifetime +open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT + +Open failure: invalid lifetime +open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT + +Create failure: volatile lifetime +create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + +Create failure: invalid lifetime +create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + +Close/destroy invalid handle +invalid_handle: + +Open many transient handles +many_transient_handles:42 diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function new file mode 100644 index 000000000..1f1984e3f --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -0,0 +1,391 @@ +/* BEGIN_HEADER */ +#include + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif +#include "psa/crypto.h" + +#include "psa_crypto_storage.h" + +#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS ) + +typedef enum +{ + CLOSE_BY_CLOSE, + CLOSE_BY_DESTROY, + CLOSE_BY_SHUTDOWN, +} close_method_t; + +typedef enum +{ + KEEP_OPEN, + CLOSE_BEFORE, + CLOSE_AFTER, +} reopen_policy_t; + +/* All test functions that create persistent keys must call + * `TEST_MAX_KEY_ID( key_id )` before creating a persistent key with this + * identifier, and must call psa_purge_key_storage() in their cleanup + * code. */ + +/* There is no API to purge all keys. For this test suite, require that + * all key IDs be less than a certain maximum. */ +#define MAX_KEY_ID_FOR_TEST 32 +#define TEST_MAX_KEY_ID( key_id ) \ + TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST ) +void psa_purge_key_storage( void ) +{ + psa_key_id_t i; + /* The tests may have potentially created key ids from 1 to + * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id + * 0, which file-based storage uses as a temporary file. */ + for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ ) + psa_destroy_persistent_key( i ); +} + +static int psa_key_policy_equal( psa_key_policy_t *p1, + psa_key_policy_t *p2 ) +{ + return( psa_key_policy_get_usage( p1 ) == psa_key_policy_get_usage( p2 ) && + psa_key_policy_get_algorithm( p1 ) == psa_key_policy_get_algorithm( p2 ) ); +} + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void transient_slot_lifecycle( int type_arg, int max_bits_arg, + int alg_arg, int usage_arg, + data_t *key_data, + int close_method_arg ) +{ + psa_key_type_t type = type_arg; + size_t max_bits = max_bits_arg; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage_flags = usage_arg; + close_method_t close_method = close_method_arg; + psa_key_type_t read_type; + psa_key_handle_t handle = 0; + psa_key_policy_t policy; + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Get a handle and import a key. */ + PSA_ASSERT( psa_allocate_key( type, max_bits, &handle ) ); + TEST_ASSERT( handle != 0 ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage_flags, alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); + PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); + TEST_ASSERT( read_type == type ); + + /* Do something that invalidates the handle. */ + switch( close_method ) + { + case CLOSE_BY_CLOSE: + PSA_ASSERT( psa_close_key( handle ) ); + break; + case CLOSE_BY_DESTROY: + PSA_ASSERT( psa_destroy_key( handle ) ); + break; + case CLOSE_BY_SHUTDOWN: + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_crypto_init( ) ); + break; + } + /* Test that the handle is now invalid. */ + TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) == + PSA_ERROR_INVALID_HANDLE ); + TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void persistent_slot_lifecycle( int lifetime_arg, int id_arg, + int type_arg, int max_bits_arg, + int alg_arg, int usage_arg, + data_t *key_data, + int close_method_arg ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_id_t id = id_arg; + psa_key_type_t type = type_arg; + size_t max_bits = max_bits_arg; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage_flags = usage_arg; + close_method_t close_method = close_method_arg; + psa_key_type_t read_type; + psa_key_handle_t handle = 0; + psa_key_policy_t policy; + + TEST_MAX_KEY_ID( id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Get a handle and import a key. */ + PSA_ASSERT( psa_create_key( lifetime, id, type, max_bits, &handle ) ); + TEST_ASSERT( handle != 0 ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage_flags, alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); + PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); + TEST_ASSERT( read_type == type ); + + /* Close the key and reopen it. */ + PSA_ASSERT( psa_close_key( handle ) ); + PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); + PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); + TEST_ASSERT( read_type == type ); + + /* Do something that invalidates the handle. */ + switch( close_method ) + { + case CLOSE_BY_CLOSE: + PSA_ASSERT( psa_close_key( handle ) ); + break; + case CLOSE_BY_DESTROY: + PSA_ASSERT( psa_destroy_key( handle ) ); + break; + case CLOSE_BY_SHUTDOWN: + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_crypto_init( ) ); + break; + } + /* Test that the handle is now invalid. */ + TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) == + PSA_ERROR_INVALID_HANDLE ); + TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE ); + + /* Try to reopen the key. If we destroyed it, check that it doesn't + * exist, otherwise check that it still exists. */ + switch( close_method ) + { + case CLOSE_BY_CLOSE: + case CLOSE_BY_SHUTDOWN: + PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); + PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); + TEST_ASSERT( read_type == type ); + break; + case CLOSE_BY_DESTROY: + TEST_ASSERT( psa_open_key( lifetime, id, &handle ) == + PSA_ERROR_EMPTY_SLOT ); + break; + } + +exit: + mbedtls_psa_crypto_free( ); + psa_purge_key_storage( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void create_existent( int lifetime_arg, int id_arg, + int new_type_arg, + int reopen_policy_arg ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_id_t id = id_arg; + psa_key_handle_t handle1 = 0, handle2 = 0; + psa_key_policy_t policy1, read_policy; + psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; + psa_key_type_t type2 = new_type_arg; + psa_key_type_t read_type; + const uint8_t material1[16] = "test material #1"; + size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) ); + size_t read_bits; + uint8_t reexported[sizeof( material1 )]; + size_t reexported_length; + reopen_policy_t reopen_policy = reopen_policy_arg; + + TEST_MAX_KEY_ID( id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Create a key. */ + PSA_ASSERT( psa_create_key( lifetime, id, type1, bits1, &handle1 ) ); + TEST_ASSERT( handle1 != 0 ); + psa_key_policy_init( &policy1 ); + psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 ); + PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) ); + PSA_ASSERT( psa_import_key( handle1, type1, + material1, sizeof( material1 ) ) ); + + if( reopen_policy == CLOSE_BEFORE ) + PSA_ASSERT( psa_close_key( handle1 ) ); + + /* Attempt to create a new key in the same slot. */ + TEST_ASSERT( psa_create_key( lifetime, id, type2, bits1, &handle2 ) == + PSA_ERROR_OCCUPIED_SLOT ); + TEST_ASSERT( handle2 == 0 ); + + if( reopen_policy == CLOSE_AFTER ) + PSA_ASSERT( psa_close_key( handle1 ) ); + if( reopen_policy == CLOSE_BEFORE || reopen_policy == CLOSE_AFTER ) + PSA_ASSERT( psa_open_key( lifetime, id, &handle1 ) ); + + /* Check that the original key hasn't changed. */ + PSA_ASSERT( psa_get_key_policy( handle1, &read_policy ) ); + TEST_ASSERT( psa_key_policy_equal( &read_policy, &policy1 ) ); + PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) ); + TEST_ASSERT( read_type == type1 ); + TEST_ASSERT( read_bits == bits1 ); + PSA_ASSERT( psa_export_key( handle1, + reexported, sizeof( reexported ), + &reexported_length ) ); + ASSERT_COMPARE( material1, sizeof( material1 ), + reexported, reexported_length ); + +exit: + mbedtls_psa_crypto_free( ); + psa_purge_key_storage( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void open_fail( int lifetime_arg, int id_arg, + int expected_status_arg ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_id_t id = id_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_handle_t handle = 0xdead; + + PSA_ASSERT( psa_crypto_init( ) ); + + TEST_ASSERT( psa_open_key( lifetime, id, &handle ) == expected_status ); + TEST_ASSERT( handle == 0 ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void create_fail( int lifetime_arg, int id_arg, + int type_arg, int max_bits_arg, + int expected_status_arg ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_id_t id = id_arg; + psa_key_type_t type = type_arg; + size_t max_bits = max_bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_handle_t handle = 0xdead; + + TEST_MAX_KEY_ID( id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + TEST_ASSERT( psa_create_key( lifetime, id, + type, max_bits, + &handle ) == expected_status ); + TEST_ASSERT( handle == 0 ); + +exit: + mbedtls_psa_crypto_free( ); + psa_purge_key_storage( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void invalid_handle( ) +{ + psa_key_handle_t handle1 = 0; + psa_key_policy_t policy; + psa_key_type_t read_type; + size_t read_bits; + uint8_t material[1] = "a"; + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Allocate a handle and store a key in it. */ + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 1, &handle1 ) ); + TEST_ASSERT( handle1 != 0 ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, 0, 0 ); + PSA_ASSERT( psa_set_key_policy( handle1, &policy ) ); + PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA, + material, sizeof( material ) ) ); + + /* Attempt to close and destroy some invalid handles. */ + TEST_ASSERT( psa_close_key( 0 ) == PSA_ERROR_INVALID_HANDLE ); + TEST_ASSERT( psa_close_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE ); + TEST_ASSERT( psa_close_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE ); + /* At the moment the implementation returns INVALID_ARGUMENT for 0 + * because of the transitional support for non-allocated slot numbers. + * When this is removed, the error will switch to INVALID_HANDLE. */ + TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_ARGUMENT ); + TEST_ASSERT( psa_destroy_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE ); + TEST_ASSERT( psa_destroy_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE ); + + /* After all this, check that the original handle is intact. */ + PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) ); + TEST_ASSERT( read_type == PSA_KEY_TYPE_RAW_DATA ); + TEST_ASSERT( read_bits == PSA_BYTES_TO_BITS( sizeof( material ) ) ); + PSA_ASSERT( psa_close_key( handle1 ) ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void many_transient_handles( int max_handles_arg ) +{ + psa_key_handle_t *handles = NULL; + size_t max_handles = max_handles_arg; + size_t i, j; + psa_status_t status; + psa_key_policy_t policy; + uint8_t exported[sizeof( size_t )]; + size_t exported_length; + size_t max_bits = PSA_BITS_TO_BYTES( sizeof( exported ) ); + + ASSERT_ALLOC( handles, max_handles ); + PSA_ASSERT( psa_crypto_init( ) ); + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); + + for( i = 0; i < max_handles; i++ ) + { + status = psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, max_bits, + &handles[i] ); + if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) + break; + TEST_ASSERT( status == PSA_SUCCESS ); + TEST_ASSERT( handles[i] != 0 ); + for( j = 0; j < i; j++ ) + TEST_ASSERT( handles[i] != handles[j] ); + PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) ); + PSA_ASSERT( psa_import_key( handles[i], PSA_KEY_TYPE_RAW_DATA, + (uint8_t *) &i, sizeof( i ) ) ); + } + max_handles = i; + + for( i = 1; i < max_handles; i++ ) + { + PSA_ASSERT( psa_close_key( handles[i - 1] ) ); + PSA_ASSERT( psa_export_key( handles[i], + exported, sizeof( exported ), + &exported_length ) ); + ASSERT_COMPARE( exported, exported_length, + (uint8_t *) &i, sizeof( i ) ); + } + PSA_ASSERT( psa_close_key( handles[i - 1] ) ); + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( handles ); +} +/* END_CASE */ + From 961849f6d189e5b796625bb80b6663c0398b0473 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 30 Nov 2018 18:54:54 +0100 Subject: [PATCH 0837/2197] Implement slot allocation Implement psa_allocate_key, psa_open_key, psa_create_key, psa_close_key. Add support for keys designated to handles to psa_get_key_slot, and thereby to the whole API. Allocated and non-allocated keys can coexist. This is a temporary stage in order to transition from the use of direct slot numbers to allocated handles only. Once all the tests and sample programs have been migrated to use handles, the implementation will be simplified and made more robust with support for handles only. --- library/CMakeLists.txt | 1 + library/Makefile | 1 + library/psa_crypto.c | 107 ++++++++++++++++++++-- library/psa_crypto_slot_management.c | 116 ++++++++++++++++++++++++ library/psa_crypto_slot_management.h | 80 ++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 5 +- visualc/VS2010/mbedTLS.vcxproj | 2 + 7 files changed, 304 insertions(+), 8 deletions(-) create mode 100644 library/psa_crypto_slot_management.c create mode 100644 library/psa_crypto_slot_management.h diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index c8070bb27..3a3f61bcf 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -54,6 +54,7 @@ set(src_crypto platform_util.c poly1305.c psa_crypto.c + psa_crypto_slot_management.c psa_crypto_storage.c psa_crypto_storage_file.c psa_crypto_storage_its.c diff --git a/library/Makefile b/library/Makefile index 95faaaef3..1822a24af 100644 --- a/library/Makefile +++ b/library/Makefile @@ -83,6 +83,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ pkcs5.o pkparse.o pkwrite.o \ platform.o platform_util.o poly1305.o \ psa_crypto.o \ + psa_crypto_slot_management.o \ psa_crypto_storage.o \ psa_crypto_storage_file.o \ psa_crypto_storage_its.o \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 24ad06d38..0d809cbaa 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -44,6 +44,7 @@ #include "psa/crypto.h" #include "psa_crypto_invasive.h" +#include "psa_crypto_slot_management.h" /* Include internal declarations that are useful for implementing persistently * stored keys. */ #include "psa_crypto_storage.h" @@ -117,16 +118,13 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) /* Global data, support functions and library management */ /****************************************************************/ -/* Number of key slots (plus one because 0 is not used). - * The value is a compile-time constant for now, for simplicity. */ -#define PSA_KEY_SLOT_COUNT 32 - typedef struct { psa_key_type_t type; psa_key_policy_t policy; psa_key_lifetime_t lifetime; psa_key_id_t persistent_storage_id; + unsigned allocated : 1; union { struct raw_data @@ -742,21 +740,34 @@ exit: #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ /* Retrieve a key slot, occupied or not. */ -static psa_status_t psa_get_key_slot( psa_key_slot_t key, +static psa_status_t psa_get_key_slot( psa_key_slot_t key_or_handle, key_slot_t **p_slot ) { + psa_key_slot_t key = key_or_handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG; + int is_handle = ( key_or_handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) != 0; + psa_status_t error_if_invalid = + ( is_handle ? + PSA_ERROR_INVALID_HANDLE : + PSA_ERROR_INVALID_ARGUMENT ); + GUARD_MODULE_INITIALIZED; /* 0 is not a valid slot number under any circumstance. This * implementation provides slots number 1 to N where N is the * number of available slots. */ if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( error_if_invalid ); *p_slot = &global_data.key_slots[key - 1]; + /* Allocated slots must only be accessed via a handle. + * Unallocated slots must only be accessed directly. */ + if( ( *p_slot )->allocated != is_handle ) + return( error_if_invalid ); + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + if( ! ( *p_slot )->allocated && + ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { /* There are two circumstances this can occur: the key material has * not yet been created, or the key exists in storage but has not yet @@ -865,6 +876,88 @@ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot ) return( PSA_SUCCESS ); } +/* A slot is available if nothing has been set in it: default lifetime + * and policy, no key type. */ +static int psa_internal_is_slot_available( key_slot_t *slot ) +{ + if( slot->allocated ) + return( 0 ); + if( slot->type != PSA_KEY_TYPE_NONE ) + return( 0 ); + if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE ) + return( 0 ); + if( slot->policy.usage != 0 || slot->policy.alg != 0 ) + return( 0 ); + return( 1 ); +} + +psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) +{ + psa_key_slot_t key; + for( key = PSA_KEY_SLOT_COUNT; key != 0; --( key ) ) + { + key_slot_t *slot = &global_data.key_slots[key - 1]; + if( psa_internal_is_slot_available( slot ) ) + { + slot->allocated = 1; + *handle = key | PSA_KEY_HANDLE_ALLOCATED_FLAG; + return( PSA_SUCCESS ); + } + } + return( PSA_ERROR_INSUFFICIENT_MEMORY ); +} + +psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, + psa_key_id_t id ) +{ + key_slot_t *slot; + psa_status_t status; + + /* Reject id=0 because by general library conventions, 0 is an invalid + * value wherever possible. */ + if( id == 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + /* Reject high values because the file names are reserved for the + * library's internal use. */ + if( id >= 0xffff0000 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + /* Reject values that don't fit in the key slot number type. + * This is a temporary limitation due to the library's internal + * plumbing. */ + if( id > (psa_key_slot_t)( -1 ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_get_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT; + slot->persistent_storage_id = id; + status = psa_load_persistent_key_into_slot( slot ); + + return( status ); +} + +psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) +{ + psa_key_slot_t key; + key_slot_t *slot; + psa_status_t status; + /* Don't call psa_get_key_slot() so as not to trigger its automatic + * loading of persistent key data. */ + if( ( handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) == 0 ) + return( PSA_ERROR_INVALID_HANDLE ); + key = handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG; + if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) + return( PSA_ERROR_INVALID_HANDLE ); + slot = &global_data.key_slots[key - 1]; + if( ! slot->allocated ) + return( PSA_ERROR_INVALID_HANDLE ); + status = psa_remove_key_data_from_memory( slot ); + memset( slot, 0, sizeof( *slot ) ); + return( status ); +} + psa_status_t psa_import_key( psa_key_slot_t key, psa_key_type_t type, const uint8_t *data, diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c new file mode 100644 index 000000000..ae5e146b9 --- /dev/null +++ b/library/psa_crypto_slot_management.c @@ -0,0 +1,116 @@ +/* + * PSA crypto layer on top of Mbed TLS crypto + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include "psa/crypto.h" + +#include "psa_crypto_slot_management.h" +#include "psa_crypto_storage.h" + +#include +#include +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) + +psa_status_t psa_allocate_key( psa_key_type_t type, + size_t max_bits, + psa_key_handle_t *handle ) +{ + /* This implementation doesn't reserve memory for the keys. */ + (void) type; + (void) max_bits; + *handle = 0; + return( psa_internal_allocate_key_slot( handle ) ); +} + +static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_handle_t *handle, + psa_status_t wanted_load_status ) +{ + psa_status_t status; + + *handle = 0; + + if( lifetime != PSA_KEY_LIFETIME_PERSISTENT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_internal_allocate_key_slot( handle ); + if( status != PSA_SUCCESS ) + return( status ); + + status = psa_internal_make_key_persistent( *handle, id ); + if( status != wanted_load_status ) + { + psa_internal_release_key_slot( *handle ); + *handle = 0; + } + return( status ); +} + +psa_status_t psa_open_key( psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_handle_t *handle ) +{ + return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) ); +} + +psa_status_t psa_create_key( psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_type_t type, + size_t max_bits, + psa_key_handle_t *handle ) +{ + psa_status_t status; + + /* This implementation doesn't reserve memory for the keys. */ + (void) type; + (void) max_bits; + + status = persistent_key_setup( lifetime, id, handle, + PSA_ERROR_EMPTY_SLOT ); + switch( status ) + { + case PSA_SUCCESS: return( PSA_ERROR_OCCUPIED_SLOT ); + case PSA_ERROR_EMPTY_SLOT: return( PSA_SUCCESS ); + default: return( status ); + } +} + +psa_status_t psa_close_key( psa_key_handle_t handle ) +{ + return( psa_internal_release_key_slot( handle ) ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h new file mode 100644 index 000000000..36917bbaa --- /dev/null +++ b/library/psa_crypto_slot_management.h @@ -0,0 +1,80 @@ +/* + * PSA crypto layer on top of Mbed TLS crypto + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H +#define PSA_CRYPTO_SLOT_MANAGEMENT_H + +/* Number of key slots (plus one because 0 is not used). + * The value is a compile-time constant for now, for simplicity. */ +#define PSA_KEY_SLOT_COUNT 32 + +/* All dynamically allocated handles have this bit set. */ +#define PSA_KEY_HANDLE_ALLOCATED_FLAG ( (psa_key_handle_t) 0x8000 ) + +/** \defgroup core_slot_management Internal functions exposed by the core + * @{ + */ + +/** Find a free key slot and mark it as in use. + * + * \param[out] handle On success, a slot number that is not in use. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ); + +/** Wipe an a key slot and mark it as available. + * + * This does not affect persistent storage. + * + * \param handle The key slot number to release. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ); + +/** Declare a slot as persistent and load it from storage. + * + * This function may only be called immediately after a successful call + * to psa_internal_allocate_key_slot(). + * + * \param handle A handle to a key slot freshly allocated with + * psa_internal_allocate_key_slot(). + * + * \retval #PSA_SUCCESS + * The slot content was loaded successfully. + * \retval #PSA_ERROR_EMPTY_SLOT + * There is no content for this slot in persistent storage. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is not acceptable. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, + psa_key_id_t id ); + +/**@}*/ + +#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 91739f55e..33ca54f6d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -39,7 +39,10 @@ PSA export out of range key slot - lower bound export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT PSA export out of range key slot - upper bound -export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT +# Hard-code the upper bound of slots that are directly accessible because the +# API does not expose this value. This is temporary: directly-accessible +# slots are about to be removed. +export_invalid_slot:32767:PSA_ERROR_INVALID_ARGUMENT PSA export a slot where there was some activity but no key material creation export_with_no_key_activity diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index d305c4515..341e058a8 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -232,6 +232,7 @@ + @@ -291,6 +292,7 @@ + From d7c75707b88d3e3aca2f2fdcdcad9f76cfafff83 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 10:36:46 +0100 Subject: [PATCH 0838/2197] mbedtls_psa_crypto_free: free allocated slots as well Access the slot directly rather than going through psa_get_key_slot. Unlike other places where key slots are accessed through psa_get_key_slot, here, we know where all the slots are and there are no policy or permission considerations. This resolves a memory leak: allocated slots were not getting freed because psa_get_key_slot rejected the attempt of accessing them directly rather than via a handle. --- library/psa_crypto.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0d809cbaa..50c8a8962 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4559,17 +4559,13 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( void mbedtls_psa_crypto_free( void ) { - psa_key_slot_t key; - key_slot_t *slot; - psa_status_t status; if( global_data.key_slots_initialized ) { + psa_key_slot_t key; for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) { - status = psa_get_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - continue; - psa_remove_key_data_from_memory( slot ); + key_slot_t *slot = &global_data.key_slots[key - 1]; + (void) psa_remove_key_data_from_memory( slot ); /* Zeroize the slot to wipe metadata such as policies. */ mbedtls_zeroize( slot, sizeof( *slot ) ); } From a426168cbff890e96807a489e0d3a3a164d2e105 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 11:34:01 +0100 Subject: [PATCH 0839/2197] Test that failure of import_key preserves metadata --- tests/suites/test_suite_psa_crypto.data | 4 +++ tests/suites/test_suite_psa_crypto.function | 39 +++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 33ca54f6d..d23c364bf 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -323,6 +323,10 @@ PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT +PSA import failure preserves policy +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS + PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2fa060b25..3978ba7a0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -948,6 +948,45 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void import_twice( int alg_arg, int usage_arg, + int type1_arg, data_t *data1, + int expected_import1_status_arg, + int type2_arg, data_t *data2, + int expected_import2_status_arg ) +{ + int slot = 1; + psa_algorithm_t alg = alg_arg; + psa_key_usage_t usage = usage_arg; + psa_key_type_t type1 = type1_arg; + psa_status_t expected_import1_status = expected_import1_status_arg; + psa_key_type_t type2 = type2_arg; + psa_status_t expected_import2_status = expected_import2_status_arg; + psa_key_policy_t policy; + psa_status_t status; + + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + + psa_key_policy_init( &policy ); + psa_key_policy_set_usage( &policy, usage, alg ); + TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + + status = psa_import_key( slot, type1, data1->x, data1->len ); + TEST_ASSERT( status == expected_import1_status ); + status = psa_import_key( slot, type2, data2->x, data2->len ); + TEST_ASSERT( status == expected_import2_status ); + + if( expected_import1_status == PSA_SUCCESS || + expected_import2_status == PSA_SUCCESS ) + { + TEST_ASSERT( exercise_key( slot, usage, alg ) ); + } + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) { From f77ed1f20b636c81a980c1e7431130db249bf1eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 11:58:46 +0100 Subject: [PATCH 0840/2197] Factor the common idiom psa_wipe_key_slot into a function Many places in the code called psa_remove_key_data_from_memory (which preserves metadata for the sake of failues in psa_import_key) followed by clearing the slot data. Use an auxiliary function for this. --- library/psa_crypto.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 50c8a8962..1a038a12a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -637,6 +637,9 @@ exit: } #endif /* defined(MBEDTLS_ECP_C) */ +/** Import key data into a slot. `slot->type` must have been set + * previously. This function assumes that the slot does not contain + * any key material yet. On failure, the slot content is unchanged. */ static psa_status_t psa_import_key_into_slot( key_slot_t *slot, const uint8_t *data, size_t data_length ) @@ -840,6 +843,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, return( PSA_SUCCESS ); } +/** Wipe key data from a slot. Preserve metadata such as the policy. */ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot ) { if( slot->type == PSA_KEY_TYPE_NONE ) @@ -876,6 +880,18 @@ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot ) return( PSA_SUCCESS ); } +/** Completely wipe a slot in memory, including its policy. + * Persistent storage is not affected. */ +static psa_status_t psa_wipe_key_slot( key_slot_t *slot ) +{ + psa_status_t status = psa_remove_key_data_from_memory( slot ); + /* At this point, key material and other type-specific content has + * been wiped. Clear remaining metadata. We can call memset and not + * zeroize because the metadata is not particularly sensitive. */ + memset( slot, 0, sizeof( *slot ) ); + return( status ); +} + /* A slot is available if nothing has been set in it: default lifetime * and policy, no key type. */ static int psa_internal_is_slot_available( key_slot_t *slot ) @@ -942,7 +958,6 @@ psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) { psa_key_slot_t key; key_slot_t *slot; - psa_status_t status; /* Don't call psa_get_key_slot() so as not to trigger its automatic * loading of persistent key data. */ if( ( handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) == 0 ) @@ -953,9 +968,7 @@ psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) slot = &global_data.key_slots[key - 1]; if( ! slot->allocated ) return( PSA_ERROR_INVALID_HANDLE ); - status = psa_remove_key_data_from_memory( slot ); - memset( slot, 0, sizeof( *slot ) ); - return( status ); + return( psa_wipe_key_slot( slot ) ); } psa_status_t psa_import_key( psa_key_slot_t key, @@ -1013,9 +1026,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key ) psa_destroy_persistent_key( slot->persistent_storage_id ); } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - status = psa_remove_key_data_from_memory( slot ); - /* Zeroize the slot to wipe metadata such as policies. */ - mbedtls_zeroize( slot, sizeof( *slot ) ); + status = psa_wipe_key_slot( slot ); if( status != PSA_SUCCESS ) return( status ); return( storage_status ); @@ -4565,9 +4576,7 @@ void mbedtls_psa_crypto_free( void ) for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) { key_slot_t *slot = &global_data.key_slots[key - 1]; - (void) psa_remove_key_data_from_memory( slot ); - /* Zeroize the slot to wipe metadata such as policies. */ - mbedtls_zeroize( slot, sizeof( *slot ) ); + (void) psa_wipe_key_slot( slot ); } } if( global_data.rng_state != RNG_NOT_INITIALIZED ) From dc911fd59455bcee34227ea9d9ea358d3fec0cd0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 12:21:51 +0100 Subject: [PATCH 0841/2197] Remove redundant slot-based test fill_slots is superseded by many_transient_handles. --- tests/suites/test_suite_psa_crypto.data | 3 -- tests/suites/test_suite_psa_crypto.function | 56 --------------------- 2 files changed, 59 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d23c364bf..a468abfef 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,9 +1,6 @@ PSA compile-time sanity checks static_checks: -PSA fill 250 slots -fill_slots:250 - PSA import/export raw: 0 bytes import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3978ba7a0..aebf9a6f2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -871,62 +871,6 @@ void static_checks( ) } /* END_CASE */ -/* BEGIN_CASE */ -void fill_slots( int max_arg ) -{ - /* Fill all the slots until we run out of memory or out of slots, - * or until some limit specified in the test data for the sake of - * implementations with an essentially unlimited number of slots. - * This test assumes that available slots are numbered from 1. */ - - psa_key_slot_t slot; - psa_key_slot_t max = 0; - psa_key_policy_t policy; - uint8_t exported[sizeof( max )]; - size_t exported_size; - psa_status_t status; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); - - for( max = 1; max <= (size_t) max_arg; max++ ) - { - status = psa_set_key_policy( max, &policy ); - /* Stop filling slots if we run out of memory or out of - * available slots. */ - TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INSUFFICIENT_MEMORY || - status == PSA_ERROR_INVALID_ARGUMENT ); - if( status != PSA_SUCCESS ) - break; - status = psa_import_key( max, PSA_KEY_TYPE_RAW_DATA, - (uint8_t*) &max, sizeof( max ) ); - /* Since psa_set_key_policy succeeded, we know that the slot - * number is valid. But we may legitimately run out of memory. */ - TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INSUFFICIENT_MEMORY ); - if( status != PSA_SUCCESS ) - break; - } - /* `max` is now the first slot number that wasn't filled. */ - max -= 1; - - for( slot = 1; slot <= max; slot++ ) - { - TEST_ASSERT( psa_export_key( slot, - exported, sizeof( exported ), - &exported_size ) == PSA_SUCCESS ); - ASSERT_COMPARE( &slot, sizeof( slot ), exported, exported_size ); - } - -exit: - /* Do not destroy the keys. mbedtls_psa_crypto_free() should do it. */ - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void import( data_t *data, int type, int expected_status_arg ) { From a8860b2990be9a1380a6bf1ca4072850e247c870 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 14:56:51 +0100 Subject: [PATCH 0842/2197] Remove lifetime test functions With the handle-based slot management interface, psa_set_key_lifetime will no longer exist, so remove the corresponding unit tests. --- tests/suites/test_suite_psa_crypto.data | 12 ----- tests/suites/test_suite_psa_crypto.function | 55 --------------------- 2 files changed, 67 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a468abfef..4d7793556 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -471,18 +471,6 @@ PSA key policy: agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) -PSA key lifetime: set and get volatile -key_lifetime:PSA_KEY_LIFETIME_VOLATILE - -PSA key lifetime set: invalid key slot -key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT - -PSA key lifetime set: cannot change write_once lifetime -key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED - -PSA key lifetime set: invalid key lifetime value -key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT - PSA hash setup: good, SHA-1 depends_on:MBEDTLS_SHA1_C hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index aebf9a6f2..8b3c79428 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1733,61 +1733,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void key_lifetime( int lifetime_arg ) -{ - int key_slot = 1; - psa_key_type_t key_type = PSA_KEY_TYPE_RAW_DATA; - unsigned char key[32] = {0}; - psa_key_lifetime_t lifetime_set = lifetime_arg; - psa_key_lifetime_t lifetime_get; - - memset( key, 0x2a, sizeof( key ) ); - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_set_key_lifetime( key_slot, - lifetime_set ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( key_slot, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_get_key_lifetime( key_slot, - &lifetime_get ) == PSA_SUCCESS ); - - TEST_ASSERT( lifetime_get == lifetime_set ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_lifetime_set_fail( int key_slot_arg, - int lifetime_arg, - int expected_status_arg ) -{ - psa_key_slot_t key_slot = key_slot_arg; - psa_key_lifetime_t lifetime_set = lifetime_arg; - psa_status_t actual_status; - psa_status_t expected_status = expected_status_arg; - - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - - actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); - - if( actual_status == PSA_SUCCESS ) - actual_status = psa_set_key_lifetime( key_slot, lifetime_set ); - - TEST_ASSERT( expected_status == actual_status ); - -exit: - psa_destroy_key( key_slot ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void hash_setup( int alg_arg, int expected_status_arg ) From bdf309ccdb51255a39abd1d29bbf19539263813b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 15:36:32 +0100 Subject: [PATCH 0843/2197] Convert the PSA crypto cryptography tests to the new handle API Switch from the direct use of slot numbers to handles allocated by psa_allocate_key. This commit does not affect persistent key tests except for the one test function in test_suite_psa_crypto that uses persistent keys (persistent_key_load_key_from_storage). The general principle for each function is: * Change `psa_key_slot_t slot` to `psa_key_handle_t handle`. * Call psa_allocate_key() before setting the policy of the slot, or before creating key material in functions that don't set a policy. * Some PSA_ERROR_EMPTY_SLOT errors become PSA_ERROR_INVALID_HANDLE because there is now a distinction between not having a valid handle, and having a valid handle to a slot that doesn't contain key material. * In tests that use symmetric keys, calculate the max_bits parameters of psa_allocate_key() from the key data size. In tests where the key may be asymmetric, call an auxiliary macro KEY_BITS_FROM_DATA which returns an overapproximation. There's no good way to find a good value for max_bits with the API, I think the API should be tweaked. --- tests/suites/test_suite_psa_crypto.data | 16 +- tests/suites/test_suite_psa_crypto.function | 855 ++++++++++++-------- 2 files changed, 511 insertions(+), 360 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4d7793556..9801a8db7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -29,17 +29,15 @@ PSA import to non empty key slot depends_on:MBEDTLS_AES_C import_key_nonempty_slot -PSA export empty key slot -export_invalid_slot:1:PSA_ERROR_EMPTY_SLOT +PSA export invalid handle (0) +export_invalid_handle:0:PSA_ERROR_INVALID_ARGUMENT -PSA export out of range key slot - lower bound -export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT +PSA export invalid handle (smallest plausible handle) +# EMPTY_SLOT is temporary, because this valie is treated as a numbered slot, not as a handle +export_invalid_handle:1:PSA_ERROR_EMPTY_SLOT -PSA export out of range key slot - upper bound -# Hard-code the upper bound of slots that are directly accessible because the -# API does not expose this value. This is temporary: directly-accessible -# slots are about to be removed. -export_invalid_slot:32767:PSA_ERROR_INVALID_ARGUMENT +PSA export invalid handle (largest plausible handle) +export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE PSA export a slot where there was some activity but no key material creation export_with_no_key_activity diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8b3c79428..c40ac5f7d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -130,7 +130,7 @@ static int construct_fake_rsa_key( unsigned char *buffer, return( len ); } -static int exercise_mac_key( psa_key_slot_t key, +static int exercise_mac_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -142,7 +142,7 @@ static int exercise_mac_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_SIGN ) { TEST_ASSERT( psa_mac_sign_setup( &operation, - key, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_sign_finish( &operation, @@ -157,7 +157,7 @@ static int exercise_mac_key( psa_key_slot_t key, PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); TEST_ASSERT( psa_mac_verify_setup( &operation, - key, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify_finish( &operation, @@ -172,7 +172,7 @@ exit: return( 0 ); } -static int exercise_cipher_key( psa_key_slot_t key, +static int exercise_cipher_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -188,7 +188,7 @@ static int exercise_cipher_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_ENCRYPT ) { TEST_ASSERT( psa_cipher_encrypt_setup( &operation, - key, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_generate_iv( &operation, iv, sizeof( iv ), &iv_length ) == PSA_SUCCESS ); @@ -210,11 +210,11 @@ static int exercise_cipher_key( psa_key_slot_t key, if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) { size_t bits; - TEST_ASSERT( psa_get_key_information( key, &type, &bits ) ); + TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) ); iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); } TEST_ASSERT( psa_cipher_decrypt_setup( &operation, - key, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_set_iv( &operation, iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_update( &operation, @@ -243,7 +243,7 @@ exit: return( 0 ); } -static int exercise_aead_key( psa_key_slot_t key, +static int exercise_aead_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -256,7 +256,7 @@ static int exercise_aead_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - TEST_ASSERT( psa_aead_encrypt( key, alg, + TEST_ASSERT( psa_aead_encrypt( handle, alg, nonce, nonce_length, NULL, 0, plaintext, sizeof( plaintext ), @@ -270,7 +270,7 @@ static int exercise_aead_key( psa_key_slot_t key, ( usage & PSA_KEY_USAGE_ENCRYPT ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_ASSERT( psa_aead_decrypt( key, alg, + TEST_ASSERT( psa_aead_decrypt( handle, alg, nonce, nonce_length, NULL, 0, ciphertext, ciphertext_length, @@ -284,7 +284,7 @@ exit: return( 0 ); } -static int exercise_signature_key( psa_key_slot_t key, +static int exercise_signature_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -301,7 +301,7 @@ static int exercise_signature_key( psa_key_slot_t key, psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); if( hash_alg != 0 ) payload_length = PSA_HASH_SIZE( hash_alg ); - TEST_ASSERT( psa_asymmetric_sign( key, alg, + TEST_ASSERT( psa_asymmetric_sign( handle, alg, payload, payload_length, signature, sizeof( signature ), &signature_length ) == PSA_SUCCESS ); @@ -313,7 +313,7 @@ static int exercise_signature_key( psa_key_slot_t key, ( usage & PSA_KEY_USAGE_SIGN ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_ASSERT( psa_asymmetric_verify( key, alg, + TEST_ASSERT( psa_asymmetric_verify( handle, alg, payload, payload_length, signature, signature_length ) == verify_status ); @@ -325,7 +325,7 @@ exit: return( 0 ); } -static int exercise_asymmetric_encryption_key( psa_key_slot_t key, +static int exercise_asymmetric_encryption_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -337,7 +337,7 @@ static int exercise_asymmetric_encryption_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_ENCRYPT ) { TEST_ASSERT( - psa_asymmetric_encrypt( key, alg, + psa_asymmetric_encrypt( handle, alg, plaintext, plaintext_length, NULL, 0, ciphertext, sizeof( ciphertext ), @@ -347,7 +347,7 @@ static int exercise_asymmetric_encryption_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_DECRYPT ) { psa_status_t status = - psa_asymmetric_decrypt( key, alg, + psa_asymmetric_decrypt( handle, alg, ciphertext, ciphertext_length, NULL, 0, plaintext, sizeof( plaintext ), @@ -364,7 +364,7 @@ exit: return( 0 ); } -static int exercise_key_derivation_key( psa_key_slot_t key, +static int exercise_key_derivation_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -378,7 +378,7 @@ static int exercise_key_derivation_key( psa_key_slot_t key, if( usage & PSA_KEY_USAGE_DERIVE ) { TEST_ASSERT( psa_key_derivation( &generator, - key, alg, + handle, alg, label, label_length, seed, seed_length, sizeof( output ) ) == PSA_SUCCESS ); @@ -397,7 +397,7 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, - psa_key_type_t key_slot, + psa_key_handle_t handle, psa_algorithm_t alg ) { psa_key_type_t private_key_type; @@ -410,18 +410,18 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, * good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_UNKNOWN_ERROR; - TEST_ASSERT( psa_get_key_information( key_slot, + TEST_ASSERT( psa_get_key_information( handle, &private_key_type, &key_bits ) == PSA_SUCCESS ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); TEST_ASSERT( public_key != NULL ); - TEST_ASSERT( psa_export_public_key( key_slot, + TEST_ASSERT( psa_export_public_key( handle, public_key, public_key_length, &public_key_length ) == PSA_SUCCESS ); - status = psa_key_agreement( generator, key_slot, + status = psa_key_agreement( generator, handle, public_key, public_key_length, alg ); exit: @@ -429,7 +429,7 @@ exit: return( status ); } -static int exercise_key_agreement_key( psa_key_slot_t key, +static int exercise_key_agreement_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -441,7 +441,7 @@ static int exercise_key_agreement_key( psa_key_slot_t key, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - TEST_ASSERT( key_agreement_with_self( &generator, key, alg ) == + TEST_ASSERT( key_agreement_with_self( &generator, handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_generator_read( &generator, output, @@ -713,7 +713,7 @@ exit: return( 0 ); } -static int exercise_export_key( psa_key_slot_t slot, +static int exercise_export_key( psa_key_handle_t handle, psa_key_usage_t usage ) { psa_key_type_t type; @@ -723,12 +723,12 @@ static int exercise_export_key( psa_key_slot_t slot, size_t exported_length = 0; int ok = 0; - TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS ); if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) { - TEST_ASSERT( psa_export_key( slot, NULL, 0, &exported_length ) == + TEST_ASSERT( psa_export_key( handle, NULL, 0, &exported_length ) == PSA_ERROR_NOT_PERMITTED ); return( 1 ); } @@ -736,7 +736,7 @@ static int exercise_export_key( psa_key_slot_t slot, exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); ASSERT_ALLOC( exported, exported_size ); - TEST_ASSERT( psa_export_key( slot, + TEST_ASSERT( psa_export_key( handle, exported, exported_size, &exported_length ) == PSA_SUCCESS ); ok = exported_key_sanity_check( type, bits, exported, exported_length ); @@ -746,7 +746,7 @@ exit: return( ok ); } -static int exercise_export_public_key( psa_key_slot_t slot ) +static int exercise_export_public_key( psa_key_handle_t handle ) { psa_key_type_t type; psa_key_type_t public_type; @@ -756,10 +756,10 @@ static int exercise_export_public_key( psa_key_slot_t slot ) size_t exported_length = 0; int ok = 0; - TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS ); if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) { - TEST_ASSERT( psa_export_public_key( slot, + TEST_ASSERT( psa_export_public_key( handle, NULL, 0, &exported_length ) == PSA_ERROR_INVALID_ARGUMENT ); return( 1 ); @@ -769,7 +769,7 @@ static int exercise_export_public_key( psa_key_slot_t slot ) exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ); ASSERT_ALLOC( exported, exported_size ); - TEST_ASSERT( psa_export_public_key( slot, + TEST_ASSERT( psa_export_public_key( handle, exported, exported_size, &exported_length ) == PSA_SUCCESS ); ok = exported_key_sanity_check( public_type, bits, @@ -780,7 +780,7 @@ exit: return( ok ); } -static int exercise_key( psa_key_slot_t slot, +static int exercise_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -788,19 +788,19 @@ static int exercise_key( psa_key_slot_t slot, if( alg == 0 ) ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */ else if( PSA_ALG_IS_MAC( alg ) ) - ok = exercise_mac_key( slot, usage, alg ); + ok = exercise_mac_key( handle, usage, alg ); else if( PSA_ALG_IS_CIPHER( alg ) ) - ok = exercise_cipher_key( slot, usage, alg ); + ok = exercise_cipher_key( handle, usage, alg ); else if( PSA_ALG_IS_AEAD( alg ) ) - ok = exercise_aead_key( slot, usage, alg ); + ok = exercise_aead_key( handle, usage, alg ); else if( PSA_ALG_IS_SIGN( alg ) ) - ok = exercise_signature_key( slot, usage, alg ); + ok = exercise_signature_key( handle, usage, alg ); else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - ok = exercise_asymmetric_encryption_key( slot, usage, alg ); + ok = exercise_asymmetric_encryption_key( handle, usage, alg ); else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) - ok = exercise_key_derivation_key( slot, usage, alg ); + ok = exercise_key_derivation_key( handle, usage, alg ); else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - ok = exercise_key_agreement_key( slot, usage, alg ); + ok = exercise_key_agreement_key( handle, usage, alg ); else { char message[40]; @@ -811,8 +811,8 @@ static int exercise_key( psa_key_slot_t slot, ok = 0; } - ok = ok && exercise_export_key( slot, usage ); - ok = ok && exercise_export_public_key( slot ); + ok = ok && exercise_export_key( handle, usage ); + ok = ok && exercise_export_public_key( handle ); return( ok ); } @@ -845,6 +845,13 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type, } +/* An overapproximation of the amount of storage needed for a key of the + * given type and with the given content. The API doesn't make it easy + * to find a good value for the size. The current implementation doesn't + * care about the value anyway. */ +#define KEY_BITS_FROM_DATA( type, data ) \ + ( data )->len + typedef enum { IMPORT_KEY = 0, GENERATE_KEY = 1, @@ -874,7 +881,7 @@ void static_checks( ) /* BEGIN_CASE */ void import( data_t *data, int type, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -882,10 +889,12 @@ void import( data_t *data, int type, int expected_status_arg ) TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - status = psa_import_key( slot, type, data->x, data->len ); + TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) == PSA_SUCCESS ); + status = psa_import_key( handle, type, data->x, data->len ); TEST_ASSERT( status == expected_status ); if( status == PSA_SUCCESS ) - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); exit: mbedtls_psa_crypto_free( ); @@ -899,7 +908,7 @@ void import_twice( int alg_arg, int usage_arg, int type2_arg, data_t *data2, int expected_import2_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_arg; psa_key_type_t type1 = type1_arg; @@ -911,19 +920,23 @@ void import_twice( int alg_arg, int usage_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type1, + MAX( KEY_BITS_FROM_DATA( type1, data1 ), + KEY_BITS_FROM_DATA( type2, data2 ) ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - status = psa_import_key( slot, type1, data1->x, data1->len ); + status = psa_import_key( handle, type1, data1->x, data1->len ); TEST_ASSERT( status == expected_import1_status ); - status = psa_import_key( slot, type2, data2->x, data2->len ); + status = psa_import_key( handle, type2, data2->x, data2->len ); TEST_ASSERT( status == expected_import2_status ); if( expected_import1_status == PSA_SUCCESS || expected_import2_status == PSA_SUCCESS ) { - TEST_ASSERT( exercise_key( slot, usage, alg ) ); + TEST_ASSERT( exercise_key( handle, usage, alg ) ); } exit: @@ -934,7 +947,7 @@ exit: /* BEGIN_CASE */ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -955,10 +968,11 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) length = ret; /* Try importing the key */ - status = psa_import_key( slot, type, p, length ); + TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS ); + status = psa_import_key( handle, type, p, length ); TEST_ASSERT( status == expected_status ); if( status == PSA_SUCCESS ) - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); exit: mbedtls_free( buffer ); @@ -976,8 +990,7 @@ void import_export( data_t *data, int expected_export_status_arg, int canonical_input ) { - int slot = 1; - int slot2 = slot + 1; + psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; @@ -999,23 +1012,28 @@ void import_export( data_t *data, ASSERT_ALLOC( reexported, export_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle ) == + PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage_arg, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + + TEST_ASSERT( psa_get_key_information( + handle, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == PSA_SUCCESS ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, &got_type, &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); /* Export the key */ - status = psa_export_key( slot, + status = psa_export_key( handle, exported, export_size, &exported_length ); TEST_ASSERT( status == expected_export_status ); @@ -1034,32 +1052,36 @@ void import_export( data_t *data, goto destroy; } - if( ! exercise_export_key( slot, usage_arg ) ) + if( ! exercise_export_key( handle, usage_arg ) ) goto exit; if( canonical_input ) ASSERT_COMPARE( data->x, data->len, exported, exported_length ); else { - TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS ); + psa_key_handle_t handle2; + TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) == + PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle2, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot2, type, + TEST_ASSERT( psa_import_key( handle2, type, exported, exported_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( slot2, + TEST_ASSERT( psa_export_key( handle2, reexported, export_size, &reexported_length ) == PSA_SUCCESS ); ASSERT_COMPARE( exported, exported_length, reexported, reexported_length ); + TEST_ASSERT( psa_close_key( handle2 ) == PSA_SUCCESS ); } TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) ); destroy: /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + handle, NULL, NULL ) == PSA_ERROR_INVALID_HANDLE ); exit: mbedtls_free( exported ); @@ -1071,18 +1093,21 @@ exit: /* BEGIN_CASE */ void import_key_nonempty_slot( ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA; psa_status_t status; const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 }; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ), + &handle ) == PSA_SUCCESS ); + /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data, sizeof( data ) ) == PSA_SUCCESS ); /* Import the key again */ - status = psa_import_key( slot, type, data, sizeof( data ) ); + status = psa_import_key( handle, type, data, sizeof( data ) ); TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT ); exit: @@ -1091,7 +1116,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void export_invalid_slot( int slot, int expected_export_status_arg ) +void export_invalid_handle( int handle, int expected_export_status_arg ) { psa_status_t status; unsigned char *exported = NULL; @@ -1102,7 +1127,7 @@ void export_invalid_slot( int slot, int expected_export_status_arg ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); /* Export the key */ - status = psa_export_key( slot, + status = psa_export_key( (psa_key_handle_t) handle, exported, export_size, &exported_length ); TEST_ASSERT( status == expected_export_status ); @@ -1115,7 +1140,7 @@ exit: /* BEGIN_CASE */ void export_with_no_key_activity( ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_algorithm_t alg = PSA_ALG_CTR; psa_status_t status; psa_key_policy_t policy; @@ -1125,12 +1150,14 @@ void export_with_no_key_activity( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); /* Export the key */ - status = psa_export_key( slot, + status = psa_export_key( handle, exported, export_size, &exported_length ); TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); @@ -1143,7 +1170,7 @@ exit: /* BEGIN_CASE */ void cipher_with_no_key_activity( ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_status_t status; psa_key_policy_t policy; psa_cipher_operation_t operation; @@ -1151,11 +1178,13 @@ void cipher_with_no_key_activity( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg ); + status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); exit: @@ -1168,7 +1197,7 @@ exit: void export_after_import_failure( data_t *data, int type_arg, int expected_import_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; psa_status_t status; unsigned char *exported = NULL; @@ -1178,13 +1207,16 @@ void export_after_import_failure( data_t *data, int type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) == PSA_SUCCESS ); + /* Import the key - expect failure */ - status = psa_import_key( slot, type, + status = psa_import_key( handle, type, data->x, data->len ); TEST_ASSERT( status == expected_import_status ); /* Export the key */ - status = psa_export_key( slot, + status = psa_export_key( handle, exported, export_size, &exported_length ); TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); @@ -1198,7 +1230,7 @@ exit: void cipher_after_import_failure( data_t *data, int type_arg, int expected_import_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_cipher_operation_t operation; psa_key_type_t type = type_arg; psa_status_t status; @@ -1207,12 +1239,15 @@ void cipher_after_import_failure( data_t *data, int type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) == PSA_SUCCESS ); + /* Import the key - expect failure */ - status = psa_import_key( slot, type, + status = psa_import_key( handle, type, data->x, data->len ); TEST_ASSERT( status == expected_import_status ); - status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg ); + status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); exit: @@ -1224,7 +1259,7 @@ exit: /* BEGIN_CASE */ void export_after_destroy_key( data_t *data, int type_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; psa_status_t status; psa_key_policy_t policy; @@ -1235,26 +1270,28 @@ void export_after_destroy_key( data_t *data, int type_arg ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); export_size = (ptrdiff_t) data->len; ASSERT_ALLOC( exported, export_size ); /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( slot, exported, export_size, + TEST_ASSERT( psa_export_key( handle, exported, export_size, &exported_length ) == PSA_SUCCESS ); /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); /* Export the key */ - status = psa_export_key( slot, exported, export_size, + status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + TEST_ASSERT( status == PSA_ERROR_INVALID_HANDLE ); exit: mbedtls_free( exported ); @@ -1270,7 +1307,7 @@ void import_export_public_key( data_t *data, int expected_export_status_arg, data_t *expected_public_key ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_export_status = expected_export_status_arg; @@ -1282,17 +1319,19 @@ void import_export_public_key( data_t *data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == PSA_SUCCESS ); /* Export the public key */ ASSERT_ALLOC( exported, export_size ); - status = psa_export_public_key( slot, + status = psa_export_public_key( handle, exported, export_size, &exported_length ); TEST_ASSERT( status == expected_export_status ); @@ -1300,7 +1339,7 @@ void import_export_public_key( data_t *data, { psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); size_t bits; - TEST_ASSERT( psa_get_key_information( slot, NULL, &bits ) == + TEST_ASSERT( psa_get_key_information( handle, NULL, &bits ) == PSA_SUCCESS ); TEST_ASSERT( expected_public_key->len <= PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) ); @@ -1310,7 +1349,7 @@ void import_export_public_key( data_t *data, exit: mbedtls_free( exported ); - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1321,7 +1360,7 @@ void import_and_exercise_key( data_t *data, int bits_arg, int alg_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; @@ -1333,27 +1372,29 @@ void import_and_exercise_key( data_t *data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); /* Import the key */ - status = psa_import_key( slot, type, data->x, data->len ); + status = psa_import_key( handle, type, data->x, data->len ); TEST_ASSERT( status == PSA_SUCCESS ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, &got_type, &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == bits ); /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( slot, usage, alg ) ) + if( ! exercise_key( handle, usage, alg ) ) goto exit; exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1361,7 +1402,7 @@ exit: /* BEGIN_CASE */ void key_policy( int usage_arg, int alg_arg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_arg; psa_key_type_t key_type = PSA_KEY_TYPE_AES; @@ -1373,25 +1414,26 @@ void key_policy( int usage_arg, int alg_arg ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy_set ); psa_key_policy_init( &policy_get ); - psa_key_policy_set_usage( &policy_set, usage, alg ); TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage ); TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key, sizeof( key ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS ); TEST_ASSERT( policy_get.usage == policy_set.usage ); TEST_ASSERT( policy_get.alg == policy_set.alg ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1403,7 +1445,7 @@ void mac_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_mac_operation_t operation; psa_status_t status; @@ -1411,14 +1453,17 @@ void mac_key_policy( int policy_usage, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_mac_sign_setup( &operation, key_slot, exercise_alg ); + status = psa_mac_sign_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -1427,7 +1472,7 @@ void mac_key_policy( int policy_usage, psa_mac_abort( &operation ); memset( mac, 0, sizeof( mac ) ); - status = psa_mac_verify_setup( &operation, key_slot, exercise_alg ); + status = psa_mac_verify_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -1436,7 +1481,7 @@ void mac_key_policy( int policy_usage, exit: psa_mac_abort( &operation ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1448,21 +1493,24 @@ void cipher_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_cipher_operation_t operation; psa_status_t status; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_cipher_encrypt_setup( &operation, key_slot, exercise_alg ); + status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -1470,7 +1518,7 @@ void cipher_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); psa_cipher_abort( &operation ); - status = psa_cipher_decrypt_setup( &operation, key_slot, exercise_alg ); + status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) TEST_ASSERT( status == PSA_SUCCESS ); @@ -1479,7 +1527,7 @@ void cipher_key_policy( int policy_usage, exit: psa_cipher_abort( &operation ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1493,7 +1541,7 @@ void aead_key_policy( int policy_usage, int tag_length_arg, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_status_t status; unsigned char nonce[16] = {0}; @@ -1507,14 +1555,17 @@ void aead_key_policy( int policy_usage, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_aead_encrypt( key_slot, exercise_alg, + status = psa_aead_encrypt( handle, exercise_alg, nonce, nonce_length, NULL, 0, NULL, 0, @@ -1527,7 +1578,7 @@ void aead_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); memset( tag, 0, sizeof( tag ) ); - status = psa_aead_decrypt( key_slot, exercise_alg, + status = psa_aead_decrypt( handle, exercise_alg, nonce, nonce_length, NULL, 0, tag, tag_length, @@ -1540,7 +1591,7 @@ void aead_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1552,7 +1603,7 @@ void asymmetric_encryption_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_status_t status; size_t key_bits; @@ -1562,21 +1613,24 @@ void asymmetric_encryption_key_policy( int policy_usage, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( key_slot, + TEST_ASSERT( psa_get_key_information( handle, NULL, &key_bits ) == PSA_SUCCESS ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, exercise_alg ); ASSERT_ALLOC( buffer, buffer_length ); - status = psa_asymmetric_encrypt( key_slot, exercise_alg, + status = psa_asymmetric_encrypt( handle, exercise_alg, NULL, 0, NULL, 0, buffer, buffer_length, @@ -1589,7 +1643,7 @@ void asymmetric_encryption_key_policy( int policy_usage, if( buffer_length != 0 ) memset( buffer, 0, buffer_length ); - status = psa_asymmetric_decrypt( key_slot, exercise_alg, + status = psa_asymmetric_decrypt( handle, exercise_alg, buffer, buffer_length, NULL, 0, buffer, buffer_length, @@ -1601,7 +1655,7 @@ void asymmetric_encryption_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); mbedtls_free( buffer ); } @@ -1614,7 +1668,7 @@ void asymmetric_signature_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_status_t status; unsigned char payload[16] = {1}; @@ -1624,14 +1678,17 @@ void asymmetric_signature_key_policy( int policy_usage, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_asymmetric_sign( key_slot, exercise_alg, + status = psa_asymmetric_sign( handle, exercise_alg, payload, payload_length, signature, sizeof( signature ), &signature_length ); @@ -1642,7 +1699,7 @@ void asymmetric_signature_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); memset( signature, 0, sizeof( signature ) ); - status = psa_asymmetric_verify( key_slot, exercise_alg, + status = psa_asymmetric_verify( handle, exercise_alg, payload, payload_length, signature, sizeof( signature ) ); if( policy_alg == exercise_alg && @@ -1652,7 +1709,7 @@ void asymmetric_signature_key_policy( int policy_usage, TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1664,21 +1721,24 @@ void derive_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = psa_key_derivation( &generator, key_slot, + status = psa_key_derivation( &generator, handle, exercise_alg, NULL, 0, NULL, 0, @@ -1691,7 +1751,7 @@ void derive_key_policy( int policy_usage, exit: psa_generator_abort( &generator ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1703,7 +1763,7 @@ void agreement_key_policy( int policy_usage, data_t *key_data, int exercise_alg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_policy_t policy; psa_key_type_t key_type = key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -1711,14 +1771,17 @@ void agreement_key_policy( int policy_usage, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - status = key_agreement_with_self( &generator, key_slot, exercise_alg ); + status = key_agreement_with_self( &generator, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) @@ -1728,7 +1791,7 @@ void agreement_key_policy( int policy_usage, exit: psa_generator_abort( &generator ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1856,7 +1919,7 @@ void mac_setup( int key_type_arg, int alg_arg, int expected_status_arg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; @@ -1866,21 +1929,23 @@ void mac_setup( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); - status = psa_mac_sign_setup( &operation, key_slot, alg ); + status = psa_mac_sign_setup( &operation, handle, alg ); psa_mac_abort( &operation ); TEST_ASSERT( status == expected_status ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1892,7 +1957,7 @@ void mac_sign( int key_type_arg, data_t *input, data_t *expected_mac ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation; @@ -1911,16 +1976,18 @@ void mac_sign( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); /* Calculate the MAC. */ TEST_ASSERT( psa_mac_sign_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input->x, input->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_sign_finish( &operation, @@ -1936,7 +2003,7 @@ void mac_sign( int key_type_arg, sizeof( actual_mac ) - mac_length ) ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1948,7 +2015,7 @@ void mac_verify( int key_type_arg, data_t *input, data_t *expected_mac ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation; @@ -1965,16 +2032,18 @@ void mac_verify( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_update( &operation, input->x, input->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_mac_verify_finish( &operation, @@ -1982,7 +2051,7 @@ void mac_verify( int key_type_arg, expected_mac->len ) == PSA_SUCCESS ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1993,7 +2062,7 @@ void cipher_setup( int key_type_arg, int alg_arg, int expected_status_arg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; @@ -2003,19 +2072,21 @@ void cipher_setup( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); - status = psa_cipher_encrypt_setup( &operation, key_slot, alg ); + status = psa_cipher_encrypt_setup( &operation, handle, alg ); psa_cipher_abort( &operation ); TEST_ASSERT( status == expected_status ); exit: - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2026,7 +2097,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, data_t *input, data_t *expected_output, int expected_status_arg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -2052,15 +2123,17 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_encrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_set_iv( &operation, iv, iv_size ) == PSA_SUCCESS ); @@ -2089,7 +2162,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2101,7 +2174,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, int first_part_size, data_t *expected_output ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; @@ -2125,15 +2198,17 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_encrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); @@ -2164,7 +2239,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2176,7 +2251,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, int first_part_size, data_t *expected_output ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -2201,15 +2276,17 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_decrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); @@ -2242,7 +2319,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2253,7 +2330,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, data_t *input, data_t *expected_output, int expected_status_arg ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_status_t status; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -2279,15 +2356,17 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_decrypt_setup( &operation, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_set_iv( &operation, iv, iv_size ) == PSA_SUCCESS ); @@ -2317,7 +2396,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2327,7 +2406,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, data_t *key, data_t *input ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; @@ -2351,17 +2430,19 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_encrypt_setup( &operation1, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_decrypt_setup( &operation2, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_generate_iv( &operation1, iv, iv_size, @@ -2404,7 +2485,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, exit: mbedtls_free( output1 ); mbedtls_free( output2 ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2416,7 +2497,7 @@ void cipher_verify_output_multipart( int alg_arg, data_t *input, int first_part_size ) { - int key_slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char iv[16] = {0}; @@ -2440,17 +2521,19 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( key_slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key->x, key->len ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_encrypt_setup( &operation1, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_decrypt_setup( &operation2, - key_slot, alg ) == PSA_SUCCESS ); + handle, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_generate_iv( &operation1, iv, iv_size, @@ -2512,7 +2595,7 @@ void cipher_verify_output_multipart( int alg_arg, exit: mbedtls_free( output1 ); mbedtls_free( output2 ); - psa_destroy_key( key_slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2525,7 +2608,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, data_t *input_data, int expected_result_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -2551,16 +2634,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_aead_encrypt( slot, alg, + TEST_ASSERT( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, @@ -2572,7 +2657,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, { ASSERT_ALLOC( output_data2, output_length ); - TEST_ASSERT( psa_aead_decrypt( slot, alg, + TEST_ASSERT( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, @@ -2585,7 +2670,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, } exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output_data ); mbedtls_free( output_data2 ); mbedtls_psa_crypto_free( ); @@ -2600,7 +2685,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, data_t *input_data, data_t *expected_result ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -2625,15 +2710,17 @@ void aead_encrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_aead_encrypt( slot, alg, + TEST_ASSERT( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, input_data->x, input_data->len, @@ -2644,7 +2731,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, output_data, output_length ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output_data ); mbedtls_psa_crypto_free( ); } @@ -2659,7 +2746,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, data_t *expected_data, int expected_result_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output_data = NULL; @@ -2685,15 +2772,17 @@ void aead_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_aead_decrypt( slot, alg, + TEST_ASSERT( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, @@ -2706,7 +2795,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, output_data, output_length ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output_data ); mbedtls_psa_crypto_free( ); } @@ -2732,7 +2821,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, data_t *output_data ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -2750,14 +2839,17 @@ void sign_deterministic( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, NULL, &key_bits ) == PSA_SUCCESS ); @@ -2770,7 +2862,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - TEST_ASSERT( psa_asymmetric_sign( slot, alg, + TEST_ASSERT( psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ) == PSA_SUCCESS ); @@ -2779,7 +2871,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature, signature_length ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } @@ -2790,7 +2882,7 @@ void sign_fail( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, int signature_size_arg, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t signature_size = signature_size_arg; @@ -2809,15 +2901,18 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_sign( slot, alg, + actual_status = psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ); @@ -2829,7 +2924,7 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( signature_length <= signature_size ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } @@ -2839,7 +2934,7 @@ exit: void sign_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -2850,16 +2945,19 @@ void sign_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, NULL, &key_bits ) == PSA_SUCCESS ); @@ -2872,7 +2970,7 @@ void sign_verify( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - TEST_ASSERT( psa_asymmetric_sign( slot, alg, + TEST_ASSERT( psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, signature, signature_size, &signature_length ) == PSA_SUCCESS ); @@ -2882,7 +2980,7 @@ void sign_verify( int key_type_arg, data_t *key_data, /* Use the library to verify that the signature is correct. */ TEST_ASSERT( psa_asymmetric_verify( - slot, alg, + handle, alg, input_data->x, input_data->len, signature, signature_length ) == PSA_SUCCESS ); @@ -2893,14 +2991,14 @@ void sign_verify( int key_type_arg, data_t *key_data, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; TEST_ASSERT( psa_asymmetric_verify( - slot, alg, + handle, alg, input_data->x, input_data->len, signature, signature_length ) == PSA_ERROR_INVALID_SIGNATURE ); } exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); } @@ -2911,7 +3009,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, data_t *signature_data ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_policy_t policy; @@ -2927,20 +3025,23 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_asymmetric_verify( slot, alg, + TEST_ASSERT( psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ) == PSA_SUCCESS ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2951,7 +3052,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, data_t *signature_data, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t actual_status; @@ -2967,15 +3068,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_verify( slot, alg, + actual_status = psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ); @@ -2983,7 +3087,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( actual_status == expected_status ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2997,7 +3101,7 @@ void asymmetric_encrypt( int key_type_arg, int expected_output_length_arg, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t expected_output_length = expected_output_length_arg; @@ -3011,23 +3115,27 @@ void asymmetric_encrypt( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + /* Import the key */ + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); /* Determine the maximum output length */ - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, NULL, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); /* Encrypt the input */ - actual_status = psa_asymmetric_encrypt( slot, alg, + actual_status = psa_asymmetric_encrypt( handle, alg, input_data->x, input_data->len, label->x, label->len, output, output_size, @@ -3042,7 +3150,7 @@ void asymmetric_encrypt( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - actual_status = psa_asymmetric_encrypt( slot, alg, + actual_status = psa_asymmetric_encrypt( handle, alg, input_data->x, input_data->len, NULL, label->len, output, output_size, @@ -3052,7 +3160,7 @@ void asymmetric_encrypt( int key_type_arg, } exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); } @@ -3065,7 +3173,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *input_data, data_t *label ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t key_bits; @@ -3084,19 +3192,22 @@ void asymmetric_encrypt_decrypt( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); /* Determine the maximum ciphertext length */ - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, NULL, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); @@ -3107,7 +3218,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ - TEST_ASSERT( psa_asymmetric_encrypt( slot, alg, + TEST_ASSERT( psa_asymmetric_encrypt( handle, alg, input_data->x, input_data->len, label->x, label->len, output, output_size, @@ -3116,7 +3227,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, * it looks sensible. */ TEST_ASSERT( output_length <= output_size ); - TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + TEST_ASSERT( psa_asymmetric_decrypt( handle, alg, output, output_length, label->x, label->len, output2, output2_size, @@ -3125,7 +3236,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, output2, output2_length ); exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_free( output2 ); mbedtls_psa_crypto_free( ); @@ -3140,7 +3251,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *label, data_t *expected_data ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; @@ -3160,15 +3271,18 @@ void asymmetric_decrypt( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + TEST_ASSERT( psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, label->x, label->len, output, @@ -3184,7 +3298,7 @@ void asymmetric_decrypt( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, + TEST_ASSERT( psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, NULL, label->len, output, @@ -3195,7 +3309,7 @@ void asymmetric_decrypt( int key_type_arg, } exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); } @@ -3209,7 +3323,7 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *label, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; @@ -3229,15 +3343,18 @@ void asymmetric_decrypt_fail( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - actual_status = psa_asymmetric_decrypt( slot, alg, + actual_status = psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, label->x, label->len, output, output_size, @@ -3252,7 +3369,7 @@ void asymmetric_decrypt_fail( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - actual_status = psa_asymmetric_decrypt( slot, alg, + actual_status = psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, NULL, label->len, output, output_size, @@ -3262,7 +3379,7 @@ void asymmetric_decrypt_fail( int key_type_arg, } exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); } @@ -3277,7 +3394,7 @@ void derive_setup( int key_type_arg, int requested_capacity_arg, int expected_status_arg ) { - psa_key_slot_t slot = 1; + psa_key_handle_t handle = 0; size_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; @@ -3287,22 +3404,24 @@ void derive_setup( int key_type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_key_derivation( &generator, slot, alg, + TEST_ASSERT( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) == expected_status ); exit: psa_generator_abort( &generator ); - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3310,7 +3429,7 @@ exit: /* BEGIN_CASE */ void test_derive_invalid_generator_state( ) { - psa_key_slot_t base_key = 1; + psa_key_handle_t handle = 0; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); @@ -3323,22 +3442,25 @@ void test_derive_invalid_generator_state( ) TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( key_type, + PSA_BYTES_TO_BITS( sizeof( key_data ) ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( base_key, key_type, + TEST_ASSERT( psa_import_key( handle, key_type, key_data, sizeof( key_data ) ) == PSA_SUCCESS ); /* valid key derivation */ - TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + TEST_ASSERT( psa_key_derivation( &generator, handle, alg, NULL, 0, NULL, 0, capacity ) == PSA_SUCCESS ); /* state of generator shouldn't allow additional generation */ - TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + TEST_ASSERT( psa_key_derivation( &generator, handle, alg, NULL, 0, NULL, 0, capacity ) == PSA_ERROR_BAD_STATE ); @@ -3352,7 +3474,7 @@ void test_derive_invalid_generator_state( ) exit: psa_generator_abort( &generator ); - psa_destroy_key( base_key ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3394,7 +3516,7 @@ void derive_output( int alg_arg, data_t *expected_output1, data_t *expected_output2 ) { - psa_key_slot_t slot = 1; + psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -3420,16 +3542,19 @@ void derive_output( int alg_arg, ASSERT_ALLOC( output_buffer, output_buffer_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE, + TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) == PSA_SUCCESS ); /* Extraction phase. */ - TEST_ASSERT( psa_key_derivation( &generator, slot, alg, + TEST_ASSERT( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) == PSA_SUCCESS ); @@ -3477,7 +3602,7 @@ void derive_output( int alg_arg, exit: mbedtls_free( output_buffer ); psa_generator_abort( &generator ); - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3489,7 +3614,7 @@ void derive_full( int alg_arg, data_t *label, int requested_capacity_arg ) { - psa_key_slot_t slot = 1; + psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -3500,16 +3625,19 @@ void derive_full( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE, + TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) == PSA_SUCCESS ); /* Extraction phase. */ - TEST_ASSERT( psa_key_derivation( &generator, slot, alg, + TEST_ASSERT( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) == PSA_SUCCESS ); @@ -3543,7 +3671,7 @@ void derive_full( int alg_arg, exit: psa_generator_abort( &generator ); - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3558,8 +3686,8 @@ void derive_key_exercise( int alg_arg, int derived_usage_arg, int derived_alg_arg ) { - psa_key_slot_t base_key = 1; - psa_key_slot_t derived_key = 2; + psa_key_handle_t base_handle = 0; + psa_key_handle_t derived_handle = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t derived_type = derived_type_arg; size_t derived_bits = derived_bits_arg; @@ -3573,40 +3701,45 @@ void derive_key_exercise( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &base_handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) == PSA_SUCCESS ); /* Derive a key. */ - TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( derived_type, derived_bits, + &derived_handle ) == PSA_SUCCESS ); psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); - TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( derived_key, + TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( derived_handle, derived_type, derived_bits, &generator ) == PSA_SUCCESS ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( derived_key, + TEST_ASSERT( psa_get_key_information( derived_handle, &got_type, &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == derived_type ); TEST_ASSERT( got_bits == derived_bits ); /* Exercise the derived key. */ - if( ! exercise_key( derived_key, derived_usage, derived_alg ) ) + if( ! exercise_key( derived_handle, derived_usage, derived_alg ) ) goto exit; exit: psa_generator_abort( &generator ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); + psa_destroy_key( base_handle ); + psa_destroy_key( derived_handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3619,10 +3752,11 @@ void derive_key_export( int alg_arg, int bytes1_arg, int bytes2_arg ) { - psa_key_slot_t base_key = 1; - psa_key_slot_t derived_key = 2; + psa_key_handle_t base_handle = 0; + psa_key_handle_t derived_handle = 0; psa_algorithm_t alg = alg_arg; size_t bytes1 = bytes1_arg; + size_t derived_bits = PSA_BYTES_TO_BITS( bytes1 ); size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -3635,15 +3769,18 @@ void derive_key_export( int alg_arg, ASSERT_ALLOC( export_buffer, capacity ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &base_handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) == PSA_SUCCESS ); /* Derive some material and output it. */ - TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) == PSA_SUCCESS ); @@ -3653,27 +3790,32 @@ void derive_key_export( int alg_arg, TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); /* Derive the same output again, but this time store it in key objects. */ - TEST_ASSERT( psa_key_derivation( &generator, base_key, alg, + TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits, + &derived_handle ) == PSA_SUCCESS ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); - TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( derived_key, + TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( derived_handle, PSA_KEY_TYPE_RAW_DATA, - PSA_BYTES_TO_BITS( bytes1 ), + derived_bits, &generator ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( derived_key, + TEST_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, &length ) == PSA_SUCCESS ); TEST_ASSERT( length == bytes1 ); - TEST_ASSERT( psa_destroy_key( derived_key ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( derived_key, + TEST_ASSERT( psa_destroy_key( derived_handle ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( bytes2 ), + &derived_handle ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_generator_import_key( derived_handle, PSA_KEY_TYPE_RAW_DATA, PSA_BYTES_TO_BITS( bytes2 ), &generator ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( derived_key, + TEST_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, &length ) == PSA_SUCCESS ); TEST_ASSERT( length == bytes2 ); @@ -3685,8 +3827,8 @@ exit: mbedtls_free( output_buffer ); mbedtls_free( export_buffer ); psa_generator_abort( &generator ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); + psa_destroy_key( base_handle ); + psa_destroy_key( derived_handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3697,7 +3839,7 @@ void key_agreement_setup( int alg_arg, data_t *peer_key_data, int expected_status_arg ) { - psa_key_slot_t our_key = 1; + psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -3705,6 +3847,10 @@ void key_agreement_setup( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( our_key_type, + KEY_BITS_FROM_DATA( our_key_type, + our_key_data ), + &our_key ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); @@ -3730,7 +3876,7 @@ void key_agreement_capacity( int alg_arg, data_t *peer_key_data, int expected_capacity_arg ) { - psa_key_slot_t our_key = 1; + psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -3740,6 +3886,10 @@ void key_agreement_capacity( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( our_key_type, + KEY_BITS_FROM_DATA( our_key_type, + our_key_data ), + &our_key ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); @@ -3784,7 +3934,7 @@ void key_agreement_output( int alg_arg, data_t *peer_key_data, data_t *expected_output1, data_t *expected_output2 ) { - psa_key_slot_t our_key = 1; + psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -3796,6 +3946,10 @@ void key_agreement_output( int alg_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( our_key_type, + KEY_BITS_FROM_DATA( our_key_type, + our_key_data ), + &our_key ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); @@ -3889,7 +4043,7 @@ void generate_key( int type_arg, int alg_arg, int expected_status_arg ) { - int slot = 1; + psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; psa_key_usage_t usage = usage_arg; size_t bits = bits_arg; @@ -3903,16 +4057,17 @@ void generate_key( int type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); /* Generate a key */ - TEST_ASSERT( psa_generate_key( slot, type, bits, + TEST_ASSERT( psa_generate_key( handle, type, bits, NULL, 0 ) == expected_status ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( slot, + TEST_ASSERT( psa_get_key_information( handle, &got_type, &got_bits ) == expected_info_status ); if( expected_info_status != PSA_SUCCESS ) @@ -3921,11 +4076,11 @@ void generate_key( int type_arg, TEST_ASSERT( got_bits == bits ); /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( slot, usage, alg ) ) + if( ! exercise_key( handle, usage, alg ) ) goto exit; exit: - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -3936,8 +4091,8 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, int alg_arg, int generation_method, int export_status ) { - psa_key_slot_t slot = 1; - psa_key_slot_t base_key = 2; + psa_key_handle_t handle = 0; + psa_key_handle_t base_key; psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_type_t type_get; size_t bits_get; @@ -3959,33 +4114,34 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); - + TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1, + type, bits, + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy_set ); - psa_key_policy_set_usage( &policy_set, policy_usage, policy_alg ); + TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_policy( slot, &policy_set ) == PSA_SUCCESS ); switch( generation_method ) { case IMPORT_KEY: /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == PSA_SUCCESS ); break; case GENERATE_KEY: /* Generate a key */ - TEST_ASSERT( psa_generate_key( slot, type, bits, + TEST_ASSERT( psa_generate_key( handle, type, bits, NULL, 0 ) == PSA_SUCCESS ); break; case DERIVE_KEY: /* Create base key */ + TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( data->len ), + &base_key ) == PSA_SUCCESS ); psa_key_policy_init( &base_policy_set ); - psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, base_policy_alg ); TEST_ASSERT( psa_set_key_policy( @@ -3998,38 +4154,35 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, NULL, 0, NULL, 0, export_size ) == PSA_SUCCESS ); TEST_ASSERT( psa_generator_import_key( - slot, PSA_KEY_TYPE_RAW_DATA, + handle, PSA_KEY_TYPE_RAW_DATA, bits, &generator ) == PSA_SUCCESS ); break; } /* Export the key */ - TEST_ASSERT( psa_export_key( slot, first_export, export_size, + TEST_ASSERT( psa_export_key( handle, first_export, export_size, &first_exported_length ) == export_status ); /* Shutdown and restart */ mbedtls_psa_crypto_free(); - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - /* Mark slot as persistent again */ - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); - /* Check key slot still contains key data */ + TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1, + &handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_information( - slot, &type_get, &bits_get ) == PSA_SUCCESS ); + handle, &type_get, &bits_get ) == PSA_SUCCESS ); TEST_ASSERT( type_get == type ); TEST_ASSERT( bits_get == (size_t) bits ); - TEST_ASSERT( psa_get_key_policy( slot, &policy_get ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS ); TEST_ASSERT( psa_key_policy_get_usage( &policy_get ) == policy_usage ); TEST_ASSERT( psa_key_policy_get_algorithm( &policy_get ) == policy_alg ); /* Export the key again */ - TEST_ASSERT( psa_export_key( slot, second_export, export_size, + TEST_ASSERT( psa_export_key( handle, second_export, export_size, &second_exported_length ) == export_status ); if( export_status == PSA_SUCCESS ) @@ -4049,13 +4202,13 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, } /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( slot, policy_usage, policy_alg ) ) + if( ! exercise_key( handle, policy_usage, policy_alg ) ) goto exit; exit: mbedtls_free( first_export ); mbedtls_free( second_export ); - psa_destroy_key( slot ); + psa_destroy_key( handle ); mbedtls_psa_crypto_free(); } /* END_CASE */ From b0edfb513b2f256507650a48b35b69891f940f76 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 16:24:51 +0100 Subject: [PATCH 0844/2197] Convert the PSA example programs to the new handle API Switch from the direct use of slot numbers to handles allocated by psa_allocate_key. --- programs/psa/crypto_examples.c | 56 ++++++++------ programs/psa/key_ladder_demo.c | 136 +++++++++++++++++++++------------ 2 files changed, 121 insertions(+), 71 deletions(-) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 72c41fa79..53b6b2ae7 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -44,10 +44,7 @@ int main( void ) } #else -/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */ -static const psa_key_slot_t key_slot_cipher = 1; - -static psa_status_t set_key_policy( psa_key_slot_t key_slot, +static psa_status_t set_key_policy( psa_key_handle_t key_handle, psa_key_usage_t key_usage, psa_algorithm_t alg ) { @@ -56,7 +53,7 @@ static psa_status_t set_key_policy( psa_key_slot_t key_slot, psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, key_usage, alg ); - status = psa_set_key_policy( key_slot, &policy ); + status = psa_set_key_policy( key_handle, &policy ); ASSERT_STATUS( status, PSA_SUCCESS ); exit: return( status ); @@ -98,7 +95,7 @@ exit: return( status ); } -static psa_status_t cipher_encrypt( psa_key_slot_t key_slot, +static psa_status_t cipher_encrypt( psa_key_handle_t key_handle, psa_algorithm_t alg, uint8_t * iv, size_t iv_size, @@ -114,7 +111,7 @@ static psa_status_t cipher_encrypt( psa_key_slot_t key_slot, size_t iv_len = 0; memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_encrypt_setup( &operation, key_slot, alg ); + status = psa_cipher_encrypt_setup( &operation, key_handle, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len ); @@ -129,7 +126,7 @@ exit: return( status ); } -static psa_status_t cipher_decrypt( psa_key_slot_t key_slot, +static psa_status_t cipher_decrypt( psa_key_handle_t key_handle, psa_algorithm_t alg, const uint8_t * iv, size_t iv_size, @@ -144,7 +141,7 @@ static psa_status_t cipher_decrypt( psa_key_slot_t key_slot, psa_cipher_operation_t operation; memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_decrypt_setup( &operation, key_slot, alg ); + status = psa_cipher_decrypt_setup( &operation, key_handle, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); status = psa_cipher_set_iv( &operation, iv, iv_size ); @@ -170,6 +167,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; psa_status_t status; + psa_key_handle_t key_handle = 0; size_t output_len = 0; uint8_t iv[block_size]; uint8_t input[block_size]; @@ -179,21 +177,24 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = set_key_policy( key_slot_cipher, + status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = set_key_policy( key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ), + status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), input, sizeof( input ), part_size, encrypt, sizeof( encrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ), + status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ), encrypt, output_len, part_size, decrypt, sizeof( decrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -202,7 +203,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) ASSERT_STATUS( status, PSA_SUCCESS ); exit: - psa_destroy_key( key_slot_cipher ); + psa_destroy_key( key_handle ); return( status ); } @@ -218,6 +219,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; psa_status_t status; + psa_key_handle_t key_handle = 0; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size + block_size], decrypt[input_size + block_size]; @@ -225,21 +227,24 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = set_key_policy( key_slot_cipher, + status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle ); + ASSERT_STATUS( status, PSA_SUCCESS ); + + status = set_key_policy( key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ), + status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), input, sizeof( input ), part_size, encrypt, sizeof( encrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ), + status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ), encrypt, output_len, part_size, decrypt, sizeof( decrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -248,7 +253,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) ASSERT_STATUS( status, PSA_SUCCESS ); exit: - psa_destroy_key( key_slot_cipher ); + psa_destroy_key( key_handle ); return( status ); } @@ -263,6 +268,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) const psa_algorithm_t alg = PSA_ALG_CTR; psa_status_t status; + psa_key_handle_t key_handle = 0; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size], decrypt[input_size]; @@ -270,21 +276,23 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = set_key_policy( key_slot_cipher, + status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle ); + ASSERT_STATUS( status, PSA_SUCCESS ); + status = set_key_policy( key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ), + status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), input, sizeof( input ), part_size, encrypt, sizeof( encrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ), + status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ), encrypt, output_len, part_size, decrypt, sizeof( decrypt ), &output_len ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -293,7 +301,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) ASSERT_STATUS( status, PSA_SUCCESS ); exit: - psa_destroy_key( key_slot_cipher ); + psa_destroy_key( key_handle ); return( status ); } diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 2c75ca462..470b1fce4 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -167,15 +167,6 @@ typedef struct uint8_t iv[WRAPPING_IV_SIZE]; } wrapped_data_header_t; -/* This program uses three key slots: one for the master key, one to - * derive intermediate keys, and one for the wrapping key. We use a - * single slot for all the intermediate keys because they are only - * needed successively, so each time we derive an intermediate key, - * we destroy the previous one. */ -static const psa_key_slot_t master_key_slot = 1; -static const psa_key_slot_t derived_key_slot = 2; -static const psa_key_slot_t wrapping_key_slot = 3; - /* The modes that this program can operate in (see usage). */ enum program_mode { @@ -187,7 +178,7 @@ enum program_mode /* Save a key to a file. In the real world, you may want to export a derived * key sometimes, to share it with another party. */ -static psa_status_t save_key( psa_key_slot_t key_slot, +static psa_status_t save_key( psa_key_handle_t key_handle, const char *output_file_name ) { psa_status_t status = PSA_SUCCESS; @@ -195,7 +186,7 @@ static psa_status_t save_key( psa_key_slot_t key_slot, size_t key_size; FILE *key_file = NULL; - PSA_CHECK( psa_export_key( key_slot, + PSA_CHECK( psa_export_key( key_handle, key_data, sizeof( key_data ), &key_size ) ); SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL ); @@ -217,22 +208,27 @@ exit: static psa_status_t generate( const char *key_file_name ) { psa_status_t status = PSA_SUCCESS; + psa_key_handle_t key_handle = 0; psa_key_policy_t policy; + PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), + &key_handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, KDF_ALG ); - PSA_CHECK( psa_set_key_policy( master_key_slot, &policy ) ); + PSA_CHECK( psa_set_key_policy( key_handle, &policy ) ); - PSA_CHECK( psa_generate_key( master_key_slot, + PSA_CHECK( psa_generate_key( key_handle, PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), NULL, 0 ) ); - PSA_CHECK( save_key( master_key_slot, key_file_name ) ); + PSA_CHECK( save_key( key_handle, key_file_name ) ); exit: + (void) psa_destroy_key( key_handle ); return( status ); } @@ -241,10 +237,10 @@ exit: * In the real world, this master key would be stored in an internal memory * and the storage would be managed by the keystore capability of the PSA * crypto library. */ -static psa_status_t import_key_from_file( psa_key_slot_t key_slot, - psa_key_usage_t usage, +static psa_status_t import_key_from_file( psa_key_usage_t usage, psa_algorithm_t alg, - const char *key_file_name ) + const char *key_file_name, + psa_key_handle_t *master_key_handle ) { psa_status_t status = PSA_SUCCESS; psa_key_policy_t policy; @@ -253,6 +249,8 @@ static psa_status_t import_key_from_file( psa_key_slot_t key_slot, FILE *key_file = NULL; unsigned char extra_byte; + *master_key_handle = 0; + SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), key_file ) ) != 0 ); @@ -266,30 +264,41 @@ static psa_status_t import_key_from_file( psa_key_slot_t key_slot, SYS_CHECK( fclose( key_file ) == 0 ); key_file = NULL; + PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_size ), + master_key_handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - PSA_CHECK( psa_set_key_policy( key_slot, &policy ) ); - PSA_CHECK( psa_import_key( key_slot, + PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) ); + PSA_CHECK( psa_import_key( *master_key_handle, PSA_KEY_TYPE_DERIVE, key_data, key_size ) ); exit: if( key_file != NULL ) fclose( key_file ); mbedtls_platform_zeroize( key_data, sizeof( key_data ) ); + if( status != PSA_SUCCESS ) + { + /* If psa_allocate_key hasn't been called yet or has failed, + * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do + * nothing and return PSA_ERROR_INVALID_HANDLE. */ + (void) psa_destroy_key( *master_key_handle ); + *master_key_handle = 0; + } return( status ); } /* Derive the intermediate keys, using the list of labels provided on - * the command line. */ + * the command line. On input, *key_handle is a handle to the master key. + * This function closes the master key. On successful output, *key_handle + * is a handle to the final derived key. */ static psa_status_t derive_key_ladder( const char *ladder[], - size_t ladder_depth ) + size_t ladder_depth, + psa_key_handle_t *key_handle ) { psa_status_t status = PSA_SUCCESS; psa_key_policy_t policy; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - /* We'll derive the first intermediate key from the master key, then - * each subsequent intemediate key from the previous intemediate key. */ - psa_key_slot_t parent_key_slot = master_key_slot; size_t i; psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, @@ -303,63 +312,81 @@ static psa_status_t derive_key_ladder( const char *ladder[], * the current intermediate key (if i>0). */ PSA_CHECK( psa_key_derivation( &generator, - parent_key_slot, + *key_handle, KDF_ALG, DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH, (uint8_t*) ladder[i], strlen( ladder[i] ), KEY_SIZE_BYTES ) ); /* When the parent key is not the master key, destroy it, * since it is no longer needed. */ - if( i != 0 ) - PSA_CHECK( psa_destroy_key( derived_key_slot ) ); - PSA_CHECK( psa_set_key_policy( derived_key_slot, &policy ) ); + PSA_CHECK( psa_close_key( *key_handle ) ); + *key_handle = 0; + PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), + key_handle ) ); + PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) ); /* Use the generator obtained from the parent key to create * the next intermediate key. */ PSA_CHECK( psa_generator_import_key( - derived_key_slot, + *key_handle, PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), &generator ) ); PSA_CHECK( psa_generator_abort( &generator ) ); - parent_key_slot = derived_key_slot; } exit: psa_generator_abort( &generator ); + if( status != PSA_SUCCESS ) + { + psa_close_key( *key_handle ); + *key_handle = 0; + } return( status ); } /* Derive a wrapping key from the last intermediate key. */ -static psa_status_t derive_wrapping_key( psa_key_usage_t usage ) +static psa_status_t derive_wrapping_key( psa_key_usage_t usage, + psa_key_handle_t derived_key_handle, + psa_key_handle_t *wrapping_key_handle ) { psa_status_t status = PSA_SUCCESS; psa_key_policy_t policy; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + *wrapping_key_handle = 0; + PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS, + wrapping_key_handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG ); - PSA_CHECK( psa_set_key_policy( wrapping_key_slot, &policy ) ); + PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) ); PSA_CHECK( psa_key_derivation( &generator, - derived_key_slot, + derived_key_handle, KDF_ALG, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); PSA_CHECK( psa_generator_import_key( - wrapping_key_slot, + *wrapping_key_handle, PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS, &generator ) ); exit: psa_generator_abort( &generator ); + if( status != PSA_SUCCESS ) + { + psa_close_key( *wrapping_key_handle ); + *wrapping_key_handle = 0; + } return( status ); } static psa_status_t wrap_data( const char *input_file_name, - const char *output_file_name ) + const char *output_file_name, + psa_key_handle_t wrapping_key_handle ) { psa_status_t status; FILE *input_file = NULL; @@ -407,7 +434,7 @@ static psa_status_t wrap_data( const char *input_file_name, /* Wrap the data. */ PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) ); - PSA_CHECK( psa_aead_encrypt( wrapping_key_slot, WRAPPING_ALG, + PSA_CHECK( psa_aead_encrypt( wrapping_key_handle, WRAPPING_ALG, header.iv, WRAPPING_IV_SIZE, (uint8_t *) &header, sizeof( header ), buffer, input_size, @@ -435,7 +462,8 @@ exit: } static psa_status_t unwrap_data( const char *input_file_name, - const char *output_file_name ) + const char *output_file_name, + psa_key_handle_t wrapping_key_handle ) { psa_status_t status; FILE *input_file = NULL; @@ -487,7 +515,7 @@ static psa_status_t unwrap_data( const char *input_file_name, input_file = NULL; /* Unwrap the data. */ - PSA_CHECK( psa_aead_decrypt( wrapping_key_slot, WRAPPING_ALG, + PSA_CHECK( psa_aead_decrypt( wrapping_key_handle, WRAPPING_ALG, header.iv, WRAPPING_IV_SIZE, (uint8_t *) &header, sizeof( header ), buffer, ciphertext_size, @@ -525,6 +553,8 @@ static psa_status_t run( enum program_mode mode, const char *output_file_name ) { psa_status_t status = PSA_SUCCESS; + psa_key_handle_t derivation_key_handle = 0; + psa_key_handle_t wrapping_key_handle = 0; /* Initialize the PSA crypto library. */ PSA_CHECK( psa_crypto_init( ) ); @@ -534,26 +564,33 @@ static psa_status_t run( enum program_mode mode, return( generate( key_file_name ) ); /* Read the master key. */ - PSA_CHECK( import_key_from_file( master_key_slot, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, KDF_ALG, - key_file_name ) ); + key_file_name, + &derivation_key_handle ) ); /* Calculate the derived key for this session. */ - PSA_CHECK( derive_key_ladder( ladder, ladder_depth ) ); + PSA_CHECK( derive_key_ladder( ladder, ladder_depth, + &derivation_key_handle ) ); switch( mode ) { case MODE_SAVE: - PSA_CHECK( save_key( derived_key_slot, output_file_name ) ); + PSA_CHECK( save_key( derivation_key_handle, output_file_name ) ); break; case MODE_UNWRAP: - PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT ) ); - PSA_CHECK( unwrap_data( input_file_name, output_file_name ) ); + PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT, + derivation_key_handle, + &wrapping_key_handle ) ); + PSA_CHECK( unwrap_data( input_file_name, output_file_name, + wrapping_key_handle ) ); break; case MODE_WRAP: - PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT ) ); - PSA_CHECK( wrap_data( input_file_name, output_file_name ) ); + PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT, + derivation_key_handle, + &wrapping_key_handle ) ); + PSA_CHECK( wrap_data( input_file_name, output_file_name, + wrapping_key_handle ) ); break; default: /* Unreachable but some compilers don't realize it. */ @@ -561,6 +598,11 @@ static psa_status_t run( enum program_mode mode, } exit: + /* Close any remaining key. Deinitializing the crypto library would do + * this anyway, but explicitly closing handles makes the code easier + * to reuse. */ + (void) psa_close_key( derivation_key_handle ); + (void) psa_close_key( wrapping_key_handle ); /* Deinitialize the PSA crypto library. */ mbedtls_psa_crypto_free( ); return( status ); From 8d4919bc6a46e93da2a62105a31bed55f147b745 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 16:48:09 +0100 Subject: [PATCH 0845/2197] Persistent storage implementation: psa_key_slot_t -> psa_key_id_t Move the persistent storage implementation from psa_key_slot_t to psa_key_id_t. For the most part, this just means changing the types of function arguments. Update the documentation of some functions to reflect the fact that the slot identifier is purely a storage identifier and is not related to how the slot is designated in memory. --- library/psa_crypto_storage.c | 4 ++-- library/psa_crypto_storage.h | 27 +++++++++++++------------- library/psa_crypto_storage_backend.h | 29 +++++++++++++++------------- library/psa_crypto_storage_file.c | 26 ++++++++++++------------- library/psa_crypto_storage_its.c | 12 ++++++------ 5 files changed, 51 insertions(+), 47 deletions(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 0a5805b62..687269b07 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -147,7 +147,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, return( PSA_SUCCESS ); } -psa_status_t psa_save_persistent_key( const psa_key_slot_t key, +psa_status_t psa_save_persistent_key( const psa_key_id_t key, const psa_key_type_t type, const psa_key_policy_t *policy, const uint8_t *data, @@ -185,7 +185,7 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) mbedtls_free( key_data ); } -psa_status_t psa_load_persistent_key( psa_key_slot_t key, +psa_status_t psa_load_persistent_key( psa_key_id_t key, psa_key_type_t *type, psa_key_policy_t *policy, uint8_t **data, diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 167b0db05..478daef8f 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -56,20 +56,20 @@ extern "C" { * already occupied non-persistent key, as well as validating the key data. * * - * \param key Slot number of the key to be stored. This must be a - * valid slot for a key of the chosen type. This should be - * an occupied key slot with an unoccupied corresponding - * storage location. + * \param key Persistent identifier of the key to be stored. This + * should be an unoccupied storage location. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * \param[in] policy The key policy to save. * \param[in] data Buffer containing the key data. * \param data_length The number of bytes that make up the key data. * * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_INSUFFICIENT_STORAGE * \retval PSA_ERROR_STORAGE_FAILURE + * \retval PSA_ERROR_OCCUPIED_SLOT */ -psa_status_t psa_save_persistent_key( const psa_key_slot_t key, +psa_status_t psa_save_persistent_key( const psa_key_id_t key, const psa_key_type_t type, const psa_key_policy_t *policy, const uint8_t *data, @@ -87,10 +87,8 @@ psa_status_t psa_save_persistent_key( const psa_key_slot_t key, * this function to zeroize and free this buffer, regardless of whether this * function succeeds or fails. * - * \param key Slot number whose content is to be loaded. This - * must be an unoccupied key slot with an occupied - * corresponding storage location. The key slot - * lifetime must be set to persistent. + * \param key Persistent identifier of the key to be loaded. This + * should be an occupied storage location. * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX * value). * \param[out] policy On success, the key's policy. @@ -100,8 +98,9 @@ psa_status_t psa_save_persistent_key( const psa_key_slot_t key, * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_STORAGE_FAILURE + * \retval PSA_ERROR_EMPTY_SLOT */ -psa_status_t psa_load_persistent_key( psa_key_slot_t key, +psa_status_t psa_load_persistent_key( psa_key_id_t key, psa_key_type_t *type, psa_key_policy_t *policy, uint8_t **data, @@ -110,16 +109,18 @@ psa_status_t psa_load_persistent_key( psa_key_slot_t key, /** * \brief Remove persistent data for the given key slot number. * - * \param key Slot number whose content is to be removed + * \param key Persistent identifier of the key to remove * from persistent storage. * * \retval PSA_SUCCESS + * The key was successfully removed, + * or the key did not exist. * \retval PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ); +psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ); /** - * \brief Zeroizes and frees the given buffer. + * \brief Free the temporary buffer allocated by psa_load_persistent_key(). * * This function must be called at some point after psa_load_persistent_key() * to zeroize and free the memory allocated to the buffer in that function. diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h index 3ca9a1d74..47896b872 100644 --- a/library/psa_crypto_storage_backend.h +++ b/library/psa_crypto_storage_backend.h @@ -47,15 +47,16 @@ extern "C" { * This function reads data from a storage backend and returns the data in a * buffer. * - * \param key Slot number whose content is to be loaded. This must - * be a key slot whose lifetime is set to persistent. - * \param[out] data Buffer where the data is to be written. - * \param data_size Size of the \c data buffer in bytes. + * \param key Persistent identifier of the key to be loaded. This + * should be an occupied storage location. + * \param[out] data Buffer where the data is to be written. + * \param data_size Size of the \c data buffer in bytes. * * \retval PSA_SUCCESS * \retval PSA_ERROR_STORAGE_FAILURE + * \retval PSA_ERROR_EMPTY_SLOT */ -psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, size_t data_size ); /** @@ -63,7 +64,8 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, * * This function stores the given data buffer to a persistent storage. * - * \param key Slot number whose content is to be stored. + * \param key Persistent identifier of the key to be stored. This + * should be an unoccupied storage location. * \param[in] data Buffer containing the data to be stored. * \param data_length The number of bytes * that make up the data. @@ -71,8 +73,9 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_STORAGE * \retval PSA_ERROR_STORAGE_FAILURE + * \retval PSA_ERROR_OCCUPIED_SLOT */ -psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, +psa_status_t psa_crypto_storage_store( const psa_key_id_t key, const uint8_t *data, size_t data_length ); @@ -82,26 +85,26 @@ psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, * This function checks if any key data or metadata exists for the key slot in * the persistent storage. * - * \param key Slot number whose content is to be checked. + * \param key Persistent identifier to check. * * \retval 0 * No persistent data present for slot number * \retval 1 * Persistent data present for slot number */ -int psa_is_key_present_in_storage( const psa_key_slot_t key ); +int psa_is_key_present_in_storage( const psa_key_id_t key ); /** * \brief Get data length for given key slot number. * - * \param key Slot number whose stored data length is to be obtained. - * \param[out] data_length The number of bytes - * that make up the data. + * \param key Persistent identifier whose stored data length + * is to be obtained. + * \param[out] data_length The number of bytes that make up the data. * * \retval PSA_SUCCESS * \retval PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, size_t *data_length ); diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c index 03c711af3..95857fa40 100644 --- a/library/psa_crypto_storage_file.c +++ b/library/psa_crypto_storage_file.c @@ -48,15 +48,15 @@ enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 }; -static void key_slot_to_location( const psa_key_slot_t key, - char *location, - size_t location_size ) +static void key_id_to_location( const psa_key_id_t key, + char *location, + size_t location_size ) { mbedtls_snprintf( location, location_size, CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key ); } -psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, size_t data_size ) { psa_status_t status = PSA_SUCCESS; @@ -64,7 +64,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, size_t num_read; char slot_location[MAX_LOCATION_LEN]; - key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); file = fopen( slot_location, "rb" ); if( file == NULL ) { @@ -81,12 +81,12 @@ exit: return( status ); } -int psa_is_key_present_in_storage( const psa_key_slot_t key ) +int psa_is_key_present_in_storage( const psa_key_id_t key ) { char slot_location[MAX_LOCATION_LEN]; FILE *file; - key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); file = fopen( slot_location, "r" ); if( file == NULL ) @@ -99,7 +99,7 @@ int psa_is_key_present_in_storage( const psa_key_slot_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, +psa_status_t psa_crypto_storage_store( const psa_key_id_t key, const uint8_t *data, size_t data_length ) { @@ -114,7 +114,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, * affect actual keys. */ const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"; - key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); if( psa_is_key_present_in_storage( key ) == 1 ) return( PSA_ERROR_OCCUPIED_SLOT ); @@ -154,12 +154,12 @@ exit: return( status ); } -psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ) +psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) { FILE *file; char slot_location[MAX_LOCATION_LEN]; - key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); /* Only try remove the file if it exists */ file = fopen( slot_location, "rb" ); @@ -173,7 +173,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, size_t *data_length ) { psa_status_t status = PSA_SUCCESS; @@ -181,7 +181,7 @@ psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, long file_size; char slot_location[MAX_LOCATION_LEN]; - key_slot_to_location( key, slot_location, MAX_LOCATION_LEN ); + key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); file = fopen( slot_location, "rb" ); if( file == NULL ) diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 29394b5d8..86e0e89f3 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -68,12 +68,12 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) } } -static uint32_t psa_its_identifier_of_slot( psa_key_slot_t key ) +static uint32_t psa_its_identifier_of_slot( psa_key_id_t key ) { return( key ); } -psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, size_t data_size ) { psa_its_status_t ret; @@ -92,7 +92,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data, return( status ); } -int psa_is_key_present_in_storage( const psa_key_slot_t key ) +int psa_is_key_present_in_storage( const psa_key_id_t key ) { psa_its_status_t ret; uint32_t data_identifier = psa_its_identifier_of_slot( key ); @@ -105,7 +105,7 @@ int psa_is_key_present_in_storage( const psa_key_slot_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_slot_t key, +psa_status_t psa_crypto_storage_store( const psa_key_id_t key, const uint8_t *data, size_t data_length ) { @@ -143,7 +143,7 @@ exit: return( status ); } -psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ) +psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) { psa_its_status_t ret; uint32_t data_identifier = psa_its_identifier_of_slot( key ); @@ -163,7 +163,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, size_t *data_length ) { psa_its_status_t ret; From a23eafce3ae5ac76ffd708afc06ee2e20946d51f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 16:48:14 +0100 Subject: [PATCH 0846/2197] Fix snprintf call to assume less about integral type sizes The code only worked if psa_key_id_t (formerly psa_key_slot_t) promoted to int and every value fit in int. Now the code only assumes that psa_key_id_t is less wide than unsigned long, which is the case since psa_key_id_t is a 32-bit type in our implementation. --- library/psa_crypto_storage_file.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c index 95857fa40..87420be98 100644 --- a/library/psa_crypto_storage_file.c +++ b/library/psa_crypto_storage_file.c @@ -53,7 +53,8 @@ static void key_id_to_location( const psa_key_id_t key, size_t location_size ) { mbedtls_snprintf( location, location_size, - CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key ); + CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", + (unsigned long) key ); } psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, From 7bc9f682324acdb2692bca373c877d7cc8263b31 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 17:05:18 +0100 Subject: [PATCH 0847/2197] Convert the PSA crypto persistent storage tests to the new handle API Switch from the direct use of slot numbers to handles allocated by psa_allocate_key. The general principle for each function is: * Change `psa_key_slot_t slot` to `psa_key_handle_t handle` or `psa_key_id_t key_id` depending on whether it's used as a handle to an open slot or as a persistent name for a key. * Call psa_create_key() before using a slot, instead of calling psa_set_key_lifetime to make a slot persistent. Remove the unit test persistent_key_is_configurable which is no longer relevant. --- .../test_suite_psa_crypto_persistent_key.data | 8 - ...t_suite_psa_crypto_persistent_key.function | 186 ++++++------------ ...est_suite_psa_crypto_storage_file.function | 7 +- 3 files changed, 60 insertions(+), 141 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 46e547c93..c9eb8e103 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -24,10 +24,6 @@ save_large_persistent_key:0:PSA_SUCCESS Save larger than maximum size persistent raw key, should fail save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE -Persistent key is configurable -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_is_configurable:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - Persistent key destroy depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" @@ -36,10 +32,6 @@ Persistent key destroy missing key depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"":PSA_KEY_TYPE_RAW_DATA:"deadbeef" -Key lifetime defaults to volatile -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -default_volatile_lifetime:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - Persistent key import depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 0ede6e6c8..08c7ca017 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -85,7 +85,8 @@ exit: /* BEGIN_CASE */ void save_large_persistent_key( int data_too_large, int expected_status ) { - psa_key_slot_t slot = 1; + psa_key_id_t key_id = 42; + psa_key_handle_t handle = 0; uint8_t *data = NULL; size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE; @@ -96,180 +97,107 @@ void save_large_persistent_key( int data_too_large, int expected_status ) TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( data_length ), + &handle ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_RAW_DATA, + TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, data, data_length ) == expected_status ); exit: mbedtls_free( data ); - psa_destroy_persistent_key( slot ); - mbedtls_psa_crypto_free(); -} -/* END_CASE */ - - -/* BEGIN_CASE */ -void persistent_key_is_configurable( int slot_arg, int type_arg, - data_t *data ) -{ - psa_key_policy_t policy; - psa_key_lifetime_t lifetime; - psa_key_slot_t slot = (psa_key_slot_t) slot_arg; - psa_key_type_t type = (psa_key_type_t) type_arg; - - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( slot, type, - data->x, data->len ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS ); - - TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT ); - -exit: - psa_destroy_persistent_key( slot ); mbedtls_psa_crypto_free(); + psa_destroy_persistent_key( key_id ); } /* END_CASE */ /* BEGIN_CASE */ -void persistent_key_destroy( int slot_arg, int should_store, +void persistent_key_destroy( int key_id_arg, int should_store, int first_type_arg, data_t *first_data, int second_type_arg, data_t *second_data ) { psa_key_policy_t policy; - psa_key_slot_t slot = (psa_key_slot_t) slot_arg; + psa_key_id_t key_id = key_id_arg; + psa_key_handle_t handle = 0; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); - psa_key_policy_init( &policy ); + TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + first_type, + PSA_BYTES_TO_BITS( first_data->len ), + &handle ) == PSA_SUCCESS ); + if( should_store == 1 ) { TEST_ASSERT( psa_import_key( - slot, first_type, + handle, first_type, first_data->x, first_data->len ) == PSA_SUCCESS ); } /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); /* Check key slot storage is removed */ - TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 ); - - /* Check destroying the key again doesn't report failure */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); + TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + &handle ) == PSA_ERROR_EMPTY_SLOT ); + TEST_ASSERT( handle == 0 ); /* Shutdown and restart */ mbedtls_psa_crypto_free(); - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - /* Mark slot as persistent again */ - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); - - /* Check key slot is empty */ - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); - - /* Import different key data to ensure slot really was empty */ - psa_key_policy_init( &policy ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, - PSA_ALG_VENDOR_FLAG ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); - + /* Create another key in the same slot */ + TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + second_type, + PSA_BYTES_TO_BITS( second_data->len ), + &handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( - slot, second_type, + handle, second_type, second_data->x, second_data->len ) == PSA_SUCCESS ); exit: - psa_destroy_persistent_key( slot ); mbedtls_psa_crypto_free(); + psa_destroy_persistent_key( key_id ); } /* END_CASE */ /* BEGIN_CASE */ -void default_volatile_lifetime( int slot_arg, int type_arg, data_t *data ) -{ - psa_key_policy_t policy; - psa_key_slot_t slot = (psa_key_slot_t) slot_arg; - psa_key_type_t type = (psa_key_type_t) type_arg; - - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - - psa_key_policy_init( &policy ); - - TEST_ASSERT( psa_import_key( slot, type, - data->x, data->len ) == PSA_SUCCESS ); - - /* Shutdown and restart */ - mbedtls_psa_crypto_free(); - - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - - /* Check key slot is empty */ - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); - -exit: - psa_destroy_persistent_key( slot ); - mbedtls_psa_crypto_free(); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void persistent_key_import( int slot_arg, int type_arg, data_t *data, +void persistent_key_import( int key_id_arg, int type_arg, data_t *data, int expected_status ) { psa_key_policy_t policy; psa_key_lifetime_t lifetime; - psa_key_slot_t slot = (psa_key_slot_t) slot_arg; + psa_key_id_t key_id = (psa_key_id_t) key_id_arg; psa_key_type_t type = (psa_key_type_t) type_arg; + psa_key_handle_t handle = 0; TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); - + TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + type, + PSA_BYTES_TO_BITS( data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == expected_status ); if( expected_status != PSA_SUCCESS ) { - TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 ); + TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); goto exit; } - TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS ); - + TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime ) == PSA_SUCCESS ); TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT ); exit: - psa_destroy_persistent_key( slot ); + psa_destroy_persistent_key( key_id ); mbedtls_psa_crypto_free(); } /* END_CASE */ @@ -278,8 +206,9 @@ exit: void import_export_persistent_key( data_t *data, int type_arg, int expected_bits, int key_not_exist ) { - psa_key_slot_t slot = 1; + psa_key_id_t key_id = 42; psa_key_type_t type = (psa_key_type_t) type_arg; + psa_key_handle_t handle = 0; unsigned char *exported = NULL; size_t export_size = data->len; size_t exported_length; @@ -292,51 +221,48 @@ void import_export_persistent_key( data_t *data, int type_arg, TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_lifetime( - slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS ); + TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + type, + PSA_BYTES_TO_BITS( data->len ), + &handle ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_VENDOR_FLAG ); - - TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS ); + TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); /* Import the key */ - TEST_ASSERT( psa_import_key( slot, type, + TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_lifetime( - slot, &lifetime_get ) == PSA_SUCCESS ); + TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) == PSA_SUCCESS ); TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT ); /* Test the key information */ TEST_ASSERT( psa_get_key_information( - slot, &got_type, &got_bits ) == PSA_SUCCESS ); + handle, &got_type, &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); - TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 1 ); + TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 1 ); if( key_not_exist ) { - psa_destroy_persistent_key( slot ); + psa_destroy_persistent_key( key_id ); } /* Export the key */ - TEST_ASSERT( psa_export_key( slot, exported, export_size, + TEST_ASSERT( psa_export_key( handle, exported, export_size, &exported_length ) == PSA_SUCCESS ); ASSERT_COMPARE( data->x, data->len, exported, exported_length ); /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( - slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); - TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 ); + TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); exit: mbedtls_free( exported ); - psa_destroy_persistent_key( slot ); mbedtls_psa_crypto_free( ); + psa_destroy_persistent_key( key_id ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function index b6dcad777..e753d7862 100644 --- a/tests/suites/test_suite_psa_crypto_storage_file.function +++ b/tests/suites/test_suite_psa_crypto_storage_file.function @@ -11,9 +11,11 @@ */ /* BEGIN_CASE */ -void load_data_from_file( int slot_to_load, data_t *data, int should_make_file, +void load_data_from_file( int id_to_load_arg, + data_t *data, int should_make_file, int capacity_arg, int expected_status ) { + psa_key_id_t id_to_load = id_to_load_arg; char slot_location[] = "psa_key_slot_1"; psa_status_t status; int ret; @@ -36,8 +38,7 @@ void load_data_from_file( int slot_to_load, data_t *data, int should_make_file, /* Read from the file with psa_crypto_storage_load. */ loaded_data = mbedtls_calloc( 1, capacity ); TEST_ASSERT( loaded_data != NULL ); - status = psa_crypto_storage_load( (psa_key_slot_t) slot_to_load, loaded_data, - file_size ); + status = psa_crypto_storage_load( id_to_load, loaded_data, file_size ); /* Check we get the expected status. */ TEST_ASSERT( status == expected_status ); From f6cc435a8a09f6dff383433a775583a0f691ba1c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 17:44:43 +0100 Subject: [PATCH 0848/2197] Remove psa_key_slot_t from public headers This commit marks the beginning of the removal of support for direct access to key slots. From this commit on, programs that use psa_key_slot_t will no longer compile. Subsequent commits will remove the now-unused legacy support in psa_crypto.c. --- include/psa/crypto_platform.h | 3 --- library/psa_crypto.c | 4 ++++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index c20396619..50ca546fb 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -46,9 +46,6 @@ /* PSA requires several types which C99 provides in stdint.h. */ #include -/* Integral type representing a key slot number. */ -typedef uint16_t psa_key_slot_t; - /* Integral type representing a key handle. */ typedef uint16_t psa_key_handle_t; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1a038a12a..bff0ce709 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -43,6 +43,10 @@ #include "psa/crypto.h" +/* Transitional definition while moving away from directly-accessible key + * slots and to a handle-only interface. */ +typedef psa_key_handle_t psa_key_slot_t; + #include "psa_crypto_invasive.h" #include "psa_crypto_slot_management.h" /* Include internal declarations that are useful for implementing persistently From b77a6b25c02a8b5a94de7927d4d963dd5df11d97 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 17:46:13 +0100 Subject: [PATCH 0849/2197] Remove psa_set_key_lifetime This function is no longer relevant. Use psa_create_key instead. --- include/psa/crypto.h | 45 -------------------------------------------- library/psa_crypto.c | 29 ---------------------------- 2 files changed, 74 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6807c73f3..4aea9905d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1419,11 +1419,6 @@ typedef uint32_t psa_key_id_t; */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) -/** A write-once key slot may not be modified once a key has been set. - * It will retain its content as long as the device remains operational. - */ -#define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) - /** \brief Retrieve the lifetime of an open key. * * \param handle Handle to query. @@ -1443,46 +1438,6 @@ typedef uint32_t psa_key_id_t; psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, psa_key_lifetime_t *lifetime); -/** \brief Change the lifetime of a key slot. - * - * Whether the lifetime of a key slot can be changed at all, and if so - * whether the lifetime of an occupied key slot can be changed, is - * implementation-dependent. - * - * When creating a persistent key, you must call this function before creating - * the key material with psa_import_key(), psa_generate_key() or - * psa_generator_import_key(). To open an existing persistent key, you must - * call this function with the correct lifetime value before using the slot - * for a cryptographic operation. Once a slot's lifetime has been set, - * the lifetime remains associated with the slot until a subsequent call to - * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or - * until the application terminates (or disconnects from the cryptography - * service, if the implementation offers such a possibility). - * - * \param key Slot whose lifetime is to be changed. - * \param lifetime The lifetime value to set for the given key slot. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid, - * or the lifetime value is invalid. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The implementation does not support the specified lifetime value, - * at least for the specified key slot. - * \retval #PSA_ERROR_OCCUPIED_SLOT - * The slot contains a key, and the implementation does not support - * changing the lifetime of an occupied slot. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_set_key_lifetime(psa_key_handle_t key, - psa_key_lifetime_t lifetime); /** Allocate a key slot for a transient key, i.e. a key which is only stored * in volatile memory. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bff0ce709..15bab676f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3206,35 +3206,6 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key, return( PSA_SUCCESS ); } -psa_status_t psa_set_key_lifetime( psa_key_slot_t key, - psa_key_lifetime_t lifetime ) -{ - key_slot_t *slot; - psa_status_t status; - - if( lifetime != PSA_KEY_LIFETIME_VOLATILE && - lifetime != PSA_KEY_LIFETIME_PERSISTENT && - lifetime != PSA_KEY_LIFETIME_WRITE_ONCE ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - status = psa_get_empty_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - if( lifetime == PSA_KEY_LIFETIME_WRITE_ONCE ) - return( PSA_ERROR_NOT_SUPPORTED ); - -#if !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( lifetime == PSA_KEY_LIFETIME_PERSISTENT ) - return( PSA_ERROR_NOT_SUPPORTED ); -#endif - - slot->lifetime = lifetime; - slot->persistent_storage_id = key; - - return( PSA_SUCCESS ); -} - /****************************************************************/ From c5487a889289ec977e860d1293fec61aae805260 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 18:08:14 +0100 Subject: [PATCH 0850/2197] Drop support for psa_key_slot_t in psa_crypto.c This commit finishes the removal of support for direct access to key slots in psa_crypto.c. This marks the end of the necessary phase of the transition to key handles. The code should subsequently be refactored to move key slot management from psa_crypto.c to psa_crypto_slot_management.c. --- library/psa_crypto.c | 202 +++++++----------- library/psa_crypto_slot_management.h | 3 - tests/suites/test_suite_psa_crypto.data | 5 +- ..._suite_psa_crypto_slot_management.function | 5 +- 4 files changed, 79 insertions(+), 136 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 15bab676f..ce9e3e5f2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -43,10 +43,6 @@ #include "psa/crypto.h" -/* Transitional definition while moving away from directly-accessible key - * slots and to a handle-only interface. */ -typedef psa_key_handle_t psa_key_slot_t; - #include "psa_crypto_invasive.h" #include "psa_crypto_slot_management.h" /* Include internal declarations that are useful for implementing persistently @@ -746,55 +742,34 @@ exit: } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ -/* Retrieve a key slot, occupied or not. */ -static psa_status_t psa_get_key_slot( psa_key_slot_t key_or_handle, +/* Access a key slot at the given handle. The handle of a key slot is + * the index of the slot in the global slot array, plus one so that handles + * start at 1 and not 0. */ +static psa_status_t psa_get_key_slot( psa_key_handle_t handle, key_slot_t **p_slot ) { - psa_key_slot_t key = key_or_handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG; - int is_handle = ( key_or_handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) != 0; - psa_status_t error_if_invalid = - ( is_handle ? - PSA_ERROR_INVALID_HANDLE : - PSA_ERROR_INVALID_ARGUMENT ); + key_slot_t *slot = NULL; GUARD_MODULE_INITIALIZED; - /* 0 is not a valid slot number under any circumstance. This + /* 0 is not a valid handle under any circumstance. This * implementation provides slots number 1 to N where N is the * number of available slots. */ - if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) - return( error_if_invalid ); + if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) ) + return( PSA_ERROR_INVALID_HANDLE ); + slot = &global_data.key_slots[handle - 1]; - *p_slot = &global_data.key_slots[key - 1]; - - /* Allocated slots must only be accessed via a handle. - * Unallocated slots must only be accessed directly. */ - if( ( *p_slot )->allocated != is_handle ) - return( error_if_invalid ); - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ! ( *p_slot )->allocated && - ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) - { - /* There are two circumstances this can occur: the key material has - * not yet been created, or the key exists in storage but has not yet - * been loaded into memory. */ - if( ( *p_slot )->type == PSA_KEY_TYPE_NONE ) - { - psa_status_t status = PSA_SUCCESS; - status = psa_load_persistent_key_into_slot( *p_slot ); - if( status != PSA_ERROR_EMPTY_SLOT ) - return( status ); - } - } -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + /* If the slot hasn't been allocated, the handle is invalid. */ + if( ! slot->allocated ) + return( PSA_ERROR_INVALID_HANDLE ); + *p_slot = slot; return( PSA_SUCCESS ); } /* Retrieve an empty key slot (slot with no key data, but possibly * with some metadata such as a policy). */ -static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, +static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, key_slot_t **p_slot ) { psa_status_t status; @@ -802,7 +777,7 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, *p_slot = NULL; - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -816,7 +791,7 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ -static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, +static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, key_slot_t **p_slot, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -826,7 +801,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, *p_slot = NULL; - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); if( slot->type == PSA_KEY_TYPE_NONE ) @@ -896,31 +871,14 @@ static psa_status_t psa_wipe_key_slot( key_slot_t *slot ) return( status ); } -/* A slot is available if nothing has been set in it: default lifetime - * and policy, no key type. */ -static int psa_internal_is_slot_available( key_slot_t *slot ) -{ - if( slot->allocated ) - return( 0 ); - if( slot->type != PSA_KEY_TYPE_NONE ) - return( 0 ); - if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE ) - return( 0 ); - if( slot->policy.usage != 0 || slot->policy.alg != 0 ) - return( 0 ); - return( 1 ); -} - psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) { - psa_key_slot_t key; - for( key = PSA_KEY_SLOT_COUNT; key != 0; --( key ) ) + for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) { - key_slot_t *slot = &global_data.key_slots[key - 1]; - if( psa_internal_is_slot_available( slot ) ) + key_slot_t *slot = &global_data.key_slots[*handle - 1]; + if( ! slot->allocated ) { slot->allocated = 1; - *handle = key | PSA_KEY_HANDLE_ALLOCATED_FLAG; return( PSA_SUCCESS ); } } @@ -941,11 +899,6 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, * library's internal use. */ if( id >= 0xffff0000 ) return( PSA_ERROR_INVALID_ARGUMENT ); - /* Reject values that don't fit in the key slot number type. - * This is a temporary limitation due to the library's internal - * plumbing. */ - if( id > (psa_key_slot_t)( -1 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) @@ -960,22 +913,19 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) { - psa_key_slot_t key; key_slot_t *slot; - /* Don't call psa_get_key_slot() so as not to trigger its automatic - * loading of persistent key data. */ - if( ( handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) == 0 ) - return( PSA_ERROR_INVALID_HANDLE ); - key = handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG; - if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) ) - return( PSA_ERROR_INVALID_HANDLE ); - slot = &global_data.key_slots[key - 1]; + psa_status_t status; + + status = psa_get_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); if( ! slot->allocated ) return( PSA_ERROR_INVALID_HANDLE ); + return( psa_wipe_key_slot( slot ) ); } -psa_status_t psa_import_key( psa_key_slot_t key, +psa_status_t psa_import_key( psa_key_handle_t handle, psa_key_type_t type, const uint8_t *data, size_t data_length ) @@ -983,7 +933,7 @@ psa_status_t psa_import_key( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; - status = psa_get_empty_key_slot( key, &slot ); + status = psa_get_empty_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1014,13 +964,13 @@ psa_status_t psa_import_key( psa_key_slot_t key, return( status ); } -psa_status_t psa_destroy_key( psa_key_slot_t key ) +psa_status_t psa_destroy_key( psa_key_handle_t handle ) { key_slot_t *slot; psa_status_t status = PSA_SUCCESS; psa_status_t storage_status = PSA_SUCCESS; - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) @@ -1053,7 +1003,7 @@ static size_t psa_get_key_bits( const key_slot_t *slot ) return( 0 ); } -psa_status_t psa_get_key_information( psa_key_slot_t key, +psa_status_t psa_get_key_information( psa_key_handle_t handle, psa_key_type_t *type, size_t *bits ) { @@ -1064,7 +1014,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key, *type = 0; if( bits != NULL ) *bits = 0; - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1185,7 +1135,7 @@ static psa_status_t psa_internal_export_key( key_slot_t *slot, } } -psa_status_t psa_export_key( psa_key_slot_t key, +psa_status_t psa_export_key( psa_key_handle_t handle, uint8_t *data, size_t data_size, size_t *data_length ) @@ -1202,14 +1152,14 @@ psa_status_t psa_export_key( psa_key_slot_t key, /* Export requires the EXPORT flag. There is an exception for public keys, * which don't require any flag, but psa_get_key_from_slot takes * care of this. */ - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_EXPORT, 0 ); if( status != PSA_SUCCESS ) return( status ); return( psa_internal_export_key( slot, data, data_size, data_length, 0 ) ); } -psa_status_t psa_export_public_key( psa_key_slot_t key, +psa_status_t psa_export_public_key( psa_key_handle_t handle, uint8_t *data, size_t data_size, size_t *data_length ) @@ -1224,7 +1174,7 @@ psa_status_t psa_export_public_key( psa_key_slot_t key, *data_length = 0; /* Exporting a public key doesn't require a usage flag. */ - status = psa_get_key_from_slot( key, &slot, 0, 0 ); + status = psa_get_key_from_slot( handle, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); return( psa_internal_export_key( slot, data, data_size, @@ -1916,7 +1866,7 @@ cleanup: #endif /* MBEDTLS_MD_C */ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg, int is_sign ) { @@ -1934,7 +1884,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, if( is_sign ) operation->is_sign = 1; - status = psa_get_key_from_slot( key, &slot, usage, alg ); + status = psa_get_key_from_slot( handle, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; key_bits = psa_get_key_bits( slot ); @@ -2027,17 +1977,17 @@ exit: } psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg ) { - return( psa_mac_setup( operation, key, alg, 1 ) ); + return( psa_mac_setup( operation, handle, alg, 1 ) ); } psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg ) { - return( psa_mac_setup( operation, key, alg, 0 ) ); + return( psa_mac_setup( operation, handle, alg, 0 ) ); } psa_status_t psa_mac_update( psa_mac_operation_t *operation, @@ -2494,7 +2444,7 @@ cleanup: } #endif /* MBEDTLS_ECDSA_C */ -psa_status_t psa_asymmetric_sign( psa_key_slot_t key, +psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -2507,7 +2457,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, *signature_length = signature_size; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) @@ -2570,7 +2520,7 @@ exit: return( status ); } -psa_status_t psa_asymmetric_verify( psa_key_slot_t key, +psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -2580,7 +2530,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, key_slot_t *slot; psa_status_t status; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -2626,7 +2576,7 @@ static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, } #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) */ -psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, +psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -2650,7 +2600,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || @@ -2706,7 +2656,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, } } -psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, +psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -2730,7 +2680,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) @@ -2816,7 +2766,7 @@ static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation, } static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg, mbedtls_operation_t cipher_operation ) { @@ -2833,7 +2783,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - status = psa_get_key_from_slot( key, &slot, usage, alg); + status = psa_get_key_from_slot( handle, &slot, usage, alg); if( status != PSA_SUCCESS ) return( status ); key_bits = psa_get_key_bits( slot ); @@ -2908,17 +2858,17 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, } psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg ) { - return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); + return( psa_cipher_setup( operation, handle, alg, MBEDTLS_ENCRYPT ) ); } psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg ) { - return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); + return( psa_cipher_setup( operation, handle, alg, MBEDTLS_DECRYPT ) ); } psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, @@ -3141,7 +3091,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) } #endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */ -psa_status_t psa_set_key_policy( psa_key_slot_t key, +psa_status_t psa_set_key_policy( psa_key_handle_t handle, const psa_key_policy_t *policy ) { key_slot_t *slot; @@ -3150,7 +3100,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, if( policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_empty_key_slot( key, &slot ); + status = psa_get_empty_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -3167,7 +3117,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key, return( PSA_SUCCESS ); } -psa_status_t psa_get_key_policy( psa_key_slot_t key, +psa_status_t psa_get_key_policy( psa_key_handle_t handle, psa_key_policy_t *policy ) { key_slot_t *slot; @@ -3176,7 +3126,7 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key, if( policy == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -3191,13 +3141,13 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key, /* Key Lifetime */ /****************************************************************/ -psa_status_t psa_get_key_lifetime( psa_key_slot_t key, +psa_status_t psa_get_key_lifetime( psa_key_handle_t handle, psa_key_lifetime_t *lifetime ) { key_slot_t *slot; psa_status_t status; - status = psa_get_key_slot( key, &slot ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -3248,7 +3198,7 @@ static void psa_aead_abort( aead_operation_t *operation ) } static psa_status_t psa_aead_setup( aead_operation_t *operation, - psa_key_slot_t key, + psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { @@ -3256,7 +3206,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, size_t key_bits; mbedtls_cipher_id_t cipher_id; - status = psa_get_key_from_slot( key, &operation->slot, usage, alg ); + status = psa_get_key_from_slot( handle, &operation->slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -3321,7 +3271,7 @@ cleanup: return( status ); } -psa_status_t psa_aead_encrypt( psa_key_slot_t key, +psa_status_t psa_aead_encrypt( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -3339,7 +3289,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, *ciphertext_length = 0; - status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -3415,7 +3365,7 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, return( PSA_SUCCESS ); } -psa_status_t psa_aead_decrypt( psa_key_slot_t key, +psa_status_t psa_aead_decrypt( psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *nonce, size_t nonce_length, @@ -3433,7 +3383,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, *plaintext_length = 0; - status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -3862,7 +3812,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) } #endif /* MBEDTLS_DES_C */ -psa_status_t psa_generator_import_key( psa_key_slot_t key, +psa_status_t psa_generator_import_key( psa_key_handle_t handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator ) @@ -3886,7 +3836,7 @@ psa_status_t psa_generator_import_key( psa_key_slot_t key, if( type == PSA_KEY_TYPE_DES ) psa_des_set_key_parity( data, bytes ); #endif /* MBEDTLS_DES_C */ - status = psa_import_key( key, type, data, bytes ); + status = psa_import_key( handle, type, data, bytes ); exit: mbedtls_free( data ); @@ -4143,7 +4093,7 @@ static psa_status_t psa_key_derivation_internal( } psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, - psa_key_slot_t key, + psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, @@ -4163,7 +4113,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DERIVE, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -4294,7 +4244,7 @@ exit: } psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, - psa_key_slot_t private_key, + psa_key_handle_t private_key, const uint8_t *peer_key, size_t peer_key_length, psa_algorithm_t alg ) @@ -4399,7 +4349,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, } #endif -psa_status_t psa_generate_key( psa_key_slot_t key, +psa_status_t psa_generate_key( psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, @@ -4411,7 +4361,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key, if( extra == NULL && extra_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_empty_key_slot( key, &slot ); + status = psa_get_empty_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -4547,7 +4497,7 @@ void mbedtls_psa_crypto_free( void ) { if( global_data.key_slots_initialized ) { - psa_key_slot_t key; + psa_key_handle_t key; for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) { key_slot_t *slot = &global_data.key_slots[key - 1]; diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 36917bbaa..cf244f266 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -26,9 +26,6 @@ * The value is a compile-time constant for now, for simplicity. */ #define PSA_KEY_SLOT_COUNT 32 -/* All dynamically allocated handles have this bit set. */ -#define PSA_KEY_HANDLE_ALLOCATED_FLAG ( (psa_key_handle_t) 0x8000 ) - /** \defgroup core_slot_management Internal functions exposed by the core * @{ */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9801a8db7..848e8edfd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -30,11 +30,10 @@ depends_on:MBEDTLS_AES_C import_key_nonempty_slot PSA export invalid handle (0) -export_invalid_handle:0:PSA_ERROR_INVALID_ARGUMENT +export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE PSA export invalid handle (smallest plausible handle) -# EMPTY_SLOT is temporary, because this valie is treated as a numbered slot, not as a handle -export_invalid_handle:1:PSA_ERROR_EMPTY_SLOT +export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE PSA export invalid handle (largest plausible handle) export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 1f1984e3f..753a70564 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -321,10 +321,7 @@ void invalid_handle( ) TEST_ASSERT( psa_close_key( 0 ) == PSA_ERROR_INVALID_HANDLE ); TEST_ASSERT( psa_close_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE ); TEST_ASSERT( psa_close_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE ); - /* At the moment the implementation returns INVALID_ARGUMENT for 0 - * because of the transitional support for non-allocated slot numbers. - * When this is removed, the error will switch to INVALID_HANDLE. */ - TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_ARGUMENT ); + TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_HANDLE ); TEST_ASSERT( psa_destroy_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE ); TEST_ASSERT( psa_destroy_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE ); From 4a044739a8443fcfbb9cf9d89f862389b3dd3066 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Dec 2018 18:19:39 +0100 Subject: [PATCH 0851/2197] Fix the build without persistent storage Add missing guards on MBEDTLS_PSA_CRYPTO_STORAGE_C. Add test cases to test that psa_create_key and psa_open_key return NOT_SUPPORTED. --- library/psa_crypto.c | 7 +++++++ .../test_suite_psa_crypto_slot_management.data | 13 +++++++++++++ .../test_suite_psa_crypto_slot_management.function | 10 ++++++++-- 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ce9e3e5f2..c67c8a798 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -888,6 +888,7 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_id_t id ) { +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) key_slot_t *slot; psa_status_t status; @@ -909,6 +910,12 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, status = psa_load_persistent_key_into_slot( slot ); return( status ); + +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + (void) handle; + (void) id; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 133f4c873..39e05abf8 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -38,20 +38,33 @@ depends_on:MBEDTLS_AES_C create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN Open failure: non-existent identifier +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT Open failure: volatile lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT Open failure: invalid lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT Create failure: volatile lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid lifetime +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +Open not supported +depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED + +Create not supported +depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_NOT_SUPPORTED + Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 753a70564..754aae08d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -29,6 +29,7 @@ typedef enum * identifier, and must call psa_purge_key_storage() in their cleanup * code. */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* There is no API to purge all keys. For this test suite, require that * all key IDs be less than a certain maximum. */ #define MAX_KEY_ID_FOR_TEST 32 @@ -43,6 +44,9 @@ void psa_purge_key_storage( void ) for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ ) psa_destroy_persistent_key( i ); } +#else +#define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) ) +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ static int psa_key_policy_equal( psa_key_policy_t *p1, psa_key_policy_t *p2 ) @@ -109,7 +113,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, int type_arg, int max_bits_arg, int alg_arg, int usage_arg, @@ -188,7 +192,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void create_existent( int lifetime_arg, int id_arg, int new_type_arg, int reopen_policy_arg ) @@ -293,7 +297,9 @@ void create_fail( int lifetime_arg, int id_arg, exit: mbedtls_psa_crypto_free( ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_purge_key_storage( ); +#endif } /* END_CASE */ From 2f060a8ea54ead4912d5ad8ab5cebc16513dbdc4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 4 Dec 2018 17:12:32 +0100 Subject: [PATCH 0852/2197] Rename key_slot_t to psa_key_slot_t in psa_crypto.c That way it'll be ok to add it to an internal header so as to use it in multiple source modules. --- library/psa_crypto.c | 78 ++++++++++++++++++++++---------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c67c8a798..3e08657db 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -139,7 +139,7 @@ typedef struct mbedtls_ecp_keypair *ecp; #endif /* MBEDTLS_ECP_C */ } data; -} key_slot_t; +} psa_key_slot_t; static int key_type_is_raw_bytes( psa_key_type_t type ) { @@ -157,7 +157,7 @@ typedef struct void (* entropy_free )( mbedtls_entropy_context *ctx ); mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; - key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; + psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; unsigned initialized : 1; unsigned rng_state : 2; unsigned key_slots_initialized : 1; @@ -640,7 +640,7 @@ exit: /** Import key data into a slot. `slot->type` must have been set * previously. This function assumes that the slot does not contain * any key material yet. On failure, the slot content is unchanged. */ -static psa_status_t psa_import_key_into_slot( key_slot_t *slot, +static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, const uint8_t *data, size_t data_length ) { @@ -722,7 +722,7 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot, } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_load_persistent_key_into_slot( key_slot_t *p_slot ) +static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) { psa_status_t status = PSA_SUCCESS; uint8_t *key_data = NULL; @@ -746,9 +746,9 @@ exit: * the index of the slot in the global slot array, plus one so that handles * start at 1 and not 0. */ static psa_status_t psa_get_key_slot( psa_key_handle_t handle, - key_slot_t **p_slot ) + psa_key_slot_t **p_slot ) { - key_slot_t *slot = NULL; + psa_key_slot_t *slot = NULL; GUARD_MODULE_INITIALIZED; @@ -770,10 +770,10 @@ static psa_status_t psa_get_key_slot( psa_key_handle_t handle, /* Retrieve an empty key slot (slot with no key data, but possibly * with some metadata such as a policy). */ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, - key_slot_t **p_slot ) + psa_key_slot_t **p_slot ) { psa_status_t status; - key_slot_t *slot = NULL; + psa_key_slot_t *slot = NULL; *p_slot = NULL; @@ -792,12 +792,12 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, - key_slot_t **p_slot, + psa_key_slot_t **p_slot, psa_key_usage_t usage, psa_algorithm_t alg ) { psa_status_t status; - key_slot_t *slot = NULL; + psa_key_slot_t *slot = NULL; *p_slot = NULL; @@ -823,7 +823,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, } /** Wipe key data from a slot. Preserve metadata such as the policy. */ -static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot ) +static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { if( slot->type == PSA_KEY_TYPE_NONE ) { @@ -861,7 +861,7 @@ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot ) /** Completely wipe a slot in memory, including its policy. * Persistent storage is not affected. */ -static psa_status_t psa_wipe_key_slot( key_slot_t *slot ) +static psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); /* At this point, key material and other type-specific content has @@ -875,7 +875,7 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) { for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) { - key_slot_t *slot = &global_data.key_slots[*handle - 1]; + psa_key_slot_t *slot = &global_data.key_slots[*handle - 1]; if( ! slot->allocated ) { slot->allocated = 1; @@ -889,7 +889,7 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_id_t id ) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; /* Reject id=0 because by general library conventions, 0 is an invalid @@ -920,7 +920,7 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; status = psa_get_key_slot( handle, &slot ); @@ -937,7 +937,7 @@ psa_status_t psa_import_key( psa_key_handle_t handle, const uint8_t *data, size_t data_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; status = psa_get_empty_key_slot( handle, &slot ); @@ -973,7 +973,7 @@ psa_status_t psa_import_key( psa_key_handle_t handle, psa_status_t psa_destroy_key( psa_key_handle_t handle ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status = PSA_SUCCESS; psa_status_t storage_status = PSA_SUCCESS; @@ -994,7 +994,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) } /* Return the size of the key in the given slot, in bits. */ -static size_t psa_get_key_bits( const key_slot_t *slot ) +static size_t psa_get_key_bits( const psa_key_slot_t *slot ) { if( key_type_is_raw_bytes( slot->type ) ) return( slot->data.raw.bytes * 8 ); @@ -1014,7 +1014,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, psa_key_type_t *type, size_t *bits ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; if( type != NULL ) @@ -1034,7 +1034,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( PSA_SUCCESS ); } -static psa_status_t psa_internal_export_key( key_slot_t *slot, +static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, uint8_t *data, size_t data_size, size_t *data_length, @@ -1147,7 +1147,7 @@ psa_status_t psa_export_key( psa_key_handle_t handle, size_t data_size, size_t *data_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; /* Set the key to empty now, so that even when there are errors, we always @@ -1171,7 +1171,7 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, size_t data_size, size_t *data_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; /* Set the key to empty now, so that even when there are errors, we always @@ -1189,7 +1189,7 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_save_generated_persistent_key( key_slot_t *slot, +static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t *slot, size_t bits ) { psa_status_t status; @@ -1784,7 +1784,7 @@ bad_state: #if defined(MBEDTLS_CMAC_C) static int psa_cmac_setup( psa_mac_operation_t *operation, size_t key_bits, - key_slot_t *slot, + psa_key_slot_t *slot, const mbedtls_cipher_info_t *cipher_info ) { int ret; @@ -1878,7 +1878,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, int is_sign ) { psa_status_t status; - key_slot_t *slot; + psa_key_slot_t *slot; size_t key_bits; psa_key_usage_t usage = is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; @@ -2459,7 +2459,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, size_t signature_size, size_t *signature_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; *signature_length = signature_size; @@ -2534,7 +2534,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, const uint8_t *signature, size_t signature_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); @@ -2593,7 +2593,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, size_t output_size, size_t *output_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; (void) input; @@ -2673,7 +2673,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, size_t output_size, size_t *output_length ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; (void) input; @@ -2779,7 +2779,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, { int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; psa_status_t status; - key_slot_t *slot; + psa_key_slot_t *slot; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ? @@ -3101,7 +3101,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) psa_status_t psa_set_key_policy( psa_key_handle_t handle, const psa_key_policy_t *policy ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; if( policy == NULL ) @@ -3127,7 +3127,7 @@ psa_status_t psa_set_key_policy( psa_key_handle_t handle, psa_status_t psa_get_key_policy( psa_key_handle_t handle, psa_key_policy_t *policy ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; if( policy == NULL ) @@ -3151,7 +3151,7 @@ psa_status_t psa_get_key_policy( psa_key_handle_t handle, psa_status_t psa_get_key_lifetime( psa_key_handle_t handle, psa_key_lifetime_t *lifetime ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; status = psa_get_key_slot( handle, &slot ); @@ -3171,7 +3171,7 @@ psa_status_t psa_get_key_lifetime( psa_key_handle_t handle, typedef struct { - key_slot_t *slot; + psa_key_slot_t *slot; const mbedtls_cipher_info_t *cipher_info; union { @@ -4108,7 +4108,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, size_t label_length, size_t capacity ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; if( generator->alg != 0 ) @@ -4205,7 +4205,7 @@ exit: * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, - key_slot_t *private_key, + psa_key_slot_t *private_key, const uint8_t *peer_key, size_t peer_key_length, psa_algorithm_t alg ) @@ -4256,7 +4256,7 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, size_t peer_key_length, psa_algorithm_t alg ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4362,7 +4362,7 @@ psa_status_t psa_generate_key( psa_key_handle_t handle, const void *extra, size_t extra_size ) { - key_slot_t *slot; + psa_key_slot_t *slot; psa_status_t status; if( extra == NULL && extra_size != 0 ) @@ -4507,7 +4507,7 @@ void mbedtls_psa_crypto_free( void ) psa_key_handle_t key; for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) { - key_slot_t *slot = &global_data.key_slots[key - 1]; + psa_key_slot_t *slot = &global_data.key_slots[key - 1]; (void) psa_wipe_key_slot( slot ); } } From fe9756b1f59c3c5290bf40c90ab27074231828b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Dec 2018 18:12:28 +0100 Subject: [PATCH 0853/2197] Remove a comment that is no longer applicable --- library/psa_crypto.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3e08657db..1b44fc61e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4551,8 +4551,7 @@ psa_status_t psa_crypto_init( void ) global_data.rng_state = RNG_SEEDED; /* Initialize the key slots. Zero-initialization has made all key - * slots empty, so there is nothing to do. In a future version we will - * load data from storage. */ + * slots empty, so there is nothing to do. */ global_data.key_slots_initialized = 1; /* All done. */ From 3f10812ff998055c36a0697e1f5687119954d7c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Dec 2018 18:14:53 +0100 Subject: [PATCH 0854/2197] Use the library-wide zeroize function Since Mbed TLS 2.10, there is a single copy of mbedtls_platform_zeroize for the whole library instead of one per module. Update the PSA crypto module accordingly. --- library/psa_crypto.c | 35 +++++++++++++++-------------------- 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1b44fc61e..afb4d325c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -81,6 +81,7 @@ #include "mbedtls/md_internal.h" #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" +#include "mbedtls/platform_util.h" #include "mbedtls/ripemd160.h" #include "mbedtls/rsa.h" #include "mbedtls/sha1.h" @@ -94,12 +95,6 @@ #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) -/* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( void *v, size_t n ) -{ - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} - /* constant-time buffer comparison */ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) { @@ -1215,7 +1210,7 @@ static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t *slot, slot->type = PSA_KEY_TYPE_NONE; } exit: - mbedtls_zeroize( data, key_length ); + mbedtls_platform_zeroize( data, key_length ); mbedtls_free( data ); return( status ); } @@ -1722,7 +1717,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, #if defined(MBEDTLS_MD_C) static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac ) { - mbedtls_zeroize( hmac->opad, sizeof( hmac->opad ) ); + mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) ); return( psa_hash_abort( &hmac->hash_ctx ) ); } @@ -1866,7 +1861,7 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, status = psa_hash_update( &hmac->hash_ctx, ipad, block_size ); cleanup: - mbedtls_zeroize( ipad, key_length ); + mbedtls_platform_zeroize( ipad, key_length ); return( status ); } @@ -2072,7 +2067,7 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac, memcpy( mac, tmp, mac_size ); exit: - mbedtls_zeroize( tmp, hash_size ); + mbedtls_platform_zeroize( tmp, hash_size ); return( status ); } #endif /* MBEDTLS_MD_C */ @@ -2096,7 +2091,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp ); if( ret == 0 ) memcpy( mac, tmp, operation->mac_size ); - mbedtls_zeroize( tmp, sizeof( tmp ) ); + mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); return( mbedtls_to_psa_error( ret ) ); } else @@ -2184,7 +2179,7 @@ cleanup: else psa_mac_abort( operation ); - mbedtls_zeroize( actual_mac, sizeof( actual_mac ) ); + mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); return( status ); } @@ -3025,7 +3020,7 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, goto error; } - mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) ); + mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) ); status = psa_cipher_abort( operation ); return( status ); @@ -3034,7 +3029,7 @@ error: *output_length = 0; - mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) ); + mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) ); (void) psa_cipher_abort( operation ); return( status ); @@ -3468,7 +3463,7 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) { if( generator->ctx.buffer.data != NULL ) { - mbedtls_zeroize( generator->ctx.buffer.data, + mbedtls_platform_zeroize( generator->ctx.buffer.data, generator->ctx.buffer.size ); mbedtls_free( generator->ctx.buffer.data ); } @@ -3486,14 +3481,14 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) { if( generator->ctx.tls12_prf.key != NULL ) { - mbedtls_zeroize( generator->ctx.tls12_prf.key, + mbedtls_platform_zeroize( generator->ctx.tls12_prf.key, generator->ctx.tls12_prf.key_len ); mbedtls_free( generator->ctx.tls12_prf.key ); } if( generator->ctx.tls12_prf.Ai_with_seed != NULL ) { - mbedtls_zeroize( generator->ctx.tls12_prf.Ai_with_seed, + mbedtls_platform_zeroize( generator->ctx.tls12_prf.Ai_with_seed, generator->ctx.tls12_prf.Ai_with_seed_len ); mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed ); } @@ -3995,7 +3990,7 @@ static psa_status_t psa_generator_tls12_psk_to_ms_setup( salt, salt_length, label, label_length ); - mbedtls_zeroize( pms, sizeof( pms ) ); + mbedtls_platform_zeroize( pms, sizeof( pms ) ); return( status ); } #endif /* MBEDTLS_MD_C */ @@ -4246,7 +4241,7 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato NULL, 0, NULL, 0, PSA_GENERATOR_UNBRIDLED_CAPACITY ); exit: - mbedtls_zeroize( shared_secret, shared_secret_length ); + mbedtls_platform_zeroize( shared_secret, shared_secret_length ); return( status ); } @@ -4519,7 +4514,7 @@ void mbedtls_psa_crypto_free( void ) /* Wipe all remaining data, including configuration. * In particular, this sets all state indicator to the value * indicating "uninitialized". */ - mbedtls_zeroize( &global_data, sizeof( global_data ) ); + mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); } psa_status_t psa_crypto_init( void ) From 039b90cf5b30855ebd10d0cbcdb395f6793e9a23 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Dec 2018 18:24:41 +0100 Subject: [PATCH 0855/2197] Expose the PSA key slot structure to internal modules Move psa_key_slot_t to a new header psa_crypto_core.h, to prepare for moving the responsibility for some fields to psa_crypto_slot_management.c. --- library/psa_crypto.c | 24 +------------ library/psa_crypto_core.h | 62 ++++++++++++++++++++++++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 1 + 3 files changed, 64 insertions(+), 23 deletions(-) create mode 100644 library/psa_crypto_core.h diff --git a/library/psa_crypto.c b/library/psa_crypto.c index afb4d325c..2712c6778 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -43,6 +43,7 @@ #include "psa/crypto.h" +#include "psa_crypto_core.h" #include "psa_crypto_invasive.h" #include "psa_crypto_slot_management.h" /* Include internal declarations that are useful for implementing persistently @@ -113,29 +114,6 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n ) /* Global data, support functions and library management */ /****************************************************************/ -typedef struct -{ - psa_key_type_t type; - psa_key_policy_t policy; - psa_key_lifetime_t lifetime; - psa_key_id_t persistent_storage_id; - unsigned allocated : 1; - union - { - struct raw_data - { - uint8_t *data; - size_t bytes; - } raw; -#if defined(MBEDTLS_RSA_C) - mbedtls_rsa_context *rsa; -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - mbedtls_ecp_keypair *ecp; -#endif /* MBEDTLS_ECP_C */ - } data; -} psa_key_slot_t; - static int key_type_is_raw_bytes( psa_key_type_t type ) { return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h new file mode 100644 index 000000000..de877d344 --- /dev/null +++ b/library/psa_crypto_core.h @@ -0,0 +1,62 @@ +/* + * PSA crypto core internal interfaces + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_CORE_H +#define PSA_CRYPTO_CORE_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "psa/crypto.h" + +#include "mbedtls/ecp.h" +#include "mbedtls/rsa.h" + +/** The data structure representing a key slot, containing key material + * and metadata for one key. + */ +typedef struct +{ + psa_key_type_t type; + psa_key_policy_t policy; + psa_key_lifetime_t lifetime; + psa_key_id_t persistent_storage_id; + unsigned allocated : 1; + union + { + struct raw_data + { + uint8_t *data; + size_t bytes; + } raw; +#if defined(MBEDTLS_RSA_C) + mbedtls_rsa_context *rsa; +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + mbedtls_ecp_keypair *ecp; +#endif /* MBEDTLS_ECP_C */ + } data; +} psa_key_slot_t; + +#endif /* PSA_CRYPTO_CORE_H */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 341e058a8..366b97e55 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -231,6 +231,7 @@ + From 48868129cde07ad7bd54d0cd8fdc948850fc43b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 17:30:29 +0100 Subject: [PATCH 0856/2197] Document the maximum key identifier Give it a name and explain why it was chosen. --- library/psa_crypto.c | 2 +- library/psa_crypto_storage.h | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2712c6778..d272334d4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -871,7 +871,7 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, return( PSA_ERROR_INVALID_ARGUMENT ); /* Reject high values because the file names are reserved for the * library's internal use. */ - if( id >= 0xffff0000 ) + if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_slot( handle, &slot ); diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 478daef8f..85881c164 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -44,6 +44,23 @@ extern "C" { * inadvertently store an obscene amount of data) */ #define PSA_CRYPTO_MAX_STORAGE_SIZE ( 30 * 1024 ) +/** The maximum permitted persistent slot number. + * + * In Mbed Crypto 0.1.0b: + * - Using the file backend, all key ids are ok except 0. + * - Using the ITS backend, all key ids are ok except 0xFFFFFF52 + * (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the + * device's random seed (if this feature is enabled). + * - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used. + * + * Since we need to preserve the random seed, avoid using that key slot. + * Reserve a whole range of key slots just in case something else comes up. + * + * This limitation will probably become moot when we implement client + * separation for key storage. + */ +#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000 + /** * \brief Format key data and metadata and save to a location for given key * slot. From 539cda57df9a7f36b03b46075016a6ce91166760 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 17:31:59 +0100 Subject: [PATCH 0857/2197] Add tests with invalid key identifiers Test that 0 and PSA_CRYPTO_ITS_RANDOM_SEED_UID are not accepted as key identifiers. --- .../test_suite_psa_crypto_slot_management.data | 16 ++++++++++++++++ ...est_suite_psa_crypto_slot_management.function | 8 ++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 39e05abf8..46dbea2c0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -37,6 +37,14 @@ Attempt to overwrite: keep open, different type depends_on:MBEDTLS_AES_C create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN +Open failure: invalid identifier (0) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT + +Open failure: invalid identifier (random seed UID) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT + Open failure: non-existent identifier depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT @@ -57,6 +65,14 @@ Create failure: invalid lifetime depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +Create failure: invalid key id (0) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + +Create failure: invalid key id (random seed UID) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + Open not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 754aae08d..fdcb5a949 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -31,10 +31,14 @@ typedef enum #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* There is no API to purge all keys. For this test suite, require that - * all key IDs be less than a certain maximum. */ + * all key IDs be less than a certain maximum, or a well-known value + * which corresponds to a file that does not contain a key. */ #define MAX_KEY_ID_FOR_TEST 32 +#define KEY_ID_IS_WELL_KNOWN( key_id ) \ + ( ( key_id ) == PSA_CRYPTO_ITS_RANDOM_SEED_UID ) #define TEST_MAX_KEY_ID( key_id ) \ - TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST ) + TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST || \ + KEY_ID_IS_WELL_KNOWN( key_id ) ) void psa_purge_key_storage( void ) { psa_key_id_t i; From 408319be3ab32f70af5b0d1fa6a9942ec64fe37d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 17:34:00 +0100 Subject: [PATCH 0858/2197] Remove redundant check for slot->allocated This check became redundant when support for direct access to key slots was removed. --- library/psa_crypto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d272334d4..554da4bb4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -899,8 +899,6 @@ psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); - if( ! slot->allocated ) - return( PSA_ERROR_INVALID_HANDLE ); return( psa_wipe_key_slot( slot ) ); } From 66fb126e87bb5ff67cc0fbe31ad2a4cc5c6ca08b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 16:29:04 +0100 Subject: [PATCH 0859/2197] Move the key slot array to the slot management module Move the key slot array and its initialization and wiping to the slot management module. Also move the lowest-level key slot access function psa_get_key_slot and the auxiliary function for slot allocation psa_internal_allocate_key_slot to the slot management module. --- library/psa_crypto.c | 76 +++++----------------------- library/psa_crypto_core.h | 4 ++ library/psa_crypto_slot_management.c | 76 ++++++++++++++++++++++++++++ library/psa_crypto_slot_management.h | 20 ++++---- 4 files changed, 105 insertions(+), 71 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 554da4bb4..0ac1c2707 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -130,10 +130,8 @@ typedef struct void (* entropy_free )( mbedtls_entropy_context *ctx ); mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; - psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; unsigned initialized : 1; unsigned rng_state : 2; - unsigned key_slots_initialized : 1; } psa_global_data_t; static psa_global_data_t global_data; @@ -715,31 +713,6 @@ exit: } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ -/* Access a key slot at the given handle. The handle of a key slot is - * the index of the slot in the global slot array, plus one so that handles - * start at 1 and not 0. */ -static psa_status_t psa_get_key_slot( psa_key_handle_t handle, - psa_key_slot_t **p_slot ) -{ - psa_key_slot_t *slot = NULL; - - GUARD_MODULE_INITIALIZED; - - /* 0 is not a valid handle under any circumstance. This - * implementation provides slots number 1 to N where N is the - * number of available slots. */ - if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) ) - return( PSA_ERROR_INVALID_HANDLE ); - slot = &global_data.key_slots[handle - 1]; - - /* If the slot hasn't been allocated, the handle is invalid. */ - if( ! slot->allocated ) - return( PSA_ERROR_INVALID_HANDLE ); - - *p_slot = slot; - return( PSA_SUCCESS ); -} - /* Retrieve an empty key slot (slot with no key data, but possibly * with some metadata such as a policy). */ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, @@ -834,7 +807,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) /** Completely wipe a slot in memory, including its policy. * Persistent storage is not affected. */ -static psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) +psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); /* At this point, key material and other type-specific content has @@ -844,20 +817,6 @@ static psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) return( status ); } -psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) -{ - for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) - { - psa_key_slot_t *slot = &global_data.key_slots[*handle - 1]; - if( ! slot->allocated ) - { - slot->allocated = 1; - return( PSA_SUCCESS ); - } - } - return( PSA_ERROR_INSUFFICIENT_MEMORY ); -} - psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_id_t id ) { @@ -4473,15 +4432,7 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( void mbedtls_psa_crypto_free( void ) { - if( global_data.key_slots_initialized ) - { - psa_key_handle_t key; - for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) - { - psa_key_slot_t *slot = &global_data.key_slots[key - 1]; - (void) psa_wipe_key_slot( slot ); - } - } + psa_wipe_all_key_slots( ); if( global_data.rng_state != RNG_NOT_INITIALIZED ) { mbedtls_ctr_drbg_free( &global_data.ctr_drbg ); @@ -4495,7 +4446,7 @@ void mbedtls_psa_crypto_free( void ) psa_status_t psa_crypto_init( void ) { - int ret; + psa_status_t status; const unsigned char drbg_seed[] = "PSA"; /* Double initialization is explicitly allowed. */ @@ -4513,25 +4464,26 @@ psa_status_t psa_crypto_init( void ) global_data.entropy_init( &global_data.entropy ); mbedtls_ctr_drbg_init( &global_data.ctr_drbg ); global_data.rng_state = RNG_INITIALIZED; - ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg, - mbedtls_entropy_func, - &global_data.entropy, - drbg_seed, sizeof( drbg_seed ) - 1 ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_ctr_drbg_seed( &global_data.ctr_drbg, + mbedtls_entropy_func, + &global_data.entropy, + drbg_seed, sizeof( drbg_seed ) - 1 ) ); + if( status != PSA_SUCCESS ) goto exit; global_data.rng_state = RNG_SEEDED; - /* Initialize the key slots. Zero-initialization has made all key - * slots empty, so there is nothing to do. */ - global_data.key_slots_initialized = 1; + status = psa_initialize_key_slots( ); + if( status != PSA_SUCCESS ) + goto exit; /* All done. */ global_data.initialized = 1; exit: - if( ret != 0 ) + if( status != PSA_SUCCESS ) mbedtls_psa_crypto_free( ); - return( mbedtls_to_psa_error( ret ) ); + return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index de877d344..ba6623564 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -59,4 +59,8 @@ typedef struct } data; } psa_key_slot_t; +/** Completely wipe a slot in memory, including its policy. + * Persistent storage is not affected. */ +psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); + #endif /* PSA_CRYPTO_CORE_H */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index ae5e146b9..6d5c7d4fa 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -29,6 +29,7 @@ #include "psa/crypto.h" +#include "psa_crypto_core.h" #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" @@ -43,6 +44,81 @@ #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) +typedef struct +{ + psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT]; + unsigned key_slots_initialized : 1; +} psa_global_data_t; + +psa_global_data_t global_data; + +/* Access a key slot at the given handle. The handle of a key slot is + * the index of the slot in the global slot array, plus one so that handles + * start at 1 and not 0. */ +psa_status_t psa_get_key_slot( psa_key_handle_t handle, + psa_key_slot_t **p_slot ) +{ + psa_key_slot_t *slot = NULL; + + if( ! global_data.key_slots_initialized ) + return( PSA_ERROR_BAD_STATE ); + + /* 0 is not a valid handle under any circumstance. This + * implementation provides slots number 1 to N where N is the + * number of available slots. */ + if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) ) + return( PSA_ERROR_INVALID_HANDLE ); + slot = &global_data.key_slots[handle - 1]; + + /* If the slot hasn't been allocated, the handle is invalid. */ + if( ! slot->allocated ) + return( PSA_ERROR_INVALID_HANDLE ); + + *p_slot = slot; + return( PSA_SUCCESS ); +} + +psa_status_t psa_initialize_key_slots( void ) +{ + /* Nothing to do: program startup and psa_wipe_all_key_slots() both + * guarantee that the key slots are initialized to all-zero, which + * means that all the key slots are in a valid, empty state. */ + global_data.key_slots_initialized = 1; + return( PSA_SUCCESS ); +} + +void psa_wipe_all_key_slots( void ) +{ + psa_key_handle_t key; + for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) + { + psa_key_slot_t *slot = &global_data.key_slots[key - 1]; + (void) psa_wipe_key_slot( slot ); + } + global_data.key_slots_initialized = 0; +} + +/** Find a free key slot and mark it as in use. + * + * \param[out] handle On success, a slot number that is not in use. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) +{ + for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) + { + psa_key_slot_t *slot = &global_data.key_slots[*handle - 1]; + if( ! slot->allocated ) + { + slot->allocated = 1; + return( PSA_SUCCESS ); + } + } + return( PSA_ERROR_INSUFFICIENT_MEMORY ); +} + psa_status_t psa_allocate_key( psa_key_type_t type, size_t max_bits, psa_key_handle_t *handle ) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index cf244f266..ee37a2010 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -26,19 +26,21 @@ * The value is a compile-time constant for now, for simplicity. */ #define PSA_KEY_SLOT_COUNT 32 +/** Access a key slot at the given handle. */ +psa_status_t psa_get_key_slot( psa_key_handle_t handle, + psa_key_slot_t **p_slot ); + +/** Initialize the key slot structures. */ +psa_status_t psa_initialize_key_slots( void ); + +/** Delete all data from key slots in memory. This does not affect persistent + * storage. */ +void psa_wipe_all_key_slots( void ); + /** \defgroup core_slot_management Internal functions exposed by the core * @{ */ -/** Find a free key slot and mark it as in use. - * - * \param[out] handle On success, a slot number that is not in use. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - */ -psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ); - /** Wipe an a key slot and mark it as available. * * This does not affect persistent storage. From fa4135b13537840714fda55839ebc9822f2d0f51 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 16:48:53 +0100 Subject: [PATCH 0860/2197] Move more slot management functions to the proper module Move psa_load_persistent_key_into_slot, psa_internal_make_key_persistent and psa_internal_release_key_slot to the slot management module. Expose psa_import_key_into_slot from the core. After this commit, there are no longer any functions declared in psa_crypto_slot_management.h and defined in psa_crypto.c. There are still function calls in both directions between psa_crypto.c and psa_crypto_slot_management.c. --- library/psa_crypto.c | 72 +-------------------- library/psa_crypto_core.h | 7 +++ library/psa_crypto_slot_management.c | 94 ++++++++++++++++++++++++++++ library/psa_crypto_slot_management.h | 39 ------------ 4 files changed, 104 insertions(+), 108 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0ac1c2707..2c49eadcc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -611,9 +611,9 @@ exit: /** Import key data into a slot. `slot->type` must have been set * previously. This function assumes that the slot does not contain * any key material yet. On failure, the slot content is unchanged. */ -static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, - const uint8_t *data, - size_t data_length ) +psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length ) { psa_status_t status = PSA_SUCCESS; @@ -692,27 +692,6 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, return( PSA_SUCCESS ); } -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) -{ - psa_status_t status = PSA_SUCCESS; - uint8_t *key_data = NULL; - size_t key_data_length = 0; - - status = psa_load_persistent_key( p_slot->persistent_storage_id, - &( p_slot )->type, - &( p_slot )->policy, &key_data, - &key_data_length ); - if( status != PSA_SUCCESS ) - goto exit; - status = psa_import_key_into_slot( p_slot, - key_data, key_data_length ); -exit: - psa_free_persistent_key_data( key_data, key_data_length ); - return( status ); -} -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - /* Retrieve an empty key slot (slot with no key data, but possibly * with some metadata such as a policy). */ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, @@ -817,51 +796,6 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) return( status ); } -psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, - psa_key_id_t id ) -{ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - psa_key_slot_t *slot; - psa_status_t status; - - /* Reject id=0 because by general library conventions, 0 is an invalid - * value wherever possible. */ - if( id == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - /* Reject high values because the file names are reserved for the - * library's internal use. */ - if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT; - slot->persistent_storage_id = id; - status = psa_load_persistent_key_into_slot( slot ); - - return( status ); - -#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - (void) handle; - (void) id; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ -} - -psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - return( psa_wipe_key_slot( slot ) ); -} - psa_status_t psa_import_key( psa_key_handle_t handle, psa_key_type_t type, const uint8_t *data, diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index ba6623564..24140b517 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -63,4 +63,11 @@ typedef struct * Persistent storage is not affected. */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); +/** Import key data into a slot. `slot->type` must have been set + * previously. This function assumes that the slot does not contain + * any key material yet. On failure, the slot content is unchanged. */ +psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length ); + #endif /* PSA_CRYPTO_CORE_H */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6d5c7d4fa..f623cc988 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -119,6 +119,28 @@ static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); } +/** Wipe a key slot and mark it as available. + * + * This does not affect persistent storage. + * + * \param handle The key slot number to release. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) +{ + psa_key_slot_t *slot; + psa_status_t status; + + status = psa_get_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + return( psa_wipe_key_slot( slot ) ); +} + psa_status_t psa_allocate_key( psa_key_type_t type, size_t max_bits, psa_key_handle_t *handle ) @@ -130,6 +152,78 @@ psa_status_t psa_allocate_key( psa_key_type_t type, return( psa_internal_allocate_key_slot( handle ) ); } +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) +{ + psa_status_t status = PSA_SUCCESS; + uint8_t *key_data = NULL; + size_t key_data_length = 0; + + status = psa_load_persistent_key( p_slot->persistent_storage_id, + &( p_slot )->type, + &( p_slot )->policy, &key_data, + &key_data_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_import_key_into_slot( p_slot, + key_data, key_data_length ); +exit: + psa_free_persistent_key_data( key_data, key_data_length ); + return( status ); +} +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + +/** Declare a slot as persistent and load it from storage. + * + * This function may only be called immediately after a successful call + * to psa_internal_allocate_key_slot(). + * + * \param handle A handle to a key slot freshly allocated with + * psa_internal_allocate_key_slot(). + * + * \retval #PSA_SUCCESS + * The slot content was loaded successfully. + * \retval #PSA_ERROR_EMPTY_SLOT + * There is no content for this slot in persistent storage. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is not acceptable. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_STORAGE_FAILURE + */ +static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, + psa_key_id_t id ) +{ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_key_slot_t *slot; + psa_status_t status; + + /* Reject id=0 because by general library conventions, 0 is an invalid + * value wherever possible. */ + if( id == 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + /* Reject high values because the file names are reserved for the + * library's internal use. */ + if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_get_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT; + slot->persistent_storage_id = id; + status = psa_load_persistent_key_into_slot( slot ); + + return( status ); + +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + (void) handle; + (void) id; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ +} + static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, psa_key_id_t id, psa_key_handle_t *handle, diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index ee37a2010..a2e52ba32 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -37,43 +37,4 @@ psa_status_t psa_initialize_key_slots( void ); * storage. */ void psa_wipe_all_key_slots( void ); -/** \defgroup core_slot_management Internal functions exposed by the core - * @{ - */ - -/** Wipe an a key slot and mark it as available. - * - * This does not affect persistent storage. - * - * \param handle The key slot number to release. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_TAMPERING_DETECTED - */ -psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ); - -/** Declare a slot as persistent and load it from storage. - * - * This function may only be called immediately after a successful call - * to psa_internal_allocate_key_slot(). - * - * \param handle A handle to a key slot freshly allocated with - * psa_internal_allocate_key_slot(). - * - * \retval #PSA_SUCCESS - * The slot content was loaded successfully. - * \retval #PSA_ERROR_EMPTY_SLOT - * There is no content for this slot in persistent storage. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is not acceptable. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_STORAGE_FAILURE - */ -psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, - psa_key_id_t id ); - -/**@}*/ - #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ From 09829036ab8e2757c00848c72c724fa7bf728deb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 10 Dec 2018 17:00:38 +0100 Subject: [PATCH 0861/2197] Document some functions in internal headers --- library/psa_crypto_core.h | 34 ++++++++++++++++++++++++---- library/psa_crypto_slot_management.h | 26 +++++++++++++++++---- 2 files changed, 52 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 24140b517..c28968197 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -60,12 +60,38 @@ typedef struct } psa_key_slot_t; /** Completely wipe a slot in memory, including its policy. - * Persistent storage is not affected. */ + * + * Persistent storage is not affected. + * + * \param[in,out] slot The key slot to wipe. + * + * \retval PSA_SUCCESS + * Success. This includes the case of a key slot that was + * already fully wiped. + * \retval PSA_ERROR_TAMPERING_DETECTED + */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); -/** Import key data into a slot. `slot->type` must have been set - * previously. This function assumes that the slot does not contain - * any key material yet. On failure, the slot content is unchanged. */ +/** Import key data into a slot. + * + * `slot->type` must have been set previously. + * This function assumes that the slot does not contain any key material yet. + * On failure, the slot content is unchanged. + * + * Persistent storage is not affected. + * + * \param[in,out] slot The key slot to import data into. + * Its `type` field must have previously been set to + * the desired key type. + * It must not contain any key material yet. + * \param[in] data Buffer containing the key material to parse and import. + * \param data_length Size of \p data in bytes. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INVALID_ARGUMENT + * \retval PSA_ERROR_NOT_SUPPORTED + * \retval PSA_ERROR_INSUFFICIENT_MEMORY + */ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, const uint8_t *data, size_t data_length ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index a2e52ba32..6746bad91 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -26,15 +26,33 @@ * The value is a compile-time constant for now, for simplicity. */ #define PSA_KEY_SLOT_COUNT 32 -/** Access a key slot at the given handle. */ +/** Access a key slot at the given handle. + * + * \param handle Key handle to query. + * \param[out] p_slot On success, `*p_slot` contains a pointer to the + * key slot in memory designated by \p handle. + * + * \retval PSA_SUCCESS + * Success: \p handle is a handle to `*p_slot`. Note that `*p_slot` + * may be empty or occupied. + * \retval PSA_ERROR_INVALID_HANDLE + * \p handle is out of range or is not in use. + * \retval PSA_ERROR_BAD_STATE + * The library has not been initialized. + */ psa_status_t psa_get_key_slot( psa_key_handle_t handle, psa_key_slot_t **p_slot ); -/** Initialize the key slot structures. */ +/** Initialize the key slot structures. + * + * \retval PSA_SUCCESS + * Currently this function always succeeds. + */ psa_status_t psa_initialize_key_slots( void ); -/** Delete all data from key slots in memory. This does not affect persistent - * storage. */ +/** Delete all data from key slots in memory. + * + * This does not affect persistent storage. */ void psa_wipe_all_key_slots( void ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ From 79a11d6c422be6662cb17a9bdd1255807f33549f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 Dec 2018 15:33:21 +0100 Subject: [PATCH 0862/2197] Test invalid lifetime regardless of support for persistent keys Even if persistent keys are not supported, psa_open_key and psa_create_key must fail if invoked with an invalid lifetime value. --- tests/suites/test_suite_psa_crypto_slot_management.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 46dbea2c0..39661b9ed 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -50,19 +50,15 @@ depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT Open failure: volatile lifetime -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT Open failure: invalid lifetime -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT Create failure: volatile lifetime -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid lifetime -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid key id (0) From 23fd2bdb94c8f182ba14471d857d248236129bbd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 Dec 2018 15:51:32 +0100 Subject: [PATCH 0863/2197] Update some documentation related to key slots Some of the documentation is obsolete in its reference to key slots when it should discuss key handles. This may require a further pass, possibly with some reorganization of error codes. Update the documentation of functions that modify key slots (key material creation and psa_set_key_policy()) to discuss how they affect storage. --- include/psa/crypto.h | 51 +++++++++++++++++++++------- library/psa_crypto_slot_management.c | 5 +-- 2 files changed, 41 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4aea9905d..c58d22ae4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -41,8 +41,8 @@ * This type represents open handles to keys. It must be an unsigned integral * type. The choice of type is implementation-dependent. * - * 0 is not a valid key slot number. The meaning of other values is - * implementation dependent. + * 0 is not a valid key handle. How other handle values are assigned is + * implementation-dependent. */ typedef _unsigned_integral_type_ psa_key_handle_t; @@ -129,17 +129,17 @@ typedef int32_t psa_status_t; /** A slot is occupied, but must be empty to carry out the * requested action. * - * If the slot number is invalid (i.e. the requested action could - * not be performed even after erasing the slot's content), - * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ + * If a handle is invalid, it does not designate an occupied slot. + * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. + */ #define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5) /** A slot is empty, but must be occupied to carry out the * requested action. * - * If the slot number is invalid (i.e. the requested action could - * not be performed even after creating appropriate content in the slot), - * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */ + * If a handle is invalid, it does not designate an empty slot. + * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. + */ #define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6) /** The requested action cannot be performed in the current state. @@ -162,7 +162,12 @@ typedef int32_t psa_status_t; * Implementations shall not return this error code to indicate * that a key slot is occupied when it needs to be free or vice versa, * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT - * as applicable. */ + * as applicable. + * + * Implementation shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. + */ #define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8) /** There is not enough runtime memory. @@ -1409,13 +1414,22 @@ typedef uint32_t psa_key_lifetime_t; */ typedef uint32_t psa_key_id_t; -/** A volatile key slot retains its content as long as the application is - * running. It is guaranteed to be erased on a power reset. +/** A volatile key only exists as long as the handle to it is not closed. + * The key material is guaranteed to be erased on a power reset. */ #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) -/** A persistent key slot retains its content as long as it is not explicitly - * destroyed. +/** The default storage area for persistent keys. + * + * A persistent key remains in storage until it is explicitly destroyed or + * until the corresponding storage area is wiped. This specification does + * not define any mechanism to wipe a storage area, but implementations may + * provide their own mechanism (for example to perform a factory reset, + * to prepare for device refurbishment, or to uninstall an application). + * + * This lifetime value is the default storage area for the calling + * application. Implementations may offer other storage areas designated + * by other lifetime values as implementation-specific extensions. */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) @@ -1599,6 +1613,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * * \retval #PSA_SUCCESS * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the @@ -2009,6 +2025,10 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * \param[in] policy The policy object to query. * * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, it is implementation-defined whether + * the policy has been saved to persistent storage. Implementations + * may defer saving the policy until the key material is created. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT * \retval #PSA_ERROR_NOT_SUPPORTED @@ -3292,6 +3312,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * * \retval #PSA_SUCCESS * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY * There were fewer than \p output_length bytes * in the generator. Note that in this case, no @@ -3542,6 +3564,9 @@ typedef struct { * \c NULL then \p extra_size must be zero. * * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, the key material and the key's metadata + * have been saved to persistent storage. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT * There is already a key in the specified slot. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index f623cc988..4e193b56b 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -100,7 +100,8 @@ void psa_wipe_all_key_slots( void ) /** Find a free key slot and mark it as in use. * - * \param[out] handle On success, a slot number that is not in use. + * \param[out] handle On success, a slot number that is not in use. This + * value can be used as a handle to the slot. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -123,7 +124,7 @@ static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) * * This does not affect persistent storage. * - * \param handle The key slot number to release. + * \param handle The handle to the key slot to release. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_ARGUMENT From 76965bb678b54784ccabeb2ac9a7a323898a2182 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 10:48:06 +0100 Subject: [PATCH 0864/2197] Remove MBEDTLS_USE_PSA_CRYPTO tests from all.sh This branch isn't expected to keep USE_PSA_CRYPTO working. --- tests/scripts/all.sh | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6af13e660..43f1db600 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -573,35 +573,6 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_ msg "test: compat.sh ARIA + ChachaPoly" if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' -# MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh -msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan" -cleanup -cp "$CONFIG_H" "$CONFIG_BAK" -scripts/config.pl full -scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests -scripts/config.pl set MBEDTLS_PSA_CRYPTO_C -scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO -CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . -make - -msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)" -make test - -msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)" -if_build_succeeded tests/ssl-opt.sh - -msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)" -if_build_succeeded tests/compat.sh - -msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)" -if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' - -msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)" -if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' - -msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)" -if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' - msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s cleanup cp "$CONFIG_H" "$CONFIG_BAK" From 2e14bd3aaff4e00ba330763f89b3109783e20303 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 14:05:08 +0100 Subject: [PATCH 0865/2197] Add missing static on file-scope variable --- library/psa_crypto_slot_management.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4e193b56b..0b4399f5e 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -50,7 +50,7 @@ typedef struct unsigned key_slots_initialized : 1; } psa_global_data_t; -psa_global_data_t global_data; +static psa_global_data_t global_data; /* Access a key slot at the given handle. The handle of a key slot is * the index of the slot in the global slot array, plus one so that handles From 3d2f949c86914616d974dbe2de56a162cc7b61f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Dec 2018 23:17:17 +0100 Subject: [PATCH 0866/2197] Move the ARRAY_LENGTH macro to the common helpers file --- tests/suites/helpers.function | 3 +++ tests/suites/test_suite_psa_crypto.function | 2 -- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index cbe3fa0d4..38c16ad50 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -150,6 +150,9 @@ typedef struct data_tag mbedtls_exit( 1 ); \ } +/** Return the number of elements of a static or stack array. */ +#define ARRAY_LENGTH( array ) \ + ( sizeof( array ) / sizeof( *( array ) ) ) /* * 32-bit integer manipulation macros (big endian) */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c40ac5f7d..311a48d6c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -13,8 +13,6 @@ #define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) -#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) - #if(UINT32_MAX > SIZE_MAX) #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX ) #else From f055ad751246215a9760f6b053fd763470842b3a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Dec 2018 23:18:00 +0100 Subject: [PATCH 0867/2197] Add a safety check to ARRAY_LENGTH Cause a compilation error on ARRAY_LENGTH(p) where p is a pointer as opposed to an array. This only works under GCC and compatible compilers such as Clang. On other compilers, ARRAY_LENGTH works but doesn't check the type of its argument. --- tests/suites/helpers.function | 36 +++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 38c16ad50..4a9d2a3bb 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -150,9 +150,41 @@ typedef struct data_tag mbedtls_exit( 1 ); \ } -/** Return the number of elements of a static or stack array. */ -#define ARRAY_LENGTH( array ) \ +#if defined(__GNUC__) +/* Test if arg and &(arg)[0] have the same type. This is true if arg is + * an array but not if it's a pointer. */ +#define IS_ARRAY_NOT_POINTER( arg ) \ + ( ! __builtin_types_compatible_p( __typeof__( arg ), \ + __typeof__( &( arg )[0] ) ) ) +#else +/* On platforms where we don't know how to implement this check, + * omit it. Oh well, a non-portable check is better than nothing. */ +#define IS_ARRAY_NOT_POINTER( arg ) 1 +#endif + +/* A compile-time constant with the value 0. If `const_expr` is not a + * compile-time constant with a nonzero value, cause a compile-time error. */ +#define STATIC_ASSERT_EXPR( const_expr ) \ + ( 0 && sizeof( struct { int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) ) +/* Return the scalar value `value` (possibly promoted). This is a compile-time + * constant if `value` is. `condition` must be a compile-time constant. + * If `condition` is false, arrange to cause a compile-time error. */ +#define STATIC_ASSERT_THEN_RETURN( condition, value ) \ + ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) ) + +#define ARRAY_LENGTH_UNSAFE( array ) \ ( sizeof( array ) / sizeof( *( array ) ) ) +/** Return the number of elements of a static or stack array. + * + * \param array A value of array (not pointer) type. + * + * \return The number of elements of the array. + */ +#define ARRAY_LENGTH( array ) \ + ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \ + ARRAY_LENGTH_UNSAFE( array ) ) ) + + /* * 32-bit integer manipulation macros (big endian) */ From 0174be2c1723952487026cabfefaaad75b08756a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Dec 2018 23:26:01 +0100 Subject: [PATCH 0868/2197] Move the PSA_ASSERT macro to the common helpers file It's potentially useful in all PSA test suites, of which there are now several. --- tests/suites/helpers.function | 8 ++++++++ .../suites/test_suite_psa_crypto_slot_management.function | 2 -- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 4a9d2a3bb..316c06e31 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -90,6 +90,14 @@ typedef struct data_tag } \ } while( 0 ) +/** Evaluate an expression and fail the test case if it returns an error. + * + * \param expr The expression to evaluate. This is typically a call + * to a \c psa_xxx function that returns a value of type + * #psa_status_t. + */ +#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS ) + /** Allocate memory dynamically and fail the test case if this fails. * * You must set \p pointer to \c NULL before calling this macro and diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index fdcb5a949..407d24b1c 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -8,8 +8,6 @@ #include "psa_crypto_storage.h" -#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS ) - typedef enum { CLOSE_BY_CLOSE, From 5f7aeeea06a3954f307e41f2ba149cea10aa038b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Dec 2018 23:26:52 +0100 Subject: [PATCH 0869/2197] New test macro TEST_EQUAL TEST_EQUAL(expr1, expr2) is just TEST_ASSERT((expr1) == (expr2)) for now, but in the future I hope that it will print out the differing values. --- tests/suites/helpers.function | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 316c06e31..da843b2b3 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -90,13 +90,23 @@ typedef struct data_tag } \ } while( 0 ) +/** Evaluate two expressions and fail the test case if they have different + * values. + * + * \param expr1 An expression to evaluate. + * \param expr2 The expected value of \p expr1. This can be any + * expression, but it is typically a constant. + */ +#define TEST_EQUAL( expr1, expr2 ) \ + TEST_ASSERT( ( expr1 ) == ( expr2 ) ) + /** Evaluate an expression and fail the test case if it returns an error. * * \param expr The expression to evaluate. This is typically a call * to a \c psa_xxx function that returns a value of type * #psa_status_t. */ -#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS ) +#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) /** Allocate memory dynamically and fail the test case if this fails. * From 9d8eea7e19a625e5e061007162343d7ee1b36970 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Dec 2018 23:34:57 +0100 Subject: [PATCH 0870/2197] Wrap some multiline expressions in parentheses This guarantees that they'll be indented as desired under most indentation rules. --- tests/suites/test_suite_psa_crypto.function | 24 ++++++++++----------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 311a48d6c..11e4dbb0b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2135,8 +2135,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_set_iv( &operation, iv, iv_size ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + output_buffer_size = ( (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, @@ -2210,8 +2210,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + output_buffer_size = ( (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); @@ -2289,8 +2289,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + output_buffer_size = ( (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); @@ -2369,8 +2369,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_set_iv( &operation, iv, iv_size ) == PSA_SUCCESS ); - output_buffer_size = (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + output_buffer_size = ( (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, @@ -2445,8 +2445,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_size = (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + output1_size = ( (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output1, output1_size ); TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len, @@ -2536,8 +2536,8 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_generate_iv( &operation1, iv, iv_size, &iv_length ) == PSA_SUCCESS ); - output1_buffer_size = (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); + output1_buffer_size = ( (size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output1, output1_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); From 0f915f1d2a53cd390224376b6365f73fe58868a6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 Dec 2018 23:35:42 +0100 Subject: [PATCH 0871/2197] Indent PSA tests according to K&R rules with Mbed TLS tweaks Only whitespace changes in this commit. --- tests/suites/test_suite_psa_crypto.function | 30 +++++++++---------- .../test_suite_psa_crypto_hash.function | 4 +-- .../test_suite_psa_crypto_metadata.function | 2 +- ...t_suite_psa_crypto_persistent_key.function | 12 ++++---- 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 11e4dbb0b..d6b5e5154 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -617,7 +617,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) goto exit; TEST_ASSERT( p == end ); - } + } else #endif /* MBEDTLS_RSA_C */ @@ -1210,7 +1210,7 @@ void export_after_import_failure( data_t *data, int type_arg, /* Import the key - expect failure */ status = psa_import_key( handle, type, - data->x, data->len ); + data->x, data->len ); TEST_ASSERT( status == expected_import_status ); /* Export the key */ @@ -1242,7 +1242,7 @@ void cipher_after_import_failure( data_t *data, int type_arg, /* Import the key - expect failure */ status = psa_import_key( handle, type, - data->x, data->len ); + data->x, data->len ); TEST_ASSERT( status == expected_import_status ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); @@ -1832,19 +1832,19 @@ void hash_bad_order( ) memset( &operation, 0, sizeof( operation ) ); TEST_ASSERT( psa_hash_update( &operation, input, sizeof( input ) ) == - PSA_ERROR_INVALID_ARGUMENT ); + PSA_ERROR_INVALID_ARGUMENT ); /* psa_hash_verify without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); TEST_ASSERT( psa_hash_verify( &operation, hash, sizeof( hash ) ) == - PSA_ERROR_INVALID_ARGUMENT ); + PSA_ERROR_INVALID_ARGUMENT ); /* psa_hash_finish without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); TEST_ASSERT( psa_hash_finish( &operation, hash, sizeof( hash ), &hash_len ) == - PSA_ERROR_INVALID_ARGUMENT ); + PSA_ERROR_INVALID_ARGUMENT ); exit: mbedtls_psa_crypto_free( ); @@ -1870,19 +1870,19 @@ void hash_verify_bad_args( ) TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, hash, expected_size - 1 ) == - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a non-matching hash */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, hash + 1, expected_size ) == - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a hash longer than expected */ TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_verify( &operation, hash, sizeof( hash ) ) == - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ERROR_INVALID_SIGNATURE ); exit: mbedtls_psa_crypto_free( ); @@ -4143,7 +4143,7 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, base_policy_alg ); TEST_ASSERT( psa_set_key_policy( - base_key, &base_policy_set ) == PSA_SUCCESS ); + base_key, &base_policy_set ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, data->x, data->len ) == PSA_SUCCESS ); /* Derive a key. */ @@ -4152,8 +4152,8 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, NULL, 0, NULL, 0, export_size ) == PSA_SUCCESS ); TEST_ASSERT( psa_generator_import_key( - handle, PSA_KEY_TYPE_RAW_DATA, - bits, &generator ) == PSA_SUCCESS ); + handle, PSA_KEY_TYPE_RAW_DATA, + bits, &generator ) == PSA_SUCCESS ); break; } @@ -4169,15 +4169,15 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1, &handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_get_key_information( - handle, &type_get, &bits_get ) == PSA_SUCCESS ); + handle, &type_get, &bits_get ) == PSA_SUCCESS ); TEST_ASSERT( type_get == type ); TEST_ASSERT( bits_get == (size_t) bits ); TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS ); TEST_ASSERT( psa_key_policy_get_usage( - &policy_get ) == policy_usage ); + &policy_get ) == policy_usage ); TEST_ASSERT( psa_key_policy_get_algorithm( - &policy_get ) == policy_alg ); + &policy_get ) == policy_alg ); /* Export the key again */ TEST_ASSERT( psa_export_key( handle, second_export, export_size, diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 14e6a9769..bed80e262 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -15,7 +15,7 @@ * END_DEPENDENCIES */ - /* BEGIN_CASE */ +/* BEGIN_CASE */ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) { psa_algorithm_t alg = alg_arg; @@ -80,7 +80,7 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) input->x, len ) == PSA_SUCCESS ); TEST_ASSERT( psa_hash_update( &operation, input->x + len, input->len - len ) == - PSA_SUCCESS ); + PSA_SUCCESS ); TEST_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index a8316c40d..af11e7ae1 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -46,7 +46,7 @@ #define KEY_TYPE_IS_DSA ( 1u << 5 ) #define KEY_TYPE_IS_ECC ( 1u << 6 ) -#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ +#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) void algorithm_classification( psa_algorithm_t alg, unsigned flags ) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 08c7ca017..aa8fddd3a 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -103,7 +103,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) &handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, - data, data_length ) == expected_status ); + data, data_length ) == expected_status ); exit: mbedtls_free( data ); @@ -135,8 +135,8 @@ void persistent_key_destroy( int key_id_arg, int should_store, if( should_store == 1 ) { TEST_ASSERT( psa_import_key( - handle, first_type, - first_data->x, first_data->len ) == PSA_SUCCESS ); + handle, first_type, + first_data->x, first_data->len ) == PSA_SUCCESS ); } /* Destroy the key */ @@ -158,8 +158,8 @@ void persistent_key_destroy( int key_id_arg, int should_store, PSA_BYTES_TO_BITS( second_data->len ), &handle ) == PSA_SUCCESS ); TEST_ASSERT( psa_import_key( - handle, second_type, - second_data->x, second_data->len ) == PSA_SUCCESS ); + handle, second_type, + second_data->x, second_data->len ) == PSA_SUCCESS ); exit: mbedtls_psa_crypto_free(); @@ -240,7 +240,7 @@ void import_export_persistent_key( data_t *data, int type_arg, /* Test the key information */ TEST_ASSERT( psa_get_key_information( - handle, &got_type, &got_bits ) == PSA_SUCCESS ); + handle, &got_type, &got_bits ) == PSA_SUCCESS ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); From 8817f6100735acf18dc35849335317a27c0a9b68 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:18:46 +0100 Subject: [PATCH 0872/2197] Use PSA_ASSERT(a) in preference to TEST_ASSERT(a==PSA_SUCCESS) This commit is the result of the following command, followed by reindenting (but not wrapping lines): perl -00 -i -pe 's/^( *)TEST_ASSERT\(([^;=]*)(?: |\n *)==\s*PSA_SUCCESS\s*\);$/${1}PSA_ASSERT($2 );/gm' tests/suites/test_suite_psa_*.function --- tests/suites/test_suite_psa_crypto.function | 1540 ++++++++--------- .../test_suite_psa_crypto_entropy.function | 12 +- .../test_suite_psa_crypto_hash.function | 49 +- .../test_suite_psa_crypto_init.function | 34 +- ...t_suite_psa_crypto_persistent_key.function | 85 +- ..._suite_psa_crypto_slot_management.function | 2 +- ...est_suite_psa_crypto_storage_file.function | 1 - 7 files changed, 850 insertions(+), 873 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d6b5e5154..f665fb78f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -139,13 +139,13 @@ static int exercise_mac_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_SIGN ) { - TEST_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_update( &operation, - input, sizeof( input ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_sign_finish( &operation, - mac, sizeof( mac ), - &mac_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_mac_sign_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, + input, sizeof( input ) ) ); + PSA_ASSERT( psa_mac_sign_finish( &operation, + mac, sizeof( mac ), + &mac_length ) ); } if( usage & PSA_KEY_USAGE_VERIFY ) @@ -154,10 +154,10 @@ static int exercise_mac_key( psa_key_handle_t handle, ( usage & PSA_KEY_USAGE_SIGN ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_update( &operation, - input, sizeof( input ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_mac_verify_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, + input, sizeof( input ) ) ); TEST_ASSERT( psa_mac_verify_finish( &operation, mac, mac_length ) == verify_status ); @@ -185,19 +185,19 @@ static int exercise_cipher_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - TEST_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_generate_iv( &operation, - iv, sizeof( iv ), - &iv_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, - plaintext, sizeof( plaintext ), - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation, - ciphertext + ciphertext_length, - sizeof( ciphertext ) - ciphertext_length, - &part_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_cipher_generate_iv( &operation, + iv, sizeof( iv ), + &iv_length ) ); + PSA_ASSERT( psa_cipher_update( &operation, + plaintext, sizeof( plaintext ), + ciphertext, sizeof( ciphertext ), + &ciphertext_length ) ); + PSA_ASSERT( psa_cipher_finish( &operation, + ciphertext + ciphertext_length, + sizeof( ciphertext ) - ciphertext_length, + &part_length ) ); ciphertext_length += part_length; } @@ -211,14 +211,14 @@ static int exercise_cipher_key( psa_key_handle_t handle, TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) ); iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); } - TEST_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation, - ciphertext, ciphertext_length, - decrypted, sizeof( decrypted ), - &part_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, iv_length ) ); + PSA_ASSERT( psa_cipher_update( &operation, + ciphertext, ciphertext_length, + decrypted, sizeof( decrypted ), + &part_length ) ); status = psa_cipher_finish( &operation, decrypted + part_length, sizeof( decrypted ) - part_length, @@ -228,7 +228,7 @@ static int exercise_cipher_key( psa_key_handle_t handle, ciphertext, a padding error is likely. */ if( ( usage & PSA_KEY_USAGE_ENCRYPT ) || PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_SUCCESS || status == PSA_ERROR_INVALID_PADDING ); @@ -254,12 +254,12 @@ static int exercise_aead_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - TEST_ASSERT( psa_aead_encrypt( handle, alg, - nonce, nonce_length, - NULL, 0, - plaintext, sizeof( plaintext ), - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_aead_encrypt( handle, alg, + nonce, nonce_length, + NULL, 0, + plaintext, sizeof( plaintext ), + ciphertext, sizeof( ciphertext ), + &ciphertext_length ) ); } if( usage & PSA_KEY_USAGE_DECRYPT ) @@ -299,10 +299,10 @@ static int exercise_signature_key( psa_key_handle_t handle, psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); if( hash_alg != 0 ) payload_length = PSA_HASH_SIZE( hash_alg ); - TEST_ASSERT( psa_asymmetric_sign( handle, alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_sign( handle, alg, + payload, payload_length, + signature, sizeof( signature ), + &signature_length ) ); } if( usage & PSA_KEY_USAGE_VERIFY ) @@ -334,12 +334,12 @@ static int exercise_asymmetric_encryption_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - TEST_ASSERT( + PSA_ASSERT( psa_asymmetric_encrypt( handle, alg, plaintext, plaintext_length, NULL, 0, ciphertext, sizeof( ciphertext ), - &ciphertext_length ) == PSA_SUCCESS ); + &ciphertext_length ) ); } if( usage & PSA_KEY_USAGE_DECRYPT ) @@ -375,15 +375,15 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_DERIVE ) { - TEST_ASSERT( psa_key_derivation( &generator, - handle, alg, - label, label_length, - seed, seed_length, - sizeof( output ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_read( &generator, - output, - sizeof( output ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, + handle, alg, + label, label_length, + seed, seed_length, + sizeof( output ) ) ); + PSA_ASSERT( psa_generator_read( &generator, + output, + sizeof( output ) ) ); + PSA_ASSERT( psa_generator_abort( &generator ) ); } return( 1 ); @@ -408,16 +408,16 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, * good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_UNKNOWN_ERROR; - TEST_ASSERT( psa_get_key_information( handle, - &private_key_type, - &key_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, + &private_key_type, + &key_bits ) ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); TEST_ASSERT( public_key != NULL ); - TEST_ASSERT( psa_export_public_key( handle, - public_key, public_key_length, - &public_key_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_export_public_key( handle, + public_key, public_key_length, + &public_key_length ) ); status = psa_key_agreement( generator, handle, public_key, public_key_length, @@ -439,12 +439,11 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - TEST_ASSERT( key_agreement_with_self( &generator, handle, alg ) == - PSA_SUCCESS ); - TEST_ASSERT( psa_generator_read( &generator, - output, - sizeof( output ) ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + PSA_ASSERT( key_agreement_with_self( &generator, handle, alg ) ); + PSA_ASSERT( psa_generator_read( &generator, + output, + sizeof( output ) ) ); + PSA_ASSERT( psa_generator_abort( &generator ) ); } ok = 1; @@ -721,7 +720,7 @@ static int exercise_export_key( psa_key_handle_t handle, size_t exported_length = 0; int ok = 0; - TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) ); if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) @@ -734,9 +733,9 @@ static int exercise_export_key( psa_key_handle_t handle, exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); ASSERT_ALLOC( exported, exported_size ); - TEST_ASSERT( psa_export_key( handle, - exported, exported_size, - &exported_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_export_key( handle, + exported, exported_size, + &exported_length ) ); ok = exported_key_sanity_check( type, bits, exported, exported_length ); exit: @@ -754,7 +753,7 @@ static int exercise_export_public_key( psa_key_handle_t handle ) size_t exported_length = 0; int ok = 0; - TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) ); if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) { TEST_ASSERT( psa_export_public_key( handle, @@ -767,9 +766,9 @@ static int exercise_export_public_key( psa_key_handle_t handle ) exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ); ASSERT_ALLOC( exported, exported_size ); - TEST_ASSERT( psa_export_public_key( handle, - exported, exported_size, - &exported_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_export_public_key( handle, + exported, exported_size, + &exported_length ) ); ok = exported_key_sanity_check( public_type, bits, exported, exported_length ); @@ -885,14 +884,14 @@ void import( data_t *data, int type, int expected_status_arg ) TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) ); status = psa_import_key( handle, type, data->x, data->len ); TEST_ASSERT( status == expected_status ); if( status == PSA_SUCCESS ) - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( handle ) ); exit: mbedtls_psa_crypto_free( ); @@ -916,15 +915,15 @@ void import_twice( int alg_arg, int usage_arg, psa_key_policy_t policy; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type1, - MAX( KEY_BITS_FROM_DATA( type1, data1 ), - KEY_BITS_FROM_DATA( type2, data2 ) ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type1, + MAX( KEY_BITS_FROM_DATA( type1, data1 ), + KEY_BITS_FROM_DATA( type2, data2 ) ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); status = psa_import_key( handle, type1, data1->x, data1->len ); TEST_ASSERT( status == expected_import1_status ); @@ -958,7 +957,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) int ret; size_t length; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); ASSERT_ALLOC( buffer, buffer_size ); TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p, @@ -966,11 +965,11 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) length = ret; /* Try importing the key */ - TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, bits, &handle ) ); status = psa_import_key( handle, type, p, length ); TEST_ASSERT( status == expected_status ); if( status == PSA_SUCCESS ) - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( handle ) ); exit: mbedtls_free( buffer ); @@ -1008,25 +1007,24 @@ void import_export( data_t *data, ASSERT_ALLOC( exported, export_size ); if( ! canonical_input ) ASSERT_ALLOC( reexported, export_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage_arg, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); TEST_ASSERT( psa_get_key_information( handle, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); /* Import the key */ - TEST_ASSERT( psa_import_key( handle, type, - data->x, data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, type, + data->x, data->len ) ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( handle, - &got_type, - &got_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, + &got_type, + &got_bits ) ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); @@ -1058,26 +1056,25 @@ void import_export( data_t *data, else { psa_key_handle_t handle2; - TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) == - PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_policy( handle2, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) ); + PSA_ASSERT( psa_set_key_policy( handle2, &policy ) ); - TEST_ASSERT( psa_import_key( handle2, type, - exported, - exported_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( handle2, - reexported, - export_size, - &reexported_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle2, type, + exported, + exported_length ) ); + PSA_ASSERT( psa_export_key( handle2, + reexported, + export_size, + &reexported_length ) ); ASSERT_COMPARE( exported, exported_length, reexported, reexported_length ); - TEST_ASSERT( psa_close_key( handle2 ) == PSA_SUCCESS ); + PSA_ASSERT( psa_close_key( handle2 ) ); } TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) ); destroy: /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( handle ) ); TEST_ASSERT( psa_get_key_information( handle, NULL, NULL ) == PSA_ERROR_INVALID_HANDLE ); @@ -1095,14 +1092,14 @@ void import_key_nonempty_slot( ) psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA; psa_status_t status; const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 }; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ), + &handle ) ); /* Import the key */ - TEST_ASSERT( psa_import_key( handle, type, - data, sizeof( data ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, type, + data, sizeof( data ) ) ); /* Import the key again */ status = psa_import_key( handle, type, data, sizeof( data ) ); @@ -1122,7 +1119,7 @@ void export_invalid_handle( int handle, int expected_export_status_arg ) size_t exported_length = INVALID_EXPORT_LENGTH; psa_status_t expected_export_status = expected_export_status_arg; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); /* Export the key */ status = psa_export_key( (psa_key_handle_t) handle, @@ -1146,13 +1143,13 @@ void export_with_no_key_activity( ) size_t export_size = 0; size_t exported_length = INVALID_EXPORT_LENGTH; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Export the key */ status = psa_export_key( handle, @@ -1174,13 +1171,13 @@ void cipher_with_no_key_activity( ) psa_cipher_operation_t operation; int exercise_alg = PSA_ALG_CTR; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); @@ -1203,10 +1200,10 @@ void export_after_import_failure( data_t *data, int type_arg, psa_status_t expected_import_status = expected_import_status_arg; size_t exported_length = INVALID_EXPORT_LENGTH; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) ); /* Import the key - expect failure */ status = psa_import_key( handle, type, @@ -1235,10 +1232,10 @@ void cipher_after_import_failure( data_t *data, int type_arg, psa_status_t expected_import_status = expected_import_status_arg; int exercise_alg = PSA_ALG_CTR; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) ); /* Import the key - expect failure */ status = psa_import_key( handle, type, @@ -1266,25 +1263,25 @@ void export_after_destroy_key( data_t *data, int type_arg ) size_t export_size = 0; size_t exported_length = INVALID_EXPORT_LENGTH; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); export_size = (ptrdiff_t) data->len; ASSERT_ALLOC( exported, export_size ); /* Import the key */ - TEST_ASSERT( psa_import_key( handle, type, - data->x, data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, type, + data->x, data->len ) ); - TEST_ASSERT( psa_export_key( handle, exported, export_size, - &exported_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_export_key( handle, exported, export_size, + &exported_length ) ); /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( handle ) ); /* Export the key */ status = psa_export_key( handle, exported, export_size, @@ -1315,17 +1312,17 @@ void import_export_public_key( data_t *data, size_t exported_length = INVALID_EXPORT_LENGTH; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - TEST_ASSERT( psa_import_key( handle, type, - data->x, data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, type, + data->x, data->len ) ); /* Export the public key */ ASSERT_ALLOC( exported, export_size ); @@ -1337,8 +1334,7 @@ void import_export_public_key( data_t *data, { psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); size_t bits; - TEST_ASSERT( psa_get_key_information( handle, NULL, &bits ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) ); TEST_ASSERT( expected_public_key->len <= PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) ); ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, @@ -1368,22 +1364,22 @@ void import_and_exercise_key( data_t *data, size_t got_bits; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ status = psa_import_key( handle, type, data->x, data->len ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( handle, - &got_type, - &got_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, + &got_type, + &got_bits ) ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == bits ); @@ -1410,22 +1406,22 @@ void key_policy( int usage_arg, int alg_arg ) memset( key, 0x2a, sizeof( key ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ), + &handle ) ); psa_key_policy_init( &policy_set ); psa_key_policy_init( &policy_get ); psa_key_policy_set_usage( &policy_set, usage, alg ); TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage ); TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key, sizeof( key ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key, sizeof( key ) ) ); - TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); TEST_ASSERT( policy_get.usage == policy_set.usage ); TEST_ASSERT( policy_get.alg == policy_set.alg ); @@ -1449,22 +1445,22 @@ void mac_key_policy( int policy_usage, psa_status_t status; unsigned char mac[PSA_MAC_MAX_SIZE]; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); status = psa_mac_sign_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); psa_mac_abort( &operation ); @@ -1473,7 +1469,7 @@ void mac_key_policy( int policy_usage, status = psa_mac_verify_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1496,22 +1492,22 @@ void cipher_key_policy( int policy_usage, psa_cipher_operation_t operation; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); psa_cipher_abort( &operation ); @@ -1519,7 +1515,7 @@ void cipher_key_policy( int policy_usage, status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1551,17 +1547,17 @@ void aead_key_policy( int policy_usage, TEST_ASSERT( nonce_length <= sizeof( nonce ) ); TEST_ASSERT( tag_length <= sizeof( tag ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); status = psa_aead_encrypt( handle, exercise_alg, nonce, nonce_length, @@ -1571,7 +1567,7 @@ void aead_key_policy( int policy_usage, &output_length ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1609,21 +1605,21 @@ void asymmetric_encryption_key_policy( int policy_usage, unsigned char *buffer = NULL; size_t output_length; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); - TEST_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, + NULL, + &key_bits ) ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, exercise_alg ); ASSERT_ALLOC( buffer, buffer_length ); @@ -1635,7 +1631,7 @@ void asymmetric_encryption_key_policy( int policy_usage, &output_length ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1674,17 +1670,17 @@ void asymmetric_signature_key_policy( int policy_usage, unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); status = psa_asymmetric_sign( handle, exercise_alg, payload, payload_length, @@ -1692,7 +1688,7 @@ void asymmetric_signature_key_policy( int policy_usage, &signature_length ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1724,17 +1720,17 @@ void derive_key_policy( int policy_usage, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); status = psa_key_derivation( &generator, handle, exercise_alg, @@ -1743,7 +1739,7 @@ void derive_key_policy( int policy_usage, 1 ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1767,23 +1763,23 @@ void agreement_key_policy( int policy_usage, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); status = key_agreement_with_self( &generator, handle, exercise_alg ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); @@ -1803,7 +1799,7 @@ void hash_setup( int alg_arg, psa_hash_operation_t operation; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); status = psa_hash_setup( &operation, alg ); psa_hash_abort( &operation ); @@ -1826,7 +1822,7 @@ void hash_bad_order( ) size_t hash_len; psa_hash_operation_t operation; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); /* psa_hash_update without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); @@ -1864,22 +1860,22 @@ void hash_verify_bad_args( ) size_t expected_size = PSA_HASH_SIZE( alg ); psa_hash_operation_t operation; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); /* psa_hash_verify with a smaller hash than expected */ - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); TEST_ASSERT( psa_hash_verify( &operation, hash, expected_size - 1 ) == PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a non-matching hash */ - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); TEST_ASSERT( psa_hash_verify( &operation, hash + 1, expected_size ) == PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a hash longer than expected */ - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); TEST_ASSERT( psa_hash_verify( &operation, hash, sizeof( hash ) ) == PSA_ERROR_INVALID_SIGNATURE ); @@ -1898,10 +1894,10 @@ void hash_finish_bad_args( ) psa_hash_operation_t operation; size_t hash_len; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); /* psa_hash_finish with a smaller hash buffer than expected */ - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); TEST_ASSERT( psa_hash_finish( &operation, hash, expected_size - 1, &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1925,18 +1921,18 @@ void mac_setup( int key_type_arg, psa_key_policy_t policy; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); status = psa_mac_sign_setup( &operation, handle, alg ); psa_mac_abort( &operation ); @@ -1972,25 +1968,25 @@ void mac_sign( int key_type_arg, TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); TEST_ASSERT( expected_mac->len <= mac_buffer_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); /* Calculate the MAC. */ - TEST_ASSERT( psa_mac_sign_setup( &operation, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_update( &operation, - input->x, input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_sign_finish( &operation, - actual_mac, mac_buffer_size, - &mac_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_mac_sign_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, + input->x, input->len ) ); + PSA_ASSERT( psa_mac_sign_finish( &operation, + actual_mac, mac_buffer_size, + &mac_length ) ); /* Compare with the expected value. */ TEST_ASSERT( mac_length == expected_mac->len ); @@ -2028,25 +2024,25 @@ void mac_verify( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_update( &operation, - input->x, input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_mac_verify_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_destroy_key( handle ) ); + PSA_ASSERT( psa_mac_update( &operation, + input->x, input->len ) ); + PSA_ASSERT( psa_mac_verify_finish( &operation, + expected_mac->x, + expected_mac->len ) ); exit: psa_destroy_key( handle ); @@ -2068,16 +2064,16 @@ void cipher_setup( int key_type_arg, psa_key_policy_t policy; psa_status_t status; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); status = psa_cipher_encrypt_setup( &operation, handle, alg ); psa_cipher_abort( &operation ); @@ -2119,30 +2115,30 @@ void cipher_encrypt( int alg_arg, int key_type_arg, iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, + handle, alg ) ); - TEST_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_size ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, iv_size ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); - TEST_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; status = psa_cipher_finish( &operation, output + function_output_length, @@ -2153,7 +2149,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( status == expected_status ); if( expected_status == PSA_SUCCESS ) { - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -2194,43 +2190,43 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_cipher_encrypt_setup( &operation, - handle, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, + handle, alg ) ); - TEST_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); - TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, + output, output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; - TEST_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + output, output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; - TEST_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); @@ -2272,45 +2268,45 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, + handle, alg ) ); - TEST_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); - TEST_ASSERT( psa_cipher_update( &operation, - input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x, first_part_size, + output, output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; - TEST_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x + first_part_size, + input->len - first_part_size, + output, output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; - TEST_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_finish( &operation, + output + function_output_length, + output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); @@ -2352,31 +2348,31 @@ void cipher_decrypt( int alg_arg, int key_type_arg, iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_cipher_decrypt_setup( &operation, - handle, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, + handle, alg ) ); - TEST_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_size ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, iv_size ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); - TEST_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length ) ); total_output_length += function_output_length; status = psa_cipher_finish( &operation, output + function_output_length, @@ -2387,7 +2383,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { - TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -2426,57 +2422,57 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_cipher_encrypt_setup( &operation1, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_decrypt_setup( &operation2, - handle, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, + handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, + handle, alg ) ); - TEST_ASSERT( psa_cipher_generate_iv( &operation1, - iv, iv_size, - &iv_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_generate_iv( &operation1, + iv, iv_size, + &iv_length ) ); output1_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output1, output1_size ); - TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len, - output1, output1_size, - &output1_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, output1_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len, + output1, output1_size, + &output1_length ) ); + PSA_ASSERT( psa_cipher_finish( &operation1, + output1 + output1_length, output1_size, + &function_output_length ) ); output1_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation1 ) ); output2_size = output1_length; ASSERT_ALLOC( output2, output2_size ); - TEST_ASSERT( psa_cipher_set_iv( &operation2, - iv, iv_length ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, - output2, output2_size, - &output2_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_set_iv( &operation2, + iv, iv_length ) ); + PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length, + output2, output2_size, + &output2_length ) ); function_output_length = 0; - TEST_ASSERT( psa_cipher_finish( &operation2, - output2 + output2_length, - output2_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_finish( &operation2, + output2 + output2_length, + output2_size, + &function_output_length ) ); output2_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation2 ) ); ASSERT_COMPARE( input->x, input->len, output2, output2_length ); @@ -2517,76 +2513,76 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key->x, key->len ) ); - TEST_ASSERT( psa_cipher_encrypt_setup( &operation1, - handle, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_cipher_decrypt_setup( &operation2, - handle, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, + handle, alg ) ); + PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, + handle, alg ) ); - TEST_ASSERT( psa_cipher_generate_iv( &operation1, - iv, iv_size, - &iv_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_generate_iv( &operation1, + iv, iv_size, + &iv_length ) ); output1_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output1, output1_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); - TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, - output1, output1_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, + output1, output1_buffer_size, + &function_output_length ) ); output1_length += function_output_length; - TEST_ASSERT( psa_cipher_update( &operation1, - input->x + first_part_size, - input->len - first_part_size, - output1, output1_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation1, + input->x + first_part_size, + input->len - first_part_size, + output1, output1_buffer_size, + &function_output_length ) ); output1_length += function_output_length; - TEST_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, - output1_buffer_size - output1_length, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_finish( &operation1, + output1 + output1_length, + output1_buffer_size - output1_length, + &function_output_length ) ); output1_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation1 ) ); output2_buffer_size = output1_length; ASSERT_ALLOC( output2, output2_buffer_size ); - TEST_ASSERT( psa_cipher_set_iv( &operation2, - iv, iv_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_set_iv( &operation2, + iv, iv_length ) ); - TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, - output2, output2_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, + output2, output2_buffer_size, + &function_output_length ) ); output2_length += function_output_length; - TEST_ASSERT( psa_cipher_update( &operation2, - output1 + first_part_size, - output1_length - first_part_size, - output2, output2_buffer_size, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_update( &operation2, + output1 + first_part_size, + output1_length - first_part_size, + output2, output2_buffer_size, + &function_output_length ) ); output2_length += function_output_length; - TEST_ASSERT( psa_cipher_finish( &operation2, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_finish( &operation2, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length ) ); output2_length += function_output_length; - TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); + PSA_ASSERT( psa_cipher_abort( &operation2 ) ); ASSERT_COMPARE( input->x, input->len, output2, output2_length ); @@ -2630,18 +2626,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); TEST_ASSERT( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, @@ -2706,24 +2702,24 @@ void aead_encrypt( int key_type_arg, data_t *key_data, output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); - TEST_ASSERT( psa_aead_encrypt( handle, alg, - nonce->x, nonce->len, - additional_data->x, additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_aead_encrypt( handle, alg, + nonce->x, nonce->len, + additional_data->x, additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length ) ); ASSERT_COMPARE( expected_result->x, expected_result->len, output_data, output_length ); @@ -2768,17 +2764,17 @@ void aead_decrypt( int key_type_arg, data_t *key_data, output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); TEST_ASSERT( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, @@ -2835,21 +2831,21 @@ void sign_deterministic( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); + PSA_ASSERT( psa_get_key_information( handle, + NULL, + &key_bits ) ); /* Allocate a buffer which has the size advertized by the * library. */ @@ -2860,10 +2856,10 @@ void sign_deterministic( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - TEST_ASSERT( psa_asymmetric_sign( handle, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_sign( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); /* Verify that the signature is what is expected. */ ASSERT_COMPARE( output_data->x, output_data->len, signature, signature_length ); @@ -2897,18 +2893,18 @@ void sign_fail( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); actual_status = psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, @@ -2941,23 +2937,23 @@ void sign_verify( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); + PSA_ASSERT( psa_get_key_information( handle, + NULL, + &key_bits ) ); /* Allocate a buffer which has the size advertized by the * library. */ @@ -2968,19 +2964,19 @@ void sign_verify( int key_type_arg, data_t *key_data, ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - TEST_ASSERT( psa_asymmetric_sign( handle, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_sign( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); /* Check that the signature length looks sensible. */ TEST_ASSERT( signature_length <= signature_size ); TEST_ASSERT( signature_length > 0 ); /* Use the library to verify that the signature is correct. */ - TEST_ASSERT( psa_asymmetric_verify( - handle, alg, - input_data->x, input_data->len, - signature, signature_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_verify( + handle, alg, + input_data->x, input_data->len, + signature, signature_length ) ); if( input_data->len != 0 ) { @@ -3021,23 +3017,23 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); - TEST_ASSERT( psa_asymmetric_verify( handle, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_verify( handle, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len ) ); exit: psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); @@ -3064,18 +3060,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); actual_status = psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3111,24 +3107,23 @@ void asymmetric_encrypt( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - + PSA_ASSERT( psa_crypto_init( ) ); /* Import the key */ - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); /* Determine the maximum output length */ - TEST_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, + NULL, + &key_bits ) ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); @@ -3188,26 +3183,25 @@ void asymmetric_encrypt_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); - - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); /* Determine the maximum ciphertext length */ - TEST_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( handle, + NULL, + &key_bits ) ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); output2_size = input_data->len; @@ -3216,20 +3210,20 @@ void asymmetric_encrypt_decrypt( int key_type_arg, /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ - TEST_ASSERT( psa_asymmetric_encrypt( handle, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_encrypt( handle, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length ) ); /* We don't know what ciphertext length to expect, but check that * it looks sensible. */ TEST_ASSERT( output_length <= output_size ); - TEST_ASSERT( psa_asymmetric_decrypt( handle, alg, - output, output_length, - label->x, label->len, - output2, output2_size, - &output2_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, + output, output_length, + label->x, label->len, + output2, output2_size, + &output2_length ) ); ASSERT_COMPARE( input_data->x, input_data->len, output2, output2_length ); @@ -3267,25 +3261,25 @@ void asymmetric_decrypt( int key_type_arg, output_size = key_data->len; ASSERT_ALLOC( output, output_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); - TEST_ASSERT( psa_asymmetric_decrypt( handle, alg, - input_data->x, input_data->len, - label->x, label->len, - output, - output_size, - &output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, + input_data->x, input_data->len, + label->x, label->len, + output, + output_size, + &output_length ) ); ASSERT_COMPARE( expected_data->x, expected_data->len, output, output_length ); @@ -3296,12 +3290,12 @@ void asymmetric_decrypt( int key_type_arg, output_length = ~0; if( output_size != 0 ) memset( output, 0, output_size ); - TEST_ASSERT( psa_asymmetric_decrypt( handle, alg, - input_data->x, input_data->len, - NULL, label->len, - output, - output_size, - &output_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, + input_data->x, input_data->len, + NULL, label->len, + output, + output_size, + &output_length ) ); ASSERT_COMPARE( expected_data->x, expected_data->len, output, output_length ); } @@ -3339,18 +3333,18 @@ void asymmetric_decrypt_fail( int key_type_arg, output_size = key_data->len; ASSERT_ALLOC( output, output_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + KEY_BITS_FROM_DATA( key_type, key_data ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); actual_status = psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -3400,17 +3394,17 @@ void derive_setup( int key_type_arg, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, + key_data->len ) ); TEST_ASSERT( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, @@ -3438,24 +3432,24 @@ void test_derive_invalid_generator_state( ) 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( key_type, - PSA_BYTES_TO_BITS( sizeof( key_data ) ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( key_type, + PSA_BYTES_TO_BITS( sizeof( key_data ) ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, key_type, - key_data, - sizeof( key_data ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data, + sizeof( key_data ) ) ); /* valid key derivation */ - TEST_ASSERT( psa_key_derivation( &generator, handle, alg, - NULL, 0, - NULL, 0, - capacity ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + NULL, 0, + NULL, 0, + capacity ) ); /* state of generator shouldn't allow additional generation */ TEST_ASSERT( psa_key_derivation( &generator, handle, alg, @@ -3463,13 +3457,12 @@ void test_derive_invalid_generator_state( ) NULL, 0, capacity ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_generator_read( &generator, buffer, capacity ) - == PSA_SUCCESS ); + PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) + ); TEST_ASSERT( psa_generator_read( &generator, buffer, capacity ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); - exit: psa_generator_abort( &generator ); psa_destroy_key( handle ); @@ -3477,7 +3470,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void test_derive_invalid_generator_tests( ) { @@ -3492,7 +3484,7 @@ void test_derive_invalid_generator_tests( ) TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183 - TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_generator_abort( &generator ) ); TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183 @@ -3538,27 +3530,26 @@ void derive_output( int alg_arg, expected_outputs[i] = NULL; } ASSERT_ALLOC( output_buffer, output_buffer_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) ); /* Extraction phase. */ - TEST_ASSERT( psa_key_derivation( &generator, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_generator_capacity( &generator, - ¤t_capacity ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) ); + PSA_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) ); TEST_ASSERT( current_capacity == requested_capacity ); expected_capacity = requested_capacity; @@ -3584,18 +3575,17 @@ void derive_output( int alg_arg, continue; } /* Success. Check the read data. */ - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); if( output_sizes[i] != 0 ) TEST_ASSERT( memcmp( output_buffer, expected_outputs[i], output_sizes[i] ) == 0 ); /* Check the generator status. */ expected_capacity -= output_sizes[i]; - TEST_ASSERT( psa_get_generator_capacity( &generator, - ¤t_capacity ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) ); TEST_ASSERT( expected_capacity == current_capacity ); } - TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_generator_abort( &generator ) ); exit: mbedtls_free( output_buffer ); @@ -3621,27 +3611,26 @@ void derive_full( int alg_arg, size_t current_capacity; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) ); /* Extraction phase. */ - TEST_ASSERT( psa_key_derivation( &generator, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_generator_capacity( &generator, - ¤t_capacity ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) ); + PSA_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) ); TEST_ASSERT( current_capacity == expected_capacity ); /* Expansion phase. */ @@ -3650,13 +3639,12 @@ void derive_full( int alg_arg, size_t read_size = sizeof( output_buffer ); if( read_size > current_capacity ) read_size = current_capacity; - TEST_ASSERT( psa_generator_read( &generator, - output_buffer, - read_size ) == PSA_SUCCESS ); + PSA_ASSERT( psa_generator_read( &generator, + output_buffer, + read_size ) ); expected_capacity -= read_size; - TEST_ASSERT( psa_get_generator_capacity( &generator, - ¤t_capacity ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_get_generator_capacity( &generator, + ¤t_capacity ) ); TEST_ASSERT( current_capacity == expected_capacity ); } @@ -3665,7 +3653,7 @@ void derive_full( int alg_arg, output_buffer, 1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); - TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_generator_abort( &generator ) ); exit: psa_generator_abort( &generator ); @@ -3697,36 +3685,36 @@ void derive_key_exercise( int alg_arg, psa_key_type_t got_type; size_t got_bits; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &base_handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &base_handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); + PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) ); /* Derive a key. */ - TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg, - salt->x, salt->len, - label->x, label->len, - capacity ) == PSA_SUCCESS ); - TEST_ASSERT( psa_allocate_key( derived_type, derived_bits, - &derived_handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + salt->x, salt->len, + label->x, label->len, + capacity ) ); + PSA_ASSERT( psa_allocate_key( derived_type, derived_bits, + &derived_handle ) ); psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); - TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( derived_handle, - derived_type, - derived_bits, - &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); + PSA_ASSERT( psa_generator_import_key( derived_handle, + derived_type, + derived_bits, + &generator ) ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( derived_handle, - &got_type, - &got_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( derived_handle, + &got_type, + &got_bits ) ); TEST_ASSERT( got_type == derived_type ); TEST_ASSERT( got_bits == derived_bits ); @@ -3765,57 +3753,57 @@ void derive_key_export( int alg_arg, ASSERT_ALLOC( output_buffer, capacity ); ASSERT_ALLOC( export_buffer, capacity ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &base_handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( key_data->len ), + &base_handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, - key_data->x, - key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); + PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, + key_data->x, + key_data->len ) ); /* Derive some material and output it. */ - TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg, - salt->x, salt->len, - label->x, label->len, - capacity ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_read( &generator, - output_buffer, - capacity ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + salt->x, salt->len, + label->x, label->len, + capacity ) ); + PSA_ASSERT( psa_generator_read( &generator, + output_buffer, + capacity ) ); + PSA_ASSERT( psa_generator_abort( &generator ) ); /* Derive the same output again, but this time store it in key objects. */ - TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg, - salt->x, salt->len, - label->x, label->len, - capacity ) == PSA_SUCCESS ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits, - &derived_handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + salt->x, salt->len, + label->x, label->len, + capacity ) ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits, + &derived_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); - TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( derived_handle, - PSA_KEY_TYPE_RAW_DATA, - derived_bits, - &generator ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( derived_handle, - export_buffer, bytes1, - &length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); + PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_KEY_TYPE_RAW_DATA, + derived_bits, + &generator ) ); + PSA_ASSERT( psa_export_key( derived_handle, + export_buffer, bytes1, + &length ) ); TEST_ASSERT( length == bytes1 ); - TEST_ASSERT( psa_destroy_key( derived_handle ) == PSA_SUCCESS ); - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, - PSA_BYTES_TO_BITS( bytes2 ), - &derived_handle ) == PSA_SUCCESS ); - TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( derived_handle, - PSA_KEY_TYPE_RAW_DATA, - PSA_BYTES_TO_BITS( bytes2 ), - &generator ) == PSA_SUCCESS ); - TEST_ASSERT( psa_export_key( derived_handle, - export_buffer + bytes1, bytes2, - &length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( derived_handle ) ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( bytes2 ), + &derived_handle ) ); + PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); + PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( bytes2 ), + &generator ) ); + PSA_ASSERT( psa_export_key( derived_handle, + export_buffer + bytes1, bytes2, + &length ) ); TEST_ASSERT( length == bytes2 ); /* Compare the outputs from the two runs. */ @@ -3843,18 +3831,18 @@ void key_agreement_setup( int alg_arg, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( our_key_type, - KEY_BITS_FROM_DATA( our_key_type, - our_key_data ), - &our_key ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( our_key_type, + KEY_BITS_FROM_DATA( our_key_type, + our_key_data ), + &our_key ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( our_key, our_key_type, - our_key_data->x, - our_key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); + PSA_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) ); TEST_ASSERT( psa_key_agreement( &generator, our_key, @@ -3882,40 +3870,38 @@ void key_agreement_capacity( int alg_arg, size_t actual_capacity; unsigned char output[16]; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( our_key_type, - KEY_BITS_FROM_DATA( our_key_type, - our_key_data ), - &our_key ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( our_key_type, + KEY_BITS_FROM_DATA( our_key_type, + our_key_data ), + &our_key ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( our_key, our_key_type, - our_key_data->x, - our_key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); + PSA_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) ); - TEST_ASSERT( psa_key_agreement( &generator, - our_key, - peer_key_data->x, peer_key_data->len, - alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_agreement( &generator, + our_key, + peer_key_data->x, peer_key_data->len, + alg ) ); /* Test the advertized capacity. */ - TEST_ASSERT( psa_get_generator_capacity( - &generator, &actual_capacity ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_generator_capacity( + &generator, &actual_capacity ) ); TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg ); /* Test the actual capacity by reading the output. */ while( actual_capacity > sizeof( output ) ) { - TEST_ASSERT( psa_generator_read( &generator, - output, sizeof( output ) ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_generator_read( &generator, + output, sizeof( output ) ) ); actual_capacity -= sizeof( output ); } - TEST_ASSERT( psa_generator_read( &generator, - output, actual_capacity ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_generator_read( &generator, + output, actual_capacity ) ); TEST_ASSERT( psa_generator_read( &generator, output, 1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); @@ -3942,36 +3928,36 @@ void key_agreement_output( int alg_arg, ASSERT_ALLOC( actual_output, MAX( expected_output1->len, expected_output2->len ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( our_key_type, - KEY_BITS_FROM_DATA( our_key_type, - our_key_data ), - &our_key ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( our_key_type, + KEY_BITS_FROM_DATA( our_key_type, + our_key_data ), + &our_key ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( our_key, our_key_type, - our_key_data->x, - our_key_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); + PSA_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) ); - TEST_ASSERT( psa_key_agreement( &generator, - our_key, - peer_key_data->x, peer_key_data->len, - alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_agreement( &generator, + our_key, + peer_key_data->x, peer_key_data->len, + alg ) ); - TEST_ASSERT( + PSA_ASSERT( psa_generator_read( &generator, actual_output, - expected_output1->len ) == PSA_SUCCESS ); + expected_output1->len ) ); TEST_ASSERT( memcmp( actual_output, expected_output1->x, expected_output1->len ) == 0 ); if( expected_output2->len != 0 ) { - TEST_ASSERT( + PSA_ASSERT( psa_generator_read( &generator, actual_output, - expected_output2->len ) == PSA_SUCCESS ); + expected_output2->len ) ); TEST_ASSERT( memcmp( actual_output, expected_output2->x, expected_output2->len ) == 0 ); } @@ -3998,7 +3984,7 @@ void generate_random( int bytes_arg ) ASSERT_ALLOC( changed, bytes ); memcpy( output + bytes, trail, sizeof( trail ) ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); /* Run several times, to ensure that every output byte will be * nonzero at least once with overwhelming probability @@ -4007,7 +3993,7 @@ void generate_random( int bytes_arg ) { if( bytes != 0 ) memset( output, 0, bytes ); - TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS ); + PSA_ASSERT( psa_generate_random( output, bytes ) ); /* Check that no more than bytes have been overwritten */ TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 ); @@ -4053,12 +4039,12 @@ void generate_key( int type_arg, expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT; psa_key_policy_t policy; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( type, bits, &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Generate a key */ TEST_ASSERT( psa_generate_key( handle, type, bits, @@ -4110,50 +4096,50 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, ASSERT_ALLOC( first_export, export_size ); ASSERT_ALLOC( second_export, export_size ); - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init() ); - TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1, - type, bits, - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1, + type, bits, + &handle ) ); psa_key_policy_init( &policy_set ); psa_key_policy_set_usage( &policy_set, policy_usage, policy_alg ); - TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); switch( generation_method ) { case IMPORT_KEY: /* Import the key */ - TEST_ASSERT( psa_import_key( handle, type, - data->x, data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, type, + data->x, data->len ) ); break; case GENERATE_KEY: /* Generate a key */ - TEST_ASSERT( psa_generate_key( handle, type, bits, - NULL, 0 ) == PSA_SUCCESS ); + PSA_ASSERT( psa_generate_key( handle, type, bits, + NULL, 0 ) ); break; case DERIVE_KEY: /* Create base key */ - TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( data->len ), - &base_key ) == PSA_SUCCESS ); + PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, + PSA_BYTES_TO_BITS( data->len ), + &base_key ) ); psa_key_policy_init( &base_policy_set ); psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, base_policy_alg ); - TEST_ASSERT( psa_set_key_policy( - base_key, &base_policy_set ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, - data->x, data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( + base_key, &base_policy_set ) ); + PSA_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + data->x, data->len ) ); /* Derive a key. */ - TEST_ASSERT( psa_key_derivation( &generator, base_key, - base_policy_alg, - NULL, 0, NULL, 0, - export_size ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generator_import_key( - handle, PSA_KEY_TYPE_RAW_DATA, - bits, &generator ) == PSA_SUCCESS ); + PSA_ASSERT( psa_key_derivation( &generator, base_key, + base_policy_alg, + NULL, 0, NULL, 0, + export_size ) ); + PSA_ASSERT( psa_generator_import_key( + handle, PSA_KEY_TYPE_RAW_DATA, + bits, &generator ) ); break; } @@ -4163,17 +4149,17 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, /* Shutdown and restart */ mbedtls_psa_crypto_free(); - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init() ); /* Check key slot still contains key data */ - TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1, - &handle ) == PSA_SUCCESS ); - TEST_ASSERT( psa_get_key_information( - handle, &type_get, &bits_get ) == PSA_SUCCESS ); + PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1, + &handle ) ); + PSA_ASSERT( psa_get_key_information( + handle, &type_get, &bits_get ) ); TEST_ASSERT( type_get == type ); TEST_ASSERT( bits_get == (size_t) bits ); - TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); TEST_ASSERT( psa_key_policy_get_usage( &policy_get ) == policy_usage ); TEST_ASSERT( psa_key_policy_get_algorithm( diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 46c77e97c..117184df2 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -55,9 +55,9 @@ void validate_entropy_seed_injection( int seed_length_a, TEST_ASSERT( status == expected_status_a ); status = mbedtls_psa_inject_entropy( seed, seed_length_b ); TEST_ASSERT( status == expected_status_b ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( psa_generate_random( output, - sizeof( output ) ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_generate_random( output, + sizeof( output ) ) ); TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 ); exit: mbedtls_free( seed ); @@ -82,15 +82,15 @@ void run_entropy_inject_with_crypto_init( ) TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); status = psa_crypto_init( ); TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); /* The seed is written by nv_seed callback functions therefore the injection will fail */ status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index bed80e262..5931a2338 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -23,14 +23,14 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) size_t actual_hash_length; psa_hash_operation_t operation; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x, input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_update( &operation, + input->x, input->len ) ); + PSA_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) ); ASSERT_COMPARE( expected_hash->x, expected_hash->len, actual_hash, actual_hash_length ); @@ -45,15 +45,15 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) psa_algorithm_t alg = alg_arg; psa_hash_operation_t operation; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x, - input->len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_verify( &operation, - expected_hash->x, - expected_hash->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_update( &operation, + input->x, + input->len ) ); + PSA_ASSERT( psa_hash_verify( &operation, + expected_hash->x, + expected_hash->len ) ); exit: mbedtls_psa_crypto_free( ); @@ -69,22 +69,21 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) psa_hash_operation_t operation; uint32_t len = 0; - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); do { memset( actual_hash, 0, sizeof( actual_hash ) ); - TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_ASSERT( psa_hash_update( &operation, - input->x, len ) == PSA_SUCCESS ); - TEST_ASSERT( psa_hash_update( &operation, - input->x + len, input->len - len ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_hash_update( &operation, + input->x, len ) ); + PSA_ASSERT( psa_hash_update( &operation, + input->x + len, input->len - len ) ); - TEST_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_hash_finish( &operation, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) ); ASSERT_COMPARE( expected_hash->x, expected_hash->len, actual_hash, actual_hash_length ); diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 132fe82f8..f4da989db 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -142,9 +142,9 @@ void init_deinit( int count ) for( i = 0; i < count; i++ ) { status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); } } @@ -156,7 +156,7 @@ void deinit_without_init( int count ) int i; for( i = 0; i < count; i++ ) { - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); mbedtls_psa_crypto_free( ); } mbedtls_psa_crypto_free( ); @@ -172,7 +172,7 @@ void validate_module_init_generate_random( int count ) for( i = 0; i < count; i++ ) { status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); } status = psa_generate_random( random, sizeof( random ) ); @@ -189,7 +189,7 @@ void validate_module_init_key_based( int count ) for( i = 0; i < count; i++ ) { status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); } status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); @@ -204,16 +204,14 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) uint8_t random[10] = { 0 }; custom_entropy_sources_mask = sources_arg; - TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) == - PSA_SUCCESS ); + PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free ) ); TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; - TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); exit: mbedtls_psa_crypto_free( ); @@ -246,16 +244,14 @@ void fake_entropy_source( int threshold, fake_entropy_state.length_sequence = lengths; custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE; - TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) == - PSA_SUCCESS ); + PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free ) ); TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; - TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); exit: mbedtls_psa_crypto_free( ); @@ -275,16 +271,14 @@ void entropy_from_nv_seed( int seed_size_arg, TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 ); custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; - TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) == - PSA_SUCCESS ); + PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free ) ); TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; - TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) == - PSA_SUCCESS ); + PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); exit: mbedtls_free( seed ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index aa8fddd3a..bf7537641 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -81,7 +81,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void save_large_persistent_key( int data_too_large, int expected_status ) { @@ -95,12 +94,12 @@ void save_large_persistent_key( int data_too_large, int expected_status ) ASSERT_ALLOC( data, data_length ); - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init() ); - TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - PSA_KEY_TYPE_RAW_DATA, - PSA_BYTES_TO_BITS( data_length ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + PSA_KEY_TYPE_RAW_DATA, + PSA_BYTES_TO_BITS( data_length ), + &handle ) ); TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, data, data_length ) == expected_status ); @@ -123,24 +122,24 @@ void persistent_key_destroy( int key_id_arg, int should_store, psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init() ); psa_key_policy_init( &policy ); - TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - first_type, - PSA_BYTES_TO_BITS( first_data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + first_type, + PSA_BYTES_TO_BITS( first_data->len ), + &handle ) ); if( should_store == 1 ) { - TEST_ASSERT( psa_import_key( - handle, first_type, - first_data->x, first_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( + handle, first_type, + first_data->x, first_data->len ) ); } /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( handle ) ); /* Check key slot storage is removed */ TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); @@ -150,16 +149,16 @@ void persistent_key_destroy( int key_id_arg, int should_store, /* Shutdown and restart */ mbedtls_psa_crypto_free(); - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init() ); /* Create another key in the same slot */ - TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - second_type, - PSA_BYTES_TO_BITS( second_data->len ), - &handle ) == PSA_SUCCESS ); - TEST_ASSERT( psa_import_key( - handle, second_type, - second_data->x, second_data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + second_type, + PSA_BYTES_TO_BITS( second_data->len ), + &handle ) ); + PSA_ASSERT( psa_import_key( + handle, second_type, + second_data->x, second_data->len ) ); exit: mbedtls_psa_crypto_free(); @@ -177,12 +176,12 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_handle_t handle = 0; - TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init() ); - TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - type, - PSA_BYTES_TO_BITS( data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + type, + PSA_BYTES_TO_BITS( data->len ), + &handle ) ); psa_key_policy_init( &policy ); TEST_ASSERT( psa_import_key( handle, type, data->x, data->len ) == expected_status ); @@ -193,7 +192,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, goto exit; } - TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) ); TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT ); exit: @@ -219,28 +218,28 @@ void import_export_persistent_key( data_t *data, int type_arg, ASSERT_ALLOC( exported, export_size ); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - type, - PSA_BYTES_TO_BITS( data->len ), - &handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + type, + PSA_BYTES_TO_BITS( data->len ), + &handle ) ); psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_VENDOR_FLAG ); - TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - TEST_ASSERT( psa_import_key( handle, type, - data->x, data->len ) == PSA_SUCCESS ); + PSA_ASSERT( psa_import_key( handle, type, + data->x, data->len ) ); - TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) ); TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( - handle, &got_type, &got_bits ) == PSA_SUCCESS ); + PSA_ASSERT( psa_get_key_information( + handle, &got_type, &got_bits ) ); TEST_ASSERT( got_type == type ); TEST_ASSERT( got_bits == (size_t) expected_bits ); @@ -251,13 +250,13 @@ void import_export_persistent_key( data_t *data, int type_arg, psa_destroy_persistent_key( key_id ); } /* Export the key */ - TEST_ASSERT( psa_export_key( handle, exported, export_size, - &exported_length ) == PSA_SUCCESS ); + PSA_ASSERT( psa_export_key( handle, exported, export_size, + &exported_length ) ); ASSERT_COMPARE( data->x, data->len, exported, exported_length ); /* Destroy the key */ - TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS ); + PSA_ASSERT( psa_destroy_key( handle ) ); TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); exit: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 407d24b1c..4584ceb94 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -367,7 +367,7 @@ void many_transient_handles( int max_handles_arg ) &handles[i] ); if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) break; - TEST_ASSERT( status == PSA_SUCCESS ); + PSA_ASSERT( status ); TEST_ASSERT( handles[i] != 0 ); for( j = 0; j < i; j++ ) TEST_ASSERT( handles[i] != handles[j] ); diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function index e753d7862..dabba2096 100644 --- a/tests/suites/test_suite_psa_crypto_storage_file.function +++ b/tests/suites/test_suite_psa_crypto_storage_file.function @@ -97,7 +97,6 @@ exit: } /* END_CASE */ - /* BEGIN_CASE */ void get_file_size( data_t *data, int expected_data_length, int expected_status, int should_make_file ) From fe11b72b93598532cedd198d7d42cfc1609d31e2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:24:04 +0100 Subject: [PATCH 0873/2197] Use TEST_EQUAL(a,b) in preference to TEST_ASSERT(a==b) This commit is the result of the following command, followed by reindenting (but not wrapping lines): perl -00 -i -pe 's/^( *)TEST_ASSERT\(([^;=]*)(?: |\n *)==([^;=]*)\);$/${1}TEST_EQUAL($2,$3);/gm' tests/suites/test_suite_psa_*.function --- tests/suites/test_suite_psa_crypto.function | 406 +++++++++--------- .../test_suite_psa_crypto_entropy.function | 10 +- .../test_suite_psa_crypto_init.function | 10 +- .../test_suite_psa_crypto_metadata.function | 100 ++--- ...t_suite_psa_crypto_persistent_key.function | 38 +- ..._suite_psa_crypto_slot_management.function | 62 +-- ...est_suite_psa_crypto_storage_file.function | 26 +- 7 files changed, 326 insertions(+), 326 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f665fb78f..561136de2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -158,9 +158,9 @@ static int exercise_mac_key( psa_key_handle_t handle, handle, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - TEST_ASSERT( psa_mac_verify_finish( &operation, - mac, - mac_length ) == verify_status ); + TEST_EQUAL( psa_mac_verify_finish( &operation, + mac, + mac_length ), verify_status ); } return( 1 ); @@ -268,12 +268,12 @@ static int exercise_aead_key( psa_key_handle_t handle, ( usage & PSA_KEY_USAGE_ENCRYPT ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_ASSERT( psa_aead_decrypt( handle, alg, - nonce, nonce_length, - NULL, 0, - ciphertext, ciphertext_length, - plaintext, sizeof( plaintext ), - &plaintext_length ) == verify_status ); + TEST_EQUAL( psa_aead_decrypt( handle, alg, + nonce, nonce_length, + NULL, 0, + ciphertext, ciphertext_length, + plaintext, sizeof( plaintext ), + &plaintext_length ), verify_status ); } return( 1 ); @@ -311,10 +311,10 @@ static int exercise_signature_key( psa_key_handle_t handle, ( usage & PSA_KEY_USAGE_SIGN ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_ASSERT( psa_asymmetric_verify( handle, alg, - payload, payload_length, - signature, signature_length ) == - verify_status ); + TEST_EQUAL( psa_asymmetric_verify( handle, alg, + payload, payload_length, + signature, signature_length ), + verify_status ); } return( 1 ); @@ -495,8 +495,8 @@ static int asn1_skip_integer( unsigned char **p, const unsigned char *end, size_t len; size_t actual_bits; unsigned char msb; - TEST_ASSERT( mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_INTEGER ) == 0 ); + TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_INTEGER ), 0 ); /* Tolerate a slight departure from DER encoding: * - 0 may be represented by an empty string or a 1-byte string. * - The sign bit may be used as a value bit. */ @@ -549,7 +549,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, uint8_t *exported, size_t exported_length ) { if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - TEST_ASSERT( exported_length == ( bits + 7 ) / 8 ); + TEST_EQUAL( exported_length, ( bits + 7 ) / 8 ); else TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) ); @@ -591,10 +591,10 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, * coefficient INTEGER, -- (inverse of q) mod p * } */ - TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); - TEST_ASSERT( p + len == end ); + TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ), 0 ); + TEST_EQUAL( p + len, end ); if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) ) goto exit; if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) ) @@ -615,7 +615,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, goto exit; if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) goto exit; - TEST_ASSERT( p == end ); + TEST_EQUAL( p, end ); } else #endif /* MBEDTLS_RSA_C */ @@ -624,7 +624,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) { /* Just the secret value */ - TEST_ASSERT( exported_length == PSA_BITS_TO_BYTES( bits ) ); + TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); } else #endif /* MBEDTLS_ECP_C */ @@ -644,15 +644,15 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } */ - TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); - TEST_ASSERT( p + len == end ); - TEST_ASSERT( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ) == 0 ); + TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ), 0 ); + TEST_EQUAL( p + len, end ); + TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) goto exit; - TEST_ASSERT( mbedtls_asn1_get_bitstring( &p, end, &bitstring ) == 0 ); - TEST_ASSERT( p == end ); + TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); + TEST_EQUAL( p, end ); p = bitstring.p; #if defined(MBEDTLS_RSA_C) if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) @@ -661,16 +661,16 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_ASSERT( bitstring.unused_bits == 0 ); - TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) == 0 ); - TEST_ASSERT( p + len == end ); + TEST_EQUAL( bitstring.unused_bits, 0 ); + TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ), 0 ); + TEST_EQUAL( p + len, end ); if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) ) goto exit; if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) ) goto exit; - TEST_ASSERT( p == end ); + TEST_EQUAL( p, end ); } else #endif /* MBEDTLS_RSA_C */ @@ -683,9 +683,9 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, * -- then y_P as a n-bit string, big endian, * -- where n is the order of the curve. */ - TEST_ASSERT( bitstring.unused_bits == 0 ); - TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end ); - TEST_ASSERT( p[0] == 4 ); + TEST_EQUAL( bitstring.unused_bits, 0 ); + TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end ); + TEST_EQUAL( p[0], 4 ); } else #endif /* MBEDTLS_ECP_C */ @@ -725,8 +725,8 @@ static int exercise_export_key( psa_key_handle_t handle, if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) { - TEST_ASSERT( psa_export_key( handle, NULL, 0, &exported_length ) == - PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ), + PSA_ERROR_NOT_PERMITTED ); return( 1 ); } @@ -756,9 +756,9 @@ static int exercise_export_public_key( psa_key_handle_t handle ) PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) ); if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) { - TEST_ASSERT( psa_export_public_key( handle, - NULL, 0, &exported_length ) == - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL( psa_export_public_key( handle, + NULL, 0, &exported_length ), + PSA_ERROR_INVALID_ARGUMENT ); return( 1 ); } @@ -889,7 +889,7 @@ void import( data_t *data, int type, int expected_status_arg ) PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), &handle ) ); status = psa_import_key( handle, type, data->x, data->len ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -926,9 +926,9 @@ void import_twice( int alg_arg, int usage_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); status = psa_import_key( handle, type1, data1->x, data1->len ); - TEST_ASSERT( status == expected_import1_status ); + TEST_EQUAL( status, expected_import1_status ); status = psa_import_key( handle, type2, data2->x, data2->len ); - TEST_ASSERT( status == expected_import2_status ); + TEST_EQUAL( status, expected_import2_status ); if( expected_import1_status == PSA_SUCCESS || expected_import2_status == PSA_SUCCESS ) @@ -967,7 +967,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) /* Try importing the key */ PSA_ASSERT( psa_allocate_key( type, bits, &handle ) ); status = psa_import_key( handle, type, p, length ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1014,8 +1014,8 @@ void import_export( data_t *data, psa_key_policy_set_usage( &policy, usage_arg, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_ASSERT( psa_get_key_information( - handle, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( psa_get_key_information( + handle, NULL, NULL ), PSA_ERROR_EMPTY_SLOT ); /* Import the key */ PSA_ASSERT( psa_import_key( handle, type, @@ -1025,14 +1025,14 @@ void import_export( data_t *data, PSA_ASSERT( psa_get_key_information( handle, &got_type, &got_bits ) ); - TEST_ASSERT( got_type == type ); - TEST_ASSERT( got_bits == (size_t) expected_bits ); + TEST_EQUAL( got_type, type ); + TEST_EQUAL( got_bits, (size_t) expected_bits ); /* Export the key */ status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == expected_export_status ); + TEST_EQUAL( status, expected_export_status ); /* The exported length must be set by psa_export_key() to a value between 0 * and export_size. On errors, the exported length must be 0. */ @@ -1044,7 +1044,7 @@ void import_export( data_t *data, export_size - exported_length ) ); if( status != PSA_SUCCESS ) { - TEST_ASSERT( exported_length == 0 ); + TEST_EQUAL( exported_length, 0 ); goto destroy; } @@ -1075,8 +1075,8 @@ void import_export( data_t *data, destroy: /* Destroy the key */ PSA_ASSERT( psa_destroy_key( handle ) ); - TEST_ASSERT( psa_get_key_information( - handle, NULL, NULL ) == PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_get_key_information( + handle, NULL, NULL ), PSA_ERROR_INVALID_HANDLE ); exit: mbedtls_free( exported ); @@ -1103,7 +1103,7 @@ void import_key_nonempty_slot( ) /* Import the key again */ status = psa_import_key( handle, type, data, sizeof( data ) ); - TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT ); + TEST_EQUAL( status, PSA_ERROR_OCCUPIED_SLOT ); exit: mbedtls_psa_crypto_free( ); @@ -1125,7 +1125,7 @@ void export_invalid_handle( int handle, int expected_export_status_arg ) status = psa_export_key( (psa_key_handle_t) handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == expected_export_status ); + TEST_EQUAL( status, expected_export_status ); exit: mbedtls_psa_crypto_free( ); @@ -1155,7 +1155,7 @@ void export_with_no_key_activity( ) status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); exit: mbedtls_psa_crypto_free( ); @@ -1180,7 +1180,7 @@ void cipher_with_no_key_activity( ) PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); - TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); exit: psa_cipher_abort( &operation ); @@ -1208,13 +1208,13 @@ void export_after_import_failure( data_t *data, int type_arg, /* Import the key - expect failure */ status = psa_import_key( handle, type, data->x, data->len ); - TEST_ASSERT( status == expected_import_status ); + TEST_EQUAL( status, expected_import_status ); /* Export the key */ status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); exit: mbedtls_psa_crypto_free( ); @@ -1240,10 +1240,10 @@ void cipher_after_import_failure( data_t *data, int type_arg, /* Import the key - expect failure */ status = psa_import_key( handle, type, data->x, data->len ); - TEST_ASSERT( status == expected_import_status ); + TEST_EQUAL( status, expected_import_status ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); - TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); exit: psa_cipher_abort( &operation ); @@ -1286,7 +1286,7 @@ void export_after_destroy_key( data_t *data, int type_arg ) /* Export the key */ status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( status, PSA_ERROR_INVALID_HANDLE ); exit: mbedtls_free( exported ); @@ -1329,7 +1329,7 @@ void import_export_public_key( data_t *data, status = psa_export_public_key( handle, exported, export_size, &exported_length ); - TEST_ASSERT( status == expected_export_status ); + TEST_EQUAL( status, expected_export_status ); if( status == PSA_SUCCESS ) { psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); @@ -1380,8 +1380,8 @@ void import_and_exercise_key( data_t *data, PSA_ASSERT( psa_get_key_information( handle, &got_type, &got_bits ) ); - TEST_ASSERT( got_type == type ); - TEST_ASSERT( got_bits == bits ); + TEST_EQUAL( got_type, type ); + TEST_EQUAL( got_bits, bits ); /* Do something with the key according to its type and permitted usage. */ if( ! exercise_key( handle, usage, alg ) ) @@ -1414,8 +1414,8 @@ void key_policy( int usage_arg, int alg_arg ) psa_key_policy_init( &policy_get ); psa_key_policy_set_usage( &policy_set, usage, alg ); - TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage ); - TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg ); + TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage ); + TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); PSA_ASSERT( psa_import_key( handle, key_type, @@ -1423,8 +1423,8 @@ void key_policy( int usage_arg, int alg_arg ) PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); - TEST_ASSERT( policy_get.usage == policy_set.usage ); - TEST_ASSERT( policy_get.alg == policy_set.alg ); + TEST_EQUAL( policy_get.usage, policy_set.usage ); + TEST_EQUAL( policy_get.alg, policy_set.alg ); exit: psa_destroy_key( handle ); @@ -1462,7 +1462,7 @@ void mac_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); psa_mac_abort( &operation ); memset( mac, 0, sizeof( mac ) ); @@ -1471,7 +1471,7 @@ void mac_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_mac_abort( &operation ); @@ -1509,7 +1509,7 @@ void cipher_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); psa_cipher_abort( &operation ); status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg ); @@ -1517,7 +1517,7 @@ void cipher_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_cipher_abort( &operation ); @@ -1569,7 +1569,7 @@ void aead_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); memset( tag, 0, sizeof( tag ) ); status = psa_aead_decrypt( handle, exercise_alg, @@ -1580,9 +1580,9 @@ void aead_key_policy( int policy_usage, &output_length ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_destroy_key( handle ); @@ -1633,7 +1633,7 @@ void asymmetric_encryption_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); if( buffer_length != 0 ) memset( buffer, 0, buffer_length ); @@ -1644,9 +1644,9 @@ void asymmetric_encryption_key_policy( int policy_usage, &output_length ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - TEST_ASSERT( status == PSA_ERROR_INVALID_PADDING ); + TEST_EQUAL( status, PSA_ERROR_INVALID_PADDING ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_destroy_key( handle ); @@ -1690,7 +1690,7 @@ void asymmetric_signature_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); memset( signature, 0, sizeof( signature ) ); status = psa_asymmetric_verify( handle, exercise_alg, @@ -1698,9 +1698,9 @@ void asymmetric_signature_key_policy( int policy_usage, signature, sizeof( signature ) ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) - TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_destroy_key( handle ); @@ -1741,7 +1741,7 @@ void derive_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_generator_abort( &generator ); @@ -1781,7 +1781,7 @@ void agreement_key_policy( int policy_usage, ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) PSA_ASSERT( status ); else - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_generator_abort( &generator ); @@ -1803,7 +1803,7 @@ void hash_setup( int alg_arg, status = psa_hash_setup( &operation, alg ); psa_hash_abort( &operation ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); exit: mbedtls_psa_crypto_free( ); @@ -1826,21 +1826,21 @@ void hash_bad_order( ) /* psa_hash_update without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_update( &operation, - input, sizeof( input ) ) == - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL( psa_hash_update( &operation, + input, sizeof( input ) ), + PSA_ERROR_INVALID_ARGUMENT ); /* psa_hash_verify without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_verify( &operation, - hash, sizeof( hash ) ) == - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL( psa_hash_verify( &operation, + hash, sizeof( hash ) ), + PSA_ERROR_INVALID_ARGUMENT ); /* psa_hash_finish without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); - TEST_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) == - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ), + PSA_ERROR_INVALID_ARGUMENT ); exit: mbedtls_psa_crypto_free( ); @@ -1864,21 +1864,21 @@ void hash_verify_bad_args( ) /* psa_hash_verify with a smaller hash than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_ASSERT( psa_hash_verify( &operation, - hash, expected_size - 1 ) == - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_hash_verify( &operation, + hash, expected_size - 1 ), + PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a non-matching hash */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_ASSERT( psa_hash_verify( &operation, - hash + 1, expected_size ) == - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_hash_verify( &operation, + hash + 1, expected_size ), + PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a hash longer than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_ASSERT( psa_hash_verify( &operation, - hash, sizeof( hash ) ) == - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_hash_verify( &operation, + hash, sizeof( hash ) ), + PSA_ERROR_INVALID_SIGNATURE ); exit: mbedtls_psa_crypto_free( ); @@ -1898,9 +1898,9 @@ void hash_finish_bad_args( ) /* psa_hash_finish with a smaller hash buffer than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_ASSERT( psa_hash_finish( &operation, - hash, expected_size - 1, - &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL ); + TEST_EQUAL( psa_hash_finish( &operation, + hash, expected_size - 1, + &hash_len ), PSA_ERROR_BUFFER_TOO_SMALL ); exit: mbedtls_psa_crypto_free( ); @@ -1936,7 +1936,7 @@ void mac_setup( int key_type_arg, status = psa_mac_sign_setup( &operation, handle, alg ); psa_mac_abort( &operation ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); exit: psa_destroy_key( handle ); @@ -1989,8 +1989,8 @@ void mac_sign( int key_type_arg, &mac_length ) ); /* Compare with the expected value. */ - TEST_ASSERT( mac_length == expected_mac->len ); - TEST_ASSERT( memcmp( actual_mac, expected_mac->x, mac_length ) == 0 ); + TEST_EQUAL( mac_length, expected_mac->len ); + TEST_EQUAL( memcmp( actual_mac, expected_mac->x, mac_length ), 0 ); /* Verify that the end of the buffer is untouched. */ TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+', @@ -2077,7 +2077,7 @@ void cipher_setup( int key_type_arg, status = psa_cipher_encrypt_setup( &operation, handle, alg ); psa_cipher_abort( &operation ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); exit: psa_destroy_key( handle ); @@ -2146,7 +2146,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, &function_output_length ); total_output_length += function_output_length; - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); @@ -2379,7 +2379,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, output_buffer_size, &function_output_length ); total_output_length += function_output_length; - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( expected_status == PSA_SUCCESS ) { @@ -2639,25 +2639,25 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) ); - TEST_ASSERT( psa_aead_encrypt( handle, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ) == expected_result ); + TEST_EQUAL( psa_aead_encrypt( handle, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length ), expected_result ); if( PSA_SUCCESS == expected_result ) { ASSERT_ALLOC( output_data2, output_length ); - TEST_ASSERT( psa_aead_decrypt( handle, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - output_data, output_length, - output_data2, output_length, - &output_length2 ) == expected_result ); + TEST_EQUAL( psa_aead_decrypt( handle, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + output_data, output_length, + output_data2, output_length, + &output_length2 ), expected_result ); ASSERT_COMPARE( input_data->x, input_data->len, output_data2, output_length2 ); @@ -2776,13 +2776,13 @@ void aead_decrypt( int key_type_arg, data_t *key_data, key_data->x, key_data->len ) ); - TEST_ASSERT( psa_aead_decrypt( handle, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ) == expected_result ); + TEST_EQUAL( psa_aead_decrypt( handle, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length ), expected_result ); if( expected_result == PSA_SUCCESS ) ASSERT_COMPARE( expected_data->x, expected_data->len, @@ -2804,7 +2804,7 @@ void signature_size( int type_arg, psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ); - TEST_ASSERT( actual_size == (size_t) expected_size_arg ); + TEST_EQUAL( actual_size, (size_t) expected_size_arg ); exit: ; } @@ -2910,7 +2910,7 @@ void sign_fail( int key_type_arg, data_t *key_data, input_data->x, input_data->len, signature, signature_size, &signature_length ); - TEST_ASSERT( actual_status == expected_status ); + TEST_EQUAL( actual_status, expected_status ); /* The value of *signature_length is unspecified on error, but * whatever it is, it should be less than signature_size, so that * if the caller tries to read *signature_length bytes without @@ -2984,11 +2984,11 @@ void sign_verify( int key_type_arg, data_t *key_data, * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_ASSERT( psa_asymmetric_verify( - handle, alg, - input_data->x, input_data->len, - signature, - signature_length ) == PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_asymmetric_verify( + handle, alg, + input_data->x, input_data->len, + signature, + signature_length ), PSA_ERROR_INVALID_SIGNATURE ); } exit: @@ -3078,7 +3078,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, signature_data->x, signature_data->len ); - TEST_ASSERT( actual_status == expected_status ); + TEST_EQUAL( actual_status, expected_status ); exit: psa_destroy_key( handle ); @@ -3133,8 +3133,8 @@ void asymmetric_encrypt( int key_type_arg, label->x, label->len, output, output_size, &output_length ); - TEST_ASSERT( actual_status == expected_status ); - TEST_ASSERT( output_length == expected_output_length ); + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( output_length, expected_output_length ); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ @@ -3148,8 +3148,8 @@ void asymmetric_encrypt( int key_type_arg, NULL, label->len, output, output_size, &output_length ); - TEST_ASSERT( actual_status == expected_status ); - TEST_ASSERT( output_length == expected_output_length ); + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( output_length, expected_output_length ); } exit: @@ -3351,7 +3351,7 @@ void asymmetric_decrypt_fail( int key_type_arg, label->x, label->len, output, output_size, &output_length ); - TEST_ASSERT( actual_status == expected_status ); + TEST_EQUAL( actual_status, expected_status ); TEST_ASSERT( output_length <= output_size ); /* If the label is empty, the test framework puts a non-null pointer @@ -3366,7 +3366,7 @@ void asymmetric_decrypt_fail( int key_type_arg, NULL, label->len, output, output_size, &output_length ); - TEST_ASSERT( actual_status == expected_status ); + TEST_EQUAL( actual_status, expected_status ); TEST_ASSERT( output_length <= output_size ); } @@ -3406,10 +3406,10 @@ void derive_setup( int key_type_arg, key_data->x, key_data->len ) ); - TEST_ASSERT( psa_key_derivation( &generator, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) == expected_status ); + TEST_EQUAL( psa_key_derivation( &generator, handle, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ), expected_status ); exit: psa_generator_abort( &generator ); @@ -3452,16 +3452,16 @@ void test_derive_invalid_generator_state( ) capacity ) ); /* state of generator shouldn't allow additional generation */ - TEST_ASSERT( psa_key_derivation( &generator, handle, alg, - NULL, 0, - NULL, 0, - capacity ) == PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_key_derivation( &generator, handle, alg, + NULL, 0, + NULL, 0, + capacity ), PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) ); - TEST_ASSERT( psa_generator_read( &generator, buffer, capacity ) - == PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ) + , PSA_ERROR_INSUFFICIENT_CAPACITY ); exit: psa_generator_abort( &generator ); @@ -3550,7 +3550,7 @@ void derive_output( int alg_arg, requested_capacity ) ); PSA_ASSERT( psa_get_generator_capacity( &generator, ¤t_capacity ) ); - TEST_ASSERT( current_capacity == requested_capacity ); + TEST_EQUAL( current_capacity, requested_capacity ); expected_capacity = requested_capacity; /* Expansion phase. */ @@ -3570,20 +3570,20 @@ void derive_output( int alg_arg, output_sizes[i] > expected_capacity ) { /* Capacity exceeded. */ - TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_CAPACITY ); expected_capacity = 0; continue; } /* Success. Check the read data. */ PSA_ASSERT( status ); if( output_sizes[i] != 0 ) - TEST_ASSERT( memcmp( output_buffer, expected_outputs[i], - output_sizes[i] ) == 0 ); + TEST_EQUAL( memcmp( output_buffer, expected_outputs[i], + output_sizes[i] ), 0 ); /* Check the generator status. */ expected_capacity -= output_sizes[i]; PSA_ASSERT( psa_get_generator_capacity( &generator, ¤t_capacity ) ); - TEST_ASSERT( expected_capacity == current_capacity ); + TEST_EQUAL( expected_capacity, current_capacity ); } PSA_ASSERT( psa_generator_abort( &generator ) ); @@ -3631,7 +3631,7 @@ void derive_full( int alg_arg, requested_capacity ) ); PSA_ASSERT( psa_get_generator_capacity( &generator, ¤t_capacity ) ); - TEST_ASSERT( current_capacity == expected_capacity ); + TEST_EQUAL( current_capacity, expected_capacity ); /* Expansion phase. */ while( current_capacity > 0 ) @@ -3645,13 +3645,13 @@ void derive_full( int alg_arg, expected_capacity -= read_size; PSA_ASSERT( psa_get_generator_capacity( &generator, ¤t_capacity ) ); - TEST_ASSERT( current_capacity == expected_capacity ); + TEST_EQUAL( current_capacity, expected_capacity ); } /* Check that the generator refuses to go over capacity. */ - TEST_ASSERT( psa_generator_read( &generator, - output_buffer, - 1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( psa_generator_read( &generator, + output_buffer, + 1 ), PSA_ERROR_INSUFFICIENT_CAPACITY ); PSA_ASSERT( psa_generator_abort( &generator ) ); @@ -3715,8 +3715,8 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_get_key_information( derived_handle, &got_type, &got_bits ) ); - TEST_ASSERT( got_type == derived_type ); - TEST_ASSERT( got_bits == derived_bits ); + TEST_EQUAL( got_type, derived_type ); + TEST_EQUAL( got_bits, derived_bits ); /* Exercise the derived key. */ if( ! exercise_key( derived_handle, derived_usage, derived_alg ) ) @@ -3791,7 +3791,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, &length ) ); - TEST_ASSERT( length == bytes1 ); + TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, PSA_BYTES_TO_BITS( bytes2 ), @@ -3804,10 +3804,10 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, &length ) ); - TEST_ASSERT( length == bytes2 ); + TEST_EQUAL( length, bytes2 ); /* Compare the outputs from the two runs. */ - TEST_ASSERT( memcmp( output_buffer, export_buffer, capacity ) == 0 ); + TEST_EQUAL( memcmp( output_buffer, export_buffer, capacity ), 0 ); exit: mbedtls_free( output_buffer ); @@ -3844,10 +3844,10 @@ void key_agreement_setup( int alg_arg, our_key_data->x, our_key_data->len ) ); - TEST_ASSERT( psa_key_agreement( &generator, - our_key, - peer_key_data->x, peer_key_data->len, - alg ) == expected_status_arg ); + TEST_EQUAL( psa_key_agreement( &generator, + our_key, + peer_key_data->x, peer_key_data->len, + alg ), expected_status_arg ); exit: psa_generator_abort( &generator ); @@ -3891,7 +3891,7 @@ void key_agreement_capacity( int alg_arg, /* Test the advertized capacity. */ PSA_ASSERT( psa_get_generator_capacity( &generator, &actual_capacity ) ); - TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg ); + TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg ); /* Test the actual capacity by reading the output. */ while( actual_capacity > sizeof( output ) ) @@ -3902,8 +3902,8 @@ void key_agreement_capacity( int alg_arg, } PSA_ASSERT( psa_generator_read( &generator, output, actual_capacity ) ); - TEST_ASSERT( psa_generator_read( &generator, output, 1 ) == - PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( psa_generator_read( &generator, output, 1 ), + PSA_ERROR_INSUFFICIENT_CAPACITY ); exit: psa_generator_abort( &generator ); @@ -3950,16 +3950,16 @@ void key_agreement_output( int alg_arg, psa_generator_read( &generator, actual_output, expected_output1->len ) ); - TEST_ASSERT( memcmp( actual_output, expected_output1->x, - expected_output1->len ) == 0 ); + TEST_EQUAL( memcmp( actual_output, expected_output1->x, + expected_output1->len ), 0 ); if( expected_output2->len != 0 ) { PSA_ASSERT( psa_generator_read( &generator, actual_output, expected_output2->len ) ); - TEST_ASSERT( memcmp( actual_output, expected_output2->x, - expected_output2->len ) == 0 ); + TEST_EQUAL( memcmp( actual_output, expected_output2->x, + expected_output2->len ), 0 ); } exit: @@ -3996,7 +3996,7 @@ void generate_random( int bytes_arg ) PSA_ASSERT( psa_generate_random( output, bytes ) ); /* Check that no more than bytes have been overwritten */ - TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 ); + TEST_EQUAL( memcmp( output + bytes, trail, sizeof( trail ) ), 0 ); for( i = 0; i < bytes; i++ ) { @@ -4047,17 +4047,17 @@ void generate_key( int type_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Generate a key */ - TEST_ASSERT( psa_generate_key( handle, type, bits, - NULL, 0 ) == expected_status ); + TEST_EQUAL( psa_generate_key( handle, type, bits, + NULL, 0 ), expected_status ); /* Test the key information */ - TEST_ASSERT( psa_get_key_information( handle, - &got_type, - &got_bits ) == expected_info_status ); + TEST_EQUAL( psa_get_key_information( handle, + &got_type, + &got_bits ), expected_info_status ); if( expected_info_status != PSA_SUCCESS ) goto exit; - TEST_ASSERT( got_type == type ); - TEST_ASSERT( got_bits == bits ); + TEST_EQUAL( got_type, type ); + TEST_EQUAL( got_bits, bits ); /* Do something with the key according to its type and permitted usage. */ if( ! exercise_key( handle, usage, alg ) ) @@ -4144,8 +4144,8 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, } /* Export the key */ - TEST_ASSERT( psa_export_key( handle, first_export, export_size, - &first_exported_length ) == export_status ); + TEST_EQUAL( psa_export_key( handle, first_export, export_size, + &first_exported_length ), export_status ); /* Shutdown and restart */ mbedtls_psa_crypto_free(); @@ -4156,18 +4156,18 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, &handle ) ); PSA_ASSERT( psa_get_key_information( handle, &type_get, &bits_get ) ); - TEST_ASSERT( type_get == type ); - TEST_ASSERT( bits_get == (size_t) bits ); + TEST_EQUAL( type_get, type ); + TEST_EQUAL( bits_get, (size_t) bits ); PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); - TEST_ASSERT( psa_key_policy_get_usage( - &policy_get ) == policy_usage ); - TEST_ASSERT( psa_key_policy_get_algorithm( - &policy_get ) == policy_alg ); + TEST_EQUAL( psa_key_policy_get_usage( + &policy_get ), policy_usage ); + TEST_EQUAL( psa_key_policy_get_algorithm( + &policy_get ), policy_alg ); /* Export the key again */ - TEST_ASSERT( psa_export_key( handle, second_export, export_size, - &second_exported_length ) == export_status ); + TEST_EQUAL( psa_export_key( handle, second_export, export_size, + &second_exported_length ), export_status ); if( export_status == PSA_SUCCESS ) { diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 117184df2..704fad913 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -52,9 +52,9 @@ void validate_entropy_seed_injection( int seed_length_a, TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); - TEST_ASSERT( status == expected_status_a ); + TEST_EQUAL( status, expected_status_a ); status = mbedtls_psa_inject_entropy( seed, seed_length_b ); - TEST_ASSERT( status == expected_status_b ); + TEST_EQUAL( status, expected_status_b ); PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) ); @@ -84,9 +84,9 @@ void run_entropy_inject_with_crypto_init( ) status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); PSA_ASSERT( status ); its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_ASSERT( its_status == PSA_ITS_SUCCESS ); + TEST_EQUAL( its_status, PSA_ITS_SUCCESS ); status = psa_crypto_init( ); - TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY ); + TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); PSA_ASSERT( status ); status = psa_crypto_init( ); @@ -94,7 +94,7 @@ void run_entropy_inject_with_crypto_init( ) mbedtls_psa_crypto_free( ); /* The seed is written by nv_seed callback functions therefore the injection will fail */ status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); mbedtls_psa_crypto_free( ); diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index f4da989db..e04652fda 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -176,7 +176,7 @@ void validate_module_init_generate_random( int count ) mbedtls_psa_crypto_free( ); } status = psa_generate_random( random, sizeof( random ) ); - TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); + TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); } /* END_CASE */ @@ -193,7 +193,7 @@ void validate_module_init_key_based( int count ) mbedtls_psa_crypto_free( ); } status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); - TEST_ASSERT( status == PSA_ERROR_BAD_STATE ); + TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); } /* END_CASE */ @@ -207,7 +207,7 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( custom_entropy_init, mbedtls_entropy_free ) ); - TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); + TEST_EQUAL( psa_crypto_init( ), expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; @@ -247,7 +247,7 @@ void fake_entropy_source( int threshold, PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( custom_entropy_init, mbedtls_entropy_free ) ); - TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); + TEST_EQUAL( psa_crypto_init( ), expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; @@ -274,7 +274,7 @@ void entropy_from_nv_seed( int seed_size_arg, PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( custom_entropy_init, mbedtls_entropy_free ) ); - TEST_ASSERT( psa_crypto_init( ) == expected_init_status ); + TEST_EQUAL( psa_crypto_init( ), expected_init_status ); if( expected_init_status != PSA_SUCCESS ) goto exit; diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index af11e7ae1..1748b205c 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -83,15 +83,15 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags ); /* Macros with derived semantics */ - TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) == - ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) || - PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); - TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) == - ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); - TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) == - ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); + TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ), + ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) || + PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ), + ( PSA_KEY_TYPE_IS_ECC( type ) && + PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ), + ( PSA_KEY_TYPE_IS_ECC( type ) && + PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); exit: ; } @@ -113,7 +113,7 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, algorithm_classification( alg, classification_flags ); /* Length */ - TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) ); + TEST_EQUAL( length, PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) ); exit: ; } @@ -134,7 +134,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, algorithm_classification( alg, classification_flags ); /* Tag length */ - TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) ); + TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) ); exit: ; } @@ -174,18 +174,18 @@ void hash_algorithm( int alg_arg, int length_arg ) algorithm_classification( alg, 0 ); /* Dependent algorithms */ - TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg ); - TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg ); - TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg ); - TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg ); - TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg ); - TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg ); - TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg ); - TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg ); - TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg ); + TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( hmac_alg ), alg ); + TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ), alg ); + TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ), alg ); + TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( dsa_alg ), alg ); + TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ), alg ); + TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ), alg ); + TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ), alg ); + TEST_EQUAL( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ), alg ); + TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg ); /* Hash length */ - TEST_ASSERT( length == PSA_HASH_SIZE( alg ) ); + TEST_EQUAL( length, PSA_HASH_SIZE( alg ) ); TEST_ASSERT( length <= PSA_HASH_MAX_SIZE ); } /* END_CASE */ @@ -203,7 +203,7 @@ void mac_algorithm( int alg_arg, int classification_flags, mac_algorithm_core( alg, classification_flags, key_type, key_bits, length ); - TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( alg ) == alg ); + TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( alg ), alg ); TEST_ASSERT( length <= PSA_MAC_MAX_SIZE ); /* Truncated versions */ @@ -212,16 +212,16 @@ void mac_algorithm( int alg_arg, int classification_flags, psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); mac_algorithm_core( truncated_alg, classification_flags, key_type, key_bits, n ); - TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ) == alg ); + TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ), alg ); /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length * of the outer truncation (even if the outer length is smaller than * the inner length). */ - TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ) == - PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); - TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ) == - PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); - TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ) == - PSA_ALG_TRUNCATED_MAC( alg, length ) ); + TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ), + PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); + TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ), + PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); + TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ), + PSA_ALG_TRUNCATED_MAC( alg, length ) ); } } /* END_CASE */ @@ -238,7 +238,7 @@ void hmac_algorithm( int alg_arg, size_t n; TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) ); - TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg ); + TEST_EQUAL( PSA_ALG_HMAC( hash_alg ), alg ); TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE ); @@ -248,7 +248,7 @@ void hmac_algorithm( int alg_arg, for( n = 1; n <= length; n++ ) { psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); - TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( truncated_alg ) == hash_alg ); + TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( truncated_alg ), hash_alg ); } } /* END_CASE */ @@ -287,19 +287,19 @@ void aead_algorithm( int alg_arg, int classification_flags, { psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n ); aead_algorithm_core( truncated_alg, classification_flags, n ); - TEST_ASSERT( - PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ) == alg ); + TEST_EQUAL( + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ), alg ); /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives * the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_ASSERT( - PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ) == + TEST_EQUAL( + PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ), PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) ); - TEST_ASSERT( - PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ) == + TEST_EQUAL( + PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ), PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) ); - TEST_ASSERT( - PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ) == + TEST_EQUAL( + PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ), PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) ); } } @@ -363,8 +363,8 @@ void key_derivation_algorithm( int alg_arg, int classification_flags ) /* Check combinations with key agreements */ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) ); TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) ); - TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg ); - TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg ); + TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg ); + TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg ); } /* END_CASE */ @@ -388,8 +388,8 @@ void key_selection_algorithm( int alg_arg, int classification_flags ) /* Check combinations with key agreements */ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) ); TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) ); - TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg ); - TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg ); + TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg ); + TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg ); } /* END_CASE */ @@ -416,7 +416,7 @@ void key_agreement_algorithm( int alg_arg, int classification_flags, /* Shared secret derivation properties */ TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( actual_post_alg ) || PSA_ALG_IS_KEY_SELECTION( actual_post_alg ) ); - TEST_ASSERT( actual_post_alg == expected_post_alg ); + TEST_EQUAL( actual_post_alg, expected_post_alg ); } /* END_CASE */ @@ -431,22 +431,22 @@ void key_type( int type_arg, int classification_flags ) if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY ) { psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ); - TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type ); + TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ), type ); key_type_classification( pair_type, ( classification_flags & ~KEY_TYPE_IS_PUBLIC_KEY ) | KEY_TYPE_IS_KEYPAIR ); - TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type ); + TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ), type ); } if( classification_flags & KEY_TYPE_IS_KEYPAIR ) { psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); - TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type ); + TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ), type ); key_type_classification( public_type, ( classification_flags & ~KEY_TYPE_IS_KEYPAIR ) | KEY_TYPE_IS_PUBLIC_KEY ); - TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type ); + TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ), type ); } } /* END_CASE */ @@ -462,8 +462,8 @@ void ecc_key_types( int curve_arg, int curve_bits_arg ) test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY ); test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR ); - TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve ); - TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve ); + TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve ); + TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve ); /* Validate that the bit size is less than the maximum ECC bit size * in this implementation. There's no parameter that should be equal diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index bf7537641..c467d1901 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -66,13 +66,13 @@ void parse_storage_data_check( data_t *file_data, &key_data, &key_data_length, &key_type, &key_policy ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; - TEST_ASSERT( key_type == (psa_key_type_t) expected_key_type ); - TEST_ASSERT( key_policy.usage == (uint32_t) expected_key_usage ); - TEST_ASSERT( key_policy.alg == (uint32_t) expected_key_alg ); + TEST_EQUAL( key_type, (psa_key_type_t) expected_key_type ); + TEST_EQUAL( key_policy.usage, (uint32_t) expected_key_usage ); + TEST_EQUAL( key_policy.alg, (uint32_t) expected_key_alg ); ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, key_data, key_data_length ); @@ -101,8 +101,8 @@ void save_large_persistent_key( int data_too_large, int expected_status ) PSA_BYTES_TO_BITS( data_length ), &handle ) ); - TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, - data, data_length ) == expected_status ); + TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, + data, data_length ), expected_status ); exit: mbedtls_free( data ); @@ -142,10 +142,10 @@ void persistent_key_destroy( int key_id_arg, int should_store, PSA_ASSERT( psa_destroy_key( handle ) ); /* Check key slot storage is removed */ - TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); - TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) == PSA_ERROR_EMPTY_SLOT ); - TEST_ASSERT( handle == 0 ); + TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + &handle ), PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( handle, 0 ); /* Shutdown and restart */ mbedtls_psa_crypto_free(); @@ -183,17 +183,17 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, PSA_BYTES_TO_BITS( data->len ), &handle ) ); psa_key_policy_init( &policy ); - TEST_ASSERT( psa_import_key( handle, type, - data->x, data->len ) == expected_status ); + TEST_EQUAL( psa_import_key( handle, type, + data->x, data->len ), expected_status ); if( expected_status != PSA_SUCCESS ) { - TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); + TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); goto exit; } PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) ); - TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT ); + TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT ); exit: psa_destroy_persistent_key( key_id ); @@ -235,15 +235,15 @@ void import_export_persistent_key( data_t *data, int type_arg, data->x, data->len ) ); PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) ); - TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT ); + TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT ); /* Test the key information */ PSA_ASSERT( psa_get_key_information( handle, &got_type, &got_bits ) ); - TEST_ASSERT( got_type == type ); - TEST_ASSERT( got_bits == (size_t) expected_bits ); + TEST_EQUAL( got_type, type ); + TEST_EQUAL( got_bits, (size_t) expected_bits ); - TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 1 ); + TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); if( key_not_exist ) { @@ -257,7 +257,7 @@ void import_export_persistent_key( data_t *data, int type_arg, /* Destroy the key */ PSA_ASSERT( psa_destroy_key( handle ) ); - TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 ); + TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); exit: mbedtls_free( exported ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 4584ceb94..30d44cc2a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -89,7 +89,7 @@ void transient_slot_lifecycle( int type_arg, int max_bits_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_ASSERT( read_type == type ); + TEST_EQUAL( read_type, type ); /* Do something that invalidates the handle. */ switch( close_method ) @@ -106,9 +106,9 @@ void transient_slot_lifecycle( int type_arg, int max_bits_arg, break; } /* Test that the handle is now invalid. */ - TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) == - PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ), + PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); exit: mbedtls_psa_crypto_free( ); @@ -145,13 +145,13 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_ASSERT( read_type == type ); + TEST_EQUAL( read_type, type ); /* Close the key and reopen it. */ PSA_ASSERT( psa_close_key( handle ) ); PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_ASSERT( read_type == type ); + TEST_EQUAL( read_type, type ); /* Do something that invalidates the handle. */ switch( close_method ) @@ -168,9 +168,9 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, break; } /* Test that the handle is now invalid. */ - TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) == - PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ), + PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); /* Try to reopen the key. If we destroyed it, check that it doesn't * exist, otherwise check that it still exists. */ @@ -180,11 +180,11 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, case CLOSE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_ASSERT( read_type == type ); + TEST_EQUAL( read_type, type ); break; case CLOSE_BY_DESTROY: - TEST_ASSERT( psa_open_key( lifetime, id, &handle ) == - PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( psa_open_key( lifetime, id, &handle ), + PSA_ERROR_EMPTY_SLOT ); break; } @@ -230,9 +230,9 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_close_key( handle1 ) ); /* Attempt to create a new key in the same slot. */ - TEST_ASSERT( psa_create_key( lifetime, id, type2, bits1, &handle2 ) == - PSA_ERROR_OCCUPIED_SLOT ); - TEST_ASSERT( handle2 == 0 ); + TEST_EQUAL( psa_create_key( lifetime, id, type2, bits1, &handle2 ), + PSA_ERROR_OCCUPIED_SLOT ); + TEST_EQUAL( handle2, 0 ); if( reopen_policy == CLOSE_AFTER ) PSA_ASSERT( psa_close_key( handle1 ) ); @@ -243,8 +243,8 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_get_key_policy( handle1, &read_policy ) ); TEST_ASSERT( psa_key_policy_equal( &read_policy, &policy1 ) ); PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) ); - TEST_ASSERT( read_type == type1 ); - TEST_ASSERT( read_bits == bits1 ); + TEST_EQUAL( read_type, type1 ); + TEST_EQUAL( read_bits, bits1 ); PSA_ASSERT( psa_export_key( handle1, reexported, sizeof( reexported ), &reexported_length ) ); @@ -268,8 +268,8 @@ void open_fail( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_open_key( lifetime, id, &handle ) == expected_status ); - TEST_ASSERT( handle == 0 ); + TEST_EQUAL( psa_open_key( lifetime, id, &handle ), expected_status ); + TEST_EQUAL( handle, 0 ); exit: mbedtls_psa_crypto_free( ); @@ -292,10 +292,10 @@ void create_fail( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( psa_create_key( lifetime, id, - type, max_bits, - &handle ) == expected_status ); - TEST_ASSERT( handle == 0 ); + TEST_EQUAL( psa_create_key( lifetime, id, + type, max_bits, + &handle ), expected_status ); + TEST_EQUAL( handle, 0 ); exit: mbedtls_psa_crypto_free( ); @@ -326,17 +326,17 @@ void invalid_handle( ) material, sizeof( material ) ) ); /* Attempt to close and destroy some invalid handles. */ - TEST_ASSERT( psa_close_key( 0 ) == PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_close_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_close_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_destroy_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE ); - TEST_ASSERT( psa_destroy_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_close_key( 0 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_close_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_close_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( 0 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); /* After all this, check that the original handle is intact. */ PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) ); - TEST_ASSERT( read_type == PSA_KEY_TYPE_RAW_DATA ); - TEST_ASSERT( read_bits == PSA_BYTES_TO_BITS( sizeof( material ) ) ); + TEST_EQUAL( read_type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL( read_bits, PSA_BYTES_TO_BITS( sizeof( material ) ) ); PSA_ASSERT( psa_close_key( handle1 ) ); exit: diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function index dabba2096..bf86ebb4d 100644 --- a/tests/suites/test_suite_psa_crypto_storage_file.function +++ b/tests/suites/test_suite_psa_crypto_storage_file.function @@ -30,9 +30,9 @@ void load_data_from_file( int id_to_load_arg, file = fopen( slot_location, "wb+" ); TEST_ASSERT( file != NULL ); file_size = fwrite( data->x, 1, data->len, file ); - TEST_ASSERT( file_size == data->len ); + TEST_EQUAL( file_size, data->len ); ret = fclose( file ); - TEST_ASSERT( ret == 0 ); + TEST_EQUAL( ret, 0 ); } /* Read from the file with psa_crypto_storage_load. */ @@ -41,7 +41,7 @@ void load_data_from_file( int id_to_load_arg, status = psa_crypto_storage_load( id_to_load, loaded_data, file_size ); /* Check we get the expected status. */ - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; @@ -69,7 +69,7 @@ void write_data_to_file( data_t *data, int expected_status ) status = psa_crypto_storage_store( 1, data->x, data->len ); /* Check that we got the expected status. */ - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; @@ -79,17 +79,17 @@ void write_data_to_file( data_t *data, int expected_status ) fseek( file, 0, SEEK_END ); file_size = (size_t) ftell( file ); fseek( file, 0, SEEK_SET ); - TEST_ASSERT( file_size == data->len ); + TEST_EQUAL( file_size, data->len ); /* Check that the file contents are what we expect */ loaded_data = mbedtls_calloc( 1, data->len ); TEST_ASSERT( loaded_data != NULL ); num_read = fread( loaded_data, 1, file_size, file ); - TEST_ASSERT( num_read == file_size ); + TEST_EQUAL( num_read, file_size ); ASSERT_COMPARE( data->x, data->len, loaded_data, file_size ); ret = fclose( file ); - TEST_ASSERT( ret == 0 ); + TEST_EQUAL( ret, 0 ); exit: mbedtls_free( loaded_data ); @@ -113,16 +113,16 @@ void get_file_size( data_t *data, int expected_data_length, file = fopen( slot_location, "wb+" ); TEST_ASSERT( file != NULL ); file_size = fwrite( data->x, 1, data->len, file ); - TEST_ASSERT( file_size == data->len ); + TEST_EQUAL( file_size, data->len ); ret = fclose( file ); - TEST_ASSERT( ret == 0 ); + TEST_EQUAL( ret, 0 ); } /* Check get data size is what we expect */ status = psa_crypto_storage_get_data_length( 1, &file_size ); - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( expected_status == PSA_SUCCESS ) - TEST_ASSERT( file_size == (size_t)expected_data_length ); + TEST_EQUAL( file_size, (size_t)expected_data_length ); exit: remove( slot_location ); @@ -142,13 +142,13 @@ void write_data_to_prexisting_file( char *preexist_file_location, file = fopen( preexist_file_location, "wb" ); TEST_ASSERT( file != NULL ); ret = fclose( file ); - TEST_ASSERT( ret == 0 ); + TEST_EQUAL( ret, 0 ); /* Write data to file. */ status = psa_crypto_storage_store( 1, data->x, data->len ); /* Check that we got the expected status. */ - TEST_ASSERT( status == expected_status ); + TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; From f812dcf4aea4390bb6639593613865be77dd5aee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:33:25 +0100 Subject: [PATCH 0874/2197] Rewrap some lines after the macro changes Change the way some lines are wrapped to cut at a more logical place. This commit mainly rewrites multi-line calls to TEST_EQUAL, and also a few calls to PSA_ASSERT. --- tests/suites/test_suite_psa_crypto.function | 138 +++++++++--------- .../test_suite_psa_crypto_metadata.function | 19 +-- ...t_suite_psa_crypto_persistent_key.function | 11 +- ..._suite_psa_crypto_slot_management.function | 5 +- 4 files changed, 84 insertions(+), 89 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 561136de2..3e957b8f1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -158,9 +158,8 @@ static int exercise_mac_key( psa_key_handle_t handle, handle, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - mac, - mac_length ), verify_status ); + TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ), + verify_status ); } return( 1 ); @@ -273,7 +272,8 @@ static int exercise_aead_key( psa_key_handle_t handle, NULL, 0, ciphertext, ciphertext_length, plaintext, sizeof( plaintext ), - &plaintext_length ), verify_status ); + &plaintext_length ), + verify_status ); } return( 1 ); @@ -334,12 +334,11 @@ static int exercise_asymmetric_encryption_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_ENCRYPT ) { - PSA_ASSERT( - psa_asymmetric_encrypt( handle, alg, - plaintext, plaintext_length, - NULL, 0, - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); + PSA_ASSERT( psa_asymmetric_encrypt( handle, alg, + plaintext, plaintext_length, + NULL, 0, + ciphertext, sizeof( ciphertext ), + &ciphertext_length ) ); } if( usage & PSA_KEY_USAGE_DECRYPT ) @@ -496,7 +495,8 @@ static int asn1_skip_integer( unsigned char **p, const unsigned char *end, size_t actual_bits; unsigned char msb; TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_INTEGER ), 0 ); + MBEDTLS_ASN1_INTEGER ), + 0 ); /* Tolerate a slight departure from DER encoding: * - 0 may be represented by an empty string or a 1-byte string. * - The sign bit may be used as a value bit. */ @@ -646,7 +646,8 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, */ TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), 0 ); + MBEDTLS_ASN1_CONSTRUCTED ), + 0 ); TEST_EQUAL( p + len, end ); TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) @@ -664,7 +665,8 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, TEST_EQUAL( bitstring.unused_bits, 0 ); TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), 0 ); + MBEDTLS_ASN1_CONSTRUCTED ), + 0 ); TEST_EQUAL( p + len, end ); if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) ) goto exit; @@ -756,8 +758,7 @@ static int exercise_export_public_key( psa_key_handle_t handle ) PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) ); if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) { - TEST_EQUAL( psa_export_public_key( handle, - NULL, 0, &exported_length ), + TEST_EQUAL( psa_export_public_key( handle, NULL, 0, &exported_length ), PSA_ERROR_INVALID_ARGUMENT ); return( 1 ); } @@ -1014,8 +1015,8 @@ void import_export( data_t *data, psa_key_policy_set_usage( &policy, usage_arg, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - TEST_EQUAL( psa_get_key_information( - handle, NULL, NULL ), PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), + PSA_ERROR_EMPTY_SLOT ); /* Import the key */ PSA_ASSERT( psa_import_key( handle, type, @@ -1075,8 +1076,8 @@ void import_export( data_t *data, destroy: /* Destroy the key */ PSA_ASSERT( psa_destroy_key( handle ) ); - TEST_EQUAL( psa_get_key_information( - handle, NULL, NULL ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), + PSA_ERROR_INVALID_HANDLE ); exit: mbedtls_free( exported ); @@ -1826,14 +1827,12 @@ void hash_bad_order( ) /* psa_hash_update without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); - TEST_EQUAL( psa_hash_update( &operation, - input, sizeof( input ) ), + TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), PSA_ERROR_INVALID_ARGUMENT ); /* psa_hash_verify without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); - TEST_EQUAL( psa_hash_verify( &operation, - hash, sizeof( hash ) ), + TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ), PSA_ERROR_INVALID_ARGUMENT ); /* psa_hash_finish without calling psa_hash_setup beforehand */ @@ -1864,20 +1863,17 @@ void hash_verify_bad_args( ) /* psa_hash_verify with a smaller hash than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, - hash, expected_size - 1 ), + TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ), PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a non-matching hash */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, - hash + 1, expected_size ), + TEST_EQUAL( psa_hash_verify( &operation, hash + 1, expected_size ), PSA_ERROR_INVALID_SIGNATURE ); /* psa_hash_verify with a hash longer than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, - hash, sizeof( hash ) ), + TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ), PSA_ERROR_INVALID_SIGNATURE ); exit: @@ -1899,8 +1895,8 @@ void hash_finish_bad_args( ) /* psa_hash_finish with a smaller hash buffer than expected */ PSA_ASSERT( psa_hash_setup( &operation, alg ) ); TEST_EQUAL( psa_hash_finish( &operation, - hash, expected_size - 1, - &hash_len ), PSA_ERROR_BUFFER_TOO_SMALL ); + hash, expected_size - 1, &hash_len ), + PSA_ERROR_BUFFER_TOO_SMALL ); exit: mbedtls_psa_crypto_free( ); @@ -2645,7 +2641,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, additional_data->len, input_data->x, input_data->len, output_data, output_size, - &output_length ), expected_result ); + &output_length ), + expected_result ); if( PSA_SUCCESS == expected_result ) { @@ -2657,7 +2654,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, additional_data->len, output_data, output_length, output_data2, output_length, - &output_length2 ), expected_result ); + &output_length2 ), + expected_result ); ASSERT_COMPARE( input_data->x, input_data->len, output_data2, output_length2 ); @@ -2782,7 +2780,8 @@ void aead_decrypt( int key_type_arg, data_t *key_data, additional_data->len, input_data->x, input_data->len, output_data, output_size, - &output_length ), expected_result ); + &output_length ), + expected_result ); if( expected_result == PSA_SUCCESS ) ASSERT_COMPARE( expected_data->x, expected_data->len, @@ -2984,11 +2983,10 @@ void sign_verify( int key_type_arg, data_t *key_data, * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_asymmetric_verify( - handle, alg, - input_data->x, input_data->len, - signature, - signature_length ), PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_asymmetric_verify( handle, alg, + input_data->x, input_data->len, + signature, signature_length ), + PSA_ERROR_INVALID_SIGNATURE ); } exit: @@ -3409,7 +3407,8 @@ void derive_setup( int key_type_arg, TEST_EQUAL( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, label->x, label->len, - requested_capacity ), expected_status ); + requested_capacity ), + expected_status ); exit: psa_generator_abort( &generator ); @@ -3455,13 +3454,13 @@ void test_derive_invalid_generator_state( ) TEST_EQUAL( psa_key_derivation( &generator, handle, alg, NULL, 0, NULL, 0, - capacity ), PSA_ERROR_BAD_STATE ); + capacity ), + PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) - ); + PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) ); - TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ) - , PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ), + PSA_ERROR_INSUFFICIENT_CAPACITY ); exit: psa_generator_abort( &generator ); @@ -3649,9 +3648,8 @@ void derive_full( int alg_arg, } /* Check that the generator refuses to go over capacity. */ - TEST_EQUAL( psa_generator_read( &generator, - output_buffer, - 1 ), PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( psa_generator_read( &generator, output_buffer, 1 ), + PSA_ERROR_INSUFFICIENT_CAPACITY ); PSA_ASSERT( psa_generator_abort( &generator ) ); @@ -3847,7 +3845,8 @@ void key_agreement_setup( int alg_arg, TEST_EQUAL( psa_key_agreement( &generator, our_key, peer_key_data->x, peer_key_data->len, - alg ), expected_status_arg ); + alg ), + expected_status_arg ); exit: psa_generator_abort( &generator ); @@ -3946,18 +3945,16 @@ void key_agreement_output( int alg_arg, peer_key_data->x, peer_key_data->len, alg ) ); - PSA_ASSERT( - psa_generator_read( &generator, - actual_output, - expected_output1->len ) ); + PSA_ASSERT( psa_generator_read( &generator, + actual_output, + expected_output1->len ) ); TEST_EQUAL( memcmp( actual_output, expected_output1->x, expected_output1->len ), 0 ); if( expected_output2->len != 0 ) { - PSA_ASSERT( - psa_generator_read( &generator, - actual_output, - expected_output2->len ) ); + PSA_ASSERT( psa_generator_read( &generator, + actual_output, + expected_output2->len ) ); TEST_EQUAL( memcmp( actual_output, expected_output2->x, expected_output2->len ), 0 ); } @@ -4047,13 +4044,12 @@ void generate_key( int type_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( handle, type, bits, - NULL, 0 ), expected_status ); + TEST_EQUAL( psa_generate_key( handle, type, bits, NULL, 0 ), + expected_status ); /* Test the key information */ - TEST_EQUAL( psa_get_key_information( handle, - &got_type, - &got_bits ), expected_info_status ); + TEST_EQUAL( psa_get_key_information( handle, &got_type, &got_bits ), + expected_info_status ); if( expected_info_status != PSA_SUCCESS ) goto exit; TEST_EQUAL( got_type, type ); @@ -4144,8 +4140,10 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, } /* Export the key */ - TEST_EQUAL( psa_export_key( handle, first_export, export_size, - &first_exported_length ), export_status ); + TEST_EQUAL( psa_export_key( handle, + first_export, export_size, + &first_exported_length ), + export_status ); /* Shutdown and restart */ mbedtls_psa_crypto_free(); @@ -4160,14 +4158,14 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, TEST_EQUAL( bits_get, (size_t) bits ); PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); - TEST_EQUAL( psa_key_policy_get_usage( - &policy_get ), policy_usage ); - TEST_EQUAL( psa_key_policy_get_algorithm( - &policy_get ), policy_alg ); + TEST_EQUAL( psa_key_policy_get_usage( &policy_get ), policy_usage ); + TEST_EQUAL( psa_key_policy_get_algorithm( &policy_get ), policy_alg ); /* Export the key again */ - TEST_EQUAL( psa_export_key( handle, second_export, export_size, - &second_exported_length ), export_status ); + TEST_EQUAL( psa_export_key( handle, + second_export, export_size, + &second_exported_length ), + export_status ); if( export_status == PSA_SUCCESS ) { diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 1748b205c..94e6f6cb7 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -287,20 +287,17 @@ void aead_algorithm( int alg_arg, int classification_flags, { psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n ); aead_algorithm_core( truncated_alg, classification_flags, n ); - TEST_EQUAL( - PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ), alg ); + TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ), + alg ); /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives * the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( - PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ), - PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) ); - TEST_EQUAL( - PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ), - PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) ); - TEST_EQUAL( - PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ), - PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) ); + TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ), + PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) ); + TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ), + PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) ); + TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ), + PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) ); } } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index c467d1901..425dabbd9 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -102,7 +102,8 @@ void save_large_persistent_key( int data_too_large, int expected_status ) &handle ) ); TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, - data, data_length ), expected_status ); + data, data_length ), + expected_status ); exit: mbedtls_free( data ); @@ -143,8 +144,8 @@ void persistent_key_destroy( int key_id_arg, int should_store, /* Check key slot storage is removed */ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); - TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ), PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ), + PSA_ERROR_EMPTY_SLOT ); TEST_EQUAL( handle, 0 ); /* Shutdown and restart */ @@ -183,8 +184,8 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, PSA_BYTES_TO_BITS( data->len ), &handle ) ); psa_key_policy_init( &policy ); - TEST_EQUAL( psa_import_key( handle, type, - data->x, data->len ), expected_status ); + TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ), + expected_status ); if( expected_status != PSA_SUCCESS ) { diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 30d44cc2a..3df0887a6 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -292,9 +292,8 @@ void create_fail( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( psa_create_key( lifetime, id, - type, max_bits, - &handle ), expected_status ); + TEST_EQUAL( psa_create_key( lifetime, id, type, max_bits, &handle ), + expected_status ); TEST_EQUAL( handle, 0 ); exit: From 0dfba2ddf0162136eb9cc29db845dc056a39427d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:40:50 +0100 Subject: [PATCH 0875/2197] Use ASSERT_COMPARE in preference to memcmp in PSA tests --- tests/suites/test_suite_psa_crypto.function | 22 +++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3e957b8f1..0d5da7c22 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1985,8 +1985,8 @@ void mac_sign( int key_type_arg, &mac_length ) ); /* Compare with the expected value. */ - TEST_EQUAL( mac_length, expected_mac->len ); - TEST_EQUAL( memcmp( actual_mac, expected_mac->x, mac_length ), 0 ); + ASSERT_COMPARE( expected_mac->x, expected_mac->len, + actual_mac, mac_length ); /* Verify that the end of the buffer is untouched. */ TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+', @@ -3576,8 +3576,8 @@ void derive_output( int alg_arg, /* Success. Check the read data. */ PSA_ASSERT( status ); if( output_sizes[i] != 0 ) - TEST_EQUAL( memcmp( output_buffer, expected_outputs[i], - output_sizes[i] ), 0 ); + ASSERT_COMPARE( output_buffer, output_sizes[i], + expected_outputs[i], output_sizes[i] ); /* Check the generator status. */ expected_capacity -= output_sizes[i]; PSA_ASSERT( psa_get_generator_capacity( &generator, @@ -3805,7 +3805,8 @@ void derive_key_export( int alg_arg, TEST_EQUAL( length, bytes2 ); /* Compare the outputs from the two runs. */ - TEST_EQUAL( memcmp( output_buffer, export_buffer, capacity ), 0 ); + ASSERT_COMPARE( output_buffer, bytes1 + bytes2, + export_buffer, capacity ); exit: mbedtls_free( output_buffer ); @@ -3948,15 +3949,15 @@ void key_agreement_output( int alg_arg, PSA_ASSERT( psa_generator_read( &generator, actual_output, expected_output1->len ) ); - TEST_EQUAL( memcmp( actual_output, expected_output1->x, - expected_output1->len ), 0 ); + ASSERT_COMPARE( actual_output, expected_output1->len, + expected_output1->x, expected_output1->len ); if( expected_output2->len != 0 ) { PSA_ASSERT( psa_generator_read( &generator, actual_output, expected_output2->len ) ); - TEST_EQUAL( memcmp( actual_output, expected_output2->x, - expected_output2->len ), 0 ); + ASSERT_COMPARE( actual_output, expected_output2->len, + expected_output2->x, expected_output2->len ); } exit: @@ -3993,7 +3994,8 @@ void generate_random( int bytes_arg ) PSA_ASSERT( psa_generate_random( output, bytes ) ); /* Check that no more than bytes have been overwritten */ - TEST_EQUAL( memcmp( output + bytes, trail, sizeof( trail ) ), 0 ); + ASSERT_COMPARE( output + bytes, sizeof( trail ), + trail, sizeof( trail ) ); for( i = 0; i < bytes; i++ ) { From 40ab95bdbca011e9f88a190d49128fc10e71e2bf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:47:17 +0100 Subject: [PATCH 0876/2197] Remove checks of test parameters against SIZE_MAX Our code base doesn't even support 16-bit platforms, so those checks are always trivially true. --- tests/suites/test_suite_psa_crypto.function | 59 --------------------- 1 file changed, 59 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0d5da7c22..cf0dd80d2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -13,12 +13,6 @@ #define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) -#if(UINT32_MAX > SIZE_MAX) -#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX ) -#else -#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1 -#endif - /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -884,7 +878,6 @@ void import( data_t *data, int type, int expected_status_arg ) psa_status_t status; TEST_ASSERT( data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), @@ -1003,7 +996,6 @@ void import_export( data_t *data, psa_key_policy_t policy; TEST_ASSERT( data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); export_size = (ptrdiff_t) data->len + export_size_delta; ASSERT_ALLOC( exported, export_size ); if( ! canonical_input ) @@ -2016,9 +2008,6 @@ void mac_verify( int key_type_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_mac != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -2104,9 +2093,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_output != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2179,9 +2165,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_output != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2257,9 +2240,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_output != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2337,9 +2317,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); TEST_ASSERT( expected_output != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) ); iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2415,8 +2392,6 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -2506,8 +2481,6 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( key != NULL ); TEST_ASSERT( input != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -2614,10 +2587,6 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( input_data != NULL ); TEST_ASSERT( nonce != NULL ); TEST_ASSERT( additional_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2691,11 +2660,6 @@ void aead_encrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( additional_data != NULL ); TEST_ASSERT( nonce != NULL ); TEST_ASSERT( expected_result != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) ); output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2753,11 +2717,6 @@ void aead_decrypt( int key_type_arg, data_t *key_data, TEST_ASSERT( additional_data != NULL ); TEST_ASSERT( nonce != NULL ); TEST_ASSERT( expected_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2826,9 +2785,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); TEST_ASSERT( output_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -2887,8 +2843,6 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); ASSERT_ALLOC( signature, signature_size ); @@ -3011,9 +2965,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( hash_data != NULL ); TEST_ASSERT( signature_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -3054,9 +3005,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( hash_data != NULL ); TEST_ASSERT( signature_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -3178,8 +3126,6 @@ void asymmetric_encrypt_decrypt( int key_type_arg, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -3252,9 +3198,6 @@ void asymmetric_decrypt( int key_type_arg, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); TEST_ASSERT( expected_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); output_size = key_data->len; ASSERT_ALLOC( output, output_size ); @@ -3325,8 +3268,6 @@ void asymmetric_decrypt_fail( int key_type_arg, TEST_ASSERT( key_data != NULL ); TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); - TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); output_size = key_data->len; ASSERT_ALLOC( output, output_size ); From 1f2aa0e3b0fc8934d19f08e28ba20aade2a4c1c9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:48:27 +0100 Subject: [PATCH 0877/2197] Remove useless null checks of data_t* parameters The test framework never passes NULL for a data_t* parameter, so testing them against NULL is clutter. --- tests/suites/test_suite_psa_crypto.function | 70 --------------------- 1 file changed, 70 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cf0dd80d2..c194a074e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -877,7 +877,6 @@ void import( data_t *data, int type, int expected_status_arg ) psa_status_t expected_status = expected_status_arg; psa_status_t status; - TEST_ASSERT( data != NULL ); PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), @@ -995,7 +994,6 @@ void import_export( data_t *data, size_t got_bits; psa_key_policy_t policy; - TEST_ASSERT( data != NULL ); export_size = (ptrdiff_t) data->len + export_size_delta; ASSERT_ALLOC( exported, export_size ); if( ! canonical_input ) @@ -2005,10 +2003,6 @@ void mac_verify( int key_type_arg, TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_mac != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), @@ -2090,10 +2084,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_cipher_operation_t operation; psa_key_policy_t policy; - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_output != NULL ); - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2162,10 +2152,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation; psa_key_policy_t policy; - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_output != NULL ); - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2237,10 +2223,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation; psa_key_policy_t policy; - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_output != NULL ); - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2314,10 +2296,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_cipher_operation_t operation; psa_key_policy_t policy; - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - TEST_ASSERT( expected_output != NULL ); - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2390,9 +2368,6 @@ void cipher_verify_output( int alg_arg, int key_type_arg, psa_cipher_operation_t operation2; psa_key_policy_t policy; - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), @@ -2479,9 +2454,6 @@ void cipher_verify_output_multipart( int alg_arg, psa_cipher_operation_t operation2; psa_key_policy_t policy; - TEST_ASSERT( key != NULL ); - TEST_ASSERT( input != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), @@ -2583,11 +2555,6 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_status_t expected_result = expected_result_arg; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( nonce != NULL ); - TEST_ASSERT( additional_data != NULL ); - output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2655,12 +2622,6 @@ void aead_encrypt( int key_type_arg, data_t *key_data, size_t tag_length = 16; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( additional_data != NULL ); - TEST_ASSERT( nonce != NULL ); - TEST_ASSERT( expected_result != NULL ); - output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2712,12 +2673,6 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_key_policy_t policy; psa_status_t expected_result = expected_result_arg; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( additional_data != NULL ); - TEST_ASSERT( nonce != NULL ); - TEST_ASSERT( expected_data != NULL ); - output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2782,10 +2737,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( output_data != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, @@ -2841,9 +2792,6 @@ void sign_fail( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - ASSERT_ALLOC( signature, signature_size ); PSA_ASSERT( psa_crypto_init( ) ); @@ -2962,10 +2910,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( hash_data != NULL ); - TEST_ASSERT( signature_data != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, @@ -3002,10 +2946,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( hash_data != NULL ); - TEST_ASSERT( signature_data != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, @@ -3124,9 +3064,6 @@ void asymmetric_encrypt_decrypt( int key_type_arg, size_t output2_length = ~0; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, @@ -3195,10 +3132,6 @@ void asymmetric_decrypt( int key_type_arg, size_t output_length = ~0; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - TEST_ASSERT( expected_data != NULL ); - output_size = key_data->len; ASSERT_ALLOC( output, output_size ); @@ -3266,9 +3199,6 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy; - TEST_ASSERT( key_data != NULL ); - TEST_ASSERT( input_data != NULL ); - output_size = key_data->len; ASSERT_ALLOC( output, output_size ); From d76f181617f1ad9429ca389dd276e1166fa5d3c2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 00:52:27 +0100 Subject: [PATCH 0878/2197] Prefer ASSERT_ALLOC to calloc+TEST_ASSERT in PSA tests To allocate memory dynamically in a test, call ASSERT_ALLOC which takes care of calling calloc and of checking for NULL. --- tests/suites/test_suite_psa_crypto.function | 1 - tests/suites/test_suite_psa_crypto_storage_file.function | 6 ++---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c194a074e..f8c9c7492 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -407,7 +407,6 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); - TEST_ASSERT( public_key != NULL ); PSA_ASSERT( psa_export_public_key( handle, public_key, public_key_length, &public_key_length ) ); diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function index bf86ebb4d..e596be1d7 100644 --- a/tests/suites/test_suite_psa_crypto_storage_file.function +++ b/tests/suites/test_suite_psa_crypto_storage_file.function @@ -36,8 +36,7 @@ void load_data_from_file( int id_to_load_arg, } /* Read from the file with psa_crypto_storage_load. */ - loaded_data = mbedtls_calloc( 1, capacity ); - TEST_ASSERT( loaded_data != NULL ); + ASSERT_ALLOC( loaded_data, capacity ); status = psa_crypto_storage_load( id_to_load, loaded_data, file_size ); /* Check we get the expected status. */ @@ -82,8 +81,7 @@ void write_data_to_file( data_t *data, int expected_status ) TEST_EQUAL( file_size, data->len ); /* Check that the file contents are what we expect */ - loaded_data = mbedtls_calloc( 1, data->len ); - TEST_ASSERT( loaded_data != NULL ); + ASSERT_ALLOC( loaded_data, data->len ); num_read = fread( loaded_data, 1, file_size, file ); TEST_EQUAL( num_read, file_size ); From c08fc1d7e97bbc84d6ed7d6e2d212a9650ed0dd0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Dec 2018 08:47:00 +0100 Subject: [PATCH 0879/2197] Move MIN and MAX macros from PSA tests to helpers.function --- tests/suites/helpers.function | 17 +++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 2 -- .../test_suite_psa_crypto_entropy.function | 5 ----- .../suites/test_suite_psa_crypto_init.function | 3 --- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index da843b2b3..5f9f7b099 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -202,6 +202,23 @@ typedef struct data_tag ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \ ARRAY_LENGTH_UNSAFE( array ) ) ) +/** Return the smaller of two values. + * + * \param x An integer-valued expression without side effects. + * \param y An integer-valued expression without side effects. + * + * \return The smaller of \p x and \p y. + */ +#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) + +/** Return the larger of two values. + * + * \param x An integer-valued expression without side effects. + * \param y An integer-valued expression without side effects. + * + * \return The larger of \p x and \p y. + */ +#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) /* * 32-bit integer manipulation macros (big endian) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f8c9c7492..c1339c015 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -11,8 +11,6 @@ #include "psa/crypto.h" -#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) - /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 704fad913..727db43e5 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -6,11 +6,6 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" -/* MAX value support macro */ -#if !defined(MAX) -#define MAX(a,b) (((a)>(b))?(a):(b)) -#endif - /* Calculating the minimum allowed entropy size in bytes */ #define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index e04652fda..c8f6e1b0a 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -12,9 +12,6 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" -#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) -#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) - #define ENTROPY_MIN_NV_SEED_SIZE \ MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) From 0344d8171d64e701df7a8700ec9bfabb0283a3b7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 Dec 2018 20:09:04 +0100 Subject: [PATCH 0880/2197] Simplify the SPM compatibility hack Define psa_status_t to int32_t unconditionally. There's no reason to refer to psa_error_t here: psa_error_t is int32_t if it's present. We would only need a conditional definition if psa_defs.h and psa_crypto.h used the same type name. Keep the conditional definition of PSA_SUCCESS. Although the C preprocessor allows a duplicate definition for a macro, it has to be the exact same token sequence, not merely an equivalent way to build the same value. --- include/psa/crypto.h | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c58d22ae4..5be1b515f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -57,20 +57,6 @@ extern "C" { * @{ */ -#if defined(PSA_SUCCESS) -/* If PSA_SUCCESS is defined, assume that PSA crypto is being used - * together with PSA IPC, which also defines the identifier - * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; - * the other error code names don't clash. Also define psa_status_t as - * an alias for the type used by PSA IPC. This is a temporary hack - * until we unify error reporting in PSA IPC and PSA crypto. - * - * Note that psa_defs.h must be included before this header! - */ -typedef psa_error_t psa_status_t; - -#else /* defined(PSA_SUCCESS) */ - /** * \brief Function return status. * @@ -80,9 +66,17 @@ typedef psa_error_t psa_status_t; */ typedef int32_t psa_status_t; +#if !defined(PSA_SUCCESS) +/* If PSA_SUCCESS is defined, assume that PSA crypto is being used + * together with PSA IPC, which also defines the identifier + * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; + * the other error code names don't clash. This is a temporary hack + * until we unify error reporting in PSA IPC and PSA crypto. + * + * Note that psa_defs.h must be included before this header! + */ /** The action was completed successfully. */ #define PSA_SUCCESS ((psa_status_t)0) - #endif /* !defined(PSA_SUCCESS) */ /** An error occurred that does not correspond to any defined From 5e09bc7eb5293578f2a400dcfce221f6321a74de Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 21 Dec 2018 12:06:15 +0100 Subject: [PATCH 0881/2197] Fix maybe-uninitialized warning GCC 4.8 warns that some variables may be used without having been initialized. They aren't, but determining that takes nontrivial analysis, so initialize them at the point of definition. --- programs/psa/key_ladder_demo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 470b1fce4..4acf6b150 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -393,7 +393,7 @@ static psa_status_t wrap_data( const char *input_file_name, FILE *output_file = NULL; long input_position; size_t input_size; - size_t buffer_size; + size_t buffer_size = 0; unsigned char *buffer = NULL; size_t ciphertext_size; wrapped_data_header_t header; @@ -469,7 +469,7 @@ static psa_status_t unwrap_data( const char *input_file_name, FILE *input_file = NULL; FILE *output_file = NULL; unsigned char *buffer = NULL; - size_t ciphertext_size; + size_t ciphertext_size = 0; size_t plaintext_size; wrapped_data_header_t header; unsigned char extra_byte; From f3b731e8179db0c400fad4af0507774dd68305e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 13:38:31 +0100 Subject: [PATCH 0882/2197] Move integral types and associated macros to their own header Some parts of the library, and crypto drivers, need to see key types, algorithms, policies, etc. but not API functions. Move portable integral types and macros to build and analyze values of these types to a separate headers crypto_types.h and crypto_values.h. No functional changes, code was only moved from crypto.h to the new headers. --- include/psa/crypto.h | 1413 +--------------------------- include/psa/crypto_types.h | 101 ++ include/psa/crypto_values.h | 1418 +++++++++++++++++++++++++++++ programs/Makefile | 2 +- scripts/generate_psa_constants.py | 2 +- visualc/VS2010/mbedTLS.vcxproj | 2 + 6 files changed, 1535 insertions(+), 1403 deletions(-) create mode 100644 include/psa/crypto_types.h create mode 100644 include/psa/crypto_values.h diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5be1b515f..4669b2a53 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -53,266 +53,21 @@ typedef _unsigned_integral_type_ psa_key_handle_t; extern "C" { #endif -/** \defgroup basic Basic definitions +#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) +#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) + +/* The file "crypto_types.h" declares types that encode errors, + * algorithms, key types, policies, etc. */ +#include "crypto_types.h" + +/* The file "crypto_values.h" declares macros to build and analyze values + * of integral types defined in "crypto_types.h". */ +#include "crypto_values.h" + +/** \defgroup initialization Library initialization * @{ */ -/** - * \brief Function return status. - * - * This is either #PSA_SUCCESS (which is zero), indicating success, - * or a nonzero value indicating that an error occurred. Errors are - * encoded as one of the \c PSA_ERROR_xxx values defined here. - */ -typedef int32_t psa_status_t; - -#if !defined(PSA_SUCCESS) -/* If PSA_SUCCESS is defined, assume that PSA crypto is being used - * together with PSA IPC, which also defines the identifier - * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; - * the other error code names don't clash. This is a temporary hack - * until we unify error reporting in PSA IPC and PSA crypto. - * - * Note that psa_defs.h must be included before this header! - */ -/** The action was completed successfully. */ -#define PSA_SUCCESS ((psa_status_t)0) -#endif /* !defined(PSA_SUCCESS) */ - -/** An error occurred that does not correspond to any defined - * failure cause. - * - * Implementations may use this error code if none of the other standard - * error codes are applicable. */ -#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1) - -/** The requested operation or a parameter is not supported - * by this implementation. - * - * Implementations should return this error code when an enumeration - * parameter such as a key type, algorithm, etc. is not recognized. - * If a combination of parameters is recognized and identified as - * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2) - -/** The requested action is denied by a policy. - * - * Implementations should return this error code when the parameters - * are recognized as valid and supported, and a policy explicitly - * denies the requested operation. - * - * If a subset of the parameters of a function call identify a - * forbidden operation, and another subset of the parameters are - * not valid or not supported, it is unspecified whether the function - * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or - * #PSA_ERROR_INVALID_ARGUMENT. */ -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3) - -/** An output buffer is too small. - * - * Applications can call the \c PSA_xxx_SIZE macro listed in the function - * description to determine a sufficient buffer size. - * - * Implementations should preferably return this error code only - * in cases when performing the operation with a larger output - * buffer would succeed. However implementations may return this - * error if a function has invalid or unsupported parameters in addition - * to the parameters that determine the necessary output buffer size. */ -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4) - -/** A slot is occupied, but must be empty to carry out the - * requested action. - * - * If a handle is invalid, it does not designate an occupied slot. - * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. - */ -#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5) - -/** A slot is empty, but must be occupied to carry out the - * requested action. - * - * If a handle is invalid, it does not designate an empty slot. - * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. - */ -#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6) - -/** The requested action cannot be performed in the current state. - * - * Multipart operations return this error when one of the - * functions is called out of sequence. Refer to the function - * descriptions for permitted sequencing of functions. - * - * Implementations shall not return this error code to indicate - * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT - * as applicable. */ -#define PSA_ERROR_BAD_STATE ((psa_status_t)7) - -/** The parameters passed to the function are invalid. - * - * Implementations may return this error any time a parameter or - * combination of parameters are recognized as invalid. - * - * Implementations shall not return this error code to indicate - * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT - * as applicable. - * - * Implementation shall not return this error code to indicate that a - * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE - * instead. - */ -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8) - -/** There is not enough runtime memory. - * - * If the action is carried out across multiple security realms, this - * error can refer to available memory in any of the security realms. */ -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9) - -/** There is not enough persistent storage. - * - * Functions that modify the key storage return this error code if - * there is insufficient storage space on the host media. In addition, - * many functions that do not otherwise access storage may return this - * error code if the implementation requires a mandatory log entry for - * the requested action and the log storage space is full. */ -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10) - -/** There was a communication failure inside the implementation. - * - * This can indicate a communication failure between the application - * and an external cryptoprocessor or between the cryptoprocessor and - * an external volatile or persistent memory. A communication failure - * may be transient or permanent depending on the cause. - * - * \warning If a function returns this error, it is undetermined - * whether the requested action has completed or not. Implementations - * should return #PSA_SUCCESS on successful completion whenver - * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE - * if the requested action was completed successfully in an external - * cryptoprocessor but there was a breakdown of communication before - * the cryptoprocessor could report the status to the application. - */ -#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11) - -/** There was a storage failure that may have led to data loss. - * - * This error indicates that some persistent storage is corrupted. - * It should not be used for a corruption of volatile memory - * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error - * between the cryptoprocessor and its external storage (use - * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is - * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). - * - * Note that a storage failure does not indicate that any data that was - * previously read is invalid. However this previously read data may no - * longer be readable from storage. - * - * When a storage failure occurs, it is no longer possible to ensure - * the global integrity of the keystore. Depending on the global - * integrity guarantees offered by the implementation, access to other - * data may or may not fail even if the data is still readable but - * its integrity canont be guaranteed. - * - * Implementations should only use this error code to report a - * permanent storage corruption. However application writers should - * keep in mind that transient errors while reading the storage may be - * reported using this error code. */ -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12) - -/** A hardware failure was detected. - * - * A hardware failure may be transient or permanent depending on the - * cause. */ -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13) - -/** A tampering attempt was detected. - * - * If an application receives this error code, there is no guarantee - * that previously accessed or computed data was correct and remains - * confidential. Applications should not perform any security function - * and should enter a safe failure state. - * - * Implementations may return this error code if they detect an invalid - * state that cannot happen during normal operation and that indicates - * that the implementation's security guarantees no longer hold. Depending - * on the implementation architecture and on its security and safety goals, - * the implementation may forcibly terminate the application. - * - * This error code is intended as a last resort when a security breach - * is detected and it is unsure whether the keystore data is still - * protected. Implementations shall only return this error code - * to report an alarm from a tampering detector, to indicate that - * the confidentiality of stored data can no longer be guaranteed, - * or to indicate that the integrity of previously returned data is now - * considered compromised. Implementations shall not use this error code - * to indicate a hardware failure that merely makes it impossible to - * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, - * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, - * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code - * instead). - * - * This error indicates an attack against the application. Implementations - * shall not return this error code as a consequence of the behavior of - * the application itself. */ -#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14) - -/** There is not enough entropy to generate random data needed - * for the requested action. - * - * This error indicates a failure of a hardware random generator. - * Application writers should note that this error can be returned not - * only by functions whose purpose is to generate random data, such - * as key, IV or nonce generation, but also by functions that execute - * an algorithm with a randomized result, as well as functions that - * use randomization of intermediate computations as a countermeasure - * to certain attacks. - * - * Implementations should avoid returning this error after psa_crypto_init() - * has succeeded. Implementations should generate sufficient - * entropy during initialization and subsequently use a cryptographically - * secure pseudorandom generator (PRNG). However implementations may return - * this error at any time if a policy requires the PRNG to be reseeded - * during normal operation. */ -#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15) - -/** The signature, MAC or hash is incorrect. - * - * Verification functions return this error if the verification - * calculations completed successfully, and the value to be verified - * was determined to be incorrect. - * - * If the value to verify has an invalid size, implementations may return - * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16) - -/** The decrypted padding is incorrect. - * - * \warning In some protocols, when decrypting data, it is essential that - * the behavior of the application does not depend on whether the padding - * is correct, down to precise timing. Applications should prefer - * protocols that use authenticated encryption rather than plain - * encryption. If the application must perform a decryption of - * unauthenticated data, the application writer should take care not - * to reveal whether the padding is invalid. - * - * Implementations should strive to make valid and invalid padding - * as close as possible to indistinguishable to an external observer. - * In particular, the timing of a decryption operation should not - * depend on the validity of the padding. */ -#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17) - -/** The generator has insufficient capacity left. - * - * Once a function returns this error, attempts to read from the - * generator will always return this error. */ -#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18) - -/** The key handle is not valid. - */ -#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19) - /** * \brief Library initialization. * @@ -339,1094 +94,12 @@ typedef int32_t psa_status_t; */ psa_status_t psa_crypto_init(void); -#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) -#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) - -/**@}*/ - -/** \defgroup crypto_types Key and algorithm types - * @{ - */ - -/** \brief Encoding of a key type. - */ -typedef uint32_t psa_key_type_t; - -/** An invalid key type value. - * - * Zero is not the encoding of any key type. - */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) - -/** Vendor-defined flag - * - * Key types defined by this standard will never have the - * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types - * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should - * respect the bitwise structure used by standard encodings whenever practical. - */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) - -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) - -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) - -/** Whether a key type is vendor-defined. */ -#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ - (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) - -/** Whether a key type is an unstructured array of bytes. - * - * This encompasses both symmetric keys and non-key data. - */ -#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ - PSA_KEY_TYPE_CATEGORY_SYMMETRIC) - -/** Whether a key type is asymmetric: either a key pair or a public key. */ -#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ - & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ - PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) -/** Whether a key type is the public part of a key pair. */ -#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) -/** Whether a key type is a key pair containing a private part and a public - * part. */ -#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) -/** The key pair type corresponding to a public key type. - * - * You may also pass a key pair type as \p type, it will be left unchanged. - * - * \param type A public key type or key pair type. - * - * \return The corresponding key pair type. - * If \p type is not a public key or a key pair, - * the return value is undefined. - */ -#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ - ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) -/** The public key type corresponding to a key pair type. - * - * You may also pass a key pair type as \p type, it will be left unchanged. - * - * \param type A public key type or key pair type. - * - * \return The corresponding public key type. - * If \p type is not a public key or a key pair, - * the return value is undefined. - */ -#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ - ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) - -/** Raw data. - * - * A "key" of this type cannot be used for any cryptographic operation. - * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) - -/** HMAC key. - * - * The key policy determines which underlying hash algorithm the key can be - * used for. - * - * HMAC keys should generally have the same size as the underlying hash. - * This size can be calculated with #PSA_HASH_SIZE(\c alg) where - * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) - -/** A secret for key derivation. - * - * The key policy determines which key derivation algorithm the key - * can be used for. - */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) - -/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. - * - * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or - * 32 bytes (AES-256). - */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) - -/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). - * - * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or - * 24 bytes (3-key 3DES). - * - * Note that single DES and 2-key 3DES are weak and strongly - * deprecated and should only be used to decrypt legacy data. 3-key 3DES - * is weak and deprecated and should only be used in legacy protocols. - */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) - -/** Key for an cipher, AEAD or MAC algorithm based on the - * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) - -/** Key for the RC4 stream cipher. - * - * Note that RC4 is weak and deprecated and should only be used in - * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) - -/** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) -/** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000) -/** Whether a key type is an RSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) - -/** DSA public key. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) -/** DSA key pair (private and public key). */ -#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) -/** Whether a key type is an DSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_DSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) - -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) -#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) -/** Elliptic curve key pair. */ -#define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ - (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) -/** Elliptic curve public key. */ -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ - (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) - -/** Whether a key type is an elliptic curve key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_ECC(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ - ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) -#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - PSA_KEY_TYPE_ECC_KEYPAIR_BASE) -#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ - (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) - -/** The type of PSA elliptic curve identifiers. */ -typedef uint16_t psa_ecc_curve_t; -/** Extract the curve from an elliptic curve key type. */ -#define PSA_KEY_TYPE_GET_CURVE(type) \ - ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ - ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ - 0)) - -/* The encoding of curve identifiers is currently aligned with the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 8422 and RFC 7027. */ -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) - -/** The block size of a block cipher. - * - * \param type A cipher key type (value of type #psa_key_type_t). - * - * \return The block size for a block cipher, or 1 for a stream cipher. - * The return value is undefined if \p type is not a supported - * cipher key type. - * - * \note It is possible to build stream cipher algorithms on top of a block - * cipher, for example CTR mode (#PSA_ALG_CTR). - * This macro only takes the key type into account, so it cannot be - * used to determine the size of the data that #psa_cipher_update() - * might buffer for future processing in general. - * - * \note This macro returns a compile-time constant if its argument is one. - * - * \warning This macro may evaluate its argument multiple times. - */ -#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ - ( \ - (type) == PSA_KEY_TYPE_AES ? 16 : \ - (type) == PSA_KEY_TYPE_DES ? 8 : \ - (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ - (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ - 0) - -/** \brief Encoding of a cryptographic algorithm. - * - * For algorithms that can be applied to multiple key types, this type - * does not encode the key type. For example, for symmetric ciphers - * based on a block cipher, #psa_algorithm_t encodes the block cipher - * mode and the padding mode while the block cipher itself is encoded - * via #psa_key_type_t. - */ -typedef uint32_t psa_algorithm_t; - -#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) -#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) -#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000) -#define PSA_ALG_CATEGORY_KEY_SELECTION ((psa_algorithm_t)0x31000000) - -#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ - (((alg) & PSA_ALG_VENDOR_FLAG) != 0) - -/** Whether the specified algorithm is a hash algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a hash algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_HASH(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) - -/** Whether the specified algorithm is a MAC algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a MAC algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_MAC(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) - -/** Whether the specified algorithm is a symmetric cipher algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_CIPHER(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) - -/** Whether the specified algorithm is an authenticated encryption - * with associated data (AEAD) algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is an AEAD algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_AEAD(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) - -/** Whether the specified algorithm is a public-key signature algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_SIGN(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) - -/** Whether the specified algorithm is a public-key encryption algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) - -#define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000) -/** Whether the specified algorithm is a key agreement algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a key agreement algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \ - PSA_ALG_CATEGORY_KEY_AGREEMENT) - -/** Whether the specified algorithm is a key derivation algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a key derivation algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_KEY_DERIVATION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) - -/** Whether the specified algorithm is a key selection algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a key selection algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_KEY_SELECTION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) - -#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) -#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) -#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) -#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) -/** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) -/** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) -/** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) -/** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) -/** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) -/** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) -/** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) -/** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) -/** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) -/** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) - -#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) -/** Macro to build an HMAC algorithm. - * - * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding HMAC algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_HMAC(hash_alg) \ - (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) - -/** Whether the specified algorithm is an HMAC algorithm. - * - * HMAC is a family of MAC algorithms that are based on a hash function. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is an HMAC algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_HMAC(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ - PSA_ALG_HMAC_BASE) - -/* In the encoding of a MAC algorithm, the bits corresponding to - * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is - * truncated. As an exception, the value 0 means the untruncated algorithm, - * whatever its length is. The length is encoded in 6 bits, so it can - * reach up to 63; the largest MAC is 64 bytes so its trivial truncation - * to full length is correctly encoded as 0 and any non-trivial truncation - * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) -#define PSA_MAC_TRUNCATION_OFFSET 8 - -/** Macro to build a truncated MAC algorithm. - * - * A truncated MAC algorithm is identical to the corresponding MAC - * algorithm except that the MAC value for the truncated algorithm - * consists of only the first \p mac_length bytes of the MAC value - * for the untruncated algorithm. - * - * \note This macro may allow constructing algorithm identifiers that - * are not valid, either because the specified length is larger - * than the untruncated MAC or because the specified length is - * smaller than permitted by the implementation. - * - * \note It is implementation-defined whether a truncated MAC that - * is truncated to the same length as the MAC of the untruncated - * algorithm is considered identical to the untruncated algorithm - * for policy comparison purposes. - * - * \param alg A MAC algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) - * is true). This may be a truncated or untruncated - * MAC algorithm. - * \param mac_length Desired length of the truncated MAC in bytes. - * This must be at most the full length of the MAC - * and must be at least an implementation-specified - * minimum. The implementation-specified minimum - * shall not be zero. - * - * \return The corresponding MAC algorithm with the specified - * length. - * \return Unspecified if \p alg is not a supported - * MAC algorithm or if \p mac_length is too small or - * too large for the specified MAC algorithm. - */ -#define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \ - (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ - ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) - -/** Macro to build the base MAC algorithm corresponding to a truncated - * MAC algorithm. - * - * \param alg A MAC algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) - * is true). This may be a truncated or untruncated - * MAC algorithm. - * - * \return The corresponding base MAC algorithm. - * \return Unspecified if \p alg is not a supported - * MAC algorithm. - */ -#define PSA_ALG_FULL_LENGTH_MAC(alg) \ - ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) - -/** Length to which a MAC algorithm is truncated. - * - * \param alg A MAC algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) - * is true). - * - * \return Length of the truncated MAC in bytes. - * \return 0 if \p alg is a non-truncated MAC algorithm. - * \return Unspecified if \p alg is not a supported - * MAC algorithm. - */ -#define PSA_MAC_TRUNCATED_LENGTH(alg) \ - (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) - -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) -#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) -#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) - -/** Whether the specified algorithm is a MAC algorithm based on a block cipher. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ - PSA_ALG_CIPHER_MAC_BASE) - -#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) -#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) - -/** Whether the specified algorithm is a stream cipher. - * - * A stream cipher is a symmetric cipher that encrypts or decrypts messages - * by applying a bitwise-xor with a stream of bytes that is generated - * from a key. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier or if it is not a symmetric cipher algorithm. - */ -#define PSA_ALG_IS_STREAM_CIPHER(alg) \ - (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ - (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) - -/** The ARC4 stream cipher algorithm. - */ -#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) - -/** The CTR stream cipher mode. - * - * CTR is a stream cipher which is built from a block cipher. - * The underlying block cipher is determined by the key type. - * For example, to use AES-128-CTR, use this algorithm with - * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). - */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) - -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) - -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) - -/** The XTS cipher mode. - * - * XTS is a cipher mode which is built from a block cipher. It requires at - * least one full block of input, but beyond this minimum the input - * does not need to be a whole number of blocks. - */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) - -/** The CBC block cipher chaining mode, with no padding. - * - * The underlying block cipher is determined by the key type. - * - * This symmetric cipher mode can only be used with messages whose lengths - * are whole number of blocks for the chosen block cipher. - */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) - -/** The CBC block cipher chaining mode with PKCS#7 padding. - * - * The underlying block cipher is determined by the key type. - * - * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. - */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) - -#define PSA_ALG_CCM ((psa_algorithm_t)0x06001001) -#define PSA_ALG_GCM ((psa_algorithm_t)0x06001002) - -/* In the encoding of a AEAD algorithm, the bits corresponding to - * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. - * The constants for default lengths follow this encoding. - */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) -#define PSA_AEAD_TAG_LENGTH_OFFSET 8 - -/** Macro to build a shortened AEAD algorithm. - * - * A shortened AEAD algorithm is similar to the corresponding AEAD - * algorithm, but has an authentication tag that consists of fewer bytes. - * Depending on the algorithm, the tag length may affect the calculation - * of the ciphertext. - * - * \param alg A AEAD algorithm identifier (value of type - * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) - * is true). - * \param tag_length Desired length of the authentication tag in bytes. - * - * \return The corresponding AEAD algorithm with the specified - * length. - * \return Unspecified if \p alg is not a supported - * AEAD algorithm or if \p tag_length is not valid - * for the specified AEAD algorithm. - */ -#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \ - (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ - ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ - PSA_ALG_AEAD_TAG_LENGTH_MASK)) - -/** Calculate the corresponding AEAD algorithm with the default tag length. - * - * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return The corresponding AEAD algorithm with the default tag length - * for that algorithm. - */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \ - ( \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \ - 0) -#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ - ref : - -#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) -/** RSA PKCS#1 v1.5 signature with hashing. - * - * This is the signature scheme defined by RFC 8017 - * (PKCS#1: RSA Cryptography Specifications) under the name - * RSASSA-PKCS1-v1_5. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ - (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -/** Raw PKCS#1 v1.5 signature. - * - * The input to this algorithm is the DigestInfo structure used by - * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2 - * steps 3–6. - */ -#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE -#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) - -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) -/** RSA PSS signature with hashing. - * - * This is the signature scheme defined by RFC 8017 - * (PKCS#1: RSA Cryptography Specifications) under the name - * RSASSA-PSS, with the message generation function MGF1, and with - * a salt length equal to the length of the hash. The specified - * hash algorithm is used to hash the input message, to create the - * salted hash, and for the mask generation. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding RSA PSS signature algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_RSA_PSS(hash_alg) \ - (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_PSS(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) - -#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) -/** DSA signature with hashing. - * - * This is the signature scheme defined by FIPS 186-4, - * with a random per-message secret number (*k*). - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding DSA signature algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_DSA(hash_alg) \ - (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) -#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) -#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ - (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_DSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ - PSA_ALG_DSA_BASE) -#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ - (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ - (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) -#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ - (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) - -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) -/** ECDSA signature with hashing. - * - * This is the ECDSA signature scheme defined by ANSI X9.62, - * with a random per-message secret number (*k*). - * - * The representation of the signature as a byte string consists of - * the concatentation of the signature values *r* and *s*. Each of - * *r* and *s* is encoded as an *N*-octet string, where *N* is the length - * of the base point of the curve in octets. Each value is represented - * in big-endian order (most significant octet first). - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding ECDSA signature algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_ECDSA(hash_alg) \ - (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -/** ECDSA signature without hashing. - * - * This is the same signature scheme as #PSA_ALG_ECDSA(), but - * without specifying a hash algorithm. This algorithm may only be - * used to sign or verify a sequence of bytes that should be an - * already-calculated hash. Note that the input is padded with - * zeros on the left or truncated on the left as required to fit - * the curve size. - */ -#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) -/** Deterministic ECDSA signature with hashing. - * - * This is the deterministic ECDSA signature scheme defined by RFC 6979. - * - * The representation of a signature is the same as with #PSA_ALG_ECDSA(). - * - * Note that when this algorithm is used for verification, signatures - * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the - * same private key are accepted. In other words, - * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from - * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding deterministic ECDSA signature - * algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ - (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_ECDSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ - PSA_ALG_ECDSA_BASE) -#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ - (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ - (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) -#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ - (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) - -/** Get the hash used by a hash-and-sign signature algorithm. - * - * A hash-and-sign algorithm is a signature algorithm which is - * composed of two phases: first a hashing phase which does not use - * the key and produces a hash of the input message, then a signing - * phase which only uses the hash and the key and not the message - * itself. - * - * \param alg A signature algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_SIGN(\p alg) is true). - * - * \return The underlying hash algorithm if \p alg is a hash-and-sign - * algorithm. - * \return 0 if \p alg is a signature algorithm that does not - * follow the hash-and-sign structure. - * \return Unspecified if \p alg is not a signature algorithm or - * if it is not supported by the implementation. - */ -#define PSA_ALG_SIGN_GET_HASH(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ - ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ - ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ - 0) - -/** RSA PKCS#1 v1.5 encryption. - */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) - -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) -/** RSA OAEP encryption. - * - * This is the encryption scheme defined by RFC 8017 - * (PKCS#1: RSA Cryptography Specifications) under the name - * RSAES-OAEP, with the message generation function MGF1. - * - * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use - * for MGF1. - * - * \return The corresponding RSA OAEP signature algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_RSA_OAEP(hash_alg) \ - (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_RSA_OAEP(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) -#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ - (PSA_ALG_IS_RSA_OAEP(alg) ? \ - ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ - 0) - -#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100) -/** Macro to build an HKDF algorithm. - * - * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding HKDF algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_HKDF(hash_alg) \ - (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -/** Whether the specified algorithm is an HKDF algorithm. - * - * HKDF is a family of key derivation algorithms that are based on a hash - * function and the HMAC construction. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is an HKDF algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key derivation algorithm identifier. - */ -#define PSA_ALG_IS_HKDF(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) -#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200) -/** Macro to build a TLS-1.2 PRF algorithm. - * - * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, - * specified in Section 5 of RFC 5246. It is based on HMAC and can be - * used with either SHA-256 or SHA-384. - * - * For the application to TLS-1.2, the salt and label arguments passed - * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246, - * respectively. For example, for TLS key expansion, the salt is the - * concatenation of ServerHello.Random + ClientHello.Random, - * while the label is "key expansion". - * - * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the - * TLS 1.2 PRF using HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding TLS-1.2 PRF algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_TLS12_PRF(hash_alg) \ - (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - -/** Whether the specified algorithm is a TLS-1.2 PRF algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key derivation algorithm identifier. - */ -#define PSA_ALG_IS_TLS12_PRF(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) -#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300) -/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. - * - * In a pure-PSK handshake in TLS 1.2, the master secret is derived - * from the PreSharedKey (PSK) through the application of padding - * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5). - * The latter is based on HMAC and can be used with either SHA-256 - * or SHA-384. - * - * For the application to TLS-1.2, the salt passed to psa_key_derivation() - * (and forwarded to the TLS-1.2 PRF) is the concatenation of the - * ClientHello.Random + ServerHello.Random, while the label is "master secret" - * or "extended master secret". - * - * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the - * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * - * \return The corresponding TLS-1.2 PSK to MS algorithm. - * \return Unspecified if \p alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ - (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) - -/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key derivation algorithm identifier. - */ -#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) -#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ - (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) - -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff) - -/** Use a shared secret as is. - * - * Specify this algorithm as the selection component of a key agreement - * to use the raw result of the key agreement as key material. - * - * \warning The raw result of a key agreement algorithm such as finite-field - * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should - * not be used directly as key material. It can however be used as the secret - * input in a key derivation algorithm. - */ -#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) - -#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ - (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) - -#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ - ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK) - -#define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000) -/** The Diffie-Hellman key agreement algorithm. - * - * This algorithm combines the finite-field Diffie-Hellman (DH) key - * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement, - * to produce a shared secret from a private key and the peer's - * public key, with a key selection or key derivation algorithm to produce - * one or more shared keys and other shared cryptographic material. - * - * The shared secret produced by key agreement and passed as input to the - * derivation or selection algorithm \p kdf_alg is the shared secret - * `g^{ab}` in big-endian format. - * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` - * in bits. - * - * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) - * or a key selection algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). - * - * \return The Diffie-Hellman algorithm with the specified - * selection or derivation algorithm. - */ -#define PSA_ALG_FFDH(kdf_alg) \ - (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) -/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. - * - * This includes every supported key selection or key agreement algorithm - * for the output of the Diffie-Hellman calculation. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key agreement algorithm identifier. - */ -#define PSA_ALG_IS_FFDH(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE) - -#define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000) -/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. - * - * This algorithm combines the elliptic curve Diffie-Hellman key - * agreement to produce a shared secret from a private key and the peer's - * public key, with a key selection or key derivation algorithm to produce - * one or more shared keys and other shared cryptographic material. - * - * The shared secret produced by key agreement and passed as input to the - * derivation or selection algorithm \p kdf_alg is the x-coordinate of - * the shared secret point. It is always `ceiling(m / 8)` bytes long where - * `m` is the bit size associated with the curve, i.e. the bit size of the - * order of the curve's coordinate field. When `m` is not a multiple of 8, - * the byte containing the most significant bit of the shared secret - * is padded with zero bits. The byte order is either little-endian - * or big-endian depending on the curve type. - * - * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`), - * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` - * in little-endian byte order. - * The bit size is 448 for Curve448 and 255 for Curve25519. - * - For Weierstrass curves over prime fields (curve types - * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), - * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` - * in big-endian byte order. - * The bit size is `m = ceiling(log_2(p))` for the field `F_p`. - * - For Weierstrass curves over binary fields (curve types - * `PSA_ECC_CURVE_SECTXXX`), - * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` - * in big-endian byte order. - * The bit size is `m` for the field `F_{2^m}`. - * - * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) - * or a selection algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). - * - * \return The Diffie-Hellman algorithm with the specified - * selection or derivation algorithm. - */ -#define PSA_ALG_ECDH(kdf_alg) \ - (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) -/** Whether the specified algorithm is an elliptic curve Diffie-Hellman - * algorithm. - * - * This includes every supported key selection or key agreement algorithm - * for the output of the Diffie-Hellman calculation. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm, - * 0 otherwise. - * This macro may return either 0 or 1 if \c alg is not a supported - * key agreement algorithm identifier. - */ -#define PSA_ALG_IS_ECDH(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) - /**@}*/ /** \defgroup key_management Key management * @{ */ -/** Encoding of key lifetimes. - */ -typedef uint32_t psa_key_lifetime_t; - -/** Encoding of identifiers of persistent keys. - */ -typedef uint32_t psa_key_id_t; - -/** A volatile key only exists as long as the handle to it is not closed. - * The key material is guaranteed to be erased on a power reset. - */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) - -/** The default storage area for persistent keys. - * - * A persistent key remains in storage until it is explicitly destroyed or - * until the corresponding storage area is wiped. This specification does - * not define any mechanism to wipe a storage area, but implementations may - * provide their own mechanism (for example to perform a factory reset, - * to prepare for device refurbishment, or to uninstall an application). - * - * This lifetime value is the default storage area for the calling - * application. Implementations may offer other storage areas designated - * by other lifetime values as implementation-specific extensions. - */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) - /** \brief Retrieve the lifetime of an open key. * * \param handle Handle to query. @@ -1900,68 +573,6 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * @{ */ -/** \brief Encoding of permitted usage on a key. */ -typedef uint32_t psa_key_usage_t; - -/** Whether the key may be exported. - * - * A public key or the public part of a key pair may always be exported - * regardless of the value of this permission flag. - * - * If a key does not have export permission, implementations shall not - * allow the key to be exported in plain form from the cryptoprocessor, - * whether through psa_export_key() or through a proprietary interface. - * The key may however be exportable in a wrapped form, i.e. in a form - * where it is encrypted by another key. - */ -#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) - -/** Whether the key may be used to encrypt a message. - * - * This flag allows the key to be used for a symmetric encryption operation, - * for an AEAD encryption-and-authentication operation, - * or for an asymmetric encryption operation, - * if otherwise permitted by the key's type and policy. - * - * For a key pair, this concerns the public key. - */ -#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) - -/** Whether the key may be used to decrypt a message. - * - * This flag allows the key to be used for a symmetric decryption operation, - * for an AEAD decryption-and-verification operation, - * or for an asymmetric decryption operation, - * if otherwise permitted by the key's type and policy. - * - * For a key pair, this concerns the private key. - */ -#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) - -/** Whether the key may be used to sign a message. - * - * This flag allows the key to be used for a MAC calculation operation - * or for an asymmetric signature operation, - * if otherwise permitted by the key's type and policy. - * - * For a key pair, this concerns the private key. - */ -#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) - -/** Whether the key may be used to verify a message signature. - * - * This flag allows the key to be used for a MAC verification operation - * or for an asymmetric signature verification operation, - * if otherwise permitted by by the key's type and policy. - * - * For a key pair, this concerns the public key. - */ -#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) - -/** Whether the key may be used to derive other keys. - */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) - /** The type of the key policy data structure. * * This is an implementation-defined \c struct. Applications should not diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h new file mode 100644 index 000000000..9b44d6aef --- /dev/null +++ b/include/psa/crypto_types.h @@ -0,0 +1,101 @@ +/** + * \file psa/crypto_types.h + * + * \brief PSA cryptography module: type aliases. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. Drivers must include the appropriate driver + * header file. + * + * This file contains portable definitions of integral types for properties + * of cryptographic keys, designations of cryptographic algorithms, and + * error codes returned by the library. + * + * This header file does not declare any function. + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_TYPES_H +#define PSA_CRYPTO_TYPES_H + +#include + +/** \defgroup error Error codes + * @{ + */ + +/** + * \brief Function return status. + * + * This is either #PSA_SUCCESS (which is zero), indicating success, + * or a nonzero value indicating that an error occurred. Errors are + * encoded as one of the \c PSA_ERROR_xxx values defined here. + */ +typedef int32_t psa_status_t; + +/**@}*/ + +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +/** \brief Encoding of a key type. + */ +typedef uint32_t psa_key_type_t; + +/** The type of PSA elliptic curve identifiers. */ +typedef uint16_t psa_ecc_curve_t; + +/** \brief Encoding of a cryptographic algorithm. + * + * For algorithms that can be applied to multiple key types, this type + * does not encode the key type. For example, for symmetric ciphers + * based on a block cipher, #psa_algorithm_t encodes the block cipher + * mode and the padding mode while the block cipher itself is encoded + * via #psa_key_type_t. + */ +typedef uint32_t psa_algorithm_t; + +/**@}*/ + +/** \defgroup key_lifetimes Key lifetimes + * @{ + */ + +/** Encoding of key lifetimes. + */ +typedef uint32_t psa_key_lifetime_t; + +/** Encoding of identifiers of persistent keys. + */ +typedef uint32_t psa_key_id_t; + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** \brief Encoding of permitted usage on a key. */ +typedef uint32_t psa_key_usage_t; + +/**@}*/ + +#endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h new file mode 100644 index 000000000..d83ad1be9 --- /dev/null +++ b/include/psa/crypto_values.h @@ -0,0 +1,1418 @@ +/** + * \file psa/crypto_values.h + * + * \brief PSA cryptography module: macros to build and analyze integer values. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. Drivers must include the appropriate driver + * header file. + * + * This file contains portable definitions of macros to build and analyze + * values of integral types that encode properties of cryptographic keys, + * designations of cryptographic algorithms, and error codes returned by + * the library. + * + * This header file only defines preprocessor macros. + */ +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_VALUES_H +#define PSA_CRYPTO_VALUES_H + +/** \defgroup error Error codes + * @{ + */ + +#if !defined(PSA_SUCCESS) +/* If PSA_SUCCESS is defined, assume that PSA crypto is being used + * together with PSA IPC, which also defines the identifier + * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; + * the other error code names don't clash. This is a temporary hack + * until we unify error reporting in PSA IPC and PSA crypto. + * + * Note that psa_defs.h must be included before this header! + */ +/** The action was completed successfully. */ +#define PSA_SUCCESS ((psa_status_t)0) +#endif /* !defined(PSA_SUCCESS) */ + +/** An error occurred that does not correspond to any defined + * failure cause. + * + * Implementations may use this error code if none of the other standard + * error codes are applicable. */ +#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1) + +/** The requested operation or a parameter is not supported + * by this implementation. + * + * Implementations should return this error code when an enumeration + * parameter such as a key type, algorithm, etc. is not recognized. + * If a combination of parameters is recognized and identified as + * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2) + +/** The requested action is denied by a policy. + * + * Implementations should return this error code when the parameters + * are recognized as valid and supported, and a policy explicitly + * denies the requested operation. + * + * If a subset of the parameters of a function call identify a + * forbidden operation, and another subset of the parameters are + * not valid or not supported, it is unspecified whether the function + * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or + * #PSA_ERROR_INVALID_ARGUMENT. */ +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3) + +/** An output buffer is too small. + * + * Applications can call the \c PSA_xxx_SIZE macro listed in the function + * description to determine a sufficient buffer size. + * + * Implementations should preferably return this error code only + * in cases when performing the operation with a larger output + * buffer would succeed. However implementations may return this + * error if a function has invalid or unsupported parameters in addition + * to the parameters that determine the necessary output buffer size. */ +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4) + +/** A slot is occupied, but must be empty to carry out the + * requested action. + * + * If a handle is invalid, it does not designate an occupied slot. + * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. + */ +#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5) + +/** A slot is empty, but must be occupied to carry out the + * requested action. + * + * If a handle is invalid, it does not designate an empty slot. + * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. + */ +#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6) + +/** The requested action cannot be performed in the current state. + * + * Multipart operations return this error when one of the + * functions is called out of sequence. Refer to the function + * descriptions for permitted sequencing of functions. + * + * Implementations shall not return this error code to indicate + * that a key slot is occupied when it needs to be free or vice versa, + * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * as applicable. */ +#define PSA_ERROR_BAD_STATE ((psa_status_t)7) + +/** The parameters passed to the function are invalid. + * + * Implementations may return this error any time a parameter or + * combination of parameters are recognized as invalid. + * + * Implementations shall not return this error code to indicate + * that a key slot is occupied when it needs to be free or vice versa, + * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * as applicable. + * + * Implementation shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. + */ +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8) + +/** There is not enough runtime memory. + * + * If the action is carried out across multiple security realms, this + * error can refer to available memory in any of the security realms. */ +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9) + +/** There is not enough persistent storage. + * + * Functions that modify the key storage return this error code if + * there is insufficient storage space on the host media. In addition, + * many functions that do not otherwise access storage may return this + * error code if the implementation requires a mandatory log entry for + * the requested action and the log storage space is full. */ +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10) + +/** There was a communication failure inside the implementation. + * + * This can indicate a communication failure between the application + * and an external cryptoprocessor or between the cryptoprocessor and + * an external volatile or persistent memory. A communication failure + * may be transient or permanent depending on the cause. + * + * \warning If a function returns this error, it is undetermined + * whether the requested action has completed or not. Implementations + * should return #PSA_SUCCESS on successful completion whenver + * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE + * if the requested action was completed successfully in an external + * cryptoprocessor but there was a breakdown of communication before + * the cryptoprocessor could report the status to the application. + */ +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11) + +/** There was a storage failure that may have led to data loss. + * + * This error indicates that some persistent storage is corrupted. + * It should not be used for a corruption of volatile memory + * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error + * between the cryptoprocessor and its external storage (use + * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is + * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). + * + * Note that a storage failure does not indicate that any data that was + * previously read is invalid. However this previously read data may no + * longer be readable from storage. + * + * When a storage failure occurs, it is no longer possible to ensure + * the global integrity of the keystore. Depending on the global + * integrity guarantees offered by the implementation, access to other + * data may or may not fail even if the data is still readable but + * its integrity canont be guaranteed. + * + * Implementations should only use this error code to report a + * permanent storage corruption. However application writers should + * keep in mind that transient errors while reading the storage may be + * reported using this error code. */ +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12) + +/** A hardware failure was detected. + * + * A hardware failure may be transient or permanent depending on the + * cause. */ +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13) + +/** A tampering attempt was detected. + * + * If an application receives this error code, there is no guarantee + * that previously accessed or computed data was correct and remains + * confidential. Applications should not perform any security function + * and should enter a safe failure state. + * + * Implementations may return this error code if they detect an invalid + * state that cannot happen during normal operation and that indicates + * that the implementation's security guarantees no longer hold. Depending + * on the implementation architecture and on its security and safety goals, + * the implementation may forcibly terminate the application. + * + * This error code is intended as a last resort when a security breach + * is detected and it is unsure whether the keystore data is still + * protected. Implementations shall only return this error code + * to report an alarm from a tampering detector, to indicate that + * the confidentiality of stored data can no longer be guaranteed, + * or to indicate that the integrity of previously returned data is now + * considered compromised. Implementations shall not use this error code + * to indicate a hardware failure that merely makes it impossible to + * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE, + * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE, + * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code + * instead). + * + * This error indicates an attack against the application. Implementations + * shall not return this error code as a consequence of the behavior of + * the application itself. */ +#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14) + +/** There is not enough entropy to generate random data needed + * for the requested action. + * + * This error indicates a failure of a hardware random generator. + * Application writers should note that this error can be returned not + * only by functions whose purpose is to generate random data, such + * as key, IV or nonce generation, but also by functions that execute + * an algorithm with a randomized result, as well as functions that + * use randomization of intermediate computations as a countermeasure + * to certain attacks. + * + * Implementations should avoid returning this error after psa_crypto_init() + * has succeeded. Implementations should generate sufficient + * entropy during initialization and subsequently use a cryptographically + * secure pseudorandom generator (PRNG). However implementations may return + * this error at any time if a policy requires the PRNG to be reseeded + * during normal operation. */ +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15) + +/** The signature, MAC or hash is incorrect. + * + * Verification functions return this error if the verification + * calculations completed successfully, and the value to be verified + * was determined to be incorrect. + * + * If the value to verify has an invalid size, implementations may return + * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16) + +/** The decrypted padding is incorrect. + * + * \warning In some protocols, when decrypting data, it is essential that + * the behavior of the application does not depend on whether the padding + * is correct, down to precise timing. Applications should prefer + * protocols that use authenticated encryption rather than plain + * encryption. If the application must perform a decryption of + * unauthenticated data, the application writer should take care not + * to reveal whether the padding is invalid. + * + * Implementations should strive to make valid and invalid padding + * as close as possible to indistinguishable to an external observer. + * In particular, the timing of a decryption operation should not + * depend on the validity of the padding. */ +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17) + +/** The generator has insufficient capacity left. + * + * Once a function returns this error, attempts to read from the + * generator will always return this error. */ +#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18) + +/** The key handle is not valid. + */ +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19) + +/**@}*/ + +/** \defgroup crypto_types Key and algorithm types + * @{ + */ + +/** An invalid key type value. + * + * Zero is not the encoding of any key type. + */ +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) + +/** Vendor-defined flag + * + * Key types defined by this standard will never have the + * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types + * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should + * respect the bitwise structure used by standard encodings whenever practical. + */ +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) + +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) + +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) + +/** Whether a key type is vendor-defined. */ +#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ + (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) + +/** Whether a key type is an unstructured array of bytes. + * + * This encompasses both symmetric keys and non-key data. + */ +#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + +/** Whether a key type is asymmetric: either a key pair or a public key. */ +#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK \ + & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \ + PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is the public part of a key pair. */ +#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) +/** Whether a key type is a key pair containing a private part and a public + * part. */ +#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) +/** The key pair type corresponding to a public key type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding key pair type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ + ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) +/** The public key type corresponding to a key pair type. + * + * You may also pass a key pair type as \p type, it will be left unchanged. + * + * \param type A public key type or key pair type. + * + * \return The corresponding public key type. + * If \p type is not a public key or a key pair, + * the return value is undefined. + */ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ + ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) + +/** Raw data. + * + * A "key" of this type cannot be used for any cryptographic operation. + * Applications may use this type to store arbitrary data in the keystore. */ +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) + +/** HMAC key. + * + * The key policy determines which underlying hash algorithm the key can be + * used for. + * + * HMAC keys should generally have the same size as the underlying hash. + * This size can be calculated with #PSA_HASH_SIZE(\c alg) where + * \c alg is the HMAC algorithm or the underlying hash algorithm. */ +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) + +/** A secret for key derivation. + * + * The key policy determines which key derivation algorithm the key + * can be used for. + */ +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) + +/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. + * + * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or + * 32 bytes (AES-256). + */ +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) + +/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). + * + * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or + * 24 bytes (3-key 3DES). + * + * Note that single DES and 2-key 3DES are weak and strongly + * deprecated and should only be used to decrypt legacy data. 3-key 3DES + * is weak and deprecated and should only be used in legacy protocols. + */ +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) + +/** Key for an cipher, AEAD or MAC algorithm based on the + * Camellia block cipher. */ +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) + +/** Key for the RC4 stream cipher. + * + * Note that RC4 is weak and deprecated and should only be used in + * legacy protocols. */ +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) + +/** RSA public key. */ +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) +/** RSA key pair (private and public key). */ +#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000) +/** Whether a key type is an RSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_RSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + +/** DSA public key. */ +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) +/** DSA key pair (private and public key). */ +#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) +/** Whether a key type is an DSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_DSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) + +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) +#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +/** Elliptic curve key pair. */ +#define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ + (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) +/** Elliptic curve public key. */ +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ + (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) + +/** Whether a key type is an elliptic curve key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_ECC(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ + ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_KEYPAIR_BASE) +#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ + PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) + +/** Extract the curve from an elliptic curve key type. */ +#define PSA_KEY_TYPE_GET_CURVE(type) \ + ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) + +/* The encoding of curve identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 8422 and RFC 7027. */ +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) + +/** The block size of a block cipher. + * + * \param type A cipher key type (value of type #psa_key_type_t). + * + * \return The block size for a block cipher, or 1 for a stream cipher. + * The return value is undefined if \p type is not a supported + * cipher key type. + * + * \note It is possible to build stream cipher algorithms on top of a block + * cipher, for example CTR mode (#PSA_ALG_CTR). + * This macro only takes the key type into account, so it cannot be + * used to determine the size of the data that #psa_cipher_update() + * might buffer for future processing in general. + * + * \note This macro returns a compile-time constant if its argument is one. + * + * \warning This macro may evaluate its argument multiple times. + */ +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ + ( \ + (type) == PSA_KEY_TYPE_AES ? 16 : \ + (type) == PSA_KEY_TYPE_DES ? 8 : \ + (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ + (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ + 0) + +#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000) +#define PSA_ALG_CATEGORY_KEY_SELECTION ((psa_algorithm_t)0x31000000) + +#define PSA_ALG_IS_VENDOR_DEFINED(alg) \ + (((alg) & PSA_ALG_VENDOR_FLAG) != 0) + +/** Whether the specified algorithm is a hash algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH) + +/** Whether the specified algorithm is a MAC algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a MAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_MAC(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC) + +/** Whether the specified algorithm is a symmetric cipher algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_CIPHER(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER) + +/** Whether the specified algorithm is an authenticated encryption + * with associated data (AEAD) algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an AEAD algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_AEAD(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD) + +/** Whether the specified algorithm is a public-key signature algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_SIGN(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN) + +/** Whether the specified algorithm is a public-key encryption algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) + +#define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000) +/** Whether the specified algorithm is a key agreement algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_AGREEMENT(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \ + PSA_ALG_CATEGORY_KEY_AGREEMENT) + +/** Whether the specified algorithm is a key derivation algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key derivation algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_DERIVATION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +/** Whether the specified algorithm is a key selection algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key selection algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_KEY_SELECTION(alg) \ + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) + +#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) +/** SHA2-224 */ +#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) +/** SHA2-256 */ +#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009) +/** SHA2-384 */ +#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a) +/** SHA2-512 */ +#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b) +/** SHA2-512/224 */ +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c) +/** SHA2-512/256 */ +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d) +/** SHA3-224 */ +#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010) +/** SHA3-256 */ +#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011) +/** SHA3-384 */ +#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012) +/** SHA3-512 */ +#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) + +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) +/** Macro to build an HMAC algorithm. + * + * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HMAC algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HMAC(hash_alg) \ + (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is an HMAC algorithm. + * + * HMAC is a family of MAC algorithms that are based on a hash function. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an HMAC algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HMAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_HMAC_BASE) + +/* In the encoding of a MAC algorithm, the bits corresponding to + * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is + * truncated. As an exception, the value 0 means the untruncated algorithm, + * whatever its length is. The length is encoded in 6 bits, so it can + * reach up to 63; the largest MAC is 64 bytes so its trivial truncation + * to full length is correctly encoded as 0 and any non-trivial truncation + * is correctly encoded as a value between 1 and 63. */ +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_MAC_TRUNCATION_OFFSET 8 + +/** Macro to build a truncated MAC algorithm. + * + * A truncated MAC algorithm is identical to the corresponding MAC + * algorithm except that the MAC value for the truncated algorithm + * consists of only the first \p mac_length bytes of the MAC value + * for the untruncated algorithm. + * + * \note This macro may allow constructing algorithm identifiers that + * are not valid, either because the specified length is larger + * than the untruncated MAC or because the specified length is + * smaller than permitted by the implementation. + * + * \note It is implementation-defined whether a truncated MAC that + * is truncated to the same length as the MAC of the untruncated + * algorithm is considered identical to the untruncated algorithm + * for policy comparison purposes. + * + * \param alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * \param mac_length Desired length of the truncated MAC in bytes. + * This must be at most the full length of the MAC + * and must be at least an implementation-specified + * minimum. The implementation-specified minimum + * shall not be zero. + * + * \return The corresponding MAC algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * MAC algorithm or if \p mac_length is too small or + * too large for the specified MAC algorithm. + */ +#define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \ + (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ + ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) + +/** Macro to build the base MAC algorithm corresponding to a truncated + * MAC algorithm. + * + * \param alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). This may be a truncated or untruncated + * MAC algorithm. + * + * \return The corresponding base MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_ALG_FULL_LENGTH_MAC(alg) \ + ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) + +/** Length to which a MAC algorithm is truncated. + * + * \param alg A MAC algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) + * is true). + * + * \return Length of the truncated MAC in bytes. + * \return 0 if \p alg is a non-truncated MAC algorithm. + * \return Unspecified if \p alg is not a supported + * MAC algorithm. + */ +#define PSA_MAC_TRUNCATED_LENGTH(alg) \ + (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) + +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) +#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) + +/** Whether the specified algorithm is a MAC algorithm based on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ + PSA_ALG_CIPHER_MAC_BASE) + +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) + +/** Whether the specified algorithm is a stream cipher. + * + * A stream cipher is a symmetric cipher that encrypts or decrypts messages + * by applying a bitwise-xor with a stream of bytes that is generated + * from a key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier or if it is not a symmetric cipher algorithm. + */ +#define PSA_ALG_IS_STREAM_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + +/** The ARC4 stream cipher algorithm. + */ +#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) + +/** The CTR stream cipher mode. + * + * CTR is a stream cipher which is built from a block cipher. + * The underlying block cipher is determined by the key type. + * For example, to use AES-128-CTR, use this algorithm with + * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). + */ +#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) + +#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) + +#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) + +/** The XTS cipher mode. + * + * XTS is a cipher mode which is built from a block cipher. It requires at + * least one full block of input, but beyond this minimum the input + * does not need to be a whole number of blocks. + */ +#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff) + +/** The CBC block cipher chaining mode, with no padding. + * + * The underlying block cipher is determined by the key type. + * + * This symmetric cipher mode can only be used with messages whose lengths + * are whole number of blocks for the chosen block cipher. + */ +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100) + +/** The CBC block cipher chaining mode with PKCS#7 padding. + * + * The underlying block cipher is determined by the key type. + * + * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. + */ +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) + +#define PSA_ALG_CCM ((psa_algorithm_t)0x06001001) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06001002) + +/* In the encoding of a AEAD algorithm, the bits corresponding to + * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. + * The constants for default lengths follow this encoding. + */ +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00) +#define PSA_AEAD_TAG_LENGTH_OFFSET 8 + +/** Macro to build a shortened AEAD algorithm. + * + * A shortened AEAD algorithm is similar to the corresponding AEAD + * algorithm, but has an authentication tag that consists of fewer bytes. + * Depending on the algorithm, the tag length may affect the calculation + * of the ciphertext. + * + * \param alg A AEAD algorithm identifier (value of type + * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) + * is true). + * \param tag_length Desired length of the authentication tag in bytes. + * + * \return The corresponding AEAD algorithm with the specified + * length. + * \return Unspecified if \p alg is not a supported + * AEAD algorithm or if \p tag_length is not valid + * for the specified AEAD algorithm. + */ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \ + (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ + ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ + PSA_ALG_AEAD_TAG_LENGTH_MASK)) + +/** Calculate the corresponding AEAD algorithm with the default tag length. + * + * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The corresponding AEAD algorithm with the default tag length + * for that algorithm. + */ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \ + ( \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \ + 0) +#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ + ref : + +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) +/** RSA PKCS#1 v1.5 signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PKCS1-v1_5. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ + (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Raw PKCS#1 v1.5 signature. + * + * The input to this algorithm is the DigestInfo structure used by + * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2 + * steps 3–6. + */ +#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE +#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) + +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000) +/** RSA PSS signature with hashing. + * + * This is the signature scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSASSA-PSS, with the message generation function MGF1, and with + * a salt length equal to the length of the hash. The specified + * hash algorithm is used to hash the input message, to create the + * salted hash, and for the mask generation. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding RSA PSS signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_PSS(hash_alg) \ + (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_PSS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) + +#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) +/** DSA signature with hashing. + * + * This is the signature scheme defined by FIPS 186-4, + * with a random per-message secret number (*k*). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding DSA signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DSA(hash_alg) \ + (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) +#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_DSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_DSA_BASE) +#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ + (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ + (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) + +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) +/** ECDSA signature with hashing. + * + * This is the ECDSA signature scheme defined by ANSI X9.62, + * with a random per-message secret number (*k*). + * + * The representation of the signature as a byte string consists of + * the concatentation of the signature values *r* and *s*. Each of + * *r* and *s* is encoded as an *N*-octet string, where *N* is the length + * of the base point of the curve in octets. Each value is represented + * in big-endian order (most significant octet first). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding ECDSA signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_ECDSA(hash_alg) \ + (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** ECDSA signature without hashing. + * + * This is the same signature scheme as #PSA_ALG_ECDSA(), but + * without specifying a hash algorithm. This algorithm may only be + * used to sign or verify a sequence of bytes that should be an + * already-calculated hash. Note that the input is padded with + * zeros on the left or truncated on the left as required to fit + * the curve size. + */ +#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000) +/** Deterministic ECDSA signature with hashing. + * + * This is the deterministic ECDSA signature scheme defined by RFC 6979. + * + * The representation of a signature is the same as with #PSA_ALG_ECDSA(). + * + * Note that when this algorithm is used for verification, signatures + * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the + * same private key are accepted. In other words, + * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from + * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding deterministic ECDSA signature + * algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_ECDSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_ECDSA_BASE) +#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ + (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) + +/** Get the hash used by a hash-and-sign signature algorithm. + * + * A hash-and-sign algorithm is a signature algorithm which is + * composed of two phases: first a hashing phase which does not use + * the key and produces a hash of the input message, then a signing + * phase which only uses the hash and the key and not the message + * itself. + * + * \param alg A signature algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_SIGN(\p alg) is true). + * + * \return The underlying hash algorithm if \p alg is a hash-and-sign + * algorithm. + * \return 0 if \p alg is a signature algorithm that does not + * follow the hash-and-sign structure. + * \return Unspecified if \p alg is not a signature algorithm or + * if it is not supported by the implementation. + */ +#define PSA_ALG_SIGN_GET_HASH(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) + +/** RSA PKCS#1 v1.5 encryption. + */ +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000) + +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000) +/** RSA OAEP encryption. + * + * This is the encryption scheme defined by RFC 8017 + * (PKCS#1: RSA Cryptography Specifications) under the name + * RSAES-OAEP, with the message generation function MGF1. + * + * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use + * for MGF1. + * + * \return The corresponding RSA OAEP signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_RSA_OAEP(hash_alg) \ + (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_RSA_OAEP(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE) +#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ + 0) + +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100) +/** Macro to build an HKDF algorithm. + * + * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding HKDF algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_HKDF(hash_alg) \ + (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +/** Whether the specified algorithm is an HKDF algorithm. + * + * HKDF is a family of key derivation algorithms that are based on a hash + * function and the HMAC construction. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an HKDF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_HKDF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE) +#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200) +/** Macro to build a TLS-1.2 PRF algorithm. + * + * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, + * specified in Section 5 of RFC 5246. It is based on HMAC and can be + * used with either SHA-256 or SHA-384. + * + * For the application to TLS-1.2, the salt and label arguments passed + * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246, + * respectively. For example, for TLS key expansion, the salt is the + * concatenation of ServerHello.Random + ClientHello.Random, + * while the label is "key expansion". + * + * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the + * TLS 1.2 PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PRF algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PRF(hash_alg) \ + (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PRF algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PRF(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE) +#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300) +/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. + * + * In a pure-PSK handshake in TLS 1.2, the master secret is derived + * from the PreSharedKey (PSK) through the application of padding + * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5). + * The latter is based on HMAC and can be used with either SHA-256 + * or SHA-384. + * + * For the application to TLS-1.2, the salt passed to psa_key_derivation() + * (and forwarded to the TLS-1.2 PRF) is the concatenation of the + * ClientHello.Random + ServerHello.Random, while the label is "master secret" + * or "extended master secret". + * + * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the + * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * + * \return The corresponding TLS-1.2 PSK to MS algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ + (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) + +/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE) +#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ + (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) + +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff) + +/** Use a shared secret as is. + * + * Specify this algorithm as the selection component of a key agreement + * to use the raw result of the key agreement as key material. + * + * \warning The raw result of a key agreement algorithm such as finite-field + * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should + * not be used directly as key material. It can however be used as the secret + * input in a key derivation algorithm. + */ +#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) + +#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ + (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK) + +#define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000) +/** The Diffie-Hellman key agreement algorithm. + * + * This algorithm combines the finite-field Diffie-Hellman (DH) key + * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement, + * to produce a shared secret from a private key and the peer's + * public key, with a key selection or key derivation algorithm to produce + * one or more shared keys and other shared cryptographic material. + * + * The shared secret produced by key agreement and passed as input to the + * derivation or selection algorithm \p kdf_alg is the shared secret + * `g^{ab}` in big-endian format. + * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` + * in bits. + * + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) + * or a key selection algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). + * + * \return The Diffie-Hellman algorithm with the specified + * selection or derivation algorithm. + */ +#define PSA_ALG_FFDH(kdf_alg) \ + (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) +/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. + * + * This includes every supported key selection or key agreement algorithm + * for the output of the Diffie-Hellman calculation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_FFDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE) + +#define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000) +/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. + * + * This algorithm combines the elliptic curve Diffie-Hellman key + * agreement to produce a shared secret from a private key and the peer's + * public key, with a key selection or key derivation algorithm to produce + * one or more shared keys and other shared cryptographic material. + * + * The shared secret produced by key agreement and passed as input to the + * derivation or selection algorithm \p kdf_alg is the x-coordinate of + * the shared secret point. It is always `ceiling(m / 8)` bytes long where + * `m` is the bit size associated with the curve, i.e. the bit size of the + * order of the curve's coordinate field. When `m` is not a multiple of 8, + * the byte containing the most significant bit of the shared secret + * is padded with zero bits. The byte order is either little-endian + * or big-endian depending on the curve type. + * + * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in little-endian byte order. + * The bit size is 448 for Curve448 and 255 for Curve25519. + * - For Weierstrass curves over prime fields (curve types + * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `m = ceiling(log_2(p))` for the field `F_p`. + * - For Weierstrass curves over binary fields (curve types + * `PSA_ECC_CURVE_SECTXXX`), + * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` + * in big-endian byte order. + * The bit size is `m` for the field `F_{2^m}`. + * + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) + * or a selection algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). + * + * \return The Diffie-Hellman algorithm with the specified + * selection or derivation algorithm. + */ +#define PSA_ALG_ECDH(kdf_alg) \ + (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) +/** Whether the specified algorithm is an elliptic curve Diffie-Hellman + * algorithm. + * + * This includes every supported key selection or key agreement algorithm + * for the output of the Diffie-Hellman calculation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm, + * 0 otherwise. + * This macro may return either 0 or 1 if \c alg is not a supported + * key agreement algorithm identifier. + */ +#define PSA_ALG_IS_ECDH(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) + +/**@}*/ + +/** \defgroup key_lifetimes Key lifetimes + * @{ + */ + +/** A volatile key only exists as long as the handle to it is not closed. + * The key material is guaranteed to be erased on a power reset. + */ +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) + +/** The default storage area for persistent keys. + * + * A persistent key remains in storage until it is explicitly destroyed or + * until the corresponding storage area is wiped. This specification does + * not define any mechanism to wipe a storage area, but implementations may + * provide their own mechanism (for example to perform a factory reset, + * to prepare for device refurbishment, or to uninstall an application). + * + * This lifetime value is the default storage area for the calling + * application. Implementations may offer other storage areas designated + * by other lifetime values as implementation-specific extensions. + */ +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) + +/**@}*/ + +/** \defgroup policy Key policies + * @{ + */ + +/** Whether the key may be exported. + * + * A public key or the public part of a key pair may always be exported + * regardless of the value of this permission flag. + * + * If a key does not have export permission, implementations shall not + * allow the key to be exported in plain form from the cryptoprocessor, + * whether through psa_export_key() or through a proprietary interface. + * The key may however be exportable in a wrapped form, i.e. in a form + * where it is encrypted by another key. + */ +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) + +/** Whether the key may be used to encrypt a message. + * + * This flag allows the key to be used for a symmetric encryption operation, + * for an AEAD encryption-and-authentication operation, + * or for an asymmetric encryption operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) + +/** Whether the key may be used to decrypt a message. + * + * This flag allows the key to be used for a symmetric decryption operation, + * for an AEAD decryption-and-verification operation, + * or for an asymmetric decryption operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) + +/** Whether the key may be used to sign a message. + * + * This flag allows the key to be used for a MAC calculation operation + * or for an asymmetric signature operation, + * if otherwise permitted by the key's type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) + +/** Whether the key may be used to verify a message signature. + * + * This flag allows the key to be used for a MAC verification operation + * or for an asymmetric signature verification operation, + * if otherwise permitted by by the key's type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) + +/** Whether the key may be used to derive other keys. + */ +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000) + +/**@}*/ + +#endif /* PSA_CRYPTO_VALUES_H */ diff --git a/programs/Makefile b/programs/Makefile index f3627c906..2792b0913 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -103,7 +103,7 @@ EXTRA_GENERATED += psa/psa_constant_names_generated.c endif psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c -psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h +psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto_values.h ../scripts/generate_psa_constants.py aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 7e4420b69..3e4e88b77 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -285,5 +285,5 @@ def generate_psa_constants(header_file_name, output_file_name): if __name__ == '__main__': if not os.path.isdir('programs') and os.path.isdir('../programs'): os.chdir('..') - generate_psa_constants('include/psa/crypto.h', + generate_psa_constants('include/psa/crypto_values.h', 'programs/psa/psa_constant_names_generated.c') diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 366b97e55..bf9035a39 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -231,6 +231,8 @@ + + From a7c26db33555af1dc6c35c16244bf9242c64b54b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 13:42:25 +0100 Subject: [PATCH 0883/2197] Move remaining size macros from crypto.h to crypto_sizes.h No functional changes, code was only moved from crypto.h to crypto_sizes.h. --- include/psa/crypto.h | 72 -------------------------------------- include/psa/crypto_sizes.h | 72 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 72 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4669b2a53..fa8045cf4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -53,9 +53,6 @@ typedef _unsigned_integral_type_ psa_key_handle_t; extern "C" { #endif -#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) -#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) - /* The file "crypto_types.h" declares types that encode errors, * algorithms, key types, policies, etc. */ #include "crypto_types.h" @@ -680,39 +677,6 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, * as directed by the documentation of a specific implementation. */ typedef struct psa_hash_operation_s psa_hash_operation_t; -/** The size of the output of psa_hash_finish(), in bytes. - * - * This is also the hash size that psa_hash_verify() expects. - * - * \param alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm - * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a - * hash algorithm). - * - * \return The hash size for the specified hash algorithm. - * If the hash algorithm is not recognized, return 0. - * An implementation may return either 0 or the correct size - * for a hash algorithm that it recognizes, but does not support. - */ -#define PSA_HASH_SIZE(alg) \ - ( \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ - 0) - /** Start a multipart hash operation. * * The sequence of operations to calculate a hash (message digest) @@ -1433,26 +1397,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * @{ */ -/** The tag size for an AEAD algorithm, in bytes. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return The tag size for the specified algorithm. - * If the AEAD algorithm does not have an identified - * tag that can be distinguished from the rest of - * the ciphertext, return 0. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_TAG_LENGTH(alg) \ - (PSA_ALG_IS_AEAD(alg) ? \ - (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ - 0) - /** Process an authenticated encryption operation. * * \param handle Handle to the key to use for the operation. @@ -1575,17 +1519,6 @@ psa_status_t psa_aead_decrypt(psa_key_handle_t handle, * @{ */ -/** - * \brief ECDSA signature size for a given curve bit size - * - * \param curve_bits Curve size in bits. - * \return Signature size in bytes. - * - * \note This macro returns a compile-time constant if its argument is one. - */ -#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ - (PSA_BITS_TO_BYTES(curve_bits) * 2) - /** * \brief Sign a hash or short message with a private key. * @@ -1675,11 +1608,6 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, const uint8_t *signature, size_t signature_length); -#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ - (PSA_ALG_IS_RSA_OAEP(alg) ? \ - 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ - 11 /*PKCS#1v1.5*/) - /** * \brief Encrypt a short message with a public key. * diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 7e1795673..5ad695a39 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -50,6 +50,42 @@ #include MBEDTLS_CONFIG_FILE #endif +#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) +#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) + +/** The size of the output of psa_hash_finish(), in bytes. + * + * This is also the hash size that psa_hash_verify() expects. + * + * \param alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm + * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a + * hash algorithm). + * + * \return The hash size for the specified hash algorithm. + * If the hash algorithm is not recognized, return 0. + * An implementation may return either 0 or the correct size + * for a hash algorithm that it recognizes, but does not support. + */ +#define PSA_HASH_SIZE(alg) \ + ( \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ + 0) + /** \def PSA_HASH_MAX_SIZE * * Maximum size of a hash. @@ -84,6 +120,26 @@ */ #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE +/** The tag size for an AEAD algorithm, in bytes. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The tag size for the specified algorithm. + * If the AEAD algorithm does not have an identified + * tag that can be distinguished from the rest of + * the ciphertext, return 0. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_TAG_LENGTH(alg) \ + (PSA_ALG_IS_AEAD(alg) ? \ + (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ + 0) + /* The maximum size of an RSA key on this implementation, in bits. * This is a vendor-specific macro. * @@ -236,6 +292,22 @@ (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ 0) +#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ + 11 /*PKCS#1v1.5*/) + +/** + * \brief ECDSA signature size for a given curve bit size + * + * \param curve_bits Curve size in bits. + * \return Signature size in bytes. + * + * \note This macro returns a compile-time constant if its argument is one. + */ +#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ + (PSA_BITS_TO_BYTES(curve_bits) * 2) + /** Safe signature buffer size for psa_asymmetric_sign(). * * This macro returns a safe buffer size for a signature using a key From 2d59b2cd6bd1fe0c862b02c140f3b40b24accc06 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 13:51:19 +0100 Subject: [PATCH 0884/2197] crypto_driver.h: get type definitions from crypto_enum.h Now that the type definitions that are useful for driver are in a separate header file from the application interface function declarations, include that header file in crypto_driver.h. --- include/psa/crypto_driver.h | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h index a52ecc427..43b3cf760 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_driver.h @@ -35,19 +35,23 @@ extern "C" { #endif -/** The following types are redefinitions from the psa/crypto.h file. - * It is intended that these will be moved to a new common header file to - * avoid duplication. They are included here for expediency in publication. - */ -typedef uint32_t psa_status_t; -typedef uint32_t psa_algorithm_t; -typedef uint8_t psa_encrypt_or_decrypt_t; -typedef uint32_t psa_key_slot_t; -typedef uint32_t psa_key_type_t; -typedef uint32_t psa_key_usage_t; +/* Include type definitions (psa_status_t, psa_algorithm_t, + * psa_key_type_t, etc.) and macros to build and analyze values + * of these types. */ +#include "crypto_types.h" +#include "crypto_values.h" -#define PSA_CRYPTO_DRIVER_ENCRYPT 1 -#define PSA_CRYPTO_DRIVER_DECRYPT 0 +/** An internal designation of a key slot between the core part of the + * PSA Crypto implementation and the driver. The meaning of this value + * is driver-dependent. */ +typedef uint32_t psa_key_slot_t; + +/** For encrypt-decrypt functions, whether the operation is an encryption + * or a decryption. */ +typedef enum { + PSA_CRYPTO_DRIVER_DECRYPT, + PSA_CRYPTO_DRIVER_ENCRYPT +} psa_encrypt_or_decrypt_t; /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using From 5e9c9cca030fcb38125ce59ef196064170063773 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 14:02:48 +0100 Subject: [PATCH 0885/2197] Document macros that were referenced Macros that are referenced need to be documented, otherwise Doxygen has nothing to link to. --- include/psa/crypto_values.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index d83ad1be9..4d25835be 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -446,9 +446,11 @@ #define PSA_KEY_TYPE_IS_ECC(type) \ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) +/** Whether a key type is an elliptic curve key pair. */ #define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_KEYPAIR_BASE) +/** Whether a key type is an elliptic curve public key. */ #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) From 75976895c66d99a5053e681033ae659cb8730ee9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Dec 2018 15:55:09 +0100 Subject: [PATCH 0886/2197] Split crypto_driver.h into one for each driver type Split crypto_driver.h into 4: * crypto_driver_common.h for common definitions, not meant to be included directly by driver code. * crypto_accel_driver.h for drivers that work with transparent key material. * crypto_se_driver.h for drivers that work with opaque key material. * crypto_entropy_driver.h for drivers of entropy sources. There is no code change in this commit, I only moved some code around. --- include/psa/crypto_accel_driver.h | 796 ++++++++++++++++ include/psa/crypto_driver_common.h | 54 ++ include/psa/crypto_entropy_driver.h | 111 +++ .../{crypto_driver.h => crypto_se_driver.h} | 855 +----------------- visualc/VS2010/mbedTLS.vcxproj | 5 +- 5 files changed, 978 insertions(+), 843 deletions(-) create mode 100644 include/psa/crypto_accel_driver.h create mode 100644 include/psa/crypto_driver_common.h create mode 100644 include/psa/crypto_entropy_driver.h rename include/psa/{crypto_driver.h => crypto_se_driver.h} (52%) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h new file mode 100644 index 000000000..b752fed88 --- /dev/null +++ b/include/psa/crypto_accel_driver.h @@ -0,0 +1,796 @@ +/** + * \file psa/crypto_accel_driver.h + * \brief PSA cryptography accelerator driver module + * + * This header declares types and function signatures for cryptography + * drivers that access key material directly. This is meant for + * on-chip cryptography accelerators. + * + * This file is part of the PSA Crypto Driver Model, containing functions for + * driver developers to implement to enable hardware to be called in a + * standardized way by a PSA Cryptographic API implementation. The functions + * comprising the driver model, which driver authors implement, are not + * intended to be called by application developers. + */ + +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef PSA_CRYPTO_ACCEL_DRIVER_H +#define PSA_CRYPTO_ACCEL_DRIVER_H + +#include "crypto_driver_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** \defgroup driver_digest Message Digests + * + * Generation and authentication of Message Digests (aka hashes) must be done + * in parts using the following sequence: + * - `psa_drv_hash_setup_t` + * - `psa_drv_hash_update_t` + * - ... + * - `psa_drv_hash_finish_t` + * + * If a previously started Message Digest operation needs to be terminated + * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted + * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated + * resources not being freed or in other undefined behavior. + */ +/**@{*/ + +/** \brief The hardware-specific hash context structure + * + * The contents of this structure are implementation dependent and are + * therefore not described here + */ +typedef struct psa_drv_hash_context_s psa_drv_hash_context_t; + +/** \brief The function prototype for the start operation of a hash (message + * digest) operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_hash__setup + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying hash function + * + * \param[in,out] p_context A structure that will contain the + * hardware-specific hash context + * + * \retval PSA_SUCCESS Success. + */ +typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context); + +/** \brief The function prototype for the update operation of a hash (message + * digest) operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_hash__update + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm + * + * \param[in,out] p_context A hardware-specific structure for the + * previously-established hash operation to be + * continued + * \param[in] p_input A buffer containing the message to be appended + * to the hash operation + * \param[in] input_length The size in bytes of the input message buffer + */ +typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context, + const uint8_t *p_input, + size_t input_length); + +/** \brief The prototype for the finish operation of a hash (message digest) + * operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_hash__finish + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started hash operation to be + * fiinished + * \param[out] p_output A buffer where the generated digest will be + * placed + * \param[in] output_size The size in bytes of the buffer that has been + * allocated for the `p_output` buffer + * \param[out] p_output_length The number of bytes placed in `p_output` after + * success + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** \brief The function prototype for the abort operation of a hash (message + * digest) operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_hash__abort + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm + * + * \param[in,out] p_context A hardware-specific structure for the previously + * started hash operation to be aborted + */ +typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context); + +/**@}*/ + +/** \defgroup transparent_mac Transparent Message Authentication Code + * Generation and authentication of Message Authentication Codes (MACs) using + * transparent keys can be done either as a single function call (via the + * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t` + * functions), or in parts using the following sequence: + * - `psa_drv_mac_transparent_setup_t` + * - `psa_drv_mac_transparent_update_t` + * - `psa_drv_mac_transparent_update_t` + * - ... + * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t` + * + * If a previously started Transparent MAC operation needs to be terminated, it + * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may + * result in allocated resources not being freed or in other undefined + * behavior. + * + */ +/**@{*/ + +/** \brief The hardware-specific transparent-key MAC context structure + * + * The contents of this structure are implementation dependent and are + * therefore not described here. + */ +typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t; + +/** \brief The function prototype for the setup operation of a + * transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent___setup + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` + * is the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in,out] p_context A structure that will contain the + * hardware-specific MAC context + * \param[in] p_key A buffer containing the cleartext key material + * to be used in the operation + * \param[in] key_length The size in bytes of the key material + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context, + const uint8_t *p_key, + size_t key_length); + +/** \brief The function prototype for the update operation of a + * transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent___update + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` + * is the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously-established MAC operation to be + * continued + * \param[in] p_input A buffer containing the message to be appended + * to the MAC operation + * \param[in] input_length The size in bytes of the input message buffer + */ +typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_length); + +/** \brief The function prototype for the finish operation of a + * transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent___finish + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started MAC operation to be + * finished + * \param[out] p_mac A buffer where the generated MAC will be placed + * \param[in] mac_length The size in bytes of the buffer that has been + * allocated for the `p_mac` buffer + * + * \retval PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context, + uint8_t *p_mac, + size_t mac_length); + +/** \brief The function prototype for the finish and verify operation of a + * transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent___finish_verify + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started MAC operation to be + * verified and finished + * \param[in] p_mac A buffer containing the MAC that will be used + * for verification + * \param[in] mac_length The size in bytes of the data in the `p_mac` + * buffer + * + * \retval PSA_SUCCESS + * The operation completed successfully and the comparison matched + */ +typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context, + const uint8_t *p_mac, + size_t mac_length); + +/** \brief The function prototype for the abort operation for a previously + * started transparent-key MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent___abort + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started MAC operation to be + * aborted + * + */ +typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context); + +/** \brief The function prototype for a one-shot operation of a transparent-key + * MAC operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent__ + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in] p_input A buffer containing the data to be MACed + * \param[in] input_length The length in bytes of the `p_input` data + * \param[in] p_key A buffer containing the key material to be used + * for the MAC operation + * \param[in] key_length The length in bytes of the `p_key` data + * \param[in] alg The algorithm to be performed + * \param[out] p_mac The buffer where the resulting MAC will be placed + * upon success + * \param[in] mac_length The length in bytes of the `p_mac` buffer + */ +typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_length); + +/** \brief The function prototype for a one-shot operation of a transparent-key + * MAC Verify operation + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_mac_transparent___verify + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is + * the specific variant of a MAC operation (such as HMAC or CMAC) + * + * \param[in] p_input A buffer containing the data to be MACed + * \param[in] input_length The length in bytes of the `p_input` data + * \param[in] p_key A buffer containing the key material to be used + * for the MAC operation + * \param[in] key_length The length in bytes of the `p_key` data + * \param[in] alg The algorithm to be performed + * \param[in] p_mac The MAC data to be compared + * \param[in] mac_length The length in bytes of the `p_mac` buffer + * + * \retval PSA_SUCCESS + * The operation completed successfully and the comparison matched + */ +typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *p_mac, + size_t mac_length); +/**@}*/ + +/** \defgroup transparent_cipher Transparent Block Cipher + * Encryption and Decryption using transparent keys in block modes other than + * ECB must be done in multiple parts, using the following flow: + * - `psa_drv_cipher_transparent_setup_t` + * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode) + * - `psa_drv_cipher_transparent_update_t` + * - ... + * - `psa_drv_cipher_transparent_finish_t` + + * If a previously started Transparent Cipher operation needs to be terminated, + * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do + * so may result in allocated resources not being freed or in other undefined + * behavior. + */ +/**@{*/ + +/** \brief The hardware-specific transparent-key Cipher context structure + * + * The contents of this structure are implementation dependent and are + * therefore not described here. + */ +typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t; + +/** \brief The function prototype for the setup operation of transparent-key + * block cipher operations. + * Functions that implement the prototype should be named in the following + * conventions: + * ~~~~~~~~~~~~~{.c} + * psa_drv_cipher_transparent_setup__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * or for stream ciphers: + * ~~~~~~~~~~~~~{.c} + * psa_drv_cipher_transparent_setup_ + * ~~~~~~~~~~~~~ + * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) + * + * \param[in,out] p_context A structure that will contain the + * hardware-specific cipher context + * \param[in] direction Indicates if the operation is an encrypt or a + * decrypt + * \param[in] p_key_data A buffer containing the cleartext key material + * to be used in the operation + * \param[in] key_data_size The size in bytes of the key material + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context, + psa_encrypt_or_decrypt_t direction, + const uint8_t *p_key_data, + size_t key_data_size); + +/** \brief The function prototype for the set initialization vector operation + * of transparent-key block cipher operations + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_cipher_transparent_set_iv__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * \param[in,out] p_context A structure that contains the previously setup + * hardware-specific cipher context + * \param[in] p_iv A buffer containing the initialization vecotr + * \param[in] iv_length The size in bytes of the contents of `p_iv` + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context, + const uint8_t *p_iv, + size_t iv_length); + +/** \brief The function prototype for the update operation of transparent-key + * block cipher operations. + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_cipher_transparent_update__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started cipher operation + * \param[in] p_input A buffer containing the data to be + * encrypted or decrypted + * \param[in] input_size The size in bytes of the `p_input` buffer + * \param[out] p_output A caller-allocated buffer where the + * generated output will be placed + * \param[in] output_size The size in bytes of the `p_output` buffer + * \param[out] p_output_length After completion, will contain the number + * of bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** \brief The function prototype for the finish operation of transparent-key + * block cipher operations. + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_cipher_transparent_finish__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started cipher operation + * \param[out] p_output A caller-allocated buffer where the generated + * output will be placed + * \param[in] output_size The size in bytes of the `p_output` buffer + * \param[out] p_output_length After completion, will contain the number of + * bytes placed in the `p_output` buffer + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** \brief The function prototype for the abort operation of transparent-key + * block cipher operations. + * + * Functions that implement the following prototype should be named in the + * following convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_cipher_transparent_abort__ + * ~~~~~~~~~~~~~ + * Where + * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) + * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) + * + * \param[in,out] p_context A hardware-specific structure for the + * previously started cipher operation + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context); + +/**@}*/ + +/** \defgroup aead_transparent AEAD Transparent + * + * Authenticated Encryption with Additional Data (AEAD) operations with + * transparent keys must be done in one function call. While this creates a + * burden for implementers as there must be sufficient space in memory for the + * entire message, it prevents decrypted data from being made available before + * the authentication operation is complete and the data is known to be + * authentic. + */ +/**@{*/ + +/** Process an authenticated encryption operation using an opaque key. + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_aead__encrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the AEAD algorithm + * + * \param[in] p_key A pointer to the key material + * \param[in] key_length The size in bytes of the key material + * \param[in] alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(`alg`) is true) + * \param[in] nonce Nonce or IV to use + * \param[in] nonce_length Size of the `nonce` buffer in bytes + * \param[in] additional_data Additional data that will be MACed + * but not encrypted. + * \param[in] additional_data_length Size of `additional_data` in bytes + * \param[in] plaintext Data that will be MACed and + * encrypted. + * \param[in] plaintext_length Size of `plaintext` in bytes + * \param[out] ciphertext Output buffer for the authenticated and + * encrypted data. The additional data is + * not part of this output. For algorithms + * where the encrypted data and the + * authentication tag are defined as + * separate outputs, the authentication + * tag is appended to the encrypted data. + * \param[in] ciphertext_size Size of the `ciphertext` buffer in + * bytes + * This must be at least + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`, + * `plaintext_length`). + * \param[out] ciphertext_length On success, the size of the output in + * the `ciphertext` buffer + * + * \retval #PSA_SUCCESS + + */ +typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); + +/** Process an authenticated decryption operation using an opaque key. + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_aead__decrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the AEAD algorithm + * \param[in] p_key A pointer to the key material + * \param[in] key_length The size in bytes of the key material + * \param[in] alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(`alg`) is true) + * \param[in] nonce Nonce or IV to use + * \param[in] nonce_length Size of the `nonce` buffer in bytes + * \param[in] additional_data Additional data that has been MACed + * but not encrypted + * \param[in] additional_data_length Size of `additional_data` in bytes + * \param[in] ciphertext Data that has been MACed and + * encrypted + * For algorithms where the encrypted data + * and the authentication tag are defined + * as separate inputs, the buffer must + * contain the encrypted data followed by + * the authentication tag. + * \param[in] ciphertext_length Size of `ciphertext` in bytes + * \param[out] plaintext Output buffer for the decrypted data + * \param[in] plaintext_size Size of the `plaintext` buffer in + * bytes + * This must be at least + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`, + * `ciphertext_length`). + * \param[out] plaintext_length On success, the size of the output + * in the \b plaintext buffer + * + * \retval #PSA_SUCCESS + * Success. + */ +typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); + +/**@}*/ + +/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography + * + * Since the amount of data that can (or should) be encrypted or signed using + * asymmetric keys is limited by the key size, asymmetric key operations using + * transparent keys must be done in single function calls. + */ +/**@{*/ + + +/** + * \brief A function that signs a hash or short message with a transparent + * asymmetric private key + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_asymmetric__sign + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the signing algorithm + * + * \param[in] p_key A buffer containing the private key + * material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg A signature algorithm that is compatible + * with the type of `p_key` + * \param[in] p_hash The hash or message to sign + * \param[in] hash_length Size of the `p_hash` buffer in bytes + * \param[out] p_signature Buffer where the signature is to be written + * \param[in] signature_size Size of the `p_signature` buffer in bytes + * \param[out] p_signature_length On success, the number of bytes + * that make up the returned signature value + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); + +/** + * \brief A function that verifies the signature a hash or short message using + * a transparent asymmetric public key + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_asymmetric__verify + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the signing algorithm + * + * \param[in] p_key A buffer containing the public key material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg A signature algorithm that is compatible with + * the type of `key` + * \param[in] p_hash The hash or message whose signature is to be + * verified + * \param[in] hash_length Size of the `p_hash` buffer in bytes + * \param[in] p_signature Buffer containing the signature to verify + * \param[in] signature_length Size of the `p_signature` buffer in bytes + * + * \retval PSA_SUCCESS + * The signature is valid. + */ +typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); + +/** + * \brief A function that encrypts a short message with a transparent + * asymmetric public key + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_asymmetric__encrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the encryption algorithm + * + * \param[in] p_key A buffer containing the public key material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg An asymmetric encryption algorithm that is + * compatible with the type of `key` + * \param[in] p_input The message to encrypt + * \param[in] input_length Size of the `p_input` buffer in bytes + * \param[in] p_salt A salt or label, if supported by the + * encryption algorithm + * If the algorithm does not support a + * salt, pass `NULL` + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass `NULL`. + * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported. + * \param[in] salt_length Size of the `p_salt` buffer in bytes + * If `p_salt` is `NULL`, pass 0. + * \param[out] p_output Buffer where the encrypted message is to + * be written + * \param[in] output_size Size of the `p_output` buffer in bytes + * \param[out] p_output_length On success, the number of bytes + * that make up the returned output + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/** + * \brief Decrypt a short message with a transparent asymmetric private key + * + * Functions that implement the prototype should be named in the following + * convention: + * ~~~~~~~~~~~~~{.c} + * psa_drv_asymmetric__decrypt + * ~~~~~~~~~~~~~ + * Where `ALGO` is the name of the encryption algorithm + * + * \param[in] p_key A buffer containing the private key material + * \param[in] key_size The size in bytes of the `p_key` data + * \param[in] alg An asymmetric encryption algorithm that is + * compatible with the type of `key` + * \param[in] p_input The message to decrypt + * \param[in] input_length Size of the `p_input` buffer in bytes + * \param[in] p_salt A salt or label, if supported by the + * encryption algorithm + * If the algorithm does not support a + * salt, pass `NULL`. + * If the algorithm supports an optional + * salt and you do not want to pass a salt, + * pass `NULL`. + * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is + * supported + * \param[in] salt_length Size of the `p_salt` buffer in bytes + * If `p_salt` is `NULL`, pass 0 + * \param[out] p_output Buffer where the decrypted message is to + * be written + * \param[in] output_size Size of the `p_output` buffer in bytes + * \param[out] p_output_length On success, the number of bytes + * that make up the returned output + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); + +/**@}*/ + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_ACCEL_DRIVER_H */ diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h new file mode 100644 index 000000000..6f1a5d5d9 --- /dev/null +++ b/include/psa/crypto_driver_common.h @@ -0,0 +1,54 @@ +/** + * \file psa/crypto_driver_common.h + * \brief Definitions for all PSA crypto drivers + * + * This file contains common definitions shared by all PSA crypto drivers. + * Do not include it directly: instead, include the header file(s) for + * the type(s) of driver that you are implementing. For example, if + * you are writing a driver for a chip that provides both a hardware + * random generator and an accelerator for some cryptographic algorithms, + * include `psa/crypto_entropy_driver.h` and `psa/crypto_accel_driver.h`. + * + * This file is part of the PSA Crypto Driver Model, containing functions for + * driver developers to implement to enable hardware to be called in a + * standardized way by a PSA Cryptographic API implementation. The functions + * comprising the driver model, which driver authors implement, are not + * intended to be called by application developers. + */ + +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef PSA_CRYPTO_DRIVER_COMMON_H +#define PSA_CRYPTO_DRIVER_COMMON_H + +#include +#include + +/* Include type definitions (psa_status_t, psa_algorithm_t, + * psa_key_type_t, etc.) and macros to build and analyze values + * of these types. */ +#include "crypto_types.h" +#include "crypto_values.h" + +/** For encrypt-decrypt functions, whether the operation is an encryption + * or a decryption. */ +typedef enum { + PSA_CRYPTO_DRIVER_DECRYPT, + PSA_CRYPTO_DRIVER_ENCRYPT +} psa_encrypt_or_decrypt_t; + +#endif /* PSA_CRYPTO_DRIVER_COMMON_H */ diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h new file mode 100644 index 000000000..f5e383e6c --- /dev/null +++ b/include/psa/crypto_entropy_driver.h @@ -0,0 +1,111 @@ +/** + * \file psa/crypto_entropy_driver.h + * \brief PSA entropy source driver module + * + * This header declares types and function signatures for entropy sources. + * + * This file is part of the PSA Crypto Driver Model, containing functions for + * driver developers to implement to enable hardware to be called in a + * standardized way by a PSA Cryptographic API implementation. The functions + * comprising the driver model, which driver authors implement, are not + * intended to be called by application developers. + */ + +/* + * Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef PSA_CRYPTO_ENTROPY_DRIVER_H +#define PSA_CRYPTO_ENTROPY_DRIVER_H + +#include "crypto_driver_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** \defgroup driver_rng Entropy Generation + */ +/**@{*/ + +/** \brief A hardware-specific structure for a entropy providing hardware + */ +typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t; + +/** \brief Initialize an entropy driver + * + * + * \param[in,out] p_context A hardware-specific structure + * containing any context information for + * the implementation + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context); + +/** \brief Get a specified number of bits from the entropy source + * + * It retrives `buffer_size` bytes of data from the entropy source. The entropy + * source will always fill the provided buffer to its full size, however, most + * entropy sources have biases, and the actual amount of entropy contained in + * the buffer will be less than the number of bytes. + * The driver will return the actual number of bytes of entropy placed in the + * buffer in `p_received_entropy_bytes`. + * A PSA Crypto API implementation will likely feed the output of this function + * into a Digital Random Bit Generator (DRBG), and typically has a minimum + * amount of entropy that it needs. + * To accomplish this, the PSA Crypto implementation should be designed to call + * this function multiple times until it has received the required amount of + * entropy from the entropy source. + * + * \param[in,out] p_context A hardware-specific structure + * containing any context information + * for the implementation + * \param[out] p_buffer A caller-allocated buffer for the + * retrieved entropy to be placed in + * \param[in] buffer_size The allocated size of `p_buffer` + * \param[out] p_received_entropy_bits The amount of entropy (in bits) + * actually provided in `p_buffer` + * + * \retval PSA_SUCCESS + */ +typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context, + uint8_t *p_buffer, + uint32_t buffer_size, + uint32_t *p_received_entropy_bits); + +/** + * \brief A struct containing all of the function pointers needed to interface + * to an entropy source + * + * PSA Crypto API implementations should populate instances of the table as + * appropriate upon startup. + * + * If one of the functions is not implemented, it should be set to NULL. + */ +typedef struct { + /** Function that performs initialization for the entropy source */ + psa_drv_entropy_init_t *p_init; + /** Function that performs the get_bits operation for the entropy source + */ + psa_drv_entropy_get_bits_t *p_get_bits; +} psa_drv_entropy_t; +/**@}*/ + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_ENTROPY_DRIVER_H */ diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_se_driver.h similarity index 52% rename from include/psa/crypto_driver.h rename to include/psa/crypto_se_driver.h index 43b3cf760..057866445 100644 --- a/include/psa/crypto_driver.h +++ b/include/psa/crypto_se_driver.h @@ -1,8 +1,14 @@ /** - * \file psa/crypto_driver.h - * \brief Platform Security Architecture cryptographic driver module + * \file psa/crypto_se_driver.h + * \brief PSA external cryptoprocessor driver module * - * This file describes the PSA Crypto Driver Model, containing functions for + * This header declares types and function signatures for cryptography + * drivers that access key material via opaque references. This is + * meant for cryptoprocessors that have a separate key storage from the + * space in which the PSA Crypto implementation runs, typically secure + * elements. + * + * This file is part of the PSA Crypto Driver Model, containing functions for * driver developers to implement to enable hardware to be called in a * standardized way by a PSA Cryptographic API implementation. The functions * comprising the driver model, which driver authors implement, are not @@ -25,34 +31,20 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#ifndef PSA_CRYPTO_DRIVER_H -#define PSA_CRYPTO_DRIVER_H +#ifndef PSA_CRYPTO_SE_DRIVER_H +#define PSA_CRYPTO_SE_DRIVER_H -#include -#include +#include "crypto_driver_common.h" #ifdef __cplusplus extern "C" { #endif -/* Include type definitions (psa_status_t, psa_algorithm_t, - * psa_key_type_t, etc.) and macros to build and analyze values - * of these types. */ -#include "crypto_types.h" -#include "crypto_values.h" - /** An internal designation of a key slot between the core part of the * PSA Crypto implementation and the driver. The meaning of this value * is driver-dependent. */ typedef uint32_t psa_key_slot_t; -/** For encrypt-decrypt functions, whether the operation is an encryption - * or a decryption. */ -typedef enum { - PSA_CRYPTO_DRIVER_DECRYPT, - PSA_CRYPTO_DRIVER_ENCRYPT -} psa_encrypt_or_decrypt_t; - /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using * opaque keys can be done either as a single function call (via the @@ -243,208 +235,6 @@ typedef struct { } psa_drv_mac_opaque_t; /**@}*/ -/** \defgroup transparent_mac Transparent Message Authentication Code - * Generation and authentication of Message Authentication Codes (MACs) using - * transparent keys can be done either as a single function call (via the - * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t` - * functions), or in parts using the following sequence: - * - `psa_drv_mac_transparent_setup_t` - * - `psa_drv_mac_transparent_update_t` - * - `psa_drv_mac_transparent_update_t` - * - ... - * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t` - * - * If a previously started Transparent MAC operation needs to be terminated, it - * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may - * result in allocated resources not being freed or in other undefined - * behavior. - * - */ -/**@{*/ - -/** \brief The hardware-specific transparent-key MAC context structure - * - * The contents of this structure are implementation dependent and are - * therefore not described here. - */ -typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t; - -/** \brief The function prototype for the setup operation of a - * transparent-key MAC operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___setup - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` - * is the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in,out] p_context A structure that will contain the - * hardware-specific MAC context - * \param[in] p_key A buffer containing the cleartext key material - * to be used in the operation - * \param[in] key_length The size in bytes of the key material - * - * \retval PSA_SUCCESS - * Success. - */ -typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context, - const uint8_t *p_key, - size_t key_length); - -/** \brief The function prototype for the update operation of a - * transparent-key MAC operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___update - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` - * is the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously-established MAC operation to be - * continued - * \param[in] p_input A buffer containing the message to be appended - * to the MAC operation - * \param[in] input_length The size in bytes of the input message buffer - */ -typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_length); - -/** \brief The function prototype for the finish operation of a - * transparent-key MAC operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___finish - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is - * the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started MAC operation to be - * finished - * \param[out] p_mac A buffer where the generated MAC will be placed - * \param[in] mac_length The size in bytes of the buffer that has been - * allocated for the `p_mac` buffer - * - * \retval PSA_SUCCESS - * Success. - */ -typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context, - uint8_t *p_mac, - size_t mac_length); - -/** \brief The function prototype for the finish and verify operation of a - * transparent-key MAC operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___finish_verify - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is - * the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started MAC operation to be - * verified and finished - * \param[in] p_mac A buffer containing the MAC that will be used - * for verification - * \param[in] mac_length The size in bytes of the data in the `p_mac` - * buffer - * - * \retval PSA_SUCCESS - * The operation completed successfully and the comparison matched - */ -typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context, - const uint8_t *p_mac, - size_t mac_length); - -/** \brief The function prototype for the abort operation for a previously - * started transparent-key MAC operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___abort - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is - * the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started MAC operation to be - * aborted - * - */ -typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context); - -/** \brief The function prototype for a one-shot operation of a transparent-key - * MAC operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent__ - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is - * the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in] p_input A buffer containing the data to be MACed - * \param[in] input_length The length in bytes of the `p_input` data - * \param[in] p_key A buffer containing the key material to be used - * for the MAC operation - * \param[in] key_length The length in bytes of the `p_key` data - * \param[in] alg The algorithm to be performed - * \param[out] p_mac The buffer where the resulting MAC will be placed - * upon success - * \param[in] mac_length The length in bytes of the `p_mac` buffer - */ -typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input, - size_t input_length, - const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - uint8_t *p_mac, - size_t mac_length); - -/** \brief The function prototype for a one-shot operation of a transparent-key - * MAC Verify operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___verify - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is - * the specific variant of a MAC operation (such as HMAC or CMAC) - * - * \param[in] p_input A buffer containing the data to be MACed - * \param[in] input_length The length in bytes of the `p_input` data - * \param[in] p_key A buffer containing the key material to be used - * for the MAC operation - * \param[in] key_length The length in bytes of the `p_key` data - * \param[in] alg The algorithm to be performed - * \param[in] p_mac The MAC data to be compared - * \param[in] mac_length The length in bytes of the `p_mac` buffer - * - * \retval PSA_SUCCESS - * The operation completed successfully and the comparison matched - */ -typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, - size_t input_length, - const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *p_mac, - size_t mac_length); -/**@}*/ - /** \defgroup opaque_cipher Opaque Symmetric Ciphers * * Encryption and Decryption using opaque keys in block modes other than ECB @@ -622,269 +412,6 @@ typedef struct { /**@}*/ -/** \defgroup transparent_cipher Transparent Block Cipher - * Encryption and Decryption using transparent keys in block modes other than - * ECB must be done in multiple parts, using the following flow: - * - `psa_drv_cipher_transparent_setup_t` - * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode) - * - `psa_drv_cipher_transparent_update_t` - * - ... - * - `psa_drv_cipher_transparent_finish_t` - - * If a previously started Transparent Cipher operation needs to be terminated, - * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do - * so may result in allocated resources not being freed or in other undefined - * behavior. - */ -/**@{*/ - -/** \brief The hardware-specific transparent-key Cipher context structure - * - * The contents of this structure are implementation dependent and are - * therefore not described here. - */ -typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t; - -/** \brief The function prototype for the setup operation of transparent-key - * block cipher operations. - * Functions that implement the prototype should be named in the following - * conventions: - * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_setup__ - * ~~~~~~~~~~~~~ - * Where - * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) - * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * or for stream ciphers: - * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_setup_ - * ~~~~~~~~~~~~~ - * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) - * - * \param[in,out] p_context A structure that will contain the - * hardware-specific cipher context - * \param[in] direction Indicates if the operation is an encrypt or a - * decrypt - * \param[in] p_key_data A buffer containing the cleartext key material - * to be used in the operation - * \param[in] key_data_size The size in bytes of the key material - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context, - psa_encrypt_or_decrypt_t direction, - const uint8_t *p_key_data, - size_t key_data_size); - -/** \brief The function prototype for the set initialization vector operation - * of transparent-key block cipher operations - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_set_iv__ - * ~~~~~~~~~~~~~ - * Where - * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) - * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * - * \param[in,out] p_context A structure that contains the previously setup - * hardware-specific cipher context - * \param[in] p_iv A buffer containing the initialization vecotr - * \param[in] iv_length The size in bytes of the contents of `p_iv` - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context, - const uint8_t *p_iv, - size_t iv_length); - -/** \brief The function prototype for the update operation of transparent-key - * block cipher operations. - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_update__ - * ~~~~~~~~~~~~~ - * Where - * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) - * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started cipher operation - * \param[in] p_input A buffer containing the data to be - * encrypted or decrypted - * \param[in] input_size The size in bytes of the `p_input` buffer - * \param[out] p_output A caller-allocated buffer where the - * generated output will be placed - * \param[in] output_size The size in bytes of the `p_output` buffer - * \param[out] p_output_length After completion, will contain the number - * of bytes placed in the `p_output` buffer - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); - -/** \brief The function prototype for the finish operation of transparent-key - * block cipher operations. - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_finish__ - * ~~~~~~~~~~~~~ - * Where - * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) - * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started cipher operation - * \param[out] p_output A caller-allocated buffer where the generated - * output will be placed - * \param[in] output_size The size in bytes of the `p_output` buffer - * \param[out] p_output_length After completion, will contain the number of - * bytes placed in the `p_output` buffer - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); - -/** \brief The function prototype for the abort operation of transparent-key - * block cipher operations. - * - * Functions that implement the following prototype should be named in the - * following convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_abort__ - * ~~~~~~~~~~~~~ - * Where - * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) - * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started cipher operation - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context); - -/**@}*/ - -/** \defgroup driver_digest Message Digests - * - * Generation and authentication of Message Digests (aka hashes) must be done - * in parts using the following sequence: - * - `psa_drv_hash_setup_t` - * - `psa_drv_hash_update_t` - * - ... - * - `psa_drv_hash_finish_t` - * - * If a previously started Message Digest operation needs to be terminated - * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted - * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated - * resources not being freed or in other undefined behavior. - */ -/**@{*/ - -/** \brief The hardware-specific hash context structure - * - * The contents of this structure are implementation dependent and are - * therefore not described here - */ -typedef struct psa_drv_hash_context_s psa_drv_hash_context_t; - -/** \brief The function prototype for the start operation of a hash (message - * digest) operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_hash__setup - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying hash function - * - * \param[in,out] p_context A structure that will contain the - * hardware-specific hash context - * - * \retval PSA_SUCCESS Success. - */ -typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context); - -/** \brief The function prototype for the update operation of a hash (message - * digest) operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_hash__update - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm - * - * \param[in,out] p_context A hardware-specific structure for the - * previously-established hash operation to be - * continued - * \param[in] p_input A buffer containing the message to be appended - * to the hash operation - * \param[in] input_length The size in bytes of the input message buffer - */ -typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context, - const uint8_t *p_input, - size_t input_length); - -/** \brief The prototype for the finish operation of a hash (message digest) - * operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_hash__finish - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm - * - * \param[in,out] p_context A hardware-specific structure for the - * previously started hash operation to be - * fiinished - * \param[out] p_output A buffer where the generated digest will be - * placed - * \param[in] output_size The size in bytes of the buffer that has been - * allocated for the `p_output` buffer - * \param[out] p_output_length The number of bytes placed in `p_output` after - * success - * - * \retval PSA_SUCCESS - * Success. - */ -typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); - -/** \brief The function prototype for the abort operation of a hash (message - * digest) operation - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_hash__abort - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the underlying algorithm - * - * \param[in,out] p_context A hardware-specific structure for the previously - * started hash operation to be aborted - */ -typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context); - -/**@}*/ - - /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography * * Since the amount of data that can (or should) be encrypted or signed using @@ -1037,176 +564,6 @@ typedef struct { /**@}*/ -/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography - * - * Since the amount of data that can (or should) be encrypted or signed using - * asymmetric keys is limited by the key size, asymmetric key operations using - * transparent keys must be done in single function calls. - */ -/**@{*/ - - -/** - * \brief A function that signs a hash or short message with a transparent - * asymmetric private key - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__sign - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the signing algorithm - * - * \param[in] p_key A buffer containing the private key - * material - * \param[in] key_size The size in bytes of the `p_key` data - * \param[in] alg A signature algorithm that is compatible - * with the type of `p_key` - * \param[in] p_hash The hash or message to sign - * \param[in] hash_length Size of the `p_hash` buffer in bytes - * \param[out] p_signature Buffer where the signature is to be written - * \param[in] signature_size Size of the `p_signature` buffer in bytes - * \param[out] p_signature_length On success, the number of bytes - * that make up the returned signature value - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length); - -/** - * \brief A function that verifies the signature a hash or short message using - * a transparent asymmetric public key - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__verify - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the signing algorithm - * - * \param[in] p_key A buffer containing the public key material - * \param[in] key_size The size in bytes of the `p_key` data - * \param[in] alg A signature algorithm that is compatible with - * the type of `key` - * \param[in] p_hash The hash or message whose signature is to be - * verified - * \param[in] hash_length Size of the `p_hash` buffer in bytes - * \param[in] p_signature Buffer containing the signature to verify - * \param[in] signature_length Size of the `p_signature` buffer in bytes - * - * \retval PSA_SUCCESS - * The signature is valid. - */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length); - -/** - * \brief A function that encrypts a short message with a transparent - * asymmetric public key - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__encrypt - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the encryption algorithm - * - * \param[in] p_key A buffer containing the public key material - * \param[in] key_size The size in bytes of the `p_key` data - * \param[in] alg An asymmetric encryption algorithm that is - * compatible with the type of `key` - * \param[in] p_input The message to encrypt - * \param[in] input_length Size of the `p_input` buffer in bytes - * \param[in] p_salt A salt or label, if supported by the - * encryption algorithm - * If the algorithm does not support a - * salt, pass `NULL` - * If the algorithm supports an optional - * salt and you do not want to pass a salt, - * pass `NULL`. - * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported. - * \param[in] salt_length Size of the `p_salt` buffer in bytes - * If `p_salt` is `NULL`, pass 0. - * \param[out] p_output Buffer where the encrypted message is to - * be written - * \param[in] output_size Size of the `p_output` buffer in bytes - * \param[out] p_output_length On success, the number of bytes - * that make up the returned output - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); - -/** - * \brief Decrypt a short message with a transparent asymmetric private key - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__decrypt - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the encryption algorithm - * - * \param[in] p_key A buffer containing the private key material - * \param[in] key_size The size in bytes of the `p_key` data - * \param[in] alg An asymmetric encryption algorithm that is - * compatible with the type of `key` - * \param[in] p_input The message to decrypt - * \param[in] input_length Size of the `p_input` buffer in bytes - * \param[in] p_salt A salt or label, if supported by the - * encryption algorithm - * If the algorithm does not support a - * salt, pass `NULL`. - * If the algorithm supports an optional - * salt and you do not want to pass a salt, - * pass `NULL`. - * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is - * supported - * \param[in] salt_length Size of the `p_salt` buffer in bytes - * If `p_salt` is `NULL`, pass 0 - * \param[out] p_output Buffer where the decrypted message is to - * be written - * \param[in] output_size Size of the `p_output` buffer in bytes - * \param[out] p_output_length On success, the number of bytes - * that make up the returned output - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); - -/**@}*/ - /** \defgroup aead_opaque AEAD Opaque * Authenticated Encryption with Additional Data (AEAD) operations with opaque * keys must be done in one function call. While this creates a burden for @@ -1314,192 +671,6 @@ typedef struct { } psa_drv_aead_opaque_t; /**@}*/ -/** \defgroup aead_transparent AEAD Transparent - * - * Authenticated Encryption with Additional Data (AEAD) operations with - * transparent keys must be done in one function call. While this creates a - * burden for implementers as there must be sufficient space in memory for the - * entire message, it prevents decrypted data from being made available before - * the authentication operation is complete and the data is known to be - * authentic. - */ -/**@{*/ - -/** Process an authenticated encryption operation using an opaque key. - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_aead__encrypt - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the AEAD algorithm - * - * \param[in] p_key A pointer to the key material - * \param[in] key_length The size in bytes of the key material - * \param[in] alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(`alg`) is true) - * \param[in] nonce Nonce or IV to use - * \param[in] nonce_length Size of the `nonce` buffer in bytes - * \param[in] additional_data Additional data that will be MACed - * but not encrypted. - * \param[in] additional_data_length Size of `additional_data` in bytes - * \param[in] plaintext Data that will be MACed and - * encrypted. - * \param[in] plaintext_length Size of `plaintext` in bytes - * \param[out] ciphertext Output buffer for the authenticated and - * encrypted data. The additional data is - * not part of this output. For algorithms - * where the encrypted data and the - * authentication tag are defined as - * separate outputs, the authentication - * tag is appended to the encrypted data. - * \param[in] ciphertext_size Size of the `ciphertext` buffer in - * bytes - * This must be at least - * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`, - * `plaintext_length`). - * \param[out] ciphertext_length On success, the size of the output in - * the `ciphertext` buffer - * - * \retval #PSA_SUCCESS - - */ -typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length); - -/** Process an authenticated decryption operation using an opaque key. - * - * Functions that implement the prototype should be named in the following - * convention: - * ~~~~~~~~~~~~~{.c} - * psa_drv_aead__decrypt - * ~~~~~~~~~~~~~ - * Where `ALGO` is the name of the AEAD algorithm - * \param[in] p_key A pointer to the key material - * \param[in] key_length The size in bytes of the key material - * \param[in] alg The AEAD algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(`alg`) is true) - * \param[in] nonce Nonce or IV to use - * \param[in] nonce_length Size of the `nonce` buffer in bytes - * \param[in] additional_data Additional data that has been MACed - * but not encrypted - * \param[in] additional_data_length Size of `additional_data` in bytes - * \param[in] ciphertext Data that has been MACed and - * encrypted - * For algorithms where the encrypted data - * and the authentication tag are defined - * as separate inputs, the buffer must - * contain the encrypted data followed by - * the authentication tag. - * \param[in] ciphertext_length Size of `ciphertext` in bytes - * \param[out] plaintext Output buffer for the decrypted data - * \param[in] plaintext_size Size of the `plaintext` buffer in - * bytes - * This must be at least - * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`, - * `ciphertext_length`). - * \param[out] plaintext_length On success, the size of the output - * in the \b plaintext buffer - * - * \retval #PSA_SUCCESS - * Success. - */ -typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length); - -/**@}*/ - - -/** \defgroup driver_rng Entropy Generation - */ -/**@{*/ - -/** \brief A hardware-specific structure for a entropy providing hardware - */ -typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t; - -/** \brief Initialize an entropy driver - * - * - * \param[in,out] p_context A hardware-specific structure - * containing any context information for - * the implementation - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context); - -/** \brief Get a specified number of bits from the entropy source - * - * It retrives `buffer_size` bytes of data from the entropy source. The entropy - * source will always fill the provided buffer to its full size, however, most - * entropy sources have biases, and the actual amount of entropy contained in - * the buffer will be less than the number of bytes. - * The driver will return the actual number of bytes of entropy placed in the - * buffer in `p_received_entropy_bytes`. - * A PSA Crypto API implementation will likely feed the output of this function - * into a Digital Random Bit Generator (DRBG), and typically has a minimum - * amount of entropy that it needs. - * To accomplish this, the PSA Crypto implementation should be designed to call - * this function multiple times until it has received the required amount of - * entropy from the entropy source. - * - * \param[in,out] p_context A hardware-specific structure - * containing any context information - * for the implementation - * \param[out] p_buffer A caller-allocated buffer for the - * retrieved entropy to be placed in - * \param[in] buffer_size The allocated size of `p_buffer` - * \param[out] p_received_entropy_bits The amount of entropy (in bits) - * actually provided in `p_buffer` - * - * \retval PSA_SUCCESS - */ -typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context, - uint8_t *p_buffer, - uint32_t buffer_size, - uint32_t *p_received_entropy_bits); - -/** - * \brief A struct containing all of the function pointers needed to interface - * to an entropy source - * - * PSA Crypto API implementations should populate instances of the table as - * appropriate upon startup. - * - * If one of the functions is not implemented, it should be set to NULL. - */ -typedef struct { - /** Function that performs initialization for the entropy source */ - psa_drv_entropy_init_t *p_init; - /** Function that performs the get_bits operation for the entropy source - */ - psa_drv_entropy_get_bits_t *p_get_bits; -} psa_drv_entropy_t; -/**@}*/ - /** \defgroup driver_key_management Key Management * Currently, key management is limited to importing keys in the clear, * destroying keys, and exporting keys in the clear. @@ -1788,4 +959,4 @@ typedef struct { } #endif -#endif /* PSA_CRYPTO_DRIVER_H */ +#endif /* PSA_CRYPTO_SE_DRIVER_H */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index bf9035a39..23d5c2c72 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -226,9 +226,12 @@ - + + + + From 8ae15ddcf8417991a5ddbcb2dc7646c5850533c8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jan 2019 18:57:02 +0100 Subject: [PATCH 0887/2197] Back up and restore config.h systematically In all.sh, always save config.h before running a component, instead of doing it manually in each component that requires it (except when we forget, which has happened). This would break a script that requires config.h.bak not to exist, but we don't have any of those. --- tests/scripts/all.sh | 37 +++---------------------------------- 1 file changed, 3 insertions(+), 34 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5dd2acf99..d63a948a3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -529,7 +529,6 @@ component_test_ref_configs () { component_test_sslv3 () { msg "build: Default + SSLv3 (ASan build)" # ~ 6 min - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -547,7 +546,6 @@ component_test_sslv3 () { component_test_no_renegotiation () { msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -561,7 +559,6 @@ component_test_no_renegotiation () { component_test_rsa_no_crt () { msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_RSA_NO_CRT CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -578,7 +575,6 @@ component_test_rsa_no_crt () { component_test_small_ssl_out_content_len () { msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . @@ -590,7 +586,6 @@ component_test_small_ssl_out_content_len () { component_test_small_ssl_in_content_len () { msg "build: small SSL_IN_CONTENT_LEN (ASan build)" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096 scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . @@ -602,7 +597,6 @@ component_test_small_ssl_in_content_len () { component_test_small_ssl_dtls_max_buffering () { msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -613,7 +607,6 @@ component_test_small_ssl_dtls_max_buffering () { component_test_small_mbedtls_ssl_dtls_max_buffering () { msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -624,7 +617,6 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () { component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . @@ -645,7 +637,6 @@ component_test_full_cmake_clang () { component_build_deprecated () { msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl set MBEDTLS_DEPRECATED_WARNING # Build with -O -Wextra to catch a maximum of issues. @@ -699,7 +690,6 @@ component_test_no_platform () { # This should catch missing mbedtls_printf definitions, and by disabling file # IO, it should catch missing '#include ' msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_PLATFORM_C scripts/config.pl unset MBEDTLS_NET_C @@ -721,7 +711,6 @@ component_test_no_platform () { component_build_no_std_function () { # catch compile bugs in _uninit functions msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED @@ -730,7 +719,6 @@ component_build_no_std_function () { component_build_no_ssl_srv () { msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_SSL_SRV_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' @@ -738,7 +726,6 @@ component_build_no_ssl_srv () { component_build_no_ssl_cli () { msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_SSL_CLI_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' @@ -748,7 +735,6 @@ component_build_no_sockets () { # Note, C99 compliance can also be tested with the sockets support disabled, # as that requires a POSIX platform (which isn't the same as C99). msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux @@ -758,7 +744,6 @@ component_build_no_sockets () { component_test_no_max_fragment_length () { # Run max fragment length tests with MFL disabled msg "build: default config except MFL extension (ASan build)" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -769,7 +754,6 @@ component_test_no_max_fragment_length () { component_test_no_max_fragment_length_small_ssl_out_content_len () { msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 @@ -782,7 +766,6 @@ component_test_no_max_fragment_length_small_ssl_out_content_len () { component_test_null_entropy () { msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_TEST_NULL_ENTROPY scripts/config.pl set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES scripts/config.pl set MBEDTLS_ENTROPY_C @@ -798,7 +781,6 @@ component_test_null_entropy () { component_test_platform_calloc_macro () { msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_PLATFORM_MEMORY scripts/config.pl set MBEDTLS_PLATFORM_CALLOC_MACRO calloc scripts/config.pl set MBEDTLS_PLATFORM_FREE_MACRO free @@ -811,7 +793,6 @@ component_test_platform_calloc_macro () { component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_AES_FEWER_TABLES make CC=gcc CFLAGS='-Werror -Wall -Wextra' @@ -821,7 +802,6 @@ component_test_aes_fewer_tables () { component_test_aes_rom_tables () { msg "build: default config with AES_ROM_TABLES enabled" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_AES_ROM_TABLES make CC=gcc CFLAGS='-Werror -Wall -Wextra' @@ -831,7 +811,6 @@ component_test_aes_rom_tables () { component_test_aes_fewer_tables_and_rom_tables () { msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_AES_FEWER_TABLES scripts/config.pl set MBEDTLS_AES_ROM_TABLES make CC=gcc CFLAGS='-Werror -Wall -Wextra' @@ -848,7 +827,6 @@ component_test_make_shared () { component_test_m32_o0 () { # Build once with -O0, to compile out the i386 specific inline assembly msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full make CC=gcc CFLAGS='-O0 -Werror -Wall -Wextra -m32 -fsanitize=address' @@ -859,7 +837,6 @@ component_test_m32_o0 () { component_test_m32_o1 () { # Build again with -O1, to compile in the i386 specific inline assembly msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full make CC=gcc CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address' @@ -869,7 +846,6 @@ component_test_m32_o1 () { component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' @@ -879,7 +855,6 @@ component_test_mx32 () { component_test_have_int32 () { msg "build: gcc, force 32-bit bignum limbs" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl unset MBEDTLS_HAVE_ASM scripts/config.pl unset MBEDTLS_AESNI_C scripts/config.pl unset MBEDTLS_PADLOCK_C @@ -891,7 +866,6 @@ component_test_have_int32 () { component_test_have_int64 () { msg "build: gcc, force 64-bit bignum limbs" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl unset MBEDTLS_HAVE_ASM scripts/config.pl unset MBEDTLS_AESNI_C scripts/config.pl unset MBEDTLS_PADLOCK_C @@ -903,7 +877,6 @@ component_test_have_int64 () { component_test_no_udbl_division () { msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION @@ -915,7 +888,6 @@ component_test_no_udbl_division () { component_test_no_64bit_multiplication () { msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION @@ -927,7 +899,6 @@ component_test_no_64bit_multiplication () { component_build_arm_none_eabi_gcc () { msg "build: arm-none-eabi-gcc, make" # ~ 10s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C @@ -945,7 +916,6 @@ component_build_arm_none_eabi_gcc () { component_build_arm_none_eabi_gcc_no_udbl_division () { msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C @@ -966,7 +936,6 @@ component_build_arm_none_eabi_gcc_no_udbl_division () { component_build_arm_none_eabi_gcc_no_64bit_multiplication () { msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C @@ -987,7 +956,6 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { component_build_armcc () { msg "build: ARM Compiler 5, make" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C @@ -1028,7 +996,6 @@ component_build_armcc () { component_test_allow_sha1 () { msg "build: allow SHA1 in certificates by default" - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES make CFLAGS='-Werror -Wall -Wextra' msg "test: allow SHA1 in certificates by default" @@ -1052,7 +1019,6 @@ component_build_mingw () { component_test_memsan () { msg "build: MSan (clang)" # ~ 1 min 20s - cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl unset MBEDTLS_AESNI_C # memsan doesn't grok asm CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . make @@ -1242,6 +1208,9 @@ run_component () { if [ $ALL_EXCEPT -ne 0 ] && component_is_excluded "$1"; then return fi + # Back up the configuration in case the component modifies it. + # The cleanup function will restore it. + cp -p "$CONFIG_H" "$CONFIG_BAK" current_component="$1" "$@" cleanup From 8c7e95d9e011d9de58de26fb4cc4584f1395195f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 12:03:35 +0000 Subject: [PATCH 0888/2197] tests: Remove unused key policy objects persistent_key_import() and persistent_key_destroy() don't need to and don't use key policy objects. Remove unused key policy objects. --- tests/suites/test_suite_psa_crypto_persistent_key.function | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 425dabbd9..753e3d237 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -117,7 +117,6 @@ void persistent_key_destroy( int key_id_arg, int should_store, int first_type_arg, data_t *first_data, int second_type_arg, data_t *second_data ) { - psa_key_policy_t policy; psa_key_id_t key_id = key_id_arg; psa_key_handle_t handle = 0; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; @@ -125,8 +124,6 @@ void persistent_key_destroy( int key_id_arg, int should_store, PSA_ASSERT( psa_crypto_init() ); - psa_key_policy_init( &policy ); - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, first_type, PSA_BYTES_TO_BITS( first_data->len ), @@ -171,7 +168,6 @@ exit: void persistent_key_import( int key_id_arg, int type_arg, data_t *data, int expected_status ) { - psa_key_policy_t policy; psa_key_lifetime_t lifetime; psa_key_id_t key_id = (psa_key_id_t) key_id_arg; psa_key_type_t type = (psa_key_type_t) type_arg; @@ -183,7 +179,6 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, type, PSA_BYTES_TO_BITS( data->len ), &handle ) ); - psa_key_policy_init( &policy ); TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ), expected_status ); From 70261c513a9b584757a956dc3750409c08af3b06 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 11:47:20 +0000 Subject: [PATCH 0889/2197] psa: Add initializers for key policies Add new initializers for key policies and use them in our docs, example programs, tests, and library code. Prefer using the macro initializers due to their straightforwardness. --- docs/getting_started.md | 13 +- include/psa/crypto.h | 48 ++++- include/psa/crypto_struct.h | 7 + library/psa_crypto.c | 5 - programs/psa/crypto_examples.c | 3 +- programs/psa/key_ladder_demo.c | 12 +- tests/suites/test_suite_psa_crypto.data | 3 + tests/suites/test_suite_psa_crypto.function | 177 ++++++++---------- ...t_suite_psa_crypto_persistent_key.function | 3 +- ..._suite_psa_crypto_slot_management.function | 16 +- 10 files changed, 145 insertions(+), 142 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index eac831546..3008a19ce 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -116,14 +116,13 @@ This allows the key in the key slot to be used for RSA signing. int key_slot = 1; unsigned char key[] = "RSA_KEY"; unsigned char payload[] = "ASYMMETRIC_INPUT_FOR_SIGN"; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; status = psa_crypto_init(); /* Import the key */ - psa_key_policy_init(&policy); psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW); status = psa_set_key_policy(key_slot, &policy); @@ -343,7 +342,7 @@ At this point the derived key slot holds a new 128-bit AES-CTR encryption key de ```C psa_key_slot_t base_key = 1; psa_key_slot_t derived_key = 2; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; unsigned char key[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, @@ -358,6 +357,7 @@ At this point the derived key slot holds a new 128-bit AES-CTR encryption key de 0xf7, 0xf8, 0xf9 }; psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; size_t derived_bits = 128; size_t capacity = PSA_BITS_TO_BYTES(derived_bits); @@ -365,7 +365,6 @@ At this point the derived key slot holds a new 128-bit AES-CTR encryption key de status = psa_crypto_init(); /* Import a key for use in key derivation, if such a key has already been imported you can skip this part */ - psa_key_policy_init(&policy); psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DERIVE, alg); status = psa_set_key_policy(base_key, &policy); @@ -416,12 +415,12 @@ To authenticate and encrypt a message: size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; output_size = sizeof(input_data) + tag_length; output_data = malloc(output_size); status = psa_crypto_init(); - psa_key_policy_init(&policy); psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM); status = psa_set_key_policy(slot, &policy); @@ -463,12 +462,12 @@ To authenticate and decrypt a message: unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; output_size = sizeof(input_data); output_data = malloc(output_size); status = psa_crypto_init(); - psa_key_policy_init(&policy); psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM); status = psa_set_key_policy(slot, &policy); @@ -503,10 +502,10 @@ Generate a piece of random 128-bit AES data: size_t exported_size = bits; size_t exported_length = 0; uint8_t *exported = malloc(exported_size); + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_crypto_init(); - psa_key_policy_init(&policy); psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_GCM); psa_set_key_policy(slot, &policy); diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fa8045cf4..2bc6807b2 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -571,18 +571,50 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, */ /** The type of the key policy data structure. + * + * Before calling any function on a key policy, the application must initialize + * it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_policy_t policy; + * memset(&policy, 0, sizeof(policy)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_policy_t policy = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT, + * for example: + * \code + * psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + * \endcode + * - Assign the result of the function psa_key_policy_init() + * to the structure, for example: + * \code + * psa_key_policy_t policy; + * policy = psa_key_policy_init(); + * \endcode * * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ typedef struct psa_key_policy_s psa_key_policy_t; -/** \brief Initialize a key policy structure to a default that forbids all - * usage of the key. +/** \def PSA_KEY_POLICY_INIT * - * \param[out] policy The policy object to initialize. + * This macro returns a suitable initializer for a key policy object of type + * #psa_key_policy_t. */ -void psa_key_policy_init(psa_key_policy_t *policy); +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_POLICY_INIT {0} +#endif + +/** Return an initial value for a key policy that forbids all usage of the key. + */ +static psa_key_policy_t psa_key_policy_init(void); /** \brief Set the standard fields of a policy structure. * @@ -590,9 +622,11 @@ void psa_key_policy_init(psa_key_policy_t *policy); * parameters. The values are only checked when applying the policy to * a key slot with psa_set_key_policy(). * - * \param[out] policy The policy object to modify. - * \param usage The permitted uses for the key. - * \param alg The algorithm that the key may be used for. + * \param[in,out] policy The key policy to modify. It must have been + * initialized as per the documentation for + * #psa_key_policy_t. + * \param usage The permitted uses for the key. + * \param alg The algorithm that the key may be used for. */ void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage, diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 44a1a6057..320466f8f 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -208,4 +208,11 @@ struct psa_key_policy_s psa_algorithm_t alg; }; +#define PSA_KEY_POLICY_INIT {0, 0} +static inline struct psa_key_policy_s psa_key_policy_init( void ) +{ + const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; + return( v ); +} + #endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0a47fae44..fd76b27b4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2938,11 +2938,6 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) /****************************************************************/ #if !defined(MBEDTLS_PSA_CRYPTO_SPM) -void psa_key_policy_init( psa_key_policy_t *policy ) -{ - memset( policy, 0, sizeof( *policy ) ); -} - void psa_key_policy_set_usage( psa_key_policy_t *policy, psa_key_usage_t usage, psa_algorithm_t alg ) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 53b6b2ae7..db8546863 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -49,9 +49,8 @@ static psa_status_t set_key_policy( psa_key_handle_t key_handle, psa_algorithm_t alg ) { psa_status_t status; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, key_usage, alg ); status = psa_set_key_policy( key_handle, &policy ); ASSERT_STATUS( status, PSA_SUCCESS ); diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 4acf6b150..66f66fc2e 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -209,12 +209,11 @@ static psa_status_t generate( const char *key_file_name ) { psa_status_t status = PSA_SUCCESS; psa_key_handle_t key_handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), &key_handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, KDF_ALG ); @@ -243,7 +242,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, psa_key_handle_t *master_key_handle ) { psa_status_t status = PSA_SUCCESS; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; uint8_t key_data[KEY_SIZE_BYTES]; size_t key_size; FILE *key_file = NULL; @@ -267,7 +266,6 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( key_size ), master_key_handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) ); PSA_CHECK( psa_import_key( *master_key_handle, @@ -297,10 +295,9 @@ static psa_status_t derive_key_ladder( const char *ladder[], psa_key_handle_t *key_handle ) { psa_status_t status = PSA_SUCCESS; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; size_t i; - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, KDF_ALG ); @@ -351,13 +348,12 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_key_handle_t *wrapping_key_handle ) { psa_status_t status = PSA_SUCCESS; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; *wrapping_key_handle = 0; PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS, wrapping_key_handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG ); PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 848e8edfd..09029ffde 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -332,6 +332,9 @@ import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING +Key policy initializers zero properly +key_policy_init: + PSA key policy: MAC, sign | verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c1339c015..535879964 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -902,7 +902,7 @@ void import_twice( int alg_arg, int usage_arg, psa_status_t expected_import1_status = expected_import1_status_arg; psa_key_type_t type2 = type2_arg; psa_status_t expected_import2_status = expected_import2_status_arg; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -911,7 +911,6 @@ void import_twice( int alg_arg, int usage_arg, MAX( KEY_BITS_FROM_DATA( type1, data1 ), KEY_BITS_FROM_DATA( type2, data2 ) ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -989,7 +988,7 @@ void import_export( data_t *data, size_t reexported_length; psa_key_type_t got_type; size_t got_bits; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; export_size = (ptrdiff_t) data->len + export_size_delta; ASSERT_ALLOC( exported, export_size ); @@ -998,7 +997,6 @@ void import_export( data_t *data, PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage_arg, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1126,7 +1124,7 @@ void export_with_no_key_activity( ) psa_key_handle_t handle = 0; psa_algorithm_t alg = PSA_ALG_CTR; psa_status_t status; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; unsigned char *exported = NULL; size_t export_size = 0; size_t exported_length = INVALID_EXPORT_LENGTH; @@ -1135,7 +1133,6 @@ void export_with_no_key_activity( ) PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1155,7 +1152,7 @@ void cipher_with_no_key_activity( ) { psa_key_handle_t handle = 0; psa_status_t status; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_cipher_operation_t operation; int exercise_alg = PSA_ALG_CTR; @@ -1163,7 +1160,6 @@ void cipher_with_no_key_activity( ) PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1245,7 +1241,7 @@ void export_after_destroy_key( data_t *data, int type_arg ) psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; psa_status_t status; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_algorithm_t alg = PSA_ALG_CTR; unsigned char *exported = NULL; size_t export_size = 0; @@ -1255,7 +1251,6 @@ void export_after_destroy_key( data_t *data, int type_arg ) PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); export_size = (ptrdiff_t) data->len; @@ -1298,13 +1293,12 @@ void import_export_public_key( data_t *data, unsigned char *exported = NULL; size_t export_size = expected_public_key->len + export_size_delta; size_t exported_length = INVALID_EXPORT_LENGTH; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1347,7 +1341,7 @@ void import_and_exercise_key( data_t *data, size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_to_exercise( type, alg ); - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_type_t got_type; size_t got_bits; psa_status_t status; @@ -1356,7 +1350,6 @@ void import_and_exercise_key( data_t *data, PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1389,8 +1382,8 @@ void key_policy( int usage_arg, int alg_arg ) psa_key_usage_t usage = usage_arg; psa_key_type_t key_type = PSA_KEY_TYPE_AES; unsigned char key[32] = {0}; - psa_key_policy_t policy_set; - psa_key_policy_t policy_get; + psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT; + psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT; memset( key, 0x2a, sizeof( key ) ); @@ -1398,8 +1391,6 @@ void key_policy( int usage_arg, int alg_arg ) PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ), &handle ) ); - psa_key_policy_init( &policy_set ); - psa_key_policy_init( &policy_get ); psa_key_policy_set_usage( &policy_set, usage, alg ); TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage ); @@ -1420,6 +1411,31 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_policy_init( ) +{ + /* Test each valid way of initializing the object, except for `= {0}`, as + * Clang 5 complains when `-Wmissing-field-initializers` is used, even + * though it's OK by the C standard. We could test for this, but we'd need + * to supress the Clang warning for the test. */ + psa_key_policy_t func = psa_key_policy_init( ); + psa_key_policy_t init = PSA_KEY_POLICY_INIT; + psa_key_policy_t zero; + + memset( &zero, 0, sizeof( zero ) ); + + /* Although not technically guaranteed by the C standard nor the PSA Crypto + * specification, we test that all valid ways of initializing the object + * have the same bit pattern. This is a stronger requirement that may not + * be valid on all platforms or PSA Crypto implementations, but implies the + * weaker actual requirement is met: that a freshly initialized object, no + * matter how it was initialized, acts the same as any other valid + * initialization. */ + TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); + TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_key_policy( int policy_usage, int policy_alg, @@ -1428,7 +1444,7 @@ void mac_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_mac_operation_t operation; psa_status_t status; unsigned char mac[PSA_MAC_MAX_SIZE]; @@ -1438,7 +1454,6 @@ void mac_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1476,7 +1491,7 @@ void cipher_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_cipher_operation_t operation; psa_status_t status; @@ -1485,7 +1500,6 @@ void cipher_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1524,7 +1538,7 @@ void aead_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; unsigned char nonce[16] = {0}; size_t nonce_length = nonce_length_arg; @@ -1540,7 +1554,6 @@ void aead_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1586,7 +1599,7 @@ void asymmetric_encryption_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; size_t key_bits; size_t buffer_length; @@ -1598,7 +1611,6 @@ void asymmetric_encryption_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1651,7 +1663,7 @@ void asymmetric_signature_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; unsigned char payload[16] = {1}; size_t payload_length = sizeof( payload ); @@ -1663,7 +1675,6 @@ void asymmetric_signature_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1704,7 +1715,7 @@ void derive_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; @@ -1713,7 +1724,6 @@ void derive_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1746,7 +1756,7 @@ void agreement_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_type_t key_type = key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; @@ -1756,7 +1766,6 @@ void agreement_key_policy( int policy_usage, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1901,14 +1910,13 @@ void mac_setup( int key_type_arg, psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_mac_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); @@ -1938,7 +1946,7 @@ void mac_sign( int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; /* Leave a little extra room in the output buffer. At the end of the * test, we'll check that the implementation didn't overwrite onto * this extra room. */ @@ -1955,7 +1963,6 @@ void mac_sign( int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1996,7 +2003,7 @@ void mac_verify( int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); @@ -2004,7 +2011,6 @@ void mac_verify( int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2037,14 +2043,13 @@ void cipher_setup( int key_type_arg, psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_cipher_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2079,7 +2084,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2088,7 +2093,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2147,7 +2151,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2156,7 +2160,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2218,7 +2221,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2227,7 +2230,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2291,7 +2293,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); @@ -2300,7 +2302,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2363,13 +2364,12 @@ void cipher_verify_output( int alg_arg, int key_type_arg, size_t function_output_length = 0; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2449,13 +2449,12 @@ void cipher_verify_output_multipart( int alg_arg, size_t function_output_length; psa_cipher_operation_t operation1; psa_cipher_operation_t operation2; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2550,7 +2549,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, size_t output_length2 = 0; size_t tag_length = 16; psa_status_t expected_result = expected_result_arg; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2559,7 +2558,6 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); @@ -2617,7 +2615,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); @@ -2626,7 +2624,6 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2667,7 +2664,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t expected_result = expected_result_arg; output_size = input_data->len + tag_length; @@ -2677,7 +2674,6 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2732,14 +2728,13 @@ void sign_deterministic( int key_type_arg, data_t *key_data, unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2787,7 +2782,7 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_status_t expected_status = expected_status_arg; unsigned char *signature = NULL; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; ASSERT_ALLOC( signature, signature_size ); @@ -2796,7 +2791,6 @@ void sign_fail( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2833,14 +2827,13 @@ void sign_verify( int key_type_arg, data_t *key_data, unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); @@ -2903,7 +2896,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); @@ -2912,7 +2905,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2941,14 +2933,13 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2988,7 +2979,7 @@ void asymmetric_encrypt( int key_type_arg, size_t output_length = ~0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -2996,7 +2987,6 @@ void asymmetric_encrypt( int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, key_type, @@ -3059,14 +3049,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, unsigned char *output2 = NULL; size_t output2_size; size_t output2_length = ~0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); @@ -3127,7 +3116,7 @@ void asymmetric_decrypt( int key_type_arg, unsigned char *output = NULL; size_t output_size = 0; size_t output_length = ~0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; output_size = key_data->len; ASSERT_ALLOC( output, output_size ); @@ -3137,7 +3126,6 @@ void asymmetric_decrypt( int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3194,7 +3182,7 @@ void asymmetric_decrypt_fail( int key_type_arg, size_t output_length = ~0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; output_size = key_data->len; ASSERT_ALLOC( output, output_size ); @@ -3204,7 +3192,6 @@ void asymmetric_decrypt_fail( int key_type_arg, PSA_ASSERT( psa_allocate_key( key_type, KEY_BITS_FROM_DATA( key_type, key_data ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3258,13 +3245,12 @@ void derive_setup( int key_type_arg, size_t requested_capacity = requested_capacity_arg; psa_status_t expected_status = expected_status_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3297,14 +3283,13 @@ void test_derive_invalid_generator_state( ) const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key_data ) ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3385,7 +3370,7 @@ void derive_output( int alg_arg, uint8_t *output_buffer = NULL; size_t expected_capacity; size_t current_capacity; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; unsigned i; @@ -3402,7 +3387,6 @@ void derive_output( int alg_arg, PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( key_data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3476,14 +3460,13 @@ void derive_full( int alg_arg, unsigned char output_buffer[16]; size_t expected_capacity = requested_capacity; size_t current_capacity; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( key_data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3547,7 +3530,7 @@ void derive_key_exercise( int alg_arg, psa_algorithm_t derived_alg = derived_alg_arg; size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_type_t got_type; size_t got_bits; @@ -3556,7 +3539,6 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( key_data->len ), &base_handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, @@ -3614,7 +3596,7 @@ void derive_key_export( int alg_arg, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; uint8_t *output_buffer = NULL; uint8_t *export_buffer = NULL; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; size_t length; ASSERT_ALLOC( output_buffer, capacity ); @@ -3624,7 +3606,6 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( key_data->len ), &base_handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, @@ -3696,7 +3677,7 @@ void key_agreement_setup( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -3704,7 +3685,6 @@ void key_agreement_setup( int alg_arg, KEY_BITS_FROM_DATA( our_key_type, our_key_data ), &our_key ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); PSA_ASSERT( psa_import_key( our_key, our_key_type, @@ -3734,7 +3714,7 @@ void key_agreement_capacity( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; size_t actual_capacity; unsigned char output[16]; @@ -3744,7 +3724,6 @@ void key_agreement_capacity( int alg_arg, KEY_BITS_FROM_DATA( our_key_type, our_key_data ), &our_key ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); PSA_ASSERT( psa_import_key( our_key, our_key_type, @@ -3790,7 +3769,7 @@ void key_agreement_output( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; uint8_t *actual_output = NULL; ASSERT_ALLOC( actual_output, MAX( expected_output1->len, @@ -3802,7 +3781,6 @@ void key_agreement_output( int alg_arg, KEY_BITS_FROM_DATA( our_key_type, our_key_data ), &our_key ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); PSA_ASSERT( psa_import_key( our_key, our_key_type, @@ -3904,12 +3882,11 @@ void generate_key( int type_arg, size_t got_bits; psa_status_t expected_info_status = expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( type, bits, &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3946,11 +3923,11 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_type_t type_get; size_t bits_get; - psa_key_policy_t policy_set; - psa_key_policy_t policy_get; + psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT; + psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT; psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg; psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg; - psa_key_policy_t base_policy_set; + psa_key_policy_t base_policy_set = PSA_KEY_POLICY_INIT; psa_algorithm_t base_policy_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; unsigned char *first_export = NULL; @@ -3967,7 +3944,6 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1, type, bits, &handle ) ); - psa_key_policy_init( &policy_set ); psa_key_policy_set_usage( &policy_set, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); @@ -3991,7 +3967,6 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( data->len ), &base_key ) ); - psa_key_policy_init( &base_policy_set ); psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, base_policy_alg ); PSA_ASSERT( psa_set_key_policy( diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 753e3d237..939a37b56 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -209,7 +209,7 @@ void import_export_persistent_key( data_t *data, int type_arg, size_t exported_length; psa_key_type_t got_type; size_t got_bits; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_lifetime_t lifetime_get; ASSERT_ALLOC( exported, export_size ); @@ -221,7 +221,6 @@ void import_export_persistent_key( data_t *data, int type_arg, PSA_BYTES_TO_BITS( data->len ), &handle ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_VENDOR_FLAG ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 3df0887a6..670c7404a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -77,14 +77,13 @@ void transient_slot_lifecycle( int type_arg, int max_bits_arg, close_method_t close_method = close_method_arg; psa_key_type_t read_type; psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); /* Get a handle and import a key. */ PSA_ASSERT( psa_allocate_key( type, max_bits, &handle ) ); TEST_ASSERT( handle != 0 ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); @@ -131,7 +130,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, close_method_t close_method = close_method_arg; psa_key_type_t read_type; psa_key_handle_t handle = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; TEST_MAX_KEY_ID( id ); @@ -140,7 +139,6 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, /* Get a handle and import a key. */ PSA_ASSERT( psa_create_key( lifetime, id, type, max_bits, &handle ) ); TEST_ASSERT( handle != 0 ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); @@ -202,7 +200,8 @@ void create_existent( int lifetime_arg, int id_arg, psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; psa_key_handle_t handle1 = 0, handle2 = 0; - psa_key_policy_t policy1, read_policy; + psa_key_policy_t policy1 = PSA_KEY_POLICY_INIT; + psa_key_policy_t read_policy = PSA_KEY_POLICY_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; psa_key_type_t type2 = new_type_arg; psa_key_type_t read_type; @@ -220,7 +219,6 @@ void create_existent( int lifetime_arg, int id_arg, /* Create a key. */ PSA_ASSERT( psa_create_key( lifetime, id, type1, bits1, &handle1 ) ); TEST_ASSERT( handle1 != 0 ); - psa_key_policy_init( &policy1 ); psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) ); PSA_ASSERT( psa_import_key( handle1, type1, @@ -308,7 +306,7 @@ exit: void invalid_handle( ) { psa_key_handle_t handle1 = 0; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_type_t read_type; size_t read_bits; uint8_t material[1] = "a"; @@ -318,7 +316,6 @@ void invalid_handle( ) /* Allocate a handle and store a key in it. */ PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 1, &handle1 ) ); TEST_ASSERT( handle1 != 0 ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, 0, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy ) ); PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA, @@ -350,14 +347,13 @@ void many_transient_handles( int max_handles_arg ) size_t max_handles = max_handles_arg; size_t i, j; psa_status_t status; - psa_key_policy_t policy; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; uint8_t exported[sizeof( size_t )]; size_t exported_length; size_t max_bits = PSA_BITS_TO_BYTES( sizeof( exported ) ); ASSERT_ALLOC( handles, max_handles ); PSA_ASSERT( psa_crypto_init( ) ); - psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); for( i = 0; i < max_handles; i++ ) From 6a25b41ac32eb502b1bb70689c9bb05ef635967c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 11:47:44 +0000 Subject: [PATCH 0890/2197] psa: Add initializers for hash operation objects Add new initializers for hash operation objects and use them in our tests and library code. Prefer using the macro initializers due to their straightforwardness. --- include/psa/crypto.h | 47 ++++++++++++++++++- include/psa/crypto_struct.h | 7 +++ tests/suites/test_suite_psa_crypto.data | 3 ++ tests/suites/test_suite_psa_crypto.function | 33 +++++++++++-- .../test_suite_psa_crypto_hash.function | 6 +-- 5 files changed, 87 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2bc6807b2..694fdf4d5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -705,18 +705,59 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, */ /** The type of the state data structure for multipart hash operations. + * + * Before calling any function on a hash operation object, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_hash_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_hash_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_HASH_OPERATION_INIT, + * for example: + * \code + * psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_hash_operation_init() + * to the structure, for example: + * \code + * psa_hash_operation_t operation; + * operation = psa_hash_operation_init(); + * \endcode * * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ typedef struct psa_hash_operation_s psa_hash_operation_t; +/** \def PSA_HASH_OPERATION_INIT + * + * This macro returns a suitable initializer for a hash operation object + * of type #psa_hash_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_HASH_OPERATION_INIT {0} +#endif + +/** Return an initial value for a hash operation object. + */ +static psa_hash_operation_t psa_hash_operation_init(void); + /** Start a multipart hash operation. * * The sequence of operations to calculate a hash (message digest) * is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_hash_operation_t, e.g. PSA_HASH_OPERATION_INIT. * -# Call psa_hash_setup() to specify the algorithm. * -# Call psa_hash_update() zero, one or more times, passing a fragment * of the message each time. The hash that is calculated is the hash @@ -725,7 +766,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * To compare the hash with an expected value, call psa_hash_verify(). * * The application may call psa_hash_abort() at any time after the operation - * has been initialized with psa_hash_setup(). + * has been initialized. * * After a successful call to psa_hash_setup(), the application must * eventually terminate the operation. The following events terminate an @@ -733,7 +774,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; * - A failed call to psa_hash_update(). * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort(). * - * \param[out] operation The operation object to use. + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_hash_operation_t and not yet in use. * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_HASH(\p alg) is true). * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 320466f8f..4a6e16857 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -85,6 +85,13 @@ struct psa_hash_operation_s } ctx; }; +#define PSA_HASH_OPERATION_INIT {0, {0}} +static inline struct psa_hash_operation_s psa_hash_operation_init( void ) +{ + const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; + return( v ); +} + #if defined(MBEDTLS_MD_C) typedef struct { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 09029ffde..701a9a7bd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -471,6 +471,9 @@ PSA key policy: agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) +Hash operation object initializers zero properly +hash_operation_init: + PSA hash setup: good, SHA-1 depends_on:MBEDTLS_SHA1_C hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 535879964..ea4a8e10d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1787,13 +1787,38 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_operation_init( ) +{ + /* Test each valid way of initializing the object, except for `= {0}`, as + * Clang 5 complains when `-Wmissing-field-initializers` is used, even + * though it's OK by the C standard. We could test for this, but we'd need + * to supress the Clang warning for the test. */ + psa_hash_operation_t func = psa_hash_operation_init( ); + psa_hash_operation_t init = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t zero; + + memset( &zero, 0, sizeof( zero ) ); + + /* Although not technically guaranteed by the C standard nor the PSA Crypto + * specification, we test that all valid ways of initializing the object + * have the same bit pattern. This is a stronger requirement that may not + * be valid on all platforms or PSA Crypto implementations, but implies the + * weaker actual requirement is met: that a freshly initialized object, no + * matter how it was initialized, acts the same as any other valid + * initialization. */ + TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); + TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_setup( int alg_arg, int expected_status_arg ) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1817,7 +1842,7 @@ void hash_bad_order( ) 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; size_t hash_len; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -1853,7 +1878,7 @@ void hash_verify_bad_args( ) 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb }; size_t expected_size = PSA_HASH_SIZE( alg ); - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -1883,7 +1908,7 @@ void hash_finish_bad_args( ) psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; size_t expected_size = PSA_HASH_SIZE( alg ); - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t hash_len; PSA_ASSERT( psa_crypto_init( ) ); diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 5931a2338..bdb2f98f1 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -21,7 +21,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) psa_algorithm_t alg = alg_arg; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -43,7 +43,7 @@ exit: void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) { psa_algorithm_t alg = alg_arg; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -66,7 +66,7 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) psa_algorithm_t alg = alg_arg; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; uint32_t len = 0; PSA_ASSERT( psa_crypto_init( ) ); From 769ce27f1209a3dda1382f8e3f32cdf43d177aa6 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 11:48:03 +0000 Subject: [PATCH 0891/2197] psa: Add initializers for MAC operation objects Add new initializers for MAC operation objects and use them in our tests and library code. Prefer using the macro initializers due to their straightforwardness. --- include/psa/crypto.h | 55 +++++++++++++++++++-- include/psa/crypto_struct.h | 7 +++ tests/suites/test_suite_psa_crypto.data | 3 ++ tests/suites/test_suite_psa_crypto.function | 35 +++++++++++-- 4 files changed, 91 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 694fdf4d5..f94830d83 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -928,12 +928,51 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); */ /** The type of the state data structure for multipart MAC operations. + * + * Before calling any function on a MAC operation object, the application must + * initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_mac_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_mac_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_MAC_OPERATION_INIT, + * for example: + * \code + * psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_mac_operation_init() + * to the structure, for example: + * \code + * psa_mac_operation_t operation; + * operation = psa_mac_operation_init(); + * \endcode * * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ typedef struct psa_mac_operation_s psa_mac_operation_t; +/** \def PSA_MAC_OPERATION_INIT + * + * This macro returns a suitable initializer for a MAC operation object of type + * #psa_mac_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_MAC_OPERATION_INIT {0} +#endif + +/** Return an initial value for a MAC operation object. + */ +static psa_mac_operation_t psa_mac_operation_init(void); + /** Start a multipart MAC calculation operation. * * This function sets up the calculation of the MAC @@ -944,6 +983,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * The sequence of operations to calculate a MAC is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT. * -# Call psa_mac_sign_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. @@ -954,14 +995,16 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; * calculating the MAC value and retrieve it. * * The application may call psa_mac_abort() at any time after the operation - * has been initialized with psa_mac_sign_setup(). + * has been initialized. * * After a successful call to psa_mac_sign_setup(), the application must * eventually terminate the operation through one of the following methods: * - A failed call to psa_mac_update(). * - A call to psa_mac_sign_finish() or psa_mac_abort(). * - * \param[out] operation The operation object to use. + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_mac_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). @@ -996,6 +1039,8 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * The sequence of operations to verify a MAC is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT. * -# Call psa_mac_verify_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. @@ -1007,14 +1052,16 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * the expected value. * * The application may call psa_mac_abort() at any time after the operation - * has been initialized with psa_mac_verify_setup(). + * has been initialized. * * After a successful call to psa_mac_verify_setup(), the application must * eventually terminate the operation through one of the following methods: * - A failed call to psa_mac_update(). * - A call to psa_mac_verify_finish() or psa_mac_abort(). * - * \param[out] operation The operation object to use. + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_mac_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 4a6e16857..efc30b804 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -123,6 +123,13 @@ struct psa_mac_operation_s } ctx; }; +#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}} +static inline struct psa_mac_operation_s psa_mac_operation_init( void ) +{ + const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; + return( v ); +} + struct psa_cipher_operation_s { psa_algorithm_t alg; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 701a9a7bd..8275a1c3c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -527,6 +527,9 @@ hash_verify_bad_args: PSA hash finish: bad arguments hash_finish_bad_args: +MAC operation object initializers zero properly +mac_operation_init: + PSA MAC setup: good, HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ea4a8e10d..e821165c1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -124,7 +124,7 @@ static int exercise_mac_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_mac_operation_t operation; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; const unsigned char input[] = "foo"; unsigned char mac[PSA_MAC_MAX_SIZE] = {0}; size_t mac_length = sizeof( mac ); @@ -1445,7 +1445,7 @@ void mac_key_policy( int policy_usage, { psa_key_handle_t handle = 0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_mac_operation_t operation; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_status_t status; unsigned char mac[PSA_MAC_MAX_SIZE]; @@ -1924,6 +1924,31 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mac_operation_init( ) +{ + /* Test each valid way of initializing the object, except for `= {0}`, as + * Clang 5 complains when `-Wmissing-field-initializers` is used, even + * though it's OK by the C standard. We could test for this, but we'd need + * to supress the Clang warning for the test. */ + psa_mac_operation_t func = psa_mac_operation_init( ); + psa_mac_operation_t init = PSA_MAC_OPERATION_INIT; + psa_mac_operation_t zero; + + memset( &zero, 0, sizeof( zero ) ); + + /* Although not technically guaranteed by the C standard nor the PSA Crypto + * specification, we test that all valid ways of initializing the object + * have the same bit pattern. This is a stronger requirement that may not + * be valid on all platforms or PSA Crypto implementations, but implies the + * weaker actual requirement is met: that a freshly initialized object, no + * matter how it was initialized, acts the same as any other valid + * initialization. */ + TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); + TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_setup( int key_type_arg, data_t *key, @@ -1934,7 +1959,7 @@ void mac_setup( int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - psa_mac_operation_t operation; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; @@ -1970,7 +1995,7 @@ void mac_sign( int key_type_arg, psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - psa_mac_operation_t operation; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; /* Leave a little extra room in the output buffer. At the end of the * test, we'll check that the implementation didn't overwrite onto @@ -2027,7 +2052,7 @@ void mac_verify( int key_type_arg, psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - psa_mac_operation_t operation; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); From 5a5dc77696cb390d7aaab540d784a3f20e1cd412 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 15:33:37 +0000 Subject: [PATCH 0892/2197] psa: Enable easier initialization of cipher operations The struct psa_cipher_operation_s is built with a mbedtls_cipher_context_t. The shape of mbedtls_cipher_context_t and an initializer that works with Clang 5.0 and its -Wmissing-field-initializers varies based on the configuration of the library. Instead of making multiple initializers based on a maze of ifdefs for all combinations of MBEDTLS_CIPHER_MODE_WITH_PADDING, MBEDTLS_CMAC_C, and MBEDTLS_USE_PSA_CRYPTO, add a dummy variable to psa_cipher_operation_s's union that encloses mbedtls_cipher_context_t. This allows us to initialize the dummy with a Clang-approved initializer and have it properly initialize the entire object. --- include/psa/crypto_struct.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index efc30b804..5eb262405 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -140,6 +140,7 @@ struct psa_cipher_operation_s uint8_t block_size; union { + unsigned dummy; /* Enable easier initializing of the union. */ mbedtls_cipher_context_t cipher; } ctx; }; From 5bae227da07157a45948a22290d6e5e67afde458 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 11:48:27 +0000 Subject: [PATCH 0893/2197] psa: Add initializers for cipher operation objects Add new initializers for cipher operation objects and use them in our tests and library code. Prefer using the macro initializers due to their straightforwardness. --- include/psa/crypto.h | 57 +++++++++++++++++++-- include/psa/crypto_struct.h | 7 +++ tests/suites/test_suite_psa_crypto.data | 3 ++ tests/suites/test_suite_psa_crypto.function | 51 +++++++++++++----- 4 files changed, 101 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f94830d83..c266f9fe7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1228,18 +1228,60 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); */ /** The type of the state data structure for multipart cipher operations. + * + * Before calling any function on a cipher operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_cipher_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_cipher_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_CIPHER_OPERATION_INIT, + * for example: + * \code + * psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_cipher_operation_init() + * to the structure, for example: + * \code + * psa_cipher_operation_t operation; + * operation = psa_cipher_operation_init(); + * \endcode * * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ typedef struct psa_cipher_operation_s psa_cipher_operation_t; +/** \def PSA_CIPHER_OPERATION_INIT + * + * This macro returns a suitable initializer for a cipher operation object of + * type #psa_cipher_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_CIPHER_OPERATION_INIT {0} +#endif + +/** Return an initial value for a cipher operation object. + */ +static psa_cipher_operation_t psa_cipher_operation_init(void); + /** Set the key for a multipart symmetric encryption operation. * * The sequence of operations to encrypt a message with a symmetric cipher * is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_cipher_operation_t, e.g. + * PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. @@ -1252,7 +1294,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * -# Call psa_cipher_finish(). * * The application may call psa_cipher_abort() at any time after the operation - * has been initialized with psa_cipher_encrypt_setup(). + * has been initialized. * * After a successful call to psa_cipher_encrypt_setup(), the application must * eventually terminate the operation. The following events terminate an @@ -1261,7 +1303,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; * or psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * - * \param[out] operation The operation object to use. + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that @@ -1295,6 +1339,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * is as follows: * -# Allocate an operation object which will be passed to all the functions * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_cipher_operation_t, e.g. + * PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. * The key remains associated with the operation even if the content * of the key slot changes. @@ -1307,7 +1354,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * -# Call psa_cipher_finish(). * * The application may call psa_cipher_abort() at any time after the operation - * has been initialized with psa_cipher_decrypt_setup(). + * has been initialized. * * After a successful call to psa_cipher_decrypt_setup(), the application must * eventually terminate the operation. The following events terminate an @@ -1315,7 +1362,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * - A failed call to psa_cipher_update(). * - A call to psa_cipher_finish() or psa_cipher_abort(). * - * \param[out] operation The operation object to use. + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_cipher_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 5eb262405..ee3ecd776 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -145,6 +145,13 @@ struct psa_cipher_operation_s } ctx; }; +#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, {0}} +static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) +{ + const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; + return( v ); +} + #if defined(MBEDTLS_MD_C) typedef struct { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8275a1c3c..6ba61baa4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -755,6 +755,9 @@ PSA MAC verify: CMAC-AES-128, truncated to 4 bytes depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747" +Cipher operation object initializers zero properly +cipher_operation_init: + PSA cipher setup: good, AES-CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e821165c1..0ed374918 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -165,7 +165,7 @@ static int exercise_cipher_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; unsigned char iv[16] = {0}; size_t iv_length = sizeof( iv ); const unsigned char plaintext[16] = "Hello, world..."; @@ -1153,7 +1153,7 @@ void cipher_with_no_key_activity( ) psa_key_handle_t handle = 0; psa_status_t status; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; int exercise_alg = PSA_ALG_CTR; PSA_ASSERT( psa_crypto_init( ) ); @@ -1210,7 +1210,7 @@ void cipher_after_import_failure( data_t *data, int type_arg, int expected_import_status_arg ) { psa_key_handle_t handle = 0; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_type_t type = type_arg; psa_status_t status; psa_status_t expected_import_status = expected_import_status_arg; @@ -1492,7 +1492,7 @@ void cipher_key_policy( int policy_usage, { psa_key_handle_t handle = 0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -2082,6 +2082,31 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_operation_init( ) +{ + /* Test each valid way of initializing the object, except for `= {0}`, as + * Clang 5 complains when `-Wmissing-field-initializers` is used, even + * though it's OK by the C standard. We could test for this, but we'd need + * to supress the Clang warning for the test. */ + psa_cipher_operation_t func = psa_cipher_operation_init( ); + psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT; + psa_cipher_operation_t zero; + + memset( &zero, 0, sizeof( zero ) ); + + /* Although not technically guaranteed by the C standard nor the PSA Crypto + * specification, we test that all valid ways of initializing the object + * have the same bit pattern. This is a stronger requirement that may not + * be valid on all platforms or PSA Crypto implementations, but implies the + * weaker actual requirement is met: that a freshly initialized object, no + * matter how it was initialized, acts the same as any other valid + * initialization. */ + TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); + TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_setup( int key_type_arg, data_t *key, @@ -2092,7 +2117,7 @@ void cipher_setup( int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; @@ -2133,7 +2158,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -2200,7 +2225,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -2270,7 +2295,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -2342,7 +2367,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t output_buffer_size = 0; size_t function_output_length = 0; size_t total_output_length = 0; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); @@ -2412,8 +2437,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, size_t output2_size = 0; size_t output2_length = 0; size_t function_output_length = 0; - psa_cipher_operation_t operation1; - psa_cipher_operation_t operation2; + psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT; + psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -2497,8 +2522,8 @@ void cipher_verify_output_multipart( int alg_arg, size_t output2_buffer_size = 0; size_t output2_length = 0; size_t function_output_length; - psa_cipher_operation_t operation1; - psa_cipher_operation_t operation2; + psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT; + psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); From d94d671f14592ea966911b03595cc552ed74daba Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 4 Jan 2019 14:11:48 +0000 Subject: [PATCH 0894/2197] psa: Test that generator initializers work --- tests/suites/test_suite_psa_crypto.data | 3 +++ tests/suites/test_suite_psa_crypto.function | 25 +++++++++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6ba61baa4..aa0a89052 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1402,6 +1402,9 @@ PSA decrypt: RSA OAEP-SHA-256, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT +Crypto generator initializers zero properly +crypto_generator_init: + PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0ed374918..6916bf42e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3305,6 +3305,31 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void crypto_generator_init( ) +{ + /* Test each valid way of initializing the object, except for `= {0}`, as + * Clang 5 complains when `-Wmissing-field-initializers` is used, even + * though it's OK by the C standard. We could test for this, but we'd need + * to supress the Clang warning for the test. */ + psa_crypto_generator_t func = psa_crypto_generator_init( ); + psa_crypto_generator_t init = PSA_CRYPTO_GENERATOR_INIT; + psa_crypto_generator_t zero; + + memset( &zero, 0, sizeof( zero ) ); + + /* Although not technically guaranteed by the C standard nor the PSA Crypto + * specification, we test that all valid ways of initializing the object + * have the same bit pattern. This is a stronger requirement that may not + * be valid on all platforms or PSA Crypto implementations, but implies the + * weaker actual requirement is met: that a freshly initialized object, no + * matter how it was initialized, acts the same as any other valid + * initialization. */ + TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); + TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void derive_setup( int key_type_arg, data_t *key_data, From 9e919c636fe170c656429003258d8e25e4288606 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 7 Jan 2019 15:41:50 +0000 Subject: [PATCH 0895/2197] psa: Document generator requirements consistently We've added documentation for how context objects for multi-part operations must be initialized consistently for key policy, hash, cipher, and MAC. Update the generator documentation to be consistent with how we've documented the other operations. --- include/psa/crypto.h | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c266f9fe7..683feb83f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2099,11 +2099,9 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step * and \p label is the info string used in the "expand" step. * - * \param[in,out] generator The generator object to set up. It must - * have been initialized to all-bits-zero, - * a logical zero (`{0}`), - * \c PSA_CRYPTO_GENERATOR_INIT or - * psa_crypto_generator_init(). + * \param[in,out] generator The generator object to set up. It must have + * been initialized as per the documentation for + * #psa_crypto_generator_t and not yet in use. * \param handle Handle to the secret key. * \param alg The key derivation algorithm to compute * (\c PSA_ALG_XXX value such that @@ -2153,11 +2151,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * The resulting generator always has the maximum capacity permitted by * the algorithm. * - * \param[in,out] generator The generator object to set up. It must - * have been initialized to all-bits-zero, - * a logical zero (`{0}`), - * \c PSA_CRYPTO_GENERATOR_INIT or - * psa_crypto_generator_init(). + * \param[in,out] generator The generator object to set up. It must have + * been initialized as per the documentation for + * #psa_crypto_generator_t and not yet in use. * \param private_key Handle to the private key to use. * \param[in] peer_key Public key of the peer. It must be * in the same format that psa_import_key() From 03091d1114450dd19a10215094682f14761540d9 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Tue, 8 Jan 2019 18:15:50 +0200 Subject: [PATCH 0896/2197] modify check-names.sh and list-macros.sh to work with PSA constants fixed processing of PSA macros in check names script. This required changes in: *list-macros.sh to scan the PSA headers *check-names to scan PSA files and allow PSA_* macro names --- tests/scripts/check-names.sh | 6 ++++-- tests/scripts/list-macros.sh | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index addcc05dc..a90d2c027 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -40,7 +40,7 @@ diff macros identifiers | sed -n -e 's/< //p' > actual-macros for THING in actual-macros enum-consts; do printf "Names of $THING: " test -r $THING - BAD=$( grep -v '^MBEDTLS_[0-9A-Z_]*[0-9A-Z]$' $THING || true ) + BAD=$( grep -E -v '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$' $THING || true ) if [ "x$BAD" = "x" ]; then echo "PASS" else @@ -65,12 +65,14 @@ done printf "Likely typos: " sort -u actual-macros enum-consts > _caps -HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) NL=' ' sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \ $HEADERS library/*.c \ | grep MBEDTLS | sort -u > _MBEDTLS_XXX + + TYPOS=$( diff _caps _MBEDTLS_XXX | sed -n 's/^> //p' \ | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$' || true ) rm _MBEDTLS_XXX _caps diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 3c84adba6..5982bb7a0 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -7,7 +7,7 @@ if [ -d include/mbedtls ]; then :; else exit 1 fi -HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \ | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \ From 6bd14269c948492ca3e8e99cf8305f60c2377727 Mon Sep 17 00:00:00 2001 From: Nir Sonnenschein Date: Wed, 9 Jan 2019 00:32:56 +0200 Subject: [PATCH 0897/2197] remove excess whitespace --- tests/scripts/check-names.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index a90d2c027..925037c33 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -71,8 +71,6 @@ NL=' sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \ $HEADERS library/*.c \ | grep MBEDTLS | sort -u > _MBEDTLS_XXX - - TYPOS=$( diff _caps _MBEDTLS_XXX | sed -n 's/^> //p' \ | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$' || true ) rm _MBEDTLS_XXX _caps From 06b385fabe4b7555758e420e030702d1b8665eb8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jan 2019 22:28:21 +0100 Subject: [PATCH 0898/2197] Fix inconsistent indentation Only whitespace changes in this commit. --- tests/scripts/all.sh | 86 ++++++++++++++++++++++---------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1dc458057..f09c63210 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -276,40 +276,40 @@ check_headers_in_cpp () { pre_parse_command_line () { while [ $# -gt 0 ]; do - case "$1" in - --armcc) RUN_ARMCC=1;; - --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; - --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; - --except) ALL_EXCEPT=1;; - --force|-f) FORCE=1;; - --gnutls-cli) shift; GNUTLS_CLI="$1";; - --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; - --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; - --gnutls-serv) shift; GNUTLS_SERV="$1";; - --help|-h) usage; exit;; - --keep-going|-k) KEEP_GOING=1;; - --list-components) INTROSPECTION_MODE=list_components;; - --memory|-m) MEMORY=1;; - --no-armcc) RUN_ARMCC=0;; - --no-force) FORCE=0;; - --no-keep-going) KEEP_GOING=0;; - --no-memory) MEMORY=0;; - --openssl) shift; OPENSSL="$1";; - --openssl-legacy) shift; OPENSSL_LEGACY="$1";; - --openssl-next) shift; OPENSSL_NEXT="$1";; - --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; - --random-seed) unset SEED;; - --release-test|-r) SEED=1;; - --seed|-s) shift; SEED="$1";; - -*) - echo >&2 "Unknown option: $1" - echo >&2 "Run $0 --help for usage." - exit 120 - ;; - *) - COMPONENTS="$COMPONENTS $1";; - esac - shift + case "$1" in + --armcc) RUN_ARMCC=1;; + --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; + --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; + --except) ALL_EXCEPT=1;; + --force|-f) FORCE=1;; + --gnutls-cli) shift; GNUTLS_CLI="$1";; + --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; + --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; + --gnutls-serv) shift; GNUTLS_SERV="$1";; + --help|-h) usage; exit;; + --keep-going|-k) KEEP_GOING=1;; + --list-components) INTROSPECTION_MODE=list_components;; + --memory|-m) MEMORY=1;; + --no-armcc) RUN_ARMCC=0;; + --no-force) FORCE=0;; + --no-keep-going) KEEP_GOING=0;; + --no-memory) MEMORY=0;; + --openssl) shift; OPENSSL="$1";; + --openssl-legacy) shift; OPENSSL_LEGACY="$1";; + --openssl-next) shift; OPENSSL_NEXT="$1";; + --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; + --random-seed) unset SEED;; + --release-test|-r) SEED=1;; + --seed|-s) shift; SEED="$1";; + -*) + echo >&2 "Unknown option: $1" + echo >&2 "Run $0 --help for usage." + exit 120 + ;; + *) + COMPONENTS="$COMPONENTS $1";; + esac + shift done } @@ -1103,15 +1103,15 @@ component_test_zeroize () { # output to check whether the pass string is present and no failure strings # were printed. for optimization_flag in -O2 -O3 -Ofast -Os; do - for compiler in clang gcc; do - msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" - make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" - if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log - if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log - if_build_succeeded not grep -i "error" test_zeroize.log - rm -f test_zeroize.log - make clean - done + for compiler in clang gcc; do + msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" + make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" + if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log + if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log + if_build_succeeded not grep -i "error" test_zeroize.log + rm -f test_zeroize.log + make clean + done done } From 1927565f9bb7ebcf1efa145d1696917c99221315 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 19:48:30 +0000 Subject: [PATCH 0899/2197] Use CMAKE_BUILD_TYPE to do Asan builds Use `cmake -D CMAKE_BUILD_TYPE=Asan` rather than manually setting `-fsanitize=address`. This lets cmake determine the necessary compiler and linker flags. With UNSAFE_BUILD on, force -Wno-error. This is necessary to build with MBEDTLS_TEST_NULL_ENTROPY. --- library/CMakeLists.txt | 6 ++++++ tests/scripts/all.sh | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 3a3f61bcf..3b56c4445 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -103,6 +103,12 @@ if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") endif(CMAKE_COMPILER_IS_CLANG) +if(UNSAFE_BUILD) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error") + set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error") + set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error") +endif(UNSAFE_BUILD) + if(WIN32) set(libs ${libs} ws2_32) endif(WIN32) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f09c63210..8c9c9ce43 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -773,7 +773,7 @@ component_test_null_entropy () { scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT scripts/config.pl unset MBEDTLS_HAVEGE_C - CC=gcc cmake -D UNSAFE_BUILD=ON -D CMAKE_C_FLAGS:String="-fsanitize=address -fno-common -O3" . + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON . make msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)" From 74851d8dd94e13c534eefa9d633bca1657ec9869 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 19:52:22 +0000 Subject: [PATCH 0900/2197] Gdb script: improve portability of ASLR disabling disabling Call `set disable-randomization off` only if it seems to be supported. The goal is to neither get an error about disable-randomization not being supported (e.g. on FreeBSD), nor get an error if it is supported but fails (e.g. on Ubuntu). Only fiddle with disable-randomization from all.sh, which cares because it reports the failure of ASLR disabling as an error. If a developer invokes the Gdb script manually, a warning about ASLR doesn't matter. --- tests/scripts/all.sh | 12 +++++++++++- tests/scripts/test_zeroize.gdb | 2 -- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8c9c9ce43..1e7107456 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1102,17 +1102,27 @@ component_test_zeroize () { # system in all cases that the script fails, so we must manually search the # output to check whether the pass string is present and no failure strings # were printed. + + # Don't try to disable ASLR. We don't care about ASLR here. We do care + # about a spurious message if Gdb tries and fails, so suppress that. + gdb_disable_aslr= + if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then + gdb_disable_aslr='set disable-randomization off' + fi + for optimization_flag in -O2 -O3 -Ofast -Os; do for compiler in clang gcc; do msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" - if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log + if_build_succeeded gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log if_build_succeeded not grep -i "error" test_zeroize.log rm -f test_zeroize.log make clean done done + + unset gdb_disable_aslr } component_check_python_files () { diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb index 77c812a0b..2f995d2a3 100644 --- a/tests/scripts/test_zeroize.gdb +++ b/tests/scripts/test_zeroize.gdb @@ -41,8 +41,6 @@ # number does not need to be updated often. set confirm off -# We don't need to turn off ASLR, so don't try. -set disable-randomization off file ./programs/test/zeroize break zeroize.c:100 From bdf3f5271019a60e97f3131bdf06cefcd97d8687 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 19:58:02 +0000 Subject: [PATCH 0901/2197] all.sh: don't insist on Linux; always run Valgrind Don't bail out of all.sh if the OS isn't Linux. We only expect everything to pass on a recent Linux x86_64, but it's useful to call all.sh to run some components on any platform. In all.sh, always run both MemorySanitizer and Valgrind. Valgrind is slower than ASan and MSan but finds some things that they don't. Run MSan unconditionally, not just on Linux/x86_64. MSan is supported on some other OSes and CPUs these days. Use `all.sh --except test_memsan` if you want to omit MSan because it isn't supported on your platform. Use `all.sh --except test_memcheck` if you want to omit Valgrind because it's too slow. Make the test scripts more portable (tested on FreeBSD): don't insist on GNU sed, and recognize amd64 as well as x86_64 for `uname -m`. The `make` utility must still be GNU make. --- tests/scripts/all.sh | 29 +++++++++++------------------ tests/ssl-opt.sh | 2 +- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1e7107456..c2d663523 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -91,10 +91,7 @@ set -eu pre_check_environment () { - if [ "$( uname )" != "Linux" ]; then - echo "This script only works in Linux" >&2 - exit 1 - elif [ -d library -a -d include -a -d tests ]; then :; else + if [ -d library -a -d include -a -d tests ]; then :; else echo "Must be run from mbed TLS root" >&2 exit 1 fi @@ -1190,14 +1187,14 @@ run_all_components () { run_component component_test_aes_fewer_tables run_component component_test_aes_rom_tables run_component component_test_aes_fewer_tables_and_rom_tables - if uname -a | grep -F Linux >/dev/null; then - run_component component_test_make_shared - fi - if uname -a | grep -F x86_64 >/dev/null; then - run_component component_test_m32_o0 - run_component component_test_m32_o1 - run_component component_test_mx32 - fi + run_component component_test_make_shared + case $(uname -m) in + amd64|x86_64) + run_component component_test_m32_o0 + run_component component_test_m32_o1 + run_component component_test_mx32 + ;; + esac run_component component_test_have_int32 run_component component_test_have_int64 run_component component_test_no_udbl_division @@ -1208,12 +1205,8 @@ run_all_components () { run_component component_build_armcc run_component component_test_allow_sha1 run_component component_build_mingw - # MemSan currently only available on Linux 64 bits - if uname -a | grep 'Linux.*x86_64' >/dev/null; then - run_component component_test_memsan - else # no MemSan - run_component component_test_memcheck - fi + run_component component_test_memsan + run_component component_test_memcheck run_component component_test_cmake_out_of_source # More small things diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 2ccecc4b1..26830fe63 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -167,7 +167,7 @@ requires_config_disabled() { get_config_value_or_default() { NAME="$1" DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h | - sed 's/^.*\s\([0-9]*\)$/\1/' ) + sed 's/^.* \([0-9]*\)$/\1/' ) ../scripts/config.pl get $NAME || echo "$DEF_VAL" } From 55ae162559bd16f3115bbe750ccd82dd5f412674 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 20:15:26 +0000 Subject: [PATCH 0902/2197] all.sh: fix MAKEFLAGS setting MAKEFLAGS was set to -j if it was already set, instead of being set if not previously set as intended. So now all.sh will do parallel builds if invoked without MAKEFLAGS in the environment. --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c2d663523..11cdbe80c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -122,7 +122,7 @@ pre_initialize_variables () { : ${ARMC6_BIN_DIR:=/usr/bin} # if MAKEFLAGS is not set add the -j option to speed up invocations of make - if [ -n "${MAKEFLAGS+set}" ]; then + if [ -z "${MAKEFLAGS+set}" ]; then export MAKEFLAGS="-j" fi } From 76d7bfeb0c09e816b5be289af79bc068592db00d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jan 2019 11:47:49 +0100 Subject: [PATCH 0903/2197] Terminology: consistently use "set up" for multipart operations hash_setup and mac_setup used to be called hash_start and mac_start, but we've now converged on _setup as names. Finish making the terminology in the documentation consistent. --- include/psa/crypto.h | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83f..9c596883a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -750,7 +750,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; */ static psa_hash_operation_t psa_hash_operation_init(void); -/** Start a multipart hash operation. +/** Set up a multipart hash operation. * * The sequence of operations to calculate a hash (message digest) * is as follows: @@ -805,7 +805,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -842,7 +842,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) @@ -882,7 +882,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * The hash of the message was calculated successfully, but it * differs from the expected hash. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -973,7 +973,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; */ static psa_mac_operation_t psa_mac_operation_init(void); -/** Start a multipart MAC calculation operation. +/** Set up a multipart MAC calculation operation. * * This function sets up the calculation of the MAC * (message authentication code) of a byte string. @@ -1031,7 +1031,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg); -/** Start a multipart MAC verification operation. +/** Set up a multipart MAC verification operation. * * This function sets up the verification of the MAC * (message authentication code) of a byte string against an expected value. @@ -1103,7 +1103,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1142,7 +1142,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). @@ -1181,7 +1181,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * The MAC of the message was calculated successfully, but it * differs from the expected MAC. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1412,7 +1412,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or IV already set). + * The operation state is not valid (not set up, or IV already set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p iv buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1446,7 +1446,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or IV already set). + * The operation state is not valid (not set up, or IV already set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. @@ -1482,7 +1482,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, IV required but + * The operation state is not valid (not set up, IV required but * not set, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. @@ -1520,7 +1520,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, IV required but + * The operation state is not valid (not set up, IV required but * not set, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. From 8e1addc7109484fc0df67b90d901206d62a6d61b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jan 2019 11:51:17 +0100 Subject: [PATCH 0904/2197] Document BAD_STATE errors for multipart operation setup functions Future commits will implement this and add tests. --- include/psa/crypto.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9c596883a..ce35e07c7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -784,6 +784,9 @@ static psa_hash_operation_t psa_hash_operation_init(void); * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1023,6 +1026,9 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1080,6 +1086,9 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1325,6 +1334,9 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1384,6 +1396,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. From 1072610e149bf6bc63459d8088f0382363455f22 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 20:50:38 +0000 Subject: [PATCH 0905/2197] all.sh: list components automatically Extract the list of available components by looking for definitions of functions called component_xxx. The previous code explicitly listed all components in run_all_components, which opened the risk of forgetting to list a component there. Add a conditional execution facility: if a function support_xxx exists and returns false then component_xxx is not executed (except when the command line lists an explicit set of components to execute). --- tests/scripts/all.sh | 174 ++++++++++++++++--------------------------- 1 file changed, 63 insertions(+), 111 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 11cdbe80c..8faa441fe 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -62,6 +62,8 @@ # * component_check_XXX: quick tests that aren't worth parallelizing # * component_build_XXX: build things but don't run them # * component_test_XXX: build and test +# * support_XXX: if support_XXX exists and returns false then +# component_XXX is not run by default. # * post_XXX: things to do after running the tests. # * other: miscellaneous support functions. # @@ -105,7 +107,6 @@ pre_initialize_variables () { ALL_EXCEPT=0 MEMORY=0 FORCE=0 - INTROSPECTION_MODE= KEEP_GOING=0 RUN_ARMCC=1 @@ -125,12 +126,29 @@ pre_initialize_variables () { if [ -z "${MAKEFLAGS+set}" ]; then export MAKEFLAGS="-j" fi + + # Gather the list of available components. These are the functions + # defined in this script whose name starts with "component_". + # Parse the script with sed, because in sh there is no way to list + # defined functions. + ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0") + + # Exclude components that are not supported on this platform. + SUPPORTED_COMPONENTS= + for component in $ALL_COMPONENTS; do + case $(type "support_$component" 2>&1) in + *' function'*) + if ! support_$component; then continue; fi;; + esac + SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" + done } -# Test whether $1 is excluded via $COMPONENTS (a space-separated list of -# wildcard patterns). -component_is_excluded() +# Test whether $1 is excluded via the command line. +is_component_excluded() { + # Is $1 excluded via $COMPONENTS (a space-separated list of wildcard + # patterns)? set -f for pattern in $COMPONENTS; do set +f @@ -149,7 +167,8 @@ By default, run all tests. With one or more COMPONENT, run only those. Special options: -h|--help Print this help and exit. - --list-components List available test components and exit. + --list-all-components List all available test components and exit. + --list-components List components supported on this platform and exit. General options: -f|--force Force the tests to overwrite any modified files. @@ -285,7 +304,8 @@ pre_parse_command_line () { --gnutls-serv) shift; GNUTLS_SERV="$1";; --help|-h) usage; exit;; --keep-going|-k) KEEP_GOING=1;; - --list-components) INTROSPECTION_MODE=list_components;; + --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; + --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; --memory|-m) MEMORY=1;; --no-armcc) RUN_ARMCC=0;; --no-force) FORCE=0;; @@ -831,6 +851,12 @@ component_test_m32_o0 () { msg "test: i386, make, gcc -O0 (ASan build)" make test } +support_test_m32_o0 () { + case $(uname -m) in + *64*) true;; + *) false;; + esac +} component_test_m32_o1 () { # Build again with -O1, to compile in the i386 specific inline assembly @@ -841,6 +867,9 @@ component_test_m32_o1 () { msg "test: i386, make, gcc -O1 (ASan build)" make test } +support_test_m32_o1 () { + support_test_m32_o0 "$@" +} component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s @@ -850,6 +879,12 @@ component_test_mx32 () { msg "test: 64-bit ILP32, make, gcc" make test } +support_test_mx32 () { + case $(uname -m) in + amd64|x86_64) true;; + *) false;; + esac +} component_test_have_int32 () { msg "build: gcc, force 32-bit bignum limbs" @@ -1149,77 +1184,8 @@ post_report () { #### Run all the things ################################################################ -run_all_components () { - # Small things - run_component component_check_recursion - run_component component_check_generated_files - run_component component_check_doxy_blocks - run_component component_check_files - run_component component_check_names - run_component component_check_doxygen_warnings - - # Test many different configurations - run_component component_test_default_cmake_gcc_asan - run_component component_test_ref_configs - run_component component_test_sslv3 - run_component component_test_no_renegotiation - run_component component_test_rsa_no_crt - run_component component_test_small_ssl_out_content_len - run_component component_test_small_ssl_in_content_len - run_component component_test_small_ssl_dtls_max_buffering - run_component component_test_small_mbedtls_ssl_dtls_max_buffering - run_component component_test_full_cmake_clang - run_component component_build_deprecated - run_component component_test_depends_curves - run_component component_test_depends_hashes - run_component component_test_depends_pkalgs - run_component component_build_key_exchanges - run_component component_build_default_make_gcc_and_cxx - run_component component_test_no_platform - run_component component_build_no_std_function - run_component component_build_no_ssl_srv - run_component component_build_no_ssl_cli - run_component component_build_no_sockets - run_component component_test_no_max_fragment_length - run_component component_test_no_max_fragment_length_small_ssl_out_content_len - run_component component_test_null_entropy - run_component component_test_platform_calloc_macro - run_component component_test_aes_fewer_tables - run_component component_test_aes_rom_tables - run_component component_test_aes_fewer_tables_and_rom_tables - run_component component_test_make_shared - case $(uname -m) in - amd64|x86_64) - run_component component_test_m32_o0 - run_component component_test_m32_o1 - run_component component_test_mx32 - ;; - esac - run_component component_test_have_int32 - run_component component_test_have_int64 - run_component component_test_no_udbl_division - run_component component_test_no_64bit_multiplication - run_component component_build_arm_none_eabi_gcc - run_component component_build_arm_none_eabi_gcc_no_udbl_division - run_component component_build_arm_none_eabi_gcc_no_64bit_multiplication - run_component component_build_armcc - run_component component_test_allow_sha1 - run_component component_build_mingw - run_component component_test_memsan - run_component component_test_memcheck - run_component component_test_cmake_out_of_source - - # More small things - run_component component_test_zeroize - run_component component_check_python_files - run_component component_check_generate_test_code -} - # Run one component and clean up afterwards. run_component () { - if [ $ALL_EXCEPT -ne 0 ] && component_is_excluded "$1"; then - return - fi # Back up the configuration in case the component modifies it. # The cleanup function will restore it. cp -p "$CONFIG_H" "$CONFIG_BAK" @@ -1233,47 +1199,33 @@ pre_check_environment pre_initialize_variables pre_parse_command_line "$@" -case "$INTROSPECTION_MODE" in - list_components) - components= - newline=' -' - run_component () { - components="${components}${newline}${1#component_}" - } - ;; - - *) - pre_check_git - build_status=0 - if [ $KEEP_GOING -eq 1 ]; then - pre_setup_keep_going - else - record_status () { - "$@" - } - fi - pre_print_configuration - pre_check_tools - pre_print_tools - cleanup - ;; -esac +pre_check_git +build_status=0 +if [ $KEEP_GOING -eq 1 ]; then + pre_setup_keep_going +else + record_status () { + "$@" + } +fi +pre_print_configuration +pre_check_tools +pre_print_tools +cleanup if [ -n "$COMPONENTS" ] && [ $ALL_EXCEPT -eq 0 ]; then + # Run the components passed on the command line. for component in $COMPONENTS; do - run_component "component_$component" + run_component "component_$component" done else - run_all_components + # Run all components except those excluded on the command line. + for component in $SUPPORTED_COMPONENTS; do + if ! is_component_excluded "$component"; then + run_component "component_$component" + fi + done fi # We're done. -case "$INTROSPECTION_MODE" in - list_components) - echo "$components" | sort - ;; - *) - post_report - ;; -esac +post_report From 1bcb1c8e284d3bcce7b57062201215afdcd7c7fe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 22:11:25 +0000 Subject: [PATCH 0906/2197] all.sh: Always build the list of components to run Build the list of components to run in $RUN_COMPONENTS as part of command line parsing. After parsing the command line, it no longer matters how this list was built. --- tests/scripts/all.sh | 47 ++++++++++++++++++++++++++------------------ 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8faa441fe..46ca5d5f4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -103,8 +103,6 @@ pre_initialize_variables () { CONFIG_H='include/mbedtls/config.h' CONFIG_BAK="$CONFIG_H.bak" - COMPONENTS= - ALL_EXCEPT=0 MEMORY=0 FORCE=0 KEEP_GOING=0 @@ -150,7 +148,7 @@ is_component_excluded() # Is $1 excluded via $COMPONENTS (a space-separated list of wildcard # patterns)? set -f - for pattern in $COMPONENTS; do + for pattern in $COMMAND_LINE_COMPONENTS; do set +f case ${1#component_} in $pattern) return 0;; esac done @@ -291,12 +289,15 @@ check_headers_in_cpp () { } pre_parse_command_line () { + COMMAND_LINE_COMPONENTS= + all_except= + while [ $# -gt 0 ]; do case "$1" in --armcc) RUN_ARMCC=1;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; - --except) ALL_EXCEPT=1;; + --except) all_except=1;; --force|-f) FORCE=1;; --gnutls-cli) shift; GNUTLS_CLI="$1";; --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; @@ -323,11 +324,28 @@ pre_parse_command_line () { echo >&2 "Run $0 --help for usage." exit 120 ;; - *) - COMPONENTS="$COMPONENTS $1";; + *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";; esac shift done + + if [ -z "$COMMAND_LINE_COMPONENTS" ]; then + all_except=1 + fi + + # Build the list of components to run. + if [ -n "$all_except" ]; then + RUN_COMPONENTS= + for component in $SUPPORTED_COMPONENTS; do + if ! is_component_excluded "$component"; then + RUN_COMPONENTS="$RUN_COMPONENTS $component" + fi + done + else + RUN_COMPONENTS="$COMMAND_LINE_COMPONENTS" + fi + + unset all_except } pre_check_git () { @@ -1213,19 +1231,10 @@ pre_check_tools pre_print_tools cleanup -if [ -n "$COMPONENTS" ] && [ $ALL_EXCEPT -eq 0 ]; then - # Run the components passed on the command line. - for component in $COMPONENTS; do - run_component "component_$component" - done -else - # Run all components except those excluded on the command line. - for component in $SUPPORTED_COMPONENTS; do - if ! is_component_excluded "$component"; then - run_component "component_$component" - fi - done -fi +# Run the requested tests. +for component in $RUN_COMPONENTS; do + run_component "component_$component" +done # We're done. post_report From e26ab189cb3b08b8460e419a69589a6861e8b541 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 22:23:42 +0000 Subject: [PATCH 0907/2197] all.sh: only look for armcc if it is used Only look for armcc if component_build_armcc is to be executed, instead of requiring the option --no-armcc. You can still pass --no-armcc, but it's no longer required when listing components to run. With no list of components or an exclude list on the command line, --no-armcc is equivalent to having build_armcc in the exclude list. --- tests/scripts/all.sh | 60 ++++++++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 24 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 46ca5d5f4..a0523de8d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -106,7 +106,6 @@ pre_initialize_variables () { MEMORY=0 FORCE=0 KEEP_GOING=0 - RUN_ARMCC=1 # Default commands, can be overriden by the environment : ${OPENSSL:="openssl"} @@ -291,10 +290,11 @@ check_headers_in_cpp () { pre_parse_command_line () { COMMAND_LINE_COMPONENTS= all_except= + no_armcc= while [ $# -gt 0 ]; do case "$1" in - --armcc) RUN_ARMCC=1;; + --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; --except) all_except=1;; @@ -308,7 +308,7 @@ pre_parse_command_line () { --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; --memory|-m) MEMORY=1;; - --no-armcc) RUN_ARMCC=0;; + --no-armcc) no_armcc=1;; --no-force) FORCE=0;; --no-keep-going) KEEP_GOING=0;; --no-memory) MEMORY=0;; @@ -333,6 +333,12 @@ pre_parse_command_line () { all_except=1 fi + # --no-armcc is a legacy option. The modern way is --except '*_armcc*'. + # Ignore it if components are listed explicitly on the command line. + if [ -n "$no_armcc" ] && [ -n "$all_except" ]; then + COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*" + fi + # Build the list of components to run. if [ -n "$all_except" ]; then RUN_COMPONENTS= @@ -346,6 +352,7 @@ pre_parse_command_line () { fi unset all_except + unset no_armcc } pre_check_git () { @@ -476,9 +483,10 @@ pre_check_tools () { "$GNUTLS_CLI" "$GNUTLS_SERV" \ "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \ "arm-none-eabi-gcc" "i686-w64-mingw32-gcc" "gdb" - if [ $RUN_ARMCC -ne 0 ]; then - check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR" - fi + case $RUN_COMPONENTS in + *_armcc*) + check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";; + esac } @@ -499,10 +507,16 @@ pre_check_tools () { pre_print_tools () { msg "info: output_env.sh" - OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \ - GNUTLS_SERV="$GNUTLS_SERV" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \ - GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" ARMC5_CC="$ARMC5_CC" \ - ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh + set env + set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" + set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" + set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" + case $RUN_COMPONENTS in + *_armcc*) + set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; + *) set "$@" RUN_ARMCC=0;; + esac + "$@" scripts/output_env.sh } component_check_recursion () { @@ -1032,25 +1046,23 @@ component_build_armcc () { scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME - if [ $RUN_ARMCC -ne 0 ]; then - make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib - make clean + make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib + make clean - # ARM Compiler 6 - Target ARMv7-A - armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a" + # ARM Compiler 6 - Target ARMv7-A + armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a" - # ARM Compiler 6 - Target ARMv7-M - armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m" + # ARM Compiler 6 - Target ARMv7-M + armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m" - # ARM Compiler 6 - Target ARMv8-A - AArch32 - armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a" + # ARM Compiler 6 - Target ARMv8-A - AArch32 + armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a" - # ARM Compiler 6 - Target ARMv8-M - armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main" + # ARM Compiler 6 - Target ARMv8-M + armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main" - # ARM Compiler 6 - Target ARMv8-A - AArch64 - armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" - fi + # ARM Compiler 6 - Target ARMv8-A - AArch64 + armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" } component_test_allow_sha1 () { From 657f59a5208a4399bcdc6d19212ddaf598b529cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 22:40:00 +0000 Subject: [PATCH 0908/2197] all.sh: only check tools that are going to be used Don't require openssl, mingw, etc. if we aren't going to run a component that uses them. --- tests/scripts/all.sh | 58 +++++++++++++++++++++++++++++--------------- 1 file changed, 39 insertions(+), 19 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a0523de8d..766be095b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -461,30 +461,50 @@ pre_print_configuration () { echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" } +# Make sure the tools we need are available. pre_check_tools () { - ARMC5_CC="$ARMC5_BIN_DIR/armcc" - ARMC5_AR="$ARMC5_BIN_DIR/armar" - ARMC6_CC="$ARMC6_BIN_DIR/armclang" - ARMC6_AR="$ARMC6_BIN_DIR/armar" + case " $RUN_COMPONENTS " in + # Require OpenSSL and GnuTLS if running any tests (as opposed to + # only doing builds). Not all tests run OpenSSL and GnuTLS, but this + # is a good enough approximation in practice. + *" test_"*) + # To avoid setting OpenSSL and GnuTLS for each call to compat.sh + # and ssl-opt.sh, we just export the variables they require. + export OPENSSL_CMD="$OPENSSL" + export GNUTLS_CLI="$GNUTLS_CLI" + export GNUTLS_SERV="$GNUTLS_SERV" + # Avoid passing --seed flag in every call to ssl-opt.sh + if [ -n "${SEED-}" ]; then + export SEED + fi + check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ + "$GNUTLS_CLI" "$GNUTLS_SERV" \ + "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" + ;; + esac - # To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh - # we just export the variables they require - export OPENSSL_CMD="$OPENSSL" - export GNUTLS_CLI="$GNUTLS_CLI" - export GNUTLS_SERV="$GNUTLS_SERV" + case " $RUN_COMPONENTS " in + *_doxygen[_\ ]*) check_tools "doxygen" "dot";; + esac - # Avoid passing --seed flag in every call to ssl-opt.sh - if [ -n "${SEED-}" ]; then - export SEED - fi + case " $RUN_COMPONENTS " in + *_arm_none_eabi_gcc[_\ ]*) check_tools "arm-none-eabi-gcc";; + esac - # Make sure the tools we need are available. - check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ - "$GNUTLS_CLI" "$GNUTLS_SERV" \ - "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \ - "arm-none-eabi-gcc" "i686-w64-mingw32-gcc" "gdb" - case $RUN_COMPONENTS in + case " $RUN_COMPONENTS " in + *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";; + esac + + case " $RUN_COMPONENTS " in + *" test_zeroize "*) check_tools "gdb";; + esac + + case " $RUN_COMPONENTS " in *_armcc*) + ARMC5_CC="$ARMC5_BIN_DIR/armcc" + ARMC5_AR="$ARMC5_BIN_DIR/armar" + ARMC6_CC="$ARMC6_BIN_DIR/armclang" + ARMC6_AR="$ARMC6_BIN_DIR/armar" check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";; esac } From 2edf47c2c395eb023fd7bbff1d1f2c59429d344b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 6 Jan 2019 22:46:21 +0000 Subject: [PATCH 0909/2197] Merge the code to call output_env.sh into pre_check_tools It's all about tool detection. --- tests/scripts/all.sh | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 766be095b..a061d1033 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -463,6 +463,9 @@ pre_print_configuration () { # Make sure the tools we need are available. pre_check_tools () { + # Build the list of variables to pass to output_env.sh. + set env + case " $RUN_COMPONENTS " in # Require OpenSSL and GnuTLS if running any tests (as opposed to # only doing builds). Not all tests run OpenSSL and GnuTLS, but this @@ -477,6 +480,10 @@ pre_check_tools () { if [ -n "${SEED-}" ]; then export SEED fi + set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" + set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" + set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" + set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ "$GNUTLS_CLI" "$GNUTLS_SERV" \ "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" @@ -507,9 +514,18 @@ pre_check_tools () { ARMC6_AR="$ARMC6_BIN_DIR/armar" check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";; esac + + msg "info: output_env.sh" + case $RUN_COMPONENTS in + *_armcc*) + set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; + *) set "$@" RUN_ARMCC=0;; + esac + "$@" scripts/output_env.sh } + ################################################################ #### Basic checks ################################################################ @@ -525,20 +541,6 @@ pre_check_tools () { # # Indicative running times are given for reference. -pre_print_tools () { - msg "info: output_env.sh" - set env - set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" - set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" - set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" - case $RUN_COMPONENTS in - *_armcc*) - set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; - *) set "$@" RUN_ARMCC=0;; - esac - "$@" scripts/output_env.sh -} - component_check_recursion () { msg "test: recursion.pl" # < 1s record_status tests/scripts/recursion.pl library/*.c @@ -1260,7 +1262,6 @@ else fi pre_print_configuration pre_check_tools -pre_print_tools cleanup # Run the requested tests. From 92bff7f9bfbcb6b95ab3975afccd5a6afee8f72a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jan 2019 22:29:17 +0100 Subject: [PATCH 0910/2197] all.sh: Update the maintainer documentation --- tests/scripts/all.sh | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a061d1033..56e715afb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -59,29 +59,42 @@ # following naming conventions: # * pre_XXX: things to do before running the tests, in order. # * component_XXX: independent components. They can be run in any order. -# * component_check_XXX: quick tests that aren't worth parallelizing -# * component_build_XXX: build things but don't run them -# * component_test_XXX: build and test +# * component_check_XXX: quick tests that aren't worth parallelizing. +# * component_build_XXX: build things but don't run them. +# * component_test_XXX: build and test. # * support_XXX: if support_XXX exists and returns false then # component_XXX is not run by default. # * post_XXX: things to do after running the tests. # * other: miscellaneous support functions. # +# Each component must start by invoking `msg` with a short informative message. +# +# The framework performs some cleanup tasks after each component. This +# means that components can assume that the working directory is in a +# cleaned-up state, and don't need to perform the cleanup themselves. +# * Run `make clean`. +# * Restore `include/mbedtks/config.h` from a backup made before running +# the component. +# * Check out `Makefile`, `library/Makefile`, `programs/Makefile` and +# `tests/Makefile` from git. This cleans up after an in-tree use of +# CMake. +# +# Any command that is expected to fail must be protected so that the +# script keeps running in --keep-going mode despite `set -e`. In keep-going +# mode, if a protected command fails, this is logged as a failure and the +# script will exit with a failure status once it has run all components. +# Commands can be protected in any of the following ways: +# * `make` is a function which runs the `make` command with protection. +# Note that you must write `make VAR=value`, not `VAR=value make`, +# because the `VAR=value make` syntax doesn't work with functions. +# * Put `report_status` before the command to protect it. +# * Put `if_build_successful` before a command. This protects it, and +# additionally skips it if a prior invocation of `make` in the same +# component failed. +# # The tests are roughly in order from fastest to slowest. This doesn't # have to be exact, but in general you should add slower tests towards # the end and fast checks near the beginning. -# -# Sanity checks have the following form: -# 1. msg "short description of what is about to be done" -# 2. run sanity check (failure stops the script) -# -# Build or build-and-test steps have the following form: -# 1. msg "short description of what is about to be done" -# 2. cleanup -# 3. preparation (config.pl, cmake, ...) (failure stops the script) -# 4. make -# 5. Run tests if relevant. All tests must be prefixed with -# if_build_successful for the sake of --keep-going. From add1d23b26242f8287a50770b12c5062d32ca59b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jan 2019 22:30:01 +0100 Subject: [PATCH 0911/2197] Fix sometimes-spurious warning about changed config.h After backing up and restoring config.h, `git diff-files` may report it as potentially-changed because it isn't sure whether the index is up to date. Use `git diff` instead: it actually reads the file. --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 56e715afb..01e7a5fe2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -381,7 +381,7 @@ pre_check_git () { exit 1 fi - if ! git diff-files --quiet include/mbedtls/config.h; then + if ! git diff --quiet include/mbedtls/config.h; then err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. " echo "You can either delete or preserve your work, or force the test by rerunning the" echo "script as: $0 --force" From d692e11309961f84e9e1bd3f47524539adfa237e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jan 2019 23:17:35 +0100 Subject: [PATCH 0912/2197] Delete $OUT_OF_SOURCE_DIR under --force The deletion of "$OUT_OF_SOURCE_DIR" had mistakenly been lumped together with Yotta and then removed when Yotta support was removed. Bring it back. --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 01e7a5fe2..66980b1bd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -370,6 +370,7 @@ pre_parse_command_line () { pre_check_git () { if [ $FORCE -eq 1 ]; then + rm -rf "$OUT_OF_SOURCE_DIR" git checkout-index -f -q $CONFIG_H cleanup else From a49b00f2ede8b5e293f5d5001f952b5b27c466ea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jan 2019 00:05:18 +0100 Subject: [PATCH 0913/2197] Support wildcard patterns with a positive list of components to run Wildcard patterns now work with command line COMPONENT arguments without --except as well as with. You can now run e.g. `all.sh "check_*` to run all the sanity checks. --- tests/scripts/all.sh | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 66980b1bd..5ee3571f9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -154,11 +154,9 @@ pre_initialize_variables () { done } -# Test whether $1 is excluded via the command line. -is_component_excluded() +# Test whether the component $1 is included in the command line patterns. +is_component_included() { - # Is $1 excluded via $COMPONENTS (a space-separated list of wildcard - # patterns)? set -f for pattern in $COMMAND_LINE_COMPONENTS; do set +f @@ -174,6 +172,13 @@ usage() Usage: $0 [OPTION]... [COMPONENT]... Run mbedtls release validation tests. By default, run all tests. With one or more COMPONENT, run only those. +COMPONENT can be the name of a component or a shell wildcard pattern. + +Examples: + $0 "check_*" + Run all sanity checks. + $0 --no-armcc --except test_memsan + Run everything except builds that require armcc and MemSan. Special options: -h|--help Print this help and exit. @@ -185,11 +190,8 @@ General options: -k|--keep-going Run all tests and report errors at the end. -m|--memory Additional optional memory tests. --armcc Run ARM Compiler builds (on by default). - --except If some components are passed on the command line, - run all the tests except for these components. In - this mode, you can pass shell wildcard patterns as - component names, e.g. "$0 --except 'test_*'" to - exclude all components that run tests. + --except Exclude the COMPONENTs listed on the command line, + instead of running only those. --no-armcc Skip ARM Compiler builds. --no-force Refuse to overwrite modified files (default). --no-keep-going Stop at the first error (default). @@ -302,7 +304,7 @@ check_headers_in_cpp () { pre_parse_command_line () { COMMAND_LINE_COMPONENTS= - all_except= + all_except=0 no_armcc= while [ $# -gt 0 ]; do @@ -342,27 +344,24 @@ pre_parse_command_line () { shift done + # With no list of components, run everything. if [ -z "$COMMAND_LINE_COMPONENTS" ]; then all_except=1 fi # --no-armcc is a legacy option. The modern way is --except '*_armcc*'. # Ignore it if components are listed explicitly on the command line. - if [ -n "$no_armcc" ] && [ -n "$all_except" ]; then + if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*" fi # Build the list of components to run. - if [ -n "$all_except" ]; then - RUN_COMPONENTS= - for component in $SUPPORTED_COMPONENTS; do - if ! is_component_excluded "$component"; then - RUN_COMPONENTS="$RUN_COMPONENTS $component" - fi - done - else - RUN_COMPONENTS="$COMMAND_LINE_COMPONENTS" - fi + RUN_COMPONENTS= + for component in $SUPPORTED_COMPONENTS; do + if is_component_included "$component"; [ $? -eq $all_except ]; then + RUN_COMPONENTS="$RUN_COMPONENTS $component" + fi + done unset all_except unset no_armcc From e87898709c7817eadcbf88ac79ac51ba0513d0ae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Jan 2019 00:11:42 +0100 Subject: [PATCH 0914/2197] Rename test_memcheck to test_valgrind Valgrind is what it does. `memcheck` is how it's implemented. --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5ee3571f9..11d10a367 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1143,7 +1143,7 @@ component_test_memsan () { fi } -component_test_memcheck () { +component_test_valgrind () { msg "build: Release (clang)" CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . make From 83d293951c6e76850d5272664f3a260d9e28a351 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 20:17:42 +0000 Subject: [PATCH 0915/2197] psa: Call init when importing private EC keys Previously we weren't initializing the freshly allocated ECP keypair when importing private EC keys. This didn't seem to cause problems, at least according to our current test coverage, but it's better to ensure we don't have a partially initialized object by explicitly initializing the keypair. --- library/psa_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..0a039710a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -572,6 +572,7 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); if( ecp == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); + mbedtls_ecp_keypair_init( ecp ); /* Load the group. */ status = mbedtls_to_psa_error( From d3a0c2c7793c514340a96fcb79292d4e0e35e022 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 17:15:56 +0000 Subject: [PATCH 0916/2197] psa: Document requirements for psa_export_public_key() Copy the nice and clear documentation from psa_export_key() as to what implementations are allowed to do regarding key export formats, as the same applies to public keys. --- include/psa/crypto.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83f..ed3f56369 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -467,6 +467,13 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * The output of this function can be passed to psa_import_key() to * create an object that is equivalent to the public key. * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. + * * The format is the DER representation defined by RFC 5280 as * `SubjectPublicKeyInfo`, with the `subjectPublicKey` format * specified below. From 6b19600fba5d6ad00c55cb03f2834303b1ecaff9 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 10:23:21 +0000 Subject: [PATCH 0917/2197] psa: Simplify RSA public key format Remove pkcs-1 and rsaEncryption front matter from RSA public keys. Move code that was shared between RSA and other key types (like EC keys) to be used only with non-RSA keys. --- include/psa/crypto.h | 28 +++---- library/psa_crypto.c | 30 +++++++- tests/suites/test_suite_psa_crypto.data | 74 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 45 +++++------ .../test_suite_psa_crypto_persistent_key.data | 4 +- 5 files changed, 102 insertions(+), 79 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ed3f56369..316802679 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -474,8 +474,17 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * minimize the risk that an invalid input is accidentally interpreted * according to a different format. * - * The format is the DER representation defined by RFC 5280 as - * `SubjectPublicKeyInfo`, with the `subjectPublicKey` format + * For standard key types, the output format is as follows: + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of + * the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`. + * ``` + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * ``` + * + * For other public key types, the format is the DER representation defined by + * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format * specified below. * ``` * SubjectPublicKeyInfo ::= SEQUENCE { @@ -485,21 +494,6 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } * ``` - * - * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), - * the `subjectPublicKey` format is defined by RFC 3279 §2.3.1 as - * `RSAPublicKey`, - * with the OID `rsaEncryption`, - * and with the parameters `NULL`. - * ``` - * pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - * rsadsi(113549) pkcs(1) 1 } - * rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } - * - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER } -- e - * ``` * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as * `DSAPublicKey`, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0a039710a..e8697a752 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -61,6 +61,7 @@ #include "mbedtls/arc4.h" #include "mbedtls/asn1.h" +#include "mbedtls/asn1write.h" #include "mbedtls/bignum.h" #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" @@ -899,6 +900,22 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( PSA_SUCCESS ); } +#if defined(MBEDTLS_RSA_C) +static int pk_write_pubkey_simple( mbedtls_pk_context *key, + unsigned char *buf, size_t size ) +{ + int ret; + unsigned char *c; + size_t len = 0; + + c = buf + size; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); + + return( (int) len ); +} +#endif /* defined(MBEDTLS_RSA_C) */ + static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, uint8_t *data, size_t data_size, @@ -969,9 +986,20 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, #endif } if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) - ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + { + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + { + ret = pk_write_pubkey_simple( &pk, data, data_size ); + } + else + { + ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + } + } else + { ret = mbedtls_pk_write_key_der( &pk, data, data_size ); + } if( ret < 0 ) { /* If data_size is 0 then data may be NULL and then the diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa0a89052..0806c1df5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -50,7 +50,7 @@ export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALI PSA export a slot after a failed import of a RSA key depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C -export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +export_after_import_failure:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT PSA export a slot after a failed import of an EC keypair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -62,7 +62,7 @@ cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALI PSA export RSA public key from a slot where there was an import followed by destroy. depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY +export_after_destroy_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY PSA export AES key from a slot where there was an import followed by destroy. depends_on:MBEDTLS_AES_C @@ -78,27 +78,27 @@ import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -134,7 +134,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e PSA import RSA keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT PSA import RSA public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -146,23 +146,23 @@ import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2 PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819e300d06092a864886f70d010101050003818c0030818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -170,7 +170,7 @@ import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5f PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"30819e300d06092a864886f70d010101050003818c0030818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED +import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -178,7 +178,7 @@ import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029f PSA import RSA public key: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"30819e300d06092a864886f70d010101050003818c003081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED +import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -319,7 +319,7 @@ import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b1 PSA import failure preserves policy depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS +import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -1116,11 +1116,11 @@ import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a PSA import/exercise RSA public key, PKCS#1 v1.5 raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW +import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA public key, PSS-SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) +import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C @@ -1168,7 +1168,7 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bb PSA sign: invalid key type, signing with a public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 @@ -1204,7 +1204,7 @@ sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1212,23 +1212,23 @@ asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84f PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PSS SHA-256, good signature, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" PSA verify: RSA PSS SHA-256, good signature, 129 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C @@ -1252,23 +1252,23 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab4543 PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good, with label depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1280,19 +1280,19 @@ asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA encrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: salt not allowed depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: invalid key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1376,11 +1376,11 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6916bf42e..4d6cefb0e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -625,27 +625,6 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, uint8_t *p = exported; uint8_t *end = exported + exported_length; size_t len; - mbedtls_asn1_buf alg; - mbedtls_asn1_buf params; - mbedtls_asn1_bitstring bitstring; - /* SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - */ - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), - 0 ); - TEST_EQUAL( p + len, end ); - TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); - if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) - goto exit; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); - TEST_EQUAL( p, end ); - p = bitstring.p; #if defined(MBEDTLS_RSA_C) if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { @@ -653,7 +632,6 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_EQUAL( bitstring.unused_bits, 0 ); TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ), @@ -670,6 +648,29 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) { + mbedtls_asn1_buf alg; + mbedtls_asn1_buf params; + mbedtls_asn1_bitstring bitstring; + /* SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + */ + + TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ), + 0 ); + TEST_EQUAL( p + len, end ); + TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); + if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) + goto exit; + TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); + TEST_EQUAL( p, end ); + p = bitstring.p; + /* ECPoint ::= ... * -- first 8 bits: 0x04 (uncompressed representation); * -- then x_P as an n-bit string, big endian; diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index c9eb8e103..613968dd5 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -48,7 +48,7 @@ import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0 import/export persistent key RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0 +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0 import/export persistent key RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -59,7 +59,7 @@ import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1 import/export persistent key RSA public key file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1 +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1 import/export persistent key RSA keypair file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C From d35b489ce56fbaca81481a077a9c9cf261c7d876 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 16:02:15 +0100 Subject: [PATCH 0918/2197] New macro PSA_ALG_IS_HASH_AND_SIGN Test for a subclass of public-key algorithm: those that perform full-domain hashing, i.e. algorithms that can be broken down as sign(key, hash(message)). --- include/psa/crypto_values.h | 20 +++++++++++++++++-- .../test_suite_psa_crypto_metadata.data | 16 +++++++-------- .../test_suite_psa_crypto_metadata.function | 10 ++++++---- 3 files changed, 32 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 4d25835be..a4257da3d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1046,6 +1046,23 @@ #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +/** Whether the specified algorithm is a hash-and-sign algorithm. + * + * Hash-and-sign algorithms are public-key signature algorithms structured + * in two parts: first the calculation of a hash in a way that does not + * depend on the key, then the calculation of a signature from the + * hash value and the key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) + /** Get the hash used by a hash-and-sign signature algorithm. * * A hash-and-sign algorithm is a signature algorithm which is @@ -1065,8 +1082,7 @@ * if it is not supported by the implementation. */ #define PSA_ALG_SIGN_GET_HASH(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b61d8e1aa..5a94ed741 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -200,35 +200,35 @@ aead_algorithm:PSA_ALG_GCM:0:16 Asymmetric signature: RSA PKCS#1 v1.5 raw depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN +asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN Asymmetric signature: RSA PKCS#1 v1.5 SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN +asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN Asymmetric signature: RSA PSS SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS +asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256 depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA +asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC -asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC +asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN Asymmetric signature: randomized ECDSA (no hashing) depends_on:MBEDTLS_ECDSA_C -asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA +asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + randomized ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA +asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC +asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN Asymmetric encryption: RSA PKCS#1 v1.5 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 94e6f6cb7..83ac75e1e 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -29,10 +29,11 @@ #define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 ) #define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 ) #define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 ) -#define ALG_IS_RSA_OAEP ( 1u << 14 ) -#define ALG_IS_HKDF ( 1u << 15 ) -#define ALG_IS_FFDH ( 1u << 16 ) -#define ALG_IS_ECDH ( 1u << 17 ) +#define ALG_IS_HASH_AND_SIGN ( 1u << 14 ) +#define ALG_IS_RSA_OAEP ( 1u << 15 ) +#define ALG_IS_HKDF ( 1u << 16 ) +#define ALG_IS_FFDH ( 1u << 17 ) +#define ALG_IS_ECDH ( 1u << 18 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -67,6 +68,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags ); exit: ; From 5f25dd00c049039d2a792d0d360adb753795bebb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 18:24:53 +0100 Subject: [PATCH 0919/2197] Document that destroying a key aborts any ongoing operation Document that psa_close_key() and psa_destroy_key() abort any ongoing multipart operation that is using the key. This is not implemented yet. --- include/psa/crypto.h | 22 ++++++++++++++-------- library/psa_crypto.c | 7 +++++++ 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83f..931a768a4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -231,6 +231,9 @@ psa_status_t psa_create_key(psa_key_lifetime_t lifetime, * with the key in volatile memory. The key slot in persistent storage is * not affected and can be opened again later with psa_open_key(). * + * If the key is currently in use in a multipart operation, + * the multipart operation is aborted. + * * \param handle The key handle to close. * * \retval #PSA_SUCCESS @@ -315,6 +318,9 @@ psa_status_t psa_import_key(psa_key_handle_t handle, * This function also erases any metadata such as policies and frees all * resources associated with the key. * + * If the key is currently in use in a multipart operation, + * the multipart operation is aborted. + * * \param handle Handle to the key slot to erase. * * \retval #PSA_SUCCESS @@ -986,8 +992,6 @@ static psa_mac_operation_t psa_mac_operation_init(void); * -# Initialize the operation object with one of the methods described in the * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT. * -# Call psa_mac_sign_setup() to specify the algorithm and key. - * The key remains associated with the operation even if the content - * of the key slot changes. * -# Call psa_mac_update() zero, one or more times, passing a fragment * of the message each time. The MAC that is calculated is the MAC * of the concatenation of these messages in order. @@ -1006,6 +1010,8 @@ static psa_mac_operation_t psa_mac_operation_init(void); * been initialized as per the documentation for * #psa_mac_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(alg) is true). * @@ -1042,8 +1048,6 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * -# Initialize the operation object with one of the methods described in the * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT. * -# Call psa_mac_verify_setup() to specify the algorithm and key. - * The key remains associated with the operation even if the content - * of the key slot changes. * -# Call psa_mac_update() zero, one or more times, passing a fragment * of the message each time. The MAC that is calculated is the MAC * of the concatenation of these messages in order. @@ -1063,6 +1067,8 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * been initialized as per the documentation for * #psa_mac_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_MAC(\p alg) is true). * @@ -1283,8 +1289,6 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * documentation for #psa_cipher_operation_t, e.g. * PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. - * The key remains associated with the operation even if the content - * of the key slot changes. * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to * generate or set the IV (initialization vector). You should use * psa_cipher_generate_iv() unless the protocol you are implementing @@ -1307,6 +1311,8 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * been initialized as per the documentation for * #psa_cipher_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). @@ -1343,8 +1349,6 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * documentation for #psa_cipher_operation_t, e.g. * PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. - * The key remains associated with the operation even if the content - * of the key slot changes. * -# Call psa_cipher_update() with the IV (initialization vector) for the * decryption. If the IV is prepended to the ciphertext, you can call * psa_cipher_update() on a buffer containing the IV followed by the @@ -1366,6 +1370,8 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * been initialized as per the documentation for * #psa_cipher_operation_t and not yet in use. * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. * \param alg The cipher algorithm to compute * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..c1cfe7d03 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -784,11 +784,18 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) return( PSA_SUCCESS ); } +static void psa_abort_operations_using_key( psa_key_slot_t *slot ) +{ + /*TODO*/ + (void) slot; +} + /** Completely wipe a slot in memory, including its policy. * Persistent storage is not affected. */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); + psa_abort_operations_using_key( slot ); /* At this point, key material and other type-specific content has * been wiped. Clear remaining metadata. We can call memset and not * zeroize because the metadata is not particularly sensitive. */ From f45adda9ac7519124d754199cd3fd134c873f079 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 18:29:18 +0100 Subject: [PATCH 0920/2197] Copyedit the documentation of multipart operation functions Finish changing "start" to "set up". Correct the way to set an IV for decryption: it's set_iv(), not update(). When decrypting, the IV is given, not random. --- include/psa/crypto.h | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 931a768a4..cbb6cfb0c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -756,7 +756,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; */ static psa_hash_operation_t psa_hash_operation_init(void); -/** Start a multipart hash operation. +/** Set up a multipart hash operation. * * The sequence of operations to calculate a hash (message digest) * is as follows: @@ -811,7 +811,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -848,7 +848,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) @@ -888,7 +888,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * The hash of the message was calculated successfully, but it * differs from the expected hash. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -979,7 +979,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; */ static psa_mac_operation_t psa_mac_operation_init(void); -/** Start a multipart MAC calculation operation. +/** Set up a multipart MAC calculation operation. * * This function sets up the calculation of the MAC * (message authentication code) of a byte string. @@ -1037,7 +1037,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg); -/** Start a multipart MAC verification operation. +/** Set up a multipart MAC verification operation. * * This function sets up the verification of the MAC * (message authentication code) of a byte string against an expected value. @@ -1109,7 +1109,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1148,7 +1148,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). @@ -1187,7 +1187,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * The MAC of the message was calculated successfully, but it * differs from the expected MAC. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1303,8 +1303,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * After a successful call to psa_cipher_encrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to psa_cipher_generate_iv(), psa_cipher_set_iv() - * or psa_cipher_update(). + * - A failed call to any of the \c psa_cipher_xxx functions. * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param[in,out] operation The operation object to set up. It must have @@ -1349,7 +1348,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * documentation for #psa_cipher_operation_t, e.g. * PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. - * -# Call psa_cipher_update() with the IV (initialization vector) for the + * -# Call psa_cipher_set_iv() with the IV (initialization vector) for the * decryption. If the IV is prepended to the ciphertext, you can call * psa_cipher_update() on a buffer containing the IV followed by the * beginning of the message. @@ -1363,7 +1362,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * After a successful call to psa_cipher_decrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to psa_cipher_update(). + * - A failed call to any of the \c psa_cipher_xxx functions. * - A call to psa_cipher_finish() or psa_cipher_abort(). * * \param[in,out] operation The operation object to set up. It must have @@ -1418,7 +1417,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or IV already set). + * The operation state is not valid (not set up, or IV already set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p iv buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1433,7 +1432,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, /** Set the IV for a symmetric encryption or decryption operation. * - * This function sets the random IV (initialization vector), nonce + * This function sets the IV (initialization vector), nonce * or initial counter value for the encryption or decryption operation. * * The application must call psa_cipher_encrypt_setup() before @@ -1452,7 +1451,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or IV already set). + * The operation state is not valid (not set up, or IV already set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. @@ -1488,7 +1487,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, IV required but + * The operation state is not valid (not set up, IV required but * not set, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. @@ -1526,7 +1525,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, IV required but + * The operation state is not valid (not set up, IV required but * not set, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. From 30a9e4107615dc12bfd6235db06ae3a23093f85c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 18:36:12 +0100 Subject: [PATCH 0921/2197] Declare multipart AEAD functions Declare and document multipart AEAD functions. This commit does not contain any implementation or tests. --- include/psa/crypto.h | 437 ++++++++++++++++++++++++++++++++++++ include/psa/crypto_sizes.h | 21 ++ include/psa/crypto_struct.h | 21 ++ library/psa_crypto.c | 8 +- 4 files changed, 483 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cbb6cfb0c..e2f6198ad 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1691,6 +1691,443 @@ psa_status_t psa_aead_decrypt(psa_key_handle_t handle, size_t plaintext_size, size_t *plaintext_length); +/** The type of the state data structure for multipart AEAD operations. + * + * Before calling any function on an AEAD operation object, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_aead_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_aead_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_AEAD_OPERATION_INIT, + * for example: + * \code + * psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT; + * \endcode + * - Assign the result of the function psa_aead_operation_init() + * to the structure, for example: + * \code + * psa_aead_operation_t operation; + * operation = psa_aead_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_aead_operation_s psa_aead_operation_t; + +/** \def PSA_AEAD_OPERATION_INIT + * + * This macro returns a suitable initializer for an AEAD operation object of + * type #psa_aead_operation_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_AEAD_OPERATION_INIT {0} +#endif + +/** Return an initial value for an AEAD operation object. + */ +static psa_aead_operation_t psa_aead_operation_init(void); + +/** Set the key for a multipart authenticated encryption operation. + * + * The sequence of operations to encrypt a message with authentication + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_aead_operation_t, e.g. + * PSA_AEAD_OPERATION_INIT. + * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. + * -# Call either psa_aead_generate_nonce() or psa_aead_set_nonce() to + * generate or set the nonce. You should use + * psa_aead_generate_nonce() unless the protocol you are implementing + * requires a specific nonce value. + * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment + * of the non-encrypted additional authenticated data each time. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_aead_finish(). + * + * The application may call psa_aead_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_aead_encrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A failed call to any of the \c psa_aead_xxx functions. + * - A call to psa_aead_finish(), psa_aead_verify() or psa_aead_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_aead_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Set the key for a multipart authenticated decryption operation. + * + * The sequence of operations to decrypt a message with authentication + * is as follows: + * -# Allocate an operation object which will be passed to all the functions + * listed here. + * -# Initialize the operation object with one of the methods described in the + * documentation for #psa_aead_operation_t, e.g. + * PSA_AEAD_OPERATION_INIT. + * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. + * -# Call psa_aead_set_nonce() with the nonce for the decryption. + * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment + * of the non-encrypted additional authenticated data each time. + * -# Call psa_aead_update() zero, one or more times, passing a fragment + * of the message each time. + * -# Call psa_aead_finish(). + * + * The application may call psa_aead_abort() at any time after the operation + * has been initialized. + * + * After a successful call to psa_aead_decrypt_setup(), the application must + * eventually terminate the operation. The following events terminate an + * operation: + * - A failed call to any of the \c psa_aead_xxx functions. + * - A call to psa_aead_finish(), psa_aead_verify() or psa_aead_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized as per the documentation for + * #psa_aead_operation_t and not yet in use. + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The AEAD algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not an AEAD algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, + psa_key_handle_t handle, + psa_algorithm_t alg); + +/** Generate a random nonce for an authenticated encryption operation. + * + * This function generates a random nonce for the authenticated encryption + * operation with an appropriate size for the chosen algorithm, key type + * and key size. + * + * The application must call psa_aead_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation becomes inactive. + * + * \param[in,out] operation Active AEAD operation. + * \param[out] nonce Buffer where the generated nonce is to be + * written. + * \param nonce_size Size of the \p nonce buffer in bytes. + * \param[out] nonce_length On success, the number of bytes of the + * generated nonce. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, or nonce already set). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p nonce buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, + unsigned char *nonce, + size_t nonce_size, + size_t *nonce_length); + +/** Set the nonce for an authenticated encryption or decryption operation. + * + * This function sets the nonce for the authenticated + * encryption or decryption operation. + * + * The application must call psa_aead_encrypt_setup() before + * calling this function. + * + * If this function returns an error status, the operation becomes inactive. + * + * \note When encrypting, applications should use psa_aead_generate_iv() + * instead of this function, unless implementing a protocol that requires + * a non-random IV. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] iv Buffer containing the nonce to use. + * \param iv_length Size of the nonce in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, or nonce already set). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size of \p nonce is not acceptable for the chosen algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, + const unsigned char *nonce, + size_t nonce_length); + +/** Pass additional data to an active AEAD operation. + * + * Additional data is authenticated, but not encrypted. + * + * You may call this function multiple times to pass successive fragments + * of the additional data. You may not call this function after passing + * data to encrypt or decrypt with psa_aead_update(). + * + * Before calling this function, you must: + * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). + * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). + * + * If this function returns an error status, the operation becomes inactive. + * + * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, + * there is no guarantee that the input is valid. Therefore, until + * you have called psa_aead_verify() and it has returned #PSA_SUCCESS, + * treat the input as untrusted and prepare to undo any action that + * depends on the input if psa_aead_verify() returns an error status. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] input Buffer containing the fragment of + * additional data. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, nonce not set, + * psa_aead_update() already called, or operation already completed). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length); + +/** Encrypt or decrypt a message fragment in an active AEAD operation. + * + * Before calling this function, you must: + * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). + * The choice of setup function determines whether this function + * encrypts or decrypts its input. + * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). + * 3. Call psa_aead_update_ad() to pass all the additional data. + * + * If this function returns an error status, the operation becomes inactive. + * + * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, + * there is no guarantee that the input is valid. Therefore, until + * you have called psa_aead_verify() and it has returned #PSA_SUCCESS: + * - Do not use the output in any way other than storing it in a + * confidential location. If you take any action that depends + * on the tentative decrypted data, this action will need to be + * undone if the input turns out not to be valid. Furthermore, + * if an adversary can observe that this action took place + * (for example through timing), they may be able to use this + * fact as an oracle to decrypt any message encrypted with the + * same key. + * - In particular, do not copy the output anywhere but to a + * memory or storage space that you have exclusive access to. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] input Buffer containing the message fragment to + * encrypt or decrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, nonce not set + * or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_update(psa_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + unsigned char *output, + size_t output_size, + size_t *output_length); + +/** Finish encrypting a message in an AEAD operation. + * + * The operation must have been set up with psa_aead_encrypt_setup(). + * + * This function finishes the authentication of the additional data + * formed by concatenating the inputs passed to preceding calls to + * psa_aead_update_ad() with the plaintext formed by concatenating the + * inputs passed to preceding calls to psa_aead_update(). + * + * This function has two output buffers: + * - \p ciphertext contains trailing ciphertext that was buffered from + * preceding calls to psa_aead_update(). For all standard AEAD algorithms, + * psa_aead_update() does not buffer any output and therefore \p ciphertext + * will not contain any output and can be a 0-sized buffer. + * - \p tag contains the authentication tag. Its length is always + * #PSA_AEAD_TAG_LENGTH(\p alg) where \p alg is the AEAD algorithm + * that the operation performs. + * + * When this function returns, the operation becomes inactive. + * + * \param[in,out] operation Active AEAD operation. + * \param[out] ciphertext Buffer where the last part of the ciphertext + * is to be written. + * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * \param[out] ciphertext_length On success, the number of bytes of + * returned ciphertext. + * \param[out] tag Buffer where the authentication tag is + * to be written. + * \param tag_size Size of the \p tag buffer in bytes. + * \param[out] tag_length On success, the number of bytes + * that make up the returned tag. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, nonce not set, + * decryption, or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_finish(psa_aead_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length); + +/** Finish authenticating and decrypting a message in an AEAD operation. + * + * The operation must have been set up with psa_aead_decrypt_setup(). + * + * This function finishes the authentication of the additional data + * formed by concatenating the inputs passed to preceding calls to + * psa_aead_update_ad() with the ciphertext formed by concatenating the + * inputs passed to preceding calls to psa_aead_update(). + * + * When this function returns, the operation becomes inactive. + * + * \param[in,out] operation Active AEAD operation. + * \param[in] tag Buffer containing the authentication tag. + * \param tag_length Size of the \p tag buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, nonce not set, + * encryption, or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + const uint8_t *tag, + size_t tag_length); + +/** Abort an AEAD operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * psa_aead_encrypt_setup() or psa_aead_decrypt_setup() again. + * + * You may call this function any time after the operation object has + * been initialized by any of the following methods: + * - A call to psa_aead_encrypt_setup() or psa_aead_decrypt_setup(), + * whether it succeeds or not. + * - Initializing the \c struct to all-bits-zero. + * - Initializing the \c struct to logical zeros, e.g. + * `psa_aead_operation_t operation = {0}`. + * + * In particular, calling psa_aead_abort() after the operation has been + * terminated by a call to psa_aead_abort() or psa_aead_finish() + * is safe and has no effect. + * + * \param[in,out] operation Initialized AEAD operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * \p operation is not an active AEAD operation. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_abort(psa_aead_operation_t *operation); + /**@}*/ /** \defgroup asymmetric Asymmetric cryptography diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 5ad695a39..d4182f525 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -268,6 +268,27 @@ (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ 0) +/** The maximum size of the output of psa_aead_finish(), in bytes. + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_finish() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(alg) is true). + * + * \return The maximum trailing ciphertext size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg, plaintext_length) \ + ((size_t)0) + /** The maximum size of the output of psa_aead_decrypt(), in bytes. * * If the size of the plaintext buffer is at least this large, it is diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index ee3ecd776..586e183a7 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -152,6 +152,27 @@ static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) return( v ); } +struct psa_aead_operation_s +{ + psa_algorithm_t alg; + unsigned int key_set : 1; + unsigned int iv_set : 1; + uint8_t iv_size; + uint8_t block_size; + union + { + unsigned dummy; /* Enable easier initializing of the union. */ + mbedtls_cipher_context_t cipher; + } ctx; +}; + +#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} +static inline struct psa_aead_operation_s psa_aead_operation_init( void ) +{ + const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; + return( v ); +} + #if defined(MBEDTLS_MD_C) typedef struct { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c1cfe7d03..da3321eff 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3053,7 +3053,7 @@ typedef struct uint8_t tag_length; } aead_operation_t; -static void psa_aead_abort( aead_operation_t *operation ) +static void psa_aead_abort_internal( aead_operation_t *operation ) { switch( operation->core_alg ) { @@ -3140,7 +3140,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, return( PSA_SUCCESS ); cleanup: - psa_aead_abort( operation ); + psa_aead_abort_internal( operation ); return( status ); } @@ -3211,7 +3211,7 @@ psa_status_t psa_aead_encrypt( psa_key_handle_t handle, memset( ciphertext, 0, ciphertext_size ); exit: - psa_aead_abort( &operation ); + psa_aead_abort_internal( &operation ); if( status == PSA_SUCCESS ) *ciphertext_length = plaintext_length + operation.tag_length; return( status ); @@ -3308,7 +3308,7 @@ psa_status_t psa_aead_decrypt( psa_key_handle_t handle, memset( plaintext, 0, plaintext_size ); exit: - psa_aead_abort( &operation ); + psa_aead_abort_internal( &operation ); if( status == PSA_SUCCESS ) *plaintext_length = ciphertext_length - operation.tag_length; return( status ); From 30f77cdfc17e1a5dcac52f280c44b4ed87c79286 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 16:06:39 +0100 Subject: [PATCH 0922/2197] Add a hash wildcard value for hash-and-sign algorithm You can use PSA_ALG_ANY_HASH to build the algorithm value for a hash-and-sign algorithm in a policy. Then the policy allows usage with this hash-and-sign family with any hash. Test that PSA_ALG_ANY_HASH-based policies allow a specific hash, but not a different hash-and-sign family. Test that PSA_ALG_ANY_HASH is not valid for operations, only in policies. --- include/psa/crypto_values.h | 64 +++++++++++++++++++ library/psa_crypto.c | 27 +++++++- tests/suites/test_suite_psa_crypto.data | 50 ++++++++++++--- tests/suites/test_suite_psa_crypto.function | 18 ++++-- .../test_suite_psa_crypto_metadata.data | 24 +++++++ .../test_suite_psa_crypto_metadata.function | 13 ++++ 6 files changed, 180 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a4257da3d..f072487f2 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -641,6 +641,7 @@ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) + #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) @@ -667,6 +668,41 @@ /** SHA3-512 */ #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +/** Allow any hash algorithm. + * + * This value may only be used to form the algorithm usage field of a policy + * for a signature algorithm that is parametrized by a hash. That is, + * suppose that `PSA_xxx_SIGNATURE` is one of the following macros: + * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, + * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA, + * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. + * Then you may create a key as follows: + * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: + * ``` + * psa_key_policy_set_usage(&policy, + * PSA_KEY_USAGE_SIGN, //or PSA_KEY_USAGE_VERIFY + * PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); + * psa_set_key_policy(handle, &policy); + * ``` + * - Import or generate key material. + * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing + * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each + * call to sign or verify a message may use a different hash. + * ``` + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * ``` + * + * This value may not be used to build other algorithms that are + * parametrized over a hash. For any valid use of this macro to build + * an algorithm `\p alg`, #PSA_ALG_IS_HASH_AND_SIGN(\p alg) is true. + * + * This value may not be used to build an algorithm specification to + * perform an operation. It is only valid to build policies. + */ +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) + #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) /** Macro to build an HMAC algorithm. @@ -914,6 +950,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. * \return Unspecified if \p alg is not a supported @@ -943,6 +981,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PSS signature algorithm. * \return Unspecified if \p alg is not a supported @@ -961,6 +1001,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding DSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -996,6 +1038,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding ECDSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -1028,6 +1072,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding deterministic ECDSA signature * algorithm. @@ -1341,6 +1387,24 @@ #define PSA_ALG_IS_ECDH(alg) \ (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) +/** Whether the specified algorithm encoding is a wildcard. + * + * Wildcard values may only be used to set the usage algorithm field in + * a policy, not to perform an operation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a wildcard algorithm encoding. + * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for + * an operation). + * \return This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_WILDCARD(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ + (alg) == PSA_ALG_ANY_HASH) + /**@}*/ /** \defgroup key_lifetimes Key lifetimes diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..3a97f44b9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -713,6 +713,29 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, return( status ); } +/** Test whether a policy permits an algorithm. + * + * The caller must test usage flags separately. + */ +static int psa_key_policy_permits( const psa_key_policy_t *policy, + psa_algorithm_t alg ) +{ + /* Common case: the policy only allows alg. */ + if( alg == policy->alg ) + return( 1 ); + /* If policy->alg is a hash-and-sign with a wildcard for the hash, + * and alg is the same hash-and-sign family with any hash, + * then alg is compliant with policy->alg. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && + PSA_ALG_SIGN_GET_HASH( policy->alg ) == PSA_ALG_ANY_HASH ) + { + return( ( policy->alg & ~PSA_ALG_HASH_MASK ) == + ( alg & ~PSA_ALG_HASH_MASK ) ); + } + /* If it isn't permitted, it's forbidden. */ + return( 0 ); +} + /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ @@ -740,7 +763,9 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, usage &= ~PSA_KEY_USAGE_EXPORT; if( ( slot->policy.usage & usage ) != usage ) return( PSA_ERROR_NOT_PERMITTED ); - if( alg != 0 && ( alg != slot->policy.alg ) ) + + /* Enforce that the usage policy permits the requested algortihm. */ + if( alg != 0 && ! psa_key_policy_permits( &slot->policy, alg ) ) return( PSA_ERROR_NOT_PERMITTED ); *p_slot = slot; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa0a89052..ce13f9e06 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -417,23 +417,43 @@ asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_K PSA key policy: asymmetric signature, sign | verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 -PSA key policy: asymmetric signature, wrong algorithm +PSA key policy: asymmetric signature, wrong algorithm family depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224) +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 + +PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 + +PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 + +PSA key policy: asymmetric signature, wrong hash algorithm +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, sign but not verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, verify but not sign depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, neither sign nor verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: derive via HKDF, permitted depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -514,6 +534,10 @@ PSA hash setup: bad (unknown hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED +PSA hash setup: bad (wildcard instead of hash algorithm) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED + PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT @@ -1150,6 +1174,12 @@ PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT +PSA sign: RSA PKCS#1 v1.5 raw, invalid hash (wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +# Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler +# to implement. +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED + PSA sign: RSA PKCS#1 v1.5 raw, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT @@ -1162,10 +1192,14 @@ PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: deterministic ECDSA SECP256R1, invalid hash -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT + PSA sign: invalid key type, signing with a public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6916bf42e..24ffe805c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1660,13 +1660,19 @@ void asymmetric_signature_key_policy( int policy_usage, int policy_alg, int key_type, data_t *key_data, - int exercise_alg ) + int exercise_alg, + int payload_length_arg ) { psa_key_handle_t handle = 0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; - unsigned char payload[16] = {1}; - size_t payload_length = sizeof( payload ); + unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be + * compatible with the policy and `payload_length_arg` is supposed to be + * a valid input length to sign. If `payload_length_arg <= 0`, + * `exercise_alg` is supposed to be forbidden by the policy. */ + int compatible_alg = payload_length_arg > 0; + size_t payload_length = compatible_alg ? payload_length_arg : 0; unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; @@ -1685,8 +1691,7 @@ void asymmetric_signature_key_policy( int policy_usage, payload, payload_length, signature, sizeof( signature ), &signature_length ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) + if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) PSA_ASSERT( status ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -1695,8 +1700,7 @@ void asymmetric_signature_key_policy( int policy_usage, status = psa_asymmetric_verify( handle, exercise_alg, payload, payload_length, signature, sizeof( signature ) ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 5a94ed741..1e7a9960f 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -230,6 +230,30 @@ Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN +Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN + +Asymmetric signature: RSA PSS with wildcard hash +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS + +Asymmetric signature: randomized DSA with wildcard hash +depends_on:MBEDTLS_DSA_C +asymmetric_signature_wildcard:PSA_ALG_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA + +Asymmetric signature: deterministic DSA with wildcard hash +depends_on:MBEDTLS_DSA_C:MBEDTLS_DSA_DETERMINISTIC +asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC + +Asymmetric signature: randomized ECDSA with wildcard hash +depends_on:MBEDTLS_ECDSA_C +asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA + +Asymmetric signature: deterministic DSA with wildcard hash +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC +asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC + Asymmetric encryption: RSA PKCS#1 v1.5 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 83ac75e1e..01c8628ce 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -34,6 +34,7 @@ #define ALG_IS_HKDF ( 1u << 16 ) #define ALG_IS_FFDH ( 1u << 17 ) #define ALG_IS_ECDH ( 1u << 18 ) +#define ALG_IS_WILDCARD ( 1u << 19 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -71,6 +72,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_WILDCARD, alg, flags ); exit: ; } @@ -323,6 +325,17 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) } /* END_CASE */ +/* BEGIN_CASE */ +void asymmetric_signature_wildcard( int alg_arg, int classification_flags ) +{ + classification_flags |= ALG_IS_HASH_AND_SIGN | ALG_IS_WILDCARD; + test_asymmetric_signature_algorithm( alg_arg, classification_flags ); + /* Any failure of this test function comes from + * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */ + goto exit; +} +/* END_CASE */ + /* BEGIN_CASE */ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) { From 69647a45a346a7e5e1ff0a2633b9f0e6e2ae4b78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 20:18:12 +0100 Subject: [PATCH 0923/2197] Declare one-shot hash, MAC and cipher functions Declare and document one-shot hash, MAC and cipher functions. This commit does not contain any implementation or tests. --- include/psa/crypto.h | 259 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 259 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e2f6198ad..40b303210 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -710,6 +710,66 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, * @{ */ +/** Calculate the hash (digest) of a message. + * + * \note To verify the hash of a message against an + * expected value, use psa_hash_compare() instead. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_SIZE(\c alg) where \c alg is the + * hash algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +/** Calculate the hash (digest) of a message and compare it with a + * reference value. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer containing the expected hash value. + * \param hash_size Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected hash is identical to the actual hash of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The hash of the message was calculated successfully, but it + * differs from the expected hash. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *hash, + const size_t hash_length); + /** The type of the state data structure for multipart hash operations. * * Before calling any function on a hash operation object, the application must @@ -933,6 +993,87 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * @{ */ +/** Calculate the MAC (message authentication code) of a message. + * + * \note To verify the MAC of a message against an + * expected value, use psa_mac_verify() instead. + * Beware that comparing integrity or authenticity data such as + * MAC values with a function such as \c memcmp is risky + * because the time taken by the comparison may leak information + * about the MAC value which could allow an attacker to guess + * a valid MAC and thereby bypass security controls. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer where the MAC value is to be written. + * \param mac_size Size of the \p mac buffer in bytes. + * \param[out] mac_length On success, the number of bytes + * that make up the mac value. This is always + * #PSA_HASH_SIZE(\c alg) where \c alg is the + * hash algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_mac_compute(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +/** Calculate the MAC of a message and compare it with a reference value. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \p mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected value. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_mac_verify(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + const size_t mac_length); + /** The type of the state data structure for multipart MAC operations. * * Before calling any function on a MAC operation object, the application must @@ -1233,6 +1374,124 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * @{ */ +/** Encrypt a message using a symmetric cipher. + * + * This function encrypts a message with a random IV (initialization + * vector). + * + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to encrypt. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the output is to be written. + * The output contains the IV followed by + * the ciphertext proper. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Decrypt a message using a symmetric cipher. + * + * This function decrypts a message encrypted with a symmetric cipher. + * + * \param handle Handle to the key to use for the operation. + * It must remain valid until the operation + * terminates. + * \param alg The cipher algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_CIPHER(\p alg) is true). + * \param[in] input Buffer containing the message to decrypt. + * This consists of the IV followed by the + * ciphertext proper. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] output Buffer where the plaintext is to be written. + * \param output_size Size of the \p output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a cipher algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Calculate the MAC of a message and compare it with a reference value. + * + * \param handle Handle to the key to use for the operation. + * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_MAC(alg) is true). + * \param[in] input Buffer containing the input message. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] mac Buffer containing the expected MAC value. + * \param mac_length Size of the \p mac buffer in bytes. + * + * \retval #PSA_SUCCESS + * The expected MAC is identical to the actual MAC of the input. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The MAC of the message was calculated successfully, but it + * differs from the expected value. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not compatible with \p alg. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_mac_verify(psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + const size_t mac_length); + /** The type of the state data structure for multipart cipher operations. * * Before calling any function on a cipher operation object, the application From 1e5c2bd8e32378380de67ce8df8d5ce12940c826 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 19:38:51 +0000 Subject: [PATCH 0924/2197] psa: Use psa_status_t in psa_key_agreement_ecdh() Use the PSA-native status type in psa_key_agreement_ecdh() in preparation for us calling PSA functions (and not just Mbed TLS functions) and still being able to return a psa_status_t (without having to translate it to a Mbed TLS error and then back again). --- library/psa_crypto.c | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e8697a752..9b8477ce4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4044,12 +4044,13 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, mbedtls_pk_context pk; mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; - int ret; + psa_status_t status; mbedtls_ecdh_init( &ecdh ); mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ) ); + if( status != PSA_SUCCESS ) goto exit; switch( mbedtls_pk_get_type( &pk ) ) { @@ -4057,33 +4058,36 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, case MBEDTLS_PK_ECKEY_DH: break; default: - ret = MBEDTLS_ERR_ECP_INVALID_KEY; + status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } their_key = mbedtls_pk_ec( pk ); if( their_key->grp.id != our_key->grp.id ) { - ret = MBEDTLS_ERR_ECP_INVALID_KEY; + status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) ); + if( status != PSA_SUCCESS ) goto exit; - ret = mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ) ); + if( status != PSA_SUCCESS ) goto exit; - ret = mbedtls_ecdh_calc_secret( &ecdh, - shared_secret_length, - shared_secret, shared_secret_size, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg ); + status = mbedtls_to_psa_error( + mbedtls_ecdh_calc_secret( &ecdh, + shared_secret_length, + shared_secret, shared_secret_size, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ) ); exit: mbedtls_pk_free( &pk ); mbedtls_ecdh_free( &ecdh ); - return( mbedtls_to_psa_error( ret ) ); + return( status ); } #endif /* MBEDTLS_ECDH_C */ From 0ae445f8fd3bd4866983f181de5cc14458d3f95c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 11:42:27 +0000 Subject: [PATCH 0925/2197] psa: Simplify EC public key format Remove front matter from our EC key format, to make it just the contents of an ECPoint as defined by SEC1 section 2.3.3. As a consequence of the simplification, remove the restriction on not being able to use an ECDH key with ECDSA. There is no longer any OID specified when importing a key, so we can't reject importing of an ECDH key for the purpose of ECDSA based on the OID. --- include/psa/crypto.h | 36 ++---- library/psa_crypto.c | 136 ++++++++++---------- tests/suites/test_suite_psa_crypto.data | 75 +++++------ tests/suites/test_suite_psa_crypto.function | 34 +---- 4 files changed, 120 insertions(+), 161 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 316802679..0f9925c70 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -482,6 +482,14 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * modulus INTEGER, -- n * publicExponent INTEGER } -- e * ``` + * - For elliptic curve public keys (key types for which + * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed + * representation defined by SEC1 §2.3.3 as the content of an ECPoint. + * Let `m` be the bit size associated with the curve, i.e. the bit size of + * `q` for a curve over `F_q`. The representation consists of: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. * * For other public key types, the format is the DER representation defined by * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format @@ -509,30 +517,6 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * g INTEGER } * DSAPublicKey ::= INTEGER -- public key, Y * ``` - * - For elliptic curve public keys (key types for which - * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), - * the `subjectPublicKey` format is defined by RFC 3279 §2.3.5 as - * `ECPoint`, which contains the uncompressed - * representation defined by SEC1 §2.3.3. - * The OID is `id-ecPublicKey`, - * and the parameters must be given as a `namedCurve` OID as specified in - * RFC 5480 §2.1.1.1 or other applicable standards. - * ``` - * ansi-X9-62 OBJECT IDENTIFIER ::= - * { iso(1) member-body(2) us(840) 10045 } - * id-public-key-type OBJECT IDENTIFIER ::= { ansi-X9.62 2 } - * id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 } - * - * ECPoint ::= ... - * -- first 8 bits: 0x04; - * -- then x_P as a `ceiling(m/8)`-byte string, big endian; - * -- then y_P as a `ceiling(m/8)`-byte string, big endian; - * -- where `m` is the bit size associated with the curve, - * -- i.e. the bit size of `q` for a curve over `F_q`. - * - * EcpkParameters ::= CHOICE { -- other choices are not allowed - * namedCurve OBJECT IDENTIFIER } - * ``` * * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. @@ -2160,7 +2144,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * in the same format that psa_import_key() * accepts. The standard formats for public * keys are documented in the documentation - * of psa_export_public_key(). + * of psa_export_public_key(). For EC keys, it + * must also be of the same group as the private + * key. * \param peer_key_length Size of \p peer_key in bytes. * \param alg The key agreement algorithm to compute * (\c PSA_ALG_XXX value such that diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9b8477ce4..01bd9574f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -537,25 +537,55 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, } #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ -#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) -/* Import an elliptic curve parsed by the mbedtls pk module. */ -static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve, - mbedtls_pk_context *pk, - mbedtls_ecp_keypair **p_ecp ) +#if defined(MBEDTLS_ECP_C) + +/* Import a public key given as the uncompressed representation defined by SEC1 + * 2.3.3 as the content of an ECPoint. */ +static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, + const uint8_t *data, + size_t data_length, + mbedtls_ecp_keypair **p_ecp ) { - if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else + psa_status_t status = PSA_ERROR_TAMPERING_DETECTED; + mbedtls_ecp_keypair *ecp = NULL; + mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + + *p_ecp = NULL; + ecp = mbedtls_calloc( 1, sizeof( *ecp ) ); + if( ecp == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + mbedtls_ecp_keypair_init( ecp ); + + /* Load the group. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); + if( status != PSA_SUCCESS ) + goto exit; + /* Load the public value. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q, + data, data_length ) ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Check that the point is on the curve. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) ); + if( status != PSA_SUCCESS ) + goto exit; + + *p_ecp = ecp; + return( PSA_SUCCESS ); + +exit: + if( ecp != NULL ) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( *pk ); - psa_ecc_curve_t actual_curve = mbedtls_ecc_group_to_psa( ecp->grp.id ); - if( actual_curve != expected_curve ) - return( PSA_ERROR_INVALID_ARGUMENT ); - *p_ecp = ecp; - return( PSA_SUCCESS ); + mbedtls_ecp_keypair_free( ecp ); + mbedtls_free( ecp ); } + return( status ); } -#endif /* defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_ECP_C) */ #if defined(MBEDTLS_ECP_C) /* Import a private key given as a byte string which is the private value @@ -642,11 +672,20 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, if( status != PSA_SUCCESS ) return( status ); } + else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->type ) ) + { + status = psa_import_ec_public_key( + PSA_KEY_TYPE_GET_CURVE( slot->type ), + data, data_length, + &slot->data.ecp ); + + if( status != PSA_SUCCESS ) + return( status ); + } else #endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_PK_PARSE_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { int ret; mbedtls_pk_context pk; @@ -660,23 +699,9 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, if( ret != 0 ) return( mbedtls_to_psa_error( ret ) ); - /* We have something that the pkparse module recognizes. - * If it has the expected type and passes any type-specific - * checks, store it. */ -#if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) - status = psa_import_rsa_key( &pk, &slot->data.rsa ); - else -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), - &pk, &slot->data.ecp ); - else -#endif /* MBEDTLS_ECP_C */ - { - status = PSA_ERROR_NOT_SUPPORTED; - } + /* We have something that the pkparse module recognizes. If it is a + * valid RSA key, store it. */ + status = psa_import_rsa_key( &pk, &slot->data.rsa ); /* Free the content of the pk object only on error. On success, * the content of the object has been stored in the slot. */ @@ -687,7 +712,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, } } else -#endif /* defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -900,7 +925,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( PSA_SUCCESS ); } -#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) static int pk_write_pubkey_simple( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { @@ -914,7 +939,7 @@ static int pk_write_pubkey_simple( mbedtls_pk_context *key, return( (int) len ); } -#endif /* defined(MBEDTLS_RSA_C) */ +#endif /* defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) */ static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, uint8_t *data, @@ -987,14 +1012,7 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, } if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) { - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) - { - ret = pk_write_pubkey_simple( &pk, data, data_size ); - } - else - { - ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); - } + ret = pk_write_pubkey_simple( &pk, data, data_size ); } else { @@ -4041,32 +4059,17 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, size_t shared_secret_size, size_t *shared_secret_length ) { - mbedtls_pk_context pk; mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; psa_status_t status; mbedtls_ecdh_init( &ecdh ); - mbedtls_pk_init( &pk ); - status = mbedtls_to_psa_error( - mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ) ); + status = psa_import_ec_public_key( + mbedtls_ecc_group_to_psa( our_key->grp.id ), + peer_key, peer_key_length, + &their_key ); if( status != PSA_SUCCESS ) goto exit; - switch( mbedtls_pk_get_type( &pk ) ) - { - case MBEDTLS_PK_ECKEY: - case MBEDTLS_PK_ECKEY_DH: - break; - default: - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } - their_key = mbedtls_pk_ec( pk ); - if( their_key->grp.id != our_key->grp.id ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } status = mbedtls_to_psa_error( mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) ); @@ -4085,8 +4088,9 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, &global_data.ctr_drbg ) ); exit: - mbedtls_pk_free( &pk ); mbedtls_ecdh_free( &ecdh ); + mbedtls_ecp_keypair_free( their_key ); + mbedtls_free( their_key ); return( status ); } #endif /* MBEDTLS_ECDH_C */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0806c1df5..f50773f7f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -190,7 +190,7 @@ import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -198,7 +198,7 @@ import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED @@ -206,7 +206,7 @@ import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec3 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED @@ -214,7 +214,7 @@ import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bd PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED @@ -222,7 +222,7 @@ import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED @@ -230,7 +230,7 @@ import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED @@ -238,7 +238,7 @@ import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe101293 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -246,7 +246,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR @@ -280,7 +280,7 @@ import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2 PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -306,13 +306,6 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED # it's looking for an OID where there is no OID. import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED -# A key with the OID id-ECDH is only valid for ECDH, not for ECDSA. -# Such keys are currently not allowed by psa_import_key, only by -# psa_key_agreement. -PSA import EC public key: ECDH-only -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3057301106052b8104010c06082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT - PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT @@ -1232,7 +1225,7 @@ asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fd PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify with keypair: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C @@ -1240,11 +1233,11 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab454357126 PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA verify: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 @@ -1647,91 +1640,91 @@ derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key agreement setup: ECDH, raw: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH, raw: public key on different curve depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, raw: public key instead of private key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: not a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 with ECDH-only public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3057301106052b8104010c06082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4d6cefb0e..ea1e545f4 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -648,36 +648,12 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) { - mbedtls_asn1_buf alg; - mbedtls_asn1_buf params; - mbedtls_asn1_bitstring bitstring; - /* SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } + /* The representation of an ECC public key is: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; + * - where m is the bit size associated with the curve. */ - - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), - 0 ); - TEST_EQUAL( p + len, end ); - TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); - if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) - goto exit; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); - TEST_EQUAL( p, end ); - p = bitstring.p; - - /* ECPoint ::= ... - * -- first 8 bits: 0x04 (uncompressed representation); - * -- then x_P as an n-bit string, big endian; - * -- then y_P as a n-bit string, big endian, - * -- where n is the order of the curve. - */ - TEST_EQUAL( bitstring.unused_bits, 0 ); TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end ); TEST_EQUAL( p[0], 4 ); } From ec6ff863b50ff58ab626b18077f3b3eae91dba68 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 17:53:05 +0000 Subject: [PATCH 0926/2197] psa: Refactor psa_import_rsa_key() pk-using code Move pk-using code to inside psa_import_rsa_key(). This aligns the shape of psa_import_rsa_key() to match that of psa_import_ec_private_key() and psa_import_ec_public_key(). --- library/psa_crypto.c | 89 ++++++++++++++++++++++++++------------------ 1 file changed, 52 insertions(+), 37 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 01bd9574f..03d337178 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -512,28 +512,60 @@ static psa_status_t psa_check_rsa_key_byte_aligned( return( status ); } -static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, +static psa_status_t psa_import_rsa_key( psa_key_type_t type, + const uint8_t *data, + size_t data_length, mbedtls_rsa_context **p_rsa ) { - if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_RSA ) - return( PSA_ERROR_INVALID_ARGUMENT ); + psa_status_t status; + mbedtls_pk_context pk; + mbedtls_rsa_context *rsa; + size_t bits; + + mbedtls_pk_init( &pk ); + + /* Parse the data. */ + if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + status = mbedtls_to_psa_error( + mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ) ); else + status = mbedtls_to_psa_error( + mbedtls_pk_parse_public_key( &pk, data, data_length ) ); + if( status != PSA_SUCCESS ) + goto exit; + + /* We have something that the pkparse module recognizes. If it is a + * valid RSA key, store it. */ + if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_RSA ) { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk ); - /* The size of an RSA key doesn't have to be a multiple of 8. - * Mbed TLS supports non-byte-aligned key sizes, but not well. - * For example, mbedtls_rsa_get_len() returns the key size in - * bytes, not in bits. */ - size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); - psa_status_t status; - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = psa_check_rsa_key_byte_aligned( rsa ); - if( status != PSA_SUCCESS ) - return( status ); - *p_rsa = rsa; - return( PSA_SUCCESS ); + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; } + + rsa = mbedtls_pk_rsa( pk ); + /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS + * supports non-byte-aligned key sizes, but not well. For example, + * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */ + bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); + if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = psa_check_rsa_key_byte_aligned( rsa ); + +exit: + /* Free the content of the pk object only on error. */ + if( status != PSA_SUCCESS ) + { + mbedtls_pk_free( &pk ); + return( status ); + } + + /* On success, store the content of the object in the RSA context. */ + *p_rsa = rsa; + + return( PSA_SUCCESS ); } #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ @@ -687,29 +719,12 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { - int ret; - mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); + status = psa_import_rsa_key( slot->type, + data, data_length, + &slot->data.rsa ); - /* Parse the data. */ - if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); - else - ret = mbedtls_pk_parse_public_key( &pk, data, data_length ); - if( ret != 0 ) - return( mbedtls_to_psa_error( ret ) ); - - /* We have something that the pkparse module recognizes. If it is a - * valid RSA key, store it. */ - status = psa_import_rsa_key( &pk, &slot->data.rsa ); - - /* Free the content of the pk object only on error. On success, - * the content of the object has been stored in the slot. */ if( status != PSA_SUCCESS ) - { - mbedtls_pk_free( &pk ); return( status ); - } } else #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ From 08ad32721cb9a4e9916968e1876b7474ca2dba5d Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 14 Jan 2019 13:12:39 +0000 Subject: [PATCH 0927/2197] psa: Remove extra status handling from import Remove extra status handling code from psa_import_key_into_slot(). This helps save a tiny amount of code space, but mainly serves to improve the readability of the code. --- library/psa_crypto.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 03d337178..bb53f8194 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -701,8 +701,6 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), data, data_length, &slot->data.ecp ); - if( status != PSA_SUCCESS ) - return( status ); } else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->type ) ) { @@ -710,9 +708,6 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, PSA_KEY_TYPE_GET_CURVE( slot->type ), data, data_length, &slot->data.ecp ); - - if( status != PSA_SUCCESS ) - return( status ); } else #endif /* MBEDTLS_ECP_C */ @@ -722,16 +717,13 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, status = psa_import_rsa_key( slot->type, data, data_length, &slot->data.rsa ); - - if( status != PSA_SUCCESS ) - return( status ); } else #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } - return( PSA_SUCCESS ); + return( status ); } /* Retrieve an empty key slot (slot with no key data, but possibly From 8afbff82dd7006af0b9fe026c03b70f6354687cc Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 14 Jan 2019 16:56:20 +0000 Subject: [PATCH 0928/2197] psa: Expand documentation for psa_key_agreement() Document `peer_key` parameter requirements, including an explanation of how the peer key is used and an example for EC keys. --- include/psa/crypto.h | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0f9925c70..903ef99a4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2136,21 +2136,28 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * The resulting generator always has the maximum capacity permitted by * the algorithm. * - * \param[in,out] generator The generator object to set up. It must have - * been initialized as per the documentation for - * #psa_crypto_generator_t and not yet in use. - * \param private_key Handle to the private key to use. - * \param[in] peer_key Public key of the peer. It must be - * in the same format that psa_import_key() - * accepts. The standard formats for public - * keys are documented in the documentation - * of psa_export_public_key(). For EC keys, it - * must also be of the same group as the private - * key. - * \param peer_key_length Size of \p peer_key in bytes. - * \param alg The key agreement algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). + * \param[in,out] generator The generator object to set up. It must have been + * initialized as per the documentation for + * #psa_crypto_generator_t and not yet in use. + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. The peer key must be in the + * same format that psa_import_key() accepts for the + * public key type corresponding to the type of + * private_key. That is, this function performs the + * equivalent of + * `psa_import_key(internal_public_key_handle, + * PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(private_key_type), + * peer_key, peer_key_length)` where + * `private_key_type` is the type of `private_key`. + * For example, for EC keys, this means that peer_key + * is interpreted as a point on the curve that the + * private key is on. The standard formats for public + * keys are documented in the documentation of + * psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * \param alg The key agreement algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). * * \retval #PSA_SUCCESS * Success. From 99974e344a5f830a569e9ca69741350378e51a2b Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Mon, 14 Jan 2019 18:10:49 +0200 Subject: [PATCH 0929/2197] SPM integration update due to crypto API changes When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM (Secure Partition Manager) integration which separates the code into two parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing Environment). When building for the SPE, an additional header file should be included. --- library/psa_crypto_slot_management.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0b4399f5e..8b739aa01 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -26,6 +26,21 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. + */ +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif #include "psa/crypto.h" From 14e76787906d7cb7d191ed87a2bdc2103d19e176 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Wed, 16 Jan 2019 11:16:39 +0200 Subject: [PATCH 0930/2197] Documentation update regarding SPM integration --- library/psa_crypto.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..82cb15802 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -27,15 +27,16 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) /* - * In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure - * Partition Manager) integration which separate the code into two parts - * NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment). - * In this mode an additional header file should be included. + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. */ #if defined(MBEDTLS_PSA_CRYPTO_SPM) /* - * PSA_CRYPTO_SECURE means that this file is compiled to the SPE side. - * some headers will be affected by this flag. + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. */ #define PSA_CRYPTO_SECURE 1 #include "crypto_spe.h" From ec6329f23da752f7808b5264c5124dee5b4a1058 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Wed, 26 Sep 2018 10:48:24 +0100 Subject: [PATCH 0931/2197] Add new function mbedtls_asn1_write_named_bitstring() Add a new function mbedtls_asn1_write_named_bitstring() that removes trailing 0s at the end of DER encoded bitstrings. The function is implemented according to Hanno Becker's suggestions. This commit also changes the functions x509write_crt_set_ns_cert_type and crt_set_key_usage to call the new function as the use named bitstrings instead of the regular bitstrings. --- include/mbedtls/asn1write.h | 20 +++++++++++ library/asn1write.c | 71 +++++++++++++++++++++++++++++++------ library/x509write_crt.c | 32 ++++++++++++----- library/x509write_csr.c | 10 +++--- 4 files changed, 109 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 76c1780b5..80b31c35c 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -276,6 +276,26 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ); +/** + * \brief Write a named bitstring tag (MBEDTLS_ASN1_BIT_STRING) and + * value in ASN.1 format + * Note: function works backwards in data buffer + * + * As stated in RFC5280 Appending B, trailing zeroes are + * omitted when encoding named bitstrings in DER. + * + * \param p Reference to current position pointer. + * \param start Start of the buffer (for bounds-checking). + * \param buf The bitstring. + * \param bits The total number of bits in the bitstring. + * + * \return The length written or a negative error code. + */ +int mbedtls_asn1_write_named_bitstring( unsigned char **p, + unsigned char *start, + const unsigned char *buf, + size_t bits ); + /** * \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING) * and value in ASN.1 format. diff --git a/library/asn1write.c b/library/asn1write.c index a4d23f619..b54e26bd8 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -290,26 +290,75 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) ); } +int mbedtls_asn1_write_named_bitstring( unsigned char **p, + unsigned char *start, + const unsigned char *buf, + size_t bits ) +{ + size_t unused_bits, byte_len; + const unsigned char *cur_byte; + unsigned char cur_byte_shifted; + unsigned char bit; + + byte_len = ( bits + 7 ) / 8; + unused_bits = ( byte_len * 8 ) - bits; + + /* + * Named bitstrings require that trailing 0s are excluded in the encoding + * of the bitstring. Trailing 0s are considered part of the 'unused' bits + * when encoding this value in the first content octet + */ + if( bits != 0 ) + { + cur_byte = buf + byte_len - 1; + cur_byte_shifted = *cur_byte >> unused_bits; + + for( ; ; ) + { + bit = cur_byte_shifted & 0x1; + cur_byte_shifted >>= 1; + + if( bit != 0 ) + break; + + bits--; + if( bits == 0 ) + break; + + if( bits % 8 == 0 ) + cur_byte_shifted = *--cur_byte; + } + } + + return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) ); +} + int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ) { int ret; - size_t len = 0, size; + size_t len = 0; + size_t unused_bits, byte_len; - size = ( bits / 8 ) + ( ( bits % 8 ) ? 1 : 0 ); + byte_len = ( bits + 7 ) / 8; + unused_bits = ( byte_len * 8 ) - bits; - // Calculate byte length - // - if( *p < start || (size_t)( *p - start ) < size + 1 ) + if( *p < start || (size_t)( *p - start ) < byte_len + 1 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - len = size + 1; - (*p) -= size; - memcpy( *p, buf, size ); + len = byte_len + 1; - // Write unused bits - // - *--(*p) = (unsigned char) (size * 8 - bits); + /* Write the bitstring. Ensure the unused bits are zeroed */ + if( byte_len > 0 ) + { + byte_len--; + *--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 ); + ( *p ) -= byte_len; + memcpy( *p, buf, byte_len ); + } + + /* Write unused bits */ + *--( *p ) = (unsigned char)unused_bits; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); diff --git a/library/x509write_crt.c b/library/x509write_crt.c index b1ef216c9..b6cb745a3 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -221,23 +221,36 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, unsigned int key_usage ) { - unsigned char buf[4], ku; + unsigned char buf[5], ku[2]; unsigned char *c; int ret; + const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | + MBEDTLS_X509_KU_NON_REPUDIATION | + MBEDTLS_X509_KU_KEY_ENCIPHERMENT | + MBEDTLS_X509_KU_DATA_ENCIPHERMENT | + MBEDTLS_X509_KU_KEY_AGREEMENT | + MBEDTLS_X509_KU_KEY_CERT_SIGN | + MBEDTLS_X509_KU_CRL_SIGN | + MBEDTLS_X509_KU_ENCIPHER_ONLY | + MBEDTLS_X509_KU_DECIPHER_ONLY; - /* We currently only support 7 bits, from 0x80 to 0x02 */ - if( ( key_usage & ~0xfe ) != 0 ) + /* Check that nothing other than the allowed flags is set */ + if( ( key_usage & ~allowed_bits ) != 0 ) return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - c = buf + 4; - ku = (unsigned char) key_usage; + c = buf + 5; + ku[0] = (unsigned char)( key_usage ); + ku[1] = (unsigned char)( key_usage >> 8 ); + ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); - if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 7 ) ) != 4 ) + if( ret < 0 ) return( ret ); + else if( ret < 3 || ret > 5 ) + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - 1, buf, 4 ); + 1, c, (size_t)ret ); if( ret != 0 ) return( ret ); @@ -253,12 +266,13 @@ int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, c = buf + 4; - if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) + ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); + if( ret < 3 || ret > 4 ) return( ret ); ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - 0, buf, 4 ); + 0, c, (size_t)ret ); if( ret != 0 ) return( ret ); diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 66cee5601..8b475bedb 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -89,12 +89,13 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch c = buf + 4; - if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 ) + ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 ); + if( ret < 3 || ret > 4 ) return( ret ); ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - buf, 4 ); + c, (size_t)ret ); if( ret != 0 ) return( ret ); @@ -110,12 +111,13 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, c = buf + 4; - if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) + ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); + if( ret < 3 || ret > 4 ) return( ret ); ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - buf, 4 ); + c, (size_t)ret ); if( ret != 0 ) return( ret ); From 5d26163db422276832fa5ba7ab4d783f989ea3a8 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Wed, 26 Sep 2018 10:51:16 +0100 Subject: [PATCH 0932/2197] Add tests for (named) bitstring to suite_asn1write --- programs/x509/cert_req.c | 32 ++++++++- tests/data_files/Makefile | 8 +++ tests/data_files/server1.cert_type.crt | 12 ++-- .../data_files/server1.cert_type_noauthid.crt | 14 ++-- tests/data_files/server1.key_usage.crt | 14 ++-- .../data_files/server1.key_usage_noauthid.crt | 14 ++-- tests/data_files/server1.req.cert_type | 14 ++-- tests/data_files/server1.req.cert_type_empty | 17 +++++ tests/data_files/server1.req.key_usage | 14 ++-- tests/data_files/server1.req.key_usage_empty | 17 +++++ tests/data_files/server1.req.ku-ct | 14 ++-- tests/data_files/server5.req.ku.sha1 | 6 +- tests/suites/test_suite_asn1write.data | 72 +++++++++++++++++++ tests/suites/test_suite_asn1write.function | 44 ++++++++++++ tests/suites/test_suite_x509write.data | 46 +++++++----- tests/suites/test_suite_x509write.function | 14 ++-- 16 files changed, 274 insertions(+), 78 deletions(-) create mode 100644 tests/data_files/server1.req.cert_type_empty create mode 100644 tests/data_files/server1.req.key_usage_empty diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 027050c07..d25ad4c56 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -65,7 +65,9 @@ int main( void ) #define DFL_OUTPUT_FILENAME "cert.req" #define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" #define DFL_KEY_USAGE 0 +#define DFL_FORCE_KEY_USAGE 0 #define DFL_NS_CERT_TYPE 0 +#define DFL_FORCE_NS_CERT_TYPE 0 #define DFL_MD_ALG MBEDTLS_MD_SHA256 #define USAGE \ @@ -85,6 +87,8 @@ int main( void ) " key_agreement\n" \ " key_cert_sign\n" \ " crl_sign\n" \ + " force_key_usage=0/1 default: off\n" \ + " Add KeyUsage even if it is empty\n" \ " ns_cert_type=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " ssl_client\n" \ @@ -94,6 +98,8 @@ int main( void ) " ssl_ca\n" \ " email_ca\n" \ " object_signing_ca\n" \ + " force_ns_cert_type=0/1 default: off\n" \ + " Add NsCertType even if it is empty\n" \ " md=%%s default: SHA256\n" \ " possible values:\n" \ " MD4, MD5, SHA1\n" \ @@ -123,7 +129,9 @@ struct options const char *output_file; /* where to store the constructed key file */ const char *subject_name; /* subject name for certificate request */ unsigned char key_usage; /* key usage flags */ + int force_key_usage; /* Force adding the KeyUsage extension */ unsigned char ns_cert_type; /* NS cert type */ + int force_ns_cert_type; /* Force adding NsCertType extension */ mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ } opt; @@ -190,7 +198,9 @@ int main( int argc, char *argv[] ) opt.output_file = DFL_OUTPUT_FILENAME; opt.subject_name = DFL_SUBJECT_NAME; opt.key_usage = DFL_KEY_USAGE; + opt.force_key_usage = DFL_FORCE_KEY_USAGE; opt.ns_cert_type = DFL_NS_CERT_TYPE; + opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE; opt.md_alg = DFL_MD_ALG; for( i = 1; i < argc; i++ ) @@ -292,6 +302,15 @@ int main( int argc, char *argv[] ) q = r; } } + else if( strcmp( p, "force_key_usage" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.force_key_usage = 0; break; + case 1: opt.force_key_usage = 1; break; + default: goto usage; + } + } else if( strcmp( p, "ns_cert_type" ) == 0 ) { while( q != NULL ) @@ -319,16 +338,25 @@ int main( int argc, char *argv[] ) q = r; } } + else if( strcmp( p, "force_ns_cert_type" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.force_ns_cert_type = 0; break; + case 1: opt.force_ns_cert_type = 1; break; + default: goto usage; + } + } else goto usage; } mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg ); - if( opt.key_usage ) + if( opt.key_usage || opt.force_key_usage == 1 ) mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage ); - if( opt.ns_cert_type ) + if( opt.ns_cert_type || opt.force_ns_cert_type == 1 ) mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type ); /* diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 2ed32e689..861cb241f 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -783,6 +783,14 @@ server1.req.ku-ct: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 all_final += server1.req.ku-ct +server1.req.key_usage_empty: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1 +all_final += server1.req.key_usage_empty + +server1.req.cert_type_empty: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1 +all_final += server1.req.cert_type_empty + # server2* server2.req.sha256: server2.key diff --git a/tests/data_files/server1.cert_type.crt b/tests/data_files/server1.cert_type.crt index cf384cbaf..fb59ab8bd 100644 --- a/tests/data_files/server1.cert_type.crt +++ b/tests/data_files/server1.cert_type.crt @@ -11,10 +11,10 @@ lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB o2AwXjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zARBglghkgBhvhCAQEEBAMC -AEAwDQYJKoZIhvcNAQEFBQADggEBAEQOk5Ejgu/GsxvMo+RknXcta5Qr6MiNo1EM -G5Xrf++aaf4Mi38p5ZxWDxQDyBmutSnuJgzO+Dxe5w/RNojFa4ri4g5Zk8zwfIcQ -8jR6a9DJtxarxDj/UqEzaiBa5MpxsbQqbmou7X7YW9LHDzmCgzbaabyWCuGYxvmh -lDbcISST73G+vJEeExcBHyom/GV9TNcFAGa66YV/FtABg2tiy9znmUeMnZeYkC9S -05m6UstAU6pMdwiTpjZjovsTlAcmC76XmE/GpREhRvtGCKTb2pUi3agqsrapABmF -EGZT9cpwkrl3cxh+jxAMEuhJLdEScDWHVsiNS5y9yxitWC4NqR4= +BkAwDQYJKoZIhvcNAQEFBQADggEBAK1WXZYd6k7/zE2NcszT6rxNaSixPZrDYzRt +Iz5rpH33IHkCdR956/ExCcDMqGNVtKtBdr8kw3+jzyPQhwyHVPNv4C/cgt0C89Pf +qZLQGuEPVp1X4tzEY2Kno9c1tllLVzJdvz1mRhSb9z5CWQKNMT+8MMl3k+0NZ4LT +NEx4gTZxYEsAGEuO/Yij9ctxp4RdSP585FXgiMC00ieMe/aJxlOIgpIhuWdu0KPP +G5guYd4hQ9ZrGVOGdjv2cZbh4DuQOsCwU9in/e1RKFV6eMmyOdvLJ4jkTauwkGJG +lCclZZQwzGawOiMl2OYPUia5bkaEsdE/0QW/lf36lco8CNjpUfY= -----END CERTIFICATE----- diff --git a/tests/data_files/server1.cert_type_noauthid.crt b/tests/data_files/server1.cert_type_noauthid.crt index 7545e0b46..0082b148c 100644 --- a/tests/data_files/server1.cert_type_noauthid.crt +++ b/tests/data_files/server1.cert_type_noauthid.crt @@ -10,11 +10,11 @@ CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB oz8wPTAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAR -BglghkgBhvhCAQEEBAMCAEAwDQYJKoZIhvcNAQEFBQADggEBAJc3yZUS9X3/lb63 -Nlt8rtXC45wbWZUoOK8N55IzEJC7FrttAStq24kq9QV0qiox8m1WLA+6xVaeZaXu -h2z3WlUlyCNaKqHEpuSYu/XQ0td6j3jCMj3VDSZGHnKgliQ9fkkt+waPVCAZldwj -rHsZibl2Dqzb3KttKqD1VyEVOUJ+saXRDJLFdK1M9nwdWMfOg/XE0WbqfVzw9COs -08dJ6KL7SOvXtiOVQLNv7XN/2j+wF6+IoLDdLCDByj5VtK2q2vyVk5tpDJI1S696 -dP8Zi7VbBTS9OlVC+Gw3CntDKZA8e215MNG6iBuEM2mgi4i0umo7mN8FoA1zusnE -8mCO55Q= +BglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADggEBAGl6bYCGKvDCvfSU +PTyaiFPNGXV98AnIG0Hu4EJjs1owBU/Yf8UdFbWJtOymR80SbzmeQ6rEIoY1oXDA +o9Y8yRgW8t25Wmq/0DCu/5P0/L6asstLTxLG4qajClVwqDLEqZNixmq8QorAOtK1 +JngFA+A5jzc70Ikl9+Hbx/2SEMrCpo0QLSco7KDK7XpNOHbkRz2AqSm0se4jDMP1 +Cwd2UtcpctIZEbECZo6S9WrVMqIhRF1Y5FeauBA2ORvGIHohaYJ9VzYWYXIp7N8d +QXGv+M7ffpZiERcRr8lxtboPnTXKlv1mLCEX7g+KuiJQUm4OGfTCd5VHzWM7O5Id +b+IvZD0= -----END CERTIFICATE----- diff --git a/tests/data_files/server1.key_usage.crt b/tests/data_files/server1.key_usage.crt index 3a678ff31..b5a2532c2 100644 --- a/tests/data_files/server1.key_usage.crt +++ b/tests/data_files/server1.key_usage.crt @@ -10,11 +10,11 @@ CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCAeAw -DQYJKoZIhvcNAQEFBQADggEBAE4sz3ghfpolZ0rH6Q3CWIYQ1Q+aGBwQiCCBsApP -8qZd880Kt+BiEdSsaU16S8CIMdOcHGQGB7dXK9wdTWkIqaW9I7fRPgDNDIhJoYDD -67h1P+cEQeXT9900H173nYlM1vL9zLcnmmqEO7j8jXSpsR5mcCMPkR52RqxweLJw -LGPeSlA+DF0WbezJc28FUgXAl8Kxm3Od40exMeicHtfgCnIykH1NEW3gXpc91nFT -RoNRdEAIGHMX5Dd5QDlt2vlaKNXFtcx2xUXXIi71YNQybH3p6KXayPMFQzrBwoXJ -YHevmjUaw7UH31fULa1dtd/dWmp8cCaKB4vBr0DBJPiMJMw= +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw +DQYJKoZIhvcNAQEFBQADggEBAE6xegEHvwuQ8I4YCLX7oXmDJiDb7m2nMin+um0v +TMqHAE3B9GvdWGUgMIEMf76ee7OMDzxfzM2vyNGemB0rn1djEv+knJBSdMQKD9X8 +tkT8cPqMHlRMYYbFFkkZEOeqeihZXQdUORao9ZSXrokYwv+Fr+PAmiUJEmkZHbA1 +Gqp6tPfGxJ2ah50Og9oAPwyND6kvE2o++Dth2evjljPCPM2Gw5kjQGw3V9CAUyUo +KtLrtZdOeRHRCWCf3UQ/tYkG70tY/+grftrHqKB2E4qkmDiCPS9sEpa7jOGT6e4k +jGVeZFNZZ10mD2Svr3xl/60++c7yLxrquujo8NOTCVcshfs= -----END CERTIFICATE----- diff --git a/tests/data_files/server1.key_usage_noauthid.crt b/tests/data_files/server1.key_usage_noauthid.crt index 4a72ac1bc..c82a97972 100644 --- a/tests/data_files/server1.key_usage_noauthid.crt +++ b/tests/data_files/server1.key_usage_noauthid.crt @@ -10,11 +10,11 @@ CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB ozwwOjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAO -BgNVHQ8BAf8EBAMCAeAwDQYJKoZIhvcNAQEFBQADggEBALqfFzzWOViKBXoFhtcc -Ulzg1ShK20z3zeD6TL5Ss2+kMIGhvvvUMtcATIFa9LxZ//a0as1CACphxmrsqaju -LDvnXjWLB+e7pJPQ+4XixKmA3QoQI6sduH03/4eRp/Er/+zXD7+uapz+GimiExJt -mjW1Oz5n2Q7L9vQabqz0n9+8rM/chsfgipQSKmV0rXe/K1N4yuggh62r8kn9UaUR -TKm6HaMIFBrZNwMy8TAc3gSq5rqbN8/ONiCBpW/LvwTnd7fFSl7yeetAbj08gpu2 -dkfYp/DK9Hs1KQFCi0u1pr9JIqFxNy6tUTO90ydq6QXj4E5yZhmitLPk5wPCozN+ -rIc= +BgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQEFBQADggEBAKuveVlnjgJIkiH6HqZk ++oGpLPxpcoMEMskzyFxTfjP4L2Mj798qydBbobyVJdH5p/sIpcHsI0xajM/dcZKS +7b28KVwxOk+87DtwCikFT+jzWPe8fzowqsNAaKtvtDQnLYh8u2tDT1vhABwgTVAy +aHCzs+nm3o36NPSN9K+wmI+r1KFnhjtyOQ++7M8wRRT5jrC+1tYicjsnVMu07yB5 +04C99Fa3MToilg66Jos95U3gBF5GbSfDXYtd3/etNMkUiG8FEZJlkhKbTO+4E03a +X6+z2VojrAroYyO/F5ZlaC3/CsMQ8Zcate64nH/Lu/U78XAo8iKz5DLLOPBqodER +z4A= -----END CERTIFICATE----- diff --git a/tests/data_files/server1.req.cert_type b/tests/data_files/server1.req.cert_type index b9b9f067c..39ff3fdba 100644 --- a/tests/data_files/server1.req.cert_type +++ b/tests/data_files/server1.req.cert_type @@ -7,11 +7,11 @@ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAkMCIGCSqGSIb3DQEJDjEV -MBMwEQYJYIZIAYb4QgEBBAQDAgBAMA0GCSqGSIb3DQEBBQUAA4IBAQCMX3H6BiGP -VRvLu8UHIhsj9WgrGDRogOMVHOrQm+0fnGyxZa2UwftSZf2qLBZ+DmJStHabXibw -QuWA9BMVFDih5yGMhdzQC8iQQCjfYOS0sfhy7p76q89rVO0E9KAtvFH2ApbaDAck -m1WdQvYey2rYnT1ucHGdn017Iu1CaY8qnmh7Fhuov++69eGGG4MjRVT/7Ywufjo5 -Fn+JsMhj4IonP/jwKIUBskK15MkTQhKpyl5rQK/8v+7bWlsuqhiNPSYg6rgIrjmN -QxxzqP5NLPdlS4ksN6zcuwdq21l+li8zakjbeUvyqZb7E6vTHJaNBOp7Y7jv25gG -5/PjwquYbKFr +MBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqGSIb3DQEBBQUAA4IBAQBErZcEaEEO +hLbRVuB3+N5by0mogdJsatJFSgW2/VztLvQBYu0O+VmTbZwCAWejA8U+cr6uPlyf +b4lDqj3W+XykeK9bSzoSr1yNO2VAcE74Y0ZrSz2yXMfT5R9IyKqQZspaKD8MOmYH +BqUH9o/phnGcaEG5xeSfhM1O/YNZuGnlLDQBGwT5puHOaLfjECvs8eZLopIWEBlD +QkRlhYqZBwhGZ8D/TxqG4teFtnBX5FG7UoSSVuneBrkREQM7ElhtD9jCWjfMnqm1 +59G84OycClwaKU7/Dm6zeMGDyFoMksBud7lyDHMhxvwSbzb1JR5v8iBsmVY2dhHt +Ot3Fx2be0gIr -----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.cert_type_empty b/tests/data_files/server1.req.cert_type_empty new file mode 100644 index 000000000..70fd11133 --- /dev/null +++ b/tests/data_files/server1.req.cert_type_empty @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpDCCAYwCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAjMCEGCSqGSIb3DQEJDjEU +MBIwEAYJYIZIAYb4QgEBBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBACU0LLDBIMgG +B7gyNANHv42RovhQdzmUulqJPHNHx3v9G17F00bEykJb/r3awW6l5fhY/6oPydsY +hnWEM6VVCUkJ6Zqm2/wE49uaNTbFd9JU4OywRBfjHHSTOGnYFg+BYSfwaIkSCkx2 +kVhyklFm7My5wkyDPpFSU2tTfgsgaQMyTm93a2kxM7qJ/X3gFDG8o7R0vyojFVSI +mwsF9QsC6N9cygdFx23zCB0KsJ9KfmBqaTsdbKh8BsocYm5FJCw4WS/CBrCWBj+z +N7yEJj4SR5F+P7sFc5I0HANov5wQe8E3+WxxQt8jcqIje6DlaaGja44cXOzvFQyx +Hg/6H5EtBQc= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.key_usage b/tests/data_files/server1.req.key_usage index 4c20eeded..30e481243 100644 --- a/tests/data_files/server1.req.key_usage +++ b/tests/data_files/server1.req.key_usage @@ -7,11 +7,11 @@ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAeMBwGCSqGSIb3DQEJDjEP -MA0wCwYDVR0PBAQDAgHgMA0GCSqGSIb3DQEBBQUAA4IBAQAIDkjGHokLINOSKAij -DuBWyW72udNBwSmRAFYDyNoybWX+KJLFckyReF1S0YRHXWOljwxERF6htUEqIJDI -vIzlXyV0YqHNmWEFpyRxyIllQ7X4NWnVm3zHYORx2utdy3EyNsNb4Rb/JNh6Qpqr -27DB+frWaBYk27RPTdZz/ItZIicX8iHrAHL0aC6raQYvZfM1ybYehAh7Qx3asHKI -XDcrbV50Kzrd0SgC4P6Z6/5C5uUL9AfcKnB2oj5VP2TM0BA6q+XRQFkJ3TO1UTLB -lCKb9B1cIpVsT0YsOg/qptUh90zgd0x7FDa084ccwUJG73VXtHC6eioE4fbfrm5L -9BNK +MA0wCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBBQUAA4IBAQBsJ3v1Ar2X28GJsRSJ +WRQwFQwIbR/D0cHrwTf0ZfZttClytuc18JZlwkH3EG/rNkWaFp6MKIZoRMOBuSPc +MNvvKIo4nPaeouDPruymx0gNenlyRL3D4OZpBO/BmQIQjbUKWFbzEnEqvwvMDUnG +8w7UjPSFcxj2HzENr62HLPKKnVpL3nDXWK1a2A77KF9aMxyoWQ6FXb2xPD9cJjdo +c1jwskQbgosQzKKwwp5yxq0zRD3EAGw4A78mgHMfgFprq9e9azaB0JeyFG2Vn0t0 +L+vfiDEVQ3eJXSCen1kEVyHRju8g53UcSgd+JicWFboFj2/mJBuyW6yM++RGA9B5 +Zd62 -----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.key_usage_empty b/tests/data_files/server1.req.key_usage_empty new file mode 100644 index 000000000..47e56bf1e --- /dev/null +++ b/tests/data_files/server1.req.key_usage_empty @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICnjCCAYYCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAdMBsGCSqGSIb3DQEJDjEO +MAwwCgYDVR0PBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBAAqQ/EU/3oMt7YW4vWgm +0Q7F4v7DrFEoVMWfBzNWhMNIijzoaWKY8jwseZMzu8aCNQlJnM7c9FJF+OCgS7L5 +0ctwzjfCOi5I5cKgqv8WpuMZWHXNtB7YtjUWIZVri/RazCncZEwJGCKQjmQYrGJm +Qmu2+D+DWY+nEW47ZfDH9jOJtatnREjSNsKzc44L9zUaEy3bi+m455XGH+ABmeb7 +Iqmguh10xUyY6rEOFEuqvFyFr5g1eb53Rr5CQxGfw1j+2bbSh+rVb6Ehf9LAijyu +Ygqa91hGab/CjykS6HMrD91ouWtt2Rt3zCKo4Xxe8dlAszKB4W83M9OgDVVpiCfC +t3A= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.ku-ct b/tests/data_files/server1.req.ku-ct index 98666d272..ebd01f5cc 100644 --- a/tests/data_files/server1.req.ku-ct +++ b/tests/data_files/server1.req.ku-ct @@ -7,11 +7,11 @@ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAxMC8GCSqGSIb3DQEJDjEi -MCAwCwYDVR0PBAQDAgHgMBEGCWCGSAGG+EIBAQQEAwIAQDANBgkqhkiG9w0BAQUF -AAOCAQEAhDH3BQWViy67+9sdlrTvv0cIJ1IbogaM221MUasNIbfLi+KKfw50mzTa -V/BCXPT+EzmOptBl+F2iZVQyr2c0nWbBZBHnykS3f0fgifm6yWVEYwJqxUC5+uxK -bZztsHocTuqODpqYILycYkFXCcY8ZFHmz9XZorpUVTpZULW33EmLee5/BYI7whkA -bVoSNB5tAb8kGZQffDnGkHiRfu8dbbEnkPYqm/cerN+4yCh1v1CGFh2lMn4d5p0L -o9GvMsPM8pxdffZWZI9T0JnlHwtAJDA5G/MFYJdHzLzcHpvDA99MdNO4DMAiUyWb -PCDL5e7mJ0lnBp8RppLBR7GEkznIQQ== +MCAwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG9w0BAQUF +AAOCAQEAWUMyIXHi4BbIxOeCD/Vtu9LGV8ENMV7dwYVEQcwrt1AHahtYgUtkoGcP +lOPqg1lbg22bu8dLPoY4HAzxCOAGs27otWL5LlE9M5QPH1RedEycmOuYrMl6K988 +hfDBJ+OkgCShcM91+udrc0gpDEI7N01A+fmukQ6EiaQjIf7HME/EKQqhEuEQMXHC +GBvdNuEF5BfV3aAYuT+xfdXDU2ZWwXXWAHGmVh3ntnhtEG6SnXSnBATU2wa4tpBd +KLbEbcsiy2uj0OLJlvG6LqsNggtkD58GCGpLpaVxdW80yw+f/krwLpeyocE1KGcT +7eX+9yhLe9NIZojvevw+53dNE7BUfw== -----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.ku.sha1 b/tests/data_files/server5.req.ku.sha1 index 39fc346b4..3281c9460 100644 --- a/tests/data_files/server5.req.ku.sha1 +++ b/tests/data_files/server5.req.ku.sha1 @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE REQUEST----- -MIIBFzCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY +MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD -AgHAMAsGByqGSM49BAEFAANJADBGAiEA5MGFTJkpOtCV7bAx+N+t4gP3JDM9RH3W -mIXzSpcBwvACIQDf7f9ytclwouV1DQTFSUKxExIm48H60hk3lh19i3bGOw== +AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg +2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB -----END CERTIFICATE REQUEST----- diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index c2a78b1af..9982d03a7 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -90,3 +90,75 @@ mbedtls_asn1_write_len:16909060:"8401020304":5:5 ASN.1 Write / Read Length #12 (Len = 16909060, buffer too small) mbedtls_asn1_write_len:16909060:"8401020304":4:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write Named Bitstring / Unused bits #0 +test_asn1_write_bitstrings:"FF":8:"030200FF":4:1 + +ASN.1 Write Named Bitstring / Unused bits #1 +test_asn1_write_bitstrings:"FE":8:"030201FE":4:1 + +ASN.1 Write Named Bitstring / Unused bits #2 +test_asn1_write_bitstrings:"FC":7:"030202FC":4:1 + +ASN.1 Write Named Bitstring / Unused bits #3 +test_asn1_write_bitstrings:"F8":8:"030203F8":4:1 + +ASN.1 Write Named Bitstring / Unused bits #4 +test_asn1_write_bitstrings:"F0":6:"030204F0":4:1 + +ASN.1 Write Named Bitstring / Unused bits #5 +test_asn1_write_bitstrings:"E0":6:"030205E0":4:1 + +ASN.1 Write Named Bitstring / Unused bits #6 +test_asn1_write_bitstrings:"C0":8:"030206C0":4:1 + +ASN.1 Write Named Bitstring / Unused bits #7 +test_asn1_write_bitstrings:"80":8:"03020780":4:1 + +ASN.1 Write Named Bitstring / Empty bitstring +test_asn1_write_bitstrings:"00":7:"030100":3:1 + +ASN.1 Write Named Bitstring / Empty bitstring (bits = 16) +test_asn1_write_bitstrings:"0000":16:"030100":3:1 + +ASN.1 Write Named Bitstring / Empty bitstring (bits = 24) +test_asn1_write_bitstrings:"FFFFFF":0:"030100":3:1 + +ASN.1 Write Named Bitstring / 15 trailing bits all unset +test_asn1_write_bitstrings:"F88000":24:"030307F880":5:1 + +ASN.1 Write Named Bitstring / 15 trailing bits all set +test_asn1_write_bitstrings:"F8FFFF":9:"030307F880":5:1 + +ASN.1 Write Bitstring / Unused bits #0 +test_asn1_write_bitstrings:"FF":8:"030200FF":4:0 + +ASN.1 Write Bitstring / Unused bits #1 +test_asn1_write_bitstrings:"FF":7:"030201FE":4:0 + +ASN.1 Write Bitstring / Unused bits #2 +test_asn1_write_bitstrings:"FF":6:"030202FC":4:0 + +ASN.1 Write Bitstring / Unused bits #3 +test_asn1_write_bitstrings:"FF":5:"030203F8":4:0 + +ASN.1 Write Bitstring / Unused bits #4 +test_asn1_write_bitstrings:"FF":4:"030204F0":4:0 + +ASN.1 Write Bitstring / Unused bits #5 +test_asn1_write_bitstrings:"FF":3:"030205E0":4:0 + +ASN.1 Write Bitstring / Unused bits #6 +test_asn1_write_bitstrings:"FF":2:"030206C0":4:0 + +ASN.1 Write Bitstring / Unused bits #7 +test_asn1_write_bitstrings:"FF":1:"03020780":4:0 + +ASN.1 Write Bitstring / 1 trailing bit (bits 15) +test_asn1_write_bitstrings:"0003":15:"0303010002":5:0 + +ASN.1 Write Bitstring / 0 bits +test_asn1_write_bitstrings:"":0:"030100":3:0 + +ASN.1 Write Bitstring / long string all bits unset except trailing bits +test_asn1_write_bitstrings:"000000000007":45:"030703000000000000":9:0 diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 57a974125..e45583cbb 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -128,3 +128,47 @@ void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, } } /* END_CASE */ + +/* BEGIN_CASE */ +void test_asn1_write_bitstrings( data_t *bitstring, int bits, + data_t *expected_asn1, int result, + int is_named ) +{ + int ret; + size_t i; + unsigned char buf[150]; + unsigned char *p; + + memset( buf, GUARD_VAL, sizeof( buf ) ); + + p = buf + GUARD_LEN + expected_asn1->len; + + if ( is_named == 0 ) + { + ret = mbedtls_asn1_write_bitstring( &p, + buf, + (unsigned char *)bitstring->x, + (size_t) bits ); + } + else + { + ret = mbedtls_asn1_write_named_bitstring( &p, + buf, + (unsigned char *)bitstring->x, + (size_t) bits ); + } + TEST_ASSERT( ret == result ); + + /* Check for buffer overwrite on both sides */ + for( i = 0; i < GUARD_LEN; i++ ) + { + TEST_ASSERT( buf[i] == GUARD_VAL ); + TEST_ASSERT( buf[GUARD_LEN + expected_asn1->len + i] == GUARD_VAL ); + } + + if ( result >= 0 ) + { + TEST_ASSERT( memcmp( p, expected_asn1->x, expected_asn1->len ) == 0 ); + } +} +/* END_CASE */ diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 5b54d8588..56aa64f97 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -1,78 +1,86 @@ Certificate Request check Server1 SHA1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0 Certificate Request check Server1 SHA224 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0 Certificate Request check Server1 SHA256 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0 Certificate Request check Server1 SHA384 depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0 Certificate Request check Server1 SHA512 depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0 Certificate Request check Server1 MD4 depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0 Certificate Request check Server1 MD5 depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0 Certificate Request check Server1 key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0 + +Certificate Request check Server1 key_usage empty +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0 Certificate Request check Server1 ns_cert_type depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER +x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 + +Certificate Request check Server1 ns_cert_type empty +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1 Certificate Request check Server1 key_usage + ns_cert_type depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER +x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 Certificate Request check Server5 ECDSA, key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 +x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0 Certificate write check Server1 SHA1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:1:-1:"data_files/server1.crt":0 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0::0:0:1:-1:"data_files/server1.crt":0 Certificate write check Server1 SHA1, key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0:1:-1:"data_files/server1.key_usage.crt":0 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0 Certificate write check Server1 SHA1, ns_cert_type depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:-1:"data_files/server1.cert_type.crt":0 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0 Certificate write check Server1 SHA1, version 1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0 Certificate write check Server1 SHA1, RSA_ALT depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:-1:"data_files/server1.noauthid.crt":1 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1 Certificate write check Server1 SHA1, RSA_ALT, key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1 Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:0:-1:"data_files/server1.cert_type_noauthid.crt":1 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1 Certificate write check Server1 SHA1, RSA_ALT, version 1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1 X509 String to Names #1 mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0 diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index c00b1aca8..535807e3a 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -37,7 +37,8 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, - int key_usage, int cert_type ) + int key_usage, int set_key_usage, int cert_type, + int set_cert_type ) { mbedtls_pk_context key; mbedtls_x509write_csr req; @@ -59,9 +60,9 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, mbedtls_x509write_csr_set_md_alg( &req, md_type ); mbedtls_x509write_csr_set_key( &req, &key ); TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( key_usage != 0 ) + if( set_key_usage != 0 ) TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( cert_type != 0 ) + if( set_cert_type != 0 ) TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), @@ -100,7 +101,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, char *subject_name, char *issuer_key_file, char *issuer_pwd, char *issuer_name, char *serial_str, char *not_before, char *not_after, - int md_type, int key_usage, int cert_type, int auth_ident, + int md_type, int key_usage, int set_key_usage, + int cert_type, int set_cert_type, int auth_ident, int ver, char *cert_check_file, int rsa_alt ) { mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; @@ -168,9 +170,9 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 ); if( auth_ident ) TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 ); - if( key_usage != 0 ) + if( set_key_usage != 0 ) TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 ); - if( cert_type != 0 ) + if( set_cert_type != 0 ) TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 ); } From 88bf1b3dd5c2d2a568d391dd4df9af9cffcf0b40 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Mon, 8 Oct 2018 19:44:55 +0100 Subject: [PATCH 0933/2197] Improve docs for named bitstrings and their usage --- include/mbedtls/asn1write.h | 18 ++++++++++-------- include/mbedtls/x509_csr.h | 8 ++++++++ 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 80b31c35c..dc0db8629 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -277,19 +277,21 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ); /** - * \brief Write a named bitstring tag (MBEDTLS_ASN1_BIT_STRING) and - * value in ASN.1 format - * Note: function works backwards in data buffer + * \brief This function writes a named bitstring tag + * (#MBEDTLS_ASN1_BIT_STRING) and value in ASN.1 format. * - * As stated in RFC5280 Appending B, trailing zeroes are + * As stated in RFC 5280 Appendix B, trailing zeroes are * omitted when encoding named bitstrings in DER. * - * \param p Reference to current position pointer. - * \param start Start of the buffer (for bounds-checking). - * \param buf The bitstring. + * \note This function works backwards within the data buffer. + * + * \param p The reference to the current position pointer. + * \param start The start of the buffer which is used for bounds-checking. + * \param buf The bitstring to write. * \param bits The total number of bits in the bitstring. * - * \return The length written or a negative error code. + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. */ int mbedtls_asn1_write_named_bitstring( unsigned char **p, unsigned char *start, diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 0c6ccad78..a3c28048e 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -205,6 +205,14 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty * \param key_usage key usage flags to set * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + * + * \note The decipherOnly flag from the Key Usage + * extension is represented by bit 8 (i.e. + * 0x8000), which cannot typically be represented + * in an unsigned char. Therefore, the flag + * decipherOnly (i.e. + * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this + * function. */ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); From 8761d929da786ff3e6c6f85603b114a786d9bd5d Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Wed, 26 Sep 2018 10:59:20 +0100 Subject: [PATCH 0934/2197] Add ChangeLog entry for unused bits in bitstrings --- ChangeLog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ChangeLog b/ChangeLog index b39b95391..0b20bffe2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,12 @@ Bugfix previously lead to a stack overflow on constrained targets. * Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions in the header files, which missed the precompilation check. #971 + * Ensure that unused bits are zero when writing ASN.1 bitstrings when using + mbedtls_asn1_write_bitstring(). + * Fix issue when writing the named bitstrings in KeyUsage and NsCertType + extensions in CSRs and CRTs that caused these bitstrings to not be encoded + correctly as trailing zeroes were not accounted for as unused bits in the + leading content octet. Fixes #1610. = mbed TLS 2.16.0 branch released 2018-12-21 @@ -23,6 +29,8 @@ Features function to see for which parameter values it is defined. This feature is disabled by default. See its API documentation in config.h for additional steps you have to take when enabling it. + * Add a new function mbedtls_asn1_write_named_bitstring() to write ASN.1 + named bitstring in DER as required by RFC 5280 Appendix B. API Changes * The following functions in the random generator modules have been From a05602d100c0cfba33d43d41537b09b92755fc59 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jan 2019 15:25:52 +0100 Subject: [PATCH 0935/2197] Fix typos in recently-added documentation --- include/psa/crypto.h | 56 ++++++++++---------------------------------- 1 file changed, 12 insertions(+), 44 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 40b303210..455415851 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -750,7 +750,7 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \param[in] input Buffer containing the message to hash. * \param input_length Size of the \p input buffer in bytes. * \param[out] hash Buffer containing the expected hash value. - * \param hash_size Size of the \p hash buffer in bytes. + * \param hash_length Size of the \p hash buffer in bytes. * * \retval #PSA_SUCCESS * The expected hash is identical to the actual hash of the input. @@ -1068,7 +1068,8 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_mac_verify(psa_algorithm_t alg, +psa_status_t psa_mac_verify(psa_key_handle_t handle, + psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *mac, @@ -1459,39 +1460,6 @@ psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, size_t output_size, size_t *output_length); -/** Calculate the MAC of a message and compare it with a reference value. - * - * \param handle Handle to the key to use for the operation. - * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(alg) is true). - * \param[in] input Buffer containing the input message. - * \param input_length Size of the \p input buffer in bytes. - * \param[out] mac Buffer containing the expected MAC value. - * \param mac_length Size of the \p mac buffer in bytes. - * - * \retval #PSA_SUCCESS - * The expected MAC is identical to the actual MAC of the input. - * \retval #PSA_ERROR_INVALID_SIGNATURE - * The MAC of the message was calculated successfully, but it - * differs from the expected value. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - */ -psa_status_t psa_mac_verify(psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *mac, - const size_t mac_length); - /** The type of the state data structure for multipart cipher operations. * * Before calling any function on a cipher operation object, the application @@ -2013,7 +1981,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment * of the non-encrypted additional authenticated data each time. * -# Call psa_aead_update() zero, one or more times, passing a fragment - * of the message each time. + * of the message to encrypt each time. * -# Call psa_aead_finish(). * * The application may call psa_aead_abort() at any time after the operation @@ -2071,8 +2039,8 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment * of the non-encrypted additional authenticated data each time. * -# Call psa_aead_update() zero, one or more times, passing a fragment - * of the message each time. - * -# Call psa_aead_finish(). + * of the ciphertext to decrypt each time. + * -# Call psa_aead_verify(). * * The application may call psa_aead_abort() at any time after the operation * has been initialized. @@ -2159,13 +2127,13 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * * If this function returns an error status, the operation becomes inactive. * - * \note When encrypting, applications should use psa_aead_generate_iv() + * \note When encrypting, applications should use psa_aead_generate_nonce() * instead of this function, unless implementing a protocol that requires * a non-random IV. * * \param[in,out] operation Active AEAD operation. - * \param[in] iv Buffer containing the nonce to use. - * \param iv_length Size of the nonce in bytes. + * \param[in] nonce Buffer containing the nonce to use. + * \param nonce_length Size of the nonce in bytes. * * \retval #PSA_SUCCESS * Success. @@ -2319,9 +2287,9 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, uint8_t *tag, size_t tag_size, size_t *tag_length); From bc59c855c4758dd2cbc5b12e12f538522f937617 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 17 Jan 2019 15:26:08 +0100 Subject: [PATCH 0936/2197] Doc only: Add psa_aead_set_lengths() for the sake of CCM --- include/psa/crypto.h | 72 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 455415851..acbcc3df0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1974,6 +1974,10 @@ static psa_aead_operation_t psa_aead_operation_init(void); * documentation for #psa_aead_operation_t, e.g. * PSA_AEAD_OPERATION_INIT. * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. + * -# If needed, call psa_aead_set_lengths() to specify the length of the + * inputs to the subsequent calls to psa_aead_update_ad() and + * psa_aead_update(). See the documentation of psa_aead_set_lengths() + * for details. * -# Call either psa_aead_generate_nonce() or psa_aead_set_nonce() to * generate or set the nonce. You should use * psa_aead_generate_nonce() unless the protocol you are implementing @@ -2035,6 +2039,10 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * documentation for #psa_aead_operation_t, e.g. * PSA_AEAD_OPERATION_INIT. * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. + * -# If needed, call psa_aead_set_lengths() to specify the length of the + * inputs to the subsequent calls to psa_aead_update_ad() and + * psa_aead_update(). See the documentation of psa_aead_set_lengths() + * for details. * -# Call psa_aead_set_nonce() with the nonce for the decryption. * -# Call psa_aead_update_ad() zero, one or more times, passing a fragment * of the non-encrypted additional authenticated data each time. @@ -2150,6 +2158,44 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const unsigned char *nonce, size_t nonce_length); +/** Declare the lengths of the message and additional data for AEAD. + * + * The application must call this function before calling + * psa_aead_update_ad() or psa_aead_update() if the algorithm for + * the operation requires it. If the algorithm does not require it, + * calling this function is optional, but if this function is called + * then the implementation must enforce the lengths. + * + * You may call this function before or after setting the nonce with + * psa_aead_set_nonce() or psa_aead_generate_nonce(). + * + * - For #PSA_ALG_CCM, calling this function is required. + * - For the other AEAD algorithms defined in this specification, calling + * this function is not required. + * - For vendor-defined algorithm, refer to the vendor documentation. + * + * \param[in,out] operation Active AEAD operation. + * \param ad_length Size of the non-encrypted additional + * authenticated data in bytes. + * \param plaintext_length Size of the plaintext to encrypt in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (not set up, already completed, + * or psa_aead_update_ad() or psa_aead_update() already called). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * At least one of the lengths is not acceptable for the chosen + * algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length); + /** Pass additional data to an active AEAD operation. * * Additional data is authenticated, but not encrypted. @@ -2180,6 +2226,9 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not set up, nonce not set, * psa_aead_update() already called, or operation already completed). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input length overflows the additional data length that + * was previously specified with psa_aead_set_lengths(). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2230,6 +2279,13 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input length overflows the plaintext length that + * was previously specified with psa_aead_set_lengths(). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2281,6 +2337,14 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * decryption, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update() so far is + * less than the plaintext length that was previously + * specified with psa_aead_set_lengths(). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2316,6 +2380,14 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * encryption, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update_ad() so far is + * less than the additional data length that was previously + * specified with psa_aead_set_lengths(). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total length of input to psa_aead_update() so far is + * less than the plaintext length that was previously + * specified with psa_aead_set_lengths(). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE From 283dfd1613046665c657503398a74087222dd1c5 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 12:06:22 +0000 Subject: [PATCH 0937/2197] psa: Add get/set domain parameters DSA and static DH need extra domain parameters. Instead of passing these in with the keys themselves, add get and set functions to set and retrieve this information about keys. --- include/psa/crypto.h | 66 ++++++++++++++++++++++++++++++++++++++++++++ library/psa_crypto.c | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 903ef99a4..f7b158326 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -369,6 +369,72 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, psa_key_type_t *type, size_t *bits); +/** + * \brief Set domain parameters for a key. + * + * Some key types require additional domain parameters to be set before import + * or generation of the key. The domain parameters can be set with this + * function or, for key generation, through the \c extra parameter of + * psa_generate_key(). + * + * The format for the required domain parameters varies by the key type. + * + * \param handle Handle to the key to set domain parameters for. + * \param[in] data Buffer containing the key domain parameters. The content + * of this buffer is interpreted according to \p type. of + * psa_export_key() or psa_export_public_key() for the + * chosen type. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_OCCUPIED_SLOT + * There is already a key in the specified slot. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_set_key_domain_parameters(psa_key_handle_t handle, + const uint8_t *data, + size_t data_length); + +/** + * \brief Get domain parameters for a key. + * + * Get the domain parameters for a key with this function, if any. The format + * of the domain parameters written to \p data is specified in the + * documentation for psa_set_key_domain_parameters(). + * + * \param handle Handle to the key to get domain parameters from. + * \param[out] data On success, the key domain parameters. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key domain parameters data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * There is no key in the specified slot. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle, + uint8_t *data, + size_t data_size, + size_t *data_length); + /** * \brief Export a key in binary format. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bb53f8194..9cfdcdd16 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -727,7 +727,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, } /* Retrieve an empty key slot (slot with no key data, but possibly - * with some metadata such as a policy). */ + * with some metadata such as a policy or domain parameters). */ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, psa_key_slot_t **p_slot ) { From 1308fb517fefdb8289960661e145da157bd5f8f6 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 13:50:43 +0000 Subject: [PATCH 0938/2197] psa: Simplify DSA key formats Remove front matter and DSS parameters from our DSA key formats, both keypair and public key, to make it just a representation of the integer private key, `x`, or the public key, `y`, respectively. --- include/psa/crypto.h | 63 ++++++++++++++++---------------------------- 1 file changed, 23 insertions(+), 40 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f7b158326..57edf7c89 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -378,6 +378,15 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, * psa_generate_key(). * * The format for the required domain parameters varies by the key type. + * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), + * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. + * ``` + * Dss-Parms ::= SEQUENCE { + * p INTEGER, + * q INTEGER, + * g INTEGER + * } + * ``` * * \param handle Handle to the key to set domain parameters for. * \param[in] data Buffer containing the key domain parameters. The content @@ -470,19 +479,10 @@ psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle, * coefficient INTEGER, -- (inverse of q) mod p * } * ``` - * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format - * is the non-encrypted DER encoding of the representation used by - * OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows: - * ``` - * DSAPrivateKey ::= SEQUENCE { - * version INTEGER, -- must be 0 - * prime INTEGER, -- p - * subprime INTEGER, -- q - * generator INTEGER, -- g - * public INTEGER, -- y - * private INTEGER, -- x - * } - * ``` + * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format is the + * representation of the private key `x` as a big-endian byte string. The + * length of the byte string is the private key size in bytes (leading zeroes + * are not stripped). * - For elliptic curve key pairs (key types for which * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is * a representation of the private value as a `ceiling(m/8)`-byte string @@ -556,33 +556,10 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * - The byte 0x04; * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. - * - * For other public key types, the format is the DER representation defined by - * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format - * specified below. - * ``` - * SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - * ``` - * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), - * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as - * `DSAPublicKey`, - * with the OID `id-dsa`, - * and with the parameters `DSS-Parms`. - * ``` - * id-dsa OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 } - * - * Dss-Parms ::= SEQUENCE { - * p INTEGER, - * q INTEGER, - * g INTEGER } - * DSAPublicKey ::= INTEGER -- public key, Y - * ``` + * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), the format is the + * representation of the public key `y = g^x mod p` as a big-endian byte + * string. The length of the byte string is the length of the base prime `p` + * in bytes. * * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. @@ -2321,6 +2298,12 @@ typedef struct { * specifying the public exponent. The * default public exponent used when \p extra * is \c NULL is 65537. + * - For an DSA key (\p type is + * #PSA_KEY_TYPE_DSA_KEYPAIR), \p extra is an + * optional structure specifying the key domain + * parameters. The key domain parameters can also be + * provided by psa_set_key_domain_parameters(), + * which documents the format of the structure. * \param extra_size Size of the buffer that \p extra * points to, in bytes. Note that if \p extra is * \c NULL then \p extra_size must be zero. From 8851c40d8597917d56d7abae33aeac8a1ec44a5b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 14:20:03 +0000 Subject: [PATCH 0939/2197] psa: Add DH key exchange keys Add the ability to specify Diffie-Hellman key exchange keys. Specify the import/export format as well, even though importing and exporting isn't implemented yet. --- include/psa/crypto.h | 29 +++++++++++++++++++++++++++++ include/psa/crypto_values.h | 9 +++++++++ 2 files changed, 38 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 57edf7c89..7f9daa904 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -387,6 +387,21 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, * g INTEGER * } * ``` + * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY), the + * `DomainParameters` format as defined by RFC 3279 §2.3.3. + * ``` + * DomainParameters ::= SEQUENCE { + * p INTEGER, -- odd prime, p=jq +1 + * g INTEGER, -- generator, g + * q INTEGER, -- factor of p-1 + * j INTEGER OPTIONAL, -- subgroup factor + * validationParms ValidationParms OPTIONAL + * } + * ValidationParms ::= SEQUENCE { + * seed BIT STRING, + * pgenCounter INTEGER + * } + * ``` * * \param handle Handle to the key to set domain parameters for. * \param[in] data Buffer containing the key domain parameters. The content @@ -494,6 +509,10 @@ psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle, * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`). * This is the content of the `privateKey` field of the `ECPrivateKey` * format defined by RFC 5915. + * - For Diffie-Hellman key exchange key pairs (#PSA_KEY_TYPE_DH_KEYPAIR), the + * format is the representation of the private key `x` as a big-endian byte + * string. The length of the byte string is the private key size in bytes + * (leading zeroes are not stripped). * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is * true), the format is the same as for psa_export_public_key(). * @@ -560,6 +579,10 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * representation of the public key `y = g^x mod p` as a big-endian byte * string. The length of the byte string is the length of the base prime `p` * in bytes. + * - For Diffie-Hellman key exchange public keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY), + * the format is the representation of the public key `y = g^x mod p` as a + * big-endian byte string. The length of the byte string is the length of the + * base prime `p` in bytes. * * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. @@ -2304,6 +2327,12 @@ typedef struct { * parameters. The key domain parameters can also be * provided by psa_set_key_domain_parameters(), * which documents the format of the structure. + * - For a DH key (\p type is + * #PSA_KEY_TYPE_DH_KEYPAIR), the \p extra is an + * optional structure specifying the key domain + * parameters. The key domain parameters can also be + * provided by psa_set_key_domain_parameters(), + * which documents the format of the structure. * \param extra_size Size of the buffer that \p extra * points to, in bytes. Note that if \p extra is * \c NULL then \p extra_size must be zero. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 4d25835be..2e24b7c3b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -497,6 +497,15 @@ #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) +/** Diffie-Hellman key exchange public key. */ +#define PSA_KEY_TYPE_DH_PUBLIC_KEY ((psa_key_type_t)0x60040000) +/** Diffie-Hellman key exchange key pair (private and public key). */ +#define PSA_KEY_TYPE_DH_KEYPAIR ((psa_key_type_t)0x70040000) +/** Whether a key type is a Diffie-Hellman key exchange key (pair or + * public-only). */ +#define PSA_KEY_TYPE_IS_DH(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DH_PUBLIC_KEY) + /** The block size of a block cipher. * * \param type A cipher key type (value of type #psa_key_type_t). From 3a74e00429f4fde1fe479f0e38534f236a08e23e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 18 Jan 2019 17:11:25 +0100 Subject: [PATCH 0940/2197] Add type argument to psa_set_key_domain_parameters psa_set_key_domain_parameters needs the type to parse the domain parameters. --- include/psa/crypto.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7f9daa904..8fee6505e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -403,7 +403,16 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, * } * ``` * - * \param handle Handle to the key to set domain parameters for. + * \param handle Handle to the slot where the key will be stored. + * This must be a valid slot for a key of the chosen + * type: it must have been obtained by calling + * psa_allocate_key() or psa_create_key() with the + * correct \p type and with a maximum size that is + * compatible with \p data. It must not contain + * key material yet. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). When + * subsequently creating key material into \p handle, + * the type must be compatible. * \param[in] data Buffer containing the key domain parameters. The content * of this buffer is interpreted according to \p type. of * psa_export_key() or psa_export_public_key() for the @@ -424,6 +433,7 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, * results in this error code. */ psa_status_t psa_set_key_domain_parameters(psa_key_handle_t handle, + psa_key_type_t type, const uint8_t *data, size_t data_length); From b70a0fd1a5e3ca1941d27c60e923ae07c9c2691e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Jan 2019 22:59:38 +0100 Subject: [PATCH 0941/2197] Key derivation by small input steps: proof-of-concept Document the new API. Keep the old one. Implement for HKDF. Use it in a few test cases. Key agreement is still unchanged. --- include/psa/crypto.h | 141 ++++++++++++++ include/psa/crypto_struct.h | 2 + include/psa/crypto_types.h | 9 + include/psa/crypto_values.h | 12 ++ library/psa_crypto.c | 194 +++++++++++++++++++- tests/suites/test_suite_psa_crypto.function | 83 +++++++-- 6 files changed, 427 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83f..6005269c3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1963,6 +1963,22 @@ static psa_crypto_generator_t psa_crypto_generator_init(void); psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity); +/** Set the maximum capacity of a generator. + * + * \param[in,out] generator The generator object to modify. + * \param capacity The new capacity of the generator. + * It must be less or equal to the generator's + * current capacity. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p capacity is larger than the generator's current capacity. + * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + */ +psa_status_t psa_set_generator_capacity(psa_crypto_generator_t *generator, + size_t capacity); + /** Read some data from a generator. * * This function reads and returns a sequence of bytes from a generator. @@ -2088,6 +2104,131 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * @{ */ +/** Set up a key derivation operation. + * + * A key derivation algorithm takes some inputs and uses them to create + * a byte generator which can be used to produce keys and other + * cryptographic material. + * + * To use a generator for key derivation: + * - Start with an initialized object of type #psa_crypto_generator_t. + * - Call psa_key_derivation_setup() to select the algorithm. + * - Provide the inputs for the key derivation by calling + * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() + * as appropriate. Which inputs are needed, in what order, and whether + * they may be keys and if so of what type depends on the algorithm. + * - Optionally set the generator's maximum capacity with + * psa_set_generator_capacity(). You may do this before, in the middle of + * or after providing inputs. For some algorithms, this step is mandatory + * because the output depends on the maximum capacity. + * - Generate output with psa_generator_read() or + * psa_generator_import_key(). Successive calls to these functions + * use successive output bytes from the generator. + * - Clean up the generator object with psa_generator_abort(). + * + * \param[in,out] generator The generator object to set up. It must + * have been initialized but not set up yet. + * \param alg The key derivation algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c alg is not a key derivation algorithm. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + */ +psa_status_t psa_key_derivation_setup(psa_crypto_generator_t *generator, + psa_algorithm_t alg); + +/** Provide an input for key derivation. + * + * Which inputs are required and in what order depends on the type of + * key derivation algorithm. + * + * - For HKDF (#PSA_ALG_HKDF), the following inputs are supported: + * - #PSA_KDF_STEP_SALT is the salt used in the "extract" step. + * It is optional; if omitted, the derivation uses an empty salt. + * - #PSA_KDF_STEP_SECRET is the secret key used in the "extract" step. + * It may be a key of type #PSA_KEY_TYPE_DERIVE with the + * usage flag #PSA_KEY_USAGE_DERIVE. + * - #PSA_KDF_STEP_INFO is the info string used in the "expand" step. + * You must pass #PSA_KDF_STEP_SALT before #PSA_KDF_STEP_SECRET. + * #PSA_KDF_STEP_INFO may be passed at any time before starting to + * generate output. + * + * \param[in,out] generator The generator object to use. It must + * have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * See above for the permitted values + * depending on the algorithm. + * \param[in] data Input data to use. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the generator's algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The value of \p step is not valid given the state of \p generator. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_bytes(psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length); + +/** Provide an input for key derivation in the form of a key. + * + * See the descrition of psa_key_derivation_input_bytes() regarding + * what inputs are supported and in what order. An input step may only be + * a key if the descrition of psa_key_derivation_input_bytes() explicitly + * allows it. + * + * \param[in,out] generator The generator object to use. It must + * have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param handle Handle to the secret key. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the generator's algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The value of \p step is not valid given the state of \p generator. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, + psa_key_handle_t handle); + /** Set up a key derivation operation. * * A key derivation algorithm takes three inputs: a secret input \p key and diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index ee3ecd776..bebc5c445 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -165,6 +165,8 @@ typedef struct #endif uint8_t offset_in_block; uint8_t block_number; + uint8_t state : 2; + uint8_t info_set : 1; } psa_hkdf_generator_t; #endif /* MBEDTLS_MD_C */ diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 9b44d6aef..637e07c6b 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -98,4 +98,13 @@ typedef uint32_t psa_key_usage_t; /**@}*/ +/** \defgroup derivation Key derivation + * @{ + */ + +/** \brief Encoding of the step of a key derivation. */ +typedef uint16_t psa_key_derivation_step_t; + +/**@}*/ + #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 4d25835be..5c81acdbe 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1417,4 +1417,16 @@ /**@}*/ +/** \defgroup derivation Key derivation + * @{ + */ + +#define PSA_KDF_STEP_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KDF_STEP_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KDF_STEP_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KDF_STEP_PEER_KEY ((psa_key_derivation_step_t)0x0301) + +/**@}*/ + #endif /* PSA_CRYPTO_VALUES_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..916c52fc6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3313,6 +3313,11 @@ exit: /* Generators */ /****************************************************************/ +#define HKDF_STATE_INIT 0 /* no input yet */ +#define HKDF_STATE_STARTED 1 /* got salt */ +#define HKDF_STATE_KEYED 2 /* got key */ +#define HKDF_STATE_OUTPUT 3 /* output started */ + psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) { psa_status_t status = PSA_SUCCESS; @@ -3366,7 +3371,6 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) return( status ); } - psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity) { @@ -3374,6 +3378,17 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, return( PSA_SUCCESS ); } +psa_status_t psa_set_generator_capacity( psa_crypto_generator_t *generator, + size_t capacity ) +{ + if( generator->alg == 0 ) + return( PSA_ERROR_BAD_STATE ); + if( capacity > generator->capacity ) + return( PSA_ERROR_INVALID_ARGUMENT ); + generator->capacity = capacity; + return( PSA_SUCCESS ); +} + #if defined(MBEDTLS_MD_C) /* Read some bytes from an HKDF-based generator. This performs a chunk * of the expand phase of the HKDF algorithm. */ @@ -3385,6 +3400,10 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); psa_status_t status; + if( hkdf->state < HKDF_STATE_KEYED || ! hkdf->info_set ) + return( PSA_ERROR_BAD_STATE ); + hkdf->state = HKDF_STATE_OUTPUT; + while( output_length != 0 ) { /* Copy what remains of the current block */ @@ -3755,6 +3774,8 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, return( PSA_ERROR_INSUFFICIENT_MEMORY ); memcpy( hkdf->info, label, label_length ); } + hkdf->state = HKDF_STATE_KEYED; + hkdf->info_set = 1; return( PSA_SUCCESS ); } #endif /* MBEDTLS_MD_C */ @@ -3998,6 +4019,177 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, return( status ); } +psa_status_t psa_key_derivation_setup( psa_crypto_generator_t *generator, + psa_algorithm_t alg ) +{ + if( generator->alg != 0 ) + return( PSA_ERROR_BAD_STATE ); + /* Make sure that alg is a supported key derivation algorithm. + * Key agreement algorithms and key selection algorithms are not + * supported by this function. */ +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HKDF( alg ) || + PSA_ALG_IS_TLS12_PRF( alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) + { + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); + size_t hash_size = PSA_HASH_SIZE( hash_alg ); + if( hash_size == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( ( PSA_ALG_IS_TLS12_PRF( alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) && + ! ( hash_alg == PSA_ALG_SHA_256 && hash_alg == PSA_ALG_SHA_384 ) ) + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + generator->capacity = 255 * hash_size; + } +#endif /* MBEDTLS_MD_C */ + else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + else + return( PSA_ERROR_INVALID_ARGUMENT ); + generator->alg = alg; + return( PSA_SUCCESS ); +} + +#if defined(MBEDTLS_MD_C) +static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status; + switch( step ) + { + case PSA_KDF_STEP_SALT: + if( hkdf->state == HKDF_STATE_INIT ) + { + status = psa_hmac_setup_internal( &hkdf->hmac, + data, data_length, + hash_alg ); + if( status != PSA_SUCCESS ) + return( status ); + hkdf->state = HKDF_STATE_STARTED; + return( PSA_SUCCESS ); + } + else + return( PSA_ERROR_BAD_STATE ); + break; + case PSA_KDF_STEP_SECRET: + /* If no salt was provided, use an empty salt. */ + if( hkdf->state == HKDF_STATE_INIT ) + { + status = psa_hmac_setup_internal( &hkdf->hmac, + NULL, 0, + PSA_ALG_HMAC( hash_alg ) ); + if( status != PSA_SUCCESS ) + return( status ); + hkdf->state = HKDF_STATE_STARTED; + } + if( hkdf->state == HKDF_STATE_STARTED ) + { + status = psa_hash_update( &hkdf->hmac.hash_ctx, + data, data_length ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hmac_finish_internal( &hkdf->hmac, + hkdf->prk, + sizeof( hkdf->prk ) ); + if( status != PSA_SUCCESS ) + return( status ); + hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg ); + hkdf->block_number = 0; + hkdf->state = HKDF_STATE_KEYED; + return( PSA_SUCCESS ); + } + else + return( PSA_ERROR_BAD_STATE ); + break; + case PSA_KDF_STEP_INFO: + if( hkdf->state == HKDF_STATE_OUTPUT ) + return( PSA_ERROR_BAD_STATE ); + if( hkdf->info_set ) + return( PSA_ERROR_BAD_STATE ); + hkdf->info_length = data_length; + if( data_length != 0 ) + { + hkdf->info = mbedtls_calloc( 1, data_length ); + if( hkdf->info == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( hkdf->info, data, data_length ); + } + hkdf->info_set = 1; + return( PSA_SUCCESS ); + default: + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} +#endif /* MBEDTLS_MD_C */ + +psa_status_t psa_key_derivation_input_bytes( psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status; + +#if defined(MBEDTLS_MD_C) + if( PSA_ALG_IS_HKDF( generator->alg ) ) + { + status = psa_hkdf_input( &generator->ctx.hkdf, + PSA_ALG_HKDF_GET_HASH( generator->alg ), + step, data, data_length ); + } +#endif /* MBEDTLS_MD_C */ + +#if defined(MBEDTLS_MD_C) + /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ + else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) ) + { + // TODO + status = PSA_ERROR_NOT_SUPPORTED; + } + else +#endif /* MBEDTLS_MD_C */ + + { + /* This can't happen unless the generator object was not initialized */ + return( PSA_ERROR_BAD_STATE ); + } + + if( status != PSA_SUCCESS ) + psa_generator_abort( generator ); + return( status ); +} + +psa_status_t psa_key_derivation_input_key( psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, + psa_key_handle_t handle ) +{ + psa_key_slot_t *slot; + psa_status_t status; + status = psa_get_key_from_slot( handle, &slot, + PSA_KEY_USAGE_DERIVE, + generator->alg ); + if( status != PSA_SUCCESS ) + return( status ); + if( slot->type != PSA_KEY_TYPE_DERIVE ) + return( PSA_ERROR_INVALID_ARGUMENT ); + /* Don't allow a key to be used as an input that is usually public. + * This is debatable. It's ok from a cryptographic perspective to + * use secret material as an input that is usually public. However + * this is usually not intended, so be conservative at least for now. */ + if( step != PSA_KDF_STEP_SECRET ) + return( PSA_ERROR_INVALID_ARGUMENT ); + return( psa_key_derivation_input_bytes( generator, + step, + slot->data.raw.data, + slot->data.raw.bytes ) ); +} + /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6916bf42e..9b8e01c23 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -366,11 +366,30 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_DERIVE ) { - PSA_ASSERT( psa_key_derivation( &generator, - handle, alg, - label, label_length, - seed, seed_length, - sizeof( output ) ) ); + if( PSA_ALG_IS_HKDF( alg ) ) + { + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_SALT, + label, + label_length ) ); + PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_KDF_STEP_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_INFO, + seed, + seed_length ) ); + } + else + { + // legacy + PSA_ASSERT( psa_key_derivation( &generator, + handle, alg, + label, label_length, + seed, seed_length, + sizeof( output ) ) ); + } PSA_ASSERT( psa_generator_read( &generator, output, sizeof( output ) ) ); @@ -3495,10 +3514,29 @@ void derive_output( int alg_arg, key_data->len ) ); /* Extraction phase. */ - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) ); + if( PSA_ALG_IS_HKDF( alg ) ) + { + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + PSA_ASSERT( psa_set_generator_capacity( &generator, + requested_capacity ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_SALT, + salt->x, salt->len ) ); + PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_KDF_STEP_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_INFO, + label->x, label->len ) ); + } + else + { + // legacy + PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) ); + } PSA_ASSERT( psa_get_generator_capacity( &generator, ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); @@ -3575,10 +3613,29 @@ void derive_full( int alg_arg, key_data->len ) ); /* Extraction phase. */ - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) ); + if( PSA_ALG_IS_HKDF( alg ) ) + { + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + PSA_ASSERT( psa_set_generator_capacity( &generator, + requested_capacity ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_SALT, + salt->x, salt->len ) ); + PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_KDF_STEP_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_INFO, + label->x, label->len ) ); + } + else + { + // legacy + PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + salt->x, salt->len, + label->x, label->len, + requested_capacity ) ); + } PSA_ASSERT( psa_get_generator_capacity( &generator, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); From 6cdfdb75a990ef31c98d300476c1135f92f9ddaf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Jan 2019 10:31:27 +0100 Subject: [PATCH 0942/2197] Improve the rules on key derivation input types Use separate step types for a KDF secret and for the private key in a key agreement. Determine which key type is allowed from the step type, independently of the KDF. Forbid raw inputs for certain steps. They definitely should be forbidden for asymmetric keys, which are structured. Also forbid them for KDF secrets: the secrets are supposed to be keys, even if they're unstructured. --- include/psa/crypto.h | 42 ++++++++++++++++++----------------- include/psa/crypto_values.h | 44 ++++++++++++++++++++++++++++++++++++- library/psa_crypto.c | 39 ++++++++++++++++++++++++-------- 3 files changed, 95 insertions(+), 30 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6005269c3..f1731f694 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2147,29 +2147,21 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); psa_status_t psa_key_derivation_setup(psa_crypto_generator_t *generator, psa_algorithm_t alg); -/** Provide an input for key derivation. +/** Provide an input for key derivation or key agreement. * - * Which inputs are required and in what order depends on the type of - * key derivation algorithm. + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. * - * - For HKDF (#PSA_ALG_HKDF), the following inputs are supported: - * - #PSA_KDF_STEP_SALT is the salt used in the "extract" step. - * It is optional; if omitted, the derivation uses an empty salt. - * - #PSA_KDF_STEP_SECRET is the secret key used in the "extract" step. - * It may be a key of type #PSA_KEY_TYPE_DERIVE with the - * usage flag #PSA_KEY_USAGE_DERIVE. - * - #PSA_KDF_STEP_INFO is the info string used in the "expand" step. - * You must pass #PSA_KDF_STEP_SALT before #PSA_KDF_STEP_SECRET. - * #PSA_KDF_STEP_INFO may be passed at any time before starting to - * generate output. + * This function passes direct inputs. Some inputs must be passed as keys + * using psa_key_derivation_input_key() instead of this function. Refer to + * the documentation of individual step types for information. * * \param[in,out] generator The generator object to use. It must * have been set up with * psa_key_derivation_setup() and must not * have produced any output yet. * \param step Which step the input data is for. - * See above for the permitted values - * depending on the algorithm. * \param[in] data Input data to use. * \param data_length Size of the \p data buffer in bytes. * @@ -2177,6 +2169,8 @@ psa_status_t psa_key_derivation_setup(psa_crypto_generator_t *generator, * Success. * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step is not compatible with the generator's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow direct inputs. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -2195,17 +2189,23 @@ psa_status_t psa_key_derivation_input_bytes(psa_crypto_generator_t *generator, /** Provide an input for key derivation in the form of a key. * - * See the descrition of psa_key_derivation_input_bytes() regarding - * what inputs are supported and in what order. An input step may only be - * a key if the descrition of psa_key_derivation_input_bytes() explicitly - * allows it. + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function passes key inputs. Some inputs must be passed as keys + * of the appropriate type using this function, while others must be + * passed as direct inputs using psa_key_derivation_input_bytes(). Refer to + * the documentation of individual step types for information. * * \param[in,out] generator The generator object to use. It must * have been set up with * psa_key_derivation_setup() and must not * have produced any output yet. * \param step Which step the input data is for. - * \param handle Handle to the secret key. + * \param handle Handle to the key. It must have an + * appropriate type for \p step and must + * allow the usage #PSA_KEY_USAGE_DERIVE. * * \retval #PSA_SUCCESS * Success. @@ -2214,6 +2214,8 @@ psa_status_t psa_key_derivation_input_bytes(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step is not compatible with the generator's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow key inputs. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5c81acdbe..fedd35c5c 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1104,6 +1104,15 @@ * * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. * + * This key derivation algorithm uses the following inputs: + * - #PSA_KDF_STEP_SALT is the salt used in the "extract" step. + * It is optional; if omitted, the derivation uses an empty salt. + * - #PSA_KDF_STEP_SECRET is the secret key used in the "extract" step. + * - #PSA_KDF_STEP_INFO is the info string used in the "expand" step. + * You must pass #PSA_KDF_STEP_SALT before #PSA_KDF_STEP_SECRET. + * You may pass #PSA_KDF_STEP_INFO at any time after steup and before + * starting to generate output. + * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). * @@ -1421,11 +1430,44 @@ * @{ */ +/** A secret input for key derivation. + * + * This must be a key of type #PSA_KEY_TYPE_DERIVE. + */ #define PSA_KDF_STEP_SECRET ((psa_key_derivation_step_t)0x0101) + +/** A label for key derivation. + * + * This must be a direct input. + */ #define PSA_KDF_STEP_LABEL ((psa_key_derivation_step_t)0x0201) + +/** A salt for key derivation. + * + * This must be a direct input. + */ #define PSA_KDF_STEP_SALT ((psa_key_derivation_step_t)0x0202) + +/** An information string for key derivation. + * + * This must be a direct input. + */ #define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203) -#define PSA_KDF_STEP_PEER_KEY ((psa_key_derivation_step_t)0x0301) + +/** The private key in a key agreement. + * + * This must be a key pair of the appropriate type for the key agreement + * algorithm. + */ +#define PSA_KDF_STEP_OUR_KEY ((psa_key_derivation_step_t)0x0301) + +/** A label for key derivation. + * + * This may be a key pair of the appropriate type for the key agreement + * algorithm, or a direct input which is parsed as a public key in the + * same format as psa_import_key(). + */ +#define PSA_KDF_STEP_PEER_KEY ((psa_key_derivation_step_t)0x0302) /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 916c52fc6..6269fba71 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4128,10 +4128,11 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, } #endif /* MBEDTLS_MD_C */ -psa_status_t psa_key_derivation_input_bytes( psa_crypto_generator_t *generator, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_key_derivation_input_raw( + psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) { psa_status_t status; @@ -4165,6 +4166,23 @@ psa_status_t psa_key_derivation_input_bytes( psa_crypto_generator_t *generator, return( status ); } +psa_status_t psa_key_derivation_input_bytes( psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + switch( step ) + { + case PSA_KDF_STEP_LABEL: + case PSA_KDF_STEP_SALT: + case PSA_KDF_STEP_INFO: + return( psa_key_derivation_input_raw( generator, step, + data, data_length ) ); + default: + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + psa_status_t psa_key_derivation_input_key( psa_crypto_generator_t *generator, psa_key_derivation_step_t step, psa_key_handle_t handle ) @@ -4176,18 +4194,21 @@ psa_status_t psa_key_derivation_input_key( psa_crypto_generator_t *generator, generator->alg ); if( status != PSA_SUCCESS ) return( status ); + // TODO: for a key agreement algorithm, allow the corresponding key type and step if( slot->type != PSA_KEY_TYPE_DERIVE ) return( PSA_ERROR_INVALID_ARGUMENT ); /* Don't allow a key to be used as an input that is usually public. * This is debatable. It's ok from a cryptographic perspective to * use secret material as an input that is usually public. However - * this is usually not intended, so be conservative at least for now. */ + * the material should be dedicated to a particular input step, + * otherwise this may allow the key to be used in an unintended way + * and leak values derived from the key. So be conservative. */ if( step != PSA_KDF_STEP_SECRET ) return( PSA_ERROR_INVALID_ARGUMENT ); - return( psa_key_derivation_input_bytes( generator, - step, - slot->data.raw.data, - slot->data.raw.bytes ) ); + return( psa_key_derivation_input_raw( generator, + step, + slot->data.raw.data, + slot->data.raw.bytes ) ); } From 41ac513de8a28b2b7fd0d0b98be84cba50be2d98 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Jan 2019 16:13:42 +0100 Subject: [PATCH 0943/2197] Don't use key derivation multipart inputs for key agreement It isn't a good fit. It's overly complex for what the API can do now, which is Diffie-Hellman. Consider it again later for more complex use cases such as authenticated key exchanges. --- include/psa/crypto_values.h | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index fedd35c5c..c799081d8 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1454,21 +1454,6 @@ */ #define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203) -/** The private key in a key agreement. - * - * This must be a key pair of the appropriate type for the key agreement - * algorithm. - */ -#define PSA_KDF_STEP_OUR_KEY ((psa_key_derivation_step_t)0x0301) - -/** A label for key derivation. - * - * This may be a key pair of the appropriate type for the key agreement - * algorithm, or a direct input which is parsed as a public key in the - * same format as psa_import_key(). - */ -#define PSA_KDF_STEP_PEER_KEY ((psa_key_derivation_step_t)0x0302) - /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From 969c5d61f7405b33c8384cedc52b6622679ee204 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 16 Jan 2019 15:53:06 +0100 Subject: [PATCH 0944/2197] Make key agreement the secret input for key derivation * Documentation * Proof-of-concept implementation * Updates to the tests (work in progress) --- include/psa/crypto.h | 30 ++-- library/psa_crypto.c | 148 +++++++++++++------- tests/suites/test_suite_psa_crypto.function | 32 ++--- 3 files changed, 131 insertions(+), 79 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f1731f694..2217b95ed 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2284,19 +2284,24 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, size_t label_length, size_t capacity); -/** Set up a key agreement operation. +/** Perform a key agreement and use the shared secret as input to a key + * derivation. * * A key agreement algorithm takes two inputs: a private key \p private_key * a public key \p peer_key. - * The result of this function is a byte generator which can - * be used to produce keys and other cryptographic material. + * The result of this function is passed as input to a key derivation. + * The output of this key derivation can be extracted by reading from the + * resulting generator to produce keys and other cryptographic material. * - * The resulting generator always has the maximum capacity permitted by - * the algorithm. - * - * \param[in,out] generator The generator object to set up. It must have - * been initialized as per the documentation for - * #psa_crypto_generator_t and not yet in use. + * \param[in,out] generator The generator object to use. It must + * have been set up with + * psa_key_derivation_setup() with a + * key agreement algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). + * The generator must be ready for an + * input of the type given by \p step. + * \param step Which step the input data is for. * \param private_key Handle to the private key to use. * \param[in] peer_key Public key of the peer. It must be * in the same format that psa_import_key() @@ -2304,9 +2309,6 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * keys are documented in the documentation * of psa_export_public_key(). * \param peer_key_length Size of \p peer_key in bytes. - * \param alg The key agreement algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). * * \retval #PSA_SUCCESS * Success. @@ -2325,10 +2327,10 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, - size_t peer_key_length, - psa_algorithm_t alg); + size_t peer_key_length); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6269fba71..d616c14f6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3318,17 +3318,28 @@ exit: #define HKDF_STATE_KEYED 2 /* got key */ #define HKDF_STATE_OUTPUT 3 /* output started */ +static psa_algorithm_t psa_generator_get_kdf_alg( + const psa_crypto_generator_t *generator ) +{ + if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) + return( PSA_ALG_KEY_AGREEMENT_GET_KDF( generator->alg ) ); + else + return( generator->alg ); +} + + psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) { psa_status_t status = PSA_SUCCESS; - if( generator->alg == 0 ) + psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); + if( kdf_alg == 0 ) { /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's * nothing to do. */ } else - if( generator->alg == PSA_ALG_SELECT_RAW ) + if( kdf_alg == PSA_ALG_SELECT_RAW ) { if( generator->ctx.buffer.data != NULL ) { @@ -3339,14 +3350,14 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) } else #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HKDF( generator->alg ) ) + if( PSA_ALG_IS_HKDF( kdf_alg ) ) { mbedtls_free( generator->ctx.hkdf.info ); status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac ); } - else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) || + else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || /* TLS-1.2 PSK-to-MS KDF uses the same generator as TLS-1.2 PRF */ - PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) ) + PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { if( generator->ctx.tls12_prf.key != NULL ) { @@ -3617,6 +3628,7 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, size_t output_length ) { psa_status_t status; + psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); if( output_length > generator->capacity ) { @@ -3627,7 +3639,7 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, goto exit; } if( output_length == 0 && - generator->capacity == 0 && generator->alg == 0 ) + generator->capacity == 0 && kdf_alg == 0 ) { /* Edge case: this is a blank or finished generator, and 0 * bytes were requested. The right error in this case could @@ -3639,7 +3651,7 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, } generator->capacity -= output_length; - if( generator->alg == PSA_ALG_SELECT_RAW ) + if( kdf_alg == PSA_ALG_SELECT_RAW ) { /* Initially, the capacity of a selection generator is always * the size of the buffer, i.e. `generator->ctx.buffer.size`, @@ -3657,17 +3669,17 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, } else #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HKDF( generator->alg ) ) + if( PSA_ALG_IS_HKDF( kdf_alg ) ) { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( generator->alg ); + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg, output, output_length ); } - else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) ) + else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf, - generator->alg, output, + kdf_alg, output, output_length ); } else @@ -4019,38 +4031,66 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, return( status ); } -psa_status_t psa_key_derivation_setup( psa_crypto_generator_t *generator, - psa_algorithm_t alg ) +static psa_status_t psa_key_derivation_setup_kdf( + psa_crypto_generator_t *generator, + psa_algorithm_t kdf_alg ) { - if( generator->alg != 0 ) - return( PSA_ERROR_BAD_STATE ); - /* Make sure that alg is a supported key derivation algorithm. - * Key agreement algorithms and key selection algorithms are not - * supported by this function. */ + /* Make sure that kdf_alg is a supported key derivation algorithm. */ #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HKDF( alg ) || - PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) + if( PSA_ALG_IS_HKDF( kdf_alg ) || + PSA_ALG_IS_TLS12_PRF( kdf_alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); size_t hash_size = PSA_HASH_SIZE( hash_alg ); if( hash_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); - if( ( PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) && + if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) && ! ( hash_alg == PSA_ALG_SHA_256 && hash_alg == PSA_ALG_SHA_384 ) ) { return( PSA_ERROR_NOT_SUPPORTED ); } generator->capacity = 255 * hash_size; + return( PSA_SUCCESS ); } #endif /* MBEDTLS_MD_C */ - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) + else return( PSA_ERROR_NOT_SUPPORTED ); +} + +psa_status_t psa_key_derivation_setup( psa_crypto_generator_t *generator, + psa_algorithm_t alg ) +{ + psa_status_t status; + + if( generator->alg != 0 ) + return( PSA_ERROR_BAD_STATE ); + + if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + { + psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); + if( kdf_alg == PSA_ALG_SELECT_RAW ) + { + /* It's too early to set the generator's capacity since it + * depends on the key size for the key agreement. */ + status = PSA_SUCCESS; + } + else + { + status = psa_key_derivation_setup_kdf( generator, kdf_alg ); + } + } + else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) + { + status = psa_key_derivation_setup_kdf( generator, alg ); + } else return( PSA_ERROR_INVALID_ARGUMENT ); - generator->alg = alg; - return( PSA_SUCCESS ); + + if( status == PSA_SUCCESS ) + generator->alg = alg; + return( status ); } #if defined(MBEDTLS_MD_C) @@ -4135,27 +4175,40 @@ static psa_status_t psa_key_derivation_input_raw( size_t data_length ) { psa_status_t status; + psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); + if( kdf_alg == PSA_ALG_SELECT_RAW ) + { + if( generator->capacity != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + generator->ctx.buffer.data = mbedtls_calloc( 1, data_length ); + if( generator->ctx.buffer.data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( generator->ctx.buffer.data, data, data_length ); + generator->ctx.buffer.size = data_length; + generator->capacity = data_length; + status = PSA_SUCCESS; + } + else #if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HKDF( generator->alg ) ) + if( PSA_ALG_IS_HKDF( kdf_alg ) ) { status = psa_hkdf_input( &generator->ctx.hkdf, - PSA_ALG_HKDF_GET_HASH( generator->alg ), + PSA_ALG_HKDF_GET_HASH( kdf_alg ), step, data, data_length ); } + else #endif /* MBEDTLS_MD_C */ - #if defined(MBEDTLS_MD_C) /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ - else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) ) + if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { // TODO status = PSA_ERROR_NOT_SUPPORTED; } else #endif /* MBEDTLS_MD_C */ - { /* This can't happen unless the generator object was not initialized */ return( PSA_ERROR_BAD_STATE ); @@ -4277,10 +4330,10 @@ exit: * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, psa_key_slot_t *private_key, const uint8_t *peer_key, - size_t peer_key_length, - psa_algorithm_t alg ) + size_t peer_key_length ) { psa_status_t status; uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; @@ -4288,7 +4341,7 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato /* Step 1: run the secret agreement algorithm to generate the shared * secret. */ - switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ) ) + switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( generator->alg ) ) { #if defined(MBEDTLS_ECDH_C) case PSA_ALG_ECDH_BASE: @@ -4312,34 +4365,31 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato /* Step 2: set up the key derivation to generate key material from * the shared secret. */ - status = psa_key_derivation_internal( generator, - shared_secret, shared_secret_length, - PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ), - NULL, 0, NULL, 0, - PSA_GENERATOR_UNBRIDLED_CAPACITY ); + status = psa_key_derivation_input_raw( generator, step, + shared_secret, shared_secret_length ); + exit: mbedtls_platform_zeroize( shared_secret, shared_secret_length ); return( status ); } psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, + psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, - size_t peer_key_length, - psa_algorithm_t alg ) + size_t peer_key_length ) { psa_key_slot_t *slot; psa_status_t status; - if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + if( ! PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_from_slot( private_key, &slot, - PSA_KEY_USAGE_DERIVE, alg ); + PSA_KEY_USAGE_DERIVE, generator->alg ); if( status != PSA_SUCCESS ) return( status ); - status = psa_key_agreement_internal( generator, + status = psa_key_agreement_internal( generator, step, slot, - peer_key, peer_key_length, - alg ); + peer_key, peer_key_length ); if( status != PSA_SUCCESS ) psa_generator_abort( generator ); return( status ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9b8e01c23..f90a7b3ae 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -405,8 +405,7 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, - psa_key_handle_t handle, - psa_algorithm_t alg ) + psa_key_handle_t handle ) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -428,9 +427,8 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, public_key, public_key_length, &public_key_length ) ); - status = psa_key_agreement( generator, handle, - public_key, public_key_length, - alg ); + status = psa_key_agreement( generator, PSA_KDF_STEP_SECRET, handle, + public_key, public_key_length ); exit: mbedtls_free( public_key ); return( status ); @@ -448,7 +446,8 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( key_agreement_with_self( &generator, handle, alg ) ); + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + PSA_ASSERT( key_agreement_with_self( &generator, handle ) ); PSA_ASSERT( psa_generator_read( &generator, output, sizeof( output ) ) ); @@ -1791,7 +1790,8 @@ void agreement_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( handle, key_type, key_data->x, key_data->len ) ); - status = key_agreement_with_self( &generator, handle, exercise_alg ); + PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); + status = key_agreement_with_self( &generator, handle ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) @@ -3848,10 +3848,10 @@ void key_agreement_setup( int alg_arg, our_key_data->x, our_key_data->len ) ); - TEST_EQUAL( psa_key_agreement( &generator, + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + TEST_EQUAL( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, - peer_key_data->x, peer_key_data->len, - alg ), + peer_key_data->x, peer_key_data->len ), expected_status_arg ); exit: @@ -3887,10 +3887,10 @@ void key_agreement_capacity( int alg_arg, our_key_data->x, our_key_data->len ) ); - PSA_ASSERT( psa_key_agreement( &generator, + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, - peer_key_data->x, peer_key_data->len, - alg ) ); + peer_key_data->x, peer_key_data->len ) ); /* Test the advertized capacity. */ PSA_ASSERT( psa_get_generator_capacity( @@ -3944,10 +3944,10 @@ void key_agreement_output( int alg_arg, our_key_data->x, our_key_data->len ) ); - PSA_ASSERT( psa_key_agreement( &generator, + PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); + PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, - peer_key_data->x, peer_key_data->len, - alg ) ); + peer_key_data->x, peer_key_data->len ) ); PSA_ASSERT( psa_generator_read( &generator, actual_output, From 5dcd3ce598da5c1e488e0fd4b5b5e202a7e85132 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 18 Jan 2019 16:41:31 +0100 Subject: [PATCH 0945/2197] Remove psa_key_derivation from the official API Keep it defined as an implementation-specific extension until the tests are updated. --- include/psa/crypto.h | 53 ------------------------------------ include/psa/crypto_extra.h | 56 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 53 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2217b95ed..0e842e5cb 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2231,59 +2231,6 @@ psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, psa_key_derivation_step_t step, psa_key_handle_t handle); -/** Set up a key derivation operation. - * - * A key derivation algorithm takes three inputs: a secret input \p key and - * two non-secret inputs \p label and p salt. - * The result of this function is a byte generator which can - * be used to produce keys and other cryptographic material. - * - * The role of \p label and \p salt is as follows: - * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step - * and \p label is the info string used in the "expand" step. - * - * \param[in,out] generator The generator object to set up. It must have - * been initialized as per the documentation for - * #psa_crypto_generator_t and not yet in use. - * \param handle Handle to the secret key. - * \param alg The key derivation algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). - * \param[in] salt Salt to use. - * \param salt_length Size of the \p salt buffer in bytes. - * \param[in] label Label to use. - * \param label_length Size of the \p label buffer in bytes. - * \param capacity The maximum number of bytes that the - * generator will be able to provide. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg, - * or \p capacity is too large for the specified algorithm and key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, - psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length, - size_t capacity); - /** Perform a key agreement and use the shared secret as input to a key * derivation. * diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 7f0885794..7d89fbfe0 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -120,6 +120,62 @@ void mbedtls_psa_crypto_free( void ); psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, size_t seed_size); +/** Set up a key derivation operation. + * + * FIMXE This function is no longer part of the official API. Its prototype + * is only kept around for the sake of tests that haven't been updated yet. + * + * A key derivation algorithm takes three inputs: a secret input \p key and + * two non-secret inputs \p label and p salt. + * The result of this function is a byte generator which can + * be used to produce keys and other cryptographic material. + * + * The role of \p label and \p salt is as follows: + * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step + * and \p label is the info string used in the "expand" step. + * + * \param[in,out] generator The generator object to set up. It must have + * been initialized as per the documentation for + * #psa_crypto_generator_t and not yet in use. + * \param handle Handle to the secret key. + * \param alg The key derivation algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). + * \param[in] salt Salt to use. + * \param salt_length Size of the \p salt buffer in bytes. + * \param[in] label Label to use. + * \param label_length Size of the \p label buffer in bytes. + * \param capacity The maximum number of bytes that the + * generator will be able to provide. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c key is not compatible with \c alg, + * or \p capacity is too large for the specified algorithm and key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, + psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length, + size_t capacity); + #ifdef __cplusplus } From 769c7a66ac0487a5f06afd0e5c48838df5510822 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 18 Jan 2019 16:42:29 +0100 Subject: [PATCH 0946/2197] New function to get the raw shared secret from key agreement The normal way is to pass the shared secret to a key derivation. Having an ad hoc function will allow us to simplify the possible behaviors of key agreement and get rid of "key selection" algorithms which are a hard-to-understand invention of this API. --- include/psa/crypto.h | 52 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0e842e5cb..7180d73b9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2279,6 +2279,58 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, const uint8_t *peer_key, size_t peer_key_length); +/** Perform a key agreement and use the shared secret as input to a key + * derivation. + * + * A key agreement algorithm takes two inputs: a private key \p private_key + * a public key \p peer_key. + * + * \warning The raw result of a key agreement algorithm such as finite-field + * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should + * not be used directly as key material. It should instead be passed as + * input to a key derivation algorithm. To chain a key agreement with + * a key derivation, use psa_key_agreement() and other functions from + * the key derivation and generator interface. + * + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. It must be + * in the same format that psa_import_key() + * accepts. The standard formats for public + * keys are documented in the documentation + * of psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * \param[out] output Buffer where the decrypted message is to + * be written. + * \param output_size Size of the \c output buffer in bytes. + * \param[out] output_length On success, the number of bytes + * that make up the returned output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a key agreement algorithm + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p private_key is not compatible with \p alg, + * or \p peer_key is not valid for \p alg or not compatible with + * \p private_key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not a supported key agreement algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_key_agreement_raw_shared_secret(psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + /**@}*/ /** \defgroup random Random generation From 6843c2971312ed506b41ed6d08a8101fb5a42179 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 18 Jan 2019 16:44:49 +0100 Subject: [PATCH 0947/2197] Simplify the encoding of key agreement algorithms Get rid of "key selection" algorithms (of which there was only one: raw key selection). Encode key agreement by combining a raw key agreement with a KDF, rather than passing the KDF as an argument of a key agreement macro. --- include/psa/crypto.h | 8 +- include/psa/crypto_extra.h | 2 + include/psa/crypto_values.h | 91 ++++++++----------- library/psa_crypto.c | 17 +--- tests/suites/test_suite_psa_crypto.data | 50 +++++----- .../test_suite_psa_crypto_metadata.data | 11 +-- .../test_suite_psa_crypto_metadata.function | 64 ++++--------- 7 files changed, 96 insertions(+), 147 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7180d73b9..0be8e51b7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2243,9 +2243,11 @@ psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, * \param[in,out] generator The generator object to use. It must * have been set up with * psa_key_derivation_setup() with a - * key agreement algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). + * key agreement and derivation algorithm + * \c alg (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true + * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) + * is false). * The generator must be ready for an * input of the type given by \p step. * \param step Which step the input data is for. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 7d89fbfe0..a0eac4dbc 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -176,6 +176,8 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, size_t label_length, size_t capacity); +/* FIXME Deprecated. Remove this as soon as all the tests are updated. */ +#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) #ifdef __cplusplus } diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c799081d8..4549fff86 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -531,9 +531,8 @@ #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000) #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000) #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000) -#define PSA_ALG_CATEGORY_KEY_SELECTION ((psa_algorithm_t)0x31000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) #define PSA_ALG_IS_VENDOR_DEFINED(alg) \ (((alg) & PSA_ALG_VENDOR_FLAG) != 0) @@ -1099,7 +1098,7 @@ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) -#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100) +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x20000100) /** Macro to build an HKDF algorithm. * * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. @@ -1138,7 +1137,7 @@ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x20000200) /** Macro to build a TLS-1.2 PRF algorithm. * * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, @@ -1177,7 +1176,7 @@ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x20000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. * * In a pure-PSK handshake in TLS 1.2, the master secret is derived @@ -1217,51 +1216,48 @@ #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x080fffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10f00000) -/** Use a shared secret as is. +/** Macro to build a combined algorithm that chains a key agreement with + * a key derivation. * - * Specify this algorithm as the selection component of a key agreement - * to use the raw result of the key agreement as key material. + * \param ka_alg A key agreement algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_AGREEMENT(\p ka_alg) is true). + * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such + * that #PSA_ALG_IS_KEY_DERIVATION(\p kdf_alg) is true). * - * \warning The raw result of a key agreement algorithm such as finite-field - * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should - * not be used directly as key material. It can however be used as the secret - * input in a key derivation algorithm. + * \return The corresponding key agreement and derivation + * algorithm. + * \return Unspecified if \p ka_alg is not a supported + * key agreement algorithm or \p kdf_alg is not a + * supported key derivation algorithm. */ -#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) +#define PSA_ALG_KEY_AGREEMENT(ka_alg, kdf_alg) \ + ((ka_alg) | (kdf_alg)) #define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \ (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION) -#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ - ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK) +#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ + (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) -#define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000) -/** The Diffie-Hellman key agreement algorithm. - * - * This algorithm combines the finite-field Diffie-Hellman (DH) key - * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement, - * to produce a shared secret from a private key and the peer's - * public key, with a key selection or key derivation algorithm to produce - * one or more shared keys and other shared cryptographic material. +#define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ + (PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) + +#define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ + ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) + +/** The finite-field Diffie-Hellman (DH) key agreement algorithm. * * The shared secret produced by key agreement and passed as input to the * derivation or selection algorithm \p kdf_alg is the shared secret * `g^{ab}` in big-endian format. * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. - * - * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) - * or a key selection algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). - * - * \return The Diffie-Hellman algorithm with the specified - * selection or derivation algorithm. */ -#define PSA_ALG_FFDH(kdf_alg) \ - (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) +#define PSA_ALG_FFDH ((psa_algorithm_t)0x30100000) + /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * * This includes every supported key selection or key agreement algorithm @@ -1274,18 +1270,11 @@ * key agreement algorithm identifier. */ #define PSA_ALG_IS_FFDH(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE) + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH) -#define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000) /** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm. * - * This algorithm combines the elliptic curve Diffie-Hellman key - * agreement to produce a shared secret from a private key and the peer's - * public key, with a key selection or key derivation algorithm to produce - * one or more shared keys and other shared cryptographic material. - * - * The shared secret produced by key agreement and passed as input to the - * derivation or selection algorithm \p kdf_alg is the x-coordinate of + * The shared secret produced by key agreement is the x-coordinate of * the shared secret point. It is always `ceiling(m / 8)` bytes long where * `m` is the bit size associated with the curve, i.e. the bit size of the * order of the curve's coordinate field. When `m` is not a multiple of 8, @@ -1307,17 +1296,9 @@ * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A` * in big-endian byte order. * The bit size is `m` for the field `F_{2^m}`. - * - * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) - * or a selection algorithm (\c PSA_ALG_XXX value such - * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true). - * - * \return The Diffie-Hellman algorithm with the specified - * selection or derivation algorithm. */ -#define PSA_ALG_ECDH(kdf_alg) \ - (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK)) +#define PSA_ALG_ECDH ((psa_algorithm_t)0x30200000) + /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. * @@ -1332,7 +1313,7 @@ * key agreement algorithm identifier. */ #define PSA_ALG_IS_ECDH(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) + (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH) /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d616c14f6..0e7ddacc1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4067,19 +4067,12 @@ psa_status_t psa_key_derivation_setup( psa_crypto_generator_t *generator, if( generator->alg != 0 ) return( PSA_ERROR_BAD_STATE ); - if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) { psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); - if( kdf_alg == PSA_ALG_SELECT_RAW ) - { - /* It's too early to set the generator's capacity since it - * depends on the key size for the key agreement. */ - status = PSA_SUCCESS; - } - else - { - status = psa_key_derivation_setup_kdf( generator, kdf_alg ); - } + status = psa_key_derivation_setup_kdf( generator, kdf_alg ); } else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) { @@ -4344,7 +4337,7 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( generator->alg ) ) { #if defined(MBEDTLS_ECDH_C) - case PSA_ALG_ECDH_BASE: + case PSA_ALG_ECDH: if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_key_agreement_ecdh( peer_key, peer_key_length, diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa0a89052..be93c3e3e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -461,15 +461,15 @@ derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KE PSA key policy: agreement, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH PSA key policy: agreement, not permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) +agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH PSA key policy: agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH Hash operation object initializers zero properly hash_operation_init: @@ -1132,7 +1132,7 @@ import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17 PSA import/exercise: ECP SECP256R1 keypair, ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1647,19 +1647,19 @@ derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key agreement setup: ECDH, raw: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH, raw: public key on different curve depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, raw: public key instead of private key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, 0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: not a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C @@ -1667,71 +1667,71 @@ key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 with ECDH-only public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3057301106052b8104010c06082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3057301106052b8104010c06082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b61d8e1aa..234234323 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -242,24 +242,21 @@ Key derivation: HKDF using SHA-256 depends_on:MBEDTLS_SHA256_C key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF -Key selection: raw -key_selection_algorithm:PSA_ALG_SELECT_RAW:0 - Key agreement: FFDH, raw output depends_on:MBEDTLS_DHM_C -key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_SELECT_RAW ):ALG_IS_FFDH:PSA_ALG_SELECT_RAW +key_agreement_algorithm:PSA_ALG_FFDH:ALG_IS_FFDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_FFDH:PSA_ALG_CATEGORY_KEY_DERIVATION Key agreement: FFDH, HKDF using SHA-256 depends_on:MBEDTLS_DHM_C -key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) +key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) Key agreement: ECDH, raw output depends_on:MBEDTLS_ECDH_C -key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ):ALG_IS_ECDH:PSA_ALG_SELECT_RAW +key_agreement_algorithm:PSA_ALG_ECDH:ALG_IS_ECDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_ECDH:PSA_ALG_CATEGORY_KEY_DERIVATION Key agreement: ECDH, HKDF using SHA-256 depends_on:MBEDTLS_ECDH_C -key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) +key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) Key type: raw data key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 94e6f6cb7..c0c509989 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -31,8 +31,9 @@ #define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 ) #define ALG_IS_RSA_OAEP ( 1u << 14 ) #define ALG_IS_HKDF ( 1u << 15 ) -#define ALG_IS_FFDH ( 1u << 16 ) -#define ALG_IS_ECDH ( 1u << 17 ) +#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 16 ) +#define ALG_IS_FFDH ( 1u << 18 ) +#define ALG_IS_ECDH ( 1u << 19 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -69,6 +70,9 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_RAW_KEY_AGREEMENT, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_ECDH, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_FFDH, alg, flags ); exit: ; } @@ -109,7 +113,6 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); /* Length */ @@ -130,7 +133,6 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); /* Tag length */ @@ -170,7 +172,6 @@ void hash_algorithm( int alg_arg, int length_arg ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, 0 ); /* Dependent algorithms */ @@ -267,7 +268,6 @@ void cipher_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -316,7 +316,6 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -335,7 +334,6 @@ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); } /* END_CASE */ @@ -344,6 +342,8 @@ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) void key_derivation_algorithm( int alg_arg, int classification_flags ) { psa_algorithm_t alg = alg_arg; + psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, alg ); + psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, alg ); /* Algorithm classification */ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); @@ -354,49 +354,25 @@ void key_derivation_algorithm( int alg_arg, int classification_flags ) TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); /* Check combinations with key agreements */ - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void key_selection_algorithm( int alg_arg, int classification_flags ) -{ - psa_algorithm_t alg = alg_arg; - - /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_SELECTION( alg ) ); - algorithm_classification( alg, classification_flags ); - - /* Check combinations with key agreements */ - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg ); + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ecdh_alg ) ); + TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ffdh_alg ) ); + TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ecdh_alg ), alg ); + TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ffdh_alg ), alg ); } /* END_CASE */ /* BEGIN_CASE */ void key_agreement_algorithm( int alg_arg, int classification_flags, - int post_alg_arg ) + int ka_alg_arg, int kdf_alg_arg ) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t actual_post_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); - psa_algorithm_t expected_post_alg = post_alg_arg; + psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ); + psa_algorithm_t expected_ka_alg = ka_alg_arg; + psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); + psa_algorithm_t expected_kdf_alg = kdf_alg_arg; /* Algorithm classification */ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); @@ -407,13 +383,11 @@ void key_agreement_algorithm( int alg_arg, int classification_flags, TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) ); algorithm_classification( alg, classification_flags ); /* Shared secret derivation properties */ - TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( actual_post_alg ) || - PSA_ALG_IS_KEY_SELECTION( actual_post_alg ) ); - TEST_EQUAL( actual_post_alg, expected_post_alg ); + TEST_EQUAL( actual_ka_alg, expected_ka_alg ); + TEST_EQUAL( actual_kdf_alg, expected_kdf_alg ); } /* END_CASE */ From ebb2c3e419911c353c731097f1aba3538cd324b9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 19 Jan 2019 12:03:41 +0100 Subject: [PATCH 0948/2197] New function psa_hash_clone Clone a hash operation. Test good cases as part as multipart tests. Add new test functions for the state machine. --- include/psa/crypto.h | 18 ++++ library/psa_crypto.c | 61 +++++++++++++ tests/suites/test_suite_psa_crypto.data | 6 ++ tests/suites/test_suite_psa_crypto.function | 86 +++++++++++++++++++ .../test_suite_psa_crypto_hash.function | 10 ++- 5 files changed, 180 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83f..e639906d4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -921,6 +921,24 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, */ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); +/** Clone a hash operation. + * + * \param[in] source_operation The active hash operation to clone. + * \param[in,out] target_operation The operation object to set up. + * It must be initialized but not active. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * \p source_operation is not an active hash operation. + * \retval #PSA_ERROR_BAD_STATE + * \p source_operation is active. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation); + /**@}*/ /** \defgroup MAC Message authentication codes diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..1dda49bb4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1421,6 +1421,67 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, return( PSA_SUCCESS ); } +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation) +{ + if( target_operation->alg != 0 ) + return( PSA_ERROR_BAD_STATE ); + + switch( source_operation->alg ) + { + case 0: + return( PSA_ERROR_BAD_STATE ); +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + mbedtls_md2_clone( &target_operation->ctx.md2, + &source_operation->ctx.md2 ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + mbedtls_md4_clone( &target_operation->ctx.md4, + &source_operation->ctx.md4 ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + mbedtls_md5_clone( &target_operation->ctx.md5, + &source_operation->ctx.md5 ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, + &source_operation->ctx.ripemd160 ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + mbedtls_sha1_clone( &target_operation->ctx.sha1, + &source_operation->ctx.sha1 ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + case PSA_ALG_SHA_256: + mbedtls_sha256_clone( &target_operation->ctx.sha256, + &source_operation->ctx.sha256 ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_384: + case PSA_ALG_SHA_512: + mbedtls_sha512_clone( &target_operation->ctx.sha512, + &source_operation->ctx.sha512 ); + break; +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + + target_operation->alg = source_operation->alg; + return( PSA_SUCCESS ); +} /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa0a89052..4df20fd68 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -527,6 +527,12 @@ hash_verify_bad_args: PSA hash finish: bad arguments hash_finish_bad_args: +PSA hash clone: source state +hash_clone_source_state: + +PSA hash clone: target state +hash_clone_target_state: + MAC operation object initializers zero properly mac_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6916bf42e..3865d9007 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1924,6 +1924,92 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ +void hash_clone_source_state( ) +{ + psa_algorithm_t alg = PSA_ALG_SHA_256; + unsigned char hash[PSA_HASH_MAX_SIZE]; + psa_hash_operation_t op_source = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT; + size_t hash_len; + + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_hash_setup( &op_source, alg ) ); + + PSA_ASSERT( psa_hash_setup( &op_setup, alg ) ); + PSA_ASSERT( psa_hash_setup( &op_finished, alg ) ); + PSA_ASSERT( psa_hash_finish( &op_finished, + hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) ); + PSA_ASSERT( psa_hash_abort( &op_aborted ) ); + + TEST_EQUAL( psa_hash_clone( &op_source, &op_setup ), + PSA_ERROR_BAD_STATE ); + + PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) ); + PSA_ASSERT( psa_hash_finish( &op_init, + hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) ); + PSA_ASSERT( psa_hash_finish( &op_finished, + hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT( psa_hash_clone( &op_source, &op_aborted ) ); + PSA_ASSERT( psa_hash_finish( &op_aborted, + hash, sizeof( hash ), &hash_len ) ); + +exit: + psa_hash_abort( &op_source ); + psa_hash_abort( &op_init ); + psa_hash_abort( &op_setup ); + psa_hash_abort( &op_finished ); + psa_hash_abort( &op_aborted ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ +void hash_clone_target_state( ) +{ + psa_algorithm_t alg = PSA_ALG_SHA_256; + unsigned char hash[PSA_HASH_MAX_SIZE]; + psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT; + size_t hash_len; + + PSA_ASSERT( psa_crypto_init( ) ); + + PSA_ASSERT( psa_hash_setup( &op_setup, alg ) ); + PSA_ASSERT( psa_hash_setup( &op_finished, alg ) ); + PSA_ASSERT( psa_hash_finish( &op_finished, + hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) ); + PSA_ASSERT( psa_hash_abort( &op_aborted ) ); + + PSA_ASSERT( psa_hash_clone( &op_setup, &op_target ) ); + PSA_ASSERT( psa_hash_finish( &op_target, + hash, sizeof( hash ), &hash_len ) ); + + TEST_EQUAL( psa_hash_clone( &op_init, &op_target ), PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_hash_clone( &op_finished, &op_target ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_hash_clone( &op_aborted, &op_target ), + PSA_ERROR_BAD_STATE ); + +exit: + psa_hash_abort( &op_target ); + psa_hash_abort( &op_init ); + psa_hash_abort( &op_setup ); + psa_hash_abort( &op_finished ); + psa_hash_abort( &op_aborted ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_operation_init( ) { diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index bdb2f98f1..8abd4e228 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -67,6 +67,7 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT; uint32_t len = 0; PSA_ASSERT( psa_crypto_init( ) ); @@ -78,16 +79,23 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) PSA_ASSERT( psa_hash_update( &operation, input->x, len ) ); + PSA_ASSERT( psa_hash_clone( &operation, &operation2 ) ); PSA_ASSERT( psa_hash_update( &operation, input->x + len, input->len - len ) ); + PSA_ASSERT( psa_hash_update( &operation2, + input->x + len, input->len - len ) ); PSA_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, actual_hash, actual_hash_length ); + PSA_ASSERT( psa_hash_finish( &operation2, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ) ); + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); } while( len++ != input->len ); exit: From d40c1fbd50858c92380229efac2491fda9d35e81 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 19 Jan 2019 12:20:52 +0100 Subject: [PATCH 0949/2197] Don't require a type and size when creating a key slot Remove the type and bits arguments to psa_allocate_key() and psa_create_key(). They can be useful if the implementation wants to know exactly how much space to allocate for the slot, but many implementations (including ours) don't care, and it's possible to work around their lack by deferring size-dependent actions to the time when the key material is created. They are a burden to applications and make the API more complex, and the benefits aren't worth it. Change the API and adapt the implementation, the units test and the sample code accordingly. --- include/psa/crypto.h | 45 +--- library/psa_crypto_slot_management.c | 13 +- programs/psa/crypto_examples.c | 6 +- programs/psa/key_ladder_demo.c | 15 +- tests/suites/test_suite_psa_crypto.function | 199 +++++------------- ...t_suite_psa_crypto_persistent_key.function | 10 - ...test_suite_psa_crypto_slot_management.data | 46 ++-- ..._suite_psa_crypto_slot_management.function | 35 ++- 8 files changed, 104 insertions(+), 265 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83f..705462eda 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -124,14 +124,6 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, * application calls psa_close_key() or psa_destroy_key() or until the * application terminates. * - * This function takes a key type and maximum size as arguments so that - * the implementation can reserve a corresponding amount of memory. - * Implementations are not required to enforce this limit: if the application - * later tries to create a larger key or a key of a different type, it - * is implementation-defined whether this may succeed. - * - * \param type The type of key that the slot will contain. - * \param max_bits The maximum key size that the slot will contain. * \param[out] handle On success, a handle to a volatile key slot. * * \retval #PSA_SUCCESS @@ -140,13 +132,8 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * There was not enough memory, or the maximum number of key slots * has been reached. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * This implementation does not support this key type. */ - -psa_status_t psa_allocate_key(psa_key_type_t type, - size_t max_bits, - psa_key_handle_t *handle); +psa_status_t psa_allocate_key(psa_key_handle_t *handle); /** Open a handle to an existing persistent key. * @@ -192,8 +179,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime, * area where the key material is stored. This must not * be #PSA_KEY_LIFETIME_VOLATILE. * \param id The persistent identifier of the key. - * \param type The type of key that the slot will contain. - * \param max_bits The maximum key size that the slot will contain. * \param[out] handle On success, a handle to the newly created key slot. * When key material is later created in this key slot, * it will be saved to the specified persistent location. @@ -218,8 +203,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime, */ psa_status_t psa_create_key(psa_key_lifetime_t lifetime, psa_key_id_t id, - psa_key_type_t type, - size_t max_bits, psa_key_handle_t *handle); /** Close a key handle. @@ -261,11 +244,9 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * according to a different format. * * \param handle Handle to the slot where the key will be stored. - * This must be a valid slot for a key of the chosen - * type: it must have been obtained by calling - * psa_allocate_key() or psa_create_key() with the - * correct \p type and with a maximum size that is - * compatible with \p data. + * It must have been obtained by calling + * psa_allocate_key() or psa_create_key() and must + * not contain key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). On a successful * import, the key slot will contain a key of this type. * \param[in] data Buffer containing the key data. The content of this @@ -2005,12 +1986,9 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * the key material is not exposed outside the isolation boundary. * * \param handle Handle to the slot where the key will be stored. - * This must be a valid slot for a key of the chosen - * type: it must have been obtained by calling - * psa_allocate_key() or psa_create_key() with the - * correct \p type and with a maximum size that is - * compatible with \p bits. - * It must not contain any key material yet. + * It must have been obtained by calling + * psa_allocate_key() or psa_create_key() and must + * not contain key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * This must be a symmetric key type. * \param bits Key size in bits. @@ -2232,12 +2210,9 @@ typedef struct { * \brief Generate a key or key pair. * * \param handle Handle to the slot where the key will be stored. - * This must be a valid slot for a key of the chosen - * type: it must have been obtained by calling - * psa_allocate_key() or psa_create_key() with the - * correct \p type and with a maximum size that is - * compatible with \p bits. - * It must not contain any key material yet. + * It must have been obtained by calling + * psa_allocate_key() or psa_create_key() and must + * not contain key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). * \param bits Key size in bits. * \param[in] extra Extra parameters for key generation. The diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0b4399f5e..b530ee5a7 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -142,13 +142,8 @@ static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) return( psa_wipe_key_slot( slot ) ); } -psa_status_t psa_allocate_key( psa_key_type_t type, - size_t max_bits, - psa_key_handle_t *handle ) +psa_status_t psa_allocate_key( psa_key_handle_t *handle ) { - /* This implementation doesn't reserve memory for the keys. */ - (void) type; - (void) max_bits; *handle = 0; return( psa_internal_allocate_key_slot( handle ) ); } @@ -259,16 +254,10 @@ psa_status_t psa_open_key( psa_key_lifetime_t lifetime, psa_status_t psa_create_key( psa_key_lifetime_t lifetime, psa_key_id_t id, - psa_key_type_t type, - size_t max_bits, psa_key_handle_t *handle ) { psa_status_t status; - /* This implementation doesn't reserve memory for the keys. */ - (void) type; - (void) max_bits; - status = persistent_key_setup( lifetime, id, handle, PSA_ERROR_EMPTY_SLOT ); switch( status ) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index db8546863..7291c34b0 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -176,7 +176,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle ); + status = psa_allocate_key( &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = set_key_policy( key_handle, @@ -226,7 +226,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle ); + status = psa_allocate_key( &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = set_key_policy( key_handle, @@ -275,7 +275,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle ); + status = psa_allocate_key( &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = set_key_policy( key_handle, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 66f66fc2e..45a9b6fe3 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -211,9 +211,7 @@ static psa_status_t generate( const char *key_file_name ) psa_key_handle_t key_handle = 0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), - &key_handle ) ); + PSA_CHECK( psa_allocate_key( &key_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, KDF_ALG ); @@ -263,9 +261,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, SYS_CHECK( fclose( key_file ) == 0 ); key_file = NULL; - PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_size ), - master_key_handle ) ); + PSA_CHECK( psa_allocate_key( master_key_handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) ); PSA_CHECK( psa_import_key( *master_key_handle, @@ -318,9 +314,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], * since it is no longer needed. */ PSA_CHECK( psa_close_key( *key_handle ) ); *key_handle = 0; - PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), - key_handle ) ); + PSA_CHECK( psa_allocate_key( key_handle ) ); PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) ); /* Use the generator obtained from the parent key to create * the next intermediate key. */ @@ -352,8 +346,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; *wrapping_key_handle = 0; - PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS, - wrapping_key_handle ) ); + PSA_CHECK( psa_allocate_key( wrapping_key_handle ) ); psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG ); PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6916bf42e..4891064f9 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -876,8 +876,7 @@ void import( data_t *data, int type, int expected_status_arg ) PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); status = psa_import_key( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) @@ -907,10 +906,7 @@ void import_twice( int alg_arg, int usage_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type1, - MAX( KEY_BITS_FROM_DATA( type1, data1 ), - KEY_BITS_FROM_DATA( type2, data2 ) ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -954,7 +950,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) length = ret; /* Try importing the key */ - PSA_ASSERT( psa_allocate_key( type, bits, &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); status = psa_import_key( handle, type, p, length ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) @@ -996,7 +992,7 @@ void import_export( data_t *data, ASSERT_ALLOC( reexported, export_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, usage_arg, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1042,7 +1038,7 @@ void import_export( data_t *data, else { psa_key_handle_t handle2; - PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) ); + PSA_ASSERT( psa_allocate_key( &handle2 ) ); PSA_ASSERT( psa_set_key_policy( handle2, &policy ) ); PSA_ASSERT( psa_import_key( handle2, type, @@ -1080,8 +1076,7 @@ void import_key_nonempty_slot( ) const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 }; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key */ PSA_ASSERT( psa_import_key( handle, type, @@ -1131,8 +1126,7 @@ void export_with_no_key_activity( ) PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1158,8 +1152,7 @@ void cipher_with_no_key_activity( ) PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0, - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1186,8 +1179,7 @@ void export_after_import_failure( data_t *data, int type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key - expect failure */ status = psa_import_key( handle, type, @@ -1218,8 +1210,7 @@ void cipher_after_import_failure( data_t *data, int type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key - expect failure */ status = psa_import_key( handle, type, @@ -1249,8 +1240,7 @@ void export_after_destroy_key( data_t *data, int type_arg ) PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); export_size = (ptrdiff_t) data->len; @@ -1297,8 +1287,7 @@ void import_export_public_key( data_t *data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1348,8 +1337,7 @@ void import_and_exercise_key( data_t *data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1389,8 +1377,7 @@ void key_policy( int usage_arg, int alg_arg ) PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy_set, usage, alg ); TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage ); @@ -1451,9 +1438,7 @@ void mac_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1497,9 +1482,7 @@ void cipher_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1551,9 +1534,7 @@ void aead_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1608,9 +1589,7 @@ void asymmetric_encryption_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1672,9 +1651,7 @@ void asymmetric_signature_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1721,9 +1698,7 @@ void derive_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1763,9 +1738,7 @@ void agreement_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -1965,8 +1938,7 @@ void mac_setup( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); @@ -2011,8 +1983,7 @@ void mac_sign( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2059,8 +2030,7 @@ void mac_verify( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2123,8 +2093,7 @@ void cipher_setup( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2166,8 +2135,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2233,8 +2201,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2303,8 +2270,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2375,8 +2341,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2443,8 +2408,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2528,8 +2492,7 @@ void cipher_verify_output_multipart( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2631,8 +2594,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); @@ -2697,8 +2659,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2747,8 +2708,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2807,9 +2767,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2863,9 +2821,7 @@ void sign_fail( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -2906,9 +2862,7 @@ void sign_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, alg ); @@ -2977,9 +2931,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3012,9 +2964,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3059,9 +3009,7 @@ void asymmetric_encrypt( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Import the key */ - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, key_type, @@ -3128,9 +3076,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); @@ -3198,9 +3144,7 @@ void asymmetric_decrypt( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3264,9 +3208,7 @@ void asymmetric_decrypt_fail( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - KEY_BITS_FROM_DATA( key_type, key_data ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3349,8 +3291,7 @@ void derive_setup( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3387,9 +3328,7 @@ void test_derive_invalid_generator_state( ) PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( key_type, - PSA_BYTES_TO_BITS( sizeof( key_data ) ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3484,9 +3423,7 @@ void derive_output( int alg_arg, ASSERT_ALLOC( output_buffer, output_buffer_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3564,9 +3501,7 @@ void derive_full( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -3636,9 +3571,7 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &base_handle ) ); + PSA_ASSERT( psa_allocate_key( &base_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, @@ -3650,8 +3583,7 @@ void derive_key_exercise( int alg_arg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_allocate_key( derived_type, derived_bits, - &derived_handle ) ); + PSA_ASSERT( psa_allocate_key( &derived_handle ) ); psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); PSA_ASSERT( psa_generator_import_key( derived_handle, @@ -3703,9 +3635,7 @@ void derive_key_export( int alg_arg, ASSERT_ALLOC( export_buffer, capacity ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( key_data->len ), - &base_handle ) ); + PSA_ASSERT( psa_allocate_key( &base_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, @@ -3727,8 +3657,7 @@ void derive_key_export( int alg_arg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits, - &derived_handle ) ); + PSA_ASSERT( psa_allocate_key( &derived_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); PSA_ASSERT( psa_generator_import_key( derived_handle, @@ -3740,9 +3669,7 @@ void derive_key_export( int alg_arg, &length ) ); TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, - PSA_BYTES_TO_BITS( bytes2 ), - &derived_handle ) ); + PSA_ASSERT( psa_allocate_key( &derived_handle ) ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); PSA_ASSERT( psa_generator_import_key( derived_handle, PSA_KEY_TYPE_RAW_DATA, @@ -3781,10 +3708,7 @@ void key_agreement_setup( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( our_key_type, - KEY_BITS_FROM_DATA( our_key_type, - our_key_data ), - &our_key ) ); + PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); PSA_ASSERT( psa_import_key( our_key, our_key_type, @@ -3820,10 +3744,7 @@ void key_agreement_capacity( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( our_key_type, - KEY_BITS_FROM_DATA( our_key_type, - our_key_data ), - &our_key ) ); + PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); PSA_ASSERT( psa_import_key( our_key, our_key_type, @@ -3877,10 +3798,7 @@ void key_agreement_output( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( our_key_type, - KEY_BITS_FROM_DATA( our_key_type, - our_key_data ), - &our_key ) ); + PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); PSA_ASSERT( psa_import_key( our_key, our_key_type, @@ -3986,7 +3904,7 @@ void generate_key( int type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( type, bits, &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -4042,7 +3960,6 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1, - type, bits, &handle ) ); psa_key_policy_set_usage( &policy_set, policy_usage, policy_alg ); @@ -4064,9 +3981,7 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, case DERIVE_KEY: /* Create base key */ - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE, - PSA_BYTES_TO_BITS( data->len ), - &base_key ) ); + PSA_ASSERT( psa_allocate_key( &base_key ) ); psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, base_policy_alg ); PSA_ASSERT( psa_set_key_policy( diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 939a37b56..e19ef2b9a 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -97,8 +97,6 @@ void save_large_persistent_key( int data_too_large, int expected_status ) PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - PSA_KEY_TYPE_RAW_DATA, - PSA_BYTES_TO_BITS( data_length ), &handle ) ); TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, @@ -125,8 +123,6 @@ void persistent_key_destroy( int key_id_arg, int should_store, PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - first_type, - PSA_BYTES_TO_BITS( first_data->len ), &handle ) ); if( should_store == 1 ) @@ -151,8 +147,6 @@ void persistent_key_destroy( int key_id_arg, int should_store, /* Create another key in the same slot */ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - second_type, - PSA_BYTES_TO_BITS( second_data->len ), &handle ) ); PSA_ASSERT( psa_import_key( handle, second_type, @@ -176,8 +170,6 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - type, - PSA_BYTES_TO_BITS( data->len ), &handle ) ); TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ), expected_status ); @@ -217,8 +209,6 @@ void import_export_persistent_key( data_t *data, int type_arg, PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - type, - PSA_BYTES_TO_BITS( data->len ), &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 39661b9ed..e8ec40c4c 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -1,41 +1,29 @@ Transient slot, check after closing -transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE Transient slot, check after destroying -transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY Transient slot, check after restart -transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot, check after closing -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE Persistent slot, check after destroying -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY Persistent slot, check after restart -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN -Attempt to overwrite: close before, same type -create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_BEFORE +Attempt to overwrite: close before +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE -Attempt to overwrite: close before, different type -depends_on:MBEDTLS_AES_C -create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_BEFORE +Attempt to overwrite: close after +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_AFTER -Attempt to overwrite: close after, same type -create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_AFTER - -Attempt to overwrite: close after, different type -depends_on:MBEDTLS_AES_C -create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_AFTER - -Attempt to overwrite: keep open, same type -create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:KEEP_OPEN - -Attempt to overwrite: keep open, different type -depends_on:MBEDTLS_AES_C -create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN +Attempt to overwrite: keep open +create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN Open failure: invalid identifier (0) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -56,18 +44,18 @@ Open failure: invalid lifetime open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT Create failure: volatile lifetime -create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid lifetime -create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid key id (0) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT Create failure: invalid key id (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT Open not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -75,7 +63,7 @@ open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED Create not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_NOT_SUPPORTED +create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 670c7404a..46fafcc1d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -65,15 +65,13 @@ static int psa_key_policy_equal( psa_key_policy_t *p1, */ /* BEGIN_CASE */ -void transient_slot_lifecycle( int type_arg, int max_bits_arg, - int alg_arg, int usage_arg, - data_t *key_data, +void transient_slot_lifecycle( int alg_arg, int usage_arg, + int type_arg, data_t *key_data, int close_method_arg ) { - psa_key_type_t type = type_arg; - size_t max_bits = max_bits_arg; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage_flags = usage_arg; + psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; psa_key_type_t read_type; psa_key_handle_t handle = 0; @@ -82,7 +80,7 @@ void transient_slot_lifecycle( int type_arg, int max_bits_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Get a handle and import a key. */ - PSA_ASSERT( psa_allocate_key( type, max_bits, &handle ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -116,17 +114,15 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, - int type_arg, int max_bits_arg, int alg_arg, int usage_arg, - data_t *key_data, + int type_arg, data_t *key_data, int close_method_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; - psa_key_type_t type = type_arg; - size_t max_bits = max_bits_arg; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage_flags = usage_arg; + psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; psa_key_type_t read_type; psa_key_handle_t handle = 0; @@ -137,7 +133,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Get a handle and import a key. */ - PSA_ASSERT( psa_create_key( lifetime, id, type, max_bits, &handle ) ); + PSA_ASSERT( psa_create_key( lifetime, id, &handle ) ); TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); @@ -194,7 +190,6 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void create_existent( int lifetime_arg, int id_arg, - int new_type_arg, int reopen_policy_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; @@ -203,7 +198,6 @@ void create_existent( int lifetime_arg, int id_arg, psa_key_policy_t policy1 = PSA_KEY_POLICY_INIT; psa_key_policy_t read_policy = PSA_KEY_POLICY_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; - psa_key_type_t type2 = new_type_arg; psa_key_type_t read_type; const uint8_t material1[16] = "test material #1"; size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) ); @@ -217,7 +211,7 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ - PSA_ASSERT( psa_create_key( lifetime, id, type1, bits1, &handle1 ) ); + PSA_ASSERT( psa_create_key( lifetime, id, &handle1 ) ); TEST_ASSERT( handle1 != 0 ); psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) ); @@ -228,7 +222,7 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_close_key( handle1 ) ); /* Attempt to create a new key in the same slot. */ - TEST_EQUAL( psa_create_key( lifetime, id, type2, bits1, &handle2 ), + TEST_EQUAL( psa_create_key( lifetime, id, &handle2 ), PSA_ERROR_OCCUPIED_SLOT ); TEST_EQUAL( handle2, 0 ); @@ -276,13 +270,10 @@ exit: /* BEGIN_CASE */ void create_fail( int lifetime_arg, int id_arg, - int type_arg, int max_bits_arg, int expected_status_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; - psa_key_type_t type = type_arg; - size_t max_bits = max_bits_arg; psa_status_t expected_status = expected_status_arg; psa_key_handle_t handle = 0xdead; @@ -290,7 +281,7 @@ void create_fail( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( psa_create_key( lifetime, id, type, max_bits, &handle ), + TEST_EQUAL( psa_create_key( lifetime, id, &handle ), expected_status ); TEST_EQUAL( handle, 0 ); @@ -314,7 +305,7 @@ void invalid_handle( ) PSA_ASSERT( psa_crypto_init( ) ); /* Allocate a handle and store a key in it. */ - PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 1, &handle1 ) ); + PSA_ASSERT( psa_allocate_key( &handle1 ) ); TEST_ASSERT( handle1 != 0 ); psa_key_policy_set_usage( &policy, 0, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy ) ); @@ -350,7 +341,6 @@ void many_transient_handles( int max_handles_arg ) psa_key_policy_t policy = PSA_KEY_POLICY_INIT; uint8_t exported[sizeof( size_t )]; size_t exported_length; - size_t max_bits = PSA_BITS_TO_BYTES( sizeof( exported ) ); ASSERT_ALLOC( handles, max_handles ); PSA_ASSERT( psa_crypto_init( ) ); @@ -358,8 +348,7 @@ void many_transient_handles( int max_handles_arg ) for( i = 0; i < max_handles; i++ ) { - status = psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, max_bits, - &handles[i] ); + status = psa_allocate_key( &handles[i] ); if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) break; PSA_ASSERT( status ); From b66c27b2c97ac222503fcdb867c0eecd417deae9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 16:02:15 +0100 Subject: [PATCH 0950/2197] New macro PSA_ALG_IS_HASH_AND_SIGN Test for a subclass of public-key algorithm: those that perform full-domain hashing, i.e. algorithms that can be broken down as sign(key, hash(message)). --- include/psa/crypto_values.h | 20 +++++++++++++++++-- .../test_suite_psa_crypto_metadata.data | 16 +++++++-------- .../test_suite_psa_crypto_metadata.function | 10 ++++++---- 3 files changed, 32 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 4d25835be..a4257da3d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1046,6 +1046,23 @@ #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +/** Whether the specified algorithm is a hash-and-sign algorithm. + * + * Hash-and-sign algorithms are public-key signature algorithms structured + * in two parts: first the calculation of a hash in a way that does not + * depend on the key, then the calculation of a signature from the + * hash value and the key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) + /** Get the hash used by a hash-and-sign signature algorithm. * * A hash-and-sign algorithm is a signature algorithm which is @@ -1065,8 +1082,7 @@ * if it is not supported by the implementation. */ #define PSA_ALG_SIGN_GET_HASH(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b61d8e1aa..5a94ed741 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -200,35 +200,35 @@ aead_algorithm:PSA_ALG_GCM:0:16 Asymmetric signature: RSA PKCS#1 v1.5 raw depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN +asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN Asymmetric signature: RSA PKCS#1 v1.5 SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN +asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN Asymmetric signature: RSA PSS SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS +asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256 depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA +asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC -asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC +asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN Asymmetric signature: randomized ECDSA (no hashing) depends_on:MBEDTLS_ECDSA_C -asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA +asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + randomized ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA +asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C -asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC +asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN Asymmetric encryption: RSA PKCS#1 v1.5 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 94e6f6cb7..83ac75e1e 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -29,10 +29,11 @@ #define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 ) #define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 ) #define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 ) -#define ALG_IS_RSA_OAEP ( 1u << 14 ) -#define ALG_IS_HKDF ( 1u << 15 ) -#define ALG_IS_FFDH ( 1u << 16 ) -#define ALG_IS_ECDH ( 1u << 17 ) +#define ALG_IS_HASH_AND_SIGN ( 1u << 14 ) +#define ALG_IS_RSA_OAEP ( 1u << 15 ) +#define ALG_IS_HKDF ( 1u << 16 ) +#define ALG_IS_FFDH ( 1u << 17 ) +#define ALG_IS_ECDH ( 1u << 18 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -67,6 +68,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags ); exit: ; From 0ce26e35d6c7c5048970504e38da0aee1a16e6e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Jan 2019 16:06:39 +0100 Subject: [PATCH 0951/2197] Add a hash wildcard value for hash-and-sign algorithm You can use PSA_ALG_ANY_HASH to build the algorithm value for a hash-and-sign algorithm in a policy. Then the policy allows usage with this hash-and-sign family with any hash. Test that PSA_ALG_ANY_HASH-based policies allow a specific hash, but not a different hash-and-sign family. Test that PSA_ALG_ANY_HASH is not valid for operations, only in policies. --- include/psa/crypto_values.h | 64 +++++++++++++++++++ library/psa_crypto.c | 27 +++++++- tests/suites/test_suite_psa_crypto.data | 50 ++++++++++++--- tests/suites/test_suite_psa_crypto.function | 18 ++++-- .../test_suite_psa_crypto_metadata.data | 24 +++++++ .../test_suite_psa_crypto_metadata.function | 13 ++++ 6 files changed, 180 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a4257da3d..f072487f2 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -641,6 +641,7 @@ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) + #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) @@ -667,6 +668,41 @@ /** SHA3-512 */ #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +/** Allow any hash algorithm. + * + * This value may only be used to form the algorithm usage field of a policy + * for a signature algorithm that is parametrized by a hash. That is, + * suppose that `PSA_xxx_SIGNATURE` is one of the following macros: + * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, + * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA, + * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. + * Then you may create a key as follows: + * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: + * ``` + * psa_key_policy_set_usage(&policy, + * PSA_KEY_USAGE_SIGN, //or PSA_KEY_USAGE_VERIFY + * PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); + * psa_set_key_policy(handle, &policy); + * ``` + * - Import or generate key material. + * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing + * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each + * call to sign or verify a message may use a different hash. + * ``` + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * ``` + * + * This value may not be used to build other algorithms that are + * parametrized over a hash. For any valid use of this macro to build + * an algorithm `\p alg`, #PSA_ALG_IS_HASH_AND_SIGN(\p alg) is true. + * + * This value may not be used to build an algorithm specification to + * perform an operation. It is only valid to build policies. + */ +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) + #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) /** Macro to build an HMAC algorithm. @@ -914,6 +950,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. * \return Unspecified if \p alg is not a supported @@ -943,6 +981,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PSS signature algorithm. * \return Unspecified if \p alg is not a supported @@ -961,6 +1001,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding DSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -996,6 +1038,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding ECDSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -1028,6 +1072,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding deterministic ECDSA signature * algorithm. @@ -1341,6 +1387,24 @@ #define PSA_ALG_IS_ECDH(alg) \ (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) +/** Whether the specified algorithm encoding is a wildcard. + * + * Wildcard values may only be used to set the usage algorithm field in + * a policy, not to perform an operation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a wildcard algorithm encoding. + * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for + * an operation). + * \return This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_WILDCARD(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ + (alg) == PSA_ALG_ANY_HASH) + /**@}*/ /** \defgroup key_lifetimes Key lifetimes diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd76b27b4..3a97f44b9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -713,6 +713,29 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, return( status ); } +/** Test whether a policy permits an algorithm. + * + * The caller must test usage flags separately. + */ +static int psa_key_policy_permits( const psa_key_policy_t *policy, + psa_algorithm_t alg ) +{ + /* Common case: the policy only allows alg. */ + if( alg == policy->alg ) + return( 1 ); + /* If policy->alg is a hash-and-sign with a wildcard for the hash, + * and alg is the same hash-and-sign family with any hash, + * then alg is compliant with policy->alg. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && + PSA_ALG_SIGN_GET_HASH( policy->alg ) == PSA_ALG_ANY_HASH ) + { + return( ( policy->alg & ~PSA_ALG_HASH_MASK ) == + ( alg & ~PSA_ALG_HASH_MASK ) ); + } + /* If it isn't permitted, it's forbidden. */ + return( 0 ); +} + /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ @@ -740,7 +763,9 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, usage &= ~PSA_KEY_USAGE_EXPORT; if( ( slot->policy.usage & usage ) != usage ) return( PSA_ERROR_NOT_PERMITTED ); - if( alg != 0 && ( alg != slot->policy.alg ) ) + + /* Enforce that the usage policy permits the requested algortihm. */ + if( alg != 0 && ! psa_key_policy_permits( &slot->policy, alg ) ) return( PSA_ERROR_NOT_PERMITTED ); *p_slot = slot; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa0a89052..ce13f9e06 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -417,23 +417,43 @@ asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_K PSA key policy: asymmetric signature, sign | verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 -PSA key policy: asymmetric signature, wrong algorithm +PSA key policy: asymmetric signature, wrong algorithm family depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224) +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 + +PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 + +PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 + +PSA key policy: asymmetric signature, wrong hash algorithm +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, sign but not verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, verify but not sign depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, neither sign nor verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW +asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: derive via HKDF, permitted depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -514,6 +534,10 @@ PSA hash setup: bad (unknown hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED +PSA hash setup: bad (wildcard instead of hash algorithm) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED + PSA hash setup: bad (not a hash algorithm) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT @@ -1150,6 +1174,12 @@ PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT +PSA sign: RSA PKCS#1 v1.5 raw, invalid hash (wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +# Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler +# to implement. +sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED + PSA sign: RSA PKCS#1 v1.5 raw, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT @@ -1162,10 +1192,14 @@ PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: deterministic ECDSA SECP256R1, invalid hash -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT + PSA sign: invalid key type, signing with a public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4891064f9..bc3d78878 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1639,13 +1639,19 @@ void asymmetric_signature_key_policy( int policy_usage, int policy_alg, int key_type, data_t *key_data, - int exercise_alg ) + int exercise_alg, + int payload_length_arg ) { psa_key_handle_t handle = 0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; - unsigned char payload[16] = {1}; - size_t payload_length = sizeof( payload ); + unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be + * compatible with the policy and `payload_length_arg` is supposed to be + * a valid input length to sign. If `payload_length_arg <= 0`, + * `exercise_alg` is supposed to be forbidden by the policy. */ + int compatible_alg = payload_length_arg > 0; + size_t payload_length = compatible_alg ? payload_length_arg : 0; unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; @@ -1662,8 +1668,7 @@ void asymmetric_signature_key_policy( int policy_usage, payload, payload_length, signature, sizeof( signature ), &signature_length ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) + if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) PSA_ASSERT( status ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -1672,8 +1677,7 @@ void asymmetric_signature_key_policy( int policy_usage, status = psa_asymmetric_verify( handle, exercise_alg, payload, payload_length, signature, sizeof( signature ) ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 5a94ed741..1e7a9960f 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -230,6 +230,30 @@ Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN +Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN + +Asymmetric signature: RSA PSS with wildcard hash +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS + +Asymmetric signature: randomized DSA with wildcard hash +depends_on:MBEDTLS_DSA_C +asymmetric_signature_wildcard:PSA_ALG_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA + +Asymmetric signature: deterministic DSA with wildcard hash +depends_on:MBEDTLS_DSA_C:MBEDTLS_DSA_DETERMINISTIC +asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC + +Asymmetric signature: randomized ECDSA with wildcard hash +depends_on:MBEDTLS_ECDSA_C +asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA + +Asymmetric signature: deterministic DSA with wildcard hash +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC +asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC + Asymmetric encryption: RSA PKCS#1 v1.5 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 83ac75e1e..01c8628ce 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -34,6 +34,7 @@ #define ALG_IS_HKDF ( 1u << 16 ) #define ALG_IS_FFDH ( 1u << 17 ) #define ALG_IS_ECDH ( 1u << 18 ) +#define ALG_IS_WILDCARD ( 1u << 19 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -71,6 +72,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_WILDCARD, alg, flags ); exit: ; } @@ -323,6 +325,17 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) } /* END_CASE */ +/* BEGIN_CASE */ +void asymmetric_signature_wildcard( int alg_arg, int classification_flags ) +{ + classification_flags |= ALG_IS_HASH_AND_SIGN | ALG_IS_WILDCARD; + test_asymmetric_signature_algorithm( alg_arg, classification_flags ); + /* Any failure of this test function comes from + * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */ + goto exit; +} +/* END_CASE */ + /* BEGIN_CASE */ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) { From 4cb9dde84a4b68c285a943010e96d087a070a5f4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 19 Jan 2019 13:40:11 +0100 Subject: [PATCH 0952/2197] New function psa_copy_key Copy a key from one slot to another. Implemented and smoke-tested. --- include/psa/crypto.h | 301 +++++++++++------- library/psa_crypto.c | 107 ++++++- ...test_suite_psa_crypto_slot_management.data | 12 + ..._suite_psa_crypto_slot_management.function | 109 +++++++ 4 files changed, 406 insertions(+), 123 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 705462eda..2af4032ef 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -93,6 +93,140 @@ psa_status_t psa_crypto_init(void); /**@}*/ +/** \defgroup policy Key policies + * @{ + */ + +/** The type of the key policy data structure. + * + * Before calling any function on a key policy, the application must initialize + * it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_policy_t policy; + * memset(&policy, 0, sizeof(policy)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_policy_t policy = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT, + * for example: + * \code + * psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + * \endcode + * - Assign the result of the function psa_key_policy_init() + * to the structure, for example: + * \code + * psa_key_policy_t policy; + * policy = psa_key_policy_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_key_policy_s psa_key_policy_t; + +/** \def PSA_KEY_POLICY_INIT + * + * This macro returns a suitable initializer for a key policy object of type + * #psa_key_policy_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_POLICY_INIT {0} +#endif + +/** Return an initial value for a key policy that forbids all usage of the key. + */ +static psa_key_policy_t psa_key_policy_init(void); + +/** \brief Set the standard fields of a policy structure. + * + * Note that this function does not make any consistency check of the + * parameters. The values are only checked when applying the policy to + * a key slot with psa_set_key_policy(). + * + * \param[in,out] policy The key policy to modify. It must have been + * initialized as per the documentation for + * #psa_key_policy_t. + * \param usage The permitted uses for the key. + * \param alg The algorithm that the key may be used for. + */ +void psa_key_policy_set_usage(psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg); + +/** \brief Retrieve the usage field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted uses for a key with this policy. + */ +psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); + +/** \brief Retrieve the algorithm field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted algorithm for a key with this policy. + */ +psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); + +/** \brief Set the usage policy on a key slot. + * + * This function must be called on an empty key slot, before importing, + * generating or creating a key in the slot. Changing the policy of an + * existing key is not permitted. + * + * Implementations may set restrictions on supported key policies + * depending on the key type and the key slot. + * + * \param handle Handle to the key whose policy is to be changed. + * \param[in] policy The policy object to query. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, it is implementation-defined whether + * the policy has been saved to persistent storage. Implementations + * may defer saving the policy until the key material is created. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_set_key_policy(psa_key_handle_t handle, + const psa_key_policy_t *policy); + +/** \brief Get the usage policy for a key slot. + * + * \param handle Handle to the key slot whose policy is being queried. + * \param[out] policy On success, the key's policy. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_policy(psa_key_handle_t handle, + psa_key_policy_t *policy); + +/**@}*/ + /** \defgroup key_management Key management * @{ */ @@ -545,139 +679,70 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, size_t data_size, size_t *data_length); -/**@}*/ - -/** \defgroup policy Key policies - * @{ - */ - -/** The type of the key policy data structure. +/** Make a copy of a key. * - * Before calling any function on a key policy, the application must initialize - * it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_key_policy_t policy; - * memset(&policy, 0, sizeof(policy)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_key_policy_t policy = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT, - * for example: - * \code - * psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - * \endcode - * - Assign the result of the function psa_key_policy_init() - * to the structure, for example: - * \code - * psa_key_policy_t policy; - * policy = psa_key_policy_init(); - * \endcode + * Copy key material from one location to another. * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_key_policy_s psa_key_policy_t; - -/** \def PSA_KEY_POLICY_INIT + * This function is primarily useful to copy a key from one lifetime + * to another. The target key retains its lifetime and location. * - * This macro returns a suitable initializer for a key policy object of type - * #psa_key_policy_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_POLICY_INIT {0} -#endif - -/** Return an initial value for a key policy that forbids all usage of the key. - */ -static psa_key_policy_t psa_key_policy_init(void); - -/** \brief Set the standard fields of a policy structure. + * In an implementation where slots have different ownerships, + * this functin may be used to share a key with a different party, + * subject to implementation-defined restrictions on key sharing. + * In this case \p constraint would typically prevent the recipient + * from exporting the key. * - * Note that this function does not make any consistency check of the - * parameters. The values are only checked when applying the policy to - * a key slot with psa_set_key_policy(). + * The resulting key may only be used in a way that conforms to all + * three of: the policy of the source key, the policy previously set + * on the target, and the \p constraint parameter passed when calling + * this function. + * - The usage flags on the resulting key are the bitwise-and of the + * usage flags on the source policy, the previously-set target policy + * and the policy constraint. + * - If all three policies allow the same algorithm or wildcard-based + * algorithm policy, the resulting key has the same algorithm policy. + * - If one of the policies allows an algorithm and all the other policies + * either allow the same algorithm or a wildcard-based algorithm policy + * that includes this algorithm, the resulting key allows the same + * algorithm. * - * \param[in,out] policy The key policy to modify. It must have been - * initialized as per the documentation for - * #psa_key_policy_t. - * \param usage The permitted uses for the key. - * \param alg The algorithm that the key may be used for. - */ -void psa_key_policy_set_usage(psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg); - -/** \brief Retrieve the usage field of a policy structure. + * The effect of this function on implementation-defined metadata is + * implementation-defined. * - * \param[in] policy The policy object to query. - * - * \return The permitted uses for a key with this policy. - */ -psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); - -/** \brief Retrieve the algorithm field of a policy structure. - * - * \param[in] policy The policy object to query. - * - * \return The permitted algorithm for a key with this policy. - */ -psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); - -/** \brief Set the usage policy on a key slot. - * - * This function must be called on an empty key slot, before importing, - * generating or creating a key in the slot. Changing the policy of an - * existing key is not permitted. - * - * Implementations may set restrictions on supported key policies - * depending on the key type and the key slot. - * - * \param handle Handle to the key whose policy is to be changed. - * \param[in] policy The policy object to query. + * \param source_handle The key to copy. It must be a handle to an + * occupied slot. + * \param target_handle A handle to the target slot. It must not contain + * key material yet. + * \param[in] constraint An optional policy constraint. If this parameter + * is non-null then the resulting key will conform + * to this policy in addition to the source policy + * and the policy already present on the target + * slot. If this parameter is null then the + * function behaves in the same way as if it was + * the target policy, i.e. only the source and + * target policies apply. * * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, it is implementation-defined whether - * the policy has been saved to persistent storage. Implementations - * may defer saving the policy until the key material is created. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT - * \retval #PSA_ERROR_NOT_SUPPORTED + * \p target already contains key material. + * \retval #PSA_ERROR_EMPTY_SLOT + * \p source does not contain key material. * \retval #PSA_ERROR_INVALID_ARGUMENT + * The policy constraints on the source, on the target and + * \p constraints are incompatible. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key is not exportable and its lifetime does not + * allow copying it to the target's lifetime. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. */ -psa_status_t psa_set_key_policy(psa_key_handle_t handle, - const psa_key_policy_t *policy); - -/** \brief Get the usage policy for a key slot. - * - * \param handle Handle to the key slot whose policy is being queried. - * \param[out] policy On success, the key's policy. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_policy(psa_key_handle_t handle, - psa_key_policy_t *policy); +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + psa_key_handle_t target_handle, + const psa_key_policy_t *constraint); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3a97f44b9..eb4d43347 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -713,6 +713,32 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, return( status ); } +/** Calculate the intersection of two algorithm usage policies. + * + * Return 0 (which allows no operation) on incompatibility. + */ +static psa_algorithm_t psa_key_policy_algorithm_intersection( + psa_algorithm_t alg1, + psa_algorithm_t alg2 ) +{ + /* Common case: the policy only allows alg. */ + if( alg1 == alg2 ) + return( alg1 ); + /* If the policies are from the same hash-and-sign family, check + * if one is a wildcard. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg1 ) && + PSA_ALG_IS_HASH_AND_SIGN( alg2 ) && + ( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) ) + { + if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH ) + return( alg2 ); + if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH ) + return( alg1 ); + } + /* If the policies are incompatible, allow nothing. */ + return( 0 ); +} + /** Test whether a policy permits an algorithm. * * The caller must test usage flags separately. @@ -736,6 +762,18 @@ static int psa_key_policy_permits( const psa_key_policy_t *policy, return( 0 ); } +static psa_status_t psa_restrict_key_policy( + psa_key_policy_t *policy, + const psa_key_policy_t *constraint ) +{ + psa_algorithm_t intersection_alg = + psa_key_policy_algorithm_intersection( policy->alg, constraint->alg ); + if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + policy->usage &= constraint->usage; + return( PSA_SUCCESS ); +} + /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ @@ -923,11 +961,11 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( PSA_SUCCESS ); } -static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, - uint8_t *data, - size_t data_size, - size_t *data_length, - int export_public_key ) +static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, + uint8_t *data, + size_t data_size, + size_t *data_length, + int export_public_key ) { *data_length = 0; @@ -1110,6 +1148,65 @@ exit: } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, + psa_key_handle_t target ) +{ + psa_status_t status; + uint8_t *buffer = NULL; + size_t buffer_size = 0; + size_t length; + + buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->type, + psa_get_key_bits( source ) ); + buffer = mbedtls_calloc( 1, buffer_size ); + if( buffer == NULL ) + { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto exit; + } + status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_import_key( target, source->type, buffer, length ); + +exit: + return( status ); +} + +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + psa_key_handle_t target_handle, + const psa_key_policy_t *constraint) +{ + psa_key_slot_t *source_slot = NULL; + psa_key_slot_t *target_slot = NULL; + psa_key_policy_t new_policy; + psa_status_t status; + status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_get_empty_key_slot( target_handle, &target_slot ); + if( status != PSA_SUCCESS ) + return( status ); + + new_policy = target_slot->policy; + status = psa_restrict_key_policy( &new_policy, &source_slot->policy ); + if( status != PSA_SUCCESS ) + return( status ); + if( constraint != NULL ) + { + status = psa_restrict_key_policy( &new_policy, constraint ); + if( status != PSA_SUCCESS ) + return( status ); + } + + status = psa_copy_key_material( source_slot, target_handle ); + if( status != PSA_SUCCESS ) + return( status ); + + target_slot->policy = new_policy; + return( PSA_SUCCESS ); +} + /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e8ec40c4c..72957589a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -65,6 +65,18 @@ Create not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED +Copy volatile to volatile +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + +Copy volatile to persistent +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + +Copy persistent to volatile +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + +Copy persistent to persistent +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 46fafcc1d..8a6ef0783 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -293,6 +293,115 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, + int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int target_lifetime_arg, int target_id_arg, + int target_usage_arg, int target_alg_arg, + int constraint_usage_arg, int constraint_alg_arg, + int expected_usage_arg, int expected_alg_arg ) +{ + psa_key_lifetime_t source_lifetime = source_lifetime_arg; + psa_key_id_t source_id = source_id_arg; + psa_key_usage_t source_usage = source_usage_arg; + psa_algorithm_t source_alg = source_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t source_type = type_arg; + size_t source_bits; + psa_key_lifetime_t target_lifetime = target_lifetime_arg; + psa_key_id_t target_id = target_id_arg; + psa_key_usage_t target_usage = target_usage_arg; + psa_algorithm_t target_alg = target_alg_arg; + psa_key_handle_t target_handle = 0; + psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t target_type; + size_t target_bits; + psa_key_usage_t constraint_usage = constraint_usage_arg; + psa_algorithm_t constraint_alg = constraint_alg_arg; + psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; + psa_key_policy_t *p_constraint = NULL; + psa_key_usage_t expected_usage = expected_usage_arg; + psa_algorithm_t expected_alg = expected_alg_arg; + uint8_t *export_buffer = NULL; + + if( constraint_usage_arg != -1 ) + { + p_constraint = &constraint; + psa_key_policy_set_usage( p_constraint, + constraint_usage, constraint_alg ); + } + TEST_MAX_KEY_ID( source_id ); + TEST_MAX_KEY_ID( target_id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Populate the source slot. */ + if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &source_handle ) ); + else + PSA_ASSERT( psa_create_key( source_lifetime, source_id, + &source_handle ) ); + psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); + PSA_ASSERT( psa_import_key( source_handle, source_type, + material->x, material->len ) ); + PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + + /* Prepare the target slot. */ + if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &target_handle ) ); + else + PSA_ASSERT( psa_create_key( target_lifetime, target_id, + &target_handle ) ); + psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); + target_policy = psa_key_policy_init(); + + /* Copy the key. */ + PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) ); + + /* Destroy the source to ensure that this doesn't affect the target. */ + PSA_ASSERT( psa_destroy_key( source_handle ) ); + + /* If the target key is persistent, restart the system to make + * sure that the material is still alive. */ + if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + { + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( target_lifetime, target_id, + &target_handle ) ); + } + + /* Test that the target slot has the expected content. */ + PSA_ASSERT( psa_get_key_information( target_handle, + &target_type, &target_bits ) ); + TEST_ASSERT( source_type == target_type ); + TEST_ASSERT( source_bits == target_bits ); + PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); + TEST_ASSERT( expected_usage == psa_key_policy_get_usage( &target_policy ) ); + TEST_ASSERT( expected_alg == psa_key_policy_get_algorithm( &target_policy ) ); + if( expected_usage & PSA_KEY_USAGE_EXPORT ) + { + size_t length; + ASSERT_ALLOC( export_buffer, material->len ); + PSA_ASSERT( psa_export_key( target_handle, export_buffer, + material->len, &length ) ); + ASSERT_COMPARE( material->x, material->len, + export_buffer, length ); + } + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( export_buffer ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_purge_key_storage( ); +#endif +} +/* END_CASE */ + /* BEGIN_CASE */ void invalid_handle( ) { From e43aa39397d3c44e909413cb65a7b73c57a39b28 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Jan 2019 14:50:37 +0100 Subject: [PATCH 0953/2197] hash_clone: Fix copypasta and add a functional description --- include/psa/crypto.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e639906d4..373c123cc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -922,6 +922,15 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, psa_status_t psa_hash_abort(psa_hash_operation_t *operation); /** Clone a hash operation. + * + * This function copies the state of an ongoing hash operation to + * a new operation object. In other words, this function is equivalent + * to calling psa_hash_setup() on \p target_operation with the same + * algorithm that \p source_operation was set up for, then + * psa_hash_update() on \p target_operation with the same input that + * that was passed to \p source_operation. After this function returns, the + * two objects are independent, i.e. subsequent calls involving one of + * the objects do not affect the other object. * * \param[in] source_operation The active hash operation to clone. * \param[in,out] target_operation The operation object to set up. @@ -931,7 +940,7 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \retval #PSA_ERROR_BAD_STATE * \p source_operation is not an active hash operation. * \retval #PSA_ERROR_BAD_STATE - * \p source_operation is active. + * \p target_operation is active. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED From eb35d78a11ab5d14b1e379740afa8f6f6da88851 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Jan 2019 17:56:16 +0100 Subject: [PATCH 0954/2197] Style fix --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1dda49bb4..702eb1793 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1421,8 +1421,8 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, return( PSA_SUCCESS ); } -psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation) +psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation ) { if( target_operation->alg != 0 ) return( PSA_ERROR_BAD_STATE ); From 870f5dc656e324390fc30b8b651aa751cb366628 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 23 Jan 2019 10:42:23 +0100 Subject: [PATCH 0955/2197] Add missing test dependency --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ce13f9e06..19c371545 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -428,7 +428,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 From c750932f2cdd5a8c85b9b4402a8c76ec8499bdc6 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 8 Jan 2019 09:36:01 -0500 Subject: [PATCH 0956/2197] Adapt to the new key allocation mechanism --- include/mbedtls/cipher_internal.h | 2 +- include/mbedtls/pk.h | 4 +-- include/mbedtls/psa_util.h | 15 ---------- include/mbedtls/ssl.h | 14 ++++----- include/mbedtls/ssl_internal.h | 2 +- library/cipher.c | 35 +++++++++++----------- library/pk.c | 16 +++++----- library/pk_wrap.c | 16 +++++----- library/pkwrite.c | 2 +- library/ssl_tls.c | 6 ++-- programs/ssl/ssl_client2.c | 6 ++-- programs/ssl/ssl_server2.c | 12 ++++---- tests/suites/test_suite_pk.function | 12 ++++---- tests/suites/test_suite_x509write.function | 2 +- 14 files changed, 65 insertions(+), 79 deletions(-) diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index 6687b362d..d71133900 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -137,7 +137,7 @@ typedef enum typedef struct { psa_algorithm_t alg; - psa_key_slot_t slot; + psa_key_handle_t slot; mbedtls_cipher_psa_key_ownership slot_state; } mbedtls_cipher_context_psa; #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 862065eed..4f1b06f80 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -273,7 +273,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * ECC key pair. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key ); +int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) @@ -761,7 +761,7 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); * \return An Mbed TLS error code otherwise. */ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_slot_t *slot, + psa_key_handle_t *slot, psa_algorithm_t hash_alg ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 576613309..f17e6afe9 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -42,21 +42,6 @@ #include "md.h" #include "pk.h" -/* Slot allocation */ - -static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key ) -{ - for( psa_key_slot_t slot = 1; slot <= 32; slot++ ) - { - if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT ) - { - *key = slot; - return( PSA_SUCCESS ); - } - } - return( PSA_ERROR_INSUFFICIENT_MEMORY ); -} - /* Translations for symmetric crypto. */ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f7c9d936a..e6bdafef2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -929,11 +929,11 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_slot_t psk_opaque; /*!< PSA key slot holding opaque PSK. - * This field should only be set via - * mbedtls_ssl_conf_psk_opaque(). - * If either no PSK or a raw PSK have - * been configured, this has value \c 0. */ + psa_key_handle_t psk_opaque; /*!< PSA key slot holding opaque PSK. + * This field should only be set via + * mbedtls_ssl_conf_psk_opaque(). + * If either no PSK or a raw PSK have + * been configured, this has value \c 0. */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char *psk; /*!< The raw pre-shared key. This field should @@ -2144,7 +2144,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_slot_t psk, + psa_key_handle_t psk, const unsigned char *psk_identity, size_t psk_identity_len ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -2184,7 +2184,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_slot_t psk ); + psa_key_handle_t psk ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 318d13fd8..fced2cbd7 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -284,7 +284,7 @@ struct mbedtls_ssl_handshake_params #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_slot_t psk_opaque; /*!< Opaque PSK from the callback */ + psa_key_handle_t psk_opaque; /*!< Opaque PSK from the callback */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char *psk; /*!< PSK from the callback */ size_t psk_len; /*!< Length of PSK from callback */ diff --git a/library/cipher.c b/library/cipher.c index 1cc0beb28..e479b9cde 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -302,38 +302,39 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - /* Find a fresh key slot to use. */ - status = mbedtls_psa_get_free_key_slot( &cipher_psa->slot ); + key_type = mbedtls_psa_translate_cipher_type( + ctx->cipher_info->type ); + if( key_type == 0 ) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + + /* Allocate a key slot to use. */ + status = psa_allocate_key( key_type, key_bitlen, &cipher_psa->slot ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - /* Indicate that we own the key slot and need to - * destroy it in mbedtls_cipher_free(). */ - cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; - - /* From that point on, the responsibility for destroying the - * key slot is on mbedtls_cipher_free(). This includes the case - * where the policy setup or key import below fail, as - * mbedtls_cipher_free() needs to be called in any case. */ /* Setup policy for the new key slot. */ psa_key_policy_init( &key_policy ); /* Mbed TLS' cipher layer doesn't enforce the mode of operation - * (encrypt vs. decrypt): it is possible to setup a key for encryption - * and use it for AEAD decryption. Until tests relying on this - * are changed, allow any usage in PSA. */ + * (encrypt vs. decrypt): it is possible to setup a key for encryption + * and use it for AEAD decryption. Until tests relying on this + * are changed, allow any usage in PSA. */ /* key_usage = mbedtls_psa_translate_cipher_operation( operation ); */ key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg ); status = psa_set_key_policy( cipher_psa->slot, &key_policy ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + /* Indicate that we own the key slot and need to + * destroy it in mbedtls_cipher_free(). */ + cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; + + /* From that point on, the responsibility for destroying the + * key slot is on mbedtls_cipher_free(). This includes the case + * where the policy setup or key import below fail, as + * mbedtls_cipher_free() needs to be called in any case. */ /* Populate new key slot. */ - key_type = mbedtls_psa_translate_cipher_type( - ctx->cipher_info->type ); - if( key_type == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); status = psa_import_key( cipher_psa->slot, key_type, key, key_bytelen ); if( status != PSA_SUCCESS ) diff --git a/library/pk.c b/library/pk.c index 989ed095b..8f649f97e 100644 --- a/library/pk.c +++ b/library/pk.c @@ -147,10 +147,10 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) /* * Initialise a PSA-wrapping context */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key ) +int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key ) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; - psa_key_slot_t *pk_ctx; + psa_key_handle_t *pk_ctx; psa_key_type_t type; if( ctx == NULL || ctx->pk_info != NULL ) @@ -168,7 +168,7 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key ) ctx->pk_info = info; - pk_ctx = (psa_key_slot_t *) ctx->pk_ctx; + pk_ctx = (psa_key_handle_t *) ctx->pk_ctx; *pk_ctx = key; return( 0 ); @@ -547,13 +547,13 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) * Currently only works for EC private keys. */ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_slot_t *slot, + psa_key_handle_t *slot, psa_algorithm_t hash_alg ) { #if !defined(MBEDTLS_ECP_C) return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); #else - psa_key_slot_t key; + psa_key_handle_t key; const mbedtls_ecp_keypair *ec; unsigned char d[MBEDTLS_ECP_MAX_BYTES]; size_t d_len; @@ -572,9 +572,10 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( ret ); curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; + key_type = PSA_KEY_TYPE_ECC_KEYPAIR(curve_id); - /* find a free key slot */ - if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) ) + /* allocate a key slot */ + if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* set policy */ @@ -585,7 +586,6 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* import private key in slot */ - key_type = PSA_KEY_TYPE_ECC_KEYPAIR(curve_id); if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 6aacba856..902345737 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -546,7 +546,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len ) { int ret; - psa_key_slot_t key_slot; + psa_key_handle_t key_slot; psa_key_policy_t policy; psa_key_type_t psa_type; mbedtls_pk_context key; @@ -571,15 +571,15 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( key_len <= 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( ret ) ); - psa_md = mbedtls_psa_translate_md( md_alg ); if( psa_md == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); psa_sig_md = PSA_ALG_ECDSA( psa_md ); psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); + if( ( ret = psa_allocate_key( psa_type, key_len * 8, &key_slot ) ) != PSA_SUCCESS ) + return( mbedtls_psa_err_translate_pk( ret ) ); + psa_key_policy_init( &policy ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS ) @@ -879,7 +879,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { static void *pk_opaque_alloc_wrap( void ) { - void *ctx = mbedtls_calloc( 1, sizeof( psa_key_slot_t ) ); + void *ctx = mbedtls_calloc( 1, sizeof( psa_key_handle_t ) ); /* no _init() function to call, an calloc() already zeroized */ @@ -888,13 +888,13 @@ static void *pk_opaque_alloc_wrap( void ) static void pk_opaque_free_wrap( void *ctx ) { - mbedtls_platform_zeroize( ctx, sizeof( psa_key_slot_t ) ); + mbedtls_platform_zeroize( ctx, sizeof( psa_key_handle_t ) ); mbedtls_free( ctx ); } static size_t pk_opaque_get_bitlen( const void *ctx ) { - const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; + const psa_key_handle_t *key = (const psa_key_handle_t *) ctx; size_t bits; if( PSA_SUCCESS != psa_get_key_information( *key, NULL, &bits ) ) @@ -999,7 +999,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - const psa_key_slot_t *key = (const psa_key_slot_t *) ctx; + const psa_key_handle_t *key = (const psa_key_handle_t *) ctx; psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); size_t bits, buf_len; psa_status_t status; diff --git a/library/pkwrite.c b/library/pkwrite.c index d34714b34..11a2a6145 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -168,7 +168,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) { size_t buffer_size; - psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx; + psa_key_handle_t* key_slot = (psa_key_handle_t*) key->pk_ctx; if ( *p < start ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d14434af0..8fe93141f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -798,7 +798,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) psa_status_t status; psa_algorithm_t alg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_slot_t psk; + psa_key_handle_t psk; MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); @@ -7617,7 +7617,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_USE_PSA_CRYPTO) int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_slot_t psk_slot, + psa_key_handle_t psk_slot, const unsigned char *psk_identity, size_t psk_identity_len ) { @@ -7640,7 +7640,7 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, } int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_slot_t psk_slot ) + psa_key_handle_t psk_slot ) { if( psk_slot == 0 || ssl->handshake == NULL ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index a98a3a232..a8c16dc53 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -571,7 +571,7 @@ int main( int argc, char *argv[] ) const char *pers = "ssl_client2"; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_slot_t slot = 0; + psa_key_handle_t slot = 0; psa_algorithm_t alg = 0; psa_key_policy_t policy; psa_status_t status; @@ -594,7 +594,7 @@ int main( int argc, char *argv[] ) mbedtls_x509_crt clicert; mbedtls_pk_context pkey; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_slot_t key_slot = 0; /* invalid key slot */ + psa_key_handle_t key_slot = 0; /* invalid key slot */ #endif #endif char *p, *q; @@ -1594,7 +1594,7 @@ int main( int argc, char *argv[] ) if( opt.psk_opaque != 0 ) { /* The algorithm has already been determined earlier. */ - status = mbedtls_psa_get_free_key_slot( &slot ); + status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &slot ); if( status != PSA_SUCCESS ) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 534a3f373..8b3b9cd2b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -806,7 +806,7 @@ struct _psk_entry size_t key_len; unsigned char key[MBEDTLS_PSK_MAX_LEN]; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_slot_t slot; + psa_key_handle_t slot; #endif /* MBEDTLS_USE_PSA_CRYPTO */ psk_entry *next; }; @@ -822,7 +822,7 @@ int psk_free( psk_entry *head ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status; - psa_key_slot_t const slot = head->slot; + psa_key_handle_t const slot = head->slot; if( slot != 0 ) { @@ -1231,7 +1231,7 @@ int idle( mbedtls_net_context *fd, } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t psa_setup_psk_key_slot( psa_key_slot_t slot, +static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot, psa_algorithm_t alg, unsigned char *psk, size_t psk_len ) @@ -1268,7 +1268,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg = 0; - psa_key_slot_t psk_slot = 0; + psa_key_handle_t psk_slot = 0; #endif /* MBEDTLS_USE_PSA_CRYPTO */ unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; @@ -2667,7 +2667,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( opt.psk_opaque != 0 ) { - status = mbedtls_psa_get_free_key_slot( &psk_slot ); + status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &psk_slot ); if( status != PSA_SUCCESS ) { fprintf( stderr, "ALLOC FAIL\n" ); @@ -2711,7 +2711,7 @@ int main( int argc, char *argv[] ) psk_entry *cur_psk; for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) { - status = mbedtls_psa_get_free_key_slot( &cur_psk->slot ); + status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, cur_psk->key_len * 8, &cur_psk->slot ); if( status != PSA_SUCCESS ) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 9168b1da5..47d72d0d0 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -74,17 +74,17 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) * or PK_PSA_INVALID_SLOT if no slot was available. * The key uses NIST P-256 and is usable for signing with SHA-256. */ -psa_key_slot_t pk_psa_genkey( void ) +psa_key_handle_t pk_psa_genkey( void ) { - psa_key_slot_t key; + psa_key_handle_t key; const int curve = PSA_ECC_CURVE_SECP256R1; const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve); const size_t bits = 256; psa_key_policy_t policy; - /* find a free key slot */ - if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) ) + /* Allocate a key slot */ + if( PSA_SUCCESS != psa_allocate_key( type, bits, &key ) ) return( PK_PSA_INVALID_SLOT ); /* set up policy on key slot */ @@ -112,7 +112,7 @@ psa_key_slot_t pk_psa_genkey( void ) void pk_psa_utils( ) { mbedtls_pk_context pk, pk2; - psa_key_slot_t key; + psa_key_handle_t key; const char * const name = "Opaque"; const size_t bitlen = 256; /* harcoded in genkey() */ @@ -778,7 +778,7 @@ exit: void pk_psa_sign( ) { mbedtls_pk_context pk; - psa_key_slot_t key; + psa_key_handle_t key; unsigned char hash[50], sig[100], pkey[100]; size_t sig_len, klen = 0; diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index bf43a8001..268b4bbeb 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -133,7 +133,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, int cert_type ) { mbedtls_pk_context key; - psa_key_slot_t slot; + psa_key_handle_t slot; psa_algorithm_t md_alg_psa; mbedtls_x509write_csr req; unsigned char buf[4096]; From 08dfceaba42192537d8b6eede9fc6c16820fd1c4 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 14 Jan 2019 05:01:28 -0500 Subject: [PATCH 0957/2197] cipher: fixed key ownership scope Indicate key ownership earlier, so that it gets destroyed on faulty policy setting. --- library/cipher.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index e479b9cde..b81df6bde 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -312,6 +312,15 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + /* Indicate that we own the key slot and need to + * destroy it in mbedtls_cipher_free(). */ + cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; + + /* From that point on, the responsibility for destroying the + * key slot is on mbedtls_cipher_free(). This includes the case + * where the policy setup or key import below fail, as + * mbedtls_cipher_free() needs to be called in any case. */ + /* Setup policy for the new key slot. */ psa_key_policy_init( &key_policy ); @@ -325,14 +334,6 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, status = psa_set_key_policy( cipher_psa->slot, &key_policy ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - /* Indicate that we own the key slot and need to - * destroy it in mbedtls_cipher_free(). */ - cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; - - /* From that point on, the responsibility for destroying the - * key slot is on mbedtls_cipher_free(). This includes the case - * where the policy setup or key import below fail, as - * mbedtls_cipher_free() needs to be called in any case. */ /* Populate new key slot. */ status = psa_import_key( cipher_psa->slot, From 1ec0fee4589753364cf785f47696b279b067e026 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 14 Jan 2019 05:09:46 -0500 Subject: [PATCH 0958/2197] pk: wrap curve_id before passing it to PSA Add a helper function in PSA utils --- include/mbedtls/psa_util.h | 13 +++++++++++++ library/pk.c | 3 ++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f17e6afe9..435aca809 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -244,6 +244,19 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) } } +/* Translations for ECC */ + +/* This function transforms an ECC group identifier from + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * into a PSA ECC group identifier. */ +static inline psa_ecc_curve_t mbedtls_psa_parse_tls_ecc_group( + uint16_t tls_ecc_grp_reg_id ) +{ + /* The PSA identifiers are currently aligned with those from + * the TLS Supported Groups registry, so no conversion is necessary. */ + return( (psa_ecc_curve_t) tls_ecc_grp_reg_id ); +} + #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/library/pk.c b/library/pk.c index 8f649f97e..c0ed54229 100644 --- a/library/pk.c +++ b/library/pk.c @@ -572,7 +572,8 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( ret ); curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; - key_type = PSA_KEY_TYPE_ECC_KEYPAIR(curve_id); + key_type = PSA_KEY_TYPE_ECC_KEYPAIR( + mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); /* allocate a key slot */ if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) ) From e1a8187df902b565a5e47194ea00fc6fbc12e69c Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 14 Jan 2019 05:14:18 -0500 Subject: [PATCH 0959/2197] pk_wrap: pass curve size instead of a larger size of the exported key Whitespace fixes --- include/mbedtls/psa_util.h | 17 +++++++++++++++++ library/pk.c | 2 +- library/pk_wrap.c | 4 +++- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 435aca809..a78c1a96c 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -216,6 +216,23 @@ static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group } } +#define MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) \ + ( curve == PSA_ECC_CURVE_SECP192R1 ? 192 : \ + curve == PSA_ECC_CURVE_SECP224R1 ? 224 : \ + curve == PSA_ECC_CURVE_SECP256R1 ? 256 : \ + curve == PSA_ECC_CURVE_SECP384R1 ? 384 : \ + curve == PSA_ECC_CURVE_SECP521R1 ? 521 : \ + curve == PSA_ECC_CURVE_SECP192K1 ? 192 : \ + curve == PSA_ECC_CURVE_SECP224K1 ? 224 : \ + curve == PSA_ECC_CURVE_SECP256K1 ? 256 : \ + curve == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ + curve == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ + curve == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ + 0 ) + +#define MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( curve ) \ + ( ( MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) + 7 ) / 8 ) + /* Translations for PK layer */ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) diff --git a/library/pk.c b/library/pk.c index c0ed54229..024dcdcb1 100644 --- a/library/pk.c +++ b/library/pk.c @@ -573,7 +573,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; key_type = PSA_KEY_TYPE_ECC_KEYPAIR( - mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); + mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); /* allocate a key slot */ if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) ) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 902345737..08550d4c4 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -577,7 +577,9 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_sig_md = PSA_ALG_ECDSA( psa_md ); psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - if( ( ret = psa_allocate_key( psa_type, key_len * 8, &key_slot ) ) != PSA_SUCCESS ) + if( ( ret = psa_allocate_key( psa_type, + MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE(curve), + &key_slot ) ) != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( ret ) ); psa_key_policy_init( &policy ); From f410a5c251ad617dffc538544e809e99dd2064cc Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 15 Jan 2019 03:33:35 -0500 Subject: [PATCH 0960/2197] Fix indentation of documentation --- library/cipher.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index b81df6bde..03c0e0667 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -317,17 +317,17 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; /* From that point on, the responsibility for destroying the - * key slot is on mbedtls_cipher_free(). This includes the case - * where the policy setup or key import below fail, as - * mbedtls_cipher_free() needs to be called in any case. */ + * key slot is on mbedtls_cipher_free(). This includes the case + * where the policy setup or key import below fail, as + * mbedtls_cipher_free() needs to be called in any case. */ /* Setup policy for the new key slot. */ psa_key_policy_init( &key_policy ); /* Mbed TLS' cipher layer doesn't enforce the mode of operation - * (encrypt vs. decrypt): it is possible to setup a key for encryption - * and use it for AEAD decryption. Until tests relying on this - * are changed, allow any usage in PSA. */ + * (encrypt vs. decrypt): it is possible to setup a key for encryption + * and use it for AEAD decryption. Until tests relying on this + * are changed, allow any usage in PSA. */ /* key_usage = mbedtls_psa_translate_cipher_operation( operation ); */ key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg ); From 54c139f1418937588098b0435dbd8de85fe40223 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 22 Jan 2019 06:29:45 -0500 Subject: [PATCH 0961/2197] Remove unnecessary "#" sign from PSA macros --- include/mbedtls/ssl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index e6bdafef2..3e38f153b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2129,7 +2129,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \param psk The identifier of the key slot holding the PSK. * Until \p conf is destroyed or this function is successfully * called again, the key slot \p psk must be populated with a - * key of type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy + * key of type PSA_ALG_CATEGORY_KEY_DERIVATION whose policy * allows its use for the key derivation algorithm applied * in the handshake. * \param psk_identity The pointer to the pre-shared key identity. @@ -2176,7 +2176,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, * \param psk The identifier of the key slot holding the PSK. * For the duration of the current handshake, the key slot * must be populated with a key of type - * #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its + * PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its * use for the key derivation algorithm * applied in the handshake. * From 25384a236e2a5c91ef07c0800e72948fd7dfc6e3 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 10:23:21 +0000 Subject: [PATCH 0962/2197] psa: Simplify RSA public key format Remove pkcs-1 and rsaEncryption front matter from RSA public keys. Move code that was shared between RSA and other key types (like EC keys) to be used only with non-RSA keys. --- include/psa/crypto.h | 28 +++---- include/psa/crypto_sizes.h | 13 +--- library/psa_crypto.c | 30 +++++++- tests/suites/test_suite_psa_crypto.data | 74 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 45 +++++------ .../test_suite_psa_crypto_persistent_key.data | 4 +- 6 files changed, 104 insertions(+), 90 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ed3f56369..316802679 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -474,8 +474,17 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * minimize the risk that an invalid input is accidentally interpreted * according to a different format. * - * The format is the DER representation defined by RFC 5280 as - * `SubjectPublicKeyInfo`, with the `subjectPublicKey` format + * For standard key types, the output format is as follows: + * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of + * the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`. + * ``` + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + * ``` + * + * For other public key types, the format is the DER representation defined by + * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format * specified below. * ``` * SubjectPublicKeyInfo ::= SEQUENCE { @@ -485,21 +494,6 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } * ``` - * - * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), - * the `subjectPublicKey` format is defined by RFC 3279 §2.3.1 as - * `RSAPublicKey`, - * with the OID `rsaEncryption`, - * and with the parameters `NULL`. - * ``` - * pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - * rsadsi(113549) pkcs(1) 1 } - * rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } - * - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER } -- e - * ``` * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as * `DSAPublicKey`, diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 5ad695a39..89fc96be0 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -417,25 +417,16 @@ /* Maximum size of the export encoding of an RSA public key. * Assumes that the public exponent is less than 2^32. * - * SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } -- contains RSAPublicKey - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters NULL } * RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n * publicExponent INTEGER } -- e * - * - 3 * 4 bytes of SEQUENCE overhead; - * - 1 + 1 + 9 bytes of algorithm (RSA OID); - * - 2 bytes of NULL; - * - 4 bytes of BIT STRING overhead; + * - 4 bytes of SEQUENCE overhead; * - n : INTEGER; * - 7 bytes for the public exponent. */ #define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 36) + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) /* Maximum size of the export encoding of an RSA key pair. * Assumes thatthe public exponent is less than 2^32 and that the size diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0a039710a..e8697a752 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -61,6 +61,7 @@ #include "mbedtls/arc4.h" #include "mbedtls/asn1.h" +#include "mbedtls/asn1write.h" #include "mbedtls/bignum.h" #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" @@ -899,6 +900,22 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( PSA_SUCCESS ); } +#if defined(MBEDTLS_RSA_C) +static int pk_write_pubkey_simple( mbedtls_pk_context *key, + unsigned char *buf, size_t size ) +{ + int ret; + unsigned char *c; + size_t len = 0; + + c = buf + size; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); + + return( (int) len ); +} +#endif /* defined(MBEDTLS_RSA_C) */ + static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, uint8_t *data, size_t data_size, @@ -969,9 +986,20 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, #endif } if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) - ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + { + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + { + ret = pk_write_pubkey_simple( &pk, data, data_size ); + } + else + { + ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); + } + } else + { ret = mbedtls_pk_write_key_der( &pk, data, data_size ); + } if( ret < 0 ) { /* If data_size is 0 then data may be NULL and then the diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa0a89052..0806c1df5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -50,7 +50,7 @@ export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALI PSA export a slot after a failed import of a RSA key depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C -export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +export_after_import_failure:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT PSA export a slot after a failed import of an EC keypair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -62,7 +62,7 @@ cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALI PSA export RSA public key from a slot where there was an import followed by destroy. depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY +export_after_destroy_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY PSA export AES key from a slot where there was an import followed by destroy. depends_on:MBEDTLS_AES_C @@ -78,27 +78,27 @@ import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -134,7 +134,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e PSA import RSA keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT PSA import RSA public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -146,23 +146,23 @@ import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2 PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30819e300d06092a864886f70d010101050003818c0030818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -170,7 +170,7 @@ import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5f PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"30819e300d06092a864886f70d010101050003818c0030818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED +import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -178,7 +178,7 @@ import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029f PSA import RSA public key: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"30819e300d06092a864886f70d010101050003818c003081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED +import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -319,7 +319,7 @@ import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b1 PSA import failure preserves policy depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS +import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -1116,11 +1116,11 @@ import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a PSA import/exercise RSA public key, PKCS#1 v1.5 raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW +import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA public key, PSS-SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) +import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C @@ -1168,7 +1168,7 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bb PSA sign: invalid key type, signing with a public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 @@ -1204,7 +1204,7 @@ sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1212,23 +1212,23 @@ asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84f PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PSS SHA-256, good signature, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" PSA verify: RSA PSS SHA-256, good signature, 129 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" +asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C @@ -1252,23 +1252,23 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab4543 PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good, with label depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1280,19 +1280,19 @@ asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA encrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: salt not allowed depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: invalid key type depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1376,11 +1376,11 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39 PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6916bf42e..4d6cefb0e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -625,27 +625,6 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, uint8_t *p = exported; uint8_t *end = exported + exported_length; size_t len; - mbedtls_asn1_buf alg; - mbedtls_asn1_buf params; - mbedtls_asn1_bitstring bitstring; - /* SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - */ - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), - 0 ); - TEST_EQUAL( p + len, end ); - TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); - if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) - goto exit; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); - TEST_EQUAL( p, end ); - p = bitstring.p; #if defined(MBEDTLS_RSA_C) if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { @@ -653,7 +632,6 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_EQUAL( bitstring.unused_bits, 0 ); TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ), @@ -670,6 +648,29 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) { + mbedtls_asn1_buf alg; + mbedtls_asn1_buf params; + mbedtls_asn1_bitstring bitstring; + /* SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + */ + + TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ), + 0 ); + TEST_EQUAL( p + len, end ); + TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); + if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) + goto exit; + TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); + TEST_EQUAL( p, end ); + p = bitstring.p; + /* ECPoint ::= ... * -- first 8 bits: 0x04 (uncompressed representation); * -- then x_P as an n-bit string, big endian; diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index c9eb8e103..613968dd5 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -48,7 +48,7 @@ import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0 import/export persistent key RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0 +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0 import/export persistent key RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -59,7 +59,7 @@ import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1 import/export persistent key RSA public key file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1 +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1 import/export persistent key RSA keypair file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C From 97271b37c8d008da7a202840f35d22cca785a00c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 19:38:51 +0000 Subject: [PATCH 0963/2197] psa: Use psa_status_t in psa_key_agreement_ecdh() Use the PSA-native status type in psa_key_agreement_ecdh() in preparation for us calling PSA functions (and not just Mbed TLS functions) and still being able to return a psa_status_t (without having to translate it to a Mbed TLS error and then back again). --- library/psa_crypto.c | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e8697a752..9b8477ce4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4044,12 +4044,13 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, mbedtls_pk_context pk; mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; - int ret; + psa_status_t status; mbedtls_ecdh_init( &ecdh ); mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ) ); + if( status != PSA_SUCCESS ) goto exit; switch( mbedtls_pk_get_type( &pk ) ) { @@ -4057,33 +4058,36 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, case MBEDTLS_PK_ECKEY_DH: break; default: - ret = MBEDTLS_ERR_ECP_INVALID_KEY; + status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } their_key = mbedtls_pk_ec( pk ); if( their_key->grp.id != our_key->grp.id ) { - ret = MBEDTLS_ERR_ECP_INVALID_KEY; + status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) ); + if( status != PSA_SUCCESS ) goto exit; - ret = mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ); - if( ret != 0 ) + status = mbedtls_to_psa_error( + mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ) ); + if( status != PSA_SUCCESS ) goto exit; - ret = mbedtls_ecdh_calc_secret( &ecdh, - shared_secret_length, - shared_secret, shared_secret_size, - mbedtls_ctr_drbg_random, - &global_data.ctr_drbg ); + status = mbedtls_to_psa_error( + mbedtls_ecdh_calc_secret( &ecdh, + shared_secret_length, + shared_secret, shared_secret_size, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ) ); exit: mbedtls_pk_free( &pk ); mbedtls_ecdh_free( &ecdh ); - return( mbedtls_to_psa_error( ret ) ); + return( status ); } #endif /* MBEDTLS_ECDH_C */ From ccdce90adb3438ff094c5a0c0681413a230e28a6 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 10 Jan 2019 11:42:27 +0000 Subject: [PATCH 0964/2197] psa: Simplify EC public key format Remove front matter from our EC key format, to make it just the contents of an ECPoint as defined by SEC1 section 2.3.3. As a consequence of the simplification, remove the restriction on not being able to use an ECDH key with ECDSA. There is no longer any OID specified when importing a key, so we can't reject importing of an ECDH key for the purpose of ECDSA based on the OID. --- include/psa/crypto.h | 36 ++---- include/psa/crypto_sizes.h | 24 +--- library/psa_crypto.c | 136 ++++++++++---------- tests/suites/test_suite_psa_crypto.data | 75 +++++------ tests/suites/test_suite_psa_crypto.function | 34 +---- 5 files changed, 127 insertions(+), 178 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 316802679..f0c8e7de4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -482,6 +482,14 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * modulus INTEGER, -- n * publicExponent INTEGER } -- e * ``` + * - For elliptic curve public keys (key types for which + * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed + * representation defined by SEC1 §2.3.3 as the content of an ECPoint: + * Let `m` be the bit size associated with the curve, i.e. the bit size of + * `q` for a curve over `F_q`. The representation consists of: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. * * For other public key types, the format is the DER representation defined by * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format @@ -509,30 +517,6 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * g INTEGER } * DSAPublicKey ::= INTEGER -- public key, Y * ``` - * - For elliptic curve public keys (key types for which - * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), - * the `subjectPublicKey` format is defined by RFC 3279 §2.3.5 as - * `ECPoint`, which contains the uncompressed - * representation defined by SEC1 §2.3.3. - * The OID is `id-ecPublicKey`, - * and the parameters must be given as a `namedCurve` OID as specified in - * RFC 5480 §2.1.1.1 or other applicable standards. - * ``` - * ansi-X9-62 OBJECT IDENTIFIER ::= - * { iso(1) member-body(2) us(840) 10045 } - * id-public-key-type OBJECT IDENTIFIER ::= { ansi-X9.62 2 } - * id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 } - * - * ECPoint ::= ... - * -- first 8 bits: 0x04; - * -- then x_P as a `ceiling(m/8)`-byte string, big endian; - * -- then y_P as a `ceiling(m/8)`-byte string, big endian; - * -- where `m` is the bit size associated with the curve, - * -- i.e. the bit size of `q` for a curve over `F_q`. - * - * EcpkParameters ::= CHOICE { -- other choices are not allowed - * namedCurve OBJECT IDENTIFIER } - * ``` * * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. @@ -2160,7 +2144,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * in the same format that psa_import_key() * accepts. The standard formats for public * keys are documented in the documentation - * of psa_export_public_key(). + * of psa_export_public_key(). For EC keys, it + * must also be of the same group as the private + * key. * \param peer_key_length Size of \p peer_key in bytes. * \param alg The key agreement algorithm to compute * (\c PSA_ALG_XXX value such that diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 89fc96be0..9ad053629 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -493,26 +493,16 @@ /* Maximum size of the export encoding of an ECC public key. * - * SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } -- contains ECPoint - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters OBJECT IDENTIFIER } -- namedCurve - * ECPoint ::= ... - * -- first 8 bits: 0x04; - * -- then x_P as a `ceiling(m/8)`-byte string, big endian; - * -- then y_P as a `ceiling(m/8)`-byte string, big endian; - * -- where `m` is the bit size associated with the curve. + * The representation of an ECC public key is: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; + * - where m is the bit size associated with the curve. * - * - 2 * 4 bytes of SEQUENCE overhead; - * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID); - * - 1 + 1 + 12 bytes of namedCurve OID; - * - 4 bytes of BIT STRING overhead; - * - 1 byte + 2 * point size in ECPoint. + * - 1 byte + 2 * point size. */ #define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (2 * PSA_BITS_TO_BYTES(key_bits) + 36) + (2 * PSA_BITS_TO_BYTES(key_bits) + 1) /* Maximum size of the export encoding of an ECC key pair. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9b8477ce4..01bd9574f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -537,25 +537,55 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, } #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ -#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) -/* Import an elliptic curve parsed by the mbedtls pk module. */ -static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve, - mbedtls_pk_context *pk, - mbedtls_ecp_keypair **p_ecp ) +#if defined(MBEDTLS_ECP_C) + +/* Import a public key given as the uncompressed representation defined by SEC1 + * 2.3.3 as the content of an ECPoint. */ +static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, + const uint8_t *data, + size_t data_length, + mbedtls_ecp_keypair **p_ecp ) { - if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else + psa_status_t status = PSA_ERROR_TAMPERING_DETECTED; + mbedtls_ecp_keypair *ecp = NULL; + mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + + *p_ecp = NULL; + ecp = mbedtls_calloc( 1, sizeof( *ecp ) ); + if( ecp == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + mbedtls_ecp_keypair_init( ecp ); + + /* Load the group. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); + if( status != PSA_SUCCESS ) + goto exit; + /* Load the public value. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q, + data, data_length ) ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Check that the point is on the curve. */ + status = mbedtls_to_psa_error( + mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) ); + if( status != PSA_SUCCESS ) + goto exit; + + *p_ecp = ecp; + return( PSA_SUCCESS ); + +exit: + if( ecp != NULL ) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( *pk ); - psa_ecc_curve_t actual_curve = mbedtls_ecc_group_to_psa( ecp->grp.id ); - if( actual_curve != expected_curve ) - return( PSA_ERROR_INVALID_ARGUMENT ); - *p_ecp = ecp; - return( PSA_SUCCESS ); + mbedtls_ecp_keypair_free( ecp ); + mbedtls_free( ecp ); } + return( status ); } -#endif /* defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_ECP_C) */ #if defined(MBEDTLS_ECP_C) /* Import a private key given as a byte string which is the private value @@ -642,11 +672,20 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, if( status != PSA_SUCCESS ) return( status ); } + else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->type ) ) + { + status = psa_import_ec_public_key( + PSA_KEY_TYPE_GET_CURVE( slot->type ), + data, data_length, + &slot->data.ecp ); + + if( status != PSA_SUCCESS ) + return( status ); + } else #endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_PK_PARSE_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { int ret; mbedtls_pk_context pk; @@ -660,23 +699,9 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, if( ret != 0 ) return( mbedtls_to_psa_error( ret ) ); - /* We have something that the pkparse module recognizes. - * If it has the expected type and passes any type-specific - * checks, store it. */ -#if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) - status = psa_import_rsa_key( &pk, &slot->data.rsa ); - else -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) - status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), - &pk, &slot->data.ecp ); - else -#endif /* MBEDTLS_ECP_C */ - { - status = PSA_ERROR_NOT_SUPPORTED; - } + /* We have something that the pkparse module recognizes. If it is a + * valid RSA key, store it. */ + status = psa_import_rsa_key( &pk, &slot->data.rsa ); /* Free the content of the pk object only on error. On success, * the content of the object has been stored in the slot. */ @@ -687,7 +712,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, } } else -#endif /* defined(MBEDTLS_PK_PARSE_C) */ +#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -900,7 +925,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( PSA_SUCCESS ); } -#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) static int pk_write_pubkey_simple( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { @@ -914,7 +939,7 @@ static int pk_write_pubkey_simple( mbedtls_pk_context *key, return( (int) len ); } -#endif /* defined(MBEDTLS_RSA_C) */ +#endif /* defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) */ static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, uint8_t *data, @@ -987,14 +1012,7 @@ static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, } if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) { - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) - { - ret = pk_write_pubkey_simple( &pk, data, data_size ); - } - else - { - ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size ); - } + ret = pk_write_pubkey_simple( &pk, data, data_size ); } else { @@ -4041,32 +4059,17 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, size_t shared_secret_size, size_t *shared_secret_length ) { - mbedtls_pk_context pk; mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; psa_status_t status; mbedtls_ecdh_init( &ecdh ); - mbedtls_pk_init( &pk ); - status = mbedtls_to_psa_error( - mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length ) ); + status = psa_import_ec_public_key( + mbedtls_ecc_group_to_psa( our_key->grp.id ), + peer_key, peer_key_length, + &their_key ); if( status != PSA_SUCCESS ) goto exit; - switch( mbedtls_pk_get_type( &pk ) ) - { - case MBEDTLS_PK_ECKEY: - case MBEDTLS_PK_ECKEY_DH: - break; - default: - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } - their_key = mbedtls_pk_ec( pk ); - if( their_key->grp.id != our_key->grp.id ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } status = mbedtls_to_psa_error( mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) ); @@ -4085,8 +4088,9 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, &global_data.ctr_drbg ) ); exit: - mbedtls_pk_free( &pk ); mbedtls_ecdh_free( &ecdh ); + mbedtls_ecp_keypair_free( their_key ); + mbedtls_free( their_key ); return( status ); } #endif /* MBEDTLS_ECDH_C */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0806c1df5..f50773f7f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -190,7 +190,7 @@ import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -198,7 +198,7 @@ import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED @@ -206,7 +206,7 @@ import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec3 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED @@ -214,7 +214,7 @@ import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bd PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED @@ -222,7 +222,7 @@ import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED @@ -230,7 +230,7 @@ import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED @@ -238,7 +238,7 @@ import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe101293 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -246,7 +246,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR @@ -280,7 +280,7 @@ import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2 PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -306,13 +306,6 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED # it's looking for an OID where there is no OID. import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED -# A key with the OID id-ECDH is only valid for ECDH, not for ECDSA. -# Such keys are currently not allowed by psa_import_key, only by -# psa_key_agreement. -PSA import EC public key: ECDH-only -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3057301106052b8104010c06082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT - PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT @@ -1232,7 +1225,7 @@ asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fd PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify with keypair: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C @@ -1240,11 +1233,11 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab454357126 PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA verify: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 @@ -1647,91 +1640,91 @@ derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key agreement setup: ECDH, raw: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH, raw: public key on different curve depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, raw: public key instead of private key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: not a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 with ECDH-only public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3057301106052b8104010c06082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 +key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA generate random: 0 bytes generate_random:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4d6cefb0e..ea1e545f4 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -648,36 +648,12 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) { - mbedtls_asn1_buf alg; - mbedtls_asn1_buf params; - mbedtls_asn1_bitstring bitstring; - /* SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } + /* The representation of an ECC public key is: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; + * - where m is the bit size associated with the curve. */ - - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), - 0 ); - TEST_EQUAL( p + len, end ); - TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, ¶ms ), 0 ); - if( ! is_oid_of_key_type( type, alg.p, alg.len ) ) - goto exit; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 ); - TEST_EQUAL( p, end ); - p = bitstring.p; - - /* ECPoint ::= ... - * -- first 8 bits: 0x04 (uncompressed representation); - * -- then x_P as an n-bit string, big endian; - * -- then y_P as a n-bit string, big endian, - * -- where n is the order of the curve. - */ - TEST_EQUAL( bitstring.unused_bits, 0 ); TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end ); TEST_EQUAL( p[0], 4 ); } From cd09d8c83a541db3be61426db7ac56bde5ccc832 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 17:53:05 +0000 Subject: [PATCH 0965/2197] psa: Refactor psa_import_rsa_key() pk-using code Move pk-using code to inside psa_import_rsa_key(). This aligns the shape of psa_import_rsa_key() to match that of psa_import_ec_private_key() and psa_import_ec_public_key(). --- library/psa_crypto.c | 89 ++++++++++++++++++++++++++------------------ 1 file changed, 52 insertions(+), 37 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 01bd9574f..03d337178 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -512,28 +512,60 @@ static psa_status_t psa_check_rsa_key_byte_aligned( return( status ); } -static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk, +static psa_status_t psa_import_rsa_key( psa_key_type_t type, + const uint8_t *data, + size_t data_length, mbedtls_rsa_context **p_rsa ) { - if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_RSA ) - return( PSA_ERROR_INVALID_ARGUMENT ); + psa_status_t status; + mbedtls_pk_context pk; + mbedtls_rsa_context *rsa; + size_t bits; + + mbedtls_pk_init( &pk ); + + /* Parse the data. */ + if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + status = mbedtls_to_psa_error( + mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ) ); else + status = mbedtls_to_psa_error( + mbedtls_pk_parse_public_key( &pk, data, data_length ) ); + if( status != PSA_SUCCESS ) + goto exit; + + /* We have something that the pkparse module recognizes. If it is a + * valid RSA key, store it. */ + if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_RSA ) { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk ); - /* The size of an RSA key doesn't have to be a multiple of 8. - * Mbed TLS supports non-byte-aligned key sizes, but not well. - * For example, mbedtls_rsa_get_len() returns the key size in - * bytes, not in bits. */ - size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); - psa_status_t status; - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = psa_check_rsa_key_byte_aligned( rsa ); - if( status != PSA_SUCCESS ) - return( status ); - *p_rsa = rsa; - return( PSA_SUCCESS ); + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; } + + rsa = mbedtls_pk_rsa( pk ); + /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS + * supports non-byte-aligned key sizes, but not well. For example, + * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */ + bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); + if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = psa_check_rsa_key_byte_aligned( rsa ); + +exit: + /* Free the content of the pk object only on error. */ + if( status != PSA_SUCCESS ) + { + mbedtls_pk_free( &pk ); + return( status ); + } + + /* On success, store the content of the object in the RSA context. */ + *p_rsa = rsa; + + return( PSA_SUCCESS ); } #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ @@ -687,29 +719,12 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) { - int ret; - mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); + status = psa_import_rsa_key( slot->type, + data, data_length, + &slot->data.rsa ); - /* Parse the data. */ - if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) - ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ); - else - ret = mbedtls_pk_parse_public_key( &pk, data, data_length ); - if( ret != 0 ) - return( mbedtls_to_psa_error( ret ) ); - - /* We have something that the pkparse module recognizes. If it is a - * valid RSA key, store it. */ - status = psa_import_rsa_key( &pk, &slot->data.rsa ); - - /* Free the content of the pk object only on error. On success, - * the content of the object has been stored in the slot. */ if( status != PSA_SUCCESS ) - { - mbedtls_pk_free( &pk ); return( status ); - } } else #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ From c67200d0e675ecc5b4f7f267a2504a3004bc1deb Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 14 Jan 2019 13:12:39 +0000 Subject: [PATCH 0966/2197] psa: Remove extra status handling from import Remove extra status handling code from psa_import_key_into_slot(). This helps save a tiny amount of code space, but mainly serves to improve the readability of the code. --- library/psa_crypto.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 03d337178..bb53f8194 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -701,8 +701,6 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), data, data_length, &slot->data.ecp ); - if( status != PSA_SUCCESS ) - return( status ); } else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->type ) ) { @@ -710,9 +708,6 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, PSA_KEY_TYPE_GET_CURVE( slot->type ), data, data_length, &slot->data.ecp ); - - if( status != PSA_SUCCESS ) - return( status ); } else #endif /* MBEDTLS_ECP_C */ @@ -722,16 +717,13 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, status = psa_import_rsa_key( slot->type, data, data_length, &slot->data.rsa ); - - if( status != PSA_SUCCESS ) - return( status ); } else #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ { return( PSA_ERROR_NOT_SUPPORTED ); } - return( PSA_SUCCESS ); + return( status ); } /* Retrieve an empty key slot (slot with no key data, but possibly From 21fec0c1c5e788e13d21f579f313df527553faa0 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 14 Jan 2019 16:56:20 +0000 Subject: [PATCH 0967/2197] psa: Expand documentation for psa_key_agreement() Document `peer_key` parameter requirements, including an explanation of how the peer key is used and an example for EC keys. --- include/psa/crypto.h | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f0c8e7de4..d61c86620 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2136,21 +2136,28 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * The resulting generator always has the maximum capacity permitted by * the algorithm. * - * \param[in,out] generator The generator object to set up. It must have - * been initialized as per the documentation for - * #psa_crypto_generator_t and not yet in use. - * \param private_key Handle to the private key to use. - * \param[in] peer_key Public key of the peer. It must be - * in the same format that psa_import_key() - * accepts. The standard formats for public - * keys are documented in the documentation - * of psa_export_public_key(). For EC keys, it - * must also be of the same group as the private - * key. - * \param peer_key_length Size of \p peer_key in bytes. - * \param alg The key agreement algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). + * \param[in,out] generator The generator object to set up. It must have been + * initialized as per the documentation for + * #psa_crypto_generator_t and not yet in use. + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. The peer key must be in the + * same format that psa_import_key() accepts for the + * public key type corresponding to the type of + * \p private_key. That is, this function performs the + * equivalent of + * `psa_import_key(internal_public_key_handle, + * PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(private_key_type), + * peer_key, peer_key_length)` where + * `private_key_type` is the type of \p private_key. + * For example, for EC keys, this means that \p + * peer_key is interpreted as a point on the curve + * that the private key is associated with. The + * standard formats for public keys are documented in + * the documentation of psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * \param alg The key agreement algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true). * * \retval #PSA_SUCCESS * Success. From eb2d4b90376f8bf33289340e0e49b70a8eed14e7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 24 Jan 2019 13:05:36 +0100 Subject: [PATCH 0968/2197] Test that HASH_ANY is not meaningful for OAEP PSA_ALG_HASH_ANY is specified as meaningful only for signature. --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 19c371545..18dcbc7a7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -399,10 +399,18 @@ PSA key policy: asymmetric encryption, encrypt | decrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT -PSA key policy: asymmetric encryption, wrong algorithm +PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) + +PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) + PSA key policy: asymmetric encryption, encrypt but not decrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT @@ -1174,7 +1182,7 @@ PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT -PSA sign: RSA PKCS#1 v1.5 raw, invalid hash (wildcard) +PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 # Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler # to implement. From fcf659b12d5d79186e7ba2447673b252d20fa693 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:25:00 +0000 Subject: [PATCH 0969/2197] PSA: Adapt PK test suite to modified key slot allocation mechanism --- tests/suites/test_suite_pk.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 47d72d0d0..a5edb25fe 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -84,7 +84,7 @@ psa_key_handle_t pk_psa_genkey( void ) psa_key_policy_t policy; /* Allocate a key slot */ - if( PSA_SUCCESS != psa_allocate_key( type, bits, &key ) ) + if( PSA_SUCCESS != psa_allocate_key( &key ) ) return( PK_PSA_INVALID_SLOT ); /* set up policy on key slot */ From a814ae6f92335f3d7ee3b103152310a7d835651e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:25:16 +0000 Subject: [PATCH 0970/2197] PSA: Adapt PK test suite to new key policy initialization API --- tests/suites/test_suite_pk.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index a5edb25fe..120c1716b 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -88,7 +88,7 @@ psa_key_handle_t pk_psa_genkey( void ) return( PK_PSA_INVALID_SLOT ); /* set up policy on key slot */ - psa_key_policy_init( &policy ); + policy = psa_key_policy_init(); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) ) From d74dfc29846dcba30a98c48b67336085104460ee Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:26:01 +0000 Subject: [PATCH 0971/2197] PSA: Adapt ssl_client2 to modified key slot allocation API --- programs/ssl/ssl_client2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index a8c16dc53..32db46455 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1594,7 +1594,7 @@ int main( int argc, char *argv[] ) if( opt.psk_opaque != 0 ) { /* The algorithm has already been determined earlier. */ - status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &slot ); + status = psa_allocate_key( &slot ); if( status != PSA_SUCCESS ) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; From 2261a0ff5224235894254d0359e1ffa6bd7de89c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:26:26 +0000 Subject: [PATCH 0972/2197] PSA: Adapt ssl_client2 to new key policy initialization API --- programs/ssl/ssl_client2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 32db46455..fe369239e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1601,7 +1601,7 @@ int main( int argc, char *argv[] ) goto exit; } - psa_key_policy_init( &policy ); + policy = psa_key_policy_init(); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); status = psa_set_key_policy( slot, &policy ); From f3adecf4794074d513acb5cf2992bfce40872f3f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:27:01 +0000 Subject: [PATCH 0973/2197] PSA: Adapt ssl_server2 to hew key policy initialization API --- programs/ssl/ssl_server2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 8b3b9cd2b..545ccd64c 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1239,7 +1239,7 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot, psa_status_t status; psa_key_policy_t policy; - psa_key_policy_init( &policy ); + policy = psa_key_policy_init(); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); status = psa_set_key_policy( slot, &policy ); From 330b9a458624f139d9b804e24ff16ebe2bcf8a81 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:27:15 +0000 Subject: [PATCH 0974/2197] PSA: Adapt ssl_server2 to modified key allocation API --- programs/ssl/ssl_server2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 545ccd64c..479075361 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2667,7 +2667,7 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_USE_PSA_CRYPTO) if( opt.psk_opaque != 0 ) { - status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, psk_len * 8, &psk_slot ); + status = psa_allocate_key( &psk_slot ); if( status != PSA_SUCCESS ) { fprintf( stderr, "ALLOC FAIL\n" ); @@ -2711,7 +2711,7 @@ int main( int argc, char *argv[] ) psk_entry *cur_psk; for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) { - status = psa_allocate_key( PSA_KEY_TYPE_DERIVE, cur_psk->key_len * 8, &cur_psk->slot ); + status = psa_allocate_key( &cur_psk->slot ); if( status != PSA_SUCCESS ) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; From 242da1e2c29eb209dcf75d7219031b4386f5328f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:29:12 +0000 Subject: [PATCH 0975/2197] PSA: Adapt cipher.c, pk.c, pk_wrap.c to new key slot allocation API --- library/cipher.c | 2 +- library/pk.c | 2 +- library/pk_wrap.c | 4 +--- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 03c0e0667..b2cffcd38 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -308,7 +308,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); /* Allocate a key slot to use. */ - status = psa_allocate_key( key_type, key_bitlen, &cipher_psa->slot ); + status = psa_allocate_key( &cipher_psa->slot ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); diff --git a/library/pk.c b/library/pk.c index 024dcdcb1..e25a5f21f 100644 --- a/library/pk.c +++ b/library/pk.c @@ -576,7 +576,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); /* allocate a key slot */ - if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) ) + if( PSA_SUCCESS != psa_allocate_key( &key ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* set policy */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 08550d4c4..ea678a667 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -577,9 +577,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_sig_md = PSA_ALG_ECDSA( psa_md ); psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - if( ( ret = psa_allocate_key( psa_type, - MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE(curve), - &key_slot ) ) != PSA_SUCCESS ) + if( ( ret = psa_allocate_key( &key_slot ) ) != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( ret ) ); psa_key_policy_init( &policy ); From 2169a5e54ded734f7844af1a16c39b993c2a992c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 14:29:33 +0000 Subject: [PATCH 0976/2197] PSA: Adapt pk.c, pk_wrap.c, cipher.c to new key policy init API --- library/cipher.c | 2 +- library/pk.c | 2 +- library/pk_wrap.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index b2cffcd38..16037fb05 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -322,7 +322,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, * mbedtls_cipher_free() needs to be called in any case. */ /* Setup policy for the new key slot. */ - psa_key_policy_init( &key_policy ); + key_policy = psa_key_policy_init(); /* Mbed TLS' cipher layer doesn't enforce the mode of operation * (encrypt vs. decrypt): it is possible to setup a key for encryption diff --git a/library/pk.c b/library/pk.c index e25a5f21f..72f09ac2f 100644 --- a/library/pk.c +++ b/library/pk.c @@ -580,7 +580,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* set policy */ - psa_key_policy_init( &policy ); + policy = psa_key_policy_init(); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, PSA_ALG_ECDSA(hash_alg) ); if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) ) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index ea678a667..7f8abd488 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -580,7 +580,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( ( ret = psa_allocate_key( &key_slot ) ) != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( ret ) ); - psa_key_policy_init( &policy ); + policy = psa_key_policy_init(); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS ) { From 23a6784cb927dacf9e46080e037870d2bbe80e0f Mon Sep 17 00:00:00 2001 From: Oren Cohen Date: Thu, 24 Jan 2019 14:32:11 +0200 Subject: [PATCH 0977/2197] Update usage of PSA ITS to comply with v1.0 --- library/psa_crypto.c | 9 ++++----- library/psa_crypto_storage_its.c | 13 ++++++------- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1b961b803..2d21bb079 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -92,7 +92,7 @@ #include "mbedtls/xtea.h" #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) -#include "psa_prot_internal_storage.h" +#include "psa/internal_trusted_storage.h" #endif #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) @@ -4220,7 +4220,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_SUCCESS: return( PSA_SUCCESS ); - case PSA_ITS_ERROR_KEY_NOT_FOUND: + case PSA_ITS_ERROR_UID_NOT_FOUND: return( PSA_ERROR_EMPTY_SLOT ); case PSA_ITS_ERROR_STORAGE_FAILURE: @@ -4229,10 +4229,9 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_ERROR_INSUFFICIENT_SPACE: return( PSA_ERROR_INSUFFICIENT_STORAGE ); - case PSA_ITS_ERROR_INVALID_KEY: case PSA_ITS_ERROR_OFFSET_INVALID: case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_BAD_POINTER: + case PSA_ITS_ERROR_INVALID_ARGUMENTS: return( PSA_ERROR_INVALID_ARGUMENT ); case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: @@ -4263,7 +4262,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); status = its_to_psa_error( its_status ); - if( PSA_ITS_ERROR_KEY_NOT_FOUND == its_status ) /* No seed exists */ + if( PSA_ITS_ERROR_UID_NOT_FOUND == its_status ) /* No seed exists */ { its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); status = its_to_psa_error( its_status ); diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index d53467a1a..1c7e1711f 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -29,7 +29,7 @@ #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" -#include "psa_prot_internal_storage.h" +#include "psa/internal_trusted_storage.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" @@ -42,7 +42,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_SUCCESS: return( PSA_SUCCESS ); - case PSA_ITS_ERROR_KEY_NOT_FOUND: + case PSA_ITS_ERROR_UID_NOT_FOUND: return( PSA_ERROR_EMPTY_SLOT ); case PSA_ITS_ERROR_STORAGE_FAILURE: @@ -51,10 +51,9 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_ERROR_INSUFFICIENT_SPACE: return( PSA_ERROR_INSUFFICIENT_STORAGE ); - case PSA_ITS_ERROR_INVALID_KEY: case PSA_ITS_ERROR_OFFSET_INVALID: case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_BAD_POINTER: + case PSA_ITS_ERROR_INVALID_ARGUMENTS: return( PSA_ERROR_INVALID_ARGUMENT ); case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: @@ -100,7 +99,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ) ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND ) + if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) return( 0 ); return( 1 ); } @@ -150,14 +149,14 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND ) + if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) return( PSA_SUCCESS ); if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS ) return( PSA_ERROR_STORAGE_FAILURE ); ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ITS_ERROR_KEY_NOT_FOUND ) + if( ret != PSA_ITS_ERROR_UID_NOT_FOUND ) return( PSA_ERROR_STORAGE_FAILURE ); return( PSA_SUCCESS ); From 5d5e90a610ffd78000e056043d2ea9184f060e52 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 25 Jan 2019 16:37:10 +0000 Subject: [PATCH 0978/2197] Adapt ecdsa_verify_wrap() to new EC public key format Previously, PSA used SubjectPublicKeyInfo structures to serialize EC public keys. This has recently been changed to using ECPoint structures instead, but the wrapper making PSA ECDSA verification available through Mbed TLS' PK API hasn't yet been adapted accordingly - which is what this commit does. Luckily, Mbed TLS' PK API offers two functions mbedtls_pk_write_pubkey() and mbedtls_pk_write_pubkey_der(), the latter exporting a SubjectPublicKeyInfo structure and the former exporting an ECPoint structure in case of EC public keys. For the adaptation of the ECDSA wrapper ecdsa_verify_wrap() it is therefore sufficient to use mbedtls_pk_write_pubkey() instead of mbedtls_pk_write_pubkey_der(). --- library/pk_wrap.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 7f8abd488..332696dfd 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -553,7 +553,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, int key_len; /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */ unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES]; - unsigned char *p = (unsigned char*) sig; + unsigned char *p; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; psa_algorithm_t psa_sig_md, psa_md; psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group( @@ -567,7 +567,8 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, * re-construct one to make it happy */ key.pk_info = &pk_info; key.pk_ctx = ctx; - key_len = mbedtls_pk_write_pubkey_der( &key, buf, sizeof( buf ) ); + p = buf + sizeof( buf ); + key_len = mbedtls_pk_write_pubkey( &p, buf, &key ); if( key_len <= 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -603,6 +604,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } + p = (unsigned char*) sig; if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf, signature_part_size ) ) != 0 ) { From 763fb9a150291dad9040d4b121c4f56d5ee1c8a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Jan 2019 13:29:01 +0100 Subject: [PATCH 0979/2197] Improve the description of PSA_ALG_ANY_HASH Make it clearer what PSA_ALG_ANY_HASH can and cannot be used for. --- include/psa/crypto_values.h | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index f072487f2..acf856dd1 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -668,15 +668,18 @@ /** SHA3-512 */ #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) -/** Allow any hash algorithm. +/** In a hash-and-sign algorithm policy, allow any hash algorithm. * - * This value may only be used to form the algorithm usage field of a policy - * for a signature algorithm that is parametrized by a hash. That is, - * suppose that `PSA_xxx_SIGNATURE` is one of the following macros: + * This value may be used to form the algorithm usage field of a policy + * for a signature algorithm that is parametrized by a hash. The key + * may then be used to perform operations using the same signature + * algorithm parametrized with any supported hash. + * + * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros: * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA, * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. - * Then you may create a key as follows: + * Then you may create and use a key as follows: * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: * ``` * psa_key_policy_set_usage(&policy, From 231bf5b693afd8b803d5a14d35f973a8cb2a3169 Mon Sep 17 00:00:00 2001 From: Oren Cohen Date: Mon, 28 Jan 2019 14:50:31 +0200 Subject: [PATCH 0980/2197] Use new ITS uid type ITS switched from using uint32_t to psa_its_uid_t (uint64_t) --- library/psa_crypto_storage_its.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 1c7e1711f..1873c69cc 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -67,7 +67,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) } } -static uint32_t psa_its_identifier_of_slot( psa_key_id_t key ) +static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) { return( key ); } @@ -77,7 +77,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, { psa_its_status_t ret; psa_status_t status; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); @@ -94,7 +94,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, int psa_is_key_present_in_storage( const psa_key_id_t key ) { psa_its_status_t ret; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); @@ -110,7 +110,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, { psa_its_status_t ret; psa_status_t status; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; if( psa_is_key_present_in_storage( key ) == 1 ) @@ -145,7 +145,7 @@ exit: psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) { psa_its_status_t ret; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); @@ -167,7 +167,7 @@ psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, { psa_its_status_t ret; psa_status_t status; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); From f603c718c916fdb523fb054e487d2922ea1ea577 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 19 Jan 2019 13:40:11 +0100 Subject: [PATCH 0981/2197] New function psa_copy_key Copy a key from one slot to another. Implemented and smoke-tested. --- include/psa/crypto.h | 301 +++++++++++------- library/psa_crypto.c | 120 ++++++- ...test_suite_psa_crypto_slot_management.data | 12 + ..._suite_psa_crypto_slot_management.function | 109 +++++++ 4 files changed, 419 insertions(+), 123 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 06f9eb81f..b7cc0fbe5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -93,6 +93,140 @@ psa_status_t psa_crypto_init(void); /**@}*/ +/** \defgroup policy Key policies + * @{ + */ + +/** The type of the key policy data structure. + * + * Before calling any function on a key policy, the application must initialize + * it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_policy_t policy; + * memset(&policy, 0, sizeof(policy)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_policy_t policy = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT, + * for example: + * \code + * psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + * \endcode + * - Assign the result of the function psa_key_policy_init() + * to the structure, for example: + * \code + * psa_key_policy_t policy; + * policy = psa_key_policy_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure except + * as directed by the documentation of a specific implementation. */ +typedef struct psa_key_policy_s psa_key_policy_t; + +/** \def PSA_KEY_POLICY_INIT + * + * This macro returns a suitable initializer for a key policy object of type + * #psa_key_policy_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_POLICY_INIT {0} +#endif + +/** Return an initial value for a key policy that forbids all usage of the key. + */ +static psa_key_policy_t psa_key_policy_init(void); + +/** \brief Set the standard fields of a policy structure. + * + * Note that this function does not make any consistency check of the + * parameters. The values are only checked when applying the policy to + * a key slot with psa_set_key_policy(). + * + * \param[in,out] policy The key policy to modify. It must have been + * initialized as per the documentation for + * #psa_key_policy_t. + * \param usage The permitted uses for the key. + * \param alg The algorithm that the key may be used for. + */ +void psa_key_policy_set_usage(psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg); + +/** \brief Retrieve the usage field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted uses for a key with this policy. + */ +psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); + +/** \brief Retrieve the algorithm field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted algorithm for a key with this policy. + */ +psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); + +/** \brief Set the usage policy on a key slot. + * + * This function must be called on an empty key slot, before importing, + * generating or creating a key in the slot. Changing the policy of an + * existing key is not permitted. + * + * Implementations may set restrictions on supported key policies + * depending on the key type and the key slot. + * + * \param handle Handle to the key whose policy is to be changed. + * \param[in] policy The policy object to query. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, it is implementation-defined whether + * the policy has been saved to persistent storage. Implementations + * may defer saving the policy until the key material is created. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_set_key_policy(psa_key_handle_t handle, + const psa_key_policy_t *policy); + +/** \brief Get the usage policy for a key slot. + * + * \param handle Handle to the key slot whose policy is being queried. + * \param[out] policy On success, the key's policy. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_policy(psa_key_handle_t handle, + psa_key_policy_t *policy); + +/**@}*/ + /** \defgroup key_management Key management * @{ */ @@ -530,139 +664,70 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, size_t data_size, size_t *data_length); -/**@}*/ - -/** \defgroup policy Key policies - * @{ - */ - -/** The type of the key policy data structure. +/** Make a copy of a key. * - * Before calling any function on a key policy, the application must initialize - * it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_key_policy_t policy; - * memset(&policy, 0, sizeof(policy)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_key_policy_t policy = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT, - * for example: - * \code - * psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - * \endcode - * - Assign the result of the function psa_key_policy_init() - * to the structure, for example: - * \code - * psa_key_policy_t policy; - * policy = psa_key_policy_init(); - * \endcode + * Copy key material from one location to another. * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_key_policy_s psa_key_policy_t; - -/** \def PSA_KEY_POLICY_INIT + * This function is primarily useful to copy a key from one lifetime + * to another. The target key retains its lifetime and location. * - * This macro returns a suitable initializer for a key policy object of type - * #psa_key_policy_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_POLICY_INIT {0} -#endif - -/** Return an initial value for a key policy that forbids all usage of the key. - */ -static psa_key_policy_t psa_key_policy_init(void); - -/** \brief Set the standard fields of a policy structure. + * In an implementation where slots have different ownerships, + * this functin may be used to share a key with a different party, + * subject to implementation-defined restrictions on key sharing. + * In this case \p constraint would typically prevent the recipient + * from exporting the key. * - * Note that this function does not make any consistency check of the - * parameters. The values are only checked when applying the policy to - * a key slot with psa_set_key_policy(). + * The resulting key may only be used in a way that conforms to all + * three of: the policy of the source key, the policy previously set + * on the target, and the \p constraint parameter passed when calling + * this function. + * - The usage flags on the resulting key are the bitwise-and of the + * usage flags on the source policy, the previously-set target policy + * and the policy constraint. + * - If all three policies allow the same algorithm or wildcard-based + * algorithm policy, the resulting key has the same algorithm policy. + * - If one of the policies allows an algorithm and all the other policies + * either allow the same algorithm or a wildcard-based algorithm policy + * that includes this algorithm, the resulting key allows the same + * algorithm. * - * \param[in,out] policy The key policy to modify. It must have been - * initialized as per the documentation for - * #psa_key_policy_t. - * \param usage The permitted uses for the key. - * \param alg The algorithm that the key may be used for. - */ -void psa_key_policy_set_usage(psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg); - -/** \brief Retrieve the usage field of a policy structure. + * The effect of this function on implementation-defined metadata is + * implementation-defined. * - * \param[in] policy The policy object to query. - * - * \return The permitted uses for a key with this policy. - */ -psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); - -/** \brief Retrieve the algorithm field of a policy structure. - * - * \param[in] policy The policy object to query. - * - * \return The permitted algorithm for a key with this policy. - */ -psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); - -/** \brief Set the usage policy on a key slot. - * - * This function must be called on an empty key slot, before importing, - * generating or creating a key in the slot. Changing the policy of an - * existing key is not permitted. - * - * Implementations may set restrictions on supported key policies - * depending on the key type and the key slot. - * - * \param handle Handle to the key whose policy is to be changed. - * \param[in] policy The policy object to query. + * \param source_handle The key to copy. It must be a handle to an + * occupied slot. + * \param target_handle A handle to the target slot. It must not contain + * key material yet. + * \param[in] constraint An optional policy constraint. If this parameter + * is non-null then the resulting key will conform + * to this policy in addition to the source policy + * and the policy already present on the target + * slot. If this parameter is null then the + * function behaves in the same way as if it was + * the target policy, i.e. only the source and + * target policies apply. * * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, it is implementation-defined whether - * the policy has been saved to persistent storage. Implementations - * may defer saving the policy until the key material is created. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT - * \retval #PSA_ERROR_NOT_SUPPORTED + * \p target already contains key material. + * \retval #PSA_ERROR_EMPTY_SLOT + * \p source does not contain key material. * \retval #PSA_ERROR_INVALID_ARGUMENT + * The policy constraints on the source, on the target and + * \p constraints are incompatible. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key is not exportable and its lifetime does not + * allow copying it to the target's lifetime. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. */ -psa_status_t psa_set_key_policy(psa_key_handle_t handle, - const psa_key_policy_t *policy); - -/** \brief Get the usage policy for a key slot. - * - * \param handle Handle to the key slot whose policy is being queried. - * \param[out] policy On success, the key's policy. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_policy(psa_key_handle_t handle, - psa_key_policy_t *policy); +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + psa_key_handle_t target_handle, + const psa_key_policy_t *constraint); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7fb1adb29..3d86e85c7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -748,6 +748,32 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, return( status ); } +/** Calculate the intersection of two algorithm usage policies. + * + * Return 0 (which allows no operation) on incompatibility. + */ +static psa_algorithm_t psa_key_policy_algorithm_intersection( + psa_algorithm_t alg1, + psa_algorithm_t alg2 ) +{ + /* Common case: the policy only allows alg. */ + if( alg1 == alg2 ) + return( alg1 ); + /* If the policies are from the same hash-and-sign family, check + * if one is a wildcard. If so the other has the specific algorithm. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg1 ) && + PSA_ALG_IS_HASH_AND_SIGN( alg2 ) && + ( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) ) + { + if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH ) + return( alg2 ); + if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH ) + return( alg1 ); + } + /* If the policies are incompatible, allow nothing. */ + return( 0 ); +} + /** Test whether a policy permits an algorithm. * * The caller must test usage flags separately. @@ -771,6 +797,31 @@ static int psa_key_policy_permits( const psa_key_policy_t *policy, return( 0 ); } +/** Restrict a key policy based on a constraint. + * + * \param[in,out] policy The policy to restrict. + * \param[in] constraint The policy constraint to apply. + * + * \retval #PSA_SUCCESS + * \c *policy contains the intersection of the original value of + * \c *policy and \c *constraint. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c *policy and \c *constraint are incompatible. + * \c *policy is unchanged. + */ +static psa_status_t psa_restrict_key_policy( + psa_key_policy_t *policy, + const psa_key_policy_t *constraint ) +{ + psa_algorithm_t intersection_alg = + psa_key_policy_algorithm_intersection( policy->alg, constraint->alg ); + if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + policy->usage &= constraint->usage; + policy->alg = intersection_alg; + return( PSA_SUCCESS ); +} + /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ @@ -974,11 +1025,11 @@ static int pk_write_pubkey_simple( mbedtls_pk_context *key, } #endif /* defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) */ -static psa_status_t psa_internal_export_key( psa_key_slot_t *slot, - uint8_t *data, - size_t data_size, - size_t *data_length, - int export_public_key ) +static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, + uint8_t *data, + size_t data_size, + size_t *data_length, + int export_public_key ) { *data_length = 0; @@ -1165,6 +1216,65 @@ exit: } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, + psa_key_handle_t target ) +{ + psa_status_t status; + uint8_t *buffer = NULL; + size_t buffer_size = 0; + size_t length; + + buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->type, + psa_get_key_bits( source ) ); + buffer = mbedtls_calloc( 1, buffer_size ); + if( buffer == NULL ) + { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto exit; + } + status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_import_key( target, source->type, buffer, length ); + +exit: + return( status ); +} + +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + psa_key_handle_t target_handle, + const psa_key_policy_t *constraint) +{ + psa_key_slot_t *source_slot = NULL; + psa_key_slot_t *target_slot = NULL; + psa_key_policy_t new_policy; + psa_status_t status; + status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_get_empty_key_slot( target_handle, &target_slot ); + if( status != PSA_SUCCESS ) + return( status ); + + new_policy = target_slot->policy; + status = psa_restrict_key_policy( &new_policy, &source_slot->policy ); + if( status != PSA_SUCCESS ) + return( status ); + if( constraint != NULL ) + { + status = psa_restrict_key_policy( &new_policy, constraint ); + if( status != PSA_SUCCESS ) + return( status ); + } + + status = psa_copy_key_material( source_slot, target_handle ); + if( status != PSA_SUCCESS ) + return( status ); + + target_slot->policy = new_policy; + return( PSA_SUCCESS ); +} + /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e8ec40c4c..72957589a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -65,6 +65,18 @@ Create not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED +Copy volatile to volatile +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + +Copy volatile to persistent +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + +Copy persistent to volatile +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + +Copy persistent to persistent +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 + Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 46fafcc1d..8a6ef0783 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -293,6 +293,115 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, + int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int target_lifetime_arg, int target_id_arg, + int target_usage_arg, int target_alg_arg, + int constraint_usage_arg, int constraint_alg_arg, + int expected_usage_arg, int expected_alg_arg ) +{ + psa_key_lifetime_t source_lifetime = source_lifetime_arg; + psa_key_id_t source_id = source_id_arg; + psa_key_usage_t source_usage = source_usage_arg; + psa_algorithm_t source_alg = source_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t source_type = type_arg; + size_t source_bits; + psa_key_lifetime_t target_lifetime = target_lifetime_arg; + psa_key_id_t target_id = target_id_arg; + psa_key_usage_t target_usage = target_usage_arg; + psa_algorithm_t target_alg = target_alg_arg; + psa_key_handle_t target_handle = 0; + psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t target_type; + size_t target_bits; + psa_key_usage_t constraint_usage = constraint_usage_arg; + psa_algorithm_t constraint_alg = constraint_alg_arg; + psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; + psa_key_policy_t *p_constraint = NULL; + psa_key_usage_t expected_usage = expected_usage_arg; + psa_algorithm_t expected_alg = expected_alg_arg; + uint8_t *export_buffer = NULL; + + if( constraint_usage_arg != -1 ) + { + p_constraint = &constraint; + psa_key_policy_set_usage( p_constraint, + constraint_usage, constraint_alg ); + } + TEST_MAX_KEY_ID( source_id ); + TEST_MAX_KEY_ID( target_id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Populate the source slot. */ + if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &source_handle ) ); + else + PSA_ASSERT( psa_create_key( source_lifetime, source_id, + &source_handle ) ); + psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); + PSA_ASSERT( psa_import_key( source_handle, source_type, + material->x, material->len ) ); + PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + + /* Prepare the target slot. */ + if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &target_handle ) ); + else + PSA_ASSERT( psa_create_key( target_lifetime, target_id, + &target_handle ) ); + psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); + target_policy = psa_key_policy_init(); + + /* Copy the key. */ + PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) ); + + /* Destroy the source to ensure that this doesn't affect the target. */ + PSA_ASSERT( psa_destroy_key( source_handle ) ); + + /* If the target key is persistent, restart the system to make + * sure that the material is still alive. */ + if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + { + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( target_lifetime, target_id, + &target_handle ) ); + } + + /* Test that the target slot has the expected content. */ + PSA_ASSERT( psa_get_key_information( target_handle, + &target_type, &target_bits ) ); + TEST_ASSERT( source_type == target_type ); + TEST_ASSERT( source_bits == target_bits ); + PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); + TEST_ASSERT( expected_usage == psa_key_policy_get_usage( &target_policy ) ); + TEST_ASSERT( expected_alg == psa_key_policy_get_algorithm( &target_policy ) ); + if( expected_usage & PSA_KEY_USAGE_EXPORT ) + { + size_t length; + ASSERT_ALLOC( export_buffer, material->len ); + PSA_ASSERT( psa_export_key( target_handle, export_buffer, + material->len, &length ) ); + ASSERT_COMPARE( material->x, material->len, + export_buffer, length ); + } + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( export_buffer ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_purge_key_storage( ); +#endif +} +/* END_CASE */ + /* BEGIN_CASE */ void invalid_handle( ) { From 122d00291264a705106a45e7cfe7fec131925248 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 23 Jan 2019 10:55:43 +0100 Subject: [PATCH 0982/2197] Fix memory leak in psa_copy_key --- library/psa_crypto.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3d86e85c7..d9d48708c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1228,16 +1228,15 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, psa_get_key_bits( source ) ); buffer = mbedtls_calloc( 1, buffer_size ); if( buffer == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - goto exit; - } + return( PSA_ERROR_INSUFFICIENT_MEMORY ); status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) goto exit; status = psa_import_key( target, source->type, buffer, length ); exit: + mbedtls_platform_zeroize( buffer, buffer_size ); + mbedtls_free( buffer ); return( status ); } From 57ab721d8af930e42e4c57a1f81f9a4a433c7b91 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Jan 2019 13:03:09 +0100 Subject: [PATCH 0983/2197] Test psa_copy_key Split the testing into tests that exercise policies in test_suite_psa_crypto and tests that exercise slot content (slot states, key material) in test_suite_psa_crypto_slot_management. Test various cases of source and target policies with and without wildcards. Missing: testing of the policy constraint on psa_copy_key itself. Test several key types (raw data, AES, RSA). Test with the source or target being persistent. Add failure tests (incompatible policies, source slot empty, target slot occupied). --- tests/suites/test_suite_psa_crypto.data | 67 +++++ tests/suites/test_suite_psa_crypto.function | 180 ++++++++++++- ...test_suite_psa_crypto_slot_management.data | 48 +++- ..._suite_psa_crypto_slot_management.function | 238 ++++++++++++++++-- 4 files changed, 512 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 656418de0..2cde60a19 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -492,6 +492,73 @@ PSA key policy: agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) +Copy key: raw, 0 bytes +copy_key_policy:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:-1:-1:0:0 + +Copy key: AES, same usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR + +Copy key: AES, fewer usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, more usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, intersect usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: RSA key pair, same usage flags +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, fewer usage flags +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, more usage flags +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, intersect usage flags +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, wildcard algorithm in source +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, wildcard algorithm in target +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, wildcard algorithm in source and target +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +Copy fail: AES, incompatible target policy +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:-1:-1:PSA_ERROR_INVALID_ARGUMENT + +Copy fail: RSA, incompatible target policy (source wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT + +Copy fail: RSA, incompatible target policy (target wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT + +Copy fail: RSA, incompatible target policy (source and target wildcard) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT + +Copy fail: RSA, ANY_HASH is not meaningful with OAEP +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT + Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a9d76dbe6..87ad1ff61 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -282,13 +282,38 @@ static int exercise_signature_key( psa_key_handle_t handle, size_t payload_length = 16; unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length = sizeof( signature ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); + + /* If the policy allows signing with any hash, just pick one. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH ) + { +#if defined(MBEDTLS_MD2_C) + hash_alg = PSA_ALG_MD2; +#elif defined(MBEDTLS_MD4_C) + hash_alg = PSA_ALG_MD4; +#elif defined(MBEDTLS_MD5_C) + hash_alg = PSA_ALG_MD5; +#elif defined(MBEDTLS_RIPEMD160_C) + hash_alg = PSA_ALG_RIPEMD160; +#elif defined(MBEDTLS_SHA1_C) + hash_alg = PSA_ALG_SHA_1; +#elif defined(MBEDTLS_SHA256_C) + hash_alg = PSA_ALG_SHA_256; +#elif defined(MBEDTLS_SHA512_C) + hash_alg = PSA_ALG_SHA_384; +#elif defined(MBEDTLS_SHA3_C) + hash_alg = PSA_ALG_SHA3_256; +#else + test_fail( "No hash algorithm for hash-and-sign testing", __LINE__, __FILE__ ); +#endif + alg ^= PSA_ALG_ANY_HASH ^ hash_alg; + } if( usage & PSA_KEY_USAGE_SIGN ) { /* Some algorithms require the payload to have the size of * the hash encoded in the algorithm. Use this input size * even for algorithms that allow other input sizes. */ - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); if( hash_alg != 0 ) payload_length = PSA_HASH_SIZE( hash_alg ); PSA_ASSERT( psa_asymmetric_sign( handle, alg, @@ -1741,6 +1766,159 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void copy_key_policy( int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int target_usage_arg, int target_alg_arg, + int constraint_usage_arg, int constraint_alg_arg, + int expected_usage_arg, int expected_alg_arg ) +{ + psa_key_usage_t source_usage = source_usage_arg; + psa_algorithm_t source_alg = source_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t source_type = type_arg; + size_t source_bits; + psa_key_usage_t target_usage = target_usage_arg; + psa_algorithm_t target_alg = target_alg_arg; + psa_key_handle_t target_handle = 0; + psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t target_type; + size_t target_bits; + psa_key_usage_t constraint_usage = constraint_usage_arg; + psa_algorithm_t constraint_alg = constraint_alg_arg; + psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; + psa_key_policy_t *p_constraint = NULL; + psa_key_usage_t expected_usage = expected_usage_arg; + psa_algorithm_t expected_alg = expected_alg_arg; + uint8_t *export_buffer = NULL; + + if( constraint_usage_arg != -1 ) + { + p_constraint = &constraint; + psa_key_policy_set_usage( p_constraint, + constraint_usage, constraint_alg ); + } + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Populate the source slot. */ + PSA_ASSERT( psa_allocate_key( &source_handle ) ); + psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); + PSA_ASSERT( psa_import_key( source_handle, source_type, + material->x, material->len ) ); + PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + + /* Prepare the target slot. */ + PSA_ASSERT( psa_allocate_key( &target_handle ) ); + psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); + target_policy = psa_key_policy_init(); + + /* Copy the key. */ + PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) ); + + /* Destroy the source to ensure that this doesn't affect the target. */ + PSA_ASSERT( psa_destroy_key( source_handle ) ); + + /* Test that the target slot has the expected content and policy. */ + PSA_ASSERT( psa_get_key_information( target_handle, + &target_type, &target_bits ) ); + TEST_EQUAL( source_type, target_type ); + TEST_EQUAL( source_bits, target_bits ); + PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); + TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) ); + TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) ); + if( expected_usage & PSA_KEY_USAGE_EXPORT ) + { + size_t length; + ASSERT_ALLOC( export_buffer, material->len ); + PSA_ASSERT( psa_export_key( target_handle, export_buffer, + material->len, &length ) ); + ASSERT_COMPARE( material->x, material->len, + export_buffer, length ); + } + if( ! exercise_key( target_handle, expected_usage, expected_alg ) ) + goto exit; + + PSA_ASSERT( psa_close_key( target_handle ) ); + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( export_buffer ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void copy_fail( int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int target_usage_arg, int target_alg_arg, + int constraint_usage_arg, int constraint_alg_arg, + int expected_status_arg ) +{ + /* Test copy failure into an empty slot. There is a test for copy failure + * into an occupied slot in + * test_suite_psa_crypto_slot_management.function. */ + + psa_key_usage_t source_usage = source_usage_arg; + psa_algorithm_t source_alg = source_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t source_type = type_arg; + size_t source_bits; + psa_key_usage_t target_usage = target_usage_arg; + psa_algorithm_t target_alg = target_alg_arg; + psa_key_handle_t target_handle = 0; + psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t target_type; + size_t target_bits; + psa_key_usage_t constraint_usage = constraint_usage_arg; + psa_algorithm_t constraint_alg = constraint_alg_arg; + psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; + psa_key_policy_t *p_constraint = NULL; + psa_status_t expected_status = expected_status_arg; + + if( constraint_usage_arg != -1 ) + { + p_constraint = &constraint; + psa_key_policy_set_usage( p_constraint, + constraint_usage, constraint_alg ); + } + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Populate the source slot. */ + PSA_ASSERT( psa_allocate_key( &source_handle ) ); + psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); + PSA_ASSERT( psa_import_key( source_handle, source_type, + material->x, material->len ) ); + PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + + /* Prepare the target slot. */ + PSA_ASSERT( psa_allocate_key( &target_handle ) ); + psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); + target_policy = psa_key_policy_init(); + + /* Copy the key. */ + TEST_EQUAL( psa_copy_key( source_handle, target_handle, p_constraint ), + expected_status ); + + /* Test that the target slot is unaffected. */ + TEST_EQUAL( psa_get_key_information( target_handle, + &target_type, &target_bits ), + PSA_ERROR_EMPTY_SLOT ); + PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); + TEST_EQUAL( target_usage, psa_key_policy_get_usage( &target_policy ) ); + TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &target_policy ) ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_operation_init( ) { diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 72957589a..c5456179e 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -66,16 +66,56 @@ depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED Copy volatile to volatile -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy volatile to persistent -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy persistent to volatile -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy persistent to persistent -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:-1:-1:PSA_KEY_USAGE_EXPORT:0 +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 + +Copy empty volatile to volatile +copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0 + +Copy empty volatile to persistent +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0 + +Copy empty persistent to volatile +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_from_empty:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0 + +Copy empty persistent to persistent +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_from_empty:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0 + +Copy volatile to occupied volatile +copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" + +Copy volatile to occupied persistent +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" + +Copy persistent to occupied volatile +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" + +Copy persistent to occupied persistent +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" + +Copy volatile to itself +copy_to_same:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" + +Copy persistent to itself +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +copy_to_same:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 8a6ef0783..0ebdb1e4b 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -299,7 +299,6 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, int type_arg, data_t *material, int target_lifetime_arg, int target_id_arg, int target_usage_arg, int target_alg_arg, - int constraint_usage_arg, int constraint_alg_arg, int expected_usage_arg, int expected_alg_arg ) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; @@ -318,20 +317,10 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; psa_key_type_t target_type; size_t target_bits; - psa_key_usage_t constraint_usage = constraint_usage_arg; - psa_algorithm_t constraint_alg = constraint_alg_arg; - psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; - psa_key_policy_t *p_constraint = NULL; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; uint8_t *export_buffer = NULL; - if( constraint_usage_arg != -1 ) - { - p_constraint = &constraint; - psa_key_policy_set_usage( p_constraint, - constraint_usage, constraint_alg ); - } TEST_MAX_KEY_ID( source_id ); TEST_MAX_KEY_ID( target_id ); @@ -360,7 +349,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) ); + PSA_ASSERT( psa_copy_key( source_handle, target_handle, NULL ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -378,11 +367,11 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, /* Test that the target slot has the expected content. */ PSA_ASSERT( psa_get_key_information( target_handle, &target_type, &target_bits ) ); - TEST_ASSERT( source_type == target_type ); - TEST_ASSERT( source_bits == target_bits ); + TEST_EQUAL( source_type, target_type ); + TEST_EQUAL( source_bits, target_bits ); PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); - TEST_ASSERT( expected_usage == psa_key_policy_get_usage( &target_policy ) ); - TEST_ASSERT( expected_alg == psa_key_policy_get_algorithm( &target_policy ) ); + TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) ); + TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; @@ -402,6 +391,223 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void copy_from_empty( int source_lifetime_arg, int source_id_arg, + int source_usage_arg, int source_alg_arg, + int target_lifetime_arg, int target_id_arg, + int target_usage_arg, int target_alg_arg ) +{ + psa_key_lifetime_t source_lifetime = source_lifetime_arg; + psa_key_id_t source_id = source_id_arg; + psa_key_usage_t source_usage = source_usage_arg; + psa_algorithm_t source_alg = source_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_lifetime_t target_lifetime = target_lifetime_arg; + psa_key_id_t target_id = target_id_arg; + psa_key_usage_t target_usage = target_usage_arg; + psa_algorithm_t target_alg = target_alg_arg; + psa_key_handle_t target_handle = 0; + psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; + psa_key_policy_t got_policy; + + TEST_MAX_KEY_ID( source_id ); + TEST_MAX_KEY_ID( target_id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Prepare the source slot. */ + if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &source_handle ) ); + else + PSA_ASSERT( psa_create_key( source_lifetime, source_id, + &source_handle ) ); + psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); + + /* Prepare the target slot. */ + if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &target_handle ) ); + else + PSA_ASSERT( psa_create_key( target_lifetime, target_id, + &target_handle ) ); + psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); + + /* Copy the key. */ + TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), + PSA_ERROR_EMPTY_SLOT ); + + /* Test that the slots are unaffected. */ + PSA_ASSERT( psa_get_key_policy( source_handle, &got_policy ) ); + TEST_EQUAL( source_usage, psa_key_policy_get_usage( &got_policy ) ); + TEST_EQUAL( source_alg, psa_key_policy_get_algorithm( &got_policy ) ); + PSA_ASSERT( psa_get_key_policy( target_handle, &got_policy ) ); + TEST_EQUAL( target_usage, psa_key_policy_get_usage( &got_policy ) ); + TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &got_policy ) ); + +exit: + mbedtls_psa_crypto_free( ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_purge_key_storage( ); +#endif +} +/* END_CASE */ + +/* BEGIN_CASE */ +void copy_to_occupied( int source_lifetime_arg, int source_id_arg, + int source_usage_arg, int source_alg_arg, + int source_type_arg, data_t *source_material, + int target_lifetime_arg, int target_id_arg, + int target_usage_arg, int target_alg_arg, + int target_type_arg, data_t *target_material ) +{ + psa_key_lifetime_t source_lifetime = source_lifetime_arg; + psa_key_id_t source_id = source_id_arg; + psa_key_usage_t source_usage = source_usage_arg; + psa_algorithm_t source_alg = source_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t source_type = source_type_arg; + size_t source_bits; + psa_key_lifetime_t target_lifetime = target_lifetime_arg; + psa_key_id_t target_id = target_id_arg; + psa_key_usage_t target_usage = target_usage_arg; + psa_algorithm_t target_alg = target_alg_arg; + psa_key_handle_t target_handle = 0; + psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; + psa_key_type_t target_type = target_type_arg; + size_t target_bits; + psa_key_policy_t got_policy; + psa_key_type_t got_type; + size_t got_bits; + uint8_t *export_buffer = NULL; + + TEST_MAX_KEY_ID( source_id ); + TEST_MAX_KEY_ID( target_id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Populate the source slot. */ + if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &source_handle ) ); + else + PSA_ASSERT( psa_create_key( source_lifetime, source_id, + &source_handle ) ); + psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); + PSA_ASSERT( psa_import_key( source_handle, source_type, + source_material->x, source_material->len ) ); + PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + + /* Populate the target slot. */ + if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &target_handle ) ); + else + PSA_ASSERT( psa_create_key( target_lifetime, target_id, + &target_handle ) ); + psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); + PSA_ASSERT( psa_import_key( target_handle, target_type, + target_material->x, target_material->len ) ); + PSA_ASSERT( psa_get_key_information( target_handle, NULL, &target_bits ) ); + + /* Copy the key. */ + TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), + PSA_ERROR_OCCUPIED_SLOT ); + + /* Test that the target slot is unaffected. */ + PSA_ASSERT( psa_get_key_information( target_handle, + &got_type, &got_bits ) ); + TEST_EQUAL( target_type, got_type ); + TEST_EQUAL( target_bits, got_bits ); + PSA_ASSERT( psa_get_key_policy( target_handle, &got_policy ) ); + TEST_EQUAL( target_usage, psa_key_policy_get_usage( &got_policy ) ); + TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &got_policy ) ); + if( target_usage & PSA_KEY_USAGE_EXPORT ) + { + size_t length; + ASSERT_ALLOC( export_buffer, target_material->len ); + PSA_ASSERT( psa_export_key( target_handle, export_buffer, + target_material->len, &length ) ); + ASSERT_COMPARE( target_material->x, target_material->len, + export_buffer, length ); + } + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( export_buffer ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_purge_key_storage( ); +#endif +} +/* END_CASE */ + +/* BEGIN_CASE */ +void copy_to_same( int lifetime_arg, int id_arg, + int usage_arg, int alg_arg, + int type_arg, data_t *material ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_id_t id = id_arg; + psa_key_usage_t usage = usage_arg; + psa_algorithm_t alg = alg_arg; + psa_key_handle_t handle = 0; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_type_t type = type_arg; + size_t bits; + psa_key_policy_t got_policy; + psa_key_type_t got_type; + size_t got_bits; + uint8_t *export_buffer = NULL; + + TEST_MAX_KEY_ID( id ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Populate the slot. */ + if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + PSA_ASSERT( psa_allocate_key( &handle ) ); + else + PSA_ASSERT( psa_create_key( lifetime, id, + &handle ) ); + psa_key_policy_set_usage( &policy, usage, alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, type, + material->x, material->len ) ); + PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) ); + + /* Copy the key. */ + TEST_EQUAL( psa_copy_key( handle, handle, NULL ), + PSA_ERROR_OCCUPIED_SLOT ); + + /* Test that the slot is unaffected. */ + PSA_ASSERT( psa_get_key_information( handle, + &got_type, &got_bits ) ); + TEST_EQUAL( type, got_type ); + TEST_EQUAL( bits, got_bits ); + PSA_ASSERT( psa_get_key_policy( handle, &got_policy ) ); + TEST_EQUAL( usage, psa_key_policy_get_usage( &got_policy ) ); + TEST_EQUAL( alg, psa_key_policy_get_algorithm( &got_policy ) ); + if( usage & PSA_KEY_USAGE_EXPORT ) + { + size_t length; + ASSERT_ALLOC( export_buffer, material->len ); + PSA_ASSERT( psa_export_key( handle, export_buffer, + material->len, &length ) ); + ASSERT_COMPARE( material->x, material->len, + export_buffer, length ); + } + +exit: + mbedtls_psa_crypto_free( ); + mbedtls_free( export_buffer ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + psa_purge_key_storage( ); +#endif +} +/* END_CASE */ + /* BEGIN_CASE */ void invalid_handle( ) { From 8c1247fec9734db2a636157b4a29b1b84774848b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Jan 2019 13:59:29 +0100 Subject: [PATCH 0984/2197] Add psa_copy_key tests with policy constraints Test a few cases. The logic to combine the constraint is similar to the logic to combine the source and target, so it's ok to have less parameter domain coverage for constraints. --- tests/suites/test_suite_psa_crypto.data | 36 +++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2cde60a19..29674c9fd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -511,6 +511,26 @@ Copy key: AES, intersect usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +Copy key: AES, source=target, constraint with same usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR + +Copy key: AES, source=target, constraint with fewer usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, source=target, constraint with more usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, source=target, constraint with different usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, permissive target, restrictive constraint +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) @@ -539,6 +559,14 @@ Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +Copy key: RSA key pair, wildcard in constraint +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +Copy key: RSA key pair, wildcard, restrictive constraint +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:-1:-1:PSA_ERROR_INVALID_ARGUMENT @@ -555,6 +583,14 @@ Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT +Copy fail: RSA, incompatible constraint (wildcard on different base) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +Copy fail: RSA, incompatible constraint +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT From 6b156df1ba040f27809f3ec6b78fb200e9ff7a76 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Jan 2019 15:43:19 +0100 Subject: [PATCH 0985/2197] Don't consider RIPEMD160 a PSA_ALG_ANY_HASH candidate Some parts of the library don't support it, such as RSA PKCS#1v1.5 signature. --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 87ad1ff61..8ca7dcd10 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -293,8 +293,8 @@ static int exercise_signature_key( psa_key_handle_t handle, hash_alg = PSA_ALG_MD4; #elif defined(MBEDTLS_MD5_C) hash_alg = PSA_ALG_MD5; -#elif defined(MBEDTLS_RIPEMD160_C) - hash_alg = PSA_ALG_RIPEMD160; + /* MBEDTLS_RIPEMD160_C omitted because Mbed TLS doesn't + * support it in RSA PKCS#1v1.5 signatures. */ #elif defined(MBEDTLS_SHA1_C) hash_alg = PSA_ALG_SHA_1; #elif defined(MBEDTLS_SHA256_C) From d288494c3a7472e27b0df73e36992b0d4d28cd1a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 29 Jan 2019 08:21:24 +0000 Subject: [PATCH 0986/2197] Fix outdated comment in ecdsa_verify_wrap() --- library/pk_wrap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 332696dfd..57a392536 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -563,8 +563,8 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( curve == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - /* mbedlts_pk_write_pubkey_der() expects a full PK context, - * re-construct one to make it happy */ + /* mbedtls_pk_write_pubkey() expects a full PK context; + * re-construct one to make it happy. */ key.pk_info = &pk_info; key.pk_ctx = ctx; p = buf + sizeof( buf ); From 567840e3352a17958d43f551b196421cafa3a787 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Sep 2018 18:27:53 +0200 Subject: [PATCH 0987/2197] Support multiple values on the command line --- programs/psa/psa_constant_names.c | 81 +++++++++++++++++++++---------- 1 file changed, 56 insertions(+), 25 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index dd19677c4..f551e5aea 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -138,7 +138,7 @@ static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, static void usage(const char *program_name) { - printf("Usage: %s TYPE VALUE\n", + printf("Usage: %s TYPE VALUE [VALUE...]\n", program_name == NULL ? "psa_constant_names" : program_name); printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n"); printf("Supported types (with = between aliases):\n"); @@ -149,11 +149,18 @@ static void usage(const char *program_name) printf(" error=status Status code (psa_status_t)\n"); } +typedef enum { + TYPE_STATUS, + TYPE_ALGORITHM, + TYPE_ECC_CURVE, + TYPE_KEY_TYPE, + TYPE_KEY_USAGE, +} value_type; + int main(int argc, char *argv[]) { - char buffer[200]; - unsigned long value; - char *end; + value_type type; + int i; if (argc <= 1 || !strcmp(argv[1], "help") || @@ -162,31 +169,55 @@ int main(int argc, char *argv[]) usage(argv[0]); return EXIT_FAILURE; } - if (argc != 3) { - usage(argv[0]); - return EXIT_FAILURE; - } - value = strtoul(argv[2], &end, 0); - if (*end) { - printf("Non-numeric value: %s\n", argv[2]); - return EXIT_FAILURE; - } - if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) - psa_snprint_status(buffer, sizeof(buffer), (psa_status_t) value); - else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) - psa_snprint_algorithm(buffer, sizeof(buffer), (psa_algorithm_t) value); - else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) - psa_snprint_ecc_curve(buffer, sizeof(buffer), (psa_ecc_curve_t) value); - else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) - psa_snprint_key_type(buffer, sizeof(buffer), (psa_key_type_t) value); - else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) - psa_snprint_key_usage(buffer, sizeof(buffer), (psa_key_usage_t) value); - else { + if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) { + type = TYPE_STATUS; + } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) { + type = TYPE_ALGORITHM; + } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) { + type = TYPE_ECC_CURVE; + } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { + type = TYPE_KEY_TYPE; + } else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) { + type = TYPE_KEY_USAGE; + } else { printf("Unknown type: %s\n", argv[1]); return EXIT_FAILURE; } - puts(buffer); + for (i = 2; i < argc; i++) { + char buffer[200]; + char *end; + unsigned long value = strtoul(argv[i], &end, 0); + if (*end) { + printf("Non-numeric value: %s\n", argv[i]); + return EXIT_FAILURE; + } + + switch (type) { + case TYPE_STATUS: + psa_snprint_status(buffer, sizeof(buffer), + (psa_status_t) value); + break; + case TYPE_ALGORITHM: + psa_snprint_algorithm(buffer, sizeof(buffer), + (psa_algorithm_t) value); + break; + case TYPE_ECC_CURVE: + psa_snprint_ecc_curve(buffer, sizeof(buffer), + (psa_ecc_curve_t) value); + break; + case TYPE_KEY_TYPE: + psa_snprint_key_type(buffer, sizeof(buffer), + (psa_key_type_t) value); + break; + case TYPE_KEY_USAGE: + psa_snprint_key_usage(buffer, sizeof(buffer), + (psa_key_usage_t) value); + break; + } + puts(buffer); + } + return EXIT_SUCCESS; } From 2482702d15f60982a44f3cea664db78bd4d90c67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Sep 2018 18:49:23 +0200 Subject: [PATCH 0988/2197] Test program for psa_constant_names Test psa_constant_names on many inputs. For each input, find out the numerical value by compiling and running a C program, pass the numerical value to psa_constant_names and compare the output with the original input. Gather inputs by parsing psa/crypto.h and test_suite_psa_crypto_metadata.data. For macros that take an argument, list some possible arguments using the parsed data. --- tests/scripts/test_psa_constant_names.py | 241 +++++++++++++++++++++++ 1 file changed, 241 insertions(+) create mode 100755 tests/scripts/test_psa_constant_names.py diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py new file mode 100755 index 000000000..59292428f --- /dev/null +++ b/tests/scripts/test_psa_constant_names.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python3 +'''Test the program psa_constant_names. +Gather constant names from header files and test cases. Compile a C program +to print out their numerical values, feed these numerical values to +psa_constant_names, and check that the output is the original name. +Return 0 if all test cases pass, 1 if the output was not always as expected, +or 1 (with a Python backtrace) if there was an operational error.''' + +import argparse +import itertools +import os +import platform +import re +import subprocess +import sys +import tempfile + +class Inputs: + '''Accumulate information about macros to test. +This includes macro names as well as information about their arguments +when applicable.''' + def __init__(self): + # Sets of names per type + self.statuses = set(['PSA_SUCCESS']) + self.algorithms = set(['0xffffffff']) + self.ecc_curves = set(['0xffff']) + self.key_types = set(['0xffffffff']) + self.key_usage_flags = set(['0x80000000']) + # Hard-coded value for an unknown hash algorithm + self.hash_algorithms = set(['0x010000ff']) + # Identifier prefixes + self.table_by_prefix = { + 'ERROR': self.statuses, + 'ALG': self.algorithms, + 'CURVE': self.ecc_curves, + 'KEY_TYPE': self.key_types, + 'KEY_USAGE': self.key_usage_flags, + } + # macro name -> list of argument names + self.argspecs = {} + # argument name -> list of values + self.arguments_for = {} + + def gather_arguments(self): + '''Populate the list of values for macro arguments. +Call this after parsing all the inputs.''' + self.arguments_for['hash_alg'] = sorted(self.hash_algorithms) + self.arguments_for['curve'] = sorted(self.ecc_curves) + + def format_arguments(self, name, arguments): + '''Format a macro call with arguments..''' + return name + '(' + ', '.join(arguments) + ')' + + def distribute_arguments(self, name): + '''Generate macro calls with each tested argument set. +If name is a macro without arguments, just yield "name". +If name is a macro with arguments, yield a series of "name(arg1,...,argN)" +where each argument takes each possible value at least once.''' + if name not in self.argspecs: + yield name + return + argspec = self.argspecs[name] + if argspec == []: + yield name + '()' + return + argument_lists = [self.arguments_for[arg] for arg in argspec] + arguments = [values[0] for values in argument_lists] + yield self.format_arguments(name, arguments) + for i in range(len(arguments)): + for value in argument_lists[i][1:]: + arguments[i] = value + yield self.format_arguments(name, arguments) + arguments[i] = argument_lists[0] + + # Regex for interesting header lines. + # Groups: 1=macro name, 2=type, 3=argument list (optional). + header_line_re = \ + re.compile(r'#define +' + + r'(PSA_((?:KEY_)?[A-Z]+)_\w+)' + + r'(?:\(([^\n()]*)\))?') + # Regex of macro names to exclude. + excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') + argument_split_re = re.compile(r' *, *') + def parse_header_line(self, line): + '''Parse a C header line, looking for "#define PSA_xxx".''' + m = re.match(self.header_line_re, line) + if not m: + return + name = m.group(1) + if re.search(self.excluded_name_re, name): + return + dest = self.table_by_prefix.get(m.group(2)) + if dest is None: + return + dest.add(name) + if m.group(3): + self.argspecs[name] = re.split(self.argument_split_re, m.group(3)) + + def parse_header(self, filename): + '''Parse a C header file, looking for "#define PSA_xxx".''' + with open(filename, 'r') as input: + for line in input: + self.parse_header_line(line) + + def add_test_case_line(self, function, argument): + '''Parse a test case data line, looking for algorithm metadata tests.''' + if function.endswith('_algorithm'): + self.algorithms.add(argument) + if function == 'hash_algorithm': + self.hash_algorithms.add(argument) + elif function == 'key_type': + self.key_types.add(argument) + elif function == 'ecc_key_types': + self.ecc_curves.add(argument) + + # Regex matching a *.data line containing a test function call and + # its arguments. The actual definition is partly positional, but this + # regex is good enough in practice. + test_case_line_re = re.compile('(?!depends_on:)(\w+):([^\n :][^:\n]*)') + def parse_test_cases(self, filename): + '''Parse a test case file (*.data), looking for algorithm metadata tests.''' + with open(filename, 'r') as input: + for line in input: + m = re.match(self.test_case_line_re, line) + if m: + self.add_test_case_line(m.group(1), m.group(2)) + +def gather_inputs(headers, test_suites): + '''Read the list of inputs to test psa_constant_names with.''' + inputs = Inputs() + for header in headers: + inputs.parse_header(header) + for test_cases in test_suites: + inputs.parse_test_cases(test_cases) + inputs.gather_arguments() + return inputs + +def remove_file_if_exists(filename): + '''Remove the specified file, ignoring errors.''' + if not filename: + return + try: + os.remove(filename) + except: + pass + +def run_c(options, names): + '''Generate and run a program to print out numerical values for names.''' + c_name = None + exe_name = None + try: + c_fd, c_name = tempfile.mkstemp(suffix='.c', + dir='programs/psa') + exe_suffix = '.exe' if platform.system() == 'Windows' else '' + exe_name = c_name[:-2] + exe_suffix + remove_file_if_exists(exe_name) + c_file = os.fdopen(c_fd, 'w', encoding='ascii') + c_file.write('''/* Generated by test_psa_constant_names.py */ +#include +#include +int main(void) +{ +''') + for name in names: + c_file.write(' printf("0x%08x\\n", {});\n'.format(name)) + c_file.write(''' return 0; +} +''') + c_file.close() + cc = os.getenv('CC', 'cc') + subprocess.check_call([cc] + + ['-I' + dir for dir in options.include] + + ['-o', exe_name, c_name]) + os.remove(c_name) + output = subprocess.check_output([exe_name]) + return output.decode('ascii').strip().split('\n') + finally: + remove_file_if_exists(exe_name) + +normalize_strip_re = re.compile(r'\s+') +def normalize(expr): + '''Normalize the C expression so as not to care about trivial differences. +Currently "trivial differences" means whitespace.''' + expr = re.sub(normalize_strip_re, '', expr, len(expr)) + return expr.strip().split('\n') + +def do_test(options, inputs, type, names): + '''Test psa_constant_names for the specified type. +Run program on names. +Use inputs to figure out what arguments to pass to macros that take arguments.''' + names = sorted(itertools.chain(*map(inputs.distribute_arguments, names))) + values = run_c(options, names) + output = subprocess.check_output([options.program, type] + values) + outputs = output.decode('ascii').strip().split('\n') + errors = [(type, name, value, output) + for (name, value, output) in zip(names, values, outputs) + if normalize(name) != normalize(output)] + return len(names), errors + +def report_errors(errors): + '''Describe each case where the output is not as expected.''' + for type, name, value, output in errors: + print('For {} "{}", got "{}" (value: {})' + .format(type, name, output, value)) + +def run_tests(options, inputs): + '''Run psa_constant_names on all the gathered inputs. +Return a tuple (count, errors) where count is the total number of inputs +that were tested and errors is the list of cases where the output was +not as expected.''' + count = 0 + errors = [] + for type, names in [('status', inputs.statuses), + ('algorithm', inputs.algorithms), + ('ecc_curve', inputs.ecc_curves), + ('key_type', inputs.key_types), + ('key_usage', inputs.key_usage_flags)]: + c, e = do_test(options, inputs, type, names) + count += c + errors += e + return count, errors + +if __name__ == '__main__': + parser = argparse.ArgumentParser(description=globals()['__doc__']) + parser.add_argument('--include', '-I', + action='append', default=['include'], + help='Directory for header files') + parser.add_argument('--program', + default='programs/psa/psa_constant_names', + help='Program to test') + options = parser.parse_args() + headers = [os.path.join(options.include[0], 'psa/crypto.h')] + test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] + inputs = gather_inputs(headers, test_suites) + count, errors = run_tests(options, inputs) + report_errors(errors) + if errors == []: + print('{} test cases PASS'.format(count)) + else: + print('{} test cases, {} FAIL'.format(count, len(errors))) + exit(1) From 377c6832a29178b1cf261a2efc2566e6f490b7a9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Sep 2018 19:31:45 +0200 Subject: [PATCH 0989/2197] Test psa_constant_names in all.sh --- tests/scripts/all.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 11d10a367..84e449010 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -604,6 +604,15 @@ component_test_default_cmake_gcc_asan () { if_build_succeeded tests/compat.sh } +component_test_psa_constant_names () { + msg "build: cmake, gcc, ASan" # ~ 1 min 50s + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test psa_constant_names" # ~ 1s + record_status tests/scripts/test_psa_constant_names.py +} + component_test_ref_configs () { msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . From a0a315c8157e98e075660a5c82f05cdb9e8f3409 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Oct 2018 11:27:10 +0200 Subject: [PATCH 0990/2197] Add location information to input processing exceptions If parsing fails, report the input file name and line number. If distribute_arguments fails, report for what name. --- tests/scripts/test_psa_constant_names.py | 75 ++++++++++++++++++------ 1 file changed, 56 insertions(+), 19 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 59292428f..6891ecc92 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -15,6 +15,40 @@ import subprocess import sys import tempfile +class ReadFileLineException(Exception): + def __init__(self, filename, line_number): + message = 'in {} at {}'.format(filename, line_number) + super(ReadFileLineException, self).__init__(message) + self.filename = filename + self.line_number = line_number + +class read_file_lines: + '''Context manager to read a text file line by line. +with read_file_lines(filename) as lines: + for line in lines: + process(line) +is equivalent to +with open(filename, 'r') as input_file: + for line in input_file: + process(line) +except that if process(line) raises an exception, then the read_file_lines +snippet annotates the exception with the file name and line number.''' + def __init__(self, filename): + self.filename = filename + self.line_number = 'entry' + def __enter__(self): + self.generator = enumerate(open(self.filename, 'r')) + return self + def __iter__(self): + for line_number, content in self.generator: + self.line_number = line_number + yield content + self.line_number = 'exit' + def __exit__(self, type, value, traceback): + if type is not None: + raise ReadFileLineException(self.filename, self.line_number) \ + from value + class Inputs: '''Accumulate information about macros to test. This includes macro names as well as information about their arguments @@ -56,21 +90,24 @@ Call this after parsing all the inputs.''' If name is a macro without arguments, just yield "name". If name is a macro with arguments, yield a series of "name(arg1,...,argN)" where each argument takes each possible value at least once.''' - if name not in self.argspecs: - yield name - return - argspec = self.argspecs[name] - if argspec == []: - yield name + '()' - return - argument_lists = [self.arguments_for[arg] for arg in argspec] - arguments = [values[0] for values in argument_lists] - yield self.format_arguments(name, arguments) - for i in range(len(arguments)): - for value in argument_lists[i][1:]: - arguments[i] = value - yield self.format_arguments(name, arguments) - arguments[i] = argument_lists[0] + try: + if name not in self.argspecs: + yield name + return + argspec = self.argspecs[name] + if argspec == []: + yield name + '()' + return + argument_lists = [self.arguments_for[arg] for arg in argspec] + arguments = [values[0] for values in argument_lists] + yield self.format_arguments(name, arguments) + for i in range(len(arguments)): + for value in argument_lists[i][1:]: + arguments[i] = value + yield self.format_arguments(name, arguments) + arguments[i] = argument_lists[0] + except BaseException as e: + raise Exception('distribute_arguments({})'.format(name)) from e # Regex for interesting header lines. # Groups: 1=macro name, 2=type, 3=argument list (optional). @@ -98,8 +135,8 @@ where each argument takes each possible value at least once.''' def parse_header(self, filename): '''Parse a C header file, looking for "#define PSA_xxx".''' - with open(filename, 'r') as input: - for line in input: + with read_file_lines(filename) as lines: + for line in lines: self.parse_header_line(line) def add_test_case_line(self, function, argument): @@ -119,8 +156,8 @@ where each argument takes each possible value at least once.''' test_case_line_re = re.compile('(?!depends_on:)(\w+):([^\n :][^:\n]*)') def parse_test_cases(self, filename): '''Parse a test case file (*.data), looking for algorithm metadata tests.''' - with open(filename, 'r') as input: - for line in input: + with read_file_lines(filename) as lines: + for line in lines: m = re.match(self.test_case_line_re, line) if m: self.add_test_case_line(m.group(1), m.group(2)) From cf9c18e6961ceebd2b5f61a15b705ff0abdb66dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Oct 2018 11:28:42 +0200 Subject: [PATCH 0991/2197] Add option to keep the temporary C files Useful for debugging and for reviewing what test cases are generated. --- tests/scripts/test_psa_constant_names.py | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 6891ecc92..20212936d 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -181,7 +181,7 @@ def remove_file_if_exists(filename): except: pass -def run_c(options, names): +def run_c(options, type, names): '''Generate and run a program to print out numerical values for names.''' c_name = None exe_name = None @@ -208,7 +208,11 @@ int main(void) subprocess.check_call([cc] + ['-I' + dir for dir in options.include] + ['-o', exe_name, c_name]) - os.remove(c_name) + if options.keep_c: + sys.stderr.write('List of {} tests kept at {}\n' + .format(type, c_name)) + else: + os.remove(c_name) output = subprocess.check_output([exe_name]) return output.decode('ascii').strip().split('\n') finally: @@ -226,7 +230,7 @@ def do_test(options, inputs, type, names): Run program on names. Use inputs to figure out what arguments to pass to macros that take arguments.''' names = sorted(itertools.chain(*map(inputs.distribute_arguments, names))) - values = run_c(options, names) + values = run_c(options, type, names) output = subprocess.check_output([options.program, type] + values) outputs = output.decode('ascii').strip().split('\n') errors = [(type, name, value, output) @@ -265,6 +269,12 @@ if __name__ == '__main__': parser.add_argument('--program', default='programs/psa/psa_constant_names', help='Program to test') + parser.add_argument('--keep-c', + action='store_true', dest='keep_c', default=False, + help='Keep the intermediate C file') + parser.add_argument('--no-keep-c', + action='store_false', dest='keep_c', + help='Don\'t keep the intermediate C file (default)') options = parser.parse_args() headers = [os.path.join(options.include[0], 'psa/crypto.h')] test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] From f96ed6615c9f51c2b55320ebf02fa145e55b70f2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Oct 2018 11:29:56 +0200 Subject: [PATCH 0992/2197] Fix bug in distribute_arguments for multi-argument macros --- tests/scripts/test_psa_constant_names.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 20212936d..9c674e5da 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -105,7 +105,7 @@ where each argument takes each possible value at least once.''' for value in argument_lists[i][1:]: arguments[i] = value yield self.format_arguments(name, arguments) - arguments[i] = argument_lists[0] + arguments[i] = argument_lists[0][0] except BaseException as e: raise Exception('distribute_arguments({})'.format(name)) from e From 434899fccde3f24fad0e17b0c4f0d3c71e6e3fe7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Oct 2018 11:30:26 +0200 Subject: [PATCH 0993/2197] Test truncated MAC and AEAD algorithms For MAC and AEAD algorithms, test the algorithm truncated to certain lengths (1 and 63 bytes). --- include/psa/crypto_values.h | 42 ++++++++++++------------ tests/scripts/test_psa_constant_names.py | 18 ++++++++-- 2 files changed, 37 insertions(+), 23 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index acf856dd1..2ae72e063 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -766,7 +766,7 @@ * algorithm is considered identical to the untruncated algorithm * for policy comparison purposes. * - * \param alg A MAC algorithm identifier (value of type + * \param mac_alg A MAC algorithm identifier (value of type * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) * is true). This may be a truncated or untruncated * MAC algorithm. @@ -782,14 +782,14 @@ * MAC algorithm or if \p mac_length is too small or * too large for the specified MAC algorithm. */ -#define PSA_ALG_TRUNCATED_MAC(alg, mac_length) \ - (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ +#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ + (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \ ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK)) /** Macro to build the base MAC algorithm corresponding to a truncated * MAC algorithm. * - * \param alg A MAC algorithm identifier (value of type + * \param mac_alg A MAC algorithm identifier (value of type * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) * is true). This may be a truncated or untruncated * MAC algorithm. @@ -798,12 +798,12 @@ * \return Unspecified if \p alg is not a supported * MAC algorithm. */ -#define PSA_ALG_FULL_LENGTH_MAC(alg) \ - ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) +#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \ + ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) /** Length to which a MAC algorithm is truncated. * - * \param alg A MAC algorithm identifier (value of type + * \param mac_alg A MAC algorithm identifier (value of type * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg) * is true). * @@ -812,8 +812,8 @@ * \return Unspecified if \p alg is not a supported * MAC algorithm. */ -#define PSA_MAC_TRUNCATED_LENGTH(alg) \ - (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) +#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \ + (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) @@ -910,7 +910,7 @@ * Depending on the algorithm, the tag length may affect the calculation * of the ciphertext. * - * \param alg A AEAD algorithm identifier (value of type + * \param aead_alg An AEAD algorithm identifier (value of type * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg) * is true). * \param tag_length Desired length of the authentication tag in bytes. @@ -921,26 +921,26 @@ * AEAD algorithm or if \p tag_length is not valid * for the specified AEAD algorithm. */ -#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length) \ - (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \ ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ PSA_ALG_AEAD_TAG_LENGTH_MASK)) /** Calculate the corresponding AEAD algorithm with the default tag length. * - * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). * - * \return The corresponding AEAD algorithm with the default tag length - * for that algorithm. + * \return The corresponding AEAD algorithm with the default + * tag length for that algorithm. */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) \ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ ( \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM) \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM) \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CCM) \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_GCM) \ 0) -#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \ +#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, ref) \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ ref : diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 9c674e5da..15884f6fe 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -60,8 +60,13 @@ when applicable.''' self.ecc_curves = set(['0xffff']) self.key_types = set(['0xffffffff']) self.key_usage_flags = set(['0x80000000']) - # Hard-coded value for an unknown hash algorithm + # Hard-coded value for unknown algorithms self.hash_algorithms = set(['0x010000ff']) + self.mac_algorithms = set(['0x02ff00ff']) + # For AEAD algorithms, the only variability is over the tag length, + # and this only applies to known algorithms, so don't test an + # unknown algorithm. + self.aead_algorithms = set() # Identifier prefixes self.table_by_prefix = { 'ERROR': self.statuses, @@ -73,12 +78,17 @@ when applicable.''' # macro name -> list of argument names self.argspecs = {} # argument name -> list of values - self.arguments_for = {} + self.arguments_for = { + 'mac_length': ['1', '63'], + 'tag_length': ['1', '63'], + } def gather_arguments(self): '''Populate the list of values for macro arguments. Call this after parsing all the inputs.''' self.arguments_for['hash_alg'] = sorted(self.hash_algorithms) + self.arguments_for['mac_alg'] = sorted(self.mac_algorithms) + self.arguments_for['aead_alg'] = sorted(self.aead_algorithms) self.arguments_for['curve'] = sorted(self.ecc_curves) def format_arguments(self, name, arguments): @@ -145,6 +155,10 @@ where each argument takes each possible value at least once.''' self.algorithms.add(argument) if function == 'hash_algorithm': self.hash_algorithms.add(argument) + elif function in ['mac_algorithm', 'hmac_algorithm']: + self.mac_algorithms.add(argument) + elif function == 'aead_algorithm': + self.aead_algorithms.add(argument) elif function == 'key_type': self.key_types.add(argument) elif function == 'ecc_key_types': From c68ce9637a1886a5dc7538c93c36c5d15325892d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Oct 2018 11:31:52 +0200 Subject: [PATCH 0994/2197] Exclude full-length-algorithm macros from testing Calls to PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH and PSA_ALG_FULL_LENGTH_MAC are not in canonical form, so exclude them from the list of constructor macros to test. --- tests/scripts/test_psa_constant_names.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 15884f6fe..0201755df 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -127,6 +127,9 @@ where each argument takes each possible value at least once.''' r'(?:\(([^\n()]*)\))?') # Regex of macro names to exclude. excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') + # Additional excluded macros. + excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', + 'PSA_ALG_FULL_LENGTH_MAC']) argument_split_re = re.compile(r' *, *') def parse_header_line(self, line): '''Parse a C header line, looking for "#define PSA_xxx".''' @@ -134,7 +137,8 @@ where each argument takes each possible value at least once.''' if not m: return name = m.group(1) - if re.search(self.excluded_name_re, name): + if re.search(self.excluded_name_re, name) or \ + name in self.excluded_names: return dest = self.table_by_prefix.get(m.group(2)) if dest is None: From 182c2e98365c20c5e0e8bca3180ec74d26d1d17f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Oct 2018 11:33:51 +0200 Subject: [PATCH 0995/2197] psa_constant_names: fix display for truncated unknown MAC/AEAD algorithm --- scripts/generate_psa_constants.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 3e4e88b77..bcda282ce 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -62,7 +62,10 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } } else if (PSA_ALG_IS_AEAD(alg)) { core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg); - if (core_alg != alg) { + if (core_alg == 0) { + /* For unkonwn AEAD algorithms, there is no "default tag length". */ + core_alg = alg; + } else if (core_alg != alg) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29); length_modifier = PSA_AEAD_TAG_LENGTH(alg); @@ -73,7 +76,7 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, default: %(algorithm_code)s{ append_integer(&buffer, buffer_size, &required_size, - "0x%%08lx", (unsigned long) alg); + "0x%%08lx", (unsigned long) core_alg); } break; } From 265a171c52852686a56571969de82304c127ee7a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Oct 2018 14:52:28 +0100 Subject: [PATCH 0996/2197] Error out if a value is out of range psa_status_t is currently a signed type where only non-negative values are used, which makes things a bit awkward. For now, non-negative values trigger an error. This code will need to be revised if we switch to using negative values as error codes. --- programs/psa/psa_constant_names.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index f551e5aea..cc98a9535 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -160,6 +160,7 @@ typedef enum { int main(int argc, char *argv[]) { value_type type; + unsigned long max; int i; if (argc <= 1 || @@ -172,14 +173,19 @@ int main(int argc, char *argv[]) if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) { type = TYPE_STATUS; + max = 0x7fffffff; /* hard-coded because psa_status_t is signed */ } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) { type = TYPE_ALGORITHM; + max = (psa_algorithm_t)( -1 ); } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) { type = TYPE_ECC_CURVE; + max = (psa_ecc_curve_t)( -1 ); } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { type = TYPE_KEY_TYPE; + max = (psa_key_type_t)( -1 ); } else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) { type = TYPE_KEY_USAGE; + max = (psa_key_usage_t)( -1 ); } else { printf("Unknown type: %s\n", argv[1]); return EXIT_FAILURE; @@ -193,6 +199,10 @@ int main(int argc, char *argv[]) printf("Non-numeric value: %s\n", argv[i]); return EXIT_FAILURE; } + if (value > max) { + printf("Value out of range: %s\n", argv[i]); + return EXIT_FAILURE; + } switch (type) { case TYPE_STATUS: From 451e24c1d8c865999e0cb85306da69103686e959 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jan 2019 17:24:41 +0100 Subject: [PATCH 0997/2197] Fix out-of-tree builds that use the PSA crypto API headers --- include/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 67c66c8c6..462127176 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -18,4 +18,5 @@ endif(INSTALL_MBEDTLS_HEADERS) # Make config.h available in an out-of-source build. ssl-opt.sh requires it. if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) link_to_source(mbedtls) + link_to_source(psa) endif() From 738f017c12b4c86a75e0752064340a7afc7914a9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jan 2019 17:25:16 +0100 Subject: [PATCH 0998/2197] Fix the build of key_ladder_demo under Clang Clang -Wall -Wincompatible-pointer-types-discards-qualifiers said: thou shalt not put a string literal in a non-const char*. --- programs/psa/key_ladder_demo.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 45a9b6fe3..26fabb52c 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -620,9 +620,9 @@ static void usage( void ) int main( int argc, char *argv[] ) { - char *key_file_name = "master.key"; - char *input_file_name = NULL; - char *output_file_name = NULL; + const char *key_file_name = "master.key"; + const char *input_file_name = NULL; + const char *output_file_name = NULL; const char *ladder[MAX_LADDER_DEPTH]; size_t ladder_depth = 0; int i; From f31dbb7bf1c3bd6f1611d289614732976f3d65f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jan 2019 17:28:46 +0100 Subject: [PATCH 0999/2197] CMake: build and install key_ladder_demo --- programs/psa/CMakeLists.txt | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index a0fe803d7..b3eedb63a 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -1,7 +1,15 @@ add_executable(crypto_examples crypto_examples.c) target_link_libraries(crypto_examples mbedtls) -install(TARGETS crypto_examples +add_executable(key_ladder_demo key_ladder_demo.c) +target_link_libraries(key_ladder_demo mbedtls) + +install(TARGETS + crypto_examples + key_ladder_demo DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) +install(PROGRAMS + key_ladder_demo.sh + DESTINATION "bin") From 6a78573088635bc3310f25915ce638bf440dc7e7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Jan 2019 17:29:04 +0100 Subject: [PATCH 1000/2197] CMake: psa_constant_names and test_psa_constant_names Build and install psa_constant_names. Make sure that test_psa_constant_names passes in an out-of-tree build. --- programs/psa/CMakeLists.txt | 4 ++++ tests/CMakeLists.txt | 1 + 2 files changed, 5 insertions(+) diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index b3eedb63a..37038c0de 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -4,9 +4,13 @@ target_link_libraries(crypto_examples mbedtls) add_executable(key_ladder_demo key_ladder_demo.c) target_link_libraries(key_ladder_demo mbedtls) +add_executable(psa_constant_names psa_constant_names.c) +target_link_libraries(psa_constant_names mbedtls) + install(TARGETS crypto_examples key_ladder_demo + psa_constant_names DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 21cdfaba2..271ae2fb2 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -134,4 +134,5 @@ if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) link_to_source(data_files) link_to_source(scripts) link_to_source(ssl-opt.sh) + link_to_source(suites) endif() From 6d194bd92b76e1726ea9cebed78a727fa0689961 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Jan 2019 19:44:59 +0100 Subject: [PATCH 1001/2197] Read constant names from crypto_extra.h as well as crypto_values.h test_psa_constant_names.py was originally written before the split of crypto.h into crypto_values.h and more, so it now needs to read crypto_values.h as well. In both generate_psa_constants.py and test_psa_constant_names.py, read crypto_extra.h as well. We don't currently define any value there, but it's plausible that we will one day. --- scripts/generate_psa_constants.py | 10 ++++++---- tests/scripts/test_psa_constant_names.py | 3 ++- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index bcda282ce..f32339fa5 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -276,10 +276,11 @@ class MacroCollector: data['key_usage_code'] = self.make_key_usage_code() output_file.write(output_template % data) -def generate_psa_constants(header_file_name, output_file_name): +def generate_psa_constants(header_file_names, output_file_name): collector = MacroCollector() - with open(header_file_name) as header_file: - collector.read_file(header_file) + for header_file_name in header_file_names: + with open(header_file_name) as header_file: + collector.read_file(header_file) temp_file_name = output_file_name + '.tmp' with open(temp_file_name, 'w') as output_file: collector.write_file(output_file) @@ -288,5 +289,6 @@ def generate_psa_constants(header_file_name, output_file_name): if __name__ == '__main__': if not os.path.isdir('programs') and os.path.isdir('../programs'): os.chdir('..') - generate_psa_constants('include/psa/crypto_values.h', + generate_psa_constants(['include/psa/crypto_values.h', + 'include/psa/crypto_extra.h'], 'programs/psa/psa_constant_names_generated.c') diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 0201755df..d8f00050f 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -294,7 +294,8 @@ if __name__ == '__main__': action='store_false', dest='keep_c', help='Don\'t keep the intermediate C file (default)') options = parser.parse_args() - headers = [os.path.join(options.include[0], 'psa/crypto.h')] + headers = [os.path.join(options.include[0], 'psa', h) + for h in ['crypto.h', 'crypto_extra.h', 'crypto_values.h']] test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] inputs = gather_inputs(headers, test_suites) count, errors = run_tests(options, inputs) From 17542086ab26a4639f82568c1671e427c4c65f53 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Jan 2019 19:46:31 +0100 Subject: [PATCH 1002/2197] Recognize kdf_alg as KDF algorithm parameter name --- tests/scripts/test_psa_constant_names.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index d8f00050f..de0d0146d 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -63,6 +63,7 @@ when applicable.''' # Hard-coded value for unknown algorithms self.hash_algorithms = set(['0x010000ff']) self.mac_algorithms = set(['0x02ff00ff']) + self.kdf_algorithms = set(['0x300000ff', '0x310000ff']) # For AEAD algorithms, the only variability is over the tag length, # and this only applies to known algorithms, so don't test an # unknown algorithm. @@ -88,6 +89,7 @@ when applicable.''' Call this after parsing all the inputs.''' self.arguments_for['hash_alg'] = sorted(self.hash_algorithms) self.arguments_for['mac_alg'] = sorted(self.mac_algorithms) + self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms) self.arguments_for['aead_alg'] = sorted(self.aead_algorithms) self.arguments_for['curve'] = sorted(self.ecc_curves) From 95ab71a19ad94697db9852ae20c42e5e2cf7afe1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Jan 2019 19:46:59 +0100 Subject: [PATCH 1003/2197] test_psa_constant_names: make tmp files easier to recognize --- tests/scripts/test_psa_constant_names.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index de0d0146d..7f7076c4c 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -206,13 +206,16 @@ def run_c(options, type, names): c_name = None exe_name = None try: - c_fd, c_name = tempfile.mkstemp(suffix='.c', + c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type), + suffix='.c', dir='programs/psa') exe_suffix = '.exe' if platform.system() == 'Windows' else '' exe_name = c_name[:-2] + exe_suffix remove_file_if_exists(exe_name) c_file = os.fdopen(c_fd, 'w', encoding='ascii') - c_file.write('''/* Generated by test_psa_constant_names.py */ + c_file.write('/* Generated by test_psa_constant_names.py for {} values */' + .format(type)) + c_file.write(''' #include #include int main(void) From ec07950e532d328b36122d2f730d2e0c4efab07f Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 29 Jan 2019 15:48:00 +0000 Subject: [PATCH 1004/2197] Exclude ECDH and FFDH key agreement algorithms for now --- tests/scripts/test_psa_constant_names.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 7f7076c4c..1c19cd44b 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -131,7 +131,9 @@ where each argument takes each possible value at least once.''' excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') # Additional excluded macros. excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', - 'PSA_ALG_FULL_LENGTH_MAC']) + 'PSA_ALG_FULL_LENGTH_MAC', + 'PSA_ALG_ECDH', + 'PSA_ALG_FFDH']) argument_split_re = re.compile(r' *, *') def parse_header_line(self, line): '''Parse a C header line, looking for "#define PSA_xxx".''' @@ -158,6 +160,8 @@ where each argument takes each possible value at least once.''' def add_test_case_line(self, function, argument): '''Parse a test case data line, looking for algorithm metadata tests.''' if function.endswith('_algorithm'): + if 'ECDH' in argument or 'FFDH' in argument: + return self.algorithms.add(argument) if function == 'hash_algorithm': self.hash_algorithms.add(argument) From f8785f740c0611c7e1ff7e488d7d66f3c28e0cac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 Jan 2019 11:55:46 +0100 Subject: [PATCH 1005/2197] Remove API specification PDFs from the implementation repository --- docs/PSA_Crypto_API_Overview.pdf | Bin 200980 -> 0 bytes docs/PSA_Crypto_API_Reference.pdf | Bin 527887 -> 0 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 docs/PSA_Crypto_API_Overview.pdf delete mode 100644 docs/PSA_Crypto_API_Reference.pdf diff --git a/docs/PSA_Crypto_API_Overview.pdf b/docs/PSA_Crypto_API_Overview.pdf deleted file mode 100644 index ecaf3991c7da1d38dfab829c0665f058dd86c7ab..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 200980 zcma&NQ*b6g_pck<=ESz&*qPWiC$??dwr#($Z5tC?6X$&U)ZTS=)%h;|ebrTc-Tgdk ztzT0pib*iAFmk|A%rB3u!?6-G6WbeG!SV6IF{yewm=QB67+a~h*upW%6SFWg!!b!% zIyt)#16ToYOtNNn<}Mb*EF7%d#Q*R5U#B)MW=_OR5;jIIW@2V0_NHcV0s?T(E>31f zws0PsGg@-?_*^JGml}5&7!Ex{_F%#RoR+~wmiX-FGuYy3gad8lnoWBD*8VAlb!O=$ zX>&WF5TDp}Y-e)aB8KZmiIK%9lGhYSL=j8UY{PB+C`F+qnJB67Zj7RH@7jr!lBdFMNtx>yHw#^jDCV5VFcJ!Zyq%KuCc> zk8qq)*#1~+;sf>|*E4q!D~MaZy0d>QJe3jxVdc3(FpE55Fy4&R2S#&b-yq(gFY^@O zyYP55cyuUHq_+csiY)qIdbCgk=jvIcTZZCe9jJAzjA)o4O|L}4uzv|e1_6KZ5yJ2$ z!zD=(pcUm5#kla|QTP+GQ3EL%$PW5TDM+cPi{+l;uv>&>AzWLWk-e-H8lic@C9%mD zNxC9hR0t3fW5_v32_XYK!E}p@pynse%vm_?(kT$=J2P6R(CnMN+xim|CCwLUwO%Pjq(XZScT*LBDKpk^|)_W-VOz10HVGjE|x_)Zv z*meCt-wE8k$!iIuoM#X`GWE|x$g}J7%j&XUnwOFhrXb%zJ}D0K9aNPEotZF6XY={@gVZn4mi!} z=CtHguXmgH`<~$^g`^Iiu-yVqXXi68(>JlEhE|e)#O2AHj4-cVQ;2*x_jDN6%qxE~ z($*etc}8w@q3GAg|6Rh8eObN^RKS{-!;D$RkQSMJYzePtOCF^WwK_!c#bmJu zzkTAUqg87A*wZy1gV)=v0ljk8e5%TmzMT)vmTIi!rBfYeqPL>bzxXfU%`Ud312;E}D6VqE9X6E}Fe8HNm#Zb}xy_U|`V>#U`>zFuE!`J%pUb&JiO z=4GYjI>`lLWGeXnr_sj;zJH_-1f?$Gc7ET=^uD(?J8)LKPb!;rE9}>MEOegOX>Qm< zYCQl2P6rv5lsycF(kcV|OZa+@X}XTJ8gKp{C!HR5q#UTVnHFkq-$4p!SWst%@!5ZD$}R+rEE(BOpn8$O68z z?OngjyiD~cS1MLqg!^>r+)7A5?^q2t;SadhOKYox-iB!m`l?DV!HtT7Na6d9fLoKw94t(5Mg{rT4u=F^(am7IS;M(?gf0+m&tmAF3V5;vVqKSa9mNvt@rI&Phq6sF8hf9_9bS+msz zWWGbkKZW@>JbItnv_7D#MP4AUvW6np5uOv+SHEHMRsLyNy$fw!eC{gcIhU}{FxgM}CN;rnVR7Q-IzMj|423nH4gfyMtY&1cT+Vi1497;a z*It3MpNGopOD}Kq^!?!x719O_+A8Z6^snu!i1k~oq1_`rkL0RbA{3L?tM#mL?sg|m zf@m|W`9%sm1M@eX`$QBCGQHRtr6m{km1Cvpt36W7b2GD^QzZV`i{G7UH#U8<9zE5@ z@O!BtAMyrEJ{ouR9?C6I#9=?6hfA5WaAtO<|C<5-+5IoRuyS$yU!?ipBw=OdX8WI# zq*QYvX-fjF=aSBY4TmHxP`lxE)g+$kIC=1JCQFnfz>X9Gj2-K_rEj+rQ_>+bn#oj6 zeKl!oO7_$G=U~jh6)081%DIyLHATrHVP@GYrB~MCnC;v8M)tmJD~Bd0+P5>{&ylXO zw(=%E~R=P7O=#Zvk%F0F@|@; z-WmB`=evhxS+XBP9w{Iv+4iYS2w7K`@1gjz1K?PSQ4kd%8Xq%ZOH}1STm2T-jCh?L zwwKeOQP)b+ub@|QG~VwtgjnpM;jE)hX&(9GACfMJI7W2GKp7{{?gy3`&-bC6{x~nI zle>gjuv~5gPrG|T&%>^wC;zC(cDc4blHbQSU@#aWA^-I0ezpY_Lg&f3ijFLa^qP+( zdL8Np@!TJ)wiD;D@q3XYqJW89=+@D*OxH*&gayc6oQ{QSG1`7>2+Le6w|KT6et`&i z|8xijr8g2>-`GgZV&gkR6i*73cOao&5NBv!uxb{pBXb9{4%(Jnofhniy_>gwIc6?j zD)F>8a{s3`QD*PffY!}*HHFnZEgmYp(k?TOV zaioovULku*4{tE90KILz?mg4`4~I@7tTfe=5l34H!N;olhPy$I6RDm_x!27C@B2Lrj=-sJfCad702@pfeViVx$yjyy6hzfV(@;Q&Nn_3k zarD8l<53#ek0@Qmed1Qf4x2ts56%&vH}=2aWkFhE*>}7Y0~-o}q>RG;<+Pkb;A%SQ zL}H+X%+#CmRRaDh*d(OJ?}98I0iSvrXGUHBbcynf53(6{&BEw#xVTOQoiWc< zrNHjjLDozzEvwQ!pE3+70JcRBFA~O_E`S<3>{jvdZ)6e3KBpP%b!LF6LS=?)^y^s>9bkS&^V7>P*LBt|IFgIVI8i{~h}@;7q5jn7A7IiiR3 zHQgUEO(Lxw=1Ya|xz0arE2z-@X;?ky0(P3|Re(7#J4K=HLpvdGZuhr`b)#;Ir+xvtobagnJ_^WB4H&=zwloXGi1Vh2)iN$7EdC;qsA!GHdtL zy8<1w*~>+LJx}CqYLvE_CN0_=IuXBzUquJ6Fpo~Yh9P~TU@+u>LfBFv}%YC zb(lk^G^k|3IHav)n$MvQ_fT#HO1W}ywWJ4<<->AHFQ#|F<;m&0t?uLAs;u$vKMqMu z6COF|Sb{sXJCs1qrO8p)zBKCw|B^)S699XC_>QvPxHpXf8e|U8&tz7dAv|23Di3(9 zf*_^6nxMkMSrrYy*>4ANGv`hDp`79bP3Sqn(2&W3R6Ssr9i=P3nL6tUE zHx<76iwV(G)ll5bQq+I_q%WZwiot8=U|j$`%~Y(UjRG8vc+(ZFDpo4ny}5LC2lrZH zh6Vg|+i~(=WD6QK-JcG*VXNzZynJ^o*Lf^D9Q~&-x3A5E90C>+Se2Uv0#e-qqt3y9 zwl`GSw7G||dX>Cbgbn*t6E<3-l&c>!@nTJuIF>W#&ipooJy+Cz>IuYI{ReR}@wa$E?9Z2LmrwdBX6VqznsXY+U#AnT zSMLDugi?wZ9Bsmry5u~_1_A0U=li9PRARXnMlCH( zNk!@AIlU%RRkl(`U#PAtQ`;&i44uzS=g#@Ab+l%WhRsAje1M@*M_EU3DQ zm9Q(^E42P)%1LGk$tyvwby|7*1>{4U;9;Su(|d3I@NrhX>~oDprg!G4kVSf*TN0G# zD#E8z6;ERF`wjyhNZ#LV;3R*cX=Y9z#7lHy{p>{(;r~doU1pcZ$C1B0Mq3|Z*#CO{ zPT!rGwzG*ewbZ@M^JY?P%lFgZTxmvYqF2Z_qp_-0P+*XJ6`#nFx+Jr#JkSn2*_#Ot zy@cu&^JdQH9894_`;q*@NnJvGccoXeYPV$P5}eE7EIm38LR5f{HD z__CX$&|uGDNIKYEH=?`+J>Rft0X)(Emgb-tbZ!#ULO5!3lgL{5m{xmDy@>j{GC}=J zJJIupn}0oL#-Tdh#a$1^a`MP-Syj)h;cew8*EZDyAEE1D`-mS(u*gq6OKu{4>hVy6 zGGG5JonSm|;}B{tCjzu{@o2&NsK<#RhEb}?(O9N+CtcTC(ECAL`DTCx8-=;zEhW0E z3l368%g9+&*8e%Sn|>f!N%G+@kIpQKkZEp%P z0p20BZpBo`tDYqo6Wd(9u^LX>W)U=N@p~DDno6lpJDYczt=Reojg`n!!@Dm;RWTal zyCDpukn^}D30jG~=bic5Uf+_$OK;LVO=M>WdqpsNq|Jb5nT7*rn9p<8HV0TNolWab zcp94-EB7HWo#1@x7j$5t4xw)#0=lwK9}yV7zvMV+``^T$0MEx5$NiIMKa4AcNo{H! zBHSGF$v*`%W-9h$B1vpR&?T)_xO@O|ty z325ZLIKO^NAig9!4w4;_3xy#IUn|h;=``2?+pE$LL>I7S(W$ML{);C%7Z&+wOO6^8&i% zrLl9m*s3+zub@?7@M5-mJrRji+37_!@Lgjn>pI6Itt;L$h$_?s+~VV2BoBkK3H9UL zKD01Iq{A)z4x=%NHS42BqT7Ivl|m_pM7wW!_~TJPtb09MUyLgUPW)5w~CGu zZkrr^zQrooP`Sa`QZ9?)(CHK(;uB_7mH8%(zN^eTq*<)cxa#jIsL>GN0IY~V@5ccM z_=L?OT)oJ-vZdl`EEi-%YnDaOM*01rhx5McC?I?jCoM z!NnPaVDj^k#oLhPVWeF}5m0b-g_Mu}N^zNK*23ogd0$ChaHt7&|Dtt;f!8*Ynz=eh z_Z8>JL93dG*e0?UKUSZ({Ef5?4zW)h;BePLR*o376;+e`#4twP_bX%xD`{**X!hT8 zCby&nV+*c;fSIzyjBo%58Y$ItVVbdCcW0OqDOXHh8CwbMn!)K8ZnK7}H7+=Fz%Ad0 zNpk77C>zF|op134U|*Zs(zk|hsUM2qt1!Wi;zV0EHyUV6{r5fe>(%V#JEN!mcBZp? z%YcnXY6S|}g$6oT?~pN!4;FwQY=<%wXh(_y#R7hzrkVMOUK3qK4FmoIc3cWs9$Y^2 zi=P>s{=Rm&*H7nw#o~#@!i7fMOb!7LOvG)>%dnWP!@OBCWsrY}tJN}T#E7jgf9>4W z&0JL@V-rLb4$V+N-X8Op<=Zqe8I)C1h1DnwL3l^0Y2ajW?j+7KrkWRkU%V-NS#fkZ z;67wQ{4OC)J7OSAgRlx#3Dv89Wy7AJ!-a=z)+v5Fqu=fZj45xkfyIu{EdJ`ZTQgy` z1EVuy)Ic?8!{8VTuPa&Pt|%u5uJik9=W(m`T}s-ScC4xDf_ecZ1BQuZD-wi+eh3)qX0r3cYb;v#X&qL|nUL+9DYYogcCAe17!$7O zg)bfc&S*Oq6g`t_zG_UkE@R2WJ4wh?=cum_w81g4kz>3&Q`y=gUQCyorTdkuHK=!f z6Sg;8KWp2^Ecia*R4Wo6IWFh`gC>CiPmkW`48PHi(2M<5{X1x6!54iIm5JaP?F6ZB z!N_L=b1M@EPCZJ$(a#Q(erYAeF1jJWv)@;hO9RsmE);tH+GB?NFs~Y_Pd~lc{L?)q zt7vKQ0Mc+jL)Nu?n<~_zFN1v$#*)x%zv9Z@n=pXnh$;tgQ@Albvw$p)t8r*{y%63E z*Stv5D1kC8K;Z(#hKLU&6)g3VwD&T37iKq&4s}1N1Z{wt{CkqJ-Ykof5YyekzpFlC zS0Q)=9M1i?sXv+JMj8`og75abL4@Y&kfj7X+BQM&&p2B>4%3NQ1n8?LrREE!3=+^- zM1FCDhz$Myc1Ne5kBqz|0x4!SbwSE7u%u!LKT-@PYPu5O=MoD90cSZrO^;mME{T{n zGET4F{R;;X*B&yo-+mg$WUYbg^+Majb~Kx@D8&vnSv^Lh++nsy5WW0NVTy>`0lfSU z$bq4;u{Du^duXebGfPtpiYk@)rSFua?=+1IV~QpBD}Se>VXI3_#~%ZxNm)c%UEpF) z@{e(esr5dFHn_Qm6vZkvmo-Y@5yP;Yz81K7S0Xh5;u4mLh0`J4+g>{opVg(`ZYMag zoYskm6Loo19Y%QLAk@-DXNsX0{0}CMMgKzey64nB5Cu=Xu0t0bm2E#l-Lg&1QWIJl z4H#QKf(7ZAf1YoBr~$Svh%M|S%X^(TIvc58h9Tq@Lln6L2%{p^=lk~Az~ zch*v_-a$WaFP};;nPrZ9Q|&TTC>?)+XdD=g;FAznb%>0 zO)t-{cd{m!7dCFHlaTKL z`Y#^UdS4=ApxH4!vX>B5Eo3>P{YTaO2Y}%ONj)93zeYvFH}(8^bG&)K!4jv?3^r1&Oif(& zA3h#ZG`}R>>$7s{lLk9+o-uDF=xrG;F~_0>uB_St7IEe7S~w6O_T@3@UjmNT>TM*0 z0)ki?D5!K$3U_lt?oD6?J7z}zHmnUyyiL6EMMbbL8D$;Uct1l2%r;U=AnlM3V%*)m z~tBG^k3D~0l_`; z()#9*r^%K?8!g}oOLvaA-Z5Yz99|opehGk&?faUG_@cj0nB`~RIXn5#P4J#XVOE-c z&LDiD@Gv>U@*UFj@G-!yM7Y|AbA9wGN|pPy!b^@;l@QM+{?DZwZk;U833 z0A|56LD(nQI39(F*ud!`D@aTfX(b~R+Pm|zJT11hwJ38GghUS?C`{S`*HNHWmvF3} z;^T0>2(D<}(08_wu?`EMry(qg6B*dTTHHjRlnEa0`eBlMdMu4I9fB^zU$p$`$3x$HenI%enyG}Q z&ew4l{9Y}!C~`|E7Oha-h%rBBYci}f5#A_WF%;ldr#`36)M>zoRuoz(ti)+RjMkV9 zv5|+js#FMHD;gFclsR|L$7(JWPkT9{WRgUz3Un{BVJt!oc^=0U#!!s*|If_DNx*A& z&H_1pBGKDjir5iL%-4!iC(YpW&lycrp+&V)7w(7}$2gS+>ItUzqcC_uA)7{{KBj;r znhU0Jii$6-E6=B0ov*1ic6}YA`Jc30HG(3ljmv;`S)2DYyQK5jVYDQpyjdTN92lJqpslr8VgV*s}dLgZ8 zFIP%&m@Om=5xQSMcN#>shCqE0ubR6~8i38H=4r7Bqd3{FB*9QOxhmc23~Xn;UD*QW z!ra|nrL3m^MK%DeJnG;EUPWR;4cd8ahi7j@h~t~_ifvcY$a6@L!l(NER@D_lNXn{F z`lPxmv*$Ep2(n&9qbN+A&7GY3CR7i)^KpE}a9zh+m$m9oLk>wU9eAHT9wc_4KJbV9y0opGIv3^S-r>x0dy&A;Rxkv^&HVav6cNRd2A(0B;xnnAlPR1kA_c}T%RveD(=??Qby8XTRK2lm2QHG06>TrGjIav%@@@!*|aFgGLA!xTPVfDvNh1}!q zRY|^-Ke6q8;ag=<#ZrU~Hc7T=D*CbM8B`7{=fq0}wu>9!Cuhy$P;fN(c%(9yo?2I_ zDEURm$z&Z9RNC%u%{=qTri)cL-en_WM86*{{=8z|4y%v2kGrB_uJVpD#(8>q;7FnU zNz~dA9-%ZS4+2C7Bu8N7o~HlQ=seMbnH5qB@4Rk@)lQftB3 z!R&1}8gahmj+q>#@-3NI95P{I&T6!fFs;|G46m}uKvbTEoFdU|Y=JL;upLwqmFWtlmu+eZOo z#MA75A!Q2|eH=M5$7ap2+ub(NM{9qX(N#$zFFAULgI`(n##;6<_T2b>yCb9aR_~;*k|TN4R4sXMRIIt=JJ67b z-YQEhYsA}fNE~fB7%t1Su^zo~+S@)7FtOyc+9@hnw+;wHr(-bfq7lP2Zz5;-b;c=f zDgnH#xh}TitBi>$E>-7UitQ@J&DECZH-`d@OpisQ zZtTrd_nVla@qVd;5}0jHL^bcRE8f(FsUr%*MTL@RGs3Y?hF3EAf-rA6Pg!f(lHKmY zWKABzdslHKY1+|*pWk~-9>mx)JLFkBAh$;g$Q39}0t0T}`e4(l!;+rvngieFU$5(r z*&`s|`$lc3fVbw!=+nCaqN0nL;G@0%BFxR#I86iJ?+zNY=bl?uHDx#@ju)+67bG`+ z!L!Z>+e0>BiZ>K^ga~V4XS$9q6j4Ed+UmrVZc~v#M2#icpOwSr9S^6Jq7=TM^xIHp z6aPs$K6wQ?4*7@-ec1zi-BWoCm)zK&1IC0)Clnjp(}P`%kJ99`3o>aqFG)D|4I?uC zR|E5F(+r8L<`ENu^CS)dvM?HH--9J#QDCIN@4UH#u{9j19`KUCAFW|0Ybh+$#k$Klj-lW;Z1_ZN@c%wQIeum@jP5ki)5 zI2ttA;{u2K)~?;`(*vwi5rg8fh;y)o#9+=#>z0ysH*(L>tZA;o7eq1OcS6#Yiy;NH z&Ig6sUKK?^O2r*d%s{@j3OZ#)jn7}pOKEo(=K7qm-l5!GBN6}by=sC1L5F`_!L8Y5 zjK*%{W*+%wDe!l}g~1Z|%g8}InH2=SkeOOQPUkLYR3VPkrWJ(NqXahl-_XFP5tQBVK&^3tSLgH8?QfoQO$w2Yo)47jy4Z z`W3KIg7zmCWr#Pf8R?nUpO#)c{^Tx@)`5`TD zhN?{ow3Y8V8-j9?!C=upWrW>0f*F7odLP4Co@U>HoB-y;sA0hi1LUa55C~d~`-Qt+ z$oq+7t69l#K8sEnTvF#=?VA)Dh^iLta~K1{3c|dexhImt^ZkMq-l2FFWjrF_ykqD* zmMzTjUa1sdAT3~OkgJ$JYXUd}vOqt;7)#p4uMJSMxDqM@z@5&1@j(`O6$NCmgQUbj zhzsN}OVy4rC>EHB2O>fg2hsArL4p2b=)o%J;}+W8PXoqOQ~>9X3nXA(hG@ZehR#YsxpOz(-HBZv%$FgA80* zyM7#gzWhlf(2V&2?BI|XzZ>gGK>xDP)DtI`IO0v31cbmOprj|DKtw)3z@j?j4NhK; zVWio|#`=2*$7TzxSp0~GRo^xj{U*|Xo{NbwD8)7Ly+#IbK*m>DlY37>| z)15NDX3ac4X3fMXCt^(SIA9`=DS&)Qe4Von91d%_o1@}DvBmsPCd~njejR6#eu@k7 zm0N3wNM6Z#NdwFzyRhttk@ACI{wj6P#Dluv-x-T=pB=q3kv{IFfvrWnf9W3g8G3N@ zs$GiGKGLlRJhAJQw0*>dX~ZKk2@Pd7>A%@W0ijbVU9W!!2RnVP1>0BujmG~aoy5Y$ z@;{#sY8b?C{fEZ4<>STR>~*$ZjbH0^yahwd7}mROh4UNIq|=T3I-Qr-OYs<%R4-1K zD8xyUQD_rHQg1`wGu`3zJ1LHpY&{!9oRuh!b55J;#}LF5skGh#Q$bMhvRiZjB@ z8xY%pgTI3lAST>=5(4UTU>ww01Mwpub6f`N&y$i1 zsh*Fs*KzK;GIYB2VoW1O?i>=O4Iu5mAFz7qEFC7IWqfl>pJk%hgM9mk$|!g2n#|nq z#^u#H_ubUM#ZNbDp8KHE6mlywXOclanw5YV!KnxvfoWGD8=Yw5&CKKmB>XN5;z!~; z%!M3sQwC)Z^2ZJ;Fv>|{XHdUSx?} z!(fsYoG!c#Ak-W$5Llu$VZt6j5XpvZG{aB$|6qu)5sL?rUD?dx*(+nQxS%(kY9kgX z4wM#D&2J;E8ib``*|@^?<1xjW8@C&)mswr~=!bc|jwshaEuo}4(L}_W%1?9#quOa@4~+gMg={d+n*L8F1a#8gbC0|NXx3QjYo7oT2&gNejeE2v4G(dxpZ9XP=r z{g`B8S{0>DhgBLkhOR-kM8I2-Th0cry7RW(Iy1E`*%3fk*5rnM`lHnHtF3f2Xg<_* zC>>o_4+Np#g)1oTgQaI@~y@uGRWskmflJ-@Xl0wiq!ShBU&-dbm zJu{z-`t2$!Y&^J@-kpLJC#j?5rXD`I|8%+2+y^Rj8_Qye4h3C#v}!qrJ6Xe&)Eqd& zm|3|@+^=KOQ44nsnW+~Y8IrR3BKO;UAbU-0M6y^nf*q|Pw5X^IO4m})iC0J+1PjiY z*Ms5_5@_5iYp-m2gH>rPSz6c`BWA@w8V|?73?nLZJCxjV*=WlNQaZ0F+&|B}rh)SJ zFk4;=kyl@W^iCA(Pw;i2Bv|yvE8>s78;r;3MbMGZJ$>ChM1p*Om>esXvN?Lw!Ffg` z?gmfpf~lESROp8bkhugyv(T7TM}@6L_bMWxy`s&Dy&g89u3%<#bpT$P$1@FY7y~2`N8#*ws^zDa%sGeT%VpIe z3{M0Kpd+IHZH;hJB)L3BIJl15Tw?6WiCb(MW#`tNii zlvF9Sa&3hQ(|%pvVO;I1g9oGnV)DQy*t(}t?|%i!TMuz}{qa)?QePIm>O(TO-StR= zu2eb?q-oL$4_q6WgXKAJ8=X_cl`2|7NpP>rtK{#GrmSTYx+?@j;n=2SKi}@WP#mca zA^S|Z$XF=D%xu>=aBy44I({8bzDF?CF~^Ubz#+bS)VVw3?o)IDZo25Z$Tq;+2V+-f zH+2D!;#_$sg{osmIPb?+!;`JBSdor6LTq?HPEKi5gl@4+@o*;ogX;%GIofOJzwqxr zr2GH=f&8C*3_IKZyc*Tgv#*{;?G@}BOxKM17pmtL_^+C~- z0hDU&rIOf99~Z)SRSjE(L1-`t+x8{?21Mx?BDr{}IcX{ng;V(da>g0y|! z)J$J+-}<9lIT|6mXLjGlXqyfuOD~!yWn1kk182PtE_uo#f`!bE{yw8 zB@HSi!$_ksSSmJ~E^Jv=E1XM%{?V3W|BFae#?#byNq1Ockk7~a{OH;_NYe-W5#q_c zk1mddrI;2UzIjtb>@YZx>#Cg&LjJ`@_A8ccEQ=T8AosPaaf+Q<-^qV|~;@S{|;)xaUfAtCScbwd3F=hvPGL9Qr|D+1op9d9 zV*Obb#Xa|;k!RJ-9WNs{Uft1I2}2u{ebSVXUF>jdRq5+qr-J>_{n2|2Rv#F=8+mN? znwlY12eK1fXsMF@HoQcz9+n(z!NW)SCu$_N--&mDslyZ^E$?-yWw zM%pG;x^u|P1PaM}kG|APt^NPzm(=dc;s?H=q=`StTk zpjX+=6L{fY#Qorp4&1;3-Kn!?iWJLfcmeD^?{n)lW6?73XX+qqx1A~dQ!6h6Nm`3> zr6dlExEIv>G|!?jZ-fTR8X*u_0@hKTLVR;5V1B&;-0Xe*_*5Zn^H14QS_m7WB04wPxIeBLM{!?BzAL znl?NN?3Is9$@HvX2w#L1v}%!45%K`dCs4$Cxf>${sPt`k@D``R(3mN4=Jfbs^vs26 zO%9;{r1Px~B9}PTuM7_Qoo@9C@j=|?8saVLEge!ZSBnKDNfD(W7|R$WKQ5gcZ4H&+ zi$V+G4!asU%bfvGX1Eit%|vG-_)@vGeD^W#Iz^gaDl`k}IX2f;Mg^=s?>x1&Ad(vN z*TwI};j+D#Fj+?1>rfpA1*m*%(n%{2ok`LK)~JPx#lLlrcC|4h-cp(DU0fw4&9=p(?}L%i4VisgsAcyMKldaFH5wOZli#Q==OJl+z>v75KUFq^lLqxeDm`PQ_`H1Kfp7% zr2~#FQPXH@&TWWJWVAHLI=pOrVI>v>{iYtdpgDZD^^dSv0 zB4z+sdQA&EoO9BAqB>)MNsvnF)(#W>w#^Ni&<^xPEIG`yzBF zI~6hI^nnNoegbdbxWRctnv8LRz5^LbP%p6Nqb;@8QOqUsV`F?2ZGibbMhiY;TEw)s zc0QR8vphHvgW&7FX_Y|Zm`MA~lc7#adOv3Gfyq zOUvmgpJ~gdK!yho4^yYJ4YLde8s!LdQw@eTLzTw&{s&9aLwbE>r%G^&LYt-phrf23 z#lI;rM*SO{{{Dc|m1S7e%}$r*UsQ~#PqU&{Sx7;N`|r0YgW5^_+2}j zo3~WXOu?vzp_&EOWB?nQ@cbzJommYYG$D4L)bAzHwHnMiKW@%NA78GaILSYoh?Y3(lSNy5 zdms&i$2f6RU`^z!?AZD31N>YQ(xV*^SGmxE#e}_Un?Wkj0=?j#h0^H#x_{gH0XZpP zG5s$_$NFD$EL>dw)5LSCmTmlY8|rtSK_iiCKsu@cx%Ar!lv@^-T+C|_XGL_d{L~JG z9fd7L?e%s2EkgM6R&NeCxPBrU_s{_w+uZcm-}~;{y+@bSWDXgO18L&+_tfQFw$lfJzstA?V{PO6Sl^95`0d`lKG^d%snzL~s7JL<*D)3F zm!55%{k#I3yCB($FJdam5%&!6RHVz6Y*OK7N)}7bKf+}@j-(;84&&pxe3xD>cUv%H zgIy0~8ggVIHb#7{zP(vp&wtOPy=>&|=eSC}3`e4kjvUM{jJx?Y)?O7_;AQ~U7EIQg zn_6oXk1M-8A@Z0r;dw-CrI%dA;n$ehxYb}Kd`0`l!a05!Z*_pkR%|x7eOEiZ<+hl@NcK~kv-z{^ul ztS#e)l#cqv`lrzc59E0i+4hfc%V&p533aT!4q@(^Sj7qZ)jqO!*x8l1_~k&J@JSti z74LSb8CmzaP2%6H-Tv$U^oT{FMiiiwvfgrs*n*n-DJ>fyy;H#hPcw=hia7sU7YTuG zrXmTy?gSk40gCvb-q8oF%isG54pJ7p%Ay^*oo0sBCTb;8)PV!`(}za>`t&aKG?aVH z8b`!)i4$F|KDDv_`-{}3JQ%9ij=1~P6F^5iIin#9xo4_@-bfmmsTl=HdVW?pjjC$y z^^lkT8)~uCe`Ef38vAQ4WOI8Bh1=2Ub!T0nQFdynkm#l3L==upYWi?Gd5Nj^dIqv0 zoza-*m>9)GMkeH&FZ^p1tGnwQm=93j%B|Rx(*4gc!S_zS9ht=n;~;abLnE?$2mjxr z(@v(xXvY&LVG;;Rtg*_|$jrm<5tbuQfoH5#vw?BV4gf0_Lcnd%P=)MJB@6CBjWc0v z-BHq7ZUr(6FXZDKId9k9iul*jIWD~)*{cFgFxVy%7w6WPofLj}2|lO@7$k~xtZPKG zK*VSe-Kf*(m^8tDEoARWIT9~5{JZaS*eGb<9Zc2GX~CD5=?XJ{Z58qRs}^;XoLoEu zh9ws3*GjbbH!Z8b0Cg5icmFO1kU}jpuB)3w>lUsRIaAE*G$ByZ6rGfWO01~B)uEpM zuz;WgiX531^*zzjunSx?*7OK&nR#c*be1Ef1D3;w%K>qO3Z(o0VeFljM1huV+p=xj zwr$(CJ!70mL2v0v zuxVidj1I!#c5mUu(rbYQA@)ry*U&LAI^~w~6{-Xv)237;hYy zxEQPP?1bEv35-?{_8iLCzx(cN*d>AFeGeT)cg>9ZDYbtEI;z=y0f$FnXut@+-j9ql zPd`Bwn)C>{dN8R09`m)ICGXxoaO2Xhpcl>?M&m=#5mNV9nJ8UfImplk;cNMX56cJaA^4H!z;)FRNh){p^MOF($+rQOMadIe>Vh zJ`;%@oM8MDH?mlH`IXZ`!FHg`4iCyc^+M&D)6VmgY8FautDL&e#u3m!Gl;4 z(T6nK(~60aY(0; zc~@p+1M(9ac8c#@*T|!B`W=ntDa(qxI0@=_E2WkDPUZPp9xRp0zFR#;PKXNgfPmZx z0YSlf5H`bxYk&egY~f>o;Wb_L&k%Tg7+ z8>gu$QIz;zqL%vZIXRQwaW?SZD2^+s03ziuGOII15ax}Peu_%Aytd_EVaTDB|GPZ* zr8FOFaGMcSo6!Yvs{us~0XqbLAstQt*M_C<^LlgN`3p=?QfU6a36qI|`Txoc|6lGH zHkSY6j^SYbuV-rAnwxh2+%Z0@>UWHkd#L04s1QI$O0A$;ED}n8s}I3d^)`h}sw<_D zetl-EjJ1|(*rE@f1a%U*adJ7CaT2L%o8yI~$t4c=LmKofNJF3yWodd8!#^ z_ArAZ;ASbZ2feC8qFjquBg*pSxDjceEYFg}AY~OOcu6E7m*oV(P;-GjQ4N7)0a1ag zQ9_u&7BOQYUx{rcC{78YS0|(?Smtnmf@xXA_vX>M6JzQ^uLTV;9go!C7(r}3_`>W; zJ+Lgyo>H}AT|}du08S0lT``W=p>jE-Zc_gaV))XRf!?x)6Z(n<%76s>L%UW_wk;s4rk?xASEdiWIcn9eoy7oa4 z!f1opWmpBqvSy7lIJ&mNju_MpBLKG!;D+o=CISXakHs1&FB8n>J|M-?*PG%Gzf!$W zM^FI#)p$R^^c?J75Ayog4ijRm6--#LopmQhpsAUMMWD}!B3=VrxxdC`rPthfl5 z@jS2qTxvlerawBWMGIlHL`%XHufkbBjO7_50*TBakT!g-?hz@VFyhTtVMy8@Dx*J? zQ0g8~JZ?ysAL4W&x%|*u494$Lm+jD7v3pZR>7{1lTYkeuz59pr(;2QuSe_p^Z*7}J zn}$>UiP6Y#U=%dnjwJD7r&*_Y!*<(=QErF!`J>L~@*$vuCwv=y+0~wAu~8C8&7aLo zlRYa4MBLajiU5n!n)dXP_gQ7z4Z=4vd=`i~XTTl_4m+p8tfN`ez}=qiEAT%VMOyF7 zbbKd1&n;iPhpXjlk(GqZHmlL>oYq-I7OBWC?4P{3eo0?6evTh_49h(ps znao%BFC^8`G&Pw;E;$EQi?@AVEw`Q*d}v{P!*p%tmJKd}>zThj{8DNWzp8u|31Tb2 z2-#OcZ@iQpQ`H?=KB?v%?*? zfZ{A3AL*_KmsGE_B*o);KcO&}>wP~G9Ij74{3?sWWGlBR-`VSpCnxWze-<@w7rjND z(T_d+E~;LSR|L~PUCSqPW$&wy4fUtWyj=5g0M;EhnB0UuU(CiJT2F`O(k5PUfNx*l zU_Ly0P-(e^)xI-sgXwvdy3h^}*FTcyc|Dl0db`_ehToQt3h-j|S)yFJHEQ3ih7t?! zFFluSQWrg!cMLXab}t&&k31eFvn8B4vQK@MN{P!fjA-aU^TPPFX|T$;ENeA*Xm{)E z@-7~g{d^a$nYUWx#W9=IW-Y$V9%nmjf4Q`~@MH4WCmTK2h2l#O^G184^|Q-b`u~<% zI~M4a!RYT3skT+_Z(vYmzdOP*r#v8dk-2uesnwdHM-@hyG3htocySQ44S}d)PNyM6 zREIg9L%H4P5mb&ZKX>tE(v+q(vL@T4J_`dInN^L-hS0ayL$xI$eMr6#bM4Y>jO9+5 zUuG4a2zP%mRPyuTkm(#!M|}PZtc)v8tu;{JJ8X4DzvIoO=24C82Kr)4rj1w!X>2b6 z*9UZQGME9GbI1P(_pwn|mE4Ak_gl}1_oTKs78O+ODFU#d4i6&Ol85pCerQuHq=<*5 zq3Iz;O?&%x=%;FFo_Y`Cn@j|E+X|vXT2ohsbI>A-?SWuV1_!hz1~}~-oAjsl8~kkMHdZ7@FpR>a;Xgs#9ot;&4}%EsgTOiDdHt`$ZBIH6UmU)4=Ii+ zWYMC^mg;BYyb&h`r!KMfUy?5hrx~>lx#yc0L~LNHWH#O6Vl5#9919@`lfmy@s641p zl?oopWth-~PW1?lPz?*8=x=>=jkv_Izg2g;D8y1O#w2*|L#MN!@b1p1jj7I38m5&1 z%rQfnQNQ7HcsL7vh^HMHvn7q5uMUI1!YHG4i9V;Os^tQv18Sp@o-@?l17NGj#@_i1 zsfoo(hIMDo`2i>b&9up^h~|$l$=)~8fENfW`aFUz?}lD!OSy{Q#v z8f|{!zW%Hg+~UX!rsBv%jaj2E@AD?&u5bRk)HcL5(pu_OZL}yEV;SXD<527$f3tawD>~9an2{2R?KA-@E^*kmm7xy)Eta`I#momI6u2cSh4T zEHT09JZS&({aDG(kDukEnhQBdtJjp;7nMyEaf{a^Q@C4sZFf6cE0R6N`MNR0R0vFZ zx7I4E%55ND?yLzWWjbU$zgScb*uA@(6Dw}O6O-9uKGt*2jrCKumyD0A4L)_B{sJ78 zau^eK04E@GpRMyoH4eiTHeswNAb$*R9nYa4CKM-WhBOn!!7k>RUu~eBtr@?ErSSFb z&C%9VEyaF8P0V?8>OS^BcDvy z{bgZ#jiAK6qmkgR+etYAu*pITXX5Oj8#b`Rm04R^ed)RL%*!}lbLQ$D+FT7>*G9h9 zT1zpd-^D;aL2nH0jZtZouSA4fzwhFlmaOP_;r8{hEWqD4Ir68)bx?LeY+E9^t(5CV zXOpqOvpamAacx=e!GahxpRXHVCb5d;ZJ+6s*SX z4IoEy4n{37Q~|6c!7~XMGX^}!*HyJ!^e?w>UHntX(E3%_uaVI7TpMd02?~*qFutY;KrIPKAj6tPuoD5y75DjW)X(7CT@ZR z`o80x-iom~!9H}JLT;Apceou?pUxJ6>cW&7x6#;8AK|dI&!#;|xF)4JpuO3`gc9H~ z$gH4*!<$q`bX?mF7CoXngYC5P3?Z2D<^T#1*9ulgAvSgoLf{0t9NW)Gj&6 z0Edhq`~!pa=aAKhRWB!YZgrenN-!4;YH4?Y+|C{nLmmi-#eZT(yoA|=)?*Tebn1?q zdN6v0t8U$N9^z}(J@t|oDTZ6SZ-DDRSET0-f|a#9<=K#8YTa{@I6!KtA^krydX*`a9!sCb`4y3(8CB_=a19B!kb%fp(S@v22X~i`x;XKFk_>QcW`kZ85kcP@ z;KLY#JidS*(Yb){5QLwywX%duhP>V4nXaH^2%M4VgyfS4VMhW_xjD5i=Q26fy!_ps z->NNtj~M_aPf(DSG1;QUM(UCsLiFK8oM+kFf2e*y7xK;KLmT05srrrzNBNDgcnsTw z;ZsWqb_ld3^TsqX`yX zub8uZ+g5&fRJOyivN)Tn>*+^=lA)Igu-);Q_ z7XU!P>2Y8H1EkDAawslpznO^v0zs@S%lPVcitOE}eCS?6rN*;_Gt&(Z*6)9&uhir= zdc23Qr4h3fHeeM`ou7_$p=m+&t!xlB5^sab;!O|T1YUiy^FZ%m-^PAUQ6@FWr0Kno z&krUik|$EfCo?y97{~i}9|k`rz*v!(l#m)mywQ2~Ge>?v>7v-W`go7uNGV6$2RW4c z+H2D)?ZlhG|84<%D3?9rJKHg!+ilZ&_InMnCC4YPTTMA@jb?&3u2$%|v5*8dzBi{u zha_=3cv_EYDs|T&OksB?4!nlZLn5TjP69TZ(5LZcqWrlrX5q=0lF62;fsvTp)T9T5 zDmTKe&}L?P(+Jv@)qCtj8FxaN9vs#L+Ne=u3RxgI#=5|NR+_I_aGbyS6cARdY#;=f z)4IqI`)Kz&vL?n+xIBc_b!o(h(eyZt#XrG9@EXA{ae_M1l2{9d?Qti=zRL~uo^8Gt zuu6B=&A^^588GiP<#9FQVIJp)h|gVK7Z1ssZlCwa)J@lyi*#3s&O%OmK?k79v;F;Wi*sFxW`0H%J)n%Tr1_a+4%g2K4a9qmEn^q&iIPiUjb> z`Wffor-HG!%Jb*QDYwD8LeEqfKp%fdEPD?phb>J<@^bQ-f5|IHd!$Ypf&pA>d;Lb; zn)y!2#^#2w(p}Bg+C3P#{ws2}`u$6m7RB;?2|%61k9Sb)n->}<-%x=o-Gl^0oh4S#GHW*5W9%EyyFLd*Xb?M2z49^_UfpW#K3ZTSpH%ykU%M z;zMhbGtAT!9`)QYV9e*ooRZwE&P2DVq*BVC}~NtdyE2zss{{gs!0D6N1PmEYQfp7VCO(-AjI6e$7F7? z_5N26*PVL3_aqhn8-6G#p zA6BX7KL8@je*#2C2A2O85Q{aWz%YNV>A?3mn<0~xB? zLXj>ul(Bu%&83hohV%=mqgr<`u#cCH_sYzHz2Y zagHQ1g(qa&P)1|3ZJeFmZMTqID=pJY-nt%ga0mf2f^W?I%(;oH8Sq z(V`Tse-Mnk@})>tOze_@PO^WHD#DzDPVCxE^$7ej0sV2Ff47*S0k>ZS<6`#iJR2y7 zeCZQy!u6ds#vs8UOUq=Rb$x;zftC|v*VUSBDk+Hz3(RwvYqxBWw-G>iP;*i)&LHf! z-h3rQi==U%2B}3Qs&@mzPNgS6tpaK+Db_~8twSvYUb#4dsd>6#R^|&qFh#?_K+xvh zuISfKo5^pnM8S~pBX%@YB3xVP#n~sr2*(%%m|E|M4QbAHuH$<*gmJ2che!7lBju5$ zr#4*~1VG3pF(<;BH~eY)0RkEVAnIp6d1=`v7B~z{F=w~2hMQ4~o z4rQD(!r~I|e4cYLL4@dkvBb#lav_vm3Z$rOJp)1pYGEn|%o(F6WE&)vUK|GwbaRWu zn5?YiQ6<%`I?tPvP<3irj2L82D+?uK{rmFuGU<0FBi;pn6L6xlSW#Re7~Im5??Apc zV4XiC&!gR5B9;3|n4Fi(!3#F$s^Kic(;(MOuR^I>L7Mf`p-V9zDq{E$&l+WPg}?T8 zUaEgfsYVysT;o?zQdl&nXZ;PUYF^ig-MSI3g8ed(f_ZWV%G{>mjk|0X#?YjuEY7N` z@`#pNcDm3m^@q0YH1GyOLxQfP;V(__%K*(asNLrxhYrE#0A@vWooCmRi-j`+Yk;Z_^CkkBPbuZ?8&9@i8qVw7?^mI&4hL{4upod+{5Wy6(7&F!3Kz zqChYl2n51a8DsTgz=*lV{gGZ=qs(!_l97|cmUzh_evL*zTEn{|PmmGA>>CId)xm%; zu_S>Dv#qvk$oqarQFGcLDjYENT$^1PTw29SaQ0kAj4kP| z*oRY(h5>uO2Ay}?O{F8b=)KdHdpyBoylcECj5~rLybN<~30R?}h2_usd8cJzSWTy!J`p<$Ydr^O z>UmbsDJHR#n#K7M+6=U?@&jpw64ChyrbeW%`x|xdr2;ntzlZhP-H;VQ19AJNxNzy8 zecA{3HR(Eifzt$B2JpqKKeZ|*{HvUBPVLX57lizWDp*bVjQwKx{?}%35y@xFhke@t zpZ3t@Icn1WWSI5vSN<=vX~Pe%hw#E@2J zn#MR^osO-o&_b#uSULq54Q_L-d3RPPD)51~I3gC*-Z8+7*aZF_0EY-l+ zf_Y%cv3OD342v=ey$;N1rT~=YG{>9qrFiJD~ zdBaG{+U@yK_%d%(DcHs$zC?F{R1C;!pl2pv{y+{p|LyJ(Ff)BSb>yPB0;taUbh<2$H2q=ahgjKWM$MZ9P8 zIeAlyJtI^PxgTfmp3HzdTash2Azy-@nYO82JxEYnX*U_vgZtp?RcV6t1RfOgarmM( z)XyJ-KVAWZol`Ger~87-mRU6|SHf;P+S2Ms6Nqb<+~>>@M~2I!Aww`|5`&bC1Q|$k zrB>R&RM(wMIM5ISuDpJ@Syj8qKW~uBs;T#)?f=;%YvK@eFe;p3FN%ayr(M&^m3fh0 z+W+x0!08Z9iL(`7Y;I9(q7*ON*~7X%o=felz%*zhy)othJ6lj>YM3_566YT}zaTO2E7KSSVbrjMQu}4q4Ee&N4}a1`3tR zFz4STBPSqpGHO8cL9l){R98T8J3~AfK-VY~c)cWm(f$hmKCG51OGpEoFGdokK6>+r zbAT&=hXG-IX1YkyD3!>$&y9-dppojDtbK?o!P`lPqom~#9z%1)_^Q2A2B>Sn-R}8) z9=3%HpqT?F50gdH&jgmwhovRk-d_;%HrrG}S0Q?30sP|0>OE&);V~^Jydngp9jT5F z6S@w)BF-qKj=}a??ibWtJfE!m7P{1Ii|mtQ@uX&6nSu4yseI6+y<m9!AI3lEA)%QCUizbYU= zGNM~bm~3@3qSlQwu2$^4^o$q>T{U=G7!%W6C?k8)4$VwvT#ARwdJRP;kY~>GvFqXl z3#7s&2nO^RPIlB;;s5~hnmCRicTo1uTlk%Oo~qmO0o3;am8@~5sv3=&VQPvGz^Ag{-%%d`*LGY;;v(M-wXZ#{43*RP{wGb%HE_!MzJcfxq#|# z@hK^yl@vCej>;~=QN9c(Jm-%T;ap{m3P-3&MRPU_12*xBVLg~S!v_>NOqit7K>Vqr z#51~UZZa^gF6LvDjJE6JqL7$UnJaBDf(lvrw%H>t=3Jr42;O3lT>4H1Ndu3+Cqg(V zbRm|Le)i2!-e!tZVM*iH45 zQu$hgq1EeG_MwNy6fI0cn8V?Z$MztGkUymPOzD7)xxj>Ow`}9N>aqcg6tpMW8arce zP95ZYRDf{RWh5CYDN^7*FXLw1;>?>aT>)SU6J~lacg4=Y&f(-o0XJ0Qa-i+tv=_;CtjT&^jq%um~}uBoEM&-AsDI_etL z)XySv}+t(_{S zV+aGj7imhFDMIxk;wZ&We~w$17-h&iyz>MZI&b26Aoq!>^=jUU(z0=BjD}I>4C^Dh z#X&7sRTEiPoOLyMHR_#G!}2nIDQ06V9`MuMyvwvHXyun&j#SfY=unlI0_hFqB05=r zu_jj178l9Sr#FzXDw-xg$wfF2?>t;hjzsC|pH_R*ipU8`%O(V#=S{DlVxTaz7o%zL z5vMNn?!t_>y*rQ}XjTA8&s&Es885*SI9!kA+?meuLIe*GKX5ktpsHYbW@kSa&mh(6YYx*2N{Ji&Fi{t_pwie10|? zXPeD2KLasq1wYd+nAdRQ=X)Rxes6-nq4RQyUYc*UN5O4dZ!traYobmVy zMF$R4^yUumDw1#Rs?gT461}wPPvjjNz21SkzO3(saLzVA&ZTfx(E#fk`+oKx^>d|z#dldq|cOKo+l*J`F}c5pz?Zu(b>Uh5vix6OQfq5Yb zp+(T2b4?Q?%rb;PMxZ~(gUBnh!NUlF1&{i(NOagilxqU^sbOk2fL=R-vH>-2>aaD* zM}>IWdHcLRLQ-@IeDv*)PZX+1iv-gU1`{9$$6rczDKw^iqc$hU>Tq+%IlGLc4Bw#koL+tD_`g!Ksxy4F@*;=<=O zlsr%Zcn;3C;k$N3fJtevFf1*P%+>O5ko;Za+nDNS85Co)nTnTwM?P|F6VONI8|lCu z$Hpqp`q3ez0{)xHqO}1N3^pu~Ekv*hq)GOZ{8%TwA5yLM%Zoyr+W#iYO$eNgYki7E znGm-ilaRy_RG-3beto2nFBL_5Ga8iejCY12(u;!8&*2XWpVr4!az>y!mxmCi$tE8E z0zSC=P0#>6hk7Ud9Vetfwh%yJ>ye9E@$@1ryF)8%7rqvi4$LqPK7l}oO!k*4&&O~Aq52_? z8g3wXoFF$!Fcyl`O)q>^oT9%o|7_XV<8JSYdO52ALtXG`kI?YT7`;MHl=d&jD34LQ zJO?c$tx=@hPyJG#u2RvZ_7UtJPs%Ci#~`XpIhp^+bE~%1n#tPw@zbf%@qsOaNkrbv zbUJ60Y15*ne)RF5fq~-m9!^YEp%ED}v_0aw5(ma+aF!?jzBNtxkT@%R=tr=>8^AF* znraxy{7R?Z>qSnyYi~nbqe2_HbaL}n7%)g}bHOca-_VzGD8S;K^s2J7NwXwsOk;5L z*l9&)kzz5n%Biqq_39PO4ieZ4XJzUdhT7(oABvSN-8uFft&bbF!D==+GX>lceh8ye zy!r@*fVlsvT0L3_;tqA3hYH1BL1&=j27aj2>k!A~fGiWa#+R zj8nXEwh799?=;WEAih%U*6`WO%&+u~NYp6PxfstQVI{>bL?%p4|HiC8i`%SfEb1W3 zGs$p8IQ2{}q4j-eSWX3|U=P!$n_1iyF+2Ut9pU645?FMya0HfbY_q>oAu=EdGAWf6 zc`Pw&1aW11Q7fv88<<2viCmzhny)rt!YYhn)}G{yP*o%gf`Arf3yrq3|91<<7G#yZV`nG{XjW{kkTY~E*@C3P=ZMG5Bdz)ar zFL#s>*S^$5)-Jor6%>vpHx5#(~HpkN60kqIZPCd09gTr1&ba<*_43&r7VneOCBE) zL3~lh;epfX5TpGIf-nOe0>%?kIyJTGnOB7FvJ%fw(ec$wMpORG$%fxCiX2FWr{6Gw zB)Y6)oH26FQ71$G6z}_sU*%5kfB^IqHcj6(6=oE)2544JeDK~QD+s}3?m3<{H$#uP zm1>g zbPW*6-9(%vrcE+2Bv8d0yni}nDmBFdmY17?05)Bk#OIpYukXpyTVJI2{Mbt&l(4i` z;ml*loZ~PedSk-J!O8PG@uyOWq|#o!pZjfjOT;@eN8OaLe-=F9Om#;^uv1TtR}XhC zDNV5xNtOB0zhqwX#EBJUn7IpQLzgY8D@fMXU?#cbi-`H^v`BQ*e{JQ9N-odDc(dQZ zPDC%7v!3g(n+l>V#9xg|W6Oe)I@Y9NwW1<}Z{7`99cQrzM1Nk43wn<|Nyae}6cmm=^H_ougjI#@baa*UF)+i75WN zZg4O*L*y{P>2gRXjXk6gc)xt`Ah6X?2IrAGEILBB>Ku}})5k0eT^m&aHw0>*eOD+X z*UHWfn_whvWbvFAF{MQ=_T@Zf(r+g4BDa~brpQvnv3wC@b>qv&fN^r`T&u_q*AesC zO_dQIl_|RmLx)5v9bUN%&J@LyP+da4ydBPzzR!_fu8#*jKpu0+TdGm`*gCJlkuU!?ojhAi-1t zF4`*rPl8|^-7vBEf)HPYMXL@1GGY$7UcDR8gBp>u7#X4Cx`tf+n=LH;KA}t$>6GSt zxg%2budF~HcJ;Psn?>m+N7my~H2OBuc*VJHD;?HaMUUqKm%XmWa{n^-@bz7fOG1n6?x;Kz(J)U_3U24^z-$IKr=5!)XCwu=#HX!c)W9Yi}O9fFyY z_kU+WC>D^Q^4H}3FDmnB9XE_sqO7L}wX8k)KiVC%z<6wE1%CScLLs86uXh3XQ%#Q| zyYLBu2u<31o$n#=G4@BreZ)vSvX8cE%!Qw;O|BUgDx8|vz4zG-uW>a`=Iy{TYwWOS z8_Vv+c9+_49KN7QshBt|6C%EmT7dJ=oyc9ZCOKr+4nS5@*TIOB5VyJp_=YX}G7`iu zbMpz@vLfh#1UDF|5C zy!LM)S}B0>Ix&a(GZbf0_i`%P#`Tqjp&GX5_%Zaqhx$@^xxELxy1x41OKi(K@n~$W z%S^8elGTyF_NDFqJU5oU?ZUS;cjOs+<1+P7-)w^7ftb5NU9@Ff6@q0wj7i9a$M$qH$^3}>PgK>oG!HuSf2v^|dNBHV6jT+)Cq!$S#INv?n5 zN6%l5w7J&4+2kURoy~rIU2|aRK;Eo7WGcI3K!!(x(7Y{)I(7=gKby*s4S3zX7GnxH zM~hbgeW7o|E(X%%`+j>k=bt?}{rwN5@gI+TF|acHx8tN@4at9dEolF<*TRNkkTPCz zkebEp005uZC*UcU#HnCXE}E|0*0lKk{MbT7nvpXp0N#Mc+w<(DzZ@rj%lCys8m4m` zAqOX)CR{W?!5e%R1((1`CEFm3R4SGAcDIE0gG{5m&5JKDW-izt*I*yV1v}%SKIO7| zZ{oLq+Kf?Y-=-5S_p_|}#q^wpscyjeIO)Og+Qk*kOV_hBN>TQ;p=z?EygN6#bZ;Vy z#-qD^6#MJ*u}Y}oQG);6TEBo<$=^{>{#)=XM=&Y&VCvpZqbmv4r?c4gQ1oeBt{>|N zq+G*Y0LP>6_LaT87D>Q_Sz1F>_sh#N5>sv-Dhzn~H?kcS$5frBf&V^E~FWF*Xvocf6;3S-^H~_+C3;Jh~HRJJ~=GuJpHj8qZiEF3zhm=@d6%^+0aagC!wem19s1syt^mjl`MGb?-An`SVdl}L( zJJ7x|atR6&yX!M-%_A<@jmdFHc;VNSS=ya zhc3OVb2l7nj4Zet-|tS~prJs1d5~}^hNncn5+3!Fcksgs+3h7wDp165kN89Ra!461 z`~?+|T4f>ibeYXMy02v7^($o@Q9gehVI14bQov<-XJe)Uv=g|4`#~LTk6r^;>y+xj zJety^Z%vK2QyQQ@V0%@DX^d_tM0<+k{FCNb+;iLUufk?Us1nYW@w`XY3*$z^xQFzV z0|~jI;$v+Ib{&x&FQWlTVjc>wvkX<&Qh?YzqwdD}X5k2oh6 z-Nyd>IfbS}KvW+)89`0z0u?@|@d?3uQZK2Tf(aQn8l`3gd+j0UTmP~${+Q69N!1sLA8a$!DkD%yAq!th zq1w(U!{NKC*d~l+w@5mpk~jj6d`dM5dcg1UFVTPIIBHCZ-3Mqy*x2&`tsK9nS!M6> z=``|@W$Gp3p7^WMH(ld6yD)8-sYIB%2TD7v=9xA{m z@}GuY7pPm9kn(3+Y0Jfk@-tsT%g|W>5zC7d>W`!MUuOmEjK>$NN+IGGApF~RcQ2-h zQm6=zC+um&KoZaE?y(w=;#XyA&M;de9ix>J3ZphkaxDs{z!D>;m96*6Z;F6vL#lIU z%+HtnKYTd*hM^3mg(ooTWNXFC4mOG&={rf6`l)6$@}|ndu|O`l8JuZe$)C5>ft&uZ zf-SP%*k#8kXL%qWcg}ur3Iq~)RJnUWyiI4%CcU}1-QORdGqKjZhh-3WnZte;KUG#Y zWqX#Sws8=JwjijqOQ4vHO1aVZ}l zbiOdyxoYqM(mvz%pjPnA99XVb#5Ak-B-^}Ur`3BG* zJ_ob@IL~zEK-{SVBxbTOiCYj6{dp<%R~}e4&+$gCP+XvsQ~_)AoIpw`$wZ`QYJ0g^T z1Szi#`%g&0`5(dyCXWBQ!`!T)X}>l0KN~9P;!t&MS4l;?*)i;$f@s(RP!9;;V%BR5 z2$RMONB>qSpGiys!$xUDC2 zs2V%%U4O@Xd0qZ^b;8e%dhmqapQuIH+?HCxFwn@J4E%segt@+azN36i^WXk{4ayJP zTy(W89JGt-sdobX4822qD%as8q}B9-t=%giob zd118<_HeV-O+B{!h^b*7@Va(+!#A3rHHe)F06i)D{;8Br*pA_?h24=o>=U0RW&#SQ zcaSy^qZsgUaNjlmLXZ3Rj0)>g4h$iIL6`fkT7D;cxZ|>!DOYie{sTZtUrjy*%(ft`T*xru|lH1 zuN;ljx$)OKu6V%ZRVH+d7d<#0XLn^g53 z<)sB72If$_Lex%CwwS%8I2i;tm@$IL{>i=a&;aPzWFW1aExwx_0>cvox(?3FMml~L z@lR|7TQb@}anbqf*uGNH9$0t6dGSO7#4W??bw z3meSv%{}jf{n4{&zG2Fs&ALsNn^-d-kPS_}8(av7n;ONG4yubBMPm7#=LW{mxjZN2 z6l0`k`e{ls2av)T8(jX~FKC|OwpLf5aK>CvJG14u!l;wMB_3dd2*QAmcIc| zLBqM0GLD$3Hbo56BEn&j#~wpt){H5JRyYI)7m+8WD3k$42F#uX42Igtmm9Ur03a?g z_w7=#`cDs#Sg4}z6IjJFS6D(OQwFF6NSn_D(@j1MM(Np5rgj*g8eVd}!FGJjzx|Nu z6JR7_$6`%?JFb#wJeCit8t8G(+wKz%p8KnUadOMalX3lyH?Beg&EqIQ)>;Fv(SkSSCcNVPLXRD zesU$shye!X!Y-t*VLS;AV59#KGCGr2&+3GD$gidmNj!VHX zt5L%7H$n~=CrtgR8Y#C`J3Vi#^*t^$*y>WqzKyIGSC=5v1?###S6MW1GpYr$vO$qe zrDz*n;a^jygp)M zQc@>nWy!K9nFhK4zk%pqF*qDT&>`k20sTn1D_?F#!a}Anb?KJ%hYGd@VjKryFF^-7 z`8>YV-RI2r_0*`6#>a^j0tMW!^m3DX^H4mahJU+MeN-%=EESgAlb^=9j)#6iBEnVC z7DY+HYvBf_Dxq2xB}y|a@N8W@BwoVcFjMd4OC)D76-^+msq33I49ujphAb0s^exiu zs*8k#Q@E8EVmk1;mHU%;u4bVvCNFa zwRhDcT7_7~`Zg$8h|j|2j8iAyvtls?^))bY&ZwyKSHx z71zAss5dK&>$%^G`NqvlKeJ4?nz?hcGy!QVpm&g;BAY7uNz!|MRe5#PMboZp=ji$5 zPb|@~Jq@9Crj%a9k>$CXtGl8L-#G>!8-Xitusr;Id!}Ih2u+JU=?*E)2Bufwcrz3J zFHsttPTUXaee|Dn(P5W>%as9W;m=;Y<`%MXCzkjsP<|Is4xH!jz-yhD&YK%yf zHD>haoKQjOl#vDzE6=rwe>S5kPfa&u1B}3-UseB3FZa{s!!`o}u(Q$c*q}3$4zBwa zMYXKt@nLGnnF%M~hr0FKz}uW}@Ap^zUvCQrHDxwV2Lt>+!yJ+S@{C&fY_#o~mL3Tu z&0Le&ZD&x4?L9JW5V|Es{5W^MkInqr+IzqM$tN!Ver?Y<_3Cubh@6p4##tVXaO;=I zsBGgz%TV}K^wh}m z!;R6msh?xV-&6N#$`=)&D852YR#F3LSSp$E1cN;ynnr5d$w|#iD;=cSfsPi}(T@Gd2EeKb@A-)X z(Oiu=-0wZJW7PpW0;k8=-zsA=Mk)8r8VZs};q3cxHiK9ktl5GdvxMCRX5RVh)hoP9 ztn0aGD=494iW8%Z2Ed9U)pj5gi)81In;$Z|mIe-6uk!L`n3{hTG8#0iXxalALYgh&$k6W6e;6d#9ghTv!8Yi zv8}1g>99b!sKGD#U!)T84Pe^amJPI}BG~`nuQgQm;$=Q4G_cn-c9MSvVzH}OY^fiU ztV`Z!@~|3K7m9$^(?>G6=sV_{r#W=O1NpRh&eW)CnVVbmGNtn(6j&zh8;IAA<@hi- z=&bhp`t>C{vcmoSh3H|cHy$0a6+$Hc5xT;;OEYtw-n8N(p z<89ozTJbc_hBUK=BpiO7?}S4r6DrzrN637sVz=zIrb&YQpnNGl7*58JxCo~P7Z;v} z-=#m_g-`H2bJ$1k7)mnv*-I2EW?67NFs)t`_6^IBv#ci(3|+NGxF+&F&qrNZ z_!@zfavyzUH~*)9Yo3SN6C-6F<0#QE%34Nddveow5GZSS_wAj^%B}|*ZF2xqqj^xh z{P86$IMmQ&zye3^#~~rlYGT?wc={ESfE$5!7{{`SUgVhursr7?N?B9 zZolj%d3npzhUHdFKkKgz0&qY&6X+6#%u@b<-u+-0zoPu(*B7#!uEPqG)o@8sUzZ?$&7DM->67t=0Z83gpe^s;6&r%Ad#TBO(TlUJ?^v0 zyhp9A6|I9tH-^=T74z)=r@H=kq#bVj9qdS3ZgF=D(`p)*@xTrr9*EA_adERt3;@bq zEnthdMxcf)XU!=D)iJ>s+$|s&FAi2sB3n+lM8tYNM4-cCN;o7^D(QY7a-O3N10y;s z>vpdpHo%#0r{-;I>Si6q^QDufAY@6MB@o)!vjyA0fPyTVJ6TDH!ICAhIn@Rpy$q+q zv${!k<0f;$2f@pf{>feQgVHcl5Nr%%&_Hi(R=J`*fy8m^lInFs84>>VJ3*Sm>4JXu zG`8vl(qC1Ne`RYLMt!@Ysg`?aS5YTS#(_6;IoSyTv=aGSrK|QqrP@6%mj=gFRaLEJ zNV*+RV9fZidLtD;GTQF3k1A8Za46^`rU4WzUuGCEA7^%mk16pf>=T-ennDsqb~%Da zri1-Uh7Kx2>khg_eL+hDPNq6ZK%N#KZ%#dhfShASPKUtoEOV38pl^)1Jg_YxHM+J3cj%g^RZjjy z6527aq$*!^UuYqhp?*N!xy44xm~it`MOJ-^_b7RW&ARR_KHtwIAznqh8)I5CZDFgZ}=#_T{2 z`(xM#mX74kpp*S!Bn)xB-5LhZhyrw7khr##fn4ox*c?v@Q81mmybjO?EaYn<$M<{G zrjBv}TQ_^)T^JBt#iKnn?T9u@(a257En@+RdeG9%k)RDRfxvTjvhPbo;Ln(PgaM^i zkHSsIwG>T_QL0l<=kxj@FPw3)6PAwiQYP~d#KU#N5QFpBh9!Ec9jGoB>bFLB9MOvO zNMyCJ&14ZilaT|IZl3l>RyvGNLT0S8LVWAF>822UEz5|;rEWa4EqX*cUheW3#t z(mrtEf&f*-si}N;`@K31#TK<-?3TTOK1YgU*4pZEVbEDyaC%Z_QDY(UzoAXFOkqAC zBt+fM{S>ht?VVq5_ul;2g3K5)ttErXleln;#+X-MQ%F<-QGh?Fd!}hdDo@5v<9%Bf zH?kgg$DjL|-6xt+zZ`*%)C$R*27G3k=)=muY%-s!2w&FA8LxtC@YaLIOq4*1cTZ)r zpc%X+8u9vFl%D^^W8aZBAnHxZTlEf*-J(yq|A5)Je0u*UO#L5>`%GNS|Fv;{M#I+r z=wGI{U!Tw}HH2Phu|&_2HgI+zDi!WqYo1pik#&c8L03{$nsjYnFH1HNSxw6*k;Kwq zfI6ZeFtVF(L?8vWYszC=4}ZIUReUs%&-zc zj6XOzwG3$CyDAM!RZH`>obY%j&A;#IBr9L~0iG|je0|wh>q^~~4d-j?=BS+J-5aU6 zjNz(0ZFj{Os;o9$Zm+C?z$V+vjFcJ0Tv$u*nCM2}P;ipI9s*Nm=M|L;sz1d@8DIz? zA3J=$y-fKJmW^jY$f!6HcK+U6fqJS-T04{bHZ74gIl|eCg2um##l$lxQRvox2tttw zfG}q&ut1`g+IeaVZW17^O@p-kyvvS)G?81E7U+LVCSF?j2iW?Xv;y_=@j4VA7QDCN zS;VvP6y+>RW*$F%<1rUqN@fW3csA{)j>3W~pyDxmDZ5pP! zm5ZEsHYa;3l}4eymlx-kWN0wVC@XB#1STWeie-3MZ8Ufs4RDOrZZf(8h)w@Z`Dhua z?bT?ZM?8Cpi3UiGYsW>r@M`ZasIU+s90|%k^Wj;PtlfSC@xTZ8QS?kbwPQAsEp{q%1s79|}{Y%&SY| z;LT4D0Zx4R)-Tpy_97*eNywmou}1|i^Rr(~y=I{E&hoOY#dtVz6m)aOg=(2vUcE!Q zPBfNjt**^sLw4PD zrkE8uum90~BomG70={IJQm5v4+b zu1(1eRm>7{$4L&J?j*1~86|R3IW?}HJg6|jO2$B@|F)t!pr;$Xw;CAYpop^90-!Cf z!7^|_hLxs9r207;9c->Fonk<^F1gD2n{XoZKxaIsv>u#twliGFVh}uk zd>?~=-IHOSdUokZp)sdj8DL9aU^}4o-7|ypwjC?-UEooI@#<9D8FSKOz7CyoCv_5G z`GsAFXDl4*$E>(x%P~~&Ug;P#`>`hd0w7neE&A!`45XXTJe(l#5xMWCtEQ6<2v0tY zhdKOQIm&vfz1E@I`I!eCA>Rv!diq}sK}@;BKLxy7`{1f%NJE+Y=nCCITF6+T7wbGp zJ_U^_njGrqhMdbnvOPmbGRlrak1J^dA2Vsgd2o>~5s%qtx%#?ASu8M%XIF8){_cN{ zy&@pIBE<9m{kpmN8an*`{=OgD?fp3~qp5zhD#1?n?%0W?FWrJ5*C%`6HTj#}1L(UB zplR$hgw{PINU4#epCa=z)lv8T3B~70dr!H|5m?;xmvzI8OsEgQ+g8tY;XVy1)A5cq zfg{6>fJY};G-Ah*aH_rNJv`M6Rp!f~Rww8`SDpV!@}uUsoAT4bmVH;9DyeI}>ji#q zFisqiYl_H|>}HQpQ}B;(nya1qv)1t7()4&<^+hGXD;fpg+G=mi2#$W?NIyv{~xRkSI9=q`r!qo(qFa`?GBtoMQQ_E&O9 z6|{xj7dA6I{>dOZ_>CA;Q+>AVmPrHEr)#iNBe!$#?ZFN?^}y>x5%a?9D2kl0{%@UgDxCy&L?7 z0{RCUU9{+OBUl!)M4`~Yp!jU4{u`!}0GNshkHszY!2EA4xnA!+|5pO=ASkr|@ToKX zr$reX^M4=LsQFJH-H!Bs_0e=z23pcm#rR{i_0cl)IE21aC;hEQ4UCN@5)Ur&e!dqK z>YKr!aLwh!qAOj$QvH43pQdgj`BEG+$kz9dUFt2dPc+!7C&KoE z>PzuXF|zS_*f~W5QjF^Hm+;CO|_BGY;B>Y)RH_8>lx5$Fy32}JdXA9tblOwQf`a+lc@WWIM*vO29M{iT5sZ-f324%k=Zif zbB)&?cJ#IUmQub6-ti_7wj#0YN3eP}nw1~v5lOD{BqwF@Phm4O`^|PbPs92I+_}5d zL?#&L)Q`(J`C36h4`3zQ_c|~Q)R%9&kq}Y_4jx~RK3wEvGRh(01Uh2|p%Xfgf6xqB zL^kGP0%s_|^TtvPL9{Q?f(1AB?S|X4o}w7W;GN?`-ZfEngTRbdJS&1Up9M}dS~OUgqEK7GLjLO#{$BLj_r>?ar!C1tdsOmVBa9HMr*iCYKH^eEE0bMyV8HVT`)cLxyG(ML zzwB87TcV$mlJY25IXlxV2X`mXkizg4qcxV%Po9ha#pt#5pcHXnMZ?VaS zi$2q26!8c1{U2PNH#P{2Bz;M_b#DsRBngYZAt7Ru5Cw@5LMZOe==I(ZE|yr@6s?*- zQR^0vdXmBk_`@_AoPShg3`k)?^qI;0qNo82UF(X5rTFx+5J-|1fP*7Z1z@q9YNYmr zB74fy_uNO&Nok_ee3wA9sJKu-nQt|n6Z8BTriY$_G7vCff+8?1X$`5qNreYRL}$vr z&Lkrjg=x&N;CEVnv0@b3gS)hh^$Df^BT-y4Z;_-Sv zgz=}-JbPGE-k9A{TQ4Z!5-8*RFas!$>muR1MLm3HF$fMnCvL}~3+NKhk6nPlbf zUT<;`3B!EdkAfP`Peumm;{;$2`-Vi^VWmN1Y@iWK-9cPO6!lOpu_0->kOXp@Yc4H( zM|e)=nPJ@ih#>qXIx3Q-o%X8%i|GD|G0(y(EF$ccvoKhmuq5DLBquC5T`H6B{C7=UAdc6e)**#8GWNk4dQWcZSbemRhaO!HDW=(@4);l; z%$a!<2DPuk;+*ncg-9bWxHIFT;xE#=KFPFn``fLb>L;_=L6x#FfKAe2WV#D%bmM3dF zqha?(G*g538pb6-!4*Ov=c)sQ*TloNe&D+=^ya4fr2H?QonGTE2gVGqWe}N96;_J{ zC--}DJE-61zyDOI>GqC5jX=W;;d%#KAU- zg@Mfjz>i7kgK`=NwBixj($%)%dn)KCO5bQA-DGH;q$)KoO57UF+zkOIsW{r9*ga#a zfE=!arQD{{XH8?^ZAJfF4p$Uq`P}uVtEkz9v#prr)y{HX0s>eZMe)aF?AE>EWDRY*V}(FV2g9#;k6YaOX9PdU}SPF1-pHa zzgk%G;&9QVN=QY^4Z7X62;@r16o0~2uYHK8qtpN%tTUm=_IOgR+~8S|SwEG=Z@E=I z$dyIi0KFhKm%wa>8lzG!6=U-x5Tu zu_U>ECw!?#U#&)$GP?P(@);6dQwrIS{_;Z|Xmh$`TA*QYM5#_;+=-!>slm}rxo*+6 zM~fSQMQZhf@cdSq!+o!9#=X0--_{ckL7G+dE6DJtkNpQ^%`%#pJ#<$$U_e$vKnt3jrB@1e((b<6$AoW8XqUGSP* zBkaJzPUh@A>Ha5*M_n~|5G-bsxCH&N6T(p+E(@0UDzhXGI|_?(H7mVOeV|(YfK<~E z`mu@Br0sdl4%LeE?fUO#B+)pbb5SAJ1*B|Jb5;PKlawZvYY^is4H5>$yWO^=mY!iJ zLJ}v6Fkfo!q;5^gLdItb{UDq-fS*6NeL{eyIJ8@q%T5<%BClDNQP?@g9%*H!&pve1 zL_Wu2Rw z=~-Tu$LVj6pOY?kZapeAG|58s*UjI|zH$j&`YJA)OO$4`5KO+ z;#)zxE+CVoEHvS5EqdJibj z;l!DxWjNuW?f8=(!ior)Ftb9g_GgQWXm4{*lVsNE`0@FCZM&0t3Fu}&;`%jDr?lAh z(z~n8o|tBJgDQr%IrkQx@#e6+A^K|TR@*jr;pNFRWWNAG&;7`6`@zgwzF*gG$1MIB z6)}u|nFgu6;HV|lL>xyU-Wu>6`gn7BT231(sV)ykAEWI>JbG2Q$CRh&c{oD!8|`j& zhw_8c+@j@2_9iJVz)cT*Dr_@Fr6PMEcv-2S%*XO02IQc^UKI5>u1UoXU6%^E6X5nx zt>|F5umv;1^5&|WH8BOrZQrSoW*B}?*NIFwyf&UXi-NNakd+&%#&sfNdU1S+(aC3# zBIPH+e>z7K=UK*94;!#(*}&l7>u{(XH@M;DHClZPu+hpzUKrW(vjRfbPJUX6qA z+Ecy}@qBmua`Qr9e4&9oP)=zQ_xL^@MRY4S6GLI}+8m+{Epq4QEr)R6HWojYNs;K}Tt{CVmFoY0)y}eM2e$a-1-aeh&Ct6(bd4$k0GwXu$oma^HZ_Km>L* z!-hpPUKg}ks}DY3LzH}(HvZB#u~$ZmF$@bR5BK8^q!Ravw}FVB)Hccld4+L9eHUnu zqk=6$Q517TGDtDk#rySK>>L+R1>1*~$uCKii8X~vlZBBOOIGO^D5uma+L!EPzZULh zh1XO+8!Dh+S=`uQM)c(0@p--f-4^eTKzIuL?Tk|L-aQT&Qd&Z;f}Uq@quEnPq%I!z z!|pWZ!j)X#lE4rsamDAE44-OteGsZt`((+*Jx z&mMUcAG=LKjjZZlGiJNe{mIb(n4mH^U^(a_p1$=MUS?ChKGk!x(eeEtH%tmo(W@qi zSM3Q@s$G#c-p_mpAqB6qMmz4f8*7ky#?{%Z-F9XzYUOKS^`$zTL+-_%&}ai&uT6=m zzwa9xWjAy-Ks4^X@C08r-x!w^bO{&M{jDB##hLKv;a3{=_gyNzeMEXNz--dWF|L;T1%dx=WH{ieIpXXHyR`9+{w#OQV!Z?{?_bs;+S3Q6LY zsnvvCzzfVI4W_?3s&d_W#lwX$?j^d-NxO7BZ1&h@!eGH~14f7Wh{^%aKfRN4^KB%; zjT+~`mZ`CT&KCDZC?1SaZd%x$+g_OtMs9OWvwcEzIm;x@pk3oV)6;&Q@F<5Y=g>t# zJj@cc(g3y6!3n~g!y~Vi8LBOw9B|h?ztfuLY}nT)ka%8o*O@*sr;qW2lYTh6e?D;( z$0?alQ(sXt3b@m?=mo$eivUJMpb)yLSZBqPJW?1+;xjF8(mu= zv$b50;R))tIxDOLJ3@k*h$sC?T(*)^)q#4BQx|+t9o80l!pmc$iymw2-LE{ifmsVE z_E@-1^ser-DX8;SA}^8i$=Cf4BNBe{@<2}$Lw&< zIN4##Ji*IsgFZ|7-fvcLRWv*s@97-Lo3lmblK}c5Cj$DkF z#hh|(qjV11i@eF@n$vg|(?yied+I32{lb;Rwgv-GeZ(0MEm`gF>euv%YO__wC(8O4 zxKp{vX8=We%Z6=*kySw)dTRyDZQu{gjRO6UR%x9jpa!Yo(HcmhKB&Z%w9#9KZ>>oO zT7 z0Nm^QN}{rimuD(${dj{;D{~HB794i5% zhi&?rRR!)-k0_XI>=T7$dZb^9 zg+0>#5?}YC*UmK1g1fdn`-3Pd;)7PdNBX^b^_@nEgJsT1!TGBOX+Q0vYOpJHc>1C7 zwpbt1oq-7SWf|x$Mxgy*hPGHL05^o7xrmEL|M=~CX8SAa2QXY4aQ(kQ8Vd{C{}8_Y z|J9;#u>XIxXzZM9|1F4{(Ui5v5r^%$RG)6(vtT_+cm!Yq9s--evL^oqpIoKF`KG_q+L}irE52t5G#WqP-wpUJJ-AcKly#?7*evd0cUKN6GMaUj#F%eB5 z2_}~>AX(>%fU%nm0T%%p(J)oBCfX~&>En=9D(CsovifD?0!V!b&8JBtsBBnbvOou* z^vg|Hf^Z;XCGo-yXk^-v{_g`0YqKZ~g&^H>15ph$7FrCJ{m~UjGOi>!qp*dmDW+&+ zsD1%$^cF0M705tFYKl=Q;C`wsyt^714N^e^e7*2rBYF%TJ%6AlmPZV#7~vqTMvdr6 z&XgDiS(WgSYn*JvD(z)tjg_l7S-D6k4cPm*&XPB!eK{S@&Td_i6%P$S_O4>4k2Qp40ZcL{+CUBgaKRMv zLOE2i~ zt^yEFBgkUCxCh6786GhXPUq66@rmRhbOoF{-6jt`PF&5Dxn~*v{WN-aWcFUE+jYMb zbZJlj;{LRK`J4T(E5$idwO&O({AyYc@mr^HF14Xi6R*B3_;{y%o#AV9XW)+ixoW0R zf3~hP`tsY#?v+2w^u|LBey=&kky|zXx)_eOot*TLoH40mbqm_;LF=7}`MTaDT+^NM zQ8v@?Q&{#6)2!l(31;&!aaxI+tjR!0e&L1h#YP(xf?$m~)ML@n%J(dF+pG6{b@i31 zq#;MCYfW29FiQ)2V4OH#6-NWj1TNNK;)2E*2eTxQVUd#Slxd< zh)yYGUk8NFt~{Tio%lLKJN8OE?_CLAv$FM%Uv@2gs&vL|lp=>Z$I950C&@Y8te%Qo zh3THzzltR$2I3Z=S{iZ`6A>I{2Z=TyN=Txs2CsFtN9;PHtZ}DeiwtabIHB4C(IQz- z#TbkFV+vSk5>$=7NVsAv~FZmv%HIseInrP|ond!6|Z^vCy zfq;Zt=7B-@4B}e_4uAmw{sm48oRdRS&uPo0KlQnF-?}<-9A9I0TsaK8@^u(f2>Wo(IzT0*37+lB-q9$d4Kjv-(kczpAe0qnr0NL({>@9WQM}3 zB6!k&Z!R1J1pIPeNPA!_tOG0g0>o$_ zQp}7Ec#5=)8=+!MZeZ{fGx`4Db1v>6zhnZf%<#?btkBrCyz*Vy4nU)T+k&tlQ%iFD z=-Xd!^K}jp7hK_R;B|ayOMj(odXd`qZIW)18&aSeMik!&E492oP-QarP2)8LO$ zmaw8atkf(Q1pNyp3itT%GoJBlw{&A0dC|M3T!ZE`wn5RTe12FexLz&V)_>jhzp6F8 zPIaroueXj30(&n1@>>TrOVQ(AEWm*fS7~?Gz2jd9llc#Mimc54^B4SoOUM}6{(Dvn zb0ThY{Q0JCo(|Q(Q3Iy!aCn>${shs0yNnaEazZJ(L4;ao>)gk8M-6o%^$N-*`eGzE4^*!)FST+`8MBjSD(0kv((Fv$H$a>U%3qw4uw}* zf0-LK-2tt>PFH`++}PJZvE-41f?|t$B2S*D=NT7b+;>Ow(gvJ*}&tdhZ6~N1TEQmDg|OB zeL5Lojlp6}BzQh>d9)^Lr%v=qSQ+i%bnX3LTZB0T*-t0^>POugy6Wi*da0qaa!XHK z`I-JF72W8g*l+$rSmm6u%wZTBbOf0=W$jqm)k#11qr?(7{45%)N&+lvce3;M9lW53 z9n0S*K?wzR&3KrJ2+=q~n&`w-GH! zN7rpa2Z2ZCj-ANcH=;L|wTRf*8P*FVNG4I83jqm_HA+uR#$&1pu-x;|R4gPcDS_fC zPKIR?k#Il?G>yKZO*Ljimb>Iey|C5<3lf7(05c=*+xHnYgM3ve6?w5!^6_Tcb8Ki( zap-OC7oN4;K_lc2$ge!}k=atsYGg7b{}pl1rSMs&MTm72dNr*>y0IZfzF;U=J-0+r z+(^;vzkgTffDu|7JKo;VH#dKUYC5~knG+nOFKU}r$Nrv4$8z^O|1jg#1&38(kIa== z?B9q2=ocZ8u|R<`-tDZW(%!Zlm*Bi<@Ddw}^xumX;zwQ~0JG5$`(d~T>QuR{oN4?f z_9BOO(R4pDTW%hqaTEyZaYw_?Ayu5lr7LiK+RXF+epc_*a7M2wouc;Zk{i^6vfVav>kg?aB<2o_fW5LUlMi0pmeE8iiZvbwfha(jL zq%571h(nT|e0k~W202U)W}=7mFnxea$_{U)qI2|;7~EieSz;YL6bpGrPB9eU1J7!& zgh#P4Oc+OFxnV6TnP z9gKS*p%bO147XQQzeojr%M4nFoz6KABiTbTyq>1j!z^{arKUim5#GUeQ+a$GyCK(v3cw}no zOc!?OD;E=b8+BVcS;*t6vNF+kGOgpzv;HxvE5Z1#l0Bi81&$T;w7}$+6MS`R!|%!1 z6l+IL5vs%AuZFR67>RfTy+p={cwOI&6rc(HHoVklFwi)9N!!#)Dv?phVv}?vYtd%M zxUJ}@$|ZS*li^HbV#wMo%@jLpDtlOuAsjdNpr6$-*)AO0N4X3tNi%dr)3_YoPK2>` z@GsskI&YE_4-(?@rBtSEt^^;tlP#qSFS_8v!sh|pVGgRxvfaW`wDre_7bv2e2y5-= zR4sS)(nh-&|}sePr$0@xL!jMZu~JGoz(}QFBTjR*8=Vq5_7!erg|rOp2f>yM+>k zZ%)wpEa!VPBhA)1l4Xw)Lk=o*Cxfirru@P5PBN7?R(+$$S>NYZjIzrf<&yf9rVwbQ zjuj41tgxJ)iBIThn5jzS0L7L#Zuv0wuqgeeswDj4Q3{5xOCC8U-!Y8f(SXi{zv>B! za)T4q4jXVk{`kpx=uE|O=NF`dPBRe=Nq)z02d}R}7l_}T5~N`9S9d8-;>L_cIqrgXMW8*A|(%i?UnQ>c(ZZ7m% zT!gxIwCu!}V|3`XjqGoG1s>66Z-z2bab65wj=)1`Va8x6UJQ^Y@puWMP(;U}Nq;zz z{OL?x#h^c-7^=kM;rx8QZv?=MOTPbmv}R>t{2!zB{{t$RIR1P6>u(Kd=S_CR-c$86 zbSrWri2%ZZEhTwoS&DGEL+$N*fqxmz1ronOuP=7pF}m{c)o|T?5P^WBx9$6U`}?+f zJ%6}nFidq$i1oMr)x~E=hywec6aQwWcj_5eMS`h7Z|fS#Tj1O#W3I#Aq!UHzIF_2E z-FO0lS2=1;Rr{E@rVx+*Iyo?2MhM1xokEj1>*_qmw-_?Jpk962W{y2Lrk+YZL+EM% z!E@rXZ7dzkYHRLfS)T91OY`6U2FKPv%c;5)xl-79Mduis^$i8PD(GrM7tS zo-eSaZnE>VtpAazUx9TSD~;EaZGZbR2dtJlR-_0(CWB>1xWap^I6U7$eASDGSGw_Fa^{a8dG~y z;nwAp44qils!&J544}HWt;HTO6{?|c&;MyM^ck}=WxrQjTJ|x!uDENf*}`11b$o!O zr8+1~F*g{{L`d}mPc^aE*eO-N99?jTwc+99Auej-{a6I6?IBH;ZI>272JPoGbu$Y1 z!#axB<8E+V{pekLK#`;&9S6pufy^J9%7lfWd%Nwj_AK$(z(*TsbnhxR$+{xyHamfq zNi<>u?)Zn!@VsANPkf1X&PWv<;3=O*(9{f?=Pw?@`@{&AWwBQgNb!kRcO|dNha{$- z!;#llUteacTyRGhz44-~z2qT_1L9BbY*tFR#yl`_I(|=^JbnL~_jrUFK`0Q7>EZ6y ziw*C+x;qDG^~I7`s|;SWMnH&- z?BW#a(yEs$xtC@KQ)mQbR=D>nk^+Q^2gAy@;B^{dbJYWv>)^HaYvEKXZoag?M$*7M zAO=T(*#7NrR-;g_aY3f=?9?a$+haH%xd6#EE$%qN1{vI>c#1d}*)h82`r>|Dp5OCboL=b?F9Mq6S z6Mol$M^oo}N2aR-#g!2-x0Tv^;r^6$@+1v~3$FB5E`6Xh2dj)d4@{<1j$$e)#Y?Y> zl;I|%WkSV>IoXC|Irs%ps=LZdFIYK}Qs#45fJ%;^C(#Is97BO1Tkdv;ae*O_DGb;_ zOb9+tPBo8G>U`ne6Z_R{%EVzR2@=CWcIEb(W3`p+Bo zHJXVw;bYWC+Uk-Yf9B`yivxdaPuC=pi+nyLYK#++E55ZZK2#DFt?8c9fXD#i%dZzM zWGLiz;#rdPRG%=62h2|oyEc2I+a~tgYY7O-v{zZvI<(d)8?xWPna*>LhfT{v1}_@O zKDL{g1%87cV$Uk(^EkH^e+1iJAO8L-q-B+li5sACTBCO;NOqVYIRPgt+RzDch>o1}O7ioXYi+n@-i6%q8aVhe zzK!%}&Y2ysd@qNJlXApoU=>cz;m9k8l9GGBG(zm4eys6iTtN3PqAvbGaXObCpTgRM zS96xYRp&x_&oCWi)szBuO45Ju!-0Dz-g$wb`j`%>g{Tes)qdc3SI-MjmmIYEq@Sj5{-eIAx*sv-3?_m-ghwe3x5(jurP3Ocs z_F$lnoo*PJd&I{Q8rOE(Px8&}At)?Pg5_C#$C8e6944K*?dW0rO8&`OEf6dO z3Z?Bub*WfsAV)W|1P5R~7AP9$AVdw5RyIvjj3iFg{^C_=_cT39{{EZJ7V5|29&aGE zy=b@kI0y>&$b>uSEX?b$8>fV(2r`2+RTN%uzp=DB6ZSyEqL$2Ln@t)AbEGVZP_!Pb zJ(N`rn!8KM31BPHzgkU)j9cJf0WRVBOP;BE`&2km=RTlDqkuG|u( zrDuL9XtMDAm)&-aalrfuwyn2Y!>t(L8Vx_0X1&O0E>w@cg0iD5`cRU|3*iru}v zRidy=ukY)J3$Abda>z(kEVQii)?;sG@7lQUKttp5sn{V|RE$kG-4$XQ=y?+(m#{MD zX!UWDp71q{*!IHluRYk3GQ-d}dvanw1Vg)0+@i*^djRM0E1 zv_eZ|#FmY$zx2US8bkb9)1Z0fh4U7Q1k{m{2G4QD;$K?_IA$DY9wTy@<8{)$8NcGm zjI%=#$!^o*P3P_lGqbQ{J6t(1aMM{9W=jWQt`wP&#K>LIV%<>c{dt_6vqDl~5odqP zl~WgBROLi23bKxI6(L|f;m73!3YoVflq=XRhJ_Km?cWWLurlmLaP7vT z?xh=oY}pWi!sKn~Vd=8iVjReFyLbyS><65xAni?%gPI_Z5dI=w@l;D6DytyUOmCj` z2bQYhVq1hKInN1OgSZJ+rWw|^$5epzBz0oN8=2*v5D~Hj!2@X)}xnJ zfkm`X^3yAFU{fWO8%B`d&u5Lr;R^^f&ZZRC8Bumn|Hwp z392|CSVmgaX)TC?Mf{te$L=y{)}zMC&#Gr_%?kqbc@}Glel6E)Nb)Uam}VsT+1d2S zMm6H&AQ`t-Fd#YycA7D~C>jZAD`k=rRzNV$Si=8^SFDxkm#~dRh#f&xD4W+0os}p_ zTCFgOLSzDfYYCU)Xxa*&Hd6m&!uZd|ocwFO3Dl<^rOsN`eNrmhrANfK zPY5VjqGUi1Gw^$P8g2=M9p-gv6>W_CdP>;rTo14TPu{1^M2YQZ&e~l9w{5*MzM0W) zZ(UJ`-4jPm5E?1i^em7!u*Sd9c$$|GPCcGLzCr8&cxkZ(_N0=EDCe@P6BLJGZTQ?8 z(SX9zo6?Epvi1J-gJ|9L;H2NAPhXJMB1&Y=aVLVG?Hd!vRu3CRdD};{o8k&;+S09_ z{fxCID1f>WDks9tH+X!YksP9ZDKi=P!S>Z@lW`u>G+*V{`n`gZ4RI?(D)V)`UNYxq z_vYF_y`rd-C>Y|ipe84BD%;K5(*rfwSd?rv#` z)ivrEwnWSJr)IzP`&s~F5Hpjsc~T}3dYYmVP`zA@4?_5+5Tg;Wax1NjhfaXZJlGG; zS@y4aUuZxY_jy+OudzK;TP>1E@#V&ATZVAf9`Ta7IX=yg#rrCBXsx3Hru4)BdC zk(C2r(u!kVr7wfd;Q|UIXxmU!z=zT8~ zhF1w9u0(1-oilY@Yj+$7!EJj7*mN8N$~hdInKivG&4tm_lVd&iB6&gOsJ~UZmHCT1 zp-9n)wa7HpfZB)VC0O*gki?EBv*#0zY$joY=++$W=g7v!wO)ry@(7rzqamp9$UGU3 z<5~rUXeqSAQrq*nm87#i94Em~)wW)PPovLscbzy;2-q=KxMnJE$|~6KjnS&mrfo|F z2D`J`E*LO|NlQQie}^}vksNg#+@+f-^B8poeL$!3et&(P|8~@+lK!`D?!Qqx85r39 zx2%Ace<=yY?1;Uub>l=7DxQErFkY89E>bOud`mh`>etnh%;(bSVA+iF9nZI9g9!1& zDJ(rj89V_*U*T@vFMPN=U)MhWvTDVTEHLeG|H&343shPaDo`7w+2B5B`hw(yOtxIf zTriieD;R3dTNxok4a;rBo)%nvde~-@KCb<6e;~NTvb2vVRoflf*GD4aB^OiksyZ8b zcvQ47!2i~Zkpg@5+aajjmMt~wp5)Y2(Og(vAZHv3@^?rXkzW+H~&D-tk`#t~J9t#_TyXE!%c&OV|qn$7+ zF!Jfi>t}gPsP@aGN*J7g`YuTxXz&#ziNPa1l9UIQiK=Y4{8F}O|HjT{@Y-ZtUXZkh zs0OaPn`>U-Sxi1?9AI*ggPCR#u@hfPX`^3J%z;25A-)mY#8BT#$8{6z=qAT^gE2fA z(BCS!YXIb~!>E5Lt&7W9e}t4$ez3&Nwg@M%+*)K^1}y&w#@^|`!?&GjVD&y4;54i^ z-5Caw?oHI9C|Jlo>J6rl#Bb$7F&W@76-xyz8-#J;U=8Woyh((g9**Y7*{kQs@!vsh zpJ9Ue>T}Dfc@^H^a}&`@rriRpX90n?3-?oBrSCE- za{A301-t-VS<&Xsw3H4et{A|hVC>M>E@X)-uWT_1o9;3J>oWnnS9E?ouC?4_!yU)Q z!J>{^s+d$80v&)^>Lj?AX-(-CuQnntP28x8>MRfFMXLEhI~}urq%HFj3N7NNkl`ZC z!A_aif9Wp5m%jKM+60jEPKPHoijRtxPp@H-WQ^e+ncRR)Y|E-F43Q1mX9!B$Ku!`7 z9I79#l`SiyLtCm;6n-yWialEDVQMNSO+{+$FLsTS1tM1`5O_vfk> zxyZr^)Ssf5D3_5AP)fIQMFzN3F&IPY{JWvn+?@Ggdc)NEW&^mjg4zC@eEZR&o@|T+ zHM8C&DQ4drz&_%E9brHlS5PAjKA?e^>URr?)Ex#+mp}$2xMR*k*s3qn(fQfG{UM{( zzOVOYTA>y&Fis*&w3+G*vPPc(T=yhJ)AF%$Y{U`Pmp zW*;E86JNOajTr(Zz1ehf^Y5#0p(PIOd=XwEHZPZve4&Sp6|KZn4y?#Fd zJc#_jZX!AOP`}OKo<2O>oZ}s(a$Ri`up9u@7DCzCOSSlMQy?H=)mta81Y|si&iP}o z`(+7kJ&|(ySLdK~NM+l#a>X2=!k#U&BZJx#i++^T+X?jA4V*Sc$J8hP{!%GONOr*q z1%WC$6A{||R>ut)fB#Q$RNVS*4gZhwLLGnP@le5hu4t(MFr6kae0N_2>mfB_#&qq} z#~KX)y2TJ*FqG#`R(HoJqmkWOVL~b z^9H=`8U}j>aP?7*#qA=R&z;rrP6Y>AbS)J{RI(_$Nr)(*Q?18#)N@s~RUy&uks-j9 zMeP&5%))~2cTp3kY=uWd94twu4y%o#1>u6WsOY)9$S%(hJ0l7=Q-kYW+s;*{-uw4G zSx0>fCBK&r-pOW!l7~_dK+U46{dP{xbEQ?NVa|YJ4=TxvGEfGbtsRkIpfc5vZG1)h zKK7qD1HUjppq(8ChWzFOyvyFhASbI3XeN@v9Ge{tV)XPwD*bEdme@a3*t1|ORshhi z&Zi7luv*Zgl!JL)778*>ptU z`mIZriR*f}KR{_88T-Mx@81R$V+Sn(lr3_QzH5h4B6_bXsuc-ZOoa(~3aDZF|8FI@@qf5Dg-IR5vk zm^J?|yUE5xzgnEILd-Ffn5+K?`HHzdEJq|i^{jOvu^gr3oc%vI)B2$W8OJ|;^7ub} z@?lk-Fk4BIVJQ`G_G--qoXhcrthwT&xBrQr<5t}xfvyfdX#($8Psucw($=Dv-r zVU-T4J-Y3Z(&)#7ixxm#uhrL2A=S*Y_Sl()j`>Gtj%BDg)6YJaJkf1y6WzEPEYVAo zQ~BE_M$Rb;7qZiqsw+KgJ}ciRm!`j!XBlQU<8oXF1XEX}+T6DS$hUBs8D~TG{7t$n zAYbt*)?-VXfN&LsC8$ivlZBWqs+1v6m~FGqNj4sUErK0wSx3ZL>-?y^>+`eE2d287 z=c!0^Z_i4F52Z<5Y$%IbI4O}Tq_e#(5BbiJv6)@>5MvQ%0KlJFHmc1*ul`x&%^r?0 zz#WuTlkD?sYBIe)B^iGg4}8x@Z99UZ?Sm;F-cI~)-%gT*QuO5YJ~6^vO<{VlsO|3a zFSY=MQNe&Z31gC)J6%LlM=SRhzky_HPf>?J=m&EVraL)X!BSZnz`$%1k93q6vfI&1h z2)L{H35w6R+1WxvVvOm7?$PvH)b+gy5Ok&Lmoti?AN16>0H!=2Li&%S$zp#Xhb*j< zKI1`tLOrZ76J-NFQGP}JJ|Y-eqMt~-XQkQJ_s?fSL)jQgrXP$ihGsLZ)kj5}2{L)K{4;aT#z9kk{Hpk4}OQH|VrxKJR88ERp z*Gw=i6MFQ+e!Vh8N9AaEsp%*_C#^H-5FgVw!$I;U>K0H`4P{PrR@0~-85w-~kVnxa z&bAJ~!5Vf>WiMT9JE4slD~8KMOxM4;k=ml)pip+3S$X$-CaL-p6Y)nk9unzNJMd^tq5KSH zqM!(s-z`G~xlK@(&c*&FqG5;Qo>462Dp2Lg!OxsV&B^p#BMg|7<$hl=b zG^(k`^EQ{KBT~i_g`$>2RA8n+({ONKbbAd7$kZ)Kq{e9A%-AH~l-!cRAl59^1zk2N z^Gweku5aw8OnC^#XtAzF8#NgM{!`K^X>?SaxHS>X~995s#J~*(bm;p%M_gK6mF7Uwz8Sf`t!%@`1T9 z6d-RgxV;-5f84wL)58-&FgF-1aR*i-tBkD$lH_PJ&=MshQ)mm7gDzQ|+rIK!luhpu z=7~upQ(_858K{UYMgMD!iL_$fBb8EqaS>j%ys2pYaMDGUmBXQ13r!%o*V+T?o>`XBqb!Z9`rW9$D$SKf(hjf zqo2PauVW=(T}{$bUy(8^yvL`c+k57}W`@DTm74U3ol|na8&Q7TNJ73dcC1OCFomHr-#F%Wku6%hGoqcc-EPGBcAKA`gYE?IqZO z{ByhcS%dyK69CvwY&WF5Q9P3Z9inUKERoQDDZ-LInjHN8{GEf-_r=!R5SMapeTfP< zF08e(|3gLep#(bEt&K-DBEpFXup9$TfJa6qOFtwEHy_mG$Cb#h_mKR_Mc8}qss`+_ zlG!@{aWnq#!Eh>1&sA!bKV2(bH^fi1g1zn`zH#Z1&??AMx-N{E6~dcTV2d(^!T)z# z23l`2IqR*Qs;e0JAZ)KK5l!!lF>%Dh;>h|rj4!%hRXpz~k^iw2&_Ai*@Wd09&QHL{ z@)4`v15<(sdbfGHVBr(Y729rdVPZw;EAjzc^*p}R!DL!b?Pt4)yvrJuJ>bXtokrNf zZ8$Pqfewdk1Xai7*+!5X)JFAGF8s7lZWoW{>HDc^&_n4hV}na!>eY6=m(fx|+IM0; z(eZ-vIJp>m0D+gT3VXkVp3+@&$$RFmL|14P|Kuk9`x3;~T8`}Y$z~DVxZg%gZt=Ail*Vxxr zES|HOY84fyTFsV~9T*wW;&MSUV@oS&h08>v< zQB`+FMg;KugrpK0@uhKyahN^(Mga13_8xFffOHIuj=c#0M1J_WeV;jG{VUjbU`~vR z&P~7!fMiiWKoKo5GEO6+u~!59@hwDr^8(cwEYSO8LgsJVgp2e@lL3nD)?us5v@ukwtbni)M107)n^GA>&%Ff}zb zPbV`mGEXgVCr_@+zNZRJbxt5{8=Pu@TQ%@}mbBQQ6s8fT2F?TRwiJNIwV=AmMBr>>vB_@7wsHK8qi<&id=mY3CZAo*3<4uaRi} z*;w4)@)N7-+LdnfnOUYaL#}77=AB+xtZa>eYj=4 zoQJXLr?D?xAUioOEiV6zgchQ?%?0Q;-+)(VW=BAvZ0ziSo!npSH#v~M!+`WH%nqJ* z53eymziO@&@fkG!mwG2|B)?owd{c7otE45Ky9K4K_*QQI6m!tI0y`_`Js9M_zgG>v z2Z(O1t*LB{fQmn60>7J6o;6(lcUv|SF`tfgA4FKrHKcctZjDAIKyz71QTzOl&XE|~|c2BcqcXq??vt@5= zhG6vMzcD-S%0Hsj0AS00M73^UMgNWl-Tyl}aI_o#%rkrBL-l(-GyEoN`2qLFE49bB z*Y&5VkKoaZm1)Wky041y7u;LU?w)PkOM!apn%Y0#&%Jx|2jjPP>jLjir}LR_k1K0t zH~w7boKKOVhpOcp+*{4^mF=~wE@%EzzzT-h>0@*9iEqWvX4@}ocXbN(OyA-&j+4Ge zZe;)8584j-_Pl}@`Sw1Uvws11%l04s-2!ISZ|P1a`19XgY~%X&{A`g%_+G>MV);h< zUT1!{*nbBpWno)Y`C+6MU&BKE+Q%_CIMh4O>3j2Zq;FqdSATy>U-3YU{qVYe!%mBkh~-Ze?8oieWPuR#D> z?u`&?XLG~MPb%1&tB?)1A6}lh%~uOSOHrl4t(@CXl(%TRQ!;4n%i6%F*T{=}3vQPl zL*EJ14;ScNeR#?@m@D2Z!D5!B!b<5CSbW~xSt*n8g<05sGk5Wr)bOi{|EMEjgM}oV zMdXAInt_mI1W7TO+*UkSuVO+{d+Q6IJS^w*K+eda@`A$-3S*k@*_02vdnzj4<=VSq zA%W@RO_yWvPpZk<*KFf=A0e|Zjg|uSrv)A{lsD9x5aOt#`SF}-QWke zN&@&yFNyFMHO!Y6!I|#k_K2pJswapL3YiWL@`Sj1(;9dOmy7A5NV08LClxi0r(o-~ zeq+OHsNzI}6rKUKSFz;Vk*vPmpnWSwx||H4Oa$3=uyL&IWxP*#;IUVf`vs3f4f$Nu z8BmwhUu@;r*2nuGU=&W`0n{7Gcx#>`edl1aYBH>)Cuimf-6CJ3RL$P|IKK-PA?+A( z_HM(#O3p?x`sKF~e1;_DGbAF`E+pLyBn;tvW<&dJ(@%bb1l_h@0BdHep1=C zV-$~Ru}Ft&?#BW z(L5YDQ|A5=9p0NQK;JcFDB;l6H@1Mchc6 zS-WZZ!LjQ$bo+tWSq!zx9$)Yo<Cux$I$C@CefY$9rQ~|`Z z20>?E^J-@cbv-kv=Jb@+0kt6?WC^<8>Po+k^%pW;+Bw9zp!+jmz!z9=_7U;9 zp^5Jgs?Isd{phu#QXd7x7|<4?yGbljK+r&K+$n1!mac1Bpy`WupbKGfwUMpjX7z& z0^Ko9wVhw;%73}+Cy4tu=|2>0SBi{kKc+7KyxZr$o6o&ynGskabaYb~j|t#&2{tl% z%z3Iw<@;VlXb4uXHT1Ekmcw_%Q35*q*qj^N7B%XtCP(!KTHmHrX2)H!(W6T5!(C3c z7P}De%r?Z8%-CkF=@s8CTA;_ILYPmv^M$NAliVH%J?E=o92=)R{7r#6p`!{%z?EY} z<%ITg1)pp_Gp#;U18l zC|tY>9R(z6RfmV=2U|b#P)fJ9VK9_{sKZ>FxIQbnNB9Zfn{UZd=H}(WDp*zC%Hh(-E_jMi=19yOHfwSZekKj}c6-L*Z@MtU->W5QrV)-A?5cTX=8C(VSi|YXs5{<39u&@;4>|YWOEo>6lrK z5O}sJMZSS_aS~sL{P;4Cn*h#VcKDt4E-_?vZiuF7Yp-k-92py?lWj~(BoDXM?eJ}Z3S3e%?@ z*~u^N*mPid+;V;j9!H71Pb_%hn{UjPnd6NazZ@+ofEYnCf9HBN+vIRXo1?#}5?aw`u3hqyHl#g9pDC`YQ-oH>w6Xo}yY>VXc!yn;VZzZ}L5aiTrZO`~%6(^` z6R0o2Sjg@!s$MLHEp4G!mS@d%i0Fr7h zF~`+!D{ZS(sUiot?xukS>+7h028hQf%m}dYTEsKBSl}+Rttrj>hlg?gBSnU>(IgFy zj(SvzxYver4sqN1o|y%u5mDiH;(?0E3jg9^lpWGy7C0OgxP{d?|F^swVY+-xM0e(r z*;yt?v;CeFi9Z0acRECr0GEdilL*AX;5MmkuL8RQ9}E84D~dREkvnp};LB5|d#{J4 zRhA&wT_Soqs&kthO6PH8qpJr~NZ(}6y)<8rCQCXu#zV0(WW_&{WOTYv50zu}9S+mfekFP4L zlSWbjVbVk=jjy#Oxo_wU!D87{3=Pbxb`YIu(wFGo^Vq0n&AbU{i}y<6Sl2&QTU%Ui zXB8!KH?XT=Ia5(LLrSU!6FPoLk+(Ngd3dZsMk8+knb5Od!p68L_@q0v!;uQQob9$D zb&0QrL-Sv(WW2S2xrAx7qy>_C+;nfv>qG7Vqf|gxH&}j5oAH@6!ZWg_936{q^q0jo z;_=%aZw{tRAj_*M{;;e4^r~p{ZRpM2;QnGh9MNoGFFdyM7emcFSu8hZ)@ed_oF@Gt z;s&_$i1WpKS~T&JCYzZ~T%&V=PHabU$ra^j@+U?s=?eSCmKxsN?dilPQp0LLr`-rJ zpFAi9fX7R~I!d{!nY*+T-XeWLan$5zRf%eZ1$fCffJ0}%R~5C{jwHMmS``IcBWfwz zRf;U!FPK_ej&ATv2H?)N6fmkb$+M1VnN>p%_|3mrf()Gx77kQV_cAx2G{ufdFKW*| zFx+#XxtI!=0<2O5@w3(sCmkTF$6fln%x3_@=9~V0Qh4$~W(c?d@^D1nbi~}(eYTLz zBsGw(N>P_7r~Ggu(L)6GbA!YLqU1C=Krp)!FZ-h)-{h@Z4g6d{BD<>%uQ`31uz;G# zqswRlkT7OImmE*6CWuYw&A!+F@HYLNl_GcaUgLQHKDmF+$N)x!ny{E@fM^+?Fdq$Ww?Il$8}j(Vr7AQ}1lf^UM{!xVl5$rSn(eDAZCwTgjW%B4}M zb?r^Vs46^4)V(QMpsu!r_KO;Vl-3Uet%hX59IlxiHmgHVDnyU<{(I>7Ug?W+EL~rQ zpLNR1YKd&;@~>m_QuW|Rf5H<@gAL{KY8#n{?Oay6xkX8Sh%gC>jolkJNj&S{!9hfQp52J20gRd`b$0gfc9>bI7`$>FV0R zXPG7TPv3j#1eyC5S0Nt_3hKtTHHZMigd3Sv)qxM&;!MS*8d^Eps5m7gkDnQV zAIJwWh~QC_I{C(X^GNHjry zz7;MG?5VcV4N^;g;sBU%PJ%Cms*p-icy6P>KNpBKj=7dnQ`WB#S5*_C`r3Bp$|wSL zYcs)eulOEHPUD+|sS1_h)a;dxJuzAPdj-qD1PA#G$c(@k%L!NdYmjqrLH_Q9_A0M* z_EYxE1b#gc;4Y8j0DoJF#}tgIa(u^c-IZgzR@Fn3&(35f$Xx~n8w@`mDI(-@er#-B z+ik|ZRO@vnAxE&g5G%T~GPu+i9lQDm3|(K%}`d%>7`u`OKx_v&pzR zdylni<`k{jwsn?-N;%ojUBQ>#5=eWSVjARl{UT6S7>E1XVAh#-uo$oLXr~ZYi)R4E1KCpdw7FT!a7|^u=A7F~EZ?0sAlmE%%brtJ;RQ;%#4iX42U%c4^Jpj6L z;{@fFE2khEWpPyVqct{S#TVljGhQE*~JLSA`eE20Dz1g;SkG4%1KZW@SVu zO6GAZ3TPQ`xSG=)dH4v_$yVUa;j(BD{SHJaq`@Ceh!+&PpK6{l6(cPIL~j%FYm4n* z5!x~w>cJ!aLbi1$A*YJy(hqq_w_qANrpa{+mrEOdcn#XEimwXTNk61KIl8>kP>|%Z zOH3a@$-IWi6^KDp-0aF!v{P9{Q6V0N&@Sekjzz+&s*`~5Ucb=I6S)EW*YYsF-(Tfa zxfRD3)SLnW7fAS0O`1T>9+%x1-Lu}V^iO?F6v5g~OFD|9tR%&;8xXxW>bArDkxWu~ zYOoFScU)!1!;GSf`6#qU;S#yaY(mP3)*unETB@0K6VL2<^jI@G%SwlwDL7Nt*zAP~ zROY{NgNFrq+>^JBb{FZ73-*{$lu}!rgdB^AyEd*(l0~qsg!eKx7q+pAIUY26v7UiW zp)e6PD-Qn^vvAi2nIRl<6P|I^3$)otY8usPh3{zfOEkBEu8E zmhdD2_=o9W;KXCBv4afw2@?B5h34`$C=icX1XCtWo{1EPY#wt#^&6$H!@UX+2GAfYF0SIo#Ns5_N$4LbKfD` z=E-Dwe%PEluQN&DM{-LO<5GX)645OI=^_EwBd#H%GSqVTKCEaYcpw-`M~5kMw?VCX zOX#Bq?u0-xc=9$K+N9@ghwi%Wq|*9pGBolv}RS z)#;{LF4w@?$hC`Cog{iaCAoha07Us7rWaCg{|Miy;wSldu)xgYL34;k{1~KO+Zd%< z|EVPO2oL5wQj*0>(LI8f@k%ue#)MsOUiczbqK8A*YqadPh0;QO@u2mIjAMW)gTu-574~+AN}3^dGL`k^eXQ7Pm+eOua9?5pjpP4rlShasn^&_6CjJ}Bj^ zDSfKFu(1rw+`7yb+m~HZb_?KOc);o)djD%O<5DqkZA6o2sZb;G;(~ypg{S*19J97a-_S90X|4d%+8Y^UDxEyJ&D*wIlz^N+~?S!^lyOYW?_srSU zF#iSEhd7+AA5#QR*LN?e9|F+QI8UBzzWG(}^oToEjgl1#Q)5{tv8V3FPj9JQjI8h~ z6-loU0od{fg7i{*Y>25w5&X~^1_G&f5&0WE^`CR(xSG1nzccP~T?cr0lE0%Y zq1w=a1Ku2`7B}&R42-9)c7!(uCt45_JjI1pE!wAkw3zxuuPPs-S&}cka__ zY{V*wjB~v14`YBvJ8hOB@p@3y9L{o%w>A$BvAkHar<%`a^@FeEtM*CQnkf^mLKphf zZ@Qkd4@5MsJF^)3OfcZl-|*KM1^hF;Q>+am4it zDw9aDnBSR-THfT^kAN}ZbMw95la-K;g7sF@rB+O9b~^9XHWCm2%F`c%X?W5o!`F~8 zjg{@=V`9?7)`EU}w#A<6Z!9fB+#|xmc*m>3_e&|C)ljzah9|odr=o~0Ean+$)2Xwzjh-D|>L@wN17j5*23PHWlom2dOX35O#is+O?gzz+X}p>f&W81F`+ zJ!vORj&eL4y@%hr8J*ihbVU#^Jw-&?XHZnh@+d(W!{#&?oJCMpEKT!8+w62wTTt>| zR#kC4W}-H?R>5H+AbxMPA_^ zwBIl2>?;@;3x&n>cZ|wHP>ZA5FTURNZCk!|xjkfmeoSfGvieIJNFaBG-d80POKdj= zg$U^KOgFEppBU2KjS%bm{XG1e_=BjIM@!_(O|Q((X@8PwRfuI@3bAS{ikrP>Tudr& z>2N5hM0UZL6581>hkCnG!cQxi$!cTGE>#z+m6mEYF3E>mVIs&Xka#S_6=@G zTnO&U=u4Uy)?u;v9o_9w#tpOjtH@$T^c56VpwP zvWR-^)%l5Fp0@OJOX=N3HOQ`*BXym!6bH2HuV#}Qc0)^Q=or0*#579-bEJuTxUMB; z9vPDH9@1u77PvVgmNgji4tp^t?Nmi=*=67ODf!65G6`gr(M>$~WA=6Ai)#i_fS$Vd z2}&rb-}p8BSW-(U>{|~63h3x$xS{3s?ZMPTM%-`fWRBGjmuw|Uw1fmR?(kc0NF-dPcWT_ z*$*db`dU3cDc)^(^U;!=K6bo7FBDY@Y=|o<$j5n($a7!yN#>;{Iu#d+263Nj{cL$RP@=IZg>%;QZ zRJVrjs-oq5^UF7G;vM=ZPj?6#A2Zkt-ZAWlC0bFYi3Y}Vv@6aZrU12K82F2_2)cJ4 z@z!2YT`STJH+p*&9Z=s@6$p-RN2rYS$^wnfuX16y<4_Hitc#Flff(XJmmC-2r4WgW z^gOJI1s*PZwblfH9Z3cf+zaRCP~`E^ICX^J*FaHYRidWCB*6$WsSSsZNUPK(nON#T zOz`c?@lT(e+*FrxtG|y@FM(-#YZVX}q+xuB9%gYzGya^S3>qrc{hH()GCG!WJH>r^ zrjvy{5VvVQ>ff*ic+p@La8cM^JETpzs$BU@VS8tU?m2nDbPd)1*GXOrZrvG-8edYX zBe6rm^Lw*x2I>N?yjW$)a|~aLr!*TB(;C1}w}@G}Zt2A-uCE{=xZK#*Qs(T43ChESB-I6i_sF^Z7A zWeuj5k}aMGiAmiL zUJ8s5{HZ-&W40cJnoglWpNCfT4do z-kbkX;u+6M3CW32D$GqEk+5cx@G=6=41HERdnWU`fwM7w7FQ~}DK}7IqtSaBi zYpL;+cQC{%Xs+jZdm*mRG%Ws4Sf`rM{&ea(Liws#P$aHutf0C13WufG8?~{|cDeBu zEd$azPO zca|xftQgrosBpUO4+UXNpRblNa90#mFW-pOR$d=^>5Ty{Ij7@<@rC9Yj4`!3GNWH*)A zXJJS21g~Euj4a%)WJS^J=I-sLGI|BQ1}mab3JX8ion`K#IW66<2lFsksOQNZe;PLV zX>VM|v8ib1yo-Vd#V|V7fN55~@Z8;}Wv-zJK%ENq}!>x$vfQy&Z2cxtn|lqCb#uri##7`IL~)U zrgT4=8_dEMnxYcq0aUr2D}W(SH_t%znIvy)XpVQ1#8Mm&gNsRs+?_babDQP>ou6(LGC6CI@#K$He(>D3My>%pfMxNg2!GHiAOPdEwgIh-w8snrdCb8gOg22p(00`A_x7T#jkcj8d&KXW6RsUlAy}DmT`a%fCfJq*j`7h z*N^pap4(6hHT4_k9~2pUY2$r^W{MhkfMJ{3`^hJTs_xrzPP=tl4GR)@(v?wf)Ri=2 zu%e*BAO(mH`63j%p<^(o`%O>RMcs|>k38~HFsDKJH!Ig7YJ*jTLX&xf?4_%i(pl4y zm7-p#5%W-$!}lLc`FJJuEq8C#pjqL`*GBPD&15)kDU?XPk<{+gHxFX3T4MP*>U^BH z;_j^tC%*XbL})}&R!orBs&Ar{T`;xsI zlV|;WGYx%Q>%o9*1O%jX41zbPSCtM#wpd z`Hi?6c=EyU4JUx-V79vbSd%**$~Qr(Z*dmPbD3C4BRe4Fgg+oYD+*QLeT)zKK0rFR z@o7s`#^#ptITv1bufvO9<>adZdZJ6xqWuCkPI!@vLM%M(*qjTkDKESyh1wDb-VYxi z)eXh>J`KMq$mn^a(O#|qe%i4vMP;CK>=Cy_QZSpB02fQIj?@W`wLV4pz=RRjrQ-vO zc`>G%FHd!GCmR38vs-|OPp;WPAL3FgUbDcqt6 zVY-|thh|GXYNx#QVk6jhQKZ&&nyiX93csFQZ&&PC)Mp7FiV?p`2+=fWir>D{7U)Q; z>dzqYFT91mC?tW!AHvTM51Q0F3SwQ-nw_gqt_1t%{O;we;hOtdZK?9D$nx z2mMEaje$-uqg{t)tJh4BygHU!?ayKvVuy;t^N8IVQ{iDwKT;xUCdXe!6Qf#1*@=cR zX2p0qmgw0|y=Yr*JgLO{SAO|V)w4Hk%c?#>@A|kj zZ!;Yq01w8~NKpNw9**FhW#plsA|3Rb>RIo7a;Tpe^45x;N^WkvgSw|n*PQ)xvNVEw z4mG2aY~fZrCk+myhgKXngrua~w_oM6j8?JoR?`{4uWQ?RHg z6K`B|FWm=WvLLyhx?U;WG%_-7@48Uk2JHNVE2>crJYX7zfUijzj2E#P7OI3Jf~rX= zUPNY3*Do`=* zrF2=>OXV66XRXtE3Wz7pu)O$fN8+|Q&Zw-+7Y8R4ed$#_Dwq5+LuYFpY~QRz9estJ zEU$m8b&TkYao=l>d!g%0PrH~jqw^7)Pdm6|CT{`>k4#O{=FkraGdOcLoMVmFrnLO67T9TZ?rzc8?J6 z_}ST*Bv_M`jnr*C-rMf7w#J?Nw$kzj%rU@7I2b+*OLF?Ei`4Vi;(UXCPT(uBobg=I zfYg>~zKXz%`}WaR);2-ldRmaw*iXIK!H*=UXm5=yKa2m8SYDp_&=5h9TYJ!(aJd4VJ@@Y9rRe_7fU%F^2o{JHiF{@cp8aJoYm=h(N?Lkl zfsqRxtM3NtXSmLCa(DYQup91H5v({CNXE@FG z%)1&;d-+9#1L=nZz6FBucsN{YP|<$jAD7!TgX7$E**Va*H%WRFNLy-h>O8i%sbJBw zwTM6Fo1JTeh6tAihKg^T3u~YEroULY22=Z4=96Gf=;s^pgwWL_9*GJ(uvAN+H7R0`Y;tdCDfFj=W_R^CQoYekyG?T#EH>Q)Do)58WcGY zkG15mkq{FPwZLu@3J;wT2@-h=h0Ew6gGtdWg0OV>HYw00fV23^GU3zhXdty;dI;$= zXi=bK0A6Tp1oWyiccNLXpTxbKd4~IYH(zJs7EF+fnZr^iVF=BsXKE1pjwo-;P6}f% zC-NI9e;dbPB{$Ua7s~qs<~i6sNzv0xBT~)tp=lAA#sjBUzePJ?SWXg*5h;cf3Gjnc z)F&-#+}xcxYxR@WRS`3(+%4%^>9%}nkX^BMNm|1fldRpT9VI*$mK!`l2Pss!Gd6p& z7@z()zYl?)Bk#|x{;*rCt%fFu&l)CNa9GAIm({#=of|@cEs67;Eb0oqPAfTLh2Ad6 z#@&zLsJM4OZAy{ZnO$k_frL}{ylV*$1ol%sN%rD?+;)`xT~6Z*pWk#_qY>6Sig6w5DsLUS-<5EN30zuK*X=$&7y)KHoL~+ z?GL#T(BxnT7di(UGFIs5lFlT8DO;@P6Ih4;2d2(DVI8CyWjn9DcSSQHB zN;S4eiQNl5j*mpDbb#*0b4eEQKuuN-UL7K8On8VZ@}bR?_oY{i6XKOFV9$qo9Y;4v zJ_kblehjibhzakrn2z)aSJUhaGY#x8s$B^79XmVU$K2J|B0XWsqNG&OH^GK8o<`07 zRYfJR7?S_vkGQeAKNI4K_LzqaWudd$yJ<6&7~EBRu2a&!DS`#PIFGYm@gf}Ss#Q@$ zl`bk0mRbA~8?3f5bx1R?br_9F0(Z=0Rf|yF;QTxphOF=l2WHx^JL0xtTy3u1LP3q3 zcoK*3`Ouz*PJ(1N$dz9AZJDn(d3;v4AQ9eR2lFSL`aXg&mX30|)rJ{>$b3_-E=Dun zXE=ydY3EK9PXKALNZop-Euedq{~QspLxax8;e^4?7K0*6dD)v*% z@r@-rq$W9diUnPcsjHosveFwgZ^aTxJ>T@+iBuKOjvnLN2QYJeVtr)$M%MfM{c2(^ zLfHBe8Ra9-+Vvj464aVlK(NLk57a3kRuH?P*I4W$5xXh7vU9dzaxHSz^HED=iw%_9 zX-@;!(F9&FbV8@UkDY?ktn*NL?kDg7cOSz*Z71Xx2jYl6oy5`RrmsoN##j62^(6JW zSQq)o6t_M#mRhv)gcWTT1VExtXGNB*X)I^_&b~?nHfHnsZXJKO{g$u{7FWU$3eXp@ ztE%IpRw`lhk(OyI&X3!7qBW_@6IWpN?jaKqV${1PeLtaC0|8dFq4NcFg%Y8wYjHN7 zP*%LFr$^0+sJeC`KliQ3Y{%E5D%#Kyn_si28T1o_+oPi6N<8V6ui6e%RI~gPZ}r(4 zt23X!^QIdky?yoVFLqHx{vMy14|bANP7@y*}Z zu-7c5Ba!8`j1py_wL+1U1NxS2?YRKDTa#$Ibv64m)8-fQfLH?M*B~wYQ7@X@kxuQ* zayPV=jqdvE6q)n`cve-MXtbI@E;BkT`D@R66Fq(SKr8ah2{Cw+4+(6;$X_E8XJ?K? zi@yew*3|q6os}dEPn&Ro`d? zb>5qC9UjmzdR~mGb3|Q%f>=y=c?*Y0djb$XD~f5xB;Bys2o@uA`aM6E;?5o6h%aWf zwvnGKRTJ$A4GuJ$q!hhtGRJLF(P2Yunbt5dM3Ed8dj zF8ykldghxZvHVwMzl%;3G!SMTdi)X)^&b)`m`ky=yyi%MZXwI^ha4L0a}c)s+2?Ho^aPB`6&!Ap|eC zyJ%HC9w;QYWmXz<2}zHU%y>!uQ_2#{hvlHYd3_H1OvIDq2V(|1%5TI{>Hwu~byr<> zs$hG7ba@+EbjiU+o4kGjvQP?ecUnbMd>e> z<;OZ&8o}|5)Rp2IC0L`~@8syb5ayD{u*b-N0-SAQ5<&ze z{WhD3g_Y->Z(^cXB*ieKTNq#^7DMy!rv~oczFfU;x>B=M>0it%;4oMCg0o=C;hQ8HNl-H{sO=T z++OSQ3>6dtO`8kx(9lZ5zA&do6rln!QW^xs zWYU6jN`zt_ywT+uNvLtmHzL|GOcv~fI0BYO4ms+B$dJfS4idLMWnSO=bOAXjjz7TZJU? zf0`5%wRmd8@p7dQ0}>sn0G1ZxXFs!DCtI)2^%~~#_(%wOs1THAT2Dz&1i)S~ZH*LXPggz?QKZy0{= z2w}?JJ-9y|s)bo$O}_+#hmoek!oy&yGODGu^QG2dyd+>g4Y_zVfqne_=KXzJ?WHz( z9*}p!>W$7#qpD;!C69FVRQedJ@e|=}PJt^8w=j=BoGNuGD4N5Da})zK|ppGh$HDA+xB$#KFgOqYmpz#X>bzZrw~qdHLud zHHf}tcUb9a0mZkAKqo|;PlQVP5-*GGPq@=@o8t%CHJPw`)+rq58f2^`UY$hc(gzL< zfhkG!B?9s^JNT1Uffalc!QzMJud_8MA&e24<(uP`di)9a^*LyY&k~woVVZs=IjKhv zw0PjzMVzU}FYE>9uP@BmN5rZ0lqhX14W=X2Z>TlI5&7R_KHNkLv!|bCDzZPsGjPOy zRgZ^oz)3qcYpvt2VcnDgq;q4bluXFtMCfmqA(JqzzXc&)*+pG#vg3V z8aTS)LL2|aWXYdh0Y=SaB{fN)&;Tzp{j!%7As*<^-T|)W?BaVx9(fjsZLiu*k(M6a zE*98v3Y#S!E6{OtSy+TI;ecfalKH_Lh4ZV4Kz*Sg86tesz7BD>b=r4zu&l}U1-WU_ zCff)=H0#6x-F#m4QFhG#$FsvLr&VP0@xi60!8lZYQpr!M09xYq0p15;;%d?_wL#EE zK}&PqBP+@SZz18|FSenc^kInFC_Ox?3B z355u7$cqXNp>SIV3?qq_x?bt@;eeiBIH|La#sMUf6=&4XcRLc|djKD$>41DFY&)+MFW%$Ow4TTPIe`y zV1QDJsD{lT>RZT&l)rn% zGM3^J?k9Bn##B`!FKF};`tfYO^^INDdn(vZ%^IsPs{>*hL0^n)z?OXQe%H{AbsFLXL0kl+T{ijXAs7HdLJ$lUDV5CHJyR1u_ z=9fu0_S4s2et4@f%uG!|m=rBPg8k1XsdpPAY@u^HxA-BB{LQNstT5ilqnJ<|;GMqu zwa5fe+%edhn=O?VX$oOZ-!|=FbUklOXc{soVnrJa85jevd^^sL{>>c|j_UAAO=mpY~UD%k(>y3JeJ|@ync~aU$IbT|`9LCortM63t@LKG|A>-4dHh5Q%@fR>6 zSWhLZ_+?e(c7Q2ILF1dOHC#(46G0w5%rvjrkThzvv(SP~n62*0YBO0OgAJv2jsj(; z9Vw1Yjx2mg>;NB~b$`g@d-eGQ3I1mtA<{mhDz5}^8a;+_wL*B$(2K=NmaYC@75(rZ zV8boy#8NQeENYr4rAu5U2a+g10c03mPotX-P$z>}DC({aF}Pcyp>QydOJmBRn;=~rZF6$%iEgGD>swsRi`Ov zI(8X`LfLYMe*(WWFFmwjo@(iq5^5N^B}Q4H6Y~7}*<|5bH~MXJ3nGBy{>b-jJ%Fl0 z9clS#9O*5mN(G-9C3u}PfCc-ekc?Pz|$U}YwR4q8)=g*{I$OXQT;3%U=^wf#eTqq&CY&<_EI7l`GHoZDE5mF4U^e7qI+qCR# zU5R}d0{;d6sTO~7&It)7IC&m#v!@;7Ctn)u#}NV2{;X)6!O`kbR&CoPdzc^N{>I0| zUuJ8s3UZrS3SF+I1U@R7-ysi73jz7~>ybYM;akvzchDHJU-|1>63CQ-oExP(NFbO4 z!Mi3*3&CuRmJTKgq#3;n+*K#8>H^woC{O8bg>f=aOzagSVDBd>G zlkY=$*@@1HLCk!Q#Okr1;!-qO|4GDk9Hm7xJ!?!LhM)}kF*#lghMG4MlOD#wvbX7j z>D#zdHG?SGxz!jFobeMdbYJiX&danqbPz zW{CwOE#QMR$wKxIs|y7d#hgrm@V*35yhzS|*(~j#tfXwk3f=@5Ilud1w=o z8mO?GTD&=$bNJ7|Pe4F~*M)vS`30Emb=AvhnhXr3{z^NWF@Y_u>DB(UQ#uDogcRDrGD@|2hlv`}&Oc3~oi$ODYx1$<=-)v8Dqei6p zOr%bI+)8;n`2QDLEv3?y!Jy8K(S*V1c~$*305!XFETut`=F>-r(A~NT2-61dI73eG zii!Afw!@IVlfcM%O^e_^bBD&40T?u6Uxo=>^sL;(&9{cOjouUR`DYt0eoF(x57L(l zL>?+P0sV=OuTUaEI>ef(EAFCOx4_i`@|$eU{W{Gd@DqwcE>Y-w{*N z8eD4klZ-&bkC*eQrE6{IwlG+VOT-Wc|vH0~>(sqHd&EfMUm)!jf( zR8C(i63vd%LV0|S3~$la@z6L$iZkEP)c|V7S7up;p#$-C;5P7m>Mi(f^?H!G_Fp)riWMFa?$fSN=+00b;(ALIGE-Jp>tQ@R(7Nf4dFG*JR@ zHs1N@cmoBj>Z_xMyeF5IR`I8VqY?$@{MXH{XqLyV=3|?7d4sInEiVFc4xaFX)9HEL zJ$3a)^ukYkpCF$!skdB8ujiM1T7iCPH|T;+!w?%68u`bv8xHgF&Pd4EFlH%j^)_*IGg&}TW_!U3RU1%X)a3ZDv`n1nL9*|rR#%2 z!goC5jvm7kDk!mB2VJRA{*l3vb;+0mDWR8B8mr%KS&dq|`StME4S~S+?-IE{BYQdl zq2jzwc52xzvQQbq#Fyb`Vk|Yo^Or-DL`mb*rnD%ABB5*Ph7^3u5-4_UyF-Tn-r&id-W~p%8o0X z{BIdrB#8((U&JZJ-i`>k_%noT?%Ll%h^cnwd=&Hv*4M{_frzf4()k@6RwN%bCxuIg zv6L?H-&kxl)?RsfU-v^U!Qr|-ysmZ-q`JQz$Sf#D%+(&gd49Y|PCgBmCXo4!TyqmG z^ZC}j=Y7?O3f{<&4P!=?dxXyWn(Rfur1@|-CTdS1nbdKDfP_u*!#xwUPMYL=?lsDO z21D!l55grvkj)?ZTq-;UDKRKrCBPkgQT^q*r6?>T#k5=}?9FkhuO1&c?5aWGJ`|iX z54>Rhn@4qNe!Br{#mvts!4_TeDH$a%2P|5dryv>9oVZ2s3KxE@7>Gya#7H**Ms=YV z>)pql2?2_{m=QnTxo_qrhkStl=n(LB&<7C10<`7mtw7ep&~EHsEXJ>8mtLmYiNC9{pNS_&h0UW@@b4*q|0^zc(9Zbtjk$3hfdCV-f?Bo+$Hq z76Z}X;e~P2D)MtN`Pj8+8A+Ut4o+5Sj-9!b)LXc|$|5f_k(oJav+dlnfxw94*i@sw zW~6eyB&QhvmcD-Xm%5NAg#IMQBl$@%rerW(X%O8@+Yn(oh6@+FuaH;VE70BFwuHrW z*j}yShbXrHY>}yvUhC=|w$qS*T+8823P$MaNv3d(a>pcoOCj7r5I*13pyF%c%hRU# z5`me@XK0Dr7Rcc|-Zt_|ok#i3TIO0Tc!DD^LZ`#B2?tD49P@cnZ!XT&&F)H48MSBk z@|AwP?i=Tf;x1r481Mm@s3mTHgU3R^Q+isf+c_df4AiQ(Em>@ImqdXxl(bzE>OTRz zRTB8kIxnS~%5zr~sf|NycfE{_Gc60u(FASOeCAMH8{|95wy~MN+iqxt(1Y@YS>_8c z!XTpG@;tm0aiZnc(8ezcyoSE~vG!W@&UXJ8QkkE_H*`mVnO=gChB+8&l8*5$0mrh>(MEw(l2(yxcy0)q0LpkT_2JEx=O8aFR}8fjF?t40cp#KUuKumfb}AF!o*Y$kqQ8axIpH{ z4*PSAQnj555LqJs`3kHNwW^yOqj|QJMIBnJpb6U0>p{r=2lWVfkTe1fyiH@&w5mBylH$7_6qXs z6o~BfMvPn7|G99Xj}s6{UVkQ-oAxq>5U$sa3dp8XZlOft`GXpd96XKD5W$fE77E`y zBtB*DP?WC)wcRKj26M_i;5rUv@Gi@SNjHUdhqNJAPXWr;T(vgKaE5kV((_n0##UWWrWU(NHWfLi~meDp%2p@0F64Q&Bs@Ix6ex z;8wdf6D>KUL2ZX~pP9u+6+@h}Wl;Cwc+^Qb>_VqjU~Zk8Dy=?|v!p&Rd5Yp0u+YK^ z0PgJpVsavT1&ke2oS8ksN@qAIS>fd@OY5vQ1)4VKqKqID^})dgqSLl2;MlmWk<+{> z^M^&I-mN749peCH*P7w`LWCcYg@E(wL(+t;Kl%}sO`7Iw-NrNT3cqC=(^?60Ys$)_ zxp`elJ{J0?QHJN_V`d*`K~3?bp6~TneG1&bRVGaHfN+C9<8MBmb?sxBrCXYN+B^Go znXoQe5^#w}KJwNgL1U%H!HPm}#<Gnup*siw+fkzpo>ol8{iRZZUEe9PdYx1pfG zm{LTb(%F6lm!dX_;g5sEIO`-n&ycu;J1SQahQH^$ZrctC_#*9pv(`-xuWHz0$$ zMQMLRQ=4aUm&GZefe%;xGQcjO6^tCb_z~PJzs?7Nk)8mIc$oeG} zus9KfMD2gY!1M9Kle_kT^gfJ7kl}eFtOPwGB7ABI>C%gz#y=@_&6~F$rkGb76i$L^ z%mUt=TWX%tQ`wWn#^!Wc*(%Qx>yE7c74r!oPtTY?Zjvu`8<-!dE}^%s1d_pbZ8FNvqZP<*tbcH0NxyPTI%UOMQYoIt=93ls5zAD3x*7nXfAN=wP5Y-{D~7Ra-Y z(e7Dpm=HixlnNul*3Tlo%Xq9h-vT4rY*cb%Gy)S6i^cs`Rk%6%F1N)8gn=m-)6{Gy0KC9?`Nl>vrud!4}bzqr7`=#!0!7 zI+8Ry{{Bj(atrO^(vqut0qJoqaf%`J+Z>OcJdKN4Nrv&`GA>C=4jqPF41=W)2Q#ZO zWVK!ctYLwT&E0A)1bs2rqiZ5D znzU8~!UKLs8`4CDr*cQO7(4UM|JPNCk>Z9vHCd|*m?a;P8MG}BVKm4q!oF`4Z3H?0 zTP201JbbX-=gwLrBYwuUixMRyaP0bUH@G7-6#1=_ zdd=Sa_O^NkY#{dY3H_aFrbMF2n`p+ ztpbqby?LyA52_(KR>SW~B+CAHOt^FNdr_NQumf)XIkvg8JteE*c^R%M#h#8W_}4fv z%l_oL_zKYE<(s9;z^BVKYvE32APRjOvlNi^tfPg*B+^#n`js1jduhJkQNBn@Z=tdv zdAl;g>_`F-;JO`C=LGsB^-%}t#kt@5peE-vKy(L8C02&FbqNX<_LFRy3dUPCg&aB% zQ^}w*c6_I1%!rG#JwTfV+SBu7=vkl?WewTI7XR*OyuPPFp6Kh1ci`i~cH^ZHb5Q7a z|M`BdBrg2tsi56RcGLYU3L)ni)n|RM=1g`_-*4EYTrBsoyjdA8ydP32%?{_pR+_9O z1gAYSnY{ee?z`}Ez+13Vg*WZC?3u&rGk=hqi#JY5b?H5y(=GZ6=th~*fNQV}J1DU9 zO}mo)c|N0k#(k5}NPd3dFFi7pzpGV&or&h-^}`sWTnT9b9+qakk&2zU2XPpnLhDlN zcmOAEbpqWnzj5?ptDI<4yc(314;J(DZ4L#rLDOi2Q5IC4FY+j);!{Zv8p57On+XXh zT&?r2bMVz3f!t~DlM>NFe@Fb(C`(S>HrENuZpxlP?;>S*f@GmZv}X`SHxN!U0wrpg zff0qIf9YN8r{*s+*b}kSD|M^RYHP4Cb(hH;9{n<6w-K36=Yd_4!PXTW9@%F@s>O~t z?4JvG3@L~SU&GXxz>!4c8t4QFGGROEEm|upQUfC=46RpytMt9Zj-iL&*2k;UC{J6w`B0u|cy)2n_ zK7z8S*idqGG!xVsR#u*XS{`~Hod`*7njO|YA-6W;-?MWt@qt^nXuH#%3+A=r=mzcw zLr-5ai*53N=sI%>MncX@y}^?aY`dO+aLh{16sLDi8yEFqN@M4}CoBbyret z5yEI8R+a~FeKE?u8(W=?iTO{~1-2@tBW9MFi#v>)(K>JO^2-jjDA1h+oZniSctwL_ z<)u(fh@%`X<*JzsOf7Acf^_l7(<}lCU6}R+;zr7y*5NW!Qs)Z2zxF=0bHjV z=Q4&>pL4O_yd5UBL|^qcOZ|;^^9c0+l>_~D+HmvL0nR&iY3`-OYVp|iqw88fW?WjB z^?0B;NP-?f(O`(vvZ1>B8*WcazS!NOwUz;l%O$O_?ykdC3MB!?gB&DqG+M9x{udUAma`q$(I)f8dU z>}%1N()+^-p!(eYlTeKBhAa+Ct>a>+v{(@qn^^L{ze|li2>>^NuGPNq#e94#)H7^* zgd<3aJGDx3M)`@70umS2X3ElJhW(08A3!7C6~2@vyAzu^yo@0aQ*BTPa{iVaVwqSk zDckp>(WGX4$)VCV)Y5{;Ud~&`M5LnP_mo}CSy3gCFA}6O*oVd*_hg+;mXtyZKX#g` z?oB@|;6S&~`_sG?Wq-;c0J~CPQ>?|n|6&HRl{}MB<#t!Ia)s#D1v>1W;?J#7M1Kut z3-{0W>%^%tJudBpxo6HX#qpgRr9aYNbU*#5uK0VLwF56i(H(NS0eOi7-}+$otQUGW zA|U-!rd3r|2%6fo+WEL9yi?hGMW7l)ptj?wp>RNh(tTEtv4}(L)F63CIJi(MkF#Vi z!gDo85Ofw)a7sWmu6#+V^C3;deOGl(RnBFI%@5t36(6piQ{7fMH~%nJTAVT!F^(9r zZ|2*78o-MJ5(RLH<;>JJi|?grx-EPzjZqHN(YO6X^&A(vR6n0NL9;~FKl{_;z&fBQ z#-zvxGwsY`m`bacC(?XudG(M~F46VanrmSPko|&a8w54S>Wmr+NZEAfcZCt>o$**> zcqTh!!_P?wGa?sbmAP&CgP)>gYwdu5)Ivk&M1}i;BVtW4nJRg!(lE~ygjf0&!HQz~ z_DiW-O+d<^!4y%5 zUWZSE?@a-Pp$W46Ep37`OnS~La(QRS>Aj-O^Fl^J1P zx`vW^QFmf3h9;D7u#Jh4gaN`)Kl2*I(>>fPe&kMW)cyG-Fep%0qIQOKW0%}oBLZ`D zq#T;$l&W;q+D{dZVoW4AvrgmwFyf}3@L6?Cojhd(St#h8A&(iiVGZ(oc%4<3{)oKV z(vn>NVD+f#VACPE^SWqwJ7c=t(_k5K&KPW)U~~5@NOHD$IXxmIHy&x0YIvWb^L=wg zjNFfc{p`kXd2`!gI2k&-C=FUb;+GC_nqdE`-;r)2iU<5dGa)$9UCq2SplSReidH~F zyKQ$McuTL!X4_*PUQi>0y0MJvSk;!j?J=gD;I098(z%&9zHTT6t~Mu%iLj908*Cy* zSSRS9w=g%LdYdtvIMgB)cEK^0E6i6Y)?0v2ha`c#`?fx=Gq&g4J7eOOVN-g9%be4E zexGyX%+(rK*Jvr2(@E5~zfd%$%0I9x{X7s3dS!JPDbRU+93$=n0@E&8%wQN`ipALt zioXnZ)WR9LTrPpq^^eax|6A@BWaFd*l>}Xj+Xr1CQYlsNRj*#mGJ~+yi_f-U!)6$@ zhqNO;X)uo<)RC<)jkJe^Z5Qdo>0Veu)%$u?uf=oVO<)Q06juw-Z_Q;`C(KbB4(b0k zmCJ2^H7bXHhg;bL)tlD%-CD#4jK~s@S z^6AEe;>Zb6vP!DW@hP&qggQ3n<0pwSn6f-49@tH0EBJRq=UCG=N?nE5-JA{I@Sd-# zjc4*-fU}=USWA{z9f3L`@HxuLAR4v2QP-dN*cj@b`dRn9f}-x}hdF7HmgjjVKyBp} z@5`OPOhj)lTSfmQEu@nxmoYi>DCg-YEu;W1V>}3>>)#^&`bTS$(Xes#LjWY(cieUa zcwLSA1hJahinwjSDe0u=FqHPus7R(ee64&2+n;6hVCo)OC)83; z%ldXD$s(;E^LwA=LOLo*HG`s%NOXPle0wyghuQil$oI=~I6SWWbYIWqD zP*yP%RDx-B0U$6cHzxz3b=tt{Jglp9CgOO{%|;5LS9ia@fmv0qxx;z}lz6uMQlf7+F39&e4tgH5L5q+pKgf#>*lVS~t^g+$clsy(b&&Fm4zXdRLH14gT^D?foU;W7Ji9@Bdzzo%;aC-!$W7Y@d_9L_wd+tJ^xSH5XjShd)&gnbi(r@ zbAP?zz8qJTSjq3uhr0j9$vXJ{GmdaLdrupp5t$6^bBPKXVFgjA zB&)Wt8@0V3#Tgu)lZxc9-;H(I(!xK#(IP-e~QwE#FUkXIdQ(xh6G8*R)>thReV6o?P~|tRIYTV__3dy$*RgX)|VH~QXq1e zr)Ci~T^zv|h=|AVU<#r=MoWg#(+;-_YYvfF1~uy40=yIO5YPRlB991H+!Pm!VIXQ^ z_C@QO%%ACfQSFrF`50fR*6-H0_!e4ZH}_x-1|6x$NjuPG#q*}25{NH#!m zCjcDiu47{r&YefGpdcx2BmD|l)~zV!-VXE6a9E9TvGt-|kv$vlr`Teu7gt!K1WM7V=eSeWXF{8(l?kMrGCLRwA^E>~v4{+#tI# zX5TzhiTPl{CMqU95%a;qOL0cEf0=CyA?TQL{Z>lLHp}o>rp+5Uy}UwVqHSlM)YyNC zveW+>h_1$XvPU$mkTN$?-a*iDd(Jw#`nk$6+(ba%6Jr5}Kx&&_sgb@7%RA4>r6|*$m5#jlzvZP=j>3k#dt_Ssc)yV&3;sVgxS;up49Ebb z0ay&9Zu^nAma7mPj=$uf;V#TTWpx;0N)~{8Y)LI^Mk~j@Zl2JS$h4=oQVFU-;`8mR zwGq&0$rwAp9pCYI8>G!TFP8k7?R}=Ju-CD?ttbl9sneHhpeMH~m1p>P_Z0RIg_B#` z-NZk(>%ShDGJSm0tT5};rvGVG0t5uEmm05M+;Qh;^Sn}0SC(JqfjXLEH6-=?N-n|R?L1GE|{-n5vwCY|}0%RR*c=FV)U><>aZXt4Fkbc8h2L3_P!3Wzx*rY>`aDqI)Hr9LP zKU3Xv4)0yYLzq_NL;@mfwIdZ@%6*#qrI`gbD8VZE4BXPdr&J|(CB0oZyWypKes=IP z5l#;#U_1lK3dO3o9FGQ=$ZuNEO-YSlIIX4hn3}kwVL{{xR5^M)Mp>$IBkIxt2_j+` zWAk4>kiFR35B=5^w$KRYU?6{MV%8YTSsQ)*WERz&=^V8KGzUG=ANxjq4t=yZ(O*IL zstWDFtd|M>eKnBJHb&1IR5miP{@%Wztpj#iV28v!tER|lM(q0>PNgwQ ziDV;dqr9|=F2h*M>)`Ltm_$Ui{lom}xd{Huf5j5`pp2vKYY_pYy5;SDw@fI<|B?9F z!`^slk~gpl^J*fC|4`q@tT(3Ft!bNqCLP}g& z$?TutwP%=&okNf&z?Ox}Rb94i+w8J!ciFaW+qP}nwr#tM|MXkD#YD_vHYegnQvcXZkbh~@@<^4~u*d&?pl2YQ-!lhd;nvIkjDjn5y+DC8q z@vO}#TBEKx)F)bqGEElN7fn+j^uuPH7YoL)Q0E>HxD$Y$Acas$V9bdH0rN zl674ZNwt`mdCTo=qKUuwtGnYe*Pn?;F z|Jd;xx{AghTKqV=+u zX~&h<#cx9f3qR#%&^jaMdF-hhSIL}g3H5}aHgWW^%9T{mEVvbk zk)p8;=ORY~Rp}eiT6&$rs&UnvrZM4x#kQ6yQK&<@mr^w1E(`{Qvw@^56K|q|B||epf!Y4P~f6p@98P#(bQ_{*h4RXw(oEMO~6V>O}46giHX}nQrW{Jsw6Gw{z{Xzht zrNV&0x!U{#vN0FV*?3~-dO;iIYjppPu$;tqtIbnQp30nN3F)Nz2&c{lxV zBL}QQKq-6@hW=Xz5-UN#6yN?v4|62K8#k=wbkb+^Tt+Fz-5EBPB*ZLDDQe9UrnlTp z=d~QTr&qHj{c>x=R+hKAa3L7TFEKnB_I zC*#s{G!ssLvs8AlOGB$h3_4A9PqHnBfdnTV8?@yz0Z>3F10C)Kxk?OBJ0_vg_Qfka>fidBu}rt-t_jF@_U;ZfRGyKU`sqkpgG=oFNFV-DmO=wn()bY6CT(TybXRn z^rjgU@l0z`EC{hqGuSEk_XXAvejvR;(Z<8VTI1L6OfUGe}UM?Wn})hvjeM zJ-gbzl+iKeBnnTv&Y2)eYD$D5uP^;IMx)rFB+n~uN;6fUO69e!Sp!G3q3N)9XUq2OKsg%(TTPLflE|Rh~k+ct?PIVnkSk^ zshftQg}UY`&1*nG+H(ZvLs<*RNqo-Ol2qFEc6gsKEZO@j8{#MHP!ihsh(FV?9XmOCc;I8 zLwxwj`a*tP1lSdwW@t-~c*I|@`LN@(F!}ZIkw3elDYDqPnsq1FanlliO4C^Vt0{$z zCj`pKko)fiya?(3mN4KhIbm7hOTNWLlPD%Z3Zo6JoLfL1Auz$yI_fjkCZjv5#sR^Y zGj6Ak@RDtLmxkSeu^%|Q%Mwi{MP=?Yt)W%4z`P(5>38bx3j(&03Btxj>vF(EnoPXvn0h|!3Glk=vO6m8Uw3EYONZQu+xAYsALq&W zDjK}!NB(}rQDyg9jQ%bBnD&GXuI!8_Z|>A<+rN@rXiF6Rq%f<7W_j%>5Pfch+pdBp{vjrAX%aVH@NXI;XRjZ%|+!rSVl7@tyWMec33!6eNXO z#+#w+cD2F1iBc%cE@N+Y(h67W5b_-&`s}w%qF?*N<@xJ(a&7=D9JZt8lMH>$K0%vz zavyZx#Y-7d**=HVO`F`1^Uv=|`MshB(bx(&b7Z97*;reqOYgl)aM)1}Kv$M1OC!RU zOd_y_bbWye6udN-WUf0KSwOvC$Ef;rR@0C@=5QgKf)JxX>q<ipfJ2#9rb+k{R_CpB!>G?#~}4QnZU;}xO<>Cz%sC~ z+4sjl4*78NKRyeXf6gJ|!MU-^+c!Y4fRiEo0zk$G5?1H?4}7r9jVx_J{{!8F*y!BI z%F5*WnHZ3f{-jvSGbiHqPYy^R8y^{1#QpQf2sXYjsRVR9Kxa4R6i6x_t{>6d^p6P$ zPzI2SKQ@r6i6WVae|utgWgs)!j+dbcg|>G5H^3a}AHEK)3^*KWvLYPB-;x!`LDeKh zz)#hm{q9570?3j2?#l17o9E|O8k#DS%7O}_NipCF7D&vWWqxYOixemTq*}2>rCjS%&lGZ54xA0!2_i8`!&`7P2DRW?Y?f5 za|5%lZD|4aZylIlD;S}XEm*Sy(9bXAf4S-lA3Z5|f_JWCelT8k!AE)7Y5+$_PM`pQ z;^=h$L7fH`I5?JnOF%~q$^2;l==sjVLjS@9a6TaI<{QKO>s=ot0LXyC>r;Tu7~nSX zvuE;;x`%lFJ>gu<+YPJp<243rosGKXg3UWy@DVm^ZWxNeE6{LXoxQ&I*F04E-+zGsci5j;9;lf%2iOHb@4SmK(Zeqd& zRoCpP^7I2N^1|P}@^A%TZJz;bE2->+7&!j|Ni);8FtffcIvbMcdMaZ&a!?eMj{Us% zWbgg9WCCJ=Ab{rKft=ZxivY@(b&~H!re8+Bb^&Q&bmQoM4F8+}Ju`Cv_xAOBabj|U z0>{3}{bq>sqyM59U}*%6p82<|!oI%q`vEDsi=$v*`(J7Ax)T8U@3~jy9~X&=UHNjR z@zF`RKd`I;Woe*Xy$GNufIOC0{g&bE>gr?I>VRax#ysGaxt_hv@l(DJ;HU`slOXl( z2bRSXp3wyogEoy9GySu&;LNG*-PnAzKyz!@7F zfnl$2;I{X%cFp`FQqcAX{_;;2I}bjkGsds+(PB4!!3r?m2p@*uVab#Qe^}#M+g{1b|`zKll6Xdr2ns zC0y{W4u26$-C@fB0%(CeoBT+ox=2|#v{~|J1bBCC0MUMH7Vik&7?v*x-gTzm9L&8m z-{RDxZYBAC`&~*~|Ae{gKl1rcV8i_OKSMcxK=)L+zW*bDf70<)M0QuH0|>aQ-2NE^ zWb1?osK4rSAP?;oeF@x|_%$>Z@r@&w+uDBp@c$rSXo8A+IjP%(zFh@B?EL&Z^#Odo z<3Nu6_JaQb^pHV1Jm(v`5pd~HASwJ4UVPSfwTEtB2pYryp4#tM)LsHkfGNLQXCTCL zXx2deY)C8zNG(zhur&9mQ`uCZB&S8ZG@~aAi4h^XQrT9d{m5hMM4g;*BfkD&I>c7~ax666Ns4jZSP) z8l_9xhT7pkl_X(<*)}-{2{K1^=4q0o+$D5#=AH#W$l(sIX`k>SucCV`#4}|i)PWgU7G|O&t7)hqI3-pt9MGeZSd-+?RteKLsZf6!9FH+g zm!;DQ5S(6}1a`u6&9%#fw`Q3OCP-xv2UWreRc)b_)*FuyVoKH3#B=8DKeZ>5Hgdes z`4w1CW7@*sHJhr>m3)!drqejk7ikIM(u{u+jRuZ>@Xxi#V(NdgkddmXLimtMQOa(V zXLDG=LXE0vAR}Zzo4K^f8&GdJfa)ggo+~V>M~MeQ>M=Hg`hN5D{r05BOIa!Y?hYj1 z4nO`?{g}<-1P!7Ad?&iV4P^tqsE?R z)zPdO)uJUtD%Hgb3i`-{x|DB_2y93yIUx1>_!7Bj@MdabsSgV_{f%T=fz4-W)xGeb zdG2IdS$qyy7j+w6>vqc~0pePYEaPFxnjD_^i6XL;F>P@Yb?{ulN@6Nn9Dtq+_>DEq z{g#lc?-~O6j#fw}3G1Qrd^+-!^r2{qHY|^8z6ca)|tXeedCX*U3x4_q=mL^8pF^hIpxPD@;X^2p3`$^DW%yLtk_dho_FGU`q9vUUU&^Ww_tF_#pj*=| zZWtrDp-mLDww51}p;`XBh2v&YxCaeq*6MZ_rWx6>5)DKEU_oYA#{{d?vzMEw;2DX3 zp*X7$zFK@K^itE0s5=E_p3^A%5;FTbOh!Mm93*<$`D+=C=mVbcW$c+OvOc z_a53(pi`rn-#!r;ks(+;k{23v3C~k^~Z}BA$ z5St}AI0)Ir06xj&%7tWA+xHRT4#c@F=vi}>JMIj_%W`EUp)NYTQ4cNT-L^HK z(vD^NU9|}kejHrajc^=Hoc~4=K|IMpV0*pwky4^*5xo2S(Yy25e9&g35k(+;#w<(= zf-|CeveQR{tqY3#oUt_CRoIU7Ha)HoPXfPt*i`%w<4>++aykoki-jL?qoR88044F0 z*0XV;JL72SlR!cWb2g+Vw%w(eNiW`AQ0^@RE8sMEm5ZnzWjeC1U@A*t#!=goK-EPnm0sKy$EhLjXrw^Z9Hb$5lb=qR z)-EJQe#Fjq2xrcm$(JAbP8%0$2uTMZ_pzKH(>#86`pW?m=xFl1ob;iB>G7pREK0UH zaLMMQ6ZMQ@!@kB<0XgpF*GO7Y9VBV3I+*k27Yw;%RKXwOFBz26&7F9UlMo{LmNk8R z2qQ_z`+imt)<9XWG)h0z_*UFnk8JP5pUU@_Q91BmYA*>pR}0f`p}eGvff#dcf1tHg zEuXK#9)*dE=g1#d<=O3s67Eeu3i~JI%F^y#7R6hsjz-}h!@QcklN`!(9q2GR=qBxq zFHd7AVCUk>i|?O=KkaG3ICwg-)sq)qsh<4XIX@5(;iYVHCC^bvTH9N)mE6i&XR|v? zdr&T1@fa<-1U~2Q=tymNb?w^`(-6f*rrjly2FS-*Y-cj(Ih46X*^G1R^G;c*YWrSr0l{g1`IjU4;VP^7({Yo{gsjG_7c|Tp^#CEe zrb?EkM~kHYpp<+Fj{w|;e$*yLwSz$79nn|=mIQ@(AZRj@gpGY3QN-~)@VlK1EYpWI zTR!g9XZtWgJZ88>o8);>B!Xnk<@on8B|CNFhk0A)T5m%4KDK@C6npahJ0ht?YHimE zgcLUU0R!!+5qY&k&UreIS+KcUqYHj-=ko`>xhaY*N_n3}6ax=(;1aa;S}!UXlF>5? zKctJDkwF~H;&MT&FebCD??iex+mFdi!BPz9iOvmEYMoJZ`9NF`Sbd4evO<_VGc@JQ z>vn{jk`g;XtAeb6aA+?fE!N*hE)c0tl8$etYijb1X2eA5_NXlH8%uHVR6^&A=r3?R zEX{s%cSyI7>aFtw*d$6Tmt9akT!S< zPg;zfC8!Sz4d*J94%1f~UZh_AdV6%g-s6agp^r@kdDHlt!Or;`S*hSGJBBLj3b8LT)&5QUZIRF#{jC#=+g4v z=c}Gj2)o22W9R1Lp1%<6;*1{aHO{kr;t2hJH-G8avc`%| znEBBjDl)CrDwcfZ?5EM0p&y}e*ddnRq^fisq9BizqS4$|F>RU*M1kq3D{$5PkQ|K_ zJZse721c`FAZnXfgUGU6W=(yB%tZTS=ry-0%#1S%R`h0lo4td$;vFp`Er zm%c8Wa^n=uN^oGP&lsWRNj+p`A0P^(kT-0o1j z`Wn?f0?(Mq(r16o2VkW$7qS7OHuW%~t|noX_mwktJH=id>Q`Df3kci{wz;kRi1mV- zSl*?M)(1OlJJYLgf<)dm(#Xz0&8y~P=lUGSw@Q9Qb;$1&{G_Wsgz`HwCT`tfW6lJb ztB)OWrKd;60pZ~2a4988ga6J)n1cxkYN0up>JE;R9kAvo}ksl+*x0#j3yf@%7 zJ>hO=Y5fu$aiE!_3Bs@WdV^p%-g(G3phwoVhCt;1YVp&bC3Y@>#@p<_ZFwE>mYRZ z9bP|w|BuST1heZqG&nBcEOJh57f+LVeL%Vs^?fL;XF{V&_e2KuO_CADOv|Y934i{g z?NfbRJ2Px_Jt{a$B&z=D?aHbkyOkwTTF@;K5j_TmM0gu(#hF3HdI!#XX{PzUEXBVt z06%RttY#mpM}#CRcR07WE%WBOj^gHZ!kdC6>WITd4Bg(@$2`(8Ygrx`)D-)-c3}~apxz%{Z<5%(^C+fWPGBCib0OqC%4e|y7MRs1Q`5BUp@My0I-tvJM5!6Qz;5@M^WZ5tOEC1Tdz-Zp>u!|mmgjJ%*u+cf5LA^uUT z-9ZMAYLk8+KlRs|fy6u9uupg!s<|{b|2fVMX(P75QQGUSkkz9x+=24ugL#=@32~q4 zql$86Rw)yarJ@m7B1zqV*@ED8JM}bjT6Q-Qh-4R*Ry6j|Yc?GT%|F!mYk>gw`gCx6 ztd+n-wUUuvwtZO<(&^)i&60QvIjnAw9pMjbEH`sIkx;Z@$j$&@5x9_aB~zW1de0wu zp?qRE=U9?pkerx$ID_&gd(^Myj8mJ8N_*}N^UA>F`amp7wKD$;slZcg$cI_p(MWgO zpM$f*(aqOF*2Y0P!e2}JQ1x-Zu#mgliufl{_k)@##jm}>zqLMbQEsCIYfW{)QOf&C zk>h?V7H9BQrb%ZqWhc2MbM24yrr_`=^h1n3D6_Wnz}8CDRr-p3-(Nw7*j%e3!$%G_ z@#950^H*bp7K>n*SIPM9eiOu$f_ySA4lHmByEz{x&vMzu&UXyNY!Q}fCvG(MEwhl1 z8^nXZ>b+uy^ycgiiha)~_NzIV1>MwMZa99LVrGi9#kG3}18vzRpHLkY6Wg%fa1iun zvyP#;UEzsne~!Cmrs4bCdRWUU&|v|hxszx#1t;oog@}#4;s)}vq%!298QP;bFnV~0 zIGt-W^Yw__f4a_PaF;LB)r4}r(<20`fNoHu>4qu~x`coU{Co0v*qumj42Z(=ZlpGRSdS0W-Ku&X|qx>OkGGFFY5;d>H?5cy3@v0uN4;U|lgeoTdn z0H!wUalty~+jovK6|;PXXr#T`#1-EG&^F8R5O%RV4rtT1GZUP;n7xm*0jj-x2k%oo%yC z##gUv_~-;p>+-24>RVKQmzf?f+y2D6@AxZXg^6=OHT-3ql}>A%LkW*`Q#3}81HP9i z+|vrCus(6v>>@}w?At?tCTdVgsPbJ287G7Mc0FM=Bpl4f=Eod!6&AnF!pL%$d1&rr zyj4ufRmwL&^n@4tDCBSZ>dEPDaPX{P%HjCoM; z!{#(+C3s?9Xm%HlWId7h9y3q#Gbwdx-llbPsho4ZzaIk8v}w}gN%79JV3n=je?#m1 zHNcfE56BW_8D4+2su?Emhl&qdp1ckE0-1|clX+-sEFp=~Cjj13BmNhTkFI%fJTa&OTXOKZ zkaqFmco3;v2Aqg5|D%h?)@>yw|`1BAMAI(CS zK}irqH@9zVn3ih2euT&W(UB1a0mF(^&RiJd>D4Y&(aB=%um^BySy(u4H4r`EBA)gz z25P8`sh1H(${+-OBJkf3;*+G)t|9pw)l8H}oxx0Bo=3>F38RwlWYMQ_P?Kw5l+k5v zJS5g>8Ik9R6R9tPJq$%O9!bp4plo|+;-q~Fro;7uZgTxMjPgKME0GvP+{lk)pK*nK z!ySbqKq$fp_VG8ZAP?MNp6#})Wn4sUaXI=Kpwa!mC`K#p#)cKU) zUd+w|?Ed=kDh-=ns_K5Yj-=H(`+0BiT660UAS(2FjT7pvWFf&_-Aa%uXbLl61Qua` zGIchF$GwcFyd=zDHX5Sl+tGh3*K5~w+JN@X5Pr={0z|aqGL#|3anqd*iJA3G!N*x=Ln)z_l!DthKOE(v0qKEKXrvt zezZ5xmLhNdwa=zYonRIvg7sC|6@GU@GiHlV=}&n;aDucSUl+6g11yNC9O)n}$8X2f zu@Sk1^RS8DNmCz;!49PxydUK4LsPOj*`ZOt*3`xw>BAiOG%Mjs?eHU@TX~l+c=v8G zj&{Na5Mr39&$g{DpDFWJzGuq$lN3>V=w31Y!y)ngMugG-U5^`Ve)FAJjxkJ-yA)zs zs8_b+eaK=Qu`LQGde>@p3iANcd+t!6XpYgxDT_sbj=S@L#c5>(J|)lI;N@q&b+ee{ zT$wA0ps@}X?eHXSc`r>@-NyF8$#cYc5$vQ!W?u=J`U+i_spDM z+VOtFM|e$1l8wJh0lCCAnMeaD>>XlcTxc{wNEpNii{o{_p7FYzgGS!@I=9T*a{yhP zpeLa#O>Qw4oxxm(et0%8cxE-iuVWsq^u`c86vcb|IcX{-c_Brx&r=P+U3j|q^lo_O zi&j8p2dR*4H&lwlY_&PB)}>z@8h`7C>a&;-L5t4N&`b+*##dPQ+Vf{C(tDyiAWZjc zpmq+3y3|k*mSkk=1-aB^R}i6;I{z)7v&dmGZ()YK{N5F7=(UTzeYg`j6g$96TT4OX zX%`*b2W<-iR?%~oq*`yZx3(A<4O&m2W6_7QYi(|rDTa?yk(J>>jI zJk`&2AmTQSQ+>O}4c70nog|q8?Je=kD{MeHstAgoFKXl$R)j{erS={b&AP)Ts9ZEv zLQ@K2OQfzMk3;?EEP}6XY-=M>1}$m&AjR}~>gcJfepE1g7KIdKZcTJmdPt*ch2=^^ zmQlTtiPRRxCmy--AS5OCr=mwGCSIxNcxf==i4UaT$5hO~3Ti6h`xNJE^~rATJVs=_ zH=$4>qWD9vR8Z(ZyYkb;zKq+s$Fm7lfjV-q{^TY@#Q0yvD%``22$+cAGEYvZFA_Pl zZP{?qP-3dTO}E045=2MhSZcnv6!I@G-77@y|MJJZ?~@4d_Wm{rGXlYYtmM!H)VPjr z(UH3aDACi65t%_x!W2C1?86o5$kd%V^QK9WM)P~*x1|lNl&**X?<^Q-3nnq`Qb}dY zVE88llB>ARRTVPOB(LV~>NphQZzs%N#laSf@sZ8COux|bC!J)-+wmAe;7fx{%*oEd zRr`Euq37qu}S=YoQAh)&v`dNZZVDQ`bpI$yPq`uA|`DASyn# zL`C$d2RRC{D=VJ1e}_^$O&D+FszL0ZZSZVW{FC7i`vnE5oNmtn64IEZK>mQUGzUDoZ86Z7M~;=FD0tH#s8bb>EBcFG zpguTHZ7YQfR2+*Wk z3#pq?F+O~vQ3idi?8R^*3iU>Lv{R^;Z5H_y0d$3WN`>X-5Y1rbg7Y#6W{-8P z?879lE3f64x3L~~`6(*%KyE6jnlb(9x=9vKmK`|bHMNZ?_AMfbSyP#`Hye!Q5moanoN$E=&{W_;Y+-4{_o>>3 zHdf#|?ipSefe7Q7-K)((pym6p88ZB-9fJj9s{#a{-axsp&WK%ZwQIl`T5K#W6KZ|6 z`?pMIh$iSX(W<^wF7WU${V>WiVqoH-P*qsr{-edadefl@O1lKy&RUmOi3?p78s3o@ zctJsxJLQ!Vc~xifX!g$TF6*yr)M&0Pk@cjPHE1eW$Nnml8e12PUNhc$aum}1{c@F@ znexbS6h79GBj-six*v8uQDJ=*Cb1idoYH8#hq}I!lJj5eI3UPc>r&c@l&$4X{L82p z-nr8IA6%_W5L#*K4e}c+J0IZe_$QR+!EZ42Z1FAK@K@02!%Xp$4OoJIE>%c-e%t9d zXgQAP^P8ybUeR7_9+n+Z7AtIiyq#_Jbj!9b3u>;f9H;<91+%2zg6qbeoFB!B8ZGtIay@kl;k}anMe!-7)gsM2ROt8st$&x%G5pJsOhHVq`BFy>V^}Pwh7w| z!Vv=;nuEx}o+~5Bxh_Q6qK54pzRBkvNIl>kEg1-(#b|PX?Q+9K^dWLZB|N9QHs|U| zG#+*bKh}A+6o)S2Ez)lTdXz)z*>Q)#m$VaYYJc>xf(uHwV>qPc#f^a26J6S8i{L^5v+GyTg zb19$MztFl%5gOqk2|Oy-d~QuIV-IiO1}m@*hh~FE7lW%SUHZ!$zt_*#l&6=1Y&Ma& zT!i`0Qo$rz=DVN<#1~{!0!D76nelchtdJ1EZxfZ6PA5urfv1r^H^IV7!AoI ziwO{am@YD^t#O()JMTM-XTD0m&y@o|Ve;FpUy>Q1%j-C%pcDmPLZ6B6jXC_?wD6uu z!r*QZP7_aB0oVsx9qN|k291#c6`wAFuc9a#s)ki=^tfbmVMeI%=+tDRTi{;wv0txO z>PunC9eoM|Xw{L5`L?=wrC`fKW?-anxi#NQ|*` z`xhrGWcvWWt0F*}$I!RL%*Z%el){RCLlY|C%8~R8X0g%^qUCk)ST1cW%_wwMn6?;- z>YRmTWhOL%9HAfi${=8JA4VK^SlV5X@R0a?ly_f82|H@%n6z#)tevr89e&WBUGWY) zLQGcW+0FcN^kmS?YLdsY*px%#4Wv)HQB|`LP>xo4VJ)&ZVb?U`Dfv9QWPj=wt+c943K>tiHGzuxYF zZO(VB{UZ8wSlnsrX-rH{pYt+gwn5eM4FEhE;_b`?7~P_`T5<6Bo2`9$*NL&0b+c#K~Y*)B_qY5;WW*ff*FU1nV)F6v67NpNW#Ac=btKF() zGd8hAhh%Pm4%U2YKOs^!9AEG3tY=f!P%)>xppk&(5!-qO3f=P(8kyv)7}QHP_7o^o z;Jg+O{M5<7ora^%VqN}7Zt=o*g*-w8M8bcl)WZ{2jMJjc1oq**ft%Dbx(vP5BGRq% zvaL#G~%jMTRu71~>vUGeh~N7p&!7k)smZ>nmQ4GFesFNP>DoIzuL+5@d0; zS`f`F@&hrk$0GzNsA*Z0}2@?K~o>@Zm~*WZrK*^H;I`0?KDe zjCAei=mpFdZC~XgJElKmazA1oWtpR^D4ri3nNVC7dfDtMac2(fJLMalK&oe$XP#&} zf4_`c9HzrVZnT@)g}?Mf1Q>J18gMSw^82mR!RY}nYKIA3?{{!fJZ&a6?pB+Yuw171 z^)i*6Hwn=eb@N_!x`8rD%h(~S5)T!Q*H`3DL4U>5EM49_Ct}ffB9fh3ue5` zt!`f&m0})tg@A2r8+MlwlZ=EHH?HnVptnjt?DNQUNqC%3_hFvcBNWVm$v!&nCMR!B!c~nD1xBSVVq5Y zHGHKHe9}1{KFp@jSC9s^-olT0w1E|@ZVD*i%#yi+D_fWN(t^*@)+*0qaZlV3MrPG${$JaWvj;0P5H!@^eFYLn{pRS zhb{%(2rrRsx3v!-;LTYw9aKLc-pG@@_uy+}+|V_UBVNf!nIrljy(~EK?l60RGo+x5 zvZI0*kVnxGkZT&ofm5?Wq z>h(6h)S+)oSkR=5w?UF1!e$ojUrw}*m}yCMI~H-P))-Q|d#*&=Tqw41N^oc!;-gVx zB^NVAtF1$?0B3RNXo*)=rSerQOz1pE+)dTSZ%}Ya(f8~IB_)ITEhl?P-1y9tF-xup z>>LU!k9(l#F^glh^@XA!%w(=fHg!N)+h&&~@H$>?|3KTrGA%f`my=(VQ-HOba!*f$JTx}n$FRY-rdK6;-dgHK^b zn@Zom$39Q4fHaapMX9-xmq=GMRl%1yt#5>7ozHh@T?BorrB$s8YEcLFl%>$^3(ZG} zysk0@R1Fecj2mQ+N4bFVHT&|s=-#W@KW~Bz==z%DSzxwhl~fU zZl+c8*SM2P&9*Yq& zUJX}E1iun-yHYb{n=oYazwnv-q=yQgj;HU9(CS7L@{pTGKL-yDwBll11trr?c^V?J z^Z^hC-VWJ;pSanmSI9H$Wet{n`~gF`)CG>~j(aS!4x7ZUpH73;lK8@Rr?F+>Fe=;> zEMoiHV3=`f#eDKLLhPzC*czR`-qRh`l+b1X4>hd;9>N=z{$bRugT9z0kqQ=0w&ZG6 z5u0^pzJk@vQ4wA=Hs*P$c89!faM`a0h7g$B6Q@OS!whGAx}iIMp025l-r_FX{mv-| z-~9mc9kH0%!jWHuC|rkpg|kQ9^_`=Z&i#k7gO};V6p33SjF*1It}rf0+$#(jZ*l-| zg5DreS8!vIl-6_PDexe%6gzc08fq@4#i9p6nrB(`iuo$(nrB|r6oO`O0nZ$rgq(RU zr~9l^LlSH}5#>P%#4T#C@-Uk#f=tv=kVBg%3tHiZ9>0E z`YPd_>&`uq4;5#wDAdcxcbP3}bES2cPp(VJ=&u9#5=^pZNkY-#&1DB$}Bb7D3PAx*KC*i6ki zO(NAM3NGk~${AMcdajM{%PmaY1O9f?FPH(znoL&Z*L1s0XkYP6W5_>XAqRkyFU^nb z{StLG&T1gZ<56sz`>@xmbgqsl)BWMVrDiFI}ag+Yu zb^Q3?F(SWROCAU&5k-cmZ5)3&)`fDINlNmK{_R8LV8)3KBHvsO8)~+vVF$*NtAaCl z9rv|=m((?S;F?kCg=qE_R~TFIm7z&#ATXe-?0k*}2RJmcHY>dBiyM2g@;-OqLpTh` z#_t1Lx^;Gx^m``jFa`yU@$){_YB2rzWe291up<%R+2A?OWrKe-diZhBDKTm`*00op zy%gaMv!q!lref^s$W1H>qgsEdk_rWwKvr>oWt3;4BN52tl|yl(6XLCpsBhCl-FeIy z{i2sA^_4>9Sv(233S)uqOvFl-Mbi3yrHpY;GvTuZ$x*viD2;z^yUgMhG#Q@PCaNf- zUYUEZW)fh?W)`<*AU8qH5fyiV$E+UqgSQSJ7Td!{&pvc%A~KKp`;Z5bzk}_;c5Ddj zQYTCS?&}zHelqzBz7XW%JrdCqVj&QnH&_lT{uW%0fK-g@o-hj@*-^ZSKXbJZBgIta2iU=hgUjs?P z`R0Q6n^bdQf_W#jX&qLU#=n}#Seo&^y=21fOUqgQ6fQd{P@tz5^Uc!DQOYZh%_FzHE zU(h-pk~zDcR?GR2kFu+K2u{Hv4`6;zA@(!e>JSpM9@PEzss_+M$?0Ih#iX;k0l{0URo_THul2R@y{v1qh;uFNB-_^r7(G{yWn*;;s8W9DIH#L z;0bYtcJCwl*iueQE4_Jp9Ss`iWjFx0YKO{c8TW%%5_J{F^*eLU)KC-H5gmQCGkaXt z1TSgnay`QpC_C5pV~_W<*-;exKGKI;mxbnH1n*-T&7(AQIoDvmf0&hN3lr~+^m240@UJiW;J|V+YP9t(Yt9OnFsPuHPHzJ@UMVWQI~p-r z+U1T+$BfF!$$W)LkBUCQ&4{EQv!q&6yK$Ycy}60PM-IKE^Nv!~)9t!_4b%U^@lyl_ zE}P9x$?z_xFa8f>=Mbb>u&vRu*=5_dZKKOJx@_CFZQHhO*I(|k&DU>mBi`T+-XtS3 zCmCmuu_N<*doACu2DWc92vaeG294kIgxuRL*W;Q3;p$e37el+>ou6fD)9#Qm%X0)G zZEGrmHVw-8IF)CIXl-RmZpimZC50E9F4GpL93^41&1`*`;QU!6VdzkT>n6XaPSg$U zCzz4jgX3^$UGv%y2F*NdCkun5{o5>XBXT*m`Xd=fH@TyIo4FzX|sFpCZu|A4s}Gcv>B`z)`-sP&Rg97E7hp+ z;`CCmRR4ZX$)oXQbSuU#;9OsRu(s8R)Gi}&7gW_ z9=}!b4o~HC(N@y!`<83O9tY7J`gu1hMVP8Cia*7)dt>%D8BVB%;BKyw1ITs6N_2~N0JF>aDq{UI zTsn*)Yy7I$YqWNpowMrlDy+gq zibfjrXO3+(;|oF5x447q3Fk>fm&2yC!cW4o0yGKE8B!;KaxpPn3f7JU$%u~5>{MMO z*MGpm0*WE{`S#6hEtNpF&NXBCg6*(rzk5q{rG}?tkqtnLu2rl{c3W<}$ zsa`eSaC!!Jmj$QgQkkwojNO5rj8sR|>Tr`zdxR5jtQ*FPCnY`uRvPh(qFz^FSK>l* z(-9{@yrKEtjRi|8rA0MYg?T2SA@O&iC*a{ht^_p+(VUm1lg^FUR$cq}K&9?z?q{hR z_~v8fZ8Hkot1(a0DDydq-}W-?Z3z`^x1D#hkj(#{0Y!FCSl>N7M0=U5SoI{fppdn7rMYO`y|3~gUa04 zvzL-y6X8x9Ck)vN*5!1H2B@_5`jGX+TB$|d4npowuCfyX4VU{|GZI#y@7_;+zoBn! znmS<(xe^lNV3Uv<7H^Ez1zIk&m+(}=?9A}zOngXx!R~8kmqmjrYtPB#`l|*Qk~pwMfnOK!QvRMl4NoE8ne;l%OCqXvhEjulpU#5 zCQIfmtEp${t<221Nc332Xea>-`M?dFEf(|y<@T}7tRC2Z8cm3Vxn90Xk!CHCN)%vo zW%GS?sRv1JmP8(x4s_kvgtp}TJIVDgc3r4OP{|&U&xB5pe(KBr*WowuA8O)^NXPOW zsUD;6u7AR(9pb@|c(Hgxj&79eFQz?et3f)w!3&Mt2jyIc)^JXi`H~zRtwpDk{FT^T zXv3s7BX#lSR*Q6~TcYJXQ8CuD071BU1We9|4je66EA=9!7pvU(N`k;X{SIkWx3PWS z95&YdsU!C?R^sM1`IQS8IKDL+5(Om+wWh;zS;Ys8tNeBZ3!lgV-)r^21&0p=aT^`+ z%-f)t(iLm|oNSbq<_Gr#HHNW{FQW0*5sd_2C8upKcUM;Ev!J*rts1t3$(#zsDQWq) zSyBNU+75wg_dkTOS=?Gd>&rK_MxzNx-+$VYNHalmJcun+)3!-As1ER1a-F=1mMv+SX2mj|SFxgZ zA?XF{vPs)%I{jUeh)E3d2JE@L>BAJG!obKK18HC%V=>@r(&k9*VupYG0;MXUA4qo2 zqZW`jlZnotlm8}k;6*=uq$@E!xDrJi|BT@yH{y>`=7YNPXb5-{lh_ChBs??^=pE|0 zQT1u9zb6L!%uLL|5w;S6t;3aSDM$a5aOEd?pF$yn+G4~#1~9xoJI$&{9OXQ^#vjp( zu^i(YGSMqD2d9Bffg$c5JI0T!=f3iOnBX0rmM&Ssw&80UO4hzNqNjgYL{efnJysyG z5*!+df4#}O`VBnTn{(Nrh97zpr6Rl^>ozxb$acq(igfELwdEd}(s@|Ko&GYw!pq!8 zq%^~A`CxXob334tyqS*GrxYc!csyQFA|1;s1sEG9I=7JWkJwcu1@VMcGu|F!Wl7ZP zhZF{4i$rq^A>fvZzntPuP=k!}qmSAu@?}gv{o26x#H=1q#|bFilW8ADb3;f3IT@xV z@TZo*zA_cuqmPI~1PO^)+t4W#4nFR^UK&KH#n>QQnhSCEvO6y2F(Gp?|1v>MlEH+- zgBeyzXqXJT@ohO^Fv8k-b!G$JxZQme=&ygu(SDFApPKw~Htl5Bn79Qy+S15BXV(ys zADLo`x=a&4mVVrZ)Hr8~exATcQ@$3g_s7LE4SSK#Gbo$VbD=OQeFtdX35;Y~bB_!YRy0ce#1t1}kyz^(E2G|}8V z{@m#4w>wJnGTc#mQWlqHQWxBMiCe)EkV3rvsH2rC*l>$h0q$xX6L%nTFXf1;UQX%cZUPVU zz$(4DiiQOL2nTAb7?bW>P89pIi9w0@a_ldfJsgL=)yBQ>!gQEl%OtbS2Qj)oeeAPm z9SEZz?+cdMC_I+dTdg)t|3;}Il%|G-`Uab#{Ro=}A6ws>6*sdl;19F9w@W@Nbhw#~ z zfflqt+_g|&th?S9z^vY;iXblIN7VH<6ZeCe)Ff-Yxk>{Uh_|(w7#$cE~m95CH;g_pPtEhHRJIy)F06r7!itu3aBt(BS-pYv@X(2QWY zT#=hlq`s}Rav4`(4x7(v`qom(qjKE}c!!e0kMLrEd~C(!qfC$dF+EXN7phfEDs~~Lzgu>T6Lm&Ey^#&aiK5w`|+&e;*ByyQ|{%}P!ew3~5beQA?b_Eu#HQXu?@Q0g9B#+seX|8ka5oZYc-3%)G zG=8TXgF-dB_+z&$s zK~(ck3R(uT9L`PyZ;o^nR8){PGaSyz2Vt+LbaNF-LsJY6PvQyYo0g@L-RwADu5PrIopBFw0(2hm0S+ChAT5gK{Eg>yM0c9a zsr8zvwXZ0-{jk(06#4a!HLQP&V#z;TJsJne@TF#0g%y7ux%6-g^4f>Mkw*PGr|*%# za>(f$=C^y9gQUKUEHL6_=`bRH`5-=Gi%lOoRigM0a%*PweDDS<#^K8!%^hJ|*`Rmi z;t4&E)d@TpcoczIw5|sZa~sFcWvZdGhS=EX5)bT2l(-&`o-?IeRAeKMetvdVz;o%s zXLWhT>Z5|I^d@*w&q>P{Ask^-zwBm~n0ryr2-2K+Fzd%C-4`+rZ>aVncI(&Wh%n zwzN`tatl=`(G%t9WdpP81ZQ)h&h4{!_@Pt5;3rQ0t1+?VR5b|?(|KXJ;8cAmk}W~y z)b%&-gU%i_W*IVVQ{zJQj4EmGt79(Xx0L)U^$$x#13j#V>R1~RxTUw3EcxGtFq__f zH=qRiO>K_|uM+M?(&MRi$Z@e z3hsQ*>zTrvjMOxF+=xAdYE{&mIdmu$L0D8QPkuWGSg{CXG75J>qlhxaRp7+$x2&rkHzHjMBp8*`|%=Lh(qG9*wX zYb0a)jyuO5i@-J^L(kO8>XZvg7bU00F}m4x(L>{96+K4dnWN|DpAHpqS=MPBBcdOW zTkBU-_L8(ebhnUQ!$NHfX8%%1Wr7b2{k2v&Cs#8;^=ZACv89YJ%Hu&^w0wTx3Zlx7 z8c{9bO+sGINuN&qvKKKPPLO5BiiZzX%x}j`Y{o{GZ8ibL;Eee6k7Z3KHzoICg!ft- ze*cmcn*JU1W~9_`Ln6b7g8UC#=n)uck7E41p0$D>7;#nao-Qx)V%ydcN26U4Ijbj;CwVoAA)6VQEA=N)a@rqQXxGKoB6S4LoEz|9kbD2!qc%c z@>Xb;Wp=})iVTt?$HggN%&Sp9p7KKqJpKZD{p(?zx$SIC@~%siDB4ow3Vy2)jB1l% zi-;$`=ne8@SoyJGm;garJ~1{P16DF-&!V9kzv(b|cw`yl9dIqKj{mq~If zn{p;lg{Dwt@@um~47S_wI1QJp3^M}QOfH%>EoA>=A+S_zka>G<7xa+P^SPE`J<5(LuMBGqHZ*j(b?S8)?n130S-@H23 zuk5goyI7#~<^>f!;(QYb7@`9WRI>gEiLlThB=VlWU8YOia8opeDM50i0XoMsE_~Vo zSUI(K*1e)KpxLD@%fR@|+*~TQiOnzA5Yihye1DHaofVBef16n{X6ooY0nrx=Pa-LO zh}Kg6A{S)<=>P?fNLFaPUW3sIK7#HTf?7B#^j&Jfa;C=f3K!id`_r?#eY;t0%K)$a z#k@ff29B9_EDOn3ZNtTJqX)cD7wZ*$b~(St-fDOLD_Aa^6EZEIXQP4YlXbd4nSxE6 zN5VktV@P@ZUC)`3DlaACF>aF!Cq?Tx&GFYLAsp+G1bAsR9`*!TiOmkJRTxX)*F*d&XY~gx?tl#r#99X25H7Q_3*F?Eh-!bt(X_ zlutvgW&Ex*q&G_c1J>3y;&ILPiZ7`&5OJu~5k$8DLrn=I>Bv|wlB!yANg8dTPxTDJ z2g(!4eL~U*3zUPm+j%kT5?LPqoYp&ru)AK0Nm94z&?R^K$As)lO-!|fPWkF@KTSR` zM%sb!X5eY7Y5%BC_bZaec3nEOBskErVs%e2gA{dGDy7L^ehQ-A$RF!BSnSG# zX#-a86F!*LZNX{TZA1D3-=XN)PM~f zCSqNAitLHW-Ezwx*VD{`W+}W*=l457vBgJ*) zexpa@M@I*{Cg$eIW@su5?HGevYu9&jF&T!9f+fWQ9L6sP%qPtt)0e5Ox*J3|hfj9dx8RwJBSp&lD!+C^JLj zJohOPUmvi0xcWLP`flIDnjXI+|>@mc)@+mpgFs5o=i8^bN z>#W*cHj?(yV2%c{jiJzJfs>?9kNs)k=#KSfgre#6qmVXODh2%xCwXDTxCCTn~@k%hjP^8E0tr{&z2wr>53ca<#b4Fj5>^OKZsAh&NFehX|~e zXQp-duXbX=$bbgi_XHR`AIkRPqWS8*v9N--1n@_y(P~drLJ?lVIkRdBVqj;-&`@GX zDjP3Mf=nK59F4%vCSF*L;5Y_D5^DF598$vl!SP^$B(|qOzbMmEgCZ-@o;S;TT(w_M zTZFX1BL?WhKky}wjiS3b8S9ke^I8LegF!@iH_NlcYx}`#Bp0v7JBh+9R%Y2OpY-+W zFNdQX-f7n0=();g)FZ~xiZAz*zD}1Gm_ZfX;znQ{qIv>+U`*1wq*-3v2>lW@I+xs@~%W1_4v zS4L7|3T)8zm7|Y{tCACGOxagzeM(hGE>+eGVa?|F?B)YuNYe?s87FSH*YW$T)B`VJ zU+?THe*^I8U9!jOemnZRl~J04O$2&LMSe>#hi9*u#-J*Ylxcq{G^adu0Q~M91oYQ$ z2vrhpmt-{>dGRAc`Q1!=EE#>iim`^x= zYrbNaG%pQOa+8m~dQ0AKRKN=8xlNW52?kg+2kaAFq<7AX7ze9czW3%Fb160$^eFO` zEm?D|r7aIIBFDKtQ(mWi>xAa}XF(3wA`3U}!$2AF#33x`f<7^rHC_A*C?Mud?Qd3K0XdFy&3yueMRQ9g zhDE&Pus9~2`FQ=vFGngCi@$^+aCFEIJTX72j#c-0 z&V2d^srU-6?p2_wl$)gHTHW_j83(Vsjjw(Em?Zau$K0kr|W)T^5E zBFXaP`Jfp);$yPAesS}h+l-JmbRV7Y^PPi(--l4xdI)X!R`(U!4oA|} z1f@`5-0!fhu-e0hAq6!eqU;0>tD{d9$NCkd-^0`v7fSe=R#M+hKSp%ER?2Q1qBL;S zNvGG*zpPH33?j54LPuydWIwt+Twq^X%n>0lrr6@}$UEg?Z>i&WS` zKb!Tk1kuLZsFHiee25e2e8YG3+(*pn^$sLe45n{=-VS=faeYWp-0k-`lN8E{vbM(x ziW*kv7xFjs<_!DMI1IP)8-_l;YiCQs#KW)RDmQzM#DpUG-Ax!GEFUcjX>RgGVjlMnGL>2 zTA>_PB97DjT!oIgy!yrMlvmsL8l3aISn4+NevK!V3JQ2I(o4=4d(mR$y9l_exw}*4 zLj)vL_^@c{_O1>NZf+G`S83jqrW}raiqX6NV{6;2+=q8fkYi+MR`I6L)$GSa`KQ*W zKJ$)6k>w}6r!xW%m?uv`(7CCFzo##$Xk>Pzt+eC)szh^;zCnWC@6r)7xYg{-i#n(8d zvbeFaP{PQ`sAEz>r0&{7jH%PZXT4nCvupcf^{6<(Tw$a_T@6Qi>uJ&W#O-%a~9Y)0rZ|A*dqg_KtfJh&CzX{&dzD{OD0J= z$oL%P*rt7V*51c;`$N}oCsO64@6aW!dXyjP9W7@!q-a!SRf57cV6q1J;Dk{;P30c; zf|^&l0?b8=Jvq7S$j)6S)0H)B+1^^Nh2X*6`QPG zfNZKV*tO#*V-AUX=% z0~Z1Mew9*;Y}u8c>N_X?QI)LR&l#K+^-nrpD)089l5fz@{6~`*KCBR7A%j&Ml32mx z4*(Nam9tcENHETK9N1nHuTwr?A+ZHS|9H=xD-3LlB$CE-l161OR-7?Fabbv8AiP+` zO&|O3oqw-p8Rwr_=>yQ4?GkgYD~hv5qq{ZbH}X|tE3A4u+=Gg%_AsG(n7hr=bJjoe z&GxeM%P?*>*~+6ApX?E2WmT4C4m0dRH!ITO$^Ez1S^v1(@mHwaPrZ0MtYx?|cTy~} z!244%RKaS*e^g%(eiT7r#+mx+O3Ja^KjMualiu&p_N)@+n21Tqk%N%~Jk%_>F|_qh z^9A8ixvdl_6S1O)hD;yTxTyh&Xs^*Ax`%_|^1-E_?J;mC64@;Db_e(W#JVysSbXja zl+~ec;7+l3J)w+w{DxZw5d)0^gv9Qh*>P?x0~|n=u@~V+Dqlcm?PZzYmAca?#-Wou zOS&ux^oJ+SDb7rFa`m^)Jj1t=)tIT~@O49Ie6lcU%xr_sspINrQfd8|Y>cQsOi+sr zVsPcqjYQd7Ejs3Ehi*nHqPBl8#p#9}KngmVLC2KJ5rnhuZ84h2o0rpPwu>|vb zk09hw2~;X^^F6P2ltmI0m{hA|-A~4fP_^j7>Xz|qI=c~ah0}Ex`MwN|UROxN4yFMAG zcNgmzn1`&ATrU+kIe}7-6R>=jdm~;e!?PGU=b?s|`tSyVnyV`r>+W$LU45+ghKxnF zs8^%z#TgbZ(NQihZwoBLZ8=CSjs)asinNu^6zQffdytMbYkJjgmj}*Y)d#GX+{?v3 z4J-K<&+o#l2ROgQM!TLC%ofy=*N6lvv#RulkF}Qx)&i&8(hV#FP}Zh=#WP&vXU9o) z^eVc@hs}HzRHrt^i|U#Uzpv*Y>|R&|p<~CLmn7U{v^l4wOvOc&;;$t@)2LKbV+>?D z_Hl%-dt;-QUNoN=@@4v!sDiRVlyU!nLr#r<_(`0IVvAh?ki>j~Q8N98iEG=4`_H9o z7493TmJg#62l675g;3)$p^r+FF{DNhZYW*)Kw9SX5P#v?GJU!MeHVVgxu-6yK@QaCnz||au%v&`|7n;d(UR^WDPjR#ylb`qtG;LY+Si*MHUlh z$=-jG;Rqs_mC5^-fZWvl5HeT@%+(aI5Ww>`|pGntA*E?59bh_;d^hd%UZXM!dM?? zzA7_F8|jDT%j*NH8Mlt5a5Mpe@ADM{JWHPpU@p^;8zKJIEiMdzVc<6#=YDLlQ}LY> z8OGjYL$OmRw7G;gB|o(6Z$icj;k_&$!;qDY)xhB3OEliGZnd?xN|5sxsPN9l_2!G3 zdnENprR+g-F`3UAJS*~}9olbn8vk_P(0w)x3S<>>EoAt!_gsD7{LsY1G^e$T2gR~0qG4^tIG_!_Q-ON z4Q1b+#%5OO91720wC~py_(xdsX3u~DPra~mu9<3OIjkJF<;LRt#fYwZK6VA_LxNK4 zj}ShpQ7yBX<8vJmcdv0K(kQWH>)Fa@4;OO_waER0KSA_ZbR0faxxi zXwrFYut*}7uI=alY^YhkaXnCSTLyFQtp>g2>Bs#|D-Ouhbyr^Lb&O}Yjlx^(9KzAGM4f?{E|1x_&sS6(T*#qSIk)6mOh1Rx1=LQt5b&`KBFaN#s?QDx^T9!TgG{%}3R2Li*P z829`OL^P^)qmXN`w&{~D}@ShOOt$Mix}z+k9+NJvN(Cnz1dy&stc!R&(A(N~3XQG1v-#ybC$ zEYUg1P0-ET#^U!LkOX?X1i!qs&Z$k%3BRHEo*{$o1ZqV2OI?b!=a=3i(6>mHv!F~k z{p9aG`O*c^SFbA85-~S&%S^7iIYl^HD1OXmPvz7lv`IfT%{!epkpAN3Z$-36JHIIB zPpX=%q5zTk_+#FU8hS;yU0hC*Irp`Vo6xK{o6?d#JlxwE{{yubs4{2nleb&Uh;j*_USJuG^NbEXIyUP~IXg_vvME|-Vx&S4vJUD*T5pgdy(k8_-iT4K}( zK_DMSa>)9P}U7a{Yv{UdpcniB}xf7qc zYnzPw0yV9laFQZEckho@sysXBJLlDY3W~A3UoUUzQ0OuHwlSO31@<%T4+p;6xixDu zP@W1oLkc}~CaP!MhLQQjnt{KUCMOg6```1q$uPX~&6)F3w_Vv{bh^*O#=Uud!^d*H zdRV%M94Xz>{)?ACkktD#_C+eAj@_w=SaUckmW7%h;T-sdgLk zLZvKxebn}`@vo7vvfty8ssZs0sqhuW)}+SMN=u5}NX!G$3*Ga}(HM-H2-fSygssGF zU4?fa6`v7hbS6ek)dYFS`_5TynzsGXla)h_E(Dzkn-RxF82E*-gCC;!1on^gIeQ1M z^4sJsF1?NWI)JpDnoX4iMFu!K?RrUyX6L0e5-Li3tOQR5uT~g3+KzJ^?LXCDC5xn< z)zmTuswgCNHIPL;(YqaP$ptX^@`o(#Cj!|7nyBdGQUx$$yJ2Yo-w;`{myPr-V_$F` zM0OMzZQmPR$`#sopeUIUqk*U;EC#(Zo6D2Ay5%p&{=1+w826r<4IP-YhK0ahX#Yvf zN>G_j9Yx5Fg5p;k+u;cPq;AJ*$_ss5SZLiS5Rj{=C$Xy4#ZmqsmqLwXZyBJ>WRsG?8 zL%dfMLjoLzWR$=-tz_w8b@qdPYS$M94KIzKo6Xx@)k+(sD9oQyo+WUECi#bUK{=Qq zyk=@O@f~^3G1eI$5MG2JoycY{MP~Grm@Q)~9%}H`HZ7S#6L+Bi-p`O^ucxDN7+h4t zg|(aEB^{Z?dF85)7NQ?Y<2U89(wO=*qS>#24k-I=KAQOO?2(M^yGK-KPx>9Qv^-VU zSxwtXP`A5yt;+vn|EAFEj?q3ALx63Y{lxJSvk56Dyy*-)E#oA{mU?s|`^l}{;AyzQ zJ?MCAK-#)I`*%_%qZac6R)H#{d*|}zaFHpCiM+g0c8)%Ke#d7eXA`vQj57ID%j+hR zz+>Y*oF(J{u@-KzMn5^K+L$842O!6JX1HWI3)y!Q2^RCt5$TS+fLT6R%H!|0!Vi2p zVs`zYXO7DKrz@IJbo2{DZb9>f=PZMP2CPPBPjSoZF+jANU$ws9{raNlgid#37*>I> zZb>qPO2?JZ)SZMyHZt;;)VMRJHHi+%0gDL!eWqC=E8IF|fl)^@J* zik(5{PqC3G3C0;A(_QiMCzfj{T!goT6}}-um7<9~?_|Qi?Dw*c4_@|U?a#BByy&uw z`w*ipnWPcu5TLgALHr?_medjMrAC`z3#0+mYBX_q0z&oe2iV_@TKm6wez^Xd=ZBM# z@jqf8WMNj9XP){IOtZ5P`MwYH#=7`HqWHF++1hG{YG=JPgI?d;U{v-9lNz95nT z{H+*Ny4fC(^YaJDpgBlTCzy+~ySsbchHsnb(ttzT6{D>0^=y5k3$(l6HWui#3}+tt zHH{IU(5gHeiDwT0?t23xII;@^I+zf^F#Tk*yG*a_I*+OikrIX zv-uX$#fH<(Xh_oc4_W)UP6rW@OlAwnIXPU zl~R|KQc_ga43&c5@gikWV^$)B;~l`i(Y(9yRj5-B0tw0c0;M4__@i(aHxmAPtZHIO zZs9q%d(+zxaS8O_@#g#n47h>?^a%R?2;j0m6Ix{fHnqLl?N0+Qb@}`w>%JLq{|J8> zH-QTSWdr5Y0G-;Hj@@p$FYO+RhHp%M4bfnS2uH`qHuLac8A6%dsBUZdv<0u9fA zV(z^tjP)T?rvdeE?!tiJxtux(eN}Z5k3+yAy>G#p-V?0-zylxZOQb-1%GV4KQV{sF z%|oP!z{3T^f*t<&$#4EVCO+6ZDmU3fFn1U!K4X4iAoh z2nd{MYjA}G-Q0j~0G5K~NIyfEmEU%~KnP@Va-iUJsXuPk-;qh+ngKOeLajiy{J#Dn zSy>^7)D+I>?QgF@zB=;*tq`6+Y_vcKu1J_5a=`8Gf*?Tb1{})(oXI)Jz4&*Vcbq#= z&f*_JV4$#R0#c|w_a{hbU`~^tC@@Z7Tt`1741bYt!~+O>%18B#6VZ| zx1jtT)gM9&x0e51`s$NJ+SENn418XC56b^){vp%@3Y#SWyQ=+w6zaP85}Ln$_d{y_ zxcDI^DxW(*41A~kiE4K*Sf(v7hUQE7iSf^@{*HRhzf&`yI5qej8=U&sI=K8SBgdd{ zmRkMsR}>5IqZZ8gW~=rCdG&?l)Yfj_`XYg*4xS+xhc`7e{waf+vpan&qsBmNE{j>p z^9P(6Ah!9T2A8gXg9=;zSdPJ>EzORNAV9rKfGwN-AVM8q-6BGzEZh+wRYold5GL0? z5R8M9y_7K%u%dzSN&MW3fCK#yfyzPrOu_3$PZ4l5r$>Q5Djk9~zmX6#to>;2e3#HY z-a57e?OYE0tRvEw|Em32ccR2oM`V1IGCF&#OVsHO^yB@Z|M*aT-Fgymr7y4kLCS%x zEcnO^5y3b?aBls10lNE&1@`&#_mjm^ zAq~fPC4ipC#{co3FY);INf{nr#+&&YyZ`3*{Qril+b0PNdy z*x|ba{pSYljG-Fd0h9;i>8hrnF6;+Nsl~s2!wbhjI8Q-Gk>~M3pfBUI3V0_^;zFRY zq-0>%*SdQibYPSYtVhnHKqf3UUa-Hi8pBAW!8Y~C06eM(9 zcQy!>ox3Vf(v$aUSwq!fgIta+8A?UNrj_xFDgLzN5nWox$4-~3m ztRh@@$*)@I{8|nzyMCnnLLawhG$Mr+`Z+I>XqH_u!b6lR;|D60lM>(7I7ZX+VTWfK z(v*Gd)8a^My+x+gJu=@dx|m@KEX5@zAsypZ8EDK^t&ZQvj*s&Kp93$hl-C;X$HtIB zGFGhQ?-<*;u`ez|jIY3%tY{j-!ng}JB<-gNAne+&A7Kv}Qz9dGLy`{UI1;GiO4&lJ zB0K?;l%SCzIhhf|>ZwV~Q@U|Y((Mzn{YGe#(EROdO8DyG9z^hr`>{kZPXRNXR`+-D zJfnwlXm>n7ohXpm(PD6Jxb+iw6lP2P!QMMAfd^c}l*X4G-p<0v>DLoVE z&?bV?l$`EQ4WpmoL;M@^98Yr!-f@Ec>U5p(9-%lHbE*mc40V1J)8m)B!}KkiSpohT zl$df%1jbUE8$61B*r9d?KL`GzVFg>2w^jIxcBDtT)LTdOt4jPweCXdfH;ilgoMgrV z7!eTBX0@_054ENmg#t3i62Jzd#%WD5HL3QayXPDxQH5Y{t@^bmpiJug;Y%e@FniZp zNm*~BG{tEcNo=*fytXRfIRo;QU)0nTC8eBSNFz7F1%m*7#O#^UWEo1&#eQYD0``$P z3aMt_JS6OL_H){S(7bK6F6&YfYTre^%aSUQJ#=*cw|JY#T!^|@L@x!?kNhgQ>f5Fe zJoV?t#F9y^csv{jN6EWRtr<%I`zFyDWcVDJCO_p>7cceZG3@J@*?nz05Ev74Q&w;! z^7@nml2~AG@R_e26i0?plt!+*tsg=3M1r)GgCwo?rAExb+$N8@2H5X@4Kox$HMEo! zea-MPl6HuTOR|oW=40=w{Xq&0#K(y@SorCbKb`y?+K^78#Mb7mj(5z(yA@hAQnq5~ z7@4dq6G%9+1bAU>r$aSyP0Klv^*UFLX3(`Bf`o(%pq$v2UwRK>0Jj^axKP)9K_mA-19BY zuovUCN|fTs9GqF-}G!~a2LFOr4+IR^4x7b0ql0b)U;%>MkxQv4~~7F&HI!4 z*5|+5mSPSgn5;N~FLq4KmkklN?-?HliENUNQ?0!4YX_5>0;;wJ8il_SJp83Y|@M@whR) zNe{C7dz7U2LYN+<%3qD&A33DnenYE8hA$27L>)Jno9}=x47=At4g-ZYtrnv1V-zXO z?Pgga^i#65nAA6ITfich%rwMZOZ$iSN%Im}Ip>Ju+05EzYI>p* z78r@)@Xlq%$As=u*E8lz$1hX^jb`h6z)6LKb#fd(-mso*ueXzsTcF=t`YGERevwU} zcRKAEO9cy3+ghB_*IiG0I~~Im?Dc+hn64W#aHEWq9)D3yPfr;x_3qVD?Od$s6D6>% zl-@P>??e!HP>(@f?FKhgoB><-9>~?l6n?$?CT+mWE0|IJjac4g%vV#-0nVz1^R%z8 zbd0%x|5OI#VjOzWz|wpcyCj^cO6NaBiYPk3ub`#)Gy7jJ0vX=+0BuW>vmz4sEBAd+}Zk4a}WXY>0 zcH-@>yJvsGEy!9PbuRHn4a?QDoNOcl@E5(Y`}q%geBORx-j1RBqm37{b4k15wK=0U z&yo6QGy%g;uSqa{;#`P6+hFJ}mCsRFOzH>;1W5@FUJ?72U9Sf+^_yJ&r18jsWJ1Lz zb7D=c`v67K{MDZTqG%Ik-ja+#N1evCVVo&%vZHjhk0_`8XDYUlQp)FcTvrpmz}_Wq z(x57>F~_0MuO52X8se2d4lYc!Sbfd@_$T4OIg$&?z=$zzx&fY`CSLLCWwpqC#Bv$j zRs*tbBJy&bh7I#?3#Qg&XgUjywkGBh0Pn&-Cb29ZsB)>efFT;VsObFLP^}w$bpiqG zshx5~dM$}6TRWl4nu56S)MRzp#=-EQ!L+tCYO129k6Rt!9$c28sO020{k3q#oJ%FX zNdFg)Q>u&9_#TCBlR<7Y^iHr@uw>QyhfpVP`&?s&?!I4d{AUVSJ;m^F*r-@uu`2iW zs(A%II?V~nSv=atKB-Q%(g-s_3L2PKjS4nlr?D{Q;|{wr(9;RDRHf4m@0U7H8J=ml) z9OJV`IPIBHcBV~|vQblrSx+jA^Xj2>!}eQjm9`7}XDie8C>AtW-~kj#71pQWUGE&> z%3zY8>aRZ=J$df6`%M4H255I&5hv!$JMNLpL9-L-z!Lje&QKh_OWw*N)z+m@syTi zn2hE+Db1v2B;_Q@;;ye^v(?MV{wWI(_{o9YiTdqPgx>f3kj2);rM~^%sjyw3(~~nZ zsoj@2U!P*QcEcA0ZW#-lw@(}*se}(wUM4>;qP~!6`i+G!cIVgWBU9?H+%Bm3a}rq- zTV;rrRGZ+9BEVof=Fd%m&}1J+Z9Rq}w5x)@MU($b`t<%|t%fTbvLr81F22aRl}%Kl z+xewmMhiW6{tNzPELykNb2IOu{pyjUdb3DAY4tBitGgJQ9i^-cBJ47Ya5#8YQRB=j zWbR3=FaztdC7K1U{1qXtJXu3rg6c)|*?49^VfrxEOl~h$f}@aqTi)kf`eeWJsk`fx z+lkV+GD@PRV}3XfvWm6nE%Jm%BE!Mu1bB(dZ&<5A>b9moFdJKd@z;^V?>v?cMcr(b z^hksrIi{>00=Q9}90Jvl$t~7=C6)vvvV)YDALfiYyN+pe5zXqJ_MKwivCkfi+sG2A zeg1&P6>aMUo-RWP9o=w1rCP~i>kKAEk@f4r@Ta%iwBaFW;+z`7U=#Y45IL(WnO;m6 z^HtabGi_q7ce;9>Z#n3RsMAd=bR1SRA0=0K&b)p29ka%V0)7{nwm74VFxZl@;J40H zk~M>O66U7cLrU0{Et=A$zd#J%yY*pjXBT&fP;VZ)MNtUZW7G%7^~bnIUW((~cK`Km@5vR5ocgY|))mNmF7|vQg`;z3 zp~DW2{(L5ag4`#AG1wu}3EWooivbfJKYUZXpG@kdwy^QwRY3=3SE;mF=R zvYeADsKt zp9f;robP!NF0E0TyhO7OX^TmviZ}8kLe1_Rt>2yIDIrcSH<;Ey_WfFR;xyhq9tV1+ z;nD8xO8}+6%;qCvk)`$x_pPcJA#g}Yle}h=P0NWB_Cb0__n{@&%4A;S=ZiM{zJr;$ zRL@L(k-I_V9`v3o)n9NbjMt>hr~Qw8?n;6?nf63|9u2?B@9Q?iijr_M;*n|7Mu%*6 zuz~B{Fq$W<%11Om@TQEf4Ryx(`&p=KJdgM6Kx*+v+4rX4-s39!!^TqwuXD%tlK?VK zI|e?KTq5;CaY+?)E#P%e-(9FW4R>}%f}qvPhTt6G-2{s(LfqI}&!K&J!S7;@9hGr! z`Lru=hSrc_au^8|=S9^~QYL7wiDoe-I|izKSuxsw1%8>w!}e^WJBW)<(&SG?QJ+p1 z^JlIsI{Lh(ygsYPXClS2qNmw zbr@(p8tQe${pk522oQDmmT&k~k8*O3-^X%{*|mpP^2N5`Oe%tSy(k9z?K(dvti*7K z22%lQSGh?=U(K(+c3icE8YXHj`}s7V`Z3L*2#CfwH+_(2(U)deQ| zxRC@xm0QxDjMF3bdR~}DtjJ%U25x7S^uCNc%Iyr1uB_W*_Jfn_$RA6|ck84t0IfmP z$-*-7rCKxwB(f~J%|^Ttv#v#p!#oJda|>77{tPJ?2It!~8_ALKOV=v}$g;^#M$&WidR_chojlq6wv%4Ha}1jf@0HiM$tV0@ zBs0U#w5C?1*PQgG->@Hp|{WP&k2j?$aeJJt+CL0 zy=yf*t$Tl5=(l^9a?A8=UokqRXMEY}@IvHeO2vKg&MkYA)xnr(lov zrGmHvvs~8B;diyyDTC+@m8|6ZZM^zVw5XZBxB6yAozouS28SFUyH$M9ba8nw1+!f7 zj`c+ZjBiW|CWIaGWeU0A32#Dh-dB-UrmMtB6%|vu??@Au7f6+viH2lMvAU4aJn70gK3cmdxohY zDhgpvm_5?7p|@7{Jd6jW>!Q|X>^p#pi<5L2 z>uI8hzFM1GiU|xF25z1L?}Q3!Hkk7yaPo8WwNFlw>!_mnXJ2)G{lI3x0&_@6%gQ>~ zJ*r)*#I7b^#+T zk%`~bOD`rPcYoOyw-4UJe6ms!x2?ai7-o^YbJFtcN|S@@iZsTI7s+W=Ii@RblY)Q6 z-MnoMAI>w1%wV9!Rppkz-$f^PY$jRAq5~6Zrhb}!D}-L;gKii z!W_=^5^_{x*vswOu1`hpZt5o9bO@Il1N>fbYEW&R6(ie9_v)=9r6H~;X`DKf&YWW+ z?WerC^N)f=Y#n$3o7K8c#Z~H!adXbK#K0yes*Uf{qXIf3!7u4;KSeT~HomDa`GL&g z^zrZ$w+PkTn|LdSRqsrhN=m9hFLrt&E4R&}m#^pi)4M91oy<8HW~ba;risPU({4TC z%5%bhIUHMRFAEv!t}o&EjXVep*P^+&C-si@^tyif@Zww#LHr%D8y(mDp!Kh>o-m?9 zm?}2T!FqQkSDY(2I+vz0Jln%X?IXAiw@&<&5yFj)UxOSUR;9N`0z~-FloihxT@s8a zy}V{~lofP?{i#!sRCQ=V)Kg+!#178PN2bxvsI%^;%@gOBBa&Jn4`SSr7p#aRoz}iO zd{*=b)C9zw^)BrqjmiGDLic&J zu=dGwbtpNbw;@v0%{Z&QF$lDoeqJGd2Mk3`Z5e(6cvemz8};xZTG%<{ZT?cRr<_HI zR+rcw=byq7gB~Yirwek08i=`?dzh8|WxpYh9`MeaL@AsFsqb zqona8l~!&?or)#Gn;7aw6eP?vjI(TVXNS(jkBn3jFAl1szd9#t29|z!+-C9~U5d`; zLRwa^c&N8lkt5UxVrY!=eNkvKS~k2V`b9Nq`;2B@o@*yWG_y^aP>(XTTkPafzEJGJEbK(D*&8a>)pt~65!D&=Am#s3L-(o&=hNDU{ z+Xic)?W@eL3$AVRyHa0524d;_m^cffT$LB@O2pU3cIf19Oy*?Ey-~J+738IJ3|-$a zDRU_U!-Qhn$`+A2)bq{f^nZ!hJbSm9y!?JDFAGH^_?2>O-rPHmdDy02Dym2BvmAx6 zw|N$LAxn;%xN3n5+7WyQ{s?G?bCMZ>LK9PRU{F}^M$E4OKA1NXvBPW_^zYV}!5aku zeFX(M(iU$bIcO1 zCfv4zY8YyKrO2vjDmn;GaGdum5G&(xXncm&X}%aI(75;9&aEL+g(<{K?Hz%XTHj7VeD7li)br!6x#UtZrHc?}p2)0&%lY?3I zfvFuCF%sTG=IZsrsF!J**_e9QrYd;m^(-U=6AEJro=8(6?6j&HTkxzkr!L|tB1jvv zcxR;Q+a}1|fXp-bno9*qO10WDzi8dIfPoOp@64QElZ0o^dJOrMFuIejw^^s7B5$?? zHYC$QrKFqJ-wK2evaQ~H{pQ&gx_4|F%zKb)t(1G4SsQ@34ujV9CECM-I^k@E;`R8} zrxCkb&5IKK^Vvx|556@OkgL5bz_n%D7Xe`~APbvU{So`ys; zJM-iV_s`vBl`mXdW?lO_Tfv(728Ca6(u309n$2%gP9n)Xt!HQ%lpMd7pV{q>%nZm= zX;_)?cnOIK9LG{$9g!dlz8$7@3mYylVtkHtTcG2pD|gR`q}E5smwRu@t@-vWmVJKt z3<7!hW?O`2x4nuX7S-Nevc}kUcPfcRRibCRYKed}9Sz@3a^MTMD-p|ibW$)v7V9T_ z-(1$Vj(F4@WfwJDKJcYVu3NTFc^}EWNx|eG6aT#uQl=1%^%L6Zb99+O_Pa>2o=oO4 zO13o6c+dC&j^(n=@aN&iC(GSOg+$iiwRVchDT&#(3nv1-5n4cBq2~&uOEdZ86d0uc z(a)FjJS#I$11Z=Mgg@pAi>_T&%U7Abc-WYY*`Cj1vjQkJ*nV-XEfVpv^@hQX~rU~HJ1 zGWCHl?>p!B+LnHB!s;}--1!q@h~oF^nv8wy9@eZOGT+#-_k6iGhCS2wWn)Ij>SZcR z`&V+)ng#{+j+e!}18}Uns#eZu>$in5N_XMad~hYvi!>Z7)_pTF-@(4F2?rsEwVtA- z)bn0E^38!;A$E5XRIqiIu|>(gOinB%V#OieU*DS*kLB}aCeF3KR(?HQ>G%$T;*gQL zMm6Ty=N#gQU$X)p5|jNjvpW+P0}(Yex)h(6j8N)5xy7TtVO~e zYoC2f0%wM?5Ie37+#FXJvm{8_l#r}saJbWFZ6i9qY>l#U-E2T6t+bTe4Da`#H*fL#uWWNCK8M%=;u{LE}!TB?P{ku z;o{bXc>4{U6Lt8q1x?ufOHw9;w8%YUjgyR@(w$acW+p^K(|@(;EO9kg5Y;(cge|0> zT@w=m5z@G)bt>0j8_=0ll2Y$h38?sF7mlb{r!%ECJ#pE^C(e(vP%m6o=B>X{IGHlCPHt4BREocY_5A|Q7twFiTol)n?o zE`uZDi`{@ZKG!m-$5WrE$}EiWg>m7`{bT(usTHHhChq$2x!vHsX@{Ih5@vT=32wFI zdTF)qoOksvoBYPcTYYJZV^@g>OxQPeS7hsX&z~%I&9w~W^*-ijh?3p5j>9;*yiBKQ z{?s7b*>X$aE$D<*-sZkCD=uC3#SM0LjF01X#b{^uB4Rqgonjk9!Bx-~;<>!_OiGB1 zlt_n1t8uG?@k=HK$r{2SZ-R3+CO~)Z61b!Vn$+ocZDlTFaYDgR0cIKF2v9K%yHC{2 z@l8aRaxU~O_^j2)WTY!?4=Yb94e4~Zi$#jj+p;Zo%9y9|$X5F;lMjS-OW3f8za*zC zw6yUti*rZB;5eqFia|`$9$`VH>{dh{q-r8G5|Z|oNvZq%N=C>=OK1FnSt1JzL1mZv zqBaN28X*JlyIy?j5uqcGi3arLY;tlOeH?hVrIDOYMR{JDw%~Cz{(j)2*J+vq+Z$)w zN>d6Sw8Mu!0-Gc9R#LCexj8GZ=r4A^b68_{dhWc^%wQKQHKeWCdG~djw3cEz-ClUM z?GAA`vV6kOQ9kra+O|IuoBM~P^S;j4zp^^j|E_pnQK|0Zx!b|_Ix;$&qG|TrmiJgt=o>>j3E< zm71r6fyZR5pyx>cqt$EzT_i9UwfCsK@z&dyhaYQvl!|JcR@?Y`$x21HKBNR&`3U}^ zjb9_87nT!8VQF(c7*l+KXYS~sfJOSU2+YnAV>f?tZhSHVDy{i?_&834WV{YP!8LO` z)XchyBiivf=Ak(wRzJdE|6Ns{Y*g;-{Kukv!CDR^c|5-3&-bjn^txb}_mZVb{RiFj zEh0o8EjB0+!NJtITW7D_a%~op4i4I$^2saR&T)9(cd@jl9paM_q6s@Tl$c=#Jt1@- zkO#cs_-H0+^HC51Z0}c*tJ?jr?r@LA0i#EqxE0^{jSwMgyHb`KPr@46Hi)31R1r6+ zyHGDEwM-X%X`N9T@RHkYr-7cc7l_aGL09Rk2~y1=1qSWDDVwH)jK*|E2T5R#6Bz^I zs@%=5HM*Vcp0Vx3=Dl=O0d5DBUM?bp8lEa6GURQwQw9Z&3FHgo{oQD#X>=FA%d-%$ zNjN-l#$1ASn&MEd3T7=<%CsP#^~#>~2uZwb-vc1hN@JX26+#sEuGSt4 z(i5M#g~Oe7)KJcKZSKH`i;^Mi)({7L3uR6lHwDTse#Xw;GLvHly$O;rDeIH^ra2;n z3kw2kaPn3xfEbZbVzPZW*QW-UC{7toAx8YKm=*?>v{@HUC<31x)m15BU+iU0Sp0lg zz(;Cnna*2_hNVvi)StPUF3j)72a+zsiNqsZkwR9BD@!T^{NX9{V~UdTHt=?N%{L3c z5O8kz*VijEd{^p4&oR=ZJ{S^rTcJla-HS=KV`>vHJ`Wnayik7>=HU*cC8CKgy zu+XcauDA)tbnb{Uq7Uj8nyg%bDcBVSs?1++BrcL0cWD*aMs6ZLqy1- zZSMCtoE6=%eqyAqUb0YsW=LxE38R{L{>7M((2rQ*aRoGyV4QGlZMt=BBn(a8OUg;SU8Mn?y|dxb0pU_hO?{v~=f%lDj;eMWcZ>_Z#rz|Pdze{&NIL2B+LL#c2IxtCxjHpG0 z=G3@8=kB`Qzz4Wt6LY5%3-uqvi`aaiZ>Z_YFp}8h1etbKL313^mDSLWpIC^d%

ztQ1-}@p9asaB%14UiiaIkx{Cm(Fn<(KCoz{td(3*rC%`X=2Zs-UEC~m+b z>J4bhSt~UmlP@IMM7C_P2=bF0VWrhJY~u)$evOz6cS@=xPf|&aG(}r4;%sl6ORP~) zqzO#`3$8d18apG88eli??R^*Te}wPQHX#VKAit!Llo92_xg8YPeRGowo(FA? zj|q0cyJ7h<3A8=`f{(`T7e09m_`IOJ{?3Q&7Jbk3b2_}Bxhrqc=vNC%6@B3taYu+_+B*F zOzo%YT-z_hI5|Q#a$im`V!BbHNd-?d6X+?`l znZ;!DxtEG3Ar7)P?wWo+Soba>Qf z%KY)l$U&BS3BlltOkXhM=VG>_1ya&uh#lDrzAuMyq^Jr@E@f3TsAN9A4&M2mo8-8S?)gddZrlq(+-f;&D zE0((dXgP>-bdojK3&rTa!hOJBs&SW^d*PIE5J%J(bQMNO+Y0V*YG*(;6ECRxfj0^A z9rhIjaZ%JFgWa3_Gb>GUd1|s-NpE;ZMUaRy2n_6E_Rckt9B%Ipq?IwnYQZdOR*G;9 z#?`a-Uil1x2}Y5e#TkTFgGH&_PFSO&AH{Xum2Jhf|MM?T;AbmTRnCO*@h#LP+f+t5 z`Ra>NLLh&~g~$|U5{nYDCB*DAC6wni zXrBEG-i1&Y>vG_ae{!juk>`-*SD zY}?CVKy!K!7!u8ROJD(0N9B%TNf>1+BpK+sUqP{2+-F1sBUnj{-_#%z@ZQmHQ3+e& zjfyDSNzqnK>vmZ#4>CbVBk>F2)oSzip1WVmcE8Jb#h0?&&ZZ*>84Vt+$_LpYtpPF_ zn<6;{jv;is=W(yViR}M?(2d&|y*jZ*bpd&)@|Ne9Q>k?z5pS;_uALY+i>(%pC(G!q z#mTXP7oA!SOi&ssAl}(WBN~Ztj=CsSkOeVRg0ml^gUS`xL2Au7_llOiLiIkH3DMw& zw?C@!dAqPw?cD;pFv3N!iVRg>um23@_?Gq>mc0)v1p2p)9csFTlncQ z`sxT5qw>4{WqWfu59drv?>Q&x6F4^SXU?=3l`663><+T48~TF%${T=gWbb~8Z9;~@ zb<2|}y4_sks4^<-H(6NqZ%s8Li0 zWv>@TPG$(ltR7!|!=8Etcl6^K4PW_X&NQ35kG@@SFLRyW1K^`TW9?fy7A=~vj8GJ>T$3?N6*4kS$x;$AX&VuUP_*UE zy}XO?jLIQ)Gb1q7X@=Z1kh4*JbJ+9{Kf=lU)c9tmK5)`^F;hf<>;!h16gU@%(a1D2 z9zm`!QB={8j6&GZ`~YY7VqV$r>YeAisrMBy2wXGfu-b>R zB4VvdX5ejfmPmXZS&%PnlxAJT@^M$6g%L38oT%&&INUxUCsromE-|d)V0X9T3Ci1~ zpzb1(PP)Er(A1fE_ISluOE9_cE7U#WC(hLSO-Tj=?Jerh)j^AOje|^MEC{%pfu(M) zR_|yk_b4?~%Vy>4_9s>r-$XyRgs#Sp@>IB9pmyXfg@dtR{kSfl`rDF=bxH0s%rTIC zc)or=>U?CkYdUW6P55RHu<1{ysg|PUAWsI(=aB_{-2YN5)0awH;WuvEWO#|!J*;zp zs42d~qg8K@9}y~G3RfE@jrK4gu^-G^vl7>-e0BKpX(W8l8=&r3w_Wv>^rL{UZEsl8 z&A=erFP@d08+_T%{I(HBGbtO1FU-{t8%Rb_OLm4zRI1VK$sBsbk1ylECf?iN87@rK@%qAH>n)9;oKvB+Is@IpL;G^(j!QwqoT|4uP|nsUFB> zysK4+GHE7SRn2IK7Dlnr#zTZeh3ONQ;Kv8z+W zTT(Obo-5MZKE*r~FttfCQH*ABc^&U&E)KyWV_F@yy+8!k`>A}1Rd|8Q%5r`8wpr(X z)bbV;^$k7xgjLmd5(_Xb`*oS9ars?-@?vqEYeA}lMlL4NyucQMlbp*in;ZWaIZ3Vs zoi1VQ#J0f?VTu(aznz$zY#CqNpYvFg%~8Qbu&4u?ML%F*mk z;qipbf?*(;mm=~pOGSJ7ky!2R8>Nd^6i0A0Viq^%j7;hih1l=g5U+$?&|&J)h2OpC zD$yeCY8wbd`{+g)syV0h#WQck)HBIwSrS3G$BsqpUEfpkcu1eWAY?X+;?V+Im3ZG! zyG59?5~Pqmmljnwgq*89yj`HDj1F!&?C`6#DE?V=di}-=kD~9u&|V^_5_Uhs7ytTN zc;@QX=j=sY@X)26JUUm?l~URFY<*c=Fl&8(TbZrdu-JEVKYGVU=VlUh1V$T$M@R#b z7p)#@dEE+VSQ0yIJ$y8l31c+2=ViC8jMI;94OU6K&;9q={*PP|SxIV4I4_Bmq??j8 zr{b{Xud{1FUqRC98>KfiVz=d;YI~06BFLBO3^D1bnynosW%IQr%6H2SW+_F5g4B(g zMuFSR4+o6*#u3Aaaw=|SftM0O_sWx^cJOGWXPW{_2dW}EjFq|}yaV>;ucYi>uGW|Xn2JkH%HO+LEv|XD z^U5yi+^Bxce8sF}*VRYku`>ji6ci;*#w|^H z^tcoCoy_H90p!|eVN8(zL)1@->tMHyNokxNgis7gKE1M7kZ$fXM=OEXh%)8x3r*YOGKiDq>Pl7vibM%86_ z7e9cm^QaO5{cx@dIR3LpV(20-it@d7%NyL?u+73q>GH3$R?sKogXLq(+=Y=zG)rUS z(+3u>BM~K!Go)noGe{h%UofiBz3D7>)G|J?$Eb}HM7frv+L~+vO&*x*w^$$2Rr%Nn)eO2n?oD6su zlj80V)DOLL-wbcUmQe)0NQOe3Dl2pY9`uE29m%X<4d3upc9WO<;>J<4jkcmGvF;+I z5)O&+3!B|``_O6%^BMDFvrsDiI98@j`SCW}#R~Dd2}O(+V#C?WU9*lr6GLWT zPk?$yd*UbM4U=aU5%VXHH4HM}2(1sOeO>M6FYs;N4S|}0?HmT!^a+f11v+*J#dcv| zxL@-+YJ3s1vy33d!V$2oje+C##6$Y9dmMSM6!4zQxXS+L3YTgxXznAN)*1mjDoz#F zwVkNptmQAd^O^ek10Qex5j1kspcUNReyp>eJM0Xum5_1#?C5?1Gj1Y6U}7$%;~7O9 z0uvh2uYk~g#e|Pd$cO1kIK$Uf^gl}AK9IaTzN+QeW@^OHg~5%Y?qgl5V5LDf8n1t< zmljp)aR&2i;1Z{Onts!NZjT6*Nj?6wAPuWzC~z!B(UbZ4)jaCw`%!)~u!bx5bl^m| z_*-z75da03zEfL6NlG%SEdi~sxHxq6*hUMR6jw+XFN>l}->Yst>AfxwA$0``20DjJ zhR%SYfn$I=q58A5G`hCc+538iV%Tl7rr|-ZiSRxwxjXPamp?4y1sHq<-C^k$BxuAk{%R-Py>c~M?Tge$0OC@q3D~Br%Jqh- zINMzoww!BK9*&t}Vo;4a9^|>?p)pNTij`}HD(cGD{ah)9trsxzt|de;tp8#boJ3fJ zxbsHj*URzI$8uNNjg$Ll09aZyZHY{HTH|45eMf{`M*o7tR&o*3G%ptG^x75B`sDdS zZ586oFcG5r>zU#x`K?qjrnPwR`Vxf>(eN8c+?NWS_R~`3Tc&%r+ZIE3N^~37dRwI^cxopY#5b|DIC~m7u77>rI zX!KHPR_!5cyWG{0jkCJ!#BDgtr%u2}PU`H9={n*16_vaUdF_ko9n)49+x7<&@N(^F3@3IBQm&;;z5vDNI?GV+w@3S4U-G4asmiP3S&p(yJG~nc# zkrL9BD2|R1@DGre_Ohht)spGH{c+Ib5c&L5)eF6+!>ui*w7!+JFS8UqimQCE>|+t8 z-~6@}u}2Hu?Y?{X!|B~aESjitGq#Z!hHna4vkuX&C@GdtEuE*%sH)2?M&)UmveoER zj*(ty?FYJWBLbsGH|rbPeLq+%oOSHTYz1Cm-a)mCrra`K)iS0_HVWZelpr2fw1>-C zA0R>!%4ZFyYE}sXK@+lE|F*%+snNoZ4Vfek%XT;WA*~WKQ%S9*@WwZ#`*^wOE5b^t zH65$Ix&RYR;nUgOyCAQskY0Dwl5O;ER%Xd%9*_LD_#WCvb!I zB6as7mMkD9&w`McmA0+|BjslP3FRg>4xOm!JQ|IrFNK)p=18tS-YCim$LsN6K>4X{thL4Cgdh(jw!G7}tI*@=b?`g%2CG-dv7oYSaU%Ql8*WuZlqX82P~-EUurHiAf7Ae-o`OT z_%pxRy2DX*rP92*G5N`q{e0Zrs)IdhPQgY_gar#>knq6(+lGFP4V;LjnCxM#Yha ziVEnHJxVV>P5T`}GI}FDEq9RI2kS$?J~;mCqMDx;R+!ZDQqBg}=TQJsQHa}XG7_PV z%V_#{KACg8QwUru?~3E-p5SXiYn)?>B&*yrbroIKg_qK?f@l?!J)I>0*Q;6`h@+VV z(`f#Yvhq<{H1g1>TQ+ar2SG|t)*zRSS)Xc-)~mJerv*7nxb<`$>v7=mF*7S)OdoLy zJx-}#23m{G-AuE@5(o%O+1x&8`jugcraE)BpQA(&8En!{R_c}0l|HPS1PNu@h7l!q zDt-_TP!8yG4YeI$2?cXLjX(e$m_)U}CGYqX<9=!^@fsH+ptPuvH83CHC+=5_FD}bH z^cR?q1g0cywF|H8v60A3DR)`KYLwscoIZqpEsZN77|2~;eqD$w;<=xzJDr?UXh!os zUsQc8?Uj>m$$IPfn*30e4Lw{wphXTF3xzEdJ{ z5>tiyQB&~q>~z$)8n@0B`rRHw%61%6A0zK!wMX*w0*uU{x=@CtMO#Ltffvb~yPn-f+7gMuqF^95o9-a01J- zd-$Q!r!x@;U=uW${hyX<{!dSTXB?(5I}-DOb62*i1~$EGZJ2B>`+M*R0cZJ zlO&ta%#04qg_1lj0v3)+xrbS{*(RY2LZ&)yyum6}&%fwdT^oszcZ=aE>y*edms;8R z=I=??Ts=7%O`D(6=xb!i;yOlZ1{Dt+&@$X%uOyT^rD*ygsScDu3yG_JXf)Y#;bQ-H zU(&Z{Kr4gqWh|&LPcs86k_vZkacFDt`jqcX6wKZ`mp7w7-e@!)v95maWHN_(vFF6r zRK4Bk8WjU?zdtcBV{ez*QQnASghAg~E8%=)f=l5?`>&YBHr;tarD=!Dga&a`XOD#O zU3wqQ5?ePFDegK+UEsTBE|4F;47NirSX-=d@cvd-V9 zgz3n)I_ys^}rWCojlUmwEBcg-Uy802F#5tG~&(4f*bMbf6Fi|-ADPN z=nc8r7u(lj8ZAEO`7^z5&5U4(hQae7|5$1^VLcv!$d55r3at2Obsze2pK(W=s&Yd8 zYAPkvrSf=O^O4p)8(4+vFU)#nvYM0*PUUk44vLb~xC!OJTo%)}XxZ{Tnxoa)W%EF< zFD>IOjYbq;lw?KVLKBJ>v^*j2kQ?G-pZV)hkdg-vNw`%%TC4?F)_u#9VqPdMtzwRnH=+K=oin5 zK%tZpk&<6pfU?6$@e`JRh=CYJ5kV-nLgU+^nhM7@fquQYbGUYI>-3&z#2q{2!4c}yW7qm)^t z4i9}Po;bO~2%_~bm!rlr90gKq4ER2xBMy!R>WHf^>k%L}8a^gL-+z?jf{6j+ITu`2 zYX?Ds_~B^*OnEyA&v|^w)fV~fDs+-F7tCvhIxVSNMF@hC4U0j;T`;qN+dg2 ztsXu@Yca(?10{<`vq)T_8TXBkm^YOSU59-6kS7=9RpJS|2hZDP*J;fYjyJ07!+|gB zl|=Ng1)FAuk*yeDcjQIe)#-BXw2YZ1{#F~>v2#_qrTlmlK4QO3=_}h$n9c-!0DS!O zBG1c@EOsftBFe+iV57e5%h&5@Vphnh>U2aaNHDWOeQVv|sH6@qv>+L9M09wA;Ar-N zgr&Ng;H^s8JFmsm0^d(E-S<~1W+Cn=ZCUVS11b@*d;*(k{AU|x5=+`0TG|41w`yxl zfbe1*V7FjcFCGJyDH8W%_RZ?l0JhodtbVS#{n<9G0Ixtt)|p+x(X~_=b$%YIHe_42K7qt;9r)8XsCbCCT zq-J+eGO!`KB%&CuL3WSn9v^XZxBZ|;^+4yl7&^I(4DVY61!BpZw}LbTVyMY~d6VmI z3(C`Yij_mk*wMg=LuV&#(O79KJA%a>B~-CCs0U8#*-i%;d)iuuSaX!|ajt2eInlju zsw>~TCSjRcm{%IiC)E%Wa`US5a#z~${dQJA2-C=$;A)eG0|DlpROy;;r?E?*$(BNg zQ&6oe0sytjOIkd*-Vo}1leoe+sp|c)Xud=-u{aX@P!2(X6jq~7Qo<-BxD;$x>cKBa z`+i9sjXNRkOM4+=J|_DmVN8!BTlg{}lUTHs`6AXsQ3)q{q5WtwGIR5sNk4Iq;6}$6 z`eg8@=+Ur~|BIhUFxKC67F^?YcIAt7Ye7~eOkfC0aWXje<&@VLccbniHqUV`%PF3y zkVQ<}q8_3ZwTgYzsKVyf-yQ0D3DNbzh5Tj+ZEg~awx6Z@Dj0p~zbOyQ23!KPX+vl^ zY8?nQ2_)c*Gd~KBZBZrmvo7#e)FzX3lz=&I>>ZprdPzKEP7hodR6%e?V?y5#@8+J| zKC38!e%ed4fcz}G9Or@6(hUquYL89SSgzyzND{}gu?l8|0yjm#D`F2?pfMs3t57k; zNdmuXqVB%r7WyRdkPV?!Pmec5yS9=VKhd|rep^Rfm3`vTpBAbk&fM`}tZ#W1d}@NRH`EN}4fzJbjnAkyI> zka9E^Sz7p~I=gX&m_5kT%rg(GfKG_{uglJl^FlV{#>=hx2a1kdXlrF!@s>=u>kJJT zLEZ9WF1Rp z6NmC<{|Z#B>`hwYWL>sQk|*iUkWEj%v?&ws3=-ALiQK&W%2DmS3Hz$z1?96^W5GUAsTfPti7ezQbzrN$S#a%4uhgh9Xus-n8#Jvk!Uf}4Cy z`p99s+QykM-7msO1bq7m2TNCG)L9{WC!WhuLyN=^_5H~(Oi(#C-d<_PfaBJmSk^0J z*WV7?`d$pLJTzJ^6}VL>+hL;U%+$~So)1{j%I=bA@iM7sCp#32xilefod5uRyW?+% z54i6jcb(OV|I?61jV3%Txa=F{nck#?X`in#O&UqB!iE+qDKH3ht_YE>8y9f?%|XRJ za*fExElS|YQedoa0_%B<5xfdcb2G)C=E1`UW*77 z;k=znPv=}|p$Y;%jz2ww8=c;PmLG1Tv?#hMC!dNHCl>zYUU@hxAQdH-!=LA!9&`p0EmdBRMeT)|FErGDZ9J0d?jcVc%@Q*54 zU^qBz>+Q3f8fL9enw3(Gv$)U2eY@lun=w+P(18hRIrtjy;x*pC zd;eg~5PmK(hkpEESI{era^3Xpg-J+*Dnj>25!;RV8C$?z67yGHhrs-pz&=)<>$!1k zL(h1Vhf+T7SOqv`0c$Y$kZjFtTBaN^Tr-FMUF6$xMZa;C72}AXIDruk%czPpQg9^b ztToyo{|nyMIN^H$U_hV0K*T#T{_Qn@@Ac=I2|;@13>->X6oE=#_v;KgbpN>N5J;NwU1x6lQbi1G;ti^pIl(E)0lz`o8XcgPsZ}F6$kbq*6WuP) zn`_!cdyxFgdSHhWm5pvJNS6|f6E7pW;{RY}wy4#ASbDhVrOT|H9I7=7&BqIL|yq+mWdZ_2ENsRt-_JXP*u z<9)=%u;YzR&(qf-!M`w~OH#eIS<3*880U(}1Vd$d@h%Kw>`bc1 z0%%+t(WX;%(_|M5!r%$Yhk0H?MAs_hYkYl~o(LACqmnXh8-t-V`9x;Ebv5!8p)?~a zrhB_MadH!o%sWNB`cN-gszHu-*yDj$2+EH!HzL&X0%Xa#5x~fRBSADwj`a|{KHXq` z-Ffzxw4X=Em%XvhKv&M;#yCCibzrpEgp_F0+N8R`38t>zN(!h;werW9j`7U|rZ_ynV9!-#)j?VAm0^ ze%RrPO0k_yycV4m%GWg^^f~B9H4;3ZVc&GB^m8IF=rtwlsaB$YC(u|-g?@>jELN5* zk`K%n2jvC`er-=@@D3e+p+&yDj@po^ZdbgYJ77@MA+7H#V=iQu1XO5s_38V|@RAUh zKghBkpqoX(Qri!9=6fl8v?0;UT94Gzy|qYsmHwLU1W~{VMq{aUDw&2NFArfz_}&~U zzZkN`o^5;MzvGKkahVtq-y$$XQ}dUX#Gqd;&Q>5Rkm< zRG#FTCFopL{!3F_2klbq6BgSoG0wagd9=npf(oXUlnR%ky}xktN~nBB+27Wkku8Ud zmoxY&jWk2;I&|Tb_O|<2n;sVkh;{EZ)2~ZrGP=O3@15F4^)amN>bjflb;%k*3&zxD z9EhHR4_gZTWOJJ%xATBZ8^5AMo(q4TO>29;HB2^Ip_3v}fZrn;p?)CicA97g=#T4l zHgB}e&=S5x^;~i|%~UGK_;V9~OZC=EdB+ zlQ1gjF+sS@XJpTSsy_PQz9)%RdZLc0?CYLFsPkce8fi)R2r3cBGWZ?6@>h+Di=RPo zwK2x&Y{)T-BJp*-_@?wgTd$32r1vYnk6X!gLK0=T4Fwa%0>mtWoATo*zWQ2(E|rFI zy)2~&45LR}Xall4TDn4j+8)PRMhaJFAc z3`6qn72?;i@Wwars+CigH*d23;kc!z~I*p<0r0|Sy=0C_aN#G{4j4N19%eUP*7+i>kFZnDH>x89!nPFz9ueLpwNg$t!n{8wbTuM zk;%XF;v>}>3 zild2FRmTx6HtW%$%SE+snIs0< z{w~|-p+V2 zu1onWz>Sl+hfn5;W3J(j_Bxq>cEgTaIKz;LVS^GAer~gB>l2)*FPv+fdn?)}BDGwN z_NLIp6{>=y$q_MmyDiS6*JNu-ye(}puxSyPV8O79z z`!4!DzK(u7ndJRz95EH+VTidMF+E46*T4KzqA+JNK3mB6$ty*9w!g8y^DBRtfl`O8 zj``;6%z_bZjwEg7S(ZDN&;oWgn0*2GHD4fEI%z^FW`Kd*LPi$CRA^3&sj7Z|L@SYu<~9vkP)1}=PvJG9sT7@=us4t=;d z8~%XpFC?<{U$v!V473_b5NZGws;+5iFtVii1HUPM#2#1Wps3g_i8jrCl`+~^>ysF7 zYPVHNgRS7XEGfM#(v_OUoA=kaMMmqvShr?o0`8((Fu*P2d#JktR{+#VkE$UJP*MJn zX}#-AES>Ebc61DpV%r)|5I&2)4x-%AUAdL=P2W6YZ>l3priKx|B321D&=7y*6-XAr zf98RlnAzV8!+$)-p}3NAAHJ*(>J8ktIU2;5Dd|F*g4bLz(H7=Bv{Nmkqm zBNof}K?18xH}26DmpBYx>5**n_bha0^p~tC23Fj_<-PFk#yeOiGx`=J-A|E~$PnC$ zi7Kfj6>)Vw-o`+|{&8sgLrH+S{rE^Uh6g$@T0Ht$92 zhYP9j%fhvri-s5jV{@H)5!Y=v z<9>G6>5^YPn~3pq*23wRu1MuFRW+x++(Psu8?ie|mS@hjt+jc6rOo+SoglB5Zkd_D z+JBU*;@&iTZ}eT6dOT}GHr$nqP`(3=P0#c z98_lA!7hTGM96LBNx0EyJ7fC9bp|dxTl!YxAS`i`My1r$GSipk{nMj%>t-TInm*yW zRv3Sw4L%7DBe_TUc|#YKQ+8;Y#8PAeY@>kQVs)u`p0*S{`Dr`^B2D*dsCH|y3>nQrI@w{kyxRbX0 zx6f@c7@NQZU|K&Pxk02* zQlx;Myng+`*K;eT?f=GI6r>zm*U?yCOe&N#D&)uF+?E7WeM>(au3ptmaS~Wu-;s(3 ztSmAFEe%!k6S`8Ri&U&zcf`&KY(UyZXa&kTLNVE1&I^v0&d3G9;cb&TT4L6Ka<3Ln zdH|8*g2Wo9&^wS$phE3moOqT@q1zf)H$!>y%7UClMAiwCzkns^E&mK*^Y`Atzjd{* z|7_;wa1V23*(;J?ZhkB27h(Ezb3>se*Uej9_3{9X{%M|X+$&z~BIiBo#?A^Q?(;rug zSq8y)BbL5#C{K+&@F2=$c)5%1RJO(iu5ArsnFn_?9b^=rsmA8-75o?KoBOpGSp$Ks zS8q30OK8d-A2;{~xy4g{8zHSMzR(h&Gv=e~YqodHIAcLJ`Qfw({Lcd%kp0~x5};+z zXg~#@;5lV2?k;z#=7sZVasFC>e1#vb+c6S4{D1qYf*MXI{sHKdv|oxG5y=? z;dWy$@FC`X5`9_`p!c3ldt_f063JQrADADXV?{)3Vgqr?yh$t}n18(PdxPP*bVEDY zGR~ZKhe^QU-m1>5m`PB0J=J_#0#)(@cpftiZ{U(QfMtRcv7umtQykB3;Z@jhk0>Pj zax1zM_GIP?UlhXhIq%76-vWjcm1=?Z)+1#1SSy9~2KNAxF?#g|$x12y5IWB5^x;u0 zDlMy0d*C^N>RmQAvsN!RAWWiNXpB&QfdfgS(T5EHFH{c&MF#U`qo&K}2kw}6R232D z?oWqFM^SEPq{45H{kkQ&T{SnHf@i*X65R5nN)S92t*}5W+;|mLBQFWGrd>)A1Hotc~*J}7c)8IYsZ-7~B&_RDNWaVCm{+c}n?>GT*taKPTo1sq=kGp)e|cvFL<|Bl!C`xd zwmBt3-ZTmfk;q|={8D{xOkDElng+_G|5ZoAa%IMI(eI1UTm5|MNmI4M!vM}zZtjH= zi@^gjl}y^OhVNs##px4XO2LG!V0XE{5VN(W(8rHu1^LosD?>%$5|RIXO)YY14@dB_ zHNs^FPH=vIGTIlE{d?dY&+EQ*@V|0ETuX|Aym7?B;H#F|-D1U$W5GKvA$44&`1#Af z4%I8yo|tIV)^vmC7+xXJ=dQfvEzw;)zj?br1-_2m-~|Pathk`4RF?=M0S@7?*PRR< zfrk0$Ve{OBb=;wgh_a0?;VL_8;}hUMPEM!rAcgY&&c9vXS)A3E{anFli~cLnt&hAa zQPfS!hv4c^zZN(nGkcTNWAllaQla=?ekg>9%iy0vl_Lu;cO3%MiJ(DPvXQ;cT@9D~ zH>Qm9Gzaps)0<<7M(t=eE z0Q-$JMwh=ZzF&)84a6Ntzj`ojJiw}#!*!upl4z7-GVI5U?&wy3qwhK3*B%%9%Rj1n z@dqcfi}lkhy)t|!h*J88md>n#A|A4?DH`YOj)P0Y_)xfo-+oV zWW=snaBic3q9W0aXdwF(YI`T(w|_ud^y|fy+d4a>%9c_F;S9VZk^$;2;NN89O2kJW zt^RFx6V2!FR#oC=jz4-yr0zU^B{1{2-ejbE;hNLcoUsBzHHyu%JLx}VSyu(thQ#er zpNWp7b0MQ#z(+UR!b;9Ft4pif+FqkCZ_l4R3juaGXrVSm9ZM z6YxKYMPQ`0KDl_TfW2qdSdST&(={fcDuoomHb@Dza(&&Zm(cvq!MJQU6N7q^0t{O$ zgyX;ar>$Ep+0-#K4~eOs{g=H>U?Kd(u)2hh$VBNIR)PHJ-1OBn84yb~1|gs+<>X^m zqa~hZ4MoA-gFigaEhl7-{Ga3F^GD|hvBLs}ns0=I%&d`bQSdHl2KZtdrsJ}SQjXyW zOB#Ukplc3{oKu_#cACxKAp7W=zId58EVRJ;!!7fLxT{}OWg%;(zT*@k5hz!vnF<(M zy_~jneWuYOI1gtcez2Zw^v!EayZiK7k-ZrfL6EFySdQ}Gz!Azg+8s^icIV0kJh@e4 zaUmu+;3GVLE@#TzZ~F{ZHSSXnKfeo6N0)*}h9xgc=O5I(D5s0AHXq z_qTidOcWfIi_g)I3~q}bTUsb?X;hk(2(P3HW<67ASS5=;ur9s{=5FQEQInJzv#k^` z{Q;P~w}j1LKAOlBM~R*A@l(8}>&9-soRk2cn7_aC>~65wgtOMPsv`zrtYsFWX+B@Q zXMu1N>>+KVMAi_)D|}ZXkO*vebZULdP4*07*N)B=|MA|!*}@(GsWTCI{WHBz?uW!q zSBYFP(pdcIJ*2HER(dB$ztLTDZL*_1sf7Ti$eIf+ca|hUJ$fp*+{^BpgArz8>_+hFZR&Ie^#q1NvsnwZ>gw8oTB8cWqF4>>H|IBvj`{z~wr`&Vjv+Y!I z9=R4sY)%vZWanq5fH=Ihr23gVJ zGezizu_{tUvCpt3&wDSt?R*XR$id4;91@*m{^v$sjy}HV__ql;G7+wH=|)XcX6;=< zNfQv`iAk7-u35{TsX)y@ijrGz$cech7++A$sQshmwaaWMc43(>#yfCVkR~P5P>;a_ zL@Ukkg0{j!QV9L*O)EYYNm#v6s?kb(cO!QdTm9%3=>e+XubVIdKrknMiuT5P&y~M$ z8MD&Dh!TDcIf88@=mbk`fEd2^-~fA~GA@II;NSYI!DYpCTCuGxv+=HF|Q zHuKRWF`eEhkB^UjVgA*$U$~YDT1w?#=TEBmUXyrv+X=ysUhiG-YFhs%dAlWuxEIk# zWb(8;#oO{kPl-!IL`P5zl= zN7YiL7`s*)dB)i>i{W>uaK@ix2!cPDr~mxOX`VbwK-~LLa80Bq1p=fNjB@|;n1ZlZ znn4WeZ=TXVi$*c`GO^i;~GA3KA=?MY&p$)^;@8;P_7y8Ui+7sFqa$v++B@G)U7EUya|(Z_xn z-GacW3mDx0ffVOi3AcORNpw${p@HT}&jdvtK{54ixpsnq&}28@enpWd9Y=^%7PUUD zBy16bC`b5%fV2843A)t;QXdV(2PhdG2GW;6g^84JR#jVBEFWm$L*OMz-F}zWG2dR} zDL>>yS;DfjC1tI>kR|gLqiN5hnz?Qq#hkO+wcaW{g4XYkKuKnrVKfX=iVgFa@6bi} zHQ8xId}pDon}Jv~0xQ1(D=`i1_-YPD7Q^r&mg>K(vuGOj$+@TI~oO%PrY&z@54 zGH4p!99Enwt<<6M4Zr2;#DdioGuM@Wd`FJyN?(oiliTFA)SjNpNJD?hltUY;1_88qdP zc*q{{lnS=%27LyWPcXMzysv=X4^|WY*QK>uQnAJp>M~j>t7Xmk#zL1o5M=A3^ZK=-#b`1#@e3i-$T6!UCYY6;y z)Edg9A4W5*01%qe;0EG+WeiXbnA01V?;~#^rqDxT55bDd{xf63?7I(N7-`!n<6qYH zZvf*JpxTGm`@se}RoNH?9k-8LxYc#mtrWf91s%$YcH&G zV}dGGJxZdRmIkUjcu5{5NFyc>zIwwPl_ip;nK!q~=f{1YaT#eVyZ#|X#rLC4s9I9Q zd}n-_uS-$v3t#U~=+qiPB>{7R*}SLgFqs@f*B7B=ZbUz4}}U;GTp zRumcX26^E$&v=vFOn6Z8_C{uLwlVJ6!CBH+bC=2FIZomdww^_;6do)$_aCQnbXWW5 zRLKLYlX^GBpA4F)Xvw%NzpoG+qJ+~)*Bi0SzfYLmx2>t*YW2UuIU7_L=>7}Kk0wx` z!vpyAq5B=SD(!v6$a5AJZ}0_!M|_5^{e@ZVVyP`yZdAXHnmkex1BPz$;EXI|v5ik- zjOmjvt!D$S(5VI--lJ`U(~~zWUN$b+k!~q^nE9IT9KV94>F5hM zi^2s4E`+kVw9Fc)oyM0{?zM)1B{KeQQ}ukJl6+JAFwS=VO}eoM;YZMs!eu;j0I?ll zJ%=3rm=D~&ybn_pajk4Df*LX8M3{Wrtt(E!tI`I6isx;-5P;dVKI72Q_%Te8f(Iw@ zga;`J@D&G5DF{Mu-8{-EF#q_tx$&!fN(r5GE@VR2;@TTvBt0&e$uqb488inYEQr;0 z)7z(>C3?@|e)edv7qtV-72N*`@8u^`n-2WByM0qFO^2kB=AhcTiju8_;R1#{r`mRG z^xl#70SS5JCLR1ovai+1+&izuPKMu}*P%xvcZmrrKQxSr4}7SdnylKpgfQEGZ{H{t z*$8EqtHRPL{S<{BpF9$wOq37te#q4?18=gCMx($yPBmN9Q)&2Py1!_XnW>yl?dPqv zV~HBLH~1j&GDCV)qkZkBFBU={fYs?}UJW>-%C783Kw8nMEQn(V!?Hj4KtxJtCr1QDNla^%$b)4d>7fMUx z===XG8Z|4oUOIZS+L7E%!1&d-P7YWzM7q|-si^}t%M!zTb%JevFrj|M+oK}(+weax zX_+mo0%~Sy8>)MP+}*yGt}QO>Uu(i!?c23>md&ua3t(4HnUF}XkfE|@>fBhY$e!Zu z3-djr&>zcfCFzRXzU%CzJ%7r7r3T*%K$Q@q7W*myEN4B?v*$(u>f{`IsCtXA<^c?* z2a@qol@?-6*{6w8r1y<|lRADu(WmB^7nO(31bn?qCwF{w=j$;D8}4w*BYRI9-+iI; z@VX@uz~G5Ba-;la(GEKw)Os#zasW?zF~5qUI9ZYt2d8Z}DCUTlBeM&%Y*OVhl_L*!nZprm{esjn)Mm=xxFTSY-zVd>)A>!9> z(B@mqX2M;K8Iy#bXx+A@kw-Eyg{l4@NHKC# z#nTG!$hhk8j}s~|yKbq#B|Bxu8Ki+~Uksh1!|6dAjS<3}>!C9%OZFb1`Lk<-b|m## z`eOYQ?zL0hjQy~%B#BkX-!0%(o18Re-$Dh195~r=K(xv1-_RQrr4To6mtvx^yTi<$6Hd`PzP!p;*&gYx3TiB+}wV?1W$)38#Pet z4tr5M6+j6#d>z_H_S7jxea|;yRkb}SfOG|TQ!$zYf46(mJ3&)J9ABw%$MQ2F{{neUu;&9W z$Ey{`QIs_n@Kl?rZKZDP1X0v&y`mA_(Mt2l7EV(HR?K9bG$S3dHLC@C50`d{9<4u0k9=u3T?O|gg zh4Q30Q)dm?iMWTsoEn~E@=9m?;5PD-7+R>IVON&d|ID@t7#nX zftdYblYIyE1m0zq_-o?oyKsL7DSr3xXcQ_|yQeCuF{009vu))nEKAkSp3iLESgO*| zyqp4|Ki4iv`dXO<98}8<95VERk+2}Z3cnHkX#p#@*;reRvDS>ZvM&Fuwd5Q(#Q4hB z7mCFd?4MIR5R#6B%#Xlc-v(!7R!X2=+zpQvM)idJ}odms9!^f3fDrx`i|$^DFISa>zMc~T7MZ&`)t6zn@|~xJM{ySJ1%c75m7_z zKnfdY9jd!21rGUR!r*G)hSNP1|GeCHC`pqce{`Dy^-<*TAfnfEX@RyEA1N+){S)C5 zkNrS{Ic(q|{hu+gLoHI{tuk6_ zLTP$}#$ujlW$gcCb}H6;TQa71R@0Ly=m=|=2ae+ATv1h>y474B zi`u8_R*M4LD+!{5qTO0FB*S0|`m~Z7Tv+4@?-08s=#U3HVu1+m1L>o3YkM9+XQ#Bd zJkznxQ1^(WQk>F;1gIe1bhLbb0ygbHJG#!`6^tQ)ErzIYTNlp8^C+6GQ6^e=FVpNQ zy4mGy<5oZ~jw8!#-#jnh2_0X(4RnOr0%Ws(%d=9LI8fQ@w8mi>IIQe?jOLFJm?a8} zV|qC;@6P68kOyg7S2+e>IRb`|YND-c(BsZ z<6C%*g4&_?rOSx)sGYdLJCi~S6E>hv5C9bd8xqd^d*M|5oRufBQ^q31Fk{3xzDNBl zF|7nPgnZ<{BN+;8PSlUfFaRZKS_kSnTK2~>9|2e6tEaeWtF=c^L~3%hj0(Cx7Z`hV z`*{rqny!Kj6-cL2%QmssTVr&g>(NdmPUW$RTqjM3!PJkvVlT!Ie}isjWew3ehX@cB z6jK2}-Q4h^YP;jJCO6|?h7%xLqFXXRCzeY#!tV_@(4ygG0*>~Cfa?2(g&2_%H79iO=TS)Y1kZ6&utwjPiMt$XP$wR zb+Nw2Lw-&($*MmH^OjV@ai(x!L=wK&CvtYsuGo?PV3sB9wTW5D&%kf$xr=VYocBcH zn=<>%r;m(DXYL7b9R69GjvS#A66|u>AeH@U35Ei<(~L|A`hx@3k*WPeTpz2_WUQ}( zw7xkXH`bR9N9i3G5t&%=V_%^D*RLm5vIOM8L&`B*&jM7@7K4iyy7zQyl!gRTDUSY> zK-T>6`iWwYDj&WEuvJadFPB6zbI1pyK5+vCWUWN$CV`WpyN%*nxp4uL3-HhHhm^li z`_souv|BgJD!Tgpsmwpb=m^LgOKTpWgFoTkPrsEvb7?eRi|(q(m9_Vu?WGH>i==Vw zk}oy}kgIw=2M3KH zMCDR&z8c}=vfaB2~>tp#oBWs3ItcbRaK+RR6P+v zTAC7^;ZexvP>xN&K{r!wb43+9=)I!LZ8B|&MJ@n}XM32pxxIH>uI+V1rt^LgP275Q_tf zP-4Ne(qXc1i2u7JpGj)yRP#XiUIuu~=qtK56JYlpd!Y<16G(QT461Hh(z^y=WE)KV zge&hccP4-X)@Fj*#mDbe#2P@GN?M?ts4S9u+XpBq$mlu&onLST_nP^Aq3t- z5@0g4K)g`K$QF;rp<~_}@k9Q|KJ*H#EVw-gZ^cxfpJCTOB~zq#YIiWXKaZD3LHTc7 z!5^%ryvNbPajUUw2wnuJv~QjRaojf}m0OS%lZp%u>=-Pe?ZLE1dIz<4rXG6GLfAsN zya})nsG**y>64La$owAUNp0VwCzvCUa<0HRDD#Pp1R=JWbFg=rJ=@2>R!RNLqWgx# z5>Hl#7D9zX+Drda);1fmeTs{ShpoR0+d-}D<&h8dOfhesUvoZ!<81gU^s)c@k7j7;}y)s_!7jXUMKtP9#Go2^sDb(Kz75Gf+3P|AKA zY_>Wg{Slx6NE3IB8|6%R<|+zXY>}doI_bg~9ud4Qz&+VOUG1uwuZWi~k&4m*Hb<*~jsqMfIA`bQ_EM!s#@ zv|a-_1+C=YyDD0}fQr%hpA78=kF-x~+jSkGj#d%pr@$dPLl3$uVUIQ#ta*)>dSIs3eWz4K*?fK?S6OgDoA}!Z+)|qXj{M>s9NDf}NKZ=HC zS3{zCSg46I^3N{FC(Q@eUK?)s13H&`uQ-Pc{SY*vUzmZ)?7^hs4s@kogRWk|;LgxT zxh`s)FT+b>5yXL1Mii(zJiQS;FQ{y$Zj^h4X}iEie@QwJzO$#aHJ?9IQ-TD`B zzdy&Xyi*P@f5S&5V}GjA6v{D^L+$>MD*cE4wxYOAv#U7-O;L6XN{}p2d(?My2DIbe zipo5urb2=)_&Kl6Y+-a9 z%P{YlB+5N{A!WuSP&T%`C}up7kS>Q8RI&yj|CGv>qUcFp1_-ite?54I!e4t>z+TNh z@z2L>=P42kG~6-lVfkhXm*4rf$cbW!DnNEHhdbRWB z7u{EYS&L#qrfocAbKUv_U1V46lR}bletdSJD($~FoN|d{nsI0K8)<`2O_G!!Vcp27 zosbxI{|$}lx@%6m??OXkld;-RTqFRqb(45}w%xhTx-SWDA?pBkdY>~Ah**Zt7Np3x zx2+YQA?+d;aLvL-r2xzTN34NhVz}}L&_@u2o)}s!A&P*&Gi7MuxeknHMHA%leGhjE z;|@vw?jDbk6|IedbH_LNZIHRB6URa#Jn<^gXmOj471X5jDt=6d;*2>wN~InVSDf}^ znT4qzmh_V))g+hcFI;2SA!Z-;UI~_sx|{+8d3=x3Q0;*zXS{hn=+sJo=#N=SdfNeV z?Y7}_tRX&EnOrAGVHlB98Z0_&w6eoFW1&rel-!24QnwccQLVv`rz|c2 z3gHhWl(N$N%u`uTUt$B447t!u8oS$^Ut|f&GlRo<@8>k*SVwJd$En@P-o6!}S3($pPSrfF;A4lyc(;yMg_p+NHvvoMqbjBm$@C09Rb`OueXeC?U*c zdU)s8{*bEM77P+*lVoVz+mf^KZ};Ayh)=!b*TmhqK?6SfW!BuX?v^{p;KBxAcX2y~ zvxKSk?w$lis#>I=8N+J@rr3Nd1%Oej8H`gS*8F@%Xh6@hiXv;b+i6l=wI|LW6B!PW zemrX5eW6c8V!=V;p+gO?N397!X_#Xg87b6w+eydj!$8V2u{IjK$hj_% z@30w0I-{Z5ovOx%ZJNX{dFN;*1kXHQd2j$nP}GIi3h4c8V+T_Z;4b@KX!*YYeg%R0 zdu)vMU1|EM7lwUwZ%X4Ua_+x;N-q0WutZK`rB=d2rF8SdKYqwEZ~|4Y~M<{2%{vgYC1pcEpLA zEMhdWQ=@Hybptx-lNcdJ__XJ{#8=|>5EwHmSy}1F|7}isEkzslzglmgQWtHcLpzHx z9EU$k0U`wiSIvB^8zB0X8>5(%Ikq%CZz~xLu){+Khl3@X;a!AqC|V~TbyE}FDv$0l z%T7eUQIIYB!?Sk2IcD(DsUd!`2fNee>vyAmk;=opUe5qhJUMa={{%fI-ip5Wr{K7n zwOo1|g?d+N%0@Z|g{eFxeHf|b*9bN<3P*>zU3#9UUa~1uKBn*UUDboSF^|X~Ky@qm zN|=z2G?%f42(Fx+yd?X@l8v1N#`rX&CtJbsCVqGVLd+!ZNHpW+SChH50@`)umTzkh zDD-g`00aUAG3-ir_2>R3W88?a1~GOg?GVCuZr7aM?-zKpH?|wO1iw1mjS|PU-&95m zG~G*NBRTR0F!y1&h|`oByathzsk1D==kQWt%pIYHfGc=^M~l8!Dkf^q zcv#^r4t7za63V7OqJ23D$&BK@-RH`f4(tDASWLD^*a>DJ^Y>?!wWd9mvGjhHJCCu{ zc7`}2C3SjTdOPzAWi6PQERE^(-&mr7G^y?nc#1~Y1N?>QzLm{`Y<&IlZF(nPwSp8q zgrp67t=9qTMA957Wr;C7*S*zxL9v5y#HPpV7uwfv*f@}%^03X>9D4F_L( z>|U924goAOSedDRKAg@pwDJ1{D`0jg0-%tJL=?E^D??KD`C zmWTBTems;o!O4Z+>W6y_$}BHHtZhi)b310D%{<|O58g)+6unhP-B88ibtBt)y*kcmnvEnkt0FoU2 zz?dGA1b9o9V*sM1l;KpRx-kHL7sH@@?XMS@j{3hsl&;0PrltzeQ8d1s{_L?WG=T^) z^g#xs?#!C(Aog3ZC~YNp-)Cf6wg*-QN>%(U<}?G2g9~J%PH_>1%k8|Ah$hjhMJXu- z7uitg7_swl=`hd#?jDOV^{taj5v0=PScpyh1ExGN!A8ZLDVgQjjGx@l#m=P98{S^l zqmaV|G&OCa}w# z1!n>?;T(Umg2ZXS_BjeAZcEVm%}T9Mbnfr51N3p(pGs<$V8I8RvI4TbSl+4tf_+Pf zM7E-(i2$2(&X)@x{u{s=B#aqwkMO>}&c)#z3F#|yPs37s5<;7rEsoF?(t5y$bY*fN zFGg%(bY(BmMuYSs&npHLDTBDncNI{uS(8S)zRLtHENXJCa z$PJK@RkF7=v}0nVlLQ*tSQ-PE=@}VW;mF8@olFgZmiBfchCowp00+w6E$vLHK3s(D z9Xy;Y%`Jd`VzAKB{fYF)TZkSYWoT?|@8)c62{5!X0Z7ry(gWn|-9Cht07`p1fRU+% zp^X{9-VC5(ssT_{7FALPh%3pfDkxLYe*{)`ad5DA`k!2cl~q*5X#paFaw?(#Q#D$E zxT>v>QBI(R>E8kVGzB1IX>4leZ2HGZ%>Hks?MEp;oId2h|4ra~ zIGdXO2aScH^IyI)3JNj+TSH4bpsAgqo$-eu&=Bb23^4dh_VG3~q4+yNQ-H9GlhYp# z*?*~={+H%osSDYEtW3wo%g4~|zdL4V=i==7kJ|j_vW@NSoGqP!&VNTV1(;ddnEuJ$ z`A^R*?f#O<3d%`}i7Knm$$Si+9i6QGM|JGzf$qS+tpCIl6p`Tua5Az3n7CL0j2}ZP zYG)#BZ)^LJwKLqG@`+e})Cp+s;YVVi$5~?m+F5;fby@6 zO7*czP3-M#JOC!9W^fF0_P~#Up#1-5pZyn?n2U{#oT05L<$ss-zwHcdEp0sh)AGMe z)J^{+ODSjXWNT>iUph-?F-vz-69r44vBlq&{agMwm!O@wjVXYRiItv_g`N3tjq0Cm zW%Dt=A7_x|pCjy#p8dacAERk(ZD;E23}9vaOJ({|j{i#hqX&P|1~4dz3o9#2()^#< z`O8ey&e-0>(#{;f%*GBdbaFEEfMfg^2xc}mfEUxpY@3+6|1~iH26{Vt;D-yq!3F38 zFtc}p`_okp4giDfAJJcklLf$_{BOhtU{L*E#Pwlm_;17sU@-bO;sP)j|1V---PM4qyQO1Ae68@{cuqME3X#{%6w^{v2L^?MudgckzEt^}nz( z(8=D~RNd0#h-HVQujT1n} z%=OWI7Ebm*t7Y@~4`1WI57@sp^vAgU3;#LY0H&tyrp9n9i}uDm!B(l?L(6?d3#Tg} z$++mxsxbLAq!J)jGNwE5utoBAh)o5G0$Tht$&2h|B)D~blLPEZG{}N6Y~D6nzgAD( znkatRHT0GB#X}So9LrUsR}IXRUG}f&BBnZ)$}P|=Wu47zOK2kisE(Zob9Hn-#V}94 zqx?!C)~RS)%ZGF;o@Z)Ccd|isUq;65#9N;31O>i7p~poV_6n|0&lwbiVvb2cIsE8G z+XIa*7Wf@SxtGa!1VW7tU(dMt6&$m#ET--4m*lfyleVaAHo z-l6?AHn$r9v)0&(hLLrf2DSZ^m)K{rJt)lzM6N4>E`gQnY8%wJSbfw?y^(F79OdYX zAQdMMu7&!Uv?Tea`I32?|}W{)Iu^KL-^)jYm+3C2cR2 zHDzqBy0obVRx&yaJmvZ233scy#Zni9#q3UD|L)!Na2h#le6(dGkcL*QFAyK<^zIe> z2j1aO??%ZS6B^Xa%_dW~boq>^Nc4oxK9QS~46i31=vGiVp+7&f9}8-r+mTt6xhCx+$bj zFIB``)h%xQYu;O1#YS(QGgRU?a;4t(T)PwlJY4t8EkXT|u}D+i)k;!QO8S&?o5JQ|B6}H*K=E(3IDW;jw!hprh$N}>k{xAh%AbW} z%{Y)fs&}1aKf)JVAjDbP?GV&Il`y&s-s}zjIx*W~@)O1Hog`^JRp>oG(MwK?$F~mk z)XlfgJ|p0>d4;_$aDof^wG=+C<`!j1gQegE=0JDD3&pR6Jr&!!|ukBi;;mWtCv(8c&1*8^AG|Kk1fo}zX-Kq&?=q%+<8aRtx9jF=| zg)$^#7)cgY=Y^ZWXYV)NykE-V5C{tXJmZZ}BJD)XU~IH!6O(pVbgA~0QtrqgreNj4 zNiyoL0fx8N?yqXNG1mm5_j3EtK}}+&`H#9AOgFlkhID5~l4hK|wuGx^z~qZlOGUDU zt&r3U%beS|hr&jW^j?G!C@_=CxhuvNT)Ph z-zDfAKp#v9#(nez67Gx$b384gJmg7&BjL_-<5ERe`xxNGTAcfoN@@4eou&?Jz!iuV z@fzq7PjWk&_f7nxsZIycp<9{j=*(~JuzqLd)pd$OO@o_AwvlymG2@5ox!fPi!nYqa zJsx_NE{KC_QM~N@2hx>jI-YG^-@M67$>zTsS?XgfRwVYRL_Zr!YA=Fx{Xn_*JB-NW z3Qr+I4(>A2ktUpatQ^vr-pK=Q8Rhd`tNGfW6ay(}Vsa99Y7v+*kCW`H$ zgTgtOp~%^nFfYGcz0zqW?7!KVhPis{RKm>tJg09!uJWou?XM=M+_@sm(u`X`4^^QoYc+M&$p zOLpaakjv_$yB=Nrb&gD=OiI~pbfeYp)>+o2>acM2Ip7 zOj9ta4nq>Jheol_e5jhKY)Ir`Av#zjZ2+omyZ{|$Btn`^=HI3*fG%(c!kcW8_^%-U z92m`C8-|{A9K?innO@8<(c_{C#-5bT9yE7!=bDKqvbV6d>cihA)|NWUY)Kb$Rd#T(3)#OoT&(@sZ#fZ=`pnxbp4>`>0YNG zH26ypPLx!45y3%h6Ja@sho%dP5C&i=GIL3Srk_&RIkRb6Ws#IpPo}EgQ*G;?aeeH5 zOywOS%PBZG(_FSNUA1z`9mT0lF2Pw8v(WMx+GUFd%)Ce!M`@Dxef~c*_`hu!T35wZ zo^pc-ac@9;WNcG{L%TcvX857VpTHik%=AYTHMVPoBPtM4rk4smpdc$Ays!y|cqO32 z(HlNWqT2|0K+A(hBpUjO{w{N&E(;XI9f)g>-tqx~R_{Qa@WB%)h8_EV@TuDSWy8pM z72dvXzt{Td!+|x+A94=C@72?@s{_Ftrdo-BYm>T`A7U7nANy&Xdt4u&N7XC) zcsPCteO_^k9%I*Q^jPhY?Ygd9C6~3xMk42P+q6eD%A6;dg%Ro^YYkffE39Ol=t0Z< z-}E_H>iatMu|QI$M3-MRT@1HnBA=qel1vrs;Hy0ba>>3qc!r>e4#G@I7bZu$&5k1y z-Jb6?YUZQ&-Ph1!U3+n`j>#*gF(o|g4z){e<_9bN>ul(5KG=#RuJDe82!Yk#^EUl| z_onpeA4_|gmtq637jL-Z$V{Phf71$^NJ!ZM-t8g>%6`M z0Dl@6gwy|-UO)U;y@sC@vfI2w73E-IY}-oR4UT<1meSR`Gg9)8RQBLpRA9WHcQY>? zpv!R_twEwupp3@pS^_Ue4KD?QOHBv(2uDj0 zrOFtK7%X~8isR#3P@I-DRw3VY%W$%al|n_~hap+t&6@K)Bk9m<;Fx{5Hns`aaT+MM z(ng6^S@TzkZJSUrX~WWrfr?H$7?9RU6wi;$rs7n(-X_~FWT-g_tP8pPD=g2?i>fHm zNBW1Lt>liDBDKW4C!BHtF4Vecu)~j!#Q)VfHJ=XWz3cjLJ=?GC6tVCMi-0MP$9L|n zZN}>@t!b>t(0syAz*ds`zVF`B(w~rwSTU|4P0c>J_kmsJ!CPt8HtnyS^f`mUn{l*a z7B6gIi3<2+LpdK{){9l#({qV`;3~f_a&LaXy%F*K##Vxe{a<-e4O}+T3h%3xNsF1< zEoQ5Hh)!#z-S~i0TfMC*G_Z5p|R1=zHaJHt4WPc&tdzDL`r}jbtOM ze{Bsr4YScnAtGotikTD>lWF2cK#{+0*7yte-ffk2k@8f7yi!&iPf$mJgq&d^1dq|- z3m+{*+0^fVEN6tWU~2y40f$dDZ^zXD)O+a`d0;=^O z1qL3IM3EtnlMR1gUb~i!-6wC5;b$O&;=ao>(9?R(FZ)M1_95XBSGMkVTCY{Fa3Ghz5v^@v;ZzA#xikcl!HYkGKMUQ4dA^c|$_-8_k-=;!c z%<94k&IR|S%9!6aP&E@G8vSlw=%nepkUAU4M@J0Q%6Rk^jB-$<_E|0rHSh`ABC@~$ z$1c&Hq-?^1BQt3|UUju3=cqj1%jUW6zLaSA^40DEeARq8roS^nHM$qQn5nHd*YAS8 zL34w|Ih!0~hFyfg4e~V{+DL*5dM{yYhwCkVZQ?Utp#=UinI6e8)h|NdSiSO2p+_$fXD)S7Ab-L$lD|i#7dSSNC|Dimy zjsZ#DpKC(2=3B|eD%vl%ISi7fGEjXc91sVcor+>64J3@l(3>62P&Vr*c>*xX=_ z3ggaQ(S{tNs%Xmd_mTYff$h?z40uW3s8+AZ^CNZLi{}5}Ws&TZRp7OTi+Fk~mq~s5 zk3&VlCvDK_hP67fI6Nh|ao<)v41;h|SfAw?hH3$7UlN5$8Q}LpaWP9F5h;+!zQPA+ z>l7ITWG3hro$hdE*EEy6K~+A_3sNU`{@q#Cls{Urepc1pqRSVJuv6Vk+{4$fc|Jvo z0+m7?WyQKz4~Htn-q$uh1gD=6?EuVlyb2Ov(P|kcyBN5nZ1RB!&(@1QlgY54)n$T$ zY_rYQ3;W~D1UPC!U>btAvuBTAt&YifrLxqjG?R>PoC=?%3|sEhPtg$j+w`(lB1bZEsze1NhH4ws&jS*(VvzZ8=s7zfvo}7QG&nA0wyl$k;!7BwY*7XnR zeXsi~H8>gvR1Oh6)K&^a1~M?eQtCo8O&KDy8gS6^iOxo`$M-v*Wgw70aiky2ib5 zF$j|h!lP~r8V!&|c_pwV;)M|!M4;KHrG%)W5eTlaiLOTs$EQw&b}Y4fzaz;-_S|*5 z-uW|Z<}ROBXL^A&?%g%4^iXV#@Mb77gu!w3Byp+k{W&V-ynD}jTs3=0P^d3*a^;;@ z<-rD!`DT;R7QO?83aSFT;nJ=(@=jl(OTTe^*(1yK;*brx^S?#oB-bNQ#q3#<)y?C`U`E!dP__yC-*)46H>+I16R;1CwbMiN zySA&9ZDt%c-76$nkaIj%!>$h1&_OTTS_gUvhDTk(vhbHk&vZoU)CeVQ10QBqT94pp z@<19Qx&tDdohxT6Yri&?z$4mWBzv7`>Lvy&*BYJ_Z&GPy84>JsS3r{`d7P{U0JGbq z#-^E)1dbB9Lp5hqa}eJG`#1(XqbIt(Y-C~uOR~RfNv1PZ9rjdaN-nS?J#8{Kv}s~Q zO{wbpQpCoySfV(`CsHat4rJGS@>hLN;Eg}Tg8uqHF#ezz=XA1ib2c)rL=K<*(3E_&ErTR zn2yKPcgE&2QtQkQ%c<4VC_@PR$LznKizosIU#Xdc!k>ByUz!quKiBA1lV?DfkvxU6 zC6>6r7`f-Z%bb>MQ_BdLwR`5K$Y!!-0PKs4=qm6jV>4h6s-J$};fF~SUU8-VRRp0+ zI=53|cjf1R%eE%$L<`EO8%Y~3H8M&ur5<}R*j zZwPLxtR{A^#?)U5o-KTkWg~sZ`JAkbvSe6}e5Hek=DxBkjxMtX1AY3k z4!%9^xSuFmxfq{Rp&}CDvZAbGo1;GpVsAmbm{>hY{%hUu>Tb|K;Hdbne+9h?!pj2+ z&ZuYP;aP8y`<<@(`L$&S2UZ50$ayL(5MVs5pLMKwKrNBD6`>+fOFNImt)@{n)N6kSrZWmbc58DmvRW^SD zm-~&2_K`p@<}h$F5j5P-@cXdaRtt)~X_eD7@b&EmLty{J=;T`tB1t~wrp29H@f^5> zAR}ia)e~QqZnKz}nm(QgaEzb1u1?UJ)xAP`F$T#mAUz|?ut~vF{`p}Koq5v`2)Sx= zU)bvbtC;033!~ey-9O&^!3m_@Gd6Lr5}R*2!dB4s*syoub)>Tf zKmnkre>iSchm&{d#gL{F!z*ctc|giUfsrGC?+?5WCg$ z1Tw!f-W5_zp)-nELUyEiKhaeQbWMmLMAp}MU{b`|iRK|$h}@zMh`A9Gp8L(HV%?E| ziC+MDnv5HyoA3p6`}2Iq2v>URuOqqA$_m>xPurv3XO`-a*N8FfKhKj?VqVUn&EG>(AKC2 z{LrgnQo|qQOaQq#f?8c}Nw$U2nE z93*ICv?K++Wt~&lo!S1?Qt{uB)-2gBPcRYHy~em@5NvBp5{B80^442gsDf#o;6eft zPKu8_Re6QSfDS#K`Z|!AU*WsMA5YQH#@Sxv#cdpMewHs(VODs+U0}KG>Y6U`Fmm`< zB$N|;nwP$bTUI=_7Yx7L+o8J75=nH@fPB@yb0xyW74jyY#o2H0g_Zd=0> ziK{65;u@^(`8nwcx=1K;ga1RS-Jljj$RZrC|dys*;kB!eVstqB4T zwe6%jyQ|PyXC6xA=}PtXyml&+qf{zsGD`RH zN;B`1O%Aq;03z{_nFM8*04B3}4-$rNrzos9KJMs%qd^vpomC=5svj-E`}@~d*n%*G zPp$w+=e*DX$LB?A|7>O(86KFDd()!H>*F$Z?7t;5QuN^MkR9VtIU{g1O4~zn5zQlP zvIQinX6fUi;BOvo*vgll7BASocHO#K-KGH3E;QXer5k8v~jt!?-%QHk2IORH;A+3W=mqfJTF zxtXpFAyo$)b>InN5N7NQCKY#UI`fIM0G$wEO<6t|ZNMJt*wIYIxkPUe)dGra9Iy{c z3W_2u3baRJ|HBWzvjRGfeUcO?c_Sq=(A#wxTiJGy5%2UGgNH#>tNWxsTPALln`Ov1 zAvYey|9%##;KCRM^f9f^&ek(b?5wEWAhcCc`u6tN6^rQTSHq{!Nfgkwm9N6?DO9R< zH6lSO4P31Q^v7&$okP-V4q@ELmcjTXooJ>R+R}CxObnG%HdObF!9zb+!jf_-7c9Y7 z$v|6Th0lGnJ+Cf6VVD{WF7p0D7f;TZH-Tsl)Au+C_1A9Un6elp$EMSTm^wF#WQpLi z$~kq}ec@8F2Sh>dMBNedngUqtGjmcw@rN8(4ivA z5H8T5A5N)-I^=aR>VXyKA=pfC1|ynvHgzt%|G6eRj??ekjvjgcMrs6Jy1rY_MINQLW>hD>=w$yR+ct06WD-+D8! zo!kz2ANeUaLXd+KDV=Q`ZckDM=gO2^!0ReKygI_7&uMqi@4CLKZ_Ycu*4_ zpGXjgRI(Wr4xEm>MB%vJBEhdhBT?Wth)|pRFcK3Se6b)S(w^KQwyRI0P)AqcC~;(-)M^W8`hHg6$M4oh9+kP=dDYeW0LXTWs;01c0;SUo`J?SJR?9?VH3Q7g$edIF zsTUi1R4c;a{a~Z%@$cR|m-WJE9JtwNwA&ZK7G2&%_mn_XB~yRTsp6Z&CDC}R9CnxD zglk*X-vlz2`@{hR`AP&`{20-&qvki)Wr$RwlbW5KX#UJrBv0D?$|fPo1gE&=7_Y!p zoc+RLP@zV^uH%aRW0eCWw8iQq=QdN8ly-(?_6|Dl3hrTNAK3&e5YzXNQ6w;j;!WAy z53Qy4EL1vVhWr5%hXhv~7hM(?CpE|_=LBI7hY>#W2_#0pJw?iX730$)eyLH^sbZ{U zppY_`xl%wh{xuX97TyG5juOPo<~SC-7=*evo5D7t0Bkq8l(~Es4m)p)wqY87ZQozF zMFZbI4o_~1b<|JhA&ypHE1Zb&r)&xnXSrD&4C|0A=d)h0f58kP(ag~1qN~Glkud{{ z#`wVHnA#gI5iBOVC%YTz08Kg%OZ83h(n4s;YRkV06|z=~tkBbwUFaZH%`#q*QvttE za{=Ew>a1*rg{@pp1XkJT^GuSjLh3Uuxr9 zLJV0qUwq4&&-eS34Iw3ek%HEr5-r3!%)2+1p5}MY=m0{TDRdP@{hRL)cARYX{Gqxl zbUSWS)jw&FgQ!F-TO1p*=xE)5kmGE*@`(Yv5cFh9am@{(9FDj#%R-^XAgf;C(I^wxl_>L z<5Xzs{){s0!jT^P*-5^E_C^F;El}BydNg3j=qb)?uKdsybHk)YxERybBHYox{fyO$ zNU?*6neiQ3P`tGntIr5&>$Pc7t522T*dR!NvY#4`! zi8$K{xC8mXa^mlglYLz;8F$h~5$r)1<%g{$ZaCvJWbpQ2V7!B;vR;Tb#Nz}@b3xV) z#tLjnOj~#D`g4kB5JR@W602tm>jxoVj z;k_J4L}Urwe4*S?H_uA)dyGm!SVX7c2u^Rw$y&fUR@w9cts*Y{hO+M&EPV1!Qbw8|2~e|~9& zYv|v69zFhMS8dyQ-HXp0F+=Gj4i&`kFBc z8Nm&G=h7ei5;?z?7lFGbHF+=*nid=JGb^lmq{V%;yKu&|y5UNZJhGZCfs+Sm%72(n zBCqTgVCKCZYz*kc!RNK`FMBN5W|pxVCbP3yaOVOnK1vlZ-t%_zBh_|f$n40r^=Pek zuSL=qQT%Xh$-JZp)W)+^I^#(f$J)$n+DKT^df!yXnhJk9PH?vBe_uQ{f~*|JDcF>Tx3z$IQ|)%p{V` z=^-(NOY=OV%vmkZiz7QtTepatHL))W0>`t;@YzW84TFGO%->MNDcTE_5R{LDX%SrMGUksL#y$VXa z@O%W#B#02l3%(mO!|W(i|(cW+txzs3alNDFYGc)vMUc8jC_M#IvT! ziAD**L|b2BsA;e@$W>OS8*FBtc6~PqID4$=n}GN8Ct89IK|0HOdUxm;1mmHO^u(Jm z>#UH+X1epQ2z#iq8q@~6$j9{P`7=~n<6kpj2PN1y?CAkUT1j7Q^b9&Se|$qKt5fjj zzCJ_MkL5~ntIJPz@DfFV!sdmd8Q!FC?&!W~RZ?HJSIig=>!QrIKs^$zZ2R5(xTp@3 zWOB1>gEjTS<6&V84VQRZC$7nt)m2jd=k#b$QdXd~M~2#XQX}Ga=z2?ck8NdJ>|Ci7 z`KAE~EMwYu+1cwiHXp^YrtCo->jCVz=C8``CwQ0^w%OdHoujN>1uEO736&SOyOL$L zn&sTcjY`*{VP=z9i2k*)HQ{yA*go=l{?S+3B$$=5Qh`LiP&ri~q6u0cx0hKh(Ss}z01fSvkeLv3h!dYN*FouaG*DfFYQj%^AG z-_(|{# z)fC^1>gy3*I|UREZ@@%pb$@eYmtFcqL4 zcVcL}Jauoz!K@T@E-@bdD)75GB_$i%ax{Now{shhVB3?qiSkbBc?V}e0UP0Ty^aIZ zkdhw_`Q$e-sRVg2&wxb(aBRZFFFAL;gXZI6j)kj&2~ z9P!lZ&H?gb6V#IYGqfes(?6Ast(!bJM?SrH1t=d5O3slJBQdH9OvGXijrO*d`BZk& zO@O<~SKFtb(sEuCeZD)$?T=V_uOL})hc>=GtB8i%euvR`yxsi|X~&A~@TcUtdo1;$ zH~$pRtG_uLrtme#kEmR1*?_0`9Y<##;axE3oTv78RhmhXw~*&np39NYLmaKW!55b- zzfn_512+JMmA+6Wxy+`!eM4k80W$sc0W^;~A`!oF)P zKyEMR7k!uz+-oX$IeyvY+GIKAzZ&3WGL$#gmK_-R-X{b<1VJV6`}}BYm2+nuwcpdk zw;brjcc*bx;PKo^>m7u7)fi}cVsjzyQjnHGbKJ0}G+r=yb6S+_M0JQy=1Z1)oAZ|# zs05Gf0;1hZc42`$5WxFz{U)$tAN0^73uK9;c2pcsRh6?h2Z>hEH3{KemUa(HQlyA= zqBSW%ZD)uC#RRe~*i{((5X9RLW!DyM^`mpEkqYJ_V&@$Q3H;xNdnV}^zcQRgI%BnS zS?#`1AS$t(7(rP6F2BE#r4Q4ax1Wi%h_pZn$sNa`O47G6aKa-l>}){&E$cPlrJu{d zs;V-mAS6*&mZOO4wBC~+mT`+wskHkFaW#YmQ2k2=ZFAxoCDx`ZW8f|WN2=Xlgt)?e z9G!w2GKX3$(RLaZFB>B6{(jN7F>T3ydBxd9zB>!SoW#g$z?CHWZ?tuKzAgbTeQ=!oAw?bcH_5yHZi5oEL#{euXMc#m~xO^4VyVw^`! zr&j2#0WiWzGO7L!-fYYoXzv|1u?^_<+5x0J(H^4IN#OvpN{yp2^h2(^eSpD?aZwNa z{wn?vCGY+Q2znT$sM(>R0JBL@C3FfgG;2BqZP(q8+_vSC#QF?;wjrZma$q&NNYL9Bc1z`=@ zYM0x8m|p^j#O9$^26;+M|J1GC^2iA}-JQUt8YUA673s?f&#pMYj|on?6lW?iZFXlT zDr$OoG)lmn|9hPO=^u%}Y}9xp7NeIO-0>ht=+Rf{0mxlpgxYS8f$+yxIw93OX6YnX zY755EiP<`MyKAUDRIe7|Cn$3n09zD<%@={qmw~tUlOu_w6xyhpL>y2dKGZ0y^X4hf zqIV~hI%~D3Gd7K)KE*~Wi6W%h$a!c_g=TzsNYD^lsGpF!MSh^`eR^0@y}>?(Ro851 z51r&PPcYVxn72q$kW{)^HxKXijjVVPf1PaD0KlR zOVy$g{s`%Y7<1O{(UNYH>NJ9^k)%(_J-X2>xFOUa&DYsKaQ-FW$l5kJ7iqWmmr#4~ zjlX?d($eOrS@5n>mX^EJVmW#~Td^haLePCQ@A8*ELUpP+A}pwYve+9JR%)mREyC*_ z)e*^)CZb106!OME1B!Y&8<4a0L~BXv;S*2`Nz~N8r9vNh;bhOLJq@oDZX+k)xv%p% z_5s9Hu}wMgKSZsMmr3*X0psV26#@5Ht zxTyB93D;|%)shkqSZuw;NDZVOdp!`LJf+7ANntqeCLr#PcTQ6T8(E}o1g_?yKyu24 z(g5RO3vF{nW~LYGrRA&3c=zS|c!$mh)qWH=Q>v&{9ME7#E@zshamBkKLS+GEJCxZ- zO#FC8S&FPgL`yJuWs4=nx=ylxgcSG=(d7z-V5w6^!&bqNPcrHsKXw|wOsP1RM9^7D zFZ{}wOwH&#+<#hY?`5Jv80#;#?XwStow@gZgTDW{9NCofil-zUhR!>I2{RpY?45L!*706Jq)ii?|_AWEL z8cQxZ=En`eb0jlA>4GvkeE$Q8lrHCFsg+d)`w^#MhCyxYEp(x)UK>m=yI>K($aESM zH8=M7f<99Y((XE?$d>3P9j;YVKz}B*Ex`FdC7?qAEBm3EghK?2d#%oY@zQ(OCxQHv z@i38;3m&dof=ZR_L#-_*JDSOX0rLBr=An>Hj=eG${QSvl?l~mh3TsQ@8?DI+9xm|D zl8e^GQ){S3&FZ|s>NB$P?aqbe4;wqR!( zxbV#|1kpC(5O7AtJs5Vye3z#$Uw>$ThqI<5++4WCFBx+`A3j^pP0Nd_>R;$UPpqdU z^C-$Y&GG@f;9=Ud^Y>c56Gpm77W;4Ha_RAO``sqC!&kF}w3)h+%ISflSnCG&Lcbt$ ze#5ihB5t|m$+BJ!T`Tf%R6@(Dox4u%(+MfO4~PsQ8rDEur%4&_?OWM1ka~4Zq@BJf zEJ&ki3AA_?Ecxc5sz>*`Grpm>^#ZF=hC_|_(#EH_mN{#V=B#B^-U43>r&LDXd5s0+ z2?WDW=D0}IDCK?;BE5G-O!$15EG)Px!d%=QG3;>qLq+N-#E&1ur*vQvnp@UwxIce0 zOA$hTHv$&&Qt4CjFj`VTVlNkQK6v@J|;&Z zJ}8o_SOQ-xwMRc8u+-pQsd;s3BQXpY_hNPvH7l(&S;S@A4`ymg}Gi$n%5i z1;70g;DS8w88$O9#0iRpro^?#0FQO(o6kmDyE zjL(<$QwQh~fM_R@5$l|r_{@v`<{}394glEP@Dh`tGd`Z9pnq0wd*KP%ltKS*PgMJJ7_|0lSw<=s3)8ya=94kBCwc&~VUR*oYB*~3B-Eld zNi~Ck`C+n4iVZoE7Bkhs?3AawIZ`DIrN`Jm%Hr+410Wu?+RZUN7Lo_Q$Pc?wUejRC1j;^pQgZ{)8L@z;*BbNX?{5+ie_%aTNcs-`)u0E*7^} zPE~Wwb6RE&ChjQc9E?dix}P9XCrB%tf#@+D)9D90^#qjQYK%lwy5)2xNN1 zZy<}0-ZbEXQ||?`Q?IcuQ~MX1l5(&}5C$W|>eqRkK@Lu13^#^p$cy_7LIrKb%ooiZNd@EhJ&*t~DGJq}I_xHHeZ{bL z*t5Vr-k0sO=9%_<_nxKV*s!c@6B5X!9Q3Ltsfd3XP~TxR8^e&ic)K!zklMYQB4(!Jkd@QxYD+msF9773F+HYukY{ zPbY7$ zY_PA%Itj_EtQ7P0EZ)TD)A-n|khdT^B?fn764tqLeah`-7OE^8JJ%k*ht$gD^txDw z?<@AHj!Yoz+$iN=vw)Ovfhv8#SP_g`Tb0M{^zs=o-TZj+Fx&@IR&JZ=79X;-(RAT- z<&uRJKj1-|w5I;6SLB9CpAuG0U}GsAHd#7Qv#2WzNunX$ui7VR!>J_TEPVR|$SDw# z^gn3~zr4bK(-;_-=vn^DTwuUsV5MXDA2kLBHYPfj|E0#z^s6ysO}8*dbPC#;GqrVs zxrXBPZ)3Us9<2xgot+@A0U)l>GI5*ZJf^4HA6~vUdVGwjOIeo76&@X;iU}0u3=o+B z(Ne^IE;BGxQBz$2?C$P)IB~)0{KHFI!y|KueG_9-Q!#wv8-+0d8A3)@_*h9TCH?ZVA^Ae&a}e_YoPaT@ z0hjpx3u6E<1CwK11}UqIs4N2_Qbt)$Rx-!nhpy~c+XTk>5sfUX$mk&A=95z6m&Vq6 zkN=BTUQ_Y>QJYczTgAlA&BqUW^fL_%^_fjWTSHP+QcN^6@Yo3k0NuB|G(UdN`p?(A z5QrT3GZ{>R*%4&p8y`SUlZ|upfq}lgy`4UzlZ~Ab2xl7epY`{dVq={XP#YjlHDI2q z=r6^<8*N|D2-v*1KJcgu{kenUmsMO}o}GApLj<|ko7Ix15|F^>a_S2W%slY+lELx= z1%)+Gx1(V1%*^gTwEiUk^5~+YyV$>b z2ZvAA=^qJnzyONH`n!92r;i&P#wJJm`%h8Z??x-byzIo{#Ky&5mH$sMsN6hy{)b{% zI|@cEA|6s+#yH{&G#$l*2XP*anP1<2lYP8-3K~A*D;yh!)iX8*r3(yE+L{qUF|&kL z_!o5B>1~jb$HNYc!=3g$tEIUKxP8_2UAsNCFf(-JdMd4TmA>?k3P($-c=((2kCDKu zB_pdd7#*+_4nWEE2%1#y`M1=hE#vQ52Fs)K%;)Kso*$i99$TDFeg@hap3!WMKNNI-_F}=sgb!f0cM6aA=kh%lG4I<^&YZ7w3B=6w5Ri_Z zSx`>_fFlqr;Qc4p@mW_3iH3y*Dx{@k>1TW4Cx)@9x#{jTcI+o&j_#{ESp)FQ>^}|z zk0dGNe;fv4NmIi}UhU6R^^J7|ruPAt6PA)Z?l(h)AMXq+K11jZ4=UeXEdVeynVO$_ zf0Bi@jhUr!$iDH1QDdl!0pD}b=I>SwfW)AzhO#c~?H|l^Ui|}?5k6!|PDcPraMHfH z`T03u|6hK;3L6`M7Hv-KKL`UR3IK8;&KzbEP@Sv&GhiAZ4x*1O2`RXr_-pIAZWwYO z(LK67V4Bbmfek?7n(h#=9?}o%fdN?gXQUc{RDv%erJwi(tpPBd_>VB2%X%-w5X}p^ z|Jv~n0Yc}1E{K8ZC+h)NJ>{1$9#8V`V(B}2J#gC6_wVYvF37>+Yb2jnhA(26?B#A4 zILd#F2e<=9kZs(U6qyxYLB4YlUqrI)*WIvS%%asJT!bZ>MPI==8iud*L0=F*jHz!x ze&X~W-~fw;S8xzi<2QJS1&goWi}3?I1d_=IdV^ok`WJ9O5a7=WWCZ9&`u8Agg7MEP z?1DAC1<);Sa=l*>`!{ev5&IW4%8^rp(@!W?)4*;8JKxa^T1?5$8H`wVBi1c0WZs6> zHw$LddoF2uBK_Q5E(1St=XY>bp7J;U1XRJ@@6DHw-oU?4^_AYgsNNl?8Gg94e;(q# z1C_IJ{8vi;q>$vXlKnu$vpTsnIsFX5bP%fZxy;S}e3yRUf+YFYzW5qNh5>AMW32I4 z>*)bIhek#pzcksse~MPz_5MxutudXWzVCf~X@t_VxUjK^s%wB?I)QGHu!O3uq%3Hk1Bl za5gOX)E}Kw-AM%y)^g*zAuROJOZjZ@HAcsrj+fHOSHb+SQqdH^qUZDeR7)x?{GbnU zzK8uXrAU`C-qZkW(j4cKWK1c94f$aB<3rki??l@6ut}(*)uf+$3-vFHU!Ux`4JOLl zmNkP#TO&W?#6DKlV{-Xa{@^W4+S(<^isd_@7S};}22vu5A$)>Y_!zAl*p(uxsi|Hj zmnBZKW+l|<&r=1FytGY`hO&(kK7*SavB*5y(;_gZ1r$;M=VCoUb8+q2Q!7V{$zu8m zJk}}SYVmi)LUzH;Xb$^EY1V2svc>WCLwch2V>KHD?@c8g&3+u?D%E7E*Ss0necd?m zPewe`g-!9Pd+=6XsfT!Y3KWu{*A1UQ={C0KV2R(m1DmFd8b#rui&2!cmkTJ$AlG1F zu~zj5$MfaT6sTarYg7%HCi)*E!QPY?4QD0 z{;g;E>kMvBD`<|hm&y-!;`oKijN_CuIv( zOs{So2p;m4goK@KNW8EQ7yr1O#H<{hmnYPUuF$P*yU_?lrcyEBVP%BltsD^fArimK zJ2fnnKO0f$L@CDgIGK5wxKQD`L#+t5MF+P2eat6wjyn&sf`6Jfc2V7<)*9BsAE6EI z!t_N3XM#%aV;{pclew#yxsspx0sI1X9sPtbdUF*m!!BkxF_--_tSUHRdMTZ!w!8Wg zjSl~=a=P%)3a54!t>lN$;H_&2cc7`q7V=J)u7X!-VY;t!E(O@#2PH_7%8YpoN5 zJPlGmb+wEy;d~NZ`%TSom6mK#vx;m>({G!QNV*)nh15hpDXx1?74Ye?l`hXjkiMVS zoUK=l!tpk)BrA+#g_ybiJ{(hsaP5sodT3UQ*&z2)%B`&OIX1Wis09gYvFdWJTsq_kf!gZ`X(#n8v=P`K`PLWI3kZ&XTwM^S#}gf+n&;s z(ML&dBpiSnWX_S|w9IgA1ero0-UEB=5NSjMSz2i1>_E8nHg7?Y0IiB&Z(e9hg|BA| z62VjYN;CTO_m?9P=rMZ(==vr?dVkI<14-ER%3&;)%>}$cTM2gIjX1Qv<)5cXWNs3s z3QK~sUeLblBL4F*jiSV7Wc8`GD1C#6s})KtgB&AOReS~={3_b*)(-Njo$&zT6rlHJW1ttL zDF8gnI<7oUH3KHQeLMJ=t0GTuYchv%S@aCX7P4gd*b^kWuv1L;L^7*hRAmjXCz(>d9xdiYiI-_U1a)-Ays=d0fF z&%8wtd(e)pNRwe)zP{$TwV-+`#Xi<4P>H%TV0Ke1iF~^>eabC{$K=3KVX?vi`*ea} z7pu+8IMv#C_2_tIeWYi|rUD@C6)q#pg%Ep%H+8slzVz;`?A@f1dp!l?NVc(KhA;t6 zfICH2wSH0Qn4amQ_nA*wJ$p7Kl1a)Qe+yG$-O@U&%zY!_F=hcog^1Nzrd+zIK+|&7 ze?vX@Ih?p~ZBCQeOdwIW$augjd(6ATBfH&uuFm%@^nVWn_CrN#gOGH|HBf>WQOh91 zvk`*ApOWDtdO@lZdMyWqOITxTy|oc~XepnBXS@WbMFKzQ4M>f3E z$Wlgky0aC@pyZf+qe6*;iZ=er5MEb}tsUmEQ1=-2?K`RZ>f!As*@i$Vyk3a8c0m4N zvo0a)mIw75qgIA|^=Q#-)QW%JIqZu>PI~IQ4?JDQUHne#XvTGO&c*Sz&6_>8KnEU{|zJ&!ipj^cI}jyP|Y|yUF%39bJesW92%ev42MCVXdAmd|^lqz&g+O zV06{jP`||6xk~?OUe@27muW-P$9~3*G*psZ7|xA=L!H2I&9?bNcg+>+R|@V9ZcC4? zaV*4>afwpwz~YUNl&_36a~Y4#ez2g%TNa1h_;HDy{1i*qQ)0ztjO)Nnw$4L0dQ|2H z=)G3Y`cXnv z6ogt@2qR<%EKwzSN~pU39@>@v5dSpKTt@B603d23MPNOpL~UQDTaEOEEe@yA=t#Zc zg#10T(EBU~vGX-76WaQ~igCpLUsokNecNJ8)S#2U@!s5AHEb+=ZkuA@GFm_c`ldZ^ z{=4{wp6|3>fRbSAv@(QX&vTcllrTIwG)b5S?o+SD?jdOfs^y$vKQ5KCU=zKVh(n@W z#1^6dgvoMSO@6|yXK^57Tbi6rshf#V*T7h~-SYaFPz558MpMKU4)w`fX(&e=S?OuI zHwyBjLK8kR6)r~6*1iTsZoA}iCT}HS2~n?dxU_D@EQ_|`{Jm@Q>NnmK5|8?@CPs75 zRs~AJ-7}60n|$a&-WL?9!ZQX$_YP5+=UM^sz@lohFG?xuDbL3?oIj$~cIK9mU@r2< z!%imm7NXGHH^}C2ofluMd!;vsNQ!u-J@E+p-7u_#k5hSs?Mu2T0~LKM^%Q^ZW1jLp zo=@C%mHT=pqUn#Y_`7tvg>`>@$%L_yJN|K|NibLe=_!xiB+J`LpV^8;Bbf4uLj1c& z52cR(&!gAJ&G4WzF8zqDbWnVic3*Y8_x%ZLbkM+-`*wU56vIXS6ubmpbWkgJQ z!|DSbu^%T5#47PLPtBp7p1nj!drRFKFi$D^ateOVF$=#HN*>5WV$-d(Q(-!)wnb^; z2_I;cjd^#YXnI%Mb2yaaY?sZv2B$XLsYn%lQ|kF{QQ+Hx4xWbfzRa5&ulC)*W2Y)A z(^LVqkLT#1Jo4JiZ2h&}{qkb}PFO4?eJHo(Y0kJOefWqj#z{1)O+YD%XR{)HUTeYv zx|Ae>r+MW^vE!$?<&cmtmV@{>>{d8btw?I21N;!ad`#$HPnmRDzCX#~Y7UanlO2s~ zq-EP6YyD;Vnnmw>z14+B<+j-}M-o^X$R*em| zb@8sf>Uq@6ltDU~`x9~_`eyb9^p209Jrm{a{!-`r#ogrB?MbhWcK2|#ou?Fn058j~ zP30~r8DK#jz@weR#vHKI>3cO^?D!s09*&lnjf{yTqu3b?u>~c+daD=bSkPnPv~l3> znar~!)tX44AA$@9h8RMrCKGxJFXn+kk)EvOeS$W`-0~+Ra#zbWoL79QS(NgglL(}z zYhXLllY0T4-xL~s=ZIIEDEmGX8JkY=1K!5v5E^e~yd`Ro9KdTTFusZJVP;EZL@9<% z3JGYEq`gqlA;hElxz1N)n?*`#7EO3DI8U4Xas+1)B0T6hzhC4?zeaU@wS_W0_C~Ja zL{!|%4E5EuuI4gqQ9O>0C>eHKl@lBxvJ-1|Q-CG@Jh8}!e@*RfzG&A|m5jcdxh4(> zhgxTFQUzI!CCuPLHF&EdNN?fE}zJ6Q2CG@eJ8()+ZO;S z$>MvB(s7~p^2JBe;F-MYI=u}->}tEQo$!@C^9DX zew%0XPOaM&^1=SHvO~PiosBlDJ7?IwNQIRgkdj-FowOE0-du4o9Lsc@#at-8AM04_O-U?3Y z(#CM_LMp!N+tSqY&>({5uuA}Bzso9Bd$OxKph&~ZFSfL(p$mB%)mff#qzI)ghRX03 z%@Rqr)2G)`Hh2d69LSUgkBd}VK89Y6CHVk>@8)>B9YU4J6A5oDfQSxN@~DHU*0Yz* zt(;WM-N4}kXLbSmUP(@>H{-~ipgP>eM+jKkKM`ma?9(*q^d&gs1q z3^6u>EzD@cwxTRJWeZ(mOScjt25Rmzcn`c#LWXZbL%f^A`|Qd-a*kNrU7H83smcy- zWY;)H^b;S113d7MEqHLQaL5X^?)~%l-JIve6CriUp-vU!gB)zi;;sFqtQ&{p!>!jm zdQAdl?F9J+Ejg`SvN)KmZab3oOI(-dyVq6K9Dk@!#k_cbM4GOi7b&f$dQWkimE351 z1QF!=-oa7Zmmx}cMDN!bo{o7i8W=|o@V+4du&BMSX#+h9jN*pv#))FYM&cqm@TSg~KpznS~>7exTJ?p(> zU8{Y(pYc2X_EMG9EQwKb@XhwzaDVyt8K0)fAN3pxi~2P0m%41fZe7n#>g>^%naEdz zLvz+FE-?sp@~ge{!jROgS77Y=4H3cL$gtcmN5Rse4agX5Hfei$IDJRvwWJxbx1||* zl*ofs!8bz<=zBNm(CQz$<48xXfu>?cyKi<+ISP!1Gw32@e06S}xZy{URQD(zmEFxS zvM)vAzC&WsAaBxloi5ZgOD^IN|23^&Of8hXM?TFT?7(tk2#kvvsK} zBwwVY^3$uvIDg8n424_?HxHYHLaZD0({GBc$BH74yK?V}n<$3I)-`TFOvI5kle(AK_Zn5*gOj-<^CkBvp8gSaNwflJNn@}5;ENLo|qxD z;K9%MG|BA7@@@=_`!+oTPx(h;mxTBHr=Q&2V0}d}6KObL`V;K6SD(|@&NOlnJ?zIq zv-ch&Upp`pDoB7(5R;3IR*mLd@1igHEENagU~_o6L>HlVcVy%A5@#P`MigLn4=$rR zvZA_rseC6YSaxo7NZv`vi*A>ao3do9IVmxzexfwF;WbYXoexEn);zx#H1uEs<{7Ks z+LoYAP9!FktZU+Py#rE7&VGyYn!7;q;HZ(uih_UqVS-`+%XBU{_8JGZI+r|db(tc~ z7q6vVS4P+WSSlnn!u{B1(rVzarR$9b)rd}&y|U73fU1NdWC_(IBWj~E8($|D-~TC; zUxq37G&dK$V*%;<^&%@|ml`X@uxl`*Kej*sL z)yz;g7RfF#Mh+}>3^f#wg+W{7RYBHJ>A@_y$remp<09sMAMD$l7(Pxiq+(w<((7Vk z;`P-;orvRdz7-;ntyPI-Gd(nsSprxUO>wMU5iJ?HQ#(p)hB_*-mUfTX8;8pe#_^UP zzchR~uJVrvC3f;`4=z(Gu#(PLD9Jq0uLhQo*aW_MzTp`{;s@koOruGpw=svv+rl${ z$y?JYlw=@Q`ekN!G@(zcMgJa5%3fh(r<0DBv`sovN{%p&Cb}S=Nt$3eCE;}A7nP$$ zXxT@l{)7yp8q8$)!lW(5DyVBLz2IqL;=ZA0nnmOgE*&Kr79GcW{F)z*1b4M^OspvZ zzD|W706$Wdh2YVZWHp)Jt@^t<37aIq1VWDN={9ln${leX?ytceS6|rvouVK2%*so^PZqZX0)=$@y%BIWw4xWAM^>S zTYcRP6C3XfulOBYriecC#)Te!Waq5%7{o;!-%FZ1Wk$CuW7-Vm zJme`|rq4v}r4U`~LHY+cM+WA~)77*Mf?f(AL_!X6arJUpFQhe98GMSQ^F#Iwo_I0e z7BRZqSHSXGri2_C`UD1`BnxLT?AM|7%3!~!dm&M@uBR4oY)~{1!=9v~{<7w_8yX>1 znRwS4(#`;e=XuVL8dQP;UA~|H;-8jd*|T)ov= zZpMeQ_bwq6ds5N{J@yM6&yCpBVHFe8jcr}4iezV?;dNF4wTG5vKLqK=;2(wM1yfIT z(meB{X!1oN)l%s+(ZTk%TEp)L^;&EKRkbV+pR(iMbaL+-q0|x5d#rHh)-1L-c**k5 zb4DH4Up16k!Scd{VX#d5=-t^C9CEz2P(;o% zod_FQel>=>S$OZlh%>6IZ9-}!cX0^pKn|@2!*TR3OTYbAG7_XDnpa1DJ~YQy`XQ41 zphsw!89tK33R060N8}hffwXS}?+%RKG;(e?chw8Fi7`W{Dmzu{3XHgk0`RUIQCuT?Kvn)wzy)@WLxzFE(v^9CbYEPi}`7tCNO|7!^Es_~PCQhe@S zg)uSIoe#^guI!y{DEl%!FNd)8!G{uIWb?0kOaqqRAmKW@8)TybR+x;X2q%BtP$?|O zBjc=?EN^jOp4d5F4L?884zQkSsH4AhSv_w%U2t>@vuzu&BGu>O;o0|G9ujrk`$jqZ z%5*xYQXGeksx8xQpge~E5)xAQ;`{*EdBiQ;Eb2ZXzm3UK-F6?BLQ=xPLQkz3ecItc zOL3=t76`^-dEfqNz;+Auy_@Ku9Oo}$V5861$(dQ$HFCOvx8U`d&?P^r)6j2vLguRC zBrca$@-uCydKM>CwBe_elQV#CU0)UDF3epnY%!QqmXafGq;_+9d zwEz^+00!A@n%%Q)hULaY_QxAc&RhgW;hGVEAqUq2Ak|NIHSBSO`A*&Q({Qh) z7@86PVK#VzS<$^WCWrt0WOqoMNdF&ROr-G+dfGl*2@uxk5iY8&7$vSH+? zVPm7+_zp-m^ySk@?uIQr5?pR^{8E*%|3;}t#b>0w2HDyaM!>6iiJ45$D>UPV+bP~vJltJ;O;Pzm z>$8N$2%o#h$AJwG}ZDx9!d?Bq*WrdynNhd zGS8~F8g{EEs=<`ySj+OMS+x21SwV+P1ZRG%j~BGmv)f%ZZC&JrfIA}!pL;0k-urA1 zD}Dsj!aVD*CYO12Qv^`A{rLoZv!aR3d)xD5n51#E<8`;3grQv%)#t;|SC?2)DgI;G%I@ zSr>8j2!{$ohqa}vW)97}p!$asyOwLmt&r8qdd$4N{?(OA6J5VBoB{zZ`&f#FM2N=^ zoAJ%FshJ?lpPuc0RCZiWrx}>D?M?9-P*WUB-O>DYU%Qx-9M3MlEkWiQBO`dVD$K7l zd%~t|4h$qmx*uLKYiOaJvMSDQrrA7`UeZunQY~&q@)mT(dDecf^Iq+u<46go+)`~l+EcEdm>!7{|Y5%iFi>;R+cHe$AcE7k5~I5ytX$s+8D!%_w=&+ADK zl_s?keC$}7b}zx}GOXrgsvwk61% z>`QARNeTm=h}u}`)uuaMMm&hcERqP14{(kg7;dKs@Qm8e{A!pu(O<9C7kfs2r$Y<{ ztqTmO)&o==MXtLc-uyqlWkE(FtVtu}c%3Cg#XbI#zyQP^(N=&WS}~u28jIIwleE=t>kJy!fG|^8+=(B>6l=i5{E3*NxPah8~C+H4jEQM ziIZ*PHQpYRhDDK?>CGDBvpk`8c3^)N7AEmalhZp1QC_LnpQ<6{4Wl}sYiHIwIXa>o`d@ve2b@r1HM;h49NeV;$sk+pzdB<=H*Ba&=R6jQ;^#w$N)KIDS?bbzsa8eIfA% zSMhU;bdkAL434hY0UmEg%G$+u4n;HQ=1*(w*V;(4rFL0{;H<3mQ&K)iU-N0j%fM%%mZdUaj}F5|>@3HYmQ1ocSkr(JyHQP^~plN@&k= zA@4a%SSP@Q9gpp}HBrUDZ;eH!B|tAw-&m5r#n%2bQqmREpZ(@n{6TDr7%QLZBgqg2 z_a4cH zR_Qw!|BGNPKVr4e7mquGfpvm=?WL!^`SMgxNF3JeXT|l;&REm9qlui##N*y7%}w+6 zB6Zd}UOpHb#w1&FBznhLgWO6CxTnQqTOOkmMr0SCT^?!xUtpYNt6icbV_$XJKPz)D z?tZRd_g4L-*mh#z-hh^*d%w5c+<>nd5tA(EXc6IE zVLR{|j>ZS|Fa%9nIU6iyvQngDnmp7Fib6%xF>t-5scs)N`|y68Tqe&o->DJZ`p^r^ zL0sU6kZI}S;+~k?nFJWV~%Z|#X)Gt7$zxP<;@w!?Ln_{t}bXtLl zJFysuBKp)*@mTO9PG8%6F{AH=I&Q`!74BO;FJGN?Z6JFI^(S>4$Yh)m1z5!6g%7E| zJX13gK)c|+ACV6}9N-cUYu9>7+J+x2*#+^TZReDVCO5=rt_3hIzMiqOKY@E`UKGUm zoaTyN_TW1>6Jx}@+rgh=Lu&9;5!B6;&PJ0Q@?HmKSNAOR4@HWyq=O?Rw?wwb#6W+p zmjy^h9mOCme&9tq59GlwV>;}Ck=|KB{{n*_O|!SxgeiJUT-@Y~&Ezk0Z>GBbVPG>R z%__z4zOcBm(8uKvtTs3n@=O7<7PUiKEe(8zX!eAAs!V`2uB8JzmVoO>9j=V(8vC!*40z|@>!ZbCggp9ON0lxjipZuE>4RPL;q)&k zmH+2URmL8=VZAcOYn*%A^(WqMT!yts)<2mvbD4YTSb{i1C<8^tgEQ>K#xYa!KlWn$ zL@xRY%b#-wX=wtq=Cl;dWF>UWjJFSl-z6$ZMxq2FK* zA#xNoiV|m?;(|>kB8R$2*}!C*ztt7#>SW2svczDMH^ixYKD8be=SVB~iM-w~u{Chu zs_s>OgI}%XR$=A8n{An5^d*SX^pqqT`Z%{h|JA``7T#(%j@y@#ygzsKcES&ZwgREd zviL|m`LRBTSpNP^EMcV3jDmsNFh`>BVh)&PJ8gf0md=n=-qd`I@6(`h95?9?KZpEU zn+Y)!T`Uo?w?6*eZoV`eg6}3tz)M(vvPY7eHAG|#NLYouBd>n%^7E7_?X_HAR<&&( zDlL4!E1$|Rm$=rU9B`7Xax$zE)xIZZ44ij+E=2C+v^F z@i6ue112#-Z!iVYnL56p$2rh8Um`{)z2RsyZ>wPgsv!_dpTE8`UhSkD%5m;3Jz{vl z9nHj8a83C6X4@y?ZV|~2BTarsa=CtYL>YS7WA%c!a)PNrUwidKO_7d;=gGWR+O`_k zgu%25#pw64%-}VRzLV8h5!w``!n4SHqoOwXV{{FK?8IApR>PXCpBmD7WJh98bz6QG z&LUJaJ;9<6buvBJEjtfLXd00_5NXG=tXvNF2?`RJn2;1s>p$qOVPQrPMcTP=Lf}sH zYM9^xk_+$_T?MDi40-l#?q}UTmsB3BS9*YjWK(Jdx36nPucK{LdK|Qs9lVuVd;+iY zAnj%NfqXnz4W+`tt-;XAdx3B3X(huiIH1UFrt^M*%6=32WZM{wfhW)s!hRl?eNUN? zosk?l?k7$P`?(^+o8cvdbmR%U`0`ZrvEL@-$H*H6#@!Vc&2hL@lzo)b0@Uauq_urV z(8r9<)M0|4&2*e!;U-)k@BZnK9)dlAcu~7nq=twQ$ zRRW$4t2hk)K=ndUT+;^aPC0*Vrjg95zQ}|W{2FNt0ad;)AD4{in(j+V%x4G9_%5wc zgeTecWNf{gFG#q&`R!?P;cFvtuo&zQVU+B#z3cfJD=QT~9n;y^BHNYJPAH$6x-;!*mb+U0wXHnt$a-!uQTc%TTl47 zN02O~_)Tmdw-vy5GuS`A8>8+_TvJ%paU6QUTo5A8=3;LlWH5zAxC%4aaEi;!rwzRz zU-%hKLa5r@GD6xwpOov#W)zX*QZa_G~9>JN6`oEyCew4wie==^%o$FM1XW_zV)a}BL%o}ZE3KfDq_XuZ-DfGt2zbITP0X0lS&(N;;)!!} zv1r9eN#pLVLi|3`j{NmXc{K5vU|D9A6RNqXEe*hK$B5m_tSRQ2g7MyopDE$Aw!^7_ zl7>EHF}&18hrz(o+dcOWCrkDgz2!42)OBQGBx*Iy&f_FW54?Va_A9Sk&+{}>!HU_7 z$UmfvZ~QztVN-KwQEPSK32gNBCz`Nt^j8muRAMSTzq`9Us$tl1)2bnOd6l^mKJCF6YAdo(e<@!*Al@B17cP~uElZ=b5!G^ge zJAF0^fDQn=8$_a;PP#@34uvJ(9+Ye!5V;+}x&9f^9($BReX|V(40sb_ZaP)&i6Q9G zQ%xezcFsieJD#pffVsPI;Z(p{304#Mxuj9$w`J6;1nFNOC5rg$j4=}={HrF>H zwxZC7(dC=KI+A8?&LxX|FYT)H4_*KmimA|#DH6HxPll3wOC=xcBj0|(Z=^V`@q@(| z!Qh&KJt4XIv@>O;k(tnuiQQe=EKs!^B}|WPVjX@gNuhh2b6@a!dUf0(e=QsQJ|O_5 zPW7Vw7BDUQ5bS~m*a+YLrkFzLYk$JR$dR_b&7sRO)qH{{f=Eh=hk-{nk0|raMi?_%8fdx5|!-opc^pm1&W}U_7q5(2% zg3{$&lNJ&l(h^+EXguMA0a-ipfjtmBB{KGkcuYztvu0XE@g@9I+>#9~ZBa7?7Q)q85Z)FbDT^ZLPWU~#}{KZ z@JV$QS&=x_W5=3v$Xf18mppt*Co59B7EK4el_p&Oitj_?nnirlA7D~u?oK~armjS` zhLH*SzVSi`K#_=_ab6n7sR4JyiJSUVtqH!->MaDAEHhoY*PuvTe3Dd8n!zX2Y-gX? zqRPyOB%Iyyf}^>L@=)w55ICR+x%AvK^*Qy&+~AG*P9qFf{c^+-BD;O+wmwV4`qOyG z=DL!2AXadAe9ijT1V@V{`IB}{Hol*MO?5Gb-jWBTjaw@5kB(oOFiB(joF_uogQGE9 z71}6_;51|GxDc8OhlNtsIR)^^f*Gq&id2ynP$&*po*P4rv!1%VRjV((p`Ojc*F)P4 zG8JkbyGH?RN-~m4S^5NDw?28xx%Bj)4rlzb;|)nS1rx|kpyckZAterX&5#Mb}8)3#HV(}-^VISXD%FVxvnbyp6rl#XB1}quCiMtbF!peM9Ah&+P;%Fc2q<+TdznrWoc#QJmA|vd;RofnJ*fF zj*zKTNGWB_&vg5sEkUUTT?YyA%kyL~3}ZYB#J7QC4!Nt64(i)V(7^#%@7<5Cs?GpJ6=_ zt0aEy4Tul-5s4FfNLBNOwE?JiQejDiR%7ZUhE1}---r@t zjN9m@LxGJt@_LnKb@#n4x)9sG)=9mDuo@vEpgKAU&vETYt0hl0pvc zA9j-rPAyLxKk&YPp6w;>S|#cMkJJkq5o~NJ2r36M|MI!cd=2Y75k{dvsh{K;3fDHr zsXwqZe$WuiuB)^n@FDZLzV_8YO~2=(pB}4AAc-J)5JLodM7p=!}!^($*NvyEi`K z{}>Rr+_NDVy-<2pl#+?H8`dbek&+wK_(JAdSct8xl}}OSXoP^g?*|nfkF8;>YuFXZ zXn%dCij-=|;0b_PT}a`R2WW7hoBygOn^XYo=eP#xg}2i6T-!%nLBoe>3OCfQ0dfyE{Va@e+mb)(bBRp?r7y?eHRgLRVRXV z-6K)(6YZe3k90!>VoV&U{20$B;5+IVs*~V>Am$?BnPakXm85{u%h%yxhj=Cnrb_4K z*NbX%X&|Hg5jyO~B)`(^R-R7<+k8=Yc3_j`&|4fKf5Pr) z55?;cliC7km_XbpHa<3%1NA7|d_L-!&%EAGU@t?NAlq10ch<@Qj}~Qk##Re4E`1?u zrNK0zzsJ2CIkrV(=3NER+|Pc({TeAx!J(dOU8Je)8HG8uRJw<{+{LR_g&u^$QN`1d zdxc-*2F?5ff@7vMxY4hrrpV&U3=Eo6mQnM-vlwRj=hY-nL7I~}z_9=fZh~1ToGUlY zW#N}_aNC>*{o6|qJ3Fnp&u`7ceSBU)>y)%EmhBIG+*{It`cp3v)uUrCjXpgC{cUKp zXp)VGlg+mZvGRc3kj4eatFi6dSLa_aqn_kBFX0roi~>5|s6E*y;^})~x%yrYdr5hX z=jZ+GYC+JCU5O6LOC6!8QbV4(%wV&z+Qf_4q1k?Xv_D#oEN_Nq6wA6rY8Z~8mM1(I zj?}rjQflN*`{S3CqSH4*YE48eb=OD0*T>F)b&QEPP@ib(C{JM+C>rHNjRyzd-&9f ztZjJoVeThHNv-(aRn#+!hu_Tx{k6|5u}$-rP~IpVVt1ny7qOGY`nDz`g4*@ za`0KYPIq_fHchIi9+IvkGlpJbJbQeQxdTom7T40D*?cx$C0LL8qAryf3e1y#>CN%dfH$u+c z(k|u4A~Wpp(BptNuEhp|S+-EbQk!PAooU{VD1oAzyT0#g7EF$t&08LQF%VCIta4A_ zMPS?xE;Lpy!!+ntVvEZBEt86fSo0^^S}k^f-3Q_y;FixBRwb~SSx8+O6GF`6`}=-~ zlH^NgZD}U2Hw|(b-3(MfMqHTvWvC0RL%q)TRLL!iRQez03K_caQ6a&8<@MeW=iDK> zd_6=E%94W$#5lc2qPPtpQ0?RM&^zdb(N17j%XJXBhrsnN=^VMhkPw$6QzUe$l7dMw z4wvHwmgp(LTY7q9YjfVDXRB~!lSX>pS>1|7TLX$rwM8bTp_Zq+k)|IgbcR0*cv1@; zYU~;yG}Q>2jB>?nEl5*)?x?OxeXZ`y`NkBmGi)&6f|I=3EJnO!|0Gz~4%~iG)mSgV z_T@(?49wJ-Tvo8kqM(DSI+=AexYWAD>bzkHOY{JKtCCt#iLox#8FSM+M$RQ)3cz^J zGetiv6cMNg2peoS92$M0q;dLTAEWV!WTg4^v(wO{GgJQ-jh|b?Wf@5(!M(ZS$7Fb= z#totMmrB^x2;XLvVhc#%M>}|9@@VvtlR;0szt2wr$(C zZQHhO+qP}nwr$(V-D}MBf{pOw^ku3Go+H1S>E{`$4#~A-qa6P7T|0p5+tc zwxp8Q?DBGhU9Z5|E#mUr8f`7RIz^woq;!}kdw%HM5JzqI8tsB_qA!U7E{o5DA~(=qp_C3@;o(K@-l{*c8`D?P z1pamh0wj?yr;gh~C-^f(vjlHDjsJ2OY)S>YjbaWvK7VzZuC)o1m%$`{zP08|V~S)v z02P(Q1~2!P^%~IRG!3H$0__P|MRtM2+4MJ+vK}`E>0iIvC#px2-ZqM~fCBv|ogPaR zVCHBu7HhryC zrK1~d1y0D-)nTJvlZ4R-MQijI&#{N0nOOauDPr$+nH4iHLL~a<3pVh`he%PM^lop! zSK*0u$~tasDwPUss5WzgGC}VY5`U|Pa;@qsTI0rW45ij3NnQcCQFu<%9oY}9Fp1`x z@FrIxmb9n1*l6S97jiG35!jc^TOq?b#DGLzFm&ylcBRv>(C1UYV zXBxWLQrtDvgC&#GreF%`TCO8@9dwI1~B>bWUP6IMNc4dm71DZ#)S&bo*ZMj&PCt!kT z`Ny5mTWyiA3i?m4mrtty*P;uK>Me+Xk+L5`rF9?>Cs$(Fu`D{m00KMkI=6Wj{E@8S zreMnH52;Dbda{nYH0WEnM#9!ZF2?Y+ngb>oj?m}|C3bOJj6Vf{vUnC(5X&Yv1K)OE zPP(%W)pKec&Xw#pj*nXqLI$#-fe>cc0%m91;>!=RP9Un%z8eWJGkQEX3{^@T9OUIivD> z=ViBSmfX>zFoO$JSMwZ|%7q|JL)M~*g;&tjm;|%&qxlAG&}h#NeYnVb5$eKTh=ZZa zOETCc&DEPs`k;lro$a1uZUMwL&)$Ie`BM-Nw^d>z`%3=pJ-Bl~2G2+hJ|3%jw;o%T zacy+1I+T_s09i}L9B!n5i!gTmek{oA&|FYl)a`CzW;xFmwO(Fd*F zxkx{~N8ZW-70F00 zH^PsHUUfDb-At#NnL;96DYoO6$;Gj{!;1r~{UP9vX~e~2k$VS4N1PGY=Dc=jh%_i2 zrpnn^2oRF=+i)kl@KqT$z|bYF8b`*iT)NVU&ura(Q2(mVI^WD_H6TZmns!>%I~G26 zPqySw$>d>gPT}1Vf_%cnSX~z^1wSOoxkOZ!X)N+bieg@rymW@$Q>oYVw9Ykv^b#@Q zD{`=>WEHx={p(}lhu990v&W|Qq$d1;eT>*v#f;0LA%&c^u^_e@Zmn&pvKTBRB8#4u z^@S4h#$~}Cg}#EQ9%`a71VoftC1Z7HzmqyAlsZG}77gTPwBpg-%ABi9tTsDr%wBEP<;w3|6wW0nF!lPS&Svpfn39@%A%oGk1aNPc_0;W$`uwSzH?+(pK0f%)O~t< zCEAX!r-v0KL&G(6rFsFCgUdGKO?n}M1*X6?m0dSxKZdyGQepY<@+0nY0&YThcqUst zqAkS<3{c=a&_)JZace%tC{1VJW?p9(tDqCCJgiPG-35KGTV%3RL`!2^|DV5l6E+J+ z?lm2uPr(Sd4@#YP{PCX*-cV5^nkEq8BP$($c}$}v{ls2h=nVZ}X^78nc;VAYdgz`h zI{R3Jl)Rp-DK-i;!V&#Ot{{J%GH*_uSH3GTczC>pRFu)^ZV%I=Kp(_WNxO@j7SI!Z z`Wbfk48wLm?Vf_4ttPu_dOHu7aL=v~f2f^;#2wz|1?O{9 z>#qv(EmeDZcP>pDk4lb7_AI;0KG35sjucI1z{jGS9BB^il)m{=YS3INYZZr9yG;7C zQpRr?(vQVBOUpIpAVyYL88)k^JrFD{!WrV_FMZh_vwV5WXcfb6l(|bpYK$`poHBpc z;bwk%Q34nk<9;TX;t6$QHgSUFFgI4J5yq=dFq~r0(RbRJDz&3iL@>@S$elUJkI5E7 z^X7ALC=K>#Kegex1IkoPb*FeG`B>vlyK!(UUHd^m7oKNWqCX&^tZGR z0|aUM3}^Iu<&0%FVYvsnN4@5XE(N<~0!C;u6sdStHKn9p5 zAJlw^mB-Kroq(1C&m>K^NJX6{-%k~FV_SW=Dp&F0#crH4{e&s$E`493t2#{XUNWDU zz>;^j+GpMSm9K#W#~$M8a4@An^Or2^M+(lEX6Q5GA+p;DWsX!pA%W{2fTmKHuoz$l zdvIyQr^;z7{MfQlZuwr9dRd$n)_5S&FJ2~xAES*TB&#j9T9mQrAmk3d=zK=&eH%=5 z*dNAi@x9?bC|iavYyhQa9#f_H!wz_M_su@qUCNn^AG*T*vlueZUtMBJNj4ektUZPk z+@IQNW?$n}zN6ZR{xj2{yqxg%dAxvcc341USK(`(`CfAZ*5Mx~_1DvIkHRLMpzj6W zuieS-UmDq&Owxs=Vr+*EfYO60Mt90wzS^tAtp{x9>+a-UIhrc6V#sQ}HbN-OK+-xG zbw+F1pk=u|bc=R1bU*w-WGJ=Hm~0$4Z2QLg;4CUPdtkCoMhCyJ5~LGUX1X37MfJ8M z+TStyCO1m@-&3#k{C?a~W2bsVkoMLkm~v6pdsXps=3i&EVc6xi1)SM%}`JW`Sw2A9o>X*UchhT`hfa8=_p5_ zpO9PKck{A2o#|wbnNy&t^v*i!f*=l&@C3n%EapXiZjL`fGfv|Vs^p9>^?EdEmXasz z@wFiJ|Mj5yfHi1wQJILslJBDQ165zuSa9MAsq95q_;*f(Q!9(<#)0hZ(k|-?<2;v) zI~4AnDsiLqGST&w6|DyRG%^j#5X*xSD*IFequ14art+07wsd^5fadqU>BguUTCrwe&w%QV4he8@J z?&j?YCRKy3sj|MSCHHsF#QNAS*gHbxQjUgut;n^ zWo$+X{(o69KAf|cP&>j93`mlMRdEmA(r&$4k{mYbboi- z<8#kSm0-Dj&tF%`f_s(>F*U%zxgJ|$rM1rkO8gEsMk;H-mrQM~L}dwc*0AsbV%KnB zi3J3|=C%X9QJ_Rxzb4D&Odj0{pyc0E#h*C%&xhKlgQA{cTCAS&l2OPpHE_Z#EWMuK z6T77oNd`^)5zJV=X6!7uijyrDzi>vsz=;hgYUN;F;fl1zBP`}4&4-pCf9$~JNq`_>sqmDuYg;|-7gL~YwTl% zi~t+23AVsG&5)JpBPWL0%)&013kT=$n2&eL+|OQPr^$*8lT$X~tAA4hf<%o{BnYh6 z^c0MIp!5ovxE3U`-v4-_7rtX?j*mUnM<*+5a{$NV6_M;>%iy9@h$%tUX7acKJhzV^ zUjk~%gaQiI2v)Le3F zKsz4K+LNY8i&xW}-|gwt8Ad{WtMvy&nzJ6;z;LOU7D1RmyF$|Whxze(zNb*I14tu) zjh-xAA_-8h1$vqEO-BWu4?!KkN{+lJvBC1;jSr;)pau;7sFIV#_j+Zx@4C-n8o?J> z>iTiR(3;1nz8#HmWmNSq{cK^c9!Y!nU^-UqIY=Tt(KMF4{5G`riZVf5WrD6G<&v~_ z8py<?mLzEcm!dC)+-sq$eA`tz69u&qOf!?~Yek}3BsP1$?<*Qd_B zsm|b4!FpBG_EC<@vv5no9dyQ~(AmO|oHl-3B_w73 zy9^Jh!5Ndq;8YZ_|r@ z|24Z>5{|_xS@SRp1q?>Btvvr;AShmF8gLZ|^h2SDZL%~Bk#5N@u&x;K=&qeKPT0$_4r8za_V~p=q)}0r7}^t7 z0|Ubxr}wve$JP;&v`)CG>sLW;;*611=e24yC5hJ%5;m}>p&v(mg}2fU&vlrljmOEW z)6=INEd6#4B-Dux`_Zl!-|{bXeR{l5iUNCzVot7e6e1DN!K>;{?NPR%S&Uj_aWLQo zkxS|ZOYd=j*{Mo!Y@q3RQ4>WWVC(HCxoVD^fJ*3Nv3{pMI1W}NZdy{DPg$Na&OiDd zYTfDAT6*f1q})8lbr~(JSG{R83Emvq|3J z`XQPtJL=F_U2a-U;uB_&)o4Y6^6T3pcMvC^%ue?gugm*oenyUA zPttQ0Wr})y(0~F&T#Hni8fn8Od1Hs6NCj(nK;)Q4YG}rQq2yX81bKm@I_L-Lv#EI* zJokWqMzyNf|HI7W0*ov~@D@dK$V8ZA`5Du{GhN|7T4UeZ>BCJC2Vs#MrBmY(u0iE8 z!;JpUe^Qs_R`q20Rk{z3>On34_m^7M2Wqw}>0D1lwsyD%ZUd;K-7eqN+-S43L#T0_ z`$U&SV1FkA?6CwLF^9@L=KY%SDhU%{v9RV#q+Y~nM7hC?Me%Rt zH5WQ7cfwB1Z2$6NO#3sic}w9<1-c7^b%(o_Are{8hzfgmElYN}48o10d`2S;;Z4F5 zAOP7A$qiq?9Yv!2;mA57Rk&*w%cdQz3t^!J*5U>w_@K;E-Zh$TNy-vw-Kv))16bvY z1L4qR4yX7Q;G9mWa}lw40YzbkGlPuj@v%fZ+3Thxpppc@+wt=1>;s63bp7wK>RGBg zFg=d5MxVq5;6`66=ElJyYUQuJt#f=Y^`@61)@xEWhYEkS!$sW|`2%R?X-CxL(S6T}U}+qUKp%zB$SpJ3sK9A?Di_8y&K4t{ zOdsskf3i7Yt*El^{fXY-qU=kJwL}BfJs`#o7jeSC;<9oH9j8xBR@Ha&g-SY)ait=IoRS#CxUmoWjA0FjR(=h9BW7YNXy6SWW3l0R~^Mftqxp=vb=jx$#ml0FI&F6JN-_Yu-??skk$ zvK2$50txujtun|J{p1D_i9;vy55MW0vGnRq@AM#o?JRTAzT}g`RgPxD5zx6E#5V%F&auxdkhZY%}Y1#s_03qlCnqe5ZdxTyjQ?bR zo57GakfZ9_9HA7z<`&O2{EAblP-?Yap<9;AU+zsX+Xs=_bWHWgMN;}UP87P6L?05Y z{dm+Wxfj!7FGd1SV>n#T!mp@P+3x)#BLe2oC!$H)$OVgkt9G{l*>5r*!Fao^D|1Vk zNvdDx`3F;rzeZw*hazS?8!)@tcF<)cT2#J_W<)>Z5S2OcjGy$UNj#)`d4^yBOe2xH z$Oc;rSc5VtkM;;4>91P?MeGwN4|*fd7~iouqBq5$n8CF^J=B5%sp29P_ zuAn~tPpYcJe9HRyjAAGp;e`7*DMtU08p(%?{yjxl#jeA<`=Yms7G6eW;l39DJI@ZL z5#2zrLk$MhQ%MwBUD{U5H2TAs{W`qu0{2GYE~7iFMWe|*&pDH@=$qBXBL=;InFXEaN644%^%|53do^nR^oKHpQ&}2 zdz&9fk_jPllc=`tte@35$r@GWVsuic;KmV$q&vx0yav0G0fTh{NSW`zr80fz*FW}D zrT|}Ty@WHU+^3R+nwGPP6X5XlPp(_1dB2ev8Z4!N-&F;USpj!3_$Gv`2VRv`eUth= zWUxN6Jdv6ECi2(QrrVPRMb(Em)91dKE&Z|vX^_!L z_Ka~VJaiNA8ze`^bZ^75fw5sNeE0kWqU~4c;3(A&YMs21(Ow`75)j>>b`H*(b|hgi zkoQ0e7-;j#&es^pt~AyExer>AE3oI==S}6>6E-8Juqz*Yt+rltXp2}t-U^; zPTDOR;VC}NFYE%4%*v*i;38EvMqRPsI-pl^kkOC={Uz}&33OwaZS^r>JLwFRls#~n`bm|0 zW(j51uP*3#vH*Sjt0to@&@bcJX4t?AqYu9%w60nU{g*#?70Mb?US&sfQqssi=*R(u zUN87fKIPQxl8&!PX#>haW7^x|W0!jVVq4@?m4oh3@_?w=CaE@`HF;aEU zUUZ!1uv&Fpw|t;)U`wWmsKOql`>SS({EaK}yxXO}{3e90jPyk=;z2|r&;eW&zkxg@ zmYLpr)|I@TY^`j;wTRe%(n zY4h{g7M(tsu6(9>Sa+2YM$gj+pi2S2!Pr2RE6KdqVSHTuiP-P8s!bgrJ31EQ9JaoW zO%r4@A~zJW=?FgrZ%v~p20Gf1okX?g|jIk zF9OB42+mi4J#xES81WZpcN2rll&zTVnEkK?GOC05*j#|ge*6k`;xcm7*WO$z3g)VVw$DAb&kZ{DT=tAtZC#F#`^qk=E=!1h_mQz@!dGbuf{mU&q@J={7eQ=f=RCvzjbEu-G(y>g@C9N~k3-7Uf0U zSAsTAOu6W5!*gz0mmtUX`NDYR{lgfG=?WukV*4@jCG!t0J?;-^D^WVdcYS(=!MtsH zwV?=uoMN%HA0WrBj)l|Yfdl2T0zHl7gr)g68Y5ChP9&&;Fx;YaCX8W;T?89t z@7zphd%p;r;4XG6v>-#dwIR02DSa3S)Pnw1{!(>u-bWYhO!p}YYN3joTxZg_WhNeZ z8F;$&1WIk6-@GlC!)9_usplxwz&IVV-QI?X{q+b&U1P1Q6NTLgyh1AA!`opS#8gv{ zXg@k9di>Z@#x+cYBWEgJvUVk#GPS`K`jC8Zr(7R6u2_q9ErM8zaJk8M+Igv(F-Zre zo-c^;F!WYKG9o6)MJSq^G0jIJIPic=ppy;;GdY_78;vnRx{WkH#G2d=Zc18nDw^ol zvd9+bHy{$Te_*2*y1I+uv`hw+wa0&s+SI%&Hs7ZCkLMW$am`A0^|Jq3veq68 z)M0IU(9Lw{7^Qv(Id80jjQEE~yW|*-MDDgTRC+8G8xog9A^ONX^;}_H=6!s&n>d%l zUX*P>56$i{AReMMUGshUG&?{80pu`!&|!~ln`QrmUhgm4mFTy$8PzzDwtS%sUM+y? zSG>0D^eQB|ZF~*kZy+}fhxt?7)&9TDtijQ_t`;vHN|?A&2@N?_@MZ7kcEth?!WLX1 z-PM*^ofm0@jXlNg7y7pIj80dr=;9!1=ktx6=Q9HO2t<^gMfIp4U|4Y6M%eoCPwmw! z#Hk`iMe0d_fAh#ZMxvR${z5{%aN<3j`36#IG+cVOA@VG3bJhNXnJ>>3FB;Pdj9Ppg zE-c+k(;J4oEkczRsjL{_llM>j%V#{0`qq4wIAzx2R93f;27Tw7=6*PiS?=;?BF&~0 zXkn>mKNL{ZC*uS4h+-PYx42_zgK?jWZ6%mY1x+u&n)fz;lbPj63f?PrlsLiz++S}o z{hP`@UeL1TA!LhrHHhFK7%%1!eRRWM-zI8(&G-m_G+s5hKiRM9qjiEnLX_E^YHxTF zBa$;c;{ee%iJPemmCfApm#0eV>IN>(!Pkx_;~&-}4~T+rIE}h*Iv^R(tf*D4;1y27 zwY6tUVOtH=N0xX}NnGj(C>&E$GuaiAHc={b5@D-iicMUE!vT%@)Hu{sF>Q6&0B^_j ztVRwYfwX?e{K8WxmOn${86>?^J@l_pdSqcgCZa&jBq#Pk6XOj*nj)3#AM1GWrb{~Y z9?uT%pvfrJgl5dnMIKDn33J2;#Av)*!IMy#!q#N{U%nHIb$u8?N8u3+$>W@?mIMfxI@IZ!h&wl*rp+9+l_(N@A4#cO zTH*vu1L2ZkD_Sn0Yi{mY-|M^RzpV65)Jgz0wE_dg{Fk}mRI&Txo-k9FuY$VM?Zk`N z?YsO5@9Uupq{Cy0QlRzIlOJnsa~F@%as{RnFRnkk|+7>XgW2mrX%(h2(-4u9*_UrLW%|q3c z*jyHor?mvxR%m=Nc`P5PHuy@vTU8uvhQ5SXch2=hmiUHkM$#oj4r}3AddF5La8{fu zF&s<=yy%Ykr^N-TK&w{*3z#(2d@!EY{dd3Ns73{bh(YEN%Oh4J+PCibUim{}6|?fI z?3`8;6(orw_*%v8QkoOpCZM7W1Sq%c1+Y#Q#*1%j=@Vnl}A(!FXdb~ZH;&y2V z3)BtOHDNH5;hw)Wfvu#otOWYWjssgXs6t+=7G>Lv_vmHVwkso{hTlJ`*9@H>$1hua zuxADB>5L}_MGqlxiN3lHhdxo;C<%LPG_m5MTY8aTiL+8z)Zm4|%Wi7^?u_k{4}rpV z{8hA=X&ejW+oV!h5ym4BrFg#j8iefW<1TtB`jqxRK26RoS*zqVx0jpP93xYDAXGnz zoel7NMIS-p)EiB5rr4!Yg=+dC!9af1{*(>o1UK|}Drm}6&G28IZrp6Qu$Qe|+l{+n z*+26jEqga+n;Ao9y^Odeol{SWsZJh>M^#vS{A~?-#y90z7_81${j@L|id(_r*|dAY zR+=sRAwr0AL(1&3+Qfv>RFx#g)I0et=4)6m(*N97T7K!H+q9Y`E9XG&o#)|NwTTc% z^_5L1$v5^-+A!0`w;l6I{q4;&9RuMgd6>6Q-l~Bgh)k zn$_y{!ZFecs%yaeqiQj@CT%%R8b+RNQ{NE#FqSz^=}m8Dhv0-EuH>h+{zj}nN%+`f zTFIkMIiII$_R<929hK3qIEJ=w*!IJHx97IShhcWce`{3WCLx(Pc?L^;Epy#Q{Z-(27DuG-MFO z2g}pHn@EDyL+qNAfai^^yMd9Y(w*ZqWRc%c4|x#U28FiYy(7|sf5p2Dmbbzc33FMS z0vzPUjCZW5Kd{{B;f7HkzMBS)9Tl$@=6OkHL_cl~^+D_Nu1NPp8H{g%NxDVR@Yb4aYc{Lc z=ryafnBD!5HDd*7+7dzQKCS;2naHcE51g(|U|k{=h~wE#t9veqY_? zP2ua=J3HCIvYr4t-`vqts^y;E;=T|*hF(6#=;_Z>@l^*Y#V?3eV*wLx6rdGj|W>6Du@HraGPTvP;I4>!zG z+P3C1Jt%5s?7f!#BI$ShMCIJnR0#(YI#6a{EqU_C9W9NizlgQVl`v5~<+DE8#7Dmgj|9f1iz_^f)l z?HrC?#mKjmPab9$6$+a0U%^j=x>%G26%33-av00d^z16IV9n&RY zKuE4y6_eA~%g@LI7gmmadQN6eI-BAc!AOBdT`E8lX*|p8qCY5m%so{`9hiu06oyKm z?B_U0&?2yl8vh!_rZ}>+cat#cb70R}kl>ZZk)K~6stZF@34G7+3dvtcyPfR zj7Im<7Tv%jwYL#%z{O%_wG{x_=ioiSkY4@92(fVY$0j8uP}PpSGXi(Wc!`hvJTkq4 znRG=7^8&3L`R5^448aHG&CWHqJBQz@Y9rGLBOy0eRW6qSEnvq|9xothw)<$#jUQ$Q z1H0s@0t*$lSH)Yp=-FLPbtMGEM3ioHE+QNl*TDMOJ(*WX=_4jDm&w3eE}IJX1cuEegj$Q}P-VILSIBF;Yz3$lQmo7xiCAPf&0$ z&mtN8ZrkEHY?-P4wI%ZaqI(U}l_HEtAp5QEAy2^te)r|Av_{uk7~&5091)A8Glw_y`mn>OT0LI- z6i~`x)U~1R07QAVL_1mkf~{>*;o;*%LB3z4$JpR5@EYy8iAJPQ1v%Lf)OPfhv!mis z@S&?le41O1g~rscanG?A_9h%2j*2*aj2Al&8IT`n@@UI>EFDFfST_aFFQkORb~uVH zdabSp)D5m3z0eycH8<3Hy~9SuJPq5PZ5`+q=dnx2k>xvwS58iBL3fB)u1Qy@_zMJS za;<=r^gAZ--~fVP=ZB`@w)CMmtO=VJ;!$g`OBz-F0_lL$_o%N?NFKc7^8_|;Pk~p( z7x;9C3e{cpg<$QBwMPH3%&72`9muf8WsU{CnwbYqsGlCB1_AYkxs}Q{T>}?#@PMV)2$a}@>O^!j5Jsx28eVM23F2h5s!op3X{7JbHds?rs9 zun6cj7}=w4L?!4#O{+5r)fT@uF29ij%d*tM|Id17mgb0u?B4^LFf`TK9AmL?w^Udm z8sjc6z6qctdzTI`QtCRY0Yp|XenpIU2Y6GwbHQELNd z6JZl0J7W_lUS23CXGaqQ8z}dUYfTNi%@I`J)!IFyC}^h_7zn5#iS4H8iy|q@H-UN! zt!nD_zgeXJp1)?MzFOAVOS$Y*f$<#56+(0%fTb*gqv|pilqs`s|a?6~%|No+#EC8i?8Co4eXTit;^Mn!*)&`&)X(@imAF2>Q*xwbHlP(|V z1>NLG97_)!S_dRlnC+( z*bU@w;GzYT6&zxnxJ_gp`H8=!e5^L4p$tM$GKkO}QBfdD9mb!2!*RvHH3HVXctUsc zlr&gC2LcXnsABjbm}c|8gOA!nWg=Pj5zkQoa!w@VK;#F8(q0pQdom7zDUi0r*beF- znf62b0P%H00=5V#?A-Sn2M|xel^`IB!ht|PcSQh5K$A$w-h`sK!-ewd!$IIguFSdB zk>GGpuEdF{?hethb@NK)!23rtJJNFT4(FF7Nx#VW8vOGY2gtdT=F8@VYakp_$M@H4!-$EP*&t2A+4kI0o>FH0?o zJR`S(>`LtAOn3+u!zoln-;S<)#IjA!04ZT6xvANbK=O({&kH@@OQ#O+#O?$%{>QW( zvo}+ktTGP#F)AqY-q2g8x?=c2YoPQP&n4`j*wb-yLwTpmi%zU9jQN)oj^( zRFKN}=K8zt+ShFtD(@3V{+XxDPzv5Bq%&3BswihC4*j%N(Y%$6LHg7{Zk$qIs?Wog z&ybql+SZ6G7POQ5>siWwhZgXChlHO@>rD6^MGCOEr|_|@p}4uNBrkWg z>~VelI&g}c9ZRk>8}Tm0Wt@t*cf^7}Wyi1)wxcQB0R=f4Nl!8L3FqSP4cGgd{Kei2 zk?Km4b4~XnpvfwM3p;?Ez19SG;_~^~5P$#APtO?~`N4wnfu^kq#lDZ4XGcYHTRQi&-+k`;u&<-oq5*;bQy9-z8fsH%$YQ zSSt17U<#Z4=ziUO21^GzfKnx9%=08RlL2r7SXe5Y`1^bk3Q3tyji5h6NDNb$h$h~l z{Eiz$kdM(Ir!JGsSvE;$sCae{m%5@}JS!uCqQ&_v#&RUHE%8wgMd}|?zX8COwpJ`{ z%_LpSbNn9M5oHHThk;r@Bwmk9y15)AZBWFT9Yx#!{i1o`(5HOU#0L$pDON#E0g=W1g`n$NUc&1AxvGq#G3+U3p1gcbZr!IJHRpn*Q(PcqHQXcTh$3?&RG8*XAa0926WhaV z0@*K)HzQQ`fvWh2=j`1FiF-$rU~ft2TYC}LjKg~rgx4n{Ln9!}st%PNBKuEgI8haA z6_truZYi;h*}Orx48_|FWs5T5IxHCu%6=V1O|_O3d*ED_vEF0wEKZRmm5KN%u!#Ww zB_s`XH2Gq7*q4<0i@14xzx3h|vb0)XtA#wBrP;bLmCD^X^ftv%7t2`)a*eRG8XONz zaFdjPxZy6VqM8X7gN(w-?6fh`Ju}1|munFxIMo>q5MzqGV4i1&DWMzTZMDH% zD>JdOW?OckElA#c_}JvqQ4)0YyI|guwpDc!4-)6403|M1T*hnFiyFU~9w z4|}Hc6hAGN&f!@+DeQj1Ag_~=rM+uHM^W4f zoIN*gEw1w3+405Rm7^LeHt4&e;~Pbg{?W@+P$ek3@;)%OYPT-zDxSwMZvFKt{L4S_ zXZDK1Yb2);?TUoUw00ef)%11^gDX={FK(Tqat*Yz?+3EeSncZKa9V}M2#df0Z|>jmy(jMpbK#g{pteIxDV`rRr1`+jsk zN{z3YAXzA$Gcc(qiy#W-}PG}e_?+rG|8jG03b#yy%XY3>7 zYr@y4S8Q%)e?+y~5MTDRQI%cvysCp2kFM6y8ffk9hetlA0eb7MlmDkZ)RQ$`rO)e^ zvSsUg`nxB)w&KxkQC!{)QRb?c)Wb$YNA7R(4g;1Dj}?im#AH89Y{>V^^}lj5YG zYW-4qKj@+nsmPLJJ*zRraJ?aX+rgB}<8D<8^NZf-PR_WbMipz;9ny zR=(UR+WNEcVUZB&yxURPU>xxP!HKLu_AoOvr3)Qt`yJa;F}v7hXikQRpVLj8?hjWy21N~NIl(aZars5k{;W*T^(E*)Jc>OvMv@wxzTna z@)p0$tlFBC`(MqsYMGeZU9U!mu{xd3rxF9-N%~y|>83x6dV_TVG7f{RlWaCfu4Lv9 zR%|9{GK)_o7MeGLG9N$fVk)D>OIn@E)|h5*Ee=nC1`>AY zwiZ}6JE&`)1^cJt91oq}oN2zENxVjasF9DK={=3AgfDWpg+acqh$cm;nr;7%W|QXH z3{E`gZfl7)YXvpqPAL6Ibu^E9?s69mT+hq=^yPciYxHnd?9v}zKZF{JHGywsz(|0z z0%q-;ScALTbY$xNsGWk5Ig%)N5A3`R>B{Y`X2zkgD8KTkx^W8hq>D{;bE=>(CPkik zzaz_VgwwTZ+8-h9!QFZQ>Q0|31T+_kDrw7!C!Z!KwtP~SL{i#BQai!$4H{WV@|8a5 z^PTcohaZ~PvJPTiZL9*GGK*somsJ&C8xZUBh1q!Luz2Tutd?OeDx%&uqJuk-aSAU| z!#QZD@)Rl@!Zz&1Xjmx}Dn^Bu+k_$rY%w-!RBGf@4}s6YOwwbkcsq@Oo0Y#B5L^HF zY{A?a!n^O(3%hOObJ>>Z9hSeXRKw)Aft6)KVY?aH2PlFM6M+ePeQT5*q3Y=Ss$6N@o5 zy7W|!Zd!-JSXx`Z=1jIrU{*HjKvY?+!PN&cMI*2&oip47JC(FnE5}hp|Ae&M#rSQ7 z`dN}l6eseOwTZYC}B+kD1Xy$>XtJg=Kz?#19Hk#IG&)7NPyW z0c0E;{|%4{xHy~JIg(S*DO)&OoBTeNTnsHujGTW{LcajZ`L|BmK-okc-_63=9N+vG zzBxLYnBvleu(kb#hUCiT7EbuT_y4qk8ei4K(dloFf;x?Q1*8Uj{j3Ao2?;JdpQELy{ngRqTSd1*#8eG5I`UhNMy4~ zd{ZSMQj9~6w8-ZMQDXp@oj{BRL!zVza2it<%MKz#9|R-xs5;ORYo6FPDXz-XBwjA zlzQrIq+c5%CWLGB5|W&I(~8*Q$51_P4Sx&s64Q`paxMHh3j(G-$EYw`&yxr%mLDvo z5t1a>7CzA48wEn7*B(MrVtVH7!e!7h!=?^3;kfLr69FPlMt#s1J@G;DA;uVy9msG@ zvjNhuQB&hXFcwn=aUvA*!F@>jpFdV8H99qiFLls97FczJ9Xbm})dS+U`e>ueENp}f zy1;%&8cQMbPzeJu0-uussI#_FRv6BVU|roHv*e)c@BSeZ5wfunj9EN8+6v^Bc@N}w z$XYH;coG8#0XonEDLBq3n{_nM1JUs0s$Or`ceP&**G$YI=fC^oXRV&%`xmZ@*Fw=aDru|zLzN5WN( zbnoc=D9t)UiNHFqC^dT%8gRq$0Qt?5KuMZqfoTkgOAu)*F`?uFD5j5q3aUai1r5$c zbXWDK%J+12j73zy;VKb4rIn?P%v_IGs|_;n!dA(Uf9a;R6;$BnJp+}w7B0SAf~hNS z!kg&&!AxN2Jk~>}C&KI-_sOQiYJU$-irTV^)|?w1k{jxnHd}O$4ksj4Hq&h?T{}FQ zH)T49#5X`}t0LDpkgRwgS$Ak0pZhbo| zR5;Sz^6%nx_GZ!UH~_Ad69pnAnj@QdPJs#sR6?92gT$!$dno@Y_ucHob>)L%l$94B zJ-%E5cpNG`#29p_-q<={;($P79WuTQd*jMwr2<%}%t%8-1~iadB%dF?+PThh>zou4 zf|2483L);pH9!gnwHQWSf3%1~UVpSio4n3Qi57XSo}v`$YK<8aAh`r~65F(xlN!d+ zS~3KT<4`?|7=N_n$o#E|f&=p?y3qbF{+$_4bJAE?$5GL?Dg^W+Zo;M>CM`&7xulx`*C^f-l-?I zedy55gpG&vy~6YUI(h%K0TlUA&*=NzmQ`26^Eyj6dU<;D-G2KG6CytB<#v8^{pjhJ zH)T}!Rl3>!F{Cf%_vd@QS0JVrW`)RRb<_M~jj!f(pMvj?NaT0#oaGAiitV*mShY&~ zuf8}yv7t1jfD?PJ7))3J*kG8l+X2+9EIUcRIJ0oK@5DH13rsHtz% zTT%nyPy7i4OK`h1e;e>7?#jkyor8TmWmwE$kTQogHhvLpAAAw0HLyjFV6>%#CsLbk zGPBh!0C=Ma*1kPK6z>3_PzE-kJsKmumNQfUaVPL5&VR;$oI-^W)o(eY2O20ChL}Q~ z7WmD;0!jFG5(StRcLQTjp~{H-7E$6)0b9*m4YH;wFOq8% zfs{`dM{CI}x+Q3eLx;mE=1O6tEm$J4&s8OL163n^J_? z2>e|Sz=5^8wpl}+$^c?bYX%h-HgXEbXT61!{^)w5ziTxkvM=f&IWYT}_2owY@$PDN zL*?t_f;C2(ssM_8SK9aHetVPWzz=)6zn(bV#65+pjvTy44fno|{)YR)sx5q*5k1V@ zxO3ZZPrk1>Q2DvA13l+bYU1rNgZb%GW7YF`nN^yPi!1XHz9zb8i&5at zOZ>r$<3AtaY7d_~L-ef?E7S!2zj|XV^z{FWOQEi4VhTkkVQXySj;}?J&qB|j14XA~;c4=pBov(* zz7_*M6aIe+747Vt@tHZ;e}_=~PY+YO-`s!PyZ_{b@wK>x>Did*8CV6`S%ld{+1Z6y zMOYY_gxNWmnV9GW+3DGN@&Esu{LUk7Vr%y6{xLAH{vZ1?Bq^OvDI&-tuUFuJh~jM| z@%E7LHKFlb@Ia&t@DLL0{1C1D5dHJ@_9OKUBdBK7O?3+kwq{k=MU4v_$F9*aM*DpF z*3Tb2%(Jh&v%a@CJ*V8KS0zacejLSF)WxwUa*?kYv(M}qfEd@@8w}>aYk{o(E703e zO?fbdI3c#cErl@!H~}{Rn)9^zIH4_oT=S&!umWy?*XC;To_RQZwoO*%+jBg9x=pY1 zu!66EAM+)1u>4#Bv`re!ISpX$L^XxybQwv@2Vj_u#x~*EBiI=wtD|?x4$v_;#-M=^ z!`vAyCHOh~ok1fvPI&f+*C-jhm&o=V65RnKsi#bR8cj6jP~#l_Pwrfp3X@*|=l8J8 zAx;2o{w?4!;im%n5Y<>R<>+9db4gMS$zlNv%%o+KhwSzUHt;dhr&4_;%wQGN^nls| zO1=&fIUwSNa(Uyts{o286X39uN`1^34+NLf0C;&6Gi^+>K%c`AP9C7$fbqD!F)e`I zkarnK9}kF}aCc~KO)h6Zb>S}n*Pzajdn|eaT0xxlXx9`QPG>xOyc=oD!d?+C$nOyD(V=h?NM-zsiH{HH6_Ctds{FMU_blenckmVeR{-Gx9{r7L$!&m^ z)JJbXw*wEL1T31xJ~vOzmz@B64k8{Ix(m1uC0n7rV7S8f2AK}6i{Z*$C@u-Du^S*( zfy1H|iV4ddDDDg`*#!{iz}cbc4*-i$sv&qLTL&`?Pd%ZwA8+-Nr!+D;4(07 zsk>JL7lCPD!cyPY(yjoC+Ki?CPHEIuxyqBmjxl4w(#X3}rAN6`l9hegLVm$bfz1N{ z1;z{<8@M=dookj=OOt==iTVh<8&p)_*q{bORWW7h=XE^kn8wZ0(x0Mu(lNi|I>+9Q z*L(+nn;ctso2BOZJYitRK8`nB9dnh;ANV1F>^p99a_)G@F^%IA zKLPXsCxKId8aEkqwQG{>YP9{9KIzhu>d$Jl9EPqIIc(|k&oruTt5&K$$@%6SUOoeG z6#1m3FW>6VYKJli&9bOtE&y|uUJvLmn8wwX)UOsTefzNnmH_pkdzOB9BW;;k6d^UE z=fERNKYpjtC%`Iy5nZ$N)4SJR02`M7`A}_yRFr1Qe)&jLZG_zy6>O`eU-epP15~h_ zLZz9M-+$8pNhw6P^jNCjOCukJI2YnvR6Tu`{y48u!d^IgifV=s7ml66Syni_3a3>W zvh>%#dSlpZ`BOcOn7vui)2QWH1*eQz{%TWCkuXEm&4}z*maIBRb#h{cs`C=7RNahp71G^DmmS@1 zrmbO{$r^31)BkOmV5bUYZe(+Ga%Ev{3T19&Z(?c+b97;Hba--QW(qMmIW;vk3MC~) GPeuyxa|`|e diff --git a/docs/PSA_Crypto_API_Reference.pdf b/docs/PSA_Crypto_API_Reference.pdf deleted file mode 100644 index 23154711c475e98c85083a19e5afa4cb051127c1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 527887 zcmb5VW2|o9vhF)<+qP}noWr(l&tcoPZQFC$wr%UqeeOEh>t?Uq^FMET-rke`p(QQ7 zo?q2d)kqaY#Aq4mSfNN~7l&7&m%x5iv2cGd6+Z7OK)0SY@dgl9rk$vy4<^P0dU5kZzs5wFE(c6XV_bz&Tqa07FY`Tz7ZGzz)fmSb$q zVLVXwtObL!6eoSbD{TUe-Ee3~;zVl5G=jQYBoY+P!fKLo2gJEFnpOnSe*7DTd?3mj z)+G>acT42p*a#TKHhY6S8c2w66l*9Xbrf$Xs2-(F5ZE**InV}%A3`sNOKa&Do$k(;cGrR-@%;9Lq{_?M;#B8vf+9Fk z@ypwa_vNYhs#~y>9fqq@UcP;GGaru^j`k-$&x6-Ft|C(aY;)|4OD>d8m;6I{=0lGp zw4F(cGbPSUmAFs%3ihGZ=-C!no+PKvCG6abz&A`YFfvR-HcDv8%`P6+p659CRZ}<5 z>1~@2d-dtjU~Jb8EE{oJB;ht_M$=BZrWw%=^7hG>FEcuI96NVj&mCRP|EyQ^qw2BB zF5D_?ZGLwMb^dnO2|zq3lc)h58$EtzpFE>>>!5q28m*qNH@g^$is;mSWR>;%l?V8V z^{sToUd6pabAmJg`Yiwc709?m7Bvm7nihF;@v~ zTn)`*(1aS~!91(vk59So(yoln!(D7BHT-RPil^W(G7PD=#qK_(BUZVjtPA`6cAgg% zYC9qPGIEgRcEIjY`k~5v?X6_Qy(gLK^{j}gwUAPM7I+m`Nv=&Zj{gA0GdYFr6nn7b zzinU1$jpCo28G*d!&>KKZr?X4pMFHosutV!P!$zrB|Y*acuecYd0=+uqw6-?Y1c!m zvID-v2)@^}mtJk?Hd%<<*sJk*!yNI|wa}_Su|UwYM8JazyIfJ3E~hmcYjZYQD&&_? z3%EoQJgKa8d{)kod(6FtS;%31cS*f=)<*b&x_9C|gS#?KxODF}<|(_}L`kxFhL=HweMscY?i8lt^ z+o*%t<5wGET50`!PCjq-St$~aGt6n|KUjr0~@+&dkJzxeR?>A%>+#K8OyDa674-xOkIVEv~Q8rGDx!)8b5zEHbO)3#1v9)u@= zh+B_QUX1~jmc1A#MdN)`!e9UX=~+WdG9IOMOK}8@=eju~!Kcol}2TNcY@t zAV?wMk-n7_%@bS^D3ClvLWXehwqveoZQv~o&bq4Fb#-vXrb*d;8Y_b5Rn z^pk8Ryp<2qMkpXR1rY&5UXg@M)$iBGV67mbLp7He)2G^%9n*idCoyLDn4|{Us2U8) z(~N2M#zyzV2lCj4S4-14zDSF>6GA@fL;uH{bGp_q(47TR9guDol$YmfFavp?Ekek=d&iChm z{OjZBgx}Za^D0RGlq4tUcDdWH*YiPub1xA;j(Yi61lv;8TGf0i(5!Z}nGM^9PbL-k z$knlW>gf9j+Ge_mbLYux1Dq|RZ=_#8_vxc*%7+}B$$@}7G`2dO!~1+_oGhyg;l%A~ z`{}#;A|-03ddJnU@y2DLAlD@U1zEB_G3!>h+1UGXC|!nQK`86tX_72!E#_h4*k{*$ zuIfSVa5$(7Mx0Nl-R^vcg>AvU*NS&0M^-s^ZU3+US{kp zY|IRDhU}FGsmCTCX*ft*jOfRi!{>!ap6t+q<9_WTK23J)!T#{U?AcI=uW4GZ+3o3D z<7Yy(i%!$YNqxUHTc$GH!UweEB-F(7{G}MQg;venb-ZMc^aHdb)AjA$K81}5maIe= z`s4B?rU3GBcA&>1mHuQ*mh6xP=k3|v@^$u}!E#u_+K|f`w$3Idll+7IhodSJD!Vyi zXh=#ocjtsbDSItcMiM`TmfQpg{@!3|5}7^~-u+NO*%-cLun z@3Q*2tN*z2Yz6h6Yl)cZj7gB~LPL4S$NJPgi-a_k7sY?Pc=HQclcnUBL*xoqL%z!a z?T7xj-57+8h^+ltkuckyzf=)C*Fja^+i8Bx%lZbrQBZvPpGwTa!1523n3MItm6(N{ z>7Od`RECxvia0{>&WqY3aTkqG`FUheT$mj}AAz1koIB)kf=WPiK=?rKOgUoB*4=t1 zZ+13oLTl@m@|IH%mrr`V3>${k7@07j-kLi)ETG@wp^FloO0?TEvOzJGLNn;aolDy?U508}Bm#zD0x zjEIM{hmgpKmk^BYiBCL+IjNW%TK#hVesnCNV_LL4ocio3^bnH1clar4H6&djDHyW% zEpmi05NA|ijz7^z_*xJ}+jx3h9J17QP!pSTXkPthX-!RE@ zfawN0&QSvH=zt+mg$Ybl_OXFOVLtkXujq+UfWSrtOa_}|$27F#L$=1Ja?6nvp-}T9 z_6#2F=r}TXAq+S&Bn7+rL_&Wbv=b20P=Lik0x1cxqu?mL+LL5kW+&_!wB}&Io!AL* zCh^!9aVD9RG2l$=!}jz|(?;SF3SE%jK#u_sQk~qOInpA3#jP10>E?k(H`P({Nl3E< zlQi4cAskZ;_9F#D!=;S*4%pWjAHt7|1Nwq8w7T6t>|Hv#I`9=+q`g}>zf2X1 zCwke{d*4dhRX39i|BA?Ct!<_VPTZ$u8GE6oj45{CWHqAv^TJH|T;$%k>Rmuv%d&gE z9s_qTRLi@vZ{haji<@e6XlpogP={|mF+R`f zSn+X{SKY#Lm+bJGbE>f#-K0Dkcc~CUHxx5?`%ApT(xZyjF6l;eXZ(#*W8yL+ZL1{> z{dr%CUK9NjS)M((05(4(5^MbeZey%-2#M_qij*sJ z>##SK)|&buE6NZ0CHPw2`)P;#QRq=(b!5bkpKGVXWmCnIluWH|R^jZ#tf*4^YZBG0 zUwfe$k|py7z{*ugw;S|s#uMoFJUi5G+fKJ^z45!GjpotF?|%CFwQkoX6ttF`CZroL z>$wnK^>cJMhEH!sk6i9N>{EfL7qwvT2XXKs23glF%NoP9_NQXO6dsnepg!Dp!T;o@ zFqwe|B}6=ka~X44hr3EROc-%L45HRfo$iDB`>sa?r;p50jYC1f(%Zmg9@aLebNlNE{sh1`H;~e+rB(&7Hpn5`yoGUVZF1 z^yST3e1U{wVpEwcGU_4)Dm@5}04&BZ0_BfSZ+j3geOl+nAXuqVn%2zKwC|3$8@Ca) zqF1rXqNGP8G__S!#0V8OPK}%gRGSzo%$`&POr?2qL72xfg=?E#w_$-~lOU!r6CtHh z^`yQDjuE(7@*SENN2yF40i7WN5m*t7h4l$57{eU4NgJj+OhUE@{%@Laa!M=G7;sg) zT}Xfn10n=1MnplIBw1j}%pmne43b!XMLDBE3|_E9az?PDD&WO51_GMcDsALA8n7sp zTQ0`<0>`5MG>LW+Nmn=V%iBxM05odEF$>Rn{&8xu|~7!VBNLBW>Y zvaTW$Cc=}+h$dCOeqo4nOk_w+(5nFv1du>j$PQ4eBecrhF=4#QfKXkKt2muVz@bP@ z+juCH0HQH;hz|smfn!Kuk>etAW9()^dX%V=bYdkza7UsX>vNJ}1`>NjMBoIRe&P&7 z15OkWNtzc}_8bHh5~D-3XJ!d{K|v7EUvIl{z5(v9gB1k2JQ55MASjSz5sN%-Lx5mV zMDn&m3J6LBU_vC+GWq(JM1zqiL{vl4{Va?Ow@AsqA`;9X5<%$wwG0D~6c`L5Aq555 z#u)$p0Z!x-a7T|R#APe^Gi-tc1>o50F-t-oc7(y!hZ26x8$u=n4qr8T=Blr9MPP1 z062LY#Fb5#A&&=oykXb>v~SJyquR?oJ}~IuDWwg$PUNHG-_c9iz&+&UKfxBCIGJ&( zSVz7p7}`2~>OybD4e8_<+A(gT4O(-|%f0rLL}%F6Pg=>dDE(tt*XR{F)BX2(p>O$xJ?ylX1sdtT7P|3;t%bhO+1Rwrpx`lEnv zRqHgQC%C49xueMZap`8$rw|%X>j9@N&zdFylS>u|zX_>yS z7cKfA70cQrD!ou9rR4HvDkmuGZ6v<0=WuTaH8vn?Td~S*ky~i``r4|q%K1zwVy)q9 zPe5smNxx~pj{QFeP+P(lCRfY z07kdM9C2aB`8YMv+!PH*-@7@Un)y@s)Bxh)Ub$jk`64MvuWrO7hxcjNg z=6|X`2LszbRDVvE|5krij(=P(Y-wuQA^*Sa195kUW8ZiLBw6!_bp@0G;mR(K{-83_ zaKlix&v#$u=$Y$PtD8wMWpv1q1LoF;>>F)U_UBE8X&!hP>0?l{1TAkWvgXlJQ!HU! zj*^8ov*~?hD4KpIN)3j)P6NW*_|z0gL>Lf%$nv_teHrtZGpYQ-y3~1@RT76&^XM3} z0b%%BP_8@eEK(01b!_J*91ojx6hbMWL?r2M|C&F-h6N2wQY?w8g185>4y&{7WZf#0 zTK&dhV|m?3zYnSfN7Le4Qz(;30CAyz#W0(|usB0y1HfjR{_(Ir#ZlH35MugUvtI}YHz3ZM<( zy9%fT0H`{}8>KIAm`MVt5ltJErY=6|w~=)aHbFBW1dzGCwkYJM5P%#&pq$|c09dvZ z(jd+xBb5GZIzXtu<1|$tVBj>c6hPqgAbUXy-71B{T)%xsxUM+?V4!ZFCgFRo6w<0< zFhc}%7oYiJ!79i(<@wrbmgCgH ziLAA0eL6|Kf<@@Vs`h+PY<>F3aSN}N*uIBW*0Rs{3(6oq-|zwvOAT7|ho$+o`GD8D zft<2e9s)!^J0U{-o=vje?A(KPD|LbnQV41Gb}PFjS~hZ%SHPmRv+M&J^-n>)Sn%*_ z5Di!1a5N|TS)=igq?fh9B*-`E6CB%z)WnF9qUq7`#r|pFrWtwA(Tpv|)Tf5+#zb?= z)rzjFIsL{uPW*H<(aP4jFF|#Uqwk7)zu>f;)O;#=4uydss@N% zDLHRccHCibI3Mj&o>W_GX4RXZ~EpeAGoj3I79S#nu@-l*=< z`sTNa8gCLBM+CGt2^!G$);8bAMncu|(I~jjBOTXu7D9hUZw#Geu&e3bd81JWk^=Sr z0Huv??Gw*Gus+2=tSEY&XLkL@J*0-em}||igxclSX%tbMLW(WdaDjBOLX|~PVYy3- zV1qb2xX?jYVudJQr<%tMr`Pn=g_VU5C~1Yda{9*bmUKDmIq#Xj$xWxnJN{;#s>Pi8 zA|5yO(Wox69MA5yNR2`=p5lw+21i&?GXK3&v8lP|L86frN4h0y%LpX z{VYPL#0hFX9AJbP=Fa#5j_xMf&J5iTM6K)@tEKpeCQWGn=+;qDCz8G(_wY|YUV0vE zebQAq>UK$uotiO@)IewDbgnnwo{6pLD|UMep)gX0E=emAJeD^yds~f*R0<*k7fjp; zaFu-Aa^CYwdjhv{=SOJ40@1R8ezsYG&iDM~i9n?jZ24_ock-5*C;9F6+vBUbK6f&z zEjP8h^hrFVnEUeN&*a>EIe|r4cDHN_4^@qaz-IGjbwo{A#Z5#T8C?pqBDb*KVLY!+ zXcg0}${er4(-!arz!Ipq%HuP6HH{$dLb+PeDr>qcVMYu(Kl0g};M#adyK}6o)NH>Ky9F|8mPu9L!&^2z$5e2m6s*kARSR9e42T@tNsKyG|87_M1<`Jk z^zF*p-i&?kmdD7PmKH1DfQF^2RQ+V62C^O5l~LI@A2dvEcqXRR>rUY;ASy0urvG{pZ?Xp zW@2Ice~S--|8x5~IIdo9hyf<#g)ey2*}P79o`o2KBOEeZ3Z_qCzDW(YsWc(+bR%)m z4H-Dn=*zLkn{faDq7&wa(=PM!+@B^cAw@!X0hmx~0IP{eBNM~rmMVvDWA=nJ!ebn| zcv!8f1Z`$J+fYC=%HZhK)Zv5C9bGQ+fZ4#|FXR08)lthdc3R z4XgI=?Y}e%9ns7KCf!H~3&dQ6;V{|bsC5yt%yv&SP{biden(1=YnEZVZ+S4Rr$#Tn z(;%-cL4JqHF8gq-b)Nqd>xBG`ls?-mgExPz9Bz7VO;t;a_U)}~;FTfo#MaSCxv_2^ zKT`ruN~}kO*^(k-&zx&~5hcesBlZR#G-m$fF`~ixSMmzxijChw~3_7&~ay+LC9cq~LL)Fu3h%g}sRrEtQnBSJMbCZg{ZGR(`fr zfJ2!)kKO4HDYF1o0KVGr#Y+gAuKHNEQwx+K=d{;r_>zvDH%?=%V z^%7xwub(#;V-G0g=r>K*r8kGz*Yl6@2fbnwHkF*YVRV``eY40Elb(fIx7d6O;~$gu zE(&**fqT${_f*JlH%Y>{EGA&r)#?e+3JyDiCSclpS7qNVYH`VLNLu%Rgpn-j7&yrmc-2HbXm1eFwbmJajlkFY3$}kPl#Kcu} z@IrKY_RBW>y8q;YS-N1joQ5h|I~hMs4dND%M|gkypz>RM0<&Ec)%~XsVP*WEddA85 zuXOsKgh+-?Vul1t$juk3PdNJXGx?T}Bmg8PC^|#=B8g}_Tza#mn3;HK!`sUSg>6!- zqXbi@uZ#v7(0b0xS*lY9HbNUHgnKr-Jn> zRnNr~F^YW=Vn2L#o?V74vV!7|+AsQAe;{hSHjBV6pE=msvA-|7m-#u`N{1PN3yFr9 zV7jjmp^j=yzm9SY&E+4wtaiD}Q9TawmvxpS=is6Fgx=aDzsDSL_-`w^WpxSOQ-%CD z@(5%p40oWbjB!+|YB~5!-h|3|0h(Y4AQGJq#f14KwM%Jo#`N%?9WVoy?!rb36)~1> z89=$!5V~N9ny&7~+@6XVAv)h>NF|j9;&^Dsk7y_-3P$@?5PTunyq1vq&}Uh5(!THK(-rCu ztx{j(w0a&x#0V+H;mMW6M$#V3Lm*~rD1VWU@9Z2M3Qwj^?OhUH3Tu}2}XtZ?v94rmDXGhsXiRJfxW9}_^H&st_co6YKApY z`F6HCIfbpW*;Q5|oTKVx1H0LQq2F58a(V-9nq%7*g=krV;#0E&r*X+kVF$a&H`)V| zT0GE9JkMbvBN;S&hNF&P9%h}C&l3S_lDm8hAR8NCMW)pVrbcAGN6p^yrK98g}V0`@hk0XXI#{+lvhwS zRcokNTs2wFx7hJ##FgtWOnF&I4@5#DTx8*o^8FY^^|1=*<7BU%PK8MkxsKDoKb!TQ~hEBw{%(X(OsUi0Hy~iO*4fK_6 zobDs}SDtTE3dB)C`da69fkr8hVOCG~0w8xsE7+{mLJYREnn6R*BwhdFxI;Ia-q+5lK@-Jg~{geM|?jr^}cQDq;uhpJFKJx)*@f5=SV} z!Gq_yW9e7?0ybC|;b1i>X*9?rh(8Rg!StF3HJe6G zio74U(5|M3$JAt6r-;wQzFAfvZp_MbOz@z>n1nX~phCFY25g&vIdhA08dfDnrfr<_ z9wOlx)l9~rmh85~7Ey<%T*yHa+)?0NGBaVVZQeaAeSs44(NF?UlYv;&MH14HmSfV> zQIvpsiCRwpNJDYoz~EWqgb(Hac7aVHD4-p^tunF)oR&ceYj9HG%#6#;IP^lb3tvc;#--(qvhb5HpvM!Z+EGx0*6I`}*-nQOPhzp2mZ6A0#hzI_jzx+Ecjw(2&tNV*z3 zpI;x?pI4c^kc1V`wP6@Jrd^}y&=>`A6j=y4*Pw>O8z7g;RUt&^v;qY#Et`&uYDzl5 z0o_m_V=>Mt)1|~z%9pVZ*c`kvwI?-YgcJ?Ev~ZjM2tp{e@CD;KFwhpniOhu>iz{7e zK*bTnQauA<@S4BU|$|*||qKYF{WxeVe zWn?p`{nmOJnR>fJ1XV`naYnYPrA_1nn>kE^4jGhJ91zJMxW8h1pHrPfCHHk`Vys_Q6}i%mge0^gqvy?zHZl-;}^F}nPIKMA6d-R~}i31PbY>wcnH|A+Ba89A%JI+CIN~YkGIQ2KTId{j{Qd_?- z+jf1*d&E?ZX1(3;)H4RNd0RWTgxhp)Cv#V)%`h{yE=&j9w3?6Mu-)K6DY~6k_41c6 zwXa>pXmn;tOlFVM=G9&8&x^yuqQk?g1AoK*_uDA=;K7%{@$4Iv*|~4~;`R6&d2DC| zdQOvXZtU#q=_JsBc|tkMxO&Dj_#i)CMCV{xF05Gh7rZu$1r@c0qUtxHv{Y$BL1cp? zTi6FMzaKcP2Nmp_UFqKO>}hNM(H5fak!Mg+c~BB!5Kr6KpTObSmGaXIh{s--sNS}w zxLo+F9GDSKb!&GyS}%JVcrLBaK~YQqMHvCxl74nTuVXtTRujj2y ztxWmrVihS?k3SHpr0+_4H-amSNojDlPj0w60=J*TH(|#{mKF}C_P*a2yFpI5UpCM6zs?q6uX@<9x_L5ac9=6}^u2)rfF7g) zXgnNn0V*@a#jz=T+NbU@=xN6rk#Qp^?XFWUm2b@F>!;7EANW5UHZQT;xL;;=E>=#Tu0ER(P_=6Cs_<&9dLynz zS$G3*n%zf*QM~BE-Nh^{bt@ueP76Lg1#mxK$Af3@?&wR?K>1$@Bpl#U;0yx&|N~8g(UuCS^fZ z_Bl1kbbQbpks|25Sy7qDQEwCYjP&+s_)0DHaQncn`=#R5<{p`m?v7VM5JY~q=un!s0}>CKjez-nS_jHX&9`+>Td?rf7uYC zPU2nm5*3=lPRS^Qq8QW+*Z?`nF<`qI&CSK3=~JS;b{p#5tS0&hmY<9MF_-89AQ1>( z#pCEZ3-ci$)tfgLX#gPV+`nAIf%kS!I;Wg7m#_eoK+G(8v&gat@WBrhm*T;SpN=gv zWJ;r#sZ*`H2|N_WvTNbtC!*c%5n-+hKD%P-QvOp2nEddYMz;xm9r-}iR?ox){dB!m za@EF-U7Q9}xeMoyad4MaSTfTF?RZO?srHf%LvKQ`o zxAIN4=gp#5={EP%cDYqaO?rpvc}Ba{aZP%s>2-$2F%0BK(c~(LRekb=di$`+q*C^- z^!eun$w3l2ERySFz%DPe949itm1Dw#VFaQUDFdOHK-Mmk9ESl^Nm~$qKWEb&h%Xe; zdj`1;u!H}XR=tMl2P1qIHusdi)c_j;`f3lV+D1BrR{hs6sBO1D(> zN>gaKLX(%z-GR^}rbt0;`(jE&J>>1T5S>yPooe)TXCKy7z?9_|?0i);=`JO;~YkyP|yH)G8A=M@O3LbQfCrs?8QUhZ?nWc&U2}tY@ z@gEPMHgrz;-ONhYv~R+M34@lB^G-R;OyilD-9C0ZgEaM+wAc zka$+?6UBKj0m|!=k*dmAqY-Mf6Hh0Xy#|F7dOo6Xjk$bT=3q~WKSR|ei;2D!(jNXs z8>sx^$VEx?;wd8CS9i}}Bc#Va$ONLKOF?4}O-C4(lZd=4CV1Aau=+k!jh`5= z7TU?&Z0IFiC3W{K2=n^aCE;1{Zx@tQhv`{Hu~kY9=hJaHyL`9D`INF<{D7mnq;i8+mx5G*S?eN>Tzb;hJ~UoLhxJGG2mABwSn0!WRFgl#C)*TZ|Z zUa;(15*#VAz(*>l^pchP{hn(y0kH`H0yZ8mt(&C)in1uAu*(M!o`(b^A)D9NrxQ5w zc+k3?%nb^|C=piU_wve;E0>kd(dnLwk?JjJ{{;p3X$4iBM+DQ=D@#|4&{ngP4FpoI zy8CgE+WOl8inH+Pi(Ef36;d;}IqT%xl+~ae3gseNfKfP(8nmbnp<37^P6!C|>WNkO zY|>PP4eOU{+FS&}GsgKlf1gP%amIjdu2X&2ExFjt>!F*tpWk@~taQ2d(M4lbt&dRt zy3mN>SQ`g{mDmXJSQ%H@C8RM?K$MZAKufrcWjClS*sP&x2;vHOc6D4iM8oVP+!$Nj z8G^>pWJiolv%rXA7>%JRxH0yaJ&HybC$ZP?xRZ|@mc+0pQ^RP)z1No^Lpj)p%HSlN zkCI4yx8VWnldZ88=+qzN+{n1L#O0!mzI{dY=PJhqOKTtFh(9q8x1KI)Ir8_D=?9is zPZUxQeIYDcD)|hHU{Ncvy{`EjEFU}fpC=Fwo%bzs`S{T#ZyL$yjro*nz*=35e7~k1 z>3~<4XT@55OzEiH7@1W}tyj5;T4F8N0!S5LRMWv}iHj=|>m;z%Ie@5VMod|#8u}W# zlOgbROPGM_nTC#wyDM9yi#nQAD0&x!T@J+i=_mzIqm9pQaP za~Ut;Hjf_vD4WAhZJ@L4CIs083$^xpACj~xRY^xePjp_-TKw?DMBRh|$^AvU0X0^= zklR{a&~l(dMc%y9lgP-&)}V4yH)?bwSrqSjBd!KgY@Z{jBQ2=YqfN`vz=k89qjcSp zm@be@%sgG|auG6BA)d`lZdqI(ghZ)scpT}!yo{xlj=D(F$No=S-=F7;&yE#xrQ#b; zkYf0WkAoR#=8rpjW$^I%w`}}he=c)3<1Mw z7Zg|TQ#l9{6(I#gjel?+3Xpn)fWIIEsG8W#0JJteMtW`l`)@`_&eZqw$42_`@fd99 z?{j@0IKa=6;EE^{)jbSow%mB zoSGdBQL)SYF9%dwKg^Z*zhZ~h(iK&B#NIg6Zfk;}4X0yojl$WhyNI`G=F@qxGZ$D* zM~W6WLudN!nc!Pb+IwbtJ_RlnGs@(EZhvl+E??nVQU3`g0C7qE{NcCK91+?l1GIEGFP17Rte-JDBSN^JIR}5{qVMvUrJRu+%IkqH z!?R8)gpB$n1d!U2f3F+w$pAcVtKYFoP>g7#QA!!nu?*W_ToWzfegr}{^bD<7 zQ5si`3O&|YAqi^MclHknw&nSmye#M(32FsRft?=&E;j?CpjbIl8JbqGm~n-5VXw_E zSxzx+TxuxY!2RE7RQJ-McC3)Se^^XO>-=mpQ7{7&@>R=3$7jRDrdfI#z4BcJbZ6kS z$$8wm1#deHiHkL-@}%qGGE$&}QsiVP*;<6&>S9Xon%78ESh7@{d&5#Q$4z@QQ(RG^ z@T3)OHlNrPP9#noV}!D_%Y*8BGJ_H`*UnX2+ZlI0>mk@lj|i)t(sJy+&QY_BFvS%y zwyZKV2YS+iupQFLlh1=s3eoIK+yaerE7+hgpl!QYn`uT&3qZ9n)n!r=HL@TC5i3Z~ z;;S#s&|x*$$^Y7+zYL_5#wCW~TScjwTxclkW1xvF0OC&wrqN+n+6l-Tr#Wqmy*#q7bZQ@=a!1`v7AEBKr}W@u(QgmUzz7w>SDFlT$J~))<5qdi zLUttIGWYgLJ7csA*FzJ3g*Q+9J@}tAg5%$(QvU^4PNx4GxK22(GoXaL@C2ur`d4%w znqa{Y%KkQFx5+T(LBTnvY&9&k+3sOVgLxGqkX=V=1OR3e^8R+2_M3+A2NcND^}I;h zUMvHG%J|FHO`!k9)*vJyu8)pw@w zCxUV@iew0H(r$V_cGfjCa9l=j1eX7k>(Ahy<|mKhvE?9fd~jEEXK>w~PZ_5jQZl#Q zVYY|+QQx%C2qe|tLk-X}J(#AqX|EK7phaY=WuTo$P*Jy5%Q=5oS+fMo$G9fKh|xCP z)l8**q1Bil?F#>_K!3%jikMSrgJ3`G!;MdNsssrjr;l&a9m7#F<*CqLz6;mlV=K^~ z4v%|h90@ja8-nj*`;!wzrFoTwJ$kgVXVNh05sNt6ZcM*P2SbH3O>9}^z+d~WVR2e5 z(v&*bw%b%1v0s)YW^MR<_7Y#iRYB-$o8Xk=Zh^DW`L;dL0zRIjPDVRsr; zR!miTrRfL%qLwNo!HyWUQE&{1Xumx{CD8?^I)J+0gf3tkHe7o7@<$I6>_FPPS75UJ z5RU8=WJ3$5a$trd-Nzp>X>h63!HXCoADonOWKtx_!C51(*?P6+-6=`pg&8p>M<;_9 z9a3(VT8T5ZF*`t_YM3x>IojsZIhN`#ptX`QQUB+$E@hBVlk*p z9E<$yz(19=lxLEYyJI&X0qy$_!Or;q3HJYACzk2I4=phjN$v@<9Stx=zfX|EzK z(xnBi=9Ubpie|-%YOO%zDbwf_EItw8geU`8+3Y1O-st-2{$A(}NuZDQ(q;}7vTni3 zba`%h5|v^Xyvxp-2m5A?s{|$_R8*@ekzadxmXbr3Xs@D5lR}j785$~KIHLBjHgVJw zLP#qOG%SqGCUeLSEaQPlky|8t3HH{GE+jcl+3d>PTfX$={rSyQ*S(B2bCiF(`t44Z z+12#+S~gKGcpas;9X_&-=YiXa4At`D3CkDdP9l{)Tv7=&uFZToiBk1BS)}DP(;)=7!y~pz^X-fBa@{mf7z1)spL=x=Rc&Bg1rtjAUgum@ zddCtzxA#2Cxr3e%a^gpZ)fr%Wrn6QVV#Ke5>UpfyDi8(?%N|*#`3`}q(hFQbw35h! z`n0l6Pk_leCCdiY@usbe^ix$5N6M5>nRAla3nt7Cu2g($y)Rla>7W1Rw$|oMDf$>dF7)3MwT$}>uazZMx({G zOgY5bmR)3d)c+nyxt&e9a}4~=YWBRzcINuF5NLzjIFJvkL*6GKb;e$+yM?p;b&)&j z{QCU-e0_I(`#d2Zd+}PEYxm>e^m={$eRA;i5kR8Ihx6_IIu~VW}JHKbc^?7!^rNi|Z_kDYNME>FbcG9`A$z&FAhQGkR zv$=cXnP99W2Cf)N5|o4X$3z$@89@n=28#f)qoQ7h=SbB`TtN#_7q|qKiztV3FdEKE1VritYxIScAqlaT zjD0qy6))atHLfHeCXN*wNSow99HC@Ao5<@?1_wbfa{{6%nuzjLl>NRc!X9=8kRt~% z=2LMvtztnhia~QeB|-QCK~P(?&P>Za;p7OFXM4$S61g$47O4^qr}}lkg}c=`l(?b# zZQ&?pC4W<`5oP3|*N~FmG%=tY-vzl`WN0)a^&w(WcIHrH`(;rG2g~xz@>&f>Lblu) zK=T|_ibEVMj7O%!)+gN<@Dd0A4`uHdC42L13Ab(Ar)}G|ZQI?aZQHhO+qUh~wsE@q z?W=X~yz{J?|J1KO#LD_mwX!lYBX;cAiTYMn;}gJ2g~~t-f0k+mHFii|yNB)$si|2% zAcA<9YGn!Nj&mknQtTK0l(ih!La-5s5;qbb-64Sm3>v9&3~>u9(kpRLdt-~Ax_+T@ zUnog?CWcdug;|`ByT3G;`Ozt77mE-NXXoRV4R;gM%UuHB+g;0s|LxPo;RPQ%x;Y9? z)fBp(`8Twa?j<({o=mvz>!tN@HkZ%m_luO~Z)&AFKSmGvhqSg-HvF6YA?Dk&zsnZz zZC^x;q*j3GN`>fl%64&VYuMA+2e40~FCm`S*Y0g6`#GUnu&r3OEL)Zx%g&W&9wis) zHD(<-XE~*wIoIwvJlHNAY_d6g+H6f7QQV=ZgD%0IVpZjHfBI4Bv42l_J++f67Z`~t z^;vIKR-fls3{0uHGD`?+o@(S+C{B4b6;kN4s!n-DVyXY(NHjdK!X_vLl^%)ceMl#n zV(B2J(5K}Uswb1kl&=C6WJqm-940}CfNkdMl$HicU(=W;MM~r+83}Im#%+ikB0&m& zig}vg{r9mS42;7mHC%!K`OwhM#FmL6+}N;;)$@-HIcdCnlvd8BxHM2a##2giOMDs# z5d#((OmpNAGeS56Slt{i(xNyCtCXni#xFxG@u5rTa!vQlFbe|2!-#kO4_3rQaUxTW z@)aAR5`W=Kn9<+_dbJri=+sP;smDji>~z6 zK=pVKLtv_hEx+}V!=A(mSR1bpHb4wNzrlx!zVO1D+d+rq=Y3&^tRtr}q3YQ(*oLsr zqpzd)VMC>s_Z6#m>}QvG)Lyi=om`w8|L0?HG%yw%?`irnb)CM=)M;iL&p$QyIh1|< z?_UU$*m%#1aN*A%1)U=>v_bpt=6FPk4c-c{`x=M)^?e=Q=-^sFS@X}xp&JIYsUi1n zCwJB89sP*kI&X xIW18ftSB?2sr9!h`P5tPm%KX(ZRl4T%yUK3H0&hDD1Lxz?1p zhOdQ@7!J8#RqT)$632zD^G5lLoX{d-uS)NO7ULRjgsJ0J5~wQE(-GF2d9VY87-S6V zD+paJoEI3RDbrpOz&L}z99q}Hi;uUQVOo)L3#L+a7^-5W8DCJI&_5MkX1B9w5>)*q z6OdEfcmf_xIKU~5=2|RalkR%d^Eg(cQNt~1#1fpSZ~YafFne~Od&S6rhyn-g>j~;7 z+;C|FXw{;?6Y!fwxSpb7Y_4OtQ(94&Y&ifl&$~I$Pn6*1mNsz+u?^b2J@+-Jo1!W3 z=kv&XooCB<*sKjLI_#!NlJVw;SV$w!a52t^=6d@Z3sOM^Bdd`06+riaG2X&m7iYK42PG_93{?wS5FG z9K%qd>3w-8_9YxRmLIcT$!T_)hwWu+tFbNlzaDOlc03oJbC0E`GEdc)s%wqy#*UK* z*48pyT_dd(o^OPZJBDu~^>&Ec>LfDL7tJ%Um zAsX_Ew|Uon)JjFGv-=|r*2tx5f^_{=|Ms64_1o|*12#>7$ziI7>9U;S3}&) z(`FoLg7gWRtjW>&yLbwC1nQ3`OU04-1tS&ZKJPhi6RY2MA-u6g|C*)zhscYGf#ZM2 zFxgrEGp_nq$R!&xP8s|d;I~}4hOzegoi}u=taME27MwO+zc54hMAO5~K^NbzItf^z z3gQ?-{X(M-p)cN@)=%EB5io#3YO-sAPbN`S{*8JG8fZp;=}L+tw=m4~7n;AeNa#z(|hKd}V}P^P*i z^ZkQDZ!2cBZcev1^LCbJsC(gnc4*kAH!NMhlR;q$;aKd4f>AK7jhPfDc=?uQu|Jcj z&kmU|ZqLdF4NuG_UZ}w>{Xk*21HJX3O^)utdt&H42)|`@oA9#3^*Of^)*gVC+iDHv z6_MYdS0YEQZ09$HCr;s7o8pk>@6H=P(VZ4NSsuQ)RYzS${{5(49m-pv6{w|?-M?tP z{|3{327EB~wa-{9`u@O}4TGXWBe8xDNQfjhUL>n%v4St*s;+3+Z6h(65-ySYz$soX z?n~ev`D=V4YVwU-Tqc`XH0+6Az6s&Tq+c!8epS^T--*pbcR6RXO03hErfjylfT*)- z0xtygcW)*M+0SBV4V@(&HKw+T>P%^ryZ-koL-U%=8m5Tq={tsI4xC<{7T& z3ucJeV#;CTR5tx(N|o}iZqCvQc+IS)2KLxc%89qqQO>)O4q{2k0tx1r*kh^@h15@H zXugiw8~u`krpaC*iKT*y#cZ79JKPwBDzWa~AsSUeI);>nrFmpc#cc_pg#mdS25vV+ zXrd3$Ha5R=BEOyL5~V~mXM=c-!nYx6%JM{{h5D7_!cNlhjUi?4m~#B#=!u1sI1kH% zYMi=d_ESY^9Xp!nM9a|@^A*a1b0=Y*w}q{d?N<8CqNT6DgOc|n*ypy~G|Xb8RNBm& z`ip}yn5AW*#!Zr@2Ve2wXvS5NuG9<)8-?VQ*k&F&P=&$AYeShE)*+$_l=;e{$Dc6o^U%sGH>f*}j$|`;#9;8WZ^00P~IXkk0SY$HY870Y%`0@pdgA^lG@XZKk1VaR< zbGuyhywCueGr^huceWcZdU=reAvkc*YTviMePpX()(Fz~+JFaw2! zBcShYdGog6eC(|C&OASH_rA!%N9gbe?#d0MjU&t#xZgY@&y^VNa>1shFmx|&ml#E82+dK}}Tv5uTME)JLlkmu`4bGfql!ObF8)TkZ*7)*LFuL1WCg)u7D@t?-$pYcmE9t&Qhf?^G+1CG70o31~5m&F;v+Zg?CI;H^_ON z?$EXoB!CgRsE>s|M825HX;aU^BP3eETrU|hq>)hNM_u`T0VYv2xI;v0 zatcDWl`55a<%L)3DG+;K@9Wo*g^6%_VU1XG-MC=sIe>nz`rvJxQ-@MXv!Ci4(}y~FF>inQ%7!dg_4x-ESvV?7FGB^oL9mvQ1o^H5BU%id4ZT14 zu%qy<4h{PFnNFrpwVKXAO^+8^k7GyDTVwe_w3zgOhAPB5SwXX!GWM2*f?g{$wqk$K z(JRxqCC=b5t)&6U%F<`x< zRzOBqvy5GtnZ1mO{Xc#z%nY%COhvz0oH;6R zrL`s8sxOld6K4Aj4;u!%+Km2@FMEjr;QNKHh2F-M=feRuf{BVgck~Tb6rQwwYBdVD z`tWE{2|=KS#$4bdiITsn?3rT`UR9CP#%!NjOe;?Qav2OCoybsxj$)=bxy2nm0#11t z1cm1{<(P2~r8t-`Hqpt*x}c>`!>%nje-#+QBtXrfJ!PQ?bmiI%28ktv1g3#U5CfE& zK~m8|Un7AnP0g16AhJ0-+nO&%5k|^KXK{o?#CDWO^~~Csj|k91Rp|`ZaW*YA`{DHQ>P;}^0ahY^hmkE9ljrzN0fZTDn}l_UGJ zAg05s-og+i6&I3rPT7HBXO3AW{_>)-W#P4PJ)yV5h4H&4xka_N7IaL1XMJ^MhwGvl^sw6=_=XfW3IEe} z#`X`?R`&mwLXgI|;vqdk_X(AA6Fk}m4ZaY49O33r2^6VNxio^bB>{bSx&PaHd@6_; zp?(SxH9A)cPWkS|>Um0VA11$kX#=JzYs*g!$m6HyJqHL~fC9vx2M82wAM#YA*_G;1 z%RnDLco)D3i0A=m;vI}l!fF_v%9nDDnaHnHNF4H)L7uO|87`r{;d>7tNI6;m?&CCc zAA4|?!ovp+Nb(J8Qf6{A6XzuOWeuaUzLA_QMJsL;LxbhXyqh)GQ1Z%($@jY;{2@7> zHk^_cSt5YwuOmg-JpG`DueWiwmU^|cb%P+meiC~KCWwb}LRnJutqv@)b7}aeG1e5} zdevT=0P1XQ+vFCC2HS%wx#$rEQxknnoT=&ypDY&VCyV{wYBiCg0yTeA>2+BEO&CqG>7PW?Yu z5MmFOAta?8<#aL8X-ox$>>l(r9&quek&65bNwhjk^b#sl+y*qlEmB9NsHakQys2b3 z`vR#5d-7m9>FxqY?uMJxgnt%6ycILXKnWt;4T&|Hrx<-bQS~;ahNfz#GPpWbj{#@q zMxAewiQ{=GGo?RolcjS;*+gINuBfGUiKfY=l4?f+eOvOiViT>#G3a&0a%0@IB~Oo} zPG^rYxs_SACH~e}N4ytKLeBFc5)BGS-VZJ(eo!tiz9(`h(V;?Qr$}YzRaE%6NZGtK zUmK7qUwzg!;#cH-4eC`Dbv09K;jJhla-@r0x9-q6YLZ3}&ZF_8d;m^9XiXMbtpZQiG!} z{nn%!RJ?bA6xN+czy5Tq-1k|PBX+$&qd$hTyeSoR5eXNMR>!n`+ghXO{B zOp*#TAZcWWaI>^uNc-l187+jhzZ`4aLTHm&GH$DTS=8crT8ge3>kQSXxe4Dei z8<$n|xL**YJG~Tk153@w5<1LR2k)E9APdE4Lirq-p!Z{g+GawTPt$6uJ911itA8!b zEoF7?D=uE48fNl19}YQ6;7rDdqySKkDog4BQLM@8xH}~)?~L`y@F0s^sjH+1flH!~ zd1aL@s$;+t;#XsK9t3Gdfz~?YSHZCqLXOnsj5T--t1ZM-mAvD)EOcB0Q^Ie-mV*{v zrtUF;sI6wt8FACR;_QhQDXVYdew4;?+M{Q<77B=_Vd8`deCb2r4DybGGqRxRNoM%Q z%7|w`rE$|#2lE&xt9*{rQyXyNk=~>GtvYxoHRGCH(e$ zyE?cFm+PxEO7}aI?naNN#E$Z%%Ai}>v43Y^$1vQiIbg8P3=J^_>v6 zN8H!r=M3B*lQ1b0`{5aE#49YoCm z9|Bpz4S-}eRHjY+e8lOKIOa=^{i5g7x=XTQlVm zLJei-3nWKJI;`1y2E(jeFzT}dK@;TL%=82r`(X!$$-D5g9BSfg(AYO){oVj(;Xcy_ zRbMYby8De&njV<&U;pk;A7b2cD_Wu;xUHnV(x4F_?Z3k6z|-yUcDv7A4 z*53GfNbi1miPGtQJ$zl?a**uwx_hCE2*ln2{@osowbR?~6&tO%WN~Vtz^7G^ zPMGlqsTiD$Re-4jXc5@RT(|{JGKE3ACCYthB97g_JUGiq@Dv}j24Qm%$GVoFB4XgH z%??WwPb8xiTGT2l1OTNXcG;8=_=jOBM&_>|-hyrKAJqEkze!o!@aX2yg=0^xinRLMhHf@z#c zEbB}6O5>Sz2c?^_M{8fwD4-i)#w@!d(xHU0rODgMSrH5dRCr}&KcR|nCtVB5QHnw0 zKxIrKNrVVC_OjRGXNLe`B^!LwE8Y>}ulFk5(p=dG6>AGBf##=98=C3-LY-_h>>_?ncy$8`Icmg*--|be*9;j_}X`b`H(PwuN@&Vw9vFC%7uzuR>Lf-9At~&H4~5U#&?9+Z-bxc zO%F+J!I#bfRSik@D0(VnCS*EfRx~qO0%-Z)-zpi=6z#I(E|N7$jMMwfp^G@OPVE0~ zxW9skB4fztbN_lsno?qv8~iNw01ea1sGw3wtV?&9?9 zZj{t@y(z-(UIOe4PR-kb?XCe&vV6vadnzq_jp^Kc_bD?%qwQizO2PsJ*S zxKY0d5k=3|M>G@_gJ4W_m*>#%i$Ig5SIMNqa4K!HaB~WE7+|W4y<+FAC-Y>$y({G8F{k1 zt=0DaZj_C&*g(p{O&uY+5XknMqL&KS3d?9;W$Db9`F+7{%~A8#Pf-Ccnp#$Ew4pB& z#b`7qPgWCG?=`%VVl(Ip50-kU4UiE|}=`d)xJdiUeMPwUSBec=~ zSa2?X^sH@}!oJ3^v^>4au+5!>C@9`_t*_q8PR0*%w?RAHfcs)Wg_Lo8qAohwZ#0=A z#+r@&_U5HO1g9z382It*wjB@~&!T%Pu!f-9WU_-iK{*ie!m0~d4x8o|owdTS{RKuv z6gq+}F;>ci-bVGW}$p|E+}gpPZu~fc#(PCH^ZK2}~USKx|@V`F|ibrO7yL&?AK0{Ds23 z3Pi28_HJWaAZ5NfN^q3&xLpHcKCJDR)%x=OMWVmJnB4{=QF<4gY|@1EG1b`_koSwo zoRyF(lA=+_$~1BE?dX6L4T8j!0-RZoK%njj#{uzB*q)hg&imFUxw%_26tS4m@Al&F zBAri*Ecq}){1PW2`2mVke8*F(%$+)A>)#SuWe9}7><7oMgxio5vVdv7ZQ;g|&$56+ z=z#>oc1xUMx+^2C#N&r3PU`irnWnm~H%(zI4U8iij@A-4CHX!k-aM@t{0txBYfeM z7RMi)1cF`L(Xlpex1I(9LOu6c;pp^P!eSYlkgYGO?h6l{kOa~vTc~2<(z0dBnK|-W zR{4-GDT|`InZ&tjsbzPh1$$RHZ!~W4DA^5R#I$@NxqeJ$N<5G%n#K#Cf5U92vYNhi z%7xgitYg;%4qzPQ%qyM+x3G>ZzHZdZm@Iv=S+hO;N5(+OG@}n<{|zA|xq>dULb3bi z$?GEL!nJsX^u8V=aRXB!+`z@cGICCUbmHZ_Vg{D?!EzC==wbWuN>^QH_2~WfiRj|9 z`oo`|u{*-Fde!~_n zs0W!Hb{se8lmTq_orZcTvtSo}^gR?)N$4w-eS)!LXrB_>un$A1ax9uXOvXyDcNe~S zYingBzGv&bwEM1THZ?k3eW4lOdGtHu8GeaK>YwN6f2PgVdyYOlS+9Mq}FKu{0JR|FCGS0(BKA!y4M}9i<}Qb^JolB<4b*t zQ~|KYG1>}iR&*@?{03#e3e<%ttm3$Z05r|~3Lz=4c8ivs7?P7MeObJUO}i|3h!bV{ zLExZ#ZHEfy^!r@w6T|1}ISnAc7c%lv&nQ?&O`x%%91rE-aBErrqdtre%|A82dC|nj z)^Q|_&C8R-VF=3&EqbiDHYgOZw{U`XN#?;STtG;8BN0zZWu&ibp7aJg^L;V32Viti zKIyM)L_h{*tQJqKZrBufMCI+&=5MO3l*})Hul|~c$xR~UF|Z44(J_L6g3`#(KwGj8 zmABNCuezpPgDJV&U62i6w(PrC+MHV49P06O9G4+!9&18LOVAcah~l}E1^OO-+Bt76 z#D3B}D579s{B^7|udTSmZE72*`lq%0!!P^a&I3mJf1RhE99wS-#PFj%^dD;(iR`Yr z7$v!y2-^^V*2G^ZSTeZPj-4H?M7HH}H}@~1wZDFaZlj0$3s8Ve6y7~LiC{S554@>4 zMnlbfq4Oiwf3uWVoaQ#=Oe zW<#kW?f0e7%H>YO=AAGY{}M(uzX;q3jAco}WXKFtC{&h?{+mq4I#UwJ6D;Wa!q>m( zClLEtP$li5^hxBhDk-5~GMnjhf6wHxf&6^4{jyRp9vw1($HH8ZR4RZqH3 zI*A`R7&L8tk^97l-VlUK5jeFD6ygYp7)1VOD%bw+-|5GeqyyH+lQI$JcPsPwf)@+ z5fRjY<=MKdIq+?O-dE}BO|I$-5L8UU{ZGq+@gHIw#{cS@{})&V$+0|g!2jkre5{p!#+l)BU7pgO@Zfk{UMrhjP4l2Wms(FTT+>sZNz&=t z)U9TV>bX+Yzt*UE2^Ymwh&kJkz-D^D~-9#r;;rDy3g)eYZo}}tOO%c;S>@92@{}pWh z-?as@m1SZx|E=_)_6nhRw*dz8xZ>JbX|pVqylIPCzbCU5Ah4%A-FuV9@TQm`*}Vto zxzpwTKu>HnFm@O)O@&$xy?x*I+NQn5GlaR%Ap<==ejjZdb*zY#KFmB$qOo$s@!CY; zSs6l)LERqs{ zmQ~sVfRHQ^1Bx^;7{)XbP}*X*gvW>Fsd9!sA{@MI^+z|#HIrDiS0Q#D#`x~(0EYP< zmS&Iy-nF}8c@r~2?*`9Jz)@2iv(uT@BE^gZ3DO0KBMhBzAyN4rr??!3dH`sf8eUb4 z>AYFtiSo#wRkd1ZCZL~Z!t_r}4L2BZ77W}N=q?#E_+0Ftb2W1Hye*?vtjw93OOXli z^8`Q_(#R==(DDc(QbalPc#^SCtF)=GvBiEvW1Lo-4=7s+4gOm9KjItYwB(Z#Ne~kY zZhW(!!Z*n@E`^qM_$;b{*YL;f>^&B`4AY61eq`J`^OrT8_Z?(#OfG0g`r_`&hH@SY zI>A|bD>%$(B!wa)ua~s44@;Ast$rXyfuJRC@ZUL|TdTc_A43^aoeAHw<}d4Ct!t+Y zQ3*|HnttK|8Y+Bch(}LcVzxu@HGLTOCuh;aAGGO>XBZ`&Q6AJjz5*cM^E%NkVOf@>$&m&RrM2vOQ&hR8+CI*srh{y;cz@t~~vWRKS^= zF})qMDc7P1>sz} zcfXUF3IxJ!{2GZEoexJ;?V<%2OuyqmmXUU!jA!qcs`%PS{brNWDL8zCuIr1ts~Qrt z>NRTB)?>}UPNmhhs`Zh41=YS}J$(a(3Uw$!1;xIid+Ej}{Jxb48?3Q8Cv_#~=(=O8 z=_g>lwM){kPO%n>L&j-VFUMJEPkc|Tso{tgbc@X~(vSr1=N<3938WESDvYz3YHk%K zeAL0Ecnf=6E0dj%&d}m?48%mXw?ftpMdkn;8K&6k60Cvdbugk&{}2Y%+5;k)K4rs7 zsb@T+28s4!5tDOwTtPt5lr#An04iV|G0ql}clPm*jB-;l#-oSj=3^X(3I*f!6h;D! z^dU5)9b`k+70Mg15{c#AqF`w_N1zAKabtOz!=%|`TV_3&(4DT@@&_dWuMtmc!>>+q zv28R5WxqvN5#=25y-JoIZ7Vnc*gnp-vr_-t0DUZB07Hg1D@Jc7MBFQY1x`@r^pL%R zb!)7koibehA}4+(I*bnkE5AosKpmQz+HL}<(nWJ#S3A4Seq-kd3r-wb(;l{n^fIG79w$?9l$H2_twalg?f)7U01+Ws1 zOSrE&aPIjv?7?(n!zUZAxvZFN7Z4jfS>TtFV*1NhD2A+<(a3NL~yTgN=k6lQyOmkovw#1ei zyFJpM0D>`90TA+fA$4+f@5RPu`mCWr^g<5&808VnC{ui8;8agcSTx4!p21?)Ud?}* z02t$JEhqR}5gd#Wg1iS+d#%?Ks(n0g%TOFa0nbX7#(7m|O(R`6Dsr_%7}SHyjT|Z= z$`N3hfib~QRdsGye`>*%OD9!Zf99A~)(MwxfiOHE-8%y7Xv&FYKzC;|o%~xHyX;AO z2PT8PLuZe$=cL4?LwF0HZFtx9pJ1MDH7%yNsY z*C!{4$=1l{rSB5qy;WaOOQFilD&@*yj`+u*evDnBl)$-8o)*j`fghqRL$ z92{pM<*L!uE^?~u&Q_;H3oj5%)gajR!V)Z^Vhp7n%Dbo?`&QzQkY*U#q?0Y89WPH` z`t(s$6q7EC>Jt)aQ1$Z%|FRym7j(g*;|;NeXh%ExH&eR?K7o$mhVNF*Ixii&vEcFn zApJv0vFi14H0d(Egd(gE%ko^hu@osM)z)01ZHmQ!H;o7Wf#Tz6!J(c{Ov5>Sa>r`( zh_YtluW{QYF~((>+5c;U@)0nmHE61Bu@$nMh8a$k>QPz%F_B`3DO9u zz?pe54{Igt6vl!s!MB15dljO{w^X8@dUJk3as&cWF)O-1?I=hjS3^bB4Nl5SVU6pEALki^~d8T5?ReII5A{UIwdx}uc zRl=!`j5HWfBc|QSM|s;#NtcQSgNkd#nke2V7(_9HH0O-#@=6qNl2vQ~6Is$yu(Xky zome`w^G(W*?WQaeIN(Y*?20aR7E3T!0JA8ta@BFxUL3-stWoAVw_z(K0Zt}~WA#P) zNIT1%l5=X1pL^3#55lfUL~|!`gzH7d010WQmWn|M8=k0&n7IayN|dC($S{Tcf_?`N zk(@48LZXr_|0Png$70L|=mJX%Nm$JG2`(zZH~mp1A(2JiY+a#M@eC0#XT=}$tI@9d z&7NPuAss>~ZNpQ4V~Lqdq6V~HbWj^3*Fc2`fOJT=BYB+Oe;G_c0a82T7Fxm6ANk9~ z6WU3ufsk!6Wr7vU%`Mtg!0AV^5PyEi;2s9QNtt1GN?tzF-DBp`68FkjFNi&3bOcKg zORGSkFRL&!>MIas(P9R5!W^O{57M}M(=2LmDT7DUEEJ+HUTiFc!IHTfLON*UlpJDO zTtKwjEtPzJJQAHOvej1`#`f-Tef{m(`0n_@k;~_6bhL3-7L704PId5Dhkq^fC9;?1 ztLODi2Zt|<+6VK!+LLVAh%AXux*A+k58m*;n6>b2Zw?e?(i zn%i6B$9^dCU+(Vj1aAhunw-5`l*n3p1<2*fC2#@lgYMW9GhMGNcu|;h)SlrC?~qnR z5qMu`7_W>o1A^St*1D;1Q?n%P?mn70ByZXjhybyj9U~OZ00js)gxFP4iOc=Tk7z-$ z^a6x#Q1E^i8^C=GeZ1@dQ`ya;^L5AG2>7v1aaP{?YS2p&Jh2DRJPp_-0*0*lly)#k zAEkR|@zFY@aJCq~!H9*>5w5YKM=i&{xPMy2oTu&pG;IJfta7@sXr~72)?ho9)MWnWIXN>A`S>8kSZX@ z!-y5KN7;h2h>?#(@reMLV#6aOxS3qhH6yAF4-jz>m;YGGFS;%b;+p+#B`d<+pWL>yL>DxH;{|duUz_3KaSNH8N(MuAQtGJ22-;f8?BeG zYjxe<_#uhIvvcfOHgwguRL?yEJ>1`2XQ7joKn`Bdvj$J~A7_7mv&AGZ01c@9606gJ z*>h?2N3yrTV`z%$@vDdD|MLN0$qC_?EN=ASP(nNZpgxzOGveV&Hbg3qtcdK0+y=P- zVk2lFxTu|ZyurLmHGOk(hYyzBN<>Gc3Xc*T#YhaEw5Gl`VFcoMGVLyF=?p6jGA?H4 zNA8vJ0+`R?Phtm3I>AFn?osP6eqVo%M{owg&$tk|(*S|yHSs~65DP#O9RF7vSb(>P z$kXo@(XUTU*;WH2QdrUf9)SZW&X2raCI^h9LCka$Soj1yf%2TM2ek)q)*@GA0?{we z3u4S37UCXl<-!}STnwO~f7Qzf(dZKAMZ;JY$|)LTXp6O^CO*u=bSIPq4^RS(POjB@ zpe*QRpIy*WCVZcSjouN+cf%@xjadlZux z836*NRupNL*Z2MLYktID(W;6(3FwbSG^Ve}#P&$*Yo-m?C^xb1Bq29{?gZO>DVI^@ zV%0M}+voHASoi!|%U|U2ylmhokm(peQxfxEANo|$HrynYJOy$v9;U+w#Ky**Z(DYB zw4IBK@Pq4hXDx$gXLf`5rKNQOCc26U+Jbbu^m4Zx`q zh0bITz4IUC4{z`#8F=@+p33u$LnUSrCF^(aWtPZ76}Oh9-OWDk`mD&tviebh#RG6L zi8?0SpdejUYX+!>Lw{qwPvfI+J}ll}ApXz;EOXOm)m@+U@00c6A@yImS9m$Rmhnnc z@xR%$@kXi1{UU|}q4MZtHEIHiaN;y=*>*BD@y!2zDnW1W9@PzQmzJPS%qD0q0EZ{Q zNhNV4dzJ^gYSFYT(;E>H62}-$G9y7CK`tAg*d1ypc@)8Y)Ny=!Ie2*7m2cL}vVHS> z&OKQytDGBaaO#Be4yoiiYNP_f_=RlEqHDHPQ)-S>?A6ro|Pcc{>{;^xMs(T#q=RNO?s zyQv}Z*0fIrCwCi{gS&3pWNF?c<|1UxuYcHT6S3VQVzZ4ehNO`=S_mph&os5oXty~2 z{~5&=DJ2>irWP6htC4AHlhJIkQljzS#&OF{_GZs-+mD_0sSYk&i4o>v!jB+|C>BrU zA*`$CU>_P8n$F2s9!KTtj{%oF-J%=C@NUC;T^i&>*MY&Pt#L}G&WYtZB(u6CXNa}F z0!DLn*Da}1>aFV4a@ZFg@MMTx%nAHSy;byRViF=f~B(*Nxr^;kUom6V8 z>Pk*}Y3gz+3!XxgdhuaGZjA_GO*brF*dny94V z6*@;ThU%8B*G8)^lN?TfVUj~o^K~1%hi(?OoNH$E)SJzM_WVUaOGreQLVFbI#f}8J zC;74Qj#nW9p|sTlSeUFsJ|jk875(5S6kJtfjb%!cgzCBdH2|1VR)YpgK+gAn#TC9m zS8`Sc<2YFhYf^>G*fNDyUBaea1S_%^4Fr&dx<)MFtU`0a{k*{j6>)iz8v?Kgj2bz_ zvVmOJgXxO|-VG!s!_GrHk-)Ft`Ee&wG3ETDz}Bwb!B|0?jgEx+cmqv{`8S$<>TI!S zq8%9~QR-NVRp2gSIBOV!x=Qj%oz@9OsZE&hq&AzV!rXx~19Y@FK`xju(2nM8$6}I3 zkkp2tv=>q8G$$=(wjA~h+G{9kT*8AoX$_+FxT$u5)~w1@IW}yk0Ofmob=o(ccWB(+r}e&Q*)43UHc<_uFD7^A?yyFipF<_0M(Xj3x94f2F5QZ zVKYzUS5KshB(J?K%l>+wxupJ;P@q)I5|B2zzMj6$(Ss?ehKH)tp4Fuzx1+7zb719v zp*i7E>DF=FS#tnda*Q>>smNQ|Vk&D^a#Crhfg0Kr^@^^;*4P&FP?h1M<125yxr#Fi zUVk9(H#Ba@^Tx{HS3)(S+jL{qV?kxW`Sw>ujcDy7?=%DTbs}+38g;Xtd9+18o4j(o z7Fj2w(yAm-%ByL_lX#>vq~v$isPAHW{zb>T1IsRT%4FxC0m3$95lBMe@7P+)AS4@50d-TFuTJjIkW57UlE^l9fgO!6!^FbypplhbYuiI zWosoB8r#a59cG}H{St#Cd~J8f0}!08pq0{MjWVfK8D=OMUFDG_B~OD(OUtI6*_s^_ zQU$}PJQv)hBFPOT^TG(BM3F?{LZSjW8X=V-)Pup`ktBqQ-G|0FZPWmVx3{W*c2*r% z&1ZhP9zH%hRW)DgQQE_eETh{@rPS0;NI63))5MCHX5hhw^)?L%HifNWYJ}SJ_DgN% z<#<~S+ttCqI4r37LRf`j%hn9(gK1_gxL9qlJWNb|qN{ZV2Il_6xXQ!6asq^-e1&*j zl955B1Z^$_XMuyi-4lh|;Fb!GstQLfnVK z)6AUL(02qS$0%u^c(2+>(7I4GAG)RR!bM(HAt;MPjwBtpYkoJ4hsD+1D|CpZ`Z%0! zeBd-a9pW^>K0%5|kpW082N9mcgYC3RKY7Poqfq0(f3kogpB2@Nh{1sxPQ=}CjnjJ4 z2I`zKt_i04%M~Nur95MH<268rbCH?^;>%b7OC5x{Ia$ags>mqpVW0a8m!mbz0@pl?>&}UrmES zDiljAr2wlNCy7APV9y?wSj>rTq>KqcyfpK`*XdH_F>QfWLu-qQWRH|bFJ&YB9ec&^ zI15L@eVZ{6BL!y=h2VS&k`O0ADDu(l7Gddao5*MszC@c?SN2da#XwW858)HyAx0Sn zu*;+uXY3A^hJYA(DtC)h4?12D^8iAdV9zOmBpoyal^J~sc$;(2Y*z`+hy`VMJh0y0 zbhK7TUUi~CSS&*7*D zdpmWH1$@mu*KbyskLjG>$KCXl_j?pw0RjUS(7f{F;bGX41%QZ9EC}7iD731=CULHl znalP?#EPx68_5{mU1gYAAuNhrsG;&&_p+9t3|583^-L%i_EM?V{9BnSPE6P;gv_K_ zz6JhQPfPyL6QJ9EF|w=|PaEt=K|FLguQfIh%aEUa6jljO1lJXY!Gx@4qMs%!NQOg^ zP8t9G0BP4>Oa%zWf@3X1EGu+=pFKy_Lr>fUUlh3Dej?;f^c2|2qYn!cKkOwqJq%&a zTi*eF`oyrk_Kd|`xXZ#beTN5!&ks`<@6fbHUK472Uv{+1Kh=6xX!hSGC~iS`74v8@{R`OzIT!@Z6Cob(#&;5OI!_=}2%1DTCqZ5DEF z^pleYT3oD*)E&oU=TU6pYknnxc*8^(ge934boT}UcUuD3>2Lk$#4%v5S(5emkKdH) z6Vl@$J)J+dzCA5>PJ6k#`!=@e;P(?u2eX*X`(_Vk7g~Dq>Ggat>(T1k!SE%#Y9hC} z9Ms~W_~B9!18upM@M1N10&~hD8cY|?*S|ZbhlZ?C?DV^lQL6YDbRY1uJuhY)TJ*dz z@l`eVe*fGS+U|Nn#=JSNt=93HVAf^qDUW#jtM)G~I_$#-v1!IcV}9^Az@U%%#6LhX zEKL8zp<@3T{a4R9jCI>h_S}7ClYkRm{2$~mOJ(pBqPsm0z8Aim--V{GloPk> zh>!WN%>I+wn&g2Utx1=F@wE-gsc2MDf8^jX;zm61Z#eCQMVG%2sjm!*u`%Mfo-tNK zaJcwi!-LSXE;=9kca9D`ncK5yi!ZVGwzef|ix)2s!^?jL|13LyNkH1Pb@zmOTOCP@ z)`Sk}Tnyy0-;pmke@nh89_6|Jg*HZAKxcEji%rXum_S`Ob>#xc5E({8O{* zl@jJr>TBYq!8LIf(o=i3djiRz|K4bQFU+CyN$I{#&^k5~uGWqABPI>96Nt$nzRxt&@ zk)p4K@AQPSSen3TIY7|+e!1WUQ5fm7iGuN%d?_T(RsaFN_)-@MW<|4ggYr#)Nw`3_ zX|o2;;$UdjFAuq`(`)w`l8EN(?7h{L`=~`Pt>bmsz?=|X_erb7_670H=Bl=zJKT}h zO3eua;+jIc&G4S#xG$;Tdlx1vBvw3%trE<9g&5jWKo=y@!~1f4mNq#-auLmgv3esvd4;VuQBng%u1>$e{~`y9hmE#G$KXd5YCDSgOwA>j0oRCiN4aNSf~}BxJXR`F^(0*zKjJ(UbDYp2{p(^Vl*Oxt^D%naWaB}O+MBmt-DtwlN0MPb|`EPFcyju z+$k8|L?qqubX~^^$ZK#6O+0^f1(6>SfC?Fq7AikhZ~=&qQ!^5Fm8zbE`ICZV=`@=c zkkj+|MKmd^t#T$%y$lL5;oY<1`TwKr9b-HT`f$OvZQHhO+qT`)wr$(~H>YjeHmA*L zyLWE(?#;cMH=B2platCx&WEals(SR($YWT2$aBa~m5U9>)c$3&QJ_F}ltG!?b=mc? zfzN_`R*7aZ91- z#vkU%h)W9EkWLq)3>f+QH|;62Kf0c(^}+{kD*30fL2CUBpUm zB;>Hls6AeXS`{O>i4KZ+%c3^w+(V$U^y7VsA|o zO@j1D`97s0zTLi@e!tsucl_H!d<7)kxC%YXC-1r#Il-4&x1Bl(XtdO^3o^61+(dt% z!&{EY_g;eKN+k{#WD&lGSka#(%6ajX-$p)?aH zlm780NMRfE1{cSyqC_LfxE&}Rlf0O;+hnDf?1Ek|ccxey*t`880b=Sv7++=(WHJ^3 z0b4*s8)=J`DkXsFZv*U(Hy9<7sf6ipJKl1KG_9S#**c)Qj(ni=m;%_nE`LJN)r^4@10Z zIKESc=@ff3OA*nlle*&exRnoONSOm;Qwq|fS1d94%U6w#!ie4lJz1<;RX)B3D`uVxK z`!wqKY3(r73*>z@^7Zuy@Cq6l=*#%b2-ok0*P(Mui&0&WuMU>P#VxZ*z>Z0tQt|4A%7>(*6%Hv?bB-=2YVP4 z19TiaI&z!y8Tm|ZYtk)k>P)mLqJ5r7aK7jko9etac}iTzlm%cKVZv^^F6R4A@@;>2 z3hj{M`w>Y}bk%{bbrwdYv?nb#(Dh>_Y|3{W*{H3U>z14EPFoxG1#=gyBkI;2hwoA+ zI3>5p$wq6)OH&?9+2BS*i#*c3 zNu?qsY^_HSQn`?@8C&NNPHg;UTCeT_du>@Ed!xys-7Ur}B1N_y65N;lI#7ouf7A=R zgI&=kNpdhlx{`{bMY{4;O<1qFpo08+RF37)Qg{~-_u4XW$tz93O^$p5)9`6-vo+{7 zyVLV0eBg|f?Ny3N_fy~Xyq4~+V2(;$EC&@sn5A-8OE;7F8^3@g`_-c~yl@FY61LX& zB3XMl&07elp^Aj6@*9BM{R=`6^*}J$U-q$a?xYN4xsKe^W8^G2ox&#h=Ro6^8R$LK zXFc{?f?yJz92@c4HVMsP6(|;E^tPXF_H_etz0Jc2@UTnN9xY^*{hYEh;0YDg&6gs1 z)e;Hu8KULbq=53QTJ4BXUPu6$of6oa0n1-t?!-fv;qG2*PT+{gHvEW@aZJBR#g&Ov znG=DcffIjmr=UPV%>ki_so~h9;Xa9d2BiakpJdjfurL{d*r-RJRowyMV9`3Y9|RdH zwP0M$T_4eIe!V^#h>hvFekpPZ6vku5(N=y~f%j+|806Io)-f2=g%hats-eRdXp7@I z8wT=7iR*_M-F#sOpL#s0T$do$NI#IQUbkQeowM>i{u0C@tz zDRHS^UTd6@8?0FYDMZI<|FM}N^1P2sJ&xQRptg=;Ba+4g&t{M>vU2F;+XH1FAN3Q< zm^|yxT?(mNs;9XHsjN`-@-RuYmM3892Qc@D)netFThs8~9hb>v zTyZs=rmeRAfb1EOTCx1#8<>`vQn9peC@l(Z zd|=W66jr%;_$y`9O=%jDCMdvGE6_dD*Sp?MA@#eto00ACDN7C({vkLsJK@<)UHw95 zf>jO~hd^TkjsJ{kJh2ibE-%gM;fpAGM)}1R?Ms;)AAD&$$A;=-ofBWpZ^MVY6BVyT z!3Io*3Ct9d9WkW&`JApTh%KG{qO*>(knz_ z7{YjAt5zJ^kd;o znAGwYI|{!;BxDap4$x<&{fA=}bD-k6=0fQrwhI~WbbTMZLhMP-D0awkU&Hg_?L9~XKMOYO|LTX9dqtp#tE)l*HTKi zd>*w*I&w5S?Y@y7+}#6IZxC74Ac-oX73Hm%F#{rnOpm`vCG)u=R~?Ik96M@pV(C(^ z<#0(n{N?#o+JZ-W;#dk7L3uC)z%ndR)F3wS$!`xjx&O2BE$mfHHYrH$46M=C3Ftz+@>Un#Sj85G5td{TS4JC&C`Fs{WTiX0 zIV{+UQEa;z)XG#wY9DpC3{CHV0wImXV{M4DH~HlGo%iOrRRF*CA~)x5oL{_)DV;L$ zmWIk;!709tXJ!z?L+@hNt7Xsl-QEzi#&V@`Vq(mIHy4SB+4pUM4ITSsr&W$iAL}vV z#l*MA?uWQG9$OI;psxj}Fy|3)Z(PucK-Gb4wYF~IUkVCn73^!GpUU?0(&+_o^$0gGrO}5C7!AhM8qIAf*uDd&F{7HxC z)9DQhpu@XX>TML}@W3Rx)QZZ0v0GJRd=di33dw3s_&MmW(B-|b$53-Ia^<*nm9|te z7nkp8E^duHI?0^;lPq9(8qaQ^wYpcSi@7{nOn0hT$8PFfM852k zuQn-&qrJjXq=;OCnmK9ST#jJfxeF}&=kN0P3J)l?<~yE&x%8e5;`&MDQ-SMPK@^?5 z6;3ug`|3sYWdk-r`rHthIQlg-gQfq6&H5CyE>ZUO$IZ0Ha{Nqd|I3*XhT~kozCQKa|{9GGr8S@JJlNn88FWJ7I!C8cxB0 zit8f_uQu-v{W?KGM~xrBx>1lH3bT#bfAwf0c5cik48G%cDPHZs2$l5{VY``A?unBu z;_}sR!ys}qJ%~1AR%^1Dm+ltYWyNM{%*54`YF>!VZQ+rr8Mw0OWFHMQgD9j;m1PNt z$(;&m5R$F-@6>gQG#6itXc<7~)q7)JBaU-O3t{###GdVHEw7qb+jGDSpGCqk*{ zn-l32j%gxEOdCst&9g{AxrD;AfTo2BqB&?fW<@%{03HPRsb}l8bnT7e%KGasreIu#by(H1eTqqi@$_~I=BSXA7@>F#& z_m?~inOI$LBD<_Dx};sS#825PXrquBo4~K3@%MEcDmh(KhdB<$wSClu5Q8UQ* zd!95S!2_N8e8CB((or<@*)&Je+S3AF4sg%UYy{kp(5$Z-baxEo>gqgkgx!Ok)0hG=`Ak|> zpMxJWkmRqkPVYcsln-2_5y(wqt*5mc#4=S-qH;lfYF(+~U4o^!!7JbI&TO^PsKwp$ zEKo7d@l+raVN_(@XP?4}D^93WPAh2sbdO7hJ@!{m{9@)~c;B8sN1=I)!7Ga8k9C}P z#*UX-%!252PLjHywiVT#Bt`Jv&lN*j#^ZLy6H|y1REr{1=z>hUBjYq(^ay?k5~+3K zv*1Bj!0Yd7#ZJZV>^^qEd;fEHUwJ*3l*2?XY#G(eNP zY8?W&8djqA>zDSb8o%*o6q$}fUdTNtA0&Q(KOi3g;^~*Ciei9LMJ{#K*KPVTD$7q@ z_2x%obv7fQg^MaetZ%**-7U^zJ}Q|vsU`N3IsNL!)?5Zb7g=0% z;!|m+&>vK2C1+bohWXj|NRuWo0q7uNy2uynJmH9!^n3n*cC5 z7^N1-8-^Nb=cG9zNf{N&q2EJ|IXAQs89Mgh+JnW^EXDLHI4-_*5o<5>rCU4RK!VJu zykJaVrGCoT<|cpbJ8d8f8l4D?BohtQm>hZ^CFegg^PGN&LU5JoOQXGH2yZivIo1#o zFAxfKItel>Or!Ly@2j|h6kafRo`CW?a?KP9*j%8Ta7#g)X8)0LQ)ub=Q2*$pDC9*f zS2U?0M=or`wRw=HuGp9EzEdD9ylralQwX?ItOAzTm>Wowa*&xDILiF9csb1!6Al_J ztUBP)0j6@_=xu^l3Hw&H+4B-Y3loVvd&k9aF_mEqRh&Y}V^eVE z$CHWX+bmLU1KI(n+C3kIrxI{lrL?Lf)>!K+e-F5Ji5k>TTnA^0`)7sfj@$sR2KlL+C)O|j)e?{O-Pg#Ra+|=>>hUt36I7y z%B2a03xQFz(hLuJq=D~C`bJr&Uis&ez28A+HOJc1=1=V)ONLz8r#8hp-S@t@(Faae zJ7a{trJbL%vPyR)jw^)YL4~UmZ`K_hZ{{6um%$P@t|xIY-y8{s->gsm^^63*9XH3> z1NIv6byQz%KT8!1mUne_ZjRaW=7yU)VT@?Ym1UF+yO;*Y`m zt<`6aJ)7So;vrZ9kqV&<{S%rpnFyA$!d+YnI#UT#BR9)6zOlq9{eGkmqx*A;BTVy+24Btnw;ZF`b2|ZVpsR0fVxXi@1 ze-Mwhd_I{A4?U_}P50#xkndp3Y1pXW$FY>y86MLvsfYsslSyOtTiO0XlXy+To{PJ0o4mb1!B{!mJ zj+kDJnChdx6T`U@o1>p}dAk5NWqJD*u0~@;Q$9sjslRi1@GG{9R0F=XUP1u!Aoj^J z6~#urme-_mhF?wG*>wyOD^3^qU9QNDb7i_H?Mg8!!Xd5G0HIbrz<^VlNJpAfq#^t*uS#gZ7)&kLVM>HV&kWY~#NZ!iG4 zEq_kJ1VKiBdWY9HfV=rOrQ$3Cr-QkOKD^!l@vr@>yCD|+FwJ3dj4Q?#j2*abokz>Xbdoig9><{+%7Z%+yzgIs z?@93T!v(v0x?k@eayXCfzIPr^u9b4&wKI}bu_tvTa4~h)oRgZ$H)P&SUr%yaKYh5g zq{#a>zgMB_wX)k#zQ`h){T&CtD;OtyQ%+d1rlUtCbe+2sZPRT?=Hx}eb&^w%? z4R|~U9!sBk2|dqSFLwt+2w9;vwhX9Dj>R_OCE0QUK-R>2dk|OajkKE1xHnQX@4rUa zDbo3k9=c;USIuRnXD~85;x@reBsH`1>P3g0tTPmV~JHV@8d7ahudW zP@RT>-)|XCe*6pfV(I1=43J>xP(r|uq|kj;S!gztb5Ga@i4=XO3NAyc(&?ER_Dp-H zD#wK}>$|HdgJ&EdAcZ z8~sj6H`)1EhDMH5CiRvL;pbRXFGw-@%m(y9C##41o=9(K#HFp$t9?}9f zy*&!Xqwv0Qjw+eNKqZM>jqB=YxI&^qUDbWFlH$a}>*BlZ{4Kth_y}czlhwEMx4wye zUMBNrHk29<7>PEH#BW_)IzGKmq9V2Fk8C|af5<7W5@ulAiyY=EPMUOKK*@j2`lbw` zohsIrJ^ok>-g2V;nxgND9I!v;jrw=G!bRS0BwC}~;r<0okhsO0nnhK-h)`Hw**eu* z#2W37(jl5vDkf?WqUgQ8&fY{clsbnJqIflc^3_H0-2K?m^y4bZx=Nnbm4A0&{)4%X zmmM(0ok}>(UH5_b1zKclY>MUee;-HWZzpw4(7KjHj(NbfWAr~Ajwql*Yr*e`v{|Sj z@rBLRl&dQi;!fP@u{eX?mnH?Me22K&2a(qYq0k-pWTAZZFE0^cidVle8J}}l$-!2Z1?SB0 zV6S3`wmkPZ!Pr*4>MD1YHsDJ^RdMXKC~?ZI`AlHPT>(#}>R+@vKj6ofqxmWNdlvJ2 z^5ztP=y8@yzSZ=smF7jLF|Ly~#Vcwt$9@=3v=7VPj{yM_)#H*Ol*RDhr!&UXZA+$e z8-@eKV{ej)E~rgPTE~7n1!KQ2BpvD5aiT40)(yWG?i@J02@CVaE4M@9b~Soa;`}AF z;Te|9DqJMEHO>&sF)}Cl@ToOCDG~NGuYY&nv^Ej>H1zdEbTx~8gqMfo`Ja*|2mBI$ z6sIDM|D3X;-%1Mj0wDUTnmy|BXm5s`o9*IgbS_BmoRvCcOuARuWlWB;O^veIqfSb2 zPf2jgzNKk?U=@^ipV;t z^cliW3M7Qqc}=8cQ37*pcFiLk&!()WMI2@bLma^}oYitx$zpcYcs6Ha>iB9zK9TDm z=!VQS)q={(h&&jjx`(>0eKKpw`S|%Zn1K3HW*0LJ=lT@J+(*+{T(|kQcFao&2g(=? zs#L@I7s%3bZEB+pJ3{*8PS_*aGm4OB!~OY<*40JJ=ah+23iY%reVfM^Y*Iu`gU92y zphfJbc|PF*65;B{Yv@a`kKG@E&pWf;{aEIgqn(wnr|av8tq;Z90H2?Oxt9}pAKRJk zcH~}EAM0r@8}nHbqkN-5s!wvw%VL#>u=YX)Mt@`EAw!jTW-AV~*ey=h`4-z_zpaTn z$J?$b*aiq*?lHmkyTkB`l8|6ofzg~R z+6vM7&BY|l+6i?Hcf$6m^l0ti6Q5BX-DIzFsn~O^h?nBf0M8jN!f)~ftr*>DSzFU=4rIBy^>U54mmLWjaUys-rJ9{+d z`aE#)Ez2yMEjPpTIajWqw^!$r5oMZjD=16M34uUhaYt@M)EBP`B0Qsh#qBk>RYa=n z+^Yf?GL<<+iC84h+}K?B)hs;aV%|&4^3uxAe!^BlOEFk|re7?uYCN2N>@Wc(odm>q z9V>xO^PYO1q6m%I!AkAVRWSMlmippZt_@}8VtX$UBtDro-$4eInqzUk#Rs}xwe5Ph-QQ~P&oIoAy(SeOvv%g9<(=Ip=afsp$*&X2#ZUyxy29h=&m<7 z-IO7#XC6o(nv1;Pj37=3sY@Y)*~Pr1IQudy45`Pn9d7RyW31gALS3YvT+ool#ALqRK>Du0x>TpViXLa* z2J(v#R%q0|uY%ge8KY55EoN^%E|OJUpkX9)7%D~vDG5O+SX|Mg`Sq*1F7yX&Lk`Jl zZ84Q59?e4pYK&U{&SA1Y#l{Y`!#A#E#6WqCYQ9L=)~kYy^2q)d(47F|QdSS)9<&}o zBG6fxx37S@l4u=$C9lWHQ_ZwyJ$uqRb=Hw*b2i-RY%i_S1zF7g2#U1eO_j<-t4kXG z(i7!r4U5nU&mIAbnCz=Xt-fHP8{S#)$E+T^Ym$QgNkkKG?xgT0oXh)zaV*3~@};o*uG)N3H< zoEqYuOx_p*QGdl$;+^9#-AOq8AJ{z-o36t^gPH9!TM`%OyLB09a863U$U-Y{ z+NY7C3CC^-YM5`rGbp1@Ilb=a;MD#)&LeZ{J+Nn1{_d`G z3(V(SzYRi0;Qz!858?~_4;TW+|A8U=PmF+r`G5ZQ|BFzR+Vm-hO(CqX7yoGO%^0~; zf9=juB}sOrt;*_RsD=Gv8NFq+&6DegoPYV`3?p!`Y*3>Gh^M0Y1%==wR{K4S-5!1p zi31wc@zIV_sCKC$n=Ak-nv=8H3X*n42jmP8*vW&=uZnYvUfuKo_@&WXdjj_wm!3TP zKF5D62S$c&LV~a!um#X1EW1o0MB3Y%{6cPDj~J+v)xy1xJX$icF%`8Jt>W#EKS?~4 z19BRUHD%JZx+=8Mah0Z)$L=rf;epeyeIPVn8!npP+ZDDAwbaBQ5l><=5@f9+_$mfj z!pzDj)(%DVe$l{P2Lgxl>TXX*#iM3!iqYK{Q94vmcs2u#;Sew4aSu+}ip5m34*_jM zse$+QFIx3TIs*aGT}0XbL4^va-?!sY%Dg5psHSz7P-x1)Rx!0L0q`T*9Fye}Oa+f0 z(y7BkCfTFsRIp@!`*IIzZI>||Gf1;%vxY~tI2{#YH*w7~r!H-la99U`YME5WHj9=rS=Xn-N^@1kpPH#AM8y&ssjiev zq$e!SG>U=I*dPTFlipy3j-elG)_%hs>N_YV;Y%|O$RCgl z<_Nwc?aRa?chdEtTyWsDEui#;Q<(jiW}dz84;u8KtRPLJg;0btP6A@e(i>a$^>Km* zy)>2?7IlH2?tC@IW1vYi7p8y1oI=GCmpp|iCa@0iDh6<4pfVGXAlN#siL`5pC&I`&Jm zLI4qkfwxbmmyK1&t#u4GM_CW z-t9P_B*B34-hTK3+wNY0*e(*wZEF@>2j{PC&Q7rJH4O#&{nY(HeX&e3MhHA}X;`8( z$V9lBIBcju-{O-&?q%=H`nrok$joduI9(4ObL-}pdEF$4aP4@jKYO56oQQfu=S!g0 zm;_w!d!PmP{mQ%quhA{1o?Lq5-jvxRvm=&qSg5u30u7rpkg;sjHd_{jdNNfZ^-`@- zd#fj+^uB|Me~o~Kj{cCNP6-sMshe-RyHI|87L2yp;x6L)K?iHG|y4O%Y z|12;wk#%Ll0f%FhYzWut92WBkk+gix1;Lm#fz+Pb5o5yDRG>gi1a*>KLVLTZ(&T&w z_|wSoarcGJO+!B91YLUZ&y$ z1$SNl778}gVlkteSg&`_t|BeDz8hv5JlSbnC=Qb|rYq({{4c|UqxNxLL4w0I#6m)Z z?MJm!d%HH_L4X7};6KH$vHu@sRsKKN3T7r|*8fFUu(ELc*SQ!gy1EJYZSekkhRg}q zF&ZS|Dj>l?9sU1OkVnL-v+=)9<+C#9Ex|LB}-(tkDjSyyEJ>IjhA0(0r!&!1dKX< z$o>`z9JtdBQv1@#W3lWTL5kL;I8SB$pr;x?Y3uGlYPJo9nfc()c9D(;94_eW%(I)q zEyIIsLElnHGGftlk^>#|%q)n|U`b1XqY#9ITGE|ORI9)yj_7->c$s;jp4=!K1D;$ zu&Pe-h^mmW&bS9FyhxT)f952~tDa!kP@~0sJP<`wy$>SUk5kkC)z6&M7l@19d+gYM zQ%rtK(oopg2M;Q@$uEa58jRV|?o-m$)EPiNh27)q96=V5AS@rMK-4KweAwWZdQcL- zl^4s#yM4u4e6^eU7ijEkys3TbHS;C}UT|03l`uJUSC2HOWL0lF&RzGt;ZJ+c9;Fq< zmiS8p3V>N7wr+}Hao{roIRbBHo!>T{-%~SdoJ&s`O9j1tUJoY`r*j!^D;}2*j;By_D;CaK<|`XW zG$*@W=3%1sRcnHZ1^(V)0k;Y4X?SoB^}S! zCQQA*uOQJ!ZQ^>WNYlU z;40GGlD3hTh?mic+h#FL1r{NO5}!%$)H`SC(KnCGCmSJ3J{9l5oVTQQpG-)^Bu zI1NTv8gc|)_zuu17*-z+9{j6T@>zK9dCJE!;RLX{w9-o{>#0fCvEj5 zZ6i}{mC&JQZSMrx&@Gou8^%oQ<_nj0RHDy+#aQwQ#`B1d3oB-7yIaI<9Bsj(TEjhc z)8!^$P(9e+xR)7`y@&B;1S>8BzCHv~UJ%?>6T@iER$@5!0)DPMaCNtFbISO`db*f# zcO!*`RE_2%QrJQ+h!)QX+0xZOQ3Tq%EQxvL*_TQB?g`l_sEI?;&|$#M?lI#Ew!1xh z5=K(;*n^F(68JaH$*4B2(=z0-+Z^hXRkiLqx@aq&D}!$8o|FIev9sO({odlMdVsY2 zvcgaxtFF&Mus1*dYjGlfcJH46i7~LW$Mb7);u~St?|fw@C&SjqP1p14<$Iy^_GHe{ zKiB<5)D0P`l^&aK_OyTLjXbp-q1V38=Z^NVPg4iMma*9ZJcalSNdmXaQPmNgu~E;{ zUFiy2tQjm)khC~+=4}xxMLMzpT}6qiatZ2cNSp7X6o|vk*hu)Oy#W&-9J6*MbwyZotYU@iWp+Zq;Tr(u15mKo0#&vkBY zE-p9L@=yuLFxM1G`tt^fRdVXq9;(^QUMR*NwdY7LO_%f`v(t(WM`kZ%3m^8=ia&7$ z20aq9Z3YZ>o4*kxV_T-$pm9P^TDC;TUi5snOf%;yPhVzF{q|ZKpV(EO58QDIC&$=Y zl5`^tSY>s2pTqqzR`~HcihYCk3 ztgcVMuKAjn_KzQnO~YYj{San`eTQqmx*UD5#K?G<72PAiUiQyY70TwEqU#E(46x=}?N>z96a8wU2&R{CQb#qDwS zzdz5}Bc~rCEh1S#@rCk%VFx1&ge!$Ju`SKZiL%1au>HRph%;9})RiFnVLmtFgpV!bqd)@F>lbkeEVlmmnTP}?ODC1+Z@4g*0Lw@6|8eo`Ohgis zr*r-vN5k;TYPCo^VWy%~_$Ba9H^u-OIFAMG2`0)Q@6q@BeFdSx9$&!CSI^+~t?h3w z;^E2`1|8))2DzLcWz@{S7<2hK?sV8w15%styTb`od)ivr>|+D zftM}973MxP>DVWy*E;(C5!f(z+77`8q&Ff&1p4xfGB*=#yoliQmY{!##_D`rB@Y0ahGDGY37U@hgPU^lGB?mo#^74g`m0*GwRf7I za$-xw=s4|iAakc7at5qUjw%DLNG$d1$5p7_#w(s*Mt`-PK|;2bKvTN)PkutF2k)7m zb32%zv?PfSJUyHZ&cCOWeP5l^3T9x#KbK~qD@RuYz+V-7W{Pwix>`bH&Nd->4$0zP z@4EclyF1hJ(K&5q&#T3D8r}8%E($iV-HacRgPPqyI#m+qv8qo%Zcm!H)DCxOYzAyu zTrMi7*`u`SSW#?{fINABvQ0Z#8zK|^4eP&%U=`(~-JV(TE`xe8QAko^XN22NU(G(! zI82Igl#!~`hP1HsaTYQ%WIxn`>UZr25 zdB8~-nCc=Ea1qC;%T=m|o2Mi4{6G%xoDoF)2x_OTL9g=+;QfUPjL;y1hQHK=TQjcoq$$!W;ZT2@mG~Kpr8 zkN@RFCbgKa!6x@v2dJH&5ur6$IdrE5lcTG6#DzAt_d)&7zFUU)^zLvP6oDdgE~LwGPSVH} zT?l_A1v=eej@kRQ*&zhu4k^K9K;}I#78UU0>g%E)X5@t4Z?wFX_2R!p%92QQm<#qW zB_u?|jVKlhEIHtdof{tcA~+`q9;z&ato$(9r{IwBVi@xc1dDyM%WzX4le6-6F?Ais zaYO#F`$C}7$|R&XmWm=J7c$~@`^XBHZgZsy1RP~{=V0aP(_-bYe^7i<#$l9gYhbd@wI=h~L6oJtP3)JZIDhta;y4`Wa?t6huAiQ_C zPRe%=Lug!JoX}wDS#PZ9J7_A`65=HAph!aKc6Oqga>Lb|eKEM~jmw);D=W+P?FW z#smoo&neCC`Ibk5s6!+N7k_h%o#(?u!y`&Qxw39%7kzJ?{-rYEW$^`r3E5zFPm!M* z);pw$BEj|nzB@U(Kn0|WSAy@`y6T>Zx3QouO>{K+y%4uf?)#Di$b+=;xj^2j!OmmIhjR%SgMYXdT zOZPSFk-&X+rS{A2YG zqgCtI(pTbgDGv6_F%1f;rp>K!N~9u}uuhgsKL7X1B!dR$UAcD$5y%ozUxfN|N{@|+ z#yljI1|m_uf;se`3N<<0{rv^=Ex@>yOEC~ zbez40zT!$b5B1l^sOCqlyRR}yJ%ZW0^~1c&fjU-`2SKgmukj9;a54PevJ>N01SNvK zBiJ&i?pMoEZQ9VB#?}_bZyj3{CnV@&z@jXO)OvL>6`xthha ziEwm!zf3T06V9Eu5{O_n$^p^TL<8F4cDM;J4azau?ikK&BX^K7?&@Dh8TJ-}jpek2 z(F1q>XwI{Yet$34&a;Gx-@NA#Z{wGw@^OvdZ=Xi4J<4(kZK81vouIqq3PrDR^};rY zG0^pLT+2a@+5I;J-l~-IoPX?+X=7Ae>^B+*9c>)_Hz5TzZEIIDa2?Svelo+`FL|Ys zs+*C1?mk+1#HxvWSM)c6Z+l+s_Ochat#6~&uH*UJT&FDNL3!F-ZT^Lx+m(437z*mz zo_Q*2z4M)}Ei^saXN1<{)GE~6*43Al-`uC2lv~nf>ih%qQ_yEp2)&VW(~V+5Mk~D` zbJt*T&^bqT-m0}Ul&z-TG3OW%Re?%LQd_1?vFH@%?3eyoCzTE^%uXG&@Zj5OIqZ19w ztwn-)mx|LBI;Jv0&c~ve@!5C=PsZ1}JXW}y{S&gP)TCHfU6g7@EE`VbS1HWmIw3;* z+?Y-{J>lq?oPRM$udTBbpR+%7d zXzK^}4qyWqgGldy$^@x|3s-Y1o!p>%WV*L$6}q>Qf-5Y~%ml>*6pH|-3?S-|HT0`V zu{Xe6%@+s7r6jZvb(m!|fTlKts|*@&(Ujqpe&|$zS<^8nS5|S+a8;!Lu{HWDGqYBR z(=gEsVO>en3n3R))(fFMpX&$zZ13(!<*u*Yr53EwCY2S;abb$5GwCNMGIgrBJTHZ9 z+YnB%IHqHT0F@kO@rA0joy=`<)nSaQM>C-Hjs;$`OpdVXl0lZ4wG}QjLv1@kLI7~8 z-#X993GIx;lFr_-2&DsA?u4Rc-WJcyicwTe*owV&LMB40zrje*0|Uf3_;ZXr*Obsz zwae2mcqdXHVs)i{RCZGNp$Q@_`z`A|3aN%N4c|};nub*-U|@dKy(bJ3*j=_QX9X)}n*m%^w*=*Xg8rIgRJ*?>b4a1ij*xlyyad-9p zni?a|?ftqtc>X?lym;{3EBJXoiU`=r?d|Hx$>`#QhD+Mb|Mq>KI{)D85Zuo7*DC+G z3s;GoMQLC~NhgzESXMNNp=Uku!_DW1tJ9y;#JowtVK25mYmG|iL?e6n? znZ^8ky!i@5O&V!G?^ehLD44eLm3PEWbuKS{WA(nBKm>ey%o}A=K~;#LI2$?pQfH%r z$=W?-W;S;Gl}q4$XE50!Z3izxL*~yg%Gbm>p>f5)*ZiAklq2VWV-Lyeb{ zhJrwhKJoWxQfwGt0HNn2&$c#`C#Ns=nrE4zp5rQ6(y6;W+va+ATMQYl8YiRZ9bc-Y zr>+;RE@1k`I3;w?td&l5f+HdVQwrzXGww)DQE5?j%+qP{xS+Q-bc*VB;=D*L` z_3mBgsZ-CFdyeYr*>iSRSC6~z>l(iyeXs4uDd7@g5>b3ip63oI;qH3}Xpsr++iN-L zmY4$4dLWLi6z%(X14__@Iv^q8TWs2T2!+hVtk&y=aK-HINcRWhEAVg~2FSybj0dcq zlke(@)rZg}W8<2|ipun0Zyg!chJxez5qIvNe7|{~RPSM z^5QTA-$gvNjOli?b}e6T#v711uzmCr{;jkjCJhzSa6>_#OGtb*)cC!=v+D1Je zr@-gf)&Y8o8yrmw-2qLo;b+rhAUlv4Tw!g6K>1*dF_QU~yp@@&MJmX2IQ-hv)H$1dtThP*MRrDq-< z1MNb#DlZ`OZ31kB*MlJWewhnExudf4iDvd@)&WXnS*$Yv3qLbWw^;8=(mAF&0f(|I zwi)gVlmE{qP4=kqN;U}t;IaJv*zts-;7``QQLLq1 zr4-|xZun*Bo-o&cMidZe))aOxc@SQTO`8~V3D}U!%5m%X+cID1i38vih(6IN#OEvd zack#}vmiORFlW?3f?6wY*g=9mb8=kH>0s}TvOsk%2`2oAI;54K5$pbWA|kDKOtoVG}j5~@j05CoqS~R@pn5C zAAZ+4-}qmLCL3Q! zqxk-sM}|XqLS&D7%#u;Zi!9ampHPT_&zLHBLgx*bmh*=k*|4||@E({vgme3I)y$?= z(kos65T}+k0z=yC2N@hi*3tUy)R+Rz0BY}>Iem9k5U{Pi!TMygO#)DFyV|-L}xjPstbU+q}P{szO-Q79rbWhTJrVyLzO=WDaN{xr$oECw|b9 z%CLlJjlR{D%eIN9HydC=0U{c-rj3OGDWh8`31l7;)NH<2h`1JD<#?!$^f<~lTN;t@ zbBYa(zYvC$_F)SLq-B~@?2WIBisK~;xMmijbPJn)amn6NP!{2#r=co!dD(=ccEjD} z4K!RE-*xKeisRhHk;50$4}@ubcEprO=ld}wa4?fTaB|2|{Bb}&<~MqQ*+f{aYZI$fNXLpWk$LT98~>j{%y-rDUxVOxzj z<;j`k5?{E&u9ZR4YJik6!nIVMC&#M!_XQxg(ygv_Z8^l_&5PgsH&wd(n2(Y-1NWw3 z)X=&@M8xUmS<#XeTheaN1*uC!)oKKUuGD;=`U3r^PCgQKUXB$@FbhrVAsMRP zfB93xw1q>I!?P*@O@~o(g4lr{K^Ub-)^|+(u8|S0?Ae&MAsUotxjTqaqk@2&Lyu5A z9`UI~)qCC%+jtt7IKbDI7mou)SUOF?9nE`@CA6{=m{A6giiTRUWk}>yG^(yaw{pT} za2aH+Bzgv=5O8%p?78@H8b;&CIA;sxr<8?j*Aq^s&<+-WOev`dg1#C@0>+3*t>oiV zbZKp5Yx!vkt~u`+UA- zG6danJ%O|{jj20&iAJSisz}hXEJJ@N?ULTK#sNs-5;Q2Z>rsHnsFTc?hAOr^PbSo}JyaU7<+)WKtAqwsMQsaeEK@%-n0N(IX zDK#FZ%Ev&?P75%f#Z$Nu-vhPq08ruLOd9(P#wc>k0m;-gyx-$I3~6Pb!9ka53$B$$sf7w}vT} zrh!^nkbxzoaJFA_7D`=g*KGX8#qfBRma^Ssk)vET_hOq>yF!3$?;OXD3ur&>j_2X2 z6^0H|p?^%m|1;piV2sT)3DknCmV{rC*JO{xMZAHOg4{+~AQ_ZzDBL zzPZ+;t8E3xsUY$hs&-3S+{JvUf0f%WA0>SoS-Vln+(%V{vt?=s3fMt*+KiEC;P+>7 zb*qYey%v^crO6d+<6aRgpw%kPwmDv;q=sxcu_y01Da9<9RF~Q4DoXt$W##8WRbyTYOozaVY9mw zBElMKyfizg75<3X;6T9|xDD!{AL%k@Ye&d1NJ4mrs?l4FZIin%z6nOfw?T7l2Tyx0 zGqp?_7aEQ5B{FCng$rIV%r3WZ{^+*tVG0d^NIyhj<9Y&ffUE{jY?Yd zPIspW+#idk2q7F zr>0Nt+g4vz`5tDdoUY1Qk2E4#w3x6D^s!>!O&fWR+aO1$G>RtM!+<$E;Di-X*i{T8 z`Ji4~M3F&$Zq825dpr(EYJ_$+2I6J&76mAUN?rs>vqsCPOMawmN0IgPf=?RL+1$`k+}&z>rKe4)t@oUY zg%0r{QeLfLgM`hMWV2AtATz{(dP+dD&_(?jr(vcOn6U~Ks-JJAI;Bw?d0jfEJ4PJb zty{<5XD|F&E6i;`GoU0UB1b-RXcWer68mv|EWh2u*GjXvZK|A(0;00K_G);g#!S?{ zW}}{CO?K?i(Nr5^uVn4pR7@M{+}b_hGOUwWI%vyf(9KO~tJRlflNDPEXP3jRYWB$L znL}%OqWL_-2B!|WpQ$G+b2M_MvredHCjT4d6Bg=|BKx0`!grzVzg#_FV*0RT)}5XsnW+%$>6T=jozm+B}r2f7UlR-FsuD3 z9c%p~Mh@9HK3KY_2kiaw7Nz`n*AN9=SMkqu51H%+cbSMpa>5BBV_Tt-1ZX-gd8yS) zBH(oLuVmnACoeydIYkV^ymJk|WYGc{nBF9vaa1lVNp?j#U7EDuSVf=^O{{A!Lt*cR zC@vfdVCY2JVj2F44f3CfMKWonf_z21QZc#>QdMa(;IvL{d4h>5QNZTo=g(xa6=U^K zvKf}CShSj{#^Z|kgb?FFeZ&XUGN%c$nwF`8rOr4)UNxr^d2(e8Msuv#loBwi5RCLp z8ZGo=#$vyVP}Sy`_N?>w)0Qayy2v&Ee72v=YtxX!B9+jH;+)Sa$rz0fm>!=~G|8#B zKN$8{-oQj(T$E)$k1z}?v_M;tDN3Z=1-TGeyU(0oO34`xoRH`&>)9{?op5R= zJ`-8=>(8E{>X(Kre-H!d(uVd8aLi@|9>EAd>^25or6KEicTn}Bc4Oq`^eaJ;4aqcr z;!LsO8@Xu&Jq4zt?E^8{gBqc5Q|l`dj%Oueet|2)uZ>M#rmlVpnLjVSxtCuzGrqE_ zf&Kz%rV1KknYrCxpP9eq`Cq=WjbIo9MZAlX{zm#%HSQ$GTBP83fyX!>;++~`kr5Mw z#4GuY;h#-52RWg!V8VY7xZwN|*!(=B29pVac*B!;_l%|y!~-G(XLxkI#rS7gqJjOz z?=^Q5p&VBwm<%OvsaU8rB7_2u^PuuUJnkN$@;`L`F8n^es_F^Mcw^Y+uhMIFU8p?y zoM8AR_oUaFyDgiF-2HhF8X_>c-SYcwhDpow?oz@P)w}5TTTd$?p^wM!maXAfYhTNC z*E=&r0r^@I9JFWXEtq)Xq*wUi%x&SZBnPk4uais;M1|K=CT8v`0<7F1=Ac(9Hx(}w zV<_%#u^d+zyZ@PUgt&-!7AeG(Aj94KFh4!?zk-x}%@9-U3={MJ9pGm;|3~T$HT_?~ z|J2Qo^4)2bu_si9nUg1&S7)t68sVqdS=aw(;OM^iu1B#}eSG;@nVaJJ@uAn_d3W`F zk_1~e7uFnu&r=_{S6>caFO`eiZ5K6l9s#=Fuy`$ymei}UEWUKVM0Md-`8S9+i;k~_ zffYp5$0NdS@3-p(#9F;tTi=(R&4IHO{;k;Bo@{lChVTml0*<|87mdxVRxK&O#6xWN zW=$ZM!!@TRNxtDaaWH&NKt{iWao0DnA*R;{oDOa9G&)d@oM@n1zXYdktHQYsOvENc zMF7h^Exd2RM~2I8k^_d@-~2gQ2O1b{*#O-D@uv}R+}sw$u_%}EomMeKo31n(@9!x# z2;(+0#zY%;(?vJ!h(>a1&k5LwaQHE=P3v}wIY!;*eg9P!=C-(}-gh`&vwdqQ3Cw~i z;Ur~@Y-MyA&*piQ+I5VhMZr+>L=%a*8{ja4JjjJ3Apy{ZaUk0s=4>t%zGnF5NzWAP zO2;u4>2bA|_7?bdD{JemeNaX|LBx`oKp%(_atN|g%mOwDGD$PWtBFa+L=D$5T-(eG zE5|D8Lp*hx2T-JsAopu8f;*P$pBPkzxXfWG&`cB>T+OiVwoR+!mf_LyCpC@9bbZ!m zCE5p;9S9IJ;q+Z{Jy9DonqGf|;53deQM*mNPW zOjL?6XGb~S_doaqeZ5MWHOfdZOPW*ioGb{ZEgRcZWoe4(W%g7vr!2LsDy5v;`4=!} z<$v}-9-HZ}kv%gF1p|Vx;#tyC+ay5wEgJ!a?!hZt>c85m)RwEgfC?ZFh3)~9Grf*- zee&20ylNZ(hnU?%X>?I#OfCQxBg95O_F zDnvMMxte|}E?s}_bbk_CudWWlfQp0U!7yD0)nHHnySPBx-BEnL7B}eH?(|X+8f=T* z`bu>%1|P3de%9kzU<$~@BWP!i@AJZe!c6w|7#_MN|0jc`4QxV*ii_{ERalc{dad~^ zK|3m=w(xB(rMRy42S7vk)^~51xPbU&&nfxu%&pi`?4X>gW)$lX3iE<{tBDlU-}v!v z6RpO$14JMkXs7-2nYX}aWmn=N>CyxxtP!1FOVibKHVd(7#q!Z^4V_dc-Pr(Z$UBiK zK4cw7F=0BDz#JYmEfU-VRsFuPq9K(d4W!Y+-q&xgW?MjSG+TCCzp7{(Pg3(-HEF-J z&4VCLP=ww-RatvD5-b~I18)r!hoa4c-HMSx@Py#UxD7s3$e3**T9RHX4jgJrt{!Z_ z%%~FgaRyeRVD#uo3qAp9f@O%i)0LGEC{>Z86dT+Odxw%Q(f23Rh*b!Z5=&b zoIe#BIanG=*>B1YCk?FPuFR$KMHeBy*Qy_aw$7SSw;oYyrUZXRA0Ii~G0552omcO6 zV8mhC{oH!0cnDoiOS>oq!(t-h+*d-lari8-Bw%vY);m82-B(z}vd)9%M&q^$%12u} z^$%K{Gc|>M%AyOyXzj~}f`=q_-q?n2=@anB%@pV=TthKTN%_ca0w_u@OB%;xB*v0q z4&93LHV2uMtePd$fLu*Dc2ETBTTuGn?DPX~LEnwiaY=5Vlz2M@->OOE^c*I<{Ef## zy9AiZ(NwdYq(aX#Tn@l=zFx0rMv&F_MS&_;YI8JcpZ zV&-F_c=V?;v`Pfrogi6~&&QVhgAH%n^ODYOUcldk51S4{@O`ueNAXW7`!QAqDsGPC z=)cbi&=;1QDTqKBipV%=reNr4Z3=acuH-G%Q#gFZr1Nbyj_KvnP3_YD>Y6p4DK(!{ z5n&lWZubm4dTyeG>o+PgA?m^6BnvzPv2;0}?dY>*t{IeHc9fQxv2WuYojFa<5x1+X&VFg&P*GGHzws{UBz#~rY`Z-%Na)&h zdK#wRf!#?^e+bx|eAV17Jh;90D((knH^0t3)OQDv{fu!j-ADF73-(p-MR;`n(m*Is zNJ39v=$nqX*WK4Q^F=X(WP_Dvn-1e>$IBubP-rFy zCXPkE&@kK2pM+$43LM+^$vhBfvM!JOhefD>Rh# z_n0~RC2yvS58o~Y%OK5Ah%0&m zQ*WRpvRBtTn=8LxKK7ROLPI?{+E_ANK2LyRim|J<0dPz|jjt}bzd60%(zLYKktYOa{otbTg z@ynx2Qz6?vC^L)VjUi)B+-|&?7|KSOcXxXSM*nT0X^N4(#-Ra!BqBCshmU()nviw}t@5;<8P3Vt`yk${DlLfw3{u!;g<4 z(MsY8^_!o_m2*IHZsgF)4lMZ^vXWhj5t5A<7D(~tL}?^H%|L++i*?{=v27o%II$0Q z!9TIF0%#EZQ0p4{!*v$96btBJO~-=Me%_WFO&bXo9d_SsxN@~dZqIN`2zEOu-G6>M zu!%76dtD+5KJxQ!ZA}rtCUmp{eL$dfh31C!=Yi#mGdN=avWr#nrxo)d@bb#+L@7Kx z9}Zkv5QLuM-dg*We2kfYyi+}6F_n-htrbvDB)V({gZtw~{tSuKK2ala?2>aq6ju$T z%2LP?O$zpm$d^QR4vyM|`bP5Ga};nEKrM9u3pLB3RC9SCIcjqW+5{D7X}Ql+v~{|D?3Uf1lOzP`8tFV^FAH0K^?3Et+_^-nZR%SLt2Md|3a^r&B_LJX35&tk z)GpPjeZnRs{H<#0k|5wcfrDe`iS?1=IGQho3P&BJL z(4I5b)eP?-WhN*cU0LtOdj}fThgM#~`R@Bo(LT6T+CBQPifDhfH0e7<&@j`gw_8vC zz)?xQeK<%Cq0!Q4j{-Xy<+?x(%YXMp9%zP+EaoIdy4)czBQ|R{es~eA{CatM+age#2jwM!u0J6I6q?q!KBBbSkl_`}`dh#RZ!l{2QJAX=@t5o-;R+-w?Go0l_FbbN?73uC_m zFX#e0uE5d2oLI-55j1)gdUxM^HX%G%_HvdPJOiL}h=877)#?My`hW#ij%`j{1=R_G z4Y!@Md;px3mmj(CkSGjdj+TP9wKpS=A>_2f?tZso_EqzxRE16nB<>GlJnfuF3ewd_ zn|QWGL1+}}KA-VefsmSX5nf3=^9N_PA(n+ zd3+2^L2r}46W63rfod@{%4LgEh4S;sR7F90fG!jue0lfCwK9n;DY7Mj4@7=kjhrQ! zSbQY5+;4b)%pDagkmdXeleXnniMA@LU!_Sl*w9HAo{}}Prm*56=8vfRY)IS3*=tuT z?9hNRI^@8KxtGt&xUYe^lu#7wl47a*i-s6LO&#wRTtT8&vyf$t+8$>e^AG$>2?J%X zDQ2pKs;GQOSBUsdEP2>g#ib3@XAn(gCpgfqkq@VMHM$aCRmhJ4Mg8719JE1Ad>9yA z`3G~J(3uv5Q9@Vv(#cZy zvx?Uzl@(U|WX#C}HU*LMDilCoYF-Z1eVMZJ`Y%))cedHzn!h8n`D)04m5-k;>y&?J z3-6DOS$XjD$P#vmZW(D>)=iSu;qj!=vh}rj_t)<))dMgmkLArE)a|AG)e9CI=J95( zj&f@Wj#gkT?#y!Mww{*!0j&~m7jN)1!k%|;1z}&n%@>|KD88%*gbQDhAiTMhbU* zBZb!_k^ZA%I4POPnAmQ+dMi0Q;D#2t0~nsQRIN?y|B~sTj*{=!ygYH7VRo`x5&@_P zd($2|d0A#A&jY$(5j_L9&WfJS_!n}-^OGiJrun{0YUh=S#S+}c2H(yd2Lt$3*92g~ zu37FL6*jP@C=P~}hTdH|+B)gG=?QEae*d++UEa$g&c~vf5R0GPxEPYU$|dm6{6i`e ztwk!^&e478{Ta~({r%nX#b>E}!&miHNN-YSwLgp7L<YL?l&278_!3ECn5+mncTL0>9wKpAe>%5T+btdx02Coi>w_gn zv8Z&jV}~o6s?VICnp5+B-49H9fJO~V7J@HGQ`AJiv8=*Ch5=w2MDvfeCecL zh$*1QC}3u4Vuxc0&7OjzbSVYBcbJ#xlaW7Wo9sjr4eH$2YJxQ~cR^mf&Yf#FvNf!F z@yuuf$zT$F-P{gigz^TEka%cryN#|pba&odpsmg+%p*-`KoL82W$93U+oDStE|{+t zd$b4x$mGt|NozvM1S(0ef%s!lIaMK=$BoL-kM@S(Bw}XdpB~g`jU&?*e_TTW!UmFv z?;Ky4tF!v}^n}2@=Z~F`bWxC_sD-q-L$`xsUXfFq)5pB7y#lvz&c_IXUX3`Oi(3pK z10F&xUS(A7C#BwOpfd+}%{H-QLC+q5+b8~07s>k$xT9Da%;ESAq5@i+=@|aIt%}#M zL_}M)xD=ea6b4Y`3VMP#6(n!u`fiHIjJKPUI+c_2n3GWxLC9TTGj7fe}564YJRsWQTG0GM1{m4X~d%|~daRYLYQ8)F6k z`eN|AU;FInu4oMdPNc9+eQHPUG{)>AmabB(5vcy?C!JsV4;EX*^7#3Jw~A<#z-WyS z8cIYlR^yNx$xNQ%VK??1`I5%S{xo;MV%c-u;u59Wp*}3zVhd@*Vx!n{jlK{NTsu6* zs#{jfRsKEG`4_Ijj%$AX6#oza22{BPW?~KJeM1NvlU`th_7D@e@3Yz+cT-1hWSMwx z9;*o+SR>3YEc*Qj%Egoj+#{qXl}>!2auUx_34Z%>xOE|O$cf+bb#>N2(2ViUQEQ^G zxHA#?8R&89hrjz~#vw{1&)v<3GrM*aJJlF|IVz$G%^4Vrdb?9UT45)Sn0-^K5ARQe zyuVixz66v26!`hQXD6UmeP6YEd>$P%c8dJ|qQySRtpEpn1*e%(1&6m=dzy-Fgn1De zZYOLkp3G*r-4|wo^udFVhK>#43JeshH%Tb?0h)>>`WB}2`)0wPkquhO9{gY^x5uaa zZ`GvU>tLg7E6Hm_fyl@mTvv-4i&##q*{R@BLvaau!j$$8hQVoC?7^!j!5+}Y0@E{l zuMp`|5ZItVGpe9Iz7?Mi(Z$u3a@NU$771HFW+8-dnLjjU0&@7{- zs~6_+$-d(6CQA=p?m*-RZv(-^k-1ZA7@vru}*ZP@xc;MBR5p0iBG{@UA94*&#BM}%tC*%|jfMfrew^L>Rl$?jW@fHSk*e!&Z zegFqOR*$wkg7$zTz!4Uis84ZG{6Sr?%u}F-mPlgd&t;nCPA3fo@HuUUyg0ke+XUz# z_`J>f3bdW;H2bz+BEDW+{{5bXwSMtOcG|r>N;4JJ*FrZFKv~#FM5A#%a}-|lM-Y2E z6Fp**G%|x!=>@35D9x9NQ9l-s*9V^b(M$o&<1d*+TY}`wz*TjrH6c3`FTg-mINi8c zmq+f^3Eoz{t=uo~g$HWqgX17J|@JjU`7!t%5xMeY{g5CX)G|cJM7&T3jGksYD)mdiD8{k98Zp3`kV!$g$$!S|UZoE8-G&NYk+_E*$>EEqBG<>UFbqu9x@m$DoQc?FCHF&DnYdiKOyxN(-MPwAt6B|;!dAq1_1uKMuo#xUc7mp< z_4@G_w8@W2`9IYc{NPZxHUxmiMXbZiv^!{c5S zK30q?zdIk)+nsf<@9Y5?TDCi};x!5*}h|P@2Pm-P$)YMR{#F+i-6auZ#f7B zJ(^+EGRa^cTuLEAnQ_)?Kp;;y${>mp=d_RXa+K!Zg8IWgjhJXNBB z%W<`p{8)}LE3dBJCD#Mxqt3}#+<%TJ@#AN5*;%UhivT%A+F%kDC52AyCfI=SrTDjEQ!#2X|AX11C|c+1KzP2i1rV}Nn0BbleFFvx(_>qSHH z;rWX>hHT*AXJKR5g`qf3%u=VvbR zph13jPhyTYByb#Q@&Fnlzl_dh+M z*;)RF?)=|oBsR`}T{5((A>+8tj?{goZb!j_Z&4x)6!&+pOrv41&0bfA&p06}B;Gtc zTC{>hMdIUO6I>7`iE1Qflfa`6oZfE}@eQJk#kI_F&Yk75lmCf?lEfa#ZTfi{nmRn7 z7urY;5-Ym^u7(AP!xukEYD_#gJ+Pmmr<*eDDEET zGH)0R?b0y5extwGjKY;h?>VVwP8r?>Nu@9?c8xqicdxvE<={Ns{XE44Ig#KDIn#eF z{GFk`0eDwbEuP;B?-JRee(2h)oEa`$yeuYb8UK9@{qWCG~3&}o;1e=q5Pb7`_bOp*!sX-2XReLl6i|GF|J>&w{I+3i-tj@Z^!^~)by(6`_ha6Ez6iNh&-A z%)?4WT6xrC<7X$NzDE+~t84b8X`PnlPSLqFzfAK`%I}N^SG(i9s0~dTbg8xz@7~WL+c?XlRdjvp&avM|FH7Umh-h%vK&i!DtKu!-&tTP_g$k?|P!~bmgYT z)5d6V<6=yeb^1$IVg_em)?S`AO;danv@$Phn@9ZQNh?F|+L27&yLV+;y?K@%Di03^ znb&I;5^l$*d+TOATy<`mPdT5G52}m=G~KE~<_{2E+IAOk0p)Ut{FbJI73shqKJl`c z8C9-!7x3#=)NC&{%2oHGhEv*~-A83g>N9siT=2B~F<5;uTz0Sv1f%wYD)X)$`Bg=% zq!4B?B*WtaN6s}EZrXmawqq7uRTWj3uQjyy=W0u^SofiY1bd2z_iuN7NsA^w@i-5D9^^rPpr~jH@rS)6O_ZY_m#YsTCfK{R-ryP$9tX+sfBJ*IygtlHW)G|oyO*D>OTQQyra0F;;sM*797)ELX zsZ&9vhiKC#I53slD#P#CNfiCkDP};QbuMueeBPJ!WnDb)?=>6|mP;$UlJaemgoC~d zB3B?Ug4rSHm6rwYyolYB+j^2vZ`&2!I%>2P=uXm_ zS;!nwCzm>%xCD4Kjz4gUubIC}sp~KXx5pCDndLa~NEBA4Kut$4VH2974 zan>9OPKN#}3P9=rM%EVE$s9FZ)I#^OU9lzYV*h#~4z0f?dPZ!F4ev;iK$y-;E(c?E z6mQ&vmKsdYW^wxCk)=)(81FzD%d#gfsfCMrOo;?2n`!_C^9J~5k2z)3m~aQqpN0B+ zrdv7?KRiGW)6kN`v~NMNU(2OdBc*(9z%X>J;j=WqKLGVcA& zXYmH>hIHts1722eELR6!`0n+CVnGURksw_%(dpO9?64zjlDFTrigyqdqfyZ^-k<9u zQ?7k>aVj(mIlHpzO~nZ}>7jJ6tA-aaVgEtj3_Btt7n-;8Rq8(Z2g1=lW1~qBGi(*; zD&8`jHnKjPd61QxkdnB>_9kg!mS3Pl#IT4khFUnj$#F9HNy7INxEMk7wu0d4k;>@f zlIWJ^u!hc7YJn=1ay!xD^pQL8W)P}@CH08r;)%~1Qh6D%=rGdmQA}mr!ww3jdWBGB z%)_kaC4FXjAqdjYG=L}r_&KH!wxSoT?x@pQq;7u;d?Ss4TdV;bH81!wsfk&_mRghZ zLc?h8N5y*au5-|ER>b;(UEaIZdiyFL*57a%%-P{RE+A1?=BJVALvOyJ*1{MH-;BOY>g3%xPNKzI2S5 zw@ahZE5jPFbvlH5VA9@E&?>k_csP-@z{#vG)tUpeTt_?s09FktA}>#k)4wPRH7s7p zX=#;k-N2-`Q@hAC4s!!1xqrDvKA-?ytT z!CQ?8&-!nB)y%Jt=RH@~T(8@&^zg!dO#~*9DMfvtk+jMoxbj%0RJ?Y4^g!jH)9qdF z_v>>Lw|lA$0hds+`3dbb+9xXlIPLHh>OiXn= zqc5#g!jc&R9|U<62sG_L_&ye@ozZ9 zvJ0?_!D&)=N@GeVN-N57xy9^1X3O5DoBuF$O}@t(Lb>HGohCi#w-A6ffuwN2#8}&L`H_Z8gzsku7aL3Gow%kDD44bL+~P z{#^IQnE88q7ail?3g`tVWh(929iV1ifAro@zlFe7t6tBfaqB49y zLE)M^12-3trf;=aATL-Jdsrh$$0P|O=!OJ~RlcdIYOl3cP6%(O<(BVINvcFYXuHj* zy$UhJ>H4{cV|fVl7DiPzGg{U3$Es`+>18?Vt*N9N+fZ+Y<&I39)x4Gs4~c3hYL~UJ zqP!b?W`W~0NCOy|1oV-p(>Q+kW&apQ;rcSaX_)$6xuQzZ_5^QEwvh6@hRThpwsVHiZo&03gtI6U(} zKWg6QXuQ|Jfvynz>E#I2ER__lpMyw)R4Mb0XqNK{wh3gN@7Xe-1UjzAIR4jp#?q!8 zcL;Tzt5!mPH*&dR{4#B;?#2xjUniof(VYcO-(?n;S&l{ZdKO)EOT#0eMp+zp<#L0gzdNKNi44+o<2M}x-UCqE6_e$ zgilk|E**)jMh^fPI7O{dfjH_(dHamAYv{crH^_GmH+CegI0`+6sr2yW1gnu)9*6*Obby9A2VEGTj&sO%%cXT_eIm@2YB!$gooIA@qBy&skmYR6lZKfM?Ot?jt&@J8SDxFR?hgHo4J(Z> zQ*%nukGJ6r8^UaA9r$HfyBU1Qgw96+?*nduX0{^RvTYJ*E~Ug>ge;-I6R>7+YI*iE zrA8BbAh^q{9`-`_8~O0bC;a6e$6c5v>c$@1>2sL7U*L|GP2=(Vkl3dm9(UP3?iVRD z7CRH;SUEd#agBa7v|&#sQkTsBg-Oq79?trO%eQYMXS<&03Wd0I=$y}9 z^khv=)9D9uYUjh2vv8i7nzn_WqeZ8c_G-mBaE>fNT>nnwp$CFSuw!@EZW>aX~Y@6ecQUI^QA~vNzKbdwQj6X3<;@ zcIK=FM~@{GS9k4i418i~N>Bz)Ce~D{G6kLAOtBNnh4)bE58cD=6zdDWwT1Z_2B(@O zYpe{2sv4iEaxrR-wQ6T1pOatLZQ{ru!ZEnq$&OR76S~;I>804tmjw-W;7ttu+TWc# ztRSt+JFmU8JmI?FyI?P?xbk5~PDYBgFowPy6z^4hPII*#VT_ ztGM|M87n<(F2-wANhs`ix&r;xnLYIhd69>MLDM^?91<_ zTE`FCLWkM#-U2%76cCXHHFPr{@w{QOY^JT9h{-TdDNtgK4o1_t!UG$rtx*bm) zPFK#W1fk!l)z+gcrftQ-9Q_Yv2`d=c?eE!)j~p>ZP>p15K1B(xLp#E>ff=bl!fi>A z%d*@0X^$_+rbTAue_ELNUj)qmcVXsRb^X`#-V06b#D!7x|9F{HE0kQ&FE1+T5#1RF zfEsa8^gD5t>JH}r@U;Yxb0y%VyuW5GU}`2D`1?<-^ZRLSN*ujDoYeBM{()e1V{-4v zdcW2g6#ALKh}L(@A4U~Ez!-)iCyYVM(f3Au)Toy#03j?zlJ0jkd0y$@xN)|cC2@1F z+0K91VLngs0~Reuhk^1dhcT`g*wT5JDZCwS`DOp3mi15XS}ZU*NqC^VI5T1qil|gm zJ)#YzEyd!C6tp_$VCWM!&JDLQS<3Xq3JZNHAo;LkZYioBV9k3+Bf$rD2a<#6PK6dO zhw#}=gO#5TLjvqS_e_jVL`RGnu55sUGH)YH(oc>^LfxxkjM^Y`wn?*TI|DnYA#6y~ zv&1aJor0}S7OuH{-@gmSS4V1BSY_&1Qli;7aj^keLG=oee@z4&%*&c@hcc2Mx_P!f zWO4J|v)T1(OLH~nhB2g0d-ZFw4MavFbpEx?WjRxKjgwLTd1?7z=OR+-dP~xcg`>4H zHF7XOct0>fQJ^?w?fge)5UctsPuyV!kYIM?_OusOA)o7^pPKA0F+F<{GK0#b+X# zRt<)hrR*ijlfbO*YR1lq)fev%OO4v0f4SE&sQ;`OF|r4P2pmSmi*f}DU_J=dHX~-F73gFHDkSdMla0eV|T0KlKmi6&UK?Uyc zCd}&SB9kEpC4${6NUv`O08UeezP-a_1#oOareLh*2Tt#R!mCCQX6#2*CwBGu7jC$| zu2FIhymdo9qgkIa$yaSS`25G1`lW@Ti{=kr7@l0ph@ghe{4X3PBxDK|34tNst^C9; zfv3Fzn+A{Owhw6Xs73emqbz%2QUp**u2u|sp=;En8x^Bohsgfvk%??bnRSDAeyp;} z6`pL%9zvw%;E~zQsD%?V9v`2(*X0-uyy=6)dJjzlPIr2?w2 zoRC*t8rtwU=AaTvA4C*lbT{V^q7d3Z;wn=0h+uhzex$a8R6OG}{B`o$*wFh6 z)2pZWDpcb)Odk&p1=m1FFolsNfjQPMzw)KS_uI$wZo<(0?x}|_fZeWNleM>E>#9*? z0BQ<`Rr{2MoJ1_s0E$Y9fS{#LSQcjSVaVE4}RDSM5|R+qHD5iL;PR;ah$i!=KeTOFV|`LVnk0B@7=0O>KA0cI@04 z{{s(NT?(GCN|bN?)Ib|Cs1dyHNJM$90B6_zk9*q@U{6Hq33JxGVv5J)Fq_$tFhv_M z#ux?JyL;5TOAn-yxZJFsu>6>g9$J{#2((Xd;nfM&<_F!(-_p#={g%un!1q^!=ns?m zI=U_cvJlh-Od6XD>#Y|31Wf~3mE_@u~rsRS8TD&Mk6E#*apo0DT;VJizlg|Y>hvey?&@Cc}X(JT! zYCX&Bi=C>GlC*Wxk3jE1%ns%aHBM_pL)c7lp0l_4SqLm|5REgYU1?%}>x4TdP*IAT zp{7lfkRoAfKV$`@bL&d(HwJNA<9zQW=k{r(2{4q?TF3gUt{ctPVB1_yDAc=erZxAi z`4${^ieMw1t^@*&Wy`}Kt?iPtFsgQXvp?!uKgrw-Mb@`%qi}ET33+s*_EiQ2Px_yC ziYkMMf%apQjMY{f`E|DrYN+qP|Emu+j8ZQHhO*Dl+xuIF^0{!Vh9blzUc%K8C!GS|H4 z7~>k)uwJP&sQt;1>v6fWZ`cfPy=|DTFhGg#{R$SpY zdy_Pr}0I-@@@9*AqLN5pZk#&5px6XUln@iLFp7tt-`s_ zNJbsD%xF#SEH;l-M}7m#1+JU@+s42_|G%XiMn;zZcw^|&&~VydNBr3s^p{j+6jX?y zZ4u$#bJ@ok#yCT{8`33BRT@DyHpL4C6*F#ar+jxn`EL+u@W!qJW#B>D{Y8DZ^n}=3 zA?PhwRB2x$aE(lR-cW=3#~i3OLn`#Mqt# zeV82|Sb9TB*zWcC4L>OO;pkeKT6Pb&fODPQE8DQM3(}Z4Wa=q@w=nemN*! z+2FXn28aOz-Co#z_KyyaxiZ@E@-%pCQWFc_Qv0S*gquq}B*^AcE+-?T6{Xf}9PT{2 zElaX%q+w;d<;NE}_1$j#m7Ueg60-zQ$Yy~b|7sC3Ls=)v4z20L>*?v;L+W$SbZX@5 z=>{AgZ>vSu77`|r;2(>lMp%7o5&cqm@`ysbHwY(fxc)2w#PGBi zh6RLRC0UYu1$q(?3W81khIq1TGrF1WZjXCUj}0ICN);DW{L$E9d-lre=wC!ADJv3r zE7c8)6@qHjd^8=vdAB3Z$;U&SQwf%W{q0OW*i3QA;*G<4bY_WVgY3Use(z)Yy2Lj5 z`hpP+qs}1YP3 zkfy$=s34%PM}_4@VgdDO-i$5_i!+>ZRKV-?BMJd$;{BxX$KtN0E8xAMDK8c{0FU@b!=OY$D0?3iH)yr)0X@)_mec+-1 zRKWni0Cz^_EtV6hSew5b8QvFNNPWrY##PWG4S7seP2U)(`C`wKIxCPHnTI&tR}F%6 zE0Q0Gl3i)Uc-K$h1ZaU1Aw@uZlgAExBop+fkh$QGz;9hWTK`*YMGQfFxdA{P#oOHz zLt^@KtL!%Ux3$*p=C5ncsB5im10!k0B9CPP(<`NcX=!Q9DR2hEAZMYOi^u!F?!EC0 zX+;vIvgf9HVsDN;?N5Dp^A%1gMmhWCtczYqjS?UZdeC8hYVVG9zgfO*UY)e|Mfw_&s9|Nm(8&d3Vdr=gpbn zJbi?d()a`%i3keV89YLS=7`S9JKc0$AvQZMrr@Uq62fJip7*hXXvmqnVmAl~*C(L^{(*w27W6)S4K3cOjiP zV?@l&{N-|c*6PRzs$Ac9LAb7=(ooAj-0Hfvtn02>p)UVUx2g@2)C#MvrR}c$%wX)5ZexSr}Sk5TMDjG*KPele$)VzZ#+62^3rL?9?ZAVYY#OZdMp z=`E5z-qCt_X?f9Z{JP<;3s)Srfmm1?Bsb3=Nu5~CsxY}*H6)4Hz?>ljPAO28jJ zr3=3d5}Fb{lu|lmCFQ|V>D`cOvFI+Z3=G_i;ZyJ3y*Y0R3FKBr6iBdhdQM9~ADZi< z#qQ3ln_Ei`&UeOLe0Psea~WwSkl?vek>AGP^IbN`12us!;FS; zF=v8Cw0cx&gdGgH8#9|}hqwnxSH9cP9$1TDD|Z^xA87#XgN{eKWAL}gPyT+ylDAb_ zf#I|wyQ%G}&zdja&+XNhsuEVbTjKkfHV4^K;IpUjNxi>pR1AC7e*hEVPK*014+wYk ztjy1SaQ}MzOw9w(!75cKh%x<>Jr9#$k95&_;DBxoa7k{&_C=oxnyt)ilZ9Ng(`inJ zOE^XCbKj$9BVEM-o3-zm)p@JLRvr?;T()Qrt5J=8wyxiRgX{e=X5U{lMR`+!TU~%? zi)QRvV`TIf@a+pP2-l8Ui@i0G;G=kR@AUGfnfwWPVwIgs&_Gy-5tP$kZ{mcoc*QX_ z_$_zC)gbs7?{$%Z!5Sn))(m= zeHfzA2AQq)*{e3X=#q5RIA2*`wT`s zaeYO|(|?#Bsy*?N(=~M+m*6JI5-N;;4)u7XJxx1Dt2IB#cq`6K1ZgU?_{ zALdz4o!n(f1c(dUtX6boF|a^0j|l zc;A!xzRJ?ns-{zkt3C2gMU1GGGw8+d*Id%qB@yHP3}8sUD$=G-QOGyD_Cj_mdV47* z%h!nAwIwZ*BxY(#E5ZnhbvrQZ7B)dOEC^E8-0wX0%w$77Z*yqJF58W-)=(xdSmf78 z8Vq)pT0lkO>98u-op8Xg%lBd0cu;iNdcf14Hq)2QJ}Y^aSO>1aMeO1l-*9PTQ_S#% zYZ=dMlqT$k**g6j%^LXDdMeP#0z7R+oyU8LTISO^zB?SFA}_oe{h-Yo%gDiC#4&B0 zH?lyjqY0%p+~oU2p4k!?n;s|q&}?X%Qdv0Jtv@p}HS;J=qc?b<0}(g5HE%la?T3yT zuDKmktWA5^8jw+3qfFRHx+c7SEdQ>hC^KU*@{47pFP6CsRCI)KYI1TpJ>_WATzs+s z`FG;w75YFX*o2x$`9Udf{*tyA8nLUBizWHIwB+X)+2*^1>KP*b*O?t{W zLEKIOwLpn%B7mpdObTNVkcSi0=QKd80INul{XWy^jr?(wO#JV)V$OV|R z5sv{l8iO?zba-J4^|7=j?5KfJH}2Bu;XgZ?gZAX1`pz~>d~+u|B{r-C=tE3uq>1c| zJtaJ&lZ@Khe+dGlVceg`g|TJZtpNMv5d$P|)Q2P46&^w9T#7sjdIH2GCGq1z*$9@~ zG{q0*MgB}aoB&oQSkJ-!_JdHg(QBsQ=RS-bq5RS^Xa+SzQ-|Bo4*mW7d2cBu{+ zHOUZ=hGDx>Z^9h>ZTJhwIA)(vEd+l`of>s9m!B34LKi%4mq1!(k?(!>%>#nT;$AM5K9}|+ zFE1eMfk16`*-8WnL7Z+}x69Dy3b_Q!yoFvffQNA+4@%_w!>N)~KE!UOw6ayx@=$xZ z!TD|H_<1S)SpH_>R8)>F9j86Q?_QW~zah!XC7nP%O%AhC=?w~WTBa3s*4VpOBJqij z1VGJ3jWz5HO)c}Ds=rSPD%AyI{ql5z9n*9MejvFi;X0bjj;Im+{2z9=FWS}SFW*-e zZx@H?&!K=xkvC0Sv92|kV9SDIOt$N^vwq-Fdf=)f6YTXgCiYsttr3q@QO~LC9Nae| z)`!x8@+&%p(ryFW%ULH&Tb-+v|59xcCh zP_W82NFP-olN*gqTFw(;Ato?1G9;1>;l?Sn8gmZbXHPks1GKEe>4M%3nOh|P*|D;3E&(o=Bw6*c(k4-X=lQ?r1WXjv|h`(Q8IbOPo-k&}1uX3NO;?^CGC(-G;Jw$opZYXRJm9P_-3#3Qa zsOgpVdSh6lxVvq=#X z0I9o+0DI*9(%g8(Vrrq5LQd{9;?naS5XqYU27WS;q! z@94+yRO~R~ z-XkC3=ba5fhSrNAw3rUv?oXd9$y@*+hIXmh%T={pd-5W5{8c!V-%VL8_IX3C2o?JN*$5blvp0~zg=r7y_s$JFn!c>v zZBgtc^=A}+Xk|?cZv7@6nd|%qXb=Ho9c-GEa5{J$q+=~+WbU$-JIb@>WuP_`uAm~{ z5v>{$1WKnEEhZsj%C`M+<`xJw#bR&Q)7(h{9$pO*83=(_qp4j8!Jm(Zt>=<-Vyu_zD8W%T1Xh6i1Dn0p{QNVVTL^tuNRE6VNeb6R?IhK z?<=3oQQa$uTkf?f?h9IL69D`QyjWW7h>J@sW+ zxna3rmHwgZ5Ts@Ir(9i3EB<)TzKsIJ67n<7SqC#_;&rOt;m8?T^?ImvTY8V(crLr}x%7QV+YLhkeIH-Sux@mhYzO=a_sxVvS|p%4 zFpMewu=7vczRuv|hHy1b7cniyyY?ELzEQl0+@I$DN$+{ll9b@0K||PDb9;16)8Slv z42D5ESeotu^Vp6EoG2!O#M{zgKM)$ZpL)I|nNjxaSg_lL16O}=i1^_TT z6RY8(kXp5RU$-&u5(OB{(D$8 z2)Ow9513Z3DXIf~d* z6EwrV-wdNxi$vY%f+v&Ois&B-5qfE$e1xO^tE*TX%n*%ivU`n`7}C=Mo%SzhpEb~# zdVpL$e30ONiZ_<5nS{MVs9|P|wlkhaeL?=B+H%P)STM-FITULu_(F}n&axY>42&A~ zr^xZc>X`bpvXYkg4SZ+>{|$Zz^gpz1*bKr37{~@uYBu)XNG=$UGnNu`z$)a*Y3SZ@ zc%TPr>@qvi384~@V<|2?W>{TFw$`bLoyxQ$^;LnE%lhs5sLNcV>Wu4bRWQ85T~Hl* zW6_`RxQD-oOnsZv zdK|6q=zO0jUeJ-sRj)dn*;|(T=V89rw&%Uhi(_FBWvB6d4=!NDv0Zq$tzv7ZZ!&;u zu~fP~R~G=H)SEaNU8P6-!pHG@0EA~X0D>*$PQPs%6yLvLS-4iAq&{$>ML;;DLC=BG zp1<~w^3DINI$V?fm2=wzbAYE;Yt!pknwneF|1n1yWBePHlDO^bD9U$~_;aSV+p?Co zQP3G73s3OP5bl(VCG@7-{IJ3lN)$D(J?pMwhu4%h@(oRmZ|AGq(Cq!?^Bu=<`cxHY z1&D#hlKOpvonlx*cPhgYgk^7@6|7=i4Fr!)-&a#QW z+DyZqF%54-q&tt1T6|^*hEzjPU7|%w5OVlui6NwsoK=(8QKxJuiDo`C;cTiMf1|Jx zvg+}MY77jFs4R#C%QX)%x7(O&~V7hpj6v)G?(j+ZGzz``p1>3sDusV#r% zjZ#OP^o2EZ!YZvvTNh%-Iwr|LF)NsG*&l@zX3K}+C*MF(m?ojL8%0oeE615HSHx8@ zI#}+4blm%*hBrhg>r!I69rRyxTwuCQh0bJ|6~r=kk4bbhp%Z6V)*iK5yqJh!?dI(- zbU|Qfoc}ganc4nrqOx%Or;yhr^$pttR(S7cHF$D)@!p6Dt|FlK-PUd9j49HlEmQ$l z1NIn1EG#`ssx8oy5jS#0w6_#?hsY-a1exfNfxUDlF~SpA1m{imGnVb{V}=Nad}OgM ztwM;H4j1=EK4GiDDPxiq5i1j+&W$WIQg(BUyS7pwId5MeSA-Ft$DOkCWaG^)XC z(dJ_l-xdvo$s*)P@j}9GH8DSJku?~j*a2NZP~3jb<|zX&_ML3Yr@_m^b@|FgR`c_z zMD_SC-_7xh0!9nXwAXx?0&bxoppRT7{kK=mZ<%?`p)$45= zhK*V%ER?_E0?GiSVG#ooLz>D45G_)Yma32wX{fAoAyXoP;@D8BU=}dCWjIWk zz({@sR!<=p-~{u2L=yI(2Dmn zD*T){{R`MWGYz-a?PFxktGD#+K=Mc&BS}tJZz7|@^y<*07NA(U%<7&u8_GPA{EwyX zYLD~~_|YyJJYY`-mQsX6zfg(S{sLG2GA3}Ky>nD4)UEz$^zKy&z>wpyP{ELF3KvzWhm$hlNfx~x zB#S7YfwUh1LLMhlgua_5oea>a*pVNcT4hXzXUH;s z(8@>R*vTiAt=6~j#!NIf4cbr$e$fi5FAT~U#aSqg z3h;z7&boE1KFo+pWrLD(+G})w|Mu6!4Af!X&gWlq8Gm<5V;wDe_=rDehSv*>T*(rH zNg<^M$D~HpWvC9xp|gCJt{Ym7!XWyx=z*6|l}0}15(aT102*4CHDD9{I%SlbS(&P) zLQb!iB_Ri|Cu@&4o>hGi%;vKXHK#~5_XbU%fo@4@<3i>zDdv@suB&-0x~+$zReM#h z-}9L7B?d46)V_U5H9&Jvzc0#If0!?-^2dOSpj*|f;9l(=l09vTRIK9BvXh&XLHgCX zNa&hf0v83&(X#sG`H5_<0j*>WC=i4i6awZX0^&LWvnmjRR)~Whq_P3CSseSAF#$XT z0)zto8@omGN@%}cH7OJoPJ41Wl><=jc{%9ot2wRZJO$0@M}Ph8a0zjFz;+?{mcm0B zuVriAR~!O3Jvp4Ma(`v_-#(5C(G}YIV(cm4lC)`D#?`Bfu(P-4)C|Xb1rJYlq`YCz zDvlHgpFdwG3&S%jUjO>t$At?CE@ihN`cEj0T0R%w-?77v7V0o} zFyew3R#D1af!)7XF-b}cov4RbjO3^ z;^Xa)RpCFwa{wX&Vp%ee{bzVGV;7wJo!%_m!0apP3vhIr6{SYrn*Iqzh;*@U9%XI# zty^qTmxlFM)^7E6GcQ*PertUZ(~4A{^<3MR&>Y&!4!)0j?j&+4lYoFDrT--@U*Px| z_SOM$vhdY1h4QSG#8RXVmG=UU07;--(##{hMo==aDY}wz4U?etxE41oPQpI#z$R$M zI?ynmID!K^`b3D8UyGj=(XPK(IDRW>FbyKau+IUyt)4=ngzbGvf*2Hpd!9tbRa;T8 zF3Dlb%HY%!RF>UeyU43|qc42V@#Oh!!_K#2dgb{G~Sh0H1SfIJ_z!G2j{$?a0XbR@r#7$+p4gp z7R{RML=DV`#H~(u$r7OavY<|6qmlC+9W57la5z~|=y}3CyBCcfPp|ov3HqdV#Nd4n z)cBXkWb-B7T^h79*a09WygvGg5{T>%D+cqu;)fO3Q0OJNL_kiH^npl9g5oy@vp6n0 zk78(nb8ER;LNQZ9QHg2tMp3z8z{*7}_Y3Sf$WA9VO=d&PJ#xnNM*I}uj8CCz(bmh_ zb0A8^71n=L-6Wf^Xy;9LCD@5GV>p)h1Vt`JUoW|M0Bn(40foMV<>AeT$KlF&;Zt3# zZZKuVJUfQn&gxo@_>YPb%3ibaZq(d(ffjbfa~9&Y!NQy4?2w2i*(}H1)?? zTJC;lBzq-?QNX5h1bYTd>cw#J>bZh-QL2sD3)uIoQ_-*T(tFlSPv-z)3{S@Tg*+NT zt95TbePO!1t95OgTz}dxUc*!@E>1wYlm?scSCG`r9oYE2-?O?24Q*Sue3fg_-A}rl z<@xBo^Z3>sEm+i1Pgyg|rKjuAPhOB{&NUbsMvETja!F~?8FQgXi?{|nG$i;9b7$BN zxA~3_Q~@7fOpj$Cjg5XmVECi0b}8~sF-;&{7GxFLc%I6LLqH#F!b{Ov8V`(;lA@Xk zw+d@kWH`3n+F^X@FJB({a7Hmpm8_AL*VjUomK8O@p=XeKA*-((K#(h8E*x5bJXo+| z1Ded!x0(^;N?TGV^GfpLoz^G&E&u-N0Y5plSOxQYMHosf@jr3KB14oHHIhDMx|K^Q zy}pt2H)>^ob)pX_I_kilOlvS=jPE!=DfBvEvB)5M`s6W$R0DPJk}(_?I0~s+dmLQ! z{`tO?At*Iy{d_evblZ|SEw~thrx!286$xL;V#|tMrZu*BQgYXe@6gns(5hsdE3|S> z`21?dLEOVC=Mc9grD7OWivje;6m;+Crzvw{8vOPU+`Nr8jJe36v=^azZlXJ8J*?VPN(>66C&?ssglAS z9GzfA)r*)DdDObiSxfdFFlsyz)ypmnzP^GZ`mfkFlorQb#d58ed_(F*%Rmzp)Nbnx z(cO*u4#2`fVswGPJS7=A%d3z-{o5|(A@c@ zL785CJ-%T~l8d`FXG6qDnKKy% z%xWD+{aVs1GlytG6qX`)O}piz_e_T-s1F4b`641}%!ESQNRu1_;!FP6vQUHMncZ*s zS5u?EDk7X^ytKprVT!^;1vTJ!Z80AsJsCu3u^~&@l(R|!U)mTG5JvgyEqZ*(@56myURYnq->eK*H zyXW9f2c`Ch!;5B1KHWh4Bcl}Ry*AlNJG>DAdlS$))`+j}{XftHkJwQyF zzE4_iHzKXT*moUzbEcx+2^HB>y;C!=@A5KHGVz!?bA0^y_d2I$<@k7eZ|Sw9`d9&s zhN{vNGvcAMe3KIkek>i#YA5)*hi{!iu(1TCBj|2O!-WC1o@qiG~AZ%|d0{?Q}{XGy@T;rJu7fY!at z966?VdC@5QD7nKRzARELax^}#CP?fMMJNguKgY~(-94pD#$Uwn@lNX8!kjc{*$`dU9Sz|s(LMt7u$=s==t1iiU0A&o* z29jOc&UJ9a==2b@I>a=&2MN@cu;s~{YTR;XMZ4-yCAF|-vk}BIG0(nKx+{^%0BCUc zYP;HrUVSyVeR|BOb?5tX#o_hAk+$oQJ6PK%)5oQ&uF)=)Bj+})Ue=?1zqKUVE~)p8 z8KB#WJ>Tg^Hif^4_XleetAqi3Xzmauidkm;QYzHV`=+R|S69;98y+E=BQmd7s&|cp~YO(%=`zt&ny+N#bcqPgUF# zqcyXray0mkhrK|v6>UMRF%x|{zL8d4&tz?uWF*Rgcu2v(U@@1dRp>FdV84Lsu!)06 zU(s$|##W`1YN8H1=1H8jd>0l~gg4Ld7gQEmI{r0;k_249hyTG#K4~)4Z@RINGJ@O0 zT3o(8Vz6BAaY$3ENqPLX48oHG=mdsEqCCDVi!_JvPL;0(KU+!!GlTImtt^T^?Z;4{fPN=t3m(T69_L+@~RHF@3^n%OZSEe7bp);}EnxI`CgqZaC+?jqfu&K#L8Jq|un<7W=DsL<9)C(xWh zO6~;=ZX3h<%wNEVZPUispRV57O!R1;2`5=});)$7q3mz0RD4+;=eS2rfoZAi-V>c) zP*V)2$t=anC0Mws(z=N!J#WY;J3^ttarSCfIy6J`=0wNcTFbJv%)wrllsnP6jC298 zeEvC|rh;xOQ5*Lw)^6gAm(bf79%hStpIw8tOqMqBYrf*a)WV|GQwx=WF;fYu^ASHd z=w2MPPx|>Z(Yb6YEF2`~iq-m8Q08|UyM_`!R!dFuB}p8KHv@5;Xhre+(urj9u1T1< z?2n5yV?6xL_}p3Z;D_>hvY(F+4qg<*z6~-%x8f&~}3L>1$3uug6M=>)@?563*zr|%;KhA5(a)>prvWfrXcqfdqUf-c% z#kgx<2trB1Gv;mwrIZPPW)?r~7#tPP?HsQfJe{MZeB?Xlx&q*Ay80x+KCx#I{58oq z&LlWgEMv-IQ2FAWqBiS0y|{Lsa(q%^xSvcZb8mLFzWt8t{SJYSA$V@sf_bT&fpy=~ zsWA2k_uDxg(7E9j!TY*J$hmjsz2a|p#Ui{EA>us-Cj4r?FF@!SdG!IToq5#-tR2x{ za3O5b|A4EeRqgz@m%x7uz%VfVv~2#zFM=QBww+hwUR~CIRek%D zla#@dSf>buql;Nx`dr3hh6;$fw;3VNiIX#CuGsc4Fb1^21u0;N9eQ;;$|ix*2kSG< zS9~fOZAWggK97SNnqvnzY3X9fYV0km6>HprJqZn*!wjh36j*(IZCb(p!RrW&G`%*o z-@4Gj$+i{PuzcQNTS?8K{n7ZI1E)t!-GHB;Xx=`G2mYoA5GpE9Fw&N3Db}?SLR{sWXTzsN zt(*~L-7y7~N9Jk90B#=0D1h6~cQd4Qz zhc)}f?)sb=HIgtNN+PE;K8~Y{Tl_IcP%!E@La)^nKsJQiQ%|sQ@&(U>2XPNC4{-Rc zsOlZdK$qQNLNdgDpbU(l{A67$mS7H&I#HylY8+$wx+H6Al_Tx$4~cU}7G`SZw*8f1 z8@+i%b(K1n+dieQ!r?T-;milF2u`oVLj?Vf27sRwuIn0}9iwn&N+O~y1AnywLTQ+E z0G>S;ty9&|_y-TGsWg*e5JI@4k7yk76i^WK4X*eg;l@avR@#RI*#vTjot?gIB=kqCJjVJj{3^dQ!{slLNY2<$0 zl{t#cC_VcN`U}m)Vk9Ux+Gx6#7d5h?P<|EyB*yhHq0Zq-8bHGcGi1fX$uINN4~I&@ zGY?o*iOev1iH_-PZ##4fq+^bE=9dnd8Ujm&znkkLE>6qE30CZi6t$`mkl5} z_Lo5y*l-B64zk3+-TCWGDaS2LPF-4(;-k@#(x0;|@OVxQ%8D@g&pS?4Iz9ITZ2@sR zT{7^AU@J~7VZ?-V#N^xBa&LPHjFYHX3OSVM6uGM?2%j5^AWs1*bXvN|h7%U7XCjLD zz0wIYfI&>5hQT_qPzexo)h6a~Qo`9@6HOg>M%Z5cX5x45eI;M5CMfC^pC!7WjgM&9DW)Gz&410$+t91dsxZGy}i6T4$?-b`a9-0&*o*ZZKBy}C~a(tBjHiWGHPZ!ca;2yG6k=+T#b7i zX=T1BNbnmyF~IV7u6$>9#@npjRg^Q41U>3t9GTEr2;PZ|oFgKJQ&aw~annn`UD zdSj91ki&f7tW?h8F@Ff0AzOr&tnwsQvUIe3)74Vbs48Qn zg!U+qBZmwNq^x0O(e%&fUDo;Ehj_MjruPyY+3hQLd$d&hbb)UFB|GI-2JA0hHMa*Y zx1a{g1e^#KFs#!1R~J`J(1AqnUf>X>k%4;G5SNIH10bPZpgwB#G>1J0{LmK*bS!fo zFmsTHMBPhxhoyy2xwA}7SYs)oDZS9*tY|`86ha6bk*JUp(DZ*#GUM;(`3-` zY49<_LrVqo#hHkIl$N-V2lFr$6h!fTOIO73Jl-c|iNp}eAEKaQC?}Ukf!{uB(y|eX zjHrgLEH6?&zR=RN8R3{7Ln6LUPTSA5$Y|^pTC?GpZTl-y7fMGJ(M^OCdI@?0|5zWE zJlCBCJd=T5=K>*Q2?zkZ3&YS0;WDPqsG>ATUm$2=PDFKk=DwEi%!OhEp6q0Xl_d@Q zw7WPCZ>V6b=@Yj+E)Qfdy9`pa8UxdCd#W;)TF-c_COPqEs4I#Oma1KE;uU~1bV7Ou%*vI$b;LAI6gcl(%> zDWY^9;gda6PVzQa3-Ys@n`#lhLVEP(b`Ap(eR6u!M$9H_D5#V*D!FXoOh5U3ox`P) ztm%vmw*=t|g25^ElFWvgE);s5p@W@%NIIyqp!h@G4u`i+AeCb*=3+4_h8%`d)L5dwk9#l9AyUWi|8 zMjNXNqIMk3_~4--gRfR@OmfIpG^KFsyTWuY^^+6qOjw&wz^AIHe4gW2q* zck2r?_w|F^)-9g_H9qXXmz|h@Zt(9Q@5k{K9J|%Q-Ss8sxxiOK&R9Zu6U<7`8Joe6 z$J3_u8@O1`&nu(ZfO=aY9kQsk{K0km=UcpkNwx%>O(VXs$c~F~lr3{13sjbSdn*+Q z5K4r%G{YXA89>D#w-mWH^Ftj2fQlhz%M`L9BSF6+(c=C&f%J!-Or+v=X9PRr6wTNt6M zbWA{pKpA+1@MxLRC(zI6UzC~AqdNBKU-jcJs$Bxi%0n{)?f z+gFn7h{>Un(v%o5sqLv_dazgTr;y6Iy|Xbi@%)j=E6yRN$EtBIqe0o)BTIY(!z*R4 z5;ii03{Sp;xHj=%m77>^se#GRo4Ig*ecu~)l}-9Pf%*kD4=7giFY}R+{@;Ly3~c{- zM@ZUM?2iY$cjuLgTBRJZto6(F!yfJ-CBG|n+eM&C){9KI52_R@5Adq}+k2#LfW-fA zhvl`wN;p$C#!S?4D*r4x!lK2;qSeO>lbn1&v?BH+ZX7AQ0;I)2ZGI`6;4^~RZOJy( zU{P;?qk8I0w~W}i7#3T)Y<`AwYxdf!W$mA0C$h~SDc+Zbd=ycbjWZF1?7xt--{H9k z++M-pN2CIJj$;^z2}Tr|(PBSR{5pQ0TtK>Wsx5ivGFPW6G8tj(C$A|Xrg31p&Kh+w zv*uAY3ZB@G_mKwUb2h4bdvC&fo1V}IWTdkun-8!yEt-1*zjR#`odo$ zn1;!r#y9NS(=qYrl)KW2i%HV|NK5UO4J^+rK+Ox(wu%@(Z$arf88Nx$#dr_~ae2Rw zh~f{OCW*spgdB?Ce6)FJtVeU5xUj&!uQ_3ybEK$K0)3XGeO1OdT7f~yw_$mou{$V`C$Ra*fU5fUL_(($wjY^4AX|BAv0uY7+-J{n;lQ82AKXVWdt zyh{^JT!W*Zkr4hkaAv7nOFf+*#`ixU9b`F^f#hoFqnGO1wT8cs&YBDcfs_+<;xj0b zjZG!?8P{+jdTihV?)_CL(?BHHdrpv6G6Z`6bxzA*02&}y7f0jsaR<*m zK;7n>tZz30&c_5+r+Lif?GfAJUykZs=;VnNN(o}BVOa@WaVuH`IVaXr;iR8cA>RvdI#Y^^vke^5jZ?4O4QmXp3 z_(!H~SXVm%J`~R0*vh1OcjSyhFGi=&X}^Fw5x)ukZPxu9Oa9j;|6}X?|8YY3pC%;! zp}$#*{@(TrgHyWe%nX{yYr%P|5j4yxI#L$P{CwR)@$G9dIAj#-yu?XkbLo4NH`wbS zG6({J+inBf8BDnO@M4k<%$*{CcI7DwiGG&B0f_b|kRzX7=aa7IvIoR_I~%fn>wVm- z;z$+E$)hKuI$hGXZ;uyPh`zc-?962O%#5||)7odT*nVPx#wYX;c4MIE}Qj_@8AE^a57r(dP=G1u7t&Io7oFsnG30LP1(HqaWJo3@izLUq|~<>=Q0< z?se(JXyx`v*)wo9B*tm-l<= znuLXls9=FAYM{I!t|T%&U~v8I2d7koM!lm-4#^XN9_hgY5&^YE3z)H{r%Y^Nn^r^M z7^i>bb?rzqau%VTGCE{GdvWGQE$wg8PIr`^r%H%37KI^%3X09Nt8IpKDADhmD)?id+aU7MEK+SkII8M)jlH(sNT~XUi*CxNX^= z;Vg(YBR=2?3;?nP=g=A+Gs2z#W>RS2%nxk3?{}(M!sG zsOzc4qy};%olFCGij3m0bhs>17uQ5E&|0!8yLQgpsbDSN z{8HWh_0!Qp8*(3o_tB3hItWyovXa=%lE8}ZeI|)`8!3#*USz5FRM5FF-bU(R>2-HR zZB_*M9@!x2o5a9b08dr)ZGFDAv*#A$_G;eYro%&glFtozV!;Ach=}a_kG*3ng(Xf` z*u8FuL2%+Zyk|;xh<$(j4|_GR|5ZAbE4bm{{+lH8$Kluk2oS*dR8Pu@dmz4dsJ$0g ziw03*9+X%r7Ni95dXT$w_@Ofsw^u9oV$Pd}_$oL%%@5&$~ zq1*c~$`9|C55SlWETnG7TE(8JPf5(i-yT-t&Pn0q)CRauf4~dz?n~Kt@yTiT#StvFVJIk^TeZ4>1V1PraQyrL0gMVTC*x2x`~By z8@x)wtxmw1D;RgzUV1dHhDU5#c0xDLGoP4`$WRTCihns=0Z3eU+lkaJ)4240b!s z=kaT_kolgI{T0m|lnp?0*}r|L&M)`j24?Kius9$D#yJ4j;$gw)LD4ij7R{ zfH_iX1u@zO0iv33lb=$m=&bntK7B!J5}!bF9xvo699F%zoa5@#N!0 zmw-=Dw)|s<0SQSEKJP8eG)ILd>vJJDesFnVfR{uZ1L-tVqZ=O^@Wvh5B;MO_{GgvQ zb5TY63k~*wtn=nxgE4G1M%L(|<5 zTC`NvA7K|$rrDs^0%A^_CkQ6IxPpKoND3F7BFtZXEzbD4<$O&7#UGMgoSZo=UGYe}}Mo_a%_7`fhma%^~|8I)81c zs^$Bv5>0yp>0X4@vI1kNDl?EH*DwANAAGvc*@GW_843V@(lu;Lq>*npyDDEvk~o=G zOwHp{ero-5ZdCSXjhxM4kOEI0@0!Y2cf>?xd*M|kfKz0jZlZw@B3GH3ym?#+Hr}PO znns2KOU?5uuBzb9XfJYL=ot{K+o%KUn$GO=T`)0?85j)mgb3OBU-*u_)AzCF+um=bBbAV0v znX%PMxY(x&1qQ`liU#ocD=O@d(e4YM&)1OFt;}p)iY5h%=RA%P^2|)G{F%5Mj1o$P zg;YkO6O{kj)8QUFS%Je|csI&9rRbvd6h&@Kh9s%}4skNPV-MLsa~QR)8Sn2@T~)cd zzgW_}tQr-^SnPTJaWou=37zCUv9=rXr0bkvg%nk>EE7x2B(cb>w};A=_MsH8su*S8)|$$AR^BVeZSshHYOza-u~t*4eta@7No8;JEhWb&JcL zRgjCCb!gjn+Om$PBFoU)o;pFh|69i>p;2 z?TCx9B7Vzrn-^lrI>ss!_D0b)%vQwNFJHr2_~$8v&^~NaqhR7{I%E zX!jAhcdYR5_Z&KC+ugC#{#@uRtmBdH78(FSL7VO#-_4ty#un%RV{7or zLg>vG%rlRwqx{Y#31<;y_$m{B*70x$aVg;f|oP+c{%Xmr}C@^AhhBq2kk5+FF-L<?E!BFS{_MiS@uIh-dPkqRt~Boj4B75|qlVv^y6h!7NmUy3GI1z$*M&o!Lx zPnQC`EOgLO!#I)p%fDVsPK~bM>VEXJxG&+p5&5kkMu(sN0|iJz#)F8#BJI4 zkOyd)DY$G;If*gz#aVzrTzhb2oUG=WW%>~YqyAmm{z7FkT*N$mNHP*L7gQ3mIN4u3 z=!f67#*2{>s_ZO$G}7Pfj|(w#QaJ%CmHYiv*~GcuC7&@tD&j<)E1MZ7eDZX`dy zY4squVtWpYbU{=p@!0gR#8%F#XN?9Be$h=m%H+p18MRf>>|pC}rnYI=*yXj#SFm>E zA+Ei6+P!EPybE z80-bHDT!jynuzk#E0Dc zOD#frFxBT0i|6UNYA%-)300Dz`fE@JgMwONK`&6nY-m$Q55>7_{jgm%y^yLi0J;W| zLw`E4xv=SO0=4PRTAhQxgJcL{bAGnplXe3(@cQ1nGzG8EeJ7lP6kWcd+_PRARgZlM zH-|4AZ4jR!4@*LGLws-Cp?h*^R)h5p$@US*s8USQ&| zoM^6SAiF^6x1kh`NUg2|tzwEg8M9hS8M!=RP9ol1A$(1>2>fObG+)e5y5}_#L_oUD zG!*^zd;gQrD#H}w@#WIrq7=+~Kz)&Sp5Lfg8r;M(BT$2R9?6Mj8&KFApKmB~ZN;gX zY?(h6h{OL-j!v8@=ZCQq1-6v6=nsF0isQ87XMh|HuXdreta7E!FLx*j#P4sikL7d^ zcC7n?M6cphu^%n6yd3)!YQDFw)jNsN*)W;DX_?0GBX5J*cf}L} z?TX%;!W_W#u})*aYrA1Qj@dN<%E4PR0SmG<1kT%evAa_;RtB`ts#s8U`=%RvYvK9IwWy|F?H8%fDrAF?0Oq2IrN! z#y^#*?`j=BLVmu#c^6q+4@K;OHm#zP1rTvSpLkVK0=Y=Bi06WryCmdEkJ=s~giQrK9Y@qK8Vp#ewI{>xMD5;D6=(|CFYplQUiL%ou}R zCqLFunZPK zI6=AX9^}c9Zhn1q{8&R1pbP=Ai^gpz`89#iDwGTWBFulqr`wMQsYB7DYVn(Ta9|%t zojn0Cq$UPWyla|TOfw!t7DHNPUTfv%gS&#*Re0{#sqS~a#C8@v4xlE%~)3>-#*R&Oz@no5#5(C@%GCj9%?>q&$ zi4JCapvLCCGLyre0-R=RpD>pEGn7?#;Img2O@N$^4q`LK$x4?KgqBq^qIT%nhZ2KN zInM*+np2-o*rPM7Fte*M{Of^Jk|Lo`E@&mCwl%9TW9rKTfawGzQX-BdSkgod-ZU1r zXxX%A@~IMIHmV}0a{@GA-ZhO49fiTC{RGA1|s|$9BOnhG$t`V`y%-Thv_Qm`M zPl{XMDO1m|RxDFoc@O$mho z{pIja0~Xq!I1r#71w}#9t>TASLu7v@QyRQnAHEr^@>L_<&k`-3nlVZoNiF~ckmjFO zm3<0o$en@)VCO7+on}Z7`@HN16{#OB8RwZS>7KNBeQGWTw(cUwCSehU#0_~c{9SWd zui0?|0~}H`7-)u;tUF=h&YgGO=&35*85k-na%R;(rU-x1N-}~bhByCx{Sv+Iw{4<+Q_?F6RTKlb9%lIe;G%l1mAH#^t3nC5XEd#{V#byrWwEpz)P~#uXEON(CR+>qo5v8%#TN)1XvjaoWPx=v9x1*F>%kMyAct=_CWQ4N;R>J+@{WSj=~Jl%?MF&!`q z%3NfV0fN?4y(?7Rw;bj#MaV4}p%tejrIY%1=`;OYP%BP))#jLV)9}#m?)Lr4k>*L~-!>5<8N^K(5@v zqvbSVgcF9l_eN$Ik#l)R?R}>X*fpZbNqzJX3T+l&CX6Kj<8gE~6ySaFnLzJs>`WKrVg4l-T6 zYm1Jjw*~so@28`@j-D+Z{Z&Y4%EK$lSjVp!%4>I@eL|ARNWYsm$H9#Eyv_!4dsSvH z0pB@j(-XScSuiqPrTl`Yb4{*+oJO|ylw1+lVuPy$+hE01B_6H!U35Q^ziI zb;;+2vbBjxQA2k2Oe(-mlh~6+KtjFvBD1D}M2|GNyst&;V1k6wb4m%6t>lux!n3W; zK3bw(l9|!Wpg6U)I`4O0k(IDccIP`gK}KoKe_Jcq{sr}5WB&ibzy1U2(V{Bjl=Tnl zLB+fXjU)dU;%~%hkzLBu9AoAw&WH=tXb{-|-CptS(;{x#XR_fw!t1XZ_2~Lyp++r0 zB|JCf!RJk&+dBQ-wn9U&MKrOBz5u0yn!3u0i3E$P_S~9>)-x%rFTkDjYkm$1A%-LI-uZ(&-B0;XHK& z7-FQ}wXcjJR>K(KxMM+KbfAVua%;$F$fpHr`Ep`qEUN?)nd!sd1WMPdO0WM~v!bQ) zGBs9tcGX$Sw54{vq~miV{VoDQ6}9GGK;Fc(nQgc+>)oxAdR4+Cr+m8HWw@0_kx9x; zb2{RE(#XF1M}R~h0hj%U9YT7KqrDH)MK7{gLG@Y@D42Bjazd8Ww#DK~(qu%Z=(4f8 zTxBEGt823``V?@O^R9f8Qc6tGa2B1wjZbq6g%E^bm*2AoC~e}xs4{G2yzi}FH%n_2 zD`jOO5N+9YHOlo91^%FE=`8Qp$7MB{O+y8k$wD4ED*LxImQy z1i^J$*v0VE$@-uD>r6Tfx&J>ssb~s2-_AB;P65(_K&$J2?g|o3E6xlML9|8Ah zq2TWoDy{Zi(^#-|*6~8RZxJrWI=+kP>q>Omyis7ekuHsv*jTQ z3!sTv0hm24KP(@C)tkI*8RCX)^edZ&f><8ih@**3G0VIhU#jN`oaX)eKC7E|co z(FExh8-en!R;A2Vp-Bpc#hA5x8f3uKh0MGP$z_QuYp=hIuN^zqd%a&?y+G$WD!;s5 z!RtN~wf^Og!@&A~n#BHZ^EIrD|1)31!1~`$UamAZZL!(@+4$Zz_-G_J?ZW^P@zegl zsYUQMF@5zkBoJ8Y0apOyyDw9kj)$J8b=Fkk0o}wz_wi2qQ|tS+65L0^CC9{A-)T#? zS`?^gAF2|=SRe;OB*B&ZBg#+894qOhbSw(TiQTD?7Q>`0rugO(!_Z|b^gt{mQV|qE zhnbRA@lZk*A+?4LEdo4G8~I)I&dAT=B2#1-56a1J3{#fSd>62>%nlJ*lW2#7@hlu9IJtk*tMaBs>7*yl!p_EH8!~F_N{+KGl60nMg zW=7%)6wyqK%21(uVInp32D_#E0VDFps-d&?x%6iUgjeF2Eh}c|g2#t0jcsfhyi(xg zDk3Dk;){IWZ`h=+x(>33Is(bEd_8{Op7*EoYW;^B99!6+V0g~APB^NTCu0Ftd!NH+ zA{(1hi#}^=k{Yy|C;Gs~{YQ0s(EH0c=S{{-$BsW*wV_Y#FJL5fh~UFa?4l)8&Eny z)Q<_Lf(^cs$@P%H1+5WgHX&|5qm$sE&JD(SkkC(_g4mIuUaLdpf`g}BcmLGc(~r7} zxyPxdeSjEcYN8S9W(qzFe7Wal7-n^6dC=&n)V=cA(`0AU$F{rBM#`2xJCXQT+qK`D zlpLEoS(VsOlargX*Y4N|IoYm*F;hn#r(5axp%wI@CP>ZL)V(-98d$AWwk8%NZHs~P zQ$c@xVfpf)?@l#S@nrPHMLq=~i zZM&39yO+<&r)n}BEtcA+ssN|>I?2Tls3-Gz+YlP_2>HH7PAe&JW*Mph`+uy1+pTAVPN!kml`#N)~s5gP0YQw<; zg73Av9=rSPkmm0TZq0kT8x+7OyMcf!{cVhW0PUG>jOt6k`Xb7V590O>GhsWGFae-j zgh47i0Hk(0-B&o^BRLvRwkDq~qK8!IW#ATy?OW82mM?Ta`tkb`vQMdTJei3&QWL7k zKRo1_?|6J8MO-`mC&Eg4+>N6M*iHpRfEbNRJG3feF;?8Z&Nx zuSfex7;fPv4yFH&s>3QLCy){hJb^8dTspdfs!BM~JbP8oZay;NFwIR_ACInZ@O_B4 zmgkDAix}&EZB9+7jzA&Swk}h~Zv;iH{`u`dKzk9zA+vG?{pq`z@X>%_nAx%fE+(Xb z>5+hn0{F@{ks|ynOc`zlH$$R9#HG4p`0dSVwGXyaXJ>!x$FD8?=0h+VssP+%;<2uc z)5^sJAgo!(GTD=?`JoAO!A-opUR6;sshsT|CEH1Q)dRa<_V4yKo)vf*kPCu{p1f2WyVVS1eiUEfAj`o{%+GtrLVRQ`2TMeK`uJ7y0%PBkikE#15cQkZ>qM2GW1p zyzZgA&K@Y4cFqZQok_B$6D$8o@?n78_N(x2f2gj^PUk(V~x=bxOL3CXpu);HJR@> zH!#Z0=FHw;eY`#1T=?JXe!1p}D)MBA0zAQBO+PP{Lz(-#{f4(Z;;qcf!TwkG*U@!7SEXI4yM#sQ zYY9~zQTr(jYqEgBv7-nB%?-l{ zn&PeMU-20d;%1FiWyo0;56H*({xvdfKjsK6qnhRUfoa-bIv<=l*?@0GjE z8ncc{Y^;hyAw@MC!-EhR0&$wo1v5 z@Z~eL9Q*t4k@4o7}gamss0nBT?yAotwUzA8R43Iv2=fA zT5EM5E0epuswny%XU@pFz%=xJMGY&8c<44Im= z2>6g7qMBNk7K$VlonJ3G>q3Mi6ER85KH{z&qf?h#dD2Cj;i7b+eA;ojIT6$o;i{6t zt85CA5~a$?ma-^OwdnJk4a9~>56swl(&~(?ue(87W0N6yC~YdgEz{htn|#!>Oz*$m zPQ)bz5|sg%q$JI?e||f72C1!T+Yy4BAuO<7aHhj)NaU+ zOz*<|RUxveH2^2O*b(=h~UvcNbdJ0QLFxSCfkyw*4oa zw6}ORf^^C}r5QRog|!o}C%fGDPxt~{YrCBw$L*=Usn_t_+`JKPg-`lXk%aLclJ1(> zz*u*r0S<}Lzn(hP#~ofx+Z9`(ZS1E}RJb!jxnof)yUm4ziV1%7A$nDIZ0XooZA~-S zFHmbhowTJ5hO2Eo&U(KwMC`WLN%LH&*`Sy0pH_p(jHvSAAy%Z|o;e+#fp&xd-Ni)C zMbb}15QXa}N2u*_8dJRzke>5>Qg|#-{l5aVR>188dG%A0qOF3impCP4?f`nE3Kack zPh(g1WBcQJou=}4&^r{lPDFTF^>3|bqukO~J=Xmxxy{Vb)*ej*GNv!JqWTBADf@d$ zVOT>+oXxqJM1BFQkhxzihK8dM6Q7>Z-$_Uy=5dYY%6x7Vnddn^{%+qze z;IQIyK39jBc)R6NFBODHnIyqDyI7e|G|=#60{Kcp-8|nM9jiE43a(f&k-y4*PT?_c zHk}kRC2ykRo85#&YK70Y&%^OFzi|~z?r)w8N0$bMf{JW9 zE}Or1A8|4vW)F^*?-{>w{G^phSpr0};au!_I7}?54C;a|N+ajau(t?*CRNCruQYuE z`{90}i4$KoX@6CqxsKmH5Qle`)zZaJ_YO#NTm$LxG#SX71(I-eo zh?~G8lMJStdopx=nYeO%q8ksf6d)jcM@9p6)WyaD9TbsM0BUjtdD|p|(4fj1l&K&V=YIz&#kiq81-{Y~l(|u{^seAhYdUzx+ zTUr7=av)m6zAj~tMt;2^cRTI$!*CJmLc)9%de@7!=*O#N;bZ_D-x@BXa|e%O%t-7;p-@(bS! zM22MTkoV{YZ@-RB{_3u+Uk98VxiC2{9KDp;h4;1UHZJ8UK1}OUW2AH|?G|sS*)H*4 z)_W%U|I@GY{~OBK{`(Y3%l}^Q<@4iz4q4I1O%l-A!koxrk_q{dAflUFA>@k*6Ugbn;e4{?^U0}uuE>_QARmc)IPxWGVx&#tRvIcIdzf!S1k}7th%7@8 zm%pZAE0WWzZwqvz>oTxx|1S=FYig(ejMtAVsc0(XQL`vUPV~oH`gnUvU7T05o|GyX24YX3IeG z%TB(C@p#63$Fi_TITz`R2YVw&fkb3q`<?W*C%xN}hFND-C0uQAr}d^wLFOYw`lK$RwyJ-0KXc17 zfa^+v@`qXkc#VcsY2#+m71|oJy0Cl0;Bm=QDSAO#JT*9JuF%r)^==DRB_^@ z$nI;+ncOY2dW>EyPzZoFEyf56GzXoA5JY?dqUlFe!l!oq+#gO2zYg#IJPilW-xZ~r zJw^zjgrt*?=#ztSY_w7PX^vMB1IK~5(R(k2H<$O5LGa(qY4Vg`zUYr(XSsKXo4D%K zQlT$JdzU+YK?&YxT@mNk(*q@Ig0*U@YV{zcKpRroOo#S3KEF#I{9wFBQ@g&aQcNvzd8 zbvt9!8bN(S#bEHilb^D5ORN-jKzdfMFhix14b(kS1fisS>I@_$*BGfdO4(F7!f81> z%uaHbdits>*-DMo&~{yGb!U#u^>i!IJ)6?+#ej$>cz{JcHOWPlP}o38)>~(hveVH> zsZBKMq?-5{BYF!Due^5=YSNjaC`5QnRrdO7P5yP3GL_oPmD0;7coF5}`mtC3YYW_o z)Px|Ak;w$bu`H&F&4c1br^2}rT~I?}G$35RD%Q~|chn+Nj(;BeL8)Uj$6O<`5-jhL z8?qRzyp#8;8X<`4vtKq-taL1VB76KC@FR9i9f+)hX-V&haR+^Yp&`rl6S#3>Qs=Qk zX~3F6_F%iku<|)y`q*{B`fW#1j;gK-uj6Z@PQ{YJyrLKsE9G&ALczMP+=r(1t@+D6 zDLKU)Se&RKJH8b5tGuN<;qv(JZUw>vs_HC#=B`vPCWV? zFoUyxjX6mU0;`CHJBwXbcq^+XiiTC&2$y?} zah+xP<&IVj{F%t>fXn*nMPrW(;Xp06%{5>7K5HxUXDECOb7*m~+wb-!18$j*8xRH!}*us<^cr^p@Q1^ z@O)}P1V<9)O}S4vpelno-?h9R1X*}_L||MIVs=Jk~ROGj$Zu-M3KNR!bKYQD7@IYvj*@c2`lb>RRTjZ`-m|@WKAx0hkwRHc?;Yg z>LnV7=(m-@Q^fdwS?XDeJ}(&j>M~M$L6qI^O)(&8uEB}BiS2$MSd79NCgh&_V}7_D zG@8Mt4l*Hw@p;3hE=IK`qgcz8e+f9k|C$^{Lps1k+X@nGdpS0YHt*&c6GbyD3oKz{ z*yK#ty42KprskZZRB7gk&@RP>#9vwbrx`JsQJ|8@2KXi0p*jE8Ihv2lv^QMk_IHr-5UBR9@;lC7-Y`_qfN7O9#-uLJ{!W3h z4>EB*wJqH$sey*6PRcKEeKT$nOrX=i`V zK5UyqWgi#SBE0}3fF|UToq-OISHBf;m?&m+JNR)t`@L-e0GAK zvKVt$YO_>patyH0nBFoZA+c!DUPFICpN4V+obn+O_n8eA4U%J+W-Rvfk}Q=*mV@f_ ziwB}N`z^&LMLGoP)3Oqek>mZ91NFMqBDpH(R?CN7IQFZXg`bcg^i9LQHw~#&Qw?+` zZ*TL67YcHg2p*#@)+GGWz2QOUvOc z(pT3oKF|@Sg-R7oPILxQLOo186N_9^V6Z5iVlFqUJ5zQ#c?+DQ5RxMaL#7hSsfU%? zsOf{nN_8zs+r!;XCL!R*$Wj{B5f^_Alh?f7s8HL2&nbCmjn;Yg(es^;H} z@+g)|v>q#sRVI0XHvI7|aftv>ahs#()51YfN_p}MR!OUG*BYVJ`a@xBn1!&`bZ}RT z=T><QPgoG7NN9oYi`-*UydYv z2EQ{q&5GI%CMQ>me(+kcRkQo#fn9Aq&qG=)C;{WWL8U}|lpO2|rR)UdQa^0z`AX+I zg|B0iyZ8-o)F4MK{ zxy67A`kRoLeKe2{8K?yU@r5!7C@dw^K4K78{&fyRpX30DiXW5W zp54)6gvJGeg+N(!s}e1n$43d+O)eAJL5AuS5dO=eD^Y#D;Nw8cW1hz9Fd+DKH5rj{ zv>Ro-f$ij#Y4rz&6P8&+8g4v$(j-f|gEUxBfJZ`~i`6magB~$<0o{`)@&y#Lh?8d# zB06+Lx1egL(1;KN0Pb_N$rfHPjSLVtN$dS=?(?T{d&v3NBuI^=ps^F%ra`Wf8+AC9 zAC8n)`+xf5PlpEQa>@6)#n-Ao8_E+$!GcsU33${bH^)`xc2P_+GMQvyLG3jM=V{QJaGztIY94+VT6-W*u4`G;?KY zr=!n;;+;GDop|;Gs?-AWFb=h2OiP3^n)^YQnW`C%Z|72|Jj8+40q4q3`?1|~tJ z!4U=B&}Lgh2+;n%%^*~*1ysX zEg}QTxbgFErf^0&7*QG3+L=p_NwcAO+M29m#{-VNg=b0598lW2*w&V)4=<!zV7r$x!Srl-Ni zzF%wm!HIywIyQeSmJDBB&dqJ$jaC$A6S0_aKEaB!E%6`?+*`X4W7RP)2Y*$b69FY1 zZCq6si{1nUL}T|_kPEHy*KOXVXj8}RE5vzMYDkLyka^3D8Z`@j%?(@m19 z@1Q$sCJ$r4oZHhvXuPrK*Zx4$h}vLh0Ap2wz9&yCuAu91ESV|1KZy z9mlc{j4FUkvUQ)}8FGm=akf!Gq}86orv37y;BK0mlys19q8rNxIN+$pzfIpVG5t#f z00+~5hpU#=bnLR|QG9+vRW_i-qpbS84--l)mTPi4S+kgJRD}CwdwvSw}*#p&<5B(SyCTNP?V^Ij}5 z+M3zLU&%|$U>~dePUGGwp2E<`t;@SLZ!*-tOof~s(zoGU?6D+`CKq{eP%Ys)a7`vI+{-k5FKl33i8Zi|Fp}@WA?E|7tjqH5-AwAA{D4*y8qNJV&T+Kq z)yPMYU*4r%Ziy_O&BZmOZ9#3Px-edRqFzkqRkwjdD*K>S4!G7G)B0nTP@=0+oVDW! zMNlkuWvVx_p>jZQds^$3D%UIZosK~@lx*tDt%Ht~LLsx=V3GP({3@H;!}*pSk!#F% zYYxUk4(g#8U`mxY>($?%RYA|W9E}dB*?RDbHLiPL+=1NezHoFJdqX`FNTkCz#bcW( zfi4)6Z1+I~5x4~`9uG*k**@IbKI}d0dEq?<6a3hY{G3~9^LJseA;y-K6`D0S*T?Sm zE?zU!H9Z=gYxmle*+uq#&NxtVmq3O``u6EnkqJujcuREWdwfc=T-o-=wUj4Bk5;J5GF2DN~0 z=8r$z-@u0$VLD(wHDFt_j_mT=jcd%gB;CAZzrcZ^UcrG46OvdOjaxXRMpGQqP|6pj zmDj%#gi~yU#<4U-m#jY&Ea9(kz%N1zcZ8n86ugo_BUjR5paOX+g*nL1SJ95&0YSFj zQ3gs`zzdF8=!O&x@k0KR5J}q0J>CKFS#AyFlCL_%RdqV?VgsRU@v0$6dW>C)-{w0_ zi4XCFpDPWWyv(s}?+*m;d=Lean2cl~&sMZk6bGV-1|++XVWH<1L;ff_mKh1StL(e= z-=<2R=KMu`D=TB7qKZ0G_oZ55(O!X|Fov zRb#Gr%yMrgePlLClhkpLLYU%$Kan)Ti&73MCf*6CQQys>`HcMa}}dkpY9|&W%bN)RWS91j0lPVCu35L z!74&_Z(|7-m7qu;h1U%gllcu9l%;qd|Lm8JE1edmdp@tq0G!Od6f$d z^7iEZ^xkzbxmx!ba--LaIl`S*u|$LBmq{7tvDpaAnPD=Xw2?Om&sTlx##u(<;QYAp zPAxp|$YYl$Rj58u7BJF0TIswaYu2=eXnVuVPZD|7!Kq^iR!hJl3^a#N;;s%rMuNs` zmv?8>*AO%b&=yYp^4r@NN0-omlf)furT61OPk@GX&q*j6tMvWPU|ny|TkiymiwR2v zz;4LIsk)HpTPLF_4G_n0efOjwn=nIHzVoPoPG@ z9&I-@*=Z!|%i5)JLX;0E(-pZo+R+oH6&ZCtpAX_{y{TTEFtxU{Ka2a*-J0LgZPVzh zH#w?*-@JYtjh{zhRSv$rMHauW@E#srU(fE_=Flm|VD@BlFo#UledNNZFdRO+7jG^; zcy@Lr%Da|1PIb$@3Q~jWtvp;b>&rD5>^=}_`quws9AJ|hOwGJM(^9pOYtAg5N#o=k z22hIGNA&<9LxJDbk6m@=&_=sNV(_xV&N%c0!)4=k4*&wl77kECh99yRq`GUrEmo*! zCYCUgwX`lH0&IqwDot{PR;S8U|MA>A__R3*O>MSeKHf?b5=Pi$&GEi)Y|ykm6(b>=UVsoC=|Q)baO|ah zyToQ#$@z>2E>MVR&JnxFuY{?YftesM*y=Eul#RryrA)sVsDPFX`xUj{KY&DCU6hZj zBU|awL_rf(BC}2}#~g!91hDuV{8yqO7Iitp%y&)$jd=BPGY|}?#tajaU%eW~zw{Ni z6a$RoWdml;eu|u|)uTEzni82}(m0EotXR3w2D{lOA-ftUA={SHuX_46{!Y*Y<;Bt^ z!;u0MM?8(f%ahKefN=u>e(&kv_hJtnZQ{15_1IA%JWCwaCnBYDQzsh*fFneR;- zE2yi@?%tz(kUMR@)WUQD*3KMXLTJTfEg$z4$MC~lpJ8ZAu_x|(rz9E#yX0KZL^1)J zMrr3t`kwK~Za1|(0&H||S|<3fDayEBqYz(0U!WiZm(^}u^1cY0efoJ#29XGGpdJ6I=>TQ*qSLW$J4S0E0L6T$E zIKd}v)7uUQXS%7;ARbXL6Dm=hOQ{S#jOQ4X=nondP)3nbgmbOMU;o}}P>O5hFG3|@ zMXtpJ(WA)wZa-zhFIauW`1S=pN{cILF-~X^3p9W1idRjDeZE9vKpiRkJQU3GuA63w&>v;fD_cWI(v9EYfUI0Q}8jkd={ zojjc_T!g9mqE5UwR-IE9H1b7QzAtctn;Wu!Da)9c|ILNOz`^!k%dQ%AoqsUJpTr9U zdi{F5sYH}slza>vIfq4Nb+oQujkO3U8V%iVL@k%3JA=OOv?3d++!GPdC;g@7=RXPI zGr!Ydo<(t=J!2jO4yHruxI=&lyzOrHB%+fMa$(4khOl9N&&q^;sAfqncUvOvNI#8k zNDnm?{E`-Z75+7x3y_qu{lAHmbuQjVgS>@nVa z_ZRv(^mfw=o`_F=N2$T_oB>W>I!LD5_uvJrRaalQ1NXcxMs8t02_GUYTX3(?yajTk z-DB}aSZ!a2xxEXrsD5)9o-Jo`)36Jh%Z?W0i5QBQ6bsGE29HRhSm47Voj2OdqKXD? z?=$3QfB*nBIX~F{w^W@B1Qa`)`?%#DPm9&0X@wx+nkWiD1Vcr^#gyntj<0!rF}VRE zZNh*h@N?T>w(yV{iBG7&ynefk&KyOo$*O1m)obr=uNju3tNKpcA97TYO!C zdUpJuoFmOt5|Q90)K13b`TLHmYM#mG&-AIQNnn6CvS)Uiu)mXcOQ8(AMLKH7?T?Z}con*ixO=6tpQ=cPT@KhhwU34zmc9_KAbL`fAtIP*eO{}p44WxP|vHVFEP}y8Lk^8)I zOQTi9hiFR=*lkbuni!EV38`F{`+?h%UO8MJlQyx>NsiGTo-J-vt==~xiudd^NG^T( ze97C+yzRL52O!rGotc)-nO05A$BbQ2w?N@eubNguyByYp9f(>lHkjtl*(mq=jOEZp zleO1TAH&Hf_j`o#?*k3>i*-bgyT<~1T`@qCO;{$@DRJqQMd;LEK&5Iz!eQ}e2yyFk zRnA&3;kPqS=EsIg(q42)1{{GTbf~rMx_sId`I_VtQoY_%$pw%rnJZ0ClS}a;fiqOl9%x~}IQ1l~GKrC@^(c6lkk9ZH8Mi=|V+>VnE_9H% zs?eHi;{58oytK3PT;~}d&kt}L!r3z_1$QY}9K7VTY-NJ*?A_i$jb2_}M>UG^ZEL*L z1SxFT+Ndt~-EN`fb@GVsHeB!S_P%7K1qBJgVXfIa8CP0w+cY~~yX7S_M3J-b?2@_R zYd|@&3C6>_m>4!oRJQNQ`MX%G?CSs)99wU~>4RC>CaJtY!+XJQ^Ss~DdijT#=VYbl zJr{UP8wj@ZgX7Q+uNCp)oYcUw=|+u2*C+e(ch=&bFIkr~e&KwBL-rzn{HO89@*fNf z?DYTFpZH%S{jODIY&ZB3x<6E_erfvPwlAA5#n=!8ki9e20b+S~r zBtdP{F3p}Ay%#Pu8P7NNot|qoCDM;HFEJ=Wyl~!vEQA8MWNLSFe%*hBUG0HxDxT$Z z!-%oq8?6w`&!ZcA1vL|mjPi~49wDuaMrk&=%G zdx!Qk-n@JZLX93<4Oz@%!is9wb-lU~KTFzo&2_U_b{1ZR`UE^W;`GXZ4}B5>MfUfP z-prk`C87d6OkUOW2crK>^+^}>ihmAn(~T3%;T~FjqF?M5BAJftS^u82ZkV9FcH1** zn3b%}wKhGAt7(7%qUBdps1%fYRJTyc04|YcB>1i-k(4iuP`V}l;hU5xnV*axw6SH5 zF0$VW7ai&S_EGwvq6{ zJ(`_n+AE!=%P-~1q_RxK(a><%N}JCOSb9i`VYQ=}*!C7=EC|t}_eN;1(~7=u{8?>$ zl+qpZd{l5cI@p$tA033_1g=g1w#w8Fp~DS-_s;9;*>%<6B7_P{haKD+^wA8Ywr8mZ z4M9Sq04bS`ZZ!WP%$^k%HFhZwQZ4;Zx^pEbVF%KoM^Gb9oP>t0@#AY|;cc>R9=~oj zmN!ByS7dt}b~!go+^TO}q)&xD)YAE~>FScCRHiK84f5dsJuot>PV2Lz+-A4_+pV5N z7icc9rM|NY_EKQ1>0uO8eN@|NC60H4wW-DOP>Ddir7Aco(-$lz2}q1K@SUH}s$GIM)AEV#vV$Uki?AHO<%!_W$YBc57aU z5dX94g3YB~4(}9#DO2jGKIX(?QAr*QQx_a0Gtkm?WxIPgUM?o|^i!0KlY$|~};l1o!iji0uDp`tCBX%r|EV4%PN#Y7#fuOKM?QNMd{ z+d13w`nmRO`|ta3u@jyR{X)LRu6;3+sy}Y1hFA#@*+>J0icRs>eJxQquqy#>POGe?#s0wciT{n5piE(Zh zxbL7S8&&r(^=s@=F9Czq{4jupMaL!%>FLBMGS&ec&+}`BK)4AWpO7DCfd9h?%tA!j zhKwltsQVIaY*|U2Ea=Csm^L;$Q)hY%$UShJe^&c#^CY0UQ=whSGgH1qiXL@_!wpq< zSUI@XJ(`i;RHnbyC^5tYTP9UmVr7ol3 zc^(18V}bCq&_r#z&sjtP42e2_KItP%L)g;b=Xy5S9qVm(pt!c>u94It0guw=!Zz_M zGdNXl%ILh*?0CF6XdK(D7`v;eOLL4RbKbY7^U|X`Gg5oJAHoF_IMqHc#X03lP1qbP zQolwGra=TLMMxw81LeR>jVh|)`((X-N^i_h#NDLopC4&28?7s3p#XO#xH;AZxbC5q z)>iT4I`xufDr#?mYX`%zu)UE@Itxt0-qDtm>(R;R?;eTJZ10uM_Es((*JYWh1<WXl7TWXqA5X5xexTrc;_H(`T;HOXw%p_xhSuqtoYIYO43)1O&X zQYhqFLj+5Gde;~sG#1YrD7geVvzSL+)Y?Q+r=Stcx#2q zr-7(*5O`O+eK4vFAC5W{X+S@fPY=E08J~(r{imVF_8*5H8_R$DmUa9;o(@)oUr&cX zQy)Gc)1a#)-u4OTc?YR84~)7dMg$3$AkKL5aq;^rS40wZd&RZWdMRj_NbXo?s4M(! z45^tvLd0W>Wt*4SMD8ZWZyBT zz3h|5Y43z&`Sg?YbZ+)cm>xLtDUvW&&OiWg>Adx?y+hLg1GiT&#Hm359wnyR_&97S zeJkqu(EblVd-hB+lLeURLeW~!IV%5T6|^&U3O13J8olcaE{;-tOAbSfD0p+f@Hm&} zqnT^_6m*dWon!SZ6KJY`2TTVfCx`P;D)Jg@^6zbuUX(mn@a+gY$6IN99I7zEdeIby z(NF=X=*>cvB+FH_q`{!(T{$(?-_&&1_zo#-tze^!*P-J@Q!`s~TeFkxEU3nzcqoT#!HmRwgaW=0d~KXHwFpCBp(B#~h8#ci$<-WE zK0F}r;>7?!Q|Zk7mB9U1#;nA6l)EdqImwIYX4dNx5^v9-PQ*k%ItzJms%@v8G1?a) zF#?h6Z!NoVjG^kiu0*^m@B)1iq;bOZ1C9G*JCU%-Z*Nqf+~yXZA^=Dbsmw}Uzma!; z*Z1M_=H%+~Yo+638?JUtE=fms#wC8>LS3;E#TvL=oC5YrMr&xDVXi&)!ao?5_#67M zstrlsdMNxKD^&4lcl=f?_VfCJIv6LO(#Go5!twRt2pr{!y0yN~h@;WrYe7QVrJRr*vmI_A?|%cFrKs52rq>J8C7x$^y#uh$g9)Uw*F~ zN&OB-&~~>FR{!T|v`c{uWL7gyWg%H^d`AhcCsN0UK9CjkKje>h-V~G^>Q7fMw~iPx z7h^4XY2`azSL0F8J3U*l7XtF1$sOt?H6cvAfqCL>iuqYFG6HK5(O|s3Z#I>5VOb0bYprOs3sVd-nisVX0-M1vS;P)^USJdjLX=MYE z6C{(i>0~yIYCo6cq5ZWLP0N*hM|KftQ{|iecG|~*@PY$YnrcMw5*Mk?P{wbIjV)S3 z&71~{SX&wj6Xvrx`KN?=AC8iI?wCj#?^$s%SS4;dOEW}Re(Wk{utlhmz4@gR|Aw20 zhBrMzM)te@9^j5OKc3@nou3|nY}T#u=^2oxQUxeCgW@gNFT(KzpgqpC*6Oe9laQKS zTy)YEyTJ9}H+XskV7dP^=s5oODc}EV0B2=n{BH+c_5Y9!*%7>7RUy>$2!Jh9P$(ol zDB?=~wq!C-liK(f(7=coSmieyH6N9{e`FI-Xf~jZc7xba!-+W_YQf25rwe62_E(PY z4P(M*#|bMqm^$2oBn2sO3LGJhXGvUmIe_jD#-j(_49C6K4EV-|AfT6fkC`4*R-QsP zR^g>qVELqf9zyhobLpv+1eT?P@iRC}$ zaiGWC38eAsw>xsZx$;+|C%N(R9;hBF&K)Ki1+`=m;zEAyhspm|NNgsa55FBcJ=}Y6 zcl!@Nf2gL~{*5o8u~F(~Ps~A%BhP~&Q8XRG6h{<2!z=HYg<`=THx;%BnO!P(~N zL!APPe;|SY75U0RsQWrd00Yu{Pq^?Q4Sm0+eTIp%3K~NPQ3qx@W(Irz4v@o=wrcab zn(9Q{;Q)eCe3H4!6wEUqR${WaTJ!2&UiaF-+U8trdE{yw zUo6s#A8MA2okWgB9%+9zKZ9h`8HQFCI$=0b$xb>81Pllk7IftS0mestM+5!TL6pYJ z%nP7ruL36Y)8vOCq!KKIlh`aH!q2(mM~Ne>O-#|ACCUW=`H)D?&eBUl#FNY~d^}nc zl2w*BU5n48^*_$r6wRu&2B*Ajg}6OesnCR(+NjCs4!7)B?HHf&z+DYBW_5l$aoK2V z55=O=Qq3WfCYy-aZ@CWHl zF!1QL&_R~=BbrQVH%2zxtm#&#N;SdGozJ(t$^e%I^u;#W6Jf~1SnK z0_g;(04?G$Jrdek@8)60c zIjbyfW#XF2Kd2jbszQ`DOgDv*im0nRz8t0s6LLwk);m-rycg>`mBQt_0NV3b+WV^=HosTQGk zmyWE1@=U_9KunyLUP@lPL0+AP=c1f#G~Rv!y++yn2C0L7YH57Hr+fwOGWhJ1b)1He zv}1uTGRp_sN2aju&K_KLYQ{;r=DNOAK)*eNfrnf$SsnNRjIKja{}0b8X6FA5D*C_A zsoxHq|GENVTSLn6SCIEys@{oDD?#9b;EA!hFxps>H7DyNM1>@nMJh%pi7EOkgLz5WcP=LSne1(K;gj_V?W8J71`O0Sa8 zwniD=4;4Gwhd`^C24Sh9S#{vvo5z_ z<|pqAWz1j{FMT>sq+#xjB9l*PJ6?`{FEQYiGOfbMITkO1>^Cg32KDr~4R?h&r^{fkGMH=uNufOQ+0k+-&YOIQS$B1=A|HN9OKxrze-ncK zIXx%j;t`T7F$vn#ZpfXXwlIn0E6obP**h!;%?ojS1Ws1sy9K7K1M4GtxFrd1s<-gomu3?TllCCKYl&Bd3PI@|_Ey#E<7tw-8 zj_RSb$bfd=N8mBFG3!M`2>T=IUlyAXSc~S-LvMA!fxt7yCyHSUQD25D{3p0 z9*Dz(4j4nZZs~nohPI%!adD}{8$x!nEg@8V?qgRI4$4rb6-9_U=1sD)vqgr2 z!zf#Urx?K5XIW$Hr&#hRM|De|Ek2(vTALSoqV>zGOzS6D$_hM^jeK>Dtt#MSLB7~0 z2}QsnMkJ^G@l9K}?8i?trMPT>?YD zu8#&OzeLlkg5A`>i~IfT80gmVRL8Cw*ABSch$w$9?e{ya9flJGjltZ?fnPoh_$TrZ zV%KzUCEd@a_Dn&8$VftXr&su8#K1Cx!oiiTfaDM+elbawVUZJv{$9)dG5P_kMEF6d z_&O#VzoZjtVxa_w+zDU;Nfpxs_X}Qz#$@~$npVVNoJSSn&kkw8afW{l2WC2+a)TLHD*OR@=$XYR;*=LL;a## zH`=Rst6C@4T|UcQn$?~vR^;LyJ#^Jx2=G*4m6Z&py_6)5 zG$X>4i=t0}LqF5oomz?C%|<{&!LVjBS3rLj;D$Twbss`Z84xgN#hh8SpZlCxyR#oE z+Sv$vVirW$U_q=2pCoGZi>=ekqfFQ%w*~K#Qh@EHhWuAg94y=1yonoDeoq;_Wsh|& z2(Fp3`~dGdn(HL-CW>or34)dcNK`a)AL|;aGsXb$FDv9ShhB(gYWEud>WlEZ(i;zK zNP_#4r~pu(i2iG|1v3N2|Ah&vVr{-en#~90oN#^>+S0=svuIMM-4P_M%1&}+6O98YqF+#OWXwb8~*u?dk35fHFp9)p#C5vd}GIy=GCyFayxcH z#Jt=KFbVA3Z{vD_V_NkOk2w4e$zCZ!3FW&S((fu#dElIkT+-0!)Y+m{3$6ox(EIw# zxfeb-43MkgxO17HS={}oqts$y+8i|&8Vy#P*?5^h6a*vGlE*{$F@)ikN~$~61cB-z zLZDacW2I&Z;LK6#bapPg;BOoS99LW={BeeANrB`hFU0(joWDjEgL+QAY&M>i;(T&2 z%!NahupDhwGR8e)*IDeT1Q578b@yZ*x@&j1WzK3xvVg-`b;Z!`pnMAwy)WcumoYtA zt02R(|MwNm0L97lr$V1rwhd~6Qq9&KVwVQwAB-vP5{?`t)1QmIh71o+-}*M+*N5Zf zuP^;ayFZeI=ib3O-VKg*i6mDoXpbfaKm5UqJD^UQe|Vc5?FtWfk|qjcqVcL4>I5>Xy1Lrlptahb zM7FBBvaLS8FCSw*VOAa>zA&R^yiNwlAXSG_hF8>Rz1wTS>40gEB+aV&2qtFW5qt@J3jalL57=ZmTkt>I?TAla-g(1aN;x5?uTT`#e*%z#{^1*vh0 z?VL>5=2ZtZhgz3iXprI5`m*u9`m1#ESb5T9Ul1pF_^0`i(<#-w88|7z^*N#Ri4z69 zP zMbgpaA`xzyK<)1F9iJ~cBkO+<5=_66;s3)t{r}loSsDJ9t(E1!M*UA~?Al`gkF8ZV zfAmF!DglWCupjUh_}A9jx1SK&BA_=lGj$Rmb=7C@H~DL8JxspLa@?u!2K?M(5gW|s zm0uE*WHKru2%bV|0Au`{FRvGmB#t6j^L^+`A+D)Gj-m+yr-CLRh#V+Kj!^6ZL;-4G zNq-f>-f8ZTxU&RgtdRktAdtvU4q1@`gOoFKAm}I!2~X)Uy&h~qW~4Mvd*v-OZFP>V zfDE4N&!%n<$)|+|$=}!(^sP4U{gN3$wdY47wG-s2f&`WasX#@54ync9#@z2xJtru; zwMIa^Wkq_211bSsF%+lNMFcB2{#8mcmW(b1M~DGL+=Qxqa{&360~#xlSWE|?kPE~C?&8T#l~=-kVpc8xzdo(PgMC3MG1LT3{7)lo{sDcr zvC~B^vnzV)V8L;3i!|q&8+!~|^>+|&^FF2gTn&7bmmV#P-=E59$EFsngpNP=sy-=$ zpB4-7C`ajuT&3bnGcYX*f{tm^LNY)vDkJrTNh}em4S69HuoO_i*^&{kQmo29p!5b& z2^Q2m>(#9116l5IM)?omFHgDBIYTf&*?{{R{>6#bA3X(TVmbb_2&GWeHuDAB4 zLKT0QF}gR1D^+5WnV&p|%HEIQ`}_O4vD*u^RSq<10z%!S;Vch5B$Kyua5$mvwyG+G zm}Ht#Z$SF=Ec)qT6m*SDR! zkH^KAH@7#_Q9ElR;uB{K6Iyw+JJ(E0=IF)(eRFR|YivMzgfRRm92Rf58VP)#)@7C% z8}W9E1`4s_=G=x0_IyLOa%^aNqA>7g*pb;)(d>L(3_~r$u>;=RFh3%VYNiX3^jTZ6 z=qB^M%g*$~vs<2Hq1sR*dO<)|tkl$=5^H$gQYZfpr`IQ{+9{5KM$m}*$aUYQ0n_zJ zK~^i*Ml%suaLXC7ih>gmnJBfNW4tRvfQL~Lv{?S%_7n13>>w57;gBu6%sCs%+x6L~ zg44*(WQN6hLTJKdk!9zUWoi#)yS@fN=yMIgjl?O+MNoZBekWI|M#(CO8)=r4K%uQn zQG=-WJp}nUVcEN~LIW=Lk#2JojQRl(F`@haJoHDF7 zt{Lu><`&7|w2DBAF{6gK<$WQN)rPc3`4qqZtI6bos14+ER>TFl5DRGetTE6g9{eNk zb)iEH`DeF>=7s(+RGjU}iSh6?uqTf7juNkUCR_5pAU#6Gtx>$hYP!lRRKm#iM8ML) z2MFNkamS2<1P7~5X=JpXmZd5H5Mtxs^a_!JWO4}dgn0s8{!LfU-4Mo~EMh$A$ck2T z`Nu-@dM6F)Y_#UpYs%dKJo%q}KHWzmR%b-bky4pB94E3da6g+(0{zwwD$bQ_c6m!< z4CHk^ckr1l+z47klMk($`O}dZPDzO zLGF8-jRlx;IN*BN#3l{s^BEgN&su90#1EO{z#$*S^!($Y8dwS`vutw_9!lNgB|7O_ zN73>FklqOg3QSG8-{5k+;vP5y%Du^@v{VZO(r-7UNJ#EBL&dv_YK94XWRpW!62hH} zlg-a!!fR~TkMVxhxOK{?G2n+JTHUBApta{rt51}n7*FN7DFkIp7S0nB$aF-qVh%0I z@-cq$fdl!*p2Yp3?j7YLGAJy(&H@kOx10=){l8TzX{B}TF_ z*xUl(p)_+yLQP^d0H052^nP#R(M`6GXPk)@HPc%qRwm9 z@Y8dtB6e$nIFdu2oV=CNfG8D(!q74>fUA;MX3hs&3R4q3NCe2OKZO+4cQ>-3X@{yr zEax%FS}b9~i1DGu;g6F=G_~}5Tx=yWM}3uBHCOw6m~SY)T2;8f0QdRSrkUMX;}@# zrLmhC*Rk3buTj9)#l@pe+&{~5Rg2DM`1TQNtse6oO2pB(@(RDJyp5^1d~0{{gQ2ar zSH~Eu5xsp0c%lrxz&AktlY;6}I`yhpSEux9JaqM+5V?qY_<*bd)bBnEIR)}2fvp=H z<>aX3T6EQrz?zSI%b^dieI>|qt?mYc)LhoP3S>rYPlB5gGzs)YHq+8FZD;H=(i@yD`nTZjDCU;uR@GERY@a#Eq0@-`DXIv z=JeprAeh}E;!X;%vl3E@EJT5-fzeKM8Xdw2X1i`W40Va&9EM_{vdmA95!N3#}YO{-h$&`ZEwtm*w8ipf4w;qamZXzr0PW6P)EYodvIiA^VI z83K^k_Y>usws+6K9fEn={Goe?shWmU$GqG_YQA2s zRTbZeaT+{H{giS)h;cj6+ionP`ZG|$2z&@@dmqe&RDzn{>@0azmaG>5xyw}b$(Q8s ze6*GUoc^r+lK@l1AwHV33X)|@ms^w-4bu{+(LaJw^wD!7c%m&XgmWEw?SW^-ipTnK zeKTm{jecdj`pWmy0$BoV!;W^e_ya~|nOV2{yQ5vEUb5J1?n+$XLNO_&)48AM6(@I( zb8HOxY(-ZQ5U-|NBR#3Hl^fAia~ntEPO7?Km{wAO{H=vG2XsJ-q6;o4!iR4SdVg=N zxyFx+mrAPP_njP!CQWV9{zf`LNhu;xe>eYxO*GI$oHPNM`eJO(?`X1s{yrTuK{e4< zSa+$hh3Dw=n0#qrO*c9P8%ZcrP;=;>JTf71%(V8_d{dr4ex2_`t3TmZbJ^a>#DU6D zJnj!IE`c14D3wzoCroB&loyC&8YCS|GI@NHAnYuxgx!`BBSKl!6cK~7iLI{*LQ$v{ zzzf2)=~pqbE4Ks;vPYhzza4j&}MqEHsTGjUhV4+ z!TNf8`@+^w>(&WvqvKE5c%3C0AER!m4x_BXHmeI74nT$CV`M*&DYE6mLn=pqD1!c% zU;a-3mH;;GP)Ynu*u!FYWEtanxq)>wlYW9q1<50M#YBUDGZ-up!VFiVp1b@BV!l$j zA`Mr;liF+78OHJglz$&Sf|DfqD$6=T<0Dg*34*>3+P#CAS1Qap(i&)ne$QS+;h!3= zQ?+KRZ3lr4dm=a*xh=R{>9ZOj{1wURYa{!CF(A%!>(^)>b?ep4}|pT z4a=fCLbcvy-PRF1WkNp>yS+CEF6g{Nz>P7N1`fjo-SX4ubH|11kig-dv zP)-UEXr6TmrG`>@mh*gJc1-@I#ik0qJe6xdtY{4F2x)sQa6NFsBjdQT2sH9ea|qy~ zgA%FWfxFI3BpdSjxLdz4j7}U*VF-&(~<%f^%#Mgyp+WE!f;$a zQNSb-_8X}ki;PnM?G6ZwUA`5oN25$Zc01qfIi3YMa{*wWgp6~ricH*oe&S?@i);b=Mfv6~mMy@xTNzXtpK(cJR0ZlcWKQL;!d1=f0DBt^$IYS{-) zGnjqZLA#Fw>Xy#)fF(=~3^7S@+?9AwNn<9yKyJHPIz?N}BcJZfSO zJm4^p&xm->=s6dK<)Zg&2QaL;`N#N~3p02#y3&%J^EF$Ftj`EH-v?cuRZ2Nt&=dhE zO7BZIn)}^wlCT5Ec3<^^({pyjQOmN3OynC`z##aM#>AL3Xivi-eaIk-0|e1*5_Ckm z=HR|c7yaXRju2UwK4T`RJ}X^&D?HuML8O21a-V-M97l9R#2y-oAW z*jxr~s}|LE)lKJu0GtXVwroDa*RJwmN^&KWb)jCiM7Qay1N&q1?|Nrr#Gp|-GSY^0 zUjUJm1T{4^Eg2(z2ekLrwU-a%Bf8C9ZP)hSr!ETs1WL`|Fn!n^eSWqwsh?5{;kx^b zA5`T&%(pYL)sVrPFI@B+@y!K>6e4ytH_jhzY+T^UG`pfHk3>1|ue+P;7reKvw@l6T z1Ka@{*fpp$l*D@i@fpgbq8D0 z;%^1g_B?9NKR)PNpnvF5Il*aEsOsO9*eH4rWF~s!IXT*hITmsr+9atw)Rk6t$YMD`xv zxDipQs@{g$qz!wfW)&F=v$%OltsIDeB#Z~$xZ(Ujlx3z9~@$g?9Bf)DYsff-SLnW=~tuZE%%5k6T#Rdly87X)67!d zqe|>dT}exlNHtAsXd_Z^B`$rxT4NWvUC@6SL=xXQ7k19SVF9@0U|)IhelT->xQ%m< z3iTvSVe)X&ismH6Tq+WWGi7k>Y5=wR;(cAw_alEW-L#8yQLLLR0I+3u8iV+;?}4ZypO8ESi8l>K4m3+dLq z^<+Ecd3>iO4(YpQ*NYK>X}#-bbi0o0yZF_a`=7_^pV!dCo%eQ+ zp34{T5)lk_`ZH-^%Rf!w38K8@Uv^YJEgRRwVZWJ?((Gi|XbA{`9)uBMz~2vTakqLHituk@vND#!1kjsJwCHU<;rw14hR&awzm2k+A!1s+yw&p`Qv{D z?NJSOzKC*vj)j>nxIyfcT&rZN*VXgk$z)=s?=mpx*{ zxL__)$uym}v+#6@X9P<<`r?k& zWtkHTENWAhBdqN!5ngB2TjAUt)T<%}YTG zo{*~1*mifOc9Q1L0$tAyog^xi&FHVdODsk5iK~^9i8nw7bc}AlWGtKF{MRavzi^?U#v?7qXJNupBr({UuUzw<$-LDAVB+7U86%w1Am6GaX=t!n z7tyjJXWpNqiEB07!$lv%jPC&xo|7 zgyL&JSCuQA)~i--sTHh*{?$UKY?8C30+8I2m21+MtEb9FRO8Ig<=`?nd%j%_ z9Q~}6Ao_V6kVbTq5_!Xdzq}dh$(O}Qx=&r1(oN?yqYQ4QP;^A{kcpQ)J$OlRqF7RY zPy||AjI3ySD?0-~oWJl@*ugG{ayoM0z@e=*+SZ2=ZjuG>(SlTk98}J%;bfizZ`KA> zgX~n#i!bt~veSCb^py&OL)VUS$OanA-3;FrRB0F`gFSlO?n=k}KoASeimU_l{bSyJ z8+dczOvmRK&-KIJdUXm{29{YW>dgW#qVLKADad?V%dV8ZJU0iG0o4M*5{jZ}(h&g& zdyRbq38EgbbVK%SQ%Lm~YO%EZmPGa8A66(75bN|btb=v&XOhC)_IBh-Z=nl>uK)>Q zL<P*1RfmTP_U~u6z1;+|Q2l96{rh*QxDfN5_!O8&hvnULQDsd*g~MU=OZE zIY6NT(U0MpMO@SVI+jgRkd3m5z#}2g%T%; zp0^C#eSdbbVXtV0N+P3^RW=98Wno+#gF%G50}AM^Oo>F(S4Gl;O*Xi?AU?*CaRZ!= zIl7yin$ox7M0u{d7SFi}pYd-F9w>AaP~kuPaf3NShG7u?W%MK4u)^dClG~ zZc*Z~L!U!S$tpVDX6fqf?8L!7tx;5_?!3H)2rmcpzY$}t+jjnD4Bne zzt)f)begS@jQyNzC(uoQ!yg5r-cdqbwR-!MJmIOWB4{YCR=$rty%_VbD z*REM`?Ch(_x{T(1^n_I1H2Wq}R~}@~n!1+E>}9pX&Q$>4P^=u})QLtl_?mAviT)ax zH)>Ox4Sc$=G)1clJfqiHBd&vb2q%)8)+}S378V{-HIT_4Dm=GA`kG?E91MX_uxx zRi%fgRynoelpMf8&z*`|QFT{~ADd?}`L0d-G5!QF)_Q=BbGd+5h}SW1juCt_4%uVd7lB@Ji{!UGBaBl_G-r z15ciLzxtn)HVec5IBZPQ~~vcLG9z5^S&*k zR71nZ$626Id92!AAQXw8zPjfEUN(2OUfC12);S^&q+qt2%fqwlYKH z(FLsBhQB@3r;`gwof!Wr4BpewI-Gi^4j8AIzR<)f__+)heQ{Am7#Xr1Sok~)(BMr% zY<6AJnL#RCJe+Dr?VXnqheBgQNm{u}{<5h9#s5lr$eX4D!bbm*G zH;A7^76D8WUhBQvCwM(_CrG4DkQ#D5-kqNuXrW^u=6qwLE@ZKxXR#CXrP@L23S#c1 zZYVQpQQ~RSjnWUrj!)uu&N|nEoiV^68m_%?f`aa4oi=%CrT3Ok!pGf$ww}32&4(SQ@ukF7;sv1Io>~^me8JgzfZvWm3R?^m^au z=Dbc{_M&uzg$fE{vjKo=s4#nvq0^%_)=cu4z0UN&lLF*E@yei;qNP>p3}=Am3G<&e z_KSy~!-%m3PQHph_bU6g)@;h@MmF$SVyl|s{W~4W5UBO#z|w;G$3`Orm=I+mkxs40 zz(C1k_b%dk`Ai3v`jz9u!IUh+lU;c^zjyJlUHVVX(s7+XN(%7>Q<_A?{|;6MQvY&l z2;){ujr%?4Yzt<0TyPEF?LA+VAlQar-G)lpr6%;&hVP|!E2c;5)mGr*`uVg`HqcSM z)g%ZdNVYlUnuTw>u9N~Fr1(j%8^$ChnRjWAfP^b%~j{Hw#BO(0^jKBTP zy#xZ*a+3))aB3*3#HSSloC1Wxx@cT%UCP!(Abnt(YIT2nX9%nh)F;@7z5aSElhBUd zzvaBu0;rW+=I>+G)nhGG4DsC$!k#%9q2F~{7aitId_jql9%!~R{qF8#W zhlj^fSsIVTy$DisY++iOIHzit$BZsA`#m7Smiub zmPRAizi2n?xn(eZRXxI7!VsO)J$|SjF__F+$+CPSuRRZ6R(OS@!jCgIpTn!cpLy!U%sid)<1lYC3{Aa zJ0RocDj(@VH!L3NtO&@u>@f(aCR5!FdUk73Lb6Xs znSGX?ea+>b^xQW2_-Y%QERwJYinrA3W*8ZaWGHq7S2mEJr5*8l;PmYqs=Z`*cGV76 zU-uuJwO}_^m#CpN%P45e=0omh~4$YvTD zC7GD`MY0;|rVhMLGU`B}@$)Pxy10wvOu2=_rkS7#uuRbiwSpPmn6GjVS<&qyAdY(- z%-XwL^10TjhEa^8%)%b zMuOu^z~k&$h&mw^;Qz5xj#tQ8&HU3CAQqyAsTROA%gUld=Sx7_`SYU%= zzv|adHl(NQYEcisKMubGz&Cuab-zguyp?9inC<_GH^DlLF90DEiovc%$%XqU~4 zl&te|<3`$ISUC~)+1>JiKNVh^U9!NMp^M>5xobucOss$Ne44&tym;J4O!8ISFq-C; zGg?YgPbx<01Gmd?EVAUHyiCL|0_EOH_V!3L?aA4UkxGOvOS`Ko)(w$%C4O3ztt0B3 zFdjVVJ`z~M)5s@(IdXTk(zG!BlWgY8mrVm7adlAHYL>U+p8v=qb5*iQZ{~KMAV%)a ztO0p*(3NifA8Lqh#quo#?FeKSJGt(g5TDrt7fk+!n z?^KA>1HTc79ERV6R8{oPpT^j?%&}alC}g8@*t6**lh>h8=LQEXw=meJG4WmxXE+Rk zQNgot*{mC#mFum)hVW)#v-HclJTwQn4*tj<4p`XQs$>)1^#{A9Ih8k1B)O#qi|F;8 zL}Gl%7?X6j>&sF|=+8wH*!-m)vb>L!AxIdxam-#nH{Bm@{4p?FEI{=f1n^#r(gFlP zA$ZIx?(j;5f>0udgNK1t#Bo5zrh$q11oqF$*mTosUmMT8OBGd_S6gL?m^6Y7*C+#F z_S=^m4!hQ|)(e*gtA;ffehwy<@i2W>x;0xsPZ(fgArdT6#0myu;z17=7-KOS>f^iM z4<$lQtOn50A{DV&Z~p$b(j&5lP``3w2cfC^F>7i2eo*jH7^K9Qx4sM%t@CXeKt4aT zA#EDa8gO{9LWTe`m)W$g$GH#QYoY}}xzf@RkPDMC!GTQn;6WMeGDyzd#jQr7>6g@_ zH@jrPG%t{O`Qy3MnClmHpx3)Bss9uhVh-I<$~$(B#$Z7&I^=KrbB2B(scD?5 z(nWXtHhYdRO2B;$UmF4nz3NIBv@#&NTInW?W?T`7cN@w6M#GCh9K5j3utp`EnNd*s zB$-Tm?`p}$(Y`UEO7dvv8=6u@dH4mAzv*`UpXREZ|7qu%`P(7>e;qIkViwlUCXPf5 zV%7%ECL$(AcE%j$K0QAo!>8+1Vu=C~ z`CX`d_TRYp`8%)(vYSxUD{bM~qpJaZUJA~=;6AUDl9tFZQyez!MfK>4A$OL@Bgxdk z$TmIiIc&Xm4wC@O&K%G|>=Ca8WT zcYfGjtxqqkTAYLHs;YZng&Eiahikn1h#c7uFpw~Qvr$Oc;?Q=&M)9DqiHT`|{VKPL zBcrc^ZWRZV5J+Gvk;WZppf}+zr>GoOC~q?(3f-iU-0 z^P~?H)4zvD9eP~RBanL847Utu7_k}QIkW)I|WXZ z;Q2(KL}o^TfwUfbJGuLILd4p-%+fPjkiD_qjECvplokv0RY{8U8X?$wou zp$O5P>KFtZayjp}De$v%PQ?u3%1YL!`RZBp&z6gf4Ag(+l}EeAvC5Vi@XI%TE>6b2 z+Po(6qhMNGs{{|Z2$ESM*}Ud8;rBL>oX`o3+KHHy$Rj{@rYVAqk`jub%G&Yc4C6XR z?#ccWG&b$1yWtgzfbr&4V?XS$yYn!~#KM}$VcKkQ_Wgg|jSxVT?v=oQ@WG>n)g1CY z1~MZ|tVN!5baO!m&9-WtrUHM3a@;?ypVy8z-;%qlJwC*b&r0t~gY2AvzIgCae5sUu zi?Q>Ke7U*O1R6o_pcNq{D*eW-lyo|Y?z zdVcV>$W*QY`BEJd{s}6>k)_F(^JM` zp9)8^7#Zf0^QQvai3^GXF!S)MF9{QbBUSbyB(GpCUp7Pb)y(us(t+Ayg3uf*ZdgFmnfm$g1# z+b3>U-BH!t1Jj3+__ii&u!&sXy~_%mqhALJPM1V5s{YBX55Rx_L5=)V7wQQ_S5oA? zpY^uQhYbe~IDq=QqTM%48<@!sTz19r(`SRW4W7NKv%&U(zG&@`kZFn{QRYaQ{oOlG zcw^X*y?)|OKKrm{}Ml91Tt9VJ~+pn{{f>5!lxsKf3XIZ4)Ek4jIIH7CptB#)i|~w>Sq7op};B= zv3$H#+k&uWwWaOYP_HS9^aT%GC>VMQn)gS8dO2cCN2>~50ySb$wKMIcLWMwm%0OQj z(Me3iUK!%1%y!oaR;Kd5?Kkde*}V0w&~La$3krjq1I|9+?3#< zzw!Txj?~#|E1Q=AFQuABXdvI4vR57bHqn7B^i5k)BXit*FVD`e$T9Q*24lns#Edfa z7r*2#56*9H>d5FIVd7daeOWDBPbw4KnK=88wB_5Q;TO`116Z=si=B~YTx`)-FUKE^ z1@!lBq+Rh62}UH7YSQ;-e_s7^4S#yu%b{pQ4S#d{UB_H8#0d(ul0e20MT_+-3YnL4 zzOug>yGT4pF)W>r(~|@142BMVShuXXhYE2x-EbnvLESnFFsc6=O`b`B)^(D6;D&K+ z!Jbk@s<>(aw1gWBqGSb$)gCw65|GJ>qj)KtGn&;MQ(z|#?$)vDGQe0C0CWGDWb|RT z?=Pt!C>d?Hud-DBFQ^Hm(&pjE?~O~RO-49@c9@rMFeXy?kD!R+%GI9Aa-D>_54e?; zE`?7^^9nraek8a;9oAc{G%n0xxRYqShdx`TY@FY{6zX zo)pIc#zdxBr8va)R$`QOb{tNf4V9Iv>mgaWj4%C-^C*;CKW_)+@1KkD2e_hbmjQg# zyR+dhYCY(e*Mm;b>W>)|&zX2DhND1IVou(;#QE(0nF7_+^OuYlJCyXvuTK6m*nBZo z1}-Z|ice7Ol*j)_-unjT{wsk66C)Gb|4~@5Ff#r3#^Kt!cK9vG-wu|mBaa~|ECbl_ z{>Vgx_S(4+Q51+aV8W|2ixMQ*@o;1x4}1;nUNtI9)70yOu;AkxUTqV?j+{=@u}5fS zf8a|-;Z0nHaTHxh*{Baf*|E3#Ym3pGNIB4KY;|$=SidxIr4A64tR<{GKq9Z_Gv9eS zyD9vVXH#2SLkP*HdtQy!zM%9hPrG2&(I538{4A$zEl7>gG1}22gZY&LAymennWp>` zwAXsdv0%lc1|UtgKp4a0{E`eN!DMS4?AYtmhM3Yi*sLbwdsZEdLb`xBbzGz#lyVXZDo~C9iS6$ z3awH}*uMbZHvW7RUDL2t_TlOE91E)|PCrryijN|e)MSWt`hacXqPGw#F3PpMj6+kP z@98_SOfT1s?qCmdZ}rNRmo5=aq!DX8y-}#|t6oFnsN|;3p)VBf^=@(3KgZd7CIQQ= zZUI~FdSpZP;cc(6OcLp@i2DyM$a%!wT<fwh>lxSdLd=Ftuk=&Gj2V8ffUoSo=tc-=Gk`Qlz~mH6?e<>*eVzAJz2@y` zftZvQ|0yFIx@Pp7V#2Bfjn*k%89eDs!x~_pX$-NEd?o-BAvj4N(2$o^#wTX!HHO;7VaGO8Y`?yXa0F{_(lW+ZhRJ->%A6Ae0ljF(iIGL~-TuIjOXlEW_f`Qx_wkticr^u(tY7TQFF$AP3e;atXXsxA} z(;sfL76@8O1OPitE&n4FlIX=?Nn-_x!@pVuQzqFmx_POVJaK?jmLy$ioO;k*E_$uN zA91YP5E`gLL$myIr%P@Ui2Zh!FeI40bP3dW$Wdx`e9RT0)b&hPjwTf&DsWIMXs2_s z)}NTDvw9$fK2rz9-H?g|Z5(IXqXGPs)WVQVsoD#1?BEkNETMBa$BpZXKrwO}qL zSTKcHi;mLk%tQ1o%JMdUSzCx#OYP;=2~l8j>LQ46CvYm;Fcfrch~~FmKr66Y2Lv${}rhBmj`$APlq>e;k%?)FWXcoY<9+Sj#51>A` z@IG&5{MfpCrqCG!dKZswKM(~vUjX}f$HQC$n6ch|LBpV1B4_K=%{)Ql)s}EcgfQSA z?ZXi=C@bA*Z0kEgMGnzO^K;f85F{(x?g?l*VCBe?d)5?dtllnng&l`}l)265OwJfbAQf-pv zz(+DTX@K8-Q*WPqOYdrZhUfC<#|$}5*bwY`8^DG2bZ)j0s~u}Xxt+J@e=a5t>|54o zsl9JhQbCOPlhcZhDrIWfHlg&& z@~T+?rAX&yli>T91FPT2u~Y=vt-%#*egnzmt14iic%vi+$;TJ(62l0PbABRK@TwIX zlxpAgsAOp!qJBv?_4_UGzYx9?O%4G`zk-qx6y`hj{h;WHmUb$Nz-uC44|Abn1II)+ z{L%wY#K#QtQN-1dFpY7t4KGLP81@%!G^$A#kZ4|RK#P}V*cst&P$3wANnQQ?FxcT@ zcb*)NS~pxA&rlP3XOQ5x2WEnBkMR7EP5-QMtLXq#u=GRVwz-7!K>}V3TeK2k2I@m!pRS@6+Wp>_vo#>q=l#*LG*`q za-_tqla9&QAu(%7uy>)iH3N;WFsq4s52sjf#s6X*OB}n3kms_uxHl9gdi^m@n=z`@ zr%wz$Z3IeDx!t6H^2wy6Hf1mjvlT|fo~`B%tF}z*EmoPDFsC6m~gf9isnD0uAp%o!|mxzIkMr9S2{T&4HyZ zU{3djc6ZsSdI5(Kg|g?HV@Qxkp`hEytF1>9>t{zNKia4lrrpR(qA+Tbqm*q3HpxZyfg`Grwf7YU_wX#=2z_4M~uA z3`|ECk~MpcMHQBD->l&m1yNPlik~Q4PN^m=RWs{I1ZGkc$rcSFJA)!BmkvWXQ%Bts z%Tp&uY2>auMf;mW*>^QU)Xlhypkxw=BSg!G<2~UrXtPsNa-KDxk5K<41lA+Y1n_qT z_&re2{grnU?8)hpOcBP{MR0NETD;M&6gOJyIngk_eybRyYk16o&ma0E46)3V%(TXM z(49ehlj~3#(ia^%y6TdVLJ`H(;#{qgPFDERIWr%OT&loNWB#p8FYBO{H5ZMKb#kl? zKd7DQ4<>{g^o%jkA~yz}(1Fb+5jnP-__q>BZ5-1Df#=g7YZs4Q;S^_WG0UPHzrLO% z2P6`?gtf?EcB+8hbZH}7UlP2%mq5dInE2D4Oj^BHgA~54b<7X%}^zZH2jGtPxwlir(rA1?Awf{gk7 zo^`dat!=%hG~T}Hy560pF^5De&1r02&17ORHrn$=qZG^57Cu)FgKuEeSzE{a$b9-A z9xIqzowH}C8(t@fJ2hWNVUk}nYjzmNaL{9dB0q^z+dY}mb>E)?dqu6|e#h(+g*jT? zxZZroThr}s+2xWs;h&kY-%jm;_O^m*Yc70iVRs_P*Fo0+0kTN+Y5r6wQnFEAXR8^I zc4y{bJr{b+Um)ypTW^FKfM;=LlRNbJbz8lt^#oibGi7NKb;JBY1FK#rNAQ(+G}lab zNt~GknAis&K#B=XU2W89I*Rr1B}_vv41EY25qMkw*0}%JojW=?kCGr)OJOFN1atfw z$dUIdso6+rKw9ZgMEUB0&qWJz#ju&9JaT<_Kj+*;{7-{Db0NZ-BHeTg;OL=k%opVF zWN%86Ju-zWzv&6NUIPMXIB7ZeVBfYceGBNA#!(c?k@sO3!>vZ+n58xoWs${UqT-k#p2J@XV~8#FKEF8GJv7zV}5V-?;$vr zf+|wVy3m}sVTCC4m&#-If_)sgVyQ1z7pE@f{L~KyR;C(X5sP{`RK7P>UBP1f(&x#9(`m+@u>B7ZNRjy z0YXsjaEdC52zJ99+Hc&1TuPUhqH&|AkDQjZE4`EEdm$^_e8}OuT1s}vqm{_h@AU9a zaMynKnHl=_Kp0$OyjMjgSr@8-*jfw{eHxgWlcS53ivJdaz<6JRMDJ3qUE~P*-WPpX z8okAc1e7g16fG&Upz0q3hAyKKBdhItXU!YHP1Tz2(&|ntX2!P zf-;TG_>WRc;ih0D0s@1Hl8NZ!``Lz6ewi(nYm;!I#Bi#67KstDi=jwGM%@2O^i3xe zAQt?{de@O|69`%wPlPd*$P~$-rK5^C4bD)#FVB?UFXUcbBrK{OC4#}HF7wl`i?{O) zNse5hdK@s6A4RQJGS6fc6>o5~z@o!A;Z|5)#QTow4X`PKjdSETiogqViTopn#ZA%L znAZ}oYnabB_?fyxA4E3TlJxlr;8eCYVpJLQy}Z*3F&NFW#H}fv*6qz}?%!3&+Rx{4 zPenM+5#K&)utO|(S*g*-rFK~n3PwNd{1d#W?vk*3?xV5mmr0M|iziS*aUE#$t$x;M zwI!v2)j@{=>xbCuT&5-0L(0Z+^N6(zveEB!CQjRJ4+PW$3Ff~|$6&!`;z)~ovEbgR z61pZaei`sU%nNP*Y8&gVJ#Si?*gunri@s4!F5{jCyK%{0J$j~&{7B@-l+{RXWxJ@4 zKVpna>K`K5w==_BlFiE0G;1Vf>`^bTlL<&d_R|KW#gq|TMFr>%{vwoQ1?MsurHi3+ zwgOF}5odQP58#kXZ=R6iB(P0R_U&XG`loCwZgV66Jnehtn{D+)SS<46U({q@0ry%^ zu^L`chD+GFi?Jw24V6^xRLZm+T%>dVErOs%QyZt6F5_k z7zRLFs&zLqTy;llJ=+iuOeH>P){96&>lyc)@jYkLtty3p4%CbN4ejFWMo^;;1bxLwzQiz_I2od-v#TR$TlCDz(|>MuMdDIg;rP+N-`^sHHCyNr-=#mg}2281VCue~3yQPDjT zYFFriz>b-KdTs$OXM!c)fKz8ssA(RhdeqQjG8da*UDw8EVg=RaT(Tl47@SCh*~D;N zsV#jye*P$N^}CZ4FPCR0P)gvLhkt@el_?NxHIs46a^Gv>X@OwtTMbI!`ZA$BujLhF z`B^f{#c9id@C~}+IZ_$^eqXPLD`%GYw-_*J8|f*R!LO(PmtiD!=BT9r_$H~pv( znDhV^0V>m(CceV}t3;^h5|3Zm=8DxxP%0#-P?;u<;mXdA@M<_^VD0(S)|U^@&m%K) zuchqWZ(*a=EoUykXOApSJSPCURexq8$W&QU{hoK#vMx-0? z!W~f(xNXyQ34T-`h1RGhr`Q$XB?h5*YSMplLcim@LK{%~E4qB&I-(=kMIk$3vhU+0 z4~J&d?OM!yZtsqNoyk5f9@P*@?W@iOgG>InsN?_CRFiX(^TTOm zEOk9iD#+`b*MHlscNclSTiPaIW$R{3a@o?Wm5RhP$fr2FZ;B=?sUX{O>prk!SG-Ae z@;G==_F`BG6cQSZsnN;`h~p{xjEE4CtFTW0!UQ!T2Y-010~w6B$!Lhfb?H4O=K-JS z))!qX7<9YygX-U0eH94Dz_|ZUlSa<}7i#|B=Cv$b|FwDTw@&!vX)bP_Paahl?(bRNl_i*FA+of1jLGzl52lKvXZ3}MH&H#`SS&88U5 z(_TGMURTq2whn0S*+$Vln*3rLceDbzqom93mYb`S7k>CXEqF&HDV&V*O};WEXKnuw zOJ^LDID$XI4?goNf|M;3lqn<_7KiwXQYWtk_`0pEi3x_ll`gV3wb=&@WTXF^JF1MUxSYU#bmDc;(5Cl-l6Dx60 zZ%3N^mnf@!F90*Y(glw~kvlpeO^t$0if#x-FSRTDPDds>-;s}nc5X&NfLiOJ?~1+r zWYK;xS0x{8(K377Q32-mn0wqLsOJzlDW4<3T0kIO^M&A#52fMsvLqQI%S`s>*NHIM zy!)%N>5yb*i%pwaKw(BgFU1N>FGYFhZ%#2<`^W_X`(V;A4q7+GUP&gg$W6n1jORcg zz6jUSkKy4fOn?F2^uFKWnp7jGGLK|c3q;Ao_~gXGx;Hc*Cw|D8hwbZ?@Le(Y{E{y3 z)MVm|w^xq$g5cEEP@da(f?)g~oq6ckS($VAK_qv=8O`28fTCGc`~F?djXd{Qox5&(LRkLi7Xl;e1b(QGZ`&vO)6$8%|GsUedhrn z3&5tti|n=iuy{HboQN7~ij^KHgblKJG$Z&V>)hY8Q1I?A^UWW^+gnPrCX<;pBwiD> zv6%B04$+0f&?818*!)EoXDNG(0`3wpA|~966oQ410?)s9t!ENQ4=`^%Oez3PrPVik zs|CIGmyrd6czMQ;A6ax~^k;CrRz0o+^d83km`?o!={p1jf~G8$nexo2gcrdih{wF* zi0zE1Luanh{FoLh4d?k3DhnqS(~ORo?g$*hi{K$Wx{*#sC7L{Qqs3$rkqLQJIWXW= zZ&4oK)yAmWGtrdY@`+O>*NouRixZFTtmoB+QW1^OkX)qGCO;FmjTFcSk@f^}^l7O# zwh&PyvtZa4@-ICs=p896{bf{`PhQj&KqHkYNY$xkP+nmaB6_a*Vf6!Xg`v@J16FXd zJRplskoGq;?%iRvh=!sY)upjA$PM;r+(c(+ZOCYZa%aD)a`cT4+_6d6t7T6x%gg21 zn-+BmZz_LLj(6D!rMMJ?@kkbSu4)1w`Id=ODX@OZP_g(@!cA3G-9A3LjJ6)BRd<|1 zf;naY7j&vOVRx)7c{7&9Kci2O5N^^FrC#xmyy`62t(go@ep~+D(^7SncC7D0swv(c z3Ew#ie#U?}wa_(^S${%eooRfybsVeeJ0h}P-~4~5;2ezqAzPe@nd84+_HX{5oQ3ZRxpA&qsoP7z z3a5}(aUMW_e9#U+jRs4&~ssu(-`kdt}WPKEH+h47p~W5 z*7hz&kXnE!zL{lHnkh4}9glQ@X1JL}Q|XI@ORP(KSM&DvUOz|_V+*{HII2*6 zQ#;m?I{1|q5cO(D-9&`qhCY2T)L>$(9CEGvp*fr3F1<7-G6G3k3l`Z3BK8#KKlRI|l}7bFpXU zVqT$`rywnS_yVms#itmCJ<{2np%MMY}^XuK?>kX{< zG~^YupHEoZfB5>{Mkx1OJ5*ML$=y>DG}bLreF7o*elEFeLj67$X%0!|l7 zj1QIrIi=95Qq>2HFu{|*t(kyoEG`xqg&x4Vdm|2+23~k#C5t5qYmV6`)%g7l$AprO zha>BxJ~CxBt+3n9CD_f^RU4JuL3tk61K1MC*a;O%Omg)?Np$j}(V{C}m67Ao5F=By zm(_Jcv_*?(23&NEggG^3k^`R(R|+7PYKD@SWJUXdJh@uTYIf8tOyxXp-zg{>} z%OksU_I0+QDsx_#s$Z98S!lPNa0EKIs&_rc_qF4~GoNf9zA;pRFt$h3Ry$|xPcZlz zdX@iBNZC05OIyot*2VwzwPa!X-^qFZ|IE}WZSDVIUHGp259`8YsLes57b+HZ1H(KZ zcT8BDl<^S<%Yjz7IpBHwDT6Oe+%;2!=2&DolC|Rip(hJ}dQ$wh7X3_V#B#CBrMRi0 zwQ&#sPly6H^&AM@Rf2$g?R_GEV_;9&|Sglekt1k+(=v9ET zO3Wwq8!S}na&?+CSI_6^UzVFk#dTFQuaT!z9|;Sz3XKII4i_h~+H&*zeN(gc-Y9?F zoahh{R6-9W>KNK{gu66A^V29&-<-e_1gR&{(}InGdBt5f%F@w7GTFK1{jhD>oFeWw zP8Lq;MWq#Qu-z8G^L3I2v*ZjM9DzQjysJ$KOC3PU{+(dAe1mkhYm)1as)K`n-3*5s z7G9^ZD}e-po89K}L*ubF4h+{}>af2bJiZy*C6)GB149c!3?`UO#9eZdS0dw&5i>M} zIOZLe(jNxGJ1OvKLm&$Z!_Keuq?5h5g2)NGcFNSusI;%E%Ugl355o6ShUe7FMM{|# zOuKA>uid>!2LAQ6)_eDYtSseIn&O@6>3FNF=iUx(Qlk4zZ~bE}ul@^NpYLerv$yBd zp|i`mg3H^wVBuK&Y){$@%F`Q|Z|`<3+$DQ+TN^x^t@Z0Uc$NqEq`mSc(L~ve#zAqJ z7kdcClx;nI*=@R-4$95LmTlfk`W}5>kIgK5->=8Rz|h^1!@XN8fSz8bFZ!I-f{(+? z)#1`o#+ikOOSn0(%a87^VYi|}znv1Aqf%=ItAXmF=+plu)QU=oWOU?HzuVmbqDUSg zKmcG9@I{p9jCLxSOJR@N2|Y4GdO!$a6Uau)(U)QGdCF-%_*x(+yFgi0TFHg|k#c^ZTVy^FKen$?F6};_JKRgoS{U^8`FwD|x6k+>QiPKi}$o$~$m&uuO5S#mbpd0G@*qim@4)~$jy|=}nbFgTXW_jyL!zpxKsF+9H z#jM1Ge+NzkuceS!9MBmO|Lzt2_f3_{#ye!Dz9e8$jB`L|i#Ppg=~Y_F6yzz+Eb?nX z9T+a8-vWbWM~b*4T1pb4+#0&`CC2|sl{!?U&fxVOdZ1j_ew}#7+FM1TPJKr;%x|py zFA6aB7HmzzXc1w(-5YvRbO{pa&U=VmM0&f)4CKX##Wglji7Hs*%|W)V_ubbXB}_m3 zSqWwNdmC)oDowq)FP?5cV%`41L1>xAVu(L)?7G909v3r%ia@3Z0(u8V9{y^A%1RZ+j&RE8y z?#_TNj+5PX;S2*UMgw*$z*V+J3BOqfsrNQ^g|{EVJ0yU-#zL%@i%?D6brww9zCBGB zP}cQay=Jn&8@P($klsX}#7wSI&gP)?Q}ZJ;@5fKL`I0CqZQEX)Crt~)RgYpFNF22o z^1w->CYQ=PEohV2XH8*{2cTA;+Q$|E-8j6l29BPTJhAT#aF#wCY^d=qAPEpAx{f){ z(y99qM7@f#2@o9;)_ejSLOVGBfN!y2)xAkZIz@B#{c*FxvaX6QNzF+_{LqaGO_jga zEkVRgGdT|S53{$bQ{_)?6B033CNgah^bj*-C2%Doie_shpWvCDI#V|^3$tD&zB0Ut zUp`fbwIJrEhx8*V0X`(yJ_*|8IkfW2((!TGq)n-Dx2+<7k8RxcGnFdMsYcFttnXviNRXWS${_ zk7H~zsmnBIfCVu?YSMR|h~HgKR2*6LtNvN z%=9WT(!{lnJj!T($qVBPQQciru0Do88UuN9Kj4~0lK^#pAsR!#zC%VHbj_{s&&rca z(4*Y4(6EeJMp<8KD_!M)FqT8*l#PMup$VJN7iP6pdw%Cc<<^mL5`3FfB*wdpDP@uH=l2 z1jS<*iTevM5trSjyNVOBV*F+l(u`G^voJw1d9JOn>t2mE$^5RIbW(St#)hRsM*G-K z=Y5AiO*iu^^4_CN{+4&yXm@T{)%(N%C?;U~l_S@~546< z4rP?89mRD-Rg289PxrV4m58jp!ZowUj%5uSpe%b=eo|?UeG`dnEpKjcwu9*=Gbv?UC9oowkGU0Gtb<6)CL|t^z>R(i?BovF_K8iLr;D)}l)t6SX-b7JptjrPp`FYNHE!-D)pBUaT2I zm7K&ea_{me#3!3PfxZWnO8{WZ+|9;*cUP$!&$jF3<6pPrd2RYPZZonaV`u4O4Q*G( zhrqzfb^a-_?vM`MEYg;Y^Ro$Ljs-cE5fll$bOR1s)*N zruv>ivh);b)#oW4X)6*kYiI5&wfK~C;XmShUNfb+HSCQzZGM5I9%%&shvf(d3)}xg z0{`F0Jo~q2+JC8otJ0KqT9-iTzN2wQQ#D|gk9H4p2_&Eck{@eb|}3>sBqGeBAHmDk{Pl_^5@}b%Y6QAjkFe%r?CIt z=Ro;Vq+)C3YBjBIo1Yu2uGh^MlSdr^6ArrCgf{DKOMuV%elQ%SYmrdR>I5mO5UR6% zoj_>ybSh4;Qh*4{$Zh_(`>j)rCPGV|@a#8 zr*Jn&1r#Q_uQ3D)jYHfcWR&8HZ)lx|UR6r@o;joPHe+#Jx4dnxCO@op-vTk>F;enR zz}SNqOyZlAB@~pADv7b{_~ExbTEwTP`+gopW*I&iBb+S#@D4O5ssz~Mn36P9>-sas zx&CDekKVqZAMOS9hEShY9P6TBpSzV+I zV+3$8fO=vE0s>QWDFJBc8v|^SD7108Aeqplzu{V3JhfV2`gso&UCZx7t&k-&eU%@L z?b;Ujm8yLO$SuN3*3Lh2F>X3_J||Vv#xN~I*Ub#b1P4pZ>I||#i5La54mHdSutxS; zB^Vg+L!jpEBRn-zP!ti=c4PN#gyuq;E?}2Y<U`m1hu7m>V*7et{W}QEiZ2JAqo>kRi#rxufEN z9Z*o)m^#=^=w*wL@{mb9u|i>;QkX>k7GN|Y4osYU7;}2ay5m>rznzNp>1BGz+LR+0 zwz>OPBMFDC64sVSyVnP0tTv+}N~OJRc`D0z_|nDm>aJIl=ov@aw>``2>$(o}di{iL z-P{lt3v)@9VKY2d`1XEgn%>N)T$^t+b+kgCi6~QBL;Tg6qDI%8_PC@WrQHhyL z<%j6Tw?uyVY2@{E-`Zc*ZU1a8nXWrBiD7Nz9TWM0#*Bbz_u{Fa6ez%&V~J# zc8(cWQbvTj?DedJNGLtmTr)BA5s(n*--5Ur=Hrj0i7aMIVP}@WaTQFSOrZtK>_rr+ zSi!~wtuQraEon(V?rPx8s?C0~f9f*sJhL}j9Lc961m za29MtO4L{a8#*OJ%ai}E(&p3P+f?uBTKukH$dg3~XiPJ<2nG^-4SKa_% zCxlwYE7C-UBM~SK+OCBnECk9l?}GXeZw%Z&Ad7$@Wk49?*4&9wE^^0eK$+O(q{oc1 zEMtJ5Ot1yyDQb3&O%p7{=yW;Xz4gqCYWAdfe7v`d`^Z2DdpHe~cut}h=E2dAP1Nxs z1rje+kg*dO9f-|C7lZ;mi3JJ|eOut&=x)Z1p% zsB<+NT8xd4$ZkF&8Byz4E#>)o#{?KagDxlLUafAM-7wJv@(LU>W?I`7E6*%R&|=rq zd8jA_1Y-qy|2lHZQC8 z_w@JAKZuxfaptC?Dx%g^t;k$i`R4PY%G;)-xqleNpS*1axd;t|Bo;O%XH1;*d>| zA0paCgEh-vW$^mDH_ctly~Q~sWo)bb#Lq;gaW$U*L(>%RUcREK&A;a4&eBk_RsOg#U~yQ(ZO<*@CCxC-;@sx48I|d z@Cv>*>rpp$F94D7%oQ0shGEIC^p_m}C-AwMe&OJU8F!u)*K@(8$yN<6Yl=DTfc%Gc zHtkNq*4?Af5@vlcAwGr?a*~qd944Nj{s?i43d+MDlIK7@$C^#w{AX!3BN>y=5NIIp z=`h{0H2ckO`|@ne6BFW`PaADo(cJe)JQlP?Z<*AktORQ_FxnQJL@F%5w{fp0f%?ry zwjHjx6&FCbC2+L?7a`#AbAW0$9ry`vxxUFWTv=qL*j58j~axq1aY;}hG#T0ZirO)f^9phMo#VMAcwkNz;%?1Os{HY z(}alImC-O?|@gy0i!jcFj|hD36B`X-e0>4EC+iXo;ONImvh_JS;hp1 z#XyRu5XWXWMQ%mQ)PXQFWGK!yPJ1q%N^(HWD9eCH#}9@ zImPY+<_9#uDjWSjg(8ms1Q2HU?@p?tpSkAK&O!)xwHG05SQ zY0_Y9waEz(Nz4v>zADw+gG1Ui{=zd8XkJ#;Z7lax19;ctJ=<~VljZ(=P65#i6sAmN zcYE-O1*YWTE0IL9XL|2;5}kf=zKs|M5zArt)U|tO&#*%;UnujR>XkQ7E0KDpj9C`p zU&D~+_Hl#cjo_^tfdN8MyqHbSwDC8xhxdIQ7!D8ie<<>FJpK?R2#stL$E2##E6CqwcGgAsAJcC=5B&_aeK{%K&URQL)qmYv7&-NGFWMRPiAxhg^+&-GmIs3|#LG%3$?n#h2SFYN=~<(oD-AHfhs08=)k0c^ zZ3aO6x-|`>)`r-}VWg=JBM-O8;ro%FzNacpKjZQ93{M(LGe_meER8U73(R+Qdi5F? zG%tlww!GxtGL%DlVAe`e8D{)z`&Ura#MF!#!_#y za+v2&Q!o1iZi?iV9-vF*K?Bw)sJG(SU{3jSAp*{NbNCi0=vt@ z#wDZHMn7n$;ZzE#DOayKG#M9FZKbW`B@hBb&_cjZ2cXJLi$hBK}F0ajpHk5{F$6#_| zQ;o3~@BQe!2N)1mVu6H-*2R9h<;dXU)76E=$B!QilUf{LakB;|6c7!Fun62Mif-vI zyJA{`8Y+nZQ>Z2UI6@KB9;bYu$hiS&){P1~y!-O-@^^iDWWdss$M4&D5#W%WDX(eF zZb@koXxJ|Ue8eWSPi=C;U^C_WMTW`CVL~Fn5tw?JQI7acTwjwb=>IB*565rcfzPbY zjd*p_iQ5%EHqhtkbZZ%GI!VO%{xsxg)6pcB6hX9?eEW5Zx%a{L#?_Sv-%T%G-Ch%e zt}IP@jnaub%!7dlZsclRG1!c@ixlGf*p1eplmLCYAo->@RDb+R$GYa14VXInvcGvS ze0{Ot`4d{o@>ZJNID?`&2wuw(XUuC+!=|x-1xE*G>zJW{Fk3~BiIp}{f4DL9fA}!q zu}Nwwlb=F#2w)`v)>PUcO!#$^2d;)3csjc>_29{e zs^fD_WVdU`FP%WpZ3PV4bJc9Z4VA=zpm29GXP`R;&Ocf}GnSHe~Ew%1B04pXX71hg&U_RvT0Z<-(q`QIIx5T7SCk)UR-*)k zPa$QqgE|3*NK3;=eZEWufk|E#X?vu`S?vX>i2=PZqa>w1uye6_59056!`AU_QG=ge z)W1kIRzHW!b##8fL1#lF{=?CMgYiF@VKXwa{`Y3szpAN2Hkj``{a@7-j={X-{m0mK z7M|0Mbu6r~H^i2R?C-3)8MXDtjkuJPO}XpFPRolS;KpB+uQ?L@#2C!qLS`q{Pg=}g zZYx5B1r8{kM4iNh1qujhGzct*MB3@vg9Srg1cMWQbjzLOyNfx9rwhyZSR%Fd->de0 zo=2Ya*Bq#gZ#jOk3yZASPYeeH<~}#Dq6qPR;)s{acWff*)kOx z3?s9h5Ej_*mcKL_idcEY7v|&ZIAkoB;vpbRQG#p`SkVT7F67qxCFvpZ27HEI+H)X- zA}f4|K#dxETDdl?H78=k@-MBGWhLdZ_3d^a1l5wumd6 zEBA*NEkXa&oqdd>gKg8fB|Oq2XPfC`pt=`q7+M+St^W9G_3Ui@k|xtn&abo2XKiI5pcIv$MeYYu}?cr*E?QDIY)M@Q3b0r4p}mr}Kg?Zwv^o)PL!BaoCND@Gup6>qMZ zt6r72%K`^3tp)Ma+tV$khgcCo9bP11gpm2DDPYNz{RR>a2m10$5xih{jb<+0YtPVj z79<8h0|6W>AP7s#+Cu>3ua>kbPfAtr;x1Q)=%CLyP*%meq|S6x!X0rnX~BsDcNaPp z%|PX>cUITFphXd}D_*4#olF_lcloU^aeU{FH)ic$!BBYHs%4{>A`niUl%0&`61@}y zjH2CGp>gE`O}aEQH14FAqA7Nb1~^qdo*&PI2e*!*;hkHs0&vBqb{S%9iH^-`6M!8q zTM@418w{DSpe~xL%yo{%#-VXDK#6z)g42Kp^AM!NkdY95??eHze2_Rn%OEm#&C-_F z3PPiMl4jo%Zsw=GiK=-^kN_S*gr;hS(W$^Yk+NGOMfCIa64XPJ#uI7g^509>`GRvR zx32MK(K07%XG&|;)ON>md~?pfb9vr)m&4oLQH9-n9P{52YVHB`$;!`fAuX<{NBW9?r8#O^|za$V_H9^uAq3q?jVH7-#66`61DAUax1(0T`GF#hdB5E}k z9!KBV%*x>8BGbWCqac&aePj)vO-ri(nS4mUVPFV=~swY^2GN*l$A3GyOykE@!Nd zR!h~UwDU8OC@&eO@C+6P-XDl`t_1q2vad$(0NJ}ZSvvR}Y;HFSPRi&|mO;Ei1p|oC zYF8_`x?T#bv(jEhmz94^LrQU)BA(Eha0L3q>o6fSHHTdgP#B0HrUPLM8fu#9Knaazb2Ga1Q~@xg@Kb8_wxUGmLN_@=!bAz z3$6tbtM`8IxjwTrz8N3dalH^;^YR}_DNjgC^4u>*Hz+B21d>f8(c^gH`#@^z3&ZFA zKhb&PIm5GNh_S`%PKM}hUWOOu(fwMNiLhl#5{lQddD{7XM)pv< zzK;w>TAqE$sk3;$Z38>osUE|NSu{64BazUra$gfYaJ&Hu1g+!kG?4u%`#2J#E4TrS z55sKgpQjO-Y2tR7YMr{)RE&)dgc(&2*ntuHmxEni6`KD%DkS(nyiiQte6b9W^(aQCmH3mi6(1I9y!raaX2~$Q zm7a{zl%MYQgQ(2dQHait?e@yo@#=@>$eF3K0j`1FRZ!C?7V?$Cs9cd8>e*1fW-!{l zp<^Zh9~=>Y)r9Myl!6E{2*{5hF-IDS9O#Ncz$6vV7_X%|RL7}`TxSsBp_e9yppM9O z2&1Bh!U!^oLj1-AZ9_He3NJdkbgv@7fSju|6_{;GMAI(JzAS?d?*VLpgAb!>1*vnQ zc9bdjw3Zu;AQ4UmQXml>Dte=eprx64a(^@{%X8+1C^zUU7Hia@sm#CZ_Nf$kGBaGA z{`7e_tC5kq^2ATKB3G#C*p^RPA);9BC^$YbR((t>rBC&HVxCTSAlK`NKTL{^ik(Je zMS}u8xON^e8<%j3vI-*Q*(Z*?ma*^JQc{7y7eHOZs6dkdt*UOpcNOmsjfmQFY~kZl zaf0Ztx>whDLn$7}pyguNf$A3;0Fv|I+_uD~XEZ|Ksb=l$0leL~dD#gBPZmqbtPY{|4WX7yq9QXp59 znM3NQWjigiQ@vIFG>Q;|4!($NCOqAOvne8#m`5Yp0Q1C;pUbWx$?xN%D-e2?DjTqa zQ+_A(2#F)&J_GT zqr;}DQ}oMprYm(KG2;_{@DCFA(ir5azJ9;Ram0_)rYco`?21Hw;Whhrd}mhwh&!r% z);l;l#W6`-Eje8CJND@D?sE1)z#!R((AngJywr_t@8&Y^$!P>}ykTpZp3RDY8xAP&k)EI=mr zHKfQjY1gaiP>MY{iA+>Z8u6Eh|`qjMBgqr$-DHvm=S5Q}ztH|okpL;d%($#vk zR8!V^K~-FU_#%p+eBS8)xlwk1ke_5t{b}DC(Rg&xcMUAp$RY-9WhO`OGC)_d;}5bUIO? zqC59Obw(ste-hML6b+;{VyVrlh6n+*lW?H-=hFct>aH=#x6nn)`jo6wHA!{By*}t{ zSMlkdu!4+{NBLhG)}h(Ho~*7R_^;--gWIcrli6?ord#Ua1OZ;}4sH*9eBa)!a_Zx$ z&3c~eJ-v4Po!_iqI1Yj`LO{yrWCX9qL618JNqToKD}J6Pf1L#%?-&dA78nb1K&*tg zASJUDvJ|olWE+zEZSm|LZXNT;(e-^@Pe9dS(8Kff;Mp&3{Q3OfcB6;b)72M!T6)EN zoL)cn@x$%$7vG0=eY(%^%2RIDK-E$aqTO&PO?*s3Qv0(CUtC{K72RJexj(P&PbRN# zbzjoW)zj;LMVs&E_ahH?ZRNA?q9G@y6Z0&S3S}0PNhUdqbIz2F-z~sPzq2#Yuh*Qb z3J6OSniAGa2?nBkA+D$O`SAfz@b#v3j;E$Hyg(6;lY_(tD_jdkAA+Q10qs!;6o#?4 zjA0=dDb8?-d={(dU(-&WPyGG3p69errgOb?jxj8;5}465h>UJChxq{Pjv5bAA(gnl z(1)X`tpFM@cqRw{LN6V3=ti%!=t8^uV4gTCw(`c5M)OicNX7C%(&gU2G9QMupnT_& z#bK=iA8uolp2nB{=uDjf?cwroO4;#LhA2U`zK<+_cp&}b@1aG`!10xp!?mR)>x)lUK3P@1fG(YL9rnv z8><)(ac(17vw7{xkVoA$fuc47e!D;`8I4V8d{0IaM*-Z}FFo@zEU=x#8gtnRxju+Y z0IvYfuz7)q7zse^m~L5#KZ_mXx2l3j!Or8qU%K1lK74|;ZlZ-~rmR~LlP9wOw3Tvb z9Oj3eQaZF&;J%HL83_}nOO_MOCp4D1`Cu_{%wD++BWK=Ti7eD%)nqZz>Ofr=^WzM?7j8xB_b+xQuC>)m!@aT9VK+up=@-@f7_R?*U^spq-B`XE z2P?$0`>uO<{)xW*4q4d^!;Q@i(~S;)rss)RiZk&<2jcaVti>hIWFF2tMkt8pg7hI; zXbGA5Qns24E?Bl14OpFXj%>LmbCI{M4Z^_24*zFC_x+MHwm-y*@-*r zx#@RA%ZIxA9?J*b3D9BH-E4}T@|da~nlS$?9?OnO2N2aZ+Nw z5pw|XeG<5@vc)WwJ>{dfO)pXZD7drE8H*QSf?qi7hZW&QxfWe(Hf_u^DoU8qPFu`oz%K+-#s2|k+fV3mOw#X{#+JnbtxNi*JeDNJ?gL&ba}#e_4^Cbu^R zD1WAzI?{C1#vRMoAc!&7QXR?AZQIe#pz%^^{A4}V#jGO7zAH(?7033b?nsJNl`rUf zSGD)bHn6Y3Mw#xY!>+ige|l%r&^w-v$$&!ichfeT{|+U+%LaAlYWz5cpB1WT#d}xV zD_HVg_xmBGwu*VwBI;S!l2{*YVEsOo)+$ojyUu;icE-DAYij+9za-`7; zD?Y-2?`YV__;lqd5S}6ogO0pM2H$tKUD7_nWa2 zz>WyrL4RahiSrbXO_o?|n5#x1VumG2cbKIDA`#QJXiXLsDr|y2NjsrsNIk6VJTT{J7J+3x z-*`Fd%*Fg(40cb{IF;e~0$t(3l(zz&WG@yN=6Q$GlDq z;$zu{9SqEyvXDa&0i zMzt5@PBV=o(pHrjTxQYM(b<~Vi%e?&#fgy}6uh{2;=`;%OY-76ZmUrA75eP*t(Q|1 zvwId>Cp+CGXG*qGLZ5oqVjCW51)~RUrZ9u2b;@Q=#}C^qh5k$00ncQu`$+IZc=fw# z?Km;VrPwaEG2Naed|)o^wl$-|9C#DV_O^c}|D5t_ef*9a&b1o}_C^@Ic_s+qYXL88 ze1cQDfd2DvxG@uN&3#{V^*6een0_O!+rqB+{;Fa{mgA~Y$YM6B-P&L9RO38vCgUS> zdbsH<<}H|L@dt2o;D_oz9DzAF|AXBXBPSE{e=VK-?F(mfp!mM1-&)kCTDTlOpOV>; z<+9DJ%{&%f-4kgdjENs> z;@#thYbKLVj{J4TnS7#jieSyu-0j5S?2$hA+V1ljzJ_{xsKTcyD#shpO%#`&|6qJG zahyrGV(M4Z=Mv$&f+5Sz#|46K6lH_;z`Lht8#F!HgtwV4xK0j5eBiwh?dkZ_4r`zj zL|fx{asx+)E&ItU#tpJRcwX&^zz=O}&WElYtZCTbmBe#qT|ocyOrbJ~zc^x(cqH)z ztDT+_JdO2zp#xyG(Pa{1>EqcPJqw}w+C(;&j_dO#aB$JZ5b;DF4@RTHn~`}ltvz7m z2T61=7&S{6w&znaclHlJl_W36Q~Vc4!GDjJL`Z8@TJh$xg`&%Hq!KUz9^4Xqo+ zC(;G=&d+RKpcR>{0QN25Q=t}k`RA1 zhE33Su&ud)zS3@396np-yBsRJWVRbXpfiB^0&!Alo}CM+XS#b}CszO<$tPG->V>In zrjO>1INzxD{XcH)d(tv8eZJMB$u8J8Q(bIys&6{XHrOi%WHL*tK^=6eL{NFZCkhwC zMz#@LT1U7v3&K=HS(kxaPjz&l#XK6Jay8F;nvbHM-YoILI`A<}q5}9mP3%0_LxmK9 zcB=z!Gds7xm!1izV9`B@d67Dut8_pB?R7;7c2sGCDCV79f15~R1l*Z*>3k$xAw*{b z3pwJ^I@uUpFUDj(buJ{rnLmj0EsEw!X_GAI7CB%<}mRXfJ4gZMotH++sxY2ifZ(H1ex1t(V}3d2a)V26;4mJy1g}|M4%x7nj$r;DuYmJ&U$f z>*8Z=7How(;YPlp8gDvf)Dr2yVT4%dCa{vWI{GJOMrCKYkgg0SoROt=kIKMudH z4(#yGa8*G(x~Nk2iKB3ja3-e-^w1R}iY6K6YQ7Funn(((O{W|LKtoz>QvgGWacbq$ z1OO?U#SoSIZy^%SC_%WLCvJ?`(EQ``b^iCs=7pud%fqdy13PE%ahV$4euvGX8P68C zgKFADV-4Goi3&}LHSxiC;uF9QVkzsDk1lxzQGBwSmUU?1$fz#3nc0VjdPT4RzwDA2 zPYAD>W5x?*W#yF}N8sJjw;x9qOr5-RZAWZ)ORMp`nDqzKohDHX&4G~nx>t*4r#eeo ztq6wiSjIVNthzLH)%cHE(1_Q7vbXxVHlm66$*Y$2$;`c2-!!ila(;-x-W(f{UAQ60 z)USBltBE>=B@2X76i12mn&a%& zN?Q(tmLbMyLpj*2yD7|y3`ojwBoFLkRfz1n{xx{@yvlL1pZ7yX%~m05068!^f? z7znoa6~*sIpfsiveSLjKY&DQ5tlK1+Xpe1&KJDGIx~(qpJso=FJCmP*s6T$j&D(UZ zp|pkLJ-0P)Mz77Ua*oJ_QN@)w^*vC*h5U+2a&7gXU13+m8<;recjdDsTN}HYIq@tv zDgC;w6yb4m81Z~zhGXPa(11JV_RxgiV0@15W6DcDqoAHJo&qk$EnL z=YC#XlhnWT)xx#%_64O`_~{?fj-~wr3~kyg{2!7!C-Z+0doePx{nu{s+nTn&q#}gx z>;LK4k{B4h%2f$4noMd(gPvj;~N9P~J%j?XA2!6)3-)f4Vymt5YS?`Useq+MM2K1{C+ zIn7mfOk5uq29Ha(7WLr$x8wAe9c!&bg4xXiN#t$KM8)d~l(fp@V#}dph-^q@FwYf33rZApSVlT=2 z{nYTx7>a#|9@#!kz7vG2P#A#%A(-WnAHoE3b1=)vylP9lk9nY4mo%1ANe=cr{90ap z=E5vcBr<4WkW{#6`v(>%t_MXgG03<@5TQO0!-U1!nf!Ti_mL7e9dgKWTz{tI%j40e5TMQ z`3!w|)za4g*r27oTj)-%lDgM6OstfSo{u-1nMlvCwga`MK(3Lhwd!Ear>t*deH;PJ z=z&VYBzN)$sD-?tfmFSIz*xO%xTP+|485C}_JqKYpQD@<3b-DUs=E_G61jx#M%Br& zqg!)m6QH+7-R%-XlE_0pm6YevTJYuiJaVR>hfrob8Bh+sv2^% z0Q%scM9GcTJMyBPa<#s*|F-SLnWrIosIJ_#TZithA}2iGjjO%zE}?m|)hCW34xeT+ zH$lZ`Uht-_pnuXozgYZ5OTHTcSMB=daXFxM zI&kAZMbBSl%l~63@_(uJIT-$Hz00(Qbn>PMLhpzADTVsJ;Z9P;K?A~lfdt}TJR#Dh zG&Q_>&{h+g$OeT^cP}$966qB#?7xB0PZ^4Ref8cl#a$6%vuOId^nCtQ3lyZ8D@2_; zB9Nq&D~d^uMVc->aXX_)B$KG}3$LY?Sw7_BGq57f|-Cvnv)*2sdMIt7ak2_ae;!1%GmZ4WgtI_yq zD757v)ZW(g1Mw!K@Y51h^NH%xbcdfAH?r1o(xXP^_Vi9GLJIVI?}%uAMwl@QwM8M; zNtAw)V6g`9=18LL2^L;hNg)p7#UKmG0yR1k_uJc^ZcL&DWZ$JyX}J|9DTt*>jWg8x z?3>-|@7xSUd_u65?KW-RKi9abOIl!jw-msEI^6gilFGPJ7t0sb+0{3B+ufcIqc^ye ztCX*sH($Qvs21l9R@rp|S66KIjc_#&W85)=@v~_2+HJ%Yo_FuZZ_5`a#YKSQ@EH>( zVo59&V*>Jr$q6!#5`cnJn<{J;+3?clmkZ|Kxv;6xTL0>2_4Q~$WBc6Jv>~AqlBl#8 z!Pb>~?!ke1F5GVJD{seMVc;a!xowqwm~T2{0NyUQ9$vJaS(uYR!?Tv+5o!uVH1QV@ z{(d@5YknQ!KtxGX-1rBEIKu^)?gjpg664b!60a+fV-})BAB!)#jakVg?sG+Qo`9s( zX-HKJ*Vq4YfC-UcIuHOl?q^Adv3Kolbk|YVO4%;$;L0d=6(^=Q>O*FeB}e}{m2$-E z+mHc)xh@v9Rkz|?YN@t;kIbVy>4t{Y0vZZAdO+q0XI8Y|Z&F%y4W2mpuVtnJ2g{cGw7;x3#>CyF~jumW|wv6(0EH4treeXAJqwDgaXax z{H$vbBMDX?G7t>O#ifX?PiKm~fj6@yD9$OrOYS@kvxtkj)tOg_N`SY>1bW{p2x3ri zvbe_<$9)>W$=%C#BiTrVb8r&EghHO{SK1G48Q_C$%6eW~?>_bHm>!}P<)2AH9PCHh zBLZFGDwt%2VED}pdc4pkS>uBLQ&DzWUb!%fsyg>u<&&Y{LoiIolk55YIQx563%;u$BeOx&% zCxE71va)TruU5YCCf_XFmtK+QjaO$J&F z((12YqZI`|k^Vo!YzeOT2goCn|7+c7W^AI1FN( zZZQBBoiC+AmKW=&6duSy>v+KFNczR(#%gl~w$>P~<(0d611y$|{%Pg7OoR9-XK3|6 zJWB^7=dhVDVfNwyK8fUKK)@kGh8Ov<6aghB=3WMgO}_`-kiH;bvCY6}oxEx~o^D6Z zLF~hTKW%yq1HOq;WtavEif9fnCR)n_>qOs;`B^%%)XlHycIEDZVbnx3y#UO$atzCpatZYau}%Zu#7f4waC}G$Oxa7Nb3;+8VpbQ8vOPjO?m|(*5hX zv1{7X0uL^L;3Un8V&s=0HX`=M!GVF=eeH!rbF~i4%Q;^EeNzAN29ugoImFZ`qZmhB zl4I#Y#c=w7=5x?Uys{l1d9rA8pr>fYEtNM&fNJ8!(Cvf{mKsSEWpNgib<=rep>TqNT+ak!!3rkf)i|=@!zD zqv4}Ty4w)UwdQn-TP22}Bom%g_dmN^y6h`bA@E(iG0tmvwqWs@=`YgEFN_@SYZw!~ zT5=R!Lb<8Y8)`BfmY4Y2riYoaPjRGg;8l>Bp8KO+gvyAOwXFQii9w4xPM*qb2&ed; zAa!NvAHZkQWtjhvVmVm<-yl8}PX|*1dU+!&Wfxm0dO3pMZu|cLqMV#ves3As{_n;+ zGvhCI>c5=mp8nsiUH^+86?)(x0SC?ibOdY%{YN0-sL<8`qf5HZm?RNK5-iDom$}=W zl+!Y&=We1Spq9HU9Y1_%e+n~+Jp}=rKLlw(K#1%puvj31g`_(aA*^Nu1W$?{`A`5) zK0$$2fj$-dV1arz%)h^lNu{Sj(9ASaPb&!@b;7#TgDwX3t;R!>? zS~dh(WY2`Kgvy+s&={rmNQnFTi;>3^j-WN~!R8>ySVIfNeeJyMv&5O`V9IJQrua0msmQo>_lanFd-pYevx z1`;$;dRsaYzBi38+ z4VhEmTy)7EF)W5&J!1HZUF*LE8F}k%dfBR?Q8$Md@pOww&(Q;_IG@Hne^B3 z`=)&g|9xk}hutT8S&{jvwRazvbzt zO?G;Hxx=fAw|~|1CT7I9uaA_sBAiH0I9Xkkrpz1 ztQL!8qGe#kv_FIREybs$MmwAK(sbgRsnsGi{IVO$I^;0v!b7c=%8omnA|jA_W4r(6 zMUke*a+5eI9s$~ri906CQy_c3hM3As9+1P&_N%y3O6M71F8XO0HmJmyL2w#QMd$b zp^Pt9BCb+iN2GX7i-xES{0m6nk;-9=5Sa5SJBnphd=!0R3KzYE*(!w^D2U}DSj!C- zD*P$b&a~4UMqdGLKg;Yzs6krXJhrDAwfI6`#n0+SsA5{YH8uyzUM87O=Hd%DL|q{1 z_iEMt`Qrc0y|xsDh1yO$($wMgF$7QV*WB=`rxB7f_P(LUF<2OAV@oY_iISfUWge6d zez>c`5qTHf)aYO`W-y-()l9|nEH;G$#K&$0{8n&Sn+&u7#dQ}wI9p$T-HFJ16N5Lp zT+RCnF*vvzuW%Ty9{Qzs96=g>%}^L~;&{X?G( zpS0hQcOQy&U!6!ltafvJ<8)}L?$SO)Y$fY$B6alsdN#9b3lFL5`%tg0ADgZ7$9kud zih2VBI#Q}zdw+H679?H~<4U=KzC-(Z$yqjdN_iqM>4S1XnRqYT>VvHAuSQTOtQFD& z)eIHZr+>bKl8DXyccsbv>x-z95knexFfx$bJ4^4g>*x1&KXwPj^^KUtXuhJ6a7*$G zo2iQ>JYjgp)W(+HDr0$rk(hW$(o6sY^uri&gpjra{%+P?wR-F!h*0G*XABk`*|HBm z2)Zo8gWNt77spQA0eOaJ%a9(uFIjsBzSvhn#NNo;3zFs(1Hb{v^F50TN;cj_B4{;4AqRRObRk0!V z9FC-_8(D=HS%s^N1F99;0M!lUh`K;^q?({gQQgogV?FujKVEQF(uOviG_>KYCk<^m zYiPq;{tBq9nz}`@D$_jW&V+yv7t~biN z?cqYiR02aAM3OinilLo!kdTnKE{323{s!IvC{ve@@y)kZtOu>(IL|{Lk>FetN%WXS zj%rc^cFZ-n9-r0}6-`N73ITwoi z5ul7!nPc_-t_HhYnf;&D6ChBt&O&Z17c{-JM70B$1b5&*edez~(%?V(jZNZe2l4~I ztNY7mTCZ&Z&Sf{_c78yxIf7t8Zd+UZ@GlkXlk)|1`qe38GWW_^t6~uO2pKut*H^(V z>lUL@2mVOMksEw@upt( z@kk^GwDqQp7YOEFu$-b!77HwuvK)4<^(z?#$j55Jj(Y?t@O22p3nqg(AepO-k&bIQ z*SN=s`lBRns~XbM(m47hC@dYmNkVNgi!m%&kZyU@IFON^L9Ncflr~QcJ-a@;^$01D zei>AP7tVId{dU;=-MA4nG@m}7>ga6X)M zD1#^x-ahbgi?Mj*3MX%b2h`A7T#NQ}Da4S(;g4i7A+3cq<{7paT&{fy0#oDlOc_@t zZ-~b!FcdFH++)B6`p7~2sv2q>FIrw1XvBhPE)-M?{^n8 ztb|4627L&Ft#6jst`SlB4^m)kOCIA!kXX`)7m`I<8kHu_xz<$(SoR(XB~usrFZeT0 zl`t3nNABK|JrhV*(>(n{C(daN5**bzRC?jsG$t+(jFus`R9#3rGi|Hwuh0a`e&g1! z{Pt!$_3d^rM)NQ>w7DUH9roe{MHChheSfeTa^`p8L*myD$FY+gI!5 zX0g*he?`l(Hg)CeHsatu8fVCS>D*W{~3@||e1lBm}ndDlfTcCYqfoOdV(0O9?e%nbMY*u@b z0Y66(Z@c}Gxi48DL2znZ41=o^5l9&tFuv+PR}Os;Y~ZeGAJP?ORGN#PJ3_Eu;P`+2 z4UjkdSB>~zIqG4*0y5b`225waPG23CH=l17G;x#HQZ_}ECdSu8J=bb%_aC*f&BK=5 z9E341!STe(f%X^aWQ04iXYl!VMq{_}8}Y4h3yZL`Uz$U#&~tb~QLUiHMf2qY-tRQd z2h;7p^Ky9}2OuP=@!YrK z!!DA9g*#y}64ztulQD^?JN$=y+-pc8ig3rOrwcpRt>HuK3gg46x^LfqSiHJ} zzyDTo6hL=uhcaX*+_L z;vov;L~rfl=^Vt(A%sX{%nkM5SZF3+c!hN9seb5W?@2aDeqt)wqtvrnE-17ws-wJ0 zD)FH){tw39F-DWHYujzxcHeE=wr$(Sw5@5|)3$BfoVIOE+uHrU`LeT<@5#=S)UV35 zs*xnAp0M1VMeE7q(uKDp?Ek)T=(pZ)px126T_q6I%ntBKhQD70z#TA&OP$_7KVn@LvkKbA zfd!WF*z&)=T|9jKOPh__IP>vh$=&YhH`80P?f41&=>xp!I7!*ZCq;Uz%Y$+-l( zg~qb?k<(kjziPA$d>`9)Uoo>vtoC>3!}M!1el9UtiiPaVyjDg#oex z6A!p;R(#G+R^nZ*fmONAF3NM2Y4SF<044KR)>r-;Chg4bVY7ptZv_QD-%y;%zgRa& z68!q42PxQzmGmFu>H{XdbJiPeX5fisLbMF3`=Mj28Va!(wL0kPf_f91-^@%^Daqr} z){Y1LpublAuvpw5j5q6L`emJ9N`$j%VkPH4nK-nr`6rlp_;>!ah;&7340C3As6TMp z=&{XfKerhKKCm3yJ>EH7a5j6bCx4gj2}uzf!opMN`{QVAbj-=KhRG`~4CS6&?LG?6 z8Fa5mC|0L*tEGoM&_9S$o5$z5SZxV@T7zXAiji$Mgw=Jb-6loDi(CA8S68fs5dZ~*ccSGB$1__PBOa%lf*f*SaWJ$wo@w6xg1EQ zVEIEaD`o$FE^vSnE?;h6mbdoTo4aoLxI3nG@~VgIO*oa#M~lA*)Mh+UWkp&0W5VQ#e`T9Zk_|nwIKt{nU4Dc)oyS_ITf64VzQPmcGe` z7pd#WBuE~rLOwK`1`vP`2i{1P5LT!b+9qnGMrqLNKbt9#<+eaNIQ>I4h5YI+Y8ka0 z-q}(=$Z&v*s>UHua&R!>kQ+J{gl2c*zF z0z5qtA}@4%SZddiHbJr#(4C3%1m$k?&c1TLyC3F%sz74_ZfTc!0SVYGHbbt2P6Hk} zv?)YO(z>%vlid8BTeL-)aig8tKG3rk25<-i1hW%Ts5$W?_+FM?4h&Yj(ycby(28~P z1czvUkMKsBPJ%X#WD{y@>4W;ddXYa1ZP1}lM7z->GPBxJ$W<^|j@fgBM~T1bHoBdh zarJfVdt?2h%cAn)@4>`s^kfo;rnwXR6c>w=SncKm(9~bOvgQUDjh)}J7ZP?lN0q+@ zRBAbVMUAOiXxyXObNy&)8TA_^gow$qPh)VX6$(`?6xl543*Th zvg07OUKcgTp@bMjx^UpV47=(#W!nS3jR?^c8G#T#j9BnOjP~)(NRhrv5n%u*NIS6J zK8k;}s?8-E7|Lm+r{wcbK>|Br9K1sJZ90v(J{jSz^ui}}Z!|QBUCrVYkjr4($#8F| zge|VTJJKP)j{pf;u1uGKa@RYNoFiw!9@9kt@E(S0uAzncqIRW1)DDPbIw`wXn zM;~sbk);d@FB1qd=4|^Ph@jlTdjF|@V*3w+EX>R-|Gnjww#=^$PL!Xm*c(bUF)Sc3 zA!7#|33*<00d-~T#>_v;Ow4A#qEOh#x%7YFo+DBFG786amwRQD)B20Gm=y+$M6It2Vs|HDh1`{S%cXLGsZUA%-9FvYF>>A0HE8YFv+gK(d&6DDRh@Df| z$Uz||R@GYdZ}=u1(S>p~CvIy>1|1o<_DkeaU7qYOtWNGdl~O1xvj=M@!fC$UVZT*53dQEY(f)Hq>XQ5VGn0lZ;17q|F zb#r-)OEYpgDmSPv6f*|PZrbT9L|_thQKVCa6pQlq1it~~m_v@D!keBH)8F_jFn_Ir!z1;+}4ut7mYpH3hICm7 z-ModUQ#Z)9l_DUr(Jwxm;b2I(|DFqGQ*SsJ%h^mT_|`D?yA2KFMN&bT8QM>%(Q zOvOI6pd}zdhHe$RT`@wFwRnsc@t#=c5FUnYpDsm&&AeOl{y-3$Jn zbBopG)A`^&GNMj>SJHO0x6Vc~t!xSfDk*U^B~jp#scH}Wrc@9pwI@*9Lac_dRubHI?IUVPL=tWA-j6`37T=;q6)USm>$w#fe7pw zl2Ss?KYqek#gF1DdDivKTKo=cU#`cfM0(0}uB<84Yerh4?_L|dKze4P>(h8BS%^kJ zG(Q@eMh}$JIIz?`7Oz#UHBzxw=^mf@FHW<2=YHk#*V~p0Nuiet{O(rP)D-g*ZhL+9 z%Ny7nVzD%6vyzn?8JreH(>+mOr0$3Uz02S5(-Ms~O<^zvz7T~*^;K~rGujEbzNwCB$yHD1%cZ;{e3Q5CDn6`b z8!MJBUXWs<*Px6j(r!t4lM=-~k zV_(#1%PmosiIdG>K^yI#I#G`I+q9{F+6qIA*6K+LBAI<=Fn^k!qU1Uf?wR=Nmid6+ zSGXfLt2duzA|qiVp}t!sw0e(%p&oiY7#BZ|#Mwqggf46MI9xolT4J8pKHrf*mNfI|R%oA4Z2w)g#vZdanl18mS5gH;$|w`z+8i+CV(j$zUgTl&2E^z* z@woA-W4iyYHdO;|pcoxU*uN;~m{6=*-}uuZ%X3RW2ee{%-C)zy05(5EbC@rQa9K&v zZ}|+CbpOs~#SrggJgV>yOL$9P06xAq(GZfOn}*Z5zSlpnTQvQG3z!m2;B{GWtmuk6 zFp9BUcXql*-$22<5tV*_hSmBT+;1u5kNJ^zEZB(IQQyq+*6kn~<+&(>u6G1u8Z4ZU z>n~I6^$iOk8ITarvLOI0L^VyzGtqkaNAet7+qo zKaf`lY8|f4>9#q+lurka$ZP$W-E+e`m|!Euakfm&;u+2kcRsf_=-w)APve8(*jJyD z;{4vajHGQbOwXa1{vI`4_~>SR@9LK!^k!GP^5Vt}OUg?DCns=yA|MTj1R z&IAf2qX*wWB6bAU&(!0$5L{3lT8=RUb4{#KpJn)9>uXD|J|A~_;AHcVcRM>6@;|DX zco6tRReu7v(eD0Td&Yk|2-mf>?`fagSC&2to$a_y;P#)7Ud!c&fQoW?SIGWiQSsX! z!>t)$Ap!}`Y8?`|Qrr|M8(;mcWZ`6$KK3!JUzD3iThr5@cHa#==Q~@mwVj_k*O1*D zW9lhZ5w?#+4aq8jP3+UAKZFNU5;P_!{UxZ-2rP3^G17uN#pa!k;7WncV14j@YG>NH zN_OE?Yal=nYf>e$ICUB;&N8R-*P4n$oPOa*zyzvTxkHV#HS4|~Q22kcZqt_f;raA~3=)nP zcbCzG!?2JYBB0_zc;iFN2;Z;<4eJK4tyPUWA&hySju}t6-4(}NLJ*3BeudNQxk3qv zkLksOnbyOpN7QpeJ$-49^Tj&0h6i^#KV8C(Od*8vFnJfk4TzeXw2WPEj(vKEK41^E zlaS3D$YRWK%U@fdir33i;WO5Yjmn`D8#QeX6_X|dRg2{eaerW&2LAflE412##Geg5 zW%8pAOl1s|Y&ZF{JoIj3{B&L^5+V#1?nVjekPv$%Us`_kxR7>Y*!@J9jh<7z4%Yf1 zVH39CurKD<)ZO!EbZ_3EnFp_Rld;nEZDt}dK+{Tbzq_7fx9aM2T#}+7 ztTe^-@D)WJ@|s{zP!9?|Gfr0&|T5ApI^$t$y+ z>e$e){sVhp<9Dl^=cK{wtdOlp!t$A0(61mgE_+C$Ct||@{cO%mqoOGMQW)rAd3xYb zSjdDLJG2~C5<8F$5^dl>b_|{q+ ze)bpuZQ^%!%-+t*;-p!J9GnG1HnHqQG#XGq`u=o9C30vbeVs|@7;0$@;9>TsK}&~3cxpP%7UH-RgQIuK zR0P4Y1EkW)T4Zr;KSnIebM4l|6cyKKlA{o<`T5kh_`8YOU87L&HH7^$Mg_ExSuhvg8@XcN-r)yL_<_sPj^M~@D< z8rjO155+MQ3uXo5wm-6lJ-)?3;Hx^0M=8OWDZpS(czaD9F^pLqVAiig1k@?vhFW5J z^ocXkN*g#B>@fl^wIhQ{?hm0?l@kxKWnBv9E=3V__+gzHk92bb)y)y04=4E-P zMt?+-z?i#>a`J5;itqIJMVEJ>C!j5ya=+t>&F#-YK%aSIuF7NEtc5?dR))h6)0g`9WrZ z7H=b3&OM4PW|ko~{?c ziKqUDw8+H#pFFwQ**O2(4VG#xrCUk9t}S{j0#y_wfMJvjyv3g-X5PY71B$j_z5Z>ogk)O_0|t9`zejPb}ye zy4lijRGM@h0o%~7FYw0@Uz!EhOH^BdXNKM0#qRqtAGyY+ZoYPqYGVyv)@lo75w%64W+=I6Ne7JJ4CxD|A|0=O!p9DElN{C+8+ z3u%nLe@d7)s=kKkLj{bFEi3O5hWwHhd?7c+*Q;vk3SYDslDkFA|M{&Cv6vy88#qq% zt$soln>9`oPZfD)oXH{UU>9~KmV)RUqZwWVAsu$sxD6^JKUbMEt+1B>d(!i!U(Ag1 z4?ktv&n9ARlA1WG*|WHuk>w)~SIVWHKT*pr82hEB_cUjXdvYn*@zP0jUF)$m-uyFX z3tQT8s)g@yHhQ3>fscZ%OsjOHTPXQFIi{&jt;xE$UJtH##4#&TLr9%a`mQ;wGV-W* zUqVp1*W%TtG5Rg@XS_L37Upy;dP~`1su)f_Na^a?M`arIp_PqNkp-*NcYi(iNmfB! z8Mi+Bjj0o$JJl&bUR#|`c*iaU&}aPo$sSh}1L3z~UV(t0dSp*R)0g@uKF zE|*!J!$zx&bm~d5Nf+Q4Sh6r=d8%YyJ7K3B6=~;+_-{P~cFQUjziGguhmR1xgQqAj zNYk*wjhIbLykR$kHkxJ7v1ya+5=jYjg8x&K%6#9Oc(*lLpbFtaMh zbRbQtkz1%0n;9k4h!%yb>mcJfh=a*gobB&^q5HTB89_>SX;*y3w;( zuGCZcEeZr;nIj&p>7}pQz zozppOXo^#{P4NDrT*i19R~DZMkIb$SNoBWsH5R#PDttygXu;b`703<23{7(}{pnS_xBCJH4KhDW zaK~$}Ts>~c?b+6aCr^Ie8RkqE{p7ZUhy*Uc6sA!PB_Gi)M*YJf#tuXAtT$-JiYA8M zp2VmqZI}x5Y<{xk7o%U~Q+#UL@s}fj8MwEii1>MkD4^16vb-(mAZZ$~5k{CoO(sEr z0xy`~@S_Lsw=OQv@4FYL*4)@zoA5zlw>MzJ&FuHS!)jI3=qpw6T}nN1V>H*i(M8kX zULAj?4R03A>pg;#(J)hLVmC`DBO6NgZ3xfn#bd^?EkxW^Yr(AcjV~611o&*{1JdYJT}=>R~Nf3 z&qz@6B0wRyb=EIKi!>g;;CW{G)7pTk3>m3~GVOP^*OXkX^uL_H8}jmI*DtFtV_gIo zc2y&74nj#_UxXTAp&|?{zQ5d1qOnW#sB|U-_g}UCc(b^(bmKq_P8xc+f|%J&SE;!1 z3-8$rCFB+0nq4u$^s;tA319si*)P?gwC0_0JGUFl^V+BUf9Eo0F82TLFW&#}P&6ak|2q`T%)$C!^D4J=bZYT_Xk-Gt#snLf z)sm3~U_Ugnz>WVyBLf?mp@YVG0UKqH|9JOXtZ|FWT*Tsu3KlZ(;cV>i5m7pnke*>f zaN5oAkYqm02vxo*g(JPJwF5Nv6BDc&l)-1&#Y=7r-Hy!1|8f-yOMF2PCZJS)hu`B@D&OL#2b=vJ;)f{}YJQVwK(IbOFruuE_|PL@ zR!XuRgWKBGsM2t5Lk2yZvWw+5t>lN~XI!yO2kl@-A;f-Twkk9{qHR`E#-=?XU+Rx+ z3lXE28$@SUT1R|oLa9{9H=``wtIPTwX&4!8(C#ZvE_qBn#z^L*HwrfxUxG2*iT0^? zly9j*g;A9kC3C8i36mTqEeB35lCpR_CZgsHR@a-cp?u7&3U@#Q3mf_MiiAzv`g;&l zIhkEf3W+VdI-sDrnZ~}NxI;Q}gE~2~ybe6PjgFB2&kvubbWzmRj=j7bTU@-zF6IWV zzNv)%xWt2yx>aqIRuqD!4@Gqc^N$aG_+^DC=q03itE_?b{^1S~04cK~{Dv#q^%pWy zTMh&$mmzJK7pJGl7`P&eYfzjAQ$>`b2cX>u=Z<`xKK zzX4C}O@_UnT^vo{7<2l(4&U$HOy5mr?giav8u;tq4BoyU{k!2}WT@Tlaw80>_K`Mu75p5;U8utmr?maH(J|wqx2GwvoyX_X&1WI!`|F_6e+Qqx z(?2~e?1}HTbI<_MpU3AbXg#>nFzBw#xV|2I7dZIM*b*LD@mG1^aPRv<%ccQhSnsC) zFM&SouZPdU&y8Gz9=y0(|15n!f7u1qCVJi@UVI~?B(fhT*a^3(j=#CS?e?JT#qoJP zS!`&lJK$ATeU2xDb0Q8H{Mg;`$>`pvY?GPc7 zF;u2;b0HsNNVi&Z2? zX4UK)8R(m(vFvfs-+uzcfB4b=9 zvt1GD^CTQWSCC*Ea73T6jgWCbiD%Jih67B`myt0R8_k9>&(9E07aRM|7I%o6ui5$U zRarbJO`SJzB-+>*7vy5lX)FMa8#orwFyyV}^&6FQBO^VOOlK0vx9($4@0PFM2I~CY&sLupBM)$@Ghjg7vVU@Xs8wdb{*4vD4+SzBN8p3lvBERy_~r zjlXhb-gM_r68U2v5>&2J&gCL}4+V4NM2dGO)3R-M3kS?5$|yIkyW7-N$3J2KEfR6(B&4T$-AWoR-YP$zao$j}Io?iE;B#NMxu z)q;E{I_E2V$(Y+xB9-+)G!%-KwSbBDN(zM> zHe~1m%tUg*YDOK>V*SLY5CvKH6gH-^2E%9Xf)hxV<1tU9dmjf_)f+p#lk_+MEBnX+ z?=*TAS7VG>Maw2*|2?->yI}XBduBero?n>l+8++(tlg@`&(wRValEJ0h=Ge>H4>Xp zo8K|aC_eW|xPmRJ9ESJ@;nQG=!ah?)6>Mre#x}8$LT#J#K=C8ZsEMe{QQ)>CZ!Yw^ zXlf`cV zlaPkK-2P(cOMJBfj*h9n1^mkUtJ}ms0U6-Bn#csBs(mZB;DuwdjL?FqZQDJY8eKtd z(}7 zJQlAhUyhzi-qZ5`=O|`)CN}Ir1NKI*eb6s{rta1_QyZSQ@lRX$oFAn+N)_wVuY7yK z*-gT%gu`|@l5k}cNUV9UQo}A*hw3nVWI405cvsM`0;z{OOMvbp`rA_YNl~kY-YVa* zTp_60kerQC8K5;ITZ>*f^-<+-F?y6od^10G8*DIim@FK6vT$0w>}%$m%@=`oL)N}p z=@Hsc-ShQOT0B7YqPGI8DJ9gZb-A!5!95BBVHaQNEj9$LWSW*A0DGxgqv6x`)*RO~ ztJycxbiQPmU=N0rqc;Mg_#hbf&(jIwsI+0!aMy1+PTQLiAb>1umD?XM_Bftq2viL) zpyNP*h&fn6Y-d&S_bvsJhKg`8IY0wl7)eN4RxjXrCK3XLISuxsg{FQROGC?8iFe(2_gTKso2?CMuwJ#4Lg>hh6`@3Ep`|_WNFp zU**R{a`T{3m-pAs3LigDwzT$y9}YB2Tpx8nj!=oMLGc1hgmaL^ElyG%5=A8siIN`= z1_mrKI35xN}Y#-T@4Dz5me$OOHzXsaG0=+n)`V9-Firbd5$Vp9@CD+#4Z!cH^_jX56B9q7PbB?=`rU0b( zam*g>m*O;7SEZmeJfhOJ&qkLv7MX_Tl=PhU8rHXE0^=D0S1Z*z{w&R*YE*jIO@P;z1 z5{sl*!z!hM=B_z4f*lGo+m*TPyY&gLOSXb6sQ=wz7?9qUjN7kh`RO=Zx{X*~`gB~y z^x@g25n&5(rIeYy6+R(<&3Yq-0EDft`zLEAlok#|9Em}a5DaDi20{p~u$fer_8>*9 zw{N1!K*ia0PIE33&)xD=oR0t1Lu0>D7Ki9Mq?gxqP7LzTciC2=R`fxGm6DzC{uB6A zD^H;e(luAGW1a=lv^P6wr?PxCmbd#Ih(=j@3m)0%tmWN=er3(4&T}#VzykzFW1$0p zb_C(pBw5L#gYhU-(@W*pR-DsH1k81Z**zS;8M9q$mQ+mfu}-O+XI!0)X69-o4!bmX zr#u;TL^TWRv<%nCsq%M^X1Jt+(fH!$MX$0m6+8sebWwA_ZYUWz_rT+qMge5GSW1Bm z7PR7ME}3G>>r^}f0+DT`!ga8YL-M<0Ybl^atzRuP73_~uvCGVnmKB7cYX$2rcA5oL zUm3urmv)+?pKdzq)@wE7&J>0htOlf>K_w!`kh30Ytd%5@MaNW@0Vvjo6iEHLjK1VH z&=f%vqd;K1eX`)wVV;9fFO0A53&x}D0U@Ni4MtQ3mXlV|j6zsu1`wp7Ih!o<`@?mm zeKNwD*8Ii0WGue@g%K7o1l-Of1fbJ=E{+MnF3~3=5m&@Uq;vaHZc#~pUxT(r9395~ zIbJ8T+V@U<^`RsxKIZN?6XNpy2{)=mghwzk8uK#RsG__Yh*M^;O>&5uwg+Sp zP;P=1ho5=-FOCNH1Y1#;@n$g3%2Ii+7(o|@E1vbE@Dw6~^5ff17lJXu(4s-`OHsn_ zZor%2sP-!!A2aclKTXk=Ff^FN%X8!5)M^+ZNd$lB;foKqd_&*j+2^~D$3l$TOPop;tP6XoELg6+%0#a7Yc(Kp}! zb`615bQTPSyWE=*JvYS4!wd3*^T^)}6htCvY%k#U>sd=S+C{`*t?Zz|{OYOD@o$_F zp54TSCg2MRD>+-v1O->T`jPv;Djx9UZDVBJBE~~S4`-3Bj{YI~VPcV%G8-|C_#eBW z2IYXSiPblIUQom5{PVF9n0hi+qyZIuDBoG_>f=1g*TFpu&=rJ!NQV`rto(x8{e@Y> zNv%8E@;9extV-g&DV_B3fqph88LeesP;dAPjjvlfC~nv$_*_w4h=I#IMdYCkFDWi#3m3jcf#SR2M*+^52` zj!h;&Ema?mx^4#ckQsyFqq5rW+&=TUAhhCwC?O#YQWF{tpq-AC_eJ>S6rbwUKQkcJgxhKAM;kazFZ-n6*kpBrRf;DlFGCuJBIt6q*yCzRGH4_+CpGaRj@ z4V3_4{)+G2k6+y}MjpoC^eArXqMfS{TmgP;_rxnc(!{2Ssm?5E%(#biNsyy^jfL+%e{=G3l8S-m`7*JPBXPH5*1+^VAp$e| z0FEcUDz_bF%sa>#d}%yOUnu8Ty__1OBTP(aw`L=`d@}6zu{oUZ@yaM>i=~8+l;WDq z{Cxb}hu$y<9iq=Qjk9x42sU;l0~q)0 zuoyFl1|k9#sgW0<1<6z?Q#`_%&piwY5M7E@Q78yo!m8{6!XTob7f1U+R8U9Zz>U&D ztvpsByno>;CNXb#;cHS9f(m@%NP;}IzC=(goZ4c)u~GQLF+#5n@}nSI--=j8RC9?R zsbB)Mw@NiF!eQS79!#~|qhX)pp+HuHgfFg`CJ?;akIDsJWX|bz2@CGuCBgbk;+m#s z9>ELj9ld^kGCuI5)Iqn&%woYl(M*2E_;~fQGREa*{E$iRBQBtF0T4X0Jej4pmuDMS zSBGb3O>Sj|c^`T2O|eMPuxN&JkOSwKNSkgU_w47tjciE`OPz&?z9)OMvT{*yNkzq+9+( zjFH2H-P3;ANVdl;X7g&x7tg>}-2(x5cdkZ@^|3-_;P$aht~+<+0O&|7(6vlwPZuY% zJ3YLcv89Lxy;J{25qo{SyF%3TEY=NMFNmrpfPq^{vN&`Y;7r)lNMc`kI<4TK>5CFU zK-ftNtXsdM39tQd1?0KYt1f79W!?Bf)Hncbnhz{mKLO0r@f2OpY}jDx`!cq%fCg1M zc6|RY*SnXSqlHU*=Il**3U|!astZNC4uIp{bL0QKfqOoLKcuaG@YF(w#MG4n z(U6_2S#|@jv@vPpmx$3;D5aGGjH5Ra(i62h8e)Qo-~{B#SZ?C+VscRKNoRDF$TO?V>hGf5RkXKvr zNTVs^*Gx~ILxq^>Ce+EbGQuuijr2~fYz?SMCeD)EanEyOY*T1Sv{1`8rI~f5ShvE; z!JM$8cdnK_FGTfM$BHiF&EMe6>-oh_uNjFcuYaS#H0T{*s1|OR7>GzY79n2;E*Nz z;w|#HG3Swiwxp33G;v-h3mzK(7yrl91GA*umwzL}=G~Hj?(XDpeZgl)imZ|%CK0g{ z97-U6H?sJV*uY_Izq@4`ub0R| zWNN_;;u%frl{dV&CXS^UC~+B&pJyhv1n3&62gyp>gi#(o@z5MTldbsP0OgICAAy3n z+*hO$q30A$SopFb4Hb>x52H|QPq=0p9)d6h$3QJk{GTs1XBlxaI7u`(`;~AbUNg_) zy;f6l7t2Z`hp(QU{LA!4&nx~aPCmah;(baga>?7ooJM4j@6_}Prw+E_r^+fIApb88 zuVnhM(ypcqYB&gS97v`m%g!av1NDYWfu>-m?rKVj0O?j6MXQ#FB#EyIsszCht~c6O zymkt%E_|yjT`YYCyV_-FRHmZ!prn=rP$B)O)cEIG9+3Nh#ag=Bppcp=(%C^_=5Hp6 zWf{E~&cos+lzjt@TOYH}vh`GI)9Mu+spu8yXTan@yKbWXVb7(^&nR^h+FkTVTe&X| zdDLd*Rbhd^%ILh##XV~VVPy0Iy}*XUidBDmGgouMtxUZBZh*noWmo~htE`JB{_PA_ zM{>a~kS1Wea7{soEcqpk?Y%Z-WATy!nt$aoY#d@`l7Zvhx6L3$;NJrJ0n$2A*ad$( zHwRDp_w8R4**dUm_T z?t3QMm#_!gcB8x>Dzbd%T;t-0=JN~xoLn~JSe%z0r9VS)LpQ)c2S10sVa1;8@6u4nE4 z7}166Bx>7dvMxMH@5MCHL4R9If@yu|mPEs&+ZSjPWLiw}OkR;(Prdx@+Fef{(#gel zOKaB_+fJBFKeIsNb7)&`PMDZnP*F2121=MdnLXH8`y5QWWoRr7+o4#B4Y-m}k3y40 zGV0m#7AR=ddTNQnVW+xRogIVw_}jFU@(Lq4>y-K=0kbj*fdpdeG|AT@+*c{mf!2Ps zmaR#_2n%zm%b5)8T9**T2Oy8!9}VEL3UYsdjdzn-*-no59d& zJ@oUBzKIZn>IUJ`I&OG}L2ws^z$}}(Usv9njak%M+#IKuhs?*^0^99~FuMTJpBJ`G zSPG@J3&XR8VZ*lk8F6ts8Qkog^FITp`Ea*36N+`Ic3g61$GE>IZ85JP!7@?O_SFyo zYL!m(xmN090$+HFv56j3-=9I)HOsr5pN5tujX#5}l>fY6;Szn(Xm>>84NWAW?y!?G zLe|{UL~o#Ph|6%Xql3uC9z#zHz*G64Rx^>@Q4xQ0!hO|kHR|LK^*}hU3Ws`Qgc9JSxi=N*wz+WGowpF8OCH8ttHs(U?sUAc9+yED3F%!#``IS7N*b*s+MOZy39 z=Wxv9@0>PUxo@j;GC>eirC`JLglb{NLW!<#p9}_17LDT7FO9d+s(*bRMMZ_8XH&*hQxrQ`mw@Udk3)HHJ4=;t(k{di7|3&I0vG1Vc4kuBnTPSMP_Gv81X~%T*+V{1fez z(3|OE=cO>^s$WRBq!+e?n3-4D?H{T&C5SglYLbMO;SB2`6J97J)zV&)=}}Nl(L_V3 zr4zYYOWS9}n!GJt-n2=?+iYpM5?#C9wH51iveta&g;$~-3{_H@4x;t{On#}Ar_u$&4^T~tP?l=JjZCf&Y}7jZek2RT_V9m5F=Z|L_LGm5x1Bivy@ z)duXNr+(j8ep%RgwmVvl!we)C6mvT*_laae)ix<)Id+xx^f`P3NPvBGQ#Vb@Yo{wx zX}eo^gWZtUXLFRWWd*LDH}-9bNb|87LAE`!i)IU&K!V|7m@dib(|dP?ckgK&v-F_) z^@^a_QY9M^8e7$z;2-;IkViB+jZ{+Xou}51(vpS{;crkTdm*jE%B~6sq-J=g+S;2bU>h5Zc+oSj%I=JXJxBBn=rJ?V-a zPdu>(=upt=R&z#>*fGd#29l;>o@*6&I6^t@~G^NWpUx$=F6>yQn!`-W4kR;qz#^(I|E z`6%xQ)e)3&EOjSK(@(lhHZc$afqF0kL*K(`>wwgja5FZRrSqD|%+0<%oX@b!v5eoSQ0%jVYh} zaemHn;hSKRL=110=4ggvFIX9q&-!F+&AwM-%xaAHUkd3o3DzZxexl0z+c`5UJyAA7 zwPL3pu9TnN?R--;YPQI3n-d~MoOG5o&AVi7YIB)N3GLxHlP&4#$g9zxe)}{$1Z$6a zc+Omo*I6!_)fDug+CLTAv6(OhX8EO?Fd0%@WZ z&gIhleeHobGtwBfT><-(kDz&!Lb)7LYPdjAD1u!JygF0(i!wCKh?pCc^`##9NCwkMtW7$FvyeW# zJc=13_*Il=h77oCOl)M^Y9%bip1`R##|)Mt&mP}q$P@^0YeuggXsown>ss+Kg@@bF{W z>xkW{|yg*$xUov`dz#2Z@e|Fp<9}#FNvqV@IvE zQ-TM_R%j!J2ijrW!JdYGD9krWThJNpmuvsR{EvaxbL@te&bZG{%W&yFmff}pW#|X( zZli?2e^j9h*a0ue(5z7848MH%31?s1{|-5NxAEmKT1B6~J3jGcbhVaGWW6k3Wb<|L z1&lR!D8&gp#bb<}NeK^pW zF&(Vz>#(khzkG&94vNMavrE^Pb0>e$6)f`VO+Obaf8YTug$2{!cExCgqZ+J6vAz0K;XXFla}@R%40yfq)MpnEURQ-yqk5fRcp z{fF9(@&9P0{l8+v7+L-oHjMNCgJ|{tz=pll%o=~>6Dt;q0EzkQ>^2JkgUI5oV+Am- zELxl!zXFkbJ$-R>tpCa4xFcE1nT$$fUjC&zNkpQwks^nnNEIV#+-9(*^RM7gB>af~ zN-QJOT5LnmDC$e2Ii*6C7sf-Q`HvGyQ^g4=j;gNhq{Kfp#%5nM%K@1xmssV^d+XW; zh-Cc%TpAa%B#_?F*Ptll90HK2jPK(_Asd#ue3FY2Nc8)RESa(Y{UwKFhPYwc0hhcpg}NGB_0rRI&q`1d zmmQ_B^NJj$I>nnjI*{!T?tVoXYnmaB%|<>wpSHb8mOxo2R;;i1}MZCoA}K_a$3(XZUi6KVN3+6*Tuy9Scq#9!UypNw`=1y{&s zNB_A4?#N74*GxJU`~cwBej+xrU4Vy2&{cE}Nc(w$KqXf*|KzbII3)ozb@;wU=7_L%Rj&n$BQ~3(KvR! z8$b|d+l76FhToYi6xeF;1-_rJb5rJfl$~3Kd|pU)-CEsV$aMGJ@83s(KN#Jbcw633YZFoIHCz4cl5uw5&7Ivo zA68m=xs|?NFKS}$nH81Doybd(i;y=V&qPjixKEr2+r#HY9nkx9LEI2G|K|DaG^%{>jMF*&fqh;59++DxBmbqa*qqA!b4r{{Pf-1;3RVC9% zwWeUsjP$occV|ip*sSXh^G~5S3ww}Ysa`J;a(Ez&HTY`Mm7MK#ZP=oTmP6$o0Z+_< ziP|_9N@mTO849dpw=gXz+uXWuDg2ok)I;Y2)eFR(VQEiNrlpL83iozYrVqx=&5c=a zr0vrr7gEQ@US26UJZ#%wqv_KySQ{<;~9-lWQ}paFS}(*;n@(P8V7mXhEBj(t z3jpPuJuf|)0(5+{F&+>ujcH`#7OOA9Xa9abq7%{8(w+K-|A8f!CBv7sYqjV#uMn+(*fq_qox(SENijP z2T;T9vfFZit@^${x^R-C_rb^q{@F!4a9B>`mUZ-yYjq^><;f)g5|~1#=Idi36DoMz z5PRS`6rRqg6ttvF3#?I1F2#nc06?(d~~e1 z-<(7vuSI+;>ZSJ(2yXqAXWe1V)#0b$MimWX^^z|+|K9&oQqHPEG58ZVM3Zpd-Gs_n z>bTaT!E-^+%_;qiVphVWQK#-f4%1V3f4y2g#L>cjv)+PHM@%@j)s#MIWc$GtbMuV0 zbH!~|^L=%HIQO&J(XV`8^1Pj6^3c%Y3c2JRzt`eIarXFf<4nJQ zKZ_hJ^Xw6##ZW5g?qkR)iK!MyxIx}_;Eh^UGOu1D+jPz@)O)j z{9sG{y8>f53g2bHW!4x-QiZXGs`h2XVn)3?IlwWIo;w+*uqKo&$aZjQS*97_bDs>c z07w*aoAE^(3x-JR64b;^yWa*>vP_*OrAQSl=VT+x1l)%d2A$)3N?y-vZ( zsWFzGHq~0fcy3^A`;;*uG~uAvuwfMx?Ep#RU4j<$Bn9;%`0RS>@}o@`0R)SkcspQ7 zL}FYeX@n{E>o}u*P&g9pMMAt8?OX{Yb1cOW`QBOyOH=>aHgu!gr5^v!&Ha1E_r)3m zg?xRiDCW{F%dulN$TBy*ny8Crb@+1@%kZJgF zkcpqijDq+qyyl}-$Z1(?o?O{n3EYly{bg~GO8Cfyd}Iv|Mei9;E7T2+&FMhJ$vX7@XMr)o)R3C3{U39pLSt6>LU>}oI*Aq{T^B+riu zxHSu!sPWn2d==^n>gXm75wR*_CpyiV(L&WCCT&nhS{q=-%=p#<@OUBfkS8`m%B}1FuyQzZJMFlDyB?2ThdE?><&g8zi znMKyfv@_*mmr`b6@#4-QLKGi!v4}FF)=uyc8_RK_%V!$h!OJ|J)!D)~1R^~3YjDS2 z=#?>79ePB?DQ@*?%_!IrajnBqo}8_4E$^_=RX#rw__A(@%l2vdtbwxf1LqZXm9@4g zd=-HhSdxRHvvboDFEoaEOe9NVCpT>=p6bOTc?RrgZjb{;TCm^Hb4`xtsG0K%F zE94$Rs-l`G*UJ6Hu3-X(*yrgtb&X*_=};lKY-cx1>jP@g1$c=+@c?)ID43hDn8)va z?~xnU*Kfyh`=luCqxz2nyzSQ!eZ)@B8pHvj`LNM@#jX?UmtIU|@xGQvy^TiOql$}WCr=uj5htmC!Z~nJyaSWC;%U>YmoSN$ydv zd$V`>yGz=UT+QoSU-3SN7&W>dE|zjmLa?*6P7LR;&WG25D}x%U$C>6yB2cZs5M_nOVcO>y074 zRKMo8%r^}`br7&>=5srY8{T4rJK>0M9RQbZ&YZ@9r8?@q(qVR3Yb6sgOcB!_VeFf2 z3jqZsaFDxEd{2bZ9_pRw-ljF$>_2Ba25|#ZGqVp(VfYC-Y8!?P% zrY*5!H>!nP<^jPtrGeM1rz%xgSlTZS#p8DN0i1p&sbqWiVx!a#)LNFes(u+yP#g!L zm4SL@iUGwsiy&^hohK|?%U`wcA6`gKr^tq%XTiwNlh_wnH0x9SxP})9uC0K>G_j7^ zB!n=dn6Ah)`rFlf0rVsYhJlw->pj#RmVpk z>bP~FQscbZx6#~g@T2<^FN|{LmMOMm(%CqR>}w-dJ}ps6l)*Xv`(2SVB~8+we`K1m zSl-*n8c)sZH|!k-Osae~iBBR#-=VfJKN5s;nv8xk95*nDMrCNU?2fH4>XNPk?)=c~ zdsbllc+!^OL=tXEg(TTtii~ShIg$e<$y5@}f2o~PFfL?Urw-Mao)(Z%M8M&B zOC?^r4ZmQGi`%ts+!6W*=Zv3wbDzI%3`v4xi48kMbBiyQ=*CKt#3}}-bg4XuKpFwI zQFFq5HX7FpC9BY5VMWq_8lt`-oA!Xnj5Sf>1j!v+wQyKp#r68-$Oro-bP$UM!FFqRvA5;I}M?}MDF z#%8~FY;-2|iw;S@%pq=OL^_fO*f41ZME(+GPo!}~_c4*4NTX=RC_8dd zXBr-w!WA$G?_uITmYKx?7UhUPQhhhdC7pMRK{!|1d36jOSgwgD*}2j zuPB<*azu@>vl6WmU7EJ*DviDJl{?W)g?$MjPOew*!n?OwwUJ)n{^wf@PBDt=^u`iH zAK7$QSs?@rAy=BA5yRkArvxwD)vqlp8dbwNY*uDEPv~Ds{JPcmyM%I$Ty8mvckB68LUD6N zBLINQBpuFgMrg{jTl>k*hC~fFnA^XN7Ai)~!otb<{e{9zjcmV~|Akxo7ffD_&=AQO zPTWL05qjZ(o&oZaIVwL?F-ou<+ILxSJu0=GF)|xBX>#By<`hG$hzcXX5qeXQVR)EN zOb79@d{c1r5;tfZj?)uk=Kiy~x&&np20?X*1c<#Im2OC}j-#>E(v7Z&3+%`PaBt`Q z`;7%E>)(tw2pE9XZD$txPXif5D$DQWJpsZ)T6(eu|2OFzRj~TQu>!1y)@1#r>-N^D z+qdJ=rz7IJBUIY1p(kTw_KN5x@!7p&IW-|H#bum=Re)0pReK{G51VxW^&Wltn{W_* zD^mAwDv{y!GzZcf6seUzYcC^BHlyF)3iO*bR&e40<3GTdQU2BcsZe2M`41RAMvnis z?$D5y?Vo)Pr0*R4y|`klS&4d*jh7fniP$Pxvp9wp7uF6@4*|$(*3codKWqAaw9-tk zA?U*8*TP1|((*0sxvA}>#v*MG=LRkwt$pWc)%s-Yxi?+CkO~yRCo+0C_yqzGBk+_+ zgBg?AH`Vf9J@URzJktooc#qUMeAUMrBG2!O@S7b=HXX^9ct>|ssxkJVNtyii5RF4{ zl#D?DpvjyKM^i65b3v4QKjJ$UU9%ego;nj?J&Ie_;Fy6_&Mxtvftet>W+nvhrf%gz%9` z;kbR`^8A@;B@N9PPHowys0F59x-G_iBT^3a?xe=pb6r7RW(DbS_0GOP93l zpr}_!e7j$Ua`Fkq0}(H%Fd9p=1}yr}D&nkfVLGg3bez?7Lt+zp)f+b3*N%-Zm# z+2kGsDpVFkAW-UWVPu1Cfd_1s`c8IT^;8L?ep1zJK<6Hyu&)V9B4qR*M4=hLi;deC z6q5EIcp+cHm&qr^vy@BZ1N2o|y4c}V3FGNyXeRSbnq{3yP~g?*o6zEda>BMY&Nn3V zQ<*06)fX6~PQd;&>4;-LuuMNa(N3c`XLn15eC#x39nCv`R*1J@lWMOKZ;Fay7&C() z(;^q8h^J#$tw{1Pdscu?-~oBHB)Ce0pE@2ihjr(Z@5@@X2kLz zMk#qWC2%V`zL)zQMsX;+ZThSgGZ*2WKVg>SwfgprqnqCJe={`zfHkvpyaSrC53iOa zxgw(fYTo0EaX$g;O+F3a^G0sD`M?JNgeFm9$d^^&9r5mK)pF?CKgjIV6wovvyp8j0 zjAmq|=`P(i)DH!KXx7fqu2KrN<-#>sBrLTinFR^Vw_gMV2An=IzYFry;pTCG=D z)+!jS9EE{!O9r8pAm&*{rZF~Y3s6m{+Eyt=fs3YxX|0r~(pgu;Wsg%c!xurI4e~)E zm<_WR9C0Nac~-bj^RR1|LeSc!&EZF8EB(}~sJ!r-AkH|D>q}`dU;Ygn-yE7?*|4*D z5jEM-LYcyba5x^;M05jn{w}5=H`TI+L)#D&Ytlt1N4N5Akk#gJ50qLS*sV7UN9(R{ zAg@$bv?`wB(YyA#P9J$6e%@_nfM}HKd8C+3!4_5$+N|6kZ0-yTsm){l(byIyWHri4 z_L%uqo45?;o_s-s8)Ag9m_h(VfK?>XsnrNIK%$Bao)Aw~3iuZ{?6ae?&|G~<5thB;!6O2a*lMy) z96+als3BQZ#RxSJ8j^N*qCh$BRR%$JKqc*qjlU4es5)Fnhq^dNl+q<@%2xVN>alt1 zv_Th0@3@DUpCsZut({~;?g75M;E5;u1F-L|>h{-rMF8Vk(DxerFh3w!=RDdmSh~ED zps?zjL!fLTxJB7Y|Mkyj3sHcL8gVn)x+uQ!D7g5p6vQGjQZxpwbOjN7b;2@TCzrTd z#w#R}-X8Y^fohJRt}7~ZhjCULf1iUtk5Tz>os?ioNGX(Z{=lO%+Fl4D6i?5@^%%JE zslbCbMO7R)wQH$BGJ|!Y*xNi3+dnOJ-dO~j2;1r>o^(FHjxJn2etb4~)V~;8PgcY5 zpxlh|DoyEGoJZ@Lf5aW5*Y8Htg1Qso} z?eN14BE~==Bs`obfuiX7hOq|Y4(nnc+?j$0X|{=-!e)`ScNHbKotwH=d)qwC%$-%` z>=j3An2?{`{j1Z@*7dLipTDwDm|njY-<4WekRKMqOnR55o;g$~64~|ozXYH$11C6D z?hCiz@{e_ySex8ZSSQVF!Ua{mF(u;x^risS?jT?f7v=+K?Cbrg>JicscLk?3_Fj7hmbf2Hr0h20WL$b=6vIysn&qP0jGYFg4mqH3JNI$mMuHuWO77vxN7b z!+|`QJl{+>aXEO!ZUbYtu1uZW1ID<&g8G+60M^z3d4W17HP;yCXtN|RuG+Wn{`!sh zxA=UvJSWb%PKS<8b7#JUtp|I2KRr0txy>RU9z9AA@Q}o^Y97J^kq+U!JJhVfd?(|q zxY$Mohb~PK4@39CIsvcO(5R=2PMh)uW(9p?2fo+DLL!dW#{q;-a#|UQYBQHnLH8ta zD@!X=u$o>})!jlFSAImZ9Mlx|>%4RCjhXf19%RtE2H76fqb1etctPr6q)f_U*Dc$W z6V62471VozjjAQX9-ToDgiARS{obg(57Sp1#Z;rVSGvBr3f?)Y8qZ&ekrPHyeSZh0#3~_jJETW3O_*U-eXaoH4Xh2KV+29Fibjk&8U3dT0egUf!c9r(TyQgsbZNJ>~7@LE=__{C{b)S4rn$zLZ0Yp>Ru3~O| z9l&9;Iw<1qqc7fJ7zJ}zlR#+uK#ZH#!gKC$3yrF=$0o5^2B4|Y7f9E`u}hr=dX8=M z3|JP|_|fH`_3MZ^R@Q9840A~=I26}34DPN=8nF4?b?eHax|jP6EB;*zL)#;>L7t|L+!4cD)iY`&dQ8-KnEHacP%0l^EIRQgc6M{1W%Sz3VUb#ASmLV;I4^r>8FER z3~U1GSnBD|9PCV1c)3GBQU4*i*R?>;t96=AxGk!>_@yIRX6708!@i{aDU}8DS6^g?K=-N_=S>)tHSQl-aq5L|wV_)oLb$mi) zeK;G1e6%DF@z78*p24T`JCKC5t5n*i%#`a7y%z|Pe>2n{1xGD2X&q&U2QsBMPWtfq z)k!u#gs@7^MS4W?|9#nB+LzqEg}9C6`THP}Mw_Vl-XgpdE>dkiFjOmB#_@L+>Q)eC zgCOf#JBK-S=7V%eznMt6*KA9&#KTYTX$PxE>NX9TlR6*82=If<&-L(Zn zoI91_{&%J6ZO66y$N=2hqkB*brX!lX~d&x8bw zdihD>Islh_0yHzx5LX%8obrTyhCGScJQwihv1F`6apd99d5h_s_B9dta^k`*e(Bh&}0-sX!$?< z^`DTW(;W(|Hy{13CNpUR}Ek2$jyI2v6?J? z+zf!vaje_$sM`jFpd*~(sYDFDV<1Bu+3%!MAqqUQM6ZZ(93BxcxKv!Q9(iD%cG)N& z>8fZwe?2{}bh1!zD7UQFvA=4IE>CPv;u(Doeh){UVaud1xGwy7a=gFVXd$*OdCX(E z{JZi+CTM@y@+?5UMQUh!Djz?)Mgu3hw+HLRC9ZF_1wgW zl~f5AO}94;bk4 zte$wedJXJ7ILu>rM*C$(ck@*&^xmPWtfbV9uUtVaFC$qcj%3~~K@8ju=?=ENnsif$ zVnmW4mv2rm>C4X?j7i&b{I<5c!l+Nnsf|*qHxMh!+A>#G#GG0C8Jrm-dGvKIi6K?C zvAhi{qHyuOdH)*slHHb?&XG!)6hO~^)tF;p!zW=Wnm#VEL7`p5eUw^#=oZpI3Djdfye zq*ZLfDKMHSiv3GVy{=M#}oh8HymVJ5C9`v5~_KnUa4B_6JDMu2Kr*u%X>{?*Oa-at?L zfFA7dxs;~qr7MWFt@`p;;7JlAjBz5NXZJ!6Ewd-ohUg%=Y5(vR;N$66$;g*dP?e9+Vy}5%XMrG zWX<}0Hs38ryqOyYmbm@9iB8whHg3g*`p3}qNauk%Jp%hXsZ+Ae!m2O6qQ^}Q-dc|s zhf}=e4pwGNi6<>5D^q2INj`#nPx>XpwD#A$I_I1dZrJ%m-e+M(`Qiv=sh{2{g5I>)NWAl25Yxw?P@-#F9bYxkHnt zn>%nQX;C1ljzoz|{3ZE6Dd{ojl5zxTB`k6e81+4~pS30JJ<(a=M8Dt%!)`>~6yuAZ zsm*+||5R_W{_pB$GNyLs&K3lW%#8nSN9QYziP#M`l&ufy*5rWnz0Ae>A!i_v)BG5> zj9vwk7}~{D)hH?MuXjDZ!vq@-rkrSSU1#GAB#+#%lf<+EH{rs5-v<3QyxNzwJ(4*Svo-dac8}=dR;YLY2SC0-_s?0Sf^|rAj z{o^Ela+G5v5qPGUzEH?yd-B{KgvMZde8fH;)>C@^KT*Ml8c-$1L42~lnei6neKPGm z*K?Xxh^8DxD$i4DC`r?H0Sjl*NJ5G7@Ef*?ZTa%fBY%TP9Jv{YL8C{1W@XJ*Srrj5{?(w|*~5*?A2Ym!OL2F1`}(>UiCHm+e+nSv zppyd^Cc|PZS9$)rWS+z#To>bqfFW30u$vQn{aVyWVJdx$BqtO)@WV%$H8hBW4Ou*z z1vn(~2s^MO6Nf0nn(R4Iz#J>_wG&HZiF!7mq#p0y+YIhx7(g-i0u^zjP{~ZPRp<(M zTdr&<)8ix?!kI+C@lU}N!e@19Qxf)?KuR{eESMU`gHm+YQ?R+Q35Cq)_eZxulY>F4nGAeDWaK~d78 zu~AU=)poAgj0+=N#2R7%rUe#wOwCyzB3WM7FoihV9`GtFe}v!dk%1&8oo8BeW9&W$Wd~gYjlLE((c!>@n$(8AVwbwl8j8shls zKG-d~ic}LTl~x^A5WRXgSl}K2S<9cFOt4Rg_^^ zqz98T0>QV1Z%{1@(&Ro%08p1cY&I!t*x+>V7Kw?$`qo_uA5(Bg7i`~+AQSDLJd)q3 zM@$yUb0)?+x9;wYtAb%*^UsS4P7FW9n`bkU5Oz||0tFm`*wRJ}SBnd(kk$33gY!J= zkerM2ylolgUMln}^^ME*I!iNQ-ne7TH5aG-K%WE3gnX*h6~AX&e((5V_7Y4RJl)lJ zg6rZI_gv|;4OG=fht+PzSROh%p_94ZCU4Lw)p@2e^1!x>5{@#57J6n7fD+z9Lb&G; zqm=-E+#&jt^0w^}c8~)WH~=x_Q)MOd*L%TpYRYrPE_KhZsbO!1EvjW_TH^MU5bkgB z)-o?(?afB(BoK1t0TD-=#w|Gv0cs8@rOq{{d>DzC+t9H~l%rGtIPa>IYHF z7U7s#fK z1<5YR>z0FdLobDstDy`o<#U(PCm`z~1Ng_jFbC2x6T zC3(Dv1HeV^P{~}x+NR^#kTo)u%vF4$RT@sbP=n1x)I++Fb8ltN5%o7RP15yF0pVk- zZpCHNWmwCzn?;G<=34DIrat+u83oD;eyN>OqVZ@QK&HCW7t49^Su0h0UnfqhSV8wy zg7rFMX$&Pu#g>cJv*k=Sou}=Nmu(u3fDA<@4=ahK)F~^Bp<{2E%AEu-RmStGs5@d# z(vgv@i7u?>Ct;Me@hO38B1C>5Y(kDcH$cSyO2=M6sQ;xeqJlI3(@+bj#TwG`{&4s2 z?R8O)+9-!uF5i_t)_Puv+tHoEf;6df$<&A`pw=QzXIyfjOJ}^``p2QUtjG}b_D&Iv zSZFUa#!1l!fg%RMR5h8!;>T#kM_870xZR4?oY;Z5H2WFHg$!*1&xvM@wL;w(erbV%MiH>mM9Tqef#v=v-o*FPLjvVwjl+l z@ZK?hi=?&7#Gxgz@LDjTV8M{N?;4xA(c^cX$#H3!8L9%MH}kn{ zt28Sdv1jyfuB zLYgXL{pp2@?}iTic67e6a?ns`hdqV!7LA%7aO7703&Zb{8vUJsvnb(Tb=&1uKaxts zGQ>8-BE%<&#Z?F^5cYh>>X<*aS=I+Saap{J_>jLJ31R(<;kbQ^7+#j$+VuUhbJytk zd0M*g+u8JWb>p9UsnFYRY4Pj+nz%ZlxA@vG$GJl)?YG#?#5|XB&mB!9B(g9m@Xt2d zE~!}a-rD*;yUy%@Q+o-!xxU%%@_2JP-RZ{C_g%T*K&xPmqm1c7!Ro7!0XDL}PMUfY z_q+OlfX=1F>*Nd@f1{xpuChyTIW^8Ql{?_M6>vvgM*mxdPyF&{v9+L5CLXp8ye`6k zi(FGvh;hAeH6oNrb_nB)>BWRs8ONz7dNJ;xw#10HyOw+ni@@aCa}q20Xt;`%1F6Bk zq)Ny&rX$+=bq?4vAO-Wkjnk;RBxGQRha4~UhrCm$edBZgq((>G$qi)#?~4TxCIlR( z9nWkv_YrJmgp_s16Tw944fTorf5;;U?>XT}$_STa9sR{MOy#v~aAeTY$j>FRtl{I9 za8WC;I{PI-tSQj9hi+L9WYMUZC>O`ORCg`Ixz*1MN0||IY{d=N_Ru0LP)Kp4z)e6g zKqX6El7{YCfN9bwCPt-m#4u=Nm+3vKf7L)=l2G%BOf13VOvT4hr$cW-g2vdqnv#(( zUHmhP_^^>y>PN#9iOhr7+RYP1kJW2{IP(-l@1jA}bYC$lPmTM1-_A~QpvIA+k_ltE zCRiLWF+_6+QDnGe>dkTdB~as40M4kXge!wsz@$q-J&SVDSyOyPyg{Q=F(Jt45169c zPztw;2u`joD&3!~DLqhBnZWP=dRCMg=U5~|7R_=XLrrWu4!MnhmiAQoM?fL0RYRgt?c1(%e7Z0=pD?t_e7m9MC(4P{0j^sh@&_%UKJnD`~NbCqX zLW~rA*d&82$xl!Di2eb(CTETJZm4%mVVv!mEiG@{_;r_&j3hC=RI`Y4-+cHP{7OSb z(B_&5A-djH10YI>XjeWzNEPqFmT4eWkiVOIjB)^k)oQf&)kh*E9qufKbXy(|rBC`d zIUFdE4n?{)GOGqj)@f;%+>l(;5QplBYmWqd7q5+iGVj(q#UK$mGTT$JRB(&+&ZQ|8 z?kr{Z8OqxBEX4`-P3oZ{$cf+2<}D@9OyfrNXoalYb46`g$*HT>01Yor-M;$o28zFQC59)CrY)?Un|iu_M&$|Op|*=)7hg#waP&(iuL9(Dc{x(MdbQ)Bu2tHAUzTV3H+FvJm5D!tw(c9~97> zzN~bjX}CMx`L7e2a*0^lw-XYXq&`gCyauTvdg^aeG$^6gKBHsR=420ATzgs-Mh zbz@Qrv=LDDhj5WQ{j-#pCR+GWej4ba>b#3yl2H$d_H>u}U>-t~&Iv2!DKSZpo?j~& zXcTna{q{;>r~RIvbY0uZ{q|ulx6^lS5-gf>vy+)hPC~P++|rGJedfg#;n>D;{wk!1 zi#Ghpm)_)0kJgWSi+LJe>{u9Y)&S;Z&Dq|mW5q>oI8MZ7_c`a{F;CZOVHW+$s2@k=|vmTXMrSddUF_HVChI8#LiEBY}$1htbc2yk-U=z<2}xm3s4D zw^P5=i}hX4K$YzlM3j%e&@>$mbJfMs>Lk}l+_ zWn;dhVs7Y*&bKfNS-)a(Mzct@TfPu^d&yE(-MYrc(2yPjKF_B+@vTr^)OKI|aDN)O zJpTem^dyY%)^~3Zr_UpK^q~*uxXWPoy6uJ~i3lae3l8cydD24fV5##C&B(Tv zrve~DTpjP|c;7&EK~e5Ug}YOp$A6r?VHUE6K@ePZ7^El)vc;RBJ$rcN+vuz0r|4D| z-5Y@!L!}dbu-gmI^#w8EdjUcMO(tYIj{zb6mxu;0G#%Btdh(DDIQqeM-;o~mFGFJN9e`G>C3^@6YRjqvFmz*|=Wx_>@pj0nk zFI$fdQVWWD=S7&C7zZ)o?6fqrA{vbnClU?`lSxpjg2VH7E|=gn2L!)s(#yKsMe`jc#{R%O$~SNyD&k>4G{^ON zC+K5*VKA-f=Vi)e#`C>3kEl9h9MlPxmV%KlvbsnH1$Kov^rsjnkH>IcFTm}ibwr$;HyCz?j^Tc^Elez<$SdY749~=Ik;-9mBNq;1;>w&C=hb8XAU+d3sS}USHR$aFFO#=Rb^j0s>x(c=Nv!6J*&S0&&CbmD92qQfNb{Bv;T{l;YPmq5!y?9E55#R zD(YRtb%i;7pD2;n=ikwbGjGx7o8gbP|9N-ujAYD~wv6kh16PdP2upUs>34L|_1-R% zb|eyc9iB^flJG}}nR78&Twc*1UdZf;D@kHjaiL4$EpNvWp|tYv6>)AWr{lX(0d?d5 zu|);dOcKYjJuEE}4EEa_XL^(Dy@@-?f_|DxCWx`B&dP8@}xS3t2^ zo~{_AfA`3#sm~WS0_Nl}ASj0dn9hn^!M&8A(4(!_)uLIc*?sDxtsvvYIrmrxn8twD z_gXht9Rdf8-F*&Y9JT3Q5Up5ygJxrNu431ETClFcx2`mKt{|%7VyiYc*jb-^5O~{F zyCLajvH8fAu}Yqj3UvCq(92v2_WaWfNKm6yf*UPc?~*eD4Soh0yrXeN+^yG_VyeFe zVA&kPEo&f0vMDSsB;bvjN-pN9-CIG3U0F{;=iHFxT{QRAD3fG5CcVbj?Z(jTn3MK$ zs%74=wdTs}J~Br&6?KnLYs(#)Ek|3TaLWH;x+bX@BZ64dS}d^$8z9{;htynbP3RI=h2xi5(G#Ll79h-M;D|D{vl zED-=}elwTvQPqGRavzfabsTS!DP$iBOpk<1J_K+KM|UtKbfUZT#0rGM7n$>rr_0wR ztcdO5vb;{EG^PC*EFss8RJnnmX>?0xh(RKA`}Rp0p@ zoW}9}nCc4$?S2q`(&73qW76b0hhg=f|BJDA43aGFzBS9XZ6nLJZQHidWp>%6Tg#ja_zm>epbhTxPtC-8W_2+Zy45Y>@iA6^#B|- z{sqyojsjGx3qAm&M31J~i)}qd74axxh8w=L(eo3-uH@C5zD#^hM6{7^jY@IpY2K_Y$(A)hs36;mHA$}R zz9)51sr7i^@2-p(5k1&QIYIBX=(#0Z+);@^!zBZsB-I{?qjyN2Ae0>~-;RCUzC4DM z-dCD$VxgdGT97%H4{{L;tj1Grp*mVqAUd%89|(w0oKLNZDT8FCB6VqFkU;Pw-R`p* z@27!uT>fTg%%~z6(PN3UzQ65P75}!~7+BzN3RgVMb_IjeF0bb$+pKfVl1p}N$nrf3 zDm2nr1cBY$Jp6=ClxBH$ESa~y64pgCi(uv7i&z-7{-`GBlL@4ak2IMwO$o&^>a7@M zRIE)ht5db=H^$AK%RcB*ElC=X{Ch znBp!$3ERI?_iJz@cjN{q*Au_a1j@W6jA^KFcYTWav2C;A`{k*G29>$#6<9vy)RgtE zG_(*Zx-)OBF$x-^HH^~6B6UKmJqauL_j6!&_(IFIA0tC*B<1B|Q;Wq7G&kZTxA zRO_dHti&E@iGPAA*Q8i~Gk<~(K=ZNkW$j-{KDM5~9!s{ebIZIm9{b0a^ zZJHE-*FZx=XdKm0bs8_du6Te81G)iqyQn8os@jmk#Xxsw!C1-hHxN91qM+}Ql@)%i zB~2cZigRGWBN8ywM6kQjGK@$#Hey?a&g(H7p?m3Mz)#vfgf>*{3ydlO8A?;`CG4?k<(hJ`O4|iZEU{C$`xoqipgI z5~k;u56z+&SZ8=)71Kxp)jd}e)8(n-tv6X0AgM#3YeG4yz_c|xGLlZ;tV!?|7^Jfb zVu?kCw%_NQ8zN5%%Rcz1nkcpIfjCgSbZ4~} zY@>*bSDf*xX`i$1u8I1EBX2hW{}(sbCEysc39&C)U#Kib$KCEUKcJqTDJ>jQd2$tn z*RDqwg~FMvRU52m8aAMBlvw^)-6fg^dcIU$|8p@?h49rK7!NpiXAC^QW(kSUJI}7=H<6n$Ad6W5br@mI@3A2t-g38J1Uw9jV8Mt1ll`9HLHmN5>Jn zdZj)#m1YD>YsHY}^>M69{K&w04lo#Iqx-g9Xnyx32t@8jaQ7t9M=0Vy=gyhdZTx6) z#KO~mS59}Mt{;a&Ik|XMT0PKW3Fw$s-og zKb_~b@8RPQPK+J6@)W_DESpQJ!yTOfiMo=XK++9*#GlV}_EF><=a?pl##4MHMktVT zUxWZzj~WcV@BE}TaV&hDJe}G*`pbv0sW$c6W{<>CKl0$iEG}~ttN-cN{{;KvQ=Y88GeIg%XB`*gP)8$M0_wa2%~9#r`iPAatQx%>#U zYX~%dbyI*J2F-j#a^!y@4b~Lz_!j}nU6H|NzjQV?d_{!HYN4}#Yp{&g@i>l!q&mOA ztyB-ra2g(H$YJzw!w4&_U-YvJ>zLjaq9Q$gT4+#p9h zn8jyVb)jS7=b$i3?+|LYj9hu(_SxV@_-F1J{`qKTKt^%_D@$ABeXe|+9PND0-1`P5L8UJK4*&R8jllcv7%;_MMqS0T;2{8$ z3iAH|s9>?A2{w9PBcgPjOl3N{w}G8UrO#8eT(ALKS9); zja1@H{-%;>Rc##7Aw>`}(8<$iieL<>B!}!$KinBK!M`oW)UCf&X{_#$bu6OxQjNhFv95$Ytu`xtsfiFNTg1oC5E*HxkC2NdkmfIl~6^ zeWVf1fkU9EnZ2g{I(cZ-r^YQ{8^-LGO85T1)9F*#negDQdjip-69`enWIUkr)32sR~8;Y1x3b^Nu{oxFJ zoI?G332CJ+ZrnNQJUOz7A})YwEQT z9KPVYOftOpd*GT^$YT>qkg1KzU52cgj&FlJz@5GC&ySsfHNJemb%hn6}ELFxxrAIz-C4mpO4iJ`>_AFjspJv<2cQPr!ILrx;L zyGIXo1s&4q#ke7^((l#jM#V-=A@@YHZkHmrGPr4(#;+PM?s4MsvO8ERp}Wq-5e7b; z-VL5XW^pr^vkOSJ57KzB3NTioHUye|#92KB_!?@}2PzrTl}RL$3`aM{3i70K$^BtC zfvnP_$6XEizBj4ougA>uxu{tD#qb+FN{l-PbI2QU`7&!BP?u?zMjiXPnHdASPIjQ4 z?NY@~u2)1D4LAXhh_9RvV+XG0Fp3j;fAGs&O!4WZ$&)$#{S%S|^HzpVJK=-1=x*5E zdd`ZV9L_y8Ib~Jun}bH#7{h4avYXfrM2p4UfL=uzd^Q>f^nM^8;C5bl7+ z3_Sd+PIj4kVguihWAX`Ae~>eVPoi>gbu{Q|PI~7#;kaiu%{4eg_=v!+U|nrqBHx!= zz>rup9bCR%W(F>QPKiuk-qJHs5ATv=m)x2hBFtg%G`#nl6m1YhTR0|UerKRFPT=e1 z%%8@_b|MlgDoY@onVIWU{xC>v;_uhB^2`{5{>p{2Jo>IBkA!&XO1{!YIULVuxBE!c zWmf-MaWtLAAO0m@zt5|d_E{H7tB>0az1i$;;)!F@hJc%+$FW!BjoA3iEM+c2F@gDe zrG3@;Eo2Jb?zVP<-pt*_-G{x*7#Mo?c7|CWzVtob~YX**Vzjb5d zQlAW#9SRQ3C^q?DPE#$;QD#IL0iAB5ew89xUG^s0{(Gz@1&ODvcH6+vr3folhu_;l zp$V6kT}7j)=*PrHV<&Xb9zo`7${J_=SpmBRU!f+$kyzru$poNJ(D3KkVYsQr#|A}R z>6A`0VCRQ3+$X2jvQ^$=TF;h7M>7I?_^6k9K4v0fr?-dIVgBJF!MTXb0}1)5`A=pj zfGBy9fO!Ev@mm~=AF%RhedIK6D)UqMeA%BfRrqfiSOUk6rHIg#!>M9bTuIJ~@U|L?833ipD}x{2Rv%ZhVly>Dw} zNV@Dgq6Fs)1(>Y14-nhEhi0sx-iR2LE47^$>cfkHBo*n!X=V{3qV!3Y4aESn01Mr} zCcAZuJ@}-^c_Z6-+zj|0z90umCFK%v^uL)s1)clFjhpp%QPXBXx4Sb>)p5K_A@wweif9$K;PTCiJz4QH>7eVCHT}SGL-v(@ z)mseRR07FW#B`Rx`v9C3)PRZTK||<3L-3%&^s(rHuAMJYAu1n~4u=hNt1>Anu>5-ve@T)(>g6r0M_>p6)O zUP*v8)aXXtD2s1G_z*u9M7q(ev*0IO(U4Ih?;KL%zvE^+%u;78Im}OyEpv0U8fvKQ zrj&*3at8&>lj1DM+Pmq9;wLtZ7aJo`S4-4z;W@0t3q@0EUUU_hUKuIw)a)z`r3wr)9m=Y|F9*)lk@p zwwxl1$l#|*$xlv%v?kk!<|=mODgUY4c(kacrvSCeg@O6Pk(_XF^0|UR-g)KyAb|$m zhO)U4dNPIXHy~Rhhmhw0F$CPn5c%#RRt0AGCFaIF!xCVbAy+MRxI;f_k6+RpRoFGU z9`(lJ!N-9;80hmkQGbO+7MWpG{v6&-Q7vzM0MS^3yZ(kG7pHdr+DL$>E9{GLmNZYE z3mb-1?O8xJBTV^rojQ>|Z1ku3C3x8AWFb*_hn-T;$`Vb!;vbk?CzuZMYskNoH?{N+ z*>ZYn0%o>2C!O3p12^sh>sm3a-pwl&q+Y(i=N;aGi3vTeZ5>ZBp}{* z!udHWO|RoCaNYmCO=j(x0AquTSz_nqt`F-Q*s2(#??0$?cBcPG_~-nuMR>KgPEuhD zieIilf1zHpx+`eEmy3B9YN+QElk;_=srR z-M8b{%xIirwddNU&h(5I2x+7ykZ`LY7G(jnKGiPo){7|^dQ)7 zoWk#Oo+j!4v&h$u=v7`ZrC$mD<%dCTe)2lYIJWrtEQUt+V23t(cBN%f^~nlvu;`m= zsmnsGbD~xIN)!LD{0&>e%A5d1Cu}~QEv24~h~TcQTKy+I>qJ{xd4GN?lf&*>iYb^y zk>T+;vd*gwhW!(Gu>0AKU15;Uz<-cE%)ba>`j1AHnErwrmT2wuCrGts9Ny!8D_Ec4 zC6x}{gJ_;es}qnNyJA&SE+m?VeYi7NIiiEq3DCH|DGI2eEvi0oTP zm-^vzO!^)S*4>Dbcrxk!&Z63$cqLWT2j`ncBiSgrkWi}aPbhT!KL+0cCx-D|>Xp;t zD6%+%gYK=#g_|)PqdV}_;L%LzZQG>>#

Cj8d~oj~_5B zK6BhA@VB(xfZRN!I{yiL(>$((ckoa9E{0&dpm?30utlk{P7WF17OgteMUQwb2_*H& z@k#n1r<+pgq=ieP$*cU>LrTNAz zKMn;-fP}XKQKHdwn_HaU|FtGmP}C<2t1pFW#T7cdcw>WMzi4OfS_P?srTtRwea8j& zsMwwftKg{=EY`&D0qjg->SE3{hN>7V$bOtfy5S52vi9HJ*tK#Y+ZFg1pqtFgb3m|zQU{C3!42J_24yB-W7G%u+E#a zhM+&4W@t#QHMt=BSwYc92f4KUct1>YvCXXginQBM2hk}aK;|$aw%hy5c%c$40nIH1 zelruln^bFsSFKzEw(k1^kjW|8ChR~lJ;Wh>*^QnPOQzgKI9xIW(*nMxq#fxDO*aqF z0irKuoRz8PcFloxXBE$-qEx`DOX)uVg6z^(lXqXW)`l#L)Ob29>=X(W1l~}tk<^i7opEO;mEltUk)0(7 z6fBtALF#WV9fiu5XLV^>uceN|Q?VXTL!{EQ(sW7=1T5#qp>Q6O&ljU|(Eb!r+*gqg zR4tMmyMVL*d*3lox4^@(nTzLwJxyxonqBR5!HyD&o{Y8D?2KoVPhHP4vqZK!>(XtA z)NeTuZ=V#1ShqAY*KOdh9|SVa#9<+AJ_5-q*M+$qajYk{2^6OW@B8fr@^y#giQjPr z482LBeASz*)$>sCnbMDu`?#bev0Pbgh=(|r5h0ORg;hX4{C>A|vd3oEB0TXm!1yGHi1>OjO8ml;yO%)Vi#cNv^$qxvkFk)7)^A#RD;2~m z+KvaZ3}dl8j#@C~^{$TBa<#V}@GRa)2^1*oKW}BwJi1yPw1`}5NpQ<7`IUYm>itju#myV~3^&yXBpc}>Zpy_^gGS{j~$He-#Ib@nk-tRvs&ZfrjM- zu_Q`4gjk4K+)!X~t;0WknouIC^VXKVgDbcy6^6aN1FJ6`8wl$%6{o|L3;l-RkYmoAUT`8%dEhY$97)-{3FS7C5!^;aJ7p-v9%I)t-HMaF@FiKs(^oorOi1`e&T<>c7 zMeZ3k!n@|X8V8=JFw*?xQ~_?7J98ST&JAH^NFEUxUY?#M+=aPjCcp0oXAgmhWaduH z6#<1W?sHGpu8p0V-Q5pH;%8Bg(a58)8a1p$&KTbTVtt`RfvY?~Ihn_8yN2-UD(7l+ zWpM3f*YC@T^Xq{XJG)<7M=rBUFV>I_K_lFa_HU<=<+80MxxeRoD7CX7O$yr|eaj`$ic2TcGPDTGh|uJ|*_YYwT*_+Qj%ar6+6@BD!|mtg zhdC>*UT#|GhV`21g)^9mogmScJSVr1Wsj-UWzN{t6mVx0yAGVU0RnO+Gt%r2`6D-+ z}5H@KZ0yC$LSaHn)&W!Gy2(wK~Yh z^!>?j7TEk!&f`|Q!ABu?ihOUkH4${g%OUGB)%s9FXn5}HAGvOLW!jxd+I1A;hPpkZ zLCd>RR+_;Q*}Hn_2)j|n=+V}%CT7SM@ifOqrWDiot}M^erJTbf{k}WZ6psysOQsoK zRPx0z6rtpuZjvz0#c8bl#@;V0Z^bzb!8A(7gn~M6Q2MduT;-b(-fWA06Dh_f=9*4EiBZ|sHhr_ya7Jnaq~tNe z33E>#)WyK@^y{+}iOMOp$i)K|%rTVeq2o2~S^g~E<}kXedG>7+{-o3#dIPLp`<)t+ z(K+

JQ1GS!7H6C&e#aUw$QANUiEj0uV^WgrDwN}Nj_%gy7ifo|2yGa)5SdfvexEG> z_MTzGtP0;dvH6wiD+T3NGTUl;TRym+8A$)m(wajO1t{xj1A0hO4XDXmTe9D523i7P zu{>|SUr}OQBGHPLrC!x-aCdYJ9( zjj5geaXab=TTQ;8-J#hsJ|Q~Pw>QJ`&|f^zY+7lW0>sXuZd+v z#Xi`7FQ1kO^&pLzY(poY>P2{h3v40PRY(ZRWCp6m0ACGK$+E9g3pMdZ+fxzrTrV(c zpXc5R31|q3In6sXMrC+*Jua|3hxiP%01YbgGZS2LLe7zo1NV@D;-ae*^os$!)44{R+%78`Fccz=-D}I`~3&no~ z1sci#AWB%(bOX{*=o{CSAz$g{m>GPk1rNZ~j8hN;pht-MrN6(q8i2)n8TO%8F-3ch zyrE^?rm5PWlgMmxN94ZN34_e)CM2R=+nEw-c4S$!^z+u7dO_^?^OozZ$Ua-33*1Ku z0%+Gkl$c3;UdSs6SmD$^&n@brJ%p}|2>))210jt)Nmhp10@#w`Alp?rL#ZVzB#~QU zto-oTY)=S3vPme32a6UPOV9&6yn}VPUx)vc?015(drTnCg2me#G8cI~Wb zchY<(1B)Ce8FY-Euq5!ElcT)yFVtGX5!P^M~%f-oK*7?LC7t3q2u)Rf|WjVe5NV* ziLpDBnhw(L;(RlP+YKma<8yTda-c2_RdmP=e|&uLC#_F5i*$u_Nl+KSB?Mbpvyhjd zCI)W)=RkRr96BZRu#{;G%h^^NVGkF?<&0!vt12T>m}YTW*cv~-NXS{+A+vpTFcdq1 zlMI&6Vt^khEJ~F~{-P1TzTLx}!W3*?;63rrjdXs@LA4}(sS}~%GxuxEB7LMk6PB*w9Fsv&L)F%--U%IxCvbW!{LH))jYJ>B!zEeumhbfSWaJ+2pzNAC=8K%Q^m z&=uCXFP=VLa?5f>CoMK*H^Mq+IJ)^4V2L@yu2@xI|v$8Xry$(b=qlM~NltcGddwLt%x*yDYx$* zKu_#7M&qj|e|z6__M^?MixO`4ILVn5?5C|O#3;3CSCFuhPR$=+lRlaEW{8;xrU-$;*ldebG^ zcD=s?i!)D^3vfR$F8Xza5k}QwIL55T;F&-|{IW=Dk`~w#07_1o(&PK*r)fueZx@}p z!oI@}z|hu$O$SRym1YM+mK&^0I4oku0<6sI$~3Xm^w^=5e(2mbjN1xGxT6H~*4qec zZw<@oIY~oM69^jAGA#XAP3!rE7j&C%n_oWXII47fVbXQz_Qn7+zP7T$tyeED{tq5f z*@lbNd8pB57~dy+t-IDPmVwjFT>Sn+)j@IgVsJbjrQ}} z640M^U_rr>)k(8%#->TrHn|xJ2t5-yTT)=@<&M?3P1tRBo7cO|zizu%i1v#*bz=BC_H(#Gq-6-b(! zTH{s2IWn^gD2UVBu#$$MZhFHy0a)N#@(7YE#_b$@KNhA!`Entymp&FAk)VEvL(Hg} z8=}Tc1M%PD_%Ek@EocVPE0coR`6!8s0+KH>@1lt!5JLQVp%WMGdQ3_!2$_*jnxk6D zYP>^Kxc=mGckapAcw7dQF+QqjEv{7oaj7ng1pG36M`Gd74 zdWLEUxYZYQcMj0M{QQ4EkL0z}N|z|WK9eL~Tx{&r>|eZ?H?m+iuGKGwe^#8n^Lt#K z1#^38r`UZi*0O=M*OXS$TF0^Wb|mTnwY_ZiS~fqOlfMm}xptGGrWo*+8Gu^uZS32G z%YYW&BHs!eFHfnp?m&^<`oCye*i=I}@qV^)dbI94?5_{zSf=>z`fgDIwLEusVb_ z+p{%(?ajsHKP+^+>6{Ku*y5N>w;OXq6NHZr#-` z%$I`>GAP*%Wr7+A(uut!fq}PX%xjL(9bpqSMiHXNlob{;MuAikrw=bT|5*WI^ln`r zHiJY4xikIM&Up+Y%w;TC0NP*K>@^DFmG z-%)Vy;7gE0Rei=C+PT;^U-u6#P$2c?$p4gR2Fb*L)rfq?m-Wr0j{?Ah$@+Bjfi-ng zqOMo@zqS2nYs#h!C9nKzkJ;Iu5(X~H4=9(leNV&p9z`@vyIl~bevb%C(iZL82CE(wMqZkEsTp94uiSY z4Y1an%ktiAqj&SA;;uNQInNIudN8@9!G4Ubdmofa$^A$su~v7hrEMBSPFPm#72n%? zhLuArb9KSjaG`ZkWT%pY@>taHp_2*I*-;^)(Z~sV(ebP5mgEli%7Lv>MBWhwag8m- z7uL&1W&)Ndb{;*1wx}@Ov|uBW;KN&YOqoHsQC+l5JrsFC;AfKSK6&Inx$6UFl!+~U zoGj<)S)|aQa#aG*dt2gO0TbIEX1^TjVdX7)g1CMoYv*R7l9_Hn@fe-V{%uJJvEEZn zG;6F9R_x|rz%jqeKSKqkkTeEu3&ty_yir)#^?7@J^JdK^XhlG$X27Xb`%?dLZ3&qQ zC>nQsi_>6DQG<)F>3XlR1rXsaPj_cCHvJ;LS!)^(aZ2^a4iSX>ON`$i?`!deFGqox z^!mO#?Zb^bBX051Uhl^iJ7dGbLVQt&A`NN=w|l`zAFb}>orFfeO|m$5MSH~gj`$|@ zVcG`SuPCv)bi_FQfRWkv%X{H680#&GyMT?r?+-bUkflV)Pd7w%5YK6x0Z+0HJ~A+y zXxFfY3i^3swymydU<)MGG?aQ2^$3cbxq>I!w?MvD*(H5ADJSGMrPIvO*rt*cq1 zo_CZO{&7Y|o-C$dUGa(dPrXfj*p^|Q?xHmTOhLAamk0^zoDQ-(@~o1#`Qpvnkvn}Y z?tz%ZKib_Ze_vByVb<#w@RwZ!Drj8Z?>sF3^GI^c_|WXL#0D5Zttx3h=d^<8;gNg& zf7i%T%a8|xxiNrQiNFWg;pDB&*I86z)sx%*V|lHgZSU|5x1H)?-s z)q1*ROt z8|NNvU0uRPGb*%p8=jCxwsqyswkGN^ewdC~vSq@v(@zmdXb_*k{aDY-Iu1F2npxtl ztneMRk&1>H(7`mm%pwvbR6N;aB3pRdbp19!5?aMXqQ{1p50I%Z_HUZ<&x7W~>P*bT za#M*EI8fpE$yfd8FeNMR!~#sPFX!{$Svg>dfaZ}r)Ph>94eokpmulT~kPxdR;@(N+ zI^W4aZR~+`t8Q2JKe@;8Xy)(sg4x}GYR4)JS6dieN9lR!lJK+QXySUWad!$#Ndpx z(S<)29Zr7$W#?OyM0dO3O};wUu#5}W)MamtO?*YGf2hP{8?wo|2Tu8}NerGtDDw*Z zaw}jtsFfd@v`c0q-W=6r;R_iN@)zGvFNx>*Xa)4`l2cR@D0Qh2NDcPMGX~Y3vD*Dw8YR;=-m6osv)Ji6W!hCzxD^Y)E(R(LNsU0gn&qS&nFQPsZ zo5p+#y{eZydUZ4)aJO!m{+b{@6%3pV-;6KPkA$Y=5C{<3=F z>VH<)6%%Rbi{|` zv8-i!kS=5UixFWh#+B}xch0lCfB!1`98$>W`;^|pVI5heHT|uYg=>CNMRdy0&1Ph6 z|ACkF3~l2hOVbWkq1q?CjQxaQnH9EQ6Rp#5_CmO_Qynl?JgXkcJ;FrngfYD#w%3d_R5<>^h~n zAYx!0xz@Eh@d(DhT~;hCTE#ksXPl z8Mn5SOOJA>J;7wHmxGTN)&IMb!oZBMC%6pC^O$K9rSaHo_EP)0 z?rel^&p_zz8XZQqa(nAAe$`idf{&kya7pLF>%WtUz=O_bNkFXF-pIX>I*xq!GA~w6 z_TScDWF|$+5i9tBZ2@x$|7pUou>IH5xM`i8|3Rn!Z$VQAqx~aj-nY|3 zrs~t5oVJ*EKiPJ-!|- zTpXoAZZzv2KpW{aYE1Tzp$|CoMuOFw%beTH4u1-m_iD3S{6@yzmdWM6N*$*-K`h&U zy7GuJ#SN(^to6vh@L|c=`tTCTV`v#eUT{m0`P00*?eht$BV+l#G%)t0dv3ArV#8!l zI#U!K!`A&e3cu`aEZY7-BM`kTAG#bwlxEdTDU^jLtQgx%-qK$Qnnr<}aZ zaL@vj{u}Xs3mOFUvHd0lP@TWwDDJFnKA&~-oTzrTfh;2wnnb{{j_EOYjw05VJ0*j! zKh5NvsZoVq#NO!Z~2v!+(mkp&8}MLz7fu{kBsWUd84P8F_PWy@|kY zD_3e~V1)&#kU*-EKoqy-M$d2IXNgHdh9Hc`tK`a-y8v~Ak71J4(XVIzVLlcX{de}O zON28C+eNLe%L1ZB2Rro!{3e}IhYg+TUE*wK(7*&BP**cGyT7iUhxv zmFpP)Yt)HfWxQ5g;K%V8J=84N8G+MV<|34Ee7L`}E3|mfPE0udz!3-mogzU7;!mm= zz1`g~_TUb(rVGRp zgnP#rj!6qvIP$%?M%ll=J34>Q?wT(4naDNM{rZVFsb?p09P8)yszMEW!t(LXdA|Lh z<}aStDlNAyyU&LmE4F}d&Q6?pVdvV(7fc$PTH{5-&mC?C{GBtBL#~+$;5t~1g|>wA zf@&a^gk>D*_C1)zJpa^jOs9M=CWPE!9KDfnW@q4Gn@++z;7XSiTE$t-|$8Ol@gPJi~cefs=JMlpcseGwM(eaptXM`?%q=8Gdj*jB^z99zPB)?T7 zJ%|x6Q#@{XUILvGK88pM@9|SyA3(p0GFMiqRWyZzk~KqgE&&#$O*=DoM*|RbhimWo z5)#UQr5r*IV;K0_22lpt_DKwrJmY86*fo--OizeHh05_r=kF4`_M7#bH{PmU)n z!!W}Yy-`2%gLnL8VtCJ-=GOhwFq$k~E7hiWPy6`_pe@!bSV{p&r25j~k3@oDOM|T` z9J_5|f}#<}nGw65xlYM8MMW+ER;_aFdgA|ijEcq!Z2(u>P> ziyxAI3h;x#g{cQFZK2U6M_BYc7kk@EFtd4+H7bgW7E&8z{vA9>9`0P)KH#eS&Tbsh>t}@s;brz9k1+0i;LKw zJN`xlnfwH`q@p*wT~V4CcKk{9Zt>9sBRqI#*z@Hy^Nym?f*&+&54&JRZBiHlk{Kp# zyX?patDM}FAIm0=i;qGy9@+*>oxPa>beFU+GRQGicNNOg4YqgX^lhw&u9aT3kUaoW z0)d#tEnwcv7ccLL$n)CH=~qoTCv-K?udxkV=+g&{04YM5A~=Shu`wVo1-L7d*eTu( zCS7B8ib{`(_GwTZOEx_Ss(8?>ex^Quh4iPTR3OZ9^@@u3rlS|Jp6A#IUJAawhc@JZ zOQ~1EBy|@fIR}@<3gghW1J2F2h_rOk9y+=!<*mK)hdVO}mS>_U9FN z!0pFQVEIP}h#2c~WcH^}%hk09)TxVb-BmM*!|${OSoZ-ib=aD0D0>p!wN4lIyhamj z(IE-pxE5#7Bhbe|t6p1VWNROy3kB^|6pQSxoshDZ_pK@19dnJ4!?0kO_}Tqd zeEl+%i4m+d&PE2QTp)?kr#o+JQNxZ1i=jF%!<>s$OrmkPh4Ocel{S-=h);QI*R2%C zE2}^*gLkbc&{^9)3Gmam z%-)92+?4}DV6P9yFVKxo3Lqh8*p{&Jm`jb4Kf0`TwYX|OkFmly2XLQ8kqwHNv58WT zoNw<9VtZ9*p8h}oL>W^Sv$OZ7`!|zmv``zGlQ;wBuH61S^%O$rimb55q$rCfk42NE zmgf%aKR+kiP-ZhAkjB_^14=kC9?f#jmhZ@40R&)D1N;{_hALt*@-~QhKkF~-S1l!O zL4P?o@DHHA(l&uyp-~XN^I!wy9_e=0ZQ%_8y4=4xI)4y}szG}Q)~Oa5{uJ@y(Lu#a ztQNmTa3I=)kvj5T>Eg7EnDot~(C!_;m<2zNeaRi@9)s#EZ@z((Q0_GUgA8M1W8F9W(R)8J2Oe{MQStOFA2|WUcVNxj)g_cLm7Q%EfJcWB)xjNw z#S_&H^t5wa*TKfuDW8?m#!}WbRac=_K^jSdxOP#cECSPx1WvnoI`A9C92o&=&rOChCwM7d|yLx4Wk#tF5 zUJnlpWVN+D2{yh%kuHt9ZKR2mdJIGbPS+PsO;&*r%7sR3fOD+)z?vOmJS=pGAwBt3 zUSufR<9HG4G!1ZKR5A!VFwD$|l4RUqrNp^-(7*5|U(2aeyl-K(M8(;vb1d_$m*G;C ziG|UwIKm|jP^uo68{V^--WY;U4E6|Z8u|iyYOm*3yl_dns2%Rq`N@WfW^wUM6|rfs zqpPBsYe`u(k>0F3)?^o5V@KULO13u{rWxw6qr8Yx-bmeH1f6T)TNNspT4H+DbAs2r z>!iV*-!tA)KQJE0mSIk_{WT#rXf9X!o2mn3;R&P;(?c5$@Un7L7Vt>23{n-jWG%W;uT87ikRGxX~>@e_y#9 z)k!$$(wi?w3Mzyi+1%at9@d%;rsF%{=koq~zT%Po@H!65T{R7x6Oz~=sP_+W0FcC# zuUyCb_bPuXoZG$#cwkyKF#1GarnLPmU(U5YF5NuO20sJwAodXI_#0R}4}LCuIbe09 zz}icFeDt(|xc`3n7FVnPy?^u+)!BM~=f2?J?ezY>A+YK9n$-fklL(y&J^4EX6j&sV zQSkW_xd#nUE^ac|Hp_AU&c69|b=BGF_^$Rc{p@hf-}M8w^L{+Kp4>>=K}>bCZk*TT zqGz3CjjW+7r`zYItNvQPJm$7^iNfXqRY1bt7#~2cpDi1rF~ihMs9>+|D59R_Y!b;a ziVYJj8w%!BC7s{ zp$SftVIhc{!ZAC-Rio621zz}QDgk+sfx-0&M!1MHqxkbc@aBk68OSKRXh+^SkayRs zN}xhi>8K?sPmEPS{7U+vWh{mws%FNU7YO8Gqzl9-Y!F_``rKcd(X)_TJT zud72D|J_cxVb&9(i17B7z%*rzJtuth#h&8BjDEQM7Vj2>8}vW1ggpo2#?(sd3>BVu z+ua$PEV8JU8v`oT3-Ppa5b#qbVc3XbX*SvpPh$aiivQdaR5pV{{Tmw~&pC^l4#2k! z50Jz2PZX`@jDjlC$WAjTV*=o{=;U>mz58JtQq$e3-NkLwk1KS?9EV&3ByjCCDRD}y zx=M_b8o>fczy14RTKd?o`>m^IXwUPckb4B#G;q@*mNV2p<{mRl=lWXnRu5o$49Rcq zyI^VYR#lM(mB+pQxDnW(nzL22R?OT#*6lgkNtp~A75K!VyN7>w!nMqu$QzaoC)@rj zXqx{WPH9FHrH@!i44Z_q+Sk9e;$CIQ&b2{M#XU_rUzjmn*gs!})J2bn@iHB+(OJ^1 z{J>0TBc`naFcg|@Zss#o!KbEAT^3qli;*f#w6Z5+H4CA|t+fGjt3(eb(uGS!k1$y~ zgz^khLjZ#a8>6MQz+4x#wW~|6!5#$5!tF|BA)ar6)y$Wi>ZD^2HWaGnwImJD@v`y? zAZ8HdwAKKdB-+iPUr?96%U)ymGW`44U})pl)!DG+C!k?uyH&%zwi6E&iUE%>v=!B&#m5TZuG+Tw7Q?mg~3PW|GNC8-&E#v6ZKzG^Y zzepY{9_{ZN%!j$a%$#r(=?BL9Ao@C*@T%$(b_M%EujhhHiBWiAY_l=6myH4lEOh31 zNrlSPk3lGY``l+>2QnH{snTM6>Hv;{rhsyQPD#$^V8D;N6#o%hx7T3={+jctYr2uu zE;6Nh5!MD%U0&~(geBJ$dg4}!xI(|`hk1GCXI3;!t*RvICHZ@9qy_ikEl<0cVOgOu zYY>kwwhJj9kNx^gynu-Z304lt{%;uT(4>T+UCK5sBZ@2{^p3bO?cyMeAQ@s)Af15r z7gvHUpl-(7XbtX*WR&cGarVu@v3>2DNlt9rwr%soc5=cK+qP}nwr$(CZBD-L&YhX6 z`PIyw>FU4suCBdyukO8`^}Y{QEB-=3WE#2iQrUT?eVTI!2qs-h<2%tpfD@|R9>Li7 zmn-^3dYick%iP%594`YC(XX+oePWqXn=bEAv&5}V^+GQyuMMa2?RLSvTo!LU8#sMJ z_dAJEGt;kLkUWK6V;-C!^3xgDBz0U`>$ z)p_fc_lH~F+HT*Dr=QD9@70l4|G9+P6df!{EpC;2qrUC8@?~8Qk0?{Tw*Kwq&Pas9 zV7hMKb*rcfWU>v|`!gr?rbjJK_7F3G0HHhKKyXk4|B~wO1e9PVe>n#M5Fecpy$Z1- zy&^XWQqC5M8_QnS$N8BoXtGzb0~Pw1G9VwA|F?@Qs%#6-fq5&XQ&|8=2fe&ri)WD% z#Dprje^xXUmzHY-7TMt-t#d(!BL?Z3DPErI15B;pg z23s_jkjYQuwzvDasbK^^4+X8tDveZEW@=Om@>kBxT@#YEIUBQHh%#ls0Vwm2$Ydr7 zX%PRkKaeg222%^Gn+Yd!PJ;DflGnXIc%2z4gwXLpv-*aw(fv!ka6tNXwhyTKC*`w$5y8eBAc8%R%-e^s<_|hhTzs z!Zp(1iRFSz* z0PND#sm*;}WROb`NvJ}sTuDo#)+n~xku?G*^6~29iNWRpTQ*I8!M$8ZZhMa-u4e10 zi9gnd`qyrEmw)aa!YE{OXXHSC%p`sz8*!6ERF+7#2 zpVJ*U^L_8=!VJBWkCe5HM5+SGlEX)>k$~z}h$3YQWAZknu1K$W^{gT6>9~Ky>m9P9 zcT@X*1ig=#Sl7mP_rP2k=<>PVXJV0@H{c=!1bI-Jhymss*a+O22obe>*$P+JtDTs@|4;&I)&^0{Ll>t}qRq;8lgBJZJ;!l73^Z|2gOHc0b zj#C*O_D*g<^-eAThY1V<16G$~+y!!!TG6vZqLdol5y~oL*3?9asu+8pH8b1cG0NuA z1F-tS1;TjeXBv1pJhKZTLh?84BY1n6x{vD zDVue==qCv|IK!2?gvboj`VRd?g<=91*n7I8s7G8j}NxpfOi+y%d&t6~hf$L1S zXeM+Z-Sh22SQhrYA*1lp@1|d%QpeO#kv^!aBdV*L;VCMUEW)4*LrxZ-fSHzo>!ba~|J} zcdVCkt6>7f^p9bBOAv7ICwrlC74@qKiLZ2WfJ5vcJGp)Ray!p1*KyD4JTBrsiI_;m z0Sq3NGQ3GooGOF_8tSvj%}iH}Y_wUex4UpgWJ`PW)W^Sg3;W>1$HzSDoI=~8%E30o zB9Mjwl=_5(mHitD#=3%YCeY6j3Z-A?eCxedi`^h`hQp*T^`AmaagHfUz=^->wD@#~ zU!>P&Kk?*eo;wBZb8zQY1DceRQvi9BUL%I?q$85WrEz^_7!AgkOCNHkW=YZ?4z8mx!49WkL{RI zM4uQu@`%pvu?n)ktjlG5mD@2AI_Dk4#2Mm@{SpzVv_gd)T3(@gBu=Cc1_8Mt3;Nm;3wNGT1K){JEgBZ8g4>NeGw7OCky*m04bT@IPOUWP!V)sgBdmd9y z_qSD6XG4D!-!5j}{k_hwejnaYpxKjtf1f01PE^{Mgedf?dG5_tsJkNDl5b+Yx<{|V z%A5I*8n72A-RN7ee^}|*8UIPw$;S9!rp9$@YTB=jApZBP%2BPtSt4@-yr#Wzzz#Bw zRT@c#Flic4*bu|c?ym=NB7$73eA`Q@-~1k%JfDw7ZlD+3Tq~`uFGfzcw`me$gxij( zOz&4N=n~70+}VW5?Dc{7jl&4NpMZ~s)+;70&LKK|jtw4=c{Z^fI91tBKLnS~X3K_+ zig-3}+Wh1L<(h5ltfb*#Gy!DdYOi4+II(`J7pWbbKJKmfitpiz>86Ts}xGra+i(~pR3562cgaU0NT)v1TQZ8SBkFa(sd!ngReOXZYH z#DIGzqM#5)nEfp$ya|7LwF$IbMpa7lM8MiR$;00&757)_RD7*~`m~PR2kt54`YRap zeg!+B*dQIzekV2AVj%d(=RG_q(1P!`?UD^%Z%P@zRBU9~e;77&8~F)*{mrjljiE9J zK5kwzJkj{krG?SmVB4>9M8^XazF&U`Rj>y^%a12vPj1!-mqq+)lxRIDk~9(HxRv4W z8q}{J>#&o~#YydWb=`@Xfi`tG;#>{s#BagmAW@X1OrCP%K zy7QdvXy}O2(=@E{;$!N#k=~oi0cOr7_HpxY&j&W3U8=flSe@@rMCKt+M2k)zE9C?b zg+H-P!Gs}&38vx5gTwOfKl`ojk*}WHOivk66UMdUzSV0tESq+#;7I7@ ztaFJcQOu?!dVMkZG5VC~=7fI8gEde({o=bZTU{{}6d_rHnbIYIuGBzVw9C_@-@bCA;T=w+Wa$Uj`gl*FC%JV~K;TlLi)qDGVBpml zd6~Q_=xMy@M6d)~rjR29E0x9345Gh0LxO9j>qrZH*)|JQZb|9vljejRhd3chK_S=V zW)-!SVyR@)moEt*qhTDAkUe7rH&<9eJ1dfvM}tpoct0GNzCT{=MeH1M_im^UzfKeZ z@8C3gzHT1k>exfh-lhQuk!{@+z!hruPq|quSI(ABX?_0$9JTd9ChEU>3_(ipE!mdF zyCzU?5h&rY2q%J|%!dGguR+h^DyyJNDA__d;*KW)3&au!`i#(ZfPw$SJr0lDKdKnD z($eW*2H=RO4C)COZ_qD`>9f_M2&lokp+QMgzSF*PeNEC!V417@@e}Ns1h2HH>z}c> zBljb3D!mzkhq(YSW>nvjX0a)VzoCpe5SC5$rur_Xe)XchIwT(ASddUz0a7Vo5C!C3 zckxz??A?8LX0eB00ZVRMkKl6;@AHKE)&5Rn1otCCTP9i2HwA?(kz6rn0O^<%F&DI_ zh!M<+o#7m-IIz$;8SQHEZQf)qA+*x@qL26Hj0q2S`#2++X}s4&U$PEFj5@2Xm=9u0 z1tY~Ou$kqTHMk$!00Q5Do}H4Vf}WJE!o9gv_!-Hs?Uo2OCm8z_&^1TJf-omn7D7ZZn5 zg1W>~$Bbdf5}wV5zcvhUYn(vb`;S# zWONG?;Cf2&A^1mvDG%QiO|0EYlG1ca6x%G-ffjrmun%Q>q_C4)`F;(*J4;X!*UYg1{vIx02q#~(F0_z*7@N_4BMJLA=V7{Z!zpU?*);G zNz0nja9wvBQGq!O_(XHM%DTR(x2-R|GmP6;J@$`MgYvg)oeA&l^2=58Zt*ROgASW> z|LVS>L(q7{q6PSLhsr8Sc$vPz?h(IJQEX%!=H9B>W}SWRVbVq%{?8=iL$Bp6<(tp@ z6d~)w&9NZWXnj!#TwR&m2hScjai>RCP2mTZh8cM~iisyIy~C>-aP30|~x~&Rcd{0IReW#X8Kw__1iZK8ja;UG?i%C&X2f!V4#_rS|?yvkl$CVvP^)n7hDqCC%oC&(CiU(Gk}^oE+Twj%VoN`@1J_rZ9AVQGJd^)*$yT7}zbzx5pJv-l@@4n2d!xYsP8CCy$ zEvne?N^3QDX(&NYX;5l+ozFHg5n3^2#wA(TS#6iP{iBQCLGiJ^!@vJUrQ#B7`>|n^ zY!@iS`C(E$<0raaXXBFSLB$YAN^e`ZK+(LtTp4?@q(#zBQ}zv+C223=5NKOfd661B zlUoPpYK!KG-Drd{+2=C5lFEZ($+CQqO$b$V)V>*kw_mN=ILWwRoU3;4)0)O#wy2I< zj|L)oO1j#$lA8NOHCr^byO?|#v~paiTAzZuVbJ&|W~rl9`z&O@?cQB0M3WV!w+dE# zuvl+Q4G$~r$FKI>IkrRU_B$eP(_&EfS+?l(c-NRc8`#flK7I+l-hE?k`hpu_p-}oK*vs}$Dppq3|6ka< zA?9XidC{-p!Qt~vOtzYboIjvMZ^KV~{`pu;5*ZL6ia6KuL{JN}cb;`sO*hY^ciiru znI67vjCNg}dfqY;AIDK|9o09II46%Q68A6I+j@NWm0iD$L(0Av(0jb6YRwkjPx-^1 zv~yQYFYcGBf&H{;RTqQPjW9<0ZpXi&b`lRdZ5t`vaCK{a`5<#bz1g~k6`iop)V+7msvat0btMjH&wjJ-TMmc>kn?l53=@M zci#-st?9Xm9-uU-`;+Os-FO#|1y5R{^C@@V9=;y#5E)&PX40bgM8vOHjlPcOrj5 z4gKyvcD#WnW%M-eRObURCIO}wLrz?w`-WBM1^GSn$NE6vxLog($Ak6H`S5or$Xoaz zV;H+Pi|$MAc88Mdl!7aW$9~=`U){;&7+Awj^-U!AxKxiNnnow*kzk*KrOI=|1}|9q z*r9D;$)C&+ci}9tZ1(ha*O$FL$eT;lVrh$+-bC>7jM2D*kFPYBRtG+OTv7D10UtYZ z3eH`=3s%`)uj~Y3?@DjnK9iE)<79l$sH0L6fO_m@0P>w-x*Hb$+SxlgT77bH$B-h& z1$+DmInerLl@Bw;9mm%n$@mdA;?}z2iA8qg>;k`CEys4T41@<2*!={d{b0=LcmBev z+(^O$`+Ep*=?$=G?PZ8SsEEr=BgknbvYtot4tCvXhrx{d+(=GfLAaYJ#QB`8TE@`WtbD6 zKVj@VrNE^tw+^^;l`H2er?3#(2x;a}FqHnU-2VgTrl4QL3tKP#C(hM?o5lVQoQp=u zEJ8~GEWC9C3D54xo*;R6+Br5?!zJZklP|6ajcPcAWABLUgk=7scA9BdGgVl1 z9-Y3$qltGgpOpL^0&l}3NR)m-&zz1d0zb%#(#0YS!{w7YL1SHP#y%&}5=z7|JAb$x z`>mMd!G-#4hq#Y@Moe`92=hZZ2bgx+(#;>*xw+KDAYck@;cg21cpnqy6QKLPtPO#Q>%)`O#uPp5# zi%5APwyUA{wlt34Fz0O)fBtCeL@IPq7fYNGkZgv%#uDheAtS^#mRZK<2Tm)T0RSU8 zUDW%|9Q>-6r`{%JV{|gMx*(qyU+R$K5eX05($$9%YaeB^Wv2TqGbepm4o@1begqm@ z00fV?e8O}>PxFQ+_G@<@F>rCyDB2oPQ%(vHsx ztX3H7S&vws#JQwLTw@qT@YVLdQ~(xDDH&=A&i~?OI5~n>DekOdjAWjKkS1OK1RU-> z+E|u{K$5Vh+`#LzTpLSm!o9^i)nUid&&r03t|awCw|DS9kS_N?=LT z)J?x|fJ&P3WW7ym=s5oX3PWP~e4)D$u&L`Q6UnGhwtkmUo=hd&Gx`$6A%AVVgQ0$x0}A>HLp!s>CWQD0726=iqhMezdBr}p&`v=(sBHt!G zLfj8|cQ67FFGLyuF{0ETYCualmJ_(@G)gnQ{I?pv+?bWl8sPrKyX8V)w7%!2K4L(y zwxQ?Qlb7gFgv@JNHI5t!e34VT3|9nk#b1ZF@snnDVJffN`-kMN!?x64`=FWSD!9T9yC<>ANtxa1- zw042#awQ%LE@IbFr19^g9uDvH@66d=E!RR}nVGvkzAs6ii#P<0EcoE#lPy0832lF7 zsk^ovAMOuGFSxW%vi98AhNClII$s27^Zu%ZgJV#$hMAg^iiyv{RD^(CZ8^*jdQ%+` z(qdKNAQZn+bU z$zkuRj)Pr%A`{b?CBa%z8}1Z#`}?`f=nTlEY6nosmqSajquR+97I;$Sh~&y<)}ox4oNO zM}&eWV@sv7jZsCYb}5|p{ue%RQ~K(PJ~4K9TJyR}F6sGX)wQRr~JP5OEz6snT^B0%Qj ze}k<3|JoERubF8)X*dTg?D_DQY(|3pY(rQe;99P*oIO$qArwNDLXMktL)X7pGPFKT z*fAP!)HG?vanGY-G_c@P%$M_ib|2BUa87*I**JjlJ{Bahn=Dvcg5JDc?Wwwv#`)v* zW;U86<6mdcF=?0p7WH{B0ZynV;>gvyVDTZ8i=H;u>_McB3kBb-9cllfw{rL{ zYIL7*hzX=$DA_cAq+xrV3Y8ozntV4rzG4Emy{=yE)t*fMWSr=B7VQrjwLGZ0;ih&s zJ!!B!4If(5DNkYc3G$jJbfY5Z33U`IomPZvHY;;xGTIraXn*O&?;p8 z&%bZMTcZC7x^l4mFQn7|OuJ`cWd48XO_G^>3~2JX+kG(adLwb|p-t zYr8`d(G(VYgc08wLtW3u5DAJJls()KcWPGWTVPFJetK|WB5`-LPqL0%y0|mt*)Y9v zyC45J^2tFb91u3p%Yqfx_wxM$f~ysil-3}UZe`Pj~nKL1in&E+h!WMx?Yv`jIy>Fs2_Z`~=b< zP57!1;>hVV&n*>>Y4nwz2SR51_s(|+bn&stwX887ovi=qt8Ot&X+IV9jR)8k6ZZ#a z-XC-j-975SVcJ_`pV;R&4^|lCZjkElj7*t!V_zVf7;b z3Y$?IL&q#JLH~l5{`SAv#rS>aA$sBi+k)2bf}3JzIGF^M#JD`K0c>s1855kdZQNh3F92Iai7)s) z0QxrS!gTshTgtF9*bVF>i32KfAto`xyjLCiVJrA5=s0mxg$Rsh(;&pS5J3`nARBn6 zoc;s`Vl|ObMy96}vgdaQDDc8F1goT_i&Fq@4|Ory7#4D(lD&7En_M1Y@Pb;8IDx5S zF(f=A-kgx7P;0ZX_Az79w5PJ1)`uZ2Tde_ioWj2?4iir>k~OT~OUlMF-ug#DEae?w z&pd2bES7_vh1SmQp3XiDDNe|c031BzJ_euckN~wwKYn*gp2A+FdBX+gmHX$X6`_vs{C3o*q;n@EgH0~K^LTEn~K~pX6?)} zNsbklT`6ViDDD?{{1~n}3G$_y@~9;C?V5g>4)sB$579sjM8#kOC4JF;DG25S#>U8j z&~WVpq$HR1V?(2twBwF3pGUPuiGx1yx76hozEJ&r8g*iHLvWyh#{-m>Q5Cuo(Qd5yXaPl|t~vBQ^0XKhU@r<3KKO+dO1 zYO0=r7J1m03=tmqsPOCGPkEIDX%Y9zSI#t}>^i{Lu~je{ByFkG_@wu-+S zGHqAp1EzNYN-8#X(VO`epf*~q$zHhg%AxYx_0U(DbL4rTTM4QC*+qgvZ`d z#F&b%B3YKO{lO5;v+7Gv@>mWhl^LTHe-5oq72loD+9L}%rB}xX_^0lYVlmV`#Yhv`WQ;5tW$l`v!0p+GP5NRfO%wujwnnY2bCGk zKiPbV7BP{DK`+$e{Kf!HQKJx;rk)BVEz(FC>84N*77#DgQw_C3YBty?R}Xb$SMDS( zPxDqnio_LfAO%yOE}m9OoOTcvlQo&%mcx}Qq1~cmsUJJ3ZmC`d!e%hIvb@f7BZbfu z2q~Ongg0VEp!t9=k6H|@8nU#)C|9u=h~Y$IQdzG&ZP1tT;s6u*VlwX)t43seHFt-l zK4g`3!UUrHjv+hHBMRnT-B20SxQN&`$EDI#OkGXq^AOZ0*e1nwl>bt)ig&|9q%Jae`~0p{673|mka6+OyB*c zuCw>L=V!!HaQ$ZUy~`pGRW4bBdI8!=u;QtIG>JIeVct^mX1>_wRlC)5@_q5~=2iNY zET2|Jx9jKLpd6iU6rEQ|AZS&*@(EY0%2X&Srr#0574h`x^d_2a#_sieuGtlaaY^B{ z0Ib|kX=WO=;BQ8dR-XQ&Z0$rKW8g#=X1|uv?7DdOX;$d8)JfN+)Askht{QhIRx-#L zl<~`AI-a-3S9u~!MWX!x+tORp7%_UXRXH}rbC^+AX`R}I)CRavh)# zhq625m%}G+&qbD2M)dY1eTLQZLHh9K)#=B*^7BU(4R0ymgh_j~udA1%<7sdC%e$3b z^077T(CZy%PNmUzN^$aI`F(c#qU3IvJ1A%Pf~GGZZz-B7@MC{h^CMo&JrfQ zwu@H=i2%JATsinYkJgvIydK3Q)b2{b{Zx+!Hijq45r+^}Z%mDx^f zLgP>H0$4?!C#7c2T}n}@LIX1_1+7gn{1`Z#Mp>U{cfHU45Xi?a>-+3e;-;6v z>{b^dn?M?T`izB5_n)N+GdeY-F`bcI2smY`S)OA$Z2!>0qt z&f+#|M#-r%A{wy)Nd$R>Q?p;;7A300URXU>kCL`g1ez$O$P_kZ2o$4)0u2G|g)ZC` z)G7CN`D(Ngt+JXmU0=02G{w|!h4Kg3>E5$%|*KnbG*5DdFXMT#9xMc%I4A|PilZzuY#9#3kw zw4wDL+=yqd8uxu^fAvfkt)Rf;KT`mRAI3Um6a58`FGKD|6 z%4^}kHTxF8rf&z_$h!Lm4W5JbM2qlz?ZyB(4z$cG@{b`I&lAq+*BDT6+(9>uTp;YX zv;a^cz}u7QU$t_Uxyii28qHwBJBkOm|YF}hdQmfJcVW4lU;MsyHc)=RITkB+AA*5UF)nh zIy1@Mi{^`uMq5ex|Kq*HXtHiH)rHlJ_M~2WJ$MOX2E>-z*|>b!2GfjYhtvR3X+$|Z zQRR8*4^22sdp@Obx;mO$pd&-Q2levzccy|Loo_sJu8DuU-ga;p8JY;3i>K~y5Eoyr zcTvi*OJPNR*urA?_5iu*uED5`8D}>nhPiSin0%Oq7g*3&6+Y%GuH#gG)6xlU zAd5gLbe1@2f8r%b%Xx-LHTUh`Cge<#9f0Qqofd1fm}cPh6RsIxxI6kgL=i_y!#ybH zwAct1Aw29}!!p{EU4ZEhRNta3OCpMCYAz8skMqz-I{3-0)E>e$S!JBbD5n%#Kv)QA z{iHRvdA&uWh{j@#e!fhB0_ThhIK#Us#sJreo9BcyVZBy8b>8!+H5wKg?2E{A+|(kb zv-+YDH8ndwKW*S}ZgTuGhKXLd2w1&XYqBk1R9pQCBy20x)M92B6+-qR(tN-s1{~*b zCc@A@HX|$iuv3&{LV)!nDF2@IhRx;i<-!a>#Rtoo%He0QNh?jD*)@kV+P%kZy zo-}9!_BYYzVyn&p-nUQ^JK<>*I6ZkCR+=h8MiJ9Qb4stEGc0-q{b42ql{JQEnAj~* zzDA>~WhNux`n}-1jpT;Yin!ubg&KUQIoeFo6)I_QJ4f2z^GaK!OEP7wNatLM*ZX7F zr?b8UMz*!A*LmrRRT(*CwSb{*e(%XRaWY~w9l!#*Otygq`i zWxa`POB6;fOe0#LYE)^M<2sTTYNYfQ5>wr!ePER61|8b94Hm)2Ovog>38aqx7#H~! zi<1p~z#39MqK?xrCc3HJgvL=Ak~qZQF>M5uWl$#1@oo~9k{d^nNfx^BRCDSDib<_s zx$^)d`u%EmgaV@m&{>vAlq}@EqjAd%F;|g^mn6|^!n%UHe26584 zRQMrsVo@G8+db6FQNZBw7h0)yB};Y|-&HG?J}W&DeOTOnN8u(u(DG2;2|SEg=XFa* zH!z@B{uaRkn;Y`2u*EmWF3HSV-F=wA1grZw&}dOz#DqT-1{78YuE%L0gCgDiRm)u=Gd`$0QeoU z{)Fs3oz5NNQWFZAw5z&coxTD06y=ovit~w0nsyFM$BBYrj>4>XTzi5L?=loeo(dNN z!aV&QYWQm}xOIA;IrR{0pz-0S5#=_={x-|X~xbRThP$ zX3bXZ4u(>xkJEAN5c^2Og5Ly|5?pUwz-bC<1kRL)F3lIe6XsJXd(?8 zzv)G+0k6cVZzQvy0W#?G*@m2gTKh^AOCR0Tl78^nwDpyMc~SAZT9PyU)J#P!*S~7C`jTGIQ;+apCUO0 z-CSn+$DT_aw;y-(b^-q*^c<22<_|3Pp4Sb>7*4cIz!QWJu9+c4*xu)^pYru} zx2M0Sx5GJq22TwRPJTLeyWbxhQBWMK`f=jk@%&COyJ*n%BW@0LVSyGycv(bsclZkA zP;nE;)RiLx2Hp{{gSfNL>@~C?2@eX522bP|;m2VRB#CJv5vw|g0SL*!oQl8 z?z;Hf>UVDb?9B@IzI@)MSCP-Nkl2A<>d-j_2bH0Lk!2U%aIf^1o3 zevuH@G|Ydj+@RAftxSoAf7+iBzrz#&!Te7W=qJ9mOtC&|H0Y;3J3v+JUw)Z9g?WU#i&Zy+gFN?~9w5zk~@(#6pt-2~parv<9kthJ?ZK z2PA7I;`!@@u04j6dC9C;N{AL|m`QlW76dFn88LgLS3v7-oXqlKxxCU^cEByWd)1=l z;CD2@yxyJP%Yf9Lfk>u%zro>6)9`_0r!vmZ6JVsN67wGZaU)-4()5z*6pcBA$JV{%Y>k~$ES(o<&VSHCnDH_SXU`nt{; zSAxBS8))4OnaH-rOc+Qi%KKbi3r5*@5)J-Ba)Ug7EHd~?W8{EPIHTz#P)?7{7GXhZ z5_v&YeIYb?A6G%`r?WDAK(14XRIJni?GHIy&)S|%>19SvAQHPu@OcLaZBByTVl~5u z77oD}t75OtA_ERwwKm+KG8tbCI1nZ?sj}O;Hqp_ac_mJT#tl{27CD-x<;vYlBfWjCv*kB;kmXAEjABun?)BEc`b@4e;Q`33f zGoRaKDG11{Cn)1TFTn|&5t2~D_<*dztu^T61HUa|>&}3spv4B|l)ilxP;F+uf)~|><{YSji z2C%4j=Y|;vH5i-d;u-=(h7EnLD|k7COrPOJM~7?4kj5&UburcoOedO2GkQ61HR=*J z(eamhc$vfvM@B|swe9?%MN+nEpFV^ zSt^)$?Y{y5ns9RH8pif7Ih;z99d;l$*`!8P+t|>X(p7rAabKYx_ARhlAEPD6 zZ2?p8E#s=H1FxQ(g&l64Bdw-76lI{`7Of&4bK`Oy^IoR0NAGOfcd<8L>BD@uZj0@k z_1F-~2M3)Ft-oit>baj6WFf(bNxxyF@y{TN0Q)iIF#X9ICYpe&``I(V8ij3RODaA( zvCFCS^uo)+zX6&db<6%~Rb>4~lKIckf4~0k3c7!h%=g9+{)1$WLu!wA8r!%UDZ7-c zm$6_xO(AJM-gM@JFJ7^Ke?Ct%=|db8P8=6Z(}CZ0b^29Q++N(fRUX_)hn7u>=KVV1 zF)il%)3oStfh5wElm+>bQ%PraUh_nOpTd>gx%WR9@J81ue<*!?|6Rm`-*{Iu4qsMo z@ilNAa9>gtqNHyv5}4R33}~ z<#Em9ZFgl0sHf#W*%2Jxt*e*MBdT=5_ZY4nZdW0Kcwk?j^3HqMX@k4uhas#LLBd!-*zP+U}|wTPNzP4hXFtZF*HH`v8|O&_+5b39S)hlsoL`kK{KDs=0w|*b#)(4 zweIb7W_I{)^t;U=TkozbYwk&c0Qfdym`;7rwot5!x_P2s!t$nYb)i@oX-_l zoTCqMXb!nrHDkR^OcScIv+&RUB7Q1_$4KBY9z1>o8)cEaB)J~F(lhNceF%9Qc6I42 z-KfYnEy?92ulQ)H?E<)`S9=G$Gw#F)-^+Yh`r7^pqXY4fzU`whuq3!dKYR8vOAe@a zbl{#$)*`?L27^L?)7q?sQ|J->0kEMB;}LM)#o_ zke>7SrqAHz*3pT=#eKpG9`i$uY^1D(cY^NkfC^xtn^#t1gLCvH$0puMd=Xm$WHAAd z&+`qY7YcaGDrl?9)kKRN+Hb#onBPC1&cAiAb7u2w!9Z32){kaUwP!n#ufYVfS58P< zkxO7@Zxw)#J;Nq@Ce3BWFye$WVN!JQJV%NG+-xB0BeoWW_VED%8u95d3#6{ez6bS* z%D-o4kOH@4_I`yictaMGP=Q=x5h*LD>uXKqN*^38x0T;~+9m-qi^Mu8;0{T+dyF z6Q5J>HP0-~rWjz{kzyo0#Q^{wOxdm~&jEwS=ysZSh9}L_g0*729a2I;=ZY7}O65$F z`}c@7?vGHq$!9sL*p3Vw>Asix!vDdc z7@HfB??BI8nLEuzWt<;NxP5Eb@Ck^UA4@+Mj1*_@A9VdR)`0f=bCX@cb#-@jbaeal zX2;&z)t>2vtK;p79W7&{sVI$OWe%q=4GZ34fG`i!-vXmJ@XPTETq5?sCQsipc6a&n zX?geMEW7`<#CJT+?9@ix9o*cCKgW0bUn7J}w%rcy!)Nyn2w;vshtkDZ;9glA%2h(ANSzWq+K`v({<(3N2s`3h?hZsyvStNotsxK~1$Q|F0p*5x9xqHCX*|;YQHWwS z`_HH5J<2r;4cq#cVM$%)fFsr>muDL0$vQ)QEOmLqD(a+iap(FUhXO}4E+AV(6I*ts zPXA*`6LVQ6C{--vapnvw>i{&x$dY$)*Yv_A-MW56^~PGX>EwD-ToUz^!EnPHY?}N7 zb>}??s%p}!PnxkU3!y28>pN0y^y#H^ozcF=Hfa+>p7FV}LcJ$r$555>Kml(JZn1Y- zh|3_ei=)j=0C?i^O5p zSL_qt7Z*WQ8=j^s)J?a!WYW z&5zA2iYVvE>MH#u&LQo-dLyK5ZMy~pq$!;u3pWuPeKIWHLhC#g^4r%rLiceC-qiYG z&`!xNq~heUG=IJlK*cU#(=Uc-K@G!WQ3wUpE-_UGK#*IS#+R-$86c-(<=O;cXG-<> zT>=0DF|1%q18VU=0gdDP5F_Lk0nu_9Iadht>w%;-#c6kn$0DC;X(WC&^KOsOzOdAv zVgWZ(2XK?R@}w#ZDo0Dl{thyb9s2`nz1^Io-!X?HFE&Q>poM$-BR3`hz~59`0qnJr zYkuUgWWg~|UqRmkfD4t8Fg=8{hx=ZWaAc~Xc613Lm8XCf^s~xZa1BpA@kn15OS9no z{BM+fbBr!szh&Fqr)}FdPTRI^+qP}n-KTB$Y1_7KbNan^Zstzzm&`Xw{a1M^zk0H> zYh~?)#xy#DO1hDDBs?6~j43LKGeMG|K%_t9r~XtD<2!IuEiem{Q-9}`ht)SA3wP}K z5Fo|&)lSkbpppBNR*0>ZT|ypdK-xc2`+=UFceU?eB|8!p1d_C;?i&o zr`7N3g7>T<7zU&7XTK~%7VO{!M(N;;Qsr&*CE#YutBC2lGbc15pA=ZC7knniW|mwA zahhwOax#k-rf7?Qne4`znG7ZFqj8-zYpv}SFWpq;jFM%&t>f`3_neKv=Ag-Uv8byI zE}lcToKt=mjn+LY{Wjj%AyX*p$^0Q3T~9Z`OnM~~z+iSK>1`tSrr=R;QRhI;_UFv7m&AI68V2(V`h4We<9~#WMloe`;@9R ze;A|Ie~LACMa!T#6RILV#Y{%1JJQDiO=OJ|X;Oi6FqQ-K>%?82mUB}`u(n&#rv=AA z4r(+vt5vqaH0k~+*8Dy7=j(pdg&Mp~U}foIH36MNKy9vA4BoQ2w)+XY^!xZib^Hj1 z!QijwX^ZRmpbf?YxDsbq=A%~&RKb93zjG1lk914bR~JDok|x2B6V8FW;i$5*#@E0S zu;4(zkx9F)9=!#@G-7BjL+A4u3hTFhyzU8JgJ^VPL{vXOGYesA3$5e>izuSk<_ka#oWr7dg0>)3z&svJ6 zSL8xy$NvXJa-bYqjn=`s;;`c3kS6ei#JyUR1_7==N=u^4s931~S}3Jl_OI`I(DMX_ z2JgA)9VWSspSMMy0e>)%9*j6Ur`vRkj#7aDs6m=ZWcM@0)n!g@@@(LuSwqwV)8{1( zq`@G-*)OXhkNsn?c6?y|DT2)RV0s%raWqq^tK8qdHUV|^=H??v>Lu_PzLJ05tF>#3_9Ok?>}YT zU}L1yi20o+C^c>W*vJF$r=OT4{{+@6LxmCz^K_x~kMfgk;qKSQL!t$0CI}PV?@eUl zHa0_Zm^C&df~RubeFB!x)ZxHqIQmoZn#E{4nMsNBL$qXaxcsF*f{=xhKj&f>CjjLe zW6C-x7Q(u05l~*eE~h^bc$-|(Ec%8w&Oh^lyOK?x4UMRbdIPzzedKBAnizO)HeGrr z{m_2(Ezg}e?~n$y#Ukbc9rTnxa&JP8S+za?T(*{7owg5~e_F>a#J)aHl3Y@x)kh)@ zu1sc>M^uQ&m$?pA2=CbdEiLo`2QM z+$T0*C5>iGYLd|wxuvz+A0FY3=g&2F>x2b3m2Vq!`AX_ay8(coWNfg z@GCTIPd#FiKx4^&`bVt#rm^4d*`iLlVG4?NYN(=;Tx)ndL|ofo3R9WJNapE8!0g!h z5q5BsXZ)ohtuP6^{=#G`x7JGFUmd7#=kX^2OYo)Tba6%i)7sz5d!gJC&xNw4P)!$hV*^t+Xy_=^wG;~q$2oDXY(8fai7gPh&y!J z^32Z?Ta6z!KY8x@mtJQ(Wc=PpW$no%geU?BtCyhrkfqf38-VQo^!8St5oY=_Ci7oNCdJYB&s9@dLD?_9c)*O^UH$KB z2|Cl0YMM$|j}C0YM2@3c>6Xl`pXB;3hE##1mu?FtW3VGAw^*e|mrpy_XD8ln+^L~o z&s(LtFZc6CP8ych7}Zpl4j@Ffpm~Hjw4CQ5`c9^~ z->_tbs8IimIP{+*RvB97VTH(JKn!|culYH|#`L@R$*L@_Sh+p3|8z^(c4f|5IeDuf z&t*)4WoyI5k7B{gC}GK*|D<-$VvvO;xW-^ApKm4mO(K-5LP@w{eq?fU=h){rnKbfS zrV1J%f`dr455{cLM=e1JZv3`qSqGA*Sa%a0LP+$Rf*=;ISJ}nba-08gnZ;;YO>Xbb z$%JQiHa5WY*eYMHv1R}MysX4Cb;MHFCx(zh@d7TVsQN(o<7%IxA0nR?^fh--5UEgn zz-JGVinJwt;rVW}zor;gK^tFknd~9F6jLLW5L7wII1*|F7O96M1g*R(Uz`usmRkd8 zw6w0kLjL27+x<~KY@L^E9;QFpqz@d*{K)2S5v^J*1Apt%1qf!BUhp-kIDRq%1Z~d3 zHixh`*w`x8c3w>BLp%U<=kwyD?<-yVd^Br-j&o3vJRBGE022P4~^pt6JH5?vbbT>b^* zOwNX#h|H*3NqkJDJGV~j{3A1i5{5RWJf7;!Q!OS`LwRZ49kVACX^bWkzMn4f2RWGS zCnL}C*_hP|>xJ-_%~{1H<_&GlBzGBdG2u4*2iwR=3cm6w-yLDeDLkt{<|4_-U(b3R zdh=Bi*)hM~wPt=IXE5=YM!GdMxT?43zEw}Eg47lj0o$e~0r2Mj0AN7>amnJP5{c5k z2q=0ZNyVUsOqe%_$s4tEMdg|%pfAf-e6{*uhh*4(bMIJ8UI|Nlp99oPn@bNOK*NPy zbq<&mbS4)T)hg>Z^;h#Hxl3L3?2OhVC$`>?@D$^~yc#f#Sn@pw0!+}0@+^W3 zHI=_^NQ`?S7kOZs43b^q3MnLMmrOyl_fSKr`7CqW7Ii;nxI8`xg8G6FK#w8AO4s|qn~AM^f|7xT7$yiSY{sZ1aMPWU)eFX*InzgFbIzkiBmkZ?uuMP#P^4Q%kR6)j=y-NuGV%r9k!1wp~J@owYwg#UOG zT-JMYv}0-(eQM?&HaGT*)IN7u+2OkZs=(6Yu zp+%#20Dwqb$doKX5@H$3daiDktY`{gW7I1@BhkI4n?$xpnG_16n8P*9`g23EpCsMI z*HXJ?)u>{L>Cba{t4BIuV)jRWYC}O44xDamFRHBZcf4M>uDw|48>I7Aw=mA_`l0#~ zCw?Ntj^!!iLh-|e;)hl$ptdSG3T}bP*FGjny!L;*#zcI6xqHg1ThfJ9e0_aS_x5u9 zD}2oQ-!qo~x7?kPj3q~^NAJ}aX4v+B)k1tvjjqSt~Ob4^U|%rb z37vX6h6V6q5x7k>c z&;a{TR@TxrU+%$8Pe0jQw2Pvgs2wKM3HYJsecZ6*Jx_4BFn@VrAll#zCly9CVEMTN zr&(bsg#TQcV1D5l{BXy$R!0GBn$@tbjzOUF@OA1WOFmc60oKH2n#k>U{mRj5SW3?7x^)ASkzx;|BnqEuui)Q8ThzTIZzP@2k+;{G zUtghPr~}UM!akPV7u-pd!2tbs)hv8syF(ceLj5Z6gi4r z%RVOhe6-T-;&`DmYDJt^_f$pqY=hqvw)}oO4%=L%R8{~2ah^b&#zjX%^+^D}Bq)y7 zW|4PMyeb$IAg-Hv-IHa6YBEhdd+;WB7$BkTf6;;oxQjC-srPuhsn92FaZVfyZcppI zkXs@#_vXf#ES+X!+dpkwWmO`rI;mQM6ey#PO~Wr*B7t*QLzwa$fgrMv_X`HUSmT5j z_Zw=AjQk;yIa7k1f>tgL3T}<=*wcShk00*b>C?D)$Mf&AsdUFYOX}km_(gimQ%3To zs}yLRUh?4lLThMrXGPA+(+N|JXIpOPESNAD$ICsi5W}?+r+<>s*r=)q2w0K1W7_%t z%-9=Xu!SgjZGvd>z|ckC(e)Tgq51bjJMecFiO&Lwr^$lWEcZPrdzN2#zepj+ld;8? z^lWa&nkIH+zCK(%>3_X&dwS&bJ@yQP>i)g#G4!{zs!HLrOKIN7{aWYtSYJ+0TOY|! z59eLr<3DLcuos)vfx6R#50;Lz4vU**Pq*26YXSq-I;e*M0TaJ-7DGWapmC(dr~z0@ ztnztk9@p3>nA+r4`zt1?7j819*K0>^3a;H`oq^sGL0Q^xqk{gJ3^(l-z5ZT`2 zGk&BT-JI3$<=}9Z(_|{`k_YT~%qI_70p-us&}$Wv56qM{Xn)F8lU-||7Yf)KlpL4> zeE*k7YVNqSba>S2<20abLwT^GJ z!9h^P*j-j_*M!6|QdX|NXc>x%z?LUjEDN78;KlzW`fVi*R#u?Zz$Qi~`y{l_%6N}u=qD<($3 zMXuXMwvz>GlQ){o^;gTi?EdP@Q2|I%VT`ivqxbJ7Chl0+NVlKYqJnIy_A<2v3@x$* zW)+<%skX%UkjBlWRU6@?(r{M)nP$h2?`ImWNeDr%XhtJ0(1ikft>HnpG*WZN1-|#B#syNF-)A!E8sXl}*i^$R=nzsbi+zG^CO3o! zzoctdYd)iUqC3e~tV1PzuWeJ+dq69E$a8<0tBRnk7XK07h`0@KUV@c%C5S8>k2v4w zgo=C@n5A4C^A89N4NsU+0KDOaI+G1fJuXgd5|>3y71Gbg%zv!+0F$rYvCyJM~HCQ zM58As!@`|lR6Dqi#$}yeV!{EYIX-dZ^|XP;QC1>+L$TxBH7Y%1`h15_%IM2Vq6-e_ zM6uo${o}CI0Xj}DiOO_mj3Zma%=>wpp|gtQQ^v5$M(?&lv=Y@K^0q9l*M#CCf~y781QM>tz50tRPd41 zq|<{hN{p~HW3#R#yx>;{#0`2`x|Q#cYR7@&HQt_D_x$9`fu^kYh}wF7i#FV%UV^T} z-w0bJCW%}&b?e`~sY!vP%&TB>u2y@|t8$Ub(Vv2Mu}aZzgZ7u%N%Lso@e9gpORCGJ zYj3)VyS>!Y*#`!wakC+Bq`%jDXtygN((siyhJM&xthwD1l;Xcpqa|8N?hgfq#LbDxbLrvO3SZ{!k2pcm_Vo%iclbR z*q~K{n{Nd#CQI11VsjSkgnc+2FYqwCrWqPTt$Fv#4>|7pN`xA^(^s0;^ zeUSrn?v|ap@{l9Zf9@k-X`YSdajHqltI|=s&T(}>9*~1YnR%Z|V|BsZ36%%{D9OZ# z$zNnELlE93zH$*YGeNt~&wUA$<6c8Tpw7G6L_9uz22F&_J#36iq(^MiGd^n_Vx^e_8^Qy+G|NI)_h_6FRP{-`oWMf&(|{()F>ZAhS9Dtg|E%Mn z9qqB_j4SNiv*J%YSQW(Z^9ZWELc=6F7ZEcPMAd7F_SD>OS%^hhe+_{{loPy9nCW&G z7=JKaDOZ%$d#4dlq@~Yl^_CdQsG%KYTfMG$6i_!2KB|7O*Rck2z43zpZZH9*W zJWWvm4F$}mG|h=Rp)(qW>YV~T{1ds&*wS#LuE4ZB!~~XBVHQqx^aS6WEGS2xK!COq zuc~N^!bVAIfreSRpe6MqbT8lV1F>A!-(Rf%D%4-HydBR+%)|#Nqg`pvBiIFVS&bf7 zVh~)|v9tg;IYlN}wbCVHA2ZTPBVs$gScb~;I7G!l$5xB$-k&mEZ{;k7tFX0QSZ&L- zXd%5ewr+7ssxvaeF_?QMLgeg?nj3UviOM2XxHFjrOUxdtwbIJC3#bP*$|S<=h6Ji3 zxO959CVB*iU!xb1n>GrY`iG31r4fcBAkkA-CAtDdy$c_t)l2?Es)6Vmr-hfzQA zd6Q+4%<|g^4Xz8xjp*6IWnPc;@u!-d!s6lFK9PPt!)4C|1!g6qY)`eW#dwhG5hObO zv&tQ~*rR0x$jHGNyitJIl70lZsL9P#45UB`H_c=1o!CFT7rkq@ISzV&`nQ1_{(w2` z1R1pD(@-4T0Ehdq7^uOtZrX{o!K1#QNL;P^Pck8~cqb?~un-at*oRPpWS86Bfx+{~ za*Jcj``u*bcxL3L>vc%x!+u1kk)JMX8R^Xt`RrK+Isr-#?0 zVC?%S>oNNSr$+8#qb@22Xaikr;{va%u9v<4cWi930we-cH|RK~;DFT%yp`|g`84k| zo2umi`VsR4%d)V;wj%=$AefQ+2_RiVHm!jQB*nHcby5J)en{B%*TOb+swywhmV8OK zgRS7{J>sy~Jb5{_aST8KM|5eVYEadi%jOCJ0`c2hl4Re}!{IXY3Jw(vzu&to_=ToA3Wy zwh()N$0hY#Y{OKt?PxPHj@Zl5!hw}A(l$MsR>4Ib#E*Q2y}d_ z_XbbC1wL;W*7>W$7o9%Z_g5M!9&8%LAs-jNAxQtcf9A@K9EnR3M+~ zQwdWxyZ~Vnb?bCbELrwe7$d2f zZK#imKMWi-MObQJVS5dcXm@Nv^f1DRZuTW4fg1i|J2azyC?1WFlDXj%i88=xq#fL} z%w;n36iljtfchx&68<2edMIK-=90B-Ddzf@EN9%*%4Va$^==gQeWA3a(5P{Id_03y zl$I2hcvLft#+!(i#s2T*4}*;8-qR(GGw==3V@3@*v`bcb$(H)i3?&_E@trf0ng)yZ zm@vIG=_N|X5+btzu<=B3`lF>%K)t9bP@snhvmJWk0@ds6_88;=NOWDalGuc4b$S6b z#&v)I+*z!UP;vm{#TY=Hb3M?Zd^*!Z?1jQCUnhQk15V}7_?#3q=sLuZYX<&L&w#x&2>#sFBRK;R;G z%oP8m;b0{Tl>>oEfK7)n0kjuVc1AT%zl$E|rJi|KeE4+4`ee`GsVK3)Hi=(eY2g4Z zrw`+*h%>fv%5*&Vwu=3fb>XnTx zV`^UEBgYg`Z5OM%I_Qqcad`pX!)`gGi?!PNRyQf$4 zR&I7$I3#apN3gO{s4C`IP5ESZ)V{;)KBS8;0Wn_nP_7o7Taaz{c~aufNhb}Bi&*&8 zGFK|4FBaE5HCuY0Of$|Zr5_jDpTp}g7GP{bn2A^fGiTew+AxYSs*P=E=KIXFHGE_QnCWxu6%(LP?pE^4PJw=HkLIQV3k9a$zUpPiymZ>1-a|cf= zl9mFUx`Q|V5h@>ZuP_P(sUCKi5>VigO^2C6ja>=~T4b};MEadCWizLU&vOa~u0W}` za41zwrYYyEYDvd)i_)T8%-i-v?Y?L)?a8>L5$RB}$0XJy{xE3pAiDp%7|lL=RF9Iw*7Gl|T5~(D#$bfJX61!CK3&#V{kOchtWw ztvDH<_;I04Qcjcl+|spA7e%o~A+-T2DGTAH!;MBM*M=|XvMvJ-A3$2R7;t% zS@l_K49Ts-IJh*u%)Wsl?oc@RGV6UkvZev9Rb!UPtF*JJcdoOg^KrLh@S1~xM0g>W+Y9=>z{?jio zHfu%e+`sMAKnE_G>i+#o#f3m3}O$;thu()fK`0_2ftXr z@P)k5A*b?&kmXq)m_r_csC>D_UV``k*%7V4T`Ap339?S$|F`!%h$q~RDgwqzl%8a9NE36 zPc88vJp@3aJ#+)MYFtZ#sjZ;(3w991184~18Yxi0pj1veOprcBe@eQt^i9%kek$4A zy2cX4t`*JA|2{JMhR;z?>^W;lUA6IF=jH%9LNdaor3BNA&D<3~e}eNF>1qOy z&&ln%9FePD^me8V)8m4|uYaC8pQvHpaiF1`4N6`{2;Ed{)&^zGA=b*r-Be?0IBA%p zR9jE!Wp;yyP&P8=0E4(;?RCCn&?S5V4J_{GCG&w)Cf7z}*-??jEev;D;kO?@%X@A} zec87=cMXoBNoDAtH=!qHG7ce`I*FWb`WdBC+!daZKcjQsv#Y45eJHMZPm;{sRdkF{-bgntcSZ|35Ej^AtQ>U^Uj_nCHTZ*AWS6p` ziDg$Bofk7ufgucBFBG!rB{HGb`?JQGxZv9LsZudf*#R?<^V1;JpHGc2`8wKra^L*9 zxUXlIkg+_R`Q(ae;V0%HOb^dO@(=3K8-34*91sAdivdELMK7n) zyEU1tBV2d{l$M7QsM7)Y$%GvYlQtNT2sDGr(rZQK7qbJ%6TdS8rQJ4VcYd94(hGGsy;u)kg^B zHbDL?5q3ItvM2>cn@l;K_Xi0n_E(8jlT?P7bZQuWdIqfHK{`02j9y6E6`jjh?;O+L zwHzQB#6Bwm^t1idTcHPcDqG%g=YabJ5lVZjd|7_!HMgAGBo;ndL+UVX`#pqaN~@;1 z_FD^t=gO7fS(CI{)F`3S%{s_ozDP1V(=T#lX_5Mvh8d~eFoL(^q~UP9?+>c8q!Oxj z>Nc^R^C?5hh5f<C^X4KGxILWptr8?ZX8LH4+5nF^~K)6DH zs`Mtv#lpab*_~^^VE%xUAtUVlG<#+p7#m&$X8*R9upRvHSaGsR#sNgYj9tf zFvmna)HBIXMJ^nIF*^bCl?M$usWlr#0kL^oi_a~?wKWoUD5U&L!~<}KBYOksubgP< zlff9+XHO@YM6e{K9rBpCX#r|AJ(>*$)aD%F79Vt|>(ua0q9B^$%!StKQn+5M1}P-F z&o6eKwpTYE54Iv54|^A97e{Un*F+s1?HHHIv&ZlFnoE6%Ft9YB!071_1JtCU#BXZE=vL-27PJX(NY zF^GQt82G>f3`mVrR(7~RU0&eSF^O&sCC1+9h}Wv6$%oPN>few2y3`S~Ld zAH~I?Mg^46Ujf@wQYO{;N-g7O&g+R{oKY65)s5nmrk_*GfUOAU^I4Zq2EoD4+&R_+ zyGu@~#0H(}4u62#->}X2yX{M$G;3;s%`~0U%w)9WiSbM=_LWLpT&~@kvrrbj3~Ef%MMi`0 zTV&gNr8f~-Zv^R=gz*CNI70VNNHxh>VuoEE+2g6&vRe18?zHB$hEFGs=KH%Z4=tK| z>BJ6;h(f`ykXdx(bEWI9TFyNsAhN-@4lE@;>qK2q1K56N+R2sM8MVohl=Sl*JU62; zEtdu_eWebU#{i!>j4R&UU}5luwEnA|^8ad?{x6Wm%KC2y{w=CW+OCVhcb}`?D8>0T zt&-uvde~(Qi2477IZN(>07+L{HzSwd%`Q;9ZF9Zj4;GUT%4p*AKoB=IG&C^XPkME% zbUfC&*10unaJ!Eh(20nnGuk@u3!@L}p9n(=6Wpp`U609{-RM6C4ugnh(WjMuf7Y!z z1;eB;M|>VDFIgL}mRRc~OSs({G`(2!^Pzeg&0q|Zmu!qTM^^q?S?^u>g)2fG-W99i zaBklhw__3A@7eNV?q8k#BYDtSENtP-sN*Dtcs6kqA~y&FkqlsXa+PkMI@7~=f9`13 z*sfqxALF#H^w_j0d|%AzgegbMC+-)b7~V=iK!&z?Xny8ui)ZU&1gVzRbXB+9nuHR0 z&ugp8NX9$UJdYcX40d()np(h2h-!vfl7sVU?9kd=MJI2V&~!HZJ`Kf$i1OYnvR?a! zoWk!1zwcO!*#d!iSGNA$$OG8dU0)8#hkVL?0!x3+o9L3D9A7LPpW1RnM6=lFS=mX& zl#Mqe_AX_L3Jvl!P3kG;+Cexy*A-BmaFwy-b!fbGWFGIU0KG=hhSLE@eidy;&1sjk zDj}~Vak5_g}y3_P1;9OhERFDgvzNn(nO+C@$=mT25$SkgznoC#R1eg_=-rK z;Z#SLt<_{~pZmtdIkqdGMH(1cm)gH`h)6X&Y@nB z`Se?%dHbbJ5q{SnPM+vAA-Qj3<<)+ZiO^H@tpp)#hLm1t5E+Q^^+w4UdAvl*^o>=O zY>icEo$)HrXKcA}0yH+bcjq+W=_VJ(@#I`4&G{^J{6ucJ!NrdhJ>+oW#;RDwAW$rO zO`G(~ah}E#Y_wdmStPLPdPULesV-&iFyy@p;+;zfg4N@2wg6I{tP z08@L(_QkVd36d-@H{uOyH~8I{{`g`LV8XptSz8FA1~qXJ1;~CQzh2x;p0cL^?zsc+ z853+*KXXi?BgRk1OMCo)OYLeL)DH=qU_>ko)sYnJ#Fq?S!&< zs1@PQCMOyhrJQo7*?&FPF#A3!z`m^Rt5FsKgLVt%VsO7sEm2^kwc!jGAL$q^C*QSs z`;Gu6>|Rq@K;CZcafisbCpZ(L*C>y%%g0#r{0ymrMHL7TZ+9*av87t^!-V3o?xt^l z_rv7+9T&Pm&?{durKM&Jhh6+#=6jk{$9Q7^{<1`q@Pskaj)x=D!pu;l6gx@sBdJR9 z+SjO<+XzR9khRV-`7ySI`m23t^iFZ?ur`*cJ4^V=6gFFtdv-gVj4M4G@! zk+rSj&B}M?$^{Uqlrmq#N?~J&#(O9Lkn~JI55U66AM=rqXKi8=3p)g&q3gq%uPt}! zRHfNMdXFt8^2lax4_%%eIIC5xFb&YHf0yubTRGomH3*I09Eq&vo-fUE&Vc#EldJSW z1fc-C-7uotEoFRpv+h(Gn3H$+)T%R5lnL&k(|DjwYF$Q1Q!isTy_W_0(#vc4SdZZgI@xZVs!YC9QG?I-gmw1c*#oy#54zqrO&* z7JD%)3~(r@|art!w% z7d=uUdVa!OUjjMp7E$`4Z0mz*opzp`i~gG93DuQbiAvQkLg`Ek#6cxA0@tIrtDh z6A2XD*uv`c8&SS7NBpA=fo%2G1y)uy~&d1Ki+xKPxLB5(t(1J|)&Q+@vg|;b zT3pH1j^OhDxYmZ{zGkI*G~XS5{Oj3SBoCRVllmKd9oYb~8V1ai6y#HR8-V=7vYltPM3?B?Sv&4iyAjEn5B)*#7^%AXSfL(+N|$^bPc=_>%@4+|~x zgcFgL2M{I-bqecS1CYRZC*h?%iHBfcBIi|g+ifL`>C{F3tu8^AxO;fXvI1H>qQp_M z)qkh}PR2tL;08}!kDor&rHnXV(8{i!tHX&I%twe}gcim$q0o~IxE!~?&KhZ03Bml1@vVUltK7%+i#?+mT zy6D&M57tZ{PxPs7pHGcMW&s4Lyo~u@C)KsTj3QQT(7efOxG($)X{~p_%ejC+`a)=} zgYva8RSs6SMh({XpX^g@qGxyJ76kiALKDjRil>n@ujkzBP*OvnWH^JKitVbsCF?Dp zkbnbFQINU_4<&5S>A0u_i@OuTj@NO(^ zcG^p6B&EZ!QGf}isgm3^UUFmlB|UZxnPb87mTB9)A3BG|x-Xp^D)-{}9-k8dT@$+I zEO-2=)6_(e2*y}&4{G2wJQ-r72FGI|41k|zOfT>5eCNdG&dr+#Gb+S&el_oV1}~~) zI|l1fiuF-t5+MT@Dw_?Xs@_)oF&;bFgS(pP!&!O{e99v7!Wl5^W8Iru6YM{JypIr@&$W@|tL2D$iEN8r7?vRXmrXbJBV`n^R{C5Qr(q*m^7n6*B>Udda6f(~; zI*n4xc_U%85eNjThRIyGxWW^@C&)x~!yP9hRb0;FqfFVUnxAi+eR3&AXW`Uc}mZ5H1zlECW|;l!2vO zlB957wimfx_3mybZr8ieH@11$-fdbwnf?nkG`fu%v05aty2d@|{&Q{{=Zzg!XG3FO z`4_m!*4UY*;)BJ7uVN4d%|; z_QBHB+>^xe=;^r4ooh^4vkG>913tv8=0)z;q9eCB2C$np1Wg2UNs&gv%IFmt1{@a{ zX7iEJ^}hYCk?hu*D`Z*Q;1b$N~)2OtBVD`q>a6m1UO1On}x6066vr6OC!>XoFs zGiYkQS_$dVJP-UZLdc6YG_U{oyyJLcx&4#z6De@*$>MlypG%NSg`s)9d#0-eI4G3H=_-e-{@PdLL0PR~th958vYWds?(*FXbNqObpx0pyeTnzJKKLSd92N%H9amLZLjF@NMGFYBHUer;xW0uxOQ@*VMG=D0{f2sB{nHVkJiULCF)qHVc;a~Qlsh4oD*c(gu?7Vd&@X>kpADwhd7p%ep0q4-6ec%-fF=7w-8;PBy8(eo9{#4S z|FodnmoD93X8_5J@c@hfl1ietBMY?JVJ>h83ue?siH694plT;|(Tb+pJq|#vhi$6n zB5Z+LBhu2|qigYJmrv5mv(uAJRQ3LwR(@KWbz-CvM33My1^616?%r-E2Tp3Jvs@`P zN4OBde9!>@f%1Tmn>=W#?lg7;I6zVvIhEK`oU8?GTve|N>)e!l>UcZnPXiL+=Cq&) zE)=*)Dpc%ehcBbY6#NheH53wjXJy)aK}u`zd1;<|NsXX{m+Vf334#>sUBy-zQ3kc( zP_niO^IllWsI3}K_kl=+!g<7>WpjaERN!|RtMD$yJ93C;$Vh42p5lS;IXBIsiORVA zS7R^{jY}!Zj*>aC(%r+|!r~SY&4YS0mNF-%_kvh=_&s`qc@R+CCEhUAO}IZau!waR z%fw&5-}wWxCUH+RyOPZTmh&*Wus^PhUkXK|&9kwnn%X%_OI?D=zH@d%!?X|#g+iB6 z2%V|)HqC+kVK19HY0c=tCA)W5uC#CPBTF70H~5%i30AO_Itviho$7V&^{+XjxW25Y zfH45yM6D$UC^?>kcj7+TDfmkKrJ_U~G;HX2HHk=Ey*)XTWx#peVhY|HAEZ^;2c{-` znM1fP+BQx<=@ITX)v_=T&I(?u@MT7fVYV>Yz_iP~+=vTd8YY}>YN?6Pg{vTfV8ZQHh8)pc&)j(dK5(S151WBtjj*nyeel!M~tJQ@EXTOw+rLvzexM# z<9$;QQvt&?lwfJPV1pghCgLzZ>)vQth0`E|d<5h}BUW?D(Ax7Td%|jh8k5NEG1KY6 z75cX5IR-)pJp(Ns z$0~Hz!IdiK`(--|m6jWWm9V@PxSKKe_`Z60a`j}-T&GlAoTZ#SdA;R4L}Ql9o^&b5 z6dc{{zE@9|572pcQuZ?(JUc}!2wAvFgAwd{_0ggPu*e9m&ZMrc!K!lUcAxf}2=HU1YK({`rT=yQ)?9d}mdXjW_PR&ZDG}6`(A|RSY$4qDqV1M)mz` ziGQFqxxYvJvv_a!w>i3Hqq7Yr!iPHW;%#hio}O;yFD093aW^ZDkPJ0^jbF!%-sllm zEG?H}9xYQ=hxSDevgTthLF>&Ry(~hA0Z1&9eZIRRm5hj8Cnbj~&6W%mkF&X_5xpM^ z2>?h?E62bu>}LR65vKI7P$)2h7`rk0+qaF&i+f)GC(^--O6gU`9>j7jce#T$`3buL z#tA(jIl8NTbeSq;A$f0)%#F5hcgKeZUr#peNzTpAbj~-(c-bXMr9SKS^m=^bZd%O{s z38xPW6#;1E-3DNoi%K1+ZsxMiAl zvPL@k$-14`XLb}D8qpoohYgN{)T*mlhTc=NR@K`R-Wj-OlZjAKw8rXXlul>uZD6)Y z^_L#Ql6#1Uq(rds&bR*?{O0U-R{lC^gk{4PHE}HY&HMdz4iJ=o<&kJ_w2-bA!6ZMX=Z^$_d^>)>S8Iz zAmcBwI{p&8z3>cpI(MzOENf~x)9J4|79qMbXT~t0;C6wX=sbq&h+7IeP0ApU^QOsb zkGqI;DUpo~iItSo{L^Z)S}VL1v{^{p z7o5Ait#m~h%s|0m08JQGpq?XfNmQ)o$S;^2sx}$nW$pr!h?m%31q%a2wx=jY?>sP9 z2TJ51#irYhav({7L0IeTvqABUA)u{q{)?fUzXy%M|KjnQCe@*;Pt)XXFI0L4*eYzf zGAeP;3SNgiMJ95ZbjScMk`l1S9oss%9lKxGC?(kW4*49GD%yH6(aqh=)L;KWs$@oFr%% zL2xN)tOdy~E74aOjqRp{EjNg&%?!DHa1|V(mcZy#JA8}H=qTDDZi&7Zjd$%AF?Q|f z2*ltT3~z|X0;=G-B#h8hRWuYz_c4+mNQ|0+KLOOxY!Z4hV2x!e4AdD6o1C6HRR^>T zmT&x8+2-qKPiMt1ZVhH_$e=O^yBW5zWNyeLISeDbI1EI;j|K;&PlD!^3ZCEWH(D&8 z-gHa7Oms1nK#tyV;@g?Md3{k)anTX61#cVD@%)j)r}yPh_i_AgnrWl!b_o3A@ba?7 z=d#lcaWyh@{ZY2vhF<1$OES4F!lY(aJieGTDgU<4eB*7J3CuaYBH=_=u@%D2KU8Kz>1RU1Ewfpl1NT~R}Od-7mFgzJPy>jaSAMBMOd zStt<_TikY9>WCC$hv9@n^ewoa>%I*~>3(Jvj4eOEsqs$>p4l?a{juyN?7r{C2p3w0 zG!Cu}EsK@8%v^1>zWIg-D9hoLyWU3rQ|cXI+2dj4qT^yhD&rO{mvWgSigPh8WL|E8 zd4^+3H&i)cIQ%B?d%BBXMuGor`^x9@#W&NPfQaT}78PW2DMQcK`>kaBJcBX0wn4a2 zG7Z`}UM+f3f-|CDWnA1{M;IoDg0HK){cnipcrspW=DLyG8Y4*g?03o$p>p0)N{e1Z zu?a#&PpIcmT*(n060!y^pE(gC1k%>t@3{{KK+~7Y$k^`EKm1y zo|$*Gg`sOL{p{*%o2udFlPL+Cnw`zXGZ#JAjV522gPAY3m7b1cHO0aP;WVRD2mc=K z3tRfIILP%2ww2DI&nQNW%3%z+09rxapnCL38l0e7h(?G`2v4c*O$rPsRTL-wJ6hE= z3CWYVZ56?hM0}`_yq>Q%&BNvNB57r%a-I`;230(8G{wRkN~<&&qm*9y#72=zMCuY+ z3w7XR&^*41Q3yuWf?{Ubu@6j#v~g+d09XJE;~`IwWu6JJn8@z&dV@-qs8YAxlm&`| zSSb>uBpk5LzSbfW(Bvt7!&(v|3&0G?0PM=Xa?%(k2|C?k16mwY++wWbOS4Z>Y&0x4 ztFYWO3TDzy=YT|-jVgx#B(U?5&A=0>+3ffr4w&3d6^JE=f%~d5Cf;2t|@-U>g{4=*&x^t!7D!nA%g)&8?k$VcVhG$ngaux;tXc+4@8ee$iC*{|xF;?H5 zH`Xs*2@8>?qf3ama$_gurI>FX9gz6SzxC9*9Qllb26oQ zT0kWY=IYGruPLc2I4`NwQ&%whh|hO~Q-<;f$1&qwvIf3&d%3l+ zhEn*f2vBgiNNYl4wV=d&5EM&pZGWj-d5&3iDP}nVmB~b94%Y=GT5TdmBWV?&r=d<% zKVo=xD26u$x3p@TW!0eq;xH^vs=TuQbyzCXC*f%UqOZFzfif)fy_j#9`6a&1;Sc_I zZdPuOZZFbDv>WOw@&#Nz;9=5uZrePy-h-OV2$t9&GALXj;1&EhoCo>Lrp`?Zb*_*h}!EY^H4jk?lF+pSs0tg z^>UxLYla*%_@K?Qef7Cixe!0}nHW~FJ5cZroFhodktZvfAk#7a4XPgR@j9A^IRiOC z8qoUy&I~%erDaNQYK%lba+oQn98#TMQ=-+*_Wv3nNi`3aXER72<%uFiiT^_CMJ1E1 z2D8-)75?uXqPuhN)1AP>v>#Z*6NXOn28c{oRgrZ15C6!d{jH*YAb#Ke7>9rA+Mr;v zM66nnLF!0#%c?gPcp6WF8C2plK9(pZ0uG|#IK+; z)6%>S7tjZTS+*z})a%L;!emMpHfSj30p}+|jI_(4nQC}>c^k=MaQnA8>Q=u43hz;B z+D`9sH6e-ilm~jCV1NUQ9l*Sqm2kBL#6dW@Fe=W>smsjD0L7q@%c0TkFX=0eR>;>J zwq%`D@N@8#WJx{CpqXedrmlVmOF(4Ey(mE_k~JH=ljL+=SNN_?5D4I(j-4qkr&tJH zDIBxYp3nsK<_U9hinZ>4d2vCWL0%zt14El&()Zj zoF2l0o-q5vQb&kpS+a?I>-Awiu?r>eNH_45T1`Qa%ajQ;kK=JyI3lul5AdQ{_qPiJ zawXsec*aLB-L^iAR4b3XR4cD*mE1H|oVaU`g82*g_6#)m=nKX8=r5SyA|Qw9F`(io zf7PZN0m4@SaZw0tJK=-qG|>K;wVZhjMuf2U`Np`-jU_s6Ir9X7y(k@ch5n&S2s8NU_f9+#Da#+Q6&h$^4l|*vM-- z5RgZRpx)!2@ul1+Mxr_CVNQ)&SU%}tr96<#!qwnRwrBS_bfh^La}_m>Mg_w;q>fp? zwEp|!&%ez`(u!AYW3l!FgxU`8^dGc31IK^Y>i@g?%0d6X?L-9s-$a!vH7&;k{{PCT zxFnuTz1pUWscX*ST(=a=!6^xZtV&}LhAjPh$u=Pr6fA?}rJLW}|{31>w19jEU50YX#7Umx^(!yd1{5&>ORE z2Psa9HVj+dJC6H=JC)!>F76q2L$ya}G899qe_|3!CLH$UwTIP)nq$yyD@M#F7zjN^ zO@fE?EL1;1L72{zk3y)(eYQ0D>d>HpVSpLEYJ5Hr7!b+a>t&(Qk)GOjBpT$-p#F(r za}+uiL#S^-e*FlxrpJm~1d^TzA=GN>6S>1GB&8YlHmXRgm=rT0!%z+|xKcVmYM6wQ z%0dol*C$vvTNDW!jajXn`sY4hN+Bc_m8{={g-8aLG3tESFYrHGwpr3*^L>&u+yZzK-+jmk2wQ`I*w z>Fl`c>XoEjuc&Q2S|77C(xA`6x7hf4H}yC_U8{=p&>z))N5dV+a|7gs5b7@O%pq(Y zU%}J8-zw+ohoT8z$%2|(*H6IUKoZo9wJ?5#;>nU)sX5JZ07(tX`xVfiLlMLH=+nuA zW=V3_I7`*#;pC!(OtozdHIwg7jwUeVcQCrgMy3mg5{495y(%BFfc$3 zFcI#3mKS0S1;yGC0aC1P6(RYiwWdzln7!1L*j}I9F?YLV#}#C;8ykZNXUT*T6ygkx zvPY&P($p3?zz{zj6E}5alzIzJ+wS!AbhPp2{349mUQ!k=TwNOo9ipE~LNgZ#(+7b9 ziY;+CMvR!d8o?*FlA~K6SzHx^2`TfJmh;>a%Q?zz^UvxX#Y(extTwN1UKWTqK_ya6 zKdQdrI{~DO|HChv@%R1u{|R;ce|!~;%>QG~ev_uP<9;*RcedVM3_WsVJoVW9S8|5| zlSM}cN-I-G!-fIQKIjfm@v2jX%lnR}vBdBVT zEo6&DtmvI8P4_Py$)|&;7LAK!BoRqsJag#y{DE%OJ!Hnmj^4rh%xgl`24`4jFfG2$ zrC5zm&!B)@G_j)Pe8}>OBZw#mL04G|A*gB_2GNzB2;-nHMo17W@BIM?ONqk`?q%-g zx2;JmDZ|7<0KPTCtRjKEx-uqpbpkd${w0NBv_}L-W*Ky3=V#@9MgirF%fkdY%U!}ho$?FILwTVB|n>bjX2PQUgafJ-3yRZ&B4f1pt!l7gJ z41i~~b2>GFtm4-*g7t40lv*W7oHWl3swk0*3{s^MF=6<(vH7p_gp**OX> z1afThAqweopHi#M9MMN*rKs~5(JE*Jg}47MF-rmCC~qyLG1pJZLI`9Hnoyr2=q@je zN^nI;{QB(;Da=S1zY13$YzYYr`DGGhLRyhFcfUJNAV6FOfKm{k^R!T^$B~nH4Cgs< z$d{6A2lRk<0-g+_s!qm;QH6KCj(*N{;mU>n6oV5Nr17A)us1za0fgg=xJnpCeLL&| zfoAATdYR3Dab1iH4|CF8d<4k@l;0wNW;~-GOZ~Necfp>3AGi%kCk4R@M+C7;ifI?wgE)G4yMsxnku8Pij0 zVHD(fctAFY(4(XVyv827>Kg>If~0)#CYl?nl3z$IenWft`5^3>CL$c~!=_O`|4PD< z&8veoGYuqDg;YI^5k*9@LyIvaq2KGL5=`DhoeVsjz1bEq%#?_4h^h-D+P>~veZWS- zj!HOKq3IFz8}@y-rK$gG9b1SDYzdGUl4fn(^gl`OK*j??!Ev2^=ElUXg&Kb!%4FWJ z&Ow#60yi^AzBsoTjCItDnf$BkSh63$ z=L2pfEHveC;TmemmSQUTz~6M4t`K?~`n*_q{Rg*NMR++VFI*a3;ut_w236QHGS2(i zIxP`9S%2_`B#s4MX}G^eZLbx_!YiS_$xlSZ6%=#Z?;g}kw>jRHn^{@Aq%1;eY3B`M zJF0VrCfI)h?~If2<0BPzb+E8SHwPeEApYhV{{n5^*>!?N`SarD`r^iRsu(N!Pq1(Q z+1u9Af@koSHN#deHitJ)EDwNO*sl4pI>m5S0X>j4v1jbYm>00(u^!3J*LMpZ1j-~9 zKYz*v2aVZ}$3?A&bq0p*2XEN6oVQ5 zir;mhSUM5{a@fnF>Ph@U=@<>;8Cv;lT%2Kd@T8J8@-q1sCCz*mbh@kqzP!!jk6v9 zZtzwih0s?=WGs2!nY)27yq1#VncJ{P(Ok*s*(ox_EV^3rT;N}Uj#FPeYv&lRaY}<==t6E*`5sOTD{mY(tTA|N}%lrBdUWuq4&mE-5eLw3HBa9Ar7+u^& z8#=?{83yhVKz#guvV%S?{(41!S~_z|a6XyR!VjuY4X5+Kav zy3@ik={KW60f9K1u4uAFIK9N+YvO_||?mjn0)O9mURp!OR+UEgE1Af5+>HzJB9Q|_QG z$1zgCzYoJoUBf1hW0)9IdXFnU+5C&%1ii+l=|N`(w%wbvJ7dm9*#v zslTq$Kx3ZZc@f$PUlfI?)eyx!ArJ)gUJVz_bg|nRr=Bkrorh|!2sYV9DVv!0{7S0$jJ%TcFG}zd3H^oj-bsD zeqeO{O{K9m&u-K*uHS7BtVTUF%5N&c_nIwleF2Psk$?V!CSs!hPnw8@<^M2M%9w%HQwEm$xuIke{LnQvY$Pv0T!36X4s$#m}qoJeg#>XCw9%KEdp_m#b{x-UO& z%S)czr7powXDN0}pUYF1oc)ZP>RkKJ#-&+=V~ABKpx1lt$!LdJ!P*+W8HkNxgfXKw zdRwAa#7RRE7a`Ai|*o zPn1OLW%J+JjP|Y@2RNTr=zV1_V66($(%#*5{)rzUn1I?^nov$V9uR+;KM4K|rd>x1 z8|1J|bAM^4Lp-U*Y=aEA%7$F6 z6%9HfBj~c{PYWVi_Cq*aYkp_QKz*%#3|uOBf3KRc>q6TUiQEW15jL2zXbu2a@B!s9 zPFUfo?EcYPzyzEzWx!;$?SdV}d!D$#!A{L# zHrrsVThWT)q1ygs1@BBy>J71i>ufS^iRj44_}I7`vSa;?Yte%p!M`CdK(1U?UMOE$ zCr(8L2U%rl*Qi1cX~xnHzv!%5f@nY0l&mVVryEy@3Tc($1Oog!Jh$h@!J$*VbW9wu#im@%%Th={8m^K0W zyTC+75z1ELS%Z^V`~%kjAzo!S$Qi+SVXcFIGtY_Lp3p|^6FvdyF~lC=Q&j&c_g>Hj z{|5k$Oo^lg4AxXGF-z)|`8r0MO%6(MalvoA-(;TkZ}da46;BV%9MG2ivLaZJf1kRU zE`ubU5A;I+f_$!-Qk5QqDX0I7LjiY?ges)*=!vH?RTZc?#Eg-y zii#`;TtQ*Jp#VF3-a!33bT)@dwNEV(tIVyjjjM3AUwQD6W#L0*;~2C;K_bG{NQ5~q z`FKFb5~qDq=KMIcKlg1D7&QKefnrS{tTvqjq3#zdMjNR3u;TV1{fR-Xk7RPwtcMfe zyDxLstS>}ATRJ|SA6^!LZE)8u+qdCwazw8~2>ryA?of4GXN( zUj0TRwSGSAr=SxuU6r0Ox1;~O7`sg;*%l0 z7*Gdj^PT#87EwjBKqqvQb%E`9I<-vKyLF3h zXZq~sQnOqJHC_01eIcMa=BjcRUvkBe;){t_)Lm}qjiC}Td0e|q^W1?AqOzMwP_>Lq z7Bw)9KA;+ykp5ry`23_#*f5nIz7L6o(rAQ)^>R(OLwSElO;Lj7)vB z3!D#S0$VPkatLwz|Bc1JL zksHaD1F%J-t{h%%-7>jQR`(=iI6mE(g*%a1=IYE987*2^4ukFIzmbwBudIyG((K~6S0tDLFBwK zL6bPJD5@QsziYTzIqquwXL4hlE*reH_S@u5OVoRHbQ-!t4uhu( z&BvU`V>_@ubl#sVKIz37BFY9$|0n9l@e#m8Pd@=twV7^o)Q#co-ok~g2X8ByY(QgO z4QJ+j*IGV(?%p7zJf%L%T9oXHy~n!3460iM~v%X zdl&<}GsP$fw|JpXySaVGbwi@&W$PCP{OWPtB zC_24spj`{$h#x?NM@x^TcHGYBX-d*KsRzv~jxKvyOE&!L-Av$e9x5?Fu&tf)?}-%T zY*q3mBoFh@kR)ho40eDn$#NP{b` zsd8#!(gWA?bzRbmN9Vziuh1)r17goD)Zgn! zVa5B8^E>shOMN*ZDtEZmI(=Jz`+ZO3duI-cllD%h8w24^8&7_6h_C!A{{1MuWMVx3 zt{9Ej-Bmbu8t0N1bo7F=#~}2-8E48*qz|grx`AglbrAc+giU#e=bj}*u=q6JEn=Wh z&qOT>@+?0yA_V6U*$01G3=}zedQ@-9QbS&Zs@EJai%z)dASoRtAp$aof_=FS1~t9ii)i%86M8JBs9DLX0eyT4~QHszFPMNhuLnb|0&^l3~o$ z_p7-!6OxsXecAv%Jd%cw=jlS#H6xcxc-G{?arWJ5&$6(NyeJ|-s}N#Yk?4qlniA^x zG~?jxIc68y0dyp@{dW8Mnjp;}cno<1TWDQ)u{w5mr7~>G%s$SRyDVOdi6lUZ2jRYj_(R~xNqg`&~ov35K@8Ku_Gpau<0R09e)-ECaL*vwht2F!Jf_wTZD8kW z1O${gR!gR0jU|=vse@SHn)qnGLh8WaEWjJ0&HQJUXebxHaf+bKC}aAFvr~k zxZ%$>LqOGcobtRq&iiRmiJayuXDt~PSV6fotmth`<*!eWYMES-Zm_C9kMs9^xh}TD zDM~*d3l1B7cF*bfeRhwn4KGIQTOw4?JGv%x90udU*V>_FS_A`(dRAQ{@R80Z^=YM zWuM2YTrQhv4~SY~4-p{I^zpNKCQB|r&Q92Q{;*NERulWr@SHRwx3nGoP6i6J5m^xT zfLD$C#h{I~J)B7Ev2tM)r!0s+U%T1=qP3jJ@@>={>>qg`^7tBZWr$svvxMfnEsT6XXht=bK1vHI z=GR`R^t;vlHtW|P&R*YpS~RZF)*G7qO~35kMJlpTFrAKfH`ev);;yW5AjJq8k-l3b z$vziCiC4};S#GM=yNg=7RB$+G(zc@p2}KOpbXiE5`y)9}d8qe%QI2?%Q^Hj`oad&O zBy_>YjWERYpVmJnrvFf0U|{$kmlviqH*5}mx6(6erwU+(a5edjwrkhMvyMWx@u2N< zJoL=X@emgqn)8pwJw6dAlnIQaBhQnDdPrLNBzE3YB6*t%FSVa_4 zNN7B~B1i?y5=3bViLs~lh~D8GL|%+Vj8QiaPlgSae0*}nAR|NVt4Gdl8gf3~pM?9F zgoK!3%kZXY?H7IiozSv8u_%VAbiFh$%x*{B$dCs?F*)3jFw{)=he))D^w#eq>Uq>x> zyB8~M_Zswab*l=m=gP@ce(`(A@C(D|8pz<=Qofo7!+yI@v90awtMX3}sS=lgOd@La zj)M+U9yL6!Ekj0qhgsGm5ECtx6KAEV^8-1jZ2)p7I6&J*e5YN{XjM6{At1J+c3Cad zT3O>w_k740pzLFXkiuYy;=917`<+XVT}CEU+YBncKQczSU`_$7hZg5)0Ezs}M!5i^B;Whu z_OhO>PXZe;$cJdSB?4sT7PRLTN5$7ygQNCK{IX#+p=U!%J_M~kTWAJ-=g|&K!n!=C zqPkn(Rh1Rj&0#0}1m2;;J#wXCY)3=@e9=rK_RnCi3LU>OwXATb5y+!cAOTVYt@%2u zp~X2AvLY0_@!~EpIqn}bQ36sCTfI@%y4PetT9?sgRA4v~GWGi(n=xTy-!~DQbSXpm zQ$IHmmfch>V(~rG&oD*WoIquW=1O^pt!Zo(hB`fE*_Q?2P$WUY5NZM~C#-qSNl@lM z1jKh0`9cJ&-Y7ze<|GPa40S~jxr-iVu}uJHgMW6YLQ+dBjHH9wCyMC#rJgl+_YlYp zJkuI@ZUc>Vh=R>RM%S4BTH-z4S}%cNaFwf8_1I{*XhY5x)&>tGK&C20(=(#J1u{-C z$`wn%jxY7NS_qI$8v$W4Pr@|>v;Y$TOSD%43{D4f`Gt|j%1qZuLaU_ZLqIHh7Jl$F z%U`MC_U9!aE!rY{qq`3r;F~}w8GVdE9@%$KsEJgu3K;gxK(aJ4lZF|(OA39EPsndo zhn4yrLT}^8`4guT1S9|>rtwSPGYOxPX{Q8KpA3K)N)kbBAThESU#qyz!~_Wuj!iFL zyJivqGk>h(6FfEczCJ5n!jzt;7y|I@j33Q2%bQB5*t!e>$rMLEyxtX6u1`<}&li_} z4S`j)SD#Ec7zjIgx+x|t3%Vk#%XR5Y>#?fTv7*b=7_dGHII0k?nb^BIPI)lpux%)6 zI3hp*GJ~M$0+B?RArSiipxf^gVTK^%;30@fEARkSV(t%)5s9+*f%eB=QB6T$PAg%P z1y($dK)&P^zs$i3xu;BK@hTIAbaejQ?U_CwT%D{PoW!&=$mQ^YB6%hg^|yNW(&x=> z9YS2vh9w2Vgc0luuIi8s^un$B=V9Wq1q;+rgBiHihas*qm?x}tqhktexoZxTIyU0@ zO~YYawak;Sa*;;)9Rkg)11R|`rk2wJjfpU7#`;Yx6eN#=pefMx(=rtaCoY5`jSd&D zCS3@fU`l6IFoaQx6|r%_1zt!$8Q5{0+j1=xzy0kwL#u{b+zd3lz!C1fTuyp}%PdFD z4Dh?Era#cB5#0#sRoc?kMAbR-SUH zfC24Z0yI%vTC|~kJ<8$xLYYq@=*Fi%kFvlm?@uq>N@JVgJhd-j(y&e$@}Xee9>3^S z?XVHU*Fe}szn&rWN&Un)#R87rzARp9PEDaloqOYN#kIX+OQ1`^ZhElwKZrHZR-tQ) z>g%8U=_c*ky|$;=Pg1#h^jIFURnDnF?_#|pVAZ*EK5#gh&np*@?$&}Cy63ct!@N-w z>84$o$s+Z?2E>?BvbBWKk5(9bE-6ixZyV9W&Of*PwjW~73lqZ1M4GiEZ_6uq>fry- z>8kG4bv~RvaDZX8$yw}BXL&#eR|Y00nZ(BFsoD=K4>SzhcHuy(BGab`4-5e>NOK}(Oje;Og zij@5I11PuzC+>g_u>ZX$`kN&!fDZx8OhaFV7ZISQGI0(fz1gD2yY1Bq4?v883v@-! z7gwXR+%%+uA9FI1mnCZfl?Dzjs~f6&h2xHIVdc8*!}{DRs`gZ}QoZPeYP)f|qAex0 ztvcY+5Tdzhd$f6uQ95mu-;QTKmqiks&LK#zcq1%ZcXCo7?mZSV*KhTX8e?BZrGM6V8g>8ZYC1lq$ml$J-ZL)BBK?cg zCns;_3)FW`eVG08n*+8fNA|TsoULuHZo#OH_VmLVz;)GI2OQ@pF^g-GOG1jC9g_K{ zpX?J@L9l#hIFn%PI~wv&t#s=HF#)Z7JjpZ_DTN3$y6@G=3-;8C+DAe0_eJ&(kb+QC z!hcXC3>*yqO_BV+v>kA8u>T*(JO}IlT(M|v*x+!${l5G^wSOtnL=lk$3IIF~xTLLx z24Qkf-O|@zWPvcd18=L?1E!GsK0)fZFK>pLCc%mUyRF4#j2S3nrj#_)%Ia)#j6^4fiBz$FV0F zHk5>O33Uutma2>+O70bQCn3ZTj$@J|4F%Wk1qQh*UZ4{}OJ5 zD{Y9xI|_x&kY;jD8babS7OAqY(Wk$E5r#x)KqzTUu6%s_ToP~ignMky5^vg&Wn7{$IjpFC55@rC!#KcC zL~UB8=p=Ejb8@JNR0(S2tq7?e0-#hJum)8;x?QYKt?`V3jMO3B9WWDX*j0QRZgsos z!+{nU(4s+Q?4~>&XNR5Iv3Lih+9c1KYsZpWf8J-;-^_j64)jPy=|#0>-Fq|YnF_bi zH{+!vGaS#aOhG?T!Chk90`&5riMoq@n9xQ(0CpI$dWGN=K6#UdVfX|J#+aYFDjW$t z(zqs0cr1_V2iUD6^586KM?XxDavr^}uNGXPZp9=o0tQnX8a0s$lv_bT)*lA?Et=Y? ztBl+*HGz=~d|e)90k*l8KyKD?a`}hW3Vl(T&Ke-$4B6z}$3>vxwQ3992%{B7obOUefc9zR--IB9;Y598S z+W6Z2zQ3>a{W$*oJn~||f3Nu3yZL@%L&L`1aod_7N)CneO3{{aXKRxg=c?9)>_6NT03 z%db>C7QRrBAIA+&B2IXnPJYY2U-%kQ(TOez)3sA;`(9Uagn2!i;x*}PtZ|1azR=SLEkVcT=N+1JFI)eDc^ z6uMdp+6fhuWA((>#sIsX?n$u6mEOZ+`H#&{N5waVNIL)s1c(mpZKK&2V4yl$JKjNc zaIMO6$Ar!iwj-Wci=1h<=?dfhUYFg%#_p~ zGRr`f2Paf&nH`A5pji+bL8|~}fsEMn*o;}xVphhcxUw_(1xT6DjilA;!3*0iv(k}} z9;A-MSQ-QBrc!LBlHTl2BAEM={he98ZY;$2PV;$=x4aaEkD$ygI_Q|n^m%cqHthFq zdgT$AS}zc6!Sg}ISNy=C(VFiKy{>gV^;$fXHOD@m(}Kx*`sLw+DS8-3(fkcKd;VP+ z@hVt`c?0s>G1M^pEZuGx24Zn01lGYgMC;l$H3FXpE#Ia~_!@uL!!o+O6~Y&byMhvn z!&HB4Q#ePQmI3S{r@GDeAds_sJ(In=+v};N@6Sy#X5tur)}cnfz*ovU3^cn;-4exK z5AvjjJA=)mmt;y_@6eU{o?J#n~3u*)u)Q2n+ra$G~god*aiIlG9u z*S-&h{p1WIAvy=R;J4B;*T6Aw6yp>mbC- z<}7zWsd`ylD9q)i17q9*Z}=7b)j0JwDBB_kvx>n38=dU@&*3OFVnFwZK+qBL6^wl0 z9%~*t9v)V{Ku;h4#_9+1I2!&}ymQH;05dgj)C2diJ7zP90Hx*=CWXs#U4LV8THiK^ z)GhyFxCj_)3I-H$APixip@3z$_py&u%y6^-wP-GYb}S@#DSf+;x~RENn6J1*KV^tL ze;FmWbZ(VkZn~7T!K{f;32o_)r6ZYB-zU)KXvuoAz@*j?)jqo^r6Y#QNH$Xxv|Z>f6f2J67Gj0id4vV*a^8#2vBroy1n@q`zJ0OA`&=j<;(%=!D%hjC zS7lexSqLgK?R))rB{HmgdOb){qDQ|AF<+q%W*Pp7|F$i>2DrO(m#z;7JArhSVzGD<3}3#KbC0cI)UrC> zdQtn1t-F<6@Ryj!pCbbv)Mxxhn8nDi5sWhl(!lD(^^O5%@I(uZ27A!Wpyc8Nw1#r+SgKau z^D2<#vk32$FB)|iW$>kM=vZF!3P5L_gw_)4OJ-848E4i3^ZCAm2-vEaB?3~D6ye3{ z$AXqK`i6IXGdy$_LiqeP@}8fd_4@-=$mVca$10TLC;r^!8AT~30y5E9p%#Cnbe#Zj zF`AtNV61x0Kc2%>9MyuB^q}Bia7bu(2N1^1V>CTqRX5ws6Cp+wqeTjGdBG9+ zrt%d8tIT6W3ToA>Irs7vMw>Nx(V_xoL4~rc<|w++nnv;!dRv}^JMchORJe%rS)){g zgW+I))2jjkxIvghc~3fFDt%N@qKx1Z3aBOR;1cx=gl5+iG4E;b1N>aE-MCB*P^1OoV!JE4K zI87*9@naiQ##eF0)7xb+nOi4rVm?#Fx?U_EyaT$v3Us@D23=!VAD#kx>GG%A?zT7G zY%Mxln76gCnrNdmQ-*`23YLo$F6wF6y300t{IGxCf<2+i8iaJjYFi=KIvsXOPjl7Z z=4j%~tl&AP@`W7B;hAmM>Tq)?$u*qKp>*=RVsMP=7b-dZ?r4?m4shOtBcdsEBAuXB zW4pRCP3H{Y4{wyS|4|HI{F&jaIrVGE@1%f3ETM80tR(t(){dZ+S_07!qWcf`xA{=J zH57kFc-2CS*BbO845k)B&m}ShQ8Ugy5n*cnPYmpW^nSw$C^x$dF-|gBqJ#yle{oso zjOS_%H&+Wys2j7K{&y@ny*H)Yu1j{)m`p60IkFKi)FjS}xx9ZO&<(wl3~=w3;pLhtV464mU-=CXU^c-I}ehBJtt- zkDFp3pck(Ht7D8DZx*w^qfvZ%#OIs0YwF>`!_zMeYs@T_K@6F{2} zIHIFUC~<(fr}<8)$M`cpIC9;D=IFxuzK|sLnL%K?Z$o_gu=M5i$-v|s=O%T0`~3Hr zcuQ$g_dpvTb-~B%4olk}iwHb-$LT99`kyU3LCJpi%lHNU_NMi^g#gG8G1LEPi|?(g;roym|6;w-ZP-BA9_0s7IYeGgjr z$DFO7i5cjWP(PV*xn`gJ!1Lu3AN_|t0P}w``221RSpTP;#aEhIj_0fhzc4ww9sT0c z_{s}na>5cPEb;IKrmO|H17O+y#8i~Yv!fMP6De&g!CDd1_gU~^^ud;jFV%`AT6Q-W zyW6{cA*Z`7=Te~HMg#){9uOpAQegrXkpPf6=GRRkj27Pr9|*x|1Y*KZdSCB`)anz7 z4xu7T9U8KW6OyTYt7h@3-3VQ$yAe?TI(7nV`J&i->Qrt$uWwjzrPu3FfCBl7-5IY# z$6mKEb|%K-zO5lS^wmHA5RZ#=m>-MK`oT`{k13x{y&4KY{bP`d;cqbri(BuyqMI0qL6Fp5R-vkNCs0qo1`#bqxAwtEW*v%+-*dN6 zLV~0L)FLcfRoLET!rIOj)YK8FC}a_{0|N&kOvAVM9TjtHykn>+C87yREk}Q3ibMy_ z_U0!1d&*WRA5LUV#~1#MSQoN-MTJFD)9>Bv+b!kkg`9>OXdEE<5KMRF2^_;Kf)>sb zCY!8x-$YmQI*WB-MJ_GXkE=U^m|61^tkW4h4%9{ptkbk|{$v-!Gz)7h-w%~~I&NS; zf#Z*;b(OlhE6%HHP5m*MLd*4hG>&FMx8zL&2VySZ0S2+3|5XCU-44RV+WV_3byRwYA2$83h~!C0yIR5~GrB&*-(?kY!4;yIBz zB9y(xEm7Hxe&L_l!_)janHEmE&YewKQ;XRuPQU znqiTsr40#yul%<)>&!4qt#yw{XyJ+(n!!m3!P*skgzec&hj-GU>Wzw`pt0XM7q?1B`E z-;TCqJt2>h9@r_QS+4;$Y9OA4Etq*wxSb*D`Gs+|w`J(1Ofm3Yj=)_zsR#2rseQsT zpT02`_p{un$pfHKyw5ENZ&uuUAF=_REaf zgyoe3xIZrvF$QVCrMpjaPvyTAz{O9gys6yz?5RcBAOT^WR>TyKfU?vh@C&O$ojL5C zCl#2Nl(>kUOVWl;0VUys+1BFD42D=QVc~?&8FFS5jcLfNwl;T!gU7}d8R$b^y4|Lv z>X=z26&pYVZ&ft9$hsQaz$j5!HM9EbrtK&xcK=isfv~CS+inIyUqPx#J&b*cDI8NQD5EYveG0`V_; z9O}grJ97#3s}JMQ6|w*Vufl(;-Cne{eb`hbA#-AYRIRiQTMCZMliM0Zg8se+=x(T8 zt2Rm|zFo>VLU!z1A6-u_Sx@Tk2+vKN5+kW@J>SDamiJ&fQ&e=}ZLoLaM>a=CsS^xq zm9Z9}QR6jqh* zezp;@A*NkG;h+Yz=C?KV+=Hd2S)snxSkS2;Y?_L=p=aI z1(d9$N4R41P+k% zG1lRQmQ3xlBTBhmkjK}vomzJ1plC*^PFTV2$G~>snojx;aYX_@_@>Q45d;iBZ+cd? zw9+)8@gr&M`SMn4SI>XsQlOXM*t2ziIs)^KL+!E1DqJGv}Kz~ z2k(2Wt8Y$w<7bFvCCDUwwgP9qP*grWxg>)?EE6Ds2h_;&{W-H5G?(BE7e4)Z<*M7u z8Nd>jw*j?~n`ZCGJbF3&XL$I6Bq?kpjWnQO7*jmJ5I-&sKc0tD3QsppgcZ0Dx>|2$R_iuN9E*ZPUSPD6J>UPrr)J7341{bS2y@F z2*aqkhG$?&@cWmUPVKjWtBS=Hiq$Ez6QxU>RGkOPe@+`%T1lGsHqSezo4R+(n`ya~ zD;X477|bKHw1hT+4&VW?2lMi4=%&VbJNa4`-DH6P&ZXu4QvoyStvyAg!st&yjWY8DL; zIhbAE`4wh9&1L334ZmxXWbOs3vDcImmtTGI)}3TZ@{vcgG`lSG!ezrv$$)Mz72lf` z>42h>t3Tu1l&yKMu4pfh)=WVb{CfjYte~Md4UvFY=+RAoB8O^qd7=Tzo8LN@c5ys< zqwiP16!^K59V;s5HG%QLN}|(kERBtq*UN1j!HVEKpHrR^sx$P61Lb252)B~bu|y{p zJA&zM0$0jpM)AJa-fT2NG5ecfQM`z<`eJ+VQ$oK(-=iF-@QPiz^kYbQm#)fn%~Z=} zW@$?Ao3L+16;`G9hi2pBkt&7ug%CX^y2dncz)0XfX|SHqFX%dZGn{x-kuLEL%9#pb zgPR(+r!nl#opqDr@{&JpF`gF+luZEjc)<(7MM@4_ejx5P!~yqmGWM?Z&PEzP3>7|n zzkqV)mLPSa&U2zlmDJd?I@V#NxczA&CenHik47SJA@qYYVow)pq4X-Gcve;9uGZ8$ z25dqs0I2o(-|6aI#CtVUKHa<9UZ9NC7Tx}pV*H~5|KDi9|Lv{+H$J80SZ><^KIo9= zcNCoKUs^k@jX>0hn#&vTf)cPnLID~9WZylhb55sA;|ZT{^|%4R@Kr-x;iYJkeQLpa z_?P&I4&d;Vf&79NdW6gv&C-^2{Dh*KsH0E&O1d-_CIpj5?ylC3KWg0VCXD)R)==mi zu|%G4`qbD+e+^0|HNT>XC0-NCptV%XZkOO#PTl$ z4jUW$zb$aORW)NX*?w3BYwOn0+`@hYPM(Hx0YrK+OdRM!#hDT~!YtAHcrjm5_UEIe z<7tqTiApkL1W^1f`wlx#ZZ?R&r(fSRc(bcm*$0^|Ya!gN8N(lFKWQ=Q5PmN(Xb|ZU z07fUX(_dkKb~72aibfMo&eGr&_0OJP4nSpv1;Cf$#EBq)3`6kwVSIYLcbVN>#$-5q zXcrwkS9S3_Xc||<@`CBDPpQLT8cR&!D-EOIe~cO&<3Tct?p!HgZRL?X$#AdP7Gzu} z?@@o2Gd&X7Tl^rXN196fN(8IsJNoYMsjrn_$idowDXoQ9>Qf-h$`}AB8f)^b2)g80 zw-C=xD9)TCkc;9K=XjzJ5~rp0S8!iKb`cYsKsA#Y>~ZO9oLWy9Cq-aNEBg6v*Vu!U&S2*nA^*kgsK3k~rbSXS&?QeqEOq($B_;V!JaskRdHV=xpdq3X1+JODD|0W_x zOX-#E&2ErBJjuY|#P=bX?uSPnF7Jym@5?jRU7#9Klh!Z&i>Wtyp%7@XH+7EulacP% z`Cl-92Q7G92Z&$;i0&?i3vgxM;xIrLPc2S48i_PO?kq{JMv;Cqk&bGP=z6*gg!CWn&_#n>S4xu3mPyF$zQXedF zKBkHYoa;F)htPe0oD(!!?7LU#;cPZ!y-94pq*2k=owm!IRFgHZFgA38q*Zh_aB{aZ#-kOnb+G=)aqzSL zXAOEtS~(?QH5w6fD`OdbYhyez8d^gKcRMFrT{bgaU2_{lD;hf^6Y~G8CZ}&|EaPl# zVC;bRzpoUxF|idgH*~^dV)|jPro&T!q!kdbb;HyAhhSl#XJo}=U}VyUq!o3rb+-FQ zrGG?G{ZvvgcC>YNFf?|=36xpr6HQI0keSNN`j zPp^;9j}0L%P#^tHV!fG={njSR>*K9U^&&mRv}o(f1=rBMI0q*|`fj<>L)pq6hxbo_ zE9$Ka_b^J^(fvrB)q7k7-q?qL%wUd2(W~@fF-Ifq|rl2f!mV zrQ8*>oD*Sd;2dj~ID#2CO(@xy4L4}q+ZtJyBE@JeaUVNOtZq})-jG;Ji~nUJ0M3Tl zCv@r4vYsnLwlTf2!*u&W9O7pCSvu%^xx1mZvZmqEc@}avUgh7TH`MbYw>iCKPH?i> zeype4G_j3#k6GixHvMR0W7M)PdMWLD7@d2Pt{$i>+kFKGe1bj_*FF1sRPKP4!d=Zf zXkszTQ~~Xcc&(fFMUVl4&>#>o5QGU$b+qq*!{}wGa6?MW)?9D!maojnj2=t-uErZW zq#TH54uJ%YvJ^NS=r1t|*LDM%EBO7P&vsoubyhfwRm~&u(YtJ0?{UFHLS~Fx`E6%m znHyT!yLNefqMmiT@47&cY&IWAvO+K*TvH^@@3vGx7qhzy3)LeVwhbCdNXeJLtrqWq z4eB2*VpGFS%tcrZN)id~Mdq5+1#U3Z_O~et13HoWg)yrZ{3|T6R>(JSt|gajV|d;T zVhNRv2y8(97R(JK=rj)&Y9%F`fFochCV_^q%n$)}n(@k1$kPhbYu#_wCn+hmhLCW| zBbTlxin>|bZ*o;^M&1ikb5{!~CkGI@H7(%)!FqwrpAEw*RXb%bgnybA!@(NHfqen3 zCt$18v}Z((J+XUdQ;6h120B|R9tOhzh)Sb5z-W07&WoF^7|9LZYAs1EU~Zzg55x)2 z1=*lo4?a=MKxq@S6DYp87&sq8ak{B&)hf}j=wc!)C<-_2*PH7HO$YT*?eF=?N}<-b zHuTQU#6_>wm>+;^mNaTW>OOkgr&AQ@S=-(Q5Ux_dA{T#Y9|vdSJGjDt`tfRfWgkY4 zl=UgLBkqd1go#!F9<2mnU^GA!M7zj$+1Si(8#|2omcEXQXUr!3r6Tvf(kDgML?s*b zWDG}!NbmRh(WjT|#f0teg!rmJRBDh0H%AY3(R~#_bwoq`05}SEXEI5kYpG~_SBg~u zp|<=|d^`*N4x;ge{5GVNu(Cw>|0dMn?TRXNgdWAe`#?WBykOI@)*YLj8HSAXgL^ zD5TFFINM%JYhUg}k3kmpYw7MqLO|m(^J_p#btrV=OrKCjm^vT{55e{li=MOz4Zh`! z-J^unuLWd^Cl>kw{!qs%X)+H0ups0@%&aPFaWd#2#w5e-hvU1e==At zT34%p4Dd$08(Mz}=JR8q8vqh8_-Bn#5Lrgj)hKX;6$iSl*eTD%|e1}x+_=K zfW}?gnwH?mW1$X)td@iG&FV=`Py8^u5Ne9UPuC5}CxTA&B!_7sobMDL9|9sdLq8%B zGn66>O&N>8w&wXRHNc`rp=8r=(o}K0CYb(2L&mSPfdTH!mRVDf3mn&_yg;`_bo;S! z1BMz^wP3JGU{CV8fW&A7UtGp<-TrEj)Aa$y!cn8Ha*pz7zNtD8SS`Zlr>sOLRnSf5 zoy0es?3Bjfq63GYU{rgFH3#=L+@Ff$WKa!}B~V~agD$Xz?vUm1=g-${$~Yj*We@+g zhxo{@7QjUs2X7ZV<;0Uhag8+>~fQKoaT?6=Cv)-3a-fP)lNY1FAGnLk4zSE>99|;3$$|8^oGK z|3`ENl*+motcywhuHjrDsc@y5Y_y=WAgiT7$|x?X409qS1mrlm9J68>voAwke=s1H zOjH>-5d*@KLk&I*n^QSSD~2zfVk{w{1!)2SHb97}ENTJ)PmvF6jKq>InMGLcr~~>S zG6o7?Mx#X_Yr=Gb6AN!f6Q3phpjuBn3SV?w)^8hHkqjb-pv-AgA!oux&9fx}ovtPy zRtw>6DaM|_AIW8%V_ui=sDi4P09B{LM=b`u_FG$L`8>?t@*OEQLzfhpjLbT$uL zX2C>E4|faW;53~yOh7kA#~xb7!0YQcEH~yn2JPHA64kQSR(ncgRXFIYfEea{2|11P z0##m+j()nKynPRrS$!+V)nkLeu=?TR>byp{&=c#Fo1zVOaO||4DEM?`8308yh)~6vadtMw>*)<-8!NVNk@+Ko|(x*Bx< zL^lno!uWfg$h4dlR32{Axl2t)(I1{Vg{gheIF^-LwRH@P;q zj*JoEw4{~isKL(YHY=naJV&M9E+{dO>*RP_ zn(~@n?!fLqe*+hzhW;xA6BFxykC*#T>)MYJ`JWo;j}GkgquA1lSpDdsLdJ%+M#lfp zI~|=IjPTck0(SKm)`9)Fi^PWU1W`A8aC*s- zI{0=^h4Ld;%L!0{Dc7XjtUV!_Taz%AcwW>C+P)#&nbeJ3Ug;akpvU3Yw7k_r$n`LVG zoetF=?}xyS2s-A9kyDmYb@&9Wkg+%KU;OMa|NK|{U)CLZ<{ya0Kd1k%`oDguscE~x zg6#8LJ4crnN1t|-y(EZ>tbV&h5<^N!9?$~cF+|-_ZT_cC^ZnYDY^@$yzF{%#ZW4&C zK{|qK$F+vY_@eu{juivjIIwh7$`cb*fq~ZZggmM#DF>1)VQ8|ZTa~BZ>xIPgir&mn zYan{~&nWJf2DGS>x$np6+4<=3^xfs%U@6w3GrVbFFBpi2LF^_>IrBo2rz$R3?Y7=E z=6a4Nok3o=Z)6TGHw`*sR{wi%*XwR8piX#r<$gjQL5+$SN6$&VnHT9V`iv(R*9*3PO#v9?#w<@y3Cz@*04Nk>~*Y_ zje9gGOYMsP=WMI(y(Zq@bL*Zi)`0d*c$=?3nsuxM$e?N07%D(zCHMCS2SgJ4<|%`e z+?m=OKqTw_5NLfg1Bpgivx(zOQ!|UJ2o!6L9TG~7c3i(Sor1(4tI8uFME0nn5~h-2 z&OXh~b;=IW^(Fr7&G~UkG`QzvABm=_bJ1Rx30LwF5L{o;<@tQqbx{XZ@>{ojDCjI5 zXO1gmu5M1whN6Nabxafrm<`3L)RK31Tx3ce@r?73{ep*;5$u>gV+$#OXjCs(pK!^7dRgEBU-t zna$IT&O$kPUAvuGu^ln1+tK=#r}ppbw0aK>#s<88NpUifhtUVpm&qzK$>!GH;5}%H zaU1NJAC{@_K@V0@yh_S;i9T$e{NO(41aO zzIy`}eP7W+&KV&k6<@^?SZRG5VA}7_Kkz=M4W6woP6WE7vmx)a3vc;-S_s9N2AD#+L3C}sMsQ87$sxVXE0oQ0wF7a=KarM`9oJD~ ztdV8+(TilW!HLd00I_w^KPs<8{6>~Fx*}~BjgB-UgRgc@!Zbyhw5aVi*ykZy4AVm} ztf*K6i?6X4h+uz)?d_DKGgM7lmp~|k{ktD?^Llso4IXd`isYmLx~gm&RkfzahaP|U z+f*#Lw~SZ1J`zIN)gcW?BK&Myy)yTnxwLg|h)GnayqlO#fR54~DB^btYn-5M13Q*1EdvQ{WxFp22cB~)Vyk*v(Sz;cBF_U3 zw&MBNB;|6=3$POAEspg54=*-dCDb?+4v46LT^j+p>g4D6zRB&;rGvdTq!Q0{``5G| zJI%|}C%2Ia*^JFq($mxZBuM;+f7aB=43CM9p7q}y zZ>BXh9XChneNJlo3O@tdcNA)r!l{e=(-xqb_I zRLS|J)Tw4QB8^otUUePJ0hm9Wka$$xptxs<#gMij%pxFif+7N!#tRPpHz}aFB?2Cd ztR4`?;+!b%IO3BAj6pwQ>?mHc=az(TaN<@FfbJ~YbO`ccdPL1`sETfu++M=tCi;5) zz>4IDD)V8!MAw;``T-%*Nk~u1QS40qN*@cNK}O*Y_~i%48*!~mBn2ZuFkp#E2P@&0 zgwV8g`X!RyTM~Gmks912NWj2|$y(DbF+htd0FVQ5r^4s4a}dokW`$r!Ygp$^9oB*5RHXrP040dCFD{;3-UC0Cp;Y9 zAqf+t@38Cbx_AV5JZ-Tt)$Vt=Y1UomaMP}yzvydU#C7+y$GFLB44kqo5RaUrQUOeScjU^B>$apB(w{gz$9X?Tij4i$grjw}|* zu2aqQ$j<3KO}&;`P1LtK_{nnTYw|s)Q&(y$?187q@)u+Zsd!XRP>Gg0gF>3D{XUqn zKxrZHnu&d)GQgX=3kULL4Gry}uAPUswo-W~OINAGybD5}WrZdAuE3vaXJtZ6RUK(K zb?I^xkWySez1TkNv6Y4i5Eo$$ zLL2hhwq8QnfFuog1$4({K`A6t&6PiVX1N|A`{egm+LfE$56}4gs=dw`H!eIGss-#4 zo`rgI&mC&a0Y!Lv9TKx^3qAPJJT_cKYq4N~{wc46U)1t1O$t+!S4%8Qq>fcP^1#Sw zbMNT#A$MYBu#eHfGb?iXZ2VTfE|pfbZYp}H*?x2d^g zSG8#JVX97v2MY`G^jVsF%&%_C%u$&9FUoXdJSuCVe?VRFTN zT7DNY_;`4hqZLpP*bcJ6cqWg8nTFjVz8wM(njS@`;77#)I|c}$^v|J*{c6-3dyr=I z4H_V)0JL??1JqxA0|m_j%s}+}VP>tTkvE6=4y+wQ;KVA}v5ejbGfA+K9lzD!kUXE; z?ouzgA|XnPeuw{75nU8=OS-2TaE}1wtok)C$u(oHLZ*#L)$6K8FAYwLd&Csk?0xz) zRS`!_@yJ%HPNgPU^8^GqkOp&XFVo1M3SR4;f})iwgX@_f{SJh`c?C7s6<%BwO6cQ- zq@U~F8NN$**1mL~1{2I`Ysz3am61+Hl=8G4nLZ_^--VppaBc5udvHZFwv`?8*&W^a zj+5K9i2vnX8rVYoJ(&%=E+xGI)|A>o9Mc)=_W|VyoP_m2I?NhLY`iW&+5Xz5TDx*k zqOMz8aep7#7G>BRb8>RMKmE!M&0OF#R5?-hi=J@c@2@rWG7cUktdKn8di6$Aon`aTK6jxh{hGZt+h>dnmZFBpJ8I9^6^)lkb25 zE?cHxVVqOnUX((x@OGc=TMO-_xLs3kHPW+!X zc^z08S3$V^q!NoPf4lh}PxnT@JYNvr5(j2|IvtBXWxpP80Y1m8>v17Uj_dR)E>{S2 z7v*wg9In7r>$kp&k+P}r8SokN8S)w91skUD)jOnKq>RQXBvsTKCK8lWsv3Txu_~$5 zjsN4&OoDStRijZh@i~>c={Sev%5w?AgJP%o&nuz$cpw*s7^y2|@%^#y(B1QeWLW-U zP*p?wZlVl(FwEQgftbxQVzC7`X_^KSL7Vd_?ywgehw2!?d{s(&?ZVVPt}|660C;jb zy8L!(%xutmVwuQP|~3Q9RjsVby7k5W*j8vj(T#XhDrAo;sO>8h0DniX~j=IMqbi#9ZG_^myu~y5z zdX+CY&IX7b7yYZyk^15Ll|BWi_RR*jsnX4QXovOoARTQ4v&PFA*$t!@hPe_%c74B$%%B7jdAkJEtT5C_= zOK>x%Q8uXJ(W^4_qxj?iU571J>QeHlF9Nh1ay}!w4WV3yQ>^sF7m_-rIkT=gxG7w zgq|+9XlS(X5;&0Zhx;n-B?)c^$4~O)=H*qrfAvw zzg4Y89e%Q2{Gw5g9qeo)GOUg3j&HpfVj6s$R{68)a?^C^24aX%8!}FdIw-uO1SQ3` zRy*o8pIEWlP+5VmXWfMtT7nONfevPOw@mW-&Bp$IRc^s@K32oR6jFg4(RvW15og4b zhE0!YUUy*uxQ+5**w_|m3*{{yXi#(uaMz&WlsI9%XTd6wkS{|z%bjhPb>%*Cx~=B6XXMf>EYbKy3#l6qmA*pZ6#J{kUbg!4X0 zJy^4{Y*K$!i^h6!#3ZvLrTmZiLfN~q^8VoA?(v9jpm*O5w6_+GQpFnV=AmP~Qd8QZ zGCPbSJzs!t!X!-bh)p@hGx?xKh4=OWNw#-%@!E}GsxE5@2I(gb2+s3jFhyUr@^a@{ zi4H@bQF&7eh1C;{;W$9jylrS;*?>fOGj$+DR;LZezL?ZM><+P5(mz;d&Uj9Z42E`akB&ZM>U7C&1gO7PCth`Mdg`N+;;JpX4NiN=w^O(3YFKN-WfX!cmuG78)zUii z?NNV`11{;cQ&MwgxLVc5jj6Shvf-Wpp)Iwf-iy5Q5I7<75XV)LTZBR-qQ?v_q@j?&>UaHQ3#JV?*kOU=_wyl24p&kSePf{ z37TuUX}PkZq!K@SfT`e9f$0CU1L1*!zb!HVVvJj4cKWDlxY#9>LaH{D8*7+XXB<=d z6E0oOD>#b{Ek%NT)GEe*7ryc3czdHBZW{1-j%@8Iv7hA*^7ws3cQVck}UZ{6&~ zO!4JxM+e5=1h_sjJ+3r0_xg=9q0=O|ESX-bR(JZ1d&l1uzfwPrfbBl)D>Fq?4Cs?FiMnB1EL98Y{=+u`(8BKeQaSb|_mSND7g z%t<agg!hrZLVT@e>n{$N>3L}MK#kz zcxpIn$+K5DtCFNWNn!inUQgsp$$iR_qy;(qu&DGt4?1LP*gUki1B#t8di>b{E`Zfk z=Fgb$gb|A6(w^%z9`9Z1k|7qH&9o_#t>7iBv8Yden-%@Zp3?hMX zBlu4fz)yV3zik2-*3^_e5JCP2(nc9#4K6*qa}Vx-^LFOc8Va{aYoP$^H2fEcO-jXx?rfgubjf(WAI zq~D$lA-sc0Wp7KjRM+HLK6Urz^lA^)yEb?G)n0iew&9K-VEC@5D?NF>_4JP)V{ni{ zT$KlTK(J3oq70|63piIK@LiSyc@Y_$$)D^4TQ;`P=2}1zD*66i>Z9afBy|Tv4wy_10ql;19AAA1NQu;?ctBQ-8RY~XkTtxS-KL|G!U_sNhDDO({&t)xbE`gg1_ z6Sfc10)ihng(}uc?NV6)F8xTsn2-|2)qfq}TG>@xstf0~ulySH*2JB!lPp`N zy1|$`p*Yb^G3!kMx7$rY+eJZJq$R>Uw~ykrFZo(s#rl&} z@!)gd%4ZcUGFwqE<1e}YQux7mjj;bCwi+C$>9xY{HfVrcF7lLDd)}LPFkUzWSE-oZ zK6bbLfNC6;M4Te95-+>z2qO4vy5rwtKwO2$T!ihmW{MxSdz5%P-_0G$x506n3>3{} z+}E4fr8@DC8z<9MY!`enTVFZslEO=Sm5YmK0{=mOaRfG8@Z{XY!-umw6<-_D0bID9 z+G&Sf(cp91M0B8ryH%76AKMJrku`byxyffLmZ98Fyi>!x11L^2J3KvSId@dL>!&+y zLKC1+d$crq^#F_phx%XngfW9X5UeO-6r^?Kzgv*WMuyr~oTuq4vhi|;Wc2QdEl9=S zkF+jz);Dw-hmXLhuVl`>*w8UPe-i?p{`Mo0glr3{Qs_|S;N@TwD_yJ8Eh_YJVM>P` zB|#;Vj!PPXfO=ZYk{GKfb3A=k&@+fDKIP}g$l%H&GFTFiFO-~99GgHo!I}Hpx@hIL z+88E_EE>g5?gCBg52qfi0rkPPCHt=Ofc~^s6liD!;W36eT2sY4b<%zA(!q#bJmN5m zv2Vfe;`hh^IhF3#SckyvdR?1ggiim9*1p$@g)!JZ!GLb~GwSWwJ|Mmg#%Ft|I|nz% z{;wM$Uw0h>b=S54=LceQyE%kqn~A@WIJALz@-9W8UFCq?rqG^Bl8^v*Z|^d**vgR{ zW0?yKf4G@eVLc|g3SDZIod%M%2OLHDyCg>hYy>`xH1T39hpNZG__^^o*x2YHU`!F60$fC9g9=Ak>IRcV?= zR23T2@R9-r0pbjBrUid-sKxF2gx{a`_;Moan3L|-ZZ$Cja?}Ks;etnx5(7Ya<$Ai{ zqjMAVJ`PrT6sP{77M`7%Ha*l4ef`2O=JEakmj(O+0&UTnXhU^TAG102d`R504pfcl z;%m$^->gxmEn5=exa5Xq_c|M(enLmA9*icdC&nJ{&Vch$qszwq%R@ujy9Ec1zo6QO zM;lN?5NI^T4ed!SPjy!lhUu@{ayA`1f_*)IO|PEPcB%@V@!ii&P-x#taB^uXIn^dI|8Rc5^_IMs{VS2p^xqx6|4*|nBg_9W>oPL@ zU@HGjH{!IGcI;6LjCZc?-ssaXVFUp=U?jk6Ukj)Pp4iH8f3sP&VC<&@!sqF zV~ZAV^ZnB;PujZGd~OzJA;rUdDOrgD#WaNkrucd&273iGCqxRG)uLcLwTy;0W)h^} zB&~&T1LRbz0^|>oNhI+WPBBo4WjmVCaES?;d1UgAZS2yq!$8v<0}5>kMWyouDf&pb zOy~W+dE!jA1i~?Q0~!d!Lx%b^LO&oDdl0_K;Lf0pFl_#Q>w30;1%J+ffDI+@rhrJt zyZH!dL<8Pb(r|peCD|u_L1*jx z^^5jd*GKkq_v$ONyC=6NcFiRC9BXuqJ54bSDW{^C?PRF!>i%>%^7L!t^h*|Qhg<4d zSK9Yw?{Y9SSGQLu)s=VU4=)vK(LrO7o4YY2ZMD>UL+eIVi$NP7`!jd{d zWz@t46q7|iecvbp8ci?QMaL)s@#V(43fJFt@X19Z7zL|x@?1D8rtCczS-rg(NB$db zfG5Zl7>-D=Yr1zJ`UZBpH*PhoX5n)6%}E+d4Tp(lWQ}J~dMu11FEw@mWRnyPT|cTh{6a6y;aLPr@rJQCPPM zn1hF=4_Ybd+`nPxil;`Nu;&ag@DZu>ESCl5I}p7Htn9ZoVw~O~sHn|p#3*pE5E=3+ zrotb<|8`YR_6)aFHwjKm1{gJ4X)&xuvv8V5#jz6>!Oh`#W3=C3 zF}49|`G2$SRAh6DAxU7`?W)To+v(Qg;I&~*`DWEjCGKiJptuqEoi_T2Ch_F zdx;2I0+{&#MV}!A4dwv9IiwpG2_o}`q2vti?TsSi;%Qy)(=nhW-8=Lb)a-LCTL?Qtg^LgudlIZBS@fB}2JBle zmR(58JLF+W^PG#$l>8gcJT&40ed3>cNLunxzCYZD+@~$-+E}Z9Nc1V$Y2;h{^!afZq#KC-sW#GqZjb3Yf{A@%}_eycO{ zg8fUWhM5IRPVC`CvSXe@jx(|6$r8k&#BG@}5bbWAIoD8AebZCpB*IxZ(0~nQwDTO+ zGwg|de>8p3wDT4MM#dB&1mEpOR{ggJip_1!A~Gc&!+IwL}#s#n7|C*Qq6taA-}P#5BvT17XR^l(cKel<-j?lJ_6-9)39TZ|r%rIK_m2SVpqr;qIQ=1j~^Rp&} zkhKSnEZtRf3CAdD#!H;U&I8|v&HvokD>^q{Ecz$(Tq@LWLXpD01p-<6j_dO^Yk{XM z)vn8U|1C{)?z47BA`tlQ`G^$348aNSS-kh{sN?o$w)Q&i6bQhLbN5+Er-*cRX;)U_WHo53>w`xsK8ji@h9YksRNwMCiT_j+IM+3HVmL> zy=F{UY|9C*k)F_UeuzaR7J9%Mp<22K91E_7eX{NY?%Rb}9Jj zGP+s%Ufb)zzUABcedpuxxO4pB@v7h3`Hg6JZM)qIY)@q~XuD}~jlLOhNxh`tPZnt^F@j!Llc{}f=SIhfApsstPVM`2^mO0W@TnuY0q z6dZ9f?&q>XkGYsmM5k+KI+m&&_haY#<4%=qIJwds4c=p4@bCo5cUX>Zm52I1Hgtux zaPMEX_4K|juVHFpUza9$@xEOszaJZavjsnSry`lyL3UWr%Gp6C#xjZVQ|!|#__|M( z+QR41;eP+xyGs*g{qFPX%KZMXQbU^jz1PLDX;2r{?CEhY(BJuKUOwFG|6bzy$1%Ep z9y^|&_673(X#g@!Hu_dJEtYje7x1B+{tM#acI1W9kB51L*Pmw_-4}GObmWC}ZWQaF z79eB)VrPrjKL%RG`=DGHe(!_viF6K`uhN#O+3nl!dk++ZO(1?s$qDvUq;X<&mTSN2D}qz8m6K8JF+Y2wgQ}{-<~?HkuBOXWQ?5hVc2DPkJ+nFf zcFIX2{~^aMLH$#r;ge`)jeg)hN!cL00EeMZGW9E1OTxfAP!1!u&5_uRnp2|9;L# z4RzZM5qO_JwRm!Paefw^&$n>^Ov3XK&TRx+EOo#F@y49~u`BZPhdZuf@f}@B#-fue ze)#-a4kwwmCN8iB*Xx5iOKcLDy-w**ObkC^k?nWLA{r917!gFb36j@c;&oQuQrn); zHS{!lBOfPMCmZUO(#bY1I3>P2(^n^nuP34JR_26Kn7+*5RYN%HJPMXY( zoS8Wju^-mn`H+anT)7wi4>i9JF@De_*gOABf+y40C%dS3V8F0aTIk{7^Oz=EQ;hf( zYx<|AhRO^wR9oF&6$kSsPmo%ySVY2(j88l!Y1PkQRT)xs5|*Ru7lmV3k_zF`H5!_Aq5_8Fq+k~AWamz2?s6>Px1ha>t^%JfUhe!AKyH^#$$twVNGkzsylT5-Sf?BkkYPwY8$YJBw(mY$Y(w5r0$}@zT`iwDEj|cZ7(ZCT{ zQ$D>_Zp&F!$}yT+FGsnMwt?|XuVH=`L*GaYt^WImqbCA0=SfCJhOa^M$*36jzLEa>`&L(%;o|X&4-JKQJ@SqA+X9Z zZf$;Ds?g9Lr6YT6Tgj&MuQoxMT$K#<#N+r6`bOtwhA+N0?%(@7r7hYlFADKf9GCfW-A_D zKE=wTD5w@X@@&~U`PhMf5`}MRQr5ba4`u)G^RQzVm->`0V2NA>tdm`5duYzT7U3@f>ekCnuv5R^@MIOD!$f+@ED^z4p zi>cyL&>$0>Nk|W+z$udTsVrQuH4K4Pfcf!|$lIoC6IJbUZrfcri6LmRwDN9XtNg3z z!QW=NG6_5zVqGUTl)UInQYVIXXKRL|BH^U&A7zoRLJFveqKzMG2Sz-dTB9%J!uAiI zZ|gqG*l*8Ym`dT9jUUzsKcFHyQlS6Jo3Q;0SUNrHUxfO<86R8v%RJa%ga4}_T&9L! zhd1fqb|Q$oIcUGYl-eAv?X=N9%3?FW#bUhxu<`u`OQI_jUa+Y|H4ESmB8ePoYBG(j zW9E`QXEpE1aKp{BPs%t*In?;JA*E=LG~Q$^#Lv<*uJerI-xp`T@bh?df0xkSn~RIy7ggf&#L_gXLsOe>;8Gl;nw4u3TYGG9NHzt_g9$<@5}JR_6hE8EmNR$ z>M;C((DSk2&5>n>_FkhY2FYf|WzXjnTzXuVSl`{ZH_OG>c44Ld?7dxYN{Atoe1fS4 zVE)Bjmx0u=N>!#YZKy)Ux2@`gYEr|-(RqI3)wPH5A(QVE%)J4NMpTY0>H^^7-ShsT z9+K%qc3}6?h>*#hp;UXUxG;L%RVy3JV_7(Ai^bK# z+~wK66BFl}OI?qy)=F&^&k&<cokV`)P>W#wbzI7}0(vS|VF+MkNI?D`CO6=q zgnAdci;hjsNp3y?+aXPs7>1JmSajMHi@l;VE-+y;Ip@q5t4Q<21*peep``ViudDBa zzP)b!qBrQNYThaLCloX~-B3|79J(Xh5*wd$FJR{B)KO}tFa-#~4|9MLJ3~6k5&0__ zKnbzJI%U$6%*$t)lRs93RESfNQ^M%xp?HJdA*!Pi3%$f%js>{_710I@t~Oo%0M|Y) zh`SJcz8g5#K8GFGe$A5@oDeoSLJ~tZf@u4) zLHO`q%R`8z;&JpZ5nNMsHCNeF-0{nOw{(b<@W^u=U(cM$`nnO~45Of48NFX*hGa&#^l&#sex~`?4e19Uh zWj8AwNXt4O%%OmBNy=G}sA!U8{0u?zN&zqGa6cyHXHf+wwf zGnMBUrO&u2)JHu#iSq)Yd1Z~OT&es$+ z4m>Oz^bCha7lj%XNTEBDXwr|UI!xZZm*v0`EYb%O%QA|;p5=k3S$M%KqM1?8DxC{3 zi_3*~Gc0dyDr5S#CExIwol|;4Y6Ol|rfR?&YLeEdT%?3oPD-k+tt&%9O=*K}J7$`| zF4_-8$wJ#H)PcG=JrlO5op|P7fOe?h;Le~Bh3hlO*PN2#MC^}4JOSjxKSzL}V0nFP zN(aV-O`BmtPRq}V7?TbEj!{+D#dBh*{0-VBgAd6HuR``7waaA#E+6&_pz0KV6{j!4 zj$&09oif;~bf7;@Ads%;ts|@Rk{lX}-;AD*{1w)>N%u9m9Kgx-g_0IdvTCqId6OlcGlLZea&Lf z!ItMW#m;0Q?+19-RVVjhD|yWAkGfQCia);b-1INSA#B@|6TSC+1KfF-Y*c*_^)`rw zBu>eb!aL!I6RQmNoHd5g2VD$-KoWIc~&5=it4vmoO+ILW=RvR_Y!p}*xU$ddwV&zW(W8zUJRV` z;$qMJL+(2(nt()PEV+26@x1IgHDJ>WhLC4E5H=rv>fQ<(;3UQE%LClfmWDg@n1f7+ z0oowaO{VNB8lEQiL~z3wAmC1bAvB@t1?EWgC)~W*TwfsG)--vhgo%=e(wC%frA|dg zUHwYuKFRx;Z^N?WJSKK>Pt2W8PBpTJ2cLP_NvIz)R;8+UA3RIz}NRL#eSWTQw*V>HE@%o>w=EB^O`V+*qAq`2=to zE*l~>1AlhM9@on|Yb!stzLk5L#t3)x&5m?p<7n&X>%IbB))x-_%J=s*9B)VSZtYIZ z1LO6?Mn&)su=E2Z$-nTa%?iNQe$NeEnFBP^=`p)&|O3u!f z48Q2j7+{q~K_L^?Kw-p(f{~+2;{>D613)84+LeIpa};2T&K1J_878pAK#J#*QOatE zl6T=sE;S;+P@T&ab_XBYfG9L)vlMo@m=A;q&+#Q;6WkPEmLd z!n=?2IG9ycIqDY?7fDkz0#!y5457oZyPhR+os*^?=j;{JAdC_=ZBI)n$r*GXbah1tU<=xLm|Vp1J2@C6)6I(Q`shVQ?Q z3itzRQ|60h?<~oEGMI$KporK}1ZN}?4Ha10bDBP1 zV6EjFXd|y(rC_MCN!ZKVg&U5?$lFC1z8O!dAqD}813ac{{yXi`D= zP8!zZXL$@!clOoco0j|YFmv;LGBt36yYq7Q9U2yf;Oq7J68huz`US_t+vWZ` zz{V4V$2JmOr-iVMehv0vYZr?@t{DzF^2Oryr0n)e!}Ymw@DjVXcX3P0+wJ@Lbkb@Y z`{MiYHgK@f>eH{g{k;f_yS^l&HN7eg%LBEN;u#!jKl7wJVC(Y$_Ve?Qhj7EO-5m4~#7UsJd3y4lmUL}|->P?T1yAl1{T4~%nK*VU15QxR#$RzAFOa#kthe*{n>{lwEY87^$`A)N4 zh5d?lks>e0bLikhO5Q_A@9>{1_;t4RWAPZ~e)SrCo8{rz!e^dc$Ii<|_-w3`IhRH+ zO+lh;0IPMv79vL5F&Jq`%l3eDj^;%shl^qs-1e-&k9IO~je}L&NQ||$_O)Rfy?z!U z*fRUyEAYRy3S8<+vqUU^>6)V&tIb&Rj$3mZnkc)`Do~Deuul-UIWGN zUvW4Fu8{oQjFnqDYfVs@2o#>_5k<5P!u4y@Ao55-LH?WztVKwcW7@_&bhhG(>zOFU zg>yE~9E;t|t&x$g?uwcNn19ox#539%0&BM+nH8xP(+U{Rp(eu0hXSEMOw3?>1U6Kr z!PP{v>E=M`fIGK!E8y3<#gZ%TufMp>oqE7zn&Q63OJ-cXhH8>C&)7G+60HTlwOHIA z+`E-M@TUyo5Z<6r-tV&>`DiN=PknwpMCPuKCtBY(dz{aygHAZ4LDuOp$mG$_HP%C6 zfVP8&(sr_kcVx1G?A*NLy^WXH5m(?!7`PpuFKM?|pU)@3*SjCg+l}W1x4&{{S=L=2 zw~-5nO|&zd&Hu?bZel7Wo8sM0 z2u#*1_rugnBuX*JRHwnJ7?QLPccCmWERvsy*W_p8o*s~M&q1j=2!Z4~A0DkE-HlwU zjBIkJwxZOW^T>ttL+C~JoI<}#GzEgU&4ysGKI9yMPPmwAjm?u^mY@Fs%l=*QOD30Z zK$3Xdd}=Jh-hJ_IyaZ?C zvySFibY%3rCeD`BIePU4l$wXXPRbwH_rDa2mi+Bcv(vTkZWV+p>GfGP*(q(0R>i6z z3HlSa(K1@SQ`5_`L1ZPYI0n?vl)tGL2J0;T)8Dkp(W8SW>K z37H5-1^%N(I!-dm|{?b-5zHWB6qXdHJ*uX+l8`_zmld>oYI9dd{Q=>^=2KGtaL znGl^cUd(rnQ&l>qQTeQFn~h%;UrKx_HO?Irxo6k~Blb~Re(g^pbiD}OTPn5~9BQoM zZ%C(@tUZcv82`9ed{LS2)O>1NVVa>%7wE`tQe=+e>yJ1h7)$W0<=@3kJ%0JQ^t7D1 zBcH!qz?kPpbD^{OlgEoa%RIS=1WX#{s9DzdH3u}FRHa@=$k(ucfsBKjXsM3 z)i~7(zdHV=inrl$d)$PS%wk#cgu{t%5%Pgz_NYa$?5$~%%%jdxkY+zB=!|+e4HS92 z91Uj7ZUwK#h{@*OK06j62;|YLrO-&bMo z4C3N4@jfwMo$FoO0EfOAsL^Cjk$6bS8kY66U6bn>t?i|9)#tEjU^Nq4P3ZB|l{zre zo(Gvms)R_vx*k7KG+HUfexl2u=?w;%K1n%>LDK4>(>eF0xCXm!V4tBSaHdQ z+Et9kU30~@HteA@VsrlmZbIdB8cO44lOTl7flYJ>Gods?GHu5GkYV2+KU?IG-;o9U z@+XN<)C+L(*wMtX0{3mUvunTnSixe9n&9Kf{?eY9PsWozTG~8ICw_;)1;2MlHgAm( z0>T^iRP{C{h+G?qDw;Tl)TKpoqYerM@OMEZwrOumoyPfwjwN~HiQbH^O!dAK`lfG&-@Djs*K!H` zWc|qcbaxqDIdw^PoxahPw+Ls?&M^DVfB`n%uF2*hBhQj+bi(4LkWZORm26Topcgs-KW$}o+`V1l2@Xfbr_fbF=aN)PCf2o z+L*VJY^0uQ`6uJ4rEy&ru+OyFvb+&|_xUYK-+EEkr*cVxR|ao=cv*mb*rjE-dX_r0 zIdS?#>14B!mH&=)>|ytTo45L4ruu!ikr#jZurL)f3Vxers2*DI!RNgG!p8)U@|JX% zyp*>wyLl&}$$fDATa5R<(Y1XNs~OPePqF9B1ctHsGb{b%w{Ui2jXKR=nfnPg&zqC* zj>3|}0v6)eE+iuMSWVLQ%Nnc(IO|SHtb&%;Tf*L*N=eyu6M{t7(X;U8H++1HGPUbw z|NMqGEF#J*V936);Lz7YBHb5Fbu2b-SPioW8y>GA-3C8~pesZpEQcr$()o~#`qFNa z#l;{2R*QWCTDuPhj8#kvGP+3yT||AoF^?;Pyd2k05ro%}(K)${9E|*%xa{^bYhCJH z)&=DF0l~%|4Za9{gkRq-wR^CgQ+SbzpI5E`7A3&1CiEtw|3)PW(|5PDwoQ zUSN3C(YU(3+{c+@#NaBmD!Dpb_E$BKzq9hO=pJ-7&=0sIc?z%I0BSuTQ*&r@%C;A2 zeRO|W)=j{%;E5Ziw!kGL)x8+jdffXE3$XCoVq8lIRK0>|Ad)BSko|RrP{XHD3hSXw z2zy!aP&0Y-x~Y9H>lm&tbTo~tNIo6}0X;jAmw~m+BUl7TPl9}0aWWV2aO>qu2~tY2 zny~40E9LEzHl>p<@uSB#!nZEH6Ko?tK=2PcE&pQ6%KER+xAbfb|0NUq|5jTW`U{y@ z|6BV0S8YYglEN_9oCH5YwcZ8IKw-K%EV`^da5KW8aO;HwWGm0DXT5K@fz{>L5(@SHr>=LWPf>2E(J=UK>P*p)r$lxH~``A)hZ#O=>ruxSIt_jmyz8FI3-Tz7_B zEtTblmn+H=F{8GdxJwTw_+J9AoNM3X(I~G${AA1#Mydm9xM@Nd4&M~J`Gu@8x4B>Q1%^R< zM?iMQd4)FzfhyyUUUE9li4*;?OHyw*xJ%F8fIDgIt_`iVI)N?vn>V;V@h1cR5}6&q0&&!H;P(IXVAq}%Wd19dgr zGe}5RBMNRG_cbAr^xyzYS8cv6is}L4O9W9AHp4g>(@6W|8dJ4k@~A2u{|tP;za*~ z(sGGt{lrkxJ00)rt#bud+a>YGj|9@s{bn6!#MP(s59T69jXSRnnQx_{7S!QHV~-Xz zS>G}aU`>P4Hrcq3qn)F76MQ(O?Ox#hszVGW0d?dpA92T)%wKH6-2vk(;Jo|Cu^M0o zuYa#upF<2XLElJG-HJ7*&I_Vi*Lh#UW+nOf$658{6hE7{8$~&8;JLqN?Z4qLxc)<_X&J0SG`kb52tbPvc7z(=wQs&J$L89OP0?F z=gvmzIlg^wx(Src;klvb4fwQ*lZfQ%GC;QPQh6EZ_lkL&8Xk11@tOLH<5BqgTJ%Yq zaX0b~VxLNOq?B}Q`h8RwR;8n32cW!%_rfy$V}FOSkTL}l*nB!y{1F5e)%Er0sNoOV z!k860O>V&B6|eJZAIVLDIu)z){S@6FsS#W!_Hm+@WUQMH(?FZblcvuSZ)?_09drJ~`|Hp#8$?zyAKmb>IPD{0888zw z5F$afczjF{mUdFBVst?;$rc5j?9Aqq5k2fpnwH5=uFNs?LB6O42c>?uO}F{?2@D|` zXN0J)Gb(6O=KxFDdt=Dfnit1vyJ;b z%Uj|e^l~XPb|nA^zTi1!e3Cv|fl>0vmC#L{X_2`b*n;@n0J&pKF~%|Q`gCqbs5PSF zBOZQJj9AjK$^loC!Z$aL%)#kNTSs#?Lz-{C^(v;Biah*x8aa@{cwM#cMZL?8njf~` z#i0qxjtmikK0eSV=~;JftT-f74%664WnU*%76-~0e6jpho1y0DUv5W;!RnP4AwV5 zSp}-jy%b+w=rPZ(j*Scc-PqE2Hvy$zILdz&d!N#~PGkerEj+%P5=S&SE4Ng>zTuzQ zNViT_LeFA}j>5aA3$p`v#UNl+i!R1qvT)9(?UL*Mn5b+lYf)Z&Fdnkov8Ekqfuj9@ zWBOdb{0q0s#`M2NivN4Z89OWUzngu%(v(ch6oLP9p=y^@QE=CVw=$@cs@*=goq44| z5T0CiiULWZ^Yi}Liw_6{vL3wE=Ad3rx3IAA<@~}r>DL_`+Wiu!djoEJo%SDD=>kIgcvdF^ z=2|~uaZNEHtM%*Dko$(Wal1P4KAG|D&^!;BivFTtuBVm*X?N;aLrw9xqtgD?_SjD} zkNl(GtWC!~7u*-RE)z^dX;tzgQAWZYgoq?+a#{j0Xu*67hqaM>(+0L)giQYWWeSHL zqY*wlNo70jSDP^+pe_YU@E;eBkKoLe(ih;H2{j0F7*=*6A15xUf(!1fa(;y$q#EVS_ZN6p^)dxrj3T?KB9XaK_=AJttf3lYuno&CJ(@ z7|i#|+fZAWV26GvFwEQ{hPd_mV02RZSiA0xfPQSa!m(VUU!#q_xRD_SX~Q87FSMY; z{R}{)p-U_oLdFga1MpFyJxafVkIx0{9^0VCK{v>V2>I|oD?=FpOqe1}J)l|RWjOrj z+D&^;nL?P6Kqw~XPv0Zx9jhB^_D0PzTGBt_Z$j9DcrX1_a^0{$%=X_IWeE%M8CQ1+ z!e%G&u{%ZB7Q_V7a=|cC&FGJn2!9a>K`;mq!>IO|AW&xlrP>K80k+{y!;8^fknyVX zvQv@uEZ8N2zYRdtR6~aqG~+e%wO^CLO^O<31T))XOV-Y$LS0N~H3Tf`@ZlG& z=U{tM2NrASj_D0mfgs4Vn>iz;$jF)CDn0F zuJJ1+He8iR-L{J06hQ7by^~f>YpS&O;|)PBbpP!B_;ygPF{Bx(AN8jf-oIvRe$WVR zk5PgWh%m$}MGV>V@-u7mO3>Ty>eFtAGvCQSndWgF<#G%4_+70tpeh`<4Cd(G zf&yR;9dcl!mjPjeO&SprY$2HGjX=AWlwRp()U7LtZoL)Lz%5I71nFV(_+2+{((Fu> z-B)&?ov7&B;^=&>PZz{pOIU9fIRb|+=!9<^5TasfQ(>tz(T~(FA7nQ`I8*3+(-qi1 zI$J?T647_4{G~$7w|SMc46^X3LkqXb9M;S*QrzFw2ex3JgFGNOp~uydqz)NIh2r{G zdnMQ&cU5#vdKU^MV1!?OFt7;;WnwC6tKJ{n91S9IXHPd47anC0`hxrEA7r-DV0zXF z!;UtpX(RN|V4Hk9B#bJUk*h>YRW2TWtVNKPRHm0AX*}K%w1RA9^(Uj8?o8W z*f^ltHgWl8>rql@{dm*0!usW;P0Y96$fuw}jBHt7>%7nUc0wgs zdvuCB6|=~NFxe_&Im~lv0cql`HsW^Fk|Uc!;kr6@vb*J%pALfZ9TQt8>O#=~3>kSK z_nxbL(O{dA9Xy`4B}e3?w81}IPwsjo0~waz>UyHx>I!ZTYk8;! zBQ%R`zT`{={>;lDiyAuW2_5-v;5d>MICOvVFrGnCh!|{;esZ`3-eJ| zuR?U2&&_E`@wg`t{&kV*t)?N1lCb`m9GB?P@oXArgPQ4}GLToL)ta3=H|&%}Xzhen z6k@pfh@OXNZRSkbmO~v)!T8)(A(_u0|0j#vT*yo|pYUx=I@n9K&$#%s{{q`wiX*>4 zfmvH>Ohrc)RQFE>jfx&9b5w;4r5%>UHc^?@cQZNLI?S+I1S646P2ah5-2xZeN2jf@U;yLKk`6mV`xCNDQM`{=3bMMau;m;xSItq(d+IeEmoqzEoz{2*w7WMw$`xu%2M<3%~dAfhU>Q_tK7Kb&# z`=$1DWGfZ5G6GK+A00ojml5g`ppO`?6AJ{aQ=D{oFoocE@9WMD#kqpSu%FjWo;4%{ zwnVG#ozvf(F|xY`4{1-^&4`WT^<;UQW) zmxz9R9MJJ-Z)Sg80_qqS4=A+h&tTLT``*GKUHePO;@aV*l@VTAw^3_y;rb}8|L3cS zS^)g97)?J42T!n~0WsDYqSCPI10qfzA7QJ|_%nqKokRnBSStD?IArSJpb02zpeG9z zGU}>SS|DN9}`m5a_Y=75+67k*_p_pb3(!TKv}R%BMm`2O4J% zfF_T>{D2SI!uR;ua=KvAz$TCP5U~te_~!Tw&g9^2zXz=qA*|2|O`zYY_k?*)as7)fzrfEzD1nR>RshL@|qD5g&U{ryb`a%zY>YGoY zF;F=OLWXTe4Dk4aj$%an-uEkOb+o>2_p~+t3Q~SNzdsKxz4TbO9-RF6d_CjQ)_i+; zD{f51!mjmyIX$gZ{&c(_i(>M2wY__8*rwvegR4lQUiP0~hBVaJ!R4HtqpNy%|JA{B zc=~d9O1;3VNv*U^{ds*mes6WH)wyED+uqXY@i1QK_I+|hps84AJQy*qBoJmaOk?a`15obABb-mBk_-jbl+JB!QT28AuG9MdqQ?H>SR<}5%8N;9^ z@T(jSNb-$f5&~cRSrI@1+`|eWk~^auXU2xoXe@4Q(m*v7|Bc#ul(XdC4&oG_t<<;? zXm}jb6xZom%rcdw5d|Iso`RF&B2{USE%{g}nk>`t9>=3<<<k! z9QDPFx9@bxm38Ig1?J_CmiNom#L;=^^UTIkDR0L^=e?t+{S(ZwjjipDCO@X#l;usW zZ|B;^N9R0?&r7R{ZYrKf+(0^Td)SgAF6xs+<3i3-z$w5P|H=Pap2t4LmYQIq zUTBh9V37W2V{(B(c7lugq3NFu2h+FG!g-)&)C#)Q-cfz*Y!nXUV`jTQM$znJ*0LCp zR7%KSau35(`pF2+)bg=X#*lAlR*Ih%O&N(*7_pEbmcq>)AdkcOSDli7jLwqfJnok* zc3KdBiLJR9Q5v$LD`^a5@MrNI#7#zVjWEC7di~C}|HZ^qN%#;jS`!h0hLX;v1Lm>u zOx@Ao+@H{IaoXqX>^Z?1$c{Tk5w{L9VH|*(sshIO?aJp%FWV?|XzZj6y>cH4m&%?omj4i~Q6acIT3({|5i{8{H07CWNFTeb+9(f2 zs^o0+e7Y&&Pg}dbFU=NvNc4c>YZ)nA)8do{W%R%xy8hm2*6MCY+l4MEX=b=N)& zra@x&%PHEDB>@^7D#8LFTyVe@@-*u+rRe4Z_t!m_W0>*_sTsP(O*tMEM_MU+Ev|6( zSglpg^EF{_nKyly5{!5}k>JqQ|D58e>1!BH zqWOCR%@hPrlyz>O(;x}}9E5wJuF9;@qs0X+V=P9=K`F-eXRhqSZZ$#MG-p2}sp*H9 zehKU4_BIk$0^c;_sBYNZLg>`S7Fx63==Stj+rEH}cDTz++x({Y1nrxP8&s}e2;!58 zm1+|MbFs4zpt@}Y9Via#i!Xmst32#@XpwYi&Tq6UK0ki`#>kqqnSv(6VvMzGm_5hI zhEs<}9Gb&@*AbMhX2SC{6|v}z#$G4+U7#}0ZL|@)%a_4{5}dM^u4RT!VLJY&qA@Z4}Fz6rm3Y-o-#ix zNV-u1!scXx(hO8S1+|{95cz{Ghopk@3R4J$8~Pc6oQk_;N`3RUplHFyR_Dfr;lw4k zP3&~KldpKWEnj^jz4;~klo215ZN*;{^FHn-;qKrgnYXp|s$^4VM~(I}vA_Ypn!-UN zXbAa3MLxdr@p#{q4WQX$5+I_*K?x3i7kLJ}>)=C6KFo2$^|7C@I5;e#+Iz!{*J);k zJiWI$Cvk+YC#)rD~>-~7DS5vYj8VuCiuCuTsQuUD!7Nh3viw``s zjYF~LRgXV%G0(C^8sxQ}pQ9TFRf zk0AmSxG3IbW4+yo5j;H@XkGvlD}ntQ%XnSusM?trmK*n;t&jC|f3_>sJ^+rv6Vhyl z>2K}Q>I*7%h|h-Rx%Em^#vR6|)cLaC;e=Z7nvn8o3~%MzS=^0a9j?pj}=AgFAteQ2WmMSqSHYkTTr z1CD1$u$XWJzO6w&bWsTQQaUa->HEgYj@qJyE9EioPLWL&mMG-#bj40Zk>Lv-$P%D? z-D(C(QqIsnm&F`b=)#T)osdJH=UJ+1&j+YJL%;xSUZ! z(KM-Knp`?tK7*r>$yvnwpAU$YPX8ar*B7&61O?mt|JT4+9e)XAA5y|SQ^GBuq>!oH z#fL;(jS@yg+>D3;8Y8VPxgY8Wv5hlbR(4w`DlEqwKDSrH zowRO@vDXKCh@`~&g~0Z5bJcg2h8c8I=4|RN-ZTq&Z{ZVwbFGuc1NO31$}+5P?+OEv z-x=opQh+daoTZNeoz7#A@$cmzhzqO^YIPVRsIqdEp=aOxDMMy=dZDU*PB;;Y&gfVl z9>J)~Jsu5~dH`t607|=w0dwl=>r{|2z4}zi-6+Y=-&uvn;1)jfFT13q7UubjGG?y{ zh;axwLRZ~@X$QGN+bqqgadszZ4kX}o2Gkh0^w6^Z!50u>p5C;qA_aiEr3SlfsKhxs z5o>a(>L=jNYd&}zMa%zk_|t4{{_91ryKre}LhIuwMzss4QQV6UYGwU<8^bL38stKW zvMU35YCE-A5EUmwDgJYl$qYe#Wj1>@gKIo#7cF0!hj6zQIg4o{K;lnFi)}vTrq3Z{ zBwNoou$s7Cb4X;bPkS=U0sbweRqbl$lFry8LeT2biRZfn*gZ&wvRu#+_UsETO*7KD zEsbYjWjO<({syb6hH1}*KZgcEtI3BZ2w77>81P3Y6k6Wb{avq*^E2*OxPV8!YH6;i zB7HqWDRbuZL!ug9oAkMu8nwq~W*OOy`HPS3EloQ9>t9}7Y!7he)mf-xFORgK)jnBw z=mid@{s$x0$;Wf#NY&W0m)B}3SfGZsTS@jU$b?nx-8j464L6oJhb5s1)D|OVd9{dF zZdZ|7i=l2U{$b6hA4}jv&dGWyq$XjLKAao%iis!pA<&J_TN`MnJ>189!maPIDQ1hS znz|8=Z}Rzq+E3ZoSxt&UnN2WP0YEV-j>i=Yf7EyB*3H%@FUeRG=f4OKu+#s8U}I}w z@#`Nb#sA6^Ffg$E+q?fOP4UK!HiW-7OU`tK;t@R8hlOFA1vY6H%@wD|iH%cTA|Pse zp=rWqk&Jt@KN#L`IHFK)FPb2T(J|k*)T{_-(2&!+KhBTtkF5yPOM}MF;S}YSCw-aQJGU8t$oGSLGJD3l0Ya&$?y7IY@mo5*S$Ni}<7+ zj#Ryle!cJNGaDxm{wkD$^iL0$k}0=Tq@|2g;E<|bTenF)`z0k%QIf&XTg*V$#V0g> zVi2ZG@6==t<+R$E2h3<3vH{6agF@Lvsa8=!cs8fd~4fAX6d z!tf}d_keF8;E+RO_?QQgwnZ^QdkmxXf}teE@UjYldL%YXgp7gXvBiNV%8kz^U4Szt zJ>cjZAS~E#@gwg#1k+W&lv1P2bCnqu%yI&`eA6&<5+;V%V5`eOf5s)G`FF1RCWSq(|XK&_XS>Y z>!Z;aJF^GQ>A8G%SeIv*yZ-q6WXVCt1?k>29(bfqYaAtM^a<=j|G|03NIYxR;g|r5 zOLS^BM}xBNH3os0bftRHZ`JIm5-Z2=*|~0c2uR5`G2O960V4g&V$_PCY-O%Tz1+58B#Y4vPOJR5p^Z8U>p8hLn8zn1Chv~)Pwsj z1QlXHUkY?6w7MoY*iVC?pi{6{h6jCIQHiK;QX6EeUru=%`k1r^q4eCO*u!lMfY$!2 z01*j)_~Yx&yRqK<`u!nYQV5F#cnnWKT1EzdnVuS4J`pKXKJh{x8Gd(w$07m#87!Gf z_0B#SZf--T_yVqP%sqMcQp5bWpA3u55ry#%n_q%z@DZ( zVGtigvhWkJ<5ory%o2i%#EtZ-F|c)o@lTbB4m|rIl3Mlx$4^)Nh+)?x9Q`){gv$Gk zqtSPo+@8hfTB&nVp@)hpJxg&I=5qxmf%TJTZO;^5PY-Kl$Rj;6fP+8*QdOutK-d(y zpP^$p!935eS>ymcZ(vZi;tKN6YB`LepmGkY1;xm&LkTxnzvNGM9jsF^5kUL73cRm@ z59R}JTurM9rl7e+pbi4*5)bfbjt)RtQIuSx zLs_enLt3$p0oFBbX-SVM0^G_)wDrevcoKI_lNtK)xsX}isR$0oC{!L$xR{$l;MVqc z98ZF?=k%z@-^%Kc>sU05#2`K8&l@Z*ACUaj#v71;fblS=;dg9mQWpSEt*wRLxiD>=QEti50KgQ!W-Kg2C7h?!lP zt7@csh2GHh+#Ku$wd@C)>&QN&MqYn9n>i^&OBH2b&rL(y^?bAa?o5<|6qdw zKjMDTOTj1ew>nVHlL5hv&lZayg2O0QNp8GVQ7YVOzL2_#6ZQHe9X|iAz33Z`44KP2 z@LH*mX5EHROH-IIe9)gV#~HP@8lN10dSHLZlS zhw6hr;@>b8c7q}>7P|a10i~bDWea!2zT*vZsFENr7L2p6qbWm4t|0Npid)?Wt@4r< zN;4WGqI3VqAUAL3$foKodvnXXB!6^Pq8y?k2{qvN8LV1i{M~Cu+g`)@h%gvaolrTQ zoPP%aiW#+(ih}>1u>$P2ZGb?s^XF6zXVdLXg#}X#Lnjf=IGe)fbfuYIP2b9|d!eqV zLbo$Mx4LETi2{2cUNgzAC37KaTkom`i2hI=A3J$L>a#TFZU|yj)@bjiZF`CuG$2pd zIhY_<{gL@)-1SE@?wp!tZo_*E3;X89J%+}o2GBoQg#Nmr+bPkD(+$2Yky|B}cvpKs zFk1LajWnWgJd_0U_*6#C60hY<6H;F072j*AKii5Iz<&VG=(@>pVAl)SO{FEDgtlwG z1a0X3v*H{DroctEW$Y;KU2rCbU2AFMTYa@RodZ~N6kNs%K>hh3#De1md(7 zM&QF%e!Dt5sc?V=HdV)M1(|JDEh)uZW70m`@4It_(iZf?+sejxE%E8Evyb-Li3iPe78^{`BpWJ_U#4Oy{I_%VcitH?>InT7SqC`hi4+coo*a z_7_XG5x?{zY^L(H^C^rc%=PL;GW<8z-T}zArfCyxowjY;wsqRJZQHi(?$fqy+qP|+ zbKY-e?)~S^7xVu&Vs=!ly;oJmUKOh{va&L>o+li6r|A*iUAO%g&W5%2&<_w$puF3^ zv6I-DIsSv4^nVVcF#bP=6cYpEe;p1oYa@oZ1t#R?gyNjBtqfH>91(E94{nv19~!-x zE&+WwKjxY6dD_4PwRVS>kEQB*3qX8@`0AQ9O5H^oAi~)X2V?ojztcpv?<;dFZ*HbJ4_W4L!A?kMdk1YPlu}Q>708xW&R} z|Dfpvb|%ag?9OQN?BxBP=sG5(9yo69hDz7D-3TE0t~5PVXUsl%$fsxi--F4}f5Hn} zJsb-XI{V7}|HF8$)~^mhp`Z53BgDN+dxb46+A?^N%P31>o%cKzz5GDiKMoT+wp@FagwD`g7gWapR)v;`@5H_x;teQnT~L&0X~Z*VFlJpJs#`1%@*b zw?h9bgDl*bMzS|dd;f9ddO`N)_U9*-s_@Hku(Z`+^S78Q)b;)C>+zkrI~NVU3iN>U zk~?Z987|qFzRq!_e%b_j@srmeswdnsVbKgccaCu^eBiDrPx>d@zP+0llRpc;LHi*+ ztob|vne;&WIB_|LY~%WyTHa?)KSGKKKwI$B!FG{-vGE*7ka5;jlB(ZKdWpS>&awlq z0qWHp*KdQd|k;NtKT{d=LmQ@n**sUbip~0I8PIKGaeQ1TLX+m-S}{803Qpt zuSjZ8N*YonETPU3j`{3>9)sKg7>x3q1rB2#leRERKQL)g%?0B@mBdrrH06rWDJr?g zjQ0D~7xX#ujTA4u!_TGhzYJ}V&L3|#I!ZoPYP!09b+>pGAGbh9C6fS2r^(jaEpH86I)+k z3;-gwZZE74Q=%K>OjwzAW!YqcMm(~#Y+Cx+V+RjjnFEY{04@uyJOsHQy6n{Gm{vK? z5`at*kp`Hv>d?O(*GZ+MI$8kKL2@`5KK15~PPH`X=m3{JQs9-)sYtb+iI&uWUSR6c zmC6oWf3U(yt{A)E{?JgM)G+-41Y+&=J#@3Sm}&To}4RTpY2$Ba}aq`zLt~ zZk2-MsHgi~6J0Q0bgPcg6I!dooQ>y}$|Qh-)|MrvTjrN%2OD2OJoPdkVz>EhSM!IsL$c@tT$`FSLBGLQx- z!hLye5270hwA||OoxtW``p~Z=l!UOctq8&wVe4T8h;@(tb@r%tAURl`5*#wq6cWHv z$Q-bzLl~fy-#fxGT~Cqu^OS=>b&GXjJS7ZFrozQ`VQL1kM|%|Mhm1!a^?IV4l(^UM zPL3+XD)kh=Gr)b+O3K-_Ssx2}dv`U$!5D2uu3I1L!7L+XpP=cNsQn4W5>-K084H@U z#2z-*4v=Dnv!?)--pjHSyA<=le-fnb26=Lb&x7EXr+uABAoaUE0@}&}7}QO<)>k*c zqsOrI+nRxyBBaX)gb_C4wDCfFz-yttU!!Lt_W>IBMv{9eAw z^&`foZ7BwD!dnAeZU~ezhq}}O943-@p+DG54Hg|-!~+LV7J|4FJ@GSDA-!G;T{B<)diXQJP3CLJ0~@4952DT>Uz4UP8Ggah zAf!wFsCqF|h*(%-+t!kx^L)LHxr~aT)9dlp zTWe}1Gez#SQ;z02k`G!L zC-dC@s%n0*TCA>L4r(H;WYMpJ;L6&}sQu^8Y9}aoSvc3kj;Ro%4x1R#Xa@F0ZQ<_Lki9hgNdIAJxge zwQrn`fX1x$=@;~TDNOB1PId`Ha@}hrLCVsLu@QC@Yo2F8^hp$GT3;L?vj!Yk4r6E7 z^FC)-_o9y$uF{kCh)3qc0L(I*qiNw0mL41r*JRx-vn((e)d4feQJhq$K6odz5O)bI zNcv>F%4aa?5!#%N4p@L5N^FPAk|Jhz-z9&13Y*&TqUkYBZ5pJ>%}SU${{(&m{df(t zn{}N;Tokjn%!v|U0?^O;k^fSwX;L_rTFs*}#-vVZEN0ECpky3Pr>d_0or4bVs!b(< zyP!+vzI83wT~5eWBwKV5G?VN_>%D;(M`a88= zK$4jn>4e8LVz!4OFZ@TQ#?SE==>CP+DwTE$k!>C4A?vMXf$mogc@}7Qf}f;! zw$pAf`?+o?`;@0M;BOIj$q@_ov)Lo5rOB*sD1WDzBBuXC!()$kY#i?VLHW} zWMkY=LTu9GFg(*mTfxDp-+FngA6yv=y(@DycD4*S_AnkYnvHheZwWQ*xT!8gA=vWm z@?Y2baPK@YA9a3#L-uu66}gzl`R4nCh3>+{(~;k>K-)-oAYK`-?T|K|(tRcFKdKNv zP-cQR%l~GJ!tocV@qcsWGSJgA{8v-Hr&Q-0*4dH0PpFu$BGc7_h$ZVc*?>s%0Q&6Kux^cNzq&pnT<(s$ISr80SJ~H= zUQ`o@nT{J7UeZGuYW*DhR=fLLdBRYEfbV`q3Gxe&r&U?H?!c#2bk6_?Y@qBiJZJ%r zTaA`hts|r@`qboQ{R#*=EA~Oj!uEr3VlXjQz!p-{4@MC5)W{!{KrS53L1rk-3P>bX zz&CTL(?mq@51GoX3Ysd$l-3YM=83c()UjR$q58YSS1%9}{TC{&HgEBOPqfuBPa>>#L|pH2bXBOb#X z{|h0|=cz3JZcmd$K3)(6LJS88T?HLsj^nWlR6BKp`GK6Jp_-7EjoH%@h!ZPWp3kA& z&K%j0O(M{gLPef<;nYembSP+&SniZ zhxv~IE^L_(dyS^^40$d@cif;_bCkipWhn?FwF_M<%6o%ZiwS?ActFkz-6pyhx0ocm zJiF()w6OC>nEcr_!9()9Omky=$|@PLC!lyuvVm>+1-k88N0yWW==bQ(N1G${nLk-c z$fgoUeaLN}a*DzPO=}-{kLxC18!HEN+YRhE<>z9^dr`XuMXrnUiEO&>DnD9P9ZEm6 zQio;^6kk*vX-0lesykRYlvxFfpKp{ss4IsmdzjGNzMGa6kDPeTpBHs6HHlYC$@WAj zu!_xB+o%0lc#F63%%6>nwwhI2If5)!PqKY-Kgc29i>7h>d^tw%jWCZspP6q*NgdY% zPO9e_qLL_4JD%1&T`Nw7Y*w+hzq>ozpMS4>Hz*;OVsEo%gxF)A7L4hZMFqH}SAPq2 z;@l*=neMq1!TBMp(}_m!)CKv3eEMcHqp;FRWw#JHopTOin@x+*bwQ)3ayZx6v(x+$ z$2dGsHh0Dy6kwE&)D&?^ADxNImQE3tm2@nMghTiSh6+&I{CBE@;Xm>d{dez%nyi6^ zv7r+rouadWle?WUKAotogZ1C@nt!kV>hYJ%SWZbqjaJm$%2-C<+8Cdlmd?<@-OkBY zSJ%FDiake%vcEJCie;{sSVk>NJ=!DPA@h{R1 z1xPwUL0dO`&3^{<7cmf@frV8YlJ2*It+UnRaODbb(xgiJS1R>oE<4} zw*Bo0cZj4+69ij9gxrEz#+G5z=j^Q5L$pYa4p7yY8qgTS*J4${oRXEAc%s@9BnYCc z!4#hq)C!(O)HzsU?TBj?B9T{7mdj&76xTJ|J!5Wd$UVs=pw5~0mf)8u+!ZI+A+#C? z)V>wy@*Ap2Gj93p6%5Efi|H0dSuHOjbFYbJgk3nmHzML}??)8FJOp@#I%$Io^qOM6 z!$sdDu}2+{S#tlTG6;M72j>}HX-9iMW7d?FG5!VNaKH!^RlT(LZ#n5G_RsN6w!SpU z=IR_<+mLv*YZ!vTK8fDL>;?$eOp*9^(#ZU8kR$(2)&H3Hzw+kvS9<6~t^Urou(6@7 zk?}vX>*(ZQtZxnJmZhCAV>5scJ$%C*9J`e#A%RsdAzxV5aahZz(F~Tm>lBX~0M2uG z6>7gE&PDuL+cP5?vcJgVY7-^b8M^j}u8*D#(>l4L2S4qGk-aKjTM*u&{hcZ9DNpR! zLyJ%{4bxzTNzSX_5Uw9Qm6$#AiVu+M28B9sN?ZHJ`GkF5v;DIhL@P+Kj!F$%wi)?c z;~_|1@4m5?gm=&`-OM+1a*klMee)`2(%kB1O>gEZFqdQuHAUYDl>L>Om_T#V=XHUf zkx^)zo-*ip>}}9Ak%c-pO5muWki`dXvs_WRQn`X$ z!>%K*d)O^@_dA9UQPV_n(p1g~bjVxz+AVMV?z#z19|#W5SqITJiO>iXFS?HE(A zJ>(PM{?q)vVBiDmu7OPT+Xs*hG5_G-O$h_rf3Pk7uPO*5W4r&~TH>FS_Wz@n_(voB z_fh^!Yy4GW_;gAR`ZkVs`VPi6hVGDb;`mMu&c={*LVsI?ja|$QjTL?i{v${Km-Gtz zztJm<9DlXZe*TeT>Y+i_ao!Rw z5W|fD4IWd`3dIyv8EYcyUn=F2XoeZLmZ zB3&>hHuD=sb%>YV>7rjHOfbId5}C3Y&0&q$zf*pxb2P@514~-Zh}5Enj#UWVBc?

~`8El6)8ta)`|-vR6#V77+HvJyp<|2y&gU%d1GBa4BV zgXNzEXULx)yPjJ^t4O`fq zq;7|eh)vQmP}6@XJYnJm2O!@L7}neR#j0BpUv_u?1t)V#n3R7bP#}J!Q|OzFBp5%n zAyCp8eZji+jr^zLcj-ghK3SRi!G2Lc{?;!M)f675;YXnC@6-y+=B()V6ago&gcM^) zh#T}9M4O5zMR;v%Mj3*;N^^0?QgvM$F<v8!AIfef^8aQ**n=SB?j2xVM;r%H3fHhI{N02k!`MgI|sp z17Yx--^iV{=#vcBy^$8L?pa}XLG9b8#F694Vv)6B4N9~;8KA#?aS+tPX%r$Kxew)S zL@Em4{?xLBwxOYlJ@QFu*>?YHcD&^lO|w809r_J71H zXy%pbH1JAUZD4${qv0_Wm(eF8ZkXuv>y#TSWJXpTtlcerJUlR9NC!?dm^LJyHB7vq z^<7SF?Cx9BcW{0ft|#)nhgpA~r0vJY@wqna+t3UT;_}R+TF7dTh-_y-CjRP_Y6q%g zA>ap4vn~L>ZhtNRG=%lF$#JJ} zL2x!F5wW1yqw0n1!d}DmuB6N9{w$<>Zq7g&_dfK9nOokjs=BHDT6Z|?>#c20y>+{L zKBLN2h`C-!eGOCCUT%@iUQRHq^7JITO;Ql^LJB2lf%p@fX4nAPqQWuy zY~d*jiZ8?N?1w~;A<%6twQT6Xc8!WRiGe>T6tq3?0?u*h8C1(-)q5~>w+6UU5aw~M zPe~rsob?n9Z}Wy9#HkPlW8P<{&edl`rXAm!FC-cYi)7q0fPp*&qCO7haSVWzz>K(WcaT?$4dVtCq_D;eDbYu+p zZ+76Aib8S}P=j(8=Kd1VY)b1+@JbB{ijX=mhOTrumlCz{u>K~W7BvJg!iQQD34sw< z#e(S!E~f_1_#!n0xBGF%NTZP3!0(fvT$S#~S5o z+nb}RgQBrVcYO1R$LKAP1=7Vaq@{uOz3|$DxFF%CkoqcN*AoK~3K6?mYy`Odo8(y3 z2c7q9Qi+&Kk|WGiQH&<6G6jWMs_oMU(P0sXuu*{mV8-DGPn_XI&WtScs`Dq1rD3B%L4Fe1Rl8zz>RDX`k!tC9}B$-uF*!;-?8oF>1V7|!i+5JFB^D8A7uUl;tU3=X2Z>3h{a%hP&&Nn0lZ-;g5^D=#yO_pbub*P>QUhNZ~G zk>ik&wlbzVD3ni&d=BShqFRms@NA5T%y-x$lnjEsW=3>({ptp{=~odUPLfPCnJLVH zhrP4N4tpn(t_HIez+=ib4gdBkz^xInr;-QP2W?ERmEv^fP6sredrklzi_ixegVfSJ zrZPkg$p+0^MR$8+q)L?VFhhLu8zZ{<8TWdpobRk0aY}0qu}miS09;mAhC)KTJ#kK9 zJ4{2_;2@#SFY4~v+LkFXNwlS;=>y=$#3R1yjJSubC5_`6%+zk!oHWCe8Mm;=c}g%v z0kz&KuXFh-G>vE9`a^b;N(85*Vr4;TYeC7vqP#9*k*zG!ls6Y;i{O}><=R{c z)%K3d&cn;`igA1A7%HfE(=mH)wc>DUX=89|K{^eXUavcclX=iG2*_{o5Z4GenJWmam5CZta#6Si4~ZFved2!2#EqV1Jd}T!Z$*>r#7POU5O^W3|}0 zHV=Cn^i{mHc_tFAA8@d+R&jQ*u)C7yQ~hpM9`!ab^B(bZlrW{QTDKAA(2m!kzR(||X}U0-7h-TYuqNh8 zUU@Ee?sDN+iB-5H7g@R<=h8kpZlI0&beKnLff`}Qn;A(epBAfGXq)lddDz@yN4u_M zTHFYiX_R{#6m|fTJu1VTm9eoLS@*Q9>K$@I=>XJ`5^TVcu)niZSOBu-IMJ@5R2C)2 z3c3A;ZhSWBNwCx*KQ~};3pKFC1GV5AH?j=P=74yv-?=%Ipa`~+*~3i-^PyA&6j+~g zbMWveTB=%}T5@R*Sa^xUL2SIfeelfSxBnTdV(fc^ynM)5msZV;-cPMuHp0Df+Gz3k zaF^rM>>s7(NbYwMUwP%9+%dRcu&N`DnM51McGj>RC4?xMwb%F6(u(Cj+=`f+G)8Uy z!$oj+x<4CRPXBIQXaA4J{{O^|VEMZ@|JUa~wWrpv)HP%OfowWaZ9R{aA26cL!QfI* zo-=8X&X{l^SZWqGYNM}J=__8fN%(%xX+yUf5Y%h2MSyeUTbVf_tYv$tbzS?g-}L;9 z3f2iDBuHb+aYrnW1D6#=hS-lT+2+#4U&oWfc&{LI=T?6K1Nr!)YK)6^)?<11ik zEr~WhUA%*^$BCG3` z-a!7;o0%&fRzzvP!_(nT4rMfM?XHi&@!Zc_XCLa*%dm_o9}7TF+O zlo88V7b1`+=m7x)Z~*!i_-idOcz=Lrg1-Sfw=j?mm|o;)JUu8vt2unQ89xsOJ#nAH zF#ec9_XSozL_!{WDn&S^6htb$sde?hWWTW+gO`OV{_kpr;jhL{?e(sgG(#HfQh_e; zQn@^e5adq`Ak&MvIeOgg&L~?Oo4?oqt_T6+`Q0C~e;js|IBHRs1_4_;r6s^Xs(w7K zq3ylb9=6l5STauv)S#+FfaCS?X#m zlV&VFTcei<#Tzt4JCZpof7VLi`6ZQ4UqWl`%6B__Kp_2EJO%cQ5XnT12{;n`p}z|75n=3|K zonbmU9o-n;Ya{udbiHVrp119oRam}OqZv#_elcOdhdYRJ?lmedHuIa@%WD~-za01GR8p|yq6oni)P7c@nEnbS`NsDY+UJ~I z4#_I^>=j4KZRO)rdwqfs?ZNEwW6UA2{GpHw%w|ZJWyy~vzU(3vS{QN~FjBK5GK`}6 zCVqq}c3l@S16=n2o3(u=CWIN`p@XQ_?~}sRYII5pNh|`M;F)6{)#s%mL|Dt1u_wy) z%PG>K`3XDmByI%y43b0<3;=3Fd&yzp;|rC+aW0^7 z%x01d_{=g5K4ZJ`g8R-AZrJ4$@k7P2fAwQ9%Ur^m17MG?9N$_xx@kC$-mG9t5ZldK z!KycK1nu(ra1b(gV}2pV?hMw5-c{^Hs|)P;R{ky|FGuLwAi^cErbWcO9@B02+Y=kl z4e`uYPZ=}H-Y_4S6CoqLasr}tyN=bvm(50R0bR!HXAN=I@lyd-_=yLY0W;=xW2v9$ zc?4c^V^M}BV1=<<%`bRDOKs<3-@6HXpMkrrMHV1B<@bQ^Um8iJRJ<^%v5|E|V&a{- z`h%~o+W!M^bMSrg@0JyY|1uH*^M7De=3x9UGsawLsXK16Hvi=x+cmrwyxdT-D8F1C zd)=O7XR9-SkUMB!QC8c5L)G)`17_8%Av0Wj;8F>eYV}0$4)AJc$4Z^_oTJ(~ zza1&TE*?~wL_t!{IFFP^H6j^a)=5RujJT2WX|H7F3kuia_#{4f!Vd@o}+JJVbs;XROOAyrW< z`Cm?!%yAIR8W;sY-W2@q7Q+4x3FI)8=mGi4#vJ0TW{T=n;K-tokOSb5^+yryOQ=fZ z&fZ7AAjoqw*obd)amXdBz`?VGW`za!wUXBp78dOSh!~1C-xVkYJSOH4lzQd#^moG*_1PEYc1=cA75(o_g z@xbrX92MXY>6{hG6HNES64S+rhQTChBzKGv2Q`;0D;z^9QbI77pa>~LSviG)1XV~? zPyjhcCnVsSWfr6@{S^%%mlISTOG2fYunPkBMKfJxhz3 z3&_DpuN?$=G^ABFA3)fERETL5N$MsjI&3Ch7a`zRIG)uwC_@ArOidK>4Hb#-$NPB= z!_&b#naahs3%A+yaznd;W=8kv;>7gwo4(ooGoBmlC;Tg#$KcNo`S<|F2Wg4*li_R= zu$!?|m7YAhMs&6QpW+Z-fQ_#6h8fCd>!EJ!9B33zId2DE*p3R*nT*!6g@y<4pM5Kr z&T!JTQ~Kn(3nhhR&QxJE-m35S6{b&5*Gj<;ja#hR`EtyKdXP(Zof8I|P2}M%nJlin1$E0~$Xu_= zQ3p<8rrxuEQweh6LRMtnJBs0|S!<6lDwR4@ED%;T=dGiV7@HZHr^(jv?TjlF8Kut? z%oKR@c*&I|Uq3PGfDEn|HHp3-o&?T0-MkCn#utazJ5KP}#a-c4Ff|qFbpW1IoZ5yO ze=qfud7fz)p+wuXp0-2pY#ky=pyibp127V)C@e-GcCZn3YYbVlMWyy;Dq#giHQ&uS zbKB367V$I&5V?i#>r5$kLEB)~)HDw?m@eXtt+L0CmULNm9J+ z>_``yR2w7Gq~_g@dP=d1A1^YC{~hNkhgydn-eR3(?R~CQB7?!GH5E@b?S}#Y_OR^t z<7IqX@A63+7zdblLu--*d*=!o=}hJopaz6W^Fp`ZjJHg@1!}oBtIvVZG*+w#es9-Z zXP$AHOkbh|CQqcvfv+;ZGQ36-#uvv+eqt#C{t{MqSibj>ivNwzAVWlYVON0U*s13C zvV@=NSGiP;6!EZJM$APg)JT&R9A5=f!p2$2B-L8SVQIN{sNKLZ$*0PsQf3srbc?)TYk zCZI2TAd%KOP_-zz3Mf#D9r`SEfhEP}7At$JuC`0|Gb-2#sA78o#|&;|;Zli4fOFJ^ z3%)gcUnX_~>gY;lk^|I+rSyuk=*ej!N1L9AUwuZVmV(3lS;xs3^cC23okS)5IO!`^ z9q!?}=o}|)oRG_{k@Ya0A8HlKty%OgStBDvi)Ro^m_|q~z(uIK8Du#A9-LjWW7DDo z;HIm(8881MoLIHnlk`yc$9L#>!lYTI?qXwl$99zp-6;&yQ5^2&DjMyD?H zg*Cyz9py7|&!!6BR?a}pfjh6^A7E7-Teij@-S?uhb?6R;qbVm+x$*Cu4c=`$ z9Tj62Y5FGN>yxHZ$@52N>^ZTbu4km5RAx(M4i$}9G}Jld&Fov;pZXAD((5aJT#-2>wc&32Lml^#b#cepxFzP`VMzT ze1H+$J=Sz@>BLdLTKW_|9P#VKnYEFzI{ z`7v^9zh0O%;k2AjWQ-fdJ(R}uOnVFy9=>im_Srl%AlK;VV&v5-aOmOv1A9>lKCh~P zGu1l@6nNP|D}*HO>Z_DsU2QN<-6K`uHs-Spv$4ra)x53E>c07SVz~@kp^Uwz9MWFX zLah_9-Wx7EiN)MLei@PEncQ(D9R2n7ON~vluqyN9(xPdjmRUOfQyb0P+ z|Ku{@>5}h~L$gk@*#x-5fUhCmdNt*073vwvbF6x;rs%2j#y%@2#$)}tg0%q@m&tZ* z0LQ4g#Fi8&9N=9O#;}KX(wJhRLfNI2+`O2yS8Jqr?z9xK0k~5o1`I1Gl*5dFj5LWbSz4o*~+SYnWAc_>NUn8m_7s0hh{&>$BcO#9AChwRC3QhWM(-WJRvb1Uu)11;R6MRdU_I zj1)$7<)eGJIj|UIhzPyHi$ltz4s-egS=DZ%K_~XDv!vQ#g4U2w&zhGkm=uX0s}`92 z%|!LlH!JDu7J0!YbL}X`iX1hyqXh|5z#M6f>^;_qI#k2Y72<2P%4TmvNH--@6Dh{?cZR)fMzSZ^*(R2F$_sA&jHwu0$@o7dmXeQq(S!Mp zJHrhZ=Z>56mU~mD)>mqaCubE;_A)kh74HTEwu#oY!rHf~-6WQb%bQdApW>nPbe1>$ zvXClE8-nnjJR*7O-LPKU%C>uU;ikkUvo$P)R2N3jPcUULs(8e$JpDWQAy0+x?h#4W zcW?pEjd8FxryYy*S>FIJW;K*&AWvnZ=d?@@vEQb=HIwo>hVmMgrMiT!MFf1s@s7$| zZcJ&K{KzZd(OXf=tDV;{w*0EK00d%(dz9`yspswfdt`F|iYbx;E6v=8s-Shx`$CJb zQr1y< z=M$Bdut`kZRYl^WD?&jnhME+EO0n@fY31qk9cFjR4rLefF2#<|&q=zpD8FGBfF^gM zp!=DCdT;|B&p|1=CEKcEp)5*s69oWLTk?9K&!TYo!H8zQn3!@ zmR0@3%-zwWHD`r3Ex(KYlCpP%qXoXI;Guz(xqYJfNoMZJjKIAlQFVIc#c#PigSMAS zxLMEn=rmdhj&d6GB&4|3pmAeQ;g zUfg-d$ds?x@6z<&sYf(LXZYZmTM)l3U=)WDIqt@sHcF9t6wvqO~k^2_>w#f{nBy9k?_aUz4M+7`w;T$U2M4n6))?RS%7( z&QL(eArZxiDMy`jLYH;3ZjUiN9`Y1obU5=o`P!SE)UkX@dgTi_wxSu1gN5 z%~sjkB)-;Fu?=Fb8XnYaM1w_5sGKdlDvXfm%_*C#tqORJfuc_h#x~Hkp~fHbj01FZ z0w0d9ZS<457oA$#FYzuMdR5HP8nZ=M@Zvf^*d zSr9Z7xYDICT2dp_Eoux$A^TSwb?3PM@kFo5jdQ?g$Y*ot)ET9wHvc5lITMnu`SlZD z!CceE?f8)~b(M9*F4>2qU9_&t@iq`1=Gr4I-06NIJUGp!znSIR%JF08_`P@XIZ&Zk zjDs9`DpRu1sU^M?20J5q*lOG111tAxbSPga>9c0aVsJF?Vs@^g6U;f7w5xTTNQs5tk~ht1^^wqaha1+pPZJ=eH8wtwpfcp;(u z{oiflIsW5Gxc})L=3x6TM}4a>{_?uAK5pp}=+QCCH53Y;&!-YtXW?sR88z3_SV9TZ zVQ8k&xTiGIe7t81DKr~V$;>1FqRimt=6=yEWoapO-u^&;+Wyn#j}kZgphe|T>m>m+ z)9^V<$7UpY z7cuEY1qqn>&Y(-hCzSGvbF{0TS|*=TIsA1F7Zg%J$)_G&DH`0{0EV@X*Tq>EIY$mICV&bY{hkq`)7E@k#4D)EHS$6Jj7oNe8ly0Ta}nNV!H(~vFPZcM;j!av~9HL2N zOPwbQ+kS6>eTb(duhFQCIfQHNskezSb_t5_)wyf81w8vtZL$x%cA9#t^s*%;z8>Cl zgF+d}Kx2j#T(~iZ|0e4haYLfsZsJCK-~FR^m*q$(DDSz0HeTkR4?`Xs)?20z3YvSy z4or)#-@TK<-tEKD$p~Uu5@?DAoJ6=`UtWp2tES(f%2y;;Z0_n0FEu2arLt|JO0z;cmq@=z$k;!Y>%4GKk+ zUuTv795C1*_Ji-pP>Z+vs3V2JqeI9pV_!S9h;*XOy+E8D3gY!xMlrxVS0xt*1U?8z z-%2&`d;O)fz8;RIt?{s7fn_`t5pUo03)XvnKdILTcYA1V>o0EM4_<%lNOgn`^JrLc|AUyDSOdh1`T|VAc;nzhdrcA^DHzP+)%uX0=QV*|94>JAh5{dS zY)-!ODEzz69R*!&+k17EWF{CD6jE&~I#vb0?l`_vV6pCy&Zewl^fF6gv*r;0Nh@oJ zMfG0e?k`ylT9-6Vt@dCv766wNthv-kltRu_#}7)nXjFpt)TePPl7)JS6m81iv>LhD zK>dNr^DAfSYYG0<3o*HrWqs39)yAxf^NOzx-U=ykD;tk3gcD48Th3vY`@6Q@EB@sK z11;@=iW8dHqd>G`tRR0NGLA?3H1W!<$`fm_Lbz1!%pkGPmCG$)*kxHAm31;EsHktLfm2!3%c3TI~Wwwl+Ahb&{wWzl%JNjYtx1S z?8hi=^^!rXR-b=Qv)2lurBuAKM*!z?=m%gRm!H0vHJrYL58&{V^p<`GYRHpR4?G7l z^a3P&ib86rOko3-bxHSy%RlQREoWA-7jr9$P-y8N(xN#VZ`{8iYqi5R={Zbv(Z_N7 zduA7AeyQF|Ure_v_5Gwm36>>v@H3VOj z*MH_vDYg5<0&|S$8^4fa~>R05rkTr zy&&g8ZMoji*YTv-bnP(Gb+aIvi^=Tij6f)08s_%&Q<4ePTd9c>xRHbkdzxykxeXZUI7^)1vSNBSNPa#;qe7I0o>=SXdlQh^Or9Vm8 znhH!`;w2#nYyQC9s|U7kCl41^OrCdF3|T?q#Kb_cq&B~1Z_Tyx?vS@;uaGg6MIIka zVlUN#m-8Q!jqr1y^fKksfb7zgm=zK#>UGw_m+K1|NH!E@w+0sQfp4*0y9QCUm$2F- ze4?dCg7@I^S^G7{N$=J{zllmQ=PCUhYp3X}vk(LqicuLqouo_XWSoUG;F|tgl@T@) zAT2B7HygT*CT(*t^|9xyx^YbFU8)FY1Vr4{DfzTh++dg*9WF>m?*3OOQGJ}W9d1aZ z5mEi^7p!0cW-d<13k&<8Sfm)$PxZX-3b5N7Ppu)!zPy3GTap}8bk5ZD&A*r`pslux zVkK=BOL!-xTAC&w#NTj04dmwkyCuLv|L?Ga7&sXI>;8K63)>A=_@C<@!QSpw{>cQy zvfn+>;^!b|>!c0YFzTA<5ml>#)?*EYF59|2T)dT`#wF$%wnB4Zgt8-^cWy6CO~dlhHJE2fPd+9zkk zkw3|F@}j5_`-D287R*t&9<7bx2^3NsQSSK@X{X+}Jy+1f**#p)#JQ*&SEnC?Ep05? z&b&Uw%h1c)8cFQ_w%&6Y#xsW@s~7}+vDSew$ru55v0OJoWIOoB<3MPudb4J%no& zP{&HmE#5LgfdLcQNFoY}wYD9wYFX;uaK{o5cRwr4IeVac4nFy;0%z0J!v$ln9u6*S zxKUBmFZMYE<`gp*D(=0tn|!pf#bu*HB&tKSrGrvC#l*GN6*qSKZ!v_p!EiiaK>Wc% z8iyBzss|rA(j7yA8r!8D&?KbLOmd-JWh(e{id=wuGZ5A8TekMy;*B z`Zl5-lv&3jtyYd)7V<>aEbz3If?gZvZu5(4lv=d@T5?KYrY3Wo5+?H=3BL2l#vEWH z%ZD|fP$bR01iZ8i@*c^#U<2%|_FBfNe4a5|Fl-Rl%7%G=qLBd*IstV0?uZu{~^6l)e)TDlJi%v&3y>~+~Uw0}fPMTww zlmtQn!G0cB5a}8Mkc1LRqM0|~P&^=>LK)(md~AlHDBRHOH_ae*M<*M8W4a0z`;%o( zdo-)VZt~ULoI4OE?L6FewuTJ?K|sKdOwV1XtlFr}*$)%u`8W;85+++l!S3kh+Z5(i=eA2GkBn948o z%*CJ4sfH8p#KywK4(uh|U$Q9PJAu6dx2B?f4Q{98wRz7kcyMNvS-%GW7+HW{#OQXr zJXat1n$0UNDl%2H_+$l3FY})vk85@RP_K6X4Y0!GoUD*Fn9-RkU7TFC_-uxX4lcQ# z!%OZGdrC+jAdNpc`v#9hbiAwC!`wQmtwWTkWKyx7*R5y)l#Hu`MX;C2**uUd3b!i+2fODLN!^o=M}d~-a?Hl$T6|oI zNuCV#NkB(QNr#S<73ZT+rh@;$$nen|8M4N6h*GVo?k@TAj|dk^k2NNaQKA5wmk125 z%SrL>6>yFR;+pNVbK}X%+S1X24w((tkrlm>-Rau6X*mQ#hk8|_fxKLe`lXdrhYxlx z4*~IMlu>$mdMusIRs&X@L4`0i zoeOl-L@rRUv-1xBJ_O*#-$sCZ^VhWZ16R(Su1HX>vR^>~LBL949@*jQ%Y(4%LF6su zUMC#5)svlCtL+s1xDT)+xV-0xQsw-CGwirRC(qp!Rf#F|P^#yKusL!amoGhWtzz(P z-%v#R*FaQIL!YYQON&=dF{&cem+Ct+iP!hLn?p;P{3rO`8DiGj$3Fw}jOV%l$C`MAvS~e^F zp@8TtVty*8TlA6bWj$JiTz$UVgL&M*TUyff<=>qO@)`r|r04NQ*#n)f+qm<3r=??U z3FgH5s?!sdV1{}GG0-X1zq3$4^Y&9a^7 zh5X`(>FE)#czH-=y28b}CWcpk-`s&CcEvR&?``dD%_jv(y0_ya4R!XdyzMX-XXHZE z@E~|=QDB*6&?l&GSb=lh>;4g|V3~?26+gnxU~3N?K8665I<0G(U?9~8bjq(iUx#}b zo_HSmkGPz8Gp3Z0laedgl}>m1>_0&`Gf+a4s?<>kobmofC&{xb-DU;d6`P=lj&xf! z`ZEn*KX<4T#K0SR3njQ^lNe`>^r=S}B}c|PxgNyi{s&SGwx86IPFftTDnvMuA1ntW z%PcGzdQ5lH@0Ib>6AJ?|(v4j?${$j^mjt=i1soWbRG$?r`w!EPaY6<0KlQ5ybF!k% zbs*DhSW(4~@sb+Si5ose@`*Lk307Gf+lE4&Ud#`%%*eBh`9+4Oe_RJO=Oe1ei=g=$li zmB9kbNceN!=fMP1oLXJY={j7Y;yAc)R~W9bkbez#XA0XP^C;)!91I})%kMNkA1Ra` zY?Fed1q-gQ2sezyZ}8d7b+y&}(ir<7jf_~VUx;2cx;!XLD;`1dWUAdPl#6Qh(lC&H zvfuk#9z@ClXSL$N7(})HQ(>YW;{gDO>%lmPhcOq^-JL=izo5wzh~5n=?&hs@T*ppV z;y=7H0T6w6c-KT%SDKG2hCm!iOLYhLO=l?DdW7}V9+;1ZF+|5z4+Zpjm7BTMNY#gK z^THf0m81*$U8GeIj8z8hb*h0ptdSV7C&DKruj+TbYo#U%^gmhyfssfrDd!-JhXK%G zD2itti(*uz4f*KQB1WTp_Q2~};QcRhw zGPIeP%?2RoWW}6dfd(FK>1JQm+t@CiT`gU^tCK?_E$n!m-rVQ9t~x!{GEl_k5CF(p z7Q9}`Y|s@G4n3;oQaND#=%c^d2~{=O41wA$^=Hjx`@M*roOlE6v;`=W6Vw ze@2}cBbQS(0obW?Evm@pzY1m@Y$_NBq0)^vWJ#hZR9c|aTOzaEv%clQtXj?47Y+i_ zBcYoW!m@)p_0A=e7M(l1uFiifG$^b{L)F&D95$>mwsZxvrBE;H>I|r;cZZ3MiAe^! zS)n^BJbLI<0D#rtTvYf+7mg&ove0{#QbDwBuBfhDo+HwVE>bSaXzJPXr zp4-GjPoc>o+&e6242MqD>=d-R#P*#AE64=O+rcF?)8pU%2^3m5MHJT_ywJI8)$+hMEI z`*)z0ll)O@ zE(ur&giJiAOf6x}Krt4&{EXq!J-RoJPsWX@TuQFy2k*?4===&sLg zuy9)g>u9&bS)3Gt8i6CIhKmjjd97>Eh)MZq>|lw zyt#@2Vv!}wn-0^u0nXukfz@K@O1Y(#a!l1)g5X81GKnUlB05xk`W-;Isi2&yto%$# zSyO2-rrc7gb>|CKHuhcc2dlqy&NZyg3n&Sa2DQFTd#@uUc#<%s*xUq1Wa{h|P*)l* z7mu_Z{j8cI;)lDFt8zid z#sd^nd1-fZ!DFG5aWjVz*ZI5ck>t7un(1j8nYwsOLlDWj{w%>5b35c&s*C1q*~{|ru-f&?Au+X=^}xx1%s9Ke zB^>5l?ZUPcra8C}&eRWQGkw-Dsn`5N=Lyfq$pIGVE5`cOy#-W#Mz|Cf&9J8IPVCw( z9E7V=gY#V3kBKKmTL-qy6fhgU(WbUL}RT-`3biNvBf zji|g4{$YlrDg+^ZV~>!tkHmU7Rz2!ktnPAPbab)X*}43hd{A9J4}Nne=DQA9AULz} zb$no9(SMqe5rKODdJFE{-w5pp0K0`jad;;|oe=2mCnkCr+wfMA?icAl)oQiiHM?Bu ztXrmQTG=9XR=j+{cy2DnS6_(rq{PbtHjEgLGLwc_qO@cT1L2IgxiE7e?((M0Ajyf$ z)hj0gQfoqSR36ihl z2Gi*BRo-5MEZ_n!ISig!Rr4Iq;i@e(9tgfL(e7i@lbiREEeX&SU#Q8`1m?#QGu1`{ zBu^P~!&!e5e+rqSt2Nri9e5wm>IYdy$RLkUj{1TwR2(s6L;F+2OmvO{MgIo+%CjFE zaxW5pNfgKkkq%ilOGt?%qpvxELE67&7ouruzz-t$jC%yNZA}^1m7+qkk)g9lb%E%= zAy*=2)`|NCVRku$Wg}Ru@k2T6YWV(fb@TGAj3o=?A^jZFyRH7xdyE@dQSkyV3hFI1 zolC}UP>++E;p*`uq~QHfMod`>ab^6`N&e_#&24)Ehv%={F>iq6xhV?6SO5k(g*=mN zgR-3U+Gped^74zfqrb(eb4L&w^5h3W9R9!h@P}2{s4yuA81+G!6V}io06am?Ix* zVo#6P(wdTi%u4dNYg08jIH&^D|X63T$YIfI&%CBpLt2oS!sWH=*Tg8-e z5AlPzQrClTDB7bIKtLbcmbqE{_b^@ZC8@Mfw&~w;=F+;~?69~zu&U-s@&rO%I4FS) z#3yipL5S3jdA6BToK>5k5kxW7Io#p;SffVEn-_0PLY==!)Dr4fhy*Os<+qgw8K8+> zj`4F^oh4F>5lz{Em#hc|~KlycM>#DPoiTbM*P=$Zv6lkdr2)RUOv6*;rhc0UlL7 zMGw=~Optka(q!&TCca5_J_5)Fl`_GU z1}hP$J!~F!0BHabk+}bLv^!EzuwmODv7`hU9={BtT<(xyrtn_l#MUqei#DwUM(c#0 z4z%^W_w5M|Pj`gOY7kZGTTo=Ao*+Lt$atK99E3EdhxaU+juO0eb&ka=$(?)H;5ZI8 zi~hnW645SDJ+=>U8it~gmv;(+;o~Hd-8tHFJ7K)~#p8w0E4TS$MEMk(>lb|}4R0M$ zhKzKUc+oEj-;ACFvHc^j4rCzt%3PSo6#f-l&-w7)fDSQ;{!gAqY5RWkFeq6~7bKGk zW35Tcmxd!ON#xdNG_B}en$nt@LeN$Qgq`XSJpP=)=Bc!@Ex43Co%a)k5rm^zrFn=O zrJfpsLsYlF44#z!V@3G5Y_B(ft_}~cbEfNi1xG3oa5-W7@LMuiMVX|@0BKvED!6eD z*a4PhAeScOLgp0NVd}uhmOt)4z|=F&R>rPPU?IY@Gn;y^@I=FL0!aeL&4Cx z5`aCUmtCZv*HibaqM;SL&nUGl!WX~$jcwglqnHD^kLlB6>0e1iv=iz@C}pQ;bVSN9 z7~pv)O)osUd%C&bSblcAdO=fS=vlKqY2fmU?Xgy>>(_j#nP$C5S+Rj2(;3X9Sl!b2 z|6H&a#+D*z<4Z8JpwUKl%O`7&A1zQP?h7u^C?^{l4L!nkpmgAE)}2nPtUp#(v8uiT z*3*3ilA~0@Cz$ZU7W-=@BhV~sL2EV}bKqUdb99Kum~n{B=?ihkQr6e?cPzkXsdz1g zpg2euJz%DhF_wN^Nq##-;j%}LVm$kPn2Tu9kYSMnQg$A0z-Zt0+rx z-dlk$E2E!2YZeH~4c-cwXH2vD+ojDc@l(KFG(BVckrqoDH3a*pTJ)41f=W>( z5x}*785B=)XTQC@rFhWt%(R`LSSm`iXZ&%gGA#-zUt(`YtL-e!xbZH+iIeefZ^_FP zfS|$J9|1r8_AH%9`C#oX!`pj;W{pCb`8K3RYRb1#=3v@{o~N${6Ry!4N}2f+o2u@6 z13wb2rM;|w-?mag+!}L8ze^#*0J1vZr3g zD|DH(pYPZ{ObG1PeX*6QO2uRSxqh^%QkVH^E>1@9EeYQ6KEgY*9-OYNW5Q^v#NE|g_EcXs~C+DyoDjW?@FFR-8g0-yq`2|e1k#7Bu!SWxDb+WSmFQpH_|NU5J zwvxQ<8UvEgbWLqzsxZ#*F9UM-LO8XKJZCb*`Er=HaDTJ#Y~+Tfw}%EpMW$gPcA{PG z?U&29socO`3_$I5wSz5BtU_FW)Ev|SZX6&@0VaVa2raM^?CEE)J_AhRf-N^2-D4jV z$yb}Q!=`eNN2sfvDf5x?WR>#>yFc_r8^yg!kiDQ+RKpHY&y7jj)8+sUFvxR}VMaeo zl)$Xp6CzX+mkTITR6W}JIWsO&B2)s$oD00lmMJ2<`p!8BYy=V4oLYTJIb#|^bgLF=Z93QLijNVeTsD35#w+vkMHxKn>nf{Ot&Nni~qr}QDvq6>?wdf&v z!eEKkX#UhZT4~V^m%_-;dzSJ?(q?JUo@O^0_-iT_z=NZzosEGWaDudumQVQ6@~qaAxO8ZW z$!NBl#aKCVoy=HTmAMIwznISzwRwp)lUXaPAB45of5fCl}#-2Q*bV5D;D3O+NYnuO474Q{#OYO9Y*pm{h-o09tZ{a$U{&@^P zz*lVl*FA9%@D)1p{o=ox5@tMZ3yl6r?bMofeNX4abFTHizSEj-;V8#YzMyI-e0u-% zHF7Zi_YG&JZyvILH+4&n?T7(kgcEu53Z5tgoONbNckB_(R!s5O8bJ6%0Q<&b zW8qLyX+A#0Blbfene1^#)|5%bIf)zqzJ!Fc!vHEOiT+vxf;f>D>Bl>6$2>Rsd^t9* zBGFdT4xPHW8FMZbHXXKC@{D790622wKd|Wuzm^8tkt4|jCp$P9>Ll$h6XBnCoUUWu z@ZTc{{ioSOUx(r1<8zT9_2<|UdSKsnoS||me*Ac}XqZdcFQ@6YsA9I`Cr%QKlqHkS=khwzG>Kg0lujn|Mky0I68fsOyBnZ z%72*|7?}UvMV!=JkHKp}_TK*1?mY;eXuko0g7ETB0Akcz@ewD+itJtspslK-23G0* zS;8@2kgTFJS*dvg)E~B~Et6w_S@8?K4Nbjc#hiAD@^evx>(+&KO`?9vpl~Yb9oaQK zBg(0$Im896p*7BFaH+78*uVu%aFBUT$s)Rs#!xR#mhi7B((p!4tzt8OH=@E&LhOgiof=MV6?t8sjBy(HBcQ{<(EHTR^5K6f!)qg~2GiD!8O+l1?hMbds>! z7UkipZ;1@lu2CV?;Yn!@sh+B?jcAsWoN3cG(L7)8#7TZ7Vv&m9+C~tZ z#t5N9jiL?i6_Gy_zc-MYl%c_pmA?hsSQ&5heIk{uB%_^b?4fr-Ut_InZt+i*a)*ZD zAl5Tl5aKC)CN7{wS3H09CmX|VMN_!6wWJhi(uP`rWtgp0osnw4o*7!^CYFaE#s!@Y zNwkeV0|fD(8rKjXO7?Y$TBY*244c;l6V#n9&|H*1ymdcv)ziT2QB-Lf*ogq=%~R?4 zNlhj$n@mc(b1Lc`XU*d9Tmx8L+k2BH(b%rRYequoC?PVttam1vD88yjC3V}$Y(+y? z<>Nz%{Pdd>%RTS614E{{th*)4^t#TnIZmmv zLnSa2>z1-Z$8k=+hXv)8)1!Pq3tN1KzA4KUr&4bK%AcnQFc6*ZM@Js-Ha?5IXLLO; zr{=CNAMfiGmwtzD>^)O%GhZCKT0YQPcN3~D9b`dI^mIMhwl%ujQFj+psg0hx)AM(q zk!RcOrpWA-8hX$GP*!OP ztXGr|>S-kNY`I5AyQcK_P&?CsKFFAaW#V`2YTz-??wFYvpukAJ95m~M0(|E28o~sbxv?=c|F$riq849 zCp-p278l2yhQPn zt4)fapZCaO7{!O+s5dR=Bn4aE4`L36QuR`D@?rrUSyx}oia-F8e}U`d=45uzB)=r89lW11>v*-@K!oSdQ1i)Kg4ddK z_jpCXjJ~7#l>^O~bapdk8YL9VV|gM*(@I${rHJL$WH1rA>U}wH|P)& z_VlSu8zP$TdZ~>HZg;{w*wOyPtM_y%=I0&dx^2`&1P(K_Rn0#96+GqCr7UeuMo$ao z_y<51wlG5!ns!H-Ce`Oe=PeDWO_7c_d}>12591!lVuO3Ct?}DJ{2lBFsEP2xyXVG` zwqN+uwGv>pRhnDO((9$)W2~-6i>qN*=RNqHUMEs8lHOhaAR50(l9UQ^l(x@r%Z&q; zRUYn66<(M&oczmMJVzxl!j$Y9{3O2(V<1910!=MH<5XDdw}eG=LGkm3j@~U+wsU}$ z;LpUiK7s4%P{9k>@|#z{9pM3LRc|v1SU)v$sU}k(s|i^pX^lV?BQ^GU;yiiXh>U>> zi2WlIv7)%LA0Z?A1oj@8ux~u5-t64_DY747dUE6I`Hf}v74!Q!TP-0pGbX$7MF` z{F>S({KT3XDvr+gxWiI6HcF0H7DZsPtR{hsZ9d{^kEuR8Y3{D3hSLt6afad@trR-p z3ab9s%{#)0%706lJ^9qQ9xm5BPn0*9YEnvKztWKisVjaY%Yf=btsY^bGtK5CWak7t zB!fTMYdbWWKMytu$XJrxzgaMHdGF3Z@fIeSwrjezAP0fwZ=$ozNm0rsQ_G zED{Q~+sX?8+yLdg0b$%*+Sx>g^(^Jn6I?b@2?d-Ydd|sk)68Pyjc$Iujam=ordJo* z`V~P$ocrm!%!&%k4=J~0%lh(h!&7FIRUdVupefGS zMytPvJCtxQfxQqY#mNQW!Zstn%5qFlVCQr}>?S_=6EW~1FW~J&B$y82A*y*mq`Z#67B)bnnxQDvQf6OWCs*gFp9fpc${C~ zGd;BAdyrR6SBh4+4NPauU z=UoD=C<)Vl01^H&dV=1b^Rk#|v3OyCA4GgwfiKM7wFV};e2BG(>!F09AKkbF$7&`r z^GPH6661+OWf+&M#Zam|HWwk-LGU!#oEjkwe&!^UW2;j*OeiLKPGQb?QoR;@$9l(2 zB4dA%&O3)G9CGSn9Ja8p=$4wuD7=p95N0`^IcvLY@4hVd?ryC;6~%S@ye+#3ge-U! z&qTB;Y(TFKyG^f#yf7@e0D{>ii7SpU3W1#K{)(*#v(HwX;K(TEEe9EaN;ZdzXRgf{f30ZeRy7KxEb$qtoO>HnzUE#%G`OW-60HLD@Ds1st>cLM!lvDD!HnYG zpP$}OyOo|W z3wKuIuQ)vlg|8i~J-0IUkJ&htNdHrbUd&wx6?tvJ0#ylbwee&jo^~{;9szJD7kgI| zQnscVHUCpiTgxJShm?1dWkeSyN*P<60=b3MF#pq-52Eau5ZgAw|Gh>afk?uaf%Wp;KD0;j+E}M=AXr6&GQhY&Arc)J`uykbmsnhwZO{A z{!i^%76#6Lw-{(j*L2)tLmSz?qkM;A9->}dS&5B69v*6`JN)stxWK+IlR?HWylY*C z&zlSmJ}uHnknkG(Joi(Ki;GJP=uiSU!V@&ZRGImijIWKo<=|*SoRA`;__TKp?N$aG zXpu?Ag=yg@3p$fxw@c?x<%!_R%j!qqyNBO9Q$VvpS+n^m9#B#au#%qTLr1BXuQzRZ ziwz=9_DkdXJcNqrxQ+9SyRPy?2_0BAyU(cVwD#vAeWr>ZNHY5tSdaJy?%~<1_QZ-} z9=~Q&IwLQX@_O}pl%jAQv(d(TE;OJSqli+H!6&^^P zWX{Pa&+w^;Sh{wuPPNei$dTP^maZ&5T4AM%sslpp$rH59bz4Eqx~G>elAi&sHQqHj zks_?QN6L(byaotd9p22kbkC_O$5-wTT3=bIhYnoZKW&^%+>@7kctAh_Q6cAWvg7mC zi%fb|0}K{KDK65L?mM1%zn~q;VuezpM6`d0LspNPR^iE@#^8`Q-_U&wa@4sQ)z&sb zY#$x6S^bF+18N+~ij}4`m=Fmk4M*{q@L(eg+i{V$gGr4R<;WwAFv9_C_aH2W2LNDs zA(81}{zAF`gtY`|^j?Dgxxx`P1}gJWx(^wD4mQR&l8#XMZj2jFDty%m5M5xTK!Obzd<-5!=E+DF9@t zj3*SwAOJtyW`=Zx8kSt&33JIcS0&RVCU9P9a8_hu|JRb#u@(9oOKs)tsi(wxKnz_& z$KLo0pLU8FIvHR2^!tS(>5fp<2Psw7~`CM~8;5^q7mB6}jQcZj2WR}gn)bsIh! zg4L09by2By(`*H#NO@xC@^2L(C+ex&O4pJrTDO;%hH~EmTVpzD|KCAaPX%p$4`0|*c90Eq! zChmn~Z==0l*Y($IHz7ZzG>uSSQJwamHQpN6srwfd09}mbaA{v{-$LzHQsPTN^-p7W z%ZnIYXFT~P_bCvab@keV=ThP|I2-2O<0W^eU1Xly4K12+H5I9QO=`7Kq3B;-4$9KU zUd%fI+5UalE!%abuFWa*6Otz!pyAM5yXx-nRl&!Rt4Di>=54Fni{FzgEe*-b#S=pS2TFOX!IOC=(pdY6Dd2zlA75ue42g z?C1KDNfQpZ+TH3hu6=h+@gCBeeDbT74GU$q=#)Zunp1Ig!L=6(M zisg^qGR=qTMRHO(iS2YH_uQE9w8bsN@uW_fip+G{V<<8Eql8ujpie}07Yi@Rt`a^N z;*xa?=?C#GlGDgjDp|_ZO~n@)9tSQ!KE{C{8!4P|LkwFu>JckJww}ZjRP&@>IJ(wk4YNg^R4G-(=C-xF>RGkBGuA;;!B? zF10a_B37C=YdoJQi8E>ddo@Z$}P4=d!Um zMO8^!2||!|`dNGl<3rG*vJR{%{g9WXngSazlMWz)Es)3^Y?A*A=!3`{)W)6-$WTK` zq!t~qO3NDKmB+c8w&(v*DMoPyDWMzElwA7|o~0EG-95|(yT1<2t61~_TRlpN0ZEI? zYHQ>srp-obyu0-)p^zYYNUewA5>+$NM~`Ws)`$hOn4x6#S2W9fg<@uOG_yJ1n@WXs zQ@cuqInp#wttlSF&7`6{F-8%#pIjKb-v_`9)!}TC>OUhmfTPnb2L+1Q!n$?uR^O62 z#cd#j1`W%r6(~&|rpwXG5rNVeGw?vukhyYp=+s^9^$yMU^hFQS$9;@@!3n~Rq) z{>_r`5jthXb{=M|soOMDqV70nV7nBw8t%TtMHtcFY>`6!rD@rdbDyGEa3ikahUW(L zb%r57%2dk)cC1RI)PxPmUWqz`!6wJd!JI;6Y4F_WD$V<`0Ec>3ZEX<~>vZ0;h~Z_X z4AzJ5RQ`uDv59+>JSZpXTyksxz@wIpFj^}1mMY)Uft|@qLzt^!ZN;v-`jKIriaP(2 zHJQtq82aHlQJY!D)FjUPmgc=!FUM?sqvdISs7gDh;I=hRqsjZtfbmTJp}H6awJSR- zIg6G_tBJ*$JLi;b!zA+amGw0WXo~4n-Pc&b=hDtx+#gH0?B$i0g|84yG;?7mTM{N>)tuEfdq?*nB zE5gOSNnL0>+FD#wy=uDdFB+WG?+X%k^W;k-J6N58Vu=}4*NeDK_jQoubY7I&hTp=Z zByr-J;4kh>F(L{JlHfc{a(mj2)EzCU$Q2O6Iltzll{4pHO|}+p#!ojh+_!G>sR}xd zXH+wlAL({BJI1HzT0C4;irs7%SO#X|HRnSA{sPlkXjpZ0nKm6* zd2h{`Ts?p5=AjmpXT7qYz^w8T$dWQ)6>zOM4Dl8jU8!_=Vk$%wyY=zfl60d3xyfmX zRR1BRh8d_fq%E(Gd#Up~K34)V9Vk6E*1@$-<90EXMG<~Qi6)0pAjg>F7JTf(%C#o$ z;RhU)%rDpwMLZGy__!PwD=gTgs~FJ0?7~9gruw*u%CX!^aMF|7%&^CyZaoHkInh9! zI$mN1!uFK~yiHdb+0JYufGRsrr!V~}H5Ea}O~Xu|dW?J_^Q@0G}Vrr&Ss53&c}>>R0X`108K&;KDDFmU|W z4FCV!5BOFZ_|JX-)3-3x|GfV1Exs;I?F!=-c<-K`{@9DiSTdjT*ct&9O)yFsyJ9hC{4`i9oQo!r(vUhH zP0TttnAL|YkCgtv)!?W%nx_`?(Phwu z4Ou>b`T~LzLyE|?3yO_Kgavon_oUc~5pV}ufLT^*EdC)%=@wj^t+1fTyxU`ASOFz+zIwQ#wu)eOp;XnRt6$ z-f;RlBtGvYkz@Xr$nDa_cY5@5kRhP*&IX<@slqWXm+4 zXS$6p@8|tb@8?a`ulG;nubZQ*Si}}tqWznTH$teI+b6^pdIDd!*PG4d*fZ`n-=~rh z+ivf>v3c3Q=yfmmm2R8*2_s(7FI$~~NI$Qhj`@7v9-#$wH+eDjX@$H98nN!NqOkrP z_t7xMVVS{MzzN>MjWLr>$MFc=dZkFKKJfgZ=2OGhTVI7#Ks>={E0upe)L1Jy2@2WAiruo7?) zx1p;B!|57K6oyoOV|9Zv{tD>*(R=nrfqi_3w>ru}o>adM(a!^w_eYv(m!yLJXFP7Y zhoyU|4a14RfFB4PUZ_ouJ5sN>o|_)#W!r)~Jd|4(&**WvAaZYBEqOK#R*pfM4xC^f z(!MF+q}vNJp8!nW)P{ou{&i)C*}nWxRL(}n%1)m zDzJ}*9|vjL=vgc%;aU-HHN?0jl40lCDhkEfIvjz5Ts+VDeKQLS5+6)8Cq84h)F`e% zZjuuUnrf}u->(eaYR*oMO_$NzB+L{d_C-wFlNNg@M; zJBL(eHbUixk|~JK{!3w80xn=)F#Wifarem>Yf!kW6AsJ@1g~i?%j&KhX(L0yE&qGT zf661X0t_I+!69;Tr3v6mOSQoBJuW#aEei|{mMQ}IS^WYMPK~K&nOB_35gvyJ*2z`+ zfnhA#xjRLs=H6mXIue!w)#*I0z`%Jo<;NQUwIKKas9`9O_5Nf=isINam42il6}!^Q zr(}jBCg&M5IuL(~3X-`>qeljr2bj$hAn>7cZX}N-RsH(H#B~L}*7Jzcg6IlKma)a9CFp>=qDINr1zofJIK#86^ zc?DuGLjrnO%nT<0s|G3QNk-yYk5lyou|C0{WlZY7Tt+I$4+F0FSKN^z_|8<$vB6g8 zDi4T}*2rq!;E#eCIs!%+3Zz+_7w}>Dy3tTyM?GWIplf9|!M%aJnYhW^ajr_3Y;(}$ zuhKeo#!Wtm;Ud@xYhgUZKp`r=B}Jr>w1fTa!T&l3+M~&74&-g|Tc)*S?{T9+g6fgP zB5x@$om)Y*dVw2IJ9;8R(6i!R3HIf=HH1N7p?Mx!kJRFa1@022`d)YA4a>LTbBMov z6Jc9=m!KU28Y*_^(To3PulJqV{Vt>S=RBfA`1uVSX*uIH<=iEJ+ZcDVA3Io`QqBh3 z<>-a{;c6G|tX=cR92Jem^|&dvItXU8tAP{{sG~V#at(rSYR=pP1u8D&U(p}qr=(6? z%sDb%(7b7acfjm*Q(sOq9x)CtY^$v?ppa=r<3wyA@hT|#sRii#&yAF zZ7ex$Row>^r-(+}zl-bSaXiz;dY=>uPZjDTaWi{h953K6w%HLy<|c<*mtts51ZcM} z`ZMLA=6oFiRB-dzj4TycO-dFxzZ{f$cn1vP6iczKAs-(!NQ54cf2k`|D3!EQG`PtE zehs&q%VNlmZLJ(kNeH85$j96aHQd$;GB7~m4nLUdN^hUA3QIIkqjZcPEA|4 zGUlbj9^S9WvwsllvwFO1qhmYKm0Q8p37N~v{|0b$Qymw zac_!!OF%Yf3+^s01Z#$mAnPpSnA5(cLSm+%#1%Z)fDR1Dt!7(G$$;$A1#_2NU}3fH zJ*|;Zal{fMXkdqt+EI0lb>03+K8$mu-9v|N{7iDAi4yYy0s}}E@ah3(p1UinLS9aF<>%Y8*xzgF?K^44We@dAx@wOZ5=s%7bdkrt4a+Yk7NYc} zFbjE15zw}VOeC_Y*EDgYmqiwwQB!4s{?zZK>KPKo@1;wR; zDBm7un0isYFZe14`fZ&(`pyD=Kb?N+&I5XFB0LwJVo%Qqz!!O8$~}`Tp4{992S_BF z#F8vxDHdavK*RsPjOZoM|KAL2BF;aO1C@=T2LuV8;+I5ip$D}B@VE>A`(}#kUEW_(CU5)ww%3_><+9w3W(~TH1*E)ENZ3e`FBuP zkBg5FLIIz;JNw}d|4es{dn2#K`jhltfId>>U4gNt7vDL&lCg^mL`@293+N zu1vQ+N1*@&9j6w5PK@!6O%#+QEU$Kb@q)iSR@+a*KudP_I(cuMOQ)L6rF^)4W>r?G zQ&MChgPEh@qc|xqv;yo>nTpXD`y!KStxOQNWtR$tRy{L3{%U+#9P)1HeaG57Y zBilsJ8#ui@E2tW;X7$&iuzksAT)K*FSDm_PiT6Q8(gFga+QQ=fW%x_ROvcx=3|_!G zm|e~JG(wf4+X;Q_w6Yy%tn%`B(&+LHm0F#!y(Yz|;PmHb?cYvF4x_N@o`!=aC}6~E zlQ&e}w&>yt@vVt&TT(<+5WQ!tH+Sk6D#0}dVaCnn`*KEgp&AR3CsrGK)b3$I-bRi6 zqrNjo@QpHW3#RjkkEHZ`nl3R-%11tyM`|}R?L{=2KR8}Ag0Z$Hl%mU~>J&$43P91s zW|PFxYfT~1ENdH2b^G1c<5G9>o5y6)Y3Dt$0{Zmd>n}@MJZOod}nmb`(Z6nnH-c&_ow4n@tZAW>l>Hz`El`qx&3jS8q4RUs26e@`n28o_4tvxz3?%y{&vOp`7&}3j~17D z^7|+}7bVl(x~ANH<)E2U&vHlv36QcpI*S7KGLo`^0y6#X~_eZ-$FBci!IDjH!K8z z@Qej-PsPjM4bGKhxhGz7!xGMHyMp=v>n}Fj*GFQlN6pI>XhgF9e#)&GKR=gW3DX*n z|4$?UgA(nVwk%~q$m6K!Ks&>1UmdQ&=>Ad`DK3&Y+7tlzeJ70X9+k~EQ=<-p=?s+? z`Ugmv1SkGVPacHKyYh#$c9uO*9UV@r$-#R+q2o`&UN^)=oziE?-gxakTrfI^zdV{2lx`dV12ob8TF7#kAq zp;$Mes!Tyby|_@IRzb!6uR&BOfM2$v0;9Q7GP^yf)`{W9(;Gr4u~3OS;546tCmfAL z0d7r$8Ue5-W4`L9!{nt1(-2QpD^Z`8A7#q05YCK(brerNEAfz#-OHf-bL6Dc9I8~n z8lPFUO03DhSJ$E_jFF(9->$sMpsH+PeU_8rTE@vaYHA|nH&aReRF@4i948pu>GyLM zkW^iAJ(dX&VN(?9@Br#}9|y^fbS9b#b12oaff)*}k_>xlVXSGrxY8QZYf)o)^z2%f zA&{AlQbIY!R(m{F9A)Q4FF@;B=qZ5ZM1k1GLFFP)A`nI)BU|4$N%c&Sn=HnqM>p}!Tz65fx z%wPO65J{p&z|r{kBsL>5Qt}qb;^t>j#l$wb`l~Q9+A(eSL|_B2rBBEl+-iftRCwj| zdAILI1myRev;m_np}!(TX|N*89o`YZT*}p;EW8aDW?O|^1rEfx4zFDneqKWruujGI zVj0E*Ti)HIv4mf|4FCwbb=?UyT>=eSnRl7PzqJk9=h=)!lI+T>KKGCuReo@^kLtZ0 zGdqbTe_S?Al$h5`clFoea7-9|t@_Gu1T8L~cX{j)R5&>c z3@vY75FpD^nIJiEm`p&uWR7R%=E)#2;WkVx6X;fdk^!!~fYjx-lDd+u)<^*-Hz}X4 zQ06oa!g zNF>VzS?#r}tD(wwYFyBhRWAl-PqS2Cc!S>Ka_e?V9Hj$IC$_9DB_2<26XYqM9}&PTW!v&-Ruy9MB7}}| zBJP#UqdJm@=i7E5IcPVML*WY7`>EuPrd1FwK7{4gW;vM>A3V(A9zB#qb4_lg%%Z^(%}d}_B0l&fsr;XE-_)ssUK(nl%_*5v}GU=1d!E&&HrEGm$Td73ozwDOFqQM7FcFX0RrY?nFTwZktF1?ik}ROZ%hSedmsUJgsy zVDmVJSDCtLHHtKG#F_xuTz*^FC4>u=bpcFyK|UKJ1FT6gxxPV%XkqcWTy$) zTzFgnZGzO5Sa1rJ_?vS@SGZLwX+I`$T?g`W#noo619CYO6r)tR9JyEnuj(KyI}4hY z8g&Vj+O0u#JB(-Tr3wk{p!cDRb`lkwZqoR!9V>;JdzC9bb_EyRTUXafF7<`8x0&?( z79hi9(W$H{$jWd#-Jk?+;pPwT_@Xxk)1woJzo)P*RLquAg8-VTy{?;8EJ8V z0l%)A%QLBE4QS?}v<%kU<@m_*aEtbwtAlT0S@#IPUcdc55=J4kfk6_M)6G9OoXB(I zUb}$@%@7F0eegk|`0;@mfKxA-BVWU&$!@_~;X?3=&T5w6)7X!W(9o;wXez6T{PFGh zDGCQc)mo}18iHZoDoYRy zZ@kMz$p7dLiy)9W4mF70lELH*C2+A_QO2I9ro7uUv}M@tHA0<G6(QpMU{USWOKJ2_8byT*|BT6i-2D9`-c&;?qkm~so zxQt=r_J-|lEPY~PJwQb-Kt%Uw3p7^nWk5V-Z%BK#W{&}5lqB=X&M`a$!6FvhTh2uT z#@c3<=ixla#41mXo|?d~1Fi7@<;KHX7&s3LS#l3W=PhPqeLFVe13xE(dkKL_{Bw^u zGkD7WEX7YBnk2u=1j2BS)n=4ka@{|?giu!y@V)c(l()t+8wl^QI4NPX$DLGOqL{!- zOg%qXIv11eA2RB}&e@p7o&G?845K)2e;YW;v;9ln2m5Z|8X(3+ z`vjELie&Sdoo^;z{^kXwhE#j;#kKqtB^8}t(s|mR2Z#Kg5YpT2gg^aUKo3BYmZ>aD1~%UiJgNB!g}%Y6F}6@!`K-<3W8P3&Nx|Bo#emooI6 z%Goi7uRl@R7Sm~@5D;jM!ZVa0tRb3hpQVRwIF{2bJC@QLw&Z#Qte2cV!j$@)2*vq7 zjy$$g52td25N8EimeHDaxMaZDGpsgb2)YAOsyUirHLLU15W>Oj)xtv8UMRZ(7HV0{ zS(o6^r;20yhG zA-alaF8j-z;j+F#$`sX&=|GTZPZ;d)leh6xd_>bHf}WIg0p8w3P#0}B;ji8J(nxt| zlT`Ztc!;*bsEDk6mj#Qrb$?GEc0XU9!Ckxw{@RjeD)?v15L3HE2~NET#~i78(=+mc z2~0gaY>flJA3iBsqEnF^wg)4c_(e?Zll{~5W87EK`LHuLKA#-?*bxrqlT=jUfkpk0ckWXR4A{j7{Dwa5TlR5JAykaAk=7_T%Pi0}AcTrreTd_d=Yj znJFKw;9$WSM(n+=F0k#(5yu%YByCf845+H1)1$jrnkNUhL0EGY=5ALghC}iIY0HYF@%MQ6wmI^s0lQuN9sI& zN5bO!V}K4mQ&1|26qHV6W8J+S8X{~}g*&A4qMuB_6A8bXoR`Ao7hWp;Y0_yd1UZOI zTwLpGlbgTKV~vzt|0TE|{4Dh&dy!s)mS@f1i;Q>7JZIL`O6f6QKrI`8i*(f{R86`( zhU`{Ly*ak%PdWXh2=58M?uj|+-1Kgd<(F2cb`NYw7OauxkTbYMJ`T~I65vX@)Ie+p zSvR2^t5s5H)f7RF45?h4AE2c?l^l^?%9^1(aSZ2ZkHB==~VjdyC z^PGO~5NtMWv}W?68EKTBs+VqBv340*$~dskrscYO*1YaKu~vM&-Vk?@e)MV&C`b4P z7ynu;_=obu$o}u$0RO+J8Y9#HLDiTU+5S^hZR&?;fHQ*lLo~?8PfXpej{O2MsHI5) zK|)BuOMu`ZzeAFq>^eS!`s0_Q)TPD51~wDOv%m^rdujRhkbYHu#=F&&jva==*n%a# z3InTbHJVRjKlKzHEDKdo!Vjr8kk7w3N-fHT)Ibtf&hpoPv}wC<96;)z1F2Mk1)Aq^ zeo7EN2}}}x5(q_tqBhAI4RqO78VQ_sa}vp(a*P^wlXItU98j**M=emE)^v$rQ#2Ay z*rV~Ufa5R~R1rau26R3_bS0=mob9zKT|t=!bY~-@27XddL=4)m(&f2)Fq*L!1!zqZ zbsqBuH{^51UqS|*yBL}V*gJ;g)-~&}L*Zt_>W~LTQg}AE_)W3R0GHhB&GL$PKW65O zl~q5j^uVa0M3&a`3leNhK?XF+r=r5aI&DSq6NFBUT#JGwEgDPn>SNGoc3DIt@hoMR zGmGUT)$QC1mko&varkFm%7Rk{*A4CI;{thifuct`Eg)q^I*(8^rweRgtMsuN4AC^3 z)>5VOw8U!JovWU@F=f>zoj~ZeDliuQ2-z*Y^^zcqu5gaomk2X@TF|$_<=R$fz?7w} z9Pep^+GdX5R0H+MxJU~G92E1q8#+SBVE|*rkv!~r>#6e{e(cS*3++mJ&xi{XCs1>G{*`D|Rrjb((oUQgQ>wGiW-! zNNfrhpO}w$MZsvo{b=HTOY~To2;wB8A_v0Ps_e<ni4%iu09YwBHgPO6E?i%0T6cg#$8^u}) zCokaf!`toNK_=5n*ur^gP5qtrMgFR-#3W2BF8&+4=bq;U(wX2n#-Ph^f{lUn6 zNhDwF^_T0{QwO{r&j-e^{!unD66$7-;WXrEXg;245PvoiX7{9r}Wx?%d@#DA2T%zMAZZ&mQxm;X9E3fR`sTT~7!V*&E6sgWz_Sk<*X!#d&o~z+W z)hso*JwkMIo)g^9Ozw2xUxlT=nCqy9o{DCU08D~WM5Y0`zD7N$SkD1*poS7sR}Uj( zivJqJDHe<)WmckcSW>ZW0OE+p6{M^V+EN}bA3NrT>RU@$D_$!|W>4l3U`!xo&NhuI zXw`Z2revV_x%`$Hr*J(>dX%L@xeaB>|k z0!KJfmx<+OU1L8u`S!B=aX>{ismzH0RDrtops}qgnxwy9CUUo#xi0BycJy_bUYT4lv+Wc|$-slv%o$v8v+Ye)SNevj<0)K8TO4W2 zKF9Iv7yG%=xL}Fxu6>R6{;O4+Cvd=xv}0#*LKn6+rm?&Fnk%$)S-^v|c96DZ9ZndU zY*pvYzqgdnwc*yLvsC@)>oy#7Ci>oJ&--l*TdZwLV|M|nGM#l=!&Z;lzUUjPE5GOm zZ8Of{h0f>OjUAe}qS{ahT&no>^8l)}&QrJ=KRNi%*0=8Z`xISOspHCx@1(tU^Q6xA%c4)8TwrrPB@V+Lp2XFmD{ua3LB z@pJ7$mvu;%Ve2YROOoMKH6J^woo6RZzP?pB&Chz8=lh_1XxX;c?1mb4BFuVFXMCx$ zKf8I}eY~FDpDvy+hpsmwiP6PqW3+MF*c}}X_eY1~BZ<|-s$;Zq+c+Iv4$nrH;w%0& zu!+;g;pk*s15&4%Rk1fZ6`x7WCT1IR@kqS?|IV{V;(tufDtwQg>%GLB&zIAMssjA2 zd&{i~8jPl^UhbN)J_e2aAxO}SLS|xlVwY8Gqn$U8#+1~_pxV?g2BvjlEXf3k- zwVk*Mm-ZaMo~pOCE+B2PepIo;F-S#;efpwQ&h(-r_33LSSOv$lM+E9j^Jj3bV9I4vNB(ib?1GB~Jhd@QxmC(p zPbKcB1CmxaKe(Dq-@Ldx)fd8=CV`gLdpRG6;nErF&*inX-Q@%Jx==CS6PninU0xWZwRQ{j? zQgi`nvNfX!;stq=f(9Ye!PlFOZ052*Glq2elPHJtf?Ur|UQe;VJ{-Ycmg(YXx|0Mj zW&t%6Na-AZC{P&%|MJMdz+PvttISV>l}?+_G+*HQLP+%m^Oe6~NDl682C~?GYzSRY zfN$4;8Kma%AzQ944Jg>3+0}HKo)fOEgjj18kQ~usEr7?H25kQALz>tGN(idUL zz?}DYHWa%NFJO(35f|{q@W<2sB?7Y{fr1!w2#ZXC$t?WUf84x;rcz~5V>;G%@7-n5 zglOB|XNai>-Hdnp9bSw+W5py#%6`St>$51Tn()rRh8u&6c48k>JwyARb+cX~kjx}+ zH)-%}X`Q8qMFYv|Rbs3nHR{R3;90!H!gbIwmxMpB#n%y|6&`qmR9{4X@D=T0m>{h% zX&{roJD;D{Qc&UWSFEIX48?T*8kR4Jl5J6C`kGfZK47kH`d#QCf%49*dxDcWyzI1D zx3<~)IR_2ad_SzGKi?mOFj^@I!9;)47hyD;bm8`~)<}A)+QkCSYoR8G^!XCP)hbIz z*M+uH*6(2nhm5T0w8ZHQz1lwLtCp`7Po216;}YI0EDy%7Lpy;0apHH8q4)_6NM`2E z$P=0Y)EZi?WvA5EVfz9DSz?RvnDewX-%)xzIK)sgcI&xHJY@VJL-)ysUYbOxud+2r z>$9=@O?r_`R7AGz+F-T@(;cUHwX4G14HESzr9Cbefq}YylZ0xGPg&CKkRG#eKXH-8 z``5aIUgpe2Z%iy6L8vG@Ru#;zT!?nb3RO)^BF&OBaT%(4aPomdRAWtwMoZKM*2_Xb zE&b;Ba%lDBzko>2f28}F+nu$Q5AF7|yMF1+(vK^|su1vzeu7WReYr}=Y;!cqDMW#}1BFeYopkNbt$d6DJ{p<#)ko^?Gcr7`S zI5gr{g@6s)_|6f`*r1-j1H{z`WETDNg#b@qVE5Lg08fE3>caV}RK>#Hu!+t@H57|z zVgWc%zD~I@MSi2cW^aYZf?Ors zkhwLh0j2}BeR`%+dz$GP_U-wM)Ywxt)qW23k;|=u4?dU0CnyeQEwmSe3&fApAKEI- zr>H;}%T@@3gf#W|5>eE<#f+!}rDAsH&ekw?D-Oen&Y-r3+-%9u875|V`c2JQVb{qzszmWBQw`f#!S)ZqVg z?>v;MWtU0+Q*M7mT`=?eYyPmCs+ak$>xE5irAaE`fkKrIngm-f&rE67hrJXM4VehC zc6dEGJu3`Afc*N!o0G}0InL1Pv&G8b_rK^78_7Y7s{|tYHo+qymrLIm{QyEm30a+Q z4P9Qp&M&u|JcQaZsrXQ-tBL);q14eDnStHo>)i!<(Vy`E0^4l@^p+A4>BHe9iqHee zjxqx?Pp%%9)+A@XJF(%vvcV)YaSj>x->WFs8DXzu0V+l1 z$%HGvRAOzkER~sRCQ1f2TnMpHa{O_Tk3DxN_7{1?$b0npO(h%~?zU^g$fh5r{2)zv z?@Wnz|8d8f1(?*d@qk};H-UbcRF)JXan-nT&MPT|R>$tQLK32!K-N~G1*VDzL;JLjAE;FBlK4D{oeXFI*!;z^1J_)u(V+<(Sms-ayLXGW-7 zP^^iL|2d*I?8P)E*sbj1kaBM>ywA3CW)+avV3Q+F`hBF9m!}Z_8)e5B*TV0>^ds1K z#1q<|w6X426aLn!91#UxZ7X6C&)Jjieq(es;dn-KY?4?QleL(JFU83G36!8tbDH9J zSvXP3N|uV(^{w;Jau=+j^UHj0s%7*qmqJ?3#`ctlbTSf=6%-3v;yk$wm}Jvibqh{q zPwX0>z+?Hotkb@oH|MIncCT+XS?Y~FX>y}7{DmL%aAg6H!>R>+J!XW}ZxF?+he507 zk~c|ks!+7;h$$Qpl3@^0Q4^bys)DrFXU(Z5db3MrylB@AF}xau0_i#zdXNv!yshvb zK6>W=%PZ>tizqR${Trh6qiO%w@gGQ6G!BmhPINkTV(X!Hkt z&8=Sg9Nm%bu^BpCbP@^9ermblFGZuG>RMK^F4Yl4GVL0(q^xqRUfD~pV5f|ndWMwSI$5`l zq~rvd*Z?P198G3m1cJACuQYpfukIibCIlL$n&}}$_Bam0Ce6metN}PQb+(m3@h6{`_wkhZx8a~y_ z{8iQb+n<86+YM2PzYn&7qS!x_i)jF*X@&wuNjV)2z*E^p)}Xhl;AI^KdcQx$YD-3z zG*Amam1ELo0~L(O^nmvBYOSGT;r#o{F-Lai$6l0oD@)hsZO_8@YeNqHyX}V^@v=Aa z4sQqbN65qLZQ``1+4g=6WC`)i9srKzE4=QI+s+qjsC!Fr_gL>{#1qY z^Y!-8h?7Uo@9k)-=h~@4uc)S{dtk>Fr(H5M6fDFxA^NQj#dB(jhu=Of)}s}BkqKIDGz7OVwIN+oSy3#s^pV!y>N>E{eiC7 zZM~n4g#$xRAkxLhcO(b)9Vn7#%L%39SkL>H|`MP)eS>Z)5U6MMZ zSGaKgu9q{vu|xazt93K08+iW*3KWyGCe5h1JUA$UzrNMC5!9mPT^LT`fI>FmXo)DqTH8P1U0eP_*y;KleR;7kVovm7>x^(kxxEl@ z*2L-;pI|7RllPe5gSSF4Mf4Tix}#i5H|WdGWCn77rwTEiba?9SMX3{gQs44nDx#QZTc(FQBtk+En zh~strogPRmbC@>Qrhw|7sKNrCUgqHeorX3uV0qty{Czk-qf%0}kKKQbD^W|}mox}V zi>$>DOFKaKfG`!+ZcwOd#}8yC@|c-Kpa8u+6MDe9y`$hhXLfT&-g!K5L@rjBR*LSk zc+G^4Ty+*U&ORy}1TrA}xKGx3VWjn1v}H&Z?j%xNpJ2aGrA2A*p2!cA48104h~_&y zY+&ovZc}%G-mUw}(1Xu5s3u}|6y|c^V%`A==`QI24U3e8aBq7N{Dd8s>+!qAvDDY8 zcCSh0>4Y9(3sHx?SHl`DSNZvbAj0X78l2_LF7|8al{qG?KsTEec}#TRWQT$X41?2d zcNyFz7)~7U0A1D3`F?q<$jA>a8yLDJS%?AWQtPYzVgyi@K#fE@8`z5ulK8c%YldWX zI5Y@@YZ#FmL0B-z4(^t@)m8^}^(%Sp zyJJP*c_+-=RlRx7vtghWFzl}@1ky@7uIJhUXV=#p-6fnjBZ8K$og0Q%J49>A8lxx# z=`l@)09O|{Fju2Xq^OD9yK&F_$h_2qZmCJ|s;+R?x=S5Zq&wl98=w*4S70|ZCEHCZ zY?w+}^HbiXTwjSP2$Dcw z;;yAP!tWuCsxI`%hW2%@IkzQ0@XsY%Ic#budG)?BDDzYT+^V zr_dR6?H8}Cy?K9&-hpI+^9GlWq4%)u!>=Mk29l4VE!c7qw$PzNtftV})fI%O zMH0Rz-k^N+?`pme&3@`UCisVybf@@#FDuM^LEF4P>g^`#dC;U@zbJnse&uaP={~r1 zVRk+6ZD!^<_|*I>?HqjmE9Wru|2+e&e}Wsx1LO|k5OI_^PK+RyAMd{gs7Je!5XghE zfWl^7Z3NY;F}nZ`UY8uF{(`18C*NOt$k*VQPJ8Y3ir+Rfc4}>Y!>{VL$@@E@@cfAO zcHX3*fnuOI(txG|ZPB3=5jbLulJY!>gpvkhfgXz$CZHCOpZ<6etFAiWmzS&_(?FmS zhO_;Cixxo=rZcH1(zW)3!z~GT^SMtK5{r=1^4OAL=ZBA?!-?BnuBxEMWZT_snR@Kc z^XP6-DWYZD_5Wz*XA272Vc9?fU(W%CqpK+b0sq6^c8c!sf{!nHD)kR*Ll(w=mo@)y zG6Vww12Y5be=h_X30Ub_82|g}XZC;J60p%T{Kw5OqTRri6F25r=Yw+C5 zc0E(#7KI`ZB$1HBBSjE&NnERxQFaB1$5RrBBNhdrP*6(J0qM!lbUkl=>z%)=E=z8w zdzd~=ZqGEVU{7bdMZch4#=Fw9kN{1^brt1kWd2vK?1UKMDMAqt?u{& zlu*D#2M{AFeh0{l4iKn!%7F$B0lUOQN@0 z22q0sPlUJ$?A5|?@op+yAmnA{03iD0Ud(u5P+-Lj7=SQZ&xfJ{(M@hPDkEyuMBCf? z5Y%CI^Z8KOvA~9|J6d*g23!OPco2F0wBYQ6y9S0Zp5WyJNg-O_fzyh|@nN<>Us`4m zLqQ_~Nd`lH2?x--5llj#k+|3S*Rer8Q9*RuADG?T3lJ*sgMVPq^R)uQd;{O~@pJ3* zQ@;UD&YbW8e>Vc?)6e3;4FO&1$Jm4H?kwHfrVZF(`+b?WqR#>am*8VSw7-0uk3r4Q zdy(`nz3<%UiBX$7%UxC{Q0(Nyf1@fZ3VH(iyo7}Ke+cFi5MYoH0iulXy?i!I>p*e%+(^ z<;UDpde_7F*~6viwR`qPHT{Ww^F2stYp-_A2f^)vuYb!pE3!Z2|6*5)dC}tPV(@eW zZu^b9G$?rEC@;*uPca3Lh6wQc<7t4w(w;8uQ->Yx>>-o2=aUpY&?$si-z^^FWe7EB z1}NZ*DpU<~5!5eQ|7P<8H&Fj3Vc?5%6dF4eeTnZ~{-+7U6Z#o45-PCZta&&afZvO| z6v|)V;fY1O$_qKIoboHtAHW|6GPkOVfftVRbSg)#$(~V zMM5(~7H>z1gw12sGwveJse3h>a<+8>QgbPYWuBNVjV7A00Fc?J%Ftb(K1_=`mADE4 zns~9Q-A=)VWhzDQ>dL~jYH8ElT~ACct42&g!y~d;ss;<)??c>j;|5LJ%?o!=#Y-|* zg{}@{8zf=oH|U#)R4kUEvJ|jcsXbU0d|AlDvWv4+sqX#^m(pQYo!M0HgJ=1uX!(~s zEZZFQH}?Uq<;6qxa`ex*TOex<^G84A%Re=S+&F@encwBodAh1c1vC3=H%<_q>jQfk zJPk9rjJBl4gz?9VhSX}z#F(2n`m!|C-b=vQs_v&)(^xwc%VpCSQJU%nX#by_w>)QAb8>aR>)th`)HJE+pS&Ll z#Qa(j-{^I%lF`tdA?$9hl4Tfjh4l-Bw77JH z_J=C^BS<+DBWzHXt=APsX!0C;^S#+}!(x+xHwC&pw_64m--zU%VxukmgOc3d;CvzAhFy+3!No*46^7mI zyT;uf2R!;RZ@t~11-HL#MAi%xGskU#I7qGZ~u}AuAwEnn}!Jc)+cX_Zr9|{V#$CV(iXIsm$vt zW)GIN0|D&k153>$nV^|-B2{M>?yOxlP1~YgqrLY{m94HUZ=9=T+cNvL5&m6fp4sqf zJ_H!w)F) z@P@@}NXxg-PcwWnPsBFyjM0hZY)X+GRDH0HrxhM<5DVn1B;Y1 z{-P^V5!KZ(NUiIuZPfgDEtB=xM-^-UeYLBT%$(s-#5EvYwDn;&;E`=mz{D1X#zLG^ zQX%TNeE&0lYX#uE_kKl~HP}fX#^*&b@7}Nzc_o=)Ng@VY?8d9A0SN1GAAbJX3#YCr zc|t03ocdO}dMDbBp*OUwulWJ5_WrSq79k<8`tcRV=YuW?xphv`ttsz4u1*)7c)WaH zpc&|2k+#am+ekr;i;8+dTUs+Wk;F(|q=zNAAaABdni6~ujBj@jx%zeL9pC&Q<{Kgu zgqf$lin12GLEWL0r+L^4+Z5>t*w3T9DtQ!Xz@&Y{%E~_^U6km*w{gCC9OqQm;_> zezoe#4}{~-UGI%bCM^>oLz)O9uSqwq6Vo8gL+@{W;{(ivwuG^_GO%Pw)7*eIXzQ0GPxK)UDG^R?AOCI>VME0=7&6 z$E2SS6|izopAT6M*ci!YEW{T}g2<(RQ(ML(p%h}{w(^y`bU7*QHc%Fb&hfKd&r$2T znMi=ogngzQ|K4h%D(=a8Fo%y;WM_xxh^a~pHWygl zM&*<~H117oH#OxZ@NZTmC96AgKpqYElZ)leJ3-+J_KmjAC`L;@c=i5ngVzQ;o8%}E z+66Zxpo+2~ATVHCV=Lf@?}*SPaqCX=`s`4Aq~L3knwTj5lZ}$vKeUyYx^8`BtIz=D z#0nbWSLJKov%|eCE94qBfFOFsT5TwxjJALmbcg?<`^6I&xadu)aI4%egUHtQ%n`ZT zts?if?AXo+d@3#|L1o!(!uRM&Tu|>h*W@qU<<|CN{&DP66tJG!^IM^bY8pT4d3~L> zg;NSr5n-F4RSy~4-q%!daLkK(*!tC>MAyQF!GTh@*w5(5mKi)^w2eBq%WSIw8M_~x zEF^jN$SLu(vfo+z}VvqtI!ACr}l@7 zC<`HSomw@^3XQ|yZ zs+6VkFcZyn_4b~>H7LUmuM^J*C&BU_npd+OlwYTJl(Ks%%-A5P;(ibiw;bERRZGDw zX=2NbvrSNL%7TsMp2=%?A$+cey5wAs&(rDabPyr5@ljmeT6ANFf6NaPkFI9a(Y=P- zIjiw(O*j#AjF-~cdnDw+VpcxK5RVJ>xiI;P@c`UX(vhLGMVZLJ|a=}ug5()qlPa$;#J z!r!B*!>&1|8^WnnSnIysNRpPxUbi9}6FRL8_IuH=&1p^4PCQpx*Wqj6)AsUTxfkV@ zoq{4x3B4(Ck3j9k@|3BWDnivL&8#kN_RXf+?fbh%*I{IRzP6?s=O27$&giIN_83}G zS$f*C4~G_H#R>t_q=*Yd;%ONTg=pJo(q%chZ*L;y=PjiiWKu3#9a8TItiJ=Jz~HXh zE_tnx4c4Kaqt1dDio>p8w30LK+?}IL4ZRp=gX?sfvI~(koV}c1_M> z2_6yFlppDASXSgYGf$X-xIx3a+Vzj#m9V|k?T+Asrh|ALTp9}|BAdzT$bzVOA4{x= zCB&r*c{KLb*?EPhbfZX?Iw^|fhH7qGKQaIPio=rP75&qF?2iR%%^11uogKFTBN_9- zT!i4rRJ84<5#oK(9Q=?RCf95=<3>MN*|vU!lP^0Lkkc_>n2ja(y3xL!j>ukb7G<{V=pHrp4Rlr{sse(NJU| zV>#ra*$7aVRQ9&&J#vZ$69%DMi=EjW2M|7V(|PQ3kcd9r>87#3OMyN=CQ@$271tKwN|qu0xd5QD)}Gwdz2 z!{jpmXUJLbl5H8%&;VL!VTTvCg!V6pV{|*<4Z$EEt;y?{ll1PhW8IOdXzSKj_fF5v zvaq8m+>dy`A|iQ-8Z2YU+}ilz_NbX#GgG_pT1PbWmBi9y9GfC0U5-DWnp4id#TEEc zJGfEqhw~y5y^cXx3K^>$q{1UfqVZ8B^16=nFb!H7sl1h*0?uOkJQXQ1pNk`+oTHsg z)cgi+KMIe>;}Jq*9xXmUej8R9m3r=L@f2)}o5#++%pAj;V+G8v{knY~kF82hzC$Zm zraUz^n{yy;{*iQRR9~5F3aU2PoO;q9TVFPj$itqazwRrbupjM$hqy?uKe4o*FE+b< zMo+JqG?~pDsl=)_r86wmas@ z*PLp#evaQH6CGsR6Q{2kH7y}pCfVfqWOfoYTOnvcj^xB8#bv_syi6R?Bf)sW z@UWgCr5;Osc1MJciyR0Mrimz@VY#lKXJLXxdj4R&}pPc1C@QR11n`{s>s>H zB~gG!dPm8~4G2u3r3#u}0=ko+=PO74$=p)?Rh`;S93PxZIFM!}qvYl{#}z>!6sRjK zpSsjipLgk6U0H>p1P@6l!Tm&e85bO4iYzDqxe zXgPn`=U(@K5q8y^HTV71wQA{NLfs+7TU+pJz3x)T)E0??k{Tb{TBYkmHko49U6E?k znN)Q!hoYBg6=rHNh)8!Dr=)fnmt|-&}tRC z5H-D1zGxmKl3%cd)^Y++S0jdEY2=;c32sj>V5c5K=Pk^kHgK@Uu9&@e7@z*d1P4+q z3$)iFN|#d%BNSM%6@eEzlk)piSKFZlj9u1|x+wJ>9~yXjgM3S2ryrEpEItDQ3nOk+ zp|2jh!F-$2WXEk%E{uvPlQ;$0I-ElAV^FFJ%?<%eQJ>0HzKsxk>2$37#(VQN4>4ms zCE9Vqwr-7!>L>$Z)qg#7xbW?7phgwZazwIgD4QqGEJNWE2~jz?7B5>2>KWnWp1-N4 z3IZR6w|lX7I}z?^OY|8|4ZuY*==^>uhefcvw=AcnaXw>D_rzvo(4YU&I7y>W_U^2e z&bt1A$Ep>bm%NQPLam80=~nb}>t3KCzrze1S{6jnJ=e7p^`vU`YRqb`e3$+fy3ETj z#*f@3ZEzfK+J>a+E~8^ld4qFiK;)l-wXs^OEO!r$rm=bQ_&#tzOZ zVQ+B$)>brqChE|fKM0VDnSnlYzBtM!?uTfiGt*UJNA$IOof4Om+?U|})QcHB7r8ek zy>sH8I0$w9LrkVL`Zv_Sk)=(%u0l$u>xwMGz@brq%jw??zYK5btS&jA<``BRu^$rdJ-s@;Ajx zPD-UpF{nXQD-R#YP171>#Vg8hpyxO(??hv^<>JW*!V1X2_IC)n#X*pkRQp`MTP0s?TPy?i0wyl5S+#gppO;u3%E3dwq#ax5#%2Iq7B7h~txq)F6h*|NKA z+jz>hZQHh8)n(i4vTdWwwr$&*o{5<|6EW|Hn}6U$WPZxC_Fj7~{)Q_|oPtTT7~nh3 z=#qOm$$e`30LXn^yq()zN zdo3a==>!8&}EB$_m1DcGP?1O#7?x_If6V?~mK{QFi?otGEaq5WkMfxNA!nj23Ce z7;)Z~qf^#8=t&&yJBO9b-wE96;QN}P5NRxKDWoPQhis><*3PiuZqkmQ8aL0GHCI9Gp<3>m(XX6UJ?#{E1`#H*Fs;MhQtauMELdYjaX^ipi z*P5?l_psEDkvy;C=n!kKLH4!igDpzQvA1u?b;>Ng|H%0M|BU%R#>dS0UtupM zLRL=Z|H$~*I5=7UyD6|37jTv2n`e5ea1df$roXd{!tOyXrH24Gz+X5NB?o(PjKHfLxH|{s?{4hgWny{0b&4m1P)}P?_MC7YXB6?m2z%GVlW-5H+E$@7CTkJmn+f zj~95IFei`!BO}uF&KVFVMmjexj35vT5hY|g?7Il%U#$GN-~mI*9sgv5G#7zCIzw-- zUESTDMD+Mw67JrX@OA<0xJN*_ETkzQBVyyb0&t5E-C0v5bNsKCf{>6jB$! z1!h6N@n%5J;oU_&Z@v0*{9{I6D&gK!QxIEVBrq^AL5>7(EBQs+xZxsu-1K|+vs{G; zyOF;Ae{pjREMKo6w&d3MghI7tQOKy?F@RkWzsAkrhk`%_iim=Vya5B)fhHl(`(7%$ z0&8h5-4Q=0VsZ&*chJsY>Vy%1VS_jNXZ^vx@evs?fsU@BVIO~X0{ykX3;=!T@S?yr z2G0&){r(k&TYye}Hm|p92Z8`Bs3~3m(Bs9+4LdALw@m_+`OZ(D|4rJAgnGZgPWr{n z-=EmA2@+qRZyp06gkD4_Ac&{{VB*uXK7X~jz`h?h;CJ~7>H&CYprCJ;sGbsk*UP6g zpiBRue&APgMmo~WW&qHKzl0q;GKkWVYx@Fr zDl#?FxdzI*lNOoy#Z)63bwp>Ho7KP!bEbJj+_`FIotE7E%y_mkgJSL#FpV}>i}hG% zPR~1&?_sajgu)4p$G~9z=TvS#x#RgUm^0Jb4+Y)=sw0V5tYhRS=$+7u9vt3#x;I{{ zsm+!5Q{Z1<8`dr6vF$1o(Q#rcLpm+ne{U-T8`Z@~jGM-*j6BOPi1m*#b;~7MT5zep z@l>HwvmR5qbW08rsi*q3_Bqa_KH=G)n`mgY2N=x_b7=7dO3B9sDwus$Y`Q~aT{Db- zKO|i@_7CwYdLe^0ze(CD9q9^JJa8x|3!G+6dF{3yVnkL@My?VkWZGx`xIPa2t;tyK z7`$2OSy3YZXDGvC-h@*!gxs-`EJIvP^L;X)xKStu7g0akRF(n*==@2V=NAtciqqfD zHM?a#j5DXr!mlFLz_Ba18Jyf9Leg6`-eNUu^0iaD=P23Wdvjj;tLf)b@%3D24XQ1b z(IFsLLHQ*E6-=eK_)>aCQ8q*08giiLjTq{7(2A z3s42afb3^*Dbuq;-T%cWFWewL0wcgkC5ro%&*XD>i6#Muk2I_OS-l_<%qtL5M>(_9$@V&vCpNl|5-yh=Gw%y1%QPo!Vi7xF_xfaN#Ki1C7Gz9>h zG8Gjo`BJ>wt+<^p=I-mobMZI3({|tW;Kj-!9ILh3>l>E?A%2}q^*93JvCef^&g>i~QnX$)kE*L<9E zMwDx?Pf?Y&bND;`)mSC%FQJ?(t?f+jdXo`pt)UP{nF(VCI*BF_aBUJ2^j7y%vTMS* zSC>e{cudgqLowZ<7ZB*_cH>szoVW{4QUBx(&DkEL(igpg9HyZwDL7u?qRJX+c2LFt)H^xaf+{MH@mNq zg)oW2LsLQ@t;LylvQOOg+4ewLG5Mo?RtUbU5+5HXBMoPeKkWo5sYYD0C?uUM(hfldv6 zXNt857@DYH8?Zsr*DO#?_*2UA4hg6_w9zffQ96DtW1j)miii4rO{jiN8CTYuoQd9u zD1L;GI(v%EpRsbJu-8H**X+CdO*S<{W{*Yl6HLcY3I0B|Gw%aTQDSBAlspD)znten zPlPNheT50`+zL}oFtX8u2OVwRfV2{6Su!+^MEc2#S7sUTSY@Z?Jd!J$pPVPJ<<1HN z1|}OOLLG_z^i&ddHda#p*H3_xi5ABe&24&>K)gPmQYKVotA)|)Xf>S2?Q5lpXZuWe z{!>0~gEz}ad&5`AcJy-f8Lia0{nHk;x(;fNK<@9u+eLQ@F-??f5ym0T;p`TUa3huD z()%Mw8nO zJ@1XRo-~beiZ61QO+_EtB4{|c4>^@;_mRKJA!6PEO-|N$(nR{i>p>zgS&*sZI2F1P z%O=jL(j*G(?rr1;um^=w1g!)}zRjqlJ|nUjY~!fo*`Wqi_FoD7Cc7o;C4B>$bW)^F zM}FggMUe#oA{jKZWQq;UGS4%R#LbeOd5E&XU2cxwv+vr5|rX|uFJ5}|(;c3IFg)A=SneGv1;uhHi zB0&PR=(SR5fy*saDjA^uv3X&=sdW&sL7zdL=ngezR7kH zkzZ#jW+!{U>54I)alIjPri#4(CS^WwO>oRx)Gvr>gdf9;lRi8t3B7&QER7A))hJ=a zx!xr{DbUVJ3kyqKF82Vqwo8gm13Wn=%)mr3OArg5*A(K!%V13A9({=e5iFFE&1HD) ziL2bhRPjIsxlEP-9;&K57`^L4SVB8Xgv}cV1Np3#`mq$-7SS|oyj1wIw6Q$$AUnu0 zx$`pKzQE>5KSZ!%9116-YD@#O`E2IMBA=oz@g~@N=6Va0DL^ z6xVi(p4wC_yGqt%;qp~ke6b+wAb{0F`EdE`keO=J#NXC=FgJLr*^$34RDF}jHs219 zjy=O@1!@dC#%kN;t##`oWx}(U6RS@5O+=chz%KSK(r}#XfT=&PJBmw}sZtg!ja4*n z_Sol$_TL^ysvrCYR_BDSW>$=&?!=||SS0WbIg!ldFOXhtqHcPmzabQzldYg|rZN=? z9kKq+d1I>0_2>CqfcR<|JU&RhTnL7P;WmO@_iY{cA*8G^^-@|Aj@NT0Dn)8~?h}1^ zv9v!FoiZlVo4MjVT9}8v<;Z$Xwp%xIH+Kt^9e`FZLfZ73Bwis?L1;SD@QyXf>)%CZ zq2|~8E=k5R9$W_;Lz&ni9A(}ycOe|^&$SOa+!;HI8|%qpNZLSDL`TN&-!!{*2g<#SS z$b6Cm#Hq=M0cEd_pA(vbE&D`kLH4emQ|M2&#?0u&ea6up(zM@@?PStkK(0~lNewd} zf_v?Aopi)O!|iXA)mt{B%Z)EH%53Y%L=w4|);9gxx!7eUcJwZrMDNOco!nfb^Ly&a z`{`I4S_aGh=n)m?{alu6yh8A;$tLWvi-n}DJkx#nVlv0RcqerhvXbDZ{PV+z`_MwT4w_w>QhT6xIg1YSvsT962mxA)UPh25kQlu{?q0b9& z%)}8VgolZ!Qj?j-W@dhiq!YU_J{tSDa)0s8b7`R)gl*MpI=o@&Grw^p+wv;>Pf~@L zm&YL5ul#(1yM5fYt2cE~V02mvt80TezDg8hINqEDq6cU^d0oW{e?9-&%__V`Z?dx`$-+#Q3uNVFpV59>YTwg| zvs2@9$e=($p~!w~`p8f!I{2ilb3p@H_|lgT=2u)UidO-AKJ!GNMK(L*b=Ib*-%OOA zYr8cm!XpL3tjB`c3x-xA-V+1N@2yCnFi%U<0S9DIxM52XzZN^v)bcu<*$r#QCs>fr zNQb#NNF0=;)rkJ`8_!dm`*9*SSrT;tAFCAnmFo9HG2BP>dRgwc;ovC7X zoTM;X-PX5@PqEK#$oh4mNojJ@S5_@!J|CkEvK~F5^wi-^?ZG&@C6BS=%)<5J1^=*qG#dJR6bOsLj-s7meTV5ayuD3sIT;`3r$m#% zG;PbXU7NF{InkRizvg_(f`q(oagUSAbskt92elLJGDrs%kO`ToQ`c2ntqR;o$?MU+ zry%UHV&}$sRdoILp38Ql8cg_SQXK;J`1iP_-KpHlkh?QA70*R$6)`6xLD&UeJ{8J5 zGY6-)#V?{8cW3@-C*XSjBcA$MJl2UX=YS_4<$j`N^KpROwV#cT?HR~got#Rpz@ah`I=U1+6(jb#oLGOM& z`ErV=6>OacUXG9hlM)IZSItRxQMr$u#v%od>|Z!ZB+GTRJ$G*MUgVZhN=q*&(CGq6 zR=>%lGnepa1?T@PYML(6^RL-Wd-UM3IzpHI2dvk+1Tb3oCxFTg9}c1lTwd2H^aPI+ zZo7NtTC0>;=p$N3;H>7ST?DUf5f1g=(`bh zO+SC-BkLN7Wy>Ygm*P`QJd!qDHaOd*#urJm8XeQi8_5qRZIR^M8ItRuDwiI*Ji|7V z?_l8Ec+#;hKuuSj(8N)gqVzcQ+umDQZf*~)a=sO?P`lai$W%l)3mB?-QXfKo>D(b8 zmtU7)up+(ykFgr{fMxSLI6qI%!1pHPb37jILB#ru4i`I=n9hqjfjO__xBya9j{N< z?Owpeaq5JRwdYqrGUX7!nm;UDj>oSJ@jIWhLV8+kBjk&Fj7-AIQjd*hFGsyom^k>s zU&OKzRgF;-O8fT6fx_?Usa$Z;#xC-$RMK!qT94XOfuhCxAo3TH6mX$ZSb6`do8IU; z3b!P^Wj(1bp8#&8a8_;#eG&>{Gy9_x@yIBX9pEQ2eI{nD5byM2TfYo7#HZSbqOx(t zl1jxTlH3xXBJ65MBgs~N>1x9l2-~TWkddFSEgZj52$>sXO^8R+W8N6D!Q?EHJ0{y{ zXs`W1YGQl=lv0>yw%k~#T##-Pyw<#L4`Lgmu}9G~!6G1+uRyhiW4GNLlb>EdR7hI1 zC5f4=PF(vi_%eLT?Gn%2lP;xh@FN!QJa>`xwvnAHqmnrYZ$4nTS(ygjq-ZkGt$*)Y zjCU3LBmv_;i|OLGvbuUjmrYVZlJhw7LTGe4MC~HeXKLh6*4#X0zSYdCZZrx8wQWGfh%5oS?HT$B~$|7?hGZAS8k6Qt_( zacTxhveJ`3Q^F!>L`vvyRN4xzjOGFO5;F3kHAT@FFvtoS*PpIf`SWG}-(S7@6+IyF z*?&8k7RXS9i}$!5);UVBsYp|6SnDFY8nkil`A}RNdNzL-Voqjf({Yu2wo0ot%+tK* zMd!ZOtj=Icq~Yf^WM`(7Zn8^0tAp7WjJ}vI(sb1TEeU_Gv@cAd#OgCG)UuC}q(guO ze#2~hYluI0lX0oY-cm(;KyYTts3mH2QEP>cTQZL!K^iCU@+L5#3uv8T>-bE|zVx2M zUnO@oXT-~*EMA&=5X8l4VB34Y=v=3rQfn!gy6~r>`A&XkpS{ohO)*4oS2&S&C7*=; z2Nf?!Ks>B6DPp*d+Zvf#4|+^YiX$MLijM5>wZ$N3uK7lX1z*Q3 zigwSW!ghQgSsH}(ot=yE?!O*on$rFmeWFM=VBr%fg^wA($5 zP{;1&S@5)Fe{=tC0V5wjsd$%fL6TaW5?qGZz!x=pvX>M;Zs4EYTd`23_mc|YthuH3 z!|Axul<)}C*JgJ?70U6wgj$ksG^MZL7S7bXWOBW>ha_Kubmt#L+kxLW*eoWjd;v$Y zYlZZa-`MVU)vdDVkD0c4>qxdLC+(>`Gb&&ZS_um@9MuvO?|3c(fO?C!Z5uu{OWKqK4{_w;Q{P8-_PDrX54@NInoQS>l^rro5Fe`@YEZbPG zLpPhU&02P|-Dyit-{B+mTJmkx*>lidwW`wbX71fUlJKU|Jo>^hsbgU16-ePN6*X8RN(0dawPE4Y%C!{3rUOH(kg_u0csB z=K^Cy!)5iFMZS3Q5V2G>M@qtZWoqo!^xl&3=wu*?A+%Pa6u;x7)qL--!6JN%EK92l zoVH)gN3NQzN_8RhNMDb9>(tpicis6diQ@kLXWOfYS8BaA?P z3~pQXWk39Qfp{|8;&afM8+3xs2=k!!S_=DN9fOn^848520@Js=vxNPapPcf%LuGTL zl0DWk%SIgXKcgEtoIaKM?R;WOVOc}>*NWjTQK4WV{zEs<0X>fBb17}myG&OEw9jmzlITSVW|<)LHy!1ho6+B6-y|A^WC zf49j0!fgLF2l_uT8_Rz=JOAG*9UCX$zb#vcae-vn+*xixL`p1+KqliCt7XQVD@Z%l zMYN6Xr({l_^Tr?x#}=_C5=2Zy%qg3*M&y-36p8boINJXBzImyB^0i)mpIY34IVU%Ez z`t%1r)I|c&PL~1=?mJ*xpyr<+LkR=}g@9RdbV=bp!&-Gx+{ zqXY{Lmc_riJc?{;9^7wvTS49pb_PadtncjVT>#dk2&O@X7Y4=#RN)Okx02ufM79{3;ze& zlInop-6SRndhypGE`XgyfjGiQkYfc59kA>ut%GR-HgISEO+hzhBbD(RJn;kR?cS^b zA^MH}Z_XC+o&y&&I43s^NX9@mgqU{=Q8lpyj1sdnXUQ|9W&1 zgou6E&?6vfP}-!Chx|*9cEM8wIPPyX67su5m?OMUK;KUvFXM3H4Av~;a~J%#J1;bZ z=A^Zy6{8R4`~D+`hqJi>2zmK{J_;ysP(&y&xXmHD&u>jJoY2n=h*$o0YDyfIfWaR- z40pL7tF!F9AlQGDO_n9L1uEcypOzh5xZhzD^8RP)X@}~E{a@PR{>SLepS|et z`1F-~@{Rl3KiE)CLcF#Y2-kY6jsx5x-;qn;i~SLJKhBC3aan@B^e48$z>tG%w7|yE z<~RuIAt>bMH35^Xh+;qsCn99yYwzD@?q{gxBvyp7Wr29RaO^h??EgU1Y z7=1(c12~!u{q+wRZ~_+={?+J2`sbE=gDIfUfDLMD01U{RO9!-+yP*A4i`aW_S?d8n z{4g;?#XxNtUqCobG-I{a=ty8-HvZj4ZN`1z65oor*T?6P8(-`c4%|Nz-*k>(11P{0 z8Q9{3WI|V!LO8KBrf0mbYJ5`2*F|_Z(D%NyfZoU}1>6=5kAfFkXRT@#%Zh)Zd%K+? zsuQPdR`&XvMjhYMVd>ZSo7nlxE4<3ryQo3w!U#TbINAdf`&%c1qEW^Oj83;*OJ=bo zb`)vt4Y$+!gf}OZW?6Etx*b}@j!Nw1{Iyjb&BSuKDMGVXS4E7E)Fh2ASA3cbG`;?(zPNo@4U3{;#qjSbT48s z+h0hsQ~0J4bust#soARYzifQCk>;3XoLNLUb{a1|sy*v+nNbd{UkXeZ`g+yX7}oi! zaqR|1eh48M2aX-oX)vtMEn?EXZ56=6?(GzrGJp{7jer%yw=zEwY2i z%BI#HQtgLa`?0&2oIz*n#qsmh6Vu`q&WTtskC!c>U=1|72#ca!iVR7y&%ob1Wp}4J z%`dq#CFg>t$Iz9svT*Pgv41&Cla5_+laII$AIffAO>)_W@er5cw9u zY$9*rP@_4?)5>frL98}%eLCq!i?Sx}io21V6e;wCWJOS6VY)h?^J~K?xKms0puBX7 z>U4=u3uwhsAQ@|)p2vud*mZGzkDqnh-xiK^cjlJ2qeqq+$nD}?K%Xh&Y)l**a0l6Q z#9g4hnpuTg6zMe)q$Lo@Xn&4xQlV;99b)c<_N+^sVa!EOG$Kw^S7+~uZ+Jro^P9o; z`ucZMf3+_biq0uLq>dmQM_qTmkT)Y!t0kjO%|<)BVz+S_;+ANsj944w5R*E)SzkIxh?O^I29-2Qy@Y@wNau5U=Q zKY5RZYvV_k7FE!3Kk{v}FxH4yt;1iGD0SM$xDc2r(MATbB1mhP`6! z>iVZkVYfPpcFh;ERR7F$y=F6V34GVnHx$$O*f?b_i5&GVK$#&L;~eJhX9XI`4L)c? z44>1yn!AGg{bys@qC(s;fUr@2 zey=R9KPj{=8d0hT!QSjHuzU zSi~-O2i4eMwbRfrurhkPDix=zy?7iEvS;W_C&4Dy5gW4?y|0__`zbYSZsu6lXuJcD zHx`~^EaG1sUbnfjZ`av%oG~n``LQJTtTFh?L%y&rOg@y)OC1V~G{A}*npEkUA_h-Y z046QB&V$(_ns(b5{8O1yuq0)Z8@lA^uA!XNxcAuUOaVuPyt#;#x1>#GIz=8GK1`~{cL5Ozu_jK{ zj$J`^?T1xs{+DdqTdKx5*>Zox(h*xw{+MZn1OoN)!)qS!1NjqMTenHohLbGl6A`Ix#SMW);f2&jNJwyIhvkTAevSTx1=8VPMj1C*``(4TfnmQ+-mdAewq2R5 zI%62w@?+i~fC_Gyc`%DTBKY_nA~NONLa1yPWOAWB$$6dgx_&YN8;ZN7GZ=?(4^oF1 z=Hm=uqyNsa+hhxe@ghdALguG_A&W<%Zh+L{@@9l&$_Q#`bO8&ve{x419zZa;UZCC}Qa z7417|(G>h_BeC_QW1Lc81czms56l7 z@hel49Fc!F=;+wOF{_k^W91*EZ>)@dhCUa1o*}OtlA9S%Wl8wt%SwtH*2@ZVmi>M31hHzSTrzQ8ysm#2jLi#B8=cf9F^c8!AQ{7Q`Hk6XjS}IT z{Igy|U+N}Q^DGm3imod%U6H>m)_P4RckHUwoVA(4j3yH|v#?ESxZyR~izu6TZC5V= z2x>p`mZ;e^OsSlaz-F+(r4dn$8Qb^Gli4BiREJPSiGq(Y-oz@*UfXgWCuPF-{QiUB zilT7NmAIdDTw!`f-J?Wdmj1X0GYI9bSQYjaqgbK0aj<=6(vghmQt~bZn^n)>6Crlv z2}|f#2&g3gmfd-JpJtfy5LoSNEqrNbWN%!?PXDL*hr~4|G9V~Mzk~>z6BASu`oduS zbQAsc8+vXp1nsil!=Cg6q00vE4>vqH*-H2V@d*=~Q%Ge4WCFU;BB;!z-djRCzWCZ) zt_sohsHhK?Jft3$kN(W@5msRKZ26yr++=9_YDdYnIyEks!kbXzP{y>O!2!IfOYIOm zS3FAjF`giu{YDs>m6^Q z)}I4nQpB|{w{zDjSdnsuNgfREGPl>Hox8B;_P&hzAL{4b&HCBpQ*y4Q`oCt6sVir? z_v6sL1d`-CTg3n^RjN2Rb{w=-+IJoxZ%6{Sj+XpwhK;viH6UQikFZqs0 zCl9THvraoXK0WN-IpTE>?0Vcgc85-<^I8i36{V=={W(Zpm=w;KJOty=gG-4J? z5+h%+AncWA^MLr)xmAD+pi=Mx?Wnb4vQZNoY)ZVoas^f*%JMi0VUuIq*M*w5v&ksR zUT3hc_j);})^Q_ej|`j0F@=kc11e3{czJqCWy0}z*@~8|8Hh4HkT0Tez!=# zuM+d?vv9fbv+?|B?}IQ4HS^=SG#0P^g42aPlNM}2%T@Caq@Fu)AAiTrqS7;pc)tp+ ze+Ca9w-5%qz&tT5jEKa$v&Vwyld+SrOCR!v0f^PiXC9PEp-q%FvLr-^dwM23#>)%o z`%iP+GDvWu))%;98O!ND03yEca?EH6Wrr<4^9(`%bqAZP&Z^J7PxSjp^Y2DY&&fuO zC`cyY{O9JCcJ~A=su)>bu_5ILNewrG0s)#s2R+|z#__tLqx-Dgo@`IELd1@?u+!@A zi8p+H+7{qcri`~EBI-t>23*y>?C=;vb>1QMuNBYRaZi2a-^%YpdZ@*eJg?;{L&*3< z{&NgL*_yr_nNqaEbw>=?$u1wWC>Qv7s^bKrrp5|WUI&@&=ACg1Tzbu>uLord-1*If zN%AyZU!5mh{{{sso%G;kR`jmB?kE9?Rk$9*=zmcwR={^a7#3+xj;inFV7%J#q(Hx>=ogy2pzxmczwRx&r~Z9>w;vE zaKwfd=atmRcF$?ZdJaFbUZqvw)KVGH+5U-}N(&6ehX-_9* zc@1EJEIqO)JKD+Ki(D*y4DigU8`+&_fOYsdx8PEjPW+&w9+fHZ<*|JJTPZHRU>t;z zL+3Be-n8gu{X}8e{i-I5OjFbB*8e(JMJON`Y(KL)KFAD;W00zLOKLyP+Fy2=pB>|! zt+s3#o9i-0 zoMD`aT-kE9OnxNH`fWp4qVRU4lNqeATpg090OD--Q8W3GMFF9RNX&z(943J6Sq$md zT&!n1jIyDG<+Tb6KM5H0efhVSH?-6eYUx~a=sw+_7Iq-^%-oyeP@h|(<_?&z%4$2I z9_v=7P?bY-#h|qY>CYD<)ra7Nk`FWU#o%sPzDz|L2cUTeOhro9Vy>w37eKuZllL^s z@Ma5gXYg}ai4eL8^qZrf4B9z1z_i=CuFPcdcEOR_m^pu#z1UKk7Z)BrT&TZGW}>aW zO_otJ97RiXNzI;1ETFAf%izA|b`XWZr;Yk2LIfA_m=zv|=^~?-+3$IucAwZ7=4f@7 zy%=gb95sSoc0U`lq_Iyj=ujKHOIu_H-A@ zOerWTRA?z+MSo+P`n7*VC~paHpm23CYR!9wQA#`oPHx=u@wCJ)uC38R@;u72f8G9b zk*^AP4FoA1PChY-2G(SjvC}{v4Lp~nNaT>)e0)gK6%!~CBEi^#u1V91DdS+-zfTjJ zgB?!FYjHsD8zq`bC|2c{88T(&e9$>JT7ygOR!XxzvC$pWbRA4Ad&t1nd;2oe)(Ww^ z>ueJ|6dC$S=nJDIEA+g?opC982ql!@E7yx(eu?~DE9Hsz0OJmC30&v&G?Laqr`e(OKY;CmW--aWchSQaH<|Ug^6F;*{$whGBpj3TY4`io&fhVo~Yi|0{F3eyX< zpm&iX^%%$7tb|qWwV!G1`{-STH8`7siTJC(8WH}2cJ?g9_>#{uh) zM33D~kJBddz*BlhrjkdeQ<_V#3!o$L8hgM!8hC9^Z;pEeO>;8TGvLeDT{(B?Jl?Qb(|V@ zVgutTSYNhzIre?g7dMWM<@-54wM5o>gT6`O?#cXcgq{g4FnZw;|C8ULKUKx)aa-N?)Zn@o0p3O?j zH7h@A+?&UpSk*9`se42C=RwRtTj$>Nfez>XF408Qk1d1dJ5AvQ($uCH+azsk%#q4c`KUtW{CIx&Wmo z9@!pQSmlcq2CDAv87|<+z9^3g`L_CBV6G*8on|sXBrfmBt8NJVetl*){lsNCnbdZ8 z8;+1g;3E>wc) zP8OARM0%@s4@-<-;<6X}mU6)MYMD`^#=)^l3M(o{TWS_vc+#YgmT)jX1;{J;3=o3mMyZhp-Vy?_e*$N z7!dk&xsPTr0!dT$sH+GhwSQ^-nF_Q)a3&gJUYDI(tO0n^b2-C&U8Y^OAvU5_jnFhE znUC){StK*FZ!{D2@DU1PW$11A+fE~hT;@<4()rrkZY@c~(vs9FZ_we`*+0GMo!q-1 zTHCC0=%qE8YI&FqG>>r;rw5&z+fv!aBmF6i$#26!vYsMa+a} z!9H&*qABrbmH_;Q92r;{`dc8jjlS=z^V0o?nb3yx&H}&ict{>7dhTALLZsu2^@el| z{1HbcPGzw}?T|LdGkKkJuKP|@bxFy1H!}*>j=R9XRK~{3Vj|PCal1{lY@r z$bOtM0Hv#LXKCFp3&o;eG3!UteQdTWYA{h}7JpVf&IC$su!u!Ve=BIc0rCQVa z*gf~_()XF~W6j*`7i?h-a9kJfBzzG_5U~fC#~T??q!xr3$S07WACaD)pP&vpx-b9) z=JopuSgR{w1V9NDJ5d1T{NM=5%|#Ud@%aU10OuZf0U4YGoO18rIo8d2biOBM?ar$QKd! z@EW=S@{<}X-}VCLT^XB!9=2~58t!Mp0LWRuW33|yNCF51;&;A7Q557N{vo`;H9SCJ z1?;pfFyB9c^@rF2^cxpmAV7UrfA8Dl2L>$k+pPs0#IVM$MS%dYh_nk78UVyao!JFt z560eyZuJvo0UJ0N|J{7WjeUU7vB^1N{zYb?l>h7|}pnU&Wcd4u$#; z5WvEM9RQBkm0v-R`zJpPI8LJh^rPBfvB}5wC{UcjKbz`UFu`j-*ldD^NCDNIoz)2R z4J)H5fIfL3&Xi}un;j#F+dCmcs3KS(O=F-w;N#ej%6cInK5dQ$Gr%VJ8f2;d@J<_0 zFI2$H^zzqE03m+>LTq-ke);z=7(O8*gG1sEn7Li=8wOsKZ|% z`}9+T0f~mwPlh>Z&G$`uJb5FGE6bgQC{qvx!AMoG3}4wS^$n`#xzwwx>dG-@r}U}f zGBY0wPJZ3lw|@6*>>jMTbOeC~Jay#`lga=e*Y{g%vr3{%{);2+&+upPGw zDiH_#@u>a7+2~I2gr!#j#Wwr?&o0)`w!N^5jXO_*Ef`C0JiMI)BK=)(EywW4)#lQg z*%5i45-#E!pF=}lSN*&zd+kh~VpW(qtHEd{?^UhNi&Ox+nngvWPn9Q4n&Rgudpmz*U0k1nc&q9@L(^`k72=AfF8d#=Tp%kppwoI{pm83)s-3L zUf_sgC`mxpNX3^Ta0QOq(``qpf&#RSnCLY!Ej1u<|47g662K)N#;HM>Hb|;kv;4gm z6dC{7IOg*!ld{W$05oZIr?SqpSW^@4Y-bZmBP+qP}n zoV=%IPR&%E5A*H*1^cerYp->c(`$X~s}+pBUmEHEGt6r+>z{@VR&p!S(vWniHN z+vU_RcN67Lc=Xnd&(7w)coUV=K&IjH1|+UgKa7v9DM;XKW+1-Yn%Gex(x3DcyPegy zDO&PAcsw;`lEn$q79mKHyd}{ky^Zrmmu865bI&D(x+Xi^i}@YY#Ufpy>-@dDR~=)Z zFTJkkgchmI$=C4G8vwMt%re)uu)KpUAsaOIZ1iEjzdj5ksKX_s)GUJ78p6YRj;FTN z>JP?Gn!U90k6?VGId`6&&#Clti`u0EEBhPu$*o0)qDKg_R(0G+ri2Bs-a6z_IB|{J zp|*3=9GIZ*|O%Eap{BS?&w(Md^ew} z2GMN?fE|v6gZrq~dS*fjm}{vo)8|92zG)kO=vx|4HViib*6*yuU1D$$A8!T_6oDj1 zorqB+-^x%AS1olS%DQ=$2(!(AYJ}!_jTRi+d)zZ5JZF#S9cEvD*R}Klyh}{&#vS7Y zH^8SuIkWR6=~jnj6U5Bj^ikvXWV|Wkc*yK42uw5@6AX|4l~axnpzI-PQau@Llt~j{ zhU3sJEpO_7&CQYD)}QkZ+o^Tj^$%tlcs7-HP4hMYtS8;B!4zN2Ac1JN_dtnLJUU|o#ZZnpFS@K{gnk9@>Dvc_8K z|1vvDWM|w`%*=5_OkL2lq%i4lVAmEgV`x`0m5PxY z!?(b|-tyhex1KY4I#MuJv=ArCCGuV_(r-nyl>LtT?B6I%-XVrX<}d%4y!5wJhm^Vi z+od1aW5X9ly^Gef>nV!h2+JFpoSL+H%FJW)! z?)>8`DOnMx4Jp_x^{*pIaYDy&WTE@b&$V~L$ z!ECtSvonm*by$U7m|FJjKUbdir!>buO)G!~*JVAw6VNx!qR_EYQZ~`C{7aY(3fv_f zu;Mklqb_H>8~W=hemg?%_S7dO0-brn)r^|6D<(==F|%6llCmCais{}YGIa!_W?vAGs@({IIJ5{fn>x3TJKHmaMX6c~cn-0l6+G)G=>s4aU*D+)x&0su(kwnGTS5Y-C-wE2jt9;F|Aq^pyaV!`!w7oM9I#mDjOQx%_JDrg?vVQvtUf`Fv@ zkf$D%J93 zl4j=+nxpS9i%A|Fm)8vy+|y1v1l;6U7kI(i1Q`Ui?yGDlbP2@!un#TH+2;a%H3_aq zr@>&7ZBF8^pC}oza(E5-Fx2R+N+g_8hP-X4U`sdLcaMV=4P_~5ofIqX7VVo#c4uLO zE3zsxL0{{n5+18c9utQPf)JOsD&+Vr`XcnhXr(gWsBbiv{m*#i7O9>)dIh>hR!t}% zHl?5Ql_Cq1o3q(-Zn!hfs`e?TJwQ4cRMLEp=0ni0W$z%+8e}&Jq^+q6J~&q^nX{8& zDk{h2VB(9*ea?F%+^>O;&D6jd$hVs?O?(@=)Op%B=H~9LbiMQ}Q?+y0|Fv0)ZH>|V zQXX=xGS9UoaX>|a0ZGh}VHt|B;7Mf|*lJgpBGZ?6)jqQD+*vO+xI|BNhQCRH!_Omb zz=?b>ApGfoRnp&`rNrYVX{HAGPeKIi`lJ^z2xgcG?J+Xdqa3M^b5`!1h9<1o_&HDp z;izy_(Di>QS)zi9{=(dZn`aGeB;|ijp>9#~2U`@JR05y&TG2+_QPL1=@7=SBTG}iv z^2j3SvaL-vJ1%9%uQW6oL&`-+ite^=vLf}*hDjR((BCBMC~?CjEOo(kFB?M+mc-tB zN|~Du(f2oy4z=EQc)D#AO^BbMG$A{N-ytJ8VOKV-M&{%mG|sx1YoG-!i)Ki4*?!N- zbESC|wp_QW-Jm>rU@$STwBEiop~4eCZ!8C|4hFB@&HBJ|y)n(?HSUPRD~1xcNw#f_ zo}4z$MBc+SL;hUJrc!z6*5%J$E{%`8ZpdA;Wpx#@$hfanGSh|Fcymz5XKsLQQY?DL zKGx5ul5E8;swr7iQ6RFcJQ~e|&~md&&bH*dpW)z83|=bF6ZU(~pa!8`YFCUy6Es=1 z=F+f(-nez;bat&#yu!bnKc`BPu333kM15KSeeVEw{qNiIAUL-{hS6$Mtj2 zIaCrDp<+5LOx8Akj!@aORTnMBtS=yid^^n~Hny4^2-#oO$FWP*7jt#=jw>wpGlYX| zt@3GjmSsF=MjnegyZg`HM{y@#i>0>7;9;X8BWovTv6yTUDk^DwNj)_ueEF05u>!$YA^L4TRSyrdmNHlm9v36 znZ6L6q}atPAyXzLYQK{(3W?0FAhVoP8I?Im^;KJ2p%q_&z9O36vkz?M9?<2+h{L(F zS=~c}`NZbuy3y_s2b18HpeEEWg41-UsYyK^(S|G2-!D30z?$yQZ6Huu_lE+KYm=v) z6sDMwul-Kxy`?{Byp5_N9}0}bxLi%LwVa&*`fjBU?-2jRe%SuW$PectVmnLDT&y1l)$>SG3u$LwDS5;uvb^Vd7UoXcsF zPb&40*V>3aj`FJ*9I?NjB7KGv(DA=&E4~_`WqFxarssaE&@^ET-Z4Mjz*;ai0{E+I zd6bEzggKUhUbe|$^R^KjX(?zS9~6dVO8cBK63z0pq1_C12h|AnPqdtr<&66piZTg& zdb|IC7pB);C2jSsU~UV|ehkg;9^1C-`d_fG@0PedT0+O{Gz zBS$ydD9?t$T@Se(L}@i8&xroDzl0?ei^@;TgtbzzT6?)<%zIO44pASFeDv{Cv}iBz z!={Iga~47-H3Nke)4yj-2O-5zCiAbuX3`K#y?vxf;dEzu%VrKw5@0tG<}60pkBLWf zkPzAKs0Tquw#8L%76FW)2b83J0{V0gd3Svws{K6)F#a7%mYE^h+KAE{L=kW&Z`rb7 zrsczk+aLbPa$(+KVxo{F6v%Ls8C+8GWFppSdYqMhzmJ5_k_Z-Iy)TNnNx%C2S1spJ zrGeQOu3)HK;bDO?aq;++X1K(4@532kEbt=1MrO{H1fd6f3l~%MWjAy0#OKE3Cm*xe z?2VIve4*5QAk)3n$n1Q|?V?CM_`%Ko-Bn@&=?9gDGiuapZqBrY6!N6iRZ9xVI{S(>QWBOhTLao*g_dDoLC|i|N7>AoHn}yA3 zGT<3-Yv=9j#crkZ$u!p8AY}4<131nWjj5hCy2EARmdLeOHJ0P-|D*fW6XH#%J;k7i z-9Ic+e9UPfeI%|l*%Z5x>YrmRcFtep`&~3sLe2&DAkCk0r&xnZ7s^=YLD4{9IFc;h z#V^%=RLdZsdv&+6<{2=@6Y~~K#c~rcxqlwU&s8u{H^b&@h-<8SO!KdGxl9GuQ3K#Z z#|>@W$bHWb7XC2qfdk#SeR*NXA2x^6!*{P_mnpS&(!thpIWn%VS?YJNf|v6y)wF0_ z{yxF0_@~E>rw#M+=+9Ap@G@~I)iSJs_q`G&9qJqhN;G53%iOdOf!9cF|8X(DQ)}Bp zaX`3K%_t~`@~-199*+&;GOF%*i*8n>NiNfOB z!Mj2+B2D-;x1m1i^4)ilj0(aZoNsa;Amol1>4|DY%PCA-DGE(;NVpH}1Bc7}r9#Ri zY}i1`xk=4Ji_~~S9~@pIK3(`}Tsn36d|D`;$=$Vl+0nD4Y^rBb^y_?bZFq1{axN&4 z_taZ4L4~EfV(5O{b=Y&`u5SkUkuCXWLSB0{qxNrwvzN3Mr)>fIu}i1EC#aq#;P%+9 zzM_GsA8wMO7;l*kNH}@FGxZ9cBKwJEZ7b}H&V|CJXc3dksB_7MCOg0Kn;ZBVE>r*+YCs`(qS*Z$E%G0{Az*crH z6IoNDB5Z`q56YYGdIZj;zvn&jhov*#V9y_`Yh#P;_A&Qx8#+EpZ-;dcf6aX;q*f<0 zRXLArTIx2@&r!+mjnd>^u>by-d@IOi`n?hSCsv7SeNiL7QwCjEb`II!<)9j7_BWk5 ztfEYYYh+j?vDNJRNiF(gLPS!O-PG%h6l#iXce2I0hX;DV;$$X>rX(S`s;O>`;N@!) z&Ywa)d1XXa!*)v~mga?-y4&%VE6#Tj@w~N}P7;O|m18q$r$>6N{k1id@!|v~idhCf z3Xmdxg_6`XrRevGBhc~<>dnUMDCLy60n{U{fBHJLZeAA|Z_+B?Qv3`J)mLyHl~K)# zhXG&2oMvdmh3E9@h}%pO1ZEe;cHszNmbi{q7J z&!u{qgig>JytSL<>U`F}cA=Q8tZ`%t3vBWPZ2>t)c;Y3|CJofVuv|@mg(leY&T^~$ zEeR9!0qYu%-po{Ze=~6#<42vm7qcRpn>K=TuKb3T>iUCvBcE3Nzk7Bhs~wK+;8$^4 zQa+xmPb!{TIc%UdRojI7RhdZ}8}>pS?lbNE?%sC-ujDPG)q;#%Funp$OO8!T= z#QEP{(f?a<yCk|P;mS!#NHhWW^Fcz#2nPzs1lm8dDIqD5Dpl^66jazy z7(|&hM;Dgc=NsiX_3e74bH2r9>3!ch?epaG?6ZCR+QRt|4Tg5{vlFOF3PJ~j0VWBY z4gwq`Ksf4)98XE*$2@>zgE)f>W=4$6D33xE-?25tD#yKm-E^)dN!F zL<_kYFmfZh(5D14arBE1VHcRj3waS<`Vww|eeq-msv&&YKKwHIrUn!LkP8vWli+ZL z>O=gQ*yHTc(FfvHwH9n(c%%ObiGGU)wRjLSy&~B{ZJ-;368%?5RFx4(fbl;eQPhZl z_5xmT-rcHhF|aS{KrUnSpiY#zN%#-}&x9Yt@mEZMAk**_N0a7>Ns z3tLcUD$flc$ki_Ryuz1suK?+HFRs3sAEktnjEo2f&^=I(SDsvt?qT%jhJJV8jxM7~ zKrWDLAx{r53m7fb6;S_2JeZqMhdvPN7%T?b&5z-z9q-o*${LfNgcQ;s+S?3HE z=m{YcyTAv>BHGh%12>~*OX|9>INJFitpD36hv9DcA3H1i1Nj0LlaMqW^ z5u(p`>Z0~8)L*_i)UWgPfYJY23cST!0Kfmd892Ffg$k*i=6_Zd{22)B_97>xhVaW( zK;lP15|b0k&-Vjj9Ey8l+}@Ug00KvrU?m6lOJjoC@e_&vX#1^C1ca0r{9qrP%GT8Zht%6*S+CS_xH$Cz*7ENf-9c)t@QN;)??Jg zN-{FRhE9%gs*1My{9W0zM{?sHq-S3AsbA-ATS1xrzMlw0Vcmz@2#qMJ^)5A(C-W&k zT`*h%s_}x*75%2!ISH#Zp}-(wSoTmwg%1tzcD+5UB#GL@AHCot&wjOwK4Tp8i|$)O znZA=tKYfU$yrtirERWvHxy;VMNN5M*5I9wnih;v$$`=xRri|H z0Vc)dX>CMjtEHyr6K$E2TSOfh_SzQZ{53SV59SWO{l!;QW})76;ALNb`CH)9(H@S+UU>qW>mf7JW|dX2Ie|-PK^^^^2P8vI;&ouJn)Ai45l{T{B zx-qoZvZ}AhWSkhkn*=;nVu{ioO?ZhmRPP&;4#IF*j$F5=vuVj1%{l3_W>=JH^GIwu zc~O~-`5nl}X%}Yl^(s#+c4Vh{p_BiCO@77&PTB7UEQ4!l;xMfxD;+~7Dz1VZRbRE| z%L&kgsRXj^@O84!_!ko;hcZW0xyyPfgz(T+6`g2Tw+}@JLMKMY30_>$+wdIl$K*=eAS*Un@fpvPUPwmld-4%*%}=L@aBJc5788D7oX{gQ8<}v5A@dp z!k!r-xOGk1G=r?X@Hp~jmk!qmKrpSt2GR38t@U?GqJlWG+aCI~%lO-$EFLgW6ukr}337uJ(p3DTNIE6gA^SU)WJek0cO&bj{ zd@(41)?i0_@WJ~Kc6<7*sjjIkzN9IC1$!9XrmSRea-~S4H~Jj9#&{h>{Z2xv$U=`P z<@CRgSPqD7ww!=aBuCe`B*Wf=ooioWf)ch7At|1Ir_o=QKC`*uU_ zBH3=ml97I?3*;W+Fjl;yFxFs~bJ*0hslTnAiCVD=YAXKDYAcnPt{B1KhbLsp_3$8{ z$E$*;gvKx$=ktD>Y$P6zQ-Rgg^iHaz=u?*1>h}JQ#_@5uhwQ@H6T#Q)$;J$yD-{2E z!UdoLX_!UnQ(7@#X6_luzM#L)0LSECFSPh|bLNtaY+7zsw*C@0+nF%=x{(z;5wWjy z?KL716`8&-llYYOev_k%R2~*#$-q;6v?2?rMbHi$=ZUg)GQWMOJ40MOn<)=~x zcs1+3IHMAHPdRkrFMS)h#!y%YdSATAB+=gyXtao~yd5)5{kg&u|0SgHirPv?fckC_Lv1^} ziEA?L+k9!cY>A_f?-KiR*bV~5oU3P%&}EC~aP_$fm#vL@*q6pHpaV}akV@83@ZfgH zlifAeMIp+^5x;R6jhm&GsH~W8Z6iwg%^~<({)T8eL**!4U09OYJJO+m zEIPn~7u`~G<&SJXX66Ao#8xu%kaBgJ@*ycI9>^cr_xx(p24pWKqN z2ik!|Cn1lTqmncMn`)oXnLaB1Cr5JKB9ycXg8j8PAsL%LV+W z&_0p4)Gkx;KbeRawy3CT0{CH&bnRl|j6(mC?eee-Ox^uAOE>)Km1ZL!eD zgDRTd_kXnH#qnhOV6hCM>xZL5GU{t3+bF$M1DvbB>CaW1fHYet$QkK-z!f#=|Kj&- zc_LeRaI=eu`lYq7riWZi=uiuDlynD6)Auf zIo*1Z3?*5aZ}H1yn(-jHfCfL90)1lfn^NIGDrE%eMgQl-Pet{V-WNV92ck;oC0-=s z%#jWTh@QQNfsj4&X3jk_(IZ@S_T8%eQatTLKnb3&N?m_K=68Z~1aG7;?MLnt@|s=gjwUVBYL@=$9~`F2_#F3cPFAVTI?p4cks~w3QGDG><=iFw z!Cp}NS(GDvcZABa&fL*8!O7CJv}Um7Cxght@D6Kq#g!IDP@aR{aTv2;u)jE za`y=7PabHa3w?V@{n7JVs19vZ3!R~TgGA})KC8o(d$J`jEGk9Syz|t?LD?x=x@?HG zq~QHC+E8l$IBeyO!3*C=h?s6|qfBscHJ`lSFDH|8hfm?kl+DY^rA_%XmqOYMV`DZ*imL?sNq)mSRZr3R?DW9cut#Np;Pezq%Q6 zfTF!!4xE+Z@D)4Yz{3_?&F1yj8`+oJiKR^sX@n!mZBV`gJ)b-)?Qb75k4TMq0BW8> z6pj2tnC?PsMh%}nxV#SBM@XXI;JuyQrcn+={*RUNbR- z@#uj~Awu@{Apssf1^cbn%^ zdZCflT1>@w8;J+Mvr9$LndW_3m>S+{=!>yZpvS>-Ca83Hq1ye!hi#q9k`}+q*`?NH z)HJ>1FXXR$RQP$;^k`R zsg#s1)WXsebVIcuC9>q@_#s;Ilj+@(PPkaL;ikkclCh`VlZ(X+$@EVu=2?31tbgm9 z(%1HXIyw5-9nLgIsmo<6f!v0h-JmE*hScdI3i+2O*@LRQaXjdcn<;OIm zZ`V+GpEFTrr%K`+?#u>ts=DM84!0xmFVyX5=e*OCA>6*<+?51^)$oeZ8TtyZ#mqST z@3XTls~R}`{8FP=>iHZO3p76M4}aNwD4#+d4{z;9U4tM@J*R*iHGvsuzbrmdBHsQ> z^+}IO`ZJt$0xw+#JxlOLHlpgTaiL@hMbKBCePvg@XRc|ALE$6kVi`xVS zv0OtP3`G~Wm~FLt<=BdJ&MHC+Ny^qD?$u{t6kYLxR7d53cr^dFhuXJy$s?Pm0CPo! z=I6hgJ-bTKc~QdM+ziU+A?Q;G`!V9Mr($u0+jV|+kT_&jF<-N`Vk|qHlEZ7Z`F%J5 zA5!pD$O3B$i-YobntlGMWr&NB1EJkUatL-}tO1o{)=@CKfyAh?GvB>Dvb%VDQ>vfi zYFFjChI0)}TY2(0os;>sZJl4oo$#+v);B4a`mW00%&2P?zAO&;S;~CeW0rst)z*wQ z%YSX&vd_ngX7gfP>pAE0dc}i_j?V=pfpH!F?hlJmQ-gJtsr-vQ-}-pQ$Tl&$+v^Ee z02?i+tjhRa+5txhEIsTKF*GZ++uMwnACyfy?|!V(C4${=|9KqzV=$ z7ExPbh4+Z-_25p(OS9-hIql|0Ecc6H^|8m_v^!A*pu+MnuN!##3)pUrQSMwIX1wDD zJaawexUXKRzPaZL{TxSk^O~Ax{ZC-{o&98T8>GQzEV9V^viBR9%`M;>Br6l3T^_ml zS?hnIX(qSC>|GhFw|tUJSkM9eiAX=deIk}Hx3$=11=r-(oxc^8piZ%ByqwE^_CykDU^T%uGw3>cl= zvNmY@&&>{p*3L@&A4-j7J3Nfh%M-BW%UxFxrl+nrJKSxD!x?Hb6kH7y!n85P&X%m2 zWy}|9NyFCDRjyahDrb2sO?>qkPxibpEQ4%Gn9CfwF=n5%cP#IXL_UDp zsbFvxMh9a9uZ1}Ms>x;{6GU;~MIVb%D)d}Q&)zR!zDNA@a_u+DUN-1jb z7mDDvg_)aFh49)oGRx?lqK;TH>_A8c`O@Cr`S=*J!yJycPIRX%$Z@n-Zq~~b>)^D; zE)e73^C*-&G52u1M!48b^tHiw?w$#?^N#tk#;W9ZIazd>(*4B8#bEChK2UH5i>1-H ziLFi!H@guY$~N9qg!$eq^MVCh+7;WDivJGp`qvtm4pP+Cx52s027M*|DdKNorxGfg#@97baimX~;7EaQs;l>ao*_;O!G_V(YMXAb}C*UtZ_9$TgF@DrNkN}U+63AE*?ZzWgRZ= z>7(;7{W}Zdd6S~A`NXK7!2aM4cf4*z>fHThj_!DGcu*y`5_j~ePs<_lO_c;NZLqEG zl}!z#CaiMXgU2@ynZLPTExLnq7ffH{xcoMKKnmf$7(|)6Z7wWnpzz}_aecUNe2MCU zBe-j4+Pk0KW&fjbX~udDqY=kM{IA?kdEKf~mmjQs69C^VuxA1`a@p(Y&&f&807^R~ zK?$spvTk+tM!P)Dd;N>wBXc^iTWdXT% zvCzcG76axDt;97h-7Sq7kw(u%nTDPBbrSr20}S&4DJd2>+m7kvi;-h?MJ)6u$Gd}Y zi10YvukiD7WnN;m8zz?ceJan?jP!L04}r>{!VB6xR*s8lN6`$8AUS7GR`Wkmog`ls zyM3eeHiCq@J6~Y0)>-BHv5N|dTpCS#|5$6Kg7T%Vl6L@e!nxP*`LJWmFt^Q1EMH_iFIsym5H@eW#wke?_=0kY9v# z{3NU!AuAl;&U>SgpRJhmqBZ7_iVar;3FmWDA=w|dGBvcp-(QLr0-mb|kztz0I{>Jn;pjJUEVibH4L5}WjOO~3Y zd}^y*9NagUmUA6hCml3*l#jOTIY)P7^l^5s)nqtVb~sm^DF#FYsY#LH<=PFBb$0fU z#jysuWSvGL!IP9M=WS({i6xiew|LdZ=$tE--52TFaZ^B_y1t!pmB`oASa~4EjDHK) z4%Ix0EKsbig?dxJ^4t|Y&Ih;LXGx*~f)BNAso+MS9$GNeZB~KRon_l%|G*TWt#13K zt}k0V+Gq*T>z{wbm^@*6(Z;P|KV#zDjF8{zn71m#-{51P06BxdCPcQTJANP zG)37=9pJ{g+icG-5xn8b0%3G<)1^EKv);}{J0s5IK}m1#PrzOZfyMh}%08u)Nm1#) zKAVJlJlkK53WB2Hf*AwaeCP=-QN zxCWLj4{Y$I)JMeX^Z51;S`+&G9fYP3OwVuAG%JibK+Iv@U3!WghU82|N-duYJ{I*u z7Mq$?Sk#M~=>|^RqAL1f{q^3?QO(_1b^?=WK?vL_`V@-8-CzSLF(@x=>Em2bCb*Bv z#rXUj7rN2qx!#WRuUz&su-ralMxW(|rs%!-GjnZqWws`=GV;_RxMU3rX4VJ-&ba#X zBg)@O^I-&D#E4$)D^DJOtPHvgwb>m(7bVUQ>+ecxPo0n_<8!EAs@MDgv^N8KhTIDogGc4yq2PEvpbhWY|KNrzZ4D z3ip4Zx9#?C2Rd9&!G)yHMw=3Y`ZzMoLi8LaTI#L`B4EagXK=EBUw7~} zSpB}|VK4$qp*hx02kGMwiYyccck#57&f%HBz$Z(?U~YNLgik_TUS2F@6tYav#u--JI>nTAX}v? z9z@6PeJnC(gh_+cYLdB3!+u|A=o`g}Cn~ArVOcMROL_Sd;h!9ycrFLuDzPX>Vmq{f z67xpKJJKJKtuXV?8OKXjLTUNYQb?gF=TE)@WQDAjoJ6dUK>AiVWAUk((pSZSDA$Sg z8Rd9b4}u6U$BnP5{aKK^fIyvWJOWuf2h<3knSWX^&VPy~&bjXZcyKqTu03)Af*l25+wj%% z!1t^ks%r71y|&@g1k*?u%L})|@S-&9K9Np)_jy*!#H{B|nphVoRuuCoq~o)Ta@Coq z%0NYBayxjKU3y5oPL&txKqE!Q=G-|{YU|2YExy&@ilZO`M@dXYLrew>0V>+7m*&frKT{{*9L50x!3qTItSG?=(Nh$1 zcOy)anOWOn`Sl2O5PSzLYGhOh<{JvCy0L2ph86&ZEl@LM=eiNC5QZ~@1}@rD>+>zq zOLHAH=rIBV`~LFcM|g#W1anz9LIL$4sF&qWZU={Z2_FjV%Ldm0Zy)-73J10WlFmiK z=xe9Ez*~U`1`oLh!~upDGq6M45y!}h9oCL(R$hR}`rt?M&3XQ9j|BFW1+M@`dUx&Q zTi{D3MCc1CoU4%34heP|D!>hVO|-EiAS~;Rw1i0m6-21tjZ0*Mg+`CR2QSznh-;6~ zO%n>lrW)msq#fwH-Y+lX2gK`)M_u|cdF&E0J%#*i!sKNSm365x;y8>{vjYQ&c^54{<~9G-&*){ zed!3qm;0+(Ru%ma77hso6g1d~l+=%ycn(E?it3l%4F5cqAd>Gm&^N_zNOwf=q*rA+ z8=3F&m3IbUx9^BR#FuI9W<}1WKL3tyqE&>N0+TSFzRBxq(3pll>X|@r3Y@3C2EpCw(O+;r)Yf@)*N(uQ9aIus(FzGrMxDTAm>x zhR3(bIpz4iJJdj-MSFctWmJSvpactue1I5ZF(f=I$QUqUsjUFny z<2SjIsFIwkyd?j`wP`uD#MU0xO zQ}ep`Tb#$=%0{#|i8KLX=_sa2ins@VQ>Vf*tTEECGoK5%>dg|7X<@TGp& z;T)@7@L2MUfmt+Ihoq*(yxxEd;u7ylG?HcC4%qgx6WwoKT&!nqWjobwdUaM&k48{p zi)s4mG;R1F@QJmFbG1cd0c=#mg&XG!F0~v5 zgcM~_(MyaBz&Rqz$4d50Y`%cfq!_+eu9R3tBpf#7uX-SyJhz*7!Bx{m8@f6|OL)eC z7btuhVQpj%hQH{V&Kq>CyhG4!x%@{MB|t{?u??1~gmP+h&Wf*?dq`1y)U~(bH`>?6 zKCMo@ZELfHyb_-)q@V7ChVcHLFZ3MsG_nT&*{$BcV1M*_Ekj8?eQ4%uM1pW;;_S$g zM~C_ScEvx(=1sSEOTX4_;XRJ}9aF>TB$nM_ex|N>58mCp~bJgOE7 zYq$6a$l_Klja<)nSCw?IG5jPzS>U7QqrCu+1^Mh2J+O4;?mkY?JKWkhg{MRG5x_ml zBwZ_@Way-lQ6TbQe7b6Us^@L=PiOdaRX>ke`g@+A62T#OJ@F1677{nOACJ4LULF)n z0qYbFhJC(J)bwY4gClc9I2jtf+?pdh#VStT0ZhPI)m|oGecRzOHwhDYdhBfE6ObD13c8S&?b};UAImD zT1AOwtbg-da9KFFB%>!O6-Ft&(-luN%<%*ZZFK5^i(M;V6n=tJCph%nD6Etmi*Y69 zwx?mBerTckvF)1_br_)czs3v;m$p2FKtA+tZjm96NkGF%3Nauwr}ck-pgjDorL>z) zVVX2^Vel$i6|&63%;BcheMVJ{?wFQ3K~N$O-5w+a6E>pp{Tzz6@$|gFF7{)bUO6Y- z3Aa&LHJp2QUpOSlsY$MI>rfA8q$G)F^t~nvE5V99>1%d|VN-L#Px1@ANIwFOeUQ6} zij*atUAE%m-{HK*QGdSXWjkLpO^iKyE@)QEn({pTc~L`O+qNilGHO2m^!1kwvrV2` zSzAf>?@Qytd%2553Y0Igpg4-hDX|BA0L2AOp76hegPOx01yAZnh}Nve_n5};ImhlJ zT6VfzuqYaaw6oBy3IF|r>Ak=ZO)Vj7kX0hO;}44E}3LrUxA96safgkg#$l>MIb^1%*FhSA@}e zkhvXdim~FCX$@iT^hq*q8b;m%i0b&v!TgcIGitM=uHdNA-Gga46`B8?p#Pb4E3EQM z(VSTF z<2-L7_Sv}Q)&}XhO;|j!zX`uIy7t|kOtBNL$+-T!I;C(nZtzbX!llOpmU|gfu#@>A<<@t626?0Tc;T1gmMgua55HaAE;^lK&IyB?!d}n`sETJ4$({Z z)DuEZ9@8YVtlm?}BfT#{Y!llaSguC@Ok(zG8?##_3aEoTn!ZCbm|c&qD->p$m=`1U zIyMwwxg$hV*|v zlmK}s6XQPH)n7t!VEqK6xm1g2JWvPGLlN&S!voX39Kgb-x!Wl->xwf=#a%Z3-VjdG zWSU{@`9@FRrpECJC4qaolWZ=QRdChWq18Bf>Tr`n@uYs5Y0U08b<+430ZJ;G?}ipv z7Pshtc=qgqo}1SCgl!JUbN5Qek;1#=Cq-ZQY>X#DQlGM9f2Ij9R`Uc!os4qGVLc$i z;+>QPU7K#pBFFNR|Dv(kNg$qnW}Is5M;)@Fbq0Cd0!{)LtWY%CLc1kv6LkY*@ZILk zlkIh;Ee+szR+*sae>K$TXJ~u44HIieIuuC_@ugs;s_+U zQL3?dJ)6pjx+g)f#$VEA)qRYUNRpI4#)e*>!f{gH7p5^^BWk(ip097u;PSZ7dX|~@ zw1v=cOuC7qu`$aDCPbc3siB-4515QUD&jT)WE)`dVh~Z$f8WZYj{}PPSutP;Hu6#A zzgTA-LIbydUyU{=TVFmW)E~>CAB&ol1UCm@h;!tBLL_b;X(-rFCng?r53)7wolam* zP#R$ugoNZvgX)uEmt^s~?P0zoj$dY7A%Icwvw)ydge0W}>k>&PF zWdWyc4#5uva9n#w@jg*%zA%a^30dCpZ%7ModRN-hz4Rl-vPr^9=CFMqV$@`!_Kn;a zAlk-#4s~VnTlq)0JkM<|;f@)H-`{1zlW!lFwYMWf*kWG=$`E#3Y$D8T7xL#qgL3WN zs#(WguUdWQYE12U+L!V2H@kc9FX%uAm-`;iZm`gx6yb)C3RN_Kp;V=WW6{HeK~mQp zmzNi^ncF}+CH)w8aDzkg?aFMaDx=5*EXRu^ltlG`#F+;7fP_b?^*_BXIu_ZOLg?-j z3lFVK#c8X(bprE)@{Tfk&+kBdrg6MnqbeV;55o%);$SBC>~dfJ5+9i|)3}t^K&KM$ zgLTKBW3GNNkOA8S=S~ZB%M_+u{(rG`4ne|b!IEy%hDzmFymL&cd^IOqjCIb}*_u|L zOH1TwE1s}AJ>#cGzd%W7isAvBhSCvLzvkA<8w%8UEw}+{hax96dHh4Ga^;0#X+N6D zUqJw$ra-nctu4tABeR2L#)^r_BA(DWjj1I8w>v(bWay??!~T;w7p%9bQ)-wj^~HR) z9{b8gGroMD$y#rTn%duvTJZ~2F~=Wfd%4w9&_TN};H|@p5&BKzRbm;pUork-fr!z2 zliktfrh0N@N#uky8p=(qsyzI?-iRL_?nMMg9cV zR&Q($;a-HN2_BtlD~3IcKzs>2);jFuzJkJ~H2}g4XDgx@oY4CgWku&2=sQ~a3Vr`t z6c!s{pO#;R2J#u|J2{Q$V`}n&Dri|*uv0uPCS0{M}|ThPT@(3bQfrbhFGnSh6^ z$9>=Y16u2w?#qwy&*S=z=57*3xJa`f2$Y&C&T!K~h7_{UT2`5jdqi@;Ps)k2EOOPG zA0Zq(?VezMswLMci@;@SESnNnbD$;uks4+`*e8g{El!Gqxn1dKePVtm!V`~_#p_e# z1T8BT8RJN+`?(2davz|x|NI%KGz8{%Jlzqb#U*%R_5c|Mbqib;J*T9jDZ99g2Tg_I zq^;Y~HAagCFhX{*yUmwrUu^0Bg-i<+#^&*5S+OSpR3{+yFBC$-UZ1*;k1rAi1TZZf zqt|r1KI!pB(a1cN>czZrb6D}V5m`HU@Y|y;@)Ch(^8-`4bK^V*zITWjWkjuSKIY`{ zMRagB4QWPj2WR#sWT6OnIVTj1Q1kdWvHpEU0A07vDLeT_v+*u3nYAQy@0r);)FHYT+RY(anQ$*72 z=J@daup)OGRCJ1B;uP$G`?fsU&3iR1ze!8%G61h88=B-NTF4J-tpJK~KQp|tD3s|S zPbAwkl94|(85h#Mh(Zd|-OqI#OIVg~tKhT^q^LYhx7ckub&Q^9&2l9%FSNj@J!(6u zmVIYw;?~l*QmL<+g}ri0Fr-^56nryZhJ5+*TMQfsJe!Cb`86aSLs5urYENUj6ycMW zY`2WZNgJ?Ecu-dOI4v3p3#g%q@*DW2VvfQsQ)b3OdTQj+ijig&ow;BPq*R%X{9YQYMhrT0%&tL;F9!`>x30L;@bQkL zxgBcfb|_5iHpXieY!z7zvBQ&?O&ElR)cCAC;f`@V(L`n|ThC6r6a^8o1GZe^CeF9!1Q4XwWw=OuX*b``Fm)F8 z(q?WSc49y+)tOt0juY_V-tvPxwJ#sx{Bcl=1y|-RW>=QiL34R(+s@?4q;=?2IuDzs z+my38q1RJDgJsr*DXD-r%`bpJbiIjRxW&spOyjf!71>r;wDV)cuQb3T}feY!r57=y#8zAN8m7t z(X=p*9wP-gsWZ)t@_ubBzcDWG^pK^l`q7l+b>I`w?L-kM`?0kFi@I_^JM;Duj6q|4 z5H+cQK>4$EXG_Tx+BoKX%x~yys#?ae;G(B-EoV#l6(Q6mU`$W@ER*S5Q5`mIja3^5 z@SN@c>Ed7Vh4hRi)Rp)G_hKkbf0X-#9cDbRR0`?a3{Uq$Uufc8v%b1_%_7lTF+2D}j*Of;dufDiTGQiGtmrEwOnDnFU>;3ID zh@zhPC3P)Gt24c#1n^xcjENe-fp>JyXgJ`ak&r)_`A_Jh8~teRpK_A+hq4NJFpeBG zCo|0Ujh;LM=_*%7#_;TZIFg0lk}RBI`G1>YOK4PPdiBr`6!;?U`%0L*(PEA7&{z*9 zi4sTj#49s^9u?!@nRQe!DQ_wQOAy{+0l#^&zqfvPqhP~&VH=MLtuR5@V-ibc*tI|c zNBw;$5&nhKSVFPr+12MA*XNF&7QYF1@{hpBVH8lngmhLOyx<0<$1iL)?dKL$dI>z6 zuhO_sj9J@iEk|YZH7iQ;zNwxvT$`1tIOy{7S}*4nDl=yN!8Y zP~+qDe4XtB4rx{;hT6+v@qwgjb`YrK6-~?*_PDx~BS`(hmlqVeOl-fZn-k&aPmm{;|(h75p`w-PUI<%YDC$>xFmx2&zd?Ea|hKRS^V zC&5F?B&J{vJ(2ZBb1hcrO|IL$nCr9cN_&7UhSV|FcQ=`KO`4ZD%XD?pmdAw$gX>Ru zb23Q-oz*+hsscUfBeKS61=8S@oVLzXZC|dl0pttEIpB@gJIutd)zN;KMpaewW*PZ3 zG+C519M!jp{oTWsrB~_ry=CIKMaFD2msBD_Oc^kA-KE2FAGo*~1U`A?G>|qj!M~LT z*-Bq|H7qezdx^&sk3ix;;V1Fr`Fgx0dx}0)8s5hC?grp3rd~?<(9wteQ{E*laQlp9 zb%1O2!8S5uuzqc)*p>k4y>_vojC}Z|vPjRknKSLEH^lRVp1UVoM6OlGX7=(ivq=ags2xsp*$$ygRJ5%eZ*?0F$uqFCJWmz*C66C4CGUe*}eV29M`#S8-+D$Ry z`#kHiN`Cul!4-nA%6o$x(ctGCjJzX)_Th434$SdWo?=zjDQkE-m}+NLaO_p`-#yX_ z75X!xB`vZ+!Rs#4>HMO#l6X7u8xVCCa|UOd=93zX%W>hLsZ0YrMb6v$TTh4OZsR=C%5_n2RANky zYdq3wyY=6@U2nbF{_XXh-7vrQzRh=ji)S6>uCn5LQQ>7h(@4(IkW19-pVz{tu(CZ7 zn49h&hD~5>S$1zuZ*5H~QU}1|2KvR?Fr1hOy$3G zt^^!YeFK2@*8qT_p^cgKtDMC5e@=0$}kJ9}Q;!+}y;{()RZS z%g_Rjv2~%z`F#@@%-X*^**~~&j}PR3Bewd7)Y#DUi*5L^_J%GqySY2C+dsQJ3V6?6 zl~aH2fA7Mu;QUVB)^nlH-oJTnUsBi-c*IZobM*!Nw02csZe@WI^*xZXg7MvT|nwY<2K-_*fi)wRo3&7^KKjH8ZTaKZ0I$A zckMsymp+aRu61DA7z~3<&EHcNhxhEQ^<}8EhkU`rdZtD&2Iimeo%w}R|IeHNw?DRs z%lyp3UumJa`OV2eR09Z>Ak&lvxA$x$ffxTWrXm0Q@jqCkzcz^PJ)*lme#gHmvA-?C z-#_oXKkDZ4;?U5Typuh^_jqWq`?s(LFbTll4r7|<>tFo?ue4IM+P`qvKUM|QcYKmR zeg_hq=U+DA{>k?`0vQ;YKSP!lbXHeDtjSC+j0}L7XPRHPOZ~3KRKoe$!DXm-^#%WI z$O3aSqfdH1Qe-Q&YVv?1`@y^E>Ab&io4-MZzcVeZxq;bb(1M3H z6S7l(=s*0vKOM^-bPPmlVCx}&GtmXXxyk!Gk01IWemh`s?ykPdU+=>|v~T{kKR7Og zb0C%gUCm~;cSM7;!As9Xs3uT=;m4q{8)18}Kq{bQ5+Alra@p*=k zpN-2-2dk%szvxqg67Z#r!a^08&uTrc7KUVq{(1+|` z$rA%}Aw9vabKEF{%G?#W&&$Zo@MX$5@Z9SKu!Sjt4mzx2;0{2L7P7zR7^2_zi$o^_ z7Y~d2FR(^;{CGBMtg!EJyfpPgO2?q!s@fgjo&oaXD&(@KS$I$XVKDO4F?Wc-LInQVZZc+@$7M~=yK2C2r4bvMw1q(({36i>vCE2Hu+nVFfY}vb8DJPr z?iV-b9^B5=G(HktFqbAq`ms+zlzi!lUTKc4Jk?@_IU|g*T7JTd{<+`aY&IlE;9KXh zR*7huyFAr-D+_bq1s42_pe`k}z%6ddE>^W3;(5INH=@(AB*=!%QQG+1YK%+IQK^Xx z^KVzJ3UICr0?mSO@c)RvWn?*o01*xL?9Cz4WuSZ!vw%!Zgeh4`7I{g}D+{~VJ6k5z z!W8HD!E}-{2dv_5S^tRnXUEbwqiH3&uI_*u1t=_%}5xO-t)2c4zbiUGqC*^h_KXAj=3 zEBTcy2~)n#Levd(|0pGa1a>nRUaMY1hKrj9ZFy+u2M!|2Q4G}4B}3lQYBTJ&*b?y5 zg?aB~o2X5Y(-)XJ@2fV^Ea{i+Kg1bx0veZA;py$RvP}W4IWuUa#9UZb0bG<=(NKGvMjcazhCh@IDyMm zzQ`>NE$Qvy&c8X=>mm82yrxIyP<%0Ed~K>XTVGA<0FTJB+5ebrm|>x0u6%VSW+5dD zvB$;1pHkHGGY=+p1XCjbci^X-!)rBeBZp9jCRb)Bbs|)Wvu}ems9Je%>an;;1;rXo zP;n|@g|_@aft78U9DnPYpom~{PQ+1o!nYv;JEi+)h!S+F$s=uJw0SMild^tXF#i!| z6~^&KYWC?`gBN;Cq~0|IGw{U}T~Ye*lc^^HbY(>rZ9z(60oz2**oG>#pf4Q;Jn%z7agBCF`z}wR1=d@+) zCyEZ;(RS!In6XpreR%O0E+MbLG=_5x;<^BZc4~crg76xG_S#x#@*u-WI);uF75BAnnJ%n~W`TPwlRx6yu`5$OHQ;z~KR&MxqJ-@C{r71^1L$$BFa#A{8p2 z^%PTsXMQNqVV4r=5?-tNxq3OU`<6`Tg$Q+9oFY!6n@sa7-u0Jy0-u@mZ#PBE+V!2#GTG zac5gqJ5PR^in5HyzVLn_yR{?_wJ3Hx2Z3h?z;kYHK-J_9b5gO{|dCvbZN zuTpF$@n7K+s|y<~#H@^uS!e8Rrngglf+X~@Dxi!0E2V34&4Sv0^JmTM)R-dL*^Z3= zZTPo5^OX1Lr>n63>6B8fvWKK-yifPQl&?-&hmEkz zn_?g43j_-_7K0R~4J3HCnBp5(DCN4xQYs_-ghZ}^Y2cg zg6@?dFtz_=o5{Bwl#ojKoU}nR&lyWBr=hJw%8{Y`tn*W(v3qW(pn``ZiEK_5O^C18 zbk1VV#mR1(@Im%FCc>0bQwhRzSQpshmatkxGM?tA>v%;vkzz-9ygrucS$XA-Fr#^N z7C3h7K4ynle)9$(3QuS7`@TQ$O({|{mW7cd?xysZx~2lxBhgx=)YY-eqT}(BDbyLa zaye@{%}jFv`XsSR&hOvYCDwmh~4rj$!u&K>RS|H4>!Znm4}P@!pv38Y0yjTE;*~23;A}fd*7EVF zjAEob1(p>`h>{n%{m#>DCph|%J$W^0K!=|XZ-tl((MXsGy|JcZhUKQ7_tG-_?IVB^u}8*2z^`z0UsXm$|DA;E6JNpc8xDgIl$ivB2odM<>ZI3wr-9NM9wv zsSD2brlXK0_sLe=w{CCJm)Yu4lew7X8l~FA(ste#`AbJ|_Oiigzmnw8$yz$|5}!8* zd4lcoWEc8AVJxMx5`$|$FY`uPixp>8-GkOm5$g%!D%uR9qF<|m!5RuI7MuziReka! zs22kXCL&zQimMT10RBKD$saum15^5@eAhDSlC5@2JhPeVi*uR8Rb!f%t(=+}l)t%q z{2x0U3DS)lDO9Ns3~leUQT-Ivi%-C15+~xd2=87%XMOXufbF{Agt`XP15A*xyG(;; zk}-%qSg?oA$o0}w2Y?bvUg(dNF!QGAK{nAm257igT82A62k3}zS-ZPv%pQFe*mXMw zK3015dyzyl(B|MCDUPKm1uJe%AZ+qWW;_KB3>*X~acWSa12{#gLn3suB&7kg5SDDwDM- zpDQqH>X+LH-6mSNz+0vH1-nxOL#sA+G{`hxhxsvF&b$va%{6uhdIyDgNk~~Ylrd>0 z2f@W+r%@0vmFi7*v763OO`raO3}HJe!4(^=9sRfkD+4tvwF!+uz)wUcswp)m`sZt=Tg)qb(v@Y^pa2Bm)?pazWtrkmiOT-$bCA%A1g%bo# z+){H2tH28SpH>ZzelAD*Yv{1mib+12s~yw|KR}5_I#U};h*aDTv5qu_^mfLBuyhSws^HxH^!`e12 zvy8k%zLgduAN1{>Ts%!@Ph)%{+F^h4g&es)w{nVXkLg-FiEwei%hDegZGN+s#I~{SsX45O687 z(|V||2^KK-50d^h3DUujw$GV!jPn>fxqC&5C&r5`*j7_~U(#o5<>t%$)uu=$_K0_D zxkqoxZi(fWmvBWWIVqWFNP?V7L?qorAvh^ucK%e-kz`Dpo>VxGR3bzb#M#F53#nRaiz??U>qN{6nQ8Oy%9g!N^;TRqPX<+%!eg~a%}A@B88|3 zA2_lkTX}~i{2`LkU{u7%^YJ24qm+2u-l;7w0HdftyNV80QjJ3%48Jy~w znVGCZWLdRGN2*hy<$aQa_4|kffhevDoP(|qphBD5EN1n@=}Gb_5;6S%tGgX<2ODra z{8C@Q0Yx4HL-mazpM5^xUx*P?O)lMu8YTDtuPD`|rFp;@V%}`*nabLY_dWTor1XeT z9x@UqPhy!n4e2#n|9E-YSUpKSk~ttYx+dp{1>&!{IT%%vaSzI-fAonF#tZ~6^>=;v z{gIPfVHaZS5}Mr_hJ>D~^d>2r2ZeO|zAi%jF0dek^Z1YAn^axH1w_GG!V*uSoSN@h z@NU!`JrHZ1qNJ^bUj^jvWBPPM1XBaiRQa)>ii*N8U>JY1$}hZcZbQjP@t{VK??Lg6 z?*0~^97Mi`oa&TPT%($y#v$+5t&U%MN>r9a@kD^M*7vsQC7S{qyAtnttg=2Mozd`~ zv3S#(_lVnxezJWDQHHIhEYp#(3ujWf_XK1?tndxzf>^0tYl{@{w#!ul%fw~R^ zPeW8e_8C^J*yAH>qWDa2i3Ig9F6kL9J7bSrnTGx0q7$`=MqiK99;@tcP&$37e?9c> zu53nJI3prk$JkKw)UsYJ={er?*dvMdz2f{PUki#qZJ?KOmzG%4!D2%2!&Dz5hJ17N zU>V%h&gU7CnP?_E#ZkO{TBE8b+n)QkeWJ2Ta4$9_=r~$jb!63(j-d?sH*g|9GmA%3 zC~uB^`6Yl%L3PIqeSX7-9mkVFeOm`Y?e$m*h5s&&VYro!Mljk@N$12I?Ne@uGIJO;a<}G-@4aLyZnMQjXYLG6Ap&{S zO|E)C$%^P*ca>&6wYN^9Z`TyhDCSxvjpDBbfpkD*SRX;6ry9qlDY+Zb3fG&L#1)1e zKjLY7E0-{?LSDUtX*bWO1mEo4$S#OeV@PHTOU$ZjqDwmmrV^m{>QK$&rO9usIEWhL zaf$Med$v124qjniOruz3gA?xX;9XXnz-p>IvXRv;sqH}vsmn2VFOaAiFI%r4@|L-Q z+7teU$TQxsaV<&x1>Keo2Ghm(ALyxlE%UR3Q*#`wf{V_XJwUyMnX=kWaz@IrX{@8D z@U;Y;Q0q&IsWfB;d!Wv(Bxd0OdSODd6;Pr5c@wLmY@m@fzg2gx;3=FM>hIZ zg;6KsRME3y3v%HCODwr%&Ou(q7U#{K3-$Sr%jBDtqQB-a3+Y?G;;JgMJ7(T2j z6V0fT1vj5D-^Q`v1{f(6NV2Ph^2mv?2$f!*kivGga8_5KoDF=JL^Xu397}Wrf0$x( z6l5MnpdcGEjZDAMoDj|X;w)w7q5e`{=!FK^{HMj#fJwAU=`7N0;ctPS2LV|SQWwsMm63oQ>s-y{ z?RSiNrqCEPt6ze&6c25q)Eo$1XEgyL> zW4RdpQb1c;vh3V0xc*W<08vFw38SfnUF^QpF0U-FsYaSAEQc03XwQ|yoRb7xPQReZ z1F??J8BEH<-?%Xv{JK?%#^_%Sz)Tsz{8#IqW~az-%)X6F(#Dm3P=xA6Ic}xeNqPM{ zO{S=-_YmrNYN)EK%88HQ9l%tO#^e+|kkJA{xT_(W71~Gs7y|+Guhb4{OL8Pz4F@u7 zvO#SBSKL8+bt1J?XBC4r^~eq^_bSa==V%r(6O>-M|D@6;+W32Q+9#Sd3QgYxZZrmw zNr-p?M=LWjK~UVV@79c`x?{q@nW!NB&VZN?ENx9x6UgbN00|+Ftq|2=4YHKBil9-H z+QJT%AzN6FF}c5<*RTg|!;_0aMl!T0!sN6#G@q2DLSk^tTobv%%9(MAB$o7Moied1 zhll}wJ*bZg6`n7Kxyf3oV^nMFx;ESBO(3#8M>&wW9cx2txjqk#)`I4J!`HkH?^lW^ zAC{)y3!^HIN8RRr;LSI{(8UCS=nE)T1dpB)>6mBRNcBhOfx@vpb|15X!VWGPEi)(cMj#J+GgeMo* z#9%{h(6M<287ioY?WM67lM6TtskrlLl-!F}wpLvV;Kq5m1-_v5NF zEO;84F2GF8ne<-AY=We}M{?GH+Oog71Sw+7LfxI@e^wZ@K0ctfh#2?vS|FNlfQTZPS`Oc! zlW_>;pXR?_YgA*{9&+>EnU5mnB1bu3`h1KtG`~ghgeW-ET<7`6qIckVX|C@wE6VYm zAs)9~W#Dl9EQ`E=wx-MXg9}W?*J|5sN^ed@7J239MWWWP-%f+1aHs z)n}9t7%|zG6p*21s(p^xY@4UQgmRa6x-LN)%mim4OfJ6>LMta-OriQ*8XC_qdOpK4 zouoo)f|!K!*X9rL?wAhB0#}#mFN`lnDED!ARXO033X0blUaYKDc5^tbF8s1QtmLpM zk>+?cIN5(?Jif86zu01}XTzV3++-$4KHJZ1Wa!G0=yOkFoQ)Ne;fec?PB+(1yze(T zO|q=961@~BFkYet1aV810SNr}ty3#-KvEM*7K8m1b@Gnr!ns|$(k9#)Z(nlBDH@5- zZ^DBKa$K_ZiCApCB$i~UyiIc2U1qOa3J$DtY3$-@a z3BOlAhOS7yEtSd7TM`C(VeS@)n1#zUdUG@lonQqYP#XN1+@SFkEeLBq8|$+|cx9o& zaeQ?^SVgu+nt04|Ps2KNF6aB|vwnoUqvf(smEf-~>FOT|*S9hwN)AeWU^thxl>tN1@QQI;Hr zy^F@q5X@;Qq zcR7kg*J89F7xC`??in4~bjlqzq(n{A!n&IBk`DEBS7bz7^U zYz!TD&T*txUgFwnDqm43N8ebuWy z9W4>^+I)FuA>!=bfYHt^722@h13KYDCL;D+2i*=m^R0n&QI=Bny>WCBvY&KqpGA0$ zml3H-+r=AxY4b(trtvkN^sFbRTFGy-`#k)}`_Hgs*O&v)E z?0m}V%y}$&6dPywN@vbISpGZLPq@AY7$n$dVGncdUO5%iqtaq^#H0iVQ2951by7bwKf(>CX%qO`HhA_lOAjT=Z|rD#|i7qW=L zI;h2Cf2z4?ng))67JxBUmo^ngCbB0=zR+i#uOl` z@?Y5*{4&*D^w^el+cTdbycmIl#mScM!#{+`r@S>>7_mQ8Y~S)E5mzKIzK0T-mXna? zx!`7(sOpA!{KGZjE_0h3j;lQUm{4G}@zBjX1*+ExM$FNLk5VBJhUCFA{Eya!Hx+<( zz!+_Ir$-d1x^IkjXXQ0_p*@dk@3tKH2ux!#30EwbWgoOwq%A7x6ldLQKsi>Zl6iMy?@;k7&&`&YWXMPB)uT+@;6%E!3@=gR$;8` zg(Bk1zC5o>%%&A++vzpcs$aRVWamHAa8Xjrn%m}3EwqT>XXnnSl%r%i%{`|ki~*H} zhFk-en~3v?a7(Y=uMM346)B9>q~%a;J4PqyZt!1@^lP8_GaK(;$WN;}JsjTkYgnEhkg7dS$Y$s_fM(vcein+ce zLY7F@oOz9+Ahd_`5a_YUhw6^JYGO8hC5O&94pZ#fjmL=wf|-rOxUATa_159z>7JW9 z`?XH`5%7|fz60@Yn%mS!(2~=usXQc$g`I2LYgb7_DhR|`<_ff;aA1@!7jQW6!|F%4 zo#5LULRK4O$I-53r#ZL=9}4~m0fGzsPAY1*oqxSvXEp}cim390tbFC_s{HMw{v3Kb zfBeKsoiNczK9US?iWb2D%`AjX&`J7GEqtl41|ZolPr7SR34E+U6rjTDs4^0`pgFL~ zg+0bz36|vN%Z$CMU>T+3MNd@vqVuwD9i(dOVuul#AEhEj6Z9SYkg#Mdw0o|`K>qQHRed&-|`GzID}}g zHjpr&S+%U7-j;J;M$atfEZ9Ed?ZXqF!u)WqNLR%M|G>zRS3Af?%`=?UP)azJZkE4ORiFupGGU{fTC4Uu)>5y?%pU1pRzhyu6TMif$fGhCFp1ZdsWL&y9x!a+$ zH-!+IN*@995)OL-EV?L*)&E8S(VuU0g3-WI?;H=sFB@y#JfU2aLC-k-s}+#1>SC&> zfXN2Gk^~#E&LF1JCP8zcLa3V}z_s~2FH%aKmfZ*(*a7B7h1e)UZ6r1k&aCiHm(QSu)7@Ff^ z*!Rj|Gka(WiCKw0Q71TnWGW!H7|ApdRHl=``b>+Y9K^wGP=d}yp6CO`zjJtlEIewq zvn}-Bq9PA|_Gj++j%<)Mh}Bs|if)=u(=|4nNx?t9WMnWmfoC<879buD(yUx}j&6G8 zZh4R2DNnFbr8^m|io(O*XWjp)!7l3%1uw``Oc^@qX#(4xa<2IThRYBUJi~D$=w)G; zP3oAdk3`e>hd@E(`TA*sTctCCuk?Aa^PAo|cu{W%UW4qUY!-Br63Myiz54xIL~_e; zP;)03zIxkSERtZ0hJ|;idaw z(%d|qI(xC-FW&|qA_2Mo0-N)wOvG#zz+29srpr+M{QXH_52UTFo8_N}(Pc15Bq%K4 z?W2|tAzC-F!m-RavCTz$q=(CGNq7|+%b&NX*xMMs+EIM8-Rr-YF=6j@tmMao{=>%N)h^XZa=6t+jrHoHq zSr?h{obUGajoL>j$0(*y{~1bqY01+Hzh)Zd0wZOIvI2pS)M1rVsdF6M(%#&)2J4~p zaL~Y}u^asXLK3Q_X$yDxfaVy_<<2xD>ijzaTialAsCE6u2i->cod|h)jPf!Vo4PZa z^xk4{8A2Z2K<;Yya2G=F&;nMpY&r&6y>f{hZ#-KfPv^&AjT{noURPcCMd@agh4UdN zAyeEb{Fw#_{?h{KsS%`l&PntKb5t{*pvtaJUWB(2d(PYW@2I3tzXpDSqqLaGFoFo6 zvxOh!y4XZ9>z{?#tH%L7k`H&AN$rB4ToWwr=7_qipIr>>OY zo1ObF_-uS-a&b5=(VTyKoWZ-472%%cXSGoBl>d-#D4X#Lyx6f4#qapYI()q*jd6mG zQG4_*iuZ4EhAmikunzWyN#uEzu<4lhFIiBf+&OuImaLVF?i#7-v40e#YVLV zMhC6%C4nCeURkwOTjHJ~2{PEplSduJ3lUM!-Ms7Ek{wMu>Tusla(!cCK{^<|l`0VW z=dn<3igJwrdV3gncEU~UBgz$s#82KJwj9_ih{kX+%rz)6C7|ZH11%3oY!tDGBmfGL zIA#jc0Owku6=q}-wHgxI=I**weXiIJBNyG!?8VF^%d{9pYAtnfUg7qcXm=ttl9Len zaOOUWM!@+;(APAc;#VX!Hu1n=&EkB#k^y za$fQ7NM+Ge~tEdEGTkShT zhazrN6f{7}W}Fnhs^l%1C4mF{dOCmV(LomE>?Y|I3M{4%KMY6p$99uAcP0KHf#H@( zT~nW}8a}5e4Q|+-Mxk1ACycDvbiKiYE|C-LgE~EcSvQYBFP(;nlflvPg9-aKx2p=B z_J6h>G>ODCxDugPm1~6si->gQw1=t|(}jObeH$)=np$w2yDTGTswGWi23=tFJFmpG zFPnzUO|#6@X&S-IJfK@E`L63nv&V499iV}gO;V!qDjVd7bHL@ZGJa7pOXri~1Q53S zdJ4sLPP89q6=2X*4;A5QP|mlt0(y1#y!(}Vh-*x5EaSRNUO!ji*~V5R{}9e@v%$W< z054)iKGtCCPEHaE+IQS~3x(U3O6oWC;8CD;gmS2HK1a*n<)#}@WD($}335n`(<|aj zdxCJJPq12qU{7KUFfvW8uC-4NDi4v0=NRPlke-C5$Ss9y3n4tc4n`vA=M~ope>9uP zd49W7{)L$0WbFfvBVM(la8~3_1~tr`qQnb!j_x zPgWz}yto2E#tyR;gNJACY>>Wo;KLLgQA}9XmG<~W&?KwH1v8NzZ!}m-yA^*1c3xC# z>P`ZIWFpHID>pQ9mciVL6ti}ckoWA;pC=H(2;Uk98BM>g=0Y6u_lA)rGTnYpg`3qn zs}+3R@`u;Fh4tKfk~%6rSFpk~*iKT`38WJnW=lWC?J!tAYiSVz!jfH|EoUuwgrgH- z`|-ER8AQCw+X3g^ZCt4N#_ft>E2t_7#T0i9s3F%tGVlC${-@1Zn_TF2-T1~ntMV1hnqMEa?+Jw=1K3z2Rq zwb;z_2C&JA0}7EY-Jw~pYoRsA9{9MWyw8tRI#Y?InasKi(j>I`(%^7iKE?7f^A6O9 zDEejhdSFyjx@{{U?&#I>AMqs(zx^r?4owt~YURkK=+EZCMS8UuhoN{eLpJz6*?@;# z7jGT6`0mer_pd0t1thB!(rZT~zm@590j#esb-DB)b8JwYSDy{~uurE8&R915VOD4S z5Wh9KL6wFi7&lmKp>Eazd)=6g$8swI?FqRTqUoJa5^0seSkLbFtg2t1^1r zk710aD&CVvwyupV`aW@zDi^k3Z5=5t{BSQz$gL|z`U(^wlmK7X{3usET)!Wv`{WB7 zN=h8fsg{fgdVK~S$l~<{5YbUwBwj_1y>J`VvfJe99Cz79sQ z{P#Gvi8&@^yRq3{`^mONA~#N3m72K0YWdt^-hp}AbQXjALno_O^{nJ=4FLL(BP0Jb~HSG7QY(zzq`2s58VG;(>VaMk%IIr zkgW8fvHTY)T@Y2X;IGEe18~^SBvhh68+{*F$nWB?Lr=V zeXj_Oxxf9+5>F|Dh-(V;lL;6?G)1eL{f!lwj9a+%am2Nk%P45Daf1G_J;V71X2Llt z1Kga}uL579vgxR3&&-V=bgu(Aj1x#_u2~xwNSQcRKIZw&kl)ah26`;K0Y77E>^vPX2nskV9tV6*UmjF_ zm@p>y84UB|gJRB~O{AM56Kw+oDPQie{~P|L`V3iu;A;^*e|byQ{4lqsr|%*>g&N6t zZSiH@U5~Np^S*^OQGmHzaqV)@8E75TsEwQ15sFXopsLI2Fc0H-_qMBbun^*~s=7z= z_%rHl=&o;)&7+h%rAX?Ztl%OsH!!-Z5ELuqdU7|>Sr7eWtZo|~7?UVUH1L zN9`Rye<8W=sh;Q$iTmX6{UPF@Z&mx*j$s2`29x=g`#1{caN{pQi=u4j%~SZgw^-#5 zC;pNfG0LOr!f}XwDE=m<2*X59FofQQGSr0Nfo!SvVLmb3QGNg-*LceE=JeI52JKPu z1?(pGGDTqg$wVJRhiI(&>_ z#M)+6QF(T@}f34Q^(w5nP410(A&N#FKOW7>V)LI#KAqy zfNe0<9NaHC`-D8bNP&z)a7bEsl$k=`9l`Q|G^OOCgNVs+7ud$lwh>$1FC(ErGc&}5 zpKR;!p1WTygCptDUJ&xiq9qUj5FBpbLJ(SEw~rRlUfP1^t4+e(-^E3-tD5<%hDf*gKa8D2upnL3WuI-^sAtXtx$UI~UxqVF~>qO`nrdNcz zsaP|0(R-T5v&?w!9UUR`c?)YdLQ(O>3rgiUV4_8w) zY2x7AY|ARlbiT(91VQB^ao~f`frz>^O$y1Ib`ow6(w#5{X_dkaADukQoduIcv@%_|nT$NctI|ZpX zgaR%XJ4xN2xD8T&Xe0Wf&_Sf~leue(NyrbU}ETpzz&P$#QoRMhVtuOeM~9f~bNxsupF> zaw}rPIR!F?$2|xZ6`&4%aT$YBnTB*Np5$r^Fc0W{Mj0&g$o5drhg6E!(Lx&&5ep;r z20GLCm4rh$mwsB0kR67LXbAOs^RZ)4OYisOfC2faq}#42C+`&WFa!h*!GChZPS!)* zGqUYB=v{skGry0}#`8Fw6vf#RXjOJw?)_6c-5X#x&jabskK0;*P<znYfxN&PT#plBX{M z9;AP+%!P!cdJDClvyJJDFv84(+rwyj%TV$y0~hePm=Y7-l_d{|HglhYqY8iQXY0e_ ze2y}tH*&GGcHCU$-5K+DQrP&Ngy=D5CuG-W>dkodH&*2dGf8nDJ@p#PY?S@c7X*MZ z23u@n37m0OV;>m1t6G(DpS^INIPU&I|7j+DR-}I!pS;F4nA`MIS2Ar61(fLSR7T8p7Da}07BDAW9xJt=BgJG@#ecR~lV8UrXVY5k^0m3?b0@~tAE0tvbJ(qZuiV4Y@XNPLu^}^KKG9p0&G6<7ogfi=fa$A)v zW`Xw-dEBSM(j%mOJPILv3t>cwO15$z!?^xp)QdFQi5`W~jxt>m0fdR@vI5ITGD0~R z^%4eoTK{rX8Tz^YO!=U>1;PwFCR>_tBYhBVY>2C-n%pu78B%mu>-J%^Kn%GKSE3OW+OH0UOUQ>m zTZzdQ4{RBy{Mz+Dk5lcx5(&%gg^c=`L^*<1eQL`g*_^SM1e>LrTH-C>nub&4e3jP5 z^b0m>f=c}d&fILdZDAhMopxI$Nfn}Ez?Rfotp(WL{L9Qy7bl&{T{({LFTr0tPtE`Y zE7%@;HW1S4?7mx)`5Jlo%S10c-4r({2c)IULk<>vNPU6qo`?h)=tBxEHphj;J%9Ss z-==npkb4Bfv-@qy9VE=u0egDXwt;755j} z-Y_X*z{uM{ldha4)JXmD>!K6r`}QUYZSjx7p4vXmV`4>-pR zFYW&}V|*4EZe(~c(XMN?CSo%})uiYm_+DsWCKwJ67<`d}FvuJmmCMo6&Byt58C-tO zKN13T0pB=RV?k}I!ci_COmc%tjD^8;YuLg19U)06G$}3ag9^QezCG!t11rbjdc#i5 zxb=x+*nLGaa{%oek$W%!;aVOrM{DH%zkt>8h`BB`y4e6|O-`zvS$*5k6_4yjt03M@ znf#`tj<#bAI&hO~u?cn}=P{$wZgkg>L7cs zUHuze;=O3}eBfS?`}A^(O}_GFX7p0JozfQRf0(;vfTr~99<>Kj2_%#Qli_AKj$>u5 zeo)jOBadq_?-vXB>CE^h%Lmv;%*D+Fkum(0i{UB5N7rQuJaVviiVkeDsbh$L9wZHT;M!TjlHEJc)ff(zJ>b~ zPu5AiDza+@vv*xpqMFgCInWQBxwL?$_x)t1y~S)A^k#Sw&mGTo8vIR0m(Wir=Pg9PPy+6=vYCz3ZCzAHfR@1#rn$~Ezs0>nR@qQ~q<<+buy45xx#DwM2 zAw;}IA@mUCj2Tn&-Ki+DF z@odVg*4_=vw1%Y?Sq-q7{E)M|2=>gc1~C8e(Hk}a!v~{^H)A?;<;^UtIcH~fP@vU! z&HjSKrY{0@>$=lY7_O7+G0bzjR%gmZH&u37%QFjN$bchvvkOulaZ1r%q!!_I6}dR> zP5)cUL=70iv!2~|VGg$KArOCd8{1TdaQtlP>k85I5$vX+3T8DC9XyqlK;DxKxs3A& zgB-3091P0wB8kj=@C-^4+d#}O^Jhs_7A%virHx0l5k2PEJg~RJF#Ia-fK{94vD_ge zXVf4cFRYZ@Y3A@#=Q9OaUvtCnF@6qjnumlfOJP1t5G9woLKIWSp-UgIl!Op(K($te z820bj!GJWXnyX|&#kfG`qVrY6*Gf)hMlMsS%UT21p$y!E@ybQ2y*%_y8hQ7vQt^R$ z))2e@%#JBL3d{?sTyK?PEkCW1*`=OZkA%B2#WmB#hVjuMQ0iurbxmPwIumuTdl#9vRKcC3R{^>yR7YG&ei3=2R>a`uI;7=CQ+ zw3Kn}EJ&eC22eaN&LLOL`Ncu-HqI^eQvWlJ-nnf845ktiaHtmKwU$|hCIPLGUD%t0 zTOgJBaK5`45!HkJcc6Y8;})(`zYX#S!H<~CPDzc!O175hse zQne3O!$V3k)5W)J@7_Fx(?wrRq{=>!_}juORTvl)dHA1lQPa`NJKb6wF%fP-pWc2c z)2ka;uzcC0b<}l*ZXjghwp^hYlR9W3A>x&I7Y6o~J?7C^#0*SI!OcZW{Yy5-eEzyF zW;=!RTy04#tb`_NM21-v7cy1W+(MO?Mz6YC$9^o)gZo z*lZiUksdwWs{!8*e-6cG92Ic>wG*2d&BLsCmxyq0#9C>UtE}mD=IKh@N`Czk7rbd( zj~t!`K@&OdoI3Tw!_cXz_(~H>%146Ae%!BfHmVX_2Cf$FE+(-Ri%@CeuO!5~0ut6N z9n)ej8NAOfr=jlLd4gWWt=TyEW?m3-_8l<20LjH6+}3Z6d!gE;=jg?gIaVJ$fMzZA2;^myJnjQNe$uAlmv* z2jVi?@>^+D^hWU0&BjNyNV!Nvs!I7 z@btQi+$fMhvrVbuTR^U#`#oUeMQYtB6tKo-l$cq|AUHzZOt0wyb60y1R(&Jw0xllC z&0HP*rxbCXe@f`pT(LXbtzxh$)A?$ZOvdzUF2=-y*D&di@baAdVhZ;&CAqdM-BSyj3O4+iEe6`3YXP`jV@(Pa3K}anSOq2JXb))E2a_~8u_?o1>_$Z z)d`X^o$uwp+K_>^;2kd+EC~|4c-#t)J4a-6y46=wLZIxthmW=ri%}#fBqZJuE~7xD zWSA50+y;AfjC;h(r}dj^9;?O3U=F=F@K_3E8lr}*I~F{4Wuhl8EDoNHx`a=EJ^{HH z8eAwEHam%7EP(mIH}qU_5U(G&Y%Nwmi>+6m=)F_7shs3F!wDkN5=nIg$Cihs_G~HP zU_Yvi`y&ky3A0~m|?EYqZ(nECh2&Ss-s^XnVt)pU1=fwqf`mnNhYqq3KL~n>ZZj$MQ`N)ext@wKAFsK?rWJS|u9&dH#$FI069(PKq!j=hkeUY-7gQe8Sa4BAQJ+_?y?>RBe07{a$eAJG8D7vj ztUhX|gYq8=?yS2Pc$+Csnqk*U09h1?i$w@-fJfqMQxK=?K<@asB)5>ZM7w)x4Hl`V zWZ*_ZqK649elV1042eK-&E76@?k8Jq8{UF299dUONoK5MGcyBuHXi&&OnYMuD;IK6~p01nU=UTQ! zvs%0a@|8rp1VZT8{%GUvT*d4Jz(g{*0$TXis#zE0c7I3+Jl?cmujB7cTP}weC%9sg zB65XE7tE{M9B(9Si>t95^2UFkToJa!@#CMF^WzM?veYM2|H#0 z4YNAer*9T#u5*m9Nl^GOq(hwor3QZ+WAIOkw)HQuahjN7r3qmHy5r10Hko~S6m0j< zM)kl(ehq!Dgz7%xqHyPVl|i`5y~jZM_$attbRwmC5Nis|_PSod<^Zvy-;*%>THYVO zQT!_duQL!Yia4x1*+U_sy-c&gyEqnA%fdrq@p{Sht9Yv8>bG1VN3Syr)-yFiog%VT zY<9-kZwcdtMKzvCUzyj#f@$HW^;mmO>_^E#sru4U=%H)GVM2*kw*M~Q4qm+$VtlUZ zbOkh{2!0oA+(DE>o=2ujU`9<$LQpS(#)vZ*R?WFAHDk{7b_gvE^q4P)+h!XizUuD< z>XsV3!0|4RX-}P&?|?|<#RA+R=1TsUV$PAhSLsT<1a%(w}B{jecj;(~QCVF4cK$5@oSspD2ZDs$i&_gubPgdws-0Pcd z0Q1&4Gl(0_O}G&(nXHCW?U7$txuROOWnBh<0Hu_i;oivKSi5g zBNbD`g7rP_JVfe_#%7W+$<+mQLv}s%^OLyTN0l`CcxYk`C7l|cyJ{du+JvOA4*K~Q zfmIfkS%5R{<=cP|E}hX(Sw!A=wItB)n&~JE$CRvN828KIw3Fu!jwYNj#-oo_RSJ8xu3Q z?DTgQZR5_!>=~Ku!zW3~5}mC)hj%@2V;4BDf^s8HYgmX@F)g4)Zj@p%2FDAAO-DLc zA^n7k7U*gh?X^u!ELz8@my&M1A#kzI@gY-~(y{{`@3XJKRb-~29u|2M#^TFqE3>AIyP z-lhn%qq7tHoRAa@L(eQNUkIzH_%A=dAVU02l4u7uh&)!f06+Vg>&wpR$IOrO%nyTO z_iV>%hw9d)w@;Up6X%DPLyOIdo-vy$20A`lEjvH-fx$JX_sL1ccrkd(>q3i52ml@+ zp%fVzs4P7Mn7yMiNPph}0C61+KcW@z-YNK9czC!zBOuDw);Bld3miQFmE3GtbYS44 zZptn#fMu^QL2SHSST~j5`+Yz5)z!%jkV`O+!dEWvbH5(I6d+7pAbTJn)CMP+g$5;n z3Mvf&Kj;-oWBL{E}M`@n%b)*J*^j6H_Rn1Tmg=K&o4y508tI5CVplh-rzOOwOr&SJhb;%Q{Z zU)fV#Z=fHsR{~d8(_X%L8{e)Ubzl%MP_9jT!-spmlO}(jla|mngNH92G!|7ZHURuv zT^CKdS6{syy;(kBgYRx8t5^{~t8K09Z-5p(E-5@3wlzaZfXiQL2ewAYVPESpqqJyROlp=x@Hk z{#pbxKEGslw=tr7y%FEGJ-ve#^mB)DM_SkT!TSe?rzhW&F#eQ6Ui~ec2x-y4eQ-x# z?2UXbd6hJ4iqqGn zqrIK_zit=YHb7H-v$!yCx6GomTUNjBZ_~tdw0K&o`fCXM&0>5O3 z_*gx@*}49DIS9Ibm~?D(bohJs{{UXT*;Buwg+~^LCZC>;Px=I^o1?~`rTc7FhsWpd zW%s$SzxC(7S-(|07+26O{aP8Wjqzc2Qxnr6%iJ^=7>dl7*C#@FVNP_FOn)e#%3Ur! z;!ztZRLq@U2@^Vfw7z>^VTPcm&4#RaSSGoF9hm)nD z9s3%7*m!oi2s?Z{MdU*DcLBbeRCe0#U9JfZ&NaaWw3IC}FI!DQyQQ6TPBTab>!*poht z(De~7cLJuV9tsm7Y{UXJUB_O4l0e=>I@%`eakn7YeM($Ag7L7Q7K9sG&?bg2C(hzr z#PNy#8aMIoBd;SyvEr#A4q}?|E*N`e6+*vRCE2TL_otGPpwj!jNpN%M?uTn z*L4%M8rzC=OoQk%udL|E#l1RlC||-Too=GtgW!D~xdN4M(lq$Ht|V**FLh5w=0L99 zDhg}C^Ayi`uHoRLxEL^6!s@H2(_dq>;b_~-1Wor1fCZ*&m)Au&${14v5OjmT^3Jx7 zX`+=YZK!fqQ{tkeJ6T#{I{2N?st|n)`)!yTQ+!YYT0Xm!&rq|4vX+Z2PT@f)^?Os5bXGwFB4ydrDo_l>>rGcE#BGTmG9l{TGOFLcf zRKM){G$>}AFu$PZ_go{*`E(iMp;=8USWESK++Jl*vgw=r5|Ck`fjWD=z6GbV+3$Q| zu!SwXkI*}ot3H2-a9-Ww@X(ugXDnJ5Et`D*5p$c3dKv)*)%Sy!!r;8V!_DVVHNppVuvXbQ`&fl|y`N~|>PaWz>8|p{Ork?(ev+sY?B8jzH~F_D znfE4W)iWB(+&|VZ1KGZv{`B&ChlDr;Su2R#Rem(%ho?Jf^;Rh2r9*L5iTz>i2wc-% zC`=y{E#XN+MUSJ+a~lb(;X>V=pvkMv`+{^vOO$*TUsh%&@=R365$R`NGl`RN zP+WIb7bld*r@|6nnj59hp#$PNNypHOP9V9_4c;g2#$Jco$k8#JF8jh&^3>3djS*B`jua^xAUw^TQ zIz@p6zP*Sj_dan~PMlbvl^D(-v3$)?)_2U*7K_41Y-IVWm$e7X@9taoC@mNi;0ZpY zW#b76!rrFI;`zPorR?t;j3Fzfc4!BSjDo;-@7KND=~SY_%X3HG{OBo|6$D@W|L#0^ zYc&3&xy7LIL&9>*f5w^lsY5U5$=uwhD>X|#SXoE>Id4=d>kEYX^N0i8zlDp))O=g8iQhzPBd=%b@!e8&!7kCNpU-3VAb3<&%6(cBxin4`(tVz+ z<L!=T2L#GGhVTf+X}nvEEldOhZgjsmr6d)y(ymw-kMg7@UF zJ_FN#4EfycopM9&TEdV*y-(5)9sQsgx1PsSb+GgP_LJyW*sg@cNQ2cKuCN>;{S(-` zjyf|z*bBwrj80MBij>&&1A)IE9@->d;PaJo$GTFJoG5k1S3~PJP2<|DO;@j4!!Yu? zyXL|bYGX*nMk1aI+J=lB5oz_lVasNY9*cQbK!$Z3vDu!X3rKXf5YjmC-H1JV4;Ke*F9I#7+KCWs*& zv(kcadK@B+^BvWH$(2N07~hXw13K>0Wheto4!(4~{3595A9w38cq<@fTa9YUT2a-- zXkUecA66eoeZtoz#!b9B*Uo*(N{oV;wbf$~j}A_GJW5?Yi?V<<>o)XOheU-( zixn_>z2qyMM3jq~uB#n3@n%#6ugbp?%@z9B_OnyiK@(HpNEytqS>n7MB zYAO9ikfFPL2iMq3O~>)X-eBuqEw(u!?_jpMd&}nV-dcQKgbLgeQ}&z+mJQ-%3chUx zAC>A{y+JDWQS(MAvcy>Owy##yaZR68iDhu~K&uL*4HBQ26#_NyO1cu*Z_YkUB4h%L z7>7ZWi}w??UV7#;dXkNF7Hyy*6j79q`_2Nc6bTJIoa)pu5Alp1SLre-1}?+x056uDc3dy2UP11} z{HsFq6UYI5=uwIq$H3Ynn3d$507M7kCF4geH2k_-g2w2YEED=LueRZ zROG|QJPu8on=K=tR74p8r3@T{We!>glV%9XySAr?2+^n}0LRRzVfYYtScmNX(nVgg zDNnea)O3f}$>O>n?pX}@Z5iP#rYOBGBc zp^CJP3qi~FNQDr;62$5f!8#9Z^_5nf->`?ybx69nksYeoK-q>rTy5V8DDGTek*`8* zo!VEdN3yXDm%Gx>lcr}WD+GwMtAhy0S?&X!JWu;tpjv;y++g^%cY&NO3Umw%u!;bq zofl3hpX{*OKlkgS5>L6_7L(uF=L<<*_n(`WC$K_O<&_oV%UPaV?Kni5fx0@&wJ7PR z&HsrC3Jt;PPi>=O<$xW1Z(2kZ!PCvjkA~&vWhF1u-}=_xiU30ya9+B1n*$Y7uN z-{HtYC4M9e@X#+1|K4?De55m7whD zXc#P4iO-E~J5=|h{ZnE_mq??90Ld?w4>l{t>K>S=!MsPLLR33L0xG;V)3XSLYVZ+p zE=TQ5u~3en5G^Q{#D=JKJr)u@(5E1)_k#W-FiF_IZvWtL%UG1Y4y;IE9DlPKdGnTN z2|Y`bBOO^!rkO>QV0`z>{2gS%?4Z_?=K1DJ@axoPy5fSG-hnEf@TLOdv%=*{xJg%t zJ^Iw4gm*)<)KQ1vbunIl>o*Gv0kb^A`{jBjbkTp>kXX!(DNgU{!&Cl3Xy{1dRUpdZX3|5* z$!k=}5V0b&l>^M@am@~>N9s5KA}1WIzkp5DhpcJl=?Fygd;j>xF*32=4IB5{{}~Q+ z8{Yn7hjk6z)?ede%ou1c(9WEd4a@RlJeJ-?e5Hl#oh=wCB}ZP`T}*rIEfzOALrQL3 zgy(R5UV--H=_u~E4;3Nbsf~N$tGU1PU;;9$Ghnz`2E^$C{fkjWe>Q9n(*u7z*541H zJO>B4>5{h=3ahmZ9q|m$T9vww%>eSjt3e_@71*p@l^SiA1x$f4qd{@)sn>oE0istp zuS!Jx2`kPYnqm;08K=3E*Nu{fs7{W4%u%N%p)7KALKVUr!-DiSMt*?sW~cj6?m`Py z>LjKH)YF*!tXBLXOG0k$7T2hvc(Ayaqa-9jo1ZIppca_C9d&I>9loe=;#gBOe2$_w zM>@LfDU+A5JG(e#^{*zxYrW%+0jF-*Y{Pa+#|>2?yXDfK=Us#LSk)dI>brINJR1+X~_Q3k%u3Kn}qDJ=VS`XAuWGy@Dmty}t8 zLS4h^lM-~TVn~g$FOHH2`0a6dsOEh=7ga{#EX13cSHze?b^w)W`fD+2P`suD+T=Xc z#EiBQ>17bI@f}bzO#qL44fN=9mEsR<%!N?poz7(2o3^N+*u9rZ!j0t z+DvlKqQ02*(bP7uKb@tzwW8b~UJdQgTq#zGu&LW;zlrO0Xrf`8e*j@YFwI4@oQ111y&$lhbo#{860 z#GPO-o93RMv<#%ATA}F%?&0APU&)RRie)0r%X}7#C0?OjjRC6i>J-LtpDVj{GUlq> zNU`?yHtBjIaW<#k_vVmr#=hR3(pzhqpI04&(}%TsB%WOV8{#n<=sGD_Ktq<%$qk3Is%|%Y>Ak4PE6%2h>@(4lns5W)I9=w^pVM#q&k9 z#5lFQKzh&jDBD$Tb;^z}C{C7q=I5Wpz^4~$)|WAZH1G%^?r_i*uCX`=#C6pnhF`FD zTa$#^hezehodn&FRFRc%)HW5VYu&%q^vic>lkm^hcpsE--U(UXT2k~Xc(WXAy-Mu` zdfb=KcT$Akg|CfXGhOd0UiLFa?=Q&1)L|!yVVaPt$Lo7RrMS|%VTPm-YmkfB$eR7? zcDCkHAnR9vEp6<2aT>oo6@_mVFsK$uex;;r9WI!UliMh@H;h>dg(k#hJp+q9LycDm z!tA%Km@T7R%9CD1Qp*7HLihf0rzin(J*kthO;sX*PGGgTg0uVZ;Bb{odWKVybXx6X zy;Cg>^2MJR@IM|>IfMMW|7fepK6@NbLG@Xl&*C3459A^i**tJxj#ivW{upDi3;%*Z~+MdauQi||%4t`RFL6~C-gz#r znFE4z6H=3yps}_!Xx|zG>C3*4>>?m%`~5rI);PW|;1DXJi}HeE+mo zzV7JWUg|D{vzcugisU(%Vn~ponc2x5ghVgOa6m?-O~jf&Xh3m1oh+q0onEWxmYt4g zxv-k7pI4vgI5EL_5Jua!6E!IvUS*z`YB$`)ViP||q1&w$K6@Tk=_R$FM$U*t*vsti z*J4OBjb?MNj3B64pq!8WNk}F;T>f zFf@)zURE=IPP;wUl94}XvBA3;xw4Zg$jyUhJK9Jcn^Br>)4&e_;Hc^t8YFb%J?VynMG?*) zAj%Utf+E$g<`B+GD48yekyK^=lua0y?mZH5u2bWh5^wE-<`s;mdH)C>?hFqfdd6dW z)l>4af@z%7xb3Tg9_9jOA?xwetwC_t;%J~3)Pn0Zhco!-N6|Sa^qVXtVE0+?6z%J% za^Pb97e3QHvN$L0Od6d`?7-9jvFg5A1CU>+qO6#xU9Kj{(qVSj_vwrfZ z^Q!f3z?h?utj0LEqwm41LM~coISw#pL(rWs_c5$7_P|kOmrEkXF;Vj z+tmNGA?fm1Z_!Axb`FKO%^6u#{|b)j$VAc5I406 zAjlF3w>$(`#=uKu(L~zK%j;w^g3}?@^Nmg$IHo9ykNb=~_&x_RxdeA{4VMhspzd|= zm^-Dx(!#eg(JEh>(CYA#peCE-VJ|s{a4@vciY{~#D)b{)pNHUJd*~HB9f&i{!F-gU zpkT8*$tM4l&(SR&HSAp)RUsJ|KC8#}ktg`9B=Lx<4nOyVQO3>up@WD8_Vg|umDKyJ zJtL@jDO(>SBFVmV1cUb!3|ed>t*nR|5Uk@HTyNQ(W?IK6Ix0o0@3P?6=++DXI-#}0 z-!yga&Hz={aphf>fFMp%xQ;=@@>UP{B6xPv<>v6K$3S@uevU5Sk2BG8Gsl)2t(tF^BgR- z%x%thkfgp)B*c0IAqk6s!fxf*4X~ zm@q61##+@o=L=cBHV{z0z%>*Mmkm}`T6*J=L~uhO$F5IXhw`-D_O7^O^L0#BbRR)B zlE(3tS| z%Q|`!Y3>UOdGfnt#GegUqdW`>ix4NbIQz7=hE(^dxjBE~yujr4qLOXU{(8~I4AA5yP=!g?lfg)w|i=re7j!zu&z8`?k zqffmjBvp${S=VafZ9Hla9Pp{--%7F^)L(o$tHKiR{k`vB?9W?{G^iB%9>3#TV z5b&xOm)b`dZCG{k+L7rpwlE?qE9$kVf8VX7mF0f!r^cT|JnjA|79uNG#(lv`<?n(e%k2-DvouJrEA#$kNS&z&q%0|MFVE8fh z=%;|HKPDzg7nqa}6;O8Tj^U+IV~HqPDb7(*VAsr9Js+K#=0pzzIU+K*3e3mR%BhZc3)JnUR^cY%yYsg#1<1_@ zy=Bi8b8?ysI**=}2D_pt`a-TM-;~7fsJCP%$XM)w!~pVZzwc#+I=!M0vb@#(#SSM> zxN5)YOcK3Un`)F0j~5stXQe@3xWQ>{h;*Xxz~RItzd%C<3LF2K`QZ4^%m+RD|4DiL zv$ioXaQtWJgMpErk@^4A+E(qPtdzZ-KqF)4io|+z1LErHy4g3P9oX4v3H0v)@_$~v z?xp_nZF_rUZOU$+?qeTnDmR-lcAJAkdPM__RPy8~eHEBgJJ1L+$8(mOdh2_Xj$TU+;J5169K z0#ve?z*=f*a{4E2Lj|ILd6S(Tl_rmCr|~;D97Q#=HnjzAa{lpq)74c11Ol8vqBw?!T`*=@+ZrSwd8k2&imG-<@Dp3n+H4kmj{Li-~gP$jke0>^VqWj2UyQg z>rDF**&DPmd1WK?6zhzI$b{boPbowx@1umirD z;w6&4meTs6Jh$Bip9)=FhcLPXu>EN7V;KLKPD~> ze-yKEjHBT`)D0vuwlo3PGx-SJUK;-4^RD3^?Zp;;UY(NjjiYC5Zft%5NCTSQ!#uvu z;!^-B`*EdY`uY_9VH5wdMSS}oTbuNj@A6qM&%y7d=Z~tHJ-Vf(J8@<#;M-^bpqCW} zxgYgjE$-v*FxI+X70*xTnJ?@Tz)#@*F9^}G)zdr}q2?nzMH)uhk3I-Tc;J?QNd$o@ zGPGZM{Igi>PfO)`1`uwwKuaGy&94oyUru`Vx2{(O8UZrZW^cw!|9302ndL|A6yMQ% zCR<@rML|^s*mbYXVs9Y|pOUM}bKNh&3%>K%diu}mJ{^p{K9{Q>Iu8>$m0wPB_~T(c zLp@O2dRzBzsFyD=!|x-t>CqL01NfO2%Jk5e>-q2f_hZp39lb#dnM;Z9ba+H#eD(RL z*>~zbU2Aw`;bCZjZ|_TN!tdkPYaFou4L|bRF(_AJtw4%-`uWTs zi-_~TSl1Wjb%)pD0BidsjBZ5$<^{Rijt2Kh?6t0IvH43#M}0L#r-I+EK!Cvh*iGhEf`x3155OWjK-tR)@F}?jX5W)@L9Ec^4Zptd)JpLex`vZ17T>; z#9r1P80ifVzY-D~es`TZ6I>Z;#~HqrW#bS#lfTrqBRKKtho-&Tn4^gl%z2$_xAM*k zCu{3G*p6-HAU|Q^K0rYE9xh01HcN);Tg9rco3f5wZ$>cgpU_1qMKFY1ZhzvbxTOv( z(a<2|fv+_sLLY;Tu?N!(xbpZx4k>uC@O3juG1+IDOAsV`de1{NN>xnApRS|!SfaZK%#ply5|3+R^!`^ zZeZlwQ2mwA&9*ql@^!|o6C)dV67KF*hC2znO>8me^!op?Hjq`R#l&ETT*O_ zo+EaF$aTvnLa@+@utR<(KZ^0fekOyn%)&6!bPk=~SF_8zx$hdIF`!nMSECzx*%#4J z7N_rQ2Y8k-!WwQJK}Ldwsvs*)>QG_Xq^xq?MIbf96n1f)O2PIXMr*Mz5-NbnLxYud zxl)r#kFP5KUyR*DkRU;ufZ?`1?e1yYwr$(CZQHhO+qP}nHg^8QZtP(Xd&|04R8&?z z^?qi{x8ZlfRDq4damQue7?~Bq$!O)mrzdLOYHLlbgES1S-n^liU5sb!f)yts#222M7vty*)K^g!kX!|t1qGYhVu*TeAhXg zx=YCDiye5pM@VFFE}g@JZT)o_>R;TF34+IQ7f23@y7t# z(cV`aY2m`=?|Dn&T+x~eolh&Iv?m^;D?Hf(4QU63<({hLB(wMH>jBD)wM$5c0HQs_ zFs_m&=jfGgYZ4Pd_nv;zL|V~;Sk+_8KSEO#r_UkdnLn1L0_12MOdCZFQg2z1SHKSX z>rPa8)JBYwbK@*8)>N~!xQ36CP@=w43rR(iVlyG1O((az=Hn=dcSDOT8-rQCV>dbR z&>k}{XgWvs;7?(fh7YeCh=?pHr91rff9phQ>^ZJdI1dRZFtpGoVNPYpgDv0ZQe?fZ22ECi6qjUfmvo`T=v03=geAkG;dJwB zS7eTeSb!lroT?}fQ4ac`#oI$vz^5XS7ay)Kd4TXMemHHy{)w>Hy7GkKTIbN?ERDja zSMZc&H&Z?oWb>Yfcyt@_@zPDG187rdb>J3=8xZUP8PDbAi40bZ9Y!b-me??A}V4HiIEyrDx2ARQM2Ryo&2fYB8B0P|1*%N z;htv5#+PgUufcO)Hb9uz00xKae}Bn>7iF2E*Hz<`0nXh`SbtM7RIdp*jn+XZ8sA}0 z_Z{SQN|r=zE3~0Y!{_5FL~OT5G@(HiMdXzr!Y-dbuI#V<{Z^D5;RHX$ddK7Yataw? z`?>0dS_I5&dhJ0UwM*I;Oe|2u=lkFy)!SZla=)mNj4L%eF6LSrRLeTO{GH;y7Qa`_ zd)Ndb=J9MTY2vfV+DaS~jSDs16t{wg?}O!eeGa^tsZG>{_60a|4c$5{`tDQ#E*$rl z)M97#mgz1Enrvw}R^+C=R<7upOiFsLMiFsl?!0XsAhdqD`trJ9lyfbvc!BP+g}TLU zXhUgWEPbm4!v?i=X)-q6RO)P`h$2=o!GMAtNhHZ4lEyTboCB&sU@F2!{A^B>MNKej zrJX0uqWdf}Y#Z#x-CbRD*w)>R^>R3SFJ!+jqGm)B?YgXKvi9V~I~Q25N#WwYw=Ll` zF0`*vQd%(h-?J0!9u70g((t37l@q!uY8+E5BW9;*gQL9>j1WthDswVl>2M#XB_szS zb>)TFyUI+0o9b>jENTgZ^?mdG6kp7OxlxL2F2+JKW1xsifUUtRNOQtUQM-<0CA$M| zqybI@b&@@Zi7!y;6$rn&q?6i=Kf>)Auj|!GAyJSguBP?T-xCrw3wxVc)$ovj_v{ar zN+D>n&i41=P8_GrJV}lA4-3dC5&DDbK~ASq|I(-0&u|&?D!bNFj|ADu7tK-yA%#6e z&(S~JluKyO`emO(0KiEG2CX$fU^*Da&|6Q7)*dK*ibW6i1_lwq7f3 z9bD)*NAGk5BI>FcyeDjw2W_%9w)@swNa7gI)lOq^Q#Tr9Q;&d?b~^@rCFnP zDHm7EAm#eZa*TePLgX+Lo-A?MU2N7FTPNGg7opbpZ0t^=DhGsrv=EHG}b z=-7*Dy*vmH7D)`z62+x2wO^eZkKAyog0=bl4mXE$omo>vWSg;{U%$Xi3cw=na;}qX zyx=gkS6VpJ@eDx~O5r#j2+`%CRaPZ?1X`2NPotd1ejc?@yaKNbG9onE(0QutEOkU} z2OYbo9S0%{wiR$tVxUC6@VKv7Lb}O@(*@1EeV8PW8Z>kwwL)y&=W^vKkB8_o6M<$6 z6g?xi5}~Byhc*N)Zme5$#w)(p;P!;wYkjg0wQyl<5xaswpUXohMKh^0Ac7YoT3tnivY>vTYzd3v z<-I(=S7I!cKic@Zy%hXD{uD0C{}LY+xPG|*aHag^J1XlxkA@`*may=A^agt9M%9>$ znYK!-i2puO8b9Ytm>Ha_>;5QMNFxskteUkF6s<5ZR8dN2j(yD*Yor9pQOOd5Cp`;; zaO04LV>T+&7A|Bhh*_HB+F!In?&#J3p3ARfd@NfyAmu07_CKEk#yeVSH1}NJe&~PRi1$ z!>d$73Vne&<`aA~pz=R}ckP03Wn}6N^;1n-H@m?ShaO_h6@ACQYpEMh7DdGyG0#3t z2vGzn3AI_ImDs0}k%l?J8^#cF{RQERD~x+QPl*#asW%Y>+KZao-pw<__^}%~dggSR z{!?@2DRD2QWqnn_1)T(?8z$X8kfGjL=ui9;#r)CXh9=Lb?4tc-l?&2s%3Xz!O_`0k zKEB??c8+yYEL1?nf&#EkF}oiCsFITT#IB-(%wNg{d%s=9_$dnRkAZ%XmVMgBvqDC% z@7cs(Mo|DfJQ;Xf3Qh8~{5jc7gWk{9Amv^zoJ?Yd+at4jLdn)P$hI?0R#Rrj&r zjQm||s%K#c8kW^8kz`j;S#p|5in&Ic8&J0dinG~y=^0PyQjjW9T(+L~bPV1EGd(Zx zsKr9tcma{msDhu2qsljE`e`hfp>H|2p8eAb(I<4Cz74ChF}!P1!bzeLgdeM46r-)@ zR7cVz5gys*xA%7E>_?7)-!xqF+`bKS2N3NgKxBnjc{)STHq(&vZ8nzMs_||n*E*yi z8RHO)mhHIrsIsqJy)75vjQ8<9N}hmg8EL$5zo)3qriudLf^sJ@z>JSX%By2l@^0YQM< zyOh&XWcTCpb;WksFLFrfeoj3SfKIOU;R02##XEf7U|2BEqAX^e-qeS^H@CQwuo-0mw07!rH!uqu3POKnmrfo zDR+)(1eoWeV#qZm<(i?QD-MX3nmot)d%RuWzX=qr{;cVX`L>!93*XT6!{I)A>|#2I zmYeNf81KpTxf{}$i2a*iO(#;_(7Lw8f&4c~7K2ChdQUE#aY4UgUj89gCB*5dlaeJK zi3-_#0U08MDJIy-z}+Y?Lg*_ZAmD~PLk{Q26M4WP8oAl7`{)ciyj%O_!YtGbzyrB` z++{0sITi_{AedLcvz{W%;L3(d+~ocvmwo_=S)80mO-@AH6ad-QE5az;S(uT zibGA)Oy(M0myg^+?N-Ek!}L&pMw0?^HHV@J?AqD7db(91qoN3NF$~QwlKZTJeuZ=u zJBDnxcrEv}=^8-2nfID!;!1nc*6>YWHy%Z;!~*-2gob?L#eLzaE>-jCiomHa!_4=R zzBeOr>e=3F^eTjP;fAGq_w{gFN+6q*6>Y(kYjBqikO4i&TJI?jG*L;UWrRS2bibxHiuzl2k%|T;Sw3bRYJ+)y_d!6*wdR*WKxlvD#N3=B*LvTOKu*1=A zU_sP*^y|m-v~9Q;0|qGJmF4Gs#B8+hO!dv2E8vY_5D!GiEd?AW;}2~=?Zk1}*Cg5H z_nCx6ceUr{;uSC%5`;N;lW|1P+52{icTdEyNs$mM`kAcLT`{13FYQfT+svPXxQkxO zHiv3WX2T7;ZJM`l|Dd$7XdbR-5DN2t4?&8<95=XwYpsJ_B=1x~>Q1R!y*z2E2?S># zg$kz$A47h{T%{e}UCW4#uGpnNF8FF%@8MVj#ep0P?#9Ru?nmuVj#TkPvDFUnZRZC0 zM~W7QP+q~t)k*N#o5U`XH3X<_NmRH|&(01(pkyrch_t?lG(GGOF5TQ8fYc@Gz$D`9 z$=N=8`*quJ1M3a{Se6k19I-;oz45!Yh;+&AL)sbfnDwlfPiyZQzc}CswoFq^c$du$ zY2}tmy|(%2(kc?Ngy0m+!Ni=qi13PrgySkLWKj}vs@9c?M+k*ApI;JtyWtk%Ecv+V zu`MG4Sf^=gKB;7>O>!}BA+>Wds)l7o08IIu9?n^K;r{-xVeXo3ABW@e=yHpLz8p;pZ?%u*Za3mrKD8gkC%kwPDCtQ~mET z`(4}Mv6i9%))WhCweRnJ`Q$z6m|8G^MCV|w(3#b=-!1i=e^oOd)!j=fiL!wXy5qp?kcqdcCWlHt`LOCP(Giv!Q9gk@(Zc&h0c<6Yeee#bsgsDSW$)AQyspZ1Wfcx0&QpamZFXa8;WtH=SJ zQP;?Y6d4U*^+I{elqHZU`O&5IJ+vA1B8mXDbr%zzedWlGx{=Gm7?$#r0yXjFohqV} zQXB`29W_4bz;w;>{xjsPz6I=409p}jq2MEee7&<8B}seC_^xCLUh*!yeUZ^XLGQp* zB=YA$CTjvlI&Ff&8D{+E39t2v7^GIC*yN7ocp*tsqlk6v(qM%hY{xnTo4M!gQXry( zoe+HI;mv}x6oc*^&#|=RskwtOoUhKofjQwe8b=#^jDqTrEPCIzH{XpyOMA@H0k2ZK zY?AEL^`U`}@V5bei#ykz-A?e>t>_+rLf7F4wC!Y^Gq3sqeTAJZiZCaYR^ud67%u?J%p~ak;AX~>ykE%x?e zp}izUx00ueIO5b$K*1gYQ~|lzNcp7<-$7W-pOAZ*jK0wILW)H!+UbMHFI(NYOLyre z0UTZHzD^d)ft~pT^y<-1qA$ug=%2X(#tZ!`MFJ{wRH9eOCA0g2OfN9gmDnmvGvkGh zM(l`z=Sgy>DcniThE`j&Tw9J=l}F5N{pz6>vw8F`a;w@myWOE{RnG|54Y6>Bau8Pk zZIT-LMsb_4)EXMT)VX;GXX?uIdCCy_&4ZXBJMwr49+#zbu^cM7us~mzs34|Rbj}H> zz2YvzVr#&!tIPP~ig>I-hUsqEFY;=b{(U^;oGe3m7I3J+4D;r4Umjvh;XIgTpivo8 zuy7A^=m}Mcjq&_P1nWN;AGv0Pl1g^cN6freeL(Wl!##(ZDvh*8FR&t%+Njo-I)oD{ zVw%>Glrw=m@l!}j2}&)-y3k%V$(KJPY3KI(BSCm^M`IAOc%?qu(FDfuCdS~M0CN<4j{N;A*84I^0Ch9ju?5PQ)Ht2-*8?&cN|jkm9>$IvD+%cMv`mCb z4bUJ_DtC34K$9zs?M*QY6oj0Y zv)XqZUoPAPsoJc4y~0Y;qPBgQn;3;}ratX?i4CZ~oZcT6djh>_8 z$%+3TIy4wINm%F#8(ypjrBPq9LP(ggd1*bi?Gyh|)Z+PqB$gscfDL7s!nPf|PD~=K z^d;n;V2ke7LK85K&>?1P-)rc<$Hq7X!wgl9I-Ax9`IWcVl#e?3v%0co8Jt~f5W6m| z3)-CZp!{)&mo;^KkA!+12vpkKqC;)d6(ICsl zx%=cshRr3P2(LjohAC7o_4aRcd9yk&?bbxgl=Jh!q_-j8ErvEzv)VobLVyfXbsUhe z?o~q|Cy~UWqw&xN9=%|Aefmy67%RKgGWTY0y>Z8%KF>UUyP0|E4Xk=YzuOvNYv={ro|_=&M|#+YqbRh ze!e&=h0&Uxwc1cBO=3W}@2~2sj(}HDr(Ee3iLNnhjtBEFo>{h0_f}f`koL8AkBf^{ z>aK{xWFr(w<_)nG1x#p??ayf*EUfBUUNcXxEFVKply%$Ka!TckKD$%+J`$p} z)&P7hE2CgRw@R!v97$s$I69HXi#k5zpg&d1=@;>K?y}&7+Mr>1$lo458|h%7j76B! zdB-f+qQ}Dy3eD4dmqdQ5fU1TpjsSWN@m5}NLa-gCD%3@Jua>@A1`3CPXxcaiubM`5 z&t^{{*eKM7poe*I$oxwGUVe%A`REO#mHmWhb6L39hhKt*3yF^>&BNFq*cf8(F$AL0 zislvZq$09=HJzQA$Ds65n_Qyw?a{5u0pmjD`JbMX5nw{PzYLCvJe*=n+Xe75ReX)9 z?QsjM+$FbWyl?+W$Kj#5$sa+enpnHg9ltDNxO%(30~E$eziG3Didh!c`N>9)KSCkeGWbuX9wVPI#cSIU6q%TPVXzc@zvL(p$7uEgp-4c!$Qo>3NvQqHd=VG(lR3i1w>B^ipVfEJ!I~PZ#x^ znD%%n5Reu;hCOCI$KSn`g9Vx$x-*OZOc=-#I9^cG`jUXBM>b54Cu zKKW&Q{$s+wQ26mU%6URa z3^zr4Pah!qto+A)M-LkCiF;0SJXJSNUym67l!kTJ+2`yW29AsBP7KgK=gy2+Z`qPG3o!==sSo2dvexpL7bOV_dqbS+_LAt(+ zBNuAZ8`6jWLa`>7XS@9z#t8#`jui12CLcrnEB>x^01YjCa?drF={%aJ4f`qv2)y1K zlvA5Ua`cI zsYS%uDqAIuv9!Zj7H@;aI1HP+#2q<&{iArqo=MXE@Bhz1*R#EG3;v82mv5ZkY|$Z4 z5QvE>5y$`&9f?U*!Pd%L6wgm(DuX1D#2+E$1Xnj~lkUB~<1%MU};F4zN1Thn1MFqrn>D zLherHN+zBhfV&r<#>KmHNpjX2iT4Jy5*;_^^%VHgYmX?LUdsZRfe| zmnO$Lk=jhL?l{9~GnniWjk8RcEiIt zJGw8n!xvF^S`lcKvEMEkLSu)jsP>XeO*RQg%a#_v&&T+;R?zOUorInT@Mdffne1EQ zz@{nylbmR$`f>z;_wKjs*ovr|fgT5ECbhw6ac0UXL+`}L0BC_(pKBa%idUFxx2=qc$l zr!SRsHai(r=P5Rl8{TZad7N_;to(xp5=O&H4T?VjXV)$?H;d8B#ocQIfR)htglen$ z)w~bZFhMFPsE_^}QzjLPLXPc?bWvPP7YDhyUw*5yz$ zFR9QDmLL+mrcjkE7Bc5Wg}ITf1jEmCOL7oR)HOsVfC8p>^+2|sUkU(DutsUTZ1~#! zmDSN^EEL)i(CB@g;6toIyzLkRpQcjX4s3~NXE`6EkDWwvUf#4)$Ge*jd!=A@~X9$ z%url$dj(if4ya4tW6-8#j%X`cMXnRiv(r8pg*Ro|S;s*fw2Srx5Eg8vs0>SG9kCL~ z6KcaVt*n*%P0Nr_8CC1&~wPRKZnYCS}pYvr98WcBommFxe+M3*vVB-4qS*XTM zs;JB*7aY7V1R_=*D|FKJ-P30C4p#J)`j(3;^vWvw#SlABgK0+~)p}XcF$aW+frgri z=tlE{aSPxw*%Q`gL1xH*hB759xb?TK#Dc4)*sZO-7V9wP`)xN|#(S0bA05-ptLFP$ zL)pHVG~a|T`Mg{ObAIorZqV8J2-dY6dglNZlekLFf200(DD)g zmZ#$w+le#puJHq&;+1bG8GCCQDqq~)ua%@Hv5>~|RcGbp{=IzFVw9!dyvZG~XO2)m zRJUOWe_*rQAR+$a*!ZyWunVQan`sR)MIV#26B(KmGaKGJ##`|hi6UD5>qUXc!i4XE zJ|oeR!Y(gDh4mHYf@z2Md%71(!k<>BWRR<{7Q{UC9%X!xmY6-Yd^h}vx?z*xMATrn z|47~Dn1B8a5-)q_&axaCVph?II90c0GaA^WxvIm_P{}BB_|XUIdL}k~Qrt!QL*b6= znt6RD*kPPW+ha=8*MG}$D2BjeLAjCLltjgZip8L3(X=DDjb2}C2}gdTJ38QJf=A^0 zlt89e2qIxtWqj}*wJdw;r~+l1r_Yws;)HK$pe-sx}FLo>3@$mr7rLBTEE4x$z$7`M$QH4c0($=c9i zr5RhF|Bw5b)@bYez8-@d;{?!YqvERfPjB5fob%+O@WRVx%8Oe;Vlx|DbA;H5)UDn9 z2f)g+hb*QMZ(^ze_xs$G21y3(BhaApg#zZL7k53+?>fe9EGLB>XZZdL5>6chnVcEZ>xw0L?&kmK5Ew_w0h&oA+uU2xA0RTcqw*k0P7juMqw|Dh3xw zX15yOETi<^MX%Iy+2}27LlleEefC0-VTVb9cx8ioK=+T4Ezh4dVmrGhYHH4TV8X9C zikapScn$fw1yvKqs)XfF1M-|q{Z;x~5)`VtYH5qbv{xa|0iOVzV(C9NNy7Nwm8iYC z%01gGf400_QGChb=cyesC*27!>Aj@!QYu6S#van+1jZz8Oms$BZxEL#phUl6^;?d+ z6;%Y&ZrEv$q)X*2AIs;y$L;QC8IO4%l&GBhP)!4BfrEf!&aWzJRu0@LB5c9 zp`(u2ZM+AI)t$vGkb2qT^ESlXe&l8N^dDcmY2|los(wJoXsqtR{Qq7RfnFj>$m>iGVGCfgpTo=e7|gPPsc6I=6G-4+3Ek0 zs8NSo6b7n=<)$l01czs})8B(CF(y7v6o^4nsVB_X4u*TpeHDBpc>TZ(aG7Bg{PHhf z0o`b04Qoh~?Y&mGS91`(kRbdrjIvgM!dLAD%&*dQ-E8oN65&e6b5~-&|B(}Nk_XQ zO=^s&t^}s!OWQ~bdcxqvczj~&9|Do@=Ae|1NU0Ex|I}vVyYc27fimTzumbMTh+V*o zP$#f`II1V`=dY%7gy8+x)yw>sqaHZ@H%>Et&pdvV?4W1;mT7{y_LiMp2KtA+8Lli* z=@fnFLxUJry1b0upQt5Uvqr?i9fr5DXQNR34&3NuCkVyd6yE!E69aiaef!l|`?JvN z6so5BDH8F!!_QvA@`md=45sEgo+)FMN;x6c-nT34dyj{9f}%)n4_bQhUb)UEjcyC{ zueXhBj^g^Y`XOOV{LVX>E3w)Dsje`2yrNy!7*z&yO3eb&4?^N9;lvV)6*2@$)X-3% zIKPQaZ?_CLrCCMZwsJpo)Z6iFVNzxRwFpMWG|`Oxm)o+`6lOrWK5_s!PfOgos3yZt zyWdh{7N_Du!h73u&suV`l!K~N$D#pkuW5SlyVZKr_)JmBSji|56^QpDL!o0~ja>-o zux&dTZz-yN00K@Bg(;TcL2qYIh~ z60pzTP*PfpP{)PIds&uuN{;1RdttXS?{=Zjb4^&6upJBbnev{DMj`SCzCd>hv}-W1 z&|a25YeY=DVyv5D<%zhxIg9`&h*u9qBMYo%po#I-%ZV`P+<5r)2|MzV#z*~!eEfN? zVxUdpXxENozJ!Ec7k+lb`$;RluC#XLdJ))GGSLT9Z_P)|gW(=6sz^9MCa0PlVKG%X zwTP3KHklvA<6ixPwQH%?GG8?8{x0{`+){0pyOX~~QaPm7SbxdRGvCOHOv{egl^*fwPA^+_!y3?~gRDDZwqwDM; zo`xm0R1}=)1qXHyhuSHee~`{NcR?6zY3T=4%+Mb29wJ*VXfgM4+jQ#&1d-_6y1xq( zoC9y$xCxcppdlC>X)~-i?gk0oeNAppzW*=;{9Zk`eEJmU#3G zEKH35Uvb}RtfZygNF4=|x*;Sggh zAa{UveTs5nYyhy?RD3N3Au@b8ejIZkcu-7WbqzpjZSC#*KnTgf{f63Z|c1K@ecUqqqOyNW zp5R~j|LrL-G}btPvixjhd<`)G0ZC9}TvkGEaO-);uCS?o;`gu2^eta@q0Ru|_!tGj z|5)Y~9)eGUzwTaqx#sx&5_$@9a$3In+64aGf6&6B%Ea(lDvG$FuEeH|$l%sbQ(5h& z|G-5iRg**X4SdmdhBt2e8qn~C`a%hPyPBBs2%%^ASygWXlJF_Ik+{b#ii!a||7xdV z{Jv&<_0ApqCWHOfHog8-LlU_G*T(psw8f4tD#xDuMq{4Y#O#_yMtl%zxjMjYQ5A|;hpuWv7`$9qK>FJyNuu2VY4XjPP*uJy>fCBQO9`};} znl15mq!aa)Q&9R8e&)Jd^5*RFnDmJcZ{G-R`5qB~GrZRh>f-3@$6@s)`Ugj2_4SQR zLGFF1b#7&0@B9jm`MRn7d{UX79qH|Z&HapJrXS~C{T{yVl5YDJA~rIErGNd!G$s|) zOpIm!q#e{XUaCYs`BV<<@KzjTX{UtI@d06Ek$UKA?wG~h?7op$yn%hyQ&)5@1(TA=jtC&{uhb@c0QE4?Rl9Dg0e z>unT#q5siAi(L0#00>c0wDS^3cXRU8 z+b`L9gS{9(j+}ZHbmGJMPz3!pOn#SKqz0bVFo#wFL~2Y8UdHc%kv4|S8ylueC&d*8 z|Bgu`L5J>^U<|gxYw$bye96b_&SHX74vE#>Sb8UnoZD`5bJMeF^4qA|CEAiXqr&D* z#*F#wP+wo)sP_c}Dd|DGFwe=7;o)9cNNRbBzKqQzZYj&4jl7x2bEVR zS+tM`Ng-dTfOz|4og@^i1(8HZ|LKCqm-g20yz*9v-0EP`opR->tJ?fGg0~U1`zlp= zE_2v^G$A38TEkFpc^8Ffk|7&SOyYLp@6H{BJIza1X?X_m?UmBGkypECr6Ikx8_@T8 z!;VQ%ry#3JXUMr$gboI6Ry8WFV)YrUFR|%Vkr1^v_Fv`im9eakr9tcTPf@&y^oBJE zVKf2!#nu&*Wp=V#7ZEEO49)lz=TZmRC+G5wbLB(<0g0&^GB>IX%U=5%2O}*Zcfwbz z-?kiq1$NP1*tdGu{HwZdy1+d!;%zQLinZkErx&S|8ip9KMVr@jYmWd1#;XTd6ivxr z3x|EpswB^(3>eSoH-IrkMYQr1FON~!X1yV=3sz$?ja=B7T=;_z?H65A9-5v#KH+u) z_o#H4H4r9b(S;(5ERsl0CM~;rUtIY8vea}>%C%-Bfx2qsNK9KP6f|4JDaRx z5h~Y7(Qjz$Oz2V~5Pue+C{(f=Z%T}?m$mT}{i^*FxqSDVfBSJ*pZLTDO(ozy5(6Pu zUywz&Jd4OmoRTBiv!f@4z=&qZ^ZiIXf1NcuLXGxD$)UADH5Q?66tf`XP_1)5KH2Q~oqgdK1&FaWOkBWXS~aD- z_20~h&FsU;Y&4TKjKM``WE8w`(^6ly4T}p63z!EeCBG;qV?MxZ9bj-{BkoNX&#-}{ zb5HN{zDZY9$lsRt^>sP^oH5C1f_{E5;5nVrSa?=?d*%VR4rFN}`Ps`3h=_|aM0j!9 zD->p1FkVsZAEO?WOrys%$Yoh$(NLL@dzruW`b9XCT=YMbeJVL36aarOQpDF}9~!#! zJLs)O;^2VJ6=YY@snH~=_Q4Y`Zhf_KQucsL$}-*f`;ml?E3|+|fGu{Qb%&v2lrR=++S;=(i;3 z;55f(YllXw<6EN&NBeIhxr^kuqQPYj1pK_%&g78zBI^{s6IBvV1(sYX=p0j(8$SiL z6Y*D1={Y%dgJ5?E&5T0I6 z@h*JgJNCyQ>Kbja{qP{N#?k^3ULeyPv$58k>FML*^hsFhj2p3QJJ?r`C%!|#1-32i z$7QTEj+%rrG5=xMBWkgW;EsQNo;9wn*_-m?W`be~4{&U@&f2`>rz+GKFGnuB;IBXfTHVEfupH1(@*p^sgsFLUAig zOCMGUITh;<7u?|!nl7CC{j5@Td%aLtthNIWrBjfpR;{JVsvs>^y3eqiJ5anAML7^* z6aSiPy$OdsQ}d1%Pkf`$24m*qZO=#Ni+`w_9MkIQP~}uyc&W;$RQKzu1z9d|-WF;~ z>?8_LhkIMH2>;wOaJrRA?hMn{d!Z!Z%9^vF5pJoA8sAK@S)Gr zHb^2h%;OibV>_p0r5?PytKJaOoiJqNAoOfdQlVtOkMpFU`}zl4g+o>qw6im_M8UH( ziW8ye;m;AD1YX`2;#u608I781w^z+zA3zcYGOO@Ui2Rmcwh-YkFr2)zt+5-mUEWPr zI>*8|oo2^U+A`p+>M|gx`m_o*{Cm)1F(Usp6poXW(-eSG!1ri{%4KY) zh`r7n?ckPBq{O&uN>w|yJoU2n%tFw_RWLwZ9BP<;!|cDwAAFWZay3G~S1KlzNR$OH zRLA3>Vzc71qWVSs$QRdbEQyxGg-vmB9hGTVci=$JD8LUiQ2~->dKz}08mHod&FIYt z1?JWBYptL(5Tz^GR@l%9CM!B-KKTG0MPerqH|<334#9Rl)$s5E zhgSEu!bRFJpQZ;dczK(pW>4&*?_sH1pd0!leGw8eTz!T{0dz!s@N4!jtE%S5ofvqm z4$|L%#0a*`e$ia1&Y9b=zu1>;Af*Dc(oP^bXJ$}UpneW45u)v?{oHJ235=E8MaiOd z4F=&7@aXBQRILiCDo72g1uebe;fR^uCs!!FG%r2e*2O4l6!MKO#oi?u%ts{t_7de- zOk?HGcn#Y-CzjCxmmvrnsYYiMs~7&2SbpeVm=XWNADv}}w#QpnMZ(k0sSy!~!lgke zovi{Vv{_n<@u`VPiISetAo8QTv~Z!azi#~Z*^jZ{Obe_hTsS}erPF`k^??{&xvBwZ zz@|HDRqWGpq=gX{Cq8zpJ6JyddXQ1=c4Dr+6{TIWs2o*$7k? zKu2cpQRd>oCn4&=N} zMoKn1cq*^jVa1p!JZ%#PZT9%s$^ZrI9!>7FNAOR`U6z94FS@$jsRkhnPT&wVy0DIy z!&&g=n2m+}InROvq>+-6`3tSqQlMgh zw$nlZ+d8BbN4qi9YA)>FIiylq8lM?V*zYi}C|e{qbU-M+Taq&GuG~W44PRLVYJc&1^-29tJ>^^K4oBsX7V6%N4;kOkaj#P{A-p6A38x#ex zmVdW$PrtI?@KT-*V=e85iXpPl>(q3dbr-(!Tqp)=l&jQanTRn2Dck(WQVg~ z!k>o45;<|2X2mMLIl%#}+vFAe9hm+(dq~#ivTg57U-evzL^v0~t9!d=S((fwJFk~; z66~zwKB#KN#RJRgC-;<)iGLqc@d{98{Jl0dT3fk{^ZR$%rxWWafq1-RhxlRTi zBZ;szoXmMw=OLkTCqWm`DQ4v}5~}ORUAM#71a{98 zk)o6i#Z-1#;F@t%mk&}Qy?3E)MNtU8^C{>2+g=w^|nfX6SBP0<#L#fciIe2#WY`G7S zU_(x#6JKZ{IH^|9B?K!h%-F*&RppG{!|K6={lLwkLtlk{vYa@~4e4rwbh^)LsZrtH zJ7&f+El`Ft4~IDXWD&1C9K+}0`s$yMuW`kmdl6i>Q|>&bW6jzGS_SH>w7gCy$ZY=& z$^6)r1{N-GVD(|?syDs)u8ZP>$D%`U<#B=OIEjfzO7dBkkX`?xKW>d`3qtnxWyo5F zTo)`APa{J#2DkC#`e@o@u-`nl=*t#_`9#-V;m+d|GhPWtR$6ba_t-{cRf+iX>G29_ z{7U^7s%7A?wY4}At+ww9RK*Rr4If)@Qt#F3#jxsw@{zK`Lt#PXC3p`b2esXn-plPL z*tk-L*`Audiz>a(;vnraBM8t~SH|BG6N_A5skf6p#PVQ09~TR5UhG$Stz!o?D-0Xq z7QO{$PM(yEQO8F#5YQ@W0uM(}D57!NG=UXVNiEMC?(HF`oNx+FiXu=>ZIT`bN|koV zy@665J2LgJdY+1-3>W{4-X5OTpvX@rR+D%YCTF%x6z6-X9KG4B>dSl;CRNy^V!5f& z7ZZ19IfM=DqCUPps z*p)$pvmKF>3O0VX*O-%?S=nvq|D?@IgWF^3T!x@PghA0&L^k}Ryc&}f7Rj71D6rIq zDGboXL#g(TJ3U2bIC;Ko-2@e{W{PzEPMisUkiFJIn1_{6`8bQOMpyikD<&g#oz2Bj zEebUivB$7#VuP*&*x@O5;(8ew-P&NYIl|0}d@7Z8#~ed!za-lse|Oee!ci+bc*hXj zSl^o?bMFc|xU%ZK9Va%GzlW4y6p}U>3~EElT^LEEHgF~<^Ou_l+q2>1zZizu?Z>T7 z?VIF1pi4jS*Sb)noox&Wv66310jChN{jhJE9Er3iobAqIKD7|`kOSg z=Y)oP`Bg{!gXyV{H|~vQ%w5GLHEq57H5k*Y=n*Xg7Q+#T%~5?+WQIy9YrWZV9sX7R zS&~5F*LUAQtB99L$3xHYRV+^-c}bAy)($#>xRf>=cQ6N+>#J17c5TJ zOd>`!Ggtcz%?k%69J=ime&OMoY2y^hPUEFY`5NojH8orZm8L~?kd*h?(W?&yCi=P< z34zN9+wT0XO-kXRx#xTRsw@x(xKS(Fu-0=MOn}Ym>P@A@6SwSaZvkl1k^zl?BB~dd zx%-8du<^>}=k7YJc-d7mSjqsy*~omY$3{Cm&Fh0POe$+7$gIE21yC|q-5S*wL2xBG zO+c^4yy&1(zKai4(ushT1pfV-+!&CgGH(g);Z<+GFYt+Z%C(AtBEm_}vkV>|LkKxI_~mEooex>-ACHk&oeRM2(mTyODmJUegFf`%rn*=gk1 z##LvoF|wwqu67_G5-*S?`e0cu@+jYhIxNI^p2TFy#aTl+WF_GmUzV7wh^ig&_S+-h z5yb6f6h{}C{FSWo(jf!JR(OZYbtJ(74y1WT?RaUE(x{}Rs1PZ=qDa85fMYe{@J`I` z!Qom<6r@>SM(&}{Yk`ksTkfiS#TP<3N1<9*yK#hqf{+$Zj4G-)wus=SO+z7KvgdM3 zciYT*1I<4Qvzut}?}n#GuF?`S@q5BU_U`f*n-M@S<4#5&$e>{CJ*(O!yf}JbEjrCf zP~jH~ZAr+cu`M@?gs`*Ayn}C+@dxp-vI=7rw|38?W5D2K$msIy*~hAq2L9vBwh*Dy zuK}fhUmW^0fAm`u&mF7_feP@ z^mfa(GTT^?K+87D$NNH82TOnGx(c$w1k_8eW~3^qc6w(U%!v@2-Md?g;UmEmDRq68fZ!$643D?0?kD zoQ=eo&lDDRY=Tjf{)@45h|YzH+HC9_CvR-qwr$(CZQHhO+qtoA+}L*huLu8HJ?KFX z&$Mb#b=Eoi*#vF7A1dm~w)JPxVmFVEg>J{pSM-HAZfCmYU1c^EuBbHyM%nz8 zhi@K_Qv7|5M1%Oo*0(6g-RKGs1(W2&-sVvkNPce2)aL1O2{ z6OC*Ef_D>I=r0?;o$8hh)GO%GoKDanFF})Q&qry?OK08P=k3Bzkz^oe-jq*XcQ%I* z3wf%ht~bN$)g9v+={?%g))brAN*vVe?qeL>5(Sb$iUZjyBZ+X;iZQI}FifAW_Gh5$ zqVD|wYjFRM1F@0%-BRcm4M{>PL<1C?O3I~R=1=R*P7)UpxGK>dBc14iJq+~PRJu4} z+Xm%bezQ0XW~^_uXtiNNzox?_=W`Zd=FG#jB)%TAr?QbZv=m<~t`W zEWBbq+;c_Q4SEf_bZI(~9!6Rm5uNvb9*EGj2lxk@MuC!;_ASi&L^3zA{#~UNHtDp- zdw-0BW--{653l`#gVnk5Pb}kyRsePB{@$F%tzprRpLfhq2aKtu6g1&8OdaNJAX`Gg zK7bC`yZ(=j{c(PFU2zl%^=2PPMccw&tI2qQ2$V)6Urde!NBoZ|_+Y$uAaRK!&y) zJy)w}>G(D&gXwX&zgv*L=JFiNQdV2sMjkJQ?{@npSw?}haz4j>NyvcD`+E#f6s7<5 zcKry=R;AXyhlucXqJa=7C%w6ZrOPX>?lK1+y4>ROz>E2%G^W5B$Es?>t^Fs>@=|u{=l9xh zrg$kP3>6;y@)S2LE;rq>8_EMOGo)SMiCkMqW~;Uugah&Vu|vu#1vW%emZHQ>WxY;Z zFnm7t8HDqj(HBxz>y{+G{~`O*T!7`L{LNjFS^jKuEMcU7`h%TBcd&G@ve*>FLs_mrW{s%lB9@7Ily~k=~`~ov3Y|gaWrG z##*-V`%`T=FiQ%{d^zeQS{8QlJu%-E;ic77LFH!UrOnbb9p;J(K%0Jm$ROB%WN{tz z9}h&%X4v)YpwhP_Jnw@( zH!~)hk&p|FI$AvGXz;*<7I@s-l+=G;;o!-AWdGr8m%QN&iS7TD3xzO#8k#gQf+Fk) z#(EyhdWLRJoU22@k_qXDw)#wEp)vuA>Yv*Q_xJ9TdFz%1jnW7+eD z;B%6BIQKGaoRk{`aYNBmnGot}_@^z_!WkawfllA^JHp|L9}G(WxV`aAox~Y)8Hw-wn+`z~OB=?IgDiU*e9&2!YYF)so`tcH zjC1qZX0`SdxRaZ5Nq8WrkWiFd2;S>H^aNC6O7Wh2EdNbBGdgJA9!@Yow;;~e`0Rdb zLVED;t#vxxH_ZPN;>g2F!nW_{3tr_rxa71>!Vy*0x zk}1!~BH)V2wO3f^@k`a=aUI)a!<%gSlEc)saJII=XW7&PO&Xc*>4b`$vKMiaQSFqD z4ir%B2WQ`6>0DVl+~q1DbJ-Dl(vHmATS6><*ygR-9uT_=rM6W90Urffx#Nl@yw0-2 z<*8^&iRyXcWIp-RuWq&hwVcNtQx-?oFK?L5D(=a4tr2FeaqEj$NsOx;Eq(ZYC5i@a zyV8nkLSPE|UGux)lJ0mZYmW6VBXA}S?q|90!<~Q)o{9xsWwCRUY7K~MbF$7f`IK-Z zdhNydR3mFFf^={(b7}qb z-vyz4*n=}C75I$$kF#9#OoA0KH0lYyj)th_=E6~kQVbT8m?_GSIo)V@@SK@9bsN6= z4O2LWAzaZvs5y?+!nv^!bKW)PwKbH*^`Yk*`*kpL)(IC~)*OfBO;0V^R4pl5@Hz#=t9jE1(bCq^k_}caDwY3DX8zDh$WWrd- zWsvSZLx7hcv3TBj)w_9z933T+A*c&Yl>a+^XqQW=77;)AvpSCcxr&&t(zQ6e&6;EHPcjat2r|kJpw*Dl=;7gcxVRR=K}dtYw%2(3_IuA3AII1@ z^;UEw>aXBnB(yfKCLzTssfp-zZQ%?+msB>P#5}R;#o$xlCdS^mWrh5eF~$NLBPW8Tv-gQa~22DHW!llI4T^+iqlXbpCSimDADYFX1(Wb^isJ4aTWGuXTPD{uC zBD3M2yDtCb*VQ&}SRsVRz*($1T$WK-%z2Fvn9k{QEsa|^MZONcgvFDH3R`t{=gMJ0 zdLr4qaI`G3wsvpFK$G_sGEG}PQZXXBL847AsbbaUJiGJnt=Q&=wX?fF*fpO21J1Bx z7NPnM>F*cU#T(+2n4(Z|2FEpJ^-!tz@Blm3kS%V9NEMNNrPl$&Wj1QB&(4(>x&Tp^ z4(sxwkeRzXEs$sCmK9nKaI*w&Wz^j=zKaHnpLHWg>V^Bu{vUGGySF*{XL=@tpA%xki%D%L$c=)U9Q5vXSLddO^Kb7bw?vp?UyA@eCx8w zId_6^0}7a|Ll$?K>^xmG?lPU%mo2D5lD=G>v3HD*C@}ieS(&G1v?5XAkE3BZ>oT2d zxT7StYRF$`86zU%!sAL3{@E@nd{xr{d!$dphR70V6l-KeTL!$)h}?p4YS!ZLwoFg{ zQ%jyWClbAqoh}tqta6Z>1Cb?hg$9-6=dp#4X9+MUXB52 zfd|?zUoA8kD;U=>E}lH-w2tgT^vWM=0K^7x%QLz5#zp> z-;W&&llh+tdnz=>b_`yUq!9>`mwGa0q~OBZ=^6Pw#xA37r94hcKVPn6Fd5Bn1RLs2 zlq@(Krp^_UV)+x48%3~VkjAlVwsBY~XT44T_+}T+<^9d&3$Y$V9F$!*oSmHq0S1Td zybX^^-&r~-`I`YJXVx|Ms=enb6{8iI=M&?~*LkP%%asA0i1XQrgpLU~cFlZfw_>6B>mLV|+%|^m}v|uU8PHq0YA|=}&s%_PkhiGV`1y2xK zR`9ih2jF|+zVvV?mz19J-!#|xb-@4^=$d2Om+~+Z6+GB6Y(3tIDH3(CC=>jda1ON4 z=wZeLL}AbDZ>%OS3xNp?l6=iSokK?F_I|09`!)Re5OAUXg8-Z|B-FxU0B%}R;%?ZZ zPaScrw$kH1tdx8=-?G5iqb@YWhm^C$^bSekU~4H6f8CLbj&7CQN7Hjl3-kAjWy4X{P31SYSsl=r z#8I@mS8hFqKjLA-&T2ijBa5XA_*Y_S#x7!jv`1z^8k+z)9$EPQTz-C*~s zyJO$gGxY-b6}+40s^SYQO6~DBcnPfX?F-h62!^AkNCJ@XE9(co*o8qMug-<~hN^n@7Tu&_=*A2{a6F{EQx?`L62Ug~) z+{4BxYQ0yPLt;dno+bdyT5*Mak5O#z{-b-qSM(Tsd+mLP55QkvLzD z@3iIYfPOH-d+ObIxk{jXFKoqz~az8_V_z zRXhpT^i)Qx)G0pYiJA4$ZUW7F^H^<_J(PE?U`be^P!d*f?3k2rNzGO$!W@a3rA%M* zL|8$|7^04w5cj^w_h*K7h^0xfmw2g%$B%4z(-qSt%E;UgVpjpz8`!6N?pQY_D5qf! z(Fc5`u(v@zDR)fLvtfgZ(G4SNrPVJ7IE?3W!-mtz;vGph7sR@h)hbQ6u`ka}M{hA! zzto(q53L)#4!Rvx+NkYd=LsE_ky<}g0d?W$O+5*W@*axFVFT>&8A(~~BBwWJdH+wn zyCbgz%PoBnyrsrf1=Q&U*Rq|%z{IT_Du%*__(xAm7FVL?BUabhGLv6p;D#!5{?aff zJu_2AGyzXR+9x&HGwGiszbktpriJGP%4EX{BoiN{^CG&-$w=LeKX6?2IJX-Mu&#t- z(80`2VuP+{P|z!;MMu{Dq(!#aUv_=6x|EELiX2MokahaNoQm-9)_PQwJT^&j;{Bmv z_TzD4uSrcjXd;6Ldd{xA8*`~LXY-3tc^SVn#bvE-c(axDSYVr!AAyXx4!K#x$7n)) zTXDf1Jr%W7>{o0d9G&3S2ac-F1Poi{MCw?;M&l?hVd;fPkmw>JBJJlk{=lB&Y(9cr z4(`eoS9;_KYF41`)cE# zn)l|j*bJU$mm$t*!epQ#MF%C~k9OyCWR3qG7UHT8{7?!*GxHn~kayeD@>rb}d%R#U zD#5YQ%7P_taAUGLlncY|8d=Uet)@hHaUy1nUaBakeF1a9OjS}nN!Fke zzak6^eS%O@_Qp!yAZ^-^+9XlL$ZRY`u6m=BoH%{=tb06Furu1V`^Z?!GMaWC>qQ7; z%pp6ipjq)Z47hp%Pq~;F$r!u(zCxO$IDU8Ke5yLg3e85Wi`l{=W_HOu3*11v#$0A< zLLy6@aM3rj$TM5sW0G_CkTgf;ER$Q_g$bFPqDA!JD(jrk8PdlIL{fbLL8t?8nF;H4Z(Wu7V>l+V$_iC+R#MF zdO=fIJ>pIn8OxOiTu&Vw`<%%n1;`k{?qTM}yjl%wMv+O3Ta?3t;ypr?eqkNTQ!F#Y z{eOqlyToNogpTz}q-ag>Mi_^u)z6(2hXGr!3m3GdSfe(kCjv(CNueaH9Ab0xENSp` zd~eM~E16zdCs;b1#5LYJTlUpJbeA~nrc(H8yVz<)zQE(>Q>9jbixp+9dM!(VPVG#7 zvwQbZxu+KjP_$E^F09ZiuDMfWwjm2dSvnF^gl4b}Al*J)eG|ec7h-h9S;u$8#7xuM zlhxTi&cLNrPqFN+tmqzie5Thm_RZ-5G(@r898Zb(n9+CWr)u1;$jv&CdBTmZ^j9BW)-ks; zI`%%;pzN(FI*6C7>QLrJMUXzZbk&gT@WW#b(vZ9M5@}>wGuxAFKFE`~SW3Re0dJzgO$S7v%@w zmQgT#=tqWD;}Lv)F-Zi>%0+a!Er`}#PQgmWQD5`twZiCBN5c^8Bfj{g^ONrqK0di-oMA9MKnqd^H z;L(QYfovE4)C%?|KJ!^FuE6rXeSaEX{9D z|9T;tY|Midz8+E!tl1=v<;=^LB(uH`q0R1-)h7Wb+q-?)5+l0bA_ax+LM0k|PF}=h zhEZJZ1-ciyn+($B!S93~5@T0VNMAa$l8H}h)SA$S;5(!JdbLYXq9Qk~OCjFLI+HtT zv~PPA6I|D}yKHYo`G$2*gUgolVa9t=8z|0xBjkMSp;?YpSc8gY*gn3e8Sg4gkdkZvre!af1U(c7=;}FpxiCE>>?j43%+TqphcYa`Cnj9}} zJKbpRBT!%RuMXqMe~2TMlkm9r`sxV%dS+F9CA^Nh%W$fdikf|gU>E^dk3(rDakPW; zmQe>^hdL}CK5Dm1n9x&jR)oU`}WC(d>`hWpO8@ zgYf%Fb)fk6iv|?6+|} z>uEFIEbGfUDv4AT9FZA3*+~+-fI0-an3-NcP-|~wc61e^LZ0C0_TryAz%fHuae+d! zTPyRg{*%7Y^v3r3$|f*{-PK3Bdb1O#53?IY0~4r5hG%A{C#S|wUFOEm)cjy3py1fX z_ICe|0+Tzdds{QaPw5D*%+A$JU|p46+@$m2hBG>#GfgGIy*3tw454S@*+p~lB_=!JV2~3b#+`qD$ zSNLsG=wrxct98E=00G;77Z-o0Mvg5EZGHg8E{z6YS=~$vU$QD77Gx&|zX*_Y4!>ua z9j(os=X*sx89&YT|1l&81#`bav^9ZdzcdrmGl`P87T3pSbi_aYvA;qNzhg8ry1+Qo zHPbxPH9*ef0iETQXiNM;Ri2z#zsV-=kT!5EkB^Qn4qzG>Tb&u7n%Wt^zJu=_7~R>R zI=MU3-#$P6Bfr~&jSWE4HL|+EWG89<<9GJA{)W!c{@4AO-CWw)vU-sia)Sm9n=IQ-ZU<$v=4J-k_=aPeiE1SzW0^jzD zXN=AazboT=fT>?)p5NeKf2lKmV~MVfjqhf^3x72DH|C<0+KNFqU>l#_nfHb$?9WrZxq_w;=GpV(@a7-W+c|#7r~hJZu4!w2$t>({EbU<0yN(Se0ai;Go6kD*LAQer9HVT1D}UbpiA}@5 z?!dd`BiRT5kGFy3_wEONipO;w7 z(B#uBJR0rqRuzfwI5(Z#$+GHrv17xzuQwaxV_OkDT1>GS5TyB1>5)5AoNI6=^d zO80fJ?Pcy-sXIKp$-Fi7YrFo1cnf@${cq!;#BwPxH~I@v+{-g834w2h5ow( zF-2KV_nbrh?kfIYjIuE0%$Wp$9Jb23X;;XvF@; zu{dk`oX^|K3h_W{5MK23fXKBd^e%q0TvW$%q}5}TmeUGtWx>)f32*2?0sQ9Q&eg$;bE-+PkL}t5nFG#n2KGXd8;;jQWrO0}!ar~% z7JK6B>1dC6!G{%3Npnuzc*SPrgJ(E~V5-z@z==F@gBvPiXSX+vcm{7lrC(7kX}rCA zPu|X!c=YYk@_y_g@hv)r1kmxzwu|iaS=zHjc!(AI05*%fK?3Gjt*mvWXZ~6Z70ed$ z`tMt@P9iF@H(Zy(_=tEcdO5GvTO_i5 z8*-4wQ_>6V8Ra%Jj@}j!m>S`%XS$96r8tsHurG zis14e8{N5*PkF@6p6X!MAi7>?+7fk*Fw>8aKI7N}PJ+u5We@S*D(w3gAMZuBJ3V$BIT-+0xs)9O-(v! z=^g~OzgpDLkWlKeN3UNL3+b+R(t$J-AYPzYPS*)(f4iwU-$G^@?9)W;`~QMnq3gW+ zs~ua7Gc0>?g1I`Phmyci=~R4pPUYq_){-R>4qUa7GPvbTG+<`gP&Mmv!z8}#e~R=I z2!ZDx54QPlKj*S3@!YWXmMt+8S$CR>==d>GkUynH8#)C2#aO_}FAzVAP6^U6Du1tAF)9U6f24kxm0;7Y&NVK>;7b&N1rc5A@9!7y3^%*^xz_? z1m>wTtwIBi>9+#b*?wMgpXs9r?O%y8q5IFm@wF*mPiS^T?siWEU1qLc>(!~cmof%B ztQ~_$GnDBcdop z&`kKn_~p%^WEsx0y1sM@!6l80?vOaj+ z=aJX{;>4p;q9`$COqnpqKrz{os-LSng+=#eijfYg%4|P;aI3qdCKZo#RyH=!>%SRa+0n@p;~nABSCghv6AbF{nJR7j@X zvik&joT))~t^6|@`OwsrX=?O6+Sr%N5(t!&zz~y*U*Q6q8|3MLxxq#(KY3oHj|?%Y z>31`|HAY7{A*=}1V>p{Jm0Y5`RG@1>x9A(3k%Pvh?yMvX50NwMayF_u@2r9F5o&g7 z?oAwr?uvF@$Bf@U7sF{eDLIdg3g4q2yl%ueiTejF^<|d7MlzXuC1{XyJ!VN-3bD-? z59c%$>=33UgHBhB`^$#ku>Un$o3>124s>!%SPQ?c54*Q1CQPOaOAnK<69^+R8_E(u zl*AQuHx(qLvBAdyuIIX{ObD$EoR>)bI12Z=e4ej>coPvhlw~C_zxtiGR*4A6TGPm1 zPxh8j3-f>i1ixL|j6zsCZF{`Hul*3iz^kB_NJ`L-US4VWr!QTUr-$q*2(1AW^wchL zbzIoS!)9+%6#TAwZIVb^~JXW5B@2{i;g) z1AH+AAQYO#OOww`VFU!tLWhpRvk2xXz@NhZ5Qb5lNG--F>LkQbq3C64ANI!mOe4bD z#`iL%T1?v&BQins{#BgHEHVc?)Qy<&(LujQb!*CLxI{Kkd5$|~Gtimf)s~U01IzMv zyuK_WI$6%ciP{uDpdabH;C8Oj6G`nK58_HDXUnp@$OZ*m68HL*WW5blj>?dpU*0^B zQS9q!1Qotqdw~k~c^jkF7=P)B4Bow7k;Y^nN=gplxh;)@-pO%vsuX-fzk;M0*0{l9 zenCvyIe`$$3R`rTZ@{KolsthPevj)-5@jCTuHeZv?l7p zlmgw2YbBMNE@7;>8SlN)SZT3JEa>8Xw9Vw3P)~pOcjW*HzyYx{xb*Su+v>Qpzh2Ed z6W&hPjAuh)oIw?ph+CBl4dI7emmfLV+<)J1;9m-Bbb=-5C!Kc(2Ub)Y<4W;{Q#)R=jD|CJn?Ia&-s=1U*`ub7AuYF2dkdg#Hr_R&lwn3`^1-V8w@Qh)!==^UY0$pOp41eM+TzDHH z)_IC#M`AW>6=?UN-ORQM0~!EuL8`1ep*1%K`(-Bf_q^)||BH zCe-8p*-Im=i^?IXQNudPiFL)Hvz|5B#W4&D0zQM|mL|$_(?oijoA2I1us!14Lb)J| zOemRboQENRAk^N_y4vti1E9$+p` z?(v!#*)KgMk}*WBts0kXi*5fI#hS6Utq|ncJ`3(5`N|Fp&ZF8`)8M*b37`Fp#g`r? z8MwnPp&0LoOP+7T_LYzOgs)v6=XpoR_ZAZQ#}P?Pj0@p=^L>jSD_lLOSZP|cBt@4h z5AFO{_HlcV$mb3B?PV`w?zCNq1rFMf`&eepi3m}w_X!s5&?tU!%JW?uf`>`FHpo(X z1LZxR5p%SBtQzz+uTD)GH7>>nHl>4UuogX#fnwVavEwHt*+q3w63t1|Ej+NqR(0KO z!`#-3-OYvP{Xf~?Dyh6_NT+S)H9@R*ux13+ah@@B{Kk|6IA&VRJ4`+yMxiVf#{p)Y z`o?g&6#y?&!QrKrK22UWmwGkIBqMCto{6POH|P!eA>m~D4AZ4g?k_g4j6Ov5ffW1K zTA>r=%D@5a-hv9GsD(;vUGupoPl!F~!6Rn}zgLY!(s?s3TZ#utOl3oagYlqgPzxIb zoh2{PE!u0t;41p`g^nG1B+EANMZYyIYJ{1y%tJ#$?arO_yjm4llHY~ERk$C`vrB5s z%ye@!ea>gY9@J$aGFL4M-b}~&3jK=BKORL(@*I3RVZrN5OJxXm%a)^9X`8^}5PEIq zn~vNte{(NfQ}}I(A6u`>5Iy-_$x{O-r3%+ToGGT}Urej)CU!!mC(_tqY-LipguM)C zXWC|_PU9xp1@~+(GCX$)2GTNiqB!bmOyT7~B%jgaRXZgbUTaJQ(lyPcum{(u z^o92gUr z30xH1gs0Xlpk~zwfm=E@WzWXPzFXGhk}7WfYc#uyuY3}&nMI=Kd!?O{x?o8Mtn?n2 z5=`!-bxT9MSe4P#z^;cmbR~q&z*7L@q>YNrKf5`S z-k1nL#`9I74FU<;outfO(x9#(_u$*2m7D|vaOmi{S?UVjQCnnOds;<2{kk%|Wn*g$ zN1zUJ3V)w}h##ILIs(Z^HTngw;vXi?e>Uj#^xdR)M`F6j=gujEu}?JRwSz(M?Egda z%X42-I?L{wb<>crHlBLCG4l}ZZjve~$+NsZec1>`|7}CHCL?6X*|5EFT%xnI8+y0EjQQfO1&)oElW;cwx|w*o}?0OnoX0Pt9zM zqM|cS#JmE*f3dfEbz-4Eob5#$IQkeYMVFGAu|nfBz%ZHPa{hW9i|W(nlcOHyz$5D% zu)1emgsWq0-$xDINj@je5Uj^l*V6>*L)fbf^3%x%K+4_T!7Hn}zwaErm0Wc#+4oR|ff-X0w`4TsUg%{MG%*iH7Z^h0b0+}2z$Q>g?61ed zu+j=^rL(yf_^EH0l}ef_S3*(faDWfz`e3(jNZF)qz{csrGt$FDrzLG0imIbiLBB-7 zl-~F~(5)mCQ|Ea>US}O+6`7^5kBK>jrUhBIFVA3JFV`wgVJhJ7zYe?XHalZm}UsfY)7vvelR;OzYlK6Ewo}&bGE* ze$2?&qeuI9W)1UZBupQOa4DVs*S0wRV0{fiS5C7?o5k@@fz97+==h?SP@9u>7OUf- zvpNhAx(m~e}US#)=v&+k=Gd;@D8jWkG3SME4U`pH^Us~RwHUq@O?)4!#ycH zybj7QQm)?P%4(KgND?nl{loc?1ScvCQo>e@axXX_s}7SG3iC&R{69<>?!Yovr5aJ{ zFS#FNoarTvvKn#a>9Bg*B#&a`L0PqJgHp;)7}ds@x*hry2dXuK-g>KIdOv^^(Bz%y z{}A{dN8lBo*ZnLnfV8wRGjNf_`yl~}m zclP`00Q2*$gy9Z1{xj~2^l`|*RppKL6ePz~)u3A^D89q$x(9A6lcKX>>N&`cgrFaK zk~teL!rJg2s{IS}b?`|_xK9zXC)N;LN|`PUmK-i?B{4hNS8hBm9*)w1m6cg6f}byh z{RX0fpZ{V8IxGpd2V+VouZ)!@` zGIjM=YKj1b{*_~KutXU6P8PfOSrSHju4KM)D+_Au_52bJXGbZG>2ft;vh3)n=PTSV zmbJk|`eX8hVMvmLGQRQ+OCu9V#YsYbdWlbtp6xX7cpSVKse!+msPn^$8jL$Vzf~t< z^3E14sFd^Z=a||Ve{a3@q72e((0F>fI8J{c&bLl}n(PZxt&&ChxalJeWR0K2Ypo~H`flJ2b1rDybC*)}Uv}AN9qS>U}40x?} zNbe+d@tSjBEX4^Og?$se$BR1kL-muya>`TIW5h^-;Pvv<*PF*AkBM2=bBQXO+TyZe zh&yBGIX?u~r+;UGx?Q{RCeg>Ag1)%`*MFSzpl9T(uJbrrvTU&>A>^RvCBP-Kbe>Ym zG$h*b*2nmGZE-ZgW9fMap|Z?^73Y5A#PgnG4W}z)>_I7L&LA9Q!3&N*@1XHWBj#g5 z#Rv+@pUq@gPX_;n3Xl*d7ze0 zRw;zI;O~Z#3nStkQL;uITHjbVRQ2OE9qv`%o5_&Bv|gA_anHyVQg)87h2jb8rMgHb zn>2G=4Ef{=iwyZ%NJe={UF$E5WPLh|*~3pD>Nxp<*IE-VbBPSBCfM}UYPw;XP~-(`KltGIwukH z3)Gf9Ag+OCR4Gu~I1}O9&)Pfnt}?KGd!=*4ogUe<)#w5jj=}G^f&p-Y`d*6 z&^-!ts3^aEWZuH_bRF$VI{=q0|0BInkcWgyla#ZxWXrYx)AgbBck}XOSVtml6IHs> zfOUc@#ZPH9EFJ!Dc>xPi4RrVUb{P4ZwYe4L*ANQCZg8wD>?0OLqq8GLnG^;=pvoQF zj)7Jv*iyU4l-ff%vtb0xX&oX!+nbb8f3^i3qb&y?%}<|*+q*l{=D~HQsEJfI^I9d= z2k^Jg8UE81^a0zS>8@+5dn=WWdyogyPwC=J0g=jhU+r8ia=qplb4Sp311vBvApFWf zler0Vc6zK|M>?lO6&7?lSxoVWT8v1ZxCTq*&nhaj`d#fQ!x-Zs*hj9^s)`LN2(sI? z;@4L2t>QHm$K>Q2RyL1tCb;Aa)xkb%A1yj~;I((Q`Udt%$+RjpJM?`mi%iAHc$g@k7@awibbA@wpCDF2-DKjcP=JSkpQX0QLL5G6Z=$={=#ffKb84@HHpO$oL4DKs(J_g zNxy7<&^5Ol$wC-S$ZbZ1WY6McOZs`0$2EbUZLM-+;o>^f}L;guX))gay9oM0o02gTT&9@a>ov6+UBd!tjugn}LhyE#j z?gF<{n55HI7{9R&?wcQuo!<}HwCA4pLnCsn(I)!NpKGjy1?ZW}@YV;PSn%XzPCv8EsQBXb{=`P>dim6{!zQ8{eq$V> zO&`cS-HTWjrrFU+`Mdpo_DCpzf8#T8AUIpC*6kv-$bK@0@VuWcCx90v!+pePi)j}! z#7;v+tKu%XKK@ju^J9tQjXRU-Ljm1|+;{!Y`h|}+B{!zP)H=Orz^vKvAeaW4WkJspwXmvx$s%T!Y*h{#v>q6^6Z5DDsbD zO-i2BC}#Qu^?P_%&N!zdQ?U6+cd5ePT^Zc zXO$1Ve>y;UMjlZ$WK%m+vvm6qY=vxX80Hoytx)S`ql!BYFU1;nVlQNG06|qYxjLeA zDRSeyf`usF@&vy$NI_2ac&v+kx9xx+bIdHUkWjiu!vYE;!E9h&S&h4IkHEqNj}j(? zJxPcyyD;H=qzWs7m$MFc()!Xe%ZGxEMB=hU)r9jume&@^^I8eGOWA_=EcCb0h{!N2 zaoZ%rR0<-lu@bfIGsgHJ$0IiZJo~L;%*ABIY)t&1*wg6a$3(CWb@>6lfw(=PdX^AL zVBO9(Y=}KjBbok36k@D9e4DbyPTsiB7>=P=$zP!_LVi3-9z<9@uPJmM!2UMXe*w%58EttG| z&?1=pS}}d2yh6E?0PzQ|5St_%4tg;q=R~C&lxe1k*FkatWmuokPuk?j1b!xg=xV%% z5uG`|G*}*YTD&B4TXUL8ua=i_l|+VUc*f|&bsL3Jv*%6Rz@tI8tjbEmx)3@R!6Aby z77Ub9?twarW#ec^k$k&sF>X*^*(mAjr?V~3u}xn@=trp(-MTNe1_8{e$QQH!zCp0Rrk!OH)h5MqU+f?UMxJw(ER;GpfI-l|{B72~(=7>ST$q^vAH= zDQ?p~X(EqZgkie+Yq7y7pre-bW+^_npe;h|WS862JU!ypqt*D$h?z%(1`2on`I4A* z@uFfxbI09D2$Z_loyjyQik2FwDD9o6TuI6pd)`=#1b(t2x`B3eM#2!s6ZqGRtC<}C zrdJPEXvPh+acTFKg8vhKqkH$;F!A`JVsq8{&B~3ZV_yfd@9q;~KHo9Vah1WGK%8OE zs2Sh5?AJ*HJvp5zw(%u*L%qto1N3rWg6#mwx=2hcTU_Em{gA1ejeAS*{O=Sm!>7k` z9PeX*F<0)@BO&ySx(!<6Y+_G@6Qq!Cmle|Law|+BDzU2HdLAV#1r_V(nw9sn97~xO z9!Aih7jcWcAyO`?$Y)!aHmPn&)lEKWo^j%Om9;juWI6g!N%Fx?KF`?BoQko=)A`Ti zHlFmWW!Hyj&QfttE9mJx%nkwbUG)H)OwwbE8vI|W>MAPad59X}cMKS0ZuqzGc-Zs0 zPZxBU$r-FS101brb+;RcII9mL?OyiR-(SSVFTB`5+Dki6kNKi(P-8YTY$+ z4xN?4>0``>G>pO} z^&`Em92LDClioe+$dW@>B3j7*nv)lx)>njVr#SgSZeb zEWsW+?m7v3<7n$7Z&>=bIQX~2e8-j1nLU4e_2hd?Z378a1z4wLG6P!gd=E>-{ENKtCNX(XxG#8}+~2x8fL4M&Fi2s``9N6;BIS95 zAi>5Y_g-CVg7Dvgx~UKQzWzKFq-cur^8X6%hgN6}9^HkS<%S%v!T6C1=Ej!y8#MQO5*YFv$EU&EL6Ai)` z$y?c9Nkh&htm7UeWH!0c$x)_a`c|(4&q^y$YT&No@FPe(5n8KZ3fX#!hiK@OG%t*> zXGnFFeZob*LB0ToY8&jrrv-e{#(^mF+*b~eE$d+gQf6=a^;2&)yjsFu$+264pd7=; z`;sYUt(&HIXSMBHC#^n-68$(2G*>*aSXSI8Q6K0siMc%8`?s(rg2Et@2#x-*qYI-S ziPc3@mRo8=12AEi@!?_?^=)5BTn1Z9r;7-Dpd)P5x~4k~CsxgBZ&I$f2iMnF7VT5$ z&SRe{lO#FaXQtBH*+w8Teax`;TwjXh`mG~nH#fMir}-;nuM?*dJ-5pgti67ZvY5JR zk9EeF+29ny zYS-2+uC$JH0|G=b{zk_EpvrdFPGq>IN^9G9k0K0BP!ekq9Qnkz^rcBy=3aVbxJei$ zDLSOSmv;>-;O0bYMnF;ZE}q4OZ|884PwZF*AmdcAs_kwyFp84kWPA86bsf9rp3qKD z=rR;rwFKa#Vf;&X1GLWGQeV#HJ&D!{?S-@|;RuEyFnm{*nb1$5J5EoPs~Hz2+tn8h z7$(5lI&%;Gx)7BiOzF19ka8`l!xa}A80E1&5Ci{;4B||z?LE$tudE>?&es12O+d20(u~VBpIRKe zA;bm8TKt#Row*o%e`o3pBPkIOKf;qFX|&pCrYS3KC=CV8$hD+}VEo6j`c9Vn2hpRA zrnW9f)#(R>AJ&z?Z(k^G6OSo6;~l{=k$l}N*v|B9aG+bN8JPv+U~$%GNJ$~6#I1~8k~A21@pHLokl*hmnIH%n`>qTHX5-NU5xYCNLn=d?d4<)>ggdc znUsg3nmzzuY~2JNk$l#^V}_Oa?_+P}h&Tt{lqs1y%CTy4X9W?VH^ygt@w1BkMxK^&mLn6kc!qdF z&>TPaLM2>nUg}DIm|pK)uc1L9Ya^OglmLd#;J#v4J|Y;zCmj52Zpf;TO#H@1Rh#sK zDJ)l{)UA-etDI}=CL>zM9kX5s+BictXxUt3kKL%b)>@F~U>5;;!{tHf!(wtAyQ&7qu7;WalSk?)ZUyLuAYZVpPvXDr5masZOxEZx;J4QR&xD{9CE$nQSn5)hm52gV536Sd=uUm}()jjqPsX zl;Sm7k7DvlPGmT5 zfZZtY7Y5u=3T)${u~mS8hl7?GI;#5!E6yRzb)-RhNS;o>bv`6$>&ceP%R3<-VUoB{ zB?@~$Ru1EDia$uFTDqYGd(x&)4%|&N)N0ZHZc2n3ludZ)O+^++r>U>D_RFK_#gZ9t`8Mh!;0P znmOz9t!#wObbDL=umQA%=p`<&cI6BFJu7UWzZ%^|MGe=UyII9@9)s;*El*;LPC3Y5 zj8&1@W(i~xd1!7}kgytklQhg?L7WkwL*fw07mD2xpdpG;H(BHv-mPqFf0Fa)ShGni zG*w(Xe8-EXqGSN{3F@4@CPrMI3Fh>OhP3afc3ZW5CBBZIcnoU(jvLO zLI>Zm3~;6@5tGn+vl5qP3Gb@SemMP5`1ZBqQ!pq~KNzB7RPL>XKw!fXF;LMGrLhoh zuv3mt21A!77~Ex+1^IcKxpa`f(O%dSX)C!h>^qJ0&eY^DAvgHz#)4(1R{XN)qYHCf zN^Vr`JXlDtzgvcVEu7q2V=6kRN+sqn`vWAvrd3HE?A@MRG@^EW8dGsmI+Y^pBjLw< zlwN;LER}rNQF=Xm#u}$$wRV5ZsGsZyy%WMSua^1Qc08dboTZp*k_uAw{FEf%_p)md zIe+tTS$VsnOnOK6;|jPo&u$gW&&Jkh8~JYC&0DI{c`tGSD4y(JF>WGi>cPUEep9Dg zRG32t-eTLCD=2Q(GWh<9Z}T?-8!TbH$S3I2cGa#dUjoLKsYWcf94XIR=ZoSZyNxTq zkvv+0ng_Qm^3c8)YvVro+uJxhv84{x<~>ljdj#%BkWgbo)wIeWD;}joBeg+-G}%_t zW%jU$tJ9ax9{Iu^9K%Nh@RjW$<#=?uu)BX``7+R&vc514k&5=OC67xl%uaup2V%Ii zc6_&pUMZkm%{lr&8Ww~dg{$nT-7jfvZ7UN};#(W!FAtQTSDVLxx^N(er$9}s`^mLc z)wZ)@@?1+TZ9x2?ag0r8ur#pYI1RoO1I+$W7{jDdD~|=JALQ+@%()30y524d`%|kN zJv^O??XEL}(~B(ydDuOX-XI;l4%cKj=U+?p*(x!9Ge^wPxi}Sc{0^Vwl@@9_zPue$ zWV*5ctsBV^Lmr_r8zuK?VM0*oNb#$f6f`nC=@}On16D^vp|pbyLl5hZC7EpBi#FI| zmwt&s0USQ@1N8D|D2?MR`TO~RC^jVv$-AuzN&`=Kr9q*fL>swA_Ujv}VcIM&;WwvDYczQ+_sBhGl^VaInlm4R|9 zr=oCOCSu*tn@$qjY2oEC)HU1rZl+6=h9g#WJT7zZA$T2BDP$iSQ2i(b+HU_%Hc$?YUGL z{8+(aNZ3{U&94x*327AS>2d0#lE^GEk7qk)8R`9&8%g8~f$fW4>T{A50UTwX^D=Eg zSu?)`uV<##+lHp)d4}Bi=3e2o;B4HQCvND+pWs@E5yKP7h1nXlj(OiNdq=$De$v!Of9I!R{V{)JP6`t&8(|)t|S&kNse!EgFi4&4wvj87#2auYC(Ns28PJo=Su zhIC_LveEqk{r8=EgLLJ`^%tM^e?|=@7POXx zkXnG%g`>}0mclS4#MnN~2t*P#s=*iB3IHf298e9RYNq$e5YJ~2A z*8tkO@G1;jn*Cc3^L7kM9~Mj?rr*c{T@fugow~BD0s}2ZqZ*i=Qk2Cn4QmRQI8q-4 z>c&%wyuY2~K;jfQt5_7)ZG$ou>Nkz8IxCI>PY0V64yI)41t2{MGOvxL# zYQZ#oxO+)OdY9##*htM#X5gksi)Bx5mqy{Qj${Y%w3AWhuu~>-kRG;o3W}7E5E0Ci zbbqWZ{W0QKs~4KD7AO6LsrvAR|y_f@OO`UT@ZZEUcRS!V{I&a2ApR;j}jr$SMwc zA4>RGc3w#vaod@I4{RX3+%R$P;O^V0w)eo78Xmt&&wOpDKlrT+-V?cT6oCNOP|?>Y zX$_{sNps#KlSP}0Z&J|OS~rYHP*4ngXtfLY$!JBmH%h5_ydO^@qq*}C;-JXW|IBh> z@+g}QkZNSS)o?2aJt)g|ohaf{F-?VKkkOki{ikGJyIXbgLE0!D9)i>RB>+*Orca_ml~BHwqN_mXRn`t$UEYDaNYE8yEzW(p2PFN zRE+JE-yDTvQ$RcqLxq$kH9ILrXzj1*!QUD3Z&R1fr5nuEDh1TpahwjKFqYO}%wR3U zYC0oWg$cQQSmsf0{FPg{r_K5Xt56*H?ddb0nLjLS`f>}X}lyEID1Gh zW8sdPLP_6pj)IbeBVRId`!sW%I$!wtJYw9BVCsacp*gFQEx+rzq;+*W;@_>L8Vztu z{t4zyx8h=&*m|<0Q8t2LNz(V>Vf48T65IuOY-lC_;v9(}g_y#(kNsHm68ZnqWrO9$DRJ{M_R`}YWJAh z%s7^=a`n`Vj9rNhdMYw9Q4CZ~{w*(bxB_?DUS>3}hEb|>EqH|%s!2t%I&u?fgnYCt zz~8N6q27~+yzqxdVxqaW_zzDB-yZ3~HRh)HkdD;WjX$DdzT#b@uv=daW)nN_CwvAG z>lMa@&nr=TcdCp#b(qs8VMuKoR6S06>dCxP*PG=PJ{z2*6u9;5OMJ9~NpViSF6a7( z+UV7_J>-1irvVWox=D7TIQL3)i{9}K469g>pzK)rOk{A$Nd_NriwCJda$OgV~xnHs(CO2|gcC*)TfD0Gw##vUAp$2a*kNZVAm zjT;W3e7P0<7xv#MO?Sz%5Df$d#28uKbv_CR4s(JcZx}H+ln_1?l1Z4&(O$k^ZnPzO z;AZQxKe^PjCG1o4u;xzhZxveP6@Q(I8c1WPn7mB4uf4?d9s{U^g6|_y5``+eWYLKR zvvLulH`pyOvfpwXTG}c(TF>5##0RF;TPB)Kv7bCqatquOQa%TM970I|Ho^gx(LHyO zP5{};ARhOI(}8b@l+AVmb{)AxiMiQ59`m!*>}5d`2oL9w1z(oRp2ib8O`?l!m%=^v zJ)_RuKNfH+Q0Nrw2Ix0RL!K^{J65`}34Gh6kTW>8nZ3N>m3_~r^FgjpOpDV zz&inK2btwI(y%<{OdO>?R7Sa^1j zMAyq6eKtjH^HiZemK*@sbE(dMM6u$XdW5`9z zJMo-b2G1N!PA+d=;QMGHI+TX`t|3tpdiMuuSDC<^BrmAQ?g|xrA_8?D5QN~&#yk}K zgjOGQ=1z-@Bs?$%&3;nfb!+q@sDxC(S`<8&OB5Oqj<1-Yszn;ZD2;FAm1aC#zr7s? z!D?IX#a8t}R+^(N5HTQ6T)ZVO_n8EV%l|P;xN@w6wnCur(4d#+wd**1CB}IklN%qG z-XIr}8tP$@7nr(17DiiEBCqnpQH-j0nufR!ltwLy;>&mHYusiFXwiq{oUqt)4z?9q ztz3owUc%`fNTPtaagf!13ug?B{9PC-#MgKHgZ}Zx5nE|_`&81Z8`7d-Z9aVSkIxRU zF;x%NysR}~PxdKbrt(c25us|BEhT=bM=-_PYt6xm^#|>;Wn*GH#QHAy1K_574a{u=)r;Kca;6wc`;o}4MJk2%kL8=oW>UX2)EG#|KIyWIguW#ZvnOj4XiMXo{**O{T%5Jqp9Y+4?MoqerSpJk3&Su z1A`m_+T_fQyX1P_29iyb6W^~~Jg3xoKxj!TfV>z6mujPC5Mt||WtDcl77vtRB;?T7 zhRy+~Qt?<(LFF_7c`Re2Rytez>4vCe4j;5;>~-IW7^k4)5crTr@43t>FeuEDKtEm} zBMH}A`PL}vep%lGcTo!^4SlSBlYgW54R_1D6IZZ%gXNH>qnz#ThPmcrv)+8Gyc`P%H&Ct%Ue}mW9RGqaG!bj!cBKAf&zadZcgJ{qj}$GBq%co= z=UP>2S~rIcA7_6-S+}Reqt<9zl1p52Gj3@nTCg0U<{x~g!|OF+m`Aj)Zd9&Q1#MJF zZ#aGh_u5ZzMX^r_sxqtCZ!#}jqq#(?TwH; z-42rl&$za>aR~c}rQz#UHiXj|2`LWhkKdfSpoF9zU?zAr7>WL3w+<#V%eC_JRQ#3C zpx&0ZljtynwmAhm=3(8MxFwcEYR={~e@fP3`v$C^Hz=#m(tTr9dbe$(;)D8e$X$&R zV&@)$ESu7gN&n=E+St+i_F*FB;=+WO!Fd0yg0`XoSM;qxTUqapT@lnhlmd?H#r{Mb zyd>b5R`6F%9ZsOBz62tT96KIYpZU|*$7_ZZ>ar&R+C=v{uNveZ4A$^gqbi` zu0N2MKis+1JTc@VES0NCqB@Vp-MX7?Hxn77DY?ABUm3q9n?>`9&q1K1+1Agrm@3>R z>28zC$V6raxH`&cB#1cd_wzbX5i+Vti^xLyTKV4A_q-?{?ldq@4z@IadChd5p2{n5 z*Sy4u{q7#|cl2~Bllw2PbMtjF6Z$n&lEn>b)r)_OY&!FK)R2)d6j&)y*8Izyq`D=0 zRo~pd9p*<%YFkk|aTYu3_af6i?*V}lG&`ikudoi;j^t1UMDHSxa})h5A!3mn!CZai zgCw(j_RG83tHMmRg>f7n=oo7O+HPWjUI~A)m=SE>Qa%P!HV&v!!Tcq8aELE}sc@#@ zp98*BHQ*g6M$27tNPl?y8mj8w5#>V@-oU5qUS*L9o>L?Vt6*DY0~UCPg;(#q5GvSn zDuoV6dD1h97W?Kr4*&^3_P;}n3S+<_9P3wWVlHfUU|Cr8?+;y(dbkngyK-w` zx(%fA++Q^KGXV3`Rk!SQ*yu~q%R>Nz*sj-aeE0KILt=F2W+33F|A;alK`nCI=N>8x z-e5msgTf9-Me690c~eP+p4lg9Kr;;Gl{+>ntqQ-DeLdLt$G#S;v{_y1N%yR^;(6Iz z;NR~E;wp+u=buW`R$h5eY|2sx>@BHA`#eUpT;oL#d5x(2!DB1hPaLtvS(%6@>2Y4P zj-y&sb5pGSKIoM{bKdq&L~>&VLKF7Mvl|nd+%vBwqLP(b?u4ki*@Dl`IgO@tu9&sx zVQS>)=CxUM2AwpIaJW!W?GjB!gz&GecBLJOjd@wGg%tnffx|K9_HoTPiZd|a?p|rC z)#;n_yn+#bl?t3LnaUO^oDT|ILuAHIzxf>|NtH{k$@dHGWoLfdQO$LU@I#6d5l<#K zS}_QzGeMB9vuKyGai`AJPBy8+ng<3H*-nbwr-w$yi7SeK2F4P-U!77@1e*1&-f+V6 z=x&n0v>-9xQeW-#u|fr7+d%68-!MD3&1Rrq`;N_%Z!*iR*LaT+A0ReXb<`4MejuHn zcU!a#ud$>~*w&t4Ywkn1j+7bIg5Jl4(4O(%>X1J(3z)k?Fy3E>Y*@a5R(^?V)^I%O zqR*MU?N&f;xbEu=f_E9VN~i8w7+!rK8Qz}#Y)7ekU{OH|Qnhj>*m2&#Tf|w^JLt~-Q8#@8z_5oHth;$lJ2=(j9%9`RTtvUR z*c^4uEF&(VvlZ@gH@Puq)cN}L7j9o>3^DS~ylsC)jk3?HezrX9=ztJujpPQ}5U({7 zcsla4_p#1E)*B5v&o06Us5_wUI1$5m{j`Q|v+UETzqQVFqCCj41>FaS2DE!r-#aZ@WdF(JYesB4u z2{9G^0x&X#-6~82v&+6cyxC++7+e_|*#iWn!*@^K=FTxp?)-&pP3UaviiTa3qUD|$ zyd#h4Nqe#YRQ;^mv?_RQ;vvEBy1nQ9i|ZunwjylD=aNn4z8Gcuex2-r%JaqLklU~g zDyO<{M+S~a1GEBx1c9E25Fn$8w3dTBoLb zXAX7?YT9cMHx?p{+(TTWy89O`{;I-k1cSsUJHGim8^A}*tHvUg2oQcXfIsEQ zEjFo!IFG&j-oczPH=2no`^NStGW9B5k3baV?U^w*n$NcRgDt+G+!Iv+X>kBPhF(ME zbX!+bwVJtF97`)x1YhDrnY<6c&@NXtgaWO=! zJ9_R2azV+WR1nnSS_creLsUse9qAHMVfYQi3NhoQNg4T+o21vCWE(KZ6y{{vLM1?Ep@E1|pEiI8~b|9Mt8^4J1 zOsI<^8Xchm3?T^ZTM+dO_PN2MIvGzyXDZh>)4o2*3xNiHHa7&pU4mXA3pnDUT5~31C)oS0R?5=KdEBFbWbF?K&xca8 z!>Lb1-38VISmT##{7vPvJ{qeN<*Fcg8iqw_)}DERAP^6a&AEg_;)W~XX|h9hsTvHk zrj8iK6I(c_SKQIPdT;Y%^~y7hXEh-J+-hUm)LT3|{bL>oFi4#?y1{rssI*ZMe-^Bs z$nU1t_%L+&4}lEf4y*+<`%-t%4_$}Fzl^5oIqmV~0eQA;?bPu8(5VY$xd`;gi~N2N zDcXfN&R_42{4({$ObF$ude3gIR!C_Vpy(&Ruj4;L)NAsc|85vHt-8QKti_jbD2{lK zgb7`-ija+PVUN)Vrnx=m`9BvKKvruvNntW}nC*is1jjB}k{0GX5g9q=)sg_{IANdH z!}lhi3ZFO%opz%EbGg2fs|Ziy7l7P5861OJAtaAXA=-cB##G6bq;vUYAA_>^`YqH< zIS94th5I`Dz(_~T91XY!{zCRxp1ZDMfvGh>iIq5@E2|CxiTa3rvt^K1hh45&3?Hs5 zCF+TIS6{zbsw+PA@>7fPjeR_m3 z$a+O@GV2dwL!6CT2F^4kB<0D`hyH!Q*S;~Ww${#+)p&7T6cDq;np3&OTFrhx9&zLW z3<6;u^A?Z5yU#99dCx44 z%(EJ9k72Ij_iLU>5d#C%oLP%y*kkh-ADRcz>LCPR$89Fwgs{@SM^!>(B9))~>p%tT z6y3C_j+Lw)YFcj;=Fco`a@3^_=7@{Rs8!Y0CiYpXsuI@1aX`kGYqa2ZudF$-3}oO8s1E%%?`t-+ z^u0zaTc~c5hkKsPq{3yaDSOQxr`_8Wcef&5%AjQ}m3cbYvLp4#UmJ#85m zu$4tDQ{4cMW0_}nKhlL5OGpP3zp1_Otl^f?R@2Bs%q#jaSQQL-nHxv?HDL6be?V-L zPqj)Z&F${`(wnPl1Kea8;7KG16l#`ABHts0|4#-(a~#ho6Ee66mP+>6;L z@y?FlzBQ;(a*x*cWe5ZGdP3R%Q55D;I;2!cTZkzRYN}nbL;pC$scnP)g%^E_$M8U} zX$Ip1G)ng_585*fyNe>coR3zBL|6A4#^Gsga))FL8CcG>afoU zf@~nwf$8oGO8&$h(Jb_&2e)``ThSE;=$nOr;-7M8zqxGh+!V>cs4$af7AB&`*;tLF zvDZY`0b&yqERU~~bpj zV%g+eBxhEwpft-jqqK{NsK(`4Rz{k1)io{US)^TW4bxB}M5glyaTHalfg#@7okOzC z>O1f8jT^1q;ZoD%E3+OO>6Sd4#CN$I3Zd z$TgM#<^~X3?OOWQ7eLGG4=r}M+E&wY&Yxb5kn^SzHR2@Vz|iN(GEQj=7OPUsKS0%) zqZ(#UUFl&Pwyo>0M04pEuzsfbqE-z=Y-w~9Zx#=plFuPN5PV4A^1$C*XNoSn*10Q$ z+HtK~bXOdMLg`VW1FfxWsM9QNb@>cL+4JR-u#{8IbQ5vK8x#Wf^Cb1BOf3=ESGZH7 zgfK|Y(3Z&vO@epr7UeV+`z`A2hJCSo!9X`>B`0dMTtjY{4$L zcJ$Oo_)xz;+RHqk5eOqrh9b05gBWEq$#9r~Ik3%=bFhVNuJ?Q6f?2P~sm(=o>BBPr zM?S8Z!YG*8ypUiF)nedOt?yV0WPapMGC!4NMPENU2u2v-BT?Z~O(kUEqL+2rr$f`9 zd9^qdL^l8DV81K~@-_@~%0$?6khU9r(!BoAB?_tvoXva=sC%pBP6sDtdHaTP7QDQd zDp>u-I}dR8)_%W!K?a8T2l+RyjZA;}h7LfYn8Mgts6#He70;I3f9jJFO2 zgVkS6=9jStYUE?x3q~9UNd65ExXlAgA}%DLO%L@ur;Kh$w8y6h#7)*(ae+`$pqme(Ev^}zlV7U!+mjmZHRbH;QbEHZZ`==aVX3Vg5FGD9K`7 zwAT_Nw<|df&jr9K5s_?Mw|Sg0D7cnqrXB7aB6|%7cBe^HY06ZT%1F+4b1Ig65M_eF zm&!d*ZkLXKrSKjM$@({7@km***yRSwly~r{J1|Tc+6ZeFZ1Pw_4TNWD3dcm6Vh|FQD6YwQFIqv#_wcF*5TkQYApad(O zU@q~-Wt+c?T6p}3PzY|a4=G3lLsm`fUTaaOtY!7EH%}^{`Yr~nrT);n2LbgQ!<-D~ zXvI!uJuCM*GpF=%r=#U)SI)=V1uGkihq@HuCiP*U@Ep5Yp#Fnn1mj`z zgA{ShdOT?q6$00+2+~}NCSd{y%j1^fw&Z!h{i&q#Aci9t;DPX(UJ3Ss7_|WeZ_O%V ztLXn=%EMcABBhnJVfjPnniFSroZ`|wMQm@%vCT^3gaFs;c23k~zXq4E(Yo@Gd% z6wyEZEtg`hIhy8_lJaf(R9MG?5V(h}_5eWqPvfTBMd6qhitbliv%~H=v`m!AU=+qL zM}ej)0n=9!w`{lLIF&WtT+8jD*ef9^o~<<3VVUcbS~u!_BL%nS)Oy+-toOUMThi9- z>MiZsw7LF`bLP`vv~9JtCzE8==FV$^Cls-~OY1huo~7W!c@RuIgWv~{v6coBTL@Yy zfE14c(F6x`TKr>^Y7jvqO~cl-gp2=b8?P3!u0P&U?!oPPw(-wRhu4nF~x_+X~! zb{;GaA8d`y5IQQ+@Yh0Wp>&13_(_oV?x0Luc2>8@4VN|n=HkT_P0LS)M6O>T1z&vc zXHncR=Ncly_pmUC@W}G+uF%(XztHlZ+@`|81ksI++Bd-0H&kZ&_;v`aprU59z^eO* zpc&(@*!Tz!hZ^~$Au&GujL0zB&6zomgl6Tmc_4JRt zaeCyTnd8WgO`~iV63Y7TEGRyoX52o-3rrUjC|yKaefi3&OH+6myF5<6VJ7GF8; zLhE-@!eHgkz;tSPNWRi90Di6{hqd7Vqo9BL7exMG%5P@=PxCaN+_X*uAi5ZA&<{a7 z6)|}0DT}wt3cpA>wMEiY(F>EUfTKaF$>?Q}!m}%9{(qj4*VF0L7~TR}&7~;)U~@I2 zL``tX{KjuK+EZw_*Ye&%6jcfhZ=`;)82sDDHXSqDH~?%6zJFG5 zROyE(w*V1!0N<-zOagYGhez3W>&{-JUYD#ga>*vT-fg*{?Si>@s zq}6w`S|UU>+D~(rpHGtXnMeYHvn2$mS-=6Jkr4g-aKqKC)qlx9o|ptw$SivftsiK2 zo|e8#6cdbxy>SQ5s6B+scgJoE3s0Jnjs7`Wt|K@N)`mHIh4}Z>DKiY8yTaV27t1M; zk2F`FBdpc^<1xlh2l88Zv?7aEul3nGS-Gc&=gDYmTondTs;`rV@CQpJ@ZP_MOBS^F z^po)q%23a1^KS2YJ8Skod^GG8em$8o8X29J6fq&&8J*%B0HrQqeVoVv;|BSMf%C_w z^wqy#g=O)dW|EskXpMW`!wzcl_q;@(}&z?U4i0j(aUCY3ne75Vx3EO9N^vhG&NATri4e z-Pj#5v{mRUiL6Qvm#Q>2&5akjMcG~+*Ne6vjHh~J}f=w zNof@9C`JzX9z_5E^tvu$;DPLIdt#pq%@rYF*wWl#N?3)LBMJ;0?X5fe=z5?1UruGn zGnT+Pp=F>%I6jQ+2NW~l72!-0NspC=V_q#p+CwzPTp#(+kX{?|WS9>X9t|0jW4jDs zk&YRR%BUtLkEd>2XnU@|)}fb|pJ6QxK@Tzdi`(F1i1hPkf1a`=H${}_yC-3F%~huz z>Z!F88T-_IL@+mQoQ+zf%L3I1f3_^w=u+FM7|sJxA|o|{wNMSm@I9H?iaA~bOIelg zX(0D})!Kkb7ovo|4fEbnUja_i;TBV!X)qM1L}TujmM9(D!fm>3kSO>oj#618sECuf zglxuIj@KMZpgUO$Nv^@b?^^G?8fn^ox!y5S<)%NQ17X z^->hkZc@Gx!7&pso&my;L{(=w-@yt;ZRP&kF1k@QBotST}rg0)DthbxXt zufdiU{CQ`E!wzwAKzSJC{fk%-%L};x-Cb=RoJD{FF)j?@tlKM7`hWmCaoDXcTMFY? zc$?I5-w`%h*$ls`#^ba(DYy$ZC&)vt{`+)kcGIh2+{_oBPn}}pv5o2bn7AK$clvZq z0JWXHO~f8Pa?;e>+`ZvIPXg8y(i#Qe$57K2+hFr-aRevRr2g5)*K?0LY8YHaGYd;( zUr*U`+LMRDzY&2M6&c!Yt32I4E+64HuPW^M33ezdVcY{%3qy zO~6`U43tbGT#abH2pV>ji}B%CqjR3%JKdyIOF#7BcS@k>ag|$FXo#FxEY9{200aBc zLDY|35tzQ|&ci2hu}zr*C|%JGb)@}P6-L)uNJt|%8@c<*5j1ku5vIVCJ%P!_jg!}` z%eD@ccXDgUO53Dhex+FRm|mAk8b$Pdi%(n)_($PAFf7l z?HO$fyBAV)3UKR=niwX!#qR4yD=6RDHs5#&syD=(IB}H>9ZkP1v7sMxx)zURVHQH{ z?1$xuMpD@2*#W!Y$~uyuuSgKgU91jSysyj~DK?W{>I{J=Py&_wxtLPz3T<6tm+tqA zpMimDm5ZH>Rh-FBv(b8WF@h#i!h&}(xh{1(<8*uUl2M!^i+U*0lIMV7x;bbD(%H;t z{hnXd3Jyo1BObbPq8;AuVyIzMTp)h1mHFH225Yj#qkv_hP7zd<^289-Tb@x=B%o%~tAdkh9kn<%Np(U z7%re8Lw6_EqY!B#@;AGMp*n=^6tLn$8tAnhvO5v6W;lnki5u&MN##-AcM=mlyFzK( z=lRxMDtlFs!b)S_^k{VN+J2E!Tzu-6;7;?Ivw2Q2r%*(=fMA)>XYzBwRRa(0`x&qh zbb4@ZFLS)no@P)lX9rNYpcIHO*Mz$Mpm$wfhZ8-uC1=j0Wz)utJm};8)HB!w=AWy?bBJGL#ShRsLR25I%2Ak3rD4r+>X6<1I+DQX#nt<@tS_ zDFhvX_9dXT?-(KGCc?K^i!*oz3@f1tq3V`Uu1IljC3EbIJGUxcy+%19XFGY7u-jAe zsrU) z7`4n9B_u6K-byiNS2l)ItM3pF**v!w#k*f0kO4t(;zFhBqgK(2T6O7T=dQm}b$0!W7zW*nP% z4LGFDdfBySP~^@Yw6s?3)7*DbI(*gcbbjc20JAMKBwgx!tFDl5nf4KS#N`y{p@W(A zi@-n_dQ`PB61kn1wJ^`UHdahAfa2@hYPjMp3-zVh0884>DS z{MZL8X+cDz{K97in8723?ye2^BRVn-_UoB&Cu;5Hjh;FAtmu-6iUE#v;qA1$>J4 z;kvKWf@cW?s)byY;h_R|yz^~_Wis?9OM>G;B6}?~+HrML8q;~A4v;w293f-20jfhI zIyA?(#VU<@r{(xPRM-s6b>(gYOcS}nvbeYmZYN?5-a+=XmE!0x6Jh;G$df)P>K=iL z)H_4uvp_E7tss~uBEvpiBvMTlW#b~kf=yTUF`>ZIi3$2>f12c zA>YOPb~Ndi()TP;SM!(=B583{9*!9QHRC^dWK0qFsxu1?mas@}e3sB)8-|x{WKpGXKnd zP)#mG;*Pp`Cn%e9L2z1OO)apk=S z1;1hg{d8_j3G#{-r{_}HCjP)VuwP44r~i* zuc^5Pr-P|Zsc=}LUNgHK6PD4qj)6w{e4{yCh*t9Yw|ppz8~_gfcsiT4iXv|B~ zpAk!ZP@6EY*G(<-DSMlVDzcc15HPo+e7{4o45HuJW_wkxIS0x*=UJDzshF|z6v#k? zR4O4E```D$Iq{z)*^2|MMeWi_FWvzi06dj+dF|UxU203@7{9d^=%EczWq(_QUr0MR zaifSCcz!qMSqFozhF4SJ>n#lZ3`ymj@M5=*FTa&QC5$;~WC5OujmY<$v;Qvn>&au1 zecBLX!Mvi9;j8(DEXksVU0`d;W%o8ROtSC{^=*isPtybd>fUKIXo0AG2Jys+LrUq+ zkkS%mG}q#Fx@Wx=c}`uhi1x9}m_E($@2VqPY^2+N?;<0TeZ3zbn()nXufR#N!B*{Y z?le7eELLdTpvkTEa29>kVMh(S%_jvj#;3D|tbu^38eeEP(!J>~5ok~9RtcNz0E_B+ zTzZCXUlHCxXwC202u|>D%cX%bXYWh!R+pZ?B-3In>qQ)anj%Rv3G+Dkv9v%F>I5%H zG|6frvvV#T3YVE4&s6-ZF(Q;vRwJ4^PY);nF*3cYhp{gaNOgb?WMaTHm`7?7VDhaD znCm;nMk-S+AaCTqgtGs51lfn~98z7lf`#)j;PG+q8>*$~cu+){ZWT5Uag2YB%q*Q{ z0T*2M_)c8pLuSrt znYXE;jv(~Zr@ebxDqiAcv#v>VZf~{Juz+y47JOF z=YvDhxfx}bap^IT7JcE=`5%3pYzHb&@UE#=!wJN|*3P1a=PL}6Xz3Ee?9D!Tin}#K zJ{{T5%XW`VOb;nUhUA%O<}r}b{rL@Vs~N`B5MWktjPDs&1FCX~9#WYewcYC)a>Cn}f)L0>h~VI*%X`_q zvFD4%dVR~nf2Kr1h#~Cq`^4}Wb^t#>z`qMVeuN$TzmLn29ZrGdzw(~J#d9TM#qu;% ze-T8dBNg7~-&~@WEoueWxG*d3b8q+-QjTP6OwR^rqhanDORxmLr%XH;k2XK;lQ)|s z*%hPo8d9$UP#oUtT0;gG#OGYrfLm#QrpnkREMNXBe3k5J9m;WVA|fXV@yp-%xwmid zr#lQ3A?yn+td1K+NjOTLTfRXwHALbXt%=Ijtx1>4V8E*qh}p5h)f^_?m3+c%q_<0@ zBD<-#V1!|q$yZM6hlk%?_0Vp20|Hl0+IUQ<2QG*Ja?*HQY{2nFuG-&;kF~Ijvb@s( znm*|t$PhI#14ls?Y$v;+(k8X!wv<5*Ij!1+aN$K-?%uqw5fVI4>*8}3RX3Lvj8h@G z4*wcwiVcMtdUOUB20Q{hxL0Q92}l1)F@*MKKq|~oe28KM)ZKacIa?;_l&Gs z&i77w8v%B0UGFoYVxdVd{ahyBjV^$C%m=s??1D_1e-oJpJxns|qZudvP6Q4DkKrV< zu)a_LznsJbF7w{|t#vmjAt>_0QjHJJrj!?_m^Kc*>g>dnA@2GZ}KE}%)+bL3l!-6I$ibUr9h>gX4&8>|?CwA71*U?^!GIjtHVSK(5P z-4j7~mXTZ#tw4F8nS{U^D|d>A-A!Jw>>ZpqOr*^NPL^*vfs>`Jg0(6;BmWmK!{DF= zv*QatdBxQ&A^+s;z~~HjU*cDKaAO%IdXZ=~o`KXsFnO4PZ|pP(0Wq;O?MvTJlS_kp z5r-#?56cm2dR3)g*mAdnQmKM_N%U0c{61G;N_4gXZ1a+ic3hc)>b_3Oljog)@F%s^ zSz*i*%77sL$QY3J(OZrC-L-4v{+h}>?s=G(IibeUVW z0V{!gt{+JC+&e1s5bkRjU9GK-L4^&QN5iUrinGiB*3!DRPVXe&yx8hNRc`l@QA5Wo z?C5OFT+sr=3ozZNmxfjHJpv9U^m{9`EZJv7*rQolR>Si15)ewDBfOG?Z!&rZfvN97 zWFZtUS(XQO@VT#wNj?)ed-!bCKF@nG{!G%Dw+RR*cQt18;@~EtQ&L{yLSU@ZziUvm z1Lk(UP$OW&z#77;S0POwNvw22sFJ0vg@!YfpgbG`+#Kt{*L(aHyTWQDQbUJ$l8(~vE8w@$#trYRz36}yL0mj0Z3V3(?w3W*}jZ))aZe;eW>F!1msY#9;0W* zI}Y~j#%{Evu@8CvF0JvK|Flx+IaMVHr+GR&;J)WcAztdI)$h1fgo&xCpKobS00uco zr(HBhXVwrb(wG$aM-XAzT@aRDvz=JpBP~Gfi#rbSFO_<+*@`_8mB+aL%ujGR9Ow{>rvX`6Ci;gLr8B;4PT(eNL0w#3r663f5s*-QT;o zFU*e@8MS@JOBYE-_4%$3&8})-#GNxlu`YS$$iw^Z7oVf zeBOCS$=Jq0RV9sFC)C^~j`@a?Z_D2zv0OdUvc2KwO-g59qN8NXJd?0DBfLdDEIs2h2J?D9^6Auz%}0i)0R zny3P8`oEs%HR|Ipq}lsj!q+!gSj|R?g??95b#y;~d_KFBM~49ySaZdU0Uts9HB9kY z>HiFt+5cSxD>ITPT9gE&E#4j6T3DD-q9PX?`m+~O&^Ls6o7g09sJ4^M-aWg{3<>%C z7wKjBXk{nU3RLc>)%%mrtFAv8)PXtrCSI<|6g`5l*C#hocGlt=?Ip3*`{^{^SS8jA zTyGy61e~l^J%aB5>Wjw)SM?EwRune>TWtZ!B_f4yT1NXU@@i3-o)a zyAhj^?Hv`85itj#UMSpfWZ&bye|~A!g^Y)P^bVFhlT{H`8ZZ@j{WsMsm%TV5`Z*X7 z2tgVxw%gguhBro*HaS@l;(lbiWjKg9b-VemS&D^-W&%QL(2g-13K9N~ATk33=V?jX z&Y5~GG;(k%b(VB(&npi{nmo^CSluyQhdpxIK<9_Hv|G9zaqF=dQo}-y)Z_qUVP$Pc zjdpVxBl(O?GjsZIA<2#mn(?n^ZE`}9(2Wj07Lj&jZ}I5|{Ik5rzq=xT(vK;Uph%qo zbT}2Zv%6EVU@+lF?Q!1*jvl~*V83Zim3ptaRPNx)Mnqc$qRK~Ot|^3A+!-zP18>{} z?vKy)tac^uYGV}=N{n6AE(ny;M!O@IXs3RM;P>+ZdL7l;oN?L0t6q*5y<;cQ|Flcy zijfYs{Kw%y`DFwuf?s5up%JthZtDh4JaazKqxd)DmW{fZYhY-XMzMq|JTS|fw=R+~ z3D};o=8s4863yqwx>CAxn3l&FU2ekMM@qMIS=9j#rd1&23;-nBDv-c5R>2eNBA1ud z{NDv#B3FocK;tdI(qT$TzAS03KS@IQCZt`T@yCeHEBk-yIj3FD-X%6^rl;sJRnXm{DsHZmEN-G+jl=k`0T|Y#jg3f`FI(sPD>`STyi47yh zD!HqBxai=kKk>0zrM@0;5%YilIs3OA7wgSrj#p}g?;L?07cmPIM{03ytf_hm8)$rh z&MN=YW=}loVS2JsdUFJU44gY}YPdvU`D_*TcrniJQOG^xmziFZ+XR{pyqV?w5K@o2 zH4Rh<>-EA9EjSVAyr9i#^~pA%RfOyn)E43%zKxzgxm)Sj+kY<{l=o4o^zPeqN77hl zMy-bZR*j&*eVAW7r(N-+ZWw3926gdFPw1ZBX*!$tS^eiZbNr}LSozMc-Fk56-wp>C z^Y&8q++_$Qy8B-XE#abhbJN1DMbk|f@`t(+#3N=#sLnklO)`?m=0KQ542iE@&PLQp zWEp^ExImNH1s8bxeFBbw?phWge*qT3BTIW2Petizn&Se!Y!c6&P4*p*FeH-^ufcEG z`%Nt)*ZU_blnHC{c^7%(a)Am+gw^vRzDfnRNA;E^Rg`^Uy@jrzxWViav9w8|C5MAA z;FYYxyA<=be?qqXU9c0{Wlg^U@PqN4V-dP?W8f>Yg)?D#*KhdeCUMz$Y}ALjcg=cm9xqH?9m73S7Mg z^U#~rw9;~=S$aQ{?&iriGMBSzyRz?a(S#IKH~*iY*nd1IQJklddRAE|3)_G@_pAE< z#dY3A^M*v$@ECRbB{b4AM(n2;)cJ{|VQ<-|FQVZsRv;f7g2^v0;b+Yu9WATSR#-1H zGlYT3*Z`G8Z4}G*O|R#!CH@=)CCf5&MN=>|_9LPmj&H}bK<0;-b>1b2T6pp1$EG!o z50NfI>&HaXZ?==i{(hFX6&bm&$eRa_vvAYtTdRmz4+>IDnLpmKO3_1m=85nsph@Hvx`Jx zfkqsjI1V^c?wpTza>%+v9GpL51J{Ig796UyF8yKuaH##l~2KJg&>^)V6I;+_Q=c410HB5SFv9;mh#}0kFS6 zxS$(V1}(%)2Y<{Qs^l+a!hMOEKO5Z$d&QQ-%Q)y`w?U#)fn}y>8hg61MyhjN%r~zb zL)fB90TAA~z-5U@aFm`sbYg&32={vdT?VH(Y|BFy!P91B@yKN3L2jquB8nc%Uy_4^ z|4eBC0P6E?@%w40a@|JBH*Hq_)sY@tf2dA07%H%s%LKT8m3@4vSm*@w^z}A`3319e z#>b>CNtBUWFjXJ;y=UG|!FJ#=#wYjlxk<^_kHzfUA{?0K1GUD6!Pzg{^-&2Wjk_b| zKz_G_PW-Qj)-nru%s*bY0NJBxPd$J!=@141czj$n5U+XSSyIKxLlLn~HXzzWWpVvl zl6Fm0iA!+*@-^%4@Ru@P#@3VK94{yKH-O;CjE(r6qt&lRu zs+Up<&4eK^Wbj>8BDq*zKX}*jj=^-?g(%g8=!z8a1xs^S@%0h zuyE)Iw6xIg9UEmeF$wDj$7=q9pcL9)aKH;YdJYMmtf;4sPY~5nmvXn&NKZ+}igHWH zgk8j;c6bMdla%QoPO0dVMk^3w%lqX?24GNnmQAaTg)F<4R)#vv4WLis$(#v~f)agY z(Aqe~UuP536xa^NrcDuTQuO`Uxs_||7&LEXFaXn!;Z!V#J5m#w>7eO=edzoSlyNDT zoinAcOTF*Phyy-zfF|0p51_;$M;^|W%yP==L%YU8WoKgPb;jl*&>w(nj4v{2SQd|k z6mBNP1C^{uvVw0;&b7q|<#k9l!<}Lb2mi-tBL$n18-~PI#kOD$SrF73dcOPMam;I1 z${etp{RNib9QGg@7caT1+*qR1e3I7o7)JLy^>1i8cSd2gKawiaC0mNef8rM>Uu*vVS#2 zj9vzVpTlJ>`mn_!cov_c=U2*>89E(~nk77HvZUE94>(~L4SsuTrLap`B0I15cf@b4 zP>agUhQ2RfDeweuuYHj>c8F9Bh+nO4myTT*O$E8frNjj7+H~x9(dWO0dKkI2$lL~9 zg6`kG6EM(YVLZX~9`9kr*|H<_lit`glD`6i{=QhGQM~-oS3`(aW-&rh3l3No1JEEi zNt>6^8z|QX35?xxe!jITSsJO|8K~A3&XCNAc~!5lt^ZuE4%$lD-S}dhgftwLwH*eI zE6cpBMGK|(HQ_Zo%0m#EPZ$?@8bN$q#L-ubZ(XuPwCi!HtBBM z&tzTr!N)o6e5A|;YL1)0AXJg45M1AA;MOX{-KGW#VV(f7Dh)fEaHBqJeOoI5hR~X{ znZ#|i2BA3;#=L>gFb_6j8)2-~OjaE*hj_(L`VB_iDgC*Pb(?q<5MGkntgL6>;)P|} z!vPG&b&w1firY4*&`UBVU5O0g8o?1c^QGt#F^YW!{oB%pXUy#DQtl6%HDwpqB_k#y zCw)qz-*#1}QIW9r@W|sZ2eCAnoNp~Cu9P7z^>A%hfy#Pnv2^s6D_6gq6x-?HULIz( zZkw66n`ZfX!U17wKF5bBOfJybE+|6e^p*5Gkq%L$>Cd1g%mAqbKt-Pyj+B(+?8E7M zQZlA&Hts=Y*_TqfTQ78i50?S05(AwwH5)+898)R{Zg0|s@lFdlLl3q4Do9Sjp-bwHp+P;b`vi3yozPIq}; z9BB8Vi7W?iEly8oD^f$`eNVrF)(;0)=s~ME(2fUiz@;|n-4+x;B+iIGgm)qv+o7TM zV@j{-q5B+8V24h~>CDl)1TtZGS?u!j1}b>}*WZJ^8{s1gEnC}vTU2KUP659Bb=_)OuTR6P)EzIE*zD;MF>BZz>x z)qUu7#CezN1#R)&kGM^(y8WV!;y>+@Amufk*9b(n--{up>?BKj#D793HK|F4+GVH3 z0k-@u zG23)>pg5s}6j5wefUr{;!KvEsvRsGy>HbqOmJH1HF$_Iu#gtKVIqxS+$O6x0uZM~# z-nu?x#yLL`qlDi0HAIJz!Wp0YYFyzhq6jSAO#}WihQr8^@?chN_J+d#XEGTmFvxA3hwr9$s< z7SE6=b9MBD<13x(Di*Y( z!SwvHYRc0VX(jl$C`o|YMX_N|GOhXHBXT*5w9uS*aDGo&;w<8`()#{Wmd+QCd#9ht zdxmUWnxfc4a{~Ih3!=Q2w!Iy!TMW$VC^VxPgz^9*ZrA^$CA7fMB(gc!t33WdKD-=P5Z zDiLbg(K=%ov6`M1ijWT3PZfj8hgMyMM*gBihQJ1VM=CW5E8i}s0kSDg*7JxP&=*o$ zmEvYX0)oNA(kuI#y_Qy0r(@B)6oF^w9#dQ2A=Y66P|I`H7YTPyDo&3!!>%AD|E8M* zY{E34bQ`r>Ce9Jq%D|E3Sh5N=A~FW1Nf{XTUYBnab*z1a+|%{w*B_1NX|yD*GmC_y zL>VZ^UMTGnpY%vi%QJs7H?$=%aYNR3RH{T!>yK^pa1)S$DJ zLKZOzmKgK2>-S$v36DIT_F$?`8)n=5r-5JY-yKq83N&}>@r2F<$IZ>c?1DbSqe34Z zd5abv`@d`(G+yLqnv@qLuGO;?V=F4~6?-@&pU+O*`UJ_y#P844hyxXmJ%ANqbU^x#IoIXvCGEu+Ylu37LLYUF2Lr zx!3~gbu7E=TeMUC_i$81FY0W5btMdQC6{p%Tg$WmE)Bs5fg;LcL~T4fvP2TB>|pu_ zf2twSJ0Y5t#v_dSI=KZE-Q*uwPCJ8@lUi=}n_je1VPJu0T~Omv&eZU0u+*G|J>-3^ z^@s@rK`KbhC_4o#NW@xf?Y_U zFpUE%dw)y3Qqqe z>Y&8JsO^1b|I`qYNRje$AQCP~4frm$9|r5Iu0bo+3`3_38o!!r+TDAqDbX>tQ8%qX z;vF##y^vgpX6FuFSi9Ou#dV=>i=^2M;+`(tbJsOT2Tx<#N|*|Ym;M$h`5P7OWIY)h z%SbL`D^w^aH9yjqt7A!NH&oR}qfc12rM8zWhW4E~Y?$b?j@=p%n)+fltHw!36x8#~ zgHO!c#~Wk1^X4{@(zLH>*c2iPL|E-x2UbMG9IxQ-e<4By$mTnxyng1>4M- z(Z!`$CM=wO%h+xvqDy`B!vjPPLH{q|>X*}sF z^=EG$4*Z5#hVM%`sTC(eY_J*b3kK(!i#)t)ui^!13j;!0HHxRMFdw3EC!1pYE`~Cr zv>>nGFousyBos>Cde(;%pxQ&g8d^0{^2pscWheH^4~?Efa#_CuX#*7%FiqD1for}l zkRS!PUa;9(MY1>*R%~pox-e%1Q?I06!&)-s^dCHPC<9CC%1T>#z8U!*~wwzk9 zl0w1yD#V0${B)PrxQ+@x%CWBx!G}O(f*0sc!3Y>Jii)aK!=5}C>sH0FCVd41lJ0ak zulMg}(f3>|3H2@l)Uv;U&KSDPW}N!+yVJaK!Y3#I6iMx7?X4TVNisbJCs>w@g#(Xr zjp{WW;x<+P!6>XPGW#zBc$H(HVDMT|Klo zFUG#e=%9vcQyN~vikWB$^JO=c2><)W@B}Nz1MOzuP>RKWuh$xDK~svSLSdhN(8-e_ z?7rZ}4m1Ge$abS6r~`MoZ>Qe$?_;)bNvnRLFz^CS7W(zokzPo{Y=N@D6UfrlvX)J+oc%a4 zs4BYoQgzt5dQnV-_x=mkPBk^MYT_md9x8oUDaz~>EV60pP6gU=Rj!zQ6dyjAJP5Xc zl9siA<`4_WWu$FH_E?@ewnu1P6D2!U{&{9@Lt?8v?WKfSmX{U7+g*nE{`zFrB~^6| z*#VaZ{mcijw{60_@(dRm^Lf(RFA5S)R*k%Tm>JGaBbbf)kjNqo>TxGZWjxVtG14deh-T z5y?d?6o)-@3w>yKxWgF?K7=&XDN150)^KTwNUBR@63m_2hL;qH0y3D;%U3NX(Jl^; zcwGZMFFYXRao&nmO7WZniO+C*jKQ;f^bL<;P~{W%;SP&K$I7O6 zp$PL=-Qwtz{)0wdG%HJ~4y?G?WE8HXeY6Bf-8Dy%8`71hyVdURFENcovfIvuclV|M zWnf)@Gc-|9j)DQ66VDJy(OP#En%WjxE~_jSw{t>a!iuoGUAiGlVEVU8h)nyKGWWw z$WsSj@U&K*V^Q7;QC?I5HB(YohZ<2}@YlzUad=L$FfKV|_)22pkkIWOCcLqXKqrEr zR2$S*G1DypJ3bk9pLlv--)$jH(3H}jgjnyq8w(q^yRZdjC`@br4Lei;NcB2Mu3b2jSM?MROb*(In(YU zsEx*1KGh#+9?7(ZpezA9lNJALi2tELJ{yGdqq|%w-%9S5OS+Xvz&QJmq6hDvhAeyHz+Xy zZO|;84B_Yc8W`znn5G}?we(5VSdl7MfSvBJ+xz0qAyTz}v%1~D?cR>sCDUY$iP7W|RZBj3?){ z)1b+=(spViK4Ti?rV7bHQFYsu4z9TFJXtYuhg6!GLVAz90F$eaNio9_67#aCO~ZJ5 zRiti;_->{@#7O^8UD(J@?uofHJ_+(D^;{7z+GnEsXFiY0(qa#xNs$_A%yf~LLvKFa z1-|$8m^57)A7_Xdv?Syh8kHBrGBMtG1{ zYhf5-l#Ncca>#afzM=Nt1ch-%O8QPkfpog?6xRC+6@n3 z-6(~_i~fOgK!2dkM68(A;aCA2!PZ(@@H;(Rg9sFKaxWLWV73#642y*01Xpm_?-dVM zrsqC8$JnEl)8<42?9p8XZoT4T#OZ!K>s}KumgD`;jD4<#4D{PiEEzun7>QEvJqt-= z$?b-SO^!DNkQmat8`u(ukCs>}q8I>sNA5}JAyG5|cA)qkbiIqV?CCP3ovWw6YzlxB z3)XDgzBuABYC5hb8qWBTd)!vp2z^~NP5rW!h8d?htvj?eo|SWW9}5Rio-Vr%QtWKu zMV?w%mL)&!igtE>uDOOx(b`W&wg(2i*jfW@>V#6I5iLEasaNP_{>bu)CrmiXs`UCR_U^lGL(TqC0LNt_{Oi~V zdaS3Uc$gr@yj@t>deK3?1kTNKFl}*@|IA-)2vrgJQ4s-LAb>?T?Da)IQr*DDrI@3m zFDjJTZYn}nbDK}72$j?5HouzF}Z2NE=**MxX0K~Ynh8b|){a*N< zW=a4@sJP$p%JlZT2%)c{PW;p9T%-xX@k7(wiDgD8?1q}?MLp){k%!0BJeO~NC;MOH z3@vgvXb^5B*|C(Ajg#BFnwC<~z1l`2$ha)hd7E4MEg1n%oh_a76?PsR9Zsz13Ulpe^Fjph7-CGY5;AD9SO1}nI}S6h^wV~=+)Dcmy9+dsABm%u3N-O6&Mg%O zL(=MYQ!#FewdPjzp8>M&uaAmp78A%AiWGX*@1{5Q@^@LyU^tj>0Vm1ybhh;;}5bn0@3#YsY(Fj3zeO~&J2>gkEi$o0QWxlBE1 z(ow5*{OtXjMR5bGcpOx)b{$HAh)})J(VzW>$w4o|5iYyx&mGeURm&Z&s>T5}+SqZ? zSxVcd7ZXcLf2vMJyz6f%wk5Trhfe-h>5J+9?qBI7*M6f|@C?7heRDR}HTpfvVQg=j z_w+oF>aZO3JU|;a9E(KWMcSKE3A#@3Q!%(K-xWBUt6O-=mSlPlsnGt5cJi5K(TeDB zY|U$WvNk}vu${Y0mlwAK{Duj-dfX-VcsIQKm7SBL6B}31i`xkA? zA4%Pg{oGamdn`|EMXm~G{&}nw8)QW-ZkI~bPrFl%J$_kgi3abRTzd5twf68QP#S27 z4fI;-H$tLMZQqt$FE}ppNR8rLOvxJfs?q-h)pcJ6T~Bc}Gj z6S5k6{EK;`W0LqQI37j$))$|`WxkT>3EU6p{vip4z7-Xj{7IPw7N*H=LkcO`4lCzJ(PW z7}f_*D_7Fwg`a>8z_53!=ixAWqhE*Ndj)M3R+)7ARhQ@nw7NuzW%&g<8Jvzc6&;x? zG1ns3k(t;S8N+vnP|B}4`#d72DJ81d#F9@cZpKqpxrm3G6Nz% z9|leYGW`51#KUw6iEj=AIToCeUs;38ZvUW8IM4&zPsAh zP2bAeTMsbfoVgkSte$Xl;kexKD*b}B){)CP8?SX#1(%js$&H3G5r{SNPUD9jnktB? z6;DHWd-l5$Ce4{C2d5|6`qoc8nnbxDH!!S)Uetz@R0-;Z{()JQMNjXDFE3|{j_nP+ z4s~*h+Wi-}SQ^ryBRV1Hg*X>G!i1K2Gb*o@1w8r#;)^b-G%dx98|$5U#!sT(OZa4* z01oK`iM?Gc`zXD&xla0dH}-Gl{_rrNaP9T%j8l{w9 z7czI)n{7r!AVi2A5se3&JOR)zwc_y=xI;D;y8v0D7a-@SoIt@!970{?on0<%LkL3D zW(swJ0r;!(q-mcPNz*M_9v~}G`ZJJpn;?EyNn4}rVYHcnZC$GI3AGIx@{jQ7;+o5g z(fVupZlA4j{HBxqCA%uAjZ>;m%`8alrfzb7m3Hfp;bh@pOOf_w1vkt(RfP=^mnxAe zFm!JnkQ+Y!;J-_NR1(2FByamLc!R9~NZ?1Xh1M|gp{f?-4i6+=gK}w>wT02vza7X> z&(_W6?A`(|5}btYO*R$sdo=eDajkEN5c`Q?t(G~>*;9&v%>?Wv^&d?S%Hy!Q47)Qx zC;EP}Mz+Es&SxM>$E|LAwlt%*KSP#lBcRBTCAA0vG11geD**st?{ zr;1B(8E&olw59GX*`6-BX~WS!67B9oMPi-OyNk=bn8e)$8OIEH;uqUMXXbKZ?YEU- zjC}xGXw?uRfh}fK2DMI$_F19!6ky|RVFLG9Q&0m;zYAx7n=BYTX{E->ujlZ~+Y?&k z8mpT0omE1X7I9@EiOAH_I0>3wt3&(wj+T$>tC2!dfX%1E(9syDe4o`~ zDU-l+UKTHD?7fBUw_>!neca1<-75v*S<2o3-Owu3t}!oLLaGtjnpo=Ke`{si^O*;j zR8I|!`fGspk2cw~w z!n;QlOC>V!<4$cRBv+}TKFxa{(s?J zMRAEyv=jVcn!*$PMu#7t>aA_yz7M-ilutZDtv7~Lfxg)B zMO~*)VV>nApF3wU0%sAla=C#n=|%^i3SAN#Vzk~^KsD{d+O>Y1#9jC(NLT8Q70>r zqbdjok7f_KoZ~^E;$Ae5jZ5Q^FpZK`*USU!)htl_FeNCKtQrb^|XnO|s^5 zX0Pud7J~_+Auu5~yKt)j{XBvaW*Of6+Rx$ox{)E^Cv9cT%@~yBdn5gdl7Jhz#G6)(Kracp9 zas>DNOiVBj2eIwKZjsKtCb5)UF7%GcSkyB+gRo;IEiSezks#=bxfWd!1F=E8_FbrK zXY6S=RCDx2zL(95nu;M3Ni=D7w%7fB?b2VU$&deUUHMp^0ilsxljGbFzu7t~9T7*UotMro++*mcnwD%x{`?n#NKIvCJagI4;xup_Xra66WTZ(U{&wcag~ zB-QCWBUEK!8EtA~l!Ru1oQW9r4BHKJY8{7pi6|bigg>H&emZ&zpRs3=BNYvn^Kf4` z-G{dfBLJH!Q#;VY&~foJ?wkS7{u-S$oGc7HgDj>{HCH{4FPE}l>aTpOVN&f<*i^`2 z6BZ>j-f!va6-T$CP3CKK-rdf;>81+aDD6(`U&e9dv3$5xbtl30@X*NeU&soA2plvo z(b^lr+(;H3GUy$F#BTJ_4?LSy_?`v0Xwt}-070FBTHk3N7#nG$3ka zKd|z2(ekTlmP`V)l!K3x^=jwnBwJRX1lLhvCe{pO`d(NW$T^_ zRX2F|c_@J_RtqVV%A@M{#Y5{yNW1{XeP^xV&xJe3Y-!^%e;GJkSH z#Bf{7Y~UL%f+A8XrJMpUYL)CKFYV{MI%nd+*OdUPjHK(LQ!}A&{w*Bv`)AVyD^i87 zy_mbLJyANXV0$hH}o-?u#67sOq%>WH{X|d*2WEfkmbc5ZX%KSWm z*$o|@g9rx+ogYtHn4J-@A(-gM%<$Nk6M#)=P-fD@C&c&{u6+F)ThUrTj1@H35&Iuc z2k9xt%MIv)pz$|+vW`Gnbi17$e}GERR9YT$h$u3yJ>dpsfw4tIHR-qo2Fag;cn^-% z_=a4szeP%a!6)lQ;e8irx-u9bP1{3hvl5TRrMeTbW+cE^R?%#c;jfo0jQ( zP=9TdY^{N(y4SCC0|b95;x4T7ujx>fpuTSooyRJwGJ8yjLMb% zCpgOX;ogHe1V~xI5m8+1jf?6!?ott{ngzQ$#8ynOE_W6Lkx;hcm2&8+Ei+iBx?rl= z|5PABHLO)B#g4cRx4xi{Svj_dy4X~(gQ&nW`ly~^2dWi?BJO#n=jO1~twL0_yobQc zF_eO!p!mtmCPlKh8h6~F%t33_69Dnxk67UCbSmA(WIQQ6`S<;x@9MeF`9A|~Zwkoq zX59t>-$s?=S6=(Wa)xH`ZBJqTVX1fbknHv{a7#Mg?A_6MP|VwdPOLfEMf=E9V^-A@ zU@V=NUuQpHg|Xz?GVMA~4Ngy5R(6E6{mi>UD_BvctGyR<33RiiYS4^2Uej1o^Z!q` zL9eA6J=5d6#_j+AW-E=RvTm5y>N}-Q!vPCNVP>}MysXfXiS)SD($b4rA{2bEJ z1NWPHurVN1UX(l(2sY? z+L0Q)Qu?1Xmu+LZO=`269l(eh=h%S76vK~$O1fS5z^leRwKCVX6YHXVZofEs7O1}3fB-#ML$2YMl_$5@n{stSk}D;(P;3)0jqHv~crj*qNu z5YDMI41f~tmO!6-6B_{eA)kq3)ni8VplmJoI)+^EMM6u-m2FNpC5olZhlKMS4rIt@ z5h7lW(9Z&9r+=Y|`K(q%3LuZ1y`Sf_cU9p=v z1X6APp%91y$eA6jH+JnqrcO&PUu*1E$uNsD_`v;z;OGvqHd~$s6}`hidrd~xv${!?^&N$#B`tBd#+e(=ozdshr+i8Lc}dMcJH09E#csP48s0I-PJf0f0`V(U1zkHI%9hhb@m8CAWf28n$c-94hibMA1K1cBJfrDg zy-&~0)+GPMoA5xndQBht<8z&*q`bVwY^b)&Sif0O`MM%sp>FzhbUO}lsWn_1uA9I9 zGb6v(qk5-_3&h*^h&f;8 zv%V9Kw)3S>@Xx4>hG*tsTw&v3#D+EC`f9OI$!C>D4t9{!UegehCIjqDZSoiR3oBcIym}-U>-KgCK-vO(gj3w2MB251;`t51Z1(+>Cq_>lVb6msvp&?lws!ZPlYe3*HDk# zt3IX`V(|x85Y@qOY4INTm?bjs;Desgr{Q4{*gKY%COD2uu9gKqWFW6WNh<%OA?DQ3g*r1Q@NF z5-UH%L0rV3*lv9QjfkAU5n@f9mwP(CHl<|n{*BLEnj~J|4r%l22G-YTF&;EGFv2Z2L){gRV`+fn9=&C5JRk*R&B%Le&X7T~{# zQq*VU0C1R5pX-+b6xNXdW+WxQnvh4=wtbp)-b zH(1H9hoRZX=xHDF#>d$!bx z=Wokt%8$M_Q|mDeLY#|Q8gegVqj}d25!!}u)l+?h)o-JwCv64R(~Nyna4u1}Wo+BF zZQHhO+qUiGZa;LbjjG-c-L-pv-}=_dC_!$6v?T9y z;=XVAP4#S3BY2dg}bMlgm^KvzU#=@iOh*IiW3Qm zD3o14^8x}D<26myZRqXfCGSeT!n8C&Fxzrd^~on*Ia-=$@|tUbMRL>i{T`9Fu;4kE z&*q_7(|oY^ZFM9z&Qxx(vWfQ+*hK9PEJ=|lEgA&b1TukXQ zFH0m{!sw;E+hV@xuYqm`F{4;^D;w{8_kM22G-)*3d2vW_uc7Gdb`ql0r@3XMqQqKr9_kz7QC)5bK*&1-n45pnGSfg@zIeMBjsM6$v3_$BADUE}mf@Q`04dGG#gTFTR{_f(6v#OBpQm^uI3{MhR;>H**&vMhQD(H*+y_Q%5s%7y$v8 z|MN7jHG5Zgy}Z#mc7+f~PY75fJ0dQ?Ccn^(F_sYs+?7I7p>PNZv;+ggtRBg=!nGPoi~s`E zScdTZX%-X~U!BXpu+fLy`?s`aa$sWOjy)L?~ASD?d9eIBR-c z{g-|(@a6Ld+3zQ$n^Y#wr@-9b~q3}WczrptgV1d2x%Z7G5*CqIE_5o z1#*c1!n@2TG9dV7yzSv-LqG_kM!SGw3eFPLAKhO3WfZmg%a=T5%}hN^<#eF3uOnc-qXv4Jm?k?l@<7_HKie*6b%lT>B}C= zpNR8jlvYtNA&`CU`{vuGEUPA@EOa-}(6@-tKRkS8y9t198c_-J)X} zI8#Caa{@jnuXJ&LG%AY+*@ll9VtFj1+i5s?gfn}H9h4tc&6fRlld3RrG2NHSo8I9u z9ID`M{C99nReEa<(3sjcr}U2R_YRob>(aklTZmWB6ZiK_uTuK9p?OyQy{ruZRbdvZ z1a(OYvwz{8AlnhT+>UfQXktBp*7}183l_Uy4T!%5tDbst`ha@Yy!^^YJZe-?V z=Y&E$8LVAk&Cdz6Bo&U(>Pi$NO(zfFRjv_HA0H~#gBJiOHSS5O8`iU#G?D60jGI{v zs)ls7N^yW~bo_g16nYG`7BeXt-SU%YX@dI=SSTS9C;Yu26Op;4VWN=;<(HU7 zYlh?I0L&}@Nu>qM7yA+BuOYR)gd(cqG;QIh>mdD3)uuj zZHPQg_Y4=?)eH6v+u4j3mkA#bXJ?*@48|owlLoea(3T!A#V))0FP#KQ@i{pN@j{%~37qz`sV!do>Tzit0SFO?spp z+VjK0R&hGS5Mhq{6b7tW(eWhSGUjuunN?{5j-RtfFO^E__#d;ZaO}rGKGH8{$*?i) zkLCWq)KgX{BhUEkhtbS$cYv@w{4GaHWY&S#QuVKnGQhK7 z(Kwr+Q-p}JRU;8C^XO*hz@cDaVh!8F$eZbVZfJ{uSSF-ctJqfVl)Z!_j#rPt<53Q8 zoX_HDIv%v3iub8ulfbB=5<_IM;q2(pEL&glXT>K*gW5M zwbx)&F@tO4|8U9(=;+0_0)m)Klb1GKYu2#lt?%ST%9QfJ{?fu)mWAP8#KlcQdDbjU zF~U(jrwuM`YIfX%#ezfPa4)n*GWbP&Ofp&;CxINFN_iZr;LD&gv=^vNI*iP604VMf zs!gDo>(!4vrE)Y&hL3+RQvcF0HS)QHO!V97iCbe$_fLd@-q}?s1@#|)l)fCYKmEfu z8&``;htQMfoSz6G{3;I8n`LttFfulXa`{I3$9ruP1$OF=j7ScC9_dN@UegIY*jDTm z!eD3ef~)FvE<^!LS;fy9me*n3X+aYhguoGP~-m zy#uP$+EZR$HUxuLKkR&5MVwTX^I6mjG7!A8Wdu-oc;hGddj7Y>ygKp8i*SG8sAN!p zZsf*~7KsQHg5Q^}z>YAhG_xBg=CbV?oO<3sf#n@cWBY^};pO>BPMn-Ix{Ok18h`Cb z!iZx3BGx~Jo2UvgB)}bl7{}sAZ)ay`H@7Jdp_mua!Y56uH`)T`cbh77xFz|;u9|p$ z=E&G6eA^glRJ5b;Z^}KaH;5HNK?3_I64!+J8&Ug89&(5fw{m0t1DsKwJIr?}l(Hx* zQofe?^IDP(R{4Met`+P6%&E`5{U^lI8ya*<>jMT+=|EO{Jw_+422elJnWSqfAxl0PBW*{xJvl#3R_7-5ZOalVr? zk$v&vLU>m1+TSk(=GU>`i@YyWiG*Aa=S@JbsnA?LCddVv zNv#du6wJPC@1>fRp6Dg9@#g@}k>2xntJemnloIE*3T=SQ3~m^71c zzKkp7Ra}*>0G|Y{bMxZa#iC6bf(G)Oj^0bew&k}h-bc3VTUykp?bAxWnOCr3dJDy_ zS=%BFQ$PIrD{p`D+@@AHjMqF!+nBxBMaLPQw>06&M}Mf>j2Qj=jFRcJt7+S|)Dcz| zW*)@k)C!HIg*Fuk3P7z&mi;n;Si>eKOyF+~x$JZXQwv^#Gj*tKRI9DG-v(AH%hge^ zN(D@fMgAvukcQyfJvE2adHO1Eaw~_?$*+4d`>U@|3Z^{f$(K9zA1InDu#4{IAII2? zwipUDTO`_??EZRf5FBecX<-LnNL6lzFme6Y*G7fh8?AN*1BPy2S~uW^43m=$H3#hO zD?rZT{dD`U1-^rJjO;uiI%lTY&?ZWWLm7D)LTYyctZ>82_ zd8{QLtBl@&utP#&rBP>^Ndcmsf-h;``Pa_<-GZgvTT}s(QQiweUVBWrcq))EwtMp% zBnM8jEtm1-S5#-@iNP0=^KQCyvB7i*lbQ_1K?o3tz;-Pfvpf`HQ7u9D zgFO*q5OfcrwAK>>0626$pi}ZQF^p=42_ddy!DXNFS&(3ia90_7QI?`EsF4?2*7GQEc zz(Q&Vj9PuOD?esr+GOv#v^QX;eN7+H%%^m|C7bHR!-Cts`ic+n!kW6Qa6cRU3s;fz z>Z0UF+Gry0I_*r;@t&|5ZXKj`aH$mPKdq#ULm_up8Wk%E6lxp^JM%H1VyvU~7|W2AK)U-{n zTdHcH(U+9Tb8|yfHj)ycTRw=8-bW$4}6=SZK&xMu5+k_NsGDP$LVH;uI#^3 zjXC<(yuJ-ys@D{`gzBQ?2^_iI@1(0=K*zDA)DK6_k-r@*a|Rci(;0)~=Ee1BJ5n*H z&3dB3aSd>TdMUl+0&!gfnYe3JXe8`>octCt^4qj@kiS_LZdeW)Oc59;aqP9hn@`dr z^I&n+mGku!x_`MtB_ZC;wW1R$tMZW`xNMwUmcjT9V)Un{GD>(&nGFz8NN27=JSEEo z*tz)WJ!D}Z3|Iya7x0?B){iwC5+y^mPJejV?PMH&ViF7ruMLG6e_TEbtWmB51Jpp> zMeet>q!@>AA5%c|{1)+-bCNbBCqOBPLC>`}2kMOj4n4+>n`Q24GP8}MN+Ba; zJ*gq`M;^r?Jt7Yoa($`v^Za_c=y@2^Z;i;HI71~vt1I?>Zc@!rNQkwo0L0fJ3|(@H z*%CWWB4UK&!gT*eJtEJ3H!k+Ot#$QvJA}dz1G7;bem?T(O@lZ?SzJdMrUN#kQ(W;z zrgknJ4#A7F9=IGO03E0HU`#5xMDOsBmfdn^h$-D?iucKiC8=F;;w=y%)XNm?vkn0T zD6yQa^@Ogmy25&}+ed1bHQSN3&#`pWP~Ua9zfP0(gbQk}&Qw);SA|x^`VOzg%Oe~4 zR#ACt+NN=_Bk%~h8_EB5g}W1SAkNeeu%Yh+cy(pi8IbSO@4@9u{8=q%-@<)g#M8w@ zv?IUd!c>IOLw^GvBrWktWevVZ-ta~}ovDAWL*d{Ia1-Ds>7f{#(Sq$OM`qF6-%8^$ z@PPWfkQCahU8ShQNF)d9QEVD@$GR@*A9ZcnJreQ5Uzs4I9O*c5*l*U_&6*sTXIVAN zj4KU@#(1;JLW_?M6=nu8Lgj8MGrLQ|IB>PN7MS5Jyu8&uw;;%}rCb zRsZtNOhDqDh6(R(YraMe&49EkYj&#J9JE-*|AG>?dS;%29WqG2mh<9K^<%)? z)vMk|u6s{3LPrR2AqWRe@Il!Ky(vD<@DIc4XEz)c)nRKqD*pr7#TiXkg}m=@#QxyqFPzs<9umDUDBkHq1|GM!12(1a zl%K5A3x}VL#1@`~R9@2#2y-8EQ9X?{VmQAB`_E(xhh^itIok_rU7%wUe@cb3y*DsB zQB5R}G?PDO8jtGefR0i`-j|}BJYNh+{llw1eoi%_Wdd+3JQallSY1$Mx^2D<0Zf7P zuNgI%edRo?E8zZb%sKkd1X7qO7SJ0L#DdXOR|k5*^ztMns$kRU6Cz8}1|sRbBn3RF z|G*<$F`&*Dbs3W-g}d5is6`zwn{eRb-!a2Qz{uS-g{tMk3|B-m9kxmf+@)X0f9n#I4IR2dm1ZB!!fM9p zJxVlPdr*Pq$-!_8;r@!Hi;)?-!hE14JHhW9BscG3+549y_xNGZ(x4{8um)#xd*?aIjIN( zvBi?E#sG2fYl->!&I^TB-PMPAw3)K>JB?<7onGJ&OGn;#|JNA301>l2jr}o;Z<087 zK=>jMrga7Tabg33q^eEK9E|ne6xlv$P}Cwt}7RFH9WdB{B42$pOp%+ z7#G^fGxIfZ@cu=zX$cFzZCsdRbB;RyE3iOf$zp2w>RbQ`C^A6S@-i#Cu&ch=PR0-I z{P@FIS_p5rKz2m7;vv?+=c=yqt+fd=!B}kp(}iNopNjHncB_u)^Qkf~ zEb}VZ2JF(oC__|bFP@$Gz-zsjRSDMDWVtY04f zl#g7RNl`UaTO``0d-wnTYh2*rx6%o{U=^EUo1nX`PUpKblGDx|+-cgc<&YY(kZOZ^ zhijdYgcG?IbySNGHH8pc`S3!B7ii_*AMCC!yrcBns@gf)k~wV3Yv_B3Qp%UP$g_j` zu2^BOCVh9&c>?^JAQ<&p{LI*Z5RJHF{gKM$X^zrx^}bd&~_G8L+#g> z?7=KmMAy5>X`;$^vPUG!^cA=TCx>Wh$1%W)HL-jO2tWV4-U$jm@P2JZ!;ly;2(6I= z)hC8lQY(Kux@kTv{ZSd%aU9EjQY&uR!{xC>oUd3K5}zjLv3$FdGcex@;7O@#SYqO@C9lMcJ7)It(;1c&P9# zs4~HP4$34MMuqR~WG42E2d6g0qzm#@QL9Z=6M0c|JPooa5Gj|e0-Xev*6C$VY0~Q^ zy)V7QCJaX_5=4pMbk^)7$5iiog54781oE3rycGL|5mmSn;v$NreDWW~>5pwsRRDJ6 z7XMD1gahUAGfJ+Dz0?QN;dAqZyV@5^;+Z;A%pbiZU44z=Y_w2Rm|%ma+Gj)MZR|

^+bQ^ajb(w6bIw>uTsJw<~3TH?}l6c!NoWwD&8c>X%B61l#;6mT|SPU!-P_wQE8Eqli(Flo>lE0L{+x17-) zD~~oBQ$!s|{-)vIZh-~i!q0@$>A-*2zL7n^Ez`oqe>3*K#1P(FWS&mPjIFX66QtlP zpX*PdIl#9S90CtRj&?YnIe>NOiv)4VDfLIEi(o~Edn%mmEUU^r5fOWeI2*Y+rg&tF zAktmsTt{+1>;Ua#}D;*gue#+=Csy7<0fP2`Dvz9h^du@S;XD%1ABE zD_!nxDZ@fL7yz(%{G_IUTxD_Jj#n@^)k?+5397LhWy-0;oAH<7J?8pGNavqKuH>r% zUP6->8V^H|!*s5366vO0IVBo!dl%i%zEIT5{HtC2WRBMSrgL3onsxuI5O9nZD_n|) zXJ8>zIC@WDTHpwp=|&gE*-a!G8Sh~VhU`v;Gm`v0*3}MmEK!yW0F)(q^{U<=!(J6@ zTpn39I^#(H5lbLA^vl^q-cUt0X(iQtj-UGmKlXP)<5&1HDLG~R#?$#N6z@DTR0zTb zq$*-C3O4DxMV^3p(!m_uV36b8d`}FQe0**~y-o0@U9Z&M6Xe#080lq}ztIFvl9GIx z;@KQrC_`x!JKME?1f#zXo8;kEI-AA^0l2 z@*L9*lkbnj;Gz(%|GFIuU%9GkFGNW;Tp&KNK_0aT1#-ta9thj_m|F-_8ciOZi)s>M zIORhQ8lVAedTOU5{UaGq1q^+O5>Zc{Br2N@k{;xZm`$;d)nCYKCb8;RiH^LjbCiEX zP=z5XrCzB*+cm)M^0E-7A5L#$y4-eK%O~CIJbXcD^QPIMG1qGq1%?va7pIKq1BoG5`qCcfP^R&atCpV_Ckwfx+6A=dE-gBizA*D@#4CvtMF|2a80pk^_(W{P17GR(hBHM_kqXhnI3=PrkqpE9k|$TtnTxqzu;&4!!V0u z5wtBg0OmaAwD`TZ@*j`4Cn`d&?}z@8G4XW_jvdMul(#w^mRboFc!nE=wv3DYa0ncE zRx&msha&&jswR%LuY=_XxL-*a>jm&)pKFOhW>>ew@y!anqTGLd4|0R^Fp3sGic6uj zom#zgtKgy!IcO7Bw>cFZ>+Da9Jef6*tw zmZeC6yNrz1r7Nfv-i(_<4-m-NX=4Z<%5f1tSRp5`{PLcDOt5;BqF_jK8avUJWZe2X zD%yp9z?XNh5psY8Tr7cll5~H2ccpY;=;DZQZGQtduzp?tcRU3q?*E6UpyuslPQ<8a zVx#J255uTH#LV==N|3O2adrEFY+V1vP+((aX8WHq6fSkOUDqX+{FiHc_vPfVyByWa z%Tq3?ocF}*@pu!)5!1kA3*Q}%H`X@`jhYbA zYvT|)QDjs^)#h+)Mr6Px;nlIx-%rML#Nk!jk=|Emq!i&bp&h`R{m8{;Ag#brprIo~ z+kP}ticliJa2RNJOG+~;!Z_=H)rdjW|EeuXO3{I!m-Pg%Em5ln$1UZ6v?`bJ!K^)% zfo2(lQl+MrimbDe7N*yv9+ob+N!Q>ofKB(HDJ1``((BaZ)Q{5uGgggs(=X++o@|z7 z>rX`Ov<9tUii}+*6(szU7ac&Q&y6V+*^qur@^qihSukW{;7v$BgR<*-CuAFmA*QLL zYY2{6y$r#e9utQQg~1sWa>Lw>2LpbJ!i4-=#YqneniPCDA{Na6R5FYRmb`TVfD=g6 zRAf9wTBDZ(g%K~b5QY{8E>TPkzq4N_D+Le96vu<50>Jl?&SX%6R78oQ6M?{g?~?)# zMGPa4mI>mRu^=Vp5|(vS1yT_C@j|r~l37b5hM-BQq{~ask<%>j+Tl{BA;OtU9nKM{ zG$P6oSpzK{b)!!wX(}d$YJow6izm`-Q^ZHoO$u81Lm%|RFv<3S;=c$wT|?c#D-q^` zW)*e_{ZYJ^FsvI4!A_FeU35e5hl?w;D4da$!3r6b_<(2L4tXOn2^JblW9jo!8Gx4G z=XYm{X&C4eQ0SwBT%H|ZqNR$`GtElRi$KoN@KKb9YlOm?jfk*TA!KfmfVP=q!W|W( zv1gH-VZz+~lcnvr3EA_JN!M$rN>pTsMHvoT zuyP9qgB^3<2O-w3u-L@QYbRrkv z)HYZk@wt${OMbHDF7I^eSyWuXMDFqFjX=E7SSrMhj~OYKzUgPyj{v2^ zm{=egPrCT?9TE0!?0A8UDaq7ZJ{bNYb+T&N{W{X*<>Ci;{ncAH7mvB#p%{EY{)&~{ zqw~%f6#=hkB!9k_Aa%v+ikIrMmTQ-xHMu1U#C7+Ze6i!iNzZ@(-aUOp-bz|#Xb;H%%9f(iFqWl+6mwG1wioxu~&P}9I>}3 zq)DPr`Ue+xst@5dh}`J}p(-<25U(jH30Lr)gy6F2Ybem7AT}d}+T#~0A$M-2Nd3J- z=Wv?kq-$d8O;S(5or~4pdg|2Y_uP-P#|En|=;*cjed5D64@c6=8w-EEJ=}#LHqA{3 zLE~eEq}x`6Hq%?yD}WSrjA#-+cKnt95nTN?*37V=3qg(jBQlFcqxl+lneuz;G!$i^ zh~V8%!9PWs;9=$vFZ_?I0_!dbcXY?fXfWT_a2j$(Tf!q^4XI>u3<7L36(RLrbikG} zO}mg~RSH=thzA!2v@qQ>Um>bKw0bYkyfcm&yZB=}>(|Kgx9Bnu|2SecOk-;NcE zi7L`PQxw>zn3D6K$B1La61o9PpVkx3&O@;D$68T&g$wiLl$G!4SQkO7#e^zWsL@R& zbE&i{IPm?XQ`nJRAN7iAO`_(sTNaq@cgoXie8n}m`dwvX&AT>{Bzc4VNi50i2qSIg}ajsd^s@TgyaeNd2MX6`-L)ST0g+8gmZ%$dEHc3U0R3};+^axTBWk`_c+rt~Q9+jv{ z@2c@G-4Mr60RF<-2X4Q~bVFI`Lv)kF;4%Z$+c;AOua*)JOqd<=r%{d>KxMwA9{puTvSkagj9%?^J46&{q5!f``R5Zl_*!%$u&y91N0~pZjHSwboC4p0Ey4ZqrJ}DO%z+kJfNN>|NizeV26>A%a-V zTZYh5sJ9S_^zl+OVcJ0m1ZYbz6GR+ashlwqP|Tv{lucgP@pKj_{`nDm7zdzV<#h`3 z1bjRhDjIZpQE)lLL0~q@lo2EnDt2oS5>RXNr`$$T%OirED9`U+RAEn_S_6Q6S=zq3 zu?_U5s2dTm%76PNo=}=U*$H65Pa_Ot7DH${?V4@rb%_fhtT1|~X@H0@K&tw%Js^58 z+e6%2j7dz|Jx!Yp&mtAWKT$uBm4Bz%HJUmG`rI8I=(|l+Kg*i6hN1epjK{`1!2g*a zCCp46J*M8&cbT}@TiG`($osglcblm7lsntQmU%4zx^D$;IY?O_EWJ+H>V8Ys9K3>)SFX_GmPuTCr$jk}9ZY+4>17kd|# z{e)Xx(o+s3e}Zct&Kn0tz1tBD`#mfYaui*;e4e~Ha3&a5tz4M-aN{8M@4L%nF7{5J zYYTe(zFi;OKvmHx6;Bm$`0U+(WD1&j3;!X=H>+lQKRs>U7h`_=aCh=_Wp`!8{Sx%q z)Z4J@O^2b@FwWp;5^xIx;k!Rj$IML}9Jyn1kE(>wKZx>2usbz#M-KRREvavBt+qb377AWWzMaGX3%Rq2Q*c%dTg<7?)>_eSJH$U~!yMlq^Sv1okMoUu4qevkh>hs_tnR_~6bpRLG5({LZSw z^dD};A$5ibdaVlGrxbFBwu8b3F$V#n3b{W#8CanUH!qXkSp^h^K|JMIV_0hQA}8t)dAFMd=imYWL})8*dmS|r&AcgsK2nc3~sY!Clv3nfnK&w zQ8NFCI(<56wP2SWSThA3Y>_9BVOb3KZUukW^H|?=&9;#5Zy^dZO+ei+FLJn9*(%r_ z&@2buXOD`{XDlmN?z~+Viuy^0@kyqEdyK!mDsIH<*+UnwJ-P$6cLug7J@gvk#SpGi z8*#UOyLy0^1ZdqYQ-miHu(eo(#P(*bNINNt+4LmVfPD*LO}~SsG2N~&;Jp-~ZJ<=< zzGvo58xfI+jUE zcdwTb`dkV~1Vc^Z zeh-q3(e8bKIBWl$m5ZqE2dLk#xjvfiA(Y{7F1}$Nuv0=)(Lj^zuN{>rHLw$Sk^)?V z(g?Z3+x<_qQ4+-=LRy3QcVX>zn$|Sc(pw~T8Z>y~l8B>KetIu!vqK*F>1VZ4_2lEm z2)^w(S`h|Lxu-F%FCg_lT&A(COXh<4qd*8>e2-n#OVkB*s3Pt;gSyovPoG@ zud2o#)uP2{qDGU`NU%dAnA?@zVqQS+yVTKR$)~4AA8#?^!&=?r8{*}-!M6X_2LrgmECvyF&-V~0Js znF@zg?R#b8*%bZ^>T|g5sWjWFhoVo!f9bfgN`Cyfb!SJ^)cE*>(oxF&Ot&plPh~7n zsNS+EIMhyy<9vc>CL4|H8xS8P9PMT*W9p4vfzsJOfGhMADAlgOF~Ab!tkW^Z8DBH4uNI5x_W5n=N!3^Ok+Cp6tZ~i91fC95LV+aewWD{jU|kd z!D?8q2T8P-dRv$9ukou}rw$%Ga^bYo*yM88*caS1tKI=ubWV+g<%ts+wW|=pkf#v8 zyjQZ2E5a*w$g|0{r_k2#P8~%YBPx;Kbx=thv6#sKbC}y3yA@=PuQRTzmDe!zzgIRk z;H9kQzO=aOI2@?OI_i|YY6*yG`f>73)|(fltj@n^c;xVp4eWV&MKSoq@}>h+KHU@y z(#gwOTU8TIbtz2-InQFQeakxQvu(O}2Jh$k4+ggWh)`{-5Y=X^Nmo|m)9YrCb^Xgu zj4(yP$b3=XN|{Fy?7}4Ip%AaZ=gCXN`Inz*5xFqcF%{nEP3z8QA5bfDat#&()Q)5% zqA27C>qkt~9p5bxa*GdrgaQ3}F6+Zc+kM)tP`dr z33?&_udREm&@AfTew|=^v;}&qgKa+DV2gaAMPTtwkeIX3qUDexp2EMnLdpJ03pz?_ zkZ9hpR1JtRI;J}5n7Nsl z{-?1Ne=XS>GI6+#XX-N$E0+1}7F7{aVloXV;sJ222@vRDHn^yL)Wt=02H%Z#@7ji6 zg2)MOl07x057lXYt2sMs%yHqJz3l()c&=;R@SIcd z5T?HWDc;j-(YDS7eUuUJwenh_b>Fn{7kH@V5J^nf0s~4#+JJ3<2IMDiA@PY3pmx#D z570toz<{9xSdjIQt3UzZ09Qyvh3d43$Od+{b+jg&qFW$?>ScN1s@a{$5Nrdb&XAqp zDHtbvIV9lrAr%hr4vPHSAR}=?@E#6Wm=L4fkPsrNa4S`$lC{U*KPPVze6Z+VA>kw` zWk~zKq)Ng`5|a2I*+XDzNMyj2;KC>q8qS6I*IQXfREYFVk8@tB+^q%xwWHopAuzcT zPB`I01xgw(A*SHgpup?Yo1mRwVkjq12vB1%*~Lhs6MsocP(Tdvh|tXd5?Dh*2(eVA z{X#^Rf>)LmjIl(&RM-$llyWxG1~Z{G6hXCM39(mDhZ-1c+NwHU-(OYasy1j9BtB)kXaTem+&#TkPRnkEU;`E!Jk_pTqx1=CnVIJLXvP2HXIh1b1x#&fjx(EYgfMp46;V_+!Zg;M@JUD}3VpvEsKt z=DqjZ?(=kD;A-))^VeaW;K=76eu038__I|j5w`8)zZWPJ4*Tfau6lz0 zZ`aTzkVb>RyoroP>`%n!s(QbeCAtuW{B#MPTb8}1YW&#~%J0uAE>^7-|NQRX3zg~f zOwz%lS;Vb4f3QHaL5V(+FW7L6G6|7Jy2#sruHaHSmySLqmG#frB39T|xjNG;<8(Db zjSS_|yXrr(L$FhE9&bd9s?u(;W(tAmuike$_Y(0&Hq)PS%Tg;omN!6>1#!+I>8Ev( zaUvpP1UR8MX_H(~2qU7nQ3_9!olpondOrbbEm7Q3gF?U#$cPw)Jy9N-!OT#UrgJ-q zEKri9g83cx z);K5D*tI(TB_icucje65GQ9!Sr_tro`IZJ(G(y%!@!S`fx5LH@C)vj)PoK{?$1OQcY_*IQmg+MUCeH>ps2Q(!;#}bx^P&y zc<%FVso~e1Y-IOp>6xJXNV1Q4STtz!e6-y)@ajm7{G^nP!Iv-Cxj*wWpiUiz(+dr* zWObT^)0^yN$9fUJIoaeBK3@IzWXC?e^kZ(*{yRt3*69@L>}n2YD>rApkiJ@Ua)Ld} z8;J+p?x`Bky_vt-W7Gz_C%Ja@9j|A$wSnE}2cOXsIPZ+BEG_WwuXlR^$0tSZRgi59 zV_E2B^I6f-7yV?lMnYv?^MTtwXLCfQxZ!fjyv(ysQq`OS!8(4YnDZ^t^KKoqCWc&f740y$Rz#|GFlqslp*}Dat6g%`+%zxR27$;L2Cq z`+8-5hT?L_1>WPu(lA-_pail0_Fr#}!@AdA=^F1ecK@7b;*YuxN3IBSi9|D2pSxCi zhCco+G1WuR+j7^d==H0exT;t3%1iu_=9GWaT5{24X`nylxcstMlYD~J9BHvu&GK+v zS6I}KLS1ntUNMA1kRLHCq!N{gwp*~T5n|^&OTB_6iRT@-f3O(Np`Mf2x?3az-H;2_ z*uKV!?P=J%;c)gkb{Wn&)#!5I+k~%J{j8*rDm8CekIlIhXRjaATclB_LepeM578Xf zQAo|PHZhZ3G+7~ECgrVfJyVe~6jb)#U zKL?H6cVjM7Z^Lpx9`Ec}rXp?Ach?Y&xgl+$t#ZG(`#{c?q;RU>%d7Mr9pim$)H1Zo zTTM-^uD-Hge+a5^@E#i-Pds~a9vzr8ta3y0_B0^2q-+v3S|BX>A@lhlJ|~}r-H~_& z;Ea5Oo47h5AWUWBHng)rW+D{k{nB?cM2eg@q7zi9&*p|?wY2Qb%cjWncdfh5xwmBSK;N|6yf8s(qtgeT0^Fmr8t}aF|veZvBa{GAvJsgm6&JJ~TyHOgqPT}Ut z{eez~*)67y2G&UWIb#k$J25>d~>zu4H-BiLIzCYkXihV9r9A0vF2_$U-tY3BPdF?1$6W|m3;@EI3L%KA7>#{bP zvxKwZL;Gp_0Yd;-3`K>%agkk(S+8~1bQVH*LnaVu6c-agbG)(GN^bxY2r@Yg*21WU zEMRe7Ue>~spPn>k?TH|hu^#~aGc*yJ-%hoPtrVq*0Fh?;nFDMtxCGx9yJ$<$X~f7> zIN{C&I;N+}Qs^XH0Y}wB62C7VH#ii87yOE?6hX)KL*DsYuZ5}2y|iOC8FVM{3s}5O zye5*m9b)caP{-2pxY=b&28GVT)}U%Q1h}+*1xpDhHXb+akxT(%z(>FX0t_@E6c`Y+ zgoOlW6_0yBz;O--1!0!kt>Me7xN4KG$x4 zdzpjnonXel-Z}ew_~Y zeC_57u8fx{Dn{On+$T9}@f~bEsR(uwEGl_iKaHOU+EVZ(wsoue4GfpPM}7L31>&_| z-~P;8PwpTGy`H~bx^v)z@9aKIG1%+US+u>H?wV`=6Z%WzX>JBqo6&Gg?58~a`JbZq z>0#3){@Qa#<8Xgoi}kCQ*xD|1K%93VpUx{-F5}>qx4c87R!hXLEtWGp)IAB`)Leh3 zW!5^br@;BM_oGh{qpe;B`J3Ot2mxUCe75VKZvT%mA>E^Sc}7=X!(979Yhm>nxiMwV zrI;V3iFfV$=IS`nlqQ28vH^s(aWqPI>Q(O)dBQnyH^jv&aVs)8C?X`H|M%~6QkU)h z&Ry~!S?L;!VuCeGvj+M`wD5lE`o%^WH01YiHub zmewG8-@P2h5^HbI6{+bhu;r&VE8eF$(oX1Ay)%!c*!NFreElzZwJ*iW#LSot;nYd$Crd^QNWyW>UYAQD%f-K4Po`GomFXrAlIFer37c?_7 z!OEyKmp08{MH+rBtd^wUn8v zO8qkB0(DJxWP7=adi|-72-gR@<}t}{uGV5heYN&0hkVi03sM14m+i8FzwjB^)~_z7 z-8o$rt&4rH+@HQ+$i zS+or`NCNV@{q~k#KhJ#UIV??Y%BOha5v@xEX3hAgU6h9!;J%$+SdMRly=6A!&uq&) zVy(@_cJuhqt?L>&;`+Ee7Mlrz`An`MTMGWu@wV7^r!P|7*VD!?QXPd4;)UdhL2h^2 z1xNjAY&WkD&AO~n9j?!hN0r9(J_EMLKNqED@qGrYUm4{_Nh2m)A8wz2dQWDGY`G)* z$X_ox()0bzpz%70pY?HT{VB=spB{gaG#VX){ASmOic1b7A;*p;>KM7gnh)s$R@gi_>b6D?_kt zVh7fhPD-t~69en&fPTzE3rwx}kxskqzuF!9|50P%jjQ*)ZF{xv#P4y5-~UIQ_rJmz z{BLv~5BvX$U%>r;j9-wOyY-WtCn@*(jpoi-w{PYyU&5%N&jb<_tR#%&R6&dV`TJs^ zcbBq0nH3QD8k?w{m`J!slp0c7C8bEUWo6Oqf+QXPW8`-Rw(f$g!ry%ZyMy?#7?*+G zz2WS>-lO6BQD?=-&Gao<;AZ*(1@4vX9)7Agj0+sLXj7qTopC?Z5_pb$zZgD;wrIBD;W_m(S>+YzM-jd>99OfWJb~^u^(Sl%P zKCH9|*g##Ns{c5u=yRy@nX^DDc2rldok28y39QE@P$WCjQ?*j z9m#=R2GlJs6d~P#D{DzD;9e$)cawc_&BI0pD%zM)jn22Uc$!lu^YYXY(mN-7j-BVR z#UymUEK2oGZUuIAzm;-W#mV8bMKh|$$Bdii)jbUPY#gBVu+0&M--bfo!Gra1vLG+` zv(%V<>ua-!Q7#~4HPpofXx$#4gY-oh>c;TXp&Y{sq> z1Rk&;0y&5I^2MJZ8H8 zyol-!cwK!7=v|<{%Ktdc-+nM>dDJ!Bt7r09Oz&7t?|n4?`HJSXx|*HZ=7*Zo)Q4BdS^XJ1zp4+T?fqy<5ipeMdO#K1A34c8A_;roY{+m1UFk#$9Cx z9gPUNSQYe2jPFRCUgBa?wfjh)))IM~R@_cs+&o!CbU_Vv6xTYGP54#U3bZ-TrFQ=) z>Pr9ih=+v#v$Hc3>1x}xUQ-f4CYhaGWp+&w)zP^{(6P1IzP0Vr_22nTmp9Cq$)Huo zz~||K?4PyVdPsWy-~*3DForDc1kZ0!f!BN2nEr=-t6Xb7$li5hbkP1iL0di*K9F0! zy9f9~-O%ltzo(%EdO!g_T0UVLzPo?$bGo6MG*jfE8GC}(d|-Sa*Id7dzq+AYG)v;1 z^nIk!H%GR1FyAbYE}n)H17M;kUc$ySCMbL+17l*^@A36 zEZNf2?zWjf^Ll(iOgsSZm@`#8$`rFkOGDcvu-WBU^Pf{tBcoCYrB`xMh!d*z|K%6X86_ zU~c2zjSSYiQqNHn zAw9UG!|bW_?jvbY7Mr+7|IWMeqU!^(%m3r>xQ>|U<8mb6&1&xuJBX;LFIbN7LIChM_Z+FUo}p?TMH=P%Y+chKejLfpIM zy7Q}%?RXjgo#~;i?tU_0?pISC#uH#UH@ZzTXWQK;3VOrYC+bJ%+sf^YhsS$=Uz_1x z+ShD=9!7IAcp4anQ*m$adH6){Vg8G4a+zgut)+ z`SgR_gM?T{WzO&9>V{?;^{x5_L~#>H=q`+M`AhZ#p%>@%r3bhrl#5c(KTefxkL_H{ zajlI)_1#PndcXt(TQYJpgbUeNh zvra|A5sw*qb<#PlKapKXv6?1sLL5xE$fw8RZda}>aK%Sj|00|3vTc7(4d%o6G%klV zJEpIOM+YM4mx%6Q{ErszD_?;dme40$g4JfV?WTDvLP2Yc});^g5LN9YBY zV0sh8)k~J4tRK9(`}uPxs^r7WGHcpyHE&lZvuhfZTC7T!6LP;*xXrK(Yv^dPA&zhV z+EcpLA{CIexAA(6*Ma9gE;~gdll@$8J11_#66waXR>?e=ZWTXU zVzH1`Hd6?r{$#d3%ki%jkfjb4NHGq7SiwWLC#*HF86NCwp*BxyJjk}K)s&=$7{h%Z?$)^cjskn-|3OmRLmhxj{3KH zoZ(97p%5#qEiy-HcHxTlgYyRpeYadhfim;Z2D)_==Sso5=N2-j+6V)jbI&R(XOb~@ zQ4@$GrKT}RKc$`kV9c#e?n!3?NSS^_$upmQa{!eCwKH1bS$mPz7F65&d6{l_w8|vt z!EjGOJaVup?a}FX@N~{_#*oC@b+*rHta+W76(Yn9-EgH_p2qd=S=Y@~U!n~{tVjs? zZt5X2B$aD&C)edCV1;a7ag#h^*5F0GXs6Cc$&DSmfV?p}dKr>oVr)Bz2Ad3tw-hvD zW}iFNFnRyJ|EOvmgVvf^j41!tByT|HGLUbo@LTl_gYLYh!p?on3PxMy^P` zx{8@Sa5F*E6?;W0%m3K89QN%!tzYUPou}AsR`Jf|V9;!AbLT$#nd>*_+FAjDRT^wC z>^7zZ2bS7bm$J{fwq=j^y-GJ8elPDuUrF8pD7m)7gP+8Ft26 z=1f4d={HL}q^6t32L0CJ>j^0QOB{7F-=c1K7ye<9I;!I9#rGC&1tzPx#e&+oB=BP3O+dfcwMtHx{2J&Vo=*=FSI`z$jwSe~*@*Jxgh-bG+%)zX~o6+xe$phgMpz4dK zfg>qnyKWJ?x)spjoJj0uI(KL1{6}E(0%`7%2;j@D0?({06HHhxI-252J`>|AzOqPP zkGPvxwd6s@-13fsGU-RtN2Dqi3ndIzf~F3~qm$VQzeE9@)z}$d@`9|d#kw?gTJn8gJdIdn z_-p;5bmF>go{e1mm=gbG??&9duO%`ySyr{gVK5U%OfaifND7f=5qsc!{84~pSNqj| zF=f+^)u1J7myon19#fX$v*#E6KS|p^(WS2aci-LC@DH-K`h+y)%#y} z6Z%ZAfZVWCAc4YuV-%qnzLokMMfnH%_PTIm(4|ie@L#u(_pA$?w^v5#R!|He&4`cI zn32r5aZ-hA=>TbylcT=OscJj5S@Tzb5%Rqd-tY1oW#u6AqO63n5Rq~h14np8SL2AF zF8|EG7?VdnmKBLw`GQoMo?Suj0nV=wc&FtOl@WA>Zpx7*A28d5j_S$I>EN14^GwNt z@=8EqOM_p7u}~b_Cy2|%l8w7=F|_eJZb@TPtDPor69g8iqd~HhlhcPPDpn}1C_*K@ z55&l7UaOxnT92Q<247Z-ZBc^j{j7#I%2y@eIl90v9V5A>(eF6NQ*JLfFb{f&0&>Ss zmrr~0@}CLi2HN6f|2bw)wwhfiFw;n(yhE=&{NUX4sQVNo7eNv}!a;vv3h=hZQYSk{$QY@B7uh0gdjt22-co zYC3ZrNM-N?2~>E;L>PAYt;6k$m0VYrt+6c+VGG^Hrh!`q4jQC{en&Iz{&FKAn#^<-1^_BofjZ0*e_wn^jV_Cr)v$?i46cZGPN4jc7lR|F+JX23WOq1+r|Xs3G~@oIfSYFKowdWdZq z+4=y&QofP8l%q{ne6^&INxJ@1bdXaE0#XTzMqk}YllT1>YJK|FJkbC)MaCPiNZd0TD)mm(i3!QI-Yfb_@6y<@LPgh2UMFgC%u(AW z5;HG056zI$-bqCKP)m09Y|oI;Hjx=1b8ZEAFHNRC-|7Zain{XD!AzLC~Td*#yJvA5^^TU5-``mlj6?3O)spLHZ)Y@A`} zv~@`G2t!Tiji(k)r52yptLfj*i;{08zhm>d|5;wb^`4)WSvAS@1of;+FmWC_nTJUN zW@wHegyRUK7sqlv{rK8nI>d&K)MP%Yja~1T3N-;LZD$EpvBf_$<5Nwgi<8E43YM!G ze87MqBl29(gjnJ?(3*R}7trecUrgl^nN%KH^@e#yQi@qvyK0~Kbo_4dZ>4HTjh-(c zXCbZdny4^Gl5)vJXKhga{1sD%k6n>xjV-lQNmvk*QDLj|Lv#~X_~*c-b*L8pUuZU9 zy$P-y0rJfiVI2MFSb>iMVhaj2NfSAIrA);k3V!HvHxhZiYhrO8#kEvEj#r~gW~H1O z$geccq4hgE@0^i;WNI#vdU`ZCh9AyuzD^c8Ti93;oA4H4M)KMjtk{yBlms$GO{eSS zJWIg75a`A52)YFJc_XQM3xfdYCk zjRBne3jZa!;vwov^3G~ybt}OZl@;BEiBL$bs~5hF#{R_R)JVW0Op@J`_p&YyuMLZa z_2GFVA5{5CDn9OwB^a36X|ymR6T)N52#7wNg5!^s7eS1vr(#01C|9#w2n%UmeVQ1r zqJe}H8*C8;tz8DAqa2K0w&x9iItVj5nh)^IGnwJNahdo zAkx-bUP3?xL$KUtWOhU@IZdWGMpFbIqFylM7>yJTMaygqrlQM#STbF}!>@9570+`& z!KH=EW!O3|aXAXDNk&xmsF`a4Aww6ORTi~v?F2L4>>{KpNnnhWa&eOdR3OMnh~BChvwesBL7`zILDUZ^UsK8?OLDi8wt89u?0+X3*(mNjnatTPYv{gKJ$E_^5tl;^~7L z_HZrLxzH9~wrC{h)}M1g?krJ-|DWL#GctP_=fL0eLSg;NEFa+5!BEOcBvgU4qfcS?7jf5)h@m;&Ot zqzCQgO?c!1ID2N_S0b!Sy+^L9rtrgfc94nj#WB}D;t=f^Sdkhd!S zx*OfhM|j-w-?IG_h~qxT&JnZ$3IFS5%(7;7_?bV?R|GC7h&MtP9BPQFa=BB_P1W$5 z`b*=D_rkCDaIU%Cpbr)u|kku#p z3ggjD@E62h1DyKRJQBC1e(t!4%kL$R27Ww5Qb8nAh0eljUm$IMUq~cwmlw7=x(3;n z9iv`$0`?I7OoLJuiZA@ zjjk#>6m@2xHw&FTu)id~)znIbaQE07`{)f$1cskhht0(AW-n9{4D^wX6|pnMoXu+d z_o&BEgFfq9UZR9C@Tu(@ap$*g$6kJKkgY0okIR#jp7im)#ZkUA`7?05V8F<|e)5Zw zRZ~VXSDKRpJLjQvFA%^MJ=?%2L89bp%gQ(}Dy`6~cs~y0j{C>3;pES- zAoSl%BH~=+0vT}nCYQOZ!Sq)D(xypH>;_8W!4@K`uGkY-^26O9b)RI#p8q8N6dqli zv|l{O7;%%ABR*-W679_fBw$JQ(+NK z;cHi0;TIu4E|~Xa^Ao6b12|q6X~~fdvL2cAzw6)s%hMufKDerKt1|An47HAu***5~#fC zl@;$;U7m`DVUa@;v*ijW<=nSMu55X?z7Q)PgX*65}Q zX`L}H+I~E+a#i!ECXn9lb&Rwz;CNtW>P`00N92PgwQ}QV@-vhNuI>`ZNmBOH6B`gO zL)fgkiOUOfqJ!Q9ApFp0b=HKwK6R`|maG4^oE75BEPt%zD8qlxb3?tz7g7sC%laDm zD#^Oo;PLpJI9eA#-l};Z|1zH({@d>eo{@5iLo!LqfXt1DDXn^aDw#$DiucHSpr(BtOaEFs|zQKFJU#Con|my0G;<$ON% zm@QDYI=g{A{5g83Dk4D~Pu*LzmJJkQs`@+DoSXGugQe+_PFs^`}sJ{tN{kHMA#kp zCQXV=g?&rs{46=pXKR0`I`tq6w1;DE;AWxh@+;WIN?O}RLNXg@ck~>qtX|LrskUN7 zXO7GY_KHVdd9r=>dw9UYs*7B`KP5kfwkjB@=#q;kAUc^5CIo-ooIkb7P>7AHlAnNQL2a2Ieo+ET%ahEFtUPGQ~mH#S2*&8&N8_a+iftJNn84d;w3Gv&Bd zu#MYlxXYLbA6LA9C1)o@*06q<2?{$QR_eWgNSIs%v*|oD6(NS4Iqu=kO2ZA-0`m{& zj5&UvmH)Dy*MT_O1LW|H4Xleor}OA)67hd1{lrbm-&pDh45#-JjEK+&u zl;oWsF_MXsh`7{a&%IUC1S@0^2EuGAEbO1L0MFZ@RMA_nx|y|2%7Zbqlme9v+`lU% zxxVnK5MWVjkCB8bol=~^;)zenCv5$|R`o(pTByW>#O;b&>BF^P!6`T;j^o@RHQ~E33}b!9 z1=M0&B1(^CA%AC1dGq2~@SLK1=%y*5->?jpY4wT;bT-C)uaz!8Cz=T}brPP&>+^4I zh@UyR%MhJBP*~tLTh4o>Iwj5IiN?_7a^TB!20t%cr( zdcvvDkNQ$pw5B}n@i)JA-I8OA3*;zAF&z;dqL})9bxXz0cnj{9G-ww38Kg@|>{;P^ z8n7fHpK~U(A~EK-KrPW2Wo= zry1!o|G9U6ii-n^33FhoqrN>Pip9#cXJ{Tk>|MHB&z(D8fWiIWl7l|p9YR^Ynl4$> zfQ!J4MZb^7W4(%-2dVkb7>(p2TI`r&YO)#&zq(!Wz5BIF-o+ZDA9y3~NM2DiWTj(Yjc0s87` zsZFi#k8jdMsHeL~sLL+W_ZTE4$fOX#F!P}?9idjwXnf<6odASAuiB} z&AH%3?qNJx1U(-n{YDXB3`1?WH^71e3<6WwV7d)+QDHny`ZXcFsQ+`%Z3}@Bl26zQtd}$Y*S&DOfTy&)TAmr7oz2<^ z?DX3Q%cGe`nVNt4&DK2F(HUOgO6*UXGO&mwxS#|XGSf+8&nKF7@a|+}aq3Jc8fHy6 z1sFJ$agw$F@F5sA%-lDFC?ok|?z1Rrm6+p|nKQc>cs7Lm$fMf#BGCBeuE`?qKLD0D z{Oi7b$Xsfi(IR8287GUyXq}=zSUs`#^Dh1K`R*DY@M9qfPC5P)+L-4Y#6Jr{1 zVR<%yS5_l#TxRgf!kv=kEZYw;+-BS_#sOY;J8W3Z=2}+t>#SU~$8F=YiNh zm`||ffxAyv*##Byr27bitfZn+k`iCMHV3yxE?x;Y1!BiwVuQ9;pOjFp_MTM?Qn6g zc)T^CL%bWoaN^ItIoT6u0arm-r~Wn$D-{?AcH?ElrVzns^c)J$aA|hQC9!i7 z%1p%}bsi-z&L7N_cUIwESxvh2SVGIN+bX)@O=&E#oQ$^NZZ$AG%mZYz8L)h0Q%>hq z4DZ^qMClh+NfcHS=;0RT23YLzO@sqx&E|ZznMUI@k{JowRD#gwg_Z3HijSGl$hoMd71v_24zZh))Sq_cis5eBq6LjT#0TiU=*{5 z9>bb}xjN(Wd;VekY<>W74^l5;DKvJ$h7@H-kn#HrdDDPC zZSr#{tSSr{1$Pb$S#yr$5SCW)`&oooh$qMKTVwDzh!rLMw_>))VF~O-8McW2P|&6U z9`iqW%%D1QFf-%yIGN1cAgy?LY34GMybfmvA4-CfABHEr9A}ambbs7pA~{F`8=4gT z@!nBLK#ZdXX2fo(w{D&eFGtgfuO~HsI5TSR&@P+1x55wLnx_32NgL?LL~PWGZAxwt z#o<0<4n$zb`EE?vH-oCnAW&O9h=8k6??x+p#wHZuAh7zOH-aW4WP5Z#V=jkY8i^u4xqcc?MYhyOl$bKw?KLi>9YA^zAfWRuD zZjTU|yZ)L^C{H_|<;YjOY0(*DA`5$4Jo|Oi#S00fa4Z~}kNj!YI8e}`1J{l^4|Zbv zQI=WwBZgZOl!h5u5u-R^NIYXV;ZZvFjhVGOx%*hBEc#IjW0vgPOf)QZh;&*Po0FIu z5KzCq4Z^$NVf=0ujh9`-LBMu>V@-oU;cfo)^C>g(eRPf3#LYzzRt$)d7)g|owKhxt zf<>8c?IVO^(iX4jeY6{bfQo<_7h7EdpuW|E*eZ&wrhmg&rrF6g=J6cg-YZO)#Aw8@mCnbJDt?-cuPZEKYJ)Sk zEp_~OGf)YC7sZ0qy(1EN+*p<;W4?0gbe&mH^6&9?f8MDZ^yXh|U|k1;kzSdF%-_C6 zOdI@0RzD@#39q~7@>JlSaZ(|XwHqNZ(r&&H-DhXGk${q=Xx$*nwv4Ko>H`m0cjQZKSqWRU z&W%VECh}mbl0R3hp(TfjQ?FAN{$NS_!zx5KlmcGYS4)ChnI?mG0F#Dqw1GS*HXNSP zXb;1PDS8E>m!NvdFCTc{dSMWFuO~-C)h9f|A9sK<&yJu9;kjfBbDAnlYKo$=?zW^l zFhCEyV8Ltwk}zX&(g*<7JQ?$Q{nfr>D?(N009Z98$%U5; zPL}s^lXhx^1S97Lo#B^ua&~YmB_hjd!f2z8i%C4(Hw zP&DTCU*Si?rZ0}h+?m~VxFSoQ==#sWs~kitK+w>pK`MG9HA+tSP+ZCnz^f$XZYGL( z{kboEK!!fi{g{PUNqH(R<3Ti}M>R;e8*Wa>yo@PC3|6B)3P3p&bvj<)Cor^n>HgXS zsRpEz8V2Lzf%j;@*&vbnv9}XUGTclIBkj$NbUZ2PIi;g!8%gy=|1$BmUWtBJNL{|g z;XPv5Dm3H4UNR^mDe0Hp7pB${FVB?51g9L(d(a1Aq}o~`h|m&9#fs3{eFLLubU^+g zClY;3r1&vV1r5-O< zi7$&7z0`{y@S9Ya(%3ht;Qgy_OK*%V6`BD5P*mi-kI%E@9T1SVLOi>KmT2pYy5 z8MKlN_#~1C?r#98BHusv)^E(emvp9*K-4838n+51lU&GPm3Xk;W%|5z|6G$tY09Ir z$n;<|%yl@$5C00&OB-9k$|Kd4PrnSC%*v(7aa;*SzGj(4+W~xYokrUROiLjx9FCf# z>BeaP%vuHLs-?~4MUPQXQD72UZiR0lJdUzT`(N(3-5;3nCe$R&mPd>!sqsg?Dz_8H zhiCEA@T{2CnbnSG-M3$p2#zVE z)V%sYN3%^{Xf;hhfAY-!lmektlKNeEW!*<`^O?l4sZm0EK#m8ycKp`?cyh_XCWfII zZI#E+tj$@=GhTI>j$9Ntzj9pTP$9|c!eXni2gmw3(N}sR8u6LA9e>Epz6imah zK!SGLR?DSTd!{YKZ-*Xa8EJM)c}Z{7%8KnYgW@*57<9Kbjrfi!u6-NQHj;)F)!Ahg z?Wg2aQ9_64?qr?n){>6{pi{-g9lGBFNEf*`X%asQsNLnS(AbH1vP42$i4-)BgY6QU zYA%YWGt~PivHGt^7iKJmwNb1rKh@0#uaRiS(*&DIdZSd;t|O7EBhAi;j4%`Z9y0Wr(z^CS{70wI2fDd&P{4^Z!9&qT+?^+_Z>i%LQ|{BuDg+cZ*t>Caw^@V2%13z4tp6h^enBocgdEfchRTu8B8L~Ssfbtg4LCdsF`&F++SL;*Eq18d*EBJB)GT#i9H2vvplAdO zFiGOc$BLrjjxs@NBmz8O#I`BiH!OO>FU3lin|IO!a*3ADo}^7*B^uTzlJ_kjAHGL< zH{DVCRXH94N)l zm_ad(8adpf`he@Y$Gf*nC_{-FIG9)l`VmSJdZ`p#antunfvth1$k^rDKiT zs2GC-ge>zs9tjW$oBfHy@oh25o-LZp1-3E$vM6RhJNJN0?$JHCDRm%AEn>l!#!jK4q zQ5b$cV3L)hVK>_Pq9)U#TdZ20MZFIsisV|^Y_c?^jp1<7LYmt;^0ppN_6a0Qn+W}UZ3D1IV-#9zO52kHBhisEa zWj)6p$Q^kVm+A2M z{T>D+Bn`VU0d%W?GeSPCy4v1wXv1tigMko^{q25HMl*gQ#XOC<$vb{O^S`EwJC_E& z<-rC?0prEabY{ocqVC&_J079`y2IX(oyE1A&v%uY!XtuiHwgfvwrVWJTdS~()8PdE zQ;yHC8+AH$Ohg0#4^)8kL!4XGyngkFRSSsTFNICkL4A|G#j%%eFKhJ1!Pn`z${Vuf ziT9zM_1KX09*=PE=ppm$XFUOu*zMn7!1O}$6dqy?$j@g04vVNgHe!luw6PqbTPc;> z$J6t&hUAl>BFcqA?K_YwD^Dy~Iw~WHK*Z4jht6r1@?CmAcYisi%X&`>Y;EtbTRVAz z!gP0`<=Vo3ds5aDo!7mh@m^)bCh;xrwh)!C)`J%DmpG$A`B?h)#}>ED6MudU!xdlI z0cL`WM8z)EG1_d0cJ<@1EhXzPsft~(&6Z0Zk01}MKij&I!(JHZ*+M1sC&#x|xEO(xT*tj5r35=DPt)}&W zd|pUjOBUu$ZhFWQoB5rfA%mT|fC)s_&B8wSiRGi0ggn0j%tqs^|1lXDdQ?-+_uO9L zs8Y!9>t@3|S^xu!kG60vLADm0OJnD6$4W7^iUp?nnufwI{8Fzd zSpakmL$qs~Hptbd#f|}4)rB5b(CMrVJ>!Z>6-(MKC&1f@jNP;u?;@6upt3%+!?b7T zhOkxEVuud)wEb$W0eV)gyHwV&>jT7sZ}Gi+!1Gab2(A zoGVpxega|P18G+s!cyN(U!!p%{oO~0O@ndSX%K4y2t$u@m<+0LwT#wbUl6Jj- z%`x7}rM^$i(_?dYw?Q=f+k}0?gRpNm{TbVnTAd3(_DKoXcFAz0!gYPSYt`ZI@nDOq z^vG7ZgXZB;sRv1%d{1mdLuJRHZ&l^oK9E-gu-(5}m?01*=oQ|UZeiHL;I1Ok5~xkQ zqp9W>q6uCRzb}8u2=x11qu(Qt*t>hzkM&CQemOu znd7XYV(B*1S!Gkjx#(ZX6`=5ze`LXxnj`&z4Gb{Vk2|u)10Bf(USggjeYDwdY0+N! zGr*GHZT^3F{LS@$3rsBR=4$2WOijb2X6iU%v{fcMo`c)=ptY)r7 z;$iJ-MPl^@5A5u0Zb9N?Y-($4X->nW#}ng;H_TC#R@5c>*YOhPTj%gW5c&BDUU$->3L#mu4eRYTs9Ehp*Vk)M{4NE+k*y|Kfq3M8n+KX`IEF3(n zoE!|SjGX`B?W_J*f8?y)%}Kr(;bIaqH?cN$pdqn!GIq6cF*hc0|M%&fjI4}oH2*|f z{!dV6E@rO(&8q{puVBvqg_X?4$@0WW5BgHfl)ya)u zw0=3RUqE$@TN}e%IH+J5X$M>QI`s$)r{%F{T{VP}^t9_;9r-+HnRVw?C_r(Exmn+g zKan8Qn+3J8+amuZsTAC|mfFm}z2beP5_`fJ-^Yn8lyzSz4$|X%t*RzcN3~g>)e_zu5a0OTIo$_`vu_$x!{fP~d zuJm_615zIN@n5KAWjP7V*Bj4%t|H2|IzC+!f1TFR(Y;Qb$m9FCzkYbgdD{M~Sh9LD zNnTR>a@}c)iDBK;zr*rDU1O%^B0*I^nz!e>?<0gYPkB$Q+fa3jeA&sbTmuSG#aA+{ z2CDU51sTP&`SVWlLC&49(f;CD*H3>ofa?4Qef9cIun;Oa#0w3IN9^66!z+OJ?XI3H z<#Z45{&96?<8hzg*(H--8*N)NUF?>YP{Jz{`6CN09b+(MVrj*72s|2vIXDm`#e7-Y z7A}u_gQ7o$J@Q^4Vt!T{?pV#wYTDCKaMQ25x0ANZv8~PR(}~S~E|?Nb9wMtk6yz)( z-&M*s%*jpvcXqJK-kP4%e7aX!;wC$4=?dkwVWd3QQ~p^eeYuGpQF<+eJu0=nx7h+=X0d6S8|4518?svtG35!&1`# ze@=yEb3?TCnlwdCk`>;w?6{OOuf~O#I=e;c6=u$^f>lg%saz7b;3Zi56eV+a$6tL4 zswE8%)5O^+tjk*OTB`R!m$6gjbYtv*ZVShakJS0c+VztR+idj?DZp9?!Y~`gtP)>w zA#2st-3VM`xN?X5B8Kc^5cPyz?(hsuYuTkMB)WXUMGk12oR0&j3)_Wi=9`v-|9$VQc-Ei)Fjpzzz`SYVZeko zPr$%T!Azk{!+#^7O=W}J;*y4OfQ2ys^AY8Of}hETsq`t<&wb?bF#PcDS;heU1+E2M zkCea|D6PdYJh|}#dD?>PBLVgX@(6kX&K_%o{tjD01>W+;`wbOqv^6+}nye@`lGUgI z0!#K!6}SPY)l-4&8T0ud4{jz0>qM|Ty0EsBDi{~VfbLiXb9e*n?0W#`uJI&9s~m*+ z00*pIveXCaU$8-{8&kdg!2sC5>D19-Z>a6W^Uqj+si|(b6a?&2`Xr)?w77ACLJ|)G z5N5N_%76AsM4+Q_lS)%#UWx7ske|lSeTO6VP4Q~`5xS=ju`SMe7Gj9<3_0$5_I;vj za8?j-hlxTT-e)2uLGuN@+rap80F568P5{_2B?v=R!U6Sr6=@1Yg@CxlP*?)bN#SyW zu>G34qxmDchW63xRT(w^NzT{3pO+s$S!1GEs&ShBlbo}>^=1#NimI}tVybHYJ9!vV z`w4vPQer8^RMq)+lKL|3vG>%8?V|g_klV2?j{}SruEPONP?P&UEe4q0BD-0}GxRF0 z$BcbUwz{=HcU(*!cbzxI1Y`|$eZUVkzOD~D8b0Ma_VASv?fAUvo4@$kzIX&25_`CG zKR?y}xutlK#XUdXdV9j|_3z$#Kc#=(FVZtuK;zRhcpW_%JUo;nbGZfhz27Ys0e83d zOU}qY;aggHEdNK<&+-3IUs@{W7H~|`4rb<_B)ZHb99-<2`fyCD*52m-%EK{flIXIK zu#vEQQB@orUH_r}1B0XT&q)@J{~Z2<5b)2T7>O>Q1PhCZxVSivD65E=m?#^kh?uaL zh_EmZD~l+%I43iU0LlM%m9HzwnLAj1*&8fuT>nPT`A4(bxqc~oCJDPQD?-fN)X~iR zAJy#Q`emlr!+CB{Y*`zbIcn^9=wFtqFq~;T^mu4q`&2*q?L7I_7{q3R+#(=?Q(F8Q zD##2%k&^+BCCzAH$zW}e+=7D%4#(viK^TJ_L}SKSlgfZY?XMaD0U!+`02>G`0S*~q{;lwK00fr=%dVl;<$4hDRysRf1ZX2rfO_k6 zIJ|MfB`<(-5RG2Oo^5iC6OS>R!p?SWB3#xO7ogLM7(QtX3HZN?`|hwPmZo1N=Oj62 zl$>)$2}%%DK*=ByT#|sGge5LXzyktGPDauKx*%!ENKS%_#04bhu!M!(JK#Cr@r3u@ z@4NSp`#km3_WX9Hr+TWZrn{%0yA$$7|#k5VN!#5FQXdOrxd1^O;+S$b>hm zA+*Ha!q%V0usl+&`O{k@nZ;p&vp;m2?7i?YnjbqR zFKhmUf@QCWz@E?fRyRG)DCytgpRlj(rZ;II_d{e?>@!bA27tUU++-Uq;V9Ttldwe< zQp>-Ueo;(wNkZ8!ZugtZA#HYf+fm$B0EHNWzTy*$=?vfaBN)-7*;cwppLYf_gZ7pS z)GrbCg!_*9vK6Av;X{@i%lJdB9NCdh+13XEw@^MGGS)fAZ)oW#jC4Pa=xxwf(7F`_ zN*l9gRII&q3i^g%?V#<~|1q{vt|B!*@}7HKOLoyVmirAolzOXH0P|*eBJbe*|RfhoE%TM2!LcO|_f-`8I+$uuEf)2>8t$$^f z6+pA)7!jl1`+^KnwMvk%AXnTByyFDxH+bl;+OQH(6&XJI>jPLl=%Xwj;w`K~k9O0Y zkp%UA9TbIF^0^K*TEDN<`?&WePCe7L{0fcpVmJ|TFKo1NLDq@zeG^zSR zL{7Zg#k1u*M*Hc-V&biBFSTwOGPP4!*^_d#EzH@LLPczq>=*@Rna4?Bh)?n{a)@S+ z4ziYuRS4b!KQD7+of2pjk-!L<+bq{p-kg0A;f#m=2&UMiV1mrxp?wbJ44tCyK#e#Y zm24R`8PU8#jo; zmhO&BwM?w2#%Uj70p;(oOsu!^Rc(*lSA0(NI_(Fq&$ln}PF=rxtKBD3c-OZVweAzcL&Rg*J59BSN%=9QF>YuY6QtmAwULpWJyNJ^p>EdL+uy(M|Bi(2yS8&(^P~7h}xFx z$GB&d2#rG-(yF?H9vgCIc(^d#ut^9dlG=i|i72mQE5ZPOzjS!(in2o-*qS=HpDV~> z+Ml=TaSKV^{kVDhJT!@Q<+Yy6(`qT&&gflf1jB^$ZbTy!sRhnDC{q&k{md;!gV$2* z7`0So(}!wfMet-Eq8+8U#?JyaWEnWJYz<( zJgU``i|hVih{vncTyAL1Er&Z;Q+u^5;ValJeNsx6+JKVbRtnCW%pt3DcV3Q^hk!9ss57rcN=fb`9<)S?e@V3)zi%FP4b;_C9uJALBhGl_Sq!SCO)VF(AGfV$ zHHBWIDm&L5x9%uYDFk?fi9=$E3|X;5oOeyTxa@QH&*I}P^d51P(_iRkZ5$bu8eWOO z7&w>+>r+G`8h%>X>r?YJ_sq2{P=jf_h!mO5`U6s~pLe$-cQsh6CkI*i6_$=!>2*MP zn4pnQenpk+{d`=Cu4Fhw2gzu`>QTKYpJ_{)BPM>Py1;rS(r?)iDG=98KJu=7 z2R$+0eJ^%VXqIg^i*>{e&~GzZCTU0#3p_nI@($1oQ5Zty} zT~$a5i#6}xt!)0>%4BV#I%>!{nt5dDy38X69Q>Q<6_=y~N%|4o@3jwAq8LEi{m@A$ z&T^h8Yb@ilfgt>{F>bFaCKA+VX+)J3U}Lt-#2J1)pDH_-c*@9wzFP`pU|V@$a!y8z zHDfPOJYwW*KP;afl1629W;)iRQTTD^LtHR5I=+F2dL*QW;E!T9G``%5itw$LJt)H)f4Ew(DXbEOpG`|sK^x9aw+BhKz zlTRRoJ+#X1WXr4`Q3^zh*z23**X-BTw0+jRiZ8ym15a+!`_m; znY!7@84InOnIKsK*Ts3bLb;-VLto5*g2H1%%f5B|L3uemd(Vvv(RH5>b+={x@C-w! z(v|RWoHoda(ms20>Mn?e47{wx>#)_T>CZ_BN_EpI{Oz|xU8JNRK3?a93>CAtoVt3? zB#xc9A7M0jgT3{AoHw(8QXSO>F+5UBi<&EC;AXVY?X<4)U5-y0IO_u!vj*@dsXma_ zvl@LL#e(Vz7$gS>?=D5L&gWgY#u$PRr6S0~i?fvw4*vngF>Mw!Cx2)wQXIYyz1Rh% zmJRJuJWzHS-xF||&pLjzw)_BrV`0YvieiIadfeoWzzwkDAZrSizd(p2Vg(igvl=$) z$>Rf_AT!e2lU=m&nmpc(WY{T3Vpbg<(2Fc1A9}L6HyTvq13hLUGQg9Ay-~{_#|X)! z9K~=mG;NE-TI)l2srxX|B=Jk-B?>m>uok`XyndY;g*9RTw6fjFttHfF@^Nass^Lek zPwBJRSg7uIQ6JxjGK4r}BXWiYd|>Zs2M@SXojG04YT3GJO)NU;S4P0FR{Jfidv9`; zi+5k%MF~atevTthlA;|Sy&+kxKV463nYlTIBiiZbfy*#k>lf0!Ia%9y?O;P?#w6fC z)l;G#&B+=j&!RJPnKgXQ6UVUmiafc~j4*Jh)%EYCmN8k%gut-SGUA3OQ)wgcLfvmj zf{6$VPnL~Ft7^gn;JYVh%gX%dPh!IW&SXB`Yq9e$)C z<991#Z-1^Xh-bp}oFw!%QK2R$9nO0y-N;`dvJV-hUHLu*$>qk^28k$5mvSrkT+l3P zj79_6k=%l`#$2IYsKWIkRgV4*6ROrXsFns`3$B4xly3hD@!ouL5ih@V^~0IyFMO<|P>vAp2bb;t2Mky$H_)W7 zkDJu^j5C{hI3+`GJSxgw&R+AmFi;Wy!fBurGj*qw#19>MDT()0O>0B0=7ifW36I(} z`sKS`y|la(EVY;nsrk~sxFsPb!7rF=q*?lG1!oO~vpr7%N`mb)|@BH632k1mLn{kh%2?w3AWxf%LyaI_ARd37)e!@xEXpc7y~z0Dix}%!_6^vR$}2gxbEjMn>MN zOCnXL)`I>E+Z`~3Y2Y9=O0zy^e+)Xx}myLL$MSgx&&eWqRw$2FjCHm zLw*X1LOrV549WCpmS)BL_)t@km5oQ4U|+!V%n}v2J2XE=~vx6XyRO+AnYz z81_4R8agK+9~?F(Fd7C;H>cEe%O|7u2uOwk5VYl}KCH(`zl3Kd#AIYp4a-PW zd5>2vB8AsNUgkVmHx_(vgZU(z_??UYrhO{+8-q+#OuRbyQbwquz>-hcpKOm`*CUKy z0EI(sNQK1vzhSK(m3}|$rM=CkbC1iZTn#8Q5{CFNQmdlI z?<_A`PPK}h#yRTu&ao6pwx>aV%tiR*vbydJGyK(3z{3S}$?|wphv&$^+G_4{N0ks4 zKV*0%&-z)=U9uatSN`4CH~nYlPQ?o0@uY3-`S6SH%M9Q3yeQhtS50O%Be*nR?#rer zEyqxWb%3`nlq5N)TrJwBpedoZyFee}TpX*N z{8Z)6ptE3E$Apzp3Q;ct_)Z7(dc+;>Vj8;?iVr?FU&p%|4UJZF1gK}-St&MgN>MEO zdiQmops(rs%IkkZE}GD{zij@oN6j=+&Cfcsv&kSg(f;P{m%XR`>EFRcQMOx99ppRb zJkCKuI}k zqN`SXE3O~esC{M9<7aEKi&}XsmFhbvvLc;VV_=j|nRpAEom)`_{1!x=D0nzKiF~m@WeL4cJ zUx82M`EQCMvMA0stoLm;2mNI!G&*`_w!c2^xnwpMGwezGn7=bNvHk5j?hwmY0V#i) z1isGW>1ZdbIrc$3sdp`oTcDcv4`F^hFh9{CpW!WIvi|UNyRF+vFW^eDRQB~m_wEst zy%h^yV>6m#s~XnnC$nkYGCY1~e>fuX%-o-(D(U{}W(R7c8F(p5!-kgi3Hi1?e)qWN zK_%}PTM$n;9T9cIj<8#un^6*FP_`L-FaX{eF#Y&#V#C;$g*_r!^>~v^jlE^5Gl^pQ zF<)nlFYLs$A7OE{SwaD=y7zfXR5z(ojj>-;e;Q59a+rW5_lf9ZVo-m_G0%Gk`rTBh?D;$BX*&ys+A!BZrr0OZKYAzUK{p{ zQZVmSxlqua5gAw*@?zJBT#ZF5)}Mu#FQu)wEOz}G)o}Yb?(%AT-CE-^lNAvJm!$Y^NJq3oV}2- zqh%D!@@nu{9G27igi4yPene&u6`XWCyH$x+z@xwxdANMp;3!a$88RQf?0hK}{HRV* zB=c<+dU;^R}GFgL8Fw^NdnNFF`!LXkB(EGx41wm{3kG~2L1Ho5ZsYWWpoCAJ`! z!RU6C;X!746$gRj`Ee!tg25#E(+3Q_&)S!1qlX8j+OG@`UO^$$u>L6bq`*av)_@$| z&i=Z%O#-U{auup|^EfW%oK#I>#pL;68;;HBjbh#2x1V?>Bqs0%V{b#Q>FsE7#4zX- z-3~m8X@4t1wXSEJ1kz9H?`d6yH3dgQ@>;0eG}C4zm!|H5#r1;ss%F`AG~@=3g*;_c zz;c;akHox5Rd+%K@?9G!g|oA6wX0!R_wLBa%SzyTmPD{*h#+{rlRJFO20JzZx+4-g=X6bg;R)K5ubI@Ej}25$S<* zB(__Hv{1)%pRgU89x|R-F+#wzH%IK4e9g7lQjMb=U+6RO-O}!SVJzu*``)Yl6y7HX zdGaqKb2$uCQjIelUpO*3-kt7}?!av0#H$O<G}A_={8#aH%KOsm zNn%rpl#(t=G`;s4_DzS2(~gV-unwG9$6!|1t^OH-8E_<+0*j+cx?{7zR!0a32X8WJ zHfq8I#lsQ^o0FH>F{6+ zElw`AMF_}(p<>0TK-JovzEq%u||iL2OV`hW{(%{8fq)*d?rZ7W#%xEj(|SdUHSvgo}pk3F`;u6m!A_3y(~_ib{H%ZyIH z`4LgHP|K67z#D*jGDc&q>4LMB#b+w%;u7Id*-t4z5CZsE8^P9Ry(n;HE`Kc5r ziD`?XIVDRj8H?Q|5aiEsA;TI(1^`xR`vXjRFLItc*mpo|H|?dPy5ZlEm9)Kttpv|` zec#lQwpGP*OPh<);VM`hp~Bn?sbK0aPMLx2ooCGVAi;)ElNnC@RoXCOuA)nx?O9a1A>aDA z8gqbp@m#Co`4Q}0d2p}mtYz(#m#D}I60mWxc2I1t+l zWKCvPA3nbEOV8sZJ*9Gen)Pw>Gquu-a1Gs&y_p+!aSPvmP>GZY4I3q6D|T#5G2LC@ zyGLR|SjQjm;*+$Le*;yBIbyV;>A#Oq#aBM$`tJBmOS&_a>z>1Yy}RC>zy-s#W&UUk zVu@;qS2kzqW49>xm6@(w_+{Xx+t*X`t*GnuY!rqLEL?Ma(3+-a)4rc!dCiN#I80c?&MW6|cRx z&Nk4Z>?%~i1<|2eoB>9TPFt+j>biR=ei6O#}>&{e0_$9yX2dek1e z@nCxGEs`VT&vs&}d6-|rjgMLWU|}r1;fIVO&FaUp`!*{tDZpw<4qn&3!E|HX*QReC>z=0F!8(qB@9x`}{gHG7#a z!Q_k$Ej!=q0b5B?#I@^O33yTQlT~T>#19`{j!!h%zD$>BeO=Aqtg`(g?C}WrbOj!~ zZv#IrvpM}%hFLW`htt{(tqJnk`BnxWs*e@CP+{(Bz`w6_9ad1N{8Z5ey9AD5gOi8d z-wUo8bcEHhnl@fH#|PX~E#}+i@t<}1otA-l0xzSkJ3k{iYq_AbwvA?M$3vAL>+C9q z-_>NPYPTUJ4ejV$j|+3x;y*U}k(~+zwCm z%mIUG8gK!}i{(Jp&Va)DYtm^Y~6kEg|Y{Hnssw{dPmRb&_b2 zYs1EKxCztUz@)mfBsvj}-nzi9sf_*^{1MB=5kuaoN#3!+F4`NpJd$knm2tuLY$M3i zGeJ=lxviZyXT1|^l2Oz8-uf2U{;{q_B1@WuBxZV;}9<7-G6R!3sxW z0@xq(Z~)vrm0Lu6^quG!o~Dh{*7ASl_iHqy@<^_=ql~WW4C1sEI0$ciMaz+#k%Y<# zUFqw54csV8RlW6bn)o?PCT<{l)7k@bgbyd_t38*m9XWa0hJc?Riz)X0ywe<}`M zh{iNi%M6()J7MGw=nloU(tuVwoj3eFc4x=N8q?hkesUxxhW+saUU!m~_BXJqRfi-V zGT=;f#-96y*Rk9PX=mxSRVco|>`{z^9MVlnfQ@*`n&NKDjW#P%xsvCNQbEbLN2xr> zFOE{##t6! z+dzWh2R^Bc?JdIYtibDz#mX?QMQN-yEwY?pcG# z?M9+sr6bfrhoc**dC4_~sCeVAAOH4CEx#21a($=URN-OO-aGN1VY0fMq+Wy$t)umY z4o7Nq{vwU934mLyOPIt+?spJ$W8ga~t!f%FMgEFQz4*6gK zL&bJelBG4#BS^+=FVQ9?1bsey_5(;ZGy(Bf7F(W7-73IWoL^(C2`E^Ji2M%)|IyN4 zWGu!0u)=oNV$%Fh#XK-PKWP)~F?FJIMhDY%oA4*o;9W3#z&}zHKolz(s<147!r;Z7 z&?q5ax_FwcbC#?yP&2{aIPY6W@K_aj!o}gd-}{yZM(7I||EP=;OE(V>J288XCE2n0 zE4T{A|Ar+g#nM?~g{m=T)zmow7wyvzXe`gPUfSeaeNhfcKM{3Huj4b8kuZp5qgjQJ zEj^GZaYjNp^z9Z|b_?k{^}0E_I*8ncyBn_A_dZ}^5mCXx%O>}58wA`Xf%ye}@uI|| z&Vmfl5#NB10?UVe8QZXGjVdBss)J+Eh#${mk4GZ?ttPfC!W@^0lm8|okn{E@N>s<* z03vVrr(%(dTR3}gTI+vl4Q7h)u>)VLNHY+5Yt3q0Z90WJb{|}?kqg9%9AYf~6HE6MjQ=miKeTv$PT=%^*DjbHztL9NT7Ew%CfXnGx<3VZ4bMMdI$k6 z-#V?z#l99NG;nUp3B#l{D+8@O{!=Y~$aOAE-Mqh(o(GKM(eo&r=;^!LN@QE_^R*Drt_7K$)Os^@BbKM z(Ca|NGx84*Tj_OhoZd$~dJZgJmS<^E{i3Nxn@fZX%z>IYU)WL$L-?SysZEc}e`9}! zNz4C*W;;~3lFlZyZ)H!#t^xE78w;4A6;`MVeC??0GM4TKJpaV(1vYla#u)PpIGfl; zSQ7dPN-<$=7DEC3ecBrmIJ6yy73}MNinzdHM+)4ep&S(Fqs8I=5v)mZTh!Z>U}NkJ zfCf)={-k|){!t>(cxOz(658W;{9yWD&WsHTEF8y9%$OCo?vN~U(ch^iDu1E*PKEwv zHA$+0XNGNgh1Bxl4m_SG@ijY;UfiY@gT2uFp+977!y)#WBGtrG&USDz2@<2wf^|nhkt+_+V%ojrFB0&YIzG&PNl* zZEy(p`89SG4i~yw{N+OZ(FTc~oMR95Q@LCW%S|l#J1oIhFzyQc;{J5VISl=h-Pg^s zt1>{!L}d(gJ?pEzaaBjk(IrpHWyD|$422fuMYs!K!ql*%#EZKexC?3oJz%nzSVnQI zge}IQ@uVZWB6vs*#F4hfX*<38r znCXcNc|t921F2Tj^jyFnKG`Uo3%7}LI^fO9vU#Qx)fCIU>*X!z z)yqLx6xEYFRwtvi5aT&@oog3Qnd255PuZvuDE(x~XV_}+^SQucl-DKuc*^F?#1s`G zZ`ILV&YmavufW7Fq&T|tE-i(y91y6csVn(h80n3|p!l-funGy6Q!mEIs79PBXZ3Xi zahGeEK4$q%WWf<~bgJisq?}_v=!Fo1K9bht5kBR@4SF6K{6&NPzfxP*p+xj8H0C5{ z!8h;?C`1wzVE|=@_xF>)VK2OSMvWO-1 zg_ds(UO`Z3=`AKqlZ{`i#`}-?_n#@5^NBUSb+eE^`PcjR9_Q*A7`VEc+^W3f5AQ@9 zOnK}CCm&?gP0ye5Z^}J^cTO5?xIglf^6}(fo~Tom%`s9G3vyG=59eo-Ue47cG*EON z(nzLA_ZcYsZ$a~s{1VbJd3t09_Rcg~$&Bf(1FSf)&L&rrxzlL}3#0k3Nngp=qc->* znwV53cM4HY#~b2(&L1ib$n$p*Ki2{x(m2y6_wm4K7ZZikc?Wny`H7|Va`kWkJV`wn z?;nsx~YvEi7O2QfOJ^n08v$j0;2rW2>AFU%HN3ebwtn-`1U%1B=@9b~>oG}^~37)nt9^cK}7CxERLwFo!DwFoOH3#!rDv&q%@JgH9P zq|S3Xa9p@stICw2h^J#K1;n_h7(9#`^$-^_ax;ArrV84l7T|$w;6bEd8CfilR0j_8+o-xHuTS4{UjksX60C7= z+FV`N^%jkK+g9!EWHp)JBq6IUuTr;^r{5FK(I#stcV-6G)|t3uDl0$t!C11+h`W&u zw?iERbXaG$?wM28sr8^+{$yUCC0U{T%O~I9RO7%$C?$(=zcapxw>xKwjH+a<;`)Rw zKH~Z~Exh8aRkoP~n#>FBcJ8d_EWtVx5Cwj;erRdU#$RYR#hfrV^Uf}TdEp(hI@_Oc z<4v~LX<11;@F6N4js{BPJ0ZQrGHe#&vILnL-W12ev|Zdb`P)xRn8F^JhqKf<-;Un(75Q41?7C)Etyo$twm+r68ki-v%H1G3yBcWCubb&QCYrx8Thc%$ z|5EkKR~K?l&X) zGosbZ<4)`hwZ~<3`>vtt-{p2-kUt3 z%*0=HbG30~Xx{zy{{uRB$fjrZbb{UZYCMIj&&`5xX11?Ox!Qy>ith$B{@)%8xXlc%iniw{91619ZAj7CU>l1_wJ5;D0U<@ zNfYtE2TS)JD>Hpjg0w_g&^eNhrj+bj!z>?;+1EQ(*}j-uzYAM%8{@8W><&s3akD^q z(>t#Er-;m1!E`OhTm*ST(vk8P!(=c+Ku^9A}o^1r4_AKn-8SGU( zevRx#f(S!$wns2+;$`~?Zf$wT2x0B~M?7)Vq?U>1U4g9?qdcwRnq)lXn5M46httc5 zt`CK)50)J7`ws2POw%Qf@>=nLfggS=wH>7YN73cu6OOimeZ6m+!HVo|x;1iYF*-jA z(OvQWA0?JCsbZ}K26_iZCpRsIc5Q_rUX|iz&pg|R%${8xHY&auD7JhwpZG=$lkIV1 z`*eDZZIgI8=tP~Kt3ENOjl1w5VlVso)TN;S&8J4Xn{y0pvjVL|%PL&;0%w1z25ZGV zpXv~Eq8>sY)(dMs<$xz$19qz_pN(oE0_w43(c8We66aXqx*nGcS z--iTLx0_`imb(X5U(P`&Hxr8~pJ zroi#As-$1Z5SH`{0mpxOo+6$9lSFFL6*1kCU-FCon&bsiZO_A%|8<6X5qNH?7$O6u zA8mSyc)oYi^}}ZqylOd)r5p{osQ1rj*1Ub}9{KnKkDQapNJz=cij(m1T{F@q`CnS2 BJNf_s From 7b3950862f9deca4d2299a20ab9a4910aa9378e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 Jan 2019 11:56:02 +0100 Subject: [PATCH 1006/2197] Documentation: link to the specification separately Link to rendered copies of the specification on a separate branch, since the implementation is not always up-to-date with the specification. Fix the broken link to the HTML to something that works on the web. Add instructions to generate the library documentation in HTML locally. --- README.md | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5b5215329..785584a62 100644 --- a/README.md +++ b/README.md @@ -24,10 +24,24 @@ Mbed Crypto is a reference implementation of the PSA cryptography API. It is wri ## Documentation -Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents: +The Mbed Crypto library is a reference implementation of the PSA cryptography API. Please refer to the PSA Cryptography API documents for an overview of the library's interfaces and a detailed description of the types, macros and functions that it provides. -* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf). -* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html). +There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list. + +### PSA Cryptography API + +The PSA cryptography API specification consists of the following documents: + +* The [PSA Cryptography API overview](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). +* The [PSA Cryptography API detailed function reference](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Reference.pdf), which you can also browse in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/modules.html). + +### Browsable library documentation + +To generate a local copy of the library documentation in HTML format: + +1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. We use version 1.8.11 but slightly older or more recent versions should work. +1. Run `make apidoc`. +1. Browse `apidoc/index.html` or `apidoc/modules.html`. ## Compiling From cd0f276cee79f2a2601f2691b45344d327f42ffc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 1 Feb 2019 09:57:20 +0000 Subject: [PATCH 1007/2197] Update pointer in PSA-based mbedtls_pk_write_pubkey() --- library/pkwrite.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 11a2a6145..943dbca01 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -181,7 +181,8 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, } else { - memmove( *p - len, start, len ); + *p -= len; + memmove( *p, start, len ); } } else From 69777ca86786a0dfb8c74779e989df2fdc6084c0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 1 Feb 2019 10:06:51 +0000 Subject: [PATCH 1008/2197] Add function to find OID for PSA ECC curve identifiers --- include/mbedtls/psa_util.h | 76 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a78c1a96c..634857c08 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -155,6 +155,82 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg /* Translations for ECC. */ +static inline int mbedtls_psa_get_ecc_oid_from_id( + psa_ecc_curve_t curve, char const **oid, size_t *oid_len ) +{ + switch( curve ) + { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + case PSA_ECC_CURVE_SECP192R1: + *oid = MBEDTLS_OID_EC_GRP_SECP192R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + case PSA_ECC_CURVE_SECP224R1: + *oid = MBEDTLS_OID_EC_GRP_SECP224R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + case PSA_ECC_CURVE_SECP256R1: + *oid = MBEDTLS_OID_EC_GRP_SECP256R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + case PSA_ECC_CURVE_SECP384R1: + *oid = MBEDTLS_OID_EC_GRP_SECP384R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + case PSA_ECC_CURVE_SECP521R1: + *oid = MBEDTLS_OID_EC_GRP_SECP521R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case PSA_ECC_CURVE_SECP192K1: + *oid = MBEDTLS_OID_EC_GRP_SECP192K1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case PSA_ECC_CURVE_SECP224K1: + *oid = MBEDTLS_OID_EC_GRP_SECP224K1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case PSA_ECC_CURVE_SECP256K1: + *oid = MBEDTLS_OID_EC_GRP_SECP256K1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + case PSA_ECC_CURVE_BRAINPOOL_P256R1: + *oid = MBEDTLS_OID_EC_GRP_BP256R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + case PSA_ECC_CURVE_BRAINPOOL_P384R1: + *oid = MBEDTLS_OID_EC_GRP_BP384R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + case PSA_ECC_CURVE_BRAINPOOL_P512R1: + *oid = MBEDTLS_OID_EC_GRP_BP512R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); + return( 0 ); +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + } + + return( -1 ); +} + static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) { switch( grpid ) From 9acfd730eda79addee4d6c5a04640f1a2880f560 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 1 Feb 2019 10:07:07 +0000 Subject: [PATCH 1009/2197] Adapt mbedtls_pk_write_pubkey_der() to the new PSA public key format Context: There are two public key writing functions in Mbed TLS. First, mbedtls_pk_write_pubkey(), which exports a public key in the form of a SubjectPublicKey structure containing the raw keying material (for example, EC point coordinates for an EC public key, without reference to the underlying curve). Secondly, mbedtls_pk_write_pubkey_der(), which exports a public key in the form of a SubjectPublicKeyInfo structure, wrapping the SubjectPublicKey structure by additional information identifying the type of public key (and for ECC, e.g., it'd also contain the ECC group identifier). The implementation of mbedtls_pk_write_pubkey_der() calls mbedtls_pk_write_pubkey() first and then adds the corresponding algorithm identifier wrapper. Both of these functions need to be provided for PSA-based opaque PK contexts, based on PSA's public key export function. Previously, PSA used the SubjectPublicKeyInfo structure as its export format, so mbedtls_pk_write_pubkey_der() could be easily implemented, while mbedtls_pk_write_pubkey() would need to trim the output of the PSA export. The previous implementation of mbedtls_pk_write_pubkey() is not quite right because it calls PSA export doesn't do any trimming, hence exporting the large SubjectPublicKeyInfo structure instead of the small SubjectPublicKey. mbedtls_pk_write_pubkey_der(), in turn, immediately returns after calling mbedtls_pk_write_pubkey(), hence also returning the SubjectPublicKeyInfo structure, which is correct. By now, the PSA public key export format has changed to the smaller SubjectPublicKey structure. This means that, now, mbedtls_pk_write_pubkey() can be implemented by just calling the PSA export, and that mbedtls_pk_write_pubkey_der() needs to add the algorithm information around it, just as in the other types of PK contexts. While not correct for the old format, the existing code for mbedtls_pk_write_pubkey() is therefore correct for the new PSA public key format, and needs no change apart from the missing pointer shift in the last commit. The implementation of mbedtls_pk_write_pubkey_der() needs a special code path for PSA-based opaque PK contexts, as the PK context only contains the PSA key handle, and the PSA API needs to be used to extract the underlying EC curve to be able to write the AlgorithmParameter structure that's part of the SubjectPublicKeyInfo structure. That's what this commit does, (hopefully) making both mbedtls_pk_write_pubkey() and mbedtls_pk_write_pubkey_der() export the correctly formatted public key based on the new PSA public key format. --- include/mbedtls/psa_util.h | 1 + library/pkwrite.c | 53 ++++++++++++++++++++++++++++++-------- 2 files changed, 43 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 634857c08..3684e9835 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -41,6 +41,7 @@ #include "ecp.h" #include "md.h" #include "pk.h" +#include "oid.h" /* Translations for symmetric crypto. */ diff --git a/library/pkwrite.c b/library/pkwrite.c index 943dbca01..ab4f7f537 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -48,6 +48,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" +#include "mbedtls/psa_util.h" #endif #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" @@ -197,16 +198,13 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si int ret; unsigned char *c; size_t len = 0, par_len = 0, oid_len; + mbedtls_pk_type_t pk_type; const char *oid; c = buf + size; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) - { - return( (int) len ); - } if( c - buf < 1 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); @@ -221,18 +219,51 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); - if( ( ret = mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_get_type( key ), - &oid, &oid_len ) ) != 0 ) - { - return( ret ); - } - + pk_type = mbedtls_pk_get_type( key ); #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) + if( pk_type == MBEDTLS_PK_ECKEY ) { MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) ); } #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( pk_type == MBEDTLS_PK_OPAQUE ) + { + psa_status_t status; + psa_key_type_t key_type; + psa_key_handle_t handle; + psa_ecc_curve_t curve; + + handle = *((psa_key_handle_t*) key->pk_ctx ); + + status = psa_get_key_information( handle, &key_type, + NULL /* bitsize not needed */ ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + + curve = PSA_KEY_TYPE_GET_CURVE( key_type ); + if( curve == 0 ) + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + + ret = mbedtls_psa_get_ecc_oid_from_id( curve, &oid, &oid_len ); + if( ret != 0 ) + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + + /* Write EC algorithm parameters; that's akin + * to pk_write_ec_param() above. */ + MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf, + oid, oid_len ) ); + + /* The rest of the function works as for legacy EC contexts. */ + pk_type = MBEDTLS_PK_ECKEY; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if( ( ret = mbedtls_oid_get_oid_by_pk_alg( pk_type, &oid, + &oid_len ) ) != 0 ) + { + return( ret ); + } MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len, par_len ) ); From 00114d71f4d5dbcdaee4d8cfef397d92fe837823 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 1 Feb 2019 11:48:19 +0000 Subject: [PATCH 1010/2197] Adapt test in test_suite_pk to work with new PSA public key format --- tests/suites/test_suite_pk.function | 57 ++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 120c1716b..e469318bd 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -778,44 +778,65 @@ exit: void pk_psa_sign( ) { mbedtls_pk_context pk; - psa_key_handle_t key; - unsigned char hash[50], sig[100], pkey[100]; - size_t sig_len, klen = 0; + unsigned char hash[50], sig[100], pkey_legacy[100], pkey_psa[100]; + unsigned char *pkey_legacy_start, *pkey_psa_start; + size_t sig_len, klen_legacy, klen_psa; + int ret; + psa_key_handle_t handle; /* * This tests making signatures with a wrapped PSA key: - * - generate a fresh PSA key + * - generate a fresh ECP legacy PK context * - wrap it in a PK context and make a signature this way * - extract the public key * - parse it to a PK context and verify the signature this way */ + /* Create legacy EC public/private key in PK context. */ mbedtls_pk_init( &pk ); + TEST_ASSERT( mbedtls_pk_setup( &pk, + mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); + TEST_ASSERT( mbedtls_ecp_gen_key( MBEDTLS_ECP_DP_SECP256R1, + (mbedtls_ecp_keypair*) pk.pk_ctx, + rnd_std_rand, NULL ) == 0 ); + + /* Export underlying public key for re-importing in a legacy context. */ + ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy, + sizeof( pkey_legacy ) ); + TEST_ASSERT( ret >= 0 ); + klen_legacy = (size_t) ret; + /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ + pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy; + + /* Turn PK context into an opaque one. */ + TEST_ASSERT( psa_allocate_key( &handle ) == PSA_SUCCESS ); + TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle, + PSA_ALG_SHA_256 ) == 0 ); memset( hash, 0x2a, sizeof hash ); memset( sig, 0, sizeof sig ); - memset( pkey, 0, sizeof pkey ); - - key = pk_psa_genkey(); - TEST_ASSERT( key != 0 ); - - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, NULL, NULL ) == 0 ); - mbedtls_pk_free( &pk ); + /* Export underlying public key for re-importing in a psa context. */ + ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa, + sizeof( pkey_psa ) ); + TEST_ASSERT( ret >= 0 ); + klen_psa = (size_t) ret; + /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ + pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa; - TEST_ASSERT( PSA_SUCCESS == psa_export_public_key( - key, pkey, sizeof( pkey ), &klen ) ); - TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); + TEST_ASSERT( klen_psa == klen_legacy ); + TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 ); + + mbedtls_pk_free( &pk ); + TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( handle ) ); mbedtls_pk_init( &pk ); - - TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey, klen ) == 0 ); - - + TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start, + klen_legacy ) == 0 ); TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, sig_len ) == 0 ); From 61b7f61d5ebd5cb2b81621cbc08303a88945bbac Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Mon, 4 Feb 2019 16:00:21 +0000 Subject: [PATCH 1011/2197] Change unknown hash algorithm value 0x010000ff corresponds to PSA_ALG_ANY_HASH, so this collides and isn't an unknown algorithm. --- tests/scripts/test_psa_constant_names.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 1c19cd44b..2d2e213ff 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -61,7 +61,7 @@ when applicable.''' self.key_types = set(['0xffffffff']) self.key_usage_flags = set(['0x80000000']) # Hard-coded value for unknown algorithms - self.hash_algorithms = set(['0x010000ff']) + self.hash_algorithms = set(['0x010000fe']) self.mac_algorithms = set(['0x02ff00ff']) self.kdf_algorithms = set(['0x300000ff', '0x310000ff']) # For AEAD algorithms, the only variability is over the tag length, From f2a752940307f8aeb65040e938a311ea92ea1305 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 5 Feb 2019 13:13:21 +0100 Subject: [PATCH 1012/2197] Fix double return statement in cipher.c This was introduced in ce1ddee13a171 --- library/cipher.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 16037fb05..5d7e53f39 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1100,8 +1100,6 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, * operations, we currently don't make it * accessible through the cipher layer. */ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - - return( 0 ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From aec5a7fd49942a899e20ce78815e60af688d5450 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Feb 2019 20:26:09 +0100 Subject: [PATCH 1013/2197] psa_copy_key: minor documentation clarification --- include/psa/crypto.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b7cc0fbe5..93f896890 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -668,11 +668,12 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * * Copy key material from one location to another. * - * This function is primarily useful to copy a key from one lifetime - * to another. The target key retains its lifetime and location. + * This function is primarily useful to copy a key from one location + * to another, since it populates a key using the material from + * another key which may have a different lifetime. * * In an implementation where slots have different ownerships, - * this functin may be used to share a key with a different party, + * this function may be used to share a key with a different party, * subject to implementation-defined restrictions on key sharing. * In this case \p constraint would typically prevent the recipient * from exporting the key. From b8fe06820b4a33d19eb21147829dee701ffe60e7 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 6 Feb 2019 13:21:31 +0000 Subject: [PATCH 1014/2197] Document that ECDH and FFDH are excluded only temporarily --- tests/scripts/test_psa_constant_names.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 2d2e213ff..000dedc20 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -130,6 +130,8 @@ where each argument takes each possible value at least once.''' # Regex of macro names to exclude. excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') # Additional excluded macros. + # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script + # currently doesn't support them. excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', 'PSA_ALG_FULL_LENGTH_MAC', 'PSA_ALG_ECDH', @@ -160,6 +162,8 @@ where each argument takes each possible value at least once.''' def add_test_case_line(self, function, argument): '''Parse a test case data line, looking for algorithm metadata tests.''' if function.endswith('_algorithm'): + # As above, ECDH and FFDH algorithms are excluded for now. + # Support for them will be added in the future. if 'ECDH' in argument or 'FFDH' in argument: return self.algorithms.add(argument) From d519583ae301eb0ee1b1bb67f5e9a3a38877dab0 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 6 Feb 2019 13:41:54 +0000 Subject: [PATCH 1015/2197] Run generate_psa_constants.py in cmake builds --- programs/psa/CMakeLists.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index 37038c0de..ab11fbc90 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -4,6 +4,8 @@ target_link_libraries(crypto_examples mbedtls) add_executable(key_ladder_demo key_ladder_demo.c) target_link_libraries(key_ladder_demo mbedtls) +execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_psa_constants.py) + add_executable(psa_constant_names psa_constant_names.c) target_link_libraries(psa_constant_names mbedtls) From 45010a333ed3de7bb073671b975a011b4bf2aaaa Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 6 Feb 2019 13:43:58 +0000 Subject: [PATCH 1016/2197] Move test_psa_constant_names to a full config build --- tests/scripts/all.sh | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 84e449010..f7c61b841 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -604,15 +604,6 @@ component_test_default_cmake_gcc_asan () { if_build_succeeded tests/compat.sh } -component_test_psa_constant_names () { - msg "build: cmake, gcc, ASan" # ~ 1 min 50s - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test psa_constant_names" # ~ 1s - record_status tests/scripts/test_psa_constant_names.py -} - component_test_ref_configs () { msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . @@ -717,6 +708,9 @@ component_test_full_cmake_clang () { msg "test: main suites (full config)" # ~ 5s make test + msg "test: psa_constant_names (full config)" # ~ 1s + record_status tests/scripts/test_psa_constant_names.py + msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' From df72306e07281401c8339dc17dff3fb7ff54e53b Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 6 Feb 2019 15:36:00 +0000 Subject: [PATCH 1017/2197] Fix typo in generate_psa_constants.py --- scripts/generate_psa_constants.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index f32339fa5..32508f286 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -63,7 +63,7 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } else if (PSA_ALG_IS_AEAD(alg)) { core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg); if (core_alg == 0) { - /* For unkonwn AEAD algorithms, there is no "default tag length". */ + /* For unknown AEAD algorithms, there is no "default tag length". */ core_alg = alg; } else if (core_alg != alg) { append(&buffer, buffer_size, &required_size, From e84d5d2f1c3cd59ba143280db6eba004ec31eeb8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Feb 2019 20:29:31 +0100 Subject: [PATCH 1018/2197] psa_copy_key: Add test cases to specifically check non-exportability Test that copying a non-exportable key doesn't make it exportable. This complements similar tests that exercise a different usage flag. --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 29674c9fd..a608433cb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -503,10 +503,14 @@ Copy key: AES, fewer usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR -Copy key: AES, more usage flags +Copy key: AES, 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +Copy key: AES, 2 more usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + Copy key: AES, intersect usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR @@ -519,10 +523,14 @@ Copy key: AES, source=target, constraint with fewer usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR -Copy key: AES, source=target, constraint with more usage flags +Copy key: AES, source=target, constraint with 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +Copy key: AES, source=target, constraint with 2 more usage flags +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + Copy key: AES, source=target, constraint with different usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR From c9516fbf13e7c01c76fb5ba2ef3cf83107a1ebba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Feb 2019 20:32:06 +0100 Subject: [PATCH 1019/2197] Document exercise_key and fix one incorrect usage In one place, exercise_key was used in a such a way that if the test failed inside exercise_key, the test suite would correctly report the test as failed but would not report the exact location of the failure. Fix this. Add documentation for exercise_key that explains how to use it. --- tests/suites/test_suite_psa_crypto.function | 30 ++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8ca7dcd10..1fd0d7d98 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -771,6 +771,33 @@ exit: return( ok ); } +/** Do smoke tests on a key. + * + * Perform one of each operation indicated by \p alg (decrypt/encrypt, + * sign/verify, or derivation) that is permitted according to \p usage. + * \p usage and \p alg should correspond to the expected policy on the + * key. + * + * Export the key if permitted by \p usage, and check that the output + * looks sensible. If \p usage forbids export, check that + * \p psa_export_key correctly rejects the attempt. If the key is + * asymmetric, also check \p psa_export_public_key. + * + * If the key fails the tests, this function calls the test framework's + * `test_fail` function and returns false. Otherwise this function returns + * true. Therefore it should be used as follows: + * ``` + * if( ! exercise_key( ... ) ) goto exit; + * ``` + * + * \param handle The key to exercise. It should be capable of performing + * \p alg. + * \param usage The usage flags to assume. + * \param alg The algorithm to exercise. + * + * \retval 0 The key failed the smoke tests. + * \retval 1 The key passed the smoke tests. + */ static int exercise_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -920,7 +947,8 @@ void import_twice( int alg_arg, int usage_arg, if( expected_import1_status == PSA_SUCCESS || expected_import2_status == PSA_SUCCESS ) { - TEST_ASSERT( exercise_key( handle, usage, alg ) ); + if( ! exercise_key( handle, usage, alg ) ) + goto exit; } exit: From da7c80e3f1c6d305ff270407e067a5d35c7fa20b Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 6 Feb 2019 16:24:43 +0000 Subject: [PATCH 1020/2197] Add dependency to Makefile --- programs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/Makefile b/programs/Makefile index 2792b0913..51548c327 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -103,7 +103,7 @@ EXTRA_GENERATED += psa/psa_constant_names_generated.c endif psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c -psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto_values.h +psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto_values.h ../include/psa/crypto_extra.h ../scripts/generate_psa_constants.py aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP) From 4728469f53bcc1dbdd7fc338572e822eeb263034 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 6 Feb 2019 10:44:56 +0000 Subject: [PATCH 1021/2197] rsa: Re-enable use of zero-length null output After merging the latest RSA implementation from Mbed TLS, we have a regression in that we no longer properly handle zero-length null output in PKCS1 v1.5 decryption. Prevent undefined behavior by avoiding a memcpy() to zero-length null output buffers. --- library/rsa.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index b68018829..25544aa04 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1624,9 +1624,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, plaintext_max_size, plaintext_max_size - plaintext_size ); - /* Finally copy the decrypted plaintext plus trailing zeros - * into the output buffer. */ - memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size ); + /* Finally copy the decrypted plaintext plus trailing zeros into the output + * buffer. If output_max_len is 0, then output may be an invalid pointer + * and the result of memcpy() would be undefined; prevent undefined + * behavior making sure to depend only on output_max_len (the size of the + * user-provided output buffer), which is independent from plaintext + * length, validity of padding, success of the decryption, and other + * secrets. */ + if( output_max_len != 0 ) + memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size ); /* Report the amount of data we copied to the output buffer. In case * of errors (bad padding or output too large), the value of *olen From 412654a605aae954cd844325c1ff74125c5ac49c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 6 Feb 2019 12:57:46 +0000 Subject: [PATCH 1022/2197] psa: Expect output-buffer-sized RSA-decryption When RSA decrypting, unlike with RSA encrypting, we sometimes expect the output length will be less than the key size. For instance, in the case where the plaintext is zero-length we expect the output length of the decryption to be zero-length as well, not key size in length. For must-fail tests, we don't expect output-buffer-sized RSA-decryption, only that the output length is less than or equal to the output size, so these tests remain unchanged. Change the must-pass tests to expect that the actual output size is equal to the expected length of the output buffer instead of always being the key size. --- tests/suites/test_suite_psa_crypto.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a9d76dbe6..8b0b839fa 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3206,7 +3206,7 @@ void asymmetric_decrypt( int key_type_arg, size_t output_length = ~0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - output_size = key_data->len; + output_size = expected_data->len; ASSERT_ALLOC( output, output_size ); PSA_ASSERT( psa_crypto_init( ) ); From f8daab78ffa3aae037873227b43f415e7f570511 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 6 Feb 2019 12:57:46 +0000 Subject: [PATCH 1023/2197] psa: Enable testing RSA decryption with output sizes For must-fail asymmetric decryption tests, add an output size parameter so that tests can directly control what output buffer size they allocate and use independently from the key size used. This enables better testing of behavior with various output buffer sizes. --- tests/suites/test_suite_psa_crypto.data | 28 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 4 +-- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 656418de0..e94f14c0b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1389,59 +1389,59 @@ asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84 PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5: salt not allowed depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":16:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT Crypto generator initializers zero properly crypto_generator_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8b0b839fa..2a49141da 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3258,19 +3258,19 @@ void asymmetric_decrypt_fail( int key_type_arg, int alg_arg, data_t *input_data, data_t *label, + int output_size_arg, int expected_status_arg ) { psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; unsigned char *output = NULL; - size_t output_size = 0; + size_t output_size = output_size_arg; size_t output_length = ~0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - output_size = key_data->len; ASSERT_ALLOC( output, output_size ); PSA_ASSERT( psa_crypto_init( ) ); From c979f6ab38c5b733fe135b6fe2885d3f87ec9222 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 6 Feb 2019 15:28:38 +0000 Subject: [PATCH 1024/2197] psa: Test empty PKCS#1 v1.5 decryption The tests use a ciphertext for PKCS#1 v1.5 encryption of a zero-length buffer that was created with a call to psa_asymmetric_encrypt(). --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e94f14c0b..923aa0c31 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1367,6 +1367,14 @@ PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL + +PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":"" + PSA decrypt: RSA OAEP-SHA-256, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" From 7f04214cf48c61a7244ee23bea8e58389e0e4578 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 7 Feb 2019 10:44:38 +0000 Subject: [PATCH 1025/2197] psa: Rename PSA_HASH_FINAL_SIZE to PSA_HASH_SIZE The macro PSA_HASH_FINAL_SIZE no longer exists and all instances of it should be replaced by PSA_HASH_SIZE. Replace all remaining instances of PSA_HASH_FINAL_SIZE with PSA_HASH_SIZE. --- include/psa/crypto_sizes.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 9ad053629..34664fc10 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -292,9 +292,9 @@ (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ 0) -#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ - (PSA_ALG_IS_RSA_OAEP(alg) ? \ - 2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ +#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ + (PSA_ALG_IS_RSA_OAEP(alg) ? \ + 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ 11 /*PKCS#1v1.5*/) /** From 21b33b07dfd8f30a08fc4654c2debcc0f166a5c8 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 7 Feb 2019 10:50:49 +0000 Subject: [PATCH 1026/2197] Run generate_psa_constants.py before building psa_constant_names with cmake --- programs/psa/CMakeLists.txt | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index ab11fbc90..c80043bc4 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -4,11 +4,16 @@ target_link_libraries(crypto_examples mbedtls) add_executable(key_ladder_demo key_ladder_demo.c) target_link_libraries(key_ladder_demo mbedtls) -execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_psa_constants.py) - add_executable(psa_constant_names psa_constant_names.c) target_link_libraries(psa_constant_names mbedtls) +add_custom_target( + psa_constant_names_generated + COMMAND ${PYTHON_EXECUTABLE} scripts/generate_psa_constants.py + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/../../ +) +add_dependencies(psa_constant_names psa_constant_names_generated) + install(TARGETS crypto_examples key_ladder_demo From 5229bbb08e3355b8f09a4bc89fce277e0828c0ee Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 7 Feb 2019 16:33:37 +0000 Subject: [PATCH 1027/2197] psa: Test fresh contexts have default behavior Test that freshly-initialized contexts exhibit default behavior through the API. Do this without depending on the internal representation of the contexts. This provides better portability of our tests on compilers like MSVC. --- tests/suites/test_suite_psa_crypto.function | 79 +++++++++------------ 1 file changed, 34 insertions(+), 45 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1fd0d7d98..1386a580a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1441,15 +1441,15 @@ void key_policy_init( ) memset( &zero, 0, sizeof( zero ) ); - /* Although not technically guaranteed by the C standard nor the PSA Crypto - * specification, we test that all valid ways of initializing the object - * have the same bit pattern. This is a stronger requirement that may not - * be valid on all platforms or PSA Crypto implementations, but implies the - * weaker actual requirement is met: that a freshly initialized object, no - * matter how it was initialized, acts the same as any other valid - * initialization. */ - TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); - TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); + /* A default key policy should not permit any usage. */ + TEST_EQUAL( psa_key_policy_get_usage( &func ), 0 ); + TEST_EQUAL( psa_key_policy_get_usage( &init ), 0 ); + TEST_EQUAL( psa_key_policy_get_usage( &zero ), 0 ); + + /* A default key policy should not permit any algorithm. */ + TEST_EQUAL( psa_key_policy_get_algorithm( &func ), 0 ); + TEST_EQUAL( psa_key_policy_get_algorithm( &init ), 0 ); + TEST_EQUAL( psa_key_policy_get_algorithm( &zero ), 0 ); } /* END_CASE */ @@ -1960,15 +1960,10 @@ void hash_operation_init( ) memset( &zero, 0, sizeof( zero ) ); - /* Although not technically guaranteed by the C standard nor the PSA Crypto - * specification, we test that all valid ways of initializing the object - * have the same bit pattern. This is a stronger requirement that may not - * be valid on all platforms or PSA Crypto implementations, but implies the - * weaker actual requirement is met: that a freshly initialized object, no - * matter how it was initialized, acts the same as any other valid - * initialization. */ - TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); - TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); + /* A default hash operation should be abortable without error. */ + PSA_ASSERT( psa_hash_abort( &func ) ); + PSA_ASSERT( psa_hash_abort( &init ) ); + PSA_ASSERT( psa_hash_abort( &zero ) ); } /* END_CASE */ @@ -2183,15 +2178,10 @@ void mac_operation_init( ) memset( &zero, 0, sizeof( zero ) ); - /* Although not technically guaranteed by the C standard nor the PSA Crypto - * specification, we test that all valid ways of initializing the object - * have the same bit pattern. This is a stronger requirement that may not - * be valid on all platforms or PSA Crypto implementations, but implies the - * weaker actual requirement is met: that a freshly initialized object, no - * matter how it was initialized, acts the same as any other valid - * initialization. */ - TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); - TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); + /* A default MAC operation should be abortable without error. */ + PSA_ASSERT( psa_mac_abort( &func ) ); + PSA_ASSERT( psa_mac_abort( &init ) ); + PSA_ASSERT( psa_mac_abort( &zero ) ); } /* END_CASE */ @@ -2338,15 +2328,10 @@ void cipher_operation_init( ) memset( &zero, 0, sizeof( zero ) ); - /* Although not technically guaranteed by the C standard nor the PSA Crypto - * specification, we test that all valid ways of initializing the object - * have the same bit pattern. This is a stronger requirement that may not - * be valid on all platforms or PSA Crypto implementations, but implies the - * weaker actual requirement is met: that a freshly initialized object, no - * matter how it was initialized, acts the same as any other valid - * initialization. */ - TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); - TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); + /* A default cipher operation should be abortable without error. */ + PSA_ASSERT( psa_cipher_abort( &func ) ); + PSA_ASSERT( psa_cipher_abort( &init ) ); + PSA_ASSERT( psa_cipher_abort( &zero ) ); } /* END_CASE */ @@ -3527,21 +3512,25 @@ void crypto_generator_init( ) * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to supress the Clang warning for the test. */ + size_t capacity; psa_crypto_generator_t func = psa_crypto_generator_init( ); psa_crypto_generator_t init = PSA_CRYPTO_GENERATOR_INIT; psa_crypto_generator_t zero; memset( &zero, 0, sizeof( zero ) ); - /* Although not technically guaranteed by the C standard nor the PSA Crypto - * specification, we test that all valid ways of initializing the object - * have the same bit pattern. This is a stronger requirement that may not - * be valid on all platforms or PSA Crypto implementations, but implies the - * weaker actual requirement is met: that a freshly initialized object, no - * matter how it was initialized, acts the same as any other valid - * initialization. */ - TEST_EQUAL( memcmp( &func, &zero, sizeof( zero ) ), 0 ); - TEST_EQUAL( memcmp( &init, &zero, sizeof( zero ) ), 0 ); + /* A default generator should have no capacity. */ + PSA_ASSERT( psa_get_generator_capacity( &func, &capacity ) ); + TEST_EQUAL( capacity, 0 ); + PSA_ASSERT( psa_get_generator_capacity( &init, &capacity ) ); + TEST_EQUAL( capacity, 0 ); + PSA_ASSERT( psa_get_generator_capacity( &zero, &capacity ) ); + TEST_EQUAL( capacity, 0 ); + + /* A default generator should be abortable without error. */ + PSA_ASSERT( psa_generator_abort(&func) ); + PSA_ASSERT( psa_generator_abort(&init) ); + PSA_ASSERT( psa_generator_abort(&zero) ); } /* END_CASE */ From 4c6fdbbe8d2ef0e7ee8f509d4ad1171602ca972f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Feb 2019 11:22:39 +0100 Subject: [PATCH 1028/2197] Fix typos in doxygen formatting commands --- include/psa/crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5f4896cbd..3ed5f0f51 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1962,7 +1962,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, * \p plaintext_length). * \param[out] ciphertext_length On success, the size of the output - * in the \b ciphertext buffer. + * in the \p ciphertext buffer. * * \retval #PSA_SUCCESS * Success. @@ -2018,7 +2018,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, * \p ciphertext_length). * \param[out] plaintext_length On success, the size of the output - * in the \b plaintext buffer. + * in the \p plaintext buffer. * * \retval #PSA_SUCCESS * Success. From 6bce7f7ebbf7e8a979c61815a9373fe731bc974b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Feb 2019 11:24:03 +0100 Subject: [PATCH 1029/2197] Fix copypasta in multipart AEAD macro --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index d4182f525..8e7fa7ae4 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -286,7 +286,7 @@ * correct size for an AEAD algorithm that it * recognizes, but does not support. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg, plaintext_length) \ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ ((size_t)0) /** The maximum size of the output of psa_aead_decrypt(), in bytes. From 12b58abad6cc1c5ae7cf5a04f1b4e56d4a671eab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Feb 2019 11:24:24 +0100 Subject: [PATCH 1030/2197] Remove duplicate definition of PSA_ALG_IS_WILDCARD This was due to a bad merge. --- include/psa/crypto_values.h | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e6909af67..76c5f38a1 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1404,24 +1404,6 @@ PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ (alg) == PSA_ALG_ANY_HASH) -/** Whether the specified algorithm encoding is a wildcard. - * - * Wildcard values may only be used to set the usage algorithm field in - * a policy, not to perform an operation. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \c alg is a wildcard algorithm encoding. - * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for - * an operation). - * \return This macro may return either 0 or 1 if \c alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_WILDCARD(alg) \ - (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ - PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ - (alg) == PSA_ALG_ANY_HASH) - /**@}*/ /** \defgroup key_lifetimes Key lifetimes From 47e79fb5ab354b9f2214e85cae86e2c865cd1aff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Feb 2019 11:24:59 +0100 Subject: [PATCH 1031/2197] Fix minor errors in key derivation and key agreement documentation --- include/psa/crypto.h | 10 +++++++--- include/psa/crypto_values.h | 32 +++++++++++++++++--------------- 2 files changed, 24 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3ed5f0f51..b2f3eb28f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3129,9 +3129,9 @@ psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, * public key type corresponding to the type of * private_key. That is, this function performs the * equivalent of - * `psa_import_key(internal_public_key_handle, - * PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(private_key_type), - * peer_key, peer_key_length)` where + * #psa_import_key(`internal_public_key_handle`, + * #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(`private_key_type`), + * `peer_key`, `peer_key_length`) where * `private_key_type` is the type of `private_key`. * For example, for EC keys, this means that peer_key * is interpreted as a point on the curve that the @@ -3175,6 +3175,10 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, * a key derivation, use psa_key_agreement() and other functions from * the key derivation and generator interface. * + * \param alg The key agreement algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) + * is true). * \param private_key Handle to the private key to use. * \param[in] peer_key Public key of the peer. It must be * in the same format that psa_import_key() diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 76c5f38a1..29a64c27a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -613,7 +613,6 @@ #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION) -#define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000) /** Whether the specified algorithm is a key agreement algorithm. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). @@ -623,8 +622,7 @@ * algorithm identifier. */ #define PSA_ALG_IS_KEY_AGREEMENT(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \ - PSA_ALG_CATEGORY_KEY_AGREEMENT) + (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT) /** Whether the specified algorithm is a key derivation algorithm. * @@ -637,17 +635,6 @@ #define PSA_ALG_IS_KEY_DERIVATION(alg) \ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) -/** Whether the specified algorithm is a key selection algorithm. - * - * \param alg An algorithm identifier (value of type #psa_algorithm_t). - * - * \return 1 if \p alg is a key selection algorithm, 0 otherwise. - * This macro may return either 0 or 1 if \p alg is not a supported - * algorithm identifier. - */ -#define PSA_ALG_IS_KEY_SELECTION(alg) \ - (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) - #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) @@ -1313,8 +1300,23 @@ #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \ (((alg) & PSA_ALG_KEY_AGREEMENT_MASK) | PSA_ALG_CATEGORY_KEY_AGREEMENT) +/** Whether the specified algorithm is a raw key agreement algorithm. + * + * A raw key agreement algorithm is one that does not specify + * a key derivation function. + * Usually, raw key agreement algorithms are constructed directly with + * a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are + * constructed with PSA_ALG_KEY_AGREEMENT(). + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a raw key agreement algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ #define PSA_ALG_IS_RAW_KEY_AGREEMENT(alg) \ - (PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) + (PSA_ALG_IS_KEY_AGREEMENT(alg) && \ + PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) == PSA_ALG_CATEGORY_KEY_DERIVATION) #define PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT(alg) \ ((PSA_ALG_IS_KEY_DERIVATION(alg) || PSA_ALG_IS_KEY_AGREEMENT(alg))) From 8593bca7f8bc37ef4ceada556fe4fd1e48ce1f59 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Mon, 11 Feb 2019 11:45:58 +0000 Subject: [PATCH 1032/2197] Allow NULL buffers in psa_copy_key_material when the key size is zero --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d9d48708c..086403109 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1227,7 +1227,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->type, psa_get_key_bits( source ) ); buffer = mbedtls_calloc( 1, buffer_size ); - if( buffer == NULL ) + if( buffer == NULL && buffer_size != 0 ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) From 8096cafa9454ba2f8e06e581e5bf4d1d75cb4685 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Mon, 11 Feb 2019 14:03:03 +0000 Subject: [PATCH 1033/2197] Only zeroize buffer if the buffer length is non-zero --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 086403109..5bf4f9924 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1235,7 +1235,8 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_import_key( target, source->type, buffer, length ); exit: - mbedtls_platform_zeroize( buffer, buffer_size ); + if( buffer_size != 0 ) + mbedtls_platform_zeroize( buffer, buffer_size ); mbedtls_free( buffer ); return( status ); } From 43433849662b748fd45baee0eb1de3658d843cd4 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Mon, 11 Feb 2019 21:33:10 +0000 Subject: [PATCH 1034/2197] Fix typo in x509write test data --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 56aa64f97..c19662503 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -52,7 +52,7 @@ x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS Certificate write check Server1 SHA1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0::0:0:1:-1:"data_files/server1.crt":0 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0 Certificate write check Server1 SHA1, key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C From d48e9c713e32857688682a467ce83039fa262d8c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 7 Feb 2019 17:43:39 +0000 Subject: [PATCH 1035/2197] all.sh: Enable verbose failure messages for CMake Set the CMake-observed variable `CTEST_OUTPUT_ON_FAILURE`, so that when a "make test" run by CMake fails, verbose test output about the detail of failure is available. --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 11d10a367..19c725f2f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -137,6 +137,9 @@ pre_initialize_variables () { export MAKEFLAGS="-j" fi + # Include more verbose output for failing tests run by CMake + export CTEST_OUTPUT_ON_FAILURE=1 + # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". # Parse the script with sed, because in sh there is no way to list From 4945176ebe196321051884455e5267070300bd24 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Feb 2019 14:25:40 +0100 Subject: [PATCH 1036/2197] Add framework for architecture documents in Markdown --- docs/architecture/.gitignore | 2 ++ docs/architecture/Makefile | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 docs/architecture/.gitignore create mode 100644 docs/architecture/Makefile diff --git a/docs/architecture/.gitignore b/docs/architecture/.gitignore new file mode 100644 index 000000000..23f832b73 --- /dev/null +++ b/docs/architecture/.gitignore @@ -0,0 +1,2 @@ +*.html +*.pdf diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile new file mode 100644 index 000000000..4873daeb8 --- /dev/null +++ b/docs/architecture/Makefile @@ -0,0 +1,18 @@ +PANDOC = pandoc + +default: all + +all_markdown = \ + # This line is intentionally left blank + +html: $(all_markdown:.md=.html) +pdf: $(all_markdown:.md=.pdf) +all: html pdf + +.SUFFIXES: +.SUFFIXES: .md .html .pdf + +.md.html: + $(PANDOC) -o $@ $< +.md.pdf: + $(PANDOC) -o $@ $< From 0b02002fec185d5c1e2f96e9b570709335417aeb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Feb 2019 14:25:57 +0100 Subject: [PATCH 1037/2197] Specification of how Mbed Crypto uses storage Describe the storage format for keys and random seed in Mbed Crypto 0.1.0 released with Mbed OS 5.11, over C stdio and over ITS with 32-bit file identifiers. Describe the proposed storage format for keys and random seed in the future release of Mbed Crypto for Mbed OS 5.12, over C stdio and over ITS with 64-bit file identifiers. --- docs/architecture/Makefile | 1 + .../mbed-crypto-storage-specification.md | 153 ++++++++++++++++++ 2 files changed, 154 insertions(+) create mode 100644 docs/architecture/mbed-crypto-storage-specification.md diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile index 4873daeb8..f763c9c54 100644 --- a/docs/architecture/Makefile +++ b/docs/architecture/Makefile @@ -3,6 +3,7 @@ PANDOC = pandoc default: all all_markdown = \ + mbed-crypto-storage-specification.md \ # This line is intentionally left blank html: $(all_markdown:.md=.html) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md new file mode 100644 index 000000000..fc95b3644 --- /dev/null +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -0,0 +1,153 @@ +Mbed Crypto storage specification +================================= + +This document specifies how Mbed Crypto uses storage. + +Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore: + +1. Any change may break existing installations and may require an upgrade path. +1. This document retains historical information about all past released versions. Do not remove information from this document unless it has always been incorrect or it is about a version that you are sure was never released. + +Mbed Crypto 0.1.0 +----------------- + +Tags: mbedcrypto-0.1.0b, mbedcrypto-0.1.0b2 + +Released in November 2018.
+Integrated in Mbed OS 5.11. + +Supported backends: + +* [PSA ITS](#file-namespace-on-its-for-0.1.0) +* [C stdio](#file-namespace-on-stdio-for-0.1.0) + +Supported features: + +* [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-names-for-0.1.0). +* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0) on ITS only. + +This is a beta release, and we do not promise backward compatibility, with one exception: + +> On Mbed OS, if a device has a nonvolatile random seed file produced with Mbed OS 5.11.x and is upgraded to a later version of Mbed OS, the nonvolatile random seed file is preserved or upgraded. + +We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on other platforms. + +### Key names for 0.1.0 + +Information about each key is stored in a dedicated file whose name is constructed from the key identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.1.0). + +The valid values for a key identifier are the range from 1 to 0xfffeffff. The range is not documented. + +The code uses the following constant in an internal header (note that despite the name, this value is actually one plus the maximum permitted value): + + #define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000 + +There is a shared namespace for all callers. + +### Key file format for 0.1.0 + +All integers are encoded in little-endian order in 8-bit bytes. + +The layout of a key file is: + +* magic (8 bytes): `"PSA\0KEY\0"` +* version (4 bytes): 0 +* type (4 bytes): `psa_key_type_t` value +* policy usage flags (4 bytes): `psa_key_usage_t` value +* policy usage algorithm (4 bytes): `psa_algorithm_t` value +* key material length (4 bytes) +* key material: output of `psa_export_key` +* Any trailing data is rejected on load. + +### Nonvolatile random seed file format for 0.1.0 + +The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization. + +The file format is just the seed as a byte string with no metadata or encoding of any kind. + +### File namespace on ITS for 0.1.0 + +Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +* File 0: unused. +* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the file identifier](#key-names-for-0.1.0). +* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0). +* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff: unused. + +### File namespace on stdio for 0.1.0 + +Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23. + +An undocumented build-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory). + +* `CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"`: used as a temporary file. Must be writable. May be overwritten or deleted if present. +* `sprintf(CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#key-names-for-0.1.0) is `key_id`. +* Other files: unused. + +Mbed Crypto 0.2.0 +----------------- + +**Warning:** the information in this section is provisional and may change before Mbed Crypto is released for Mbed OS 5.12. At the time of writing, we don't even know whether this version will be called 0.2.0. + +To be released for Mbed OS 5.12. + +Supported backends: + +* [PSA platform](#file-namespace-on-a-psa-platform-for-0.2.0) +* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-0.2.0) +* [library using C stdio](#file-namespace-on-stdio-for-0.2.0) + +Supported features: + +* [Persistent transparent keys](#key-file-format-for-0.2.0) designated by a [key identifier and owner](#key-names-for-0.2.0). +* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0) on ITS only. + +Backward compatibility commitments: TBD + +### Key names for 0.2.0 + +Information about each key is stored in a dedicated file whose name is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, the owner identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0). + +The valid values for a key identifier are the range from 1 to 0xfffeffff. The range is not documented. + +* Library integration: the key file name is just the key identifer. This is a 32-bit value. +* PSA service integration: the key file name is `key_id << 32 | owner_uid` where `key_id` is the key identifier specified by the application and `owner_uid` is the calling partition identifier provided to the serve by the partition manager. This is a 64-bit value. + +### Key file format for 0.2.0 + +The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same version so far). + +### Nonvolatile random seed file format for 0.2.0 + +[Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0). + +### File namespace on a PSA platform for 0.2.0 + +Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused. +* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0). +* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). + +### File namespace on ITS as a library for 0.2.0 + +Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +* File 0: unused. +* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). +* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0). +* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff, 0x100000000 through 0xffffffffffffffff: unused. + +### File namespace on stdio for 0.2.0 + +[Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0). + +### Upgrade from 0.1.0 to 0.2.0. + +* Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported. + +### Suggested changes to make before 0.2.0 + +The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration). + +It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use. From b5a132f26c21bdf530affaa5db18fbc7fcf8c670 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Feb 2019 16:47:20 +0100 Subject: [PATCH 1038/2197] Minor clarifications --- docs/architecture/mbed-crypto-storage-specification.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index fc95b3644..1557a4f90 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -36,7 +36,7 @@ We do not make any promises regarding key storage, or regarding the nonvolatile Information about each key is stored in a dedicated file whose name is constructed from the key identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.1.0). -The valid values for a key identifier are the range from 1 to 0xfffeffff. The range is not documented. +The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid. The code uses the following constant in an internal header (note that despite the name, this value is actually one plus the maximum permitted value): @@ -108,14 +108,14 @@ Backward compatibility commitments: TBD Information about each key is stored in a dedicated file whose name is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, the owner identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0). -The valid values for a key identifier are the range from 1 to 0xfffeffff. The range is not documented. +The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid. * Library integration: the key file name is just the key identifer. This is a 32-bit value. * PSA service integration: the key file name is `key_id << 32 | owner_uid` where `key_id` is the key identifier specified by the application and `owner_uid` is the calling partition identifier provided to the serve by the partition manager. This is a 64-bit value. ### Key file format for 0.2.0 -The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same version so far). +The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far). ### Nonvolatile random seed file format for 0.2.0 From f02fbf4bbe216b37723bbbfc65d359b941391880 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 13 Feb 2019 15:43:35 +0100 Subject: [PATCH 1039/2197] Don't mention "crypto service" when discussing a library integration --- docs/architecture/mbed-crypto-storage-specification.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index 1557a4f90..d56d3331c 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -111,7 +111,7 @@ Information about each key is stored in a dedicated file whose name is construct The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid. * Library integration: the key file name is just the key identifer. This is a 32-bit value. -* PSA service integration: the key file name is `key_id << 32 | owner_uid` where `key_id` is the key identifier specified by the application and `owner_uid` is the calling partition identifier provided to the serve by the partition manager. This is a 64-bit value. +* PSA service integration: the key file name is `key_id << 32 | owner_uid` where `key_id` is the key identifier specified by the application and `owner_uid` is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. ### Key file format for 0.2.0 @@ -131,7 +131,7 @@ Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service ### File namespace on ITS as a library for 0.2.0 -Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. +Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. * File 0: unused. * Files 1 through 0xfffeffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). From 1b879843d11e8390f96b3a941ce1f71e1bf58a62 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 13 Feb 2019 18:40:50 +0100 Subject: [PATCH 1040/2197] psa_constant_names: factor unsigned support into its own function This is in preparation for adding support for signed types (namely, psa_status_t). --- programs/psa/psa_constant_names.c | 76 +++++++++++++++---------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index cc98a9535..11dc3c120 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -155,52 +155,20 @@ typedef enum { TYPE_ECC_CURVE, TYPE_KEY_TYPE, TYPE_KEY_USAGE, -} value_type; +} unsigned_value_type; -int main(int argc, char *argv[]) +int process_unsigned(unsigned_value_type type, unsigned long max, char **argp) { - value_type type; - unsigned long max; - int i; - - if (argc <= 1 || - !strcmp(argv[1], "help") || - !strcmp(argv[1], "--help")) - { - usage(argv[0]); - return EXIT_FAILURE; - } - - if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) { - type = TYPE_STATUS; - max = 0x7fffffff; /* hard-coded because psa_status_t is signed */ - } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) { - type = TYPE_ALGORITHM; - max = (psa_algorithm_t)( -1 ); - } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) { - type = TYPE_ECC_CURVE; - max = (psa_ecc_curve_t)( -1 ); - } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { - type = TYPE_KEY_TYPE; - max = (psa_key_type_t)( -1 ); - } else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) { - type = TYPE_KEY_USAGE; - max = (psa_key_usage_t)( -1 ); - } else { - printf("Unknown type: %s\n", argv[1]); - return EXIT_FAILURE; - } - - for (i = 2; i < argc; i++) { + for (; *argp != NULL; argp++) { char buffer[200]; char *end; - unsigned long value = strtoul(argv[i], &end, 0); + unsigned long value = strtoul(*argp, &end, 0); if (*end) { - printf("Non-numeric value: %s\n", argv[i]); + printf("Non-numeric value: %s\n", *argp); return EXIT_FAILURE; } if (value > max) { - printf("Value out of range: %s\n", argv[i]); + printf("Value out of range: %s\n", *argp); return EXIT_FAILURE; } @@ -231,3 +199,35 @@ int main(int argc, char *argv[]) return EXIT_SUCCESS; } + +int main(int argc, char *argv[]) +{ + if (argc <= 1 || + !strcmp(argv[1], "help") || + !strcmp(argv[1], "--help")) + { + usage(argv[0]); + return EXIT_FAILURE; + } + + if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) { + /* Wrong! psa_status_t is signed. */ + return process_unsigned(TYPE_ALGORITHM, 0xffffffff, + argv + 2); + } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) { + return process_unsigned(TYPE_ALGORITHM, (psa_algorithm_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) { + return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_curve_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { + return process_unsigned(TYPE_KEY_TYPE, (psa_key_type_t) (-1), + argv + 2); + } else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) { + return process_unsigned(TYPE_KEY_USAGE, (psa_key_usage_t) (-1), + argv + 2); + } else { + printf("Unknown type: %s\n", argv[1]); + return EXIT_FAILURE; + } +} From 3f775264d30edee151febba796845add1df1cd29 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 13 Feb 2019 18:42:06 +0100 Subject: [PATCH 1041/2197] psa_constant_names: adding support for signed types psa_constant_names now works correctly with signed values, such as psa_status_t may have. --- programs/psa/psa_constant_names.c | 49 ++++++++++++++++++++++++++----- 1 file changed, 41 insertions(+), 8 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 11dc3c120..551410021 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -1,3 +1,5 @@ +#include +#include #include #include #include @@ -151,6 +153,40 @@ static void usage(const char *program_name) typedef enum { TYPE_STATUS, +} signed_value_type; + +int process_signed(signed_value_type type, long min, long max, char **argp) +{ + for (; *argp != NULL; argp++) { + char buffer[200]; + char *end; + long value = strtol(*argp, &end, 0); + if (*end) { + printf("Non-numeric value: %s\n", *argp); + return EXIT_FAILURE; + } + if (value < min || (errno == ERANGE && value < 0)) { + printf("Value too small: %s\n", *argp); + return EXIT_FAILURE; + } + if (value > max || (errno == ERANGE && value > 0)) { + printf("Value too large: %s\n", *argp); + return EXIT_FAILURE; + } + + switch (type) { + case TYPE_STATUS: + psa_snprint_status(buffer, sizeof(buffer), + (psa_status_t) value); + break; + } + puts(buffer); + } + + return EXIT_SUCCESS; +} + +typedef enum { TYPE_ALGORITHM, TYPE_ECC_CURVE, TYPE_KEY_TYPE, @@ -167,16 +203,12 @@ int process_unsigned(unsigned_value_type type, unsigned long max, char **argp) printf("Non-numeric value: %s\n", *argp); return EXIT_FAILURE; } - if (value > max) { + if (value > max || errno == ERANGE) { printf("Value out of range: %s\n", *argp); return EXIT_FAILURE; } switch (type) { - case TYPE_STATUS: - psa_snprint_status(buffer, sizeof(buffer), - (psa_status_t) value); - break; case TYPE_ALGORITHM: psa_snprint_algorithm(buffer, sizeof(buffer), (psa_algorithm_t) value); @@ -211,9 +243,10 @@ int main(int argc, char *argv[]) } if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) { - /* Wrong! psa_status_t is signed. */ - return process_unsigned(TYPE_ALGORITHM, 0xffffffff, - argv + 2); + /* There's no way to obtain the actual range of a signed type, + * so hard-code it here: psa_status_t is int32_t. */ + return process_signed(TYPE_STATUS, INT32_MIN, INT32_MAX, + argv + 2); } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) { return process_unsigned(TYPE_ALGORITHM, (psa_algorithm_t) (-1), argv + 2); From c4cd2adae8df60d1992f5d4c9397af5ff35e0914 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 13 Feb 2019 18:42:53 +0100 Subject: [PATCH 1042/2197] test_psa_constant_names: fix uses of C integer types Some of the types may in principle be wider than `unsigned`, so use `unsigned long` in printf. Add support for signed types: a status is a signed value, and preferentially printed in decimal. --- tests/scripts/test_psa_constant_names.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 000dedc20..d22652e8a 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -211,6 +211,12 @@ def remove_file_if_exists(filename): def run_c(options, type, names): '''Generate and run a program to print out numerical values for names.''' + if type == 'status': + cast_to = 'long' + printf_format = '%ld' + else: + cast_to = 'unsigned long' + printf_format = '0x%08lx' c_name = None exe_name = None try: @@ -230,7 +236,8 @@ int main(void) { ''') for name in names: - c_file.write(' printf("0x%08x\\n", {});\n'.format(name)) + c_file.write(' printf("{}\\n", ({}) {});\n' + .format(printf_format, cast_to, name)) c_file.write(''' return 0; } ''') From e8206622ad7fbc9c683cfd10cec7c0eae8512057 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 8 Feb 2019 16:07:34 +0000 Subject: [PATCH 1043/2197] Update config-default.h to the latest from Mbed TLS config-default.h should always be a verbatim copy of the default configuration (include/mbedtls/config.h) from Mbed TLS. --- configs/config-default.h | 254 +++++++++++++++++++++++++++++++++++---- 1 file changed, 230 insertions(+), 24 deletions(-) diff --git a/configs/config-default.h b/configs/config-default.h index 16ed503ca..e6abf24d5 100644 --- a/configs/config-default.h +++ b/configs/config-default.h @@ -139,7 +139,7 @@ * * System has time.h, time(), and an implementation for * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necesarily very accurate, but at least + * The time needs to be correct (not necessarily very accurate, but at least * the date should be correct). This is used to verify the validity period of * X.509 certificates. * @@ -226,6 +226,7 @@ //#define MBEDTLS_PLATFORM_FPRINTF_ALT //#define MBEDTLS_PLATFORM_PRINTF_ALT //#define MBEDTLS_PLATFORM_SNPRINTF_ALT +//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT //#define MBEDTLS_PLATFORM_NV_SEED_ALT //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT @@ -256,6 +257,48 @@ */ //#define MBEDTLS_DEPRECATED_REMOVED +/** + * \def MBEDTLS_CHECK_PARAMS + * + * This configuration option controls whether the library validates more of + * the parameters passed to it. + * + * When this flag is not defined, the library only attempts to validate an + * input parameter if: (1) they may come from the outside world (such as the + * network, the filesystem, etc.) or (2) not validating them could result in + * internal memory errors such as overflowing a buffer controlled by the + * library. On the other hand, it doesn't attempt to validate parameters whose + * values are fully controlled by the application (such as pointers). + * + * When this flag is defined, the library additionally attempts to validate + * parameters that are fully controlled by the application, and should always + * be valid if the application code is fully correct and trusted. + * + * For example, when a function accepts as input a pointer to a buffer that may + * contain untrusted data, and its documentation mentions that this pointer + * must not be NULL: + * - the pointer is checked to be non-NULL only if this option is enabled + * - the content of the buffer is always validated + * + * When this flag is defined, if a library function receives a parameter that + * is invalid, it will: + * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a + * call to the function mbedtls_param_failed() + * - immediately return (with a specific error code unless the function + * returns void and can't communicate an error). + * + * When defining this flag, you also need to: + * - either provide a definition of the function mbedtls_param_failed() in + * your application (see platform_util.h for its prototype) as the library + * calls that function, but does not provide a default definition for it, + * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() + * below if the above mechanism is not flexible enough to suit your needs. + * See the documentation of this macro later in this file. + * + * Uncomment to enable validation of application-controlled parameters. + */ +//#define MBEDTLS_CHECK_PARAMS + /* \} name SECTION: System support */ /** @@ -359,7 +402,7 @@ * \note Because of a signature change, the core AES encryption and decryption routines are * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, * respectively. When setting up alternative implementations, these functions should - * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt + * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt * must stay untouched. * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set @@ -414,11 +457,11 @@ * unsigned char mbedtls_internal_ecp_grp_capable( * const mbedtls_ecp_group *grp ) * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp ) + * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) * The mbedtls_internal_ecp_grp_capable function should return 1 if the * replacement functions implement arithmetic for the given group and 0 * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are + * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are * called before and after each point operation and provide an opportunity to * implement optimized set up and tear down instructions. * @@ -1159,6 +1202,30 @@ */ #define MBEDTLS_PKCS1_V21 +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_SPM + +/** + * \def MBEDTLS_PSA_HAS_ITS_IO + * + * Enable the non-volatile secure storage usage. + * + * This is crucial on systems that do not have a HW TRNG support. + * + */ +//#define MBEDTLS_PSA_HAS_ITS_IO + /** * \def MBEDTLS_RSA_NO_CRT * @@ -1496,7 +1563,7 @@ * \def MBEDTLS_SSL_SESSION_TICKETS * * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintainance of a + * Client-side, provides full support for session tickets (maintenance of a * session store remains the responsibility of the application, though). * Server-side, you also need to provide callbacks for writing and parsing * tickets, including authenticated encryption and key management. Example @@ -1582,6 +1649,24 @@ */ //#define MBEDTLS_THREADING_PTHREAD +/** + * \def MBEDTLS_USE_PSA_CRYPTO + * + * Make the X.509 and TLS library use PSA for cryptographic operations, see + * #MBEDTLS_PSA_CRYPTO_C. + * + * Note: this option is still in progress, the full X.509 and TLS modules are + * not covered yet, but parts that are not ported to PSA yet will still work + * as usual, so enabling this option should not break backwards compatibility. + * + * \warning Support for PSA is still an experimental feature. + * Any public API that depends on this option may change + * at any time until this warning is removed. + * + * Requires: MBEDTLS_PSA_CRYPTO_C. + */ +//#define MBEDTLS_USE_PSA_CRYPTO + /** * \def MBEDTLS_VERSION_FEATURES * @@ -1662,7 +1747,7 @@ * * \warning TLS-level compression MAY REDUCE SECURITY! See for example the * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be a applicable to your use case. + * CRIME or similar exploits may be applicable to your use case. * * \note Currently compression can't be used with DTLS. * @@ -2590,6 +2675,65 @@ */ #define MBEDTLS_POLY1305_C +/** + * \def MBEDTLS_PSA_CRYPTO_C + * + * Enable the Platform Security Architecture cryptography API. + * + * \note This option only has an effect when the build option + * USE_CRYPTO_SUBMODULE is also in use. + * + * \warning This feature is experimental and available on an opt-in basis only. + * PSA APIs are subject to change at any time. The implementation comes with + * less assurance and support than the rest of Mbed TLS. + * + * Module: crypto/library/psa_crypto.c + * + * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_C + * + * Enable the Platform Security Architecture persistent key storage. + * + * Module: library/psa_crypto_storage.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C and one of either + * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * (but not both) + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * + * Enable persistent key storage over files for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_file.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * + * Enable persistent key storage over PSA ITS for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_its.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + /** * \def MBEDTLS_RIPEMD160_C * @@ -2974,7 +3118,7 @@ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ @@ -2991,11 +3135,42 @@ //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +/** + * \brief This macro is invoked by the library when an invalid parameter + * is detected that is only checked with MBEDTLS_CHECK_PARAMS + * (see the documentation of that option for context). + * + * When you leave this undefined here, a default definition is + * provided that invokes the function mbedtls_param_failed(), + * which is declared in platform_util.h for the benefit of the + * library, but that you need to define in your application. + * + * When you define this here, this replaces the default + * definition in platform_util.h (which no longer declares the + * function mbedtls_param_failed()) and it is your responsibility + * to make sure this macro expands to something suitable (in + * particular, that all the necessary declarations are visible + * from within the library - you can ensure that by providing + * them in this file next to the macro definition). + * + * Note that you may define this macro to expand to nothing, in + * which case you don't have to worry about declarations or + * definitions. However, you will then be notified about invalid + * parameters only in non-void functions, and void function will + * just silently return early on invalid parameters, which + * partially negates the benefits of enabling + * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. + * + * \param cond The expression that should evaluate to true, but doesn't. + */ +//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) + /* SSL Cache options */ //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ @@ -3004,31 +3179,65 @@ /** \def MBEDTLS_SSL_MAX_CONTENT_LEN * - * Maximum fragment length in bytes. + * Maximum length (in bytes) of incoming and outgoing plaintext fragments. * - * Determines the size of both the incoming and outgoing TLS I/O buffers. + * This determines the size of both the incoming and outgoing TLS I/O buffers + * in such a way that both are capable of holding the specified amount of + * plaintext data, regardless of the protection mechanism used. * - * Uncommenting MBEDTLS_SSL_IN_CONTENT_LEN and/or MBEDTLS_SSL_OUT_CONTENT_LEN - * will override this length by setting maximum incoming and/or outgoing - * fragment length, respectively. + * To configure incoming and outgoing I/O buffers separately, use + * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, + * which overwrite the value set by this option. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of both + * incoming and outgoing I/O buffers. */ //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /** \def MBEDTLS_SSL_IN_CONTENT_LEN * - * Maximum incoming fragment length in bytes. + * Maximum length (in bytes) of incoming plaintext fragments. * - * Uncomment to set the size of the inward TLS buffer independently of the - * outward buffer. + * This determines the size of the incoming TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option is undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of the incoming I/O buffer + * independently of the outgoing I/O buffer. */ //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN * - * Maximum outgoing fragment length in bytes. + * Maximum length (in bytes) of outgoing plaintext fragments. * - * Uncomment to set the size of the outward TLS buffer independently of the - * inward buffer. + * This determines the size of the outgoing TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. * * It is possible to save RAM by setting a smaller outward buffer, while keeping * the default inward 16384 byte buffer to conform to the TLS specification. @@ -3038,11 +3247,8 @@ * The specific size requirement depends on the configured ciphers and any * certificate data which is sent during the handshake. * - * For absolute minimum RAM usage, it's best to enable - * MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and reduce MBEDTLS_SSL_MAX_CONTENT_LEN. This - * reduces both incoming and outgoing buffer sizes. However this is only - * guaranteed if the other end of the connection also supports the TLS - * max_fragment_len extension. Otherwise the connection may fail. + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer + * independently of the incoming I/O buffer. */ //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 From 06b161a39cedf089bc40f4357317d66afe753a85 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 8 Feb 2019 16:07:52 +0000 Subject: [PATCH 1044/2197] psa: Add latest PSA Crypto config.h Copy our include/mbedtls/config.h file, which is our default configuration, to configs/config-psa-crypto.h, updating what was previously there to the latest defaults. --- configs/config-psa-crypto.h | 1619 ++++++++++++++++++++++++++++++++++- 1 file changed, 1598 insertions(+), 21 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index c9a8ebd62..fa1d3cf07 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1,9 +1,11 @@ /** - * \file config-psa-crypto.h + * \file config.h * - * \brief Configuration with all cryptography features and no X.509 or TLS. + * \brief Configuration options (set of defines) * - * This configuration is intended to prototype the PSA reference implementation. + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. */ /* * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved @@ -46,10 +48,14 @@ * Requires support for asm() in compiler. * * Used in: + * library/aria.c * library/timing.c - * library/padlock.c * include/mbedtls/bn_mul.h * + * Required by: + * MBEDTLS_AESNI_C + * MBEDTLS_PADLOCK_C + * * Comment to disable the use of assembly code. */ #define MBEDTLS_HAVE_ASM @@ -82,6 +88,28 @@ */ //#define MBEDTLS_NO_UDBL_DIVISION +/** + * \def MBEDTLS_NO_64BIT_MULTIPLICATION + * + * The platform lacks support for 32x32 -> 64-bit multiplication. + * + * Used in: + * library/poly1305.c + * + * Some parts of the library may use multiplication of two unsigned 32-bit + * operands with a 64-bit result in order to speed up computations. On some + * platforms, this is not available in hardware and has to be implemented in + * software, usually in a library provided by the toolchain. + * + * Sometimes it is not desirable to have to link to that library. This option + * removes the dependency of that library on platforms that lack a hardware + * 64-bit multiplier by embedding a software implementation in Mbed TLS. + * + * Note that depending on the compiler, this may decrease performance compared + * to using the library function provided by the toolchain. + */ +//#define MBEDTLS_NO_64BIT_MULTIPLICATION + /** * \def MBEDTLS_HAVE_SSE2 * @@ -91,6 +119,42 @@ */ //#define MBEDTLS_HAVE_SSE2 +/** + * \def MBEDTLS_HAVE_TIME + * + * System has time.h and time(). + * The time does not need to be correct, only time differences are used, + * by contrast with MBEDTLS_HAVE_TIME_DATE + * + * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, + * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and + * MBEDTLS_PLATFORM_STD_TIME. + * + * Comment if your system does not support time functions + */ +#define MBEDTLS_HAVE_TIME + +/** + * \def MBEDTLS_HAVE_TIME_DATE + * + * System has time.h, time(), and an implementation for + * mbedtls_platform_gmtime_r() (see below). + * The time needs to be correct (not necessarily very accurate, but at least + * the date should be correct). This is used to verify the validity period of + * X.509 certificates. + * + * Comment if your system does not have a correct clock. + * + * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that + * behaves similarly to the gmtime_r() function from the C standard. Refer to + * the documentation for mbedtls_platform_gmtime_r() for more information. + * + * \note It is possible to configure an implementation for + * mbedtls_platform_gmtime_r() at compile-time by using the macro + * MBEDTLS_PLATFORM_GMTIME_R_ALT. + */ +#define MBEDTLS_HAVE_TIME_DATE + /** * \def MBEDTLS_PLATFORM_MEMORY * @@ -152,13 +216,17 @@ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as * MBEDTLS_PLATFORM_XXX_MACRO! * + * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME + * * Uncomment a macro to enable alternate implementation of specific base * platform function */ //#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_TIME_ALT //#define MBEDTLS_PLATFORM_FPRINTF_ALT //#define MBEDTLS_PLATFORM_PRINTF_ALT //#define MBEDTLS_PLATFORM_SNPRINTF_ALT +//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT //#define MBEDTLS_PLATFORM_NV_SEED_ALT //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT @@ -189,6 +257,48 @@ */ //#define MBEDTLS_DEPRECATED_REMOVED +/** + * \def MBEDTLS_CHECK_PARAMS + * + * This configuration option controls whether the library validates more of + * the parameters passed to it. + * + * When this flag is not defined, the library only attempts to validate an + * input parameter if: (1) they may come from the outside world (such as the + * network, the filesystem, etc.) or (2) not validating them could result in + * internal memory errors such as overflowing a buffer controlled by the + * library. On the other hand, it doesn't attempt to validate parameters whose + * values are fully controlled by the application (such as pointers). + * + * When this flag is defined, the library additionally attempts to validate + * parameters that are fully controlled by the application, and should always + * be valid if the application code is fully correct and trusted. + * + * For example, when a function accepts as input a pointer to a buffer that may + * contain untrusted data, and its documentation mentions that this pointer + * must not be NULL: + * - the pointer is checked to be non-NULL only if this option is enabled + * - the content of the buffer is always validated + * + * When this flag is defined, if a library function receives a parameter that + * is invalid, it will: + * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a + * call to the function mbedtls_param_failed() + * - immediately return (with a specific error code unless the function + * returns void and can't communicate an error). + * + * When defining this flag, you also need to: + * - either provide a definition of the function mbedtls_param_failed() in + * your application (see platform_util.h for its prototype) as the library + * calls that function, but does not provide a default definition for it, + * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() + * below if the above mechanism is not flexible enough to suit your needs. + * See the documentation of this macro later in this file. + * + * Uncomment to enable validation of application-controlled parameters. + */ +//#define MBEDTLS_CHECK_PARAMS + /* \} name SECTION: System support */ /** @@ -199,6 +309,19 @@ * \{ */ +/** + * \def MBEDTLS_TIMING_ALT + * + * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), + * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() + * + * Only works if you have MBEDTLS_TIMING_C enabled. + * + * You will need to provide a header "timing_alt.h" and an implementation at + * compile time. + */ +//#define MBEDTLS_TIMING_ALT + /** * \def MBEDTLS_AES_ALT * @@ -226,23 +349,29 @@ */ //#define MBEDTLS_AES_ALT //#define MBEDTLS_ARC4_ALT +//#define MBEDTLS_ARIA_ALT //#define MBEDTLS_BLOWFISH_ALT //#define MBEDTLS_CAMELLIA_ALT //#define MBEDTLS_CCM_ALT +//#define MBEDTLS_CHACHA20_ALT +//#define MBEDTLS_CHACHAPOLY_ALT //#define MBEDTLS_CMAC_ALT //#define MBEDTLS_DES_ALT //#define MBEDTLS_DHM_ALT //#define MBEDTLS_ECJPAKE_ALT //#define MBEDTLS_GCM_ALT +//#define MBEDTLS_NIST_KW_ALT //#define MBEDTLS_MD2_ALT //#define MBEDTLS_MD4_ALT //#define MBEDTLS_MD5_ALT +//#define MBEDTLS_POLY1305_ALT //#define MBEDTLS_RIPEMD160_ALT //#define MBEDTLS_RSA_ALT //#define MBEDTLS_SHA1_ALT //#define MBEDTLS_SHA256_ALT //#define MBEDTLS_SHA512_ALT //#define MBEDTLS_XTEA_ALT + /* * When replacing the elliptic curve module, pleace consider, that it is * implemented with two .c files: @@ -273,7 +402,7 @@ * \note Because of a signature change, the core AES encryption and decryption routines are * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, * respectively. When setting up alternative implementations, these functions should - * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt + * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt * must stay untouched. * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set @@ -328,11 +457,11 @@ * unsigned char mbedtls_internal_ecp_grp_capable( * const mbedtls_ecp_group *grp ) * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp ) + * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) * The mbedtls_internal_ecp_grp_capable function should return 1 if the * replacement functions implement arithmetic for the given group and 0 * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are + * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are * called before and after each point operation and provide an opportunity to * implement optimized set up and tear down instructions. * @@ -464,6 +593,53 @@ */ #define MBEDTLS_CIPHER_MODE_CTR +/** + * \def MBEDTLS_CIPHER_MODE_OFB + * + * Enable Output Feedback mode (OFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_OFB + +/** + * \def MBEDTLS_CIPHER_MODE_XTS + * + * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. + */ +#define MBEDTLS_CIPHER_MODE_XTS + +/** + * \def MBEDTLS_CIPHER_NULL_CIPHER + * + * Enable NULL cipher. + * Warning: Only do so when you know what you are doing. This allows for + * encryption or channels without any security! + * + * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA + * + * Uncomment this macro to enable the NULL cipher and ciphersuites + */ +//#define MBEDTLS_CIPHER_NULL_CIPHER + /** * \def MBEDTLS_CIPHER_PADDING_PKCS7 * @@ -480,6 +656,37 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -513,6 +720,30 @@ */ #define MBEDTLS_ECP_NIST_OPTIM +/** + * \def MBEDTLS_ECP_RESTARTABLE + * + * Enable "non-blocking" ECC operations that can return early and be resumed. + * + * This allows various functions to pause by returning + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in + * order to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum + * number of ECC operations a function may perform before pausing; see + * mbedtls_ecp_set_max_ops() for more information. + * + * This is useful in non-threaded environments if you want to avoid blocking + * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. + * + * Uncomment this macro to enable restartable ECC computations. + * + * \note This option only works with the default software implementation of + * elliptic curve functionality. It is incompatible with + * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. + */ +//#define MBEDTLS_ECP_RESTARTABLE + /** * \def MBEDTLS_ECDSA_DETERMINISTIC * @@ -527,6 +758,281 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + * + * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Requires: MBEDTLS_ECJPAKE_C + * MBEDTLS_SHA256_C + * MBEDTLS_ECP_DP_SECP256R1_ENABLED + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + */ +//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -640,6 +1146,16 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED +/** + * \def MBEDTLS_PSA_HAS_ITS_IO + * + * Enable the non-volatile secure storage usage. + * + * This is crucial on systems that do not have a HW TRNG support. + * + */ +//#define MBEDTLS_PSA_HAS_ITS_IO + /** * \def MBEDTLS_MEMORY_DEBUG * @@ -723,7 +1239,8 @@ /** * \def MBEDTLS_RSA_NO_CRT * - * Do not use the Chinese Remainder Theorem for the RSA private operation. + * Do not use the Chinese Remainder Theorem + * for the RSA private operation. * * Uncomment this macro to disable the use of CRT in RSA. * @@ -753,6 +1270,373 @@ */ //#define MBEDTLS_SHA256_SMALLER +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + +/** + * \def MBEDTLS_SSL_ASYNC_PRIVATE + * + * Enable asynchronous external private key operations in SSL. This allows + * you to configure an SSL connection to call an external cryptographic + * module to perform private key operations instead of performing the + * operation inside the library. + * + */ +//#define MBEDTLS_SSL_ASYNC_PRIVATE + +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Enable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + * + * \note Even if this option is disabled, both client and server are aware + * of the Renegotiation Indication Extension (RFC 5746) used to + * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). + * (See \c mbedtls_ssl_conf_legacy_renegotiation for the + * configuration of this extension). + * + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +//#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + * + * Enable server-side support for clients that reconnect from the same port. + * + * Some clients unexpectedly close the connection and try to reconnect using the + * same source port. This needs special support from the server to handle the + * new connection securely, as described in section 4.2.8 of RFC 6347. This + * flag enables that support. + * + * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Comment this to disable support for clients reusing the source port. + */ +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintenance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_EXPORT_KEYS + * + * Enable support for exporting key block and master secret. + * This is required for certain users of TLS, e.g. EAP-TLS. + * + * Comment this macro to disable support for key export + */ +#define MBEDTLS_SSL_EXPORT_KEYS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + * + * Fallback to old (pre-2.7), non-conforming implementation of the truncated + * HMAC extension which also truncates the HMAC key. Note that this option is + * only meant for a transitory upgrade period and is likely to be removed in + * a future version of the library. + * + * \warning The old implementation is non-compliant and has a security weakness + * (2^80 brute force attack on the HMAC key used for a single, + * uninterrupted connection). This should only be enabled temporarily + * when (1) the use of truncated HMAC is essential in order to save + * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use + * the fixed implementation yet (pre-2.7). + * + * \deprecated This option is deprecated and will likely be removed in a + * future version of Mbed TLS. + * + * Uncomment to fallback to old, non-compliant truncated HMAC implementation. + * + * Requires: MBEDTLS_SSL_TRUNCATED_HMAC + */ +//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + /** * \def MBEDTLS_THREADING_ALT * @@ -775,6 +1659,24 @@ */ //#define MBEDTLS_THREADING_PTHREAD +/** + * \def MBEDTLS_USE_PSA_CRYPTO + * + * Make the X.509 and TLS library use PSA for cryptographic operations, see + * #MBEDTLS_PSA_CRYPTO_C. + * + * Note: this option is still in progress, the full X.509 and TLS modules are + * not covered yet, but parts that are not ported to PSA yet will still work + * as usual, so enabling this option should not break backwards compatibility. + * + * \warning Support for PSA is still an experimental feature. + * Any public API that depends on this option may change + * at any time until this warning is removed. + * + * Requires: MBEDTLS_PSA_CRYPTO_C. + */ +//#define MBEDTLS_USE_PSA_CRYPTO + /** * \def MBEDTLS_VERSION_FEATURES * @@ -788,6 +1690,89 @@ */ #define MBEDTLS_VERSION_FEATURES +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * \warning Depending on your PKI use, enabling this can be a security risk! + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * \deprecated This feature is deprecated and will be removed + * in the next major revision of the library. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -817,7 +1802,7 @@ * Enable the AES block cipher. * * Module: library/aes.c - * Caller: library/ssl_tls.c + * Caller: library/cipher.c * library/pem.c * library/ctr_drbg.c * @@ -892,7 +1877,7 @@ * Enable the ARCFOUR stream cipher. * * Module: library/arc4.c - * Caller: library/ssl_tls.c + * Caller: library/cipher.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): @@ -986,7 +1971,7 @@ * Enable the Camellia block cipher. * * Module: library/camellia.c - * Caller: library/ssl_tls.c + * Caller: library/cipher.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): @@ -1035,6 +2020,58 @@ */ #define MBEDTLS_CAMELLIA_C +/** + * \def MBEDTLS_ARIA_C + * + * Enable the ARIA block cipher. + * + * Module: library/aria.c + * Caller: library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * + * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + */ +//#define MBEDTLS_ARIA_C + /** * \def MBEDTLS_CCM_C * @@ -1049,6 +2086,38 @@ */ #define MBEDTLS_CCM_C +/** + * \def MBEDTLS_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define MBEDTLS_CERTS_C + +/** + * \def MBEDTLS_CHACHA20_C + * + * Enable the ChaCha20 stream cipher. + * + * Module: library/chacha20.c + */ +#define MBEDTLS_CHACHA20_C + +/** + * \def MBEDTLS_CHACHAPOLY_C + * + * Enable the ChaCha20-Poly1305 AEAD algorithm. + * + * Module: library/chachapoly.c + * + * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C + */ +#define MBEDTLS_CHACHAPOLY_C + /** * \def MBEDTLS_CIPHER_C * @@ -1077,17 +2146,33 @@ /** * \def MBEDTLS_CTR_DRBG_C * - * Enable the CTR_DRBG AES-256-based random generator. + * Enable the CTR_DRBG AES-based random generator. + * The CTR_DRBG generator uses AES-256 by default. + * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. * * Module: library/ctr_drbg.c * Caller: * * Requires: MBEDTLS_AES_C * - * This module provides the CTR_DRBG AES-256 random number generator. + * This module provides the CTR_DRBG AES random number generator. */ #define MBEDTLS_CTR_DRBG_C +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + /** * \def MBEDTLS_DES_C * @@ -1095,7 +2180,7 @@ * * Module: library/des.c * Caller: library/pem.c - * library/ssl_tls.c + * library/cipher.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): @@ -1186,7 +2271,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -#define MBEDTLS_ECJPAKE_C +//#define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C @@ -1242,6 +2327,44 @@ */ #define MBEDTLS_GCM_C +/** + * \def MBEDTLS_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: MBEDTLS_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. + */ +//#define MBEDTLS_HAVEGE_C + +/** + * \def MBEDTLS_HKDF_C + * + * Enable the HKDF algorithm (RFC 5869). + * + * Module: library/hkdf.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the Hashed Message Authentication Code + * (HMAC)-based key derivation function (HKDF). + */ +#define MBEDTLS_HKDF_C + /** * \def MBEDTLS_HMAC_DRBG_C * @@ -1256,6 +2379,19 @@ */ #define MBEDTLS_HMAC_DRBG_C +/** + * \def MBEDTLS_NIST_KW_C + * + * Enable the Key Wrapping mode for 128-bit block ciphers, + * as defined in NIST SP 800-38F. Only KW and KWP modes + * are supported. At the moment, only AES is approved by NIST. + * + * Module: library/nist_kw.c + * + * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C + */ +//#define MBEDTLS_NIST_KW_C + /** * \def MBEDTLS_MD_C * @@ -1283,7 +2419,7 @@ * it, and considering stronger message digests instead. * */ -#define MBEDTLS_MD2_C +//#define MBEDTLS_MD2_C /** * \def MBEDTLS_MD4_C @@ -1300,7 +2436,7 @@ * it, and considering stronger message digests instead. * */ -#define MBEDTLS_MD4_C +//#define MBEDTLS_MD4_C /** * \def MBEDTLS_MD5_C @@ -1340,6 +2476,25 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP and UDP over IPv6/IPv4 networking routines. + * + * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) + * and Windows. For other platforms, you'll want to disable it, and write your + * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/net_sockets.c + * + * This module provides networking routines. + */ +#define MBEDTLS_NET_C + /** * \def MBEDTLS_OID_C * @@ -1375,7 +2530,7 @@ * * This modules adds support for the VIA PadLock on x86. */ -//#define MBEDTLS_PADLOCK_C +#define MBEDTLS_PADLOCK_C /** * \def MBEDTLS_PEM_PARSE_C @@ -1520,6 +2675,16 @@ */ #define MBEDTLS_PLATFORM_C +/** + * \def MBEDTLS_POLY1305_C + * + * Enable the Poly1305 MAC algorithm. + * + * Module: library/poly1305.c + * Caller: library/chachapoly.c + */ +#define MBEDTLS_POLY1305_C + /** * \def MBEDTLS_PSA_CRYPTO_C * @@ -1656,6 +2821,84 @@ */ #define MBEDTLS_SHA512_C +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + /** * \def MBEDTLS_THREADING_C * @@ -1678,6 +2921,29 @@ */ //#define MBEDTLS_THREADING_C +/** + * \def MBEDTLS_TIMING_C + * + * Enable the semi-portable timing interface. + * + * \note The provided implementation only works on POSIX/Unix (including Linux, + * BSD and OS X) and Windows. On other platforms, you can either disable that + * module and provide your own implementations of the callbacks needed by + * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide + * your own implementation of the whole module by setting + * \c MBEDTLS_TIMING_ALT in the current file. + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/timing.c + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. + */ +#define MBEDTLS_TIMING_C + /** * \def MBEDTLS_VERSION_C * @@ -1689,6 +2955,106 @@ */ #define MBEDTLS_VERSION_C +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/x509_crl.c + * Caller: library/x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + /** * \def MBEDTLS_XTEA_C * @@ -1726,6 +3092,7 @@ //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ /* HMAC_DRBG options */ //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ @@ -1754,7 +3121,7 @@ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ @@ -1771,11 +3138,193 @@ //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +/** + * \brief This macro is invoked by the library when an invalid parameter + * is detected that is only checked with MBEDTLS_CHECK_PARAMS + * (see the documentation of that option for context). + * + * When you leave this undefined here, a default definition is + * provided that invokes the function mbedtls_param_failed(), + * which is declared in platform_util.h for the benefit of the + * library, but that you need to define in your application. + * + * When you define this here, this replaces the default + * definition in platform_util.h (which no longer declares the + * function mbedtls_param_failed()) and it is your responsibility + * to make sure this macro expands to something suitable (in + * particular, that all the necessary declarations are visible + * from within the library - you can ensure that by providing + * them in this file next to the macro definition). + * + * Note that you may define this macro to expand to nothing, in + * which case you don't have to worry about declarations or + * definitions. However, you will then be notified about invalid + * parameters only in non-void functions, and void function will + * just silently return early on invalid parameters, which + * partially negates the benefits of enabling + * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. + * + * \param cond The expression that should evaluate to true, but doesn't. + */ +//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) + +/* SSL Cache options */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +/* SSL options */ + +/** \def MBEDTLS_SSL_MAX_CONTENT_LEN + * + * Maximum length (in bytes) of incoming and outgoing plaintext fragments. + * + * This determines the size of both the incoming and outgoing TLS I/O buffers + * in such a way that both are capable of holding the specified amount of + * plaintext data, regardless of the protection mechanism used. + * + * To configure incoming and outgoing I/O buffers separately, use + * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, + * which overwrite the value set by this option. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of both + * incoming and outgoing I/O buffers. + */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_IN_CONTENT_LEN + * + * Maximum length (in bytes) of incoming plaintext fragments. + * + * This determines the size of the incoming TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option is undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of the incoming I/O buffer + * independently of the outgoing I/O buffer. + */ +//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_OUT_CONTENT_LEN + * + * Maximum length (in bytes) of outgoing plaintext fragments. + * + * This determines the size of the outgoing TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * It is possible to save RAM by setting a smaller outward buffer, while keeping + * the default inward 16384 byte buffer to conform to the TLS specification. + * + * The minimum required outward buffer size is determined by the handshake + * protocol's usage. Handshaking will fail if the outward buffer is too small. + * The specific size requirement depends on the configured ciphers and any + * certificate data which is sent during the handshake. + * + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer + * independently of the incoming I/O buffer. + */ +//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING + * + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + * + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * + */ +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 + +//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ + +/** + * Complete list of ciphersuites to use, in order of preference. + * + * \warning No dependency checking is done on that field! This option can only + * be used to restrict the set of available ciphersuites. It is your + * responsibility to make sure the needed modules are active. + * + * Use this to save a few hundred bytes of ROM (default ordering of all + * available ciphersuites) and a few to a few hundred bytes of RAM. + * + * The value below is only an example, not the default. + */ +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* X509 options */ +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ + +/** + * Allow SHA-1 in the default TLS configuration for certificate signing. + * Without this build-time option, SHA-1 support must be activated explicitly + * through mbedtls_ssl_conf_cert_profile. Turning on this option is not + * recommended because of it is possible to generate SHA-1 collisions, however + * this may be safe for legacy infrastructure where additional controls apply. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + +/** + * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake + * signature and ciphersuite selection. Without this build-time option, SHA-1 + * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. + * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by + * default. At the time of writing, there is no practical attack on the use + * of SHA-1 in handshake signatures, hence this option is turned on by default + * to preserve compatibility with existing peers, but the general + * warning applies nonetheless: + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + /** * Uncomment the macro to let mbed TLS use your alternate implementation of * mbedtls_platform_zeroize(). This replaces the default implementation in @@ -1796,8 +3345,36 @@ */ //#define MBEDTLS_PLATFORM_ZEROIZE_ALT +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT + /* \} name SECTION: Customisation configuration options */ -#include "mbedtls/check_config.h" +/* Target and application specific configurations + * + * Allow user to override any previous default. + * + */ +#if defined(MBEDTLS_USER_CONFIG_FILE) +#include MBEDTLS_USER_CONFIG_FILE +#endif + +#include "check_config.h" #endif /* MBEDTLS_CONFIG_H */ From 1fe81d49859446890e627cba07c09c9252a667cf Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 11 Feb 2019 12:18:39 +0000 Subject: [PATCH 1045/2197] psa_utils: Make fallthrough clear for compilers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Silence a compiler warning about implicit fallthrough by using a comment format the compiler understand to mean that the fallthrough is intentional. In file included from library/cipher.c:63:0: include/mbedtls/psa_util.h: In function ‘mbedtls_psa_translate_cipher_mode’: include/mbedtls/psa_util.h:91:15: error: this statement may fall through [-Werror=implicit-fallthrough=] if( taglen == 0 ) ^ include/mbedtls/psa_util.h:94:9: note: here default: ^~~~~~~ cc1: all warnings being treated as errors $ gcc --version gcc (Ubuntu 7.3.0-27ubuntu1~18.04) 7.3.0 Copyright (C) 2017 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. --- include/mbedtls/psa_util.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 3684e9835..fbf25e638 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -91,6 +91,7 @@ static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( if( taglen == 0 ) return( PSA_ALG_CBC_NO_PADDING ); /* Intentional fallthrough for taglen != 0 */ + /* fallthrough */ default: return( 0 ); } From 892cd6df7044e6166a69c45b9b2b48f7927cac96 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 11 Feb 2019 12:21:12 +0000 Subject: [PATCH 1046/2197] psa: Use new generic error codes Mbed TLS has deprecated a few module specific error codes in favor of more general-purpose or cross-module error codes. Use these new error codes instead of the deprecated error codes. --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5bf4f9924..ad7367b9c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -172,13 +172,13 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: return( PSA_ERROR_BUFFER_TOO_SMALL ); - case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: + case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA: case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); - case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH: + case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED: From 44a59ab3f5709709fd4e8d5bb8aeb7c62455838e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 11 Feb 2019 13:24:47 +0000 Subject: [PATCH 1047/2197] psa: Enable use of PSA examples with CHECK_PARAMS When MBEDTLS_CHECK_PARAMS is enabled, it's required to have an implementation of mbedtls_param_failed() present. Without it in the PSA examples, building the PSA examples will result in linker errors like the following. ../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_import': rsa.c:(.text+0x9fd): undefined reference to `mbedtls_param_failed' ../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_import_raw': rsa.c:(.text+0xb0b): undefined reference to `mbedtls_param_failed' ../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_complete': rsa.c:(.text+0xe63): undefined reference to `mbedtls_param_failed' ../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_export_raw': rsa.c:(.text+0xfee): undefined reference to `mbedtls_param_failed' ../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_export': rsa.c:(.text+0x116f): undefined reference to `mbedtls_param_failed' ../../library/libmbedcrypto.a(rsa.c.o):rsa.c:(.text+0x1304): more undefined references to `mbedtls_param_failed' follow collect2: error: ld returned 1 exit status programs/psa/CMakeFiles/crypto_examples.dir/build.make:97: recipe for target 'programs/psa/crypto_examples' failed make[2]: *** [programs/psa/crypto_examples] Error 1 Add an implementation of mbedtls_param_failed() to the PSA Crypto examples to avoid getting this error on the PSA examples. --- programs/psa/crypto_examples.c | 12 ++++++++++++ programs/psa/key_ladder_demo.c | 12 ++++++++++++ 2 files changed, 24 insertions(+) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 7291c34b0..d7a667b7f 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -324,6 +324,18 @@ static void cipher_examples( void ) mbedtls_printf( "\tsuccess!\r\n" ); } +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + int main( void ) { ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 26fabb52c..0943bf53c 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -618,6 +618,18 @@ static void usage( void ) mbedtls_printf( " and the same sequence of labels.\n" ); } +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + int main( int argc, char *argv[] ) { const char *key_file_name = "master.key"; From db29ab528a858a31f2fcdc4c51cb18a38dba7886 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 12 Feb 2019 16:40:27 +0000 Subject: [PATCH 1048/2197] psa: Fix builds without MBEDTLS_PLATFORM_C When `MBEDTLS_PLATFORM_C` is not enabled, our PSA Crypto implementation depends on the standard C library for functions like snprintf() and exit(). However, our implementation was not including the proper header files nor redefining all `mbedtls_*` symbols properly to ensure successful builds without MBEDTLS_PLATFORM_C. Add the necessary header files and macro definitions to our PSA Crypto implementation. --- library/psa_crypto_storage.c | 1 + library/psa_crypto_storage_file.c | 1 + programs/psa/crypto_examples.c | 3 +++ programs/psa/key_ladder_demo.c | 1 + 4 files changed, 6 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 687269b07..b4e4076e1 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -38,6 +38,7 @@ #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else +#include #define mbedtls_calloc calloc #define mbedtls_free free #endif diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c index 87420be98..d7c33624e 100644 --- a/library/psa_crypto_storage_file.c +++ b/library/psa_crypto_storage_file.c @@ -36,6 +36,7 @@ #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else +#include #define mbedtls_snprintf snprintf #endif diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index d7a667b7f..9947a70bc 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -5,7 +5,10 @@ #include "mbedtls/platform.h" #else #include +#include +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #define mbedtls_printf printf +#define mbedtls_exit exit #endif #define ASSERT( predicate ) \ diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 0943bf53c..c9d76763e 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -66,6 +66,7 @@ #define mbedtls_calloc calloc #define mbedtls_free free #define mbedtls_printf printf +#define mbedtls_exit exit #endif #include #include From 63f79300038fb89d54942e692ec8679bb06857ea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 15 Feb 2019 13:01:17 +0100 Subject: [PATCH 1049/2197] Doxygen: fix missing markup indicator that was causing broken links --- include/psa/crypto.h | 6 +++--- include/psa/crypto_sizes.h | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b2f3eb28f..6f74ba758 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1139,7 +1139,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * * \param handle Handle to the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(alg) is true). + * such that #PSA_ALG_IS_MAC(\p alg) is true). * \param[in] input Buffer containing the input message. * \param input_length Size of the \p input buffer in bytes. * \param[out] mac Buffer where the MAC value is to be written. @@ -1179,7 +1179,7 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * * \param handle Handle to the key to use for the operation. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(alg) is true). + * such that #PSA_ALG_IS_MAC(\p alg) is true). * \param[in] input Buffer containing the input message. * \param input_length Size of the \p input buffer in bytes. * \param[out] mac Buffer containing the expected MAC value. @@ -1289,7 +1289,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * It must remain valid until the operation * terminates. * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value - * such that #PSA_ALG_IS_MAC(alg) is true). + * such that #PSA_ALG_IS_MAC(\p alg) is true). * * \retval #PSA_SUCCESS * Success. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 8e7fa7ae4..e1ac63051 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -228,7 +228,7 @@ * \param key_type The type of the MAC key. * \param key_bits The size of the MAC key in bits. * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_MAC(alg) is true). + * #PSA_ALG_IS_MAC(\p alg) is true). * * \return The MAC size for the specified algorithm with * the specified key parameters. @@ -253,7 +253,7 @@ * * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). + * #PSA_ALG_IS_AEAD(\p alg) is true). * \param plaintext_length Size of the plaintext in bytes. * * \return The AEAD ciphertext size for the specified @@ -277,7 +277,7 @@ * * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). + * #PSA_ALG_IS_AEAD(\p alg) is true). * * \return The maximum trailing ciphertext size for the * specified algorithm. @@ -298,7 +298,7 @@ * * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(alg) is true). + * #PSA_ALG_IS_AEAD(\p alg) is true). * \param ciphertext_length Size of the plaintext in bytes. * * \return The AEAD ciphertext size for the specified From d338b9117490628efed5b092f1aa2c2232ae1375 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 15 Feb 2019 13:01:41 +0100 Subject: [PATCH 1050/2197] Fix some copypasta in one-shot hash and MAC function descriptions --- include/psa/crypto.h | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6f74ba758..dd4599687 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -830,8 +830,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * \param hash_size Size of the \p hash buffer in bytes. * \param[out] hash_length On success, the number of bytes * that make up the hash value. This is always - * #PSA_HASH_SIZE(\c alg) where \c alg is the - * hash algorithm that is calculated. + * #PSA_HASH_SIZE(\p alg). * * \retval #PSA_SUCCESS * Success. @@ -1145,9 +1144,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \param[out] mac Buffer where the MAC value is to be written. * \param mac_size Size of the \p mac buffer in bytes. * \param[out] mac_length On success, the number of bytes - * that make up the mac value. This is always - * #PSA_HASH_SIZE(\c alg) where \c alg is the - * hash algorithm that is calculated. + * that make up the MAC value. * * \retval #PSA_SUCCESS * Success. From 9153ec0d041cfc9e213d460d6ec2dd5758f045e5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 15 Feb 2019 13:02:02 +0100 Subject: [PATCH 1051/2197] Add documentation for some macros Document some macros which have cross-references. Without documentation for those macros, the cross-references were broken links. --- include/psa/crypto_values.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 29a64c27a..a47695c2e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -885,7 +885,12 @@ */ #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) +/** The CCM authenticated encryption algorithm. + */ #define PSA_ALG_CCM ((psa_algorithm_t)0x06001001) + +/** The GCM authenticated encryption algorithm. + */ #define PSA_ALG_GCM ((psa_algorithm_t)0x06001002) /* In the encoding of a AEAD algorithm, the bits corresponding to @@ -1007,6 +1012,20 @@ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) #define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +/** Deterministic DSA signature with hashing. + * + * This is the deterministic variant defined by RFC 6979 of + * the signature scheme defined by FIPS 186-4. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding DSA signature algorithm. + * \return Unspecified if \p alg is not a supported + * hash algorithm. + */ #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_IS_DSA(alg) \ From 83d2662dfa5f868bb19f8f8a9088eb9fe44d0bc5 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 16:41:22 -0600 Subject: [PATCH 1052/2197] Changed opaque/transparent in functions/structs to se/accel --- include/psa/crypto_accel_driver.h | 212 ++++++++++---------- include/psa/crypto_se_driver.h | 322 +++++++++++++++--------------- 2 files changed, 267 insertions(+), 267 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index b752fed88..72187152b 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -168,7 +168,7 @@ typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context); * The contents of this structure are implementation dependent and are * therefore not described here. */ -typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t; +typedef struct psa_drv_accel_mac_context_s psa_drv_accel_mac_context_t; /** \brief The function prototype for the setup operation of a * transparent-key MAC operation @@ -190,9 +190,9 @@ typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context, - const uint8_t *p_key, - size_t key_length); +typedef psa_status_t (*psa_drv_accel_mac_setup_t)(psa_drv_accel_mac_context_t *p_context, + const uint8_t *p_key, + size_t key_length); /** \brief The function prototype for the update operation of a * transparent-key MAC operation @@ -212,9 +212,9 @@ typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_ * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_length); +typedef psa_status_t (*psa_drv_accel_mac_update_t)(psa_drv_accel_mac_context_t *p_context, + const uint8_t *p_input, + size_t input_length); /** \brief The function prototype for the finish operation of a * transparent-key MAC operation @@ -237,9 +237,9 @@ typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context, - uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t *p_context, + uint8_t *p_mac, + size_t mac_length); /** \brief The function prototype for the finish and verify operation of a * transparent-key MAC operation @@ -263,9 +263,9 @@ typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ -typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_context_t *p_context, + const uint8_t *p_mac, + size_t mac_length); /** \brief The function prototype for the abort operation for a previously * started transparent-key MAC operation @@ -283,7 +283,7 @@ typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_tran * aborted * */ -typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context); +typedef psa_status_t (*psa_drv_accel_mac_abort_t)(psa_drv_accel_mac_context_t *p_context); /** \brief The function prototype for a one-shot operation of a transparent-key * MAC operation @@ -306,13 +306,13 @@ typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_ * upon success * \param[in] mac_length The length in bytes of the `p_mac` buffer */ -typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input, - size_t input_length, - const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_accel_mac_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_length); /** \brief The function prototype for a one-shot operation of a transparent-key * MAC Verify operation @@ -337,13 +337,13 @@ typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input, * \retval PSA_SUCCESS * The operation completed successfully and the comparison matched */ -typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, - size_t input_length, - const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input, + size_t input_length, + const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *p_mac, + size_t mac_length); /**@}*/ /** \defgroup transparent_cipher Transparent Block Cipher @@ -367,7 +367,7 @@ typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input, * The contents of this structure are implementation dependent and are * therefore not described here. */ -typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t; +typedef struct psa_drv_accel_cipher_context_s psa_drv_accel_cipher_context_t; /** \brief The function prototype for the setup operation of transparent-key * block cipher operations. @@ -395,10 +395,10 @@ typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_c * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context, - psa_encrypt_or_decrypt_t direction, - const uint8_t *p_key_data, - size_t key_data_size); +typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_context_t *p_context, + psa_encrypt_or_decrypt_t direction, + const uint8_t *p_key_data, + size_t key_data_size); /** \brief The function prototype for the set initialization vector operation * of transparent-key block cipher operations @@ -418,9 +418,9 @@ typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transp * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context, - const uint8_t *p_iv, - size_t iv_length); +typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_context_t *p_context, + const uint8_t *p_iv, + size_t iv_length); /** \brief The function prototype for the update operation of transparent-key * block cipher operations. @@ -447,12 +447,12 @@ typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_trans * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_context_t *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief The function prototype for the finish operation of transparent-key * block cipher operations. @@ -476,10 +476,10 @@ typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_trans * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_context_t *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief The function prototype for the abort operation of transparent-key * block cipher operations. @@ -498,7 +498,7 @@ typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_trans * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context); +typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_context_t *p_context); /**@}*/ @@ -553,18 +553,18 @@ typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transp * \retval #PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length); +typedef psa_status_t (*psa_drv_accel_aead_encrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length); /** Process an authenticated decryption operation using an opaque key. * @@ -604,18 +604,18 @@ typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key, - size_t key_length, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length); +typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length); /**@}*/ @@ -653,14 +653,14 @@ typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length); +typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); /** * \brief A function that verifies the signature a hash or short message using @@ -686,13 +686,13 @@ typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_k * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length); +typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); /** * \brief A function that encrypts a short message with a transparent @@ -730,16 +730,16 @@ typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief Decrypt a short message with a transparent asymmetric private key @@ -776,16 +776,16 @@ typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t * * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key, - size_t key_size, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_accel_asymmetric_decrypt_t)(const uint8_t *p_key, + size_t key_size, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /**@}*/ diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 057866445..7ca6d605a 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -75,9 +75,9 @@ typedef uint32_t psa_key_slot_t; * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_mac_opaque_setup_t)(void *p_context, - psa_key_slot_t key_slot, - psa_algorithm_t algorithm); +typedef psa_status_t (*psa_drv_se_mac_setup_t)(void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm); /** \brief A function that continues a previously started MAC operation using * an opaque key @@ -89,9 +89,9 @@ typedef psa_status_t (*psa_drv_mac_opaque_setup_t)(void *p_context, * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*psa_drv_mac_opaque_update_t)(void *p_context, - const uint8_t *p_input, - size_t input_length); +typedef psa_status_t (*psa_drv_se_mac_update_t)(void *p_context, + const uint8_t *p_input, + size_t input_length); /** \brief a function that completes a previously started MAC operation by * returning the resulting MAC using an opaque key @@ -109,10 +109,10 @@ typedef psa_status_t (*psa_drv_mac_opaque_update_t)(void *p_context, * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_mac_opaque_finish_t)(void *p_context, - uint8_t *p_mac, - size_t mac_size, - size_t *p_mac_length); +typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *p_context, + uint8_t *p_mac, + size_t mac_size, + size_t *p_mac_length); /** \brief A function that completes a previously started MAC operation by * comparing the resulting MAC against a known value using an opaque key @@ -130,16 +130,16 @@ typedef psa_status_t (*psa_drv_mac_opaque_finish_t)(void *p_context, * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ -typedef psa_status_t (*psa_drv_mac_opaque_finish_verify_t)(void *p_context, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *p_context, + const uint8_t *p_mac, + size_t mac_length); /** \brief A function that aborts a previous started opaque-key MAC operation * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be aborted */ -typedef psa_status_t (*psa_drv_mac_opaque_abort_t)(void *p_context); +typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *p_context); /** \brief A function that performs a MAC operation in one command and returns * the calculated MAC using an opaque key @@ -158,13 +158,13 @@ typedef psa_status_t (*psa_drv_mac_opaque_abort_t)(void *p_context); * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_mac_opaque_generate_t)(const uint8_t *p_input, - size_t input_length, - psa_key_slot_t key_slot, - psa_algorithm_t alg, - uint8_t *p_mac, - size_t mac_size, - size_t *p_mac_length); +typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + uint8_t *p_mac, + size_t mac_size, + size_t *p_mac_length); /** \brief A function that performs an MAC operation in one command and * compare the resulting MAC against a known value using an opaque key @@ -185,12 +185,12 @@ typedef psa_status_t (*psa_drv_mac_opaque_generate_t)(const uint8_t *p_input, * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ -typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input, - size_t input_length, - psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_mac, - size_t mac_length); +typedef psa_status_t (*psa_drv_se_mac_verify_t)(const uint8_t *p_input, + size_t input_length, + psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_mac, + size_t mac_length); /** \brief A struct containing all of the function pointers needed to * implement MAC operations using opaque keys. @@ -213,26 +213,26 @@ typedef struct { size_t context_size; /** Function that performs the setup operation */ - psa_drv_mac_opaque_setup_t *p_setup; - /** Function that performs the update operation + psa_drv_se_mac_setup_t *p_setup; + /** Function that performs the update operation */ - psa_drv_mac_opaque_update_t *p_update; + psa_drv_se_mac_update_t *p_update; /** Function that completes the operation */ - psa_drv_mac_opaque_finish_t *p_finish; + psa_drv_se_mac_finish_t *p_finish; /** Function that completed a MAC operation with a verify check */ - psa_drv_mac_opaque_finish_verify_t *p_finish_verify; + psa_drv_se_mac_finish_verify_t *p_finish_verify; /** Function that aborts a previoustly started operation */ - psa_drv_mac_opaque_abort_t *p_abort; + psa_drv_se_mac_abort_t *p_abort; /** Function that performs the MAC operation in one call */ - psa_drv_mac_opaque_generate_t *p_mac; + psa_drv_se_mac_generate_t *p_mac; /** Function that performs the MAC and verify operation in one call */ - psa_drv_mac_opaque_verify_t *p_mac_verify; -} psa_drv_mac_opaque_t; + psa_drv_se_mac_verify_t *p_mac_verify; +} psa_drv_se_mac_t; /**@}*/ /** \defgroup opaque_cipher Opaque Symmetric Ciphers @@ -272,10 +272,10 @@ typedef struct { * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context, - psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - psa_encrypt_or_decrypt_t direction); +typedef psa_status_t (*psa_drv_se_cipher_setup_t)(void *p_context, + psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + psa_encrypt_or_decrypt_t direction); /** \brief A function pointer that sets the initialization vector (if * necessary) for an opaque cipher operation @@ -292,9 +292,9 @@ typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_opaque_set_iv_t)(void *p_context, - const uint8_t *p_iv, - size_t iv_length); +typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *p_context, + const uint8_t *p_iv, + size_t iv_length); /** \brief A function that continues a previously started opaque-key cipher * operation @@ -314,12 +314,12 @@ typedef psa_status_t (*psa_drv_cipher_opaque_set_iv_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_opaque_update_t)(void *p_context, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *p_context, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief A function that completes a previously started opaque-key cipher * operation @@ -335,10 +335,10 @@ typedef psa_status_t (*psa_drv_cipher_opaque_update_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_cipher_opaque_finish_t)(void *p_context, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** \brief A function that aborts a previously started opaque-key cipher * operation @@ -346,7 +346,7 @@ typedef psa_status_t (*psa_drv_cipher_opaque_finish_t)(void *p_context, * \param[in,out] p_context A hardware-specific structure for the * previously started cipher operation */ -typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context); +typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *p_context); /** \brief A function that performs the ECB block mode for opaque-key cipher * operations @@ -370,13 +370,13 @@ typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context); * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - psa_encrypt_or_decrypt_t direction, - const uint8_t *p_input, - size_t input_size, - uint8_t *p_output, - size_t output_size); +typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + psa_encrypt_or_decrypt_t direction, + const uint8_t *p_input, + size_t input_size, + uint8_t *p_output, + size_t output_size); /** * \brief A struct containing all of the function pointers needed to implement @@ -392,23 +392,23 @@ typedef struct { /** The size in bytes of the hardware-specific Opaque Cipher context * structure */ - size_t size; + size_t size; /** Function that performs the setup operation */ - psa_drv_cipher_opaque_setup_t *p_setup; + psa_drv_se_cipher_setup_t *p_setup; /** Function that sets the IV (if necessary) */ - psa_drv_cipher_opaque_set_iv_t *p_set_iv; + psa_drv_se_cipher_set_iv_t *p_set_iv; /** Function that performs the update operation */ - psa_drv_cipher_opaque_update_t *p_update; + psa_drv_se_cipher_update_t *p_update; /** Function that completes the operation */ - psa_drv_cipher_opaque_finish_t *p_finish; + psa_drv_se_cipher_finish_t *p_finish; /** Function that aborts the operation */ - psa_drv_cipher_opaque_abort_t *p_abort; + psa_drv_se_cipher_abort_t *p_abort; /** Function that performs ECB mode for the cipher * (Danger: ECB mode should not be used directly by clients of the PSA * Crypto Client API) */ - psa_drv_cipher_opaque_ecb_t *p_ecb; -} psa_drv_cipher_opaque_t; + psa_drv_se_cipher_ecb_t *p_ecb; +} psa_drv_se_cipher_t; /**@}*/ @@ -435,13 +435,13 @@ typedef struct { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length); +typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length); /** * \brief A function that verifies the signature a hash or short message using @@ -459,12 +459,12 @@ typedef psa_status_t (*psa_drv_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*psa_drv_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length); +typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length); /** * \brief A function that encrypts a short message with an asymmetric public @@ -495,15 +495,15 @@ typedef psa_status_t (*psa_drv_asymmetric_opaque_verify_t)(psa_key_slot_t key_sl * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief Decrypt a short message with an asymmetric private key. @@ -532,15 +532,15 @@ typedef psa_status_t (*psa_drv_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_s * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_input, - size_t input_length, - const uint8_t *p_salt, - size_t salt_length, - uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_input, + size_t input_length, + const uint8_t *p_salt, + size_t salt_length, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief A struct containing all of the function pointers needed to implement @@ -553,14 +553,14 @@ typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_s */ typedef struct { /** Function that performs the asymmetric sign operation */ - psa_drv_asymmetric_opaque_sign_t *p_sign; + psa_drv_se_asymmetric_sign_t *p_sign; /** Function that performs the asymmetric verify operation */ - psa_drv_asymmetric_opaque_verify_t *p_verify; + psa_drv_se_asymmetric_verify_t *p_verify; /** Function that performs the asymmetric encrypt operation */ - psa_drv_asymmetric_opaque_encrypt_t *p_encrypt; + psa_drv_se_asymmetric_encrypt_t *p_encrypt; /** Function that performs the asymmetric decrypt operation */ - psa_drv_asymmetric_opaque_decrypt_t *p_decrypt; -} psa_drv_asymmetric_opaque_t; + psa_drv_se_asymmetric_decrypt_t *p_decrypt; +} psa_drv_se_asymmetric_t; /**@}*/ @@ -602,17 +602,17 @@ typedef struct { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - const uint8_t *p_nonce, - size_t nonce_length, - const uint8_t *p_additional_data, - size_t additional_data_length, - const uint8_t *p_plaintext, - size_t plaintext_length, - uint8_t *p_ciphertext, - size_t ciphertext_size, - size_t *p_ciphertext_length); +typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_plaintext, + size_t plaintext_length, + uint8_t *p_ciphertext, + size_t ciphertext_size, + size_t *p_ciphertext_length); /** Process an authenticated decryption operation using an opaque key * @@ -642,17 +642,17 @@ typedef psa_status_t (*psa_drv_aead_opaque_encrypt_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, - psa_algorithm_t algorithm, - const uint8_t *p_nonce, - size_t nonce_length, - const uint8_t *p_additional_data, - size_t additional_data_length, - const uint8_t *p_ciphertext, - size_t ciphertext_length, - uint8_t *p_plaintext, - size_t plaintext_size, - size_t *p_plaintext_length); +typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_key_slot_t key_slot, + psa_algorithm_t algorithm, + const uint8_t *p_nonce, + size_t nonce_length, + const uint8_t *p_additional_data, + size_t additional_data_length, + const uint8_t *p_ciphertext, + size_t ciphertext_length, + uint8_t *p_plaintext, + size_t plaintext_size, + size_t *p_plaintext_length); /** * \brief A struct containing all of the function pointers needed to implement @@ -665,10 +665,10 @@ typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot, */ typedef struct { /** Function that performs the AEAD encrypt operation */ - psa_drv_aead_opaque_encrypt_t *p_encrypt; + psa_drv_se_aead_encrypt_t *p_encrypt; /** Function that performs the AEAD decrypt operation */ - psa_drv_aead_opaque_decrypt_t *p_decrypt; -} psa_drv_aead_opaque_t; + psa_drv_se_aead_decrypt_t *p_decrypt; +} psa_drv_se_aead_t; /**@}*/ /** \defgroup driver_key_management Key Management @@ -696,12 +696,12 @@ typedef struct { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_opaque_import_key_t)(psa_key_slot_t key_slot, - psa_key_type_t type, - psa_algorithm_t algorithm, - psa_key_usage_t usage, - const uint8_t *p_data, - size_t data_length); +typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_t key_slot, + psa_key_type_t type, + psa_algorithm_t algorithm, + psa_key_usage_t usage, + const uint8_t *p_data, + size_t data_length); /** * \brief Destroy a key and restore the slot to its default state @@ -719,7 +719,7 @@ typedef psa_status_t (*psa_drv_opaque_import_key_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. */ -typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key); +typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_t key); /** * \brief Export a key in binary format @@ -761,10 +761,10 @@ typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -typedef psa_status_t (*psa_drv_export_key_t)(psa_key_slot_t key, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length); +typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_t key, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length); /** * \brief Export a public key or the public part of a key pair in binary format @@ -787,7 +787,7 @@ typedef psa_status_t (*psa_drv_export_key_t)(psa_key_slot_t key, * * \retval #PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key, +typedef psa_status_t (*psa_drv_se_export_public_key_t)(psa_key_slot_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length); @@ -803,14 +803,14 @@ typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key, */ typedef struct { /** Function that performs the key import operation */ - psa_drv_opaque_import_key_t *p_import; + psa_drv_se_import_key_t *p_import; /** Function that performs the key destroy operation */ - psa_drv_destroy_key_t *p_destroy; + psa_drv_se_destroy_key_t *p_destroy; /** Function that performs the key export operation */ - psa_drv_export_key_t *p_export; + psa_drv_se_export_key_t *p_export; /** Function that perforsm the public key export operation */ - psa_drv_export_public_key_t *p_export_public; -} psa_drv_key_management_t; + psa_drv_se_export_public_key_t *p_export_public; +} psa_drv_se_key_management_t; /**@}*/ @@ -881,9 +881,9 @@ typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context, - psa_algorithm_t kdf_alg, - psa_key_slot_t source_key); +typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context, + psa_algorithm_t kdf_alg, + psa_key_slot_t source_key); /** \brief Provide collateral (parameters) needed for a key derivation or key * agreement operation @@ -900,10 +900,10 @@ typedef psa_status_t (*psa_drv_key_derivation_setup_t)(psa_drv_key_derivation_co * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context, - uint32_t collateral_id, - const uint8_t *p_collateral, - size_t collateral_size); +typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context, + uint32_t collateral_id, + const uint8_t *p_collateral, + size_t collateral_size); /** \brief Perform the final key derivation step and place the generated key * material in a slot @@ -914,7 +914,7 @@ typedef psa_status_t (*psa_drv_key_derivation_collateral_t)(psa_drv_key_derivati * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context, psa_key_slot_t dest_key); /** \brief Perform the final step of a key agreement and place the generated @@ -928,7 +928,7 @@ typedef psa_status_t (*psa_drv_key_derivation_derive_t)(psa_drv_key_derivation_c * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output, +typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(uint8_t *p_output, size_t output_size, size_t *p_output_length); @@ -943,15 +943,15 @@ typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output, */ typedef struct { /** Function that performs the key derivation setup */ - psa_drv_key_derivation_setup_t *p_setup; + psa_drv_se_key_derivation_setup_t *p_setup; /** Function that sets the key derivation collateral */ - psa_drv_key_derivation_collateral_t *p_collateral; + psa_drv_se_key_derivation_collateral_t *p_collateral; /** Function that performs the final key derivation step */ - psa_drv_key_derivation_derive_t *p_derive; + psa_drv_se_key_derivation_derive_t *p_derive; /** Function that perforsm the final key derivation or agreement and * exports the key */ - psa_drv_key_derivation_export_t *p_export; -} psa_drv_key_derivation_t; + psa_drv_se_key_derivation_export_t *p_export; +} psa_drv_se_key_derivation_t; /**@}*/ From b2a1cceaf7342f628382d8a6d088e3a6c4e14fde Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:03:42 -0600 Subject: [PATCH 1053/2197] temporarily changed psa_key_slot_t to psa_key_slot_number_t to avoid naming collision --- include/psa/crypto_se_driver.h | 36 +++++++++++++++++----------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 7ca6d605a..5214c62d6 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -43,7 +43,7 @@ extern "C" { /** An internal designation of a key slot between the core part of the * PSA Crypto implementation and the driver. The meaning of this value * is driver-dependent. */ -typedef uint32_t psa_key_slot_t; +typedef uint32_t psa_key_slot_number_t; // TODO: Change this to psa_key_slot_t after psa_key_slot_t is removed from Mbed crypto /** \defgroup opaque_mac Opaque Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using @@ -76,7 +76,7 @@ typedef uint32_t psa_key_slot_t; * Success. */ typedef psa_status_t (*psa_drv_se_mac_setup_t)(void *p_context, - psa_key_slot_t key_slot, + psa_key_slot_number_t key_slot, psa_algorithm_t algorithm); /** \brief A function that continues a previously started MAC operation using @@ -160,7 +160,7 @@ typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *p_context); */ typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, size_t input_length, - psa_key_slot_t key_slot, + psa_key_slot_number_t key_slot, psa_algorithm_t alg, uint8_t *p_mac, size_t mac_size, @@ -187,7 +187,7 @@ typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, */ typedef psa_status_t (*psa_drv_se_mac_verify_t)(const uint8_t *p_input, size_t input_length, - psa_key_slot_t key_slot, + psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_mac, size_t mac_length); @@ -273,7 +273,7 @@ typedef struct { * \retval PSA_ERROR_NOT_SUPPORTED */ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(void *p_context, - psa_key_slot_t key_slot, + psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction); @@ -370,7 +370,7 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *p_context); * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction, const uint8_t *p_input, @@ -435,7 +435,7 @@ typedef struct { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, @@ -459,7 +459,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_t key_slot, * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, @@ -495,7 +495,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_t key_slot, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, @@ -532,7 +532,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_t key_slot, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, @@ -602,7 +602,7 @@ typedef struct { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -642,7 +642,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -696,7 +696,7 @@ typedef struct { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_t key_slot, +typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, psa_key_type_t type, psa_algorithm_t algorithm, psa_key_usage_t usage, @@ -719,7 +719,7 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_t key_slot, * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. */ -typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_t key); +typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key); /** * \brief Export a key in binary format @@ -761,7 +761,7 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_t key); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_t key, +typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length); @@ -787,7 +787,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_t key, * * \retval #PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_export_public_key_t)(psa_key_slot_t key, +typedef psa_status_t (*psa_drv_se_export_public_key_t)(psa_key_slot_number_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length); @@ -883,7 +883,7 @@ typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t */ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context, psa_algorithm_t kdf_alg, - psa_key_slot_t source_key); + psa_key_slot_number_t source_key); /** \brief Provide collateral (parameters) needed for a key derivation or key * agreement operation @@ -915,7 +915,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(psa_drv_key_deriv * \retval PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context, - psa_key_slot_t dest_key); + psa_key_slot_number_t dest_key); /** \brief Perform the final step of a key agreement and place the generated * key material in a buffer From ea743cf6b00617b461a091510a774b55f996358c Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:06:29 -0600 Subject: [PATCH 1054/2197] Removed * from function pointers (as they were already pointers) --- include/psa/crypto_se_driver.h | 54 +++++++++++++++++----------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 5214c62d6..f94b2f854 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -213,25 +213,25 @@ typedef struct { size_t context_size; /** Function that performs the setup operation */ - psa_drv_se_mac_setup_t *p_setup; + psa_drv_se_mac_setup_t p_setup; /** Function that performs the update operation */ - psa_drv_se_mac_update_t *p_update; + psa_drv_se_mac_update_t p_update; /** Function that completes the operation */ - psa_drv_se_mac_finish_t *p_finish; + psa_drv_se_mac_finish_t p_finish; /** Function that completed a MAC operation with a verify check */ - psa_drv_se_mac_finish_verify_t *p_finish_verify; + psa_drv_se_mac_finish_verify_t p_finish_verify; /** Function that aborts a previoustly started operation */ - psa_drv_se_mac_abort_t *p_abort; + psa_drv_se_mac_abort_t p_abort; /** Function that performs the MAC operation in one call */ - psa_drv_se_mac_generate_t *p_mac; + psa_drv_se_mac_generate_t p_mac; /** Function that performs the MAC and verify operation in one call */ - psa_drv_se_mac_verify_t *p_mac_verify; + psa_drv_se_mac_verify_t p_mac_verify; } psa_drv_se_mac_t; /**@}*/ @@ -394,20 +394,20 @@ typedef struct { */ size_t size; /** Function that performs the setup operation */ - psa_drv_se_cipher_setup_t *p_setup; + psa_drv_se_cipher_setup_t p_setup; /** Function that sets the IV (if necessary) */ - psa_drv_se_cipher_set_iv_t *p_set_iv; + psa_drv_se_cipher_set_iv_t p_set_iv; /** Function that performs the update operation */ - psa_drv_se_cipher_update_t *p_update; + psa_drv_se_cipher_update_t p_update; /** Function that completes the operation */ - psa_drv_se_cipher_finish_t *p_finish; + psa_drv_se_cipher_finish_t p_finish; /** Function that aborts the operation */ - psa_drv_se_cipher_abort_t *p_abort; + psa_drv_se_cipher_abort_t p_abort; /** Function that performs ECB mode for the cipher * (Danger: ECB mode should not be used directly by clients of the PSA * Crypto Client API) */ - psa_drv_se_cipher_ecb_t *p_ecb; + psa_drv_se_cipher_ecb_t p_ecb; } psa_drv_se_cipher_t; /**@}*/ @@ -553,13 +553,13 @@ typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_key_slot_number_t ke */ typedef struct { /** Function that performs the asymmetric sign operation */ - psa_drv_se_asymmetric_sign_t *p_sign; + psa_drv_se_asymmetric_sign_t p_sign; /** Function that performs the asymmetric verify operation */ - psa_drv_se_asymmetric_verify_t *p_verify; + psa_drv_se_asymmetric_verify_t p_verify; /** Function that performs the asymmetric encrypt operation */ - psa_drv_se_asymmetric_encrypt_t *p_encrypt; + psa_drv_se_asymmetric_encrypt_t p_encrypt; /** Function that performs the asymmetric decrypt operation */ - psa_drv_se_asymmetric_decrypt_t *p_decrypt; + psa_drv_se_asymmetric_decrypt_t p_decrypt; } psa_drv_se_asymmetric_t; /**@}*/ @@ -665,9 +665,9 @@ typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_key_slot_number_t key_slot */ typedef struct { /** Function that performs the AEAD encrypt operation */ - psa_drv_se_aead_encrypt_t *p_encrypt; + psa_drv_se_aead_encrypt_t p_encrypt; /** Function that performs the AEAD decrypt operation */ - psa_drv_se_aead_decrypt_t *p_decrypt; + psa_drv_se_aead_decrypt_t p_decrypt; } psa_drv_se_aead_t; /**@}*/ @@ -803,13 +803,13 @@ typedef psa_status_t (*psa_drv_se_export_public_key_t)(psa_key_slot_number_t key */ typedef struct { /** Function that performs the key import operation */ - psa_drv_se_import_key_t *p_import; + psa_drv_se_import_key_t p_import; /** Function that performs the key destroy operation */ - psa_drv_se_destroy_key_t *p_destroy; + psa_drv_se_destroy_key_t p_destroy; /** Function that performs the key export operation */ - psa_drv_se_export_key_t *p_export; + psa_drv_se_export_key_t p_export; /** Function that perforsm the public key export operation */ - psa_drv_se_export_public_key_t *p_export_public; + psa_drv_se_export_public_key_t p_export_public; } psa_drv_se_key_management_t; /**@}*/ @@ -943,14 +943,14 @@ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(uint8_t *p_output, */ typedef struct { /** Function that performs the key derivation setup */ - psa_drv_se_key_derivation_setup_t *p_setup; + psa_drv_se_key_derivation_setup_t p_setup; /** Function that sets the key derivation collateral */ - psa_drv_se_key_derivation_collateral_t *p_collateral; + psa_drv_se_key_derivation_collateral_t p_collateral; /** Function that performs the final key derivation step */ - psa_drv_se_key_derivation_derive_t *p_derive; + psa_drv_se_key_derivation_derive_t p_derive; /** Function that perforsm the final key derivation or agreement and * exports the key */ - psa_drv_se_key_derivation_export_t *p_export; + psa_drv_se_key_derivation_export_t p_export; } psa_drv_se_key_derivation_t; /**@}*/ From 0972fe548ce80de5f6d8896ebf2bc03c960b2450 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:08:27 -0600 Subject: [PATCH 1055/2197] added lifetime paramter to psa_drv_se_import_key_t as the SE needs to know this --- include/psa/crypto_se_driver.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f94b2f854..fdeb2b150 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -697,6 +697,7 @@ typedef struct { * Success. */ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, + psa_key_lifetime_t lifetime, psa_key_type_t type, psa_algorithm_t algorithm, psa_key_usage_t usage, From 0b3098a48609c797ebbf07a552071e5c96e7947a Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:10:49 -0600 Subject: [PATCH 1056/2197] added generate key. Removed pubkey export --- include/psa/crypto_se_driver.h | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index fdeb2b150..aea9ec09d 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -788,10 +788,15 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * * \retval #PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_export_public_key_t)(psa_key_slot_number_t key, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length); +typedef psa_status_t (*psa_drv_se_generate_key_t) (psa_key_slot_number_t key_slot, + psa_key_type_t type, + psa_key_usage_t usage, + size_t bits, + const void *extra, + size_t extra_size, + uint8_t *p_pubkey_out, + size_t pubkey_out_size, + size_t *p_pubkey_length); /** * \brief A struct containing all of the function pointers needed to for key @@ -806,11 +811,11 @@ typedef struct { /** Function that performs the key import operation */ psa_drv_se_import_key_t p_import; /** Function that performs the key destroy operation */ - psa_drv_se_destroy_key_t p_destroy; + psa_drv_se_generate_key_t p_generate; /** Function that performs the key export operation */ - psa_drv_se_export_key_t p_export; + psa_drv_se_destroy_key_t p_destroy; /** Function that perforsm the public key export operation */ - psa_drv_se_export_public_key_t p_export_public; + psa_drv_se_export_key_t p_export; } psa_drv_se_key_management_t; /**@}*/ From 6211726c6125344caa9bc509d90f1f7add0b3765 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:12:26 -0600 Subject: [PATCH 1057/2197] Removed key deriv. context struct, replaced with void* and a context_size --- include/psa/crypto_se_driver.h | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index aea9ec09d..98d4767b1 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -874,7 +874,6 @@ typedef struct { * The contents of this structure are implementation dependent and are * therefore not described here */ -typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t; /** \brief Set up a key derivation operation by specifying the algorithm and * the source key sot @@ -887,7 +886,7 @@ typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(void *p_context, psa_algorithm_t kdf_alg, psa_key_slot_number_t source_key); @@ -906,7 +905,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_key_derivation * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *p_context, uint32_t collateral_id, const uint8_t *p_collateral, size_t collateral_size); @@ -920,8 +919,8 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(psa_drv_key_deriv * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context, - psa_key_slot_number_t dest_key); +typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *p_context, + psa_key_slot_number_t dest_key); /** \brief Perform the final step of a key agreement and place the generated * key material in a buffer @@ -934,9 +933,10 @@ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(psa_drv_key_derivatio * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(uint8_t *p_output, - size_t output_size, - size_t *p_output_length); +typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *p_context, + uint8_t *p_output, + size_t output_size, + size_t *p_output_length); /** * \brief A struct containing all of the function pointers needed to for key @@ -948,6 +948,8 @@ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(uint8_t *p_output, * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { + /** The driver-specific size of the key derivation context */ + size_t context_size; /** Function that performs the key derivation setup */ psa_drv_se_key_derivation_setup_t p_setup; /** Function that sets the key derivation collateral */ From 34b33f198bbf3285a1fe2a36a899b14215649f07 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:13:54 -0600 Subject: [PATCH 1058/2197] Changed psa_drv_se_cipher_t.size to context_size to be consistent --- include/psa/crypto_se_driver.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 98d4767b1..438067f26 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -392,8 +392,8 @@ typedef struct { /** The size in bytes of the hardware-specific Opaque Cipher context * structure */ - size_t size; - /** Function that performs the setup operation */ + size_t context_size; + /** Function that performs a cipher setup operation */ psa_drv_se_cipher_setup_t p_setup; /** Function that sets the IV (if necessary) */ psa_drv_se_cipher_set_iv_t p_set_iv; From 6aaa4fd73bae6e255a8973c740cb34f40f759c33 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:15:54 -0600 Subject: [PATCH 1059/2197] added key_type parameter to asymmetric operations because the accelerator need this info --- include/psa/crypto_accel_driver.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 72187152b..dd603fe91 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -656,6 +656,7 @@ typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, + psa_key_type_t key_type, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, @@ -689,6 +690,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, + psa_key_type_t key_type, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, @@ -733,6 +735,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, + psa_key_type_t key_type, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, @@ -779,6 +782,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, typedef psa_status_t (*psa_drv_accel_asymmetric_decrypt_t)(const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, + psa_key_type_t key_type, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, From 8a241a57791cb3918c503a5f45f64e82836034c8 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:17:25 -0600 Subject: [PATCH 1060/2197] Replaced entropy driver context with void * to support multiple entropy drivers --- include/psa/crypto_entropy_driver.h | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h index f5e383e6c..79b7f7fd5 100644 --- a/include/psa/crypto_entropy_driver.h +++ b/include/psa/crypto_entropy_driver.h @@ -40,10 +40,6 @@ extern "C" { */ /**@{*/ -/** \brief A hardware-specific structure for a entropy providing hardware - */ -typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t; - /** \brief Initialize an entropy driver * * @@ -53,7 +49,7 @@ typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t; * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context); +typedef psa_status_t (*psa_drv_entropy_init_t)(void *p_context); /** \brief Get a specified number of bits from the entropy source * @@ -81,7 +77,7 @@ typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_cont * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context, +typedef psa_status_t (*psa_drv_entropy_get_bits_t)(void *p_context, uint8_t *p_buffer, uint32_t buffer_size, uint32_t *p_received_entropy_bits); @@ -96,6 +92,8 @@ typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_ * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { + /** The driver-specific size of the entropy context */ + const size_t context_size; /** Function that performs initialization for the entropy source */ psa_drv_entropy_init_t *p_init; /** Function that performs the get_bits operation for the entropy source From 28d483ef2fa0ed6b24bd5f942ccaa3c9c1b72b58 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:18:03 -0600 Subject: [PATCH 1061/2197] removed * from entropy function pointers as they are already pointers --- include/psa/crypto_entropy_driver.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h index 79b7f7fd5..1d94432ef 100644 --- a/include/psa/crypto_entropy_driver.h +++ b/include/psa/crypto_entropy_driver.h @@ -95,10 +95,10 @@ typedef struct { /** The driver-specific size of the entropy context */ const size_t context_size; /** Function that performs initialization for the entropy source */ - psa_drv_entropy_init_t *p_init; + psa_drv_entropy_init_t p_init; /** Function that performs the get_bits operation for the entropy source */ - psa_drv_entropy_get_bits_t *p_get_bits; + psa_drv_entropy_get_bits_t p_get_bits; } psa_drv_entropy_t; /**@}*/ From f0c1d0d375fbc78f9d4a54d31ce71d001fdc7253 Mon Sep 17 00:00:00 2001 From: Derek Miller Date: Fri, 15 Feb 2019 17:23:42 -0600 Subject: [PATCH 1062/2197] Doxygen changes to match the code changes. clarifications. --- include/psa/crypto_accel_driver.h | 229 +++++++++-------- include/psa/crypto_entropy_driver.h | 7 +- include/psa/crypto_se_driver.h | 364 ++++++++++++++-------------- 3 files changed, 310 insertions(+), 290 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index dd603fe91..57bc18dad 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -38,12 +38,13 @@ extern "C" { #endif -/** \defgroup driver_digest Message Digests +/** \defgroup driver_digest Hardware-Accelerated Message Digests * * Generation and authentication of Message Digests (aka hashes) must be done * in parts using the following sequence: * - `psa_drv_hash_setup_t` * - `psa_drv_hash_update_t` + * - `psa_drv_hash_update_t` * - ... * - `psa_drv_hash_finish_t` * @@ -64,7 +65,7 @@ typedef struct psa_drv_hash_context_s psa_drv_hash_context_t; /** \brief The function prototype for the start operation of a hash (message * digest) operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * psa_drv_hash__setup @@ -81,7 +82,7 @@ typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context); /** \brief The function prototype for the update operation of a hash (message * digest) operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * psa_drv_hash__update @@ -99,10 +100,10 @@ typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context, const uint8_t *p_input, size_t input_length); -/** \brief The prototype for the finish operation of a hash (message digest) - * operation +/** \brief The function prototype for the finish operation of a hash (message + * digest) operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * psa_drv_hash__finish @@ -130,7 +131,7 @@ typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context, /** \brief The function prototype for the abort operation of a hash (message * digest) operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} * psa_drv_hash__abort @@ -144,26 +145,26 @@ typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context); /**@}*/ -/** \defgroup transparent_mac Transparent Message Authentication Code +/** \defgroup accel_mac Hardware-Accelerated Message Authentication Code * Generation and authentication of Message Authentication Codes (MACs) using - * transparent keys can be done either as a single function call (via the - * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t` + * cryptographic accelerators can be done either as a single function call (via the + * `psa_drv_accel_mac_generate_t` or `psa_drv_accel_mac_verify_t` * functions), or in parts using the following sequence: - * - `psa_drv_mac_transparent_setup_t` - * - `psa_drv_mac_transparent_update_t` - * - `psa_drv_mac_transparent_update_t` + * - `psa_drv_accel_mac_setup_t` + * - `psa_drv_accel_mac_update_t` + * - `psa_drv_accel_mac_update_t` * - ... - * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t` + * - `psa_drv_accel_mac_finish_t` or `psa_drv_accel_mac_finish_verify_t` * - * If a previously started Transparent MAC operation needs to be terminated, it - * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may + * If a previously started MAC operation needs to be terminated, it + * should be done so by the `psa_drv_accel_mac_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. * */ /**@{*/ -/** \brief The hardware-specific transparent-key MAC context structure +/** \brief The hardware-accelerator-specific MAC context structure * * The contents of this structure are implementation dependent and are * therefore not described here. @@ -171,12 +172,12 @@ typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context); typedef struct psa_drv_accel_mac_context_s psa_drv_accel_mac_context_t; /** \brief The function prototype for the setup operation of a - * transparent-key MAC operation + * hardware-accelerated MAC operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___setup + * psa_drv_accel_mac___setup * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT` * is the specific variant of a MAC operation (such as HMAC or CMAC) @@ -195,12 +196,12 @@ typedef psa_status_t (*psa_drv_accel_mac_setup_t)(psa_drv_accel_mac_context_t *p size_t key_length); /** \brief The function prototype for the update operation of a - * transparent-key MAC operation + * hardware-accelerated MAC operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___update + * psa_drv_accel_mac___update * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` * is the specific variant of a MAC operation (such as HMAC or CMAC) @@ -217,12 +218,12 @@ typedef psa_status_t (*psa_drv_accel_mac_update_t)(psa_drv_accel_mac_context_t * size_t input_length); /** \brief The function prototype for the finish operation of a - * transparent-key MAC operation + * hardware-accelerated MAC operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___finish + * psa_drv_accel_mac___finish * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -242,12 +243,12 @@ typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t * size_t mac_length); /** \brief The function prototype for the finish and verify operation of a - * transparent-key MAC operation + * hardware-accelerated MAC operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___finish_verify + * psa_drv_accel_mac___finish_verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -268,12 +269,12 @@ typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_cont size_t mac_length); /** \brief The function prototype for the abort operation for a previously - * started transparent-key MAC operation + * started hardware-accelerated MAC operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___abort + * psa_drv_accel_mac___abort * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -285,13 +286,13 @@ typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_cont */ typedef psa_status_t (*psa_drv_accel_mac_abort_t)(psa_drv_accel_mac_context_t *p_context); -/** \brief The function prototype for a one-shot operation of a transparent-key - * MAC operation +/** \brief The function prototype for the one-shot operation of a + * hardware-accelerated MAC operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent__ + * psa_drv_accel_mac__ * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -314,13 +315,13 @@ typedef psa_status_t (*psa_drv_accel_mac_t)(const uint8_t *p_input, uint8_t *p_mac, size_t mac_length); -/** \brief The function prototype for a one-shot operation of a transparent-key - * MAC Verify operation +/** \brief The function prototype for the one-shot hardware-accelerated MAC + * Verify operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_mac_transparent___verify + * psa_drv_accel_mac___verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is * the specific variant of a MAC operation (such as HMAC or CMAC) @@ -346,42 +347,44 @@ typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input, size_t mac_length); /**@}*/ -/** \defgroup transparent_cipher Transparent Block Cipher - * Encryption and Decryption using transparent keys in block modes other than - * ECB must be done in multiple parts, using the following flow: - * - `psa_drv_cipher_transparent_setup_t` - * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode) - * - `psa_drv_cipher_transparent_update_t` +/** \defgroup accel_cipher Hardware-Accelerated Block Ciphers + * Encryption and Decryption using hardware-acceleration in block modes other + * than ECB must be done in multiple parts, using the following flow: + * - `psa_drv_accel_ciphersetup_t` + * - `psa_drv_accel_cipher_set_iv_t` (optional depending upon block mode) + * - `psa_drv_accel_cipher_update_t` + * - `psa_drv_accel_cipher_update_t` * - ... - * - `psa_drv_cipher_transparent_finish_t` + * - `psa_drv_accel_cipher_finish_t` - * If a previously started Transparent Cipher operation needs to be terminated, - * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do - * so may result in allocated resources not being freed or in other undefined - * behavior. + * If a previously started hardware-accelerated Cipher operation needs to be + * terminated, it should be done so by the `psa_drv_accel_cipher_abort_t`. + * Failure to do so may result in allocated resources not being freed or in + * other undefined behavior. */ /**@{*/ -/** \brief The hardware-specific transparent-key Cipher context structure +/** \brief The hardware-accelerator-specific cipher context structure * * The contents of this structure are implementation dependent and are * therefore not described here. */ typedef struct psa_drv_accel_cipher_context_s psa_drv_accel_cipher_context_t; -/** \brief The function prototype for the setup operation of transparent-key - * block cipher operations. - * Functions that implement the prototype should be named in the following +/** \brief The function prototype for the setup operation of + * hardware-accelerated block cipher operations. + * Functions that implement this prototype should be named in the following * conventions: * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_setup__ + * psa_drv_accel_cipher_setup__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * or for stream ciphers: + * + * For stream ciphers: * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_setup_ + * psa_drv_accel_cipher_setup_ * ~~~~~~~~~~~~~ * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4) * @@ -401,11 +404,11 @@ typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_contex size_t key_data_size); /** \brief The function prototype for the set initialization vector operation - * of transparent-key block cipher operations - * Functions that implement the prototype should be named in the following + * of hardware-accelerated block cipher operations + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_set_iv__ + * psa_drv_accel_cipher_set_iv__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -422,13 +425,13 @@ typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_conte const uint8_t *p_iv, size_t iv_length); -/** \brief The function prototype for the update operation of transparent-key - * block cipher operations. +/** \brief The function prototype for the update operation of + * hardware-accelerated block cipher operations. * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_update__ + * psa_drv_accel_cipher_update__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -454,13 +457,13 @@ typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_conte size_t output_size, size_t *p_output_length); -/** \brief The function prototype for the finish operation of transparent-key - * block cipher operations. +/** \brief The function prototype for the finish operation of + * hardware-accelerated block cipher operations. * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_finish__ + * psa_drv_accel_cipher_finish__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -481,13 +484,13 @@ typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_conte size_t output_size, size_t *p_output_length); -/** \brief The function prototype for the abort operation of transparent-key - * block cipher operations. +/** \brief The function prototype for the abort operation of + * hardware-accelerated block cipher operations. * * Functions that implement the following prototype should be named in the * following convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_cipher_transparent_abort__ + * psa_drv_accel_cipher_abort__ * ~~~~~~~~~~~~~ * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) @@ -502,23 +505,23 @@ typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_contex /**@}*/ -/** \defgroup aead_transparent AEAD Transparent +/** \defgroup accel_aead Hardware-Accelerated Authenticated Encryption with Additional Data * - * Authenticated Encryption with Additional Data (AEAD) operations with - * transparent keys must be done in one function call. While this creates a - * burden for implementers as there must be sufficient space in memory for the - * entire message, it prevents decrypted data from being made available before - * the authentication operation is complete and the data is known to be - * authentic. + * Hardware-accelerated Authenticated Encryption with Additional Data (AEAD) + * operations must be done in one function call. While this creates a burden + * for implementers as there must be sufficient space in memory for the entire + * message, it prevents decrypted data from being made available before the + * authentication operation is complete and the data is known to be authentic. */ /**@{*/ -/** Process an authenticated encryption operation using an opaque key. +/** \brief The function prototype for the hardware-accelerated authenticated + * encryption operation. * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_aead__encrypt + * psa_drv_accel_aead__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the AEAD algorithm * @@ -566,12 +569,13 @@ typedef psa_status_t (*psa_drv_accel_aead_encrypt_t)(const uint8_t *p_key, size_t ciphertext_size, size_t *ciphertext_length); -/** Process an authenticated decryption operation using an opaque key. +/** \brief The function prototype for the hardware-accelerated authenticated + * decryption operation. * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_aead__decrypt + * psa_drv_accel_aead__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the AEAD algorithm * \param[in] p_key A pointer to the key material @@ -619,26 +623,30 @@ typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key, /**@}*/ -/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography +/** \defgroup accel_asymmetric Hardware-Accelerated Asymmetric Cryptography * * Since the amount of data that can (or should) be encrypted or signed using - * asymmetric keys is limited by the key size, asymmetric key operations using - * transparent keys must be done in single function calls. + * asymmetric keys is limited by the key size, hardware-accelerated asymmetric + * key operations must be done in single function calls. */ /**@{*/ /** - * \brief A function that signs a hash or short message with a transparent - * asymmetric private key + * \brief The function prototype for the hardware-accelerated asymmetric sign + * operation. * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__sign + * psa_drv_accel_asymmetric__sign * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * + * This function supports any asymmetric-key output from psa_export_key() as + * the buffer in \ref p_key. Refer to the documentation of \ref + * psa_export_key() for the formats. + * * \param[in] p_key A buffer containing the private key * material * \param[in] key_size The size in bytes of the `p_key` data @@ -664,16 +672,21 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, size_t *p_signature_length); /** - * \brief A function that verifies the signature a hash or short message using - * a transparent asymmetric public key + * \brief The function prototype for the hardware-accelerated signature verify + * operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__verify + * psa_drv_accel_asymmetric__verify * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * + * This function supports any output from \ref psa_export_public_key() as the + * buffer in \ref p_key. Refer to the documentation of \ref + * psa_export_public_key() for the format of public keys and to the + * documentation of \ref psa_export_key() for the format for other key types. + * * \param[in] p_key A buffer containing the public key material * \param[in] key_size The size in bytes of the `p_key` data * \param[in] alg A signature algorithm that is compatible with @@ -697,15 +710,20 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, size_t signature_length); /** - * \brief A function that encrypts a short message with a transparent - * asymmetric public key + * \brief The function prototype for the hardware-accelerated asymmetric + * encrypt operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__encrypt + * psa_drv_accel_asymmetric__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm + * + * This function supports any output from \ref psa_export_public_key() as the + * buffer in \ref p_key. Refer to the documentation of \ref + * psa_export_public_key() for the format of public keys and to the + * documentation of \ref psa_export_key() for the format for other key types. * * \param[in] p_key A buffer containing the public key material * \param[in] key_size The size in bytes of the `p_key` data @@ -745,14 +763,19 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, size_t *p_output_length); /** - * \brief Decrypt a short message with a transparent asymmetric private key + * \brief The function prototype for the hardware=acce;erated asymmetric + * decrypt operation * - * Functions that implement the prototype should be named in the following + * Functions that implement this prototype should be named in the following * convention: * ~~~~~~~~~~~~~{.c} - * psa_drv_asymmetric__decrypt + * psa_drv_accel_asymmetric__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm + * + * This function supports any asymmetric-key output from psa_export_key() as + * the buffer in \ref p_key. Refer to the documentation of \ref + * psa_export_key() for the formats. * * \param[in] p_key A buffer containing the private key material * \param[in] key_size The size in bytes of the `p_key` data diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h index 1d94432ef..f596b6bd4 100644 --- a/include/psa/crypto_entropy_driver.h +++ b/include/psa/crypto_entropy_driver.h @@ -95,10 +95,9 @@ typedef struct { /** The driver-specific size of the entropy context */ const size_t context_size; /** Function that performs initialization for the entropy source */ - psa_drv_entropy_init_t p_init; - /** Function that performs the get_bits operation for the entropy source - */ - psa_drv_entropy_get_bits_t p_get_bits; + psa_drv_entropy_init_t p_init; + /** Function that performs the get_bits operation for the entropy source */ + psa_drv_entropy_get_bits_t p_get_bits; } psa_drv_entropy_t; /**@}*/ diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 438067f26..18ef1c47b 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -3,10 +3,10 @@ * \brief PSA external cryptoprocessor driver module * * This header declares types and function signatures for cryptography - * drivers that access key material via opaque references. This is - * meant for cryptoprocessors that have a separate key storage from the + * drivers that access key material via opaque references. + * This is meant for cryptoprocessors that have a separate key storage from the * space in which the PSA Crypto implementation runs, typically secure - * elements. + * elements (SEs). * * This file is part of the PSA Crypto Driver Model, containing functions for * driver developers to implement to enable hardware to be called in a @@ -45,25 +45,25 @@ extern "C" { * is driver-dependent. */ typedef uint32_t psa_key_slot_number_t; // TODO: Change this to psa_key_slot_t after psa_key_slot_t is removed from Mbed crypto -/** \defgroup opaque_mac Opaque Message Authentication Code +/** \defgroup se_mac Secure Element Message Authentication Codes * Generation and authentication of Message Authentication Codes (MACs) using - * opaque keys can be done either as a single function call (via the - * `psa_drv_mac_opaque_generate_t` or `psa_drv_mac_opaque_verify_t` functions), or in + * a secure element can be done either as a single function call (via the + * `psa_drv_se_mac_generate_t` or `psa_drv_se_mac_verify_t` functions), or in * parts using the following sequence: - * - `psa_drv_mac_opaque_setup_t` - * - `psa_drv_mac_opaque_update_t` - * - `psa_drv_mac_opaque_update_t` + * - `psa_drv_se_mac_setup_t` + * - `psa_drv_se_mac_update_t` + * - `psa_drv_se_mac_update_t` * - ... - * - `psa_drv_mac_opaque_finish_t` or `psa_drv_mac_opaque_finish_verify_t` + * - `psa_drv_se_mac_finish_t` or `psa_drv_se_mac_finish_verify_t` * - * If a previously started Opaque MAC operation needs to be terminated, it - * should be done so by the `psa_drv_mac_opaque_abort_t`. Failure to do so may + * If a previously started secure element MAC operation needs to be terminated, + * it should be done so by the `psa_drv_se_mac_abort_t`. Failure to do so may * result in allocated resources not being freed or in other undefined * behavior. */ /**@{*/ -/** \brief A function that starts a MAC operation for a PSA Crypto Driver - * implementation using an opaque key +/** \brief A function that starts a secure element MAC operation for a PSA + * Crypto Driver implementation * * \param[in,out] p_context A structure that will contain the * hardware-specific MAC context @@ -79,12 +79,12 @@ typedef psa_status_t (*psa_drv_se_mac_setup_t)(void *p_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm); -/** \brief A function that continues a previously started MAC operation using - * an opaque key +/** \brief A function that continues a previously started secure element MAC + * operation * * \param[in,out] p_context A hardware-specific structure for the * previously-established MAC operation to be - * continued + * updated * \param[in] p_input A buffer containing the message to be appended * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer @@ -93,8 +93,8 @@ typedef psa_status_t (*psa_drv_se_mac_update_t)(void *p_context, const uint8_t *p_input, size_t input_length); -/** \brief a function that completes a previously started MAC operation by - * returning the resulting MAC using an opaque key +/** \brief a function that completes a previously started secure element MAC + * operation by returning the resulting MAC. * * \param[in,out] p_context A hardware-specific structure for the * previously started MAC operation to be @@ -114,8 +114,8 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *p_context, size_t mac_size, size_t *p_mac_length); -/** \brief A function that completes a previously started MAC operation by - * comparing the resulting MAC against a known value using an opaque key +/** \brief A function that completes a previously started secure element MAC + * operation by comparing the resulting MAC against a provided value * * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be fiinished @@ -134,15 +134,16 @@ typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *p_context, const uint8_t *p_mac, size_t mac_length); -/** \brief A function that aborts a previous started opaque-key MAC operation +/** \brief A function that aborts a previous started secure element MAC + * operation * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be aborted */ typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *p_context); -/** \brief A function that performs a MAC operation in one command and returns - * the calculated MAC using an opaque key +/** \brief A function that performs a secure element MAC operation in one + * command and returns the calculated MAC * * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `p_input` @@ -166,8 +167,8 @@ typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, size_t mac_size, size_t *p_mac_length); -/** \brief A function that performs an MAC operation in one command and - * compare the resulting MAC against a known value using an opaque key +/** \brief A function that performs a secure element MAC operation in one + * command and compares the resulting MAC against a provided value * * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `input` @@ -193,13 +194,13 @@ typedef psa_status_t (*psa_drv_se_mac_verify_t)(const uint8_t *p_input, size_t mac_length); /** \brief A struct containing all of the function pointers needed to - * implement MAC operations using opaque keys. + * perform secure element MAC operations * * PSA Crypto API implementations should populate the table as appropriate * upon startup. * * If one of the functions is not implemented (such as - * `psa_drv_mac_opaque_generate_t`), it should be set to NULL. + * `psa_drv_se_mac_generate_t`), it should be set to NULL. * * Driver implementers should ensure that they implement all of the functions * that make sense for their hardware, and that they provide a full solution @@ -208,57 +209,59 @@ typedef psa_status_t (*psa_drv_se_mac_verify_t)(const uint8_t *p_input, * */ typedef struct { - /**The size in bytes of the hardware-specific Opaque-MAC Context structure + /**The size in bytes of the hardware-specific secure element MAC context + * structure */ - size_t context_size; - /** Function that performs the setup operation + size_t context_size; + /** Function that performs a MAC setup operation */ psa_drv_se_mac_setup_t p_setup; - /** Function that performs the update operation + /** Function that performs a MAC update operation */ psa_drv_se_mac_update_t p_update; - /** Function that completes the operation + /** Function that completes a MAC operation */ psa_drv_se_mac_finish_t p_finish; - /** Function that completed a MAC operation with a verify check + /** Function that completes a MAC operation with a verify check */ psa_drv_se_mac_finish_verify_t p_finish_verify; - /** Function that aborts a previoustly started operation + /** Function that aborts a previoustly started MAC operation */ psa_drv_se_mac_abort_t p_abort; - /** Function that performs the MAC operation in one call + /** Function that performs a MAC operation in one call */ psa_drv_se_mac_generate_t p_mac; - /** Function that performs the MAC and verify operation in one call + /** Function that performs a MAC and verify operation in one call */ psa_drv_se_mac_verify_t p_mac_verify; } psa_drv_se_mac_t; /**@}*/ -/** \defgroup opaque_cipher Opaque Symmetric Ciphers +/** \defgroup se_cipher Secure Element Symmetric Ciphers * - * Encryption and Decryption using opaque keys in block modes other than ECB - * must be done in multiple parts, using the following flow: - * - `psa_drv_cipher_opaque_setup_t` - * - `psa_drv_cipher_opaque_set_iv_t` (optional depending upon block mode) - * - `psa_drv_cipher_opaque_update_t` + * Encryption and Decryption using secure element keys in block modes other + * than ECB must be done in multiple parts, using the following flow: + * - `psa_drv_se_cipher_setup_t` + * - `psa_drv_se_cipher_set_iv_t` (optional depending upon block mode) + * - `psa_drv_se_cipher_update_t` + * - `psa_drv_se_cipher_update_t` * - ... - * - `psa_drv_cipher_opaque_finish_t` + * - `psa_drv_se_cipher_finish_t` - * If a previously started Opaque Cipher operation needs to be terminated, it - * should be done so by the `psa_drv_cipher_opaque_abort_t`. Failure to do so may - * result in allocated resources not being freed or in other undefined - * behavior. + * If a previously started secure element Cipher operation needs to be + * terminated, it should be done so by the `psa_drv_se_cipher_abort_t`. Failure + * to do so may result in allocated resources not being freed or in other + * undefined behavior. * * In situations where a PSA Cryptographic API implementation is using a block * mode not-supported by the underlying hardware or driver, it can construct - * the block mode itself, while calling the `psa_drv_cipher_opaque_ecb_t` function - * pointer for the cipher operations. + * the block mode itself, while calling the `psa_drv_se_cipher_ecb_t` function + * for the cipher operations. */ /**@{*/ -/** \brief A function pointer that provides the cipher setup function for - * opaque-key operations +/** \brief A function that provides the cipher setup function for a + * secure element driver * * \param[in,out] p_context A structure that will contain the * hardware-specific cipher context. @@ -277,11 +280,11 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(void *p_context, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction); -/** \brief A function pointer that sets the initialization vector (if - * necessary) for an opaque cipher operation +/** \brief A function that sets the initialization vector (if + * necessary) for an secure element cipher operation * - * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two - * IV functions: one to set the IV, and one to generate it internally. The + * Rationale: The `psa_se_cipher_*` operation in the PSA Cryptographic API has + * two IV functions: one to set the IV, and one to generate it internally. The * generate function is not necessary for the drivers to implement as the PSA * Crypto implementation can do the generation using its RNG features. * @@ -296,7 +299,7 @@ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *p_context, const uint8_t *p_iv, size_t iv_length); -/** \brief A function that continues a previously started opaque-key cipher +/** \brief A function that continues a previously started secure element cipher * operation * * \param[in,out] p_context A hardware-specific structure for the @@ -321,7 +324,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *p_context, size_t output_size, size_t *p_output_length); -/** \brief A function that completes a previously started opaque-key cipher +/** \brief A function that completes a previously started secure element cipher * operation * * \param[in,out] p_context A hardware-specific structure for the @@ -340,7 +343,7 @@ typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *p_context, size_t output_size, size_t *p_output_length); -/** \brief A function that aborts a previously started opaque-key cipher +/** \brief A function that aborts a previously started secure element cipher * operation * * \param[in,out] p_context A hardware-specific structure for the @@ -348,8 +351,8 @@ typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *p_context, */ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *p_context); -/** \brief A function that performs the ECB block mode for opaque-key cipher - * operations +/** \brief A function that performs the ECB block mode for secure element + * cipher operations * * Note: this function should only be used with implementations that do not * provide a needed higher-level operation. @@ -380,30 +383,30 @@ typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_key_slot_number_t key_slot, /** * \brief A struct containing all of the function pointers needed to implement - * cipher operations using opaque keys. + * cipher operations using secure elements. * * PSA Crypto API implementations should populate instances of the table as - * appropriate upon startup. + * appropriate upon startup or at build time. * * If one of the functions is not implemented (such as - * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL. + * `psa_drv_se_cipher_ecb_t`), it should be set to NULL. */ typedef struct { - /** The size in bytes of the hardware-specific Opaque Cipher context - * structure + /** The size in bytes of the hardware-specific secure element cipher + * context structure */ size_t context_size; /** Function that performs a cipher setup operation */ psa_drv_se_cipher_setup_t p_setup; - /** Function that sets the IV (if necessary) */ + /** Function that sets a cipher IV (if necessary) */ psa_drv_se_cipher_set_iv_t p_set_iv; - /** Function that performs the update operation */ + /** Function that performs a cipher update operation */ psa_drv_se_cipher_update_t p_update; - /** Function that completes the operation */ + /** Function that completes a cipher operation */ psa_drv_se_cipher_finish_t p_finish; - /** Function that aborts the operation */ + /** Function that aborts a cipher operation */ psa_drv_se_cipher_abort_t p_abort; - /** Function that performs ECB mode for the cipher + /** Function that performs ECB mode for a cipher operation * (Danger: ECB mode should not be used directly by clients of the PSA * Crypto Client API) */ @@ -412,16 +415,17 @@ typedef struct { /**@}*/ -/** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography +/** \defgroup se_asymmetric Secure Element Asymmetric Cryptography * * Since the amount of data that can (or should) be encrypted or signed using * asymmetric keys is limited by the key size, asymmetric key operations using - * opaque keys must be done in single function calls. + * keys in a secure element must be done in single function calls. */ /**@{*/ /** - * \brief A function that signs a hash or short message with a private key + * \brief A function that signs a hash or short message with a private key in + * a secure element * * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg A signature algorithm that is compatible @@ -445,7 +449,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_number_t key_s /** * \brief A function that verifies the signature a hash or short message using - * an asymmetric public key + * an asymmetric public key in a secure element * * \param[in] key_slot Key slot of a public key or an asymmetric key * pair @@ -468,7 +472,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_number_t key /** * \brief A function that encrypts a short message with an asymmetric public - * key + * key in a secure element * * \param[in] key_slot Key slot of a public key or an asymmetric key * pair @@ -506,7 +510,8 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_number_t ke size_t *p_output_length); /** - * \brief Decrypt a short message with an asymmetric private key. + * \brief A function that decrypts a short message with an asymmetric private + * key in a secure element. * * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg An asymmetric encryption algorithm that is @@ -544,36 +549,37 @@ typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_key_slot_number_t ke /** * \brief A struct containing all of the function pointers needed to implement - * asymmetric cryptographic operations using opaque keys. + * asymmetric cryptographic operations using secure elements. * * PSA Crypto API implementations should populate instances of the table as - * appropriate upon startup. + * appropriate upon startup or at build time. * * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { - /** Function that performs the asymmetric sign operation */ + /** Function that performs an asymmetric sign operation */ psa_drv_se_asymmetric_sign_t p_sign; - /** Function that performs the asymmetric verify operation */ + /** Function that performs an asymmetric verify operation */ psa_drv_se_asymmetric_verify_t p_verify; - /** Function that performs the asymmetric encrypt operation */ + /** Function that performs an asymmetric encrypt operation */ psa_drv_se_asymmetric_encrypt_t p_encrypt; - /** Function that performs the asymmetric decrypt operation */ + /** Function that performs an asymmetric decrypt operation */ psa_drv_se_asymmetric_decrypt_t p_decrypt; } psa_drv_se_asymmetric_t; /**@}*/ -/** \defgroup aead_opaque AEAD Opaque - * Authenticated Encryption with Additional Data (AEAD) operations with opaque - * keys must be done in one function call. While this creates a burden for +/** \defgroup se_aead Secure Element Authenticated Encryption with Additional Data + * Authenticated Encryption with Additional Data (AEAD) operations with secure + * elements must be done in one function call. While this creates a burden for * implementers as there must be sufficient space in memory for the entire * message, it prevents decrypted data from being made available before the * authentication operation is complete and the data is known to be authentic. */ /**@{*/ -/** \brief Process an authenticated encryption operation using an opaque key +/** \brief A function that performs a secure element authenticated encryption + * operation * * \param[in] key_slot Slot containing the key to use. * \param[in] algorithm The AEAD algorithm to compute @@ -614,7 +620,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_number_t key_slot size_t ciphertext_size, size_t *p_ciphertext_length); -/** Process an authenticated decryption operation using an opaque key +/** A function that peforms a secure element authenticated decryption operation * * \param[in] key_slot Slot containing the key to use * \param[in] algorithm The AEAD algorithm to compute @@ -656,7 +662,7 @@ typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_key_slot_number_t key_slot /** * \brief A struct containing all of the function pointers needed to implement - * Authenticated Encryption with Additional Data operations using opaque keys + * secure element Authenticated Encryption with Additional Data operations * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. @@ -671,7 +677,7 @@ typedef struct { } psa_drv_se_aead_t; /**@}*/ -/** \defgroup driver_key_management Key Management +/** \defgroup se_key_management Secure Element Key Management * Currently, key management is limited to importing keys in the clear, * destroying keys, and exporting keys in the clear. * Whether a key may be exported is determined by the key policies in place @@ -679,7 +685,7 @@ typedef struct { */ /**@{*/ -/** \brief Import a key in binary format +/** \brief A function that imports a key into a secure element in binary format * * This function can support any output from psa_export_key(). Refer to the * documentation of psa_export_key() for the format for each key type. @@ -687,6 +693,7 @@ typedef struct { * \param[in] key_slot Slot where the key will be stored * This must be a valid slot for a key of the chosen * type. It must be unoccupied. + * \param[in] lifetime The required lifetime of the key storage * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value) * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value) * \param[in] usage The allowed uses of the key @@ -705,15 +712,14 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, size_t data_length); /** - * \brief Destroy a key and restore the slot to its default state + * \brief A function that destroys a secure element key and restore the slot to + * its default state * - * This function destroys the content of the key slot from both volatile - * memory and, if applicable, non-volatile storage. Implementations shall - * make a best effort to ensure that any previous content of the slot is - * unrecoverable. + * This function destroys the content of the key from a secure element. + * Implementations shall make a best effort to ensure that any previous content + * of the slot is unrecoverable. * - * This function also erases any metadata such as policies. It returns the - * specified slot to its default state. + * This function returns the specified slot to its default state. * * \param[in] key_slot The key slot to erase. * @@ -723,7 +729,7 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key); /** - * \brief Export a key in binary format + * \brief A function that exports a secure element key in binary format * * The output of this function can be passed to psa_import_key() to * create an equivalent object. @@ -733,19 +739,9 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key); * identical: the implementation may choose a different representation * of the same key if the format permits it. * - * For standard key types, the output format is as follows: - * - * - For symmetric keys (including MAC keys), the format is the - * raw bytes of the key. - * - For DES, the key data consists of 8 bytes. The parity bits must be - * correct. - * - For Triple-DES, the format is the concatenation of the - * two or three DES keys. - * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format - * is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017) - * as RSAPrivateKey. - * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format - * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo. + * This function should generate output in the same format that + * `psa_export_key()` does. Refer to the + * documentation of `psa_export_key()` for the format for each key type. * * \param[in] key Slot whose content is to be exported. This must * be an occupied key slot. @@ -768,25 +764,32 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, size_t *p_data_length); /** - * \brief Export a public key or the public part of a key pair in binary format - * - * The output of this function can be passed to psa_import_key() to - * create an object that is equivalent to the public key. - * - * For standard key types, the output format is as follows: - * - * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY), - * the format is the DER representation of the public key defined by RFC 5280 - * as SubjectPublicKeyInfo. - * - * \param[in] key_slot Slot whose content is to be exported. This must - * be an occupied key slot. - * \param[out] p_data Buffer where the key data is to be written. - * \param[in] data_size Size of the `data` buffer in bytes. - * \param[out] p_data_length On success, the number of bytes - * that make up the key data. - * - * \retval #PSA_SUCCESS + * \brief A function that generates a symmetric or asymmetric key on a secure + * element + * + * If `type` is asymmetric (`#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) == 1`), + * the public component of the generated key will be placed in `p_pubkey_out`. + * The format of the public key information will match the format specified for + * the `psa_export_key()` function for the key type. + * + * \param[in] key_slot Slot where the generated key will be placed + * \param[in] type The type of the key to be generated + * \param[in] usage The prescribed usage of the generated key + * Note: Not all Secure Elements support the same + * restrictions that PSA Crypto does (and vice versa). + * Driver developers should endeavor to match the + * usages as close as possible. + * \param[in] bits The size in bits of the key to be generated. + * \param[in] extra Extra parameters for key generation. The + * interpretation of this parameter should match the + * interpretation in the `extra` parameter is the + * `psa_generate_key` function + * \param[in] extra_size The size in bytes of the \ref extra buffer + * \param[out] p_pubkey_out The buffer where the public key information will + * be placed + * \param[in] pubkey_out_size The size in bytes of the `p_pubkey_out` buffer + * \param[out] p_pubkey_length Upon successful completion, will contain the + * size of the data placed in `p_pubkey_out`. */ typedef psa_status_t (*psa_drv_se_generate_key_t) (psa_key_slot_number_t key_slot, psa_key_type_t type, @@ -799,28 +802,28 @@ typedef psa_status_t (*psa_drv_se_generate_key_t) (psa_key_slot_number_t key_slo size_t *p_pubkey_length); /** - * \brief A struct containing all of the function pointers needed to for key - * management using opaque keys + * \brief A struct containing all of the function pointers needed to for secure + * element key management * * PSA Crypto API implementations should populate instances of the table as - * appropriate upon startup. + * appropriate upon startup or at build time. * * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { - /** Function that performs the key import operation */ - psa_drv_se_import_key_t p_import; - /** Function that performs the key destroy operation */ + /** Function that performs a key import operation */ + psa_drv_se_import_key_t p_import; + /** Function that performs a generation */ psa_drv_se_generate_key_t p_generate; - /** Function that performs the key export operation */ + /** Function that performs a key destroy operation */ psa_drv_se_destroy_key_t p_destroy; - /** Function that perforsm the public key export operation */ + /** Function that performs a key export operation */ psa_drv_se_export_key_t p_export; } psa_drv_se_key_management_t; /**@}*/ -/** \defgroup driver_derivation Key Derivation and Agreement +/** \defgroup driver_derivation Secure Element Key Derivation and Agreement * Key derivation is the process of generating new key material using an * existing key and additional parameters, iterating through a basic * cryptographic function, such as a hash. @@ -831,52 +834,46 @@ typedef struct { * for both of the flows. * * There are two different final functions for the flows, - * `psa_drv_key_derivation_derive` and `psa_drv_key_derivation_export`. - * `psa_drv_key_derivation_derive` is used when the key material should be placed - * in a slot on the hardware and not exposed to the caller. - * `psa_drv_key_derivation_export` is used when the key material should be returned - * to the PSA Cryptographic API implementation. + * `psa_drv_se_key_derivation_derive` and `psa_drv_se_key_derivation_export`. + * `psa_drv_se_key_derivation_derive` is used when the key material should be + * placed in a slot on the hardware and not exposed to the caller. + * `psa_drv_se_key_derivation_export` is used when the key material should be + * returned to the PSA Cryptographic API implementation. * * Different key derivation algorithms require a different number of inputs. * Instead of having an API that takes as input variable length arrays, which * can be problemmatic to manage on embedded platforms, the inputs are passed - * to the driver via a function, `psa_drv_key_derivation_collateral`, that is - * called multiple times with different `collateral_id`s. Thus, for a key + * to the driver via a function, `psa_drv_se_key_derivation_collateral`, that + * is called multiple times with different `collateral_id`s. Thus, for a key * derivation algorithm that required 3 paramter inputs, the flow would look * something like: * ~~~~~~~~~~~~~{.c} - * psa_drv_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); - * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_0, - * p_collateral_0, - * collateral_0_size); - * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_1, - * p_collateral_1, - * collateral_1_size); - * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_2, - * p_collateral_2, - * collateral_2_size); - * psa_drv_key_derivation_derive(); + * psa_drv_se_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes); + * psa_drv_se_key_derivation_collateral(kdf_algorithm_collateral_id_0, + * p_collateral_0, + * collateral_0_size); + * psa_drv_se_key_derivation_collateral(kdf_algorithm_collateral_id_1, + * p_collateral_1, + * collateral_1_size); + * psa_drv_se_key_derivation_collateral(kdf_algorithm_collateral_id_2, + * p_collateral_2, + * collateral_2_size); + * psa_drv_se_key_derivation_derive(); * ~~~~~~~~~~~~~ * * key agreement example: * ~~~~~~~~~~~~~{.c} - * psa_drv_key_derivation_setup(alg, source_key. dest_key_size_bytes); - * psa_drv_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); - * psa_drv_key_derivation_export(p_session_key, - * session_key_size, - * &session_key_length); + * psa_drv_se_key_derivation_setup(alg, source_key. dest_key_size_bytes); + * psa_drv_se_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size); + * psa_drv_se_key_derivation_export(p_session_key, + * session_key_size, + * &session_key_length); * ~~~~~~~~~~~~~ */ /**@{*/ -/** \brief The hardware-specific key derivation context structure - * - * The contents of this structure are implementation dependent and are - * therefore not described here - */ - -/** \brief Set up a key derivation operation by specifying the algorithm and - * the source key sot +/** \brief A function that Sets up a secure element key derivation operation by + * specifying the algorithm and the source key sot * * \param[in,out] p_context A hardware-specific structure containing any * context information for the implementation @@ -890,8 +887,8 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(void *p_context, psa_algorithm_t kdf_alg, psa_key_slot_number_t source_key); -/** \brief Provide collateral (parameters) needed for a key derivation or key - * agreement operation +/** \brief A function that provides collateral (parameters) needed for a secure + * element key derivation or key agreement operation * * Since many key derivation algorithms require multiple parameters, it is * expeced that this function may be called multiple times for the same @@ -910,8 +907,9 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *p_context, const uint8_t *p_collateral, size_t collateral_size); -/** \brief Perform the final key derivation step and place the generated key - * material in a slot +/** \brief A function that performs the final secure element key derivation + * step and place the generated key material in a slot + * * \param[in,out] p_context A hardware-specific structure containing any * context information for the implementation * \param[in] dest_key The slot where the generated key material @@ -922,8 +920,8 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *p_context, typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *p_context, psa_key_slot_number_t dest_key); -/** \brief Perform the final step of a key agreement and place the generated - * key material in a buffer +/** \brief A function that performs the final step of a secure element key + * agreement and place the generated key material in a buffer * * \param[out] p_output Buffer in which to place the generated key * material @@ -939,8 +937,8 @@ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *p_context, size_t *p_output_length); /** - * \brief A struct containing all of the function pointers needed to for key - * derivation and agreement + * \brief A struct containing all of the function pointers needed to for secure + * element key derivation and agreement * * PSA Crypto API implementations should populate instances of the table as * appropriate upon startup. @@ -950,13 +948,13 @@ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *p_context, typedef struct { /** The driver-specific size of the key derivation context */ size_t context_size; - /** Function that performs the key derivation setup */ + /** Function that performs a key derivation setup */ psa_drv_se_key_derivation_setup_t p_setup; - /** Function that sets the key derivation collateral */ + /** Function that sets key derivation collateral */ psa_drv_se_key_derivation_collateral_t p_collateral; - /** Function that performs the final key derivation step */ + /** Function that performs a final key derivation step */ psa_drv_se_key_derivation_derive_t p_derive; - /** Function that perforsm the final key derivation or agreement and + /** Function that perforsm a final key derivation or agreement and * exports the key */ psa_drv_se_key_derivation_export_t p_export; } psa_drv_se_key_derivation_t; From b4ecc27629bb8380e92d8060be2ec22de5ab9de0 Mon Sep 17 00:00:00 2001 From: David Saada Date: Thu, 14 Feb 2019 13:48:10 +0200 Subject: [PATCH 1063/2197] Replace PSA error code definitions with the ones defined in PSA spec --- include/psa/crypto.h | 42 +++++----- include/psa/crypto_se_driver.h | 2 +- include/psa/crypto_types.h | 5 ++ include/psa/crypto_values.h | 76 ++++++++----------- library/psa_crypto.c | 20 ++--- library/psa_crypto_slot_management.c | 8 +- library/psa_crypto_storage.h | 4 +- library/psa_crypto_storage_backend.h | 4 +- library/psa_crypto_storage_file.c | 4 +- library/psa_crypto_storage_its.c | 7 +- tests/suites/test_suite_psa_crypto.function | 34 ++++----- ...t_suite_psa_crypto_persistent_key.function | 2 +- ...test_suite_psa_crypto_slot_management.data | 2 +- ..._suite_psa_crypto_slot_management.function | 10 +-- .../test_suite_psa_crypto_storage_file.data | 4 +- 15 files changed, 108 insertions(+), 116 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 93f896890..25c3cb4db 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -193,7 +193,7 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * the policy has been saved to persistent storage. Implementations * may defer saving the policy until the key material is created. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_ALREADY_EXISTS * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -285,7 +285,7 @@ psa_status_t psa_allocate_key(psa_key_handle_t *handle); * Success. The application can now use the value of `*handle` * to access the newly allocated key slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_ARGUMENT * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -322,7 +322,7 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime, * to access the newly allocated key slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_ALREADY_EXISTS * There is already a key with the identifier \p id in the storage * area designated by \p lifetime. * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -401,7 +401,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * \retval #PSA_ERROR_INVALID_ARGUMENT * The key slot is invalid, * or the key data is not correctly formatted. - * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_ALREADY_EXISTS * There is already a key in the specified slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE @@ -470,7 +470,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * The handle is to a key slot which does not contain key material yet. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -554,7 +554,7 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -641,7 +641,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is neither a public key nor a key pair. * \retval #PSA_ERROR_NOT_SUPPORTED @@ -710,9 +710,9 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_ALREADY_EXISTS * \p target already contains key material. - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \p source does not contain key material. * \retval #PSA_ERROR_INVALID_ARGUMENT * The policy constraints on the source, on the target and @@ -1071,7 +1071,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. @@ -1128,7 +1128,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. @@ -1373,7 +1373,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. @@ -1432,7 +1432,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. @@ -1660,7 +1660,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. @@ -1716,7 +1716,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_SIGNATURE * The ciphertext is not authentic. * \retval #PSA_ERROR_NOT_PERMITTED @@ -2034,7 +2034,7 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, * \param output_length Number of bytes to output. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY + * \retval #PSA_ERROR_INSUFFICIENT_DATA * There were fewer than \p output_length bytes * in the generator. Note that in this case, no * output is written to the output buffer. @@ -2076,7 +2076,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * Success. * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. - * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY + * \retval #PSA_ERROR_INSUFFICIENT_DATA * There were fewer than \p output_length bytes * in the generator. Note that in this case, no * output is written to the output buffer. @@ -2088,7 +2088,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * implementation in general or in this particular slot. * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_ALREADY_EXISTS * There is already a key in the specified slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE @@ -2172,7 +2172,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg, @@ -2233,7 +2233,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c private_key is not compatible with \c alg, @@ -2332,7 +2332,7 @@ typedef struct { * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_OCCUPIED_SLOT + * \retval #PSA_ERROR_ALREADY_EXISTS * There is already a key in the specified slot. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 057866445..20cd4b45e 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -754,7 +754,7 @@ typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key); * that make up the key data. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_COMMUNICATION_FAILURE diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 9b44d6aef..29c985303 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -47,8 +47,13 @@ * This is either #PSA_SUCCESS (which is zero), indicating success, * or a nonzero value indicating that an error occurred. Errors are * encoded as one of the \c PSA_ERROR_xxx values defined here. + * If #PSA_SUCCESS is already defined, it means that #psa_status_t + * is also defined in an external header, so prevent its multiple + * definition. */ +#ifndef PSA_SUCCESS typedef int32_t psa_status_t; +#endif /**@}*/ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 2ae72e063..d42d8c28a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -40,25 +40,17 @@ * @{ */ -#if !defined(PSA_SUCCESS) -/* If PSA_SUCCESS is defined, assume that PSA crypto is being used - * together with PSA IPC, which also defines the identifier - * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case; - * the other error code names don't clash. This is a temporary hack - * until we unify error reporting in PSA IPC and PSA crypto. - * - * Note that psa_defs.h must be included before this header! - */ +/* PSA error codes */ + /** The action was completed successfully. */ #define PSA_SUCCESS ((psa_status_t)0) -#endif /* !defined(PSA_SUCCESS) */ /** An error occurred that does not correspond to any defined * failure cause. * * Implementations may use this error code if none of the other standard * error codes are applicable. */ -#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1) +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) /** The requested operation or a parameter is not supported * by this implementation. @@ -67,7 +59,7 @@ * parameter such as a key type, algorithm, etc. is not recognized. * If a combination of parameters is recognized and identified as * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */ -#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) /** The requested action is denied by a policy. * @@ -80,7 +72,7 @@ * not valid or not supported, it is unspecified whether the function * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or * #PSA_ERROR_INVALID_ARGUMENT. */ -#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) /** An output buffer is too small. * @@ -92,23 +84,19 @@ * buffer would succeed. However implementations may return this * error if a function has invalid or unsupported parameters in addition * to the parameters that determine the necessary output buffer size. */ -#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) -/** A slot is occupied, but must be empty to carry out the - * requested action. +/** Asking for an item that already exists * - * If a handle is invalid, it does not designate an occupied slot. - * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. - */ -#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5) + * Implementations should return this error, when attempting + * to write an item (like a key) that already exists. */ +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) -/** A slot is empty, but must be occupied to carry out the - * requested action. +/** Asking for an item that doesn't exist * - * If a handle is invalid, it does not designate an empty slot. - * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE. - */ -#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6) + * Implementations should return this error, if a requested item (like + * a key) does not exist. */ +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) /** The requested action cannot be performed in the current state. * @@ -118,9 +106,9 @@ * * Implementations shall not return this error code to indicate * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST * as applicable. */ -#define PSA_ERROR_BAD_STATE ((psa_status_t)7) +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) /** The parameters passed to the function are invalid. * @@ -129,20 +117,20 @@ * * Implementations shall not return this error code to indicate * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT + * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST * as applicable. * * Implementation shall not return this error code to indicate that a * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ -#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) /** There is not enough runtime memory. * * If the action is carried out across multiple security realms, this * error can refer to available memory in any of the security realms. */ -#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) /** There is not enough persistent storage. * @@ -151,7 +139,7 @@ * many functions that do not otherwise access storage may return this * error code if the implementation requires a mandatory log entry for * the requested action and the log storage space is full. */ -#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) /** There was a communication failure inside the implementation. * @@ -168,7 +156,7 @@ * cryptoprocessor but there was a breakdown of communication before * the cryptoprocessor could report the status to the application. */ -#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11) +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) /** There was a storage failure that may have led to data loss. * @@ -193,13 +181,13 @@ * permanent storage corruption. However application writers should * keep in mind that transient errors while reading the storage may be * reported using this error code. */ -#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) /** A hardware failure was detected. * * A hardware failure may be transient or permanent depending on the * cause. */ -#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) /** A tampering attempt was detected. * @@ -230,7 +218,7 @@ * This error indicates an attack against the application. Implementations * shall not return this error code as a consequence of the behavior of * the application itself. */ -#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14) +#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)-151) /** There is not enough entropy to generate random data needed * for the requested action. @@ -249,7 +237,7 @@ * secure pseudorandom generator (PRNG). However implementations may return * this error at any time if a policy requires the PRNG to be reseeded * during normal operation. */ -#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15) +#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148) /** The signature, MAC or hash is incorrect. * @@ -259,7 +247,7 @@ * * If the value to verify has an invalid size, implementations may return * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) /** The decrypted padding is incorrect. * @@ -275,17 +263,15 @@ * as close as possible to indistinguishable to an external observer. * In particular, the timing of a decryption operation should not * depend on the validity of the padding. */ -#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17) +#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150) -/** The generator has insufficient capacity left. - * - * Once a function returns this error, attempts to read from the - * generator will always return this error. */ -#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18) +/** Return this error when there's insufficient data when attempting + * to read from a resource. */ +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) /** The key handle is not valid. */ -#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19) +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5bf4f9924..fd9f38774 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -346,7 +346,7 @@ static psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_HARDWARE_FAILURE ); default: - return( PSA_ERROR_UNKNOWN_ERROR ); + return( PSA_ERROR_GENERIC_ERROR ); } } @@ -742,7 +742,7 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, return( status ); if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_OCCUPIED_SLOT ); + return( PSA_ERROR_ALREADY_EXISTS ); *p_slot = slot; return( status ); @@ -839,7 +839,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, if( status != PSA_SUCCESS ) return( status ); if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_DOES_NOT_EXIST ); /* Enforce that usage policy for the key slot contains all the flags * required by the usage parameter. There is one exception: public @@ -1001,7 +1001,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, return( status ); if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_DOES_NOT_EXIST ); if( type != NULL ) *type = slot->type; if( bits != NULL ) @@ -3098,7 +3098,7 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, size_t output_size, size_t *output_length ) { - psa_status_t status = PSA_ERROR_UNKNOWN_ERROR; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; int cipher_ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; @@ -3855,7 +3855,7 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, generator->capacity = 0; /* Go through the error path to wipe all confidential data now * that the generator object is useless. */ - status = PSA_ERROR_INSUFFICIENT_CAPACITY; + status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } if( output_length == 0 && @@ -3867,7 +3867,7 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, * INSUFFICIENT_CAPACITY, which is right for a finished * generator, for consistency with the case when * output_length > 0. */ - return( PSA_ERROR_INSUFFICIENT_CAPACITY ); + return( PSA_ERROR_INSUFFICIENT_DATA ); } generator->capacity -= output_length; @@ -4400,7 +4400,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) return( PSA_SUCCESS ); case PSA_ITS_ERROR_UID_NOT_FOUND: - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_DOES_NOT_EXIST ); case PSA_ITS_ERROR_STORAGE_FAILURE: return( PSA_ERROR_STORAGE_FAILURE ); @@ -4417,10 +4417,10 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) return( PSA_ERROR_NOT_SUPPORTED ); case PSA_ITS_ERROR_WRITE_ONCE: - return( PSA_ERROR_OCCUPIED_SLOT ); + return( PSA_ERROR_ALREADY_EXISTS ); default: - return( PSA_ERROR_UNKNOWN_ERROR ); + return( PSA_ERROR_GENERIC_ERROR ); } } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index c151c5eee..dad23c490 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -194,7 +194,7 @@ exit: * * \retval #PSA_SUCCESS * The slot content was loaded successfully. - * \retval #PSA_ERROR_EMPTY_SLOT + * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no content for this slot in persistent storage. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -274,11 +274,11 @@ psa_status_t psa_create_key( psa_key_lifetime_t lifetime, psa_status_t status; status = persistent_key_setup( lifetime, id, handle, - PSA_ERROR_EMPTY_SLOT ); + PSA_ERROR_DOES_NOT_EXIST ); switch( status ) { - case PSA_SUCCESS: return( PSA_ERROR_OCCUPIED_SLOT ); - case PSA_ERROR_EMPTY_SLOT: return( PSA_SUCCESS ); + case PSA_SUCCESS: return( PSA_ERROR_ALREADY_EXISTS ); + case PSA_ERROR_DOES_NOT_EXIST: return( PSA_SUCCESS ); default: return( status ); } } diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 85881c164..9da009d8d 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -84,7 +84,7 @@ extern "C" { * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_INSUFFICIENT_STORAGE * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_OCCUPIED_SLOT + * \retval PSA_ERROR_ALREADY_EXISTS */ psa_status_t psa_save_persistent_key( const psa_key_id_t key, const psa_key_type_t type, @@ -115,7 +115,7 @@ psa_status_t psa_save_persistent_key( const psa_key_id_t key, * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_MEMORY * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_DOES_NOT_EXIST */ psa_status_t psa_load_persistent_key( psa_key_id_t key, psa_key_type_t *type, diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h index 47896b872..83bd2f359 100644 --- a/library/psa_crypto_storage_backend.h +++ b/library/psa_crypto_storage_backend.h @@ -54,7 +54,7 @@ extern "C" { * * \retval PSA_SUCCESS * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_EMPTY_SLOT + * \retval PSA_ERROR_DOES_NOT_EXIST */ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, size_t data_size ); @@ -73,7 +73,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_STORAGE * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_OCCUPIED_SLOT + * \retval PSA_ERROR_ALREADY_EXISTS */ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, const uint8_t *data, diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c index 87420be98..a6e732dba 100644 --- a/library/psa_crypto_storage_file.c +++ b/library/psa_crypto_storage_file.c @@ -118,7 +118,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); if( psa_is_key_present_in_storage( key ) == 1 ) - return( PSA_ERROR_OCCUPIED_SLOT ); + return( PSA_ERROR_ALREADY_EXISTS ); file = fopen( temp_location, "wb" ); if( file == NULL ) @@ -186,7 +186,7 @@ psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, file = fopen( slot_location, "rb" ); if( file == NULL ) - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_DOES_NOT_EXIST ); if( fseek( file, 0, SEEK_END ) != 0 ) { diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 1873c69cc..f97a5d7de 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -27,6 +27,7 @@ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) +#include "psa/error.h" #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" #include "psa/internal_trusted_storage.h" @@ -43,7 +44,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) return( PSA_SUCCESS ); case PSA_ITS_ERROR_UID_NOT_FOUND: - return( PSA_ERROR_EMPTY_SLOT ); + return( PSA_ERROR_DOES_NOT_EXIST ); case PSA_ITS_ERROR_STORAGE_FAILURE: return( PSA_ERROR_STORAGE_FAILURE ); @@ -60,7 +61,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) return( PSA_ERROR_NOT_SUPPORTED ); case PSA_ITS_ERROR_WRITE_ONCE: - return( PSA_ERROR_OCCUPIED_SLOT ); + return( PSA_ERROR_ALREADY_EXISTS ); default: return( PSA_ERROR_UNKNOWN_ERROR ); @@ -114,7 +115,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, struct psa_its_info_t data_identifier_info; if( psa_is_key_present_in_storage( key ) == 1 ) - return( PSA_ERROR_OCCUPIED_SLOT ); + return( PSA_ERROR_ALREADY_EXISTS ); ret = psa_its_set( data_identifier, data_length, data, 0 ); status = its_to_psa_error( ret ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 929d1b268..92b6fb06e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -419,10 +419,10 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, size_t key_bits; uint8_t *public_key = NULL; size_t public_key_length; - /* Return UNKNOWN_ERROR if something other than the final call to + /* Return GENERIC_ERROR if something other than the final call to * psa_key_agreement fails. This isn't fully satisfactory, but it's * good enough: callers will report it as a failed test anyway. */ - psa_status_t status = PSA_ERROR_UNKNOWN_ERROR; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; PSA_ASSERT( psa_get_key_information( handle, &private_key_type, @@ -1027,7 +1027,7 @@ void import_export( data_t *data, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), - PSA_ERROR_EMPTY_SLOT ); + PSA_ERROR_DOES_NOT_EXIST ); /* Import the key */ PSA_ASSERT( psa_import_key( handle, type, @@ -1114,7 +1114,7 @@ void import_key_nonempty_slot( ) /* Import the key again */ status = psa_import_key( handle, type, data, sizeof( data ) ); - TEST_EQUAL( status, PSA_ERROR_OCCUPIED_SLOT ); + TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS ); exit: mbedtls_psa_crypto_free( ); @@ -1164,7 +1164,7 @@ void export_with_no_key_activity( ) status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); exit: mbedtls_psa_crypto_free( ); @@ -1187,7 +1187,7 @@ void cipher_with_no_key_activity( ) PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); - TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); exit: psa_cipher_abort( &operation ); @@ -1220,7 +1220,7 @@ void export_after_import_failure( data_t *data, int type_arg, status = psa_export_key( handle, exported, export_size, &exported_length ); - TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); exit: mbedtls_psa_crypto_free( ); @@ -1248,7 +1248,7 @@ void cipher_after_import_failure( data_t *data, int type_arg, TEST_EQUAL( status, expected_import_status ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); - TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT ); + TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); exit: psa_cipher_abort( &operation ); @@ -1937,7 +1937,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, /* Test that the target slot is unaffected. */ TEST_EQUAL( psa_get_key_information( target_handle, &target_type, &target_bits ), - PSA_ERROR_EMPTY_SLOT ); + PSA_ERROR_DOES_NOT_EXIST ); PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); TEST_EQUAL( target_usage, psa_key_policy_get_usage( &target_policy ) ); TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &target_policy ) ); @@ -3614,7 +3614,7 @@ void test_derive_invalid_generator_state( ) PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) ); TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ), - PSA_ERROR_INSUFFICIENT_CAPACITY ); + PSA_ERROR_INSUFFICIENT_DATA ); exit: psa_generator_abort( &generator ); @@ -3632,7 +3632,7 @@ void test_derive_invalid_generator_tests( ) psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) - == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183 + == PSA_ERROR_INSUFFICIENT_DATA ); // should be PSA_ERROR_BAD_STATE:#183 TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183 @@ -3640,7 +3640,7 @@ void test_derive_invalid_generator_tests( ) PSA_ASSERT( psa_generator_abort( &generator ) ); TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) - == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183 + == PSA_ERROR_INSUFFICIENT_DATA ); // should be PSA_ERROR_BAD_STATE:#183 TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:#183 @@ -3713,14 +3713,14 @@ void derive_output( int alg_arg, { /* Reading 0 bytes when 0 bytes are available can go either way. */ TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INSUFFICIENT_CAPACITY ); + status == PSA_ERROR_INSUFFICIENT_DATA ); continue; } else if( expected_capacity == 0 || output_sizes[i] > expected_capacity ) { /* Capacity exceeded. */ - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_CAPACITY ); + TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_DATA ); expected_capacity = 0; continue; } @@ -3797,7 +3797,7 @@ void derive_full( int alg_arg, /* Check that the generator refuses to go over capacity. */ TEST_EQUAL( psa_generator_read( &generator, output_buffer, 1 ), - PSA_ERROR_INSUFFICIENT_CAPACITY ); + PSA_ERROR_INSUFFICIENT_DATA ); PSA_ASSERT( psa_generator_abort( &generator ) ); @@ -4033,7 +4033,7 @@ void key_agreement_capacity( int alg_arg, PSA_ASSERT( psa_generator_read( &generator, output, actual_capacity ) ); TEST_EQUAL( psa_generator_read( &generator, output, 1 ), - PSA_ERROR_INSUFFICIENT_CAPACITY ); + PSA_ERROR_INSUFFICIENT_DATA ); exit: psa_generator_abort( &generator ); @@ -4161,7 +4161,7 @@ void generate_key( int type_arg, psa_key_type_t got_type; size_t got_bits; psa_status_t expected_info_status = - expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT; + expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; PSA_ASSERT( psa_crypto_init( ) ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index e19ef2b9a..2fa307e20 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -138,7 +138,7 @@ void persistent_key_destroy( int key_id_arg, int should_store, /* Check key slot storage is removed */ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ), - PSA_ERROR_EMPTY_SLOT ); + PSA_ERROR_DOES_NOT_EXIST ); TEST_EQUAL( handle, 0 ); /* Shutdown and restart */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index c5456179e..e937465a1 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -35,7 +35,7 @@ open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_I Open failure: non-existent identifier depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT +open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_DOES_NOT_EXIST Open failure: volatile lifetime open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 0ebdb1e4b..0278b880d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -178,7 +178,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, break; case CLOSE_BY_DESTROY: TEST_EQUAL( psa_open_key( lifetime, id, &handle ), - PSA_ERROR_EMPTY_SLOT ); + PSA_ERROR_DOES_NOT_EXIST ); break; } @@ -223,7 +223,7 @@ void create_existent( int lifetime_arg, int id_arg, /* Attempt to create a new key in the same slot. */ TEST_EQUAL( psa_create_key( lifetime, id, &handle2 ), - PSA_ERROR_OCCUPIED_SLOT ); + PSA_ERROR_ALREADY_EXISTS ); TEST_EQUAL( handle2, 0 ); if( reopen_policy == CLOSE_AFTER ) @@ -436,7 +436,7 @@ void copy_from_empty( int source_lifetime_arg, int source_id_arg, /* Copy the key. */ TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), - PSA_ERROR_EMPTY_SLOT ); + PSA_ERROR_DOES_NOT_EXIST ); /* Test that the slots are unaffected. */ PSA_ASSERT( psa_get_key_policy( source_handle, &got_policy ) ); @@ -514,7 +514,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, /* Copy the key. */ TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), - PSA_ERROR_OCCUPIED_SLOT ); + PSA_ERROR_ALREADY_EXISTS ); /* Test that the target slot is unaffected. */ PSA_ASSERT( psa_get_key_information( target_handle, @@ -579,7 +579,7 @@ void copy_to_same( int lifetime_arg, int id_arg, /* Copy the key. */ TEST_EQUAL( psa_copy_key( handle, handle, NULL ), - PSA_ERROR_OCCUPIED_SLOT ); + PSA_ERROR_ALREADY_EXISTS ); /* Test that the slot is unaffected. */ PSA_ASSERT( psa_get_key_information( handle, diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data index 730e0925c..4b068e121 100644 --- a/tests/suites/test_suite_psa_crypto_storage_file.data +++ b/tests/suites/test_suite_psa_crypto_storage_file.data @@ -24,7 +24,7 @@ write_data_to_file:"deadbeef":PSA_SUCCESS PSA Storage Store into preexisting location, should fail depends_on:MBEDTLS_FS_IO -write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_OCCUPIED_SLOT +write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_ALREADY_EXISTS PSA Storage Store, preexisting temp_location file, should succeed depends_on:MBEDTLS_FS_IO @@ -40,4 +40,4 @@ get_file_size:"":0:PSA_SUCCESS:1 PSA Storage Get data size nonexistent file location, should fail depends_on:MBEDTLS_FS_IO -get_file_size:"deadbeef":4:PSA_ERROR_EMPTY_SLOT:0 +get_file_size:"deadbeef":4:PSA_ERROR_DOES_NOT_EXIST:0 From a2523b2c6db1e3d31f846075d8a1d1d48e650e3b Mon Sep 17 00:00:00 2001 From: David Saada Date: Mon, 18 Feb 2019 13:56:26 +0200 Subject: [PATCH 1064/2197] Replace ITS specific types with more generic PSA storage types PSA spec now defines more generic PSA storage types instead of the ITS specific ones. This is necessary in order to integrate with the newer implementation of PSA ITS landing in Mbed OS soon. Changes include the following: - psa_status_t replaces psa_its_status_t - psa_storage_info_t replaces psa_its_info_t - psa_storage_uid_t replaces psa_its_uid_t --- include/psa/crypto_extra.h | 1 - library/psa_crypto.c | 46 ++-------- library/psa_crypto_storage_its.c | 86 +++++-------------- .../test_suite_psa_crypto_entropy.function | 18 ++-- 4 files changed, 36 insertions(+), 115 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 7f0885794..96b478b7f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -111,7 +111,6 @@ void mbedtls_psa_crypto_free( void ); * \retval #PSA_ERROR_INVALID_ARGUMENT * \p seed_size is out of range. * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval `PSA_ITS_ERROR_XXX` * There was a failure reading or writing from storage. * \retval #PSA_ERROR_NOT_PERMITTED * The library has already been initialized. It is no longer diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fd9f38774..1efb3e87f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4391,45 +4391,11 @@ psa_status_t psa_generate_random( uint8_t *output, #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) -/* Support function for error conversion between psa_its error codes to psa crypto */ -static psa_status_t its_to_psa_error( psa_its_status_t ret ) -{ - switch( ret ) - { - case PSA_ITS_SUCCESS: - return( PSA_SUCCESS ); - - case PSA_ITS_ERROR_UID_NOT_FOUND: - return( PSA_ERROR_DOES_NOT_EXIST ); - - case PSA_ITS_ERROR_STORAGE_FAILURE: - return( PSA_ERROR_STORAGE_FAILURE ); - - case PSA_ITS_ERROR_INSUFFICIENT_SPACE: - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - - case PSA_ITS_ERROR_OFFSET_INVALID: - case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_INVALID_ARGUMENTS: - return( PSA_ERROR_INVALID_ARGUMENT ); - - case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: - return( PSA_ERROR_NOT_SUPPORTED ); - - case PSA_ITS_ERROR_WRITE_ONCE: - return( PSA_ERROR_ALREADY_EXISTS ); - - default: - return( PSA_ERROR_GENERIC_ERROR ); - } -} - psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, size_t seed_size ) { psa_status_t status; - psa_its_status_t its_status; - struct psa_its_info_t p_info; + struct psa_storage_info_t p_info; if( global_data.initialized ) return( PSA_ERROR_NOT_PERMITTED ); @@ -4438,15 +4404,13 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); - status = its_to_psa_error( its_status ); + status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); - if( PSA_ITS_ERROR_UID_NOT_FOUND == its_status ) /* No seed exists */ + if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */ { - its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); - status = its_to_psa_error( its_status ); + status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); } - else if( PSA_ITS_SUCCESS == its_status ) + else if( PSA_SUCCESS == status ) { /* You should not be here. Seed needs to be injected only once */ status = PSA_ERROR_NOT_PERMITTED; diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index f97a5d7de..bb0d0cdf1 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -36,39 +36,7 @@ #include "mbedtls/platform.h" #endif -static psa_status_t its_to_psa_error( psa_its_status_t ret ) -{ - switch( ret ) - { - case PSA_ITS_SUCCESS: - return( PSA_SUCCESS ); - - case PSA_ITS_ERROR_UID_NOT_FOUND: - return( PSA_ERROR_DOES_NOT_EXIST ); - - case PSA_ITS_ERROR_STORAGE_FAILURE: - return( PSA_ERROR_STORAGE_FAILURE ); - - case PSA_ITS_ERROR_INSUFFICIENT_SPACE: - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - - case PSA_ITS_ERROR_OFFSET_INVALID: - case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_INVALID_ARGUMENTS: - return( PSA_ERROR_INVALID_ARGUMENT ); - - case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: - return( PSA_ERROR_NOT_SUPPORTED ); - - case PSA_ITS_ERROR_WRITE_ONCE: - return( PSA_ERROR_ALREADY_EXISTS ); - - default: - return( PSA_ERROR_UNKNOWN_ERROR ); - } -} - -static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) +static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) { return( key ); } @@ -76,31 +44,28 @@ static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, size_t data_size ) { - psa_its_status_t ret; psa_status_t status; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - status = its_to_psa_error( ret ); - if( status != PSA_SUCCESS ) + status = psa_its_get_info( data_identifier, &data_identifier_info ); + if( status != PSA_SUCCESS ) return( status ); - ret = psa_its_get( data_identifier, 0, data_size, data ); - status = its_to_psa_error( ret ); + status = psa_its_get( data_identifier, 0, data_size, data ); return( status ); } int psa_is_key_present_in_storage( const psa_key_id_t key ) { - psa_its_status_t ret; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_status_t ret; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) + if( ret == PSA_ERROR_DOES_NOT_EXIST ) return( 0 ); return( 1 ); } @@ -109,23 +74,20 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, const uint8_t *data, size_t data_length ) { - psa_its_status_t ret; psa_status_t status; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; if( psa_is_key_present_in_storage( key ) == 1 ) return( PSA_ERROR_ALREADY_EXISTS ); - ret = psa_its_set( data_identifier, data_length, data, 0 ); - status = its_to_psa_error( ret ); + status = psa_its_set( data_identifier, data_length, data, 0 ); if( status != PSA_SUCCESS ) { return( PSA_ERROR_STORAGE_FAILURE ); } - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - status = its_to_psa_error( ret ); + status = psa_its_get_info( data_identifier, &data_identifier_info ); if( status != PSA_SUCCESS ) { goto exit; @@ -145,19 +107,19 @@ exit: psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) { - psa_its_status_t ret; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_status_t ret; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) + if( ret == PSA_ERROR_DOES_NOT_EXIST ) return( PSA_SUCCESS ); - if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS ) + if( psa_its_remove( data_identifier ) != PSA_SUCCESS ) return( PSA_ERROR_STORAGE_FAILURE ); ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ITS_ERROR_UID_NOT_FOUND ) + if( ret != PSA_ERROR_DOES_NOT_EXIST ) return( PSA_ERROR_STORAGE_FAILURE ); return( PSA_SUCCESS ); @@ -166,13 +128,11 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, size_t *data_length ) { - psa_its_status_t ret; psa_status_t status; - psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_its_info_t data_identifier_info; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - status = its_to_psa_error( ret ); + status = psa_its_get_info( data_identifier, &data_identifier_info ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 727db43e5..a14657e9f 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -22,7 +22,6 @@ void validate_entropy_seed_injection( int seed_length_a, int seed_length_b, int expected_status_b ) { - psa_its_status_t its_status; psa_status_t status; uint8_t output[32] = { 0 }; uint8_t zeros[32] = { 0 }; @@ -43,9 +42,9 @@ void validate_entropy_seed_injection( int seed_length_a, { seed[i] = i; } - its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || - ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); + status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + TEST_ASSERT( ( status == PSA_SUCCESS ) || + ( status == PSA_ERROR_DOES_NOT_EXIST ) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); TEST_EQUAL( status, expected_status_a ); status = mbedtls_psa_inject_entropy( seed, seed_length_b ); @@ -64,7 +63,6 @@ exit: /* BEGIN_CASE */ void run_entropy_inject_with_crypto_init( ) { - psa_its_status_t its_status; psa_status_t status; int i; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; @@ -73,13 +71,13 @@ void run_entropy_inject_with_crypto_init( ) { seed[i] = i; } - its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) || - ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) ); + status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + TEST_ASSERT( ( status == PSA_SUCCESS ) || + ( status == PSA_ERROR_DOES_NOT_EXIST ) ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); PSA_ASSERT( status ); - its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); - TEST_EQUAL( its_status, PSA_ITS_SUCCESS ); + status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + TEST_EQUAL( status, PSA_SUCCESS ); status = psa_crypto_init( ); TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); From cf2010cf5805389bd5912babcd5d8133f0a1d290 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 15 Feb 2019 13:05:49 +0000 Subject: [PATCH 1065/2197] psa: Check generator validity before read Check generator validity (i.e. that alg has been initialized) before allowing reads from the generator or allowing reads of the generator's capacity. This aligns our implementation with the documented error code behavior in our crypto.h and the PSA Crypto API. --- library/psa_crypto.c | 25 +++++++++++++++++---- tests/suites/test_suite_psa_crypto.function | 22 +++++++++--------- 2 files changed, 32 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 325abde52..84c0e88d8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3621,6 +3621,12 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity) { + if( generator->alg == 0 ) + { + /* This is a blank generator. */ + return PSA_ERROR_BAD_STATE; + } + *capacity = generator->capacity; return( PSA_SUCCESS ); } @@ -3850,6 +3856,12 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, { psa_status_t status; + if( generator->alg == 0 ) + { + /* This is a blank generator. */ + return PSA_ERROR_BAD_STATE; + } + if( output_length > generator->capacity ) { generator->capacity = 0; @@ -3858,11 +3870,10 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } - if( output_length == 0 && - generator->capacity == 0 && generator->alg == 0 ) + if( output_length == 0 && generator->capacity == 0 ) { - /* Edge case: this is a blank or finished generator, and 0 - * bytes were requested. The right error in this case could + /* Edge case: this is a finished generator, and 0 bytes + * were requested. The right error in this case could * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return * INSUFFICIENT_CAPACITY, which is right for a finished * generator, for consistency with the case when @@ -3911,7 +3922,13 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, exit: if( status != PSA_SUCCESS ) { + /* Preserve the algorithm upon errors, but clear all sensitive state. + * This allows us to differentiate between exhausted generators and + * blank generators, so we can return PSA_ERROR_BAD_STATE on blank + * generators. */ + psa_algorithm_t alg = generator->alg; psa_generator_abort( generator ); + generator->alg = alg; memset( output, '!', output_length ); } return( status ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 92b6fb06e..cccc87033 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3519,13 +3519,13 @@ void crypto_generator_init( ) memset( &zero, 0, sizeof( zero ) ); - /* A default generator should have no capacity. */ - PSA_ASSERT( psa_get_generator_capacity( &func, &capacity ) ); - TEST_EQUAL( capacity, 0 ); - PSA_ASSERT( psa_get_generator_capacity( &init, &capacity ) ); - TEST_EQUAL( capacity, 0 ); - PSA_ASSERT( psa_get_generator_capacity( &zero, &capacity ) ); - TEST_EQUAL( capacity, 0 ); + /* A default generator should not be able to report its capacity. */ + TEST_EQUAL( psa_get_generator_capacity( &func, &capacity ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_get_generator_capacity( &init, &capacity ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_get_generator_capacity( &zero, &capacity ), + PSA_ERROR_BAD_STATE ); /* A default generator should be abortable without error. */ PSA_ASSERT( psa_generator_abort(&func) ); @@ -3632,18 +3632,18 @@ void test_derive_invalid_generator_tests( ) psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) - == PSA_ERROR_INSUFFICIENT_DATA ); // should be PSA_ERROR_BAD_STATE:#183 + == PSA_ERROR_BAD_STATE ); TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) - == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183 + == PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_generator_abort( &generator ) ); TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) - == PSA_ERROR_INSUFFICIENT_DATA ); // should be PSA_ERROR_BAD_STATE:#183 + == PSA_ERROR_BAD_STATE ); TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) - == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:#183 + == PSA_ERROR_BAD_STATE ); exit: psa_generator_abort( &generator ); From 7132dd97965299b319f32bc043f6c7385057bb77 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 29 Jan 2019 14:23:52 +0200 Subject: [PATCH 1066/2197] Prepare support for 64 bit key ids in a PSA system. Preparation for type separation between SPE and NSPE. --- library/psa_crypto_storage.c | 14 ++++++++++++++ library/psa_crypto_storage_its.c | 14 ++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index b4e4076e1..296ed34ae 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -29,6 +29,20 @@ #include #include +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. + */ +#define PSA_CRYPTO_SECURE 1 +#endif #include "psa/crypto.h" #include "psa_crypto_storage.h" diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index bb0d0cdf1..4f6701626 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -26,6 +26,20 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. + */ +#define PSA_CRYPTO_SECURE 1 +#endif #include "psa/error.h" #include "psa/crypto.h" From 7723ab1739cfd85d69fa1d5b2bfd302f6d2ad280 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 14 Feb 2019 10:28:02 +0200 Subject: [PATCH 1067/2197] Add common header for crypto service integration --- library/psa_crypto.c | 16 +--------- library/psa_crypto_service_integration.h | 40 ++++++++++++++++++++++++ library/psa_crypto_slot_management.c | 16 +--------- library/psa_crypto_storage.c | 15 +-------- library/psa_crypto_storage_its.c | 15 +-------- visualc/VS2010/mbedTLS.vcxproj | 1 + 6 files changed, 45 insertions(+), 58 deletions(-) create mode 100644 library/psa_crypto_service_integration.h diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84c0e88d8..8c7dc1e2b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -26,22 +26,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h new file mode 100644 index 000000000..938bfe1de --- /dev/null +++ b/library/psa_crypto_service_integration.h @@ -0,0 +1,40 @@ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H +#define PSA_CRYPTO_SERVICE_INTEGRATION_H + +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that the file which included this file is being + * compiled for SPE. The files crypto_structs.h and crypto_types.h have + * different implementations for NSPE and SPE and are compiled according to this + * flag. + */ +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif // MBEDTLS_PSA_CRYPTO_SPM + +#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dad23c490..222d7fb9c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -26,22 +26,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 296ed34ae..ccdddce2f 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -29,21 +29,8 @@ #include #include -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage.h" #include "psa_crypto_storage_backend.h" diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 4f6701626..d939f0dc1 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -26,22 +26,9 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#endif #include "psa/error.h" +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" #include "psa/internal_trusted_storage.h" diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 23d5c2c72..bb92d8f8c 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -238,6 +238,7 @@ + From bb2ce8a6a89a261f9853cdad07a76296676c64cd Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 19 Feb 2019 13:12:30 +0000 Subject: [PATCH 1068/2197] travis: Use seed 4 when running ssl-opt.sh Seed 4 has been shown to result in a DTLS proxy that works more often than not. This should help reduce the flakiness we observe from Travis CI runs. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 4fc31c923..bd5e750ba 100644 --- a/.travis.yml +++ b/.travis.yml @@ -23,7 +23,7 @@ script: - make test - programs/test/selftest - OSSL_NO_DTLS=1 tests/compat.sh -- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' +- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' --seed 4 - tests/scripts/test-ref-configs.pl - tests/scripts/curves.pl - tests/scripts/key-exchanges.pl From ee46fe7b9b147ec419ff66c89f5a7d2347844d47 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 19:05:33 +0100 Subject: [PATCH 1069/2197] Fix output size calculations in cipher tests Some calls to psa_cipher_finish or psa_cipher_update append to a buffer. Several of these calls were not calculating the offset into the buffer or the remaining buffer size correctly. This did not lead to buffer overflows before because the buffer sizes were sufficiently large for our test inputs. This did not lead to incorrect output when the test was designed to append but actually wrote too early because all the existing test cases either have no output from finish (stream cipher) or have no output from update (CBC, with less than one block of input). --- tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++--------- 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cccc87033..9c5dae94a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2415,8 +2415,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, &function_output_length ) ); total_output_length += function_output_length; status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ); total_output_length += function_output_length; @@ -2483,12 +2483,13 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, input->len - first_part_size, - output, output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); @@ -2554,12 +2555,13 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, input->len - first_part_size, - output, output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ) ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); @@ -2622,8 +2624,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, &function_output_length ) ); total_output_length += function_output_length; status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size, + output + total_output_length, + output_buffer_size - total_output_length, &function_output_length ); total_output_length += function_output_length; TEST_EQUAL( status, expected_status ); @@ -2689,7 +2691,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg, output1, output1_size, &output1_length ) ); PSA_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, output1_size, + output1 + output1_length, + output1_size - output1_length, &function_output_length ) ); output1_length += function_output_length; @@ -2707,7 +2710,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, function_output_length = 0; PSA_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length, - output2_size, + output2_size - output2_length, &function_output_length ) ); output2_length += function_output_length; From 3b7e084077c923dea45afc28d80758d039676ea6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 19:22:51 +0100 Subject: [PATCH 1070/2197] Fix incorrect length check in multipart cipher tests The output length can be equal to the input length. This wasn't noticed at runtime because we happened to only test with CBC with the first chunk being a partial block. --- tests/suites/test_suite_psa_crypto.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9c5dae94a..6bb19602d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2475,7 +2475,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); - TEST_ASSERT( (unsigned int) first_part_size < input->len ); + TEST_ASSERT( (unsigned int) first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); @@ -2546,7 +2546,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); - TEST_ASSERT( (unsigned int) first_part_size < input->len ); + TEST_ASSERT( (unsigned int) first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, @@ -2772,7 +2772,7 @@ void cipher_verify_output_multipart( int alg_arg, PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output1, output1_buffer_size ); - TEST_ASSERT( (unsigned int) first_part_size < input->len ); + TEST_ASSERT( (unsigned int) first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, output1, output1_buffer_size, From 3215de4cf51fa0d4d9b28ef03a179234dea048ee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 19:24:28 +0100 Subject: [PATCH 1071/2197] Add CBC multipart tests with 2 blocks Test data obtained with Python+PyCrypto: AES.new(key, AES.MODE_CBC, iv).encrypt(plaintext.decode('hex')).encode('hex') --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d9dd9ef48..05db3dfde 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1026,6 +1026,18 @@ PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" +PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" + +PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" + +PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" + PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" @@ -1038,6 +1050,18 @@ PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" +PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" + +PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" + +PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" + PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 From a04ba4ec52d9e47880d028d626db9d6faab606ac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 19:24:40 +0100 Subject: [PATCH 1072/2197] Add some CTR multipart tests Test data obtained with Python+PyCrypto: AES.new(key, mode=AES.MODE_CTR, counter=Crypto.Util.Counter.new(128, initial_value=0x2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a)).encrypt(plaintext.decode('hex')).encode('hex') --- tests/suites/test_suite_psa_crypto.data | 72 +++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 05db3dfde..bff6b5a4c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1038,6 +1038,42 @@ PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +PSA symmetric encryption multipart: AES-CTR, 11+5 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"8f9408fe80a81d3e813da3c7b0b2bd32" + +PSA symmetric encryption multipart: AES-CTR, 16+16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" + +PSA symmetric encryption multipart: AES-CTR, 12+20 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" + +PSA symmetric encryption multipart: AES-CTR, 20+12 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" + +PSA symmetric encryption multipart: AES-CTR, 12+10 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" + +PSA symmetric encryption multipart: AES-CTR, 0+15 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:"8f9408fe80a81d3e813da3c7b0b2bd" + +PSA symmetric encryption multipart: AES-CTR, 15+0 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:"8f9408fe80a81d3e813da3c7b0b2bd" + +PSA symmetric encryption multipart: AES-CTR, 0+16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:"8f9408fe80a81d3e813da3c7b0b2bd32" + +PSA symmetric encryption multipart: AES-CTR, 16+0 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:"8f9408fe80a81d3e813da3c7b0b2bd32" + PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" @@ -1062,6 +1098,42 @@ PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +PSA symmetric encryption multipart: AES-CTR, 11+5 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"8f9408fe80a81d3e813da3c7b0b2bd32" + +PSA symmetric encryption multipart: AES-CTR, 16+16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" + +PSA symmetric encryption multipart: AES-CTR, 12+20 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" + +PSA symmetric encryption multipart: AES-CTR, 20+12 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" + +PSA symmetric encryption multipart: AES-CTR, 12+10 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" + +PSA symmetric decryption multipart: AES-CTR, 0+15 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:"8f9408fe80a81d3e813da3c7b0b2bd" + +PSA symmetric decryption multipart: AES-CTR, 15+0 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:"8f9408fe80a81d3e813da3c7b0b2bd" + +PSA symmetric decryption multipart: AES-CTR, 0+16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:"8f9408fe80a81d3e813da3c7b0b2bd32" + +PSA symmetric decryption multipart: AES-CTR, 16+0 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:"8f9408fe80a81d3e813da3c7b0b2bd32" + PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11 From e086652aef6f2ad8136f7d1c66d52974cfc0c565 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 19:44:00 +0100 Subject: [PATCH 1073/2197] Test the length of cipher_update output In multipart cipher tests, test that each step of psa_cipher_update produces output of the expected length. The length is hard-coded in the test data since it depends on the mode. The length of the output of psa_cipher_finish is effectively tested because it's the total output length minus the length produced by the update steps. --- tests/suites/test_suite_psa_crypto.data | 62 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 25 +++++++-- 2 files changed, 50 insertions(+), 37 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bff6b5a4c..83ce15873 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1012,127 +1012,127 @@ cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4 PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" PSA symmetric encryption multipart: AES-CTR, 0+15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric encryption multipart: AES-CTR, 15+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric encryption multipart: AES-CTR, 0+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encryption multipart: AES-CTR, 16+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" PSA symmetric decryption multipart: AES-CTR, 0+15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric decryption multipart: AES-CTR, 15+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric decryption multipart: AES-CTR, 0+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6bb19602d..d900f4d79 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2439,12 +2439,16 @@ exit: void cipher_encrypt_multipart( int alg_arg, int key_type_arg, data_t *key, data_t *input, - int first_part_size, + int first_part_size_arg, + int output1_length_arg, int output2_length_arg, data_t *expected_output ) { psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t first_part_size = first_part_size_arg; + size_t output1_length = output1_length_arg; + size_t output2_length = output2_length_arg; unsigned char iv[16] = {0}; size_t iv_size; unsigned char *output = NULL; @@ -2475,10 +2479,11 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); - TEST_ASSERT( (unsigned int) first_part_size <= input->len ); + TEST_ASSERT( first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); + TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, @@ -2486,6 +2491,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, output + total_output_length, output_buffer_size - total_output_length, &function_output_length ) ); + TEST_ASSERT( function_output_length == output2_length ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, output + total_output_length, @@ -2508,13 +2514,17 @@ exit: void cipher_decrypt_multipart( int alg_arg, int key_type_arg, data_t *key, data_t *input, - int first_part_size, + int first_part_size_arg, + int output1_length_arg, int output2_length_arg, data_t *expected_output ) { psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t first_part_size = first_part_size_arg; + size_t output1_length = output1_length_arg; + size_t output2_length = output2_length_arg; unsigned char iv[16] = {0}; size_t iv_size; unsigned char *output = NULL; @@ -2546,11 +2556,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); - TEST_ASSERT( (unsigned int) first_part_size <= input->len ); + TEST_ASSERT( first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); + TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_update( &operation, input->x + first_part_size, @@ -2558,6 +2569,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output + total_output_length, output_buffer_size - total_output_length, &function_output_length ) ); + TEST_ASSERT( function_output_length == output2_length ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, output + total_output_length, @@ -2732,11 +2744,12 @@ void cipher_verify_output_multipart( int alg_arg, int key_type_arg, data_t *key, data_t *input, - int first_part_size ) + int first_part_size_arg ) { psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t first_part_size = first_part_size_arg; unsigned char iv[16] = {0}; size_t iv_size = 16; size_t iv_length = 0; @@ -2772,7 +2785,7 @@ void cipher_verify_output_multipart( int alg_arg, PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output1, output1_buffer_size ); - TEST_ASSERT( (unsigned int) first_part_size <= input->len ); + TEST_ASSERT( first_part_size <= input->len ); PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, output1, output1_buffer_size, From e254f85c93251a4eba6ba45f730cdea81e79fe41 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Wed, 20 Feb 2019 10:00:03 +0000 Subject: [PATCH 1074/2197] Fix ChangeLog entry to correct release version --- ChangeLog | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0b20bffe2..9198ab6e6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,10 @@ Bugfix correctly as trailing zeroes were not accounted for as unused bits in the leading content octet. Fixes #1610. +Features + * Add a new function mbedtls_asn1_write_named_bitstring() to write ASN.1 + named bitstring in DER as required by RFC 5280 Appendix B. + = mbed TLS 2.16.0 branch released 2018-12-21 Features @@ -29,8 +33,6 @@ Features function to see for which parameter values it is defined. This feature is disabled by default. See its API documentation in config.h for additional steps you have to take when enabling it. - * Add a new function mbedtls_asn1_write_named_bitstring() to write ASN.1 - named bitstring in DER as required by RFC 5280 Appendix B. API Changes * The following functions in the random generator modules have been From fe96fbec2c5d9d46ed40c4a0184baf6359adb11e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 20 Feb 2019 10:32:28 +0000 Subject: [PATCH 1075/2197] Initialize PSA Crypto operation contexts It is now required to initialize PSA Crypto operation contexts before calling psa_*_setup(). Otherwise, one gets a PSA_ERROR_BAD_STATE error. --- library/cipher.c | 2 +- library/ssl_tls.c | 6 +++--- library/x509_crt.c | 2 +- library/x509write_csr.c | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 63f1f411d..e854cf669 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1236,7 +1236,7 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, (mbedtls_cipher_context_psa *) ctx->cipher_ctx; psa_status_t status; - psa_cipher_operation_t cipher_op; + psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; size_t part_len; if( ctx->operation == MBEDTLS_DECRYPT ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f224d5e94..a0d2617c9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6529,7 +6529,7 @@ static void ssl_calc_finished_tls_sha256( unsigned char padbuf[32]; #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_size; - psa_hash_operation_t sha256_psa; + psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; psa_status_t status; #else mbedtls_sha256_context sha256; @@ -6605,7 +6605,7 @@ static void ssl_calc_finished_tls_sha384( unsigned char padbuf[48]; #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_size; - psa_hash_operation_t sha384_psa; + psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT; psa_status_t status; #else mbedtls_sha512_context sha512; @@ -10203,7 +10203,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, mbedtls_md_type_t md_alg ) { psa_status_t status; - psa_hash_operation_t hash_operation; + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 1b1f0a771..1f853baa3 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1908,7 +1908,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) return( -1 ); #else - psa_hash_operation_t hash_operation; + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md ); if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) diff --git a/library/x509write_csr.c b/library/x509write_csr.c index f2950ad2f..777a6325f 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -142,7 +142,7 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s size_t len = 0; mbedtls_pk_type_t pk_alg; #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_operation_t hash_operation; + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; size_t hash_len; psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ From b281f7428465e793df00003a121dbe16d129c0a6 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 20 Feb 2019 10:40:20 +0000 Subject: [PATCH 1076/2197] psa: example: Initialize operation contexts Add missing initializers to PSA Crypto example. Operation contexts must be initialized before calling psa_*_setup(). --- programs/psa/crypto_examples.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 9947a70bc..090875613 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -109,7 +109,7 @@ static psa_status_t cipher_encrypt( psa_key_handle_t key_handle, size_t *output_len ) { psa_status_t status; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; size_t iv_len = 0; memset( &operation, 0, sizeof( operation ) ); @@ -140,7 +140,7 @@ static psa_status_t cipher_decrypt( psa_key_handle_t key_handle, size_t *output_len ) { psa_status_t status; - psa_cipher_operation_t operation; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; memset( &operation, 0, sizeof( operation ) ); status = psa_cipher_decrypt_setup( &operation, key_handle, alg ); From c8569bc5c25db60496aa33cf4bf2c795c3d644ac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 13:04:02 +0100 Subject: [PATCH 1077/2197] Move key id validity check into its own function --- library/psa_crypto_slot_management.c | 31 +++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dad23c490..dbe3bba7a 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -182,6 +182,29 @@ exit: psa_free_persistent_key_data( key_data, key_data_length ); return( status ); } + +/** Check whether a key identifier is acceptable. + * + * For backward compatibility, key identifiers that were valid in a + * past released version must remain valid, unless a migration path + * is provided. + * + * \param key_id The key identifier to check. + * + * \return 1 if \p key_id is acceptable, otherwise 0. + */ +static int psa_is_key_id_valid( psa_key_id_t key_id ) +{ + /* Reject id=0 because by general library conventions, 0 is an invalid + * value wherever possible. */ + if( key_id == 0 ) + return( 0 ); + /* Reject high values because the file names are reserved for the + * library's internal use. */ + if( key_id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + return( 0 ); + return( 1 ); +} #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ /** Declare a slot as persistent and load it from storage. @@ -209,13 +232,7 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_slot_t *slot; psa_status_t status; - /* Reject id=0 because by general library conventions, 0 is an invalid - * value wherever possible. */ - if( id == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - /* Reject high values because the file names are reserved for the - * library's internal use. */ - if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + if( ! psa_is_key_id_valid( id ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_slot( handle, &slot ); From e988a66b5b74629a15de043b9ceacf0d7209def7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Feb 2019 17:33:52 +0100 Subject: [PATCH 1078/2197] Fix PSA_MAX_PERSISTENT_KEY_IDENTIFIER to mean what it says PSA_MAX_PERSISTENT_KEY_IDENTIFIER was actually one plus the maximum key identifier. Change it to be the maximum value, and change the code that uses it accordingly. There is no semantic change here (the maximum value hasn't changed). This commit only makes the implementation clearer. --- library/psa_crypto_slot_management.c | 2 +- library/psa_crypto_storage.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dbe3bba7a..a9458b04f 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -201,7 +201,7 @@ static int psa_is_key_id_valid( psa_key_id_t key_id ) return( 0 ); /* Reject high values because the file names are reserved for the * library's internal use. */ - if( key_id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) return( 0 ); return( 1 ); } diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 9da009d8d..74f9e230d 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -59,7 +59,7 @@ extern "C" { * This limitation will probably become moot when we implement client * separation for key storage. */ -#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000 +#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff /** * \brief Format key data and metadata and save to a location for given key From 5b229a06f4501147f5260a05c57b93e80ec0f2ca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 13:24:37 +0100 Subject: [PATCH 1079/2197] Support encoding an owner in key file IDs Differentiate between _key identifiers_, which are always `uint32_t`, and _key file identifiers_, which are platform-dependent. Normally, the two are the same. In `psa/crypto_platform.h`, define `psa_app_key_id_t` (which is always 32 bits, the standard key identifier type) and `psa_key_file_id_t` (which will be different in some service builds). A subsequent commit will introduce a platform where the two are different. It would make sense for the function declarations in `psa/crypto.h` to use `psa_key_file_id_t`. However this file is currently part of the PSA Crypto API specification, so it must stick to the standard type `psa_key_id_t`. Hence, as long as the specification and Mbed Crypto are not separate, use the implementation-specific file `psa/crypto_platform.h` to define `psa_key_id_t` as `psa_key_file_id_t`. In the library, systematically use `psa_key_file_id_t`. perl -i -pe 's/psa_key_id_t/psa_key_file_id_t/g' library/*.[hc] --- include/psa/crypto_platform.h | 23 +++++++++++++++++++++++ library/psa_crypto_core.h | 2 +- library/psa_crypto_slot_management.c | 15 ++++++++------- library/psa_crypto_storage.c | 4 ++-- library/psa_crypto_storage.h | 6 +++--- library/psa_crypto_storage_backend.h | 8 ++++---- library/psa_crypto_storage_file.c | 12 ++++++------ library/psa_crypto_storage_its.c | 12 ++++++------ 8 files changed, 53 insertions(+), 29 deletions(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 50ca546fb..0f3ede891 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -49,4 +49,27 @@ /* Integral type representing a key handle. */ typedef uint16_t psa_key_handle_t; +/* This implementation distinguishes *application key identifiers*, which + * are the key identifiers specified by the application, from + * *key file identifiers*, which are the key identifiers that the library + * sees internally. The two types can be different if there is a remote + * call layer between the application and the library which supports + * multiple client applications that do not have access to each others' + * keys. The point of having different types is that the key file + * identifier may encode not only the key identifier specified by the + * application, but also the the identity of the application. + * + * Note that this is an internal concept of the library and the remote + * call layer. The application itself never sees anything other than + * #psa_app_key_id_t with its standard definition. + */ + +/* The application key identifier is always what the application sees as + * #psa_key_id_t. */ +typedef uint32_t psa_app_key_id_t; + +/* By default, a key file identifier is just the application key identifier. */ +typedef psa_app_key_id_t psa_key_file_id_t; +#define PSA_KEY_FILE_GET_KEY_ID( id ) ( id ) + #endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index c28968197..0f7562459 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -41,7 +41,7 @@ typedef struct psa_key_type_t type; psa_key_policy_t policy; psa_key_lifetime_t lifetime; - psa_key_id_t persistent_storage_id; + psa_key_file_id_t persistent_storage_id; unsigned allocated : 1; union { diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index a9458b04f..227fb5f11 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -189,12 +189,13 @@ exit: * past released version must remain valid, unless a migration path * is provided. * - * \param key_id The key identifier to check. + * \param file_id The key identifier to check. * - * \return 1 if \p key_id is acceptable, otherwise 0. + * \return 1 if \p file_id is acceptable, otherwise 0. */ -static int psa_is_key_id_valid( psa_key_id_t key_id ) +static int psa_is_key_id_valid( psa_key_file_id_t file_id ) { + psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id ); /* Reject id=0 because by general library conventions, 0 is an invalid * value wherever possible. */ if( key_id == 0 ) @@ -226,7 +227,7 @@ static int psa_is_key_id_valid( psa_key_id_t key_id ) * \retval #PSA_ERROR_STORAGE_FAILURE */ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, - psa_key_id_t id ) + psa_key_file_id_t id ) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_key_slot_t *slot; @@ -253,7 +254,7 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, } static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, - psa_key_id_t id, + psa_key_file_id_t id, psa_key_handle_t *handle, psa_status_t wanted_load_status ) { @@ -278,14 +279,14 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, } psa_status_t psa_open_key( psa_key_lifetime_t lifetime, - psa_key_id_t id, + psa_key_file_id_t id, psa_key_handle_t *handle ) { return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) ); } psa_status_t psa_create_key( psa_key_lifetime_t lifetime, - psa_key_id_t id, + psa_key_file_id_t id, psa_key_handle_t *handle ) { psa_status_t status; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index b4e4076e1..42bd938de 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -148,7 +148,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, return( PSA_SUCCESS ); } -psa_status_t psa_save_persistent_key( const psa_key_id_t key, +psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, const psa_key_type_t type, const psa_key_policy_t *policy, const uint8_t *data, @@ -186,7 +186,7 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) mbedtls_free( key_data ); } -psa_status_t psa_load_persistent_key( psa_key_id_t key, +psa_status_t psa_load_persistent_key( psa_key_file_id_t key, psa_key_type_t *type, psa_key_policy_t *policy, uint8_t **data, diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 74f9e230d..7e5aae9f9 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -86,7 +86,7 @@ extern "C" { * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_ALREADY_EXISTS */ -psa_status_t psa_save_persistent_key( const psa_key_id_t key, +psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, const psa_key_type_t type, const psa_key_policy_t *policy, const uint8_t *data, @@ -117,7 +117,7 @@ psa_status_t psa_save_persistent_key( const psa_key_id_t key, * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_load_persistent_key( psa_key_id_t key, +psa_status_t psa_load_persistent_key( psa_key_file_id_t key, psa_key_type_t *type, psa_key_policy_t *policy, uint8_t **data, @@ -134,7 +134,7 @@ psa_status_t psa_load_persistent_key( psa_key_id_t key, * or the key did not exist. * \retval PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ); +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ); /** * \brief Free the temporary buffer allocated by psa_load_persistent_key(). diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h index 83bd2f359..dd534d2ff 100644 --- a/library/psa_crypto_storage_backend.h +++ b/library/psa_crypto_storage_backend.h @@ -56,7 +56,7 @@ extern "C" { * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, size_t data_size ); /** @@ -75,7 +75,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_ALREADY_EXISTS */ -psa_status_t psa_crypto_storage_store( const psa_key_id_t key, +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, const uint8_t *data, size_t data_length ); @@ -92,7 +92,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, * \retval 1 * Persistent data present for slot number */ -int psa_is_key_present_in_storage( const psa_key_id_t key ); +int psa_is_key_present_in_storage( const psa_key_file_id_t key ); /** * \brief Get data length for given key slot number. @@ -104,7 +104,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ); * \retval PSA_SUCCESS * \retval PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, size_t *data_length ); diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c index c7ff1be01..c4a534fe3 100644 --- a/library/psa_crypto_storage_file.c +++ b/library/psa_crypto_storage_file.c @@ -49,7 +49,7 @@ enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 }; -static void key_id_to_location( const psa_key_id_t key, +static void key_id_to_location( const psa_key_file_id_t key, char *location, size_t location_size ) { @@ -58,7 +58,7 @@ static void key_id_to_location( const psa_key_id_t key, (unsigned long) key ); } -psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, size_t data_size ) { psa_status_t status = PSA_SUCCESS; @@ -83,7 +83,7 @@ exit: return( status ); } -int psa_is_key_present_in_storage( const psa_key_id_t key ) +int psa_is_key_present_in_storage( const psa_key_file_id_t key ) { char slot_location[MAX_LOCATION_LEN]; FILE *file; @@ -101,7 +101,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_id_t key, +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, const uint8_t *data, size_t data_length ) { @@ -156,7 +156,7 @@ exit: return( status ); } -psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) { FILE *file; char slot_location[MAX_LOCATION_LEN]; @@ -175,7 +175,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, size_t *data_length ) { psa_status_t status = PSA_SUCCESS; diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index bb0d0cdf1..a60a8f3ab 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -36,12 +36,12 @@ #include "mbedtls/platform.h" #endif -static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) +static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t key ) { return( key ); } -psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, size_t data_size ) { psa_status_t status; @@ -57,7 +57,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, return( status ); } -int psa_is_key_present_in_storage( const psa_key_id_t key ) +int psa_is_key_present_in_storage( const psa_key_file_id_t key ) { psa_status_t ret; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); @@ -70,7 +70,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_id_t key, +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, const uint8_t *data, size_t data_length ) { @@ -105,7 +105,7 @@ exit: return( status ); } -psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) { psa_status_t ret; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); @@ -125,7 +125,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, size_t *data_length ) { psa_status_t status; From 69d7c8b2d7d8b7018eab00f10386fe80c608f36b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 14:00:31 +0100 Subject: [PATCH 1080/2197] Declare a psa_key_file_id_t layout with an owner field Declare the owner as psa_key_owner_id_t, of which an implementation must be provided separately. Make this a configuration option MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER, to make the conditional compilation flow easier to follow. Declare it in config.h to pacify check_names.sh. Support for a specific implementation of psa_key_owner_id_t in storage backends will come in a subsequent commit. --- include/mbedtls/config.h | 15 +++++++++++++++ include/psa/crypto_platform.h | 20 ++++++++++++++++++++ include/psa/crypto_types.h | 7 +++++++ library/version_features.c | 3 +++ scripts/config.pl | 1 + 5 files changed, 46 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index fa1d3cf07..097361ade 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1156,6 +1156,21 @@ */ //#define MBEDTLS_PSA_HAS_ITS_IO +/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER + * + * In PSA key storage, encode the owner of the key. + * + * This is only meaningful when building the library as part of a + * multi-client service. When you activate this option, you must provide + * an implementation of the type psa_key_owner_id_t and a translation + * from psa_key_file_id_t to file name in all the storage backends that + * you wish to support. + * + * Note that this option is meant for internal use only and may be removed + * without notice. + */ +//#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER + /** * \def MBEDTLS_MEMORY_DEBUG * diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 0f3ede891..fa5322f22 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -68,8 +68,28 @@ typedef uint16_t psa_key_handle_t; * #psa_key_id_t. */ typedef uint32_t psa_app_key_id_t; +#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) + +typedef struct +{ + uint32_t key_id; + psa_key_owner_id_t owner; +} psa_key_file_id_t; +#define PSA_KEY_FILE_GET_KEY_ID( file_id ) ( ( file_id ).key_id ) + +/* Since crypto.h is used as part of the PSA Cryptography API specification, + * it must use standard types for things like the argument of psa_open_key(). + * If it wasn't for that constraint, psa_open_key() would take a + * `psa_key_file_id_t` argument. As a workaround, make `psa_key_id_t` an + * alias for `psa_key_file_id_t` when building for a multi-client service. */ +typedef psa_key_file_id_t psa_key_id_t; + +#else /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ + /* By default, a key file identifier is just the application key identifier. */ typedef psa_app_key_id_t psa_key_file_id_t; #define PSA_KEY_FILE_GET_KEY_ID( id ) ( id ) +#endif /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ + #endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 29c985303..923b94ad4 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -90,7 +90,14 @@ typedef uint32_t psa_key_lifetime_t; /** Encoding of identifiers of persistent keys. */ +/* Implementation-specific quirk: The Mbed Crypto library can be built as + * part of a multi-client service that exposes the PSA Crypto API in each + * client and encodes the client identity in the key id argument of functions + * such as psa_open_key(). In this build configuration, we define + * psa_key_id_t in crypto_platform.h instead of here. */ +#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) typedef uint32_t psa_key_id_t; +#endif /**@}*/ diff --git a/library/version_features.c b/library/version_features.c index ad3f93792..2bfecf09b 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -411,6 +411,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_HAS_ITS_IO) "MBEDTLS_PSA_HAS_ITS_IO", #endif /* MBEDTLS_PSA_HAS_ITS_IO */ +#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) + "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", +#endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ #if defined(MBEDTLS_MEMORY_DEBUG) "MBEDTLS_MEMORY_DEBUG", #endif /* MBEDTLS_MEMORY_DEBUG */ diff --git a/scripts/config.pl b/scripts/config.pl index 55f4b6e1c..e141b4171 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -100,6 +100,7 @@ MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_HAS_ITS_IO +MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C MBEDTLS_USE_PSA_CRYPTO _ALT\s*$ From 572f067205416dec31b699649f42911ac2e8622d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Feb 2019 14:16:17 +0100 Subject: [PATCH 1081/2197] PSA crypto service: encode the key owner (ITS backend only) When building for the PSA crypto service (defined(PSA_CRYPTO_SECURE)), define psa_key_owner_id_t as int32_t, which is how a PSA platform encodes partition identity. Note that this only takes effect when the build option MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER is active. Support this configuration in the ITS backend. --- include/psa/crypto_platform.h | 6 ++++++ library/psa_crypto_storage_its.c | 23 +++++++++++++++++++++-- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index fa5322f22..42cdad32a 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -70,6 +70,12 @@ typedef uint32_t psa_app_key_id_t; #if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) +#if defined(PSA_CRYPTO_SECURE) +/* Building for the PSA Crypto service on a PSA platform. */ +/* A key owner is a PSA partition identifier. */ +typedef int32_t psa_key_owner_id_t; +#endif + typedef struct { uint32_t key_id; diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index a60a8f3ab..4b2789ff2 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -36,9 +36,28 @@ #include "mbedtls/platform.h" #endif -static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t key ) +/* Determine a file name (ITS file identifier) for the given key file + * identifier. The file name must be distinct from any file that is used + * for a purpose other than storing a key. Currently, the only such file + * is the random seed file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID + * and whose value is 0xFFFFFF52. */ +static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id ) { - return( key ); +#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) && \ + defined(PSA_CRYPTO_SECURE) + /* Encode the owner in the upper 32 bits. This means that if + * owner values are nonzero (as they are on a PSA platform), + * no key file will ever have a value less than 0x100000000, so + * the whole range 0..0xffffffff is available for non-key files. */ + uint32_t unsigned_owner = (uint32_t) file_id.owner; + return( (uint64_t) unsigned_owner << 32 | file_id.key_id ); +#else + /* Use the key id directly as a file name. + * psa_is_key_file_id_valid() in psa_crypto_slot_management.c + * is responsible for ensuring that key identifiers do not have a + * value that is reserved for non-key files. */ + return( file_id ); +#endif } psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, From 93e21119b798544bc0c43cfc8c35e3c30800e0d3 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 20 Feb 2019 13:57:28 +0000 Subject: [PATCH 1082/2197] psa: Be compatible with deprecated constants In case the new constants aren't available yet in Mbed TLS, continue to use the deprecated constants if they are available. --- library/psa_crypto.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8c7dc1e2b..cfa07a6ee 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -158,13 +158,21 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: return( PSA_ERROR_BUFFER_TOO_SMALL ); +#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA: +#elif defined(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) + case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: +#endif case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); +#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: +#elif defined(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH) + case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH: +#endif case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED: From 11eca7115e57492d6c711f1acabe17b74922b161 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 20 Feb 2019 15:44:22 +0100 Subject: [PATCH 1083/2197] Update the encoding of owners in key file identifiers Switch to the terminology "key file identifier", as has been done in the code. The owner uid is now in the upper 32 bits of the key file identifier, which facilitates namespacing. --- .../mbed-crypto-storage-specification.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index d56d3331c..2d4fed56c 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -91,7 +91,7 @@ Mbed Crypto 0.2.0 To be released for Mbed OS 5.12. -Supported backends: +Supported integrations: * [PSA platform](#file-namespace-on-a-psa-platform-for-0.2.0) * [library using PSA ITS](#file-namespace-on-its-as-a-library-for-0.2.0) @@ -106,12 +106,14 @@ Backward compatibility commitments: TBD ### Key names for 0.2.0 -Information about each key is stored in a dedicated file whose name is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, the owner identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0). +Information about each key is stored in a dedicated file designated by a _key file identifier_ (`psa_key_file_id_t`). The key file identifier is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, an identifier of the owner of the key. In integrations where there is no concept of key owner (in particular, in library integrations), the key file identifier is exactly the key identifier. When the library is integrated into a service, the service determines the semantics of the owner identifier. + +The way in which the file name is constructed from the key file identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0). The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid. * Library integration: the key file name is just the key identifer. This is a 32-bit value. -* PSA service integration: the key file name is `key_id << 32 | owner_uid` where `key_id` is the key identifier specified by the application and `owner_uid` is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. +* PSA service integration: the key file identifier is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier specified by the application and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. ### Key file format for 0.2.0 @@ -125,14 +127,18 @@ The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However n Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. -* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused. +Assumption: the owner identifier is a nonzero value of type `int32_t`. + +* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of the crypto library or crypto service. * File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0). -* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). +* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). The upper 32 bits determine the owner. ### File namespace on ITS as a library for 0.2.0 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. +This is a library integration, so there is no owner. The key file identifier is identical to the key identifier. + * File 0: unused. * Files 1 through 0xfffeffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). * File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0). @@ -140,6 +146,8 @@ Assumption: ITS provides a 64-bit file identifier namespace. The entity using th ### File namespace on stdio for 0.2.0 +This is a library integration, so there is no owner. The key file identifier is identical to the key identifier. + [Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0). ### Upgrade from 0.1.0 to 0.2.0. From 252ef28dac1eca278b409a05636b587ea0d29f2f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 15 Feb 2019 14:05:35 +0000 Subject: [PATCH 1084/2197] psa: Disallow use of invalid MAC contexts Ensure that when doing MAC operations out of order, PSA_ERROR_BAD_STATE is returned as documented in crypto.h and the PSA Crypto specification. --- library/psa_crypto.c | 10 ++ tests/suites/test_suite_psa_crypto.data | 4 + tests/suites/test_suite_psa_crypto.function | 129 ++++++++++++++++++++ 3 files changed, 143 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ad7367b9c..9bfe8d28c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2238,6 +2238,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, { psa_status_t status; + if( operation->alg == 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + /* Fill the output buffer with something that isn't a valid mac * (barring an attack on the mac and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ @@ -2276,6 +2281,11 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, uint8_t actual_mac[PSA_MAC_MAX_SIZE]; psa_status_t status; + if( operation->alg == 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + if( operation->is_sign ) { status = PSA_ERROR_BAD_STATE; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d9dd9ef48..489389a84 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -705,6 +705,10 @@ depends_on:MBEDTLS_CMAC_C # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED +PSA MAC: bad order function calls +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_bad_order: + PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 929d1b268..37b4d8d69 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2168,6 +2168,8 @@ exit: /* BEGIN_CASE */ void mac_operation_init( ) { + const uint8_t input[1] = { 0 }; + /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need @@ -2178,6 +2180,17 @@ void mac_operation_init( ) memset( &zero, 0, sizeof( zero ) ); + /* A freshly-initialized MAC operation should not be usable. */ + TEST_EQUAL( psa_mac_update( &func, + input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_mac_update( &init, + input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_mac_update( &zero, + input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + /* A default MAC operation should be abortable without error. */ PSA_ASSERT( psa_mac_abort( &func ) ); PSA_ASSERT( psa_mac_abort( &init ) ); @@ -2220,6 +2233,122 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mac_bad_order( ) +{ + psa_key_handle_t handle = 0; + psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; + psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256); + const uint8_t key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; + size_t sign_mac_length = 0; + const uint8_t input[] = { 0xbb, 0xbb, 0xbb, 0xbb }; + const uint8_t verify_mac[] = { + 0x74, 0x65, 0x93, 0x8c, 0xeb, 0x1d, 0xb3, 0x76, 0x5a, 0x38, 0xe7, 0xdd, + 0x85, 0xc5, 0xad, 0x4f, 0x07, 0xe7, 0xd5, 0xb2, 0x64, 0xf0, 0x1a, 0x1a, + 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 }; + + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, + alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + + PSA_ASSERT( psa_import_key( handle, key_type, + key, sizeof(key) ) ); + + /* Call update without calling setup beforehand. */ + TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Call sign finish without calling setup beforehand. */ + TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), + &sign_mac_length), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Call verify finish without calling setup beforehand. */ + TEST_EQUAL( psa_mac_verify_finish( &operation, + verify_mac, sizeof( verify_mac ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Call update after sign finish. */ + PSA_ASSERT( psa_mac_sign_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + PSA_ASSERT( psa_mac_sign_finish( &operation, + sign_mac, sizeof( sign_mac ), + &sign_mac_length ) ); + TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Call update after verify finish. */ + PSA_ASSERT( psa_mac_verify_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + PSA_ASSERT( psa_mac_verify_finish( &operation, + verify_mac, sizeof( verify_mac ) ) ); + TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Call sign finish twice in a row. */ + PSA_ASSERT( psa_mac_sign_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + PSA_ASSERT( psa_mac_sign_finish( &operation, + sign_mac, sizeof( sign_mac ), + &sign_mac_length ) ); + TEST_EQUAL( psa_mac_sign_finish( &operation, + sign_mac, sizeof( sign_mac ), + &sign_mac_length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Call verify finish twice in a row. */ + PSA_ASSERT( psa_mac_verify_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + PSA_ASSERT( psa_mac_verify_finish( &operation, + verify_mac, sizeof( verify_mac ) ) ); + TEST_EQUAL( psa_mac_verify_finish( &operation, + verify_mac, sizeof( verify_mac ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Setup sign but try verify. */ + PSA_ASSERT( psa_mac_sign_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + TEST_EQUAL( psa_mac_verify_finish( &operation, + verify_mac, sizeof( verify_mac ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + + /* Setup verify but try sign. */ + PSA_ASSERT( psa_mac_verify_setup( &operation, + handle, alg ) ); + PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); + TEST_EQUAL( psa_mac_sign_finish( &operation, + sign_mac, sizeof( sign_mac ), + &sign_mac_length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mac_sign( int key_type_arg, data_t *key, From ab43997f44b03c2299e3c56f168a0b74c60a6d9f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 15 Feb 2019 14:12:05 +0000 Subject: [PATCH 1085/2197] psa: Disallow use of invalid cipher contexts Ensure that when doing cipher operations out of order, PSA_ERROR_BAD_STATE is returned as documented in crypto.h and the PSA Crypto specification. --- library/psa_crypto.c | 6 + tests/suites/test_suite_psa_crypto.data | 4 + tests/suites/test_suite_psa_crypto.function | 161 ++++++++++++++++++++ 3 files changed, 171 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9bfe8d28c..4075c658f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3073,6 +3073,12 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, psa_status_t status; int ret; size_t expected_output_size; + + if( operation->alg == 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) { /* Take the unprocessed partial block left over from previous diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 489389a84..098e3f925 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -926,6 +926,10 @@ depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED +PSA cipher: bad order function calls +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +cipher_bad_order: + PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 37b4d8d69..d1364b923 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2447,6 +2447,9 @@ exit: /* BEGIN_CASE */ void cipher_operation_init( ) { + const uint8_t input[1] = { 0 }; + unsigned char output[1] = { 0 }; + size_t output_length; /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need @@ -2457,6 +2460,23 @@ void cipher_operation_init( ) memset( &zero, 0, sizeof( zero ) ); + /* A freshly-initialized cipher operation should not be usable. */ + TEST_EQUAL( psa_cipher_update( &func, + input, sizeof( input ), + output, sizeof( output ), + &output_length ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_cipher_update( &init, + input, sizeof( input ), + output, sizeof( output ), + &output_length ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_cipher_update( &zero, + input, sizeof( input ), + output, sizeof( output ), + &output_length ), + PSA_ERROR_BAD_STATE ); + /* A default cipher operation should be abortable without error. */ PSA_ASSERT( psa_cipher_abort( &func ) ); PSA_ASSERT( psa_cipher_abort( &init ) ); @@ -2497,6 +2517,147 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void cipher_bad_order( ) +{ + psa_key_handle_t handle = 0; + psa_key_type_t key_type = PSA_KEY_TYPE_AES; + psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 }; + const uint8_t key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa }; + const uint8_t text[] = { + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb }; + uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 }; + size_t length = 0; + + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_allocate_key( &handle ) ); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, + alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, key_type, + key, sizeof(key) ) ); + + + /* Generate an IV without calling setup beforehand. */ + TEST_EQUAL( psa_cipher_generate_iv( &operation, + buffer, sizeof( buffer ), + &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Generate an IV twice in a row. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_generate_iv( &operation, + buffer, sizeof( buffer ), + &length ) ); + TEST_EQUAL( psa_cipher_generate_iv( &operation, + buffer, sizeof( buffer ), + &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Generate an IV after it's already set. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) ); + TEST_EQUAL( psa_cipher_generate_iv( &operation, + buffer, sizeof( buffer ), + &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Set an IV without calling setup beforehand. */ + TEST_EQUAL( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Set an IV after it's already set. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) ); + TEST_EQUAL( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Set an IV after it's already generated. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_generate_iv( &operation, + buffer, sizeof( buffer ), + &length ) ); + TEST_EQUAL( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call update without calling setup beforehand. */ + TEST_EQUAL( psa_cipher_update( &operation, + text, sizeof( text ), + buffer, sizeof( buffer ), + &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call update without an IV where an IV is required. */ + TEST_EQUAL( psa_cipher_update( &operation, + text, sizeof( text ), + buffer, sizeof( buffer ), + &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call update after finish. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) ); + PSA_ASSERT( psa_cipher_finish( &operation, + buffer, sizeof( buffer ), &length ) ); + TEST_EQUAL( psa_cipher_update( &operation, + text, sizeof( text ), + buffer, sizeof( buffer ), + &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call finish without calling setup beforehand. */ + TEST_EQUAL( psa_cipher_finish( &operation, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call finish without an IV where an IV is required. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + /* Not calling update means we are encrypting an empty buffer, which is OK + * for cipher modes with padding. */ + TEST_EQUAL( psa_cipher_finish( &operation, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call finish twice in a row. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, + iv, sizeof( iv ) ) ); + PSA_ASSERT( psa_cipher_finish( &operation, + buffer, sizeof( buffer ), &length ) ); + TEST_EQUAL( psa_cipher_finish( &operation, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + +exit: + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, data_t *key, From a0f625ac9a8e9461c252acd8039f7b5cac3693ab Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 15 Feb 2019 13:52:25 +0000 Subject: [PATCH 1086/2197] psa: Disallow use of invalid hash contexts If a hash context has not been set up, fail with PSA_ERROR_BAD_STATE as documented in crypto.h and the PSA Crypto specification. --- library/psa_crypto.c | 6 ++---- tests/suites/test_suite_psa_crypto.function | 15 ++++++++++++--- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4075c658f..1f96ae079 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1502,8 +1502,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, break; #endif default: - ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; - break; + return( PSA_ERROR_BAD_STATE ); } if( ret != 0 ) @@ -1575,8 +1574,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, break; #endif default: - ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; - break; + return( PSA_ERROR_BAD_STATE ); } status = mbedtls_to_psa_error( ret ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d1364b923..6eb9b0abb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1950,6 +1950,7 @@ exit: /* BEGIN_CASE */ void hash_operation_init( ) { + const uint8_t input[1] = { 0 }; /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need @@ -1960,6 +1961,14 @@ void hash_operation_init( ) memset( &zero, 0, sizeof( zero ) ); + /* A default hash operation should not be usable. */ + TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( psa_hash_update( &zero, input, sizeof( input ) ), + PSA_ERROR_BAD_STATE ); + /* A default hash operation should be abortable without error. */ PSA_ASSERT( psa_hash_abort( &func ) ); PSA_ASSERT( psa_hash_abort( &init ) ); @@ -2004,18 +2013,18 @@ void hash_bad_order( ) /* psa_hash_update without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_INVALID_ARGUMENT ); + PSA_ERROR_BAD_STATE ); /* psa_hash_verify without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ), - PSA_ERROR_INVALID_ARGUMENT ); + PSA_ERROR_BAD_STATE ); /* psa_hash_finish without calling psa_hash_setup beforehand */ memset( &operation, 0, sizeof( operation ) ); TEST_EQUAL( psa_hash_finish( &operation, hash, sizeof( hash ), &hash_len ), - PSA_ERROR_INVALID_ARGUMENT ); + PSA_ERROR_BAD_STATE ); exit: mbedtls_psa_crypto_free( ); From 11aa7ee1891df72cedfd4453fbe40207a6d2f526 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 19 Feb 2019 11:44:55 +0000 Subject: [PATCH 1087/2197] psa: Extend hash bad order test Extend hash bad order test in line with the new bad order tests for MAC and cipher, covering more cases and making comments and test layout consistent. Ensure that when doing hash operations out of order, PSA_ERROR_BAD_STATE is returned as documented in crypto.h and the PSA Crypto specification. --- tests/suites/test_suite_psa_crypto.data | 1 + tests/suites/test_suite_psa_crypto.function | 65 ++++++++++++++++++--- 2 files changed, 57 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 098e3f925..635c5bfac 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -655,6 +655,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA hash: bad order function calls +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C hash_bad_order: PSA hash verify: bad arguments diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6eb9b0abb..2499102a5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1961,7 +1961,7 @@ void hash_operation_init( ) memset( &zero, 0, sizeof( zero ) ); - /* A default hash operation should not be usable. */ + /* A freshly-initialized hash operation should not be usable. */ TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ), PSA_ERROR_BAD_STATE ); TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ), @@ -1999,32 +1999,79 @@ exit: /* BEGIN_CASE */ void hash_bad_order( ) { + psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char input[] = ""; /* SHA-256 hash of an empty string */ - unsigned char hash[] = { + const unsigned char valid_hash[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; + unsigned char hash[sizeof(valid_hash)] = { 0 }; size_t hash_len; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; PSA_ASSERT( psa_crypto_init( ) ); - /* psa_hash_update without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); + /* Call update without calling setup beforehand. */ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); - /* psa_hash_verify without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); - TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ), + /* Call update after finish. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ) ); + TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); - /* psa_hash_finish without calling psa_hash_setup beforehand */ - memset( &operation, 0, sizeof( operation ) ); + /* Call verify without calling setup beforehand. */ + TEST_EQUAL( psa_hash_verify( &operation, + valid_hash, sizeof( valid_hash ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + + /* Call verify after finish. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ) ); + TEST_EQUAL( psa_hash_verify( &operation, + valid_hash, sizeof( valid_hash ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + + /* Call verify twice in a row. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_verify( &operation, + valid_hash, sizeof( valid_hash ) ) ); + TEST_EQUAL( psa_hash_verify( &operation, + valid_hash, sizeof( valid_hash ) ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + + /* Call finish without calling setup beforehand. */ TEST_EQUAL( psa_hash_finish( &operation, hash, sizeof( hash ), &hash_len ), PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + + /* Call finish twice in a row. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ) ); + TEST_EQUAL( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + + /* Call finish after calling verify. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT( psa_hash_verify( &operation, + valid_hash, sizeof( valid_hash ) ) ); + TEST_EQUAL( psa_hash_finish( &operation, + hash, sizeof( hash ), &hash_len ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); exit: mbedtls_psa_crypto_free( ); From 36ee5d0fbfd5941f9ae7f1aa105a3d980235ffd5 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 19 Feb 2019 09:25:10 +0000 Subject: [PATCH 1088/2197] psa: Disallow repeated setup Calling psa_*_setup() twice on a MAC, cipher, or hash context should result in a PSA_ERROR_BAD_STATE error because the operation has already been set up. Fixes #10 --- library/psa_crypto.c | 20 +++++++++++++++- tests/suites/test_suite_psa_crypto.function | 26 +++++++++++++++++++++ 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1f96ae079..40c676a5d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1379,7 +1379,13 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { int ret; - operation->alg = 0; + + /* A context must be freshly initialized before it can be set up. */ + if( operation->alg != 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + switch( alg ) { #if defined(MBEDTLS_MD2_C) @@ -1998,6 +2004,12 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg ); psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg ); + /* A context must be freshly initialized before it can be set up. */ + if( operation->alg != 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + status = psa_mac_init( operation, full_length_alg ); if( status != PSA_SUCCESS ) return( status ); @@ -2909,6 +2921,12 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, PSA_KEY_USAGE_ENCRYPT : PSA_KEY_USAGE_DECRYPT ); + /* A context must be freshly initialized before it can be set up. */ + if( operation->alg != 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + status = psa_cipher_init( operation, alg ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2499102a5..9ea6cc09b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2012,6 +2012,12 @@ void hash_bad_order( ) PSA_ASSERT( psa_crypto_init( ) ); + /* Call setup twice in a row. */ + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( psa_hash_setup( &operation, alg ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_hash_abort( &operation ) ); + /* Call update without calling setup beforehand. */ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), PSA_ERROR_BAD_STATE ); @@ -2336,6 +2342,14 @@ void mac_bad_order( ) PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_mac_abort( &operation ) ); + /* Call setup twice in a row. */ + PSA_ASSERT( psa_mac_sign_setup( &operation, + handle, alg ) ); + TEST_EQUAL( psa_mac_sign_setup( &operation, + handle, alg ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_mac_abort( &operation ) ); + /* Call update after sign finish. */ PSA_ASSERT( psa_mac_sign_setup( &operation, handle, alg ) ); @@ -2601,6 +2615,18 @@ void cipher_bad_order( ) key, sizeof(key) ) ); + /* Call encrypt setup twice in a row. */ + PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); + TEST_EQUAL( psa_cipher_encrypt_setup( &operation, handle, alg ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + + /* Call decrypt setup twice in a row. */ + PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); + TEST_EQUAL( psa_cipher_decrypt_setup( &operation, handle, alg ), + PSA_ERROR_BAD_STATE ); + PSA_ASSERT( psa_cipher_abort( &operation ) ); + /* Generate an IV without calling setup beforehand. */ TEST_EQUAL( psa_cipher_generate_iv( &operation, buffer, sizeof( buffer ), From e236c2a13c000c9673be56933d3704f1305174fa Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 20 Feb 2019 15:37:15 +0000 Subject: [PATCH 1089/2197] psa: Don't abort when operations are invalid In places where we detect a context is in a bad state and there is no sensitive data to clear, simply return PSA_ERROR_BAD_STATE and don't abort on behalf of the application. The application will choose what to do when it gets a bad state error. The motivation for this change is that an application should decide what to do when it misuses the API and encounters a PSA_ERROR_BAD_STATE error. The library should not attempt to abort on behalf of the application, as that may not be the correct thing to do in all circumstances. --- library/psa_crypto.c | 26 +++++++++----------------- 1 file changed, 9 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 40c676a5d..38f50b3b6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2128,9 +2128,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, { psa_status_t status = PSA_ERROR_BAD_STATE; if( ! operation->key_set ) - goto cleanup; + return( PSA_ERROR_BAD_STATE ); if( operation->iv_required && ! operation->iv_set ) - goto cleanup; + return( PSA_ERROR_BAD_STATE ); operation->has_input = 1; #if defined(MBEDTLS_CMAC_C) @@ -2153,10 +2153,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, { /* This shouldn't happen if `operation` was initialized by * a setup function. */ - status = PSA_ERROR_BAD_STATE; + return( PSA_ERROR_BAD_STATE ); } -cleanup: if( status != PSA_SUCCESS ) psa_mac_abort( operation ); return( status ); @@ -2264,13 +2263,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, if( ! operation->is_sign ) { - status = PSA_ERROR_BAD_STATE; - goto cleanup; + return( PSA_ERROR_BAD_STATE ); } status = psa_mac_finish_internal( operation, mac, mac_size ); -cleanup: if( status == PSA_SUCCESS ) { status = psa_mac_abort( operation ); @@ -2298,8 +2295,7 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, if( operation->is_sign ) { - status = PSA_ERROR_BAD_STATE; - goto cleanup; + return( PSA_ERROR_BAD_STATE ); } if( operation->mac_size != mac_length ) { @@ -3028,8 +3024,7 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, int ret; if( operation->iv_set || ! operation->iv_required ) { - status = PSA_ERROR_BAD_STATE; - goto exit; + return( PSA_ERROR_BAD_STATE ); } if( iv_size < operation->iv_size ) { @@ -3061,8 +3056,7 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, int ret; if( operation->iv_set || ! operation->iv_required ) { - status = PSA_ERROR_BAD_STATE; - goto exit; + return( PSA_ERROR_BAD_STATE ); } if( iv_length != operation->iv_size ) { @@ -3136,13 +3130,11 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, if( ! operation->key_set ) { - status = PSA_ERROR_BAD_STATE; - goto error; + return( PSA_ERROR_BAD_STATE ); } if( operation->iv_required && ! operation->iv_set ) { - status = PSA_ERROR_BAD_STATE; - goto error; + return( PSA_ERROR_BAD_STATE ); } if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT && From 5e6d24c5e15323a3c0b8122526e899604ca9f5dd Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 10:41:29 +0000 Subject: [PATCH 1090/2197] psa: Add backwards compatible error codes Add deprecated error codes to help transition between the previous version of the PSA Crypto specification and the current one. --- include/psa/crypto_extra.h | 23 +++++++++++++++++++++++ scripts/generate_psa_constants.py | 10 ++++++++++ tests/scripts/test_psa_constant_names.py | 9 +++++++-- 3 files changed, 40 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 96b478b7f..86d9954ce 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -37,6 +37,29 @@ extern "C" { /* UID for secure storage seed */ #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 +/* + * Deprecated PSA Crypto error code definitions + */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_UNKNOWN_ERROR \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_OCCUPIED_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_EMPTY_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_INSUFFICIENT_CAPACITY \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) +#endif + /** * \brief Library deinitialization. * diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 32508f286..382fd23e7 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -167,6 +167,16 @@ class MacroCollector: return elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \ and not parameter: + if name in [ + 'PSA_ERROR_UNKNOWN_ERROR', + 'PSA_ERROR_OCCUPIED_SLOT', + 'PSA_ERROR_EMPTY_SLOT', + 'PSA_ERROR_INSUFFICIENT_CAPACITY', + ]: + # Ad hoc skipping of deprecated error codes, which share + # numerical values with non-deprecated error codes + return + self.statuses.add(name) elif name.startswith('PSA_KEY_TYPE_') and not parameter: self.key_types.add(name) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index d22652e8a..5e128eb7d 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -131,11 +131,16 @@ where each argument takes each possible value at least once.''' excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') # Additional excluded macros. # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script - # currently doesn't support them. + # currently doesn't support them. Deprecated errors are also excluded. excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', 'PSA_ALG_FULL_LENGTH_MAC', 'PSA_ALG_ECDH', - 'PSA_ALG_FFDH']) + 'PSA_ALG_FFDH', + 'PSA_ERROR_UNKNOWN_ERROR', + 'PSA_ERROR_OCCUPIED_SLOT', + 'PSA_ERROR_EMPTY_SLOT', + 'PSA_ERROR_INSUFFICIENT_CAPACITY', + ]) argument_split_re = re.compile(r' *, *') def parse_header_line(self, line): '''Parse a C header line, looking for "#define PSA_xxx".''' From bf7a98b791fe21f1ee5d553f4dfe1d1cbfe3ef8a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Feb 2019 16:42:11 +0100 Subject: [PATCH 1091/2197] Fix typos found in PSA Crypto API 1.0 beta2 before publication --- include/psa/crypto.h | 2 +- include/psa/crypto_values.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index dd4599687..e7d0ecda7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -754,7 +754,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * to another. The target key retains its lifetime and location. * * In an implementation where slots have different ownerships, - * this functin may be used to share a key with a different party, + * this function may be used to share a key with a different party, * subject to implementation-defined restrictions on key sharing. * In this case \p constraint would typically prevent the recipient * from exporting the key. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a47695c2e..e0cc5446f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -187,7 +187,7 @@ * the global integrity of the keystore. Depending on the global * integrity guarantees offered by the implementation, access to other * data may or may not fail even if the data is still readable but - * its integrity canont be guaranteed. + * its integrity cannot be guaranteed. * * Implementations should only use this error code to report a * permanent storage corruption. However application writers should From 81cefed27ffcffa1e40ae0aaedf42496a7acd4eb Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 25 Feb 2019 08:51:27 +0000 Subject: [PATCH 1092/2197] psa: Explicitly include platform_util.h crypto_extra.h has a dependency on platform_util.h for MBEDTLS_DEPRECATED_NUMERIC_CONSTANT. Make the dependency explicit by including platform_util.h. Although in most use cases the header should already be included by something else, it doesn't hurt to include it again and helps to clarify dependencies. --- include/psa/crypto_extra.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 86d9954ce..5dd47899e 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -30,6 +30,8 @@ #ifndef PSA_CRYPTO_EXTRA_H #define PSA_CRYPTO_EXTRA_H +#include "mbedtls/platform_util.h" + #ifdef __cplusplus extern "C" { #endif From f426e0f3031034e43bdc7fb86e3a67fa97ec610f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 17:42:03 +0100 Subject: [PATCH 1093/2197] Smoke-test operation contexts after setup+abort After a successful setup followed by abort, or after a failed setup from an inactive state, a context must be usable. Test this for hash, MAC and cipher contexts. --- tests/suites/test_suite_psa_crypto.function | 233 ++++++++++++++++---- 1 file changed, 188 insertions(+), 45 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5c662d8f1..7da745654 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -14,6 +14,89 @@ /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; +/* A hash algorithm that is known to be supported. + * + * This is used in some smoke tests. + */ +#if defined(MBEDTLS_MD2_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2 +#elif defined(MBEDTLS_MD4_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4 +#elif defined(MBEDTLS_MD5_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5 +/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of + * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 + * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be + * implausible anyway. */ +#elif defined(MBEDTLS_SHA1_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1 +#elif defined(MBEDTLS_SHA256_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256 +#elif defined(MBEDTLS_SHA512_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384 +#elif defined(MBEDTLS_SHA3_C) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256 +#else +#undef KNOWN_SUPPORTED_HASH_ALG +#endif + +/* A block cipher that is known to be supported. + * + * For simplicity's sake, stick to block ciphers with 16-byte blocks. + */ +#if defined(MBEDTLS_AES_C) +#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES +#elif defined(MBEDTLS_ARIA_C) +#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA +#elif defined(MBEDTLS_CAMELLIA_C) +#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA +#undef KNOWN_SUPPORTED_BLOCK_CIPHER +#endif + +/* A MAC mode that is known to be supported. + * + * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or + * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER. + * + * This is used in some smoke tests. + */ +#if defined(KNOWN_SUPPORTED_HASH_ALG) +#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) ) +#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C) +#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC +#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER +#else +#undef KNOWN_SUPPORTED_MAC_ALG +#undef KNOWN_SUPPORTED_MAC_KEY_TYPE +#endif + +/* A cipher algorithm and key type that are known to be supported. + * + * This is used in some smoke tests. + */ +#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB +#else +#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG +#endif +#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG) +#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG +#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER +#elif defined(MBEDTLS_RC4_C) +#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4 +#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4 +#else +#undef KNOWN_SUPPORTED_CIPHER_ALG +#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE +#endif + /** Test if a buffer contains a constant byte value. * * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`. @@ -120,6 +203,64 @@ static int construct_fake_rsa_key( unsigned char *buffer, return( len ); } +int exercise_mac_setup( psa_key_type_t key_type, + const unsigned char *key_bytes, + size_t key_length, + psa_algorithm_t alg, + psa_mac_operation_t *operation, + psa_status_t *status ) +{ + psa_key_handle_t handle = 0; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + + PSA_ASSERT( psa_allocate_key( &handle ) ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); + + *status = psa_mac_sign_setup( operation, handle, alg ); + if( *status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_mac_abort( operation ) ); + } + + psa_destroy_key( handle ); + return( 1 ); + +exit: + psa_destroy_key( handle ); + return( 0 ); +} + +int exercise_cipher_setup( psa_key_type_t key_type, + const unsigned char *key_bytes, + size_t key_length, + psa_algorithm_t alg, + psa_cipher_operation_t *operation, + psa_status_t *status ) +{ + psa_key_handle_t handle = 0; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + + PSA_ASSERT( psa_allocate_key( &handle ) ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); + + *status = psa_cipher_encrypt_setup( operation, handle, alg ); + if( *status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_cipher_abort( operation ) ); + } + + psa_destroy_key( handle ); + return( 1 ); + +exit: + psa_destroy_key( handle ); + return( 0 ); +} + static int exercise_mac_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -287,26 +428,13 @@ static int exercise_signature_key( psa_key_handle_t handle, /* If the policy allows signing with any hash, just pick one. */ if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH ) { -#if defined(MBEDTLS_MD2_C) - hash_alg = PSA_ALG_MD2; -#elif defined(MBEDTLS_MD4_C) - hash_alg = PSA_ALG_MD4; -#elif defined(MBEDTLS_MD5_C) - hash_alg = PSA_ALG_MD5; - /* MBEDTLS_RIPEMD160_C omitted because Mbed TLS doesn't - * support it in RSA PKCS#1v1.5 signatures. */ -#elif defined(MBEDTLS_SHA1_C) - hash_alg = PSA_ALG_SHA_1; -#elif defined(MBEDTLS_SHA256_C) - hash_alg = PSA_ALG_SHA_256; -#elif defined(MBEDTLS_SHA512_C) - hash_alg = PSA_ALG_SHA_384; -#elif defined(MBEDTLS_SHA3_C) - hash_alg = PSA_ALG_SHA3_256; +#if defined(KNOWN_SUPPORTED_HASH_ALG) + hash_alg = KNOWN_SUPPORTED_HASH_ALG; + alg ^= PSA_ALG_ANY_HASH ^ hash_alg; #else test_fail( "No hash algorithm for hash-and-sign testing", __LINE__, __FILE__ ); + return( 1 ); #endif - alg ^= PSA_ALG_ANY_HASH ^ hash_alg; } if( usage & PSA_KEY_USAGE_SIGN ) @@ -1988,9 +2116,16 @@ void hash_setup( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); status = psa_hash_setup( &operation, alg ); - psa_hash_abort( &operation ); TEST_EQUAL( status, expected_status ); + if( status == PSA_SUCCESS ) + PSA_ASSERT( psa_hash_abort( &operation ) ); + /* Now the operation object should be reusable. */ +#if defined(KNOWN_SUPPORTED_HASH_ALG) + PSA_ASSERT( psa_hash_setup( &operation, KNOWN_SUPPORTED_HASH_ALG ) ); + PSA_ASSERT( psa_hash_abort( &operation ) ); +#endif + exit: mbedtls_psa_crypto_free( ); } @@ -2266,31 +2401,34 @@ void mac_setup( int key_type_arg, int alg_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_status_t status; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; +#if defined(KNOWN_SUPPORTED_MAC_ALG) + const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; +#endif PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, - alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - - PSA_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) ); - - status = psa_mac_sign_setup( &operation, handle, alg ); - psa_mac_abort( &operation ); + if( ! exercise_mac_setup( key_type, key->x, key->len, alg, + &operation, &status ) ) + goto exit; TEST_EQUAL( status, expected_status ); + /* The operation object should be reusable. */ +#if defined(KNOWN_SUPPORTED_MAC_ALG) + if( ! exercise_mac_setup( KNOWN_SUPPORTED_MAC_KEY_TYPE, + smoke_test_key_data, + sizeof( smoke_test_key_data ), + KNOWN_SUPPORTED_MAC_ALG, + &operation, &status ) ) + goto exit; + TEST_EQUAL( status, PSA_SUCCESS ); +#endif + exit: - psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -2560,29 +2698,34 @@ void cipher_setup( int key_type_arg, int alg_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_status_t status; +#if defined(KNOWN_SUPPORTED_MAC_ALG) + const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; +#endif PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - - PSA_ASSERT( psa_import_key( handle, key_type, - key->x, key->len ) ); - - status = psa_cipher_encrypt_setup( &operation, handle, alg ); - psa_cipher_abort( &operation ); + if( ! exercise_cipher_setup( key_type, key->x, key->len, alg, + &operation, &status ) ) + goto exit; TEST_EQUAL( status, expected_status ); + /* The operation object should be reusable. */ +#if defined(KNOWN_SUPPORTED_CIPHER_ALG) + if( ! exercise_cipher_setup( KNOWN_SUPPORTED_CIPHER_KEY_TYPE, + smoke_test_key_data, + sizeof( smoke_test_key_data ), + KNOWN_SUPPORTED_CIPHER_ALG, + &operation, &status ) ) + goto exit; + TEST_EQUAL( status, PSA_SUCCESS ); +#endif + exit: - psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From 9ab61b603d1c4b5f6b045a7adca25c1d84b92d17 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 17:43:14 +0100 Subject: [PATCH 1094/2197] Fix cleanup in psa_cipher_setup In some error cases, psa_cipher_setup was leaving a partly-initialized operation context. --- library/psa_crypto.c | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 22b4c0cf8..cd1499a38 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2902,8 +2902,8 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, psa_algorithm_t alg, mbedtls_operation_t cipher_operation ) { - int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - psa_status_t status; + int ret = 0; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_slot_t *slot; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; @@ -2923,19 +2923,19 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, status = psa_get_key_from_slot( handle, &slot, usage, alg); if( status != PSA_SUCCESS ) - return( status ); + goto exit; key_bits = psa_get_key_bits( slot ); cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL ); if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); if( ret != 0 ) - { - psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); - } + goto exit; #if defined(MBEDTLS_DES_C) if( slot->type == PSA_KEY_TYPE_DES && key_bits == 128 ) @@ -2956,10 +2956,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, (int) key_bits, cipher_operation ); } if( ret != 0 ) - { - psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); - } + goto exit; #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) switch( alg ) @@ -2978,10 +2975,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, break; } if( ret != 0 ) - { - psa_cipher_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); - } + goto exit; #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING operation->key_set = 1; @@ -2992,7 +2986,12 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ); } - return( PSA_SUCCESS ); +exit: + if( status == 0 ) + status = mbedtls_to_psa_error( ret ); + if( status != 0 ) + psa_cipher_abort( operation ); + return( status ); } psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, From 9e0a4a54a22efb1d4af283725196e03fe7cdb521 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 22:11:18 +0100 Subject: [PATCH 1095/2197] Test abort after failed setup Commit "Smoke-test operation contexts after setup+abort" replaced {failed-setup; abort} sequences by {failed-setup; successful-setup}. We want to test that, but we also want to test {failed-setup; abort}. So test {failed-setup; abort; failed-setup; successful-setup}. --- tests/suites/test_suite_psa_crypto.function | 28 ++++++++++++++++----- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 7da745654..4cec11881 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -219,9 +219,14 @@ int exercise_mac_setup( psa_key_type_t key_type, PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); *status = psa_mac_sign_setup( operation, handle, alg ); - if( *status == PSA_SUCCESS ) + /* Whether setup succeeded or failed, abort must succeed. */ + PSA_ASSERT( psa_mac_abort( operation ) ); + /* If setup failed, reproduce the failure, so that the caller can + * test the resulting state of the operation object. */ + if( *status != PSA_SUCCESS ) { - PSA_ASSERT( psa_mac_abort( operation ) ); + TEST_EQUAL( psa_mac_sign_setup( operation, handle, alg ), + *status ); } psa_destroy_key( handle ); @@ -248,9 +253,14 @@ int exercise_cipher_setup( psa_key_type_t key_type, PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); *status = psa_cipher_encrypt_setup( operation, handle, alg ); - if( *status == PSA_SUCCESS ) + /* Whether setup succeeded or failed, abort must succeed. */ + PSA_ASSERT( psa_cipher_abort( operation ) ); + /* If setup failed, reproduce the failure, so that the caller can + * test the resulting state of the operation object. */ + if( *status != PSA_SUCCESS ) { - PSA_ASSERT( psa_cipher_abort( operation ) ); + TEST_EQUAL( psa_cipher_encrypt_setup( operation, handle, alg ), + *status ); } psa_destroy_key( handle ); @@ -2118,8 +2128,14 @@ void hash_setup( int alg_arg, status = psa_hash_setup( &operation, alg ); TEST_EQUAL( status, expected_status ); - if( status == PSA_SUCCESS ) - PSA_ASSERT( psa_hash_abort( &operation ) ); + /* Whether setup succeeded or failed, abort must succeed. */ + PSA_ASSERT( psa_hash_abort( &operation ) ); + + /* If setup failed, reproduce the failure, so as to + * test the resulting state of the operation object. */ + if( status != PSA_SUCCESS ) + TEST_EQUAL( psa_hash_setup( &operation, alg ), status ); + /* Now the operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_HASH_ALG) PSA_ASSERT( psa_hash_setup( &operation, KNOWN_SUPPORTED_HASH_ALG ) ); From 800a71cc7916e85de73b2339e3d5d54f567a041f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Mar 2019 16:03:46 +0100 Subject: [PATCH 1096/2197] The specification document is now a single PDF --- README.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/README.md b/README.md index 785584a62..107f7ddd5 100644 --- a/README.md +++ b/README.md @@ -30,10 +30,7 @@ There are currently a few deviations where the library does not yet implement th ### PSA Cryptography API -The PSA cryptography API specification consists of the following documents: - -* The [PSA Cryptography API overview](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). -* The [PSA Cryptography API detailed function reference](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Reference.pdf), which you can also browse in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/modules.html). +You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/modules.html). ### Browsable library documentation From bea98b458136029c2585037c74c114ddc5af896e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 5 Mar 2019 11:04:42 +0000 Subject: [PATCH 1097/2197] Remove Diffie-Hellman examples These examples rely on the NET module, which we want to remove. In theory we could remove just the dependency, but we decided to remove the whole example because: - They showcase some bad crypto: custom, undocumented protocol (not obviously broken though, apart from authenticating only one side); hard-coded limit of 512-bit size for the DH modulus (2048 is the recommended minimum these days); direct use of the shared secret as a key (instead of applying a KDF); encryption with ECB, custom parameters and the client not having the ability to verify them. - The programs use the DH API in the same way that TLS does, so they have limited demonstration value. - The programs only show finite-field DH, which is not used all that much these days. What people want to see is mostly ECDH. --- programs/.gitignore | 2 - programs/Makefile | 11 +- programs/README.md | 2 - programs/pkey/CMakeLists.txt | 8 +- programs/pkey/dh_client.c | 325 ----------------------------- programs/pkey/dh_server.c | 348 ------------------------------- visualc/VS2010/dh_client.vcxproj | 174 ---------------- visualc/VS2010/dh_server.vcxproj | 174 ---------------- visualc/VS2010/mbedTLS.sln | 26 --- 9 files changed, 2 insertions(+), 1068 deletions(-) delete mode 100644 programs/pkey/dh_client.c delete mode 100644 programs/pkey/dh_server.c delete mode 100644 visualc/VS2010/dh_client.vcxproj delete mode 100644 visualc/VS2010/dh_server.vcxproj diff --git a/programs/.gitignore b/programs/.gitignore index d19162de1..30489bed0 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -9,9 +9,7 @@ hash/hello hash/md5sum hash/sha1sum hash/sha2sum -pkey/dh_client pkey/dh_genprime -pkey/dh_server pkey/ecdsa pkey/ecdh_curve25519 pkey/gen_key diff --git a/programs/Makefile b/programs/Makefile index 1df2cb19f..58358e5d9 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -49,8 +49,7 @@ endif APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \ - pkey/dh_client$(EXEXT) \ - pkey/dh_genprime$(EXEXT) pkey/dh_server$(EXEXT) \ + pkey/dh_genprime$(EXEXT) \ pkey/ecdh_curve25519$(EXEXT) \ pkey/ecdsa$(EXEXT) pkey/gen_key$(EXEXT) \ pkey/key_app$(EXEXT) pkey/key_app_writer$(EXEXT) \ @@ -123,18 +122,10 @@ hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP) echo " CC hash/generic_sum.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP) - echo " CC pkey/dh_client.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP) echo " CC pkey/dh_genprime.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP) - echo " CC pkey/dh_server.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP) echo " CC pkey/ecdh_curve25519.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index eb25a7f69..6dd7f7109 100644 --- a/programs/README.md +++ b/programs/README.md @@ -44,8 +44,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu ### Diffie-Hellman key exchange examples -* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key. - * [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement. ### Bignum (`mpi`) usage examples diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index 5a37a4212..944a100a2 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -1,12 +1,6 @@ -add_executable(dh_client dh_client.c) -target_link_libraries(dh_client mbedtls) - add_executable(dh_genprime dh_genprime.c) target_link_libraries(dh_genprime mbedtls) -add_executable(dh_server dh_server.c) -target_link_libraries(dh_server mbedtls) - add_executable(ecdh_curve25519 ecdh_curve25519.c) target_link_libraries(ecdh_curve25519 mbedtls) @@ -58,6 +52,6 @@ target_link_libraries(pk_encrypt mbedtls) add_executable(pk_decrypt pk_decrypt.c) target_link_libraries(pk_decrypt mbedtls) -install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key +install(TARGETS dh_genprime key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c deleted file mode 100644 index 1dce31aa7..000000000 --- a/programs/pkey/dh_client.c +++ /dev/null @@ -1,325 +0,0 @@ -/* - * Diffie-Hellman-Merkle key exchange (client side) - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) -#include "mbedtls/net_sockets.h" -#include "mbedtls/aes.h" -#include "mbedtls/dhm.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" - -#include -#include -#endif - -#define SERVER_NAME "localhost" -#define SERVER_PORT "11999" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -int main( void ) -{ - FILE *f; - - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; - mbedtls_net_context server_fd; - - unsigned char *p, *end; - unsigned char buf[2048]; - unsigned char hash[32]; - const char *pers = "dh_client"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_rsa_context rsa; - mbedtls_dhm_context dhm; - mbedtls_aes_context aes; - - mbedtls_net_init( &server_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - /* - * 1. Setup the RNG - */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - /* - * 2. Read the server's public RSA key - */ - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); - - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); - goto exit; - } - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); - goto exit; - } - - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; - - fclose( f ); - - /* - * 3. Initiate the connection - */ - mbedtls_printf( "\n . Connecting to tcp/%s/%s", SERVER_NAME, - SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - /* - * 4a. First get the buffer length - */ - mbedtls_printf( "\n . Receiving the server's DH parameters" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - n = buflen = ( buf[0] << 8 ) | buf[1]; - if( buflen < 1 || buflen > sizeof( buf ) ) - { - mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" ); - goto exit; - } - - /* - * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P - */ - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - p = buf, end = buf + buflen; - - if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret ); - goto exit; - } - - if( dhm.len < 64 || dhm.len > 512 ) - { - mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); - goto exit; - } - - /* - * 5. Check that the server's RSA signature matches - * the SHA-256 hash of (P,G,Ys) - */ - mbedtls_printf( "\n . Verifying the server's RSA signature" ); - fflush( stdout ); - - p += 2; - - if( ( n = (size_t) ( end - p ) ) != rsa.len ) - { - mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); - goto exit; - } - - if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); - goto exit; - } - - /* - * 6. Send our public value: Yc = G ^ Xc mod P - */ - mbedtls_printf( "\n . Sending own public value to server" ); - fflush( stdout ); - - n = dhm.len; - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - /* - * 7. Derive the shared secret: K = Ys ^ Xc mod P - */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); - - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); - goto exit; - } - - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); - - /* - * 8. Setup the AES-256 decryption key - * - * This is an overly simplified example; best practice is - * to hash the shared secret with a random value to derive - * the keying material for the encryption/decryption keys, - * IVs and MACs. - */ - mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" ); - fflush( stdout ); - - mbedtls_aes_setkey_dec( &aes, buf, 256 ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf ); - buf[16] = '\0'; - mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_net_free( &server_fd ); - - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && - MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c deleted file mode 100644 index a797e6070..000000000 --- a/programs/pkey/dh_server.c +++ /dev/null @@ -1,348 +0,0 @@ -/* - * Diffie-Hellman-Merkle key exchange (server side) - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) -#include "mbedtls/net_sockets.h" -#include "mbedtls/aes.h" -#include "mbedtls/dhm.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" - -#include -#include -#endif - -#define SERVER_PORT "11999" -#define PLAINTEXT "==Hello there!==" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -int main( void ) -{ - FILE *f; - - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; - mbedtls_net_context listen_fd, client_fd; - - unsigned char buf[2048]; - unsigned char hash[32]; - unsigned char buf2[2]; - const char *pers = "dh_server"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_rsa_context rsa; - mbedtls_dhm_context dhm; - mbedtls_aes_context aes; - - mbedtls_mpi N, P, Q, D, E; - - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); - - /* - * 1. Setup the RNG - */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - /* - * 2a. Read the server's private RSA key - */ - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); - - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); - goto exit; - } - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); - goto exit; - } - fclose( f ); - - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); - goto exit; - } - - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); - goto exit; - } - - /* - * 2b. Get the DHM modulus and generator - */ - mbedtls_printf( "\n . Reading DH parameters from dh_prime.txt" ); - fflush( stdout ); - - if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \ - " ! Please run dh_genprime first\n\n" ); - goto exit; - } - - if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 || - mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 ) - { - mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" ); - fclose( f ); - goto exit; - } - - fclose( f ); - - /* - * 3. Wait for a client to connect - */ - mbedtls_printf( "\n . Waiting for a remote connection" ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); - goto exit; - } - - /* - * 4. Setup the DH parameters (P,G,Ys) - */ - mbedtls_printf( "\n . Sending the server's DH parameters" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret ); - goto exit; - } - - /* - * 5. Sign the parameters and send them - */ - if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); - goto exit; - } - - buf[n ] = (unsigned char)( rsa.len >> 8 ); - buf[n + 1] = (unsigned char)( rsa.len ); - - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, - 0, hash, buf + n + 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); - goto exit; - } - - buflen = n + 2 + rsa.len; - buf2[0] = (unsigned char)( buflen >> 8 ); - buf2[1] = (unsigned char)( buflen ); - - if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 || - ( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - /* - * 6. Get the client's public value: Yc = G ^ Xc mod P - */ - mbedtls_printf( "\n . Receiving the client's public value" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - n = dhm.len; - if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); - goto exit; - } - - /* - * 7. Derive the shared secret: K = Ys ^ Xc mod P - */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); - - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); - goto exit; - } - - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); - - /* - * 8. Setup the AES-256 encryption key - * - * This is an overly simplified example; best practice is - * to hash the shared secret with a random value to derive - * the keying material for the encryption/decryption keys - * and MACs. - */ - mbedtls_printf( "...\n . Encrypting and sending the ciphertext" ); - fflush( stdout ); - - mbedtls_aes_setkey_enc( &aes, buf, 256 ); - memcpy( buf, PLAINTEXT, 16 ); - mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf ); - - if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( "\n\n" ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); - - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && - MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj deleted file mode 100644 index b2fae8093..000000000 --- a/visualc/VS2010/dh_client.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE} - Win32Proj - dh_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj deleted file mode 100644 index 6f87cb8b0..000000000 --- a/visualc/VS2010/dh_server.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {8D91B804-E2CE-142D-8E06-FBB037ED1F65} - Win32Proj - dh_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 8961f9d1c..35417a999 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -23,21 +23,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "generic_sum", "generic_sum. {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_client", "dh_client.vcxproj", "{4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_genprime", "dh_genprime.vcxproj", "{718960D9-5DA6-7B56-39AD-637E81076C71}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_server", "dh_server.vcxproj", "{8D91B804-E2CE-142D-8E06-FBB037ED1F65}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdh_curve25519", "ecdh_curve25519.vcxproj", "{82EE497E-12CC-7C5B-A072-665678ACB43E}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -311,14 +301,6 @@ Global {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.Build.0 = Release|Win32 {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.ActiveCfg = Release|x64 {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.Build.0 = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.ActiveCfg = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.Build.0 = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.ActiveCfg = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.Build.0 = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.ActiveCfg = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.Build.0 = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.ActiveCfg = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.Build.0 = Release|x64 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.ActiveCfg = Debug|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.Build.0 = Debug|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.ActiveCfg = Debug|x64 @@ -327,14 +309,6 @@ Global {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.Build.0 = Release|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.ActiveCfg = Release|x64 {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.Build.0 = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.ActiveCfg = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.Build.0 = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.ActiveCfg = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.Build.0 = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.ActiveCfg = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.Build.0 = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.ActiveCfg = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.Build.0 = Release|x64 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.ActiveCfg = Debug|Win32 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.Build.0 = Debug|Win32 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.ActiveCfg = Debug|x64 From c3044a6a367df834342e4ce48485bcbe6e46fbb8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Mar 2019 17:56:28 +0100 Subject: [PATCH 1098/2197] Remove trailing whitespace check-files.py doesn't like trailing whitespace. --- include/psa/crypto_accel_driver.h | 14 +++++++------- include/psa/crypto_se_driver.h | 12 ++++++------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 57bc18dad..125d4c246 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -381,7 +381,7 @@ typedef struct psa_drv_accel_cipher_context_s psa_drv_accel_cipher_context_t; * Where * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES) * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR) - * + * * For stream ciphers: * ~~~~~~~~~~~~~{.c} * psa_drv_accel_cipher_setup_ @@ -643,10 +643,10 @@ typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key, * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the signing algorithm * - * This function supports any asymmetric-key output from psa_export_key() as + * This function supports any asymmetric-key output from psa_export_key() as * the buffer in \ref p_key. Refer to the documentation of \ref * psa_export_key() for the formats. - * + * * \param[in] p_key A buffer containing the private key * material * \param[in] key_size The size in bytes of the `p_key` data @@ -686,7 +686,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, * buffer in \ref p_key. Refer to the documentation of \ref * psa_export_public_key() for the format of public keys and to the * documentation of \ref psa_export_key() for the format for other key types. - * + * * \param[in] p_key A buffer containing the public key material * \param[in] key_size The size in bytes of the `p_key` data * \param[in] alg A signature algorithm that is compatible with @@ -719,7 +719,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, * psa_drv_accel_asymmetric__encrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm - * + * * This function supports any output from \ref psa_export_public_key() as the * buffer in \ref p_key. Refer to the documentation of \ref * psa_export_public_key() for the format of public keys and to the @@ -772,8 +772,8 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, * psa_drv_accel_asymmetric__decrypt * ~~~~~~~~~~~~~ * Where `ALGO` is the name of the encryption algorithm - * - * This function supports any asymmetric-key output from psa_export_key() as + * + * This function supports any asymmetric-key output from psa_export_key() as * the buffer in \ref p_key. Refer to the documentation of \ref * psa_export_key() for the formats. * diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 18ef1c47b..870f69d06 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -766,16 +766,16 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, /** * \brief A function that generates a symmetric or asymmetric key on a secure * element - * - * If `type` is asymmetric (`#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) == 1`), + * + * If `type` is asymmetric (`#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) == 1`), * the public component of the generated key will be placed in `p_pubkey_out`. * The format of the public key information will match the format specified for * the `psa_export_key()` function for the key type. - * + * * \param[in] key_slot Slot where the generated key will be placed * \param[in] type The type of the key to be generated * \param[in] usage The prescribed usage of the generated key - * Note: Not all Secure Elements support the same + * Note: Not all Secure Elements support the same * restrictions that PSA Crypto does (and vice versa). * Driver developers should endeavor to match the * usages as close as possible. @@ -785,7 +785,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * interpretation in the `extra` parameter is the * `psa_generate_key` function * \param[in] extra_size The size in bytes of the \ref extra buffer - * \param[out] p_pubkey_out The buffer where the public key information will + * \param[out] p_pubkey_out The buffer where the public key information will * be placed * \param[in] pubkey_out_size The size in bytes of the `p_pubkey_out` buffer * \param[out] p_pubkey_length Upon successful completion, will contain the @@ -909,7 +909,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *p_context, /** \brief A function that performs the final secure element key derivation * step and place the generated key material in a slot - * + * * \param[in,out] p_context A hardware-specific structure containing any * context information for the implementation * \param[in] dest_key The slot where the generated key material From e5c025c7ab19953db723da0f8f63da9d849cd023 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Mar 2019 18:01:43 +0100 Subject: [PATCH 1099/2197] Fix Doxygen warnings --- include/psa/crypto_accel_driver.h | 8 ++++---- include/psa/crypto_se_driver.h | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 125d4c246..1e1940c80 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -644,7 +644,7 @@ typedef psa_status_t (*psa_drv_accel_aead_decrypt_t)(const uint8_t *p_key, * Where `ALGO` is the name of the signing algorithm * * This function supports any asymmetric-key output from psa_export_key() as - * the buffer in \ref p_key. Refer to the documentation of \ref + * the buffer in \p p_key. Refer to the documentation of \ref * psa_export_key() for the formats. * * \param[in] p_key A buffer containing the private key @@ -683,7 +683,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key, * Where `ALGO` is the name of the signing algorithm * * This function supports any output from \ref psa_export_public_key() as the - * buffer in \ref p_key. Refer to the documentation of \ref + * buffer in \p p_key. Refer to the documentation of \ref * psa_export_public_key() for the format of public keys and to the * documentation of \ref psa_export_key() for the format for other key types. * @@ -721,7 +721,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key, * Where `ALGO` is the name of the encryption algorithm * * This function supports any output from \ref psa_export_public_key() as the - * buffer in \ref p_key. Refer to the documentation of \ref + * buffer in \p p_key. Refer to the documentation of \ref * psa_export_public_key() for the format of public keys and to the * documentation of \ref psa_export_key() for the format for other key types. * @@ -774,7 +774,7 @@ typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key, * Where `ALGO` is the name of the encryption algorithm * * This function supports any asymmetric-key output from psa_export_key() as - * the buffer in \ref p_key. Refer to the documentation of \ref + * the buffer in \p p_key. Refer to the documentation of \ref * psa_export_key() for the formats. * * \param[in] p_key A buffer containing the private key material diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 870f69d06..4772f306e 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -767,10 +767,10 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * \brief A function that generates a symmetric or asymmetric key on a secure * element * - * If `type` is asymmetric (`#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) == 1`), + * If \p type is asymmetric (`#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) == 1`), * the public component of the generated key will be placed in `p_pubkey_out`. * The format of the public key information will match the format specified for - * the `psa_export_key()` function for the key type. + * the psa_export_key() function for the key type. * * \param[in] key_slot Slot where the generated key will be placed * \param[in] type The type of the key to be generated @@ -784,7 +784,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * interpretation of this parameter should match the * interpretation in the `extra` parameter is the * `psa_generate_key` function - * \param[in] extra_size The size in bytes of the \ref extra buffer + * \param[in] extra_size The size in bytes of the \p extra buffer * \param[out] p_pubkey_out The buffer where the public key information will * be placed * \param[in] pubkey_out_size The size in bytes of the `p_pubkey_out` buffer From c079f5692dbd184e755e3486428deb0bfe0618cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Mar 2019 18:01:52 +0100 Subject: [PATCH 1100/2197] Pass check-files.py --- include/psa/crypto_se_driver.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 4772f306e..7ba7cf5c9 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -43,7 +43,7 @@ extern "C" { /** An internal designation of a key slot between the core part of the * PSA Crypto implementation and the driver. The meaning of this value * is driver-dependent. */ -typedef uint32_t psa_key_slot_number_t; // TODO: Change this to psa_key_slot_t after psa_key_slot_t is removed from Mbed crypto +typedef uint32_t psa_key_slot_number_t; // Change this to psa_key_slot_t after psa_key_slot_t is removed from Mbed crypto /** \defgroup se_mac Secure Element Message Authentication Codes * Generation and authentication of Message Authentication Codes (MACs) using From 32668ce2685787f04ae74f40e086f54cd2d3a0eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Mar 2019 18:29:57 +0100 Subject: [PATCH 1101/2197] Pacify check-names.sh --- include/psa/crypto_accel_driver.h | 4 ++-- include/psa/crypto_se_driver.h | 22 +++++++++++----------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h index 1e1940c80..4a540f0fa 100644 --- a/include/psa/crypto_accel_driver.h +++ b/include/psa/crypto_accel_driver.h @@ -356,7 +356,7 @@ typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input, * - `psa_drv_accel_cipher_update_t` * - ... * - `psa_drv_accel_cipher_finish_t` - + * * If a previously started hardware-accelerated Cipher operation needs to be * terminated, it should be done so by the `psa_drv_accel_cipher_abort_t`. * Failure to do so may result in allocated resources not being freed or in @@ -554,7 +554,7 @@ typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_contex * the `ciphertext` buffer * * \retval #PSA_SUCCESS - + * */ typedef psa_status_t (*psa_drv_accel_aead_encrypt_t)(const uint8_t *p_key, size_t key_length, diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 7ba7cf5c9..01f378c7b 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -136,7 +136,7 @@ typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *p_context, /** \brief A function that aborts a previous started secure element MAC * operation - + * * \param[in,out] p_context A hardware-specific structure for the previously * started MAC operation to be aborted */ @@ -247,7 +247,7 @@ typedef struct { * - `psa_drv_se_cipher_update_t` * - ... * - `psa_drv_se_cipher_finish_t` - + * * If a previously started secure element Cipher operation needs to be * terminated, it should be done so by the `psa_drv_se_cipher_abort_t`. Failure * to do so may result in allocated resources not being freed or in other @@ -791,15 +791,15 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * \param[out] p_pubkey_length Upon successful completion, will contain the * size of the data placed in `p_pubkey_out`. */ -typedef psa_status_t (*psa_drv_se_generate_key_t) (psa_key_slot_number_t key_slot, - psa_key_type_t type, - psa_key_usage_t usage, - size_t bits, - const void *extra, - size_t extra_size, - uint8_t *p_pubkey_out, - size_t pubkey_out_size, - size_t *p_pubkey_length); +typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_key_slot_number_t key_slot, + psa_key_type_t type, + psa_key_usage_t usage, + size_t bits, + const void *extra, + size_t extra_size, + uint8_t *p_pubkey_out, + size_t pubkey_out_size, + size_t *p_pubkey_length); /** * \brief A struct containing all of the function pointers needed to for secure From 2e37c0dc5dbf91af8fc6e1ddb651fb7086b1f954 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Mar 2019 19:32:02 +0100 Subject: [PATCH 1102/2197] Fix leftover occurrences of "key selection algorithm" --- include/psa/crypto_values.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e0cc5446f..0b40c5fd3 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1342,8 +1342,7 @@ /** The finite-field Diffie-Hellman (DH) key agreement algorithm. * - * The shared secret produced by key agreement and passed as input to the - * derivation or selection algorithm \p kdf_alg is the shared secret + * The shared secret produced by key agreement is * `g^{ab}` in big-endian format. * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. @@ -1352,8 +1351,9 @@ /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * - * This includes every supported key selection or key agreement algorithm - * for the output of the Diffie-Hellman calculation. + * This includes the raw finite field Diffie-Hellman algorithm as well as + * finite-field Diffie-Hellman followed by any supporter key derivation + * algorithm. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * @@ -1394,8 +1394,9 @@ /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. * - * This includes every supported key selection or key agreement algorithm - * for the output of the Diffie-Hellman calculation. + * This includes the raw elliptic curve Diffie-Hellman algorithm as well as + * elliptic curve Diffie-Hellman followed by any supporter key derivation + * algorithm. * * \param alg An algorithm identifier (value of type #psa_algorithm_t). * From ae2e5e08066698b9fc119e4766a1e46c142fceaa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Mar 2019 19:43:04 +0100 Subject: [PATCH 1103/2197] Remove copypasta'ed error reason in psa_aead_finish --- include/psa/crypto.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e7d0ecda7..aa90010a6 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2509,8 +2509,6 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not set up, nonce not set, * encryption, or already completed). - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously From 3be6b7f553ff6b60726c97ee5e22c27789f28e7c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Mar 2019 19:32:26 +0100 Subject: [PATCH 1104/2197] Fix some copypasta in references to parameter names Validated by perl -ne 'if (/^\/\*\*/) {%param=(); @p=()} if (/\\param.*? (\w+)/) {$param{$1}=1} while (/\\p \*?(\w+)/g) {push @p,[$1,ARGV->input_line_number()]} if (/^\ \*\//) {foreach (@p) {if (!$param{$_->[0]}) {printf "%s:%d: bad \\p %s\n", $ARGV, $_->[1], $_->[0]}}} close ARGV if eof' include/psa/*.h --- include/psa/crypto.h | 52 ++++++++++++++++++------------------- include/psa/crypto_extra.h | 2 +- include/psa/crypto_values.h | 24 ++++++++--------- 3 files changed, 39 insertions(+), 39 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index aa90010a6..0456e0d35 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -792,12 +792,12 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_OCCUPIED_SLOT - * \p target already contains key material. + * \p target_handle already contains key material. * \retval #PSA_ERROR_EMPTY_SLOT - * \p source does not contain key material. + * \p source_handle does not contain key material. * \retval #PSA_ERROR_INVALID_ARGUMENT * The policy constraints on the source, on the target and - * \p constraints are incompatible. + * \p constraint are incompatible. * \retval #PSA_ERROR_NOT_PERMITTED * The source key is not exportable and its lifetime does not * allow copying it to the target's lifetime. @@ -1152,7 +1152,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1191,7 +1191,7 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1294,7 +1294,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1532,7 +1532,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -1574,7 +1574,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -1680,7 +1680,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1739,7 +1739,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1967,7 +1967,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2025,7 +2025,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * The ciphertext is not authentic. * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2144,7 +2144,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2206,7 +2206,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p key is not compatible with \p alg. + * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2444,7 +2444,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * psa_aead_update() does not buffer any output and therefore \p ciphertext * will not contain any output and can be a 0-sized buffer. * - \p tag contains the authentication tag. Its length is always - * #PSA_AEAD_TAG_LENGTH(\p alg) where \p alg is the AEAD algorithm + * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm * that the operation performs. * * When this function returns, the operation becomes inactive. @@ -2467,7 +2467,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * The operation state is not valid (not set up, nonce not set, * decryption, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * The size of the \p output buffer is too small. + * The size of the \p ciphertext or \p tag buffer is too small. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2574,7 +2574,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \param handle Handle to the key to use for the operation. * It must be an asymmetric key pair. * \param alg A signature algorithm that is compatible with - * the type of \p key. + * the type of \p handle. * \param[in] hash The hash or message to sign. * \param hash_length Size of the \p hash buffer in bytes. * \param[out] signature Buffer where the signature is to be written. @@ -2588,7 +2588,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p key. + * respectively of \p handle. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2621,7 +2621,7 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, * \param handle Handle to the key to use for the operation. * It must be a public key or an asymmetric key pair. * \param alg A signature algorithm that is compatible with - * the type of \p key. + * the type of \p handle. * \param[in] hash The hash or message whose signature is to be * verified. * \param hash_length Size of the \p hash buffer in bytes. @@ -2658,7 +2658,7 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, * It must be a public key or an asymmetric * key pair. * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p key. + * compatible with the type of \p handle. * \param[in] input The message to encrypt. * \param input_length Size of the \p input buffer in bytes. * \param[in] salt A salt or label, if supported by the @@ -2685,7 +2685,7 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p key. + * respectively of \p handle. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2714,7 +2714,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * \param handle Handle to the key to use for the operation. * It must be an asymmetric key pair. * \param alg An asymmetric encryption algorithm that is - * compatible with the type of \p key. + * compatible with the type of \p handle. * \param[in] input The message to decrypt. * \param input_length Size of the \p input buffer in bytes. * \param[in] salt A salt or label, if supported by the @@ -2741,7 +2741,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size - * respectively of \p key. + * respectively of \p handle. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2904,7 +2904,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY - * There were fewer than \p output_length bytes + * There were fewer than \p bits * 8 bytes * in the generator. Note that in this case, no * output is written to the output buffer. * The generator's capacity is set to 0, thus @@ -3112,8 +3112,8 @@ psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, * psa_key_derivation_setup() with a * key agreement and derivation algorithm * \c alg (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true - * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg) + * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true + * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) * is false). * The generator must be ready for an * input of the type given by \p step. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a0eac4dbc..d14edd9a1 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -125,7 +125,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * FIMXE This function is no longer part of the official API. Its prototype * is only kept around for the sake of tests that haven't been updated yet. * - * A key derivation algorithm takes three inputs: a secret input \p key and + * A key derivation algorithm takes three inputs: a secret input \p handle and * two non-secret inputs \p label and p salt. * The result of this function is a byte generator which can * be used to produce keys and other cryptographic material. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 0b40c5fd3..f6ce04ee5 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -691,7 +691,7 @@ * * This value may not be used to build other algorithms that are * parametrized over a hash. For any valid use of this macro to build - * an algorithm `\p alg`, #PSA_ALG_IS_HASH_AND_SIGN(\p alg) is true. + * an algorithm \c alg, #PSA_ALG_IS_HASH_AND_SIGN(\c alg) is true. * * This value may not be used to build an algorithm specification to * perform an operation. It is only valid to build policies. @@ -708,7 +708,7 @@ * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding HMAC algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_HMAC(hash_alg) \ @@ -954,7 +954,7 @@ * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \ @@ -985,7 +985,7 @@ * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PSS signature algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_RSA_PSS(hash_alg) \ @@ -1005,7 +1005,7 @@ * when specifying the algorithm in a usage policy. * * \return The corresponding DSA signature algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_DSA(hash_alg) \ @@ -1023,7 +1023,7 @@ * when specifying the algorithm in a usage policy. * * \return The corresponding DSA signature algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ @@ -1056,7 +1056,7 @@ * when specifying the algorithm in a usage policy. * * \return The corresponding ECDSA signature algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_ECDSA(hash_alg) \ @@ -1091,7 +1091,7 @@ * * \return The corresponding deterministic ECDSA signature * algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ @@ -1163,7 +1163,7 @@ * for MGF1. * * \return The corresponding RSA OAEP signature algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_RSA_OAEP(hash_alg) \ @@ -1193,7 +1193,7 @@ * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding HKDF algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_HKDF(hash_alg) \ @@ -1234,7 +1234,7 @@ * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding TLS-1.2 PRF algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_TLS12_PRF(hash_alg) \ @@ -1274,7 +1274,7 @@ * #PSA_ALG_IS_HASH(\p hash_alg) is true). * * \return The corresponding TLS-1.2 PSK to MS algorithm. - * \return Unspecified if \p alg is not a supported + * \return Unspecified if \p hash_alg is not a supported * hash algorithm. */ #define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \ From fa4486d7ecb89b786c826dd4f370c893b7aec91a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Mar 2019 17:30:31 +0100 Subject: [PATCH 1105/2197] Specify psa_generator_import_key for each key type psa_generator_import_key() was only specified for "symmetric keys", and there were some mistakes in the specification. Rewrite the specification and extend it to other key types. * For most private key types, specify that the function draws a byte string repeatedly until the byte string is suitable. * For DES, despite being a symmetric key type, re-drawing is necessary. * For Montgomery curves, despite being asymmetric, no re-drawing is necessary. * Specify the behavior for every standard key type other than RSA. An implementation doesn't have to support all key types, but if it does, it's better to have a standard. --- include/psa/crypto.h | 79 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 63 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0456e0d35..b68376669 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2878,24 +2878,73 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, uint8_t *output, size_t output_length); -/** Create a symmetric key from data read from a generator. +/** Generate a key deterministically from data read from a generator. * - * This function reads a sequence of bytes from a generator and imports - * these bytes as a key. - * The data that is read is discarded from the generator. The generator's - * capacity is decreased by the number of bytes read. + * This function uses the output of a generator to derive a key. + * How much output it consumes and how the key is derived depends on the + * key type. * - * This function is equivalent to calling #psa_generator_read and - * passing the resulting output to #psa_import_key, but - * if the implementation provides an isolation boundary then - * the key material is not exposed outside the isolation boundary. + * - For key types for which the key is an arbitrary sequence of bytes + * of a given size, + * this function is functionally equivalent to calling #psa_generator_read + * and passing the resulting output to #psa_import_key. + * However, this function has a security benefit: + * if the implementation provides an isolation boundary then + * the key material is not exposed outside the isolation boundary. + * As a consequence, for these key types, this function always consumes + * exactly (\p bits / 8) bytes from the generator. + * The following key types defined in this specification follow this scheme: + * + * - #PSA_KEY_TYPE_AES; + * - #PSA_KEY_TYPE_ARIA; + * - #PSA_KEY_TYPE_ARC4; + * - #PSA_KEY_TYPE_CAMELLIA; + * - #PSA_KEY_TYPE_CHACHAPOLY; + * - #PSA_KEY_TYPE_DERIVE; + * - #PSA_KEY_TYPE_HMAC. + * + * - For ECC keys on a Montgomery elliptic curve + * (#PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a + * Montgomery curve), this function always draws a byte string whose + * length is determined by the curve, and sets the mandatory bits + * accordingly. That is: + * + * - #PSA_ECC_CURVE_CURVE25519: draw a 32-byte string + * and process it as specified in RFC 7748 §5. + * - #PSA_ECC_CURVE_CURVE448: draw a 56-byte string + * and process it as specified in RFC 7748 §5. + * + * - For key types for which the key is represented by a single sequence of + * \p bits bits with constraints as to which bit sequences are acceptable, + * this function draws a byte string of length (\p bits / 8) bytes rounded + * up to the nearest whole number of bytes. If the resulting byte string + * is acceptable, it becomes the key, otherwise the drawn bytes are discarded. + * This process is repeated until an acceptable byte string is drawn. + * The byte string drawn from the generator is interpreted as specified + * for the output produced by psa_export_key(). + * The following key types defined in this specification follow this scheme: + * + * - #PSA_KEY_TYPE_DES; + * - #PSA_KEY_TYPE_DH_KEYPAIR; + * - #PSA_KEY_TYPE_DSA_KEYPAIR; + * - ECC keys on a Weierstrass elliptic curve, i.e. + * #PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a + * Weierstrass curve. + * + * - For other key types, including #PSA_KEY_TYPE_RSA_KEYPAIR, + * the way in which the generator output is consumed is + * implementation-defined. + * + * In all cases, the data that is read is discarded from the generator. + * The generator's capacity is decreased by the number of bytes read. * * \param handle Handle to the slot where the key will be stored. * It must have been obtained by calling * psa_allocate_key() or psa_create_key() and must * not contain key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * This must be a symmetric key type. + * This must be a secret key type or a key pair type + * . * \param bits Key size in bits. * \param[in,out] generator The generator object to read from. * @@ -2904,12 +2953,10 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY - * There were fewer than \p bits * 8 bytes - * in the generator. Note that in this case, no - * output is written to the output buffer. - * The generator's capacity is set to 0, thus - * subsequent calls to this function will not - * succeed, even with a smaller output buffer. + * There was not enough data to create the desired key. + * Note that in this case, no output is written to the output buffer. + * The generator's capacity is set to 0, thus subsequent calls to + * this function will not succeed, even with a smaller output buffer. * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the * implementation in general or in this particular slot. From 30fae8ee7dc247116da968aa07d8164eaa6f07af Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 Dec 2018 17:44:21 +0000 Subject: [PATCH 1106/2197] programs/Makefile: List all programs one by one This makes it easier to add or remove programs as well as see which programs were added or removed in diffs. --- programs/Makefile | 81 ++++++++++++++++++++++++++++++----------------- 1 file changed, 52 insertions(+), 29 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 58358e5d9..07599149c 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -47,35 +47,58 @@ ifdef ZLIB LOCAL_LDFLAGS += -lz endif -APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ - hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \ - pkey/dh_genprime$(EXEXT) \ - pkey/ecdh_curve25519$(EXEXT) \ - pkey/ecdsa$(EXEXT) pkey/gen_key$(EXEXT) \ - pkey/key_app$(EXEXT) pkey/key_app_writer$(EXEXT) \ - pkey/mpi_demo$(EXEXT) pkey/pk_decrypt$(EXEXT) \ - pkey/pk_encrypt$(EXEXT) pkey/pk_sign$(EXEXT) \ - pkey/pk_verify$(EXEXT) pkey/rsa_genkey$(EXEXT) \ - pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \ - pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \ - pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \ - psa/crypto_examples$(EXEXT) \ - psa/key_ladder_demo$(EXEXT) psa/psa_constant_names$(EXEXT) \ - ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \ - ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \ - ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \ - ssl/ssl_fork_server$(EXEXT) ssl/mini_client$(EXEXT) \ - ssl/ssl_mail_client$(EXEXT) random/gen_entropy$(EXEXT) \ - random/gen_random_havege$(EXEXT) \ - random/gen_random_ctr_drbg$(EXEXT) \ - test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \ - test/selftest$(EXEXT) test/udp_proxy$(EXEXT) \ - test/zeroize$(EXEXT) \ - test/query_compile_time_config$(EXEXT) \ - util/pem2der$(EXEXT) util/strerror$(EXEXT) \ - x509/cert_app$(EXEXT) x509/crl_app$(EXEXT) \ - x509/cert_req$(EXEXT) x509/cert_write$(EXEXT) \ - x509/req_app$(EXEXT) +APPS = \ + aes/aescrypt2$(EXEXT) \ + aes/crypt_and_hash$(EXEXT) \ + hash/hello$(EXEXT) \ + hash/generic_sum$(EXEXT) \ + pkey/dh_genprime$(EXEXT) \ + pkey/ecdh_curve25519$(EXEXT) \ + pkey/ecdsa$(EXEXT) \ + pkey/gen_key$(EXEXT) \ + pkey/key_app$(EXEXT) \ + pkey/key_app_writer$(EXEXT) \ + pkey/mpi_demo$(EXEXT) \ + pkey/pk_decrypt$(EXEXT) \ + pkey/pk_encrypt$(EXEXT) \ + pkey/pk_sign$(EXEXT) \ + pkey/pk_verify$(EXEXT) \ + pkey/rsa_genkey$(EXEXT) \ + pkey/rsa_decrypt$(EXEXT) \ + pkey/rsa_encrypt$(EXEXT) \ + pkey/rsa_sign$(EXEXT) \ + pkey/rsa_verify$(EXEXT) \ + pkey/rsa_sign_pss$(EXEXT) \ + pkey/rsa_verify_pss$(EXEXT) \ + psa/crypto_examples$(EXEXT) \ + psa/key_ladder_demo$(EXEXT) \ + psa/psa_constant_names$(EXEXT) \ + ssl/dtls_client$(EXEXT) \ + ssl/dtls_server$(EXEXT) \ + ssl/ssl_client1$(EXEXT) \ + ssl/ssl_client2$(EXEXT) \ + ssl/ssl_server$(EXEXT) \ + ssl/ssl_server2$(EXEXT) \ + ssl/ssl_fork_server$(EXEXT) \ + ssl/mini_client$(EXEXT) \ + ssl/ssl_mail_client$(EXEXT) \ + random/gen_entropy$(EXEXT) \ + random/gen_random_havege$(EXEXT) \ + random/gen_random_ctr_drbg$(EXEXT) \ + test/ssl_cert_test$(EXEXT) \ + test/benchmark$(EXEXT) \ + test/selftest$(EXEXT) \ + test/udp_proxy$(EXEXT) \ + test/zeroize$(EXEXT) \ + test/query_compile_time_config$(EXEXT) \ + util/pem2der$(EXEXT) \ + util/strerror$(EXEXT) \ + x509/cert_app$(EXEXT) \ + x509/crl_app$(EXEXT) \ + x509/cert_req$(EXEXT) \ + x509/cert_write$(EXEXT) \ + x509/req_app$(EXEXT) \ +# End of APPS ifdef PTHREAD APPS += ssl/ssl_pthread_server$(EXEXT) From bce557dbb956f399d720a93bdb65e3cca6e7fde6 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 22 Feb 2019 16:34:57 +0000 Subject: [PATCH 1107/2197] configs: Update example PSA config Our default configuration file, include/mbedtls/config.h, should always match configs/config-psa-crypto.h. It had gotten out of sync, so put it back into sync. --- configs/config-psa-crypto.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index fa1d3cf07..097361ade 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1156,6 +1156,21 @@ */ //#define MBEDTLS_PSA_HAS_ITS_IO +/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER + * + * In PSA key storage, encode the owner of the key. + * + * This is only meaningful when building the library as part of a + * multi-client service. When you activate this option, you must provide + * an implementation of the type psa_key_owner_id_t and a translation + * from psa_key_file_id_t to file name in all the storage backends that + * you wish to support. + * + * Note that this option is meant for internal use only and may be removed + * without notice. + */ +//#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER + /** * \def MBEDTLS_MEMORY_DEBUG * From 95666b78acb3fb04cbc8bb385411e345f64c55ea Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 22 Feb 2019 16:57:56 +0000 Subject: [PATCH 1108/2197] pkey/rsa_genkey: Remove commented out code There is some commented out X.509 certificate writing code present in rsa_genkey. It looks like it has been commented out since the beginning of time. Let's remove it, since commented out code is not in good style. --- programs/pkey/rsa_genkey.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 81867ee9e..b46c89824 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -160,19 +160,6 @@ int main( void ) mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); goto exit; } -/* - mbedtls_printf( " ok\n . Generating the certificate..." ); - - x509write_init_raw( &cert ); - x509write_add_pubkey( &cert, &rsa ); - x509write_add_subject( &cert, "CN='localhost'" ); - x509write_add_validity( &cert, "2007-09-06 17:00:32", - "2010-09-06 17:00:32" ); - x509write_create_selfsign( &cert, &rsa ); - x509write_crtfile( &cert, "cert.der", X509_OUTPUT_DER ); - x509write_crtfile( &cert, "cert.pem", X509_OUTPUT_PEM ); - x509write_free_raw( &cert ); -*/ mbedtls_printf( " ok\n\n" ); exit_code = MBEDTLS_EXIT_SUCCESS; From 47a3635fc7107c7d838816475c6c816d9b47f047 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 10:49:14 +0000 Subject: [PATCH 1109/2197] selftest: Remove X.509 selftest --- programs/test/selftest.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 9d3ea7ec0..fac7e9204 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -51,7 +51,6 @@ #include "mbedtls/base64.h" #include "mbedtls/bignum.h" #include "mbedtls/rsa.h" -#include "mbedtls/x509.h" #include "mbedtls/xtea.h" #include "mbedtls/pkcs5.h" #include "mbedtls/ecp.h" @@ -245,9 +244,6 @@ const selftest_t selftests[] = #if defined(MBEDTLS_RSA_C) {"rsa", mbedtls_rsa_self_test}, #endif -#if defined(MBEDTLS_X509_USE_C) - {"x509", mbedtls_x509_self_test}, -#endif #if defined(MBEDTLS_XTEA_C) {"xtea", mbedtls_xtea_self_test}, #endif From bf564c77fa97e67ac577d28258918ba29cde6af3 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Oct 2018 16:55:14 +0100 Subject: [PATCH 1110/2197] pkey: Remove dependency on X.509 --- programs/pkey/key_app.c | 2 +- programs/pkey/rsa_genkey.c | 1 - programs/pkey/rsa_sign_pss.c | 2 +- programs/pkey/rsa_verify_pss.c | 1 - 4 files changed, 2 insertions(+), 4 deletions(-) diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 0bd61e481..b4860fe04 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -40,7 +40,7 @@ defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/error.h" #include "mbedtls/rsa.h" -#include "mbedtls/x509.h" +#include "mbedtls/pk.h" #include #endif diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index b46c89824..c66f4e7bd 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -42,7 +42,6 @@ #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/bignum.h" -#include "mbedtls/x509.h" #include "mbedtls/rsa.h" #include diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 51317457b..cb69fa6ed 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -55,7 +55,7 @@ int main( void ) #include "mbedtls/ctr_drbg.h" #include "mbedtls/md.h" #include "mbedtls/rsa.h" -#include "mbedtls/x509.h" +#include "mbedtls/pk.h" #include #include diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 34122ca4f..d745274bf 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -55,7 +55,6 @@ int main( void ) #include "mbedtls/pem.h" #include "mbedtls/pk.h" #include "mbedtls/md.h" -#include "mbedtls/x509.h" #include #include From ebbc5f7940e5271d3cdd31818119d558ba040155 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 22 Feb 2019 16:52:44 +0000 Subject: [PATCH 1111/2197] md: Remove dependency on X.509 --- library/md.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/md.c b/library/md.c index 303cdcbee..ac8fac5bb 100644 --- a/library/md.c +++ b/library/md.c @@ -50,7 +50,7 @@ #endif /* - * Reminder: update profiles in x509_crt.c when adding a new hash! + * Reminder: update profiles in Mbed TLS's x509_crt.c when adding a new hash! */ static const int supported_digests[] = { From de0a41b716ae4d9e938236771d49a880480eb66e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 18:40:14 +0000 Subject: [PATCH 1112/2197] ecp: Remove dependency on TLS and X.509 --- configs/config-psa-crypto.h | 10 +++++----- include/mbedtls/config.h | 10 +++++----- include/mbedtls/ecp.h | 24 ++++++++++++------------ library/ecp.c | 2 +- 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 097361ade..a8e06348b 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -726,11 +726,11 @@ * Enable "non-blocking" ECC operations that can return early and be resumed. * * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in Mbed TLS's SSL module, + * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in order + * to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum number + * of ECC operations a function may perform before pausing; see * mbedtls_ecp_set_max_ops() for more information. * * This is useful in non-threaded environments if you want to avoid blocking diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f17381efa..7f96e50cf 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -746,11 +746,11 @@ * Enable "non-blocking" ECC operations that can return early and be resumed. * * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in Mbed TLS's SSL module, + * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in order + * to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum number + * of ECC operations a function may perform before pausing; see * mbedtls_ecp_set_max_ops() for more information. * * This is useful in non-threaded environments if you want to avoid blocking diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 24017780d..1bc85909b 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -365,19 +365,19 @@ mbedtls_ecp_keypair; * same; they must not be used until the function finally * returns 0. * - * This only applies to functions whose documentation - * mentions they may return #MBEDTLS_ERR_ECP_IN_PROGRESS (or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS for functions in the - * SSL module). For functions that accept a "restart context" - * argument, passing NULL disables restart and makes the - * function equivalent to the function with the same name + * This only applies to functions whose documentation mentions + * they may return #MBEDTLS_ERR_ECP_IN_PROGRESS (or + * `MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS` for functions in the + * Mbed TLS SSL module). For functions that accept a "restart + * context" argument, passing NULL disables restart and makes + * the function equivalent to the function with the same name * with \c _restartable removed. For functions in the ECDH - * module, restart is disabled unless the function accepts - * an "ECDH context" argument and - * mbedtls_ecdh_enable_restart() was previously called on - * that context. For function in the SSL module, restart is - * only enabled for specific sides and key exchanges - * (currently only for clients and ECDHE-ECDSA). + * module, restart is disabled unless the function accepts an + * "ECDH context" argument and mbedtls_ecdh_enable_restart() + * was previously called on that context. For function in the + * Mbed TLS SSL module, restart is only enabled for specific + * sides and key exchanges (currently only for clients and + * ECDHE-ECDSA). * * \param max_ops Maximum number of basic operations done in a row. * Default: 0 (unlimited). diff --git a/library/ecp.c b/library/ecp.c index ecea5910e..77bb2c022 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -383,7 +383,7 @@ typedef enum * Curves are listed in order: largest curves first, and for a given size, * fastest curves first. This provides the default order for the SSL module. * - * Reminder: update profiles in x509_crt.c when adding a new curves! + * Reminder: update profiles in Mbed TLS's x509_crt.c when adding new curves! */ static const mbedtls_ecp_curve_info ecp_supported_curves[] = { From ed16ca7b63a13358d62f1ad6882ec60fd92158e3 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Feb 2019 10:39:48 +0000 Subject: [PATCH 1113/2197] dhm: Remove dependency on TLS --- include/mbedtls/dhm.h | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 2909f5fbc..98cd4e21a 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -350,11 +350,10 @@ int mbedtls_dhm_self_test( int verbose ); #endif /** - * RFC 3526, RFC 5114 and RFC 7919 standardize a number of - * Diffie-Hellman groups, some of which are included here - * for use within the SSL/TLS module and the user's convenience - * when configuring the Diffie-Hellman parameters by hand - * through \c mbedtls_ssl_conf_dh_param. + * RFC 3526, RFC 5114 and RFC 7919 standardize a number of Diffie-Hellman + * groups, some of which are included here for use by Mbed TLS's SSL/TLS module + * and the user's convenience when configuring the Diffie-Hellman parameters by + * hand through Mbed TLS's \c mbedtls_ssl_conf_dh_param. * * The following lists the source of the above groups in the standards: * - RFC 5114 section 2.2: 2048-bit MODP Group with 224-bit Prime Order Subgroup From 9b90f2e294970ade3e4aa94879a19470f2c052e0 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 18:34:17 +0000 Subject: [PATCH 1114/2197] all.sh: Remove dependency on TLS, NET, and X.509 --- tests/scripts/all.sh | 300 +++---------------------------------------- 1 file changed, 16 insertions(+), 284 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0f3d3ec3c..2806426c1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -38,10 +38,6 @@ # * G++ # * arm-gcc and mingw-gcc # * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc -# * OpenSSL and GnuTLS command line tools, recent enough for the -# interoperability tests. If they don't support SSLv3 then a legacy -# version of these tools must be present as well (search for LEGACY -# below). # See the invocation of check_tools below for details. # # This script must be invoked from the toplevel directory of a git @@ -116,18 +112,10 @@ pre_initialize_variables () { CONFIG_H='include/mbedtls/config.h' CONFIG_BAK="$CONFIG_H.bak" - MEMORY=0 FORCE=0 KEEP_GOING=0 # Default commands, can be overridden by the environment - : ${OPENSSL:="openssl"} - : ${OPENSSL_LEGACY:="$OPENSSL"} - : ${OPENSSL_NEXT:="$OPENSSL"} - : ${GNUTLS_CLI:="gnutls-cli"} - : ${GNUTLS_SERV:="gnutls-serv"} - : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} - : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} @@ -207,13 +195,6 @@ General options: Tool path options: --armc5-bin-dir= ARM Compiler 5 bin directory. --armc6-bin-dir= ARM Compiler 6 bin directory. - --gnutls-cli= GnuTLS client executable to use for most tests. - --gnutls-serv= GnuTLS server executable to use for most tests. - --gnutls-legacy-cli= GnuTLS client executable to use for legacy tests. - --gnutls-legacy-serv= GnuTLS server executable to use for legacy tests. - --openssl= OpenSSL executable to use for most tests. - --openssl-legacy= OpenSSL executable to use for legacy tests e.g. SSLv3. - --openssl-next= OpenSSL executable to use for recent things like ARIA EOF } @@ -310,6 +291,9 @@ pre_parse_command_line () { all_except=0 no_armcc= + # Note that legacy options are ignored instead of being omitted from this + # list of options, so invocations that worked with previous version of + # all.sh will still run and work properly. while [ $# -gt 0 ]; do case "$1" in --armcc) no_armcc=;; @@ -317,26 +301,26 @@ pre_parse_command_line () { --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; --except) all_except=1;; --force|-f) FORCE=1;; - --gnutls-cli) shift; GNUTLS_CLI="$1";; - --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; - --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; - --gnutls-serv) shift; GNUTLS_SERV="$1";; + --gnutls-cli) shift;; + --gnutls-legacy-cli) shift;; + --gnutls-legacy-serv) shift;; + --gnutls-serv) shift;; --help|-h) usage; exit;; --keep-going|-k) KEEP_GOING=1;; --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; - --memory|-m) MEMORY=1;; + --memory|-m) ;; --no-armcc) no_armcc=1;; --no-force) FORCE=0;; --no-keep-going) KEEP_GOING=0;; - --no-memory) MEMORY=0;; - --openssl) shift; OPENSSL="$1";; - --openssl-legacy) shift; OPENSSL_LEGACY="$1";; - --openssl-next) shift; OPENSSL_NEXT="$1";; + --no-memory) ;; + --openssl) shift;; + --openssl-legacy) shift;; + --openssl-next) shift;; --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; - --random-seed) unset SEED;; - --release-test|-r) SEED=1;; - --seed|-s) shift; SEED="$1";; + --random-seed) ;; + --release-test|-r) ;; + --seed|-s) shift;; -*) echo >&2 "Unknown option: $1" echo >&2 "Run $0 --help for usage." @@ -469,16 +453,7 @@ not() { pre_print_configuration () { msg "info: $0 configuration" - echo "MEMORY: $MEMORY" echo "FORCE: $FORCE" - echo "SEED: ${SEED-"UNSET"}" - echo "OPENSSL: $OPENSSL" - echo "OPENSSL_LEGACY: $OPENSSL_LEGACY" - echo "OPENSSL_NEXT: $OPENSSL_NEXT" - echo "GNUTLS_CLI: $GNUTLS_CLI" - echo "GNUTLS_SERV: $GNUTLS_SERV" - echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" - echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" } @@ -488,30 +463,6 @@ pre_check_tools () { # Build the list of variables to pass to output_env.sh. set env - case " $RUN_COMPONENTS " in - # Require OpenSSL and GnuTLS if running any tests (as opposed to - # only doing builds). Not all tests run OpenSSL and GnuTLS, but this - # is a good enough approximation in practice. - *" test_"*) - # To avoid setting OpenSSL and GnuTLS for each call to compat.sh - # and ssl-opt.sh, we just export the variables they require. - export OPENSSL_CMD="$OPENSSL" - export GNUTLS_CLI="$GNUTLS_CLI" - export GNUTLS_SERV="$GNUTLS_SERV" - # Avoid passing --seed flag in every call to ssl-opt.sh - if [ -n "${SEED-}" ]; then - export SEED - fi - set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" - set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" - set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" - set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" - check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ - "$GNUTLS_CLI" "$GNUTLS_SERV" \ - "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" - ;; - esac - case " $RUN_COMPONENTS " in *_doxygen[_\ ]*) check_tools "doxygen" "dot";; esac @@ -605,12 +556,6 @@ component_test_default_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s make test - - msg "test: ssl-opt.sh (ASan build)" # ~ 1 min - if_build_succeeded tests/ssl-opt.sh - - msg "test: compat.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/compat.sh } component_test_ref_configs () { @@ -619,36 +564,6 @@ component_test_ref_configs () { record_status tests/scripts/test-ref-configs.pl } -component_test_sslv3 () { - msg "build: Default + SSLv3 (ASan build)" # ~ 6 min - scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s - make test - - msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' - - msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/ssl-opt.sh -} - -component_test_no_renegotiation () { - msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min - scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s - make test - - msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min - if_build_succeeded tests/ssl-opt.sh -} - component_test_rsa_no_crt () { msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min scripts/config.pl set MBEDTLS_RSA_NO_CRT @@ -657,54 +572,6 @@ component_test_rsa_no_crt () { msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s make test - - msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s - if_build_succeeded tests/ssl-opt.sh -f RSA - - msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min - if_build_succeeded tests/compat.sh -t RSA -} - -component_test_small_ssl_out_content_len () { - msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" - scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 - scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet" -} - -component_test_small_ssl_in_content_len () { - msg "build: small SSL_IN_CONTENT_LEN (ASan build)" - scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096 - scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment" -} - -component_test_small_ssl_dtls_max_buffering () { - msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" - scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test" - if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" -} - -component_test_small_mbedtls_ssl_dtls_max_buffering () { - msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" - scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test" - if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" } component_test_full_cmake_clang () { @@ -719,15 +586,6 @@ component_test_full_cmake_clang () { msg "test: psa_constant_names (full config)" # ~ 1s record_status tests/scripts/test_psa_constant_names.py - - msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s - if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' - - msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' - - msg "test: compat.sh ARIA + ChachaPoly" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_build_deprecated () { @@ -764,11 +622,6 @@ component_test_depends_pkalgs () { record_status tests/scripts/depends-pkalgs.pl } -component_build_key_exchanges () { - msg "test/build: key-exchanges (gcc)" # ~ 1 min - record_status tests/scripts/key-exchanges.pl -} - component_build_default_make_gcc_and_cxx () { msg "build: Unix make, -Os (gcc)" # ~ 30s make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' @@ -793,21 +646,6 @@ component_test_use_psa_crypto_full_cmake_asan() { msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)" make test - - msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded tests/ssl-opt.sh - - msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded tests/compat.sh - - msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' - - msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' - - msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)" - if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_test_check_params_without_platform () { @@ -868,69 +706,6 @@ component_build_no_std_function () { make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' } -component_build_no_ssl_srv () { - msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_SSL_SRV_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' -} - -component_build_no_ssl_cli () { - msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_SSL_CLI_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' -} - -component_build_no_sockets () { - # Note, C99 compliance can also be tested with the sockets support disabled, - # as that requires a POSIX platform (which isn't the same as C99). - msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. - scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib -} - -component_test_no_max_fragment_length () { - # Run max fragment length tests with MFL disabled - msg "build: default config except MFL extension (ASan build)" # ~ 30s - scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: ssl-opt.sh, MFL-related tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment length" -} - -component_test_asan_remove_peer_certificate () { - msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)" - scripts/config.pl unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" - make test - - msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" - if_build_succeeded tests/ssl-opt.sh - - msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" - if_build_succeeded tests/compat.sh -} - -component_test_no_max_fragment_length_small_ssl_out_content_len () { - msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)" - scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 - scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: MFL tests (disabled MFL extension case) & large packet tests" - if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer" -} - component_test_null_entropy () { msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" scripts/config.pl set MBEDTLS_TEST_NULL_ENTROPY @@ -1192,15 +967,6 @@ component_build_armcc () { armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" } -component_test_allow_sha1 () { - msg "build: allow SHA1 in certificates by default" - scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - make CFLAGS='-Werror -Wall -Wextra' - msg "test: allow SHA1 in certificates by default" - make test - if_build_succeeded tests/ssl-opt.sh -f SHA-1 -} - component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs @@ -1223,16 +989,6 @@ component_test_memsan () { msg "test: main suites (MSan)" # ~ 10s make test - - msg "test: ssl-opt.sh (MSan)" # ~ 1 min - if_build_succeeded tests/ssl-opt.sh - - # Optional part(s) - - if [ "$MEMORY" -gt 0 ]; then - msg "test: compat.sh (MSan)" # ~ 6 min 20s - if_build_succeeded tests/compat.sh - fi } component_test_valgrind () { @@ -1242,20 +998,6 @@ component_test_valgrind () { msg "test: main suites valgrind (Release)" make memcheck - - # Optional part(s) - # Currently broken, programs don't seem to receive signals - # under valgrind on OS X - - if [ "$MEMORY" -gt 0 ]; then - msg "test: ssl-opt.sh --memcheck (Release)" - if_build_succeeded tests/ssl-opt.sh --memcheck - fi - - if [ "$MEMORY" -gt 1 ]; then - msg "test: compat.sh --memcheck (Release)" - if_build_succeeded tests/compat.sh --memcheck - fi } component_test_cmake_out_of_source () { @@ -1268,17 +1010,7 @@ component_test_cmake_out_of_source () { msg "test: cmake 'out-of-source' build" make test - # Test an SSL option that requires an auxiliary script in test/scripts/. - # Also ensure that there are no error messages such as - # "No such file or directory", which would indicate that some required - # file is missing (ssl-opt.sh tolerates the absence of some files so - # may exit with status 0 but emit errors). - if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err - if [ -s ssl-opt.err ]; then - cat ssl-opt.err >&2 - record_status [ ! -s ssl-opt.err ] - rm ssl-opt.err - fi + cd "$MBEDTLS_ROOT_DIR" rm -rf "$OUT_OF_SOURCE_DIR" unset MBEDTLS_ROOT_DIR From d8087713aea2bf3d61bb2470a8d74409e74907fb Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 5 Nov 2018 14:24:29 +0000 Subject: [PATCH 1115/2197] asn1: Remove dependency on X.509 Doxygen will fail to build if we have references to files that don't exist. Since we are planning on removing X.509 soon, we even need to remove explicit Doxygen references to X.509 things as those will no longer resolve once the X.509 files are deleted. fixup! asn1: Remove dependency on X.509 --- include/mbedtls/asn1.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 96c1c9a8a..f80acd7e1 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -66,7 +66,7 @@ * - 0x02 -- tag indicating INTEGER * - 0x01 -- length in octets * - 0x05 -- value - * Such sequences are typically read into \c ::mbedtls_x509_buf. + * Such sequences are typically read into Mbed TLS's \c mbedtls_x509_buf. * \{ */ #define MBEDTLS_ASN1_BOOLEAN 0x01 From 03c60de0e034df9d54798bd3d34071184ac2b66a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 28 Feb 2019 11:37:23 +0000 Subject: [PATCH 1116/2197] query_config: Move to programs/test As the SSL programs, like ssl_client2 and ssl_server2, are dependent on SSL and therefore about to be removed, the only consumer of query_config is the query_compile_time_config test. As such, it makes sense to move query_config to be next to what uses it. --- programs/Makefile | 12 ++++++------ programs/ssl/CMakeLists.txt | 4 ++-- programs/test/CMakeLists.txt | 2 +- programs/{ssl => test}/query_config.c | 0 scripts/bump_version.sh | 2 +- scripts/generate_query_config.pl | 2 +- scripts/generate_visualc_files.pl | 2 +- tests/scripts/check-generated-files.sh | 2 +- visualc/VS2010/query_compile_time_config.vcxproj | 2 +- visualc/VS2010/ssl_client2.vcxproj | 2 +- visualc/VS2010/ssl_server2.vcxproj | 2 +- 11 files changed, 16 insertions(+), 16 deletions(-) rename programs/{ssl => test}/query_config.c (100%) diff --git a/programs/Makefile b/programs/Makefile index 07599149c..939f4d56c 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -249,17 +249,17 @@ ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c $(DEP) echo " CC ssl/ssl_client1.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c ssl/query_config.c $(DEP) +ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c test/query_config.c $(DEP) echo " CC ssl/ssl_client2.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c ssl/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP) echo " CC ssl/ssl_server.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c ssl/query_config.c $(DEP) +ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c test/query_config.c $(DEP) echo " CC ssl/ssl_server2.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c ssl/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP) echo " CC ssl/ssl_fork_server.c" @@ -301,9 +301,9 @@ test/zeroize$(EXEXT): test/zeroize.c $(DEP) echo " CC test/zeroize.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c ssl/query_config.c $(DEP) +test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.c $(DEP) echo " CC test/query_compile_time_config.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c ssl/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ util/pem2der$(EXEXT): util/pem2der.c $(DEP) echo " CC util/pem2der.c" diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt index 803920cde..f28a47d87 100644 --- a/programs/ssl/CMakeLists.txt +++ b/programs/ssl/CMakeLists.txt @@ -34,14 +34,14 @@ add_executable(ssl_client1 ssl_client1.c) target_link_libraries(ssl_client1 ${libs}) add_executable(ssl_client2 ssl_client2.c) -target_sources(ssl_client2 PUBLIC query_config.c) +target_sources(ssl_client2 PUBLIC ../test/query_config.c) target_link_libraries(ssl_client2 ${libs}) add_executable(ssl_server ssl_server.c) target_link_libraries(ssl_server ${libs}) add_executable(ssl_server2 ssl_server2.c) -target_sources(ssl_server2 PUBLIC query_config.c) +target_sources(ssl_server2 PUBLIC ../test/query_config.c) target_link_libraries(ssl_server2 ${libs}) add_executable(ssl_fork_server ssl_fork_server.c) diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 65ff24948..0c928251d 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -31,7 +31,7 @@ add_executable(zeroize zeroize.c) target_link_libraries(zeroize ${libs}) add_executable(query_compile_time_config query_compile_time_config.c) -target_sources(query_compile_time_config PUBLIC ../ssl/query_config.c) +target_sources(query_compile_time_config PUBLIC query_config.c) target_link_libraries(query_compile_time_config ${libs}) install(TARGETS selftest benchmark ssl_cert_test udp_proxy query_compile_time_config diff --git a/programs/ssl/query_config.c b/programs/test/query_config.c similarity index 100% rename from programs/ssl/query_config.c rename to programs/test/query_config.c diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index c39a86a5e..cf875c88d 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -132,7 +132,7 @@ done [ $VERBOSE ] && echo "Re-generating library/error.c" scripts/generate_errors.pl -[ $VERBOSE ] && echo "Re-generating programs/ssl/query_config.c" +[ $VERBOSE ] && echo "Re-generating programs/test/query_config.c" scripts/generate_query_config.pl [ $VERBOSE ] && echo "Re-generating library/version_features.c" diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index f15e03a35..d94fdad62 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -21,7 +21,7 @@ use strict; my $config_file = "./include/mbedtls/config.h"; my $query_config_format_file = "./scripts/data_files/query_config.fmt"; -my $query_config_file = "./programs/ssl/query_config.c"; +my $query_config_file = "./programs/test/query_config.c"; # Excluded macros from the generated query_config.c. For example, macros that # have commas or function-like macros cannot be transformed into strings easily diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 68a1bd40b..42f302428 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -98,7 +98,7 @@ sub gen_app { my $srcs = "\n \r"; if( $appname eq "ssl_client2" or $appname eq "ssl_server2" or $appname eq "query_compile_time_config" ) { - $srcs .= "\n \r"; + $srcs .= "\n \r"; } my $content = $template; diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 065ea33a2..f41e465c3 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -65,6 +65,6 @@ check() } check scripts/generate_errors.pl library/error.c -check scripts/generate_query_config.pl programs/ssl/query_config.c +check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c check scripts/generate_visualc_files.pl visualc/VS2010 diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj index 83a29f067..dcb6f32c7 100644 --- a/visualc/VS2010/query_compile_time_config.vcxproj +++ b/visualc/VS2010/query_compile_time_config.vcxproj @@ -20,7 +20,7 @@ - + diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj index a960facf0..9b6db7f89 100644 --- a/visualc/VS2010/ssl_client2.vcxproj +++ b/visualc/VS2010/ssl_client2.vcxproj @@ -20,7 +20,7 @@ - + diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj index 06a91cb49..9bfe6ce56 100644 --- a/visualc/VS2010/ssl_server2.vcxproj +++ b/visualc/VS2010/ssl_server2.vcxproj @@ -20,7 +20,7 @@ - + From 4c1fdb51292bbe0450dee6f7e3e794fd498635ec Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 13:52:21 +0000 Subject: [PATCH 1117/2197] cpp_dummy_build: Remove X.509 dependency --- programs/test/cpp_dummy_build.cpp | 4 ---- 1 file changed, 4 deletions(-) diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index c65288404..f5179cf43 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -96,10 +96,6 @@ #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" #include "mbedtls/xtea.h" #if defined(MBEDTLS_PLATFORM_C) From e23737c618e93c99143bbe8343f3df4c4888ddc8 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 27 Feb 2019 17:11:22 +0000 Subject: [PATCH 1118/2197] recursion.pl: Don't depend on X.509 --- tests/scripts/recursion.pl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/scripts/recursion.pl b/tests/scripts/recursion.pl index 431e59211..0c405813c 100755 --- a/tests/scripts/recursion.pl +++ b/tests/scripts/recursion.pl @@ -16,8 +16,7 @@ use open qw(:std utf8); # exclude functions that are ok: # - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant -# - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA -my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/; +my $known_ok = qr/mpi_write_hlp/; my $cur_name; my $inside; From fa30c3382d193a47fc28462b29c257070ba60afd Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 21 Dec 2018 18:42:18 +0000 Subject: [PATCH 1119/2197] programs: psa: Remove dependency on platform.h platform.h should only be used internally by the library implementation itself, not the examples. Remove the dependency on platform.h from all PSA programs. --- programs/psa/crypto_examples.c | 40 +++++------- programs/psa/key_ladder_demo.c | 110 +++++++++++++++------------------ 2 files changed, 66 insertions(+), 84 deletions(-) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 090875613..2f7c4453d 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -1,23 +1,15 @@ #include "psa/crypto.h" #include - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else #include #include -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#define mbedtls_printf printf -#define mbedtls_exit exit -#endif #define ASSERT( predicate ) \ do \ { \ if( ! ( predicate ) ) \ { \ - mbedtls_printf( "\tassertion failed at %s:%d - '%s'\r\n", \ - __FILE__, __LINE__, #predicate); \ + printf( "\tassertion failed at %s:%d - '%s'\r\n", \ + __FILE__, __LINE__, #predicate); \ goto exit; \ } \ } while ( 0 ) @@ -27,8 +19,8 @@ { \ if( ( actual ) != ( expected ) ) \ { \ - mbedtls_printf( "\tassertion failed at %s:%d - " \ - "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ + printf( "\tassertion failed at %s:%d - " \ + "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ (psa_status_t) actual, (psa_status_t) expected ); \ goto exit; \ } \ @@ -39,10 +31,10 @@ !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) int main( void ) { - mbedtls_printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " - "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " - "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " - "not defined.\r\n" ); + printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " + "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " + "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " + "not defined.\r\n" ); return( 0 ); } #else @@ -311,20 +303,20 @@ static void cipher_examples( void ) { psa_status_t status; - mbedtls_printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" ); + printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" ); status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( ); if( status == PSA_SUCCESS ) - mbedtls_printf( "\tsuccess!\r\n" ); + printf( "\tsuccess!\r\n" ); - mbedtls_printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" ); + printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" ); status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( ); if( status == PSA_SUCCESS ) - mbedtls_printf( "\tsuccess!\r\n" ); + printf( "\tsuccess!\r\n" ); - mbedtls_printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" ); + printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" ); status = cipher_example_encrypt_decrypt_aes_ctr_multi( ); if( status == PSA_SUCCESS ) - mbedtls_printf( "\tsuccess!\r\n" ); + printf( "\tsuccess!\r\n" ); } #if defined(MBEDTLS_CHECK_PARAMS) @@ -333,9 +325,9 @@ void mbedtls_param_failed( const char *failure_condition, const char *file, int line ) { - mbedtls_printf( "%s:%i: Input param failed - %s\n", + printf( "%s:%i: Input param failed - %s\n", file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + exit( EXIT_FAILURE ); } #endif diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index c9d76763e..23c234753 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -57,17 +57,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else #include -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_printf printf -#define mbedtls_exit exit -#endif #include #include @@ -79,9 +69,9 @@ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) int main( void ) { - mbedtls_printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " - "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n"); + printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n"); return( 0 ); } #else @@ -112,10 +102,10 @@ int main( void ) status = ( expr ); \ if( status != PSA_SUCCESS ) \ { \ - mbedtls_printf( "Error %d at line %u: %s\n", \ - (int) status, \ - __LINE__, \ - #expr ); \ + printf( "Error %d at line %u: %s\n", \ + (int) status, \ + __LINE__, \ + #expr ); \ goto exit; \ } \ } \ @@ -254,8 +244,8 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, key_file ) ) != 0 ); if( fread( &extra_byte, 1, 1, key_file ) != 0 ) { - mbedtls_printf( "Key file too large (max: %u).\n", - (unsigned) sizeof( key_data ) ); + printf( "Key file too large (max: %u).\n", + (unsigned) sizeof( key_data ) ); status = DEMO_ERROR; goto exit; } @@ -395,7 +385,7 @@ static psa_status_t wrap_data( const char *input_file_name, #if LONG_MAX > SIZE_MAX if( input_position > SIZE_MAX ) { - mbedtls_printf( "Input file too large.\n" ); + printf( "Input file too large.\n" ); status = DEMO_ERROR; goto exit; } @@ -405,14 +395,14 @@ static psa_status_t wrap_data( const char *input_file_name, /* Check for integer overflow. */ if( buffer_size < input_size ) { - mbedtls_printf( "Input file too large.\n" ); + printf( "Input file too large.\n" ); status = DEMO_ERROR; goto exit; } /* Load the data to wrap. */ SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 ); - SYS_CHECK( ( buffer = mbedtls_calloc( 1, buffer_size ) ) != NULL ); + SYS_CHECK( ( buffer = calloc( 1, buffer_size ) ) != NULL ); SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size ); SYS_CHECK( fclose( input_file ) == 0 ); input_file = NULL; @@ -447,7 +437,7 @@ exit: fclose( output_file ); if( buffer != NULL ) mbedtls_platform_zeroize( buffer, buffer_size ); - mbedtls_free( buffer ); + free( buffer ); return( status ); } @@ -471,13 +461,13 @@ static psa_status_t unwrap_data( const char *input_file_name, if( memcmp( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH ) != 0 ) { - mbedtls_printf( "The input does not start with a valid magic header.\n" ); + printf( "The input does not start with a valid magic header.\n" ); status = DEMO_ERROR; goto exit; } if( header.ad_size != sizeof( header ) ) { - mbedtls_printf( "The header size is not correct.\n" ); + printf( "The header size is not correct.\n" ); status = DEMO_ERROR; goto exit; } @@ -486,18 +476,18 @@ static psa_status_t unwrap_data( const char *input_file_name, /* Check for integer overflow. */ if( ciphertext_size < header.payload_size ) { - mbedtls_printf( "Input file too large.\n" ); + printf( "Input file too large.\n" ); status = DEMO_ERROR; goto exit; } /* Load the payload data. */ - SYS_CHECK( ( buffer = mbedtls_calloc( 1, ciphertext_size ) ) != NULL ); + SYS_CHECK( ( buffer = calloc( 1, ciphertext_size ) ) != NULL ); SYS_CHECK( fread( buffer, 1, ciphertext_size, input_file ) == ciphertext_size ); if( fread( &extra_byte, 1, 1, input_file ) != 0 ) { - mbedtls_printf( "Extra garbage after ciphertext\n" ); + printf( "Extra garbage after ciphertext\n" ); status = DEMO_ERROR; goto exit; } @@ -513,7 +503,7 @@ static psa_status_t unwrap_data( const char *input_file_name, &plaintext_size ) ); if( plaintext_size != header.payload_size ) { - mbedtls_printf( "Incorrect payload size in the header.\n" ); + printf( "Incorrect payload size in the header.\n" ); status = DEMO_ERROR; goto exit; } @@ -532,7 +522,7 @@ exit: fclose( output_file ); if( buffer != NULL ) mbedtls_platform_zeroize( buffer, ciphertext_size ); - mbedtls_free( buffer ); + free( buffer ); return( status ); } @@ -600,23 +590,23 @@ exit: static void usage( void ) { - mbedtls_printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" ); - mbedtls_printf( "Demonstrate the usage of a key derivation ladder.\n" ); - mbedtls_printf( "\n" ); - mbedtls_printf( "Modes:\n" ); - mbedtls_printf( " generate Generate the master key\n" ); - mbedtls_printf( " save Save the derived key\n" ); - mbedtls_printf( " unwrap Unwrap (decrypt) input with the derived key\n" ); - mbedtls_printf( " wrap Wrap (encrypt) input with the derived key\n" ); - mbedtls_printf( "\n" ); - mbedtls_printf( "Options:\n" ); - mbedtls_printf( " input=FILENAME Input file (required for wrap/unwrap)\n" ); - mbedtls_printf( " master=FILENAME File containing the master key (default: master.key)\n" ); - mbedtls_printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" ); - mbedtls_printf( " label=TEXT Label for the key derivation.\n" ); - mbedtls_printf( " This may be repeated multiple times.\n" ); - mbedtls_printf( " To get the same key, you must use the same master key\n" ); - mbedtls_printf( " and the same sequence of labels.\n" ); + printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" ); + printf( "Demonstrate the usage of a key derivation ladder.\n" ); + printf( "\n" ); + printf( "Modes:\n" ); + printf( " generate Generate the master key\n" ); + printf( " save Save the derived key\n" ); + printf( " unwrap Unwrap (decrypt) input with the derived key\n" ); + printf( " wrap Wrap (encrypt) input with the derived key\n" ); + printf( "\n" ); + printf( "Options:\n" ); + printf( " input=FILENAME Input file (required for wrap/unwrap)\n" ); + printf( " master=FILENAME File containing the master key (default: master.key)\n" ); + printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" ); + printf( " label=TEXT Label for the key derivation.\n" ); + printf( " This may be repeated multiple times.\n" ); + printf( " To get the same key, you must use the same master key\n" ); + printf( " and the same sequence of labels.\n" ); } #if defined(MBEDTLS_CHECK_PARAMS) @@ -625,9 +615,9 @@ void mbedtls_param_failed( const char *failure_condition, const char *file, int line ) { - mbedtls_printf( "%s:%i: Input param failed - %s\n", + printf( "%s:%i: Input param failed - %s\n", file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + exit( EXIT_FAILURE ); } #endif @@ -648,7 +638,7 @@ int main( int argc, char *argv[] ) strcmp( argv[1], "--help" ) == 0 ) { usage( ); - return( MBEDTLS_EXIT_SUCCESS ); + return( EXIT_SUCCESS ); } for( i = 2; i < argc; i++ ) @@ -656,7 +646,7 @@ int main( int argc, char *argv[] ) char *q = strchr( argv[i], '=' ); if( q == NULL ) { - mbedtls_printf( "Missing argument to option %s\n", argv[i] ); + printf( "Missing argument to option %s\n", argv[i] ); goto usage_failure; } *q = 0; @@ -667,9 +657,9 @@ int main( int argc, char *argv[] ) { if( ladder_depth == MAX_LADDER_DEPTH ) { - mbedtls_printf( "Maximum ladder depth %u exceeded.\n", + printf( "Maximum ladder depth %u exceeded.\n", (unsigned) MAX_LADDER_DEPTH ); - return( MBEDTLS_EXIT_FAILURE ); + return( EXIT_FAILURE ); } ladder[ladder_depth] = q; ++ladder_depth; @@ -680,7 +670,7 @@ int main( int argc, char *argv[] ) output_file_name = q; else { - mbedtls_printf( "Unknown option: %s\n", argv[i] ); + printf( "Unknown option: %s\n", argv[i] ); goto usage_failure; } } @@ -695,20 +685,20 @@ int main( int argc, char *argv[] ) mode = MODE_WRAP; else { - mbedtls_printf( "Unknown action: %s\n", argv[1] ); + printf( "Unknown action: %s\n", argv[1] ); goto usage_failure; } if( input_file_name == NULL && ( mode == MODE_WRAP || mode == MODE_UNWRAP ) ) { - mbedtls_printf( "Required argument missing: input\n" ); + printf( "Required argument missing: input\n" ); return( DEMO_ERROR ); } if( output_file_name == NULL && ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) ) { - mbedtls_printf( "Required argument missing: output\n" ); + printf( "Required argument missing: output\n" ); return( DEMO_ERROR ); } @@ -716,11 +706,11 @@ int main( int argc, char *argv[] ) ladder, ladder_depth, input_file_name, output_file_name ); return( status == PSA_SUCCESS ? - MBEDTLS_EXIT_SUCCESS : - MBEDTLS_EXIT_FAILURE ); + EXIT_SUCCESS : + EXIT_FAILURE ); usage_failure: usage( ); - return( MBEDTLS_EXIT_FAILURE ); + return( EXIT_FAILURE ); } #endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ From 2b725ef727583c95eed05e33acdbdc71997a9a9e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 19 Dec 2018 18:17:29 +0000 Subject: [PATCH 1120/2197] cpp_dummy_build: Remove dependency on compat-1.3.h --- programs/test/cpp_dummy_build.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index f5179cf43..f94331794 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -45,7 +45,6 @@ #include "mbedtls/cipher.h" #include "mbedtls/cipher_internal.h" #include "mbedtls/cmac.h" -#include "mbedtls/compat-1.3.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/debug.h" #include "mbedtls/des.h" From 9afb2e992136db3fae9a669c3faaf6d5d27602a8 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 10:51:09 +0000 Subject: [PATCH 1121/2197] Remove tests that depend on TLS or X.509 --- .travis.yml | 5 - CMakeLists.txt | 2 - Makefile | 2 - configs/config-mini-tls1_1.h | 3 - configs/config-thread.h | 4 - include/CMakeLists.txt | 2 +- scripts/output_env.sh | 37 - tests/CMakeLists.txt | 6 - tests/Descriptions.txt | 14 +- tests/compat.sh | 1414 ---- tests/scripts/basic-build-test.sh | 87 +- tests/scripts/key-exchanges.pl | 62 - tests/scripts/tcp_client.pl | 86 - tests/scripts/test-ref-configs.pl | 32 +- tests/scripts/travis-log-failure.sh | 36 - tests/ssl-opt.sh | 7707 -------------------- tests/suites/test_suite_debug.data | 64 - tests/suites/test_suite_debug.function | 195 - tests/suites/test_suite_ssl.data | 59 - tests/suites/test_suite_ssl.function | 54 - tests/suites/test_suite_x509parse.data | 1995 ----- tests/suites/test_suite_x509parse.function | 861 --- tests/suites/test_suite_x509write.data | 105 - tests/suites/test_suite_x509write.function | 338 - 24 files changed, 4 insertions(+), 13166 deletions(-) delete mode 100755 tests/compat.sh delete mode 100755 tests/scripts/key-exchanges.pl delete mode 100755 tests/scripts/tcp_client.pl delete mode 100755 tests/scripts/travis-log-failure.sh delete mode 100755 tests/ssl-opt.sh delete mode 100644 tests/suites/test_suite_debug.data delete mode 100644 tests/suites/test_suite_debug.function delete mode 100644 tests/suites/test_suite_ssl.data delete mode 100644 tests/suites/test_suite_ssl.function delete mode 100644 tests/suites/test_suite_x509parse.data delete mode 100644 tests/suites/test_suite_x509parse.function delete mode 100644 tests/suites/test_suite_x509write.data delete mode 100644 tests/suites/test_suite_x509write.function diff --git a/.travis.yml b/.travis.yml index bd5e750ba..fe3c1ec29 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,13 +22,8 @@ script: - make - make test - programs/test/selftest -- OSSL_NO_DTLS=1 tests/compat.sh -- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' --seed 4 - tests/scripts/test-ref-configs.pl - tests/scripts/curves.pl -- tests/scripts/key-exchanges.pl -after_failure: -- tests/scripts/travis-log-failure.sh env: global: secure: "barHldniAfXyoWOD/vcO+E6/Xm4fmcaUoC9BeKW+LwsHqlDMLvugaJnmLXkSpkbYhVL61Hzf3bo0KPJn88AFc5Rkf8oYHPjH4adMnVXkf3B9ghHCgznqHsAH3choo6tnPxaFgOwOYmLGb382nQxfE5lUdvnM/W/psQjWt66A1+k=" diff --git a/CMakeLists.txt b/CMakeLists.txt index 11efd87e4..feca4abaf 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -200,8 +200,6 @@ if(ENABLE_TESTING) ADD_CUSTOM_TARGET(covtest COMMAND make test COMMAND programs/test/selftest - COMMAND tests/compat.sh - COMMAND tests/ssl-opt.sh ) ADD_CUSTOM_TARGET(lcov diff --git a/Makefile b/Makefile index f32641a22..12d300820 100644 --- a/Makefile +++ b/Makefile @@ -102,8 +102,6 @@ ifndef WINDOWS covtest: $(MAKE) check programs/test/selftest - tests/compat.sh - tests/ssl-opt.sh lcov: rm -rf Coverage diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h index 013bc0300..d4743bb22 100644 --- a/configs/config-mini-tls1_1.h +++ b/configs/config-mini-tls1_1.h @@ -70,9 +70,6 @@ #define MBEDTLS_CERTS_C #define MBEDTLS_PEM_PARSE_C -/* For testing with compat.sh */ -#define MBEDTLS_FS_IO - #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-thread.h b/configs/config-thread.h index 25db16bf0..f729a0381 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -75,10 +75,6 @@ #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C -/* For tests using ssl-opt.sh */ -#define MBEDTLS_NET_C -#define MBEDTLS_TIMING_C - /* Save RAM at the expense of ROM */ #define MBEDTLS_AES_ROM_TABLES diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 462127176..dac97f44e 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -15,7 +15,7 @@ if(INSTALL_MBEDTLS_HEADERS) endif(INSTALL_MBEDTLS_HEADERS) -# Make config.h available in an out-of-source build. ssl-opt.sh requires it. +# Make config.h available in an out-of-source build. if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) link_to_source(mbedtls) link_to_source(psa) diff --git a/scripts/output_env.sh b/scripts/output_env.sh index c809d46fe..132963c04 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -15,7 +15,6 @@ # - type and version of the operating system # - version of armcc, clang, gcc-arm and gcc compilers # - version of libc, clang, asan and valgrind if installed -# - version of gnuTLS and OpenSSL print_version() { @@ -74,42 +73,6 @@ echo print_version "valgrind" "--version" "valgrind not found!" echo -: ${OPENSSL:=openssl} -print_version "$OPENSSL" "version" "openssl not found!" -echo - -if [ -n "${OPENSSL_LEGACY+set}" ]; then - print_version "$OPENSSL_LEGACY" "version" "openssl legacy version not found!" - echo -fi - -if [ -n "${OPENSSL_NEXT+set}" ]; then - print_version "$OPENSSL_NEXT" "version" "openssl next version not found!" - echo -fi - -: ${GNUTLS_CLI:=gnutls-cli} -print_version "$GNUTLS_CLI" "--version" "gnuTLS client not found!" "head -n 1" -echo - -: ${GNUTLS_SERV:=gnutls-serv} -print_version "$GNUTLS_SERV" "--version" "gnuTLS server not found!" "head -n 1" -echo - -if [ -n "${GNUTLS_LEGACY_CLI+set}" ]; then - print_version "$GNUTLS_LEGACY_CLI" "--version" \ - "gnuTLS client legacy version not found!" \ - "head -n 1" - echo -fi - -if [ -n "${GNUTLS_LEGACY_SERV+set}" ]; then - print_version "$GNUTLS_LEGACY_SERV" "--version" \ - "gnuTLS server legacy version not found!" \ - "head -n 1" - echo -fi - if `hash dpkg > /dev/null 2>&1`; then echo "* asan:" dpkg -s libasan2 2> /dev/null | grep -i version diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 4b46e3dea..4720008c6 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -89,7 +89,6 @@ add_test_suite(cipher cipher.null) add_test_suite(cipher cipher.padding) add_test_suite(cmac) add_test_suite(ctr_drbg) -add_test_suite(debug) add_test_suite(des) add_test_suite(dhm) add_test_suite(ecdh) @@ -133,20 +132,15 @@ add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_crypto_storage_file) add_test_suite(shax) -add_test_suite(ssl) add_test_suite(timing) add_test_suite(rsa) add_test_suite(version) add_test_suite(xtea) -add_test_suite(x509parse) -add_test_suite(x509write) # Make scripts and data files needed for testing available in an # out-of-source build. if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) - link_to_source(compat.sh) link_to_source(data_files) link_to_source(scripts) - link_to_source(ssl-opt.sh) link_to_source(suites) endif() diff --git a/tests/Descriptions.txt b/tests/Descriptions.txt index 8b13bb39f..3e9b25565 100644 --- a/tests/Descriptions.txt +++ b/tests/Descriptions.txt @@ -2,21 +2,9 @@ test_suites The various 'test_suite_XXX' programs from the 'tests' directory, executed using 'make check' (Unix make) or 'make test' (Cmake), include test cases (reference test vectors, sanity checks, malformed input for parsing - functions, etc.) for all modules except the SSL modules. + functions, etc.) for all modules. selftests The 'programs/test/selftest' program runs the 'XXX_self_test()' functions of each individual module. Most of them are included in the respective test suite, but some slower ones are only included here. - -compat - The 'tests/compat.sh' script checks interoperability with OpenSSL and - GnuTLS (and ourselves!) for every common ciphersuite, in every TLS - version, both ways (client/server), using client authentication or not. - For each ciphersuite/version/side/authmode it performs a full handshake - and a small data exchange. - -ssl_opt - The 'tests/ssl-opt.sh' script checks various options and/or operations not - covered by compat.sh: session resumption (using session cache or tickets), - renegotiation, SNI, other extensions, etc. diff --git a/tests/compat.sh b/tests/compat.sh deleted file mode 100755 index 0eae1eab3..000000000 --- a/tests/compat.sh +++ /dev/null @@ -1,1414 +0,0 @@ -#!/bin/sh - -# compat.sh -# -# This file is part of mbed TLS (https://tls.mbed.org) -# -# Copyright (c) 2012-2016, ARM Limited, All Rights Reserved -# -# Purpose -# -# Test interoperbility with OpenSSL, GnuTLS as well as itself. -# -# Check each common ciphersuite, with each version, both ways (client/server), -# with and without client authentication. - -set -u - -# initialise counters -TESTS=0 -FAILED=0 -SKIPPED=0 -SRVMEM=0 - -# default commands, can be overridden by the environment -: ${M_SRV:=../programs/ssl/ssl_server2} -: ${M_CLI:=../programs/ssl/ssl_client2} -: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system -: ${GNUTLS_CLI:=gnutls-cli} -: ${GNUTLS_SERV:=gnutls-serv} - -# do we have a recent enough GnuTLS? -if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then - G_VER="$( $GNUTLS_CLI --version | head -n1 )" - if echo "$G_VER" | grep '@VERSION@' > /dev/null; then # git version - PEER_GNUTLS=" GnuTLS" - else - eval $( echo $G_VER | sed 's/.* \([0-9]*\)\.\([0-9]\)*\.\([0-9]*\)$/MAJOR="\1" MINOR="\2" PATCH="\3"/' ) - if [ $MAJOR -lt 3 -o \ - \( $MAJOR -eq 3 -a $MINOR -lt 2 \) -o \ - \( $MAJOR -eq 3 -a $MINOR -eq 2 -a $PATCH -lt 15 \) ] - then - PEER_GNUTLS="" - else - PEER_GNUTLS=" GnuTLS" - if [ $MINOR -lt 4 ]; then - GNUTLS_MINOR_LT_FOUR='x' - fi - fi - fi -else - PEER_GNUTLS="" -fi - -# default values for options -MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2" -VERIFIES="NO YES" -TYPES="ECDSA RSA PSK" -FILTER="" -# exclude: -# - NULL: excluded from our default config -# - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions -# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL) -# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1 -# - ChachaPoly: requires OpenSSL >= 1.1.0 -# - 3DES: not in default config -EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305' -VERBOSE="" -MEMCHECK=0 -PEERS="OpenSSL$PEER_GNUTLS mbedTLS" - -# hidden option: skip DTLS with OpenSSL -# (travis CI has a version that doesn't work for us) -: ${OSSL_NO_DTLS:=0} - -print_usage() { - echo "Usage: $0" - printf " -h|--help\tPrint this help.\n" - printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')\n" - printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')\n" - printf " -m|--modes\tWhich modes to perform (Default: '$MODES')\n" - printf " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')\n" - printf " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')\n" - printf " -p|--peers\tWhich peers to use (Default: '$PEERS')\n" - printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" - printf " -M|--memcheck\tCheck memory leaks and errors.\n" - printf " -v|--verbose\tSet verbose output.\n" -} - -get_options() { - while [ $# -gt 0 ]; do - case "$1" in - -f|--filter) - shift; FILTER=$1 - ;; - -e|--exclude) - shift; EXCLUDE=$1 - ;; - -m|--modes) - shift; MODES=$1 - ;; - -t|--types) - shift; TYPES=$1 - ;; - -V|--verify) - shift; VERIFIES=$1 - ;; - -p|--peers) - shift; PEERS=$1 - ;; - -v|--verbose) - VERBOSE=1 - ;; - -M|--memcheck) - MEMCHECK=1 - ;; - -h|--help) - print_usage - exit 0 - ;; - *) - echo "Unknown argument: '$1'" - print_usage - exit 1 - ;; - esac - shift - done - - # sanitize some options (modes checked later) - VERIFIES="$( echo $VERIFIES | tr [a-z] [A-Z] )" - TYPES="$( echo $TYPES | tr [a-z] [A-Z] )" -} - -log() { - if [ "X" != "X$VERBOSE" ]; then - echo "" - echo "$@" - fi -} - -# is_dtls -is_dtls() -{ - test "$1" = "dtls1" -o "$1" = "dtls1_2" -} - -# minor_ver -minor_ver() -{ - case "$1" in - ssl3) - echo 0 - ;; - tls1) - echo 1 - ;; - tls1_1|dtls1) - echo 2 - ;; - tls1_2|dtls1_2) - echo 3 - ;; - *) - echo "error: invalid mode: $MODE" >&2 - # exiting is no good here, typically called in a subshell - echo -1 - esac -} - -filter() -{ - LIST="$1" - NEW_LIST="" - - if is_dtls "$MODE"; then - EXCLMODE="$EXCLUDE"'\|RC4\|ARCFOUR' - else - EXCLMODE="$EXCLUDE" - fi - - for i in $LIST; - do - NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLMODE" )" - done - - # normalize whitespace - echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//' -} - -# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for -# PSK ciphersuites with DTLS, which is incorrect, so disable them for now -check_openssl_server_bug() -{ - if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \ - echo "$1" | grep "^TLS-PSK" >/dev/null; - then - SKIP_NEXT="YES" - fi -} - -filter_ciphersuites() -{ - if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ]; - then - # Ciphersuite for mbed TLS - M_CIPHERS=$( filter "$M_CIPHERS" ) - - # Ciphersuite for OpenSSL - O_CIPHERS=$( filter "$O_CIPHERS" ) - - # Ciphersuite for GnuTLS - G_CIPHERS=$( filter "$G_CIPHERS" ) - fi - - # OpenSSL 1.0.1h doesn't support DTLS 1.2 - if [ `minor_ver "$MODE"` -ge 3 ] && is_dtls "$MODE"; then - O_CIPHERS="" - case "$PEER" in - [Oo]pen*) - M_CIPHERS="" - ;; - esac - fi - - # For GnuTLS client -> mbed TLS server, - # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails - if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then - G_CIPHERS="" - fi -} - -reset_ciphersuites() -{ - M_CIPHERS="" - O_CIPHERS="" - G_CIPHERS="" -} - -# Ciphersuites that can be used with all peers. -# Since we currently have three possible peers, each ciphersuite should appear -# three times: in each peer's list (with the name that this peer uses). -add_common_ciphersuites() -{ - case $TYPE in - - "ECDSA") - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-ECDSA-WITH-NULL-SHA \ - TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \ - TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \ - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \ - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-ECDSA:+NULL:+SHA1 \ - +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \ - +ECDHE-ECDSA:+3DES-CBC:+SHA1 \ - +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \ - +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-ECDSA-NULL-SHA \ - ECDHE-ECDSA-RC4-SHA \ - ECDHE-ECDSA-DES-CBC3-SHA \ - ECDHE-ECDSA-AES128-SHA \ - ECDHE-ECDSA-AES256-SHA \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \ - TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \ - +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \ - +ECDHE-ECDSA:+AES-128-GCM:+AEAD \ - +ECDHE-ECDSA:+AES-256-GCM:+AEAD \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-ECDSA-AES128-SHA256 \ - ECDHE-ECDSA-AES256-SHA384 \ - ECDHE-ECDSA-AES128-GCM-SHA256 \ - ECDHE-ECDSA-AES256-GCM-SHA384 \ - " - fi - ;; - - "RSA") - M_CIPHERS="$M_CIPHERS \ - TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - TLS-DHE-RSA-WITH-AES-256-CBC-SHA \ - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \ - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \ - TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \ - TLS-RSA-WITH-AES-256-CBC-SHA \ - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \ - TLS-RSA-WITH-AES-128-CBC-SHA \ - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \ - TLS-RSA-WITH-3DES-EDE-CBC-SHA \ - TLS-RSA-WITH-RC4-128-SHA \ - TLS-RSA-WITH-RC4-128-MD5 \ - TLS-RSA-WITH-NULL-MD5 \ - TLS-RSA-WITH-NULL-SHA \ - " - G_CIPHERS="$G_CIPHERS \ - +DHE-RSA:+AES-128-CBC:+SHA1 \ - +DHE-RSA:+AES-256-CBC:+SHA1 \ - +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \ - +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \ - +DHE-RSA:+3DES-CBC:+SHA1 \ - +RSA:+AES-256-CBC:+SHA1 \ - +RSA:+CAMELLIA-256-CBC:+SHA1 \ - +RSA:+AES-128-CBC:+SHA1 \ - +RSA:+CAMELLIA-128-CBC:+SHA1 \ - +RSA:+3DES-CBC:+SHA1 \ - +RSA:+ARCFOUR-128:+SHA1 \ - +RSA:+ARCFOUR-128:+MD5 \ - +RSA:+NULL:+MD5 \ - +RSA:+NULL:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - DHE-RSA-AES128-SHA \ - DHE-RSA-AES256-SHA \ - DHE-RSA-CAMELLIA128-SHA \ - DHE-RSA-CAMELLIA256-SHA \ - EDH-RSA-DES-CBC3-SHA \ - AES256-SHA \ - CAMELLIA256-SHA \ - AES128-SHA \ - CAMELLIA128-SHA \ - DES-CBC3-SHA \ - RC4-SHA \ - RC4-MD5 \ - NULL-MD5 \ - NULL-SHA \ - " - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \ - TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \ - TLS-ECDHE-RSA-WITH-RC4-128-SHA \ - TLS-ECDHE-RSA-WITH-NULL-SHA \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-RSA:+AES-128-CBC:+SHA1 \ - +ECDHE-RSA:+AES-256-CBC:+SHA1 \ - +ECDHE-RSA:+3DES-CBC:+SHA1 \ - +ECDHE-RSA:+ARCFOUR-128:+SHA1 \ - +ECDHE-RSA:+NULL:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-RSA-AES256-SHA \ - ECDHE-RSA-AES128-SHA \ - ECDHE-RSA-DES-CBC3-SHA \ - ECDHE-RSA-RC4-SHA \ - ECDHE-RSA-NULL-SHA \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-WITH-AES-128-CBC-SHA256 \ - TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \ - TLS-RSA-WITH-AES-256-CBC-SHA256 \ - TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \ - TLS-RSA-WITH-AES-128-GCM-SHA256 \ - TLS-RSA-WITH-AES-256-GCM-SHA384 \ - TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \ - TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ - TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \ - " - G_CIPHERS="$G_CIPHERS \ - +RSA:+AES-128-CBC:+SHA256 \ - +DHE-RSA:+AES-128-CBC:+SHA256 \ - +RSA:+AES-256-CBC:+SHA256 \ - +DHE-RSA:+AES-256-CBC:+SHA256 \ - +ECDHE-RSA:+AES-128-CBC:+SHA256 \ - +ECDHE-RSA:+AES-256-CBC:+SHA384 \ - +RSA:+AES-128-GCM:+AEAD \ - +RSA:+AES-256-GCM:+AEAD \ - +DHE-RSA:+AES-128-GCM:+AEAD \ - +DHE-RSA:+AES-256-GCM:+AEAD \ - +ECDHE-RSA:+AES-128-GCM:+AEAD \ - +ECDHE-RSA:+AES-256-GCM:+AEAD \ - " - O_CIPHERS="$O_CIPHERS \ - NULL-SHA256 \ - AES128-SHA256 \ - DHE-RSA-AES128-SHA256 \ - AES256-SHA256 \ - DHE-RSA-AES256-SHA256 \ - ECDHE-RSA-AES128-SHA256 \ - ECDHE-RSA-AES256-SHA384 \ - AES128-GCM-SHA256 \ - DHE-RSA-AES128-GCM-SHA256 \ - AES256-GCM-SHA384 \ - DHE-RSA-AES256-GCM-SHA384 \ - ECDHE-RSA-AES128-GCM-SHA256 \ - ECDHE-RSA-AES256-GCM-SHA384 \ - " - fi - ;; - - "PSK") - M_CIPHERS="$M_CIPHERS \ - TLS-PSK-WITH-RC4-128-SHA \ - TLS-PSK-WITH-3DES-EDE-CBC-SHA \ - TLS-PSK-WITH-AES-128-CBC-SHA \ - TLS-PSK-WITH-AES-256-CBC-SHA \ - " - G_CIPHERS="$G_CIPHERS \ - +PSK:+ARCFOUR-128:+SHA1 \ - +PSK:+3DES-CBC:+SHA1 \ - +PSK:+AES-128-CBC:+SHA1 \ - +PSK:+AES-256-CBC:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - PSK-RC4-SHA \ - PSK-3DES-EDE-CBC-SHA \ - PSK-AES128-CBC-SHA \ - PSK-AES256-CBC-SHA \ - " - ;; - esac -} - -# Ciphersuites usable only with Mbed TLS and OpenSSL -# Each ciphersuite should appear two times, once with its OpenSSL name, once -# with its Mbed TLS name. -# -# NOTE: for some reason RSA-PSK doesn't work with OpenSSL, -# so RSA-PSK ciphersuites need to go in other sections, see -# https://github.com/ARMmbed/mbedtls/issues/1419 -# -# ChachaPoly suites are here rather than in "common", as they were added in -# GnuTLS in 3.5.0 and the CI only has 3.4.x so far. -add_openssl_ciphersuites() -{ - case $TYPE in - - "ECDSA") - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-NULL-SHA \ - TLS-ECDH-ECDSA-WITH-RC4-128-SHA \ - TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \ - TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \ - TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \ - " - O_CIPHERS="$O_CIPHERS \ - ECDH-ECDSA-NULL-SHA \ - ECDH-ECDSA-RC4-SHA \ - ECDH-ECDSA-DES-CBC3-SHA \ - ECDH-ECDSA-AES128-SHA \ - ECDH-ECDSA-AES256-SHA \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ - TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \ - TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \ - TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ - " - O_CIPHERS="$O_CIPHERS \ - ECDH-ECDSA-AES128-SHA256 \ - ECDH-ECDSA-AES256-SHA384 \ - ECDH-ECDSA-AES128-GCM-SHA256 \ - ECDH-ECDSA-AES256-GCM-SHA384 \ - ECDHE-ECDSA-ARIA256-GCM-SHA384 \ - ECDHE-ECDSA-ARIA128-GCM-SHA256 \ - ECDHE-ECDSA-CHACHA20-POLY1305 \ - " - fi - ;; - - "RSA") - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-WITH-DES-CBC-SHA \ - TLS-DHE-RSA-WITH-DES-CBC-SHA \ - " - O_CIPHERS="$O_CIPHERS \ - DES-CBC-SHA \ - EDH-RSA-DES-CBC-SHA \ - " - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-RSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-RSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-ARIA256-GCM-SHA384 \ - DHE-RSA-ARIA256-GCM-SHA384 \ - ARIA256-GCM-SHA384 \ - ECDHE-ARIA128-GCM-SHA256 \ - DHE-RSA-ARIA128-GCM-SHA256 \ - ARIA128-GCM-SHA256 \ - DHE-RSA-CHACHA20-POLY1305 \ - ECDHE-RSA-CHACHA20-POLY1305 \ - " - fi - ;; - - "PSK") - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ - TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \ - TLS-PSK-WITH-ARIA-256-GCM-SHA384 \ - TLS-PSK-WITH-ARIA-128-GCM-SHA256 \ - TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - " - O_CIPHERS="$O_CIPHERS \ - DHE-PSK-ARIA256-GCM-SHA384 \ - DHE-PSK-ARIA128-GCM-SHA256 \ - PSK-ARIA256-GCM-SHA384 \ - PSK-ARIA128-GCM-SHA256 \ - DHE-PSK-CHACHA20-POLY1305 \ - ECDHE-PSK-CHACHA20-POLY1305 \ - PSK-CHACHA20-POLY1305 \ - " - fi - ;; - esac -} - -# Ciphersuites usable only with Mbed TLS and GnuTLS -# Each ciphersuite should appear two times, once with its GnuTLS name, once -# with its Mbed TLS name. -add_gnutls_ciphersuites() -{ - case $TYPE in - - "ECDSA") - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ - TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ - TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ - TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \ - +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \ - +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \ - +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \ - +ECDHE-ECDSA:+AES-128-CCM:+AEAD \ - +ECDHE-ECDSA:+AES-256-CCM:+AEAD \ - +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \ - +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \ - " - fi - ;; - - "RSA") - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-WITH-NULL-SHA256 \ - " - G_CIPHERS="$G_CIPHERS \ - +RSA:+NULL:+SHA256 \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-RSA-WITH-AES-128-CCM \ - TLS-RSA-WITH-AES-256-CCM \ - TLS-DHE-RSA-WITH-AES-128-CCM \ - TLS-DHE-RSA-WITH-AES-256-CCM \ - TLS-RSA-WITH-AES-128-CCM-8 \ - TLS-RSA-WITH-AES-256-CCM-8 \ - TLS-DHE-RSA-WITH-AES-128-CCM-8 \ - TLS-DHE-RSA-WITH-AES-256-CCM-8 \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ - +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \ - +RSA:+CAMELLIA-128-CBC:+SHA256 \ - +RSA:+CAMELLIA-256-CBC:+SHA256 \ - +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ - +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \ - +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \ - +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \ - +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \ - +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \ - +RSA:+CAMELLIA-128-GCM:+AEAD \ - +RSA:+CAMELLIA-256-GCM:+AEAD \ - +RSA:+AES-128-CCM:+AEAD \ - +RSA:+AES-256-CCM:+AEAD \ - +RSA:+AES-128-CCM-8:+AEAD \ - +RSA:+AES-256-CCM-8:+AEAD \ - +DHE-RSA:+AES-128-CCM:+AEAD \ - +DHE-RSA:+AES-256-CCM:+AEAD \ - +DHE-RSA:+AES-128-CCM-8:+AEAD \ - +DHE-RSA:+AES-256-CCM-8:+AEAD \ - " - fi - ;; - - "PSK") - M_CIPHERS="$M_CIPHERS \ - TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ - TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ - TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ - TLS-DHE-PSK-WITH-RC4-128-SHA \ - " - G_CIPHERS="$G_CIPHERS \ - +DHE-PSK:+3DES-CBC:+SHA1 \ - +DHE-PSK:+AES-128-CBC:+SHA1 \ - +DHE-PSK:+AES-256-CBC:+SHA1 \ - +DHE-PSK:+ARCFOUR-128:+SHA1 \ - " - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ - TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ - TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \ - TLS-ECDHE-PSK-WITH-RC4-128-SHA \ - TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \ - TLS-RSA-PSK-WITH-AES-256-CBC-SHA \ - TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ - TLS-RSA-PSK-WITH-RC4-128-SHA \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-PSK:+3DES-CBC:+SHA1 \ - +ECDHE-PSK:+AES-128-CBC:+SHA1 \ - +ECDHE-PSK:+AES-256-CBC:+SHA1 \ - +ECDHE-PSK:+ARCFOUR-128:+SHA1 \ - +RSA-PSK:+3DES-CBC:+SHA1 \ - +RSA-PSK:+AES-256-CBC:+SHA1 \ - +RSA-PSK:+AES-128-CBC:+SHA1 \ - +RSA-PSK:+ARCFOUR-128:+SHA1 \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-PSK-WITH-NULL-SHA384 \ - TLS-ECDHE-PSK-WITH-NULL-SHA256 \ - TLS-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-PSK-WITH-NULL-SHA256 \ - TLS-PSK-WITH-NULL-SHA384 \ - TLS-DHE-PSK-WITH-NULL-SHA256 \ - TLS-DHE-PSK-WITH-NULL-SHA384 \ - TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-RSA-PSK-WITH-NULL-SHA256 \ - TLS-RSA-PSK-WITH-NULL-SHA384 \ - TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-PSK-WITH-AES-128-GCM-SHA256 \ - TLS-PSK-WITH-AES-256-GCM-SHA384 \ - TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \ - TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \ - TLS-PSK-WITH-AES-128-CCM \ - TLS-PSK-WITH-AES-256-CCM \ - TLS-DHE-PSK-WITH-AES-128-CCM \ - TLS-DHE-PSK-WITH-AES-256-CCM \ - TLS-PSK-WITH-AES-128-CCM-8 \ - TLS-PSK-WITH-AES-256-CCM-8 \ - TLS-DHE-PSK-WITH-AES-128-CCM-8 \ - TLS-DHE-PSK-WITH-AES-256-CCM-8 \ - TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \ - TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-PSK:+AES-256-CBC:+SHA384 \ - +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ - +ECDHE-PSK:+AES-128-CBC:+SHA256 \ - +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ - +PSK:+AES-128-CBC:+SHA256 \ - +PSK:+AES-256-CBC:+SHA384 \ - +DHE-PSK:+AES-128-CBC:+SHA256 \ - +DHE-PSK:+AES-256-CBC:+SHA384 \ - +RSA-PSK:+AES-256-CBC:+SHA384 \ - +RSA-PSK:+AES-128-CBC:+SHA256 \ - +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ - +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ - +PSK:+CAMELLIA-128-CBC:+SHA256 \ - +PSK:+CAMELLIA-256-CBC:+SHA384 \ - +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \ - +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \ - +PSK:+AES-128-GCM:+AEAD \ - +PSK:+AES-256-GCM:+AEAD \ - +DHE-PSK:+AES-128-GCM:+AEAD \ - +DHE-PSK:+AES-256-GCM:+AEAD \ - +PSK:+AES-128-CCM:+AEAD \ - +PSK:+AES-256-CCM:+AEAD \ - +DHE-PSK:+AES-128-CCM:+AEAD \ - +DHE-PSK:+AES-256-CCM:+AEAD \ - +PSK:+AES-128-CCM-8:+AEAD \ - +PSK:+AES-256-CCM-8:+AEAD \ - +DHE-PSK:+AES-128-CCM-8:+AEAD \ - +DHE-PSK:+AES-256-CCM-8:+AEAD \ - +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \ - +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \ - +PSK:+CAMELLIA-128-GCM:+AEAD \ - +PSK:+CAMELLIA-256-GCM:+AEAD \ - +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \ - +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \ - +RSA-PSK:+AES-256-GCM:+AEAD \ - +RSA-PSK:+AES-128-GCM:+AEAD \ - +ECDHE-PSK:+NULL:+SHA384 \ - +ECDHE-PSK:+NULL:+SHA256 \ - +PSK:+NULL:+SHA256 \ - +PSK:+NULL:+SHA384 \ - +DHE-PSK:+NULL:+SHA256 \ - +DHE-PSK:+NULL:+SHA384 \ - +RSA-PSK:+NULL:+SHA256 \ - +RSA-PSK:+NULL:+SHA384 \ - " - fi - ;; - esac -} - -# Ciphersuites usable only with Mbed TLS (not currently supported by another -# peer usable in this script). This provide only very rudimentaty testing, as -# this is not interop testing, but it's better than nothing. -add_mbedtls_ciphersuites() -{ - case $TYPE in - - "ECDSA") - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \ - " - fi - ;; - - "RSA") - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-RSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-RSA-WITH-ARIA-128-CBC-SHA256 \ - " - fi - ;; - - "PSK") - # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15 - M_CIPHERS="$M_CIPHERS \ - TLS-PSK-WITH-NULL-SHA \ - TLS-DHE-PSK-WITH-NULL-SHA \ - " - if [ `minor_ver "$MODE"` -gt 0 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-PSK-WITH-NULL-SHA \ - TLS-RSA-PSK-WITH-NULL-SHA \ - " - fi - if [ `minor_ver "$MODE"` -ge 3 ] - then - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \ - TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \ - TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - " - fi - ;; - esac -} - -setup_arguments() -{ - G_MODE="" - case "$MODE" in - "ssl3") - G_PRIO_MODE="+VERS-SSL3.0" - ;; - "tls1") - G_PRIO_MODE="+VERS-TLS1.0" - ;; - "tls1_1") - G_PRIO_MODE="+VERS-TLS1.1" - ;; - "tls1_2") - G_PRIO_MODE="+VERS-TLS1.2" - ;; - "dtls1") - G_PRIO_MODE="+VERS-DTLS1.0" - G_MODE="-u" - ;; - "dtls1_2") - G_PRIO_MODE="+VERS-DTLS1.2" - G_MODE="-u" - ;; - *) - echo "error: invalid mode: $MODE" >&2 - exit 1; - esac - - # GnuTLS < 3.4 will choke if we try to allow CCM-8 - if [ -z "${GNUTLS_MINOR_LT_FOUR-}" ]; then - G_PRIO_CCM="+AES-256-CCM-8:+AES-128-CCM-8:" - else - G_PRIO_CCM="" - fi - - M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1" - O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem" - G_SERVER_ARGS="-p $PORT --http $G_MODE" - G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" - - # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes - if is_dtls "$MODE"; then - O_SERVER_ARGS="$O_SERVER_ARGS" - else - O_SERVER_ARGS="$O_SERVER_ARGS -www" - fi - - M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE" - O_CLIENT_ARGS="-connect localhost:$PORT -$MODE" - G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE" - G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL" - - if [ "X$VERIFY" = "XYES" ]; - then - M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" - O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10" - G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert" - - M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" - O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10" - G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt" - else - # don't request a client cert at all - M_SERVER_ARGS="$M_SERVER_ARGS ca_file=none auth_mode=none" - G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert" - - M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=none auth_mode=none" - O_CLIENT_ARGS="$O_CLIENT_ARGS" - G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure" - fi - - case $TYPE in - "ECDSA") - M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key" - O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key" - G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" - - if [ "X$VERIFY" = "XYES" ]; then - M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key" - O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key" - G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key" - else - M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none" - fi - ;; - - "RSA") - M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key" - O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2.crt -key data_files/server2.key" - G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key" - - if [ "X$VERIFY" = "XYES" ]; then - M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key" - O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server1.crt -key data_files/server1.key" - G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server1.crt --x509keyfile data_files/server1.key" - else - M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none" - fi - - # Allow SHA-1. It's disabled by default for security reasons but - # our tests still use certificates signed with it. - M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1" - M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1" - ;; - - "PSK") - # give RSA-PSK-capable server a RSA cert - # (should be a separate type, but harder to close with openssl) - M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2.crt key_file=data_files/server2.key" - O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert" - G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk" - - M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none" - O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70" - G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" - - # Allow SHA-1. It's disabled by default for security reasons but - # our tests still use certificates signed with it. - M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1" - M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1" - ;; - esac -} - -# is_mbedtls -is_mbedtls() { - echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null -} - -# has_mem_err -has_mem_err() { - if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && - grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null - then - return 1 # false: does not have errors - else - return 0 # true: has errors - fi -} - -# Wait for process $2 to be listening on port $1 -if type lsof >/dev/null 2>/dev/null; then - wait_server_start() { - START_TIME=$(date +%s) - if is_dtls "$MODE"; then - proto=UDP - else - proto=TCP - fi - while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do - if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then - echo "SERVERSTART TIMEOUT" - echo "SERVERSTART TIMEOUT" >> $SRV_OUT - break - fi - # Linux and *BSD support decimal arguments to sleep. On other - # OSes this may be a tight loop. - sleep 0.1 2>/dev/null || true - done - } -else - echo "Warning: lsof not available, wait_server_start = sleep" - wait_server_start() { - sleep 2 - } -fi - - -# start_server -# also saves name and command -start_server() { - case $1 in - [Oo]pen*) - SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS" - ;; - [Gg]nu*) - SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO" - ;; - mbed*) - SERVER_CMD="$M_SRV $M_SERVER_ARGS" - if [ "$MEMCHECK" -gt 0 ]; then - SERVER_CMD="valgrind --leak-check=full $SERVER_CMD" - fi - ;; - *) - echo "error: invalid server name: $1" >&2 - exit 1 - ;; - esac - SERVER_NAME=$1 - - log "$SERVER_CMD" - echo "$SERVER_CMD" > $SRV_OUT - # for servers without -www or equivalent - while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 & - PROCESS_ID=$! - - wait_server_start "$PORT" "$PROCESS_ID" -} - -# terminate the running server -stop_server() { - kill $PROCESS_ID 2>/dev/null - wait $PROCESS_ID 2>/dev/null - - if [ "$MEMCHECK" -gt 0 ]; then - if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then - echo " ! Server had memory errors" - SRVMEM=$(( $SRVMEM + 1 )) - return - fi - fi - - rm -f $SRV_OUT -} - -# kill the running server (used when killed by signal) -cleanup() { - rm -f $SRV_OUT $CLI_OUT - kill $PROCESS_ID >/dev/null 2>&1 - kill $WATCHDOG_PID >/dev/null 2>&1 - exit 1 -} - -# wait for client to terminate and set EXIT -# must be called right after starting the client -wait_client_done() { - CLI_PID=$! - - ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) & - WATCHDOG_PID=$! - - wait $CLI_PID - EXIT=$? - - kill $WATCHDOG_PID - wait $WATCHDOG_PID - - echo "EXIT: $EXIT" >> $CLI_OUT -} - -# run_client -run_client() { - # announce what we're going to do - TESTS=$(( $TESTS + 1 )) - VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') - TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`" - TITLE="$TITLE $MODE,$VERIF $2" - printf "$TITLE " - LEN=$(( 72 - `echo "$TITLE" | wc -c` )) - for i in `seq 1 $LEN`; do printf '.'; done; printf ' ' - - # should we skip? - if [ "X$SKIP_NEXT" = "XYES" ]; then - SKIP_NEXT="NO" - echo "SKIP" - SKIPPED=$(( $SKIPPED + 1 )) - return - fi - - # run the command and interpret result - case $1 in - [Oo]pen*) - CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2" - log "$CLIENT_CMD" - echo "$CLIENT_CMD" > $CLI_OUT - printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & - wait_client_done - - if [ $EXIT -eq 0 ]; then - RESULT=0 - else - # If the cipher isn't supported... - if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then - RESULT=1 - else - RESULT=2 - fi - fi - ;; - - [Gg]nu*) - # need to force IPv4 with UDP, but keep localhost for auth - if is_dtls "$MODE"; then - G_HOST="127.0.0.1" - else - G_HOST="localhost" - fi - CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 $G_HOST" - log "$CLIENT_CMD" - echo "$CLIENT_CMD" > $CLI_OUT - printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & - wait_client_done - - if [ $EXIT -eq 0 ]; then - RESULT=0 - else - RESULT=2 - # interpret early failure, with a handshake_failure alert - # before the server hello, as "no ciphersuite in common" - if grep -F 'Received alert [40]: Handshake failed' $CLI_OUT; then - if grep -i 'SERVER HELLO .* was received' $CLI_OUT; then : - else - RESULT=1 - fi - fi >/dev/null - fi - ;; - - mbed*) - CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$2" - if [ "$MEMCHECK" -gt 0 ]; then - CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD" - fi - log "$CLIENT_CMD" - echo "$CLIENT_CMD" > $CLI_OUT - $CLIENT_CMD >> $CLI_OUT 2>&1 & - wait_client_done - - case $EXIT in - # Success - "0") RESULT=0 ;; - - # Ciphersuite not supported - "2") RESULT=1 ;; - - # Error - *) RESULT=2 ;; - esac - - if [ "$MEMCHECK" -gt 0 ]; then - if is_mbedtls "$CLIENT_CMD" && has_mem_err $CLI_OUT; then - RESULT=2 - fi - fi - - ;; - - *) - echo "error: invalid client name: $1" >&2 - exit 1 - ;; - esac - - echo "EXIT: $EXIT" >> $CLI_OUT - - # report and count result - case $RESULT in - "0") - echo PASS - ;; - "1") - echo SKIP - SKIPPED=$(( $SKIPPED + 1 )) - ;; - "2") - echo FAIL - cp $SRV_OUT c-srv-${TESTS}.log - cp $CLI_OUT c-cli-${TESTS}.log - echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" - - if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot -o "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then - echo " ! server output:" - cat c-srv-${TESTS}.log - echo " ! ===================================================" - echo " ! client output:" - cat c-cli-${TESTS}.log - fi - - FAILED=$(( $FAILED + 1 )) - ;; - esac - - rm -f $CLI_OUT -} - -# -# MAIN -# - -if cd $( dirname $0 ); then :; else - echo "cd $( dirname $0 ) failed" >&2 - exit 1 -fi - -get_options "$@" - -# sanity checks, avoid an avalanche of errors -if [ ! -x "$M_SRV" ]; then - echo "Command '$M_SRV' is not an executable file" >&2 - exit 1 -fi -if [ ! -x "$M_CLI" ]; then - echo "Command '$M_CLI' is not an executable file" >&2 - exit 1 -fi - -if echo "$PEERS" | grep -i openssl > /dev/null; then - if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else - echo "Command '$OPENSSL_CMD' not found" >&2 - exit 1 - fi -fi - -if echo "$PEERS" | grep -i gnutls > /dev/null; then - for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do - if which "$CMD" >/dev/null 2>&1; then :; else - echo "Command '$CMD' not found" >&2 - exit 1 - fi - done -fi - -for PEER in $PEERS; do - case "$PEER" in - mbed*|[Oo]pen*|[Gg]nu*) - ;; - *) - echo "Unknown peers: $PEER" >&2 - exit 1 - esac -done - -# Pick a "unique" port in the range 10000-19999. -PORT="0000$$" -PORT="1$(echo $PORT | tail -c 5)" - -# Also pick a unique name for intermediate files -SRV_OUT="srv_out.$$" -CLI_OUT="cli_out.$$" - -# client timeout delay: be more patient with valgrind -if [ "$MEMCHECK" -gt 0 ]; then - DOG_DELAY=30 -else - DOG_DELAY=10 -fi - -SKIP_NEXT="NO" - -trap cleanup INT TERM HUP - -for VERIFY in $VERIFIES; do - for MODE in $MODES; do - for TYPE in $TYPES; do - for PEER in $PEERS; do - - setup_arguments - - case "$PEER" in - - [Oo]pen*) - - if test "$OSSL_NO_DTLS" -gt 0 && is_dtls "$MODE"; then - continue; - fi - - reset_ciphersuites - add_common_ciphersuites - add_openssl_ciphersuites - filter_ciphersuites - - if [ "X" != "X$M_CIPHERS" ]; then - start_server "OpenSSL" - for i in $M_CIPHERS; do - check_openssl_server_bug $i - run_client mbedTLS $i - done - stop_server - fi - - if [ "X" != "X$O_CIPHERS" ]; then - start_server "mbedTLS" - for i in $O_CIPHERS; do - run_client OpenSSL $i - done - stop_server - fi - - ;; - - [Gg]nu*) - - reset_ciphersuites - add_common_ciphersuites - add_gnutls_ciphersuites - filter_ciphersuites - - if [ "X" != "X$M_CIPHERS" ]; then - start_server "GnuTLS" - for i in $M_CIPHERS; do - run_client mbedTLS $i - done - stop_server - fi - - if [ "X" != "X$G_CIPHERS" ]; then - start_server "mbedTLS" - for i in $G_CIPHERS; do - run_client GnuTLS $i - done - stop_server - fi - - ;; - - mbed*) - - reset_ciphersuites - add_common_ciphersuites - add_openssl_ciphersuites - add_gnutls_ciphersuites - add_mbedtls_ciphersuites - filter_ciphersuites - - if [ "X" != "X$M_CIPHERS" ]; then - start_server "mbedTLS" - for i in $M_CIPHERS; do - run_client mbedTLS $i - done - stop_server - fi - - ;; - - *) - echo "Unknown peer: $PEER" >&2 - exit 1 - ;; - - esac - - done - done - done -done - -echo "------------------------------------------------------------------------" - -if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; -then - printf "FAILED" -else - printf "PASSED" -fi - -if [ "$MEMCHECK" -gt 0 ]; then - MEMREPORT=", $SRVMEM server memory errors" -else - MEMREPORT="" -fi - -PASSED=$(( $TESTS - $FAILED )) -echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))" - -FAILED=$(( $FAILED + $SRVMEM )) -exit $FAILED diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index ab95e2290..a653001e7 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -14,8 +14,6 @@ # The tests include: # * Unit tests - executed using tests/scripts/run-test-suite.pl # * Self-tests - executed using the test suites above -# * System tests - executed using tests/ssl-opt.sh -# * Interoperability tests - executed using tests/compat.sh # # The tests focus on functionality and do not consider performance. # @@ -36,30 +34,11 @@ if [ -d library -a -d include -a -d tests ]; then :; else exit 1 fi -: ${OPENSSL:="openssl"} -: ${OPENSSL_LEGACY:="$OPENSSL"} -: ${GNUTLS_CLI:="gnutls-cli"} -: ${GNUTLS_SERV:="gnutls-serv"} -: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} -: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} - -# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh -# we just export the variables they require -export OPENSSL_CMD="$OPENSSL" -export GNUTLS_CLI="$GNUTLS_CLI" -export GNUTLS_SERV="$GNUTLS_SERV" - CONFIG_H='include/mbedtls/config.h' CONFIG_BAK="$CONFIG_H.bak" # Step 0 - print build environment info -OPENSSL="$OPENSSL" \ - OPENSSL_LEGACY="$OPENSSL_LEGACY" \ - GNUTLS_CLI="$GNUTLS_CLI" \ - GNUTLS_SERV="$GNUTLS_SERV" \ - GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \ - GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \ - scripts/output_env.sh +scripts/output_env.sh echo # Step 1 - Make and instrumented build for code coverage @@ -79,25 +58,6 @@ cd tests perl scripts/run-test-suites.pl -v 2 |tee unit-test-$TEST_OUTPUT echo -# Step 2b - System Tests -sh ssl-opt.sh |tee sys-test-$TEST_OUTPUT -echo - -# Step 2c - Compatibility tests -sh compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' | \ - tee compat-test-$TEST_OUTPUT -OPENSSL_CMD="$OPENSSL_LEGACY" \ - sh compat.sh -m 'ssl3' |tee -a compat-test-$TEST_OUTPUT -OPENSSL_CMD="$OPENSSL_LEGACY" \ - GNUTLS_CLI="$GNUTLS_LEGACY_CLI" \ - GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \ - sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' | \ - tee -a compat-test-$TEST_OUTPUT -OPENSSL_CMD="$OPENSSL_NEXT" \ - sh compat.sh -e '^$' -f 'ARIA\|CHACHA' | \ - tee -a compat-test-$TEST_OUTPUT -echo - # Step 3 - Process the coverage report cd .. make lcov |tee tests/cov-$TEST_OUTPUT @@ -133,49 +93,6 @@ TOTAL_SKIP=$SKIPPED_TESTS TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS)) TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS)) -# Step 4b - TLS Options tests -echo "TLS Options tests - tests/ssl-opt.sh" - -PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p') -SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p') -TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p') -FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS)) - -echo "Passed : $PASSED_TESTS" -echo "Failed : $FAILED_TESTS" -echo "Skipped : $SKIPPED_TESTS" -echo "Total exec'd tests : $TOTAL_TESTS" -echo "Total avail tests : $(($TOTAL_TESTS + $SKIPPED_TESTS))" -echo - -TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) -TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) -TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) -TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS)) -TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS)) - - -# Step 4c - System Compatibility tests -echo "System/Compatibility tests - tests/compat.sh" - -PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') -SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') -EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') -FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS)) - -echo "Passed : $PASSED_TESTS" -echo "Failed : $FAILED_TESTS" -echo "Skipped : $SKIPPED_TESTS" -echo "Total exec'd tests : $EXED_TESTS" -echo "Total avail tests : $(($EXED_TESTS + $SKIPPED_TESTS))" -echo - -TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) -TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) -TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) -TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS)) -TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS)) - # Step 4d - Grand totals echo "-------------------------------------------------------------------------" @@ -209,8 +126,6 @@ echo rm unit-test-$TEST_OUTPUT -rm sys-test-$TEST_OUTPUT -rm compat-test-$TEST_OUTPUT rm cov-$TEST_OUTPUT cd .. diff --git a/tests/scripts/key-exchanges.pl b/tests/scripts/key-exchanges.pl deleted file mode 100755 index 3bf7ae34f..000000000 --- a/tests/scripts/key-exchanges.pl +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/env perl - -# key-exchanges.pl -# -# Copyright (c) 2015-2017, ARM Limited, All Rights Reserved -# -# Purpose -# -# To test the code dependencies on individual key exchanges in the SSL module. -# is a verification step to ensure we don't ship SSL code that do not work -# for some build options. -# -# The process is: -# for each possible key exchange -# build the library with all but that key exchange disabled -# -# Usage: tests/scripts/key-exchanges.pl -# -# This script should be executed from the root of the project directory. -# -# For best effect, run either with cmake disabled, or cmake enabled in a mode -# that includes -Werror. - -use warnings; -use strict; - --d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; - -my $sed_cmd = 's/^#define \(MBEDTLS_KEY_EXCHANGE_.*_ENABLED\)/\1/p'; -my $config_h = 'include/mbedtls/config.h'; -my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` ); - -system( "cp $config_h $config_h.bak" ) and die; -sub abort { - system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; - # use an exit code between 1 and 124 for git bisect (die returns 255) - warn $_[0]; - exit 1; -} - -for my $kex (@kexes) { - system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; - system( "make clean" ) and die; - - print "\n******************************************\n"; - print "* Testing with key exchange: $kex\n"; - print "******************************************\n"; - - # full config with all key exchanges disabled except one - system( "scripts/config.pl full" ) and abort "Failed config full\n"; - for my $k (@kexes) { - next if $k eq $kex; - system( "scripts/config.pl unset $k" ) - and abort "Failed to disable $k\n"; - } - - system( "make lib CFLAGS='-Os -Werror'" ) and abort "Failed to build lib: $kex\n"; -} - -system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; -system( "make clean" ) and die; -exit 0; diff --git a/tests/scripts/tcp_client.pl b/tests/scripts/tcp_client.pl deleted file mode 100755 index 11cbf1b1b..000000000 --- a/tests/scripts/tcp_client.pl +++ /dev/null @@ -1,86 +0,0 @@ -#!/usr/bin/env perl - -# A simple TCP client that sends some data and expects a response. -# Usage: tcp_client.pl HOSTNAME PORT DATA1 RESPONSE1 -# DATA: hex-encoded data to send to the server -# RESPONSE: regexp that must match the server's response - -use warnings; -use strict; -use IO::Socket::INET; - -# Pack hex digits into a binary string, ignoring whitespace. -sub parse_hex { - my ($hex) = @_; - $hex =~ s/\s+//g; - return pack('H*', $hex); -} - -## Open a TCP connection to the specified host and port. -sub open_connection { - my ($host, $port) = @_; - my $socket = IO::Socket::INET->new(PeerAddr => $host, - PeerPort => $port, - Proto => 'tcp', - Timeout => 1); - die "Cannot connect to $host:$port: $!" unless $socket; - return $socket; -} - -## Close the TCP connection. -sub close_connection { - my ($connection) = @_; - $connection->shutdown(2); - # Ignore shutdown failures (at least for now) - return 1; -} - -## Write the given data, expressed as hexadecimal -sub write_data { - my ($connection, $hexdata) = @_; - my $data = parse_hex($hexdata); - my $total_sent = 0; - while ($total_sent < length($data)) { - my $sent = $connection->send($data, 0); - if (!defined $sent) { - die "Unable to send data: $!"; - } - $total_sent += $sent; - } - return 1; -} - -## Read a response and check it against an expected prefix -sub read_response { - my ($connection, $expected_hex) = @_; - my $expected_data = parse_hex($expected_hex); - my $start_offset = 0; - while ($start_offset < length($expected_data)) { - my $actual_data; - my $ok = $connection->recv($actual_data, length($expected_data)); - if (!defined $ok) { - die "Unable to receive data: $!"; - } - if (($actual_data ^ substr($expected_data, $start_offset)) =~ /[^\000]/) { - printf STDERR ("Received \\x%02x instead of \\x%02x at offset %d\n", - ord(substr($actual_data, $-[0], 1)), - ord(substr($expected_data, $start_offset + $-[0], 1)), - $start_offset + $-[0]); - return 0; - } - $start_offset += length($actual_data); - } - return 1; -} - -if (@ARGV != 4) { - print STDERR "Usage: $0 HOSTNAME PORT DATA1 RESPONSE1\n"; - exit(3); -} -my ($host, $port, $data1, $response1) = @ARGV; -my $connection = open_connection($host, $port); -write_data($connection, $data1); -if (!read_response($connection, $response1)) { - exit(1); -} -close_connection($connection); diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index d12c4c2f0..56f2036ee 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -9,7 +9,7 @@ # Purpose # # For each reference configuration file in the configs directory, build the -# configuration, run the test suites and compat.sh +# configuration and run the test suites. # # Usage: tests/scripts/test-ref-configs.pl [config-name [...]] @@ -18,20 +18,14 @@ use strict; my %configs = ( 'config-default.h' => { - 'opt' => '-f Default', - 'compat' => '-m tls1_2 -V NO', }, 'config-mini-tls1_1.h' => { - 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', }, 'config-suite-b.h' => { - 'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", }, 'config-ccm-psk-tls1_2.h' => { - 'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', }, 'config-thread.h' => { - 'opt' => '-f ECJPAKE.*nolog', }, ); @@ -75,30 +69,6 @@ while( my ($conf, $data) = each %configs ) { system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n"; system( "make test" ) and abort "Failed test suite: $conf\n"; - - my $compat = $data->{'compat'}; - if( $compat ) - { - print "\nrunning compat.sh $compat\n"; - system( "tests/compat.sh $compat" ) - and abort "Failed compat.sh: $conf\n"; - } - else - { - print "\nskipping compat.sh\n"; - } - - my $opt = $data->{'opt'}; - if( $opt ) - { - print "\nrunning ssl-opt.sh $opt\n"; - system( "tests/ssl-opt.sh $opt" ) - and abort "Failed ssl-opt.sh: $conf\n"; - } - else - { - print "\nskipping ssl-opt.sh\n"; - } } system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; diff --git a/tests/scripts/travis-log-failure.sh b/tests/scripts/travis-log-failure.sh deleted file mode 100755 index 9866ca7da..000000000 --- a/tests/scripts/travis-log-failure.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -# travis-log-failure.sh -# -# This file is part of mbed TLS (https://tls.mbed.org) -# -# Copyright (c) 2016, ARM Limited, All Rights Reserved -# -# Purpose -# -# List the server and client logs on failed ssl-opt.sh and compat.sh tests. -# This script is used to make the logs show up in the Travis test results. -# -# Some of the logs can be very long: this means usually a couple of megabytes -# but it can be much more. For example, the client log of test 273 in ssl-opt.sh -# is more than 630 Megabytes long. - -if [ -d include/mbedtls ]; then :; else - echo "$0: must be run from root" >&2 - exit 1 -fi - -FILES="o-srv-*.log o-cli-*.log c-srv-*.log c-cli-*.log o-pxy-*.log" -MAX_LOG_SIZE=1048576 - -for PATTERN in $FILES; do - for LOG in $( ls tests/$PATTERN 2>/dev/null ); do - echo - echo "****** BEGIN file: $LOG ******" - echo - tail -c $MAX_LOG_SIZE $LOG - echo "****** END file: $LOG ******" - echo - rm $LOG - done -done diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh deleted file mode 100755 index d952f33fd..000000000 --- a/tests/ssl-opt.sh +++ /dev/null @@ -1,7707 +0,0 @@ -#!/bin/sh - -# ssl-opt.sh -# -# This file is part of mbed TLS (https://tls.mbed.org) -# -# Copyright (c) 2016, ARM Limited, All Rights Reserved -# -# Purpose -# -# Executes tests to prove various TLS/SSL options and extensions. -# -# The goal is not to cover every ciphersuite/version, but instead to cover -# specific options (max fragment length, truncated hmac, etc) or procedures -# (session resumption from cache or ticket, renego, etc). -# -# The tests assume a build with default options, with exceptions expressed -# with a dependency. The tests focus on functionality and do not consider -# performance. -# - -set -u - -if cd $( dirname $0 ); then :; else - echo "cd $( dirname $0 ) failed" >&2 - exit 1 -fi - -# default values, can be overridden by the environment -: ${P_SRV:=../programs/ssl/ssl_server2} -: ${P_CLI:=../programs/ssl/ssl_client2} -: ${P_PXY:=../programs/test/udp_proxy} -: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system -: ${GNUTLS_CLI:=gnutls-cli} -: ${GNUTLS_SERV:=gnutls-serv} -: ${PERL:=perl} - -O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key" -O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client" -G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" -G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt" -TCP_CLIENT="$PERL scripts/tcp_client.pl" - -# alternative versions of OpenSSL and GnuTLS (no default path) - -if [ -n "${OPENSSL_LEGACY:-}" ]; then - O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key" - O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client" -else - O_LEGACY_SRV=false - O_LEGACY_CLI=false -fi - -if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then - G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" -else - G_NEXT_SRV=false -fi - -if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then - G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt" -else - G_NEXT_CLI=false -fi - -TESTS=0 -FAILS=0 -SKIPS=0 - -CONFIG_H='../include/mbedtls/config.h' - -MEMCHECK=0 -FILTER='.*' -EXCLUDE='^$' - -SHOW_TEST_NUMBER=0 -RUN_TEST_NUMBER='' - -PRESERVE_LOGS=0 - -# Pick a "unique" server port in the range 10000-19999, and a proxy -# port which is this plus 10000. Each port number may be independently -# overridden by a command line option. -SRV_PORT=$(($$ % 10000 + 10000)) -PXY_PORT=$((SRV_PORT + 10000)) - -print_usage() { - echo "Usage: $0 [options]" - printf " -h|--help\tPrint this help.\n" - printf " -m|--memcheck\tCheck memory leaks and errors.\n" - printf " -f|--filter\tOnly matching tests are executed (BRE; default: '$FILTER')\n" - printf " -e|--exclude\tMatching tests are excluded (BRE; default: '$EXCLUDE')\n" - printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" - printf " -s|--show-numbers\tShow test numbers in front of test names\n" - printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" - printf " --port\tTCP/UDP port (default: randomish 1xxxx)\n" - printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n" - printf " --seed\tInteger seed value to use for this test run\n" -} - -get_options() { - while [ $# -gt 0 ]; do - case "$1" in - -f|--filter) - shift; FILTER=$1 - ;; - -e|--exclude) - shift; EXCLUDE=$1 - ;; - -m|--memcheck) - MEMCHECK=1 - ;; - -n|--number) - shift; RUN_TEST_NUMBER=$1 - ;; - -s|--show-numbers) - SHOW_TEST_NUMBER=1 - ;; - -p|--preserve-logs) - PRESERVE_LOGS=1 - ;; - --port) - shift; SRV_PORT=$1 - ;; - --proxy-port) - shift; PXY_PORT=$1 - ;; - --seed) - shift; SEED="$1" - ;; - -h|--help) - print_usage - exit 0 - ;; - *) - echo "Unknown argument: '$1'" - print_usage - exit 1 - ;; - esac - shift - done -} - -# Skip next test; use this macro to skip tests which are legitimate -# in theory and expected to be re-introduced at some point, but -# aren't expected to succeed at the moment due to problems outside -# our control (such as bugs in other TLS implementations). -skip_next_test() { - SKIP_NEXT="YES" -} - -# skip next test if the flag is not enabled in config.h -requires_config_enabled() { - if grep "^#define $1" $CONFIG_H > /dev/null; then :; else - SKIP_NEXT="YES" - fi -} - -# skip next test if the flag is enabled in config.h -requires_config_disabled() { - if grep "^#define $1" $CONFIG_H > /dev/null; then - SKIP_NEXT="YES" - fi -} - -get_config_value_or_default() { - # This function uses the query_config command line option to query the - # required Mbed TLS compile time configuration from the ssl_server2 - # program. The command will always return a success value if the - # configuration is defined and the value will be printed to stdout. - # - # Note that if the configuration is not defined or is defined to nothing, - # the output of this function will be an empty string. - ${P_SRV} "query_config=${1}" -} - -requires_config_value_at_least() { - VAL="$( get_config_value_or_default "$1" )" - if [ -z "$VAL" ]; then - # Should never happen - echo "Mbed TLS configuration $1 is not defined" - exit 1 - elif [ "$VAL" -lt "$2" ]; then - SKIP_NEXT="YES" - fi -} - -requires_config_value_at_most() { - VAL=$( get_config_value_or_default "$1" ) - if [ -z "$VAL" ]; then - # Should never happen - echo "Mbed TLS configuration $1 is not defined" - exit 1 - elif [ "$VAL" -gt "$2" ]; then - SKIP_NEXT="YES" - fi -} - -requires_ciphersuite_enabled() { - if [ -z "$($P_CLI --help | grep $1)" ]; then - SKIP_NEXT="YES" - fi -} - -# skip next test if OpenSSL doesn't support FALLBACK_SCSV -requires_openssl_with_fallback_scsv() { - if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then - if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null - then - OPENSSL_HAS_FBSCSV="YES" - else - OPENSSL_HAS_FBSCSV="NO" - fi - fi - if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - -# skip next test if GnuTLS isn't available -requires_gnutls() { - if [ -z "${GNUTLS_AVAILABLE:-}" ]; then - if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then - GNUTLS_AVAILABLE="YES" - else - GNUTLS_AVAILABLE="NO" - fi - fi - if [ "$GNUTLS_AVAILABLE" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - -# skip next test if GnuTLS-next isn't available -requires_gnutls_next() { - if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then - if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then - GNUTLS_NEXT_AVAILABLE="YES" - else - GNUTLS_NEXT_AVAILABLE="NO" - fi - fi - if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - -# skip next test if OpenSSL-legacy isn't available -requires_openssl_legacy() { - if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then - if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then - OPENSSL_LEGACY_AVAILABLE="YES" - else - OPENSSL_LEGACY_AVAILABLE="NO" - fi - fi - if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - -# skip next test if IPv6 isn't available on this host -requires_ipv6() { - if [ -z "${HAS_IPV6:-}" ]; then - $P_SRV server_addr='::1' > $SRV_OUT 2>&1 & - SRV_PID=$! - sleep 1 - kill $SRV_PID >/dev/null 2>&1 - if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then - HAS_IPV6="NO" - else - HAS_IPV6="YES" - fi - rm -r $SRV_OUT - fi - - if [ "$HAS_IPV6" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - -# skip next test if it's i686 or uname is not available -requires_not_i686() { - if [ -z "${IS_I686:-}" ]; then - IS_I686="YES" - if which "uname" >/dev/null 2>&1; then - if [ -z "$(uname -a | grep i686)" ]; then - IS_I686="NO" - fi - fi - fi - if [ "$IS_I686" = "YES" ]; then - SKIP_NEXT="YES" - fi -} - -# Calculate the input & output maximum content lengths set in the config -MAX_CONTENT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384") -MAX_IN_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") -MAX_OUT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") - -if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then - MAX_CONTENT_LEN="$MAX_IN_LEN" -fi -if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then - MAX_CONTENT_LEN="$MAX_OUT_LEN" -fi - -# skip the next test if the SSL output buffer is less than 16KB -requires_full_size_output_buffer() { - if [ "$MAX_OUT_LEN" -ne 16384 ]; then - SKIP_NEXT="YES" - fi -} - -# skip the next test if valgrind is in use -not_with_valgrind() { - if [ "$MEMCHECK" -gt 0 ]; then - SKIP_NEXT="YES" - fi -} - -# skip the next test if valgrind is NOT in use -only_with_valgrind() { - if [ "$MEMCHECK" -eq 0 ]; then - SKIP_NEXT="YES" - fi -} - -# multiply the client timeout delay by the given factor for the next test -client_needs_more_time() { - CLI_DELAY_FACTOR=$1 -} - -# wait for the given seconds after the client finished in the next test -server_needs_more_time() { - SRV_DELAY_SECONDS=$1 -} - -# print_name -print_name() { - TESTS=$(( $TESTS + 1 )) - LINE="" - - if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then - LINE="$TESTS " - fi - - LINE="$LINE$1" - printf "$LINE " - LEN=$(( 72 - `echo "$LINE" | wc -c` )) - for i in `seq 1 $LEN`; do printf '.'; done - printf ' ' - -} - -# fail -fail() { - echo "FAIL" - echo " ! $1" - - mv $SRV_OUT o-srv-${TESTS}.log - mv $CLI_OUT o-cli-${TESTS}.log - if [ -n "$PXY_CMD" ]; then - mv $PXY_OUT o-pxy-${TESTS}.log - fi - echo " ! outputs saved to o-XXX-${TESTS}.log" - - if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot -o "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then - echo " ! server output:" - cat o-srv-${TESTS}.log - echo " ! ========================================================" - echo " ! client output:" - cat o-cli-${TESTS}.log - if [ -n "$PXY_CMD" ]; then - echo " ! ========================================================" - echo " ! proxy output:" - cat o-pxy-${TESTS}.log - fi - echo "" - fi - - FAILS=$(( $FAILS + 1 )) -} - -# is_polar -is_polar() { - echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null -} - -# openssl s_server doesn't have -www with DTLS -check_osrv_dtls() { - if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then - NEEDS_INPUT=1 - SRV_CMD="$( echo $SRV_CMD | sed s/-www// )" - else - NEEDS_INPUT=0 - fi -} - -# provide input to commands that need it -provide_input() { - if [ $NEEDS_INPUT -eq 0 ]; then - return - fi - - while true; do - echo "HTTP/1.0 200 OK" - sleep 1 - done -} - -# has_mem_err -has_mem_err() { - if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && - grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null - then - return 1 # false: does not have errors - else - return 0 # true: has errors - fi -} - -# Wait for process $2 to be listening on port $1 -if type lsof >/dev/null 2>/dev/null; then - wait_server_start() { - START_TIME=$(date +%s) - if [ "$DTLS" -eq 1 ]; then - proto=UDP - else - proto=TCP - fi - # Make a tight loop, server normally takes less than 1s to start. - while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do - if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then - echo "SERVERSTART TIMEOUT" - echo "SERVERSTART TIMEOUT" >> $SRV_OUT - break - fi - # Linux and *BSD support decimal arguments to sleep. On other - # OSes this may be a tight loop. - sleep 0.1 2>/dev/null || true - done - } -else - echo "Warning: lsof not available, wait_server_start = sleep" - wait_server_start() { - sleep "$START_DELAY" - } -fi - -# Given the client or server debug output, parse the unix timestamp that is -# included in the first 4 bytes of the random bytes and check that it's within -# acceptable bounds -check_server_hello_time() { - # Extract the time from the debug (lvl 3) output of the client - SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")" - # Get the Unix timestamp for now - CUR_TIME=$(date +'%s') - THRESHOLD_IN_SECS=300 - - # Check if the ServerHello time was printed - if [ -z "$SERVER_HELLO_TIME" ]; then - return 1 - fi - - # Check the time in ServerHello is within acceptable bounds - if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then - # The time in ServerHello is at least 5 minutes before now - return 1 - elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then - # The time in ServerHello is at least 5 minutes later than now - return 1 - else - return 0 - fi -} - -# wait for client to terminate and set CLI_EXIT -# must be called right after starting the client -wait_client_done() { - CLI_PID=$! - - CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR )) - CLI_DELAY_FACTOR=1 - - ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) & - DOG_PID=$! - - wait $CLI_PID - CLI_EXIT=$? - - kill $DOG_PID >/dev/null 2>&1 - wait $DOG_PID - - echo "EXIT: $CLI_EXIT" >> $CLI_OUT - - sleep $SRV_DELAY_SECONDS - SRV_DELAY_SECONDS=0 -} - -# check if the given command uses dtls and sets global variable DTLS -detect_dtls() { - if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then - DTLS=1 - else - DTLS=0 - fi -} - -# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] -# Options: -s pattern pattern that must be present in server output -# -c pattern pattern that must be present in client output -# -u pattern lines after pattern must be unique in client output -# -f call shell function on client output -# -S pattern pattern that must be absent in server output -# -C pattern pattern that must be absent in client output -# -U pattern lines after pattern must be unique in server output -# -F call shell function on server output -run_test() { - NAME="$1" - shift 1 - - if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then : - else - SKIP_NEXT="NO" - return - fi - - print_name "$NAME" - - # Do we only run numbered tests? - if [ "X$RUN_TEST_NUMBER" = "X" ]; then : - elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then : - else - SKIP_NEXT="YES" - fi - - # does this test use a proxy? - if [ "X$1" = "X-p" ]; then - PXY_CMD="$2" - shift 2 - else - PXY_CMD="" - fi - - # get commands and client output - SRV_CMD="$1" - CLI_CMD="$2" - CLI_EXPECT="$3" - shift 3 - - # Check if server forces ciphersuite - FORCE_CIPHERSUITE=$(echo "$SRV_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p') - if [ ! -z "$FORCE_CIPHERSUITE" ]; then - requires_ciphersuite_enabled $FORCE_CIPHERSUITE - fi - - # Check if client forces ciphersuite - FORCE_CIPHERSUITE=$(echo "$CLI_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p') - if [ ! -z "$FORCE_CIPHERSUITE" ]; then - requires_ciphersuite_enabled $FORCE_CIPHERSUITE - fi - - # should we skip? - if [ "X$SKIP_NEXT" = "XYES" ]; then - SKIP_NEXT="NO" - echo "SKIP" - SKIPS=$(( $SKIPS + 1 )) - return - fi - - # fix client port - if [ -n "$PXY_CMD" ]; then - CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g ) - else - CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g ) - fi - - # update DTLS variable - detect_dtls "$SRV_CMD" - - # prepend valgrind to our commands if active - if [ "$MEMCHECK" -gt 0 ]; then - if is_polar "$SRV_CMD"; then - SRV_CMD="valgrind --leak-check=full $SRV_CMD" - fi - if is_polar "$CLI_CMD"; then - CLI_CMD="valgrind --leak-check=full $CLI_CMD" - fi - fi - - TIMES_LEFT=2 - while [ $TIMES_LEFT -gt 0 ]; do - TIMES_LEFT=$(( $TIMES_LEFT - 1 )) - - # run the commands - if [ -n "$PXY_CMD" ]; then - echo "$PXY_CMD" > $PXY_OUT - $PXY_CMD >> $PXY_OUT 2>&1 & - PXY_PID=$! - # assume proxy starts faster than server - fi - - check_osrv_dtls - echo "$SRV_CMD" > $SRV_OUT - provide_input | $SRV_CMD >> $SRV_OUT 2>&1 & - SRV_PID=$! - wait_server_start "$SRV_PORT" "$SRV_PID" - - echo "$CLI_CMD" > $CLI_OUT - eval "$CLI_CMD" >> $CLI_OUT 2>&1 & - wait_client_done - - sleep 0.05 - - # terminate the server (and the proxy) - kill $SRV_PID - wait $SRV_PID - - if [ -n "$PXY_CMD" ]; then - kill $PXY_PID >/dev/null 2>&1 - wait $PXY_PID - fi - - # retry only on timeouts - if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then - printf "RETRY " - else - TIMES_LEFT=0 - fi - done - - # check if the client and server went at least to the handshake stage - # (useful to avoid tests with only negative assertions and non-zero - # expected client exit to incorrectly succeed in case of catastrophic - # failure) - if is_polar "$SRV_CMD"; then - if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; - else - fail "server or client failed to reach handshake stage" - return - fi - fi - if is_polar "$CLI_CMD"; then - if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; - else - fail "server or client failed to reach handshake stage" - return - fi - fi - - # check server exit code - if [ $? != 0 ]; then - fail "server fail" - return - fi - - # check client exit code - if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \ - \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ] - then - fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)" - return - fi - - # check other assertions - # lines beginning with == are added by valgrind, ignore them - # lines with 'Serious error when reading debug info', are valgrind issues as well - while [ $# -gt 0 ] - do - case $1 in - "-s") - if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else - fail "pattern '$2' MUST be present in the Server output" - return - fi - ;; - - "-c") - if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else - fail "pattern '$2' MUST be present in the Client output" - return - fi - ;; - - "-S") - if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then - fail "pattern '$2' MUST NOT be present in the Server output" - return - fi - ;; - - "-C") - if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then - fail "pattern '$2' MUST NOT be present in the Client output" - return - fi - ;; - - # The filtering in the following two options (-u and -U) do the following - # - ignore valgrind output - # - filter out everything but lines right after the pattern occurrences - # - keep one of each non-unique line - # - count how many lines remain - # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1 - # if there were no duplicates. - "-U") - if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then - fail "lines following pattern '$2' must be unique in Server output" - return - fi - ;; - - "-u") - if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then - fail "lines following pattern '$2' must be unique in Client output" - return - fi - ;; - "-F") - if ! $2 "$SRV_OUT"; then - fail "function call to '$2' failed on Server output" - return - fi - ;; - "-f") - if ! $2 "$CLI_OUT"; then - fail "function call to '$2' failed on Client output" - return - fi - ;; - - *) - echo "Unknown test: $1" >&2 - exit 1 - esac - shift 2 - done - - # check valgrind's results - if [ "$MEMCHECK" -gt 0 ]; then - if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then - fail "Server has memory errors" - return - fi - if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then - fail "Client has memory errors" - return - fi - fi - - # if we're here, everything is ok - echo "PASS" - if [ "$PRESERVE_LOGS" -gt 0 ]; then - mv $SRV_OUT o-srv-${TESTS}.log - mv $CLI_OUT o-cli-${TESTS}.log - if [ -n "$PXY_CMD" ]; then - mv $PXY_OUT o-pxy-${TESTS}.log - fi - fi - - rm -f $SRV_OUT $CLI_OUT $PXY_OUT -} - -run_test_psa() { - requires_config_enabled MBEDTLS_USE_PSA_CRYPTO - run_test "PSA-supported ciphersuite: $1" \ - "$P_SRV debug_level=2 force_version=tls1_2" \ - "$P_CLI debug_level=2 force_version=tls1_2 force_ciphersuite=$1" \ - 0 \ - -c "Successfully setup PSA-based decryption cipher context" \ - -c "Successfully setup PSA-based encryption cipher context" \ - -c "PSA calc verify" \ - -c "calc PSA finished" \ - -s "Successfully setup PSA-based decryption cipher context" \ - -s "Successfully setup PSA-based encryption cipher context" \ - -s "PSA calc verify" \ - -s "calc PSA finished" \ - -C "Failed to setup PSA-based cipher context"\ - -S "Failed to setup PSA-based cipher context"\ - -s "Protocol is TLSv1.2" \ - -c "Perform PSA-based ECDH computation."\ - -c "Perform PSA-based computation of digest of ServerKeyExchange" \ - -S "error" \ - -C "error" -} - -run_test_psa_force_curve() { - requires_config_enabled MBEDTLS_USE_PSA_CRYPTO - run_test "PSA - ECDH with $1" \ - "$P_SRV debug_level=4 force_version=tls1_2" \ - "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ - 0 \ - -c "Successfully setup PSA-based decryption cipher context" \ - -c "Successfully setup PSA-based encryption cipher context" \ - -c "PSA calc verify" \ - -c "calc PSA finished" \ - -s "Successfully setup PSA-based decryption cipher context" \ - -s "Successfully setup PSA-based encryption cipher context" \ - -s "PSA calc verify" \ - -s "calc PSA finished" \ - -C "Failed to setup PSA-based cipher context"\ - -S "Failed to setup PSA-based cipher context"\ - -s "Protocol is TLSv1.2" \ - -c "Perform PSA-based ECDH computation."\ - -c "Perform PSA-based computation of digest of ServerKeyExchange" \ - -S "error" \ - -C "error" -} - -cleanup() { - rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION - test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1 - test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1 - test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1 - test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1 - exit 1 -} - -# -# MAIN -# - -get_options "$@" - -# sanity checks, avoid an avalanche of errors -P_SRV_BIN="${P_SRV%%[ ]*}" -P_CLI_BIN="${P_CLI%%[ ]*}" -P_PXY_BIN="${P_PXY%%[ ]*}" -if [ ! -x "$P_SRV_BIN" ]; then - echo "Command '$P_SRV_BIN' is not an executable file" - exit 1 -fi -if [ ! -x "$P_CLI_BIN" ]; then - echo "Command '$P_CLI_BIN' is not an executable file" - exit 1 -fi -if [ ! -x "$P_PXY_BIN" ]; then - echo "Command '$P_PXY_BIN' is not an executable file" - exit 1 -fi -if [ "$MEMCHECK" -gt 0 ]; then - if which valgrind >/dev/null 2>&1; then :; else - echo "Memcheck not possible. Valgrind not found" - exit 1 - fi -fi -if which $OPENSSL_CMD >/dev/null 2>&1; then :; else - echo "Command '$OPENSSL_CMD' not found" - exit 1 -fi - -# used by watchdog -MAIN_PID="$$" - -# We use somewhat arbitrary delays for tests: -# - how long do we wait for the server to start (when lsof not available)? -# - how long do we allow for the client to finish? -# (not to check performance, just to avoid waiting indefinitely) -# Things are slower with valgrind, so give extra time here. -# -# Note: without lsof, there is a trade-off between the running time of this -# script and the risk of spurious errors because we didn't wait long enough. -# The watchdog delay on the other hand doesn't affect normal running time of -# the script, only the case where a client or server gets stuck. -if [ "$MEMCHECK" -gt 0 ]; then - START_DELAY=6 - DOG_DELAY=60 -else - START_DELAY=2 - DOG_DELAY=20 -fi - -# some particular tests need more time: -# - for the client, we multiply the usual watchdog limit by a factor -# - for the server, we sleep for a number of seconds after the client exits -# see client_need_more_time() and server_needs_more_time() -CLI_DELAY_FACTOR=1 -SRV_DELAY_SECONDS=0 - -# fix commands to use this port, force IPv4 while at it -# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later -P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" -P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" -P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" -O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" -O_CLI="$O_CLI -connect localhost:+SRV_PORT" -G_SRV="$G_SRV -p $SRV_PORT" -G_CLI="$G_CLI -p +SRV_PORT" - -if [ -n "${OPENSSL_LEGACY:-}" ]; then - O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" - O_LEGACY_CLI="$O_LEGACY_CLI -connect localhost:+SRV_PORT" -fi - -if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then - G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" -fi - -if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then - G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT" -fi - -# Allow SHA-1, because many of our test certificates use it -P_SRV="$P_SRV allow_sha1=1" -P_CLI="$P_CLI allow_sha1=1" - -# Also pick a unique name for intermediate files -SRV_OUT="srv_out.$$" -CLI_OUT="cli_out.$$" -PXY_OUT="pxy_out.$$" -SESSION="session.$$" - -SKIP_NEXT="NO" - -trap cleanup INT TERM HUP - -# Basic test - -# Checks that: -# - things work with all ciphersuites active (used with config-full in all.sh) -# - the expected (highest security) parameters are selected -# ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) -run_test "Default" \ - "$P_SRV debug_level=3" \ - "$P_CLI" \ - 0 \ - -s "Protocol is TLSv1.2" \ - -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ - -s "client hello v3, signature_algorithm ext: 6" \ - -s "ECDHE curve: secp521r1" \ - -S "error" \ - -C "error" - -run_test "Default, DTLS" \ - "$P_SRV dtls=1" \ - "$P_CLI dtls=1" \ - 0 \ - -s "Protocol is DTLSv1.2" \ - -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" - -# Test using an opaque private key for client authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -run_test "Opaque key for client authentication" \ - "$P_SRV auth_mode=required" \ - "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ - 0 \ - -c "key type: Opaque" \ - -s "Verifying peer X.509 certificate... ok" \ - -S "error" \ - -C "error" - -# Test ciphersuites which we expect to be fully supported by PSA Crypto -# and check that we don't fall back to Mbed TLS' internal crypto primitives. -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 -run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 - -requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED -run_test_psa_force_curve "secp521r1" -requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED -run_test_psa_force_curve "brainpoolP512r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED -run_test_psa_force_curve "secp384r1" -requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED -run_test_psa_force_curve "brainpoolP384r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -run_test_psa_force_curve "secp256r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED -run_test_psa_force_curve "secp256k1" -requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED -run_test_psa_force_curve "brainpoolP256r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED -run_test_psa_force_curve "secp224r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED -run_test_psa_force_curve "secp224k1" -requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED -run_test_psa_force_curve "secp192r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED -run_test_psa_force_curve "secp192k1" - -# Test current time in ServerHello -requires_config_enabled MBEDTLS_HAVE_TIME -run_test "ServerHello contains gmt_unix_time" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ - 0 \ - -f "check_server_hello_time" \ - -F "check_server_hello_time" - -# Test for uniqueness of IVs in AEAD ciphersuites -run_test "Unique IV in GCM" \ - "$P_SRV exchanges=20 debug_level=4" \ - "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ - 0 \ - -u "IV used" \ - -U "IV used" - -# Tests for rc4 option - -requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES -run_test "RC4: server disabled, client enabled" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 1 \ - -s "SSL - The server has no ciphersuites in common" - -requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES -run_test "RC4: server half, client enabled" \ - "$P_SRV arc4=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 1 \ - -s "SSL - The server has no ciphersuites in common" - -run_test "RC4: server enabled, client disabled" \ - "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI" \ - 1 \ - -s "SSL - The server has no ciphersuites in common" - -run_test "RC4: both enabled" \ - "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - The server has no ciphersuites in common" - -# Test empty CA list in CertificateRequest in TLS 1.1 and earlier - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \ - "$G_SRV"\ - "$P_CLI force_version=tls1_1" \ - 0 - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 -run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \ - "$G_SRV"\ - "$P_CLI force_version=tls1" \ - 0 - -# Tests for SHA-1 support - -requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES -run_test "SHA-1 forbidden by default in server certificate" \ - "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ - "$P_CLI debug_level=2 allow_sha1=0" \ - 1 \ - -c "The certificate is signed with an unacceptable hash" - -requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES -run_test "SHA-1 forbidden by default in server certificate" \ - "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ - "$P_CLI debug_level=2 allow_sha1=0" \ - 0 - -run_test "SHA-1 explicitly allowed in server certificate" \ - "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ - "$P_CLI allow_sha1=1" \ - 0 - -run_test "SHA-256 allowed by default in server certificate" \ - "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \ - "$P_CLI allow_sha1=0" \ - 0 - -requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES -run_test "SHA-1 forbidden by default in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=0" \ - "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ - 1 \ - -s "The certificate is signed with an unacceptable hash" - -requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES -run_test "SHA-1 forbidden by default in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=0" \ - "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ - 0 - -run_test "SHA-1 explicitly allowed in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=1" \ - "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ - 0 - -run_test "SHA-256 allowed by default in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=0" \ - "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \ - 0 - -# Tests for datagram packing -run_test "DTLS: multiple records in same datagram, client and server" \ - "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \ - 0 \ - -c "next record in same datagram" \ - -s "next record in same datagram" - -run_test "DTLS: multiple records in same datagram, client only" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \ - 0 \ - -s "next record in same datagram" \ - -C "next record in same datagram" - -run_test "DTLS: multiple records in same datagram, server only" \ - "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ - 0 \ - -S "next record in same datagram" \ - -c "next record in same datagram" - -run_test "DTLS: multiple records in same datagram, neither client nor server" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ - 0 \ - -S "next record in same datagram" \ - -C "next record in same datagram" - -# Tests for Truncated HMAC extension - -run_test "Truncated HMAC: client default, server default" \ - "$P_SRV debug_level=4" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client disabled, server default" \ - "$P_SRV debug_level=4" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client enabled, server default" \ - "$P_SRV debug_level=4" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client enabled, server disabled" \ - "$P_SRV debug_level=4 trunc_hmac=0" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client disabled, server enabled" \ - "$P_SRV debug_level=4 trunc_hmac=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC: client enabled, server enabled" \ - "$P_SRV debug_level=4 trunc_hmac=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -S "dumping 'expected mac' (20 bytes)" \ - -s "dumping 'expected mac' (10 bytes)" - -run_test "Truncated HMAC, DTLS: client default, server default" \ - "$P_SRV dtls=1 debug_level=4" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client disabled, server default" \ - "$P_SRV dtls=1 debug_level=4" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client enabled, server default" \ - "$P_SRV dtls=1 debug_level=4" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client enabled, server disabled" \ - "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client disabled, server enabled" \ - "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ - 0 \ - -s "dumping 'expected mac' (20 bytes)" \ - -S "dumping 'expected mac' (10 bytes)" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ - "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \ - "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ - 0 \ - -S "dumping 'expected mac' (20 bytes)" \ - -s "dumping 'expected mac' (10 bytes)" - -# Tests for Encrypt-then-MAC extension - -run_test "Encrypt then MAC: default" \ - "$P_SRV debug_level=3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - "$P_CLI debug_level=3" \ - 0 \ - -c "client hello, adding encrypt_then_mac extension" \ - -s "found encrypt then mac extension" \ - -s "server hello, adding encrypt then mac extension" \ - -c "found encrypt_then_mac extension" \ - -c "using encrypt then mac" \ - -s "using encrypt then mac" - -run_test "Encrypt then MAC: client enabled, server disabled" \ - "$P_SRV debug_level=3 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - "$P_CLI debug_level=3 etm=1" \ - 0 \ - -c "client hello, adding encrypt_then_mac extension" \ - -s "found encrypt then mac extension" \ - -S "server hello, adding encrypt then mac extension" \ - -C "found encrypt_then_mac extension" \ - -C "using encrypt then mac" \ - -S "using encrypt then mac" - -run_test "Encrypt then MAC: client enabled, aead cipher" \ - "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI debug_level=3 etm=1" \ - 0 \ - -c "client hello, adding encrypt_then_mac extension" \ - -s "found encrypt then mac extension" \ - -S "server hello, adding encrypt then mac extension" \ - -C "found encrypt_then_mac extension" \ - -C "using encrypt then mac" \ - -S "using encrypt then mac" - -run_test "Encrypt then MAC: client enabled, stream cipher" \ - "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "client hello, adding encrypt_then_mac extension" \ - -s "found encrypt then mac extension" \ - -S "server hello, adding encrypt then mac extension" \ - -C "found encrypt_then_mac extension" \ - -C "using encrypt then mac" \ - -S "using encrypt then mac" - -run_test "Encrypt then MAC: client disabled, server enabled" \ - "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - "$P_CLI debug_level=3 etm=0" \ - 0 \ - -C "client hello, adding encrypt_then_mac extension" \ - -S "found encrypt then mac extension" \ - -S "server hello, adding encrypt then mac extension" \ - -C "found encrypt_then_mac extension" \ - -C "using encrypt then mac" \ - -S "using encrypt then mac" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Encrypt then MAC: client SSLv3, server enabled" \ - "$P_SRV debug_level=3 min_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - "$P_CLI debug_level=3 force_version=ssl3" \ - 0 \ - -C "client hello, adding encrypt_then_mac extension" \ - -S "found encrypt then mac extension" \ - -S "server hello, adding encrypt then mac extension" \ - -C "found encrypt_then_mac extension" \ - -C "using encrypt then mac" \ - -S "using encrypt then mac" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Encrypt then MAC: client enabled, server SSLv3" \ - "$P_SRV debug_level=3 force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - "$P_CLI debug_level=3 min_version=ssl3" \ - 0 \ - -c "client hello, adding encrypt_then_mac extension" \ - -S "found encrypt then mac extension" \ - -S "server hello, adding encrypt then mac extension" \ - -C "found encrypt_then_mac extension" \ - -C "using encrypt then mac" \ - -S "using encrypt then mac" - -# Tests for Extended Master Secret extension - -run_test "Extended Master Secret: default" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ - 0 \ - -c "client hello, adding extended_master_secret extension" \ - -s "found extended master secret extension" \ - -s "server hello, adding extended master secret extension" \ - -c "found extended_master_secret extension" \ - -c "using extended master secret" \ - -s "using extended master secret" - -run_test "Extended Master Secret: client enabled, server disabled" \ - "$P_SRV debug_level=3 extended_ms=0" \ - "$P_CLI debug_level=3 extended_ms=1" \ - 0 \ - -c "client hello, adding extended_master_secret extension" \ - -s "found extended master secret extension" \ - -S "server hello, adding extended master secret extension" \ - -C "found extended_master_secret extension" \ - -C "using extended master secret" \ - -S "using extended master secret" - -run_test "Extended Master Secret: client disabled, server enabled" \ - "$P_SRV debug_level=3 extended_ms=1" \ - "$P_CLI debug_level=3 extended_ms=0" \ - 0 \ - -C "client hello, adding extended_master_secret extension" \ - -S "found extended master secret extension" \ - -S "server hello, adding extended master secret extension" \ - -C "found extended_master_secret extension" \ - -C "using extended master secret" \ - -S "using extended master secret" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Extended Master Secret: client SSLv3, server enabled" \ - "$P_SRV debug_level=3 min_version=ssl3" \ - "$P_CLI debug_level=3 force_version=ssl3" \ - 0 \ - -C "client hello, adding extended_master_secret extension" \ - -S "found extended master secret extension" \ - -S "server hello, adding extended master secret extension" \ - -C "found extended_master_secret extension" \ - -C "using extended master secret" \ - -S "using extended master secret" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Extended Master Secret: client enabled, server SSLv3" \ - "$P_SRV debug_level=3 force_version=ssl3" \ - "$P_CLI debug_level=3 min_version=ssl3" \ - 0 \ - -c "client hello, adding extended_master_secret extension" \ - -S "found extended master secret extension" \ - -S "server hello, adding extended master secret extension" \ - -C "found extended_master_secret extension" \ - -C "using extended master secret" \ - -S "using extended master secret" - -# Tests for FALLBACK_SCSV - -run_test "Fallback SCSV: default" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 force_version=tls1_1" \ - 0 \ - -C "adding FALLBACK_SCSV" \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" \ - -C "is a fatal alert message (msg 86)" - -run_test "Fallback SCSV: explicitly disabled" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ - 0 \ - -C "adding FALLBACK_SCSV" \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" \ - -C "is a fatal alert message (msg 86)" - -run_test "Fallback SCSV: enabled" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ - 1 \ - -c "adding FALLBACK_SCSV" \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" \ - -c "is a fatal alert message (msg 86)" - -run_test "Fallback SCSV: enabled, max version" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 fallback=1" \ - 0 \ - -c "adding FALLBACK_SCSV" \ - -s "received FALLBACK_SCSV" \ - -S "inapropriate fallback" \ - -C "is a fatal alert message (msg 86)" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: default, openssl server" \ - "$O_SRV" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ - 0 \ - -C "adding FALLBACK_SCSV" \ - -C "is a fatal alert message (msg 86)" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: enabled, openssl server" \ - "$O_SRV" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ - 1 \ - -c "adding FALLBACK_SCSV" \ - -c "is a fatal alert message (msg 86)" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: disabled, openssl client" \ - "$P_SRV debug_level=2" \ - "$O_CLI -tls1_1" \ - 0 \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: enabled, openssl client" \ - "$P_SRV debug_level=2" \ - "$O_CLI -tls1_1 -fallback_scsv" \ - 1 \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: enabled, max version, openssl client" \ - "$P_SRV debug_level=2" \ - "$O_CLI -fallback_scsv" \ - 0 \ - -s "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - -# Test sending and receiving empty application data records - -run_test "Encrypt then MAC: empty application data record" \ - "$P_SRV auth_mode=none debug_level=4 etm=1" \ - "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \ - -s "dumping 'input payload after decrypt' (0 bytes)" \ - -c "0 bytes written in 1 fragments" - -run_test "Default, no Encrypt then MAC: empty application data record" \ - "$P_SRV auth_mode=none debug_level=4 etm=0" \ - "$P_CLI auth_mode=none etm=0 request_size=0" \ - 0 \ - -s "dumping 'input payload after decrypt' (0 bytes)" \ - -c "0 bytes written in 1 fragments" - -run_test "Encrypt then MAC, DTLS: empty application data record" \ - "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \ - "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \ - 0 \ - -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \ - -s "dumping 'input payload after decrypt' (0 bytes)" \ - -c "0 bytes written in 1 fragments" - -run_test "Default, no Encrypt then MAC, DTLS: empty application data record" \ - "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \ - "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \ - 0 \ - -s "dumping 'input payload after decrypt' (0 bytes)" \ - -c "0 bytes written in 1 fragments" - -## ClientHello generated with -## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..." -## then manually twiddling the ciphersuite list. -## The ClientHello content is spelled out below as a hex string as -## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix". -## The expected response is an inappropriate_fallback alert. -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: beginning of list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \ - 0 \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: end of list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \ - 0 \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" - -## Here the expected response is a valid ServerHello prefix, up to the random. -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: not in list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \ - 0 \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - -# Tests for CBC 1/n-1 record splitting - -run_test "CBC Record splitting: TLS 1.2, no splitting" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1_2" \ - 0 \ - -s "Read from client: 123 bytes read" \ - -S "Read from client: 1 bytes read" \ - -S "122 bytes read" - -run_test "CBC Record splitting: TLS 1.1, no splitting" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1_1" \ - 0 \ - -s "Read from client: 123 bytes read" \ - -S "Read from client: 1 bytes read" \ - -S "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0, splitting" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1" \ - 0 \ - -S "Read from client: 123 bytes read" \ - -s "Read from client: 1 bytes read" \ - -s "122 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "CBC Record splitting: SSLv3, splitting" \ - "$P_SRV min_version=ssl3" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=ssl3" \ - 0 \ - -S "Read from client: 123 bytes read" \ - -s "Read from client: 1 bytes read" \ - -s "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ - request_size=123 force_version=tls1" \ - 0 \ - -s "Read from client: 123 bytes read" \ - -S "Read from client: 1 bytes read" \ - -S "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0, splitting disabled" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1 recsplit=0" \ - 0 \ - -s "Read from client: 123 bytes read" \ - -S "Read from client: 1 bytes read" \ - -S "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \ - "$P_SRV nbio=2" \ - "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1" \ - 0 \ - -S "Read from client: 123 bytes read" \ - -s "Read from client: 1 bytes read" \ - -s "122 bytes read" - -# Tests for Session Tickets - -run_test "Session resume using tickets: basic" \ - "$P_SRV debug_level=3 tickets=1" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using tickets: cache disabled" \ - "$P_SRV debug_level=3 tickets=1 cache_max=0" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using tickets: timeout" \ - "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -S "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -S "a session has been resumed" \ - -C "a session has been resumed" - -run_test "Session resume using tickets: openssl server" \ - "$O_SRV" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -c "a session has been resumed" - -run_test "Session resume using tickets: openssl client" \ - "$P_SRV debug_level=3 tickets=1" \ - "( $O_CLI -sess_out $SESSION; \ - $O_CLI -sess_in $SESSION; \ - rm -f $SESSION )" \ - 0 \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" - -# Tests for Session Tickets with DTLS - -run_test "Session resume using tickets, DTLS: basic" \ - "$P_SRV debug_level=3 dtls=1 tickets=1" \ - "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using tickets, DTLS: cache disabled" \ - "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ - "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using tickets, DTLS: timeout" \ - "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \ - "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_delay=2" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -S "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -S "a session has been resumed" \ - -C "a session has been resumed" - -run_test "Session resume using tickets, DTLS: openssl server" \ - "$O_SRV -dtls1" \ - "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -c "a session has been resumed" - -run_test "Session resume using tickets, DTLS: openssl client" \ - "$P_SRV dtls=1 debug_level=3 tickets=1" \ - "( $O_CLI -dtls1 -sess_out $SESSION; \ - $O_CLI -dtls1 -sess_in $SESSION; \ - rm -f $SESSION )" \ - 0 \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" - -# Tests for Session Resume based on session-ID and cache - -run_test "Session resume using cache: tickets enabled on client" \ - "$P_SRV debug_level=3 tickets=0" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache: tickets enabled on server" \ - "$P_SRV debug_level=3 tickets=1" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -C "client hello, adding session ticket extension" \ - -S "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache: cache_max=0" \ - "$P_SRV debug_level=3 tickets=0 cache_max=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -S "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -S "a session has been resumed" \ - -C "a session has been resumed" - -run_test "Session resume using cache: cache_max=1" \ - "$P_SRV debug_level=3 tickets=0 cache_max=1" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache: timeout > delay" \ - "$P_SRV debug_level=3 tickets=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ - 0 \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache: timeout < delay" \ - "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ - 0 \ - -S "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -S "a session has been resumed" \ - -C "a session has been resumed" - -run_test "Session resume using cache: no timeout" \ - "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ - 0 \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache: openssl client" \ - "$P_SRV debug_level=3 tickets=0" \ - "( $O_CLI -sess_out $SESSION; \ - $O_CLI -sess_in $SESSION; \ - rm -f $SESSION )" \ - 0 \ - -s "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" - -run_test "Session resume using cache: openssl server" \ - "$O_SRV" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -c "a session has been resumed" - -# Tests for Session Resume based on session-ID and cache, DTLS - -run_test "Session resume using cache, DTLS: tickets enabled on client" \ - "$P_SRV dtls=1 debug_level=3 tickets=0" \ - "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -s "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache, DTLS: tickets enabled on server" \ - "$P_SRV dtls=1 debug_level=3 tickets=1" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -C "client hello, adding session ticket extension" \ - -S "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache, DTLS: cache_max=0" \ - "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -S "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -S "a session has been resumed" \ - -C "a session has been resumed" - -run_test "Session resume using cache, DTLS: cache_max=1" \ - "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache, DTLS: timeout > delay" \ - "$P_SRV dtls=1 debug_level=3 tickets=0" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ - 0 \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache, DTLS: timeout < delay" \ - "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ - 0 \ - -S "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -S "a session has been resumed" \ - -C "a session has been resumed" - -run_test "Session resume using cache, DTLS: no timeout" \ - "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ - 0 \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" \ - -c "a session has been resumed" - -run_test "Session resume using cache, DTLS: openssl client" \ - "$P_SRV dtls=1 debug_level=3 tickets=0" \ - "( $O_CLI -dtls1 -sess_out $SESSION; \ - $O_CLI -dtls1 -sess_in $SESSION; \ - rm -f $SESSION )" \ - 0 \ - -s "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" - -run_test "Session resume using cache, DTLS: openssl server" \ - "$O_SRV -dtls1" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -c "a session has been resumed" - -# Tests for Max Fragment Length extension - -if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then - printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n" - exit 1 -fi - -if [ $MAX_CONTENT_LEN -ne 16384 ]; then - printf "Using non-default maximum content length $MAX_CONTENT_LEN\n" -fi - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: enabled, default" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ - 0 \ - -c "Maximum fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum fragment length is $MAX_CONTENT_LEN" \ - -C "client hello, adding max_fragment_length extension" \ - -S "found max fragment length extension" \ - -S "server hello, max_fragment_length extension" \ - -C "found max_fragment_length extension" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: enabled, default, larger message" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ - 0 \ - -c "Maximum fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum fragment length is $MAX_CONTENT_LEN" \ - -C "client hello, adding max_fragment_length extension" \ - -S "found max fragment length extension" \ - -S "server hello, max_fragment_length extension" \ - -C "found max_fragment_length extension" \ - -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ - -s "$MAX_CONTENT_LEN bytes read" \ - -s "1 bytes read" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length, DTLS: enabled, default, larger message" \ - "$P_SRV debug_level=3 dtls=1" \ - "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ - 1 \ - -c "Maximum fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum fragment length is $MAX_CONTENT_LEN" \ - -C "client hello, adding max_fragment_length extension" \ - -S "found max fragment length extension" \ - -S "server hello, max_fragment_length extension" \ - -C "found max_fragment_length extension" \ - -c "fragment larger than.*maximum " - -# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled -# (session fragment length will be 16384 regardless of mbedtls -# content length configuration.) - -requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: disabled, larger message" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ - 0 \ - -C "Maximum fragment length is 16384" \ - -S "Maximum fragment length is 16384" \ - -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ - -s "$MAX_CONTENT_LEN bytes read" \ - -s "1 bytes read" - -requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length DTLS: disabled, larger message" \ - "$P_SRV debug_level=3 dtls=1" \ - "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ - 1 \ - -C "Maximum fragment length is 16384" \ - -S "Maximum fragment length is 16384" \ - -c "fragment larger than.*maximum " - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: used by client" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 max_frag_len=4096" \ - 0 \ - -c "Maximum fragment length is 4096" \ - -s "Maximum fragment length is 4096" \ - -c "client hello, adding max_fragment_length extension" \ - -s "found max fragment length extension" \ - -s "server hello, max_fragment_length extension" \ - -c "found max_fragment_length extension" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: used by server" \ - "$P_SRV debug_level=3 max_frag_len=4096" \ - "$P_CLI debug_level=3" \ - 0 \ - -c "Maximum fragment length is $MAX_CONTENT_LEN" \ - -s "Maximum fragment length is 4096" \ - -C "client hello, adding max_fragment_length extension" \ - -S "found max fragment length extension" \ - -S "server hello, max_fragment_length extension" \ - -C "found max_fragment_length extension" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_gnutls -run_test "Max fragment length: gnutls server" \ - "$G_SRV" \ - "$P_CLI debug_level=3 max_frag_len=4096" \ - 0 \ - -c "Maximum fragment length is 4096" \ - -c "client hello, adding max_fragment_length extension" \ - -c "found max_fragment_length extension" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: client, message just fits" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \ - 0 \ - -c "Maximum fragment length is 2048" \ - -s "Maximum fragment length is 2048" \ - -c "client hello, adding max_fragment_length extension" \ - -s "found max fragment length extension" \ - -s "server hello, max_fragment_length extension" \ - -c "found max_fragment_length extension" \ - -c "2048 bytes written in 1 fragments" \ - -s "2048 bytes read" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: client, larger message" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \ - 0 \ - -c "Maximum fragment length is 2048" \ - -s "Maximum fragment length is 2048" \ - -c "client hello, adding max_fragment_length extension" \ - -s "found max fragment length extension" \ - -s "server hello, max_fragment_length extension" \ - -c "found max_fragment_length extension" \ - -c "2345 bytes written in 2 fragments" \ - -s "2048 bytes read" \ - -s "297 bytes read" - -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length: DTLS client, larger message" \ - "$P_SRV debug_level=3 dtls=1" \ - "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \ - 1 \ - -c "Maximum fragment length is 2048" \ - -s "Maximum fragment length is 2048" \ - -c "client hello, adding max_fragment_length extension" \ - -s "found max fragment length extension" \ - -s "server hello, max_fragment_length extension" \ - -c "found max_fragment_length extension" \ - -c "fragment larger than.*maximum" - -# Tests for renegotiation - -# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION -run_test "Renegotiation: none, for reference" \ - "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -S "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: client-initiated" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -S "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: server-initiated" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" - -# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that -# the server did not parse the Signature Algorithm extension. This test is valid only if an MD -# algorithm stronger than SHA-1 is enabled in config.h -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -S "write hello request" \ - -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? - -# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that -# the server did not parse the Signature Algorithm extension. This test is valid only if an MD -# algorithm stronger than SHA-1 is enabled in config.h -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" \ - -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: double" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: client-initiated, server-rejected" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ - 1 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -S "=> renegotiate" \ - -S "write hello request" \ - -c "SSL - Unexpected message at ServerHello in renegotiation" \ - -c "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: server-initiated, client-rejected, default" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -s "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ - renego_delay=-1 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -s "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -# delay 2 for 1 alert record + 1 application data record -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ - renego_delay=2 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -s "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ - renego_delay=0 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -s "write hello request" \ - -s "SSL - An unexpected message was received from our peer" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ - renego_delay=0 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: periodic, just below period" \ - "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -S "record counter limit reached: renegotiate" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -S "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -# one extra exchange to be able to complete renego -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: periodic, just above period" \ - "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -s "record counter limit reached: renegotiate" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: periodic, two times period" \ - "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -s "record counter limit reached: renegotiate" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: periodic, above period, disabled" \ - "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ - 0 \ - -C "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -S "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -S "record counter limit reached: renegotiate" \ - -C "=> renegotiate" \ - -S "=> renegotiate" \ - -S "write hello request" \ - -S "SSL - An unexpected message was received from our peer" \ - -S "failed" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: nbio, client-initiated" \ - "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \ - "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -S "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: nbio, server-initiated" \ - "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ - "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: openssl server, client-initiated" \ - "$O_SRV -www" \ - "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -C "ssl_hanshake() returned" \ - -C "error" \ - -c "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: gnutls server strict, client-initiated" \ - "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -C "ssl_hanshake() returned" \ - -C "error" \ - -c "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: gnutls server unsafe, client-initiated default" \ - "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ - 1 \ - -c "client hello, adding renegotiation extension" \ - -C "found renegotiation extension" \ - -c "=> renegotiate" \ - -c "mbedtls_ssl_handshake() returned" \ - -c "error" \ - -C "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \ - "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ - allow_legacy=0" \ - 1 \ - -c "client hello, adding renegotiation extension" \ - -C "found renegotiation extension" \ - -c "=> renegotiate" \ - -c "mbedtls_ssl_handshake() returned" \ - -c "error" \ - -C "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \ - "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ - allow_legacy=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -C "found renegotiation extension" \ - -c "=> renegotiate" \ - -C "ssl_hanshake() returned" \ - -C "error" \ - -c "HTTP/1.0 200 [Oo][Kk]" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: DTLS, client-initiated" \ - "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \ - "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -S "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: DTLS, server-initiated" \ - "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ - "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \ - read_timeout=1000 max_resend=2" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" - -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: DTLS, renego_period overflow" \ - "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \ - "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ - -s "found renegotiation extension" \ - -s "server hello, secure renegotiation extension" \ - -s "record counter limit reached: renegotiate" \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "write hello request" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ - "$G_SRV -u --mtu 4096" \ - "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \ - 0 \ - -c "client hello, adding renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -C "mbedtls_ssl_handshake returned" \ - -C "error" \ - -s "Extra-header:" - -# Test for the "secure renegotation" extension only (no actual renegotiation) - -requires_gnutls -run_test "Renego ext: gnutls server strict, client default" \ - "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3" \ - 0 \ - -c "found renegotiation extension" \ - -C "error" \ - -c "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -run_test "Renego ext: gnutls server unsafe, client default" \ - "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3" \ - 0 \ - -C "found renegotiation extension" \ - -C "error" \ - -c "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -run_test "Renego ext: gnutls server unsafe, client break legacy" \ - "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3 allow_legacy=-1" \ - 1 \ - -C "found renegotiation extension" \ - -c "error" \ - -C "HTTP/1.0 200 [Oo][Kk]" - -requires_gnutls -run_test "Renego ext: gnutls client strict, server default" \ - "$P_SRV debug_level=3" \ - "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \ - 0 \ - -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ - -s "server hello, secure renegotiation extension" - -requires_gnutls -run_test "Renego ext: gnutls client unsafe, server default" \ - "$P_SRV debug_level=3" \ - "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \ - 0 \ - -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ - -S "server hello, secure renegotiation extension" - -requires_gnutls -run_test "Renego ext: gnutls client unsafe, server break legacy" \ - "$P_SRV debug_level=3 allow_legacy=-1" \ - "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \ - 1 \ - -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ - -S "server hello, secure renegotiation extension" - -# Tests for silently dropping trailing extra bytes in .der certificates - -requires_gnutls -run_test "DER format: no trailing bytes" \ - "$P_SRV crt_file=data_files/server5-der0.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -requires_gnutls -run_test "DER format: with a trailing zero byte" \ - "$P_SRV crt_file=data_files/server5-der1a.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -requires_gnutls -run_test "DER format: with a trailing random byte" \ - "$P_SRV crt_file=data_files/server5-der1b.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -requires_gnutls -run_test "DER format: with 2 trailing random bytes" \ - "$P_SRV crt_file=data_files/server5-der2.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -requires_gnutls -run_test "DER format: with 4 trailing random bytes" \ - "$P_SRV crt_file=data_files/server5-der4.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -requires_gnutls -run_test "DER format: with 8 trailing random bytes" \ - "$P_SRV crt_file=data_files/server5-der8.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -requires_gnutls -run_test "DER format: with 9 trailing random bytes" \ - "$P_SRV crt_file=data_files/server5-der9.crt \ - key_file=data_files/server5.key" \ - "$G_CLI localhost" \ - 0 \ - -c "Handshake was completed" \ - -# Tests for auth_mode - -run_test "Authentication: server badcert, client required" \ - "$P_SRV crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - "$P_CLI debug_level=1 auth_mode=required" \ - 1 \ - -c "x509_verify_cert() returned" \ - -c "! The certificate is not correctly signed by the trusted CA" \ - -c "! mbedtls_ssl_handshake returned" \ - -c "X509 - Certificate verification failed" - -run_test "Authentication: server badcert, client optional" \ - "$P_SRV crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - "$P_CLI debug_level=1 auth_mode=optional" \ - 0 \ - -c "x509_verify_cert() returned" \ - -c "! The certificate is not correctly signed by the trusted CA" \ - -C "! mbedtls_ssl_handshake returned" \ - -C "X509 - Certificate verification failed" - -run_test "Authentication: server goodcert, client optional, no trusted CA" \ - "$P_SRV" \ - "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ - 0 \ - -c "x509_verify_cert() returned" \ - -c "! The certificate is not correctly signed by the trusted CA" \ - -c "! Certificate verification flags"\ - -C "! mbedtls_ssl_handshake returned" \ - -C "X509 - Certificate verification failed" \ - -C "SSL - No CA Chain is set, but required to operate" - -run_test "Authentication: server goodcert, client required, no trusted CA" \ - "$P_SRV" \ - "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \ - 1 \ - -c "x509_verify_cert() returned" \ - -c "! The certificate is not correctly signed by the trusted CA" \ - -c "! Certificate verification flags"\ - -c "! mbedtls_ssl_handshake returned" \ - -c "SSL - No CA Chain is set, but required to operate" - -# The purpose of the next two tests is to test the client's behaviour when receiving a server -# certificate with an unsupported elliptic curve. This should usually not happen because -# the client informs the server about the supported curves - it does, though, in the -# corner case of a static ECDH suite, because the server doesn't check the curve on that -# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a -# different means to have the server ignoring the client's supported curve list. - -requires_config_enabled MBEDTLS_ECP_C -run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \ - "$P_SRV debug_level=1 key_file=data_files/server5.key \ - crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \ - 1 \ - -c "bad certificate (EC key curve)"\ - -c "! Certificate verification flags"\ - -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage - -requires_config_enabled MBEDTLS_ECP_C -run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \ - "$P_SRV debug_level=1 key_file=data_files/server5.key \ - crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \ - 1 \ - -c "bad certificate (EC key curve)"\ - -c "! Certificate verification flags"\ - -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check - -run_test "Authentication: server badcert, client none" \ - "$P_SRV crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - "$P_CLI debug_level=1 auth_mode=none" \ - 0 \ - -C "x509_verify_cert() returned" \ - -C "! The certificate is not correctly signed by the trusted CA" \ - -C "! mbedtls_ssl_handshake returned" \ - -C "X509 - Certificate verification failed" - -run_test "Authentication: client SHA256, server required" \ - "$P_SRV auth_mode=required" \ - "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ - key_file=data_files/server6.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ - 0 \ - -c "Supported Signature Algorithm found: 4," \ - -c "Supported Signature Algorithm found: 5," - -run_test "Authentication: client SHA384, server required" \ - "$P_SRV auth_mode=required" \ - "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ - key_file=data_files/server6.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ - 0 \ - -c "Supported Signature Algorithm found: 4," \ - -c "Supported Signature Algorithm found: 5," - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Authentication: client has no cert, server required (SSLv3)" \ - "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \ - "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \ - key_file=data_files/server5.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -c "got no certificate to send" \ - -S "x509_verify_cert() returned" \ - -s "client has no certificate" \ - -s "! mbedtls_ssl_handshake returned" \ - -c "! mbedtls_ssl_handshake returned" \ - -s "No client certification received from the client, but required by the authentication mode" - -run_test "Authentication: client has no cert, server required (TLS)" \ - "$P_SRV debug_level=3 auth_mode=required" \ - "$P_CLI debug_level=3 crt_file=none \ - key_file=data_files/server5.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -c "= write certificate$" \ - -C "skip write certificate$" \ - -S "x509_verify_cert() returned" \ - -s "client has no certificate" \ - -s "! mbedtls_ssl_handshake returned" \ - -c "! mbedtls_ssl_handshake returned" \ - -s "No client certification received from the client, but required by the authentication mode" - -run_test "Authentication: client badcert, server required" \ - "$P_SRV debug_level=3 auth_mode=required" \ - "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -s "! The certificate is not correctly signed by the trusted CA" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "send alert level=2 message=48" \ - -c "! mbedtls_ssl_handshake returned" \ - -s "X509 - Certificate verification failed" -# We don't check that the client receives the alert because it might -# detect that its write end of the connection is closed and abort -# before reading the alert message. - -run_test "Authentication: client cert not trusted, server required" \ - "$P_SRV debug_level=3 auth_mode=required" \ - "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ - key_file=data_files/server5.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -s "! The certificate is not correctly signed by the trusted CA" \ - -s "! mbedtls_ssl_handshake returned" \ - -c "! mbedtls_ssl_handshake returned" \ - -s "X509 - Certificate verification failed" - -run_test "Authentication: client badcert, server optional" \ - "$P_SRV debug_level=3 auth_mode=optional" \ - "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -s "! The certificate is not correctly signed by the trusted CA" \ - -S "! mbedtls_ssl_handshake returned" \ - -C "! mbedtls_ssl_handshake returned" \ - -S "X509 - Certificate verification failed" - -run_test "Authentication: client badcert, server none" \ - "$P_SRV debug_level=3 auth_mode=none" \ - "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - 0 \ - -s "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got no certificate request" \ - -c "skip write certificate" \ - -c "skip write certificate verify" \ - -s "skip parse certificate verify" \ - -S "x509_verify_cert() returned" \ - -S "! The certificate is not correctly signed by the trusted CA" \ - -S "! mbedtls_ssl_handshake returned" \ - -C "! mbedtls_ssl_handshake returned" \ - -S "X509 - Certificate verification failed" - -run_test "Authentication: client no cert, server optional" \ - "$P_SRV debug_level=3 auth_mode=optional" \ - "$P_CLI debug_level=3 crt_file=none key_file=none" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate$" \ - -C "got no certificate to send" \ - -S "SSLv3 client has no certificate" \ - -c "skip write certificate verify" \ - -s "skip parse certificate verify" \ - -s "! Certificate was missing" \ - -S "! mbedtls_ssl_handshake returned" \ - -C "! mbedtls_ssl_handshake returned" \ - -S "X509 - Certificate verification failed" - -run_test "Authentication: openssl client no cert, server optional" \ - "$P_SRV debug_level=3 auth_mode=optional" \ - "$O_CLI" \ - 0 \ - -S "skip write certificate request" \ - -s "skip parse certificate verify" \ - -s "! Certificate was missing" \ - -S "! mbedtls_ssl_handshake returned" \ - -S "X509 - Certificate verification failed" - -run_test "Authentication: client no cert, openssl server optional" \ - "$O_SRV -verify 10" \ - "$P_CLI debug_level=3 crt_file=none key_file=none" \ - 0 \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate$" \ - -c "skip write certificate verify" \ - -C "! mbedtls_ssl_handshake returned" - -run_test "Authentication: client no cert, openssl server required" \ - "$O_SRV -Verify 10" \ - "$P_CLI debug_level=3 crt_file=none key_file=none" \ - 1 \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate$" \ - -c "skip write certificate verify" \ - -c "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Authentication: client no cert, ssl3" \ - "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \ - "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate$" \ - -c "skip write certificate verify" \ - -c "got no certificate to send" \ - -s "SSLv3 client has no certificate" \ - -s "skip parse certificate verify" \ - -s "! Certificate was missing" \ - -S "! mbedtls_ssl_handshake returned" \ - -C "! mbedtls_ssl_handshake returned" \ - -S "X509 - Certificate verification failed" - -# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its -# default value (8) - -MAX_IM_CA='8' -MAX_IM_CA_CONFIG=$( ../scripts/config.pl get MBEDTLS_X509_MAX_INTERMEDIATE_CA) - -if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then - printf "The ${CONFIG_H} file contains a value for the configuration of\n" - printf "MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script’s\n" - printf "test value of ${MAX_IM_CA}. \n" - printf "\n" - printf "The tests assume this value and if it changes, the tests in this\n" - printf "script should also be adjusted.\n" - printf "\n" - - exit 1 -fi - -requires_full_size_output_buffer -run_test "Authentication: server max_int chain, client default" \ - "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ - key_file=data_files/dir-maxpath/09.key" \ - "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \ - 0 \ - -C "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: server max_int+1 chain, client default" \ - "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ - key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \ - 1 \ - -c "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: server max_int+1 chain, client optional" \ - "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ - key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ - auth_mode=optional" \ - 1 \ - -c "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: server max_int+1 chain, client none" \ - "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ - key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ - auth_mode=none" \ - 0 \ - -C "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: client max_int+1 chain, server default" \ - "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \ - "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ - key_file=data_files/dir-maxpath/10.key" \ - 0 \ - -S "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: client max_int+1 chain, server optional" \ - "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ - "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ - key_file=data_files/dir-maxpath/10.key" \ - 1 \ - -s "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: client max_int+1 chain, server required" \ - "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ - "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ - key_file=data_files/dir-maxpath/10.key" \ - 1 \ - -s "X509 - A fatal error occurred" - -requires_full_size_output_buffer -run_test "Authentication: client max_int chain, server required" \ - "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ - "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \ - key_file=data_files/dir-maxpath/09.key" \ - 0 \ - -S "X509 - A fatal error occurred" - -# Tests for CA list in CertificateRequest messages - -run_test "Authentication: send CA list in CertificateRequest (default)" \ - "$P_SRV debug_level=3 auth_mode=required" \ - "$P_CLI crt_file=data_files/server6.crt \ - key_file=data_files/server6.key" \ - 0 \ - -s "requested DN" - -run_test "Authentication: do not send CA list in CertificateRequest" \ - "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ - "$P_CLI crt_file=data_files/server6.crt \ - key_file=data_files/server6.key" \ - 0 \ - -S "requested DN" - -run_test "Authentication: send CA list in CertificateRequest, client self signed" \ - "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ - "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ - key_file=data_files/server5.key" \ - 1 \ - -S "requested DN" \ - -s "x509_verify_cert() returned" \ - -s "! The certificate is not correctly signed by the trusted CA" \ - -s "! mbedtls_ssl_handshake returned" \ - -c "! mbedtls_ssl_handshake returned" \ - -s "X509 - Certificate verification failed" - -# Tests for certificate selection based on SHA verson - -run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server5-sha1.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1_2" \ - 0 \ - -c "signed using.*ECDSA with SHA256" \ - -C "signed using.*ECDSA with SHA1" - -run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server5-sha1.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -C "signed using.*ECDSA with SHA256" \ - -c "signed using.*ECDSA with SHA1" - -run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server5-sha1.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1" \ - 0 \ - -C "signed using.*ECDSA with SHA256" \ - -c "signed using.*ECDSA with SHA1" - -run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server6.crt \ - key_file2=data_files/server6.key" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -c "serial number.*09" \ - -c "signed using.*ECDSA with SHA256" \ - -C "signed using.*ECDSA with SHA1" - -run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ - "$P_SRV crt_file=data_files/server6.crt \ - key_file=data_files/server6.key \ - crt_file2=data_files/server5.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -c "serial number.*0A" \ - -c "signed using.*ECDSA with SHA256" \ - -C "signed using.*ECDSA with SHA1" - -# tests for SNI - -run_test "SNI: no SNI callback" \ - "$P_SRV debug_level=3 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key" \ - "$P_CLI server_name=localhost" \ - 0 \ - -S "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=localhost" - -run_test "SNI: matching cert 1" \ - "$P_SRV debug_level=3 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=localhost" \ - 0 \ - -s "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=localhost" - -run_test "SNI: matching cert 2" \ - "$P_SRV debug_level=3 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=polarssl.example" \ - 0 \ - -s "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" - -run_test "SNI: no matching cert" \ - "$P_SRV debug_level=3 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=nonesuch.example" \ - 1 \ - -s "parse ServerName extension" \ - -s "ssl_sni_wrapper() returned" \ - -s "mbedtls_ssl_handshake returned" \ - -c "mbedtls_ssl_handshake returned" \ - -c "SSL - A fatal alert message was received from our peer" - -run_test "SNI: client auth no override: optional" \ - "$P_SRV debug_level=3 auth_mode=optional \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \ - "$P_CLI debug_level=3 server_name=localhost" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" - -run_test "SNI: client auth override: none -> optional" \ - "$P_SRV debug_level=3 auth_mode=none \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \ - "$P_CLI debug_level=3 server_name=localhost" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" - -run_test "SNI: client auth override: optional -> none" \ - "$P_SRV debug_level=3 auth_mode=optional \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \ - "$P_CLI debug_level=3 server_name=localhost" \ - 0 \ - -s "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got no certificate request" \ - -c "skip write certificate" \ - -c "skip write certificate verify" \ - -s "skip parse certificate verify" - -run_test "SNI: CA no override" \ - "$P_SRV debug_level=3 auth_mode=optional \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - ca_file=data_files/test-ca.crt \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \ - "$P_CLI debug_level=3 server_name=localhost \ - crt_file=data_files/server6.crt key_file=data_files/server6.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -s "! The certificate is not correctly signed by the trusted CA" \ - -S "The certificate has been revoked (is on a CRL)" - -run_test "SNI: CA override" \ - "$P_SRV debug_level=3 auth_mode=optional \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - ca_file=data_files/test-ca.crt \ - sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \ - "$P_CLI debug_level=3 server_name=localhost \ - crt_file=data_files/server6.crt key_file=data_files/server6.key" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -S "x509_verify_cert() returned" \ - -S "! The certificate is not correctly signed by the trusted CA" \ - -S "The certificate has been revoked (is on a CRL)" - -run_test "SNI: CA override with CRL" \ - "$P_SRV debug_level=3 auth_mode=optional \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - ca_file=data_files/test-ca.crt \ - sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \ - "$P_CLI debug_level=3 server_name=localhost \ - crt_file=data_files/server6.crt key_file=data_files/server6.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -S "! The certificate is not correctly signed by the trusted CA" \ - -s "The certificate has been revoked (is on a CRL)" - -# Tests for SNI and DTLS - -run_test "SNI: DTLS, no SNI callback" \ - "$P_SRV debug_level=3 dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key" \ - "$P_CLI server_name=localhost dtls=1" \ - 0 \ - -S "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=localhost" - -run_test "SNI: DTLS, matching cert 1" \ - "$P_SRV debug_level=3 dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=localhost dtls=1" \ - 0 \ - -s "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=localhost" - -run_test "SNI: DTLS, matching cert 2" \ - "$P_SRV debug_level=3 dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=polarssl.example dtls=1" \ - 0 \ - -s "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" - -run_test "SNI: DTLS, no matching cert" \ - "$P_SRV debug_level=3 dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=nonesuch.example dtls=1" \ - 1 \ - -s "parse ServerName extension" \ - -s "ssl_sni_wrapper() returned" \ - -s "mbedtls_ssl_handshake returned" \ - -c "mbedtls_ssl_handshake returned" \ - -c "SSL - A fatal alert message was received from our peer" - -run_test "SNI: DTLS, client auth no override: optional" \ - "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \ - "$P_CLI debug_level=3 server_name=localhost dtls=1" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" - -run_test "SNI: DTLS, client auth override: none -> optional" \ - "$P_SRV debug_level=3 auth_mode=none dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \ - "$P_CLI debug_level=3 server_name=localhost dtls=1" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" - -run_test "SNI: DTLS, client auth override: optional -> none" \ - "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \ - "$P_CLI debug_level=3 server_name=localhost dtls=1" \ - 0 \ - -s "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got no certificate request" \ - -c "skip write certificate" \ - -c "skip write certificate verify" \ - -s "skip parse certificate verify" - -run_test "SNI: DTLS, CA no override" \ - "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - ca_file=data_files/test-ca.crt \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \ - "$P_CLI debug_level=3 server_name=localhost dtls=1 \ - crt_file=data_files/server6.crt key_file=data_files/server6.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -s "! The certificate is not correctly signed by the trusted CA" \ - -S "The certificate has been revoked (is on a CRL)" - -run_test "SNI: DTLS, CA override" \ - "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - ca_file=data_files/test-ca.crt \ - sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \ - "$P_CLI debug_level=3 server_name=localhost dtls=1 \ - crt_file=data_files/server6.crt key_file=data_files/server6.key" \ - 0 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -S "x509_verify_cert() returned" \ - -S "! The certificate is not correctly signed by the trusted CA" \ - -S "The certificate has been revoked (is on a CRL)" - -run_test "SNI: DTLS, CA override with CRL" \ - "$P_SRV debug_level=3 auth_mode=optional \ - crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \ - ca_file=data_files/test-ca.crt \ - sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \ - "$P_CLI debug_level=3 server_name=localhost dtls=1 \ - crt_file=data_files/server6.crt key_file=data_files/server6.key" \ - 1 \ - -S "skip write certificate request" \ - -C "skip parse certificate request" \ - -c "got a certificate request" \ - -C "skip write certificate" \ - -C "skip write certificate verify" \ - -S "skip parse certificate verify" \ - -s "x509_verify_cert() returned" \ - -S "! The certificate is not correctly signed by the trusted CA" \ - -s "The certificate has been revoked (is on a CRL)" - -# Tests for non-blocking I/O: exercise a variety of handshake flows - -run_test "Non-blocking I/O: basic handshake" \ - "$P_SRV nbio=2 tickets=0 auth_mode=none" \ - "$P_CLI nbio=2 tickets=0" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Non-blocking I/O: client auth" \ - "$P_SRV nbio=2 tickets=0 auth_mode=required" \ - "$P_CLI nbio=2 tickets=0" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Non-blocking I/O: ticket" \ - "$P_SRV nbio=2 tickets=1 auth_mode=none" \ - "$P_CLI nbio=2 tickets=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Non-blocking I/O: ticket + client auth" \ - "$P_SRV nbio=2 tickets=1 auth_mode=required" \ - "$P_CLI nbio=2 tickets=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Non-blocking I/O: ticket + client auth + resume" \ - "$P_SRV nbio=2 tickets=1 auth_mode=required" \ - "$P_CLI nbio=2 tickets=1 reconnect=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Non-blocking I/O: ticket + resume" \ - "$P_SRV nbio=2 tickets=1 auth_mode=none" \ - "$P_CLI nbio=2 tickets=1 reconnect=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Non-blocking I/O: session-id resume" \ - "$P_SRV nbio=2 tickets=0 auth_mode=none" \ - "$P_CLI nbio=2 tickets=0 reconnect=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -# Tests for event-driven I/O: exercise a variety of handshake flows - -run_test "Event-driven I/O: basic handshake" \ - "$P_SRV event=1 tickets=0 auth_mode=none" \ - "$P_CLI event=1 tickets=0" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O: client auth" \ - "$P_SRV event=1 tickets=0 auth_mode=required" \ - "$P_CLI event=1 tickets=0" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O: ticket" \ - "$P_SRV event=1 tickets=1 auth_mode=none" \ - "$P_CLI event=1 tickets=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O: ticket + client auth" \ - "$P_SRV event=1 tickets=1 auth_mode=required" \ - "$P_CLI event=1 tickets=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O: ticket + client auth + resume" \ - "$P_SRV event=1 tickets=1 auth_mode=required" \ - "$P_CLI event=1 tickets=1 reconnect=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O: ticket + resume" \ - "$P_SRV event=1 tickets=1 auth_mode=none" \ - "$P_CLI event=1 tickets=1 reconnect=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O: session-id resume" \ - "$P_SRV event=1 tickets=0 auth_mode=none" \ - "$P_CLI event=1 tickets=0 reconnect=1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: basic handshake" \ - "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \ - "$P_CLI dtls=1 event=1 tickets=0" \ - 0 \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: client auth" \ - "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \ - "$P_CLI dtls=1 event=1 tickets=0" \ - 0 \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: ticket" \ - "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ - "$P_CLI dtls=1 event=1 tickets=1" \ - 0 \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: ticket + client auth" \ - "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ - "$P_CLI dtls=1 event=1 tickets=1" \ - 0 \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \ - "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ - "$P_CLI dtls=1 event=1 tickets=1 reconnect=1" \ - 0 \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: ticket + resume" \ - "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ - "$P_CLI dtls=1 event=1 tickets=1 reconnect=1" \ - 0 \ - -c "Read from server: .* bytes read" - -run_test "Event-driven I/O, DTLS: session-id resume" \ - "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \ - "$P_CLI dtls=1 event=1 tickets=0 reconnect=1" \ - 0 \ - -c "Read from server: .* bytes read" - -# This test demonstrates the need for the mbedtls_ssl_check_pending function. -# During session resumption, the client will send its ApplicationData record -# within the same datagram as the Finished messages. In this situation, the -# server MUST NOT idle on the underlying transport after handshake completion, -# because the ApplicationData request has already been queued internally. -run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \ - -p "$P_PXY pack=50" \ - "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \ - "$P_CLI dtls=1 event=1 tickets=0 reconnect=1" \ - 0 \ - -c "Read from server: .* bytes read" - -# Tests for version negotiation - -run_test "Version check: all -> 1.2" \ - "$P_SRV" \ - "$P_CLI" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.2" \ - -c "Protocol is TLSv1.2" - -run_test "Version check: cli max 1.1 -> 1.1" \ - "$P_SRV" \ - "$P_CLI max_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: srv max 1.1 -> 1.1" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli+srv max 1.1 -> 1.1" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI max_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ - "$P_SRV min_version=tls1_1" \ - "$P_CLI max_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI min_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI min_version=tls1_2" \ - 1 \ - -s "mbedtls_ssl_handshake returned" \ - -c "mbedtls_ssl_handshake returned" \ - -c "SSL - Handshake protocol not within min/max boundaries" - -run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ - "$P_SRV min_version=tls1_2" \ - "$P_CLI max_version=tls1_1" \ - 1 \ - -s "mbedtls_ssl_handshake returned" \ - -c "mbedtls_ssl_handshake returned" \ - -s "SSL - Handshake protocol not within min/max boundaries" - -# Tests for ALPN extension - -run_test "ALPN: none" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ - 0 \ - -C "client hello, adding alpn extension" \ - -S "found alpn extension" \ - -C "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ - -C "found alpn extension " \ - -C "Application Layer Protocol is" \ - -S "Application Layer Protocol is" - -run_test "ALPN: client only" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 alpn=abc,1234" \ - 0 \ - -c "client hello, adding alpn extension" \ - -s "found alpn extension" \ - -C "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ - -C "found alpn extension " \ - -c "Application Layer Protocol is (none)" \ - -S "Application Layer Protocol is" - -run_test "ALPN: server only" \ - "$P_SRV debug_level=3 alpn=abc,1234" \ - "$P_CLI debug_level=3" \ - 0 \ - -C "client hello, adding alpn extension" \ - -S "found alpn extension" \ - -C "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ - -C "found alpn extension " \ - -C "Application Layer Protocol is" \ - -s "Application Layer Protocol is (none)" - -run_test "ALPN: both, common cli1-srv1" \ - "$P_SRV debug_level=3 alpn=abc,1234" \ - "$P_CLI debug_level=3 alpn=abc,1234" \ - 0 \ - -c "client hello, adding alpn extension" \ - -s "found alpn extension" \ - -C "got an alert message, type: \\[2:120]" \ - -s "server hello, adding alpn extension" \ - -c "found alpn extension" \ - -c "Application Layer Protocol is abc" \ - -s "Application Layer Protocol is abc" - -run_test "ALPN: both, common cli2-srv1" \ - "$P_SRV debug_level=3 alpn=abc,1234" \ - "$P_CLI debug_level=3 alpn=1234,abc" \ - 0 \ - -c "client hello, adding alpn extension" \ - -s "found alpn extension" \ - -C "got an alert message, type: \\[2:120]" \ - -s "server hello, adding alpn extension" \ - -c "found alpn extension" \ - -c "Application Layer Protocol is abc" \ - -s "Application Layer Protocol is abc" - -run_test "ALPN: both, common cli1-srv2" \ - "$P_SRV debug_level=3 alpn=abc,1234" \ - "$P_CLI debug_level=3 alpn=1234,abcde" \ - 0 \ - -c "client hello, adding alpn extension" \ - -s "found alpn extension" \ - -C "got an alert message, type: \\[2:120]" \ - -s "server hello, adding alpn extension" \ - -c "found alpn extension" \ - -c "Application Layer Protocol is 1234" \ - -s "Application Layer Protocol is 1234" - -run_test "ALPN: both, no common" \ - "$P_SRV debug_level=3 alpn=abc,123" \ - "$P_CLI debug_level=3 alpn=1234,abcde" \ - 1 \ - -c "client hello, adding alpn extension" \ - -s "found alpn extension" \ - -c "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ - -C "found alpn extension" \ - -C "Application Layer Protocol is 1234" \ - -S "Application Layer Protocol is 1234" - - -# Tests for keyUsage in leaf certificates, part 1: -# server-side certificate/suite selection - -run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \ - "$P_SRV key_file=data_files/server2.key \ - crt_file=data_files/server2.ku-ds.crt" \ - "$P_CLI" \ - 0 \ - -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" - - -run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \ - "$P_SRV key_file=data_files/server2.key \ - crt_file=data_files/server2.ku-ke.crt" \ - "$P_CLI" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-" - -run_test "keyUsage srv: RSA, keyAgreement -> fail" \ - "$P_SRV key_file=data_files/server2.key \ - crt_file=data_files/server2.ku-ka.crt" \ - "$P_CLI" \ - 1 \ - -C "Ciphersuite is " - -run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.ku-ds.crt" \ - "$P_CLI" \ - 0 \ - -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-" - - -run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI" \ - 0 \ - -c "Ciphersuite is TLS-ECDH-" - -run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.ku-ke.crt" \ - "$P_CLI" \ - 1 \ - -C "Ciphersuite is " - -# Tests for keyUsage in leaf certificates, part 2: -# client-side checking of server cert - -run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ds_ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ds_ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "keyUsage cli: KeyEncipherment, RSA: OK" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -c "bad certificate (usage extensions)" \ - -c "Processing of the Certificate handshake message failed" \ - -C "Ciphersuite is TLS-" - -run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ke.crt" \ - "$P_CLI debug_level=1 auth_mode=optional \ - force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -c "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" \ - -c "! Usage does not match the keyUsage extension" - -run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ds.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "keyUsage cli: DigitalSignature, RSA: fail" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ds.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -c "bad certificate (usage extensions)" \ - -c "Processing of the Certificate handshake message failed" \ - -C "Ciphersuite is TLS-" - -run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ - "$O_SRV -key data_files/server2.key \ - -cert data_files/server2.ku-ds.crt" \ - "$P_CLI debug_level=1 auth_mode=optional \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -c "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" \ - -c "! Usage does not match the keyUsage extension" - -# Tests for keyUsage in leaf certificates, part 3: -# server-side checking of client cert - -run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server2.key \ - -cert data_files/server2.ku-ds.crt" \ - 0 \ - -S "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server2.key \ - -cert data_files/server2.ku-ke.crt" \ - 0 \ - -s "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \ - "$P_SRV debug_level=1 auth_mode=required" \ - "$O_CLI -key data_files/server2.key \ - -cert data_files/server2.ku-ke.crt" \ - 1 \ - -s "bad certificate (usage extensions)" \ - -s "Processing of the Certificate handshake message failed" - -run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.ku-ds.crt" \ - 0 \ - -S "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.ku-ka.crt" \ - 0 \ - -s "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection - -run_test "extKeyUsage srv: serverAuth -> OK" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.eku-srv.crt" \ - "$P_CLI" \ - 0 - -run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.eku-srv.crt" \ - "$P_CLI" \ - 0 - -run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.eku-cs_any.crt" \ - "$P_CLI" \ - 0 - -run_test "extKeyUsage srv: codeSign -> fail" \ - "$P_SRV key_file=data_files/server5.key \ - crt_file=data_files/server5.eku-cli.crt" \ - "$P_CLI" \ - 1 - -# Tests for extendedKeyUsage, part 2: client-side checking of server cert - -run_test "extKeyUsage cli: serverAuth -> OK" \ - "$O_SRV -key data_files/server5.key \ - -cert data_files/server5.eku-srv.crt" \ - "$P_CLI debug_level=1" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \ - "$O_SRV -key data_files/server5.key \ - -cert data_files/server5.eku-srv_cli.crt" \ - "$P_CLI debug_level=1" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \ - "$O_SRV -key data_files/server5.key \ - -cert data_files/server5.eku-cs_any.crt" \ - "$P_CLI debug_level=1" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - -run_test "extKeyUsage cli: codeSign -> fail" \ - "$O_SRV -key data_files/server5.key \ - -cert data_files/server5.eku-cs.crt" \ - "$P_CLI debug_level=1" \ - 1 \ - -c "bad certificate (usage extensions)" \ - -c "Processing of the Certificate handshake message failed" \ - -C "Ciphersuite is TLS-" - -# Tests for extendedKeyUsage, part 3: server-side checking of client cert - -run_test "extKeyUsage cli-auth: clientAuth -> OK" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.eku-cli.crt" \ - 0 \ - -S "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.eku-srv_cli.crt" \ - 0 \ - -S "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.eku-cs_any.crt" \ - 0 \ - -S "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \ - "$P_SRV debug_level=1 auth_mode=optional" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.eku-cs.crt" \ - 0 \ - -s "bad certificate (usage extensions)" \ - -S "Processing of the Certificate handshake message failed" - -run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \ - "$P_SRV debug_level=1 auth_mode=required" \ - "$O_CLI -key data_files/server5.key \ - -cert data_files/server5.eku-cs.crt" \ - 1 \ - -s "bad certificate (usage extensions)" \ - -s "Processing of the Certificate handshake message failed" - -# Tests for DHM parameters loading - -run_test "DHM parameters: reference" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=3" \ - 0 \ - -c "value of 'DHM: P ' (2048 bits)" \ - -c "value of 'DHM: G ' (2 bits)" - -run_test "DHM parameters: other parameters" \ - "$P_SRV dhm_file=data_files/dhparams.pem" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=3" \ - 0 \ - -c "value of 'DHM: P ' (1024 bits)" \ - -c "value of 'DHM: G ' (2 bits)" - -# Tests for DHM client-side size checking - -run_test "DHM size: server default, client default, OK" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=1" \ - 0 \ - -C "DHM prime too short:" - -run_test "DHM size: server default, client 2048, OK" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=1 dhmlen=2048" \ - 0 \ - -C "DHM prime too short:" - -run_test "DHM size: server 1024, client default, OK" \ - "$P_SRV dhm_file=data_files/dhparams.pem" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=1" \ - 0 \ - -C "DHM prime too short:" - -run_test "DHM size: server 1000, client default, rejected" \ - "$P_SRV dhm_file=data_files/dh.1000.pem" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=1" \ - 1 \ - -c "DHM prime too short:" - -run_test "DHM size: server default, client 2049, rejected" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - debug_level=1 dhmlen=2049" \ - 1 \ - -c "DHM prime too short:" - -# Tests for PSK callback - -run_test "PSK callback: psk, no callback" \ - "$P_SRV psk=abc123 psk_identity=foo" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123" \ - 0 \ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: opaque psk on client, no callback" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123 psk_opaque=1" \ - 0 \ - -c "skip PMS generation for opaque PSK"\ - -S "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=foo psk=abc123 psk_opaque=1" \ - 0 \ - -c "skip PMS generation for opaque PSK"\ - -S "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: opaque psk on client, no callback, EMS" \ - "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123 psk_opaque=1" \ - 0 \ - -c "skip PMS generation for opaque PSK"\ - -S "skip PMS generation for opaque PSK"\ - -c "using extended master secret"\ - -s "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ - "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=foo psk=abc123 psk_opaque=1" \ - 0 \ - -c "skip PMS generation for opaque PSK"\ - -S "skip PMS generation for opaque PSK"\ - -c "using extended master secret"\ - -s "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=foo psk=abc123" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ - "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123 extended_ms=1" \ - 0 \ - -c "using extended master secret"\ - -s "using extended master secret"\ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ - "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ - force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=foo psk=abc123 extended_ms=1" \ - 0 \ - -c "using extended master secret"\ - -s "using extended master secret"\ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=def psk=beef" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ - "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=abc psk=dead extended_ms=1" \ - 0 \ - -c "using extended master secret"\ - -s "using extended master secret"\ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ - "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ - force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ - psk_identity=abc psk=dead extended_ms=1" \ - 0 \ - -c "using extended master secret"\ - -s "using extended master secret"\ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -s "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 0 \ - -C "skip PMS generation for opaque PSK"\ - -C "using extended master secret"\ - -S "using extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 1 \ - -s "SSL - Verification of the message MAC failed" - -run_test "PSK callback: no psk, no callback" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123" \ - 1 \ - -s "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -run_test "PSK callback: callback overrides other settings" \ - "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=foo psk=abc123" \ - 1 \ - -S "SSL - None of the common ciphersuites is usable" \ - -s "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -run_test "PSK callback: first id matches" \ - "$P_SRV psk_list=abc,dead,def,beef" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=abc psk=dead" \ - 0 \ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -run_test "PSK callback: second id matches" \ - "$P_SRV psk_list=abc,dead,def,beef" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=def psk=beef" \ - 0 \ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -run_test "PSK callback: no match" \ - "$P_SRV psk_list=abc,dead,def,beef" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=ghi psk=beef" \ - 1 \ - -S "SSL - None of the common ciphersuites is usable" \ - -s "SSL - Unknown identity received" \ - -S "SSL - Verification of the message MAC failed" - -run_test "PSK callback: wrong key" \ - "$P_SRV psk_list=abc,dead,def,beef" \ - "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ - psk_identity=abc psk=beef" \ - 1 \ - -S "SSL - None of the common ciphersuites is usable" \ - -S "SSL - Unknown identity received" \ - -s "SSL - Verification of the message MAC failed" - -# Tests for EC J-PAKE - -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: client not configured" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ - 0 \ - -C "add ciphersuite: c0ff" \ - -C "adding ecjpake_kkpp extension" \ - -S "found ecjpake kkpp extension" \ - -S "skip ecjpake kkpp extension" \ - -S "ciphersuite mismatch: ecjpake not configured" \ - -S "server hello, ecjpake kkpp extension" \ - -C "found ecjpake_kkpp extension" \ - -S "None of the common ciphersuites is usable" - -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: server not configured" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 ecjpake_pw=bla \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 1 \ - -c "add ciphersuite: c0ff" \ - -c "adding ecjpake_kkpp extension" \ - -s "found ecjpake kkpp extension" \ - -s "skip ecjpake kkpp extension" \ - -s "ciphersuite mismatch: ecjpake not configured" \ - -S "server hello, ecjpake kkpp extension" \ - -C "found ecjpake_kkpp extension" \ - -s "None of the common ciphersuites is usable" - -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: working, TLS" \ - "$P_SRV debug_level=3 ecjpake_pw=bla" \ - "$P_CLI debug_level=3 ecjpake_pw=bla \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 0 \ - -c "add ciphersuite: c0ff" \ - -c "adding ecjpake_kkpp extension" \ - -C "re-using cached ecjpake parameters" \ - -s "found ecjpake kkpp extension" \ - -S "skip ecjpake kkpp extension" \ - -S "ciphersuite mismatch: ecjpake not configured" \ - -s "server hello, ecjpake kkpp extension" \ - -c "found ecjpake_kkpp extension" \ - -S "None of the common ciphersuites is usable" \ - -S "SSL - Verification of the message MAC failed" - -server_needs_more_time 1 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: password mismatch, TLS" \ - "$P_SRV debug_level=3 ecjpake_pw=bla" \ - "$P_CLI debug_level=3 ecjpake_pw=bad \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 1 \ - -C "re-using cached ecjpake parameters" \ - -s "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: working, DTLS" \ - "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ - "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 0 \ - -c "re-using cached ecjpake parameters" \ - -S "SSL - Verification of the message MAC failed" - -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: working, DTLS, no cookie" \ - "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ - "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 0 \ - -C "re-using cached ecjpake parameters" \ - -S "SSL - Verification of the message MAC failed" - -server_needs_more_time 1 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: password mismatch, DTLS" \ - "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ - "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 1 \ - -c "re-using cached ecjpake parameters" \ - -s "SSL - Verification of the message MAC failed" - -# for tests with configs/config-thread.h -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE -run_test "ECJPAKE: working, DTLS, nolog" \ - "$P_SRV dtls=1 ecjpake_pw=bla" \ - "$P_CLI dtls=1 ecjpake_pw=bla \ - force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ - 0 - -# Tests for ciphersuites per version - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: SSL3" \ - "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=ssl3" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: TLS 1.0" \ - "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1 arc4=1" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: TLS 1.1" \ - "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: TLS 1.2" \ - "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1_2" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256" - -# Test for ClientHello without extensions - -requires_gnutls -run_test "ClientHello without extensions, SHA-1 allowed" \ - "$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt" \ - "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \ - 0 \ - -s "dumping 'client hello extensions' (0 bytes)" - -requires_gnutls -run_test "ClientHello without extensions, SHA-1 forbidden in certificates on server" \ - "$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt allow_sha1=0" \ - "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \ - 0 \ - -s "dumping 'client hello extensions' (0 bytes)" - -# Tests for mbedtls_ssl_get_bytes_avail() - -run_test "mbedtls_ssl_get_bytes_avail: no extra data" \ - "$P_SRV" \ - "$P_CLI request_size=100" \ - 0 \ - -s "Read from client: 100 bytes read$" - -run_test "mbedtls_ssl_get_bytes_avail: extra data" \ - "$P_SRV" \ - "$P_CLI request_size=500" \ - 0 \ - -s "Read from client: 500 bytes read (.*+.*)" - -# Tests for small client packets - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Small client packet SSLv3 BlockCipher" \ - "$P_SRV min_version=ssl3" \ - "$P_CLI request_size=1 force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Small client packet SSLv3 StreamCipher" \ - "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.0 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.0 StreamCipher" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ - trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.1 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.1 StreamCipher" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 StreamCipher" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 AEAD" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.2 AEAD shorter tag" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ - 0 \ - -s "Read from client: 1 bytes read" - -# Tests for small client packets in DTLS - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small client packet DTLS 1.0" \ - "$P_SRV dtls=1 force_version=dtls1" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small client packet DTLS 1.0, without EtM" \ - "$P_SRV dtls=1 force_version=dtls1 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.0, truncated hmac" \ - "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \ - "$P_CLI dtls=1 request_size=1 trunc_hmac=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \ - "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small client packet DTLS 1.2" \ - "$P_SRV dtls=1 force_version=dtls1_2" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small client packet DTLS 1.2, without EtM" \ - "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.2, truncated hmac" \ - "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \ - "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -s "Read from client: 1 bytes read" - -# Tests for small server packets - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Small server packet SSLv3 BlockCipher" \ - "$P_SRV response_size=1 min_version=ssl3" \ - "$P_CLI force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Small server packet SSLv3 StreamCipher" \ - "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.0 BlockCipher" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.0 StreamCipher" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ - trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.1 BlockCipher" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.1 StreamCipher" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 BlockCipher" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 StreamCipher" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 AEAD" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.2 AEAD shorter tag" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ - 0 \ - -c "Read from server: 1 bytes read" - -# Tests for small server packets in DTLS - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small server packet DTLS 1.0" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small server packet DTLS 1.0, without EtM" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.0, truncated hmac" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \ - "$P_CLI dtls=1 trunc_hmac=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small server packet DTLS 1.2" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small server packet DTLS 1.2, without EtM" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.2, truncated hmac" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -c "Read from server: 1 bytes read" - -# A test for extensions in SSLv3 - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "SSLv3 with extensions, server side" \ - "$P_SRV min_version=ssl3 debug_level=3" \ - "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \ - 0 \ - -S "dumping 'client hello extensions'" \ - -S "server hello, total extension length:" - -# Test for large client packets - -# How many fragments do we expect to write $1 bytes? -fragments_for_write() { - echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))" -} - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Large client packet SSLv3 BlockCipher" \ - "$P_SRV min_version=ssl3" \ - "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Large client packet SSLv3 StreamCipher" \ - "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.0 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.0 StreamCipher" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.1 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.1 StreamCipher" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 StreamCipher" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 AEAD" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.2 AEAD shorter tag" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -# Test for large server packets -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Large server packet SSLv3 StreamCipher" \ - "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=ssl3 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "Read from server: 16384 bytes read" - -# Checking next 4 tests logs for 1n-1 split against BEAST too -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 -run_test "Large server packet SSLv3 BlockCipher" \ - "$P_SRV response_size=16384 min_version=ssl3" \ - "$P_CLI force_version=ssl3 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.0 BlockCipher" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1 etm=0 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ - trunc_hmac=1" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.0 StreamCipher" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 BlockCipher" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=16384 trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 StreamCipher" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 BlockCipher" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ - 0 \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=16384 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 StreamCipher" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 AEAD" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.2 AEAD shorter tag" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ - 0 \ - -c "Read from server: 16384 bytes read" - -# Tests for restartable ECC - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, default" \ - "$P_SRV auth_mode=required" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1" \ - 0 \ - -C "x509_verify_cert.*4b00" \ - -C "mbedtls_pk_verify.*4b00" \ - -C "mbedtls_ecdh_make_public.*4b00" \ - -C "mbedtls_pk_sign.*4b00" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=0" \ - "$P_SRV auth_mode=required" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1 ec_max_ops=0" \ - 0 \ - -C "x509_verify_cert.*4b00" \ - -C "mbedtls_pk_verify.*4b00" \ - -C "mbedtls_ecdh_make_public.*4b00" \ - -C "mbedtls_pk_sign.*4b00" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=65535" \ - "$P_SRV auth_mode=required" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1 ec_max_ops=65535" \ - 0 \ - -C "x509_verify_cert.*4b00" \ - -C "mbedtls_pk_verify.*4b00" \ - -C "mbedtls_ecdh_make_public.*4b00" \ - -C "mbedtls_pk_sign.*4b00" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000" \ - "$P_SRV auth_mode=required" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1 ec_max_ops=1000" \ - 0 \ - -c "x509_verify_cert.*4b00" \ - -c "mbedtls_pk_verify.*4b00" \ - -c "mbedtls_ecdh_make_public.*4b00" \ - -c "mbedtls_pk_sign.*4b00" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000, badsign" \ - "$P_SRV auth_mode=required \ - crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1 ec_max_ops=1000" \ - 1 \ - -c "x509_verify_cert.*4b00" \ - -C "mbedtls_pk_verify.*4b00" \ - -C "mbedtls_ecdh_make_public.*4b00" \ - -C "mbedtls_pk_sign.*4b00" \ - -c "! The certificate is not correctly signed by the trusted CA" \ - -c "! mbedtls_ssl_handshake returned" \ - -c "X509 - Certificate verification failed" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \ - "$P_SRV auth_mode=required \ - crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1 ec_max_ops=1000 auth_mode=optional" \ - 0 \ - -c "x509_verify_cert.*4b00" \ - -c "mbedtls_pk_verify.*4b00" \ - -c "mbedtls_ecdh_make_public.*4b00" \ - -c "mbedtls_pk_sign.*4b00" \ - -c "! The certificate is not correctly signed by the trusted CA" \ - -C "! mbedtls_ssl_handshake returned" \ - -C "X509 - Certificate verification failed" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \ - "$P_SRV auth_mode=required \ - crt_file=data_files/server5-badsign.crt \ - key_file=data_files/server5.key" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - debug_level=1 ec_max_ops=1000 auth_mode=none" \ - 0 \ - -C "x509_verify_cert.*4b00" \ - -c "mbedtls_pk_verify.*4b00" \ - -c "mbedtls_ecdh_make_public.*4b00" \ - -c "mbedtls_pk_sign.*4b00" \ - -C "! The certificate is not correctly signed by the trusted CA" \ - -C "! mbedtls_ssl_handshake returned" \ - -C "X509 - Certificate verification failed" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: DTLS, max_ops=1000" \ - "$P_SRV auth_mode=required dtls=1" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - dtls=1 debug_level=1 ec_max_ops=1000" \ - 0 \ - -c "x509_verify_cert.*4b00" \ - -c "mbedtls_pk_verify.*4b00" \ - -c "mbedtls_ecdh_make_public.*4b00" \ - -c "mbedtls_pk_sign.*4b00" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000 no client auth" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - debug_level=1 ec_max_ops=1000" \ - 0 \ - -c "x509_verify_cert.*4b00" \ - -c "mbedtls_pk_verify.*4b00" \ - -c "mbedtls_ecdh_make_public.*4b00" \ - -C "mbedtls_pk_sign.*4b00" - -requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \ - "$P_SRV psk=abc123" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ - psk=abc123 debug_level=1 ec_max_ops=1000" \ - 0 \ - -C "x509_verify_cert.*4b00" \ - -C "mbedtls_pk_verify.*4b00" \ - -C "mbedtls_ecdh_make_public.*4b00" \ - -C "mbedtls_pk_sign.*4b00" - -# Tests of asynchronous private key support in SSL - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, delay=0" \ - "$P_SRV \ - async_operations=s async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): sign done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, delay=1" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): call 0 more times." \ - -s "Async resume (slot [0-9]): sign done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, delay=2" \ - "$P_SRV \ - async_operations=s async_private_delay1=2 async_private_delay2=2" \ - "$P_CLI" \ - 0 \ - -s "Async sign callback: using key slot " \ - -U "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): call 1 more times." \ - -s "Async resume (slot [0-9]): call 0 more times." \ - -s "Async resume (slot [0-9]): sign done, status=0" - -# Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1 -# with RSA PKCS#1v1.5 as used in TLS 1.0/1.1. -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "SSL async private: sign, RSA, TLS 1.1" \ - "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \ - async_operations=s async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): sign done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, SNI" \ - "$P_SRV debug_level=3 \ - async_operations=s async_private_delay1=0 async_private_delay2=0 \ - crt_file=data_files/server5.crt key_file=data_files/server5.key \ - sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI server_name=polarssl.example" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): sign done, status=0" \ - -s "parse ServerName extension" \ - -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ - -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, delay=0" \ - "$P_SRV \ - async_operations=d async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, delay=1" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): call 0 more times." \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt RSA-PSK, delay=0" \ - "$P_SRV psk=abc123 \ - async_operations=d async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI psk=abc123 \ - force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt RSA-PSK, delay=1" \ - "$P_SRV psk=abc123 \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI psk=abc123 \ - force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): call 0 more times." \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign callback not present" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI; [ \$? -eq 1 ] && - $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -S "Async sign callback" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "The own private key or pre-shared key is not set, but needed" \ - -s "Async resume (slot [0-9]): decrypt done, status=0" \ - -s "Successful connection" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt callback not present" \ - "$P_SRV debug_level=1 \ - async_operations=s async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA; - [ \$? -eq 1 ] && $P_CLI" \ - 0 \ - -S "Async decrypt callback" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "got no RSA private key" \ - -s "Async resume (slot [0-9]): sign done, status=0" \ - -s "Successful connection" - -# key1: ECDSA, key2: RSA; use key1 from slot 0 -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: slot 0 used with key1" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async sign callback: using key slot 0," \ - -s "Async resume (slot 0): call 0 more times." \ - -s "Async resume (slot 0): sign done, status=0" - -# key1: ECDSA, key2: RSA; use key2 from slot 0 -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: slot 0 used with key2" \ - "$P_SRV \ - async_operations=s async_private_delay2=1 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async sign callback: using key slot 0," \ - -s "Async resume (slot 0): call 0 more times." \ - -s "Async resume (slot 0): sign done, status=0" - -# key1: ECDSA, key2: RSA; use key2 from slot 1 -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: slot 1 used with key2" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async sign callback: using key slot 1," \ - -s "Async resume (slot 1): call 0 more times." \ - -s "Async resume (slot 1): sign done, status=0" - -# key1: ECDSA, key2: RSA; use key2 directly -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: fall back to transparent key" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - key_file2=data_files/server2.key crt_file2=data_files/server2.crt " \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async sign callback: no key matches this certificate." - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, error in start" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - async_private_error=1" \ - "$P_CLI" \ - 1 \ - -s "Async sign callback: injected error" \ - -S "Async resume" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, cancel after start" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - async_private_error=2" \ - "$P_CLI" \ - 1 \ - -s "Async sign callback: using key slot " \ - -S "Async resume" \ - -s "Async cancel" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, error in resume" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - async_private_error=3" \ - "$P_CLI" \ - 1 \ - -s "Async sign callback: using key slot " \ - -s "Async resume callback: sign done but injected error" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, error in start" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: injected error" \ - -S "Async resume" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, cancel after start" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=2" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: using key slot " \ - -S "Async resume" \ - -s "Async cancel" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, error in resume" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=3" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume callback: decrypt done but injected error" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: cancel after start then operate correctly" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - async_private_error=-2" \ - "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ - 0 \ - -s "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "Async resume" \ - -s "Successful connection" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: error in resume then operate correctly" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - async_private_error=-3" \ - "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ - 0 \ - -s "! mbedtls_ssl_handshake returned" \ - -s "Async resume" \ - -s "Successful connection" - -# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: cancel after start then fall back to transparent key" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_error=-2 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256; - [ \$? -eq 1 ] && - $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async sign callback: using key slot 0" \ - -S "Async resume" \ - -s "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "Async sign callback: no key matches this certificate." \ - -s "Successful connection" - -# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign, error in resume then fall back to transparent key" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_error=-3 \ - key_file=data_files/server5.key crt_file=data_files/server5.crt \ - key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256; - [ \$? -eq 1 ] && - $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -s "Async resume" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "Async sign callback: no key matches this certificate." \ - -s "Successful connection" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: client-initiated; sign" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1" \ - "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): sign done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: server-initiated; sign" \ - "$P_SRV \ - async_operations=s async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1 renegotiate=1" \ - "$P_CLI exchanges=2 renegotiation=1" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): sign done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: client-initiated; decrypt" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1" \ - "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: server-initiated; decrypt" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1 renegotiate=1" \ - "$P_CLI exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -# Tests for ECC extensions (rfc 4492) - -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -run_test "Force a non ECC ciphersuite in the client side" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -C "client hello, adding supported_elliptic_curves extension" \ - -C "client hello, adding supported_point_formats extension" \ - -S "found supported elliptic curves extension" \ - -S "found supported point formats extension" - -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -run_test "Force a non ECC ciphersuite in the server side" \ - "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ - "$P_CLI debug_level=3" \ - 0 \ - -C "found supported_point_formats extension" \ - -S "server hello, supported_point_formats extension" - -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -run_test "Force an ECC ciphersuite in the client side" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -c "client hello, adding supported_elliptic_curves extension" \ - -c "client hello, adding supported_point_formats extension" \ - -s "found supported elliptic curves extension" \ - -s "found supported point formats extension" - -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -run_test "Force an ECC ciphersuite in the server side" \ - "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - "$P_CLI debug_level=3" \ - 0 \ - -c "found supported_point_formats extension" \ - -s "server hello, supported_point_formats extension" - -# Tests for DTLS HelloVerifyRequest - -run_test "DTLS cookie: enabled" \ - "$P_SRV dtls=1 debug_level=2" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -s "cookie verification failed" \ - -s "cookie verification passed" \ - -S "cookie verification skipped" \ - -c "received hello verify request" \ - -s "hello verification requested" \ - -S "SSL - The requested feature is not available" - -run_test "DTLS cookie: disabled" \ - "$P_SRV dtls=1 debug_level=2 cookies=0" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -S "cookie verification failed" \ - -S "cookie verification passed" \ - -s "cookie verification skipped" \ - -C "received hello verify request" \ - -S "hello verification requested" \ - -S "SSL - The requested feature is not available" - -run_test "DTLS cookie: default (failing)" \ - "$P_SRV dtls=1 debug_level=2 cookies=-1" \ - "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \ - 1 \ - -s "cookie verification failed" \ - -S "cookie verification passed" \ - -S "cookie verification skipped" \ - -C "received hello verify request" \ - -S "hello verification requested" \ - -s "SSL - The requested feature is not available" - -requires_ipv6 -run_test "DTLS cookie: enabled, IPv6" \ - "$P_SRV dtls=1 debug_level=2 server_addr=::1" \ - "$P_CLI dtls=1 debug_level=2 server_addr=::1" \ - 0 \ - -s "cookie verification failed" \ - -s "cookie verification passed" \ - -S "cookie verification skipped" \ - -c "received hello verify request" \ - -s "hello verification requested" \ - -S "SSL - The requested feature is not available" - -run_test "DTLS cookie: enabled, nbio" \ - "$P_SRV dtls=1 nbio=2 debug_level=2" \ - "$P_CLI dtls=1 nbio=2 debug_level=2" \ - 0 \ - -s "cookie verification failed" \ - -s "cookie verification passed" \ - -S "cookie verification skipped" \ - -c "received hello verify request" \ - -s "hello verification requested" \ - -S "SSL - The requested feature is not available" - -# Tests for client reconnecting from the same port with DTLS - -not_with_valgrind # spurious resend -run_test "DTLS client reconnect from same port: reference" \ - "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ - "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000" \ - 0 \ - -C "resend" \ - -S "The operation timed out" \ - -S "Client initiated reconnection from same port" - -not_with_valgrind # spurious resend -run_test "DTLS client reconnect from same port: reconnect" \ - "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ - "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ - 0 \ - -C "resend" \ - -S "The operation timed out" \ - -s "Client initiated reconnection from same port" - -not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts) -run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \ - "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \ - "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ - 0 \ - -S "The operation timed out" \ - -s "Client initiated reconnection from same port" - -only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout -run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \ - "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \ - "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \ - 0 \ - -S "The operation timed out" \ - -s "Client initiated reconnection from same port" - -run_test "DTLS client reconnect from same port: no cookies" \ - "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \ - "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \ - 0 \ - -s "The operation timed out" \ - -S "Client initiated reconnection from same port" - -# Tests for various cases of client authentication with DTLS -# (focused on handshake flows and message parsing) - -run_test "DTLS client auth: required" \ - "$P_SRV dtls=1 auth_mode=required" \ - "$P_CLI dtls=1" \ - 0 \ - -s "Verifying peer X.509 certificate... ok" - -run_test "DTLS client auth: optional, client has no cert" \ - "$P_SRV dtls=1 auth_mode=optional" \ - "$P_CLI dtls=1 crt_file=none key_file=none" \ - 0 \ - -s "! Certificate was missing" - -run_test "DTLS client auth: none, client has no cert" \ - "$P_SRV dtls=1 auth_mode=none" \ - "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \ - 0 \ - -c "skip write certificate$" \ - -s "! Certificate verification was skipped" - -run_test "DTLS wrong PSK: badmac alert" \ - "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \ - "$P_CLI dtls=1 psk=abc124" \ - 1 \ - -s "SSL - Verification of the message MAC failed" \ - -c "SSL - A fatal alert message was received from our peer" - -# Tests for receiving fragmented handshake messages with DTLS - -requires_gnutls -run_test "DTLS reassembly: no fragmentation (gnutls server)" \ - "$G_SRV -u --mtu 2048 -a" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -C "found fragmented DTLS handshake message" \ - -C "error" - -requires_gnutls -run_test "DTLS reassembly: some fragmentation (gnutls server)" \ - "$G_SRV -u --mtu 512" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_gnutls -run_test "DTLS reassembly: more fragmentation (gnutls server)" \ - "$G_SRV -u --mtu 128" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_gnutls -run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ - "$G_SRV -u --mtu 128" \ - "$P_CLI dtls=1 nbio=2 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ - "$G_SRV -u --mtu 256" \ - "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -c "client hello, adding renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -C "mbedtls_ssl_handshake returned" \ - -C "error" \ - -s "Extra-header:" - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ - "$G_SRV -u --mtu 256" \ - "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -c "client hello, adding renegotiation extension" \ - -c "found renegotiation extension" \ - -c "=> renegotiate" \ - -C "mbedtls_ssl_handshake returned" \ - -C "error" \ - -s "Extra-header:" - -run_test "DTLS reassembly: no fragmentation (openssl server)" \ - "$O_SRV -dtls1 -mtu 2048" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -C "found fragmented DTLS handshake message" \ - -C "error" - -run_test "DTLS reassembly: some fragmentation (openssl server)" \ - "$O_SRV -dtls1 -mtu 768" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -run_test "DTLS reassembly: more fragmentation (openssl server)" \ - "$O_SRV -dtls1 -mtu 256" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ - "$O_SRV -dtls1 -mtu 256" \ - "$P_CLI dtls=1 nbio=2 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Tests for sending fragmented handshake messages with DTLS -# -# Use client auth when we need the client to send large messages, -# and use large cert chains on both sides too (the long chains we have all use -# both RSA and ECDSA, but ideally we should have long chains with either). -# Sizes reached (UDP payload): -# - 2037B for server certificate -# - 1542B for client certificate -# - 1013B for newsessionticket -# - all others below 512B -# All those tests assume MAX_CONTENT_LEN is at least 2048 - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: none (for reference)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=4096" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=4096" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -C "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: server only (max_frag_len)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=1024" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=2048" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# With the MFL extension, the server has no way of forcing -# the client to not exceed a certain MTU; hence, the following -# test can't be replicated with an MTU proxy such as the one -# `client-initiated, server only (max_frag_len)` below. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: server only (more) (max_frag_len)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=512" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=4096" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=none \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=2048" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=1024" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# While not required by the standard defining the MFL extension -# (according to which it only applies to records, not to datagrams), -# Mbed TLS will never send datagrams larger than MFL + { Max record expansion }, -# as otherwise there wouldn't be any means to communicate MTU restrictions -# to the peer. -# The next test checks that no datagrams significantly larger than the -# negotiated MFL are sent. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \ - -p "$P_PXY mtu=1110" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=none \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=2048" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=1024" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=2048" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=1024" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# While not required by the standard defining the MFL extension -# (according to which it only applies to records, not to datagrams), -# Mbed TLS will never send datagrams larger than MFL + { Max record expansion }, -# as otherwise there wouldn't be any means to communicate MTU restrictions -# to the peer. -# The next test checks that no datagrams significantly larger than the -# negotiated MFL are sent. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \ - -p "$P_PXY mtu=1110" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - max_frag_len=2048" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - max_frag_len=1024" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -run_test "DTLS fragmenting: none (for reference) (MTU)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - mtu=4096" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - mtu=4096" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -C "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -run_test "DTLS fragmenting: client (MTU)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=3500-60000 \ - mtu=4096" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=3500-60000 \ - mtu=1024" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -C "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -run_test "DTLS fragmenting: server (MTU)" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - mtu=512" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - mtu=2048" \ - 0 \ - -S "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -run_test "DTLS fragmenting: both (MTU=1024)" \ - -p "$P_PXY mtu=1024" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - mtu=1024" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=2500-60000 \ - mtu=1024" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 512 with full config. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: both (MTU=512)" \ - -p "$P_PXY mtu=512" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=2500-60000 \ - mtu=512" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=2500-60000 \ - mtu=512" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Test for automatic MTU reduction on repeated resend. -# Forcing ciphersuite for this test to fit the MTU of 508 with full config. -# The ratio of max/min timeout should ideally equal 4 to accept two -# retransmissions, but in some cases (like both the server and client using -# fragmentation and auto-reduction) an extra retransmission might occur, -# hence the ratio of 8. -not_with_valgrind -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: proxy MTU: auto-reduction" \ - -p "$P_PXY mtu=508" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=400-3200" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=400-3200" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 508 with full config. -only_with_valgrind -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: proxy MTU: auto-reduction" \ - -p "$P_PXY mtu=508" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-10000" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=250-10000" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend -# OTOH the client might resend if the server is to slow to reset after sending -# a HelloVerifyRequest, so only check for no retransmission server-side -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ - -p "$P_PXY mtu=1024" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=10000-60000 \ - mtu=1024" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=10000-60000 \ - mtu=1024" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 512 with full config. -# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend -# OTOH the client might resend if the server is to slow to reset after sending -# a HelloVerifyRequest, so only check for no retransmission server-side -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ - -p "$P_PXY mtu=512" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=10000-60000 \ - mtu=512" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=10000-60000 \ - mtu=512" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ - -p "$P_PXY mtu=1024" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=10000-60000 \ - mtu=1024 nbio=2" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=10000-60000 \ - mtu=1024 nbio=2" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 512 with full config. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ - -p "$P_PXY mtu=512" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=10000-60000 \ - mtu=512 nbio=2" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=10000-60000 \ - mtu=512 nbio=2" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 1450 with full config. -# This ensures things still work after session_reset(). -# It also exercises the "resumed handshake" flow. -# Since we don't support reading fragmented ClientHello yet, -# up the MTU to 1450 (larger than ClientHello with session ticket, -# but still smaller than client's Certificate to ensure fragmentation). -# An autoreduction on the client-side might happen if the server is -# slow to reset, therefore omitting '-C "autoreduction"' below. -# reco_delay avoids races where the client reconnects before the server has -# resumed listening, which would result in a spurious autoreduction. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ - -p "$P_PXY mtu=1450" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=10000-60000 \ - mtu=1450" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=10000-60000 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - mtu=1450 reconnect=1 reco_delay=1" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# An autoreduction on the client-side might happen if the server is -# slow to reset, therefore omitting '-C "autoreduction"' below. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_CHACHAPOLY_C -run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ - -p "$P_PXY mtu=512" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - exchanges=2 renegotiation=1 \ - hs_timeout=10000-60000 \ - mtu=512" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=10000-60000 \ - mtu=512" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# An autoreduction on the client-side might happen if the server is -# slow to reset, therefore omitting '-C "autoreduction"' below. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ - -p "$P_PXY mtu=512" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - exchanges=2 renegotiation=1 \ - hs_timeout=10000-60000 \ - mtu=512" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=10000-60000 \ - mtu=512" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# An autoreduction on the client-side might happen if the server is -# slow to reset, therefore omitting '-C "autoreduction"' below. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CCM_C -run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ - -p "$P_PXY mtu=1024" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ - hs_timeout=10000-60000 \ - mtu=1024" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - exchanges=2 renegotiation=1 renegotiate=1 \ - hs_timeout=10000-60000 \ - mtu=1024" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# An autoreduction on the client-side might happen if the server is -# slow to reset, therefore omitting '-C "autoreduction"' below. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC -requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC -run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ - -p "$P_PXY mtu=1024" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ - hs_timeout=10000-60000 \ - mtu=1024" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - exchanges=2 renegotiation=1 renegotiate=1 \ - hs_timeout=10000-60000 \ - mtu=1024" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# An autoreduction on the client-side might happen if the server is -# slow to reset, therefore omitting '-C "autoreduction"' below. -not_with_valgrind # spurious autoreduction due to timeout -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC -run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ - -p "$P_PXY mtu=1024" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \ - hs_timeout=10000-60000 \ - mtu=1024" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - exchanges=2 renegotiation=1 renegotiate=1 \ - hs_timeout=10000-60000 \ - mtu=1024" \ - 0 \ - -S "autoreduction" \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 512 with full config. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -client_needs_more_time 2 -run_test "DTLS fragmenting: proxy MTU + 3d" \ - -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ - "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-10000 mtu=512" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=250-10000 mtu=512" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# Forcing ciphersuite for this test to fit the MTU of 512 with full config. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C -client_needs_more_time 2 -run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ - -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ - "$P_SRV dtls=1 debug_level=2 auth_mode=required \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-10000 mtu=512 nbio=2" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - hs_timeout=250-10000 mtu=512 nbio=2" \ - 0 \ - -s "found fragmented DTLS handshake message" \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -# interop tests for DTLS fragmentating with reliable connection -# -# here and below we just want to test that the we fragment in a way that -# pleases other implementations, so we don't need the peer to fragment -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_gnutls -run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ - "$G_SRV -u" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - mtu=512 force_version=dtls1_2" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -requires_gnutls -run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \ - "$G_SRV -u" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -# We use --insecure for the GnuTLS client because it expects -# the hostname / IP it connects to to be the name used in the -# certificate obtained from the server. Here, however, it -# connects to 127.0.0.1 while our test certificates use 'localhost' -# as the server name in the certificate. This will make the -# certifiate validation fail, but passing --insecure makes -# GnuTLS continue the connection nonetheless. -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_gnutls -requires_not_i686 -run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - mtu=512 force_version=dtls1_2" \ - "$G_CLI -u --insecure 127.0.0.1" \ - 0 \ - -s "fragmenting handshake message" - -# See previous test for the reason to use --insecure -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -requires_gnutls -requires_not_i686 -run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - mtu=512 force_version=dtls1" \ - "$G_CLI -u --insecure 127.0.0.1" \ - 0 \ - -s "fragmenting handshake message" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ - "$O_SRV -dtls1_2 -verify 10" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - mtu=512 force_version=dtls1_2" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "DTLS fragmenting: openssl server, DTLS 1.0" \ - "$O_SRV -dtls1 -verify 10" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - mtu=512 force_version=dtls1_2" \ - "$O_CLI -dtls1_2" \ - 0 \ - -s "fragmenting handshake message" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "DTLS fragmenting: openssl client, DTLS 1.0" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - mtu=512 force_version=dtls1" \ - "$O_CLI -dtls1" \ - 0 \ - -s "fragmenting handshake message" - -# interop tests for DTLS fragmentating with unreliable connection -# -# again we just want to test that the we fragment in a way that -# pleases other implementations, so we don't need the peer to fragment -requires_gnutls_next -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$G_NEXT_SRV -u" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -requires_gnutls_next -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$G_NEXT_SRV -u" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -requires_gnutls_next -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ - "$G_NEXT_CLI -u --insecure 127.0.0.1" \ - 0 \ - -s "fragmenting handshake message" - -requires_gnutls_next -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - "$G_NEXT_CLI -u --insecure 127.0.0.1" \ - 0 \ - -s "fragmenting handshake message" - -## Interop test with OpenSSL might trigger a bug in recent versions (including -## all versions installed on the CI machines), reported here: -## Bug report: https://github.com/openssl/openssl/issues/6902 -## They should be re-enabled once a fixed version of OpenSSL is available -## (this should happen in some 1.1.1_ release according to the ticket). -skip_next_test -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$O_SRV -dtls1_2 -verify 10" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -skip_next_test -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$O_SRV -dtls1 -verify 10" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - -skip_next_test -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ - "$O_CLI -dtls1_2" \ - 0 \ - -s "fragmenting handshake message" - -# -nbio is added to prevent s_client from blocking in case of duplicated -# messages at the end of the handshake -skip_next_test -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - "$O_CLI -nbio -dtls1" \ - 0 \ - -s "fragmenting handshake message" - -# Tests for specific things with "unreliable" UDP connection - -not_with_valgrind # spurious resend due to timeout -run_test "DTLS proxy: reference" \ - -p "$P_PXY" \ - "$P_SRV dtls=1 debug_level=2" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -C "replayed record" \ - -S "replayed record" \ - -C "record from another epoch" \ - -S "record from another epoch" \ - -C "discarding invalid record" \ - -S "discarding invalid record" \ - -S "resend" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -not_with_valgrind # spurious resend due to timeout -run_test "DTLS proxy: duplicate every packet" \ - -p "$P_PXY duplicate=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ - 0 \ - -c "replayed record" \ - -s "replayed record" \ - -c "record from another epoch" \ - -s "record from another epoch" \ - -S "resend" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -run_test "DTLS proxy: duplicate every packet, server anti-replay off" \ - -p "$P_PXY duplicate=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ - 0 \ - -c "replayed record" \ - -S "replayed record" \ - -c "record from another epoch" \ - -s "record from another epoch" \ - -c "resend" \ - -s "resend" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -run_test "DTLS proxy: multiple records in same datagram" \ - -p "$P_PXY pack=50" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ - 0 \ - -c "next record in same datagram" \ - -s "next record in same datagram" - -run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \ - -p "$P_PXY pack=50 duplicate=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ - 0 \ - -c "next record in same datagram" \ - -s "next record in same datagram" - -run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \ - -p "$P_PXY bad_ad=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ - 0 \ - -c "discarding invalid record (mac)" \ - -s "discarding invalid record (mac)" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" \ - -S "too many records with bad MAC" \ - -S "Verification of the message MAC failed" - -run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \ - -p "$P_PXY bad_ad=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ - 1 \ - -C "discarding invalid record (mac)" \ - -S "discarding invalid record (mac)" \ - -S "Extra-header:" \ - -C "HTTP/1.0 200 OK" \ - -s "too many records with bad MAC" \ - -s "Verification of the message MAC failed" - -run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \ - -p "$P_PXY bad_ad=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ - 0 \ - -c "discarding invalid record (mac)" \ - -s "discarding invalid record (mac)" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" \ - -S "too many records with bad MAC" \ - -S "Verification of the message MAC failed" - -run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\ - -p "$P_PXY bad_ad=1" \ - "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \ - "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \ - 1 \ - -c "discarding invalid record (mac)" \ - -s "discarding invalid record (mac)" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" \ - -s "too many records with bad MAC" \ - -s "Verification of the message MAC failed" - -run_test "DTLS proxy: delay ChangeCipherSpec" \ - -p "$P_PXY delay_ccs=1" \ - "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \ - "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \ - 0 \ - -c "record from another epoch" \ - -s "record from another epoch" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -# Tests for reordering support with DTLS - -run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ - -p "$P_PXY delay_srv=ServerHello" \ - "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -c "Buffering HS message" \ - -c "Next handshake message has been buffered - load"\ - -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ - -C "Injecting buffered CCS message" \ - -C "Remember CCS message" \ - -S "Injecting buffered CCS message" \ - -S "Remember CCS message" - -run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ - -p "$P_PXY delay_srv=ServerHello" \ - "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -c "Buffering HS message" \ - -c "found fragmented DTLS handshake message"\ - -c "Next handshake message 1 not or only partially bufffered" \ - -c "Next handshake message has been buffered - load"\ - -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ - -C "Injecting buffered CCS message" \ - -C "Remember CCS message" \ - -S "Injecting buffered CCS message" \ - -S "Remember CCS message" - -# The client buffers the ServerKeyExchange before receiving the fragmented -# Certificate message; at the time of writing, together these are aroudn 1200b -# in size, so that the bound below ensures that the certificate can be reassembled -# while keeping the ServerKeyExchange. -requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300 -run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \ - -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ - "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -c "Buffering HS message" \ - -c "Next handshake message has been buffered - load"\ - -C "attempt to make space by freeing buffered messages" \ - -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ - -C "Injecting buffered CCS message" \ - -C "Remember CCS message" \ - -S "Injecting buffered CCS message" \ - -S "Remember CCS message" - -# The size constraints ensure that the delayed certificate message can't -# be reassembled while keeping the ServerKeyExchange message, but it can -# when dropping it first. -requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900 -requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299 -run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \ - -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ - "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -c "Buffering HS message" \ - -c "attempt to make space by freeing buffered future messages" \ - -c "Enough space available after freeing buffered HS messages" \ - -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ - -C "Injecting buffered CCS message" \ - -C "Remember CCS message" \ - -S "Injecting buffered CCS message" \ - -S "Remember CCS message" - -run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ - -p "$P_PXY delay_cli=Certificate" \ - "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ - -s "Buffering HS message" \ - -s "Next handshake message has been buffered - load" \ - -C "Injecting buffered CCS message" \ - -C "Remember CCS message" \ - -S "Injecting buffered CCS message" \ - -S "Remember CCS message" - -run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ - -p "$P_PXY delay_srv=NewSessionTicket" \ - "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ - -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load" \ - -c "Injecting buffered CCS message" \ - -c "Remember CCS message" \ - -S "Injecting buffered CCS message" \ - -S "Remember CCS message" - -run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ - -p "$P_PXY delay_cli=ClientKeyExchange" \ - "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ - -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load" \ - -C "Injecting buffered CCS message" \ - -C "Remember CCS message" \ - -s "Injecting buffered CCS message" \ - -s "Remember CCS message" - -run_test "DTLS reordering: Buffer encrypted Finished message" \ - -p "$P_PXY delay_ccs=1" \ - "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - hs_timeout=2500-60000" \ - 0 \ - -s "Buffer record from epoch 1" \ - -s "Found buffered record from current epoch - load" \ - -c "Buffer record from epoch 1" \ - -c "Found buffered record from current epoch - load" - -# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec -# from the server are delayed, so that the encrypted Finished message -# is received and buffered. When the fragmented NewSessionTicket comes -# in afterwards, the encrypted Finished message must be freed in order -# to make space for the NewSessionTicket to be reassembled. -# This works only in very particular circumstances: -# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering -# of the NewSessionTicket, but small enough to also allow buffering of -# the encrypted Finished message. -# - The MTU setting on the server must be so small that the NewSessionTicket -# needs to be fragmented. -# - All messages sent by the server must be small enough to be either sent -# without fragmentation or be reassembled within the bounds of -# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based -# handshake, omitting CRTs. -requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 240 -requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 280 -run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \ - -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \ - "$P_SRV mtu=190 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \ - 0 \ - -s "Buffer record from epoch 1" \ - -s "Found buffered record from current epoch - load" \ - -c "Buffer record from epoch 1" \ - -C "Found buffered record from current epoch - load" \ - -c "Enough space available after freeing future epoch record" - -# Tests for "randomly unreliable connection": try a variety of flows and peers - -client_needs_more_time 2 -run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 2 -run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 2 -run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 2 -run_test "DTLS proxy: 3d, FS, client auth" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 2 -run_test "DTLS proxy: 3d, FS, ticket" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 2 -run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 2 -run_test "DTLS proxy: 3d, max handshake, nbio" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \ - auth_mode=required" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \ - 0 \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 4 -run_test "DTLS proxy: 3d, min handshake, resumption" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123 debug_level=3" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ - 0 \ - -s "a session has been resumed" \ - -c "a session has been resumed" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 4 -run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123 debug_level=3 nbio=2" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \ - 0 \ - -s "a session has been resumed" \ - -c "a session has been resumed" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 4 -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123 renegotiation=1 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - renegotiate=1 debug_level=2 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ - 0 \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 4 -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123 renegotiation=1 debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - renegotiate=1 debug_level=2 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ - 0 \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 4 -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ - debug_level=2" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - renegotiation=1 exchanges=4 debug_level=2 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ - 0 \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -client_needs_more_time 4 -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ - psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ - debug_level=2 nbio=2" \ - "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ - renegotiation=1 exchanges=4 debug_level=2 nbio=2 \ - force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ - 0 \ - -c "=> renegotiate" \ - -s "=> renegotiate" \ - -s "Extra-header:" \ - -c "HTTP/1.0 200 OK" - -## Interop tests with OpenSSL might trigger a bug in recent versions (including -## all versions installed on the CI machines), reported here: -## Bug report: https://github.com/openssl/openssl/issues/6902 -## They should be re-enabled once a fixed version of OpenSSL is available -## (this should happen in some 1.1.1_ release according to the ticket). -skip_next_test -client_needs_more_time 6 -not_with_valgrind # risk of non-mbedtls peer timing out -run_test "DTLS proxy: 3d, openssl server" \ - -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_SRV -dtls1 -mtu 2048" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ - 0 \ - -c "HTTP/1.0 200 OK" - -skip_next_test # see above -client_needs_more_time 8 -not_with_valgrind # risk of non-mbedtls peer timing out -run_test "DTLS proxy: 3d, openssl server, fragmentation" \ - -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_SRV -dtls1 -mtu 768" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ - 0 \ - -c "HTTP/1.0 200 OK" - -skip_next_test # see above -client_needs_more_time 8 -not_with_valgrind # risk of non-mbedtls peer timing out -run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ - -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_SRV -dtls1 -mtu 768" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ - 0 \ - -c "HTTP/1.0 200 OK" - -requires_gnutls -client_needs_more_time 6 -not_with_valgrind # risk of non-mbedtls peer timing out -run_test "DTLS proxy: 3d, gnutls server" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$G_SRV -u --mtu 2048 -a" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ - 0 \ - -s "Extra-header:" \ - -c "Extra-header:" - -requires_gnutls_next -client_needs_more_time 8 -not_with_valgrind # risk of non-mbedtls peer timing out -run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$G_NEXT_SRV -u --mtu 512" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ - 0 \ - -s "Extra-header:" \ - -c "Extra-header:" - -requires_gnutls_next -client_needs_more_time 8 -not_with_valgrind # risk of non-mbedtls peer timing out -run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ - -p "$P_PXY drop=5 delay=5 duplicate=5" \ - "$G_NEXT_SRV -u --mtu 512" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \ - 0 \ - -s "Extra-header:" \ - -c "Extra-header:" - -# Final report - -echo "------------------------------------------------------------------------" - -if [ $FAILS = 0 ]; then - printf "PASSED" -else - printf "FAILED" -fi -PASSES=$(( $TESTS - $FAILS )) -echo " ($PASSES / $TESTS tests ($SKIPS skipped))" - -exit $FAILS diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data deleted file mode 100644 index 7f747d07b..000000000 --- a/tests/suites/test_suite_debug.data +++ /dev/null @@ -1,64 +0,0 @@ -Debug print msg (threshold 1, level 0) -debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n" - -Debug print msg (threshold 1, level 1) -debug_print_msg_threshold:1:1:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n" - -Debug print msg (threshold 1, level 2) -debug_print_msg_threshold:1:2:"MyFile":999:"" - -Debug print msg (threshold 0, level 1) -debug_print_msg_threshold:0:1:"MyFile":999:"" - -Debug print msg (threshold 0, level 5) -debug_print_msg_threshold:0:5:"MyFile":999:"" - -Debug print return value #1 -mbedtls_debug_print_ret:"MyFile":999:"Test return value":0:"MyFile(0999)\: Test return value() returned 0 (-0x0000)\n" - -Debug print return value #2 -mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0x1000:"MyFile(0999)\: Test return value() returned -4096 (-0x1000)\n" - -Debug print return value #3 -mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0xFFFF:"MyFile(0999)\: Test return value() returned -65535 (-0xffff)\n" - -Debug print buffer #1 -mbedtls_debug_print_buf:"MyFile":999:"Test return value":"":"MyFile(0999)\: dumping 'Test return value' (0 bytes)\n" - -Debug print buffer #2 -mbedtls_debug_print_buf:"MyFile":999:"Test return value":"00":"MyFile(0999)\: dumping 'Test return value' (1 bytes)\nMyFile(0999)\: 0000\: 00 .\n" - -Debug print buffer #3 -mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F":"MyFile(0999)\: dumping 'Test return value' (16 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\n" - -Debug print buffer #4 -mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F00":"MyFile(0999)\: dumping 'Test return value' (17 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 00 .\n" - -Debug print buffer #5 -mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" - -Debug print certificate #1 (RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2011-02-12 14\:44\:06\nMyFile(0999)\: expires on \: 2021-02-12 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" - -Debug print certificate #2 (EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2013-09-24 15\:49\:48\nMyFile(0999)\: expires on \: 2023-09-22 15\:49\:48\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" - -Debug print mbedtls_mpi #1 -mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n" - -Debug print mbedtls_mpi #2 -mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n" - -Debug print mbedtls_mpi #3 -mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" - -Debug print mbedtls_mpi #4 -mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" - -Debug print mbedtls_mpi #5 -mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" - -Debug print mbedtls_mpi #6 -mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function deleted file mode 100644 index 377d630d9..000000000 --- a/tests/suites/test_suite_debug.function +++ /dev/null @@ -1,195 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/debug.h" -#include "string.h" - -struct buffer_data -{ - char buf[2000]; - char *ptr; -}; - -void string_debug(void *data, int level, const char *file, int line, const char *str) -{ - struct buffer_data *buffer = (struct buffer_data *) data; - char *p = buffer->ptr; - ((void) level); - - memcpy( p, file, strlen( file ) ); - p += strlen( file ); - - *p++ = '('; - *p++ = '0' + ( line / 1000 ) % 10; - *p++ = '0' + ( line / 100 ) % 10; - *p++ = '0' + ( line / 10 ) % 10; - *p++ = '0' + ( line / 1 ) % 10; - *p++ = ')'; - *p++ = ':'; - *p++ = ' '; - -#if defined(MBEDTLS_THREADING_C) - /* Skip "thread ID" (up to the first space) as it is not predictable */ - while( *str++ != ' ' ); -#endif - - memcpy( p, str, strlen( str ) ); - p += strlen( str ); - - /* Detect if debug messages output partial lines and mark them */ - if( p[-1] != '\n' ) - *p++ = '*'; - - buffer->ptr = p; -} -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_DEBUG_C:MBEDTLS_SSL_TLS_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ -void debug_print_msg_threshold( int threshold, int level, char * file, - int line, char * result_str ) -{ - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - struct buffer_data buffer; - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); - buffer.ptr = buffer.buf; - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - mbedtls_debug_set_threshold( threshold ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - - mbedtls_debug_print_msg( &ssl, level, file, line, - "Text message, 2 == %d", 2 ); - - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); - -exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_debug_print_ret( char * file, int line, char * text, int value, - char * result_str ) -{ - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - struct buffer_data buffer; - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); - buffer.ptr = buffer.buf; - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - - mbedtls_debug_print_ret( &ssl, 0, file, line, text, value); - - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); - -exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_debug_print_buf( char * file, int line, char * text, - data_t * data, char * result_str ) -{ - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - struct buffer_data buffer; - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); - buffer.ptr = buffer.buf; - - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - - mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len ); - - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); - -exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_debug_print_crt( char * crt_file, char * file, int line, - char * prefix, char * result_str ) -{ - mbedtls_x509_crt crt; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - struct buffer_data buffer; - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &crt ); - memset( buffer.buf, 0, 2000 ); - buffer.ptr = buffer.buf; - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt); - - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); - -exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, - char * prefix, char * result_str ) -{ - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - struct buffer_data buffer; - mbedtls_mpi val; - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_mpi_init( &val ); - memset( buffer.buf, 0, 2000 ); - buffer.ptr = buffer.buf; - - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 ); - - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); - - mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val); - - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); - -exit: - mbedtls_mpi_free( &val ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -} -/* END_CASE */ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data deleted file mode 100644 index 147350744..000000000 --- a/tests/suites/test_suite_ssl.data +++ /dev/null @@ -1,59 +0,0 @@ -SSL DTLS replay: initial state, seqnum 0 -ssl_dtls_replay:"":"000000000000":0 - -SSL DTLS replay: 0 seen, 1 arriving -ssl_dtls_replay:"000000000000":"000000000001":0 - -SSL DTLS replay: 0 seen, 0 replayed -ssl_dtls_replay:"000000000000":"000000000000":-1 - -SSL DTLS replay: 0-1 seen, 2 arriving -ssl_dtls_replay:"000000000000000000000001":"000000000002":0 - -SSL DTLS replay: 0-1 seen, 1 replayed -ssl_dtls_replay:"000000000000000000000001":"000000000001":-1 - -SSL DTLS replay: 0-1 seen, 0 replayed -ssl_dtls_replay:"000000000000000000000001":"000000000000":-1 - -SSL DTLS replay: new -ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340004":0 - -SSL DTLS replay: way new -ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12350000":0 - -SSL DTLS replay: delayed -ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340002":0 - -SSL DTLS replay: lastest replayed -ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340003":-1 - -SSL DTLS replay: older replayed -ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340001":-1 - -SSL DTLS replay: most recent in window, replayed -ssl_dtls_replay:"abcd12340000abcd12340002abcd12340003":"abcd12340002":-1 - -SSL DTLS replay: oldest in window, replayed -ssl_dtls_replay:"abcd12340000abcd12340001abcd1234003f":"abcd12340000":-1 - -SSL DTLS replay: oldest in window, not replayed -ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd12340000":0 - -SSL DTLS replay: just out of the window -ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd1233ffff":-1 - -SSL DTLS replay: way out of the window -ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd12330000":-1 - -SSL DTLS replay: big jump then replay -ssl_dtls_replay:"abcd12340000abcd12340100":"abcd12340100":-1 - -SSL DTLS replay: big jump then new -ssl_dtls_replay:"abcd12340000abcd12340100":"abcd12340101":0 - -SSL DTLS replay: big jump then just delayed -ssl_dtls_replay:"abcd12340000abcd12340100":"abcd123400ff":0 - -SSL SET_HOSTNAME memory leak: call ssl_set_hostname twice -ssl_set_hostname_twice:"server0":"server1" diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function deleted file mode 100644 index 326f22d3b..000000000 --- a/tests/suites/test_suite_ssl.function +++ /dev/null @@ -1,54 +0,0 @@ -/* BEGIN_HEADER */ -#include -#include -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_SSL_TLS_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -void ssl_dtls_replay( data_t * prevs, data_t * new, int ret ) -{ - uint32_t len = 0; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - - TEST_ASSERT( mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) == 0 ); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - /* Read previous record numbers */ - for( len = 0; len < prevs->len; len += 6 ) - { - memcpy( ssl.in_ctr + 2, prevs->x + len, 6 ); - mbedtls_ssl_dtls_replay_update( &ssl ); - } - - /* Check new number */ - memcpy( ssl.in_ctr + 2, new->x, 6 ); - TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret ); - - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void ssl_set_hostname_twice( char *hostname0, char *hostname1 ) -{ - mbedtls_ssl_context ssl; - mbedtls_ssl_init( &ssl ); - - TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 ); - TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 ); - - mbedtls_ssl_free( &ssl ); -} -/* END_CASE */ diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data deleted file mode 100644 index 042d653b5..000000000 --- a/tests/suites/test_suite_x509parse.data +++ /dev/null @@ -1,1995 +0,0 @@ -X509 Certificate information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information #1 (DER) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information #2 (DER) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server2.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2011-02-12 14\:44\:00\nexpires on \: 2021-02-12 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" - -X509 Certificate information #3 (DER) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/test-ca.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2011-02-12 14\:44\:00\nexpires on \: 2021-02-12 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" - -X509 Certificate information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C -x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C -x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C -x509_cert_info:"data_files/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C -x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C -x509_cert_info:"data_files/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C -x509_cert_info:"data_files/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information, NS Cert Type -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" - -X509 Certificate information, Key Usage -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.key_usage.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" - -X509 Certificate information, Key Usage with decipherOnly -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/keyUsage.decipherOnly.crt":"cert. version \: 3\nserial number \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name \: C=GB, L=Cambridge, O=Default Company Ltd\nissued on \: 2015-05-12 10\:36\:55\nexpires on \: 2018-05-11 10\:36\:55\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n" - -X509 Certificate information, Subject Alt Name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2012-05-10 13\:23\:41\nexpires on \: 2022-05-11 13\:23\:41\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \: example.com, example.net, *.example.org\n" - -X509 Certificate information, Subject Alt Name + Key Usage -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \: www.shotokan-braunschweig.de, www.massimo-abate.eu\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" - -X509 Certificate information, Key Usage + Extended Key Usage -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server1.ext_ku.crt":"cert. version \: 3\nserial number \: 21\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2014-04-01 14\:44\:43\nexpires on \: 2024-03-29 14\:44\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\next key usage \: TLS Web Server Authentication\n" - -X509 Certificate information RSA signed by EC -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information EC signed by RSA -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" - -X509 Certificate information Bitstring in subject name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \: \next key usage \: TLS Web Client Authentication\n" - -X509 certificate v1 with extension -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \: identity-check.org, www.identity-check.org\n" - -X509 CRL information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" - -X509 CRL Information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" - -X509 CRL Information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C -mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" - -X509 CRL Information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" - -X509 CRL Information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" - -X509 CRL Information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" - -X509 CRL Information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" - -X509 CRL Information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" - -X509 CRL Information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" - -X509 CRL information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" - -X509 CRL information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" - -X509 CRL information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" - -X509 CRL information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" - -X509 CRL information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" - -X509 CRL Information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" - -X509 CRL Information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" - -X509 CRL Information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" - -X509 CRL Information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" - -X509 CRL Information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" - -X509 CRL Malformed Input (trailing spaces at end of file) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT - -X509 CRL Unsupported critical extension (issuingDistributionPoint) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -mbedtls_x509_crl_parse:"data_files/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CRL Unsupported non-critical extension (issuingDistributionPoint) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 - -X509 CSR Information RSA with MD4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with MD5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" - -X509 CSR Information RSA with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" - -X509 CSR Information EC with SHA1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA224 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C -mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" - -X509 CSR Information EC with SHA512 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C -mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" - -X509 CSR Information RSA-PSS with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA-PSS with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" - -X509 CSR Information RSA with SHA256 - Microsoft header -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" - -X509 Verify Information: empty -x509_verify_info:0:"":"" - -X509 Verify Information: one issue -x509_verify_info:MBEDTLS_X509_BADCERT_MISSING:"":"Certificate was missing\n" - -X509 Verify Information: two issues -x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:"":"The certificate validity has expired\nThe CRL is expired\n" - -X509 Verify Information: two issues, one unknown -x509_verify_info:MBEDTLS_X509_BADCERT_OTHER | 0x80000000:"":"Other reason (can be used by verify callback)\nUnknown reason (this should not happen)\n" - -X509 Verify Information: empty, with prefix -x509_verify_info:0:" ! ":"" - -X509 Verify Information: one issue, with prefix -x509_verify_info:MBEDTLS_X509_BADCERT_MISSING:" ! ":" ! Certificate was missing\n" - -X509 Verify Information: two issues, with prefix -x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:" ! ":" ! The certificate validity has expired\n ! The CRL is expired\n" - -X509 Get Distinguished Name #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -mbedtls_x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1" - -X509 Get Distinguished Name #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -mbedtls_x509_dn_gets:"data_files/server1.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" - -X509 Get Distinguished Name #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -mbedtls_x509_dn_gets:"data_files/server2.crt":"subject":"C=NL, O=PolarSSL, CN=localhost" - -X509 Get Distinguished Name #4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -mbedtls_x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" - -X509 Time Expired #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C -mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1 - -X509 Time Expired #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C -mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_to":0 - -X509 Time Expired #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C -mbedtls_x509_time_is_past:"data_files/server2.crt":"valid_from":1 - -X509 Time Expired #4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C -mbedtls_x509_time_is_past:"data_files/server2.crt":"valid_to":0 - -X509 Time Expired #5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C -mbedtls_x509_time_is_past:"data_files/test-ca.crt":"valid_from":1 - -X509 Time Expired #6 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C -mbedtls_x509_time_is_past:"data_files/test-ca.crt":"valid_to":0 - -X509 Time Future #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C -mbedtls_x509_time_is_future:"data_files/server5.crt":"valid_from":0 - -X509 Time Future #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C -mbedtls_x509_time_is_future:"data_files/server5.crt":"valid_to":1 - -X509 Time Future #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C -mbedtls_x509_time_is_future:"data_files/server5-future.crt":"valid_from":1 - -X509 Time Future #4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C -mbedtls_x509_time_is_future:"data_files/server5-future.crt":"valid_to":1 - -X509 Time Future #5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C -mbedtls_x509_time_is_future:"data_files/test-ca2.crt":"valid_from":0 - -X509 Time Future #6 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C -mbedtls_x509_time_is_future:"data_files/test-ca2.crt":"valid_to":1 - -X509 Certificate verification #1 (Revoked Cert, Expired CRL, no CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" - -X509 Certificate verification #1a (Revoked Cert, Future CRL, no CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" - -X509 Certificate verification #2 (Revoked Cert, Expired CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Server 1":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" - -X509 Certificate verification #2a (Revoked Cert, Future CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"localhost":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" - -X509 Certificate verification #3 (Revoked Cert, Future CRL, CN Mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #3a (Revoked Cert, Expired CRL, CN Mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #4 (Valid Cert, Expired CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server2.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" - -X509 Certificate verification #4a (Revoked Cert, Future CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" - -X509 Certificate verification #5 (Revoked Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #5' (Revoked Cert, differing DN string formats #1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca_utf8.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #5'' (Revoked Cert, differing DN string formats #2) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca_printable.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #5''' (Revoked Cert, differing upper and lower case) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca_uppercase.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #6 (Revoked Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Server 1":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #7 (Revoked Cert, CN Mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #8 (Valid Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C -x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #8a (Expired Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server5-expired.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" - -X509 Certificate verification #8b (Future Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server5-future.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" - -X509 Certificate verification #8c (Expired Cert, longer chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server7-expired.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" - -X509 Certificate verification #8d (Future Cert, longer chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server7-future.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" - -X509 Certificate verification #9 (Not trusted Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #10 (Not trusted Cert, Expired CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #12 (Valid Cert MD4 Digest) -depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" - -X509 Certificate verification #13 (Valid Cert MD5 Digest) -depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" - -X509 Certificate verification #14 (Valid Cert SHA1 Digest explicitly allowed in profile) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #14 (Valid Cert SHA1 Digest allowed in compile-time default profile) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES -x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"":"NULL" - -X509 Certificate verification #14 (Valid Cert SHA1 Digest forbidden in default profile) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES -x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL" - -X509 Certificate verification #15 (Valid Cert SHA224 Digest) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #16 (Valid Cert SHA256 Digest) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #17 (Valid Cert SHA384 Digest) -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #18 (Valid Cert SHA512 Digest) -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #19 (Valid Cert, denying callback) -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_OTHER:"compat":"verify_none" - -X509 Certificate verification #19 (Not trusted Cert, allowing callback) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":0:0:"compat":"verify_all" - -X509 Certificate verification #21 (domain matching wildcard certificate, case insensitive) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.ExAmPlE.com":0:0:"compat":"NULL" - -X509 Certificate verification #22 (domain not matching wildcard certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #23 (domain not matching wildcard certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #24 (domain matching CN of multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #25 (domain matching multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.net":0:0:"compat":"NULL" - -X509 Certificate verification #26 (domain not matching multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #27 (domain not matching multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"xample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #27 (domain not matching multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"bexample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #28 (domain not matching wildcard in multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.org":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" - -X509 Certificate verification #29 (domain matching wildcard in multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.org":0:0:"compat":"NULL" - -X509 Certificate verification #30 (domain matching multi certificate without CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.shotokan-braunschweig.de":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #31 (domain not matching multi certificate without CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH + MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #32 (Valid, EC cert, RSA CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #33 (Valid, RSA cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #34 (Valid, EC cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #35 (Revoked, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #36 (Valid, EC CA, SHA1 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C -x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #37 (Valid, EC CA, SHA224 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #38 (Valid, EC CA, SHA384 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5-sha384.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #39 (Valid, EC CA, SHA512 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5-sha512.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #40 (Valid, depth 0, RSA, CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/test-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #41 (Valid, depth 0, EC, CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify:"data_files/test-ca2.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #42 (Depth 0, not CA, RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/server2.crt":"data_files/server2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #43 (Depth 0, not CA, EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_verify:"data_files/server5.crt":"data_files/server5.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #44 (Corrupted signature, EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #45 (Corrupted signature, RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/server2-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #45b (Corrupted signature, intermediate CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #46 (Valid, depth 2, EC-RSA-EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #47 (Untrusted, depth 2, EC-RSA-EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #48 (Missing intermediate CA, EC-RSA-EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server7.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #49 (Valid, depth 2, RSA-EC-RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server8_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #50 (Valid, multiple CAs) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server2.crt":"data_files/test-ca_cat12.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #51 (Valid, multiple CAs, reverse order) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server2.crt":"data_files/test-ca_cat21.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #52 (CA keyUsage valid) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt_crl.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #53 (CA keyUsage missing cRLSign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #54 (CA keyUsage missing cRLSign, no CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #55 (CA keyUsage missing keyCertSign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crl.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #56 (CA keyUsage plain wrong) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #57 (Valid, RSASSA-PSS, SHA-1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #58 (Valid, RSASSA-PSS, SHA-224) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #59 (Valid, RSASSA-PSS, SHA-256) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #60 (Valid, RSASSA-PSS, SHA-384) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #61 (Valid, RSASSA-PSS, SHA-512) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #62 (Revoked, RSASSA-PSS, SHA-1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #64 (Valid, RSASSA-PSS, SHA-1, not top) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #65 (RSASSA-PSS, SHA1, bad cert signature) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #66 (RSASSA-PSS, SHA1, no RSA CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #67 (Valid, RSASSA-PSS, all defaults) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #68 (RSASSA-PSS, wrong salt_len) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #69 (RSASSA-PSS, wrong mgf_hash) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #70 (v1 trusted CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server1-v1.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #71 (v1 trusted CA, other) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server2-v1.crt":"data_files/server1-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #72 (v1 chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server2-v1-chain.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #73 (selfsigned trusted without CA bit) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -x509_verify:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #74 (signed by selfsigned trusted without CA bit) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -x509_verify:"data_files/server6-ss-child.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" - -X509 Certificate verification #75 (encoding mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #76 (multiple CRLs, not revoked) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server5.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #77 (multiple CRLs, revoked) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #78 (multiple CRLs, revoked by second) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_rsa-ec.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #79 (multiple CRLs, revoked by future) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" - -X509 Certificate verification #80 (multiple CRLs, first future, revoked by second) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" - -X509 Certificate verification #81 (multiple CRLs, none relevant) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #82 (Not yet valid CA and valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #83 (valid CA and Not yet valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-future.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #84 (valid CA and Not yet valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-past.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #85 (Not yet valid CA and valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C -x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #86 (Not yet valid CA and invalid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" - -X509 Certificate verification #87 (Expired CA and invalid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE -x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" - -X509 Certificate verification #88 (Spurious cert in the chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/server7_spurious_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #89 (Spurious cert later in the chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify:"data_files/server10_int3_spurious_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #90 (EE with same name as trusted root) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify:"data_files/server5-ss-forgeca.crt":"data_files/test-int-ca3.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"":"NULL" - -X509 Certificate verification #91 (same CA with good then bad key) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -x509_verify:"data_files/server1.crt":"data_files/test-ca-good-alt.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #91 (same CA with bad then good key) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -x509_verify:"data_files/server1.crt":"data_files/test-ca-alt-good.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" - -X509 Certificate verification #92 (bad name, allowing callback) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"globalhost":0:0:"":"verify_all" - -X509 Certificate verification #93 (Suite B invalid, EC cert, RSA CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY|MBEDTLS_X509_BADCRL_BAD_MD|MBEDTLS_X509_BADCRL_BAD_PK:"suite_b":"NULL" - -X509 Certificate verification #94 (Suite B invalid, RSA cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_PK:"suite_b":"NULL" - -X509 Certificate verification #95 (Suite B Valid, EC cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL" - -X509 Certificate verification #96 (next profile Invalid Cert SHA224 Digest) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL" - -X509 Certificate verification #97 (next profile Valid Cert SHA256 Digest) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_SHA1_C -x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"next":"NULL" - -X509 Certificate verification callback: bad name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_callback:"data_files/server5.crt":"data_files/test-ca2.crt":"globalhost":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000004\n" - -X509 Certificate verification callback: trusted EE cert -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_verify_callback:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"NULL":0:"depth 0 - serial 53\:A2\:CB\:4B\:12\:4E\:AD\:83\:7D\:A8\:94\:B2 - subject CN=selfsigned, OU=testing, O=PolarSSL, C=NL - flags 0x00000000\n" - -X509 Certificate verification callback: trusted EE cert, expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE -x509_verify_callback:"data_files/server5-ss-expired.crt":"data_files/server5-ss-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 0 - serial D8\:64\:61\:05\:E3\:A3\:CD\:78 - subject C=UK, O=mbed TLS, OU=testsuite, CN=localhost - flags 0x00000001\n" - -X509 Certificate verification callback: simple -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_verify_callback:"data_files/server1.crt":"data_files/test-ca.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" - -X509 Certificate verification callback: simple, EE expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify_callback:"data_files/server5-expired.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 0 - serial 1E - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000001\n" - -X509 Certificate verification callback: simple, root expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify_callback:"data_files/server5.crt":"data_files/test-ca2-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial 01 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000001\ndepth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: two trusted roots -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify_callback:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" - -X509 Certificate verification callback: two trusted roots, reversed order -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify_callback:"data_files/server1.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" - -X509 Certificate verification callback: root included -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify_callback:"data_files/server1_ca.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" - -X509 Certificate verification callback: intermediate ca -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify_callback:"data_files/server7_int-ca.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: intermediate ca, root included -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify_callback:"data_files/server7_int-ca_ca2.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: intermediate ca trusted -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -x509_verify_callback:"data_files/server7_int-ca_ca2.crt":"data_files/test-int-ca.crt":"NULL":0:"depth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: intermediate ca, EE expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify_callback:"data_files/server7-expired.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000001\n" - -X509 Certificate verification callback: intermediate ca, int expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify_callback:"data_files/server7_int-ca-exp.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000001\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: intermediate ca, root expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE -x509_verify_callback:"data_files/server7_int-ca.crt":"data_files/test-ca2-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial 01 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000001\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: two intermediates -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify_callback:"data_files/server10_int3_int-ca2.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 3 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: two intermediates, root included -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify_callback:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 3 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: two intermediates, top int trusted -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -x509_verify_callback:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":"NULL":0:"depth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: two intermediates, low int trusted -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509_verify_callback:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-int-ca3.crt":"NULL":0:"depth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" - -X509 Certificate verification callback: no intermediate, bad signature -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_callback:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" - -X509 Certificate verification callback: one intermediate, bad signature -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_verify_callback:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" - -X509 Parse Selftest -depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_selftest: - -X509 Certificate ASN1 (Incorrect first tag) -x509parse_crt:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT - -X509 Certificate ASN1 (Correct first tag, data length does not match) -x509parse_crt:"300000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (Correct first tag, no more data) -x509parse_crt:"3000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (Correct first tag, length data incorrect) -x509parse_crt:"30023085":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH - -X509 Certificate ASN1 (Correct first tag, length data incomplete) -x509parse_crt:"30023083":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (Correct first tag, length data incomplete) -x509parse_crt:"30023081":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (Correct first tag, length data incomplete) -x509parse_crt:"3003308200":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (Correct first tag, second tag no TBSCertificate) -x509parse_crt:"300100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, no version tag, serial missing) -x509parse_crt:"3003300100":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, invalid version tag) -x509parse_crt:"30053003a00101":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, valid version tag, no length) -x509parse_crt:"30053003a00102":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, valid version tag, invalid length) -x509parse_crt:"30163014a012021000000000000000000000000000000000":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_INVALID_LENGTH - -X509 Certificate ASN1 (TBSCertificate, valid version tag, no serial) -x509parse_crt:"30073005a003020104":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, invalid length version tag) -x509parse_crt:"30083006a00402010400":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate, incorrect serial tag) -x509parse_crt:"30083006a00302010400":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, incorrect serial length) -x509parse_crt:"30083006a00302010482":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, correct serial, no alg) -x509parse_crt:"300d300ba0030201048204deadbeef":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, correct serial, no alg oid) -x509parse_crt:"300e300ca0030201048204deadbeef00":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, alg oid no data in sequence) -x509parse_crt:"300f300da0030201048204deadbeef3000":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, alg with params) -x509parse_crt:"30163014a0030201048204deadbeef30070604cafed00d01":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, correct alg data, no params unknown version) -x509parse_crt:"30153013a0030201048204deadbeef30060604cafed00d":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 Certificate ASN1 (TBSCertificate, correct alg data, unknown version) -x509parse_crt:"30173015a0030201048204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 Certificate ASN1 (TBSCertificate, correct alg data, length mismatch) -x509parse_crt:"30183016a0030201048204deadbeef30090604cafed00d050000":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate, correct alg, unknown alg_id) -x509parse_crt:"30173015a0030201028204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND - -X509 Certificate ASN1 (TBSCertificate, correct alg, specific alg_id) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101020500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, correct alg, unknown specific alg_id) -x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101010500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND - -X509 Certificate ASN1 (TBSCertificate, correct alg, bad RSASSA-PSS params) -depends_on:MBEDTLS_X509_RSASSA_PSS_SUPPORT -x509parse_crt:"30193017A003020102020118300D06092A864886F70D01010A3100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, issuer no set data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, issuer no inner seq data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"3020301ea0030201028204deadbeef300d06092a864886f70d010102050030023100":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, issuer no inner set data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30223020a0030201028204deadbeef300d06092a864886f70d0101020500300431023000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, issuer two inner set datas) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, issuer no oid data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430020600":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, issuer invalid tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600060454657374":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, issuer, no string data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30253023a0030201028204deadbeef300d06092a864886f70d0101020500300731053003060013":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, issuer, no full following string) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"302b3029a0030201028204deadbeef300d06092a864886f70d0101020500300d310b3009060013045465737400":"":MBEDTLS_ERR_X509_INVALID_NAME+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, valid issuer, no validity) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, too much date data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301d170c303930313031303030303030170c30393132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate, invalid from date) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323300000000":"":MBEDTLS_ERR_X509_INVALID_DATE - -X509 Certificate ASN1 (TBSCertificate, invalid to date) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323300000000":"":MBEDTLS_ERR_X509_INVALID_DATE - -X509 Certificate ASN1 (TBSCertificate, valid validity, no subject) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, valid subject, no pubkeyinfo) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30563054a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, pubkey, no alg) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30583056a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, valid subject, unknown pk alg) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101000500":"":MBEDTLS_ERR_PK_UNKNOWN_PK_ALG - -X509 Certificate ASN1 (TBSCertificate, pubkey, no bitstring) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate, pubkey, no bitstring data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30693067a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_DATA - -X509 Certificate ASN1 (TBSCertificate, pubkey, invalid bitstring start) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_DATA - -X509 Certificate ASN1 (TBSCertificate, pubkey, invalid internal bitstring length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate, pubkey, invalid internal bitstring tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, pubkey, invalid mbedtls_mpi) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate, pubkey, total length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate, pubkey, check failed) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY - -X509 Certificate ASN1 (TBSCertificate, pubkey, check failed, expanded length notation) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY - -X509 Certificate ASN1 (TBSCertificate v3, Optional UIDs, Extensions not present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, issuerID wrong tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate v3, UIDs, no ext) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, UIDs, invalid length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb":"":MBEDTLS_ERR_ASN1_INVALID_LENGTH - -X509 Certificate ASN1 (TBSCertificate v3, ext empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, ext length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (TBSCertificate v3, first ext invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, first ext invalid tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, bool len missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, data missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, no octet present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet data missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, no pathlen) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet len mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (ExtKeyUsage, bad second tag) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -x509parse_crt:"3081de3081dba003020102020900ebdbcd14105e1839300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313230353935345a170d3234313130383230353935345a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa321301f301d0603551d250416301406082b0601050507030107082b06010505070302":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 Certificate ASN1 (SubjectAltName repeated) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -x509parse_crt:"3081fd3081faa003020102020900a8b31ff37d09a37f300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313231333731365a170d3234313130383231333731365a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS - -X509 Certificate ASN1 (ExtKeyUsage repeated) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -x509parse_crt:"3081fd3081faa003020102020900ebdbcd14105e1839300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313230353935345a170d3234313130383230353935345a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa340303e301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d250416301406082b0601050507030106082b06010505070302":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS - -X509 Certificate ASN1 (correct pubkey, no sig_alg) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (sig_alg mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500":"":MBEDTLS_ERR_X509_SIG_MISMATCH - -X509 Certificate ASN1 (sig_alg, no sig) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 Certificate ASN1 (signature, invalid sig data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA - -X509 Certificate ASN1 (signature, data left) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 Certificate ASN1 (correct) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (GeneralizedTime instead of UTCTime) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2010-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with X520 CN) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: CN=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with X520 C) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: C=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with X520 L) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: L=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with X520 ST) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ST=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with X520 O) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: O=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with X520 OU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: OU=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with unknown X520 part) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with composite RDN) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509parse_crt:"3082029f30820208a00302010202044c20e3bd300d06092a864886f70d01010505003056310b3009060355040613025553310b300906035504080c0243413121301f060355040a0c18496e7465726e6574205769646769747320507479204c74643117301506035504030c0e4672616e6b656e63657274204341301e170d3133303830323135313433375a170d3135303831373035353433315a3081d1310b3009060355040613025553311330110603550408130a57617368696e67746f6e31133011060b2b0601040182373c0201031302555331193017060b2b0601040182373c020102130844656c6177617265311a3018060355040a1311417574686f72697a652e4e6574204c4c43311d301b060355040f131450726976617465204f7267616e697a6174696f6e312a300e06035504051307343336393139313018060355040313117777772e617574686f72697a652e6e6574311630140603550407130d53616e204672616e636973636f30819f300d06092a864886f70d010101050003818d0030818902818100d885c62e209b6ac005c64f0bcfdaac1f2b67a18802f75b08851ff933deed888b7b68a62fcabdb21d4a8914becfeaaa1b7e08a09ffaf9916563586dc95e2877262b0b5f5ec27eb4d754aa6facd1d39d25b38a2372891bacdd3e919f791ed25704e8920e380e5623a38e6a23935978a3aec7a8e761e211d42effa2713e44e7de0b0203010001300d06092a864886f70d010105050003818100092f7424d3f6da4b8553829d958ed1980b9270b42c0d3d5833509a28c66bb207df9f3c51d122065e00b87c08c2730d2745fe1c279d16fae4d53b4bf5bdfa3631fceeb2e772b6b08a3eca5a2e2c687aefd23b4b73bf77ac6099711342cf070b35c6f61333a7cbf613d8dd4bd73e9df34bcd4284b0b4df57c36c450613f11e5dac":"cert. version \: 3\nserial number \: 4C\:20\:E3\:BD\nissuer name \: C=US, ST=CA, O=Internet Widgits Pty Ltd, CN=Frankencert CA\nsubject name \: C=US, ST=Washington, ??=US, ??=Delaware, O=Authorize.Net LLC, ??=Private Organization, serialNumber=4369191 + CN=www.authorize.net, L=San Francisco\nissued on \: 2013-08-02 15\:14\:37\nexpires on \: 2015-08-17 05\:54\:31\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\n":0 - -X509 Certificate ASN1 (Name with PKCS9 email) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: emailAddress=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (Name with unknown PKCS9 part) -depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 - -X509 Certificate ASN1 (ECDSA signature, RSA key) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C -x509parse_crt:"3081E630819E020103300906072A8648CE3D0401300F310D300B0603550403130454657374301E170D3133303731303039343631385A170D3233303730383039343631385A300F310D300B0603550403130454657374304C300D06092A864886F70D0101010500033B003038023100E8F546061D3B49BC2F6B7524B7EA4D73A8D5293EE8C64D9407B70B5D16BAEBC32B8205591EAB4E1EB57E9241883701250203010001300906072A8648CE3D0401033800303502186E18209AFBED14A0D9A796EFCAD68891E3CCD5F75815C833021900E92B4FD460B1994693243B9FFAD54729DE865381BDA41D25":"cert. version \: 1\nserial number \: 03\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:46\:18\nexpires on \: 2023-07-08 09\:46\:18\nsigned using \: ECDSA with SHA1\nRSA key size \: 384 bits\n":0 - -X509 Certificate ASN1 (ECDSA signature, EC key) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C -x509parse_crt:"3081EB3081A3020900F41534662EC7E912300906072A8648CE3D0401300F310D300B0603550403130454657374301E170D3133303731303039343031395A170D3233303730383039343031395A300F310D300B06035504031304546573743049301306072A8648CE3D020106082A8648CE3D030101033200042137969FABD4E370624A0E1A33E379CAB950CCE00EF8C3C3E2ADAEB7271C8F07659D65D3D777DCF21614363AE4B6E617300906072A8648CE3D04010338003035021858CC0F957946FE6A303D92885A456AA74C743C7B708CBD37021900FE293CAC21AF352D16B82EB8EA54E9410B3ABAADD9F05DD6":"cert. version \: 1\nserial number \: F4\:15\:34\:66\:2E\:C7\:E9\:12\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:40\:19\nexpires on \: 2023-07-08 09\:40\:19\nsigned using \: ECDSA with SHA1\nEC key size \: 192 bits\n":0 - -X509 Certificate ASN1 (RSA signature, EC key) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -x509parse_crt:"3081E430819F020104300D06092A864886F70D0101050500300F310D300B0603550403130454657374301E170D3133303731303135303233375A170D3233303730383135303233375A300F310D300B06035504031304546573743049301306072A8648CE3D020106082A8648CE3D03010103320004E962551A325B21B50CF6B990E33D4318FD16677130726357A196E3EFE7107BCB6BDC6D9DB2A4DF7C964ACFE81798433D300D06092A864886F70D01010505000331001A6C18CD1E457474B2D3912743F44B571341A7859A0122774A8E19A671680878936949F904C9255BDD6FFFDB33A7E6D8":"cert. version \: 1\nserial number \: 04\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 15\:02\:37\nexpires on \: 2023-07-08 15\:02\:37\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\n":0 - -X509 Certificate ASN1 (invalid version 3) -x509parse_crt:"30173015a0030201038204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 Certificate ASN1 (invalid version overflow) -x509parse_crt:"301A3018a00602047FFFFFFF8204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 Certificate ASN1 (invalid SubjectAltNames tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509parse_crt:"308203723082025AA003020102020111300D06092A864886F70D0101050500303B310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C3119301706035504031310506F6C617253534C2054657374204341301E170D3132303531303133323334315A170D3232303531313133323334315A303A310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C311830160603550403130F7777772E6578616D706C652E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100B93C4AC5C8A38E9017A49E52AA7175266180E7C7B56D8CFFAAB64126B7BE11AD5C73160C64114804FFD6E13B05DB89BBB39709D51C14DD688739B03D71CBE276D01AD8182D801B54F6E5449AF1CBAF612EDF490D9D09B7EDB1FD3CFD3CFA24CF5DBF7CE453E725B5EA4422E926D3EA20949EE66167BA2E07670B032FA209EDF0338F0BCE10EF67A4C608DAC1EDC23FD74ADD153DF95E1C8160463EB5B33D2FA6DE471CBC92AEEBDF276B1656B7DCECD15557A56EEC7525F5B77BDFABD23A5A91987D97170B130AA76B4A8BC14730FB3AF84104D5C1DFB81DBF7B01A565A2E01E36B7A65CCC305AF8CD6FCDF1196225CA01E3357FFA20F5DCFD69B26A007D17F70203010001A38181307F30090603551D1304023000301D0603551D0E041604147DE49C6BE6F9717D46D2123DAD6B1DFDC2AA784C301F0603551D23041830168014B45AE4A5B3DED252F6B9D5A6950FEB3EBCC7FDFF30320603551D11042B3029C20B6578616D706C652E636F6D820B6578616D706C652E6E6574820D2A2E6578616D706C652E6F7267300D06092A864886F70D010105050003820101004F09CB7AD5EEF5EF620DDC7BA285D68CCA95B46BDA115B92007513B9CA0BCEEAFBC31FE23F7F217479E2E6BCDA06E52F6FF655C67339CF48BC0D2F0CD27A06C34A4CD9485DA0D07389E4D4851D969A0E5799C66F1D21271F8D0529E840AE823968C39707CF3C934C1ADF2FA6A455487F7C8C1AC922DA24CD9239C68AECB08DF5698267CB04EEDE534196C127DC2FFE33FAD30EB8D432A9842853A5F0D189D5A298E71691BB9CC0418E8C58ACFFE3DD2E7AABB0B97176AD0F2733F7A929D3C076C0BF06407C0ED5A47C8AE2326E16AEDA641FB0557CDBDDF1A4BA447CB39958D2346E00EA976C143AF2101E0AA249107601F4F2C818FDCC6346128B091BF194E6":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CRL ASN1 (Incorrect first tag) -x509parse_crl:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT - -X509 CRL ASN1 (Correct first tag, data length does not match) -x509parse_crl:"300000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 CRL ASN1 (TBSCertList, tag missing) -x509parse_crl:"3000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, version tag len missing) -x509parse_crl:"3003300102":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, version correct, alg missing) -x509parse_crl:"30053003020100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, alg correct, incorrect version) -x509parse_crl:"300b3009020102300406000500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 CRL ASN1 (TBSCertList, correct version, sig_oid1 unknown) -x509parse_crl:"300b3009020100300406000500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG - -X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown) -x509parse_crl:"30143012020100300d06092a864886f70d01010f0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG - -X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"30143012020100300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, issuer set missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"30163014020100300d06092a864886f70d01010e05003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":MBEDTLS_ERR_X509_SIG_MISMATCH - -X509 CRL ASN1 (TBSCertList, sig present, len mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 CRL ASN1 (TBSCertList, sig present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 - -X509 CRL ASN1 (TBSCertList, no entries) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 - -X509 CRL ASN1 (invalid version 2) -x509parse_crl:"30463031020102300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 CRL ASN1 (invalid version overflow) -x509parse_crl:"3049303102047FFFFFFF300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 CRL ASN1 (extension seq too long, crl-idp.pem byte 121) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30300603551d1c0101ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (extension oid too long, crl-idp.pem byte 123) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290628551d1c0101ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (extension critical invalid length, crl-idp.pem byte 128) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0102ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH - -X509 CRL ASN1 (extension data too long, crl-idp.pem byte 131) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff0420301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CRL ASN1 (extension data too short, crl-idp.pem byte 131) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 - -X509 CRT parse path #2 (one cert) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_crt_parse_path:"data_files/dir1":0:1 - -X509 CRT parse path #3 (two certs) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_parse_path:"data_files/dir2":0:2 - -X509 CRT parse path #4 (two certs, one non-cert) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_parse_path:"data_files/dir3":1:2 - -X509 CRT verify long chain (max intermediate CA, trusted) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA:0:0 - -X509 CRT verify long chain (max intermediate CA, untrusted) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_max:"data_files/test-ca2.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA-1:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED - -X509 CRT verify long chain (max intermediate CA + 1) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA+1:MBEDTLS_ERR_X509_FATAL_ERROR:-1 - -X509 CRT verify chain #1 (zero pathlen intermediate) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 - -X509 CRT verify chain #2 (zero pathlen root) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert23.crt data_files/dir4/cert22.crt":"data_files/dir4/cert21.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 - -X509 CRT verify chain #3 (nonzero pathlen root) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert34.crt data_files/dir4/cert33.crt data_files/dir4/cert32.crt":"data_files/dir4/cert31.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 - -X509 CRT verify chain #4 (nonzero pathlen intermediate) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert45.crt data_files/dir4/cert44.crt data_files/dir4/cert43.crt data_files/dir4/cert42.crt":"data_files/dir4/cert41.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 - -X509 CRT verify chain #5 (nonzero maxpathlen intermediate) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert54.crt data_files/dir4/cert53.crt data_files/dir4/cert52.crt":"data_files/dir4/cert51.crt":0:0:"":0 - -X509 CRT verify chain #6 (nonzero maxpathlen root) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:"":0 - -X509 CRT verify chain #7 (maxpathlen root, self signed in path) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert74.crt data_files/dir4/cert73.crt data_files/dir4/cert72.crt":"data_files/dir4/cert71.crt":0:0:"":0 - -X509 CRT verify chain #8 (self signed maxpathlen root) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert61.crt data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:"":0 - -X509 CRT verify chain #9 (zero pathlen first intermediate, valid) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert83.crt data_files/dir4/cert82.crt":"data_files/dir4/cert81.crt":0:0:"":0 - -X509 CRT verify chain #10 (zero pathlen root, valid) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":0:0:"":0 - -X509 CRT verify chain #11 (valid chain, missing profile) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":-1:MBEDTLS_ERR_X509_BAD_INPUT_DATA:"nonesuch":0 - -X509 CRT verify chain #12 (suiteb profile, RSA root) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_crt_verify_chain:"data_files/server3.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"suiteb":0 - -X509 CRT verify chain #13 (RSA only profile, EC root) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server4.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 - -X509 CRT verify chain #13 (RSA only profile, EC trusted EE) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 - -X509 CRT verify chain #14 (RSA-3072 profile, root key too small) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C -mbedtls_x509_crt_verify_chain:"data_files/server1.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 - -X509 CRT verify chain #15 (suiteb profile, rsa intermediate) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server7.crt data_files/test-int-ca.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_PK:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"suiteb":0 - -X509 CRT verify chain #16 (RSA-only profile, EC intermediate) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_crt_verify_chain:"data_files/server8.crt data_files/test-int-ca2.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 - -X509 CRT verify chain #17 (SHA-512 profile) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server7.crt data_files/test-int-ca.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_MD:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"sha512":0 - -X509 CRT verify chain #18 (len=1, vrfy fatal on depth 1) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C -mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca2.crt":-1:-2:"":2 - -X509 CRT verify chain #19 (len=0, vrfy fatal on depth 0) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C -mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca2.crt":-1:-1:"":1 - -X509 CRT verify chain #20 (len=1, vrfy fatal on depth 0) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca.crt":-1:-1:"":1 - -X509 CRT verify chain #21 (len=3, vrfy fatal on depth 3) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-4:"":8 - -X509 CRT verify chain #22 (len=3, vrfy fatal on depth 2) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-3:"":4 - -X509 CRT verify chain #23 (len=3, vrfy fatal on depth 1) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-2:"":2 - -X509 CRT verify chain #24 (len=3, vrfy fatal on depth 0) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-1:"":1 - -X509 CRT verify chain #25 (len=3, vrfy fatal on depth 3, untrusted) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca2.crt":-1:-4:"":8 - -X509 OID description #1 -x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication" - -X509 OID description #2 -x509_oid_desc:"2B0601050507030f":"notfound" - -X509 OID description #3 -x509_oid_desc:"2B0601050507030100":"notfound" - -X509 OID numstring #1 (wide buffer) -x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":20:17 - -X509 OID numstring #2 (buffer just fits) -x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":18:17 - -X509 OID numstring #3 (buffer too small) -x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":17:MBEDTLS_ERR_OID_BUF_TOO_SMALL - -X509 OID numstring #4 (larger number) -x509_oid_numstr:"2A864886F70D":"1.2.840.113549":15:14 - -X509 OID numstring #5 (arithmetic overflow) -x509_oid_numstr:"2A8648F9F8F7F6F5F4F3F2F1F001":"":100:MBEDTLS_ERR_OID_BUF_TOO_SMALL - -X509 crt keyUsage #1 (no extension, expected KU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 - -X509 crt keyUsage #2 (no extension, surprising KU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN:0 - -X509 crt keyUsage #3 (extension present, no KU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":0:0 - -X509 crt keyUsage #4 (extension present, single KU present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE:0 - -X509 crt keyUsage #5 (extension present, single KU absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN:MBEDTLS_ERR_X509_BAD_INPUT_DATA - -X509 crt keyUsage #6 (extension present, combined KU present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 - -X509 crt keyUsage #7 (extension present, combined KU both absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN|MBEDTLS_X509_KU_CRL_SIGN:MBEDTLS_ERR_X509_BAD_INPUT_DATA - -X509 crt keyUsage #8 (extension present, combined KU one absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_KEY_AGREEMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA - -X509 crt keyUsage #9 (extension present, decOnly allowed absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0 - -X509 crt keyUsage #10 (extension present, decOnly non-allowed present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA - -X509 crt keyUsage #11 (extension present, decOnly allowed present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0 - -X509 crt extendedKeyUsage #1 (no extension, serverAuth) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.crt":"2B06010505070301":0 - -X509 crt extendedKeyUsage #2 (single value, present) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.eku-srv.crt":"2B06010505070301":0 - -X509 crt extendedKeyUsage #3 (single value, absent) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.eku-cli.crt":"2B06010505070301":MBEDTLS_ERR_X509_BAD_INPUT_DATA - -X509 crt extendedKeyUsage #4 (two values, first) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2B06010505070301":0 - -X509 crt extendedKeyUsage #5 (two values, second) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2B06010505070302":0 - -X509 crt extendedKeyUsage #6 (two values, other) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2B06010505070303":MBEDTLS_ERR_X509_BAD_INPUT_DATA - -X509 crt extendedKeyUsage #7 (any, random) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_check_extended_key_usage:"data_files/server5.eku-cs_any.crt":"2B060105050703FF":0 - -X509 RSASSA-PSS parameters ASN1 (good, all defaults) -x509_parse_rsassa_pss_params:"":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 - -X509 RSASSA-PSS parameters ASN1 (wrong initial tag) -x509_parse_rsassa_pss_params:"":MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 RSASSA-PSS parameters ASN1 (unknown tag in top-level sequence) -x509_parse_rsassa_pss_params:"A400":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 RSASSA-PSS parameters ASN1 (good, HashAlg SHA256) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_rsassa_pss_params:"A00D300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:0 - -X509 RSASSA-PSS parameters ASN1 (good, explicit HashAlg = default) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_parse_rsassa_pss_params:"A009300706052B0E03021A":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 - -X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #1) -x509_parse_rsassa_pss_params:"A00A300706052B0E03021A":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_parse_rsassa_pss_params:"A00A300706052B0E03021A00":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 RSASSA-PSS parameters ASN1 (HashAlg with parameters) -x509_parse_rsassa_pss_params:"A00F300D06096086480165030402013000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_INVALID_DATA - -X509 RSASSA-PSS parameters ASN1 (HashAlg unknown OID) -x509_parse_rsassa_pss_params:"A00D300B06096086480165030402FF":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_OID_NOT_FOUND - -X509 RSASSA-PSS parameters ASN1 (good, MGAlg = MGF1-SHA256) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:0 - -X509 RSASSA-PSS parameters ASN1 (good, explicit MGAlg = default) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_parse_rsassa_pss_params:"A116301406092A864886F70D010108300706052B0E03021A":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 - -X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #1) -x509_parse_rsassa_pss_params:"A11B301806092A864886F70D010108300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_rsassa_pss_params:"A11B301806092A864886F70D010108300B060960864801650304020100":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 RSASSA-PSS parameters ASN1 (MGAlg AlgId wrong len #1) -x509_parse_rsassa_pss_params:"A11A301906092A864886F70D010108300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (MGAlg OID != MGF1) -x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010109300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + MBEDTLS_ERR_OID_NOT_FOUND - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong tag) -x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108310B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1a) -x509_parse_rsassa_pss_params:"A10F300D06092A864886F70D0101083000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1b) -x509_parse_rsassa_pss_params:"A11B301906092A864886F70D010108300C0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg not an OID) -x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B0709608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg unknown OID) -x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B06096086480165030402FF":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_OID_NOT_FOUND - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params NULL) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_rsassa_pss_params:"A11C301A06092A864886F70D010108300D06096086480165030402010500":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:0 - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params wrong tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_rsassa_pss_params:"A11C301A06092A864886F70D010108300D06096086480165030402013000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1c) -x509_parse_rsassa_pss_params:"A11D301B06092A864886F70D010108300E06096086480165030402010500":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_rsassa_pss_params:"A11D301B06092A864886F70D010108300E0609608648016503040201050000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 RSASSA-PSS parameters ASN1 (good, saltLen = 94) -x509_parse_rsassa_pss_params:"A20302015E":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:0 - -X509 RSASSA-PSS parameters ASN1 (good, explicit saltLen = default) -x509_parse_rsassa_pss_params:"A203020114":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 - -X509 RSASSA-PSS parameters ASN1 (saltLen wrong len #1) -x509_parse_rsassa_pss_params:"A20402015E":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (saltLen wrong len #2) -x509_parse_rsassa_pss_params:"A20402015E00":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 RSASSA-PSS parameters ASN1 (saltLen not an int) -x509_parse_rsassa_pss_params:"A2023000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 RSASSA-PSS parameters ASN1 (good, explicit trailerField = default) -x509_parse_rsassa_pss_params:"A303020101":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 - -X509 RSASSA-PSS parameters ASN1 (trailerField wrong len #1) -x509_parse_rsassa_pss_params:"A304020101":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 RSASSA-PSS parameters ASN1 (trailerField wrong len #2) -x509_parse_rsassa_pss_params:"A30402010100":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 RSASSA-PSS parameters ASN1 (trailerField not an int) -x509_parse_rsassa_pss_params:"A3023000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 RSASSA-PSS parameters ASN1 (trailerField not 1) -x509_parse_rsassa_pss_params:"A303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG - -X509 CSR ASN.1 (OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_parse:"308201183081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010349003046022100B49FD8C8F77ABFA871908DFBE684A08A793D0F490A43D86FCF2086E4F24BB0C2022100F829D5CCD3742369299E6294394717C4B723A0F68B44E831B6E6C3BCABF97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0 - -X509 CSR ASN.1 (bad first tag) -mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT - -X509 CSR ASN.1 (bad sequence: overlong) -mbedtls_x509_csr_parse:"3001":"":MBEDTLS_ERR_X509_INVALID_FORMAT - -X509 CSR ASN.1 (total length mistmatch) -mbedtls_x509_csr_parse:"30010000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 CSR ASN.1 (bad CRI: not a sequence) -mbedtls_x509_csr_parse:"30023100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad CRI: overlong) -mbedtls_x509_csr_parse:"30023001":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad CRI.Version: overlong) -mbedtls_x509_csr_parse:"30053002020100":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad CRI.Version: not v1) -mbedtls_x509_csr_parse:"30053003020101":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 CSR ASN.1 (bad CRI.Name: not a sequence) -mbedtls_x509_csr_parse:"300730050201003100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad CRI.Name: overlong) -mbedtls_x509_csr_parse:"30083005020100300100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad CRI.Name payload: not a set) -mbedtls_x509_csr_parse:"3009300702010030023000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad CRI.Name payload: overlong) -mbedtls_x509_csr_parse:"300A30080201003002310100":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad SubjectPublicKeyInfo: missing) -mbedtls_x509_csr_parse:"30143012020100300D310B3009060355040613024E4C":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad SubjectPublicKeyInfo: not a sequence) -mbedtls_x509_csr_parse:"30163014020100300D310B3009060355040613024E4C3100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad SubjectPublicKeyInfo: overlong) -mbedtls_x509_csr_parse:"30173014020100300D310B3009060355040613024E4C300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad attributes: missing) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"3081973081940201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad attributes: bad tag) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"3081993081960201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad attributes: overlong) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"30819A3081960201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA00100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad sigAlg: missing) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"3081C23081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad sigAlg: not a sequence) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"3081C43081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E03100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad sigAlg: overlong) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"3081C43081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E03001":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad sigAlg: unknown) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -mbedtls_x509_csr_parse:"3081CD3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04FF":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG - -X509 CSR ASN.1 (bad sig: missing) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_parse:"3081CD3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D0401":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (bad sig: not a bit string) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_parse:"3081CF3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010400":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -X509 CSR ASN.1 (bad sig: overlong) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_parse:"3081CF3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010301":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA - -X509 CSR ASN.1 (extra data after signature) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_parse:"308201193081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010349003046022100B49FD8C8F77ABFA871908DFBE684A08A793D0F490A43D86FCF2086E4F24BB0C2022100F829D5CCD3742369299E6294394717C4B723A0F68B44E831B6E6C3BCABF9724300":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -X509 CSR ASN.1 (invalid version overflow) -mbedtls_x509_csr_parse:"3008300602047FFFFFFF":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION - -X509 File parse (no issues) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_int-ca.crt":0 - -X509 File parse (extra space in one certificate) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_pem_space.crt":1 - -X509 File parse (all certificates fail) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER - -X509 File parse (trailing spaces, OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_trailing_space.crt":0 - -X509 Get time (UTC no issues) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"500101000000Z":0:1950:1:1:0:0:0 - -X509 Get time (Generalized Time no issues) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"99991231235959Z":0:9999:12:31:23:59:59 - -X509 Get time (UTC year without leap day) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"490229121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC year with leap day) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212Z":0:2000:2:29:12:12:12 - -X509 Get time (UTC invalid day of month #1) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000132121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid day of month #2) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001131121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid hour) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130241212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid min) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130236012Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid sec) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130235960Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC without time zone) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212":0:2000:2:29:12:12:12 - -X509 Get time (UTC with invalid time zone #1) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212J":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC with invalid time zone #2) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212+0300":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (Date with invalid tag) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_CONTEXT_SPECIFIC:"000229121212":MBEDTLS_ERR_X509_INVALID_DATE+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:0:0:0:0:0:0 - -X509 Get time (UTC, truncated) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (Generalized Time, truncated) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"20000229121":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC without seconds) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212":MBEDTLS_ERR_X509_INVALID_DATE:2000:2:29:12:12:0 - -X509 Get time (UTC without seconds and with invalid time zone #1) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212J":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC without second and with invalid time zone #2) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212+0300":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid character in year) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid character in month) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001%30231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid character in day) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0011`0231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid character in hour) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0011302h1212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid character in min) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"00113023u012Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (UTC invalid character in sec) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0011302359n0Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (Generalized Time, year multiple of 100 but not 400 is not a leap year) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19000229000000Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 Get time (Generalized Time, year multiple of 4 but not 100 is a leap year) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19920229000000Z":0:1992:2:29:0:0:0 - -X509 Get time (Generalized Time, year multiple of 400 is a leap year) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"20000229000000Z":0:2000:2:29:0:0:0 - -X509 Get time (Generalized Time invalid leap year not multiple of 4, 100 or 400) -depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19910229000000Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 - -X509 cert verify restart: trusted EE, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:0:0:0 - -X509 cert verify restart: trusted EE, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:1:0:0 - -X509 cert verify restart: no intermediate, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:0:0:0 - -X509 cert verify restart: no intermediate, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:1:100:10000 - -X509 cert verify restart: no intermediate, max_ops=40000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:40000:0:0 - -X509 cert verify restart: no intermediate, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:500:20:80 - -X509 cert verify restart: no intermediate, badsign, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 - -X509 cert verify restart: no intermediate, badsign, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 - -X509 cert verify restart: no intermediate, badsign, max_ops=40000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:40000:0:0 - -X509 cert verify restart: no intermediate, badsign, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED -x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:20:80 - -X509 cert verify restart: one int, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:0:0:0 - -X509 cert verify restart: one int, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:1:100:10000 - -X509 cert verify restart: one int, max_ops=30000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:30000:0:0 - -X509 cert verify restart: one int, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:500:25:100 - -X509 cert verify restart: one int, EE badsign, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 - -X509 cert verify restart: one int, EE badsign, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 - -X509 cert verify restart: one int, EE badsign, max_ops=30000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0 - -X509 cert verify restart: one int, EE badsign, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100 - -X509 cert verify restart: one int, int badsign, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 - -X509 cert verify restart: one int, int badsign, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 - -X509 cert verify restart: one int, int badsign, max_ops=30000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0 - -X509 cert verify restart: one int, int badsign, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C -x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100 diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function deleted file mode 100644 index 4a826082b..000000000 --- a/tests/suites/test_suite_x509parse.function +++ /dev/null @@ -1,861 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/bignum.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_csr.h" -#include "mbedtls/pem.h" -#include "mbedtls/oid.h" -#include "mbedtls/base64.h" -#include "string.h" - -#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 -#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ -than the current threshold 19. To test larger values, please \ -adapt the script tests/data_files/dir-max/long.sh." -#endif - -/* Profile for backward compatibility. Allows SHA-1, unlike the default - profile. */ -const mbedtls_x509_crt_profile compat_profile = -{ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 1024, -}; - -const mbedtls_x509_crt_profile profile_rsa3072 = -{ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ), - 0, - 3072, -}; - -const mbedtls_x509_crt_profile profile_sha512 = -{ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 1024, -}; - -int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) -{ - ((void) data); - ((void) crt); - ((void) certificate_depth); - *flags |= MBEDTLS_X509_BADCERT_OTHER; - - return 0; -} - -int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) -{ - ((void) data); - ((void) crt); - ((void) certificate_depth); - *flags = 0; - - return 0; -} - -int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) -{ - int *levels = (int *) data; - - ((void) crt); - ((void) certificate_depth); - - /* Simulate a fatal error in the callback */ - if( *levels & ( 1 << certificate_depth ) ) - { - *flags |= ( 1 << certificate_depth ); - return( -1 - certificate_depth ); - } - - return( 0 ); -} - -/* strsep() not available on Windows */ -char *mystrsep(char **stringp, const char *delim) -{ - const char *p; - char *ret = *stringp; - - if( *stringp == NULL ) - return( NULL ); - - for( ; ; (*stringp)++ ) - { - if( **stringp == '\0' ) - { - *stringp = NULL; - goto done; - } - - for( p = delim; *p != '\0'; p++ ) - if( **stringp == *p ) - { - **stringp = '\0'; - (*stringp)++; - goto done; - } - } - -done: - return( ret ); -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -typedef struct { - char buf[512]; - char *p; -} verify_print_context; - -void verify_print_init( verify_print_context *ctx ) -{ - memset( ctx, 0, sizeof( verify_print_context ) ); - ctx->p = ctx->buf; -} - -int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) -{ - int ret; - verify_print_context *ctx = (verify_print_context *) data; - char *p = ctx->p; - size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p; - ((void) flags); - - ret = mbedtls_snprintf( p, n, "depth %d - serial ", certificate_depth ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, " - subject " ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, " - flags 0x%08x\n", *flags ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ctx->p = p; - - return( 0 ); -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_cert_info( char * crt_file, char * result_str ) -{ - mbedtls_x509_crt crt; - char buf[2000]; - int res; - - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - res = mbedtls_x509_crt_info( buf, 2000, "", &crt ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ -void mbedtls_x509_crl_info( char * crl_file, char * result_str ) -{ - mbedtls_x509_crl crl; - char buf[2000]; - int res; - - mbedtls_x509_crl_init( &crl ); - memset( buf, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); - res = mbedtls_x509_crl_info( buf, 2000, "", &crl ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); - -exit: - mbedtls_x509_crl_free( &crl ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ -void mbedtls_x509_crl_parse( char * crl_file, int result ) -{ - mbedtls_x509_crl crl; - char buf[2000]; - - mbedtls_x509_crl_init( &crl ); - memset( buf, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == result ); - -exit: - mbedtls_x509_crl_free( &crl ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ -void mbedtls_x509_csr_info( char * csr_file, char * result_str ) -{ - mbedtls_x509_csr csr; - char buf[2000]; - int res; - - mbedtls_x509_csr_init( &csr ); - memset( buf, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_csr_parse_file( &csr, csr_file ) == 0 ); - res = mbedtls_x509_csr_info( buf, 2000, "", &csr ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); - -exit: - mbedtls_x509_csr_free( &csr ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509_verify_info( int flags, char * prefix, char * result_str ) -{ - char buf[2000]; - int res; - - memset( buf, 0, sizeof( buf ) ); - - res = mbedtls_x509_crt_verify_info( buf, sizeof( buf ), prefix, flags ); - - TEST_ASSERT( res >= 0 ); - - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */ -void x509_verify_restart( char *crt_file, char *ca_file, - int result, int flags_result, - int max_ops, int min_restart, int max_restart ) -{ - int ret, cnt_restart; - mbedtls_x509_crt_restart_ctx rs_ctx; - mbedtls_x509_crt crt; - mbedtls_x509_crt ca; - uint32_t flags = 0; - - /* - * See comments on ecp_test_vect_restart() for op count precision. - * - * For reference, with mbed TLS 2.6 and default settings: - * - ecdsa_verify() for P-256: ~ 6700 - * - ecdsa_verify() for P-384: ~ 18800 - * - x509_verify() for server5 -> test-ca2: ~ 18800 - * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500 - */ - - mbedtls_x509_crt_restart_init( &rs_ctx ); - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); - - mbedtls_ecp_set_max_ops( max_ops ); - - cnt_restart = 0; - do { - ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, - &mbedtls_x509_crt_profile_default, NULL, &flags, - NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); - - TEST_ASSERT( ret == result ); - TEST_ASSERT( flags == (uint32_t) flags_result ); - - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); - - /* Do we leak memory when aborting? */ - ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, - &mbedtls_x509_crt_profile_default, NULL, &flags, - NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - -exit: - mbedtls_x509_crt_restart_free( &rs_ctx ); - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */ -void x509_verify( char *crt_file, char *ca_file, char *crl_file, - char *cn_name_str, int result, int flags_result, - char *profile_str, - char *verify_callback ) -{ - mbedtls_x509_crt crt; - mbedtls_x509_crt ca; - mbedtls_x509_crl crl; - uint32_t flags = 0; - int res; - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL; - char * cn_name = NULL; - const mbedtls_x509_crt_profile *profile; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - TEST_ASSERT( psa_crypto_init() == 0 ); -#endif - - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - mbedtls_x509_crl_init( &crl ); - - if( strcmp( cn_name_str, "NULL" ) != 0 ) - cn_name = cn_name_str; - - if( strcmp( profile_str, "" ) == 0 ) - profile = &mbedtls_x509_crt_profile_default; - else if( strcmp( profile_str, "next" ) == 0 ) - profile = &mbedtls_x509_crt_profile_next; - else if( strcmp( profile_str, "suite_b" ) == 0 ) - profile = &mbedtls_x509_crt_profile_suiteb; - else if( strcmp( profile_str, "compat" ) == 0 ) - profile = &compat_profile; - else - TEST_ASSERT( "Unknown algorithm profile" == 0 ); - - if( strcmp( verify_callback, "NULL" ) == 0 ) - f_vrfy = NULL; - else if( strcmp( verify_callback, "verify_none" ) == 0 ) - f_vrfy = verify_none; - else if( strcmp( verify_callback, "verify_all" ) == 0 ) - f_vrfy = verify_all; - else - TEST_ASSERT( "No known verify callback selected" == 0 ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); - - res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile, cn_name, &flags, f_vrfy, NULL ); - - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); - -exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); - mbedtls_x509_crl_free( &crl ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_verify_callback( char *crt_file, char *ca_file, char *name, - int exp_ret, char *exp_vrfy_out ) -{ - int ret; - mbedtls_x509_crt crt; - mbedtls_x509_crt ca; - uint32_t flags = 0; - verify_print_context vrfy_ctx; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - TEST_ASSERT( psa_crypto_init() == 0 ); -#endif - - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - verify_print_init( &vrfy_ctx ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); - - if( strcmp( name, "NULL" ) == 0 ) - name = NULL; - - ret = mbedtls_x509_crt_verify_with_profile( &crt, &ca, NULL, - &compat_profile, - name, &flags, - verify_print, &vrfy_ctx ); - - TEST_ASSERT( ret == exp_ret ); - TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 ); - -exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) -{ - mbedtls_x509_crt crt; - char buf[2000]; - int res = 0; - - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - if( strcmp( entity, "subject" ) == 0 ) - res = mbedtls_x509_dn_gets( buf, 2000, &crt.subject ); - else if( strcmp( entity, "issuer" ) == 0 ) - res = mbedtls_x509_dn_gets( buf, 2000, &crt.issuer ); - else - TEST_ASSERT( "Unknown entity" == 0 ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result ) -{ - mbedtls_x509_crt crt; - - mbedtls_x509_crt_init( &crt ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - - if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_from ) == result ); - else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_to ) == result ); - else - TEST_ASSERT( "Unknown entity" == 0 ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_time_is_future( char * crt_file, char * entity, int result ) -{ - mbedtls_x509_crt crt; - - mbedtls_x509_crt_init( &crt ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - - if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_from ) == result ); - else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_to ) == result ); - else - TEST_ASSERT( "Unknown entity" == 0 ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ -void x509parse_crt_file( char * crt_file, int result ) -{ - mbedtls_x509_crt crt; - - mbedtls_x509_crt_init( &crt ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == result ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509parse_crt( data_t * buf, char * result_str, int result ) -{ - mbedtls_x509_crt crt; - unsigned char output[2000]; - int res; - - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); - } - - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); - - TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); - } - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ -void x509parse_crl( data_t * buf, char * result_str, int result ) -{ - mbedtls_x509_crl crl; - unsigned char output[2000]; - int res; - - mbedtls_x509_crl_init( &crl ); - memset( output, 0, 2000 ); - - - TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl ); - - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); - } - -exit: - mbedtls_x509_crl_free( &crl ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ -void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) -{ - mbedtls_x509_csr csr; - char my_out[1000]; - int my_ret; - - mbedtls_x509_csr_init( &csr ); - memset( my_out, 0, sizeof( my_out ) ); - - my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der->x, csr_der->len ); - TEST_ASSERT( my_ret == ref_ret ); - - if( ref_ret == 0 ) - { - size_t my_out_len = mbedtls_x509_csr_info( my_out, sizeof( my_out ), "", &csr ); - TEST_ASSERT( my_out_len == strlen( ref_out ) ); - TEST_ASSERT( strcmp( my_out, ref_out ) == 0 ); - } - -exit: - mbedtls_x509_csr_free( &csr ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_parse_path( char * crt_path, int ret, int nb_crt ) -{ - mbedtls_x509_crt chain, *cur; - int i; - - mbedtls_x509_crt_init( &chain ); - - TEST_ASSERT( mbedtls_x509_crt_parse_path( &chain, crt_path ) == ret ); - - /* Check how many certs we got */ - for( i = 0, cur = &chain; cur != NULL; cur = cur->next ) - if( cur->raw.p != NULL ) - i++; - - TEST_ASSERT( i == nb_crt ); - -exit: - mbedtls_x509_crt_free( &chain ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, - int ret_chk, int flags_chk ) -{ - char file_buf[128]; - int ret; - uint32_t flags; - mbedtls_x509_crt trusted, chain; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - TEST_ASSERT( psa_crypto_init() == 0 ); -#endif - - /* - * We expect chain_dir to contain certificates 00.crt, 01.crt, etc. - * with NN.crt signed by NN-1.crt - */ - - mbedtls_x509_crt_init( &trusted ); - mbedtls_x509_crt_init( &chain ); - - /* Load trusted root */ - TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 ); - - /* Load a chain with nb_int intermediates (from 01 to nb_int), - * plus one "end-entity" cert (nb_int + 1) */ - ret = mbedtls_snprintf( file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir, - nb_int + 1 ); - TEST_ASSERT( ret > 0 && (size_t) ret < sizeof file_buf ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 ); - - /* Try to verify that chain */ - ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, - NULL, NULL ); - TEST_ASSERT( ret == ret_chk ); - TEST_ASSERT( flags == (uint32_t) flags_chk ); - -exit: - mbedtls_x509_crt_free( &chain ); - mbedtls_x509_crt_free( &trusted ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, - int flags_result, int result, - char *profile_name, int vrfy_fatal_lvls ) -{ - char* act; - uint32_t flags; - int res; - mbedtls_x509_crt trusted, chain; - const mbedtls_x509_crt_profile *profile = NULL; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - TEST_ASSERT( psa_crypto_init() == 0 ); -#endif - - mbedtls_x509_crt_init( &chain ); - mbedtls_x509_crt_init( &trusted ); - - while( ( act = mystrsep( &chain_paths, " " ) ) != NULL ) - TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 ); - - if( strcmp( profile_name, "" ) == 0 ) - profile = &mbedtls_x509_crt_profile_default; - else if( strcmp( profile_name, "next" ) == 0 ) - profile = &mbedtls_x509_crt_profile_next; - else if( strcmp( profile_name, "suiteb" ) == 0 ) - profile = &mbedtls_x509_crt_profile_suiteb; - else if( strcmp( profile_name, "rsa3072" ) == 0 ) - profile = &profile_rsa3072; - else if( strcmp( profile_name, "sha512" ) == 0 ) - profile = &profile_sha512; - - res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile, - NULL, &flags, verify_fatal, &vrfy_fatal_lvls ); - - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); - -exit: - mbedtls_x509_crt_free( &trusted ); - mbedtls_x509_crt_free( &chain ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_oid_desc( data_t * buf, char * ref_desc ) -{ - mbedtls_x509_buf oid; - const char *desc = NULL; - int ret; - - - oid.tag = MBEDTLS_ASN1_OID; - oid.p = buf->x; - oid.len = buf->len; - - ret = mbedtls_oid_get_extended_key_usage( &oid, &desc ); - - if( strcmp( ref_desc, "notfound" ) == 0 ) - { - TEST_ASSERT( ret != 0 ); - TEST_ASSERT( desc == NULL ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( desc != NULL ); - TEST_ASSERT( strcmp( desc, ref_desc ) == 0 ); - } -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret ) -{ - mbedtls_x509_buf oid; - char num_buf[100]; - - memset( num_buf, 0x2a, sizeof num_buf ); - - oid.tag = MBEDTLS_ASN1_OID; - oid.p = oid_buf->x; - oid.len = oid_buf->len; - - TEST_ASSERT( (size_t) blen <= sizeof num_buf ); - - TEST_ASSERT( mbedtls_oid_get_numeric_string( num_buf, blen, &oid ) == ret ); - - if( ret >= 0 ) - { - TEST_ASSERT( num_buf[ret] == 0 ); - TEST_ASSERT( strcmp( num_buf, numstr ) == 0 ); - } -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */ -void x509_check_key_usage( char * crt_file, int usage, int ret ) -{ - mbedtls_x509_crt crt; - - mbedtls_x509_crt_init( &crt ); - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - - TEST_ASSERT( mbedtls_x509_crt_check_key_usage( &crt, usage ) == ret ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret - ) -{ - mbedtls_x509_crt crt; - - mbedtls_x509_crt_init( &crt ); - - - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - - TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, (const char *)oid->x, oid->len ) == ret ); - -exit: - mbedtls_x509_crt_free( &crt ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_get_time( int tag, char * time_str, int ret, int year, int mon, - int day, int hour, int min, int sec ) -{ - mbedtls_x509_time time; - unsigned char buf[21]; - unsigned char* start = buf; - unsigned char* end = buf; - - memset( &time, 0x00, sizeof( time ) ); - *end = (unsigned char)tag; end++; - *end = strlen( time_str ); - TEST_ASSERT( *end < 20 ); - end++; - memcpy( end, time_str, (size_t)*(end - 1) ); - end += *(end - 1); - - TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret ); - if( ret == 0 ) - { - TEST_ASSERT( year == time.year ); - TEST_ASSERT( mon == time.mon ); - TEST_ASSERT( day == time.day ); - TEST_ASSERT( hour == time.hour ); - TEST_ASSERT( min == time.min ); - TEST_ASSERT( sec == time.sec ); - } -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -void x509_parse_rsassa_pss_params( data_t * hex_params, int params_tag, - int ref_msg_md, int ref_mgf_md, - int ref_salt_len, int ref_ret ) -{ - int my_ret; - mbedtls_x509_buf params; - mbedtls_md_type_t my_msg_md, my_mgf_md; - int my_salt_len; - - params.p = hex_params->x; - params.len = hex_params->len; - params.tag = params_tag; - - my_ret = mbedtls_x509_get_rsassa_pss_params( ¶ms, &my_msg_md, &my_mgf_md, - &my_salt_len ); - - TEST_ASSERT( my_ret == ref_ret ); - - if( ref_ret == 0 ) - { - TEST_ASSERT( my_msg_md == (mbedtls_md_type_t) ref_msg_md ); - TEST_ASSERT( my_mgf_md == (mbedtls_md_type_t) ref_mgf_md ); - TEST_ASSERT( my_salt_len == ref_salt_len ); - } - -exit: - ;; -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */ -void x509_selftest( ) -{ - TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 ); -} -/* END_CASE */ diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data deleted file mode 100644 index 54d72701e..000000000 --- a/tests/suites/test_suite_x509write.data +++ /dev/null @@ -1,105 +0,0 @@ -Certificate Request check Server1 SHA1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0 - -Certificate Request check Server1 SHA224 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0 - -Certificate Request check Server1 SHA256 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0 - -Certificate Request check Server1 SHA384 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0 - -Certificate Request check Server1 SHA512 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0 - -Certificate Request check Server1 MD4 -depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0 - -Certificate Request check Server1 MD5 -depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0 - -Certificate Request check Server1 key_usage -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0 - -Certificate Request check Server1 key_usage empty -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0 - -Certificate Request check Server1 ns_cert_type -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 - -Certificate Request check Server1 ns_cert_type empty -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1 - -Certificate Request check Server1 key_usage + ns_cert_type -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 - -Certificate Request check Server5 ECDSA, key_usage -depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0 - -Certificate Request check opaque Server5 ECDSA, key_usage -depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 - -Certificate write check Server1 SHA1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0 - -Certificate write check Server1 SHA1, key_usage -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0 - -Certificate write check Server1 SHA1, ns_cert_type -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0 - -Certificate write check Server1 SHA1, version 1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0 - -Certificate write check Server1 SHA1, RSA_ALT -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1 - -Certificate write check Server1 SHA1, RSA_ALT, key_usage -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1 - -Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1 - -Certificate write check Server1 SHA1, RSA_ALT, version 1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1 - -X509 String to Names #1 -mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0 - -X509 String to Names #2 -mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID - -X509 String to Names #3 (Name precisely 255 bytes) -mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0 - -X509 String to Names #4 (Name larger than 255 bytes) -mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME - -X509 String to Names #5 (Escape non-allowed characters) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME - -X509 String to Names #6 (Escape at end) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\":"":MBEDTLS_ERR_X509_INVALID_NAME diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function deleted file mode 100644 index e15802ff1..000000000 --- a/tests/suites/test_suite_x509write.function +++ /dev/null @@ -1,338 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/bignum.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" -#include "mbedtls/pem.h" -#include "mbedtls/oid.h" -#include "mbedtls/rsa.h" -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif - - -#if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) -{ - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, - input, output, output_max_len ) ); -} -int mbedtls_rsa_sign_func( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) -{ - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, - md_alg, hashlen, hash, sig ) ); -} -size_t mbedtls_rsa_key_len_func( void *ctx ) -{ - return( ((const mbedtls_rsa_context *) ctx)->len ); -} -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen ) -{ - unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; - mbedtls_x509_csr csr; - - if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - md_info = mbedtls_md_info_from_type( csr.sig_md ); - if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) - { - /* Note: this can't happen except after an internal error */ - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - } - - if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, - csr.sig_md, hash, mbedtls_md_get_size( md_info ), - csr.sig.p, csr.sig.len ) != 0 ) - { - return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); - } - - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ -void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, - int key_usage, int set_key_usage, int cert_type, - int set_cert_type ) -{ - mbedtls_pk_context key; - mbedtls_x509write_csr req; - unsigned char buf[4096]; - unsigned char check_buf[4000]; - int ret; - size_t olen = 0, pem_len = 0; - int der_len = -1; - FILE *f; - const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; - rnd_pseudo_info rnd_info; - - memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); - - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); - - mbedtls_x509write_csr_init( &req ); - mbedtls_x509write_csr_set_md_alg( &req, md_type ); - mbedtls_x509write_csr_set_key( &req, &key ); - TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( set_key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( set_cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); - - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); - - pem_len = strlen( (char *) buf ); - - f = fopen( cert_req_check_file, "r" ); - TEST_ASSERT( f != NULL ); - olen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); - - TEST_ASSERT( olen >= pem_len - 1 ); - TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); - - der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ), - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( der_len >= 0 ); - - if( der_len == 0 ) - goto exit; - - ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ), - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - -exit: - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ -void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, - int cert_type ) -{ - mbedtls_pk_context key; - psa_key_handle_t slot; - psa_algorithm_t md_alg_psa; - mbedtls_x509write_csr req; - unsigned char buf[4096]; - int ret; - size_t pem_len = 0; - const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; - rnd_pseudo_info rnd_info; - - psa_crypto_init(); - memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); - - md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type ); - TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); - - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 ); - - mbedtls_x509write_csr_init( &req ); - mbedtls_x509write_csr_set_md_alg( &req, md_type ); - mbedtls_x509write_csr_set_key( &req, &key ); - TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); - - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1, - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); - - pem_len = strlen( (char *) buf ); - buf[pem_len] = '\0'; - TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 ); - -exit: - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ -void x509_crt_check( char *subject_key_file, char *subject_pwd, - char *subject_name, char *issuer_key_file, - char *issuer_pwd, char *issuer_name, - char *serial_str, char *not_before, char *not_after, - int md_type, int key_usage, int set_key_usage, - int cert_type, int set_cert_type, int auth_ident, - int ver, char *cert_check_file, int rsa_alt ) -{ - mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; - mbedtls_pk_context *key = &issuer_key; - - mbedtls_x509write_cert crt; - unsigned char buf[4096]; - unsigned char check_buf[5000]; - mbedtls_mpi serial; - int ret; - size_t olen = 0, pem_len = 0; - int der_len = -1; - FILE *f; - rnd_pseudo_info rnd_info; - - memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); - mbedtls_mpi_init( &serial ); - - mbedtls_pk_init( &subject_key ); - mbedtls_pk_init( &issuer_key ); - mbedtls_pk_init( &issuer_key_alt ); - - mbedtls_x509write_crt_init( &crt ); - - TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file, - subject_pwd ) == 0 ); - - TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file, - issuer_pwd ) == 0 ); - -#if defined(MBEDTLS_RSA_C) - /* For RSA PK contexts, create a copy as an alternative RSA context. */ - if( rsa_alt == 1 && mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA ) - { - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt, - mbedtls_pk_rsa( issuer_key ), - mbedtls_rsa_decrypt_func, - mbedtls_rsa_sign_func, - mbedtls_rsa_key_len_func ) == 0 ); - - key = &issuer_key_alt; - } -#else - (void) rsa_alt; -#endif - - TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 ); - - if( ver != -1 ) - mbedtls_x509write_crt_set_version( &crt, ver ); - - TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before, - not_after ) == 0 ); - mbedtls_x509write_crt_set_md_alg( &crt, md_type ); - TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 ); - mbedtls_x509write_crt_set_subject_key( &crt, &subject_key ); - - mbedtls_x509write_crt_set_issuer_key( &crt, key ); - - if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 ) - { - TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 ); - if( auth_ident ) - TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 ); - if( set_key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 ); - if( set_cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 ); - } - - ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ), - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); - - pem_len = strlen( (char *) buf ); - - f = fopen( cert_check_file, "r" ); - TEST_ASSERT( f != NULL ); - olen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); - TEST_ASSERT( olen < sizeof( check_buf ) ); - - TEST_ASSERT( olen >= pem_len - 1 ); - TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); - - der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ), - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( der_len >= 0 ); - - if( der_len == 0 ) - goto exit; - - ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ), - rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - -exit: - mbedtls_x509write_crt_free( &crt ); - mbedtls_pk_free( &issuer_key_alt ); - mbedtls_pk_free( &subject_key ); - mbedtls_pk_free( &issuer_key ); - mbedtls_mpi_free( &serial ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ -void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result - ) -{ - int ret; - size_t len = 0; - mbedtls_asn1_named_data *names = NULL; - mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; - unsigned char buf[1024], out[1024], *c; - - memset( &parsed, 0, sizeof( parsed ) ); - memset( out, 0, sizeof( out ) ); - memset( buf, 0, sizeof( buf ) ); - c = buf + sizeof( buf ); - - ret = mbedtls_x509_string_to_names( &names, name ); - TEST_ASSERT( ret == result ); - - if( ret != 0 ) - goto exit; - - ret = mbedtls_x509_write_names( &c, buf, names ); - TEST_ASSERT( ret > 0 ); - - TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 ); - TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 ); - - ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed ); - TEST_ASSERT( ret > 0 ); - - TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 ); - -exit: - mbedtls_asn1_free_named_data_list( &names ); - - parsed_cur = parsed.next; - while( parsed_cur != 0 ) - { - parsed_prv = parsed_cur; - parsed_cur = parsed_cur->next; - mbedtls_free( parsed_prv ); - } -} -/* END_CASE */ From 120d571e8e835afde4a5c31fdc26c2452c0b54d7 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 7 Mar 2019 15:32:49 +0000 Subject: [PATCH 1122/2197] tests: Use parent module includes when used as a submodule For Makefiles, enable overriding where includes can come from in order to enable the parent module to set the include path. This allows the parent module to specify that its config.h should be used, even when the submodule when built standalone would use a different config.h. For CMake, always look in the parent's include folder and our own. List the parent's include folder first, so that preference is given to parent include files. --- tests/CMakeLists.txt | 4 ++++ tests/Makefile | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 4720008c6..06df85dfe 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -43,6 +43,10 @@ function(add_test_suite suite_name) include_directories(${CMAKE_CURRENT_SOURCE_DIR}) add_executable(test_suite_${data_name} test_suite_${data_name}.c) target_link_libraries(test_suite_${data_name} ${libs}) + target_include_directories(test_suite_${data_name} + PUBLIC ${CMAKE_SOURCE_DIR}/include/ + PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") else() diff --git a/tests/Makefile b/tests/Makefile index 1512fa7f6..50a054969 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -6,7 +6,8 @@ CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement -Wno-unused-function -Wno-unused-value LDFLAGS ?= -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -I../library -D_FILE_OFFSET_BITS=64 +CRYPTO_INCLUDES ?= -I../include +LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -I../library -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ -lmbedtls$(SHARED_SUFFIX) \ -lmbedx509$(SHARED_SUFFIX) \ From 1264c2a86f0b578b6f82a4c1993a22cbbe956a27 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 7 Mar 2019 16:01:11 +0000 Subject: [PATCH 1123/2197] tests: Exclude version suite when used as a submodule The version test suite is duplicated between Mbed TLS and Mbed Crypto. Use TLS's copy and not Crypto's copy when Crypto is used as a submodule of TLS. The version test is the only test that is tested from both TLS and Crypto, despite being entirely in libmbedcrypto. This is because the test data is code-gen'd from the version updating script and the version between Mbed TLS and Mbed Crypto don't necessarily always agree. The test data must come from the top level module, as only the top level module will have test data that matches the expected version. --- tests/CMakeLists.txt | 4 +++- tests/Makefile | 9 +++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 06df85dfe..e9cae9a9b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -138,8 +138,10 @@ add_test_suite(psa_crypto_storage_file) add_test_suite(shax) add_test_suite(timing) add_test_suite(rsa) -add_test_suite(version) add_test_suite(xtea) +if (NOT USE_CRYPTO_SUBMODULE) + add_test_suite(version) +endif() # Make scripts and data files needed for testing available in an # out-of-source build. diff --git a/tests/Makefile b/tests/Makefile index 50a054969..8db7920d7 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -59,6 +59,15 @@ endif # constructed by stripping path 'suites/' and extension .data. APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data))) +# When this project is used as a submodule, exclude the following list of +# tests, which will be run from the parent module instead. +ifdef USE_CRYPTO_SUBMODULE +APPS := $(filter-out \ + test_suite_version \ + ,$(APPS)) +endif + + # Construct executable name by adding OS specific suffix $(EXEXT). BINARIES := $(addsuffix $(EXEXT),$(APPS)) From b478bb6ddbb1f3b7969ad9d6ccfdb0fa6d4843bd Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 7 Mar 2019 16:44:54 +0000 Subject: [PATCH 1124/2197] tests: Add a crypto prefix to submodule tests Prepend ".crypto" to tests that came from the crypto submodule. This allows, when this project is used as a submodule, for tests with names the same between the parent and this project when used as a submodule to both be built and run. --- tests/CMakeLists.txt | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index e9cae9a9b..76a4608e1 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -40,17 +40,24 @@ function(add_test_suite suite_name) DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data ) + set(exe_name test_suite_${data_name}) + # Add a prefix to differentiate these tests from those of the parent + # module, when this project is built as a submodule. + if(USE_CRYPTO_SUBMODULE) + set(exe_name crypto.${exe_name}) + endif() + include_directories(${CMAKE_CURRENT_SOURCE_DIR}) - add_executable(test_suite_${data_name} test_suite_${data_name}.c) - target_link_libraries(test_suite_${data_name} ${libs}) - target_include_directories(test_suite_${data_name} + add_executable(${exe_name} test_suite_${data_name}.c) + target_link_libraries(${exe_name} ${libs}) + target_include_directories(${exe_name} PUBLIC ${CMAKE_SOURCE_DIR}/include/ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") else() - add_test(${data_name}-suite test_suite_${data_name} --verbose) + add_test(${data_name}-suite ${exe_name} --verbose) endif() endfunction(add_test_suite) From 2de2c0d9ce72b97ce525f16c3ecd8f94ca7edf9c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Mar 2019 17:59:16 +0100 Subject: [PATCH 1125/2197] Clarify deterministic generation by re-drawing For DH, ECC (Weierstrass curves) and DSA, specify that the re-drawing method is the one defined by NIST as "key-pair generation by testing candidates", and describe it unambiguously. Also specify DES explicitly. --- include/psa/crypto.h | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b68376669..fbfdbc47f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2924,12 +2924,31 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * for the output produced by psa_export_key(). * The following key types defined in this specification follow this scheme: * - * - #PSA_KEY_TYPE_DES; - * - #PSA_KEY_TYPE_DH_KEYPAIR; - * - #PSA_KEY_TYPE_DSA_KEYPAIR; - * - ECC keys on a Weierstrass elliptic curve, i.e. - * #PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a - * Weierstrass curve. + * - #PSA_KEY_TYPE_DES. + * Force-set the parity bits, but discard forbidden weak keys. + * For 2-key and 3-key triple-DES, the three keys are generated + * successively (for example, for 3-key triple-DES, + * if the first 8 bytes specify a weak key and the next 8 bytes do not, + * discard the first 8 bytes, use the next 8 bytes as the first key, + * and continue reading output from the generator to derive the other + * two keys). + * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEYPAIR), + * DSA keys (#PSA_KEY_TYPE_DSA_KEYPAIR), and + * ECC keys on a Weierstrass elliptic curve + * (#PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a + * Weierstrass curve). + * For these key types, interpret the byte string as integer + * in big-endian order. Discard it if it is not in the range + * [0, *N* - 2] where *N* is the boundary of the private key domain + * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, + * or the order of the curve's coordinate field for ECC). + * Add 1 to the resulting integer and use this as the private key *x*. + * This is the method described as + * "key-pair generation by testing candidates" + * in NIST SP 800-56A §5.6.1.1.4 for Diffie-Hellman, + * in FIPS 186-4 §B.1.2 for DSA, and + * in NIST SP 800-56A §5.6.1.2.2 or + * FIPS 186-4 §B.4.2 for elliptic curve keys. * * - For other key types, including #PSA_KEY_TYPE_RSA_KEYPAIR, * the way in which the generator output is consumed is From 5579971cb15c85c7d586cf61dc6062caa3eb9a40 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Mar 2019 11:50:26 +0100 Subject: [PATCH 1126/2197] psa_generator_import_key (ECC): minor corrections --- include/psa/crypto.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fbfdbc47f..05834b0e9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2941,10 +2941,10 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * in big-endian order. Discard it if it is not in the range * [0, *N* - 2] where *N* is the boundary of the private key domain * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, - * or the order of the curve's coordinate field for ECC). + * or the order of the curve's base point for ECC). * Add 1 to the resulting integer and use this as the private key *x*. - * This is the method described as - * "key-pair generation by testing candidates" + * This method allows compliance to NIST standards, specifically + * the methods titled "key-pair generation by testing candidates" * in NIST SP 800-56A §5.6.1.1.4 for Diffie-Hellman, * in FIPS 186-4 §B.1.2 for DSA, and * in NIST SP 800-56A §5.6.1.2.2 or From ee67dd61bc032576eec6a1026673572addc6ea4d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Mar 2019 13:23:17 +0100 Subject: [PATCH 1127/2197] Fix Doxygen warnings --- include/psa/crypto.h | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 05834b0e9..bdbbc1f26 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2896,10 +2896,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * The following key types defined in this specification follow this scheme: * * - #PSA_KEY_TYPE_AES; - * - #PSA_KEY_TYPE_ARIA; * - #PSA_KEY_TYPE_ARC4; * - #PSA_KEY_TYPE_CAMELLIA; - * - #PSA_KEY_TYPE_CHACHAPOLY; * - #PSA_KEY_TYPE_DERIVE; * - #PSA_KEY_TYPE_HMAC. * @@ -2962,8 +2960,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * psa_allocate_key() or psa_create_key() and must * not contain key material yet. * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * This must be a secret key type or a key pair type - * . + * This must be a secret key type or a key pair type. * \param bits Key size in bits. * \param[in,out] generator The generator object to read from. * From 5f54497cf35769d08ce2f2066934a43efdb41078 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 11:26:36 +0100 Subject: [PATCH 1128/2197] Import ITS header files Commit a72c10c44d5d54d05aceb00e0368f02f9f62151a in the psa_trusted_storage_api repository, from which the PSA ITS specification version 1.1 is derived. --- library/internal_trusted_storage.h | 117 +++++++++++++++++++++++++++++ library/storage_common.h | 58 ++++++++++++++ 2 files changed, 175 insertions(+) create mode 100644 library/internal_trusted_storage.h create mode 100644 library/storage_common.h diff --git a/library/internal_trusted_storage.h b/library/internal_trusted_storage.h new file mode 100644 index 000000000..4b117e746 --- /dev/null +++ b/library/internal_trusted_storage.h @@ -0,0 +1,117 @@ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** @file +@brief This file describes the PSA Internal Trusted Storage API +*/ + +#ifndef __PSA_INTERNAL_TRUSTED_STORAGE_H__ +#define __PSA_INTERNAL_TRUSTED_STORAGE_H__ + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif +#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */ +#define PSA_ITS_API_VERSION_MINOR 1 /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */ + +/** + * \brief create a new or modify an existing uid/value pair + * + * \param[in] uid the identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or references memory the caller cannot access + */ +psa_status_t psa_its_set(psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve the value associated with a provided uid + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer) + * \param[out] p_data The buffer where the data will be placed upon successful completion + + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage + * \retval PSA_ERROR_INVALID_SIZE The operation failed because the data associated with provided uid is larger than `data_size` + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`) + * is invalid. For example is `NULL` or references memory the caller cannot access. + * In addition, this can also happen if an invalid offset was provided. + */ +psa_status_t psa_its_get(psa_storage_uid_t uid, + uint32_t data_offset, + uint32_t data_length, + void *p_data); + +/** + * \brief Retrieve the metadata about the provided uid + * + * \param[in] uid The uid value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`) + * is invalid, for example is `NULL` or references memory the caller cannot access + */ +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided key and its associated data from the storage + * + * \param[in] uid The uid value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) + */ +psa_status_t psa_its_remove(psa_storage_uid_t uid); + +#ifdef __cplusplus +} +#endif + +#endif // __PSA_INTERNAL_TRUSTED_STORAGE_H__ diff --git a/library/storage_common.h b/library/storage_common.h new file mode 100644 index 000000000..07cb6e9c6 --- /dev/null +++ b/library/storage_common.h @@ -0,0 +1,58 @@ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** @file +@brief This file includes common definitions for PSA storage +*/ + +#ifndef __PSA_STORAGE_COMMON_H__ +#define __PSA_STORAGE_COMMON_H__ + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** \brief Flags used when creating a data entry + */ +typedef uint32_t psa_storage_create_flags_t; + +/** \brief A type for UIDs used for identifying data + */ +typedef uint64_t psa_storage_uid_t; + +#define PSA_STORAGE_FLAG_NONE 0 /**< No flags to pass */ +#define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/ + +/** + * \brief A container for metadata associated with a specific uid + */ +struct psa_storage_info_t { + uint32_t size; /**< The size of the data associated with a uid **/ + psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/ +}; + +/** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */ +#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0) + +/** \brief PSA storage specific error codes + */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) + +#endif // __PSA_STORAGE_COMMON_H__ From 601bd53b80fdd86e42345fdc1394850d2e64540e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 11:34:28 +0100 Subject: [PATCH 1129/2197] Fix up ITS header files for internal use in crypto Merge storage_common.h and internal_trusted_storage.h into a single file for convenience. Remove #include of which crypto doesn't have yet and include and instead. Drop __cplusplus support which we don't need. Tweak style (whitespace, line breaks, comment formatting) to satisfy check-names.sh and check-files.sh. --- ...nal_trusted_storage.h => psa_crypto_its.h} | 69 +++++++++++++------ library/storage_common.h | 58 ---------------- visualc/VS2010/mbedTLS.vcxproj | 1 + 3 files changed, 48 insertions(+), 80 deletions(-) rename library/{internal_trusted_storage.h => psa_crypto_its.h} (81%) delete mode 100644 library/storage_common.h diff --git a/library/internal_trusted_storage.h b/library/psa_crypto_its.h similarity index 81% rename from library/internal_trusted_storage.h rename to library/psa_crypto_its.h index 4b117e746..44d51982a 100644 --- a/library/internal_trusted_storage.h +++ b/library/psa_crypto_its.h @@ -1,3 +1,6 @@ +/** \file psa_crypto_its.h + * \brief Interface of trusted storage that crypto is built on. + */ /* Copyright (C) 2019, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * @@ -13,22 +16,48 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -/** @file -@brief This file describes the PSA Internal Trusted Storage API -*/ -#ifndef __PSA_INTERNAL_TRUSTED_STORAGE_H__ -#define __PSA_INTERNAL_TRUSTED_STORAGE_H__ +#ifndef PSA_CRYPTO_ITS_H +#define PSA_CRYPTO_ITS_H #include #include -#include "psa/error.h" -#include "psa/storage_common.h" +#include +#include #ifdef __cplusplus extern "C" { #endif + +/** \brief Flags used when creating a data entry + */ +typedef uint32_t psa_storage_create_flags_t; + +/** \brief A type for UIDs used for identifying data + */ +typedef uint64_t psa_storage_uid_t; + +#define PSA_STORAGE_FLAG_NONE 0 /**< No flags to pass */ +#define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/ + +/** + * \brief A container for metadata associated with a specific uid + */ +struct psa_storage_info_t +{ + uint32_t size; /**< The size of the data associated with a uid **/ + psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/ +}; + +/** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */ +#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0) + +/** \brief PSA storage specific error codes + */ +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) + #define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */ #define PSA_ITS_API_VERSION_MINOR 1 /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */ @@ -39,9 +68,9 @@ extern "C" { * \param[in] data_length The size in bytes of the data in `p_data` * \param[in] p_data A buffer containing the data * \param[in] create_flags The flags that the data will be stored with - * + * * \return A status indicating the success/failure of the operation - + * * \retval PSA_SUCCESS The operation completed successfully * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid @@ -62,8 +91,8 @@ psa_status_t psa_its_set(psa_storage_uid_t uid, * \param[in] data_offset The starting offset of the data requested * \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer) * \param[out] p_data The buffer where the data will be placed upon successful completion - - * + * + * * \return A status indicating the success/failure of the operation * * \retval PSA_SUCCESS The operation completed successfully @@ -81,12 +110,12 @@ psa_status_t psa_its_get(psa_storage_uid_t uid, /** * \brief Retrieve the metadata about the provided uid - * + * * \param[in] uid The uid value * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata - * + * * \return A status indicating the success/failure of the operation - * + * * \retval PSA_SUCCESS The operation completed successfully * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) @@ -98,11 +127,11 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid, /** * \brief Remove the provided key and its associated data from the storage - * + * * \param[in] uid The uid value - * + * * \return A status indicating the success/failure of the operation - * + * * \retval PSA_SUCCESS The operation completed successfully * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG @@ -110,8 +139,4 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid, */ psa_status_t psa_its_remove(psa_storage_uid_t uid); -#ifdef __cplusplus -} -#endif - -#endif // __PSA_INTERNAL_TRUSTED_STORAGE_H__ +#endif /* PSA_CRYPTO_ITS_H */ diff --git a/library/storage_common.h b/library/storage_common.h deleted file mode 100644 index 07cb6e9c6..000000000 --- a/library/storage_common.h +++ /dev/null @@ -1,58 +0,0 @@ -/* Copyright (C) 2019, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** @file -@brief This file includes common definitions for PSA storage -*/ - -#ifndef __PSA_STORAGE_COMMON_H__ -#define __PSA_STORAGE_COMMON_H__ - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/** \brief Flags used when creating a data entry - */ -typedef uint32_t psa_storage_create_flags_t; - -/** \brief A type for UIDs used for identifying data - */ -typedef uint64_t psa_storage_uid_t; - -#define PSA_STORAGE_FLAG_NONE 0 /**< No flags to pass */ -#define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able to be modified or deleted. Intended to be used to set bits in `psa_storage_create_flags_t`*/ - -/** - * \brief A container for metadata associated with a specific uid - */ -struct psa_storage_info_t { - uint32_t size; /**< The size of the data associated with a uid **/ - psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/ -}; - -/** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */ -#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0) - -/** \brief PSA storage specific error codes - */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) -#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) - -#endif // __PSA_STORAGE_COMMON_H__ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index bb92d8f8c..aa48c1620 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -238,6 +238,7 @@ + From 6194dc2062771785d5222b62573d18d72fb07dee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 22:24:15 +0100 Subject: [PATCH 1130/2197] Implement PSA ITS over files Implement the PSA ITS API over stdio files. --- include/mbedtls/check_config.h | 5 + include/mbedtls/config.h | 12 ++ library/CMakeLists.txt | 1 + library/Makefile | 1 + library/psa_its_file.c | 233 +++++++++++++++++++++++++++++++++ library/version_features.c | 3 + programs/test/query_config.c | 8 ++ visualc/VS2010/mbedTLS.vcxproj | 1 + 8 files changed, 264 insertions(+) create mode 100644 library/psa_its_file.c diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 962d3db87..28cdb43a4 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -547,6 +547,11 @@ #error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_ITS_FILE_C) && \ + !defined(MBEDTLS_FS_IO) +#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 7f96e50cf..8aec292fe 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2794,6 +2794,18 @@ */ //#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C +/** + * \def MBEDTLS_PSA_ITS_FILE_C + * + * Enable the emulation of the Platform Security Architecture + * Internal Trusted Storage (PSA ITS) over files. + * + * Module: library/psa_its_file.c + * + * Requires: MBEDTLS_FS_IO + */ +#define MBEDTLS_PSA_ITS_FILE_C + /** * \def MBEDTLS_RIPEMD160_C * diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index e9372be5b..244dc34bb 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -58,6 +58,7 @@ set(src_crypto psa_crypto_storage.c psa_crypto_storage_file.c psa_crypto_storage_its.c + psa_its_file.c ripemd160.c rsa.c rsa_internal.c diff --git a/library/Makefile b/library/Makefile index 8533eaad0..1fd159d8c 100644 --- a/library/Makefile +++ b/library/Makefile @@ -87,6 +87,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ psa_crypto_storage.o \ psa_crypto_storage_file.o \ psa_crypto_storage_its.o \ + psa_its_file.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ threading.o timing.o version.o \ diff --git a/library/psa_its_file.c b/library/psa_its_file.c new file mode 100644 index 000000000..3a854b5fd --- /dev/null +++ b/library/psa_its_file.c @@ -0,0 +1,233 @@ +/* + * PSA ITS simulator over stdio files. + */ +/* Copyright (C) 2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if defined(MBEDTLS_CONFIG_FILE) +#include MBEDTLS_CONFIG_FILE +#else +#include "mbedtls/config.h" +#endif + +#if defined(MBEDTLS_PSA_ITS_FILE_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_snprintf snprintf +#endif + +#include "psa_crypto_its.h" + +#include +#include +#include +#include + +#define PSA_ITS_STORAGE_PREFIX "" + +#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx" +#define PSA_ITS_STORAGE_SUFFIX ".psa_its" +#define PSA_ITS_STORAGE_FILENAME_LENGTH \ + ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \ + 1 /*terminating null byte*/ ) +#define PSA_ITS_STORAGE_TEMP \ + PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX + +/* The maximum value of psa_storage_info_t.size */ +#define PSA_ITS_MAX_SIZE 0xffffffff + +#define PSA_ITS_MAGIC_STRING "PSA\0ITS\0" +#define PSA_ITS_MAGIC_LENGTH 8 + +typedef struct +{ + uint8_t magic[PSA_ITS_MAGIC_LENGTH]; + uint8_t size[sizeof( uint32_t )]; + uint8_t flags[sizeof( psa_storage_create_flags_t )]; +} psa_its_file_header_t; + +static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) +{ + /* Break up the UID into two 32-bit pieces so as not to rely on + * long long support in snprintf. */ + mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", + PSA_ITS_STORAGE_PREFIX, + (unsigned long) ( uid >> 32 ), + (unsigned long) ( uid & 0xffffffff ), + PSA_ITS_STORAGE_SUFFIX ); +} + +static psa_status_t psa_its_read_file( psa_storage_uid_t uid, + struct psa_storage_info_t *p_info, + FILE **p_stream ) +{ + char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; + psa_its_file_header_t header; + size_t n; + + *p_stream = NULL; + psa_its_fill_filename( uid, filename ); + *p_stream = fopen( filename, "rb" ); + if( *p_stream == NULL ) + return( PSA_ERROR_DOES_NOT_EXIST ); + + n = fread( &header, 1, sizeof( header ), *p_stream ); + if( n != sizeof( header ) ) + return( PSA_ERROR_DATA_CORRUPT ); + if( memcmp( header.magic, PSA_ITS_MAGIC_STRING, + PSA_ITS_MAGIC_LENGTH ) != 0 ) + return( PSA_ERROR_DATA_CORRUPT ); + + p_info->size = ( header.size[0] | + header.size[1] << 8 | + header.size[2] << 16 | + header.size[3] << 24 ); + p_info->flags = ( header.flags[0] | + header.flags[1] << 8 | + header.flags[2] << 16 | + header.flags[3] << 24 ); + return( PSA_SUCCESS ); +} + +psa_status_t psa_its_get_info( psa_storage_uid_t uid, + struct psa_storage_info_t *p_info ) +{ + psa_status_t status; + FILE *stream = NULL; + status = psa_its_read_file( uid, p_info, &stream ); + if( stream != NULL ) + fclose( stream ); + return( status ); +} + +psa_status_t psa_its_get( psa_storage_uid_t uid, + uint32_t data_offset, + uint32_t data_length, + void *p_data ) +{ + psa_status_t status; + FILE *stream = NULL; + size_t n; + struct psa_storage_info_t info; + + status = psa_its_read_file( uid, &info, &stream ); + if( status != PSA_SUCCESS ) + goto exit; + status = PSA_ERROR_DATA_CORRUPT; + if( data_offset + data_length < data_offset ) + goto exit; +#if SIZE_MAX < 0xffffffff + if( data_offset + data_length > SIZE_MAX ) + goto exit; +#endif + if( data_offset + data_length > info.size ) + goto exit; + + status = PSA_ERROR_DATA_CORRUPT; +#if LONG_MAX < 0xffffffff + while( data_offset > LONG_MAX ) + { + if( fseek( stream, LONG_MAX, SEEK_CUR ) != 0 ) + goto exit; + data_offset -= LONG_MAX; + } +#endif + if( fseek( stream, data_offset, SEEK_CUR ) != 0 ) + goto exit; + n = fread( p_data, 1, data_length, stream ); + if( n != data_length ) + goto exit; + status = PSA_SUCCESS; + +exit: + if( stream != NULL ) + fclose( stream ); + return( status ); +} + +psa_status_t psa_its_set( psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags ) +{ + psa_status_t status = PSA_ERROR_STORAGE_FAILURE; + char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; + FILE *stream = NULL; + psa_its_file_header_t header; + size_t n; + + memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); + header.size[0] = data_length & 0xff; + header.size[1] = ( data_length >> 8 ) & 0xff; + header.size[2] = ( data_length >> 16 ) & 0xff; + header.size[3] = ( data_length >> 24 ) & 0xff; + header.flags[0] = create_flags & 0xff; + header.flags[1] = ( create_flags >> 8 ) & 0xff; + header.flags[2] = ( create_flags >> 16 ) & 0xff; + header.flags[3] = ( create_flags >> 24 ) & 0xff; + + psa_its_fill_filename( uid, filename ); + stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); + if( stream == NULL ) + goto exit; + + status = PSA_ERROR_INSUFFICIENT_STORAGE; + n = fwrite( &header, 1, sizeof( header ), stream ); + if( n != sizeof( header ) ) + goto exit; + n = fwrite( p_data, 1, data_length, stream ); + if( n != data_length ) + goto exit; + status = PSA_SUCCESS; + +exit: + if( stream != NULL ) + { + int ret = fclose( stream ); + if( status == PSA_SUCCESS && ret != 0 ) + status = PSA_ERROR_INSUFFICIENT_STORAGE; + } + if( status == PSA_SUCCESS ) + { + if( rename( PSA_ITS_STORAGE_TEMP, filename ) != 0 ) + status = PSA_ERROR_STORAGE_FAILURE; + } + remove( PSA_ITS_STORAGE_TEMP ); + return( status ); +} + +psa_status_t psa_its_remove( psa_storage_uid_t uid ) +{ + char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; + FILE *stream; + psa_its_fill_filename( uid, filename ); + stream = fopen( filename, "rb" ); + if( stream == NULL ) + return( PSA_ERROR_DOES_NOT_EXIST ); + fclose( stream ); + if( remove( filename ) != 0 ) + return( PSA_ERROR_STORAGE_FAILURE ); + return( PSA_SUCCESS ); +} + +#endif /* MBEDTLS_PSA_ITS_FILE_C */ diff --git a/library/version_features.c b/library/version_features.c index f01eacee4..220a5dad5 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -720,6 +720,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ +#if defined(MBEDTLS_PSA_ITS_FILE_C) + "MBEDTLS_PSA_ITS_FILE_C", +#endif /* MBEDTLS_PSA_ITS_FILE_C */ #if defined(MBEDTLS_RIPEMD160_C) "MBEDTLS_RIPEMD160_C", #endif /* MBEDTLS_RIPEMD160_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 345d1ecbf..7993be6bf 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1962,6 +1962,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ +#if defined(MBEDTLS_PSA_ITS_FILE_C) + if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_ITS_FILE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_ITS_FILE_C */ + #if defined(MBEDTLS_RIPEMD160_C) if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 ) { diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index aa48c1620..08ab37d97 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -304,6 +304,7 @@ + From bc1f272750c56d9a52c1910831e2f66058f1c139 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Nov 2018 22:24:38 +0100 Subject: [PATCH 1131/2197] Tests for PSA ITS over files --- library/psa_its_file.c | 4 +- tests/CMakeLists.txt | 1 + tests/suites/test_suite_psa_its.data | 65 +++++++ tests/suites/test_suite_psa_its.function | 208 +++++++++++++++++++++++ 4 files changed, 276 insertions(+), 2 deletions(-) create mode 100644 tests/suites/test_suite_psa_its.data create mode 100644 tests/suites/test_suite_psa_its.function diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 3a854b5fd..de60ecfc9 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -133,7 +133,7 @@ psa_status_t psa_its_get( psa_storage_uid_t uid, status = psa_its_read_file( uid, &info, &stream ); if( status != PSA_SUCCESS ) goto exit; - status = PSA_ERROR_DATA_CORRUPT; + status = PSA_ERROR_INVALID_ARGUMENT; if( data_offset + data_length < data_offset ) goto exit; #if SIZE_MAX < 0xffffffff @@ -143,7 +143,7 @@ psa_status_t psa_its_get( psa_storage_uid_t uid, if( data_offset + data_length > info.size ) goto exit; - status = PSA_ERROR_DATA_CORRUPT; + status = PSA_ERROR_STORAGE_FAILURE; #if LONG_MAX < 0xffffffff while( data_offset > LONG_MAX ) { diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 76a4608e1..421fd7a75 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -142,6 +142,7 @@ add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_crypto_storage_file) +add_test_suite(psa_its) add_test_suite(shax) add_test_suite(timing) add_test_suite(rsa) diff --git a/tests/suites/test_suite_psa_its.data b/tests/suites/test_suite_psa_its.data new file mode 100644 index 000000000..d6c0e1545 --- /dev/null +++ b/tests/suites/test_suite_psa_its.data @@ -0,0 +1,65 @@ +Set/get/remove 0 bytes +set_get_remove:0:0:"" + +Set/get/remove 42 bytes +set_get_remove:0:0:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223242526272829" + +Set/get/remove 1000 bytes +set_get_remove:0:0:"6a07ecfcc7c7bfe0129d56d2dcf2955a12845b9e6e0034b0ed7226764261c6222a07b9f654deb682130eb1cd07ed298324e60a46f9c76c8a5a0be000c69e93dd81054ca21fbc6190cef7745e9d5436f70e20e10cbf111d1d40c9ceb83be108775199d81abaf0fecfe30eaa08e7ed82517cba939de4449f7ac5c730fcbbf56e691640b0129db0e178045dd2034262de9138873d9bdca57685146a3d516ff13c29e6628a00097435a8e10fef7faff62d2963c303a93793e2211d8604556fec08cd59c0f5bd1f22eea64be13e88b3f454781e83fe6e771d3d81eb2fbe2021e276f42a93db5343d767d854115e74f5e129a8036b1e81aced9872709d515e00bcf2098ccdee23006b0e836b27dc8aaf30f53fe58a31a6408abb79b13098c22e262a98040f9b09809a3b43bd42eb01cf1d17bbc8b4dfe51fa6573d4d8741943e3ae71a649e194c1218f2e20556c7d8cfe8c64d8cc1aa94531fbf638768c7d19b3c079299cf4f26ed3f964efb8fd23d82b4157a51f46da11156c74e2d6e2fd788869ebb52429e12a82da2ba083e2e74565026162f29ca22582da72a2698e7c5d958b919bc2cdfe12f50364ccfed30efd5cd120a7d5f196b2bd7f911bb44d5871eb3dedcd70ece7faf464988f9fe361f23d7244b1e08bee921d0f28bdb4912675809d099876d4d15b7d13ece356e1f2a5dce64feb3d6749a07a4f2b7721190e17a9ab2966e48b6d25187070b81eb45b1c44608b2f0e175958ba57fcf1b2cd145eea5fd4de858d157ddac69dfbb5d5d6f0c1691b0fae5a143b6e58cdf5000f28d74b3322670ed11e740c828c7bfad4e2f392012da3ac931ea26ed15fd003e604071f5900c6e1329d021805d50da9f1e732a49bcc292d9f8e07737cfd59442e8d7aaa813b18183a68e22bf6b4519545dd7d2d519db3652be4131bad4f4b0625dbaa749e979f6ee8c1b97803cb50a2fa20dc883eac932a824b777b226e15294de6a80be3ddef41478fe18172d64407a004de6bae18bc60e90c902c1cbb0e1633395b42391f5011be0d480541987609b0cd8d902ea29f86f73e7362340119323eb0ea4f672b70d6e9a9df5235f9f1965f5cb0c2998c5a7f4754e83eeda5d95fefbbaaa0875fe37b7ca461e7281cc5479162627c5a709b45fd9ddcde4dfb40659e1d70fa7361d9fc7de24f9b8b13259423fdae4dbb98d691db687467a5a7eb027a4a0552a03e430ac8a32de0c30160ba60a036d6b9db2d6182193283337b92e7438dc5d6eb4fa00200d8efa9127f1c3a32ac8e202262773aaa5a965c6b8035b2e5706c32a55511560429ddf1df4ac34076b7eedd9cf94b6915a894fdd9084ffe3db0e7040f382c3cd04f0484595de95865c36b6bf20f46a78cdfb37228acbeb218de798b9586f6d99a0cbae47e80d" + +Set/get/remove with flags +set_get_remove:0:0x12345678:"abcdef" + +Overwrite 0 -> 3 +set_overwrite:0:0x12345678:"":0x01020304:"abcdef" + +Overwrite 3 -> 0 +set_overwrite:0:0x12345678:"abcdef":0x01020304:"" + +Overwrite 3 -> 3 +set_overwrite:0:0x12345678:"123456":0x01020304:"abcdef" + +Overwrite 3 -> 18 +set_overwrite:0:0x12345678:"abcdef":0x01020304:"404142434445464748494a4b4c4d4e4f5051" + +Overwrite 18 -> 3 +set_overwrite:0:0x12345678:"404142434445464748494a4b4c4d4e4f5051":0x01020304:"abcdef" + +Multiple files +set_multiple:0:5 + +Non-existent file +nonexistent:0:0 + +Removed file +nonexistent:0:1 + +Get 0 bytes of 10 at 10 +get_at:0:"40414243444546474849":10:0:PSA_ITS_SUCCESS + +Get 1 byte of 10 at 9 +get_at:0:"40414243444546474849":9:1:PSA_ITS_SUCCESS + +Get 0 bytes of 10 at 0 +get_at:0:"40414243444546474849":0:0:PSA_ITS_SUCCESS + +Get 1 byte of 10 at 0 +get_at:0:"40414243444546474849":1:0:PSA_ITS_SUCCESS + +Get 2 bytes of 10 at 1 +get_at:0:"40414243444546474849":1:2:PSA_ITS_SUCCESS + +Get 1 byte of 10 at 10: out of range +get_at:0:"40414243444546474849":10:1:PSA_ITS_ERROR_INCORRECT_SIZE + +Get 1 byte of 10 at 11: out of range +get_at:0:"40414243444546474849":11:1:PSA_ITS_ERROR_INCORRECT_SIZE + +Get 0 bytes of 10 at 11: out of range +get_at:0:"40414243444546474849":11:1:PSA_ITS_ERROR_INCORRECT_SIZE + +Get -1 byte of 10 at 10: out of range +get_at:0:"40414243444546474849":10:-1:PSA_ITS_ERROR_INCORRECT_SIZE + +Get 1 byte of 10 at -1: out of range +get_at:0:"40414243444546474849":-1:1:PSA_ITS_ERROR_INCORRECT_SIZE diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function new file mode 100644 index 000000000..70d4578bd --- /dev/null +++ b/tests/suites/test_suite_psa_its.function @@ -0,0 +1,208 @@ +/* BEGIN_HEADER */ +#include "../library/psa_its_file.h" + +/* Internal definitions of the implementation, copied for the sake of + * some of the tests and of the cleanup code. */ +#define PSA_ITS_STORAGE_PREFIX "" +#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx.psa_its" +#define PSA_ITS_STORAGE_FILENAME_LENGTH \ + ( sizeof( PSA_ITS_STORAGE_PREFIX ) + 16 ) +#define PSA_ITS_STORAGE_TEMP PSA_ITS_STORAGE_PREFIX "tempfile.psa_its" + +static void psa_its_fill_filename( uint32_t uid, char *filename ) +{ + snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN, + PSA_ITS_STORAGE_PREFIX, (unsigned long) uid ); +} + +#define MAX( m, n ) ( ( m ) > ( n ) ? ( m ) : ( n ) ) + +#define ITS_ASSERT( expr ) \ + TEST_ASSERT( ( expr ) == PSA_ITS_SUCCESS ) + +/* Maximum uid used by the test, recorded so that cleanup() can delete + * all files. 0xffffffff is excluded. */ +static uint32_t uid_max = 0; + +static void cleanup( void ) +{ + char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; + uint32_t uid; + for( uid = 0; uid < uid_max; uid++ ) + { + psa_its_fill_filename( uid, filename ); + remove( filename ); + } + psa_its_fill_filename( 0xffffffff, filename ); + remove( filename ); + remove( PSA_ITS_STORAGE_TEMP ); + uid_max = 0; +} + +static psa_its_status_t psa_its_set_wrap( uint32_t uid, + uint32_t data_length, + const void *p_data, + psa_its_create_flags_t create_flags ) +{ + if( uid_max != 0xffffffff && uid_max < uid ) + uid_max = uid; + return psa_its_set( uid, data_length, p_data, create_flags ); +} + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_ITS_FILE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void set_get_remove( int uid_arg, int flags_arg, data_t *data ) +{ + uint32_t uid = uid_arg; + uint32_t flags = flags_arg; + struct psa_its_info_t info; + unsigned char *buffer = NULL; + + ASSERT_ALLOC( buffer, data->len ); + + ITS_ASSERT( psa_its_set_wrap( uid, data->len, data->x, flags ) ); + + ITS_ASSERT( psa_its_get_info( uid, &info ) ); + TEST_ASSERT( info.size == data->len ); + TEST_ASSERT( info.flags == flags ); + ITS_ASSERT( psa_its_get( uid, 0, data->len, buffer ) ); + ASSERT_COMPARE( data->x, data->len, buffer, data->len ); + + ITS_ASSERT( psa_its_remove( uid ) ); + +exit: + mbedtls_free( buffer ); + cleanup( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void set_overwrite( int uid_arg, + int flags1_arg, data_t *data1, + int flags2_arg, data_t *data2 ) +{ + uint32_t uid = uid_arg; + uint32_t flags1 = flags1_arg; + uint32_t flags2 = flags2_arg; + struct psa_its_info_t info; + unsigned char *buffer = NULL; + + ASSERT_ALLOC( buffer, MAX( data1->len, data2->len ) ); + + ITS_ASSERT( psa_its_set_wrap( uid, data1->len, data1->x, flags1 ) ); + ITS_ASSERT( psa_its_get_info( uid, &info ) ); + TEST_ASSERT( info.size == data1->len ); + TEST_ASSERT( info.flags == flags1 ); + ITS_ASSERT( psa_its_get( uid, 0, data1->len, buffer ) ); + ASSERT_COMPARE( data1->x, data1->len, buffer, data1->len ); + + ITS_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) ); + ITS_ASSERT( psa_its_get_info( uid, &info ) ); + TEST_ASSERT( info.size == data2->len ); + TEST_ASSERT( info.flags == flags2 ); + ITS_ASSERT( psa_its_get( uid, 0, data2->len, buffer ) ); + ASSERT_COMPARE( data2->x, data2->len, buffer, data2->len ); + + ITS_ASSERT( psa_its_remove( uid ) ); + +exit: + mbedtls_free( buffer ); + cleanup( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void set_multiple( int first_id, int count ) +{ + uint32_t uid0 = first_id; + uint32_t uid; + char stored[40]; + char retrieved[40]; + + memset( stored, '.', sizeof( stored ) ); + for( uid = uid0; uid < uid0 + count; uid++ ) + { + mbedtls_snprintf( stored, sizeof( stored ), + "Content of file 0x%08lx", (unsigned long) uid ); + ITS_ASSERT( psa_its_set_wrap( uid, sizeof( stored ), stored, 0 ) ); + } + + for( uid = uid0; uid < uid0 + count; uid++ ) + { + mbedtls_snprintf( stored, sizeof( stored ), + "Content of file 0x%08lx", (unsigned long) uid ); + ITS_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved ) ); + ASSERT_COMPARE( retrieved, sizeof( stored ), + stored, sizeof( stored ) ); + ITS_ASSERT( psa_its_remove( uid ) ); + TEST_ASSERT( psa_its_get( uid, 0, 0, NULL ) == + PSA_ITS_ERROR_KEY_NOT_FOUND ); + } + +exit: + cleanup( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void nonexistent( int uid_arg, int create_and_remove ) +{ + uint32_t uid = uid_arg; + struct psa_its_info_t info; + + if( create_and_remove ) + { + ITS_ASSERT( psa_its_set_wrap( uid, 0, NULL, 0 ) ); + ITS_ASSERT( psa_its_remove( uid ) ); + } + + TEST_ASSERT( psa_its_remove( uid ) == PSA_ITS_ERROR_KEY_NOT_FOUND ); + TEST_ASSERT( psa_its_get_info( uid, &info ) == + PSA_ITS_ERROR_KEY_NOT_FOUND ); + TEST_ASSERT( psa_its_get( uid, 0, 0, NULL ) == + PSA_ITS_ERROR_KEY_NOT_FOUND ); + +exit: + cleanup( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_at( int uid_arg, data_t *data, + int offset, int length_arg, + int expected_status ) +{ + uint32_t uid = uid_arg; + unsigned char *buffer = NULL; + psa_its_status_t ist; + size_t length = length_arg >= 0 ? length_arg : 0; + unsigned char *trailer; + size_t i; + + ASSERT_ALLOC( buffer, length + 16 ); + trailer = buffer + length; + memset( trailer, '-', 16 ); + + ITS_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); + + ist = psa_its_get( uid, offset, length_arg, buffer ); + TEST_ASSERT( ist == (psa_its_status_t) expected_status ); + if( ist == PSA_ITS_SUCCESS ) + ASSERT_COMPARE( data->x + offset, length, + buffer, length ); + for( i = 0; i < 16; i++ ) + TEST_ASSERT( trailer[i] == '-' ); + ITS_ASSERT( psa_its_remove( uid ) ); + +exit: + mbedtls_free( buffer ); + cleanup( ); +} +/* END_CASE */ From b0c642abae0685e109840c7920016b50eacaf50f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 12:26:08 +0100 Subject: [PATCH 1132/2197] Tests for PSA ITS over stdio files --- tests/suites/test_suite_psa_its.data | 20 ++-- tests/suites/test_suite_psa_its.function | 123 ++++++++++++----------- 2 files changed, 74 insertions(+), 69 deletions(-) diff --git a/tests/suites/test_suite_psa_its.data b/tests/suites/test_suite_psa_its.data index d6c0e1545..6c4353698 100644 --- a/tests/suites/test_suite_psa_its.data +++ b/tests/suites/test_suite_psa_its.data @@ -35,31 +35,31 @@ Removed file nonexistent:0:1 Get 0 bytes of 10 at 10 -get_at:0:"40414243444546474849":10:0:PSA_ITS_SUCCESS +get_at:0:"40414243444546474849":10:0:PSA_SUCCESS Get 1 byte of 10 at 9 -get_at:0:"40414243444546474849":9:1:PSA_ITS_SUCCESS +get_at:0:"40414243444546474849":9:1:PSA_SUCCESS Get 0 bytes of 10 at 0 -get_at:0:"40414243444546474849":0:0:PSA_ITS_SUCCESS +get_at:0:"40414243444546474849":0:0:PSA_SUCCESS Get 1 byte of 10 at 0 -get_at:0:"40414243444546474849":1:0:PSA_ITS_SUCCESS +get_at:0:"40414243444546474849":1:0:PSA_SUCCESS Get 2 bytes of 10 at 1 -get_at:0:"40414243444546474849":1:2:PSA_ITS_SUCCESS +get_at:0:"40414243444546474849":1:2:PSA_SUCCESS Get 1 byte of 10 at 10: out of range -get_at:0:"40414243444546474849":10:1:PSA_ITS_ERROR_INCORRECT_SIZE +get_at:0:"40414243444546474849":10:1:PSA_ERROR_INVALID_ARGUMENT Get 1 byte of 10 at 11: out of range -get_at:0:"40414243444546474849":11:1:PSA_ITS_ERROR_INCORRECT_SIZE +get_at:0:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT Get 0 bytes of 10 at 11: out of range -get_at:0:"40414243444546474849":11:1:PSA_ITS_ERROR_INCORRECT_SIZE +get_at:0:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT Get -1 byte of 10 at 10: out of range -get_at:0:"40414243444546474849":10:-1:PSA_ITS_ERROR_INCORRECT_SIZE +get_at:0:"40414243444546474849":10:-1:PSA_ERROR_INVALID_ARGUMENT Get 1 byte of 10 at -1: out of range -get_at:0:"40414243444546474849":-1:1:PSA_ITS_ERROR_INCORRECT_SIZE +get_at:0:"40414243444546474849":-1:1:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function index 70d4578bd..867f64f6b 100644 --- a/tests/suites/test_suite_psa_its.function +++ b/tests/suites/test_suite_psa_its.function @@ -1,53 +1,58 @@ /* BEGIN_HEADER */ -#include "../library/psa_its_file.h" +#include "../library/psa_crypto_its.h" /* Internal definitions of the implementation, copied for the sake of * some of the tests and of the cleanup code. */ #define PSA_ITS_STORAGE_PREFIX "" -#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx.psa_its" +#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx" +#define PSA_ITS_STORAGE_SUFFIX ".psa_its" #define PSA_ITS_STORAGE_FILENAME_LENGTH \ - ( sizeof( PSA_ITS_STORAGE_PREFIX ) + 16 ) -#define PSA_ITS_STORAGE_TEMP PSA_ITS_STORAGE_PREFIX "tempfile.psa_its" - -static void psa_its_fill_filename( uint32_t uid, char *filename ) + ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \ + 1 /*terminating null byte*/ ) +#define PSA_ITS_STORAGE_TEMP \ + PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX +static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) { - snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, - "%s" PSA_ITS_STORAGE_FILENAME_PATTERN, - PSA_ITS_STORAGE_PREFIX, (unsigned long) uid ); + /* Break up the UID into two 32-bit pieces so as not to rely on + * long long support in snprintf. */ + mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", + PSA_ITS_STORAGE_PREFIX, + (unsigned long) ( uid >> 32 ), + (unsigned long) ( uid & 0xffffffff ), + PSA_ITS_STORAGE_SUFFIX ); } -#define MAX( m, n ) ( ( m ) > ( n ) ? ( m ) : ( n ) ) - -#define ITS_ASSERT( expr ) \ - TEST_ASSERT( ( expr ) == PSA_ITS_SUCCESS ) - /* Maximum uid used by the test, recorded so that cleanup() can delete - * all files. 0xffffffff is excluded. */ -static uint32_t uid_max = 0; + * all files. 0xffffffffffffffff is always cleaned up, so it does not + * need to and should not be taken into account for uid_max. */ +static psa_storage_uid_t uid_max = 0; static void cleanup( void ) { char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; - uint32_t uid; + psa_storage_uid_t uid; for( uid = 0; uid < uid_max; uid++ ) { psa_its_fill_filename( uid, filename ); remove( filename ); } - psa_its_fill_filename( 0xffffffff, filename ); + psa_its_fill_filename( (psa_storage_uid_t)( -1 ), filename ); remove( filename ); remove( PSA_ITS_STORAGE_TEMP ); uid_max = 0; } -static psa_its_status_t psa_its_set_wrap( uint32_t uid, - uint32_t data_length, - const void *p_data, - psa_its_create_flags_t create_flags ) +static psa_status_t psa_its_set_wrap( psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags ) { - if( uid_max != 0xffffffff && uid_max < uid ) + if( uid_max != (psa_storage_uid_t)( -1 ) && uid_max < uid ) uid_max = uid; - return psa_its_set( uid, data_length, p_data, create_flags ); + return( psa_its_set( uid, data_length, p_data, create_flags ) ); } /* END_HEADER */ @@ -60,22 +65,22 @@ static psa_its_status_t psa_its_set_wrap( uint32_t uid, /* BEGIN_CASE */ void set_get_remove( int uid_arg, int flags_arg, data_t *data ) { - uint32_t uid = uid_arg; + psa_storage_uid_t uid = uid_arg; uint32_t flags = flags_arg; - struct psa_its_info_t info; + struct psa_storage_info_t info; unsigned char *buffer = NULL; ASSERT_ALLOC( buffer, data->len ); - ITS_ASSERT( psa_its_set_wrap( uid, data->len, data->x, flags ) ); + PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, flags ) ); - ITS_ASSERT( psa_its_get_info( uid, &info ) ); + PSA_ASSERT( psa_its_get_info( uid, &info ) ); TEST_ASSERT( info.size == data->len ); TEST_ASSERT( info.flags == flags ); - ITS_ASSERT( psa_its_get( uid, 0, data->len, buffer ) ); + PSA_ASSERT( psa_its_get( uid, 0, data->len, buffer ) ); ASSERT_COMPARE( data->x, data->len, buffer, data->len ); - ITS_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT( psa_its_remove( uid ) ); exit: mbedtls_free( buffer ); @@ -88,29 +93,29 @@ void set_overwrite( int uid_arg, int flags1_arg, data_t *data1, int flags2_arg, data_t *data2 ) { - uint32_t uid = uid_arg; + psa_storage_uid_t uid = uid_arg; uint32_t flags1 = flags1_arg; uint32_t flags2 = flags2_arg; - struct psa_its_info_t info; + struct psa_storage_info_t info; unsigned char *buffer = NULL; ASSERT_ALLOC( buffer, MAX( data1->len, data2->len ) ); - ITS_ASSERT( psa_its_set_wrap( uid, data1->len, data1->x, flags1 ) ); - ITS_ASSERT( psa_its_get_info( uid, &info ) ); + PSA_ASSERT( psa_its_set_wrap( uid, data1->len, data1->x, flags1 ) ); + PSA_ASSERT( psa_its_get_info( uid, &info ) ); TEST_ASSERT( info.size == data1->len ); TEST_ASSERT( info.flags == flags1 ); - ITS_ASSERT( psa_its_get( uid, 0, data1->len, buffer ) ); + PSA_ASSERT( psa_its_get( uid, 0, data1->len, buffer ) ); ASSERT_COMPARE( data1->x, data1->len, buffer, data1->len ); - ITS_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) ); - ITS_ASSERT( psa_its_get_info( uid, &info ) ); + PSA_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) ); + PSA_ASSERT( psa_its_get_info( uid, &info ) ); TEST_ASSERT( info.size == data2->len ); TEST_ASSERT( info.flags == flags2 ); - ITS_ASSERT( psa_its_get( uid, 0, data2->len, buffer ) ); + PSA_ASSERT( psa_its_get( uid, 0, data2->len, buffer ) ); ASSERT_COMPARE( data2->x, data2->len, buffer, data2->len ); - ITS_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT( psa_its_remove( uid ) ); exit: mbedtls_free( buffer ); @@ -121,8 +126,8 @@ exit: /* BEGIN_CASE */ void set_multiple( int first_id, int count ) { - uint32_t uid0 = first_id; - uint32_t uid; + psa_storage_uid_t uid0 = first_id; + psa_storage_uid_t uid; char stored[40]; char retrieved[40]; @@ -131,19 +136,19 @@ void set_multiple( int first_id, int count ) { mbedtls_snprintf( stored, sizeof( stored ), "Content of file 0x%08lx", (unsigned long) uid ); - ITS_ASSERT( psa_its_set_wrap( uid, sizeof( stored ), stored, 0 ) ); + PSA_ASSERT( psa_its_set_wrap( uid, sizeof( stored ), stored, 0 ) ); } for( uid = uid0; uid < uid0 + count; uid++ ) { mbedtls_snprintf( stored, sizeof( stored ), "Content of file 0x%08lx", (unsigned long) uid ); - ITS_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved ) ); + PSA_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved ) ); ASSERT_COMPARE( retrieved, sizeof( stored ), stored, sizeof( stored ) ); - ITS_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT( psa_its_remove( uid ) ); TEST_ASSERT( psa_its_get( uid, 0, 0, NULL ) == - PSA_ITS_ERROR_KEY_NOT_FOUND ); + PSA_ERROR_DOES_NOT_EXIST ); } exit: @@ -154,20 +159,20 @@ exit: /* BEGIN_CASE */ void nonexistent( int uid_arg, int create_and_remove ) { - uint32_t uid = uid_arg; - struct psa_its_info_t info; + psa_storage_uid_t uid = uid_arg; + struct psa_storage_info_t info; if( create_and_remove ) { - ITS_ASSERT( psa_its_set_wrap( uid, 0, NULL, 0 ) ); - ITS_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT( psa_its_set_wrap( uid, 0, NULL, 0 ) ); + PSA_ASSERT( psa_its_remove( uid ) ); } - TEST_ASSERT( psa_its_remove( uid ) == PSA_ITS_ERROR_KEY_NOT_FOUND ); + TEST_ASSERT( psa_its_remove( uid ) == PSA_ERROR_DOES_NOT_EXIST ); TEST_ASSERT( psa_its_get_info( uid, &info ) == - PSA_ITS_ERROR_KEY_NOT_FOUND ); + PSA_ERROR_DOES_NOT_EXIST ); TEST_ASSERT( psa_its_get( uid, 0, 0, NULL ) == - PSA_ITS_ERROR_KEY_NOT_FOUND ); + PSA_ERROR_DOES_NOT_EXIST ); exit: cleanup( ); @@ -179,9 +184,9 @@ void get_at( int uid_arg, data_t *data, int offset, int length_arg, int expected_status ) { - uint32_t uid = uid_arg; + psa_storage_uid_t uid = uid_arg; unsigned char *buffer = NULL; - psa_its_status_t ist; + psa_status_t status; size_t length = length_arg >= 0 ? length_arg : 0; unsigned char *trailer; size_t i; @@ -190,16 +195,16 @@ void get_at( int uid_arg, data_t *data, trailer = buffer + length; memset( trailer, '-', 16 ); - ITS_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); + PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); - ist = psa_its_get( uid, offset, length_arg, buffer ); - TEST_ASSERT( ist == (psa_its_status_t) expected_status ); - if( ist == PSA_ITS_SUCCESS ) + status = psa_its_get( uid, offset, length_arg, buffer ); + TEST_ASSERT( status == (psa_status_t) expected_status ); + if( status == PSA_SUCCESS ) ASSERT_COMPARE( data->x + offset, length, buffer, length ); for( i = 0; i < 16; i++ ) TEST_ASSERT( trailer[i] == '-' ); - ITS_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT( psa_its_remove( uid ) ); exit: mbedtls_free( buffer ); From 23793482ac41d9cf0195e89e5e9a63583d2328d0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 12:32:16 +0100 Subject: [PATCH 1133/2197] Support ITS over file in PSA crypto --- include/mbedtls/config.h | 5 +++-- library/psa_crypto_storage_its.c | 7 ++++++- tests/suites/test_suite_psa_crypto_persistent_key.data | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 8aec292fe..45b1932dd 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2771,7 +2771,7 @@ /** * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C * - * Enable persistent key storage over files for the + * Enable direct persistent key storage over files for the * Platform Security Architecture cryptography API. * * Module: library/psa_crypto_storage_file.c @@ -2789,7 +2789,8 @@ * * Module: library/psa_crypto_storage_its.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * Requires: MBEDTLS_PSA_CRYPTO_C, + * either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C * */ //#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 447c0aebb..8291f1fc3 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -27,11 +27,16 @@ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) +#if defined(MBEDTLS_PSA_ITS_FILE_C) +#include "psa_crypto_its.h" +#else /* Native ITS implementation */ #include "psa/error.h" #include "psa_crypto_service_integration.h" +#include "psa/internal_trusted_storage.h" +#endif + #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" -#include "psa/internal_trusted_storage.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 613968dd5..f97a5e063 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -18,7 +18,7 @@ parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_US # Not specific to files, but only run this test in an environment where the maximum size could be reached. Save maximum size persistent raw key -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +depends_on:MBEDTLS_PSA_ITS_FILE_C save_large_persistent_key:0:PSA_SUCCESS Save larger than maximum size persistent raw key, should fail From e435f23019c040dd30c1def3176f134466770dc7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 14:03:29 +0100 Subject: [PATCH 1134/2197] Remove psa_crypto_storage_file Now that we have ITS over files, we no longer need a direct backend for key storage over files. Remove psa_crypto_storage_file and its tests. Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on by default. This preserves functionality and test coverage in the default configuration, but forgets any key previously stored using the file backend. --- configs/config-psa-crypto.h | 34 ++- include/mbedtls/check_config.h | 13 +- include/mbedtls/config.h | 19 +- library/CMakeLists.txt | 1 - library/Makefile | 1 - library/psa_crypto_storage_file.c | 220 ------------------ library/version_features.c | 3 - programs/test/query_config.c | 8 - scripts/config.pl | 3 +- tests/CMakeLists.txt | 1 - tests/scripts/all.sh | 15 +- .../test_suite_psa_crypto_storage_file.data | 43 ---- ...est_suite_psa_crypto_storage_file.function | 157 ------------- visualc/VS2010/mbedTLS.vcxproj | 1 - 14 files changed, 30 insertions(+), 489 deletions(-) delete mode 100644 library/psa_crypto_storage_file.c delete mode 100644 tests/suites/test_suite_psa_crypto_storage_file.data delete mode 100644 tests/suites/test_suite_psa_crypto_storage_file.function diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index a8e06348b..420f62485 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -2719,26 +2719,11 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C and one of either - * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * (but not both) + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C * */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - * - * Enable persistent key storage over files for the - * Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto_storage_file.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO - * - */ -#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - /** * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C * @@ -2747,10 +2732,23 @@ * * Module: library/psa_crypto_storage_its.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * Requires: MBEDTLS_PSA_CRYPTO_C, + * either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C * */ -//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C +#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + +/** + * \def MBEDTLS_PSA_ITS_FILE_C + * + * Enable the emulation of the Platform Security Architecture + * Internal Trusted Storage (PSA ITS) over files. + * + * Module: library/psa_its_file.c + * + * Requires: MBEDTLS_FS_IO + */ +#define MBEDTLS_PSA_ITS_FILE_C /** * \def MBEDTLS_RIPEMD160_C diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 28cdb43a4..7d6c0c98d 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -525,23 +525,12 @@ #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) -#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined" -#endif - #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ !( defined(MBEDTLS_PSA_CRYPTO_C) && \ - ( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) || \ - defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) ) + defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && \ - !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ - defined(MBEDTLS_FS_IO) ) -#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) && \ ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) #error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 45b1932dd..f8585c7cb 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2761,26 +2761,11 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C and one of either - * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * (but not both) + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C * */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - * - * Enable direct persistent key storage over files for the - * Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto_storage_file.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO - * - */ -#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - /** * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C * @@ -2793,7 +2778,7 @@ * either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C * */ -//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C +#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C /** * \def MBEDTLS_PSA_ITS_FILE_C diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 244dc34bb..70b1a136d 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -56,7 +56,6 @@ set(src_crypto psa_crypto.c psa_crypto_slot_management.c psa_crypto_storage.c - psa_crypto_storage_file.c psa_crypto_storage_its.c psa_its_file.c ripemd160.c diff --git a/library/Makefile b/library/Makefile index 1fd159d8c..0a128380a 100644 --- a/library/Makefile +++ b/library/Makefile @@ -85,7 +85,6 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ psa_crypto.o \ psa_crypto_slot_management.o \ psa_crypto_storage.o \ - psa_crypto_storage_file.o \ psa_crypto_storage_its.o \ psa_its_file.o \ ripemd160.o rsa_internal.o rsa.o \ diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c deleted file mode 100644 index c4a534fe3..000000000 --- a/library/psa_crypto_storage_file.c +++ /dev/null @@ -1,220 +0,0 @@ -/* - * PSA file storage backend for persistent keys - */ -/* Copyright (C) 2018, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) - -#include - -#include "psa/crypto.h" -#include "psa_crypto_storage_backend.h" -#include "mbedtls/platform_util.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_snprintf snprintf -#endif - -/* This option sets where files are to be stored. If this is left unset, - * the files by default will be stored in the same location as the program, - * which may not be desired or possible. */ -#if !defined(CRYPTO_STORAGE_FILE_LOCATION) -#define CRYPTO_STORAGE_FILE_LOCATION "" -#endif - -enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 }; - -static void key_id_to_location( const psa_key_file_id_t key, - char *location, - size_t location_size ) -{ - mbedtls_snprintf( location, location_size, - CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", - (unsigned long) key ); -} - -psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, - size_t data_size ) -{ - psa_status_t status = PSA_SUCCESS; - FILE *file; - size_t num_read; - char slot_location[MAX_LOCATION_LEN]; - - key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); - file = fopen( slot_location, "rb" ); - if( file == NULL ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - num_read = fread( data, 1, data_size, file ); - if( num_read != data_size ) - status = PSA_ERROR_STORAGE_FAILURE; - -exit: - if( file != NULL ) - fclose( file ); - return( status ); -} - -int psa_is_key_present_in_storage( const psa_key_file_id_t key ) -{ - char slot_location[MAX_LOCATION_LEN]; - FILE *file; - - key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); - - file = fopen( slot_location, "r" ); - if( file == NULL ) - { - /* File doesn't exist */ - return( 0 ); - } - - fclose( file ); - return( 1 ); -} - -psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, - const uint8_t *data, - size_t data_length ) -{ - psa_status_t status = PSA_SUCCESS; - int ret; - size_t num_written; - char slot_location[MAX_LOCATION_LEN]; - FILE *file; - /* The storage location corresponding to "key slot 0" is used as a - * temporary location in order to make the apparition of the actual slot - * file atomic. 0 is not a valid key slot number, so this should not - * affect actual keys. */ - const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"; - - key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); - - if( psa_is_key_present_in_storage( key ) == 1 ) - return( PSA_ERROR_ALREADY_EXISTS ); - - file = fopen( temp_location, "wb" ); - if( file == NULL ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - - num_written = fwrite( data, 1, data_length, file ); - if( num_written != data_length ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - - ret = fclose( file ); - file = NULL; - if( ret != 0 ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - - if( rename( temp_location, slot_location ) != 0 ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - -exit: - if( file != NULL ) - fclose( file ); - remove( temp_location ); - return( status ); -} - -psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) -{ - FILE *file; - char slot_location[MAX_LOCATION_LEN]; - - key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); - - /* Only try remove the file if it exists */ - file = fopen( slot_location, "rb" ); - if( file != NULL ) - { - fclose( file ); - - if( remove( slot_location ) != 0 ) - return( PSA_ERROR_STORAGE_FAILURE ); - } - return( PSA_SUCCESS ); -} - -psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, - size_t *data_length ) -{ - psa_status_t status = PSA_SUCCESS; - FILE *file; - long file_size; - char slot_location[MAX_LOCATION_LEN]; - - key_id_to_location( key, slot_location, MAX_LOCATION_LEN ); - - file = fopen( slot_location, "rb" ); - if( file == NULL ) - return( PSA_ERROR_DOES_NOT_EXIST ); - - if( fseek( file, 0, SEEK_END ) != 0 ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - - file_size = ftell( file ); - - if( file_size < 0 ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - -#if LONG_MAX > SIZE_MAX - if( (unsigned long) file_size > SIZE_MAX ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } -#endif - *data_length = (size_t) file_size; - -exit: - fclose( file ); - return( status ); -} - -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ diff --git a/library/version_features.c b/library/version_features.c index 220a5dad5..6ad9988d7 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -714,9 +714,6 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) "MBEDTLS_PSA_CRYPTO_STORAGE_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) - "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 7993be6bf..7c1f8b4e8 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1946,14 +1946,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ - #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", config ) == 0 ) { diff --git a/scripts/config.pl b/scripts/config.pl index 624decaca..5542b2d15 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -103,7 +103,6 @@ MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_HAS_ITS_IO MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER -MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C MBEDTLS_USE_PSA_CRYPTO _ALT\s*$ ); @@ -125,9 +124,9 @@ MBEDTLS_MEMORY_BUFFER_ALLOC_C MBEDTLS_PLATFORM_TIME_ALT MBEDTLS_PLATFORM_FPRINTF_ALT MBEDTLS_PSA_CRYPTO_STORAGE_C -MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C MBEDTLS_PSA_HAS_ITS_IO +MBEDTLS_PSA_ITS_FILE_C ); # Things that should be enabled in "full" even if they match @excluded diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 421fd7a75..1b239a45d 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -141,7 +141,6 @@ add_test_suite(psa_crypto_init) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_slot_management) -add_test_suite(psa_crypto_storage_file) add_test_suite(psa_its) add_test_suite(shax) add_test_suite(timing) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2806426c1..d995ba50c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -689,8 +689,9 @@ component_test_no_platform () { scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C + scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, # to re-enable platform integration features otherwise disabled in C99 builds make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs @@ -870,7 +871,8 @@ component_build_arm_none_eabi_gcc () { scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY @@ -889,7 +891,8 @@ component_build_arm_none_eabi_gcc_no_udbl_division () { scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY @@ -911,7 +914,8 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY @@ -933,7 +937,8 @@ component_build_armcc () { scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_HAVE_TIME diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data deleted file mode 100644 index 4b068e121..000000000 --- a/tests/suites/test_suite_psa_crypto_storage_file.data +++ /dev/null @@ -1,43 +0,0 @@ -PSA Storage Load verify loaded file -depends_on:MBEDTLS_FS_IO -load_data_from_file:1:"deadbeef":1:4:PSA_SUCCESS - -PSA Storage Load check slots dont share state -depends_on:MBEDTLS_FS_IO -load_data_from_file:2:"deadbeef":1:4:PSA_ERROR_STORAGE_FAILURE - -PSA Storage Load zero length file -depends_on:MBEDTLS_FS_IO -load_data_from_file:1:"":1:1:PSA_SUCCESS - -PSA Storage Load less than capacity of data buffer -depends_on:MBEDTLS_FS_IO -load_data_from_file:1:"deadbeef":1:5:PSA_SUCCESS - -PSA Storage Load nonexistent file location, should fail -depends_on:MBEDTLS_FS_IO -load_data_from_file:1:"deadbeef":0:4:PSA_ERROR_STORAGE_FAILURE - -PSA Storage Store verify stored file -depends_on:MBEDTLS_FS_IO -write_data_to_file:"deadbeef":PSA_SUCCESS - -PSA Storage Store into preexisting location, should fail -depends_on:MBEDTLS_FS_IO -write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_ALREADY_EXISTS - -PSA Storage Store, preexisting temp_location file, should succeed -depends_on:MBEDTLS_FS_IO -write_data_to_prexisting_file:"psa_key_slot_0":"deadbeef":PSA_SUCCESS - -PSA Storage Get data size verify data size -depends_on:MBEDTLS_FS_IO -get_file_size:"deadbeef":4:PSA_SUCCESS:1 - -PSA Storage Get data size verify data size zero length file -depends_on:MBEDTLS_FS_IO -get_file_size:"":0:PSA_SUCCESS:1 - -PSA Storage Get data size nonexistent file location, should fail -depends_on:MBEDTLS_FS_IO -get_file_size:"deadbeef":4:PSA_ERROR_DOES_NOT_EXIST:0 diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function deleted file mode 100644 index e596be1d7..000000000 --- a/tests/suites/test_suite_psa_crypto_storage_file.function +++ /dev/null @@ -1,157 +0,0 @@ -/* BEGIN_HEADER */ -#include -#include "psa/crypto.h" -#include "psa_crypto_storage_backend.h" - -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ -void load_data_from_file( int id_to_load_arg, - data_t *data, int should_make_file, - int capacity_arg, int expected_status ) -{ - psa_key_id_t id_to_load = id_to_load_arg; - char slot_location[] = "psa_key_slot_1"; - psa_status_t status; - int ret; - size_t file_size = 0; - uint8_t *loaded_data = NULL; - size_t capacity = (size_t) capacity_arg; - - if( should_make_file == 1 ) - { - /* Create a file with data contents, with mask permissions. */ - FILE *file; - file = fopen( slot_location, "wb+" ); - TEST_ASSERT( file != NULL ); - file_size = fwrite( data->x, 1, data->len, file ); - TEST_EQUAL( file_size, data->len ); - ret = fclose( file ); - TEST_EQUAL( ret, 0 ); - } - - /* Read from the file with psa_crypto_storage_load. */ - ASSERT_ALLOC( loaded_data, capacity ); - status = psa_crypto_storage_load( id_to_load, loaded_data, file_size ); - - /* Check we get the expected status. */ - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) - goto exit; - - /* Check that the file data and data length is what we expect. */ - ASSERT_COMPARE( data->x, data->len, loaded_data, file_size ); - -exit: - mbedtls_free( loaded_data ); - remove( slot_location ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void write_data_to_file( data_t *data, int expected_status ) -{ - char slot_location[] = "psa_key_slot_1"; - psa_status_t status; - int ret; - FILE *file; - size_t file_size; - size_t num_read; - uint8_t *loaded_data = NULL; - - /* Write data to file. */ - status = psa_crypto_storage_store( 1, data->x, data->len ); - - /* Check that we got the expected status. */ - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) - goto exit; - - /* Check that the file length is what we expect */ - file = fopen( slot_location, "rb" ); - TEST_ASSERT( file != NULL ); - fseek( file, 0, SEEK_END ); - file_size = (size_t) ftell( file ); - fseek( file, 0, SEEK_SET ); - TEST_EQUAL( file_size, data->len ); - - /* Check that the file contents are what we expect */ - ASSERT_ALLOC( loaded_data, data->len ); - - num_read = fread( loaded_data, 1, file_size, file ); - TEST_EQUAL( num_read, file_size ); - ASSERT_COMPARE( data->x, data->len, loaded_data, file_size ); - ret = fclose( file ); - TEST_EQUAL( ret, 0 ); - -exit: - mbedtls_free( loaded_data ); - remove( slot_location ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void get_file_size( data_t *data, int expected_data_length, - int expected_status, int should_make_file ) -{ - char slot_location[] = "psa_key_slot_1"; - psa_status_t status; - int ret; - size_t file_size; - - if( should_make_file ) - { - /* Create a file with data contents, with mask permissions. */ - FILE *file; - file = fopen( slot_location, "wb+" ); - TEST_ASSERT( file != NULL ); - file_size = fwrite( data->x, 1, data->len, file ); - TEST_EQUAL( file_size, data->len ); - ret = fclose( file ); - TEST_EQUAL( ret, 0 ); - } - - /* Check get data size is what we expect */ - status = psa_crypto_storage_get_data_length( 1, &file_size ); - TEST_EQUAL( status, expected_status ); - if( expected_status == PSA_SUCCESS ) - TEST_EQUAL( file_size, (size_t)expected_data_length ); - -exit: - remove( slot_location ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void write_data_to_prexisting_file( char *preexist_file_location, - data_t *data, int expected_status ) -{ - char slot_location[] = "psa_key_slot_1"; - psa_status_t status; - int ret; - FILE *file; - - /* Create file first */ - file = fopen( preexist_file_location, "wb" ); - TEST_ASSERT( file != NULL ); - ret = fclose( file ); - TEST_EQUAL( ret, 0 ); - - /* Write data to file. */ - status = psa_crypto_storage_store( 1, data->x, data->len ); - - /* Check that we got the expected status. */ - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) - goto exit; - -exit: - remove( preexist_file_location ); - remove( slot_location ); -} -/* END_CASE */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 08ab37d97..99f0f2768 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -302,7 +302,6 @@ - From 088b77f39c4ba71b6a941ca7d30959c5ae257a48 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 17:00:27 +0100 Subject: [PATCH 1135/2197] Merge psa_crypto_storage_its into psa_crypto_storage Since the ITS API has stabilized and we don't plan to make use of more than ITS, we don't need an abstraction layer between key storage and key storage over ITS. Merge the ITS code into the generic storage module. --- configs/config-psa-crypto.h | 19 +--- include/mbedtls/check_config.h | 8 +- include/mbedtls/config.h | 19 +--- library/CMakeLists.txt | 1 - library/Makefile | 1 - library/psa_crypto_storage.c | 132 ++++++++++++++++++++++++ library/psa_crypto_storage_its.c | 169 ------------------------------- library/version_features.c | 3 - programs/test/query_config.c | 8 -- visualc/VS2010/mbedTLS.vcxproj | 1 - 10 files changed, 139 insertions(+), 222 deletions(-) delete mode 100644 library/psa_crypto_storage_its.c diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 420f62485..0b57d1c7f 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -2719,25 +2719,12 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * + * Requires: MBEDTLS_PSA_CRYPTO_C, + * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of + * the PSA ITS interface */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * - * Enable persistent key storage over PSA ITS for the - * Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto_storage_its.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, - * either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C - * - */ -#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - /** * \def MBEDTLS_PSA_ITS_FILE_C * diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 7d6c0c98d..607deb96f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -526,16 +526,10 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ - !( defined(MBEDTLS_PSA_CRYPTO_C) && \ - defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) + ! defined(MBEDTLS_PSA_CRYPTO_C) #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) && \ - ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -#error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_PSA_ITS_FILE_C) && \ !defined(MBEDTLS_FS_IO) #error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f8585c7cb..f27b50e5a 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2761,25 +2761,12 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * + * Requires: MBEDTLS_PSA_CRYPTO_C, + * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of + * the PSA ITS interface */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * - * Enable persistent key storage over PSA ITS for the - * Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto_storage_its.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, - * either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C - * - */ -#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - /** * \def MBEDTLS_PSA_ITS_FILE_C * diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 70b1a136d..72378da78 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -56,7 +56,6 @@ set(src_crypto psa_crypto.c psa_crypto_slot_management.c psa_crypto_storage.c - psa_crypto_storage_its.c psa_its_file.c ripemd160.c rsa.c diff --git a/library/Makefile b/library/Makefile index 0a128380a..6ed5e6861 100644 --- a/library/Makefile +++ b/library/Makefile @@ -85,7 +85,6 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ psa_crypto.o \ psa_crypto_slot_management.o \ psa_crypto_storage.o \ - psa_crypto_storage_its.o \ psa_its_file.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 84a6ed558..8af3d081f 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -44,6 +44,138 @@ #define mbedtls_free free #endif +#if defined(MBEDTLS_PSA_ITS_FILE_C) +#include "psa_crypto_its.h" +#else /* Native ITS implementation */ +#include "psa/error.h" +#include "psa_crypto_service_integration.h" +#include "psa/internal_trusted_storage.h" +#endif + +/* Determine a file name (ITS file identifier) for the given key file + * identifier. The file name must be distinct from any file that is used + * for a purpose other than storing a key. Currently, the only such file + * is the random seed file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID + * and whose value is 0xFFFFFF52. */ +static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id ) +{ +#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) && \ + defined(PSA_CRYPTO_SECURE) + /* Encode the owner in the upper 32 bits. This means that if + * owner values are nonzero (as they are on a PSA platform), + * no key file will ever have a value less than 0x100000000, so + * the whole range 0..0xffffffff is available for non-key files. */ + uint32_t unsigned_owner = (uint32_t) file_id.owner; + return( (uint64_t) unsigned_owner << 32 | file_id.key_id ); +#else + /* Use the key id directly as a file name. + * psa_is_key_file_id_valid() in psa_crypto_slot_management.c + * is responsible for ensuring that key identifiers do not have a + * value that is reserved for non-key files. */ + return( file_id ); +#endif +} + +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, + size_t data_size ) +{ + psa_status_t status; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; + + status = psa_its_get_info( data_identifier, &data_identifier_info ); + if( status != PSA_SUCCESS ) + return( status ); + + status = psa_its_get( data_identifier, 0, data_size, data ); + + return( status ); +} + +int psa_is_key_present_in_storage( const psa_key_file_id_t key ) +{ + psa_status_t ret; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + + if( ret == PSA_ERROR_DOES_NOT_EXIST ) + return( 0 ); + return( 1 ); +} + +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; + + if( psa_is_key_present_in_storage( key ) == 1 ) + return( PSA_ERROR_ALREADY_EXISTS ); + + status = psa_its_set( data_identifier, data_length, data, 0 ); + if( status != PSA_SUCCESS ) + { + return( PSA_ERROR_STORAGE_FAILURE ); + } + + status = psa_its_get_info( data_identifier, &data_identifier_info ); + if( status != PSA_SUCCESS ) + { + goto exit; + } + + if( data_identifier_info.size != data_length ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + +exit: + if( status != PSA_SUCCESS ) + psa_its_remove( data_identifier ); + return( status ); +} + +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) +{ + psa_status_t ret; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + if( ret == PSA_ERROR_DOES_NOT_EXIST ) + return( PSA_SUCCESS ); + + if( psa_its_remove( data_identifier ) != PSA_SUCCESS ) + return( PSA_ERROR_STORAGE_FAILURE ); + + ret = psa_its_get_info( data_identifier, &data_identifier_info ); + if( ret != PSA_ERROR_DOES_NOT_EXIST ) + return( PSA_ERROR_STORAGE_FAILURE ); + + return( PSA_SUCCESS ); +} + +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, + size_t *data_length ) +{ + psa_status_t status; + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + struct psa_storage_info_t data_identifier_info; + + status = psa_its_get_info( data_identifier, &data_identifier_info ); + if( status != PSA_SUCCESS ) + return( status ); + + *data_length = (size_t) data_identifier_info.size; + + return( PSA_SUCCESS ); +} + /* * 32-bit integer manipulation macros (little endian) */ diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c deleted file mode 100644 index 8291f1fc3..000000000 --- a/library/psa_crypto_storage_its.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * PSA storage backend for persistent keys using psa_its APIs. - */ -/* Copyright (C) 2018, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) - -#if defined(MBEDTLS_PSA_ITS_FILE_C) -#include "psa_crypto_its.h" -#else /* Native ITS implementation */ -#include "psa/error.h" -#include "psa_crypto_service_integration.h" -#include "psa/internal_trusted_storage.h" -#endif - -#include "psa/crypto.h" -#include "psa_crypto_storage_backend.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#endif - -/* Determine a file name (ITS file identifier) for the given key file - * identifier. The file name must be distinct from any file that is used - * for a purpose other than storing a key. Currently, the only such file - * is the random seed file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID - * and whose value is 0xFFFFFF52. */ -static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id ) -{ -#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) && \ - defined(PSA_CRYPTO_SECURE) - /* Encode the owner in the upper 32 bits. This means that if - * owner values are nonzero (as they are on a PSA platform), - * no key file will ever have a value less than 0x100000000, so - * the whole range 0..0xffffffff is available for non-key files. */ - uint32_t unsigned_owner = (uint32_t) file_id.owner; - return( (uint64_t) unsigned_owner << 32 | file_id.key_id ); -#else - /* Use the key id directly as a file name. - * psa_is_key_file_id_valid() in psa_crypto_slot_management.c - * is responsible for ensuring that key identifiers do not have a - * value that is reserved for non-key files. */ - return( file_id ); -#endif -} - -psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, - size_t data_size ) -{ - psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_storage_info_t data_identifier_info; - - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - return( status ); - - status = psa_its_get( data_identifier, 0, data_size, data ); - - return( status ); -} - -int psa_is_key_present_in_storage( const psa_key_file_id_t key ) -{ - psa_status_t ret; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_storage_info_t data_identifier_info; - - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - - if( ret == PSA_ERROR_DOES_NOT_EXIST ) - return( 0 ); - return( 1 ); -} - -psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, - const uint8_t *data, - size_t data_length ) -{ - psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_storage_info_t data_identifier_info; - - if( psa_is_key_present_in_storage( key ) == 1 ) - return( PSA_ERROR_ALREADY_EXISTS ); - - status = psa_its_set( data_identifier, data_length, data, 0 ); - if( status != PSA_SUCCESS ) - { - return( PSA_ERROR_STORAGE_FAILURE ); - } - - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - { - goto exit; - } - - if( data_identifier_info.size != data_length ) - { - status = PSA_ERROR_STORAGE_FAILURE; - goto exit; - } - -exit: - if( status != PSA_SUCCESS ) - psa_its_remove( data_identifier ); - return( status ); -} - -psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) -{ - psa_status_t ret; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_storage_info_t data_identifier_info; - - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ERROR_DOES_NOT_EXIST ) - return( PSA_SUCCESS ); - - if( psa_its_remove( data_identifier ) != PSA_SUCCESS ) - return( PSA_ERROR_STORAGE_FAILURE ); - - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ERROR_DOES_NOT_EXIST ) - return( PSA_ERROR_STORAGE_FAILURE ); - - return( PSA_SUCCESS ); -} - -psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, - size_t *data_length ) -{ - psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); - struct psa_storage_info_t data_identifier_info; - - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - return( status ); - - *data_length = (size_t) data_identifier_info.size; - - return( PSA_SUCCESS ); -} - -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ diff --git a/library/version_features.c b/library/version_features.c index 6ad9988d7..61a662c1e 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -714,9 +714,6 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) "MBEDTLS_PSA_CRYPTO_STORAGE_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) - "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ #if defined(MBEDTLS_PSA_ITS_FILE_C) "MBEDTLS_PSA_ITS_FILE_C", #endif /* MBEDTLS_PSA_ITS_FILE_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 7c1f8b4e8..3e847e5d9 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1946,14 +1946,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ - #if defined(MBEDTLS_PSA_ITS_FILE_C) if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 ) { diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 99f0f2768..41357eea4 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -302,7 +302,6 @@ - From 5e80d91dbfdf18aa47fc5b59db501d1e08ababd0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 17:10:18 +0100 Subject: [PATCH 1136/2197] Remove psa_crypto_storage_backend.h Since there is now a single storage backend, we don't need a backend interface. Make the functions that were declared in psa_crypto_storage_backend.h and are now both defined and used in psa_crypto_storage.c static, except for psa_is_key_present_in_storage which is used by the gray-box tests and is now declared in psa_crypto_storage.h. --- library/psa_crypto_storage.c | 73 ++++++++--- library/psa_crypto_storage.h | 15 +++ library/psa_crypto_storage_backend.h | 115 ------------------ ...t_suite_psa_crypto_persistent_key.function | 1 - visualc/VS2010/mbedTLS.vcxproj | 1 - 5 files changed, 72 insertions(+), 133 deletions(-) delete mode 100644 library/psa_crypto_storage_backend.h diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 8af3d081f..bda9c0ce8 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -33,9 +33,15 @@ #include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage.h" -#include "psa_crypto_storage_backend.h" #include "mbedtls/platform_util.h" +#if defined(MBEDTLS_PSA_ITS_FILE_C) +#include "psa_crypto_its.h" +#else /* Native ITS implementation */ +#include "psa/error.h" +#include "psa/internal_trusted_storage.h" +#endif + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -44,14 +50,6 @@ #define mbedtls_free free #endif -#if defined(MBEDTLS_PSA_ITS_FILE_C) -#include "psa_crypto_its.h" -#else /* Native ITS implementation */ -#include "psa/error.h" -#include "psa_crypto_service_integration.h" -#include "psa/internal_trusted_storage.h" -#endif - /* Determine a file name (ITS file identifier) for the given key file * identifier. The file name must be distinct from any file that is used * for a purpose other than storing a key. Currently, the only such file @@ -76,8 +74,24 @@ static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id ) #endif } -psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, - size_t data_size ) +/** + * \brief Load persistent data for the given key slot number. + * + * This function reads data from a storage backend and returns the data in a + * buffer. + * + * \param key Persistent identifier of the key to be loaded. This + * should be an occupied storage location. + * \param[out] data Buffer where the data is to be written. + * \param data_size Size of the \c data buffer in bytes. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_STORAGE_FAILURE + * \retval PSA_ERROR_DOES_NOT_EXIST + */ +static psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, + uint8_t *data, + size_t data_size ) { psa_status_t status; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); @@ -105,9 +119,25 @@ int psa_is_key_present_in_storage( const psa_key_file_id_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, - const uint8_t *data, - size_t data_length ) +/** + * \brief Store persistent data for the given key slot number. + * + * This function stores the given data buffer to a persistent storage. + * + * \param key Persistent identifier of the key to be stored. This + * should be an unoccupied storage location. + * \param[in] data Buffer containing the data to be stored. + * \param data_length The number of bytes + * that make up the data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_INSUFFICIENT_STORAGE + * \retval PSA_ERROR_STORAGE_FAILURE + * \retval PSA_ERROR_ALREADY_EXISTS + */ +static psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, + const uint8_t *data, + size_t data_length ) { psa_status_t status; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); @@ -160,8 +190,19 @@ psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, - size_t *data_length ) +/** + * \brief Get data length for given key slot number. + * + * \param key Persistent identifier whose stored data length + * is to be obtained. + * \param[out] data_length The number of bytes that make up the data. + * + * \retval PSA_SUCCESS + * \retval PSA_ERROR_STORAGE_FAILURE + */ +static psa_status_t psa_crypto_storage_get_data_length( + const psa_key_file_id_t key, + size_t *data_length ) { psa_status_t status; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 7e5aae9f9..902e3026b 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -61,6 +61,21 @@ extern "C" { */ #define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff +/** + * \brief Checks if persistent data is stored for the given key slot number + * + * This function checks if any key data or metadata exists for the key slot in + * the persistent storage. + * + * \param key Persistent identifier to check. + * + * \retval 0 + * No persistent data present for slot number + * \retval 1 + * Persistent data present for slot number + */ +int psa_is_key_present_in_storage( const psa_key_file_id_t key ); + /** * \brief Format key data and metadata and save to a location for given key * slot. diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h deleted file mode 100644 index dd534d2ff..000000000 --- a/library/psa_crypto_storage_backend.h +++ /dev/null @@ -1,115 +0,0 @@ -/** - * \file psa_crypto_storage_backend.h - * - * \brief PSA cryptography module: Mbed TLS key storage backend - */ -/* - * Copyright (C) 2018, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef PSA_CRYPTO_STORAGE_BACKEND_H -#define PSA_CRYPTO_STORAGE_BACKEND_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* Include the Mbed TLS configuration file, the way Mbed TLS does it - * in each of its header files. */ -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif - -#include "psa/crypto.h" -#include "psa_crypto_storage.h" -#include - -/** - * \brief Load persistent data for the given key slot number. - * - * This function reads data from a storage backend and returns the data in a - * buffer. - * - * \param key Persistent identifier of the key to be loaded. This - * should be an occupied storage location. - * \param[out] data Buffer where the data is to be written. - * \param data_size Size of the \c data buffer in bytes. - * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_DOES_NOT_EXIST - */ -psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, - size_t data_size ); - -/** - * \brief Store persistent data for the given key slot number. - * - * This function stores the given data buffer to a persistent storage. - * - * \param key Persistent identifier of the key to be stored. This - * should be an unoccupied storage location. - * \param[in] data Buffer containing the data to be stored. - * \param data_length The number of bytes - * that make up the data. - * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_INSUFFICIENT_STORAGE - * \retval PSA_ERROR_STORAGE_FAILURE - * \retval PSA_ERROR_ALREADY_EXISTS - */ -psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, - const uint8_t *data, - size_t data_length ); - -/** - * \brief Checks if persistent data is stored for the given key slot number - * - * This function checks if any key data or metadata exists for the key slot in - * the persistent storage. - * - * \param key Persistent identifier to check. - * - * \retval 0 - * No persistent data present for slot number - * \retval 1 - * Persistent data present for slot number - */ -int psa_is_key_present_in_storage( const psa_key_file_id_t key ); - -/** - * \brief Get data length for given key slot number. - * - * \param key Persistent identifier whose stored data length - * is to be obtained. - * \param[out] data_length The number of bytes that make up the data. - * - * \retval PSA_SUCCESS - * \retval PSA_ERROR_STORAGE_FAILURE - */ -psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, - size_t *data_length ); - - -#ifdef __cplusplus -} -#endif - -#endif /* PSA_CRYPTO_STORAGE_H */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 2fa307e20..90e10f66b 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -2,7 +2,6 @@ #include #include "psa/crypto.h" #include "psa_crypto_storage.h" -#include "psa_crypto_storage_backend.h" #include "mbedtls/md.h" #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 41357eea4..c56e976a7 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -242,7 +242,6 @@ - From 6bf4baef953eac07516a5dc44f96846561e26438 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 24 Feb 2019 17:47:27 +0100 Subject: [PATCH 1137/2197] Remove compilation option MBEDTLS_PSA_HAS_ITS_IO MBEDTLS_PSA_HAS_ITS_IO is not really useful since it doesn't actually enable anything except the entropy seed file support, which only requires the ITS interface and not a native implemetation. Remove it. --- configs/config-psa-crypto.h | 22 +------------------ include/mbedtls/config.h | 20 ----------------- include/psa/crypto_extra.h | 2 +- library/psa_crypto.c | 8 ++----- library/version_features.c | 6 ----- programs/test/query_config.c | 16 -------------- scripts/config.pl | 2 -- .../test_suite_psa_crypto_entropy.function | 2 +- 8 files changed, 5 insertions(+), 73 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 0b57d1c7f..7f7c0cf04 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1146,16 +1146,6 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED -/** - * \def MBEDTLS_PSA_HAS_ITS_IO - * - * Enable the non-volatile secure storage usage. - * - * This is crucial on systems that do not have a HW TRNG support. - * - */ -//#define MBEDTLS_PSA_HAS_ITS_IO - /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER * * In PSA key storage, encode the owner of the key. @@ -1241,16 +1231,6 @@ */ //#define MBEDTLS_PSA_CRYPTO_SPM -/** - * \def MBEDTLS_PSA_HAS_ITS_IO - * - * Enable the non-volatile secure storage usage. - * - * This is crucial on systems that do not have a HW TRNG support. - * - */ -//#define MBEDTLS_PSA_HAS_ITS_IO - /** * \def MBEDTLS_RSA_NO_CRT * @@ -2735,7 +2715,7 @@ * * Requires: MBEDTLS_FS_IO */ -#define MBEDTLS_PSA_ITS_FILE_C +//#define MBEDTLS_PSA_ITS_FILE_C /** * \def MBEDTLS_RIPEMD160_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f27b50e5a..a358a20c4 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1166,16 +1166,6 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED -/** - * \def MBEDTLS_PSA_HAS_ITS_IO - * - * Enable the non-volatile secure storage usage. - * - * This is crucial on systems that do not have a HW TRNG support. - * - */ -//#define MBEDTLS_PSA_HAS_ITS_IO - /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER * * In PSA key storage, encode the owner of the key. @@ -1261,16 +1251,6 @@ */ //#define MBEDTLS_PSA_CRYPTO_SPM -/** - * \def MBEDTLS_PSA_HAS_ITS_IO - * - * Enable the non-volatile secure storage usage. - * - * This is crucial on systems that do not have a HW TRNG support. - * - */ -//#define MBEDTLS_PSA_HAS_ITS_IO - /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 5dd47899e..545dd4bcd 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -115,7 +115,7 @@ void mbedtls_psa_crypto_free( void ); * * \note This function is only available on the following platforms: * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and - * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you + * MBEDTLS_PSA_CRYPTO_STORAGE_C are both enabled. Note that you * must provide compatible implementations of mbedtls_nv_seed_read * and mbedtls_nv_seed_write. * * In a client-server integration of PSA Cryptography, on the client side, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cd1499a38..1b554b5b0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -78,10 +78,6 @@ #include "mbedtls/sha512.h" #include "mbedtls/xtea.h" -#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) -#include "psa/internal_trusted_storage.h" -#endif - #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) /* constant-time buffer comparison */ @@ -4423,8 +4419,8 @@ psa_status_t psa_generate_random( uint8_t *output, return( mbedtls_to_psa_error( ret ) ); } -#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) - +#if defined(MBEDTLS_ENTROPY_NV_SEED) && \ + defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, size_t seed_size ) { diff --git a/library/version_features.c b/library/version_features.c index 61a662c1e..92b1af10b 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -411,9 +411,6 @@ static const char *features[] = { #if defined(MBEDTLS_ENTROPY_NV_SEED) "MBEDTLS_ENTROPY_NV_SEED", #endif /* MBEDTLS_ENTROPY_NV_SEED */ -#if defined(MBEDTLS_PSA_HAS_ITS_IO) - "MBEDTLS_PSA_HAS_ITS_IO", -#endif /* MBEDTLS_PSA_HAS_ITS_IO */ #if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", #endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ @@ -435,9 +432,6 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_SPM) "MBEDTLS_PSA_CRYPTO_SPM", #endif /* MBEDTLS_PSA_CRYPTO_SPM */ -#if defined(MBEDTLS_PSA_HAS_ITS_IO) - "MBEDTLS_PSA_HAS_ITS_IO", -#endif /* MBEDTLS_PSA_HAS_ITS_IO */ #if defined(MBEDTLS_RSA_NO_CRT) "MBEDTLS_RSA_NO_CRT", #endif /* MBEDTLS_RSA_NO_CRT */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 3e847e5d9..52db0b2fc 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1138,14 +1138,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_ENTROPY_NV_SEED */ -#if defined(MBEDTLS_PSA_HAS_ITS_IO) - if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_HAS_ITS_IO */ - #if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", config ) == 0 ) { @@ -1202,14 +1194,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PSA_CRYPTO_SPM */ -#if defined(MBEDTLS_PSA_HAS_ITS_IO) - if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_HAS_ITS_IO */ - #if defined(MBEDTLS_RSA_NO_CRT) if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 ) { diff --git a/scripts/config.pl b/scripts/config.pl index 5542b2d15..fc71f655d 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -101,7 +101,6 @@ MBEDTLS_PKCS11_C MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM -MBEDTLS_PSA_HAS_ITS_IO MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER MBEDTLS_USE_PSA_CRYPTO _ALT\s*$ @@ -125,7 +124,6 @@ MBEDTLS_PLATFORM_TIME_ALT MBEDTLS_PLATFORM_FPRINTF_ALT MBEDTLS_PSA_CRYPTO_STORAGE_C MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C -MBEDTLS_PSA_HAS_ITS_IO MBEDTLS_PSA_ITS_FILE_C ); diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index a14657e9f..76a7b5870 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -12,7 +12,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C + * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_CRYPTO_STORAGE_C * END_DEPENDENCIES */ From e3dbdd8d908218c7b7c3c3a62babb658c5c8a2a4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 11:04:06 +0100 Subject: [PATCH 1138/2197] Gate entropy injection through a dedicated configuration option Entropy injection has specific testing requirements. Therefore it should depend on a specific option. --- configs/config-psa-crypto.h | 15 +++++++- include/mbedtls/check_config.h | 11 ++++++ include/mbedtls/config.h | 13 +++++++ include/psa/crypto_extra.h | 7 ++-- library/psa_crypto.c | 23 +++--------- library/psa_crypto_storage.c | 22 +++++++++++ library/psa_crypto_storage.h | 16 ++++++++ library/version_features.c | 3 ++ programs/test/query_config.c | 8 ++++ scripts/config.pl | 1 + .../test_suite_psa_crypto_entropy.function | 37 +++++++++++++++---- 11 files changed, 125 insertions(+), 31 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 7f7c0cf04..4873c3624 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1231,6 +1231,19 @@ */ //#define MBEDTLS_PSA_CRYPTO_SPM +/** + * \def MBEDTLS_PSA_INJECT_ENTROPY + * + * Enable support for entropy injection at first boot. This feature is + * required on systems that do not have a built-in entropy source (TRNG). + * This feature is currently not supported on systems that have a built-in + * entropy source. + * + * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED + * + */ +//#define MBEDTLS_PSA_INJECT_ENTROPY + /** * \def MBEDTLS_RSA_NO_CRT * @@ -2715,7 +2728,7 @@ * * Requires: MBEDTLS_FS_IO */ -//#define MBEDTLS_PSA_ITS_FILE_C +#define MBEDTLS_PSA_ITS_FILE_C /** * \def MBEDTLS_RIPEMD160_C diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 607deb96f..c1450dbda 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -530,6 +530,17 @@ #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ + !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ + defined(MBEDTLS_ENTROPY_NV_SEED) ) +#error "MBEDTLS_PSA_INJECT_ENTROPY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ + !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) +#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources" +#endif + #if defined(MBEDTLS_PSA_ITS_FILE_C) && \ !defined(MBEDTLS_FS_IO) #error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index a358a20c4..5621965f2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1251,6 +1251,19 @@ */ //#define MBEDTLS_PSA_CRYPTO_SPM +/** + * \def MBEDTLS_PSA_INJECT_ENTROPY + * + * Enable support for entropy injection at first boot. This feature is + * required on systems that do not have a built-in entropy source (TRNG). + * This feature is currently not supported on systems that have a built-in + * entropy source. + * + * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED + * + */ +//#define MBEDTLS_PSA_INJECT_ENTROPY + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 545dd4bcd..c89c55df3 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -114,10 +114,9 @@ void mbedtls_psa_crypto_free( void ); * This is an Mbed TLS extension. * * \note This function is only available on the following platforms: - * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and - * MBEDTLS_PSA_CRYPTO_STORAGE_C are both enabled. Note that you - * must provide compatible implementations of mbedtls_nv_seed_read - * and mbedtls_nv_seed_write. + * * If the compile-time option MBEDTLS_PSA_INJECT_ENTROPY is enabled. + * Note that you must provide compatible implementations of + * mbedtls_nv_seed_read and mbedtls_nv_seed_write. * * In a client-server integration of PSA Cryptography, on the client side, * if the server supports this feature. * \param[in] seed Buffer containing the seed value to inject. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1b554b5b0..3b9c78ffc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -60,7 +60,6 @@ #include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" #include "mbedtls/entropy.h" -#include "mbedtls/entropy_poll.h" #include "mbedtls/error.h" #include "mbedtls/gcm.h" #include "mbedtls/md2.h" @@ -4419,13 +4418,12 @@ psa_status_t psa_generate_random( uint8_t *output, return( mbedtls_to_psa_error( ret ) ); } -#if defined(MBEDTLS_ENTROPY_NV_SEED) && \ - defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include "mbedtls/entropy_poll.h" + psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, size_t seed_size ) { - psa_status_t status; - struct psa_storage_info_t p_info; if( global_data.initialized ) return( PSA_ERROR_NOT_PERMITTED ); @@ -4434,20 +4432,9 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); - - if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */ - { - status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); - } - else if( PSA_SUCCESS == status ) - { - /* You should not be here. Seed needs to be injected only once */ - status = PSA_ERROR_NOT_PERMITTED; - } - return( status ); + return( mbedtls_psa_storage_inject_entropy( seed, seed_size ) ); } -#endif +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ psa_status_t psa_generate_key( psa_key_handle_t handle, psa_key_type_t type, diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index bda9c0ce8..6c2e86573 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -391,4 +391,26 @@ exit: return( status ); } +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, + size_t seed_size ) +{ + psa_status_t status; + struct psa_storage_info_t p_info; + + status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); + + if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */ + { + status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); + } + else if( PSA_SUCCESS == status ) + { + /* You should not be here. Seed needs to be injected only once */ + status = PSA_ERROR_NOT_PERMITTED; + } + return( status ); +} +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 902e3026b..5434d0529 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -203,6 +203,22 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, psa_key_type_t *type, psa_key_policy_t *policy ); +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +/** Backend side of mbedtls_psa_inject_entropy(). + * + * This function stores the supplied data into the entropy seed file. + * + * \retval #PSA_SUCCESS + * Success + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_NOT_PERMITTED + * The entropy seed file already exists. + */ +psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, + size_t seed_size ); +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + #ifdef __cplusplus } #endif diff --git a/library/version_features.c b/library/version_features.c index 92b1af10b..00fd2e90d 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -432,6 +432,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_SPM) "MBEDTLS_PSA_CRYPTO_SPM", #endif /* MBEDTLS_PSA_CRYPTO_SPM */ +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + "MBEDTLS_PSA_INJECT_ENTROPY", +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ #if defined(MBEDTLS_RSA_NO_CRT) "MBEDTLS_RSA_NO_CRT", #endif /* MBEDTLS_RSA_NO_CRT */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 52db0b2fc..d940b0d17 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1194,6 +1194,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PSA_CRYPTO_SPM */ +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + if( strcmp( "MBEDTLS_PSA_INJECT_ENTROPY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_INJECT_ENTROPY ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + #if defined(MBEDTLS_RSA_NO_CRT) if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 ) { diff --git a/scripts/config.pl b/scripts/config.pl index fc71f655d..6927c4b40 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -102,6 +102,7 @@ MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +MBEDTLS_PSA_INJECT_ENTROPY MBEDTLS_USE_PSA_CRYPTO _ALT\s*$ ); diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 76a7b5870..91e210e0e 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -2,17 +2,38 @@ #include #include "psa/crypto.h" -#include "psa_prot_internal_storage.h" #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#if defined(MBEDTLS_PSA_ITS_FILE_C) +#include +#else +#include +#endif + /* Calculating the minimum allowed entropy size in bytes */ #define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) +/* Remove the entropy seed file. Since the library does not expose a way + * to do this (it would be a security risk if such a function was ever + * accessible in production), implement this functionality in a white-box + * manner. */ +psa_status_t remove_seed_file( void ) +{ +#if defined(MBEDTLS_PSA_ITS_FILE_C) + if( remove( "00000000ffffff52.psa_its" ) == 0 ) + return( PSA_SUCCESS ); + else + return( PSA_ERROR_DOES_NOT_EXIST ); +#else + return( psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ) ); +#endif +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_CRYPTO_STORAGE_C + * depends_on:MBEDTLS_PSA_INJECT_ENTROPY * END_DEPENDENCIES */ @@ -42,7 +63,7 @@ void validate_entropy_seed_injection( int seed_length_a, { seed[i] = i; } - status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + status = remove_seed_file( ); TEST_ASSERT( ( status == PSA_SUCCESS ) || ( status == PSA_ERROR_DOES_NOT_EXIST ) ); status = mbedtls_psa_inject_entropy( seed, seed_length_a ); @@ -55,7 +76,7 @@ void validate_entropy_seed_injection( int seed_length_a, TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 ); exit: mbedtls_free( seed ); - psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + remove_seed_file( ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -64,19 +85,19 @@ exit: void run_entropy_inject_with_crypto_init( ) { psa_status_t status; - int i; + size_t i; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; /* fill seed with some data */ for( i = 0; i < sizeof( seed ); ++i ) { seed[i] = i; } - status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + status = remove_seed_file( ); TEST_ASSERT( ( status == PSA_SUCCESS ) || ( status == PSA_ERROR_DOES_NOT_EXIST ) ); status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); PSA_ASSERT( status ); - status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + status = remove_seed_file( ); TEST_EQUAL( status, PSA_SUCCESS ); status = psa_crypto_init( ); TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY ); @@ -89,7 +110,7 @@ void run_entropy_inject_with_crypto_init( ) status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ); + remove_seed_file( ); mbedtls_psa_crypto_free( ); } /* END_CASE */ From fad3a3e4af0ab00e9ab601ea6b4bef4a4f30367d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 13:36:21 +0100 Subject: [PATCH 1139/2197] Fix build error with MSVC on 64-bit systems Explicitly cast size_t to uint32_t. --- library/psa_crypto_storage.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 6c2e86573..840f418c3 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -101,7 +101,7 @@ static psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, if( status != PSA_SUCCESS ) return( status ); - status = psa_its_get( data_identifier, 0, data_size, data ); + status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data ); return( status ); } @@ -146,7 +146,7 @@ static psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, if( psa_is_key_present_in_storage( key ) == 1 ) return( PSA_ERROR_ALREADY_EXISTS ); - status = psa_its_set( data_identifier, data_length, data, 0 ); + status = psa_its_set( data_identifier, (uint32_t) data_length, data, 0 ); if( status != PSA_SUCCESS ) { return( PSA_ERROR_STORAGE_FAILURE ); From d7929e753941b0e8dc507acf5423ebd8614deb36 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 15 Mar 2019 11:37:09 +0100 Subject: [PATCH 1140/2197] Fix copypasta in test data --- tests/suites/test_suite_psa_its.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_its.data b/tests/suites/test_suite_psa_its.data index 6c4353698..63ca1290d 100644 --- a/tests/suites/test_suite_psa_its.data +++ b/tests/suites/test_suite_psa_its.data @@ -44,7 +44,7 @@ Get 0 bytes of 10 at 0 get_at:0:"40414243444546474849":0:0:PSA_SUCCESS Get 1 byte of 10 at 0 -get_at:0:"40414243444546474849":1:0:PSA_SUCCESS +get_at:0:"40414243444546474849":0:1:PSA_SUCCESS Get 2 bytes of 10 at 1 get_at:0:"40414243444546474849":1:2:PSA_SUCCESS @@ -56,7 +56,7 @@ Get 1 byte of 10 at 11: out of range get_at:0:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT Get 0 bytes of 10 at 11: out of range -get_at:0:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT +get_at:0:"40414243444546474849":11:0:PSA_ERROR_INVALID_ARGUMENT Get -1 byte of 10 at 10: out of range get_at:0:"40414243444546474849":10:-1:PSA_ERROR_INVALID_ARGUMENT From 0a504c02f600f0cc6a2ad1e794c7625e7faf42d4 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 15 Mar 2019 15:44:14 +0000 Subject: [PATCH 1141/2197] tests: Add library to include path when used as submodule Some tests use internal-only header files, which are stored in the 'library' folder, and therefore need the library folder passed in on the include path. For non-submoudle builds, this is set globally in the top-level CMakeLists.txt file. For submodule builds, this is set through target includes to a path only meaningful when Mbed Crypto is built as a submodule. --- tests/CMakeLists.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 1b239a45d..ad9591723 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -52,7 +52,8 @@ function(add_test_suite suite_name) target_link_libraries(${exe_name} ${libs}) target_include_directories(${exe_name} PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/ + PRIVATE ${CMAKE_SOURCE_DIR}/crypto/library/) if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") From 1e2730b9b123cbb8e1ec7b608a289543485070ed Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 9 Apr 2019 12:25:23 +0200 Subject: [PATCH 1142/2197] Update usage of PSA_ALG_ECDH so that test_suite_psa_crypto compiles --- tests/suites/test_suite_psa_crypto.data | 42 ++++++++++++------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bd605ac35..d80de1177 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1912,19 +1912,19 @@ derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key agreement setup: ECDH, raw: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH, raw: public key on different curve depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, raw: public key instead of private key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, 0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: not a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C @@ -1932,71 +1932,71 @@ key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 with ECDH-only public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 +key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" +key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA generate random: 0 bytes generate_random:0 From b467934fb762bf2de27e37e28ac02d42cae7f9a2 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Wed, 10 Apr 2019 15:37:06 +0100 Subject: [PATCH 1143/2197] Use Windows-specific renaming function On Windows, rename() fails if the new filename already exists. Use the Windows specific function MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag set instead to do renames. --- library/psa_its_file.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index de60ecfc9..bf55ed3f7 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -33,6 +33,10 @@ #define mbedtls_snprintf snprintf #endif +#if defined(_WIN32) +#include +#endif + #include "psa_crypto_its.h" #include @@ -209,7 +213,12 @@ exit: } if( status == PSA_SUCCESS ) { +#if defined(_WIN32) + if( MoveFileExA( PSA_ITS_STORAGE_TEMP, filename, + MOVEFILE_REPLACE_EXISTING ) == 0 ) +#else if( rename( PSA_ITS_STORAGE_TEMP, filename ) != 0 ) +#endif status = PSA_ERROR_STORAGE_FAILURE; } remove( PSA_ITS_STORAGE_TEMP ); From fdda7de048ff2050e3ae9f1adc52e9a7d65d1817 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 11 Apr 2019 12:54:02 +0100 Subject: [PATCH 1144/2197] Use function-like macro for Windows renaming --- library/psa_its_file.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index bf55ed3f7..bc0f84cae 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -62,6 +62,13 @@ #define PSA_ITS_MAGIC_STRING "PSA\0ITS\0" #define PSA_ITS_MAGIC_LENGTH 8 +#if defined(_WIN32) +#define rename_replace_existing( oldpath, newpath ) \ + (!MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING )) +#else +#define rename_replace_existing( oldpath, newpath ) rename( oldpath, newpath ) +#endif + typedef struct { uint8_t magic[PSA_ITS_MAGIC_LENGTH]; @@ -213,12 +220,7 @@ exit: } if( status == PSA_SUCCESS ) { -#if defined(_WIN32) - if( MoveFileExA( PSA_ITS_STORAGE_TEMP, filename, - MOVEFILE_REPLACE_EXISTING ) == 0 ) -#else - if( rename( PSA_ITS_STORAGE_TEMP, filename ) != 0 ) -#endif + if( rename_replace_existing( PSA_ITS_STORAGE_TEMP, filename ) != 0 ) status = PSA_ERROR_STORAGE_FAILURE; } remove( PSA_ITS_STORAGE_TEMP ); From 86095bcaa8c54177b10afdb5bf40beacff707dd8 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 11 Apr 2019 14:21:14 +0100 Subject: [PATCH 1145/2197] Document rename_replace_existing macro --- library/psa_its_file.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index bc0f84cae..8cdf783a7 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -62,9 +62,12 @@ #define PSA_ITS_MAGIC_STRING "PSA\0ITS\0" #define PSA_ITS_MAGIC_LENGTH 8 +/* As rename fails on Windows if the new filepath already exists, + * use MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag instead. + * Returns 0 on success, nonzero on failure. */ #if defined(_WIN32) #define rename_replace_existing( oldpath, newpath ) \ - (!MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING )) + ( ! MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING ) ) #else #define rename_replace_existing( oldpath, newpath ) rename( oldpath, newpath ) #endif From f9ee633d33368ce9414c89dd9a0d774737ffa518 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 21:22:52 +0200 Subject: [PATCH 1146/2197] Fix confusion between HMAC algorithm and the corresponding hash --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f6b034e73..149d1354a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4052,7 +4052,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, psa_status_t status; status = psa_hmac_setup_internal( &hkdf->hmac, salt, salt_length, - PSA_ALG_HMAC_GET_HASH( hash_alg ) ); + hash_alg ); if( status != PSA_SUCCESS ) return( status ); status = psa_hash_update( &hkdf->hmac.hash_ctx, secret, secret_length ); @@ -4403,7 +4403,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, { status = psa_hmac_setup_internal( &hkdf->hmac, NULL, 0, - PSA_ALG_HMAC( hash_alg ) ); + hash_alg ); if( status != PSA_SUCCESS ) return( status ); hkdf->state = HKDF_STATE_STARTED; From 0216fe16b734f2df555855afdddd3d8116e1be86 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 21:23:21 +0200 Subject: [PATCH 1147/2197] Implement psa_key_agreement_raw_shared_secret Refactor: split psa_key_agreement_raw_internal out of psa_key_agreement_internal, and call it from psa_key_agreement_raw_shared_secret as well. --- library/psa_crypto.c | 92 ++++++++++++++++++++++++++++++++++++-------- 1 file changed, 76 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 149d1354a..6660efe88 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4596,6 +4596,37 @@ exit: #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES +static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, + psa_key_slot_t *private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length ) +{ + switch( alg ) + { +#if defined(MBEDTLS_ECDH_C) + case PSA_ALG_ECDH: + if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + return( psa_key_agreement_ecdh( peer_key, peer_key_length, + private_key->data.ecp, + shared_secret, shared_secret_size, + shared_secret_length ) ); + break; +#endif /* MBEDTLS_ECDH_C */ + default: + (void) private_key; + (void) peer_key; + (void) peer_key_length; + (void) shared_secret; + (void) shared_secret_size; + (void) shared_secret_length; + return( PSA_ERROR_NOT_SUPPORTED ); + } +} + /* Note that if this function fails, you must call psa_generator_abort() * to potentially free embedded data structures and wipe confidential data. */ @@ -4608,28 +4639,16 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato psa_status_t status; uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; size_t shared_secret_length = 0; + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( generator->alg ); /* Step 1: run the secret agreement algorithm to generate the shared * secret. */ - switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( generator->alg ) ) - { -#if defined(MBEDTLS_ECDH_C) - case PSA_ALG_ECDH: - if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_key_agreement_ecdh( peer_key, peer_key_length, - private_key->data.ecp, + status = psa_key_agreement_raw_internal( ka_alg, + private_key, + peer_key, peer_key_length, shared_secret, sizeof( shared_secret ), &shared_secret_length ); - break; -#endif /* MBEDTLS_ECDH_C */ - default: - (void) private_key; - (void) peer_key; - (void) peer_key_length; - return( PSA_ERROR_NOT_SUPPORTED ); - } if( status != PSA_SUCCESS ) goto exit; @@ -4665,6 +4684,47 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, return( status ); } +psa_status_t psa_key_agreement_raw_shared_secret( psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_key_slot_t *slot; + psa_status_t status; + + if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + status = psa_get_key_from_slot( private_key, &slot, + PSA_KEY_USAGE_DERIVE, alg ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_key_agreement_raw_internal( alg, slot, + peer_key, peer_key_length, + output, output_size, + output_length ); + +exit: + if( status != PSA_SUCCESS ) + { + /* If an error happens and is not handled properly, the output + * may be used as a key to protect sensitive data. Arrange for such + * a key to be random, which is likely to result in decryption or + * verification errors. This is better than filling the buffer with + * some constant data such as zeros, which would result in the data + * being protected with a reproducible, easily knowable key. + */ + psa_generate_random( output, output_size ); + *output_length = output_size; + } + return( status ); +} /****************************************************************/ From 2e46e9cf2117d5e92f78c8bf57f3dbf0b74847e1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 21:24:55 +0200 Subject: [PATCH 1148/2197] Add exercise_key for raw key agreement --- tests/suites/test_suite_psa_crypto.function | 56 +++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d70b7eb7f..2659081fd 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -597,6 +597,60 @@ exit: return( status ); } +/* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ +static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, + psa_key_handle_t handle ) +{ + psa_key_type_t private_key_type; + psa_key_type_t public_key_type; + size_t key_bits; + uint8_t *public_key = NULL; + size_t public_key_length; + uint8_t output[1024]; + size_t output_length; + /* Return GENERIC_ERROR if something other than the final call to + * psa_key_agreement fails. This isn't fully satisfactory, but it's + * good enough: callers will report it as a failed test anyway. */ + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + PSA_ASSERT( psa_get_key_information( handle, + &private_key_type, + &key_bits ) ); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); + public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); + ASSERT_ALLOC( public_key, public_key_length ); + PSA_ASSERT( psa_export_public_key( handle, + public_key, public_key_length, + &public_key_length ) ); + + status = psa_key_agreement_raw_shared_secret( + alg, handle, + public_key, public_key_length, + output, sizeof( output ), &output_length ); +exit: + mbedtls_free( public_key ); + return( status ); +} + +static int exercise_raw_key_agreement_key( psa_key_handle_t handle, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + int ok = 0; + + if( usage & PSA_KEY_USAGE_DERIVE ) + { + /* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ + PSA_ASSERT( raw_key_agreement_with_self( alg, handle ) ); + } + ok = 1; + +exit: + return( ok ); +} + static int exercise_key_agreement_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) @@ -973,6 +1027,8 @@ static int exercise_key( psa_key_handle_t handle, ok = exercise_asymmetric_encryption_key( handle, usage, alg ); else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) ok = exercise_key_derivation_key( handle, usage, alg ); + else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) + ok = exercise_raw_key_agreement_key( handle, usage, alg ); else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) ok = exercise_key_agreement_key( handle, usage, alg ); else From 04ee2d229508abfd48dacb7d6223e63ca46d611b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 21:25:46 +0200 Subject: [PATCH 1149/2197] Update key agreement policy tests for the new derivation API Separate test functions for raw key agreement and key agreement with KDF. --- tests/suites/test_suite_psa_crypto.data | 40 ++++++++++++++++----- tests/suites/test_suite_psa_crypto.function | 37 +++++++++++++++++++ 2 files changed, 69 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d80de1177..1457bccd0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -480,17 +480,41 @@ PSA key policy: derive via TLS 1.2 PRF, wrong algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) -PSA key policy: agreement, permitted -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH +PSA key policy: agreement + KDF, permitted +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) -PSA key policy: agreement, not permitted -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH +PSA key policy: agreement + KDF, not permitted +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) -PSA key policy: agreement, wrong algorithm +PSA key policy: agreement + KDF, wrong agreement algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) + +PSA key policy: agreement + KDF, wrong KDF algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)) + +PSA key policy: agreement + KDF, key only permits raw agreement +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) + +PSA key policy: raw agreement, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH + +PSA key policy: raw agreement, not permitted +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH + +PSA key policy: raw agreement, wrong algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH + +PSA key policy: raw agreement, key only permits a KDF +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) Copy key: raw, 0 bytes copy_key_policy:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:-1:-1:0:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2659081fd..c26f06536 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2007,6 +2007,43 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void raw_agreement_key_policy( int policy_usage, + int policy_alg, + int key_type_arg, + data_t *key_data, + int exercise_alg ) +{ + psa_key_handle_t handle = 0; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_type_t key_type = key_type_arg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_status_t status; + + PSA_ASSERT( psa_crypto_init( ) ); + + PSA_ASSERT( psa_allocate_key( &handle ) ); + psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); + + status = raw_key_agreement_with_self( exercise_alg, handle ); + + if( policy_alg == exercise_alg && + ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) + PSA_ASSERT( status ); + else + TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + +exit: + psa_generator_abort( &generator ); + psa_destroy_key( handle ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void copy_key_policy( int source_usage_arg, int source_alg_arg, int type_arg, data_t *material, From 77f40d83c1587a69f4721500f2452e410ce6f904 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 21:27:06 +0200 Subject: [PATCH 1150/2197] Quick fix of key agreement setup tests for the new derivation API Allow either the key derivation step or the key agreement step to fail. These tests should be split into three groups: key derivation setup tests with an algorithm that includes a key agreement step, and multipart key agreement failure tests, and raw key agreement failure tests. --- tests/suites/test_suite_psa_crypto.data | 28 ++++++++++++--------- tests/suites/test_suite_psa_crypto.function | 23 +++++++++++++---- 2 files changed, 34 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1457bccd0..f4999220e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1934,25 +1934,29 @@ PSA key derivation: HKDF SHA-256, derive key, 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 -PSA key agreement setup: ECDH, raw: good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +PSA key agreement setup: ECDH + HKDF-SHA-256: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS -PSA key agreement setup: ECDH, raw: public key on different curve -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT -PSA key agreement setup: ECDH, raw: public key instead of private key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, 0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED -PSA key agreement setup: not a key agreement algorithm +PSA key agreement setup: bad key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT + +PSA key agreement setup: KDF instead of a key agreement algorithm +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C +key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c26f06536..668b5a0d8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4664,6 +4664,8 @@ void key_agreement_setup( int alg_arg, psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_status_t expected_status = expected_status_arg; + psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -4674,11 +4676,22 @@ void key_agreement_setup( int alg_arg, our_key_data->x, our_key_data->len ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - TEST_EQUAL( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, - our_key, - peer_key_data->x, peer_key_data->len ), - expected_status_arg ); + /* The tests currently include inputs that should fail at either step. + * Test cases that fail at the setup step should be changed to call + * key_derivation_setup instead, and this function should be renamed + * to key_agreement_fail. */ + status = psa_key_derivation_setup( &generator, alg ); + if( status == PSA_SUCCESS ) + { + TEST_EQUAL( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, + our_key, + peer_key_data->x, peer_key_data->len ), + expected_status ); + } + else + { + TEST_ASSERT( status == expected_status ); + } exit: psa_generator_abort( &generator ); From f8831c27f37781bfaa691a1b42e3815f87b24838 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 21:44:53 +0200 Subject: [PATCH 1151/2197] Remove obsolete test case "ECDH-only public key" Since the format change for EC public key import from SubjectPublicKeyInfo to the ECPoint content, it is no longer possible to import a key with metadata marking it as ECDH-only. This test was converted systematically but now no longer has any purpose since the public key is now like any other public key. --- tests/suites/test_suite_psa_crypto.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f4999220e..cd20c1e83 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1966,10 +1966,6 @@ PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" -PSA key agreement: ECDH SECP256R1 with ECDH-only public key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" - PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" From f0cba73b9935ac4607fb8a692dd8f83b50b281f6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 22:12:38 +0200 Subject: [PATCH 1152/2197] New test function for raw agreement Change test cases with test data for raw agreement to this new test function. --- tests/suites/test_suite_psa_crypto.data | 67 ++++++--------------- tests/suites/test_suite_psa_crypto.function | 37 ++++++++++++ 2 files changed, 55 insertions(+), 49 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index cd20c1e83..245ff930e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1958,65 +1958,34 @@ PSA key agreement setup: KDF instead of a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT -PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32 +PSA raw key agreement: ECDH SECP256R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32 +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" -PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"" - -PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" - -PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de" - -PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d" - -PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48 - -PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":"" - -PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66 - -PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":"" - -PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32 +PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32 +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" -PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read +PSA raw key agreement: ECDH SECP384R1 (RFC 5903) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" + +PSA raw key agreement: ECDH SECP521R1 (RFC 5903) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" + +PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":"" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" -PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48 +PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48 +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" -PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":"" - -PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64 +PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_capacity:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64 +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" -PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_output:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 668b5a0d8..8d6d6f37b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4700,6 +4700,43 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void raw_key_agreement( int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + data_t *expected_output ) +{ + psa_key_handle_t our_key = 0; + psa_algorithm_t alg = alg_arg; + psa_key_type_t our_key_type = our_key_type_arg; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + unsigned char *output = NULL; + size_t output_length = ~0; + + ASSERT_ALLOC( output, expected_output->len ); + PSA_ASSERT( psa_crypto_init( ) ); + + PSA_ASSERT( psa_allocate_key( &our_key ) ); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); + PSA_ASSERT( psa_import_key( our_key, our_key_type, + our_key_data->x, + our_key_data->len ) ); + + PSA_ASSERT( psa_key_agreement_raw_shared_secret( + alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len, &output_length ) ); + ASSERT_COMPARE( output, output_length, + expected_output->x, expected_output->len ); + +exit: + mbedtls_free( output ); + psa_destroy_key( our_key ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_agreement_capacity( int alg_arg, int our_key_type_arg, data_t *our_key_data, From f8a9d942a54820751e84fddd7e8d47238eb3e48d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Apr 2019 22:13:20 +0200 Subject: [PATCH 1153/2197] Test multipart key agreement with ECDH+HKDF Basic coverage with one algorithm only and a restricted choice of output lengths. --- tests/suites/test_suite_psa_crypto.data | 25 ++++++++++++++++++++- tests/suites/test_suite_psa_crypto.function | 14 ++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 245ff930e..9629d438a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1986,8 +1986,31 @@ PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 -PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32 +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" + +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" + +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" + +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" + +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" + +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8d6d6f37b..e01736434 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4764,6 +4764,13 @@ void key_agreement_capacity( int alg_arg, PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); + if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) + { + /* The test data is for info="" */ + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_INFO, + NULL, 0 ) ); + } /* Test the advertized capacity. */ PSA_ASSERT( psa_get_generator_capacity( @@ -4818,6 +4825,13 @@ void key_agreement_output( int alg_arg, PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); + if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) + { + /* The test data is for info="" */ + PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_KDF_STEP_INFO, + NULL, 0 ) ); + } PSA_ASSERT( psa_generator_read( &generator, actual_output, From a52460c3ed79e861b7a2d76bf2ffb1a782b66dc7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 00:11:21 +0200 Subject: [PATCH 1154/2197] Algorithm encoding: move two bits from derivation to agreement This gives a little more room to encode key agreement algorithms, while keeping enough space for key derivation algorithms. This doesn't affect any of the already-defined algorithms. --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index f9ac00a81..eddf63262 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1282,8 +1282,8 @@ #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x080fffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10f00000) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x0803ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0x10fc0000) /** Macro to build a combined algorithm that chains a key agreement with * a key derivation. From 882e57ecba4d524bb11c4d72ce5d0fb1d7614763 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 00:12:07 +0200 Subject: [PATCH 1155/2197] psa_constant_names: support key agreement algorithms --- programs/psa/psa_constant_names.c | 21 ++++++----- scripts/generate_psa_constants.py | 46 ++++++++++++++++++++---- tests/scripts/test_psa_constant_names.py | 4 ++- 3 files changed, 52 insertions(+), 19 deletions(-) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 551410021..5240b084a 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -84,22 +84,21 @@ static void append_with_curve(char **buffer, size_t buffer_size, append(buffer, buffer_size, required_size, ")", 1); } -static void append_with_hash(char **buffer, size_t buffer_size, - size_t *required_size, - const char *string, size_t length, - psa_algorithm_t hash_alg) +typedef const char *(*psa_get_algorithm_name_func_ptr)(psa_algorithm_t alg); + +static void append_with_alg(char **buffer, size_t buffer_size, + size_t *required_size, + psa_get_algorithm_name_func_ptr get_name, + psa_algorithm_t alg) { - const char *hash_name = psa_hash_algorithm_name(hash_alg); - append(buffer, buffer_size, required_size, string, length); - append(buffer, buffer_size, required_size, "(", 1); - if (hash_name != NULL) { + const char *name = get_name(alg); + if (name != NULL) { append(buffer, buffer_size, required_size, - hash_name, strlen(hash_name)); + name, strlen(name)); } else { append_integer(buffer, buffer_size, required_size, - "0x%08lx", hash_alg); + "0x%08lx", alg); } - append(buffer, buffer_size, required_size, ")", 1); } #include "psa_constant_names_generated.c" diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 382fd23e7..dac60034d 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -30,6 +30,14 @@ static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) } } +static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg) +{ + switch (ka_alg) { + %(ka_algorithm_cases)s + default: return NULL; + } +} + static int psa_snprint_key_type(char *buffer, size_t buffer_size, psa_key_type_t type) { @@ -47,12 +55,13 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size, return (int) required_size; } +#define NO_LENGTH_MODIFIER 0xfffffffflu static int psa_snprint_algorithm(char *buffer, size_t buffer_size, psa_algorithm_t alg) { size_t required_size = 0; psa_algorithm_t core_alg = alg; - unsigned long length_modifier = 0; + unsigned long length_modifier = NO_LENGTH_MODIFIER; if (PSA_ALG_IS_MAC(alg)) { core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0); if (core_alg != alg) { @@ -70,6 +79,15 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29); length_modifier = PSA_AEAD_TAG_LENGTH(alg); } + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && + !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); + append(&buffer, buffer_size, &required_size, + "PSA_ALG_KEY_AGREEMENT(", 22); + append_with_alg(&buffer, buffer_size, &required_size, + psa_ka_algorithm_name, + PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)); + append(&buffer, buffer_size, &required_size, ", ", 2); } switch (core_alg) { %(algorithm_cases)s @@ -81,9 +99,11 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, break; } if (core_alg != alg) { - append(&buffer, buffer_size, &required_size, ", ", 2); - append_integer(&buffer, buffer_size, &required_size, - "%%lu", length_modifier); + if (length_modifier != NO_LENGTH_MODIFIER) { + append(&buffer, buffer_size, &required_size, ", ", 2); + append_integer(&buffer, buffer_size, &required_size, + "%%lu", length_modifier); + } append(&buffer, buffer_size, &required_size, ")", 1); } buffer[0] = 0; @@ -126,9 +146,12 @@ key_type_from_curve_template = '''if (%(tester)s(type)) { } else ''' algorithm_from_hash_template = '''if (%(tester)s(core_alg)) { - append_with_hash(&buffer, buffer_size, &required_size, - "%(builder)s", %(builder_length)s, - PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, + "%(builder)s(", %(builder_length)s + 1); + append_with_alg(&buffer, buffer_size, &required_size, + psa_hash_algorithm_name, + PSA_ALG_GET_HASH(core_alg)); + append(&buffer, buffer_size, &required_size, ")", 1); } else ''' bit_test_template = '''\ @@ -149,6 +172,7 @@ class MacroCollector: self.ecc_curves = set() self.algorithms = set() self.hash_algorithms = set() + self.ka_algorithms = set() self.algorithms_from_hash = {} self.key_usages = set() @@ -193,6 +217,9 @@ class MacroCollector: # Ad hoc detection of hash algorithms if re.search(r'0x010000[0-9A-Fa-f]{2}', definition): self.hash_algorithms.add(name) + # Ad hoc detection of key agreement algorithms + if re.search(r'0x30[0-9A-Fa-f]{2}0000', definition): + self.ka_algorithms.add(name) elif name.startswith('PSA_ALG_') and parameter == 'hash_alg': if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']: # A naming irregularity @@ -256,6 +283,10 @@ class MacroCollector: return '\n '.join(map(self.make_return_case, sorted(self.hash_algorithms))) + def make_ka_algorithm_cases(self): + return '\n '.join(map(self.make_return_case, + sorted(self.ka_algorithms))) + def make_algorithm_cases(self): return '\n '.join(map(self.make_append_case, sorted(self.algorithms))) @@ -281,6 +312,7 @@ class MacroCollector: data['key_type_cases'] = self.make_key_type_cases() data['key_type_code'] = self.make_key_type_code() data['hash_algorithm_cases'] = self.make_hash_algorithm_cases() + data['ka_algorithm_cases'] = self.make_ka_algorithm_cases() data['algorithm_cases'] = self.make_algorithm_cases() data['algorithm_code'] = self.make_algorithm_code() data['key_usage_code'] = self.make_key_usage_code() diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 5e128eb7d..421cf4e48 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -63,7 +63,8 @@ when applicable.''' # Hard-coded value for unknown algorithms self.hash_algorithms = set(['0x010000fe']) self.mac_algorithms = set(['0x02ff00ff']) - self.kdf_algorithms = set(['0x300000ff', '0x310000ff']) + self.ka_algorithms = set(['0x30fc0000']) + self.kdf_algorithms = set(['0x200000ff']) # For AEAD algorithms, the only variability is over the tag length, # and this only applies to known algorithms, so don't test an # unknown algorithm. @@ -89,6 +90,7 @@ when applicable.''' Call this after parsing all the inputs.''' self.arguments_for['hash_alg'] = sorted(self.hash_algorithms) self.arguments_for['mac_alg'] = sorted(self.mac_algorithms) + self.arguments_for['ka_alg'] = sorted(self.ka_algorithms) self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms) self.arguments_for['aead_alg'] = sorted(self.aead_algorithms) self.arguments_for['curve'] = sorted(self.ecc_curves) From c88644dd2485f815118444926079fa201b84e2eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 15:03:38 +0200 Subject: [PATCH 1156/2197] Remove "TODO" comments One was obsolete. Reword the other two to avoid the magic word that our CI rejects. --- library/psa_crypto.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6660efe88..8e040514d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -886,7 +886,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) static void psa_abort_operations_using_key( psa_key_slot_t *slot ) { - /*TODO*/ + /*FIXME how to implement this?*/ (void) slot; } @@ -4484,7 +4484,7 @@ static psa_status_t psa_key_derivation_input_raw( if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - // TODO + // To do: implement this status = PSA_ERROR_NOT_SUPPORTED; } else @@ -4527,7 +4527,6 @@ psa_status_t psa_key_derivation_input_key( psa_crypto_generator_t *generator, generator->alg ); if( status != PSA_SUCCESS ) return( status ); - // TODO: for a key agreement algorithm, allow the corresponding key type and step if( slot->type != PSA_KEY_TYPE_DERIVE ) return( PSA_ERROR_INVALID_ARGUMENT ); /* Don't allow a key to be used as an input that is usually public. From ab4b20149713ad27087be59e5b92c353c8ccd9f0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 15:06:27 +0200 Subject: [PATCH 1157/2197] fixup! Key derivation by small input steps: proof-of-concept Fix logic error that clang helpfully points out --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8e040514d..77e7e5a55 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4334,7 +4334,7 @@ static psa_status_t psa_key_derivation_setup_kdf( return( PSA_ERROR_NOT_SUPPORTED ); if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) && - ! ( hash_alg == PSA_ALG_SHA_256 && hash_alg == PSA_ALG_SHA_384 ) ) + ! ( hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384 ) ) { return( PSA_ERROR_NOT_SUPPORTED ); } From 22c51517fb075b977e488a8e47574ee4e13d81e5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 15:07:32 +0200 Subject: [PATCH 1158/2197] Use unsigned int for bitfields uintN_t is not a standard type for a bitfield, as armcc points out. --- include/psa/crypto_struct.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 2414ad5d7..6eed2590a 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -186,8 +186,8 @@ typedef struct #endif uint8_t offset_in_block; uint8_t block_number; - uint8_t state : 2; - uint8_t info_set : 1; + unsigned int state : 2; + unsigned int info_set : 1; } psa_hkdf_generator_t; #endif /* MBEDTLS_MD_C */ From 2b522db26d430d48cb098491c33618f1ba6f2e42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 15:11:49 +0200 Subject: [PATCH 1159/2197] fixup! Key derivation by small input steps: proof-of-concept Simplify the logic inside a few case statements. This removes unreachable break statements. --- library/psa_crypto.c | 53 ++++++++++++++++++-------------------------- 1 file changed, 22 insertions(+), 31 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 77e7e5a55..3ecab01b5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4384,19 +4384,15 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, switch( step ) { case PSA_KDF_STEP_SALT: - if( hkdf->state == HKDF_STATE_INIT ) - { - status = psa_hmac_setup_internal( &hkdf->hmac, - data, data_length, - hash_alg ); - if( status != PSA_SUCCESS ) - return( status ); - hkdf->state = HKDF_STATE_STARTED; - return( PSA_SUCCESS ); - } - else + if( hkdf->state != HKDF_STATE_INIT ) return( PSA_ERROR_BAD_STATE ); - break; + status = psa_hmac_setup_internal( &hkdf->hmac, + data, data_length, + hash_alg ); + if( status != PSA_SUCCESS ) + return( status ); + hkdf->state = HKDF_STATE_STARTED; + return( PSA_SUCCESS ); case PSA_KDF_STEP_SECRET: /* If no salt was provided, use an empty salt. */ if( hkdf->state == HKDF_STATE_INIT ) @@ -4408,25 +4404,21 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, return( status ); hkdf->state = HKDF_STATE_STARTED; } - if( hkdf->state == HKDF_STATE_STARTED ) - { - status = psa_hash_update( &hkdf->hmac.hash_ctx, - data, data_length ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_hmac_finish_internal( &hkdf->hmac, - hkdf->prk, - sizeof( hkdf->prk ) ); - if( status != PSA_SUCCESS ) - return( status ); - hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg ); - hkdf->block_number = 0; - hkdf->state = HKDF_STATE_KEYED; - return( PSA_SUCCESS ); - } - else + if( hkdf->state != HKDF_STATE_STARTED ) return( PSA_ERROR_BAD_STATE ); - break; + status = psa_hash_update( &hkdf->hmac.hash_ctx, + data, data_length ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_hmac_finish_internal( &hkdf->hmac, + hkdf->prk, + sizeof( hkdf->prk ) ); + if( status != PSA_SUCCESS ) + return( status ); + hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg ); + hkdf->block_number = 0; + hkdf->state = HKDF_STATE_KEYED; + return( PSA_SUCCESS ); case PSA_KDF_STEP_INFO: if( hkdf->state == HKDF_STATE_OUTPUT ) return( PSA_ERROR_BAD_STATE ); @@ -4613,7 +4605,6 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, private_key->data.ecp, shared_secret, shared_secret_size, shared_secret_length ) ); - break; #endif /* MBEDTLS_ECDH_C */ default: (void) private_key; From d832f187f756079552601867348d924582bf65de Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Feb 2019 10:44:34 +0000 Subject: [PATCH 1160/2197] Remove pkcs11-helper option In preparation for removing X.509 and PKCS11 from Mbed Crypto, remove pkcs11-helper. It won't be relevant after X.509 and PKCS11 are removed. --- CMakeLists.txt | 1 - library/CMakeLists.txt | 4 ---- programs/Makefile | 1 - programs/test/CMakeLists.txt | 4 ---- tests/CMakeLists.txt | 4 ---- tests/Makefile | 1 - 6 files changed, 15 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index feca4abaf..ec95d9afc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,7 +5,6 @@ else() project("mbed TLS" C) endif() -option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF) option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 903921677..9e4a90a76 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -123,10 +123,6 @@ if(HAIKU) set(libs ${libs} network) endif(HAIKU) -if(USE_PKCS11_HELPER_LIBRARY) - set(libs ${libs} pkcs11-helper) -endif(USE_PKCS11_HELPER_LIBRARY) - if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) diff --git a/programs/Makefile b/programs/Makefile index 4f913bb2b..407a9a2d7 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -1,6 +1,5 @@ # To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS -# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 64ed379e7..0d2b9460a 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -2,10 +2,6 @@ set(libs mbedtls ) -if(USE_PKCS11_HELPER_LIBRARY) - set(libs ${libs} pkcs11-helper) -endif(USE_PKCS11_HELPER_LIBRARY) - if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index fd029647e..1cfbd259f 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -2,10 +2,6 @@ set(libs mbedtls ) -if(USE_PKCS11_HELPER_LIBRARY) - set(libs ${libs} pkcs11-helper) -endif(USE_PKCS11_HELPER_LIBRARY) - if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) diff --git a/tests/Makefile b/tests/Makefile index 8db7920d7..96c3d64bb 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,6 +1,5 @@ # To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS -# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement -Wno-unused-function -Wno-unused-value From d874a1fd14bdf3df8ee232f539ac613adaae648c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Feb 2019 10:47:14 +0000 Subject: [PATCH 1161/2197] Remove zlib The library no longer uses zlib, so we can remove the option to build with zlib. --- CMakeLists.txt | 10 ---------- library/CMakeLists.txt | 4 ---- programs/Makefile | 5 ----- programs/test/CMakeLists.txt | 4 ---- tests/CMakeLists.txt | 4 ---- tests/Makefile | 5 ----- 6 files changed, 32 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ec95d9afc..73e0a2611 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,8 +5,6 @@ else() project("mbed TLS" C) endif() -option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) - option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) @@ -169,14 +167,6 @@ endif() include_directories(include/) include_directories(library/) -if(ENABLE_ZLIB_SUPPORT) - find_package(ZLIB) - - if(ZLIB_FOUND) - include_directories(${ZLIB_INCLUDE_DIR}) - endif(ZLIB_FOUND) -endif(ENABLE_ZLIB_SUPPORT) - add_subdirectory(library) add_subdirectory(include) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 9e4a90a76..6ac507f61 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -123,10 +123,6 @@ if(HAIKU) set(libs ${libs} network) endif(HAIKU) -if(ENABLE_ZLIB_SUPPORT) - set(libs ${libs} ${ZLIB_LIBRARIES}) -endif(ENABLE_ZLIB_SUPPORT) - if(LINK_WITH_PTHREAD) set(libs ${libs} pthread) endif() diff --git a/programs/Makefile b/programs/Makefile index 407a9a2d7..1b032de4c 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -41,11 +41,6 @@ EXEXT= SHARED_SUFFIX= endif -# Zlib shared library extensions: -ifdef ZLIB -LOCAL_LDFLAGS += -lz -endif - APPS = \ aes/aescrypt2$(EXEXT) \ aes/crypt_and_hash$(EXEXT) \ diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 0d2b9460a..59f8d54f1 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -2,10 +2,6 @@ set(libs mbedtls ) -if(ENABLE_ZLIB_SUPPORT) - set(libs ${libs} ${ZLIB_LIBRARIES}) -endif(ENABLE_ZLIB_SUPPORT) - add_executable(selftest selftest.c) target_link_libraries(selftest ${libs}) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 1cfbd259f..757ca5b7b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -2,10 +2,6 @@ set(libs mbedtls ) -if(ENABLE_ZLIB_SUPPORT) - set(libs ${libs} ${ZLIB_LIBRARIES}) -endif(ENABLE_ZLIB_SUPPORT) - find_package(Perl) if(NOT PERL_FOUND) message(FATAL_ERROR "Cannot build test suites without Perl") diff --git a/tests/Makefile b/tests/Makefile index 96c3d64bb..cb374e530 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -48,11 +48,6 @@ SHARED_SUFFIX= PYTHON ?= python2 endif -# Zlib shared library extensions: -ifdef ZLIB -LOCAL_LDFLAGS += -lz -endif - # A test application is built for each suites/test_suite_*.data file. # Application name is same as .data file's base name and can be # constructed by stripping path 'suites/' and extension .data. From 87a5e565f4bda3749f20be3ad8d175caefe2d922 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Apr 2019 12:28:25 +0200 Subject: [PATCH 1162/2197] Rename functions that inject key material to an allocated handle This commit starts a migration to a new interface for key creation. Today, the application allocates a handle, then fills its metadata, and finally injects key material. The new interface fills metadata into a temporary structure, and a handle is allocated at the same time it gets filled with both metadata and key material. This commit was obtained by moving the declaration of the old-style functions to crypto_extra.h and renaming them with the to_handle suffix, adding declarations for the new-style functions in crypto.h under their new name, and running perl -i -pe 's/\bpsa_(import|copy|generator_import|generate)_key\b/$&_to_handle/g' library/*.c tests/suites/*.function programs/psa/*.c perl -i -pe 's/\bpsa_get_key_lifetime\b/$&_from_handle/g' library/*.c tests/suites/*.function programs/psa/*.c Many functions that are specific to the old interface, and which will not remain under the same name with the new interface, are still in crypto.h for now. All functional tests should still pass. The documentation may have some broken links. --- include/psa/crypto.h | 88 ++++-------- include/psa/crypto_extra.h | 87 +++++++++++ library/cipher.c | 2 +- library/pk.c | 2 +- library/pk_wrap.c | 2 +- library/psa_crypto.c | 14 +- library/ssl_cli.c | 2 +- library/ssl_tls.c | 2 +- programs/psa/crypto_examples.c | 6 +- programs/psa/key_ladder_demo.c | 8 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.function | 136 +++++++++--------- .../test_suite_psa_crypto_init.function | 2 +- ...t_suite_psa_crypto_persistent_key.function | 14 +- ..._suite_psa_crypto_slot_management.function | 26 ++-- 15 files changed, 222 insertions(+), 171 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6a7bce880..564dd872b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -93,6 +93,24 @@ psa_status_t psa_crypto_init(void); /**@}*/ +/** \defgroup attributes Key attributes + * @{ + */ + +/** The type of a structure containing key attributes. + * + * This is an opaque structure that can represent the metadata of a key + * object, including the key type and size, domain parameters, usage policies, + * location in storage, and any other similar information. + * + * The actual key material is not considered an attribute of a key. + * Key attributes do not contain information that is generally considered + * highly confidential. + */ +typedef struct psa_key_attributes_s psa_key_attributes_t; + +/**@}*/ + /** \defgroup policy Key policies * @{ */ @@ -231,26 +249,6 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, * @{ */ -/** \brief Retrieve the lifetime of an open key. - * - * \param handle Handle to query. - * \param[out] lifetime On success, the lifetime value. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, - psa_key_lifetime_t *lifetime); - - /** Allocate a key slot for a transient key, i.e. a key which is only stored * in volatile memory. * @@ -302,43 +300,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime, psa_key_id_t id, psa_key_handle_t *handle); -/** Create a new persistent key slot. - * - * Create a new persistent key slot and return a handle to it. The handle - * remains valid until the application calls psa_close_key() or terminates. - * The application can open the key again with psa_open_key() until it - * removes the key by calling psa_destroy_key(). - * - * \param lifetime The lifetime of the key. This designates a storage - * area where the key material is stored. This must not - * be #PSA_KEY_LIFETIME_VOLATILE. - * \param id The persistent identifier of the key. - * \param[out] handle On success, a handle to the newly created key slot. - * When key material is later created in this key slot, - * it will be saved to the specified persistent location. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * to access the newly allocated key slot. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * There is already a key with the identifier \p id in the storage - * area designated by \p lifetime. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is invalid for the specified lifetime. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p lifetime is not supported. - * \retval #PSA_ERROR_NOT_PERMITTED - * \p lifetime is valid, but the application does not have the - * permission to create a key there. - */ -psa_status_t psa_create_key(psa_key_lifetime_t lifetime, - psa_key_id_t id, - psa_key_handle_t *handle); - /** Close a key handle. * * If the handle designates a volatile key, destroy the key material and @@ -417,7 +378,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_import_key(psa_key_handle_t handle, +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, psa_key_type_t type, const uint8_t *data, size_t data_length); @@ -809,8 +771,8 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_copy_key(psa_key_handle_t source_handle, - psa_key_handle_t target_handle, - const psa_key_policy_t *constraint); + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle); /**@}*/ @@ -3006,7 +2968,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generator_import_key(psa_key_handle_t handle, +psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator); @@ -3398,7 +3361,8 @@ typedef struct { * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_key(psa_key_handle_t handle, +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, psa_key_type_t type, size_t bits, const void *extra, diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 093355d3c..efd1b76da 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -202,6 +202,93 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, /* FIXME Deprecated. Remove this as soon as all the tests are updated. */ #define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) +/** \defgroup to_handle Key creation to allocated handle + * @{ + * + * The functions in this section are legacy interfaces where the properties + * of a key object are set after allocating a handle, in constrast with the + * preferred interface where key objects are created atomically from + * a structure that represents the properties. + */ + +/** Create a new persistent key slot. + * + * Create a new persistent key slot and return a handle to it. The handle + * remains valid until the application calls psa_close_key() or terminates. + * The application can open the key again with psa_open_key() until it + * removes the key by calling psa_destroy_key(). + * + * \param lifetime The lifetime of the key. This designates a storage + * area where the key material is stored. This must not + * be #PSA_KEY_LIFETIME_VOLATILE. + * \param id The persistent identifier of the key. + * \param[out] handle On success, a handle to the newly created key slot. + * When key material is later created in this key slot, + * it will be saved to the specified persistent location. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the newly allocated key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_ALREADY_EXISTS + * There is already a key with the identifier \p id in the storage + * area designated by \p lifetime. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p id is invalid for the specified lifetime. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p lifetime is not supported. + * \retval #PSA_ERROR_NOT_PERMITTED + * \p lifetime is valid, but the application does not have the + * permission to create a key there. + */ +psa_status_t psa_create_key(psa_key_lifetime_t lifetime, + psa_key_id_t id, + psa_key_handle_t *handle); + +/** \brief Retrieve the lifetime of an open key. + * + * \param handle Handle to query. + * \param[out] lifetime On success, the lifetime value. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_lifetime_from_handle(psa_key_handle_t handle, + psa_key_lifetime_t *lifetime); + +psa_status_t psa_import_key_to_handle(psa_key_handle_t handle, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + +psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, + psa_key_handle_t target_handle, + const psa_key_policy_t *constraint); + +psa_status_t psa_generator_import_key_to_handle(psa_key_handle_t handle, + psa_key_type_t type, + size_t bits, + psa_crypto_generator_t *generator); + +psa_status_t psa_generate_key_to_handle(psa_key_handle_t handle, + psa_key_type_t type, + size_t bits, + const void *extra, + size_t extra_size); + +/**@}*/ + #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index e854cf669..11f6f8e3a 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -338,7 +338,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); /* Populate new key slot. */ - status = psa_import_key( cipher_psa->slot, + status = psa_import_key_to_handle( cipher_psa->slot, key_type, key, key_bytelen ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); diff --git a/library/pk.c b/library/pk.c index a1e278e73..6bbfdd1dd 100644 --- a/library/pk.c +++ b/library/pk.c @@ -629,7 +629,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* import private key in slot */ - if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) ) + if( PSA_SUCCESS != psa_import_key_to_handle( key, key_type, d, d_len ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); /* remember slot number to be destroyed later by caller */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c7f879ab5..0c7482571 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -589,7 +589,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_import_key( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len ) + if( psa_import_key_to_handle( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len ) != PSA_SUCCESS ) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3ecab01b5..2fab91cc2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -903,7 +903,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) return( status ); } -psa_status_t psa_import_key( psa_key_handle_t handle, +psa_status_t psa_import_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, const uint8_t *data, size_t data_length ) @@ -1228,7 +1228,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) goto exit; - status = psa_import_key( target, source->type, buffer, length ); + status = psa_import_key_to_handle( target, source->type, buffer, length ); exit: if( buffer_size != 0 ) @@ -1237,7 +1237,7 @@ exit: return( status ); } -psa_status_t psa_copy_key(psa_key_handle_t source_handle, +psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, psa_key_handle_t target_handle, const psa_key_policy_t *constraint) { @@ -3277,7 +3277,7 @@ psa_status_t psa_get_key_policy( psa_key_handle_t handle, /* Key Lifetime */ /****************************************************************/ -psa_status_t psa_get_key_lifetime( psa_key_handle_t handle, +psa_status_t psa_get_key_lifetime_from_handle( psa_key_handle_t handle, psa_key_lifetime_t *lifetime ) { psa_key_slot_t *slot; @@ -3996,7 +3996,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) } #endif /* MBEDTLS_DES_C */ -psa_status_t psa_generator_import_key( psa_key_handle_t handle, +psa_status_t psa_generator_import_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator ) @@ -4020,7 +4020,7 @@ psa_status_t psa_generator_import_key( psa_key_handle_t handle, if( type == PSA_KEY_TYPE_DES ) psa_des_set_key_parity( data, bytes ); #endif /* MBEDTLS_DES_C */ - status = psa_import_key( handle, type, data, bytes ); + status = psa_import_key_to_handle( handle, type, data, bytes ); exit: mbedtls_free( data ); @@ -4749,7 +4749,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ -psa_status_t psa_generate_key( psa_key_handle_t handle, +psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4e5b3a602..65bc64cb7 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3148,7 +3148,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); /* Generate ECDH private key. */ - status = psa_generate_key( handshake->ecdh_psa_privkey, + status = psa_generate_key_to_handle( handshake->ecdh_psa_privkey, PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ), MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), NULL, 0 ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 660d548e4..26814429e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -544,7 +544,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - status = psa_import_key( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen ); + status = psa_import_key_to_handle( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 2f7c4453d..90cc0006a 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -179,7 +179,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -229,7 +229,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -277,7 +277,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) alg ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 23c234753..1c3d92195 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name ) KDF_ALG ); PSA_CHECK( psa_set_key_policy( key_handle, &policy ) ); - PSA_CHECK( psa_generate_key( key_handle, + PSA_CHECK( psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), NULL, 0 ) ); @@ -255,7 +255,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, PSA_CHECK( psa_allocate_key( master_key_handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) ); - PSA_CHECK( psa_import_key( *master_key_handle, + PSA_CHECK( psa_import_key_to_handle( *master_key_handle, PSA_KEY_TYPE_DERIVE, key_data, key_size ) ); exit: @@ -309,7 +309,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) ); /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generator_import_key( + PSA_CHECK( psa_generator_import_key_to_handle( *key_handle, PSA_KEY_TYPE_DERIVE, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), @@ -348,7 +348,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_generator_import_key( + PSA_CHECK( psa_generator_import_key_to_handle( *wrapping_key_handle, PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS, diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index d85d9ed3d..7415b63a9 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -97,7 +97,7 @@ psa_key_handle_t pk_psa_genkey( void ) return( PK_PSA_INVALID_SLOT ); /* generate key */ - if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) ) + if( PSA_SUCCESS != psa_generate_key_to_handle( key, type, bits, NULL, 0 ) ) return( PK_PSA_INVALID_SLOT ); return( key ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e01736434..7972597be 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -216,7 +216,7 @@ int exercise_mac_setup( psa_key_type_t key_type, PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) ); *status = psa_mac_sign_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -250,7 +250,7 @@ int exercise_cipher_setup( psa_key_type_t key_type, PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) ); *status = psa_cipher_encrypt_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -1118,7 +1118,7 @@ void import( data_t *data, int type, int expected_status_arg ) PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_allocate_key( &handle ) ); - status = psa_import_key( handle, type, data->x, data->len ); + status = psa_import_key_to_handle( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1151,9 +1151,9 @@ void import_twice( int alg_arg, int usage_arg, psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - status = psa_import_key( handle, type1, data1->x, data1->len ); + status = psa_import_key_to_handle( handle, type1, data1->x, data1->len ); TEST_EQUAL( status, expected_import1_status ); - status = psa_import_key( handle, type2, data2->x, data2->len ); + status = psa_import_key_to_handle( handle, type2, data2->x, data2->len ); TEST_EQUAL( status, expected_import2_status ); if( expected_import1_status == PSA_SUCCESS || @@ -1193,7 +1193,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) /* Try importing the key */ PSA_ASSERT( psa_allocate_key( &handle ) ); - status = psa_import_key( handle, type, p, length ); + status = psa_import_key_to_handle( handle, type, p, length ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1242,7 +1242,7 @@ void import_export( data_t *data, PSA_ERROR_DOES_NOT_EXIST ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); /* Test the key information */ @@ -1283,7 +1283,7 @@ void import_export( data_t *data, PSA_ASSERT( psa_allocate_key( &handle2 ) ); PSA_ASSERT( psa_set_key_policy( handle2, &policy ) ); - PSA_ASSERT( psa_import_key( handle2, type, + PSA_ASSERT( psa_import_key_to_handle( handle2, type, exported, exported_length ) ); PSA_ASSERT( psa_export_key( handle2, @@ -1321,11 +1321,11 @@ void import_key_nonempty_slot( ) PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data, sizeof( data ) ) ); /* Import the key again */ - status = psa_import_key( handle, type, data, sizeof( data ) ); + status = psa_import_key_to_handle( handle, type, data, sizeof( data ) ); TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS ); exit: @@ -1424,7 +1424,7 @@ void export_after_import_failure( data_t *data, int type_arg, PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key - expect failure */ - status = psa_import_key( handle, type, + status = psa_import_key_to_handle( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_import_status ); @@ -1455,7 +1455,7 @@ void cipher_after_import_failure( data_t *data, int type_arg, PSA_ASSERT( psa_allocate_key( &handle ) ); /* Import the key - expect failure */ - status = psa_import_key( handle, type, + status = psa_import_key_to_handle( handle, type, data->x, data->len ); TEST_EQUAL( status, expected_import_status ); @@ -1489,7 +1489,7 @@ void export_after_destroy_key( data_t *data, int type_arg ) ASSERT_ALLOC( exported, export_size ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); PSA_ASSERT( psa_export_key( handle, exported, export_size, @@ -1534,7 +1534,7 @@ void import_export_public_key( data_t *data, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); /* Export the public key */ @@ -1584,7 +1584,7 @@ void import_and_exercise_key( data_t *data, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - status = psa_import_key( handle, type, data->x, data->len ); + status = psa_import_key_to_handle( handle, type, data->x, data->len ); PSA_ASSERT( status ); /* Test the key information */ @@ -1626,7 +1626,7 @@ void key_policy( int usage_arg, int alg_arg ) TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key, sizeof( key ) ) ); PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); @@ -1684,7 +1684,7 @@ void mac_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_mac_sign_setup( &operation, handle, exercise_alg ); @@ -1728,7 +1728,7 @@ void cipher_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); @@ -1780,7 +1780,7 @@ void aead_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_aead_encrypt( handle, exercise_alg, @@ -1835,7 +1835,7 @@ void asymmetric_encryption_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, @@ -1903,7 +1903,7 @@ void asymmetric_signature_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_asymmetric_sign( handle, exercise_alg, @@ -1948,7 +1948,7 @@ void derive_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = psa_key_derivation( &generator, handle, @@ -1988,7 +1988,7 @@ void agreement_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); @@ -2026,7 +2026,7 @@ void raw_agreement_key_policy( int policy_usage, psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); status = raw_key_agreement_with_self( exercise_alg, handle ); @@ -2084,7 +2084,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_allocate_key( &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -2095,7 +2095,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) ); + PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -2170,7 +2170,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_allocate_key( &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -2181,7 +2181,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, target_handle, p_constraint ), + TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ), expected_status ); /* Test that the target slot is unaffected. */ @@ -2588,7 +2588,7 @@ void mac_bad_order( ) alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key, sizeof(key) ) ); /* Call update without calling setup beforehand. */ @@ -2715,7 +2715,7 @@ void mac_sign( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); /* Calculate the MAC. */ @@ -2762,7 +2762,7 @@ void mac_verify( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_mac_verify_setup( &operation, @@ -2882,7 +2882,7 @@ void cipher_bad_order( ) PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key, sizeof(key) ) ); @@ -3040,7 +3040,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, @@ -3110,7 +3110,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, @@ -3186,7 +3186,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, @@ -3260,7 +3260,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, @@ -3327,7 +3327,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, @@ -3413,7 +3413,7 @@ void cipher_verify_output_multipart( int alg_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, @@ -3517,7 +3517,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); TEST_EQUAL( psa_aead_encrypt( handle, alg, @@ -3580,7 +3580,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3629,7 +3629,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3688,7 +3688,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, @@ -3742,7 +3742,7 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3785,7 +3785,7 @@ void sign_verify( int key_type_arg, data_t *key_data, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, @@ -3852,7 +3852,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3885,7 +3885,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3929,7 +3929,7 @@ void asymmetric_encrypt( int key_type_arg, PSA_ASSERT( psa_allocate_key( &handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -3999,7 +3999,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4065,7 +4065,7 @@ void asymmetric_decrypt( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4129,7 +4129,7 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4216,7 +4216,7 @@ void derive_setup( int key_type_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); @@ -4253,7 +4253,7 @@ void test_derive_invalid_generator_state( ) psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, key_type, + PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data, sizeof( key_data ) ) ); @@ -4348,7 +4348,7 @@ void derive_output( int alg_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4445,7 +4445,7 @@ void derive_full( int alg_arg, psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4533,7 +4533,7 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_allocate_key( &base_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); - PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4545,7 +4545,7 @@ void derive_key_exercise( int alg_arg, PSA_ASSERT( psa_allocate_key( &derived_handle ) ); psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, derived_type, derived_bits, &generator ) ); @@ -4597,7 +4597,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_allocate_key( &base_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); - PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE, key_data->x, key_data->len ) ); @@ -4619,7 +4619,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_allocate_key( &derived_handle ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, PSA_KEY_TYPE_RAW_DATA, derived_bits, &generator ) ); @@ -4630,7 +4630,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_destroy_key( derived_handle ) ); PSA_ASSERT( psa_allocate_key( &derived_handle ) ); PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key( derived_handle, + PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, PSA_KEY_TYPE_RAW_DATA, PSA_BYTES_TO_BITS( bytes2 ), &generator ) ); @@ -4672,7 +4672,7 @@ void key_agreement_setup( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4719,7 +4719,7 @@ void raw_key_agreement( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4756,7 +4756,7 @@ void key_agreement_capacity( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4817,7 +4817,7 @@ void key_agreement_output( int alg_arg, PSA_ASSERT( psa_allocate_key( &our_key ) ); psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key( our_key, our_key_type, + PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, our_key_data->x, our_key_data->len ) ); @@ -4932,7 +4932,7 @@ void generate_key( int type_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( handle, type, bits, NULL, 0 ), + TEST_EQUAL( psa_generate_key_to_handle( handle, type, bits, NULL, 0 ), expected_status ); /* Test the key information */ @@ -4992,13 +4992,13 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); break; case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( handle, type, bits, + PSA_ASSERT( psa_generate_key_to_handle( handle, type, bits, NULL, 0 ) ); break; @@ -5009,14 +5009,14 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, base_policy_alg ); PSA_ASSERT( psa_set_key_policy( base_key, &base_policy_set ) ); - PSA_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key_to_handle( base_key, PSA_KEY_TYPE_DERIVE, data->x, data->len ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation( &generator, base_key, base_policy_alg, NULL, 0, NULL, 0, export_size ) ); - PSA_ASSERT( psa_generator_import_key( + PSA_ASSERT( psa_generator_import_key_to_handle( handle, PSA_KEY_TYPE_RAW_DATA, bits, &generator ) ); break; diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index c8f6e1b0a..9f464ac3f 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -189,7 +189,7 @@ void validate_module_init_key_based( int count ) PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); } - status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); + status = psa_import_key_to_handle( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 90e10f66b..245eeef26 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -98,7 +98,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA, + TEST_EQUAL( psa_import_key_to_handle( handle, PSA_KEY_TYPE_RAW_DATA, data, data_length ), expected_status ); @@ -126,7 +126,7 @@ void persistent_key_destroy( int key_id_arg, int should_store, if( should_store == 1 ) { - PSA_ASSERT( psa_import_key( + PSA_ASSERT( psa_import_key_to_handle( handle, first_type, first_data->x, first_data->len ) ); } @@ -147,7 +147,7 @@ void persistent_key_destroy( int key_id_arg, int should_store, /* Create another key in the same slot */ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - PSA_ASSERT( psa_import_key( + PSA_ASSERT( psa_import_key_to_handle( handle, second_type, second_data->x, second_data->len ) ); @@ -170,7 +170,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ), + TEST_EQUAL( psa_import_key_to_handle( handle, type, data->x, data->len ), expected_status ); if( expected_status != PSA_SUCCESS ) @@ -179,7 +179,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, goto exit; } - PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) ); + PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime ) ); TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT ); exit: @@ -215,10 +215,10 @@ void import_export_persistent_key( data_t *data, int type_arg, PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); /* Import the key */ - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, data->x, data->len ) ); - PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) ); + PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime_get ) ); TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT ); /* Test the key information */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 0278b880d..e39374344 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -84,7 +84,7 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg, TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -137,7 +137,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -215,7 +215,7 @@ void create_existent( int lifetime_arg, int id_arg, TEST_ASSERT( handle1 != 0 ); psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) ); - PSA_ASSERT( psa_import_key( handle1, type1, + PSA_ASSERT( psa_import_key_to_handle( handle1, type1, material1, sizeof( material1 ) ) ); if( reopen_policy == CLOSE_BEFORE ) @@ -334,7 +334,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -349,7 +349,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, target_policy = psa_key_policy_init(); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_handle, target_handle, NULL ) ); + PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, NULL ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -435,7 +435,7 @@ void copy_from_empty( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), + TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ), PSA_ERROR_DOES_NOT_EXIST ); /* Test that the slots are unaffected. */ @@ -496,7 +496,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key( source_handle, source_type, + PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, source_material->x, source_material->len ) ); PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); @@ -508,12 +508,12 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, &target_handle ) ); psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - PSA_ASSERT( psa_import_key( target_handle, target_type, + PSA_ASSERT( psa_import_key_to_handle( target_handle, target_type, target_material->x, target_material->len ) ); PSA_ASSERT( psa_get_key_information( target_handle, NULL, &target_bits ) ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ), + TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ), PSA_ERROR_ALREADY_EXISTS ); /* Test that the target slot is unaffected. */ @@ -573,12 +573,12 @@ void copy_to_same( int lifetime_arg, int id_arg, &handle ) ); psa_key_policy_set_usage( &policy, usage, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key( handle, type, + PSA_ASSERT( psa_import_key_to_handle( handle, type, material->x, material->len ) ); PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( handle, handle, NULL ), + TEST_EQUAL( psa_copy_key_to_handle( handle, handle, NULL ), PSA_ERROR_ALREADY_EXISTS ); /* Test that the slot is unaffected. */ @@ -624,7 +624,7 @@ void invalid_handle( ) TEST_ASSERT( handle1 != 0 ); psa_key_policy_set_usage( &policy, 0, 0 ); PSA_ASSERT( psa_set_key_policy( handle1, &policy ) ); - PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA, + PSA_ASSERT( psa_import_key_to_handle( handle1, PSA_KEY_TYPE_RAW_DATA, material, sizeof( material ) ) ); /* Attempt to close and destroy some invalid handles. */ @@ -671,7 +671,7 @@ void many_transient_handles( int max_handles_arg ) for( j = 0; j < i; j++ ) TEST_ASSERT( handles[i] != handles[j] ); PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) ); - PSA_ASSERT( psa_import_key( handles[i], PSA_KEY_TYPE_RAW_DATA, + PSA_ASSERT( psa_import_key_to_handle( handles[i], PSA_KEY_TYPE_RAW_DATA, (uint8_t *) &i, sizeof( i ) ) ); } max_handles = i; From 4747d19d1852fae077b161513c59c083df89270a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Apr 2019 15:05:45 +0200 Subject: [PATCH 1163/2197] Implement atomic-creation psa_import_key Implement the new, attribute-based psa_import_key and some basic functions to access psa_key_attributes_t. Replace psa_import_key_to_handle by psa_import_key in a few test functions. This commit does not handle persistence attributes yet. --- include/psa/crypto.h | 36 ++++- include/psa/crypto_struct.h | 52 +++++++ library/psa_crypto.c | 146 ++++++++++++++++++-- tests/suites/test_suite_psa_crypto.function | 50 +++---- 4 files changed, 240 insertions(+), 44 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 564dd872b..74a36b0b3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -109,6 +109,39 @@ psa_status_t psa_crypto_init(void); */ typedef struct psa_key_attributes_s psa_key_attributes_t; +static void psa_make_key_persistent(psa_key_attributes_t *attributes, + psa_key_id_t id, + psa_key_lifetime_t lifetime); + +static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes); + +static psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes); + +static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags); + +static psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes); + +static void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg); + +static psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes); + +static void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type); + +static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); + +static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); + +psa_status_t psa_get_key_attributes(psa_key_handle_t handle, + psa_key_attributes_t *attributes); + +psa_status_t psa_reset_key_attributes(psa_key_attributes_t *attributes); + /**@}*/ /** \defgroup policy Key policies @@ -380,7 +413,6 @@ psa_status_t psa_close_key(psa_key_handle_t handle); */ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - psa_key_type_t type, const uint8_t *data, size_t data_length); @@ -2970,7 +3002,6 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, */ psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator); @@ -3363,7 +3394,6 @@ typedef struct { */ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - psa_key_type_t type, size_t bits, const void *extra, size_t extra_size); diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 6eed2590a..16674d4fb 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -260,4 +260,56 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) return( v ); } +struct psa_key_attributes_s +{ + psa_key_id_t id; + psa_key_lifetime_t lifetime; + psa_key_policy_t policy; + psa_key_type_t type; + size_t bits; +}; + +#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0} +static inline struct psa_key_attributes_s psa_key_attributes_init( void ) +{ + const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; + return( v ); +} + +static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, + psa_key_usage_t usage_flags) +{ + attributes->policy.usage = usage_flags; +} + +static inline psa_key_usage_t psa_get_key_usage_flags( + const psa_key_attributes_t *attributes) +{ + return( attributes->policy.usage ); +} + +static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, + psa_algorithm_t alg) +{ + attributes->policy.alg = alg; +} + +static inline psa_algorithm_t psa_get_key_algorithm( + const psa_key_attributes_t *attributes) +{ + return( attributes->policy.alg ); +} + +static inline void psa_set_key_type(psa_key_attributes_t *attributes, + psa_key_type_t type) +{ + attributes->type = type; +} + +static inline psa_key_type_t psa_get_key_type( + const psa_key_attributes_t *attributes) +{ + return( attributes->type ); +} + #endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2fab91cc2..9b43d1373 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1212,6 +1212,140 @@ exit: } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +static psa_status_t psa_set_key_policy_internal( + psa_key_slot_t *slot, + const psa_key_policy_t *policy ) +{ + if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_SIGN | + PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_DERIVE ) ) != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + slot->policy = *policy; + return( PSA_SUCCESS ); +} + +/** Prepare a key slot to receive key material. + * + * This function allocates a key slot and sets its metadata. + * + * If this function fails, call psa_fail_key_creation(). + * + * \param attributes Key attributes for the new key. + * \param handle On success, the allocated handle. + * \param p_slot On success, a pointer to the prepared slot. + */ +static psa_status_t psa_start_key_creation( + const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, + psa_key_slot_t **p_slot ) +{ + psa_status_t status; + psa_key_slot_t *slot; + + status = psa_allocate_key( handle ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_get_key_slot( *handle, p_slot ); + if( status != PSA_SUCCESS ) + return( status ); + slot = *p_slot; + + status = psa_set_key_policy_internal( slot, &attributes->policy ); + if( status != PSA_SUCCESS ) + return( status ); + slot->lifetime = attributes->lifetime; + if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE ) + slot->persistent_storage_id = attributes->id; + slot->type = attributes->type; + + return( status ); +} + +/** Finalize the creation of a key once its key material has been set. + * + * This entails writing the key to persistent storage. + * + * If this function fails, call psa_fail_key_creation(). + * + * \param slot Pointer to the slot with key material. + */ +static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) +{ + psa_status_t status = PSA_SUCCESS; + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + uint8_t *buffer = NULL; + size_t buffer_size = 0; + size_t length; + + buffer_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, + psa_get_key_bits( slot ) ); + buffer = mbedtls_calloc( 1, buffer_size ); + if( buffer == NULL && buffer_size != 0 ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + status = psa_internal_export_key( slot, + buffer, buffer_size, &length, + 0 ); + + if( status == PSA_SUCCESS ) + { + status = psa_save_persistent_key( slot->persistent_storage_id, + slot->type, &slot->policy, + buffer, length ); + } + + if( buffer_size != 0 ) + mbedtls_platform_zeroize( buffer, buffer_size ); + mbedtls_free( buffer ); + } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + + return( status ); +} + +/** Abort the creation of a key. + * + * You may call this function after calling psa_start_key_creation(), + * or after psa_finish_key_creation() fails. In other circumstances, this + * function may not clean up persistent storage. + * + * \param slot Pointer to the slot with key material. + */ +static void psa_fail_key_creation( psa_key_slot_t *slot ) +{ + if( slot == NULL ) + return; + psa_wipe_key_slot( slot ); +} + +psa_status_t psa_import_key( const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status; + psa_key_slot_t *slot = NULL; + status = psa_start_key_creation( attributes, handle, &slot ); + if( status == PSA_SUCCESS ) + { + status = psa_import_key_into_slot( slot, data, data_length ); + } + if( status == PSA_SUCCESS ) + status = psa_finish_key_creation( slot ); + if( status != PSA_SUCCESS ) + { + psa_fail_key_creation( slot ); + *handle = 0; + } + return( status ); +} + static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, psa_key_handle_t target ) { @@ -3240,17 +3374,7 @@ psa_status_t psa_set_key_policy( psa_key_handle_t handle, if( status != PSA_SUCCESS ) return( status ); - if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | - PSA_KEY_USAGE_ENCRYPT | - PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_SIGN | - PSA_KEY_USAGE_VERIFY | - PSA_KEY_USAGE_DERIVE ) ) != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - slot->policy = *policy; - - return( PSA_SUCCESS ); + return( psa_set_key_policy_internal( slot, policy ) ); } psa_status_t psa_get_key_policy( psa_key_handle_t handle, diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 7972597be..b9f0d5f48 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1111,14 +1111,15 @@ void static_checks( ) /* BEGIN_CASE */ void import( data_t *data, int type, int expected_status_arg ) { + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t handle = 0; psa_status_t expected_status = expected_status_arg; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - status = psa_import_key_to_handle( handle, type, data->x, data->len ); + psa_set_key_type( &attributes, type ); + status = psa_import_key( &attributes, &handle, data->x, data->len ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1226,7 +1227,7 @@ void import_export( data_t *data, size_t reexported_length; psa_key_type_t got_type; size_t got_bits; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; export_size = (ptrdiff_t) data->len + export_size_delta; ASSERT_ALLOC( exported, export_size ); @@ -1234,16 +1235,12 @@ void import_export( data_t *data, ASSERT_ALLOC( reexported, export_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, usage_arg, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - - TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), - PSA_ERROR_DOES_NOT_EXIST ); + psa_set_key_usage_flags( &attributes, usage_arg ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key_to_handle( handle, type, - data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); /* Test the key information */ PSA_ASSERT( psa_get_key_information( handle, @@ -1280,12 +1277,8 @@ void import_export( data_t *data, else { psa_key_handle_t handle2; - PSA_ASSERT( psa_allocate_key( &handle2 ) ); - PSA_ASSERT( psa_set_key_policy( handle2, &policy ) ); - - PSA_ASSERT( psa_import_key_to_handle( handle2, type, - exported, - exported_length ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle2, + exported, exported_length ) ); PSA_ASSERT( psa_export_key( handle2, reexported, export_size, @@ -1525,17 +1518,16 @@ void import_export_public_key( data_t *data, unsigned char *exported = NULL; size_t export_size = expected_public_key->len + export_size_delta; size_t exported_length = INVALID_EXPORT_LENGTH; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key_to_handle( handle, type, - data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); /* Export the public key */ ASSERT_ALLOC( exported, export_size ); @@ -1572,20 +1564,18 @@ void import_and_exercise_key( data_t *data, size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_to_exercise( type, alg ); - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t got_type; size_t got_bits; - psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, usage, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); /* Import the key */ - status = psa_import_key_to_handle( handle, type, data->x, data->len ); - PSA_ASSERT( status ); + PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); /* Test the key information */ PSA_ASSERT( psa_get_key_information( handle, From db4b3abab1974cf8838f72a52872ebd6700d9911 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 12:53:01 +0200 Subject: [PATCH 1164/2197] Implement missing attributes setters and getters --- include/psa/crypto_struct.h | 26 ++++++++++++++++++++++++++ library/psa_crypto.c | 16 ++++++++-------- 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 16674d4fb..51c940248 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -276,6 +276,26 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) return( v ); } +static inline void psa_make_key_persistent(psa_key_attributes_t *attributes, + psa_key_id_t id, + psa_key_lifetime_t lifetime) +{ + attributes->id = id; + attributes->lifetime = lifetime; +} + +static inline psa_key_id_t psa_get_key_id( + const psa_key_attributes_t *attributes) +{ + return( attributes->id ); +} + +static inline psa_key_lifetime_t psa_get_key_lifetime( + const psa_key_attributes_t *attributes) +{ + return( attributes->lifetime ); +} + static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags) { @@ -312,4 +332,10 @@ static inline psa_key_type_t psa_get_key_type( return( attributes->type ); } +static inline size_t psa_get_key_bits( + const psa_key_attributes_t *attributes) +{ + return( attributes->bits ); +} + #endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9b43d1373..7eebfcf4c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -965,7 +965,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) } /* Return the size of the key in the given slot, in bits. */ -static size_t psa_get_key_bits( const psa_key_slot_t *slot ) +static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) { if( key_type_is_raw_bytes( slot->type ) ) return( slot->data.raw.bytes * 8 ); @@ -1001,7 +1001,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle, if( type != NULL ) *type = slot->type; if( bits != NULL ) - *bits = psa_get_key_bits( slot ); + *bits = psa_get_key_slot_bits( slot ); return( PSA_SUCCESS ); } @@ -1050,7 +1050,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, { psa_status_t status; - size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( slot ) ); + size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_slot_bits( slot ) ); if( bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); status = mbedtls_to_psa_error( @@ -1285,7 +1285,7 @@ static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) size_t length; buffer_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, - psa_get_key_bits( slot ) ); + psa_get_key_slot_bits( slot ) ); buffer = mbedtls_calloc( 1, buffer_size ); if( buffer == NULL && buffer_size != 0 ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); @@ -1355,7 +1355,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, size_t length; buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->type, - psa_get_key_bits( source ) ); + psa_get_key_slot_bits( source ) ); buffer = mbedtls_calloc( 1, buffer_size ); if( buffer == NULL && buffer_size != 0 ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); @@ -2149,7 +2149,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, status = psa_get_key_from_slot( handle, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; - key_bits = psa_get_key_bits( slot ); + key_bits = psa_get_key_slot_bits( slot ); #if defined(MBEDTLS_CMAC_C) if( full_length_alg == PSA_ALG_CMAC ) @@ -3060,7 +3060,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, status = psa_get_key_from_slot( handle, &slot, usage, alg); if( status != PSA_SUCCESS ) goto exit; - key_bits = psa_get_key_bits( slot ); + key_bits = psa_get_key_slot_bits( slot ); cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL ); if( cipher_info == NULL ) @@ -3470,7 +3470,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - key_bits = psa_get_key_bits( operation->slot ); + key_bits = psa_get_key_slot_bits( operation->slot ); operation->cipher_info = mbedtls_cipher_info_from_psa( alg, operation->slot->type, key_bits, From ff5f0e7221d54e5a11db13c5198093a6b6bf4d53 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 12:53:30 +0200 Subject: [PATCH 1165/2197] Implement atomic-creation psa_{generate,generator_import}_key Implement the new, attribute-based psa_generate_key and psa_generator_import_key. --- library/psa_crypto.c | 113 +++++++++++++++++-- tests/suites/test_suite_psa_crypto.function | 118 ++++++++++---------- 2 files changed, 159 insertions(+), 72 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7eebfcf4c..413df0a06 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4120,6 +4120,59 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) } #endif /* MBEDTLS_DES_C */ +static psa_status_t psa_generator_import_key_internal( + psa_key_slot_t *slot, + size_t bits, + psa_crypto_generator_t *generator ) +{ + uint8_t *data = NULL; + size_t bytes = PSA_BITS_TO_BYTES( bits ); + psa_status_t status; + + if( ! key_type_is_raw_bytes( slot->type ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( bits % 8 != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + data = mbedtls_calloc( 1, bytes ); + if( data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + status = psa_generator_read( generator, data, bytes ); + if( status != PSA_SUCCESS ) + goto exit; +#if defined(MBEDTLS_DES_C) + if( slot->type == PSA_KEY_TYPE_DES ) + psa_des_set_key_parity( data, bytes ); +#endif /* MBEDTLS_DES_C */ + status = psa_import_key_into_slot( slot, data, bytes ); + +exit: + mbedtls_free( data ); + return( status ); +} + +psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, + size_t bits, + psa_crypto_generator_t *generator ) +{ + psa_status_t status; + psa_key_slot_t *slot = NULL; + status = psa_start_key_creation( attributes, handle, &slot ); + if( status == PSA_SUCCESS ) + { + status = psa_generator_import_key_internal( slot, bits, generator ); + } + if( status == PSA_SUCCESS ) + status = psa_finish_key_creation( slot ); + if( status != PSA_SUCCESS ) + { + psa_fail_key_creation( slot ); + *handle = 0; + } + return( status ); +} + psa_status_t psa_generator_import_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, @@ -4873,24 +4926,19 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ -psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, - psa_key_type_t type, - size_t bits, - const void *extra, - size_t extra_size ) +static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, + size_t bits, + const void *extra, + size_t extra_size ) { - psa_key_slot_t *slot; - psa_status_t status; + psa_key_type_t type = slot->type; if( extra == NULL && extra_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_empty_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - if( key_type_is_raw_bytes( type ) ) { + psa_status_t status; status = prepare_raw_data_slot( type, bits, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); @@ -4989,7 +5037,26 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, return( PSA_ERROR_NOT_SUPPORTED ); + return( PSA_SUCCESS ); +} + +psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, + psa_key_type_t type, + size_t bits, + const void *extra, + size_t extra_size ) +{ + psa_key_slot_t *slot; + psa_status_t status; + + status = psa_get_empty_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + slot->type = type; + status = psa_generate_key_internal( slot, bits, extra, extra_size ); + if( status != PSA_SUCCESS ) + slot->type = 0; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) @@ -5001,6 +5068,30 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, return( status ); } +psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, + psa_key_handle_t *handle, + size_t bits, + const void *extra, + size_t extra_size ) +{ + psa_status_t status; + psa_key_slot_t *slot = NULL; + status = psa_start_key_creation( attributes, handle, &slot ); + if( status == PSA_SUCCESS ) + { + status = psa_generate_key_internal( slot, bits, extra, extra_size ); + } + if( status == PSA_SUCCESS ) + status = psa_finish_key_creation( slot ); + if( status != PSA_SUCCESS ) + { + psa_fail_key_creation( slot ); + *handle = 0; + } + return( status ); +} + + /****************************************************************/ /* Module setup */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b9f0d5f48..03ec2b020 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4320,7 +4320,7 @@ void derive_output( int alg_arg, uint8_t *output_buffer = NULL; size_t expected_capacity; size_t current_capacity; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned i; @@ -4334,11 +4334,11 @@ void derive_output( int alg_arg, ASSERT_ALLOC( output_buffer, output_buffer_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); @@ -4427,15 +4427,15 @@ void derive_full( int alg_arg, unsigned char output_buffer[16]; size_t expected_capacity = requested_capacity; size_t current_capacity; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); @@ -4514,16 +4514,16 @@ void derive_key_exercise( int alg_arg, psa_algorithm_t derived_alg = derived_alg_arg; size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t got_type; size_t got_bits; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &base_handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE, + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + PSA_ASSERT( psa_import_key( &attributes, &base_handle, key_data->x, key_data->len ) ); @@ -4532,11 +4532,10 @@ void derive_key_exercise( int alg_arg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_allocate_key( &derived_handle ) ); - psa_key_policy_set_usage( &policy, derived_usage, derived_alg ); - PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, - derived_type, + psa_set_key_usage_flags( &attributes, derived_usage ); + psa_set_key_algorithm( &attributes, derived_alg ); + psa_set_key_type( &attributes, derived_type ); + PSA_ASSERT( psa_generator_import_key( &attributes, &derived_handle, derived_bits, &generator ) ); @@ -4577,17 +4576,18 @@ void derive_key_export( int alg_arg, psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; uint8_t *output_buffer = NULL; uint8_t *export_buffer = NULL; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; size_t length; ASSERT_ALLOC( output_buffer, capacity ); ASSERT_ALLOC( export_buffer, capacity ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &base_handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE, + psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &base_attributes, alg ); + psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); + PSA_ASSERT( psa_import_key( &base_attributes, &base_handle, key_data->x, key_data->len ) ); @@ -4606,11 +4606,10 @@ void derive_key_export( int alg_arg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_allocate_key( &derived_handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); - PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, - PSA_KEY_TYPE_RAW_DATA, + psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &derived_attributes, 0 ); + psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, derived_bits, &generator ) ); PSA_ASSERT( psa_export_key( derived_handle, @@ -4618,10 +4617,7 @@ void derive_key_export( int alg_arg, &length ) ); TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); - PSA_ASSERT( psa_allocate_key( &derived_handle ) ); - PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) ); - PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle, - PSA_KEY_TYPE_RAW_DATA, + PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, PSA_BYTES_TO_BITS( bytes2 ), &generator ) ); PSA_ASSERT( psa_export_key( derived_handle, @@ -4653,16 +4649,16 @@ void key_agreement_setup( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &our_key ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, our_key_type ); + PSA_ASSERT( psa_import_key( &attributes, &our_key, our_key_data->x, our_key_data->len ) ); @@ -4699,17 +4695,17 @@ void raw_key_agreement( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; unsigned char *output = NULL; size_t output_length = ~0; ASSERT_ALLOC( output, expected_output->len ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &our_key ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, our_key_type ); + PSA_ASSERT( psa_import_key( &attributes, &our_key, our_key_data->x, our_key_data->len ) ); @@ -4737,16 +4733,16 @@ void key_agreement_capacity( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t actual_capacity; unsigned char output[16]; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &our_key ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, our_key_type ); + PSA_ASSERT( psa_import_key( &attributes, &our_key, our_key_data->x, our_key_data->len ) ); @@ -4796,7 +4792,7 @@ void key_agreement_output( int alg_arg, psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; ASSERT_ALLOC( actual_output, MAX( expected_output1->len, @@ -4804,10 +4800,10 @@ void key_agreement_output( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &our_key ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( our_key, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type, + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, our_key_type ); + PSA_ASSERT( psa_import_key( &attributes, &our_key, our_key_data->x, our_key_data->len ) ); @@ -4913,23 +4909,23 @@ void generate_key( int type_arg, size_t got_bits; psa_status_t expected_info_status = expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, usage, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); /* Generate a key */ - TEST_EQUAL( psa_generate_key_to_handle( handle, type, bits, NULL, 0 ), + TEST_EQUAL( psa_generate_key( &attributes, &handle, bits, NULL, 0 ), expected_status ); + if( expected_info_status != PSA_SUCCESS ) + goto exit; /* Test the key information */ TEST_EQUAL( psa_get_key_information( handle, &got_type, &got_bits ), expected_info_status ); - if( expected_info_status != PSA_SUCCESS ) - goto exit; TEST_EQUAL( got_type, type ); TEST_EQUAL( got_bits, bits ); From dfea0a25103f70c9497b6348a77884d167956b4c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 13:39:40 +0200 Subject: [PATCH 1166/2197] Use the attribute-based key creation interface in sample programs --- programs/psa/crypto_examples.c | 52 ++++++++++++-------------------- programs/psa/key_ladder_demo.c | 54 +++++++++++++++------------------- 2 files changed, 42 insertions(+), 64 deletions(-) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 90cc0006a..07d1fd25d 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -39,20 +39,6 @@ int main( void ) } #else -static psa_status_t set_key_policy( psa_key_handle_t key_handle, - psa_key_usage_t key_usage, - psa_algorithm_t alg ) -{ - psa_status_t status; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - - psa_key_policy_set_usage( &policy, key_usage, alg ); - status = psa_set_key_policy( key_handle, &policy ); - ASSERT_STATUS( status, PSA_SUCCESS ); -exit: - return( status ); -} - static psa_status_t cipher_operation( psa_cipher_operation_t *operation, const uint8_t * input, size_t input_size, @@ -161,6 +147,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t key_handle = 0; size_t output_len = 0; uint8_t iv[block_size]; @@ -171,15 +158,12 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_allocate_key( &key_handle ); - ASSERT_STATUS( status, PSA_SUCCESS ); + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - status = set_key_policy( key_handle, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); - - status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key( &attributes, &key_handle, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -213,6 +197,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t key_handle = 0; size_t output_len = 0; uint8_t iv[block_size], input[input_size], @@ -224,12 +209,12 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) status = psa_allocate_key( &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = set_key_policy( key_handle, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key( &attributes, &key_handle, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); @@ -262,6 +247,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) const psa_algorithm_t alg = PSA_ALG_CTR; psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t key_handle = 0; size_t output_len = 0; uint8_t iv[block_size], input[input_size], encrypt[input_size], @@ -270,14 +256,12 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_allocate_key( &key_handle ); - ASSERT_STATUS( status, PSA_SUCCESS ); - status = set_key_policy( key_handle, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits, + status = psa_generate_key( &attributes, &key_handle, key_bits, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 1c3d92195..b84e7fd6b 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -200,16 +200,14 @@ static psa_status_t generate( const char *key_file_name ) { psa_status_t status = PSA_SUCCESS; psa_key_handle_t key_handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_CHECK( psa_allocate_key( &key_handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, - KDF_ALG ); - PSA_CHECK( psa_set_key_policy( key_handle, &policy ) ); + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, KDF_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_CHECK( psa_generate_key_to_handle( key_handle, - PSA_KEY_TYPE_DERIVE, + PSA_CHECK( psa_generate_key( &attributes, &key_handle, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), NULL, 0 ) ); @@ -231,7 +229,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, psa_key_handle_t *master_key_handle ) { psa_status_t status = PSA_SUCCESS; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t key_data[KEY_SIZE_BYTES]; size_t key_size; FILE *key_file = NULL; @@ -252,11 +250,10 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, SYS_CHECK( fclose( key_file ) == 0 ); key_file = NULL; - PSA_CHECK( psa_allocate_key( master_key_handle ) ); - psa_key_policy_set_usage( &policy, usage, alg ); - PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) ); - PSA_CHECK( psa_import_key_to_handle( *master_key_handle, - PSA_KEY_TYPE_DERIVE, + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + PSA_CHECK( psa_import_key( &attributes, master_key_handle, key_data, key_size ) ); exit: if( key_file != NULL ) @@ -282,12 +279,14 @@ static psa_status_t derive_key_ladder( const char *ladder[], psa_key_handle_t *key_handle ) { psa_status_t status = PSA_SUCCESS; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; size_t i; - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, - KDF_ALG ); + + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, KDF_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); /* For each label in turn, ... */ for( i = 0; i < ladder_depth; i++ ) @@ -305,13 +304,10 @@ static psa_status_t derive_key_ladder( const char *ladder[], * since it is no longer needed. */ PSA_CHECK( psa_close_key( *key_handle ) ); *key_handle = 0; - PSA_CHECK( psa_allocate_key( key_handle ) ); - PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) ); /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generator_import_key_to_handle( - *key_handle, - PSA_KEY_TYPE_DERIVE, + PSA_CHECK( psa_generator_import_key( + &attributes, key_handle, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), &generator ) ); PSA_CHECK( psa_generator_abort( &generator ) ); @@ -333,13 +329,13 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_key_handle_t *wrapping_key_handle ) { psa_status_t status = PSA_SUCCESS; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; *wrapping_key_handle = 0; - PSA_CHECK( psa_allocate_key( wrapping_key_handle ) ); - psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG ); - PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) ); + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, WRAPPING_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); PSA_CHECK( psa_key_derivation( &generator, @@ -348,9 +344,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_generator_import_key_to_handle( - *wrapping_key_handle, - PSA_KEY_TYPE_AES, + PSA_CHECK( psa_generator_import_key( &attributes, wrapping_key_handle, WRAPPING_KEY_BITS, &generator ) ); From 8c8f2ab66bc3e8659805da4afe20958b783cef74 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 21:44:46 +0200 Subject: [PATCH 1167/2197] Implement psa_get_key_attributes Implement attribute querying. Test attribute getters and setters. Use psa_get_key_attributes instead of the deprecated functions psa_get_key_policy or psa_get_key_information in most tests. --- include/psa/crypto.h | 2 +- library/psa_crypto.c | 68 +++++- tests/suites/test_suite_psa_crypto.data | 3 + tests/suites/test_suite_psa_crypto.function | 217 ++++++++++++-------- 4 files changed, 198 insertions(+), 92 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 74a36b0b3..e5370bf76 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -140,7 +140,7 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); psa_status_t psa_get_key_attributes(psa_key_handle_t handle, psa_key_attributes_t *attributes); -psa_status_t psa_reset_key_attributes(psa_key_attributes_t *attributes); +void psa_reset_key_attributes(psa_key_attributes_t *attributes); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 413df0a06..a43ccaf57 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -981,6 +981,31 @@ static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) return( 0 ); } +void psa_reset_key_attributes( psa_key_attributes_t *attributes ) +{ + memset( attributes, 0, sizeof( *attributes ) ); +} + +psa_status_t psa_get_key_attributes( psa_key_handle_t handle, + psa_key_attributes_t *attributes ) +{ + psa_key_slot_t *slot; + psa_status_t status; + + psa_reset_key_attributes( attributes ); + + status = psa_get_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + attributes->id = slot->persistent_storage_id; + attributes->lifetime = slot->lifetime; + attributes->policy = slot->policy; + attributes->type = slot->type; + attributes->bits = psa_get_key_slot_bits( slot ); + return( PSA_SUCCESS ); +} + psa_status_t psa_get_key_information( psa_key_handle_t handle, psa_key_type_t *type, size_t *bits ) @@ -1347,7 +1372,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, } static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, - psa_key_handle_t target ) + psa_key_slot_t *target ) { psa_status_t status; uint8_t *buffer = NULL; @@ -1362,7 +1387,8 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) goto exit; - status = psa_import_key_to_handle( target, source->type, buffer, length ); + target->type = source->type; + status = psa_import_key_into_slot( target, buffer, length ); exit: if( buffer_size != 0 ) @@ -1397,7 +1423,7 @@ psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, return( status ); } - status = psa_copy_key_material( source_slot, target_handle ); + status = psa_copy_key_material( source_slot, target_slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1405,6 +1431,42 @@ psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, return( PSA_SUCCESS ); } +psa_status_t psa_copy_key( psa_key_handle_t source_handle, + const psa_key_attributes_t *specified_attributes, + psa_key_handle_t *target_handle ) +{ + psa_status_t status; + psa_key_slot_t *source_slot = NULL; + psa_key_slot_t *target_slot = NULL; + psa_key_attributes_t actual_attributes = *specified_attributes; + + status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_restrict_key_policy( &actual_attributes.policy, + &source_slot->policy ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_start_key_creation( &actual_attributes, + target_handle, &target_slot ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_copy_key_material( source_slot, target_slot ); + +exit: + if( status == PSA_SUCCESS ) + status = psa_finish_key_creation( target_slot ); + if( status != PSA_SUCCESS ) + { + psa_fail_key_creation( target_slot ); + *target_handle = 0; + } + return( status ); +} + /****************************************************************/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9629d438a..58e23e202 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,6 +1,9 @@ PSA compile-time sanity checks static_checks: +PSA key attributes structure +attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES + PSA import/export raw: 0 bytes import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 03ec2b020..ddcbd8a35 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -346,12 +346,16 @@ static int exercise_cipher_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_DECRYPT ) { psa_status_t status; - psa_key_type_t type = PSA_KEY_TYPE_NONE; + int maybe_invalid_padding = 0; if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) { - size_t bits; - TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) ); - iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + /* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't + * have this macro yet. */ + iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( + psa_get_key_type( &attributes ) ); + maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg ); } PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); @@ -368,12 +372,11 @@ static int exercise_cipher_key( psa_key_handle_t handle, /* For a stream cipher, all inputs are valid. For a block cipher, * if the input is some aribtrary data rather than an actual ciphertext, a padding error is likely. */ - if( ( usage & PSA_KEY_USAGE_ENCRYPT ) || - PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 ) - PSA_ASSERT( status ); - else + if( maybe_invalid_padding ) TEST_ASSERT( status == PSA_SUCCESS || status == PSA_ERROR_INVALID_PADDING ); + else + PSA_ASSERT( status ); } return( 1 ); @@ -579,10 +582,11 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, * psa_key_agreement fails. This isn't fully satisfactory, but it's * good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_information( handle, - &private_key_type, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + private_key_type = psa_get_key_type( &attributes ); + key_bits = psa_get_key_bits( &attributes ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); @@ -613,10 +617,11 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, * psa_key_agreement fails. This isn't fully satisfactory, but it's * good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_information( handle, - &private_key_type, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + private_key_type = psa_get_key_type( &attributes ); + key_bits = psa_get_key_bits( &attributes ); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); @@ -918,30 +923,32 @@ exit: static int exercise_export_key( psa_key_handle_t handle, psa_key_usage_t usage ) { - psa_key_type_t type; - size_t bits; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *exported = NULL; size_t exported_size = 0; size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && - ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) + ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) ) { TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ), PSA_ERROR_NOT_PERMITTED ); return( 1 ); } - exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); + exported_size = PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( &attributes ), + psa_get_key_bits( &attributes ) ); ASSERT_ALLOC( exported, exported_size ); PSA_ASSERT( psa_export_key( handle, exported, exported_size, &exported_length ) ); - ok = exported_key_sanity_check( type, bits, exported, exported_length ); + ok = exported_key_sanity_check( psa_get_key_type( &attributes ), + psa_get_key_bits( &attributes ), + exported, exported_length ); exit: mbedtls_free( exported ); @@ -950,30 +957,32 @@ exit: static int exercise_export_public_key( psa_key_handle_t handle ) { - psa_key_type_t type; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t public_type; - size_t bits; uint8_t *exported = NULL; size_t exported_size = 0; size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) ); - if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) ) { TEST_EQUAL( psa_export_public_key( handle, NULL, 0, &exported_length ), PSA_ERROR_INVALID_ARGUMENT ); return( 1 ); } - public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); - exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ); + public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( + psa_get_key_type( &attributes ) ); + exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, + psa_get_key_bits( &attributes ) ); ASSERT_ALLOC( exported, exported_size ); PSA_ASSERT( psa_export_public_key( handle, exported, exported_size, &exported_length ) ); - ok = exported_key_sanity_check( public_type, bits, + ok = exported_key_sanity_check( public_type, + psa_get_key_bits( &attributes ), exported, exported_length ); exit: @@ -1109,10 +1118,51 @@ void static_checks( ) /* END_CASE */ /* BEGIN_CASE */ -void import( data_t *data, int type, int expected_status_arg ) +void attributes_set_get( int id_arg, int lifetime_arg, + int usage_flags_arg, int alg_arg, + int type_arg ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_id_t id = id_arg; + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_usage_t usage_flags = usage_flags_arg; + psa_algorithm_t alg = alg_arg; + psa_key_type_t type = type_arg; + + TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); + + psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_usage_flags( &attributes, usage_flags ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); + + TEST_EQUAL( psa_get_key_id( &attributes ), id ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + + psa_reset_key_attributes( &attributes ); + + TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void import( data_t *data, int type_arg, int expected_status_arg ) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t handle = 0; + psa_key_type_t type = type_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -1121,10 +1171,16 @@ void import( data_t *data, int type, int expected_status_arg ) psa_set_key_type( &attributes, type ); status = psa_import_key( &attributes, &handle, data->x, data->len ); TEST_EQUAL( status, expected_status ); - if( status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( handle ) ); + if( status != PSA_SUCCESS ) + goto exit; + + PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); + + PSA_ASSERT( psa_destroy_key( handle ) ); exit: + psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1225,9 +1281,8 @@ void import_export( data_t *data, size_t export_size; size_t exported_length = INVALID_EXPORT_LENGTH; size_t reexported_length; - psa_key_type_t got_type; - size_t got_bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; export_size = (ptrdiff_t) data->len + export_size_delta; ASSERT_ALLOC( exported, export_size ); @@ -1243,11 +1298,9 @@ void import_export( data_t *data, PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); /* Test the key information */ - PSA_ASSERT( psa_get_key_information( handle, - &got_type, - &got_bits ) ); - TEST_EQUAL( got_type, type ); - TEST_EQUAL( got_bits, (size_t) expected_bits ); + PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits ); /* Export the key */ status = psa_export_key( handle, @@ -1287,7 +1340,7 @@ void import_export( data_t *data, reexported, reexported_length ); PSA_ASSERT( psa_close_key( handle2 ) ); } - TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) ); + TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, psa_get_key_bits( &got_attributes ) ) ); destroy: /* Destroy the key */ @@ -1539,7 +1592,8 @@ void import_export_public_key( data_t *data, { psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); size_t bits; - PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + bits = psa_get_key_bits( &attributes ); TEST_ASSERT( expected_public_key->len <= PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) ); ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, @@ -1565,8 +1619,7 @@ void import_and_exercise_key( data_t *data, psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_to_exercise( type, alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t got_type; - size_t got_bits; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -1578,11 +1631,9 @@ void import_and_exercise_key( data_t *data, PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); /* Test the key information */ - PSA_ASSERT( psa_get_key_information( handle, - &got_type, - &got_bits ) ); - TEST_EQUAL( got_type, type ); - TEST_EQUAL( got_bits, bits ); + PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); /* Do something with the key according to its type and permitted usage. */ if( ! exercise_key( handle, usage, alg ) ) @@ -1602,27 +1653,22 @@ void key_policy( int usage_arg, int alg_arg ) psa_key_usage_t usage = usage_arg; psa_key_type_t key_type = PSA_KEY_TYPE_AES; unsigned char key[32] = {0}; - psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT; - psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; memset( key, 0x2a, sizeof( key ) ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy_set, usage, alg ); + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage ); - TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, key, sizeof( key ) ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key, sizeof( key ) ) ); - - PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); - - TEST_EQUAL( policy_get.usage, policy_set.usage ); - TEST_EQUAL( policy_get.alg, policy_set.alg ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), key_type ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); exit: psa_destroy_key( handle ); @@ -1818,6 +1864,7 @@ void asymmetric_encryption_key_policy( int policy_usage, size_t buffer_length; unsigned char *buffer = NULL; size_t output_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -1828,9 +1875,8 @@ void asymmetric_encryption_key_policy( int policy_usage, PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); - PSA_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, exercise_alg ); ASSERT_ALLOC( buffer, buffer_length ); @@ -3671,6 +3717,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, size_t signature_size; size_t signature_length = 0xdeadbeef; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -3681,9 +3728,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); - PSA_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); /* Allocate a buffer which has the size advertized by the * library. */ @@ -3766,6 +3812,7 @@ void sign_verify( int key_type_arg, data_t *key_data, size_t signature_size; size_t signature_length = 0xdeadbeef; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -3778,9 +3825,8 @@ void sign_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_data->x, key_data->len ) ); - PSA_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); /* Allocate a buffer which has the size advertized by the * library. */ @@ -3912,6 +3958,7 @@ void asymmetric_encrypt( int key_type_arg, psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -3924,9 +3971,8 @@ void asymmetric_encrypt( int key_type_arg, key_data->len ) ); /* Determine the maximum output length */ - PSA_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); @@ -3980,6 +4026,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, size_t output2_size; size_t output2_length = ~0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -3994,9 +4041,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, key_data->len ) ); /* Determine the maximum ciphertext length */ - PSA_ASSERT( psa_get_key_information( handle, - NULL, - &key_bits ) ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); ASSERT_ALLOC( output, output_size ); output2_size = input_data->len; @@ -4515,8 +4561,7 @@ void derive_key_exercise( int alg_arg, size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t got_type; - size_t got_bits; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -4540,11 +4585,9 @@ void derive_key_exercise( int alg_arg, &generator ) ); /* Test the key information */ - PSA_ASSERT( psa_get_key_information( derived_handle, - &got_type, - &got_bits ) ); - TEST_EQUAL( got_type, derived_type ); - TEST_EQUAL( got_bits, derived_bits ); + PSA_ASSERT( psa_get_key_attributes( derived_handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_type( &got_attributes ), derived_type ); + TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits ); /* Exercise the derived key. */ if( ! exercise_key( derived_handle, derived_usage, derived_alg ) ) @@ -4905,11 +4948,10 @@ void generate_key( int type_arg, size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - psa_key_type_t got_type; - size_t got_bits; psa_status_t expected_info_status = expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -4924,10 +4966,9 @@ void generate_key( int type_arg, goto exit; /* Test the key information */ - TEST_EQUAL( psa_get_key_information( handle, &got_type, &got_bits ), - expected_info_status ); - TEST_EQUAL( got_type, type ); - TEST_EQUAL( got_bits, bits ); + PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); /* Do something with the key according to its type and permitted usage. */ if( ! exercise_key( handle, usage, alg ) ) From c4344042f4bf50518e626e6231c177de926ff7c5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 21:52:37 +0200 Subject: [PATCH 1168/2197] Remove tests for empty slots With the attribute-based key creation API, it is no longer possible to have a handle to a slot that does not hold key material. Remove all corresponding tests. --- tests/suites/test_suite_psa_crypto.data | 42 ---- tests/suites/test_suite_psa_crypto.function | 218 -------------------- 2 files changed, 260 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 58e23e202..b70654670 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -28,10 +28,6 @@ PSA import/export AES-256 depends_on:MBEDTLS_AES_C import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 -PSA import to non empty key slot -depends_on:MBEDTLS_AES_C -import_key_nonempty_slot - PSA export invalid handle (0) export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE @@ -41,40 +37,6 @@ export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE PSA export invalid handle (largest plausible handle) export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE -PSA export a slot where there was some activity but no key material creation -export_with_no_key_activity - -PSA setup cipher where there was some activity on key but no key material creation -cipher_with_no_key_activity - -PSA export a slot after a failed import of a AES key -depends_on:MBEDTLS_AES_C -export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT - -PSA export a slot after a failed import of a RSA key -depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C -export_after_import_failure:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT - -PSA export a slot after a failed import of an EC keypair -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -export_after_import_failure:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT - -PSA setup cipher after a failed import of a AES key -depends_on:MBEDTLS_AES_C -cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT - -PSA export RSA public key from a slot where there was an import followed by destroy. -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -export_after_destroy_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY - -PSA export AES key from a slot where there was an import followed by destroy. -depends_on:MBEDTLS_AES_C -export_after_destroy_key:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES - -PSA export EC key from a slot where there was an import followed by destroy. -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -export_after_destroy_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1) - PSA import AES: bad key size depends_on:MBEDTLS_AES_C import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT @@ -313,10 +275,6 @@ PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT -PSA import failure preserves policy -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS - PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ddcbd8a35..e856e6e8b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1185,46 +1185,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void import_twice( int alg_arg, int usage_arg, - int type1_arg, data_t *data1, - int expected_import1_status_arg, - int type2_arg, data_t *data2, - int expected_import2_status_arg ) -{ - psa_key_handle_t handle = 0; - psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = usage_arg; - psa_key_type_t type1 = type1_arg; - psa_status_t expected_import1_status = expected_import1_status_arg; - psa_key_type_t type2 = type2_arg; - psa_status_t expected_import2_status = expected_import2_status_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_status_t status; - - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, usage, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - - status = psa_import_key_to_handle( handle, type1, data1->x, data1->len ); - TEST_EQUAL( status, expected_import1_status ); - status = psa_import_key_to_handle( handle, type2, data2->x, data2->len ); - TEST_EQUAL( status, expected_import2_status ); - - if( expected_import1_status == PSA_SUCCESS || - expected_import2_status == PSA_SUCCESS ) - { - if( ! exercise_key( handle, usage, alg ) ) - goto exit; - } - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) { @@ -1355,30 +1315,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void import_key_nonempty_slot( ) -{ - psa_key_handle_t handle = 0; - psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA; - psa_status_t status; - const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 }; - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - - /* Import the key */ - PSA_ASSERT( psa_import_key_to_handle( handle, type, - data, sizeof( data ) ) ); - - /* Import the key again */ - status = psa_import_key_to_handle( handle, type, data, sizeof( data ) ); - TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void export_invalid_handle( int handle, int expected_export_status_arg ) { @@ -1401,160 +1337,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void export_with_no_key_activity( ) -{ - psa_key_handle_t handle = 0; - psa_algorithm_t alg = PSA_ALG_CTR; - psa_status_t status; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - unsigned char *exported = NULL; - size_t export_size = 0; - size_t exported_length = INVALID_EXPORT_LENGTH; - - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - - /* Export the key */ - status = psa_export_key( handle, - exported, export_size, - &exported_length ); - TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_with_no_key_activity( ) -{ - psa_key_handle_t handle = 0; - psa_status_t status; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - int exercise_alg = PSA_ALG_CTR; - - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - - status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); - TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void export_after_import_failure( data_t *data, int type_arg, - int expected_import_status_arg ) -{ - psa_key_handle_t handle = 0; - psa_key_type_t type = type_arg; - psa_status_t status; - unsigned char *exported = NULL; - size_t export_size = 0; - psa_status_t expected_import_status = expected_import_status_arg; - size_t exported_length = INVALID_EXPORT_LENGTH; - - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - - /* Import the key - expect failure */ - status = psa_import_key_to_handle( handle, type, - data->x, data->len ); - TEST_EQUAL( status, expected_import_status ); - - /* Export the key */ - status = psa_export_key( handle, - exported, export_size, - &exported_length ); - TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void cipher_after_import_failure( data_t *data, int type_arg, - int expected_import_status_arg ) -{ - psa_key_handle_t handle = 0; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_type_t type = type_arg; - psa_status_t status; - psa_status_t expected_import_status = expected_import_status_arg; - int exercise_alg = PSA_ALG_CTR; - - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - - /* Import the key - expect failure */ - status = psa_import_key_to_handle( handle, type, - data->x, data->len ); - TEST_EQUAL( status, expected_import_status ); - - status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); - TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST ); - -exit: - psa_cipher_abort( &operation ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void export_after_destroy_key( data_t *data, int type_arg ) -{ - psa_key_handle_t handle = 0; - psa_key_type_t type = type_arg; - psa_status_t status; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_algorithm_t alg = PSA_ALG_CTR; - unsigned char *exported = NULL; - size_t export_size = 0; - size_t exported_length = INVALID_EXPORT_LENGTH; - - PSA_ASSERT( psa_crypto_init( ) ); - - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - export_size = (ptrdiff_t) data->len; - ASSERT_ALLOC( exported, export_size ); - - /* Import the key */ - PSA_ASSERT( psa_import_key_to_handle( handle, type, - data->x, data->len ) ); - - PSA_ASSERT( psa_export_key( handle, exported, export_size, - &exported_length ) ); - - /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( handle ) ); - - /* Export the key */ - status = psa_export_key( handle, exported, export_size, - &exported_length ); - TEST_EQUAL( status, PSA_ERROR_INVALID_HANDLE ); - -exit: - mbedtls_free( exported ); - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void import_export_public_key( data_t *data, int type_arg, From 4cf3a43dbd03a243cec0fb361def247461b2199a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Apr 2019 22:28:52 +0200 Subject: [PATCH 1169/2197] Simplify and expand invalid-handle tests Simplify invalid-handle tests and make them test more things. Call these tests in several test functions after destroying a key. --- tests/suites/test_suite_psa_crypto.data | 12 ++--- tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++------ 2 files changed, 50 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b70654670..6cfd3b97f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -28,14 +28,14 @@ PSA import/export AES-256 depends_on:MBEDTLS_AES_C import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 -PSA export invalid handle (0) -export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE +PSA invalid handle (0) +invalid_handle:0 -PSA export invalid handle (smallest plausible handle) -export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE +PSA invalid handle (smallest plausible handle) +invalid_handle:1 -PSA export invalid handle (largest plausible handle) -export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE +PSA invalid handle (largest plausible handle) +invalid_handle:-1 PSA import AES: bad key size depends_on:MBEDTLS_AES_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e856e6e8b..c6a0f592f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1084,6 +1084,43 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type, } +static int test_operations_on_invalid_handle( psa_key_handle_t handle ) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t buffer[1]; + size_t length; + int ok = 0; + + psa_make_key_persistent( &attributes, 0x6964, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), + PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_attributes_lifetime( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); + + TEST_EQUAL( psa_export_key( handle, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_export_public_key( handle, + buffer, sizeof( buffer ), &length ), + PSA_ERROR_INVALID_HANDLE ); + + TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( handle ), PSA_ERROR_INVALID_HANDLE ); + + ok = 1; + +exit: + psa_reset_key_attributes( &attributes ); + return( ok ); +} + /* An overapproximation of the amount of storage needed for a key of the * given type and with the given content. The API doesn't make it easy * to find a good value for the size. The current implementation doesn't @@ -1178,6 +1215,7 @@ void import( data_t *data, int type_arg, int expected_status_arg ) TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); PSA_ASSERT( psa_destroy_key( handle ) ); + test_operations_on_invalid_handle( handle ); exit: psa_destroy_key( handle ); @@ -1305,8 +1343,7 @@ void import_export( data_t *data, destroy: /* Destroy the key */ PSA_ASSERT( psa_destroy_key( handle ) ); - TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ), - PSA_ERROR_INVALID_HANDLE ); + test_operations_on_invalid_handle( handle ); exit: mbedtls_free( exported ); @@ -1316,21 +1353,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void export_invalid_handle( int handle, int expected_export_status_arg ) +void invalid_handle( int handle ) { - psa_status_t status; - unsigned char *exported = NULL; - size_t export_size = 0; - size_t exported_length = INVALID_EXPORT_LENGTH; - psa_status_t expected_export_status = expected_export_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); - - /* Export the key */ - status = psa_export_key( (psa_key_handle_t) handle, - exported, export_size, - &exported_length ); - TEST_EQUAL( status, expected_export_status ); + test_operations_on_invalid_handle( handle ); exit: mbedtls_psa_crypto_free( ); @@ -1421,6 +1447,9 @@ void import_and_exercise_key( data_t *data, if( ! exercise_key( handle, usage, alg ) ) goto exit; + PSA_ASSERT( psa_destroy_key( handle ) ); + test_operations_on_invalid_handle( handle ); + exit: psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); From ca25db91f5ec180bae93bb803df9edf7a0233b32 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 11:43:08 +0200 Subject: [PATCH 1170/2197] Update copy_key tests to the new attribute-based interface --- tests/suites/test_suite_psa_crypto.data | 80 +++------- tests/suites/test_suite_psa_crypto.function | 155 +++++--------------- 2 files changed, 61 insertions(+), 174 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6cfd3b97f..e148dd91c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -478,115 +478,79 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) Copy key: raw, 0 bytes -copy_key_policy:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:-1:-1:0:0 +copy_key:0:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:PSA_SUCCESS:0:0 + +Copy key: AES, copy attributes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR Copy key: AES, same usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR Copy key: AES, fewer usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, 2 more usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, intersect usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR - -Copy key: AES, source=target, constraint with same usage flags -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR - -Copy key: AES, source=target, constraint with fewer usage flags -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR - -Copy key: AES, source=target, constraint with 1 more usage flag -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR - -Copy key: AES, source=target, constraint with 2 more usage flags -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR - -Copy key: AES, source=target, constraint with different usage flags -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR - -Copy key: AES, permissive target, restrictive constraint -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, intersect usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) - -Copy key: RSA key pair, wildcard in constraint -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) - -Copy key: RSA key pair, wildcard, restrictive constraint -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT:-1:-1 Copy fail: RSA, incompatible target policy (source wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT:-1:-1 Copy fail: RSA, incompatible target policy (target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT:-1:-1 Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT - -Copy fail: RSA, incompatible constraint (wildcard on different base) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT - -Copy fail: RSA, incompatible constraint -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT:-1:-1 Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT:-1:-1 Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c6a0f592f..b1964a4e7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1892,69 +1892,61 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void copy_key_policy( int source_usage_arg, int source_alg_arg, - int type_arg, data_t *material, - int target_usage_arg, int target_alg_arg, - int constraint_usage_arg, int constraint_alg_arg, - int expected_usage_arg, int expected_alg_arg ) +void copy_key( int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int copy_attributes, + int target_usage_arg, int target_alg_arg, + int expected_status_arg, + int expected_usage_arg, int expected_alg_arg ) { - psa_key_usage_t source_usage = source_usage_arg; - psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = 0; - psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; - psa_key_type_t source_type = type_arg; - size_t source_bits; - psa_key_usage_t target_usage = target_usage_arg; - psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = 0; - psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; - psa_key_type_t target_type; - size_t target_bits; - psa_key_usage_t constraint_usage = constraint_usage_arg; - psa_algorithm_t constraint_alg = constraint_alg_arg; - psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; - psa_key_policy_t *p_constraint = NULL; + psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; + psa_key_handle_t source_handle = 0; + psa_key_handle_t target_handle = 0; uint8_t *export_buffer = NULL; - if( constraint_usage_arg != -1 ) - { - p_constraint = &constraint; - psa_key_policy_set_usage( p_constraint, - constraint_usage, constraint_alg ); - } - PSA_ASSERT( psa_crypto_init( ) ); - /* Populate the source slot. */ - PSA_ASSERT( psa_allocate_key( &source_handle ) ); - psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); - PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, + /* Prepare the source key. */ + psa_set_key_usage_flags( &source_attributes, source_usage_arg ); + psa_set_key_algorithm( &source_attributes, source_alg_arg ); + psa_set_key_type( &source_attributes, type_arg ); + PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, material->x, material->len ) ); - PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + /* Retrieve the key size. */ + PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); - /* Prepare the target slot. */ - PSA_ASSERT( psa_allocate_key( &target_handle ) ); - psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); - PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - target_policy = psa_key_policy_init(); + /* Prepare the target attributes. */ + if( copy_attributes ) + target_attributes = source_attributes; + if( target_usage_arg != -1 ) + psa_set_key_usage_flags( &target_attributes, target_usage_arg ); + if( target_alg_arg != -1 ) + psa_set_key_algorithm( &target_attributes, target_alg_arg ); /* Copy the key. */ - PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ) ); + TEST_EQUAL( psa_copy_key( source_handle, + &target_attributes, &target_handle ), + expected_status_arg ); + if( expected_status_arg != PSA_SUCCESS ) + { + TEST_EQUAL( target_handle, 0 ); + goto exit; + } /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); /* Test that the target slot has the expected content and policy. */ - PSA_ASSERT( psa_get_key_information( target_handle, - &target_type, &target_bits ) ); - TEST_EQUAL( source_type, target_type ); - TEST_EQUAL( source_bits, target_bits ); - PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); - TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) ); - TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) ); + PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) ); + TEST_EQUAL( psa_get_key_type( &source_attributes ), + psa_get_key_type( &target_attributes ) ); + TEST_EQUAL( psa_get_key_bits( &source_attributes ), + psa_get_key_bits( &target_attributes ) ); + TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); + TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; @@ -1975,75 +1967,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void copy_fail( int source_usage_arg, int source_alg_arg, - int type_arg, data_t *material, - int target_usage_arg, int target_alg_arg, - int constraint_usage_arg, int constraint_alg_arg, - int expected_status_arg ) -{ - /* Test copy failure into an empty slot. There is a test for copy failure - * into an occupied slot in - * test_suite_psa_crypto_slot_management.function. */ - - psa_key_usage_t source_usage = source_usage_arg; - psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = 0; - psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; - psa_key_type_t source_type = type_arg; - size_t source_bits; - psa_key_usage_t target_usage = target_usage_arg; - psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = 0; - psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; - psa_key_type_t target_type; - size_t target_bits; - psa_key_usage_t constraint_usage = constraint_usage_arg; - psa_algorithm_t constraint_alg = constraint_alg_arg; - psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; - psa_key_policy_t *p_constraint = NULL; - psa_status_t expected_status = expected_status_arg; - - if( constraint_usage_arg != -1 ) - { - p_constraint = &constraint; - psa_key_policy_set_usage( p_constraint, - constraint_usage, constraint_alg ); - } - - PSA_ASSERT( psa_crypto_init( ) ); - - /* Populate the source slot. */ - PSA_ASSERT( psa_allocate_key( &source_handle ) ); - psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); - PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, - material->x, material->len ) ); - PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); - - /* Prepare the target slot. */ - PSA_ASSERT( psa_allocate_key( &target_handle ) ); - psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); - PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - target_policy = psa_key_policy_init(); - - /* Copy the key. */ - TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ), - expected_status ); - - /* Test that the target slot is unaffected. */ - TEST_EQUAL( psa_get_key_information( target_handle, - &target_type, &target_bits ), - PSA_ERROR_DOES_NOT_EXIST ); - PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); - TEST_EQUAL( target_usage, psa_key_policy_get_usage( &target_policy ) ); - TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &target_policy ) ); - -exit: - mbedtls_psa_crypto_free( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void hash_operation_init( ) { From 5c648abe4452a02f5a4a45b61ac4f9a27c593aa3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 14:06:53 +0200 Subject: [PATCH 1171/2197] Update persistent_key_load_key_from_storage to use attributes Update persistent_key_load_key_from_storage to the new attribute-based key creation interface. I tweaked the code a little to make it simpler and more robust without changing the core logic. --- tests/suites/test_suite_psa_crypto.data | 44 +++-- tests/suites/test_suite_psa_crypto.function | 156 ++++++++++-------- .../test_suite_psa_crypto_persistent_key.data | 6 +- ...t_suite_psa_crypto_persistent_key.function | 87 +++++----- 4 files changed, 158 insertions(+), 135 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e148dd91c..3392f64ac 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2036,34 +2036,42 @@ PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT -persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR +PSA import persistent key: raw data, 0 bits depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY:PSA_SUCCESS +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY -PSA generate persistent key: raw data, 8 bits +PSA import persistent key: AES, 128 bits, exportable +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY + +PSA import persistent key: AES, 128 bits, non-exportable +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:IMPORT_KEY + +PSA generate persistent key: raw data, 8 bits, exportable depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY:PSA_SUCCESS +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY -PSA generate persistent key: AES, 128 bits, CTR +PSA generate persistent key: AES, 128 bits, exportable depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_SUCCESS +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY -PSA generate persistent key: DES, 64 bits, CBC-nopad +PSA generate persistent key: AES, 128 bits, non-exportable +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY + +PSA generate persistent key: DES, 64 bits, exportable depends_on:MBEDTLS_DES_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY:PSA_SUCCESS +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY -PSA generate persistent key: RSA, 1024 bits, good, sign (PSS SHA-256) +PSA generate persistent key: RSA, 1024 bits, exportable depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY:PSA_SUCCESS +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY -PSA generate persistent key: ECC, SECP256R1, good +PSA generate persistent key: ECC, SECP256R1, exportable depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY:PSA_SUCCESS +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY -PSA derive persistent key: HKDF SHA-256 +PSA derive persistent key: HKDF SHA-256, exportable depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY:PSA_SUCCESS - -PSA generate persistent key: AES, 128 bits, CTR -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_ERROR_NOT_PERMITTED +persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b1964a4e7..e656c6405 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1098,7 +1098,7 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), PSA_ERROR_INVALID_HANDLE ); TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_attributes_lifetime( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); @@ -4715,22 +4715,19 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void persistent_key_load_key_from_storage( data_t *data, int type_arg, - int bits, int usage_arg, - int alg_arg, int generation_method, - int export_status ) +void persistent_key_load_key_from_storage( data_t *data, + int type_arg, int bits_arg, + int usage_flags_arg, int alg_arg, + int generation_method ) { + psa_key_id_t key_id = 1; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t handle = 0; - psa_key_handle_t base_key; - psa_key_type_t type = (psa_key_type_t) type_arg; - psa_key_type_t type_get; - size_t bits_get; - psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT; - psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT; - psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg; - psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg; - psa_key_policy_t base_policy_set = PSA_KEY_POLICY_INIT; - psa_algorithm_t base_policy_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + psa_key_handle_t base_key = 0; + psa_key_type_t type = type_arg; + size_t bits = bits_arg; + psa_key_usage_t usage_flags = usage_flags_arg; + psa_algorithm_t alg = alg_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; @@ -4738,102 +4735,115 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg, size_t first_exported_length; size_t second_exported_length; - ASSERT_ALLOC( first_export, export_size ); - ASSERT_ALLOC( second_export, export_size ); + if( usage_flags & PSA_KEY_USAGE_EXPORT ) + { + ASSERT_ALLOC( first_export, export_size ); + ASSERT_ALLOC( second_export, export_size ); + } PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1, - &handle ) ); - psa_key_policy_set_usage( &policy_set, policy_usage, - policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) ); + psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_usage_flags( &attributes, usage_flags ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); switch( generation_method ) { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key_to_handle( handle, type, + PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); break; case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key_to_handle( handle, type, bits, - NULL, 0 ) ); + PSA_ASSERT( psa_generate_key( &attributes, &handle, + bits, NULL, 0 ) ); break; case DERIVE_KEY: - /* Create base key */ - PSA_ASSERT( psa_allocate_key( &base_key ) ); - psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE, - base_policy_alg ); - PSA_ASSERT( psa_set_key_policy( - base_key, &base_policy_set ) ); - PSA_ASSERT( psa_import_key_to_handle( base_key, PSA_KEY_TYPE_DERIVE, - data->x, data->len ) ); - /* Derive a key. */ - PSA_ASSERT( psa_key_derivation( &generator, base_key, - base_policy_alg, - NULL, 0, NULL, 0, - export_size ) ); - PSA_ASSERT( psa_generator_import_key_to_handle( - handle, PSA_KEY_TYPE_RAW_DATA, - bits, &generator ) ); + { + /* Create base key */ + psa_algorithm_t derive_alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); + psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_usage_flags( &base_attributes, + PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &base_attributes, derive_alg ); + psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); + PSA_ASSERT( psa_import_key( &base_attributes, &base_key, + data->x, data->len ) ); + /* Derive a key. */ + PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) ); + PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_KDF_STEP_SECRET, + base_key ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( + &generator, PSA_KDF_STEP_INFO, + NULL, 0 ) ); + PSA_ASSERT( psa_generator_import_key( &attributes, &handle, + bits, &generator ) ); + PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_destroy_key( base_key ) ); + base_key = 0; + } break; } + psa_reset_key_attributes( &attributes ); - /* Export the key */ - TEST_EQUAL( psa_export_key( handle, - first_export, export_size, - &first_exported_length ), - export_status ); + /* Export the key if permitted by the key policy. */ + if( usage_flags & PSA_KEY_USAGE_EXPORT ) + { + PSA_ASSERT( psa_export_key( handle, + first_export, export_size, + &first_exported_length ) ); + if( generation_method == IMPORT_KEY ) + ASSERT_COMPARE( data->x, data->len, + first_export, first_exported_length ); + } /* Shutdown and restart */ mbedtls_psa_crypto_free(); PSA_ASSERT( psa_crypto_init() ); /* Check key slot still contains key data */ - PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1, + PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ) ); - PSA_ASSERT( psa_get_key_information( - handle, &type_get, &bits_get ) ); - TEST_EQUAL( type_get, type ); - TEST_EQUAL( bits_get, (size_t) bits ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_id( &attributes ), key_id ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), + PSA_KEY_LIFETIME_PERSISTENT ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) ); - TEST_EQUAL( psa_key_policy_get_usage( &policy_get ), policy_usage ); - TEST_EQUAL( psa_key_policy_get_algorithm( &policy_get ), policy_alg ); - - /* Export the key again */ - TEST_EQUAL( psa_export_key( handle, - second_export, export_size, - &second_exported_length ), - export_status ); - - if( export_status == PSA_SUCCESS ) + /* Export the key again if permitted by the key policy. */ + if( usage_flags & PSA_KEY_USAGE_EXPORT ) { + PSA_ASSERT( psa_export_key( handle, + second_export, export_size, + &second_exported_length ) ); ASSERT_COMPARE( first_export, first_exported_length, second_export, second_exported_length ); - - switch( generation_method ) - { - case IMPORT_KEY: - ASSERT_COMPARE( data->x, data->len, - first_export, first_exported_length ); - break; - default: - break; - } } /* Do something with the key according to its type and permitted usage. */ - if( ! exercise_key( handle, policy_usage, policy_alg ) ) + if( ! exercise_key( handle, usage_flags, alg ) ) goto exit; exit: mbedtls_free( first_export ); mbedtls_free( second_export ); + psa_generator_abort( &generator ); + psa_destroy_key( base_key ); + if( handle == 0 ) + { + /* In case there was a test failure after creating the persistent key + * but while it was not open, try to re-open the persistent key + * to delete it. */ + psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ); + } psa_destroy_key( handle ); mbedtls_psa_crypto_free(); } diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index f97a5e063..e8927b8b7 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -26,11 +26,7 @@ save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE Persistent key destroy depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" - -Persistent key destroy missing key -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"":PSA_KEY_TYPE_RAW_DATA:"deadbeef" +persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key import depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 245eeef26..537fe93bf 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -87,6 +87,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) psa_key_handle_t handle = 0; uint8_t *data = NULL; size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; if( data_too_large ) data_length += 1; @@ -95,10 +96,10 @@ void save_large_persistent_key( int data_too_large, int expected_status ) PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); + psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key_to_handle( handle, PSA_KEY_TYPE_RAW_DATA, + TEST_EQUAL( psa_import_key( &attributes, &handle, data, data_length ), expected_status ); @@ -110,7 +111,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void persistent_key_destroy( int key_id_arg, int should_store, +void persistent_key_destroy( int key_id_arg, int restart, int first_type_arg, data_t *first_data, int second_type_arg, data_t *second_data ) { @@ -118,18 +119,25 @@ void persistent_key_destroy( int key_id_arg, int should_store, psa_key_handle_t handle = 0; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); + psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_type( &attributes, first_type ); - if( should_store == 1 ) + PSA_ASSERT( psa_import_key( &attributes, &handle, + first_data->x, first_data->len ) ); + + if( restart ) { - PSA_ASSERT( psa_import_key_to_handle( - handle, first_type, - first_data->x, first_data->len ) ); + psa_close_key( handle ); + mbedtls_psa_crypto_free(); + PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + &handle ) ); } + TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); /* Destroy the key */ PSA_ASSERT( psa_destroy_key( handle ) ); @@ -145,11 +153,10 @@ void persistent_key_destroy( int key_id_arg, int should_store, PSA_ASSERT( psa_crypto_init() ); /* Create another key in the same slot */ - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); - PSA_ASSERT( psa_import_key_to_handle( - handle, second_type, - second_data->x, second_data->len ) ); + psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_type( &attributes, second_type ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + second_data->x, second_data->len ) ); exit: mbedtls_psa_crypto_free(); @@ -161,16 +168,16 @@ exit: void persistent_key_import( int key_id_arg, int type_arg, data_t *data, int expected_status ) { - psa_key_lifetime_t lifetime; psa_key_id_t key_id = (psa_key_id_t) key_id_arg; psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); - TEST_EQUAL( psa_import_key_to_handle( handle, type, data->x, data->len ), + psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_type( &attributes, type ); + TEST_EQUAL( psa_import_key( &attributes, &handle, data->x, data->len ), expected_status ); if( expected_status != PSA_SUCCESS ) @@ -179,8 +186,14 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, goto exit; } - PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime ) ); - TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT ); + psa_reset_key_attributes( &attributes ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_id( &attributes ), key_id ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), + PSA_KEY_LIFETIME_PERSISTENT ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); exit: psa_destroy_persistent_key( key_id ); @@ -198,34 +211,30 @@ void import_export_persistent_key( data_t *data, int type_arg, unsigned char *exported = NULL; size_t export_size = data->len; size_t exported_length; - psa_key_type_t got_type; - size_t got_bits; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_key_lifetime_t lifetime_get; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; ASSERT_ALLOC( exported, export_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); - - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, - PSA_ALG_VENDOR_FLAG ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); /* Import the key */ - PSA_ASSERT( psa_import_key_to_handle( handle, type, + PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); - PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime_get ) ); - TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT ); - /* Test the key information */ - PSA_ASSERT( psa_get_key_information( - handle, &got_type, &got_bits ) ); - TEST_EQUAL( got_type, type ); - TEST_EQUAL( got_bits, (size_t) expected_bits ); + psa_reset_key_attributes( &attributes ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_id( &attributes ), key_id ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), + PSA_KEY_LIFETIME_PERSISTENT ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), (size_t) expected_bits ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); From 34e23d2109129e24477dbde8e02cc915904e3706 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 15:40:00 +0200 Subject: [PATCH 1172/2197] Persistent key gray-box tests: add test cases with restart Also test the behavior if the crypto subsystem is restarted after creating the persistent key. --- .../test_suite_psa_crypto_persistent_key.data | 59 +++++++++++++++---- ...t_suite_psa_crypto_persistent_key.function | 24 +++++++- 2 files changed, 70 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index e8927b8b7..c16f871ca 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -28,39 +28,76 @@ Persistent key destroy depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" -Persistent key import +Persistent key destroy after restart depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_SUCCESS +persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" + +Persistent key import (RSA) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS + +Persistent key import with restart (RSA) +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS Persistent key import garbage data, should fail depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"11111111":PSA_ERROR_INVALID_ARGUMENT +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT import/export persistent raw key: 0 byte -import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0 +import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0:0 import/export persistent raw key: 1 byte -import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0 +import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0 import/export persistent key RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0 +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:0 import/export persistent key RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0 +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:0 import/export persistent raw key file not exist: 1 byte -import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1 +import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1 import/export persistent key RSA public key file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1 +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:1 import/export persistent key RSA keypair file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1 +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:1 PSA import/export-persistent symmetric key: 16 bytes depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0 +import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0 + +import/export persistent raw key with restart: 0 byte +import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:1:0 + +import/export persistent raw key with restart: 1 byte +import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0 + +import/export persistent key RSA public key with restart: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:0 + +import/export persistent key RSA keypair with restart: good, 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1:0 + +import/export persistent raw key file not exist with restart: 1 byte +import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1 + +import/export persistent key RSA public key file not exist with restart: 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:1 + +import/export persistent key RSA keypair file not exist with restart: 1024-bit +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1:1 + +PSA import/export-persistent symmetric key: 16 bytes +depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0 diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 537fe93bf..e00cc234b 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -166,7 +166,7 @@ exit: /* BEGIN_CASE */ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, - int expected_status ) + int restart, int expected_status ) { psa_key_id_t key_id = (psa_key_id_t) key_id_arg; psa_key_type_t type = (psa_key_type_t) type_arg; @@ -186,6 +186,15 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, goto exit; } + if( restart ) + { + psa_close_key( handle ); + mbedtls_psa_crypto_free(); + PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + &handle ) ); + } + psa_reset_key_attributes( &attributes ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_id( &attributes ), key_id ); @@ -203,7 +212,8 @@ exit: /* BEGIN_CASE */ void import_export_persistent_key( data_t *data, int type_arg, - int expected_bits, int key_not_exist ) + int expected_bits, + int restart, int key_not_exist ) { psa_key_id_t key_id = 42; psa_key_type_t type = (psa_key_type_t) type_arg; @@ -225,6 +235,16 @@ void import_export_persistent_key( data_t *data, int type_arg, PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); + + if( restart ) + { + psa_close_key( handle ); + mbedtls_psa_crypto_free(); + PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, + &handle ) ); + } + /* Test the key information */ psa_reset_key_attributes( &attributes ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); From d167b94b877c9a64cb219ebc54e98580a33bb097 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 18:19:40 +0200 Subject: [PATCH 1173/2197] Reject invalid key ids/lifetimes in attribute-based creation --- library/psa_crypto.c | 6 ++++++ library/psa_crypto_slot_management.c | 19 ++++++++++++++----- library/psa_crypto_slot_management.h | 22 ++++++++++++++++++++++ 3 files changed, 42 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a43ccaf57..efec00be5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1284,7 +1284,13 @@ static psa_status_t psa_start_key_creation( return( status ); slot->lifetime = attributes->lifetime; if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE ) + { + status = psa_validate_persistent_key_parameters( attributes->lifetime, + attributes->id ); + if( status != PSA_SUCCESS ) + return( status ); slot->persistent_storage_id = attributes->id; + } slot->type = attributes->type; return( status ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 33c03a799..d8b0a2e51 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -219,9 +219,6 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_slot_t *slot; psa_status_t status; - if( ! psa_is_key_id_valid( id ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -239,6 +236,17 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } +psa_status_t psa_validate_persistent_key_parameters( + psa_key_lifetime_t lifetime, + psa_key_file_id_t id ) +{ + if( lifetime != PSA_KEY_LIFETIME_PERSISTENT ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( ! psa_is_key_id_valid( id ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_SUCCESS ); +} + static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, psa_key_file_id_t id, psa_key_handle_t *handle, @@ -248,8 +256,9 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, *handle = 0; - if( lifetime != PSA_KEY_LIFETIME_PERSISTENT ) - return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_validate_persistent_key_parameters( lifetime, id ); + if( status != PSA_SUCCESS ) + return( status ); status = psa_internal_allocate_key_slot( handle ); if( status != PSA_SUCCESS ) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 6746bad91..914e2d507 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -55,4 +55,26 @@ psa_status_t psa_initialize_key_slots( void ); * This does not affect persistent storage. */ void psa_wipe_all_key_slots( void ); +/** Test whether the given parameters are acceptable for a persistent key. + * + * This function does not access the storage in any way. It only tests + * whether the parameters are meaningful and permitted by general policy. + * It does not test whether the a file by the given id exists or could be + * created. + * + * \param lifetime The lifetime to test. + * \param id The key id to test. + * + * \retval PSA_SUCCESS + * The given parameters are valid. + * \retval PSA_ERROR_INVALID_ARGUMENT + * \p lifetime is volatile or is invalid. + * \retval PSA_ERROR_INVALID_ARGUMENT + * \p id is invalid. + */ +psa_status_t psa_validate_persistent_key_parameters( + psa_key_lifetime_t lifetime, + psa_key_file_id_t id ); + + #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ From 4440688a698aae8a9160ec092516749615a8caec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 18:20:30 +0200 Subject: [PATCH 1174/2197] Update key management tests to use attributes Remove test cases which are no longer relevant because they involve a slot which is allocated but not filled with key material. --- ...test_suite_psa_crypto_slot_management.data | 36 +- ..._suite_psa_crypto_slot_management.function | 377 +++++++----------- 2 files changed, 138 insertions(+), 275 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e937465a1..5dc2b6787 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -43,9 +43,6 @@ open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT Open failure: invalid lifetime open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT -Create failure: volatile lifetime -create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT - Create failure: invalid lifetime create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT @@ -80,42 +77,17 @@ Copy persistent to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 -Copy empty volatile to volatile -copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0 - -Copy empty volatile to persistent -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0 - -Copy empty persistent to volatile -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_from_empty:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0 - -Copy empty persistent to persistent -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_from_empty:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0 - -Copy volatile to occupied volatile -copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" - -Copy volatile to occupied persistent +Copy volatile to occupied depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" -Copy persistent to occupied volatile -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" - -Copy persistent to occupied persistent +Copy persistent to occupied depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" -Copy volatile to itself -copy_to_same:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" - -Copy persistent to itself +Copy persistent to same depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_to_same:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" +copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" Close/destroy invalid handle invalid_handle: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index e39374344..03b7197a6 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -50,13 +50,6 @@ void psa_purge_key_storage( void ) #define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) ) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -static int psa_key_policy_equal( psa_key_policy_t *p1, - psa_key_policy_t *p2 ) -{ - return( psa_key_policy_get_usage( p1 ) == psa_key_policy_get_usage( p2 ) && - psa_key_policy_get_algorithm( p1 ) == psa_key_policy_get_algorithm( p2 ) ); -} - /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -73,20 +66,20 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg, psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; - psa_key_type_t read_type; psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - /* Get a handle and import a key. */ - PSA_ASSERT( psa_allocate_key( &handle ) ); + /* Import a key. */ + psa_set_key_usage_flags( &attributes, usage_flags ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); TEST_ASSERT( handle != 0 ); - psa_key_policy_set_usage( &policy, usage_flags, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) ); - PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_EQUAL( read_type, type ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Do something that invalidates the handle. */ switch( close_method ) @@ -102,8 +95,9 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg, PSA_ASSERT( psa_crypto_init( ) ); break; } + /* Test that the handle is now invalid. */ - TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ), + TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), PSA_ERROR_INVALID_HANDLE ); TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); @@ -126,18 +120,20 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, close_method_t close_method = close_method_arg; psa_key_type_t read_type; psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_MAX_KEY_ID( id ); PSA_ASSERT( psa_crypto_init( ) ); /* Get a handle and import a key. */ - PSA_ASSERT( psa_create_key( lifetime, id, &handle ) ); + psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags( &attributes, usage_flags ); + psa_set_key_algorithm( &attributes, alg ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); TEST_ASSERT( handle != 0 ); - psa_key_policy_set_usage( &policy, usage_flags, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -195,13 +191,11 @@ void create_existent( int lifetime_arg, int id_arg, psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; psa_key_handle_t handle1 = 0, handle2 = 0; - psa_key_policy_t policy1 = PSA_KEY_POLICY_INIT; - psa_key_policy_t read_policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; - psa_key_type_t read_type; - const uint8_t material1[16] = "test material #1"; + const uint8_t material1[5] = "a key"; + const uint8_t material2[5] = "b key"; size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) ); - size_t read_bits; uint8_t reexported[sizeof( material1 )]; size_t reexported_length; reopen_policy_t reopen_policy = reopen_policy_arg; @@ -211,18 +205,20 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ - PSA_ASSERT( psa_create_key( lifetime, id, &handle1 ) ); - TEST_ASSERT( handle1 != 0 ); - psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 ); - PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) ); - PSA_ASSERT( psa_import_key_to_handle( handle1, type1, + psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_type( &attributes, type1 ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, 0 ); + PSA_ASSERT( psa_import_key( &attributes, &handle1, material1, sizeof( material1 ) ) ); + TEST_ASSERT( handle1 != 0 ); if( reopen_policy == CLOSE_BEFORE ) PSA_ASSERT( psa_close_key( handle1 ) ); /* Attempt to create a new key in the same slot. */ - TEST_EQUAL( psa_create_key( lifetime, id, &handle2 ), + TEST_EQUAL( psa_import_key( &attributes, &handle2, + material2, sizeof( material2 ) ), PSA_ERROR_ALREADY_EXISTS ); TEST_EQUAL( handle2, 0 ); @@ -232,11 +228,15 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_open_key( lifetime, id, &handle1 ) ); /* Check that the original key hasn't changed. */ - PSA_ASSERT( psa_get_key_policy( handle1, &read_policy ) ); - TEST_ASSERT( psa_key_policy_equal( &read_policy, &policy1 ) ); - PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) ); - TEST_EQUAL( read_type, type1 ); - TEST_EQUAL( read_bits, bits1 ); + psa_reset_key_attributes( &attributes ); + PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) ); + TEST_EQUAL( psa_get_key_id( &attributes ), id ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); + TEST_EQUAL( psa_get_key_type( &attributes ), type1 ); + TEST_EQUAL( psa_get_key_bits( &attributes ), bits1 ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + PSA_ASSERT( psa_export_key( handle1, reexported, sizeof( reexported ), &reexported_length ) ); @@ -274,14 +274,19 @@ void create_fail( int lifetime_arg, int id_arg, { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; psa_key_handle_t handle = 0xdead; + uint8_t material[1] = {'k'}; TEST_MAX_KEY_ID( id ); PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( psa_create_key( lifetime, id, &handle ), + psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL( psa_import_key( &attributes, &handle, + material, sizeof( material ) ), expected_status ); TEST_EQUAL( handle, 0 ); @@ -306,17 +311,14 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; psa_key_handle_t source_handle = 0; - psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t source_type = type_arg; - size_t source_bits; psa_key_lifetime_t target_lifetime = target_lifetime_arg; psa_key_id_t target_id = target_id_arg; psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; psa_key_handle_t target_handle = 0; - psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; - psa_key_type_t target_type; - size_t target_bits; + psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; uint8_t *export_buffer = NULL; @@ -327,29 +329,27 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Populate the source slot. */ - if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &source_handle ) ); - else - PSA_ASSERT( psa_create_key( source_lifetime, source_id, - &source_handle ) ); - psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); - PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, + if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + psa_make_key_persistent( &source_attributes, + source_id, source_lifetime ); + psa_set_key_type( &source_attributes, source_type ); + psa_set_key_usage_flags( &source_attributes, source_usage ); + psa_set_key_algorithm( &source_attributes, source_alg ); + PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, material->x, material->len ) ); - PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); + /* Update the attributes with the bit size. */ + PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); /* Prepare the target slot. */ - if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &target_handle ) ); - else - PSA_ASSERT( psa_create_key( target_lifetime, target_id, - &target_handle ) ); - psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); - PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - target_policy = psa_key_policy_init(); + if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + psa_make_key_persistent( &target_attributes, + target_id, target_lifetime ); + psa_set_key_usage_flags( &target_attributes, target_usage ); + psa_set_key_algorithm( &target_attributes, target_alg ); /* Copy the key. */ - PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, NULL ) ); + PSA_ASSERT( psa_copy_key( source_handle, + &target_attributes, &target_handle ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -365,13 +365,15 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, } /* Test that the target slot has the expected content. */ - PSA_ASSERT( psa_get_key_information( target_handle, - &target_type, &target_bits ) ); - TEST_EQUAL( source_type, target_type ); - TEST_EQUAL( source_bits, target_bits ); - PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); - TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) ); - TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) ); + psa_reset_key_attributes( &target_attributes ); + PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) ); + TEST_EQUAL( target_id, psa_get_key_id( &target_attributes ) ); + TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) ); + TEST_EQUAL( source_type, psa_get_key_type( &target_attributes ) ); + TEST_EQUAL( psa_get_key_bits( &source_attributes ), + psa_get_key_bits( &target_attributes ) ); + TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); + TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; @@ -381,6 +383,14 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, ASSERT_COMPARE( material->x, material->len, export_buffer, length ); } + else + { + size_t length; + /* Check that the key is actually non-exportable. */ + TEST_EQUAL( psa_export_key( target_handle, export_buffer, + material->len, &length ), + PSA_ERROR_NOT_PERMITTED ); + } exit: mbedtls_psa_crypto_free( ); @@ -391,69 +401,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void copy_from_empty( int source_lifetime_arg, int source_id_arg, - int source_usage_arg, int source_alg_arg, - int target_lifetime_arg, int target_id_arg, - int target_usage_arg, int target_alg_arg ) -{ - psa_key_lifetime_t source_lifetime = source_lifetime_arg; - psa_key_id_t source_id = source_id_arg; - psa_key_usage_t source_usage = source_usage_arg; - psa_algorithm_t source_alg = source_alg_arg; - psa_key_handle_t source_handle = 0; - psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; - psa_key_lifetime_t target_lifetime = target_lifetime_arg; - psa_key_id_t target_id = target_id_arg; - psa_key_usage_t target_usage = target_usage_arg; - psa_algorithm_t target_alg = target_alg_arg; - psa_key_handle_t target_handle = 0; - psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; - psa_key_policy_t got_policy; - - TEST_MAX_KEY_ID( source_id ); - TEST_MAX_KEY_ID( target_id ); - - PSA_ASSERT( psa_crypto_init( ) ); - - /* Prepare the source slot. */ - if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &source_handle ) ); - else - PSA_ASSERT( psa_create_key( source_lifetime, source_id, - &source_handle ) ); - psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); - PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - - /* Prepare the target slot. */ - if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &target_handle ) ); - else - PSA_ASSERT( psa_create_key( target_lifetime, target_id, - &target_handle ) ); - psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); - PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - - /* Copy the key. */ - TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ), - PSA_ERROR_DOES_NOT_EXIST ); - - /* Test that the slots are unaffected. */ - PSA_ASSERT( psa_get_key_policy( source_handle, &got_policy ) ); - TEST_EQUAL( source_usage, psa_key_policy_get_usage( &got_policy ) ); - TEST_EQUAL( source_alg, psa_key_policy_get_algorithm( &got_policy ) ); - PSA_ASSERT( psa_get_key_policy( target_handle, &got_policy ) ); - TEST_EQUAL( target_usage, psa_key_policy_get_usage( &got_policy ) ); - TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &got_policy ) ); - -exit: - mbedtls_psa_crypto_free( ); -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - psa_purge_key_storage( ); -#endif -} -/* END_CASE */ - /* BEGIN_CASE */ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, int source_usage_arg, int source_alg_arg, @@ -467,21 +414,18 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; psa_key_handle_t source_handle = 0; - psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; psa_key_type_t source_type = source_type_arg; - size_t source_bits; psa_key_lifetime_t target_lifetime = target_lifetime_arg; psa_key_id_t target_id = target_id_arg; psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; psa_key_handle_t target_handle = 0; - psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; psa_key_type_t target_type = target_type_arg; - size_t target_bits; - psa_key_policy_t got_policy; - psa_key_type_t got_type; - size_t got_bits; + psa_key_handle_t new_handle = 0xdead; uint8_t *export_buffer = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t attributes2 = PSA_KEY_ATTRIBUTES_INIT; TEST_MAX_KEY_ID( source_id ); TEST_MAX_KEY_ID( target_id ); @@ -489,41 +433,52 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Populate the source slot. */ - if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &source_handle ) ); - else - PSA_ASSERT( psa_create_key( source_lifetime, source_id, - &source_handle ) ); - psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); - PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); - PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type, + if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE ) + psa_make_key_persistent( &attributes, + source_id, source_lifetime ); + psa_set_key_type( &attributes, source_type ); + psa_set_key_usage_flags( &attributes, source_usage ); + psa_set_key_algorithm( &attributes, source_alg ); + PSA_ASSERT( psa_import_key( &attributes, &source_handle, source_material->x, source_material->len ) ); - PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) ); /* Populate the target slot. */ - if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &target_handle ) ); + if( target_id == source_id ) + { + target_handle = source_handle; + } else - PSA_ASSERT( psa_create_key( target_lifetime, target_id, - &target_handle ) ); - psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); - PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); - PSA_ASSERT( psa_import_key_to_handle( target_handle, target_type, - target_material->x, target_material->len ) ); - PSA_ASSERT( psa_get_key_information( target_handle, NULL, &target_bits ) ); + { + psa_make_key_persistent( &attributes1, target_id, target_lifetime ); + psa_set_key_type( &attributes1, target_type ); + psa_set_key_usage_flags( &attributes1, target_usage ); + psa_set_key_algorithm( &attributes1, target_alg ); + PSA_ASSERT( psa_import_key( &attributes1, &target_handle, + target_material->x, target_material->len ) ); + } + PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) ); - /* Copy the key. */ - TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ), + /* Make a copy attempt. */ + psa_make_key_persistent( &attributes, target_id, target_lifetime ); + TEST_EQUAL( psa_copy_key( source_handle, + &attributes, &new_handle ), PSA_ERROR_ALREADY_EXISTS ); + TEST_EQUAL( new_handle , 0 ); /* Test that the target slot is unaffected. */ - PSA_ASSERT( psa_get_key_information( target_handle, - &got_type, &got_bits ) ); - TEST_EQUAL( target_type, got_type ); - TEST_EQUAL( target_bits, got_bits ); - PSA_ASSERT( psa_get_key_policy( target_handle, &got_policy ) ); - TEST_EQUAL( target_usage, psa_key_policy_get_usage( &got_policy ) ); - TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &got_policy ) ); + PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes2 ) ); + TEST_EQUAL( psa_get_key_id( &attributes1 ), + psa_get_key_id( &attributes2 ) ); + TEST_EQUAL( psa_get_key_lifetime( &attributes1 ), + psa_get_key_lifetime( &attributes2 ) ); + TEST_EQUAL( psa_get_key_type( &attributes1 ), + psa_get_key_type( &attributes2 ) ); + TEST_EQUAL( psa_get_key_bits( &attributes1 ), + psa_get_key_bits( &attributes2 ) ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes1 ), + psa_get_key_usage_flags( &attributes2 ) ); + TEST_EQUAL( psa_get_key_algorithm( &attributes1 ), + psa_get_key_algorithm( &attributes2 ) ); if( target_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; @@ -543,76 +498,11 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void copy_to_same( int lifetime_arg, int id_arg, - int usage_arg, int alg_arg, - int type_arg, data_t *material ) -{ - psa_key_lifetime_t lifetime = lifetime_arg; - psa_key_id_t id = id_arg; - psa_key_usage_t usage = usage_arg; - psa_algorithm_t alg = alg_arg; - psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_key_type_t type = type_arg; - size_t bits; - psa_key_policy_t got_policy; - psa_key_type_t got_type; - size_t got_bits; - uint8_t *export_buffer = NULL; - - TEST_MAX_KEY_ID( id ); - - PSA_ASSERT( psa_crypto_init( ) ); - - /* Populate the slot. */ - if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) - PSA_ASSERT( psa_allocate_key( &handle ) ); - else - PSA_ASSERT( psa_create_key( lifetime, id, - &handle ) ); - psa_key_policy_set_usage( &policy, usage, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, type, - material->x, material->len ) ); - PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) ); - - /* Copy the key. */ - TEST_EQUAL( psa_copy_key_to_handle( handle, handle, NULL ), - PSA_ERROR_ALREADY_EXISTS ); - - /* Test that the slot is unaffected. */ - PSA_ASSERT( psa_get_key_information( handle, - &got_type, &got_bits ) ); - TEST_EQUAL( type, got_type ); - TEST_EQUAL( bits, got_bits ); - PSA_ASSERT( psa_get_key_policy( handle, &got_policy ) ); - TEST_EQUAL( usage, psa_key_policy_get_usage( &got_policy ) ); - TEST_EQUAL( alg, psa_key_policy_get_algorithm( &got_policy ) ); - if( usage & PSA_KEY_USAGE_EXPORT ) - { - size_t length; - ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( handle, export_buffer, - material->len, &length ) ); - ASSERT_COMPARE( material->x, material->len, - export_buffer, length ); - } - -exit: - mbedtls_psa_crypto_free( ); - mbedtls_free( export_buffer ); -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - psa_purge_key_storage( ); -#endif -} -/* END_CASE */ - /* BEGIN_CASE */ void invalid_handle( ) { psa_key_handle_t handle1 = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t read_type; size_t read_bits; uint8_t material[1] = "a"; @@ -620,12 +510,12 @@ void invalid_handle( ) PSA_ASSERT( psa_crypto_init( ) ); /* Allocate a handle and store a key in it. */ - PSA_ASSERT( psa_allocate_key( &handle1 ) ); - TEST_ASSERT( handle1 != 0 ); - psa_key_policy_set_usage( &policy, 0, 0 ); - PSA_ASSERT( psa_set_key_policy( handle1, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle1, PSA_KEY_TYPE_RAW_DATA, + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags( &attributes, 0 ); + psa_set_key_algorithm( &attributes, 0 ); + PSA_ASSERT( psa_import_key( &attributes, &handle1, material, sizeof( material ) ) ); + TEST_ASSERT( handle1 != 0 ); /* Attempt to close and destroy some invalid handles. */ TEST_EQUAL( psa_close_key( 0 ), PSA_ERROR_INVALID_HANDLE ); @@ -653,26 +543,27 @@ void many_transient_handles( int max_handles_arg ) size_t max_handles = max_handles_arg; size_t i, j; psa_status_t status; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t exported[sizeof( size_t )]; size_t exported_length; ASSERT_ALLOC( handles, max_handles ); PSA_ASSERT( psa_crypto_init( ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, 0 ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); for( i = 0; i < max_handles; i++ ) { - status = psa_allocate_key( &handles[i] ); + status = psa_import_key( &attributes, &handles[i], + (uint8_t *) &i, sizeof( i ) ); if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) break; PSA_ASSERT( status ); TEST_ASSERT( handles[i] != 0 ); for( j = 0; j < i; j++ ) TEST_ASSERT( handles[i] != handles[j] ); - PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handles[i], PSA_KEY_TYPE_RAW_DATA, - (uint8_t *) &i, sizeof( i ) ) ); } max_handles = i; From 20628594965a7cd15ab12393945957110e1b7030 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 19:29:50 +0200 Subject: [PATCH 1175/2197] Document the new functions related to key attributes Also update the documentation of key creation functions that have been modified to use key attributes. --- include/psa/crypto.h | 364 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 298 insertions(+), 66 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e5370bf76..e0ac89cad 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -106,40 +106,261 @@ psa_status_t psa_crypto_init(void); * The actual key material is not considered an attribute of a key. * Key attributes do not contain information that is generally considered * highly confidential. + * + * Before calling any function on a key attribute structure, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_attributes_t attributes; + * memset(&attributes, 0, sizeof(attributes)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_attributes_t attributes = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT, + * for example: + * \code + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * \endcode + * - Assign the result of the function psa_key_attributes_init() + * to the structure, for example: + * \code + * psa_key_attributes_t attributes; + * attributes = psa_key_attributes_init(); + * \endcode + * + * A freshly initialized attribute structure contains the following + * values: + * + * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. + * - key identifier: unspecified. + * - type: \c 0, with no domain parameters. + * - key size: \c 0. + * - usage flags: \c 0. + * - algorithm: \c 0. + * + * A freshly initialized attribute structure does not own any auxiliary + * resources such as pointers to allocated memory, and therefore can be + * freed simply by freeing the memory allocated for the structure itself. + * This property still holds if the structure has only been modified + * by the following functions: + * - psa_make_key_persistent() + * - psa_set_key_type() + * - psa_set_key_usage_flags() + * - psa_set_key_algorithm() + * - psa_reset_key_attributes() + * - psa_get_key_attributes() on a key which has been created with + * attribute structure that itself did not contain auxiliary resources + * + * If the attribute structure has been modified with other functions, + * you must free auxiliary resources by calling psa_reset_key_attributes(). + * The following functions may create auxiliary resouces: + * - psa_set_key_domain_parameters() */ typedef struct psa_key_attributes_s psa_key_attributes_t; +/** Declare a key as persistent. + * + * This function does not access storage, it merely fills the attribute + * structure with given values. The persistent key will be written to + * storage when the attribute structure is passed to a key creation + * function such as psa_import_key(), psa_generate_key(), + * psa_generator_import_key() or psa_copy_key(). + * + * This function overwrites any identifier and lifetime values + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param id The persistent identifier for the key. + * \param lifetime The lifetime for the key. + * If this is #PSA_KEY_LIFETIME_VOLATILE, the + * key will be volatile, and \p id is ignored. + */ static void psa_make_key_persistent(psa_key_attributes_t *attributes, psa_key_id_t id, psa_key_lifetime_t lifetime); +/** Retrieve the key identifier from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The persistent identifier stored in the attribute structure. + * This value is unspecified if the attribute structure declares + * the key as volatile. + */ static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes); +/** Retrieve the lifetime from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The lifetime value stored in the attribute structure. + */ static psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes); +/** Declare usage flags for a key. + * + * Usage flags are part of a key's usage policy. They encode what + * kind of operations are permitted on the key. For more details, + * refer to the documentation of the type #psa_key_usage_t. + * + * This function overwrites any usage flags + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param usage_flags The usage flags to write. + */ static void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags); +/** Retrieve the usage flags from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The usage flags stored in the attribute structure. + */ static psa_key_usage_t psa_get_key_usage_flags( const psa_key_attributes_t *attributes); +/** Declare the permitted algorithm policy for a key. + * + * The permitted algorithm policy of a key encodes which algorithm or + * algorithms are permitted to be used with this key. + * + * This function overwrites any algorithm policy + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param alg The permitted algorithm policy to write. + */ static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg); +/** Retrieve the algorithm policy from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The algorithm stored in the attribute structure. + */ static psa_algorithm_t psa_get_key_algorithm( const psa_key_attributes_t *attributes); +/** Declare the type of a key. + * + * If a type requires domain parameters, you must call + * psa_set_key_domain_parameters() instead of this function. + * + * This function overwrites any key type and domain parameters + * previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param type The key type to write. + */ static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type); +/** Retrieve the key type from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The key type stored in the attribute structure. + */ static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); +/** Retrieve the key size from key attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate its argument exactly once. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The key size stored in the attribute structure, in bits. + */ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); +/** Retrieve the attributes of a key. + * + * This function first resets the attribute structure as with + * psa_reset_key_attributes(). It then populates the attribute + * structure with the attributes of the given key. + * + * The attributes that were set when creating the key are reported in a + * semantically equivalent manner, not necessarily with the same + * numerical value or the same bit pattern. In this specification, + * all key types, usage flags, algorithms and lifetime values are + * equivalent only if they have the same numerical encoding, but this + * property may not hold in future versions of this specification or + * for implementation-specific values. + * + * In addition to the attributes that were set when creating the key, + * this function reports the following data: + * - The key size in bits, which can be retrieved with + * psa_get_key_bits(). + * + * \param[in] handle Handle to the key to query. + * \param[in,out] attributes On success, the attributes of the key. + * On failure, equivalent to a + * freshly-initialized structure. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + */ psa_status_t psa_get_key_attributes(psa_key_handle_t handle, psa_key_attributes_t *attributes); +/** Reset a key attribute structure to a freshly initialized state. + * + * You must initialize the attribute structure as described in the + * documentation of the type #psa_key_attributes_t before calling this + * function. Once the structure has been initialized, you may call this + * function at any time. + * + * This function frees any auxiliary resources that the structure + * may contain. + * + * \param[in,out] attributes The attribute structure to reset. + */ void psa_reset_key_attributes(psa_key_attributes_t *attributes); /**@}*/ @@ -374,32 +595,38 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * minimize the risk that an invalid input is accidentally interpreted * according to a different format. * - * \param handle Handle to the slot where the key will be stored. - * It must have been obtained by calling - * psa_allocate_key() or psa_create_key() and must - * not contain key material yet. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). On a successful - * import, the key slot will contain a key of this type. + * \param[in] attributes The attributes for the new key. + * The key size field in \p attributes is + * ignored; the actual key size is determined + * from the \p data buffer. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. * \param[in] data Buffer containing the key data. The content of this - * buffer is interpreted according to \p type. It must - * contain the format described in the documentation + * buffer is interpreted according to the type and, + * if applicable, domain parameters declared in + * \p attributes. + * All implementations must support at least the format + * described in the documentation * of psa_export_key() or psa_export_public_key() for - * the chosen type. + * the chosen type. Implementations may allow other + * formats, but should be conservative: implementations + * should err on the side of rejecting content if it + * may be erroneous (e.g. wrong type or truncated data). * \param data_length Size of the \p data buffer in bytes. * * \retval #PSA_SUCCESS * Success. * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the - * implementation in general or in this particular slot. + * implementation in general or in this particular persistent location. * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key slot is invalid, + * The key attributes, as a whole, are invalid, * or the key data is not correctly formatted. - * \retval #PSA_ERROR_ALREADY_EXISTS - * There is already a key in the specified slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -751,48 +978,52 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * In an implementation where slots have different ownerships, * this function may be used to share a key with a different party, * subject to implementation-defined restrictions on key sharing. - * In this case \p constraint would typically prevent the recipient - * from exporting the key. * - * The resulting key may only be used in a way that conforms to all - * three of: the policy of the source key, the policy previously set - * on the target, and the \p constraint parameter passed when calling - * this function. + * The resulting key may only be used in a way that conforms to + * both the policy of the original key and the policy specified in + * the \p attributes parameter: * - The usage flags on the resulting key are the bitwise-and of the - * usage flags on the source policy, the previously-set target policy - * and the policy constraint. - * - If all three policies allow the same algorithm or wildcard-based + * usage flags on the source policy and the usage flags in \p attributes. + * - If both allow the same algorithm or wildcard-based * algorithm policy, the resulting key has the same algorithm policy. - * - If one of the policies allows an algorithm and all the other policies - * either allow the same algorithm or a wildcard-based algorithm policy - * that includes this algorithm, the resulting key allows the same - * algorithm. + * - If either of the policies allows an algorithm and the other policy + * allows a wildcard-based algorithm policy that includes this algorithm, + * the resulting key allows the same algorithm. + * - If the policies do not allow any algorithm in common, this function + * fails with the status #PSA_ERROR_INVALID_ARGUMENT. * - * The effect of this function on implementation-defined metadata is + * The effect of this function on implementation-defined attributes is * implementation-defined. * * \param source_handle The key to copy. It must be a handle to an * occupied slot. - * \param target_handle A handle to the target slot. It must not contain - * key material yet. - * \param[in] constraint An optional policy constraint. If this parameter - * is non-null then the resulting key will conform - * to this policy in addition to the source policy - * and the policy already present on the target - * slot. If this parameter is null then the - * function behaves in the same way as if it was - * the target policy, i.e. only the source and - * target policies apply. + * \param[in] attributes The attributes for the new key. + * They are used as follows: + * - The key type, key size and domain parameters + * are ignored. This information is copied + * from the source key. + * - The key location (the lifetime and, for + * persistent keys, the key identifier) is + * used directly. + * - The policy constraints (usage flags and + * algorithm policy) are combined from + * the source key and \p attributes so that + * both sets of restrictions apply, as + * described in the documentation of this function. + * \param[out] target_handle On success, a handle to the newly created key. + * \c 0 on failure. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE + * \p source_handle is invalid. * \retval #PSA_ERROR_ALREADY_EXISTS - * \p target_handle already contains key material. - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \p source_handle does not contain key material. + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. * \retval #PSA_ERROR_INVALID_ARGUMENT - * The policy constraints on the source, on the target and - * \p constraint are incompatible. + * The lifetime or identifier in \p attributes are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The policy constraints on the source and specified in + * \p attributes are incompatible. * \retval #PSA_ERROR_NOT_PERMITTED * The source key is not exportable and its lifetime does not * allow copying it to the target's lifetime. @@ -2965,12 +3196,12 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * In all cases, the data that is read is discarded from the generator. * The generator's capacity is decreased by the number of bytes read. * - * \param handle Handle to the slot where the key will be stored. - * It must have been obtained by calling - * psa_allocate_key() or psa_create_key() and must - * not contain key material yet. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * This must be a secret key type or a key pair type. + * \param[in] attributes The attributes for the new key. + * The key size field in \p attributes is + * ignored; the actual key size is taken + * from the \p bits parameter instead. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. * \param bits Key size in bits. * \param[in,out] generator The generator object to read from. * @@ -2978,6 +3209,9 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * Success. * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. * \retval #PSA_ERROR_INSUFFICIENT_DATA * There was not enough data to create the desired key. * Note that in this case, no output is written to the output buffer. @@ -2987,9 +3221,6 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * The key type or key size is not supported, either by the * implementation in general or in this particular slot. * \retval #PSA_ERROR_BAD_STATE - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_ALREADY_EXISTS - * There is already a key in the specified slot. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -3330,40 +3561,41 @@ typedef struct { /** * \brief Generate a key or key pair. * - * \param handle Handle to the slot where the key will be stored. - * It must have been obtained by calling - * psa_allocate_key() or psa_create_key() and must - * not contain key material yet. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] attributes The attributes for the new key. + * The key size field in \p attributes is + * ignored; the actual key size is taken + * from the \p bits parameter instead. + * \param[out] handle On success, a handle to the newly created key. + * \c 0 on failure. * \param bits Key size in bits. * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter depends on - * \p type. All types support \c NULL to use - * default parameters. Implementation that support + * the key type \c type. All types support \c NULL to + * use default parameters. Implementation that support * the generation of vendor-specific key types * that allow extra parameters shall document * the format of these extra parameters and * the default values. For standard parameters, * the meaning of \p extra is as follows: * - For a symmetric key type (a type such - * that #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is + * that #PSA_KEY_TYPE_IS_ASYMMETRIC(\c type) is * false), \p extra must be \c NULL. * - For an elliptic curve key type (a type - * such that #PSA_KEY_TYPE_IS_ECC(\p type) is + * such that #PSA_KEY_TYPE_IS_ECC(\c type) is * false), \p extra must be \c NULL. - * - For an RSA key (\p type is + * - For an RSA key (\c type is * #PSA_KEY_TYPE_RSA_KEYPAIR), \p extra is an * optional #psa_generate_key_extra_rsa structure * specifying the public exponent. The * default public exponent used when \p extra * is \c NULL is 65537. - * - For an DSA key (\p type is + * - For an DSA key (\c type is * #PSA_KEY_TYPE_DSA_KEYPAIR), \p extra is an * optional structure specifying the key domain * parameters. The key domain parameters can also be * provided by psa_set_key_domain_parameters(), * which documents the format of the structure. - * - For a DH key (\p type is + * - For a DH key (\c type is * #PSA_KEY_TYPE_DH_KEYPAIR), the \p extra is an * optional structure specifying the key domain * parameters. The key domain parameters can also be @@ -3377,9 +3609,9 @@ typedef struct { * Success. * If the key is persistent, the key material and the key's metadata * have been saved to persistent storage. - * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_ALREADY_EXISTS - * There is already a key in the specified slot. + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY From a3dd737be496655d606f4e9368290f973f10d41e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 19:42:26 +0200 Subject: [PATCH 1176/2197] Move legacy definitions to crypto_extra.h Types and functions that are not used in the attribute-based key creation API are now implementation-specific extensions, kept around until we finish transitioning to the new API. --- include/psa/crypto.h | 179 ------------------------------------ include/psa/crypto_extra.h | 154 +++++++++++++++++++++++++++++++ include/psa/crypto_struct.h | 1 + 3 files changed, 155 insertions(+), 179 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e0ac89cad..2046947dd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -365,162 +365,10 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); /**@}*/ -/** \defgroup policy Key policies - * @{ - */ - -/** The type of the key policy data structure. - * - * Before calling any function on a key policy, the application must initialize - * it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_key_policy_t policy; - * memset(&policy, 0, sizeof(policy)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_key_policy_t policy = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT, - * for example: - * \code - * psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - * \endcode - * - Assign the result of the function psa_key_policy_init() - * to the structure, for example: - * \code - * psa_key_policy_t policy; - * policy = psa_key_policy_init(); - * \endcode - * - * This is an implementation-defined \c struct. Applications should not - * make any assumptions about the content of this structure except - * as directed by the documentation of a specific implementation. */ -typedef struct psa_key_policy_s psa_key_policy_t; - -/** \def PSA_KEY_POLICY_INIT - * - * This macro returns a suitable initializer for a key policy object of type - * #psa_key_policy_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_POLICY_INIT {0} -#endif - -/** Return an initial value for a key policy that forbids all usage of the key. - */ -static psa_key_policy_t psa_key_policy_init(void); - -/** \brief Set the standard fields of a policy structure. - * - * Note that this function does not make any consistency check of the - * parameters. The values are only checked when applying the policy to - * a key slot with psa_set_key_policy(). - * - * \param[in,out] policy The key policy to modify. It must have been - * initialized as per the documentation for - * #psa_key_policy_t. - * \param usage The permitted uses for the key. - * \param alg The algorithm that the key may be used for. - */ -void psa_key_policy_set_usage(psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg); - -/** \brief Retrieve the usage field of a policy structure. - * - * \param[in] policy The policy object to query. - * - * \return The permitted uses for a key with this policy. - */ -psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); - -/** \brief Retrieve the algorithm field of a policy structure. - * - * \param[in] policy The policy object to query. - * - * \return The permitted algorithm for a key with this policy. - */ -psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); - -/** \brief Set the usage policy on a key slot. - * - * This function must be called on an empty key slot, before importing, - * generating or creating a key in the slot. Changing the policy of an - * existing key is not permitted. - * - * Implementations may set restrictions on supported key policies - * depending on the key type and the key slot. - * - * \param handle Handle to the key whose policy is to be changed. - * \param[in] policy The policy object to query. - * - * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, it is implementation-defined whether - * the policy has been saved to persistent storage. Implementations - * may defer saving the policy until the key material is created. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_set_key_policy(psa_key_handle_t handle, - const psa_key_policy_t *policy); - -/** \brief Get the usage policy for a key slot. - * - * \param handle Handle to the key slot whose policy is being queried. - * \param[out] policy On success, the key's policy. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_policy(psa_key_handle_t handle, - psa_key_policy_t *policy); - -/**@}*/ - /** \defgroup key_management Key management * @{ */ -/** Allocate a key slot for a transient key, i.e. a key which is only stored - * in volatile memory. - * - * The allocated key slot and its handle remain valid until the - * application calls psa_close_key() or psa_destroy_key() or until the - * application terminates. - * - * \param[out] handle On success, a handle to a volatile key slot. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * to access the newly allocated key slot. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * There was not enough memory, or the maximum number of key slots - * has been reached. - */ -psa_status_t psa_allocate_key(psa_key_handle_t *handle); - /** Open a handle to an existing persistent key. * * Open a handle to a key which was previously created with psa_create_key(). @@ -684,33 +532,6 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, */ psa_status_t psa_destroy_key(psa_key_handle_t handle); -/** - * \brief Get basic metadata about a key. - * - * \param handle Handle to the key slot to query. - * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value). - * This may be a null pointer, in which case the key type - * is not written. - * \param[out] bits On success, the key size in bits. - * This may be a null pointer, in which case the key size - * is not written. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST - * The handle is to a key slot which does not contain key material yet. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_information(psa_key_handle_t handle, - psa_key_type_t *type, - size_t *bits); - /** * \brief Set domain parameters for a key. * diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index efd1b76da..f2cf05150 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -202,6 +202,115 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, /* FIXME Deprecated. Remove this as soon as all the tests are updated. */ #define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) +/** \defgroup policy Key policies + * @{ + * + * The functions in this section are legacy interfaces where the properties + * of a key object are set after allocating a handle, in constrast with the + * preferred interface where key objects are created atomically from + * a structure that represents the properties. + */ + +/** \def PSA_KEY_POLICY_INIT + * + * This macro returns a suitable initializer for a key policy object of type + * #psa_key_policy_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_POLICY_INIT {0} +#endif + +/** Return an initial value for a key policy that forbids all usage of the key. + */ +static psa_key_policy_t psa_key_policy_init(void); + +/** \brief Set the standard fields of a policy structure. + * + * Note that this function does not make any consistency check of the + * parameters. The values are only checked when applying the policy to + * a key slot with psa_set_key_policy(). + * + * \param[in,out] policy The key policy to modify. It must have been + * initialized as per the documentation for + * #psa_key_policy_t. + * \param usage The permitted uses for the key. + * \param alg The algorithm that the key may be used for. + */ +void psa_key_policy_set_usage(psa_key_policy_t *policy, + psa_key_usage_t usage, + psa_algorithm_t alg); + +/** \brief Retrieve the usage field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted uses for a key with this policy. + */ +psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); + +/** \brief Retrieve the algorithm field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The permitted algorithm for a key with this policy. + */ +psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); + +/** \brief Set the usage policy on a key slot. + * + * This function must be called on an empty key slot, before importing, + * generating or creating a key in the slot. Changing the policy of an + * existing key is not permitted. + * + * Implementations may set restrictions on supported key policies + * depending on the key type and the key slot. + * + * \param handle Handle to the key whose policy is to be changed. + * \param[in] policy The policy object to query. + * + * \retval #PSA_SUCCESS + * Success. + * If the key is persistent, it is implementation-defined whether + * the policy has been saved to persistent storage. Implementations + * may defer saving the policy until the key material is created. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_ALREADY_EXISTS + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_set_key_policy(psa_key_handle_t handle, + const psa_key_policy_t *policy); + +/** \brief Get the usage policy for a key slot. + * + * \param handle Handle to the key slot whose policy is being queried. + * \param[out] policy On success, the key's policy. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_policy(psa_key_handle_t handle, + psa_key_policy_t *policy); + +/**@}*/ + /** \defgroup to_handle Key creation to allocated handle * @{ * @@ -248,6 +357,51 @@ psa_status_t psa_create_key(psa_key_lifetime_t lifetime, psa_key_id_t id, psa_key_handle_t *handle); +/** Allocate a key slot for a transient key, i.e. a key which is only stored + * in volatile memory. + * + * The allocated key slot and its handle remain valid until the + * application calls psa_close_key() or psa_destroy_key() or until the + * application terminates. + * + * \param[out] handle On success, a handle to a volatile key slot. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the newly allocated key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There was not enough memory, or the maximum number of key slots + * has been reached. + */ +psa_status_t psa_allocate_key(psa_key_handle_t *handle); + +/** + * \brief Get basic metadata about a key. + * + * \param handle Handle to the key slot to query. + * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value). + * This may be a null pointer, in which case the key type + * is not written. + * \param[out] bits On success, the key size in bits. + * This may be a null pointer, in which case the key size + * is not written. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_DOES_NOT_EXIST + * The handle is to a key slot which does not contain key material yet. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_get_key_information(psa_key_handle_t handle, + psa_key_type_t *type, + size_t *bits); + /** \brief Retrieve the lifetime of an open key. * * \param handle Handle to query. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 51c940248..273f6b6ec 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -252,6 +252,7 @@ struct psa_key_policy_s psa_key_usage_t usage; psa_algorithm_t alg; }; +typedef struct psa_key_policy_s psa_key_policy_t; #define PSA_KEY_POLICY_INIT {0, 0} static inline struct psa_key_policy_s psa_key_policy_init( void ) From 2c2cf0e36d32d421e412c3ffe9b8536cd7ad302b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Apr 2019 19:58:20 +0200 Subject: [PATCH 1177/2197] Update remaining test cases to use key attributes Finish updating the tests to use psa_key_attributes_t and psa_import_key instead of psa_key_policy_t and psa_import_key_to_handle. --- tests/suites/test_suite_psa_crypto.data | 4 +- tests/suites/test_suite_psa_crypto.function | 449 +++++++++--------- .../test_suite_psa_crypto_init.function | 7 +- 3 files changed, 220 insertions(+), 240 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3392f64ac..5b99b84a7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -286,8 +286,8 @@ import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy set and get key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING -Key policy initializers zero properly -key_policy_init: +Key attributes initializers zero properly +key_attributes_init: PSA key policy: MAC, sign | verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e656c6405..1d67c6d61 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -211,12 +211,12 @@ int exercise_mac_setup( psa_key_type_t key_type, psa_status_t *status ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + PSA_ASSERT( psa_import_key( &attributes, &handle, key_bytes, key_length ) ); *status = psa_mac_sign_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -245,12 +245,12 @@ int exercise_cipher_setup( psa_key_type_t key_type, psa_status_t *status ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + PSA_ASSERT( psa_import_key( &attributes, &handle, key_bytes, key_length ) ); *status = psa_cipher_encrypt_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -1238,6 +1238,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) unsigned char *p; int ret; size_t length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); ASSERT_ALLOC( buffer, buffer_size ); @@ -1247,8 +1248,8 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) length = ret; /* Try importing the key */ - PSA_ASSERT( psa_allocate_key( &handle ) ); - status = psa_import_key_to_handle( handle, type, p, length ); + psa_set_key_type( &attributes, type ); + status = psa_import_key( &attributes, &handle, p, length ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1488,27 +1489,37 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void key_policy_init( ) +void key_attributes_init( ) { /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to supress the Clang warning for the test. */ - psa_key_policy_t func = psa_key_policy_init( ); - psa_key_policy_t init = PSA_KEY_POLICY_INIT; - psa_key_policy_t zero; + psa_key_attributes_t func = psa_key_attributes_init( ); + psa_key_attributes_t init = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t zero; memset( &zero, 0, sizeof( zero ) ); - /* A default key policy should not permit any usage. */ - TEST_EQUAL( psa_key_policy_get_usage( &func ), 0 ); - TEST_EQUAL( psa_key_policy_get_usage( &init ), 0 ); - TEST_EQUAL( psa_key_policy_get_usage( &zero ), 0 ); + TEST_EQUAL( psa_get_key_lifetime( &func ), PSA_KEY_LIFETIME_VOLATILE ); + TEST_EQUAL( psa_get_key_lifetime( &init ), PSA_KEY_LIFETIME_VOLATILE ); + TEST_EQUAL( psa_get_key_lifetime( &zero ), PSA_KEY_LIFETIME_VOLATILE ); - /* A default key policy should not permit any algorithm. */ - TEST_EQUAL( psa_key_policy_get_algorithm( &func ), 0 ); - TEST_EQUAL( psa_key_policy_get_algorithm( &init ), 0 ); - TEST_EQUAL( psa_key_policy_get_algorithm( &zero ), 0 ); + TEST_EQUAL( psa_get_key_type( &func ), 0 ); + TEST_EQUAL( psa_get_key_type( &init ), 0 ); + TEST_EQUAL( psa_get_key_type( &zero ), 0 ); + + TEST_EQUAL( psa_get_key_bits( &func ), 0 ); + TEST_EQUAL( psa_get_key_bits( &init ), 0 ); + TEST_EQUAL( psa_get_key_bits( &zero ), 0 ); + + TEST_EQUAL( psa_get_key_usage_flags( &func ), 0 ); + TEST_EQUAL( psa_get_key_usage_flags( &init ), 0 ); + TEST_EQUAL( psa_get_key_usage_flags( &zero ), 0 ); + + TEST_EQUAL( psa_get_key_algorithm( &func ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &init ), 0 ); + TEST_EQUAL( psa_get_key_algorithm( &zero ), 0 ); } /* END_CASE */ @@ -1520,18 +1531,18 @@ void mac_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_status_t status; unsigned char mac[PSA_MAC_MAX_SIZE]; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); status = psa_mac_sign_setup( &operation, handle, exercise_alg ); @@ -1565,17 +1576,17 @@ void cipher_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); @@ -1610,7 +1621,7 @@ void aead_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned char nonce[16] = {0}; size_t nonce_length = nonce_length_arg; @@ -1623,11 +1634,11 @@ void aead_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); status = psa_aead_encrypt( handle, exercise_alg, @@ -1669,21 +1680,20 @@ void asymmetric_encryption_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; size_t key_bits; size_t buffer_length; unsigned char *buffer = NULL; size_t output_length; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -1732,7 +1742,7 @@ void asymmetric_signature_key_policy( int policy_usage, int payload_length_arg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be @@ -1746,11 +1756,11 @@ void asymmetric_signature_key_policy( int policy_usage, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); status = psa_asymmetric_sign( handle, exercise_alg, @@ -1785,17 +1795,17 @@ void derive_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); status = psa_key_derivation( &generator, handle, @@ -1824,18 +1834,18 @@ void agreement_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); @@ -1862,18 +1872,18 @@ void raw_agreement_key_policy( int policy_usage, int exercise_alg ) { psa_key_handle_t handle = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, policy_usage, policy_alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, policy_usage ); + psa_set_key_algorithm( &attributes, policy_alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); status = raw_key_agreement_with_self( exercise_alg, handle ); @@ -2341,7 +2351,7 @@ void mac_bad_order( ) 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; size_t sign_mac_length = 0; @@ -2352,13 +2362,11 @@ void mac_bad_order( ) 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 }; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, - alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key, sizeof(key) ) ); /* Call update without calling setup beforehand. */ @@ -2466,7 +2474,7 @@ void mac_sign( int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; /* Leave a little extra room in the output buffer. At the end of the * test, we'll check that the implementation didn't overwrite onto * this extra room. */ @@ -2481,11 +2489,11 @@ void mac_sign( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); /* Calculate the MAC. */ @@ -2522,17 +2530,17 @@ void mac_verify( int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_mac_verify_setup( &operation, @@ -2634,7 +2642,7 @@ void cipher_bad_order( ) psa_key_handle_t handle = 0; psa_key_type_t key_type = PSA_KEY_TYPE_AES; psa_algorithm_t alg = PSA_ALG_CBC_PKCS7; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 }; const uint8_t key[] = { @@ -2647,12 +2655,10 @@ void cipher_bad_order( ) size_t length = 0; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + PSA_ASSERT( psa_import_key( &attributes, &handle, key, sizeof(key) ) ); @@ -2799,18 +2805,18 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, @@ -2869,18 +2875,18 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, @@ -2945,18 +2951,18 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, @@ -3019,18 +3025,18 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t function_output_length = 0; size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); memset( iv, 0x2a, iv_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, @@ -3089,15 +3095,15 @@ void cipher_verify_output( int alg_arg, int key_type_arg, size_t function_output_length = 0; psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT; psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, @@ -3175,15 +3181,15 @@ void cipher_verify_output_multipart( int alg_arg, size_t function_output_length; psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT; psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key->x, key->len ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, @@ -3274,20 +3280,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, size_t output_length2 = 0; size_t tag_length = 16; psa_status_t expected_result = expected_result_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, + PSA_ASSERT( psa_import_key( &attributes, &handle, key_data->x, key_data->len ) ); TEST_EQUAL( psa_aead_encrypt( handle, alg, @@ -3339,20 +3343,19 @@ void aead_encrypt( int key_type_arg, data_t *key_data, size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; output_size = input_data->len + tag_length; ASSERT_ALLOC( output_data, output_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); PSA_ASSERT( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, @@ -3387,7 +3390,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_result = expected_result_arg; output_size = input_data->len + tag_length; @@ -3395,13 +3398,12 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); TEST_EQUAL( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, @@ -3450,18 +3452,16 @@ void sign_deterministic( int key_type_arg, data_t *key_data, unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -3502,19 +3502,18 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_status_t expected_status = expected_status_arg; unsigned char *signature = NULL; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; ASSERT_ALLOC( signature, signature_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); actual_status = psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, @@ -3545,20 +3544,16 @@ void sign_verify( int key_type_arg, data_t *key_data, unsigned char *signature = NULL; size_t signature_size; size_t signature_length = 0xdeadbeef; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, - alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -3612,19 +3607,18 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_key_handle_t handle = 0; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); PSA_ASSERT( psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3647,17 +3641,16 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); actual_status = psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3691,18 +3684,16 @@ void asymmetric_encrypt( int key_type_arg, size_t output_length = ~0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); /* Import the key */ - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); /* Determine the maximum output length */ PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -3759,20 +3750,16 @@ void asymmetric_encrypt_decrypt( int key_type_arg, unsigned char *output2 = NULL; size_t output2_size; size_t output2_length = ~0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, - alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); /* Determine the maximum ciphertext length */ PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -3824,20 +3811,19 @@ void asymmetric_decrypt( int key_type_arg, unsigned char *output = NULL; size_t output_size = 0; size_t output_length = ~0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; output_size = expected_data->len; ASSERT_ALLOC( output, output_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -3889,19 +3875,18 @@ void asymmetric_decrypt_fail( int key_type_arg, size_t output_length = ~0; psa_status_t actual_status; psa_status_t expected_status = expected_status_arg; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; ASSERT_ALLOC( output, output_size ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); actual_status = psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -3978,17 +3963,16 @@ void derive_setup( int key_type_arg, size_t requested_capacity = requested_capacity_arg; psa_status_t expected_status = expected_status_arg; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data->x, - key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data->x, key_data->len ) ); TEST_EQUAL( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, @@ -4015,17 +3999,16 @@ void test_derive_invalid_generator_state( ) const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_allocate_key( &handle ) ); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key_to_handle( handle, key_type, - key_data, - sizeof( key_data ) ) ); + PSA_ASSERT( psa_import_key( &attributes, &handle, + key_data, sizeof( key_data ) ) ); /* valid key derivation */ PSA_ASSERT( psa_key_derivation( &generator, handle, alg, @@ -4119,8 +4102,7 @@ void derive_output( int alg_arg, psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, - key_data->len ) ); + key_data->x, key_data->len ) ); /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) @@ -4216,8 +4198,7 @@ void derive_full( int alg_arg, psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, - key_data->len ) ); + key_data->x, key_data->len ) ); /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) @@ -4303,8 +4284,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &attributes, &base_handle, - key_data->x, - key_data->len ) ); + key_data->x, key_data->len ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4365,8 +4345,7 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &base_attributes, alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); PSA_ASSERT( psa_import_key( &base_attributes, &base_handle, - key_data->x, - key_data->len ) ); + key_data->x, key_data->len ) ); /* Derive some material and output it. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4436,8 +4415,7 @@ void key_agreement_setup( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, - our_key_data->len ) ); + our_key_data->x, our_key_data->len ) ); /* The tests currently include inputs that should fail at either step. * Test cases that fail at the setup step should be changed to call @@ -4483,8 +4461,7 @@ void raw_key_agreement( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, - our_key_data->len ) ); + our_key_data->x, our_key_data->len ) ); PSA_ASSERT( psa_key_agreement_raw_shared_secret( alg, our_key, @@ -4520,8 +4497,7 @@ void key_agreement_capacity( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, - our_key_data->len ) ); + our_key_data->x, our_key_data->len ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, @@ -4581,8 +4557,7 @@ void key_agreement_output( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, - our_key_data->len ) ); + our_key_data->x, our_key_data->len ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 9f464ac3f..9551e1ae3 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -182,15 +182,20 @@ void validate_module_init_key_based( int count ) { psa_status_t status; uint8_t data[10] = { 0 }; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle = 0xdead; int i; + for( i = 0; i < count; i++ ) { status = psa_crypto_init( ); PSA_ASSERT( status ); mbedtls_psa_crypto_free( ); } - status = psa_import_key_to_handle( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + status = psa_import_key( &attributes, &handle, data, sizeof( data ) ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); + TEST_EQUAL( handle, 0 ); } /* END_CASE */ From 0688e4f2668dab8ad95b734c23b35977134a6d21 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 10:42:02 +0000 Subject: [PATCH 1178/2197] Remove programs that depend on TLS or X.509 --- programs/.gitignore | 17 - programs/CMakeLists.txt | 2 - programs/Makefile | 83 - programs/README.md | 43 - programs/ssl/CMakeLists.txt | 64 - programs/ssl/dtls_client.c | 374 --- programs/ssl/dtls_server.c | 449 --- programs/ssl/mini_client.c | 312 --- programs/ssl/ssl_client1.c | 331 --- programs/ssl/ssl_client2.c | 2454 ---------------- programs/ssl/ssl_fork_server.c | 435 --- programs/ssl/ssl_mail_client.c | 871 ------ programs/ssl/ssl_pthread_server.c | 545 ---- programs/ssl/ssl_server.c | 416 --- programs/ssl/ssl_server2.c | 3533 ------------------------ programs/test/CMakeLists.txt | 5 +- programs/test/udp_proxy.c | 944 ------- programs/test/udp_proxy_wrapper.sh | 117 - programs/x509/CMakeLists.txt | 30 - programs/x509/cert_app.c | 515 ---- programs/x509/cert_req.c | 453 --- programs/x509/cert_write.c | 825 ------ programs/x509/crl_app.c | 164 -- programs/x509/req_app.c | 164 -- tests/data_files/Makefile | 2 - visualc/VS2010/cert_app.vcxproj | 174 -- visualc/VS2010/cert_req.vcxproj | 174 -- visualc/VS2010/cert_write.vcxproj | 174 -- visualc/VS2010/crl_app.vcxproj | 174 -- visualc/VS2010/dtls_client.vcxproj | 174 -- visualc/VS2010/dtls_server.vcxproj | 174 -- visualc/VS2010/mbedTLS.sln | 195 -- visualc/VS2010/mini_client.vcxproj | 174 -- visualc/VS2010/req_app.vcxproj | 174 -- visualc/VS2010/ssl_client1.vcxproj | 174 -- visualc/VS2010/ssl_client2.vcxproj | 175 -- visualc/VS2010/ssl_fork_server.vcxproj | 174 -- visualc/VS2010/ssl_mail_client.vcxproj | 174 -- visualc/VS2010/ssl_server.vcxproj | 174 -- visualc/VS2010/ssl_server2.vcxproj | 175 -- visualc/VS2010/udp_proxy.vcxproj | 174 -- 41 files changed, 1 insertion(+), 15954 deletions(-) delete mode 100644 programs/ssl/CMakeLists.txt delete mode 100644 programs/ssl/dtls_client.c delete mode 100644 programs/ssl/dtls_server.c delete mode 100644 programs/ssl/mini_client.c delete mode 100644 programs/ssl/ssl_client1.c delete mode 100644 programs/ssl/ssl_client2.c delete mode 100644 programs/ssl/ssl_fork_server.c delete mode 100644 programs/ssl/ssl_mail_client.c delete mode 100644 programs/ssl/ssl_pthread_server.c delete mode 100644 programs/ssl/ssl_server.c delete mode 100644 programs/ssl/ssl_server2.c delete mode 100644 programs/test/udp_proxy.c delete mode 100755 programs/test/udp_proxy_wrapper.sh delete mode 100644 programs/x509/CMakeLists.txt delete mode 100644 programs/x509/cert_app.c delete mode 100644 programs/x509/cert_req.c delete mode 100644 programs/x509/cert_write.c delete mode 100644 programs/x509/crl_app.c delete mode 100644 programs/x509/req_app.c delete mode 100644 visualc/VS2010/cert_app.vcxproj delete mode 100644 visualc/VS2010/cert_req.vcxproj delete mode 100644 visualc/VS2010/cert_write.vcxproj delete mode 100644 visualc/VS2010/crl_app.vcxproj delete mode 100644 visualc/VS2010/dtls_client.vcxproj delete mode 100644 visualc/VS2010/dtls_server.vcxproj delete mode 100644 visualc/VS2010/mini_client.vcxproj delete mode 100644 visualc/VS2010/req_app.vcxproj delete mode 100644 visualc/VS2010/ssl_client1.vcxproj delete mode 100644 visualc/VS2010/ssl_client2.vcxproj delete mode 100644 visualc/VS2010/ssl_fork_server.vcxproj delete mode 100644 visualc/VS2010/ssl_mail_client.vcxproj delete mode 100644 visualc/VS2010/ssl_server.vcxproj delete mode 100644 visualc/VS2010/ssl_server2.vcxproj delete mode 100644 visualc/VS2010/udp_proxy.vcxproj diff --git a/programs/.gitignore b/programs/.gitignore index 30489bed0..a6df08f9e 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -34,31 +34,14 @@ psa/key_ladder_demo random/gen_entropy random/gen_random_ctr_drbg random/gen_random_havege -ssl/dtls_client -ssl/dtls_server -ssl/ssl_client1 -ssl/ssl_client2 -ssl/ssl_fork_server -ssl/ssl_mail_client -ssl/ssl_pthread_server -ssl/ssl_server -ssl/ssl_server2 -ssl/mini_client test/benchmark test/ecp-bench test/selftest test/cpp_dummy_build -test/ssl_cert_test -test/udp_proxy test/zeroize test/query_compile_time_config util/pem2der util/strerror -x509/cert_app -x509/cert_req -x509/crl_app -x509/cert_write -x509/req_app # generated files pkey/keyfile.key diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt index 661b12071..b99b44e80 100644 --- a/programs/CMakeLists.txt +++ b/programs/CMakeLists.txt @@ -3,7 +3,5 @@ add_subdirectory(hash) add_subdirectory(pkey) add_subdirectory(psa) add_subdirectory(random) -add_subdirectory(ssl) add_subdirectory(test) -add_subdirectory(x509) add_subdirectory(util) diff --git a/programs/Makefile b/programs/Makefile index 1b032de4c..5bf2f0402 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -67,36 +67,17 @@ APPS = \ psa/crypto_examples$(EXEXT) \ psa/key_ladder_demo$(EXEXT) \ psa/psa_constant_names$(EXEXT) \ - ssl/dtls_client$(EXEXT) \ - ssl/dtls_server$(EXEXT) \ - ssl/ssl_client1$(EXEXT) \ - ssl/ssl_client2$(EXEXT) \ - ssl/ssl_server$(EXEXT) \ - ssl/ssl_server2$(EXEXT) \ - ssl/ssl_fork_server$(EXEXT) \ - ssl/mini_client$(EXEXT) \ - ssl/ssl_mail_client$(EXEXT) \ random/gen_entropy$(EXEXT) \ random/gen_random_havege$(EXEXT) \ random/gen_random_ctr_drbg$(EXEXT) \ test/benchmark$(EXEXT) \ test/selftest$(EXEXT) \ - test/udp_proxy$(EXEXT) \ test/zeroize$(EXEXT) \ test/query_compile_time_config$(EXEXT) \ util/pem2der$(EXEXT) \ util/strerror$(EXEXT) \ - x509/cert_app$(EXEXT) \ - x509/crl_app$(EXEXT) \ - x509/cert_req$(EXEXT) \ - x509/cert_write$(EXEXT) \ - x509/req_app$(EXEXT) \ # End of APPS -ifdef PTHREAD -APPS += ssl/ssl_pthread_server$(EXEXT) -endif - ifdef TEST_CPP APPS += test/cpp_dummy_build$(EXEXT) endif @@ -230,46 +211,6 @@ random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP) echo " CC random/gen_random_ctr_drbg.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -ssl/dtls_client$(EXEXT): ssl/dtls_client.c $(DEP) - echo " CC ssl/dtls_client.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/dtls_server$(EXEXT): ssl/dtls_server.c $(DEP) - echo " CC ssl/dtls_server.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c $(DEP) - echo " CC ssl/ssl_client1.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c test/query_config.c $(DEP) - echo " CC ssl/ssl_client2.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP) - echo " CC ssl/ssl_server.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c test/query_config.c $(DEP) - echo " CC ssl/ssl_server2.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP) - echo " CC ssl/ssl_fork_server.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_fork_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c $(DEP) - echo " CC ssl/ssl_pthread_server.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_pthread_server.c $(LOCAL_LDFLAGS) -lpthread $(LDFLAGS) -o $@ - -ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c $(DEP) - echo " CC ssl/ssl_mail_client.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_mail_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -ssl/mini_client$(EXEXT): ssl/mini_client.c $(DEP) - echo " CC ssl/mini_client.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/mini_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - test/benchmark$(EXEXT): test/benchmark.c $(DEP) echo " CC test/benchmark.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -282,10 +223,6 @@ test/selftest$(EXEXT): test/selftest.c $(DEP) echo " CC test/selftest.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -test/udp_proxy$(EXEXT): test/udp_proxy.c $(DEP) - echo " CC test/udp_proxy.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/udp_proxy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - test/zeroize$(EXEXT): test/zeroize.c $(DEP) echo " CC test/zeroize.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -302,26 +239,6 @@ util/strerror$(EXEXT): util/strerror.c $(DEP) echo " CC util/strerror.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/strerror.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -x509/cert_app$(EXEXT): x509/cert_app.c $(DEP) - echo " CC x509/cert_app.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -x509/cert_write$(EXEXT): x509/cert_write.c $(DEP) - echo " CC x509/cert_write.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_write.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -x509/crl_app$(EXEXT): x509/crl_app.c $(DEP) - echo " CC x509/crl_app.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/crl_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -x509/cert_req$(EXEXT): x509/cert_req.c $(DEP) - echo " CC x509/cert_req.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_req.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -x509/req_app$(EXEXT): x509/req_app.c $(DEP) - echo " CC x509/req_app.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP) echo " CC psa/crypto_examples.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index 44edd617a..977e26c41 100644 --- a/programs/README.md +++ b/programs/README.md @@ -61,36 +61,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu * [`random/gen_random_havege.c`](random/gen_random_havege.c): demonstrates the HAVEGE entropy collector. -## SSL/TLS examples - -### SSL/TLS sample applications - -* [`ssl/dtls_client.c`](ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads one datagram in response. - -* [`ssl/dtls_server.c`](ssl/dtls_server.c): a simple DTLS server program, which expects one datagram from the client and writes one datagram in response. This program supports DTLS cookies for hello verification. - -* [`ssl/mini_client.c`](ssl/mini_client.c): a minimalistic SSL client, which sends a short string and disconnects. This is primarily intended as a benchmark; for a better example of a typical TLS client, see `ssl/ssl_client1.c`. - -* [`ssl/ssl_client1.c`](ssl/ssl_client1.c): a simple HTTPS client that sends a fixed request and displays the response. - -* [`ssl/ssl_fork_server.c`](ssl/ssl_fork_server.c): a simple HTTPS server using one process per client to send a fixed response. This program requires a Unix/POSIX environment implementing the `fork` system call. - -* [`ssl/ssl_mail_client.c`](ssl/ssl_mail_client.c): a simple SMTP-over-TLS or SMTP-STARTTLS client. This client sends an email with fixed content. - -* [`ssl/ssl_pthread_server.c`](ssl/ssl_pthread_server.c): a simple HTTPS server using one thread per client to send a fixed response. This program requires the pthread library. - -* [`ssl/ssl_server.c`](ssl/ssl_server.c): a simple HTTPS server that sends a fixed response. It serves a single client at a time. - -### SSL/TLS feature demonstrators - -Note: unlike most of the other programs under the `programs/` directory, these two programs are not intended as a basis for writing an application. They combine most of the features supported by the library, and most applications require only a few features. To write a new application, we recommended that you start with `ssl_client1.c` or `ssl_server.c`, and then look inside `ssl/ssl_client2.c` or `ssl/ssl_server2.c` to see how to use the specific features that your application needs. - -* [`ssl/ssl_client2.c`](ssl/ssl_client2.c): an HTTPS client that sends a fixed request and displays the response, with options to select TLS protocol features and Mbed TLS library features. - -* [`ssl/ssl_server2.c`](ssl/ssl_server2.c): an HTTPS server that sends a fixed response, with options to select TLS protocol features and Mbed TLS library features. - -In addition to providing options for testing client-side features, the `ssl_client2` program has options that allow you to trigger certain behaviors in the server. For example, there are options to select ciphersuites, or to force a renegotiation. These options are useful for testing the corresponding features in a TLS server. Likewise, `ssl_server2` has options to activate certain behaviors that are useful for testing a TLS client. - ## Test utilities * [`test/benchmark.c`](test/benchmark.c): benchmark for cryptographic algorithms. @@ -106,16 +76,3 @@ In addition to providing options for testing client-side features, the `ssl_clie * [`util/pem2der.c`](util/pem2der.c): a PEM to DER converter. Mbed TLS can read PEM files directly, but this utility can be useful for interacting with other tools or with minimal Mbed TLS builds that lack PEM support. * [`util/strerror.c`](util/strerror.c): prints the error description corresponding to an integer status returned by an Mbed TLS function. - -## X.509 certificate examples - -* [`x509/cert_app.c`](x509/cert_app.c): connects to a TLS server and verifies its certificate chain. - -* [`x509/cert_req.c`](x509/cert_req.c): generates a certificate signing request (CSR) for a private key. - -* [`x509/cert_write.c`](x509/cert_write.c): signs a certificate signing request, or self-signs a certificate. - -* [`x509/crl_app.c`](x509/crl_app.c): loads and dumps a certificate revocation list (CRL). - -* [`x509/req_app.c`](x509/req_app.c): loads and dumps a certificate signing request (CSR). - diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt deleted file mode 100644 index f28a47d87..000000000 --- a/programs/ssl/CMakeLists.txt +++ /dev/null @@ -1,64 +0,0 @@ -set(THREADS_USE_PTHREADS_WIN32 true) -find_package(Threads) - -set(libs - mbedtls -) - -set(targets - dtls_client - dtls_server - ssl_client1 - ssl_client2 - ssl_server - ssl_fork_server - ssl_mail_client - mini_client -) - -if(USE_PKCS11_HELPER_LIBRARY) - set(libs ${libs} pkcs11-helper) -endif(USE_PKCS11_HELPER_LIBRARY) - -if(ENABLE_ZLIB_SUPPORT) - set(libs ${libs} ${ZLIB_LIBRARIES}) -endif(ENABLE_ZLIB_SUPPORT) - -add_executable(dtls_client dtls_client.c) -target_link_libraries(dtls_client ${libs}) - -add_executable(dtls_server dtls_server.c) -target_link_libraries(dtls_server ${libs}) - -add_executable(ssl_client1 ssl_client1.c) -target_link_libraries(ssl_client1 ${libs}) - -add_executable(ssl_client2 ssl_client2.c) -target_sources(ssl_client2 PUBLIC ../test/query_config.c) -target_link_libraries(ssl_client2 ${libs}) - -add_executable(ssl_server ssl_server.c) -target_link_libraries(ssl_server ${libs}) - -add_executable(ssl_server2 ssl_server2.c) -target_sources(ssl_server2 PUBLIC ../test/query_config.c) -target_link_libraries(ssl_server2 ${libs}) - -add_executable(ssl_fork_server ssl_fork_server.c) -target_link_libraries(ssl_fork_server ${libs}) - -add_executable(ssl_mail_client ssl_mail_client.c) -target_link_libraries(ssl_mail_client ${libs}) - -add_executable(mini_client mini_client.c) -target_link_libraries(mini_client ${libs}) - -if(THREADS_FOUND) - add_executable(ssl_pthread_server ssl_pthread_server.c) - target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT}) - set(targets ${targets} ssl_pthread_server) -endif(THREADS_FOUND) - -install(TARGETS ${targets} - DESTINATION "bin" - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c deleted file mode 100644 index 90db06ca9..000000000 --- a/programs/ssl/dtls_client.c +++ /dev/null @@ -1,374 +0,0 @@ -/* - * Simple DTLS client demonstration program - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#define mbedtls_fprintf fprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -#if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) -{ - mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " - "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); - return( 0 ); -} -#else - -#include - -#include "mbedtls/net_sockets.h" -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/error.h" -#include "mbedtls/certs.h" -#include "mbedtls/timing.h" - -/* Uncomment out the following line to default to IPv4 and disable IPv6 */ -//#define FORCE_IPV4 - -#define SERVER_PORT "4433" -#define SERVER_NAME "localhost" - -#ifdef FORCE_IPV4 -#define SERVER_ADDR "127.0.0.1" /* Forces IPv4 */ -#else -#define SERVER_ADDR "::1" -#endif - -#define MESSAGE "Echo this" - -#define READ_TIMEOUT_MS 1000 -#define MAX_RETRY 5 - -#define DEBUG_LEVEL 0 - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -int main( int argc, char *argv[] ) -{ - int ret, len; - mbedtls_net_context server_fd; - uint32_t flags; - unsigned char buf[1024]; - const char *pers = "dtls_client"; - int retry_left = MAX_RETRY; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt cacert; - mbedtls_timing_delay_context timer; - - ((void) argc); - ((void) argv); - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); -#endif - - /* - * 0. Initialize the RNG and the session data - */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 0. Load certificates - */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_printf( " ok (%d skipped)\n", ret ); - - /* - * 1. Start the connection - */ - mbedtls_printf( " . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR, - SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 2. Setup stuff - */ - mbedtls_printf( " . Setting up the DTLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - /* OPTIONAL is usually a bad choice for security, but makes interop easier - * in this simplified example, in which the ca chain is hardcoded. - * Production code should set a proper ca chain and use REQUIRED. */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &server_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); - - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); - - mbedtls_printf( " ok\n" ); - - /* - * 4. Handshake - */ - mbedtls_printf( " . Performing the DTLS handshake..." ); - fflush( stdout ); - - do ret = mbedtls_ssl_handshake( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 5. Verify the server certificate - */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); - - /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the - * handshake would not succeed if the peer's cert is bad. Even if we used - * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - mbedtls_printf( " ok\n" ); - - /* - * 6. Write the echo request - */ -send_request: - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); - - len = sizeof( MESSAGE ) - 1; - - do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - goto exit; - } - - len = ret; - mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE ); - - /* - * 7. Read the echo response - */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); - - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - - do ret = mbedtls_ssl_read( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_TIMEOUT: - mbedtls_printf( " timeout\n\n" ); - if( retry_left-- > 0 ) - goto send_request; - goto exit; - - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - ret = 0; - goto close_notify; - - default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret ); - goto exit; - } - } - - len = ret; - mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf ); - - /* - * 8. Done, cleanly close the connection - */ -close_notify: - mbedtls_printf( " . Closing the connection..." ); - - /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - ret = 0; - - mbedtls_printf( " done\n" ); - - /* - * 9. Final clean-ups and exit - */ -exit: - -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &server_fd ); - - mbedtls_x509_crt_free( &cacert ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - /* Shell can not handle large exit numbers -> 1 for errors */ - if( ret < 0 ) - ret = 1; - - return( ret ); -} -#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && - MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && - MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C && - MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c deleted file mode 100644 index dd21fbf47..000000000 --- a/programs/ssl/dtls_server.c +++ /dev/null @@ -1,449 +0,0 @@ -/* - * Simple DTLS server demonstration program - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#define mbedtls_fprintf fprintf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -/* Uncomment out the following line to default to IPv4 and disable IPv6 */ -//#define FORCE_IPV4 - -#ifdef FORCE_IPV4 -#define BIND_IP "0.0.0.0" /* Forces IPv4 */ -#else -#define BIND_IP "::" -#endif - -#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ - !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ - !defined(MBEDTLS_TIMING_C) - -int main( void ) -{ - printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " - "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " - "MBEDTLS_TIMING_C not defined.\n" ); - return( 0 ); -} -#else - -#if defined(_WIN32) -#include -#endif - -#include -#include -#include - -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/error.h" -#include "mbedtls/debug.h" -#include "mbedtls/timing.h" - -#if defined(MBEDTLS_SSL_CACHE_C) -#include "mbedtls/ssl_cache.h" -#endif - -#define READ_TIMEOUT_MS 10000 /* 5 seconds */ -#define DEBUG_LEVEL 0 - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -int main( void ) -{ - int ret, len; - mbedtls_net_context listen_fd, client_fd; - unsigned char buf[1024]; - const char *pers = "dtls_server"; - unsigned char client_ip[16] = { 0 }; - size_t cliip_len; - mbedtls_ssl_cookie_ctx cookie_ctx; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt srvcert; - mbedtls_pk_context pkey; - mbedtls_timing_delay_context timer; -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_context cache; -#endif - - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ssl_cookie_init( &cookie_ctx ); -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); -#endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); -#endif - - /* - * 1. Load the certificates and private RSA key - */ - printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); - - /* - * This demonstration program uses embedded test certificates. - * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the - * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). - */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); - goto exit; - } - - printf( " ok\n" ); - - /* - * 2. Setup the "listening" UDP socket - */ - printf( " . Bind on udp/*/4433 ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - printf( " ok\n" ); - - /* - * 3. Seed the RNG - */ - printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - printf( " ok\n" ); - - /* - * 4. Setup stuff - */ - printf( " . Setting up the DTLS data..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, - mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); -#endif - - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, - &cookie_ctx ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); - - printf( " ok\n" ); - -reset: -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - printf("Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &client_fd ); - - mbedtls_ssl_session_reset( &ssl ); - - /* - * 3. Wait until a client connects - */ - printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) - { - printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); - goto exit; - } - - /* For HelloVerifyRequest cookies */ - if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, - client_ip, cliip_len ) ) != 0 ) - { - printf( " failed\n ! " - "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &client_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); - - printf( " ok\n" ); - - /* - * 5. Handshake - */ - printf( " . Performing the DTLS handshake..." ); - fflush( stdout ); - - do ret = mbedtls_ssl_handshake( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - printf( " hello verification requested\n" ); - ret = 0; - goto reset; - } - else if( ret != 0 ) - { - printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); - goto reset; - } - - printf( " ok\n" ); - - /* - * 6. Read the echo Request - */ - printf( " < Read from client:" ); - fflush( stdout ); - - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - - do ret = mbedtls_ssl_read( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_TIMEOUT: - printf( " timeout\n\n" ); - goto reset; - - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - printf( " connection was closed gracefully\n" ); - ret = 0; - goto close_notify; - - default: - printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret ); - goto reset; - } - } - - len = ret; - printf( " %d bytes read\n\n%s\n\n", len, buf ); - - /* - * 7. Write the 200 Response - */ - printf( " > Write to client:" ); - fflush( stdout ); - - do ret = mbedtls_ssl_write( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - - if( ret < 0 ) - { - printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - goto exit; - } - - len = ret; - printf( " %d bytes written\n\n%s\n\n", len, buf ); - - /* - * 8. Done, cleanly close the connection - */ -close_notify: - printf( " . Closing the connection..." ); - - /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - ret = 0; - - printf( " done\n" ); - - goto reset; - - /* - * Final clean-ups and exit - */ -exit: - -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - printf( "Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_cookie_free( &cookie_ctx ); -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); -#endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - /* Shell can not handle large exit numbers -> 1 for errors */ - if( ret < 0 ) - ret = 1; - - return( ret ); -} -#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && - MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && - MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C - && MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */ diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c deleted file mode 100644 index ff3612885..000000000 --- a/programs/ssl/mini_client.c +++ /dev/null @@ -1,312 +0,0 @@ -/* - * Minimal SSL client, used for memory measurements. - * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -/* - * We're creating and connecting the socket "manually" rather than using the - * NET module, in order to avoid the overhead of getaddrinfo() which tends to - * dominate memory usage in small configurations. For the sake of simplicity, - * only a Unix version is implemented. - * - * Warning: we are breaking some of the abtractions from the NET layer here. - * This is not a good example for general use. This programs has the specific - * goal of minimizing use of the libc functions on full-blown OSes. - */ -#if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__) -#define UNIX -#endif - -#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ - !defined(UNIX) - -int main( void ) -{ - mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " - "not defined.\n"); - return( 0 ); -} -#else - -#include - -#include "mbedtls/net_sockets.h" -#include "mbedtls/ssl.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" - -#include -#include -#include - -/* - * Hardcoded values for server host and port - */ -#define PORT_BE 0x1151 /* 4433 */ -#define PORT_LE 0x5111 -#define ADDR_BE 0x7f000001 /* 127.0.0.1 */ -#define ADDR_LE 0x0100007f -#define HOSTNAME "localhost" /* for cert verification if enabled */ - -#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" - -const char *pers = "mini_client"; - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -const unsigned char psk[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f -}; -const char psk_id[] = "Client_identity"; -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */ -const unsigned char ca_cert[] = { - 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01, - 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, - 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, - 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, - 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, - 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, - 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, - 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39, - 0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32, - 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, - 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, - 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, - 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, - 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, - 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, - 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, - 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, - 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, - 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, - 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, - 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, - 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, - 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, - 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, - 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d, - 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20, - 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, - 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, - 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, - 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, - 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, - 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06, - 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, - 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, - 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56, - 0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8, - 0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a, - 0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67, - 0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67, - 0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6, - 0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f, - 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c, - 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20, -}; -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -enum exit_codes -{ - exit_ok = 0, - ctr_drbg_seed_failed, - ssl_config_defaults_failed, - ssl_setup_failed, - hostname_failed, - socket_failed, - connect_failed, - x509_crt_parse_failed, - ssl_handshake_failed, - ssl_write_failed, -}; - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -int main( void ) -{ - int ret = exit_ok; - mbedtls_net_context server_fd; - struct sockaddr_in addr; -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt ca; -#endif - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_ctr_drbg_init( &ctr_drbg ); - - /* - * 0. Initialize and setup stuff - */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &ca ); -#endif - - mbedtls_entropy_init( &entropy ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) - { - ret = ctr_drbg_seed_failed; - goto exit; - } - - if( mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) - { - ret = ssl_config_defaults_failed; - goto exit; - } - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) - { - ret = x509_crt_parse_failed; - goto exit; - } - - mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL ); - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); -#endif - - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) - { - ret = ssl_setup_failed; - goto exit; - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 ) - { - ret = hostname_failed; - goto exit; - } -#endif - - /* - * 1. Start the connection - */ - memset( &addr, 0, sizeof( addr ) ); - addr.sin_family = AF_INET; - - ret = 1; /* for endianness detection */ - addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE; - addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; - ret = 0; - - if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) - { - ret = socket_failed; - goto exit; - } - - if( connect( server_fd.fd, - (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) - { - ret = connect_failed; - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - if( mbedtls_ssl_handshake( &ssl ) != 0 ) - { - ret = ssl_handshake_failed; - goto exit; - } - - /* - * 2. Write the GET request and close the connection - */ - if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST, - sizeof( GET_REQUEST ) - 1 ) <= 0 ) - { - ret = ssl_write_failed; - goto exit; - } - - mbedtls_ssl_close_notify( &ssl ); - -exit: - mbedtls_net_free( &server_fd ); - - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &ca ); -#endif - - return( ret ); -} -#endif diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c deleted file mode 100644 index 646909f11..000000000 --- a/programs/ssl/ssl_client1.c +++ /dev/null @@ -1,331 +0,0 @@ -/* - * SSL client demonstration program - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ - !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/net_sockets.h" -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/error.h" -#include "mbedtls/certs.h" - -#include - -#define SERVER_PORT "4433" -#define SERVER_NAME "localhost" -#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" - -#define DEBUG_LEVEL 1 - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -int main( void ) -{ - int ret = 1, len; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_net_context server_fd; - uint32_t flags; - unsigned char buf[1024]; - const char *pers = "ssl_client1"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt cacert; - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); -#endif - - /* - * 0. Initialize the RNG and the session data - */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 0. Initialize certificates - */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_printf( " ok (%d skipped)\n", ret ); - - /* - * 1. Start the connection - */ - mbedtls_printf( " . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 2. Setup stuff - */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* OPTIONAL is not optimal for security, - * but makes interop easier in this simplified example */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - /* - * 4. Handshake - */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); - goto exit; - } - } - - mbedtls_printf( " ok\n" ); - - /* - * 5. Verify the server certificate - */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); - - /* In real life, we probably want to bail out when ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - mbedtls_printf( " ok\n" ); - - /* - * 3. Write the GET request - */ - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, GET_REQUEST ); - - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - goto exit; - } - } - - len = ret; - mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf ); - - /* - * 7. Read the HTTP response - */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); - - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - continue; - - if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) - break; - - if( ret < 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); - break; - } - - if( ret == 0 ) - { - mbedtls_printf( "\n\nEOF\n\n" ); - break; - } - - len = ret; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - } - while( 1 ); - - mbedtls_ssl_close_notify( &ssl ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - -#ifdef MBEDTLS_ERROR_C - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &server_fd ); - - mbedtls_x509_crt_free( &cacert ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && - MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && - MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C && - MBEDTLS_X509_CRT_PARSE_C */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c deleted file mode 100644 index 2cddfb42a..000000000 --- a/programs/ssl/ssl_client2.c +++ /dev/null @@ -1,2454 +0,0 @@ -/* - * SSL client with certificate authentication - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_printf printf -#define mbedtls_fprintf fprintf -#define mbedtls_snprintf snprintf -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -#if !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/net_sockets.h" -#include "mbedtls/ssl.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" -#include "mbedtls/error.h" -#include "mbedtls/debug.h" -#include "mbedtls/timing.h" - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif - -#include -#include -#include - -#define MAX_REQUEST_SIZE 20000 -#define MAX_REQUEST_SIZE_STR "20000" - -#define DFL_SERVER_NAME "localhost" -#define DFL_SERVER_ADDR NULL -#define DFL_SERVER_PORT "4433" -#define DFL_REQUEST_PAGE "/" -#define DFL_REQUEST_SIZE -1 -#define DFL_DEBUG_LEVEL 0 -#define DFL_CONTEXT_CRT_CB 0 -#define DFL_NBIO 0 -#define DFL_EVENT 0 -#define DFL_READ_TIMEOUT 0 -#define DFL_MAX_RESEND 0 -#define DFL_CA_FILE "" -#define DFL_CA_PATH "" -#define DFL_CRT_FILE "" -#define DFL_KEY_FILE "" -#define DFL_KEY_OPAQUE 0 -#define DFL_PSK "" -#define DFL_PSK_OPAQUE 0 -#define DFL_PSK_IDENTITY "Client_identity" -#define DFL_ECJPAKE_PW NULL -#define DFL_EC_MAX_OPS -1 -#define DFL_FORCE_CIPHER 0 -#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED -#define DFL_ALLOW_LEGACY -2 -#define DFL_RENEGOTIATE 0 -#define DFL_EXCHANGES 1 -#define DFL_MIN_VERSION -1 -#define DFL_MAX_VERSION -1 -#define DFL_ARC4 -1 -#define DFL_SHA1 -1 -#define DFL_AUTH_MODE -1 -#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE -#define DFL_TRUNC_HMAC -1 -#define DFL_RECSPLIT -1 -#define DFL_DHMLEN -1 -#define DFL_RECONNECT 0 -#define DFL_RECO_DELAY 0 -#define DFL_RECONNECT_HARD 0 -#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED -#define DFL_ALPN_STRING NULL -#define DFL_CURVES NULL -#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM -#define DFL_HS_TO_MIN 0 -#define DFL_HS_TO_MAX 0 -#define DFL_DTLS_MTU -1 -#define DFL_DGRAM_PACKING 1 -#define DFL_FALLBACK -1 -#define DFL_EXTENDED_MS -1 -#define DFL_ETM -1 -#define DFL_CA_CALLBACK 0 - - -#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: " -#define GET_REQUEST_END "\r\n\r\n" - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#define USAGE_CONTEXT_CRT_CB \ - " context_crt_cb=%%d This determines whether the CRT verification callback is bound\n" \ - " to the SSL configuration of the SSL context.\n" \ - " Possible values:\n"\ - " - 0 (default): Use CRT callback bound to configuration\n" \ - " - 1: Use CRT callback bound to SSL context\n" -#else -#define USAGE_CONTEXT_CRT_CB "" -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_FS_IO) -#define USAGE_IO \ - " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (pre-loaded)\n" \ - " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (pre-loaded) (overrides ca_file)\n" \ - " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ - " default: \"\" (pre-loaded)\n" \ - " key_file=%%s default: \"\" (pre-loaded)\n" -#else -#define USAGE_IO \ - " No file operations available (MBEDTLS_FS_IO not defined)\n" -#endif /* MBEDTLS_FS_IO */ -#else /* MBEDTLS_X509_CRT_PARSE_C */ -#define USAGE_IO "" -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) -#define USAGE_KEY_OPAQUE \ - " key_opaque=%%d Handle your private key as if it were opaque\n" \ - " default: 0 (disabled)\n" -#else -#define USAGE_KEY_OPAQUE "" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#define USAGE_PSK_RAW \ - " psk=%%s default: \"\" (in hex, without 0x)\n" \ - " psk_identity=%%s default: \"Client_identity\"\n" -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#define USAGE_PSK_SLOT \ - " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \ - " Enable this to store the PSK configured through command line\n" \ - " parameter `psk` in a PSA-based key slot.\n" \ - " Note: Currently only supported in conjunction with\n" \ - " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ - " to force a particular PSK-only ciphersuite.\n" \ - " Note: This is to test integration of PSA-based opaque PSKs with\n" \ - " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ - " with prepopulated key slots instead of importing raw key material.\n" -#else -#define USAGE_PSK_SLOT "" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT -#else -#define USAGE_PSK "" -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -#define USAGE_CA_CALLBACK \ - " ca_callback=%%d default: 0 (disabled)\n" \ - " Enable this to use the trusted certificate callback function\n" -#else -#define USAGE_CA_CALLBACK "" -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -#define USAGE_TICKETS \ - " tickets=%%d default: 1 (enabled)\n" -#else -#define USAGE_TICKETS "" -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -#define USAGE_TRUNC_HMAC \ - " trunc_hmac=%%d default: library default\n" -#else -#define USAGE_TRUNC_HMAC "" -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -#define USAGE_MAX_FRAG_LEN \ - " max_frag_len=%%d default: 16384 (tls default)\n" \ - " options: 512, 1024, 2048, 4096\n" -#else -#define USAGE_MAX_FRAG_LEN "" -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -#define USAGE_RECSPLIT \ - " recsplit=0/1 default: (library default: on)\n" -#else -#define USAGE_RECSPLIT -#endif - -#if defined(MBEDTLS_DHM_C) -#define USAGE_DHMLEN \ - " dhmlen=%%d default: (library default: 1024 bits)\n" -#else -#define USAGE_DHMLEN -#endif - -#if defined(MBEDTLS_SSL_ALPN) -#define USAGE_ALPN \ - " alpn=%%s default: \"\" (disabled)\n" \ - " example: spdy/1,http/1.1\n" -#else -#define USAGE_ALPN "" -#endif /* MBEDTLS_SSL_ALPN */ - -#if defined(MBEDTLS_ECP_C) -#define USAGE_CURVES \ - " curves=a,b,c,d default: \"default\" (library default)\n" \ - " example: \"secp521r1,brainpoolP512r1\"\n" \ - " - use \"none\" for empty list\n" \ - " - see mbedtls_ecp_curve_list()\n" \ - " for acceptable curve names\n" -#else -#define USAGE_CURVES "" -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -#define USAGE_DTLS \ - " dtls=%%d default: 0 (TLS)\n" \ - " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \ - " range of DTLS handshake timeouts in millisecs\n" \ - " mtu=%%d default: (library default: unlimited)\n" \ - " dgram_packing=%%d default: 1 (allowed)\n" \ - " allow or forbid packing of multiple\n" \ - " records within a single datgram.\n" -#else -#define USAGE_DTLS "" -#endif - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) -#define USAGE_FALLBACK \ - " fallback=0/1 default: (library default: off)\n" -#else -#define USAGE_FALLBACK "" -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -#define USAGE_EMS \ - " extended_ms=0/1 default: (library default: on)\n" -#else -#define USAGE_EMS "" -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -#define USAGE_ETM \ - " etm=0/1 default: (library default: on)\n" -#else -#define USAGE_ETM "" -#endif - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -#define USAGE_RENEGO \ - " renegotiation=%%d default: 0 (disabled)\n" \ - " renegotiate=%%d default: 0 (disabled)\n" -#else -#define USAGE_RENEGO "" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#define USAGE_ECJPAKE \ - " ecjpake_pw=%%s default: none (disabled)\n" -#else -#define USAGE_ECJPAKE "" -#endif - -#if defined(MBEDTLS_ECP_RESTARTABLE) -#define USAGE_ECRESTART \ - " ec_max_ops=%%s default: library default (restart disabled)\n" -#else -#define USAGE_ECRESTART "" -#endif - -#define USAGE \ - "\n usage: ssl_client2 param=<>...\n" \ - "\n acceptable parameters:\n" \ - " server_name=%%s default: localhost\n" \ - " server_addr=%%s default: given by name\n" \ - " server_port=%%d default: 4433\n" \ - " request_page=%%s default: \".\"\n" \ - " request_size=%%d default: about 34 (basic request)\n" \ - " (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n" \ - " If 0, in the first exchange only an empty\n" \ - " application data message is sent followed by\n" \ - " a second non-empty message before attempting\n" \ - " to read a response from the server\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " nbio=%%d default: 0 (blocking I/O)\n" \ - " options: 1 (non-blocking), 2 (added delays)\n" \ - " event=%%d default: 0 (loop)\n" \ - " options: 1 (level-triggered, implies nbio=1),\n" \ - " read_timeout=%%d default: 0 ms (no timeout)\n" \ - " max_resend=%%d default: 0 (no resend on timeout)\n" \ - "\n" \ - USAGE_DTLS \ - "\n" \ - " auth_mode=%%s default: (library default: none)\n" \ - " options: none, optional, required\n" \ - USAGE_IO \ - USAGE_KEY_OPAQUE \ - USAGE_CA_CALLBACK \ - "\n" \ - USAGE_PSK \ - USAGE_ECJPAKE \ - USAGE_ECRESTART \ - "\n" \ - " allow_legacy=%%d default: (library default: no)\n" \ - USAGE_RENEGO \ - " exchanges=%%d default: 1\n" \ - " reconnect=%%d default: 0 (disabled)\n" \ - " reco_delay=%%d default: 0 seconds\n" \ - " reconnect_hard=%%d default: 0 (disabled)\n" \ - USAGE_TICKETS \ - USAGE_MAX_FRAG_LEN \ - USAGE_TRUNC_HMAC \ - USAGE_CONTEXT_CRT_CB \ - USAGE_ALPN \ - USAGE_FALLBACK \ - USAGE_EMS \ - USAGE_ETM \ - USAGE_CURVES \ - USAGE_RECSPLIT \ - USAGE_DHMLEN \ - "\n" \ - " arc4=%%d default: (library default: 0)\n" \ - " allow_sha1=%%d default: 0\n" \ - " min_version=%%s default: (library default: tls1)\n" \ - " max_version=%%s default: (library default: tls1_2)\n" \ - " force_version=%%s default: \"\" (none)\n" \ - " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ - "\n" \ - " force_ciphersuite= default: all enabled\n"\ - " query_config= return 0 if the specified\n" \ - " configuration macro is defined and 1\n" \ - " otherwise. The expansion of the macro\n" \ - " is printed if it is defined\n" \ - " acceptable ciphersuite names:\n" - -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *server_name; /* hostname of the server (client only) */ - const char *server_addr; /* address of the server (client only) */ - const char *server_port; /* port on which the ssl service runs */ - int debug_level; /* level of debugging */ - int nbio; /* should I/O be blocking? */ - int event; /* loop or event-driven IO? level or edge triggered? */ - uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */ - int max_resend; /* DTLS times to resend on read timeout */ - const char *request_page; /* page on server to request */ - int request_size; /* pad request with header to requested size */ - const char *ca_file; /* the file with the CA certificate(s) */ - const char *ca_path; /* the path with the CA certificate(s) reside */ - const char *crt_file; /* the file with the client certificate */ - const char *key_file; /* the file with the client key */ - int key_opaque; /* handle private key as if it were opaque */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - int psk_opaque; -#endif -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - int ca_callback; /* Use callback for trusted certificate list */ -#endif - const char *psk; /* the pre-shared key */ - const char *psk_identity; /* the pre-shared key identity */ - const char *ecjpake_pw; /* the EC J-PAKE password */ - int ec_max_ops; /* EC consecutive operations limit */ - int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ - int renegotiation; /* enable / disable renegotiation */ - int allow_legacy; /* allow legacy renegotiation */ - int renegotiate; /* attempt renegotiation? */ - int renego_delay; /* delay before enforcing renegotiation */ - int exchanges; /* number of data exchanges */ - int min_version; /* minimum protocol version accepted */ - int max_version; /* maximum protocol version accepted */ - int arc4; /* flag for arc4 suites support */ - int allow_sha1; /* flag for SHA-1 support */ - int auth_mode; /* verify mode for connection */ - unsigned char mfl_code; /* code for maximum fragment length */ - int trunc_hmac; /* negotiate truncated hmac or not */ - int recsplit; /* enable record splitting? */ - int dhmlen; /* minimum DHM params len in bits */ - int reconnect; /* attempt to resume session */ - int reco_delay; /* delay in seconds before resuming session */ - int reconnect_hard; /* unexpectedly reconnect from the same port */ - int tickets; /* enable / disable session tickets */ - const char *curves; /* list of supported elliptic curves */ - const char *alpn_string; /* ALPN supported protocols */ - int transport; /* TLS or DTLS? */ - uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ - uint32_t hs_to_max; /* Max value of DTLS handshake timer */ - int dtls_mtu; /* UDP Maximum tranport unit for DTLS */ - int fallback; /* is this a fallback connection? */ - int dgram_packing; /* allow/forbid datagram packing */ - int extended_ms; /* negotiate extended master secret? */ - int etm; /* negotiate encrypt then mac? */ - int context_crt_cb; /* use context-specific CRT verify callback */ -} opt; - -int query_config( const char *config ); - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - const char *p, *basename; - - /* Extract basename from file */ - for( p = basename = file; *p != '\0'; p++ ) - if( *p == '/' || *p == '\\' ) - basename = p + 1; - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", - basename, line, level, str ); - fflush( (FILE *) ctx ); -} - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ) -{ - int ret = 0; - mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; - mbedtls_x509_crt *first; - - /* This is a test-only implementation of the CA callback - * which always returns the entire list of trusted certificates. - * Production implementations managing a large number of CAs - * should use an efficient presentation and lookup for the - * set of trusted certificates (such as a hashtable) and only - * return those trusted certificates which satisfy basic - * parental checks, such as the matching of child `Issuer` - * and parent `Subject` field or matching key identifiers. */ - ((void) child); - - first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( first == NULL ) - { - ret = -1; - goto exit; - } - mbedtls_x509_crt_init( first ); - - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { - ret = -1; - goto exit; - } - - while( ca->next != NULL ) - { - ca = ca->next; - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { - ret = -1; - goto exit; - } - } - -exit: - - if( ret != 0 ) - { - mbedtls_x509_crt_free( first ); - mbedtls_free( first ); - first = NULL; - } - - *candidates = first; - return( ret ); -} -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -/* - * Test recv/send functions that make sure each try returns - * WANT_READ/WANT_WRITE at least once before sucesseding - */ -static int my_recv( void *ctx, unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_READ ); - } - - ret = mbedtls_net_recv( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_READ ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -static int my_send( void *ctx, const unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_WRITE ); - } - - ret = mbedtls_net_send( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -static unsigned char peer_crt_info[1024]; - -/* - * Enabled if debug_level > 1 in code below - */ -static int my_verify( void *data, mbedtls_x509_crt *crt, - int depth, uint32_t *flags ) -{ - char buf[1024]; - ((void) data); - - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - if( depth == 0 ) - memcpy( peer_crt_info, buf, sizeof( buf ) ); - - if( opt.debug_level == 0 ) - return( 0 ); - - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); - mbedtls_printf( "%s", buf ); - - if ( ( *flags ) == 0 ) - mbedtls_printf( " This certificate has no flags\n" ); - else - { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); - mbedtls_printf( "%s\n", buf ); - } - - return( 0 ); -} - -static int ssl_sig_hashes_for_test[] = { -#if defined(MBEDTLS_SHA512_C) - MBEDTLS_MD_SHA512, - MBEDTLS_MD_SHA384, -#endif -#if defined(MBEDTLS_SHA256_C) - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA224, -#endif -#if defined(MBEDTLS_SHA1_C) - /* Allow SHA-1 as we use it extensively in tests. */ - MBEDTLS_MD_SHA1, -#endif - MBEDTLS_MD_NONE -}; -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/* - * Wait for an event from the underlying transport or the timer - * (Used in event-driven IO mode). - */ -#if !defined(MBEDTLS_TIMING_C) -int idle( mbedtls_net_context *fd, - int idle_reason ) -#else -int idle( mbedtls_net_context *fd, - mbedtls_timing_delay_context *timer, - int idle_reason ) -#endif -{ - - int ret; - int poll_type = 0; - - if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE ) - poll_type = MBEDTLS_NET_POLL_WRITE; - else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ ) - poll_type = MBEDTLS_NET_POLL_READ; -#if !defined(MBEDTLS_TIMING_C) - else - return( 0 ); -#endif - - while( 1 ) - { - /* Check if timer has expired */ -#if defined(MBEDTLS_TIMING_C) - if( timer != NULL && - mbedtls_timing_get_delay( timer ) == 2 ) - { - break; - } -#endif /* MBEDTLS_TIMING_C */ - - /* Check if underlying transport became available */ - if( poll_type != 0 ) - { - ret = mbedtls_net_poll( fd, poll_type, 0 ); - if( ret < 0 ) - return( ret ); - if( ret == poll_type ) - break; - } - } - - return( 0 ); -} - -int main( int argc, char *argv[] ) -{ - int ret = 0, len, tail_len, i, written, frags, retry_left; - mbedtls_net_context server_fd; - - unsigned char buf[MAX_REQUEST_SIZE + 1]; - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - unsigned char psk[MBEDTLS_PSK_MAX_LEN]; - size_t psk_len = 0; -#endif -#if defined(MBEDTLS_SSL_ALPN) - const char *alpn_list[ALPN_LIST_SIZE]; -#endif -#if defined(MBEDTLS_ECP_C) - mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; - const mbedtls_ecp_curve_info *curve_cur; -#endif - - const char *pers = "ssl_client2"; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t slot = 0; - psa_algorithm_t alg = 0; - psa_key_policy_t policy; - psa_status_t status; -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; -#endif - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_ssl_session saved_session; -#if defined(MBEDTLS_TIMING_C) - mbedtls_timing_delay_context timer; -#endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - uint32_t flags; - mbedtls_x509_crt cacert; - mbedtls_x509_crt clicert; - mbedtls_pk_context pkey; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t key_slot = 0; /* invalid key slot */ -#endif -#endif - char *p, *q; - const int *list; - - /* - * Make sure memory references are valid. - */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) ); - mbedtls_ctr_drbg_init( &ctr_drbg ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pkey ); -#endif -#if defined(MBEDTLS_SSL_ALPN) - memset( (void * ) alpn_list, 0, sizeof( alpn_list ) ); -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", - (int) status ); - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } -#endif - - if( argc == 0 ) - { - usage: - if( ret == 0 ) - ret = 1; - - mbedtls_printf( USAGE ); - - list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); - list++; - if( !*list ) - break; - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); - list++; - } - mbedtls_printf("\n"); - goto exit; - } - - opt.server_name = DFL_SERVER_NAME; - opt.server_addr = DFL_SERVER_ADDR; - opt.server_port = DFL_SERVER_PORT; - opt.debug_level = DFL_DEBUG_LEVEL; - opt.nbio = DFL_NBIO; - opt.event = DFL_EVENT; - opt.context_crt_cb = DFL_CONTEXT_CRT_CB; - opt.read_timeout = DFL_READ_TIMEOUT; - opt.max_resend = DFL_MAX_RESEND; - opt.request_page = DFL_REQUEST_PAGE; - opt.request_size = DFL_REQUEST_SIZE; - opt.ca_file = DFL_CA_FILE; - opt.ca_path = DFL_CA_PATH; - opt.crt_file = DFL_CRT_FILE; - opt.key_file = DFL_KEY_FILE; - opt.key_opaque = DFL_KEY_OPAQUE; - opt.psk = DFL_PSK; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - opt.psk_opaque = DFL_PSK_OPAQUE; -#endif -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - opt.ca_callback = DFL_CA_CALLBACK; -#endif - opt.psk_identity = DFL_PSK_IDENTITY; - opt.ecjpake_pw = DFL_ECJPAKE_PW; - opt.ec_max_ops = DFL_EC_MAX_OPS; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; - opt.renegotiation = DFL_RENEGOTIATION; - opt.allow_legacy = DFL_ALLOW_LEGACY; - opt.renegotiate = DFL_RENEGOTIATE; - opt.exchanges = DFL_EXCHANGES; - opt.min_version = DFL_MIN_VERSION; - opt.max_version = DFL_MAX_VERSION; - opt.arc4 = DFL_ARC4; - opt.allow_sha1 = DFL_SHA1; - opt.auth_mode = DFL_AUTH_MODE; - opt.mfl_code = DFL_MFL_CODE; - opt.trunc_hmac = DFL_TRUNC_HMAC; - opt.recsplit = DFL_RECSPLIT; - opt.dhmlen = DFL_DHMLEN; - opt.reconnect = DFL_RECONNECT; - opt.reco_delay = DFL_RECO_DELAY; - opt.reconnect_hard = DFL_RECONNECT_HARD; - opt.tickets = DFL_TICKETS; - opt.alpn_string = DFL_ALPN_STRING; - opt.curves = DFL_CURVES; - opt.transport = DFL_TRANSPORT; - opt.hs_to_min = DFL_HS_TO_MIN; - opt.hs_to_max = DFL_HS_TO_MAX; - opt.dtls_mtu = DFL_DTLS_MTU; - opt.fallback = DFL_FALLBACK; - opt.extended_ms = DFL_EXTENDED_MS; - opt.etm = DFL_ETM; - opt.dgram_packing = DFL_DGRAM_PACKING; - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "server_name" ) == 0 ) - opt.server_name = q; - else if( strcmp( p, "server_addr" ) == 0 ) - opt.server_addr = q; - else if( strcmp( p, "server_port" ) == 0 ) - opt.server_port = q; - else if( strcmp( p, "dtls" ) == 0 ) - { - int t = atoi( q ); - if( t == 0 ) - opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; - else if( t == 1 ) - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - else - goto usage; - } - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) - goto usage; - } - else if( strcmp( p, "context_crt_cb" ) == 0 ) - { - opt.context_crt_cb = atoi( q ); - if( opt.context_crt_cb != 0 && opt.context_crt_cb != 1 ) - goto usage; - } - else if( strcmp( p, "nbio" ) == 0 ) - { - opt.nbio = atoi( q ); - if( opt.nbio < 0 || opt.nbio > 2 ) - goto usage; - } - else if( strcmp( p, "event" ) == 0 ) - { - opt.event = atoi( q ); - if( opt.event < 0 || opt.event > 2 ) - goto usage; - } - else if( strcmp( p, "read_timeout" ) == 0 ) - opt.read_timeout = atoi( q ); - else if( strcmp( p, "max_resend" ) == 0 ) - { - opt.max_resend = atoi( q ); - if( opt.max_resend < 0 ) - goto usage; - } - else if( strcmp( p, "request_page" ) == 0 ) - opt.request_page = q; - else if( strcmp( p, "request_size" ) == 0 ) - { - opt.request_size = atoi( q ); - if( opt.request_size < 0 || - opt.request_size > MAX_REQUEST_SIZE ) - goto usage; - } - else if( strcmp( p, "ca_file" ) == 0 ) - opt.ca_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) - opt.ca_path = q; - else if( strcmp( p, "crt_file" ) == 0 ) - opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) - opt.key_file = q; -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) - else if( strcmp( p, "key_opaque" ) == 0 ) - opt.key_opaque = atoi( q ); -#endif - else if( strcmp( p, "psk" ) == 0 ) - opt.psk = q; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_opaque" ) == 0 ) - opt.psk_opaque = atoi( q ); -#endif -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - else if( strcmp( p, "ca_callback" ) == 0) - opt.ca_callback = atoi( q ); -#endif - else if( strcmp( p, "psk_identity" ) == 0 ) - opt.psk_identity = q; - else if( strcmp( p, "ecjpake_pw" ) == 0 ) - opt.ecjpake_pw = q; - else if( strcmp( p, "ec_max_ops" ) == 0 ) - opt.ec_max_ops = atoi( q ); - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); - - if( opt.force_ciphersuite[0] == 0 ) - { - ret = 2; - goto usage; - } - opt.force_ciphersuite[1] = 0; - } - else if( strcmp( p, "renegotiation" ) == 0 ) - { - opt.renegotiation = (atoi( q )) ? - MBEDTLS_SSL_RENEGOTIATION_ENABLED : - MBEDTLS_SSL_RENEGOTIATION_DISABLED; - } - else if( strcmp( p, "allow_legacy" ) == 0 ) - { - switch( atoi( q ) ) - { - case -1: - opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; - break; - case 0: - opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; - break; - case 1: - opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; - break; - default: goto usage; - } - } - else if( strcmp( p, "renegotiate" ) == 0 ) - { - opt.renegotiate = atoi( q ); - if( opt.renegotiate < 0 || opt.renegotiate > 1 ) - goto usage; - } - else if( strcmp( p, "exchanges" ) == 0 ) - { - opt.exchanges = atoi( q ); - if( opt.exchanges < 1 ) - goto usage; - } - else if( strcmp( p, "reconnect" ) == 0 ) - { - opt.reconnect = atoi( q ); - if( opt.reconnect < 0 || opt.reconnect > 2 ) - goto usage; - } - else if( strcmp( p, "reco_delay" ) == 0 ) - { - opt.reco_delay = atoi( q ); - if( opt.reco_delay < 0 ) - goto usage; - } - else if( strcmp( p, "reconnect_hard" ) == 0 ) - { - opt.reconnect_hard = atoi( q ); - if( opt.reconnect_hard < 0 || opt.reconnect_hard > 1 ) - goto usage; - } - else if( strcmp( p, "tickets" ) == 0 ) - { - opt.tickets = atoi( q ); - if( opt.tickets < 0 || opt.tickets > 2 ) - goto usage; - } - else if( strcmp( p, "alpn" ) == 0 ) - { - opt.alpn_string = q; - } - else if( strcmp( p, "fallback" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break; - case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break; - default: goto usage; - } - } - else if( strcmp( p, "extended_ms" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: - opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; - break; - case 1: - opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; - break; - default: goto usage; - } - } - else if( strcmp( p, "curves" ) == 0 ) - opt.curves = q; - else if( strcmp( p, "etm" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; - case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; - default: goto usage; - } - } - else if( strcmp( p, "min_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - else - goto usage; - } - else if( strcmp( p, "max_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - else - goto usage; - } - else if( strcmp( p, "arc4" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; - case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; - default: goto usage; - } - } - else if( strcmp( p, "allow_sha1" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.allow_sha1 = 0; break; - case 1: opt.allow_sha1 = 1; break; - default: goto usage; - } - } - else if( strcmp( p, "force_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - } - else if( strcmp( q, "tls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls1_2" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - } - else if( strcmp( q, "dtls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else if( strcmp( q, "dtls1_2" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else - goto usage; - } - else if( strcmp( p, "auth_mode" ) == 0 ) - { - if( strcmp( q, "none" ) == 0 ) - opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE; - else if( strcmp( q, "optional" ) == 0 ) - opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if( strcmp( q, "required" ) == 0 ) - opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; - else - goto usage; - } - else if( strcmp( p, "max_frag_len" ) == 0 ) - { - if( strcmp( q, "512" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; - else if( strcmp( q, "1024" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; - else if( strcmp( q, "2048" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; - else if( strcmp( q, "4096" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; - else - goto usage; - } - else if( strcmp( p, "trunc_hmac" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; - case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; - default: goto usage; - } - } - else if( strcmp( p, "hs_timeout" ) == 0 ) - { - if( ( p = strchr( q, '-' ) ) == NULL ) - goto usage; - *p++ = '\0'; - opt.hs_to_min = atoi( q ); - opt.hs_to_max = atoi( p ); - if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) - goto usage; - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.dtls_mtu = atoi( q ); - if( opt.dtls_mtu < 0 ) - goto usage; - } - else if( strcmp( p, "dgram_packing" ) == 0 ) - { - opt.dgram_packing = atoi( q ); - if( opt.dgram_packing != 0 && - opt.dgram_packing != 1 ) - { - goto usage; - } - } - else if( strcmp( p, "recsplit" ) == 0 ) - { - opt.recsplit = atoi( q ); - if( opt.recsplit < 0 || opt.recsplit > 1 ) - goto usage; - } - else if( strcmp( p, "dhmlen" ) == 0 ) - { - opt.dhmlen = atoi( q ); - if( opt.dhmlen < 0 ) - goto usage; - } - else if( strcmp( p, "query_config" ) == 0 ) - { - return query_config( q ); - } - else - goto usage; - } - - /* Event-driven IO is incompatible with the above custom - * receive and send functions, as the polling builds on - * refers to the underlying net_context. */ - if( opt.event == 1 && opt.nbio != 1 ) - { - mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); - opt.nbio = 1; - } - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* - * Unhexify the pre-shared key if any is given - */ - if( strlen( opt.psk ) ) - { - unsigned char c; - size_t j; - - if( strlen( opt.psk ) % 2 != 0 ) - { - mbedtls_printf( "pre-shared key not valid hex\n" ); - goto exit; - } - - psk_len = strlen( opt.psk ) / 2; - - for( j = 0; j < strlen( opt.psk ); j += 2 ) - { - c = opt.psk[j]; - if( c >= '0' && c <= '9' ) - c -= '0'; - else if( c >= 'a' && c <= 'f' ) - c -= 'a' - 10; - else if( c >= 'A' && c <= 'F' ) - c -= 'A' - 10; - else - { - mbedtls_printf( "pre-shared key not valid hex\n" ); - goto exit; - } - psk[ j / 2 ] = c << 4; - - c = opt.psk[j + 1]; - if( c >= '0' && c <= '9' ) - c -= '0'; - else if( c >= 'a' && c <= 'f' ) - c -= 'a' - 10; - else if( c >= 'A' && c <= 'F' ) - c -= 'A' - 10; - else - { - mbedtls_printf( "pre-shared key not valid hex\n" ); - goto exit; - } - psk[ j / 2 ] |= c; - } - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - if( opt.psk == NULL ) - { - mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); - ret = 2; - goto usage; - } - - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - if( opt.force_ciphersuite[0] > 0 ) - { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); - - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); - ret = 2; - goto usage; - } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); - ret = 2; - goto usage; - } - - /* If the server selects a version that's not supported by - * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { - opt.max_version = ciphersuite_info->max_minor_ver; - } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { - opt.min_version = ciphersuite_info->min_minor_ver; - /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - - /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { - mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" ); - ret = 2; - goto usage; - } - - opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - /* Ensure that the chosen ciphersuite is PSK-only; we must know - * the ciphersuite in advance to set the correct policy for the - * PSK key slot. This limitation might go away in the future. */ - if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || - opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - - /* Determine KDF algorithm the opaque PSK will be used in. */ -#if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else -#endif /* MBEDTLS_SHA512_C */ - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - } - -#if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL ) - { - p = (char *) opt.curves; - i = 0; - - if( strcmp( p, "none" ) == 0 ) - { - curve_list[0] = MBEDTLS_ECP_DP_NONE; - } - else if( strcmp( p, "default" ) != 0 ) - { - /* Leave room for a final NULL in curve list */ - while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - q = p; - - /* Terminate the current string */ - while( *p != ',' && *p != '\0' ) - p++; - if( *p == ',' ) - *p++ = '\0'; - - if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) - { - curve_list[i++] = curve_cur->grp_id; - } - else - { - mbedtls_printf( "unknown curve %s\n", q ); - mbedtls_printf( "supported curves: " ); - for( curve_cur = mbedtls_ecp_curve_list(); - curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++ ) - { - mbedtls_printf( "%s ", curve_cur->name ); - } - mbedtls_printf( "\n" ); - goto exit; - } - } - - mbedtls_printf("Number of curves: %d\n", i ); - - if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - mbedtls_printf( "curves list too long, maximum %d", - CURVE_LIST_SIZE - 1 ); - goto exit; - } - - curve_list[i] = MBEDTLS_ECP_DP_NONE; - } - } -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - p = (char *) opt.alpn_string; - i = 0; - - /* Leave room for a final NULL in alpn_list */ - while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) - { - alpn_list[i++] = p; - - /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) - p++; - if( *p == ',' ) - *p++ = '\0'; - } - } -#endif /* MBEDTLS_SSL_ALPN */ - - /* - * 0. Initialize the RNG and the session data - */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* - * 1.1. Load the trusted CA - */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_path ) ) - if( strcmp( opt.ca_path, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); - else if( strlen( opt.ca_file ) ) - if( strcmp( opt.ca_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else -#endif -#if defined(MBEDTLS_CERTS_C) - for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse( &cacert, - (const unsigned char *) mbedtls_test_cas[i], - mbedtls_test_cas_len[i] ); - if( ret != 0 ) - break; - } -#else - { - ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); - } -#endif - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok (%d skipped)\n", ret ); - - /* - * 1.2. Load own certificate and private key - * - * (can be skipped if client authentication is not required) - */ - mbedtls_printf( " . Loading the client cert. and key..." ); - fflush( stdout ); - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) ) - if( strcmp( opt.crt_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); - else -#endif -#if defined(MBEDTLS_CERTS_C) - ret = mbedtls_x509_crt_parse( &clicert, - (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); -#else - { - ret = 1; - mbedtls_printf("MBEDTLS_CERTS_C not defined."); - } -#endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - -ret ); - goto exit; - } - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.key_file ) ) - if( strcmp( opt.key_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); - else -#endif -#if defined(MBEDTLS_CERTS_C) - ret = mbedtls_pk_parse_key( &pkey, - (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); -#else - { - ret = 1; - mbedtls_printf("MBEDTLS_CERTS_C not defined."); - } -#endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", - -ret ); - goto exit; - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.key_opaque != 0 ) - { - if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, - PSA_ALG_SHA_256 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret ); - goto exit; - } - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - /* - * 2. Start the connection - */ - if( opt.server_addr == NULL) - opt.server_addr = opt.server_name; - - mbedtls_printf( " . Connecting to %s/%s/%s...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr, opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - -ret ); - goto exit; - } - - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff - */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - opt.transport, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", - -ret ); - goto exit; - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* The default algorithms profile disables SHA-1, but our tests still - rely on it heavily. */ - if( opt.allow_sha1 > 0 ) - { - crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); - mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); - mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); - } - - if( opt.context_crt_cb == 0 ) - mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); - - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( opt.auth_mode != DFL_AUTH_MODE ) - mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, - opt.hs_to_max ); - - if( opt.dgram_packing != DFL_DGRAM_PACKING ) - mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", - ret ); - goto exit; - } -#endif - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( opt.extended_ms != DFL_EXTENDED_MS ) - mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( opt.etm != DFL_ETM ) - mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); -#endif - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( opt.recsplit != DFL_RECSPLIT ) - mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit - ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED - : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); -#endif - -#if defined(MBEDTLS_DHM_C) - if( opt.dhmlen != DFL_DHMLEN ) - mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen ); -#endif - -#if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", - ret ); - goto exit; - } -#endif - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ); -#endif - - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); - -#if defined(MBEDTLS_ARC4_C) - if( opt.arc4 != DFL_ARC4 ) - mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); -#endif - - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); -#if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( opt.ca_path, "none" ) != 0 && - strcmp( opt.ca_file, "none" ) != 0 ) - { -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( opt.ca_callback != 0 ) - mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert ); - else -#endif - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - } - if( strcmp( opt.crt_file, "none" ) != 0 && - strcmp( opt.key_file, "none" ) != 0 ) - { - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", - ret ); - goto exit; - } - } -#endif - -#if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL && - strcmp( opt.curves, "default" ) != 0 ) - { - mbedtls_ssl_conf_curves( &conf, curve_list ); - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - /* The algorithm has already been determined earlier. */ - status = psa_allocate_key( &slot ); - if( status != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - - status = psa_set_key_policy( slot, &policy ); - if( status != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - - status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); - if( status != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", - ret ); - goto exit; - } - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", - ret ); - goto exit; - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - - if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.min_version ); - - if( opt.max_version != DFL_MAX_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.max_version ); - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( opt.fallback != DFL_FALLBACK ) - mbedtls_ssl_conf_fallback( &conf, opt.fallback ); -#endif - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", - -ret ); - goto exit; - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", - ret ); - goto exit; - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) - { - if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, - (const unsigned char *) opt.ecjpake_pw, - strlen( opt.ecjpake_pw ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", - ret ); - goto exit; - } - } -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( opt.context_crt_cb == 1 ) - mbedtls_ssl_set_verify( &ssl, my_verify, NULL ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( opt.nbio == 2 ) - mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv, NULL ); - else - mbedtls_ssl_set_bio( &ssl, &server_fd, - mbedtls_net_send, mbedtls_net_recv, - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.dtls_mtu != DFL_DTLS_MTU ) - mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); -#endif - -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); -#endif - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( opt.ec_max_ops != DFL_EC_MAX_OPS ) - mbedtls_ecp_set_max_ops( opt.ec_max_ops ); -#endif - - mbedtls_printf( " ok\n" ); - - /* - * 4. Handshake - */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n", - -ret ); - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) - mbedtls_printf( - " Unable to verify the server's certificate. " - "Either it is invalid,\n" - " or you didn't set ca_file or ca_path " - "to an appropriate value.\n" - " Alternatively, you may want to use " - "auth_mode=optional for testing purposes.\n" ); - mbedtls_printf( "\n" ); - goto exit; - } - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - continue; -#endif - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - ret = idle( &server_fd, &timer, ret ); -#else - ret = idle( &server_fd, ret ); -#endif - if( ret != 0 ) - goto exit; - } - } - - mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_version( &ssl ), - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) - mbedtls_printf( " [ Record expansion is %d ]\n", ret ); - else - mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_max_frag_len( &ssl ) ); -#endif - -#if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); - mbedtls_printf( " [ Application Layer Protocol is %s ]\n", - alp ? alp : "(none)" ); - } -#endif - - if( opt.reconnect != 0 ) - { - mbedtls_printf(" . Saving session for reuse..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* - * 5. Verify the server certificate - */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); - - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), - " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - mbedtls_printf( " ok\n" ); - - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_printf( "%s\n", peer_crt_info ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( opt.renegotiate ) - { - /* - * Perform renegotiation (this must be done when the server is waiting - * for input from our side). - */ - mbedtls_printf( " . Performing renegotiation..." ); - fflush( stdout ); - while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", - ret ); - goto exit; - } - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - continue; -#endif - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); -#else - idle( &server_fd, ret ); -#endif - } - - } - mbedtls_printf( " ok\n" ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - /* - * 6. Write the GET request - */ - retry_left = opt.max_resend; -send_request: - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); - - len = mbedtls_snprintf( (char *) buf, sizeof( buf ) - 1, GET_REQUEST, - opt.request_page ); - tail_len = (int) strlen( GET_REQUEST_END ); - - /* Add padding to GET request to reach opt.request_size in length */ - if( opt.request_size != DFL_REQUEST_SIZE && - len + tail_len < opt.request_size ) - { - memset( buf + len, 'A', opt.request_size - len - tail_len ); - len += opt.request_size - len - tail_len; - } - - strncpy( (char *) buf + len, GET_REQUEST_END, sizeof( buf ) - len - 1 ); - len += tail_len; - - /* Truncate if request size is smaller than the "natural" size */ - if( opt.request_size != DFL_REQUEST_SIZE && - len > opt.request_size ) - { - len = opt.request_size; - - /* Still end with \r\n unless that's really not possible */ - if( len >= 2 ) buf[len - 2] = '\r'; - if( len >= 1 ) buf[len - 1] = '\n'; - } - - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - written = 0; - frags = 0; - - do - { - while( ( ret = mbedtls_ssl_write( &ssl, buf + written, - len - written ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n", - -ret ); - goto exit; - } - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); -#else - idle( &server_fd, ret ); -#endif - } - } - - frags++; - written += ret; - } - while( written < len ); - } - else /* Not stream, so datagram */ - { - while( 1 ) - { - ret = mbedtls_ssl_write( &ssl, buf, len ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - continue; -#endif - - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - break; - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); -#else - idle( &server_fd, ret ); -#endif - } - } - - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", - ret ); - goto exit; - } - - frags = 1; - written = ret; - - if( written < len ) - { - mbedtls_printf( " warning\n ! request didn't fit into single datagram and " - "was truncated to size %u", (unsigned) written ); - } - } - - buf[written] = '\0'; - mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", - written, frags, (char *) buf ); - - /* Send a non-empty request if request_size == 0 */ - if ( len == 0 ) - { - opt.request_size = DFL_REQUEST_SIZE; - goto send_request; - } - - /* - * 7. Read the HTTP response - */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); - - /* - * TLS and DTLS need different reading styles (stream vs datagram) - */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - continue; -#endif - - if( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - { - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); -#else - idle( &server_fd, ret ); -#endif - } - continue; - } - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - ret = 0; - goto close_notify; - - case 0: - case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); - ret = 0; - goto reconnect; - - default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", - -ret ); - goto exit; - } - } - - len = ret; - buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - - /* End of message should be detected according to the syntax of the - * application protocol (eg HTTP), just use a dummy test here. */ - if( ret > 0 && buf[len-1] == '\n' ) - { - ret = 0; - break; - } - } - while( 1 ); - } - else /* Not stream, so datagram */ - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - - while( 1 ) - { - ret = mbedtls_ssl_read( &ssl, buf, len ); - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - continue; -#endif - - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - break; - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); -#else - idle( &server_fd, ret ); -#endif - } - } - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_TIMEOUT: - mbedtls_printf( " timeout\n" ); - if( retry_left-- > 0 ) - goto send_request; - goto exit; - - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - ret = 0; - goto close_notify; - - default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); - goto exit; - } - } - - len = ret; - buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - ret = 0; - } - - /* - * 7b. Simulate hard reset and reconnect from same port? - */ - if( opt.reconnect_hard != 0 ) - { - opt.reconnect_hard = 0; - - mbedtls_printf( " . Restarting connection from same port..." ); - fflush( stdout ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", - -ret ); - goto exit; - } - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", - -ret ); - goto exit; - } - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); -#else - idle( &server_fd, ret ); -#endif - } - } - - mbedtls_printf( " ok\n" ); - - goto send_request; - } - - /* - * 7c. Continue doing data exchanges? - */ - if( --opt.exchanges > 0 ) - goto send_request; - - /* - * 8. Done, cleanly close the connection - */ -close_notify: - mbedtls_printf( " . Closing the connection..." ); - fflush( stdout ); - - /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - ret = 0; - - mbedtls_printf( " done\n" ); - - /* - * 9. Reconnect? - */ -reconnect: - if( opt.reconnect != 0 ) - { - --opt.reconnect; - - mbedtls_net_free( &server_fd ); - -#if defined(MBEDTLS_TIMING_C) - if( opt.reco_delay > 0 ) - mbedtls_net_usleep( 1000000 * opt.reco_delay ); -#endif - - mbedtls_printf( " . Reconnecting with saved session..." ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", - -ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session returned %d\n\n", - ret ); - goto exit; - } - - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - -ret ); - goto exit; - } - - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - -ret ); - goto exit; - } - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", - -ret ); - goto exit; - } - } - - mbedtls_printf( " ok\n" ); - - goto send_request; - } - - /* - * Cleanup and exit - */ -exit: -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); - } -#endif - - mbedtls_net_free( &server_fd ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &clicert ); - mbedtls_x509_crt_free( &cacert ); - mbedtls_pk_free( &pkey ); -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( key_slot ); -#endif -#endif - mbedtls_ssl_session_free( &saved_session ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ - defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - /* This is ok even if the slot hasn't been - * initialized (we might have jumed here - * immediately because of bad cmd line params, - * for example). */ - status = psa_destroy_key( slot ); - if( status != PSA_SUCCESS ) - { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) slot, (int) status ); - if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - } - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && - MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - // Shell can not handle large exit numbers -> 1 for errors - if( ret < 0 ) - ret = 1; - - return( ret ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && - MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && - MBEDTLS_CTR_DRBG_C MBEDTLS_TIMING_C */ diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c deleted file mode 100644 index b6f1cc4fd..000000000 --- a/programs/ssl/ssl_fork_server.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * SSL server demonstration program using fork() for handling multiple clients - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ - !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - return( 0 ); -} -#elif defined(_WIN32) -int main( void ) -{ - mbedtls_printf("_WIN32 defined. This application requires fork() and signals " - "to work correctly.\n"); - return( 0 ); -} -#else - -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" -#include "mbedtls/ssl.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/timing.h" - -#include -#include - -#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) -#include -#endif - -#define HTTP_RESPONSE \ - "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ - "

Successful connection using: %s

\r\n" - -#define DEBUG_LEVEL 0 - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -int main( void ) -{ - int ret = 1, len, cnt = 0, pid; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_net_context listen_fd, client_fd; - unsigned char buf[1024]; - const char *pers = "ssl_fork_server"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt srvcert; - mbedtls_pk_context pkey; - - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pkey ); - mbedtls_x509_crt_init( &srvcert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - signal( SIGCHLD, SIG_IGN ); - - /* - * 0. Initial seeding of the RNG - */ - mbedtls_printf( "\n . Initial seeding of the random generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1. Load the certificates and private RSA key - */ - mbedtls_printf( " . Loading the server cert. and key..." ); - fflush( stdout ); - - /* - * This demonstration program uses embedded test certificates. - * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the - * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). - */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1b. Prepare SSL configuration - */ - mbedtls_printf( " . Configuring SSL..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 2. Setup the listening TCP socket - */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - while( 1 ) - { - /* - * 3. Wait until a client connects - */ - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - - mbedtls_printf( " . Waiting for a remote connection ...\n" ); - fflush( stdout ); - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_net_accept returned %d\n\n", ret ); - goto exit; - } - - /* - * 3.5. Forking server thread - */ - - mbedtls_printf( " . Forking to handle connection ..." ); - fflush( stdout ); - - pid = fork(); - - if( pid < 0 ) - { - mbedtls_printf(" failed! fork returned %d\n\n", pid ); - goto exit; - } - - if( pid != 0 ) - { - mbedtls_printf( " ok\n" ); - - if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, - (const unsigned char *) "parent", - 6 ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret ); - goto exit; - } - - continue; - } - - mbedtls_net_init( &listen_fd ); - - pid = getpid(); - - /* - * 4. Setup stuff - */ - mbedtls_printf( "pid %d: Setting up the SSL data.\n", pid ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, - (const unsigned char *) "child", - 5 ) ) != 0 ) - { - mbedtls_printf( - "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n", - pid, ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( - "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n", - pid, ret ); - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - mbedtls_printf( "pid %d: SSL setup ok\n", pid ); - - /* - * 5. Handshake - */ - mbedtls_printf( "pid %d: Performing the SSL/TLS handshake.\n", pid ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( - "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n", - pid, ret ); - goto exit; - } - } - - mbedtls_printf( "pid %d: SSL handshake ok\n", pid ); - - /* - * 6. Read the HTTP Request - */ - mbedtls_printf( "pid %d: Start reading from client.\n", pid ); - fflush( stdout ); - - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - continue; - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( "pid %d: connection was closed gracefully\n", pid ); - break; - - case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( "pid %d: connection was reset by peer\n", pid ); - break; - - default: - mbedtls_printf( "pid %d: mbedtls_ssl_read returned %d\n", pid, ret ); - break; - } - - break; - } - - len = ret; - mbedtls_printf( "pid %d: %d bytes read\n\n%s", pid, len, (char *) buf ); - - if( ret > 0 ) - break; - } - while( 1 ); - - /* - * 7. Write the 200 Response - */ - mbedtls_printf( "pid %d: Start writing to client.\n", pid ); - fflush( stdout ); - - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - while( cnt++ < 100 ) - { - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( - "pid %d: Write failed! peer closed the connection\n\n", pid ); - goto exit; - } - - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( - "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n", - pid, ret ); - goto exit; - } - } - len = ret; - mbedtls_printf( "pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf ); - - mbedtls_net_usleep( 1000000 ); - } - - mbedtls_ssl_close_notify( &ssl ); - goto exit; - } - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && - MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && - MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C && - ! _WIN32 */ diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c deleted file mode 100644 index c73297c2a..000000000 --- a/programs/ssl/ssl_mail_client.c +++ /dev/null @@ -1,871 +0,0 @@ -/* - * SSL client for SMTP servers - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/* Enable definition of gethostname() even when compiling with -std=c99. Must - * be set before config.h, which pulls in glibc's features.h indirectly. - * Harmless on other platforms. */ -#define _POSIX_C_SOURCE 200112L - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ - !defined(MBEDTLS_FS_IO) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/base64.h" -#include "mbedtls/error.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/ssl.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" - -#include -#include - -#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) -#include -#else -#include -#endif - -#if defined(_WIN32) || defined(_WIN32_WCE) -#include -#include - -#if defined(_MSC_VER) -#if defined(_WIN32_WCE) -#pragma comment( lib, "ws2.lib" ) -#else -#pragma comment( lib, "ws2_32.lib" ) -#endif -#endif /* _MSC_VER */ -#endif - -#define DFL_SERVER_NAME "localhost" -#define DFL_SERVER_PORT "465" -#define DFL_USER_NAME "user" -#define DFL_USER_PWD "password" -#define DFL_MAIL_FROM "" -#define DFL_MAIL_TO "" -#define DFL_DEBUG_LEVEL 0 -#define DFL_CA_FILE "" -#define DFL_CRT_FILE "" -#define DFL_KEY_FILE "" -#define DFL_FORCE_CIPHER 0 -#define DFL_MODE 0 -#define DFL_AUTHENTICATION 0 - -#define MODE_SSL_TLS 0 -#define MODE_STARTTLS 0 - -#if defined(MBEDTLS_BASE64_C) -#define USAGE_AUTH \ - " authentication=%%d default: 0 (disabled)\n" \ - " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \ - " user_pwd=%%s default: \"" DFL_USER_PWD "\"\n" -#else -#define USAGE_AUTH \ - " authentication options disabled. (Require MBEDTLS_BASE64_C)\n" -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_FS_IO) -#define USAGE_IO \ - " ca_file=%%s default: \"\" (pre-loaded)\n" \ - " crt_file=%%s default: \"\" (pre-loaded)\n" \ - " key_file=%%s default: \"\" (pre-loaded)\n" -#else -#define USAGE_IO \ - " No file operations available (MBEDTLS_FS_IO not defined)\n" -#endif /* MBEDTLS_FS_IO */ - -#define USAGE \ - "\n usage: ssl_mail_client param=<>...\n" \ - "\n acceptable parameters:\n" \ - " server_name=%%s default: " DFL_SERVER_NAME "\n" \ - " server_port=%%d default: " DFL_SERVER_PORT "\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ - USAGE_AUTH \ - " mail_from=%%s default: \"\"\n" \ - " mail_to=%%s default: \"\"\n" \ - USAGE_IO \ - " force_ciphersuite= default: all enabled\n" \ - " acceptable ciphersuite names:\n" - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *server_name; /* hostname of the server (client only) */ - const char *server_port; /* port on which the ssl service runs */ - int debug_level; /* level of debugging */ - int authentication; /* if authentication is required */ - int mode; /* SSL/TLS (0) or STARTTLS (1) */ - const char *user_name; /* username to use for authentication */ - const char *user_pwd; /* password to use for authentication */ - const char *mail_from; /* E-Mail address to use as sender */ - const char *mail_to; /* E-Mail address to use as recipient */ - const char *ca_file; /* the file with the CA certificate(s) */ - const char *crt_file; /* the file with the client certificate */ - const char *key_file; /* the file with the client key */ - int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ -} opt; - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -static int do_handshake( mbedtls_ssl_context *ssl ) -{ - int ret; - uint32_t flags; - unsigned char buf[1024]; - memset(buf, 0, 1024); - - /* - * 4. Handshake - */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { -#if defined(MBEDTLS_ERROR_C) - mbedtls_strerror( ret, (char *) buf, 1024 ); -#endif - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf ); - return( -1 ); - } - } - - mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_ciphersuite( ssl ) ); - - /* - * 5. Verify the server certificate - */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); - - /* In real life, we probably want to bail out when ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - mbedtls_printf( " ok\n" ); - - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - mbedtls_ssl_get_peer_cert( ssl ) ); - mbedtls_printf( "%s\n", buf ); - - return( 0 ); -} - -static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) -{ - int ret; - - mbedtls_printf("\n%s", buf); - while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - return -1; - } - } - - return( 0 ); -} - -static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) -{ - int ret; - unsigned char data[128]; - char code[4]; - size_t i, idx = 0; - - mbedtls_printf("\n%s", buf); - while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - return -1; - } - } - - do - { - len = sizeof( data ) - 1; - memset( data, 0, sizeof( data ) ); - ret = mbedtls_ssl_read( ssl, data, len ); - - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - continue; - - if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) - return -1; - - if( ret <= 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); - return -1; - } - - mbedtls_printf("\n%s", data); - len = ret; - for( i = 0; i < len; i++ ) - { - if( data[i] != '\n' ) - { - if( idx < 4 ) - code[ idx++ ] = data[i]; - continue; - } - - if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) - { - code[3] = '\0'; - return atoi( code ); - } - - idx = 0; - } - } - while( 1 ); -} - -static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len ) -{ - int ret; - unsigned char data[128]; - char code[4]; - size_t i, idx = 0; - - mbedtls_printf("\n%s", buf); - if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - return -1; - } - - do - { - len = sizeof( data ) - 1; - memset( data, 0, sizeof( data ) ); - ret = mbedtls_net_recv( sock_fd, data, len ); - - if( ret <= 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - return -1; - } - - data[len] = '\0'; - mbedtls_printf("\n%s", data); - len = ret; - for( i = 0; i < len; i++ ) - { - if( data[i] != '\n' ) - { - if( idx < 4 ) - code[ idx++ ] = data[i]; - continue; - } - - if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) - { - code[3] = '\0'; - return atoi( code ); - } - - idx = 0; - } - } - while( 1 ); -} - -int main( int argc, char *argv[] ) -{ - int ret = 1, len; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_net_context server_fd; -#if defined(MBEDTLS_BASE64_C) - unsigned char base[1024]; - /* buf is used as the destination buffer for printing base with the format: - * "%s\r\n". Hence, the size of buf should be at least the size of base - * plus 2 bytes for the \r and \n characters. - */ - unsigned char buf[sizeof( base ) + 2]; -#else - unsigned char buf[1024]; -#endif - char hostname[32]; - const char *pers = "ssl_mail_client"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt cacert; - mbedtls_x509_crt clicert; - mbedtls_pk_context pkey; - int i; - size_t n; - char *p, *q; - const int *list; - - /* - * Make sure memory references are valid in case we exit early. - */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( &buf, 0, sizeof( buf ) ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pkey ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); - - list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); - list++; - } - mbedtls_printf("\n"); - goto exit; - } - - opt.server_name = DFL_SERVER_NAME; - opt.server_port = DFL_SERVER_PORT; - opt.debug_level = DFL_DEBUG_LEVEL; - opt.authentication = DFL_AUTHENTICATION; - opt.mode = DFL_MODE; - opt.user_name = DFL_USER_NAME; - opt.user_pwd = DFL_USER_PWD; - opt.mail_from = DFL_MAIL_FROM; - opt.mail_to = DFL_MAIL_TO; - opt.ca_file = DFL_CA_FILE; - opt.crt_file = DFL_CRT_FILE; - opt.key_file = DFL_KEY_FILE; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "server_name" ) == 0 ) - opt.server_name = q; - else if( strcmp( p, "server_port" ) == 0 ) - opt.server_port = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) - goto usage; - } - else if( strcmp( p, "authentication" ) == 0 ) - { - opt.authentication = atoi( q ); - if( opt.authentication < 0 || opt.authentication > 1 ) - goto usage; - } - else if( strcmp( p, "mode" ) == 0 ) - { - opt.mode = atoi( q ); - if( opt.mode < 0 || opt.mode > 1 ) - goto usage; - } - else if( strcmp( p, "user_name" ) == 0 ) - opt.user_name = q; - else if( strcmp( p, "user_pwd" ) == 0 ) - opt.user_pwd = q; - else if( strcmp( p, "mail_from" ) == 0 ) - opt.mail_from = q; - else if( strcmp( p, "mail_to" ) == 0 ) - opt.mail_to = q; - else if( strcmp( p, "ca_file" ) == 0 ) - opt.ca_file = q; - else if( strcmp( p, "crt_file" ) == 0 ) - opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) - opt.key_file = q; - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = -1; - - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); - - if( opt.force_ciphersuite[0] <= 0 ) - goto usage; - - opt.force_ciphersuite[1] = 0; - } - else - goto usage; - } - - /* - * 0. Initialize the RNG and the session data - */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.1. Load the trusted CA - */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else -#endif -#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); -#else - { - mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined."); - goto exit; - } -#endif - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok (%d skipped)\n", ret ); - - /* - * 1.2. Load own certificate and private key - * - * (can be skipped if client authentication is not required) - */ - mbedtls_printf( " . Loading the client cert. and key..." ); - fflush( stdout ); - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) ) - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); - else -#endif -#if defined(MBEDTLS_CERTS_C) - ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); -#else - { - mbedtls_printf("MBEDTLS_CERTS_C not defined."); - goto exit; - } -#endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); - else -#endif -#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); -#else - { - mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined."); - goto exit; - } -#endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 2. Start the connection - */ - mbedtls_printf( " . Connecting to tcp/%s/%s...", opt.server_name, - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, - opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff - */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - /* OPTIONAL is not optimal for security, - * but makes interop easier in this simplified example */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); - - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - mbedtls_printf( " ok\n" ); - - if( opt.mode == MODE_SSL_TLS ) - { - if( do_handshake( &ssl ) != 0 ) - goto exit; - - mbedtls_printf( " > Get header from server:" ); - fflush( stdout ); - - ret = write_ssl_and_get_response( &ssl, buf, 0 ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write EHLO to server:" ); - fflush( stdout ); - - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - } - else - { - mbedtls_printf( " > Get header from server:" ); - fflush( stdout ); - - ret = write_and_get_response( &server_fd, buf, 0 ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write EHLO to server:" ); - fflush( stdout ); - - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); - ret = write_and_get_response( &server_fd, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write STARTTLS to server:" ); - fflush( stdout ); - - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "STARTTLS\r\n" ); - ret = write_and_get_response( &server_fd, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - if( do_handshake( &ssl ) != 0 ) - goto exit; - } - -#if defined(MBEDTLS_BASE64_C) - if( opt.authentication ) - { - mbedtls_printf( " > Write AUTH LOGIN to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "AUTH LOGIN\r\n" ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write username to server: %s", opt.user_name ); - fflush( stdout ); - - ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name, - strlen( opt.user_name ) ); - - if( ret != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); - goto exit; - } - len = sprintf( (char *) buf, "%s\r\n", base ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 300 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write password to server: %s", opt.user_pwd ); - fflush( stdout ); - - ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd, - strlen( opt.user_pwd ) ); - - if( ret != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); - goto exit; - } - len = sprintf( (char *) buf, "%s\r\n", base ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - } -#endif - - mbedtls_printf( " > Write MAIL FROM to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write RCPT TO to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write DATA to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "DATA\r\n" ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 300 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_printf( " > Write content to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" - "This is a simple test mail from the " - "mbed TLS mail client example.\r\n" - "\r\n" - "Enjoy!", opt.mail_from ); - ret = write_ssl_data( &ssl, buf, len ); - - len = sprintf( (char *) buf, "\r\n.\r\n"); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); - goto exit; - } - - mbedtls_printf(" ok\n" ); - - mbedtls_ssl_close_notify( &ssl ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_net_free( &server_fd ); - mbedtls_x509_crt_free( &clicert ); - mbedtls_x509_crt_free( &cacert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && - MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C ** - MBEDTLS_CTR_DRBG_C */ diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c deleted file mode 100644 index b5026959a..000000000 --- a/programs/ssl/ssl_pthread_server.c +++ /dev/null @@ -1,545 +0,0 @@ -/* - * SSL server demonstration program using pthread for handling multiple - * clients. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ - !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \ - !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " - "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - return( 0 ); -} -#else - -#include -#include - -#if defined(_WIN32) -#include -#endif - -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" -#include "mbedtls/ssl.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/error.h" - -#if defined(MBEDTLS_SSL_CACHE_C) -#include "mbedtls/ssl_cache.h" -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#include "mbedtls/memory_buffer_alloc.h" -#endif - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -#define HTTP_RESPONSE \ - "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ - "

Successful connection using: %s

\r\n" - -#define DEBUG_LEVEL 0 - -#define MAX_NUM_THREADS 5 - -mbedtls_threading_mutex_t debug_mutex; - -static void my_mutexed_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - long int thread_id = (long int) pthread_self(); - - mbedtls_mutex_lock( &debug_mutex ); - - ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: [ #%ld ] %s", - file, line, thread_id, str ); - fflush( (FILE *) ctx ); - - mbedtls_mutex_unlock( &debug_mutex ); -} - -typedef struct { - mbedtls_net_context client_fd; - int thread_complete; - const mbedtls_ssl_config *config; -} thread_info_t; - -typedef struct { - int active; - thread_info_t data; - pthread_t thread; -} pthread_info_t; - -static thread_info_t base_info; -static pthread_info_t threads[MAX_NUM_THREADS]; - -static void *handle_ssl_connection( void *data ) -{ - int ret, len; - thread_info_t *thread_info = (thread_info_t *) data; - mbedtls_net_context *client_fd = &thread_info->client_fd; - long int thread_id = (long int) pthread_self(); - unsigned char buf[1024]; - mbedtls_ssl_context ssl; - - /* Make sure memory references are valid */ - mbedtls_ssl_init( &ssl ); - - mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id ); - - /* - * 4. Get the SSL context ready - */ - if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", - thread_id, -ret ); - goto thread_exit; - } - - mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - /* - * 5. Handshake - */ - mbedtls_printf( " [ #%ld ] Performing the SSL/TLS handshake\n", thread_id ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", - thread_id, -ret ); - goto thread_exit; - } - } - - mbedtls_printf( " [ #%ld ] ok\n", thread_id ); - - /* - * 6. Read the HTTP Request - */ - mbedtls_printf( " [ #%ld ] < Read from client\n", thread_id ); - - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - continue; - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " [ #%ld ] connection was closed gracefully\n", - thread_id ); - goto thread_exit; - - case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " [ #%ld ] connection was reset by peer\n", - thread_id ); - goto thread_exit; - - default: - mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", - thread_id, -ret ); - goto thread_exit; - } - } - - len = ret; - mbedtls_printf( " [ #%ld ] %d bytes read\n=====\n%s\n=====\n", - thread_id, len, (char *) buf ); - - if( ret > 0 ) - break; - } - while( 1 ); - - /* - * 7. Write the 200 Response - */ - mbedtls_printf( " [ #%ld ] > Write to client:\n", thread_id ); - - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " [ #%ld ] failed: peer closed the connection\n", - thread_id ); - goto thread_exit; - } - - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", - thread_id, ret ); - goto thread_exit; - } - } - - len = ret; - mbedtls_printf( " [ #%ld ] %d bytes written\n=====\n%s\n=====\n", - thread_id, len, (char *) buf ); - - mbedtls_printf( " [ #%ld ] . Closing the connection...", thread_id ); - - while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", - thread_id, ret ); - goto thread_exit; - } - } - - mbedtls_printf( " ok\n" ); - - ret = 0; - -thread_exit: - -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n", - thread_id, -ret, error_buf ); - } -#endif - - mbedtls_net_free( client_fd ); - mbedtls_ssl_free( &ssl ); - - thread_info->thread_complete = 1; - - return( NULL ); -} - -static int thread_create( mbedtls_net_context *client_fd ) -{ - int ret, i; - - /* - * Find in-active or finished thread slot - */ - for( i = 0; i < MAX_NUM_THREADS; i++ ) - { - if( threads[i].active == 0 ) - break; - - if( threads[i].data.thread_complete == 1 ) - { - mbedtls_printf( " [ main ] Cleaning up thread %d\n", i ); - pthread_join(threads[i].thread, NULL ); - memset( &threads[i], 0, sizeof(pthread_info_t) ); - break; - } - } - - if( i == MAX_NUM_THREADS ) - return( -1 ); - - /* - * Fill thread-info for thread - */ - memcpy( &threads[i].data, &base_info, sizeof(base_info) ); - threads[i].active = 1; - memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) ); - - if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, - &threads[i].data ) ) != 0 ) - { - return( ret ); - } - - return( 0 ); -} - -int main( void ) -{ - int ret; - mbedtls_net_context listen_fd, client_fd; - const char pers[] = "ssl_pthread_server"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_config conf; - mbedtls_x509_crt srvcert; - mbedtls_x509_crt cachain; - mbedtls_pk_context pkey; -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - unsigned char alloc_buf[100000]; -#endif -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_context cache; -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); -#endif - -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); -#endif - - mbedtls_x509_crt_init( &srvcert ); - mbedtls_x509_crt_init( &cachain ); - - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( threads, 0, sizeof(threads) ); - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - - mbedtls_mutex_init( &debug_mutex ); - - base_info.config = &conf; - - /* - * We use only a single entropy source that is used in all the threads. - */ - mbedtls_entropy_init( &entropy ); - - /* - * 1. Load the certificates and private RSA key - */ - mbedtls_printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); - - /* - * This demonstration program uses embedded test certificates. - * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the - * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). - */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_x509_crt_parse( &cachain, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - mbedtls_pk_init( &pkey ); - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1b. Seed the random number generator - */ - mbedtls_printf( " . Seeding the random number generator..." ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1c. Prepare SSL configuration - */ - mbedtls_printf( " . Setting up the SSL data...." ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n", - -ret ); - goto exit; - } - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout ); - - /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if - * MBEDTLS_THREADING_C is set. - */ -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, - mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); -#endif - - mbedtls_ssl_conf_ca_chain( &conf, &cachain, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - - /* - * 2. Setup the listening TCP socket - */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - -reset: -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf ); - } -#endif - - /* - * 3. Wait until a client connects - */ - mbedtls_printf( " [ main ] Waiting for a remote connection\n" ); - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret ); - goto exit; - } - - mbedtls_printf( " [ main ] ok\n" ); - mbedtls_printf( " [ main ] Creating a new thread\n" ); - - if( ( ret = thread_create( &client_fd ) ) != 0 ) - { - mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret ); - mbedtls_net_free( &client_fd ); - goto reset; - } - - ret = 0; - goto reset; - -exit: - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); -#endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_ssl_config_free( &conf ); - - mbedtls_net_free( &listen_fd ); - - mbedtls_mutex_free( &debug_mutex ); - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_free(); -#endif - -#if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( ret ); -} - -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && - MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && - MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C && - MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c deleted file mode 100644 index 1852b2bad..000000000 --- a/programs/ssl/ssl_server.c +++ /dev/null @@ -1,416 +0,0 @@ -/* - * SSL server demonstration program - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ - !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - return( 0 ); -} -#else - -#include -#include - -#if defined(_WIN32) -#include -#endif - -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" -#include "mbedtls/ssl.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/error.h" -#include "mbedtls/debug.h" - -#if defined(MBEDTLS_SSL_CACHE_C) -#include "mbedtls/ssl_cache.h" -#endif - -#define HTTP_RESPONSE \ - "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ - "

Successful connection using: %s

\r\n" - -#define DEBUG_LEVEL 0 - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -int main( void ) -{ - int ret, len; - mbedtls_net_context listen_fd, client_fd; - unsigned char buf[1024]; - const char *pers = "ssl_server"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt srvcert; - mbedtls_pk_context pkey; -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_context cache; -#endif - - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); -#endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); -#endif - - /* - * 1. Load the certificates and private RSA key - */ - mbedtls_printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); - - /* - * This demonstration program uses embedded test certificates. - * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the - * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). - */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 2. Setup the listening TCP socket - */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Seed the RNG - */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 4. Setup stuff - */ - mbedtls_printf( " . Setting up the SSL data...." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, - mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); -#endif - - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - -reset: -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &client_fd ); - - mbedtls_ssl_session_reset( &ssl ); - - /* - * 3. Wait until a client connects - */ - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - mbedtls_printf( " ok\n" ); - - /* - * 5. Handshake - */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); - goto reset; - } - } - - mbedtls_printf( " ok\n" ); - - /* - * 6. Read the HTTP Request - */ - mbedtls_printf( " < Read from client:" ); - fflush( stdout ); - - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - continue; - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - break; - - case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); - break; - - default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); - break; - } - - break; - } - - len = ret; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - - if( ret > 0 ) - break; - } - while( 1 ); - - /* - * 7. Write the 200 Response - */ - mbedtls_printf( " > Write to client:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); - goto reset; - } - - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - goto exit; - } - } - - len = ret; - mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); - - mbedtls_printf( " . Closing the connection..." ); - - while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret ); - goto reset; - } - } - - mbedtls_printf( " ok\n" ); - - ret = 0; - goto reset; - -exit: - -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); -#endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( ret ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && - MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && - MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C - && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c deleted file mode 100644 index d1e45be3c..000000000 --- a/programs/ssl/ssl_server2.c +++ /dev/null @@ -1,3533 +0,0 @@ -/* - * SSL client with options - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_calloc calloc -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif - -#if !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/net_sockets.h" -#include "mbedtls/ssl.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/certs.h" -#include "mbedtls/x509.h" -#include "mbedtls/error.h" -#include "mbedtls/debug.h" -#include "mbedtls/timing.h" - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif - -#include -#include -#include -#include - -#if !defined(_MSC_VER) -#include -#endif - -#if !defined(_WIN32) -#include -#endif - -#if defined(MBEDTLS_SSL_CACHE_C) -#include "mbedtls/ssl_cache.h" -#endif - -#if defined(MBEDTLS_SSL_TICKET_C) -#include "mbedtls/ssl_ticket.h" -#endif - -#if defined(MBEDTLS_SSL_COOKIE_C) -#include "mbedtls/ssl_cookie.h" -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#include "mbedtls/memory_buffer_alloc.h" -#endif - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO) -#define SNI_OPTION -#endif - -#if defined(_WIN32) -#include -#endif - -/* Size of memory to be allocated for the heap, when using the library's memory - * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */ -#define MEMORY_HEAP_SIZE 120000 - -#define DFL_SERVER_ADDR NULL -#define DFL_SERVER_PORT "4433" -#define DFL_RESPONSE_SIZE -1 -#define DFL_DEBUG_LEVEL 0 -#define DFL_NBIO 0 -#define DFL_EVENT 0 -#define DFL_READ_TIMEOUT 0 -#define DFL_CA_FILE "" -#define DFL_CA_PATH "" -#define DFL_CRT_FILE "" -#define DFL_KEY_FILE "" -#define DFL_CRT_FILE2 "" -#define DFL_KEY_FILE2 "" -#define DFL_ASYNC_OPERATIONS "-" -#define DFL_ASYNC_PRIVATE_DELAY1 ( -1 ) -#define DFL_ASYNC_PRIVATE_DELAY2 ( -1 ) -#define DFL_ASYNC_PRIVATE_ERROR ( 0 ) -#define DFL_PSK "" -#define DFL_PSK_OPAQUE 0 -#define DFL_PSK_LIST_OPAQUE 0 -#define DFL_PSK_IDENTITY "Client_identity" -#define DFL_ECJPAKE_PW NULL -#define DFL_PSK_LIST NULL -#define DFL_FORCE_CIPHER 0 -#define DFL_VERSION_SUITES NULL -#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED -#define DFL_ALLOW_LEGACY -2 -#define DFL_RENEGOTIATE 0 -#define DFL_RENEGO_DELAY -2 -#define DFL_RENEGO_PERIOD ( (uint64_t)-1 ) -#define DFL_EXCHANGES 1 -#define DFL_MIN_VERSION -1 -#define DFL_MAX_VERSION -1 -#define DFL_ARC4 -1 -#define DFL_SHA1 -1 -#define DFL_AUTH_MODE -1 -#define DFL_CERT_REQ_CA_LIST MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED -#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE -#define DFL_TRUNC_HMAC -1 -#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED -#define DFL_TICKET_TIMEOUT 86400 -#define DFL_CACHE_MAX -1 -#define DFL_CACHE_TIMEOUT -1 -#define DFL_SNI NULL -#define DFL_ALPN_STRING NULL -#define DFL_CURVES NULL -#define DFL_DHM_FILE NULL -#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM -#define DFL_COOKIES 1 -#define DFL_ANTI_REPLAY -1 -#define DFL_HS_TO_MIN 0 -#define DFL_HS_TO_MAX 0 -#define DFL_DTLS_MTU -1 -#define DFL_BADMAC_LIMIT -1 -#define DFL_DGRAM_PACKING 1 -#define DFL_EXTENDED_MS -1 -#define DFL_ETM -1 -#define DFL_CA_CALLBACK 0 - -#define LONG_RESPONSE "

01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah

\r\n" - -/* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer - * packets (for fragmentation purposes) */ -#define HTTP_RESPONSE \ - "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ - "

Successful connection using: %s

\r\n" // LONG_RESPONSE - -/* - * Size of the basic I/O buffer. Able to hold our default response. - * - * You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh - * if you change this value to something outside the range <= 100 or > 500 - */ -#define DFL_IO_BUF_LEN 200 - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_FS_IO) -#define USAGE_IO \ - " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (pre-loaded)\n" \ - " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (pre-loaded) (overrides ca_file)\n" \ - " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ - " default: see note after key_file2\n" \ - " key_file=%%s default: see note after key_file2\n" \ - " crt_file2=%%s Your second cert and chain (in bottom to top order, top may be omitted)\n" \ - " default: see note after key_file2\n" \ - " key_file2=%%s default: see note below\n" \ - " note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \ - " preloaded certificate(s) and key(s) are used if available\n" \ - " dhm_file=%%s File containing Diffie-Hellman parameters\n" \ - " default: preloaded parameters\n" -#else -#define USAGE_IO \ - "\n" \ - " No file operations available (MBEDTLS_FS_IO not defined)\n" \ - "\n" -#endif /* MBEDTLS_FS_IO */ -#else -#define USAGE_IO "" -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -#define USAGE_SSL_ASYNC \ - " async_operations=%%c... d=decrypt, s=sign (default: -=off)\n" \ - " async_private_delay1=%%d Asynchronous delay for key_file or preloaded key\n" \ - " async_private_delay2=%%d Asynchronous delay for key_file2 and sni\n" \ - " default: -1 (not asynchronous)\n" \ - " async_private_error=%%d Async callback error injection (default=0=none,\n" \ - " 1=start, 2=cancel, 3=resume, negative=first time only)" -#else -#define USAGE_SSL_ASYNC "" -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#define USAGE_PSK_RAW \ - " psk=%%s default: \"\" (in hex, without 0x)\n" \ - " psk_list=%%s default: \"\"\n" \ - " A list of (PSK identity, PSK value) pairs.\n" \ - " The PSK values are in hex, without 0x.\n" \ - " id1,psk1[,id2,psk2[,...]]\n" \ - " psk_identity=%%s default: \"Client_identity\"\n" -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#define USAGE_PSK_SLOT \ - " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \ - " Enable this to store the PSK configured through command line\n" \ - " parameter `psk` in a PSA-based key slot.\n" \ - " Note: Currently only supported in conjunction with\n" \ - " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ - " to force a particular PSK-only ciphersuite.\n" \ - " Note: This is to test integration of PSA-based opaque PSKs with\n" \ - " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ - " with prepopulated key slots instead of importing raw key material.\n" \ - " psk_list_opaque=%%d default: 0 (don't use opaque dynamic PSKs)\n" \ - " Enable this to store the list of dynamically chosen PSKs configured\n" \ - " through the command line parameter `psk_list` in PSA-based key slots.\n" \ - " Note: Currently only supported in conjunction with\n" \ - " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ - " to force a particular PSK-only ciphersuite.\n" \ - " Note: This is to test integration of PSA-based opaque PSKs with\n" \ - " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ - " with prepopulated key slots instead of importing raw key material.\n" -#else -#define USAGE_PSK_SLOT "" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT -#else -#define USAGE_PSK "" -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -#define USAGE_CA_CALLBACK \ - " ca_callback=%%d default: 0 (disabled)\n" \ - " Enable this to use the trusted certificate callback function\n" -#else -#define USAGE_CA_CALLBACK "" -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -#define USAGE_TICKETS \ - " tickets=%%d default: 1 (enabled)\n" \ - " ticket_timeout=%%d default: 86400 (one day)\n" -#else -#define USAGE_TICKETS "" -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_CACHE_C) -#define USAGE_CACHE \ - " cache_max=%%d default: cache default (50)\n" \ - " cache_timeout=%%d default: cache default (1d)\n" -#else -#define USAGE_CACHE "" -#endif /* MBEDTLS_SSL_CACHE_C */ - -#if defined(SNI_OPTION) -#define USAGE_SNI \ - " sni=%%s name1,cert1,key1,ca1,crl1,auth1[,...]\n" \ - " default: disabled\n" -#else -#define USAGE_SNI "" -#endif /* SNI_OPTION */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -#define USAGE_MAX_FRAG_LEN \ - " max_frag_len=%%d default: 16384 (tls default)\n" \ - " options: 512, 1024, 2048, 4096\n" -#else -#define USAGE_MAX_FRAG_LEN "" -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -#define USAGE_TRUNC_HMAC \ - " trunc_hmac=%%d default: library default\n" -#else -#define USAGE_TRUNC_HMAC "" -#endif - -#if defined(MBEDTLS_SSL_ALPN) -#define USAGE_ALPN \ - " alpn=%%s default: \"\" (disabled)\n" \ - " example: spdy/1,http/1.1\n" -#else -#define USAGE_ALPN "" -#endif /* MBEDTLS_SSL_ALPN */ - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -#define USAGE_COOKIES \ - " cookies=0/1/-1 default: 1 (enabled)\n" \ - " 0: disabled, -1: library default (broken)\n" -#else -#define USAGE_COOKIES "" -#endif - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -#define USAGE_ANTI_REPLAY \ - " anti_replay=0/1 default: (library default: enabled)\n" -#else -#define USAGE_ANTI_REPLAY "" -#endif - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) -#define USAGE_BADMAC_LIMIT \ - " badmac_limit=%%d default: (library default: disabled)\n" -#else -#define USAGE_BADMAC_LIMIT "" -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -#define USAGE_DTLS \ - " dtls=%%d default: 0 (TLS)\n" \ - " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \ - " range of DTLS handshake timeouts in millisecs\n" \ - " mtu=%%d default: (library default: unlimited)\n" \ - " dgram_packing=%%d default: 1 (allowed)\n" \ - " allow or forbid packing of multiple\n" \ - " records within a single datgram.\n" -#else -#define USAGE_DTLS "" -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -#define USAGE_EMS \ - " extended_ms=0/1 default: (library default: on)\n" -#else -#define USAGE_EMS "" -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -#define USAGE_ETM \ - " etm=0/1 default: (library default: on)\n" -#else -#define USAGE_ETM "" -#endif - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -#define USAGE_RENEGO \ - " renegotiation=%%d default: 0 (disabled)\n" \ - " renegotiate=%%d default: 0 (disabled)\n" \ - " renego_delay=%%d default: -2 (library default)\n" \ - " renego_period=%%d default: (2^64 - 1 for TLS, 2^48 - 1 for DTLS)\n" -#else -#define USAGE_RENEGO "" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#define USAGE_ECJPAKE \ - " ecjpake_pw=%%s default: none (disabled)\n" -#else -#define USAGE_ECJPAKE "" -#endif - -#if defined(MBEDTLS_ECP_C) -#define USAGE_CURVES \ - " curves=a,b,c,d default: \"default\" (library default)\n" \ - " example: \"secp521r1,brainpoolP512r1\"\n" \ - " - use \"none\" for empty list\n" \ - " - see mbedtls_ecp_curve_list()\n" \ - " for acceptable curve names\n" -#else -#define USAGE_CURVES "" -#endif - -#define USAGE \ - "\n usage: ssl_server2 param=<>...\n" \ - "\n acceptable parameters:\n" \ - " server_addr=%%s default: (all interfaces)\n" \ - " server_port=%%d default: 4433\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " buffer_size=%%d default: 200 \n" \ - " (minimum: 1, max: 16385)\n" \ - " response_size=%%d default: about 152 (basic response)\n" \ - " (minimum: 0, max: 16384)\n" \ - " increases buffer_size if bigger\n"\ - " nbio=%%d default: 0 (blocking I/O)\n" \ - " options: 1 (non-blocking), 2 (added delays)\n" \ - " event=%%d default: 0 (loop)\n" \ - " options: 1 (level-triggered, implies nbio=1),\n" \ - " read_timeout=%%d default: 0 ms (no timeout)\n" \ - "\n" \ - USAGE_DTLS \ - USAGE_COOKIES \ - USAGE_ANTI_REPLAY \ - USAGE_BADMAC_LIMIT \ - "\n" \ - " auth_mode=%%s default: (library default: none)\n" \ - " options: none, optional, required\n" \ - " cert_req_ca_list=%%d default: 1 (send ca list)\n" \ - " options: 1 (send ca list), 0 (don't send)\n" \ - USAGE_IO \ - USAGE_SSL_ASYNC \ - USAGE_SNI \ - "\n" \ - USAGE_PSK \ - USAGE_CA_CALLBACK \ - USAGE_ECJPAKE \ - "\n" \ - " allow_legacy=%%d default: (library default: no)\n" \ - USAGE_RENEGO \ - " exchanges=%%d default: 1\n" \ - "\n" \ - USAGE_TICKETS \ - USAGE_CACHE \ - USAGE_MAX_FRAG_LEN \ - USAGE_TRUNC_HMAC \ - USAGE_ALPN \ - USAGE_EMS \ - USAGE_ETM \ - USAGE_CURVES \ - "\n" \ - " arc4=%%d default: (library default: 0)\n" \ - " allow_sha1=%%d default: 0\n" \ - " min_version=%%s default: (library default: tls1)\n" \ - " max_version=%%s default: (library default: tls1_2)\n" \ - " force_version=%%s default: \"\" (none)\n" \ - " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ - "\n" \ - " version_suites=a,b,c,d per-version ciphersuites\n" \ - " in order from ssl3 to tls1_2\n" \ - " default: all enabled\n" \ - " force_ciphersuite= default: all enabled\n" \ - " query_config= return 0 if the specified\n" \ - " configuration macro is defined and 1\n" \ - " otherwise. The expansion of the macro\n" \ - " is printed if it is defined\n" \ - " acceptable ciphersuite names:\n" - - -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 - -#define PUT_UINT64_BE(out_be,in_le,i) \ -{ \ - (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF ); \ - (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF ); \ - (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF ); \ - (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF ); \ - (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF ); \ - (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF ); \ - (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8 ) & 0xFF ); \ - (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ -} - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *server_addr; /* address on which the ssl service runs */ - const char *server_port; /* port on which the ssl service runs */ - int debug_level; /* level of debugging */ - int nbio; /* should I/O be blocking? */ - int event; /* loop or event-driven IO? level or edge triggered? */ - uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */ - int response_size; /* pad response with header to requested size */ - uint16_t buffer_size; /* IO buffer size */ - const char *ca_file; /* the file with the CA certificate(s) */ - const char *ca_path; /* the path with the CA certificate(s) reside */ - const char *crt_file; /* the file with the server certificate */ - const char *key_file; /* the file with the server key */ - const char *crt_file2; /* the file with the 2nd server certificate */ - const char *key_file2; /* the file with the 2nd server key */ - const char *async_operations; /* supported SSL asynchronous operations */ - int async_private_delay1; /* number of times f_async_resume needs to be called for key 1, or -1 for no async */ - int async_private_delay2; /* number of times f_async_resume needs to be called for key 2, or -1 for no async */ - int async_private_error; /* inject error in async private callback */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - int psk_opaque; - int psk_list_opaque; -#endif -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - int ca_callback; /* Use callback for trusted certificate list */ -#endif - const char *psk; /* the pre-shared key */ - const char *psk_identity; /* the pre-shared key identity */ - char *psk_list; /* list of PSK id/key pairs for callback */ - const char *ecjpake_pw; /* the EC J-PAKE password */ - int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ - const char *version_suites; /* per-version ciphersuites */ - int renegotiation; /* enable / disable renegotiation */ - int allow_legacy; /* allow legacy renegotiation */ - int renegotiate; /* attempt renegotiation? */ - int renego_delay; /* delay before enforcing renegotiation */ - uint64_t renego_period; /* period for automatic renegotiation */ - int exchanges; /* number of data exchanges */ - int min_version; /* minimum protocol version accepted */ - int max_version; /* maximum protocol version accepted */ - int arc4; /* flag for arc4 suites support */ - int allow_sha1; /* flag for SHA-1 support */ - int auth_mode; /* verify mode for connection */ - int cert_req_ca_list; /* should we send the CA list? */ - unsigned char mfl_code; /* code for maximum fragment length */ - int trunc_hmac; /* accept truncated hmac? */ - int tickets; /* enable / disable session tickets */ - int ticket_timeout; /* session ticket lifetime */ - int cache_max; /* max number of session cache entries */ - int cache_timeout; /* expiration delay of session cache entries */ - char *sni; /* string describing sni information */ - const char *curves; /* list of supported elliptic curves */ - const char *alpn_string; /* ALPN supported protocols */ - const char *dhm_file; /* the file with the DH parameters */ - int extended_ms; /* allow negotiation of extended MS? */ - int etm; /* allow negotiation of encrypt-then-MAC? */ - int transport; /* TLS or DTLS? */ - int cookies; /* Use cookies for DTLS? -1 to break them */ - int anti_replay; /* Use anti-replay for DTLS? -1 for default */ - uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ - uint32_t hs_to_max; /* Max value of DTLS handshake timer */ - int dtls_mtu; /* UDP Maximum tranport unit for DTLS */ - int dgram_packing; /* allow/forbid datagram packing */ - int badmac_limit; /* Limit of records with bad MAC */ -} opt; - -int query_config( const char *config ); - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - const char *p, *basename; - - /* Extract basename from file */ - for( p = basename = file; *p != '\0'; p++ ) - if( *p == '/' || *p == '\\' ) - basename = p + 1; - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", basename, line, level, str ); - fflush( (FILE *) ctx ); -} - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates) -{ - int ret = 0; - mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; - mbedtls_x509_crt *first; - - /* This is a test-only implementation of the CA callback - * which always returns the entire list of trusted certificates. - * Production implementations managing a large number of CAs - * should use an efficient presentation and lookup for the - * set of trusted certificates (such as a hashtable) and only - * return those trusted certificates which satisfy basic - * parental checks, such as the matching of child `Issuer` - * and parent `Subject` field. */ - ((void) child); - - first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( first == NULL ) - { - ret = -1; - goto exit; - } - mbedtls_x509_crt_init( first ); - - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { - ret = -1; - goto exit; - } - - while( ca->next != NULL ) - { - ca = ca->next; - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { - ret = -1; - goto exit; - } - } - -exit: - - if( ret != 0 ) - { - mbedtls_x509_crt_free( first ); - mbedtls_free( first ); - first = NULL; - } - - *candidates = first; - return( ret ); -} -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -/* - * Test recv/send functions that make sure each try returns - * WANT_READ/WANT_WRITE at least once before sucesseding - */ -static int my_recv( void *ctx, unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_READ ); - } - - ret = mbedtls_net_recv( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_READ ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -static int my_send( void *ctx, const unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_WRITE ); - } - - ret = mbedtls_net_send( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -/* - * Return authmode from string, or -1 on error - */ -static int get_auth_mode( const char *s ) -{ - if( strcmp( s, "none" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_NONE ); - if( strcmp( s, "optional" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_OPTIONAL ); - if( strcmp( s, "required" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_REQUIRED ); - - return( -1 ); -} - -/* - * Used by sni_parse and psk_parse to handle coma-separated lists - */ -#define GET_ITEM( dst ) \ - dst = p; \ - while( *p != ',' ) \ - if( ++p > end ) \ - goto error; \ - *p++ = '\0'; - -#if defined(SNI_OPTION) -typedef struct _sni_entry sni_entry; - -struct _sni_entry { - const char *name; - mbedtls_x509_crt *cert; - mbedtls_pk_context *key; - mbedtls_x509_crt* ca; - mbedtls_x509_crl* crl; - int authmode; - sni_entry *next; -}; - -void sni_free( sni_entry *head ) -{ - sni_entry *cur = head, *next; - - while( cur != NULL ) - { - mbedtls_x509_crt_free( cur->cert ); - mbedtls_free( cur->cert ); - - mbedtls_pk_free( cur->key ); - mbedtls_free( cur->key ); - - mbedtls_x509_crt_free( cur->ca ); - mbedtls_free( cur->ca ); - - mbedtls_x509_crl_free( cur->crl ); - mbedtls_free( cur->crl ); - - next = cur->next; - mbedtls_free( cur ); - cur = next; - } -} - -/* - * Parse a string of sextuples name1,crt1,key1,ca1,crl1,auth1[,...] - * into a usable sni_entry list. For ca1, crl1, auth1, the special value - * '-' means unset. If ca1 is unset, then crl1 is ignored too. - * - * Modifies the input string! This is not production quality! - */ -sni_entry *sni_parse( char *sni_string ) -{ - sni_entry *cur = NULL, *new = NULL; - char *p = sni_string; - char *end = p; - char *crt_file, *key_file, *ca_file, *crl_file, *auth_str; - - while( *end != '\0' ) - ++end; - *end = ','; - - while( p <= end ) - { - if( ( new = mbedtls_calloc( 1, sizeof( sni_entry ) ) ) == NULL ) - { - sni_free( cur ); - return( NULL ); - } - - GET_ITEM( new->name ); - GET_ITEM( crt_file ); - GET_ITEM( key_file ); - GET_ITEM( ca_file ); - GET_ITEM( crl_file ); - GET_ITEM( auth_str ); - - if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL || - ( new->key = mbedtls_calloc( 1, sizeof( mbedtls_pk_context ) ) ) == NULL ) - goto error; - - mbedtls_x509_crt_init( new->cert ); - mbedtls_pk_init( new->key ); - - if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 ) - goto error; - - if( strcmp( ca_file, "-" ) != 0 ) - { - if( ( new->ca = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ) - goto error; - - mbedtls_x509_crt_init( new->ca ); - - if( mbedtls_x509_crt_parse_file( new->ca, ca_file ) != 0 ) - goto error; - } - - if( strcmp( crl_file, "-" ) != 0 ) - { - if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL ) - goto error; - - mbedtls_x509_crl_init( new->crl ); - - if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 ) - goto error; - } - - if( strcmp( auth_str, "-" ) != 0 ) - { - if( ( new->authmode = get_auth_mode( auth_str ) ) < 0 ) - goto error; - } - else - new->authmode = DFL_AUTH_MODE; - - new->next = cur; - cur = new; - } - - return( cur ); - -error: - sni_free( new ); - sni_free( cur ); - return( NULL ); -} - -/* - * SNI callback. - */ -int sni_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) -{ - const sni_entry *cur = (const sni_entry *) p_info; - - while( cur != NULL ) - { - if( name_len == strlen( cur->name ) && - memcmp( name, cur->name, name_len ) == 0 ) - { - if( cur->ca != NULL ) - mbedtls_ssl_set_hs_ca_chain( ssl, cur->ca, cur->crl ); - - if( cur->authmode != DFL_AUTH_MODE ) - mbedtls_ssl_set_hs_authmode( ssl, cur->authmode ); - - return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) ); - } - - cur = cur->next; - } - - return( -1 ); -} - -#endif /* SNI_OPTION */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - -#define HEX2NUM( c ) \ - if( c >= '0' && c <= '9' ) \ - c -= '0'; \ - else if( c >= 'a' && c <= 'f' ) \ - c -= 'a' - 10; \ - else if( c >= 'A' && c <= 'F' ) \ - c -= 'A' - 10; \ - else \ - return( -1 ); - -/* - * Convert a hex string to bytes. - * Return 0 on success, -1 on error. - */ -int unhexify( unsigned char *output, const char *input, size_t *olen ) -{ - unsigned char c; - size_t j; - - *olen = strlen( input ); - if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN ) - return( -1 ); - *olen /= 2; - - for( j = 0; j < *olen * 2; j += 2 ) - { - c = input[j]; - HEX2NUM( c ); - output[ j / 2 ] = c << 4; - - c = input[j + 1]; - HEX2NUM( c ); - output[ j / 2 ] |= c; - } - - return( 0 ); -} - -typedef struct _psk_entry psk_entry; - -struct _psk_entry -{ - const char *name; - size_t key_len; - unsigned char key[MBEDTLS_PSK_MAX_LEN]; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t slot; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - psk_entry *next; -}; - -/* - * Free a list of psk_entry's - */ -int psk_free( psk_entry *head ) -{ - psk_entry *next; - - while( head != NULL ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_status_t status; - psa_key_handle_t const slot = head->slot; - - if( slot != 0 ) - { - status = psa_destroy_key( slot ); - if( status != PSA_SUCCESS ) - return( status ); - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - next = head->next; - mbedtls_free( head ); - head = next; - } - - return( 0 ); -} - -/* - * Parse a string of pairs name1,key1[,name2,key2[,...]] - * into a usable psk_entry list. - * - * Modifies the input string! This is not production quality! - */ -psk_entry *psk_parse( char *psk_string ) -{ - psk_entry *cur = NULL, *new = NULL; - char *p = psk_string; - char *end = p; - char *key_hex; - - while( *end != '\0' ) - ++end; - *end = ','; - - while( p <= end ) - { - if( ( new = mbedtls_calloc( 1, sizeof( psk_entry ) ) ) == NULL ) - goto error; - - memset( new, 0, sizeof( psk_entry ) ); - - GET_ITEM( new->name ); - GET_ITEM( key_hex ); - - if( unhexify( new->key, key_hex, &new->key_len ) != 0 ) - goto error; - - new->next = cur; - cur = new; - } - - return( cur ); - -error: - psk_free( new ); - psk_free( cur ); - return( 0 ); -} - -/* - * PSK callback - */ -int psk_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) -{ - psk_entry *cur = (psk_entry *) p_info; - - while( cur != NULL ) - { - if( name_len == strlen( cur->name ) && - memcmp( name, cur->name, name_len ) == 0 ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( cur->slot != 0 ) - return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); - else -#endif - return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); - } - - cur = cur->next; - } - - return( -1 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -static mbedtls_net_context listen_fd, client_fd; - -/* Interruption handler to ensure clean exit (for valgrind testing) */ -#if !defined(_WIN32) -static int received_sigterm = 0; -void term_handler( int sig ) -{ - ((void) sig); - received_sigterm = 1; - mbedtls_net_free( &listen_fd ); /* causes mbedtls_net_accept() to abort */ - mbedtls_net_free( &client_fd ); /* causes net_read() to abort */ -} -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -static int ssl_sig_hashes_for_test[] = { -#if defined(MBEDTLS_SHA512_C) - MBEDTLS_MD_SHA512, - MBEDTLS_MD_SHA384, -#endif -#if defined(MBEDTLS_SHA256_C) - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA224, -#endif -#if defined(MBEDTLS_SHA1_C) - /* Allow SHA-1 as we use it extensively in tests. */ - MBEDTLS_MD_SHA1, -#endif - MBEDTLS_MD_NONE -}; -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/** Return true if \p ret is a status code indicating that there is an - * operation in progress on an SSL connection, and false if it indicates - * success or a fatal error. - * - * The possible operations in progress are: - * - * - A read, when the SSL input buffer does not contain a full message. - * - A write, when the SSL output buffer contains some data that has not - * been sent over the network yet. - * - An asynchronous callback that has not completed yet. */ -static int mbedtls_status_is_ssl_in_progress( int ret ) -{ - return( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE || - ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); -} - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -typedef struct -{ - mbedtls_x509_crt *cert; /*!< Certificate corresponding to the key */ - mbedtls_pk_context *pk; /*!< Private key */ - unsigned delay; /*!< Number of resume steps to go through */ - unsigned pk_owned : 1; /*!< Whether to free the pk object on exit */ -} ssl_async_key_slot_t; - -typedef enum { - SSL_ASYNC_INJECT_ERROR_NONE = 0, /*!< Let the callbacks succeed */ - SSL_ASYNC_INJECT_ERROR_START, /*!< Inject error during start */ - SSL_ASYNC_INJECT_ERROR_CANCEL, /*!< Close the connection after async start */ - SSL_ASYNC_INJECT_ERROR_RESUME, /*!< Inject error during resume */ -#define SSL_ASYNC_INJECT_ERROR_MAX SSL_ASYNC_INJECT_ERROR_RESUME -} ssl_async_inject_error_t; - -typedef struct -{ - ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */ - size_t slots_used; - ssl_async_inject_error_t inject_error; - int (*f_rng)(void *, unsigned char *, size_t); - void *p_rng; -} ssl_async_key_context_t; - -int ssl_async_set_key( ssl_async_key_context_t *ctx, - mbedtls_x509_crt *cert, - mbedtls_pk_context *pk, - int pk_take_ownership, - unsigned delay ) -{ - if( ctx->slots_used >= sizeof( ctx->slots ) / sizeof( *ctx->slots ) ) - return( -1 ); - ctx->slots[ctx->slots_used].cert = cert; - ctx->slots[ctx->slots_used].pk = pk; - ctx->slots[ctx->slots_used].delay = delay; - ctx->slots[ctx->slots_used].pk_owned = pk_take_ownership; - ++ctx->slots_used; - return( 0 ); -} - -#define SSL_ASYNC_INPUT_MAX_SIZE 512 - -typedef enum -{ - ASYNC_OP_SIGN, - ASYNC_OP_DECRYPT, -} ssl_async_operation_type_t; -/* Note that the enum above and the array below need to be kept in sync! - * `ssl_async_operation_names[op]` is the name of op for each value `op` - * of type `ssl_async_operation_type_t`. */ -static const char *const ssl_async_operation_names[] = -{ - "sign", - "decrypt", -}; - -typedef struct -{ - unsigned slot; - ssl_async_operation_type_t operation_type; - mbedtls_md_type_t md_alg; - unsigned char input[SSL_ASYNC_INPUT_MAX_SIZE]; - size_t input_len; - unsigned remaining_delay; -} ssl_async_operation_context_t; - -static int ssl_async_start( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - ssl_async_operation_type_t op_type, - mbedtls_md_type_t md_alg, - const unsigned char *input, - size_t input_len ) -{ - ssl_async_key_context_t *config_data = - mbedtls_ssl_conf_get_async_config_data( ssl->conf ); - unsigned slot; - ssl_async_operation_context_t *ctx = NULL; - const char *op_name = ssl_async_operation_names[op_type]; - - { - char dn[100]; - if( mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject ) > 0 ) - mbedtls_printf( "Async %s callback: looking for DN=%s\n", - op_name, dn ); - } - - /* Look for a private key that matches the public key in cert. - * Since this test code has the private key inside Mbed TLS, - * we call mbedtls_pk_check_pair to match a private key with the - * public key. */ - for( slot = 0; slot < config_data->slots_used; slot++ ) - { - if( mbedtls_pk_check_pair( &cert->pk, - config_data->slots[slot].pk ) == 0 ) - break; - } - if( slot == config_data->slots_used ) - { - mbedtls_printf( "Async %s callback: no key matches this certificate.\n", - op_name ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ); - } - mbedtls_printf( "Async %s callback: using key slot %u, delay=%u.\n", - op_name, slot, config_data->slots[slot].delay ); - - if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START ) - { - mbedtls_printf( "Async %s callback: injected error\n", op_name ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - } - - if( input_len > SSL_ASYNC_INPUT_MAX_SIZE ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - ctx = mbedtls_calloc( 1, sizeof( *ctx ) ); - if( ctx == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - ctx->slot = slot; - ctx->operation_type = op_type; - ctx->md_alg = md_alg; - memcpy( ctx->input, input, input_len ); - ctx->input_len = input_len; - ctx->remaining_delay = config_data->slots[slot].delay; - mbedtls_ssl_set_async_operation_data( ssl, ctx ); - - if( ctx->remaining_delay == 0 ) - return( 0 ); - else - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); -} - -static int ssl_async_sign( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - mbedtls_md_type_t md_alg, - const unsigned char *hash, - size_t hash_len ) -{ - return( ssl_async_start( ssl, cert, - ASYNC_OP_SIGN, md_alg, - hash, hash_len ) ); -} - -static int ssl_async_decrypt( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - const unsigned char *input, - size_t input_len ) -{ - return( ssl_async_start( ssl, cert, - ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE, - input, input_len ) ); -} - -static int ssl_async_resume( mbedtls_ssl_context *ssl, - unsigned char *output, - size_t *output_len, - size_t output_size ) -{ - ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); - ssl_async_key_context_t *config_data = - mbedtls_ssl_conf_get_async_config_data( ssl->conf ); - ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot]; - int ret; - const char *op_name; - - if( ctx->remaining_delay > 0 ) - { - --ctx->remaining_delay; - mbedtls_printf( "Async resume (slot %u): call %u more times.\n", - ctx->slot, ctx->remaining_delay ); - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - } - - switch( ctx->operation_type ) - { - case ASYNC_OP_DECRYPT: - ret = mbedtls_pk_decrypt( key_slot->pk, - ctx->input, ctx->input_len, - output, output_len, output_size, - config_data->f_rng, config_data->p_rng ); - break; - case ASYNC_OP_SIGN: - ret = mbedtls_pk_sign( key_slot->pk, - ctx->md_alg, - ctx->input, ctx->input_len, - output, output_len, - config_data->f_rng, config_data->p_rng ); - break; - default: - mbedtls_printf( "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n", - ctx->slot, (long) ctx->operation_type ); - mbedtls_free( ctx ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - break; - } - - op_name = ssl_async_operation_names[ctx->operation_type]; - - if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME ) - { - mbedtls_printf( "Async resume callback: %s done but injected error\n", - op_name ); - mbedtls_free( ctx ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - } - - mbedtls_printf( "Async resume (slot %u): %s done, status=%d.\n", - ctx->slot, op_name, ret ); - mbedtls_free( ctx ); - return( ret ); -} - -static void ssl_async_cancel( mbedtls_ssl_context *ssl ) -{ - ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); - mbedtls_printf( "Async cancel callback.\n" ); - mbedtls_free( ctx ); -} -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -/* - * Wait for an event from the underlying transport or the timer - * (Used in event-driven IO mode). - */ -#if !defined(MBEDTLS_TIMING_C) -int idle( mbedtls_net_context *fd, - int idle_reason ) -#else -int idle( mbedtls_net_context *fd, - mbedtls_timing_delay_context *timer, - int idle_reason ) -#endif -{ - int ret; - int poll_type = 0; - - if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE ) - poll_type = MBEDTLS_NET_POLL_WRITE; - else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ ) - poll_type = MBEDTLS_NET_POLL_READ; -#if !defined(MBEDTLS_TIMING_C) - else - return( 0 ); -#endif - - while( 1 ) - { - /* Check if timer has expired */ -#if defined(MBEDTLS_TIMING_C) - if( timer != NULL && - mbedtls_timing_get_delay( timer ) == 2 ) - { - break; - } -#endif /* MBEDTLS_TIMING_C */ - - /* Check if underlying transport became available */ - if( poll_type != 0 ) - { - ret = mbedtls_net_poll( fd, poll_type, 0 ); - if( ret < 0 ) - return( ret ); - if( ret == poll_type ) - break; - } - } - - return( 0 ); -} - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot, - psa_algorithm_t alg, - unsigned char *psk, - size_t psk_len ) -{ - psa_status_t status; - psa_key_policy_t policy; - - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); - - status = psa_set_key_policy( slot, &policy ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "POLICY\n" ); - return( status ); - } - - status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "IMPORT\n" ); - return( status ); - } - - return( PSA_SUCCESS ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -int main( int argc, char *argv[] ) -{ - int ret = 0, len, written, frags, exchanges_left; - int version_suites[4][2]; - unsigned char* buf = 0; -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_algorithm_t alg = 0; - psa_key_handle_t psk_slot = 0; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - unsigned char psk[MBEDTLS_PSK_MAX_LEN]; - size_t psk_len = 0; - psk_entry *psk_info = NULL; -#endif - const char *pers = "ssl_server2"; - unsigned char client_ip[16] = { 0 }; - size_t cliip_len; -#if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_ctx cookie_ctx; -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; -#endif - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; -#if defined(MBEDTLS_TIMING_C) - mbedtls_timing_delay_context timer; -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - unsigned char renego_period[8] = { 0 }; -#endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - uint32_t flags; - mbedtls_x509_crt cacert; - mbedtls_x509_crt srvcert; - mbedtls_pk_context pkey; - mbedtls_x509_crt srvcert2; - mbedtls_pk_context pkey2; - int key_cert_init = 0, key_cert_init2 = 0; -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - ssl_async_key_context_t ssl_async_keys; -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_context dhm; -#endif -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_context cache; -#endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_context ticket_ctx; -#endif -#if defined(SNI_OPTION) - sni_entry *sni_info = NULL; -#endif -#if defined(MBEDTLS_ECP_C) - mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; - const mbedtls_ecp_curve_info * curve_cur; -#endif -#if defined(MBEDTLS_SSL_ALPN) - const char *alpn_list[ALPN_LIST_SIZE]; -#endif -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - unsigned char alloc_buf[MEMORY_HEAP_SIZE]; -#endif - - int i; - char *p, *q; - const int *list; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_status_t status; -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); -#endif - - /* - * Make sure memory references are valid in case we exit early. - */ - mbedtls_net_init( &client_fd ); - mbedtls_net_init( &listen_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_x509_crt_init( &srvcert2 ); - mbedtls_pk_init( &pkey2 ); -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) ); -#endif -#endif -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_init( &dhm ); -#endif -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); -#endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_init( &ticket_ctx ); -#endif -#if defined(MBEDTLS_SSL_ALPN) - memset( (void *) alpn_list, 0, sizeof( alpn_list ) ); -#endif -#if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_init( &cookie_ctx ); -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", - (int) status ); - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } -#endif - -#if !defined(_WIN32) - /* Abort cleanly on SIGTERM and SIGINT */ - signal( SIGTERM, term_handler ); - signal( SIGINT, term_handler ); -#endif - - if( argc == 0 ) - { - usage: - if( ret == 0 ) - ret = 1; - - mbedtls_printf( USAGE ); - - list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); - list++; - if( !*list ) - break; - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); - list++; - } - mbedtls_printf("\n"); - goto exit; - } - - opt.buffer_size = DFL_IO_BUF_LEN; - opt.server_addr = DFL_SERVER_ADDR; - opt.server_port = DFL_SERVER_PORT; - opt.debug_level = DFL_DEBUG_LEVEL; - opt.event = DFL_EVENT; - opt.response_size = DFL_RESPONSE_SIZE; - opt.nbio = DFL_NBIO; - opt.read_timeout = DFL_READ_TIMEOUT; - opt.ca_file = DFL_CA_FILE; - opt.ca_path = DFL_CA_PATH; - opt.crt_file = DFL_CRT_FILE; - opt.key_file = DFL_KEY_FILE; - opt.crt_file2 = DFL_CRT_FILE2; - opt.key_file2 = DFL_KEY_FILE2; - opt.async_operations = DFL_ASYNC_OPERATIONS; - opt.async_private_delay1 = DFL_ASYNC_PRIVATE_DELAY1; - opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2; - opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR; - opt.psk = DFL_PSK; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - opt.psk_opaque = DFL_PSK_OPAQUE; - opt.psk_list_opaque = DFL_PSK_LIST_OPAQUE; -#endif -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - opt.ca_callback = DFL_CA_CALLBACK; -#endif - opt.psk_identity = DFL_PSK_IDENTITY; - opt.psk_list = DFL_PSK_LIST; - opt.ecjpake_pw = DFL_ECJPAKE_PW; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; - opt.version_suites = DFL_VERSION_SUITES; - opt.renegotiation = DFL_RENEGOTIATION; - opt.allow_legacy = DFL_ALLOW_LEGACY; - opt.renegotiate = DFL_RENEGOTIATE; - opt.renego_delay = DFL_RENEGO_DELAY; - opt.renego_period = DFL_RENEGO_PERIOD; - opt.exchanges = DFL_EXCHANGES; - opt.min_version = DFL_MIN_VERSION; - opt.max_version = DFL_MAX_VERSION; - opt.arc4 = DFL_ARC4; - opt.allow_sha1 = DFL_SHA1; - opt.auth_mode = DFL_AUTH_MODE; - opt.cert_req_ca_list = DFL_CERT_REQ_CA_LIST; - opt.mfl_code = DFL_MFL_CODE; - opt.trunc_hmac = DFL_TRUNC_HMAC; - opt.tickets = DFL_TICKETS; - opt.ticket_timeout = DFL_TICKET_TIMEOUT; - opt.cache_max = DFL_CACHE_MAX; - opt.cache_timeout = DFL_CACHE_TIMEOUT; - opt.sni = DFL_SNI; - opt.alpn_string = DFL_ALPN_STRING; - opt.curves = DFL_CURVES; - opt.dhm_file = DFL_DHM_FILE; - opt.transport = DFL_TRANSPORT; - opt.cookies = DFL_COOKIES; - opt.anti_replay = DFL_ANTI_REPLAY; - opt.hs_to_min = DFL_HS_TO_MIN; - opt.hs_to_max = DFL_HS_TO_MAX; - opt.dtls_mtu = DFL_DTLS_MTU; - opt.dgram_packing = DFL_DGRAM_PACKING; - opt.badmac_limit = DFL_BADMAC_LIMIT; - opt.extended_ms = DFL_EXTENDED_MS; - opt.etm = DFL_ETM; - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "server_port" ) == 0 ) - opt.server_port = q; - else if( strcmp( p, "server_addr" ) == 0 ) - opt.server_addr = q; - else if( strcmp( p, "dtls" ) == 0 ) - { - int t = atoi( q ); - if( t == 0 ) - opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; - else if( t == 1 ) - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - else - goto usage; - } - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) - goto usage; - } - else if( strcmp( p, "nbio" ) == 0 ) - { - opt.nbio = atoi( q ); - if( opt.nbio < 0 || opt.nbio > 2 ) - goto usage; - } - else if( strcmp( p, "event" ) == 0 ) - { - opt.event = atoi( q ); - if( opt.event < 0 || opt.event > 2 ) - goto usage; - } - else if( strcmp( p, "read_timeout" ) == 0 ) - opt.read_timeout = atoi( q ); - else if( strcmp( p, "buffer_size" ) == 0 ) - { - opt.buffer_size = atoi( q ); - if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 ) - goto usage; - } - else if( strcmp( p, "response_size" ) == 0 ) - { - opt.response_size = atoi( q ); - if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN ) - goto usage; - if( opt.buffer_size < opt.response_size ) - opt.buffer_size = opt.response_size; - } - else if( strcmp( p, "ca_file" ) == 0 ) - opt.ca_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) - opt.ca_path = q; - else if( strcmp( p, "crt_file" ) == 0 ) - opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) - opt.key_file = q; - else if( strcmp( p, "crt_file2" ) == 0 ) - opt.crt_file2 = q; - else if( strcmp( p, "key_file2" ) == 0 ) - opt.key_file2 = q; - else if( strcmp( p, "dhm_file" ) == 0 ) - opt.dhm_file = q; -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - else if( strcmp( p, "async_operations" ) == 0 ) - opt.async_operations = q; - else if( strcmp( p, "async_private_delay1" ) == 0 ) - opt.async_private_delay1 = atoi( q ); - else if( strcmp( p, "async_private_delay2" ) == 0 ) - opt.async_private_delay2 = atoi( q ); - else if( strcmp( p, "async_private_error" ) == 0 ) - { - int n = atoi( q ); - if( n < -SSL_ASYNC_INJECT_ERROR_MAX || - n > SSL_ASYNC_INJECT_ERROR_MAX ) - { - ret = 2; - goto usage; - } - opt.async_private_error = n; - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - else if( strcmp( p, "psk" ) == 0 ) - opt.psk = q; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_opaque" ) == 0 ) - opt.psk_opaque = atoi( q ); - else if( strcmp( p, "psk_list_opaque" ) == 0 ) - opt.psk_list_opaque = atoi( q ); -#endif -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - else if( strcmp( p, "ca_callback" ) == 0) - opt.ca_callback = atoi( q ); -#endif - else if( strcmp( p, "psk_identity" ) == 0 ) - opt.psk_identity = q; - else if( strcmp( p, "psk_list" ) == 0 ) - opt.psk_list = q; - else if( strcmp( p, "ecjpake_pw" ) == 0 ) - opt.ecjpake_pw = q; - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); - - if( opt.force_ciphersuite[0] == 0 ) - { - ret = 2; - goto usage; - } - opt.force_ciphersuite[1] = 0; - } - else if( strcmp( p, "curves" ) == 0 ) - opt.curves = q; - else if( strcmp( p, "version_suites" ) == 0 ) - opt.version_suites = q; - else if( strcmp( p, "renegotiation" ) == 0 ) - { - opt.renegotiation = (atoi( q )) ? - MBEDTLS_SSL_RENEGOTIATION_ENABLED : - MBEDTLS_SSL_RENEGOTIATION_DISABLED; - } - else if( strcmp( p, "allow_legacy" ) == 0 ) - { - switch( atoi( q ) ) - { - case -1: - opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; - break; - case 0: - opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; - break; - case 1: - opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; - break; - default: goto usage; - } - } - else if( strcmp( p, "renegotiate" ) == 0 ) - { - opt.renegotiate = atoi( q ); - if( opt.renegotiate < 0 || opt.renegotiate > 1 ) - goto usage; - } - else if( strcmp( p, "renego_delay" ) == 0 ) - { - opt.renego_delay = atoi( q ); - } - else if( strcmp( p, "renego_period" ) == 0 ) - { -#if defined(_MSC_VER) - opt.renego_period = _strtoui64( q, NULL, 10 ); -#else - if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 ) - goto usage; -#endif /* _MSC_VER */ - if( opt.renego_period < 2 ) - goto usage; - } - else if( strcmp( p, "exchanges" ) == 0 ) - { - opt.exchanges = atoi( q ); - if( opt.exchanges < 0 ) - goto usage; - } - else if( strcmp( p, "min_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - else - goto usage; - } - else if( strcmp( p, "max_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - else - goto usage; - } - else if( strcmp( p, "arc4" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; - case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; - default: goto usage; - } - } - else if( strcmp( p, "allow_sha1" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.allow_sha1 = 0; break; - case 1: opt.allow_sha1 = 1; break; - default: goto usage; - } - } - else if( strcmp( p, "force_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - } - else if( strcmp( q, "tls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls1_2" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - } - else if( strcmp( q, "dtls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else if( strcmp( q, "dtls1_2" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else - goto usage; - } - else if( strcmp( p, "auth_mode" ) == 0 ) - { - if( ( opt.auth_mode = get_auth_mode( q ) ) < 0 ) - goto usage; - } - else if( strcmp( p, "cert_req_ca_list" ) == 0 ) - { - opt.cert_req_ca_list = atoi( q ); - if( opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1 ) - goto usage; - } - else if( strcmp( p, "max_frag_len" ) == 0 ) - { - if( strcmp( q, "512" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; - else if( strcmp( q, "1024" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; - else if( strcmp( q, "2048" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; - else if( strcmp( q, "4096" ) == 0 ) - opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; - else - goto usage; - } - else if( strcmp( p, "alpn" ) == 0 ) - { - opt.alpn_string = q; - } - else if( strcmp( p, "trunc_hmac" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; - case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; - default: goto usage; - } - } - else if( strcmp( p, "extended_ms" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: - opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; - break; - case 1: - opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; - break; - default: goto usage; - } - } - else if( strcmp( p, "etm" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; - case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; - default: goto usage; - } - } - else if( strcmp( p, "tickets" ) == 0 ) - { - opt.tickets = atoi( q ); - if( opt.tickets < 0 || opt.tickets > 1 ) - goto usage; - } - else if( strcmp( p, "ticket_timeout" ) == 0 ) - { - opt.ticket_timeout = atoi( q ); - if( opt.ticket_timeout < 0 ) - goto usage; - } - else if( strcmp( p, "cache_max" ) == 0 ) - { - opt.cache_max = atoi( q ); - if( opt.cache_max < 0 ) - goto usage; - } - else if( strcmp( p, "cache_timeout" ) == 0 ) - { - opt.cache_timeout = atoi( q ); - if( opt.cache_timeout < 0 ) - goto usage; - } - else if( strcmp( p, "cookies" ) == 0 ) - { - opt.cookies = atoi( q ); - if( opt.cookies < -1 || opt.cookies > 1) - goto usage; - } - else if( strcmp( p, "anti_replay" ) == 0 ) - { - opt.anti_replay = atoi( q ); - if( opt.anti_replay < 0 || opt.anti_replay > 1) - goto usage; - } - else if( strcmp( p, "badmac_limit" ) == 0 ) - { - opt.badmac_limit = atoi( q ); - if( opt.badmac_limit < 0 ) - goto usage; - } - else if( strcmp( p, "hs_timeout" ) == 0 ) - { - if( ( p = strchr( q, '-' ) ) == NULL ) - goto usage; - *p++ = '\0'; - opt.hs_to_min = atoi( q ); - opt.hs_to_max = atoi( p ); - if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) - goto usage; - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.dtls_mtu = atoi( q ); - if( opt.dtls_mtu < 0 ) - goto usage; - } - else if( strcmp( p, "dgram_packing" ) == 0 ) - { - opt.dgram_packing = atoi( q ); - if( opt.dgram_packing != 0 && - opt.dgram_packing != 1 ) - { - goto usage; - } - } - else if( strcmp( p, "sni" ) == 0 ) - { - opt.sni = q; - } - else if( strcmp( p, "query_config" ) == 0 ) - { - return query_config( q ); - } - else - goto usage; - } - - /* Event-driven IO is incompatible with the above custom - * receive and send functions, as the polling builds on - * refers to the underlying net_context. */ - if( opt.event == 1 && opt.nbio != 1 ) - { - mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); - opt.nbio = 1; - } - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); -#endif - buf = mbedtls_calloc( 1, opt.buffer_size + 1 ); - if( buf == NULL ) - { - mbedtls_printf( "Could not allocate %u bytes\n", opt.buffer_size ); - ret = 3; - goto exit; - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - if( strlen( opt.psk ) == 0 ) - { - mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); - ret = 2; - goto usage; - } - - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - } - - if( opt.psk_list_opaque != 0 ) - { - if( opt.psk_list == NULL ) - { - mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); - ret = 2; - goto usage; - } - - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - if( opt.force_ciphersuite[0] > 0 ) - { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); - - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); - ret = 2; - goto usage; - } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); - ret = 2; - goto usage; - } - - /* If we select a version that's not supported by - * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { - opt.max_version = ciphersuite_info->max_minor_ver; - } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { - opt.min_version = ciphersuite_info->min_minor_ver; - /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - - /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { - mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); - ret = 2; - goto usage; - } - - opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 ) - { - /* Ensure that the chosen ciphersuite is PSK-only; we must know - * the ciphersuite in advance to set the correct policy for the - * PSK key slot. This limitation might go away in the future. */ - if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || - opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - - /* Determine KDF algorithm the opaque PSK will be used in. */ -#if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else -#endif /* MBEDTLS_SHA512_C */ - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - } - - if( opt.version_suites != NULL ) - { - const char *name[4] = { 0 }; - - /* Parse 4-element coma-separated list */ - for( i = 0, p = (char *) opt.version_suites; - i < 4 && *p != '\0'; - i++ ) - { - name[i] = p; - - /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) - p++; - if( *p == ',' ) - *p++ = '\0'; - } - - if( i != 4 ) - { - mbedtls_printf( "too few values for version_suites\n" ); - ret = 1; - goto exit; - } - - memset( version_suites, 0, sizeof( version_suites ) ); - - /* Get the suites identifiers from their name */ - for( i = 0; i < 4; i++ ) - { - version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] ); - - if( version_suites[i][0] == 0 ) - { - mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] ); - ret = 2; - goto usage; - } - } - } - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* - * Unhexify the pre-shared key and parse the list if any given - */ - if( unhexify( psk, opt.psk, &psk_len ) != 0 ) - { - mbedtls_printf( "pre-shared key not valid hex\n" ); - goto exit; - } - - if( opt.psk_list != NULL ) - { - if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL ) - { - mbedtls_printf( "psk_list invalid" ); - goto exit; - } - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL ) - { - p = (char *) opt.curves; - i = 0; - - if( strcmp( p, "none" ) == 0 ) - { - curve_list[0] = MBEDTLS_ECP_DP_NONE; - } - else if( strcmp( p, "default" ) != 0 ) - { - /* Leave room for a final NULL in curve list */ - while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - q = p; - - /* Terminate the current string */ - while( *p != ',' && *p != '\0' ) - p++; - if( *p == ',' ) - *p++ = '\0'; - - if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) - { - curve_list[i++] = curve_cur->grp_id; - } - else - { - mbedtls_printf( "unknown curve %s\n", q ); - mbedtls_printf( "supported curves: " ); - for( curve_cur = mbedtls_ecp_curve_list(); - curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++ ) - { - mbedtls_printf( "%s ", curve_cur->name ); - } - mbedtls_printf( "\n" ); - goto exit; - } - } - - mbedtls_printf("Number of curves: %d\n", i ); - - if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - mbedtls_printf( "curves list too long, maximum %d", - CURVE_LIST_SIZE - 1 ); - goto exit; - } - - curve_list[i] = MBEDTLS_ECP_DP_NONE; - } - } -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - p = (char *) opt.alpn_string; - i = 0; - - /* Leave room for a final NULL in alpn_list */ - while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) - { - alpn_list[i++] = p; - - /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) - p++; - if( *p == ',' ) - *p++ = '\0'; - } - } -#endif /* MBEDTLS_SSL_ALPN */ - - /* - * 0. Initialize the RNG and the session data - */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* - * 1.1. Load the trusted CA - */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_path ) ) - if( strcmp( opt.ca_path, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); - else if( strlen( opt.ca_file ) ) - if( strcmp( opt.ca_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else -#endif -#if defined(MBEDTLS_CERTS_C) - for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse( &cacert, - (const unsigned char *) mbedtls_test_cas[i], - mbedtls_test_cas_len[i] ); - if( ret != 0 ) - break; - } -#else - { - ret = 1; - mbedtls_printf("MBEDTLS_CERTS_C not defined."); - } -#endif - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_printf( " ok (%d skipped)\n", ret ); - - /* - * 1.2. Load own certificate and private key - */ - mbedtls_printf( " . Loading the server cert. and key..." ); - fflush( stdout ); - -#if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 ) - { - key_cert_init++; - if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", - -ret ); - goto exit; - } - } - if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 ) - { - key_cert_init++; - if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", -ret ); - goto exit; - } - } - if( key_cert_init == 1 ) - { - mbedtls_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" ); - goto exit; - } - - if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 ) - { - key_cert_init2++; - if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", - -ret ); - goto exit; - } - } - if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 ) - { - key_cert_init2++; - if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", - -ret ); - goto exit; - } - } - if( key_cert_init2 == 1 ) - { - mbedtls_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" ); - goto exit; - } -#endif - if( key_cert_init == 0 && - strcmp( opt.crt_file, "none" ) != 0 && - strcmp( opt.key_file, "none" ) != 0 && - key_cert_init2 == 0 && - strcmp( opt.crt_file2, "none" ) != 0 && - strcmp( opt.key_file2, "none" ) != 0 ) - { -#if !defined(MBEDTLS_CERTS_C) - mbedtls_printf( "Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n" ); - goto exit; -#else -#if defined(MBEDTLS_RSA_C) - if( ( ret = mbedtls_x509_crt_parse( &srvcert, - (const unsigned char *) mbedtls_test_srv_crt_rsa, - mbedtls_test_srv_crt_rsa_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - -ret ); - goto exit; - } - if( ( ret = mbedtls_pk_parse_key( &pkey, - (const unsigned char *) mbedtls_test_srv_key_rsa, - mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", - -ret ); - goto exit; - } - key_cert_init = 2; -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECDSA_C) - if( ( ret = mbedtls_x509_crt_parse( &srvcert2, - (const unsigned char *) mbedtls_test_srv_crt_ec, - mbedtls_test_srv_crt_ec_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", - -ret ); - goto exit; - } - if( ( ret = mbedtls_pk_parse_key( &pkey2, - (const unsigned char *) mbedtls_test_srv_key_ec, - mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", - -ret ); - goto exit; - } - key_cert_init2 = 2; -#endif /* MBEDTLS_ECDSA_C */ -#endif /* MBEDTLS_CERTS_C */ - } - - mbedtls_printf( " ok\n" ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - if( opt.dhm_file != NULL ) - { - mbedtls_printf( " . Loading DHM parameters..." ); - fflush( stdout ); - - if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", - -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } -#endif - -#if defined(SNI_OPTION) - if( opt.sni != NULL ) - { - mbedtls_printf( " . Setting up SNI information..." ); - fflush( stdout ); - - if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) - { - mbedtls_printf( " failed\n" ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } -#endif /* SNI_OPTION */ - - /* - * 2. Setup the listening TCP socket - */ - mbedtls_printf( " . Bind on %s://%s:%s/ ...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr ? opt.server_addr : "*", - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Setup stuff - */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - opt.transport, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret ); - goto exit; - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* The default algorithms profile disables SHA-1, but our tests still - rely on it heavily. Hence we allow it here. A real-world server - should use the default profile unless there is a good reason not to. */ - if( opt.allow_sha1 > 0 ) - { - crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); - mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); - mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); - } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( opt.auth_mode != DFL_AUTH_MODE ) - mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); - - if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST ) - mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max ); - - if( opt.dgram_packing != DFL_DGRAM_PACKING ) - mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret ); - goto exit; - }; -#endif - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( opt.extended_ms != DFL_EXTENDED_MS ) - mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( opt.etm != DFL_ETM ) - mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); -#endif - -#if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret ); - goto exit; - } -#endif - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - -#if defined(MBEDTLS_SSL_CACHE_C) - if( opt.cache_max != -1 ) - mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); - - if( opt.cache_timeout != -1 ) - mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); - - mbedtls_ssl_conf_session_cache( &conf, &cache, - mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED ) - { - if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx, - mbedtls_ctr_drbg_random, &ctr_drbg, - MBEDTLS_CIPHER_AES_256_GCM, - opt.ticket_timeout ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_conf_session_tickets_cb( &conf, - mbedtls_ssl_ticket_write, - mbedtls_ssl_ticket_parse, - &ticket_ctx ); - } -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { -#if defined(MBEDTLS_SSL_COOKIE_C) - if( opt.cookies > 0 ) - { - if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); - goto exit; - } - - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, - &cookie_ctx ); - } - else -#endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( opt.cookies == 0 ) - { - mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL ); - } - else -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - { - ; /* Nothing to do */ - } - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( opt.anti_replay != DFL_ANTI_REPLAY ) - mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay ); -#endif - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( opt.badmac_limit != DFL_BADMAC_LIMIT ) - mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit ); -#endif - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); - -#if defined(MBEDTLS_ARC4_C) - if( opt.arc4 != DFL_ARC4 ) - mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); -#endif - - if( opt.version_suites != NULL ) - { - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_0 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_1 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_2 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3 ); - } - - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); -#if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); - - if( opt.renego_delay != DFL_RENEGO_DELAY ) - mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay ); - - if( opt.renego_period != DFL_RENEGO_PERIOD ) - { - PUT_UINT64_BE( renego_period, opt.renego_period, 0 ); - mbedtls_ssl_conf_renegotiation_period( &conf, renego_period ); - } -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( opt.ca_path, "none" ) != 0 && - strcmp( opt.ca_file, "none" ) != 0 ) - { -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( opt.ca_callback != 0 ) - mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert); - else -#endif - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - } - if( key_cert_init ) - { - mbedtls_pk_context *pk = &pkey; -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay1 >= 0 ) - { - ret = ssl_async_set_key( &ssl_async_keys, &srvcert, pk, 0, - opt.async_private_delay1 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); - goto exit; - } - pk = NULL; - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, pk ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - } - if( key_cert_init2 ) - { - mbedtls_pk_context *pk = &pkey2; -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay2 >= 0 ) - { - ret = ssl_async_set_key( &ssl_async_keys, &srvcert2, pk, 0, - opt.async_private_delay2 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); - goto exit; - } - pk = NULL; - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, pk ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); - goto exit; - } - } - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_operations[0] != '-' ) - { - mbedtls_ssl_async_sign_t *sign = NULL; - mbedtls_ssl_async_decrypt_t *decrypt = NULL; - const char *r; - for( r = opt.async_operations; *r; r++ ) - { - switch( *r ) - { - case 'd': - decrypt = ssl_async_decrypt; - break; - case 's': - sign = ssl_async_sign; - break; - } - } - ssl_async_keys.inject_error = ( opt.async_private_error < 0 ? - - opt.async_private_error : - opt.async_private_error ); - ssl_async_keys.f_rng = mbedtls_ctr_drbg_random; - ssl_async_keys.p_rng = &ctr_drbg; - mbedtls_ssl_conf_async_private_cb( &conf, - sign, - decrypt, - ssl_async_resume, - ssl_async_cancel, - &ssl_async_keys ); - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(SNI_OPTION) - if( opt.sni != NULL ) - { - mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info ); -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay2 >= 0 ) - { - sni_entry *cur; - for( cur = sni_info; cur != NULL; cur = cur->next ) - { - ret = ssl_async_set_key( &ssl_async_keys, - cur->cert, cur->key, 1, - opt.async_private_delay2 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); - goto exit; - } - cur->key = NULL; - } - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - } -#endif - -#if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL && - strcmp( opt.curves, "default" ) != 0 ) - { - mbedtls_ssl_conf_curves( &conf, curve_list ); - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - - if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - status = psa_allocate_key( &psk_slot ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "ALLOC FAIL\n" ); - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - - /* The algorithm has already been determined earlier. */ - status = psa_setup_psk_key_slot( psk_slot, alg, psk, psk_len ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "SETUP FAIL\n" ); - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", - ret ); - goto exit; - } - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret ); - goto exit; - } - } - - if( opt.psk_list != NULL ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_list_opaque != 0 ) - { - psk_entry *cur_psk; - for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) - { - status = psa_allocate_key( &cur_psk->slot ); - if( status != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - - status = psa_setup_psk_key_slot( cur_psk->slot, alg, - cur_psk->key, - cur_psk->key_len ); - if( status != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; - goto exit; - } - } - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info ); - } -#endif - -#if defined(MBEDTLS_DHM_C) - /* - * Use different group than default DHM group - */ -#if defined(MBEDTLS_FS_IO) - if( opt.dhm_file != NULL ) - ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm ); -#endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret ); - goto exit; - } -#endif - - if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); - - if( opt.max_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret ); - goto exit; - } - - if( opt.nbio == 2 ) - mbedtls_ssl_set_bio( &ssl, &client_fd, my_send, my_recv, NULL ); - else - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.dtls_mtu != DFL_DTLS_MTU ) - mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); -#endif - -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); -#endif - - mbedtls_printf( " ok\n" ); - -reset: -#if !defined(_WIN32) - if( received_sigterm ) - { - mbedtls_printf( " interrupted by SIGTERM (not in net_accept())\n" ); - if( ret == MBEDTLS_ERR_NET_INVALID_CONTEXT ) - ret = 0; - - goto exit; - } -#endif - - if( ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) - { - mbedtls_printf( " ! Client initiated reconnection from same port\n" ); - goto handshake; - } - -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); - } -#endif - - mbedtls_net_free( &client_fd ); - - mbedtls_ssl_session_reset( &ssl ); - - /* - * 3. Wait until a client connects - */ - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) - { -#if !defined(_WIN32) - if( received_sigterm ) - { - mbedtls_printf( " interrupted by SIGTERM (in net_accept())\n" ); - if( ret == MBEDTLS_ERR_NET_ACCEPT_FAILED ) - ret = 0; - - goto exit; - } -#endif - - mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", -ret ); - goto exit; - } - - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &client_fd ); - else - ret = mbedtls_net_set_block( &client_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); - goto exit; - } - - mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, - client_ip, cliip_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", - -ret ); - goto exit; - } - } -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) - { - if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, - (const unsigned char *) opt.ecjpake_pw, - strlen( opt.ecjpake_pw ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret ); - goto exit; - } - } -#endif - - mbedtls_printf( " ok\n" ); - - /* - * 4. Handshake - */ -handshake: - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && - ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL ) - { - mbedtls_printf( " cancelling on injected error\n" ); - break; - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - break; - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - ret = idle( &client_fd, &timer, ret ); -#else - ret = idle( &client_fd, ret ); -#endif - if( ret != 0 ) - goto reset; - } - } - - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - mbedtls_printf( " hello verification requested\n" ); - ret = 0; - goto reset; - } - else if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) - { - char vrfy_buf[512]; - flags = mbedtls_ssl_get_verify_result( &ssl ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } -#endif - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_error < 0 ) - /* Injected error only the first time round, to test reset */ - ssl_async_keys.inject_error = SSL_ASYNC_INJECT_ERROR_NONE; -#endif - goto reset; - } - else /* ret == 0 */ - { - mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) ); - } - - if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) - mbedtls_printf( " [ Record expansion is %d ]\n", ret ); - else - mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_max_frag_len( &ssl ) ); -#endif - -#if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); - mbedtls_printf( " [ Application Layer Protocol is %s ]\n", - alp ? alp : "(none)" ); - } -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* - * 5. Verify the client certificate - */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); - - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - mbedtls_printf( " ok\n" ); - - if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) - { - char crt_buf[512]; - - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_x509_crt_info( crt_buf, sizeof( crt_buf ), " ", - mbedtls_ssl_get_peer_cert( &ssl ) ); - mbedtls_printf( "%s\n", crt_buf ); - } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( opt.exchanges == 0 ) - goto close_notify; - - exchanges_left = opt.exchanges; -data_exchange: - /* - * 6. Read the HTTP Request - */ - mbedtls_printf( " < Read from client:" ); - fflush( stdout ); - - /* - * TLS and DTLS need different reading styles (stream vs datagram) - */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - do - { - int terminated = 0; - len = opt.buffer_size - 1; - memset( buf, 0, opt.buffer_size ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - - if( mbedtls_status_is_ssl_in_progress( ret ) ) - { - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); -#else - idle( &client_fd, ret ); -#endif - } - - continue; - } - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - goto close_notify; - - case 0: - case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); - ret = MBEDTLS_ERR_NET_CONN_RESET; - goto reset; - - default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); - goto reset; - } - } - - if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 ) - { - len = ret; - buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf ); - - /* End of message should be detected according to the syntax of the - * application protocol (eg HTTP), just use a dummy test here. */ - if( buf[len - 1] == '\n' ) - terminated = 1; - } - else - { - int extra_len, ori_len; - unsigned char *larger_buf; - - ori_len = ret; - extra_len = (int) mbedtls_ssl_get_bytes_avail( &ssl ); - - larger_buf = mbedtls_calloc( 1, ori_len + extra_len + 1 ); - if( larger_buf == NULL ) - { - mbedtls_printf( " ! memory allocation failed\n" ); - ret = 1; - goto reset; - } - - memset( larger_buf, 0, ori_len + extra_len ); - memcpy( larger_buf, buf, ori_len ); - - /* This read should never fail and get the whole cached data */ - ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len ); - if( ret != extra_len || - mbedtls_ssl_get_bytes_avail( &ssl ) != 0 ) - { - mbedtls_printf( " ! mbedtls_ssl_read failed on cached data\n" ); - ret = 1; - goto reset; - } - - larger_buf[ori_len + extra_len] = '\0'; - mbedtls_printf( " %u bytes read (%u + %u)\n\n%s\n", - ori_len + extra_len, ori_len, extra_len, - (char *) larger_buf ); - - /* End of message should be detected according to the syntax of the - * application protocol (eg HTTP), just use a dummy test here. */ - if( larger_buf[ori_len + extra_len - 1] == '\n' ) - terminated = 1; - - mbedtls_free( larger_buf ); - } - - if( terminated ) - { - ret = 0; - break; - } - } - while( 1 ); - } - else /* Not stream, so datagram */ - { - len = opt.buffer_size - 1; - memset( buf, 0, opt.buffer_size ); - - do - { - /* Without the call to `mbedtls_ssl_check_pending`, it might - * happen that the client sends application data in the same - * datagram as the Finished message concluding the handshake. - * In this case, the application data would be ready to be - * processed while the underlying transport wouldn't signal - * any further incoming data. - * - * See the test 'Event-driven I/O: session-id resume, UDP packing' - * in tests/ssl-opt.sh. - */ - - /* For event-driven IO, wait for socket to become available */ - if( mbedtls_ssl_check_pending( &ssl ) == 0 && - opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ ); -#else - idle( &client_fd, MBEDTLS_ERR_SSL_WANT_READ ); -#endif - } - - ret = mbedtls_ssl_read( &ssl, buf, len ); - - /* Note that even if `mbedtls_ssl_check_pending` returns true, - * it can happen that the subsequent call to `mbedtls_ssl_read` - * returns `MBEDTLS_ERR_SSL_WANT_READ`, because the pending messages - * might be discarded (e.g. because they are retransmissions). */ - } - while( mbedtls_status_is_ssl_in_progress( ret ) ); - - if( ret <= 0 ) - { - switch( ret ) - { - case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - ret = 0; - goto close_notify; - - default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); - goto reset; - } - } - - len = ret; - buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - ret = 0; - } - - /* - * 7a. Request renegotiation while client is waiting for input from us. - * (only on the first exchange, to be able to test retransmission) - */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( opt.renegotiate && exchanges_left == opt.exchanges ) - { - mbedtls_printf( " . Requestion renegotiation..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) - { - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret ); - goto reset; - } - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); -#else - idle( &client_fd, ret ); -#endif - } - } - - mbedtls_printf( " ok\n" ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - /* - * 7. Write the 200 Response - */ - mbedtls_printf( " > Write to client:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - /* Add padding to the response to reach opt.response_size in length */ - if( opt.response_size != DFL_RESPONSE_SIZE && - len < opt.response_size ) - { - memset( buf + len, 'B', opt.response_size - len ); - len += opt.response_size - len; - } - - /* Truncate if response size is smaller than the "natural" size */ - if( opt.response_size != DFL_RESPONSE_SIZE && - len > opt.response_size ) - { - len = opt.response_size; - - /* Still end with \r\n unless that's really not possible */ - if( len >= 2 ) buf[len - 2] = '\r'; - if( len >= 1 ) buf[len - 1] = '\n'; - } - - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - for( written = 0, frags = 0; written < len; written += ret, frags++ ) - { - while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) ) - <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); - goto reset; - } - - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - goto reset; - } - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); -#else - idle( &client_fd, ret ); -#endif - } - } - } - } - else /* Not stream, so datagram */ - { - while( 1 ) - { - ret = mbedtls_ssl_write( &ssl, buf, len ); - - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - break; - - /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { -#if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); -#else - idle( &client_fd, ret ); -#endif - } - } - - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); - goto reset; - } - - frags = 1; - written = ret; - } - - buf[written] = '\0'; - mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); - ret = 0; - - /* - * 7b. Continue doing data exchanges? - */ - if( --exchanges_left > 0 ) - goto data_exchange; - - /* - * 8. Done, cleanly close the connection - */ -close_notify: - mbedtls_printf( " . Closing the connection..." ); - - /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - ret = 0; - - mbedtls_printf( " done\n" ); - - goto reset; - - /* - * Cleanup and exit - */ -exit: -#ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); - } -#endif - - mbedtls_printf( " . Cleaning up..." ); - fflush( stdout ); - - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_free( &dhm ); -#endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_x509_crt_free( &srvcert2 ); - mbedtls_pk_free( &pkey2 ); -#endif -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - for( i = 0; (size_t) i < ssl_async_keys.slots_used; i++ ) - { - if( ssl_async_keys.slots[i].pk_owned ) - { - mbedtls_pk_free( ssl_async_keys.slots[i].pk ); - mbedtls_free( ssl_async_keys.slots[i].pk ); - ssl_async_keys.slots[i].pk = NULL; - } - } -#endif -#if defined(SNI_OPTION) - sni_free( sni_info ); -#endif -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ( ret = psk_free( psk_info ) ) != 0 ) - mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret ); -#endif -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_free( &dhm ); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ - defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - /* This is ok even if the slot hasn't been - * initialized (we might have jumed here - * immediately because of bad cmd line params, - * for example). */ - status = psa_destroy_key( psk_slot ); - if( status != PSA_SUCCESS ) - { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) psk_slot, (int) status ); - } - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && - MBEDTLS_USE_PSA_CRYPTO */ - - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); -#endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_free( &ticket_ctx ); -#endif -#if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_free( &cookie_ctx ); -#endif - - mbedtls_free( buf ); - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_status(); -#endif - mbedtls_memory_buffer_alloc_free(); -#endif - - mbedtls_printf( " done.\n" ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - // Shell can not handle large exit numbers -> 1 for errors - if( ret < 0 ) - ret = 1; - - return( ret ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && - MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && - MBEDTLS_CTR_DRBG_C */ diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 59f8d54f1..2b455ee01 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -13,9 +13,6 @@ if(TEST_CPP) target_link_libraries(cpp_dummy_build ${libs}) endif() -add_executable(udp_proxy udp_proxy.c) -target_link_libraries(udp_proxy ${libs}) - add_executable(zeroize zeroize.c) target_link_libraries(zeroize ${libs}) @@ -23,6 +20,6 @@ add_executable(query_compile_time_config query_compile_time_config.c) target_sources(query_compile_time_config PUBLIC query_config.c) target_link_libraries(query_compile_time_config ${libs}) -install(TARGETS selftest benchmark udp_proxy query_compile_time_config +install(TARGETS selftest benchmark query_compile_time_config DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c deleted file mode 100644 index 41739d057..000000000 --- a/programs/test/udp_proxy.c +++ /dev/null @@ -1,944 +0,0 @@ -/* - * UDP proxy: emulate an unreliable UDP connexion for DTLS testing - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/* - * Warning: this is an internal utility program we use for tests. - * It does break some abstractions from the NET layer, and is thus NOT an - * example of good general usage. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_NET_C) -int main( void ) -{ - mbedtls_printf( "MBEDTLS_NET_C not defined.\n" ); - return( 0 ); -} -#else - -#include "mbedtls/net_sockets.h" -#include "mbedtls/error.h" -#include "mbedtls/ssl.h" -#include "mbedtls/timing.h" - -#include - -/* For select() */ -#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ - !defined(EFI32) -#include -#include -#if defined(_MSC_VER) -#if defined(_WIN32_WCE) -#pragma comment( lib, "ws2.lib" ) -#else -#pragma comment( lib, "ws2_32.lib" ) -#endif -#endif /* _MSC_VER */ -#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ -#include -#include -#include -#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ - -#define MAX_MSG_SIZE 16384 + 2048 /* max record/datagram size */ - -#define DFL_SERVER_ADDR "localhost" -#define DFL_SERVER_PORT "4433" -#define DFL_LISTEN_ADDR "localhost" -#define DFL_LISTEN_PORT "5556" -#define DFL_PACK 0 - -#if defined(MBEDTLS_TIMING_C) -#define USAGE_PACK \ - " pack=%%d default: 0 (don't pack)\n" \ - " options: t > 0 (pack for t milliseconds)\n" -#else -#define USAGE_PACK -#endif - -#define USAGE \ - "\n usage: udp_proxy param=<>...\n" \ - "\n acceptable parameters:\n" \ - " server_addr=%%s default: localhost\n" \ - " server_port=%%d default: 4433\n" \ - " listen_addr=%%s default: localhost\n" \ - " listen_port=%%d default: 4433\n" \ - "\n" \ - " duplicate=%%d default: 0 (no duplication)\n" \ - " duplicate about 1:N packets randomly\n" \ - " delay=%%d default: 0 (no delayed packets)\n" \ - " delay about 1:N packets randomly\n" \ - " delay_ccs=0/1 default: 0 (don't delay ChangeCipherSpec)\n" \ - " delay_cli=%%s Handshake message from client that should be\n"\ - " delayed. Possible values are 'ClientHello',\n" \ - " 'Certificate', 'CertificateVerify', and\n" \ - " 'ClientKeyExchange'.\n" \ - " May be used multiple times, even for the same\n"\ - " message, in which case the respective message\n"\ - " gets delayed multiple times.\n" \ - " delay_srv=%%s Handshake message from server that should be\n"\ - " delayed. Possible values are 'HelloRequest',\n"\ - " 'ServerHello', 'ServerHelloDone', 'Certificate'\n"\ - " 'ServerKeyExchange', 'NewSessionTicket',\n"\ - " 'HelloVerifyRequest' and ''CertificateRequest'.\n"\ - " May be used multiple times, even for the same\n"\ - " message, in which case the respective message\n"\ - " gets delayed multiple times.\n" \ - " drop=%%d default: 0 (no dropped packets)\n" \ - " drop about 1:N packets randomly\n" \ - " mtu=%%d default: 0 (unlimited)\n" \ - " drop packets larger than N bytes\n" \ - " bad_ad=0/1 default: 0 (don't add bad ApplicationData)\n" \ - " protect_hvr=0/1 default: 0 (don't protect HelloVerifyRequest)\n" \ - " protect_len=%%d default: (don't protect packets of this size)\n" \ - "\n" \ - " seed=%%d default: (use current time)\n" \ - USAGE_PACK \ - "\n" - -/* - * global options - */ - -#define MAX_DELAYED_HS 10 - -static struct options -{ - const char *server_addr; /* address to forward packets to */ - const char *server_port; /* port to forward packets to */ - const char *listen_addr; /* address for accepting client connections */ - const char *listen_port; /* port for accepting client connections */ - - int duplicate; /* duplicate 1 in N packets (none if 0) */ - int delay; /* delay 1 packet in N (none if 0) */ - int delay_ccs; /* delay ChangeCipherSpec */ - char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from - * client that should be delayed. */ - uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */ - char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from - * server that should be delayed. */ - uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */ - int drop; /* drop 1 packet in N (none if 0) */ - int mtu; /* drop packets larger than this */ - int bad_ad; /* inject corrupted ApplicationData record */ - int protect_hvr; /* never drop or delay HelloVerifyRequest */ - int protect_len; /* never drop/delay packet of the given size*/ - unsigned pack; /* merge packets into single datagram for - * at most \c merge milliseconds if > 0 */ - unsigned int seed; /* seed for "random" events */ -} opt; - -static void exit_usage( const char *name, const char *value ) -{ - if( value == NULL ) - mbedtls_printf( " unknown option or missing value: %s\n", name ); - else - mbedtls_printf( " option %s: illegal value: %s\n", name, value ); - - mbedtls_printf( USAGE ); - exit( 1 ); -} - -static void get_options( int argc, char *argv[] ) -{ - int i; - char *p, *q; - - opt.server_addr = DFL_SERVER_ADDR; - opt.server_port = DFL_SERVER_PORT; - opt.listen_addr = DFL_LISTEN_ADDR; - opt.listen_port = DFL_LISTEN_PORT; - opt.pack = DFL_PACK; - /* Other members default to 0 */ - - opt.delay_cli_cnt = 0; - opt.delay_srv_cnt = 0; - memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) ); - memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) ); - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - exit_usage( p, NULL ); - *q++ = '\0'; - - if( strcmp( p, "server_addr" ) == 0 ) - opt.server_addr = q; - else if( strcmp( p, "server_port" ) == 0 ) - opt.server_port = q; - else if( strcmp( p, "listen_addr" ) == 0 ) - opt.listen_addr = q; - else if( strcmp( p, "listen_port" ) == 0 ) - opt.listen_port = q; - else if( strcmp( p, "duplicate" ) == 0 ) - { - opt.duplicate = atoi( q ); - if( opt.duplicate < 0 || opt.duplicate > 20 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay" ) == 0 ) - { - opt.delay = atoi( q ); - if( opt.delay < 0 || opt.delay > 20 || opt.delay == 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay_ccs" ) == 0 ) - { - opt.delay_ccs = atoi( q ); - if( opt.delay_ccs < 0 || opt.delay_ccs > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay_cli" ) == 0 || - strcmp( p, "delay_srv" ) == 0 ) - { - uint8_t *delay_cnt; - char **delay_list; - size_t len; - char *buf; - - if( strcmp( p, "delay_cli" ) == 0 ) - { - delay_cnt = &opt.delay_cli_cnt; - delay_list = opt.delay_cli; - } - else - { - delay_cnt = &opt.delay_srv_cnt; - delay_list = opt.delay_srv; - } - - if( *delay_cnt == MAX_DELAYED_HS ) - { - mbedtls_printf( " too many uses of %s: only %d allowed\n", - p, MAX_DELAYED_HS ); - exit_usage( p, NULL ); - } - - len = strlen( q ); - buf = mbedtls_calloc( 1, len + 1 ); - if( buf == NULL ) - { - mbedtls_printf( " Allocation failure\n" ); - exit( 1 ); - } - memcpy( buf, q, len + 1 ); - - delay_list[ (*delay_cnt)++ ] = buf; - } - else if( strcmp( p, "drop" ) == 0 ) - { - opt.drop = atoi( q ); - if( opt.drop < 0 || opt.drop > 20 || opt.drop == 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "pack" ) == 0 ) - { -#if defined(MBEDTLS_TIMING_C) - opt.pack = (unsigned) atoi( q ); -#else - mbedtls_printf( " option pack only defined if MBEDTLS_TIMING_C is enabled\n" ); - exit( 1 ); -#endif - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.mtu = atoi( q ); - if( opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE ) - exit_usage( p, q ); - } - else if( strcmp( p, "bad_ad" ) == 0 ) - { - opt.bad_ad = atoi( q ); - if( opt.bad_ad < 0 || opt.bad_ad > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "protect_hvr" ) == 0 ) - { - opt.protect_hvr = atoi( q ); - if( opt.protect_hvr < 0 || opt.protect_hvr > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "protect_len" ) == 0 ) - { - opt.protect_len = atoi( q ); - if( opt.protect_len < 0 ) - exit_usage( p, q ); - } - else if( strcmp( p, "seed" ) == 0 ) - { - opt.seed = atoi( q ); - if( opt.seed == 0 ) - exit_usage( p, q ); - } - else - exit_usage( p, NULL ); - } -} - -static const char *msg_type( unsigned char *msg, size_t len ) -{ - if( len < 1 ) return( "Invalid" ); - switch( msg[0] ) - { - case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" ); - case MBEDTLS_SSL_MSG_ALERT: return( "Alert" ); - case MBEDTLS_SSL_MSG_APPLICATION_DATA: return( "ApplicationData" ); - case MBEDTLS_SSL_MSG_HANDSHAKE: break; /* See below */ - default: return( "Unknown" ); - } - - if( len < 13 + 12 ) return( "Invalid handshake" ); - - /* - * Our handshake message are less than 2^16 bytes long, so they should - * have 0 as the first byte of length, frag_offset and frag_length. - * Otherwise, assume they are encrypted. - */ - if( msg[14] || msg[19] || msg[22] ) return( "Encrypted handshake" ); - - switch( msg[13] ) - { - case MBEDTLS_SSL_HS_HELLO_REQUEST: return( "HelloRequest" ); - case MBEDTLS_SSL_HS_CLIENT_HELLO: return( "ClientHello" ); - case MBEDTLS_SSL_HS_SERVER_HELLO: return( "ServerHello" ); - case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" ); - case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" ); - case MBEDTLS_SSL_HS_CERTIFICATE: return( "Certificate" ); - case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" ); - case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" ); - case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" ); - case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" ); - case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" ); - case MBEDTLS_SSL_HS_FINISHED: return( "Finished" ); - default: return( "Unknown handshake" ); - } -} - -#if defined(MBEDTLS_TIMING_C) -/* Return elapsed time in milliseconds since the first call */ -static unsigned ellapsed_time( void ) -{ - static int initialized = 0; - static struct mbedtls_timing_hr_time hires; - - if( initialized == 0 ) - { - (void) mbedtls_timing_get_timer( &hires, 1 ); - initialized = 1; - return( 0 ); - } - - return( mbedtls_timing_get_timer( &hires, 0 ) ); -} - -typedef struct -{ - mbedtls_net_context *ctx; - - const char *description; - - unsigned packet_lifetime; - unsigned num_datagrams; - - unsigned char data[MAX_MSG_SIZE]; - size_t len; - -} ctx_buffer; - -static ctx_buffer outbuf[2]; - -static int ctx_buffer_flush( ctx_buffer *buf ) -{ - int ret; - - mbedtls_printf( " %05u flush %s: %u bytes, %u datagrams, last %u ms\n", - ellapsed_time(), buf->description, - (unsigned) buf->len, buf->num_datagrams, - ellapsed_time() - buf->packet_lifetime ); - - ret = mbedtls_net_send( buf->ctx, buf->data, buf->len ); - - buf->len = 0; - buf->num_datagrams = 0; - - return( ret ); -} - -static unsigned ctx_buffer_time_remaining( ctx_buffer *buf ) -{ - unsigned const cur_time = ellapsed_time(); - - if( buf->num_datagrams == 0 ) - return( (unsigned) -1 ); - - if( cur_time - buf->packet_lifetime >= opt.pack ) - return( 0 ); - - return( opt.pack - ( cur_time - buf->packet_lifetime ) ); -} - -static int ctx_buffer_append( ctx_buffer *buf, - const unsigned char * data, - size_t len ) -{ - int ret; - - if( len > (size_t) INT_MAX ) - return( -1 ); - - if( len > sizeof( buf->data ) ) - { - mbedtls_printf( " ! buffer size %u too large (max %u)\n", - (unsigned) len, (unsigned) sizeof( buf->data ) ); - return( -1 ); - } - - if( sizeof( buf->data ) - buf->len < len ) - { - if( ( ret = ctx_buffer_flush( buf ) ) <= 0 ) - return( ret ); - } - - memcpy( buf->data + buf->len, data, len ); - - buf->len += len; - if( ++buf->num_datagrams == 1 ) - buf->packet_lifetime = ellapsed_time(); - - return( (int) len ); -} -#endif /* MBEDTLS_TIMING_C */ - -static int dispatch_data( mbedtls_net_context *ctx, - const unsigned char * data, - size_t len ) -{ -#if defined(MBEDTLS_TIMING_C) - ctx_buffer *buf = NULL; - if( opt.pack > 0 ) - { - if( outbuf[0].ctx == ctx ) - buf = &outbuf[0]; - else if( outbuf[1].ctx == ctx ) - buf = &outbuf[1]; - - if( buf == NULL ) - return( -1 ); - - return( ctx_buffer_append( buf, data, len ) ); - } -#endif /* MBEDTLS_TIMING_C */ - - return( mbedtls_net_send( ctx, data, len ) ); -} - -typedef struct -{ - mbedtls_net_context *dst; - const char *way; - const char *type; - unsigned len; - unsigned char buf[MAX_MSG_SIZE]; -} packet; - -/* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */ -void print_packet( const packet *p, const char *why ) -{ -#if defined(MBEDTLS_TIMING_C) - if( why == NULL ) - mbedtls_printf( " %05u dispatch %s %s (%u bytes)\n", - ellapsed_time(), p->way, p->type, p->len ); - else - mbedtls_printf( " %05u dispatch %s %s (%u bytes): %s\n", - ellapsed_time(), p->way, p->type, p->len, why ); -#else - if( why == NULL ) - mbedtls_printf( " dispatch %s %s (%u bytes)\n", - p->way, p->type, p->len ); - else - mbedtls_printf( " dispatch %s %s (%u bytes): %s\n", - p->way, p->type, p->len, why ); -#endif - - fflush( stdout ); -} - -int send_packet( const packet *p, const char *why ) -{ - int ret; - mbedtls_net_context *dst = p->dst; - - /* insert corrupted ApplicationData record? */ - if( opt.bad_ad && - strcmp( p->type, "ApplicationData" ) == 0 ) - { - unsigned char buf[MAX_MSG_SIZE]; - memcpy( buf, p->buf, p->len ); - - if( p->len <= 13 ) - { - mbedtls_printf( " ! can't corrupt empty AD record" ); - } - else - { - ++buf[13]; - print_packet( p, "corrupted" ); - } - - if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); - } - } - - print_packet( p, why ); - if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); - } - - /* Don't duplicate Application Data, only handshake covered */ - if( opt.duplicate != 0 && - strcmp( p->type, "ApplicationData" ) != 0 && - rand() % opt.duplicate == 0 ) - { - print_packet( p, "duplicated" ); - - if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); - } - } - - return( 0 ); -} - -#define MAX_DELAYED_MSG 5 -static size_t prev_len; -static packet prev[MAX_DELAYED_MSG]; - -void clear_pending( void ) -{ - memset( &prev, 0, sizeof( prev ) ); - prev_len = 0; -} - -void delay_packet( packet *delay ) -{ - if( prev_len == MAX_DELAYED_MSG ) - return; - - memcpy( &prev[prev_len++], delay, sizeof( packet ) ); -} - -int send_delayed() -{ - uint8_t offset; - int ret; - for( offset = 0; offset < prev_len; offset++ ) - { - ret = send_packet( &prev[offset], "delayed" ); - if( ret != 0 ) - return( ret ); - } - - clear_pending(); - return( 0 ); -} - -/* - * Avoid dropping or delaying a packet that was already dropped twice: this - * only results in uninteresting timeouts. We can't rely on type to identify - * packets, since during renegotiation they're all encrypted. So, rely on - * size mod 2048 (which is usually just size). - */ -static unsigned char dropped[2048] = { 0 }; -#define DROP_MAX 2 - -/* - * OpenSSL groups packets in a datagram the first time it sends them, but not - * when it resends them. Count every record as seen the first time. - */ -void update_dropped( const packet *p ) -{ - size_t id = p->len % sizeof( dropped ); - const unsigned char *end = p->buf + p->len; - const unsigned char *cur = p->buf; - size_t len = ( ( cur[11] << 8 ) | cur[12] ) + 13; - - ++dropped[id]; - - /* Avoid counting single record twice */ - if( len == p->len ) - return; - - while( cur < end ) - { - len = ( ( cur[11] << 8 ) | cur[12] ) + 13; - - id = len % sizeof( dropped ); - ++dropped[id]; - - cur += len; - } -} - -int handle_message( const char *way, - mbedtls_net_context *dst, - mbedtls_net_context *src ) -{ - int ret; - packet cur; - size_t id; - - uint8_t delay_idx; - char ** delay_list; - uint8_t delay_list_len; - - /* receive packet */ - if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 ) - { - mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret ); - return( ret ); - } - - cur.len = ret; - cur.type = msg_type( cur.buf, cur.len ); - cur.way = way; - cur.dst = dst; - print_packet( &cur, NULL ); - - id = cur.len % sizeof( dropped ); - - if( strcmp( way, "S <- C" ) == 0 ) - { - delay_list = opt.delay_cli; - delay_list_len = opt.delay_cli_cnt; - } - else - { - delay_list = opt.delay_srv; - delay_list_len = opt.delay_srv_cnt; - } - - /* Check if message type is in the list of messages - * that should be delayed */ - for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ ) - { - if( delay_list[ delay_idx ] == NULL ) - continue; - - if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 ) - { - /* Delay message */ - delay_packet( &cur ); - - /* Remove entry from list */ - mbedtls_free( delay_list[delay_idx] ); - delay_list[delay_idx] = NULL; - - return( 0 ); - } - } - - /* do we want to drop, delay, or forward it? */ - if( ( opt.mtu != 0 && - cur.len > (unsigned) opt.mtu ) || - ( opt.drop != 0 && - strcmp( cur.type, "ApplicationData" ) != 0 && - ! ( opt.protect_hvr && - strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && - cur.len != (size_t) opt.protect_len && - dropped[id] < DROP_MAX && - rand() % opt.drop == 0 ) ) - { - update_dropped( &cur ); - } - else if( ( opt.delay_ccs == 1 && - strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) || - ( opt.delay != 0 && - strcmp( cur.type, "ApplicationData" ) != 0 && - ! ( opt.protect_hvr && - strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && - cur.len != (size_t) opt.protect_len && - dropped[id] < DROP_MAX && - rand() % opt.delay == 0 ) ) - { - delay_packet( &cur ); - } - else - { - /* forward and possibly duplicate */ - if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 ) - return( ret ); - - /* send previously delayed messages if any */ - ret = send_delayed(); - if( ret != 0 ) - return( ret ); - } - - return( 0 ); -} - -int main( int argc, char *argv[] ) -{ - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - uint8_t delay_idx; - - mbedtls_net_context listen_fd, client_fd, server_fd; - -#if defined( MBEDTLS_TIMING_C ) - struct timeval tm; -#endif - - struct timeval *tm_ptr = NULL; - - int nb_fds; - fd_set read_fds; - - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_net_init( &server_fd ); - - get_options( argc, argv ); - - /* - * Decisions to drop/delay/duplicate packets are pseudo-random: dropping - * exactly 1 in N packets would lead to problems when a flight has exactly - * N packets: the same packet would be dropped on every resend. - * - * In order to be able to reproduce problems reliably, the seed may be - * specified explicitly. - */ - if( opt.seed == 0 ) - { - opt.seed = (unsigned int) time( NULL ); - mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); - } - - srand( opt.seed ); - - /* - * 0. "Connect" to the server - */ - mbedtls_printf( " . Connect to server on UDP/%s/%s ...", - opt.server_addr, opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port, - MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1. Setup the "listening" UDP socket - */ - mbedtls_printf( " . Bind on UDP/%s/%s ...", - opt.listen_addr, opt.listen_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port, - MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 2. Wait until a client connects - */ -accept: - mbedtls_net_free( &client_fd ); - - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 3. Forward packets forever (kill the process to terminate it) - */ - clear_pending(); - memset( dropped, 0, sizeof( dropped ) ); - - nb_fds = client_fd.fd; - if( nb_fds < server_fd.fd ) - nb_fds = server_fd.fd; - if( nb_fds < listen_fd.fd ) - nb_fds = listen_fd.fd; - ++nb_fds; - -#if defined(MBEDTLS_TIMING_C) - if( opt.pack > 0 ) - { - outbuf[0].ctx = &server_fd; - outbuf[0].description = "S <- C"; - outbuf[0].num_datagrams = 0; - outbuf[0].len = 0; - - outbuf[1].ctx = &client_fd; - outbuf[1].description = "S -> C"; - outbuf[1].num_datagrams = 0; - outbuf[1].len = 0; - } -#endif /* MBEDTLS_TIMING_C */ - - while( 1 ) - { -#if defined(MBEDTLS_TIMING_C) - if( opt.pack > 0 ) - { - unsigned max_wait_server, max_wait_client, max_wait; - max_wait_server = ctx_buffer_time_remaining( &outbuf[0] ); - max_wait_client = ctx_buffer_time_remaining( &outbuf[1] ); - - max_wait = (unsigned) -1; - - if( max_wait_server == 0 ) - ctx_buffer_flush( &outbuf[0] ); - else - max_wait = max_wait_server; - - if( max_wait_client == 0 ) - ctx_buffer_flush( &outbuf[1] ); - else - { - if( max_wait_client < max_wait ) - max_wait = max_wait_client; - } - - if( max_wait != (unsigned) -1 ) - { - tm.tv_sec = max_wait / 1000; - tm.tv_usec = ( max_wait % 1000 ) * 1000; - - tm_ptr = &tm; - } - else - { - tm_ptr = NULL; - } - } -#endif /* MBEDTLS_TIMING_C */ - - FD_ZERO( &read_fds ); - FD_SET( server_fd.fd, &read_fds ); - FD_SET( client_fd.fd, &read_fds ); - FD_SET( listen_fd.fd, &read_fds ); - - if( ( ret = select( nb_fds, &read_fds, NULL, NULL, tm_ptr ) ) < 0 ) - { - perror( "select" ); - goto exit; - } - - if( FD_ISSET( listen_fd.fd, &read_fds ) ) - goto accept; - - if( FD_ISSET( client_fd.fd, &read_fds ) ) - { - if( ( ret = handle_message( "S <- C", - &server_fd, &client_fd ) ) != 0 ) - goto accept; - } - - if( FD_ISSET( server_fd.fd, &read_fds ) ) - { - if( ( ret = handle_message( "S -> C", - &client_fd, &server_fd ) ) != 0 ) - goto accept; - } - - } - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - -#ifdef MBEDTLS_ERROR_C - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( "Last error was: -0x%04X - %s\n\n", - ret, error_buf ); - fflush( stdout ); - } -#endif - - for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ ) - { - mbedtls_free( opt.delay_cli + delay_idx ); - mbedtls_free( opt.delay_srv + delay_idx ); - } - - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &server_fd ); - mbedtls_net_free( &listen_fd ); - -#if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} - -#endif /* MBEDTLS_NET_C */ diff --git a/programs/test/udp_proxy_wrapper.sh b/programs/test/udp_proxy_wrapper.sh deleted file mode 100755 index 29033d5d1..000000000 --- a/programs/test/udp_proxy_wrapper.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/sh -# -*-sh-basic-offset: 4-*- -# Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...] - -set -u - -MBEDTLS_BASE="$(dirname -- "$0")/../.." -TPXY_BIN="$MBEDTLS_BASE/programs/test/udp_proxy" -SRV_BIN="$MBEDTLS_BASE/programs/ssl/ssl_server2" - -: ${VERBOSE:=0} - -stop_proxy() { - if [ -n "${tpxy_pid:-}" ]; then - echo - echo " * Killing proxy (pid $tpxy_pid) ..." - kill $tpxy_pid - fi -} - -stop_server() { - if [ -n "${srv_pid:-}" ]; then - echo - echo " * Killing server (pid $srv_pid) ..." - kill $srv_pid >/dev/null 2>/dev/null - fi -} - -cleanup() { - stop_server - stop_proxy - exit 129 -} - -trap cleanup INT TERM HUP - -# Extract the proxy parameters -tpxy_cmd_snippet='"$TPXY_BIN"' -while [ $# -ne 0 ] && [ "$1" != "--" ]; do - tail="$1" quoted="" - while [ -n "$tail" ]; do - case "$tail" in - *\'*) quoted="${quoted}${tail%%\'*}'\\''" tail="${tail#*\'}";; - *) quoted="${quoted}${tail}"; tail=; false;; - esac - done - tpxy_cmd_snippet="$tpxy_cmd_snippet '$quoted'" - shift -done -unset tail quoted -if [ $# -eq 0 ]; then - echo " * No server arguments (must be preceded by \" -- \") - exit" - exit 3 -fi -shift - -dtls_enabled= -ipv6_in_use= -server_port_orig= -server_addr_orig= -for param; do - case "$param" in - server_port=*) server_port_orig="${param#*=}";; - server_addr=*:*) server_addr_orig="${param#*=}"; ipv6_in_use=1;; - server_addr=*) server_addr_orig="${param#*=}";; - dtls=[!0]*) dtls_enabled=1;; - esac -done - -if [ -z "$dtls_enabled" ] || [ -n "$ipv6_in_use" ]; then - echo >&2 "$0: Couldn't find DTLS enabling, or IPv6 is in use - immediate fallback to server application..." - if [ $VERBOSE -gt 0 ]; then - echo "[ $SRV_BIN $* ]" - fi - exec "$SRV_BIN" "$@" -fi - -if [ -z "$server_port_orig" ]; then - server_port_orig=4433 -fi -echo " * Server port: $server_port_orig" -tpxy_cmd_snippet="$tpxy_cmd_snippet \"listen_port=\$server_port_orig\"" -tpxy_cmd_snippet="$tpxy_cmd_snippet \"server_port=\$server_port\"" - -if [ -n "$server_addr_orig" ]; then - echo " * Server address: $server_addr_orig" - tpxy_cmd_snippet="$tpxy_cmd_snippet \"server_addr=\$server_addr_orig\"" - tpxy_cmd_snippet="$tpxy_cmd_snippet \"listen_addr=\$server_addr_orig\"" -fi - -server_port=$(( server_port_orig + 1 )) -set -- "$@" "server_port=$server_port" -echo " * Intermediate port: $server_port" - -echo " * Start proxy in background ..." -if [ $VERBOSE -gt 0 ]; then - echo "[ $tpxy_cmd_snippet ]" -fi -eval exec "$tpxy_cmd_snippet" >/dev/null 2>&1 & -tpxy_pid=$! - -if [ $VERBOSE -gt 0 ]; then - echo " * Proxy ID: $TPXY_PID" -fi - -echo " * Starting server ..." -if [ $VERBOSE -gt 0 ]; then - echo "[ $SRV_BIN $* ]" -fi - -exec "$SRV_BIN" "$@" >&2 & -srv_pid=$! - -wait $srv_pid - -stop_proxy -return 0 diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt deleted file mode 100644 index 39b8b5bab..000000000 --- a/programs/x509/CMakeLists.txt +++ /dev/null @@ -1,30 +0,0 @@ -set(libs - mbedtls -) - -if(USE_PKCS11_HELPER_LIBRARY) - set(libs ${libs} pkcs11-helper) -endif(USE_PKCS11_HELPER_LIBRARY) - -if(ENABLE_ZLIB_SUPPORT) - set(libs ${libs} ${ZLIB_LIBRARIES}) -endif(ENABLE_ZLIB_SUPPORT) - -add_executable(cert_app cert_app.c) -target_link_libraries(cert_app ${libs}) - -add_executable(crl_app crl_app.c) -target_link_libraries(crl_app ${libs}) - -add_executable(req_app req_app.c) -target_link_libraries(req_app ${libs}) - -add_executable(cert_req cert_req.c) -target_link_libraries(cert_req ${libs}) - -add_executable(cert_write cert_write.c) -target_link_libraries(cert_write ${libs}) - -install(TARGETS cert_app crl_app req_app cert_req cert_write - DESTINATION "bin" - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c deleted file mode 100644 index 38fbd51bf..000000000 --- a/programs/x509/cert_app.c +++ /dev/null @@ -1,515 +0,0 @@ -/* - * Certificate reading application - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ - !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/ssl.h" -#include "mbedtls/x509.h" -#include "mbedtls/debug.h" - -#include -#include -#include - -#define MODE_NONE 0 -#define MODE_FILE 1 -#define MODE_SSL 2 - -#define DFL_MODE MODE_NONE -#define DFL_FILENAME "cert.crt" -#define DFL_CA_FILE "" -#define DFL_CRL_FILE "" -#define DFL_CA_PATH "" -#define DFL_SERVER_NAME "localhost" -#define DFL_SERVER_PORT "4433" -#define DFL_DEBUG_LEVEL 0 -#define DFL_PERMISSIVE 0 - -#define USAGE_IO \ - " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (none)\n" \ - " crl_file=%%s The single CRL file you want to use\n" \ - " default: \"\" (none)\n" \ - " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (none) (overrides ca_file)\n" - -#define USAGE \ - "\n usage: cert_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " mode=file|ssl default: none\n" \ - " filename=%%s default: cert.crt\n" \ - USAGE_IO \ - " server_name=%%s default: localhost\n" \ - " server_port=%%d default: 4433\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " permissive=%%d default: 0 (disabled)\n" \ - "\n" - -#if defined(MBEDTLS_CHECK_PARAMS) -#define mbedtls_exit exit -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - int mode; /* the mode to run the application in */ - const char *filename; /* filename of the certificate file */ - const char *ca_file; /* the file with the CA certificate(s) */ - const char *crl_file; /* the file with the CRL to use */ - const char *ca_path; /* the path with the CA certificate(s) reside */ - const char *server_name; /* hostname of the server (client only) */ - const char *server_port; /* port on which the ssl service runs */ - int debug_level; /* level of debugging */ - int permissive; /* permissive parsing */ -} opt; - -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - ((void) level); - - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); -} - -static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) -{ - char buf[1024]; - ((void) data); - - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - mbedtls_printf( "%s", buf ); - - if ( ( *flags ) == 0 ) - mbedtls_printf( " This certificate has no flags\n" ); - else - { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); - mbedtls_printf( "%s\n", buf ); - } - - return( 0 ); -} - -int main( int argc, char *argv[] ) -{ - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_net_context server_fd; - unsigned char buf[1024]; - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_x509_crt cacert; - mbedtls_x509_crl cacrl; - int i, j; - uint32_t flags; - int verify = 0; - char *p, *q; - const char *pers = "cert_app"; - - /* - * Set to sane values - */ - mbedtls_net_init( &server_fd ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); -#if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_init( &cacrl ); -#else - /* Zeroize structure as CRL parsing is not supported and we have to pass - it to the verify function */ - memset( &cacrl, 0, sizeof(mbedtls_x509_crl) ); -#endif - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); - goto exit; - } - - opt.mode = DFL_MODE; - opt.filename = DFL_FILENAME; - opt.ca_file = DFL_CA_FILE; - opt.crl_file = DFL_CRL_FILE; - opt.ca_path = DFL_CA_PATH; - opt.server_name = DFL_SERVER_NAME; - opt.server_port = DFL_SERVER_PORT; - opt.debug_level = DFL_DEBUG_LEVEL; - opt.permissive = DFL_PERMISSIVE; - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - for( j = 0; p + j < q; j++ ) - { - if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) - argv[i][j] |= 0x20; - } - - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "file" ) == 0 ) - opt.mode = MODE_FILE; - else if( strcmp( q, "ssl" ) == 0 ) - opt.mode = MODE_SSL; - else - goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) - opt.filename = q; - else if( strcmp( p, "ca_file" ) == 0 ) - opt.ca_file = q; - else if( strcmp( p, "crl_file" ) == 0 ) - opt.crl_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) - opt.ca_path = q; - else if( strcmp( p, "server_name" ) == 0 ) - opt.server_name = q; - else if( strcmp( p, "server_port" ) == 0 ) - opt.server_port = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) - goto usage; - } - else if( strcmp( p, "permissive" ) == 0 ) - { - opt.permissive = atoi( q ); - if( opt.permissive < 0 || opt.permissive > 1 ) - goto usage; - } - else - goto usage; - } - - /* - * 1.1. Load the trusted CA - */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - if( strlen( opt.ca_path ) ) - { - if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", -ret ); - goto exit; - } - - verify = 1; - } - else if( strlen( opt.ca_file ) ) - { - if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", -ret ); - goto exit; - } - - verify = 1; - } - - mbedtls_printf( " ok (%d skipped)\n", ret ); - -#if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strlen( opt.crl_file ) ) - { - if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", -ret ); - goto exit; - } - - verify = 1; - } -#endif - - if( opt.mode == MODE_FILE ) - { - mbedtls_x509_crt crt; - mbedtls_x509_crt *cur = &crt; - mbedtls_x509_crt_init( &crt ); - - /* - * 1.1. Load the certificate(s) - */ - mbedtls_printf( "\n . Loading the certificate(s) ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse_file( &crt, opt.filename ); - - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret ); - mbedtls_x509_crt_free( &crt ); - goto exit; - } - - if( opt.permissive == 0 && ret > 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret ); - mbedtls_x509_crt_free( &crt ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.2 Print the certificate(s) - */ - while( cur != NULL ) - { - mbedtls_printf( " . Peer certificate information ...\n" ); - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - cur ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); - mbedtls_x509_crt_free( &crt ); - goto exit; - } - - mbedtls_printf( "%s\n", buf ); - - cur = cur->next; - } - - /* - * 1.3 Verify the certificate - */ - if( verify ) - { - mbedtls_printf( " . Verifying X.509 certificate..." ); - - if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags, - my_verify, NULL ) ) != 0 ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - mbedtls_printf( " ok\n" ); - } - - mbedtls_x509_crt_free( &crt ); - } - else if( opt.mode == MODE_SSL ) - { - /* - * 1. Initialize the RNG and the session data - */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto ssl_exit; - } - - mbedtls_printf( " ok\n" ); - -#if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); -#endif - - /* - * 2. Start the connection - */ - mbedtls_printf( " . SSL connection to tcp/%s/%s...", opt.server_name, - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, - opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto ssl_exit; - } - - /* - * 3. Setup stuff - */ - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); - goto exit; - } - - if( verify ) - { - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); - } - else - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); - - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); - goto ssl_exit; - } - - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); - goto ssl_exit; - } - - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - - /* - * 4. Handshake - */ - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); - goto ssl_exit; - } - } - - mbedtls_printf( " ok\n" ); - - /* - * 5. Print the certificate - */ -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_printf( " . Peer certificate information ... skipped\n" ); -#else - mbedtls_printf( " . Peer certificate information ...\n" ); - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - mbedtls_ssl_get_peer_cert( &ssl ) ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); - goto ssl_exit; - } - - mbedtls_printf( "%s\n", buf ); -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - mbedtls_ssl_close_notify( &ssl ); - -ssl_exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - } - else - goto usage; - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_net_free( &server_fd ); - mbedtls_x509_crt_free( &cacert ); -#if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_free( &cacrl ); -#endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && - MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && - MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c deleted file mode 100644 index d25ad4c56..000000000 --- a/programs/x509/cert_req.c +++ /dev/null @@ -1,453 +0,0 @@ -/* - * Certificate request generation - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_PEM_WRITE_C) -int main( void ) -{ - mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " - "not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/x509_csr.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/error.h" - -#include -#include -#include - -#define DFL_FILENAME "keyfile.key" -#define DFL_PASSWORD NULL -#define DFL_DEBUG_LEVEL 0 -#define DFL_OUTPUT_FILENAME "cert.req" -#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" -#define DFL_KEY_USAGE 0 -#define DFL_FORCE_KEY_USAGE 0 -#define DFL_NS_CERT_TYPE 0 -#define DFL_FORCE_NS_CERT_TYPE 0 -#define DFL_MD_ALG MBEDTLS_MD_SHA256 - -#define USAGE \ - "\n usage: cert_req param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: keyfile.key\n" \ - " password=%%s default: NULL\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " output_file=%%s default: cert.req\n" \ - " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ - " key_usage=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " digital_signature\n" \ - " non_repudiation\n" \ - " key_encipherment\n" \ - " data_encipherment\n" \ - " key_agreement\n" \ - " key_cert_sign\n" \ - " crl_sign\n" \ - " force_key_usage=0/1 default: off\n" \ - " Add KeyUsage even if it is empty\n" \ - " ns_cert_type=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " ssl_client\n" \ - " ssl_server\n" \ - " email\n" \ - " object_signing\n" \ - " ssl_ca\n" \ - " email_ca\n" \ - " object_signing_ca\n" \ - " force_ns_cert_type=0/1 default: off\n" \ - " Add NsCertType even if it is empty\n" \ - " md=%%s default: SHA256\n" \ - " possible values:\n" \ - " MD4, MD5, SHA1\n" \ - " SHA224, SHA256\n" \ - " SHA384, SHA512\n" \ - "\n" - -#if defined(MBEDTLS_CHECK_PARAMS) -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *filename; /* filename of the key file */ - const char *password; /* password for the key file */ - int debug_level; /* level of debugging */ - const char *output_file; /* where to store the constructed key file */ - const char *subject_name; /* subject name for certificate request */ - unsigned char key_usage; /* key usage flags */ - int force_key_usage; /* Force adding the KeyUsage extension */ - unsigned char ns_cert_type; /* NS cert type */ - int force_ns_cert_type; /* Force adding NsCertType extension */ - mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ -} opt; - -int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - FILE *f; - unsigned char output_buf[4096]; - size_t len = 0; - - memset( output_buf, 0, 4096 ); - if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 ) - return( ret ); - - len = strlen( (char *) output_buf ); - - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); - - if( fwrite( output_buf, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); - } - - fclose( f ); - - return( 0 ); -} - -int main( int argc, char *argv[] ) -{ - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_pk_context key; - char buf[1024]; - int i; - char *p, *q, *r; - mbedtls_x509write_csr req; - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - const char *pers = "csr example app"; - - /* - * Set to sane values - */ - mbedtls_x509write_csr_init( &req ); - mbedtls_pk_init( &key ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( buf, 0, sizeof( buf ) ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); - goto exit; - } - - opt.filename = DFL_FILENAME; - opt.password = DFL_PASSWORD; - opt.debug_level = DFL_DEBUG_LEVEL; - opt.output_file = DFL_OUTPUT_FILENAME; - opt.subject_name = DFL_SUBJECT_NAME; - opt.key_usage = DFL_KEY_USAGE; - opt.force_key_usage = DFL_FORCE_KEY_USAGE; - opt.ns_cert_type = DFL_NS_CERT_TYPE; - opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE; - opt.md_alg = DFL_MD_ALG; - - for( i = 1; i < argc; i++ ) - { - - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "filename" ) == 0 ) - opt.filename = q; - else if( strcmp( p, "password" ) == 0 ) - opt.password = q; - else if( strcmp( p, "output_file" ) == 0 ) - opt.output_file = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) - goto usage; - } - else if( strcmp( p, "subject_name" ) == 0 ) - { - opt.subject_name = q; - } - else if( strcmp( p, "md" ) == 0 ) - { - if( strcmp( q, "SHA256" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_SHA256; - } - else if( strcmp( q, "SHA224" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_SHA224; - } - else -#if defined(MBEDTLS_MD5_C) - if( strcmp( q, "MD5" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_MD5; - } - else -#endif /* MBEDTLS_MD5_C */ -#if defined(MBEDTLS_MD4_C) - if( strcmp( q, "MD4" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_MD4; - } - else -#endif /* MBEDTLS_MD5_C */ -#if defined(MBEDTLS_SHA1_C) - if( strcmp( q, "SHA1" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_SHA1; - } - else -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA512_C) - if( strcmp( q, "SHA384" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_SHA384; - } - else - if( strcmp( q, "SHA512" ) == 0 ) - { - opt.md_alg = MBEDTLS_MD_SHA512; - } - else -#endif /* MBEDTLS_SHA512_C */ - { - goto usage; - } - } - else if( strcmp( p, "key_usage" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) - *r++ = '\0'; - - if( strcmp( q, "digital_signature" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - else if( strcmp( q, "non_repudiation" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; - else if( strcmp( q, "key_encipherment" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - else if( strcmp( q, "data_encipherment" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; - else if( strcmp( q, "key_agreement" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; - else if( strcmp( q, "key_cert_sign" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; - else if( strcmp( q, "crl_sign" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; - else - goto usage; - - q = r; - } - } - else if( strcmp( p, "force_key_usage" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.force_key_usage = 0; break; - case 1: opt.force_key_usage = 1; break; - default: goto usage; - } - } - else if( strcmp( p, "ns_cert_type" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) - *r++ = '\0'; - - if( strcmp( q, "ssl_client" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; - else if( strcmp( q, "ssl_server" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; - else if( strcmp( q, "email" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; - else if( strcmp( q, "object_signing" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; - else if( strcmp( q, "ssl_ca" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; - else if( strcmp( q, "email_ca" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; - else if( strcmp( q, "object_signing_ca" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; - else - goto usage; - - q = r; - } - } - else if( strcmp( p, "force_ns_cert_type" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.force_ns_cert_type = 0; break; - case 1: opt.force_ns_cert_type = 1; break; - default: goto usage; - } - } - else - goto usage; - } - - mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg ); - - if( opt.key_usage || opt.force_key_usage == 1 ) - mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage ); - - if( opt.ns_cert_type || opt.force_ns_cert_type == 1 ) - mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type ); - - /* - * 0. Seed the PRNG - */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.0. Check the subject name for validity - */ - mbedtls_printf( " . Checking subject name..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.1. Load the key - */ - mbedtls_printf( " . Loading the private key ..." ); - fflush( stdout ); - - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password ); - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d", ret ); - goto exit; - } - - mbedtls_x509write_csr_set_key( &req, &key ); - - mbedtls_printf( " ok\n" ); - - /* - * 1.2. Writing the request - */ - mbedtls_printf( " . Writing the certificate request ..." ); - fflush( stdout ); - - if( ( ret = write_certificate_request( &req, opt.output_file, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! write_certifcate_request %d", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { -#ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); -#else - mbedtls_printf("\n"); -#endif - } - - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && - MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */ diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c deleted file mode 100644 index cd39108f2..000000000 --- a/programs/x509/cert_write.c +++ /dev/null @@ -1,825 +0,0 @@ -/* - * Certificate generation and signing - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_PEM_WRITE_C) -int main( void ) -{ - mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_ERROR_C not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/md.h" -#include "mbedtls/error.h" - -#include -#include -#include - -#if defined(MBEDTLS_X509_CSR_PARSE_C) -#define USAGE_CSR \ - " request_file=%%s default: (empty)\n" \ - " If request_file is specified, subject_key,\n" \ - " subject_pwd and subject_name are ignored!\n" -#else -#define USAGE_CSR "" -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - -#define DFL_ISSUER_CRT "" -#define DFL_REQUEST_FILE "" -#define DFL_SUBJECT_KEY "subject.key" -#define DFL_ISSUER_KEY "ca.key" -#define DFL_SUBJECT_PWD "" -#define DFL_ISSUER_PWD "" -#define DFL_OUTPUT_FILENAME "cert.crt" -#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" -#define DFL_ISSUER_NAME "CN=CA,O=mbed TLS,C=UK" -#define DFL_NOT_BEFORE "20010101000000" -#define DFL_NOT_AFTER "20301231235959" -#define DFL_SERIAL "1" -#define DFL_SELFSIGN 0 -#define DFL_IS_CA 0 -#define DFL_MAX_PATHLEN -1 -#define DFL_KEY_USAGE 0 -#define DFL_NS_CERT_TYPE 0 -#define DFL_VERSION 3 -#define DFL_AUTH_IDENT 1 -#define DFL_SUBJ_IDENT 1 -#define DFL_CONSTRAINTS 1 -#define DFL_DIGEST MBEDTLS_MD_SHA256 - -#define USAGE \ - "\n usage: cert_write param=<>...\n" \ - "\n acceptable parameters:\n" \ - USAGE_CSR \ - " subject_key=%%s default: subject.key\n" \ - " subject_pwd=%%s default: (empty)\n" \ - " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ - "\n" \ - " issuer_crt=%%s default: (empty)\n" \ - " If issuer_crt is specified, issuer_name is\n" \ - " ignored!\n" \ - " issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \ - "\n" \ - " selfsign=%%d default: 0 (false)\n" \ - " If selfsign is enabled, issuer_name and\n" \ - " issuer_key are required (issuer_crt and\n" \ - " subject_* are ignored\n" \ - " issuer_key=%%s default: ca.key\n" \ - " issuer_pwd=%%s default: (empty)\n" \ - " output_file=%%s default: cert.crt\n" \ - " serial=%%s default: 1\n" \ - " not_before=%%s default: 20010101000000\n"\ - " not_after=%%s default: 20301231235959\n"\ - " is_ca=%%d default: 0 (disabled)\n" \ - " max_pathlen=%%d default: -1 (none)\n" \ - " md=%%s default: SHA256\n" \ - " Supported values:\n" \ - " MD5, SHA1, SHA256, SHA512\n"\ - " version=%%d default: 3\n" \ - " Possible values: 1, 2, 3\n"\ - " subject_identifier=%%s default: 1\n" \ - " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ - " authority_identifier=%%s default: 1\n" \ - " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ - " basic_constraints=%%d default: 1\n" \ - " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ - " key_usage=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " digital_signature\n" \ - " non_repudiation\n" \ - " key_encipherment\n" \ - " data_encipherment\n" \ - " key_agreement\n" \ - " key_cert_sign\n" \ - " crl_sign\n" \ - " (Considered for v3 only)\n"\ - " ns_cert_type=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " ssl_client\n" \ - " ssl_server\n" \ - " email\n" \ - " object_signing\n" \ - " ssl_ca\n" \ - " email_ca\n" \ - " object_signing_ca\n" \ - "\n" - -#if defined(MBEDTLS_CHECK_PARAMS) -#define mbedtls_exit exit -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *issuer_crt; /* filename of the issuer certificate */ - const char *request_file; /* filename of the certificate request */ - const char *subject_key; /* filename of the subject key file */ - const char *issuer_key; /* filename of the issuer key file */ - const char *subject_pwd; /* password for the subject key file */ - const char *issuer_pwd; /* password for the issuer key file */ - const char *output_file; /* where to store the constructed CRT */ - const char *subject_name; /* subject name for certificate */ - const char *issuer_name; /* issuer name for certificate */ - const char *not_before; /* validity period not before */ - const char *not_after; /* validity period not after */ - const char *serial; /* serial number string */ - int selfsign; /* selfsign the certificate */ - int is_ca; /* is a CA certificate */ - int max_pathlen; /* maximum CA path length */ - int authority_identifier; /* add authority identifier to CRT */ - int subject_identifier; /* add subject identifier to CRT */ - int basic_constraints; /* add basic constraints ext to CRT */ - int version; /* CRT version */ - mbedtls_md_type_t md; /* Hash used for signing */ - unsigned char key_usage; /* key usage flags */ - unsigned char ns_cert_type; /* NS cert type */ -} opt; - -int write_certificate( mbedtls_x509write_cert *crt, const char *output_file, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - FILE *f; - unsigned char output_buf[4096]; - size_t len = 0; - - memset( output_buf, 0, 4096 ); - if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096, - f_rng, p_rng ) ) < 0 ) - return( ret ); - - len = strlen( (char *) output_buf ); - - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); - - if( fwrite( output_buf, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); - } - - fclose( f ); - - return( 0 ); -} - -int main( int argc, char *argv[] ) -{ - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_x509_crt issuer_crt; - mbedtls_pk_context loaded_issuer_key, loaded_subject_key; - mbedtls_pk_context *issuer_key = &loaded_issuer_key, - *subject_key = &loaded_subject_key; - char buf[1024]; - char issuer_name[256]; - int i; - char *p, *q, *r; -#if defined(MBEDTLS_X509_CSR_PARSE_C) - char subject_name[256]; - mbedtls_x509_csr csr; -#endif - mbedtls_x509write_cert crt; - mbedtls_mpi serial; - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - const char *pers = "crt example app"; - - /* - * Set to sane values - */ - mbedtls_x509write_crt_init( &crt ); - mbedtls_pk_init( &loaded_issuer_key ); - mbedtls_pk_init( &loaded_subject_key ); - mbedtls_mpi_init( &serial ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); -#if defined(MBEDTLS_X509_CSR_PARSE_C) - mbedtls_x509_csr_init( &csr ); -#endif - mbedtls_x509_crt_init( &issuer_crt ); - memset( buf, 0, 1024 ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); - goto exit; - } - - opt.issuer_crt = DFL_ISSUER_CRT; - opt.request_file = DFL_REQUEST_FILE; - opt.subject_key = DFL_SUBJECT_KEY; - opt.issuer_key = DFL_ISSUER_KEY; - opt.subject_pwd = DFL_SUBJECT_PWD; - opt.issuer_pwd = DFL_ISSUER_PWD; - opt.output_file = DFL_OUTPUT_FILENAME; - opt.subject_name = DFL_SUBJECT_NAME; - opt.issuer_name = DFL_ISSUER_NAME; - opt.not_before = DFL_NOT_BEFORE; - opt.not_after = DFL_NOT_AFTER; - opt.serial = DFL_SERIAL; - opt.selfsign = DFL_SELFSIGN; - opt.is_ca = DFL_IS_CA; - opt.max_pathlen = DFL_MAX_PATHLEN; - opt.key_usage = DFL_KEY_USAGE; - opt.ns_cert_type = DFL_NS_CERT_TYPE; - opt.version = DFL_VERSION - 1; - opt.md = DFL_DIGEST; - opt.subject_identifier = DFL_SUBJ_IDENT; - opt.authority_identifier = DFL_AUTH_IDENT; - opt.basic_constraints = DFL_CONSTRAINTS; - - for( i = 1; i < argc; i++ ) - { - - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "request_file" ) == 0 ) - opt.request_file = q; - else if( strcmp( p, "subject_key" ) == 0 ) - opt.subject_key = q; - else if( strcmp( p, "issuer_key" ) == 0 ) - opt.issuer_key = q; - else if( strcmp( p, "subject_pwd" ) == 0 ) - opt.subject_pwd = q; - else if( strcmp( p, "issuer_pwd" ) == 0 ) - opt.issuer_pwd = q; - else if( strcmp( p, "issuer_crt" ) == 0 ) - opt.issuer_crt = q; - else if( strcmp( p, "output_file" ) == 0 ) - opt.output_file = q; - else if( strcmp( p, "subject_name" ) == 0 ) - { - opt.subject_name = q; - } - else if( strcmp( p, "issuer_name" ) == 0 ) - { - opt.issuer_name = q; - } - else if( strcmp( p, "not_before" ) == 0 ) - { - opt.not_before = q; - } - else if( strcmp( p, "not_after" ) == 0 ) - { - opt.not_after = q; - } - else if( strcmp( p, "serial" ) == 0 ) - { - opt.serial = q; - } - else if( strcmp( p, "authority_identifier" ) == 0 ) - { - opt.authority_identifier = atoi( q ); - if( opt.authority_identifier != 0 && - opt.authority_identifier != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "subject_identifier" ) == 0 ) - { - opt.subject_identifier = atoi( q ); - if( opt.subject_identifier != 0 && - opt.subject_identifier != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "basic_constraints" ) == 0 ) - { - opt.basic_constraints = atoi( q ); - if( opt.basic_constraints != 0 && - opt.basic_constraints != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "md" ) == 0 ) - { - if( strcmp( q, "SHA1" ) == 0 ) - opt.md = MBEDTLS_MD_SHA1; - else if( strcmp( q, "SHA256" ) == 0 ) - opt.md = MBEDTLS_MD_SHA256; - else if( strcmp( q, "SHA512" ) == 0 ) - opt.md = MBEDTLS_MD_SHA512; - else if( strcmp( q, "MD5" ) == 0 ) - opt.md = MBEDTLS_MD_MD5; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "version" ) == 0 ) - { - opt.version = atoi( q ); - if( opt.version < 1 || opt.version > 3 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - opt.version--; - } - else if( strcmp( p, "selfsign" ) == 0 ) - { - opt.selfsign = atoi( q ); - if( opt.selfsign < 0 || opt.selfsign > 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "is_ca" ) == 0 ) - { - opt.is_ca = atoi( q ); - if( opt.is_ca < 0 || opt.is_ca > 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "max_pathlen" ) == 0 ) - { - opt.max_pathlen = atoi( q ); - if( opt.max_pathlen < -1 || opt.max_pathlen > 127 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - } - else if( strcmp( p, "key_usage" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) - *r++ = '\0'; - - if( strcmp( q, "digital_signature" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - else if( strcmp( q, "non_repudiation" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; - else if( strcmp( q, "key_encipherment" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - else if( strcmp( q, "data_encipherment" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; - else if( strcmp( q, "key_agreement" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; - else if( strcmp( q, "key_cert_sign" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; - else if( strcmp( q, "crl_sign" ) == 0 ) - opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - - q = r; - } - } - else if( strcmp( p, "ns_cert_type" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) - *r++ = '\0'; - - if( strcmp( q, "ssl_client" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; - else if( strcmp( q, "ssl_server" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; - else if( strcmp( q, "email" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; - else if( strcmp( q, "object_signing" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; - else if( strcmp( q, "ssl_ca" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; - else if( strcmp( q, "email_ca" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; - else if( strcmp( q, "object_signing_ca" ) == 0 ) - opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); - goto usage; - } - - q = r; - } - } - else - goto usage; - } - - mbedtls_printf("\n"); - - /* - * 0. Seed the PRNG - */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d - %s\n", - ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - // Parse serial to MPI - // - mbedtls_printf( " . Reading serial number..." ); - fflush( stdout ); - - if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_mpi_read_string " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - // Parse issuer certificate if present - // - if( !opt.selfsign && strlen( opt.issuer_crt ) ) - { - /* - * 1.0.a. Load the certificates - */ - mbedtls_printf( " . Loading the issuer certificate ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name), - &issuer_crt.subject ); - if( ret < 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - opt.issuer_name = issuer_name; - - mbedtls_printf( " ok\n" ); - } - -#if defined(MBEDTLS_X509_CSR_PARSE_C) - // Parse certificate request if present - // - if( !opt.selfsign && strlen( opt.request_file ) ) - { - /* - * 1.0.b. Load the CSR - */ - mbedtls_printf( " . Loading the certificate request ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name), - &csr.subject ); - if( ret < 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - opt.subject_name = subject_name; - subject_key = &csr.pk; - - mbedtls_printf( " ok\n" ); - } -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - - /* - * 1.1. Load the keys - */ - if( !opt.selfsign && !strlen( opt.request_file ) ) - { - mbedtls_printf( " . Loading the subject key ..." ); - fflush( stdout ); - - ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key, - opt.subject_pwd ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } - - mbedtls_printf( " . Loading the issuer key ..." ); - fflush( stdout ); - - ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key, - opt.issuer_pwd ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " - "returned -x%02x - %s\n\n", -ret, buf ); - goto exit; - } - - // Check if key and issuer certificate match - // - if( strlen( opt.issuer_crt ) ) - { - if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key ) != 0 ) - { - mbedtls_printf( " failed\n ! issuer_key does not match " - "issuer certificate\n\n" ); - goto exit; - } - } - - mbedtls_printf( " ok\n" ); - - if( opt.selfsign ) - { - opt.subject_name = opt.issuer_name; - subject_key = issuer_key; - } - - mbedtls_x509write_crt_set_subject_key( &crt, subject_key ); - mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key ); - - /* - * 1.0. Check the names for validity - */ - if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " . Setting certificate values ..." ); - fflush( stdout ); - - mbedtls_x509write_crt_set_version( &crt, opt.version ); - mbedtls_x509write_crt_set_md_alg( &crt, opt.md ); - - ret = mbedtls_x509write_crt_set_serial( &crt, &serial ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.basic_constraints != 0 ) - { - mbedtls_printf( " . Adding the Basic Constraints extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca, - opt.max_pathlen ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } - -#if defined(MBEDTLS_SHA1_C) - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.subject_identifier != 0 ) - { - mbedtls_printf( " . Adding the Subject Key Identifier ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject" - "_key_identifier returned -0x%04x - %s\n\n", - -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } - - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.authority_identifier != 0 ) - { - mbedtls_printf( " . Adding the Authority Key Identifier ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_" - "key_identifier returned -0x%04x - %s\n\n", - -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } -#endif /* MBEDTLS_SHA1_C */ - - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.key_usage != 0 ) - { - mbedtls_printf( " . Adding the Key Usage extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } - - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.ns_cert_type != 0 ) - { - mbedtls_printf( " . Adding the NS Cert Type extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type " - "returned -0x%04x - %s\n\n", -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - } - - /* - * 1.2. Writing the certificate - */ - mbedtls_printf( " . Writing the certificate..." ); - fflush( stdout ); - - if( ( ret = write_certificate( &crt, opt.output_file, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! write_certificate -0x%04x - %s\n\n", - -ret, buf ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: -#if defined(MBEDTLS_X509_CSR_PARSE_C) - mbedtls_x509_csr_free( &csr ); -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - mbedtls_x509_crt_free( &issuer_crt ); - mbedtls_x509write_crt_free( &crt ); - mbedtls_pk_free( &loaded_subject_key ); - mbedtls_pk_free( &loaded_issuer_key ); - mbedtls_mpi_free( &serial ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C && - MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && - MBEDTLS_ERROR_C && MBEDTLS_PEM_WRITE_C */ diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c deleted file mode 100644 index a95157067..000000000 --- a/programs/x509/crl_app.c +++ /dev/null @@ -1,164 +0,0 @@ -/* - * CRL reading application - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/x509_crl.h" - -#include -#include -#include - -#define DFL_FILENAME "crl.pem" -#define DFL_DEBUG_LEVEL 0 - -#define USAGE \ - "\n usage: crl_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: crl.pem\n" \ - "\n" - -#if defined(MBEDTLS_CHECK_PARAMS) -#define mbedtls_exit exit -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *filename; /* filename of the certificate file */ -} opt; - -int main( int argc, char *argv[] ) -{ - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - unsigned char buf[100000]; - mbedtls_x509_crl crl; - int i; - char *p, *q; - - /* - * Set to sane values - */ - mbedtls_x509_crl_init( &crl ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); - goto exit; - } - - opt.filename = DFL_FILENAME; - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "filename" ) == 0 ) - opt.filename = q; - else - goto usage; - } - - /* - * 1.1. Load the CRL - */ - mbedtls_printf( "\n . Loading the CRL ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crl_parse_file( &crl, opt.filename ); - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret ); - mbedtls_x509_crl_free( &crl ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.2 Print the CRL - */ - mbedtls_printf( " . CRL information ...\n" ); - ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret ); - mbedtls_x509_crl_free( &crl ); - goto exit; - } - - mbedtls_printf( "%s\n", buf ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - mbedtls_x509_crl_free( &crl ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C && - MBEDTLS_FS_IO */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c deleted file mode 100644 index 04ad119f7..000000000 --- a/programs/x509/req_app.c +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Certificate request reading application - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) -{ - mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); -} -#else - -#include "mbedtls/x509_csr.h" - -#include -#include -#include - -#define DFL_FILENAME "cert.req" -#define DFL_DEBUG_LEVEL 0 - -#define USAGE \ - "\n usage: req_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: cert.req\n" \ - "\n" - -#if defined(MBEDTLS_CHECK_PARAMS) -#define mbedtls_exit exit -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -/* - * global options - */ -struct options -{ - const char *filename; /* filename of the certificate request */ -} opt; - -int main( int argc, char *argv[] ) -{ - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - unsigned char buf[100000]; - mbedtls_x509_csr csr; - int i; - char *p, *q; - - /* - * Set to sane values - */ - mbedtls_x509_csr_init( &csr ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); - goto exit; - } - - opt.filename = DFL_FILENAME; - - for( i = 1; i < argc; i++ ) - { - p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - goto usage; - *q++ = '\0'; - - if( strcmp( p, "filename" ) == 0 ) - opt.filename = q; - else - goto usage; - } - - /* - * 1.1. Load the CSR - */ - mbedtls_printf( "\n . Loading the CSR ..." ); - fflush( stdout ); - - ret = mbedtls_x509_csr_parse_file( &csr, opt.filename ); - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret ); - mbedtls_x509_csr_free( &csr ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.2 Print the CSR - */ - mbedtls_printf( " . CSR information ...\n" ); - ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret ); - mbedtls_x509_csr_free( &csr ); - goto exit; - } - - mbedtls_printf( "%s\n", buf ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - mbedtls_x509_csr_free( &csr ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C && - MBEDTLS_FS_IO */ diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 748514db1..65ac9b066 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -13,8 +13,6 @@ ## Tools OPENSSL ?= openssl FAKETIME ?= faketime -MBEDTLS_CERT_WRITE ?= $(PWD)/../../programs/x509/cert_write -MBEDTLS_CERT_REQ ?= $(PWD)/../../programs/x509/cert_req ## Build the generated test data. Note that since the final outputs diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj deleted file mode 100644 index fef0efe6d..000000000 --- a/visualc/VS2010/cert_app.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D4D691D4-137C-CBFA-735B-D46636D7E4D8} - Win32Proj - cert_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj deleted file mode 100644 index 7d8694bfe..000000000 --- a/visualc/VS2010/cert_req.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE} - Win32Proj - cert_req - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj deleted file mode 100644 index 8891d8aef..000000000 --- a/visualc/VS2010/cert_write.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {35E52E46-3BA9-4361-41D3-53663C2E9B8A} - Win32Proj - cert_write - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj deleted file mode 100644 index c51caef54..000000000 --- a/visualc/VS2010/crl_app.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DB904B85-AD31-B7FB-114F-88760CC485F2} - Win32Proj - crl_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj deleted file mode 100644 index 60715fe29..000000000 --- a/visualc/VS2010/dtls_client.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5} - Win32Proj - dtls_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj deleted file mode 100644 index 8789d7fea..000000000 --- a/visualc/VS2010/dtls_server.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317} - Win32Proj - dtls_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 9645016d1..9292b2562 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -128,51 +128,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_c {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_server", "dtls_server.vcxproj", "{BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client1", "ssl_client1.vcxproj", "{487A2F80-3CA3-678D-88D5-82194872CF08}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client2", "ssl_client2.vcxproj", "{4E590E9D-E28F-87FF-385B-D58736388231}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server", "ssl_server.vcxproj", "{E08E0065-896A-7487-DEA5-D3B80B71F975}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server2", "ssl_server2.vcxproj", "{A4DA7463-1047-BDF5-E1B3-5632CB573F41}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_fork_server", "ssl_fork_server.vcxproj", "{918CD402-047D-8467-E11C-E1132053F916}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mini_client", "mini_client.vcxproj", "{C4FE29EA-266D-5295-4840-976B9B5B3843}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_mail_client", "ssl_mail_client.vcxproj", "{7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_entropy", "gen_entropy.vcxproj", "{DE695064-13C3-18B0-378D-8B22672BF3F4}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -198,11 +153,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "selftest", "selftest.vcxpro {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udp_proxy", "udp_proxy.vcxproj", "{7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "zeroize", "zeroize.vcxproj", "{10C01E94-4926-063E-9F56-C84ED190D349}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -223,31 +173,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "strerror", "strerror.vcxpro {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_app", "cert_app.vcxproj", "{D4D691D4-137C-CBFA-735B-D46636D7E4D8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crl_app", "crl_app.vcxproj", "{DB904B85-AD31-B7FB-114F-88760CC485F2}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_req", "cert_req.vcxproj", "{C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_write", "cert_write.vcxproj", "{35E52E46-3BA9-4361-41D3-53663C2E9B8A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "req_app", "req_app.vcxproj", "{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Win32 = Debug|Win32 @@ -464,78 +389,6 @@ Global {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32 {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64 {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.Build.0 = Debug|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.ActiveCfg = Release|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.Build.0 = Release|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.ActiveCfg = Release|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.Build.0 = Release|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.ActiveCfg = Debug|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.Build.0 = Debug|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.ActiveCfg = Debug|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.Build.0 = Debug|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.ActiveCfg = Release|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.Build.0 = Release|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.ActiveCfg = Release|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.Build.0 = Release|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.ActiveCfg = Debug|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.Build.0 = Debug|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.ActiveCfg = Debug|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.Build.0 = Debug|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.ActiveCfg = Release|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.Build.0 = Release|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.ActiveCfg = Release|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.Build.0 = Release|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.ActiveCfg = Debug|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.Build.0 = Debug|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.ActiveCfg = Debug|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.Build.0 = Debug|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.ActiveCfg = Release|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.Build.0 = Release|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.ActiveCfg = Release|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.Build.0 = Release|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.ActiveCfg = Debug|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.Build.0 = Debug|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.ActiveCfg = Debug|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.Build.0 = Debug|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.ActiveCfg = Release|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.Build.0 = Release|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.ActiveCfg = Release|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.Build.0 = Release|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.ActiveCfg = Debug|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.Build.0 = Debug|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.ActiveCfg = Debug|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.Build.0 = Debug|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.ActiveCfg = Release|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.Build.0 = Release|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.ActiveCfg = Release|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.Build.0 = Release|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.ActiveCfg = Debug|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.Build.0 = Debug|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.ActiveCfg = Debug|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.Build.0 = Debug|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.ActiveCfg = Release|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.Build.0 = Release|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.ActiveCfg = Release|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.Build.0 = Release|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.ActiveCfg = Debug|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.Build.0 = Debug|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.ActiveCfg = Debug|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.Build.0 = Debug|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.ActiveCfg = Release|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.Build.0 = Release|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.ActiveCfg = Release|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.Build.0 = Release|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.ActiveCfg = Debug|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.Build.0 = Debug|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.ActiveCfg = Debug|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.Build.0 = Debug|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.ActiveCfg = Release|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.Build.0 = Release|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.ActiveCfg = Release|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.Build.0 = Release|x64 {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.ActiveCfg = Debug|Win32 {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.Build.0 = Debug|Win32 {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.ActiveCfg = Debug|x64 @@ -576,14 +429,6 @@ Global {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.Build.0 = Release|Win32 {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.ActiveCfg = Release|x64 {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.Build.0 = Release|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.ActiveCfg = Debug|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.Build.0 = Debug|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.ActiveCfg = Debug|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.Build.0 = Debug|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.ActiveCfg = Release|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.Build.0 = Release|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.ActiveCfg = Release|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.Build.0 = Release|x64 {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.ActiveCfg = Debug|Win32 {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.Build.0 = Debug|Win32 {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.ActiveCfg = Debug|x64 @@ -616,46 +461,6 @@ Global {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.Build.0 = Release|Win32 {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.ActiveCfg = Release|x64 {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.Build.0 = Release|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.ActiveCfg = Debug|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.Build.0 = Debug|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.ActiveCfg = Debug|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.Build.0 = Debug|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.ActiveCfg = Release|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.Build.0 = Release|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.ActiveCfg = Release|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.Build.0 = Release|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.ActiveCfg = Debug|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.Build.0 = Debug|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.ActiveCfg = Debug|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.Build.0 = Debug|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.ActiveCfg = Release|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.Build.0 = Release|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.ActiveCfg = Release|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.Build.0 = Release|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.ActiveCfg = Debug|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.Build.0 = Debug|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.ActiveCfg = Debug|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.Build.0 = Debug|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.ActiveCfg = Release|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.Build.0 = Release|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.ActiveCfg = Release|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.Build.0 = Release|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.ActiveCfg = Debug|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.Build.0 = Debug|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.ActiveCfg = Debug|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.Build.0 = Debug|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.ActiveCfg = Release|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.Build.0 = Release|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.ActiveCfg = Release|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.Build.0 = Release|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.ActiveCfg = Debug|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.Build.0 = Debug|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.ActiveCfg = Debug|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.Build.0 = Debug|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.ActiveCfg = Release|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.Build.0 = Release|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.ActiveCfg = Release|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.Build.0 = Release|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj deleted file mode 100644 index b5567bdfe..000000000 --- a/visualc/VS2010/mini_client.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C4FE29EA-266D-5295-4840-976B9B5B3843} - Win32Proj - mini_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj deleted file mode 100644 index 3ffcea594..000000000 --- a/visualc/VS2010/req_app.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3} - Win32Proj - req_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj deleted file mode 100644 index 4ac158224..000000000 --- a/visualc/VS2010/ssl_client1.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {487A2F80-3CA3-678D-88D5-82194872CF08} - Win32Proj - ssl_client1 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj deleted file mode 100644 index 9b6db7f89..000000000 --- a/visualc/VS2010/ssl_client2.vcxproj +++ /dev/null @@ -1,175 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4E590E9D-E28F-87FF-385B-D58736388231} - Win32Proj - ssl_client2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj deleted file mode 100644 index 922a9953e..000000000 --- a/visualc/VS2010/ssl_fork_server.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {918CD402-047D-8467-E11C-E1132053F916} - Win32Proj - ssl_fork_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj deleted file mode 100644 index a9b01d0d5..000000000 --- a/visualc/VS2010/ssl_mail_client.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD} - Win32Proj - ssl_mail_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj deleted file mode 100644 index ae28e1839..000000000 --- a/visualc/VS2010/ssl_server.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E08E0065-896A-7487-DEA5-D3B80B71F975} - Win32Proj - ssl_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj deleted file mode 100644 index 9bfe6ce56..000000000 --- a/visualc/VS2010/ssl_server2.vcxproj +++ /dev/null @@ -1,175 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A4DA7463-1047-BDF5-E1B3-5632CB573F41} - Win32Proj - ssl_server2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj deleted file mode 100644 index 30ae55e99..000000000 --- a/visualc/VS2010/udp_proxy.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A} - Win32Proj - udp_proxy - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - From 986a15199d40f354d467144f0c55ced36d161c1a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 10:13:30 +0000 Subject: [PATCH 1179/2197] programs, tests: Depend only on libmbedcrypto Update the tests and programs to depend only on libmbedcrypto, since we'll soon only build libmbedcrypto. --- programs/Makefile | 6 ++---- programs/aes/CMakeLists.txt | 4 ++-- programs/hash/CMakeLists.txt | 4 ++-- programs/pkey/CMakeLists.txt | 36 +++++++++++++++++----------------- programs/psa/CMakeLists.txt | 6 +++--- programs/random/CMakeLists.txt | 6 +++--- programs/test/CMakeLists.txt | 2 +- programs/util/CMakeLists.txt | 2 +- tests/CMakeLists.txt | 4 ++-- tests/Makefile | 2 -- tests/data_files/Makefile | 6 ++++++ 11 files changed, 40 insertions(+), 38 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 5bf2f0402..c7cc9953e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -9,14 +9,12 @@ LDFLAGS ?= LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ - -lmbedtls$(SHARED_SUFFIX) \ - -lmbedx509$(SHARED_SUFFIX) \ -lmbedcrypto$(SHARED_SUFFIX) ifndef SHARED -DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a +DEP=../library/libmbedcrypto.a else -DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) +DEP=../library/libmbedcrypto.$(DLEXT) endif ifdef DEBUG diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt index f5a0caabb..6c4c7e10f 100644 --- a/programs/aes/CMakeLists.txt +++ b/programs/aes/CMakeLists.txt @@ -1,8 +1,8 @@ add_executable(aescrypt2 aescrypt2.c) -target_link_libraries(aescrypt2 mbedtls) +target_link_libraries(aescrypt2 mbedcrypto) add_executable(crypt_and_hash crypt_and_hash.c) -target_link_libraries(crypt_and_hash mbedtls) +target_link_libraries(crypt_and_hash mbedcrypto) install(TARGETS aescrypt2 crypt_and_hash DESTINATION "bin" diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt index eda975bb0..3c6cca9d4 100644 --- a/programs/hash/CMakeLists.txt +++ b/programs/hash/CMakeLists.txt @@ -1,8 +1,8 @@ add_executable(hello hello.c) -target_link_libraries(hello mbedtls) +target_link_libraries(hello mbedcrypto) add_executable(generic_sum generic_sum.c) -target_link_libraries(generic_sum mbedtls) +target_link_libraries(generic_sum mbedcrypto) install(TARGETS hello generic_sum DESTINATION "bin" diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index 944a100a2..14e6b142d 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -1,56 +1,56 @@ add_executable(dh_genprime dh_genprime.c) -target_link_libraries(dh_genprime mbedtls) +target_link_libraries(dh_genprime mbedcrypto) add_executable(ecdh_curve25519 ecdh_curve25519.c) -target_link_libraries(ecdh_curve25519 mbedtls) +target_link_libraries(ecdh_curve25519 mbedcrypto) add_executable(ecdsa ecdsa.c) -target_link_libraries(ecdsa mbedtls) +target_link_libraries(ecdsa mbedcrypto) add_executable(gen_key gen_key.c) -target_link_libraries(gen_key mbedtls) +target_link_libraries(gen_key mbedcrypto) add_executable(key_app key_app.c) -target_link_libraries(key_app mbedtls) +target_link_libraries(key_app mbedcrypto) add_executable(key_app_writer key_app_writer.c) -target_link_libraries(key_app_writer mbedtls) +target_link_libraries(key_app_writer mbedcrypto) add_executable(mpi_demo mpi_demo.c) -target_link_libraries(mpi_demo mbedtls) +target_link_libraries(mpi_demo mbedcrypto) add_executable(rsa_genkey rsa_genkey.c) -target_link_libraries(rsa_genkey mbedtls) +target_link_libraries(rsa_genkey mbedcrypto) add_executable(rsa_sign rsa_sign.c) -target_link_libraries(rsa_sign mbedtls) +target_link_libraries(rsa_sign mbedcrypto) add_executable(rsa_verify rsa_verify.c) -target_link_libraries(rsa_verify mbedtls) +target_link_libraries(rsa_verify mbedcrypto) add_executable(rsa_sign_pss rsa_sign_pss.c) -target_link_libraries(rsa_sign_pss mbedtls) +target_link_libraries(rsa_sign_pss mbedcrypto) add_executable(rsa_verify_pss rsa_verify_pss.c) -target_link_libraries(rsa_verify_pss mbedtls) +target_link_libraries(rsa_verify_pss mbedcrypto) add_executable(rsa_encrypt rsa_encrypt.c) -target_link_libraries(rsa_encrypt mbedtls) +target_link_libraries(rsa_encrypt mbedcrypto) add_executable(rsa_decrypt rsa_decrypt.c) -target_link_libraries(rsa_decrypt mbedtls) +target_link_libraries(rsa_decrypt mbedcrypto) add_executable(pk_sign pk_sign.c) -target_link_libraries(pk_sign mbedtls) +target_link_libraries(pk_sign mbedcrypto) add_executable(pk_verify pk_verify.c) -target_link_libraries(pk_verify mbedtls) +target_link_libraries(pk_verify mbedcrypto) add_executable(pk_encrypt pk_encrypt.c) -target_link_libraries(pk_encrypt mbedtls) +target_link_libraries(pk_encrypt mbedcrypto) add_executable(pk_decrypt pk_decrypt.c) -target_link_libraries(pk_decrypt mbedtls) +target_link_libraries(pk_decrypt mbedcrypto) install(TARGETS dh_genprime key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key DESTINATION "bin" diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index c80043bc4..814368316 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -1,11 +1,11 @@ add_executable(crypto_examples crypto_examples.c) -target_link_libraries(crypto_examples mbedtls) +target_link_libraries(crypto_examples mbedcrypto) add_executable(key_ladder_demo key_ladder_demo.c) -target_link_libraries(key_ladder_demo mbedtls) +target_link_libraries(key_ladder_demo mbedcrypto) add_executable(psa_constant_names psa_constant_names.c) -target_link_libraries(psa_constant_names mbedtls) +target_link_libraries(psa_constant_names mbedcrypto) add_custom_target( psa_constant_names_generated diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt index 30933d88d..630c66e9d 100644 --- a/programs/random/CMakeLists.txt +++ b/programs/random/CMakeLists.txt @@ -1,11 +1,11 @@ add_executable(gen_random_havege gen_random_havege.c) -target_link_libraries(gen_random_havege mbedtls) +target_link_libraries(gen_random_havege mbedcrypto) add_executable(gen_random_ctr_drbg gen_random_ctr_drbg.c) -target_link_libraries(gen_random_ctr_drbg mbedtls) +target_link_libraries(gen_random_ctr_drbg mbedcrypto) add_executable(gen_entropy gen_entropy.c) -target_link_libraries(gen_entropy mbedtls) +target_link_libraries(gen_entropy mbedcrypto) install(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy DESTINATION "bin" diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 2b455ee01..192ac4cb7 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - mbedtls + mbedcrypto ) add_executable(selftest selftest.c) diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt index f9b660453..4c3fb0dfa 100644 --- a/programs/util/CMakeLists.txt +++ b/programs/util/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - mbedtls + mbedcrypto ) add_executable(strerror strerror.c) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 757ca5b7b..513979454 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - mbedtls + mbedcrypto ) find_package(Perl) @@ -29,7 +29,7 @@ function(add_test_suite suite_name) add_custom_command( OUTPUT test_suite_${data_name}.c COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o . - DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedcrypto ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data ) set(exe_name test_suite_${data_name}) diff --git a/tests/Makefile b/tests/Makefile index cb374e530..90880aac1 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -8,8 +8,6 @@ LDFLAGS ?= CRYPTO_INCLUDES ?= -I../include LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -I../library -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ - -lmbedtls$(SHARED_SUFFIX) \ - -lmbedx509$(SHARED_SUFFIX) \ -lmbedcrypto$(SHARED_SUFFIX) # Enable definition of various functions used throughout the testsuite diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 65ac9b066..98f322db7 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -14,6 +14,12 @@ OPENSSL ?= openssl FAKETIME ?= faketime +# Tools from Mbed TLS +# Mbed Crypto depends on Mbed TLS programs to generate its test certificates. +# These programs can be installed from Mbed TLS. +MBEDTLS_CERT_WRITE ?= mbedtls_cert_write +MBEDTLS_CERT_REQ ?= mbedtls_cert_req + ## Build the generated test data. Note that since the final outputs ## are committed to the repository, this target should do nothing on a From 8298d70beecb6c3c1a375954e03f4ed1a80efc0a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 10:11:31 +0000 Subject: [PATCH 1180/2197] Only build libmbedcrypto Update build scripts and tools to only build or update libmbedcrypto. --- Makefile | 4 --- library/CMakeLists.txt | 72 +++++------------------------------------ library/Makefile | 70 ++------------------------------------- scripts/bump_version.sh | 33 ------------------- tests/Makefile | 4 +-- 5 files changed, 12 insertions(+), 171 deletions(-) diff --git a/Makefile b/Makefile index 12d300820..803615f8b 100644 --- a/Makefile +++ b/Makefile @@ -28,8 +28,6 @@ install: no_test cp -rp include/psa $(DESTDIR)/include mkdir -p $(DESTDIR)/lib - cp -RP library/libmbedtls.* $(DESTDIR)/lib - cp -RP library/libmbedx509.* $(DESTDIR)/lib cp -RP library/libmbedcrypto.* $(DESTDIR)/lib mkdir -p $(DESTDIR)/bin @@ -43,8 +41,6 @@ install: no_test uninstall: rm -rf $(DESTDIR)/include/mbedtls - rm -f $(DESTDIR)/lib/libmbedtls.* - rm -f $(DESTDIR)/lib/libmbedx509.* rm -f $(DESTDIR)/lib/libmbedcrypto.* for p in programs/*/* ; do \ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6ac507f61..72b113b49 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -70,30 +70,6 @@ set(src_crypto xtea.c ) -set(src_x509 - certs.c - pkcs11.c - x509.c - x509_create.c - x509_crl.c - x509_crt.c - x509_csr.c - x509write_crt.c - x509write_csr.c -) - -set(src_tls - debug.c - net_sockets.c - ssl_cache.c - ssl_ciphersuites.c - ssl_cli.c - ssl_cookie.c - ssl_srv.c - ssl_ticket.c - ssl_tls.c -) - if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") endif(CMAKE_COMPILER_IS_GNUCC) @@ -132,12 +108,8 @@ if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - set(mbedtls_static_target "mbedtls_static") - set(mbedx509_static_target "mbedx509_static") set(mbedcrypto_static_target "mbedcrypto_static") elseif(USE_STATIC_MBEDTLS_LIBRARY) - set(mbedtls_static_target "mbedtls") - set(mbedx509_static_target "mbedx509") set(mbedcrypto_static_target "mbedcrypto") endif() @@ -149,23 +121,9 @@ if(USE_STATIC_MBEDTLS_LIBRARY) PUBLIC ${CMAKE_SOURCE_DIR}/include/ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) - if(USE_CRYPTO_SUBMODULE) - install(TARGETS ${mbedcrypto_static_target} - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - else() - add_library(${mbedx509_static_target} STATIC ${src_x509}) - set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) - target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) - - add_library(${mbedtls_static_target} STATIC ${src_tls}) - set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) - target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) - - install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target} - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - endif() + install(TARGETS ${mbedcrypto_static_target} + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) @@ -176,23 +134,9 @@ if(USE_SHARED_MBEDTLS_LIBRARY) PUBLIC ${CMAKE_SOURCE_DIR}/include/ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) - if(USE_CRYPTO_SUBMODULE) - install(TARGETS mbedcrypto - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - else() - add_library(mbedx509 SHARED ${src_x509}) - set_target_properties(mbedx509 PROPERTIES VERSION 2.16.0 SOVERSION 0) - target_link_libraries(mbedx509 ${libs} mbedcrypto) - - add_library(mbedtls SHARED ${src_tls}) - set_target_properties(mbedtls PROPERTIES VERSION 2.16.0 SOVERSION 12) - target_link_libraries(mbedtls ${libs} mbedx509) - - install(TARGETS mbedtls mbedx509 mbedcrypto - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) - endif() + install(TARGETS mbedcrypto + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) endif(USE_SHARED_MBEDTLS_LIBRARY) if(USE_CRYPTO_SUBMODULE) @@ -201,8 +145,8 @@ if(USE_CRYPTO_SUBMODULE) add_dependencies(crypto_lib mbedcrypto_static) endif() else() - add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls) + add_custom_target(lib DEPENDS mbedcrypto) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static) + add_dependencies(lib mbedcrypto_static) endif() endif() diff --git a/library/Makefile b/library/Makefile index 6ed5e6861..b79bc6b19 100644 --- a/library/Makefile +++ b/library/Makefile @@ -36,8 +36,6 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_TLS=so.12 -SOEXT_X509=so.0 SOEXT_CRYPTO=so.3 # Set AR_DASH= (empty string) to use an ar implementation that does not accept @@ -91,16 +89,6 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ threading.o timing.o version.o \ version_features.o xtea.o -OBJS_X509= certs.o pkcs11.o x509.o \ - x509_create.o x509_crl.o x509_crt.o \ - x509_csr.o x509write_crt.o x509write_csr.o - -OBJS_TLS= debug.o net_sockets.o \ - ssl_cache.o ssl_ciphersuites.o \ - ssl_cli.o ssl_cookie.o \ - ssl_srv.o ssl_ticket.o \ - ssl_tls.o - .SILENT: .PHONY: all static shared clean @@ -111,63 +99,9 @@ else all: shared static endif -static: libmbedcrypto.a libmbedx509.a libmbedtls.a +static: libmbedcrypto.a -shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT) - -# tls -libmbedtls.a: $(OBJS_TLS) - echo " AR $@" - $(AR) $(ARFLAGS) $@ $(OBJS_TLS) -ifdef APPLE_BUILD -ifneq ($(APPLE_BUILD),0) - echo " RL $@" - $(RL) $(RLFLAGS) $@ -endif -endif - -libmbedtls.$(SOEXT_TLS): $(OBJS_TLS) libmbedx509.so - echo " LD $@" - $(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto -lmbedx509 $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS) - -libmbedtls.so: libmbedtls.$(SOEXT_TLS) - echo " LN $@ -> $<" - ln -sf $< $@ - -libmbedtls.dylib: $(OBJS_TLS) libmbedx509.dylib - echo " LD $@" - $(CC) -dynamiclib -L. -lmbedcrypto -lmbedx509 $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS) - -libmbedtls.dll: $(OBJS_TLS) libmbedx509.dll - echo " LD $@" - $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_TLS) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -lmbedx509 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS) - -# x509 -libmbedx509.a: $(OBJS_X509) - echo " AR $@" - $(AR) $(ARFLAGS) $@ $(OBJS_X509) -ifdef APPLE_BUILD -ifneq ($(APPLE_BUILD),0) - echo " RL $@" - $(RL) $(RLFLAGS) $@ -endif -endif - -libmbedx509.$(SOEXT_X509): $(OBJS_X509) libmbedcrypto.so - echo " LD $@" - $(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509) - -libmbedx509.so: libmbedx509.$(SOEXT_X509) - echo " LN $@ -> $<" - ln -sf $< $@ - -libmbedx509.dylib: $(OBJS_X509) libmbedcrypto.dylib - echo " LD $@" - $(CC) -dynamiclib -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509) - -libmbedx509.dll: $(OBJS_X509) libmbedcrypto.dll - echo " LD $@" - $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS) +shared: libmbedcrypto.$(DLEXT) # crypto libmbedcrypto.a: $(OBJS_CRYPTO) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index cf875c88d..d76e313c8 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -9,7 +9,6 @@ # Sets the version numbers in the source code to those given. # # Usage: bump_version.sh [ --version ] [ --so-crypto ] -# [ --so-x509 ] [ --so-tls ] # [ -v | --verbose ] [ -h | --help ] # @@ -30,14 +29,6 @@ do shift SO_CRYPTO=$1 ;; - --so-x509) - shift - SO_X509=$1 - ;; - --so-tls) - shift - SO_TLS=$1 - ;; -v|--verbose) # Be verbose VERBOSE="1" @@ -48,8 +39,6 @@ do echo -e " -h|--help\t\tPrint this help." echo -e " --version \tVersion to bump to." echo -e " --so-crypto \tSO version to bump libmbedcrypto to." - echo -e " --so-x509 \tSO version to bump libmbedx509 to." - echo -e " --so-tls \tSO version to bump libmbedtls to." echo -e " -v|--verbose\t\tVerbose." exit 1 ;; @@ -83,28 +72,6 @@ then mv tmp library/Makefile fi -if [ "X" != "X$SO_X509" ]; -then - [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedx509 in library/CMakeLists.txt" - sed -e "/mbedx509/ s/ SOVERSION [0-9]\{1,\}/ SOVERSION $SO_X509/g" < library/CMakeLists.txt > tmp - mv tmp library/CMakeLists.txt - - [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedx509 in library/Makefile" - sed -e "s/SOEXT_X509=so.[0-9]\{1,\}/SOEXT_X509=so.$SO_X509/g" < library/Makefile > tmp - mv tmp library/Makefile -fi - -if [ "X" != "X$SO_TLS" ]; -then - [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedtls in library/CMakeLists.txt" - sed -e "/mbedtls/ s/ SOVERSION [0-9]\{1,\}/ SOVERSION $SO_TLS/g" < library/CMakeLists.txt > tmp - mv tmp library/CMakeLists.txt - - [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedtls in library/Makefile" - sed -e "s/SOEXT_TLS=so.[0-9]\{1,\}/SOEXT_TLS=so.$SO_TLS/g" < library/Makefile > tmp - mv tmp library/Makefile -fi - [ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/version.h" read MAJOR MINOR PATCH <<<$(IFS="."; echo $VERSION) VERSION_NR="$( printf "0x%02X%02X%02X00" $MAJOR $MINOR $PATCH )" diff --git a/tests/Makefile b/tests/Makefile index 90880aac1..aba002bf1 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -16,9 +16,9 @@ LOCAL_LDFLAGS = -L../library \ LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L ifndef SHARED -DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a +DEP=../library/libmbedcrypto.a else -DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) +DEP=../library/libmbedcrypto.$(DLEXT) endif ifdef DEBUG From 1ad37309e4f17d73c2f22c3ff4bffe2523abe17c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 13:15:59 +0000 Subject: [PATCH 1181/2197] Remove irrelevant configs Remove configuration files that are TLS-specific or otherwise not relevant to a pure-crypto library. --- configs/config-ccm-psk-tls1_2.h | 88 - configs/config-default.h | 3377 ----------------------------- configs/config-mini-tls1_1.h | 75 - configs/config-thread.h | 90 - tests/scripts/test-ref-configs.pl | 8 - 5 files changed, 3638 deletions(-) delete mode 100644 configs/config-ccm-psk-tls1_2.h delete mode 100644 configs/config-default.h delete mode 100644 configs/config-mini-tls1_1.h delete mode 100644 configs/config-thread.h diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h deleted file mode 100644 index c9b58dd53..000000000 --- a/configs/config-ccm-psk-tls1_2.h +++ /dev/null @@ -1,88 +0,0 @@ -/** - * \file config-ccm-psk-tls1_2.h - * - * \brief Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites - * Distinguishing features: - * - no bignum, no PK, no X509 - * - fully modern and secure (provided the pre-shared keys have high entropy) - * - very low record overhead with CCM-8 - * - optimized for low RAM usage - * - * See README.txt for usage instructions. - */ -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -/* System support */ -//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ -/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ - -/* mbed TLS feature support */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/* mbed TLS modules */ -#define MBEDTLS_AES_C -#define MBEDTLS_CCM_C -#define MBEDTLS_CIPHER_C -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_ENTROPY_C -#define MBEDTLS_MD_C -#define MBEDTLS_NET_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C - -/* Save RAM at the expense of ROM */ -#define MBEDTLS_AES_ROM_TABLES - -/* Save some RAM by adjusting to your exact needs */ -#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */ - -/* - * You should adjust this to the exact number of sources you're using: default - * is the "platform_entropy_poll" source, but you may want to add other ones - * Minimum is 2 for the entropy test suite. - */ -#define MBEDTLS_ENTROPY_MAX_SOURCES 2 - -/* - * Use only CCM_8 ciphersuites, and - * save ROM and a few bytes of RAM by specifying our own ciphersuite list - */ -#define MBEDTLS_SSL_CIPHERSUITES \ - MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ - MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 - -/* - * Save RAM at the expense of interoperability: do this only if you control - * both ends of the connection! (See comments in "mbedtls/ssl.h".) - * The optimal size here depends on the typical size of records. - */ -#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-default.h b/configs/config-default.h deleted file mode 100644 index e6abf24d5..000000000 --- a/configs/config-default.h +++ /dev/null @@ -1,3377 +0,0 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -/* - * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/aria.c - * library/timing.c - * include/mbedtls/bn_mul.h - * - * Required by: - * MBEDTLS_AESNI_C - * MBEDTLS_PADLOCK_C - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_NO_UDBL_DIVISION - * - * The platform lacks support for double-width integer division (64-bit - * division on a 32-bit platform, 128-bit division on a 64-bit platform). - * - * Used in: - * include/mbedtls/bignum.h - * library/bignum.c - * - * The bignum code uses double-width division to speed up some operations. - * Double-width division is often implemented in software that needs to - * be linked with the program. The presence of a double-width integer - * type is usually detected automatically through preprocessor macros, - * but the automatic detection cannot know whether the code needs to - * and can be linked with an implementation of division for that type. - * By default division is assumed to be usable if the type is present. - * Uncomment this option to prevent the use of double-width division. - * - * Note that division for the native integer type is always required. - * Furthermore, a 64-bit type is always required even on a 32-bit - * platform, but it need not support multiplication or division. In some - * cases it is also desirable to disable some double-width operations. For - * example, if double-width division is implemented in software, disabling - * it can reduce code size in some embedded targets. - */ -//#define MBEDTLS_NO_UDBL_DIVISION - -/** - * \def MBEDTLS_NO_64BIT_MULTIPLICATION - * - * The platform lacks support for 32x32 -> 64-bit multiplication. - * - * Used in: - * library/poly1305.c - * - * Some parts of the library may use multiplication of two unsigned 32-bit - * operands with a 64-bit result in order to speed up computations. On some - * platforms, this is not available in hardware and has to be implemented in - * software, usually in a library provided by the toolchain. - * - * Sometimes it is not desirable to have to link to that library. This option - * removes the dependency of that library on platforms that lack a hardware - * 64-bit multiplier by embedding a software implementation in Mbed TLS. - * - * Note that depending on the compiler, this may decrease performance compared - * to using the library function provided by the toolchain. - */ -//#define MBEDTLS_NO_64BIT_MULTIPLICATION - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions - */ -#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h, time(), and an implementation for - * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necessarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - * - * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that - * behaves similarly to the gmtime_r() function from the C standard. Refer to - * the documentation for mbedtls_platform_gmtime_r() for more information. - * - * \note It is possible to configure an implementation for - * mbedtls_platform_gmtime_r() at compile-time by using the macro - * MBEDTLS_PLATFORM_GMTIME_R_ALT. - */ -#define MBEDTLS_HAVE_TIME_DATE - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -//#define MBEDTLS_PLATFORM_MEMORY - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT -//#define MBEDTLS_PLATFORM_FPRINTF_ALT -//#define MBEDTLS_PLATFORM_PRINTF_ALT -//#define MBEDTLS_PLATFORM_SNPRINTF_ALT -//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT -//#define MBEDTLS_PLATFORM_NV_SEED_ALT -//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_REMOVED - -/** - * \def MBEDTLS_CHECK_PARAMS - * - * This configuration option controls whether the library validates more of - * the parameters passed to it. - * - * When this flag is not defined, the library only attempts to validate an - * input parameter if: (1) they may come from the outside world (such as the - * network, the filesystem, etc.) or (2) not validating them could result in - * internal memory errors such as overflowing a buffer controlled by the - * library. On the other hand, it doesn't attempt to validate parameters whose - * values are fully controlled by the application (such as pointers). - * - * When this flag is defined, the library additionally attempts to validate - * parameters that are fully controlled by the application, and should always - * be valid if the application code is fully correct and trusted. - * - * For example, when a function accepts as input a pointer to a buffer that may - * contain untrusted data, and its documentation mentions that this pointer - * must not be NULL: - * - the pointer is checked to be non-NULL only if this option is enabled - * - the content of the buffer is always validated - * - * When this flag is defined, if a library function receives a parameter that - * is invalid, it will: - * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a - * call to the function mbedtls_param_failed() - * - immediately return (with a specific error code unless the function - * returns void and can't communicate an error). - * - * When defining this flag, you also need to: - * - either provide a definition of the function mbedtls_param_failed() in - * your application (see platform_util.h for its prototype) as the library - * calls that function, but does not provide a default definition for it, - * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() - * below if the above mechanism is not flexible enough to suit your needs. - * See the documentation of this macro later in this file. - * - * Uncomment to enable validation of application-controlled parameters. - */ -//#define MBEDTLS_CHECK_PARAMS - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternate core implementation of a symmetric crypto, an arithmetic or hash - * module (e.g. platform specific assembly optimized implementations). Keep - * in mind that the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base - * function declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - * - * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their - * use constitutes a security risk. If possible, we recommend - * avoiding dependencies on them, and considering stronger message - * digests and ciphers instead. - * - */ -//#define MBEDTLS_AES_ALT -//#define MBEDTLS_ARC4_ALT -//#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_BLOWFISH_ALT -//#define MBEDTLS_CAMELLIA_ALT -//#define MBEDTLS_CCM_ALT -//#define MBEDTLS_CHACHA20_ALT -//#define MBEDTLS_CHACHAPOLY_ALT -//#define MBEDTLS_CMAC_ALT -//#define MBEDTLS_DES_ALT -//#define MBEDTLS_DHM_ALT -//#define MBEDTLS_ECJPAKE_ALT -//#define MBEDTLS_GCM_ALT -//#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT -//#define MBEDTLS_MD5_ALT -//#define MBEDTLS_POLY1305_ALT -//#define MBEDTLS_RIPEMD160_ALT -//#define MBEDTLS_RSA_ALT -//#define MBEDTLS_SHA1_ALT -//#define MBEDTLS_SHA256_ALT -//#define MBEDTLS_SHA512_ALT -//#define MBEDTLS_XTEA_ALT - -/* - * When replacing the elliptic curve module, pleace consider, that it is - * implemented with two .c files: - * - ecp.c - * - ecp_curves.c - * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT - * macros as described above. The only difference is that you have to make sure - * that you provide functionality for both .c files. - */ -//#define MBEDTLS_ECP_ALT - -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. - * - * \note If you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT -//#define MBEDTLS_AES_DECRYPT_ALT -//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT -//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//#define MBEDTLS_ECDSA_VERIFY_ALT -//#define MBEDTLS_ECDSA_SIGN_ALT -//#define MBEDTLS_ECDSA_GENKEY_ALT - -/** - * \def MBEDTLS_ECP_INTERNAL_ALT - * - * Expose a part of the internal interface of the Elliptic Curve Point module. - * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternative core implementation of elliptic curve arithmetic. Keep in mind - * that function prototypes should remain the same. - * - * This partially replaces one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation - * is still present and it is used for group structures not supported by the - * alternative. - * - * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT - * and implementing the following functions: - * unsigned char mbedtls_internal_ecp_grp_capable( - * const mbedtls_ecp_group *grp ) - * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) - * The mbedtls_internal_ecp_grp_capable function should return 1 if the - * replacement functions implement arithmetic for the given group and 0 - * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are - * called before and after each point operation and provide an opportunity to - * implement optimized set up and tear down instructions. - * - * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac - * function, but will use your mbedtls_internal_ecp_double_jac if the group is - * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when - * receives it as an argument). If the group is not supported then the original - * implementation is used. The other functions and the definition of - * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your - * implementation of mbedtls_internal_ecp_double_jac and - * mbedtls_internal_ecp_grp_capable must be compatible with this definition. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -/* Required for all the functions in this section */ -//#define MBEDTLS_ECP_INTERNAL_ALT -/* Support for Weierstrass curves with Jacobi representation */ -//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT -//#define MBEDTLS_ECP_ADD_MIXED_ALT -//#define MBEDTLS_ECP_DOUBLE_JAC_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT -/* Support for curves with Montgomery arithmetic */ -//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT -//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT -//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT - -/** - * \def MBEDTLS_TEST_NULL_ENTROPY - * - * Enables testing and use of mbed TLS without any configured entropy sources. - * This permits use of the library on platforms before an entropy source has - * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the - * MBEDTLS_ENTROPY_NV_SEED switches). - * - * WARNING! This switch MUST be disabled in production builds, and is suitable - * only for development. - * Enabling the switch negates any security provided by the library. - * - * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - */ -//#define MBEDTLS_TEST_NULL_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in entropy_poll.h, and accept NULL as first argument. - * - * Uncomment to use your own hardware entropy collector. - */ -//#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Use precomputed AES tables stored in ROM. - * - * Uncomment this macro to use precomputed AES tables stored in ROM. - * Comment this macro to generate AES tables in RAM at runtime. - * - * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb - * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the - * initialization time before the first AES operation can be performed. - * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c - * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded - * performance if ROM access is slower than RAM access. - * - * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * - */ -//#define MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_AES_FEWER_TABLES - * - * Use less ROM/RAM for AES tables. - * - * Uncommenting this macro omits 75% of the AES tables from - * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) - * by computing their values on the fly during operations - * (the tables are entry-wise rotations of one another). - * - * Tradeoff: Uncommenting this reduces the RAM / ROM footprint - * by ~6kb but at the cost of more arithmetic operations during - * runtime. Specifically, one has to compare 4 accesses within - * different tables to 4 accesses with additional arithmetic - * operations within the same table. The performance gain/loss - * depends on the system and memory details. - * - * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * - */ -//#define MBEDTLS_AES_FEWER_TABLES - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CFB - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_OFB - * - * Enable Output Feedback mode (OFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_OFB - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#define MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#define MBEDTLS_CIPHER_PADDING_ZEROS - -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES - -/** - * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED - * - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_ECP_DP_CURVE448_ENABLED - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define MBEDTLS_ECP_NIST_OPTIM - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * Uncomment this macro to enable restartable ECC computations. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. - */ -//#define MBEDTLS_ECP_RESTARTABLE - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#define MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#define MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific, - * mbedtls_timing_hardclock and HAVEGE based poll functions. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -//#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_ENTROPY_NV_SEED - * - * Enable the non-volatile (NV) seed file-based entropy source. - * (Also enables the NV seed read/write functions in the platform layer) - * - * This is crucial (if not required) on systems that do not have a - * cryptographic entropy source (in hardware or kernel) available. - * - * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C - * - * \note The read/write functions that are used by the entropy source are - * determined in the platform layer, and can be modified at runtime and/or - * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. - * - * \note If you use the default implementation functions that read a seedfile - * with regular fopen(), please make sure you make a seedfile with the - * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at - * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from - * and written to or you will get an entropy source error! The default - * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE - * bytes from the file. - * - * \note The entropy collector will write to the seed file before entropy is - * given to an external source, to update it. - */ -//#define MBEDTLS_ENTROPY_NV_SEED - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define MBEDTLS_PKCS1_V21 - -/** - * \def MBEDTLS_PSA_CRYPTO_SPM - * - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure - * Partition Manager) integration which separates the code into two parts: a - * NSPE (Non-Secure Process Environment) and an SPE (Secure Process - * Environment). - * - * Module: library/psa_crypto.c - * Requires: MBEDTLS_PSA_CRYPTO_C - * - */ -//#define MBEDTLS_PSA_CRYPTO_SPM - -/** - * \def MBEDTLS_PSA_HAS_ITS_IO - * - * Enable the non-volatile secure storage usage. - * - * This is crucial on systems that do not have a HW TRNG support. - * - */ -//#define MBEDTLS_PSA_HAS_ITS_IO - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonnable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -//#define MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -//#define MBEDTLS_SSL_PROTO_SSL3 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintenance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - * - * Fallback to old (pre-2.7), non-conforming implementation of the truncated - * HMAC extension which also truncates the HMAC key. Note that this option is - * only meant for a transitory upgrade period and is likely to be removed in - * a future version of the library. - * - * \warning The old implementation is non-compliant and has a security weakness - * (2^80 brute force attack on the HMAC key used for a single, - * uninterrupted connection). This should only be enabled temporarily - * when (1) the use of truncated HMAC is essential in order to save - * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use - * the fixed implementation yet (pre-2.7). - * - * \deprecated This option is deprecated and will likely be removed in a - * future version of Mbed TLS. - * - * Uncomment to fallback to old, non-compliant truncated HMAC implementation. - * - * Requires: MBEDTLS_SSL_TRUNCATED_HMAC - */ -//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -//#define MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_USE_PSA_CRYPTO - * - * Make the X.509 and TLS library use PSA for cryptographic operations, see - * #MBEDTLS_PSA_CRYPTO_C. - * - * Note: this option is still in progress, the full X.509 and TLS modules are - * not covered yet, but parts that are not ported to PSA yet will still work - * as usual, so enabling this option should not break backwards compatibility. - * - * \warning Support for PSA is still an experimental feature. - * Any public API that depends on this option may change - * at any time until this warning is removed. - * - * Requires: MBEDTLS_PSA_CRYPTO_C. - */ -//#define MBEDTLS_USE_PSA_CRYPTO - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * \deprecated This feature is deprecated and will be removed - * in the next major revision of the library. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/cipher.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#define MBEDTLS_AES_C - -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on - * it, and considering stronger ciphers instead. - * - */ -#define MBEDTLS_ARC4_C - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/rsa_internal.c - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define MBEDTLS_BLOWFISH_C - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#define MBEDTLS_CAMELLIA_C - -/** - * \def MBEDTLS_ARIA_C - * - * Enable the ARIA block cipher. - * - * Module: library/aria.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 - */ -//#define MBEDTLS_ARIA_C - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#define MBEDTLS_CCM_C - -/** - * \def MBEDTLS_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -#define MBEDTLS_CERTS_C - -/** - * \def MBEDTLS_CHACHA20_C - * - * Enable the ChaCha20 stream cipher. - * - * Module: library/chacha20.c - */ -#define MBEDTLS_CHACHA20_C - -/** - * \def MBEDTLS_CHACHAPOLY_C - * - * Enable the ChaCha20-Poly1305 AEAD algorithm. - * - * Module: library/chachapoly.c - * - * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C - */ -#define MBEDTLS_CHACHAPOLY_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -//#define MBEDTLS_CMAC_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-based random generator. - * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C - * - * This module provides the CTR_DRBG AES random number generator. - */ -#define MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -#define MBEDTLS_DES_C - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#define MBEDTLS_ECDH_C - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C - */ -#define MBEDTLS_ECDSA_C - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C - */ -//#define MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#define MBEDTLS_ECP_C - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#define MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#define MBEDTLS_GCM_C - -/** - * \def MBEDTLS_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: MBEDTLS_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define MBEDTLS_HAVEGE_C - -/** - * \def MBEDTLS_HKDF_C - * - * Enable the HKDF algorithm (RFC 5869). - * - * Module: library/hkdf.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the Hashed Message Authentication Code - * (HMAC)-based key derivation function (HKDF). - */ -#define MBEDTLS_HKDF_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_NIST_KW_C - * - * Enable the Key Wrapping mode for 128-bit block ciphers, - * as defined in NIST SP 800-38F. Only KW and KWP modes - * are supported. At the moment, only AES is approved by NIST. - * - * Module: library/nist_kw.c - * - * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C - */ -//#define MBEDTLS_NIST_KW_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD4_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 - * depending on the handshake parameters. Further, it is used for checking - * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded - * encrypted keys. - * - * \warning MD5 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#define MBEDTLS_PEM_PARSE_C - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define MBEDTLS_PEM_WRITE_C - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: MBEDTLS_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define MBEDTLS_PKCS11_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other module rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_POLY1305_C - * - * Enable the Poly1305 MAC algorithm. - * - * Module: library/poly1305.c - * Caller: library/chachapoly.c - */ -#define MBEDTLS_POLY1305_C - -/** - * \def MBEDTLS_PSA_CRYPTO_C - * - * Enable the Platform Security Architecture cryptography API. - * - * \note This option only has an effect when the build option - * USE_CRYPTO_SUBMODULE is also in use. - * - * \warning This feature is experimental and available on an opt-in basis only. - * PSA APIs are subject to change at any time. The implementation comes with - * less assurance and support than the rest of Mbed TLS. - * - * Module: crypto/library/psa_crypto.c - * - * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C - * - */ -//#define MBEDTLS_PSA_CRYPTO_C - -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_C - * - * Enable the Platform Security Architecture persistent key storage. - * - * Module: library/psa_crypto_storage.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C and one of either - * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * (but not both) - * - */ -//#define MBEDTLS_PSA_CRYPTO_STORAGE_C - -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - * - * Enable persistent key storage over files for the - * Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto_storage_file.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO - * - */ -//#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C - -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - * - * Enable persistent key storage over PSA ITS for the - * Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto_storage_its.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO - * - */ -//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#define MBEDTLS_RIPEMD160_C - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * library/rsa_internal.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#define MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 - * depending on the handshake parameters, and for SHA1-signed certificates. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-224 and SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This module adds support for SHA-384 and SHA-512. - */ -#define MBEDTLS_SHA512_C - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. See also our Knowledge Base article about threading: - * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -//#define MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define MBEDTLS_XTEA_C - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ -//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ - -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ - -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for certificate signing. - * Without this build-time option, SHA-1 support must be activated explicitly - * through mbedtls_ssl_conf_cert_profile. Turning on this option is not - * recommended because of it is possible to generate SHA-1 collisions, however - * this may be safe for legacy infrastructure where additional controls apply. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations - * - * Allow user to override any previous default. - * - */ -#if defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#include "check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h deleted file mode 100644 index d4743bb22..000000000 --- a/configs/config-mini-tls1_1.h +++ /dev/null @@ -1,75 +0,0 @@ -/** - * \file config-mini-tls1_1.h - * - * \brief Minimal configuration for TLS 1.1 (RFC 4346) - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the - * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * - * See README.txt for usage instructions. - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -/* System support */ -#define MBEDTLS_HAVE_ASM -#define MBEDTLS_HAVE_TIME - -/* mbed TLS feature support */ -#define MBEDTLS_CIPHER_MODE_CBC -#define MBEDTLS_PKCS1_V15 -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/* mbed TLS modules */ -#define MBEDTLS_AES_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_CIPHER_C -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_DES_C -#define MBEDTLS_ENTROPY_C -#define MBEDTLS_MD_C -#define MBEDTLS_MD5_C -#define MBEDTLS_NET_C -#define MBEDTLS_OID_C -#define MBEDTLS_PK_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_RSA_C -#define MBEDTLS_SHA1_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_USE_C - -/* For test certificates */ -#define MBEDTLS_BASE64_C -#define MBEDTLS_CERTS_C -#define MBEDTLS_PEM_PARSE_C - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-thread.h b/configs/config-thread.h deleted file mode 100644 index f729a0381..000000000 --- a/configs/config-thread.h +++ /dev/null @@ -1,90 +0,0 @@ -/** - * \file config-thread.h - * - * \brief Minimal configuration for using TLS as part of Thread - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/* - * Minimal configuration for using TLS a part of Thread - * http://threadgroup.org/ - * - * Distinguishing features: - * - no RSA or classic DH, fully based on ECC - * - no X.509 - * - support for experimental EC J-PAKE key exchange - * - * See README.txt for usage instructions. - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -/* System support */ -#define MBEDTLS_HAVE_ASM - -/* mbed TLS feature support */ -#define MBEDTLS_AES_ROM_TABLES -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_NIST_OPTIM -#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -#define MBEDTLS_SSL_PROTO_TLS1_2 -#define MBEDTLS_SSL_PROTO_DTLS -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY -#define MBEDTLS_SSL_EXPORT_KEYS - -/* mbed TLS modules */ -#define MBEDTLS_AES_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_CCM_C -#define MBEDTLS_CIPHER_C -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_CMAC_C -#define MBEDTLS_ECJPAKE_C -#define MBEDTLS_ECP_C -#define MBEDTLS_ENTROPY_C -#define MBEDTLS_HMAC_DRBG_C -#define MBEDTLS_MD_C -#define MBEDTLS_OID_C -#define MBEDTLS_PK_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_SSL_COOKIE_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C - -/* Save RAM at the expense of ROM */ -#define MBEDTLS_AES_ROM_TABLES - -/* Save RAM by adjusting to our exact needs */ -#define MBEDTLS_ECP_MAX_BITS 256 -#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes - -/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ -#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 56f2036ee..09baebb66 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -17,16 +17,8 @@ use warnings; use strict; my %configs = ( - 'config-default.h' => { - }, - 'config-mini-tls1_1.h' => { - }, 'config-suite-b.h' => { }, - 'config-ccm-psk-tls1_2.h' => { - }, - 'config-thread.h' => { - }, ); # If no config-name is provided, use all known configs. From 7fcc7bc57699ce57fef8e590a0fb502ea6f65c0e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 26 Feb 2019 11:53:36 +0000 Subject: [PATCH 1182/2197] check-names: Enable referencing Mbed TLS macros Add a macro whitelist which enables us to refer to Mbed TLS macros that are no longer present in Mbed Crypto. --- tests/scripts/list-macros.sh | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 5982bb7a0..3fa66f191 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -9,8 +9,15 @@ fi HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) -sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \ - | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \ - | sort -u > macros +# White-list macros we want to be able to refer to that don't exist in the +# crypto library, useful when referring to macros in Mbed TLS from comments. +WHITELIST='MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS' + +# Generate a list of macros and combine it with the white-listed macros in +# sorted order. +{ sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS | + egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_'; + printf '%s\n' $WHITELIST; +} | sort -u > macros wc -l macros From 1c66e48670b64b2ac598576cc08df3a715f3957b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 18:15:18 +0000 Subject: [PATCH 1183/2197] config: Remove TLS and NET options Remove TLS and NET options from config files and scripts. Note that this fails check-names.sh because options that TLS and NET files use are no longer present in config.h. --- configs/README.txt | 4 +- configs/config-no-entropy.h | 1 - configs/config-psa-crypto.h | 1401 ++++-------------------------- configs/config-suite-b.h | 21 +- include/mbedtls/check_config.h | 180 +--- include/mbedtls/config.h | 1443 ++++--------------------------- library/version_features.c | 153 ---- programs/test/query_config.c | 512 ----------- scripts/config.pl | 9 - scripts/footprint.sh | 1 - tests/scripts/all.sh | 5 - tests/scripts/depends-pkalgs.pl | 20 +- 12 files changed, 392 insertions(+), 3358 deletions(-) diff --git a/configs/README.txt b/configs/README.txt index 933fa7f21..17682ddb8 100644 --- a/configs/README.txt +++ b/configs/README.txt @@ -1,8 +1,8 @@ This directory contains example configuration files. The examples are generally focused on a particular usage case (eg, support for -a restricted number of ciphersuites) and aim at minimizing resource usage for -this target. They can be used as a basis for custom configurations. +a restricted number of TLS ciphersuites) and aim at minimizing resource usage +for this target. They can be used as a basis for custom configurations. These files are complete replacements for the default config.h. To use one of them, you can pick one of the following methods: diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 7d34ad52e..d40b48caf 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -41,7 +41,6 @@ /* mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_ECP_DP_CURVE25519_ENABLED diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 4873c3624..2e85819df 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -614,29 +614,28 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_NULL_SHA + * TLS_ECDH_RSA_WITH_NULL_SHA + * TLS_ECDHE_ECDSA_WITH_NULL_SHA + * TLS_ECDHE_RSA_WITH_NULL_SHA + * TLS_ECDHE_PSK_WITH_NULL_SHA384 + * TLS_ECDHE_PSK_WITH_NULL_SHA256 + * TLS_ECDHE_PSK_WITH_NULL_SHA + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_SHA256 + * TLS_RSA_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_MD5 + * TLS_RSA_PSK_WITH_NULL_SHA384 + * TLS_RSA_PSK_WITH_NULL_SHA256 + * TLS_RSA_PSK_WITH_NULL_SHA + * TLS_PSK_WITH_NULL_SHA384 + * TLS_PSK_WITH_NULL_SHA256 + * TLS_PSK_WITH_NULL_SHA * - * Uncomment this macro to enable the NULL cipher and ciphersuites + * Uncomment this macro to enable the NULL cipher */ //#define MBEDTLS_CIPHER_NULL_CIPHER @@ -656,37 +655,6 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES - /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -758,281 +726,6 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -1278,373 +971,6 @@ */ //#define MBEDTLS_SHA256_SMALLER -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -//#define MBEDTLS_SSL_PROTO_SSL3 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintenance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - * - * Fallback to old (pre-2.7), non-conforming implementation of the truncated - * HMAC extension which also truncates the HMAC key. Note that this option is - * only meant for a transitory upgrade period and is likely to be removed in - * a future version of the library. - * - * \warning The old implementation is non-compliant and has a security weakness - * (2^80 brute force attack on the HMAC key used for a single, - * uninterrupted connection). This should only be enabled temporarily - * when (1) the use of truncated HMAC is essential in order to save - * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use - * the fixed implementation yet (pre-2.7). - * - * \deprecated This option is deprecated and will likely be removed in a - * future version of Mbed TLS. - * - * Uncomment to fallback to old, non-compliant truncated HMAC implementation. - * - * Requires: MBEDTLS_SSL_TRUNCATED_HMAC - */ -//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - /** * \def MBEDTLS_THREADING_ALT * @@ -1756,31 +1082,6 @@ * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * \deprecated This feature is deprecated and will be removed - * in the next major revision of the library. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1814,66 +1115,65 @@ * library/pem.c * library/ctr_drbg.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * TLS_RSA_WITH_AES_256_GCM_SHA384 + * TLS_RSA_WITH_AES_256_CBC_SHA256 + * TLS_RSA_WITH_AES_256_CBC_SHA + * TLS_RSA_WITH_AES_128_GCM_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA + * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * TLS_PSK_WITH_AES_256_GCM_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA + * TLS_PSK_WITH_AES_128_GCM_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1887,18 +1187,17 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * TLS_ECDH_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * TLS_ECDHE_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_PSK_WITH_RC4_128_SHA + * TLS_DHE_PSK_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_MD5 + * TLS_RSA_PSK_WITH_RC4_128_SHA + * TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1958,7 +1257,6 @@ * library/ecdsa.c * library/rsa.c * library/rsa_internal.c - * library/ssl_tls.c * * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. */ @@ -1981,50 +1279,49 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ #define MBEDTLS_CAMELLIA_C @@ -2036,47 +1333,45 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module is required to support the following ciphersuites in TLS: + * TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ //#define MBEDTLS_ARIA_C @@ -2089,8 +1384,7 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. + * This module is required to support AES-CCM ciphersuites in TLS. */ #define MBEDTLS_CCM_C @@ -2132,7 +1426,6 @@ * Enable the generic cipher layer. * * Module: library/cipher.c - * Caller: library/ssl_tls.c * * Uncomment to enable generic cipher wrappers. */ @@ -2167,20 +1460,6 @@ */ #define MBEDTLS_CTR_DRBG_C -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - /** * \def MBEDTLS_DES_C * @@ -2190,18 +1469,17 @@ * Caller: library/pem.c * library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_PSK_WITH_3DES_EDE_CBC_SHA * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -2216,8 +1494,6 @@ * Enable the Diffie-Hellman-Merkle module. * * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c * * This module is used by the following key exchanges: * DHE-RSA, DHE-PSK @@ -2237,8 +1513,6 @@ * Enable the elliptic curve Diffie-Hellman library. * * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c * * This module is used by the following key exchanges: * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK @@ -2330,8 +1604,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. + * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in + * TLS. */ #define MBEDTLS_GCM_C @@ -2454,7 +1728,6 @@ * Module: library/md5.c * Caller: library/md.c * library/pem.c - * library/ssl_tls.c * * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 * depending on the handshake parameters. Further, it is used for checking @@ -2484,25 +1757,6 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - /** * \def MBEDTLS_OID_C * @@ -2580,9 +1834,6 @@ * Enable the generic public (asymetric) key layer. * * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c * * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C * @@ -2748,10 +1999,7 @@ * * Module: library/rsa.c * library/rsa_internal.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c + * Caller: library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2767,9 +2015,6 @@ * * Module: library/sha1.c * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 @@ -2790,9 +2035,6 @@ * Module: library/sha256.c * Caller: library/entropy.c * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c * * This module adds support for SHA-224 and SHA-256. * This module is required for the SSL/TLS 1.2 PRF function. @@ -2807,91 +2049,11 @@ * Module: library/sha512.c * Caller: library/entropy.c * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c * * This module adds support for SHA-384 and SHA-512. */ #define MBEDTLS_SHA512_C -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - /** * \def MBEDTLS_THREADING_C * @@ -2921,9 +2083,9 @@ * * \note The provided implementation only works on POSIX/Unix (including Linux, * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting + * module and provide your own implementations of the callbacks needed by Mbed + * TLS's \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and + * provide your own implementation of the whole module by setting * \c MBEDTLS_TIMING_ALT in the current file. * * \note See also our Knowledge Base article about porting to a new @@ -3137,187 +2299,6 @@ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for certificate signing. - * Without this build-time option, SHA-1 support must be activated explicitly - * through mbedtls_ssl_conf_cert_profile. Turning on this option is not - * recommended because of it is possible to generate SHA-1 collisions, however - * this may be safe for legacy infrastructure where additional controls apply. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - /** * Uncomment the macro to let mbed TLS use your alternate implementation of * mbedtls_platform_zeroize(). This replaces the default implementation in diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 18e2c4036..dd9a2a019 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -22,7 +22,8 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ /* - * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) + * Minimal configuration for the crypto required for TLS NSA Suite B Profile + * (RFC 6460) * * Distinguishing features: * - no RSA or classic DH, fully based on ECC @@ -45,8 +46,6 @@ /* mbed TLS feature support */ #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#define MBEDTLS_SSL_PROTO_TLS1_2 /* mbed TLS modules */ #define MBEDTLS_AES_C @@ -67,9 +66,6 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C #define MBEDTLS_X509_CRT_PARSE_C #define MBEDTLS_X509_USE_C @@ -99,19 +95,6 @@ */ #define MBEDTLS_ENTROPY_MAX_SOURCES 2 -/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ -#define MBEDTLS_SSL_CIPHERSUITES \ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* - * Save RAM at the expense of interoperability: do this only if you control - * both ends of the connection! (See coments in "mbedtls/ssl.h".) - * The minimum size here depends on the certificate chain used as well as the - * typical size of records. - */ -#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 - #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0fa74f061..933e46045 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -57,9 +57,8 @@ #endif #endif /* _WIN32 */ -#if defined(TARGET_LIKE_MBED) && \ - ( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) ) -#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS" +#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_TIMING_C) +#error "The TIMING module is not available for mbed OS - please use the timing functions provided by Mbed OS" #endif #if defined(MBEDTLS_DEPRECATED_WARNING) && \ @@ -83,10 +82,6 @@ #error "MBEDTLS_DHM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) && !defined(MBEDTLS_SSL_TRUNCATED_HMAC) -#error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_CMAC_C) && \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) #error "MBEDTLS_CMAC_C defined, but not all prerequisites" @@ -230,69 +225,6 @@ #error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) ) -#error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) ) -#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C) -#error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ - !defined(MBEDTLS_ECDH_C) -#error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - ( !defined(MBEDTLS_DHM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) -#error "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) -#error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \ - !defined(MBEDTLS_X509_CRT_PARSE_C) ) -#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ - ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ - !defined(MBEDTLS_PKCS1_V15) ) -#error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ - ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ - !defined(MBEDTLS_PKCS1_V15) ) -#error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ - ( !defined(MBEDTLS_ECJPAKE_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ) -#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) && \ - !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) && \ - ( !defined(MBEDTLS_SHA256_C) && \ - !defined(MBEDTLS_SHA512_C) && \ - !defined(MBEDTLS_SHA1_C) ) -#error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires MBEDTLS_SHA512_C, MBEDTLS_SHA256_C or MBEDTLS_SHA1_C" -#endif - #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) #error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" @@ -566,114 +498,6 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_PROTO_SSL3) && ( !defined(MBEDTLS_MD5_C) || \ - !defined(MBEDTLS_SHA1_C) ) -#error "MBEDTLS_SSL_PROTO_SSL3 defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \ - !defined(MBEDTLS_SHA1_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) && ( !defined(MBEDTLS_MD5_C) || \ - !defined(MBEDTLS_SHA1_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_1 defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && ( !defined(MBEDTLS_SHA1_C) && \ - !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_2) -#error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C) -#error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \ - !defined(MBEDTLS_MD_C) ) -#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C) -#error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) && (!defined(MBEDTLS_SSL_PROTO_SSL3) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1) && !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_2)) -#error "MBEDTLS_SSL_TLS_C defined, but no protocols are active" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1)) -#error "Illegal protocol selection" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_TLS1) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_SSL_PROTO_TLS1_1)) -#error "Illegal protocol selection" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) && (!defined(MBEDTLS_SSL_PROTO_TLS1) || \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1))) -#error "Illegal protocol selection" -#endif - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS) -#error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \ - !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -#error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) && \ - ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) -#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \ - ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) -#error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_2) -#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_2) -#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" -#endif - -#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \ - !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1) -#error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ - !defined(MBEDTLS_X509_CRT_PARSE_C) -#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_THREADING_PTHREAD) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index fd7d7447f..be0f1924a 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -614,29 +614,28 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_NULL_SHA + * TLS_ECDH_RSA_WITH_NULL_SHA + * TLS_ECDHE_ECDSA_WITH_NULL_SHA + * TLS_ECDHE_RSA_WITH_NULL_SHA + * TLS_ECDHE_PSK_WITH_NULL_SHA384 + * TLS_ECDHE_PSK_WITH_NULL_SHA256 + * TLS_ECDHE_PSK_WITH_NULL_SHA + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_SHA256 + * TLS_RSA_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_MD5 + * TLS_RSA_PSK_WITH_NULL_SHA384 + * TLS_RSA_PSK_WITH_NULL_SHA256 + * TLS_RSA_PSK_WITH_NULL_SHA + * TLS_PSK_WITH_NULL_SHA384 + * TLS_PSK_WITH_NULL_SHA256 + * TLS_PSK_WITH_NULL_SHA * - * Uncomment this macro to enable the NULL cipher and ciphersuites + * Uncomment this macro to enable the NULL cipher */ //#define MBEDTLS_CIPHER_NULL_CIPHER @@ -656,57 +655,6 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES - * - * Remove 3DES ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on 3DES from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible - * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including - * them explicitly. - * - * A man-in-the-browser attacker can recover authentication tokens sent through - * a TLS connection using a 3DES based cipher suite (see "On the Practical - * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan - * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls - * in your threat model or you are unsure, then you should keep this option - * enabled to remove 3DES based cipher suites. - * - * Comment this macro to keep 3DES in the default ciphersuite list. - */ -#define MBEDTLS_REMOVE_3DES_CIPHERSUITES - /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -807,281 +755,6 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -1327,395 +1000,6 @@ */ //#define MBEDTLS_SHA256_SMALLER -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - * - * This option controls the availability of the API mbedtls_ssl_get_peer_cert() - * giving access to the peer's certificate after completion of the handshake. - * - * Unless you need mbedtls_ssl_peer_cert() in your application, it is - * recommended to disable this option for reduced RAM usage. - * - * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still - * defined, but always returns \c NULL. - * - * \note This option has no influence on the protection against the - * triple handshake attack. Even if it is disabled, Mbed TLS will - * still ensure that certificates do not change during renegotiation, - * for exaple by keeping a hash of the peer's certificate. - * - * Comment this macro to disable storing the peer's certificate - * after the handshake. - */ -#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -//#define MBEDTLS_SSL_PROTO_SSL3 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintenance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - * - * Fallback to old (pre-2.7), non-conforming implementation of the truncated - * HMAC extension which also truncates the HMAC key. Note that this option is - * only meant for a transitory upgrade period and is likely to be removed in - * a future version of the library. - * - * \warning The old implementation is non-compliant and has a security weakness - * (2^80 brute force attack on the HMAC key used for a single, - * uninterrupted connection). This should only be enabled temporarily - * when (1) the use of truncated HMAC is essential in order to save - * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use - * the fixed implementation yet (pre-2.7). - * - * \deprecated This option is deprecated and will likely be removed in a - * future version of Mbed TLS. - * - * Uncomment to fallback to old, non-compliant truncated HMAC implementation. - * - * Requires: MBEDTLS_SSL_TRUNCATED_HMAC - */ -//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT - /** * \def MBEDTLS_THREADING_ALT * @@ -1846,31 +1130,6 @@ * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * \deprecated This feature is deprecated and will be removed - * in the next major revision of the library. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1904,66 +1163,65 @@ * library/pem.c * library/ctr_drbg.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * TLS_RSA_WITH_AES_256_GCM_SHA384 + * TLS_RSA_WITH_AES_256_CBC_SHA256 + * TLS_RSA_WITH_AES_256_CBC_SHA + * TLS_RSA_WITH_AES_128_GCM_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA + * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * TLS_PSK_WITH_AES_256_GCM_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA + * TLS_PSK_WITH_AES_128_GCM_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1977,18 +1235,17 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * TLS_ECDH_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * TLS_ECDHE_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_PSK_WITH_RC4_128_SHA + * TLS_DHE_PSK_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_MD5 + * TLS_RSA_PSK_WITH_RC4_128_SHA + * TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -2048,7 +1305,6 @@ * library/ecdsa.c * library/rsa.c * library/rsa_internal.c - * library/ssl_tls.c * * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. */ @@ -2071,50 +1327,49 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ #define MBEDTLS_CAMELLIA_C @@ -2126,47 +1381,45 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module is required to support the following ciphersuites in TLS: + * TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ //#define MBEDTLS_ARIA_C @@ -2179,8 +1432,7 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. + * This module is required to support AES-CCM ciphersuites in TLS. */ #define MBEDTLS_CCM_C @@ -2222,7 +1474,6 @@ * Enable the generic cipher layer. * * Module: library/cipher.c - * Caller: library/ssl_tls.c * * Uncomment to enable generic cipher wrappers. */ @@ -2257,20 +1508,6 @@ */ #define MBEDTLS_CTR_DRBG_C -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - /** * \def MBEDTLS_DES_C * @@ -2280,18 +1517,17 @@ * Caller: library/pem.c * library/cipher.c * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_PSK_WITH_3DES_EDE_CBC_SHA * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -2306,8 +1542,6 @@ * Enable the Diffie-Hellman-Merkle module. * * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c * * This module is used by the following key exchanges: * DHE-RSA, DHE-PSK @@ -2327,8 +1561,6 @@ * Enable the elliptic curve Diffie-Hellman library. * * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c * * This module is used by the following key exchanges: * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK @@ -2420,8 +1652,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. + * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in + * TLS. */ #define MBEDTLS_GCM_C @@ -2544,7 +1776,6 @@ * Module: library/md5.c * Caller: library/md.c * library/pem.c - * library/ssl_tls.c * * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 * depending on the handshake parameters. Further, it is used for checking @@ -2574,25 +1805,6 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - /** * \def MBEDTLS_OID_C * @@ -2670,9 +1882,6 @@ * Enable the generic public (asymetric) key layer. * * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c * * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C * @@ -2838,10 +2047,7 @@ * * Module: library/rsa.c * library/rsa_internal.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c + * Caller: library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2857,9 +2063,6 @@ * * Module: library/sha1.c * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 @@ -2880,9 +2083,6 @@ * Module: library/sha256.c * Caller: library/entropy.c * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c * * This module adds support for SHA-224 and SHA-256. * This module is required for the SSL/TLS 1.2 PRF function. @@ -2897,91 +2097,11 @@ * Module: library/sha512.c * Caller: library/entropy.c * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c * * This module adds support for SHA-384 and SHA-512. */ #define MBEDTLS_SHA512_C -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - /** * \def MBEDTLS_THREADING_C * @@ -3011,9 +2131,9 @@ * * \note The provided implementation only works on POSIX/Unix (including Linux, * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting + * module and provide your own implementations of the callbacks needed by Mbed + * TLS's \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and + * provide your own implementation of the whole module by setting * \c MBEDTLS_TIMING_ALT in the current file. * * \note See also our Knowledge Base article about porting to a new @@ -3227,187 +2347,6 @@ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for certificate signing. - * Without this build-time option, SHA-1 support must be activated explicitly - * through mbedtls_ssl_conf_cert_profile. Turning on this option is not - * recommended because of it is possible to generate SHA-1 collisions, however - * this may be safe for legacy infrastructure where additional controls apply. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - /** * Uncomment the macro to let mbed TLS use your alternate implementation of * mbedtls_platform_zeroize(). This replaces the default implementation in diff --git a/library/version_features.c b/library/version_features.c index afae4f310..b355b2b16 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -297,15 +297,6 @@ static const char *features[] = { #if defined(MBEDTLS_CIPHER_PADDING_ZEROS) "MBEDTLS_CIPHER_PADDING_ZEROS", #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) - "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ -#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", -#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ -#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - "MBEDTLS_REMOVE_3DES_CIPHERSUITES", -#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) "MBEDTLS_ECP_DP_SECP192R1_ENABLED", #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ @@ -357,39 +348,6 @@ static const char *features[] = { #if defined(MBEDTLS_ECDSA_DETERMINISTIC) "MBEDTLS_ECDSA_DETERMINISTIC", #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) "MBEDTLS_PK_PARSE_EC_EXTENDED", #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ @@ -447,90 +405,6 @@ static const char *features[] = { #if defined(MBEDTLS_SHA256_SMALLER) "MBEDTLS_SHA256_SMALLER", #endif /* MBEDTLS_SHA256_SMALLER */ -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - "MBEDTLS_SSL_ALL_ALERT_MESSAGES", -#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - "MBEDTLS_SSL_ASYNC_PRIVATE", -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#if defined(MBEDTLS_SSL_DEBUG_ALL) - "MBEDTLS_SSL_DEBUG_ALL", -#endif /* MBEDTLS_SSL_DEBUG_ALL */ -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - "MBEDTLS_SSL_ENCRYPT_THEN_MAC", -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - "MBEDTLS_SSL_FALLBACK_SCSV", -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - "MBEDTLS_SSL_HW_RECORD_ACCEL", -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - "MBEDTLS_SSL_CBC_RECORD_SPLITTING", -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - "MBEDTLS_SSL_RENEGOTIATION", -#endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) - "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", -#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", -#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) - "MBEDTLS_SSL_PROTO_SSL3", -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) - "MBEDTLS_SSL_PROTO_TLS1", -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) - "MBEDTLS_SSL_PROTO_TLS1_1", -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - "MBEDTLS_SSL_PROTO_TLS1_2", -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - "MBEDTLS_SSL_PROTO_DTLS", -#endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_ALPN) - "MBEDTLS_SSL_ALPN", -#endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - "MBEDTLS_SSL_DTLS_ANTI_REPLAY", -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - "MBEDTLS_SSL_DTLS_HELLO_VERIFY", -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - "MBEDTLS_SSL_SESSION_TICKETS", -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - "MBEDTLS_SSL_EXPORT_KEYS", -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - "MBEDTLS_SSL_SERVER_NAME_INDICATION", -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - "MBEDTLS_SSL_TRUNCATED_HMAC", -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) - "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */ #if defined(MBEDTLS_THREADING_ALT) "MBEDTLS_THREADING_ALT", #endif /* MBEDTLS_THREADING_ALT */ @@ -561,9 +435,6 @@ static const char *features[] = { #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) "MBEDTLS_X509_RSASSA_PSS_SUPPORT", #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -#if defined(MBEDTLS_ZLIB_SUPPORT) - "MBEDTLS_ZLIB_SUPPORT", -#endif /* MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_AESNI_C) "MBEDTLS_AESNI_C", #endif /* MBEDTLS_AESNI_C */ @@ -615,9 +486,6 @@ static const char *features[] = { #if defined(MBEDTLS_CTR_DRBG_C) "MBEDTLS_CTR_DRBG_C", #endif /* MBEDTLS_CTR_DRBG_C */ -#if defined(MBEDTLS_DEBUG_C) - "MBEDTLS_DEBUG_C", -#endif /* MBEDTLS_DEBUG_C */ #if defined(MBEDTLS_DES_C) "MBEDTLS_DES_C", #endif /* MBEDTLS_DES_C */ @@ -672,9 +540,6 @@ static const char *features[] = { #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) "MBEDTLS_MEMORY_BUFFER_ALLOC_C", #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ -#if defined(MBEDTLS_NET_C) - "MBEDTLS_NET_C", -#endif /* MBEDTLS_NET_C */ #if defined(MBEDTLS_OID_C) "MBEDTLS_OID_C", #endif /* MBEDTLS_OID_C */ @@ -735,24 +600,6 @@ static const char *features[] = { #if defined(MBEDTLS_SHA512_C) "MBEDTLS_SHA512_C", #endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_SSL_CACHE_C) - "MBEDTLS_SSL_CACHE_C", -#endif /* MBEDTLS_SSL_CACHE_C */ -#if defined(MBEDTLS_SSL_COOKIE_C) - "MBEDTLS_SSL_COOKIE_C", -#endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_SSL_TICKET_C) - "MBEDTLS_SSL_TICKET_C", -#endif /* MBEDTLS_SSL_TICKET_C */ -#if defined(MBEDTLS_SSL_CLI_C) - "MBEDTLS_SSL_CLI_C", -#endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) - "MBEDTLS_SSL_SRV_C", -#endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_TLS_C) - "MBEDTLS_SSL_TLS_C", -#endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_THREADING_C) "MBEDTLS_THREADING_C", #endif /* MBEDTLS_THREADING_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 3e9abd400..bffe9f89c 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -834,30 +834,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) - if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES ); - return( 0 ); - } -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - -#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - if( strcmp( "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_ARC4_CIPHERSUITES ); - return( 0 ); - } -#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ - -#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_3DES_CIPHERSUITES ); - return( 0 ); - } -#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ - #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) { @@ -994,94 +970,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 ) { @@ -1234,230 +1122,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA256_SMALLER */ -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DEBUG_ALL */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( strcmp( "MBEDTLS_SSL_FALLBACK_SCSV", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_FALLBACK_SCSV ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( strcmp( "MBEDTLS_SSL_HW_RECORD_ACCEL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_HW_RECORD_ACCEL ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( strcmp( "MBEDTLS_SSL_CBC_RECORD_SPLITTING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CBC_RECORD_SPLITTING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) - if( strcmp( "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ - -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - if( strcmp( "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( strcmp( "MBEDTLS_SSL_PROTO_SSL3", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_SSL3 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_1", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_1 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_ALPN) - if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ALPN */ - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( strcmp( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_BADMAC_LIMIT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) - if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */ - #if defined(MBEDTLS_THREADING_ALT) if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) { @@ -1538,14 +1202,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -#if defined(MBEDTLS_ZLIB_SUPPORT) - if( strcmp( "MBEDTLS_ZLIB_SUPPORT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ZLIB_SUPPORT ); - return( 0 ); - } -#endif /* MBEDTLS_ZLIB_SUPPORT */ - #if defined(MBEDTLS_AESNI_C) if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) { @@ -1682,14 +1338,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CTR_DRBG_C */ -#if defined(MBEDTLS_DEBUG_C) - if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C ); - return( 0 ); - } -#endif /* MBEDTLS_DEBUG_C */ - #if defined(MBEDTLS_DES_C) if( strcmp( "MBEDTLS_DES_C", config ) == 0 ) { @@ -1834,14 +1482,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ -#if defined(MBEDTLS_NET_C) - if( strcmp( "MBEDTLS_NET_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C ); - return( 0 ); - } -#endif /* MBEDTLS_NET_C */ - #if defined(MBEDTLS_OID_C) if( strcmp( "MBEDTLS_OID_C", config ) == 0 ) { @@ -2002,54 +1642,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_SSL_CACHE_C) - if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_C */ - -#if defined(MBEDTLS_SSL_COOKIE_C) - if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_COOKIE_C */ - -#if defined(MBEDTLS_SSL_TICKET_C) - if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TICKET_C */ - -#if defined(MBEDTLS_SSL_CLI_C) - if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_SRV_C) - if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_TLS_C) - if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TLS_C */ - #if defined(MBEDTLS_THREADING_C) if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 ) { @@ -2482,110 +2074,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */ -#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) - if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */ - -#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) - if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ - -#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_MAX_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_IN_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) - if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */ - -#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) - if( strcmp( "MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */ - -#if defined(MBEDTLS_PSK_MAX_LEN) - if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_PSK_MAX_LEN */ - -#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT) - if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */ - -#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) - if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA ); - return( 0 ); - } -#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */ - -#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) - if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ - -#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES) - if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES ); - return( 0 ); - } -#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES */ - -#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) - if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE ); - return( 0 ); - } -#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ - #if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) { diff --git a/scripts/config.pl b/scripts/config.pl index 6927c4b40..bdd20901c 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -28,14 +28,10 @@ # MBEDTLS_ECP_DP_M511_ENABLED # MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES # MBEDTLS_NO_PLATFORM_ENTROPY -# MBEDTLS_REMOVE_ARC4_CIPHERSUITES -# MBEDTLS_REMOVE_3DES_CIPHERSUITES -# MBEDTLS_SSL_HW_RECORD_ACCEL # MBEDTLS_RSA_NO_CRT # MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 # MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION # - this could be enabled if the respective tests were adapted -# MBEDTLS_ZLIB_SUPPORT # MBEDTLS_PKCS11_C # MBEDTLS_USE_PSA_CRYPTO # - experimental, and more an alternative implementation than a feature @@ -91,12 +87,8 @@ MBEDTLS_ECP_DP_M511_ENABLED MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES MBEDTLS_NO_PLATFORM_ENTROPY MBEDTLS_RSA_NO_CRT -MBEDTLS_REMOVE_ARC4_CIPHERSUITES -MBEDTLS_REMOVE_3DES_CIPHERSUITES -MBEDTLS_SSL_HW_RECORD_ACCEL MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION -MBEDTLS_ZLIB_SUPPORT MBEDTLS_PKCS11_C MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION @@ -109,7 +101,6 @@ _ALT\s*$ # Things that should be disabled in "baremetal" my @excluded_baremetal = qw( -MBEDTLS_NET_C MBEDTLS_TIMING_C MBEDTLS_FS_IO MBEDTLS_ENTROPY_NV_SEED diff --git a/scripts/footprint.sh b/scripts/footprint.sh index c08ef1c90..697972f33 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -62,7 +62,6 @@ doit() fi { - scripts/config.pl unset MBEDTLS_NET_C || true scripts/config.pl unset MBEDTLS_TIMING_C || true scripts/config.pl unset MBEDTLS_FS_IO || true scripts/config.pl --force set MBEDTLS_NO_PLATFORM_ENTROPY || true diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a30740ab4..badbd97b4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -700,7 +700,6 @@ component_test_no_platform () { msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s scripts/config.pl full scripts/config.pl unset MBEDTLS_PLATFORM_C - scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT @@ -892,7 +891,6 @@ component_test_no_64bit_multiplication () { component_build_arm_none_eabi_gcc () { msg "build: arm-none-eabi-gcc, make" # ~ 10s scripts/config.pl full - scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C @@ -912,7 +910,6 @@ component_build_arm_none_eabi_gcc () { component_build_arm_none_eabi_gcc_no_udbl_division () { msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s scripts/config.pl full - scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C @@ -935,7 +932,6 @@ component_build_arm_none_eabi_gcc_no_udbl_division () { component_build_arm_none_eabi_gcc_no_64bit_multiplication () { msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s scripts/config.pl full - scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C @@ -958,7 +954,6 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { component_build_armcc () { msg "build: ARM Compiler 5, make" scripts/config.pl full - scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl index 97a43e881..3522aa595 100755 --- a/tests/scripts/depends-pkalgs.pl +++ b/tests/scripts/depends-pkalgs.pl @@ -35,26 +35,14 @@ my $config_h = 'include/mbedtls/config.h'; # Some algorithms can't be disabled on their own as others depend on them, so # we list those reverse-dependencies here to keep check_config.h happy. my %algs = ( - 'MBEDTLS_ECDSA_C' => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'], + 'MBEDTLS_ECDSA_C' => [], 'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C', 'MBEDTLS_ECDH_C', - 'MBEDTLS_ECJPAKE_C', - 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'], + 'MBEDTLS_ECJPAKE_C'], 'MBEDTLS_X509_RSASSA_PSS_SUPPORT' => [], 'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], - 'MBEDTLS_PKCS1_V15' => ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], - 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT', - 'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], + 'MBEDTLS_PKCS1_V15' => [], + 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], ); system( "cp $config_h $config_h.bak" ) and die; From bb1f70121218b461a4197224d547e6bcfae4f991 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 18:15:18 +0000 Subject: [PATCH 1184/2197] config: Remove X.509 options Note that this fails check-names.sh because options that TLS and X.509 files use are no longer present in config.h. --- configs/config-no-entropy.h | 5 - configs/config-psa-crypto.h | 208 +---------------------------- configs/config-suite-b.h | 3 - include/mbedtls/check_config.h | 41 ------ include/mbedtls/config.h | 227 +------------------------------- library/version_features.c | 45 ------- programs/test/query_config.c | 120 ----------------- scripts/config.pl | 7 - tests/scripts/depends-pkalgs.pl | 5 +- 9 files changed, 4 insertions(+), 657 deletions(-) diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index d40b48caf..6f44899e4 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -51,8 +51,6 @@ #define MBEDTLS_PKCS1_V21 #define MBEDTLS_SELF_TEST #define MBEDTLS_VERSION_FEATURES -#define MBEDTLS_X509_CHECK_KEY_USAGE -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE /* mbed TLS modules */ #define MBEDTLS_AES_C @@ -78,9 +76,6 @@ #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C #define MBEDTLS_VERSION_C -#define MBEDTLS_X509_USE_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_CRL_PARSE_C //#define MBEDTLS_CMAC_C /* Miscellaneous options */ diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 2e85819df..682fa87d7 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1024,64 +1024,6 @@ */ #define MBEDTLS_VERSION_FEATURES -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1212,8 +1154,7 @@ * Enable the generic ASN1 parser. * * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c + * Caller: library/dhm.c * library/pkcs12.c * library/pkcs5.c * library/pkparse.c @@ -1228,9 +1169,6 @@ * Module: library/asn1write.c * Caller: library/ecdsa.c * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c */ #define MBEDTLS_ASN1_WRITE_C @@ -1388,18 +1326,6 @@ */ #define MBEDTLS_CCM_C -/** - * \def MBEDTLS_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -#define MBEDTLS_CERTS_C - /** * \def MBEDTLS_CHACHA20_C * @@ -1768,13 +1694,6 @@ * library/pkparse.c * library/pkwrite.c * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c * * This modules translates between OIDs and internal values. */ @@ -1802,9 +1721,6 @@ * Module: library/pem.c * Caller: library/dhm.c * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1819,8 +1735,6 @@ * * Module: library/pem.c * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1847,8 +1761,6 @@ * Enable the generic public (asymetric) key parser. * * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c * * Requires: MBEDTLS_PK_C * @@ -1862,7 +1774,6 @@ * Enable the generic public (asymetric) key writer. * * Module: library/pkwrite.c - * Caller: library/x509write.c * * Requires: MBEDTLS_PK_C * @@ -1883,21 +1794,6 @@ */ #define MBEDTLS_PKCS5_C -/** - * \def MBEDTLS_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: MBEDTLS_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define MBEDTLS_PKCS11_C - /** * \def MBEDTLS_PKCS12_C * @@ -1999,7 +1895,6 @@ * * Module: library/rsa.c * library/rsa_internal.c - * Caller: library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2015,7 +1910,6 @@ * * Module: library/sha1.c * Caller: library/md.c - * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 * depending on the handshake parameters, and for SHA1-signed certificates. @@ -2110,106 +2004,6 @@ */ #define MBEDTLS_VERSION_C -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - /** * \def MBEDTLS_XTEA_C * diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index dd9a2a019..4faaa7718 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -66,12 +66,9 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_USE_C /* For test certificates */ #define MBEDTLS_BASE64_C -#define MBEDTLS_CERTS_C #define MBEDTLS_PEM_PARSE_C /* Save RAM at the expense of ROM */ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 933e46045..8f6ff5f8e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -255,10 +255,6 @@ #error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PKCS11_C) && !defined(MBEDTLS_PK_C) -#error "MBEDTLS_PKCS11_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C) #error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites" #endif @@ -493,11 +489,6 @@ #error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" #endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) ) -#error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_THREADING_PTHREAD) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" @@ -525,38 +516,6 @@ #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" #endif -#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ - !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \ - !defined(MBEDTLS_PK_PARSE_C) ) -#error "MBEDTLS_X509_USE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ - !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \ - !defined(MBEDTLS_PK_WRITE_C) ) -#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) -#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) -#error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) -#error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) -#error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) -#error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64) #error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously" #endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index be0f1924a..4c86e90d2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1053,83 +1053,6 @@ */ #define MBEDTLS_VERSION_FEATURES -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK - * - * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` - * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure - * the set of trusted certificates through a callback instead of a linked - * list. - * - * This is useful for example in environments where a large number of trusted - * certificates is present and storing them in a linked list isn't efficient - * enough, or when the set of trusted certificates changes frequently. - * - * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and - * `mbedtls_ssl_conf_ca_cb()` for more information. - * - * Uncomment to enable trusted certificate callbacks. - */ -//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1260,8 +1183,7 @@ * Enable the generic ASN1 parser. * * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c + * Caller: library/dhm.c * library/pkcs12.c * library/pkcs5.c * library/pkparse.c @@ -1276,9 +1198,6 @@ * Module: library/asn1write.c * Caller: library/ecdsa.c * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c */ #define MBEDTLS_ASN1_WRITE_C @@ -1436,18 +1355,6 @@ */ #define MBEDTLS_CCM_C -/** - * \def MBEDTLS_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -#define MBEDTLS_CERTS_C - /** * \def MBEDTLS_CHACHA20_C * @@ -1816,13 +1723,6 @@ * library/pkparse.c * library/pkwrite.c * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c * * This modules translates between OIDs and internal values. */ @@ -1850,9 +1750,6 @@ * Module: library/pem.c * Caller: library/dhm.c * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1867,8 +1764,6 @@ * * Module: library/pem.c * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1895,8 +1790,6 @@ * Enable the generic public (asymetric) key parser. * * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c * * Requires: MBEDTLS_PK_C * @@ -1910,7 +1803,6 @@ * Enable the generic public (asymetric) key writer. * * Module: library/pkwrite.c - * Caller: library/x509write.c * * Requires: MBEDTLS_PK_C * @@ -1931,21 +1823,6 @@ */ #define MBEDTLS_PKCS5_C -/** - * \def MBEDTLS_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: MBEDTLS_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define MBEDTLS_PKCS11_C - /** * \def MBEDTLS_PKCS12_C * @@ -2047,7 +1924,6 @@ * * Module: library/rsa.c * library/rsa_internal.c - * Caller: library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2063,7 +1939,6 @@ * * Module: library/sha1.c * Caller: library/md.c - * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 * depending on the handshake parameters, and for SHA1-signed certificates. @@ -2158,106 +2033,6 @@ */ #define MBEDTLS_VERSION_C -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - /** * \def MBEDTLS_XTEA_C * diff --git a/library/version_features.c b/library/version_features.c index b355b2b16..4f1da6aea 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -417,24 +417,6 @@ static const char *features[] = { #if defined(MBEDTLS_VERSION_FEATURES) "MBEDTLS_VERSION_FEATURES", #endif /* MBEDTLS_VERSION_FEATURES */ -#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", -#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ -#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", -#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - "MBEDTLS_X509_CHECK_KEY_USAGE", -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - "MBEDTLS_X509_RSASSA_PSS_SUPPORT", -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ #if defined(MBEDTLS_AESNI_C) "MBEDTLS_AESNI_C", #endif /* MBEDTLS_AESNI_C */ @@ -468,9 +450,6 @@ static const char *features[] = { #if defined(MBEDTLS_CCM_C) "MBEDTLS_CCM_C", #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CERTS_C) - "MBEDTLS_CERTS_C", -#endif /* MBEDTLS_CERTS_C */ #if defined(MBEDTLS_CHACHA20_C) "MBEDTLS_CHACHA20_C", #endif /* MBEDTLS_CHACHA20_C */ @@ -564,9 +543,6 @@ static const char *features[] = { #if defined(MBEDTLS_PKCS5_C) "MBEDTLS_PKCS5_C", #endif /* MBEDTLS_PKCS5_C */ -#if defined(MBEDTLS_PKCS11_C) - "MBEDTLS_PKCS11_C", -#endif /* MBEDTLS_PKCS11_C */ #if defined(MBEDTLS_PKCS12_C) "MBEDTLS_PKCS12_C", #endif /* MBEDTLS_PKCS12_C */ @@ -609,27 +585,6 @@ static const char *features[] = { #if defined(MBEDTLS_VERSION_C) "MBEDTLS_VERSION_C", #endif /* MBEDTLS_VERSION_C */ -#if defined(MBEDTLS_X509_USE_C) - "MBEDTLS_X509_USE_C", -#endif /* MBEDTLS_X509_USE_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) - "MBEDTLS_X509_CRT_PARSE_C", -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_X509_CRL_PARSE_C) - "MBEDTLS_X509_CRL_PARSE_C", -#endif /* MBEDTLS_X509_CRL_PARSE_C */ -#if defined(MBEDTLS_X509_CSR_PARSE_C) - "MBEDTLS_X509_CSR_PARSE_C", -#endif /* MBEDTLS_X509_CSR_PARSE_C */ -#if defined(MBEDTLS_X509_CREATE_C) - "MBEDTLS_X509_CREATE_C", -#endif /* MBEDTLS_X509_CREATE_C */ -#if defined(MBEDTLS_X509_CRT_WRITE_C) - "MBEDTLS_X509_CRT_WRITE_C", -#endif /* MBEDTLS_X509_CRT_WRITE_C */ -#if defined(MBEDTLS_X509_CSR_WRITE_C) - "MBEDTLS_X509_CSR_WRITE_C", -#endif /* MBEDTLS_X509_CSR_WRITE_C */ #if defined(MBEDTLS_XTEA_C) "MBEDTLS_XTEA_C", #endif /* MBEDTLS_XTEA_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index bffe9f89c..94c8ec16d 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1154,54 +1154,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_VERSION_FEATURES */ -#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - if( strcmp( "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 ); - return( 0 ); - } -#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ - -#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( strcmp( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION ); - return( 0 ); - } -#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ); - return( 0 ); - } -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( strcmp( "MBEDTLS_X509_CHECK_KEY_USAGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_KEY_USAGE ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ - -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - if( strcmp( "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT ); - return( 0 ); - } -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - #if defined(MBEDTLS_AESNI_C) if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) { @@ -1290,14 +1242,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CERTS_C) - if( strcmp( "MBEDTLS_CERTS_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CERTS_C ); - return( 0 ); - } -#endif /* MBEDTLS_CERTS_C */ - #if defined(MBEDTLS_CHACHA20_C) if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 ) { @@ -1546,14 +1490,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PKCS5_C */ -#if defined(MBEDTLS_PKCS11_C) - if( strcmp( "MBEDTLS_PKCS11_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS11_C ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS11_C */ - #if defined(MBEDTLS_PKCS12_C) if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 ) { @@ -1666,62 +1602,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_VERSION_C */ -#if defined(MBEDTLS_X509_USE_C) - if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_USE_C */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRL_PARSE_C */ - -#if defined(MBEDTLS_X509_CSR_PARSE_C) - if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - -#if defined(MBEDTLS_X509_CREATE_C) - if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CREATE_C */ - -#if defined(MBEDTLS_X509_CRT_WRITE_C) - if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRT_WRITE_C */ - -#if defined(MBEDTLS_X509_CSR_WRITE_C) - if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CSR_WRITE_C */ - #if defined(MBEDTLS_XTEA_C) if( strcmp( "MBEDTLS_XTEA_C", config ) == 0 ) { diff --git a/scripts/config.pl b/scripts/config.pl index bdd20901c..b66790514 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -29,10 +29,6 @@ # MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES # MBEDTLS_NO_PLATFORM_ENTROPY # MBEDTLS_RSA_NO_CRT -# MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 -# MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION -# - this could be enabled if the respective tests were adapted -# MBEDTLS_PKCS11_C # MBEDTLS_USE_PSA_CRYPTO # - experimental, and more an alternative implementation than a feature # and any symbol beginning _ALT @@ -87,9 +83,6 @@ MBEDTLS_ECP_DP_M511_ENABLED MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES MBEDTLS_NO_PLATFORM_ENTROPY MBEDTLS_RSA_NO_CRT -MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 -MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION -MBEDTLS_PKCS11_C MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_PSA_CRYPTO_SPM diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl index 3522aa595..72c7f4103 100755 --- a/tests/scripts/depends-pkalgs.pl +++ b/tests/scripts/depends-pkalgs.pl @@ -39,10 +39,9 @@ my %algs = ( 'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C', 'MBEDTLS_ECDH_C', 'MBEDTLS_ECJPAKE_C'], - 'MBEDTLS_X509_RSASSA_PSS_SUPPORT' => [], - 'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], + 'MBEDTLS_PKCS1_V21' => [], 'MBEDTLS_PKCS1_V15' => [], - 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], + 'MBEDTLS_RSA_C' => [], ); system( "cp $config_h $config_h.bak" ) and die; From a4308b29a42a00fcbffa7d6d041946feeddc0ce9 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 2 Nov 2018 11:09:10 +0000 Subject: [PATCH 1185/2197] Remove unused TLS, NET, and X.509 files We've removed all software that depends on or uses the TLS, NET, and X.509 modules. This means TLS, NET, and X.509 are unused and can be removed. Remove TLS, NET, and X.509. --- doxygen/input/doc_ssltls.h | 51 - doxygen/input/doc_tcpip.h | 46 - doxygen/input/doc_x509.h | 45 - include/mbedtls/debug.h | 265 - include/mbedtls/net.h | 37 - include/mbedtls/net_sockets.h | 271 - include/mbedtls/pkcs11.h | 175 - include/mbedtls/ssl.h | 3494 --------- include/mbedtls/ssl_cache.h | 151 - include/mbedtls/ssl_ciphersuites.h | 558 -- include/mbedtls/ssl_cookie.h | 115 - include/mbedtls/ssl_internal.h | 819 -- include/mbedtls/ssl_ticket.h | 142 - include/mbedtls/x509.h | 339 - include/mbedtls/x509_crl.h | 174 - include/mbedtls/x509_crt.h | 921 --- include/mbedtls/x509_csr.h | 307 - library/certs.c | 436 -- library/debug.c | 438 -- library/error.c | 200 - library/net_sockets.c | 668 -- library/pkcs11.c | 240 - library/ssl_cache.c | 353 - library/ssl_ciphersuites.c | 2373 ------ library/ssl_cli.c | 3944 ---------- library/ssl_cookie.c | 256 - library/ssl_srv.c | 4437 ----------- library/ssl_ticket.c | 595 -- library/ssl_tls.c | 10634 -------------------------- library/x509.c | 1062 --- library/x509_create.c | 379 - library/x509_crl.c | 773 -- library/x509_crt.c | 2879 ------- library/x509_csr.c | 419 - library/x509write_crt.c | 495 -- library/x509write_csr.c | 287 - programs/test/cpp_dummy_build.cpp | 10 - programs/test/query_config.c | 13 - scripts/data_files/query_config.fmt | 13 - visualc/VS2010/mbedTLS.vcxproj | 32 - 40 files changed, 38846 deletions(-) delete mode 100644 doxygen/input/doc_ssltls.h delete mode 100644 doxygen/input/doc_tcpip.h delete mode 100644 doxygen/input/doc_x509.h delete mode 100644 include/mbedtls/debug.h delete mode 100644 include/mbedtls/net.h delete mode 100644 include/mbedtls/net_sockets.h delete mode 100644 include/mbedtls/pkcs11.h delete mode 100644 include/mbedtls/ssl.h delete mode 100644 include/mbedtls/ssl_cache.h delete mode 100644 include/mbedtls/ssl_ciphersuites.h delete mode 100644 include/mbedtls/ssl_cookie.h delete mode 100644 include/mbedtls/ssl_internal.h delete mode 100644 include/mbedtls/ssl_ticket.h delete mode 100644 include/mbedtls/x509.h delete mode 100644 include/mbedtls/x509_crl.h delete mode 100644 include/mbedtls/x509_crt.h delete mode 100644 include/mbedtls/x509_csr.h delete mode 100644 library/certs.c delete mode 100644 library/debug.c delete mode 100644 library/net_sockets.c delete mode 100644 library/pkcs11.c delete mode 100644 library/ssl_cache.c delete mode 100644 library/ssl_ciphersuites.c delete mode 100644 library/ssl_cli.c delete mode 100644 library/ssl_cookie.c delete mode 100644 library/ssl_srv.c delete mode 100644 library/ssl_ticket.c delete mode 100644 library/ssl_tls.c delete mode 100644 library/x509.c delete mode 100644 library/x509_create.c delete mode 100644 library/x509_crl.c delete mode 100644 library/x509_crt.c delete mode 100644 library/x509_csr.c delete mode 100644 library/x509write_crt.c delete mode 100644 library/x509write_csr.c diff --git a/doxygen/input/doc_ssltls.h b/doxygen/input/doc_ssltls.h deleted file mode 100644 index 4addfb38e..000000000 --- a/doxygen/input/doc_ssltls.h +++ /dev/null @@ -1,51 +0,0 @@ -/** - * \file doc_ssltls.h - * - * \brief SSL/TLS communication module documentation file. - */ -/* - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/** - * @addtogroup ssltls_communication_module SSL/TLS communication module - * - * The SSL/TLS communication module provides the means to create an SSL/TLS - * communication channel. - * - * The basic provisions are: - * - initialise an SSL/TLS context (see \c mbedtls_ssl_init()). - * - perform an SSL/TLS handshake (see \c mbedtls_ssl_handshake()). - * - read/write (see \c mbedtls_ssl_read() and \c mbedtls_ssl_write()). - * - notify a peer that connection is being closed (see \c mbedtls_ssl_close_notify()). - * - * Many aspects of such a channel are set through parameters and callback - * functions: - * - the endpoint role: client or server. - * - the authentication mode. Should verification take place. - * - the Host-to-host communication channel. A TCP/IP module is provided. - * - the random number generator (RNG). - * - the ciphers to use for encryption/decryption. - * - session control functions. - * - X.509 parameters for certificate-handling and key exchange. - * - * This module can be used to create an SSL/TLS server and client and to provide a basic - * framework to setup and communicate through an SSL/TLS communication channel.\n - * Note that you need to provide for several aspects yourself as mentioned above. - */ diff --git a/doxygen/input/doc_tcpip.h b/doxygen/input/doc_tcpip.h deleted file mode 100644 index 95f458601..000000000 --- a/doxygen/input/doc_tcpip.h +++ /dev/null @@ -1,46 +0,0 @@ -/** - * \file doc_tcpip.h - * - * \brief TCP/IP communication module documentation file. - */ -/* - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/** - * @addtogroup tcpip_communication_module TCP/IP communication module - * - * The TCP/IP communication module provides for a channel of - * communication for the \link ssltls_communication_module SSL/TLS communication - * module\endlink to use. - * In the TCP/IP-model it provides for communication up to the Transport - * (or Host-to-host) layer. - * SSL/TLS resides on top of that, in the Application layer, and makes use of - * its basic provisions: - * - listening on a port (see \c mbedtls_net_bind()). - * - accepting a connection (through \c mbedtls_net_accept()). - * - read/write (through \c mbedtls_net_recv()/\c mbedtls_net_send()). - * - close a connection (through \c mbedtls_net_close()). - * - * This way you have the means to, for example, implement and use an UDP or - * IPSec communication solution as a basis. - * - * This module can be used at server- and clientside to provide a basic - * means of communication over the internet. - */ diff --git a/doxygen/input/doc_x509.h b/doxygen/input/doc_x509.h deleted file mode 100644 index 9b52569bb..000000000 --- a/doxygen/input/doc_x509.h +++ /dev/null @@ -1,45 +0,0 @@ -/** - * \file doc_x509.h - * - * \brief X.509 module documentation file. - */ -/* - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/** - * @addtogroup x509_module X.509 module - * - * The X.509 module provides X.509 support for reading, writing and verification - * of certificates. - * In summary: - * - X.509 certificate (CRT) reading (see \c mbedtls_x509_crt_parse(), - * \c mbedtls_x509_crt_parse_der(), \c mbedtls_x509_crt_parse_file()). - * - X.509 certificate revocation list (CRL) reading (see - * \c mbedtls_x509_crl_parse(), \c mbedtls_x509_crl_parse_der(), - * and \c mbedtls_x509_crl_parse_file()). - * - X.509 certificate signature verification (see \c - * mbedtls_x509_crt_verify() and \c mbedtls_x509_crt_verify_with_profile(). - * - X.509 certificate writing and certificate request writing (see - * \c mbedtls_x509write_crt_der() and \c mbedtls_x509write_csr_der()). - * - * This module can be used to build a certificate authority (CA) chain and - * verify its signature. It is also used to generate Certificate Signing - * Requests and X.509 certificates just as a CA would do. - */ diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h deleted file mode 100644 index 736444bb7..000000000 --- a/include/mbedtls/debug.h +++ /dev/null @@ -1,265 +0,0 @@ -/** - * \file debug.h - * - * \brief Functions for controlling and providing debug output from the library. - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_DEBUG_H -#define MBEDTLS_DEBUG_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "ssl.h" - -#if defined(MBEDTLS_ECP_C) -#include "ecp.h" -#endif - -#if defined(MBEDTLS_DEBUG_C) - -#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ - -#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ - mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ - MBEDTLS_DEBUG_STRIP_PARENS args ) - -#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ - mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) - -#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ - mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) - -#if defined(MBEDTLS_BIGNUM_C) -#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ - mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) -#endif - -#if defined(MBEDTLS_ECP_C) -#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ - mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ - mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) -#endif - -#if defined(MBEDTLS_ECDH_C) -#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ - mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) -#endif - -#else /* MBEDTLS_DEBUG_C */ - -#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) - -#endif /* MBEDTLS_DEBUG_C */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Set the threshold error level to handle globally all debug output. - * Debug messages that have a level over the threshold value are - * discarded. - * (Default value: 0 = No debug ) - * - * \param threshold theshold level of messages to filter on. Messages at a - * higher level will be discarded. - * - Debug levels - * - 0 No debug - * - 1 Error - * - 2 State change - * - 3 Informational - * - 4 Verbose - */ -void mbedtls_debug_set_threshold( int threshold ); - -/** - * \brief Print a message to the debug output. This function is always used - * through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl - * context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the message has occurred in - * \param line line number the message has occurred at - * \param format format specifier, in printf format - * \param ... variables used by the format specifier - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ... ); - -/** - * \brief Print the return value of a function to the debug output. This - * function is always used through the MBEDTLS_SSL_DEBUG_RET() macro, - * which supplies the ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text the name of the function that returned the error - * \param ret the return code value - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ); - -/** - * \brief Output a buffer of size len bytes to the debug output. This function - * is always used through the MBEDTLS_SSL_DEBUG_BUF() macro, - * which supplies the ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the buffer being dumped. Normally the - * variable or buffer name - * \param buf the buffer to be outputted - * \param len length of the buffer - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len ); - -#if defined(MBEDTLS_BIGNUM_C) -/** - * \brief Print a MPI variable to the debug output. This function is always - * used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the - * ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the MPI being output. Normally the - * variable name - * \param X the MPI variable - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X ); -#endif - -#if defined(MBEDTLS_ECP_C) -/** - * \brief Print an ECP point to the debug output. This function is always - * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the - * ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the ECP point being output. Normally the - * variable name - * \param X the ECP point - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X ); -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Print a X.509 certificate structure to the debug output. This - * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, - * which supplies the ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the certificate being output - * \param crt X.509 certificate structure - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt ); -#endif - -#if defined(MBEDTLS_ECDH_C) -typedef enum -{ - MBEDTLS_DEBUG_ECDH_Q, - MBEDTLS_DEBUG_ECDH_QP, - MBEDTLS_DEBUG_ECDH_Z, -} mbedtls_debug_ecdh_attr; - -/** - * \brief Print a field of the ECDH structure in the SSL context to the debug - * output. This function is always used through the - * MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file - * and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param ecdh the ECDH context - * \param attr the identifier of the attribute being output - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* debug.h */ - diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h deleted file mode 100644 index 8cead58e5..000000000 --- a/include/mbedtls/net.h +++ /dev/null @@ -1,37 +0,0 @@ -/** - * \file net.h - * - * \brief Deprecated header file that includes net_sockets.h - * - * \deprecated Superseded by mbedtls/net_sockets.h - */ -/* - * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#include "net_sockets.h" -#if defined(MBEDTLS_DEPRECATED_WARNING) -#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h" -#endif /* MBEDTLS_DEPRECATED_WARNING */ -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h deleted file mode 100644 index 4c7ef00fe..000000000 --- a/include/mbedtls/net_sockets.h +++ /dev/null @@ -1,271 +0,0 @@ -/** - * \file net_sockets.h - * - * \brief Network sockets abstraction layer to integrate Mbed TLS into a - * BSD-style sockets API. - * - * The network sockets module provides an example integration of the - * Mbed TLS library into a BSD sockets implementation. The module is - * intended to be an example of how Mbed TLS can be integrated into a - * networking stack, as well as to be Mbed TLS's network integration - * for its supported platforms. - * - * The module is intended only to be used with the Mbed TLS library and - * is not intended to be used by third party application software - * directly. - * - * The supported platforms are as follows: - * * Microsoft Windows and Windows CE - * * POSIX/Unix platforms including Linux, OS X - * - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_NET_SOCKETS_H -#define MBEDTLS_NET_SOCKETS_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "ssl.h" - -#include -#include - -#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ -#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ -#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ -#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ -#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ -#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ -#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ -#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ -#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */ -#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */ -#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */ -#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */ -#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */ - -#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ - -#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */ -#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */ - -#define MBEDTLS_NET_POLL_READ 1 /**< Used in \c mbedtls_net_poll to check for pending data */ -#define MBEDTLS_NET_POLL_WRITE 2 /**< Used in \c mbedtls_net_poll to check if write possible */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * Wrapper type for sockets. - * - * Currently backed by just a file descriptor, but might be more in the future - * (eg two file descriptors for combined IPv4 + IPv6 support, or additional - * structures for hand-made UDP demultiplexing). - */ -typedef struct mbedtls_net_context -{ - int fd; /**< The underlying file descriptor */ -} -mbedtls_net_context; - -/** - * \brief Initialize a context - * Just makes the context ready to be used or freed safely. - * - * \param ctx Context to initialize - */ -void mbedtls_net_init( mbedtls_net_context *ctx ); - -/** - * \brief Initiate a connection with host:port in the given protocol - * - * \param ctx Socket to use - * \param host Host to connect to - * \param port Port to connect to - * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP - * - * \return 0 if successful, or one of: - * MBEDTLS_ERR_NET_SOCKET_FAILED, - * MBEDTLS_ERR_NET_UNKNOWN_HOST, - * MBEDTLS_ERR_NET_CONNECT_FAILED - * - * \note Sets the socket in connected mode even with UDP. - */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); - -/** - * \brief Create a receiving socket on bind_ip:port in the chosen - * protocol. If bind_ip == NULL, all interfaces are bound. - * - * \param ctx Socket to use - * \param bind_ip IP to bind to, can be NULL - * \param port Port number to use - * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP - * - * \return 0 if successful, or one of: - * MBEDTLS_ERR_NET_SOCKET_FAILED, - * MBEDTLS_ERR_NET_BIND_FAILED, - * MBEDTLS_ERR_NET_LISTEN_FAILED - * - * \note Regardless of the protocol, opens the sockets and binds it. - * In addition, make the socket listening if protocol is TCP. - */ -int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); - -/** - * \brief Accept a connection from a remote client - * - * \param bind_ctx Relevant socket - * \param client_ctx Will contain the connected client socket - * \param client_ip Will contain the client IP address, can be NULL - * \param buf_size Size of the client_ip buffer - * \param ip_len Will receive the size of the client IP written, - * can be NULL if client_ip is null - * - * \return 0 if successful, or - * MBEDTLS_ERR_NET_ACCEPT_FAILED, or - * MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small, - * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to - * non-blocking and accept() would block. - */ -int mbedtls_net_accept( mbedtls_net_context *bind_ctx, - mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len ); - -/** - * \brief Check and wait for the context to be ready for read/write - * - * \param ctx Socket to check - * \param rw Bitflag composed of MBEDTLS_NET_POLL_READ and - * MBEDTLS_NET_POLL_WRITE specifying the events - * to wait for: - * - If MBEDTLS_NET_POLL_READ is set, the function - * will return as soon as the net context is available - * for reading. - * - If MBEDTLS_NET_POLL_WRITE is set, the function - * will return as soon as the net context is available - * for writing. - * \param timeout Maximal amount of time to wait before returning, - * in milliseconds. If \c timeout is zero, the - * function returns immediately. If \c timeout is - * -1u, the function blocks potentially indefinitely. - * - * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE - * on success or timeout, or a negative return code otherwise. - */ -int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); - -/** - * \brief Set the socket blocking - * - * \param ctx Socket to set - * - * \return 0 if successful, or a non-zero error code - */ -int mbedtls_net_set_block( mbedtls_net_context *ctx ); - -/** - * \brief Set the socket non-blocking - * - * \param ctx Socket to set - * - * \return 0 if successful, or a non-zero error code - */ -int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); - -/** - * \brief Portable usleep helper - * - * \param usec Amount of microseconds to sleep - * - * \note Real amount of time slept will not be less than - * select()'s timeout granularity (typically, 10ms). - */ -void mbedtls_net_usleep( unsigned long usec ); - -/** - * \brief Read at most 'len' characters. If no error occurs, - * the actual amount read is returned. - * - * \param ctx Socket - * \param buf The buffer to write to - * \param len Maximum length of the buffer - * - * \return the number of bytes received, - * or a non-zero error code; with a non-blocking socket, - * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. - */ -int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); - -/** - * \brief Write at most 'len' characters. If no error occurs, - * the actual amount read is returned. - * - * \param ctx Socket - * \param buf The buffer to read from - * \param len The length of the buffer - * - * \return the number of bytes sent, - * or a non-zero error code; with a non-blocking socket, - * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. - */ -int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); - -/** - * \brief Read at most 'len' characters, blocking for at most - * 'timeout' seconds. If no error occurs, the actual amount - * read is returned. - * - * \param ctx Socket - * \param buf The buffer to write to - * \param len Maximum length of the buffer - * \param timeout Maximum number of milliseconds to wait for data - * 0 means no timeout (wait forever) - * - * \return the number of bytes received, - * or a non-zero error code: - * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, - * MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. - * - * \note This function will block (until data becomes available or - * timeout is reached) even if the socket is set to - * non-blocking. Handling timeouts with non-blocking reads - * requires a different strategy. - */ -int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ); - -/** - * \brief Gracefully shutdown the connection and free associated data - * - * \param ctx The context to free - */ -void mbedtls_net_free( mbedtls_net_context *ctx ); - -#ifdef __cplusplus -} -#endif - -#endif /* net_sockets.h */ diff --git a/include/mbedtls/pkcs11.h b/include/mbedtls/pkcs11.h deleted file mode 100644 index 02427ddc1..000000000 --- a/include/mbedtls/pkcs11.h +++ /dev/null @@ -1,175 +0,0 @@ -/** - * \file pkcs11.h - * - * \brief Wrapper for PKCS#11 library libpkcs11-helper - * - * \author Adriaan de Jong - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_PKCS11_H -#define MBEDTLS_PKCS11_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PKCS11_C) - -#include "x509_crt.h" - -#include - -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * Context for PKCS #11 private keys. - */ -typedef struct mbedtls_pkcs11_context -{ - pkcs11h_certificate_t pkcs11h_cert; - int len; -} mbedtls_pkcs11_context; - -/** - * Initialize a mbedtls_pkcs11_context. - * (Just making memory references valid.) - */ -void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); - -/** - * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate. - * - * \param cert X.509 certificate to fill - * \param pkcs11h_cert PKCS #11 helper certificate - * - * \return 0 on success. - */ -int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert ); - -/** - * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the - * mbedtls_pkcs11_context will take over control of the certificate, freeing it when - * done. - * - * \param priv_key Private key structure to fill. - * \param pkcs11_cert PKCS #11 helper certificate - * - * \return 0 on success - */ -int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ); - -/** - * Free the contents of the given private key context. Note that the structure - * itself is not freed. - * - * \param priv_key Private key structure to cleanup - */ -void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ); - -/** - * \brief Do an RSA private key decrypt, then remove the message - * padding - * - * \param ctx PKCS #11 context - * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature - * \param input buffer holding the encrypted data - * \param output buffer that will hold the plaintext - * \param olen will contain the plaintext length - * \param output_max_len maximum length of the output buffer - * - * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code - * - * \note The output buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise - * an error is thrown. - */ -int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); - -/** - * \brief Do a private RSA to sign a message digest - * - * \param ctx PKCS #11 context - * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature - * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) - * \param hashlen message digest length (for MBEDTLS_MD_NONE only) - * \param hash buffer holding the message digest - * \param sig buffer that will hold the ciphertext - * - * \return 0 if the signing operation was successful, - * or an MBEDTLS_ERR_RSA_XXX error code - * - * \note The "sig" buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used). - */ -int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); - -/** - * SSL/TLS wrappers for PKCS#11 functions - */ -static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) -{ - return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output, - output_max_len ); -} - -static inline int mbedtls_ssl_pkcs11_sign( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) -{ - ((void) f_rng); - ((void) p_rng); - return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg, - hashlen, hash, sig ); -} - -static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx ) -{ - return ( (mbedtls_pkcs11_context *) ctx )->len; -} - -#ifdef __cplusplus -} -#endif - -#endif /* MBEDTLS_PKCS11_C */ - -#endif /* MBEDTLS_PKCS11_H */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h deleted file mode 100644 index 135be0501..000000000 --- a/include/mbedtls/ssl.h +++ /dev/null @@ -1,3494 +0,0 @@ -/** - * \file ssl.h - * - * \brief SSL/TLS functions. - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SSL_H -#define MBEDTLS_SSL_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "bignum.h" -#include "ecp.h" - -#include "ssl_ciphersuites.h" - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#include "x509_crt.h" -#include "x509_crl.h" -#endif - -#if defined(MBEDTLS_DHM_C) -#include "dhm.h" -#endif - -#if defined(MBEDTLS_ECDH_C) -#include "ecdh.h" -#endif - -#if defined(MBEDTLS_ZLIB_SUPPORT) - -#if defined(MBEDTLS_DEPRECATED_WARNING) -#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library" -#endif - -#if defined(MBEDTLS_DEPRECATED_REMOVED) -#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" -#endif - -#include "zlib.h" -#endif - -#if defined(MBEDTLS_HAVE_TIME) -#include "platform_time.h" -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -/* - * SSL Error codes - */ -#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ -#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ -#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ -#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ -#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ -#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ -#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ -#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ -#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ -#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ -#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ -#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ -#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ -#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ -#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ -#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ -#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ -#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ -#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ -#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ -#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ -#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ -#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ -#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ -#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ -#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ -#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ -#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ -#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */ -#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ -#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ -#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ -#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ -#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ -#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */ -#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ -#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ -#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ -#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ - -/* - * Various constants - */ -#define MBEDTLS_SSL_MAJOR_VERSION_3 3 -#define MBEDTLS_SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ -#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ -#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ -#define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ - -#define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */ -#define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */ - -#define MBEDTLS_SSL_MAX_HOST_NAME_LEN 255 /*!< Maximum host name defined in RFC 1035 */ - -/* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c - * NONE must be zero so that memset()ing structure to zero works */ -#define MBEDTLS_SSL_MAX_FRAG_LEN_NONE 0 /*!< don't use this extension */ -#define MBEDTLS_SSL_MAX_FRAG_LEN_512 1 /*!< MaxFragmentLength 2^9 */ -#define MBEDTLS_SSL_MAX_FRAG_LEN_1024 2 /*!< MaxFragmentLength 2^10 */ -#define MBEDTLS_SSL_MAX_FRAG_LEN_2048 3 /*!< MaxFragmentLength 2^11 */ -#define MBEDTLS_SSL_MAX_FRAG_LEN_4096 4 /*!< MaxFragmentLength 2^12 */ -#define MBEDTLS_SSL_MAX_FRAG_LEN_INVALID 5 /*!< first invalid value */ - -#define MBEDTLS_SSL_IS_CLIENT 0 -#define MBEDTLS_SSL_IS_SERVER 1 - -#define MBEDTLS_SSL_IS_NOT_FALLBACK 0 -#define MBEDTLS_SSL_IS_FALLBACK 1 - -#define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 -#define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 - -#define MBEDTLS_SSL_ETM_DISABLED 0 -#define MBEDTLS_SSL_ETM_ENABLED 1 - -#define MBEDTLS_SSL_COMPRESS_NULL 0 -#define MBEDTLS_SSL_COMPRESS_DEFLATE 1 - -#define MBEDTLS_SSL_VERIFY_NONE 0 -#define MBEDTLS_SSL_VERIFY_OPTIONAL 1 -#define MBEDTLS_SSL_VERIFY_REQUIRED 2 -#define MBEDTLS_SSL_VERIFY_UNSET 3 /* Used only for sni_authmode */ - -#define MBEDTLS_SSL_LEGACY_RENEGOTIATION 0 -#define MBEDTLS_SSL_SECURE_RENEGOTIATION 1 - -#define MBEDTLS_SSL_RENEGOTIATION_DISABLED 0 -#define MBEDTLS_SSL_RENEGOTIATION_ENABLED 1 - -#define MBEDTLS_SSL_ANTI_REPLAY_DISABLED 0 -#define MBEDTLS_SSL_ANTI_REPLAY_ENABLED 1 - -#define MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED -1 -#define MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT 16 - -#define MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION 0 -#define MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION 1 -#define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE 2 - -#define MBEDTLS_SSL_TRUNC_HMAC_DISABLED 0 -#define MBEDTLS_SSL_TRUNC_HMAC_ENABLED 1 -#define MBEDTLS_SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ - -#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0 -#define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1 - -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED 0 -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED 1 - -#define MBEDTLS_SSL_ARC4_ENABLED 0 -#define MBEDTLS_SSL_ARC4_DISABLED 1 - -#define MBEDTLS_SSL_PRESET_DEFAULT 0 -#define MBEDTLS_SSL_PRESET_SUITEB 2 - -#define MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED 1 -#define MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED 0 - -/* - * Default range for DTLS retransmission timer value, in milliseconds. - * RFC 6347 4.2.4.1 says from 1 second to 60 seconds. - */ -#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN 1000 -#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX 60000 - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - -#if !defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) -#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -#endif - -/* - * Maximum fragment length in bytes, - * determines the size of each of the two internal I/O buffers. - * - * Note: the RFC defines the default size of SSL / TLS messages. If you - * change the value here, other clients / servers may not be able to - * communicate with you anymore. Only change this value if you control - * both sides of the connection and have it reduced at both sides, or - * if you're using the Max Fragment Length extension and you know all your - * peers are using it too! - */ -#if !defined(MBEDTLS_SSL_MAX_CONTENT_LEN) -#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ -#endif - -#if !defined(MBEDTLS_SSL_IN_CONTENT_LEN) -#define MBEDTLS_SSL_IN_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN -#endif - -#if !defined(MBEDTLS_SSL_OUT_CONTENT_LEN) -#define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN -#endif - -/* - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - */ -#if !defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) -#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 -#endif - -/* \} name SECTION: Module settings */ - -/* - * Length of the verify data for secure renegotiation - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) -#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 36 -#else -#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 12 -#endif - -/* - * Signaling ciphersuite values (SCSV) - */ -#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ -#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< RFC 7507 section 2 */ - -/* - * Supported Signature and Hash algorithms (For TLS 1.2) - * RFC 5246 section 7.4.1.4.1 - */ -#define MBEDTLS_SSL_HASH_NONE 0 -#define MBEDTLS_SSL_HASH_MD5 1 -#define MBEDTLS_SSL_HASH_SHA1 2 -#define MBEDTLS_SSL_HASH_SHA224 3 -#define MBEDTLS_SSL_HASH_SHA256 4 -#define MBEDTLS_SSL_HASH_SHA384 5 -#define MBEDTLS_SSL_HASH_SHA512 6 - -#define MBEDTLS_SSL_SIG_ANON 0 -#define MBEDTLS_SSL_SIG_RSA 1 -#define MBEDTLS_SSL_SIG_ECDSA 3 - -/* - * Client Certificate Types - * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 - */ -#define MBEDTLS_SSL_CERT_TYPE_RSA_SIGN 1 -#define MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN 64 - -/* - * Message, alert and handshake types - */ -#define MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC 20 -#define MBEDTLS_SSL_MSG_ALERT 21 -#define MBEDTLS_SSL_MSG_HANDSHAKE 22 -#define MBEDTLS_SSL_MSG_APPLICATION_DATA 23 - -#define MBEDTLS_SSL_ALERT_LEVEL_WARNING 1 -#define MBEDTLS_SSL_ALERT_LEVEL_FATAL 2 - -#define MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ -#define MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ -#define MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ -#define MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ -#define MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ -#define MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ -#define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ -#define MBEDTLS_SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ -#define MBEDTLS_SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ -#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ -#define MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ -#define MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ -#define MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ -#define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ -#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ -#define MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ -#define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ -#define MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ -#define MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ -#define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ -#define MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ -#define MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ -#define MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ -#define MBEDTLS_SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ -#define MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ -#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ -#define MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ -#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ -#define MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ - -#define MBEDTLS_SSL_HS_HELLO_REQUEST 0 -#define MBEDTLS_SSL_HS_CLIENT_HELLO 1 -#define MBEDTLS_SSL_HS_SERVER_HELLO 2 -#define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST 3 -#define MBEDTLS_SSL_HS_NEW_SESSION_TICKET 4 -#define MBEDTLS_SSL_HS_CERTIFICATE 11 -#define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE 12 -#define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST 13 -#define MBEDTLS_SSL_HS_SERVER_HELLO_DONE 14 -#define MBEDTLS_SSL_HS_CERTIFICATE_VERIFY 15 -#define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE 16 -#define MBEDTLS_SSL_HS_FINISHED 20 - -/* - * TLS extensions - */ -#define MBEDTLS_TLS_EXT_SERVERNAME 0 -#define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME 0 - -#define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 - -#define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 - -#define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 -#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 - -#define MBEDTLS_TLS_EXT_SIG_ALG 13 - -#define MBEDTLS_TLS_EXT_ALPN 16 - -#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ -#define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ - -#define MBEDTLS_TLS_EXT_SESSION_TICKET 35 - -#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ - -#define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 - -/* - * Size defines - */ -#if !defined(MBEDTLS_PSK_MAX_LEN) -#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ -#endif - -/* Dummy type used only for its size */ -union mbedtls_ssl_premaster_secret -{ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - unsigned char _pms_dhm[MBEDTLS_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - unsigned char _pms_psk[4 + 2 * MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 2 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE - + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES - + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */ -#endif -}; - -#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * SSL state machine - */ -typedef enum -{ - MBEDTLS_SSL_HELLO_REQUEST, - MBEDTLS_SSL_CLIENT_HELLO, - MBEDTLS_SSL_SERVER_HELLO, - MBEDTLS_SSL_SERVER_CERTIFICATE, - MBEDTLS_SSL_SERVER_KEY_EXCHANGE, - MBEDTLS_SSL_CERTIFICATE_REQUEST, - MBEDTLS_SSL_SERVER_HELLO_DONE, - MBEDTLS_SSL_CLIENT_CERTIFICATE, - MBEDTLS_SSL_CLIENT_KEY_EXCHANGE, - MBEDTLS_SSL_CERTIFICATE_VERIFY, - MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC, - MBEDTLS_SSL_CLIENT_FINISHED, - MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC, - MBEDTLS_SSL_SERVER_FINISHED, - MBEDTLS_SSL_FLUSH_BUFFERS, - MBEDTLS_SSL_HANDSHAKE_WRAPUP, - MBEDTLS_SSL_HANDSHAKE_OVER, - MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET, - MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, -} -mbedtls_ssl_states; - -/** - * \brief Callback type: send data on the network. - * - * \note That callback may be either blocking or non-blocking. - * - * \param ctx Context for the send callback (typically a file descriptor) - * \param buf Buffer holding the data to send - * \param len Length of the data to send - * - * \return The callback must return the number of bytes sent if any, - * or a non-zero error code. - * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_WRITE - * must be returned when the operation would block. - * - * \note The callback is allowed to send fewer bytes than requested. - * It must always return the number of bytes actually sent. - */ -typedef int mbedtls_ssl_send_t( void *ctx, - const unsigned char *buf, - size_t len ); - -/** - * \brief Callback type: receive data from the network. - * - * \note That callback may be either blocking or non-blocking. - * - * \param ctx Context for the receive callback (typically a file - * descriptor) - * \param buf Buffer to write the received data to - * \param len Length of the receive buffer - * - * \return The callback must return the number of bytes received, - * or a non-zero error code. - * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ - * must be returned when the operation would block. - * - * \note The callback may receive fewer bytes than the length of the - * buffer. It must always return the number of bytes actually - * received and written to the buffer. - */ -typedef int mbedtls_ssl_recv_t( void *ctx, - unsigned char *buf, - size_t len ); - -/** - * \brief Callback type: receive data from the network, with timeout - * - * \note That callback must block until data is received, or the - * timeout delay expires, or the operation is interrupted by a - * signal. - * - * \param ctx Context for the receive callback (typically a file descriptor) - * \param buf Buffer to write the received data to - * \param len Length of the receive buffer - * \param timeout Maximum nomber of millisecondes to wait for data - * 0 means no timeout (potentially waiting forever) - * - * \return The callback must return the number of bytes received, - * or a non-zero error code: - * \c MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, - * \c MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. - * - * \note The callback may receive fewer bytes than the length of the - * buffer. It must always return the number of bytes actually - * received and written to the buffer. - */ -typedef int mbedtls_ssl_recv_timeout_t( void *ctx, - unsigned char *buf, - size_t len, - uint32_t timeout ); -/** - * \brief Callback type: set a pair of timers/delays to watch - * - * \param ctx Context pointer - * \param int_ms Intermediate delay in milliseconds - * \param fin_ms Final delay in milliseconds - * 0 cancels the current timer. - * - * \note This callback must at least store the necessary information - * for the associated \c mbedtls_ssl_get_timer_t callback to - * return correct information. - * - * \note If using a event-driven style of programming, an event must - * be generated when the final delay is passed. The event must - * cause a call to \c mbedtls_ssl_handshake() with the proper - * SSL context to be scheduled. Care must be taken to ensure - * that at most one such call happens at a time. - * - * \note Only one timer at a time must be running. Calling this - * function while a timer is running must cancel it. Cancelled - * timers must not generate any event. - */ -typedef void mbedtls_ssl_set_timer_t( void * ctx, - uint32_t int_ms, - uint32_t fin_ms ); - -/** - * \brief Callback type: get status of timers/delays - * - * \param ctx Context pointer - * - * \return This callback must return: - * -1 if cancelled (fin_ms == 0), - * 0 if none of the delays have passed, - * 1 if only the intermediate delay has passed, - * 2 if the final delay has passed. - */ -typedef int mbedtls_ssl_get_timer_t( void * ctx ); - -/* Defined below */ -typedef struct mbedtls_ssl_session mbedtls_ssl_session; -typedef struct mbedtls_ssl_context mbedtls_ssl_context; -typedef struct mbedtls_ssl_config mbedtls_ssl_config; - -/* Defined in ssl_internal.h */ -typedef struct mbedtls_ssl_transform mbedtls_ssl_transform; -typedef struct mbedtls_ssl_handshake_params mbedtls_ssl_handshake_params; -typedef struct mbedtls_ssl_sig_hash_set_t mbedtls_ssl_sig_hash_set_t; -#if defined(MBEDTLS_X509_CRT_PARSE_C) -typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert; -#endif -#if defined(MBEDTLS_SSL_PROTO_DTLS) -typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; -#endif - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Callback type: start external signature operation. - * - * This callback is called during an SSL handshake to start - * a signature decryption operation using an - * external processor. The parameter \p cert contains - * the public key; it is up to the callback function to - * determine how to access the associated private key. - * - * This function typically sends or enqueues a request, and - * does not wait for the operation to complete. This allows - * the handshake step to be non-blocking. - * - * The parameters \p ssl and \p cert are guaranteed to remain - * valid throughout the handshake. On the other hand, this - * function must save the contents of \p hash if the value - * is needed for later processing, because the \p hash buffer - * is no longer valid after this function returns. - * - * This function may call mbedtls_ssl_set_async_operation_data() - * to store an operation context for later retrieval - * by the resume or cancel callback. - * - * \note For RSA signatures, this function must produce output - * that is consistent with PKCS#1 v1.5 in the same way as - * mbedtls_rsa_pkcs1_sign(). Before the private key operation, - * apply the padding steps described in RFC 8017, section 9.2 - * "EMSA-PKCS1-v1_5" as follows. - * - If \p md_alg is #MBEDTLS_MD_NONE, apply the PKCS#1 v1.5 - * encoding, treating \p hash as the DigestInfo to be - * padded. In other words, apply EMSA-PKCS1-v1_5 starting - * from step 3, with `T = hash` and `tLen = hash_len`. - * - If `md_alg != MBEDTLS_MD_NONE`, apply the PKCS#1 v1.5 - * encoding, treating \p hash as the hash to be encoded and - * padded. In other words, apply EMSA-PKCS1-v1_5 starting - * from step 2, with `digestAlgorithm` obtained by calling - * mbedtls_oid_get_oid_by_md() on \p md_alg. - * - * \note For ECDSA signatures, the output format is the DER encoding - * `Ecdsa-Sig-Value` defined in - * [RFC 4492 section 5.4](https://tools.ietf.org/html/rfc4492#section-5.4). - * - * \param ssl The SSL connection instance. It should not be - * modified other than via - * mbedtls_ssl_set_async_operation_data(). - * \param cert Certificate containing the public key. - * In simple cases, this is one of the pointers passed to - * mbedtls_ssl_conf_own_cert() when configuring the SSL - * connection. However, if other callbacks are used, this - * property may not hold. For example, if an SNI callback - * is registered with mbedtls_ssl_conf_sni(), then - * this callback determines what certificate is used. - * \param md_alg Hash algorithm. - * \param hash Buffer containing the hash. This buffer is - * no longer valid when the function returns. - * \param hash_len Size of the \c hash buffer in bytes. - * - * \return 0 if the operation was started successfully and the SSL - * stack should call the resume callback immediately. - * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation - * was started successfully and the SSL stack should return - * immediately without calling the resume callback yet. - * \return #MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH if the external - * processor does not support this key. The SSL stack will - * use the private key object instead. - * \return Any other error indicates a fatal failure and is - * propagated up the call chain. The callback should - * use \c MBEDTLS_ERR_PK_xxx error codes, and must not - * use \c MBEDTLS_ERR_SSL_xxx error codes except as - * directed in the documentation of this callback. - */ -typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - mbedtls_md_type_t md_alg, - const unsigned char *hash, - size_t hash_len ); - -/** - * \brief Callback type: start external decryption operation. - * - * This callback is called during an SSL handshake to start - * an RSA decryption operation using an - * external processor. The parameter \p cert contains - * the public key; it is up to the callback function to - * determine how to access the associated private key. - * - * This function typically sends or enqueues a request, and - * does not wait for the operation to complete. This allows - * the handshake step to be non-blocking. - * - * The parameters \p ssl and \p cert are guaranteed to remain - * valid throughout the handshake. On the other hand, this - * function must save the contents of \p input if the value - * is needed for later processing, because the \p input buffer - * is no longer valid after this function returns. - * - * This function may call mbedtls_ssl_set_async_operation_data() - * to store an operation context for later retrieval - * by the resume or cancel callback. - * - * \warning RSA decryption as used in TLS is subject to a potential - * timing side channel attack first discovered by Bleichenbacher - * in 1998. This attack can be remotely exploitable - * in practice. To avoid this attack, you must ensure that - * if the callback performs an RSA decryption, the time it - * takes to execute and return the result does not depend - * on whether the RSA decryption succeeded or reported - * invalid padding. - * - * \param ssl The SSL connection instance. It should not be - * modified other than via - * mbedtls_ssl_set_async_operation_data(). - * \param cert Certificate containing the public key. - * In simple cases, this is one of the pointers passed to - * mbedtls_ssl_conf_own_cert() when configuring the SSL - * connection. However, if other callbacks are used, this - * property may not hold. For example, if an SNI callback - * is registered with mbedtls_ssl_conf_sni(), then - * this callback determines what certificate is used. - * \param input Buffer containing the input ciphertext. This buffer - * is no longer valid when the function returns. - * \param input_len Size of the \p input buffer in bytes. - * - * \return 0 if the operation was started successfully and the SSL - * stack should call the resume callback immediately. - * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation - * was started successfully and the SSL stack should return - * immediately without calling the resume callback yet. - * \return #MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH if the external - * processor does not support this key. The SSL stack will - * use the private key object instead. - * \return Any other error indicates a fatal failure and is - * propagated up the call chain. The callback should - * use \c MBEDTLS_ERR_PK_xxx error codes, and must not - * use \c MBEDTLS_ERR_SSL_xxx error codes except as - * directed in the documentation of this callback. - */ -typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - const unsigned char *input, - size_t input_len ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/** - * \brief Callback type: resume external operation. - * - * This callback is called during an SSL handshake to resume - * an external operation started by the - * ::mbedtls_ssl_async_sign_t or - * ::mbedtls_ssl_async_decrypt_t callback. - * - * This function typically checks the status of a pending - * request or causes the request queue to make progress, and - * does not wait for the operation to complete. This allows - * the handshake step to be non-blocking. - * - * This function may call mbedtls_ssl_get_async_operation_data() - * to retrieve an operation context set by the start callback. - * It may call mbedtls_ssl_set_async_operation_data() to modify - * this context. - * - * Note that when this function returns a status other than - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, it must free any - * resources associated with the operation. - * - * \param ssl The SSL connection instance. It should not be - * modified other than via - * mbedtls_ssl_set_async_operation_data(). - * \param output Buffer containing the output (signature or decrypted - * data) on success. - * \param output_len On success, number of bytes written to \p output. - * \param output_size Size of the \p output buffer in bytes. - * - * \return 0 if output of the operation is available in the - * \p output buffer. - * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation - * is still in progress. Subsequent requests for progress - * on the SSL connection will call the resume callback - * again. - * \return Any other error means that the operation is aborted. - * The SSL handshake is aborted. The callback should - * use \c MBEDTLS_ERR_PK_xxx error codes, and must not - * use \c MBEDTLS_ERR_SSL_xxx error codes except as - * directed in the documentation of this callback. - */ -typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl, - unsigned char *output, - size_t *output_len, - size_t output_size ); - -/** - * \brief Callback type: cancel external operation. - * - * This callback is called if an SSL connection is closed - * while an asynchronous operation is in progress. Note that - * this callback is not called if the - * ::mbedtls_ssl_async_resume_t callback has run and has - * returned a value other than - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, since in that case - * the asynchronous operation has already completed. - * - * This function may call mbedtls_ssl_get_async_operation_data() - * to retrieve an operation context set by the start callback. - * - * \param ssl The SSL connection instance. It should not be - * modified. - */ -typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) && \ - !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -#define MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN 48 -#if defined(MBEDTLS_SHA256_C) -#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA256 -#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 32 -#elif defined(MBEDTLS_SHA512_C) -#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA384 -#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 48 -#elif defined(MBEDTLS_SHA1_C) -#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA1 -#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 20 -#else -/* This is already checked in check_config.h, but be sure. */ -#error "Bad configuration - need SHA-1, SHA-256 or SHA-512 enabled to compute digest of peer CRT." -#endif -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED && - !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -/* - * This structure is used for storing current session data. - */ -struct mbedtls_ssl_session -{ -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t start; /*!< starting time */ -#endif - int ciphersuite; /*!< chosen ciphersuite */ - int compression; /*!< chosen compression */ - size_t id_len; /*!< session id length */ - unsigned char id[32]; /*!< session identifier */ - unsigned char master[48]; /*!< the master secret */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - /*! The digest of the peer's end-CRT. This must be kept to detect CRT - * changes during renegotiation, mitigating the triple handshake attack. */ - unsigned char *peer_cert_digest; - size_t peer_cert_digest_len; - mbedtls_md_type_t peer_cert_digest_type; -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - uint32_t verify_result; /*!< verification result */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - unsigned char *ticket; /*!< RFC 5077 session ticket */ - size_t ticket_len; /*!< session ticket length */ - uint32_t ticket_lifetime; /*!< ticket lifetime hint */ -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - int trunc_hmac; /*!< flag for truncated hmac activation */ -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - int encrypt_then_mac; /*!< flag for EtM activation */ -#endif -}; - -/** - * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. - */ -struct mbedtls_ssl_config -{ - /* Group items by size (largest first) to minimize padding overhead */ - - /* - * Pointers - */ - - const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */ - - /** Callback for printing debug output */ - void (*f_dbg)(void *, int, const char *, int, const char *); - void *p_dbg; /*!< context for the debug function */ - - /** Callback for getting (pseudo-)random numbers */ - int (*f_rng)(void *, unsigned char *, size_t); - void *p_rng; /*!< context for the RNG function */ - - /** Callback to retrieve a session from the cache */ - int (*f_get_cache)(void *, mbedtls_ssl_session *); - /** Callback to store a session into the cache */ - int (*f_set_cache)(void *, const mbedtls_ssl_session *); - void *p_cache; /*!< context for cache callbacks */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - /** Callback for setting cert according to SNI extension */ - int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); - void *p_sni; /*!< context for SNI callback */ -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /** Callback to customize X.509 certificate chain verification */ - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); - void *p_vrfy; /*!< context for X.509 verify calllback */ -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /** Callback to retrieve PSK key from identity */ - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); - void *p_psk; /*!< context for PSK callback */ -#endif - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - /** Callback to create & write a cookie for ClientHello veirifcation */ - int (*f_cookie_write)( void *, unsigned char **, unsigned char *, - const unsigned char *, size_t ); - /** Callback to verify validity of a ClientHello cookie */ - int (*f_cookie_check)( void *, const unsigned char *, size_t, - const unsigned char *, size_t ); - void *p_cookie; /*!< context for the cookie callbacks */ -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) - /** Callback to create & write a session ticket */ - int (*f_ticket_write)( void *, const mbedtls_ssl_session *, - unsigned char *, const unsigned char *, size_t *, uint32_t * ); - /** Callback to parse a session ticket into a session structure */ - int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); - void *p_ticket; /*!< context for the ticket callbacks */ -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - /** Callback to export key block and master secret */ - int (*f_export_keys)( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t ); - void *p_export_keys; /*!< context for key export callback */ -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */ - mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */ - mbedtls_x509_crt *ca_chain; /*!< trusted CAs */ - mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - mbedtls_x509_crt_ca_cb_t f_ca_cb; - void *p_ca_cb; -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_ssl_async_sign_t *f_async_sign_start; /*!< start asynchronous signature operation */ - mbedtls_ssl_async_decrypt_t *f_async_decrypt_start; /*!< start asynchronous decryption operation */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - mbedtls_ssl_async_resume_t *f_async_resume; /*!< resume asynchronous operation */ - mbedtls_ssl_async_cancel_t *f_async_cancel; /*!< cancel asynchronous operation */ - void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */ -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - const int *sig_hashes; /*!< allowed signature hashes */ -#endif - -#if defined(MBEDTLS_ECP_C) - const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */ -#endif - -#if defined(MBEDTLS_DHM_C) - mbedtls_mpi dhm_P; /*!< prime modulus for DHM */ - mbedtls_mpi dhm_G; /*!< generator for DHM */ -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t psk_opaque; /*!< PSA key slot holding opaque PSK. - * This field should only be set via - * mbedtls_ssl_conf_psk_opaque(). - * If either no PSK or a raw PSK have - * been configured, this has value \c 0. */ -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - unsigned char *psk; /*!< The raw pre-shared key. This field should - * only be set via mbedtls_ssl_conf_psk(). - * If either no PSK or an opaque PSK - * have been configured, this has value NULL. */ - size_t psk_len; /*!< The length of the raw pre-shared key. - * This field should only be set via - * mbedtls_ssl_conf_psk(). - * Its value is non-zero if and only if - * \c psk is not \c NULL. */ - - unsigned char *psk_identity; /*!< The PSK identity for PSK negotiation. - * This field should only be set via - * mbedtls_ssl_conf_psk(). - * This is set if and only if either - * \c psk or \c psk_opaque are set. */ - size_t psk_identity_len;/*!< The length of PSK identity. - * This field should only be set via - * mbedtls_ssl_conf_psk(). - * Its value is non-zero if and only if - * \c psk is not \c NULL or \c psk_opaque - * is not \c 0. */ -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_SSL_ALPN) - const char **alpn_list; /*!< ordered list of protocols */ -#endif - - /* - * Numerical settings (int then char) - */ - - uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - uint32_t hs_timeout_min; /*!< initial value of the handshake - retransmission timeout (ms) */ - uint32_t hs_timeout_max; /*!< maximum value of the handshake - retransmission timeout (ms) */ -#endif - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int renego_max_records; /*!< grace period for renegotiation */ - unsigned char renego_period[8]; /*!< value of the record counters - that triggers renegotiation */ -#endif - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - unsigned int badmac_limit; /*!< limit of records with a bad MAC */ -#endif - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) - unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ -#endif - - unsigned char max_major_ver; /*!< max. major version used */ - unsigned char max_minor_ver; /*!< max. minor version used */ - unsigned char min_major_ver; /*!< min. major version used */ - unsigned char min_minor_ver; /*!< min. minor version used */ - - /* - * Flags (bitfields) - */ - - unsigned int endpoint : 1; /*!< 0: client, 1: server */ - unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ - unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ - /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ - unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ -#if defined(MBEDTLS_ARC4_C) - unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ -#endif -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned int mfl_code : 3; /*!< desired fragment length */ -#endif -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ -#endif -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ -#endif -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - unsigned int anti_replay : 1; /*!< detect and prevent replay? */ -#endif -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ -#endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ -#endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - unsigned int session_tickets : 1; /*!< use session tickets? */ -#endif -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) - unsigned int fallback : 1; /*!< is this a fallback? */ -#endif -#if defined(MBEDTLS_SSL_SRV_C) - unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in - Certificate Request messages? */ -#endif -}; - - -struct mbedtls_ssl_context -{ - const mbedtls_ssl_config *conf; /*!< configuration information */ - - /* - * Miscellaneous - */ - int state; /*!< SSL handshake: current state */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int renego_status; /*!< Initial, in progress, pending? */ - int renego_records_seen; /*!< Records since renego request, or with DTLS, - number of retransmissions of request if - renego_max_records is < 0 */ -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ - int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - unsigned badmac_seen; /*!< records with a bad MAC received */ -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /** Callback to customize X.509 certificate chain verification */ - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); - void *p_vrfy; /*!< context for X.509 verify callback */ -#endif - - mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ - mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ - mbedtls_ssl_recv_timeout_t *f_recv_timeout; - /*!< Callback for network receive with timeout */ - - void *p_bio; /*!< context for I/O operations */ - - /* - * Session layer - */ - mbedtls_ssl_session *session_in; /*!< current session data (in) */ - mbedtls_ssl_session *session_out; /*!< current session data (out) */ - mbedtls_ssl_session *session; /*!< negotiated session data */ - mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ - - mbedtls_ssl_handshake_params *handshake; /*!< params required only during - the handshake process */ - - /* - * Record layer transformations - */ - mbedtls_ssl_transform *transform_in; /*!< current transform params (in) */ - mbedtls_ssl_transform *transform_out; /*!< current transform params (in) */ - mbedtls_ssl_transform *transform; /*!< negotiated transform params */ - mbedtls_ssl_transform *transform_negotiate; /*!< transform params in negotiation */ - - /* - * Timers - */ - void *p_timer; /*!< context for the timer callbacks */ - - mbedtls_ssl_set_timer_t *f_set_timer; /*!< set timer callback */ - mbedtls_ssl_get_timer_t *f_get_timer; /*!< get timer callback */ - - /* - * Record layer (incoming data) - */ - unsigned char *in_buf; /*!< input buffer */ - unsigned char *in_ctr; /*!< 64-bit incoming message counter - TLS: maintained by us - DTLS: read from peer */ - unsigned char *in_hdr; /*!< start of record header */ - unsigned char *in_len; /*!< two-bytes message length field */ - unsigned char *in_iv; /*!< ivlen-byte IV */ - unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ - unsigned char *in_offt; /*!< read offset in application data */ - - int in_msgtype; /*!< record header: message type */ - size_t in_msglen; /*!< record header: message length */ - size_t in_left; /*!< amount of data read so far */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - uint16_t in_epoch; /*!< DTLS epoch for incoming records */ - size_t next_record_offset; /*!< offset of the next record in datagram - (equal to in_left if none) */ -#endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - uint64_t in_window_top; /*!< last validated record seq_num */ - uint64_t in_window; /*!< bitmask for replay detection */ -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - - size_t in_hslen; /*!< current handshake message length, - including the handshake header */ - int nb_zero; /*!< # of 0-length encrypted messages */ - - int keep_current_message; /*!< drop or reuse current message - on next call to record layer? */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - uint8_t disable_datagram_packing; /*!< Disable packing multiple records - * within a single datagram. */ -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - /* - * Record layer (outgoing data) - */ - unsigned char *out_buf; /*!< output buffer */ - unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ - unsigned char *out_hdr; /*!< start of record header */ - unsigned char *out_len; /*!< two-bytes message length field */ - unsigned char *out_iv; /*!< ivlen-byte IV */ - unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ - - int out_msgtype; /*!< record header: message type */ - size_t out_msglen; /*!< record header: message length */ - size_t out_left; /*!< amount of data not yet written */ - - unsigned char cur_out_ctr[8]; /*!< Outgoing record sequence number. */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */ -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_ZLIB_SUPPORT) - unsigned char *compress_buf; /*!< zlib data buffer */ -#endif /* MBEDTLS_ZLIB_SUPPORT */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - signed char split_done; /*!< current record already splitted? */ -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - - /* - * PKI layer - */ - int client_auth; /*!< flag for client auth. */ - - /* - * User settings - */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) - char *hostname; /*!< expected peer CN for verification - (and SNI if available) */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_ALPN) - const char *alpn_chosen; /*!< negotiated protocol */ -#endif /* MBEDTLS_SSL_ALPN */ - - /* - * Information for DTLS hello verify - */ -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - unsigned char *cli_id; /*!< transport-level ID of the client */ - size_t cli_id_len; /*!< length of cli_id */ -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ - - /* - * Secure renegotiation - */ - /* needed to know when to send extension on server */ - int secure_renegotiation; /*!< does peer support legacy or - secure renegotiation */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - size_t verify_data_len; /*!< length of verify data stored */ - char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ - char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ -#endif /* MBEDTLS_SSL_RENEGOTIATION */ -}; - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - -#define MBEDTLS_SSL_CHANNEL_OUTBOUND 0 -#define MBEDTLS_SSL_CHANNEL_INBOUND 1 - -extern int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen); -extern int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction); -extern int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl); -extern int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl); -extern int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl); -extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl); -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - -/** - * \brief Return the name of the ciphersuite associated with the - * given ID - * - * \param ciphersuite_id SSL ciphersuite ID - * - * \return a string containing the ciphersuite name - */ -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); - -/** - * \brief Return the ID of the ciphersuite associated with the - * given name - * - * \param ciphersuite_name SSL ciphersuite name - * - * \return the ID with the ciphersuite or 0 if not found - */ -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); - -/** - * \brief Initialize an SSL context - * Just makes the context ready for mbedtls_ssl_setup() or - * mbedtls_ssl_free() - * - * \param ssl SSL context - */ -void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); - -/** - * \brief Set up an SSL context for use - * - * \note No copy of the configuration context is made, it can be - * shared by many mbedtls_ssl_context structures. - * - * \warning The conf structure will be accessed during the session. - * It must not be modified or freed as long as the session - * is active. - * - * \warning This function must be called exactly once per context. - * Calling mbedtls_ssl_setup again is not supported, even - * if no session is active. - * - * \param ssl SSL context - * \param conf SSL configuration to use - * - * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if - * memory allocation failed - */ -int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, - const mbedtls_ssl_config *conf ); - -/** - * \brief Reset an already initialized SSL context for re-use - * while retaining application-set variables, function - * pointers and data. - * - * \param ssl SSL context - * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED, - MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or - * MBEDTLS_ERR_SSL_COMPRESSION_FAILED - */ -int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); - -/** - * \brief Set the current endpoint type - * - * \param conf SSL configuration - * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER - */ -void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); - -/** - * \brief Set the transport type (TLS or DTLS). - * Default: TLS - * - * \note For DTLS, you must either provide a recv callback that - * doesn't block, or one that handles timeouts, see - * \c mbedtls_ssl_set_bio(). You also need to provide timer - * callbacks with \c mbedtls_ssl_set_timer_cb(). - * - * \param conf SSL configuration - * \param transport transport type: - * MBEDTLS_SSL_TRANSPORT_STREAM for TLS, - * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS. - */ -void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); - -/** - * \brief Set the certificate verification mode - * Default: NONE on server, REQUIRED on client - * - * \param conf SSL configuration - * \param authmode can be: - * - * MBEDTLS_SSL_VERIFY_NONE: peer certificate is not checked - * (default on server) - * (insecure on client) - * - * MBEDTLS_SSL_VERIFY_OPTIONAL: peer certificate is checked, however the - * handshake continues even if verification failed; - * mbedtls_ssl_get_verify_result() can be called after the - * handshake is complete. - * - * MBEDTLS_SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, - * handshake is aborted if verification failed. - * (default on client) - * - * \note On client, MBEDTLS_SSL_VERIFY_REQUIRED is the recommended mode. - * With MBEDTLS_SSL_VERIFY_OPTIONAL, the user needs to call mbedtls_ssl_get_verify_result() at - * the right time(s), which may not be obvious, while REQUIRED always perform - * the verification as soon as possible. For example, REQUIRED was protecting - * against the "triple handshake" attack even before it was found. - */ -void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Set the verification callback (Optional). - * - * If set, the provided verify callback is called for each - * certificate in the peer's CRT chain, including the trusted - * root. For more information, please see the documentation of - * \c mbedtls_x509_crt_verify(). - * - * \note For per context callbacks and contexts, please use - * mbedtls_ssl_set_verify() instead. - * - * \param conf The SSL configuration to use. - * \param f_vrfy The verification callback to use during CRT verification. - * \param p_vrfy The opaque context to be passed to the callback. - */ -void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/** - * \brief Set the random number generator callback - * - * \param conf SSL configuration - * \param f_rng RNG function - * \param p_rng RNG parameter - */ -void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Set the debug callback - * - * The callback has the following argument: - * void * opaque context for the callback - * int debug level - * const char * file name - * int line number - * const char * message - * - * \param conf SSL configuration - * \param f_dbg debug function - * \param p_dbg debug parameter - */ -void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, - void (*f_dbg)(void *, int, const char *, int, const char *), - void *p_dbg ); - -/** - * \brief Set the underlying BIO callbacks for write, read and - * read-with-timeout. - * - * \param ssl SSL context - * \param p_bio parameter (context) shared by BIO callbacks - * \param f_send write callback - * \param f_recv read callback - * \param f_recv_timeout blocking read callback with timeout. - * - * \note One of f_recv or f_recv_timeout can be NULL, in which case - * the other is used. If both are non-NULL, f_recv_timeout is - * used and f_recv is ignored (as if it were NULL). - * - * \note The two most common use cases are: - * - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL - * - blocking I/O, f_recv == NULL, f_recv_timout != NULL - * - * \note For DTLS, you need to provide either a non-NULL - * f_recv_timeout callback, or a f_recv that doesn't block. - * - * \note See the documentations of \c mbedtls_ssl_sent_t, - * \c mbedtls_ssl_recv_t and \c mbedtls_ssl_recv_timeout_t for - * the conventions those callbacks must follow. - * - * \note On some platforms, net_sockets.c provides - * \c mbedtls_net_send(), \c mbedtls_net_recv() and - * \c mbedtls_net_recv_timeout() that are suitable to be used - * here. - */ -void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, - void *p_bio, - mbedtls_ssl_send_t *f_send, - mbedtls_ssl_recv_t *f_recv, - mbedtls_ssl_recv_timeout_t *f_recv_timeout ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -/** - * \brief Set the Maximum Tranport Unit (MTU). - * Special value: 0 means unset (no limit). - * This represents the maximum size of a datagram payload - * handled by the transport layer (usually UDP) as determined - * by the network link and stack. In practice, this controls - * the maximum size datagram the DTLS layer will pass to the - * \c f_send() callback set using \c mbedtls_ssl_set_bio(). - * - * \note The limit on datagram size is converted to a limit on - * record payload by subtracting the current overhead of - * encapsulation and encryption/authentication if any. - * - * \note This can be called at any point during the connection, for - * example when a Path Maximum Transfer Unit (PMTU) - * estimate becomes available from other sources, - * such as lower (or higher) protocol layers. - * - * \note This setting only controls the size of the packets we send, - * and does not restrict the size of the datagrams we're - * willing to receive. Client-side, you can request the - * server to use smaller records with \c - * mbedtls_ssl_conf_max_frag_len(). - * - * \note If both a MTU and a maximum fragment length have been - * configured (or negotiated with the peer), the resulting - * lower limit on record payload (see first note) is used. - * - * \note This can only be used to decrease the maximum size - * of datagrams (hence records, see first note) sent. It - * cannot be used to increase the maximum size of records over - * the limit set by #MBEDTLS_SSL_OUT_CONTENT_LEN. - * - * \note Values lower than the current record layer expansion will - * result in an error when trying to send data. - * - * \note Using record compression together with a non-zero MTU value - * will result in an error when trying to send data. - * - * \param ssl SSL context - * \param mtu Value of the path MTU in bytes - */ -void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Set a connection-specific verification callback (optional). - * - * If set, the provided verify callback is called for each - * certificate in the peer's CRT chain, including the trusted - * root. For more information, please see the documentation of - * \c mbedtls_x509_crt_verify(). - * - * \note This call is analogous to mbedtls_ssl_conf_verify() but - * binds the verification callback and context to an SSL context - * as opposed to an SSL configuration. - * If mbedtls_ssl_conf_verify() and mbedtls_ssl_set_verify() - * are both used, mbedtls_ssl_set_verify() takes precedence. - * - * \param ssl The SSL context to use. - * \param f_vrfy The verification callback to use during CRT verification. - * \param p_vrfy The opaque context to be passed to the callback. - */ -void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/** - * \brief Set the timeout period for mbedtls_ssl_read() - * (Default: no timeout.) - * - * \param conf SSL configuration context - * \param timeout Timeout value in milliseconds. - * Use 0 for no timeout (default). - * - * \note With blocking I/O, this will only work if a non-NULL - * \c f_recv_timeout was set with \c mbedtls_ssl_set_bio(). - * With non-blocking I/O, this will only work if timer - * callbacks were set with \c mbedtls_ssl_set_timer_cb(). - * - * \note With non-blocking I/O, you may also skip this function - * altogether and handle timeouts at the application layer. - */ -void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); - -/** - * \brief Set the timer callbacks (Mandatory for DTLS.) - * - * \param ssl SSL context - * \param p_timer parameter (context) shared by timer callbacks - * \param f_set_timer set timer callback - * \param f_get_timer get timer callback. Must return: - * - * \note See the documentation of \c mbedtls_ssl_set_timer_t and - * \c mbedtls_ssl_get_timer_t for the conventions this pair of - * callbacks must follow. - * - * \note On some platforms, timing.c provides - * \c mbedtls_timing_set_delay() and - * \c mbedtls_timing_get_delay() that are suitable for using - * here, except if using an event-driven style. - * - * \note See also the "DTLS tutorial" article in our knowledge base. - * https://tls.mbed.org/kb/how-to/dtls-tutorial - */ -void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, - void *p_timer, - mbedtls_ssl_set_timer_t *f_set_timer, - mbedtls_ssl_get_timer_t *f_get_timer ); - -/** - * \brief Callback type: generate and write session ticket - * - * \note This describes what a callback implementation should do. - * This callback should generate an encrypted and - * authenticated ticket for the session and write it to the - * output buffer. Here, ticket means the opaque ticket part - * of the NewSessionTicket structure of RFC 5077. - * - * \param p_ticket Context for the callback - * \param session SSL session to be written in the ticket - * \param start Start of the output buffer - * \param end End of the output buffer - * \param tlen On exit, holds the length written - * \param lifetime On exit, holds the lifetime of the ticket in seconds - * - * \return 0 if successful, or - * a specific MBEDTLS_ERR_XXX code. - */ -typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, - const mbedtls_ssl_session *session, - unsigned char *start, - const unsigned char *end, - size_t *tlen, - uint32_t *lifetime ); - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) -/** - * \brief Callback type: Export key block and master secret - * - * \note This is required for certain uses of TLS, e.g. EAP-TLS - * (RFC 5216) and Thread. The key pointers are ephemeral and - * therefore must not be stored. The master secret and keys - * should not be used directly except as an input to a key - * derivation function. - * - * \param p_expkey Context for the callback - * \param ms Pointer to master secret (fixed length: 48 bytes) - * \param kb Pointer to key block, see RFC 5246 section 6.3 - * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen). - * \param maclen MAC length - * \param keylen Key length - * \param ivlen IV length - * - * \return 0 if successful, or - * a specific MBEDTLS_ERR_XXX code. - */ -typedef int mbedtls_ssl_export_keys_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen ); -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - -/** - * \brief Callback type: parse and load session ticket - * - * \note This describes what a callback implementation should do. - * This callback should parse a session ticket as generated - * by the corresponding mbedtls_ssl_ticket_write_t function, - * and, if the ticket is authentic and valid, load the - * session. - * - * \note The implementation is allowed to modify the first len - * bytes of the input buffer, eg to use it as a temporary - * area for the decrypted ticket contents. - * - * \param p_ticket Context for the callback - * \param session SSL session to be loaded - * \param buf Start of the buffer containing the ticket - * \param len Length of the ticket. - * - * \return 0 if successful, or - * MBEDTLS_ERR_SSL_INVALID_MAC if not authentic, or - * MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or - * any other non-zero code for other failures. - */ -typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, - mbedtls_ssl_session *session, - unsigned char *buf, - size_t len ); - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) -/** - * \brief Configure SSL session ticket callbacks (server only). - * (Default: none.) - * - * \note On server, session tickets are enabled by providing - * non-NULL callbacks. - * - * \note On client, use \c mbedtls_ssl_conf_session_tickets(). - * - * \param conf SSL configuration context - * \param f_ticket_write Callback for writing a ticket - * \param f_ticket_parse Callback for parsing a ticket - * \param p_ticket Context shared by the two callbacks - */ -void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_ticket_write_t *f_ticket_write, - mbedtls_ssl_ticket_parse_t *f_ticket_parse, - void *p_ticket ); -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) -/** - * \brief Configure key export callback. - * (Default: none.) - * - * \note See \c mbedtls_ssl_export_keys_t. - * - * \param conf SSL configuration context - * \param f_export_keys Callback for exporting keys - * \param p_export_keys Context for the callback - */ -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ); -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -/** - * \brief Configure asynchronous private key operation callbacks. - * - * \param conf SSL configuration context - * \param f_async_sign Callback to start a signature operation. See - * the description of ::mbedtls_ssl_async_sign_t - * for more information. This may be \c NULL if the - * external processor does not support any signature - * operation; in this case the private key object - * associated with the certificate will be used. - * \param f_async_decrypt Callback to start a decryption operation. See - * the description of ::mbedtls_ssl_async_decrypt_t - * for more information. This may be \c NULL if the - * external processor does not support any decryption - * operation; in this case the private key object - * associated with the certificate will be used. - * \param f_async_resume Callback to resume an asynchronous operation. See - * the description of ::mbedtls_ssl_async_resume_t - * for more information. This may not be \c NULL unless - * \p f_async_sign and \p f_async_decrypt are both - * \c NULL. - * \param f_async_cancel Callback to cancel an asynchronous operation. See - * the description of ::mbedtls_ssl_async_cancel_t - * for more information. This may be \c NULL if - * no cleanup is needed. - * \param config_data A pointer to configuration data which can be - * retrieved with - * mbedtls_ssl_conf_get_async_config_data(). The - * library stores this value without dereferencing it. - */ -void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_async_sign_t *f_async_sign, - mbedtls_ssl_async_decrypt_t *f_async_decrypt, - mbedtls_ssl_async_resume_t *f_async_resume, - mbedtls_ssl_async_cancel_t *f_async_cancel, - void *config_data ); - -/** - * \brief Retrieve the configuration data set by - * mbedtls_ssl_conf_async_private_cb(). - * - * \param conf SSL configuration context - * \return The configuration data set by - * mbedtls_ssl_conf_async_private_cb(). - */ -void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ); - -/** - * \brief Retrieve the asynchronous operation user context. - * - * \note This function may only be called while a handshake - * is in progress. - * - * \param ssl The SSL context to access. - * - * \return The asynchronous operation user context that was last - * set during the current handshake. If - * mbedtls_ssl_set_async_operation_data() has not yet been - * called during the current handshake, this function returns - * \c NULL. - */ -void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ); - -/** - * \brief Retrieve the asynchronous operation user context. - * - * \note This function may only be called while a handshake - * is in progress. - * - * \param ssl The SSL context to access. - * \param ctx The new value of the asynchronous operation user context. - * Call mbedtls_ssl_get_async_operation_data() later during the - * same handshake to retrieve this value. - */ -void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, - void *ctx ); -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -/** - * \brief Callback type: generate a cookie - * - * \param ctx Context for the callback - * \param p Buffer to write to, - * must be updated to point right after the cookie - * \param end Pointer to one past the end of the output buffer - * \param info Client ID info that was passed to - * \c mbedtls_ssl_set_client_transport_id() - * \param ilen Length of info in bytes - * - * \return The callback must return 0 on success, - * or a negative error code. - */ -typedef int mbedtls_ssl_cookie_write_t( void *ctx, - unsigned char **p, unsigned char *end, - const unsigned char *info, size_t ilen ); - -/** - * \brief Callback type: verify a cookie - * - * \param ctx Context for the callback - * \param cookie Cookie to verify - * \param clen Length of cookie - * \param info Client ID info that was passed to - * \c mbedtls_ssl_set_client_transport_id() - * \param ilen Length of info in bytes - * - * \return The callback must return 0 if cookie is valid, - * or a negative error code. - */ -typedef int mbedtls_ssl_cookie_check_t( void *ctx, - const unsigned char *cookie, size_t clen, - const unsigned char *info, size_t ilen ); - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) -/** - * \brief Register callbacks for DTLS cookies - * (Server only. DTLS only.) - * - * Default: dummy callbacks that fail, in order to force you to - * register working callbacks (and initialize their context). - * - * To disable HelloVerifyRequest, register NULL callbacks. - * - * \warning Disabling hello verification allows your server to be used - * for amplification in DoS attacks against other hosts. - * Only disable if you known this can't happen in your - * particular environment. - * - * \note See comments on \c mbedtls_ssl_handshake() about handling - * the MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED that is expected - * on the first handshake attempt when this is enabled. - * - * \note This is also necessary to handle client reconnection from - * the same port as described in RFC 6347 section 4.2.8 (only - * the variant with cookies is supported currently). See - * comments on \c mbedtls_ssl_read() for details. - * - * \param conf SSL configuration - * \param f_cookie_write Cookie write callback - * \param f_cookie_check Cookie check callback - * \param p_cookie Context for both callbacks - */ -void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie ); - -/** - * \brief Set client's transport-level identification info. - * (Server only. DTLS only.) - * - * This is usually the IP address (and port), but could be - * anything identify the client depending on the underlying - * network stack. Used for HelloVerifyRequest with DTLS. - * This is *not* used to route the actual packets. - * - * \param ssl SSL context - * \param info Transport-level info identifying the client (eg IP + port) - * \param ilen Length of info in bytes - * - * \note An internal copy is made, so the info buffer can be reused. - * - * \return 0 on success, - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client, - * MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory. - */ -int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, - const unsigned char *info, - size_t ilen ); - -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -/** - * \brief Enable or disable anti-replay protection for DTLS. - * (DTLS only, no effect on TLS.) - * Default: enabled. - * - * \param conf SSL configuration - * \param mode MBEDTLS_SSL_ANTI_REPLAY_ENABLED or MBEDTLS_SSL_ANTI_REPLAY_DISABLED. - * - * \warning Disabling this is a security risk unless the application - * protocol handles duplicated packets in a safe way. You - * should not disable this without careful consideration. - * However, if your application already detects duplicated - * packets and needs information about them to adjust its - * transmission strategy, then you'll want to disable this. - */ -void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) -/** - * \brief Set a limit on the number of records with a bad MAC - * before terminating the connection. - * (DTLS only, no effect on TLS.) - * Default: 0 (disabled). - * - * \param conf SSL configuration - * \param limit Limit, or 0 to disable. - * - * \note If the limit is N, then the connection is terminated when - * the Nth non-authentic record is seen. - * - * \note Records with an invalid header are not counted, only the - * ones going through the authentication-decryption phase. - * - * \note This is a security trade-off related to the fact that it's - * often relatively easy for an active attacker ot inject UDP - * datagrams. On one hand, setting a low limit here makes it - * easier for such an attacker to forcibly terminated a - * connection. On the other hand, a high limit or no limit - * might make us waste resources checking authentication on - * many bogus packets. - */ -void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - -/** - * \brief Allow or disallow packing of multiple handshake records - * within a single datagram. - * - * \param ssl The SSL context to configure. - * \param allow_packing This determines whether datagram packing may - * be used or not. A value of \c 0 means that every - * record will be sent in a separate datagram; a - * value of \c 1 means that, if space permits, - * multiple handshake messages (including CCS) belonging to - * a single flight may be packed within a single datagram. - * - * \note This is enabled by default and should only be disabled - * for test purposes, or if datagram packing causes - * interoperability issues with peers that don't support it. - * - * \note Allowing datagram packing reduces the network load since - * there's less overhead if multiple messages share the same - * datagram. Also, it increases the handshake efficiency - * since messages belonging to a single datagram will not - * be reordered in transit, and so future message buffering - * or flight retransmission (if no buffering is used) as - * means to deal with reordering are needed less frequently. - * - * \note Application records are not affected by this option and - * are currently always sent in separate datagrams. - * - */ -void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, - unsigned allow_packing ); - -/** - * \brief Set retransmit timeout values for the DTLS handshake. - * (DTLS only, no effect on TLS.) - * - * \param conf SSL configuration - * \param min Initial timeout value in milliseconds. - * Default: 1000 (1 second). - * \param max Maximum timeout value in milliseconds. - * Default: 60000 (60 seconds). - * - * \note Default values are from RFC 6347 section 4.2.4.1. - * - * \note The 'min' value should typically be slightly above the - * expected round-trip time to your peer, plus whatever time - * it takes for the peer to process the message. For example, - * if your RTT is about 600ms and you peer needs up to 1s to - * do the cryptographic operations in the handshake, then you - * should set 'min' slightly above 1600. Lower values of 'min' - * might cause spurious resends which waste network resources, - * while larger value of 'min' will increase overall latency - * on unreliable network links. - * - * \note The more unreliable your network connection is, the larger - * your max / min ratio needs to be in order to achieve - * reliable handshakes. - * - * \note Messages are retransmitted up to log2(ceil(max/min)) times. - * For example, if min = 1s and max = 5s, the retransmit plan - * goes: send ... 1s -> resend ... 2s -> resend ... 4s -> - * resend ... 5s -> give up and return a timeout error. - */ -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ); -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_SRV_C) -/** - * \brief Set the session cache callbacks (server-side only) - * If not set, no session resuming is done (except if session - * tickets are enabled too). - * - * The session cache has the responsibility to check for stale - * entries based on timeout. See RFC 5246 for recommendations. - * - * Warning: session.peer_cert is cleared by the SSL/TLS layer on - * connection shutdown, so do not cache the pointer! Either set - * it to NULL or make a full copy of the certificate. - * - * The get callback is called once during the initial handshake - * to enable session resuming. The get function has the - * following parameters: (void *parameter, mbedtls_ssl_session *session) - * If a valid entry is found, it should fill the master of - * the session object with the cached values and return 0, - * return 1 otherwise. Optionally peer_cert can be set as well - * if it is properly present in cache entry. - * - * The set callback is called once during the initial handshake - * to enable session resuming after the entire handshake has - * been finished. The set function has the following parameters: - * (void *parameter, const mbedtls_ssl_session *session). The function - * should create a cache entry for future retrieval based on - * the data in the session structure and should keep in mind - * that the mbedtls_ssl_session object presented (and all its referenced - * data) is cleared by the SSL/TLS layer when the connection is - * terminated. It is recommended to add metadata to determine if - * an entry is still valid in the future. Return 0 if - * successfully cached, return 1 otherwise. - * - * \param conf SSL configuration - * \param p_cache parmater (context) for both callbacks - * \param f_get_cache session get callback - * \param f_set_cache session set callback - */ -void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_CLI_C) -/** - * \brief Request resumption of session (client-side only) - * Session data is copied from presented session structure. - * - * \param ssl SSL context - * \param session session context - * - * \return 0 if successful, - * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or - * arguments are otherwise invalid - * - * \sa mbedtls_ssl_get_session() - */ -int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); -#endif /* MBEDTLS_SSL_CLI_C */ - -/** - * \brief Set the list of allowed ciphersuites and the preference - * order. First in the list has the highest preference. - * (Overrides all version-specific lists) - * - * The ciphersuites array is not copied, and must remain - * valid for the lifetime of the ssl_config. - * - * Note: The server uses its own preferences - * over the preference of the client unless - * MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! - * - * \param conf SSL configuration - * \param ciphersuites 0-terminated list of allowed ciphersuites - */ -void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ); - -/** - * \brief Set the list of allowed ciphersuites and the - * preference order for a specific version of the protocol. - * (Only useful on the server side) - * - * The ciphersuites array is not copied, and must remain - * valid for the lifetime of the ssl_config. - * - * \param conf SSL configuration - * \param ciphersuites 0-terminated list of allowed ciphersuites - * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 - * supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, - * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) - * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 - * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 - */ -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Set the X.509 security profile used for verification - * - * \note The restrictions are enforced for all certificates in the - * chain. However, signatures in the handshake are not covered - * by this setting but by \b mbedtls_ssl_conf_sig_hashes(). - * - * \param conf SSL configuration - * \param profile Profile to use - */ -void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, - const mbedtls_x509_crt_profile *profile ); - -/** - * \brief Set the data required to verify peer certificate - * - * \note See \c mbedtls_x509_crt_verify() for notes regarding the - * parameters ca_chain (maps to trust_ca for that function) - * and ca_crl. - * - * \param conf SSL configuration - * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) - * \param ca_crl trusted CA CRLs - */ -void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ); - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -/** - * \brief Set the trusted certificate callback. - * - * This API allows to register the set of trusted certificates - * through a callback, instead of a linked list as configured - * by mbedtls_ssl_conf_ca_chain(). - * - * This is useful for example in contexts where a large number - * of CAs are used, and the inefficiency of maintaining them - * in a linked list cannot be tolerated. It is also useful when - * the set of trusted CAs needs to be modified frequently. - * - * See the documentation of `mbedtls_x509_crt_ca_cb_t` for - * more information. - * - * \param conf The SSL configuration to register the callback with. - * \param f_ca_cb The trusted certificate callback to use when verifying - * certificate chains. - * \param p_ca_cb The context to be passed to \p f_ca_cb (for example, - * a reference to a trusted CA database). - * - * \note This API is incompatible with mbedtls_ssl_conf_ca_chain(): - * Any call to this function overwrites the values set through - * earlier calls to mbedtls_ssl_conf_ca_chain() or - * mbedtls_ssl_conf_ca_cb(). - * - * \note This API is incompatible with CA indication in - * CertificateRequest messages: A server-side SSL context which - * is bound to an SSL configuration that uses a CA callback - * configured via mbedtls_ssl_conf_ca_cb(), and which requires - * client authentication, will send an empty CA list in the - * corresponding CertificateRequest message. - * - * \note This API is incompatible with mbedtls_ssl_set_hs_ca_chain(): - * If an SSL context is bound to an SSL configuration which uses - * CA callbacks configured via mbedtls_ssl_conf_ca_cb(), then - * calls to mbedtls_ssl_set_hs_ca_chain() have no effect. - * - * \note The use of this API disables the use of restartable ECC - * during X.509 CRT signature verification (but doesn't affect - * other uses). - * - * \warning This API is incompatible with the use of CRLs. Any call to - * mbedtls_ssl_conf_ca_cb() unsets CRLs configured through - * earlier calls to mbedtls_ssl_conf_ca_chain(). - * - * \warning In multi-threaded environments, the callback \p f_ca_cb - * must be thread-safe, and it is the user's responsibility - * to guarantee this (for example through a mutex - * contained in the callback context pointed to by \p p_ca_cb). - */ -void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb ); -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -/** - * \brief Set own certificate chain and private key - * - * \note own_cert should contain in order from the bottom up your - * certificate chain. The top certificate (self-signed) - * can be omitted. - * - * \note On server, this function can be called multiple times to - * provision more than one cert/key pair (eg one ECDSA, one - * RSA with SHA-256, one RSA with SHA-1). An adequate - * certificate will be selected according to the client's - * advertised capabilities. In case multiple certificates are - * adequate, preference is given to the one set by the first - * call to this function, then second, etc. - * - * \note On client, only the first call has any effect. That is, - * only one client certificate can be provisioned. The - * server's preferences in its CertficateRequest message will - * be ignored and our only cert will be sent regardless of - * whether it matches those preferences - the server can then - * decide what it wants to do with it. - * - * \note The provided \p pk_key needs to match the public key in the - * first certificate in \p own_cert, or all handshakes using - * that certificate will fail. It is your responsibility - * to ensure that; this function will not perform any check. - * You may use mbedtls_pk_check_pair() in order to perform - * this check yourself, but be aware that this function can - * be computationally expensive on some key types. - * - * \param conf SSL configuration - * \param own_cert own public certificate chain - * \param pk_key own private key - * - * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED - */ -int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -/** - * \brief Configure a pre-shared key (PSK) and identity - * to be used in PSK-based ciphersuites. - * - * \note This is mainly useful for clients. Servers will usually - * want to use \c mbedtls_ssl_conf_psk_cb() instead. - * - * \warning Currently, clients can only register a single pre-shared key. - * Calling this function or mbedtls_ssl_conf_psk_opaque() more - * than once will overwrite values configured in previous calls. - * Support for setting multiple PSKs on clients and selecting - * one based on the identity hint is not a planned feature, - * but feedback is welcomed. - * - * \param conf The SSL configuration to register the PSK with. - * \param psk The pointer to the pre-shared key to use. - * \param psk_len The length of the pre-shared key in bytes. - * \param psk_identity The pointer to the pre-shared key identity. - * \param psk_identity_len The length of the pre-shared key identity - * in bytes. - * - * \note The PSK and its identity are copied internally and - * hence need not be preserved by the caller for the lifetime - * of the SSL configuration. - * - * \return \c 0 if successful. - * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. - */ -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -/** - * \brief Configure an opaque pre-shared key (PSK) and identity - * to be used in PSK-based ciphersuites. - * - * \note This is mainly useful for clients. Servers will usually - * want to use \c mbedtls_ssl_conf_psk_cb() instead. - * - * \warning Currently, clients can only register a single pre-shared key. - * Calling this function or mbedtls_ssl_conf_psk() more than - * once will overwrite values configured in previous calls. - * Support for setting multiple PSKs on clients and selecting - * one based on the identity hint is not a planned feature, - * but feedback is welcomed. - * - * \param conf The SSL configuration to register the PSK with. - * \param psk The identifier of the key slot holding the PSK. - * Until \p conf is destroyed or this function is successfully - * called again, the key slot \p psk must be populated with a - * key of type PSA_ALG_CATEGORY_KEY_DERIVATION whose policy - * allows its use for the key derivation algorithm applied - * in the handshake. - * \param psk_identity The pointer to the pre-shared key identity. - * \param psk_identity_len The length of the pre-shared key identity - * in bytes. - * - * \note The PSK identity hint is copied internally and hence need - * not be preserved by the caller for the lifetime of the - * SSL configuration. - * - * \return \c 0 if successful. - * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. - */ -int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_handle_t psk, - const unsigned char *psk_identity, - size_t psk_identity_len ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -/** - * \brief Set the pre-shared Key (PSK) for the current handshake. - * - * \note This should only be called inside the PSK callback, - * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb(). - * - * \param ssl The SSL context to configure a PSK for. - * \param psk The pointer to the pre-shared key. - * \param psk_len The length of the pre-shared key in bytes. - * - * \return \c 0 if successful. - * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. - */ -int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, - const unsigned char *psk, size_t psk_len ); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -/** - * \brief Set an opaque pre-shared Key (PSK) for the current handshake. - * - * \note This should only be called inside the PSK callback, - * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb(). - * - * \param ssl The SSL context to configure a PSK for. - * \param psk The identifier of the key slot holding the PSK. - * For the duration of the current handshake, the key slot - * must be populated with a key of type - * PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its - * use for the key derivation algorithm - * applied in the handshake. - * - * \return \c 0 if successful. - * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. - */ -int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_handle_t psk ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -/** - * \brief Set the PSK callback (server-side only). - * - * If set, the PSK callback is called for each - * handshake where a PSK-based ciphersuite was negotiated. - * The caller provides the identity received and wants to - * receive the actual PSK data and length. - * - * The callback has the following parameters: - * - \c void*: The opaque pointer \p p_psk. - * - \c mbedtls_ssl_context*: The SSL context to which - * the operation applies. - * - \c const unsigned char*: The PSK identity - * selected by the client. - * - \c size_t: The length of the PSK identity - * selected by the client. - * - * If a valid PSK identity is found, the callback should use - * \c mbedtls_ssl_set_hs_psk() or - * \c mbedtls_ssl_set_hs_psk_opaque() - * on the SSL context to set the correct PSK and return \c 0. - * Any other return value will result in a denied PSK identity. - * - * \note If you set a PSK callback using this function, then you - * don't need to set a PSK key and identity using - * \c mbedtls_ssl_conf_psk(). - * - * \param conf The SSL configuration to register the callback with. - * \param f_psk The callback for selecting and setting the PSK based - * in the PSK identity chosen by the client. - * \param p_psk A pointer to an opaque structure to be passed to - * the callback, for example a PSK store. - */ -void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_psk ); -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read as hexadecimal strings (server-side only) - * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]) - * - * \param conf SSL configuration - * \param dhm_P Diffie-Hellman-Merkle modulus - * \param dhm_G Diffie-Hellman-Merkle generator - * - * \deprecated Superseded by \c mbedtls_ssl_conf_dh_param_bin. - * - * \return 0 if successful - */ -MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, - const char *dhm_P, - const char *dhm_G ); - -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - -/** - * \brief Set the Diffie-Hellman public P and G values - * from big-endian binary presentations. - * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN) - * - * \param conf SSL configuration - * \param dhm_P Diffie-Hellman-Merkle modulus in big-endian binary form - * \param P_len Length of DHM modulus - * \param dhm_G Diffie-Hellman-Merkle generator in big-endian binary form - * \param G_len Length of DHM generator - * - * \return 0 if successful - */ -int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, - const unsigned char *dhm_P, size_t P_len, - const unsigned char *dhm_G, size_t G_len ); - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read from existing context (server-side only) - * - * \param conf SSL configuration - * \param dhm_ctx Diffie-Hellman-Merkle context - * - * \return 0 if successful - */ -int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ); -#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */ - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) -/** - * \brief Set the minimum length for Diffie-Hellman parameters. - * (Client-side only.) - * (Default: 1024 bits.) - * - * \param conf SSL configuration - * \param bitlen Minimum bit length of the DHM prime - */ -void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, - unsigned int bitlen ); -#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_ECP_C) -/** - * \brief Set the allowed curves in order of preference. - * (Default: all defined curves.) - * - * On server: this only affects selection of the ECDHE curve; - * the curves used for ECDH and ECDSA are determined by the - * list of available certificates instead. - * - * On client: this affects the list of curves offered for any - * use. The server can override our preference order. - * - * Both sides: limits the set of curves accepted for use in - * ECDHE and in the peer's end-entity certificate. - * - * \note This has no influence on which curves are allowed inside the - * certificate chains, see \c mbedtls_ssl_conf_cert_profile() - * for that. For the end-entity certificate however, the key - * will be accepted only if it is allowed both by this list - * and by the cert profile. - * - * \note This list should be ordered by decreasing preference - * (preferred curve first). - * - * \param conf SSL configuration - * \param curves Ordered list of allowed curves, - * terminated by MBEDTLS_ECP_DP_NONE. - */ -void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, - const mbedtls_ecp_group_id *curves ); -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -/** - * \brief Set the allowed hashes for signatures during the handshake. - * (Default: all available hashes except MD5.) - * - * \note This only affects which hashes are offered and can be used - * for signatures during the handshake. Hashes for message - * authentication and the TLS PRF are controlled by the - * ciphersuite, see \c mbedtls_ssl_conf_ciphersuites(). Hashes - * used for certificate signature are controlled by the - * verification profile, see \c mbedtls_ssl_conf_cert_profile(). - * - * \note This list should be ordered by decreasing preference - * (preferred hash first). - * - * \param conf SSL configuration - * \param hashes Ordered list of allowed signature hashes, - * terminated by \c MBEDTLS_MD_NONE. - */ -void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, - const int *hashes ); -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Set or reset the hostname to check against the received - * server certificate. It sets the ServerName TLS extension, - * too, if that extension is enabled. (client-side only) - * - * \param ssl SSL context - * \param hostname the server hostname, may be NULL to clear hostname - - * \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN. - * - * \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on - * allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on - * too long input hostname. - * - * Hostname set to the one provided on success (cleared - * when NULL). On allocation failure hostname is cleared. - * On too long input failure, old hostname is unchanged. - */ -int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -/** - * \brief Set own certificate and key for the current handshake - * - * \note Same as \c mbedtls_ssl_conf_own_cert() but for use within - * the SNI callback. - * - * \param ssl SSL context - * \param own_cert own public certificate chain - * \param pk_key own private key - * - * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED - */ -int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ); - -/** - * \brief Set the data required to verify peer certificate for the - * current handshake - * - * \note Same as \c mbedtls_ssl_conf_ca_chain() but for use within - * the SNI callback. - * - * \param ssl SSL context - * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) - * \param ca_crl trusted CA CRLs - */ -void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ); - -/** - * \brief Set authmode for the current handshake. - * - * \note Same as \c mbedtls_ssl_conf_authmode() but for use within - * the SNI callback. - * - * \param ssl SSL context - * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or - * MBEDTLS_SSL_VERIFY_REQUIRED - */ -void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, - int authmode ); - -/** - * \brief Set server side ServerName TLS extension callback - * (optional, server-side only). - * - * If set, the ServerName callback is called whenever the - * server receives a ServerName TLS extension from the client - * during a handshake. The ServerName callback has the - * following parameters: (void *parameter, mbedtls_ssl_context *ssl, - * const unsigned char *hostname, size_t len). If a suitable - * certificate is found, the callback must set the - * certificate(s) and key(s) to use with \c - * mbedtls_ssl_set_hs_own_cert() (can be called repeatedly), - * and may optionally adjust the CA and associated CRL with \c - * mbedtls_ssl_set_hs_ca_chain() as well as the client - * authentication mode with \c mbedtls_ssl_set_hs_authmode(), - * then must return 0. If no matching name is found, the - * callback must either set a default cert, or - * return non-zero to abort the handshake at this point. - * - * \param conf SSL configuration - * \param f_sni verification function - * \param p_sni verification parameter - */ -void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, - int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_sni ); -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -/** - * \brief Set the EC J-PAKE password for current handshake. - * - * \note An internal copy is made, and destroyed as soon as the - * handshake is completed, or when the SSL context is reset or - * freed. - * - * \note The SSL context needs to be already set up. The right place - * to call this function is between \c mbedtls_ssl_setup() or - * \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake(). - * - * \param ssl SSL context - * \param pw EC J-PAKE password (pre-shared secret) - * \param pw_len length of pw in bytes - * - * \return 0 on success, or a negative error code. - */ -int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, - const unsigned char *pw, - size_t pw_len ); -#endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_ALPN) -/** - * \brief Set the supported Application Layer Protocols. - * - * \param conf SSL configuration - * \param protos Pointer to a NULL-terminated list of supported protocols, - * in decreasing preference order. The pointer to the list is - * recorded by the library for later reference as required, so - * the lifetime of the table must be atleast as long as the - * lifetime of the SSL configuration structure. - * - * \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA. - */ -int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ); - -/** - * \brief Get the name of the negotiated Application Layer Protocol. - * This function should be called after the handshake is - * completed. - * - * \param ssl SSL context - * - * \return Protcol name, or NULL if no protocol was negotiated. - */ -const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_ALPN */ - -/** - * \brief Set the maximum supported version sent from the client side - * and/or accepted at the server side - * (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION) - * - * \note This ignores ciphersuites from higher versions. - * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and - * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 - * - * \param conf SSL configuration - * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, - * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) - */ -void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); - -/** - * \brief Set the minimum accepted SSL/TLS protocol version - * (Default: TLS 1.0) - * - * \note Input outside of the SSL_MAX_XXXXX_VERSION and - * SSL_MIN_XXXXX_VERSION range is ignored. - * - * \note MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided. - * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and - * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 - * - * \param conf SSL configuration - * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, - * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) - */ -void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) -/** - * \brief Set the fallback flag (client-side only). - * (Default: MBEDTLS_SSL_IS_NOT_FALLBACK). - * - * \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback - * connection, that is a connection with max_version set to a - * lower value than the value you're willing to use. Such - * fallback connections are not recommended but are sometimes - * necessary to interoperate with buggy (version-intolerant) - * servers. - * - * \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for - * non-fallback connections! This would appear to work for a - * while, then cause failures when the server is upgraded to - * support a newer TLS version. - * - * \param conf SSL configuration - * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK - */ -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); -#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -/** - * \brief Enable or disable Encrypt-then-MAC - * (Default: MBEDTLS_SSL_ETM_ENABLED) - * - * \note This should always be enabled, it is a security - * improvement, and should not cause any interoperability - * issue (used only if the peer supports it too). - * - * \param conf SSL configuration - * \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED - */ -void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -/** - * \brief Enable or disable Extended Master Secret negotiation. - * (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED) - * - * \note This should always be enabled, it is a security fix to the - * protocol, and should not cause any interoperability issue - * (used only if the peer supports it too). - * - * \param conf SSL configuration - * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED - */ -void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_ARC4_C) -/** - * \brief Disable or enable support for RC4 - * (Default: MBEDTLS_SSL_ARC4_DISABLED) - * - * \warning Use of RC4 in DTLS/TLS has been prohibited by RFC 7465 - * for security reasons. Use at your own risk. - * - * \note This function is deprecated and will likely be removed in - * a future version of the library. - * RC4 is disabled by default at compile time and needs to be - * actively enabled for use with legacy systems. - * - * \param conf SSL configuration - * \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED - */ -void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_SSL_SRV_C) -/** - * \brief Whether to send a list of acceptable CAs in - * CertificateRequest messages. - * (Default: do send) - * - * \param conf SSL configuration - * \param cert_req_ca_list MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or - * MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED - */ -void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, - char cert_req_ca_list ); -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -/** - * \brief Set the maximum fragment length to emit and/or negotiate - * (Default: the smaller of MBEDTLS_SSL_IN_CONTENT_LEN and - * MBEDTLS_SSL_OUT_CONTENT_LEN, usually 2^14 bytes) - * (Server: set maximum fragment length to emit, - * usually negotiated by the client during handshake - * (Client: set maximum fragment length to emit *and* - * negotiate with the server during handshake) - * - * \note With TLS, this currently only affects ApplicationData (sent - * with \c mbedtls_ssl_read()), not handshake messages. - * With DTLS, this affects both ApplicationData and handshake. - * - * \note This sets the maximum length for a record's payload, - * excluding record overhead that will be added to it, see - * \c mbedtls_ssl_get_record_expansion(). - * - * \note For DTLS, it is also possible to set a limit for the total - * size of daragrams passed to the transport layer, including - * record overhead, see \c mbedtls_ssl_set_mtu(). - * - * \param conf SSL configuration - * \param mfl_code Code for maximum fragment length (allowed values: - * MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024, - * MBEDTLS_SSL_MAX_FRAG_LEN_2048, MBEDTLS_SSL_MAX_FRAG_LEN_4096) - * - * \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA - */ -int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -/** - * \brief Activate negotiation of truncated HMAC - * (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED) - * - * \param conf SSL configuration - * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or - * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) - */ -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -/** - * \brief Enable / Disable 1/n-1 record splitting - * (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED) - * - * \note Only affects SSLv3 and TLS 1.0, not higher versions. - * Does not affect non-CBC ciphersuites in any version. - * - * \param conf SSL configuration - * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or - * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED - */ -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) -/** - * \brief Enable / Disable session tickets (client only). - * (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.) - * - * \note On server, use \c mbedtls_ssl_conf_session_tickets_cb(). - * - * \param conf SSL configuration - * \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or - * MBEDTLS_SSL_SESSION_TICKETS_DISABLED) - */ -void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ); -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -/** - * \brief Enable / Disable renegotiation support for connection when - * initiated by peer - * (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) - * - * \warning It is recommended to always disable renegotation unless you - * know you need it and you know what you're doing. In the - * past, there have been several issues associated with - * renegotiation or a poor understanding of its properties. - * - * \note Server-side, enabling renegotiation also makes the server - * susceptible to a resource DoS by a malicious client. - * - * \param conf SSL configuration - * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or - * MBEDTLS_SSL_RENEGOTIATION_DISABLED) - */ -void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ); -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -/** - * \brief Prevent or allow legacy renegotiation. - * (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) - * - * MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION allows connections to - * be established even if the peer does not support - * secure renegotiation, but does not allow renegotiation - * to take place if not secure. - * (Interoperable and secure option) - * - * MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations - * with non-upgraded peers. Allowing legacy renegotiation - * makes the connection vulnerable to specific man in the - * middle attacks. (See RFC 5746) - * (Most interoperable and least secure option) - * - * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE breaks off connections - * if peer does not support secure renegotiation. Results - * in interoperability issues with non-upgraded peers - * that do not support renegotiation altogether. - * (Most secure option, interoperability issues) - * - * \param conf SSL configuration - * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, - * SSL_ALLOW_LEGACY_RENEGOTIATION or - * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) - */ -void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -/** - * \brief Enforce renegotiation requests. - * (Default: enforced, max_records = 16) - * - * When we request a renegotiation, the peer can comply or - * ignore the request. This function allows us to decide - * whether to enforce our renegotiation requests by closing - * the connection if the peer doesn't comply. - * - * However, records could already be in transit from the peer - * when the request is emitted. In order to increase - * reliability, we can accept a number of records before the - * expected handshake records. - * - * The optimal value is highly dependent on the specific usage - * scenario. - * - * \note With DTLS and server-initiated renegotiation, the - * HelloRequest is retransmited every time mbedtls_ssl_read() times - * out or receives Application Data, until: - * - max_records records have beens seen, if it is >= 0, or - * - the number of retransmits that would happen during an - * actual handshake has been reached. - * Please remember the request might be lost a few times - * if you consider setting max_records to a really low value. - * - * \warning On client, the grace period can only happen during - * mbedtls_ssl_read(), as opposed to mbedtls_ssl_write() and mbedtls_ssl_renegotiate() - * which always behave as if max_record was 0. The reason is, - * if we receive application data from the server, we need a - * place to write it, which only happens during mbedtls_ssl_read(). - * - * \param conf SSL configuration - * \param max_records Use MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to - * enforce renegotiation, or a non-negative value to enforce - * it but allow for a grace period of max_records records. - */ -void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ); - -/** - * \brief Set record counter threshold for periodic renegotiation. - * (Default: 2^48 - 1) - * - * Renegotiation is automatically triggered when a record - * counter (outgoing or ingoing) crosses the defined - * threshold. The default value is meant to prevent the - * connection from being closed when the counter is about to - * reached its maximal value (it is not allowed to wrap). - * - * Lower values can be used to enforce policies such as "keys - * must be refreshed every N packets with cipher X". - * - * The renegotiation period can be disabled by setting - * conf->disable_renegotiation to - * MBEDTLS_SSL_RENEGOTIATION_DISABLED. - * - * \note When the configured transport is - * MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation - * period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM, - * the maximum renegotiation period is 2^64 - 1. - * - * \param conf SSL configuration - * \param period The threshold value: a big-endian 64-bit number. - */ -void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, - const unsigned char period[8] ); -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -/** - * \brief Check if there is data already read from the - * underlying transport but not yet processed. - * - * \param ssl SSL context - * - * \return 0 if nothing's pending, 1 otherwise. - * - * \note This is different in purpose and behaviour from - * \c mbedtls_ssl_get_bytes_avail in that it considers - * any kind of unprocessed data, not only unread - * application data. If \c mbedtls_ssl_get_bytes - * returns a non-zero value, this function will - * also signal pending data, but the converse does - * not hold. For example, in DTLS there might be - * further records waiting to be processed from - * the current underlying transport's datagram. - * - * \note If this function returns 1 (data pending), this - * does not imply that a subsequent call to - * \c mbedtls_ssl_read will provide any data; - * e.g., the unprocessed data might turn out - * to be an alert or a handshake message. - * - * \note This function is useful in the following situation: - * If the SSL/TLS module successfully returns from an - * operation - e.g. a handshake or an application record - * read - and you're awaiting incoming data next, you - * must not immediately idle on the underlying transport - * to have data ready, but you need to check the value - * of this function first. The reason is that the desired - * data might already be read but not yet processed. - * If, in contrast, a previous call to the SSL/TLS module - * returned MBEDTLS_ERR_SSL_WANT_READ, it is not necessary - * to call this function, as the latter error code entails - * that all internal data has been processed. - * - */ -int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ); - -/** - * \brief Return the number of application data bytes - * remaining to be read from the current record. - * - * \param ssl SSL context - * - * \return How many bytes are available in the application - * data record read buffer. - * - * \note When working over a datagram transport, this is - * useful to detect the current datagram's boundary - * in case \c mbedtls_ssl_read has written the maximal - * amount of data fitting into the input buffer. - * - */ -size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); - -/** - * \brief Return the result of the certificate verification - * - * \param ssl The SSL context to use. - * - * \return \c 0 if the certificate verification was successful. - * \return \c -1u if the result is not available. This may happen - * e.g. if the handshake aborts early, or a verification - * callback returned a fatal error. - * \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX - * and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h. - */ -uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); - -/** - * \brief Return the name of the current ciphersuite - * - * \param ssl SSL context - * - * \return a string containing the ciphersuite name - */ -const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); - -/** - * \brief Return the current SSL version (SSLv3/TLSv1/etc) - * - * \param ssl SSL context - * - * \return a string containing the SSL version - */ -const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); - -/** - * \brief Return the (maximum) number of bytes added by the record - * layer: header + encryption/MAC overhead (inc. padding) - * - * \note This function is not available (always returns an error) - * when record compression is enabled. - * - * \param ssl SSL context - * - * \return Current maximum record expansion in bytes, or - * MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is - * enabled, which makes expansion much less predictable - */ -int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -/** - * \brief Return the maximum fragment length (payload, in bytes). - * This is the value negotiated with peer if any, - * or the locally configured value. - * - * \sa mbedtls_ssl_conf_max_frag_len() - * \sa mbedtls_ssl_get_max_record_payload() - * - * \param ssl SSL context - * - * \return Current maximum fragment length. - */ -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -/** - * \brief Return the current maximum outgoing record payload in bytes. - * This takes into account the config.h setting \c - * MBEDTLS_SSL_OUT_CONTENT_LEN, the configured and negotiated - * max fragment length extension if used, and for DTLS the - * path MTU as configured and current record expansion. - * - * \note With DTLS, \c mbedtls_ssl_write() will return an error if - * called with a larger length value. - * With TLS, \c mbedtls_ssl_write() will fragment the input if - * necessary and return the number of bytes written; it is up - * to the caller to call \c mbedtls_ssl_write() again in - * order to send the remaining bytes if any. - * - * \note This function is not available (always returns an error) - * when record compression is enabled. - * - * \sa mbedtls_ssl_set_mtu() - * \sa mbedtls_ssl_get_max_frag_len() - * \sa mbedtls_ssl_get_record_expansion() - * - * \param ssl SSL context - * - * \return Current maximum payload for an outgoing record, - * or a negative error code. - */ -int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * \brief Return the peer certificate from the current connection. - * - * \param ssl The SSL context to use. This must be initialized and setup. - * - * \return The current peer certificate, if available. - * The returned certificate is owned by the SSL context and - * is valid only until the next call to the SSL API. - * \return \c NULL if no peer certificate is available. This might - * be because the chosen ciphersuite doesn't use CRTs - * (PSK-based ciphersuites, for example), or because - * #MBEDTLS_SSL_KEEP_PEER_CERTIFICATE has been disabled, - * allowing the stack to free the peer's CRT to save memory. - * - * \note For one-time inspection of the peer's certificate during - * the handshake, consider registering an X.509 CRT verification - * callback through mbedtls_ssl_conf_verify() instead of calling - * this function. Using mbedtls_ssl_conf_verify() also comes at - * the benefit of allowing you to influence the verification - * process, for example by masking expected and tolerated - * verification failures. - * - * \warning You must not use the pointer returned by this function - * after any further call to the SSL API, including - * mbedtls_ssl_read() and mbedtls_ssl_write(); this is - * because the pointer might change during renegotiation, - * which happens transparently to the user. - * If you want to use the certificate across API calls, - * you must make a copy. - */ -const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_CLI_C) -/** - * \brief Save session in order to resume it later (client-side only) - * Session data is copied to presented session structure. - * - * - * \param ssl SSL context - * \param session session context - * - * \return 0 if successful, - * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or - * arguments are otherwise invalid. - * - * \note Only the server certificate is copied, and not the full chain, - * so you should not attempt to validate the certificate again - * by calling \c mbedtls_x509_crt_verify() on it. - * Instead, you should use the results from the verification - * in the original handshake by calling \c mbedtls_ssl_get_verify_result() - * after loading the session again into a new SSL context - * using \c mbedtls_ssl_set_session(). - * - * \note Once the session object is not needed anymore, you should - * free it by calling \c mbedtls_ssl_session_free(). - * - * \sa mbedtls_ssl_set_session() - */ -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); -#endif /* MBEDTLS_SSL_CLI_C */ - -/** - * \brief Perform the SSL handshake - * - * \param ssl SSL context - * - * \return \c 0 if successful. - * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE - * if the handshake is incomplete and waiting for data to - * be available for reading from or writing to the underlying - * transport - in this case you must call this function again - * when the underlying transport is ready for the operation. - * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous - * operation is in progress (see - * mbedtls_ssl_conf_async_private_cb()) - in this case you - * must call this function again when the operation is ready. - * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic - * operation is in progress (see mbedtls_ecp_set_max_ops()) - - * in this case you must call this function again to complete - * the handshake when you're done attending other tasks. - * \return #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED if DTLS is in use - * and the client did not demonstrate reachability yet - in - * this case you must stop using the context (see below). - * \return Another SSL error code - in this case you must stop using - * the context (see below). - * - * \warning If this function returns something other than - * \c 0, - * #MBEDTLS_ERR_SSL_WANT_READ, - * #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, - * you must stop using the SSL context for reading or writing, - * and either free it or call \c mbedtls_ssl_session_reset() - * on it before re-using it for a new connection; the current - * connection must be closed. - * - * \note If DTLS is in use, then you may choose to handle - * #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging - * purposes, as it is an expected return value rather than an - * actual error, but you still need to reset/free the context. - * - * \note Remarks regarding event-driven DTLS: - * If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram - * from the underlying transport layer is currently being processed, - * and it is safe to idle until the timer or the underlying transport - * signal a new event. This is not true for a successful handshake, - * in which case the datagram of the underlying transport that is - * currently being processed might or might not contain further - * DTLS records. - */ -int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); - -/** - * \brief Perform a single step of the SSL handshake - * - * \note The state of the context (ssl->state) will be at - * the next state after this function returns \c 0. Do not - * call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER. - * - * \param ssl SSL context - * - * \return See mbedtls_ssl_handshake(). - * - * \warning If this function returns something other than \c 0, - * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using - * the SSL context for reading or writing, and either free it - * or call \c mbedtls_ssl_session_reset() on it before - * re-using it for a new connection; the current connection - * must be closed. - */ -int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -/** - * \brief Initiate an SSL renegotiation on the running connection. - * Client: perform the renegotiation right now. - * Server: request renegotiation, which will be performed - * during the next call to mbedtls_ssl_read() if honored by - * client. - * - * \param ssl SSL context - * - * \return 0 if successful, or any mbedtls_ssl_handshake() return - * value except #MBEDTLS_ERR_SSL_CLIENT_RECONNECT that can't - * happen during a renegotiation. - * - * \warning If this function returns something other than \c 0, - * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using - * the SSL context for reading or writing, and either free it - * or call \c mbedtls_ssl_session_reset() on it before - * re-using it for a new connection; the current connection - * must be closed. - * - */ -int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -/** - * \brief Read at most 'len' application data bytes - * - * \param ssl SSL context - * \param buf buffer that will hold the data - * \param len maximum number of bytes to read - * - * \return The (positive) number of bytes read if successful. - * \return \c 0 if the read end of the underlying transport was closed - * - in this case you must stop using the context (see below). - * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE - * if the handshake is incomplete and waiting for data to - * be available for reading from or writing to the underlying - * transport - in this case you must call this function again - * when the underlying transport is ready for the operation. - * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous - * operation is in progress (see - * mbedtls_ssl_conf_async_private_cb()) - in this case you - * must call this function again when the operation is ready. - * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic - * operation is in progress (see mbedtls_ecp_set_max_ops()) - - * in this case you must call this function again to complete - * the handshake when you're done attending other tasks. - * \return #MBEDTLS_ERR_SSL_CLIENT_RECONNECT if we're at the server - * side of a DTLS connection and the client is initiating a - * new connection using the same source port. See below. - * \return Another SSL error code - in this case you must stop using - * the context (see below). - * - * \warning If this function returns something other than - * a positive value, - * #MBEDTLS_ERR_SSL_WANT_READ, - * #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CLIENT_RECONNECT, - * you must stop using the SSL context for reading or writing, - * and either free it or call \c mbedtls_ssl_session_reset() - * on it before re-using it for a new connection; the current - * connection must be closed. - * - * \note When this function returns #MBEDTLS_ERR_SSL_CLIENT_RECONNECT - * (which can only happen server-side), it means that a client - * is initiating a new connection using the same source port. - * You can either treat that as a connection close and wait - * for the client to resend a ClientHello, or directly - * continue with \c mbedtls_ssl_handshake() with the same - * context (as it has been reset internally). Either way, you - * must make sure this is seen by the application as a new - * connection: application state, if any, should be reset, and - * most importantly the identity of the client must be checked - * again. WARNING: not validating the identity of the client - * again, or not transmitting the new identity to the - * application layer, would allow authentication bypass! - * - * \note Remarks regarding event-driven DTLS: - * - If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram - * from the underlying transport layer is currently being processed, - * and it is safe to idle until the timer or the underlying transport - * signal a new event. - * - This function may return MBEDTLS_ERR_SSL_WANT_READ even if data was - * initially available on the underlying transport, as this data may have - * been only e.g. duplicated messages or a renegotiation request. - * Therefore, you must be prepared to receive MBEDTLS_ERR_SSL_WANT_READ even - * when reacting to an incoming-data event from the underlying transport. - * - On success, the datagram of the underlying transport that is currently - * being processed may contain further DTLS records. You should call - * \c mbedtls_ssl_check_pending to check for remaining records. - * - */ -int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ); - -/** - * \brief Try to write exactly 'len' application data bytes - * - * \warning This function will do partial writes in some cases. If the - * return value is non-negative but less than length, the - * function must be called again with updated arguments: - * buf + ret, len - ret (if ret is the return value) until - * it returns a value equal to the last 'len' argument. - * - * \param ssl SSL context - * \param buf buffer holding the data - * \param len how many bytes must be written - * - * \return The (non-negative) number of bytes actually written if - * successful (may be less than \p len). - * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE - * if the handshake is incomplete and waiting for data to - * be available for reading from or writing to the underlying - * transport - in this case you must call this function again - * when the underlying transport is ready for the operation. - * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous - * operation is in progress (see - * mbedtls_ssl_conf_async_private_cb()) - in this case you - * must call this function again when the operation is ready. - * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic - * operation is in progress (see mbedtls_ecp_set_max_ops()) - - * in this case you must call this function again to complete - * the handshake when you're done attending other tasks. - * \return Another SSL error code - in this case you must stop using - * the context (see below). - * - * \warning If this function returns something other than - * a non-negative value, - * #MBEDTLS_ERR_SSL_WANT_READ, - * #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, - * you must stop using the SSL context for reading or writing, - * and either free it or call \c mbedtls_ssl_session_reset() - * on it before re-using it for a new connection; the current - * connection must be closed. - * - * \note When this function returns #MBEDTLS_ERR_SSL_WANT_WRITE/READ, - * it must be called later with the *same* arguments, - * until it returns a value greater that or equal to 0. When - * the function returns #MBEDTLS_ERR_SSL_WANT_WRITE there may be - * some partial data in the output buffer, however this is not - * yet sent. - * - * \note If the requested length is greater than the maximum - * fragment length (either the built-in limit or the one set - * or negotiated with the peer), then: - * - with TLS, less bytes than requested are written. - * - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. - * \c mbedtls_ssl_get_max_frag_len() may be used to query the - * active maximum fragment length. - * - * \note Attempting to write 0 bytes will result in an empty TLS - * application record being sent. - */ -int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); - -/** - * \brief Send an alert message - * - * \param ssl SSL context - * \param level The alert level of the message - * (MBEDTLS_SSL_ALERT_LEVEL_WARNING or MBEDTLS_SSL_ALERT_LEVEL_FATAL) - * \param message The alert message (SSL_ALERT_MSG_*) - * - * \return 0 if successful, or a specific SSL error code. - * - * \note If this function returns something other than 0 or - * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using - * the SSL context for reading or writing, and either free it or - * call \c mbedtls_ssl_session_reset() on it before re-using it - * for a new connection; the current connection must be closed. - */ -int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, - unsigned char level, - unsigned char message ); -/** - * \brief Notify the peer that the connection is being closed - * - * \param ssl SSL context - * - * \return 0 if successful, or a specific SSL error code. - * - * \note If this function returns something other than 0 or - * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using - * the SSL context for reading or writing, and either free it or - * call \c mbedtls_ssl_session_reset() on it before re-using it - * for a new connection; the current connection must be closed. - */ -int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ); - -/** - * \brief Free referenced items in an SSL context and clear memory - * - * \param ssl SSL context - */ -void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); - -/** - * \brief Initialize an SSL configuration context - * Just makes the context ready for - * mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free(). - * - * \note You need to call mbedtls_ssl_config_defaults() unless you - * manually set all of the relevant fields yourself. - * - * \param conf SSL configuration context - */ -void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); - -/** - * \brief Load reasonnable default SSL configuration values. - * (You need to call mbedtls_ssl_config_init() first.) - * - * \param conf SSL configuration context - * \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER - * \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or - * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS - * \param preset a MBEDTLS_SSL_PRESET_XXX value - * - * \note See \c mbedtls_ssl_conf_transport() for notes on DTLS. - * - * \return 0 if successful, or - * MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error. - */ -int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, - int endpoint, int transport, int preset ); - -/** - * \brief Free an SSL configuration context - * - * \param conf SSL configuration context - */ -void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ); - -/** - * \brief Initialize SSL session structure - * - * \param session SSL session - */ -void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); - -/** - * \brief Free referenced items in an SSL session including the - * peer certificate and clear memory - * - * \note A session object can be freed even if the SSL context - * that was used to retrieve the session is still in use. - * - * \param session SSL session - */ -void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); - -#ifdef __cplusplus -} -#endif - -#endif /* ssl.h */ diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h deleted file mode 100644 index 84254d3d1..000000000 --- a/include/mbedtls/ssl_cache.h +++ /dev/null @@ -1,151 +0,0 @@ -/** - * \file ssl_cache.h - * - * \brief SSL session cache implementation - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SSL_CACHE_H -#define MBEDTLS_SSL_CACHE_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "ssl.h" - -#if defined(MBEDTLS_THREADING_C) -#include "threading.h" -#endif - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - -#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) -#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ -#endif - -#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) -#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ -#endif - -/* \} name SECTION: Module settings */ - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context; -typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; - -/** - * \brief This structure is used for storing cache entries - */ -struct mbedtls_ssl_cache_entry -{ -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t timestamp; /*!< entry timestamp */ -#endif - mbedtls_ssl_session session; /*!< entry session */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_x509_buf peer_cert; /*!< entry peer_cert */ -#endif - mbedtls_ssl_cache_entry *next; /*!< chain pointer */ -}; - -/** - * \brief Cache context - */ -struct mbedtls_ssl_cache_context -{ - mbedtls_ssl_cache_entry *chain; /*!< start of the chain */ - int timeout; /*!< cache entry timeout */ - int max_entries; /*!< maximum entries */ -#if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; /*!< mutex */ -#endif -}; - -/** - * \brief Initialize an SSL cache context - * - * \param cache SSL cache context - */ -void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); - -/** - * \brief Cache get callback implementation - * (Thread-safe if MBEDTLS_THREADING_C is enabled) - * - * \param data SSL cache context - * \param session session to retrieve entry for - */ -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); - -/** - * \brief Cache set callback implementation - * (Thread-safe if MBEDTLS_THREADING_C is enabled) - * - * \param data SSL cache context - * \param session session to store entry for - */ -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); - -#if defined(MBEDTLS_HAVE_TIME) -/** - * \brief Set the cache timeout - * (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day)) - * - * A timeout of 0 indicates no timeout. - * - * \param cache SSL cache context - * \param timeout cache entry timeout in seconds - */ -void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); -#endif /* MBEDTLS_HAVE_TIME */ - -/** - * \brief Set the maximum number of cache entries - * (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50)) - * - * \param cache SSL cache context - * \param max cache entry maximum - */ -void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); - -/** - * \brief Free referenced items in a cache context and clear memory - * - * \param cache SSL cache context - */ -void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); - -#ifdef __cplusplus -} -#endif - -#endif /* ssl_cache.h */ diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h deleted file mode 100644 index 712678330..000000000 --- a/include/mbedtls/ssl_ciphersuites.h +++ /dev/null @@ -1,558 +0,0 @@ -/** - * \file ssl_ciphersuites.h - * - * \brief SSL Ciphersuites for mbed TLS - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SSL_CIPHERSUITES_H -#define MBEDTLS_SSL_CIPHERSUITES_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "pk.h" -#include "cipher.h" -#include "md.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Supported ciphersuites (Official IANA names) - */ -#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ -#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ - -#define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04 -#define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05 -#define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ - -#define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A - -#define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 - -#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ -#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ -#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ -#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F - -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 -#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35 -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 - -#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ -#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ - -#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 -#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 - -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ - -#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 -#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 - -#define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A -#define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B -#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C -#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D - -#define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E -#define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 - -#define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92 -#define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 -#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 -#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 - -#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ - -#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ - -#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE -#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF -#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ -#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ - -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 -#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ -#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ - -#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 -#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 -#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ -#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ - -#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ - -#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ - -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */ - -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */ - -#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */ - -#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */ - -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ - -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ - -#define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */ - -#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */ - -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */ - -#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ - -#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ - -#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 -#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 -#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 -#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 -#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 -#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 -#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */ - -#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ -/* The last two are named with PSK_DHE in the RFC, which looks like a typo */ - -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ - -#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF /**< experimental */ - -/* RFC 7905 */ -#define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /**< TLS 1.2 */ -#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */ -#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */ -#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */ -#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */ - -/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange. - * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below - */ -typedef enum { - MBEDTLS_KEY_EXCHANGE_NONE = 0, - MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_KEY_EXCHANGE_ECJPAKE, -} mbedtls_key_exchange_type_t; - -/* Key exchanges using a certificate */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED -#endif - -/* Key exchanges allowing client certificate requests */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED -#endif - -/* Key exchanges involving server signature in ServerKeyExchange */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED -#endif - -/* Key exchanges using ECDH */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED -#endif - -/* Key exchanges that don't involve ephemeral keys */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED -#endif - -/* Key exchanges that involve ephemeral keys */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED -#endif - -/* Key exchanges using a PSK */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED -#endif - -/* Key exchanges using DHE */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED -#endif - -/* Key exchanges using ECDHE */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED -#endif - -typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; - -#define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ -#define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, - eg for CCM_8 */ -#define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */ - -/** - * \brief This structure is used for storing ciphersuite information - */ -struct mbedtls_ssl_ciphersuite_t -{ - int id; - const char * name; - - mbedtls_cipher_type_t cipher; - mbedtls_md_type_t mac; - mbedtls_key_exchange_type_t key_exchange; - - int min_major_ver; - int min_minor_ver; - int max_major_ver; - int max_minor_ver; - - unsigned char flags; -}; - -const int *mbedtls_ssl_list_ciphersuites( void ); - -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); - -#if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); -#endif - -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED) -static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) -static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */ - -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ - -#ifdef __cplusplus -} -#endif - -#endif /* ssl_ciphersuites.h */ diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h deleted file mode 100644 index e34760ae8..000000000 --- a/include/mbedtls/ssl_cookie.h +++ /dev/null @@ -1,115 +0,0 @@ -/** - * \file ssl_cookie.h - * - * \brief DTLS cookie callbacks implementation - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SSL_COOKIE_H -#define MBEDTLS_SSL_COOKIE_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "ssl.h" - -#if defined(MBEDTLS_THREADING_C) -#include "threading.h" -#endif - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ -#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT -#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ -#endif - -/* \} name SECTION: Module settings */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Context for the default cookie functions. - */ -typedef struct mbedtls_ssl_cookie_ctx -{ - mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ -#if !defined(MBEDTLS_HAVE_TIME) - unsigned long serial; /*!< serial number for expiration */ -#endif - unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME, - or in number of tickets issued */ - -#if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; -#endif -} mbedtls_ssl_cookie_ctx; - -/** - * \brief Initialize cookie context - */ -void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); - -/** - * \brief Setup cookie context (generate keys) - */ -int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Set expiration delay for cookies - * (Default MBEDTLS_SSL_COOKIE_TIMEOUT) - * - * \param ctx Cookie contex - * \param delay Delay, in seconds if HAVE_TIME, or in number of cookies - * issued in the meantime. - * 0 to disable expiration (NOT recommended) - */ -void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); - -/** - * \brief Free cookie context - */ -void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); - -/** - * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t - */ -mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write; - -/** - * \brief Verify cookie, see \c mbedtls_ssl_cookie_write_t - */ -mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check; - -#ifdef __cplusplus -} -#endif - -#endif /* ssl_cookie.h */ diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h deleted file mode 100644 index 5dde239df..000000000 --- a/include/mbedtls/ssl_internal.h +++ /dev/null @@ -1,819 +0,0 @@ -/** - * \file ssl_internal.h - * - * \brief Internal functions shared by the SSL modules - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SSL_INTERNAL_H -#define MBEDTLS_SSL_INTERNAL_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "ssl.h" -#include "cipher.h" - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#endif - -#if defined(MBEDTLS_MD5_C) -#include "md5.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "sha512.h" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#include "ecjpake.h" -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#include "psa_util.h" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - -/* Determine minimum supported version */ -#define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 - -#if defined(MBEDTLS_SSL_PROTO_SSL3) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 -#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 - -/* Determine maximum supported version */ -#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 -#else -#if defined(MBEDTLS_SSL_PROTO_SSL3) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -/* Shorthand for restartable ECC */ -#if defined(MBEDTLS_ECP_RESTARTABLE) && \ - defined(MBEDTLS_SSL_CLI_C) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#define MBEDTLS_SSL__ECP_RESTARTABLE -#endif - -#define MBEDTLS_SSL_INITIAL_HANDSHAKE 0 -#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */ -#define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ -#define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ - -/* - * DTLS retransmission states, see RFC 6347 4.2.4 - * - * The SENDING state is merged in PREPARING for initial sends, - * but is distinct for resends. - * - * Note: initial state is wrong for server, but is not used anyway. - */ -#define MBEDTLS_SSL_RETRANS_PREPARING 0 -#define MBEDTLS_SSL_RETRANS_SENDING 1 -#define MBEDTLS_SSL_RETRANS_WAITING 2 -#define MBEDTLS_SSL_RETRANS_FINISHED 3 - -/* - * Allow extra bytes for record, authentication and encryption overhead: - * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256) - * and allow for a maximum of 1024 of compression expansion if - * enabled. - */ -#if defined(MBEDTLS_ZLIB_SUPPORT) -#define MBEDTLS_SSL_COMPRESSION_ADD 1024 -#else -#define MBEDTLS_SSL_COMPRESSION_ADD 0 -#endif - -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_MODE_CBC) -/* Ciphersuites using HMAC */ -#if defined(MBEDTLS_SHA512_C) -#define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ -#elif defined(MBEDTLS_SHA256_C) -#define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ -#else -#define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ -#endif -#else -/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ -#define MBEDTLS_SSL_MAC_ADD 16 -#endif - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#define MBEDTLS_SSL_PADDING_ADD 256 -#else -#define MBEDTLS_SSL_PADDING_ADD 0 -#endif - -#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \ - MBEDTLS_MAX_IV_LENGTH + \ - MBEDTLS_SSL_MAC_ADD + \ - MBEDTLS_SSL_PADDING_ADD \ - ) - -#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ - ( MBEDTLS_SSL_IN_CONTENT_LEN ) ) - -#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ - ( MBEDTLS_SSL_OUT_CONTENT_LEN ) ) - -/* The maximum number of buffered handshake messages. */ -#define MBEDTLS_SSL_MAX_BUFFERED_HS 4 - -/* Maximum length we can advertise as our max content length for - RFC 6066 max_fragment_length extension negotiation purposes - (the lesser of both sizes, if they are unequal.) - */ -#define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ( \ - (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN) \ - ? ( MBEDTLS_SSL_OUT_CONTENT_LEN ) \ - : ( MBEDTLS_SSL_IN_CONTENT_LEN ) \ - ) - -/* - * Check that we obey the standard's message size bounds - */ - -#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384 -#error "Bad configuration - record content too large." -#endif - -#if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." -#endif - -#if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." -#endif - -#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 -#error "Bad configuration - incoming protected record payload too large." -#endif - -#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 -#error "Bad configuration - outgoing protected record payload too large." -#endif - -/* Calculate buffer sizes */ - -/* Note: Even though the TLS record header is only 5 bytes - long, we're internally using 8 bytes to store the - implicit sequence number. */ -#define MBEDTLS_SSL_HEADER_LEN 13 - -#define MBEDTLS_SSL_IN_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) ) - -#define MBEDTLS_SSL_OUT_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) ) - -#ifdef MBEDTLS_ZLIB_SUPPORT -/* Compression buffer holds both IN and OUT buffers, so should be size of the larger */ -#define MBEDTLS_SSL_COMPRESS_BUFFER_LEN ( \ - ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN ) \ - ? MBEDTLS_SSL_IN_BUFFER_LEN \ - : MBEDTLS_SSL_OUT_BUFFER_LEN \ - ) -#endif - -/* - * TLS extension flags (for extensions with outgoing ServerHello content - * that need it (e.g. for RENEGOTIATION_INFO the server already knows because - * of state of the renegotiation flag, so no indicator is required) - */ -#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0) -#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK (1 << 1) - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -/* - * Abstraction for a grid of allowed signature-hash-algorithm pairs. - */ -struct mbedtls_ssl_sig_hash_set_t -{ - /* At the moment, we only need to remember a single suitable - * hash algorithm per signature algorithm. As long as that's - * the case - and we don't need a general lookup function - - * we can implement the sig-hash-set as a map from signatures - * to hash algorithms. */ - mbedtls_md_type_t rsa; - mbedtls_md_type_t ecdsa; -}; -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -/* - * This structure contains the parameters only needed during handshake. - */ -struct mbedtls_ssl_handshake_params -{ - /* - * Handshake specific crypto variables - */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - mbedtls_ssl_sig_hash_set_t hash_algs; /*!< Set of suitable sig-hash pairs */ -#endif -#if defined(MBEDTLS_DHM_C) - mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ -#endif -#if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_ecc_curve_t ecdh_psa_curve; - psa_key_handle_t ecdh_psa_privkey; - unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t ecdh_psa_peerkey_len; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_ECDH_C */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */ -#if defined(MBEDTLS_SSL_CLI_C) - unsigned char *ecjpake_cache; /*!< Cache for ClientHello ext */ - size_t ecjpake_cache_len; /*!< Length of cached data */ -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ -#endif -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_handle_t psk_opaque; /*!< Opaque PSK from the callback */ -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - unsigned char *psk; /*!< PSK from the callback */ - size_t psk_len; /*!< Length of PSK from callback */ -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - int sni_authmode; /*!< authmode from SNI callback */ - mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ - mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */ - mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - int ecrs_enabled; /*!< Handshake supports EC restart? */ - mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ - enum { /* this complements ssl->state with info on intra-state operations */ - ssl_ecrs_none = 0, /*!< nothing going on (yet) */ - ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ - ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */ - ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */ - ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */ - } ecrs_state; /*!< current (or last) operation */ - mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */ - size_t ecrs_n; /*!< place for saving a length */ -#endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_context peer_pubkey; /*!< The public key from the peer. */ -#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ - unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ - - unsigned char *verify_cookie; /*!< Cli: HelloVerifyRequest cookie - Srv: unused */ - unsigned char verify_cookie_len; /*!< Cli: cookie length - Srv: flag for sending a cookie */ - - uint32_t retransmit_timeout; /*!< Current value of timeout */ - unsigned char retransmit_state; /*!< Retransmission state */ - mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ - mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ - unsigned char *cur_msg_p; /*!< Position in current message */ - unsigned int in_flight_start_seq; /*!< Minimum message sequence in the - flight being received */ - mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for - resending messages */ - unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter - for resending messages */ - - struct - { - size_t total_bytes_buffered; /*!< Cumulative size of heap allocated - * buffers used for message buffering. */ - - uint8_t seen_ccs; /*!< Indicates if a CCS message has - * been seen in the current flight. */ - - struct mbedtls_ssl_hs_buffer - { - unsigned is_valid : 1; - unsigned is_fragmented : 1; - unsigned is_complete : 1; - unsigned char *data; - size_t data_len; - } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; - - struct - { - unsigned char *data; - size_t len; - unsigned epoch; - } future_record; - - } buffering; - - uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */ -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - /* - * Checksum contexts - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_context fin_md5; - mbedtls_sha1_context fin_sha1; -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_operation_t fin_sha256_psa; -#else - mbedtls_sha256_context fin_sha256; -#endif -#endif -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_operation_t fin_sha384_psa; -#else - mbedtls_sha512_context fin_sha512; -#endif -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); - void (*calc_verify)(mbedtls_ssl_context *, unsigned char *); - void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); - int (*tls_prf)(const unsigned char *, size_t, const char *, - const unsigned char *, size_t, - unsigned char *, size_t); - - size_t pmslen; /*!< premaster length */ - - unsigned char randbytes[64]; /*!< random bytes */ - unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; - /*!< premaster secret */ - - int resume; /*!< session resume indicator*/ - int max_major_ver; /*!< max. major version client*/ - int max_minor_ver; /*!< max. minor version client*/ - int cli_exts; /*!< client extension presence*/ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - int new_session_ticket; /*!< use NewSessionTicket? */ -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - int extended_ms; /*!< use Extended Master Secret? */ -#endif - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - unsigned int async_in_progress : 1; /*!< an asynchronous operation is in progress */ -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - /** Asynchronous operation context. This field is meant for use by the - * asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start, - * mbedtls_ssl_config::f_async_decrypt_start, - * mbedtls_ssl_config::f_async_resume, mbedtls_ssl_config::f_async_cancel). - * The library does not use it internally. */ - void *user_async_ctx; -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -}; - -typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; - -/* - * This structure contains a full set of runtime transform parameters - * either in negotiation or active. - */ -struct mbedtls_ssl_transform -{ - /* - * Session specific crypto layer - */ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - /*!< Chosen cipersuite_info */ - unsigned int keylen; /*!< symmetric key length (bytes) */ - size_t minlen; /*!< min. ciphertext length */ - size_t ivlen; /*!< IV length */ - size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ - size_t maclen; /*!< MAC length */ - - unsigned char iv_enc[16]; /*!< IV (encryption) */ - unsigned char iv_dec[16]; /*!< IV (decryption) */ - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - /* Needed only for SSL v3.0 secret */ - unsigned char mac_enc[20]; /*!< SSL v3.0 secret (enc) */ - unsigned char mac_dec[20]; /*!< SSL v3.0 secret (dec) */ -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - - mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ - mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ - - mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */ - mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ - - /* - * Session specific compression layer - */ -#if defined(MBEDTLS_ZLIB_SUPPORT) - z_stream ctx_deflate; /*!< compression context */ - z_stream ctx_inflate; /*!< decompression context */ -#endif -}; - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/* - * List of certificate + private key pairs - */ -struct mbedtls_ssl_key_cert -{ - mbedtls_x509_crt *cert; /*!< cert */ - mbedtls_pk_context *key; /*!< private key */ - mbedtls_ssl_key_cert *next; /*!< next key/cert pair */ -}; -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -/* - * List of handshake messages kept around for resending - */ -struct mbedtls_ssl_flight_item -{ - unsigned char *p; /*!< message, including handshake headers */ - size_t len; /*!< length of p */ - unsigned char type; /*!< type of the message: handshake or CCS */ - mbedtls_ssl_flight_item *next; /*!< next handshake message(s) */ -}; -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - -/* Find an entry in a signature-hash set matching a given hash algorithm. */ -mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg ); -/* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ); -/* Allow exactly one hash algorithm for each signature. */ -void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_md_type_t md_alg ); - -/* Setup an empty signature-hash set */ -static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set ) -{ - mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE ); -} - -#endif /* MBEDTLS_SSL_PROTO_TLS1_2) && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -/** - * \brief Free referenced items in an SSL transform context and clear - * memory - * - * \param transform SSL transform context - */ -void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); - -/** - * \brief Free referenced items in an SSL handshake context and clear - * memory - * - * \param ssl SSL context - */ -void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); - -void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); - -/** - * \brief Update record layer - * - * This function roughly separates the implementation - * of the logic of (D)TLS from the implementation - * of the secure transport. - * - * \param ssl The SSL context to use. - * \param update_hs_digest This indicates if the handshake digest - * should be automatically updated in case - * a handshake message is found. - * - * \return 0 or non-zero error code. - * - * \note A clarification on what is called 'record layer' here - * is in order, as many sensible definitions are possible: - * - * The record layer takes as input an untrusted underlying - * transport (stream or datagram) and transforms it into - * a serially multiplexed, secure transport, which - * conceptually provides the following: - * - * (1) Three datagram based, content-agnostic transports - * for handshake, alert and CCS messages. - * (2) One stream- or datagram-based transport - * for application data. - * (3) Functionality for changing the underlying transform - * securing the contents. - * - * The interface to this functionality is given as follows: - * - * a Updating - * [Currently implemented by mbedtls_ssl_read_record] - * - * Check if and on which of the four 'ports' data is pending: - * Nothing, a controlling datagram of type (1), or application - * data (2). In any case data is present, internal buffers - * provide access to the data for the user to process it. - * Consumption of type (1) datagrams is done automatically - * on the next update, invalidating that the internal buffers - * for previous datagrams, while consumption of application - * data (2) is user-controlled. - * - * b Reading of application data - * [Currently manual adaption of ssl->in_offt pointer] - * - * As mentioned in the last paragraph, consumption of data - * is different from the automatic consumption of control - * datagrams (1) because application data is treated as a stream. - * - * c Tracking availability of application data - * [Currently manually through decreasing ssl->in_msglen] - * - * For efficiency and to retain datagram semantics for - * application data in case of DTLS, the record layer - * provides functionality for checking how much application - * data is still available in the internal buffer. - * - * d Changing the transformation securing the communication. - * - * Given an opaque implementation of the record layer in the - * above sense, it should be possible to implement the logic - * of (D)TLS on top of it without the need to know anything - * about the record layer's internals. This is done e.g. - * in all the handshake handling functions, and in the - * application data reading function mbedtls_ssl_read. - * - * \note The above tries to give a conceptual picture of the - * record layer, but the current implementation deviates - * from it in some places. For example, our implementation of - * the update functionality through mbedtls_ssl_read_record - * discards datagrams depending on the current state, which - * wouldn't fall under the record layer's responsibility - * following the above definition. - * - */ -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, - unsigned update_hs_digest ); -int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); - -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); -int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); - -void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); -#endif - -#if defined(MBEDTLS_PK_C) -unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ); -unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ); -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ); -#endif - -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); -unsigned char mbedtls_ssl_hash_from_md_alg( int md ); -int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ); - -#if defined(MBEDTLS_ECP_C) -int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, - mbedtls_md_type_t md ); -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_key_cert *key_cert; - - if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) - key_cert = ssl->handshake->key_cert; - else - key_cert = ssl->conf->key_cert; - - return( key_cert == NULL ? NULL : key_cert->key ); -} - -static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_key_cert *key_cert; - - if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) - key_cert = ssl->handshake->key_cert; - else - key_cert = ssl->conf->key_cert; - - return( key_cert == NULL ? NULL : key_cert->cert ); -} - -/* - * Check usage of a certificate wrt extensions: - * keyUsage, extendedKeyUsage (later), and nSCertType (later). - * - * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we - * check a cert we received from them)! - * - * Return 0 if everything is OK, -1 if not. - */ -int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - uint32_t *flags ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ); -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ); - -static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 13 ); -#else - ((void) ssl); -#endif - return( 5 ); -} - -static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 12 ); -#else - ((void) ssl); -#endif - return( 4 ); -} - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ); -#endif - -/* Visible for testing purposes only */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); -#endif - -int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, - const mbedtls_ssl_session *src ); - -/* constant-time buffer comparison */ -static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n ) -{ - size_t i; - volatile const unsigned char *A = (volatile const unsigned char *) a; - volatile const unsigned char *B = (volatile const unsigned char *) b; - volatile unsigned char diff = 0; - - for( i = 0; i < n; i++ ) - { - /* Read volatile data in order before computing diff. - * This avoids IAR compiler warning: - * 'the order of volatile accesses is undefined ..' */ - unsigned char x = A[i], y = B[i]; - diff |= x ^ y; - } - - return( diff ); -} - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ); -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ - MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) -/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */ -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ - -#ifdef __cplusplus -} -#endif - -#endif /* ssl_internal.h */ diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h deleted file mode 100644 index 774a007a9..000000000 --- a/include/mbedtls/ssl_ticket.h +++ /dev/null @@ -1,142 +0,0 @@ -/** - * \file ssl_ticket.h - * - * \brief TLS server ticket callbacks implementation - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SSL_TICKET_H -#define MBEDTLS_SSL_TICKET_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -/* - * This implementation of the session ticket callbacks includes key - * management, rotating the keys periodically in order to preserve forward - * secrecy, when MBEDTLS_HAVE_TIME is defined. - */ - -#include "ssl.h" -#include "cipher.h" - -#if defined(MBEDTLS_THREADING_C) -#include "threading.h" -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Information for session ticket protection - */ -typedef struct mbedtls_ssl_ticket_key -{ - unsigned char name[4]; /*!< random key identifier */ - uint32_t generation_time; /*!< key generation timestamp (seconds) */ - mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */ -} -mbedtls_ssl_ticket_key; - -/** - * \brief Context for session ticket handling functions - */ -typedef struct mbedtls_ssl_ticket_context -{ - mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ - unsigned char active; /*!< index of the currently active key */ - - uint32_t ticket_lifetime; /*!< lifetime of tickets in seconds */ - - /** Callback for getting (pseudo-)random numbers */ - int (*f_rng)(void *, unsigned char *, size_t); - void *p_rng; /*!< context for the RNG function */ - -#if defined(MBEDTLS_THREADING_C) - mbedtls_threading_mutex_t mutex; -#endif -} -mbedtls_ssl_ticket_context; - -/** - * \brief Initialize a ticket context. - * (Just make it ready for mbedtls_ssl_ticket_setup() - * or mbedtls_ssl_ticket_free().) - * - * \param ctx Context to be initialized - */ -void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); - -/** - * \brief Prepare context to be actually used - * - * \param ctx Context to be set up - * \param f_rng RNG callback function - * \param p_rng RNG callback context - * \param cipher AEAD cipher to use for ticket protection. - * Recommended value: MBEDTLS_CIPHER_AES_256_GCM. - * \param lifetime Tickets lifetime in seconds - * Recommended value: 86400 (one day). - * - * \note It is highly recommended to select a cipher that is at - * least as strong as the the strongest ciphersuite - * supported. Usually that means a 256-bit key. - * - * \note The lifetime of the keys is twice the lifetime of tickets. - * It is recommended to pick a reasonnable lifetime so as not - * to negate the benefits of forward secrecy. - * - * \return 0 if successful, - * or a specific MBEDTLS_ERR_XXX error code - */ -int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_cipher_type_t cipher, - uint32_t lifetime ); - -/** - * \brief Implementation of the ticket write callback - * - * \note See \c mbedtls_ssl_ticket_write_t for description - */ -mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write; - -/** - * \brief Implementation of the ticket parse callback - * - * \note See \c mbedtls_ssl_ticket_parse_t for description - */ -mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse; - -/** - * \brief Free a context's content and zeroize it. - * - * \param ctx Context to be cleaned up - */ -void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); - -#ifdef __cplusplus -} -#endif - -#endif /* ssl_ticket.h */ diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h deleted file mode 100644 index b63e864e3..000000000 --- a/include/mbedtls/x509.h +++ /dev/null @@ -1,339 +0,0 @@ -/** - * \file x509.h - * - * \brief X.509 generic defines and structures - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_X509_H -#define MBEDTLS_X509_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "asn1.h" -#include "pk.h" - -#if defined(MBEDTLS_RSA_C) -#include "rsa.h" -#endif - -/** - * \addtogroup x509_module - * \{ - */ - -#if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) -/** - * Maximum number of intermediate CAs in a verification chain. - * That is, maximum length of the chain, excluding the end-entity certificate - * and the trusted root certificate. - * - * Set this to a low value to prevent an adversary from making you waste - * resources verifying an overlong certificate chain. - */ -#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 -#endif - -/** - * \name X509 Error codes - * \{ - */ -#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ -#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ -#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ -#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ -#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ -#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ -#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ -#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ -#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */ -#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ -#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ -#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ -#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ -#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ -#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */ -#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */ -/* \} name */ - -/** - * \name X509 Verify codes - * \{ - */ -/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */ -#define MBEDTLS_X509_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ -#define MBEDTLS_X509_BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ -#define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ -#define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ -#define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 /**< The CRL is not correctly signed by the trusted CA. */ -#define MBEDTLS_X509_BADCRL_EXPIRED 0x20 /**< The CRL is expired. */ -#define MBEDTLS_X509_BADCERT_MISSING 0x40 /**< Certificate was missing. */ -#define MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ -#define MBEDTLS_X509_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ -#define MBEDTLS_X509_BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */ -#define MBEDTLS_X509_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */ -#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */ -#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */ -#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */ -#define MBEDTLS_X509_BADCERT_BAD_MD 0x4000 /**< The certificate is signed with an unacceptable hash. */ -#define MBEDTLS_X509_BADCERT_BAD_PK 0x8000 /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ -#define MBEDTLS_X509_BADCERT_BAD_KEY 0x010000 /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */ -#define MBEDTLS_X509_BADCRL_BAD_MD 0x020000 /**< The CRL is signed with an unacceptable hash. */ -#define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ -#define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */ - -/* \} name */ -/* \} addtogroup x509_module */ - -/* - * X.509 v3 Key Usage Extension flags - * Reminder: update x509_info_key_usage() when adding new flags. - */ -#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ -#define MBEDTLS_X509_KU_NON_REPUDIATION (0x40) /* bit 1 */ -#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ -#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ -#define MBEDTLS_X509_KU_KEY_AGREEMENT (0x08) /* bit 4 */ -#define MBEDTLS_X509_KU_KEY_CERT_SIGN (0x04) /* bit 5 */ -#define MBEDTLS_X509_KU_CRL_SIGN (0x02) /* bit 6 */ -#define MBEDTLS_X509_KU_ENCIPHER_ONLY (0x01) /* bit 7 */ -#define MBEDTLS_X509_KU_DECIPHER_ONLY (0x8000) /* bit 8 */ - -/* - * Netscape certificate types - * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) - */ - -#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ -#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ -#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ -#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ -#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ -#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ -#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ -#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ - -/* - * X.509 extension types - * - * Comments refer to the status for using certificates. Status can be - * different for writing certificates or reading CRLs or CSRs. - * - * Those are defined in oid.h as oid.c needs them in a data structure. Since - * these were previously defined here, let's have aliases for compatibility. - */ -#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER -#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER -#define MBEDTLS_X509_EXT_KEY_USAGE MBEDTLS_OID_X509_EXT_KEY_USAGE -#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES -#define MBEDTLS_X509_EXT_POLICY_MAPPINGS MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS -#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME /* Supported (DNS) */ -#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME -#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS -#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS /* Supported */ -#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS -#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS -#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE -#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS -#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY -#define MBEDTLS_X509_EXT_FRESHEST_CRL MBEDTLS_OID_X509_EXT_FRESHEST_CRL -#define MBEDTLS_X509_EXT_NS_CERT_TYPE MBEDTLS_OID_X509_EXT_NS_CERT_TYPE - -/* - * Storage format identifiers - * Recognized formats: PEM and DER - */ -#define MBEDTLS_X509_FORMAT_DER 1 -#define MBEDTLS_X509_FORMAT_PEM 2 - -#define MBEDTLS_X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \addtogroup x509_module - * \{ */ - -/** - * \name Structures for parsing X.509 certificates, CRLs and CSRs - * \{ - */ - -/** - * Type-length-value structure that allows for ASN1 using DER. - */ -typedef mbedtls_asn1_buf mbedtls_x509_buf; - -/** - * Container for ASN1 bit strings. - */ -typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring; - -/** - * Container for ASN1 named information objects. - * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.). - */ -typedef mbedtls_asn1_named_data mbedtls_x509_name; - -/** - * Container for a sequence of ASN.1 items - */ -typedef mbedtls_asn1_sequence mbedtls_x509_sequence; - -/** Container for date and time (precision in seconds). */ -typedef struct mbedtls_x509_time -{ - int year, mon, day; /**< Date. */ - int hour, min, sec; /**< Time. */ -} -mbedtls_x509_time; - -/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ -/** \} addtogroup x509_module */ - -/** - * \brief Store the certificate DN in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param dn The X509 name to represent - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); - -/** - * \brief Store the certificate serial in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param serial The X509 serial to represent - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); - -/** - * \brief Check a given mbedtls_x509_time against the system time - * and tell if it's in the past. - * - * \note Intended usage is "if( is_past( valid_to ) ) ERROR". - * Hence the return value of 1 if on internal errors. - * - * \param to mbedtls_x509_time to check - * - * \return 1 if the given time is in the past or an error occurred, - * 0 otherwise. - */ -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); - -/** - * \brief Check a given mbedtls_x509_time against the system time - * and tell if it's in the future. - * - * \note Intended usage is "if( is_future( valid_from ) ) ERROR". - * Hence the return value of 1 if on internal errors. - * - * \param from mbedtls_x509_time to check - * - * \return 1 if the given time is in the future or an error occurred, - * 0 otherwise. - */ -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); - -#if defined(MBEDTLS_SELF_TEST) - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int mbedtls_x509_self_test( int verbose ); - -#endif /* MBEDTLS_SELF_TEST */ - -/* - * Internal module functions. You probably do not want to use these unless you - * know you do. - */ -int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur ); -int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg ); -int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) -int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len ); -#endif -int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); -int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts ); -int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *t ); -int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial ); -int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag ); -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ); -int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); -int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); -int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, - size_t val_len ); -int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ); -int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ); -int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ); - -#define MBEDTLS_X509_SAFE_SNPRINTF \ - do { \ - if( ret < 0 || (size_t) ret >= n ) \ - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ - \ - n -= (size_t) ret; \ - p += (size_t) ret; \ - } while( 0 ) - -#ifdef __cplusplus -} -#endif - -#endif /* x509.h */ diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h deleted file mode 100644 index fa838d68c..000000000 --- a/include/mbedtls/x509_crl.h +++ /dev/null @@ -1,174 +0,0 @@ -/** - * \file x509_crl.h - * - * \brief X.509 certificate revocation list parsing - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_X509_CRL_H -#define MBEDTLS_X509_CRL_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "x509.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \addtogroup x509_module - * \{ */ - -/** - * \name Structures and functions for parsing CRLs - * \{ - */ - -/** - * Certificate revocation list entry. - * Contains the CA-specific serial numbers and revocation dates. - */ -typedef struct mbedtls_x509_crl_entry -{ - mbedtls_x509_buf raw; - - mbedtls_x509_buf serial; - - mbedtls_x509_time revocation_date; - - mbedtls_x509_buf entry_ext; - - struct mbedtls_x509_crl_entry *next; -} -mbedtls_x509_crl_entry; - -/** - * Certificate revocation list structure. - * Every CRL may have multiple entries. - */ -typedef struct mbedtls_x509_crl -{ - mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ - mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ - - int version; /**< CRL version (1=v1, 2=v2) */ - mbedtls_x509_buf sig_oid; /**< CRL signature type identifier */ - - mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). */ - - mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ - - mbedtls_x509_time this_update; - mbedtls_x509_time next_update; - - mbedtls_x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ - - mbedtls_x509_buf crl_ext; - - mbedtls_x509_buf sig_oid2; - mbedtls_x509_buf sig; - mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ - mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ - - struct mbedtls_x509_crl *next; -} -mbedtls_x509_crl; - -/** - * \brief Parse a DER-encoded CRL and append it to the chained list - * - * \param chain points to the start of the chain - * \param buf buffer holding the CRL data in DER format - * \param buflen size of the buffer - * (including the terminating null byte for PEM data) - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, - const unsigned char *buf, size_t buflen ); -/** - * \brief Parse one or more CRLs and append them to the chained list - * - * \note Multiple CRLs are accepted only if using PEM format - * - * \param chain points to the start of the chain - * \param buf buffer holding the CRL data in PEM or DER format - * \param buflen size of the buffer - * (including the terminating null byte for PEM data) - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); - -#if defined(MBEDTLS_FS_IO) -/** - * \brief Load one or more CRLs and append them to the chained list - * - * \note Multiple CRLs are accepted only if using PEM format - * - * \param chain points to the start of the chain - * \param path filename to read the CRLs from (in PEM or DER encoding) - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); -#endif /* MBEDTLS_FS_IO */ - -/** - * \brief Returns an informational string about the CRL. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param prefix A line prefix - * \param crl The X509 CRL to represent - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crl *crl ); - -/** - * \brief Initialize a CRL (chain) - * - * \param crl CRL chain to initialize - */ -void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); - -/** - * \brief Unallocate all CRL data - * - * \param crl CRL chain to free - */ -void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); - -/* \} name */ -/* \} addtogroup x509_module */ - -#ifdef __cplusplus -} -#endif - -#endif /* mbedtls_x509_crl.h */ diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h deleted file mode 100644 index eea263201..000000000 --- a/include/mbedtls/x509_crt.h +++ /dev/null @@ -1,921 +0,0 @@ -/** - * \file x509_crt.h - * - * \brief X.509 certificate parsing and writing - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_X509_CRT_H -#define MBEDTLS_X509_CRT_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "x509.h" -#include "x509_crl.h" - -/** - * \addtogroup x509_module - * \{ - */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \name Structures and functions for parsing and writing X.509 certificates - * \{ - */ - -/** - * Container for an X.509 certificate. The certificate may be chained. - */ -typedef struct mbedtls_x509_crt -{ - int own_buffer; /**< Indicates if \c raw is owned - * by the structure or not. */ - mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ - mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ - - int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ - mbedtls_x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ - mbedtls_x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */ - - mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ - mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ - - mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ - mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ - - mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ - mbedtls_x509_time valid_to; /**< End time of certificate validity. */ - - mbedtls_x509_buf pk_raw; - mbedtls_pk_context pk; /**< Container for the public key context. */ - - mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ - mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ - mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ - mbedtls_x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ - - int ext_types; /**< Bit string containing detected and parsed extensions */ - int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ - int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ - - unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ - - mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ - - unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ - - mbedtls_x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ - mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ - mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ - - struct mbedtls_x509_crt *next; /**< Next certificate in the CA-chain. */ -} -mbedtls_x509_crt; - -/** - * Build flag from an algorithm/curve identifier (pk, md, ecp) - * Since 0 is always XXX_NONE, ignore it. - */ -#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) ) - -/** - * Security profile for certificate verification. - * - * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). - */ -typedef struct mbedtls_x509_crt_profile -{ - uint32_t allowed_mds; /**< MDs for signatures */ - uint32_t allowed_pks; /**< PK algs for signatures */ - uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ - uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ -} -mbedtls_x509_crt_profile; - -#define MBEDTLS_X509_CRT_VERSION_1 0 -#define MBEDTLS_X509_CRT_VERSION_2 1 -#define MBEDTLS_X509_CRT_VERSION_3 2 - -#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 -#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 - -#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) -#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 -#endif - -/** - * Container for writing a certificate (CRT) - */ -typedef struct mbedtls_x509write_cert -{ - int version; - mbedtls_mpi serial; - mbedtls_pk_context *subject_key; - mbedtls_pk_context *issuer_key; - mbedtls_asn1_named_data *subject; - mbedtls_asn1_named_data *issuer; - mbedtls_md_type_t md_alg; - char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; - char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; - mbedtls_asn1_named_data *extensions; -} -mbedtls_x509write_cert; - -/** - * Item in a verification chain: cert and flags for it - */ -typedef struct { - mbedtls_x509_crt *crt; - uint32_t flags; -} mbedtls_x509_crt_verify_chain_item; - -/** - * Max size of verification chain: end-entity + intermediates + trusted root - */ -#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) - -/** - * Verification chain as built by \c mbedtls_crt_verify_chain() - */ -typedef struct -{ - mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; - unsigned len; - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - /* This stores the list of potential trusted signers obtained from - * the CA callback used for the CRT verification, if configured. - * We must track it somewhere because the callback passes its - * ownership to the caller. */ - mbedtls_x509_crt *trust_ca_cb_result; -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -} mbedtls_x509_crt_verify_chain; - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - -/** - * \brief Context for resuming X.509 verify operations - */ -typedef struct -{ - /* for check_signature() */ - mbedtls_pk_restart_ctx pk; - - /* for find_parent_in() */ - mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */ - mbedtls_x509_crt *fallback_parent; - int fallback_signature_is_good; - - /* for find_parent() */ - int parent_is_trusted; /* -1 if find_parent is not in progress */ - - /* for verify_chain() */ - enum { - x509_crt_rs_none, - x509_crt_rs_find_parent, - } in_progress; /* none if no operation is in progress */ - int self_cnt; - mbedtls_x509_crt_verify_chain ver_chain; - -} mbedtls_x509_crt_restart_ctx; - -#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - -/* Now we can declare functions that take a pointer to that */ -typedef void mbedtls_x509_crt_restart_ctx; - -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/** - * Default security profile. Should provide a good balance between security - * and compatibility with current deployments. - */ -extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default; - -/** - * Expected next default profile. Recommended for new deployments. - * Currently targets a 128-bit security level, except for RSA-2048. - */ -extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next; - -/** - * NSA Suite B profile. - */ -extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; - -/** - * \brief Parse a single DER formatted certificate and add it - * to the end of the provided chained list. - * - * \param chain The pointer to the start of the CRT chain to attach to. - * When parsing the first CRT in a chain, this should point - * to an instance of ::mbedtls_x509_crt initialized through - * mbedtls_x509_crt_init(). - * \param buf The buffer holding the DER encoded certificate. - * \param buflen The size in Bytes of \p buf. - * - * \note This function makes an internal copy of the CRT buffer - * \p buf. In particular, \p buf may be destroyed or reused - * after this call returns. To avoid duplicating the CRT - * buffer (at the cost of stricter lifetime constraints), - * use mbedtls_x509_crt_parse_der_nocopy() instead. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ); - -/** - * \brief Parse a single DER formatted certificate and add it - * to the end of the provided chained list. This is a - * variant of mbedtls_x509_crt_parse_der() which takes - * temporary ownership of the CRT buffer until the CRT - * is destroyed. - * - * \param chain The pointer to the start of the CRT chain to attach to. - * When parsing the first CRT in a chain, this should point - * to an instance of ::mbedtls_x509_crt initialized through - * mbedtls_x509_crt_init(). - * \param buf The address of the readable buffer holding the DER encoded - * certificate to use. On success, this buffer must be - * retained and not be changed for the liftetime of the - * CRT chain \p chain, that is, until \p chain is destroyed - * through a call to mbedtls_x509_crt_free(). - * \param buflen The size in Bytes of \p buf. - * - * \note This call is functionally equivalent to - * mbedtls_x509_crt_parse_der(), but it avoids creating a - * copy of the input buffer at the cost of stronger lifetime - * constraints. This is useful in constrained environments - * where duplication of the CRT cannot be tolerated. - * - * \return \c 0 if successful. - * \return A negative error code on failure. - */ -int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ); - -/** - * \brief Parse one DER-encoded or one or more concatenated PEM-encoded - * certificates and add them to the chained list. - * - * For CRTs in PEM encoding, the function parses permissively: - * if at least one certificate can be parsed, the function - * returns the number of certificates for which parsing failed - * (hence \c 0 if all certificates were parsed successfully). - * If no certificate could be parsed, the function returns - * the first (negative) error encountered during parsing. - * - * PEM encoded certificates may be interleaved by other data - * such as human readable descriptions of their content, as - * long as the certificates are enclosed in the PEM specific - * '-----{BEGIN/END} CERTIFICATE-----' delimiters. - * - * \param chain The chain to which to add the parsed certificates. - * \param buf The buffer holding the certificate data in PEM or DER format. - * For certificates in PEM encoding, this may be a concatenation - * of multiple certificates; for DER encoding, the buffer must - * comprise exactly one certificate. - * \param buflen The size of \p buf, including the terminating \c NULL byte - * in case of PEM encoded data. - * - * \return \c 0 if all certificates were parsed successfully. - * \return The (positive) number of certificates that couldn't - * be parsed if parsing was partly successful (see above). - * \return A negative X509 or PEM error code otherwise. - * - */ -int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); - -#if defined(MBEDTLS_FS_IO) -/** - * \brief Load one or more certificates and add them - * to the chained list. Parses permissively. If some - * certificates can be parsed, the result is the number - * of failed certificates it encountered. If none complete - * correctly, the first error is returned. - * - * \param chain points to the start of the chain - * \param path filename to read the certificates from - * - * \return 0 if all certificates parsed successfully, a positive number - * if partly successful or a specific X509 or PEM error code - */ -int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); - -/** - * \brief Load one or more certificate files from a path and add them - * to the chained list. Parses permissively. If some - * certificates can be parsed, the result is the number - * of failed certificates it encountered. If none complete - * correctly, the first error is returned. - * - * \param chain points to the start of the chain - * \param path directory / folder to read the certificate files from - * - * \return 0 if all certificates parsed successfully, a positive number - * if partly successful or a specific X509 or PEM error code - */ -int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); -#endif /* MBEDTLS_FS_IO */ - -/** - * \brief Returns an informational string about the - * certificate. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param prefix A line prefix - * \param crt The X509 certificate to represent - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crt *crt ); - -/** - * \brief Returns an informational string about the - * verification status of a certificate. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param prefix A line prefix - * \param flags Verification flags created by mbedtls_x509_crt_verify() - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ); - -/** - * \brief Verify a chain of certificates. - * - * The verify callback is a user-supplied callback that - * can clear / modify / add flags for a certificate. If set, - * the verification callback is called for each - * certificate in the chain (from the trust-ca down to the - * presented crt). The parameters for the callback are: - * (void *parameter, mbedtls_x509_crt *crt, int certificate_depth, - * int *flags). With the flags representing current flags for - * that specific certificate and the certificate depth from - * the bottom (Peer cert depth = 0). - * - * All flags left after returning from the callback - * are also returned to the application. The function should - * return 0 for anything (including invalid certificates) - * other than fatal error, as a non-zero return code - * immediately aborts the verification process. For fatal - * errors, a specific error code should be used (different - * from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not - * be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR - * can be used if no better code is available. - * - * \note In case verification failed, the results can be displayed - * using \c mbedtls_x509_crt_verify_info() - * - * \note Same as \c mbedtls_x509_crt_verify_with_profile() with the - * default security profile. - * - * \note It is your responsibility to provide up-to-date CRLs for - * all trusted CAs. If no CRL is provided for the CA that was - * used to sign the certificate, CRL verification is skipped - * silently, that is *without* setting any flag. - * - * \note The \c trust_ca list can contain two types of certificates: - * (1) those of trusted root CAs, so that certificates - * chaining up to those CAs will be trusted, and (2) - * self-signed end-entity certificates to be trusted (for - * specific peers you know) - in that case, the self-signed - * certificate doesn't need to have the CA bit set. - * - * \param crt The certificate chain to be verified. - * \param trust_ca The list of trusted CAs. - * \param ca_crl The list of CRLs for trusted CAs. - * \param cn The expected Common Name. This may be \c NULL if the - * CN need not be verified. - * \param flags The address at which to store the result of the verification. - * If the verification couldn't be completed, the flag value is - * set to (uint32_t) -1. - * \param f_vrfy The verification callback to use. See the documentation - * of mbedtls_x509_crt_verify() for more information. - * \param p_vrfy The context to be passed to \p f_vrfy. - * - * \return \c 0 if the chain is valid with respect to the - * passed CN, CAs, CRLs and security profile. - * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the - * certificate chain verification failed. In this case, - * \c *flags will have one or more - * \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX - * flags set. - * \return Another negative error code in case of a fatal error - * encountered during the verification process. - */ -int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); - -/** - * \brief Verify a chain of certificates with respect to - * a configurable security profile. - * - * \note Same as \c mbedtls_x509_crt_verify(), but with explicit - * security profile. - * - * \note The restrictions on keys (RSA minimum size, allowed curves - * for ECDSA) apply to all certificates: trusted root, - * intermediate CAs if any, and end entity certificate. - * - * \param crt The certificate chain to be verified. - * \param trust_ca The list of trusted CAs. - * \param ca_crl The list of CRLs for trusted CAs. - * \param profile The security profile to use for the verification. - * \param cn The expected Common Name. This may be \c NULL if the - * CN need not be verified. - * \param flags The address at which to store the result of the verification. - * If the verification couldn't be completed, the flag value is - * set to (uint32_t) -1. - * \param f_vrfy The verification callback to use. See the documentation - * of mbedtls_x509_crt_verify() for more information. - * \param p_vrfy The context to be passed to \p f_vrfy. - * - * \return \c 0 if the chain is valid with respect to the - * passed CN, CAs, CRLs and security profile. - * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the - * certificate chain verification failed. In this case, - * \c *flags will have one or more - * \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX - * flags set. - * \return Another negative error code in case of a fatal error - * encountered during the verification process. - */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); - -/** - * \brief Restartable version of \c mbedtls_crt_verify_with_profile() - * - * \note Performs the same job as \c mbedtls_crt_verify_with_profile() - * but can return early and restart according to the limit - * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. - * - * \param crt The certificate chain to be verified. - * \param trust_ca The list of trusted CAs. - * \param ca_crl The list of CRLs for trusted CAs. - * \param profile The security profile to use for the verification. - * \param cn The expected Common Name. This may be \c NULL if the - * CN need not be verified. - * \param flags The address at which to store the result of the verification. - * If the verification couldn't be completed, the flag value is - * set to (uint32_t) -1. - * \param f_vrfy The verification callback to use. See the documentation - * of mbedtls_x509_crt_verify() for more information. - * \param p_vrfy The context to be passed to \p f_vrfy. - * \param rs_ctx The restart context to use. This may be set to \c NULL - * to disable restartable ECC. - * - * \return See \c mbedtls_crt_verify_with_profile(), or - * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of - * operations was reached: see \c mbedtls_ecp_set_max_ops(). - */ -int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ); - -/** - * \brief The type of trusted certificate callbacks. - * - * Callbacks of this type are passed to and used by the CRT - * verification routine mbedtls_x509_crt_verify_with_ca_cb() - * when looking for trusted signers of a given certificate. - * - * On success, the callback returns a list of trusted - * certificates to be considered as potential signers - * for the input certificate. - * - * \param p_ctx An opaque context passed to the callback. - * \param child The certificate for which to search a potential signer. - * This will point to a readable certificate. - * \param candidate_cas The address at which to store the address of the first - * entry in the generated linked list of candidate signers. - * This will not be \c NULL. - * - * \note The callback must only return a non-zero value on a - * fatal error. If, in contrast, the search for a potential - * signer completes without a single candidate, the - * callback must return \c 0 and set \c *candidate_cas - * to \c NULL. - * - * \return \c 0 on success. In this case, \c *candidate_cas points - * to a heap-allocated linked list of instances of - * ::mbedtls_x509_crt, and ownership of this list is passed - * to the caller. - * \return A negative error code on failure. - */ -typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, - mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidate_cas ); - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -/** - * \brief Version of \c mbedtls_x509_crt_verify_with_profile() which - * uses a callback to acquire the list of trusted CA - * certificates. - * - * \param crt The certificate chain to be verified. - * \param f_ca_cb The callback to be used to query for potential signers - * of a given child certificate. See the documentation of - * ::mbedtls_x509_crt_ca_cb_t for more information. - * \param p_ca_cb The opaque context to be passed to \p f_ca_cb. - * \param profile The security profile for the verification. - * \param cn The expected Common Name. This may be \c NULL if the - * CN need not be verified. - * \param flags The address at which to store the result of the verification. - * If the verification couldn't be completed, the flag value is - * set to (uint32_t) -1. - * \param f_vrfy The verification callback to use. See the documentation - * of mbedtls_x509_crt_verify() for more information. - * \param p_vrfy The context to be passed to \p f_vrfy. - * - * \return See \c mbedtls_crt_verify_with_profile(). - */ -int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); - -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) -/** - * \brief Check usage of certificate against keyUsage extension. - * - * \param crt Leaf certificate used. - * \param usage Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT - * before using the certificate to perform an RSA key - * exchange). - * - * \note Except for decipherOnly and encipherOnly, a bit set in the - * usage argument means this bit MUST be set in the - * certificate. For decipherOnly and encipherOnly, it means - * that bit MAY be set. - * - * \return 0 is these uses of the certificate are allowed, - * MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension - * is present but does not match the usage argument. - * - * \note You should only call this function on leaf certificates, on - * (intermediate) CAs the keyUsage extension is automatically - * checked by \c mbedtls_x509_crt_verify(). - */ -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ); -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ - -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) -/** - * \brief Check usage of certificate against extendedKeyUsage. - * - * \param crt Leaf certificate used. - * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or - * MBEDTLS_OID_CLIENT_AUTH). - * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()). - * - * \return 0 if this use of the certificate is allowed, - * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not. - * - * \note Usually only makes sense on leaf certificates. - */ -int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, - const char *usage_oid, - size_t usage_len ); -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - -#if defined(MBEDTLS_X509_CRL_PARSE_C) -/** - * \brief Verify the certificate revocation status - * - * \param crt a certificate to be verified - * \param crl the CRL to verify against - * - * \return 1 if the certificate is revoked, 0 otherwise - * - */ -int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); -#endif /* MBEDTLS_X509_CRL_PARSE_C */ - -/** - * \brief Initialize a certificate (chain) - * - * \param crt Certificate chain to initialize - */ -void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); - -/** - * \brief Unallocate all certificate data - * - * \param crt Certificate chain to free - */ -void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) -/** - * \brief Initialize a restart context - */ -void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); - -/** - * \brief Free the components of a restart context - */ -void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/* \} name */ -/* \} addtogroup x509_module */ - -#if defined(MBEDTLS_X509_CRT_WRITE_C) -/** - * \brief Initialize a CRT writing context - * - * \param ctx CRT context to initialize - */ -void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); - -/** - * \brief Set the verion for a Certificate - * Default: MBEDTLS_X509_CRT_VERSION_3 - * - * \param ctx CRT context to use - * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or - * MBEDTLS_X509_CRT_VERSION_3) - */ -void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); - -/** - * \brief Set the serial number for a Certificate. - * - * \param ctx CRT context to use - * \param serial serial number to set - * - * \return 0 if successful - */ -int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); - -/** - * \brief Set the validity period for a Certificate - * Timestamps should be in string format for UTC timezone - * i.e. "YYYYMMDDhhmmss" - * e.g. "20131231235959" for December 31st 2013 - * at 23:59:59 - * - * \param ctx CRT context to use - * \param not_before not_before timestamp - * \param not_after not_after timestamp - * - * \return 0 if timestamp was parsed successfully, or - * a specific error code - */ -int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, - const char *not_after ); - -/** - * \brief Set the issuer name for a Certificate - * Issuer names should contain a comma-separated list - * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS CA" - * - * \param ctx CRT context to use - * \param issuer_name issuer name to set - * - * \return 0 if issuer name was parsed successfully, or - * a specific error code - */ -int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, - const char *issuer_name ); - -/** - * \brief Set the subject name for a Certificate - * Subject names should contain a comma-separated list - * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" - * - * \param ctx CRT context to use - * \param subject_name subject name to set - * - * \return 0 if subject name was parsed successfully, or - * a specific error code - */ -int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, - const char *subject_name ); - -/** - * \brief Set the subject public key for the certificate - * - * \param ctx CRT context to use - * \param key public key to include - */ -void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); - -/** - * \brief Set the issuer key used for signing the certificate - * - * \param ctx CRT context to use - * \param key private key to sign with - */ -void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); - -/** - * \brief Set the MD algorithm to use for the signature - * (e.g. MBEDTLS_MD_SHA1) - * - * \param ctx CRT context to use - * \param md_alg MD algorithm to use - */ -void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); - -/** - * \brief Generic function to add to or replace an extension in the - * CRT - * - * \param ctx CRT context to use - * \param oid OID of the extension - * \param oid_len length of the OID - * \param critical if the extension is critical (per the RFC's definition) - * \param val value of the extension OCTET STRING - * \param val_len length of the value data - * - * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, - const char *oid, size_t oid_len, - int critical, - const unsigned char *val, size_t val_len ); - -/** - * \brief Set the basicConstraints extension for a CRT - * - * \param ctx CRT context to use - * \param is_ca is this a CA certificate - * \param max_pathlen maximum length of certificate chains below this - * certificate (only for CA certificates, -1 is - * inlimited) - * - * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, - int is_ca, int max_pathlen ); - -#if defined(MBEDTLS_SHA1_C) -/** - * \brief Set the subjectKeyIdentifier extension for a CRT - * Requires that mbedtls_x509write_crt_set_subject_key() has been - * called before - * - * \param ctx CRT context to use - * - * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); - -/** - * \brief Set the authorityKeyIdentifier extension for a CRT - * Requires that mbedtls_x509write_crt_set_issuer_key() has been - * called before - * - * \param ctx CRT context to use - * - * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); -#endif /* MBEDTLS_SHA1_C */ - -/** - * \brief Set the Key Usage Extension flags - * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) - * - * \param ctx CRT context to use - * \param key_usage key usage flags to set - * - * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, - unsigned int key_usage ); - -/** - * \brief Set the Netscape Cert Type flags - * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) - * - * \param ctx CRT context to use - * \param ns_cert_type Netscape Cert Type flags to set - * - * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, - unsigned char ns_cert_type ); - -/** - * \brief Free the contents of a CRT write context - * - * \param ctx CRT context to free - */ -void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); - -/** - * \brief Write a built up certificate to a X509 DER structure - * Note: data is written at the end of the buffer! Use the - * return value to determine where you should start - * using the buffer - * - * \param ctx certificate to write away - * \param buf buffer to write to - * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) - * \param p_rng RNG parameter - * - * \return length of data written if successful, or a specific - * error code - * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. - */ -int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -#if defined(MBEDTLS_PEM_WRITE_C) -/** - * \brief Write a built up certificate to a X509 PEM string - * - * \param ctx certificate to write away - * \param buf buffer to write to - * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) - * \param p_rng RNG parameter - * - * \return 0 if successful, or a specific error code - * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. - */ -int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); -#endif /* MBEDTLS_PEM_WRITE_C */ -#endif /* MBEDTLS_X509_CRT_WRITE_C */ - -#ifdef __cplusplus -} -#endif - -#endif /* mbedtls_x509_crt.h */ diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h deleted file mode 100644 index a3c28048e..000000000 --- a/include/mbedtls/x509_csr.h +++ /dev/null @@ -1,307 +0,0 @@ -/** - * \file x509_csr.h - * - * \brief X.509 certificate signing request parsing and writing - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_X509_CSR_H -#define MBEDTLS_X509_CSR_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "x509.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \addtogroup x509_module - * \{ */ - -/** - * \name Structures and functions for X.509 Certificate Signing Requests (CSR) - * \{ - */ - -/** - * Certificate Signing Request (CSR) structure. - */ -typedef struct mbedtls_x509_csr -{ - mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ - mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ - - int version; /**< CSR version (1=v1). */ - - mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). */ - mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ - - mbedtls_pk_context pk; /**< Container for the public key context. */ - - mbedtls_x509_buf sig_oid; - mbedtls_x509_buf sig; - mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ - mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ -} -mbedtls_x509_csr; - -/** - * Container for writing a CSR - */ -typedef struct mbedtls_x509write_csr -{ - mbedtls_pk_context *key; - mbedtls_asn1_named_data *subject; - mbedtls_md_type_t md_alg; - mbedtls_asn1_named_data *extensions; -} -mbedtls_x509write_csr; - -#if defined(MBEDTLS_X509_CSR_PARSE_C) -/** - * \brief Load a Certificate Signing Request (CSR) in DER format - * - * \note CSR attributes (if any) are currently silently ignored. - * - * \param csr CSR context to fill - * \param buf buffer holding the CRL data - * \param buflen size of the buffer - * - * \return 0 if successful, or a specific X509 error code - */ -int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen ); - -/** - * \brief Load a Certificate Signing Request (CSR), DER or PEM format - * - * \note See notes for \c mbedtls_x509_csr_parse_der() - * - * \param csr CSR context to fill - * \param buf buffer holding the CRL data - * \param buflen size of the buffer - * (including the terminating null byte for PEM data) - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); - -#if defined(MBEDTLS_FS_IO) -/** - * \brief Load a Certificate Signing Request (CSR) - * - * \note See notes for \c mbedtls_x509_csr_parse() - * - * \param csr CSR context to fill - * \param path filename to read the CSR from - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); -#endif /* MBEDTLS_FS_IO */ - -/** - * \brief Returns an informational string about the - * CSR. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param prefix A line prefix - * \param csr The X509 CSR to represent - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_csr *csr ); - -/** - * \brief Initialize a CSR - * - * \param csr CSR to initialize - */ -void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); - -/** - * \brief Unallocate all CSR data - * - * \param csr CSR to free - */ -void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - -/* \} name */ -/* \} addtogroup x509_module */ - -#if defined(MBEDTLS_X509_CSR_WRITE_C) -/** - * \brief Initialize a CSR context - * - * \param ctx CSR context to initialize - */ -void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); - -/** - * \brief Set the subject name for a CSR - * Subject names should contain a comma-separated list - * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" - * - * \param ctx CSR context to use - * \param subject_name subject name to set - * - * \return 0 if subject name was parsed successfully, or - * a specific error code - */ -int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, - const char *subject_name ); - -/** - * \brief Set the key for a CSR (public key will be included, - * private key used to sign the CSR when writing it) - * - * \param ctx CSR context to use - * \param key Asymetric key to include - */ -void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); - -/** - * \brief Set the MD algorithm to use for the signature - * (e.g. MBEDTLS_MD_SHA1) - * - * \param ctx CSR context to use - * \param md_alg MD algorithm to use - */ -void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); - -/** - * \brief Set the Key Usage Extension flags - * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) - * - * \param ctx CSR context to use - * \param key_usage key usage flags to set - * - * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED - * - * \note The decipherOnly flag from the Key Usage - * extension is represented by bit 8 (i.e. - * 0x8000), which cannot typically be represented - * in an unsigned char. Therefore, the flag - * decipherOnly (i.e. - * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this - * function. - */ -int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); - -/** - * \brief Set the Netscape Cert Type flags - * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) - * - * \param ctx CSR context to use - * \param ns_cert_type Netscape Cert Type flags to set - * - * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, - unsigned char ns_cert_type ); - -/** - * \brief Generic function to add to or replace an extension in the - * CSR - * - * \param ctx CSR context to use - * \param oid OID of the extension - * \param oid_len length of the OID - * \param val value of the extension OCTET STRING - * \param val_len length of the value data - * - * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED - */ -int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len, - const unsigned char *val, size_t val_len ); - -/** - * \brief Free the contents of a CSR context - * - * \param ctx CSR context to free - */ -void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); - -/** - * \brief Write a CSR (Certificate Signing Request) to a - * DER structure - * Note: data is written at the end of the buffer! Use the - * return value to determine where you should start - * using the buffer - * - * \param ctx CSR to write away - * \param buf buffer to write to - * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) - * \param p_rng RNG parameter - * - * \return length of data written if successful, or a specific - * error code - * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. - */ -int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -#if defined(MBEDTLS_PEM_WRITE_C) -/** - * \brief Write a CSR (Certificate Signing Request) to a - * PEM string - * - * \param ctx CSR to write away - * \param buf buffer to write to - * \param size size of the buffer - * \param f_rng RNG function (for signature, see note) - * \param p_rng RNG parameter - * - * \return 0 if successful, or a specific error code - * - * \note f_rng may be NULL if RSA is used for signature and the - * signature is made offline (otherwise f_rng is desirable - * for countermeasures against timing attacks). - * ECDSA signatures always require a non-NULL f_rng. - */ -int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); -#endif /* MBEDTLS_PEM_WRITE_C */ -#endif /* MBEDTLS_X509_CSR_WRITE_C */ - -#ifdef __cplusplus -} -#endif - -#endif /* mbedtls_x509_csr.h */ diff --git a/library/certs.c b/library/certs.c deleted file mode 100644 index b54ff611f..000000000 --- a/library/certs.c +++ /dev/null @@ -1,436 +0,0 @@ -/* - * X.509 test certificates - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "mbedtls/certs.h" - -#if defined(MBEDTLS_CERTS_C) - -#if defined(MBEDTLS_ECDSA_C) -#define TEST_CA_CRT_EC \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \ -"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n" \ -"QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT\r\n" \ -"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n" \ -"QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu\r\n" \ -"ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy\r\n" \ -"aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g\r\n" \ -"JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7\r\n" \ -"NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE\r\n" \ -"AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w\r\n" \ -"CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56\r\n" \ -"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \ -"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \ -"-----END CERTIFICATE-----\r\n" -const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC; -const size_t mbedtls_test_ca_crt_ec_len = sizeof( mbedtls_test_ca_crt_ec ); - -const char mbedtls_test_ca_key_ec[] = -"-----BEGIN EC PRIVATE KEY-----\r\n" -"Proc-Type: 4,ENCRYPTED\r\n" -"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" -"\r\n" -"IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" -"ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" -"UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" -"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" -"-----END EC PRIVATE KEY-----\r\n"; -const size_t mbedtls_test_ca_key_ec_len = sizeof( mbedtls_test_ca_key_ec ); - -const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest"; -const size_t mbedtls_test_ca_pwd_ec_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1; - -const char mbedtls_test_srv_crt_ec[] = -"-----BEGIN CERTIFICATE-----\r\n" -"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" -"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" -"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" -"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" -"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" -"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" -"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" -"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" -"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" -"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" -"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" -"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" -"-----END CERTIFICATE-----\r\n"; -const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec ); - -const char mbedtls_test_srv_key_ec[] = -"-----BEGIN EC PRIVATE KEY-----\r\n" -"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" -"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" -"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" -"-----END EC PRIVATE KEY-----\r\n"; -const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec ); - -const char mbedtls_test_cli_crt_ec[] = -"-----BEGIN CERTIFICATE-----\r\n" -"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" -"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" -"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G\r\n" -"A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw\r\n" -"WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT\r\n" -"9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa\r\n" -"MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud\r\n" -"IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER\r\n" -"MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC\r\n" -"CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM\r\n" -"lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU\r\n" -"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n" -"-----END CERTIFICATE-----\r\n"; -const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec ); - -const char mbedtls_test_cli_key_ec[] = -"-----BEGIN EC PRIVATE KEY-----\r\n" -"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" -"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" -"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" -"-----END EC PRIVATE KEY-----\r\n"; -const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec ); -#endif /* MBEDTLS_ECDSA_C */ - -#if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_SHA256_C) -#define TEST_CA_CRT_RSA_SHA256 \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ -"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ -"MTcwNTA0MTY1NzAxWhcNMjcwNTA1MTY1NzAxWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ -"A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ -"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ -"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ -"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ -"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ -"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ -"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ -"gZUwgZIwHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/MGMGA1UdIwRcMFqA\r\n" \ -"FLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE\r\n" \ -"CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T\r\n" \ -"BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHK/HHrTZMnnVMpde1io+voAtql7j\r\n" \ -"4sRhLrjD7o3THtwRbDa2diCvpq0Sq23Ng2LMYoXsOxoL/RQK3iN7UKxV3MKPEr0w\r\n" \ -"XQS+kKQqiT2bsfrjnWMVHZtUOMpm6FNqcdGm/Rss3vKda2lcKl8kUnq/ylc1+QbB\r\n" \ -"G6A6tUvQcr2ZyWfVg+mM5XkhTrOOXus2OLikb4WwEtJTJRNE0f+yPODSUz0/vT57\r\n" \ -"ApH0CnB80bYJshYHPHHymOtleAB8KSYtqm75g/YNobjnjB6cm4HkW3OZRVIl6fYY\r\n" \ -"n20NRVA1Vjs6GAROr4NqW4k/+LofY9y0LLDE+p0oIEKXIsIvhPr39swxSA==\r\n" \ -"-----END CERTIFICATE-----\r\n" - -static const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256; -const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA_SHA256; -const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa ); -#define TEST_CA_CRT_RSA_SOME -#endif /* MBEDTLS_SHA256_C */ - -#if !defined(TEST_CA_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C) -#define TEST_CA_CRT_RSA_SHA1 \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ -"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ -"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ -"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ -"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ -"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ -"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ -"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ -"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ -"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ -"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n" \ -"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n" \ -"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n" \ -"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n" \ -"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n" \ -"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n" \ -"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n" \ -"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \ -"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \ -"-----END CERTIFICATE-----\r\n" - -static const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1; - -#if !defined (TEST_CA_CRT_RSA_SOME) -const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA_SHA1; -const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa ); -#endif /* !TEST_CA_CRT_RSA_SOME */ -#endif /* !TEST_CA_CRT_RSA_COME || MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) -/* tests/data_files/server2-sha256.crt */ -#define TEST_SRV_CRT_RSA_SHA256 \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ -"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ -"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ -"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ -"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ -"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ -"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ -"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ -"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ -"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ -"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ -"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAGGEshT5\r\n" \ -"kvnRmLVScVeUEdwIrvW7ezbGbUvJ8VxeJ79/HSjlLiGbMc4uUathwtzEdi9R/4C5\r\n" \ -"DXBNeEPTkbB+fhG1W06iHYj/Dp8+aaG7fuDxKVKHVZSqBnmQLn73ymyclZNHii5A\r\n" \ -"3nTS8WUaHAzxN/rajOtoM7aH1P9tULpHrl+7HOeLMpxUnwI12ZqZaLIzxbcdJVcr\r\n" \ -"ra2F00aXCGkYVLvyvbZIq7LC+yVysej5gCeQYD7VFOEks0jhFjrS06gP0/XnWv6v\r\n" \ -"eBoPez9d+CCjkrhseiWzXOiriIMICX48EloO/DrsMRAtvlwq7EDz4QhILz6ffndm\r\n" \ -"e4K1cVANRPN2o9Y=\r\n" \ -"-----END CERTIFICATE-----\r\n" - -const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA_SHA256; -const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa ); -#define TEST_SRV_CRT_RSA_SOME -#endif /* MBEDTLS_SHA256_C */ - -#if !defined(TEST_SRV_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C) -/* tests/data_files/server2.crt */ -#define TEST_SRV_CRT_RSA_SHA1 \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ -"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ -"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ -"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ -"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ -"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ -"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ -"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ -"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ -"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ -"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ -"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF\r\n" \ -"y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF\r\n" \ -"kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd\r\n" \ -"dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu\r\n" \ -"UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1\r\n" \ -"fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r\r\n" \ -"4mN4lW7gLdenN6g=\r\n" \ -"-----END CERTIFICATE-----\r\n"; - -#if !defined(TEST_SRV_CRT_RSA_SOME) -const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA_SHA1; -const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa ); -#endif /* TEST_SRV_CRT_RSA_SOME */ -#endif /* !TEST_CA_CRT_RSA_SOME || MBEDTLS_SHA1_C */ - -const char mbedtls_test_ca_key_rsa[] = -"-----BEGIN RSA PRIVATE KEY-----\r\n" -"Proc-Type: 4,ENCRYPTED\r\n" -"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" -"\r\n" -"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" -"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" -"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" -"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" -"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" -"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" -"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" -"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" -"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" -"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" -"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" -"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" -"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" -"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" -"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" -"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" -"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" -"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" -"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" -"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" -"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" -"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" -"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" -"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" -"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" -"-----END RSA PRIVATE KEY-----\r\n"; -const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa ); - -const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest"; -const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; - -const char mbedtls_test_srv_key_rsa[] = -"-----BEGIN RSA PRIVATE KEY-----\r\n" -"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" -"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" -"2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" -"Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" -"GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" -"y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" -"++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" -"Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" -"/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" -"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" -"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" -"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" -"CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" -"nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" -"AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" -"sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" -"mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" -"BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" -"whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" -"vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" -"3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" -"3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" -"ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" -"4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" -"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" -"-----END RSA PRIVATE KEY-----\r\n"; -const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa ); - -/* tests/data_files/cli-rsa-sha256.crt */ -const char mbedtls_test_cli_crt_rsa[] = -"-----BEGIN CERTIFICATE-----\r\n" -"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" -"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" -"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" -"A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" -"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" -"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" -"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" -"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" -"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" -"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" -"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" -"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" -"AQEAlHabem2Tu69VUN7EipwnQn1dIHdgvT5i+iQHpSxY1crPnBbAeSdAXwsVEqLQ\r\n" -"gOOIAQD5VIITNuoGgo4i+4OpNh9u7ZkpRHla+/swsfrFWRRbBNP5Bcu74AGLstwU\r\n" -"zM8gIkBiyfM1Q1qDQISV9trlCG6O8vh8dp/rbI3rfzo99BOHXgFCrzXjCuW4vDsF\r\n" -"r+Dao26bX3sJ6UnEWg1H3o2x6PpUcvQ36h71/bz4TEbbUUEpe02V4QWuL+wrhHJL\r\n" -"U7o3SVE3Og7jPF8sat0a50YUWhwEFI256m02KAXLg89ueUyYKEr6rNwhcvXJpvU9\r\n" -"giIVvd0Sbjjnn7NC4VDbcXV8vw==\r\n" -"-----END CERTIFICATE-----\r\n"; -const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa ); - -/* tests/data_files/cli-rsa.key */ -const char mbedtls_test_cli_key_rsa[] = -"-----BEGIN RSA PRIVATE KEY-----\r\n" -"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" -"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" -"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" -"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" -"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" -"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" -"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" -"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" -"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" -"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" -"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" -"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" -"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" -"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" -"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" -"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" -"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" -"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" -"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" -"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" -"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" -"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" -"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" -"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" -"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" -"-----END RSA PRIVATE KEY-----\r\n"; -const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa ); -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_PEM_PARSE_C) -/* Concatenation of all available CA certificates */ -const char mbedtls_test_cas_pem[] = -#ifdef TEST_CA_CRT_RSA_SHA1 - TEST_CA_CRT_RSA_SHA1 -#endif -#ifdef TEST_CA_CRT_RSA_SHA256 - TEST_CA_CRT_RSA_SHA256 -#endif -#ifdef TEST_CA_CRT_EC - TEST_CA_CRT_EC -#endif - ""; -const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem ); -#endif - -/* List of all available CA certificates */ -const char * mbedtls_test_cas[] = { -#if defined(TEST_CA_CRT_RSA_SHA1) - mbedtls_test_ca_crt_rsa_sha1, -#endif -#if defined(TEST_CA_CRT_RSA_SHA256) - mbedtls_test_ca_crt_rsa_sha256, -#endif -#if defined(MBEDTLS_ECDSA_C) - mbedtls_test_ca_crt_ec, -#endif - NULL -}; -const size_t mbedtls_test_cas_len[] = { -#if defined(TEST_CA_CRT_RSA_SHA1) - sizeof( mbedtls_test_ca_crt_rsa_sha1 ), -#endif -#if defined(TEST_CA_CRT_RSA_SHA256) - sizeof( mbedtls_test_ca_crt_rsa_sha256 ), -#endif -#if defined(MBEDTLS_ECDSA_C) - sizeof( mbedtls_test_ca_crt_ec ), -#endif - 0 -}; - -#if defined(MBEDTLS_RSA_C) -const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_rsa; /* SHA1 or SHA256 */ -const char *mbedtls_test_ca_key = mbedtls_test_ca_key_rsa; -const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_rsa; -const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa; -const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa; -const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa; -const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa; -const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_rsa ); -const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_rsa ); -const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; -const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa ); -const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa ); -const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa ); -const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa ); -#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */ -const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_ec; -const char *mbedtls_test_ca_key = mbedtls_test_ca_key_ec; -const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_ec; -const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec; -const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec; -const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec; -const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec; -const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_ec ); -const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_ec ); -const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1; -const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec ); -const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec ); -const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec ); -const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec ); -#endif /* MBEDTLS_RSA_C */ - -#endif /* MBEDTLS_CERTS_C */ diff --git a/library/debug.c b/library/debug.c deleted file mode 100644 index 0c46c0690..000000000 --- a/library/debug.c +++ /dev/null @@ -1,438 +0,0 @@ -/* - * Debugging routines - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_DEBUG_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_time_t time_t -#define mbedtls_snprintf snprintf -#define mbedtls_vsnprintf vsnprintf -#endif - -#include "mbedtls/debug.h" - -#include -#include -#include - -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - -#define DEBUG_BUF_SIZE 512 - -static int debug_threshold = 0; - -void mbedtls_debug_set_threshold( int threshold ) -{ - debug_threshold = threshold; -} - -/* - * All calls to f_dbg must be made via this function - */ -static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *str ) -{ - /* - * If in a threaded environment, we need a thread identifier. - * Since there is no portable way to get one, use the address of the ssl - * context instead, as it shouldn't be shared between threads. - */ -#if defined(MBEDTLS_THREADING_C) - char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */ - mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str ); - ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr ); -#else - ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); -#endif -} - -void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ... ) -{ - va_list argp; - char str[DEBUG_BUF_SIZE]; - int ret; - - if( NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { - return; - } - - va_start( argp, format ); - ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp ); - va_end( argp ); - - if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 ) - { - str[ret] = '\n'; - str[ret + 1] = '\0'; - } - - debug_send_line( ssl, level, file, line, str ); -} - -void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ) -{ - char str[DEBUG_BUF_SIZE]; - - if( NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { - return; - } - - /* - * With non-blocking I/O and examples that just retry immediately, - * the logs would be quickly flooded with WANT_READ, so ignore that. - * Don't ignore WANT_WRITE however, since is is usually rare. - */ - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) - return; - - mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n", - text, ret, -ret ); - - debug_send_line( ssl, level, file, line, str ); -} - -void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len ) -{ - char str[DEBUG_BUF_SIZE]; - char txt[17]; - size_t i, idx = 0; - - if( NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { - return; - } - - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n", - text, (unsigned int) len ); - - debug_send_line( ssl, level, file, line, str ); - - idx = 0; - memset( txt, 0, sizeof( txt ) ); - for( i = 0; i < len; i++ ) - { - if( i >= 4096 ) - break; - - if( i % 16 == 0 ) - { - if( i > 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); - debug_send_line( ssl, level, file, line, str ); - - idx = 0; - memset( txt, 0, sizeof( txt ) ); - } - - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ", - (unsigned int) i ); - - } - - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", - (unsigned int) buf[i] ); - txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; - } - - if( len > 0 ) - { - for( /* i = i */; i % 16 != 0; i++ ) - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " ); - - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); - debug_send_line( ssl, level, file, line, str ); - } -} - -#if defined(MBEDTLS_ECP_C) -void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X ) -{ - char str[DEBUG_BUF_SIZE]; - - if( NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { - return; - } - - mbedtls_snprintf( str, sizeof( str ), "%s(X)", text ); - mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X ); - - mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text ); - mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y ); -} -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_BIGNUM_C) -void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X ) -{ - char str[DEBUG_BUF_SIZE]; - int j, k, zeros = 1; - size_t i, n, idx = 0; - - if( NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - NULL == X || - level > debug_threshold ) - { - return; - } - - for( n = X->n - 1; n > 0; n-- ) - if( X->p[n] != 0 ) - break; - - for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- ) - if( ( ( X->p[n] >> j ) & 1 ) != 0 ) - break; - - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n", - text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) ); - - debug_send_line( ssl, level, file, line, str ); - - idx = 0; - for( i = n + 1, j = 0; i > 0; i-- ) - { - if( zeros && X->p[i - 1] == 0 ) - continue; - - for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- ) - { - if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 ) - continue; - else - zeros = 0; - - if( j % 16 == 0 ) - { - if( j > 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); - idx = 0; - } - } - - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int) - ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ); - - j++; - } - - } - - if( zeros == 1 ) - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" ); - - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); -} -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_pk_context *pk ) -{ - size_t i; - mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS]; - char name[16]; - - memset( items, 0, sizeof( items ) ); - - if( mbedtls_pk_debug( pk, items ) != 0 ) - { - debug_send_line( ssl, level, file, line, - "invalid PK context\n" ); - return; - } - - for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ ) - { - if( items[i].type == MBEDTLS_PK_DEBUG_NONE ) - return; - - mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); - name[sizeof( name ) - 1] = '\0'; - - if( items[i].type == MBEDTLS_PK_DEBUG_MPI ) - mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value ); - else -#if defined(MBEDTLS_ECP_C) - if( items[i].type == MBEDTLS_PK_DEBUG_ECP ) - mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value ); - else -#endif - debug_send_line( ssl, level, file, line, - "should not happen\n" ); - } -} - -static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text ) -{ - char str[DEBUG_BUF_SIZE]; - const char *start, *cur; - - start = text; - for( cur = text; *cur != '\0'; cur++ ) - { - if( *cur == '\n' ) - { - size_t len = cur - start + 1; - if( len > DEBUG_BUF_SIZE - 1 ) - len = DEBUG_BUF_SIZE - 1; - - memcpy( str, start, len ); - str[len] = '\0'; - - debug_send_line( ssl, level, file, line, str ); - - start = cur + 1; - } - } -} - -void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt ) -{ - char str[DEBUG_BUF_SIZE]; - int i = 0; - - if( NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - NULL == crt || - level > debug_threshold ) - { - return; - } - - while( crt != NULL ) - { - char buf[1024]; - - mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i ); - debug_send_line( ssl, level, file, line, str ); - - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - debug_print_line_by_line( ssl, level, file, line, buf ); - - debug_print_pk( ssl, level, file, line, "crt->", &crt->pk ); - - crt = crt->next; - } -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_ECDH_C) -static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, - int level, const char *file, - int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ) -{ -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - const mbedtls_ecdh_context* ctx = ecdh; -#else - const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh; -#endif - - switch( attr ) - { - case MBEDTLS_DEBUG_ECDH_Q: - mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q", - &ctx->Q ); - break; - case MBEDTLS_DEBUG_ECDH_QP: - mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp", - &ctx->Qp ); - break; - case MBEDTLS_DEBUG_ECDH_Z: - mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z", - &ctx->z ); - break; - default: - break; - } -} - -void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ) -{ -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr ); -#else - switch( ecdh->var ) - { - default: - mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, - attr ); - } -#endif -} -#endif /* MBEDTLS_ECDH_C */ - -#endif /* MBEDTLS_DEBUG_C */ diff --git a/library/error.c b/library/error.c index c596f0bcc..7d7155ba0 100644 --- a/library/error.c +++ b/library/error.c @@ -137,10 +137,6 @@ #include "mbedtls/md5.h" #endif -#if defined(MBEDTLS_NET_C) -#include "mbedtls/net_sockets.h" -#endif - #if defined(MBEDTLS_OID_C) #include "mbedtls/oid.h" #endif @@ -193,18 +189,10 @@ #include "mbedtls/sha512.h" #endif -#if defined(MBEDTLS_SSL_TLS_C) -#include "mbedtls/ssl.h" -#endif - #if defined(MBEDTLS_THREADING_C) #include "mbedtls/threading.h" #endif -#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) -#include "mbedtls/x509.h" -#endif - #if defined(MBEDTLS_XTEA_C) #include "mbedtls/xtea.h" #endif @@ -410,165 +398,6 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) ) mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" ); #endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_SSL_TLS_C) - if( use_ret == -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) ) - mbedtls_snprintf( buf, buflen, "SSL - The requested feature is not available" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA) ) - mbedtls_snprintf( buf, buflen, "SSL - Bad input parameters to function" ); - if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_MAC) ) - mbedtls_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_RECORD) ) - mbedtls_snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CONN_EOF) ) - mbedtls_snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); - if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER) ) - mbedtls_snprintf( buf, buflen, "SSL - An unknown cipher was received" ); - if( use_ret == -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN) ) - mbedtls_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); - if( use_ret == -(MBEDTLS_ERR_SSL_NO_RNG) ) - mbedtls_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" ); - if( use_ret == -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE) ) - mbedtls_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE) ) - mbedtls_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED) ) - mbedtls_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); - if( use_ret == -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) ) - mbedtls_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED) ) - mbedtls_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); - if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) ) - mbedtls_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); - if( use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE) ) - { - mbedtls_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); - return; - } - if( use_ret == -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED) ) - mbedtls_snprintf( buf, buflen, "SSL - Verification of our peer failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) ) - mbedtls_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_ALLOC_FAILED) ) - mbedtls_snprintf( buf, buflen, "SSL - Memory allocation failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED) ) - mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); - if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) ) - mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); - if( use_ret == -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) ) - mbedtls_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) ) - mbedtls_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" ); - if( use_ret == -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) ) - mbedtls_snprintf( buf, buflen, "SSL - Session ticket has expired" ); - if( use_ret == -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH) ) - mbedtls_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); - if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) ) - mbedtls_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" ); - if( use_ret == -(MBEDTLS_ERR_SSL_INTERNAL_ERROR) ) - mbedtls_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); - if( use_ret == -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING) ) - mbedtls_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" ); - if( use_ret == -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) ) - mbedtls_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); - if( use_ret == -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) ) - mbedtls_snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" ); - if( use_ret == -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) ) - mbedtls_snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" ); - if( use_ret == -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) ) - mbedtls_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); - if( use_ret == -(MBEDTLS_ERR_SSL_WANT_READ) ) - mbedtls_snprintf( buf, buflen, "SSL - No data of requested type currently available on underlying transport" ); - if( use_ret == -(MBEDTLS_ERR_SSL_WANT_WRITE) ) - mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" ); - if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) ) - mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT) ) - mbedtls_snprintf( buf, buflen, "SSL - The client initiated a reconnect from the same port" ); - if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) ) - mbedtls_snprintf( buf, buflen, "SSL - Record header looks valid but is not expected" ); - if( use_ret == -(MBEDTLS_ERR_SSL_NON_FATAL) ) - mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" ); - if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) ) - mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING) ) - mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that further message-processing should be done" ); - if( use_ret == -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) ) - mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" ); - if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) ) - mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" ); - if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) ) - mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" ); -#endif /* MBEDTLS_SSL_TLS_C */ - -#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) - if( use_ret == -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) ) - mbedtls_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); - if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_OID) ) - mbedtls_snprintf( buf, buflen, "X509 - Requested OID is unknown" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_FORMAT) ) - mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_VERSION) ) - mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SERIAL) ) - mbedtls_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_ALG) ) - mbedtls_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_NAME) ) - mbedtls_snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_DATE) ) - mbedtls_snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SIGNATURE) ) - mbedtls_snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS) ) - mbedtls_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_VERSION) ) - mbedtls_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" ); - if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG) ) - mbedtls_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); - if( use_ret == -(MBEDTLS_ERR_X509_SIG_MISMATCH) ) - mbedtls_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); - if( use_ret == -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) ) - mbedtls_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); - if( use_ret == -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT) ) - mbedtls_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); - if( use_ret == -(MBEDTLS_ERR_X509_BAD_INPUT_DATA) ) - mbedtls_snprintf( buf, buflen, "X509 - Input invalid" ); - if( use_ret == -(MBEDTLS_ERR_X509_ALLOC_FAILED) ) - mbedtls_snprintf( buf, buflen, "X509 - Allocation of memory failed" ); - if( use_ret == -(MBEDTLS_ERR_X509_FILE_IO_ERROR) ) - mbedtls_snprintf( buf, buflen, "X509 - Read/write of file failed" ); - if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) ) - mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" ); - if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) ) - mbedtls_snprintf( buf, buflen, "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" ); -#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ // END generated code if( strlen( buf ) == 0 ) @@ -790,35 +619,6 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" ); #endif /* MBEDTLS_MD5_C */ -#if defined(MBEDTLS_NET_C) - if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" ); - if( use_ret == -(MBEDTLS_ERR_NET_CONNECT_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); - if( use_ret == -(MBEDTLS_ERR_NET_BIND_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Binding of the socket failed" ); - if( use_ret == -(MBEDTLS_ERR_NET_LISTEN_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Could not listen on the socket" ); - if( use_ret == -(MBEDTLS_ERR_NET_ACCEPT_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); - if( use_ret == -(MBEDTLS_ERR_NET_RECV_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Reading information from the socket failed" ); - if( use_ret == -(MBEDTLS_ERR_NET_SEND_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Sending information through the socket failed" ); - if( use_ret == -(MBEDTLS_ERR_NET_CONN_RESET) ) - mbedtls_snprintf( buf, buflen, "NET - Connection was reset by peer" ); - if( use_ret == -(MBEDTLS_ERR_NET_UNKNOWN_HOST) ) - mbedtls_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); - if( use_ret == -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL) ) - mbedtls_snprintf( buf, buflen, "NET - Buffer is too small to hold the data" ); - if( use_ret == -(MBEDTLS_ERR_NET_INVALID_CONTEXT) ) - mbedtls_snprintf( buf, buflen, "NET - The context is invalid, eg because it was free()ed" ); - if( use_ret == -(MBEDTLS_ERR_NET_POLL_FAILED) ) - mbedtls_snprintf( buf, buflen, "NET - Polling the net context failed" ); - if( use_ret == -(MBEDTLS_ERR_NET_BAD_INPUT_DATA) ) - mbedtls_snprintf( buf, buflen, "NET - Input invalid" ); -#endif /* MBEDTLS_NET_C */ - #if defined(MBEDTLS_OID_C) if( use_ret == -(MBEDTLS_ERR_OID_NOT_FOUND) ) mbedtls_snprintf( buf, buflen, "OID - OID is not found" ); diff --git a/library/net_sockets.c b/library/net_sockets.c deleted file mode 100644 index 816b1303d..000000000 --- a/library/net_sockets.c +++ /dev/null @@ -1,668 +0,0 @@ -/* - * TCP/IP or UDP/IP networking functions - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/* Enable definition of getaddrinfo() even when compiling with -std=c99. Must - * be set before config.h, which pulls in glibc's features.h indirectly. - * Harmless on other platforms. */ -#define _POSIX_C_SOURCE 200112L - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_NET_C) - -#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ - !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ - !defined(__HAIKU__) -#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#endif - -#include "mbedtls/net_sockets.h" - -#include - -#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ - !defined(EFI32) - -#define IS_EINTR( ret ) ( ( ret ) == WSAEINTR ) - -#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0501) -#undef _WIN32_WINNT -/* Enables getaddrinfo() & Co */ -#define _WIN32_WINNT 0x0501 -#endif - -#include - -#include -#include - -#if defined(_MSC_VER) -#if defined(_WIN32_WCE) -#pragma comment( lib, "ws2.lib" ) -#else -#pragma comment( lib, "ws2_32.lib" ) -#endif -#endif /* _MSC_VER */ - -#define read(fd,buf,len) recv( fd, (char*)( buf ), (int)( len ), 0 ) -#define write(fd,buf,len) send( fd, (char*)( buf ), (int)( len ), 0 ) -#define close(fd) closesocket(fd) - -static int wsa_init_done = 0; - -#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define IS_EINTR( ret ) ( ( ret ) == EINTR ) - -#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ - -/* Some MS functions want int and MSVC warns if we pass size_t, - * but the standard functions use socklen_t, so cast only for MSVC */ -#if defined(_MSC_VER) -#define MSVC_INT_CAST (int) -#else -#define MSVC_INT_CAST -#endif - -#include - -#include - -#include - -/* - * Prepare for using the sockets interface - */ -static int net_prepare( void ) -{ -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - WSADATA wsaData; - - if( wsa_init_done == 0 ) - { - if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 ) - return( MBEDTLS_ERR_NET_SOCKET_FAILED ); - - wsa_init_done = 1; - } -#else -#if !defined(EFIX64) && !defined(EFI32) - signal( SIGPIPE, SIG_IGN ); -#endif -#endif - return( 0 ); -} - -/* - * Initialize a context - */ -void mbedtls_net_init( mbedtls_net_context *ctx ) -{ - ctx->fd = -1; -} - -/* - * Initiate a TCP connection with host:port and the given protocol - */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, - const char *port, int proto ) -{ - int ret; - struct addrinfo hints, *addr_list, *cur; - - if( ( ret = net_prepare() ) != 0 ) - return( ret ); - - /* Do name resolution with both IPv6 and IPv4 */ - memset( &hints, 0, sizeof( hints ) ); - hints.ai_family = AF_UNSPEC; - hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; - hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - - if( getaddrinfo( host, port, &hints, &addr_list ) != 0 ) - return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); - - /* Try the sockaddrs until a connection succeeds */ - ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; - for( cur = addr_list; cur != NULL; cur = cur->ai_next ) - { - ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, - cur->ai_protocol ); - if( ctx->fd < 0 ) - { - ret = MBEDTLS_ERR_NET_SOCKET_FAILED; - continue; - } - - if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 ) - { - ret = 0; - break; - } - - close( ctx->fd ); - ret = MBEDTLS_ERR_NET_CONNECT_FAILED; - } - - freeaddrinfo( addr_list ); - - return( ret ); -} - -/* - * Create a listening socket on bind_ip:port - */ -int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ) -{ - int n, ret; - struct addrinfo hints, *addr_list, *cur; - - if( ( ret = net_prepare() ) != 0 ) - return( ret ); - - /* Bind to IPv6 and/or IPv4, but only in the desired protocol */ - memset( &hints, 0, sizeof( hints ) ); - hints.ai_family = AF_UNSPEC; - hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; - hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - if( bind_ip == NULL ) - hints.ai_flags = AI_PASSIVE; - - if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 ) - return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); - - /* Try the sockaddrs until a binding succeeds */ - ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; - for( cur = addr_list; cur != NULL; cur = cur->ai_next ) - { - ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, - cur->ai_protocol ); - if( ctx->fd < 0 ) - { - ret = MBEDTLS_ERR_NET_SOCKET_FAILED; - continue; - } - - n = 1; - if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &n, sizeof( n ) ) != 0 ) - { - close( ctx->fd ); - ret = MBEDTLS_ERR_NET_SOCKET_FAILED; - continue; - } - - if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 ) - { - close( ctx->fd ); - ret = MBEDTLS_ERR_NET_BIND_FAILED; - continue; - } - - /* Listen only makes sense for TCP */ - if( proto == MBEDTLS_NET_PROTO_TCP ) - { - if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 ) - { - close( ctx->fd ); - ret = MBEDTLS_ERR_NET_LISTEN_FAILED; - continue; - } - } - - /* Bind was successful */ - ret = 0; - break; - } - - freeaddrinfo( addr_list ); - - return( ret ); - -} - -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) -/* - * Check if the requested operation would be blocking on a non-blocking socket - * and thus 'failed' with a negative return value. - */ -static int net_would_block( const mbedtls_net_context *ctx ) -{ - ((void) ctx); - return( WSAGetLastError() == WSAEWOULDBLOCK ); -} -#else -/* - * Check if the requested operation would be blocking on a non-blocking socket - * and thus 'failed' with a negative return value. - * - * Note: on a blocking socket this function always returns 0! - */ -static int net_would_block( const mbedtls_net_context *ctx ) -{ - int err = errno; - - /* - * Never return 'WOULD BLOCK' on a non-blocking socket - */ - if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK ) - { - errno = err; - return( 0 ); - } - - switch( errno = err ) - { -#if defined EAGAIN - case EAGAIN: -#endif -#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN - case EWOULDBLOCK: -#endif - return( 1 ); - } - return( 0 ); -} -#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ - -/* - * Accept a connection from a remote client - */ -int mbedtls_net_accept( mbedtls_net_context *bind_ctx, - mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len ) -{ - int ret; - int type; - - struct sockaddr_storage client_addr; - -#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ - defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t) - socklen_t n = (socklen_t) sizeof( client_addr ); - socklen_t type_len = (socklen_t) sizeof( type ); -#else - int n = (int) sizeof( client_addr ); - int type_len = (int) sizeof( type ); -#endif - - /* Is this a TCP or UDP socket? */ - if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE, - (void *) &type, &type_len ) != 0 || - ( type != SOCK_STREAM && type != SOCK_DGRAM ) ) - { - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); - } - - if( type == SOCK_STREAM ) - { - /* TCP: actual accept() */ - ret = client_ctx->fd = (int) accept( bind_ctx->fd, - (struct sockaddr *) &client_addr, &n ); - } - else - { - /* UDP: wait for a message, but keep it in the queue */ - char buf[1] = { 0 }; - - ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, - (struct sockaddr *) &client_addr, &n ); - -#if defined(_WIN32) - if( ret == SOCKET_ERROR && - WSAGetLastError() == WSAEMSGSIZE ) - { - /* We know buf is too small, thanks, just peeking here */ - ret = 0; - } -#endif - } - - if( ret < 0 ) - { - if( net_would_block( bind_ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_READ ); - - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); - } - - /* UDP: hijack the listening socket to communicate with the client, - * then bind a new socket to accept new connections */ - if( type != SOCK_STREAM ) - { - struct sockaddr_storage local_addr; - int one = 1; - - if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 ) - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); - - client_ctx->fd = bind_ctx->fd; - bind_ctx->fd = -1; /* In case we exit early */ - - n = sizeof( struct sockaddr_storage ); - if( getsockname( client_ctx->fd, - (struct sockaddr *) &local_addr, &n ) != 0 || - ( bind_ctx->fd = (int) socket( local_addr.ss_family, - SOCK_DGRAM, IPPROTO_UDP ) ) < 0 || - setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &one, sizeof( one ) ) != 0 ) - { - return( MBEDTLS_ERR_NET_SOCKET_FAILED ); - } - - if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 ) - { - return( MBEDTLS_ERR_NET_BIND_FAILED ); - } - } - - if( client_ip != NULL ) - { - if( client_addr.ss_family == AF_INET ) - { - struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr; - *ip_len = sizeof( addr4->sin_addr.s_addr ); - - if( buf_size < *ip_len ) - return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); - - memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len ); - } - else - { - struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr; - *ip_len = sizeof( addr6->sin6_addr.s6_addr ); - - if( buf_size < *ip_len ) - return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); - - memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len); - } - } - - return( 0 ); -} - -/* - * Set the socket blocking or non-blocking - */ -int mbedtls_net_set_block( mbedtls_net_context *ctx ) -{ -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - u_long n = 0; - return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); -#else - return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) ); -#endif -} - -int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) -{ -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - u_long n = 1; - return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); -#else - return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) ); -#endif -} - -/* - * Check if data is available on the socket - */ - -int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) -{ - int ret; - struct timeval tv; - - fd_set read_fds; - fd_set write_fds; - - int fd = ctx->fd; - - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); - -#if defined(__has_feature) -#if __has_feature(memory_sanitizer) - /* Ensure that memory sanitizers consider read_fds and write_fds as - * initialized even on platforms such as Glibc/x86_64 where FD_ZERO - * is implemented in assembly. */ - memset( &read_fds, 0, sizeof( read_fds ) ); - memset( &write_fds, 0, sizeof( write_fds ) ); -#endif -#endif - - FD_ZERO( &read_fds ); - if( rw & MBEDTLS_NET_POLL_READ ) - { - rw &= ~MBEDTLS_NET_POLL_READ; - FD_SET( fd, &read_fds ); - } - - FD_ZERO( &write_fds ); - if( rw & MBEDTLS_NET_POLL_WRITE ) - { - rw &= ~MBEDTLS_NET_POLL_WRITE; - FD_SET( fd, &write_fds ); - } - - if( rw != 0 ) - return( MBEDTLS_ERR_NET_BAD_INPUT_DATA ); - - tv.tv_sec = timeout / 1000; - tv.tv_usec = ( timeout % 1000 ) * 1000; - - do - { - ret = select( fd + 1, &read_fds, &write_fds, NULL, - timeout == (uint32_t) -1 ? NULL : &tv ); - } - while( IS_EINTR( ret ) ); - - if( ret < 0 ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); - - ret = 0; - if( FD_ISSET( fd, &read_fds ) ) - ret |= MBEDTLS_NET_POLL_READ; - if( FD_ISSET( fd, &write_fds ) ) - ret |= MBEDTLS_NET_POLL_WRITE; - - return( ret ); -} - -/* - * Portable usleep helper - */ -void mbedtls_net_usleep( unsigned long usec ) -{ -#if defined(_WIN32) - Sleep( ( usec + 999 ) / 1000 ); -#else - struct timeval tv; - tv.tv_sec = usec / 1000000; -#if defined(__unix__) || defined(__unix) || \ - ( defined(__APPLE__) && defined(__MACH__) ) - tv.tv_usec = (suseconds_t) usec % 1000000; -#else - tv.tv_usec = usec % 1000000; -#endif - select( 0, NULL, NULL, NULL, &tv ); -#endif -} - -/* - * Read at most 'len' characters - */ -int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ) -{ - int ret; - int fd = ((mbedtls_net_context *) ctx)->fd; - - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); - - ret = (int) read( fd, buf, len ); - - if( ret < 0 ) - { - if( net_would_block( ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_READ ); - -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); -#else - if( errno == EPIPE || errno == ECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); - - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); -#endif - - return( MBEDTLS_ERR_NET_RECV_FAILED ); - } - - return( ret ); -} - -/* - * Read at most 'len' characters, blocking for at most 'timeout' ms - */ -int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, - size_t len, uint32_t timeout ) -{ - int ret; - struct timeval tv; - fd_set read_fds; - int fd = ((mbedtls_net_context *) ctx)->fd; - - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); - - FD_ZERO( &read_fds ); - FD_SET( fd, &read_fds ); - - tv.tv_sec = timeout / 1000; - tv.tv_usec = ( timeout % 1000 ) * 1000; - - ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv ); - - /* Zero fds ready means we timed out */ - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_TIMEOUT ); - - if( ret < 0 ) - { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAEINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); -#else - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); -#endif - - return( MBEDTLS_ERR_NET_RECV_FAILED ); - } - - /* This call will not block */ - return( mbedtls_net_recv( ctx, buf, len ) ); -} - -/* - * Write at most 'len' characters - */ -int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ) -{ - int ret; - int fd = ((mbedtls_net_context *) ctx)->fd; - - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); - - ret = (int) write( fd, buf, len ); - - if( ret < 0 ) - { - if( net_would_block( ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_WRITE ); - -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); -#else - if( errno == EPIPE || errno == ECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); - - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_WRITE ); -#endif - - return( MBEDTLS_ERR_NET_SEND_FAILED ); - } - - return( ret ); -} - -/* - * Gracefully close the connection - */ -void mbedtls_net_free( mbedtls_net_context *ctx ) -{ - if( ctx->fd == -1 ) - return; - - shutdown( ctx->fd, 2 ); - close( ctx->fd ); - - ctx->fd = -1; -} - -#endif /* MBEDTLS_NET_C */ diff --git a/library/pkcs11.c b/library/pkcs11.c deleted file mode 100644 index 0ea64252e..000000000 --- a/library/pkcs11.c +++ /dev/null @@ -1,240 +0,0 @@ -/** - * \file pkcs11.c - * - * \brief Wrapper for PKCS#11 library libpkcs11-helper - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#include "mbedtls/pkcs11.h" - -#if defined(MBEDTLS_PKCS11_C) - -#include "mbedtls/md.h" -#include "mbedtls/oid.h" -#include "mbedtls/x509_crt.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include - -void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); -} - -int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) -{ - int ret = 1; - unsigned char *cert_blob = NULL; - size_t cert_blob_size = 0; - - if( cert == NULL ) - { - ret = 2; - goto cleanup; - } - - if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, - &cert_blob_size ) != CKR_OK ) - { - ret = 3; - goto cleanup; - } - - cert_blob = mbedtls_calloc( 1, cert_blob_size ); - if( NULL == cert_blob ) - { - ret = 4; - goto cleanup; - } - - if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, - &cert_blob_size ) != CKR_OK ) - { - ret = 5; - goto cleanup; - } - - if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) ) - { - ret = 6; - goto cleanup; - } - - ret = 0; - -cleanup: - if( NULL != cert_blob ) - mbedtls_free( cert_blob ); - - return( ret ); -} - - -int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ) -{ - int ret = 1; - mbedtls_x509_crt cert; - - mbedtls_x509_crt_init( &cert ); - - if( priv_key == NULL ) - goto cleanup; - - if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) ) - goto cleanup; - - priv_key->len = mbedtls_pk_get_len( &cert.pk ); - priv_key->pkcs11h_cert = pkcs11_cert; - - ret = 0; - -cleanup: - mbedtls_x509_crt_free( &cert ); - - return( ret ); -} - -void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ) -{ - if( NULL != priv_key ) - pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert ); -} - -int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) -{ - size_t input_len, output_len; - - if( NULL == ctx ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - if( MBEDTLS_RSA_PRIVATE != mode ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - output_len = input_len = ctx->len; - - if( input_len < 16 || input_len > output_max_len ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - /* Determine size of output buffer */ - if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, - input_len, NULL, &output_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - } - - if( output_len > output_max_len ) - return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); - - if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, - input_len, output, &output_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - } - *olen = output_len; - return( 0 ); -} - -int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) -{ - size_t sig_len = 0, asn_len = 0, oid_size = 0; - unsigned char *p = sig; - const char *oid; - - if( NULL == ctx ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - if( MBEDTLS_RSA_PRIVATE != mode ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - if( md_alg != MBEDTLS_MD_NONE ) - { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - - hashlen = mbedtls_md_get_size( md_info ); - asn_len = 10 + oid_size; - } - - sig_len = ctx->len; - if( hashlen > sig_len || asn_len > sig_len || - hashlen + asn_len > sig_len ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - } - - if( md_alg != MBEDTLS_MD_NONE ) - { - /* - * DigestInfo ::= SEQUENCE { - * digestAlgorithm DigestAlgorithmIdentifier, - * digest Digest } - * - * DigestAlgorithmIdentifier ::= AlgorithmIdentifier - * - * Digest ::= OCTET STRING - */ - *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char) ( 0x08 + oid_size + hashlen ); - *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char) ( 0x04 + oid_size ); - *p++ = MBEDTLS_ASN1_OID; - *p++ = oid_size & 0xFF; - memcpy( p, oid, oid_size ); - p += oid_size; - *p++ = MBEDTLS_ASN1_NULL; - *p++ = 0x00; - *p++ = MBEDTLS_ASN1_OCTET_STRING; - *p++ = hashlen; - } - - memcpy( p, hash, hashlen ); - - if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, - asn_len + hashlen, sig, &sig_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - } - - return( 0 ); -} - -#endif /* defined(MBEDTLS_PKCS11_C) */ diff --git a/library/ssl_cache.c b/library/ssl_cache.c deleted file mode 100644 index 62a0a2987..000000000 --- a/library/ssl_cache.c +++ /dev/null @@ -1,353 +0,0 @@ -/* - * SSL session cache implementation - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * These session callbacks use a simple chained list - * to store and retrieve the session information. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_CACHE_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_internal.h" - -#include - -void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) -{ - memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); - - cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; - cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &cache->mutex ); -#endif -} - -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) -{ - int ret = 1; -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ); -#endif - mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; - mbedtls_ssl_cache_entry *cur, *entry; - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) - return( 1 ); -#endif - - cur = cache->chain; - entry = NULL; - - while( cur != NULL ) - { - entry = cur; - cur = cur->next; - -#if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - entry->timestamp ) > cache->timeout ) - continue; -#endif - - if( session->ciphersuite != entry->session.ciphersuite || - session->compression != entry->session.compression || - session->id_len != entry->session.id_len ) - continue; - - if( memcmp( session->id, entry->session.id, - entry->session.id_len ) != 0 ) - continue; - - ret = mbedtls_ssl_session_copy( session, &entry->session ); - if( ret != 0 ) - { - ret = 1; - goto exit; - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* - * Restore peer certificate (without rest of the original chain) - */ - if( entry->peer_cert.p != NULL ) - { - /* `session->peer_cert` is NULL after the call to - * mbedtls_ssl_session_copy(), because cache entries - * have the `peer_cert` field set to NULL. */ - - if( ( session->peer_cert = mbedtls_calloc( 1, - sizeof(mbedtls_x509_crt) ) ) == NULL ) - { - ret = 1; - goto exit; - } - - mbedtls_x509_crt_init( session->peer_cert ); - if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, - entry->peer_cert.len ) != 0 ) - { - mbedtls_free( session->peer_cert ); - session->peer_cert = NULL; - ret = 1; - goto exit; - } - } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - ret = 0; - goto exit; - } - -exit: -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) - ret = 1; -#endif - - return( ret ); -} - -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) -{ - int ret = 1; -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; - mbedtls_ssl_cache_entry *old = NULL; -#endif - mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; - mbedtls_ssl_cache_entry *cur, *prv; - int count = 0; - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) - return( ret ); -#endif - - cur = cache->chain; - prv = NULL; - - while( cur != NULL ) - { - count++; - -#if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - cur->timestamp ) > cache->timeout ) - { - cur->timestamp = t; - break; /* expired, reuse this slot, update timestamp */ - } -#endif - - if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) - break; /* client reconnected, keep timestamp for session id */ - -#if defined(MBEDTLS_HAVE_TIME) - if( oldest == 0 || cur->timestamp < oldest ) - { - oldest = cur->timestamp; - old = cur; - } -#endif - - prv = cur; - cur = cur->next; - } - - if( cur == NULL ) - { -#if defined(MBEDTLS_HAVE_TIME) - /* - * Reuse oldest entry if max_entries reached - */ - if( count >= cache->max_entries ) - { - if( old == NULL ) - { - ret = 1; - goto exit; - } - - cur = old; - } -#else /* MBEDTLS_HAVE_TIME */ - /* - * Reuse first entry in chain if max_entries reached, - * but move to last place - */ - if( count >= cache->max_entries ) - { - if( cache->chain == NULL ) - { - ret = 1; - goto exit; - } - - cur = cache->chain; - cache->chain = cur->next; - cur->next = NULL; - prv->next = cur; - } -#endif /* MBEDTLS_HAVE_TIME */ - else - { - /* - * max_entries not reached, create new entry - */ - cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); - if( cur == NULL ) - { - ret = 1; - goto exit; - } - - if( prv == NULL ) - cache->chain = cur; - else - prv->next = cur; - } - -#if defined(MBEDTLS_HAVE_TIME) - cur->timestamp = t; -#endif - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* - * If we're reusing an entry, free its certificate first - */ - if( cur->peer_cert.p != NULL ) - { - mbedtls_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); - } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - /* Copy the entire session; this temporarily makes a copy of the - * X.509 CRT structure even though we only want to store the raw CRT. - * This inefficiency will go away as soon as we implement on-demand - * parsing of CRTs, in which case there's no need for the `peer_cert` - * field anymore in the first place, and we're done after this call. */ - ret = mbedtls_ssl_session_copy( &cur->session, session ); - if( ret != 0 ) - { - ret = 1; - goto exit; - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* If present, free the X.509 structure and only store the raw CRT data. */ - if( cur->session.peer_cert != NULL ) - { - cur->peer_cert.p = - mbedtls_calloc( 1, cur->session.peer_cert->raw.len ); - if( cur->peer_cert.p == NULL ) - { - ret = 1; - goto exit; - } - - memcpy( cur->peer_cert.p, - cur->session.peer_cert->raw.p, - cur->session.peer_cert->raw.len ); - cur->peer_cert.len = session->peer_cert->raw.len; - - mbedtls_x509_crt_free( cur->session.peer_cert ); - mbedtls_free( cur->session.peer_cert ); - cur->session.peer_cert = NULL; - } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - ret = 0; - -exit: -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) - ret = 1; -#endif - - return( ret ); -} - -#if defined(MBEDTLS_HAVE_TIME) -void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) -{ - if( timeout < 0 ) timeout = 0; - - cache->timeout = timeout; -} -#endif /* MBEDTLS_HAVE_TIME */ - -void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) -{ - if( max < 0 ) max = 0; - - cache->max_entries = max; -} - -void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) -{ - mbedtls_ssl_cache_entry *cur, *prv; - - cur = cache->chain; - - while( cur != NULL ) - { - prv = cur; - cur = cur->next; - - mbedtls_ssl_session_free( &prv->session ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_free( prv->peer_cert.p ); -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - mbedtls_free( prv ); - } - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &cache->mutex ); -#endif - cache->chain = NULL; -} - -#endif /* MBEDTLS_SSL_CACHE_C */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c deleted file mode 100644 index 518f7dde0..000000000 --- a/library/ssl_ciphersuites.c +++ /dev/null @@ -1,2373 +0,0 @@ -/** - * \file ssl_ciphersuites.c - * - * \brief SSL ciphersuites for mbed TLS - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_TLS_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#endif - -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl.h" - -#include - -/* - * Ordered from most preferred to least preferred in terms of security. - * - * Current rule (except RC4 and 3DES, weak and null which come last): - * 1. By key exchange: - * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK - * 2. By key length and cipher: - * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 - * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 - * 4. By hash function used when relevant - * 5. By key exchange/auth again: EC > non-EC - */ -static const int ciphersuite_preference[] = -{ -#if defined(MBEDTLS_SSL_CIPHERSUITES) - MBEDTLS_SSL_CIPHERSUITES, -#else - /* Chacha-Poly ephemeral suites */ - MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - - /* All AES-256 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, - - /* All CAMELLIA-256 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, - - /* All ARIA-256 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, - - /* All AES-128 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, - - /* All CAMELLIA-128 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, - - /* All ARIA-128 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, - - /* The PSK ephemeral suites */ - MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, - - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, - - /* The ECJPAKE suite */ - MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, - - /* All AES-256 suites */ - MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_RSA_WITH_AES_256_CCM, - MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, - - /* All CAMELLIA-256 suites */ - MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, - - /* All ARIA-256 suites */ - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, - - /* All AES-128 suites */ - MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_RSA_WITH_AES_128_CCM, - MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, - - /* All CAMELLIA-128 suites */ - MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, - - /* All ARIA-128 suites */ - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, - - /* The RSA PSK suites */ - MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, - - MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, - - /* The PSK suites */ - MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_PSK_WITH_AES_256_CCM, - MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, - MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, - - MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_128_CCM, - MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, - MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - - /* 3DES suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, - - /* RC4 suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, - MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, - MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, - MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, - - /* Weak suites */ - MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, - - /* NULL suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, - - MBEDTLS_TLS_RSA_WITH_NULL_SHA256, - MBEDTLS_TLS_RSA_WITH_NULL_SHA, - MBEDTLS_TLS_RSA_WITH_NULL_MD5, - MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, - MBEDTLS_TLS_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_PSK_WITH_NULL_SHA, - -#endif /* MBEDTLS_SSL_CIPHERSUITES */ - 0 -}; - -static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = -{ -#if defined(MBEDTLS_CHACHAPOLY_C) && \ - defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#endif /* MBEDTLS_CHACHAPOLY_C && - MBEDTLS_SHA256_C && - MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, - { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_MD5_C) - { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, - { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_MD5_C) - { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", - MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", - MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - -#if defined(MBEDTLS_ARIA_C) - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-PSK-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#endif /* MBEDTLS_ARIA_C */ - - - { 0, "", - MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, - 0, 0, 0, 0, 0 } -}; - -#if defined(MBEDTLS_SSL_CIPHERSUITES) -const int *mbedtls_ssl_list_ciphersuites( void ) -{ - return( ciphersuite_preference ); -} -#else -#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ - sizeof( ciphersuite_definitions[0] ) -static int supported_ciphersuites[MAX_CIPHERSUITES]; -static int supported_init = 0; - -static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) -{ - (void)cs_info; - -#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - return( 1 ); -#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ - -#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || - cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) - { - return( 1 ); - } -#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ - - return( 0 ); -} - -const int *mbedtls_ssl_list_ciphersuites( void ) -{ - /* - * On initial call filter out all ciphersuites not supported by current - * build based on presence in the ciphersuite_definitions. - */ - if( supported_init == 0 ) - { - const int *p; - int *q; - - for( p = ciphersuite_preference, q = supported_ciphersuites; - *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; - p++ ) - { - const mbedtls_ssl_ciphersuite_t *cs_info; - if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && - !ciphersuite_is_removed( cs_info ) ) - { - *(q++) = *p; - } - } - *q = 0; - - supported_init = 1; - } - - return( supported_ciphersuites ); -} -#endif /* MBEDTLS_SSL_CIPHERSUITES */ - -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( - const char *ciphersuite_name ) -{ - const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - - if( NULL == ciphersuite_name ) - return( NULL ); - - while( cur->id != 0 ) - { - if( 0 == strcmp( cur->name, ciphersuite_name ) ) - return( cur ); - - cur++; - } - - return( NULL ); -} - -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) -{ - const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - - while( cur->id != 0 ) - { - if( cur->id == ciphersuite ) - return( cur ); - - cur++; - } - - return( NULL ); -} - -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) -{ - const mbedtls_ssl_ciphersuite_t *cur; - - cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); - - if( cur == NULL ) - return( "unknown" ); - - return( cur->name ); -} - -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) -{ - const mbedtls_ssl_ciphersuite_t *cur; - - cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); - - if( cur == NULL ) - return( 0 ); - - return( cur->id ); -} - -#if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( MBEDTLS_PK_RSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( MBEDTLS_PK_ECKEY ); - - default: - return( MBEDTLS_PK_NONE ); - } -} - -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - return( MBEDTLS_PK_RSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); - - default: - return( MBEDTLS_PK_NONE ); - } -} - -#endif /* MBEDTLS_PK_C */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c deleted file mode 100644 index 4e5b3a602..000000000 --- a/library/ssl_cli.c +++ /dev/null @@ -1,3944 +0,0 @@ -/* - * SSLv3/TLSv1 client-side functions - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_CLI_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_internal.h" - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#include - -#include - -#if defined(MBEDTLS_HAVE_TIME) -#include "mbedtls/platform_time.h" -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -#include "mbedtls/platform_util.h" -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) -{ - if( conf->psk_identity == NULL || - conf->psk_identity_len == 0 ) - { - return( 0 ); - } - - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( conf->psk_opaque != 0 ) - return( 1 ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - return( 0 ); -} - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf ) -{ - if( conf->psk_identity == NULL || - conf->psk_identity_len == 0 ) - { - return( 0 ); - } - - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); - - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t hostname_len; - - *olen = 0; - - if( ssl->hostname == NULL ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s", - ssl->hostname ) ); - - hostname_len = strlen( ssl->hostname ); - - if( end < p || (size_t)( end - p ) < hostname_len + 9 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - /* - * Sect. 3, RFC 6066 (TLS Extensions Definitions) - * - * In order to provide any of the server names, clients MAY include an - * extension of type "server_name" in the (extended) client hello. The - * "extension_data" field of this extension SHALL contain - * "ServerNameList" where: - * - * struct { - * NameType name_type; - * select (name_type) { - * case host_name: HostName; - * } name; - * } ServerName; - * - * enum { - * host_name(0), (255) - * } NameType; - * - * opaque HostName<1..2^16-1>; - * - * struct { - * ServerName server_name_list<1..2^16-1> - * } ServerNameList; - * - */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); - - *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); - - *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); - - memcpy( p, ssl->hostname, hostname_len ); - - *olen = hostname_len + 9; -} -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - - *olen = 0; - - /* We're always including an TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the - * initial ClientHello, in which case also adding the renegotiation - * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */ - if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) ); - - if( end < p || (size_t)( end - p ) < 5 + ssl->verify_data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - /* - * Secure renegotiation - */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); - - *p++ = 0x00; - *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; - *p++ = ssl->verify_data_len & 0xFF; - - memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); - - *olen = 5 + ssl->verify_data_len; -} -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -/* - * Only if we handle at least one key exchange that needs signatures. - */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t sig_alg_len = 0; - const int *md; -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) - unsigned char *sig_alg_list = buf + 6; -#endif - - *olen = 0; - - if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding signature_algorithms extension" ) ); - - for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) - { -#if defined(MBEDTLS_ECDSA_C) - sig_alg_len += 2; -#endif -#if defined(MBEDTLS_RSA_C) - sig_alg_len += 2; -#endif - } - - if( end < p || (size_t)( end - p ) < sig_alg_len + 6 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - /* - * Prepare signature_algorithms extension (TLS 1.2) - */ - sig_alg_len = 0; - - for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) - { -#if defined(MBEDTLS_ECDSA_C) - sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); - sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA; -#endif -#if defined(MBEDTLS_RSA_C) - sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); - sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA; -#endif - } - - /* - * enum { - * none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5), - * sha512(6), (255) - * } HashAlgorithm; - * - * enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) } - * SignatureAlgorithm; - * - * struct { - * HashAlgorithm hash; - * SignatureAlgorithm signature; - * } SignatureAndHashAlgorithm; - * - * SignatureAndHashAlgorithm - * supported_signature_algorithms<2..2^16-2>; - */ - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); - - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); - - *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); - - *olen = 6 + sig_alg_len; -} -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - unsigned char *elliptic_curve_list = p + 6; - size_t elliptic_curve_len = 0; - const mbedtls_ecp_curve_info *info; -#if defined(MBEDTLS_ECP_C) - const mbedtls_ecp_group_id *grp_id; -#else - ((void) ssl); -#endif - - *olen = 0; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) ); - -#if defined(MBEDTLS_ECP_C) - for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) -#else - for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) -#endif - { -#if defined(MBEDTLS_ECP_C) - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); -#endif - if( info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid curve in ssl configuration" ) ); - return; - } - - elliptic_curve_len += 2; - } - - if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - elliptic_curve_len = 0; - -#if defined(MBEDTLS_ECP_C) - for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) -#else - for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) -#endif - { -#if defined(MBEDTLS_ECP_C) - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); -#endif - elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; - elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; - } - - if( elliptic_curve_len == 0 ) - return; - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF ); - - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); - - *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); - - *olen = 6 + elliptic_curve_len; -} - -static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - - *olen = 0; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_point_formats extension" ) ); - - if( end < p || (size_t)( end - p ) < 6 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); - - *p++ = 0x00; - *p++ = 2; - - *p++ = 1; - *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED; - - *olen = 6; -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || - MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - int ret; - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t kkpp_len; - - *olen = 0; - - /* Skip costly extension if we can't use EC J-PAKE anyway */ - if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding ecjpake_kkpp extension" ) ); - - if( end - p < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); - - /* - * We may need to send ClientHello multiple times for Hello verification. - * We don't want to compute fresh values every time (both for performance - * and consistency reasons), so cache the extension content. - */ - if( ssl->handshake->ecjpake_cache == NULL || - ssl->handshake->ecjpake_cache_len == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "generating new ecjpake parameters" ) ); - - ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret ); - return; - } - - ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len ); - if( ssl->handshake->ecjpake_cache == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "allocation failed" ) ); - return; - } - - memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len ); - ssl->handshake->ecjpake_cache_len = kkpp_len; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "re-using cached ecjpake parameters" ) ); - - kkpp_len = ssl->handshake->ecjpake_cache_len; - - if( (size_t)( end - p - 2 ) < kkpp_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); - } - - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); - - *olen = kkpp_len + 4; -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - - *olen = 0; - - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); - - if( end < p || (size_t)( end - p ) < 5 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); - - *p++ = 0x00; - *p++ = 1; - - *p++ = ssl->conf->mfl_code; - - *olen = 5; -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - - *olen = 0; - - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding truncated_hmac extension" ) ); - - if( end < p || (size_t)( end - p ) < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - - *olen = 0; - - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || - ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding encrypt_then_mac " - "extension" ) ); - - if( end < p || (size_t)( end - p ) < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - - *olen = 0; - - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding extended_master_secret " - "extension" ) ); - - if( end < p || (size_t)( end - p ) < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t tlen = ssl->session_negotiate->ticket_len; - - *olen = 0; - - if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ) - { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding session ticket extension" ) ); - - if( end < p || (size_t)( end - p ) < 4 + tlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); - - *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( tlen ) & 0xFF ); - - *olen = 4; - - if( ssl->session_negotiate->ticket == NULL || tlen == 0 ) - { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "sending session ticket of length %d", tlen ) ); - - memcpy( p, ssl->session_negotiate->ticket, tlen ); - - *olen += tlen; -} -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_ALPN) -static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t alpnlen = 0; - const char **cur; - - *olen = 0; - - if( ssl->conf->alpn_list == NULL ) - { - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); - - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - alpnlen += (unsigned char)( strlen( *cur ) & 0xFF ) + 1; - - if( end < p || (size_t)( end - p ) < 6 + alpnlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); - - /* - * opaque ProtocolName<1..2^8-1>; - * - * struct { - * ProtocolName protocol_name_list<2..2^16-1> - * } ProtocolNameList; - */ - - /* Skip writing extension and list length for now */ - p += 4; - - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - { - *p = (unsigned char)( strlen( *cur ) & 0xFF ); - memcpy( p + 1, *cur, *p ); - p += 1 + *p; - } - - *olen = p - buf; - - /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); - - /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); -} -#endif /* MBEDTLS_SSL_ALPN */ - -/* - * Generate random bytes for ClientHello - */ -static int ssl_generate_random( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned char *p = ssl->handshake->randbytes; -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t; -#endif - - /* - * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1) - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->verify_cookie != NULL ) - { - return( 0 ); - } -#endif - -#if defined(MBEDTLS_HAVE_TIME) - t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); -#else - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) - return( ret ); - - p += 4; -#endif /* MBEDTLS_HAVE_TIME */ - - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) - return( ret ); - - return( 0 ); -} - -/** - * \brief Validate cipher suite against config in SSL context. - * - * \param suite_info cipher suite to validate - * \param ssl SSL context - * \param min_minor_ver Minimal minor version to accept a cipher suite - * \param max_minor_ver Maximal minor version to accept a cipher suite - * - * \return 0 if valid, else 1 - */ -static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_info, - const mbedtls_ssl_context * ssl, - int min_minor_ver, int max_minor_ver ) -{ - (void) ssl; - if( suite_info == NULL ) - return( 1 ); - - if( suite_info->min_minor_ver > max_minor_ver || - suite_info->max_minor_ver < min_minor_ver ) - return( 1 ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) - return( 1 ); -#endif - -#if defined(MBEDTLS_ARC4_C) - if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - return( 1 ); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - return( 1 ); -#endif - - /* Don't suggest PSK-based ciphersuite if no PSK is available. */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_static_psk( ssl->conf ) == 0 ) - { - return( 1 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - - return( 0 ); -} - -static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) -{ - int ret; - size_t i, n, olen, ext_len = 0; - unsigned char *buf; - unsigned char *p, *q; - unsigned char offer_compress; - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - int uses_ec = 0; -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); - - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( MBEDTLS_ERR_SSL_NO_RNG ); - } - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) -#endif - { - ssl->major_ver = ssl->conf->min_major_ver; - ssl->minor_ver = ssl->conf->min_minor_ver; - } - - if( ssl->conf->max_major_ver == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " - "consider using mbedtls_ssl_config_defaults()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 5 highest version supported - * 6 . 9 current UNIX time - * 10 . 37 random bytes - */ - buf = ssl->out_msg; - p = buf + 4; - - mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, - ssl->conf->transport, p ); - p += 2; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", - buf[4], buf[5] ) ); - - if( ( ret = ssl_generate_random( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); - return( ret ); - } - - memcpy( p, ssl->handshake->randbytes, 32 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 ); - p += 32; - - /* - * 38 . 38 session id length - * 39 . 39+n session id - * 39+n . 39+n DTLS only: cookie length (1 byte) - * 40+n . .. DTSL only: cookie - * .. . .. ciphersuitelist length (2 bytes) - * .. . .. ciphersuitelist - * .. . .. compression methods length (1 byte) - * .. . .. compression methods - * .. . .. extensions length (2 bytes) - * .. . .. extensions - */ - n = ssl->session_negotiate->id_len; - - if( n < 16 || n > 32 || -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || -#endif - ssl->handshake->resume == 0 ) - { - n = 0; - } - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - /* - * RFC 5077 section 3.4: "When presenting a ticket, the client MAY - * generate and include a Session ID in the TLS ClientHello." - */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) -#endif - { - if( ssl->session_negotiate->ticket != NULL && - ssl->session_negotiate->ticket_len != 0 ) - { - ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 ); - - if( ret != 0 ) - return( ret ); - - ssl->session_negotiate->id_len = n = 32; - } - } -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - - *p++ = (unsigned char) n; - - for( i = 0; i < n; i++ ) - *p++ = ssl->session_negotiate->id[i]; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); - - /* - * DTLS cookie - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) ); - *p++ = 0; - } - else - { - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", - ssl->handshake->verify_cookie, - ssl->handshake->verify_cookie_len ); - - *p++ = ssl->handshake->verify_cookie_len; - memcpy( p, ssl->handshake->verify_cookie, - ssl->handshake->verify_cookie_len ); - p += ssl->handshake->verify_cookie_len; - } - } -#endif - - /* - * Ciphersuite list - */ - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - - /* Skip writing ciphersuite length for now */ - n = 0; - q = p; - p += 2; - - for( i = 0; ciphersuites[i] != 0; i++ ) - { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); - - if( ssl_validate_ciphersuite( ciphersuite_info, ssl, - ssl->conf->min_minor_ver, - ssl->conf->max_minor_ver ) != 0 ) - continue; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x", - ciphersuites[i] ) ); - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info ); -#endif - - n++; - *p++ = (unsigned char)( ciphersuites[i] >> 8 ); - *p++ = (unsigned char)( ciphersuites[i] ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites (excluding SCSVs)", n ) ); - - /* - * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV - */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); - *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); - n++; - } - - /* Some versions of OpenSSL don't handle it correctly if not at end */ -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); - *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ); - *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ); - n++; - } -#endif - - *q++ = (unsigned char)( n >> 7 ); - *q++ = (unsigned char)( n << 1 ); - -#if defined(MBEDTLS_ZLIB_SUPPORT) - offer_compress = 1; -#else - offer_compress = 0; -#endif - - /* - * We don't support compression with DTLS right now: if many records come - * in the same datagram, uncompressing one could overwrite the next one. - * We don't want to add complexity for handling that case unless there is - * an actual need for it. - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - offer_compress = 0; -#endif - - if( offer_compress ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", - MBEDTLS_SSL_COMPRESS_DEFLATE, MBEDTLS_SSL_COMPRESS_NULL ) ); - - *p++ = 2; - *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE; - *p++ = MBEDTLS_SSL_COMPRESS_NULL; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", - MBEDTLS_SSL_COMPRESS_NULL ) ); - - *p++ = 1; - *p++ = MBEDTLS_SSL_COMPRESS_NULL; - } - - // First write extensions, then the total length - // -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - ssl_write_hostname_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - - /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added - * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( uses_ec ) - { - ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; - - ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_ALPN) - ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - - /* olen unused if all extensions are disabled */ - ((void) olen); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", - ext_len ) ); - - if( ext_len > 0 ) - { - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); - p += ext_len; - } - - ssl->out_msglen = p - buf; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_HELLO; - - ssl->state++; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); -#endif - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); - - return( 0 ); -} - -static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - /* Check verify-data in constant-time. The length OTOH is no secret */ - if( len != 1 + ssl->verify_data_len * 2 || - buf[0] != ssl->verify_data_len * 2 || - mbedtls_ssl_safer_memcmp( buf + 1, - ssl->own_verify_data, ssl->verify_data_len ) != 0 || - mbedtls_ssl_safer_memcmp( buf + 1 + ssl->verify_data_len, - ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } - else -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - { - if( len != 1 || buf[0] != 0x00 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; - } - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - /* - * server should use the extension only if we did, - * and if so the server's value should match ours (and len is always 1) - */ - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || - len != 1 || - buf[0] != ssl->conf->mfl_code ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching max fragment length extension" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - return( 0 ); -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching truncated HMAC extension" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - ((void) buf); - - ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching encrypt-then-MAC extension" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - ((void) buf); - - ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching extended master secret extension" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - ((void) buf); - - ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching session ticket extension" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - ((void) buf); - - ssl->handshake->new_session_ticket = 1; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - size_t list_size; - const unsigned char *p; - - if( len == 0 || (size_t)( buf[0] + 1 ) != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - list_size = buf[0]; - - p = buf + 1; - while( list_size > 0 ) - { - if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || - p[0] == MBEDTLS_ECP_PF_COMPRESSED ) - { -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - ssl->handshake->ecdh_ctx.point_format = p[0]; -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl->handshake->ecjpake_ctx.point_format = p[0]; -#endif - MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); - return( 0 ); - } - - list_size--; - p++; - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || - MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - int ret; - - if( ssl->transform_negotiate->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); - return( 0 ); - } - - /* If we got here, we no longer need our cached extension */ - mbedtls_free( ssl->handshake->ecjpake_cache ); - ssl->handshake->ecjpake_cache = NULL; - ssl->handshake->ecjpake_cache_len = 0; - - if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, - buf, len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_ALPN) -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - size_t list_len, name_len; - const char **p; - - /* If we didn't send it, the server shouldn't send it */ - if( ssl->conf->alpn_list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching ALPN extension" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - /* - * opaque ProtocolName<1..2^8-1>; - * - * struct { - * ProtocolName protocol_name_list<2..2^16-1> - * } ProtocolNameList; - * - * the "ProtocolNameList" MUST contain exactly one "ProtocolName" - */ - - /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - name_len = buf[2]; - if( name_len != list_len - 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - /* Check that the server chosen protocol was in our list and save it */ - for( p = ssl->conf->alpn_list; *p != NULL; p++ ) - { - if( name_len == strlen( *p ) && - memcmp( buf + 3, *p, name_len ) == 0 ) - { - ssl->alpn_chosen = *p; - return( 0 ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); -} -#endif /* MBEDTLS_SSL_ALPN */ - -/* - * Parse HelloVerifyRequest. Only called after verifying the HS type. - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) -{ - const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - int major_ver, minor_ver; - unsigned char cookie_len; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) ); - - /* - * struct { - * ProtocolVersion server_version; - * opaque cookie<0..2^8-1>; - * } HelloVerifyRequest; - */ - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); - mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); - p += 2; - - /* - * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) - * even is lower than our min version. - */ - if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || - minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || - major_ver > ssl->conf->max_major_ver || - minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); - } - - cookie_len = *p++; - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); - - if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "cookie length does not match incoming message size" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - mbedtls_free( ssl->handshake->verify_cookie ); - - ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len ); - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - memcpy( ssl->handshake->verify_cookie, p, cookie_len ); - ssl->handshake->verify_cookie_len = cookie_len; - - /* Start over at ClientHello */ - ssl->state = MBEDTLS_SSL_CLIENT_HELLO; - mbedtls_ssl_reset_checksum( ssl ); - - mbedtls_ssl_recv_flight_completed( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) -{ - int ret, i; - size_t n; - size_t ext_len; - unsigned char *buf, *ext; - unsigned char comp; -#if defined(MBEDTLS_ZLIB_SUPPORT) - int accept_comp; -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int renegotiation_info_seen = 0; -#endif - int handshake_failure = 0; - const mbedtls_ssl_ciphersuite_t *suite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); - - buf = ssl->in_msg; - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - ssl->renego_records_seen++; - - if( ssl->conf->renego_max_records >= 0 && - ssl->renego_records_seen > ssl->conf->renego_max_records ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " - "but not honored by server" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) ); - - ssl->keep_current_message = 1; - return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); - return( ssl_parse_hello_verify_request( ssl ) ); - } - else - { - /* We made it through the verification process */ - mbedtls_free( ssl->handshake->verify_cookie ); - ssl->handshake->verify_cookie = NULL; - ssl->handshake->verify_cookie_len = 0; - } - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) || - buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - /* - * 0 . 1 server_version - * 2 . 33 random (maybe including 4 bytes of Unix time) - * 34 . 34 session_id length = n - * 35 . 34+n session_id - * 35+n . 36+n cipher_suite - * 37+n . 37+n compression_method - * - * 38+n . 39+n extensions length (optional) - * 40+n . .. extensions - */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf + 0 ); - - if( ssl->major_ver < ssl->conf->min_major_ver || - ssl->minor_ver < ssl->conf->min_minor_ver || - ssl->major_ver > ssl->conf->max_major_ver || - ssl->minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server version out of bounds - " - " min: [%d:%d], server: [%d:%d], max: [%d:%d]", - ssl->conf->min_major_ver, ssl->conf->min_minor_ver, - ssl->major_ver, ssl->minor_ver, - ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", - ( (uint32_t) buf[2] << 24 ) | - ( (uint32_t) buf[3] << 16 ) | - ( (uint32_t) buf[4] << 8 ) | - ( (uint32_t) buf[5] ) ) ); - - memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 ); - - n = buf[34]; - - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); - - if( n > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n ) - { - ext_len = ( ( buf[38 + n] << 8 ) - | ( buf[39 + n] ) ); - - if( ( ext_len > 0 && ext_len < 4 ) || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } - else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n ) - { - ext_len = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - /* ciphersuite (used later) */ - i = ( buf[35 + n] << 8 ) | buf[36 + n]; - - /* - * Read and check compression - */ - comp = buf[37 + n]; - -#if defined(MBEDTLS_ZLIB_SUPPORT) - /* See comments in ssl_write_client_hello() */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - accept_comp = 0; - else -#endif - accept_comp = 1; - - if( comp != MBEDTLS_SSL_COMPRESS_NULL && - ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) ) -#else /* MBEDTLS_ZLIB_SUPPORT */ - if( comp != MBEDTLS_SSL_COMPRESS_NULL ) -#endif/* MBEDTLS_ZLIB_SUPPORT */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server hello, bad compression: %d", comp ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - - /* - * Initialize update checksum functions - */ - ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); - - if( ssl->transform_negotiate->ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n ); - - /* - * Check if the session can be resumed - */ - if( ssl->handshake->resume == 0 || n == 0 || -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || -#endif - ssl->session_negotiate->ciphersuite != i || - ssl->session_negotiate->compression != comp || - ssl->session_negotiate->id_len != n || - memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) - { - ssl->state++; - ssl->handshake->resume = 0; -#if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = mbedtls_time( NULL ); -#endif - ssl->session_negotiate->ciphersuite = i; - ssl->session_negotiate->compression = comp; - ssl->session_negotiate->id_len = n; - memcpy( ssl->session_negotiate->id, buf + 35, n ); - } - else - { - ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( ret ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", - ssl->handshake->resume ? "a" : "no" ) ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", i ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[37 + n] ) ); - - /* - * Perform cipher suite validation in same way as in ssl_write_client_hello. - */ - i = 0; - while( 1 ) - { - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == - ssl->session_negotiate->ciphersuite ) - { - break; - } - } - - suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); - if( ssl_validate_ciphersuite( suite_info, ssl, ssl->minor_ver, ssl->minor_ver ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", suite_info->name ) ); - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ssl->handshake->ecrs_enabled = 1; - } -#endif - - if( comp != MBEDTLS_SSL_COMPRESS_NULL -#if defined(MBEDTLS_ZLIB_SUPPORT) - && comp != MBEDTLS_SSL_COMPRESS_DEFLATE -#endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - ssl->session_negotiate->compression = comp; - - ext = buf + 40 + n; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server hello, total extension length: %d", ext_len ) ); - - while( ext_len ) - { - unsigned int ext_id = ( ( ext[0] << 8 ) - | ( ext[1] ) ); - unsigned int ext_size = ( ( ext[2] << 8 ) - | ( ext[3] ) ); - - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - switch( ext_id ) - { - case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); -#if defined(MBEDTLS_SSL_RENEGOTIATION) - renegotiation_info_seen = 1; -#endif - - if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, - ext_size ) ) != 0 ) - return( ret ); - - break; - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); - - if( ( ret = ssl_parse_max_fragment_length_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); - - if( ( ret = ssl_parse_truncated_hmac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); - - if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) ); - - if( ( ret = ssl_parse_extended_ms_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) ); - - if( ( ret = ssl_parse_session_ticket_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_point_formats extension" ) ); - - if( ( ret = ssl_parse_supported_point_formats_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || - MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake_kkpp extension" ) ); - - if( ( ret = ssl_parse_ecjpake_kkpp( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } - - break; -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_ALPN) - case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 ) - return( ret ); - - break; -#endif /* MBEDTLS_SSL_ALPN */ - - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", - ext_id ) ); - } - - ext_len -= 4 + ext_size; - ext += 4 + ext_size; - - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - } - - /* - * Renegotiation security checks - */ - if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); - handshake_failure = 1; - } -#if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && - renegotiation_info_seen == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); - handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); - handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - renegotiation_info_seen == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); - handshake_failure = 1; - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - if( handshake_failure == 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char **p, - unsigned char *end ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - - /* - * Ephemeral DH parameters: - * - * struct { - * opaque dh_p<1..2^16-1>; - * opaque dh_g<1..2^16-1>; - * opaque dh_Ys<1..2^16-1>; - * } ServerDHParams; - */ - if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret ); - return( ret ); - } - - if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d", - ssl->handshake->dhm_ctx.len * 8, - ssl->conf->dhm_min_bitlen ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) -{ - const mbedtls_ecp_curve_info *curve_info; - mbedtls_ecp_group_id grp_id; -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - grp_id = ssl->handshake->ecdh_ctx.grp.id; -#else - grp_id = ssl->handshake->ecdh_ctx.grp_id; -#endif - - curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); - if( curve_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); - -#if defined(MBEDTLS_ECP_C) - if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) -#else - if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || - ssl->handshake->ecdh_ctx.grp.nbits > 521 ) -#endif - return( -1 ); - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) -static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) -{ - uint16_t tls_id; - uint8_t ecpoint_len; - mbedtls_ssl_handshake_params *handshake = ssl->handshake; - - /* - * Parse ECC group - */ - - if( end - *p < 4 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - - /* First byte is curve_type; only named_curve is handled */ - if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - - /* Next two bytes are the namedcurve value */ - tls_id = *(*p)++; - tls_id <<= 8; - tls_id |= *(*p)++; - - /* Convert EC group to PSA key type. */ - if( ( handshake->ecdh_psa_curve = - mbedtls_psa_parse_tls_ecc_group( tls_id ) ) == 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - /* - * Put peer's ECDH public key in the format understood by PSA. - */ - - ecpoint_len = *(*p)++; - if( (size_t)( end - *p ) < ecpoint_len ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - - if( mbedtls_psa_tls_ecpoint_to_psa_ec( handshake->ecdh_psa_curve, - *p, ecpoint_len, - handshake->ecdh_psa_peerkey, - sizeof( handshake->ecdh_psa_peerkey ), - &handshake->ecdh_psa_peerkey_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - *p += ecpoint_len; - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - - /* - * Ephemeral ECDH parameters: - * - * struct { - * ECParameters curve_params; - * ECPoint public; - * } ServerECDHParams; - */ - if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx, - (const unsigned char **) p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; -#endif - return( ret ); - } - - if( ssl_check_server_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - size_t len; - ((void) ssl); - - /* - * PSK parameters: - * - * opaque psk_identity_hint<0..2^16-1>; - */ - if( end - (*p) < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " - "(psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - len = (*p)[0] << 8 | (*p)[1]; - *p += 2; - - if( end - (*p) < (int) len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " - "(psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - /* - * Note: we currently ignore the PKS identity hint, as we only allow one - * PSK to be provisionned on the client. This could be changed later if - * someone needs that feature. - */ - *p += len; - ret = 0; - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -/* - * Generate a pre-master secret and encrypt it with the server's RSA key - */ -static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, - size_t offset, size_t *olen, - size_t pms_offset ) -{ - int ret; - size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2; - unsigned char *p = ssl->handshake->premaster + pms_offset; - mbedtls_pk_context * peer_pk; - - if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - /* - * Generate (part of) the pre-master as - * struct { - * ProtocolVersion client_version; - * opaque random[46]; - * } PreMasterSecret; - */ - mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, - ssl->conf->transport, p ); - - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); - return( ret ); - } - - ssl->handshake->pmslen = 48; - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - peer_pk = &ssl->handshake->peer_pubkey; -#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { - /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - peer_pk = &ssl->session_negotiate->peer_cert->pk; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - /* - * Now write it out, encrypted - */ - if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_RSA ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); - } - - if( ( ret = mbedtls_pk_encrypt( peer_pk, - p, ssl->handshake->pmslen, - ssl->out_msg + offset + len_bytes, olen, - MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); - return( ret ); - } - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( len_bytes == 2 ) - { - ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); - ssl->out_msg[offset+1] = (unsigned char)( *olen ); - *olen += 2; - } -#endif - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* We don't need the peer's public key anymore. Free it. */ - mbedtls_pk_free( peer_pk ); -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end, - mbedtls_md_type_t *md_alg, - mbedtls_pk_type_t *pk_alg ) -{ - ((void) ssl); - *md_alg = MBEDTLS_MD_NONE; - *pk_alg = MBEDTLS_PK_NONE; - - /* Only in TLS 1.2 */ - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - return( 0 ); - } - - if( (*p) + 2 > end ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - - /* - * Get hash algorithm - */ - if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported " - "HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - /* - * Get signature algorithm - */ - if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported " - "SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - /* - * Check if the hash is acceptable - */ - if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used HashAlgorithm %d that was not offered", - *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) ); - *p += 2; - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) -{ - int ret; - const mbedtls_ecp_keypair *peer_key; - mbedtls_pk_context * peer_pk; - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - peer_pk = &ssl->handshake->peer_pubkey; -#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { - /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - peer_pk = &ssl->session_negotiate->peer_cert->pk; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); - } - - peer_key = mbedtls_pk_ec( *peer_pk ); - - if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, - MBEDTLS_ECDH_THEIRS ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); - return( ret ); - } - - if( ssl_check_server_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* We don't need the peer's public key anymore. Free it, - * so that more RAM is available for upcoming expensive - * operations like ECDHE. */ - mbedtls_pk_free( peer_pk ); -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) -{ - int ret; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - unsigned char *p = NULL, *end = NULL; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); - ssl->state++; - return( 0 ); - } - ((void) p); - ((void) end); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); - ssl->state++; - return( 0 ); - } - ((void) p); - ((void) end); -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing ) - { - goto start_processing; - } -#endif - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - /* - * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server - * doesn't use a psk_identity_hint - */ - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE ) - { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { - /* Current message is probably either - * CertificateRequest or ServerHelloDone */ - ssl->keep_current_message = 1; - goto exit; - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key exchange message must " - "not be skipped" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled ) - ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; - -start_processing: -#endif - p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - end = ssl->in_msg + ssl->in_hslen; - MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } /* FALLTROUGH */ -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - ; /* nothing more to do */ - else -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED || - MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - if( ssl_parse_server_ecdh_params_psa( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, - p, end - p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) - { - size_t sig_len, hashlen; - unsigned char hash[64]; - mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; - mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; - unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - size_t params_len = p - params; - void *rs_ctx = NULL; - - mbedtls_pk_context * peer_pk; - - /* - * Handle the digitally-signed structure - */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - if( ssl_parse_signature_algorithm( ssl, &p, end, - &md_alg, &pk_alg ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - if( pk_alg != mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { - pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - - /* Default hash for ECDSA is SHA-1 */ - if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE ) - md_alg = MBEDTLS_MD_SHA1; - } - else -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* - * Read signature - */ - - if( p > end - 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - sig_len = ( p[0] << 8 ) | p[1]; - p += 2; - - if( p != end - sig_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); - - /* - * Compute the hash that has been signed - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { - hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params, - params_len ); - if( ret != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ - MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( md_alg != MBEDTLS_MD_NONE ) - { - ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, - params, params_len, - md_alg ); - if( ret != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - peer_pk = &ssl->handshake->peer_pubkey; -#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { - /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - peer_pk = &ssl->session_negotiate->peer_cert->pk; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - /* - * Verify signature - */ - if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); - } - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled ) - rs_ctx = &ssl->handshake->ecrs_ctx.pk; -#endif - - if( ( ret = mbedtls_pk_verify_restartable( peer_pk, - md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) - { -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) -#endif - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; -#endif - return( ret ); - } - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* We don't need the peer's public key anymore. Free it, - * so that more RAM is available for upcoming expensive - * operations like ECDHE. */ - mbedtls_pk_free( peer_pk ); -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - } -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ - -exit: - ssl->state++; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); - - return( 0 ); -} - -#if ! defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) -static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); - - if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); - ssl->state++; - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); -} -#else /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ -static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned char *buf; - size_t n = 0; - size_t cert_type_len = 0, dn_len = 0; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); - - if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); - ssl->state++; - return( 0 ); - } - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - ssl->state++; - ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", - ssl->client_auth ? "a" : "no" ) ); - - if( ssl->client_auth == 0 ) - { - /* Current message is probably the ServerHelloDone */ - ssl->keep_current_message = 1; - goto exit; - } - - /* - * struct { - * ClientCertificateType certificate_types<1..2^8-1>; - * SignatureAndHashAlgorithm - * supported_signature_algorithms<2^16-1>; -- TLS 1.2 only - * DistinguishedName certificate_authorities<0..2^16-1>; - * } CertificateRequest; - * - * Since we only support a single certificate on clients, let's just - * ignore all the information that's supposed to help us pick a - * certificate. - * - * We could check that our certificate matches the request, and bail out - * if it doesn't, but it's simpler to just send the certificate anyway, - * and give the server the opportunity to decide if it should terminate - * the connection when it doesn't like our certificate. - * - * Same goes for the hash in TLS 1.2's signature_algorithms: at this - * point we only have one hash available (see comments in - * write_certificate_verify), so let's just use what we have. - * - * However, we still minimally parse the message to check it is at least - * superficially sane. - */ - buf = ssl->in_msg; - - /* certificate_types */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } - cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; - n = cert_type_len; - - /* - * In the subsequent code there are two paths that read from buf: - * * the length of the signature algorithms field (if minor version of - * SSL is 3), - * * distinguished name length otherwise. - * Both reach at most the index: - * ...hdr_len + 2 + n, - * therefore the buffer length at this point must be greater than that - * regardless of the actual code path. - */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } - - /* supported_signature_algorithms */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) - | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); -#if defined(MBEDTLS_DEBUG_C) - unsigned char* sig_alg; - size_t i; -#endif - - /* - * The furthest access in buf is in the loop few lines below: - * sig_alg[i + 1], - * where: - * sig_alg = buf + ...hdr_len + 3 + n, - * max(i) = sig_alg_len - 1. - * Therefore the furthest access is: - * buf[...hdr_len + 3 + n + sig_alg_len - 1 + 1], - * which reduces to: - * buf[...hdr_len + 3 + n + sig_alg_len], - * which is one less than we need the buf to be. - */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n + sig_alg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } - -#if defined(MBEDTLS_DEBUG_C) - sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n; - for( i = 0; i < sig_alg_len; i += 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Signature Algorithm found: %d" - ",%d", sig_alg[i], sig_alg[i + 1] ) ); - } -#endif - - n += 2 + sig_alg_len; - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - /* certificate_authorities */ - dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) - | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); - - n += dn_len; - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); - } - -exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ - -static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) || - ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); - } - - ssl->state++; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); - - return( 0 ); -} - -static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) -{ - int ret; - - size_t header_len; - size_t content_len; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) - { - /* - * DHM key exchange -- send G^X mod P - */ - content_len = ssl->handshake->dhm_ctx.len; - - ssl->out_msg[4] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[5] = (unsigned char)( content_len ); - header_len = 6; - - ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[header_len], content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); - - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - ssl->handshake->premaster, - MBEDTLS_PREMASTER_SIZE, - &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - psa_status_t status; - psa_key_policy_t policy; - - mbedtls_ssl_handshake_params *handshake = ssl->handshake; - - unsigned char own_pubkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t own_pubkey_len; - unsigned char *own_pubkey_ecpoint; - size_t own_pubkey_ecpoint_len; - - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - - header_len = 4; - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); - - /* - * Generate EC private key for ECDHE exchange. - */ - - /* Allocate a new key slot for the private key. */ - - status = psa_allocate_key( &handshake->ecdh_psa_privkey ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - /* The master secret is obtained from the shared ECDH secret by - * applying the TLS 1.2 PRF with a specific salt and label. While - * the PSA Crypto API encourages combining key agreement schemes - * such as ECDH with fixed KDFs such as TLS 1.2 PRF, it does not - * yet support the provisioning of salt + label to the KDF. - * For the time being, we therefore need to split the computation - * of the ECDH secret and the application of the TLS 1.2 PRF. */ - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_DERIVE, - PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ) ); - status = psa_set_key_policy( handshake->ecdh_psa_privkey, &policy ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - /* Generate ECDH private key. */ - status = psa_generate_key( handshake->ecdh_psa_privkey, - PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ), - MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), - NULL, 0 ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - /* Export the public part of the ECDH private key from PSA - * and convert it to ECPoint format used in ClientKeyExchange. */ - status = psa_export_public_key( handshake->ecdh_psa_privkey, - own_pubkey, sizeof( own_pubkey ), - &own_pubkey_len ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - if( mbedtls_psa_tls_psa_ec_to_ecpoint( own_pubkey, - own_pubkey_len, - &own_pubkey_ecpoint, - &own_pubkey_ecpoint_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - /* Copy ECPoint structure to outgoing message buffer. */ - ssl->out_msg[header_len] = own_pubkey_ecpoint_len; - memcpy( ssl->out_msg + header_len + 1, - own_pubkey_ecpoint, own_pubkey_ecpoint_len ); - content_len = own_pubkey_ecpoint_len + 1; - - /* Compute ECDH shared secret. */ - status = psa_key_agreement( &generator, - handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, - handshake->ecdh_psa_peerkey_len, - PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ) ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - /* The ECDH secret is the premaster secret used for key derivation. */ - - ssl->handshake->pmslen = - MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( handshake->ecdh_psa_curve ); - - status = psa_generator_read( &generator, - ssl->handshake->premaster, - ssl->handshake->pmslen ); - if( status != PSA_SUCCESS ) - { - psa_generator_abort( &generator ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = psa_generator_abort( &generator ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - status = psa_destroy_key( handshake->ecdh_psa_privkey ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - handshake->ecdh_psa_privkey = 0; - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - /* - * ECDH key exchange -- send client public value - */ - header_len = 4; - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled ) - { - if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret ) - goto ecdh_calc_secret; - - mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx ); - } -#endif - - ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, - &content_len, - &ssl->out_msg[header_len], 1000, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; -#endif - return( ret ); - } - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled ) - { - ssl->handshake->ecrs_n = content_len; - ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; - } - -ecdh_calc_secret: - if( ssl->handshake->ecrs_enabled ) - content_len = ssl->handshake->ecrs_n; -#endif - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, - &ssl->handshake->pmslen, - ssl->handshake->premaster, - MBEDTLS_MPI_MAX_SIZE, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; -#endif - return( ret ); - } - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_psk( ciphersuite_info ) ) - { - /* - * opaque psk_identity<0..2^16-1>; - */ - if( ssl_conf_has_static_psk( ssl->conf ) == 0 ) - { - /* We don't offer PSK suites if we don't have a PSK, - * and we check that the server's choice is among the - * ciphersuites we offered, so this should never happen. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - header_len = 4; - content_len = ssl->conf->psk_identity_len; - - if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or " - "SSL buffer too short" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); - - memcpy( ssl->out_msg + header_len, - ssl->conf->psk_identity, - ssl->conf->psk_identity_len ); - header_len += ssl->conf->psk_identity_len; - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) - { - content_len = 0; - } - else -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - if( ( ret = ssl_write_encrypted_pms( ssl, header_len, - &content_len, 2 ) ) != 0 ) - return( ret ); - } - else -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - /* - * ClientDiffieHellmanPublic public (DHM send G^X mod P) - */ - content_len = ssl->handshake->dhm_ctx.len; - - if( header_len + 2 + content_len > - MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long" - " or SSL buffer too short" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } - - ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); - ssl->out_msg[header_len++] = (unsigned char)( content_len ); - - ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[header_len], content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - /* - * ClientECDiffieHellmanPublic public; - */ - ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, - &content_len, - &ssl->out_msg[header_len], - MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO && - MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - header_len = 4; - if( ( ret = ssl_write_encrypted_pms( ssl, header_len, - &content_len, 0 ) ) != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - header_len = 4; - - ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx, - ssl->out_msg + header_len, - MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, - &content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); - return( ret ); - } - - ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, - ssl->handshake->premaster, 32, &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - { - ((void) ciphersuite_info); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ssl->out_msglen = header_len + content_len; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE; - - ssl->state++; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); - - return( 0 ); -} - -#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) -static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); - - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); - } - - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); - ssl->state++; - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); -} -#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ -static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - size_t n = 0, offset = 0; - unsigned char hash[48]; - unsigned char *hash_start = hash; - mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; - unsigned int hashlen; - void *rs_ctx = NULL; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign ) - { - goto sign; - } -#endif - - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); - } - - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); - ssl->state++; - return( 0 ); - } - - if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); - ssl->state++; - return( 0 ); - } - - if( mbedtls_ssl_own_key( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); - } - - /* - * Make a signature of the handshake digests - */ -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled ) - ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; - -sign: -#endif - - ssl->handshake->calc_verify( ssl, hash ); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* - * digitally-signed struct { - * opaque md5_hash[16]; - * opaque sha_hash[20]; - * }; - * - * md5_hash - * MD5(handshake_messages); - * - * sha_hash - * SHA(handshake_messages); - */ - hashlen = 36; - md_alg = MBEDTLS_MD_NONE; - - /* - * For ECDSA, default hash is SHA-1 only - */ - if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) - { - hash_start += 16; - hashlen -= 16; - md_alg = MBEDTLS_MD_SHA1; - } - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ - MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* - * digitally-signed struct { - * opaque handshake_messages[handshake_messages_length]; - * }; - * - * Taking shortcut here. We assume that the server always allows the - * PRF Hash function and has sent it in the allowed signature - * algorithms list received in the Certificate Request message. - * - * Until we encounter a server that does not, we will take this - * shortcut. - * - * Reason: Otherwise we should have running hashes for SHA512 and SHA224 - * in order to satisfy 'weird' needs from the server side. - */ - if( ssl->transform_negotiate->ciphersuite_info->mac == - MBEDTLS_MD_SHA384 ) - { - md_alg = MBEDTLS_MD_SHA384; - ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; - } - else - { - md_alg = MBEDTLS_MD_SHA256; - ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256; - } - ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) ); - - /* Info from md_alg will be used instead */ - hashlen = 0; - offset = 2; - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled ) - rs_ctx = &ssl->handshake->ecrs_ctx.pk; -#endif - - if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ), - md_alg, hash_start, hashlen, - ssl->out_msg + 6 + offset, &n, - ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; -#endif - return( ret ); - } - - ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 ); - ssl->out_msg[5 + offset] = (unsigned char)( n ); - - ssl->out_msglen = 6 + n + offset; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY; - - ssl->state++; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) -{ - int ret; - uint32_t lifetime; - size_t ticket_len; - unsigned char *ticket; - const unsigned char *msg; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - /* - * struct { - * uint32 ticket_lifetime_hint; - * opaque ticket<0..2^16-1>; - * } NewSessionTicket; - * - * 0 . 3 ticket_lifetime_hint - * 4 . 5 ticket_len (n) - * 6 . 5+n ticket content - */ - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || - ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); - } - - msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - - lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) | - ( msg[2] << 8 ) | ( msg[3] ); - - ticket_len = ( msg[4] << 8 ) | ( msg[5] ); - - if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) ); - - /* We're not waiting for a NewSessionTicket message any more */ - ssl->handshake->new_session_ticket = 0; - ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - - /* - * Zero-length ticket means the server changed his mind and doesn't want - * to send a ticket after all, so just forget it - */ - if( ticket_len == 0 ) - return( 0 ); - - if( ssl->session != NULL && ssl->session->ticket != NULL ) - { - mbedtls_platform_zeroize( ssl->session->ticket, - ssl->session->ticket_len ); - mbedtls_free( ssl->session->ticket ); - ssl->session->ticket = NULL; - ssl->session->ticket_len = 0; - } - - mbedtls_platform_zeroize( ssl->session_negotiate->ticket, - ssl->session_negotiate->ticket_len ); - mbedtls_free( ssl->session_negotiate->ticket ); - ssl->session_negotiate->ticket = NULL; - ssl->session_negotiate->ticket_len = 0; - - if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - memcpy( ticket, msg + 6, ticket_len ); - - ssl->session_negotiate->ticket = ticket; - ssl->session_negotiate->ticket_len = ticket_len; - ssl->session_negotiate->ticket_lifetime = lifetime; - - /* - * RFC 5077 section 3.4: - * "If the client receives a session ticket from the server, then it - * discards any Session ID that was sent in the ServerHello." - */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) ); - ssl->session_negotiate->id_len = 0; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -/* - * SSL handshake -- client side -- single step - */ -int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - /* Change state now, so that it is right in mbedtls_ssl_read_record(), used - * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && - ssl->handshake->new_session_ticket != 0 ) - { - ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET; - } -#endif - - switch( ssl->state ) - { - case MBEDTLS_SSL_HELLO_REQUEST: - ssl->state = MBEDTLS_SSL_CLIENT_HELLO; - break; - - /* - * ==> ClientHello - */ - case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_write_client_hello( ssl ); - break; - - /* - * <== ServerHello - * Certificate - * ( ServerKeyExchange ) - * ( CertificateRequest ) - * ServerHelloDone - */ - case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_parse_server_hello( ssl ); - break; - - case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = mbedtls_ssl_parse_certificate( ssl ); - break; - - case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - ret = ssl_parse_server_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_parse_certificate_request( ssl ); - break; - - case MBEDTLS_SSL_SERVER_HELLO_DONE: - ret = ssl_parse_server_hello_done( ssl ); - break; - - /* - * ==> ( Certificate/Alert ) - * ClientKeyExchange - * ( CertificateVerify ) - * ChangeCipherSpec - * Finished - */ - case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = mbedtls_ssl_write_certificate( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - ret = ssl_write_client_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_write_certificate_verify( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_FINISHED: - ret = mbedtls_ssl_write_finished( ssl ); - break; - - /* - * <== ( NewSessionTicket ) - * ChangeCipherSpec - * Finished - */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: - ret = ssl_parse_new_session_ticket( ssl ); - break; -#endif - - case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); - break; - - case MBEDTLS_SSL_SERVER_FINISHED: - ret = mbedtls_ssl_parse_finished( ssl ); - break; - - case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; - break; - - case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); - break; - - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - return( ret ); -} -#endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c deleted file mode 100644 index 56e9bdd2b..000000000 --- a/library/ssl_cookie.c +++ /dev/null @@ -1,256 +0,0 @@ -/* - * DTLS cookie callbacks implementation - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * These session callbacks use a simple chained list - * to store and retrieve the session information. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_COOKIE_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_internal.h" -#include "mbedtls/platform_util.h" - -#include - -/* - * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is - * available. Try SHA-256 first, 512 wastes resources since we need to stay - * with max 32 bytes of cookie for DTLS 1.0 - */ -#if defined(MBEDTLS_SHA256_C) -#define COOKIE_MD MBEDTLS_MD_SHA224 -#define COOKIE_MD_OUTLEN 32 -#define COOKIE_HMAC_LEN 28 -#elif defined(MBEDTLS_SHA512_C) -#define COOKIE_MD MBEDTLS_MD_SHA384 -#define COOKIE_MD_OUTLEN 48 -#define COOKIE_HMAC_LEN 28 -#elif defined(MBEDTLS_SHA1_C) -#define COOKIE_MD MBEDTLS_MD_SHA1 -#define COOKIE_MD_OUTLEN 20 -#define COOKIE_HMAC_LEN 20 -#else -#error "DTLS hello verify needs SHA-1 or SHA-2" -#endif - -/* - * Cookies are formed of a 4-bytes timestamp (or serial number) and - * an HMAC of timestemp and client ID. - */ -#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN ) - -void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ) -{ - mbedtls_md_init( &ctx->hmac_ctx ); -#if !defined(MBEDTLS_HAVE_TIME) - ctx->serial = 0; -#endif - ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT; - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); -#endif -} - -void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ) -{ - ctx->timeout = delay; -} - -void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) -{ - mbedtls_md_free( &ctx->hmac_ctx ); - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); -#endif - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) ); -} - -int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - unsigned char key[COOKIE_MD_OUTLEN]; - - if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 ) - return( ret ); - - ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) ); - if( ret != 0 ) - return( ret ); - - mbedtls_platform_zeroize( key, sizeof( key ) ); - - return( 0 ); -} - -/* - * Generate the HMAC part of a cookie - */ -static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx, - const unsigned char time[4], - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) -{ - unsigned char hmac_out[COOKIE_MD_OUTLEN]; - - if( (size_t)( end - *p ) < COOKIE_HMAC_LEN ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - - if( mbedtls_md_hmac_reset( hmac_ctx ) != 0 || - mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 || - mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 || - mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - memcpy( *p, hmac_out, COOKIE_HMAC_LEN ); - *p += COOKIE_HMAC_LEN; - - return( 0 ); -} - -/* - * Generate cookie for DTLS ClientHello verification - */ -int mbedtls_ssl_cookie_write( void *p_ctx, - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) -{ - int ret; - mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; - unsigned long t; - - if( ctx == NULL || cli_id == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( (size_t)( end - *p ) < COOKIE_LEN ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - -#if defined(MBEDTLS_HAVE_TIME) - t = (unsigned long) mbedtls_time( NULL ); -#else - t = ctx->serial++; -#endif - - (*p)[0] = (unsigned char)( t >> 24 ); - (*p)[1] = (unsigned char)( t >> 16 ); - (*p)[2] = (unsigned char)( t >> 8 ); - (*p)[3] = (unsigned char)( t ); - *p += 4; - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); -#endif - - ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, - p, end, cli_id, cli_id_len ); - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -/* - * Check a cookie - */ -int mbedtls_ssl_cookie_check( void *p_ctx, - const unsigned char *cookie, size_t cookie_len, - const unsigned char *cli_id, size_t cli_id_len ) -{ - unsigned char ref_hmac[COOKIE_HMAC_LEN]; - int ret = 0; - unsigned char *p = ref_hmac; - mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; - unsigned long cur_time, cookie_time; - - if( ctx == NULL || cli_id == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( cookie_len != COOKIE_LEN ) - return( -1 ); - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); -#endif - - if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, - &p, p + sizeof( ref_hmac ), - cli_id, cli_id_len ) != 0 ) - ret = -1; - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - if( ret != 0 ) - return( ret ); - - if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) - return( -1 ); - -#if defined(MBEDTLS_HAVE_TIME) - cur_time = (unsigned long) mbedtls_time( NULL ); -#else - cur_time = ctx->serial; -#endif - - cookie_time = ( (unsigned long) cookie[0] << 24 ) | - ( (unsigned long) cookie[1] << 16 ) | - ( (unsigned long) cookie[2] << 8 ) | - ( (unsigned long) cookie[3] ); - - if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) - return( -1 ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c deleted file mode 100644 index b8e10d6dc..000000000 --- a/library/ssl_srv.c +++ /dev/null @@ -1,4437 +0,0 @@ -/* - * SSLv3/TLSv1 server-side functions - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_SRV_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_internal.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_ECP_C) -#include "mbedtls/ecp.h" -#endif - -#if defined(MBEDTLS_HAVE_TIME) -#include "mbedtls/platform_time.h" -#endif - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, - const unsigned char *info, - size_t ilen ) -{ - if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - mbedtls_free( ssl->cli_id ); - - if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - memcpy( ssl->cli_id, info, ilen ); - ssl->cli_id_len = ilen; - - return( 0 ); -} - -void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie ) -{ - conf->f_cookie_write = f_cookie_write; - conf->f_cookie_check = f_cookie_check; - conf->p_cookie = p_cookie; -} -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - int ret; - size_t servername_list_size, hostname_len; - const unsigned char *p; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) ); - - if( len < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( servername_list_size + 2 != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - p = buf + 2; - while( servername_list_size > 2 ) - { - hostname_len = ( ( p[1] << 8 ) | p[2] ); - if( hostname_len + 3 > servername_list_size ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) - { - ret = ssl->conf->f_sni( ssl->conf->p_sni, - ssl, p + 3, hostname_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - return( 0 ); - } - - servername_list_size -= hostname_len + 3; - p += hostname_len + 3; - } - - if( servername_list_size != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) -{ - if( conf->f_psk != NULL ) - return( 1 ); - - if( conf->psk_identity_len == 0 || conf->psk_identity == NULL ) - return( 0 ); - - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( conf->psk_opaque != 0 ) - return( 1 ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - return( 0 ); -} - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) -{ - if( ssl->conf->f_psk != NULL ) - { - /* If we've used a callback to select the PSK, - * the static configuration is irrelevant. */ - - if( ssl->handshake->psk_opaque != 0 ) - return( 1 ); - - return( 0 ); - } - - if( ssl->conf->psk_opaque != 0 ) - return( 1 ); - - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - /* Check verify-data in constant-time. The length OTOH is no secret */ - if( len != 1 + ssl->verify_data_len || - buf[0] != ssl->verify_data_len || - mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data, - ssl->verify_data_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - } - else -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - { - if( len != 1 || buf[0] != 0x0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; - } - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - -/* - * Status of the implementation of signature-algorithms extension: - * - * Currently, we are only considering the signature-algorithm extension - * to pick a ciphersuite which allows us to send the ServerKeyExchange - * message with a signature-hash combination that the user allows. - * - * We do *not* check whether all certificates in our certificate - * chain are signed with an allowed signature-hash pair. - * This needs to be done at a later stage. - * - */ -static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - size_t sig_alg_list_size; - - const unsigned char *p; - const unsigned char *end = buf + len; - - mbedtls_md_type_t md_cur; - mbedtls_pk_type_t sig_cur; - - if ( len < 2 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( sig_alg_list_size + 2 != len || - sig_alg_list_size % 2 != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* Currently we only guarantee signing the ServerKeyExchange message according - * to the constraints specified in this extension (see above), so it suffices - * to remember only one suitable hash for each possible signature algorithm. - * - * This will change when we also consider certificate signatures, - * in which case we will need to remember the whole signature-hash - * pair list from the extension. - */ - - for( p = buf + 2; p < end; p += 2 ) - { - /* Silently ignore unknown signature or hash algorithms. */ - - if( ( sig_cur = mbedtls_ssl_pk_alg_from_sig( p[1] ) ) == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext" - " unknown sig alg encoding %d", p[1] ) ); - continue; - } - - /* Check if we support the hash the user proposes */ - md_cur = mbedtls_ssl_md_alg_from_hash( p[0] ); - if( md_cur == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" - " unknown hash alg encoding %d", p[0] ) ); - continue; - } - - if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 ) - { - mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" - " match sig %d and hash %d", - sig_cur, md_cur ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: " - "hash alg %d not supported", md_cur ) ); - } - } - - return( 0 ); -} -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - size_t list_size, our_size; - const unsigned char *p; - const mbedtls_ecp_curve_info *curve_info, **curves; - - if ( len < 2 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( list_size + 2 != len || - list_size % 2 != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* Should never happen unless client duplicates the extension */ - if( ssl->handshake->curves != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* Don't allow our peer to make us allocate too much memory, - * and leave room for a final 0 */ - our_size = list_size / 2 + 1; - if( our_size > MBEDTLS_ECP_DP_MAX ) - our_size = MBEDTLS_ECP_DP_MAX; - - if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - ssl->handshake->curves = curves; - - p = buf + 2; - while( list_size > 0 && our_size > 1 ) - { - curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); - - if( curve_info != NULL ) - { - *curves++ = curve_info; - our_size--; - } - - list_size -= 2; - p += 2; - } - - return( 0 ); -} - -static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - size_t list_size; - const unsigned char *p; - - if( len == 0 || (size_t)( buf[0] + 1 ) != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - list_size = buf[0]; - - p = buf + 1; - while( list_size > 0 ) - { - if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || - p[0] == MBEDTLS_ECP_PF_COMPRESSED ) - { -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - ssl->handshake->ecdh_ctx.point_format = p[0]; -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl->handshake->ecjpake_ctx.point_format = p[0]; -#endif - MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); - return( 0 ); - } - - list_size--; - p++; - } - - return( 0 ); -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || - MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - int ret; - - if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); - return( 0 ); - } - - if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, - buf, len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( ret ); - } - - /* Only mark the extension as OK when we're sure it is */ - ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ssl->session_negotiate->mfl_code = buf[0]; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ((void) buf); - - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) - ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ((void) buf); - - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && - ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { - ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; - } - - return( 0 ); -} -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) -{ - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ((void) buf); - - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && - ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { - ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; - } - - return( 0 ); -} -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t len ) -{ - int ret; - mbedtls_ssl_session session; - - mbedtls_ssl_session_init( &session ); - - if( ssl->conf->f_ticket_parse == NULL || - ssl->conf->f_ticket_write == NULL ) - { - return( 0 ); - } - - /* Remember the client asked us to send a new ticket */ - ssl->handshake->new_session_ticket = 1; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) ); - - if( len == 0 ) - return( 0 ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - /* - * Failures are ok: just ignore the ticket and proceed. - */ - if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, - buf, len ) ) != 0 ) - { - mbedtls_ssl_session_free( &session ); - - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) ); - else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) ); - else - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret ); - - return( 0 ); - } - - /* - * Keep the session ID sent by the client, since we MUST send it back to - * inform them we're accepting the ticket (RFC 5077 section 3.4) - */ - session.id_len = ssl->session_negotiate->id_len; - memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); - - mbedtls_ssl_session_free( ssl->session_negotiate ); - memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); - - /* Zeroize instead of free as we copied the content */ - mbedtls_platform_zeroize( &session, sizeof( mbedtls_ssl_session ) ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); - - ssl->handshake->resume = 1; - - /* Don't send a new ticket after all, this one is OK */ - ssl->handshake->new_session_ticket = 0; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_ALPN) -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - size_t list_len, cur_len, ours_len; - const unsigned char *theirs, *start, *end; - const char **ours; - - /* If ALPN not configured, just ignore the extension */ - if( ssl->conf->alpn_list == NULL ) - return( 0 ); - - /* - * opaque ProtocolName<1..2^8-1>; - * - * struct { - * ProtocolName protocol_name_list<2..2^16-1> - * } ProtocolNameList; - */ - - /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* - * Validate peer's list (lengths) - */ - start = buf + 2; - end = buf + len; - for( theirs = start; theirs != end; theirs += cur_len ) - { - cur_len = *theirs++; - - /* Current identifier must fit in list */ - if( cur_len > (size_t)( end - theirs ) ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* Empty strings MUST NOT be included */ - if( cur_len == 0 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - } - - /* - * Use our order of preference - */ - for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) - { - ours_len = strlen( *ours ); - for( theirs = start; theirs != end; theirs += cur_len ) - { - cur_len = *theirs++; - - if( cur_len == ours_len && - memcmp( theirs, *ours, cur_len ) == 0 ) - { - ssl->alpn_chosen = *ours; - return( 0 ); - } - } - } - - /* If we get there, no match was found */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); -} -#endif /* MBEDTLS_SSL_ALPN */ - -/* - * Auxiliary functions for ServerHello parsing and related actions - */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -/* - * Return 0 if the given key uses one of the acceptable curves, -1 otherwise - */ -#if defined(MBEDTLS_ECDSA_C) -static int ssl_check_key_curve( mbedtls_pk_context *pk, - const mbedtls_ecp_curve_info **curves ) -{ - const mbedtls_ecp_curve_info **crv = curves; - mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id; - - while( *crv != NULL ) - { - if( (*crv)->grp_id == grp_id ) - return( 0 ); - crv++; - } - - return( -1 ); -} -#endif /* MBEDTLS_ECDSA_C */ - -/* - * Try picking a certificate for this ciphersuite, - * return 0 on success and -1 on failure. - */ -static int ssl_pick_cert( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) -{ - mbedtls_ssl_key_cert *cur, *list, *fallback = NULL; - mbedtls_pk_type_t pk_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - uint32_t flags; - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_key_cert != NULL ) - list = ssl->handshake->sni_key_cert; - else -#endif - list = ssl->conf->key_cert; - - if( pk_alg == MBEDTLS_PK_NONE ) - return( 0 ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); - - if( list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) ); - return( -1 ); - } - - for( cur = list; cur != NULL; cur = cur->next ) - { - MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", - cur->cert ); - - if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); - continue; - } - - /* - * This avoids sending the client a cert it'll reject based on - * keyUsage or other extensions. - * - * It also allows the user to provision different certificates for - * different uses based on keyUsage, eg if they want to avoid signing - * and decrypting with the same RSA key. - */ - if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info, - MBEDTLS_SSL_IS_SERVER, &flags ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: " - "(extended) key usage extension" ) ); - continue; - } - -#if defined(MBEDTLS_ECDSA_C) - if( pk_alg == MBEDTLS_PK_ECDSA && - ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); - continue; - } -#endif - - /* - * Try to select a SHA-1 certificate for pre-1.2 clients, but still - * present them a SHA-higher cert rather than failing if it's the only - * one we got that satisfies the other conditions. - */ - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && - cur->cert->sig_md != MBEDTLS_MD_SHA1 ) - { - if( fallback == NULL ) - fallback = cur; - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: " - "sha-2 with pre-TLS 1.2 client" ) ); - continue; - } - } - - /* If we get there, we got a winner */ - break; - } - - if( cur == NULL ) - cur = fallback; - - /* Do not update ssl->handshake->key_cert unless there is a match */ - if( cur != NULL ) - { - ssl->handshake->key_cert = cur; - MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate", - ssl->handshake->key_cert->cert ); - return( 0 ); - } - - return( -1 ); -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/* - * Check if a given ciphersuite is suitable for use with our config/keys/etc - * Sets ciphersuite_info only if the suite matches. - */ -static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, - const mbedtls_ssl_ciphersuite_t **ciphersuite_info ) -{ - const mbedtls_ssl_ciphersuite_t *suite_info; - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - mbedtls_pk_type_t sig_type; -#endif - - suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id ); - if( suite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", suite_info->name ) ); - - if( suite_info->min_minor_ver > ssl->minor_ver || - suite_info->max_minor_ver < ssl->minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); - return( 0 ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) - return( 0 ); -#endif - -#if defined(MBEDTLS_ARC4_C) - if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); - return( 0 ); - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake " - "not configured or ext missing" ) ); - return( 0 ); - } -#endif - - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && - ( ssl->handshake->curves == NULL || - ssl->handshake->curves[0] == NULL ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " - "no common elliptic curve" ) ); - return( 0 ); - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* If the ciphersuite requires a pre-shared key and we don't - * have one, skip it now rather than failing later */ - if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); - return( 0 ); - } -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - /* If the ciphersuite requires signing, check whether - * a suitable hash algorithm is present. */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info ); - if( sig_type != MBEDTLS_PK_NONE && - mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm " - "for signature algorithm %d", sig_type ) ); - return( 0 ); - } - } - -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - /* - * Final check: if ciphersuite requires us to have a - * certificate/key of a particular type: - * - select the appropriate certificate if we have one, or - * - try the next ciphersuite if we don't - * This must be done last since we modify the key_cert list. - */ - if( ssl_pick_cert( ssl, suite_info ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " - "no suitable certificate" ) ); - return( 0 ); - } -#endif - - *ciphersuite_info = suite_info; - return( 0 ); -} - -#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) -static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) -{ - int ret, got_common_suite; - unsigned int i, j; - size_t n; - unsigned int ciph_len, sess_len, chal_len; - unsigned char *buf, *p; - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - buf = ssl->in_hdr; - - MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", - buf[2] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", - ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", - buf[3], buf[4] ) ); - - /* - * SSLv2 Client Hello - * - * Record layer: - * 0 . 1 message length - * - * SSL layer: - * 2 . 2 message type - * 3 . 4 protocol version - */ - if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || - buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF; - - if( n < 17 || n > 512 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; - ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) - ? buf[4] : ssl->conf->max_minor_ver; - - if( ssl->minor_ver < ssl->conf->min_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", - ssl->major_ver, ssl->minor_ver, - ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); - } - - ssl->handshake->max_major_ver = buf[3]; - ssl->handshake->max_minor_ver = buf[4]; - - if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); - } - - ssl->handshake->update_checksum( ssl, buf + 2, n ); - - buf = ssl->in_msg; - n = ssl->in_left - 5; - - /* - * 0 . 1 ciphersuitelist length - * 2 . 3 session id length - * 4 . 5 challenge length - * 6 . .. ciphersuitelist - * .. . .. session id - * .. . .. challenge - */ - MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n ); - - ciph_len = ( buf[0] << 8 ) | buf[1]; - sess_len = ( buf[2] << 8 ) | buf[3]; - chal_len = ( buf[4] << 8 ) | buf[5]; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d", - ciph_len, sess_len, chal_len ) ); - - /* - * Make sure each parameter length is valid - */ - if( ciph_len < 3 || ( ciph_len % 3 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - if( sess_len > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - if( chal_len < 8 || chal_len > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - if( n != 6 + ciph_len + sess_len + chal_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + 6, ciph_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", - buf + 6 + ciph_len, sess_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge", - buf + 6 + ciph_len + sess_len, chal_len ); - - p = buf + 6 + ciph_len; - ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, - sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); - - p += sess_len; - memset( ssl->handshake->randbytes, 0, 64 ); - memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); - - /* - * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV - */ - for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) - { - if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " - "during renegotiation" ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; - break; - } - } - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) - { - if( p[0] == 0 && - p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && - p[2] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) ); - - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); - - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - break; - } - } -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ - - got_common_suite = 0; - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - ciphersuite_info = NULL; -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) - for( i = 0; ciphersuites[i] != 0; i++ ) -#else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) -#endif - { - if( p[0] != 0 || - p[1] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[2] != ( ( ciphersuites[i] ) & 0xFF ) ) - continue; - - got_common_suite = 1; - - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); - - if( ciphersuite_info != NULL ) - goto have_ciphersuite_v2; - } - - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " - "but none of them usable" ) ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); - } - -have_ciphersuite_v2: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); - - ssl->session_negotiate->ciphersuite = ciphersuites[i]; - ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; - - /* - * SSLv2 Client Hello relevant renegotiation security checks - */ - if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ssl->in_left = 0; - ssl->state++; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ - -/* This function doesn't alert on errors that happen early during - ClientHello parsing because they might indicate that the client is - not talking SSL/TLS at all and would not understand our alert. */ -static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) -{ - int ret, got_common_suite; - size_t i, j; - size_t ciph_offset, comp_offset, ext_offset; - size_t msg_len, ciph_len, sess_len, comp_len, ext_len; -#if defined(MBEDTLS_SSL_PROTO_DTLS) - size_t cookie_offset, cookie_len; -#endif - unsigned char *buf, *p, *ext; -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int renegotiation_info_seen = 0; -#endif - int handshake_failure = 0; - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - int major, minor; - - /* If there is no signature-algorithm extension present, - * we need to fall back to the default values for allowed - * signature-hash pairs. */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - int sig_hash_alg_ext_present = 0; -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -read_record_header: -#endif - /* - * If renegotiating, then the input was read with mbedtls_ssl_read_record(), - * otherwise read it ourselves manually in order to support SSLv2 - * ClientHello, which doesn't use the same record layer format. - */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) -#endif - { - if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) - { - /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); - } - } - - buf = ssl->in_hdr; - -#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) -#endif - if( ( buf[0] & 0x80 ) != 0 ) - return( ssl_parse_client_hello_v2( ssl ) ); -#endif - - MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_hdr_len( ssl ) ); - - /* - * SSLv3/TLS Client Hello - * - * Record layer: - * 0 . 0 message type - * 1 . 2 protocol version - * 3 . 11 DTLS: epoch + record sequence number - * 3 . 4 message length - */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", - buf[0] ) ); - - if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", - ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]", - buf[1], buf[2] ) ); - - mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); - - /* According to RFC 5246 Appendix E.1, the version here is typically - * "{03,00}, the lowest version number supported by the client, [or] the - * value of ClientHello.client_version", so the only meaningful check here - * is the major version shouldn't be less than 3 */ - if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* For DTLS if this is the initial handshake, remember the client sequence - * number to use it in our next message (RFC 6347 4.2.1) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM -#if defined(MBEDTLS_SSL_RENEGOTIATION) - && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE -#endif - ) - { - /* Epoch should be 0 for initial handshakes */ - if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); - ssl->next_record_offset = 0; - ssl->in_left = 0; - goto read_record_header; - } - - /* No MAC to check yet, so we can update right now */ - mbedtls_ssl_dtls_replay_update( ssl ); -#endif - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - /* Set by mbedtls_ssl_read_record() */ - msg_len = ssl->in_hslen; - } - else -#endif - { - if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - if( ( ret = mbedtls_ssl_fetch_input( ssl, - mbedtls_ssl_hdr_len( ssl ) + msg_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); - } - - /* Done reading this record, get ready for the next one */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl ); - else -#endif - ssl->in_left = 0; - } - - buf = ssl->in_msg; - - MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len ); - - ssl->handshake->update_checksum( ssl, buf, msg_len ); - - /* - * Handshake layer: - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 5 DTLS only: message seqence number - * 6 . 8 DTLS only: fragment offset - * 9 . 11 DTLS only: fragment length - */ - if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); - - if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", - ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) ); - - /* We don't support fragmentation of ClientHello (yet?) */ - if( buf[1] != 0 || - msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - /* - * Copy the client's handshake message_seq on initial handshakes, - * check sequence number on renego. - */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - /* This couldn't be done in ssl_prepare_handshake_record() */ - unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | - ssl->in_msg[5]; - - if( cli_msg_seq != ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " - "%d (expected %d)", cli_msg_seq, - ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ssl->handshake->in_msg_seq++; - } - else -#endif - { - unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | - ssl->in_msg[5]; - ssl->handshake->out_msg_seq = cli_msg_seq; - ssl->handshake->in_msg_seq = cli_msg_seq + 1; - } - - /* - * For now we don't support fragmentation, so make sure - * fragment_offset == 0 and fragment_length == length - */ - if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || - memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - buf += mbedtls_ssl_hs_hdr_len( ssl ); - msg_len -= mbedtls_ssl_hs_hdr_len( ssl ); - - /* - * ClientHello layer: - * 0 . 1 protocol version - * 2 . 33 random bytes (starting with 4 bytes of Unix time) - * 34 . 35 session id length (1 byte) - * 35 . 34+x session id - * 35+x . 35+x DTLS only: cookie length (1 byte) - * 36+x . .. DTLS only: cookie - * .. . .. ciphersuite list length (2 bytes) - * .. . .. ciphersuite list - * .. . .. compression alg. list length (1 byte) - * .. . .. compression alg. list - * .. . .. extensions length (2 bytes, optional) - * .. . .. extensions (optional) - */ - - /* - * Minimal length (with everything empty and extensions omitted) is - * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can - * read at least up to session id length without worrying. - */ - if( msg_len < 38 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* - * Check and save the protocol version - */ - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 ); - - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf ); - - ssl->handshake->max_major_ver = ssl->major_ver; - ssl->handshake->max_minor_ver = ssl->minor_ver; - - if( ssl->major_ver < ssl->conf->min_major_ver || - ssl->minor_ver < ssl->conf->min_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", - ssl->major_ver, ssl->minor_ver, - ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); - } - - if( ssl->major_ver > ssl->conf->max_major_ver ) - { - ssl->major_ver = ssl->conf->max_major_ver; - ssl->minor_ver = ssl->conf->max_minor_ver; - } - else if( ssl->minor_ver > ssl->conf->max_minor_ver ) - ssl->minor_ver = ssl->conf->max_minor_ver; - - /* - * Save client random (inc. Unix time) - */ - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 ); - - memcpy( ssl->handshake->randbytes, buf + 2, 32 ); - - /* - * Check the session ID length and save session ID - */ - sess_len = buf[34]; - - if( sess_len > sizeof( ssl->session_negotiate->id ) || - sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); - - ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, - sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, buf + 35, - ssl->session_negotiate->id_len ); - - /* - * Check the cookie length and content - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - cookie_offset = 35 + sess_len; - cookie_len = buf[cookie_offset]; - - if( cookie_offset + 1 + cookie_len + 2 > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", - buf + cookie_offset + 1, cookie_len ); - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( ssl->conf->f_cookie_check != NULL -#if defined(MBEDTLS_SSL_RENEGOTIATION) - && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE -#endif - ) - { - if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, - buf + cookie_offset + 1, cookie_len, - ssl->cli_id, ssl->cli_id_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) ); - ssl->handshake->verify_cookie_len = 1; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) ); - ssl->handshake->verify_cookie_len = 0; - } - } - else -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - { - /* We know we didn't send a cookie, so it should be empty */ - if( cookie_len != 0 ) - { - /* This may be an attacker's probe, so don't send an alert */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); - } - - /* - * Check the ciphersuitelist length (will be parsed later) - */ - ciph_offset = cookie_offset + 1 + cookie_len; - } - else -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - ciph_offset = 35 + sess_len; - - ciph_len = ( buf[ciph_offset + 0] << 8 ) - | ( buf[ciph_offset + 1] ); - - if( ciph_len < 2 || - ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */ - ( ciph_len % 2 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + ciph_offset + 2, ciph_len ); - - /* - * Check the compression algorithms length and pick one - */ - comp_offset = ciph_offset + 2 + ciph_len; - - comp_len = buf[comp_offset]; - - if( comp_len < 1 || - comp_len > 16 || - comp_len + comp_offset + 1 > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", - buf + comp_offset + 1, comp_len ); - - ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; -#if defined(MBEDTLS_ZLIB_SUPPORT) - for( i = 0; i < comp_len; ++i ) - { - if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; - break; - } - } -#endif - - /* See comments in ssl_write_client_hello() */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; -#endif - - /* Do not parse the extensions if the protocol is SSLv3 */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) - { -#endif - /* - * Check the extension length - */ - ext_offset = comp_offset + 1 + comp_len; - if( msg_len > ext_offset ) - { - if( msg_len < ext_offset + 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - ext_len = ( buf[ext_offset + 0] << 8 ) - | ( buf[ext_offset + 1] ); - - if( ( ext_len > 0 && ext_len < 4 ) || - msg_len != ext_offset + 2 + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - } - else - ext_len = 0; - - ext = buf + ext_offset + 2; - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len ); - - while( ext_len != 0 ) - { - unsigned int ext_id; - unsigned int ext_size; - if ( ext_len < 4 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); - ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); - - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - switch( ext_id ) - { -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - case MBEDTLS_TLS_EXT_SERVERNAME: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); - if( ssl->conf->f_sni == NULL ) - break; - - ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - - case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); -#if defined(MBEDTLS_SSL_RENEGOTIATION) - renegotiation_info_seen = 1; -#endif - - ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - case MBEDTLS_TLS_EXT_SIG_ALG: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); - - ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - - sig_hash_alg_ext_present = 1; - break; -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); - - ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; - - case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); - ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; - - ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || - MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) ); - - ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); - - ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); - - ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); - - ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); - - ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); - - ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_ALPN) - case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - - ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", - ext_id ) ); - } - - ext_len -= 4 + ext_size; - ext += 4 + ext_size; - - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - } -#if defined(MBEDTLS_SSL_PROTO_SSL3) - } -#endif - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && - p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) ); - - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); - - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - break; - } - } -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - - /* - * Try to fall back to default hash SHA1 if the client - * hasn't provided any preferred signature-hash combinations. - */ - if( sig_hash_alg_ext_present == 0 ) - { - mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1; - - if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 ) - md_default = MBEDTLS_MD_NONE; - - mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default ); - } - -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - - /* - * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV - */ - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " - "during renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } -#endif - ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; - break; - } - } - - /* - * Renegotiation security checks - */ - if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); - handshake_failure = 1; - } -#if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && - renegotiation_info_seen == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); - handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); - handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - renegotiation_info_seen == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); - handshake_failure = 1; - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - if( handshake_failure == 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - /* - * Search for a matching ciphersuite - * (At the end because we need information from the EC-based extensions - * and certificate from the SNI callback triggered by the SNI extension.) - */ - got_common_suite = 0; - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - ciphersuite_info = NULL; -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) - for( i = 0; ciphersuites[i] != 0; i++ ) -#else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) -#endif - { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) - continue; - - got_common_suite = 1; - - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); - - if( ciphersuite_info != NULL ) - goto have_ciphersuite; - } - - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " - "but none of them usable" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); - } - -have_ciphersuite: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); - - ssl->session_negotiate->ciphersuite = ciphersuites[i]; - ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; - - ssl->state++; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); -#endif - - /* Debugging-only output for testsuite */ -#if defined(MBEDTLS_DEBUG_C) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info ); - if( sig_alg != MBEDTLS_PK_NONE ) - { - mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, - sig_alg ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", - mbedtls_ssl_hash_from_md_alg( md_alg ) ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm " - "%d - should not happen", sig_alg ) ); - } - } -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - - if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - const mbedtls_ssl_ciphersuite_t *suite = NULL; - const mbedtls_cipher_info_t *cipher = NULL; - - if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - *olen = 0; - return; - } - - /* - * RFC 7366: "If a server receives an encrypt-then-MAC request extension - * from a client and then selects a stream or Authenticated Encryption - * with Associated Data (AEAD) ciphersuite, it MUST NOT send an - * encrypt-then-MAC response extension back to the client." - */ - if( ( suite = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ) ) == NULL || - ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || - cipher->mode != MBEDTLS_MODE_CBC ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - - if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " - "extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - - if( ssl->handshake->new_session_ticket == 0 ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); - - *p++ = 0x00; - *p++ = 0x00; - - *olen = 4; -} -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - - if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - *p++ = 0x00; - *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; - *p++ = ssl->verify_data_len * 2 & 0xFF; - - memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); - p += ssl->verify_data_len; - memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); - p += ssl->verify_data_len; - } - else -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - { - *p++ = 0x00; - *p++ = 0x01; - *p++ = 0x00; - } - - *olen = p - buf; -} - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - - if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); - - *p++ = 0x00; - *p++ = 1; - - *p++ = ssl->session_negotiate->mfl_code; - - *olen = 5; -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - unsigned char *p = buf; - ((void) ssl); - - if( ( ssl->handshake->cli_exts & - MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); - - *p++ = 0x00; - *p++ = 2; - - *p++ = 1; - *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED; - - *olen = 6; -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) -{ - int ret; - unsigned char *p = buf; - const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t kkpp_len; - - *olen = 0; - - /* Skip costly computation if not needed */ - if( ssl->transform_negotiate->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) ); - - if( end - p < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); - return; - } - - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); - - ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret ); - return; - } - - *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); - - *olen = kkpp_len + 4; -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_SSL_ALPN ) -static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - if( ssl->alpn_chosen == NULL ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); - - /* - * 0 . 1 ext identifier - * 2 . 3 ext length - * 4 . 5 protocol list length - * 6 . 6 protocol name length - * 7 . 7+n protocol name - */ - buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); - - *olen = 7 + strlen( ssl->alpn_chosen ); - - buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); - buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); - - buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); - buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); - - buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF ); - - memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned char *p = ssl->out_msg + 4; - unsigned char *cookie_len_byte; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) ); - - /* - * struct { - * ProtocolVersion server_version; - * opaque cookie<0..2^8-1>; - * } HelloVerifyRequest; - */ - - /* The RFC is not clear on this point, but sending the actual negotiated - * version looks like the most interoperable thing to do. */ - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, p ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); - p += 2; - - /* If we get here, f_cookie_check is not null */ - if( ssl->conf->f_cookie_write == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* Skip length byte until we know the length */ - cookie_len_byte = p++; - - if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, - &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, - ssl->cli_id, ssl->cli_id_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); - return( ret ); - } - - *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte ); - - ssl->out_msglen = p - ssl->out_msg; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; - - ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - -static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t; -#endif - int ret; - size_t olen, ext_len = 0, n; - unsigned char *buf, *p; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->verify_cookie_len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); - - return( ssl_write_hello_verify_request( ssl ) ); - } -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( MBEDTLS_ERR_SSL_NO_RNG ); - } - - /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 5 protocol version - * 6 . 9 UNIX time() - * 10 . 37 random bytes - */ - buf = ssl->out_msg; - p = buf + 4; - - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, p ); - p += 2; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", - buf[4], buf[5] ) ); - -#if defined(MBEDTLS_HAVE_TIME) - t = mbedtls_time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); -#else - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) - return( ret ); - - p += 4; -#endif /* MBEDTLS_HAVE_TIME */ - - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) - return( ret ); - - p += 28; - - memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); - - /* - * Resume is 0 by default, see ssl_handshake_init(). - * It may be already set to 1 by ssl_parse_session_ticket_ext(). - * If not, try looking up session ID in our cache. - */ - if( ssl->handshake->resume == 0 && -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE && -#endif - ssl->session_negotiate->id_len != 0 && - ssl->conf->f_get_cache != NULL && - ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); - ssl->handshake->resume = 1; - } - - if( ssl->handshake->resume == 0 ) - { - /* - * New session, create a new session id, - * unless we're about to issue a session ticket - */ - ssl->state++; - -#if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = mbedtls_time( NULL ); -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - { - ssl->session_negotiate->id_len = n = 0; - memset( ssl->session_negotiate->id, 0, 32 ); - } - else -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - { - ssl->session_negotiate->id_len = n = 32; - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, - n ) ) != 0 ) - return( ret ); - } - } - else - { - /* - * Resuming a session - */ - n = ssl->session_negotiate->id_len; - ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); - } - } - - /* - * 38 . 38 session id length - * 39 . 38+n session id - * 39+n . 40+n chosen ciphersuite - * 41+n . 41+n chosen compression alg. - * 42+n . 43+n extensions length - * 44+n . 43+n+m extensions - */ - *p++ = (unsigned char) ssl->session_negotiate->id_len; - memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); - p += ssl->session_negotiate->id_len; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", - ssl->handshake->resume ? "a" : "no" ) ); - - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); - *p++ = (unsigned char)( ssl->session_negotiate->compression ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", - mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", - ssl->session_negotiate->compression ) ); - - /* Do not write the extensions if the protocol is SSLv3 */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) - { -#endif - - /* - * First write extensions, then the total length - */ - ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if ( mbedtls_ssl_ciphersuite_uses_ec( - mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) - { - ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; - } -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - -#if defined(MBEDTLS_SSL_ALPN) - ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; -#endif - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) ); - - if( ext_len > 0 ) - { - *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ext_len ) & 0xFF ); - p += ext_len; - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - } -#endif - - ssl->out_msglen = p - buf; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - - ret = mbedtls_ssl_write_handshake_msg( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); - - return( ret ); -} - -#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) -static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); - - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); - ssl->state++; - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); -} -#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ -static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - size_t dn_size, total_dn_size; /* excluding length bytes */ - size_t ct_len, sa_len; /* including length bytes */ - unsigned char *buf, *p; - const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; - const mbedtls_x509_crt *crt; - int authmode; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); - - ssl->state++; - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) - authmode = ssl->handshake->sni_authmode; - else -#endif - authmode = ssl->conf->authmode; - - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) || - authmode == MBEDTLS_SSL_VERIFY_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); - return( 0 ); - } - - /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 4 cert type count - * 5 .. m-1 cert types - * m .. m+1 sig alg length (TLS 1.2 only) - * m+1 .. n-1 SignatureAndHashAlgorithms (TLS 1.2 only) - * n .. n+1 length of all DNs - * n+2 .. n+3 length of DN 1 - * n+4 .. ... Distinguished Name #1 - * ... .. ... length of DN 2, etc. - */ - buf = ssl->out_msg; - p = buf + 4; - - /* - * Supported certificate types - * - * ClientCertificateType certificate_types<1..2^8-1>; - * enum { (255) } ClientCertificateType; - */ - ct_len = 0; - -#if defined(MBEDTLS_RSA_C) - p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN; -#endif -#if defined(MBEDTLS_ECDSA_C) - p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN; -#endif - - p[0] = (unsigned char) ct_len++; - p += ct_len; - - sa_len = 0; -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - /* - * Add signature_algorithms for verify (TLS 1.2) - * - * SignatureAndHashAlgorithm supported_signature_algorithms<2..2^16-2>; - * - * struct { - * HashAlgorithm hash; - * SignatureAlgorithm signature; - * } SignatureAndHashAlgorithm; - * - * enum { (255) } HashAlgorithm; - * enum { (255) } SignatureAlgorithm; - */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - const int *cur; - - /* - * Supported signature algorithms - */ - for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) - { - unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur ); - - if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) ) - continue; - -#if defined(MBEDTLS_RSA_C) - p[2 + sa_len++] = hash; - p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA; -#endif -#if defined(MBEDTLS_ECDSA_C) - p[2 + sa_len++] = hash; - p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA; -#endif - } - - p[0] = (unsigned char)( sa_len >> 8 ); - p[1] = (unsigned char)( sa_len ); - sa_len += 2; - p += sa_len; - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - /* - * DistinguishedName certificate_authorities<0..2^16-1>; - * opaque DistinguishedName<1..2^16-1>; - */ - p += 2; - - total_dn_size = 0; - - if( ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED ) - { - /* NOTE: If trusted certificates are provisioned - * via a CA callback (configured through - * `mbedtls_ssl_conf_ca_cb()`, then the - * CertificateRequest is currently left empty. */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_ca_chain != NULL ) - crt = ssl->handshake->sni_ca_chain; - else -#endif - crt = ssl->conf->ca_chain; - - while( crt != NULL && crt->version != 0 ) - { - dn_size = crt->subject_raw.len; - - if( end < p || - (size_t)( end - p ) < dn_size || - (size_t)( end - p ) < 2 + dn_size ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) ); - break; - } - - *p++ = (unsigned char)( dn_size >> 8 ); - *p++ = (unsigned char)( dn_size ); - memcpy( p, crt->subject_raw.p, dn_size ); - p += dn_size; - - MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p - dn_size, dn_size ); - - total_dn_size += 2 + dn_size; - crt = crt->next; - } - } - - ssl->out_msglen = p - buf; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); - ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); - - ret = mbedtls_ssl_write_handshake_msg( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) -{ - int ret; - - if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); - } - - if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, - mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ), - MBEDTLS_ECDH_OURS ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && \ - defined(MBEDTLS_SSL_ASYNC_PRIVATE) -static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, - size_t *signature_len ) -{ - /* Append the signature to ssl->out_msg, leaving 2 bytes for the - * signature length which will be added in ssl_write_server_key_exchange - * after the call to ssl_prepare_server_key_exchange. - * ssl_write_server_key_exchange also takes care of incrementing - * ssl->out_msglen. */ - unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2; - size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN - - sig_start ); - int ret = ssl->conf->f_async_resume( ssl, - sig_start, signature_len, sig_max_len ); - if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - { - ssl->handshake->async_in_progress = 0; - mbedtls_ssl_set_async_operation_data( ssl, NULL ); - } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_resume_server_key_exchange", ret ); - return( ret ); -} -#endif /* defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && - defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ - -/* Prepare the ServerKeyExchange message, up to and including - * calculating the signature if any, but excluding formatting the - * signature and sending the message. */ -static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, - size_t *signature_len ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED) -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - unsigned char *dig_signed = NULL; -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */ - - (void) ciphersuite_info; /* unused in some configurations */ -#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - (void) signature_len; -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ - - ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */ - - /* - * - * Part 1: Provide key exchange parameters for chosen ciphersuite. - * - */ - - /* - * - ECJPAKE key exchanges - */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - int ret; - size_t len = 0; - - ret = mbedtls_ecjpake_write_round_two( - &ssl->handshake->ecjpake_ctx, - ssl->out_msg + ssl->out_msglen, - MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); - return( ret ); - } - - ssl->out_msglen += len; - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - - /* - * For (EC)DHE key exchanges with PSK, parameters are prefixed by support - * identity hint (RFC 4279, Sec. 3). Until someone needs this feature, - * we use empty support identity hints here. - **/ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - ssl->out_msg[ssl->out_msglen++] = 0x00; - ssl->out_msg[ssl->out_msglen++] = 0x00; - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - - /* - * - DHE key exchanges - */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) ) - { - int ret; - size_t len = 0; - - if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - /* - * Ephemeral DH parameters: - * - * struct { - * opaque dh_p<1..2^16-1>; - * opaque dh_g<1..2^16-1>; - * opaque dh_Ys<1..2^16-1>; - * } ServerDHParams; - */ - if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx, - &ssl->conf->dhm_P, - &ssl->conf->dhm_G ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_set_group", ret ); - return( ret ); - } - - if( ( ret = mbedtls_dhm_make_params( - &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - ssl->out_msg + ssl->out_msglen, &len, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret ); - return( ret ); - } - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - dig_signed = ssl->out_msg + ssl->out_msglen; -#endif - - ssl->out_msglen += len; - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED */ - - /* - * - ECDHE key exchanges - */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_ecdhe( ciphersuite_info ) ) - { - /* - * Ephemeral ECDH parameters: - * - * struct { - * ECParameters curve_params; - * ECPoint public; - * } ServerECDHParams; - */ - const mbedtls_ecp_curve_info **curve = NULL; - const mbedtls_ecp_group_id *gid; - int ret; - size_t len = 0; - - /* Match our preference list against the offered curves */ - for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) - for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) - if( (*curve)->grp_id == *gid ) - goto curve_matching_done; - -curve_matching_done: - if( curve == NULL || *curve == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); - - if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, - (*curve)->grp_id ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); - return( ret ); - } - - if( ( ret = mbedtls_ecdh_make_params( - &ssl->handshake->ecdh_ctx, &len, - ssl->out_msg + ssl->out_msglen, - MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); - return( ret ); - } - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - dig_signed = ssl->out_msg + ssl->out_msglen; -#endif - - ssl->out_msglen += len; - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ - - /* - * - * Part 2: For key exchanges involving the server signing the - * exchange parameters, compute and add the signature here. - * - */ -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) - { - size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; - size_t hashlen = 0; - unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - int ret; - - /* - * 2.1: Choose hash algorithm: - * A: For TLS 1.2, obey signature-hash-algorithm extension - * to choose appropriate hash. - * B: For SSL3, TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1 - * (RFC 4492, Sec. 5.4) - * C: Otherwise, use MD5 + SHA1 (RFC 4346, Sec. 7.4.3) - */ - - mbedtls_md_type_t md_alg; - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - mbedtls_pk_type_t sig_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* A: For TLS 1.2, obey signature-hash-algorithm extension - * (RFC 5246, Sec. 7.4.1.4.1). */ - if( sig_alg == MBEDTLS_PK_NONE || - ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, - sig_alg ) ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - /* (... because we choose a cipher suite - * only if there is a matching hash.) */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - /* B: Default hash SHA1 */ - md_alg = MBEDTLS_MD_SHA1; - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ - MBEDTLS_SSL_PROTO_TLS1_1 */ - { - /* C: MD5 + SHA1 */ - md_alg = MBEDTLS_MD_NONE; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) ); - - /* - * 2.2: Compute the hash to be signed - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { - hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, - dig_signed, - dig_signed_len ); - if( ret != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ - MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( md_alg != MBEDTLS_MD_NONE ) - { - ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, - dig_signed, - dig_signed_len, - md_alg ); - if( ret != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); - - /* - * 2.3: Compute and add the signature - */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* - * For TLS 1.2, we need to specify signature and hash algorithm - * explicitly through a prefix to the signature. - * - * struct { - * HashAlgorithm hash; - * SignatureAlgorithm signature; - * } SignatureAndHashAlgorithm; - * - * struct { - * SignatureAndHashAlgorithm algorithm; - * opaque signature<0..2^16-1>; - * } DigitallySigned; - * - */ - - ssl->out_msg[ssl->out_msglen++] = - mbedtls_ssl_hash_from_md_alg( md_alg ); - ssl->out_msg[ssl->out_msglen++] = - mbedtls_ssl_sig_from_pk_alg( sig_alg ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_sign_start != NULL ) - { - ret = ssl->conf->f_async_sign_start( ssl, - mbedtls_ssl_own_cert( ssl ), - md_alg, hash, hashlen ); - switch( ret ) - { - case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: - /* act as if f_async_sign was null */ - break; - case 0: - ssl->handshake->async_in_progress = 1; - return( ssl_resume_server_key_exchange( ssl, signature_len ) ); - case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: - ssl->handshake->async_in_progress = 1; - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - default: - MBEDTLS_SSL_DEBUG_RET( 1, "f_async_sign_start", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - - if( mbedtls_ssl_own_key( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); - } - - /* Append the signature to ssl->out_msg, leaving 2 bytes for the - * signature length which will be added in ssl_write_server_key_exchange - * after the call to ssl_prepare_server_key_exchange. - * ssl_write_server_key_exchange also takes care of incrementing - * ssl->out_msglen. */ - if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), - md_alg, hash, hashlen, - ssl->out_msg + ssl->out_msglen + 2, - signature_len, - ssl->conf->f_rng, - ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ - - return( 0 ); -} - -/* Prepare the ServerKeyExchange message and send it. For ciphersuites - * that do not include a ServerKeyExchange message, do nothing. Either - * way, if successful, move on to the next step in the SSL state - * machine. */ -static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) -{ - int ret; - size_t signature_len = 0; -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) - /* Extract static ECDH parameters and abort if ServerKeyExchange - * is not needed. */ - if( mbedtls_ssl_ciphersuite_no_pfs( ciphersuite_info ) ) - { - /* For suites involving ECDH, extract DH parameters - * from certificate at this point. */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) ) - { - ssl_get_ecdh_params_from_cert( ssl ); - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */ - - /* Key exchanges not involving ephemeral keys don't use - * ServerKeyExchange, so end here. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); - ssl->state++; - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && \ - defined(MBEDTLS_SSL_ASYNC_PRIVATE) - /* If we have already prepared the message and there is an ongoing - * signature operation, resume signing. */ - if( ssl->handshake->async_in_progress != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming signature operation" ) ); - ret = ssl_resume_server_key_exchange( ssl, &signature_len ); - } - else -#endif /* defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && - defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ - { - /* ServerKeyExchange is needed. Prepare the message. */ - ret = ssl_prepare_server_key_exchange( ssl, &signature_len ); - } - - if( ret != 0 ) - { - /* If we're starting to write a new message, set ssl->out_msglen - * to 0. But if we're resuming after an asynchronous message, - * out_msglen is the amount of data written so far and mst be - * preserved. */ - if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange (pending)" ) ); - else - ssl->out_msglen = 0; - return( ret ); - } - - /* If there is a signature, write its length. - * ssl_prepare_server_key_exchange already wrote the signature - * itself at its proper place in the output buffer. */ -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) - if( signature_len != 0 ) - { - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); - ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", - ssl->out_msg + ssl->out_msglen, - signature_len ); - - /* Skip over the already-written signature */ - ssl->out_msglen += signature_len; - } -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ - - /* Add header and send. */ - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE; - - ssl->state++; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); - return( 0 ); -} - -static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); - - ssl->out_msglen = 4; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO_DONE; - - ssl->state++; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); -#endif - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, - const unsigned char *end ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - size_t n; - - /* - * Receive G^Y mod P, premaster = (G^Y)^X mod P - */ - if( *p + 2 > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - n = ( (*p)[0] << 8 ) | (*p)[1]; - *p += 2; - - if( *p + n > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); - } - - *p += n; - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, - unsigned char *peer_pms, - size_t *peer_pmslen, - size_t peer_pmssize ) -{ - int ret = ssl->conf->f_async_resume( ssl, - peer_pms, peer_pmslen, peer_pmssize ); - if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - { - ssl->handshake->async_in_progress = 0; - mbedtls_ssl_set_async_operation_data( ssl, NULL ); - } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_decrypt_encrypted_pms", ret ); - return( ret ); -} -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, - const unsigned char *p, - const unsigned char *end, - unsigned char *peer_pms, - size_t *peer_pmslen, - size_t peer_pmssize ) -{ - int ret; - mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl ); - mbedtls_pk_context *public_key = &mbedtls_ssl_own_cert( ssl )->pk; - size_t len = mbedtls_pk_get_len( public_key ); - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - /* If we have already started decoding the message and there is an ongoing - * decryption operation, resume signing. */ - if( ssl->handshake->async_in_progress != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming decryption operation" ) ); - return( ssl_resume_decrypt_pms( ssl, - peer_pms, peer_pmslen, peer_pmssize ) ); - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - - /* - * Prepare to decrypt the premaster using own private RSA key - */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if ( p + 2 > end ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - if( *p++ != ( ( len >> 8 ) & 0xFF ) || - *p++ != ( ( len ) & 0xFF ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - } -#endif - - if( p + len != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - /* - * Decrypt the premaster secret - */ -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_decrypt_start != NULL ) - { - ret = ssl->conf->f_async_decrypt_start( ssl, - mbedtls_ssl_own_cert( ssl ), - p, len ); - switch( ret ) - { - case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: - /* act as if f_async_decrypt_start was null */ - break; - case 0: - ssl->handshake->async_in_progress = 1; - return( ssl_resume_decrypt_pms( ssl, - peer_pms, - peer_pmslen, - peer_pmssize ) ); - case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: - ssl->handshake->async_in_progress = 1; - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - default: - MBEDTLS_SSL_DEBUG_RET( 1, "f_async_decrypt_start", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - - if( ! mbedtls_pk_can_do( private_key, MBEDTLS_PK_RSA ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); - } - - ret = mbedtls_pk_decrypt( private_key, p, len, - peer_pms, peer_pmslen, peer_pmssize, - ssl->conf->f_rng, ssl->conf->p_rng ); - return( ret ); -} - -static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, - const unsigned char *p, - const unsigned char *end, - size_t pms_offset ) -{ - int ret; - unsigned char *pms = ssl->handshake->premaster + pms_offset; - unsigned char ver[2]; - unsigned char fake_pms[48], peer_pms[48]; - unsigned char mask; - size_t i, peer_pmslen; - unsigned int diff; - - /* In case of a failure in decryption, the decryption may write less than - * 2 bytes of output, but we always read the first two bytes. It doesn't - * matter in the end because diff will be nonzero in that case due to - * peer_pmslen being less than 48, and we only care whether diff is 0. - * But do initialize peer_pms for robustness anyway. This also makes - * memory analyzers happy (don't access uninitialized memory, even - * if it's an unsigned char). */ - peer_pms[0] = peer_pms[1] = ~0; - - ret = ssl_decrypt_encrypted_pms( ssl, p, end, - peer_pms, - &peer_pmslen, - sizeof( peer_pms ) ); - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if ( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - return( ret ); -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - - mbedtls_ssl_write_version( ssl->handshake->max_major_ver, - ssl->handshake->max_minor_ver, - ssl->conf->transport, ver ); - - /* Avoid data-dependent branches while checking for invalid - * padding, to protect against timing-based Bleichenbacher-type - * attacks. */ - diff = (unsigned int) ret; - diff |= peer_pmslen ^ 48; - diff |= peer_pms[0] ^ ver[0]; - diff |= peer_pms[1] ^ ver[1]; - - /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */ - /* MSVC has a warning about unary minus on unsigned, but this is - * well-defined and precisely what we want to do here */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - mask = - ( ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif - - /* - * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding - * must not cause the connection to end immediately; instead, send a - * bad_record_mac later in the handshake. - * To protect against timing-based variants of the attack, we must - * not have any branch that depends on whether the decryption was - * successful. In particular, always generate the fake premaster secret, - * regardless of whether it will ultimately influence the output or not. - */ - ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); - if( ret != 0 ) - { - /* It's ok to abort on an RNG failure, since this does not reveal - * anything about the RSA decryption. */ - return( ret ); - } - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - if( diff != 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); -#endif - - if( sizeof( ssl->handshake->premaster ) < pms_offset || - sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - ssl->handshake->pmslen = 48; - - /* Set pms to either the true or the fake PMS, without - * data-dependent branches. */ - for( i = 0; i < ssl->handshake->pmslen; i++ ) - pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] ); - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, - const unsigned char *end ) -{ - int ret = 0; - size_t n; - - if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); - } - - /* - * Receive client pre-shared key identity name - */ - if( end - *p < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - n = ( (*p)[0] << 8 ) | (*p)[1]; - *p += 2; - - if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - if( ssl->conf->f_psk != NULL ) - { - if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) - ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; - } - else - { - /* Identity is not a big secret since clients send it in the clear, - * but treat it carefully anyway, just in case */ - if( n != ssl->conf->psk_identity_len || - mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) - { - ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; - } - } - - if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) - { - MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ); - return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); - } - - *p += n; - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) -{ - int ret; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - unsigned char *p, *end; - - ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) ) - if( ( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) && - ( ssl->handshake->async_in_progress != 0 ) ) - { - /* We've already read a record and there is an asynchronous - * operation in progress to decrypt it. So skip reading the - * record. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "will resume decryption of previously-read record" ) ); - } - else -#endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - end = ssl->in_msg + ssl->in_hslen; - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) - { - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); - return( ret ); - } - - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - ssl->handshake->premaster, - MBEDTLS_PREMASTER_SIZE, - &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); - } - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, - p, end - p) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); - } - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); - - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, - &ssl->handshake->pmslen, - ssl->handshake->premaster, - MBEDTLS_MPI_MAX_SIZE, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); - } - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); - } - - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically - * and skip the intermediate PMS. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if ( ssl->handshake->async_in_progress != 0 ) - { - /* There is an asynchronous operation in progress to - * decrypt the encrypted premaster secret, so skip - * directly to resuming this operation. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK identity already parsed" ) ); - /* Update p to skip the PSK identity. ssl_parse_encrypted_pms - * won't actually use it, but maintain p anyway for robustness. */ - p += ssl->conf->psk_identity_len + 2; - } - else -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif - - if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); - return( ret ); - } - - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); - } - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); - return( ret ); - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif - - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); - } - - if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, - p, end - p ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); - - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, - p, end - p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - - ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, - ssl->handshake->premaster, 32, &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); - } - - ssl->state++; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); - - return( 0 ); -} - -#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); - - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); - ssl->state++; - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); -} -#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - size_t i, sig_len; - unsigned char hash[48]; - unsigned char *hash_start = hash; - size_t hashlen; -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - mbedtls_pk_type_t pk_alg; -#endif - mbedtls_md_type_t md_alg; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - mbedtls_pk_context * peer_pk; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); - - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); - ssl->state++; - return( 0 ); - } - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( ssl->session_negotiate->peer_cert == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); - ssl->state++; - return( 0 ); - } -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert_digest == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); - ssl->state++; - return( 0 ); - } -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - /* Read the message without adding it to the checksum */ - ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ ); - if( 0 != ret ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret ); - return( ret ); - } - - ssl->state++; - - /* Process the message contents */ - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || - ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - - i = mbedtls_ssl_hs_hdr_len( ssl ); - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - peer_pk = &ssl->handshake->peer_pubkey; -#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { - /* Should never happen */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - peer_pk = &ssl->session_negotiate->peer_cert->pk; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - /* - * struct { - * SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only - * opaque signature<0..2^16-1>; - * } DigitallySigned; - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - md_alg = MBEDTLS_MD_NONE; - hashlen = 36; - - /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */ - if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) ) - { - hash_start += 16; - hashlen -= 16; - md_alg = MBEDTLS_MD_SHA1; - } - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || - MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - if( i + 2 > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - - /* - * Hash - */ - md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] ); - - if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" - " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - -#if !defined(MBEDTLS_MD_SHA1) - if( MBEDTLS_MD_SHA1 == md_alg ) - hash_start += 16; -#endif - - /* Info from md_alg will be used instead */ - hashlen = 0; - - i++; - - /* - * Signature - */ - if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) - == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" - " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - - /* - * Check the certificate's key type matches the signature alg - */ - if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - - i++; - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - if( i + 2 > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - - sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; - i += 2; - - if( i + sig_len != ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } - - /* Calculate hash and verify signature */ - ssl->handshake->calc_verify( ssl, hash ); - - if( ( ret = mbedtls_pk_verify( peer_pk, - md_alg, hash_start, hashlen, - ssl->in_msg + i, sig_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); - return( ret ); - } - - mbedtls_ssl_update_handshake_status( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) -{ - int ret; - size_t tlen; - uint32_t lifetime; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) ); - - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; - - /* - * struct { - * uint32 ticket_lifetime_hint; - * opaque ticket<0..2^16-1>; - * } NewSessionTicket; - * - * 4 . 7 ticket_lifetime_hint (0 = unspecified) - * 8 . 9 ticket_len (n) - * 10 . 9+n ticket content - */ - - if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, - ssl->session_negotiate, - ssl->out_msg + 10, - ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, - &tlen, &lifetime ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret ); - tlen = 0; - } - - ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; - ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; - ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; - ssl->out_msg[7] = ( lifetime ) & 0xFF; - - ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); - ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); - - ssl->out_msglen = 10 + tlen; - - /* - * Morally equivalent to updating ssl->state, but NewSessionTicket and - * ChangeCipherSpec share the same state. - */ - ssl->handshake->new_session_ticket = 0; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -/* - * SSL handshake -- server side -- single step - */ -int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); - - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - switch( ssl->state ) - { - case MBEDTLS_SSL_HELLO_REQUEST: - ssl->state = MBEDTLS_SSL_CLIENT_HELLO; - break; - - /* - * <== ClientHello - */ - case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_parse_client_hello( ssl ); - break; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); -#endif - - /* - * ==> ServerHello - * Certificate - * ( ServerKeyExchange ) - * ( CertificateRequest ) - * ServerHelloDone - */ - case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_write_server_hello( ssl ); - break; - - case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = mbedtls_ssl_write_certificate( ssl ); - break; - - case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - ret = ssl_write_server_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_write_certificate_request( ssl ); - break; - - case MBEDTLS_SSL_SERVER_HELLO_DONE: - ret = ssl_write_server_hello_done( ssl ); - break; - - /* - * <== ( Certificate/Alert ) - * ClientKeyExchange - * ( CertificateVerify ) - * ChangeCipherSpec - * Finished - */ - case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = mbedtls_ssl_parse_certificate( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - ret = ssl_parse_client_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_parse_certificate_verify( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_FINISHED: - ret = mbedtls_ssl_parse_finished( ssl ); - break; - - /* - * ==> ( NewSessionTicket ) - * ChangeCipherSpec - * Finished - */ - case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - ret = ssl_write_new_session_ticket( ssl ); - else -#endif - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - break; - - case MBEDTLS_SSL_SERVER_FINISHED: - ret = mbedtls_ssl_write_finished( ssl ); - break; - - case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; - break; - - case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); - break; - - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - return( ret ); -} -#endif /* MBEDTLS_SSL_SRV_C */ diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c deleted file mode 100644 index ed65bcd63..000000000 --- a/library/ssl_ticket.c +++ /dev/null @@ -1,595 +0,0 @@ -/* - * TLS server tickets callbacks implementation - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_TICKET_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbedtls/ssl_ticket.h" -#include "mbedtls/platform_util.h" - -#include - -/* - * Initialze context - */ -void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); -#endif -} - -#define MAX_KEY_BYTES 32 /* 256 bits */ - -#define TICKET_KEY_NAME_BYTES 4 -#define TICKET_IV_BYTES 12 -#define TICKET_CRYPT_LEN_BYTES 2 -#define TICKET_AUTH_TAG_BYTES 16 - -#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \ - TICKET_IV_BYTES + \ - TICKET_CRYPT_LEN_BYTES + \ - TICKET_AUTH_TAG_BYTES ) -#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \ - TICKET_IV_BYTES + \ - TICKET_CRYPT_LEN_BYTES ) - -/* - * Generate/update a key - */ -static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, - unsigned char index ) -{ - int ret; - unsigned char buf[MAX_KEY_BYTES]; - mbedtls_ssl_ticket_key *key = ctx->keys + index; - -#if defined(MBEDTLS_HAVE_TIME) - key->generation_time = (uint32_t) mbedtls_time( NULL ); -#endif - - if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 ) - return( ret ); - - if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 ) - return( ret ); - - /* With GCM and CCM, same context can encrypt & decrypt */ - ret = mbedtls_cipher_setkey( &key->ctx, buf, - mbedtls_cipher_get_key_bitlen( &key->ctx ), - MBEDTLS_ENCRYPT ); - - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - - return( ret ); -} - -/* - * Rotate/generate keys if necessary - */ -static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) -{ -#if !defined(MBEDTLS_HAVE_TIME) - ((void) ctx); -#else - if( ctx->ticket_lifetime != 0 ) - { - uint32_t current_time = (uint32_t) mbedtls_time( NULL ); - uint32_t key_time = ctx->keys[ctx->active].generation_time; - - if( current_time >= key_time && - current_time - key_time < ctx->ticket_lifetime ) - { - return( 0 ); - } - - ctx->active = 1 - ctx->active; - - return( ssl_ticket_gen_key( ctx, ctx->active ) ); - } - else -#endif /* MBEDTLS_HAVE_TIME */ - return( 0 ); -} - -/* - * Setup context for actual use - */ -int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_cipher_type_t cipher, - uint32_t lifetime ) -{ - int ret; - const mbedtls_cipher_info_t *cipher_info; - - ctx->f_rng = f_rng; - ctx->p_rng = p_rng; - - ctx->ticket_lifetime = lifetime; - - cipher_info = mbedtls_cipher_info_from_type( cipher); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( cipher_info->mode != MBEDTLS_MODE_GCM && - cipher_info->mode != MBEDTLS_MODE_CCM ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, - cipher_info, TICKET_AUTH_TAG_BYTES ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - return( ret ); - /* We don't yet expect to support all ciphers through PSA, - * so allow fallback to ordinary mbedtls_cipher_setup(). */ - if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) - return( ret ); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, - cipher_info, TICKET_AUTH_TAG_BYTES ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - return( ret ); - if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) - return( ret ); - - if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || - ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) - { - return( ret ); - } - - return( 0 ); -} - -/* - * Serialize a session in the following format: - * - * - If MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is enabled: - * 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session) - * n . n+2 peer_cert length = m (0 if no certificate) - * n+3 . n+2+m peer cert ASN.1 - * - * - If MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is disabled: - * 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session) - * n . n length of peer certificate digest = k (0 if no digest) - * n+1 . n+k peer certificate digest (digest type encoded in session) - */ -static int ssl_save_session( const mbedtls_ssl_session *session, - unsigned char *buf, size_t buf_len, - size_t *olen ) -{ - unsigned char *p = buf; - size_t left = buf_len; -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - size_t cert_len; -#else - size_t cert_digest_len; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( left < sizeof( mbedtls_ssl_session ) ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - - /* This also copies the values of pointer fields in the - * session to be serialized, but they'll be ignored when - * loading the session through ssl_load_session(). */ - memcpy( p, session, sizeof( mbedtls_ssl_session ) ); - p += sizeof( mbedtls_ssl_session ); - left -= sizeof( mbedtls_ssl_session ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( session->peer_cert == NULL ) - cert_len = 0; - else - cert_len = session->peer_cert->raw.len; - - if( left < 3 + cert_len ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - - *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( cert_len ) & 0xFF ); - left -= 3; - - if( session->peer_cert != NULL ) - memcpy( p, session->peer_cert->raw.p, cert_len ); - - p += cert_len; - left -= cert_len; -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( session->peer_cert_digest != NULL ) - cert_digest_len = 0; - else - cert_digest_len = session->peer_cert_digest_len; - - if( left < 1 + cert_digest_len ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - - *p++ = (unsigned char) cert_digest_len; - left--; - - if( session->peer_cert_digest != NULL ) - memcpy( p, session->peer_cert_digest, cert_digest_len ); - - p += cert_digest_len; - left -= cert_digest_len; -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - *olen = p - buf; - - return( 0 ); -} - -/* - * Unserialise session, see ssl_save_session() - */ -static int ssl_load_session( mbedtls_ssl_session *session, - const unsigned char *buf, size_t len ) -{ - const unsigned char *p = buf; - const unsigned char * const end = buf + len; -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - size_t cert_len; -#else - size_t cert_digest_len; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( sizeof( mbedtls_ssl_session ) > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - memcpy( session, p, sizeof( mbedtls_ssl_session ) ); - p += sizeof( mbedtls_ssl_session ); - - /* Non-NULL pointer fields of `session` are meaningless - * and potentially harmful. Zeroize them for safety. */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - session->peer_cert = NULL; -#else - session->peer_cert_digest = NULL; -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - session->ticket = NULL; -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* Deserialize CRT from the end of the ticket. */ - if( 3 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; - p += 3; - - if( cert_len != 0 ) - { - int ret; - - if( cert_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - - if( session->peer_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - mbedtls_x509_crt_init( session->peer_cert ); - - if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert, - p, cert_len ) ) != 0 ) - { - mbedtls_x509_crt_free( session->peer_cert ); - mbedtls_free( session->peer_cert ); - session->peer_cert = NULL; - return( ret ); - } - - p += cert_len; - } -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - /* Deserialize CRT digest from the end of the ticket. */ - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - cert_digest_len = (size_t) p[0]; - p++; - - if( cert_digest_len != 0 ) - { - if( cert_digest_len > (size_t)( end - p ) || - cert_digest_len != session->peer_cert_digest_len ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - session->peer_cert_digest = mbedtls_calloc( 1, cert_digest_len ); - if( session->peer_cert_digest == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - memcpy( session->peer_cert_digest, p, cert_digest_len ); - p += cert_digest_len; - } -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - - if( p != end ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - return( 0 ); -} - -/* - * Create session ticket, with the following structure: - * - * struct { - * opaque key_name[4]; - * opaque iv[12]; - * opaque encrypted_state<0..2^16-1>; - * opaque tag[16]; - * } ticket; - * - * The key_name, iv, and length of encrypted_state are the additional - * authenticated data. - */ - -int mbedtls_ssl_ticket_write( void *p_ticket, - const mbedtls_ssl_session *session, - unsigned char *start, - const unsigned char *end, - size_t *tlen, - uint32_t *ticket_lifetime ) -{ - int ret; - mbedtls_ssl_ticket_context *ctx = p_ticket; - mbedtls_ssl_ticket_key *key; - unsigned char *key_name = start; - unsigned char *iv = start + TICKET_KEY_NAME_BYTES; - unsigned char *state_len_bytes = iv + TICKET_IV_BYTES; - unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES; - unsigned char *tag; - size_t clear_len, ciph_len; - - *tlen = 0; - - if( ctx == NULL || ctx->f_rng == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag, - * in addition to session itself, that will be checked when writing it. */ - if( end - start < TICKET_MIN_LEN ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); -#endif - - if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) - goto cleanup; - - key = &ctx->keys[ctx->active]; - - *ticket_lifetime = ctx->ticket_lifetime; - - memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES ); - - if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 ) - goto cleanup; - - /* Dump session state */ - if( ( ret = ssl_save_session( session, - state, end - state, &clear_len ) ) != 0 || - (unsigned long) clear_len > 65535 ) - { - goto cleanup; - } - state_len_bytes[0] = ( clear_len >> 8 ) & 0xff; - state_len_bytes[1] = ( clear_len ) & 0xff; - - /* Encrypt and authenticate */ - tag = state + clear_len; - if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx, - iv, TICKET_IV_BYTES, - /* Additional data: key name, IV and length */ - key_name, TICKET_ADD_DATA_LEN, - state, clear_len, state, &ciph_len, - tag, TICKET_AUTH_TAG_BYTES ) ) != 0 ) - { - goto cleanup; - } - if( ciph_len != clear_len ) - { - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto cleanup; - } - - *tlen = TICKET_MIN_LEN + ciph_len; - -cleanup: -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -/* - * Select key based on name - */ -static mbedtls_ssl_ticket_key *ssl_ticket_select_key( - mbedtls_ssl_ticket_context *ctx, - const unsigned char name[4] ) -{ - unsigned char i; - - for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ ) - if( memcmp( name, ctx->keys[i].name, 4 ) == 0 ) - return( &ctx->keys[i] ); - - return( NULL ); -} - -/* - * Load session ticket (see mbedtls_ssl_ticket_write for structure) - */ -int mbedtls_ssl_ticket_parse( void *p_ticket, - mbedtls_ssl_session *session, - unsigned char *buf, - size_t len ) -{ - int ret; - mbedtls_ssl_ticket_context *ctx = p_ticket; - mbedtls_ssl_ticket_key *key; - unsigned char *key_name = buf; - unsigned char *iv = buf + TICKET_KEY_NAME_BYTES; - unsigned char *enc_len_p = iv + TICKET_IV_BYTES; - unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES; - unsigned char *tag; - size_t enc_len, clear_len; - - if( ctx == NULL || ctx->f_rng == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( len < TICKET_MIN_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); -#endif - - if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) - goto cleanup; - - enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; - tag = ticket + enc_len; - - if( len != TICKET_MIN_LEN + enc_len ) - { - ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - goto cleanup; - } - - /* Select key */ - if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL ) - { - /* We can't know for sure but this is a likely option unless we're - * under attack - this is only informative anyway */ - ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; - goto cleanup; - } - - /* Decrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, - iv, TICKET_IV_BYTES, - /* Additional data: key name, IV and length */ - key_name, TICKET_ADD_DATA_LEN, - ticket, enc_len, - ticket, &clear_len, - tag, TICKET_AUTH_TAG_BYTES ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) - ret = MBEDTLS_ERR_SSL_INVALID_MAC; - - goto cleanup; - } - if( clear_len != enc_len ) - { - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto cleanup; - } - - /* Actually load session */ - if( ( ret = ssl_load_session( session, ticket, clear_len ) ) != 0 ) - goto cleanup; - -#if defined(MBEDTLS_HAVE_TIME) - { - /* Check for expiration */ - mbedtls_time_t current_time = mbedtls_time( NULL ); - - if( current_time < session->start || - (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime ) - { - ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; - goto cleanup; - } - } -#endif - -cleanup: -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -/* - * Free context - */ -void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ) -{ - mbedtls_cipher_free( &ctx->keys[0].ctx ); - mbedtls_cipher_free( &ctx->keys[1].ctx ); - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); -#endif - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) ); -} - -#endif /* MBEDTLS_SSL_TICKET_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c deleted file mode 100644 index abe2450eb..000000000 --- a/library/ssl_tls.c +++ /dev/null @@ -1,10634 +0,0 @@ -/* - * SSLv3/TLSv1 shared functions - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * The SSL 3.0 specification was drafted by Netscape in 1996, - * and became an IETF standard in 1999. - * - * http://wp.netscape.com/eng/ssl3/ - * http://www.ietf.org/rfc/rfc2246.txt - * http://www.ietf.org/rfc/rfc4346.txt - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_TLS_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_internal.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" -#include "psa/crypto.h" -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#include "mbedtls/oid.h" -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" -#endif - -static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); - -/* Length of the "epoch" field in the record header */ -static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 2 ); -#else - ((void) ssl); -#endif - return( 0 ); -} - -/* - * Start a timer. - * Passing millisecs = 0 cancels a running timer. - */ -static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) -{ - if( ssl->f_set_timer == NULL ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) ); - ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs ); -} - -/* - * Return -1 is timer is expired, 0 if it isn't. - */ -static int ssl_check_timer( mbedtls_ssl_context *ssl ) -{ - if( ssl->f_get_timer == NULL ) - return( 0 ); - - if( ssl->f_get_timer( ssl->p_timer ) == 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) ); - return( -1 ); - } - - return( 0 ); -} - -static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ); -static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ); - -#define SSL_DONT_FORCE_FLUSH 0 -#define SSL_FORCE_FLUSH 1 - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - -/* Forward declarations for functions related to message buffering. */ -static void ssl_buffering_free( mbedtls_ssl_context *ssl ); -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ); -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); -static int ssl_buffer_message( mbedtls_ssl_context *ssl ); -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); -static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); - -static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); -static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) -{ - size_t mtu = ssl_get_current_mtu( ssl ); - - if( mtu != 0 && mtu < MBEDTLS_SSL_OUT_BUFFER_LEN ) - return( mtu ); - - return( MBEDTLS_SSL_OUT_BUFFER_LEN ); -} - -static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) -{ - size_t const bytes_written = ssl->out_left; - size_t const mtu = ssl_get_maximum_datagram_size( ssl ); - - /* Double-check that the write-index hasn't gone - * past what we can transmit in a single datagram. */ - if( bytes_written > mtu ) - { - /* Should never happen... */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - return( (int) ( mtu - bytes_written ) ); -} - -static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) -{ - int ret; - size_t remaining, expansion; - size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); - - if( max_len > mfl ) - max_len = mfl; - - /* By the standard (RFC 6066 Sect. 4), the MFL extension - * only limits the maximum record payload size, so in theory - * we would be allowed to pack multiple records of payload size - * MFL into a single datagram. However, this would mean that there's - * no way to explicitly communicate MTU restrictions to the peer. - * - * The following reduction of max_len makes sure that we never - * write datagrams larger than MFL + Record Expansion Overhead. - */ - if( max_len <= ssl->out_left ) - return( 0 ); - - max_len -= ssl->out_left; -#endif - - ret = ssl_get_remaining_space_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); - remaining = (size_t) ret; - - ret = mbedtls_ssl_get_record_expansion( ssl ); - if( ret < 0 ) - return( ret ); - expansion = (size_t) ret; - - if( remaining <= expansion ) - return( 0 ); - - remaining -= expansion; - if( remaining >= max_len ) - remaining = max_len; - - return( (int) remaining ); -} - -/* - * Double the retransmit timeout value, within the allowed range, - * returning -1 if the maximum value has already been reached. - */ -static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) -{ - uint32_t new_timeout; - - if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) - return( -1 ); - - /* Implement the final paragraph of RFC 6347 section 4.1.1.1 - * in the following way: after the initial transmission and a first - * retransmission, back off to a temporary estimated MTU of 508 bytes. - * This value is guaranteed to be deliverable (if not guaranteed to be - * delivered) of any compliant IPv4 (and IPv6) network, and should work - * on most non-IP stacks too. */ - if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min ) - { - ssl->handshake->mtu = 508; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) ); - } - - new_timeout = 2 * ssl->handshake->retransmit_timeout; - - /* Avoid arithmetic overflow and range overflow */ - if( new_timeout < ssl->handshake->retransmit_timeout || - new_timeout > ssl->conf->hs_timeout_max ) - { - new_timeout = ssl->conf->hs_timeout_max; - } - - ssl->handshake->retransmit_timeout = new_timeout; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", - ssl->handshake->retransmit_timeout ) ); - - return( 0 ); -} - -static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl ) -{ - ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", - ssl->handshake->retransmit_timeout ) ); -} -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -/* - * Convert max_fragment_length codes to length. - * RFC 6066 says: - * enum{ - * 2^9(1), 2^10(2), 2^11(3), 2^12(4), (255) - * } MaxFragmentLength; - * and we add 0 -> extension unused - */ -static unsigned int ssl_mfl_code_to_length( int mfl ) -{ - switch( mfl ) - { - case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: - return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); - case MBEDTLS_SSL_MAX_FRAG_LEN_512: - return 512; - case MBEDTLS_SSL_MAX_FRAG_LEN_1024: - return 1024; - case MBEDTLS_SSL_MAX_FRAG_LEN_2048: - return 2048; - case MBEDTLS_SSL_MAX_FRAG_LEN_4096: - return 4096; - default: - return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); - } -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, - const mbedtls_ssl_session *src ) -{ - mbedtls_ssl_session_free( dst ); - memcpy( dst, src, sizeof( mbedtls_ssl_session ) ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( src->peer_cert != NULL ) - { - int ret; - - dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) ); - if( dst->peer_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - mbedtls_x509_crt_init( dst->peer_cert ); - - if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p, - src->peer_cert->raw.len ) ) != 0 ) - { - mbedtls_free( dst->peer_cert ); - dst->peer_cert = NULL; - return( ret ); - } - } -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( src->peer_cert_digest != NULL ) - { - dst->peer_cert_digest = - mbedtls_calloc( 1, src->peer_cert_digest_len ); - if( dst->peer_cert_digest == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - memcpy( dst->peer_cert_digest, src->peer_cert_digest, - src->peer_cert_digest_len ); - dst->peer_cert_digest_type = src->peer_cert_digest_type; - dst->peer_cert_digest_len = src->peer_cert_digest_len; - } -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( src->ticket != NULL ) - { - dst->ticket = mbedtls_calloc( 1, src->ticket_len ); - if( dst->ticket == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - memcpy( dst->ticket, src->ticket, src->ticket_len ); - } -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) -int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen ) = NULL; -int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL; -int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - -/* - * Key material generation - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) -static int ssl3_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - int ret = 0; - size_t i; - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - unsigned char padding[16]; - unsigned char sha1sum[20]; - ((void)label); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - /* - * SSLv3: - * block = - * MD5( secret + SHA1( 'A' + secret + random ) ) + - * MD5( secret + SHA1( 'BB' + secret + random ) ) + - * MD5( secret + SHA1( 'CCC' + secret + random ) ) + - * ... - */ - for( i = 0; i < dlen / 16; i++ ) - { - memset( padding, (unsigned char) ('A' + i), 1 + i ); - - if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 ) - goto exit; - } - -exit: - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - mbedtls_platform_zeroize( padding, sizeof( padding ) ); - mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); - - return( ret ); -} -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static int tls1_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - size_t nb, hs; - size_t i, j, k; - const unsigned char *S1, *S2; - unsigned char tmp[128]; - unsigned char h_i[20]; - const mbedtls_md_info_t *md_info; - mbedtls_md_context_t md_ctx; - int ret; - - mbedtls_md_init( &md_ctx ); - - if( sizeof( tmp ) < 20 + strlen( label ) + rlen ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - hs = ( slen + 1 ) / 2; - S1 = secret; - S2 = secret + slen - hs; - - nb = strlen( label ); - memcpy( tmp + 20, label, nb ); - memcpy( tmp + 20 + nb, random, rlen ); - nb += rlen; - - /* - * First compute P_md5(secret,label+random)[0..dlen] - */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); - - mbedtls_md_hmac_starts( &md_ctx, S1, hs ); - mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - - for( i = 0; i < dlen; i += 16 ) - { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); - - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); - mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - - k = ( i + 16 > dlen ) ? dlen % 16 : 16; - - for( j = 0; j < k; j++ ) - dstbuf[i + j] = h_i[j]; - } - - mbedtls_md_free( &md_ctx ); - - /* - * XOR out with P_sha1(secret,label+random)[0..dlen] - */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); - - mbedtls_md_hmac_starts( &md_ctx, S2, hs ); - mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); - - for( i = 0; i < dlen; i += 20 ) - { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); - - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); - - k = ( i + 20 > dlen ) ? dlen % 20 : 20; - - for( j = 0; j < k; j++ ) - dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); - } - - mbedtls_md_free( &md_ctx ); - - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_USE_PSA_CRYPTO) -static int tls_prf_generic( mbedtls_md_type_t md_type, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - psa_status_t status; - psa_algorithm_t alg; - psa_key_policy_t policy; - psa_key_handle_t master_slot; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - - if( ( status = psa_allocate_key( &master_slot ) ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - if( md_type == MBEDTLS_MD_SHA384 ) - alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384); - else - alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256); - - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, - PSA_KEY_USAGE_DERIVE, - alg ); - status = psa_set_key_policy( master_slot, &policy ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - status = psa_import_key( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - status = psa_key_derivation( &generator, - master_slot, alg, - random, rlen, - (unsigned char const *) label, - (size_t) strlen( label ), - dlen ); - if( status != PSA_SUCCESS ) - { - psa_generator_abort( &generator ); - psa_destroy_key( master_slot ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = psa_generator_read( &generator, dstbuf, dlen ); - if( status != PSA_SUCCESS ) - { - psa_generator_abort( &generator ); - psa_destroy_key( master_slot ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = psa_generator_abort( &generator ); - if( status != PSA_SUCCESS ) - { - psa_destroy_key( master_slot ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = psa_destroy_key( master_slot ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - return( 0 ); -} - -#else /* MBEDTLS_USE_PSA_CRYPTO */ - -static int tls_prf_generic( mbedtls_md_type_t md_type, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - size_t nb; - size_t i, j, k, md_len; - unsigned char tmp[128]; - unsigned char h_i[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; - mbedtls_md_context_t md_ctx; - int ret; - - mbedtls_md_init( &md_ctx ); - - if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - - md_len = mbedtls_md_get_size( md_info ); - - if( sizeof( tmp ) < md_len + strlen( label ) + rlen ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - nb = strlen( label ); - memcpy( tmp + md_len, label, nb ); - memcpy( tmp + md_len + nb, random, rlen ); - nb += rlen; - - /* - * Compute P_(secret, label + random)[0..dlen] - */ - if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); - - mbedtls_md_hmac_starts( &md_ctx, secret, slen ); - mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); - - for( i = 0; i < dlen; i += md_len ) - { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); - - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); - - k = ( i + md_len > dlen ) ? dlen % md_len : md_len; - - for( j = 0; j < k; j++ ) - dstbuf[i + j] = h_i[j]; - } - - mbedtls_md_free( &md_ctx ); - - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); - - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_SHA256_C) -static int tls_prf_sha256( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen, - label, random, rlen, dstbuf, dlen ) ); -} -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -static int tls_prf_sha384( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, - label, random, rlen, dstbuf, dlen ) ); -} -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t ); -#endif - -#if defined(MBEDTLS_SSL_PROTO_SSL3) -static void ssl_calc_verify_ssl( mbedtls_ssl_context *, unsigned char * ); -static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int ); -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_calc_verify_tls( mbedtls_ssl_context *, unsigned char * ); -static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int ); -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *,unsigned char * ); -static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); -#endif - -#if defined(MBEDTLS_SHA512_C) -static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *, unsigned char * ); -static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ - defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) -{ - if( ssl->conf->f_psk != NULL ) - { - /* If we've used a callback to select the PSK, - * the static configuration is irrelevant. */ - if( ssl->handshake->psk_opaque != 0 ) - return( 1 ); - - return( 0 ); - } - - if( ssl->conf->psk_opaque != 0 ) - return( 1 ); - - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO && - MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) -{ - int ret = 0; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - int psa_fallthrough; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - unsigned char tmp[64]; - unsigned char keyblk[256]; - unsigned char *key1; - unsigned char *key2; - unsigned char *mac_enc; - unsigned char *mac_dec; - size_t mac_key_len; - size_t iv_copy_len; - size_t taglen = 0; - const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; - - /* cf. RFC 5246, Section 8.1: - * "The master secret is always exactly 48 bytes in length." */ - size_t const master_secret_len = 48; - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - unsigned char session_hash[48]; -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - - mbedtls_ssl_session *session = ssl->session_negotiate; - mbedtls_ssl_transform *transform = ssl->transform_negotiate; - mbedtls_ssl_handshake_params *handshake = ssl->handshake; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); - - cipher_info = mbedtls_cipher_info_from_type( transform->ciphersuite_info->cipher ); - if( cipher_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", - transform->ciphersuite_info->cipher ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - md_info = mbedtls_md_info_from_type( transform->ciphersuite_info->mac ); - if( md_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", - transform->ciphersuite_info->mac ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - /* - * Set appropriate PRF function and other SSL / TLS / TLS1.2 functions - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - handshake->tls_prf = ssl3_prf; - handshake->calc_verify = ssl_calc_verify_ssl; - handshake->calc_finished = ssl_calc_finished_ssl; - } - else -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { - handshake->tls_prf = tls1_prf; - handshake->calc_verify = ssl_calc_verify_tls; - handshake->calc_finished = ssl_calc_finished_tls; - } - else -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - transform->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - { - handshake->tls_prf = tls_prf_sha384; - handshake->calc_verify = ssl_calc_verify_tls_sha384; - handshake->calc_finished = ssl_calc_finished_tls_sha384; - } - else -#endif -#if defined(MBEDTLS_SHA256_C) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - handshake->tls_prf = tls_prf_sha256; - handshake->calc_verify = ssl_calc_verify_tls_sha256; - handshake->calc_finished = ssl_calc_finished_tls_sha256; - } - else -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* - * SSLv3: - * master = - * MD5( premaster + SHA1( 'A' + premaster + randbytes ) ) + - * MD5( premaster + SHA1( 'BB' + premaster + randbytes ) ) + - * MD5( premaster + SHA1( 'CCC' + premaster + randbytes ) ) - * - * TLSv1+: - * master = PRF( premaster, "master secret", randbytes )[0..47] - */ - if( handshake->resume != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); - } - else - { - /* The label for the KDF used for key expansion. - * This is either "master secret" or "extended master secret" - * depending on whether the Extended Master Secret extension - * is used. */ - char const *lbl = "master secret"; - - /* The salt for the KDF used for key expansion. - * - If the Extended Master Secret extension is not used, - * this is ClientHello.Random + ServerHello.Random - * (see Sect. 8.1 in RFC 5246). - * - If the Extended Master Secret extension is used, - * this is the transcript of the handshake so far. - * (see Sect. 4 in RFC 7627). */ - unsigned char const *salt = handshake->randbytes; - size_t salt_len = 64; - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - mbedtls_md_type_t const md_type = ciphersuite_info->mac; -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) ); - - lbl = "extended master secret"; - salt = session_hash; - ssl->handshake->calc_verify( ssl, session_hash ); -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { -#if defined(MBEDTLS_SHA512_C) - if( md_type == MBEDTLS_MD_SHA384 ) - salt_len = 48; - else -#endif /* MBEDTLS_SHA512_C */ - salt_len = 32; - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - salt_len = 36; - - MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, salt_len ); - } -#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_use_opaque_psk( ssl ) == 1 ) - { - /* Perform PSK-to-MS expansion in a single step. */ - psa_status_t status; - psa_algorithm_t alg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - psa_key_handle_t psk; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); - - psk = ssl->conf->psk_opaque; - if( ssl->handshake->psk_opaque != 0 ) - psk = ssl->handshake->psk_opaque; - - if( md_type == MBEDTLS_MD_SHA384 ) - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); - - status = psa_key_derivation( &generator, psk, alg, - salt, salt_len, - (unsigned char const *) lbl, - (size_t) strlen( lbl ), - master_secret_len ); - if( status != PSA_SUCCESS ) - { - psa_generator_abort( &generator ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = psa_generator_read( &generator, session->master, - master_secret_len ); - if( status != PSA_SUCCESS ) - { - psa_generator_abort( &generator ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = psa_generator_abort( &generator ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - else -#endif - { - ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, - lbl, salt, salt_len, - session->master, - master_secret_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", - handshake->premaster, - handshake->pmslen ); - - mbedtls_platform_zeroize( handshake->premaster, - sizeof(handshake->premaster) ); - } - } - - /* - * Swap the client and server random values. - */ - memcpy( tmp, handshake->randbytes, 64 ); - memcpy( handshake->randbytes, tmp + 32, 32 ); - memcpy( handshake->randbytes + 32, tmp, 32 ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - - /* - * SSLv3: - * key block = - * MD5( master + SHA1( 'A' + master + randbytes ) ) + - * MD5( master + SHA1( 'BB' + master + randbytes ) ) + - * MD5( master + SHA1( 'CCC' + master + randbytes ) ) + - * MD5( master + SHA1( 'DDDD' + master + randbytes ) ) + - * ... - * - * TLSv1: - * key block = PRF( master, "key expansion", randbytes ) - */ - ret = handshake->tls_prf( session->master, 48, "key expansion", - handshake->randbytes, 64, keyblk, 256 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", - mbedtls_ssl_get_ciphersuite_name( session->ciphersuite ) ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", session->master, 48 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); - - mbedtls_platform_zeroize( handshake->randbytes, - sizeof( handshake->randbytes ) ); - - /* - * Determine the appropriate key, IV and MAC length. - */ - - transform->keylen = cipher_info->key_bitlen / 8; - - if( cipher_info->mode == MBEDTLS_MODE_GCM || - cipher_info->mode == MBEDTLS_MODE_CCM || - cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) - { - size_t explicit_ivlen; - - transform->maclen = 0; - mac_key_len = 0; - - /* All modes haves 96-bit IVs; - * GCM and CCM has 4 implicit and 8 explicit bytes - * ChachaPoly has all 12 bytes implicit - */ - transform->ivlen = 12; - if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) - transform->fixed_ivlen = 12; - else - transform->fixed_ivlen = 4; - - /* All modes have 128-bit tags, except CCM_8 (ciphersuite flag) */ - taglen = transform->ciphersuite_info->flags & - MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; - - - /* Minimum length of encrypted record */ - explicit_ivlen = transform->ivlen - transform->fixed_ivlen; - transform->minlen = explicit_ivlen + taglen; - } - else - { - /* Initialize HMAC contexts */ - if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || - ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); - return( ret ); - } - - /* Get MAC length */ - mac_key_len = mbedtls_md_get_size( md_info ); - transform->maclen = mac_key_len; - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - /* - * If HMAC is to be truncated, we shall keep the leftmost bytes, - * (rfc 6066 page 13 or rfc 2104 section 4), - * so we only need to adjust the length here. - */ - if( session->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) - { - transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN; - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) - /* Fall back to old, non-compliant version of the truncated - * HMAC implementation which also truncates the key - * (Mbed TLS versions from 1.3 to 2.6.0) */ - mac_key_len = transform->maclen; -#endif - } -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - - /* IV length */ - transform->ivlen = cipher_info->iv_size; - - /* Minimum length */ - if( cipher_info->mode == MBEDTLS_MODE_STREAM ) - transform->minlen = transform->maclen; - else - { - /* - * GenericBlockCipher: - * 1. if EtM is in use: one block plus MAC - * otherwise: * first multiple of blocklen greater than maclen - * 2. IV except for SSL3 and TLS 1.0 - */ -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( session->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) - { - transform->minlen = transform->maclen - + cipher_info->block_size; - } - else -#endif - { - transform->minlen = transform->maclen - + cipher_info->block_size - - transform->maclen % cipher_info->block_size; - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 ) - ; /* No need to adjust minlen */ - else -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - transform->minlen += transform->ivlen; - } - else -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %d, minlen: %d, ivlen: %d, maclen: %d", - transform->keylen, transform->minlen, transform->ivlen, - transform->maclen ) ); - - /* - * Finally setup the cipher contexts, IVs and MAC secrets. - */ -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - key1 = keyblk + mac_key_len * 2; - key2 = keyblk + mac_key_len * 2 + transform->keylen; - - mac_enc = keyblk; - mac_dec = keyblk + mac_key_len; - - /* - * This is not used in TLS v1.1. - */ - iv_copy_len = ( transform->fixed_ivlen ) ? - transform->fixed_ivlen : transform->ivlen; - memcpy( transform->iv_enc, key2 + transform->keylen, iv_copy_len ); - memcpy( transform->iv_dec, key2 + transform->keylen + iv_copy_len, - iv_copy_len ); - } - else -#endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - key1 = keyblk + mac_key_len * 2 + transform->keylen; - key2 = keyblk + mac_key_len * 2; - - mac_enc = keyblk + mac_key_len; - mac_dec = keyblk; - - /* - * This is not used in TLS v1.1. - */ - iv_copy_len = ( transform->fixed_ivlen ) ? - transform->fixed_ivlen : transform->ivlen; - memcpy( transform->iv_dec, key1 + transform->keylen, iv_copy_len ); - memcpy( transform->iv_enc, key1 + transform->keylen + iv_copy_len, - iv_copy_len ); - } - else -#endif /* MBEDTLS_SSL_SRV_C */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( mac_key_len > sizeof transform->mac_enc ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - memcpy( transform->mac_enc, mac_enc, mac_key_len ); - memcpy( transform->mac_dec, mac_dec, mac_key_len ); - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - /* For HMAC-based ciphersuites, initialize the HMAC transforms. - For AEAD-based ciphersuites, there is nothing to do here. */ - if( mac_key_len != 0 ) - { - mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); - mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); - } - } - else -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_init != NULL ) - { - int ret = 0; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) ); - - if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, transform->keylen, - transform->iv_enc, transform->iv_dec, - iv_copy_len, - mac_enc, mac_dec, - mac_key_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - } -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( ssl->conf->f_export_keys != NULL ) - { - ssl->conf->f_export_keys( ssl->conf->p_export_keys, - session->master, keyblk, - mac_key_len, transform->keylen, - iv_copy_len ); - } -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - - /* Only use PSA-based ciphers for TLS-1.2. - * That's relevant at least for TLS-1.0, where - * we assume that mbedtls_cipher_crypt() updates - * the structure field for the IV, which the PSA-based - * implementation currently doesn't. */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, - cipher_info, taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); - return( ret ); - } - - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based encryption cipher context" ) ); - psa_fallthrough = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); - psa_fallthrough = 1; - } - } - else - psa_fallthrough = 1; -#else - psa_fallthrough = 1; -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - if( psa_fallthrough == 1 ) -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, - cipher_info ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); - return( ret ); - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - /* Only use PSA-based ciphers for TLS-1.2. - * That's relevant at least for TLS-1.0, where - * we assume that mbedtls_cipher_crypt() updates - * the structure field for the IV, which the PSA-based - * implementation currently doesn't. */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, - cipher_info, taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); - return( ret ); - } - - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based decryption cipher context" ) ); - psa_fallthrough = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); - psa_fallthrough = 1; - } - } - else - psa_fallthrough = 1; -#else - psa_fallthrough = 1; -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - if( psa_fallthrough == 1 ) -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, - cipher_info ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); - return( ret ); - } - - if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, - cipher_info->key_bitlen, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); - return( ret ); - } - - if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, - cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); - return( ret ); - } - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - if( cipher_info->mode == MBEDTLS_MODE_CBC ) - { - if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); - return( ret ); - } - - if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - - mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) ); - -#if defined(MBEDTLS_ZLIB_SUPPORT) - // Initialize compression - // - if( session->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ssl->compress_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) ); - ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); - if( ssl->compress_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - MBEDTLS_SSL_COMPRESS_BUFFER_LEN ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); - - memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); - memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); - - if( deflateInit( &transform->ctx_deflate, - Z_DEFAULT_COMPRESSION ) != Z_OK || - inflateInit( &transform->ctx_inflate ) != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); - } - } -#endif /* MBEDTLS_ZLIB_SUPPORT */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_PROTO_SSL3) -void ssl_calc_verify_ssl( mbedtls_ssl_context *ssl, unsigned char hash[36] ) -{ - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - unsigned char pad_1[48]; - unsigned char pad_2[48]; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - - memset( pad_1, 0x36, 48 ); - memset( pad_2, 0x5C, 48 ); - - mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); - mbedtls_md5_update_ret( &md5, pad_1, 48 ); - mbedtls_md5_finish_ret( &md5, hash ); - - mbedtls_md5_starts_ret( &md5 ); - mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); - mbedtls_md5_update_ret( &md5, pad_2, 48 ); - mbedtls_md5_update_ret( &md5, hash, 16 ); - mbedtls_md5_finish_ret( &md5, hash ); - - mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); - mbedtls_sha1_update_ret( &sha1, pad_1, 40 ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); - - mbedtls_sha1_starts_ret( &sha1 ); - mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); - mbedtls_sha1_update_ret( &sha1, pad_2, 40 ); - mbedtls_sha1_update_ret( &sha1, hash + 16, 20 ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - return; -} -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -void ssl_calc_verify_tls( mbedtls_ssl_context *ssl, unsigned char hash[36] ) -{ - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - - mbedtls_md5_finish_ret( &md5, hash ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - return; -} -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32] ) -{ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_status_t status; - psa_hash_operation_t sha256_psa = psa_hash_operation_init(); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha256" ) ); - status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); - return; - } - - status = psa_hash_finish( &sha256_psa, hash, 32, &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); - return; - } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, 32 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); -#else - mbedtls_sha256_context sha256; - - mbedtls_sha256_init( &sha256 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); - - mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); - mbedtls_sha256_finish_ret( &sha256, hash ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - - mbedtls_sha256_free( &sha256 ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - return; -} -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48] ) -{ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_status_t status; - psa_hash_operation_t sha384_psa = psa_hash_operation_init(); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha384" ) ); - status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); - return; - } - - status = psa_hash_finish( &sha384_psa, hash, 48, &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); - return; - } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, 48 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); -#else - mbedtls_sha512_context sha512; - - mbedtls_sha512_init( &sha512 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); - - mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); - mbedtls_sha512_finish_ret( &sha512, hash ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - - mbedtls_sha512_free( &sha512 ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - return; -} -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ) -{ - unsigned char *p = ssl->handshake->premaster; - unsigned char *end = p + sizeof( ssl->handshake->premaster ); - const unsigned char *psk = ssl->conf->psk; - size_t psk_len = ssl->conf->psk_len; - - /* If the psk callback was called, use its result */ - if( ssl->handshake->psk != NULL ) - { - psk = ssl->handshake->psk; - psk_len = ssl->handshake->psk_len; - } - - /* - * PMS = struct { - * opaque other_secret<0..2^16-1>; - * opaque psk<0..2^16-1>; - * }; - * with "other_secret" depending on the particular key exchange - */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK ) - { - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); - - if( end < p || (size_t)( end - p ) < psk_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - memset( p, 0, psk_len ); - p += psk_len; - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { - /* - * other_secret already set by the ClientKeyExchange message, - * and is 48 bytes long - */ - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - *p++ = 0; - *p++ = 48; - p += 48; - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - int ret; - size_t len; - - /* Write length only when we know the actual value */ - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - p + 2, end - ( p + 2 ), &len, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); - } - *(p++) = (unsigned char)( len >> 8 ); - *(p++) = (unsigned char)( len ); - p += len; - - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - int ret; - size_t zlen; - - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, - p + 2, end - ( p + 2 ), - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( ret ); - } - - *(p++) = (unsigned char)( zlen >> 8 ); - *(p++) = (unsigned char)( zlen ); - p += zlen; - - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* opaque psk<0..2^16-1>; */ - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - *(p++) = (unsigned char)( psk_len >> 8 ); - *(p++) = (unsigned char)( psk_len ); - - if( end < p || (size_t)( end - p ) < psk_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - memcpy( p, psk, psk_len ); - p += psk_len; - - ssl->handshake->pmslen = p - ssl->handshake->premaster; - - return( 0 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_SSL_PROTO_SSL3) -/* - * SSLv3.0 MAC functions - */ -#define SSL_MAC_MAX_BYTES 20 /* MD-5 or SHA-1 */ -static void ssl_mac( mbedtls_md_context_t *md_ctx, - const unsigned char *secret, - const unsigned char *buf, size_t len, - const unsigned char *ctr, int type, - unsigned char out[SSL_MAC_MAX_BYTES] ) -{ - unsigned char header[11]; - unsigned char padding[48]; - int padlen; - int md_size = mbedtls_md_get_size( md_ctx->md_info ); - int md_type = mbedtls_md_get_type( md_ctx->md_info ); - - /* Only MD5 and SHA-1 supported */ - if( md_type == MBEDTLS_MD_MD5 ) - padlen = 48; - else - padlen = 40; - - memcpy( header, ctr, 8 ); - header[ 8] = (unsigned char) type; - header[ 9] = (unsigned char)( len >> 8 ); - header[10] = (unsigned char)( len ); - - memset( padding, 0x36, padlen ); - mbedtls_md_starts( md_ctx ); - mbedtls_md_update( md_ctx, secret, md_size ); - mbedtls_md_update( md_ctx, padding, padlen ); - mbedtls_md_update( md_ctx, header, 11 ); - mbedtls_md_update( md_ctx, buf, len ); - mbedtls_md_finish( md_ctx, out ); - - memset( padding, 0x5C, padlen ); - mbedtls_md_starts( md_ctx ); - mbedtls_md_update( md_ctx, secret, md_size ); - mbedtls_md_update( md_ctx, padding, padlen ); - mbedtls_md_update( md_ctx, out, md_size ); - mbedtls_md_finish( md_ctx, out ); -} -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ - ( defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C)) ) -#define SSL_SOME_MODES_USE_MAC -#endif - -/* The function below is only used in the Lucky 13 counter-measure in - * ssl_decrypt_buf(). These are the defines that guard the call site. */ -#if defined(SSL_SOME_MODES_USE_MAC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) ) -/* This function makes sure every byte in the memory region is accessed - * (in ascending addresses order) */ -static void ssl_read_memory( unsigned char *p, size_t len ) -{ - unsigned char acc = 0; - volatile unsigned char force; - - for( ; len != 0; p++, len-- ) - acc ^= *p; - - force = acc; - (void) force; -} -#endif /* SSL_SOME_MODES_USE_MAC && ( TLS1 || TLS1_1 || TLS1_2 ) */ - -/* - * Encryption/decryption functions - */ -static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) -{ - mbedtls_cipher_mode_t mode; - int auth_done = 0; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); - - if( ssl->session_out == NULL || ssl->transform_out == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload", - ssl->out_msg, ssl->out_msglen ); - - /* - * Add MAC before if needed - */ -#if defined(SSL_SOME_MODES_USE_MAC) - if( mode == MBEDTLS_MODE_STREAM || - ( mode == MBEDTLS_MODE_CBC -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - && ssl->session_out->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED -#endif - ) ) - { -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - unsigned char mac[SSL_MAC_MAX_BYTES]; - - ssl_mac( &ssl->transform_out->md_ctx_enc, - ssl->transform_out->mac_enc, - ssl->out_msg, ssl->out_msglen, - ssl->out_ctr, ssl->out_msgtype, - mac ); - - memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen ); - } - else -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - unsigned char mac[MBEDTLS_SSL_MAC_ADD]; - - mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 ); - mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 ); - mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 ); - mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, - ssl->out_msg, ssl->out_msglen ); - mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); - mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); - - memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen ); - } - else -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", - ssl->out_msg + ssl->out_msglen, - ssl->transform_out->maclen ); - - ssl->out_msglen += ssl->transform_out->maclen; - auth_done++; - } -#endif /* AEAD not the only option */ - - /* - * Encrypt - */ -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( mode == MBEDTLS_MODE_STREAM ) - { - int ret; - size_t olen = 0; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " - "including %d bytes of padding", - ssl->out_msglen, 0 ) ); - - if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc, - ssl->transform_out->iv_enc, - ssl->transform_out->ivlen, - ssl->out_msg, ssl->out_msglen, - ssl->out_msg, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); - } - - if( ssl->out_msglen != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - else -#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) - if( mode == MBEDTLS_MODE_GCM || - mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CHACHAPOLY ) - { - int ret; - size_t enc_msglen, olen; - unsigned char *enc_msg; - unsigned char add_data[13]; - unsigned char iv[12]; - mbedtls_ssl_transform *transform = ssl->transform_out; - unsigned char taglen = transform->ciphersuite_info->flags & - MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; - size_t explicit_ivlen = transform->ivlen - transform->fixed_ivlen; - - /* - * Prepare additional authenticated data - */ - memcpy( add_data, ssl->out_ctr, 8 ); - add_data[8] = ssl->out_msgtype; - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, add_data + 9 ); - add_data[11] = ( ssl->out_msglen >> 8 ) & 0xFF; - add_data[12] = ssl->out_msglen & 0xFF; - - MBEDTLS_SSL_DEBUG_BUF( 4, "additional data for AEAD", add_data, 13 ); - - /* - * Generate IV - */ - if( transform->ivlen == 12 && transform->fixed_ivlen == 4 ) - { - /* GCM and CCM: fixed || explicit (=seqnum) */ - memcpy( iv, transform->iv_enc, transform->fixed_ivlen ); - memcpy( iv + transform->fixed_ivlen, ssl->out_ctr, 8 ); - memcpy( ssl->out_iv, ssl->out_ctr, 8 ); - - } - else if( transform->ivlen == 12 && transform->fixed_ivlen == 12 ) - { - /* ChachaPoly: fixed XOR sequence number */ - unsigned char i; - - memcpy( iv, transform->iv_enc, transform->fixed_ivlen ); - - for( i = 0; i < 8; i++ ) - iv[i+4] ^= ssl->out_ctr[i]; - } - else - { - /* Reminder if we ever add an AEAD mode with a different size */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)", - iv, transform->ivlen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)", - ssl->out_iv, explicit_ivlen ); - - /* - * Fix message length with added IV - */ - enc_msg = ssl->out_msg; - enc_msglen = ssl->out_msglen; - ssl->out_msglen += explicit_ivlen; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " - "including 0 bytes of padding", - ssl->out_msglen ) ); - - /* - * Encrypt and authenticate - */ - if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc, - iv, transform->ivlen, - add_data, 13, - enc_msg, enc_msglen, - enc_msg, &olen, - enc_msg + enc_msglen, taglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); - return( ret ); - } - - if( olen != enc_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ssl->out_msglen += taglen; - auth_done++; - - MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", enc_msg + enc_msglen, taglen ); - } - else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) ) - if( mode == MBEDTLS_MODE_CBC ) - { - int ret; - unsigned char *enc_msg; - size_t enc_msglen, padlen, olen = 0, i; - - padlen = ssl->transform_out->ivlen - ( ssl->out_msglen + 1 ) % - ssl->transform_out->ivlen; - if( padlen == ssl->transform_out->ivlen ) - padlen = 0; - - for( i = 0; i <= padlen; i++ ) - ssl->out_msg[ssl->out_msglen + i] = (unsigned char) padlen; - - ssl->out_msglen += padlen + 1; - - enc_msglen = ssl->out_msglen; - enc_msg = ssl->out_msg; - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - /* - * Prepend per-record IV for block cipher in TLS v1.1 and up as per - * Method 1 (6.2.3.2. in RFC4346 and RFC5246) - */ - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - /* - * Generate IV - */ - ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc, - ssl->transform_out->ivlen ); - if( ret != 0 ) - return( ret ); - - memcpy( ssl->out_iv, ssl->transform_out->iv_enc, - ssl->transform_out->ivlen ); - - /* - * Fix pointer positions and message length with added IV - */ - enc_msg = ssl->out_msg; - enc_msglen = ssl->out_msglen; - ssl->out_msglen += ssl->transform_out->ivlen; - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " - "including %d bytes of IV and %d bytes of padding", - ssl->out_msglen, ssl->transform_out->ivlen, - padlen + 1 ) ); - - if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc, - ssl->transform_out->iv_enc, - ssl->transform_out->ivlen, - enc_msg, enc_msglen, - enc_msg, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); - } - - if( enc_msglen != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { - /* - * Save IV in SSL3 and TLS1 - */ - memcpy( ssl->transform_out->iv_enc, - ssl->transform_out->cipher_ctx_enc.iv, - ssl->transform_out->ivlen ); - } -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( auth_done == 0 ) - { - unsigned char mac[MBEDTLS_SSL_MAC_ADD]; - - /* - * MAC(MAC_write_key, seq_num + - * TLSCipherText.type + - * TLSCipherText.version + - * length_of( (IV +) ENC(...) ) + - * IV + // except for TLS 1.0 - * ENC(content + padding + padding_length)); - */ - unsigned char pseudo_hdr[13]; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); - - memcpy( pseudo_hdr + 0, ssl->out_ctr, 8 ); - memcpy( pseudo_hdr + 8, ssl->out_hdr, 3 ); - pseudo_hdr[11] = (unsigned char)( ( ssl->out_msglen >> 8 ) & 0xFF ); - pseudo_hdr[12] = (unsigned char)( ( ssl->out_msglen ) & 0xFF ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); - - mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 ); - mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, - ssl->out_iv, ssl->out_msglen ); - mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); - mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); - - memcpy( ssl->out_iv + ssl->out_msglen, mac, - ssl->transform_out->maclen ); - - ssl->out_msglen += ssl->transform_out->maclen; - auth_done++; - } -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - } - else -#endif /* MBEDTLS_CIPHER_MODE_CBC && - ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C ) */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* Make extra sure authentication was performed, exactly once */ - if( auth_done != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); - - return( 0 ); -} - -static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) -{ - mbedtls_cipher_mode_t mode; - int auth_done = 0; -#if defined(SSL_SOME_MODES_USE_MAC) - size_t padlen = 0, correct = 1; -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); - - if( ssl->session_in == NULL || ssl->transform_in == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_in->cipher_ctx_dec ); - - if( ssl->in_msglen < ssl->transform_in->minlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "in_msglen (%d) < minlen (%d)", - ssl->in_msglen, ssl->transform_in->minlen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } - -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( mode == MBEDTLS_MODE_STREAM ) - { - int ret; - size_t olen = 0; - - padlen = 0; - - if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec, - ssl->transform_in->iv_dec, - ssl->transform_in->ivlen, - ssl->in_msg, ssl->in_msglen, - ssl->in_msg, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); - } - - if( ssl->in_msglen != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - else -#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) - if( mode == MBEDTLS_MODE_GCM || - mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CHACHAPOLY ) - { - int ret; - size_t dec_msglen, olen; - unsigned char *dec_msg; - unsigned char *dec_msg_result; - unsigned char add_data[13]; - unsigned char iv[12]; - mbedtls_ssl_transform *transform = ssl->transform_in; - unsigned char taglen = transform->ciphersuite_info->flags & - MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; - size_t explicit_iv_len = transform->ivlen - transform->fixed_ivlen; - - /* - * Compute and update sizes - */ - if( ssl->in_msglen < explicit_iv_len + taglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) " - "+ taglen (%d)", ssl->in_msglen, - explicit_iv_len, taglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } - dec_msglen = ssl->in_msglen - explicit_iv_len - taglen; - - dec_msg = ssl->in_msg; - dec_msg_result = ssl->in_msg; - ssl->in_msglen = dec_msglen; - - /* - * Prepare additional authenticated data - */ - memcpy( add_data, ssl->in_ctr, 8 ); - add_data[8] = ssl->in_msgtype; - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, add_data + 9 ); - add_data[11] = ( ssl->in_msglen >> 8 ) & 0xFF; - add_data[12] = ssl->in_msglen & 0xFF; - - MBEDTLS_SSL_DEBUG_BUF( 4, "additional data for AEAD", add_data, 13 ); - - /* - * Prepare IV - */ - if( transform->ivlen == 12 && transform->fixed_ivlen == 4 ) - { - /* GCM and CCM: fixed || explicit (transmitted) */ - memcpy( iv, transform->iv_dec, transform->fixed_ivlen ); - memcpy( iv + transform->fixed_ivlen, ssl->in_iv, 8 ); - - } - else if( transform->ivlen == 12 && transform->fixed_ivlen == 12 ) - { - /* ChachaPoly: fixed XOR sequence number */ - unsigned char i; - - memcpy( iv, transform->iv_dec, transform->fixed_ivlen ); - - for( i = 0; i < 8; i++ ) - iv[i+4] ^= ssl->in_ctr[i]; - } - else - { - /* Reminder if we ever add an AEAD mode with a different size */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, taglen ); - - /* - * Decrypt and authenticate - */ - if( ( ret = mbedtls_cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec, - iv, transform->ivlen, - add_data, 13, - dec_msg, dec_msglen, - dec_msg_result, &olen, - dec_msg + dec_msglen, taglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); - - if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - - return( ret ); - } - auth_done++; - - if( olen != dec_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) ) - if( mode == MBEDTLS_MODE_CBC ) - { - /* - * Decrypt and check the padding - */ - int ret; - unsigned char *dec_msg; - unsigned char *dec_msg_result; - size_t dec_msglen; - size_t minlen = 0; - size_t olen = 0; - - /* - * Check immediate ciphertext sanity - */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - minlen += ssl->transform_in->ivlen; -#endif - - if( ssl->in_msglen < minlen + ssl->transform_in->ivlen || - ssl->in_msglen < minlen + ssl->transform_in->maclen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) " - "+ 1 ) ( + expl IV )", ssl->in_msglen, - ssl->transform_in->ivlen, - ssl->transform_in->maclen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } - - dec_msglen = ssl->in_msglen; - dec_msg = ssl->in_msg; - dec_msg_result = ssl->in_msg; - - /* - * Authenticate before decrypt if enabled - */ -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( ssl->session_in->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) - { - unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; - unsigned char pseudo_hdr[13]; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); - - dec_msglen -= ssl->transform_in->maclen; - ssl->in_msglen -= ssl->transform_in->maclen; - - memcpy( pseudo_hdr + 0, ssl->in_ctr, 8 ); - memcpy( pseudo_hdr + 8, ssl->in_hdr, 3 ); - pseudo_hdr[11] = (unsigned char)( ( ssl->in_msglen >> 8 ) & 0xFF ); - pseudo_hdr[12] = (unsigned char)( ( ssl->in_msglen ) & 0xFF ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); - - mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 ); - mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, - ssl->in_iv, ssl->in_msglen ); - mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect ); - mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_iv + ssl->in_msglen, - ssl->transform_in->maclen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, - ssl->transform_in->maclen ); - - if( mbedtls_ssl_safer_memcmp( ssl->in_iv + ssl->in_msglen, mac_expect, - ssl->transform_in->maclen ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); - - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } - auth_done++; - } -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - - /* - * Check length sanity - */ - if( ssl->in_msglen % ssl->transform_in->ivlen != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0", - ssl->in_msglen, ssl->transform_in->ivlen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - /* - * Initialize for prepended IV for block cipher in TLS v1.1 and up - */ - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - unsigned char i; - dec_msglen -= ssl->transform_in->ivlen; - ssl->in_msglen -= ssl->transform_in->ivlen; - - for( i = 0; i < ssl->transform_in->ivlen; i++ ) - ssl->transform_in->iv_dec[i] = ssl->in_iv[i]; - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - - if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec, - ssl->transform_in->iv_dec, - ssl->transform_in->ivlen, - dec_msg, dec_msglen, - dec_msg_result, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); - } - - if( dec_msglen != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { - /* - * Save IV in SSL3 and TLS1 - */ - memcpy( ssl->transform_in->iv_dec, - ssl->transform_in->cipher_ctx_dec.iv, - ssl->transform_in->ivlen ); - } -#endif - - padlen = 1 + ssl->in_msg[ssl->in_msglen - 1]; - - if( ssl->in_msglen < ssl->transform_in->maclen + padlen && - auth_done == 0 ) - { -#if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)", - ssl->in_msglen, ssl->transform_in->maclen, padlen ) ); -#endif - padlen = 0; - correct = 0; - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( padlen > ssl->transform_in->ivlen ) - { -#if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, " - "should be no more than %d", - padlen, ssl->transform_in->ivlen ) ); -#endif - correct = 0; - } - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { - /* - * TLSv1+: always check the padding up to the first failure - * and fake check up to 256 bytes of padding - */ - size_t pad_count = 0, real_count = 1; - size_t padding_idx = ssl->in_msglen - padlen; - size_t i; - - /* - * Padding is guaranteed to be incorrect if: - * 1. padlen > ssl->in_msglen - * - * 2. padding_idx > MBEDTLS_SSL_IN_CONTENT_LEN + - * ssl->transform_in->maclen - * - * In both cases we reset padding_idx to a safe value (0) to - * prevent out-of-buffer reads. - */ - correct &= ( padlen <= ssl->in_msglen ); - correct &= ( padding_idx <= MBEDTLS_SSL_IN_CONTENT_LEN + - ssl->transform_in->maclen ); - - padding_idx *= correct; - - for( i = 0; i < 256; i++ ) - { - real_count &= ( i < padlen ); - pad_count += real_count * - ( ssl->in_msg[padding_idx + i] == padlen - 1 ); - } - - correct &= ( pad_count == padlen ); /* Only 1 on correct padding */ - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - if( padlen > 0 && correct == 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); -#endif - padlen &= correct * 0x1FF; - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ssl->in_msglen -= padlen; - } - else -#endif /* MBEDTLS_CIPHER_MODE_CBC && - ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C ) */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption", - ssl->in_msg, ssl->in_msglen ); -#endif - - /* - * Authenticate if not done yet. - * Compute the MAC regardless of the padding result (RFC4346, CBCTIME). - */ -#if defined(SSL_SOME_MODES_USE_MAC) - if( auth_done == 0 ) - { - unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; - - ssl->in_msglen -= ssl->transform_in->maclen; - - ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 ); - ssl->in_len[1] = (unsigned char)( ssl->in_msglen ); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - ssl_mac( &ssl->transform_in->md_ctx_dec, - ssl->transform_in->mac_dec, - ssl->in_msg, ssl->in_msglen, - ssl->in_ctr, ssl->in_msgtype, - mac_expect ); - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { - /* - * Process MAC and always update for padlen afterwards to make - * total time independent of padlen. - * - * Known timing attacks: - * - Lucky Thirteen (http://www.isg.rhul.ac.uk/tls/TLStiming.pdf) - * - * To compensate for different timings for the MAC calculation - * depending on how much padding was removed (which is determined - * by padlen), process extra_run more blocks through the hash - * function. - * - * The formula in the paper is - * extra_run = ceil( (L1-55) / 64 ) - ceil( (L2-55) / 64 ) - * where L1 is the size of the header plus the decrypted message - * plus CBC padding and L2 is the size of the header plus the - * decrypted message. This is for an underlying hash function - * with 64-byte blocks. - * We use ( (Lx+8) / 64 ) to handle 'negative Lx' values - * correctly. We round down instead of up, so -56 is the correct - * value for our calculations instead of -55. - * - * Repeat the formula rather than defining a block_size variable. - * This avoids requiring division by a variable at runtime - * (which would be marginally less efficient and would require - * linking an extra division function in some builds). - */ - size_t j, extra_run = 0; - - /* - * The next two sizes are the minimum and maximum values of - * in_msglen over all padlen values. - * - * They're independent of padlen, since we previously did - * in_msglen -= padlen. - * - * Note that max_len + maclen is never more than the buffer - * length, as we previously did in_msglen -= maclen too. - */ - const size_t max_len = ssl->in_msglen + padlen; - const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0; - - switch( ssl->transform_in->ciphersuite_info->mac ) - { -#if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \ - defined(MBEDTLS_SHA256_C) - case MBEDTLS_MD_MD5: - case MBEDTLS_MD_SHA1: - case MBEDTLS_MD_SHA256: - /* 8 bytes of message size, 64-byte compression blocks */ - extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 - - ( 13 + ssl->in_msglen + 8 ) / 64; - break; -#endif -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_MD_SHA384: - /* 16 bytes of message size, 128-byte compression blocks */ - extra_run = ( 13 + ssl->in_msglen + padlen + 16 ) / 128 - - ( 13 + ssl->in_msglen + 16 ) / 128; - break; -#endif - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - extra_run &= correct * 0xFF; - - mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_ctr, 8 ); - mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_hdr, 3 ); - mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_len, 2 ); - mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg, - ssl->in_msglen ); - /* Make sure we access everything even when padlen > 0. This - * makes the synchronisation requirements for just-in-time - * Prime+Probe attacks much tighter and hopefully impractical. */ - ssl_read_memory( ssl->in_msg + ssl->in_msglen, padlen ); - mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect ); - - /* Call mbedtls_md_process at least once due to cache attacks - * that observe whether md_process() was called of not */ - for( j = 0; j < extra_run + 1; j++ ) - mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg ); - - mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); - - /* Make sure we access all the memory that could contain the MAC, - * before we check it in the next code block. This makes the - * synchronisation requirements for just-in-time Prime+Probe - * attacks much tighter and hopefully impractical. */ - ssl_read_memory( ssl->in_msg + min_len, - max_len - min_len + ssl->transform_in->maclen ); - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, ssl->transform_in->maclen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_msg + ssl->in_msglen, - ssl->transform_in->maclen ); -#endif - - if( mbedtls_ssl_safer_memcmp( ssl->in_msg + ssl->in_msglen, mac_expect, - ssl->transform_in->maclen ) != 0 ) - { -#if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); -#endif - correct = 0; - } - auth_done++; - } - - /* - * Finally check the correct flag - */ - if( correct == 0 ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); -#endif /* SSL_SOME_MODES_USE_MAC */ - - /* Make extra sure authentication was performed, exactly once */ - if( auth_done != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - if( ssl->in_msglen == 0 ) - { -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 - && ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - /* TLS v1.2 explicitly disallows zero-length messages which are not application data */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid zero-length message type: %d", ssl->in_msgtype ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - ssl->nb_zero++; - - /* - * Three or more empty messages may be a DoS attack - * (excessive CPU consumption). - */ - if( ssl->nb_zero > 3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty " - "messages, possible DoS attack" ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } - } - else - ssl->nb_zero = 0; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ; /* in_ctr read from peer, not maintained internally */ - } - else -#endif - { - unsigned char i; - for( i = 8; i > ssl_ep_len( ssl ); i-- ) - if( ++ssl->in_ctr[i - 1] != 0 ) - break; - - /* The loop goes to its end iff the counter is wrapping */ - if( i == ssl_ep_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); - - return( 0 ); -} - -#undef MAC_NONE -#undef MAC_PLAINTEXT -#undef MAC_CIPHERTEXT - -#if defined(MBEDTLS_ZLIB_SUPPORT) -/* - * Compression/decompression functions - */ -static int ssl_compress_buf( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned char *msg_post = ssl->out_msg; - ptrdiff_t bytes_written = ssl->out_msg - ssl->out_buf; - size_t len_pre = ssl->out_msglen; - unsigned char *msg_pre = ssl->compress_buf; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); - - if( len_pre == 0 ) - return( 0 ); - - memcpy( msg_pre, ssl->out_msg, len_pre ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ", - ssl->out_msglen ) ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload", - ssl->out_msg, ssl->out_msglen ); - - ssl->transform_out->ctx_deflate.next_in = msg_pre; - ssl->transform_out->ctx_deflate.avail_in = len_pre; - ssl->transform_out->ctx_deflate.next_out = msg_post; - ssl->transform_out->ctx_deflate.avail_out = MBEDTLS_SSL_OUT_BUFFER_LEN - bytes_written; - - ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH ); - if( ret != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); - } - - ssl->out_msglen = MBEDTLS_SSL_OUT_BUFFER_LEN - - ssl->transform_out->ctx_deflate.avail_out - bytes_written; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ", - ssl->out_msglen ) ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload", - ssl->out_msg, ssl->out_msglen ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); - - return( 0 ); -} - -static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned char *msg_post = ssl->in_msg; - ptrdiff_t header_bytes = ssl->in_msg - ssl->in_buf; - size_t len_pre = ssl->in_msglen; - unsigned char *msg_pre = ssl->compress_buf; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); - - if( len_pre == 0 ) - return( 0 ); - - memcpy( msg_pre, ssl->in_msg, len_pre ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ", - ssl->in_msglen ) ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload", - ssl->in_msg, ssl->in_msglen ); - - ssl->transform_in->ctx_inflate.next_in = msg_pre; - ssl->transform_in->ctx_inflate.avail_in = len_pre; - ssl->transform_in->ctx_inflate.next_out = msg_post; - ssl->transform_in->ctx_inflate.avail_out = MBEDTLS_SSL_IN_BUFFER_LEN - - header_bytes; - - ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH ); - if( ret != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); - } - - ssl->in_msglen = MBEDTLS_SSL_IN_BUFFER_LEN - - ssl->transform_in->ctx_inflate.avail_out - header_bytes; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ", - ssl->in_msglen ) ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload", - ssl->in_msg, ssl->in_msglen ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_ZLIB_SUPPORT */ - -#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) -static int ssl_write_hello_request( mbedtls_ssl_context *ssl ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_resend_hello_request( mbedtls_ssl_context *ssl ) -{ - /* If renegotiation is not enforced, retransmit until we would reach max - * timeout if we were using the usual handshake doubling scheme */ - if( ssl->conf->renego_max_records < 0 ) - { - uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; - unsigned char doublings = 1; - - while( ratio != 0 ) - { - ++doublings; - ratio >>= 1; - } - - if( ++ssl->renego_records_seen > doublings ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "no longer retransmitting hello request" ) ); - return( 0 ); - } - } - - return( ssl_write_hello_request( ssl ) ); -} -#endif -#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ - -/* - * Fill the input message buffer by appending data to it. - * The amount of data already fetched is in ssl->in_left. - * - * If we return 0, is it guaranteed that (at least) nb_want bytes are - * available (from this read and/or a previous one). Otherwise, an error code - * is returned (possibly EOF or WANT_READ). - * - * With stream transport (TLS) on success ssl->in_left == nb_want, but - * with datagram transport (DTLS) on success ssl->in_left >= nb_want, - * since we always read a whole datagram at once. - * - * For DTLS, it is up to the caller to set ssl->next_record_offset when - * they're done reading a record. - */ -int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) -{ - int ret; - size_t len; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); - - if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " - "or mbedtls_ssl_set_bio()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - if( nb_want > MBEDTLS_SSL_IN_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - uint32_t timeout; - - /* Just to be sure */ - if( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use " - "mbedtls_ssl_set_timer_cb() for DTLS" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - /* - * The point is, we need to always read a full datagram at once, so we - * sometimes read more then requested, and handle the additional data. - * It could be the rest of the current record (while fetching the - * header) and/or some other records in the same datagram. - */ - - /* - * Move to the next record in the already read datagram if applicable - */ - if( ssl->next_record_offset != 0 ) - { - if( ssl->in_left < ssl->next_record_offset ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ssl->in_left -= ssl->next_record_offset; - - if( ssl->in_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %d", - ssl->next_record_offset ) ); - memmove( ssl->in_hdr, - ssl->in_hdr + ssl->next_record_offset, - ssl->in_left ); - } - - ssl->next_record_offset = 0; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", - ssl->in_left, nb_want ) ); - - /* - * Done if we already have enough data. - */ - if( nb_want <= ssl->in_left) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); - return( 0 ); - } - - /* - * A record can't be split across datagrams. If we need to read but - * are not at the beginning of a new record, the caller did something - * wrong. - */ - if( ssl->in_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* - * Don't even try to read if time's out already. - * This avoids by-passing the timer when repeatedly receiving messages - * that will end up being dropped. - */ - if( ssl_check_timer( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "timer has expired" ) ); - ret = MBEDTLS_ERR_SSL_TIMEOUT; - } - else - { - len = MBEDTLS_SSL_IN_BUFFER_LEN - ( ssl->in_hdr - ssl->in_buf ); - - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - timeout = ssl->handshake->retransmit_timeout; - else - timeout = ssl->conf->read_timeout; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %u ms", timeout ) ); - - if( ssl->f_recv_timeout != NULL ) - ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len, - timeout ); - else - ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len ); - - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); - - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_CONN_EOF ); - } - - if( ret == MBEDTLS_ERR_SSL_TIMEOUT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) ); - ssl_set_timer( ssl, 0 ); - - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ssl_double_retransmit_timeout( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) ); - return( MBEDTLS_ERR_SSL_TIMEOUT ); - } - - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); - return( ret ); - } - - return( MBEDTLS_ERR_SSL_WANT_READ ); - } -#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret ); - return( ret ); - } - - return( MBEDTLS_ERR_SSL_WANT_READ ); - } -#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ - } - - if( ret < 0 ) - return( ret ); - - ssl->in_left = ret; - } - else -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", - ssl->in_left, nb_want ) ); - - while( ssl->in_left < nb_want ) - { - len = nb_want - ssl->in_left; - - if( ssl_check_timer( ssl ) != 0 ) - ret = MBEDTLS_ERR_SSL_TIMEOUT; - else - { - if( ssl->f_recv_timeout != NULL ) - { - ret = ssl->f_recv_timeout( ssl->p_bio, - ssl->in_hdr + ssl->in_left, len, - ssl->conf->read_timeout ); - } - else - { - ret = ssl->f_recv( ssl->p_bio, - ssl->in_hdr + ssl->in_left, len ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", - ssl->in_left, nb_want ) ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); - - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_CONN_EOF ); - - if( ret < 0 ) - return( ret ); - - if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > SIZE_MAX ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "f_recv returned %d bytes but only %lu were requested", - ret, (unsigned long)len ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ssl->in_left += ret; - } - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); - - return( 0 ); -} - -/* - * Flush any data not yet written - */ -int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned char *buf; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); - - if( ssl->f_send == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " - "or mbedtls_ssl_set_bio()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - /* Avoid incrementing counter if data is flushed */ - if( ssl->out_left == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); - return( 0 ); - } - - while( ssl->out_left > 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d", - mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) ); - - buf = ssl->out_hdr - ssl->out_left; - ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left ); - - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret ); - - if( ret <= 0 ) - return( ret ); - - if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > SIZE_MAX ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "f_send returned %d bytes but only %lu bytes were sent", - ret, (unsigned long)ssl->out_left ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - ssl->out_left -= ret; - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->out_hdr = ssl->out_buf; - } - else -#endif - { - ssl->out_hdr = ssl->out_buf + 8; - } - ssl_update_out_pointers( ssl, ssl->transform_out ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); - - return( 0 ); -} - -/* - * Functions to handle the DTLS retransmission state machine - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) -/* - * Append current handshake message to current outgoing flight - */ -static int ssl_flight_append( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_flight_item *msg; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight", - ssl->out_msg, ssl->out_msglen ); - - /* Allocate space for current message */ - if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", - sizeof( mbedtls_ssl_flight_item ) ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", ssl->out_msglen ) ); - mbedtls_free( msg ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - /* Copy current handshake message with headers */ - memcpy( msg->p, ssl->out_msg, ssl->out_msglen ); - msg->len = ssl->out_msglen; - msg->type = ssl->out_msgtype; - msg->next = NULL; - - /* Append to the current flight */ - if( ssl->handshake->flight == NULL ) - ssl->handshake->flight = msg; - else - { - mbedtls_ssl_flight_item *cur = ssl->handshake->flight; - while( cur->next != NULL ) - cur = cur->next; - cur->next = msg; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) ); - return( 0 ); -} - -/* - * Free the current flight of handshake messages - */ -static void ssl_flight_free( mbedtls_ssl_flight_item *flight ) -{ - mbedtls_ssl_flight_item *cur = flight; - mbedtls_ssl_flight_item *next; - - while( cur != NULL ) - { - next = cur->next; - - mbedtls_free( cur->p ); - mbedtls_free( cur ); - - cur = next; - } -} - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); -#endif - -/* - * Swap transform_out and out_ctr with the alternative ones - */ -static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_transform *tmp_transform; - unsigned char tmp_out_ctr[8]; - - if( ssl->transform_out == ssl->handshake->alt_transform_out ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) ); - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) ); - - /* Swap transforms */ - tmp_transform = ssl->transform_out; - ssl->transform_out = ssl->handshake->alt_transform_out; - ssl->handshake->alt_transform_out = tmp_transform; - - /* Swap epoch + sequence_number */ - memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 ); - memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 ); - memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); - - /* Adjust to the newly activated transform */ - ssl_update_out_pointers( ssl, ssl->transform_out ); - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - } -#endif -} - -/* - * Retransmit the current flight of messages. - */ -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); - - ret = mbedtls_ssl_flight_transmit( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); - - return( ret ); -} - -/* - * Transmit or retransmit the current flight of messages. - * - * Need to remember the current message in case flush_output returns - * WANT_WRITE, causing us to exit this function and come back later. - * This function must be called until state is no longer SENDING. - */ -int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) -{ - int ret; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) ); - - if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) ); - - ssl->handshake->cur_msg = ssl->handshake->flight; - ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12; - ssl_swap_epochs( ssl ); - - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; - } - - while( ssl->handshake->cur_msg != NULL ) - { - size_t max_frag_len; - const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg; - - int const is_finished = - ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && - cur->p[0] == MBEDTLS_SSL_HS_FINISHED ); - - uint8_t const force_flush = ssl->disable_datagram_packing == 1 ? - SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; - - /* Swap epochs before sending Finished: we can't do it after - * sending ChangeCipherSpec, in case write returns WANT_READ. - * Must be done before copying, may change out_msg pointer */ - if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) ); - ssl_swap_epochs( ssl ); - } - - ret = ssl_get_remaining_payload_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); - max_frag_len = (size_t) ret; - - /* CCS is copied as is, while HS messages may need fragmentation */ - if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - if( max_frag_len == 0 ) - { - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - - continue; - } - - memcpy( ssl->out_msg, cur->p, cur->len ); - ssl->out_msglen = cur->len; - ssl->out_msgtype = cur->type; - - /* Update position inside current message */ - ssl->handshake->cur_msg_p += cur->len; - } - else - { - const unsigned char * const p = ssl->handshake->cur_msg_p; - const size_t hs_len = cur->len - 12; - const size_t frag_off = p - ( cur->p + 12 ); - const size_t rem_len = hs_len - frag_off; - size_t cur_hs_frag_len, max_hs_frag_len; - - if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) ) - { - if( is_finished ) - ssl_swap_epochs( ssl ); - - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - - continue; - } - max_hs_frag_len = max_frag_len - 12; - - cur_hs_frag_len = rem_len > max_hs_frag_len ? - max_hs_frag_len : rem_len; - - if( frag_off == 0 && cur_hs_frag_len != hs_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)", - (unsigned) cur_hs_frag_len, - (unsigned) max_hs_frag_len ) ); - } - - /* Messages are stored with handshake headers as if not fragmented, - * copy beginning of headers then fill fragmentation fields. - * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ - memcpy( ssl->out_msg, cur->p, 6 ); - - ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff ); - ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff ); - ssl->out_msg[8] = ( ( frag_off ) & 0xff ); - - ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff ); - ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff ); - ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); - - /* Copy the handshake message content and set records fields */ - memcpy( ssl->out_msg + 12, p, cur_hs_frag_len ); - ssl->out_msglen = cur_hs_frag_len + 12; - ssl->out_msgtype = cur->type; - - /* Update position inside current message */ - ssl->handshake->cur_msg_p += cur_hs_frag_len; - } - - /* If done with the current message move to the next one if any */ - if( ssl->handshake->cur_msg_p >= cur->p + cur->len ) - { - if( cur->next != NULL ) - { - ssl->handshake->cur_msg = cur->next; - ssl->handshake->cur_msg_p = cur->next->p + 12; - } - else - { - ssl->handshake->cur_msg = NULL; - ssl->handshake->cur_msg_p = NULL; - } - } - - /* Actually send the message out */ - if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); - } - } - - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - - /* Update state and set timer */ - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - else - { - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; - ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) ); - - return( 0 ); -} - -/* - * To be called when the last message of an incoming flight is received. - */ -void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) -{ - /* We won't need to resend that one any more */ - ssl_flight_free( ssl->handshake->flight ); - ssl->handshake->flight = NULL; - ssl->handshake->cur_msg = NULL; - - /* The next incoming flight will start with this msg_seq */ - ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq; - - /* We don't want to remember CCS's across flight boundaries. */ - ssl->handshake->buffering.seen_ccs = 0; - - /* Clear future message buffering structure. */ - ssl_buffering_free( ssl ); - - /* Cancel timer */ - ssl_set_timer( ssl, 0 ); - - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) - { - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - } - else - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; -} - -/* - * To be called when the last message of an outgoing flight is send. - */ -void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) -{ - ssl_reset_retransmit_timeout( ssl ); - ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); - - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) - { - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - } - else - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; -} -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -/* - * Handshake layer functions - */ - -/* - * Write (DTLS: or queue) current handshake (including CCS) message. - * - * - fill in handshake headers - * - update handshake checksum - * - DTLS: save message for resending - * - then pass to the record layer - * - * DTLS: except for HelloRequest, messages are only queued, and will only be - * actually sent when calling flight_transmit() or resend(). - * - * Inputs: - * - ssl->out_msglen: 4 + actual handshake message len - * (4 is the size of handshake headers for TLS) - * - ssl->out_msg[0]: the handshake type (ClientHello, ServerHello, etc) - * - ssl->out_msg + 4: the handshake message body - * - * Outputs, ie state before passing to flight_append() or write_record(): - * - ssl->out_msglen: the length of the record contents - * (including handshake headers but excluding record headers) - * - ssl->out_msg: the record contents (handshake headers + content) - */ -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) -{ - int ret; - const size_t hs_len = ssl->out_msglen - 4; - const unsigned char hs_type = ssl->out_msg[0]; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) ); - - /* - * Sanity checks - */ - if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - /* In SSLv3, the client might send a NoCertificate alert. */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) - if( ! ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && - ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) ) -#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - - /* Whenever we send anything different from a - * HelloRequest we should be in a handshake - double check. */ - if( ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) && - ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } -#endif - - /* Double-check that we did not exceed the bounds - * of the outgoing record buffer. - * This should never fail as the various message - * writing functions must obey the bounds of the - * outgoing record buffer, but better be safe. - * - * Note: We deliberately do not check for the MTU or MFL here. - */ - if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: " - "size %u, maximum %u", - (unsigned) ssl->out_msglen, - (unsigned) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* - * Fill handshake headers - */ - if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - ssl->out_msg[1] = (unsigned char)( hs_len >> 16 ); - ssl->out_msg[2] = (unsigned char)( hs_len >> 8 ); - ssl->out_msg[3] = (unsigned char)( hs_len ); - - /* - * DTLS has additional fields in the Handshake layer, - * between the length field and the actual payload: - * uint16 message_seq; - * uint24 fragment_offset; - * uint24 fragment_length; - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - /* Make room for the additional DTLS fields */ - if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: " - "size %u, maximum %u", - (unsigned) ( hs_len ), - (unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len ); - ssl->out_msglen += 8; - - /* Write message_seq and update it, except for HelloRequest */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - { - ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; - ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; - ++( ssl->handshake->out_msg_seq ); - } - else - { - ssl->out_msg[4] = 0; - ssl->out_msg[5] = 0; - } - - /* Handshake hashes are computed without fragmentation, - * so set frag_offset = 0 and frag_len = hs_len for now */ - memset( ssl->out_msg + 6, 0x00, 3 ); - memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - /* Update running hashes of handshake messages seen */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); - } - - /* Either send now, or just save to be sent (and resent) later */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) ) - { - if( ( ret = ssl_flight_append( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret ); - return( ret ); - } - } - else -#endif - { - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret ); - return( ret ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) ); - - return( 0 ); -} - -/* - * Record layer functions - */ - -/* - * Write current record. - * - * Uses: - * - ssl->out_msgtype: type of the message (AppData, Handshake, Alert, CCS) - * - ssl->out_msglen: length of the record content (excl headers) - * - ssl->out_msg: record content - */ -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) -{ - int ret, done = 0; - size_t len = ssl->out_msglen; - uint8_t flush = force_flush; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); - -#if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->transform_out != NULL && - ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ( ret = ssl_compress_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); - return( ret ); - } - - len = ssl->out_msglen; - } -#endif /*MBEDTLS_ZLIB_SUPPORT */ - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_write != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) ); - - ret = mbedtls_ssl_hw_record_write( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - if( ret == 0 ) - done = 1; - } -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( !done ) - { - unsigned i; - size_t protected_record_size; - - ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, ssl->out_hdr + 1 ); - - memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); - - if( ssl->transform_out != NULL ) - { - if( ( ret = ssl_encrypt_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); - return( ret ); - } - - len = ssl->out_msglen; - ssl->out_len[0] = (unsigned char)( len >> 8 ); - ssl->out_len[1] = (unsigned char)( len ); - } - - protected_record_size = len + mbedtls_ssl_hdr_len( ssl ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - /* In case of DTLS, double-check that we don't exceed - * the remaining space in the datagram. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ret = ssl_get_remaining_space_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); - - if( protected_record_size > (size_t) ret ) - { - /* Should never happen */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " - "version = [%d:%d], msglen = %d", - ssl->out_hdr[0], ssl->out_hdr[1], - ssl->out_hdr[2], len ) ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_hdr, protected_record_size ); - - ssl->out_left += protected_record_size; - ssl->out_hdr += protected_record_size; - ssl_update_out_pointers( ssl, ssl->transform_out ); - - for( i = 8; i > ssl_ep_len( ssl ); i-- ) - if( ++ssl->cur_out_ctr[i - 1] != 0 ) - break; - - /* The loop goes to its end iff the counter is wrapping */ - if( i == ssl_ep_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); - } - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - flush == SSL_DONT_FORCE_FLUSH ) - { - size_t remaining; - ret = ssl_get_remaining_payload_in_datagram( ssl ); - if( ret < 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram", - ret ); - return( ret ); - } - - remaining = (size_t) ret; - if( remaining == 0 ) - { - flush = SSL_FORCE_FLUSH; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) ); - } - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - if( ( flush == SSL_FORCE_FLUSH ) && - ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - -static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) -{ - if( ssl->in_msglen < ssl->in_hslen || - memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || - memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ) - { - return( 1 ); - } - return( 0 ); -} - -static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl ) -{ - return( ( ssl->in_msg[9] << 16 ) | - ( ssl->in_msg[10] << 8 ) | - ssl->in_msg[11] ); -} - -static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) -{ - return( ( ssl->in_msg[6] << 16 ) | - ( ssl->in_msg[7] << 8 ) | - ssl->in_msg[8] ); -} - -static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) -{ - uint32_t msg_len, frag_off, frag_len; - - msg_len = ssl_get_hs_total_len( ssl ); - frag_off = ssl_get_hs_frag_off( ssl ); - frag_len = ssl_get_hs_frag_len( ssl ); - - if( frag_off > msg_len ) - return( -1 ); - - if( frag_len > msg_len - frag_off ) - return( -1 ); - - if( frag_len + 12 > ssl->in_msglen ) - return( -1 ); - - return( 0 ); -} - -/* - * Mark bits in bitmask (used for DTLS HS reassembly) - */ -static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) -{ - unsigned int start_bits, end_bits; - - start_bits = 8 - ( offset % 8 ); - if( start_bits != 8 ) - { - size_t first_byte_idx = offset / 8; - - /* Special case */ - if( len <= start_bits ) - { - for( ; len != 0; len-- ) - mask[first_byte_idx] |= 1 << ( start_bits - len ); - - /* Avoid potential issues with offset or len becoming invalid */ - return; - } - - offset += start_bits; /* Now offset % 8 == 0 */ - len -= start_bits; - - for( ; start_bits != 0; start_bits-- ) - mask[first_byte_idx] |= 1 << ( start_bits - 1 ); - } - - end_bits = len % 8; - if( end_bits != 0 ) - { - size_t last_byte_idx = ( offset + len ) / 8; - - len -= end_bits; /* Now len % 8 == 0 */ - - for( ; end_bits != 0; end_bits-- ) - mask[last_byte_idx] |= 1 << ( 8 - end_bits ); - } - - memset( mask + offset / 8, 0xFF, len / 8 ); -} - -/* - * Check that bitmask is full - */ -static int ssl_bitmask_check( unsigned char *mask, size_t len ) -{ - size_t i; - - for( i = 0; i < len / 8; i++ ) - if( mask[i] != 0xFF ) - return( -1 ); - - for( i = 0; i < len % 8; i++ ) - if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 ) - return( -1 ); - - return( 0 ); -} - -/* msg_len does not include the handshake header */ -static size_t ssl_get_reassembly_buffer_size( size_t msg_len, - unsigned add_bitmap ) -{ - size_t alloc_len; - - alloc_len = 12; /* Handshake header */ - alloc_len += msg_len; /* Content buffer */ - - if( add_bitmap ) - alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap */ - - return( alloc_len ); -} - -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ) -{ - return( ( ssl->in_msg[1] << 16 ) | - ( ssl->in_msg[2] << 8 ) | - ssl->in_msg[3] ); -} - -int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) -{ - if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %d", - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" - " %d, type = %d, hslen = %d", - ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - int ret; - unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; - - if( ssl_check_hs_header( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - if( ssl->handshake != NULL && - ( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && - recv_msg_seq != ssl->handshake->in_msg_seq ) || - ( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) ) - { - if( recv_msg_seq > ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)", - recv_msg_seq, - ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); - } - - /* Retransmit only on last message from previous flight, to avoid - * too many retransmissions. - * Besides, No sane server ever retransmits HelloVerifyRequest */ - if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && - ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, " - "message_seq = %d, start_of_flight = %d", - recv_msg_seq, - ssl->handshake->in_flight_start_seq ) ); - - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); - return( ret ); - } - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: " - "message_seq = %d, expected = %d", - recv_msg_seq, - ssl->handshake->in_msg_seq ) ); - } - - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - } - /* Wait until message completion to increment in_msg_seq */ - - /* Message reassembly is handled alongside buffering of future - * messages; the commonality is that both handshake fragments and - * future messages cannot be forwarded immediately to the - * handshake logic layer. */ - if( ssl_hs_is_proper_fragment( ssl ) == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* With TLS we don't handle fragmentation (for now) */ - if( ssl->in_msglen < ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - - return( 0 ); -} - -void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL ) - { - ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); - } - - /* Handshake message is complete, increment counter */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL ) - { - unsigned offset; - mbedtls_ssl_hs_buffer *hs_buf; - - /* Increment handshake sequence number */ - hs->in_msg_seq++; - - /* - * Clear up handshake buffering and reassembly structure. - */ - - /* Free first entry */ - ssl_buffering_free_slot( ssl, 0 ); - - /* Shift all other entries */ - for( offset = 0, hs_buf = &hs->buffering.hs[0]; - offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS; - offset++, hs_buf++ ) - { - *hs_buf = *(hs_buf + 1); - } - - /* Create a fresh last entry */ - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); - } -#endif -} - -/* - * DTLS anti-replay: RFC 6347 4.1.2.6 - * - * in_window is a field of bits numbered from 0 (lsb) to 63 (msb). - * Bit n is set iff record number in_window_top - n has been seen. - * - * Usually, in_window_top is the last record number seen and the lsb of - * in_window is set. The only exception is the initial state (record number 0 - * not seen yet). - */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) -{ - ssl->in_window_top = 0; - ssl->in_window = 0; -} - -static inline uint64_t ssl_load_six_bytes( unsigned char *buf ) -{ - return( ( (uint64_t) buf[0] << 40 ) | - ( (uint64_t) buf[1] << 32 ) | - ( (uint64_t) buf[2] << 24 ) | - ( (uint64_t) buf[3] << 16 ) | - ( (uint64_t) buf[4] << 8 ) | - ( (uint64_t) buf[5] ) ); -} - -/* - * Return 0 if sequence number is acceptable, -1 otherwise - */ -int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ) -{ - uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); - uint64_t bit; - - if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) - return( 0 ); - - if( rec_seqnum > ssl->in_window_top ) - return( 0 ); - - bit = ssl->in_window_top - rec_seqnum; - - if( bit >= 64 ) - return( -1 ); - - if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 ) - return( -1 ); - - return( 0 ); -} - -/* - * Update replay window on new validated record - */ -void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) -{ - uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); - - if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) - return; - - if( rec_seqnum > ssl->in_window_top ) - { - /* Update window_top and the contents of the window */ - uint64_t shift = rec_seqnum - ssl->in_window_top; - - if( shift >= 64 ) - ssl->in_window = 1; - else - { - ssl->in_window <<= shift; - ssl->in_window |= 1; - } - - ssl->in_window_top = rec_seqnum; - } - else - { - /* Mark that number as seen in the current window */ - uint64_t bit = ssl->in_window_top - rec_seqnum; - - if( bit < 64 ) /* Always true, but be extra sure */ - ssl->in_window |= (uint64_t) 1 << bit; - } -} -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) -/* Forward declaration */ -static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); - -/* - * Without any SSL context, check if a datagram looks like a ClientHello with - * a valid cookie, and if it doesn't, generate a HelloVerifyRequest message. - * Both input and output include full DTLS headers. - * - * - if cookie is valid, return 0 - * - if ClientHello looks superficially valid but cookie is not, - * fill obuf and set olen, then - * return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED - * - otherwise return a specific error code - */ -static int ssl_check_dtls_clihlo_cookie( - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie, - const unsigned char *cli_id, size_t cli_id_len, - const unsigned char *in, size_t in_len, - unsigned char *obuf, size_t buf_len, size_t *olen ) -{ - size_t sid_len, cookie_len; - unsigned char *p; - - if( f_cookie_write == NULL || f_cookie_check == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - /* - * Structure of ClientHello with record and handshake headers, - * and expected values. We don't need to check a lot, more checks will be - * done when actually parsing the ClientHello - skipping those checks - * avoids code duplication and does not make cookie forging any easier. - * - * 0-0 ContentType type; copied, must be handshake - * 1-2 ProtocolVersion version; copied - * 3-4 uint16 epoch; copied, must be 0 - * 5-10 uint48 sequence_number; copied - * 11-12 uint16 length; (ignored) - * - * 13-13 HandshakeType msg_type; (ignored) - * 14-16 uint24 length; (ignored) - * 17-18 uint16 message_seq; copied - * 19-21 uint24 fragment_offset; copied, must be 0 - * 22-24 uint24 fragment_length; (ignored) - * - * 25-26 ProtocolVersion client_version; (ignored) - * 27-58 Random random; (ignored) - * 59-xx SessionID session_id; 1 byte len + sid_len content - * 60+ opaque cookie<0..2^8-1>; 1 byte len + content - * ... - * - * Minimum length is 61 bytes. - */ - if( in_len < 61 || - in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || - in[3] != 0 || in[4] != 0 || - in[19] != 0 || in[20] != 0 || in[21] != 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - sid_len = in[59]; - if( sid_len > in_len - 61 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - - cookie_len = in[60 + sid_len]; - if( cookie_len > in_len - 60 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - - if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len, - cli_id, cli_id_len ) == 0 ) - { - /* Valid cookie */ - return( 0 ); - } - - /* - * If we get here, we've got an invalid cookie, let's prepare HVR. - * - * 0-0 ContentType type; copied - * 1-2 ProtocolVersion version; copied - * 3-4 uint16 epoch; copied - * 5-10 uint48 sequence_number; copied - * 11-12 uint16 length; olen - 13 - * - * 13-13 HandshakeType msg_type; hello_verify_request - * 14-16 uint24 length; olen - 25 - * 17-18 uint16 message_seq; copied - * 19-21 uint24 fragment_offset; copied - * 22-24 uint24 fragment_length; olen - 25 - * - * 25-26 ProtocolVersion server_version; 0xfe 0xff - * 27-27 opaque cookie<0..2^8-1>; cookie_len = olen - 27, cookie - * - * Minimum length is 28. - */ - if( buf_len < 28 ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - - /* Copy most fields and adapt others */ - memcpy( obuf, in, 25 ); - obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; - obuf[25] = 0xfe; - obuf[26] = 0xff; - - /* Generate and write actual cookie */ - p = obuf + 28; - if( f_cookie_write( p_cookie, - &p, obuf + buf_len, cli_id, cli_id_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - *olen = p - obuf; - - /* Go back and fill length fields */ - obuf[27] = (unsigned char)( *olen - 28 ); - - obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); - obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); - obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); - - obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); - obuf[12] = (unsigned char)( ( *olen - 13 ) ); - - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); -} - -/* - * Handle possible client reconnect with the same UDP quadruplet - * (RFC 6347 Section 4.2.8). - * - * Called by ssl_parse_record_header() in case we receive an epoch 0 record - * that looks like a ClientHello. - * - * - if the input looks like a ClientHello without cookies, - * send back HelloVerifyRequest, then - * return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED - * - if the input looks like a ClientHello with a valid cookie, - * reset the session of the current context, and - * return MBEDTLS_ERR_SSL_CLIENT_RECONNECT - * - if anything goes wrong, return a specific error code - * - * mbedtls_ssl_read_record() will ignore the record if anything else than - * MBEDTLS_ERR_SSL_CLIENT_RECONNECT or 0 is returned, although this function - * cannot not return 0. - */ -static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) -{ - int ret; - size_t len; - - ret = ssl_check_dtls_clihlo_cookie( - ssl->conf->f_cookie_write, - ssl->conf->f_cookie_check, - ssl->conf->p_cookie, - ssl->cli_id, ssl->cli_id_len, - ssl->in_buf, ssl->in_left, - ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len ); - - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret ); - - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - /* Don't check write errors as we can't do anything here. - * If the error is permanent we'll catch it later, - * if it's not, then hopefully it'll work next time. */ - (void) ssl->f_send( ssl->p_bio, ssl->out_buf, len ); - - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); - } - - if( ret == 0 ) - { - /* Got a valid cookie, partially reset context */ - if( ( ret = ssl_session_reset_int( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret ); - return( ret ); - } - - return( MBEDTLS_ERR_SSL_CLIENT_RECONNECT ); - } - - return( ret ); -} -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - -/* - * ContentType type; - * ProtocolVersion version; - * uint16 epoch; // DTLS only - * uint48 sequence_number; // DTLS only - * uint16 length; - * - * Return 0 if header looks sane (and, for DTLS, the record is expected) - * MBEDTLS_ERR_SSL_INVALID_RECORD if the header looks bad, - * MBEDTLS_ERR_SSL_UNEXPECTED_RECORD (DTLS only) if sane but unexpected. - * - * With DTLS, mbedtls_ssl_read_record() will: - * 1. proceed with the record if this function returns 0 - * 2. drop only the current record if this function returns UNEXPECTED_RECORD - * 3. return CLIENT_RECONNECT if this function return that value - * 4. drop the whole datagram if this function returns anything else. - * Point 2 is needed when the peer is resending, and we have already received - * the first record from a datagram but are still waiting for the others. - */ -static int ssl_parse_record_header( mbedtls_ssl_context *ssl ) -{ - int major_ver, minor_ver; - - MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) ); - - ssl->in_msgtype = ssl->in_hdr[0]; - ssl->in_msglen = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; - mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, " - "version = [%d:%d], msglen = %d", - ssl->in_msgtype, - major_ver, minor_ver, ssl->in_msglen ) ); - - /* Check record type */ - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && - ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && - ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - /* Silently ignore invalid DTLS records as recommended by RFC 6347 - * Section 4.1.2.7 */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - /* Check version */ - if( major_ver != ssl->major_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - if( minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - /* Check length against the size of our buffer */ - if( ssl->in_msglen > MBEDTLS_SSL_IN_BUFFER_LEN - - (size_t)( ssl->in_msg - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - /* - * DTLS-related tests. - * Check epoch before checking length constraint because - * the latter varies with the epoch. E.g., if a ChangeCipherSpec - * message gets duplicated before the corresponding Finished message, - * the second ChangeCipherSpec should be discarded because it belongs - * to an old epoch, but not because its length is shorter than - * the minimum record length for packets using the new record transform. - * Note that these two kinds of failures are handled differently, - * as an unexpected record is silently skipped but an invalid - * record leads to the entire datagram being dropped. - */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1]; - - /* Check epoch (and sequence number) with DTLS */ - if( rec_epoch != ssl->in_epoch ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: " - "expected %d, received %d", - ssl->in_epoch, rec_epoch ) ); - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) - /* - * Check for an epoch 0 ClientHello. We can't use in_msg here to - * access the first byte of record content (handshake type), as we - * have an active transform (possibly iv_len != 0), so use the - * fact that the record header len is 13 instead. - */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && - rec_epoch == 0 && - ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_left > 13 && - ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect " - "from the same port" ) ); - return( ssl_handle_possible_reconnect( ssl ) ); - } - else -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - { - /* Consider buffering the record. */ - if( rec_epoch == (unsigned int) ssl->in_epoch + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); - } - - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); - } - } - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - /* Replay detection only works for the current epoch */ - if( rec_epoch == ssl->in_epoch && - mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); - } -#endif - - /* Drop unexpected ApplicationData records, - * except at the beginning of renegotiations */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && - ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER -#if defined(MBEDTLS_SSL_RENEGOTIATION) - && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->state == MBEDTLS_SSL_SERVER_HELLO ) -#endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); - } - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - - /* Check length against bounds of the current transform and version */ - if( ssl->transform_in == NULL ) - { - if( ssl->in_msglen < 1 || - ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - } - else - { - if( ssl->in_msglen < ssl->transform_in->minlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && - ssl->in_msglen > ssl->transform_in->minlen + MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - /* - * TLS encrypted messages can have up to 256 bytes of padding - */ - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 && - ssl->in_msglen > ssl->transform_in->minlen + - MBEDTLS_SSL_IN_CONTENT_LEN + 256 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } -#endif - } - - return( 0 ); -} - -/* - * If applicable, decrypt (and decompress) record content - */ -static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) -{ - int ret, done = 0; - - MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network", - ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ); - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_read != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) ); - - ret = mbedtls_ssl_hw_record_read( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - if( ret == 0 ) - done = 1; - } -#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( !done && ssl->transform_in != NULL ) - { - if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt", - ssl->in_msg, ssl->in_msglen ); - - if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - } - -#if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->transform_in != NULL && - ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ( ret = ssl_decompress_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_ZLIB_SUPPORT */ - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - mbedtls_ssl_dtls_replay_update( ssl ); - } -#endif - - return( 0 ); -} - -static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); - -/* - * Read a record. - * - * Silently ignore non-fatal alert (and for DTLS, invalid records as well, - * RFC 6347 4.1.2.7) and continue reading until a valid record is found. - * - */ - -/* Helper functions for mbedtls_ssl_read_record(). */ -static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); -static int ssl_get_next_record( mbedtls_ssl_context *ssl ); -static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, - unsigned update_hs_digest ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) ); - - if( ssl->keep_current_message == 0 ) - { - do { - - ret = ssl_consume_current_message( ssl ); - if( ret != 0 ) - return( ret ); - - if( ssl_record_is_in_progress( ssl ) == 0 ) - { -#if defined(MBEDTLS_SSL_PROTO_DTLS) - int have_buffered = 0; - - /* We only check for buffered messages if the - * current datagram is fully consumed. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl_next_record_is_in_datagram( ssl ) == 0 ) - { - if( ssl_load_buffered_message( ssl ) == 0 ) - have_buffered = 1; - } - - if( have_buffered == 0 ) -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - { - ret = ssl_get_next_record( ssl ); - if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ) - continue; - - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret ); - return( ret ); - } - } - } - - ret = mbedtls_ssl_handle_message_type( ssl ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { - /* Buffer future message */ - ret = ssl_buffer_message( ssl ); - if( ret != 0 ) - return( ret ); - - ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - } while( MBEDTLS_ERR_SSL_NON_FATAL == ret || - MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret ); - - if( 0 != ret ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret ); - return( ret ); - } - - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - update_hs_digest == 1 ) - { - mbedtls_ssl_update_handshake_status( ssl ); - } - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) ); - ssl->keep_current_message = 0; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) -{ - if( ssl->in_left > ssl->next_record_offset ) - return( 1 ); - - return( 0 ); -} - -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - mbedtls_ssl_hs_buffer * hs_buf; - int ret = 0; - - if( hs == NULL ) - return( -1 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) ); - - if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || - ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { - /* Check if we have seen a ChangeCipherSpec before. - * If yes, synthesize a CCS record. */ - if( !hs->buffering.seen_ccs ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) ); - ret = -1; - goto exit; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) ); - ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; - ssl->in_msglen = 1; - ssl->in_msg[0] = 1; - - /* As long as they are equal, the exact value doesn't matter. */ - ssl->in_left = 0; - ssl->next_record_offset = 0; - - hs->buffering.seen_ccs = 0; - goto exit; - } - -#if defined(MBEDTLS_DEBUG_C) - /* Debug only */ - { - unsigned offset; - for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) - { - hs_buf = &hs->buffering.hs[offset]; - if( hs_buf->is_valid == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.", - hs->in_msg_seq + offset, - hs_buf->is_complete ? "fully" : "partially" ) ); - } - } - } -#endif /* MBEDTLS_DEBUG_C */ - - /* Check if we have buffered and/or fully reassembled the - * next handshake message. */ - hs_buf = &hs->buffering.hs[0]; - if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) ) - { - /* Synthesize a record containing the buffered HS message. */ - size_t msg_len = ( hs_buf->data[1] << 16 ) | - ( hs_buf->data[2] << 8 ) | - hs_buf->data[3]; - - /* Double-check that we haven't accidentally buffered - * a message that doesn't fit into the input buffer. */ - if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)", - hs_buf->data, msg_len + 12 ); - - ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->in_hslen = msg_len + 12; - ssl->in_msglen = msg_len + 12; - memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen ); - - ret = 0; - goto exit; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered", - hs->in_msg_seq ) ); - } - - ret = -1; - -exit: - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) ); - return( ret ); -} - -static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, - size_t desired ) -{ - int offset; - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available", - (unsigned) desired ) ); - - /* Get rid of future records epoch first, if such exist. */ - ssl_free_buffered_record( ssl ); - - /* Check if we have enough space available now. */ - if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) ); - return( 0 ); - } - - /* We don't have enough space to buffer the next expected handshake - * message. Remove buffers used for future messages to gain space, - * starting with the most distant one. */ - for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; - offset >= 0; offset-- ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message", - offset ) ); - - ssl_buffering_free_slot( ssl, (uint8_t) offset ); - - /* Check if we have enough space available now. */ - if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) ); - return( 0 ); - } - } - - return( -1 ); -} - -static int ssl_buffer_message( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - - if( hs == NULL ) - return( 0 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) ); - - switch( ssl->in_msgtype ) - { - case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) ); - - hs->buffering.seen_ccs = 1; - break; - - case MBEDTLS_SSL_MSG_HANDSHAKE: - { - unsigned recv_msg_seq_offset; - unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; - mbedtls_ssl_hs_buffer *hs_buf; - size_t msg_len = ssl->in_hslen - 12; - - /* We should never receive an old handshake - * message - double-check nonetheless. */ - if( recv_msg_seq < ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq; - if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS ) - { - /* Silently ignore -- message too far in the future */ - MBEDTLS_SSL_DEBUG_MSG( 2, - ( "Ignore future HS message with sequence number %u, " - "buffering window %u - %u", - recv_msg_seq, ssl->handshake->in_msg_seq, - ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) ); - - goto exit; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ", - recv_msg_seq, recv_msg_seq_offset ) ); - - hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ]; - - /* Check if the buffering for this seq nr has already commenced. */ - if( !hs_buf->is_valid ) - { - size_t reassembly_buf_sz; - - hs_buf->is_fragmented = - ( ssl_hs_is_proper_fragment( ssl ) == 1 ); - - /* We copy the message back into the input buffer - * after reassembly, so check that it's not too large. - * This is an implementation-specific limitation - * and not one from the standard, hence it is not - * checked in ssl_check_hs_header(). */ - if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - /* Ignore message */ - goto exit; - } - - /* Check if we have enough space to buffer the message. */ - if( hs->buffering.total_bytes_buffered > - MBEDTLS_SSL_DTLS_MAX_BUFFERING ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len, - hs_buf->is_fragmented ); - - if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - if( recv_msg_seq_offset > 0 ) - { - /* If we can't buffer a future message because - * of space limitations -- ignore. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n", - (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING, - (unsigned) hs->buffering.total_bytes_buffered ) ); - goto exit; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- attempt to make space by freeing buffered future messages\n", - (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING, - (unsigned) hs->buffering.total_bytes_buffered ) ); - } - - if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %u (%u with bitmap) would exceed the compile-time limit %u (already %u bytes buffered) -- fail\n", - (unsigned) msg_len, - (unsigned) reassembly_buf_sz, - MBEDTLS_SSL_DTLS_MAX_BUFFERING, - (unsigned) hs->buffering.total_bytes_buffered ) ); - ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; - goto exit; - } - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d", - msg_len ) ); - - hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz ); - if( hs_buf->data == NULL ) - { - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - hs_buf->data_len = reassembly_buf_sz; - - /* Prepare final header: copy msg_type, length and message_seq, - * then add standardised fragment_offset and fragment_length */ - memcpy( hs_buf->data, ssl->in_msg, 6 ); - memset( hs_buf->data + 6, 0, 3 ); - memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 ); - - hs_buf->is_valid = 1; - - hs->buffering.total_bytes_buffered += reassembly_buf_sz; - } - else - { - /* Make sure msg_type and length are consistent */ - if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) ); - /* Ignore */ - goto exit; - } - } - - if( !hs_buf->is_complete ) - { - size_t frag_len, frag_off; - unsigned char * const msg = hs_buf->data + 12; - - /* - * Check and copy current fragment - */ - - /* Validation of header fields already done in - * mbedtls_ssl_prepare_handshake_record(). */ - frag_off = ssl_get_hs_frag_off( ssl ); - frag_len = ssl_get_hs_frag_len( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d", - frag_off, frag_len ) ); - memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); - - if( hs_buf->is_fragmented ) - { - unsigned char * const bitmask = msg + msg_len; - ssl_bitmask_set( bitmask, frag_off, frag_len ); - hs_buf->is_complete = ( ssl_bitmask_check( bitmask, - msg_len ) == 0 ); - } - else - { - hs_buf->is_complete = 1; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete", - hs_buf->is_complete ? "" : "not yet " ) ); - } - - break; - } - - default: - /* We don't buffer other types of messages. */ - break; - } - -exit: - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) ); - return( ret ); -} -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) -{ - /* - * Consume last content-layer message and potentially - * update in_msglen which keeps track of the contents' - * consumption state. - * - * (1) Handshake messages: - * Remove last handshake message, move content - * and adapt in_msglen. - * - * (2) Alert messages: - * Consume whole record content, in_msglen = 0. - * - * (3) Change cipher spec: - * Consume whole record content, in_msglen = 0. - * - * (4) Application data: - * Don't do anything - the record layer provides - * the application data as a stream transport - * and consumes through mbedtls_ssl_read only. - * - */ - - /* Case (1): Handshake messages */ - if( ssl->in_hslen != 0 ) - { - /* Hard assertion to be sure that no application data - * is in flight, as corrupting ssl->in_msglen during - * ssl->in_offt != NULL is fatal. */ - if( ssl->in_offt != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - /* - * Get next Handshake message in the current record - */ - - /* Notes: - * (1) in_hslen is not necessarily the size of the - * current handshake content: If DTLS handshake - * fragmentation is used, that's the fragment - * size instead. Using the total handshake message - * size here is faulty and should be changed at - * some point. - * (2) While it doesn't seem to cause problems, one - * has to be very careful not to assume that in_hslen - * is always <= in_msglen in a sensible communication. - * Again, it's wrong for DTLS handshake fragmentation. - * The following check is therefore mandatory, and - * should not be treated as a silently corrected assertion. - * Additionally, ssl->in_hslen might be arbitrarily out of - * bounds after handling a DTLS message with an unexpected - * sequence number, see mbedtls_ssl_prepare_handshake_record. - */ - if( ssl->in_hslen < ssl->in_msglen ) - { - ssl->in_msglen -= ssl->in_hslen; - memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, - ssl->in_msglen ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record", - ssl->in_msg, ssl->in_msglen ); - } - else - { - ssl->in_msglen = 0; - } - - ssl->in_hslen = 0; - } - /* Case (4): Application data */ - else if( ssl->in_offt != NULL ) - { - return( 0 ); - } - /* Everything else (CCS & Alerts) */ - else - { - ssl->in_msglen = 0; - } - - return( 0 ); -} - -static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ) -{ - if( ssl->in_msglen > 0 ) - return( 1 ); - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) - return; - - if( hs->buffering.future_record.data != NULL ) - { - hs->buffering.total_bytes_buffered -= - hs->buffering.future_record.len; - - mbedtls_free( hs->buffering.future_record.data ); - hs->buffering.future_record.data = NULL; - } -} - -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - unsigned char * rec; - size_t rec_len; - unsigned rec_epoch; - - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); - - if( hs == NULL ) - return( 0 ); - - rec = hs->buffering.future_record.data; - rec_len = hs->buffering.future_record.len; - rec_epoch = hs->buffering.future_record.epoch; - - if( rec == NULL ) - return( 0 ); - - /* Only consider loading future records if the - * input buffer is empty. */ - if( ssl_next_record_is_in_datagram( ssl ) == 1 ) - return( 0 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) ); - - if( rec_epoch != ssl->in_epoch ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) ); - goto exit; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) ); - - /* Double-check that the record is not too large */ - if( rec_len > MBEDTLS_SSL_IN_BUFFER_LEN - - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - memcpy( ssl->in_hdr, rec, rec_len ); - ssl->in_left = rec_len; - ssl->next_record_offset = 0; - - ssl_free_buffered_record( ssl ); - -exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) ); - return( 0 ); -} - -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - size_t const rec_hdr_len = 13; - size_t const total_buf_sz = rec_hdr_len + ssl->in_msglen; - - /* Don't buffer future records outside handshakes. */ - if( hs == NULL ) - return( 0 ); - - /* Only buffer handshake records (we are only interested - * in Finished messages). */ - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - return( 0 ); - - /* Don't buffer more than one future epoch record. */ - if( hs->buffering.future_record.data != NULL ) - return( 0 ); - - /* Don't buffer record if there's not enough buffering space remaining. */ - if( total_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n", - (unsigned) total_buf_sz, MBEDTLS_SSL_DTLS_MAX_BUFFERING, - (unsigned) hs->buffering.total_bytes_buffered ) ); - return( 0 ); - } - - /* Buffer record */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u", - ssl->in_epoch + 1 ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", ssl->in_hdr, - rec_hdr_len + ssl->in_msglen ); - - /* ssl_parse_record_header() only considers records - * of the next epoch as candidates for buffering. */ - hs->buffering.future_record.epoch = ssl->in_epoch + 1; - hs->buffering.future_record.len = total_buf_sz; - - hs->buffering.future_record.data = - mbedtls_calloc( 1, hs->buffering.future_record.len ); - if( hs->buffering.future_record.data == NULL ) - { - /* If we run out of RAM trying to buffer a - * record from the next epoch, just ignore. */ - return( 0 ); - } - - memcpy( hs->buffering.future_record.data, ssl->in_hdr, total_buf_sz ); - - hs->buffering.total_bytes_buffered += total_buf_sz; - return( 0 ); -} - -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -static int ssl_get_next_record( mbedtls_ssl_context *ssl ) -{ - int ret; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - /* We might have buffered a future record; if so, - * and if the epoch matches now, load it. - * On success, this call will set ssl->in_left to - * the length of the buffered record, so that - * the calls to ssl_fetch_input() below will - * essentially be no-ops. */ - ret = ssl_load_buffered_record( ssl ); - if( ret != 0 ) - return( ret ); -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); - } - - if( ( ret = ssl_parse_record_header( ssl ) ) != 0 ) - { -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) - { - if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { - ret = ssl_buffer_future_record( ssl ); - if( ret != 0 ) - return( ret ); - - /* Fall through to handling of unexpected records */ - ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; - } - - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) - { - /* Skip unexpected record (but not whole datagram) */ - ssl->next_record_offset = ssl->in_msglen - + mbedtls_ssl_hdr_len( ssl ); - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding unexpected record " - "(header)" ) ); - } - else - { - /* Skip invalid record and the rest of the datagram */ - ssl->next_record_offset = 0; - ssl->in_left = 0; - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record " - "(header)" ) ); - } - - /* Get next record */ - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - } -#endif - return( ret ); - } - - /* - * Read and optionally decrypt the message contents - */ - if( ( ret = mbedtls_ssl_fetch_input( ssl, - mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); - } - - /* Done reading this record, get ready for the next one */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_hdr_len( ssl ); - if( ssl->next_record_offset < ssl->in_left ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "more than one record within datagram" ) ); - } - } - else -#endif - ssl->in_left = 0; - - if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 ) - { -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - /* Silently discard invalid records */ - if( ret == MBEDTLS_ERR_SSL_INVALID_RECORD || - ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - /* Except when waiting for Finished as a bad mac here - * probably means something went wrong in the handshake - * (eg wrong psk used, mitm downgrade attempt, etc.) */ - if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || - ssl->state == MBEDTLS_SSL_SERVER_FINISHED ) - { -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); - } -#endif - return( ret ); - } - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( ssl->conf->badmac_limit != 0 && - ++ssl->badmac_seen >= ssl->conf->badmac_limit ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); - } -#endif - - /* As above, invalid records cause - * dismissal of the whole datagram. */ - - ssl->next_record_offset = 0; - ssl->in_left = 0; - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) ); - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - } - - return( ret ); - } - else -#endif - { - /* Error out (and send alert) on invalid records */ -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); - } -#endif - return( ret ); - } - } - - return( 0 ); -} - -int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) -{ - int ret; - - /* - * Handle particular types of records - */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 ) - { - return( ret ); - } - } - - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - if( ssl->in_msglen != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %d", - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - if( ssl->in_msg[0] != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x", - ssl->in_msg[0] ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && - ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { - if( ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); - } -#endif - } - - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) - { - if( ssl->in_msglen != 2 ) - { - /* Note: Standard allows for more than one 2 byte alert - to be packed in a single message, but Mbed TLS doesn't - currently support this. */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d", - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]", - ssl->in_msg[0], ssl->in_msg[1] ) ); - - /* - * Ignore non-fatal alerts, except close_notify and no_renegotiation - */ - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", - ssl->in_msg[1] ) ); - return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE ); - } - - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); - return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ); - } - -#if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED) - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no renegotiation alert" ) ); - /* Will be handled when trying to parse ServerHello */ - return( 0 ); - } -#endif - -#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && - ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) ); - /* Will be handled in mbedtls_ssl_parse_certificate() */ - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ - - /* Silently ignore: fetch new message */ - return MBEDTLS_ERR_SSL_NON_FATAL; - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL && - ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ssl_handshake_wrapup_free_hs_transform( ssl ); - } -#endif - - return( 0 ); -} - -int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ) -{ - int ret; - - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 ) - { - return( ret ); - } - - return( 0 ); -} - -int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, - unsigned char level, - unsigned char message ) -{ - int ret; - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "send alert level=%u message=%u", level, message )); - - ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; - ssl->out_msglen = 2; - ssl->out_msg[0] = level; - ssl->out_msg[1] = message; - - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); - } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) -{ -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( session->peer_cert != NULL ) - { - mbedtls_x509_crt_free( session->peer_cert ); - mbedtls_free( session->peer_cert ); - session->peer_cert = NULL; - } -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( session->peer_cert_digest != NULL ) - { - /* Zeroization is not necessary. */ - mbedtls_free( session->peer_cert_digest ); - session->peer_cert_digest = NULL; - session->peer_cert_digest_type = MBEDTLS_MD_NONE; - session->peer_cert_digest_len = 0; - } -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/* - * Handshake functions - */ -#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -/* No certificate support -> dummy functions */ -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); - - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); - ssl->state++; - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); -} - -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); - - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); - ssl->state++; - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); -} - -#else /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -/* Some certificate support -> implement write and parse */ - -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - size_t i, n; - const mbedtls_x509_crt *crt; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); - - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); - ssl->state++; - return( 0 ); - } - -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - if( ssl->client_auth == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); - ssl->state++; - return( 0 ); - } - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - /* - * If using SSLv3 and got no cert, send an Alert message - * (otherwise an empty Certificate message will be sent). - */ - if( mbedtls_ssl_own_cert( ssl ) == NULL && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - ssl->out_msglen = 2; - ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; - ssl->out_msg[0] = MBEDTLS_SSL_ALERT_LEVEL_WARNING; - ssl->out_msg[1] = MBEDTLS_SSL_ALERT_MSG_NO_CERT; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); - goto write_msg; - } -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - } -#endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( mbedtls_ssl_own_cert( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ); - } - } -#endif - - MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) ); - - /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 6 length of all certs - * 7 . 9 length of cert. 1 - * 10 . n-1 peer certificate - * n . n+2 length of cert. 2 - * n+3 . ... upper level cert, etc. - */ - i = 7; - crt = mbedtls_ssl_own_cert( ssl ); - - while( crt != NULL ) - { - n = crt->raw.len; - if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", - i + 3 + n, MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); - } - - ssl->out_msg[i ] = (unsigned char)( n >> 16 ); - ssl->out_msg[i + 1] = (unsigned char)( n >> 8 ); - ssl->out_msg[i + 2] = (unsigned char)( n ); - - i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); - i += n; crt = crt->next; - } - - ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 ); - ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 ); - ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); - - ssl->out_msglen = i; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE; - -#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) -write_msg: -#endif - - ssl->state++; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); - - return( ret ); -} - -#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, - unsigned char *crt_buf, - size_t crt_buf_len ) -{ - mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert; - - if( peer_crt == NULL ) - return( -1 ); - - if( peer_crt->raw.len != crt_buf_len ) - return( -1 ); - - return( memcmp( peer_crt->raw.p, crt_buf, crt_buf_len ) ); -} -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, - unsigned char *crt_buf, - size_t crt_buf_len ) -{ - int ret; - unsigned char const * const peer_cert_digest = - ssl->session->peer_cert_digest; - mbedtls_md_type_t const peer_cert_digest_type = - ssl->session->peer_cert_digest_type; - mbedtls_md_info_t const * const digest_info = - mbedtls_md_info_from_type( peer_cert_digest_type ); - unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; - size_t digest_len; - - if( peer_cert_digest == NULL || digest_info == NULL ) - return( -1 ); - - digest_len = mbedtls_md_get_size( digest_info ); - if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) - return( -1 ); - - ret = mbedtls_md( digest_info, crt_buf, crt_buf_len, tmp_digest ); - if( ret != 0 ) - return( -1 ); - - return( memcmp( tmp_digest, peer_cert_digest, digest_len ) ); -} -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ - -/* - * Once the certificate message is read, parse it into a cert chain and - * perform basic checks, but leave actual verification to the caller - */ -static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *chain ) -{ - int ret; -#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - int crt_cnt=0; -#endif - size_t i, n; - uint8_t alert; - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || - ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - - i = mbedtls_ssl_hs_hdr_len( ssl ); - - /* - * Same message structure as in mbedtls_ssl_write_certificate() - */ - n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2]; - - if( ssl->in_msg[i] != 0 || - ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - - /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ - i += 3; - - /* Iterate through and parse the CRTs in the provided chain. */ - while( i < ssl->in_hslen ) - { - /* Check that there's room for the next CRT's length fields. */ - if ( i + 3 > ssl->in_hslen ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - /* In theory, the CRT can be up to 2**24 Bytes, but we don't support - * anything beyond 2**16 ~ 64K. */ - if( ssl->in_msg[i] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - - /* Read length of the next CRT in the chain. */ - n = ( (unsigned int) ssl->in_msg[i + 1] << 8 ) - | (unsigned int) ssl->in_msg[i + 2]; - i += 3; - - if( n < 128 || i + n > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - - /* Check if we're handling the first CRT in the chain. */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - if( crt_cnt++ == 0 && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - /* During client-side renegotiation, check that the server's - * end-CRTs hasn't changed compared to the initial handshake, - * mitigating the triple handshake attack. On success, reuse - * the original end-CRT instead of parsing it again. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Check that peer CRT hasn't changed during renegotiation" ) ); - if( ssl_check_peer_crt_unchanged( ssl, - &ssl->in_msg[i], - n ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); - } - - /* Now we can safely free the original chain. */ - ssl_clear_peer_cert( ssl->session ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ - - /* Parse the next certificate in the chain. */ -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - ret = mbedtls_x509_crt_parse_der( chain, ssl->in_msg + i, n ); -#else - /* If we don't need to store the CRT chain permanently, parse - * it in-place from the input buffer instead of making a copy. */ - ret = mbedtls_x509_crt_parse_der_nocopy( chain, ssl->in_msg + i, n ); -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - switch( ret ) - { - case 0: /*ok*/ - case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND: - /* Ignore certificate with an unknown algorithm: maybe a - prior certificate was already trusted. */ - break; - - case MBEDTLS_ERR_X509_ALLOC_FAILED: - alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR; - goto crt_parse_der_failed; - - case MBEDTLS_ERR_X509_UNKNOWN_VERSION: - alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - goto crt_parse_der_failed; - - default: - alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; - crt_parse_der_failed: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert ); - MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret ); - return( ret ); - } - - i += n; - } - - MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", chain ); - return( 0 ); -} - -#if defined(MBEDTLS_SSL_SRV_C) -static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) -{ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - return( -1 ); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - /* - * Check if the client sent an empty certificate - */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( ssl->in_msglen == 2 && - ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT && - ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); - return( 0 ); - } - - return( -1 ); - } -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && - ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && - memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); - return( 0 ); - } - - return( -1 ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ -} -#endif /* MBEDTLS_SSL_SRV_C */ - -/* Check if a certificate message is expected. - * Return either - * - SSL_CERTIFICATE_EXPECTED, or - * - SSL_CERTIFICATE_SKIP - * indicating whether a Certificate message is expected or not. - */ -#define SSL_CERTIFICATE_EXPECTED 0 -#define SSL_CERTIFICATE_SKIP 1 -static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, - int authmode ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - return( SSL_CERTIFICATE_SKIP ); - -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - return( SSL_CERTIFICATE_SKIP ); - - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - { - ssl->session_negotiate->verify_result = - MBEDTLS_X509_BADCERT_SKIP_VERIFY; - return( SSL_CERTIFICATE_SKIP ); - } - } -#else - ((void) authmode); -#endif /* MBEDTLS_SSL_SRV_C */ - - return( SSL_CERTIFICATE_EXPECTED ); -} - -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, - int authmode, - mbedtls_x509_crt *chain, - void *rs_ctx ) -{ - int ret = 0; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->transform_negotiate->ciphersuite_info; - int have_ca_chain = 0; - - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); - void *p_vrfy; - - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - return( 0 ); - - if( ssl->f_vrfy != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) ); - f_vrfy = ssl->f_vrfy; - p_vrfy = ssl->p_vrfy; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) ); - f_vrfy = ssl->conf->f_vrfy; - p_vrfy = ssl->conf->p_vrfy; - } - - /* - * Main check: verify certificate - */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( ssl->conf->f_ca_cb != NULL ) - { - ((void) rs_ctx); - have_ca_chain = 1; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "use CA callback for X.509 CRT verification" ) ); - ret = mbedtls_x509_crt_verify_with_ca_cb( - chain, - ssl->conf->f_ca_cb, - ssl->conf->p_ca_cb, - ssl->conf->cert_profile, - ssl->hostname, - &ssl->session_negotiate->verify_result, - f_vrfy, p_vrfy ); - } - else -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - { - mbedtls_x509_crt *ca_chain; - mbedtls_x509_crl *ca_crl; - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_ca_chain != NULL ) - { - ca_chain = ssl->handshake->sni_ca_chain; - ca_crl = ssl->handshake->sni_ca_crl; - } - else -#endif - { - ca_chain = ssl->conf->ca_chain; - ca_crl = ssl->conf->ca_crl; - } - - if( ca_chain != NULL ) - have_ca_chain = 1; - - ret = mbedtls_x509_crt_verify_restartable( - chain, - ca_chain, ca_crl, - ssl->conf->cert_profile, - ssl->hostname, - &ssl->session_negotiate->verify_result, - f_vrfy, p_vrfy, rs_ctx ); - } - - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); - } - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ); -#endif - - /* - * Secondary checks: always done, but change 'ret' only if it was 0 - */ - -#if defined(MBEDTLS_ECP_C) - { - const mbedtls_pk_context *pk = &chain->pk; - - /* If certificate uses an EC key, make sure the curve is OK */ - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) && - mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 ) - { - ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); - if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; - } - } -#endif /* MBEDTLS_ECP_C */ - - if( mbedtls_ssl_check_cert_usage( chain, - ciphersuite_info, - ! ssl->conf->endpoint, - &ssl->session_negotiate->verify_result ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); - if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; - } - - /* mbedtls_x509_crt_verify_with_profile is supposed to report a - * verification failure through MBEDTLS_ERR_X509_CERT_VERIFY_FAILED, - * with details encoded in the verification flags. All other kinds - * of error codes, including those from the user provided f_vrfy - * functions, are treated as fatal and lead to a failure of - * ssl_parse_certificate even if verification was optional. */ - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && - ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || - ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) - { - ret = 0; - } - - if( have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); - ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED; - } - - if( ret != 0 ) - { - uint8_t alert; - - /* The certificate may have been rejected for several reasons. - Pick one and send the corresponding alert. Which alert to send - may be a subject of debate in some cases. */ - if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER ) - alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH ) - alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE ) - alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE ) - alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE ) - alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK ) - alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY ) - alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED ) - alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED ) - alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) - alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA; - else - alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN; - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - alert ); - } - -#if defined(MBEDTLS_DEBUG_C) - if( ssl->session_negotiate->verify_result != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x", - ssl->session_negotiate->verify_result ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) ); - } -#endif /* MBEDTLS_DEBUG_C */ - - return( ret ); -} - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl, - unsigned char *start, size_t len ) -{ - int ret; - /* Remember digest of the peer's end-CRT. */ - ssl->session_negotiate->peer_cert_digest = - mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); - if( ssl->session_negotiate->peer_cert_digest == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - sizeof( MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - ret = mbedtls_md( mbedtls_md_info_from_type( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), - start, len, - ssl->session_negotiate->peer_cert_digest ); - - ssl->session_negotiate->peer_cert_digest_type = - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; - ssl->session_negotiate->peer_cert_digest_len = - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; - - return( ret ); -} - -static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl, - unsigned char *start, size_t len ) -{ - unsigned char *end = start + len; - int ret; - - /* Make a copy of the peer's raw public key. */ - mbedtls_pk_init( &ssl->handshake->peer_pubkey ); - ret = mbedtls_pk_parse_subpubkey( &start, end, - &ssl->handshake->peer_pubkey ); - if( ret != 0 ) - { - /* We should have parsed the public key before. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - return( 0 ); -} -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - int crt_expected; -#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET - ? ssl->handshake->sni_authmode - : ssl->conf->authmode; -#else - const int authmode = ssl->conf->authmode; -#endif - void *rs_ctx = NULL; - mbedtls_x509_crt *chain = NULL; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); - - crt_expected = ssl_parse_certificate_coordinate( ssl, authmode ); - if( crt_expected == SSL_CERTIFICATE_SKIP ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); - goto exit; - } - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_crt_verify ) - { - chain = ssl->handshake->ecrs_peer_cert; - ssl->handshake->ecrs_peer_cert = NULL; - goto crt_verify; - } -#endif - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - /* mbedtls_ssl_read_record may have sent an alert already. We - let it decide whether to alert. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - goto exit; - } - -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl_srv_check_client_no_crt_notification( ssl ) == 0 ) - { - ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; - - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) - ret = 0; - else - ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; - - goto exit; - } -#endif /* MBEDTLS_SSL_SRV_C */ - - /* Clear existing peer CRT structure in case we tried to - * reuse a session but it failed, and allocate a new one. */ - ssl_clear_peer_cert( ssl->session_negotiate ); - - chain = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( chain == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - sizeof( mbedtls_x509_crt ) ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - mbedtls_x509_crt_init( chain ); - - ret = ssl_parse_certificate_chain( ssl, chain ); - if( ret != 0 ) - goto exit; - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ssl->handshake->ecrs_enabled) - ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; - -crt_verify: - if( ssl->handshake->ecrs_enabled) - rs_ctx = &ssl->handshake->ecrs_ctx; -#endif - - ret = ssl_parse_certificate_verify( ssl, authmode, - chain, rs_ctx ); - if( ret != 0 ) - goto exit; - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - { - unsigned char *crt_start, *pk_start; - size_t crt_len, pk_len; - - /* We parse the CRT chain without copying, so - * these pointers point into the input buffer, - * and are hence still valid after freeing the - * CRT chain. */ - - crt_start = chain->raw.p; - crt_len = chain->raw.len; - - pk_start = chain->pk_raw.p; - pk_len = chain->pk_raw.len; - - /* Free the CRT structures before computing - * digest and copying the peer's public key. */ - mbedtls_x509_crt_free( chain ); - mbedtls_free( chain ); - chain = NULL; - - ret = ssl_remember_peer_crt_digest( ssl, crt_start, crt_len ); - if( ret != 0 ) - goto exit; - - ret = ssl_remember_peer_pubkey( ssl, pk_start, pk_len ); - if( ret != 0 ) - goto exit; - } -#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - /* Pass ownership to session structure. */ - ssl->session_negotiate->peer_cert = chain; - chain = NULL; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); - -exit: - - if( ret == 0 ) - ssl->state++; - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - ssl->handshake->ecrs_peer_cert = chain; - chain = NULL; - } -#endif - - if( chain != NULL ) - { - mbedtls_x509_crt_free( chain ); - mbedtls_free( chain ); - } - - return( ret ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); - - ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; - ssl->out_msglen = 1; - ssl->out_msg[0] = 1; - - ssl->state++; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); - - return( 0 ); -} - -int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - /* CCS records are only accepted if they have length 1 and content '1', - * so we don't need to check this here. */ - - /* - * Switch to our negotiated transform and session parameters for inbound - * data. - */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); - ssl->transform_in = ssl->transform_negotiate; - ssl->session_in = ssl->session_negotiate; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - ssl_dtls_replay_reset( ssl ); -#endif - - /* Increment epoch */ - if( ++ssl->in_epoch == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); - /* This is highly unlikely to happen for legitimate reasons, so - treat it as an attack and don't send an alert. */ - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->in_ctr, 0, 8 ); - - ssl_update_in_pointers( ssl, ssl->transform_negotiate ); - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - } -#endif - - ssl->state++; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); - - return( 0 ); -} - -void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ) -{ - ((void) ciphersuite_info); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; - else -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - ssl->handshake->update_checksum = ssl_update_checksum_sha384; - else -#endif -#if defined(MBEDTLS_SHA256_C) - if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 ) - ssl->handshake->update_checksum = ssl_update_checksum_sha256; - else -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return; - } -} - -void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_starts_ret( &ssl->handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 ); -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &ssl->handshake->fin_sha256_psa ); - psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); -#else - mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); -#endif -#endif -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &ssl->handshake->fin_sha384_psa ); - psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); -#else - mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 ); -#endif -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -} - -static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); -#else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); -#endif -#endif -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); -#else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); -#endif -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -} - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); -} -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); -#else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); -#endif -} -#endif - -#if defined(MBEDTLS_SHA512_C) -static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); -#else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); -#endif -} -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_SSL_PROTO_SSL3) -static void ssl_calc_finished_ssl( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) -{ - const char *sender; - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - - unsigned char padbuf[48]; - unsigned char md5sum[16]; - unsigned char sha1sum[20]; - - mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) - session = ssl->session; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - - /* - * SSLv3: - * hash = - * MD5( master + pad2 + - * MD5( handshake + sender + master + pad1 ) ) - * + SHA1( master + pad2 + - * SHA1( handshake + sender + master + pad1 ) ) - */ - -#if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); -#endif - -#if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); -#endif - - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT" - : "SRVR"; - - memset( padbuf, 0x36, 48 ); - - mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 ); - mbedtls_md5_update_ret( &md5, session->master, 48 ); - mbedtls_md5_update_ret( &md5, padbuf, 48 ); - mbedtls_md5_finish_ret( &md5, md5sum ); - - mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 ); - mbedtls_sha1_update_ret( &sha1, session->master, 48 ); - mbedtls_sha1_update_ret( &sha1, padbuf, 40 ); - mbedtls_sha1_finish_ret( &sha1, sha1sum ); - - memset( padbuf, 0x5C, 48 ); - - mbedtls_md5_starts_ret( &md5 ); - mbedtls_md5_update_ret( &md5, session->master, 48 ); - mbedtls_md5_update_ret( &md5, padbuf, 48 ); - mbedtls_md5_update_ret( &md5, md5sum, 16 ); - mbedtls_md5_finish_ret( &md5, buf ); - - mbedtls_sha1_starts_ret( &sha1 ); - mbedtls_sha1_update_ret( &sha1, session->master, 48 ); - mbedtls_sha1_update_ret( &sha1, padbuf , 40 ); - mbedtls_sha1_update_ret( &sha1, sha1sum, 20 ); - mbedtls_sha1_finish_ret( &sha1, buf + 16 ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); - - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - mbedtls_platform_zeroize( md5sum, sizeof( md5sum ) ); - mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); -} -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_calc_finished_tls( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) -{ - int len = 12; - const char *sender; - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - unsigned char padbuf[36]; - - mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) - session = ssl->session; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - - /* - * TLSv1: - * hash = PRF( master, finished_label, - * MD5( handshake ) + SHA1( handshake ) )[0..11] - */ - -#if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); -#endif - -#if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); -#endif - - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) - ? "client finished" - : "server finished"; - - mbedtls_md5_finish_ret( &md5, padbuf ); - mbedtls_sha1_finish_ret( &sha1, padbuf + 16 ); - - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 36, buf, len ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); -} -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -static void ssl_calc_finished_tls_sha256( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) -{ - int len = 12; - const char *sender; - unsigned char padbuf[32]; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; - psa_status_t status; -#else - mbedtls_sha256_context sha256; -#endif - - mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) - session = ssl->session; - - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) - ? "client finished" - : "server finished"; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - sha256_psa = psa_hash_operation_init(); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) ); - - status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); - return; - } - - status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); - return; - } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 ); -#else - - mbedtls_sha256_init( &sha256 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); - - mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); - - /* - * TLSv1.2: - * hash = PRF( master, finished_label, - * Hash( handshake ) )[0.11] - */ - -#if !defined(MBEDTLS_SHA256_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) - sha256.state, sizeof( sha256.state ) ); -#endif - - mbedtls_sha256_finish_ret( &sha256, padbuf ); - mbedtls_sha256_free( &sha256 ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 32, buf, len ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); -} -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -static void ssl_calc_finished_tls_sha384( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) -{ - int len = 12; - const char *sender; - unsigned char padbuf[48]; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT; - psa_status_t status; -#else - mbedtls_sha512_context sha512; -#endif - - mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) - session = ssl->session; - - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) - ? "client finished" - : "server finished"; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - sha384_psa = psa_hash_operation_init(); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha384" ) ); - - status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); - return; - } - - status = psa_hash_finish( &sha384_psa, padbuf, sizeof( padbuf ), &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); - return; - } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 48 ); -#else - mbedtls_sha512_init( &sha512 ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); - - mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); - - /* - * TLSv1.2: - * hash = PRF( master, finished_label, - * Hash( handshake ) )[0.11] - */ - -#if !defined(MBEDTLS_SHA512_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) - sha512.state, sizeof( sha512.state ) ); -#endif - - mbedtls_sha512_finish_ret( &sha512, padbuf ); - mbedtls_sha512_free( &sha512 ); -#endif - - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 48, buf, len ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); -} -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) -{ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) ); - - /* - * Free our handshake params - */ - mbedtls_ssl_handshake_free( ssl ); - mbedtls_free( ssl->handshake ); - ssl->handshake = NULL; - - /* - * Free the previous transform and swith in the current one - */ - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); - } - ssl->transform = ssl->transform_negotiate; - ssl->transform_negotiate = NULL; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) ); -} - -void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) -{ - int resume = ssl->handshake->resume; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; - ssl->renego_records_seen = 0; - } -#endif - - /* - * Free the previous session and switch in the current one - */ - if( ssl->session ) - { -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - /* RFC 7366 3.1: keep the EtM state */ - ssl->session_negotiate->encrypt_then_mac = - ssl->session->encrypt_then_mac; -#endif - - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); - } - ssl->session = ssl->session_negotiate; - ssl->session_negotiate = NULL; - - /* - * Add cache entry - */ - if( ssl->conf->f_set_cache != NULL && - ssl->session->id_len != 0 && - resume == 0 ) - { - if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->flight != NULL ) - { - /* Cancel handshake timer */ - ssl_set_timer( ssl, 0 ); - - /* Keep last flight around in case we need to resend it: - * we need the handshake and transform structures for that */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); - } - else -#endif - ssl_handshake_wrapup_free_hs_transform( ssl ); - - ssl->state++; - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); -} - -int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) -{ - int ret, hash_len; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); - - ssl_update_out_pointers( ssl, ssl->transform_negotiate ); - - ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); - - /* - * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites - * may define some other value. Currently (early 2016), no defined - * ciphersuite does this (and this is unlikely to change as activity has - * moved to TLS 1.3 now) so we can keep the hardcoded 12 here. - */ - hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12; - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->verify_data_len = hash_len; - memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len ); -#endif - - ssl->out_msglen = 4 + hash_len; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_FINISHED; - - /* - * In case of session resuming, invert the client and server - * ChangeCipherSpec messages order. - */ - if( ssl->handshake->resume != 0 ) - { -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; -#endif -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; -#endif - } - else - ssl->state++; - - /* - * Switch to our negotiated transform and session parameters for outbound - * data. - */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - unsigned char i; - - /* Remember current epoch settings for resending */ - ssl->handshake->alt_transform_out = ssl->transform_out; - memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); - - /* Set sequence_number to zero */ - memset( ssl->cur_out_ctr + 2, 0, 6 ); - - /* Increment epoch */ - for( i = 2; i > 0; i-- ) - if( ++ssl->cur_out_ctr[i - 1] != 0 ) - break; - - /* The loop goes to its end iff the counter is wrapping */ - if( i == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->cur_out_ctr, 0, 8 ); - - ssl->transform_out = ssl->transform_negotiate; - ssl->session_out = ssl->session_negotiate; - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - } -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); -#endif - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); - } -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_PROTO_SSL3) -#define SSL_MAX_HASH_LEN 36 -#else -#define SSL_MAX_HASH_LEN 12 -#endif - -int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) -{ - int ret; - unsigned int hash_len; - unsigned char buf[SSL_MAX_HASH_LEN]; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); - - ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - /* There is currently no ciphersuite using another length with TLS 1.2 */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - hash_len = 36; - else -#endif - hash_len = 12; - - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); - } - - if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), - buf, hash_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); - } - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->verify_data_len = hash_len; - memcpy( ssl->peer_verify_data, buf, hash_len ); -#endif - - if( ssl->handshake->resume != 0 ) - { -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; -#endif -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; -#endif - } - else - ssl->state++; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); - - return( 0 ); -} - -static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) -{ - memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_init( &handshake->fin_md5 ); - mbedtls_sha1_init( &handshake->fin_sha1 ); - mbedtls_md5_starts_ret( &handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &handshake->fin_sha1 ); -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - handshake->fin_sha256_psa = psa_hash_operation_init(); - psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); -#else - mbedtls_sha256_init( &handshake->fin_sha256 ); - mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); -#endif -#endif -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - handshake->fin_sha384_psa = psa_hash_operation_init(); - psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); -#else - mbedtls_sha512_init( &handshake->fin_sha512 ); - mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 ); -#endif -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - - handshake->update_checksum = ssl_update_checksum_start; - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs ); -#endif - -#if defined(MBEDTLS_DHM_C) - mbedtls_dhm_init( &handshake->dhm_ctx ); -#endif -#if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_init( &handshake->ecdh_ctx ); -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_init( &handshake->ecjpake_ctx ); -#if defined(MBEDTLS_SSL_CLI_C) - handshake->ecjpake_cache = NULL; - handshake->ecjpake_cache_len = 0; -#endif -#endif - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); -#endif - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET; -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_init( &handshake->peer_pubkey ); -#endif -} - -static void ssl_transform_init( mbedtls_ssl_transform *transform ) -{ - memset( transform, 0, sizeof(mbedtls_ssl_transform) ); - - mbedtls_cipher_init( &transform->cipher_ctx_enc ); - mbedtls_cipher_init( &transform->cipher_ctx_dec ); - - mbedtls_md_init( &transform->md_ctx_enc ); - mbedtls_md_init( &transform->md_ctx_dec ); -} - -void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) -{ - memset( session, 0, sizeof(mbedtls_ssl_session) ); -} - -static int ssl_handshake_init( mbedtls_ssl_context *ssl ) -{ - /* Clear old handshake information if present */ - if( ssl->transform_negotiate ) - mbedtls_ssl_transform_free( ssl->transform_negotiate ); - if( ssl->session_negotiate ) - mbedtls_ssl_session_free( ssl->session_negotiate ); - if( ssl->handshake ) - mbedtls_ssl_handshake_free( ssl ); - - /* - * Either the pointers are now NULL or cleared properly and can be freed. - * Now allocate missing structures. - */ - if( ssl->transform_negotiate == NULL ) - { - ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) ); - } - - if( ssl->session_negotiate == NULL ) - { - ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) ); - } - - if( ssl->handshake == NULL ) - { - ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) ); - } - - /* All pointers should exist and can be directly freed without issue */ - if( ssl->handshake == NULL || - ssl->transform_negotiate == NULL || - ssl->session_negotiate == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) ); - - mbedtls_free( ssl->handshake ); - mbedtls_free( ssl->transform_negotiate ); - mbedtls_free( ssl->session_negotiate ); - - ssl->handshake = NULL; - ssl->transform_negotiate = NULL; - ssl->session_negotiate = NULL; - - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - /* Initialize structures */ - mbedtls_ssl_session_init( ssl->session_negotiate ); - ssl_transform_init( ssl->transform_negotiate ); - ssl_handshake_params_init( ssl->handshake ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->handshake->alt_transform_out = ssl->transform_out; - - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; - else - ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; - - ssl_set_timer( ssl, 0 ); - } -#endif - - return( 0 ); -} - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) -/* Dummy cookie callbacks for defaults */ -static int ssl_cookie_write_dummy( void *ctx, - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) -{ - ((void) ctx); - ((void) p); - ((void) end); - ((void) cli_id); - ((void) cli_id_len); - - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -} - -static int ssl_cookie_check_dummy( void *ctx, - const unsigned char *cookie, size_t cookie_len, - const unsigned char *cli_id, size_t cli_id_len ) -{ - ((void) ctx); - ((void) cookie); - ((void) cookie_len); - ((void) cli_id); - ((void) cli_id_len); - - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -} -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ - -/* Once ssl->out_hdr as the address of the beginning of the - * next outgoing record is set, deduce the other pointers. - * - * Note: For TLS, we save the implicit record sequence number - * (entering MAC computation) in the 8 bytes before ssl->out_hdr, - * and the caller has to make sure there's space for this. - */ - -static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->out_ctr = ssl->out_hdr + 3; - ssl->out_len = ssl->out_hdr + 11; - ssl->out_iv = ssl->out_hdr + 13; - } - else -#endif - { - ssl->out_ctr = ssl->out_hdr - 8; - ssl->out_len = ssl->out_hdr + 3; - ssl->out_iv = ssl->out_hdr + 5; - } - - /* Adjust out_msg to make space for explicit IV, if used. */ - if( transform != NULL && - ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - ssl->out_msg = ssl->out_iv + transform->ivlen - transform->fixed_ivlen; - } - else - ssl->out_msg = ssl->out_iv; -} - -/* Once ssl->in_hdr as the address of the beginning of the - * next incoming record is set, deduce the other pointers. - * - * Note: For TLS, we save the implicit record sequence number - * (entering MAC computation) in the 8 bytes before ssl->in_hdr, - * and the caller has to make sure there's space for this. - */ - -static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->in_ctr = ssl->in_hdr + 3; - ssl->in_len = ssl->in_hdr + 11; - ssl->in_iv = ssl->in_hdr + 13; - } - else -#endif - { - ssl->in_ctr = ssl->in_hdr - 8; - ssl->in_len = ssl->in_hdr + 3; - ssl->in_iv = ssl->in_hdr + 5; - } - - /* Offset in_msg from in_iv to allow space for explicit IV, if used. */ - if( transform != NULL && - ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - ssl->in_msg = ssl->in_iv + transform->ivlen - transform->fixed_ivlen; - } - else - ssl->in_msg = ssl->in_iv; -} - -/* - * Initialize an SSL context - */ -void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) -{ - memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); -} - -/* - * Setup an SSL context - */ - -static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) -{ - /* Set the incoming and outgoing record pointers. */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->out_hdr = ssl->out_buf; - ssl->in_hdr = ssl->in_buf; - } - else -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - { - ssl->out_hdr = ssl->out_buf + 8; - ssl->in_hdr = ssl->in_buf + 8; - } - - /* Derive other internal pointers. */ - ssl_update_out_pointers( ssl, NULL /* no transform enabled */ ); - ssl_update_in_pointers ( ssl, NULL /* no transform enabled */ ); -} - -int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, - const mbedtls_ssl_config *conf ) -{ - int ret; - - ssl->conf = conf; - - /* - * Prepare base structures - */ - - /* Set to NULL in case of an error condition */ - ssl->out_buf = NULL; - - ssl->in_buf = mbedtls_calloc( 1, MBEDTLS_SSL_IN_BUFFER_LEN ); - if( ssl->in_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_IN_BUFFER_LEN) ); - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto error; - } - - ssl->out_buf = mbedtls_calloc( 1, MBEDTLS_SSL_OUT_BUFFER_LEN ); - if( ssl->out_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_OUT_BUFFER_LEN) ); - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto error; - } - - ssl_reset_in_out_pointers( ssl ); - - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - goto error; - - return( 0 ); - -error: - mbedtls_free( ssl->in_buf ); - mbedtls_free( ssl->out_buf ); - - ssl->conf = NULL; - - ssl->in_buf = NULL; - ssl->out_buf = NULL; - - ssl->in_hdr = NULL; - ssl->in_ctr = NULL; - ssl->in_len = NULL; - ssl->in_iv = NULL; - ssl->in_msg = NULL; - - ssl->out_hdr = NULL; - ssl->out_ctr = NULL; - ssl->out_len = NULL; - ssl->out_iv = NULL; - ssl->out_msg = NULL; - - return( ret ); -} - -/* - * Reset an initialized and used SSL context for re-use while retaining - * all application-set variables, function pointers and data. - * - * If partial is non-zero, keep data in the input buffer and client ID. - * (Use when a DTLS client reconnects from the same port.) - */ -static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) -{ - int ret; - -#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \ - !defined(MBEDTLS_SSL_SRV_C) - ((void) partial); -#endif - - ssl->state = MBEDTLS_SSL_HELLO_REQUEST; - - /* Cancel any possibly running timer */ - ssl_set_timer( ssl, 0 ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; - ssl->renego_records_seen = 0; - - ssl->verify_data_len = 0; - memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); - memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); -#endif - ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; - - ssl->in_offt = NULL; - ssl_reset_in_out_pointers( ssl ); - - ssl->in_msgtype = 0; - ssl->in_msglen = 0; -#if defined(MBEDTLS_SSL_PROTO_DTLS) - ssl->next_record_offset = 0; - ssl->in_epoch = 0; -#endif -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - ssl_dtls_replay_reset( ssl ); -#endif - - ssl->in_hslen = 0; - ssl->nb_zero = 0; - - ssl->keep_current_message = 0; - - ssl->out_msgtype = 0; - ssl->out_msglen = 0; - ssl->out_left = 0; -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ) - ssl->split_done = 0; -#endif - - memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); - - ssl->transform_in = NULL; - ssl->transform_out = NULL; - - ssl->session_in = NULL; - ssl->session_out = NULL; - - memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN ); - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) - if( partial == 0 ) -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - { - ssl->in_left = 0; - memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN ); - } - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_reset != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) ); - if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - } -#endif - - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); - ssl->transform = NULL; - } - - if( ssl->session ) - { - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); - ssl->session = NULL; - } - -#if defined(MBEDTLS_SSL_ALPN) - ssl->alpn_chosen = NULL; -#endif - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - if( partial == 0 ) -#endif - { - mbedtls_free( ssl->cli_id ); - ssl->cli_id = NULL; - ssl->cli_id_len = 0; - } -#endif - - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); - - return( 0 ); -} - -/* - * Reset an initialized and used SSL context for re-use while retaining - * all application-set variables, function pointers and data. - */ -int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ) -{ - return( ssl_session_reset_int( ssl, 0 ) ); -} - -/* - * SSL set accessors - */ -void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ) -{ - conf->endpoint = endpoint; -} - -void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ) -{ - conf->transport = transport; -} - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) -{ - conf->anti_replay = mode; -} -#endif - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) -void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) -{ - conf->badmac_limit = limit; -} -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - -void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, - unsigned allow_packing ) -{ - ssl->disable_datagram_packing = !allow_packing; -} - -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, - uint32_t min, uint32_t max ) -{ - conf->hs_timeout_min = min; - conf->hs_timeout_max = max; -} -#endif - -void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ) -{ - conf->authmode = authmode; -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) -{ - conf->f_vrfy = f_vrfy; - conf->p_vrfy = p_vrfy; -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - conf->f_rng = f_rng; - conf->p_rng = p_rng; -} - -void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, - void (*f_dbg)(void *, int, const char *, int, const char *), - void *p_dbg ) -{ - conf->f_dbg = f_dbg; - conf->p_dbg = p_dbg; -} - -void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, - void *p_bio, - mbedtls_ssl_send_t *f_send, - mbedtls_ssl_recv_t *f_recv, - mbedtls_ssl_recv_timeout_t *f_recv_timeout ) -{ - ssl->p_bio = p_bio; - ssl->f_send = f_send; - ssl->f_recv = f_recv; - ssl->f_recv_timeout = f_recv_timeout; -} - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ) -{ - ssl->mtu = mtu; -} -#endif - -void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) -{ - conf->read_timeout = timeout; -} - -void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, - void *p_timer, - mbedtls_ssl_set_timer_t *f_set_timer, - mbedtls_ssl_get_timer_t *f_get_timer ) -{ - ssl->p_timer = p_timer; - ssl->f_set_timer = f_set_timer; - ssl->f_get_timer = f_get_timer; - - /* Make sure we start with no timer running */ - ssl_set_timer( ssl, 0 ); -} - -#if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ) -{ - conf->p_cache = p_cache; - conf->f_get_cache = f_get_cache; - conf->f_set_cache = f_set_cache; -} -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_CLI_C) -int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ) -{ - int ret; - - if( ssl == NULL || - session == NULL || - ssl->session_negotiate == NULL || - ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate, - session ) ) != 0 ) - return( ret ); - - ssl->handshake->resume = 1; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_CLI_C */ - -void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ) -{ - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites; - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites; - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites; - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites; -} - -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ) -{ - if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) - return; - - if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 ) - return; - - conf->ciphersuite_list[minor] = ciphersuites; -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, - const mbedtls_x509_crt_profile *profile ) -{ - conf->cert_profile = profile; -} - -/* Append a new keycert entry to a (possibly empty) list */ -static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, - mbedtls_x509_crt *cert, - mbedtls_pk_context *key ) -{ - mbedtls_ssl_key_cert *new_cert; - - new_cert = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) ); - if( new_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - new_cert->cert = cert; - new_cert->key = key; - new_cert->next = NULL; - - /* Update head is the list was null, else add to the end */ - if( *head == NULL ) - { - *head = new_cert; - } - else - { - mbedtls_ssl_key_cert *cur = *head; - while( cur->next != NULL ) - cur = cur->next; - cur->next = new_cert; - } - - return( 0 ); -} - -int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ) -{ - return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); -} - -void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ) -{ - conf->ca_chain = ca_chain; - conf->ca_crl = ca_crl; - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb() - * cannot be used together. */ - conf->f_ca_cb = NULL; - conf->p_ca_cb = NULL; -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -} - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb ) -{ - conf->f_ca_cb = f_ca_cb; - conf->p_ca_cb = p_ca_cb; - - /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb() - * cannot be used together. */ - conf->ca_chain = NULL; - conf->ca_crl = NULL; -} -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ) -{ - return( ssl_append_key_cert( &ssl->handshake->sni_key_cert, - own_cert, pk_key ) ); -} - -void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ) -{ - ssl->handshake->sni_ca_chain = ca_chain; - ssl->handshake->sni_ca_crl = ca_crl; -} - -void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, - int authmode ) -{ - ssl->handshake->sni_authmode = authmode; -} -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) -{ - ssl->f_vrfy = f_vrfy; - ssl->p_vrfy = p_vrfy; -} -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -/* - * Set EC J-PAKE password for current handshake - */ -int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, - const unsigned char *pw, - size_t pw_len ) -{ - mbedtls_ecjpake_role role; - - if( ssl->handshake == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - role = MBEDTLS_ECJPAKE_SERVER; - else - role = MBEDTLS_ECJPAKE_CLIENT; - - return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx, - role, - MBEDTLS_MD_SHA256, - MBEDTLS_ECP_DP_SECP256R1, - pw, pw_len ) ); -} -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - -static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) -{ - /* Remove reference to existing PSK, if any. */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( conf->psk_opaque != 0 ) - { - /* The maintenance of the PSK key slot is the - * user's responsibility. */ - conf->psk_opaque = 0; - } - /* This and the following branch should never - * be taken simultaenously as we maintain the - * invariant that raw and opaque PSKs are never - * configured simultaneously. As a safeguard, - * though, `else` is omitted here. */ -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); - - mbedtls_free( conf->psk ); - conf->psk = NULL; - conf->psk_len = 0; - } - - /* Remove reference to PSK identity, if any. */ - if( conf->psk_identity != NULL ) - { - mbedtls_free( conf->psk_identity ); - conf->psk_identity = NULL; - conf->psk_identity_len = 0; - } -} - -/* This function assumes that PSK identity in the SSL config is unset. - * It checks that the provided identity is well-formed and attempts - * to make a copy of it in the SSL config. - * On failure, the PSK identity in the config remains unset. */ -static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf, - unsigned char const *psk_identity, - size_t psk_identity_len ) -{ - /* Identity len will be encoded on two bytes */ - if( psk_identity == NULL || - ( psk_identity_len >> 16 ) != 0 || - psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ); - if( conf->psk_identity == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - conf->psk_identity_len = psk_identity_len; - memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); - - return( 0 ); -} - -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ) -{ - int ret; - /* Remove opaque/raw PSK + PSK Identity */ - ssl_conf_remove_psk( conf ); - - /* Check and set raw PSK */ - if( psk == NULL || psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - conf->psk_len = psk_len; - memcpy( conf->psk, psk, conf->psk_len ); - - /* Check and set PSK Identity */ - ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len ); - if( ret != 0 ) - ssl_conf_remove_psk( conf ); - - return( ret ); -} - -static void ssl_remove_psk( mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ssl->handshake->psk_opaque != 0 ) - { - ssl->handshake->psk_opaque = 0; - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ssl->handshake->psk != NULL ) - { - mbedtls_platform_zeroize( ssl->handshake->psk, - ssl->handshake->psk_len ); - mbedtls_free( ssl->handshake->psk ); - ssl->handshake->psk_len = 0; - } -} - -int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, - const unsigned char *psk, size_t psk_len ) -{ - if( psk == NULL || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - ssl_remove_psk( ssl ); - - if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - ssl->handshake->psk_len = psk_len; - memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len ); - - return( 0 ); -} - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_handle_t psk_slot, - const unsigned char *psk_identity, - size_t psk_identity_len ) -{ - int ret; - /* Clear opaque/raw PSK + PSK Identity, if present. */ - ssl_conf_remove_psk( conf ); - - /* Check and set opaque PSK */ - if( psk_slot == 0 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - conf->psk_opaque = psk_slot; - - /* Check and set PSK Identity */ - ret = ssl_conf_set_psk_identity( conf, psk_identity, - psk_identity_len ); - if( ret != 0 ) - ssl_conf_remove_psk( conf ); - - return( ret ); -} - -int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_handle_t psk_slot ) -{ - if( psk_slot == 0 || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - ssl_remove_psk( ssl ); - ssl->handshake->psk_opaque = psk_slot; - return( 0 ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_psk ) -{ - conf->f_psk = f_psk; - conf->p_psk = p_psk; -} -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) -{ - int ret; - - if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || - ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - -int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, - const unsigned char *dhm_P, size_t P_len, - const unsigned char *dhm_G, size_t G_len ) -{ - int ret; - - if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); - } - - return( 0 ); -} - -int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) -{ - int ret; - - if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || - ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) -/* - * Set the minimum length for Diffie-Hellman parameters - */ -void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, - unsigned int bitlen ) -{ - conf->dhm_min_bitlen = bitlen; -} -#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -/* - * Set allowed/preferred hashes for handshake signatures - */ -void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, - const int *hashes ) -{ - conf->sig_hashes = hashes; -} -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_ECP_C) -/* - * Set the allowed elliptic curves - */ -void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, - const mbedtls_ecp_group_id *curve_list ) -{ - conf->curve_list = curve_list; -} -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ) -{ - /* Initialize to suppress unnecessary compiler warning */ - size_t hostname_len = 0; - - /* Check if new hostname is valid before - * making any change to current one */ - if( hostname != NULL ) - { - hostname_len = strlen( hostname ); - - if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - /* Now it's clear that we will overwrite the old hostname, - * so we can free it safely */ - - if( ssl->hostname != NULL ) - { - mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); - mbedtls_free( ssl->hostname ); - } - - /* Passing NULL as hostname shall clear the old one */ - - if( hostname == NULL ) - { - ssl->hostname = NULL; - } - else - { - ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 ); - if( ssl->hostname == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - - memcpy( ssl->hostname, hostname, hostname_len ); - - ssl->hostname[hostname_len] = '\0'; - } - - return( 0 ); -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, - int (*f_sni)(void *, mbedtls_ssl_context *, - const unsigned char *, size_t), - void *p_sni ) -{ - conf->f_sni = f_sni; - conf->p_sni = p_sni; -} -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_SSL_ALPN) -int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ) -{ - size_t cur_len, tot_len; - const char **p; - - /* - * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings - * MUST NOT be truncated." - * We check lengths now rather than later. - */ - tot_len = 0; - for( p = protos; *p != NULL; p++ ) - { - cur_len = strlen( *p ); - tot_len += cur_len; - - if( cur_len == 0 || cur_len > 255 || tot_len > 65535 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - conf->alpn_list = protos; - - return( 0 ); -} - -const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ) -{ - return( ssl->alpn_chosen ); -} -#endif /* MBEDTLS_SSL_ALPN */ - -void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ) -{ - conf->max_major_ver = major; - conf->max_minor_ver = minor; -} - -void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ) -{ - conf->min_major_ver = major; - conf->min_minor_ver = minor; -} - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) -{ - conf->fallback = fallback; -} -#endif - -#if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, - char cert_req_ca_list ) -{ - conf->cert_req_ca_list = cert_req_ca_list; -} -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ) -{ - conf->encrypt_then_mac = etm; -} -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ) -{ - conf->extended_ms = ems; -} -#endif - -#if defined(MBEDTLS_ARC4_C) -void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ) -{ - conf->arc4_disabled = arc4; -} -#endif - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ) -{ - if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || - ssl_mfl_code_to_length( mfl_code ) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - conf->mfl_code = mfl_code; - - return( 0 ); -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) -{ - conf->trunc_hmac = truncate; -} -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) -{ - conf->cbc_record_splitting = split; -} -#endif - -void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) -{ - conf->allow_legacy_renegotiation = allow_legacy; -} - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ) -{ - conf->disable_renegotiation = renegotiation; -} - -void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ) -{ - conf->renego_max_records = max_records; -} - -void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, - const unsigned char period[8] ) -{ - memcpy( conf->renego_period, period, 8 ); -} -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) -#if defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) -{ - conf->session_tickets = use_tickets; -} -#endif - -#if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_ticket_write_t *f_ticket_write, - mbedtls_ssl_ticket_parse_t *f_ticket_parse, - void *p_ticket ) -{ - conf->f_ticket_write = f_ticket_write; - conf->f_ticket_parse = f_ticket_parse; - conf->p_ticket = p_ticket; -} -#endif -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ) -{ - conf->f_export_keys = f_export_keys; - conf->p_export_keys = p_export_keys; -} -#endif - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -void mbedtls_ssl_conf_async_private_cb( - mbedtls_ssl_config *conf, - mbedtls_ssl_async_sign_t *f_async_sign, - mbedtls_ssl_async_decrypt_t *f_async_decrypt, - mbedtls_ssl_async_resume_t *f_async_resume, - mbedtls_ssl_async_cancel_t *f_async_cancel, - void *async_config_data ) -{ - conf->f_async_sign_start = f_async_sign; - conf->f_async_decrypt_start = f_async_decrypt; - conf->f_async_resume = f_async_resume; - conf->f_async_cancel = f_async_cancel; - conf->p_async_config_data = async_config_data; -} - -void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ) -{ - return( conf->p_async_config_data ); -} - -void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ) -{ - if( ssl->handshake == NULL ) - return( NULL ); - else - return( ssl->handshake->user_async_ctx ); -} - -void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, - void *ctx ) -{ - if( ssl->handshake != NULL ) - ssl->handshake->user_async_ctx = ctx; -} -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -/* - * SSL get accessors - */ -size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ) -{ - return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); -} - -int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) -{ - /* - * Case A: We're currently holding back - * a message for further processing. - */ - - if( ssl->keep_current_message == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: record held back for processing" ) ); - return( 1 ); - } - - /* - * Case B: Further records are pending in the current datagram. - */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->in_left > ssl->next_record_offset ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more records within current datagram" ) ); - return( 1 ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - - /* - * Case C: A handshake message is being processed. - */ - - if( ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more handshake messages within current record" ) ); - return( 1 ); - } - - /* - * Case D: An application data message is being processed - */ - if( ssl->in_offt != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: application data record is being processed" ) ); - return( 1 ); - } - - /* - * In all other cases, the rest of the message can be dropped. - * As in ssl_get_next_record, this needs to be adapted if - * we implement support for multiple alerts in single records. - */ - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: nothing pending" ) ); - return( 0 ); -} - -uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) -{ - if( ssl->session != NULL ) - return( ssl->session->verify_result ); - - if( ssl->session_negotiate != NULL ) - return( ssl->session_negotiate->verify_result ); - - return( 0xFFFFFFFF ); -} - -const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) -{ - if( ssl == NULL || ssl->session == NULL ) - return( NULL ); - - return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite ); -} - -const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - switch( ssl->minor_ver ) - { - case MBEDTLS_SSL_MINOR_VERSION_2: - return( "DTLSv1.0" ); - - case MBEDTLS_SSL_MINOR_VERSION_3: - return( "DTLSv1.2" ); - - default: - return( "unknown (DTLS)" ); - } - } -#endif - - switch( ssl->minor_ver ) - { - case MBEDTLS_SSL_MINOR_VERSION_0: - return( "SSLv3.0" ); - - case MBEDTLS_SSL_MINOR_VERSION_1: - return( "TLSv1.0" ); - - case MBEDTLS_SSL_MINOR_VERSION_2: - return( "TLSv1.1" ); - - case MBEDTLS_SSL_MINOR_VERSION_3: - return( "TLSv1.2" ); - - default: - return( "unknown" ); - } -} - -int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) -{ - size_t transform_expansion = 0; - const mbedtls_ssl_transform *transform = ssl->transform_out; - unsigned block_size; - - if( transform == NULL ) - return( (int) mbedtls_ssl_hdr_len( ssl ) ); - -#if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); -#endif - - switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) - { - case MBEDTLS_MODE_GCM: - case MBEDTLS_MODE_CCM: - case MBEDTLS_MODE_CHACHAPOLY: - case MBEDTLS_MODE_STREAM: - transform_expansion = transform->minlen; - break; - - case MBEDTLS_MODE_CBC: - - block_size = mbedtls_cipher_get_block_size( - &transform->cipher_ctx_enc ); - - /* Expansion due to the addition of the MAC. */ - transform_expansion += transform->maclen; - - /* Expansion due to the addition of CBC padding; - * Theoretically up to 256 bytes, but we never use - * more than the block size of the underlying cipher. */ - transform_expansion += block_size; - - /* For TLS 1.1 or higher, an explicit IV is added - * after the record header. */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - transform_expansion += block_size; -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - - break; - - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - - return( (int)( mbedtls_ssl_hdr_len( ssl ) + transform_expansion ) ); -} - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) -{ - size_t max_len; - - /* - * Assume mfl_code is correct since it was checked when set - */ - max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code ); - - /* Check if a smaller max length was negotiated */ - if( ssl->session_out != NULL && - ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len ) - { - max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); - } - - /* During a handshake, use the value being negotiated */ - if( ssl->session_negotiate != NULL && - ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len ) - { - max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); - } - - return( max_len ); -} -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) -static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ) -{ - /* Return unlimited mtu for client hello messages to avoid fragmentation. */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO || - ssl->state == MBEDTLS_SSL_SERVER_HELLO ) ) - return ( 0 ); - - if( ssl->handshake == NULL || ssl->handshake->mtu == 0 ) - return( ssl->mtu ); - - if( ssl->mtu == 0 ) - return( ssl->handshake->mtu ); - - return( ssl->mtu < ssl->handshake->mtu ? - ssl->mtu : ssl->handshake->mtu ); -} -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) -{ - size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; - -#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ - !defined(MBEDTLS_SSL_PROTO_DTLS) - (void) ssl; -#endif - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); - - if( max_len > mfl ) - max_len = mfl; -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl_get_current_mtu( ssl ) != 0 ) - { - const size_t mtu = ssl_get_current_mtu( ssl ); - const int ret = mbedtls_ssl_get_record_expansion( ssl ); - const size_t overhead = (size_t) ret; - - if( ret < 0 ) - return( ret ); - - if( mtu <= overhead ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - - if( max_len > mtu - overhead ) - max_len = mtu - overhead; - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ - !defined(MBEDTLS_SSL_PROTO_DTLS) - ((void) ssl); -#endif - - return( (int) max_len ); -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) -{ - if( ssl == NULL || ssl->session == NULL ) - return( NULL ); - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - return( ssl->session->peer_cert ); -#else - return( NULL ); -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_CLI_C) -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, - mbedtls_ssl_session *dst ) -{ - if( ssl == NULL || - dst == NULL || - ssl->session == NULL || - ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - - return( mbedtls_ssl_session_copy( dst, ssl->session ) ); -} -#endif /* MBEDTLS_SSL_CLI_C */ - -/* - * Perform a single step of the SSL handshake - */ -int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ret = mbedtls_ssl_handshake_client_step( ssl ); -#endif -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ret = mbedtls_ssl_handshake_server_step( ssl ); -#endif - - return( ret ); -} - -/* - * Perform the SSL handshake - */ -int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); - - while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake_step( ssl ); - - if( ret != 0 ) - break; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); - - return( ret ); -} - -#if defined(MBEDTLS_SSL_RENEGOTIATION) -#if defined(MBEDTLS_SSL_SRV_C) -/* - * Write HelloRequest to request renegotiation on server - */ -static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) ); - - ssl->out_msglen = 4; - ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; - - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) ); - - return( 0 ); -} -#endif /* MBEDTLS_SSL_SRV_C */ - -/* - * Actually renegotiate current connection, triggered by either: - * - any side: calling mbedtls_ssl_renegotiate(), - * - client: receiving a HelloRequest during mbedtls_ssl_read(), - * - server: receiving any handshake message on server during mbedtls_ssl_read() after - * the initial handshake is completed. - * If the handshake doesn't complete due to waiting for I/O, it will continue - * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively. - */ -static int ssl_start_renegotiation( mbedtls_ssl_context *ssl ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); - - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); - - /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and - * the ServerHello will have message_seq = 1" */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ssl->handshake->out_msg_seq = 1; - else - ssl->handshake->in_msg_seq = 1; - } -#endif - - ssl->state = MBEDTLS_SSL_HELLO_REQUEST; - ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; - - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); - - return( 0 ); -} - -/* - * Renegotiate current connection on client, - * or request renegotiation on server - */ -int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - -#if defined(MBEDTLS_SSL_SRV_C) - /* On server, just send the request */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; - - /* Did we already try/start sending HelloRequest? */ - if( ssl->out_left != 0 ) - return( mbedtls_ssl_flush_output( ssl ) ); - - return( ssl_write_hello_request( ssl ) ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_CLI_C) - /* - * On client, either start the renegotiation process or, - * if already in progress, continue the handshake - */ - if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( ( ret = ssl_start_renegotiation( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); - return( ret ); - } - } - else - { - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_SSL_CLI_C */ - - return( ret ); -} - -/* - * Check record counters and renegotiate if they're above the limit. - */ -static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) -{ - size_t ep_len = ssl_ep_len( ssl ); - int in_ctr_cmp; - int out_ctr_cmp; - - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || - ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) - { - return( 0 ); - } - - in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, - ssl->conf->renego_period + ep_len, 8 - ep_len ); - out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len, - ssl->conf->renego_period + ep_len, 8 - ep_len ); - - if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) - { - return( 0 ); - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "record counter limit reached: renegotiate" ) ); - return( mbedtls_ssl_renegotiate( ssl ) ); -} -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -/* - * Receive application data decrypted from the SSL layer - */ -int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) -{ - int ret; - size_t n; - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); - - if( ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); - } - } -#endif - - /* - * Check if renegotiation is necessary and/or handshake is - * in process. If yes, perform/continue, and fall through - * if an unexpected packet is received while the client - * is waiting for the ServerHello. - * - * (There is no equivalent to the last condition on - * the server-side as it is not treated as within - * a handshake while waiting for the ClientHello - * after a renegotiation request.) - */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ret = ssl_check_ctr_renegotiate( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); - return( ret ); - } -#endif - - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); - } - } - - /* Loop as long as no application data record is available */ - while( ssl->in_offt == NULL ) - { - /* Start timer if not already running */ - if( ssl->f_get_timer != NULL && - ssl->f_get_timer( ssl->p_timer ) == -1 ) - { - ssl_set_timer( ssl, ssl->conf->read_timeout ); - } - - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) - return( 0 ); - - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - if( ssl->in_msglen == 0 && - ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - /* - * OpenSSL sends empty messages to randomize the IV - */ - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) - return( 0 ); - - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - } - - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); - - /* - * - For client-side, expect SERVER_HELLO_REQUEST. - * - For server-side, expect CLIENT_HELLO. - * - Fail (TLS) or silently drop record (DTLS) in other cases. - */ - -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); - - /* With DTLS, drop the packet (probably from last handshake) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - continue; - } -#endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } -#endif /* MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); - - /* With DTLS, drop the packet (probably from last handshake) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - continue; - } -#endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - /* Determine whether renegotiation attempt should be accepted */ - if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || - ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) - { - /* - * Accept renegotiation request - */ - - /* DTLS clients need to know renego is server-initiated */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; - } -#endif - ret = ssl_start_renegotiation( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - { - /* - * Refuse renegotiation - */ - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); - -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - /* SSLv3 does not have a "no_renegotiation" warning, so - we send a fatal alert and abort the connection. */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - else -#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) - { - return( ret ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } - } - - /* At this point, we don't know whether the renegotiation has been - * completed or not. The cases to consider are the following: - * 1) The renegotiation is complete. In this case, no new record - * has been read yet. - * 2) The renegotiation is incomplete because the client received - * an application data record while awaiting the ServerHello. - * 3) The renegotiation is incomplete because the client received - * a non-handshake, non-application data message while awaiting - * the ServerHello. - * In each of these case, looping will be the proper action: - * - For 1), the next iteration will read a new record and check - * if it's application data. - * - For 2), the loop condition isn't satisfied as application data - * is present, hence continue is the same as break - * - For 3), the loop condition is satisfied and read_record - * will re-deliver the message that was held back by the client - * when expecting the ServerHello. - */ - continue; - } -#if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ssl->conf->renego_max_records >= 0 ) - { - if( ++ssl->renego_records_seen > ssl->conf->renego_max_records ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " - "but not honored by client" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - } - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) ); - return( MBEDTLS_ERR_SSL_WANT_READ ); - } - - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - - ssl->in_offt = ssl->in_msg; - - /* We're going to return something now, cancel timer, - * except if handshake (renegotiation) is in progress */ - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - ssl_set_timer( ssl, 0 ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - /* If we requested renego but received AppData, resend HelloRequest. - * Do it now, after setting in_offt, to avoid taking this branch - * again if ssl_write_hello_request() returns WANT_WRITE */ -#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret ); - return( ret ); - } - } -#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - } - - n = ( len < ssl->in_msglen ) - ? len : ssl->in_msglen; - - memcpy( buf, ssl->in_offt, n ); - ssl->in_msglen -= n; - - if( ssl->in_msglen == 0 ) - { - /* all bytes consumed */ - ssl->in_offt = NULL; - ssl->keep_current_message = 0; - } - else - { - /* more data available */ - ssl->in_offt += n; - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) ); - - return( (int) n ); -} - -/* - * Send application data to be encrypted by the SSL layer, taking care of max - * fragment length and buffer size. - * - * According to RFC 5246 Section 6.2.1: - * - * Zero-length fragments of Application data MAY be sent as they are - * potentially useful as a traffic analysis countermeasure. - * - * Therefore, it is possible that the input message length is 0 and the - * corresponding return code is 0 on success. - */ -static int ssl_write_real( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - int ret = mbedtls_ssl_get_max_out_record_payload( ssl ); - const size_t max_len = (size_t) ret; - - if( ret < 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret ); - return( ret ); - } - - if( len > max_len ) - { -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) " - "maximum fragment length: %d > %d", - len, max_len ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - else -#endif - len = max_len; - } - - if( ssl->out_left != 0 ) - { - /* - * The user has previously tried to send the data and - * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially - * written. In this case, we expect the high-level write function - * (e.g. mbedtls_ssl_write()) to be called with the same parameters - */ - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); - return( ret ); - } - } - else - { - /* - * The user is trying to send a message the first time, so we need to - * copy the data into the internal buffers and setup the data structure - * to keep track of partial writes - */ - ssl->out_msglen = len; - ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; - memcpy( ssl->out_msg, buf, len ); - - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); - } - } - - return( (int) len ); -} - -/* - * Write application data, doing 1/n-1 splitting if necessary. - * - * With non-blocking I/O, ssl_write_real() may return WANT_WRITE, - * then the caller will call us again with the same arguments, so - * remember whether we already did the split or not. - */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -static int ssl_write_split( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - int ret; - - if( ssl->conf->cbc_record_splitting == - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || - len <= 1 || - ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 || - mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) - != MBEDTLS_MODE_CBC ) - { - return( ssl_write_real( ssl, buf, len ) ); - } - - if( ssl->split_done == 0 ) - { - if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 ) - return( ret ); - ssl->split_done = 1; - } - - if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 ) - return( ret ); - ssl->split_done = 0; - - return( ret + 1 ); -} -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - -/* - * Write application data (public-facing wrapper) - */ -int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) -{ - int ret; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) ); - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); - return( ret ); - } -#endif - - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); - } - } - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - ret = ssl_write_split( ssl, buf, len ); -#else - ret = ssl_write_real( ssl, buf, len ); -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) ); - - return( ret ); -} - -/* - * Notify the peer that the connection is being closed - */ -int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ) -{ - int ret; - - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); - - if( ssl->out_left != 0 ) - return( mbedtls_ssl_flush_output( ssl ) ); - - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret ); - return( ret ); - } - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); - - return( 0 ); -} - -void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) -{ - if( transform == NULL ) - return; - -#if defined(MBEDTLS_ZLIB_SUPPORT) - deflateEnd( &transform->ctx_deflate ); - inflateEnd( &transform->ctx_inflate ); -#endif - - mbedtls_cipher_free( &transform->cipher_ctx_enc ); - mbedtls_cipher_free( &transform->cipher_ctx_dec ); - - mbedtls_md_free( &transform->md_ctx_enc ); - mbedtls_md_free( &transform->md_ctx_dec ); - - mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) ); -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) -{ - mbedtls_ssl_key_cert *cur = key_cert, *next; - - while( cur != NULL ) - { - next = cur->next; - mbedtls_free( cur ); - cur = next; - } -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - -static void ssl_buffering_free( mbedtls_ssl_context *ssl ) -{ - unsigned offset; - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - - if( hs == NULL ) - return; - - ssl_free_buffered_record( ssl ); - - for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) - ssl_buffering_free_slot( ssl, offset ); -} - -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ) -{ - mbedtls_ssl_handshake_params * const hs = ssl->handshake; - mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot]; - - if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS ) - return; - - if( hs_buf->is_valid == 1 ) - { - hs->buffering.total_bytes_buffered -= hs_buf->data_len; - mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len ); - mbedtls_free( hs_buf->data ); - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); - } -} - -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) -{ - mbedtls_ssl_handshake_params *handshake = ssl->handshake; - - if( handshake == NULL ) - return; - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 ) - { - ssl->conf->f_async_cancel( ssl ); - handshake->async_in_progress = 0; - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_free( &handshake->fin_md5 ); - mbedtls_sha1_free( &handshake->fin_sha1 ); -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &handshake->fin_sha256_psa ); -#else - mbedtls_sha256_free( &handshake->fin_sha256 ); -#endif -#endif -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &handshake->fin_sha384_psa ); -#else - mbedtls_sha512_free( &handshake->fin_sha512 ); -#endif -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_DHM_C) - mbedtls_dhm_free( &handshake->dhm_ctx ); -#endif -#if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_free( &handshake->ecdh_ctx ); -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_free( &handshake->ecjpake_ctx ); -#if defined(MBEDTLS_SSL_CLI_C) - mbedtls_free( handshake->ecjpake_cache ); - handshake->ecjpake_cache = NULL; - handshake->ecjpake_cache_len = 0; -#endif -#endif - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - /* explicit void pointer cast for buggy MS compiler */ - mbedtls_free( (void *) handshake->curves ); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( handshake->psk != NULL ) - { - mbedtls_platform_zeroize( handshake->psk, handshake->psk_len ); - mbedtls_free( handshake->psk ); - } -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - /* - * Free only the linked list wrapper, not the keys themselves - * since the belong to the SNI callback - */ - if( handshake->sni_key_cert != NULL ) - { - mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next; - - while( cur != NULL ) - { - next = cur->next; - mbedtls_free( cur ); - cur = next; - } - } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx ); - if( handshake->ecrs_peer_cert != NULL ) - { - mbedtls_x509_crt_free( handshake->ecrs_peer_cert ); - mbedtls_free( handshake->ecrs_peer_cert ); - } -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_free( &handshake->peer_pubkey ); -#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - mbedtls_free( handshake->verify_cookie ); - ssl_flight_free( handshake->flight ); - ssl_buffering_free( ssl ); -#endif - -#if defined(MBEDTLS_ECDH_C) && \ - defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( handshake->ecdh_psa_privkey ); -#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */ - - mbedtls_platform_zeroize( handshake, - sizeof( mbedtls_ssl_handshake_params ) ); -} - -void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) -{ - if( session == NULL ) - return; - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_clear_peer_cert( session ); -#endif - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - mbedtls_free( session->ticket ); -#endif - - mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) ); -} - -/* - * Free an SSL context - */ -void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) -{ - if( ssl == NULL ) - return; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) ); - - if( ssl->out_buf != NULL ) - { - mbedtls_platform_zeroize( ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN ); - mbedtls_free( ssl->out_buf ); - } - - if( ssl->in_buf != NULL ) - { - mbedtls_platform_zeroize( ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN ); - mbedtls_free( ssl->in_buf ); - } - -#if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->compress_buf != NULL ) - { - mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); - mbedtls_free( ssl->compress_buf ); - } -#endif - - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); - } - - if( ssl->handshake ) - { - mbedtls_ssl_handshake_free( ssl ); - mbedtls_ssl_transform_free( ssl->transform_negotiate ); - mbedtls_ssl_session_free( ssl->session_negotiate ); - - mbedtls_free( ssl->handshake ); - mbedtls_free( ssl->transform_negotiate ); - mbedtls_free( ssl->session_negotiate ); - } - - if( ssl->session ) - { - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); - } - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ssl->hostname != NULL ) - { - mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); - mbedtls_free( ssl->hostname ); - } -#endif - -#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_finish != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) ); - mbedtls_ssl_hw_record_finish( ssl ); - } -#endif - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - mbedtls_free( ssl->cli_id ); -#endif - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) ); - - /* Actually clear after last debug message */ - mbedtls_platform_zeroize( ssl, sizeof( mbedtls_ssl_context ) ); -} - -/* - * Initialze mbedtls_ssl_config - */ -void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) -{ - memset( conf, 0, sizeof( mbedtls_ssl_config ) ); -} - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -static int ssl_preset_default_hashes[] = { -#if defined(MBEDTLS_SHA512_C) - MBEDTLS_MD_SHA512, - MBEDTLS_MD_SHA384, -#endif -#if defined(MBEDTLS_SHA256_C) - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA224, -#endif -#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) - MBEDTLS_MD_SHA1, -#endif - MBEDTLS_MD_NONE -}; -#endif - -static int ssl_preset_suiteb_ciphersuites[] = { - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - 0 -}; - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -static int ssl_preset_suiteb_hashes[] = { - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA384, - MBEDTLS_MD_NONE -}; -#endif - -#if defined(MBEDTLS_ECP_C) -static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = { - MBEDTLS_ECP_DP_SECP256R1, - MBEDTLS_ECP_DP_SECP384R1, - MBEDTLS_ECP_DP_NONE -}; -#endif - -/* - * Load default in mbedtls_ssl_config - */ -int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, - int endpoint, int transport, int preset ) -{ -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - int ret; -#endif - - /* Use the functions here so that they are covered in tests, - * but otherwise access member directly for efficiency */ - mbedtls_ssl_conf_endpoint( conf, endpoint ); - mbedtls_ssl_conf_transport( conf, transport ); - - /* - * Things that are common to all presets - */ -#if defined(MBEDTLS_SSL_CLI_C) - if( endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED; -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED; -#endif - } -#endif - -#if defined(MBEDTLS_ARC4_C) - conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED; -#endif - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; -#endif - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; -#endif - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED; -#endif - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - conf->f_cookie_write = ssl_cookie_write_dummy; - conf->f_cookie_check = ssl_cookie_check_dummy; -#endif - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED; -#endif - -#if defined(MBEDTLS_SSL_SRV_C) - conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED; -#endif - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN; - conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX; -#endif - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; - memset( conf->renego_period, 0x00, 2 ); - memset( conf->renego_period + 2, 0xFF, 6 ); -#endif - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - if( endpoint == MBEDTLS_SSL_IS_SERVER ) - { - const unsigned char dhm_p[] = - MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; - const unsigned char dhm_g[] = - MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; - - if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf, - dhm_p, sizeof( dhm_p ), - dhm_g, sizeof( dhm_g ) ) ) != 0 ) - { - return( ret ); - } - } -#endif - - /* - * Preset-specific defaults - */ - switch( preset ) - { - /* - * NSA Suite B - */ - case MBEDTLS_SSL_PRESET_SUITEB: - conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; - conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */ - conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; - conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; - - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = - ssl_preset_suiteb_ciphersuites; - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - conf->sig_hashes = ssl_preset_suiteb_hashes; -#endif - -#if defined(MBEDTLS_ECP_C) - conf->curve_list = ssl_preset_suiteb_curves; -#endif - break; - - /* - * Default - */ - default: - conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION > - MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ? - MBEDTLS_SSL_MIN_MAJOR_VERSION : - MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION; - conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION > - MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ? - MBEDTLS_SSL_MIN_MINOR_VERSION : - MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; - conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; - conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; -#endif - - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = - mbedtls_ssl_list_ciphersuites(); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - conf->cert_profile = &mbedtls_x509_crt_profile_default; -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - conf->sig_hashes = ssl_preset_default_hashes; -#endif - -#if defined(MBEDTLS_ECP_C) - conf->curve_list = mbedtls_ecp_grp_id_list(); -#endif - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) - conf->dhm_min_bitlen = 1024; -#endif - } - - return( 0 ); -} - -/* - * Free mbedtls_ssl_config - */ -void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) -{ -#if defined(MBEDTLS_DHM_C) - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); -#endif - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); - mbedtls_free( conf->psk ); - conf->psk = NULL; - conf->psk_len = 0; - } - - if( conf->psk_identity != NULL ) - { - mbedtls_platform_zeroize( conf->psk_identity, conf->psk_identity_len ); - mbedtls_free( conf->psk_identity ); - conf->psk_identity = NULL; - conf->psk_identity_len = 0; - } -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_key_cert_free( conf->key_cert ); -#endif - - mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) ); -} - -#if defined(MBEDTLS_PK_C) && \ - ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) ) -/* - * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX - */ -unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ) -{ -#if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) ) - return( MBEDTLS_SSL_SIG_RSA ); -#endif -#if defined(MBEDTLS_ECDSA_C) - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) ) - return( MBEDTLS_SSL_SIG_ECDSA ); -#endif - return( MBEDTLS_SSL_SIG_ANON ); -} - -unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ) -{ - switch( type ) { - case MBEDTLS_PK_RSA: - return( MBEDTLS_SSL_SIG_RSA ); - case MBEDTLS_PK_ECDSA: - case MBEDTLS_PK_ECKEY: - return( MBEDTLS_SSL_SIG_ECDSA ); - default: - return( MBEDTLS_SSL_SIG_ANON ); - } -} - -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) -{ - switch( sig ) - { -#if defined(MBEDTLS_RSA_C) - case MBEDTLS_SSL_SIG_RSA: - return( MBEDTLS_PK_RSA ); -#endif -#if defined(MBEDTLS_ECDSA_C) - case MBEDTLS_SSL_SIG_ECDSA: - return( MBEDTLS_PK_ECDSA ); -#endif - default: - return( MBEDTLS_PK_NONE ); - } -} -#endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - -/* Find an entry in a signature-hash set matching a given hash algorithm. */ -mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg ) -{ - switch( sig_alg ) - { - case MBEDTLS_PK_RSA: - return( set->rsa ); - case MBEDTLS_PK_ECDSA: - return( set->ecdsa ); - default: - return( MBEDTLS_MD_NONE ); - } -} - -/* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ) -{ - switch( sig_alg ) - { - case MBEDTLS_PK_RSA: - if( set->rsa == MBEDTLS_MD_NONE ) - set->rsa = md_alg; - break; - - case MBEDTLS_PK_ECDSA: - if( set->ecdsa == MBEDTLS_MD_NONE ) - set->ecdsa = md_alg; - break; - - default: - break; - } -} - -/* Allow exactly one hash algorithm for each signature. */ -void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_md_type_t md_alg ) -{ - set->rsa = md_alg; - set->ecdsa = md_alg; -} - -#endif /* MBEDTLS_SSL_PROTO_TLS1_2) && - MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -/* - * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX - */ -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) -{ - switch( hash ) - { -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_SSL_HASH_MD5: - return( MBEDTLS_MD_MD5 ); -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_SSL_HASH_SHA1: - return( MBEDTLS_MD_SHA1 ); -#endif -#if defined(MBEDTLS_SHA256_C) - case MBEDTLS_SSL_HASH_SHA224: - return( MBEDTLS_MD_SHA224 ); - case MBEDTLS_SSL_HASH_SHA256: - return( MBEDTLS_MD_SHA256 ); -#endif -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_SSL_HASH_SHA384: - return( MBEDTLS_MD_SHA384 ); - case MBEDTLS_SSL_HASH_SHA512: - return( MBEDTLS_MD_SHA512 ); -#endif - default: - return( MBEDTLS_MD_NONE ); - } -} - -/* - * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX - */ -unsigned char mbedtls_ssl_hash_from_md_alg( int md ) -{ - switch( md ) - { -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_MD_MD5: - return( MBEDTLS_SSL_HASH_MD5 ); -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_MD_SHA1: - return( MBEDTLS_SSL_HASH_SHA1 ); -#endif -#if defined(MBEDTLS_SHA256_C) - case MBEDTLS_MD_SHA224: - return( MBEDTLS_SSL_HASH_SHA224 ); - case MBEDTLS_MD_SHA256: - return( MBEDTLS_SSL_HASH_SHA256 ); -#endif -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_MD_SHA384: - return( MBEDTLS_SSL_HASH_SHA384 ); - case MBEDTLS_MD_SHA512: - return( MBEDTLS_SSL_HASH_SHA512 ); -#endif - default: - return( MBEDTLS_SSL_HASH_NONE ); - } -} - -#if defined(MBEDTLS_ECP_C) -/* - * Check if a curve proposed by the peer is in our list. - * Return 0 if we're willing to use it, -1 otherwise. - */ -int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) -{ - const mbedtls_ecp_group_id *gid; - - if( ssl->conf->curve_list == NULL ) - return( -1 ); - - for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) - if( *gid == grp_id ) - return( 0 ); - - return( -1 ); -} -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) -/* - * Check if a hash proposed by the peer is in our list. - * Return 0 if we're willing to use it, -1 otherwise. - */ -int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, - mbedtls_md_type_t md ) -{ - const int *cur; - - if( ssl->conf->sig_hashes == NULL ) - return( -1 ); - - for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) - if( *cur == (int) md ) - return( 0 ); - - return( -1 ); -} -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) -int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - uint32_t *flags ) -{ - int ret = 0; -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - int usage = 0; -#endif -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - const char *ext_oid; - size_t ext_len; -#endif - -#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) && \ - !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - ((void) cert); - ((void) cert_endpoint); - ((void) flags); -#endif - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) - { - /* Server part of the key exchange */ - switch( ciphersuite->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - break; - - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - break; - - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - usage = MBEDTLS_X509_KU_KEY_AGREEMENT; - break; - - /* Don't use default: we want warnings when adding new values */ - case MBEDTLS_KEY_EXCHANGE_NONE: - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - usage = 0; - } - } - else - { - /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */ - usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - } - - if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 ) - { - *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE; - ret = -1; - } -#else - ((void) ciphersuite); -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ - -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) - { - ext_oid = MBEDTLS_OID_SERVER_AUTH; - ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ); - } - else - { - ext_oid = MBEDTLS_OID_CLIENT_AUTH; - ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH ); - } - - if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 ) - { - *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE; - ret = -1; - } -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - - return( ret ); -} -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -/* - * Convert version numbers to/from wire format - * and, for DTLS, to/from TLS equivalent. - * - * For TLS this is the identity. - * For DTLS, use 1's complement (v -> 255 - v, and then map as follows: - * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) - * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) - */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) - --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - - ver[0] = (unsigned char)( 255 - ( major - 2 ) ); - ver[1] = (unsigned char)( 255 - ( minor - 1 ) ); - } - else -#else - ((void) transport); -#endif - { - ver[0] = (unsigned char) major; - ver[1] = (unsigned char) minor; - } -} - -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ) -{ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - *major = 255 - ver[0] + 2; - *minor = 255 - ver[1] + 1; - - if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) - ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - } - else -#else - ((void) transport); -#endif - { - *major = ver[0]; - *minor = ver[1]; - } -} - -int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) -{ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; - - switch( md ) - { -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_SSL_HASH_MD5: - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_SSL_HASH_SHA1: - ssl->handshake->calc_verify = ssl_calc_verify_tls; - break; -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_SSL_HASH_SHA384: - ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; - break; -#endif -#if defined(MBEDTLS_SHA256_C) - case MBEDTLS_SSL_HASH_SHA256: - ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256; - break; -#endif - default: - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; - } - - return 0; -#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */ - (void) ssl; - (void) md; - - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -} - -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ) -{ - int ret = 0; - mbedtls_md5_context mbedtls_md5; - mbedtls_sha1_context mbedtls_sha1; - - mbedtls_md5_init( &mbedtls_md5 ); - mbedtls_sha1_init( &mbedtls_sha1 ); - - /* - * digitally-signed struct { - * opaque md5_hash[16]; - * opaque sha_hash[20]; - * }; - * - * md5_hash - * MD5(ClientHello.random + ServerHello.random - * + ServerParams); - * sha_hash - * SHA(ClientHello.random + ServerHello.random - * + ServerParams); - */ - if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret ); - goto exit; - } - - if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data, - data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1, - output + 16 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret ); - goto exit; - } - -exit: - mbedtls_md5_free( &mbedtls_md5 ); - mbedtls_sha1_free( &mbedtls_sha1 ); - - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - - return( ret ); - -} -#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ - MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ) -{ - psa_status_t status; - psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) ); - - if( ( status = psa_hash_setup( &hash_operation, - hash_alg ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status ); - goto exit; - } - - if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes, - 64 ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); - goto exit; - } - - if( ( status = psa_hash_update( &hash_operation, - data, data_len ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); - goto exit; - } - - if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE, - hashlen ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status ); - goto exit; - } - -exit: - if( status != PSA_SUCCESS ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - switch( status ) - { - case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); - case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */ - case PSA_ERROR_BUFFER_TOO_SMALL: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); - default: - return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED ); - } - } - return( 0 ); -} - -#else - -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ) -{ - int ret = 0; - mbedtls_md_context_t ctx; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - *hashlen = mbedtls_md_get_size( md_info ); - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform mbedtls-based computation of digest of ServerKeyExchange" ) ); - - mbedtls_md_init( &ctx ); - - /* - * digitally-signed struct { - * opaque client_random[32]; - * opaque server_random[32]; - * ServerDHParams params; - * }; - */ - if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); - goto exit; - } - if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret ); - goto exit; - } - if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); - goto exit; - } - if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); - goto exit; - } - if( ( ret = mbedtls_md_finish( &ctx, hash ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret ); - goto exit; - } - -exit: - mbedtls_md_free( &ctx ); - - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - - return( ret ); -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ - -#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/library/x509.c b/library/x509.c deleted file mode 100644 index 3f8e29071..000000000 --- a/library/x509.c +++ /dev/null @@ -1,1062 +0,0 @@ -/* - * X.509 common functions for parsing and verification - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * The ITU-T X.509 standard defines a certificate format for PKI. - * - * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) - * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) - * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) - * - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_USE_C) - -#include "mbedtls/x509.h" -#include "mbedtls/asn1.h" -#include "mbedtls/oid.h" - -#include -#include - -#if defined(MBEDTLS_PEM_PARSE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#endif - -#if defined(MBEDTLS_HAVE_TIME) -#include "mbedtls/platform_time.h" -#endif -#if defined(MBEDTLS_HAVE_TIME_DATE) -#include "mbedtls/platform_util.h" -#include -#endif - -#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); } -#define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); } - -/* - * CertificateSerialNumber ::= INTEGER - */ -int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial ) -{ - int ret; - - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && - **p != MBEDTLS_ASN1_INTEGER ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - - serial->tag = *(*p)++; - - if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret ); - - serial->p = *p; - *p += serial->len; - - return( 0 ); -} - -/* Get an algorithm identifier without parameters (eg for signatures) - * - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - */ -int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg ) -{ - int ret; - - if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - return( 0 ); -} - -/* - * Parse an algorithm identifier with (optional) parameters - */ -int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params ) -{ - int ret; - - if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - return( 0 ); -} - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) -/* - * HashAlgorithm ::= AlgorithmIdentifier - * - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - * - * For HashAlgorithm, parameters MUST be NULL or absent. - */ -static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg ) -{ - int ret; - unsigned char *p; - const unsigned char *end; - mbedtls_x509_buf md_oid; - size_t len; - - /* Make sure we got a SEQUENCE and setup bounds */ - if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - - p = (unsigned char *) alg->p; - end = p + alg->len; - - if( p >= end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - /* Parse md_oid */ - md_oid.tag = *p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - md_oid.p = p; - p += md_oid.len; - - /* Get md_alg from md_oid */ - if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - /* Make sure params is absent of NULL */ - if( p == end ) - return( 0 ); - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p != end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * RSASSA-PSS-params ::= SEQUENCE { - * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, - * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, - * saltLength [2] INTEGER DEFAULT 20, - * trailerField [3] INTEGER DEFAULT 1 } - * -- Note that the tags in this Sequence are explicit. - * - * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value - * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other - * option. Enfore this at parsing time. - */ -int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len ) -{ - int ret; - unsigned char *p; - const unsigned char *end, *end2; - size_t len; - mbedtls_x509_buf alg_id, alg_params; - - /* First set everything to defaults */ - *md_alg = MBEDTLS_MD_SHA1; - *mgf_md = MBEDTLS_MD_SHA1; - *salt_len = 20; - - /* Make sure params is a SEQUENCE and setup bounds */ - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - - p = (unsigned char *) params->p; - end = p + params->len; - - if( p == end ) - return( 0 ); - - /* - * HashAlgorithm - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) - { - end2 = p + len; - - /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) - return( ret ); - - if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p == end ) - return( 0 ); - - /* - * MaskGenAlgorithm - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { - end2 = p + len; - - /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ - if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) - return( ret ); - - /* Only MFG1 is recognised for now */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + - MBEDTLS_ERR_OID_NOT_FOUND ); - - /* Parse HashAlgorithm */ - if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) - return( ret ); - - if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p == end ) - return( 0 ); - - /* - * salt_len - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 ) - { - end2 = p + len; - - if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p == end ) - return( 0 ); - - /* - * trailer_field (if present, must be 1) - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 ) - { - int trailer_field; - - end2 = p + len; - - if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - if( trailer_field != 1 ) - return( MBEDTLS_ERR_X509_INVALID_ALG ); - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); - - if( p != end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - -/* - * AttributeTypeAndValue ::= SEQUENCE { - * type AttributeType, - * value AttributeValue } - * - * AttributeType ::= OBJECT IDENTIFIER - * - * AttributeValue ::= ANY DEFINED BY AttributeType - */ -static int x509_get_attr_type_value( unsigned char **p, - const unsigned char *end, - mbedtls_x509_name *cur ) -{ - int ret; - size_t len; - mbedtls_x509_buf *oid; - mbedtls_x509_buf *val; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); - - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - oid = &cur->oid; - oid->tag = **p; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); - - oid->p = *p; - *p += oid->len; - - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && - **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && - **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && - **p != MBEDTLS_ASN1_BIT_STRING ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - - val = &cur->val; - val->tag = *(*p)++; - - if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); - - val->p = *p; - *p += val->len; - - cur->next = NULL; - - return( 0 ); -} - -/* - * Name ::= CHOICE { -- only one possibility for now -- - * rdnSequence RDNSequence } - * - * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName - * - * RelativeDistinguishedName ::= - * SET OF AttributeTypeAndValue - * - * AttributeTypeAndValue ::= SEQUENCE { - * type AttributeType, - * value AttributeValue } - * - * AttributeType ::= OBJECT IDENTIFIER - * - * AttributeValue ::= ANY DEFINED BY AttributeType - * - * The data structure is optimized for the common case where each RDN has only - * one element, which is represented as a list of AttributeTypeAndValue. - * For the general case we still use a flat list, but we mark elements of the - * same set so that they are "merged" together in the functions that consume - * this list, eg mbedtls_x509_dn_gets(). - */ -int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur ) -{ - int ret; - size_t set_len; - const unsigned char *end_set; - - /* don't use recursion, we'd risk stack overflow if not optimized */ - while( 1 ) - { - /* - * parse SET - */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); - - end_set = *p + set_len; - - while( 1 ) - { - if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 ) - return( ret ); - - if( *p == end_set ) - break; - - /* Mark this item as being no the only one in a set */ - cur->next_merged = 1; - - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); - - if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - cur = cur->next; - } - - /* - * continue until end of SEQUENCE is reached - */ - if( *p == end ) - return( 0 ); - - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); - - if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - cur = cur->next; - } -} - -static int x509_parse_int( unsigned char **p, size_t n, int *res ) -{ - *res = 0; - - for( ; n > 0; --n ) - { - if( ( **p < '0') || ( **p > '9' ) ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); - - *res *= 10; - *res += ( *(*p)++ - '0' ); - } - - return( 0 ); -} - -static int x509_date_is_valid(const mbedtls_x509_time *t ) -{ - int ret = MBEDTLS_ERR_X509_INVALID_DATE; - int month_len; - - CHECK_RANGE( 0, 9999, t->year ); - CHECK_RANGE( 0, 23, t->hour ); - CHECK_RANGE( 0, 59, t->min ); - CHECK_RANGE( 0, 59, t->sec ); - - switch( t->mon ) - { - case 1: case 3: case 5: case 7: case 8: case 10: case 12: - month_len = 31; - break; - case 4: case 6: case 9: case 11: - month_len = 30; - break; - case 2: - if( ( !( t->year % 4 ) && t->year % 100 ) || - !( t->year % 400 ) ) - month_len = 29; - else - month_len = 28; - break; - default: - return( ret ); - } - CHECK_RANGE( 1, month_len, t->day ); - - return( 0 ); -} - -/* - * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4) - * field. - */ -static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, - mbedtls_x509_time *tm ) -{ - int ret; - - /* - * Minimum length is 10 or 12 depending on yearlen - */ - if ( len < yearlen + 8 ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); - len -= yearlen + 8; - - /* - * Parse year, month, day, hour, minute - */ - CHECK( x509_parse_int( p, yearlen, &tm->year ) ); - if ( 2 == yearlen ) - { - if ( tm->year < 50 ) - tm->year += 100; - - tm->year += 1900; - } - - CHECK( x509_parse_int( p, 2, &tm->mon ) ); - CHECK( x509_parse_int( p, 2, &tm->day ) ); - CHECK( x509_parse_int( p, 2, &tm->hour ) ); - CHECK( x509_parse_int( p, 2, &tm->min ) ); - - /* - * Parse seconds if present - */ - if ( len >= 2 ) - { - CHECK( x509_parse_int( p, 2, &tm->sec ) ); - len -= 2; - } - else - return ( MBEDTLS_ERR_X509_INVALID_DATE ); - - /* - * Parse trailing 'Z' if present - */ - if ( 1 == len && 'Z' == **p ) - { - (*p)++; - len--; - } - - /* - * We should have parsed all characters at this point - */ - if ( 0 != len ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); - - CHECK( x509_date_is_valid( tm ) ); - - return ( 0 ); -} - -/* - * Time ::= CHOICE { - * utcTime UTCTime, - * generalTime GeneralizedTime } - */ -int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *tm ) -{ - int ret; - size_t len, year_len; - unsigned char tag; - - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - tag = **p; - - if( tag == MBEDTLS_ASN1_UTC_TIME ) - year_len = 2; - else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) - year_len = 4; - else - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - - (*p)++; - ret = mbedtls_asn1_get_len( p, end, &len ); - - if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); - - return x509_parse_time( p, len, year_len, tm ); -} - -int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) -{ - int ret; - size_t len; - int tag_type; - - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - tag_type = **p; - - if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); - - sig->tag = tag_type; - sig->len = len; - sig->p = *p; - - *p += len; - - return( 0 ); -} - -/* - * Get signature algorithm from alg OID and optional parameters - */ -int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts ) -{ - int ret; - - if( *sig_opts != NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret ); - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { - mbedtls_pk_rsassa_pss_options *pss_opts; - - pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) ); - if( pss_opts == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - ret = mbedtls_x509_get_rsassa_pss_params( sig_params, - md_alg, - &pss_opts->mgf1_hash_id, - &pss_opts->expected_salt_len ); - if( ret != 0 ) - { - mbedtls_free( pss_opts ); - return( ret ); - } - - *sig_opts = (void *) pss_opts; - } - else -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - { - /* Make sure parameters are absent or NULL */ - if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) || - sig_params->len != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG ); - } - - return( 0 ); -} - -/* - * X.509 Extensions (No parsing of extensions, pointer should - * be either manually updated or extensions should be parsed!) - */ -int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag ) -{ - int ret; - size_t len; - - if( *p == end ) - return( 0 ); - - ext->tag = **p; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ) ) != 0 ) - return( ret ); - - ext->p = *p; - end = *p + ext->len; - - /* - * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension - * - * Extension ::= SEQUENCE { - * extnID OBJECT IDENTIFIER, - * critical BOOLEAN DEFAULT FALSE, - * extnValue OCTET STRING } - */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( end != *p + len ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * Store the name in printable form into buf; no more - * than size characters will be written - */ -int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) -{ - int ret; - size_t i, n; - unsigned char c, merge = 0; - const mbedtls_x509_name *name; - const char *short_name = NULL; - char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; - - memset( s, 0, sizeof( s ) ); - - name = dn; - p = buf; - n = size; - - while( name != NULL ) - { - if( !name->oid.p ) - { - name = name->next; - continue; - } - - if( name != dn ) - { - ret = mbedtls_snprintf( p, n, merge ? " + " : ", " ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - - ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name ); - - if( ret == 0 ) - ret = mbedtls_snprintf( p, n, "%s=", short_name ); - else - ret = mbedtls_snprintf( p, n, "\?\?=" ); - MBEDTLS_X509_SAFE_SNPRINTF; - - for( i = 0; i < name->val.len; i++ ) - { - if( i >= sizeof( s ) - 1 ) - break; - - c = name->val.p[i]; - if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) - s[i] = '?'; - else s[i] = c; - } - s[i] = '\0'; - ret = mbedtls_snprintf( p, n, "%s", s ); - MBEDTLS_X509_SAFE_SNPRINTF; - - merge = name->next_merged; - name = name->next; - } - - return( (int) ( size - n ) ); -} - -/* - * Store the serial in printable form into buf; no more - * than size characters will be written - */ -int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ) -{ - int ret; - size_t i, n, nr; - char *p; - - p = buf; - n = size; - - nr = ( serial->len <= 32 ) - ? serial->len : 28; - - for( i = 0; i < nr; i++ ) - { - if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) - continue; - - ret = mbedtls_snprintf( p, n, "%02X%s", - serial->p[i], ( i < nr - 1 ) ? ":" : "" ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - - if( nr != serial->len ) - { - ret = mbedtls_snprintf( p, n, "...." ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - - return( (int) ( size - n ) ); -} - -/* - * Helper for writing signature algorithms - */ -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ) -{ - int ret; - char *p = buf; - size_t n = size; - const char *desc = NULL; - - ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); - if( ret != 0 ) - ret = mbedtls_snprintf( p, n, "???" ); - else - ret = mbedtls_snprintf( p, n, "%s", desc ); - MBEDTLS_X509_SAFE_SNPRINTF; - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { - const mbedtls_pk_rsassa_pss_options *pss_opts; - const mbedtls_md_info_t *md_info, *mgf_md_info; - - pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; - - md_info = mbedtls_md_info_from_type( md_alg ); - mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); - - ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", - md_info ? mbedtls_md_get_name( md_info ) : "???", - mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", - pss_opts->expected_salt_len ); - MBEDTLS_X509_SAFE_SNPRINTF; - } -#else - ((void) pk_alg); - ((void) md_alg); - ((void) sig_opts); -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - - return( (int)( size - n ) ); -} - -/* - * Helper for writing "RSA key size", "EC key size", etc - */ -int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) -{ - char *p = buf; - size_t n = buf_size; - int ret; - - ret = mbedtls_snprintf( p, n, "%s key size", name ); - MBEDTLS_X509_SAFE_SNPRINTF; - - return( 0 ); -} - -#if defined(MBEDTLS_HAVE_TIME_DATE) -/* - * Set the time structure to the current time. - * Return 0 on success, non-zero on failure. - */ -static int x509_get_current_time( mbedtls_x509_time *now ) -{ - struct tm *lt, tm_buf; - mbedtls_time_t tt; - int ret = 0; - - tt = mbedtls_time( NULL ); - lt = mbedtls_platform_gmtime_r( &tt, &tm_buf ); - - if( lt == NULL ) - ret = -1; - else - { - now->year = lt->tm_year + 1900; - now->mon = lt->tm_mon + 1; - now->day = lt->tm_mday; - now->hour = lt->tm_hour; - now->min = lt->tm_min; - now->sec = lt->tm_sec; - } - - return( ret ); -} - -/* - * Return 0 if before <= after, 1 otherwise - */ -static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after ) -{ - if( before->year > after->year ) - return( 1 ); - - if( before->year == after->year && - before->mon > after->mon ) - return( 1 ); - - if( before->year == after->year && - before->mon == after->mon && - before->day > after->day ) - return( 1 ); - - if( before->year == after->year && - before->mon == after->mon && - before->day == after->day && - before->hour > after->hour ) - return( 1 ); - - if( before->year == after->year && - before->mon == after->mon && - before->day == after->day && - before->hour == after->hour && - before->min > after->min ) - return( 1 ); - - if( before->year == after->year && - before->mon == after->mon && - before->day == after->day && - before->hour == after->hour && - before->min == after->min && - before->sec > after->sec ) - return( 1 ); - - return( 0 ); -} - -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) -{ - mbedtls_x509_time now; - - if( x509_get_current_time( &now ) != 0 ) - return( 1 ); - - return( x509_check_time( &now, to ) ); -} - -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) -{ - mbedtls_x509_time now; - - if( x509_get_current_time( &now ) != 0 ) - return( 1 ); - - return( x509_check_time( from, &now ) ); -} - -#else /* MBEDTLS_HAVE_TIME_DATE */ - -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) -{ - ((void) to); - return( 0 ); -} - -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) -{ - ((void) from); - return( 0 ); -} -#endif /* MBEDTLS_HAVE_TIME_DATE */ - -#if defined(MBEDTLS_SELF_TEST) - -#include "mbedtls/x509_crt.h" -#include "mbedtls/certs.h" - -/* - * Checkup routine - */ -int mbedtls_x509_self_test( int verbose ) -{ - int ret = 0; -#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) - uint32_t flags; - mbedtls_x509_crt cacert; - mbedtls_x509_crt clicert; - - if( verbose != 0 ) - mbedtls_printf( " X.509 certificate load: " ); - - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - - ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - goto cleanup; - } - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, - mbedtls_test_ca_crt_len ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - goto cleanup; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n X.509 signature verify: "); - - ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - goto cleanup; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n\n"); - -cleanup: - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crt_free( &clicert ); -#else - ((void) verbose); -#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */ - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_X509_USE_C */ diff --git a/library/x509_create.c b/library/x509_create.c deleted file mode 100644 index 546e8fa1a..000000000 --- a/library/x509_create.c +++ /dev/null @@ -1,379 +0,0 @@ -/* - * X.509 base functions for creating certificates / CSRs - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_CREATE_C) - -#include "mbedtls/x509.h" -#include "mbedtls/asn1write.h" -#include "mbedtls/oid.h" - -#include - -/* Structure linking OIDs for X.509 DN AttributeTypes to their - * string representations and default string encodings used by Mbed TLS. */ -typedef struct { - const char *name; /* String representation of AttributeType, e.g. - * "CN" or "emailAddress". */ - size_t name_len; /* Length of 'name', without trailing 0 byte. */ - const char *oid; /* String representation of OID of AttributeType, - * as per RFC 5280, Appendix A.1. */ - int default_tag; /* The default character encoding used for the - * given attribute type, e.g. - * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ -} x509_attr_descriptor_t; - -#define ADD_STRLEN( s ) s, sizeof( s ) - 1 - -/* X.509 DN attributes from RFC 5280, Appendix A.1. */ -static const x509_attr_descriptor_t x509_attrs[] = -{ - { ADD_STRLEN( "CN" ), - MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "commonName" ), - MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "C" ), - MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "countryName" ), - MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "O" ), - MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "organizationName" ), - MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "L" ), - MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "locality" ), - MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "R" ), - MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "OU" ), - MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "organizationalUnitName" ), - MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "ST" ), - MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "stateOrProvinceName" ), - MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "emailAddress" ), - MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "serialNumber" ), - MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "postalAddress" ), - MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "postalCode" ), - MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "dnQualifier" ), - MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "title" ), - MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "surName" ), - MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "SN" ), - MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "givenName" ), - MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "GN" ), - MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "initials" ), - MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "pseudonym" ), - MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "generationQualifier" ), - MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "domainComponent" ), - MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "DC" ), - MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, - { NULL, 0, NULL, MBEDTLS_ASN1_NULL } -}; - -static const x509_attr_descriptor_t *x509_attr_descr_from_name( const char *name, size_t name_len ) -{ - const x509_attr_descriptor_t *cur; - - for( cur = x509_attrs; cur->name != NULL; cur++ ) - if( cur->name_len == name_len && - strncmp( cur->name, name, name_len ) == 0 ) - break; - - if ( cur->name == NULL ) - return( NULL ); - - return( cur ); -} - -int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) -{ - int ret = 0; - const char *s = name, *c = s; - const char *end = s + strlen( s ); - const char *oid = NULL; - const x509_attr_descriptor_t* attr_descr = NULL; - int in_tag = 1; - char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; - char *d = data; - - /* Clear existing chain if present */ - mbedtls_asn1_free_named_data_list( head ); - - while( c <= end ) - { - if( in_tag && *c == '=' ) - { - if( ( attr_descr = x509_attr_descr_from_name( s, c - s ) ) == NULL ) - { - ret = MBEDTLS_ERR_X509_UNKNOWN_OID; - goto exit; - } - - oid = attr_descr->oid; - s = c + 1; - in_tag = 0; - d = data; - } - - if( !in_tag && *c == '\\' && c != end ) - { - c++; - - /* Check for valid escaped characters */ - if( c == end || *c != ',' ) - { - ret = MBEDTLS_ERR_X509_INVALID_NAME; - goto exit; - } - } - else if( !in_tag && ( *c == ',' || c == end ) ) - { - mbedtls_asn1_named_data* cur = - mbedtls_asn1_store_named_data( head, oid, strlen( oid ), - (unsigned char *) data, - d - data ); - - if(cur == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - } - - // set tagType - cur->val.tag = attr_descr->default_tag; - - while( c < end && *(c + 1) == ' ' ) - c++; - - s = c + 1; - in_tag = 1; - } - - if( !in_tag && s != c + 1 ) - { - *(d++) = *c; - - if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE ) - { - ret = MBEDTLS_ERR_X509_INVALID_NAME; - goto exit; - } - } - - c++; - } - -exit: - - return( ret ); -} - -/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved - * to store the critical boolean for us - */ -int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, size_t val_len ) -{ - mbedtls_asn1_named_data *cur; - - if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len, - NULL, val_len + 1 ) ) == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - } - - cur->val.p[0] = critical; - memcpy( cur->val.p + 1, val, val_len ); - - return( 0 ); -} - -/* - * RelativeDistinguishedName ::= - * SET OF AttributeTypeAndValue - * - * AttributeTypeAndValue ::= SEQUENCE { - * type AttributeType, - * value AttributeValue } - * - * AttributeType ::= OBJECT IDENTIFIER - * - * AttributeValue ::= ANY DEFINED BY AttributeType - */ -static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name) -{ - int ret; - size_t len = 0; - const char *oid = (const char*)cur_name->oid.p; - size_t oid_len = cur_name->oid.len; - const unsigned char *name = cur_name->val.p; - size_t name_len = cur_name->val.len; - - // Write correct string tag and value - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tagged_string( p, start, - cur_name->val.tag, - (const char *) name, - name_len ) ); - // Write OID - // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, - oid_len ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SET ) ); - - return( (int) len ); -} - -int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) -{ - int ret; - size_t len = 0; - mbedtls_asn1_named_data *cur = first; - - while( cur != NULL ) - { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) ); - cur = cur->next; - } - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - return( (int) len ); -} - -int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ) -{ - int ret; - size_t len = 0; - - if( *p < start || (size_t)( *p - start ) < size ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - len = size; - (*p) -= len; - memcpy( *p, sig, len ); - - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - *--(*p) = 0; - len += 1; - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); - - // Write OID - // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid, - oid_len, 0 ) ); - - return( (int) len ); -} - -static int x509_write_extension( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *ext ) -{ - int ret; - size_t len = 0; - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1, - ext->val.len - 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); - - if( ext->val.p[0] != 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) ); - } - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p, - ext->oid.len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - return( (int) len ); -} - -/* - * Extension ::= SEQUENCE { - * extnID OBJECT IDENTIFIER, - * critical BOOLEAN DEFAULT FALSE, - * extnValue OCTET STRING - * -- contains the DER encoding of an ASN.1 value - * -- corresponding to the extension type identified - * -- by extnID - * } - */ -int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) -{ - int ret; - size_t len = 0; - mbedtls_asn1_named_data *cur_ext = first; - - while( cur_ext != NULL ) - { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); - cur_ext = cur_ext->next; - } - - return( (int) len ); -} - -#endif /* MBEDTLS_X509_CREATE_C */ diff --git a/library/x509_crl.c b/library/x509_crl.c deleted file mode 100644 index 8450f87e0..000000000 --- a/library/x509_crl.c +++ /dev/null @@ -1,773 +0,0 @@ -/* - * X.509 Certidicate Revocation List (CRL) parsing - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * The ITU-T X.509 standard defines a certificate format for PKI. - * - * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) - * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) - * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) - * - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_CRL_PARSE_C) - -#include "mbedtls/x509_crl.h" -#include "mbedtls/oid.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_PEM_PARSE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_snprintf snprintf -#endif - -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) -#include -#else -#include -#endif - -#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) -#include -#endif - -/* - * Version ::= INTEGER { v1(0), v2(1) } - */ -static int x509_crl_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) -{ - int ret; - - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - *ver = 0; - return( 0 ); - } - - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); - } - - return( 0 ); -} - -/* - * X.509 CRL v2 extensions - * - * We currently don't parse any extension's content, but we do check that the - * list of extensions is well-formed and abort on critical extensions (that - * are unsupported as we don't support any extension so far) - */ -static int x509_get_crl_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *ext ) -{ - int ret; - - /* - * crlExtensions [0] EXPLICIT Extensions OPTIONAL - * -- if present, version MUST be v2 - */ - if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); - - return( ret ); - } - - while( *p < end ) - { - /* - * Extension ::= SEQUENCE { - * extnID OBJECT IDENTIFIER, - * critical BOOLEAN DEFAULT FALSE, - * extnValue OCTET STRING } - */ - int is_critical = 0; - const unsigned char *end_ext_data; - size_t len; - - /* Get enclosing sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - end_ext_data = *p + len; - - /* Get OID (currently ignored) */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - } - *p += len; - - /* Get optional critical */ - if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, - &is_critical ) ) != 0 && - ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - } - - /* Data should be octet string type */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - /* Ignore data so far and just check its length */ - *p += len; - if( *p != end_ext_data ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - /* Abort on (unsupported) critical extensions */ - if( is_critical ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - } - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * X.509 CRL v2 entry extensions (no extensions parsed yet.) - */ -static int x509_get_crl_entry_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *ext ) -{ - int ret; - size_t len = 0; - - /* OPTIONAL */ - if( end <= *p ) - return( 0 ); - - ext->tag = **p; - ext->p = *p; - - /* - * Get CRL-entry extension sequence header - * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 - */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - ext->p = NULL; - return( 0 ); - } - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - } - - end = *p + ext->len; - - if( end != *p + ext->len ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - while( *p < end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - *p += len; - } - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * X.509 CRL Entries - */ -static int x509_get_entries( unsigned char **p, - const unsigned char *end, - mbedtls_x509_crl_entry *entry ) -{ - int ret; - size_t entry_len; - mbedtls_x509_crl_entry *cur_entry = entry; - - if( *p == end ) - return( 0 ); - - if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len, - MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); - - return( ret ); - } - - end = *p + entry_len; - - while( *p < end ) - { - size_t len2; - const unsigned char *end2; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len2, - MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) - { - return( ret ); - } - - cur_entry->raw.tag = **p; - cur_entry->raw.p = *p; - cur_entry->raw.len = len2; - end2 = *p + len2; - - if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) - return( ret ); - - if( ( ret = mbedtls_x509_get_time( p, end2, - &cur_entry->revocation_date ) ) != 0 ) - return( ret ); - - if( ( ret = x509_get_crl_entry_ext( p, end2, - &cur_entry->entry_ext ) ) != 0 ) - return( ret ); - - if( *p < end ) - { - cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) ); - - if( cur_entry->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - cur_entry = cur_entry->next; - } - } - - return( 0 ); -} - -/* - * Parse one CRLs in DER format and append it to the chained list - */ -int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, - const unsigned char *buf, size_t buflen ) -{ - int ret; - size_t len; - unsigned char *p = NULL, *end = NULL; - mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; - mbedtls_x509_crl *crl = chain; - - /* - * Check for valid input - */ - if( crl == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); - - /* - * Add new CRL on the end of the chain if needed. - */ - while( crl->version != 0 && crl->next != NULL ) - crl = crl->next; - - if( crl->version != 0 && crl->next == NULL ) - { - crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ); - - if( crl->next == NULL ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - } - - mbedtls_x509_crl_init( crl->next ); - crl = crl->next; - } - - /* - * Copy raw DER-encoded CRL - */ - if( buflen == 0 ) - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); - - p = mbedtls_calloc( 1, buflen ); - if( p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - memcpy( p, buf, buflen ); - - crl->raw.p = p; - crl->raw.len = buflen; - - end = p + buflen; - - /* - * CertificateList ::= SEQUENCE { - * tbsCertList TBSCertList, - * signatureAlgorithm AlgorithmIdentifier, - * signatureValue BIT STRING } - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); - } - - if( len != (size_t) ( end - p ) ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - /* - * TBSCertList ::= SEQUENCE { - */ - crl->tbs.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - end = p + len; - crl->tbs.len = end - crl->tbs.p; - - /* - * Version ::= INTEGER OPTIONAL { v1(0), v2(1) } - * -- if present, MUST be v2 - * - * signature AlgorithmIdentifier - */ - if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - if( crl->version < 0 || crl->version > 1 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); - } - - crl->version++; - - if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1, - &crl->sig_md, &crl->sig_pk, - &crl->sig_opts ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); - } - - /* - * issuer Name - */ - crl->issuer_raw.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - crl->issuer_raw.len = p - crl->issuer_raw.p; - - /* - * thisUpdate Time - * nextUpdate Time OPTIONAL - */ - if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) - { - if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) && - ret != ( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - } - - /* - * revokedCertificates SEQUENCE OF SEQUENCE { - * userCertificate CertificateSerialNumber, - * revocationDate Time, - * crlEntryExtensions Extensions OPTIONAL - * -- if present, MUST be v2 - * } OPTIONAL - */ - if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - /* - * crlExtensions EXPLICIT Extensions OPTIONAL - * -- if present, MUST be v2 - */ - if( crl->version == 2 ) - { - ret = x509_get_crl_ext( &p, end, &crl->crl_ext ); - - if( ret != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - } - - if( p != end ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - end = crl->raw.p + crl->raw.len; - - /* - * signatureAlgorithm AlgorithmIdentifier, - * signatureValue BIT STRING - */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - if( crl->sig_oid.len != sig_oid2.len || - memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 || - sig_params1.len != sig_params2.len || - ( sig_params1.len != 0 && - memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_SIG_MISMATCH ); - } - - if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - if( p != end ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - return( 0 ); -} - -/* - * Parse one or more CRLs and add them to the chained list - */ -int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ) -{ -#if defined(MBEDTLS_PEM_PARSE_C) - int ret; - size_t use_len; - mbedtls_pem_context pem; - int is_pem = 0; - - if( chain == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - do - { - mbedtls_pem_init( &pem ); - - // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated - // string - if( buflen == 0 || buf[buflen - 1] != '\0' ) - ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN X509 CRL-----", - "-----END X509 CRL-----", - buf, NULL, 0, &use_len ); - - if( ret == 0 ) - { - /* - * Was PEM encoded - */ - is_pem = 1; - - buflen -= use_len; - buf += use_len; - - if( ( ret = mbedtls_x509_crl_parse_der( chain, - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pem_free( &pem ); - return( ret ); - } - } - else if( is_pem ) - { - mbedtls_pem_free( &pem ); - return( ret ); - } - - mbedtls_pem_free( &pem ); - } - /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte. - * And a valid CRL cannot be less than 1 byte anyway. */ - while( is_pem && buflen > 1 ); - - if( is_pem ) - return( 0 ); - else -#endif /* MBEDTLS_PEM_PARSE_C */ - return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) ); -} - -#if defined(MBEDTLS_FS_IO) -/* - * Load one or more CRLs and add them to the chained list - */ -int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) -{ - int ret; - size_t n; - unsigned char *buf; - - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); - - ret = mbedtls_x509_crl_parse( chain, buf, n ); - - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); - - return( ret ); -} -#endif /* MBEDTLS_FS_IO */ - -/* - * Return an informational string about the certificate. - */ -#define BEFORE_COLON 14 -#define BC "14" -/* - * Return an informational string about the CRL. - */ -int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crl *crl ) -{ - int ret; - size_t n; - char *p; - const mbedtls_x509_crl_entry *entry; - - p = buf; - n = size; - - ret = mbedtls_snprintf( p, n, "%sCRL version : %d", - prefix, crl->version ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crl->issuer ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%sthis update : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crl->this_update.year, crl->this_update.mon, - crl->this_update.day, crl->this_update.hour, - crl->this_update.min, crl->this_update.sec ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%snext update : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crl->next_update.year, crl->next_update.mon, - crl->next_update.day, crl->next_update.hour, - crl->next_update.min, crl->next_update.sec ); - MBEDTLS_X509_SAFE_SNPRINTF; - - entry = &crl->entry; - - ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:", - prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - while( entry != NULL && entry->raw.len != 0 ) - { - ret = mbedtls_snprintf( p, n, "\n%sserial number: ", - prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_serial_gets( p, n, &entry->serial ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, " revocation date: " \ - "%04d-%02d-%02d %02d:%02d:%02d", - entry->revocation_date.year, entry->revocation_date.mon, - entry->revocation_date.day, entry->revocation_date.hour, - entry->revocation_date.min, entry->revocation_date.sec ); - MBEDTLS_X509_SAFE_SNPRINTF; - - entry = entry->next; - } - - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, - crl->sig_opts ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n" ); - MBEDTLS_X509_SAFE_SNPRINTF; - - return( (int) ( size - n ) ); -} - -/* - * Initialize a CRL chain - */ -void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ) -{ - memset( crl, 0, sizeof(mbedtls_x509_crl) ); -} - -/* - * Unallocate all CRL data - */ -void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) -{ - mbedtls_x509_crl *crl_cur = crl; - mbedtls_x509_crl *crl_prv; - mbedtls_x509_name *name_cur; - mbedtls_x509_name *name_prv; - mbedtls_x509_crl_entry *entry_cur; - mbedtls_x509_crl_entry *entry_prv; - - if( crl == NULL ) - return; - - do - { -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( crl_cur->sig_opts ); -#endif - - name_cur = crl_cur->issuer.next; - while( name_cur != NULL ) - { - name_prv = name_cur; - name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); - } - - entry_cur = crl_cur->entry.next; - while( entry_cur != NULL ) - { - entry_prv = entry_cur; - entry_cur = entry_cur->next; - mbedtls_platform_zeroize( entry_prv, - sizeof( mbedtls_x509_crl_entry ) ); - mbedtls_free( entry_prv ); - } - - if( crl_cur->raw.p != NULL ) - { - mbedtls_platform_zeroize( crl_cur->raw.p, crl_cur->raw.len ); - mbedtls_free( crl_cur->raw.p ); - } - - crl_cur = crl_cur->next; - } - while( crl_cur != NULL ); - - crl_cur = crl; - do - { - crl_prv = crl_cur; - crl_cur = crl_cur->next; - - mbedtls_platform_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) ); - if( crl_prv != crl ) - mbedtls_free( crl_prv ); - } - while( crl_cur != NULL ); -} - -#endif /* MBEDTLS_X509_CRL_PARSE_C */ diff --git a/library/x509_crt.c b/library/x509_crt.c deleted file mode 100644 index 605d8efd8..000000000 --- a/library/x509_crt.c +++ /dev/null @@ -1,2879 +0,0 @@ -/* - * X.509 certificate parsing and verification - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * The ITU-T X.509 standard defines a certificate format for PKI. - * - * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) - * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) - * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) - * - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf - * - * [SIRO] https://cabforum.org/wp-content/uploads/Chunghwatelecom201503cabforumV4.pdf - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - -#include "mbedtls/x509_crt.h" -#include "mbedtls/oid.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_PEM_PARSE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_snprintf snprintf -#endif - -#if defined(MBEDTLS_THREADING_C) -#include "mbedtls/threading.h" -#endif - -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) -#include -#else -#include -#endif - -#if defined(MBEDTLS_FS_IO) -#include -#if !defined(_WIN32) || defined(EFIX64) || defined(EFI32) -#include -#include -#include -#endif /* !_WIN32 || EFIX64 || EFI32 */ -#endif - -/* - * Item in a verification chain: cert and flags for it - */ -typedef struct { - mbedtls_x509_crt *crt; - uint32_t flags; -} x509_crt_verify_chain_item; - -/* - * Max size of verification chain: end-entity + intermediates + trusted root - */ -#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) - -/* - * Default profile - */ -const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = -{ -#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES) - /* Allow SHA-1 (weak, but still safe in controlled environments) */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | -#endif - /* Only SHA-2 hashes */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 2048, -}; - -/* - * Next-default profile - */ -const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = -{ - /* Hashes from SHA-256 and above */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ -#if defined(MBEDTLS_ECP_C) - /* Curves at or above 128-bit security level */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), -#else - 0, -#endif - 2048, -}; - -/* - * NSA Suite B Profile - */ -const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = -{ - /* Only SHA-256 and 384 */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), - /* Only ECDSA */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECKEY ), -#if defined(MBEDTLS_ECP_C) - /* Only NIST P-256 and P-384 */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ), -#else - 0, -#endif - 0, -}; - -/* - * Check md_alg against profile - * Return 0 if md_alg is acceptable for this profile, -1 otherwise - */ -static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, - mbedtls_md_type_t md_alg ) -{ - if( md_alg == MBEDTLS_MD_NONE ) - return( -1 ); - - if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 ) - return( 0 ); - - return( -1 ); -} - -/* - * Check pk_alg against profile - * Return 0 if pk_alg is acceptable for this profile, -1 otherwise - */ -static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile, - mbedtls_pk_type_t pk_alg ) -{ - if( pk_alg == MBEDTLS_PK_NONE ) - return( -1 ); - - if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 ) - return( 0 ); - - return( -1 ); -} - -/* - * Check key against profile - * Return 0 if pk is acceptable for this profile, -1 otherwise - */ -static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, - const mbedtls_pk_context *pk ) -{ - const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type( pk ); - -#if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { - if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen ) - return( 0 ); - - return( -1 ); - } -#endif - -#if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECDSA || - pk_alg == MBEDTLS_PK_ECKEY || - pk_alg == MBEDTLS_PK_ECKEY_DH ) - { - const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id; - - if( gid == MBEDTLS_ECP_DP_NONE ) - return( -1 ); - - if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 ) - return( 0 ); - - return( -1 ); - } -#endif - - return( -1 ); -} - -/* - * Like memcmp, but case-insensitive and always returns -1 if different - */ -static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) -{ - size_t i; - unsigned char diff; - const unsigned char *n1 = s1, *n2 = s2; - - for( i = 0; i < len; i++ ) - { - diff = n1[i] ^ n2[i]; - - if( diff == 0 ) - continue; - - if( diff == 32 && - ( ( n1[i] >= 'a' && n1[i] <= 'z' ) || - ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) ) - { - continue; - } - - return( -1 ); - } - - return( 0 ); -} - -/* - * Return 0 if name matches wildcard, -1 otherwise - */ -static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) -{ - size_t i; - size_t cn_idx = 0, cn_len = strlen( cn ); - - /* We can't have a match if there is no wildcard to match */ - if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) - return( -1 ); - - for( i = 0; i < cn_len; ++i ) - { - if( cn[i] == '.' ) - { - cn_idx = i; - break; - } - } - - if( cn_idx == 0 ) - return( -1 ); - - if( cn_len - cn_idx == name->len - 1 && - x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) - { - return( 0 ); - } - - return( -1 ); -} - -/* - * Compare two X.509 strings, case-insensitive, and allowing for some encoding - * variations (but not all). - * - * Return 0 if equal, -1 otherwise. - */ -static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) -{ - if( a->tag == b->tag && - a->len == b->len && - memcmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); - } - - if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && - ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && - a->len == b->len && - x509_memcasecmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); - } - - return( -1 ); -} - -/* - * Compare two X.509 Names (aka rdnSequence). - * - * See RFC 5280 section 7.1, though we don't implement the whole algorithm: - * we sometimes return unequal when the full algorithm would return equal, - * but never the other way. (In particular, we don't do Unicode normalisation - * or space folding.) - * - * Return 0 if equal, -1 otherwise. - */ -static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) -{ - /* Avoid recursion, it might not be optimised by the compiler */ - while( a != NULL || b != NULL ) - { - if( a == NULL || b == NULL ) - return( -1 ); - - /* type */ - if( a->oid.tag != b->oid.tag || - a->oid.len != b->oid.len || - memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 ) - { - return( -1 ); - } - - /* value */ - if( x509_string_cmp( &a->val, &b->val ) != 0 ) - return( -1 ); - - /* structure of the list of sets */ - if( a->next_merged != b->next_merged ) - return( -1 ); - - a = a->next; - b = b->next; - } - - /* a == NULL == b */ - return( 0 ); -} - -/* - * Reset (init or clear) a verify_chain - */ -static void x509_crt_verify_chain_reset( - mbedtls_x509_crt_verify_chain *ver_chain ) -{ - size_t i; - - for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ ) - { - ver_chain->items[i].crt = NULL; - ver_chain->items[i].flags = (uint32_t) -1; - } - - ver_chain->len = 0; - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - ver_chain->trust_ca_cb_result = NULL; -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -} - -/* - * Version ::= INTEGER { v1(0), v2(1), v3(2) } - */ -static int x509_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) -{ - int ret; - size_t len; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - *ver = 0; - return( 0 ); - } - - return( ret ); - } - - end = *p + len; - - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_VERSION + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * Validity ::= SEQUENCE { - * notBefore Time, - * notAfter Time } - */ -static int x509_get_dates( unsigned char **p, - const unsigned char *end, - mbedtls_x509_time *from, - mbedtls_x509_time *to ) -{ - int ret; - size_t len; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); - - end = *p + len; - - if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 ) - return( ret ); - - if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 ) - return( ret ); - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * X.509 v2/v3 unique identifier (not parsed) - */ -static int x509_get_uid( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *uid, int n ) -{ - int ret; - - if( *p == end ) - return( 0 ); - - uid->tag = **p; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); - - return( ret ); - } - - uid->p = *p; - *p += uid->len; - - return( 0 ); -} - -static int x509_get_basic_constraints( unsigned char **p, - const unsigned char *end, - int *ca_istrue, - int *max_pathlen ) -{ - int ret; - size_t len; - - /* - * BasicConstraints ::= SEQUENCE { - * cA BOOLEAN DEFAULT FALSE, - * pathLenConstraint INTEGER (0..MAX) OPTIONAL } - */ - *ca_istrue = 0; /* DEFAULT FALSE */ - *max_pathlen = 0; /* endless */ - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( *p == end ) - return( 0 ); - - if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - ret = mbedtls_asn1_get_int( p, end, ca_istrue ); - - if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( *ca_istrue != 0 ) - *ca_istrue = 1; - } - - if( *p == end ) - return( 0 ); - - if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - (*max_pathlen)++; - - return( 0 ); -} - -static int x509_get_ns_cert_type( unsigned char **p, - const unsigned char *end, - unsigned char *ns_cert_type) -{ - int ret; - mbedtls_x509_bitstring bs = { 0, 0, NULL }; - - if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( bs.len != 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); - - /* Get actual bitstring */ - *ns_cert_type = *bs.p; - return( 0 ); -} - -static int x509_get_key_usage( unsigned char **p, - const unsigned char *end, - unsigned int *key_usage) -{ - int ret; - size_t i; - mbedtls_x509_bitstring bs = { 0, 0, NULL }; - - if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( bs.len < 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); - - /* Get actual bitstring */ - *key_usage = 0; - for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ ) - { - *key_usage |= (unsigned int) bs.p[i] << (8*i); - } - - return( 0 ); -} - -/* - * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId - * - * KeyPurposeId ::= OBJECT IDENTIFIER - */ -static int x509_get_ext_key_usage( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *ext_key_usage) -{ - int ret; - - if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - /* Sequence length must be >= 1 */ - if( ext_key_usage->buf.p == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); - - return( 0 ); -} - -/* - * SubjectAltName ::= GeneralNames - * - * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName - * - * GeneralName ::= CHOICE { - * otherName [0] OtherName, - * rfc822Name [1] IA5String, - * dNSName [2] IA5String, - * x400Address [3] ORAddress, - * directoryName [4] Name, - * ediPartyName [5] EDIPartyName, - * uniformResourceIdentifier [6] IA5String, - * iPAddress [7] OCTET STRING, - * registeredID [8] OBJECT IDENTIFIER } - * - * OtherName ::= SEQUENCE { - * type-id OBJECT IDENTIFIER, - * value [0] EXPLICIT ANY DEFINED BY type-id } - * - * EDIPartyName ::= SEQUENCE { - * nameAssigner [0] DirectoryString OPTIONAL, - * partyName [1] DirectoryString } - * - * NOTE: we only parse and use dNSName at this point. - */ -static int x509_get_subject_alt_name( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *subject_alt_name ) -{ - int ret; - size_t len, tag_len; - mbedtls_asn1_buf *buf; - unsigned char tag; - mbedtls_asn1_sequence *cur = subject_alt_name; - - /* Get main sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - while( *p < end ) - { - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - tag = **p; - (*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != - MBEDTLS_ASN1_CONTEXT_SPECIFIC ) - { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - } - - /* Skip everything but DNS name */ - if( tag != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2 ) ) - { - *p += tag_len; - continue; - } - - /* Allocate and assign next pointer */ - if( cur->buf.p != NULL ) - { - if( cur->next != NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); - - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); - - if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_ALLOC_FAILED ); - - cur = cur->next; - } - - buf = &(cur->buf); - buf->tag = tag; - buf->p = *p; - buf->len = tag_len; - *p += buf->len; - } - - /* Set final sequence entry's next pointer to NULL */ - cur->next = NULL; - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * X.509 v3 extensions - * - */ -static int x509_get_crt_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_crt *crt ) -{ - int ret; - size_t len; - unsigned char *end_ext_data, *end_ext_octet; - - if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); - - return( ret ); - } - - while( *p < end ) - { - /* - * Extension ::= SEQUENCE { - * extnID OBJECT IDENTIFIER, - * critical BOOLEAN DEFAULT FALSE, - * extnValue OCTET STRING } - */ - mbedtls_x509_buf extn_oid = {0, 0, NULL}; - int is_critical = 0; /* DEFAULT FALSE */ - int ext_type = 0; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - end_ext_data = *p + len; - - /* Get extension ID */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - extn_oid.tag = MBEDTLS_ASN1_OID; - extn_oid.p = *p; - *p += extn_oid.len; - - /* Get optional critical */ - if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && - ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - /* Data should be octet string type */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - - end_ext_octet = *p + len; - - if( end_ext_octet != end_ext_data ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - /* - * Detect supported extensions - */ - ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type ); - - if( ret != 0 ) - { - /* No parser found, skip extension */ - *p = end_ext_octet; - -#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - { - /* Data is marked as critical: fail */ - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - } -#endif - continue; - } - - /* Forbid repeated extensions */ - if( ( crt->ext_types & ext_type ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); - - crt->ext_types |= ext_type; - - switch( ext_type ) - { - case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: - /* Parse basic constraints */ - if( ( ret = x509_get_basic_constraints( p, end_ext_octet, - &crt->ca_istrue, &crt->max_pathlen ) ) != 0 ) - return( ret ); - break; - - case MBEDTLS_X509_EXT_KEY_USAGE: - /* Parse key usage */ - if( ( ret = x509_get_key_usage( p, end_ext_octet, - &crt->key_usage ) ) != 0 ) - return( ret ); - break; - - case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: - /* Parse extended key usage */ - if( ( ret = x509_get_ext_key_usage( p, end_ext_octet, - &crt->ext_key_usage ) ) != 0 ) - return( ret ); - break; - - case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: - /* Parse subject alt name */ - if( ( ret = x509_get_subject_alt_name( p, end_ext_octet, - &crt->subject_alt_names ) ) != 0 ) - return( ret ); - break; - - case MBEDTLS_X509_EXT_NS_CERT_TYPE: - /* Parse netscape certificate type */ - if( ( ret = x509_get_ns_cert_type( p, end_ext_octet, - &crt->ns_cert_type ) ) != 0 ) - return( ret ); - break; - - default: - /* - * If this is a non-critical extension, which the oid layer - * supports, but there isn't an x509 parser for it, - * skip the extension. - */ -#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - else -#endif - *p = end_ext_octet; - } - } - - if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); -} - -/* - * Parse and fill a single X.509 certificate in DER format - */ -static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, - const unsigned char *buf, - size_t buflen, - int make_copy ) -{ - int ret; - size_t len; - unsigned char *p, *end, *crt_end; - mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; - - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); - - /* - * Check for valid input - */ - if( crt == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - /* Use the original buffer until we figure out actual length. */ - p = (unsigned char*) buf; - len = buflen; - end = p + len; - - /* - * Certificate ::= SEQUENCE { - * tbsCertificate TBSCertificate, - * signatureAlgorithm AlgorithmIdentifier, - * signatureValue BIT STRING } - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); - } - - end = crt_end = p + len; - crt->raw.len = crt_end - buf; - if( make_copy != 0 ) - { - /* Create and populate a new buffer for the raw field. */ - crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len ); - if( crt->raw.p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - memcpy( crt->raw.p, buf, crt->raw.len ); - crt->own_buffer = 1; - - p += crt->raw.len - len; - end = crt_end = p + len; - } - else - { - crt->raw.p = (unsigned char*) buf; - crt->own_buffer = 0; - } - - /* - * TBSCertificate ::= SEQUENCE { - */ - crt->tbs.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - end = p + len; - crt->tbs.len = end - crt->tbs.p; - - /* - * Version ::= INTEGER { v1(0), v2(1), v3(2) } - * - * CertificateSerialNumber ::= INTEGER - * - * signature AlgorithmIdentifier - */ - if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || - ( ret = mbedtls_x509_get_serial( &p, end, &crt->serial ) ) != 0 || - ( ret = mbedtls_x509_get_alg( &p, end, &crt->sig_oid, - &sig_params1 ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - if( crt->version < 0 || crt->version > 2 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); - } - - crt->version++; - - if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1, - &crt->sig_md, &crt->sig_pk, - &crt->sig_opts ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - /* - * issuer Name - */ - crt->issuer_raw.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - crt->issuer_raw.len = p - crt->issuer_raw.p; - - /* - * Validity ::= SEQUENCE { - * notBefore Time, - * notAfter Time } - * - */ - if( ( ret = x509_get_dates( &p, end, &crt->valid_from, - &crt->valid_to ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - /* - * subject Name - */ - crt->subject_raw.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - crt->subject_raw.len = p - crt->subject_raw.p; - - /* - * SubjectPublicKeyInfo - */ - crt->pk_raw.p = p; - if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - crt->pk_raw.len = p - crt->pk_raw.p; - - /* - * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, - * -- If present, version shall be v2 or v3 - * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, - * -- If present, version shall be v2 or v3 - * extensions [3] EXPLICIT Extensions OPTIONAL - * -- If present, version shall be v3 - */ - if( crt->version == 2 || crt->version == 3 ) - { - ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - } - - if( crt->version == 2 || crt->version == 3 ) - { - ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - } - -#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - if( crt->version == 3 ) -#endif - { - ret = x509_get_crt_ext( &p, end, crt ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - } - - if( p != end ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - end = crt_end; - - /* - * } - * -- end of TBSCertificate - * - * signatureAlgorithm AlgorithmIdentifier, - * signatureValue BIT STRING - */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - if( crt->sig_oid.len != sig_oid2.len || - memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 || - sig_params1.len != sig_params2.len || - ( sig_params1.len != 0 && - memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_SIG_MISMATCH ); - } - - if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); - } - - if( p != end ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - return( 0 ); -} - -/* - * Parse one X.509 certificate in DER format from a buffer and add them to a - * chained list - */ -static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy ) -{ - int ret; - mbedtls_x509_crt *crt = chain, *prev = NULL; - - /* - * Check for valid input - */ - if( crt == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - while( crt->version != 0 && crt->next != NULL ) - { - prev = crt; - crt = crt->next; - } - - /* - * Add new certificate on the end of the chain if needed. - */ - if( crt->version != 0 && crt->next == NULL ) - { - crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - - if( crt->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - prev = crt; - mbedtls_x509_crt_init( crt->next ); - crt = crt->next; - } - - if( ( ret = x509_crt_parse_der_core( crt, buf, buflen, make_copy ) ) != 0 ) - { - if( prev ) - prev->next = NULL; - - if( crt != chain ) - mbedtls_free( crt ); - - return( ret ); - } - - return( 0 ); -} - -int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) -{ - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 0 ) ); -} - -int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) -{ - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 1 ) ); -} - -/* - * Parse one or more PEM certificates from a buffer and add them to the chained - * list - */ -int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) -{ -#if defined(MBEDTLS_PEM_PARSE_C) - int success = 0, first_error = 0, total_failed = 0; - int buf_format = MBEDTLS_X509_FORMAT_DER; -#endif - - /* - * Check for valid input - */ - if( chain == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - /* - * Determine buffer content. Buffer contains either one DER certificate or - * one or more PEM certificates. - */ -#if defined(MBEDTLS_PEM_PARSE_C) - if( buflen != 0 && buf[buflen - 1] == '\0' && - strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) - { - buf_format = MBEDTLS_X509_FORMAT_PEM; - } - - if( buf_format == MBEDTLS_X509_FORMAT_DER ) - return mbedtls_x509_crt_parse_der( chain, buf, buflen ); -#else - return mbedtls_x509_crt_parse_der( chain, buf, buflen ); -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) - if( buf_format == MBEDTLS_X509_FORMAT_PEM ) - { - int ret; - mbedtls_pem_context pem; - - /* 1 rather than 0 since the terminating NULL byte is counted in */ - while( buflen > 1 ) - { - size_t use_len; - mbedtls_pem_init( &pem ); - - /* If we get there, we know the string is null-terminated */ - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE-----", - "-----END CERTIFICATE-----", - buf, NULL, 0, &use_len ); - - if( ret == 0 ) - { - /* - * Was PEM encoded - */ - buflen -= use_len; - buf += use_len; - } - else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA ) - { - return( ret ); - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); - - /* - * PEM header and footer were found - */ - buflen -= use_len; - buf += use_len; - - if( first_error == 0 ) - first_error = ret; - - total_failed++; - continue; - } - else - break; - - ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen ); - - mbedtls_pem_free( &pem ); - - if( ret != 0 ) - { - /* - * Quit parsing on a memory error - */ - if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED ) - return( ret ); - - if( first_error == 0 ) - first_error = ret; - - total_failed++; - continue; - } - - success = 1; - } - } - - if( success ) - return( total_failed ); - else if( first_error ) - return( first_error ); - else - return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT ); -#endif /* MBEDTLS_PEM_PARSE_C */ -} - -#if defined(MBEDTLS_FS_IO) -/* - * Load one or more certificates and add them to the chained list - */ -int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ) -{ - int ret; - size_t n; - unsigned char *buf; - - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); - - ret = mbedtls_x509_crt_parse( chain, buf, n ); - - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); - - return( ret ); -} - -int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) -{ - int ret = 0; -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - int w_ret; - WCHAR szDir[MAX_PATH]; - char filename[MAX_PATH]; - char *p; - size_t len = strlen( path ); - - WIN32_FIND_DATAW file_data; - HANDLE hFind; - - if( len > MAX_PATH - 3 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - memset( szDir, 0, sizeof(szDir) ); - memset( filename, 0, MAX_PATH ); - memcpy( filename, path, len ); - filename[len++] = '\\'; - p = filename + len; - filename[len++] = '*'; - - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir, - MAX_PATH - 3 ); - if( w_ret == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - hFind = FindFirstFileW( szDir, &file_data ); - if( hFind == INVALID_HANDLE_VALUE ) - return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); - - len = MAX_PATH - len; - do - { - memset( p, 0, len ); - - if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) - continue; - - w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, - lstrlenW( file_data.cFileName ), - p, (int) len - 1, - NULL, NULL ); - if( w_ret == 0 ) - { - ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; - goto cleanup; - } - - w_ret = mbedtls_x509_crt_parse_file( chain, filename ); - if( w_ret < 0 ) - ret++; - else - ret += w_ret; - } - while( FindNextFileW( hFind, &file_data ) != 0 ); - - if( GetLastError() != ERROR_NO_MORE_FILES ) - ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; - -cleanup: - FindClose( hFind ); -#else /* _WIN32 */ - int t_ret; - int snp_ret; - struct stat sb; - struct dirent *entry; - char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN]; - DIR *dir = opendir( path ); - - if( dir == NULL ) - return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 ) - { - closedir( dir ); - return( ret ); - } -#endif /* MBEDTLS_THREADING_C */ - - while( ( entry = readdir( dir ) ) != NULL ) - { - snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name, - "%s/%s", path, entry->d_name ); - - if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name ) - { - ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; - goto cleanup; - } - else if( stat( entry_name, &sb ) == -1 ) - { - ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; - goto cleanup; - } - - if( !S_ISREG( sb.st_mode ) ) - continue; - - // Ignore parse errors - // - t_ret = mbedtls_x509_crt_parse_file( chain, entry_name ); - if( t_ret < 0 ) - ret++; - else - ret += t_ret; - } - -cleanup: - closedir( dir ); - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 ) - ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; -#endif /* MBEDTLS_THREADING_C */ - -#endif /* _WIN32 */ - - return( ret ); -} -#endif /* MBEDTLS_FS_IO */ - -static int x509_info_subject_alt_name( char **buf, size_t *size, - const mbedtls_x509_sequence *subject_alt_name ) -{ - size_t i; - size_t n = *size; - char *p = *buf; - const mbedtls_x509_sequence *cur = subject_alt_name; - const char *sep = ""; - size_t sep_len = 0; - - while( cur != NULL ) - { - if( cur->buf.len + sep_len >= n ) - { - *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); - } - - n -= cur->buf.len + sep_len; - for( i = 0; i < sep_len; i++ ) - *p++ = sep[i]; - for( i = 0; i < cur->buf.len; i++ ) - *p++ = cur->buf.p[i]; - - sep = ", "; - sep_len = 2; - - cur = cur->next; - } - - *p = '\0'; - - *size = n; - *buf = p; - - return( 0 ); -} - -#define PRINT_ITEM(i) \ - { \ - ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ - MBEDTLS_X509_SAFE_SNPRINTF; \ - sep = ", "; \ - } - -#define CERT_TYPE(type,name) \ - if( ns_cert_type & type ) \ - PRINT_ITEM( name ); - -static int x509_info_cert_type( char **buf, size_t *size, - unsigned char ns_cert_type ) -{ - int ret; - size_t n = *size; - char *p = *buf; - const char *sep = ""; - - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" ); - - *size = n; - *buf = p; - - return( 0 ); -} - -#define KEY_USAGE(code,name) \ - if( key_usage & code ) \ - PRINT_ITEM( name ); - -static int x509_info_key_usage( char **buf, size_t *size, - unsigned int key_usage ) -{ - int ret; - size_t n = *size; - char *p = *buf; - const char *sep = ""; - - KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature" ); - KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment" ); - KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign" ); - KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign" ); - KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only" ); - KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only" ); - - *size = n; - *buf = p; - - return( 0 ); -} - -static int x509_info_ext_key_usage( char **buf, size_t *size, - const mbedtls_x509_sequence *extended_key_usage ) -{ - int ret; - const char *desc; - size_t n = *size; - char *p = *buf; - const mbedtls_x509_sequence *cur = extended_key_usage; - const char *sep = ""; - - while( cur != NULL ) - { - if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) - desc = "???"; - - ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); - MBEDTLS_X509_SAFE_SNPRINTF; - - sep = ", "; - - cur = cur->next; - } - - *size = n; - *buf = p; - - return( 0 ); -} - -/* - * Return an informational string about the certificate. - */ -#define BEFORE_COLON 18 -#define BC "18" -int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crt *crt ) -{ - int ret; - size_t n; - char *p; - char key_size_str[BEFORE_COLON]; - - p = buf; - n = size; - - if( NULL == crt ) - { - ret = mbedtls_snprintf( p, n, "\nCertificate is uninitialised!\n" ); - MBEDTLS_X509_SAFE_SNPRINTF; - - return( (int) ( size - n ) ); - } - - ret = mbedtls_snprintf( p, n, "%scert. version : %d\n", - prefix, crt->version ); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "%sserial number : ", - prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->issuer ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%sissued on : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crt->valid_from.year, crt->valid_from.mon, - crt->valid_from.day, crt->valid_from.hour, - crt->valid_from.min, crt->valid_from.sec ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%sexpires on : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crt->valid_to.year, crt->valid_to.mon, - crt->valid_to.day, crt->valid_to.hour, - crt->valid_to.min, crt->valid_to.sec ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk, - crt->sig_md, crt->sig_opts ); - MBEDTLS_X509_SAFE_SNPRINTF; - - /* Key size */ - if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, - mbedtls_pk_get_name( &crt->pk ) ) ) != 0 ) - { - return( ret ); - } - - ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, - (int) mbedtls_pk_get_bitlen( &crt->pk ) ); - MBEDTLS_X509_SAFE_SNPRINTF; - - /* - * Optional extensions - */ - - if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS ) - { - ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, - crt->ca_istrue ? "true" : "false" ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( crt->max_pathlen > 0 ) - { - ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - } - - if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { - ret = mbedtls_snprintf( p, n, "\n%ssubject alt name : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( ( ret = x509_info_subject_alt_name( &p, &n, - &crt->subject_alt_names ) ) != 0 ) - return( ret ); - } - - if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE ) - { - ret = mbedtls_snprintf( p, n, "\n%scert. type : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) - return( ret ); - } - - if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) - { - ret = mbedtls_snprintf( p, n, "\n%skey usage : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 ) - return( ret ); - } - - if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) - { - ret = mbedtls_snprintf( p, n, "\n%sext key usage : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( ( ret = x509_info_ext_key_usage( &p, &n, - &crt->ext_key_usage ) ) != 0 ) - return( ret ); - } - - ret = mbedtls_snprintf( p, n, "\n" ); - MBEDTLS_X509_SAFE_SNPRINTF; - - return( (int) ( size - n ) ); -} - -struct x509_crt_verify_string { - int code; - const char *string; -}; - -static const struct x509_crt_verify_string x509_crt_verify_strings[] = { - { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, - { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, - { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, - { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, - { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, - { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, - { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, - { MBEDTLS_X509_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" }, - { MBEDTLS_X509_BADCERT_OTHER, "Other reason (can be used by verify callback)" }, - { MBEDTLS_X509_BADCERT_FUTURE, "The certificate validity starts in the future" }, - { MBEDTLS_X509_BADCRL_FUTURE, "The CRL is from the future" }, - { MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" }, - { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, - { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, - { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, - { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, - { 0, NULL } -}; - -int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) -{ - int ret; - const struct x509_crt_verify_string *cur; - char *p = buf; - size_t n = size; - - for( cur = x509_crt_verify_strings; cur->string != NULL ; cur++ ) - { - if( ( flags & cur->code ) == 0 ) - continue; - - ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string ); - MBEDTLS_X509_SAFE_SNPRINTF; - flags ^= cur->code; - } - - if( flags != 0 ) - { - ret = mbedtls_snprintf( p, n, "%sUnknown reason " - "(this should not happen)\n", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - - return( (int) ( size - n ) ); -} - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ) -{ - unsigned int usage_must, usage_may; - unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY - | MBEDTLS_X509_KU_DECIPHER_ONLY; - - if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 ) - return( 0 ); - - usage_must = usage & ~may_mask; - - if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - usage_may = usage & may_mask; - - if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - return( 0 ); -} -#endif - -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) -int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, - const char *usage_oid, - size_t usage_len ) -{ - const mbedtls_x509_sequence *cur; - - /* Extension is not mandatory, absent means no restriction */ - if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 ) - return( 0 ); - - /* - * Look for the requested usage (or wildcard ANY) in our list - */ - for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next ) - { - const mbedtls_x509_buf *cur_oid = &cur->buf; - - if( cur_oid->len == usage_len && - memcmp( cur_oid->p, usage_oid, usage_len ) == 0 ) - { - return( 0 ); - } - - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 ) - return( 0 ); - } - - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); -} -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - -#if defined(MBEDTLS_X509_CRL_PARSE_C) -/* - * Return 1 if the certificate is revoked, or 0 otherwise. - */ -int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ) -{ - const mbedtls_x509_crl_entry *cur = &crl->entry; - - while( cur != NULL && cur->serial.len != 0 ) - { - if( crt->serial.len == cur->serial.len && - memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) - { - if( mbedtls_x509_time_is_past( &cur->revocation_date ) ) - return( 1 ); - } - - cur = cur->next; - } - - return( 0 ); -} - -/* - * Check that the given certificate is not revoked according to the CRL. - * Skip validation if no CRL for the given CA is present. - */ -static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, - mbedtls_x509_crl *crl_list, - const mbedtls_x509_crt_profile *profile ) -{ - int flags = 0; - unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; - - if( ca == NULL ) - return( flags ); - - while( crl_list != NULL ) - { - if( crl_list->version == 0 || - x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 ) - { - crl_list = crl_list->next; - continue; - } - - /* - * Check if the CA is configured to sign CRLs - */ -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( mbedtls_x509_crt_check_key_usage( ca, - MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) - { - flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; - break; - } -#endif - - /* - * Check if CRL is correctly signed by the trusted CA - */ - if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 ) - flags |= MBEDTLS_X509_BADCRL_BAD_MD; - - if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 ) - flags |= MBEDTLS_X509_BADCRL_BAD_PK; - - md_info = mbedtls_md_info_from_type( crl_list->sig_md ); - if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 ) - { - /* Note: this can't happen except after an internal error */ - flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; - break; - } - - if( x509_profile_check_key( profile, &ca->pk ) != 0 ) - flags |= MBEDTLS_X509_BADCERT_BAD_KEY; - - if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, - crl_list->sig_md, hash, mbedtls_md_get_size( md_info ), - crl_list->sig.p, crl_list->sig.len ) != 0 ) - { - flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; - break; - } - - /* - * Check for validity of CRL (Do not drop out) - */ - if( mbedtls_x509_time_is_past( &crl_list->next_update ) ) - flags |= MBEDTLS_X509_BADCRL_EXPIRED; - - if( mbedtls_x509_time_is_future( &crl_list->this_update ) ) - flags |= MBEDTLS_X509_BADCRL_FUTURE; - - /* - * Check if certificate is revoked - */ - if( mbedtls_x509_crt_is_revoked( crt, crl_list ) ) - { - flags |= MBEDTLS_X509_BADCERT_REVOKED; - break; - } - - crl_list = crl_list->next; - } - - return( flags ); -} -#endif /* MBEDTLS_X509_CRL_PARSE_C */ - -/* - * Check the signature of a certificate by its parent - */ -static int x509_crt_check_signature( const mbedtls_x509_crt *child, - mbedtls_x509_crt *parent, - mbedtls_x509_crt_restart_ctx *rs_ctx ) -{ - unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - size_t hash_len; -#if !defined(MBEDTLS_USE_PSA_CRYPTO) - const mbedtls_md_info_t *md_info; - md_info = mbedtls_md_info_from_type( child->sig_md ); - hash_len = mbedtls_md_get_size( md_info ); - - /* Note: hash errors can happen only after an internal error */ - if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) - return( -1 ); -#else - psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md ); - - if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) - return( -1 ); - - if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len ) - != PSA_SUCCESS ) - { - return( -1 ); - } - - if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) - != PSA_SUCCESS ) - { - return( -1 ); - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - /* Skip expensive computation on obvious mismatch */ - if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) ) - return( -1 ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA ) - { - return( mbedtls_pk_verify_restartable( &parent->pk, - child->sig_md, hash, hash_len, - child->sig.p, child->sig.len, &rs_ctx->pk ) ); - } -#else - (void) rs_ctx; -#endif - - return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, - child->sig_md, hash, hash_len, - child->sig.p, child->sig.len ) ); -} - -/* - * Check if 'parent' is a suitable parent (signing CA) for 'child'. - * Return 0 if yes, -1 if not. - * - * top means parent is a locally-trusted certificate - */ -static int x509_crt_check_parent( const mbedtls_x509_crt *child, - const mbedtls_x509_crt *parent, - int top ) -{ - int need_ca_bit; - - /* Parent must be the issuer */ - if( x509_name_cmp( &child->issuer, &parent->subject ) != 0 ) - return( -1 ); - - /* Parent must have the basicConstraints CA bit set as a general rule */ - need_ca_bit = 1; - - /* Exception: v1/v2 certificates that are locally trusted. */ - if( top && parent->version < 3 ) - need_ca_bit = 0; - - if( need_ca_bit && ! parent->ca_istrue ) - return( -1 ); - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( need_ca_bit && - mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 ) - { - return( -1 ); - } -#endif - - return( 0 ); -} - -/* - * Find a suitable parent for child in candidates, or return NULL. - * - * Here suitable is defined as: - * 1. subject name matches child's issuer - * 2. if necessary, the CA bit is set and key usage allows signing certs - * 3. for trusted roots, the signature is correct - * (for intermediates, the signature is checked and the result reported) - * 4. pathlen constraints are satisfied - * - * If there's a suitable candidate which is also time-valid, return the first - * such. Otherwise, return the first suitable candidate (or NULL if there is - * none). - * - * The rationale for this rule is that someone could have a list of trusted - * roots with two versions on the same root with different validity periods. - * (At least one user reported having such a list and wanted it to just work.) - * The reason we don't just require time-validity is that generally there is - * only one version, and if it's expired we want the flags to state that - * rather than NOT_TRUSTED, as would be the case if we required it here. - * - * The rationale for rule 3 (signature for trusted roots) is that users might - * have two versions of the same CA with different keys in their list, and the - * way we select the correct one is by checking the signature (as we don't - * rely on key identifier extensions). (This is one way users might choose to - * handle key rollover, another relies on self-issued certs, see [SIRO].) - * - * Arguments: - * - [in] child: certificate for which we're looking for a parent - * - [in] candidates: chained list of potential parents - * - [out] r_parent: parent found (or NULL) - * - [out] r_signature_is_good: 1 if child signature by parent is valid, or 0 - * - [in] top: 1 if candidates consists of trusted roots, ie we're at the top - * of the chain, 0 otherwise - * - [in] path_cnt: number of intermediates seen so far - * - [in] self_cnt: number of self-signed intermediates seen so far - * (will never be greater than path_cnt) - * - [in-out] rs_ctx: context for restarting operations - * - * Return value: - * - 0 on success - * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise - */ -static int x509_crt_find_parent_in( - mbedtls_x509_crt *child, - mbedtls_x509_crt *candidates, - mbedtls_x509_crt **r_parent, - int *r_signature_is_good, - int top, - unsigned path_cnt, - unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx ) -{ - int ret; - mbedtls_x509_crt *parent, *fallback_parent; - int signature_is_good, fallback_signature_is_good; - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - /* did we have something in progress? */ - if( rs_ctx != NULL && rs_ctx->parent != NULL ) - { - /* restore saved state */ - parent = rs_ctx->parent; - fallback_parent = rs_ctx->fallback_parent; - fallback_signature_is_good = rs_ctx->fallback_signature_is_good; - - /* clear saved state */ - rs_ctx->parent = NULL; - rs_ctx->fallback_parent = NULL; - rs_ctx->fallback_signature_is_good = 0; - - /* resume where we left */ - goto check_signature; - } -#endif - - fallback_parent = NULL; - fallback_signature_is_good = 0; - - for( parent = candidates; parent != NULL; parent = parent->next ) - { - /* basic parenting skills (name, CA bit, key usage) */ - if( x509_crt_check_parent( child, parent, top ) != 0 ) - continue; - - /* +1 because stored max_pathlen is 1 higher that the actual value */ - if( parent->max_pathlen > 0 && - (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) - { - continue; - } - - /* Signature */ -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) -check_signature: -#endif - ret = x509_crt_check_signature( child, parent, rs_ctx ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { - /* save state */ - rs_ctx->parent = parent; - rs_ctx->fallback_parent = fallback_parent; - rs_ctx->fallback_signature_is_good = fallback_signature_is_good; - - return( ret ); - } -#else - (void) ret; -#endif - - signature_is_good = ret == 0; - if( top && ! signature_is_good ) - continue; - - /* optional time check */ - if( mbedtls_x509_time_is_past( &parent->valid_to ) || - mbedtls_x509_time_is_future( &parent->valid_from ) ) - { - if( fallback_parent == NULL ) - { - fallback_parent = parent; - fallback_signature_is_good = signature_is_good; - } - - continue; - } - - break; - } - - if( parent != NULL ) - { - *r_parent = parent; - *r_signature_is_good = signature_is_good; - } - else - { - *r_parent = fallback_parent; - *r_signature_is_good = fallback_signature_is_good; - } - - return( 0 ); -} - -/* - * Find a parent in trusted CAs or the provided chain, or return NULL. - * - * Searches in trusted CAs first, and return the first suitable parent found - * (see find_parent_in() for definition of suitable). - * - * Arguments: - * - [in] child: certificate for which we're looking for a parent, followed - * by a chain of possible intermediates - * - [in] trust_ca: list of locally trusted certificates - * - [out] parent: parent found (or NULL) - * - [out] parent_is_trusted: 1 if returned `parent` is trusted, or 0 - * - [out] signature_is_good: 1 if child signature by parent is valid, or 0 - * - [in] path_cnt: number of links in the chain so far (EE -> ... -> child) - * - [in] self_cnt: number of self-signed certs in the chain so far - * (will always be no greater than path_cnt) - * - [in-out] rs_ctx: context for restarting operations - * - * Return value: - * - 0 on success - * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise - */ -static int x509_crt_find_parent( - mbedtls_x509_crt *child, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crt **parent, - int *parent_is_trusted, - int *signature_is_good, - unsigned path_cnt, - unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx ) -{ - int ret; - mbedtls_x509_crt *search_list; - - *parent_is_trusted = 1; - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - /* restore then clear saved state if we have some stored */ - if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 ) - { - *parent_is_trusted = rs_ctx->parent_is_trusted; - rs_ctx->parent_is_trusted = -1; - } -#endif - - while( 1 ) { - search_list = *parent_is_trusted ? trust_ca : child->next; - - ret = x509_crt_find_parent_in( child, search_list, - parent, signature_is_good, - *parent_is_trusted, - path_cnt, self_cnt, rs_ctx ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { - /* save state */ - rs_ctx->parent_is_trusted = *parent_is_trusted; - return( ret ); - } -#else - (void) ret; -#endif - - /* stop here if found or already in second iteration */ - if( *parent != NULL || *parent_is_trusted == 0 ) - break; - - /* prepare second iteration */ - *parent_is_trusted = 0; - } - - /* extra precaution against mistakes in the caller */ - if( *parent == NULL ) - { - *parent_is_trusted = 0; - *signature_is_good = 0; - } - - return( 0 ); -} - -/* - * Check if an end-entity certificate is locally trusted - * - * Currently we require such certificates to be self-signed (actually only - * check for self-issued as self-signatures are not checked) - */ -static int x509_crt_check_ee_locally_trusted( - mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca ) -{ - mbedtls_x509_crt *cur; - - /* must be self-issued */ - if( x509_name_cmp( &crt->issuer, &crt->subject ) != 0 ) - return( -1 ); - - /* look for an exact match with trusted cert */ - for( cur = trust_ca; cur != NULL; cur = cur->next ) - { - if( crt->raw.len == cur->raw.len && - memcmp( crt->raw.p, cur->raw.p, crt->raw.len ) == 0 ) - { - return( 0 ); - } - } - - /* too bad */ - return( -1 ); -} - -/* - * Build and verify a certificate chain - * - * Given a peer-provided list of certificates EE, C1, ..., Cn and - * a list of trusted certs R1, ... Rp, try to build and verify a chain - * EE, Ci1, ... Ciq [, Rj] - * such that every cert in the chain is a child of the next one, - * jumping to a trusted root as early as possible. - * - * Verify that chain and return it with flags for all issues found. - * - * Special cases: - * - EE == Rj -> return a one-element list containing it - * - EE, Ci1, ..., Ciq cannot be continued with a trusted root - * -> return that chain with NOT_TRUSTED set on Ciq - * - * Tests for (aspects of) this function should include at least: - * - trusted EE - * - EE -> trusted root - * - EE -> intermediate CA -> trusted root - * - if relevant: EE untrusted - * - if relevant: EE -> intermediate, untrusted - * with the aspect under test checked at each relevant level (EE, int, root). - * For some aspects longer chains are required, but usually length 2 is - * enough (but length 1 is not in general). - * - * Arguments: - * - [in] crt: the cert list EE, C1, ..., Cn - * - [in] trust_ca: the trusted list R1, ..., Rp - * - [in] ca_crl, profile: as in verify_with_profile() - * - [out] ver_chain: the built and verified chain - * Only valid when return value is 0, may contain garbage otherwise! - * Restart note: need not be the same when calling again to resume. - * - [in-out] rs_ctx: context for restarting operations - * - * Return value: - * - non-zero if the chain could not be fully built and examined - * - 0 is the chain was successfully built and examined, - * even if it was found to be invalid - */ -static int x509_crt_verify_chain( - mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - mbedtls_x509_crt_verify_chain *ver_chain, - mbedtls_x509_crt_restart_ctx *rs_ctx ) -{ - /* Don't initialize any of those variables here, so that the compiler can - * catch potential issues with jumping ahead when restarting */ - int ret; - uint32_t *flags; - mbedtls_x509_crt_verify_chain_item *cur; - mbedtls_x509_crt *child; - mbedtls_x509_crt *parent; - int parent_is_trusted; - int child_is_trusted; - int signature_is_good; - unsigned self_cnt; - mbedtls_x509_crt *cur_trust_ca = NULL; - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - /* resume if we had an operation in progress */ - if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent ) - { - /* restore saved state */ - *ver_chain = rs_ctx->ver_chain; /* struct copy */ - self_cnt = rs_ctx->self_cnt; - - /* restore derived state */ - cur = &ver_chain->items[ver_chain->len - 1]; - child = cur->crt; - flags = &cur->flags; - - goto find_parent; - } -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - - child = crt; - self_cnt = 0; - parent_is_trusted = 0; - child_is_trusted = 0; - - while( 1 ) { - /* Add certificate to the verification chain */ - cur = &ver_chain->items[ver_chain->len]; - cur->crt = child; - cur->flags = 0; - ver_chain->len++; - flags = &cur->flags; - - /* Check time-validity (all certificates) */ - if( mbedtls_x509_time_is_past( &child->valid_to ) ) - *flags |= MBEDTLS_X509_BADCERT_EXPIRED; - - if( mbedtls_x509_time_is_future( &child->valid_from ) ) - *flags |= MBEDTLS_X509_BADCERT_FUTURE; - - /* Stop here for trusted roots (but not for trusted EE certs) */ - if( child_is_trusted ) - return( 0 ); - - /* Check signature algorithm: MD & PK algs */ - if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 ) - *flags |= MBEDTLS_X509_BADCERT_BAD_MD; - - if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 ) - *flags |= MBEDTLS_X509_BADCERT_BAD_PK; - - /* Special case: EE certs that are locally trusted */ - if( ver_chain->len == 1 && - x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 ) - { - return( 0 ); - } - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) -find_parent: -#endif - - /* Obtain list of potential trusted signers from CA callback, - * or use statically provided list. */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( f_ca_cb != NULL ) - { - mbedtls_x509_crt_free( ver_chain->trust_ca_cb_result ); - mbedtls_free( ver_chain->trust_ca_cb_result ); - ver_chain->trust_ca_cb_result = NULL; - - ret = f_ca_cb( p_ca_cb, child, &ver_chain->trust_ca_cb_result ); - if( ret != 0 ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); - - cur_trust_ca = ver_chain->trust_ca_cb_result; - } - else -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - { - ((void) f_ca_cb); - ((void) p_ca_cb); - cur_trust_ca = trust_ca; - } - - /* Look for a parent in trusted CAs or up the chain */ - ret = x509_crt_find_parent( child, cur_trust_ca, &parent, - &parent_is_trusted, &signature_is_good, - ver_chain->len - 1, self_cnt, rs_ctx ); - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { - /* save state */ - rs_ctx->in_progress = x509_crt_rs_find_parent; - rs_ctx->self_cnt = self_cnt; - rs_ctx->ver_chain = *ver_chain; /* struct copy */ - - return( ret ); - } -#else - (void) ret; -#endif - - /* No parent? We're done here */ - if( parent == NULL ) - { - *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; - return( 0 ); - } - - /* Count intermediate self-issued (not necessarily self-signed) certs. - * These can occur with some strategies for key rollover, see [SIRO], - * and should be excluded from max_pathlen checks. */ - if( ver_chain->len != 1 && - x509_name_cmp( &child->issuer, &child->subject ) == 0 ) - { - self_cnt++; - } - - /* path_cnt is 0 for the first intermediate CA, - * and if parent is trusted it's not an intermediate CA */ - if( ! parent_is_trusted && - ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) - { - /* return immediately to avoid overflow the chain array */ - return( MBEDTLS_ERR_X509_FATAL_ERROR ); - } - - /* signature was checked while searching parent */ - if( ! signature_is_good ) - *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; - - /* check size of signing key */ - if( x509_profile_check_key( profile, &parent->pk ) != 0 ) - *flags |= MBEDTLS_X509_BADCERT_BAD_KEY; - -#if defined(MBEDTLS_X509_CRL_PARSE_C) - /* Check trusted CA's CRL for the given crt */ - *flags |= x509_crt_verifycrl( child, parent, ca_crl, profile ); -#else - (void) ca_crl; -#endif - - /* prepare for next iteration */ - child = parent; - parent = NULL; - child_is_trusted = parent_is_trusted; - signature_is_good = 0; - } -} - -/* - * Check for CN match - */ -static int x509_crt_check_cn( const mbedtls_x509_buf *name, - const char *cn, size_t cn_len ) -{ - /* try exact match */ - if( name->len == cn_len && - x509_memcasecmp( cn, name->p, cn_len ) == 0 ) - { - return( 0 ); - } - - /* try wildcard match */ - if( x509_check_wildcard( cn, name ) == 0 ) - { - return( 0 ); - } - - return( -1 ); -} - -/* - * Verify the requested CN - only call this if cn is not NULL! - */ -static void x509_crt_verify_name( const mbedtls_x509_crt *crt, - const char *cn, - uint32_t *flags ) -{ - const mbedtls_x509_name *name; - const mbedtls_x509_sequence *cur; - size_t cn_len = strlen( cn ); - - if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { - for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next ) - { - if( x509_crt_check_cn( &cur->buf, cn, cn_len ) == 0 ) - break; - } - - if( cur == NULL ) - *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; - } - else - { - for( name = &crt->subject; name != NULL; name = name->next ) - { - if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 && - x509_crt_check_cn( &name->val, cn, cn_len ) == 0 ) - { - break; - } - } - - if( name == NULL ) - *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; - } -} - -/* - * Merge the flags for all certs in the chain, after calling callback - */ -static int x509_crt_merge_flags_with_cb( - uint32_t *flags, - const mbedtls_x509_crt_verify_chain *ver_chain, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) -{ - int ret; - unsigned i; - uint32_t cur_flags; - const mbedtls_x509_crt_verify_chain_item *cur; - - for( i = ver_chain->len; i != 0; --i ) - { - cur = &ver_chain->items[i-1]; - cur_flags = cur->flags; - - if( NULL != f_vrfy ) - if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 ) - return( ret ); - - *flags |= cur_flags; - } - - return( 0 ); -} - -/* - * Verify the certificate validity, with profile, restartable version - * - * This function: - * - checks the requested CN (if any) - * - checks the type and size of the EE cert's key, - * as that isn't done as part of chain building/verification currently - * - builds and verifies the chain - * - then calls the callback and merges the flags - * - * The parameters pairs `trust_ca`, `ca_crl` and `f_ca_cb`, `p_ca_cb` - * are mutually exclusive: If `f_ca_cb != NULL`, it will be used by the - * verification routine to search for trusted signers, and CRLs will - * be disabled. Otherwise, `trust_ca` will be used as the static list - * of trusted signers, and `ca_crl` will be use as the static list - * of CRLs. - */ -static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ) -{ - int ret; - mbedtls_pk_type_t pk_type; - mbedtls_x509_crt_verify_chain ver_chain; - uint32_t ee_flags; - - *flags = 0; - ee_flags = 0; - x509_crt_verify_chain_reset( &ver_chain ); - - if( profile == NULL ) - { - ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; - goto exit; - } - - /* check name if requested */ - if( cn != NULL ) - x509_crt_verify_name( crt, cn, &ee_flags ); - - /* Check the type and size of the key */ - pk_type = mbedtls_pk_get_type( &crt->pk ); - - if( x509_profile_check_pk_alg( profile, pk_type ) != 0 ) - ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK; - - if( x509_profile_check_key( profile, &crt->pk ) != 0 ) - ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY; - - /* Check the chain */ - ret = x509_crt_verify_chain( crt, trust_ca, ca_crl, - f_ca_cb, p_ca_cb, profile, - &ver_chain, rs_ctx ); - - if( ret != 0 ) - goto exit; - - /* Merge end-entity flags */ - ver_chain.items[0].flags |= ee_flags; - - /* Build final flags, calling callback on the way if any */ - ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy ); - -exit: - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - mbedtls_x509_crt_free( ver_chain.trust_ca_cb_result ); - mbedtls_free( ver_chain.trust_ca_cb_result ); - ver_chain.trust_ca_cb_result = NULL; -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_x509_crt_restart_free( rs_ctx ); -#endif - - /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by - * the SSL module for authmode optional, but non-zero return from the - * callback means a fatal error so it shouldn't be ignored */ - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) - ret = MBEDTLS_ERR_X509_FATAL_ERROR; - - if( ret != 0 ) - { - *flags = (uint32_t) -1; - return( ret ); - } - - if( *flags != 0 ) - return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); - - return( 0 ); -} - - -/* - * Verify the certificate validity (default profile, not restartable) - */ -int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) -{ - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - &mbedtls_x509_crt_profile_default, - cn, flags, - f_vrfy, p_vrfy, NULL ) ); -} - -/* - * Verify the certificate validity (user-chosen profile, not restartable) - */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) -{ - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - profile, cn, flags, - f_vrfy, p_vrfy, NULL ) ); -} - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -/* - * Verify the certificate validity (user-chosen profile, CA callback, - * not restartable). - */ -int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) -{ - return( x509_crt_verify_restartable_ca_cb( crt, NULL, NULL, - f_ca_cb, p_ca_cb, - profile, cn, flags, - f_vrfy, p_vrfy, NULL ) ); -} -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ) -{ - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - profile, cn, flags, - f_vrfy, p_vrfy, rs_ctx ) ); -} - - -/* - * Initialize a certificate chain - */ -void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ) -{ - memset( crt, 0, sizeof(mbedtls_x509_crt) ); -} - -/* - * Unallocate all certificate data - */ -void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) -{ - mbedtls_x509_crt *cert_cur = crt; - mbedtls_x509_crt *cert_prv; - mbedtls_x509_name *name_cur; - mbedtls_x509_name *name_prv; - mbedtls_x509_sequence *seq_cur; - mbedtls_x509_sequence *seq_prv; - - if( crt == NULL ) - return; - - do - { - mbedtls_pk_free( &cert_cur->pk ); - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( cert_cur->sig_opts ); -#endif - - name_cur = cert_cur->issuer.next; - while( name_cur != NULL ) - { - name_prv = name_cur; - name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); - } - - name_cur = cert_cur->subject.next; - while( name_cur != NULL ) - { - name_prv = name_cur; - name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); - } - - seq_cur = cert_cur->ext_key_usage.next; - while( seq_cur != NULL ) - { - seq_prv = seq_cur; - seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); - } - - seq_cur = cert_cur->subject_alt_names.next; - while( seq_cur != NULL ) - { - seq_prv = seq_cur; - seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); - } - - if( cert_cur->raw.p != NULL && cert_cur->own_buffer ) - { - mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len ); - mbedtls_free( cert_cur->raw.p ); - } - - cert_cur = cert_cur->next; - } - while( cert_cur != NULL ); - - cert_cur = crt; - do - { - cert_prv = cert_cur; - cert_cur = cert_cur->next; - - mbedtls_platform_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) ); - if( cert_prv != crt ) - mbedtls_free( cert_prv ); - } - while( cert_cur != NULL ); -} - -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) -/* - * Initialize a restart context - */ -void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) -{ - mbedtls_pk_restart_init( &ctx->pk ); - - ctx->parent = NULL; - ctx->fallback_parent = NULL; - ctx->fallback_signature_is_good = 0; - - ctx->parent_is_trusted = -1; - - ctx->in_progress = x509_crt_rs_none; - ctx->self_cnt = 0; - x509_crt_verify_chain_reset( &ctx->ver_chain ); -} - -/* - * Free the components of a restart context - */ -void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_pk_restart_free( &ctx->pk ); - mbedtls_x509_crt_restart_init( ctx ); -} -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - -#endif /* MBEDTLS_X509_CRT_PARSE_C */ diff --git a/library/x509_csr.c b/library/x509_csr.c deleted file mode 100644 index c8c08c87b..000000000 --- a/library/x509_csr.c +++ /dev/null @@ -1,419 +0,0 @@ -/* - * X.509 Certificate Signing Request (CSR) parsing - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * The ITU-T X.509 standard defines a certificate format for PKI. - * - * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) - * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) - * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) - * - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf - * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_CSR_PARSE_C) - -#include "mbedtls/x509_csr.h" -#include "mbedtls/oid.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_PEM_PARSE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_snprintf snprintf -#endif - -#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) -#include -#endif - -/* - * Version ::= INTEGER { v1(0) } - */ -static int x509_csr_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) -{ - int ret; - - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - *ver = 0; - return( 0 ); - } - - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); - } - - return( 0 ); -} - -/* - * Parse a CSR in DER format - */ -int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen ) -{ - int ret; - size_t len; - unsigned char *p, *end; - mbedtls_x509_buf sig_params; - - memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); - - /* - * Check for valid input - */ - if( csr == NULL || buf == NULL || buflen == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - mbedtls_x509_csr_init( csr ); - - /* - * first copy the raw DER data - */ - p = mbedtls_calloc( 1, len = buflen ); - - if( p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - memcpy( p, buf, buflen ); - - csr->raw.p = p; - csr->raw.len = len; - end = p + len; - - /* - * CertificationRequest ::= SEQUENCE { - * certificationRequestInfo CertificationRequestInfo, - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING - * } - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); - } - - if( len != (size_t) ( end - p ) ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - /* - * CertificationRequestInfo ::= SEQUENCE { - */ - csr->cri.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - end = p + len; - csr->cri.len = end - csr->cri.p; - - /* - * Version ::= INTEGER { v1(0) } - */ - if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); - } - - if( csr->version != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); - } - - csr->version++; - - /* - * subject Name - */ - csr->subject_raw.p = p; - - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); - } - - csr->subject_raw.len = p - csr->subject_raw.p; - - /* - * subjectPKInfo SubjectPublicKeyInfo - */ - if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); - } - - /* - * attributes [0] Attributes - * - * The list of possible attributes is open-ended, though RFC 2985 - * (PKCS#9) defines a few in section 5.4. We currently don't support any, - * so we just ignore them. This is a safe thing to do as the worst thing - * that could happen is that we issue a certificate that does not match - * the requester's expectations - this cannot cause a violation of our - * signature policies. - */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); - } - - p += len; - - end = csr->raw.p + csr->raw.len; - - /* - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING - */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); - } - - if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params, - &csr->sig_md, &csr->sig_pk, - &csr->sig_opts ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); - } - - if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); - } - - if( p != end ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - } - - return( 0 ); -} - -/* - * Parse a CSR, allowing for PEM or raw DER encoding - */ -int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) -{ -#if defined(MBEDTLS_PEM_PARSE_C) - int ret; - size_t use_len; - mbedtls_pem_context pem; -#endif - - /* - * Check for valid input - */ - if( csr == NULL || buf == NULL || buflen == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - -#if defined(MBEDTLS_PEM_PARSE_C) - /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] == '\0' ) - { - mbedtls_pem_init( &pem ); - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE REQUEST-----", - "-----END CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); - if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN NEW CERTIFICATE REQUEST-----", - "-----END NEW CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); - } - - if( ret == 0 ) - { - /* - * Was PEM encoded, parse the result - */ - ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); - } - - mbedtls_pem_free( &pem ); - if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); - } -#endif /* MBEDTLS_PEM_PARSE_C */ - return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); -} - -#if defined(MBEDTLS_FS_IO) -/* - * Load a CSR into the structure - */ -int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) -{ - int ret; - size_t n; - unsigned char *buf; - - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); - - ret = mbedtls_x509_csr_parse( csr, buf, n ); - - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); - - return( ret ); -} -#endif /* MBEDTLS_FS_IO */ - -#define BEFORE_COLON 14 -#define BC "14" -/* - * Return an informational string about the CSR. - */ -int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_csr *csr ) -{ - int ret; - size_t n; - char *p; - char key_size_str[BEFORE_COLON]; - - p = buf; - n = size; - - ret = mbedtls_snprintf( p, n, "%sCSR version : %d", - prefix, csr->version ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &csr->subject ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, - csr->sig_opts ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, - mbedtls_pk_get_name( &csr->pk ) ) ) != 0 ) - { - return( ret ); - } - - ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, - (int) mbedtls_pk_get_bitlen( &csr->pk ) ); - MBEDTLS_X509_SAFE_SNPRINTF; - - return( (int) ( size - n ) ); -} - -/* - * Initialize a CSR - */ -void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ) -{ - memset( csr, 0, sizeof(mbedtls_x509_csr) ); -} - -/* - * Unallocate all CSR data - */ -void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ) -{ - mbedtls_x509_name *name_cur; - mbedtls_x509_name *name_prv; - - if( csr == NULL ) - return; - - mbedtls_pk_free( &csr->pk ); - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( csr->sig_opts ); -#endif - - name_cur = csr->subject.next; - while( name_cur != NULL ) - { - name_prv = name_cur; - name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); - } - - if( csr->raw.p != NULL ) - { - mbedtls_platform_zeroize( csr->raw.p, csr->raw.len ); - mbedtls_free( csr->raw.p ); - } - - mbedtls_platform_zeroize( csr, sizeof( mbedtls_x509_csr ) ); -} - -#endif /* MBEDTLS_X509_CSR_PARSE_C */ diff --git a/library/x509write_crt.c b/library/x509write_crt.c deleted file mode 100644 index b6cb745a3..000000000 --- a/library/x509write_crt.c +++ /dev/null @@ -1,495 +0,0 @@ -/* - * X.509 certificate writing - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * References: - * - certificates: RFC 5280, updated by RFC 6818 - * - CSRs: PKCS#10 v1.7 aka RFC 2986 - * - attributes: PKCS#9 v2.0 aka RFC 2985 - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_CRT_WRITE_C) - -#include "mbedtls/x509_crt.h" -#include "mbedtls/oid.h" -#include "mbedtls/asn1write.h" -#include "mbedtls/sha1.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_PEM_WRITE_C) -#include "mbedtls/pem.h" -#endif /* MBEDTLS_PEM_WRITE_C */ - -void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); - - mbedtls_mpi_init( &ctx->serial ); - ctx->version = MBEDTLS_X509_CRT_VERSION_3; -} - -void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ) -{ - mbedtls_mpi_free( &ctx->serial ); - - mbedtls_asn1_free_named_data_list( &ctx->subject ); - mbedtls_asn1_free_named_data_list( &ctx->issuer ); - mbedtls_asn1_free_named_data_list( &ctx->extensions ); - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_cert ) ); -} - -void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ) -{ - ctx->version = version; -} - -void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ) -{ - ctx->md_alg = md_alg; -} - -void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ) -{ - ctx->subject_key = key; -} - -void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ) -{ - ctx->issuer_key = key; -} - -int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, - const char *subject_name ) -{ - return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); -} - -int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, - const char *issuer_name ) -{ - return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name ); -} - -int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ) -{ - int ret; - - if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 ) - return( ret ); - - return( 0 ); -} - -int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, - const char *not_after ) -{ - if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || - strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ) - { - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - } - strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); - strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); - ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; - ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; - - return( 0 ); -} - -int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, - const char *oid, size_t oid_len, - int critical, - const unsigned char *val, size_t val_len ) -{ - return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - critical, val, val_len ); -} - -int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, - int is_ca, int max_pathlen ) -{ - int ret; - unsigned char buf[9]; - unsigned char *c = buf + sizeof(buf); - size_t len = 0; - - memset( buf, 0, sizeof(buf) ); - - if( is_ca && max_pathlen > 127 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - - if( is_ca ) - { - if( max_pathlen >= 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, max_pathlen ) ); - } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) ); - } - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, - MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ), - 0, buf + sizeof(buf) - len, len ); -} - -#if defined(MBEDTLS_SHA1_C) -int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ) -{ - int ret; - unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ - unsigned char *c = buf + sizeof(buf); - size_t len = 0; - - memset( buf, 0, sizeof(buf) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); - - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, - buf + sizeof( buf ) - 20 ); - if( ret != 0 ) - return( ret ); - c = buf + sizeof( buf ) - 20; - len = 20; - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) ); - - return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, - MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ), - 0, buf + sizeof(buf) - len, len ); -} - -int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ) -{ - int ret; - unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ - unsigned char *c = buf + sizeof( buf ); - size_t len = 0; - - memset( buf, 0, sizeof(buf) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); - - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, - buf + sizeof( buf ) - 20 ); - if( ret != 0 ) - return( ret ); - c = buf + sizeof( buf ) - 20; - len = 20; - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, - MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ), - 0, buf + sizeof( buf ) - len, len ); -} -#endif /* MBEDTLS_SHA1_C */ - -int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, - unsigned int key_usage ) -{ - unsigned char buf[5], ku[2]; - unsigned char *c; - int ret; - const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | - MBEDTLS_X509_KU_NON_REPUDIATION | - MBEDTLS_X509_KU_KEY_ENCIPHERMENT | - MBEDTLS_X509_KU_DATA_ENCIPHERMENT | - MBEDTLS_X509_KU_KEY_AGREEMENT | - MBEDTLS_X509_KU_KEY_CERT_SIGN | - MBEDTLS_X509_KU_CRL_SIGN | - MBEDTLS_X509_KU_ENCIPHER_ONLY | - MBEDTLS_X509_KU_DECIPHER_ONLY; - - /* Check that nothing other than the allowed flags is set */ - if( ( key_usage & ~allowed_bits ) != 0 ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - - c = buf + 5; - ku[0] = (unsigned char)( key_usage ); - ku[1] = (unsigned char)( key_usage >> 8 ); - ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); - - if( ret < 0 ) - return( ret ); - else if( ret < 3 || ret > 5 ) - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); - - ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - 1, c, (size_t)ret ); - if( ret != 0 ) - return( ret ); - - return( 0 ); -} - -int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, - unsigned char ns_cert_type ) -{ - unsigned char buf[4]; - unsigned char *c; - int ret; - - c = buf + 4; - - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); - - ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - 0, c, (size_t)ret ); - if( ret != 0 ) - return( ret ); - - return( 0 ); -} - -static int x509_write_time( unsigned char **p, unsigned char *start, - const char *t, size_t size ) -{ - int ret; - size_t len = 0; - - /* - * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter) - */ - if( t[0] == '2' && t[1] == '0' && t[2] < '5' ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) t + 2, - size - 2 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) ); - } - else - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) t, - size ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) ); - } - - return( (int) len ); -} - -int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - const char *sig_oid; - size_t sig_oid_len = 0; - unsigned char *c, *c2; - unsigned char hash[64]; - unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; - unsigned char tmp_buf[2048]; - size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; - size_t len = 0; - mbedtls_pk_type_t pk_alg; - - /* - * Prepare data to be signed in tmp_buf - */ - c = tmp_buf + sizeof( tmp_buf ); - - /* Signature algorithm needed in TBS, and later for actual signature */ - - /* There's no direct way of extracting a signature algorithm - * (represented as an element of mbedtls_pk_type_t) from a PK instance. */ - if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) ) - pk_alg = MBEDTLS_PK_RSA; - else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) ) - pk_alg = MBEDTLS_PK_ECDSA; - else - return( MBEDTLS_ERR_X509_INVALID_ALG ); - - if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, - &sig_oid, &sig_oid_len ) ) != 0 ) - { - return( ret ); - } - - /* - * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension - */ - - /* Only for v3 */ - if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 3 ) ); - } - - /* - * SubjectPublicKeyInfo - */ - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->subject_key, - tmp_buf, c - tmp_buf ) ); - c -= pub_len; - len += pub_len; - - /* - * Subject ::= Name - */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) ); - - /* - * Validity ::= SEQUENCE { - * notBefore Time, - * notAfter Time } - */ - sub_len = 0; - - MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after, - MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); - - MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before, - MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); - - len += sub_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - /* - * Issuer ::= Name - */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->issuer ) ); - - /* - * Signature ::= AlgorithmIdentifier - */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, tmp_buf, - sig_oid, strlen( sig_oid ), 0 ) ); - - /* - * Serial ::= INTEGER - */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, tmp_buf, &ctx->serial ) ); - - /* - * Version ::= INTEGER { v1(0), v2(1), v3(2) } - */ - - /* Can be omitted for v1 */ - if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 ) - { - sub_len = 0; - MBEDTLS_ASN1_CHK_ADD( sub_len, mbedtls_asn1_write_int( &c, tmp_buf, ctx->version ) ); - len += sub_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); - } - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - /* - * Make signature - */ - if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, - len, hash ) ) != 0 ) - { - return( ret ); - } - - if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len, - f_rng, p_rng ) ) != 0 ) - { - return( ret ); - } - - /* - * Write data to output buffer - */ - c2 = buf + size; - MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf, - sig_oid, sig_oid_len, sig, sig_len ) ); - - if( len > (size_t)( c2 - buf ) ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - c2 -= len; - memcpy( c2, c, len ); - - len += sig_and_oid_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - return( (int) len ); -} - -#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" -#define PEM_END_CRT "-----END CERTIFICATE-----\n" - -#if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - unsigned char output_buf[4096]; - size_t olen = 0; - - if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf), - f_rng, p_rng ) ) < 0 ) - { - return( ret ); - } - - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_PEM_WRITE_C */ - -#endif /* MBEDTLS_X509_CRT_WRITE_C */ diff --git a/library/x509write_csr.c b/library/x509write_csr.c deleted file mode 100644 index 8dc39e7a5..000000000 --- a/library/x509write_csr.c +++ /dev/null @@ -1,287 +0,0 @@ -/* - * X.509 Certificate Signing Request writing - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * References: - * - CSRs: PKCS#10 v1.7 aka RFC 2986 - * - attributes: PKCS#9 v2.0 aka RFC 2985 - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_X509_CSR_WRITE_C) - -#include "mbedtls/x509_csr.h" -#include "mbedtls/oid.h" -#include "mbedtls/asn1write.h" -#include "mbedtls/platform_util.h" - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif - -#include -#include - -#if defined(MBEDTLS_PEM_WRITE_C) -#include "mbedtls/pem.h" -#endif - -void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); -} - -void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) -{ - mbedtls_asn1_free_named_data_list( &ctx->subject ); - mbedtls_asn1_free_named_data_list( &ctx->extensions ); - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) ); -} - -void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ) -{ - ctx->md_alg = md_alg; -} - -void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ) -{ - ctx->key = key; -} - -int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, - const char *subject_name ) -{ - return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); -} - -int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len, - const unsigned char *val, size_t val_len ) -{ - return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - 0, val, val_len ); -} - -int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) -{ - unsigned char buf[4]; - unsigned char *c; - int ret; - - c = buf + 4; - - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); - - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - c, (size_t)ret ); - if( ret != 0 ) - return( ret ); - - return( 0 ); -} - -int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, - unsigned char ns_cert_type ) -{ - unsigned char buf[4]; - unsigned char *c; - int ret; - - c = buf + 4; - - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); - - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - c, (size_t)ret ); - if( ret != 0 ) - return( ret ); - - return( 0 ); -} - -int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - const char *sig_oid; - size_t sig_oid_len = 0; - unsigned char *c, *c2; - unsigned char hash[64]; - unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; - unsigned char tmp_buf[2048]; - size_t pub_len = 0, sig_and_oid_len = 0, sig_len; - size_t len = 0; - mbedtls_pk_type_t pk_alg; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - size_t hash_len; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - /* - * Prepare data to be signed in tmp_buf - */ - c = tmp_buf + sizeof( tmp_buf ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); - - if( len ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SET ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &c, tmp_buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, - MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - } - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ); - - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key, - tmp_buf, c - tmp_buf ) ); - c -= pub_len; - len += pub_len; - - /* - * Subject ::= Name - */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) ); - - /* - * Version ::= INTEGER { v1(0), v2(1), v3(2) } - */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, tmp_buf, 0 ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - /* - * Prepare signature - * Note: hash errors can happen only after an internal error - */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); - - if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); - - if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) - != PSA_SUCCESS ) - { - return( MBEDTLS_ERR_X509_FATAL_ERROR ); - } -#else /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); -#endif - if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, - f_rng, p_rng ) ) != 0 ) - { - return( ret ); - } - - if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) ) - pk_alg = MBEDTLS_PK_RSA; - else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) ) - pk_alg = MBEDTLS_PK_ECDSA; - else - return( MBEDTLS_ERR_X509_INVALID_ALG ); - - if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, - &sig_oid, &sig_oid_len ) ) != 0 ) - { - return( ret ); - } - - /* - * Write data to output buffer - */ - c2 = buf + size; - MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf, - sig_oid, sig_oid_len, sig, sig_len ) ); - - if( len > (size_t)( c2 - buf ) ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - c2 -= len; - memcpy( c2, c, len ); - - len += sig_and_oid_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - - return( (int) len ); -} - -#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" -#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" - -#if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - int ret; - unsigned char output_buf[4096]; - size_t olen = 0; - - if( ( ret = mbedtls_x509write_csr_der( ctx, output_buf, sizeof(output_buf), - f_rng, p_rng ) ) < 0 ) - { - return( ret ); - } - - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_PEM_WRITE_C */ - -#endif /* MBEDTLS_X509_CSR_WRITE_C */ diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index f33038f6d..c1dc7433d 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -46,7 +46,6 @@ #include "mbedtls/cipher_internal.h" #include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" -#include "mbedtls/debug.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" #include "mbedtls/ecdh.h" @@ -66,15 +65,12 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/md_internal.h" -#include "mbedtls/net.h" -#include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" #include "mbedtls/padlock.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" -#include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" #include "mbedtls/platform_time.h" @@ -87,12 +83,6 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_internal.h" -#include "mbedtls/ssl_ticket.h" #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 94c8ec16d..fc25353fa 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -53,7 +53,6 @@ #include "mbedtls/cipher.h" #include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" -#include "mbedtls/debug.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" #include "mbedtls/ecdh.h" @@ -72,13 +71,11 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/memory_buffer_alloc.h" -#include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" #include "mbedtls/padlock.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" -#include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" #include "mbedtls/platform_time.h" @@ -89,19 +86,9 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_internal.h" -#include "mbedtls/ssl_ticket.h" #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" #include "mbedtls/xtea.h" #include diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 064da4c38..600f13030 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -53,7 +53,6 @@ #include "mbedtls/cipher.h" #include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" -#include "mbedtls/debug.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" #include "mbedtls/ecdh.h" @@ -72,13 +71,11 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/memory_buffer_alloc.h" -#include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" #include "mbedtls/padlock.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" -#include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" #include "mbedtls/platform_time.h" @@ -89,19 +86,9 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_internal.h" -#include "mbedtls/ssl_ticket.h" #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" #include "mbedtls/xtea.h" #include diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index c56e976a7..07c80e84f 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -168,7 +168,6 @@ - @@ -189,15 +188,12 @@ - - - @@ -211,19 +207,9 @@ - - - - - - - - - - @@ -255,14 +241,12 @@ - - @@ -283,14 +267,12 @@ - - @@ -308,24 +290,10 @@ - - - - - - - - - - - - - - From b58ff9541ba6ce14d34215f8e40d3c0d90ade268 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 13:53:31 +0000 Subject: [PATCH 1186/2197] scripts: Remove dependency on TLS --- scripts/generate_errors.pl | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 0c1f7e16e..8282c3ba2 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -36,7 +36,7 @@ my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 - RSA SSL X509 ); + RSA X509 ); my $line_separator = $/; undef $/; @@ -92,7 +92,6 @@ foreach my $line (@matches) my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); $define_name = "ASN1_PARSE" if ($define_name eq "ASN1"); - $define_name = "SSL_TLS" if ($define_name eq "SSL"); $define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM"); my $include_name = $module_name; @@ -160,19 +159,8 @@ foreach my $line (@matches) ${$old_define} = $define_name; } - if ($error_name eq "MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE") - { - ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". - "${white_space}\{\n". - "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n". - "${white_space} return;\n". - "${white_space}}\n" - } - else - { - ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". - "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n" - } + ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". + "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n" }; if ($ll_old_define ne "") From 43a450c858c4b4d681fc3cb695622fe8fd05c66a Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 13:55:05 +0000 Subject: [PATCH 1187/2197] scripts: Remove dependency on X.509 --- scripts/generate_errors.pl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 8282c3ba2..04bef211f 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -36,7 +36,7 @@ my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 - RSA X509 ); + RSA ); my $line_separator = $/; undef $/; @@ -90,7 +90,6 @@ foreach my $line (@matches) $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); my $define_name = $module_name; - $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); $define_name = "ASN1_PARSE" if ($define_name eq "ASN1"); $define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM"); From 356acc82ad413dfec8d49745793e94a2e2f4c69e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 13:55:25 +0000 Subject: [PATCH 1188/2197] scripts: Remove dependency on NET --- scripts/generate_errors.pl | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 04bef211f..e640f4ccd 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -32,7 +32,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5 - NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 + OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 @@ -97,9 +97,6 @@ foreach my $line (@matches) $include_name =~ tr/A-Z/a-z/; $include_name = "" if ($include_name eq "asn1"); - # Fix faulty ones - $include_name = "net_sockets" if ($module_name eq "NET"); - my $found_ll = grep $_ eq $module_name, @low_level_modules; my $found_hl = grep $_ eq $module_name, @high_level_modules; if (!$found_ll && !$found_hl) From ef24980e667debd0cb8f1f26218c452bacbbe084 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 21 Feb 2019 13:17:12 +0000 Subject: [PATCH 1189/2197] Remove unused test data files --- tests/data_files/Makefile | 216 --------------- tests/data_files/Readme-x509.txt | 131 --------- tests/data_files/bitstring-in-dn.pem | 51 ---- tests/data_files/cert_example_multi.crt | 80 ------ tests/data_files/cert_example_multi_nocn.crt | 13 - tests/data_files/cert_example_wildcard.crt | 77 ------ tests/data_files/cert_md2.crt | 77 ------ tests/data_files/cert_md4.crt | 77 ------ tests/data_files/cert_md5.crt | 77 ------ tests/data_files/cert_sha1.crt | 77 ------ tests/data_files/cert_sha224.crt | 77 ------ tests/data_files/cert_sha256.crt | 77 ------ tests/data_files/cert_sha384.crt | 77 ------ tests/data_files/cert_sha512.crt | 77 ------ tests/data_files/cert_v1_with_ext.crt | 23 -- tests/data_files/cli-rsa-sha1.crt | 20 -- tests/data_files/cli-rsa-sha256.crt | 20 -- tests/data_files/cli.opensslconf | 4 - tests/data_files/cli2.crt | 14 - tests/data_files/cli2.key | 5 - tests/data_files/crl-ec-sha1.pem | 10 - tests/data_files/crl-ec-sha224.pem | 10 - tests/data_files/crl-ec-sha256.pem | 10 - tests/data_files/crl-ec-sha384.pem | 10 - tests/data_files/crl-ec-sha512.pem | 10 - tests/data_files/crl-future.pem | 11 - tests/data_files/crl-idp.pem | 12 - tests/data_files/crl-idpnc.pem | 12 - .../crl-malformed-trailing-spaces.pem | 20 -- tests/data_files/crl-rsa-pss-sha1-badsign.pem | 14 - tests/data_files/crl-rsa-pss-sha1.pem | 14 - tests/data_files/crl-rsa-pss-sha224.pem | 16 -- tests/data_files/crl-rsa-pss-sha256.pem | 16 -- tests/data_files/crl-rsa-pss-sha384.pem | 16 -- tests/data_files/crl-rsa-pss-sha512.pem | 16 -- tests/data_files/crl.pem | 11 - tests/data_files/crl_cat_ec-rsa.pem | 21 -- tests/data_files/crl_cat_ecfut-rsa.pem | 22 -- tests/data_files/crl_cat_rsa-ec.pem | 21 -- tests/data_files/crl_cat_rsabadpem-ec.pem | 21 -- tests/data_files/crl_expired.pem | 11 - tests/data_files/crl_md2.pem | 11 - tests/data_files/crl_md4.pem | 11 - tests/data_files/crl_md5.pem | 11 - tests/data_files/crl_sha1.pem | 11 - tests/data_files/crl_sha224.pem | 11 - tests/data_files/crl_sha256.pem | 11 - tests/data_files/crl_sha384.pem | 11 - tests/data_files/crl_sha512.pem | 11 - tests/data_files/crt_cat_rsaexp-ec.pem | 21 -- tests/data_files/dh.1000.pem | 34 --- tests/data_files/dir-maxpath/00.crt | 11 - tests/data_files/dir-maxpath/00.key | 8 - tests/data_files/dir-maxpath/01.crt | 13 - tests/data_files/dir-maxpath/01.key | 8 - tests/data_files/dir-maxpath/02.crt | 12 - tests/data_files/dir-maxpath/02.key | 8 - tests/data_files/dir-maxpath/03.crt | 12 - tests/data_files/dir-maxpath/03.key | 8 - tests/data_files/dir-maxpath/04.crt | 12 - tests/data_files/dir-maxpath/04.key | 8 - tests/data_files/dir-maxpath/05.crt | 12 - tests/data_files/dir-maxpath/05.key | 8 - tests/data_files/dir-maxpath/06.crt | 12 - tests/data_files/dir-maxpath/06.key | 8 - tests/data_files/dir-maxpath/07.crt | 12 - tests/data_files/dir-maxpath/07.key | 8 - tests/data_files/dir-maxpath/08.crt | 12 - tests/data_files/dir-maxpath/08.key | 8 - tests/data_files/dir-maxpath/09.crt | 12 - tests/data_files/dir-maxpath/09.key | 8 - tests/data_files/dir-maxpath/10.crt | 12 - tests/data_files/dir-maxpath/10.key | 8 - tests/data_files/dir-maxpath/11.crt | 12 - tests/data_files/dir-maxpath/11.key | 8 - tests/data_files/dir-maxpath/12.crt | 12 - tests/data_files/dir-maxpath/12.key | 8 - tests/data_files/dir-maxpath/13.crt | 12 - tests/data_files/dir-maxpath/13.key | 8 - tests/data_files/dir-maxpath/14.crt | 12 - tests/data_files/dir-maxpath/14.key | 8 - tests/data_files/dir-maxpath/15.crt | 12 - tests/data_files/dir-maxpath/15.key | 8 - tests/data_files/dir-maxpath/16.crt | 12 - tests/data_files/dir-maxpath/16.key | 8 - tests/data_files/dir-maxpath/17.crt | 12 - tests/data_files/dir-maxpath/17.key | 8 - tests/data_files/dir-maxpath/18.crt | 12 - tests/data_files/dir-maxpath/18.key | 8 - tests/data_files/dir-maxpath/19.crt | 12 - tests/data_files/dir-maxpath/19.key | 8 - tests/data_files/dir-maxpath/20.crt | 12 - tests/data_files/dir-maxpath/20.key | 8 - tests/data_files/dir-maxpath/Readme.txt | 10 - tests/data_files/dir-maxpath/c00.pem | 11 - tests/data_files/dir-maxpath/c01.pem | 24 -- tests/data_files/dir-maxpath/c02.pem | 36 --- tests/data_files/dir-maxpath/c03.pem | 48 ---- tests/data_files/dir-maxpath/c04.pem | 60 ----- tests/data_files/dir-maxpath/c05.pem | 72 ----- tests/data_files/dir-maxpath/c06.pem | 84 ------ tests/data_files/dir-maxpath/c07.pem | 96 ------- tests/data_files/dir-maxpath/c08.pem | 108 -------- tests/data_files/dir-maxpath/c09.pem | 120 --------- tests/data_files/dir-maxpath/c10.pem | 132 --------- tests/data_files/dir-maxpath/c11.pem | 144 ---------- tests/data_files/dir-maxpath/c12.pem | 156 ----------- tests/data_files/dir-maxpath/c13.pem | 168 ------------ tests/data_files/dir-maxpath/c14.pem | 180 ------------- tests/data_files/dir-maxpath/c15.pem | 192 ------------- tests/data_files/dir-maxpath/c16.pem | 204 -------------- tests/data_files/dir-maxpath/c17.pem | 216 --------------- tests/data_files/dir-maxpath/c18.pem | 228 ---------------- tests/data_files/dir-maxpath/c19.pem | 240 ----------------- tests/data_files/dir-maxpath/c20.pem | 252 ------------------ tests/data_files/dir-maxpath/int.opensslconf | 4 - tests/data_files/dir-maxpath/long.sh | 35 --- tests/data_files/dir1/test-ca.crt | 80 ------ tests/data_files/dir2/test-ca.crt | 80 ------ tests/data_files/dir2/test-ca2.crt | 15 -- tests/data_files/dir3/Readme | 1 - tests/data_files/dir3/test-ca.crt | 80 ------ tests/data_files/dir3/test-ca2.crt | 15 -- tests/data_files/dir4/Readme | 47 ---- tests/data_files/dir4/cert11.crt | 18 -- tests/data_files/dir4/cert12.crt | 19 -- tests/data_files/dir4/cert13.crt | 19 -- tests/data_files/dir4/cert14.crt | 19 -- tests/data_files/dir4/cert21.crt | 18 -- tests/data_files/dir4/cert22.crt | 19 -- tests/data_files/dir4/cert23.crt | 19 -- tests/data_files/dir4/cert31.crt | 18 -- tests/data_files/dir4/cert32.crt | 19 -- tests/data_files/dir4/cert33.crt | 19 -- tests/data_files/dir4/cert34.crt | 19 -- tests/data_files/dir4/cert41.crt | 18 -- tests/data_files/dir4/cert42.crt | 19 -- tests/data_files/dir4/cert43.crt | 19 -- tests/data_files/dir4/cert44.crt | 19 -- tests/data_files/dir4/cert45.crt | 19 -- tests/data_files/dir4/cert51.crt | 18 -- tests/data_files/dir4/cert52.crt | 19 -- tests/data_files/dir4/cert53.crt | 19 -- tests/data_files/dir4/cert54.crt | 19 -- tests/data_files/dir4/cert61.crt | 18 -- tests/data_files/dir4/cert62.crt | 19 -- tests/data_files/dir4/cert63.crt | 19 -- tests/data_files/dir4/cert71.crt | 18 -- tests/data_files/dir4/cert72.crt | 19 -- tests/data_files/dir4/cert73.crt | 19 -- tests/data_files/dir4/cert74.crt | 19 -- tests/data_files/dir4/cert81.crt | 11 - tests/data_files/dir4/cert82.crt | 11 - tests/data_files/dir4/cert83.crt | 11 - tests/data_files/dir4/cert91.crt | 11 - tests/data_files/dir4/cert92.crt | 11 - tests/data_files/enco-ca-prstr.pem | 14 - tests/data_files/enco-cert-utf8str.pem | 13 - tests/data_files/format_gen.pub | 6 - tests/data_files/format_pkcs12.fmt | Bin 3381 -> 0 bytes tests/data_files/keyUsage.decipherOnly.crt | 14 - tests/data_files/passwd.psk | 1 - tests/data_files/rsa_pkcs8_1024_public.der | Bin 162 -> 0 bytes tests/data_files/server1-ms.req.sha256 | 16 -- tests/data_files/server1-nospace.crt | 21 -- tests/data_files/server1-v1.crt | 19 -- tests/data_files/server1.cert_type.crt | 20 -- .../server1.cert_type.crt.openssl.v3_ext | 5 - .../data_files/server1.cert_type_noauthid.crt | 20 -- tests/data_files/server1.crt | 20 -- tests/data_files/server1.crt.openssl.v3_ext | 4 - tests/data_files/server1.csr | 16 -- tests/data_files/server1.der | Bin 835 -> 0 bytes tests/data_files/server1.ext_ku.crt | 22 -- tests/data_files/server1.key_usage.crt | 20 -- .../server1.key_usage.crt.openssl.v3_ext | 5 - .../data_files/server1.key_usage_noauthid.crt | 20 -- tests/data_files/server1.noauthid.crt | 19 -- tests/data_files/server1.req.cert_type | 17 -- tests/data_files/server1.req.cert_type_empty | 17 -- tests/data_files/server1.req.key_usage | 17 -- tests/data_files/server1.req.key_usage_empty | 17 -- tests/data_files/server1.req.ku-ct | 17 -- tests/data_files/server1.req.md4 | 16 -- tests/data_files/server1.req.md5 | 16 -- tests/data_files/server1.req.sha1 | 16 -- tests/data_files/server1.req.sha224 | 16 -- tests/data_files/server1.req.sha256 | 16 -- tests/data_files/server1.req.sha384 | 16 -- tests/data_files/server1.req.sha512 | 16 -- tests/data_files/server1.v1.crt | 18 -- tests/data_files/server10-badsign.crt | 10 - tests/data_files/server10-bs_int3.pem | 22 -- tests/data_files/server10.crt | 10 - tests/data_files/server10.key | 5 - tests/data_files/server10_int3-bs.pem | 22 -- tests/data_files/server10_int3_int-ca2.crt | 40 --- tests/data_files/server10_int3_int-ca2_ca.crt | 120 --------- .../server10_int3_spurious_int-ca2.crt | 64 ----- tests/data_files/server1_ca.crt | 41 --- tests/data_files/server1_csr.opensslconf | 10 - tests/data_files/server2-badsign.crt | 20 -- tests/data_files/server2-sha256.crt | 20 -- tests/data_files/server2-v1-chain.crt | 38 --- tests/data_files/server2-v1.crt | 19 -- tests/data_files/server2.crt | 20 -- tests/data_files/server2.der | Bin 827 -> 0 bytes tests/data_files/server2.ku-ds.crt | 21 -- tests/data_files/server2.ku-ds_ke.crt | 21 -- tests/data_files/server2.ku-ka.crt | 21 -- tests/data_files/server2.ku-ke.crt | 21 -- tests/data_files/server3.crt | 17 -- tests/data_files/server3.key | 5 - tests/data_files/server4.crt | 18 -- tests/data_files/server4.key | 27 -- tests/data_files/server5-badsign.crt | 14 - tests/data_files/server5-der0.crt | Bin 547 -> 0 bytes tests/data_files/server5-der1a.crt | Bin 548 -> 0 bytes tests/data_files/server5-der1b.crt | Bin 548 -> 0 bytes tests/data_files/server5-der2.crt | Bin 549 -> 0 bytes tests/data_files/server5-der4.crt | Bin 551 -> 0 bytes tests/data_files/server5-der8.crt | Bin 555 -> 0 bytes tests/data_files/server5-der9.crt | Bin 556 -> 0 bytes tests/data_files/server5-expired.crt | 14 - tests/data_files/server5-future.crt | 14 - tests/data_files/server5-selfsigned.crt | 12 - tests/data_files/server5-sha1.crt | 14 - tests/data_files/server5-sha224.crt | 14 - tests/data_files/server5-sha384.crt | 14 - tests/data_files/server5-sha512.crt | 14 - tests/data_files/server5-ss-expired.crt | 12 - tests/data_files/server5-ss-forgeca.crt | 11 - tests/data_files/server5.crt | 14 - tests/data_files/server5.eku-cli.crt | 13 - tests/data_files/server5.eku-cs.crt | 13 - tests/data_files/server5.eku-cs_any.crt | 13 - tests/data_files/server5.eku-srv.crt | 13 - tests/data_files/server5.eku-srv_cli.crt | 13 - tests/data_files/server5.ku-ds.crt | 14 - tests/data_files/server5.ku-ka.crt | 14 - tests/data_files/server5.ku-ke.crt | 14 - tests/data_files/server5.req.ku.sha1 | 8 - tests/data_files/server5.req.sha1 | 8 - tests/data_files/server5.req.sha224 | 8 - tests/data_files/server5.req.sha256 | 8 - tests/data_files/server5.req.sha384 | 8 - tests/data_files/server5.req.sha512 | 8 - tests/data_files/server6-ss-child.crt | 13 - tests/data_files/server6.crt | 14 - tests/data_files/server6.key | 5 - tests/data_files/server7-badsign.crt | 47 ---- tests/data_files/server7-expired.crt | 47 ---- tests/data_files/server7-future.crt | 47 ---- tests/data_files/server7.crt | 23 -- tests/data_files/server7.key | 5 - tests/data_files/server7_all_space.crt | 47 ---- tests/data_files/server7_int-ca-exp.crt | 47 ---- tests/data_files/server7_int-ca.crt | 47 ---- tests/data_files/server7_int-ca_ca2.crt | 62 ----- tests/data_files/server7_pem_space.crt | 47 ---- tests/data_files/server7_spurious_int-ca.crt | 65 ----- tests/data_files/server7_trailing_space.crt | 47 ---- tests/data_files/server8.crt | 18 -- tests/data_files/server8.key | 27 -- tests/data_files/server8_int-ca2.crt | 36 --- tests/data_files/server9-bad-mgfhash.crt | 20 -- tests/data_files/server9-bad-saltlen.crt | 20 -- tests/data_files/server9-badsign.crt | 19 -- tests/data_files/server9-defaults.crt | 19 -- tests/data_files/server9-sha224.crt | 20 -- tests/data_files/server9-sha256.crt | 20 -- tests/data_files/server9-sha384.crt | 20 -- tests/data_files/server9-sha512.crt | 20 -- tests/data_files/server9-with-ca.crt | 99 ------- tests/data_files/server9.crt | 19 -- tests/data_files/server9.key | 15 -- tests/data_files/server9.req.sha1 | 11 - tests/data_files/server9.req.sha224 | 12 - tests/data_files/server9.req.sha256 | 12 - tests/data_files/server9.req.sha384 | 12 - tests/data_files/server9.req.sha512 | 12 - tests/data_files/test-ca-alt-good.crt | 41 --- tests/data_files/test-ca-alt.crt | 21 -- tests/data_files/test-ca-alt.csr | 16 -- tests/data_files/test-ca-alt.key | 27 -- tests/data_files/test-ca-good-alt.crt | 41 --- tests/data_files/test-ca-sha1.crt | 20 -- tests/data_files/test-ca-sha256.crt | 20 -- tests/data_files/test-ca-v1.crt | 19 -- tests/data_files/test-ca.crt | 20 -- tests/data_files/test-ca.der | Bin 837 -> 0 bytes tests/data_files/test-ca.opensslconf | 28 -- tests/data_files/test-ca.server1.opensslconf | 18 -- tests/data_files/test-ca2-expired.crt | 13 - tests/data_files/test-ca2.crt | 15 -- tests/data_files/test-ca2.key | 6 - tests/data_files/test-ca2.ku-crl.crt | 12 - tests/data_files/test-ca2.ku-crt.crt | 12 - tests/data_files/test-ca2.ku-crt_crl.crt | 12 - tests/data_files/test-ca2.ku-ds.crt | 12 - .../test-ca2_cat-future-invalid.crt | 27 -- .../test-ca2_cat-future-present.crt | 28 -- .../data_files/test-ca2_cat-past-invalid.crt | 27 -- .../data_files/test-ca2_cat-past-present.crt | 28 -- .../test-ca2_cat-present-future.crt | 28 -- .../data_files/test-ca2_cat-present-past.crt | 28 -- tests/data_files/test-ca_cat12.crt | 35 --- tests/data_files/test-ca_cat21.crt | 35 --- tests/data_files/test-ca_printable.crt | 21 -- tests/data_files/test-ca_uppercase.crt | 20 -- tests/data_files/test-ca_utf8.crt | 20 -- tests/data_files/test-int-ca-exp.crt | 24 -- tests/data_files/test-int-ca.crt | 24 -- tests/data_files/test-int-ca.key | 51 ---- tests/data_files/test-int-ca2.crt | 18 -- tests/data_files/test-int-ca2.key | 6 - tests/data_files/test-int-ca3-badsign.crt | 12 - tests/data_files/test-int-ca3.crt | 12 - tests/data_files/test-int-ca3.key | 8 - 319 files changed, 9039 deletions(-) delete mode 100644 tests/data_files/Readme-x509.txt delete mode 100644 tests/data_files/bitstring-in-dn.pem delete mode 100644 tests/data_files/cert_example_multi.crt delete mode 100644 tests/data_files/cert_example_multi_nocn.crt delete mode 100644 tests/data_files/cert_example_wildcard.crt delete mode 100644 tests/data_files/cert_md2.crt delete mode 100644 tests/data_files/cert_md4.crt delete mode 100644 tests/data_files/cert_md5.crt delete mode 100644 tests/data_files/cert_sha1.crt delete mode 100644 tests/data_files/cert_sha224.crt delete mode 100644 tests/data_files/cert_sha256.crt delete mode 100644 tests/data_files/cert_sha384.crt delete mode 100644 tests/data_files/cert_sha512.crt delete mode 100644 tests/data_files/cert_v1_with_ext.crt delete mode 100644 tests/data_files/cli-rsa-sha1.crt delete mode 100644 tests/data_files/cli-rsa-sha256.crt delete mode 100644 tests/data_files/cli.opensslconf delete mode 100644 tests/data_files/cli2.crt delete mode 100644 tests/data_files/cli2.key delete mode 100644 tests/data_files/crl-ec-sha1.pem delete mode 100644 tests/data_files/crl-ec-sha224.pem delete mode 100644 tests/data_files/crl-ec-sha256.pem delete mode 100644 tests/data_files/crl-ec-sha384.pem delete mode 100644 tests/data_files/crl-ec-sha512.pem delete mode 100644 tests/data_files/crl-future.pem delete mode 100644 tests/data_files/crl-idp.pem delete mode 100644 tests/data_files/crl-idpnc.pem delete mode 100644 tests/data_files/crl-malformed-trailing-spaces.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha1-badsign.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha1.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha224.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha256.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha384.pem delete mode 100644 tests/data_files/crl-rsa-pss-sha512.pem delete mode 100644 tests/data_files/crl.pem delete mode 100644 tests/data_files/crl_cat_ec-rsa.pem delete mode 100644 tests/data_files/crl_cat_ecfut-rsa.pem delete mode 100644 tests/data_files/crl_cat_rsa-ec.pem delete mode 100644 tests/data_files/crl_cat_rsabadpem-ec.pem delete mode 100644 tests/data_files/crl_expired.pem delete mode 100644 tests/data_files/crl_md2.pem delete mode 100644 tests/data_files/crl_md4.pem delete mode 100644 tests/data_files/crl_md5.pem delete mode 100644 tests/data_files/crl_sha1.pem delete mode 100644 tests/data_files/crl_sha224.pem delete mode 100644 tests/data_files/crl_sha256.pem delete mode 100644 tests/data_files/crl_sha384.pem delete mode 100644 tests/data_files/crl_sha512.pem delete mode 100644 tests/data_files/crt_cat_rsaexp-ec.pem delete mode 100644 tests/data_files/dh.1000.pem delete mode 100644 tests/data_files/dir-maxpath/00.crt delete mode 100644 tests/data_files/dir-maxpath/00.key delete mode 100644 tests/data_files/dir-maxpath/01.crt delete mode 100644 tests/data_files/dir-maxpath/01.key delete mode 100644 tests/data_files/dir-maxpath/02.crt delete mode 100644 tests/data_files/dir-maxpath/02.key delete mode 100644 tests/data_files/dir-maxpath/03.crt delete mode 100644 tests/data_files/dir-maxpath/03.key delete mode 100644 tests/data_files/dir-maxpath/04.crt delete mode 100644 tests/data_files/dir-maxpath/04.key delete mode 100644 tests/data_files/dir-maxpath/05.crt delete mode 100644 tests/data_files/dir-maxpath/05.key delete mode 100644 tests/data_files/dir-maxpath/06.crt delete mode 100644 tests/data_files/dir-maxpath/06.key delete mode 100644 tests/data_files/dir-maxpath/07.crt delete mode 100644 tests/data_files/dir-maxpath/07.key delete mode 100644 tests/data_files/dir-maxpath/08.crt delete mode 100644 tests/data_files/dir-maxpath/08.key delete mode 100644 tests/data_files/dir-maxpath/09.crt delete mode 100644 tests/data_files/dir-maxpath/09.key delete mode 100644 tests/data_files/dir-maxpath/10.crt delete mode 100644 tests/data_files/dir-maxpath/10.key delete mode 100644 tests/data_files/dir-maxpath/11.crt delete mode 100644 tests/data_files/dir-maxpath/11.key delete mode 100644 tests/data_files/dir-maxpath/12.crt delete mode 100644 tests/data_files/dir-maxpath/12.key delete mode 100644 tests/data_files/dir-maxpath/13.crt delete mode 100644 tests/data_files/dir-maxpath/13.key delete mode 100644 tests/data_files/dir-maxpath/14.crt delete mode 100644 tests/data_files/dir-maxpath/14.key delete mode 100644 tests/data_files/dir-maxpath/15.crt delete mode 100644 tests/data_files/dir-maxpath/15.key delete mode 100644 tests/data_files/dir-maxpath/16.crt delete mode 100644 tests/data_files/dir-maxpath/16.key delete mode 100644 tests/data_files/dir-maxpath/17.crt delete mode 100644 tests/data_files/dir-maxpath/17.key delete mode 100644 tests/data_files/dir-maxpath/18.crt delete mode 100644 tests/data_files/dir-maxpath/18.key delete mode 100644 tests/data_files/dir-maxpath/19.crt delete mode 100644 tests/data_files/dir-maxpath/19.key delete mode 100644 tests/data_files/dir-maxpath/20.crt delete mode 100644 tests/data_files/dir-maxpath/20.key delete mode 100644 tests/data_files/dir-maxpath/Readme.txt delete mode 100644 tests/data_files/dir-maxpath/c00.pem delete mode 100644 tests/data_files/dir-maxpath/c01.pem delete mode 100644 tests/data_files/dir-maxpath/c02.pem delete mode 100644 tests/data_files/dir-maxpath/c03.pem delete mode 100644 tests/data_files/dir-maxpath/c04.pem delete mode 100644 tests/data_files/dir-maxpath/c05.pem delete mode 100644 tests/data_files/dir-maxpath/c06.pem delete mode 100644 tests/data_files/dir-maxpath/c07.pem delete mode 100644 tests/data_files/dir-maxpath/c08.pem delete mode 100644 tests/data_files/dir-maxpath/c09.pem delete mode 100644 tests/data_files/dir-maxpath/c10.pem delete mode 100644 tests/data_files/dir-maxpath/c11.pem delete mode 100644 tests/data_files/dir-maxpath/c12.pem delete mode 100644 tests/data_files/dir-maxpath/c13.pem delete mode 100644 tests/data_files/dir-maxpath/c14.pem delete mode 100644 tests/data_files/dir-maxpath/c15.pem delete mode 100644 tests/data_files/dir-maxpath/c16.pem delete mode 100644 tests/data_files/dir-maxpath/c17.pem delete mode 100644 tests/data_files/dir-maxpath/c18.pem delete mode 100644 tests/data_files/dir-maxpath/c19.pem delete mode 100644 tests/data_files/dir-maxpath/c20.pem delete mode 100644 tests/data_files/dir-maxpath/int.opensslconf delete mode 100755 tests/data_files/dir-maxpath/long.sh delete mode 100644 tests/data_files/dir1/test-ca.crt delete mode 100644 tests/data_files/dir2/test-ca.crt delete mode 100644 tests/data_files/dir2/test-ca2.crt delete mode 100644 tests/data_files/dir3/Readme delete mode 100644 tests/data_files/dir3/test-ca.crt delete mode 100644 tests/data_files/dir3/test-ca2.crt delete mode 100644 tests/data_files/dir4/Readme delete mode 100644 tests/data_files/dir4/cert11.crt delete mode 100644 tests/data_files/dir4/cert12.crt delete mode 100644 tests/data_files/dir4/cert13.crt delete mode 100644 tests/data_files/dir4/cert14.crt delete mode 100644 tests/data_files/dir4/cert21.crt delete mode 100644 tests/data_files/dir4/cert22.crt delete mode 100644 tests/data_files/dir4/cert23.crt delete mode 100644 tests/data_files/dir4/cert31.crt delete mode 100644 tests/data_files/dir4/cert32.crt delete mode 100644 tests/data_files/dir4/cert33.crt delete mode 100644 tests/data_files/dir4/cert34.crt delete mode 100644 tests/data_files/dir4/cert41.crt delete mode 100644 tests/data_files/dir4/cert42.crt delete mode 100644 tests/data_files/dir4/cert43.crt delete mode 100644 tests/data_files/dir4/cert44.crt delete mode 100644 tests/data_files/dir4/cert45.crt delete mode 100644 tests/data_files/dir4/cert51.crt delete mode 100644 tests/data_files/dir4/cert52.crt delete mode 100644 tests/data_files/dir4/cert53.crt delete mode 100644 tests/data_files/dir4/cert54.crt delete mode 100644 tests/data_files/dir4/cert61.crt delete mode 100644 tests/data_files/dir4/cert62.crt delete mode 100644 tests/data_files/dir4/cert63.crt delete mode 100644 tests/data_files/dir4/cert71.crt delete mode 100644 tests/data_files/dir4/cert72.crt delete mode 100644 tests/data_files/dir4/cert73.crt delete mode 100644 tests/data_files/dir4/cert74.crt delete mode 100644 tests/data_files/dir4/cert81.crt delete mode 100644 tests/data_files/dir4/cert82.crt delete mode 100644 tests/data_files/dir4/cert83.crt delete mode 100644 tests/data_files/dir4/cert91.crt delete mode 100644 tests/data_files/dir4/cert92.crt delete mode 100644 tests/data_files/enco-ca-prstr.pem delete mode 100644 tests/data_files/enco-cert-utf8str.pem delete mode 100644 tests/data_files/format_gen.pub delete mode 100644 tests/data_files/format_pkcs12.fmt delete mode 100644 tests/data_files/keyUsage.decipherOnly.crt delete mode 100644 tests/data_files/passwd.psk delete mode 100644 tests/data_files/rsa_pkcs8_1024_public.der delete mode 100644 tests/data_files/server1-ms.req.sha256 delete mode 100644 tests/data_files/server1-nospace.crt delete mode 100644 tests/data_files/server1-v1.crt delete mode 100644 tests/data_files/server1.cert_type.crt delete mode 100644 tests/data_files/server1.cert_type.crt.openssl.v3_ext delete mode 100644 tests/data_files/server1.cert_type_noauthid.crt delete mode 100644 tests/data_files/server1.crt delete mode 100644 tests/data_files/server1.crt.openssl.v3_ext delete mode 100644 tests/data_files/server1.csr delete mode 100644 tests/data_files/server1.der delete mode 100644 tests/data_files/server1.ext_ku.crt delete mode 100644 tests/data_files/server1.key_usage.crt delete mode 100644 tests/data_files/server1.key_usage.crt.openssl.v3_ext delete mode 100644 tests/data_files/server1.key_usage_noauthid.crt delete mode 100644 tests/data_files/server1.noauthid.crt delete mode 100644 tests/data_files/server1.req.cert_type delete mode 100644 tests/data_files/server1.req.cert_type_empty delete mode 100644 tests/data_files/server1.req.key_usage delete mode 100644 tests/data_files/server1.req.key_usage_empty delete mode 100644 tests/data_files/server1.req.ku-ct delete mode 100644 tests/data_files/server1.req.md4 delete mode 100644 tests/data_files/server1.req.md5 delete mode 100644 tests/data_files/server1.req.sha1 delete mode 100644 tests/data_files/server1.req.sha224 delete mode 100644 tests/data_files/server1.req.sha256 delete mode 100644 tests/data_files/server1.req.sha384 delete mode 100644 tests/data_files/server1.req.sha512 delete mode 100644 tests/data_files/server1.v1.crt delete mode 100644 tests/data_files/server10-badsign.crt delete mode 100644 tests/data_files/server10-bs_int3.pem delete mode 100644 tests/data_files/server10.crt delete mode 100644 tests/data_files/server10.key delete mode 100644 tests/data_files/server10_int3-bs.pem delete mode 100644 tests/data_files/server10_int3_int-ca2.crt delete mode 100644 tests/data_files/server10_int3_int-ca2_ca.crt delete mode 100644 tests/data_files/server10_int3_spurious_int-ca2.crt delete mode 100644 tests/data_files/server1_ca.crt delete mode 100644 tests/data_files/server1_csr.opensslconf delete mode 100644 tests/data_files/server2-badsign.crt delete mode 100644 tests/data_files/server2-sha256.crt delete mode 100644 tests/data_files/server2-v1-chain.crt delete mode 100644 tests/data_files/server2-v1.crt delete mode 100644 tests/data_files/server2.crt delete mode 100644 tests/data_files/server2.der delete mode 100644 tests/data_files/server2.ku-ds.crt delete mode 100644 tests/data_files/server2.ku-ds_ke.crt delete mode 100644 tests/data_files/server2.ku-ka.crt delete mode 100644 tests/data_files/server2.ku-ke.crt delete mode 100644 tests/data_files/server3.crt delete mode 100644 tests/data_files/server3.key delete mode 100644 tests/data_files/server4.crt delete mode 100644 tests/data_files/server4.key delete mode 100644 tests/data_files/server5-badsign.crt delete mode 100644 tests/data_files/server5-der0.crt delete mode 100644 tests/data_files/server5-der1a.crt delete mode 100644 tests/data_files/server5-der1b.crt delete mode 100644 tests/data_files/server5-der2.crt delete mode 100644 tests/data_files/server5-der4.crt delete mode 100644 tests/data_files/server5-der8.crt delete mode 100644 tests/data_files/server5-der9.crt delete mode 100644 tests/data_files/server5-expired.crt delete mode 100644 tests/data_files/server5-future.crt delete mode 100644 tests/data_files/server5-selfsigned.crt delete mode 100644 tests/data_files/server5-sha1.crt delete mode 100644 tests/data_files/server5-sha224.crt delete mode 100644 tests/data_files/server5-sha384.crt delete mode 100644 tests/data_files/server5-sha512.crt delete mode 100644 tests/data_files/server5-ss-expired.crt delete mode 100644 tests/data_files/server5-ss-forgeca.crt delete mode 100644 tests/data_files/server5.crt delete mode 100644 tests/data_files/server5.eku-cli.crt delete mode 100644 tests/data_files/server5.eku-cs.crt delete mode 100644 tests/data_files/server5.eku-cs_any.crt delete mode 100644 tests/data_files/server5.eku-srv.crt delete mode 100644 tests/data_files/server5.eku-srv_cli.crt delete mode 100644 tests/data_files/server5.ku-ds.crt delete mode 100644 tests/data_files/server5.ku-ka.crt delete mode 100644 tests/data_files/server5.ku-ke.crt delete mode 100644 tests/data_files/server5.req.ku.sha1 delete mode 100644 tests/data_files/server5.req.sha1 delete mode 100644 tests/data_files/server5.req.sha224 delete mode 100644 tests/data_files/server5.req.sha256 delete mode 100644 tests/data_files/server5.req.sha384 delete mode 100644 tests/data_files/server5.req.sha512 delete mode 100644 tests/data_files/server6-ss-child.crt delete mode 100644 tests/data_files/server6.crt delete mode 100644 tests/data_files/server6.key delete mode 100644 tests/data_files/server7-badsign.crt delete mode 100644 tests/data_files/server7-expired.crt delete mode 100644 tests/data_files/server7-future.crt delete mode 100644 tests/data_files/server7.crt delete mode 100644 tests/data_files/server7.key delete mode 100644 tests/data_files/server7_all_space.crt delete mode 100644 tests/data_files/server7_int-ca-exp.crt delete mode 100644 tests/data_files/server7_int-ca.crt delete mode 100644 tests/data_files/server7_int-ca_ca2.crt delete mode 100644 tests/data_files/server7_pem_space.crt delete mode 100644 tests/data_files/server7_spurious_int-ca.crt delete mode 100644 tests/data_files/server7_trailing_space.crt delete mode 100644 tests/data_files/server8.crt delete mode 100644 tests/data_files/server8.key delete mode 100644 tests/data_files/server8_int-ca2.crt delete mode 100644 tests/data_files/server9-bad-mgfhash.crt delete mode 100644 tests/data_files/server9-bad-saltlen.crt delete mode 100644 tests/data_files/server9-badsign.crt delete mode 100644 tests/data_files/server9-defaults.crt delete mode 100644 tests/data_files/server9-sha224.crt delete mode 100644 tests/data_files/server9-sha256.crt delete mode 100644 tests/data_files/server9-sha384.crt delete mode 100644 tests/data_files/server9-sha512.crt delete mode 100644 tests/data_files/server9-with-ca.crt delete mode 100644 tests/data_files/server9.crt delete mode 100644 tests/data_files/server9.key delete mode 100644 tests/data_files/server9.req.sha1 delete mode 100644 tests/data_files/server9.req.sha224 delete mode 100644 tests/data_files/server9.req.sha256 delete mode 100644 tests/data_files/server9.req.sha384 delete mode 100644 tests/data_files/server9.req.sha512 delete mode 100644 tests/data_files/test-ca-alt-good.crt delete mode 100644 tests/data_files/test-ca-alt.crt delete mode 100644 tests/data_files/test-ca-alt.csr delete mode 100644 tests/data_files/test-ca-alt.key delete mode 100644 tests/data_files/test-ca-good-alt.crt delete mode 100644 tests/data_files/test-ca-sha1.crt delete mode 100644 tests/data_files/test-ca-sha256.crt delete mode 100644 tests/data_files/test-ca-v1.crt delete mode 100644 tests/data_files/test-ca.crt delete mode 100644 tests/data_files/test-ca.der delete mode 100644 tests/data_files/test-ca.opensslconf delete mode 100644 tests/data_files/test-ca.server1.opensslconf delete mode 100644 tests/data_files/test-ca2-expired.crt delete mode 100644 tests/data_files/test-ca2.crt delete mode 100644 tests/data_files/test-ca2.key delete mode 100644 tests/data_files/test-ca2.ku-crl.crt delete mode 100644 tests/data_files/test-ca2.ku-crt.crt delete mode 100644 tests/data_files/test-ca2.ku-crt_crl.crt delete mode 100644 tests/data_files/test-ca2.ku-ds.crt delete mode 100644 tests/data_files/test-ca2_cat-future-invalid.crt delete mode 100644 tests/data_files/test-ca2_cat-future-present.crt delete mode 100644 tests/data_files/test-ca2_cat-past-invalid.crt delete mode 100644 tests/data_files/test-ca2_cat-past-present.crt delete mode 100644 tests/data_files/test-ca2_cat-present-future.crt delete mode 100644 tests/data_files/test-ca2_cat-present-past.crt delete mode 100644 tests/data_files/test-ca_cat12.crt delete mode 100644 tests/data_files/test-ca_cat21.crt delete mode 100644 tests/data_files/test-ca_printable.crt delete mode 100644 tests/data_files/test-ca_uppercase.crt delete mode 100644 tests/data_files/test-ca_utf8.crt delete mode 100644 tests/data_files/test-int-ca-exp.crt delete mode 100644 tests/data_files/test-int-ca.crt delete mode 100644 tests/data_files/test-int-ca.key delete mode 100644 tests/data_files/test-int-ca2.crt delete mode 100644 tests/data_files/test-int-ca2.key delete mode 100644 tests/data_files/test-int-ca3-badsign.crt delete mode 100644 tests/data_files/test-int-ca3.crt delete mode 100644 tests/data_files/test-int-ca3.key diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 98f322db7..512bb2969 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -61,52 +61,7 @@ test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA256 version=3 output_file=$@ all_final += test-ca-sha256.crt -test_ca_key_file_rsa_alt = test-ca-alt.key - -$(test_ca_key_file_rsa_alt): - $(OPENSSL) genrsa -out $@ 2048 -test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) - $(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ -all_intermediate += test-ca-alt.csr -test-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr - $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@ -all_final += test-ca-alt.crt -test-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt - cat test-ca-alt.crt test-ca-sha256.crt > $@ -all_final += test-ca-alt-good.crt -test-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt - cat test-ca-sha256.crt test-ca-alt.crt > $@ -all_final += test-ca-good-alt.crt - -test_ca_crt_file_ec = test-ca2.crt -test_ca_key_file_ec = test-ca2.key - -test_ca_crt_cat12 = test-ca_cat12.crt -$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec) - cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@ -all_final += $(test_ca_crt_cat12) - -test_ca_crt_cat21 = test-ca_cat21.crt -$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec) - cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@ -all_final += $(test_ca_crt_cat21) - -test-int-ca.csr: test-int-ca.key $(test_ca_config_file) - $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@ -all_intermediate += test-int-ca.csr -test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr - $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ -all_final += test-int-ca-exp.crt - -crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) - $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@ -all_final += crl-idp.pem -crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) - $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@ -all_final += crl-idpnc.pem - cli_crt_key_file_rsa = cli-rsa.key -cli_crt_extensions_file = cli.opensslconf cli-rsa.csr: $(cli_crt_key_file_rsa) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1 @@ -121,56 +76,10 @@ all_final += cli-rsa-sha256.crt test_ca_int_rsa1 = test-int-ca.crt -server7.csr: server7.key - $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@ -all_intermediate += server7.csr -server7-expired.crt: server7.csr $(test_ca_int_rsa1) - $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ -all_final += server7-expired.crt -server7-future.crt: server7.csr $(test_ca_int_rsa1) - $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ -all_final += server7-future.crt -server7-badsign.crt: server7.crt $(test_ca_int_rsa1) - { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@ -all_final += server7-badsign.crt -server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt - cat server7.crt test-int-ca-exp.crt > $@ -all_final += server7_int-ca-exp.crt - -server5-ss-expired.crt: server5.key - $(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@ -all_final += server5-ss-expired.crt - -# try to forge a copy of test-int-ca3 with different key -server5-ss-forgeca.crt: server5.key - $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@ -all_final += server5-ss-forgeca.crt - -server10-badsign.crt: server10.crt - { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ -all_final += server10-badsign.crt -server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt - cat server10-badsign.crt test-int-ca3.crt > $@ -all_final += server10-bs_int3.pem -test-int-ca3-badsign.crt: test-int-ca3.crt - { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ -all_final += test-int-ca3-badsign.crt -server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt - cat server10.crt test-int-ca3-badsign.crt > $@ -all_final += server10_int3-bs.pem - -rsa_pkcs1_2048_public.pem: server8.key - $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@ -all_final += rsa_pkcs1_2048_public.pem - rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem $(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@ all_final += rsa_pkcs1_2048_public.der -rsa_pkcs8_2048_public.pem: server8.key - $(OPENSSL) rsa -in $< -outform PEM -pubout -out $@ -all_final += rsa_pkcs8_2048_public.pem - rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@ all_final += rsa_pkcs8_2048_public.der @@ -749,140 +658,16 @@ all_final += ec_prv.pk8param.pem ### Generate CSRs for X.509 write test suite ################################################################ -server1.req.sha1: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 -all_final += server1.req.sha1 - -server1.req.md4: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4 -all_final += server1.req.md4 - -server1.req.md5: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5 -all_final += server1.req.md5 - -server1.req.sha224: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224 -all_final += server1.req.sha224 - -server1.req.sha256: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256 -all_final += server1.req.sha256 - -server1.req.sha384: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384 -all_final += server1.req.sha384 - -server1.req.sha512: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512 -all_final += server1.req.sha512 - -server1.req.cert_type: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 -all_final += server1.req.cert_type - -server1.req.key_usage: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 -all_final += server1.req.key_usage - -server1.req.ku-ct: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 -all_final += server1.req.ku-ct - -server1.req.key_usage_empty: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1 -all_final += server1.req.key_usage_empty - -server1.req.cert_type_empty: server1.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1 -all_final += server1.req.cert_type_empty - # server2* server2.req.sha256: server2.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256 all_intermediate += server2.req.sha256 -# server5* - -# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.' -server5.req.ku.sha1: server5.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 -all_final += server5.req.ku.sha1 - ################################################################ ### Generate certificates for CRT write check tests ################################################################ -### The test files use the Mbed TLS generated certificates server1*.crt, -### but for comparison with OpenSSL also rules for OpenSSL-generated -### certificates server1*.crt.openssl are offered. -### -### Known differences: -### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension -### as unused bits, while Mbed TLS doesn't. - -test_ca_server1_db = test-ca.server1.db -test_ca_server1_serial = test-ca.server1.serial -test_ca_server1_config_file = test-ca.server1.opensslconf - -# server1* - -server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@ -server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ -server1.der: server1.crt - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -all_final += server1.crt server1.noauthid.crt server1.der - -server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ -server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@ -server1.key_usage.der: server1.key_usage.crt - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der - -server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@ -server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@ -server1.cert_type.der: server1.cert_type.crt - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der - -server1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=1 output_file=$@ -server1.v1.der: server1.v1.crt - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -all_final += server1.v1.crt server1.v1.der - -# OpenSSL-generated certificates for comparison -# Also provide certificates in DER format to allow -# direct binary comparison using e.g. dumpasn1 -server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) - echo "01" > $(test_ca_server1_serial) - rm -f $(test_ca_server1_db) - touch $(test_ca_server1_db) - $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@ -server1.der.openssl: server1.crt.openssl - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -server1.key_usage.der.openssl: server1.key_usage.crt.openssl - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -server1.cert_type.der.openssl: server1.cert_type.crt.openssl - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ - -server1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) - echo "01" > $(test_ca_server1_serial) - rm -f $(test_ca_server1_db) - touch $(test_ca_server1_db) - $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@ -server1.v1.der.openssl: server1.v1.crt.openssl - $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ - -server1_all: server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl - # server2* server2.crt: server2.req.sha256 @@ -912,7 +697,6 @@ all: $(all_intermediate) $(all_final) .PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024 .PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048 .PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096 -.PHONY: server1_all # These files should not be committed to the repository. list_intermediate: diff --git a/tests/data_files/Readme-x509.txt b/tests/data_files/Readme-x509.txt deleted file mode 100644 index 6f54ed0c1..000000000 --- a/tests/data_files/Readme-x509.txt +++ /dev/null @@ -1,131 +0,0 @@ -This documents the X.509 CAs, certificates, and CRLS used for testing. - -Certification authorities -------------------------- - -There are two main CAs for use as trusted roots: -- test-ca.crt aka "C=NL, O=PolarSSL, CN=PolarSSL Test CA" - uses a RSA-2048 key - test-ca-sha1.crt and test-ca-sha256.crt use the same key, signed with - different hashes. -- test-ca2*.crt aka "C=NL, O=PolarSSL, CN=Polarssl Test EC CA" - uses an EC key with NIST P-384 (aka secp384r1) - variants used to test the keyUsage extension -The files test-ca_cat12 and test-ca_cat21 contain them concatenated both ways. - -Two intermediate CAs are signed by them: -- test-int-ca.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA" - uses RSA-4096, signed by test-ca2 - - test-int-ca-exp.crt is a copy that is expired -- test-int-ca2.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA" - uses an EC key with NIST P-384, signed by test-ca - -A third intermediate CA is signed by test-int-ca2.crt: -- test-int-ca3.crt "C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3" - uses an EC key with NIST P-256, signed by test-int-ca2 - -Finally, other CAs for specific purposes: -- enco-ca-prstr.pem: has its CN encoded as a printable string, but child cert - enco-cert-utf8str.pem has its issuer's CN encoded as a UTF-8 string. -- test-ca-v1.crt: v1 "CA", signs - server1-v1.crt: v1 "intermediate CA", signs - server2-v1*.crt: EE cert (without of with chain in same file) -- keyUsage.decipherOnly.crt: has the decipherOnly keyUsage bit set - -End-entity certificates ------------------------ - -Short information fields: - -- name or pattern -- issuing CA: 1 -> test-ca.crt - 2 -> test-ca2.crt - I1 -> test-int-ca.crt - I2 -> test-int-ca2.crt - I3 -> test-int-ca3.crt - O -> other -- key type: R -> RSA, E -> EC -- C -> there is a CRL revoking this cert (see below) -- L -> CN=localhost (useful for local test servers) -- P1, P2 if the file includes parent (resp. parent + grandparent) -- free-form comments - -List of certificates: - -- cert_example_multi*.crt: 1/O R: subjectAltName -- cert_example_wildcard.crt: 1 R: wildcard in subject's CN -- cert_md*.crt, cert_sha*.crt: 1 R: signature hash -- cert_v1_with_ext.crt: 1 R: v1 with extensions (illegal) -- cli2.crt: 2 E: basic -- cli-rsa.key, cli-rsa-*.crt: RSA key used for test clients, signed by - the RSA test CA. -- enco-cert-utf8str.pem: see enco-ca-prstr.pem above -- server1*.crt: 1* R C* P1*: misc *(server1-v1 see test-ca-v1.crt above) - *CRL for: .cert_type.crt, .crt, .key_usage.crt, .v1.crt - P1 only for _ca.crt -- server2-v1*.crt: O R: see test-ca-v1.crt above -- server2*.crt: 1 R L: misc -- server3.crt: 1 E L: EC cert signed by RSA CA -- server4.crt: 2 R L: RSA cert signed by EC CA -- server5*.crt: 2* E L: misc *(except -selfsigned and -ss-*) - -sha*: hashes - .eku*: extendeKeyUsage (cli/srv = www client/server, cs = codesign, etc) - .ku*: keyUsage (ds = signatures, ke/ka = key exchange/agreement) - .req*: CSR, not certificate - -der*: trailing bytes in der (?) - -badsign.crt: S5 with corrupted signature - -expired.crt: S5 with "not after" date in the past - -future.crt: S5 with "not before" date in the future - -selfsigned.crt: Self-signed cert with S5 key - -ss-expired.crt: Self-signed cert with S5 key, expired - -ss-forgeca.crt: Copy of test-int-ca3 self-signed with S5 key -- server6-ss-child.crt: O E: "child" of non-CA server5-selfsigned -- server6.crt, server6.pem: 2 E L C: revoked -- server7.crt: I1 E L P1(usually): EC signed by RSA signed by EC - -badsign.crt: S7 with corrupted signature + I1 - -expired.crt: S7 with "not after" date in the past + I1 - -future.crt: S7 with "not before" date in the future + I1 - _int-ca-exp.crt: S7 + expired I1 - _int-ca.crt: S7 + I1 - _int-ca_ca2.crt: S7 + I1 + 2 - _all_space.crt: S7 + I1 both with misplaced spaces (invalid PEM) - _pem_space.crt: S7 with misplace space (invalid PEM) + I1 - _trailing_space.crt: S7 + I1 both with trainling space (valid PEM) - _spurious_int-ca.crt: S7 + I2(spurious) + I1 -- server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2) -- server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS - *CRL for: 9.crt, -badsign, -with-ca (P1) -- server10.crt: I3 E L - -badsign.crt: S10 with corrupted signature - -bs_int3.pem: S10-badsign + I3 - _int3-bs.pem: S10 + I3-badsign - _int3_int-ca2.crt: S10 + I3 + I2 - _int3_int-ca2_ca.crt: S10 + I3 + I2 + 1 - _int3_spurious_int-ca2.crt: S10 + I3 + I1(spurious) + I2 - -Certificate revocation lists ----------------------------- - -Signing CA in parentheses (same meaning as certificates). - -- crl-ec-sha*.pem: (2) server6.crt -- crl-future.pem: (2) server6.crt + unknown -- crl-rsa-pss-*.pem: (1) server9{,badsign,with-ca}.crt + cert_sha384.crt + unknown -- crl.pem, crl_expired.pem: (1) server1{,.cert_type,.key_usage,.v1}.crt + unknown -- crl_md*.pem: crl_sha*.pem: (1) same as crl.pem -- crt_cat_*.pem: (1+2) concatenations in various orders: - ec = crl-ec-sha256.pem, ecfut = crl-future.pem - rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem - -Note: crl_future would revoke server9 and cert_sha384.crt if signed by CA 1 - crl-rsa-pss* would revoke server6.crt if signed by CA 2 - -Generation ----------- - -Newer test files have been generated through commands in the Makefile. The -resulting files are committed to the repository so that the tests can -run without having to re-do the generation and so that the output is the -same for everyone (the generation process is randomized). - -The origin of older certificates has not been recorded. diff --git a/tests/data_files/bitstring-in-dn.pem b/tests/data_files/bitstring-in-dn.pem deleted file mode 100644 index 1a98aa3ac..000000000 --- a/tests/data_files/bitstring-in-dn.pem +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEATCCAumgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBxMRMwEQYDVQQDDApUZXN0 -IENBIDAxMREwDwYDVQQIDAhFY25pdm9ycDELMAkGA1UEBhMCWFgxHjAcBgkqhkiG -9w0BCQEWD3RjYUBleGFtcGxlLmNvbTEaMBgGA1UECgwRVGVzdCBDQSBBdXRob3Jp -dHkwHhcNMTUwMzExMTIwNjUxWhcNMjUwMzA4MTIwNjUxWjCBmzELMAkGA1UEBhMC -WFgxDDAKBgNVBAoMA3RjYTERMA8GA1UECAwIRWNuaXZvcnAxDDAKBgNVBAsMA1RD -QTEPMA0GA1UEAwwGQ2xpZW50MSEwHwYJKoZIhvcNAQkBFhJjbGllbnRAZXhhbXBs -ZS5jb20xEzARBgNVBAUTCjcxMDEwMTIyNTUxFDASBgNVBC0DCwA3MTAxMDEyMjU1 -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQS0JLb8Dqy8V2mszkWk -V8c/NPQcG3ivueXZHqOT9JTiPqrigGcLHtlmlaJ0aUUxix7q60aOds041TFyeknT -SUFYY4ppOhiP+fOpWKPv4ZMwhSI2XzcgYhQSNHV0lIG1we9RAAfumomDMq7oMJhb -EGf0ihibbwZXPUwBlm10GaB4K93PNY8Bz4ekBxzQ1WJkQ5LGsQnVZSuLnvp5dWSe -J2axxyY4hPXR30jzEyZvy4kv4nzAu5lqZ5XKLrRO4TKwZrtr+CCPVkPJRE36rWYt -tQaJEEpNOo0ZPpTtG6F8/tGh5r8jFx/f6wG+nyANJJ98kEP8i6TPjRrg+697mLcd -iQIDAQABo3kwdzAJBgNVHRMEAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9j -cmwuZXhhbXBsZS5jb20vdGVzdF9jYV8wMS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUH -AwIwHQYDVR0RBBYwFIESY2xpZW50QGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUA -A4IBAQBySELCnU8/PtGIG3dwhJENOSU5R7w8jpRXxHCuSBR+W6nuUCISz+z+EdF/ -A7AOJDASuS+4gkrSSmQhGFpf7E5VbF8trVZhLAZrXqKMcUreKH6v0I8MAUXmIs3G -tqiBGf7pSYJN9DvVOOgANjdy6THuUzYv5qSvBZ4pNYEfHSlMNrV7niynd8dgPOML -pA7GUfv5k2mMkMbSD15pTMgcavrBKYgyqcvF1C3qghfoL5+i38H8sKzF8hy7wHtE -ESHtBq20RYA3m0UcA0e64GcanO2Ps/AQVBc7qMeHbqnqj3uUhtTkQcMUWnMgy1NR -5RbzoLMOxq7hoOCyIaQeM/wgxeGE ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAnQS0JLb8Dqy8V2mszkWkV8c/NPQcG3ivueXZHqOT9JTiPqri -gGcLHtlmlaJ0aUUxix7q60aOds041TFyeknTSUFYY4ppOhiP+fOpWKPv4ZMwhSI2 -XzcgYhQSNHV0lIG1we9RAAfumomDMq7oMJhbEGf0ihibbwZXPUwBlm10GaB4K93P -NY8Bz4ekBxzQ1WJkQ5LGsQnVZSuLnvp5dWSeJ2axxyY4hPXR30jzEyZvy4kv4nzA -u5lqZ5XKLrRO4TKwZrtr+CCPVkPJRE36rWYttQaJEEpNOo0ZPpTtG6F8/tGh5r8j -Fx/f6wG+nyANJJ98kEP8i6TPjRrg+697mLcdiQIDAQABAoIBAF7i3MnjGmbz080v -OxJb23iAG54wdlvTjr3UPGTbjSmcXyxnsADQRFQcJHYAekCzY8EiqewL80OvuMx8 -2SU1P81hA70Dg5tsBHWT3Z6HUwsKG6QYjKr1cUhTwLyazhyAVgogSN6v7GzO9M3I -DOBw8Xb0mz5oqGVre4S7TapN8n8ZG5oWm0XKGACXy0KbzY0KvWdkUzumFQ8X/ARE -FsWyu+O69EbMqZRUKu45SrcubsdVGjOwseZHkmp5V6pc6Q/OrTHZqXJtDva5UIRq -+Lof5scy9jiwwRnM/klvh23mz0ySU4YA3645m5KqyWR4YJCR1MnMANmXUSeYWfYz -19+R1gECgYEAzm83lI7eIhTH38H0/jFpf3R7vNjPX3TR5waa4EXsCxhTOpoL89mR -iNmzH0aOC4OR8rz/9PCnwmtH1lyQ4r/RokBmCp3pBxeWSlenFfV3rLCeEDo0Q/OL -SX5DL4IbZD0VmNDt606WS7AEv93GhpN03Anw6kgHQUm1l030PR9DYZECgYEAwrgO -/RyB/Ehw7smlysZb2sn1lvd6z8fg+pcu8ZNRKODaYCCOb8p1lnHrnIQdEmjhlmVp -HAEuJ5jxCb+lyruV+dlx+0W/p6lHtKr0iBHG8EFkHnjN6Y+59Qu0HfSm0pZw7Ftr -QcUDPuDJkTVUAvrZqciWlwzTWCC9KYXtasT+AHkCgYEAnP80dAUbpyvKvr/RxShr -JYW/PWZegChmIp+BViOXWvDLC3xwrqm+5yc59QVBrjwH2WYn+26zB0dzwPFxNyHP -GuiDMnvZ54zmve9foXGn7Gv+KjU53pvwSJqAGjeHAXr7W9c5uoVwBGv/kLPn8h1e -+KGO2X6iFeMq+cFNiNan9iECgYBj+oGnsKWFVeS2ls8LyMGNGzmAZF2opiZ8RHgU -DeIULS+zP8Qi3j92GdQyLxuGQlfiEvvfJzP9nOfWa5LC/4JIIUAHFo8LlT1+JHEe -FJKi9dBkXP7NN8DxcyruXpnxctFUarQttuytslmMt2cFiKuOI7I+qJUzoMu/sEZx -FeidcQKBgQCuralmtbl4nxjn3aR/ZgFTAKCL9WaJPh5hFJ9q4UuWxJdBX5z3Ey3/ -70ehLKYPumjmZtXynzz4BTWj1W9X+tgj/499uzV6LdQERGjT6WVy8xR9RELWW0an -N9N1IAc4qTSjbI4EIMwMBSAoFfCux/jfDkG4g+RDnpV92sqxz2CtKg== ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/tests/data_files/cert_example_multi.crt b/tests/data_files/cert_example_multi.crt deleted file mode 100644 index c1e19987a..000000000 --- a/tests/data_files/cert_example_multi.crt +++ /dev/null @@ -1,80 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 17 (0x11) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: May 10 13:23:41 2012 GMT - Not After : May 11 13:23:41 2022 GMT - Subject: C=NL, O=PolarSSL, CN=www.example.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - X509v3 Subject Alternative Name: - DNS:example.com, DNS:example.net, DNS:*.example.org - Signature Algorithm: sha1WithRSAEncryption - 4f:09:cb:7a:d5:ee:f5:ef:62:0d:dc:7b:a2:85:d6:8c:ca:95: - b4:6b:da:11:5b:92:00:75:13:b9:ca:0b:ce:ea:fb:c3:1f:e2: - 3f:7f:21:74:79:e2:e6:bc:da:06:e5:2f:6f:f6:55:c6:73:39: - cf:48:bc:0d:2f:0c:d2:7a:06:c3:4a:4c:d9:48:5d:a0:d0:73: - 89:e4:d4:85:1d:96:9a:0e:57:99:c6:6f:1d:21:27:1f:8d:05: - 29:e8:40:ae:82:39:68:c3:97:07:cf:3c:93:4c:1a:df:2f:a6: - a4:55:48:7f:7c:8c:1a:c9:22:da:24:cd:92:39:c6:8a:ec:b0: - 8d:f5:69:82:67:cb:04:ee:de:53:41:96:c1:27:dc:2f:fe:33: - fa:d3:0e:b8:d4:32:a9:84:28:53:a5:f0:d1:89:d5:a2:98:e7: - 16:91:bb:9c:c0:41:8e:8c:58:ac:ff:e3:dd:2e:7a:ab:b0:b9: - 71:76:ad:0f:27:33:f7:a9:29:d3:c0:76:c0:bf:06:40:7c:0e: - d5:a4:7c:8a:e2:32:6e:16:ae:da:64:1f:b0:55:7c:db:dd:f1: - a4:ba:44:7c:b3:99:58:d2:34:6e:00:ea:97:6c:14:3a:f2:10: - 1e:0a:a2:49:10:76:01:f4:f2:c8:18:fd:cc:63:46:12:8b:09: - 1b:f1:94:e6 ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIBETANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTIwNTEwMTMyMzQxWhcNMjIwNTExMTMyMzQxWjA6MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGDAWBgNVBAMTD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALk8SsXIo46QF6SeUqpxdSZhgOfHtW2M -/6q2QSa3vhGtXHMWDGQRSAT/1uE7BduJu7OXCdUcFN1ohzmwPXHL4nbQGtgYLYAb -VPblRJrxy69hLt9JDZ0Jt+2x/Tz9PPokz12/fORT5yW16kQi6SbT6iCUnuZhZ7ou -B2cLAy+iCe3wM48LzhDvZ6TGCNrB7cI/10rdFT35XhyBYEY+tbM9L6beRxy8kq7r -3ydrFla33OzRVVelbux1JfW3e9+r0jpakZh9lxcLEwqna0qLwUcw+zr4QQTVwd+4 -Hb97AaVlouAeNremXMwwWvjNb83xGWIlygHjNX/6IPXc/WmyagB9F/cCAwEAAaOB -gTB/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFH3knGvm+XF9RtISPa1rHf3CqnhMMB8G -A1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MDIGA1UdEQQrMCmCC2V4YW1w -bGUuY29tggtleGFtcGxlLm5ldIINKi5leGFtcGxlLm9yZzANBgkqhkiG9w0BAQUF -AAOCAQEATwnLetXu9e9iDdx7ooXWjMqVtGvaEVuSAHUTucoLzur7wx/iP38hdHni -5rzaBuUvb/ZVxnM5z0i8DS8M0noGw0pM2UhdoNBzieTUhR2Wmg5XmcZvHSEnH40F -KehAroI5aMOXB888k0wa3y+mpFVIf3yMGski2iTNkjnGiuywjfVpgmfLBO7eU0GW -wSfcL/4z+tMOuNQyqYQoU6Xw0YnVopjnFpG7nMBBjoxYrP/j3S56q7C5cXatDycz -96kp08B2wL8GQHwO1aR8iuIybhau2mQfsFV8293xpLpEfLOZWNI0bgDql2wUOvIQ -HgqiSRB2AfTyyBj9zGNGEosJG/GU5g== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_example_multi_nocn.crt b/tests/data_files/cert_example_multi_nocn.crt deleted file mode 100644 index 1634846e1..000000000 --- a/tests/data_files/cert_example_multi_nocn.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV -BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE -BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt -WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz -UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ -81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD -AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 -dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB -ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB -bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm -EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 ------END CERTIFICATE----- diff --git a/tests/data_files/cert_example_wildcard.crt b/tests/data_files/cert_example_wildcard.crt deleted file mode 100644 index 4895e8a03..000000000 --- a/tests/data_files/cert_example_wildcard.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 12 (0xc) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 7 16:06:36 2012 GMT - Not After : Feb 7 16:06:36 2022 GMT - Subject: C=NL, O=PolarSSL, CN=*.example.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: sha1WithRSAEncryption - 91:b3:84:5c:5d:60:f2:a5:0a:4a:dc:d6:c6:75:da:34:52:72: - 6c:0e:60:4f:ef:0e:55:f3:4b:bf:d0:40:e7:91:2c:a7:94:8f: - 3d:db:0a:ec:b2:f5:83:a7:a1:33:61:96:37:57:14:80:5b:e7: - bc:e1:d3:2c:36:32:6f:ef:7a:00:99:33:15:fc:38:20:df:74: - 7d:3d:0f:81:d0:b4:fd:b6:46:f1:c5:b8:bc:de:74:a2:41:a7: - c8:51:da:20:12:82:3e:0c:8c:48:da:19:b6:52:e9:4f:67:c1: - 28:9e:20:b6:ce:be:89:bd:64:d7:05:3e:87:af:ba:2b:5d:aa: - fe:62:66:fb:a6:75:ad:89:a1:18:e8:78:54:ea:df:0a:85:e9: - 32:32:a8:1a:cd:35:81:f8:a8:da:d1:16:8a:63:e7:67:da:6e: - e1:3b:1c:31:20:99:ee:e2:b2:fb:82:c5:21:e2:63:4c:61:15: - 4d:53:ad:dd:15:7f:0b:b6:33:43:ad:27:8a:b1:af:93:17:72: - c4:be:31:26:93:3c:7d:fc:d5:3d:cf:0b:be:c5:7b:e9:b4:f8: - f3:30:f2:f5:a2:27:eb:9a:71:fc:7f:79:5e:88:c5:a6:2d:33: - 57:ba:38:06:e6:ad:0b:96:97:9d:cc:94:7b:83:09:17:a6:ee: - ce:bb:0f:36 ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIBDDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTIwMjA3MTYwNjM2WhcNMjIwMjA3MTYwNjM2WjA4MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxFjAUBgNVBAMUDSouZXhhbXBsZS5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5PErFyKOOkBeknlKqcXUmYYDnx7VtjP+q -tkEmt74RrVxzFgxkEUgE/9bhOwXbibuzlwnVHBTdaIc5sD1xy+J20BrYGC2AG1T2 -5USa8cuvYS7fSQ2dCbftsf08/Tz6JM9dv3zkU+cltepEIukm0+oglJ7mYWe6Lgdn -CwMvognt8DOPC84Q72ekxgjawe3CP9dK3RU9+V4cgWBGPrWzPS+m3kccvJKu698n -axZWt9zs0VVXpW7sdSX1t3vfq9I6WpGYfZcXCxMKp2tKi8FHMPs6+EEE1cHfuB2/ -ewGlZaLgHja3plzMMFr4zW/N8RliJcoB4zV/+iD13P1psmoAfRf3AgMBAAGjTTBL -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFH3knGvm+XF9RtISPa1rHf3CqnhMMB8GA1Ud -IwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQCR -s4RcXWDypQpK3NbGddo0UnJsDmBP7w5V80u/0EDnkSynlI892wrssvWDp6EzYZY3 -VxSAW+e84dMsNjJv73oAmTMV/Dgg33R9PQ+B0LT9tkbxxbi83nSiQafIUdogEoI+ -DIxI2hm2UulPZ8EoniC2zr6JvWTXBT6Hr7orXar+Ymb7pnWtiaEY6HhU6t8Kheky -MqgazTWB+Kja0RaKY+dn2m7hOxwxIJnu4rL7gsUh4mNMYRVNU63dFX8LtjNDrSeK -sa+TF3LEvjEmkzx9/NU9zwu+xXvptPjzMPL1oifrmnH8f3leiMWmLTNXujgG5q0L -lpedzJR7gwkXpu7Ouw82 ------END CERTIFICATE----- diff --git a/tests/data_files/cert_md2.crt b/tests/data_files/cert_md2.crt deleted file mode 100644 index bfea77b6f..000000000 --- a/tests/data_files/cert_md2.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 9 (0x9) - Signature Algorithm: md2WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Jul 12 10:56:59 2009 GMT - Not After : Jul 12 10:56:59 2011 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:dc:13:74:81:c6:12:f6:67:5d:a1:66:72:ed:dc: - 79:b6:58:5c:32:58:b3:d4:14:fd:6c:02:61:9e:0b: - 99:46:63:a3:0a:41:d4:42:33:21:e6:ed:43:07:5a: - 1d:a2:3b:64:29:a8:2a:c1:66:28:00:59:d8:0c:49: - 2d:30:b7:3d:8c:bb:60:62:31:83:27:7f:4b:95:92: - 2e:a0:d6:c6:84:94:4b:b3:e4:a6:cc:ff:32:3a:c5: - ec:4c:c9:24:58:bf:b3:33:77:6a:b5:17:8b:02:10: - 29:8e:95:aa:91:60:17:43:42:87:a8:7c:da:09:83: - 98:9d:7a:65:5e:20:52:07:2e:65:a5:31:fd:d9:74: - 1e:00:c9:ae:9d:81:56:8b:08:0a:f5:1e:9c:dc:a2: - 5e:6c:db:ff:11:83:15:f4:d1:24:57:9b:0f:eb:35: - c9:f1:aa:46:4e:74:7f:fe:1d:b0:91:1f:89:4a:84: - cb:df:75:e3:cd:77:82:62:09:e5:9f:6d:29:de:2e: - 25:d8:48:b6:20:be:51:97:4c:2d:20:65:2d:2a:50: - 9e:24:5d:72:95:e0:a2:06:41:8c:61:e4:50:57:74: - 96:b1:29:b5:a1:88:37:f1:5c:9e:b2:9e:8e:83:8d: - 72:3b:b5:5c:fe:bb:12:89:72:5c:a1:f9:d8:18:29: - b2:27 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - B7:51:D4:E5:20:D5:45:54:F4:C5:51:1B:E0:82:B5:61:05:AF:9B:B6 - X509v3 Authority Key Identifier: - keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21 - - Signature Algorithm: md2WithRSAEncryption - 28:5a:dd:48:fb:ec:80:fe:de:b7:20:c0:4c:05:a9:4b:51:e9: - a7:d1:4b:5e:76:42:d2:5d:9a:14:19:3b:cb:f9:91:d7:0f:11: - c9:cd:dd:00:8b:2c:76:73:22:a0:19:49:81:63:40:30:48:27: - 62:90:ca:b8:dc:33:35:b3:4b:58:ca:dc:07:66:87:2e:ea:44: - 2a:6a:13:67:7a:32:5e:48:1d:88:88:c5:70:e6:e7:ec:1b:2f: - a7:f4:61:71:29:f6:66:93:30:60:7e:b3:4c:01:c8:2c:53:ce: - 00:11:ec:bf:f6:f2:ce:51:97:d8:ed:ed:dc:c9:6b:b8:19:15: - c8:9a:61:6d:12:9a:99:25:d8:03:1d:a6:4c:20:a5:f8:46:a3: - 05:32:bb:1a:8e:1a:65:0d:f3:13:35:1d:6f:73:28:31:12:d7: - c4:9e:73:a0:a7:ce:82:25:d1:40:e8:1b:77:60:f3:3e:81:7f: - 19:ee:cf:97:4d:c8:c3:35:9b:72:98:3b:c3:35:43:14:0a:04: - 21:7b:f7:db:e6:5f:ce:21:d1:ce:bf:b7:ef:c1:63:21:c2:78: - e1:37:aa:b1:e0:31:b3:b6:63:4c:fd:66:c8:e6:cf:f8:d9:97: - 2f:cf:92:81:3f:d4:bf:ec:e2:ad:6e:39:c7:a6:a8:e0:32:b0: - 2e:0d:e1:30 ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MDkwNzEyMTA1NjU5WhcNMTEwNzEyMTA1NjU5WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BN0gcYS9mddoWZy7dx5tlhcMliz -1BT9bAJhnguZRmOjCkHUQjMh5u1DB1odojtkKagqwWYoAFnYDEktMLc9jLtgYjGD -J39LlZIuoNbGhJRLs+SmzP8yOsXsTMkkWL+zM3dqtReLAhApjpWqkWAXQ0KHqHza -CYOYnXplXiBSBy5lpTH92XQeAMmunYFWiwgK9R6c3KJebNv/EYMV9NEkV5sP6zXJ -8apGTnR//h2wkR+JSoTL33XjzXeCYgnln20p3i4l2Ei2IL5Rl0wtIGUtKlCeJF1y -leCiBkGMYeRQV3SWsSm1oYg38Vyesp6Og41yO7Vc/rsSiXJcofnYGCmyJwIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBS3UdTlINVFVPTFURvggrVhBa+btjAf -BgNVHSMEGDAWgBTPIjEnkdjCVP8e2tnuisWJMq0MITANBgkqhkiG9w0BAQIFAAOC -AQEAKFrdSPvsgP7etyDATAWpS1Hpp9FLXnZC0l2aFBk7y/mR1w8Ryc3dAIssdnMi -oBlJgWNAMEgnYpDKuNwzNbNLWMrcB2aHLupEKmoTZ3oyXkgdiIjFcObn7Bsvp/Rh -cSn2ZpMwYH6zTAHILFPOABHsv/byzlGX2O3t3MlruBkVyJphbRKamSXYAx2mTCCl -+EajBTK7Go4aZQ3zEzUdb3MoMRLXxJ5zoKfOgiXRQOgbd2DzPoF/Ge7Pl03IwzWb -cpg7wzVDFAoEIXv32+ZfziHRzr+378FjIcJ44TeqseAxs7ZjTP1myObP+NmXL8+S -gT/Uv+zirW45x6ao4DKwLg3hMA== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_md4.crt b/tests/data_files/cert_md4.crt deleted file mode 100644 index 16f166b81..000000000 --- a/tests/data_files/cert_md4.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 5 (0x5) - Signature Algorithm: md4WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: md4WithRSAEncryption - 94:db:e1:86:71:2d:43:d6:51:61:a7:95:bc:e8:73:da:ff:e4: - fd:41:0f:5c:de:14:f4:c4:ba:5d:2c:30:2c:a6:dc:2d:e8:87: - 45:f1:c5:fe:d1:4a:64:99:19:09:2f:72:7c:3f:8d:c8:31:22: - dd:0a:69:03:3d:12:8c:4d:c3:f7:a3:c5:d1:5d:c9:ff:4b:83: - 6b:d6:b4:e5:d8:ce:94:5e:ec:bf:68:c5:b2:63:8e:5c:cb:f3: - 8d:62:73:82:62:7e:df:db:7d:0b:8d:21:10:db:9a:a1:62:4d: - 46:42:d1:bb:38:32:ef:c1:fc:a1:e2:7f:60:08:37:32:20:2c: - 7c:a2:c9:12:0d:89:fe:2b:15:08:91:79:e2:a9:79:a4:da:cd: - 81:43:01:e2:09:2d:1a:f4:16:ef:af:4d:50:46:5e:2d:dd:48: - 27:10:c0:42:b7:a5:9e:c2:1f:6e:50:36:03:ed:95:77:9a:a3: - d9:4c:d7:23:93:b1:24:2a:63:27:28:7a:de:3d:59:d2:92:c8: - 8f:f6:39:1d:65:ab:09:78:05:46:90:a9:f6:10:b1:ef:c8:8c: - 4d:7d:8d:f2:78:b7:88:15:09:7e:df:e9:87:a8:64:c1:95:53: - fb:da:05:b7:62:bc:ad:fb:d9:a4:a9:06:6c:6b:98:01:b9:39: - 78:d3:4e:87 ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1 -bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2Bgt -gBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFn -ui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLyS -ruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB -37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4TDAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC -AQEAlNvhhnEtQ9ZRYaeVvOhz2v/k/UEPXN4U9MS6XSwwLKbcLeiHRfHF/tFKZJkZ -CS9yfD+NyDEi3QppAz0SjE3D96PF0V3J/0uDa9a05djOlF7sv2jFsmOOXMvzjWJz -gmJ+39t9C40hENuaoWJNRkLRuzgy78H8oeJ/YAg3MiAsfKLJEg2J/isVCJF54ql5 -pNrNgUMB4gktGvQW769NUEZeLd1IJxDAQrelnsIfblA2A+2Vd5qj2UzXI5OxJCpj -Jyh63j1Z0pLIj/Y5HWWrCXgFRpCp9hCx78iMTX2N8ni3iBUJft/ph6hkwZVT+9oF -t2K8rfvZpKkGbGuYAbk5eNNOhw== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_md5.crt b/tests/data_files/cert_md5.crt deleted file mode 100644 index 13d43f1ac..000000000 --- a/tests/data_files/cert_md5.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6 (0x6) - Signature Algorithm: md5WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: md5WithRSAEncryption - 92:13:81:0c:ff:ac:ab:98:52:6c:28:c9:c6:3e:80:c6:ec:77: - d0:13:e1:a2:29:1d:2f:b7:c5:95:41:83:60:d9:50:9c:d0:d6: - 09:f7:0f:97:cd:c0:e6:b2:68:fa:31:c9:2a:a3:d3:1e:53:ae: - 79:dc:35:ba:b0:d9:e5:7a:37:1b:2a:92:fa:d2:59:90:43:1b: - 6a:91:c1:db:36:da:e9:39:d3:f5:ac:e3:46:01:ca:55:04:17: - 1a:b1:97:28:e8:ff:1b:e7:e1:10:c9:b5:31:d8:ce:a6:89:6a: - 4a:df:78:7b:02:2f:83:b3:41:d5:ef:0b:b6:44:ff:32:a6:cf: - 1b:c2:f4:b0:75:66:a9:da:6f:7c:a5:e3:c6:c1:3a:2f:bf:f8: - 12:6f:04:2c:37:f2:4e:fc:b9:09:ff:a4:5b:40:19:e9:58:91: - 64:82:d6:ad:b9:7f:c0:12:c2:ce:b7:b6:ba:fb:10:a2:3f:74: - 97:10:39:d4:dc:4a:e5:5c:f7:e5:3a:d9:68:d7:17:6b:f5:51: - 08:b4:a2:30:0d:cc:36:10:6d:4e:1d:22:cc:48:d1:38:44:ba: - cc:2b:47:99:f7:c6:8b:41:24:f3:f1:2c:10:1a:f2:88:bb:b2: - e0:fd:44:26:3d:ad:ea:af:1d:d0:00:56:41:4e:f4:b0:3b:9d: - 32:6f:48:c7 ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBBjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQ1MIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1 -bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2Bgt -gBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFn -ui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLyS -ruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB -37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4TDAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQQFAAOC -AQEAkhOBDP+sq5hSbCjJxj6Axux30BPhoikdL7fFlUGDYNlQnNDWCfcPl83A5rJo -+jHJKqPTHlOuedw1urDZ5Xo3GyqS+tJZkEMbapHB2zba6TnT9azjRgHKVQQXGrGX -KOj/G+fhEMm1MdjOpolqSt94ewIvg7NB1e8LtkT/MqbPG8L0sHVmqdpvfKXjxsE6 -L7/4Em8ELDfyTvy5Cf+kW0AZ6ViRZILWrbl/wBLCzre2uvsQoj90lxA51NxK5Vz3 -5TrZaNcXa/VRCLSiMA3MNhBtTh0izEjROES6zCtHmffGi0Ek8/EsEBryiLuy4P1E -Jj2t6q8d0ABWQU70sDudMm9Ixw== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_sha1.crt b/tests/data_files/cert_sha1.crt deleted file mode 100644 index 718b2f27e..000000000 --- a/tests/data_files/cert_sha1.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 7 (0x7) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: sha1WithRSAEncryption - 93:26:40:68:3d:e7:62:ea:d1:6a:78:2b:c2:07:f3:0d:3b:f6: - 69:18:cd:08:5e:31:e7:48:60:08:2a:46:b6:de:d1:35:0a:ec: - 31:36:83:7d:eb:7c:d8:63:09:c3:e4:c5:10:ca:7c:7b:2f:20: - 4d:d2:0e:5f:ee:09:e3:84:4f:28:cc:08:74:9a:11:23:5f:de: - 0e:3a:0f:8b:2d:64:91:05:f6:d5:c7:30:c8:20:ee:6c:c4:62: - 7c:8d:a8:4d:2e:70:8c:ac:b5:5d:de:9b:10:5c:98:fd:a1:78: - 9b:9c:f0:73:33:de:2f:8c:59:fa:dc:af:4c:df:97:e3:9d:00: - 37:9a:fa:d3:67:77:b9:2f:b9:4a:23:ad:f9:b4:a1:b7:ac:c5: - a8:0f:62:8c:e6:7e:b4:94:2a:db:f2:fc:52:92:a4:9e:4e:51: - 4f:9d:c0:ce:ae:3d:17:1c:94:6c:5f:e8:16:b5:ce:2e:e2:5a: - cf:6a:db:dd:b0:d4:be:62:a5:46:92:30:7c:7c:fc:05:f8:78: - 30:93:30:28:ab:69:a1:72:31:dc:3b:97:63:3a:5b:b3:e1:34: - 86:80:4a:28:f5:dc:d5:84:8c:13:a4:6c:d2:c1:2d:a6:25:d7: - 6f:c9:93:78:a5:16:ba:d9:17:6e:3e:ca:96:f2:9e:5c:e3:ae: - 12:2e:a5:11 ------BEGIN CERTIFICATE----- -MIIDQDCCAiigAwIBAgIBBzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA9MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGzAZBgNVBAMTElBvbGFyU1NMIENlcnQgU0hBMTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALk8SsXIo46QF6SeUqpxdSZhgOfH -tW2M/6q2QSa3vhGtXHMWDGQRSAT/1uE7BduJu7OXCdUcFN1ohzmwPXHL4nbQGtgY -LYAbVPblRJrxy69hLt9JDZ0Jt+2x/Tz9PPokz12/fORT5yW16kQi6SbT6iCUnuZh -Z7ouB2cLAy+iCe3wM48LzhDvZ6TGCNrB7cI/10rdFT35XhyBYEY+tbM9L6beRxy8 -kq7r3ydrFla33OzRVVelbux1JfW3e9+r0jpakZh9lxcLEwqna0qLwUcw+zr4QQTV -wd+4Hb97AaVlouAeNremXMwwWvjNb83xGWIlygHjNX/6IPXc/WmyagB9F/cCAwEA -AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUfeSca+b5cX1G0hI9rWsd/cKqeEww -HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD -ggEBAJMmQGg952Lq0Wp4K8IH8w079mkYzQheMedIYAgqRrbe0TUK7DE2g33rfNhj -CcPkxRDKfHsvIE3SDl/uCeOETyjMCHSaESNf3g46D4stZJEF9tXHMMgg7mzEYnyN -qE0ucIystV3emxBcmP2heJuc8HMz3i+MWfrcr0zfl+OdADea+tNnd7kvuUojrfm0 -obesxagPYozmfrSUKtvy/FKSpJ5OUU+dwM6uPRcclGxf6Ba1zi7iWs9q292w1L5i -pUaSMHx8/AX4eDCTMCiraaFyMdw7l2M6W7PhNIaASij13NWEjBOkbNLBLaYl12/J -k3ilFrrZF24+ypbynlzjrhIupRE= ------END CERTIFICATE----- diff --git a/tests/data_files/cert_sha224.crt b/tests/data_files/cert_sha224.crt deleted file mode 100644 index 7283c28c0..000000000 --- a/tests/data_files/cert_sha224.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 8 (0x8) - Signature Algorithm: sha224WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: sha224WithRSAEncryption - b8:9b:0a:d1:b4:d1:a4:ce:05:39:42:7a:3b:7b:5e:fd:97:57: - 8a:36:60:42:39:d0:e6:0c:9c:7e:2f:2b:be:ef:e7:45:34:77: - 48:7a:10:4a:fd:76:ca:42:39:25:3c:fa:19:f8:63:6c:e7:36: - 27:9a:ec:06:ce:e4:f7:2c:2e:c6:36:c1:25:bd:ab:09:aa:e2: - da:4e:de:ae:b5:f5:ba:9e:90:24:52:34:96:96:61:4c:26:b5: - 57:65:b1:10:ed:13:2b:54:90:ce:d3:21:cb:8c:d3:4c:6c:e5: - e1:78:22:16:3f:e1:be:f1:ee:5d:39:48:a1:e6:80:46:f4:46: - f2:79:03:3e:f1:fc:51:47:d9:05:e8:85:81:1b:0b:4f:fa:85: - 9d:ce:e7:76:5a:6f:da:98:9f:43:f1:f3:2f:2f:57:28:aa:70: - 14:82:7f:d5:69:14:8c:f9:82:b6:2f:a6:df:b5:6b:0e:43:c9: - 96:91:64:3d:8b:a8:17:15:9a:88:42:a4:d0:90:c0:a3:a2:e1: - dd:f6:95:6d:3b:9d:71:a6:1e:9e:2c:1e:db:f6:5f:93:43:2c: - ed:53:70:55:50:56:df:cd:96:6c:d5:91:0f:b1:a7:f4:b7:17: - 9d:1f:0b:f6:0b:f8:fe:e7:7c:de:c1:20:b7:fc:69:13:ba:e2: - 61:9b:a5:62 ------BEGIN CERTIFICATE----- -MIIDQjCCAiqgAwIBAgIBCDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMjI0MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA -58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa -2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe -5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H -HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB -BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID -AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 -TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ4F -AAOCAQEAuJsK0bTRpM4FOUJ6O3te/ZdXijZgQjnQ5gycfi8rvu/nRTR3SHoQSv12 -ykI5JTz6GfhjbOc2J5rsBs7k9ywuxjbBJb2rCari2k7errX1up6QJFI0lpZhTCa1 -V2WxEO0TK1SQztMhy4zTTGzl4XgiFj/hvvHuXTlIoeaARvRG8nkDPvH8UUfZBeiF -gRsLT/qFnc7ndlpv2pifQ/HzLy9XKKpwFIJ/1WkUjPmCti+m37VrDkPJlpFkPYuo -FxWaiEKk0JDAo6Lh3faVbTudcaYeniwe2/Zfk0Ms7VNwVVBW382WbNWRD7Gn9LcX -nR8L9gv4/ud83sEgt/xpE7riYZulYg== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_sha256.crt b/tests/data_files/cert_sha256.crt deleted file mode 100644 index 03a752131..000000000 --- a/tests/data_files/cert_sha256.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 9 (0x9) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: sha256WithRSAEncryption - 69:ce:f9:a9:d5:e2:32:db:fe:a9:f9:92:7a:d6:76:37:05:51: - c9:e3:a1:03:72:b2:bc:2c:86:4b:31:16:02:10:e8:43:d4:c0: - 33:3c:4f:ea:9d:12:6b:57:51:bc:d7:d9:42:56:cf:c7:29:e7: - d7:52:24:49:29:ac:9c:de:8f:cc:ab:1a:a9:62:07:5a:6b:f7: - fb:19:ab:f5:b1:2c:a4:aa:dc:5d:03:73:17:7c:ea:52:44:80: - ca:70:d3:10:c5:2e:fd:9f:d2:0d:65:c4:f2:cc:ef:1b:18:e1: - 0a:08:4e:67:d0:56:7f:24:54:2e:73:31:b5:4d:22:74:f8:30: - f9:92:c4:64:c9:46:80:d4:e1:bd:d6:e7:26:ea:bb:c4:fe:6f: - a2:c5:10:e4:64:2f:b0:44:04:2c:b3:44:39:cf:b4:de:ac:83: - 43:5e:0b:ca:cd:fb:4e:18:e6:38:39:e7:10:3f:d6:59:17:e7: - 42:ef:00:e3:88:c6:43:bc:21:12:bf:20:a8:64:c6:30:dc:8c: - 6b:b8:6a:ce:6b:8a:22:3b:d8:af:0c:b4:bb:4d:be:96:dd:40: - d9:87:3e:95:2e:1a:27:23:62:e8:6e:bd:e0:89:d0:a7:28:16: - 95:ea:cb:89:a3:f7:7f:fb:0f:ac:ab:d6:a8:b4:cb:43:92:d9: - cb:3e:8a:11 ------BEGIN CERTIFICATE----- -MIIDQjCCAiqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMjU2MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA -58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa -2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe -5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H -HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB -BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID -AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 -TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsF -AAOCAQEAac75qdXiMtv+qfmSetZ2NwVRyeOhA3KyvCyGSzEWAhDoQ9TAMzxP6p0S -a1dRvNfZQlbPxynn11IkSSmsnN6PzKsaqWIHWmv3+xmr9bEspKrcXQNzF3zqUkSA -ynDTEMUu/Z/SDWXE8szvGxjhCghOZ9BWfyRULnMxtU0idPgw+ZLEZMlGgNThvdbn -Juq7xP5vosUQ5GQvsEQELLNEOc+03qyDQ14Lys37ThjmODnnED/WWRfnQu8A44jG -Q7whEr8gqGTGMNyMa7hqzmuKIjvYrwy0u02+lt1A2Yc+lS4aJyNi6G694InQpygW -lerLiaP3f/sPrKvWqLTLQ5LZyz6KEQ== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_sha384.crt b/tests/data_files/cert_sha384.crt deleted file mode 100644 index 73caac90d..000000000 --- a/tests/data_files/cert_sha384.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 10 (0xa) - Signature Algorithm: sha384WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: sha384WithRSAEncryption - 68:e6:03:f0:ba:44:e7:cc:e1:b2:07:6c:56:c8:be:b7:ba:80: - 61:c8:f9:66:57:e1:cb:60:7d:cd:8d:0f:66:b0:f2:61:45:fd: - fc:c8:93:95:bb:b4:14:00:76:c7:e1:57:a6:e2:60:31:8b:fc: - e1:0f:68:24:4c:bb:1d:c5:b6:77:ec:23:e1:5b:4f:10:6c:6a: - e0:6d:e7:34:f8:72:14:ae:16:57:25:8b:e8:b9:71:a1:d0:78: - ea:18:c1:51:c4:2e:26:6d:cb:80:8d:a5:b9:de:e7:37:c1:2b: - ec:e8:98:c6:f9:1a:bf:fe:a3:de:3d:d6:59:98:45:dc:4a:a6: - ad:0a:af:73:50:43:23:5a:9b:9a:f9:8f:ff:41:15:e5:9c:12: - 9e:29:55:5c:79:9c:89:0c:c8:8a:82:86:b1:96:ae:7c:7d:4f: - 0b:fd:e3:9e:8b:a5:4d:88:55:05:ad:6c:63:aa:74:0c:41:0d: - 47:22:cc:1a:45:02:92:5e:d1:e0:b9:31:52:ff:f6:30:f0:87: - 2c:dd:fa:fa:b9:cc:45:cb:36:33:5b:35:7f:5f:05:4f:e0:8f: - 9a:e4:d2:fa:c9:d4:fc:62:99:ac:59:fb:fd:04:bc:5a:c0:47: - 5e:5d:3d:df:31:8c:7f:dc:00:cb:cb:c0:f4:62:41:44:db:1d: - ba:c0:ad:8a ------BEGIN CERTIFICATE----- -MIIDQjCCAiqgAwIBAgIBCjANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMzg0MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA -58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa -2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe -5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H -HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB -BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID -AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 -TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQwF -AAOCAQEAaOYD8LpE58zhsgdsVsi+t7qAYcj5Zlfhy2B9zY0PZrDyYUX9/MiTlbu0 -FAB2x+FXpuJgMYv84Q9oJEy7HcW2d+wj4VtPEGxq4G3nNPhyFK4WVyWL6LlxodB4 -6hjBUcQuJm3LgI2lud7nN8Er7OiYxvkav/6j3j3WWZhF3EqmrQqvc1BDI1qbmvmP -/0EV5ZwSnilVXHmciQzIioKGsZaufH1PC/3jnoulTYhVBa1sY6p0DEENRyLMGkUC -kl7R4LkxUv/2MPCHLN36+rnMRcs2M1s1f18FT+CPmuTS+snU/GKZrFn7/QS8WsBH -Xl093zGMf9wAy8vA9GJBRNsdusCtig== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_sha512.crt b/tests/data_files/cert_sha512.crt deleted file mode 100644 index 4bb4eed03..000000000 --- a/tests/data_files/cert_sha512.crt +++ /dev/null @@ -1,77 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 11 (0xb) - Signature Algorithm: sha512WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:07 2011 GMT - Not After : Feb 12 14:44:07 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: - 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: - be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: - 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: - 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: - 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: - fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: - ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: - 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: - 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: - 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: - 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: - 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: - 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: - 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: - 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: - ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: - 17:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - - Signature Algorithm: sha512WithRSAEncryption - 84:68:78:72:54:00:bf:8a:45:28:35:be:18:47:d8:69:f6:67: - de:a6:f8:a6:d0:fd:9f:79:f7:e8:02:8a:c3:83:5d:85:45:cc: - b6:98:77:a7:18:3f:6b:d2:e4:d0:af:d5:52:d9:db:7e:4a:d3: - 68:b0:08:64:14:de:c2:3b:1d:7b:ac:79:ad:49:5a:4c:f6:d2: - 35:ef:a4:8c:b7:5b:d1:0b:7b:50:c6:9c:48:3e:96:3b:1b:0b: - 0e:e8:10:3f:8c:3b:4f:6b:1d:5c:3a:27:f3:43:22:ac:37:11: - 71:b8:07:66:b0:f8:71:c3:22:cf:f4:96:83:93:fb:42:b0:1a: - 43:f9:4b:df:cb:5f:0f:ba:9e:80:f1:ff:08:3a:46:51:dc:d0: - 36:bd:b1:c4:ca:fb:00:12:e7:e0:37:70:40:0e:73:19:63:c2: - e5:da:56:77:07:68:a5:40:9e:d6:0f:ad:b5:b3:b2:f5:3f:01: - e8:68:e7:a3:b0:d7:f3:dd:ff:b6:d7:8f:75:4e:25:ab:12:32: - 99:45:ad:57:40:de:d7:b4:0d:d0:c3:66:89:47:f2:0c:b2:b5: - df:52:0e:fa:63:62:65:89:07:4a:80:69:0e:4e:ba:c0:43:5d: - 05:75:22:cf:50:f9:ac:bd:ef:8d:8c:10:08:b6:8b:62:4f:a1: - 60:55:a3:0d ------BEGIN CERTIFICATE----- -MIIDQjCCAiqgAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBNTEyMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA -58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa -2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe -5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H -HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB -BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID -AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 -TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ0F -AAOCAQEAhGh4clQAv4pFKDW+GEfYafZn3qb4ptD9n3n36AKKw4NdhUXMtph3pxg/ -a9Lk0K/VUtnbfkrTaLAIZBTewjsde6x5rUlaTPbSNe+kjLdb0Qt7UMacSD6WOxsL -DugQP4w7T2sdXDon80MirDcRcbgHZrD4ccMiz/SWg5P7QrAaQ/lL38tfD7qegPH/ -CDpGUdzQNr2xxMr7ABLn4DdwQA5zGWPC5dpWdwdopUCe1g+ttbOy9T8B6Gjno7DX -893/ttePdU4lqxIymUWtV0De17QN0MNmiUfyDLK131IO+mNiZYkHSoBpDk66wENd -BXUiz1D5rL3vjYwQCLaLYk+hYFWjDQ== ------END CERTIFICATE----- diff --git a/tests/data_files/cert_v1_with_ext.crt b/tests/data_files/cert_v1_with_ext.crt deleted file mode 100644 index 4f0704885..000000000 --- a/tests/data_files/cert_v1_with_ext.crt +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDzTCCArUCCQC97UTH0j7CpDANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMC -WFgxCzAJBgNVBAgTAlhYMQswCQYDVQQHEwJYWDELMAkGA1UEChMCWFgxCzAJBgNV -BAsTAlhYMScwJQYJKoZIhvcNAQkBFhhhZG1pbkBpZGVudGl0eS1jaGVjay5vcmcx -GzAZBgNVBAMTEmlkZW50aXR5LWNoZWNrLm9yZzAeFw0xMzA3MDQxNjE3MDJaFw0x -NDA3MDQxNjE3MDJaMIGHMQswCQYDVQQGEwJYWDELMAkGA1UECBMCWFgxCzAJBgNV -BAcTAlhYMQswCQYDVQQKEwJYWDELMAkGA1UECxMCWFgxJzAlBgkqhkiG9w0BCQEW -GGFkbWluQGlkZW50aXR5LWNoZWNrLm9yZzEbMBkGA1UEAxMSaWRlbnRpdHktY2hl -Y2sub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v8FswMughO8 -mwkHWAf+XRpK33kYR0ifBnObvk2R9ZTEUk/TfFEEFVlen5xhiE0g8lbCj8Y5Mzsg -wZsJv5in/KnraYb7VC0ah0jx4sMkhKRcyUWfjyH8r7FNH1j1jd08ZpWJGotYxxaL -evqom1rzLN99JPObwyCCgGcQjlRV7cMfIgwlwHb/JPXOy/hYAgjrCjqvBu3nL5/b -HF0PyVGiKCEQiHhMBKNjAxzQrCUGy7Vp+3QlIYrs6/m5A96vohX/j+wzwIp3QgiK -Yhj5E4Zo/iQLf6Rwl7pL4RTdT+crcy143mYiShNY+ayl9snfVJNnuHaMe15fVEsP -X9lDvdBvXwIDAQABoz8wPTA7BgNVHREENDAyghJpZGVudGl0eS1jaGVjay5vcmeC -Fnd3dy5pZGVudGl0eS1jaGVjay5vcmeHBCU7/jAwDQYJKoZIhvcNAQEFBQADggEB -AAXUXoWlQxKvSCVWhes8x03MCude0nDqDFH1DPGIKeVeWOw87nVni+hIvy8II6hj -5ZfGSHuZci2AgElA3tXk2qDcZ/uBXe2VV4IwsgXKUYSlpz1xoU55InT4e7KdssEP -HOyrU03Dzm8Jk0PhgEJpV48tkWYoJvZvOiwG0e43UPDv9xp8C8EbvJmmuWkUWnNW -o0yDnoAOxGfUGSUQ1guTpWCoQEKj3DS4v4lI0kNmJm+oRE2vv1XealWEHSuMpRZO -Qhy8WImX3muw99MP579tY44D5Z7p3kpiC1bwV3tzkHdf5mkrAbFJIfliPvjMrPMw -2eyXXijDsebpT0w3ruMxjHg= ------END CERTIFICATE----- diff --git a/tests/data_files/cli-rsa-sha1.crt b/tests/data_files/cli-rsa-sha1.crt deleted file mode 100644 index ffbe21a17..000000000 --- a/tests/data_files/cli-rsa-sha1.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f -M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu -1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw -MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v -4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ -/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC -AQEAX0vLL6qw6zYaO7a1ZXXJhWL8/vm1+yz5HrnXPX62xBD7P+cVGrOoNbD1QAj9 -otOpUsWYmHRvhotO42oqPsnoPA0JpGRR2elbTrcK9uDxg6PWwoix3uHPRuXdRIsU -jee2TcGilXgJw1HDvJ04E5qowAtAgOcE41ZraAN43GHO2PjxcXEEoWzqSqvlUrv3 -AOaCTn9X73izMRgPbQBnJjknIzoYwWgVFaDEW/lZE0+LLa99/mxFFUBhYzAY+h/R -rmtslJIyIzTd3sLo+XZ0hNtlBM0u1okOspSWtmoNdSiJDZMJ4LL71xuJYG46Sl/0 -1hH/1pZigeufZgYrQgqG8oHT4A== ------END CERTIFICATE----- diff --git a/tests/data_files/cli-rsa-sha256.crt b/tests/data_files/cli-rsa-sha256.crt deleted file mode 100644 index c81f98fb3..000000000 --- a/tests/data_files/cli-rsa-sha256.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f -M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu -1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw -MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v -4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ -/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC -AQEAlHabem2Tu69VUN7EipwnQn1dIHdgvT5i+iQHpSxY1crPnBbAeSdAXwsVEqLQ -gOOIAQD5VIITNuoGgo4i+4OpNh9u7ZkpRHla+/swsfrFWRRbBNP5Bcu74AGLstwU -zM8gIkBiyfM1Q1qDQISV9trlCG6O8vh8dp/rbI3rfzo99BOHXgFCrzXjCuW4vDsF -r+Dao26bX3sJ6UnEWg1H3o2x6PpUcvQ36h71/bz4TEbbUUEpe02V4QWuL+wrhHJL -U7o3SVE3Og7jPF8sat0a50YUWhwEFI256m02KAXLg89ueUyYKEr6rNwhcvXJpvU9 -giIVvd0Sbjjnn7NC4VDbcXV8vw== ------END CERTIFICATE----- diff --git a/tests/data_files/cli.opensslconf b/tests/data_files/cli.opensslconf deleted file mode 100644 index ae9ab9de2..000000000 --- a/tests/data_files/cli.opensslconf +++ /dev/null @@ -1,4 +0,0 @@ -[cli-rsa] -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid:always,issuer:always -basicConstraints = CA:false diff --git a/tests/data_files/cli2.crt b/tests/data_files/cli2.crt deleted file mode 100644 index 2dfa51632..000000000 --- a/tests/data_files/cli2.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT -9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud -IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM -lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU -LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U= ------END CERTIFICATE----- diff --git a/tests/data_files/cli2.key b/tests/data_files/cli2.key deleted file mode 100644 index e747d0943..000000000 --- a/tests/data_files/cli2.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49 -AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW -wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/crl-ec-sha1.pem b/tests/data_files/crl-ec-sha1.pem deleted file mode 100644 index 8358640a0..000000000 --- a/tests/data_files/crl-ec-sha1.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN X509 CRL----- -MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ -b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz -MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G -A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg -Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW -svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm -56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= ------END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha224.pem b/tests/data_files/crl-ec-sha224.pem deleted file mode 100644 index 9131f104f..000000000 --- a/tests/data_files/crl-ec-sha224.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN X509 CRL----- -MIIBcDCB9wIBATAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwEDaAAwZQIwbn+i0dOest0IJGzuqBLA -V5nscZPvHjDV6lWsSwurS4LC/Uv/qWteuMCp3OqQRJHcAjEA6KA0dibovfL1WKFo -C8jUGxlMfHeWDRkqMfcjjgIpky7v50sKtDOfmFJn3HFUbiKp ------END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha256.pem b/tests/data_files/crl-ec-sha256.pem deleted file mode 100644 index adfd5f893..000000000 --- a/tests/data_files/crl-ec-sha256.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== ------END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha384.pem b/tests/data_files/crl-ec-sha384.pem deleted file mode 100644 index b757abb18..000000000 --- a/tests/data_files/crl-ec-sha384.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN X509 CRL----- -MIIBcDCB9wIBATAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwMDaAAwZQIwateJaD13+Yi4HWBIlOov -8ZDsvnfQfW/R0A1s2ZccAi+byurShuNGiSvsFSh5d/6QAjEA427F8bNk/fdj5YXu -Oo1qEd7WpD2dNUb0draGSIcJGBRGzi5it14UXr9cR4S5eJ6Q ------END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha512.pem b/tests/data_files/crl-ec-sha512.pem deleted file mode 100644 index f7c9402a3..000000000 --- a/tests/data_files/crl-ec-sha512.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwQDaQAwZgIxAL/VFrDIYUECsS0rVpAy -6zt/CqeAZ1sa/l5LTaG1XW286n2Kibipr6EpkYZNYIQILgIxAI0wb3Py1DHPWpYf -/BFBH7C3KYq+nWTrLeEnhrjU1LzG/CiQ8lnuskya6lw/P3lJ/A== ------END X509 CRL----- diff --git a/tests/data_files/crl-future.pem b/tests/data_files/crl-future.pem deleted file mode 100644 index 1938219d4..000000000 --- a/tests/data_files/crl-future.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBgzCCAQoCAQEwCQYHKoZIzj0EATA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTMyMDMxMDEx -MDUxNVoXDTQyMDMwODExMDUxNVowKDASAgEKFw0xMzA5MjQxNjI4MzhaMBICARYX -DTE0MDEyMDEzNDMwNVqgcjBwMG4GA1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb -+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNV -BAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gA -MGUCMQCmsvNsOQdbGpmzpeZlKU9lDP6yyWenrI/89swZYogE3cSPob4tOzeYg38i -or91IPgCMD7N/0Qz6Nq2IgBtZORLgsA0ltK+W6AOS+/EIhvGuXV8uguUyYknl4vb -+cE+lWxhCQ== ------END X509 CRL----- diff --git a/tests/data_files/crl-idp.pem b/tests/data_files/crl-idp.pem deleted file mode 100644 index a229e7d6d..000000000 --- a/tests/data_files/crl-idp.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN X509 CRL----- -MIIBszCBnAIBATANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UE -ChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTE4MDMxNDA3 -MzE0OFoXDTI4MDMxNDA3MzE0OFqgLTArMCkGA1UdHAEB/wQfMB2gG6AZhhdodHRw -Oi8vcGtpLmV4YW1wbGUuY29tLzANBgkqhkiG9w0BAQsFAAOCAQEAs/vp1Ybq9Lj/ -YM+O2uBqhRNdt494GYSYcZcltbQDwLgDwsFQ9S+q5zBtanhxiF3C6dyDoWS6xyY3 -dkdO9kK2YAQLNaFBCsKRrI9vGKuF5/1uIr0a8cQcqVzyRI9uK0KgGEk9/APGtqob -nj/nt2ryGC+yEh20FmvwFn1vN5xaWK3uUIJCNDTZe+KQn150iAU/mWZG2xDdSXgm -JtpTrY6toBgTwDGyus2wIDvAF6rBc1lRoR0BPuTR1fcUPMvr8jceZqG+xuH+vmkU -j1B4Tu+K27ZmZMlhltfgwLzcgH9Ee1TgWPN2QqMzeZW/vNMyIIvWAWk2cFyCJj6r -16/9upL64w== ------END X509 CRL----- diff --git a/tests/data_files/crl-idpnc.pem b/tests/data_files/crl-idpnc.pem deleted file mode 100644 index 0ebe480ee..000000000 --- a/tests/data_files/crl-idpnc.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN X509 CRL----- -MIIBsDCBmQIBATANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UE -ChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTE4MDMxNDEx -MTQzNloXDTI4MDMxNDExMTQzNlqgKjAoMCYGA1UdHAQfMB2gG6AZhhdodHRwOi8v -cGtpLmV4YW1wbGUuY29tLzANBgkqhkiG9w0BAQsFAAOCAQEACsszsNwAMkmUrbti -H1wpWN3LIb32MTZkBWZeFWWQ1MyzSFslgnOcu6tesJuTQJVJMGCSXZv7jkVHeeiK -x+BAoHCrR2aRVPbmiaP43Qp/dFOOfHVMM/VVWmuEYuCQaCAeVLQgGbgAYHE9aHQN -vBg8m7NJ95av2svLHMFIhirZlKWsAXM+aCyzoudEIhrP4Ppwt01SCtDl5gyg1Gkd -B3wuOckjTk0xwXdlOSMH9o0SD2fkc41AFDqOZTK2NTQzNChDNFbKXl8sr9SavJCm -k72l7wNJs6UOEhQMygyXEvqp8JbIi9JI+3TD4z4wUt0EnPkw0U48grLXFhjwBLWi -cxyjQQ== ------END X509 CRL----- diff --git a/tests/data_files/crl-malformed-trailing-spaces.pem b/tests/data_files/crl-malformed-trailing-spaces.pem deleted file mode 100644 index 9eae3da19..000000000 --- a/tests/data_files/crl-malformed-trailing-spaces.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN X509 CRL----- -MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ -b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz -MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G -A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg -Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW -svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm -56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= ------END X509 CRL----- ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwQDaQAwZgIxAL/VFrDIYUECsS0rVpAy -6zt/CqeAZ1sa/l5LTaG1XW286n2Kibipr6EpkYZNYIQILgIxAI0wb3Py1DHPWpYf -/BFBH7C3KYq+nWTrLeEnhrjU1LzG/CiQ8lnuskya6lw/P3lJ/A== ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/tests/data_files/crl-rsa-pss-sha1-badsign.pem deleted file mode 100644 index 7e2a59677..000000000 --- a/tests/data_files/crl-rsa-pss-sha1-badsign.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN X509 CRL----- -MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha1.pem b/tests/data_files/crl-rsa-pss-sha1.pem deleted file mode 100644 index 59ca4f703..000000000 --- a/tests/data_files/crl-rsa-pss-sha1.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN X509 CRL----- -MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha224.pem b/tests/data_files/crl-rsa-pss-sha224.pem deleted file mode 100644 index a51d5d911..000000000 --- a/tests/data_files/crl-rsa-pss-sha224.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI -i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v -TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e -Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 -NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB -f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D -a6JSqCIMRCQY2JOUn0A= ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha256.pem b/tests/data_files/crl-rsa-pss-sha256.pem deleted file mode 100644 index f16a49118..000000000 --- a/tests/data_files/crl-rsa-pss-sha256.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 -oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC -FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo -IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X -ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB -r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb -XLdJyyak33CLBKu+nJc= ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha384.pem b/tests/data_files/crl-rsa-pss-sha384.pem deleted file mode 100644 index 50f7e4cd2..000000000 --- a/tests/data_files/crl-rsa-pss-sha384.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco -SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR -a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 -EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs -y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k -q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u -KUH/xf1jEnNzbYNGiZw= ------END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha512.pem b/tests/data_files/crl-rsa-pss-sha512.pem deleted file mode 100644 index 0f1d6510b..000000000 --- a/tests/data_files/crl-rsa-pss-sha512.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F -ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq -1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 -t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU -p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 -sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 -enMfMvwScA5AImzu9xA= ------END X509 CRL----- diff --git a/tests/data_files/crl.pem b/tests/data_files/crl.pem deleted file mode 100644 index 2bd10968e..000000000 --- a/tests/data_files/crl.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= ------END X509 CRL----- diff --git a/tests/data_files/crl_cat_ec-rsa.pem b/tests/data_files/crl_cat_ec-rsa.pem deleted file mode 100644 index 3cda8ff03..000000000 --- a/tests/data_files/crl_cat_ec-rsa.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== ------END X509 CRL----- ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= ------END X509 CRL----- diff --git a/tests/data_files/crl_cat_ecfut-rsa.pem b/tests/data_files/crl_cat_ecfut-rsa.pem deleted file mode 100644 index 87b8c2944..000000000 --- a/tests/data_files/crl_cat_ecfut-rsa.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN X509 CRL----- -MIIBgzCCAQoCAQEwCQYHKoZIzj0EATA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTMyMDMxMDEx -MDUxNVoXDTQyMDMwODExMDUxNVowKDASAgEKFw0xMzA5MjQxNjI4MzhaMBICARYX -DTE0MDEyMDEzNDMwNVqgcjBwMG4GA1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb -+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNV -BAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gA -MGUCMQCmsvNsOQdbGpmzpeZlKU9lDP6yyWenrI/89swZYogE3cSPob4tOzeYg38i -or91IPgCMD7N/0Qz6Nq2IgBtZORLgsA0ltK+W6AOS+/EIhvGuXV8uguUyYknl4vb -+cE+lWxhCQ== ------END X509 CRL----- ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= ------END X509 CRL----- diff --git a/tests/data_files/crl_cat_rsa-ec.pem b/tests/data_files/crl_cat_rsa-ec.pem deleted file mode 100644 index ded369d89..000000000 --- a/tests/data_files/crl_cat_rsa-ec.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= ------END X509 CRL----- ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== ------END X509 CRL----- diff --git a/tests/data_files/crl_cat_rsabadpem-ec.pem b/tests/data_files/crl_cat_rsabadpem-ec.pem deleted file mode 100644 index a035e1899..000000000 --- a/tests/data_files/crl_cat_rsabadpem-ec.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU ------END X509 CRL----- ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== ------END X509 CRL----- diff --git a/tests/data_files/crl_expired.pem b/tests/data_files/crl_expired.pem deleted file mode 100644 index cf60ae4d7..000000000 --- a/tests/data_files/crl_expired.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx -OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir -jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct -wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ -SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS -IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k -OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA= ------END X509 CRL----- diff --git a/tests/data_files/crl_md2.pem b/tests/data_files/crl_md2.pem deleted file mode 100644 index e27379564..000000000 --- a/tests/data_files/crl_md2.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTA5MDcxOTE5NTYz -N1oXDTA5MDkxNzE5NTYzN1owKDASAgEBFw0wOTAyMDkyMTEyMzZaMBICAQMXDTA5 -MDIwOTIxMTIzNlowDQYJKoZIhvcNAQECBQADggEBAF8F5y82zgtxcwQ4aFvrkanT -ygyd5+RW/Y//vpck44V+CYx1d1r+QkauaXel9qUKBPsg2dUwQ+jwV/m+Sp2MHaX5 -NfW7XUb7Ji4yhwgh9/9vFPqqnKBf9esLJuJoQ4mLhcGB5J1yCcavLrynvB4PJEnG -graTbbyizelXBmk3ApvNYxczJZxt7EzpVbrFaev7myGmOffdDkIMc2WDpDkyLTlU -kITjB7fMJhD/dgNskKZ4fgkKKKPCMJrJPO67Wzwqx/6vsrZcACB9X+143WZr4GVO -Fw2SaMnqfVLlUEndoOpbLCU4ugcc82kQQF3TsovXJYW7XqoWl2u/ENCwShl9rl4= ------END X509 CRL----- diff --git a/tests/data_files/crl_md4.pem b/tests/data_files/crl_md4.pem deleted file mode 100644 index 1f77dab78..000000000 --- a/tests/data_files/crl_md4.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEDBQADggEBAIJtYXy3uwIpmSGfi9muS8xv -36FT6g3s1V/xicdPa54juJgBI6sxHKzQtbSNIbqadEWwUtvQ8k1EMRo9UGObhRV8 -i+UWm5qi0GFV7nMi4E2p2Ji/sFKtgdxkzhCfn+p3MoGgx/nC7YtwpnNdF+kuCV1M -JTPqfm+taZkYADOafP/hRaPx3TI+HNE3ux4Cb7hNpWdfWzt48ZPMuhCMzItLd/UK -xxjJam9XAGUTKi7+eWtma9XzmYOIElQv2KFPVMcx5nvg039rrWK6tObGL67kCfTH -v+nIx7rAOW6UNU8aj1kfJHYjEKMBH1I9wjMSHUpkxBLQOKlPNRksiEVsIhmEVss= ------END X509 CRL----- diff --git a/tests/data_files/crl_md5.pem b/tests/data_files/crl_md5.pem deleted file mode 100644 index 1b17967ec..000000000 --- a/tests/data_files/crl_md5.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEEBQADggEBAKKCJZ1MwL+gKAw3RV4qEmb9 -gMDdSLJ1Vdkn9FgDx2ijNnYDtvaW+I3sOXrq7O6gVN1KEamJJbufVJA5+OE2oVbC -husEdgQm8D5TbrGcjPIPWxgYyuuRsl7XovZhXnqTIUrC+J8oH9XzKaMc+HZb5UhR -h8bzcyp+9jbBje7lWwKTzkuvd/I7VbS02TUkWFJTrYB0Laj8WMcgcZiyX0iZuj8j -4hOupu0lPoSzZ4h7t0Vmay6wO+8n8LJohyiwYS7LddpOjIdP0MWifN7u/ArqNNlh -2kg8eAc1pYOU/pJFTAAbOmC/kQpa9skd+PPIPPh9T53o3yeDQA0vFqN92JryCCU= ------END X509 CRL----- diff --git a/tests/data_files/crl_sha1.pem b/tests/data_files/crl_sha1.pem deleted file mode 100644 index 049bebfcf..000000000 --- a/tests/data_files/crl_sha1.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAG64jqn7VLdvnKROsbCPR8w9 -xnox9vjuM2lGWema9sTuptw9EhArVSbibXZ1IPPyrEy1QOq3NukBqUW3KzOzYV5M -BxZSa28FTQxtVChWkDUIMCK8BSxy07yieFf/3A8mbfcW3ZzN4akLxOweuFp6l2H7 -9oa2jeUi1BlHCZS6JYI2pHZl8qiMRiqqMleSM2k1w7TraKLNBFM8UK72brXeZjPi -nNOzdYsQDzWo1HW7dsLWLfZKoJeyqvofVDQpC5dO56kty/do89z1OnEXfzMNeVVT -JCeAOzuu6kdrf+9keRoWhcIoBos/XtTV57u0pgr81bLgjj5PYivevKL/kKbyvKI= ------END X509 CRL----- diff --git a/tests/data_files/crl_sha224.pem b/tests/data_files/crl_sha224.pem deleted file mode 100644 index 066f5be07..000000000 --- a/tests/data_files/crl_sha224.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEOBQADggEBAL2sIly2OwgBu9UfEImduTG/ -RtGEO8RkXbCRJPLZaVGQh9b8rCRVHL9tIWm372FVkKyYEm3mIrl2ry16RznRt5yx -Dd8/DKUGUlIe1KwzjDc9O7bv1FDSXHd1USmGTheKDHNtuJXYENMHdoyR2k2BVGOZ -ie4zUcSpqyMjBlUjgNmXN6gQIcrRImumVUjMk74+rWTa0hQ0piF2qlRuE1dDqcZP -LkE/92rbnFeRAO91XUeEj13dif2UjlArFWd62AFp0wtIn2sb7wahhUj9/rEs6Wgx -kdiNsRMto6/ixLrPu3vxs80ZPWHey587T1ZZ9bS/wDkp9W+W0rGyRoPVmqiKtvM= ------END X509 CRL----- diff --git a/tests/data_files/crl_sha256.pem b/tests/data_files/crl_sha256.pem deleted file mode 100644 index c3ca25699..000000000 --- a/tests/data_files/crl_sha256.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQELBQADggEBAG4mBBgwfNynCYYL2CEnqore -mgKpC32tB6WiUBu9figcvdN3nSX/1wrB8rpiE8R04C8oSFglwhotJCnlWsy42tjb -0pk0Wuizln0PFMc/OypqRNNhwx31SHH42W4KzONiqvq3n/WkH3M1YniR1ZnMlyvi -lJioQn6ZAoc6O6mMP1J9duKYYhiMAOV992PD1/iqXw+jYN31RwdIS8/mGzIs4ake -EdviwhM3E4/sVbNOWCOnZFYV4m+yNAEe29HL1VKw6UXixBczct+brqXNVD3U6T0F -5ovR6BTefZO17eT52Duke5RZGDUyQOGywxOYKI5W+FcOYdp+U5Idk399tAz2Mdw= ------END X509 CRL----- diff --git a/tests/data_files/crl_sha384.pem b/tests/data_files/crl_sha384.pem deleted file mode 100644 index b3baa2a95..000000000 --- a/tests/data_files/crl_sha384.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEMBQADggEBAC0GpmRvsrvshp1q/SXk80HA -m28ZvEuys9zY5/AnrtYHQfsX9QRJk5li7PlnzHtVGp8I5Qi4mJVPaJ+JmhqAc/oo -NPmxDx8m9XF9v0XHzqQZIWlPXH8QM9WLzTazbQFXhuwnZ6LPhpo+m8cbN91mUFil -9g+SGkma+VYV+yPRNmKyldcRVvPZUIkhTCMWkZoYrbDXUmkVQpsgz2c5ksIeMI/7 -4Qj9J38I9AOt0DlQ3etFhNc0OMnR7zY8tn9B4dejoNklEZfiyDxsDZVPusZrxnWM -WxuehOGHZf3YESjLMtR7BW26QRHIF/nhGDHsbLiunxXI6eJlbYFoZMfwc6TMqnc= ------END X509 CRL----- diff --git a/tests/data_files/crl_sha512.pem b/tests/data_files/crl_sha512.pem deleted file mode 100644 index 4d712e55d..000000000 --- a/tests/data_files/crl_sha512.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw -N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQENBQADggEBAH6GU24hd6d/5PmDusT+h2Kl -e7scmhkZDPU+VJSnzHdEREYTPaoFqyVBuJOE95lZELEqdOauhO3lG2WEQVGcgEcv -4jS2EzR3BYex1c1upqGtdIvIoA9TOLukdy6KeauomiWho2Kd7bSaXHy20jwdkLko -/t3lVhTtBvKbh8XHVYwCaw1aCj3LydwNcS+zPnRgsMVHszFxmMNn5HCRW8lbYwcf -UA98OmxIZs2hpBKRpvlfA5y6sXEx2+tSMg+MJrziGBgG6OR/m+KTaK5Yle9nrC+7 -hzKIe83hpktvfB1CY5Ak4Uke9/1FRqAjs5KCRxYSGQ7ZdS7DgAeGwT3slLbl/tY= ------END X509 CRL----- diff --git a/tests/data_files/crt_cat_rsaexp-ec.pem b/tests/data_files/crt_cat_rsaexp-ec.pem deleted file mode 100644 index 4f74c9ac2..000000000 --- a/tests/data_files/crt_cat_rsaexp-ec.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx -OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir -jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct -wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ -SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS -IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k -OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA= ------END X509 CRL----- ------BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu -BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== ------END X509 CRL----- diff --git a/tests/data_files/dh.1000.pem b/tests/data_files/dh.1000.pem deleted file mode 100644 index 172f19fb4..000000000 --- a/tests/data_files/dh.1000.pem +++ /dev/null @@ -1,34 +0,0 @@ - -Recommended key length: 160 bits - -generator: - 23:84:3c:0d:55:8c:b9:7d:a9:d5:9a:80:82:fb:50: - 89:29:71:8e:8e:a1:29:2e:df:db:01:34:41:e7:66: - fa:60:dc:bc:34:83:45:70:e0:61:e9:a6:25:23:c2: - 77:33:a9:8a:90:94:21:ff:84:d2:7b:36:39:9b:e5: - f0:88:2b:35:98:64:28:58:27:be:fa:bf:e3:60:cc: - c4:61:60:59:78:a7:e1:a3:b3:a7:3e:7e:5b:a8:d7: - b7:ba:25:0e:b1:9e:79:03:b5:83:ba:43:34:b6:c1: - ce:45:66:72:07:64:8a:af:14:d8:ae:18:19:ba:25: - a6:d9:36:f8:8c: - -prime: - 9e:a4:a8:c4:29:fe:76:18:02:4f:76:c9:29:0e:f2: - ba:0d:92:08:9d:d9:b3:28:41:5d:88:4e:fe:3c:ae: - c1:d4:3e:7e:fb:d8:2c:bf:7b:63:70:99:9e:c4:ac: - d0:1e:7c:4e:22:07:d2:b5:f9:9a:9e:52:e2:97:9d: - c3:cb:0d:66:33:75:95:a7:96:6e:69:ec:16:bd:06: - 4a:1a:dc:b2:d4:29:23:ab:2e:8f:7f:6a:84:1d:82: - 23:6e:42:8c:1e:70:3d:21:bb:b9:b9:8f:f9:fd:9c: - 53:08:e4:e8:5a:04:ca:5f:8f:73:55:ac:e1:41:20: - c7:43:fa:8f:99: - - ------BEGIN DH PARAMETERS----- -MIIBAwJ+AJ6kqMQp/nYYAk92ySkO8roNkgid2bMoQV2ITv48rsHUPn772Cy/e2Nw -mZ7ErNAefE4iB9K1+ZqeUuKXncPLDWYzdZWnlm5p7Ba9Bkoa3LLUKSOrLo9/aoQd -giNuQowecD0hu7m5j/n9nFMI5OhaBMpfj3NVrOFBIMdD+o+ZAn0jhDwNVYy5fanV -moCC+1CJKXGOjqEpLt/bATRB52b6YNy8NINFcOBh6aYlI8J3M6mKkJQh/4TSezY5 -m+XwiCs1mGQoWCe++r/jYMzEYWBZeKfho7OnPn5bqNe3uiUOsZ55A7WDukM0tsHO -RWZyB2SKrxTYrhgZuiWm2Tb4jAICAKA= ------END DH PARAMETERS----- diff --git a/tests/data_files/dir-maxpath/00.crt b/tests/data_files/dir-maxpath/00.crt deleted file mode 100644 index c806648ac..000000000 --- a/tests/data_files/dir-maxpath/00.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/00.key b/tests/data_files/dir-maxpath/00.key deleted file mode 100644 index b4d33156a..000000000 --- a/tests/data_files/dir-maxpath/00.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIARPaEIfROHkE9Y0ZgHh7Mc3ZU6LR9lCOIw1ksYTHp5EoAoGCCqGSM49 -AwEHoUQDQgAEVbjX+oDAA+nL5PF1zs8qbNmyr0I+K6MpTi+kXV6RecbHYc/jbRCh -vAFVVaGTNGYvB1ugfaPrl1wIqNDua/93Eg== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/01.crt b/tests/data_files/dir-maxpath/01.crt deleted file mode 100644 index 0e9107a72..000000000 --- a/tests/data_files/dir-maxpath/01.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/01.key b/tests/data_files/dir-maxpath/01.key deleted file mode 100644 index 7dd064311..000000000 --- a/tests/data_files/dir-maxpath/01.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEINSnxPqUNMba8F2KWNxU88heSs7vgas5BOzjRwQsQe6IoAoGCCqGSM49 -AwEHoUQDQgAEM55/cxx8CxjvFUeFvVe7zJcQnaKI8xDol+WOibT7RTs/Ournh2Os -6DdP5ieg56p0l4pSSFFHlunhn6ppGu58ZA== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/02.crt b/tests/data_files/dir-maxpath/02.crt deleted file mode 100644 index 387b064da..000000000 --- a/tests/data_files/dir-maxpath/02.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/02.key b/tests/data_files/dir-maxpath/02.key deleted file mode 100644 index b5ac513f2..000000000 --- a/tests/data_files/dir-maxpath/02.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIPW9zE8cjiZ8w17jTAebb4xAmEg6heEEnEaG4lGCd38joAoGCCqGSM49 -AwEHoUQDQgAEFh6b9YupX8LzTzj+ZGuktJ+eRL86GmCuqW01z+sjDlv+F2UjyseW -aKuBTHtHCsxiCBS9a849VdnM2Afqry4cog== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/03.crt b/tests/data_files/dir-maxpath/03.crt deleted file mode 100644 index 7d90a5e0f..000000000 --- a/tests/data_files/dir-maxpath/03.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/03.key b/tests/data_files/dir-maxpath/03.key deleted file mode 100644 index 2bfa48387..000000000 --- a/tests/data_files/dir-maxpath/03.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIBx2xwapGbHTy79IbpJkc/w9LJXPKNG7gGRLPOGPQFI6oAoGCCqGSM49 -AwEHoUQDQgAEEQ1wzSItaXq3rnYasGti7JV4LMZwetx7ucuZYPtVj67iGD8w/x6N -AD73lXcxS1Y4tffmxOPrRT2C9UqbDdVn1g== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/04.crt b/tests/data_files/dir-maxpath/04.crt deleted file mode 100644 index 1ddcf691a..000000000 --- a/tests/data_files/dir-maxpath/04.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/04.key b/tests/data_files/dir-maxpath/04.key deleted file mode 100644 index e836bbf05..000000000 --- a/tests/data_files/dir-maxpath/04.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIDQvTm0wfEAKoymv8ePBv7cRxrnM4g6LREnSll5ghQsXoAoGCCqGSM49 -AwEHoUQDQgAEFFw4HFFTU/YaL22RORy+q4zm+wuecBLlik4VfwnGeK1q18e1Vx2H -Q/0d2gwOyUr2KZtrE6JOIrG5Q84WTPxgzQ== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/05.crt b/tests/data_files/dir-maxpath/05.crt deleted file mode 100644 index 19de3a394..000000000 --- a/tests/data_files/dir-maxpath/05.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/05.key b/tests/data_files/dir-maxpath/05.key deleted file mode 100644 index 7f3095e8a..000000000 --- a/tests/data_files/dir-maxpath/05.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIP3MTs0m9ssAAXQ94O6GYC3pckfpMUxQiPTG8hQYgA0WoAoGCCqGSM49 -AwEHoUQDQgAEBHU9DhX+RlHK4F9l5ZQsicz/eDWeOuBrIAeqbDS7A3i/o+wFPqCc -u1S71v5R4dzg4JdPGfW4aixQZjY5x25vEA== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/06.crt b/tests/data_files/dir-maxpath/06.crt deleted file mode 100644 index 36f99d2c0..000000000 --- a/tests/data_files/dir-maxpath/06.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/06.key b/tests/data_files/dir-maxpath/06.key deleted file mode 100644 index 5b0bce243..000000000 --- a/tests/data_files/dir-maxpath/06.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIESUhQgXWd8cVQnitNEpOD2JNMqH9ug/wYaY1xW3SaSGoAoGCCqGSM49 -AwEHoUQDQgAEgPalqAFB655/t5Mcja4zyZPNlgy4plttUTedbsaaG2nb/GIBhA0X -T/jpPrkakElLAOmV3xd4hq9ho30N8DAx/A== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/07.crt b/tests/data_files/dir-maxpath/07.crt deleted file mode 100644 index 5bb57f84d..000000000 --- a/tests/data_files/dir-maxpath/07.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/07.key b/tests/data_files/dir-maxpath/07.key deleted file mode 100644 index 3f20131cc..000000000 --- a/tests/data_files/dir-maxpath/07.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIEi1oKInPLbiINj8OxdActVTgI+YQVSefdQfCu1ihbLRoAoGCCqGSM49 -AwEHoUQDQgAEjTo+HeDBAO6f95ooo6huE6BOKKSjwJvtwUyBqyU2E9ePvk0olCAp -dAEl4/sXlHCzCGl0zdONrC7B8aUoc0Gi9A== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/08.crt b/tests/data_files/dir-maxpath/08.crt deleted file mode 100644 index bf1f33e3f..000000000 --- a/tests/data_files/dir-maxpath/08.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/08.key b/tests/data_files/dir-maxpath/08.key deleted file mode 100644 index d1ee9c544..000000000 --- a/tests/data_files/dir-maxpath/08.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIC8M2G7XcqeagYgt8SZJbuTh4tYchGvX3yDZJKTuBgFUoAoGCCqGSM49 -AwEHoUQDQgAEaUHkP2BkI55e0s6OlkrSdbu8bp0y+YwZFx/GgFUptKol+AA/+2D8 -WuRJxs2XS059ub0FZ30ABqTMfD9ZWIhmAg== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/09.crt b/tests/data_files/dir-maxpath/09.crt deleted file mode 100644 index 8f67e5419..000000000 --- a/tests/data_files/dir-maxpath/09.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/09.key b/tests/data_files/dir-maxpath/09.key deleted file mode 100644 index fe6a06f8c..000000000 --- a/tests/data_files/dir-maxpath/09.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIKkdxegP5yN840sBDxIPpiMftZss14uLaH7zoxOqrePDoAoGCCqGSM49 -AwEHoUQDQgAEe2QdevrehLH2oRsilBiVuZns5M43WmL3OJWyWijUcBUX3Nxf35jT -krFBUoPxdDfr1BPnaCojwvMEcC875uLPuQ== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/10.crt b/tests/data_files/dir-maxpath/10.crt deleted file mode 100644 index 72e699afb..000000000 --- a/tests/data_files/dir-maxpath/10.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/10.key b/tests/data_files/dir-maxpath/10.key deleted file mode 100644 index c5558f57c..000000000 --- a/tests/data_files/dir-maxpath/10.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIPuPPMxo5e2doI7YfDp60qmEn4YwYs2sb5QlOpFQ3BIJoAoGCCqGSM49 -AwEHoUQDQgAEeo5RimyXeYYg8Te/PYJDnMKchyPcEcAqwAwDsDpDHjwT0ZcBnZu5 -sO2fxAJrtus0Zv4XMq7ODKpNi2mw4zyPVw== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/11.crt b/tests/data_files/dir-maxpath/11.crt deleted file mode 100644 index e09e49ff0..000000000 --- a/tests/data_files/dir-maxpath/11.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/11.key b/tests/data_files/dir-maxpath/11.key deleted file mode 100644 index b34bf8c9d..000000000 --- a/tests/data_files/dir-maxpath/11.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIHaMieH2/wn6lnsFUGzww43ymhN16Z0nhG5TyvNeY8U2oAoGCCqGSM49 -AwEHoUQDQgAE2cEfliujQRf+64hXTet3PIY2HXWUUeJa81TT8IgUMZ58cKT8qw/Q -Omjz5i3OkqhjiVuGRlQnKCAc3vUSVXogfQ== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/12.crt b/tests/data_files/dir-maxpath/12.crt deleted file mode 100644 index 91ef9b03a..000000000 --- a/tests/data_files/dir-maxpath/12.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/12.key b/tests/data_files/dir-maxpath/12.key deleted file mode 100644 index 906bdc677..000000000 --- a/tests/data_files/dir-maxpath/12.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIAzhAcc1Yb2u4bsQDaYeRaRW8kJ/HzFTTfINV1k+TxZ/oAoGCCqGSM49 -AwEHoUQDQgAEwxPSz5Sz3IGd29AXIUfwJITRD/RwGr8GGnSSMs6D6OXnQlZ26EB+ -/Oo7GcGTWaAtIBwwIQphnCH0XpyEgKFbjw== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/13.crt b/tests/data_files/dir-maxpath/13.crt deleted file mode 100644 index c23c1659d..000000000 --- a/tests/data_files/dir-maxpath/13.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/13.key b/tests/data_files/dir-maxpath/13.key deleted file mode 100644 index c8a04ef42..000000000 --- a/tests/data_files/dir-maxpath/13.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIKb966FXMh8cFQt3sVpmcrh2/3yaGiLMwz+/XGKGMJ+2oAoGCCqGSM49 -AwEHoUQDQgAE65MwiS854ZYZ7L9UVwfZH3mg/nCK7j0NHCLQQxqXbw/MWwVb0HIu -PkRtkVVAklkYZBWI0rFEjNEBzEJwRZYcNg== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/14.crt b/tests/data_files/dir-maxpath/14.crt deleted file mode 100644 index 5ca323c40..000000000 --- a/tests/data_files/dir-maxpath/14.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/14.key b/tests/data_files/dir-maxpath/14.key deleted file mode 100644 index a526a1851..000000000 --- a/tests/data_files/dir-maxpath/14.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIKEycJNLyYJ5JgECpCuZiFeXZIMC+XsMEKoMhRTx6xD+oAoGCCqGSM49 -AwEHoUQDQgAE0TGTdER8z3aJzZmbqvVz4c70Odk2qJMU9/aqULZRcr1LhBiqy6Db -3XKQEWgNKxqbrekSwEDlVIjVZSdyKY+/PQ== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/15.crt b/tests/data_files/dir-maxpath/15.crt deleted file mode 100644 index bef923a48..000000000 --- a/tests/data_files/dir-maxpath/15.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/15.key b/tests/data_files/dir-maxpath/15.key deleted file mode 100644 index 1d9390837..000000000 --- a/tests/data_files/dir-maxpath/15.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIL1c0zvh4Fx8aylrlHsOsK5Pcam7BWVHM2lDxGO26QIUoAoGCCqGSM49 -AwEHoUQDQgAEJSlIjKErLP4bE2rHnanQdgQjhiYU7dIYFBnlJ1jWdbLzuMp9BpBR -2dPPvn5djCqo6Y/lV6tCUhRchlDoJoItxw== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/16.crt b/tests/data_files/dir-maxpath/16.crt deleted file mode 100644 index d9d998de2..000000000 --- a/tests/data_files/dir-maxpath/16.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN -kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 -buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX -BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh -FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/16.key b/tests/data_files/dir-maxpath/16.key deleted file mode 100644 index 70492de2f..000000000 --- a/tests/data_files/dir-maxpath/16.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIM0YCnGkEG/TjBxrytP9Ztslm1yoQaWptBxegRzzBRDVoAoGCCqGSM49 -AwEHoUQDQgAEO1bKeyZgzZID4f/s5iD5He6NMaLf1jzBZ97gLBrbFN/OTBdH5oXx -S4UW2x/YeCY2B4/MtLKVN27lF4X7bwGVWw== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/17.crt b/tests/data_files/dir-maxpath/17.crt deleted file mode 100644 index 1ee78492c..000000000 --- a/tests/data_files/dir-maxpath/17.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m -D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 -nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX -BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z -ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/17.key b/tests/data_files/dir-maxpath/17.key deleted file mode 100644 index eee33e8c1..000000000 --- a/tests/data_files/dir-maxpath/17.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIAiUS1dM3qrcOun8PjKe+rw40L2HG/Y8Dfxl0AfzyIVeoAoGCCqGSM49 -AwEHoUQDQgAEayEqtszvZg9vWAixweehXVP0SDbUYX3i7TPruaNx2gJ6KctEvfEc -7hBhC46c6/GSOpJDDGbI/JxWUBfB37hNIA== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/18.crt b/tests/data_files/dir-maxpath/18.crt deleted file mode 100644 index afd682eb8..000000000 --- a/tests/data_files/dir-maxpath/18.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf -bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR -hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX -BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi -oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/18.key b/tests/data_files/dir-maxpath/18.key deleted file mode 100644 index 4591d032a..000000000 --- a/tests/data_files/dir-maxpath/18.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIJETLWqIZtnejCGzESDgMnknxqEx5evMGZfzBVPKMwKKoAoGCCqGSM49 -AwEHoUQDQgAErHPyZDXGH2zIKTn6y+ZCjhsTiWhkukkCHjTt91HgaU6HtW1NmnDe -udsY73BqNHyRLcYNn3Dx0YU5xjAQ9btTdg== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/19.crt b/tests/data_files/dir-maxpath/19.crt deleted file mode 100644 index a2220e5ca..000000000 --- a/tests/data_files/dir-maxpath/19.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJyRCHND78 -KxZHoHHdOTjPuD6HjHPnEKX8apblUpETDJuLW7YR3V8Q0dTac+JHiR6e2l4DlDbf -5bTiyFoAzw9yo4GJMIGGMB0GA1UdDgQWBBRQMc94kTqW+zQO3lo2WMI/81k3czBX -BgNVHSMEUDBOgBSDbIpYntlhJ0GgIsyd75XRhlC18qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIzGOZqJRmvygzvLm8zxZFyoNpcT7e26H -nZd5xFIzEakCIHGYcUXzt+owSVlLmrlW8gQcB81ErQbxuBTAsvpaaKSS ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/19.key b/tests/data_files/dir-maxpath/19.key deleted file mode 100644 index bb6562b3f..000000000 --- a/tests/data_files/dir-maxpath/19.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIDJyHSKbXEZVfkNftQF4eHeJVuXhGdaboa7w4RejL5uYoAoGCCqGSM49 -AwEHoUQDQgAECckQhzQ+/CsWR6Bx3Tk4z7g+h4xz5xCl/GqW5VKREwybi1u2Ed1f -ENHU2nPiR4kentpeA5Q23+W04shaAM8Pcg== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/20.crt b/tests/data_files/dir-maxpath/20.crt deleted file mode 100644 index c82a5276a..000000000 --- a/tests/data_files/dir-maxpath/20.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGebrN8JxE -heOdCxD+mhnQ4zMUxF1WUkmAAHIUw089BYiH9SAwYS/M5tnl+R8fbjvoGqSpR6Tk -V9EU3CQyIoxwo4GJMIGGMB0GA1UdDgQWBBTZs6oChL1c2CSZXY2YFQkkqg+lzDBX -BgNVHSMEUDBOgBRQMc94kTqW+zQO3lo2WMI/81k3c6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgRVGZReXKvdMHhwLbPvbrTVLeAGDqmqMH -/WqD4u23QBgCID/QtFaiawjviNFEdtU7JK6v4ZY0PQ0a0+HLZIHLi9ah ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/20.key b/tests/data_files/dir-maxpath/20.key deleted file mode 100644 index 2ec68ded2..000000000 --- a/tests/data_files/dir-maxpath/20.key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PARAMETERS----- -BggqhkjOPQMBBw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIJHLciDhJcnlE5MhTrOfFlnRbpJQLOf4h72E6VDXxMM0oAoGCCqGSM49 -AwEHoUQDQgAExnm6zfCcRIXjnQsQ/poZ0OMzFMRdVlJJgAByFMNPPQWIh/UgMGEv -zObZ5fkfH2476BqkqUek5FfRFNwkMiKMcA== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/Readme.txt b/tests/data_files/dir-maxpath/Readme.txt deleted file mode 100644 index 606ec6cc2..000000000 --- a/tests/data_files/dir-maxpath/Readme.txt +++ /dev/null @@ -1,10 +0,0 @@ -These certificates form a very long chain, used to test the -MBEDTLS_X509_MAX_INT_CA limit. - -NN.key is the private key of certificate NN.crt. - -The root is 00.crt and N+1.crt is a child of N.crt. - -File cNN.pem contains the chain NN.crt to 00.crt. - -Those certificates were generated by tests/data_files/dir-maxpath/long.sh. diff --git a/tests/data_files/dir-maxpath/c00.pem b/tests/data_files/dir-maxpath/c00.pem deleted file mode 100644 index c806648ac..000000000 --- a/tests/data_files/dir-maxpath/c00.pem +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c01.pem b/tests/data_files/dir-maxpath/c01.pem deleted file mode 100644 index 302fcbd02..000000000 --- a/tests/data_files/dir-maxpath/c01.pem +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c02.pem b/tests/data_files/dir-maxpath/c02.pem deleted file mode 100644 index 77c251900..000000000 --- a/tests/data_files/dir-maxpath/c02.pem +++ /dev/null @@ -1,36 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c03.pem b/tests/data_files/dir-maxpath/c03.pem deleted file mode 100644 index d6c1a21b3..000000000 --- a/tests/data_files/dir-maxpath/c03.pem +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c04.pem b/tests/data_files/dir-maxpath/c04.pem deleted file mode 100644 index 613d7d85a..000000000 --- a/tests/data_files/dir-maxpath/c04.pem +++ /dev/null @@ -1,60 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c05.pem b/tests/data_files/dir-maxpath/c05.pem deleted file mode 100644 index 800904977..000000000 --- a/tests/data_files/dir-maxpath/c05.pem +++ /dev/null @@ -1,72 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c06.pem b/tests/data_files/dir-maxpath/c06.pem deleted file mode 100644 index e0fbf13df..000000000 --- a/tests/data_files/dir-maxpath/c06.pem +++ /dev/null @@ -1,84 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c07.pem b/tests/data_files/dir-maxpath/c07.pem deleted file mode 100644 index c960d19cb..000000000 --- a/tests/data_files/dir-maxpath/c07.pem +++ /dev/null @@ -1,96 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c08.pem b/tests/data_files/dir-maxpath/c08.pem deleted file mode 100644 index 78c2c4a6d..000000000 --- a/tests/data_files/dir-maxpath/c08.pem +++ /dev/null @@ -1,108 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c09.pem b/tests/data_files/dir-maxpath/c09.pem deleted file mode 100644 index 269f4e3c7..000000000 --- a/tests/data_files/dir-maxpath/c09.pem +++ /dev/null @@ -1,120 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c10.pem b/tests/data_files/dir-maxpath/c10.pem deleted file mode 100644 index e29330479..000000000 --- a/tests/data_files/dir-maxpath/c10.pem +++ /dev/null @@ -1,132 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c11.pem b/tests/data_files/dir-maxpath/c11.pem deleted file mode 100644 index 56cbcbf1e..000000000 --- a/tests/data_files/dir-maxpath/c11.pem +++ /dev/null @@ -1,144 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c12.pem b/tests/data_files/dir-maxpath/c12.pem deleted file mode 100644 index 77c8f3f8a..000000000 --- a/tests/data_files/dir-maxpath/c12.pem +++ /dev/null @@ -1,156 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c13.pem b/tests/data_files/dir-maxpath/c13.pem deleted file mode 100644 index d5039ba45..000000000 --- a/tests/data_files/dir-maxpath/c13.pem +++ /dev/null @@ -1,168 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c14.pem b/tests/data_files/dir-maxpath/c14.pem deleted file mode 100644 index c6eca72e4..000000000 --- a/tests/data_files/dir-maxpath/c14.pem +++ /dev/null @@ -1,180 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c15.pem b/tests/data_files/dir-maxpath/c15.pem deleted file mode 100644 index 220420d7d..000000000 --- a/tests/data_files/dir-maxpath/c15.pem +++ /dev/null @@ -1,192 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c16.pem b/tests/data_files/dir-maxpath/c16.pem deleted file mode 100644 index 041a83b45..000000000 --- a/tests/data_files/dir-maxpath/c16.pem +++ /dev/null @@ -1,204 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN -kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 -buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX -BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh -FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c17.pem b/tests/data_files/dir-maxpath/c17.pem deleted file mode 100644 index 5bdbafd28..000000000 --- a/tests/data_files/dir-maxpath/c17.pem +++ /dev/null @@ -1,216 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m -D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 -nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX -BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z -ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN -kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 -buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX -BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh -FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c18.pem b/tests/data_files/dir-maxpath/c18.pem deleted file mode 100644 index d86318952..000000000 --- a/tests/data_files/dir-maxpath/c18.pem +++ /dev/null @@ -1,228 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf -bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR -hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX -BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi -oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m -D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 -nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX -BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z -ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN -kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 -buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX -BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh -FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c19.pem b/tests/data_files/dir-maxpath/c19.pem deleted file mode 100644 index b1e24e42f..000000000 --- a/tests/data_files/dir-maxpath/c19.pem +++ /dev/null @@ -1,240 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJyRCHND78 -KxZHoHHdOTjPuD6HjHPnEKX8apblUpETDJuLW7YR3V8Q0dTac+JHiR6e2l4DlDbf -5bTiyFoAzw9yo4GJMIGGMB0GA1UdDgQWBBRQMc94kTqW+zQO3lo2WMI/81k3czBX -BgNVHSMEUDBOgBSDbIpYntlhJ0GgIsyd75XRhlC18qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIzGOZqJRmvygzvLm8zxZFyoNpcT7e26H -nZd5xFIzEakCIHGYcUXzt+owSVlLmrlW8gQcB81ErQbxuBTAsvpaaKSS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf -bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR -hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX -BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi -oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m -D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 -nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX -BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z -ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN -kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 -buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX -BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh -FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c20.pem b/tests/data_files/dir-maxpath/c20.pem deleted file mode 100644 index ff9747203..000000000 --- a/tests/data_files/dir-maxpath/c20.pem +++ /dev/null @@ -1,252 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGebrN8JxE -heOdCxD+mhnQ4zMUxF1WUkmAAHIUw089BYiH9SAwYS/M5tnl+R8fbjvoGqSpR6Tk -V9EU3CQyIoxwo4GJMIGGMB0GA1UdDgQWBBTZs6oChL1c2CSZXY2YFQkkqg+lzDBX -BgNVHSMEUDBOgBRQMc94kTqW+zQO3lo2WMI/81k3c6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgRVGZReXKvdMHhwLbPvbrTVLeAGDqmqMH -/WqD4u23QBgCID/QtFaiawjviNFEdtU7JK6v4ZY0PQ0a0+HLZIHLi9ah ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJyRCHND78 -KxZHoHHdOTjPuD6HjHPnEKX8apblUpETDJuLW7YR3V8Q0dTac+JHiR6e2l4DlDbf -5bTiyFoAzw9yo4GJMIGGMB0GA1UdDgQWBBRQMc94kTqW+zQO3lo2WMI/81k3czBX -BgNVHSMEUDBOgBSDbIpYntlhJ0GgIsyd75XRhlC18qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIzGOZqJRmvygzvLm8zxZFyoNpcT7e26H -nZd5xFIzEakCIHGYcUXzt+owSVlLmrlW8gQcB81ErQbxuBTAsvpaaKSS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf -bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR -hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX -BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi -oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m -D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 -nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX -BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z -ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN -kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 -buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX -BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh -FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss -/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS -FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX -BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS -fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP -donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU -iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX -BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I -71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh -lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM -0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX -BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 -PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc -gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc -IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX -BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 -E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB -F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco -IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX -BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d -NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 -hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M -qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX -BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs -fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN -MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E -sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC -8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX -BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i -N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj -nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG -pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX -BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw -/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA -7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s -LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX -BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM -oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr -nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG -r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX -BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 -g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G -UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq -LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX -BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 -XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT -9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i -sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX -BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC -+Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p -ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF -PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX -BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM -8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf -wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V -2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX -BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX -oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN -MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx -DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL -GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW -6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf -BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC -VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw -DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ -1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU -TDA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx -MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht -YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA -BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm -LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ -fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD -AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt -IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= ------END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/int.opensslconf b/tests/data_files/dir-maxpath/int.opensslconf deleted file mode 100644 index df28cab5c..000000000 --- a/tests/data_files/dir-maxpath/int.opensslconf +++ /dev/null @@ -1,4 +0,0 @@ -[int] -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid:always,issuer:always -basicConstraints = CA:true diff --git a/tests/data_files/dir-maxpath/long.sh b/tests/data_files/dir-maxpath/long.sh deleted file mode 100755 index 22f3bf548..000000000 --- a/tests/data_files/dir-maxpath/long.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/sh - -set -eu - -: ${OPENSSL:=openssl} -NB=20 - -OPT="-days 3653 -sha256" - -# generate self-signed root -$OPENSSL ecparam -name prime256v1 -genkey -out 00.key -$OPENSSL req -new -x509 -subj "/C=UK/O=mbed TLS/CN=CA00" $OPT \ - -key 00.key -out 00.crt - -# cXX.pem is the chain starting at XX -cp 00.crt c00.pem - -# generate long chain -i=1 -while [ $i -le $NB ]; do - UP=$( printf "%02d" $((i-1)) ) - ME=$( printf "%02d" $i ) - - $OPENSSL ecparam -name prime256v1 -genkey -out ${ME}.key - $OPENSSL req -new -subj "/C=UK/O=mbed TLS/CN=CA${ME}" \ - -key ${ME}.key -out ${ME}.csr - $OPENSSL x509 -req -CA ${UP}.crt -CAkey ${UP}.key -set_serial 1 $OPT \ - -extfile int.opensslconf -extensions int \ - -in ${ME}.csr -out ${ME}.crt - - cat ${ME}.crt c${UP}.pem > c${ME}.pem - - rm ${ME}.csr - i=$((i+1)) -done diff --git a/tests/data_files/dir1/test-ca.crt b/tests/data_files/dir1/test-ca.crt deleted file mode 100644 index 3c1d14cd2..000000000 --- a/tests/data_files/dir1/test-ca.crt +++ /dev/null @@ -1,80 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir2/test-ca.crt b/tests/data_files/dir2/test-ca.crt deleted file mode 100644 index 3c1d14cd2..000000000 --- a/tests/data_files/dir2/test-ca.crt +++ /dev/null @@ -1,80 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir2/test-ca2.crt b/tests/data_files/dir2/test-ca2.crt deleted file mode 100644 index d41a420ef..000000000 --- a/tests/data_files/dir2/test-ca2.crt +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir3/Readme b/tests/data_files/dir3/Readme deleted file mode 100644 index 189dadc89..000000000 --- a/tests/data_files/dir3/Readme +++ /dev/null @@ -1 +0,0 @@ -This is just to make sure files that don't parse as certs are ignored. diff --git a/tests/data_files/dir3/test-ca.crt b/tests/data_files/dir3/test-ca.crt deleted file mode 100644 index 3c1d14cd2..000000000 --- a/tests/data_files/dir3/test-ca.crt +++ /dev/null @@ -1,80 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir3/test-ca2.crt b/tests/data_files/dir3/test-ca2.crt deleted file mode 100644 index d41a420ef..000000000 --- a/tests/data_files/dir3/test-ca2.crt +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/Readme b/tests/data_files/dir4/Readme deleted file mode 100644 index 3f1f610b9..000000000 --- a/tests/data_files/dir4/Readme +++ /dev/null @@ -1,47 +0,0 @@ -This directory contains the certificates for the tests targeting the enforcement of the policy indicated by the *pathLenConstraint* field. All leaf elements were generated with *is_ca* unset and all roots with the *selfsign=1* option. - -1. zero pathlen constraint on an intermediate CA (invalid) -``` -cert11.crt -> cert12.crt (max_pathlen=0) -> cert13.crt -> cert14.crt -``` - -2. zero pathlen constraint on the root CA (invalid) -``` -cert21.crt (max_pathlen=0) -> cert22.crt -> cert23.crt -``` - -3. nonzero pathlen constraint on the root CA (invalid) -``` -cert31.crt (max_pathlen=1) -> cert32.crt -> cert33.crt -> cert34.crt -``` - -4. nonzero pathlen constraint on an intermediate CA (invalid) -``` -cert41.crt -> cert42.crt (max_pathlen=1) -> cert43.crt -> cert44.crt -> cert45.crt -``` - -5. nonzero pathlen constraint on an intermediate CA with maximum number of elements in the chain (valid) -``` -cert51.crt -> cert52.crt (max_pathlen=1) -> cert53.crt -> cert54.crt -``` - -6. nonzero pathlen constraint on the root CA with maximum number of elements in the chain (valid) -``` -cert61.crt (max_pathlen=1) -> cert62.crt -> cert63.crt -``` - -7. pathlen constraint on the root CA with maximum number of elements and a self signed certificate in the chain (valid) -(This situation happens for example when a root of some hierarchy gets integrated into another hierarchy. In this case the certificates issued before the integration will have an intermadiate self signed certificate in their chain) -``` -cert71.crt (max_pathlen=1) -> cert72.crt -> cert73.crt (self signed) -> cert74.crt -> cert74.crt -``` - -8. zero pathlen constraint on first intermediate CA (valid) -``` -cert81.crt -> cert82.crt (max_pathlen=0) -> cert83.crt -``` - -9. zero pathlen constraint on trusted root (valid) -``` -cert91.crt (max_pathlen=0) -> cert92.crt -``` diff --git a/tests/data_files/dir4/cert11.crt b/tests/data_files/dir4/cert11.crt deleted file mode 100644 index 3077c3da4..000000000 --- a/tests/data_files/dir4/cert11.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -hqLw+KDH8+tkX9hphnydOZFoueGTY5v8WdYI6KZXoIln9IAu4Rmb6M59uLziXurg -VKuwBqOkbUZsIY0NOA6C8FpdjZL1di8Viq669vBBs9c+x9hKpx8/VVcZfTaGgqni -h5XiivQynBQ4E2KOxEQ+VjUMDqIBHYG1VXWs4KMkAeJsqDYHtmS4XsC9TXTIri5S -9IX4mE5A9+ngSTo0/6Sjwcd27uO2IQHXDC7jkxX5OH5jFPAqsVKTYDeWlCU7bvbr -iy1H9Z9uCl+M7unbAl8BKQ8leOnno3KO3lQQAPGP2EFRT0XMuUXJnfydPbzMa9FY -ufB1I8zCBZviPvO/Of3yrwIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW -BBSUHSH6gjrYFZnS1gDvk7BpfwTKwDAfBgNVHSMEGDAWgBSUHSH6gjrYFZnS1gDv -k7BpfwTKwDANBgkqhkiG9w0BAQsFAAOCAQEATLqZGFEBO+2IiHjkn7pBkAuktmHm -jkkuFLONwe0vlxZFaabaFqSgkoS5eZ50D0dmuUkpJRNMnGK1B/ja5RewtAdxD6us -VT8JpeWYkhxaSIHjUW95jJLMVr17it8jHawI05tD26nqDjTq3C2rM4ExpAaK/Dgv -83ZHe4IdvenkXckDMIjmSsK0GfomZmKvmnfxhg4FnQvZGI48JJUqPA2dHxRhUyr4 -ohBmH5Xi5oLICd85GRi8YqD00agKL99EjGulaKNEdsQkrC4ZvY6QDV0EEnbu8b4R -GfiA42UWN2dKNSqNhBOrP9g5yTcIWXh1Dwpd1Z9vhBCwmBegPqqM5IM1dQ== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert12.crt b/tests/data_files/dir4/cert12.crt deleted file mode 100644 index fd88c2d13..000000000 --- a/tests/data_files/dir4/cert12.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANJrP7/Y+KjupvlgaOmQYArfGuoh3CzcdPe/mlhq+fxD -8U9qzgSVuVR+FpNZi9DyMljMBrWV1OnZI+cVCDYYkNMa3IkV+AkzJGqwcSBKE+6N -RXZvv+I4xbGymdSSaT6Kh1PgPVk/EYNfLFF30pBsycjM81aMtZgW6aA9xCSp0r8W -XkZodsrJUQerDh/7VmDVEeKanZog8auvrvs/ENiA8d4p/75lOIER4nLz6SSn5Eqy -uXzNCwmT5PVwWStXbDD7EBs3rOtR2VNWQ9o6QdfKQOe/SkIddZr1IWGEJ8JHjtNo -jxcYO67A+Jgp1Jwjk+83eRICs0hlWyeHWfBlbOVIKLcCAwEAAaNTMFEwDwYDVR0T -BAgwBgEBAQIBADAdBgNVHQ4EFgQUyw8Phy/FAvifGQ+G6HWkMiWzyqUwHwYDVR0j -BBgwFoAUlB0h+oI62BWZ0tYA75OwaX8EysAwDQYJKoZIhvcNAQELBQADggEBACFS -6tFy9TpVMUfh1mkr3rFEVtho0NJkRhJW8z2PTmKQa069S9gS+U6+CsqwvM1y3yyh -Pt2q34fhhhbQ+gS8iAm+zvQtBsys3frfVkeKmRzxWDh2LnT+tJi/xtqdlULua5NB -21So46HdlceDTuv2vUbrHgxUS/IEjIL6OZZ0Sc6S6YybvGSioGsRUHO2k2IiOnUa -C+hpBvOkXScnItfdMKAAce71CsZeN97sbxeNIMBDiX9bSy+dZLscEhRwBUABiNr/ -sYdYvIpbrFXowjMtBdac+vvhcem7dkCrCdsGylGINWhE2tC9hKmFkFXo4mu/AGDS -M4/59TlMeK8X+WZ9zBs= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert13.crt b/tests/data_files/dir4/cert13.crt deleted file mode 100644 index ac01a22cd..000000000 --- a/tests/data_files/dir4/cert13.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs0qdKXytu/GTKpa2H0CE3 -OPSIMM2hiYbavzUroyL+hFv9XVoxh5CGnVUxK7B9ifVvzyElrcV7tjuIlGwp1hLH -tx/YU22xksI/n5/NS/qrxkK5xjwEWB9lx93rwLK0QnfjYRZrir7yySoBKi6IlHOv -GOwl0V/JAslMWwUZlFmvYvoCWSWGrDAkxWVnHq+HoZ7YoM/bdJdsIIJYe3tt7L8D -cJVP5dQ8jSs8/Ehm8BbG339r3B7v/KdK8zuoMig9ag/YOu9jOb0QvYC2HdZoL4WV -N+7aasTQmDGWGOt7fk7AEl0EI8lDvr2O/5q6ad9jRCkxyq3lJwRy+M3MdVKgA1On -AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFM6u5Gkjkxb8PDdQIGKD -D8t1Zv/9MB8GA1UdIwQYMBaAFMsPD4cvxQL4nxkPhuh1pDIls8qlMA0GCSqGSIb3 -DQEBCwUAA4IBAQCLpKATt01DUM8wCiDFVSpmpiCBqxnLRfQuY+ta1p+f15LME+cT -94lwaYCfCBtXQYwiuVFYdK8ztWEStPg6BecMLPB2K9gO/talxUoVDumsmR83p+2y -8YJmFHyjr+BShsjP9paCjUQkJiMOiWRpNFNpScv0IOHmb8NLER3vX/tCmxyVHPg/ -7tBpDXRD6jOyajYH4KUx6wddcYWb63N9sApVpRHNaqpUKjuiQwfUFZjA7AyK/FUS -/cO3++uq+CkZhBu8vupaznXD4h0E28GbZgvu/F0edB7f0Q5DpnuDJ6HFMYl3A2mM -m8pqKNnRYGCtQwppBYVsoBisga2ymtNud7K+ ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert14.crt b/tests/data_files/dir4/cert14.crt deleted file mode 100644 index 49e1cbb2e..000000000 --- a/tests/data_files/dir4/cert14.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAzMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6Vc/T2GYTWj7nGZcy2voZyeWkFyfDIy -oexyJe8eyuWX+YqaSCra1JMcww0Jy8e9/6/aI9ezd1d73eZDcW5h61tagCpBki+W -dYh+FJfCdDdPnSkitWOBLKBK21AQ9dxePvkQBEanDdAk2IwasydCoHEiSCqwXNEz -jVJPL38ibbLf9sNO3kk6zOFA3QqVSTJ4BddNh9bHL7y106ekfMhrfyTzSpo3Wj0V -20ThmJZ1NuwYRl3j1XHALP0t8Cp2ZLbXuFsTWqTFNzXj+gWM8b2IfZqmqcew5poZ -4aDkjXXOizRxDPxCHp7rLz9xv1pIIBxady0YWp+w9vxLxFF6rYBLtQIDAQABo00w -SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQoF/qrn9WnKV3zOnCwMl99Uhmx8DAfBgNV -HSMEGDAWgBTOruRpI5MW/Dw3UCBigw/LdWb//TANBgkqhkiG9w0BAQsFAAOCAQEA -VUnlX//h3T5Ajc85WNkyTuirhSZtIr6+X/AxH4kR/QG5NiaDxP9H0FzMs5FcMni8 -3Rs4d2H3CBs+QB7lm/b+xy26vpORwlVFXScHeTEanuXSVsmGPkn7TAQrPoyZgVUN -uy4TGi8Mlkso4gmgehvgTklIV+Emxy32Abd1lRfI8/vOQ1xTdA7f3X98AfWStTya -DGRsQLZE/Q4/Gh57xNqF0ftBIRwt9TbGlu8AyZiIilVECGvE/gtTwuqpQPOhJQmi -NdYTErgD2Wkw9ohifQFo46AMMU1seehtqijW2pC2UjmV5nboPs0eGQmWrfNCjDOr -sZfh98BafcaFGjz605V36g== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert21.crt b/tests/data_files/dir4/cert21.crt deleted file mode 100644 index 501c5d7f2..000000000 --- a/tests/data_files/dir4/cert21.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 -YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg -xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q -GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN -2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 -7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEAMB0GA1Ud -DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S -8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAFEY2StppaPzOgG6vEvPJr//+ -NWY1jKcBB3cT+zWJW54+BexDjyaBRnBIPvRLDG8PAlhlYr9v/P6JCjBSuhYorFLG -P4ZhD+akuMvn6yF7nsyG20LHPwvE7/jye7+zSO3hhyqCg7N7M7O17exo/agw/iUI -DYUuUv1ZJlZvPB2kmZMYa78g0P2ynyKpu4hdbstJzxwA4aQDXGQxcQNtv+3ZCdC2 -TI4w0jodkjqdq/4y0McpkEvYL3/LaQElLaHr8CQo7xYEzsjv+cnzojCO/ilXU+Rl -sz940Q4njAJqlpfiJ44aFytjp96uN4YVpViFCvRz//9uyQY9kuA/8kKwJuO3qw== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert22.crt b/tests/data_files/dir4/cert22.crt deleted file mode 100644 index 5dcd65def..000000000 --- a/tests/data_files/dir4/cert22.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG -Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG -g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT -cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 -iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY -xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T -BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw -FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu -DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a -lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 -7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ -i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N -j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk -5m5YpRsknaICjYs= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert23.crt b/tests/data_files/dir4/cert23.crt deleted file mode 100644 index 6c5472549..000000000 --- a/tests/data_files/dir4/cert23.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAyMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigGgHGNWNkEWWFn7eaU4kC2WjR3RtcBs -oW1MlQndUvwWUHgcbfIg7nh66Oi6Xl3IqAMjHj1J0EPGcwTfmLdaRvN38KjTMh3/ -FiFrrUL0MNgiGxjkTthWgsfV4C/i3vRDTCW+2UMFdd6+z7hwFf+ldTsCP9Qp+93G -drslrvAR2W0qjHLULAJGk/6WzxFG6xeCgdhkooDPprsflZJ/cN1SuqTYOaVMAj9J -aovStUTVhF8ouDULpq0fiBImoldObcGdaAWlgRl0k8NdoSLpWd/7+hi4sH5PSOZq -+8g1lQ3cgrE7ta4X3p/i6eApcn1hyEkTy9ZpKOFvZXnM4D1j8+KSKQIDAQABo00w -SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTCN2vDLY1tcenTzyRmlS4TBe2xijAfBgNV -HSMEGDAWgBQ4GXx51Wb8fnF1LYQYR4vN+1n8NTANBgkqhkiG9w0BAQsFAAOCAQEA -eb/tgtSbrz7j7HQaxGgI5LVedRro3a2fNLhO0wNboGI6gACIPait1ePkUwuMfLfl -Fky2/2VZ8Ie4pQqxFmdSUqf1NSmxgiWLRho4oTiFv1z08LYQgSdKT49ffKO67TDG -D1nI8rEuT1Nupq8WI5jcKgWqktMJjgKzfN+9nCgFGQMGqTBnt7uYZHhnuZfKSJPv -gHmS4gj72OQ2Nu6xORGhd6J8VjzcG6BX1pLebNQRzlHT3E5IVNF/9cCrc+E87Wns -bDGtzhyx7SIP7/2TiJeBZs7p8xXpaDF2cNx2F+jZH+P8feT7c+JoY7A72uVDSlYf -WVf02pylKRgqayOujH3PWA== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert31.crt b/tests/data_files/dir4/cert31.crt deleted file mode 100644 index 8c2af4c45..000000000 --- a/tests/data_files/dir4/cert31.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 -YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg -xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q -GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN -2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 -7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEBMB0GA1Ud -DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S -8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAB9nLaqxsBW0isDaBGNJyzH9O -WqYY0hex9tm3UqygfE9b9aahykpkowQIzh4D9Xpbd0hZGVlK/sw2qsKj6gDOiMtL -uWs4gaFNWIQqhVsTzL88c7XaW55n+TRQdVZyy38DZVWphte1Mumc9WB8N15rZTDh -iXjwGl0mrV1egq4hJZLpy14f6ihqU7KGfmc9onxvgvWxYLi+5v8874c4ophSKsI2 -qVE8iZ6uq2oQ66Pd5S50cYk6MEW5lifAhLM5WFZmW7dRKmykBGZ9rFrJrIvhkmh9 -He7q6TEQP1Wcoc147nIg0BTkHGtdrEv3jIX6UKKUEwUUk9ARB1mSodZQHBhuww== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert32.crt b/tests/data_files/dir4/cert32.crt deleted file mode 100644 index 5dcd65def..000000000 --- a/tests/data_files/dir4/cert32.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG -Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG -g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT -cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 -iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY -xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T -BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw -FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu -DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a -lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 -7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ -i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N -j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk -5m5YpRsknaICjYs= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert33.crt b/tests/data_files/dir4/cert33.crt deleted file mode 100644 index 8e5d192b6..000000000 --- a/tests/data_files/dir4/cert33.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKAaAcY1Y2QRZYWft5pTiQ -LZaNHdG1wGyhbUyVCd1S/BZQeBxt8iDueHro6LpeXcioAyMePUnQQ8ZzBN+Yt1pG -83fwqNMyHf8WIWutQvQw2CIbGORO2FaCx9XgL+Le9ENMJb7ZQwV13r7PuHAV/6V1 -OwI/1Cn73cZ2uyWu8BHZbSqMctQsAkaT/pbPEUbrF4KB2GSigM+mux+Vkn9w3VK6 -pNg5pUwCP0lqi9K1RNWEXyi4NQumrR+IEiaiV05twZ1oBaWBGXSTw12hIulZ3/v6 -GLiwfk9I5mr7yDWVDdyCsTu1rhfen+Lp4ClyfWHISRPL1mko4W9leczgPWPz4pIp -AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFMI3a8MtjW1x6dPPJGaV -LhMF7bGKMB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 -DQEBCwUAA4IBAQCprzpoj6UaEG4eqLg2L3HqsvY73/XE8ytuZ9wDC3HodnmpezUX -48XwJPHFO7OGPGWZgsU2qX/Zp7yUXkVFSK4VnmnSzUtXNVlU0oWEEOzQLrpphksH -dcF8YNN/Y65KnhzIU784uHeFefUpPaE6yS5OSZboptZWVF9y1LoU3F7gN0UGvVG9 -hflz5O0/KvmYd+6+Yrje+2lbHiJHNXLmOPiZyk9TBDknygBuU14IOWghQim3yks9 -tKk8D38Vl85V5aG9nO4STjx5J8BtSl0x6wW3t9WwU5UC9geCROhZI1XRBafIoKkn -VSgHLpLTARtLikbbg/3SxpnW12msHvgLVasf ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert34.crt b/tests/data_files/dir4/cert34.crt deleted file mode 100644 index bebcb651d..000000000 --- a/tests/data_files/dir4/cert34.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAzMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSrgWFD4lYQ0RF/z3mJZjn1lgNBkhnCP -0hciJv/etoMN3bCB+uc8fo0wxDQ2ZcbzTAQ0qBNnjJvAJ1qslZA9boIBKmT8JSix -ii/1XTDWI3E5aOvX1h6lW66pVsIzLm0NAf0VJn2xLw0Yv8hfKbwjcNeAfm7GCwJB -8skjekMKJ8+e6pP4ZHxmrnOo0kUlCg8w8RKzZ6sYJxX1ETekWPEUSXrscQ/YSjpO -zjLDph1lO4gVErBhdJgJpJznqkrRBiR7f/hIrpAV3wOUbtfrxrIb5FXOM9rt/svW -RRrzIUGnBvo04WZ+KQHPsMn+9x8i+/tueOg1KLfs10hW0RWsTQjmOQIDAQABo00w -SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBSOBr1U4h5PYyOqGe/gJgwWk7FfezAfBgNV -HSMEGDAWgBTCN2vDLY1tcenTzyRmlS4TBe2xijANBgkqhkiG9w0BAQsFAAOCAQEA -aBLuwNN5vOh2dLbn8lMNsc/oTFSInzu+ylzC/KLTkjoyMYY+S2ISUuew9pzUo4Gs -AAE/rqVYednayyA13eNRBnwIw+8kPTESaJMGl6uQQd8DzAalzqxbFhbwFY2T0pdi -LNFkGjmGdpRNy/VSTy6JEEBMhIKXjMpactmpiV6mwK3bfnFaXZ6o70+JZrNeiSe0 -g8sci6gBVEt27bGvhLalut8WXc7VCkxQhQCSBdv/94EmRxzPye6iAK0L9jaTHlt+ -qR5MWJxZN32muI7nsKnetUMZbIYwvO1LPn8f+0hdYkck8kE7ga1UM98oTgQeIOmj -3JNCDkNY+Z387ujaaOAVxw== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert41.crt b/tests/data_files/dir4/cert41.crt deleted file mode 100644 index 7065c9426..000000000 --- a/tests/data_files/dir4/cert41.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 -YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg -xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q -GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN -2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 -7SBymlokB3A8wq/LWPYPeQIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW -BBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S8cEL -j/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAWhrHGIMcEG2UJfv920hftxi+Jvj/ -ivrhEscqlVA0QNLqZV8v/ai/AiypDLk7uwKtsxF2i+sl81473aSFS9hh3F83/ofm -x8EU8X1FBQHN1zyAEpZyPXr7MiaTXn4w5sCeZLmpWyxGk+cRiPVRE0QUbXDGfVRp -3v984oCUMUzbb+zv6QlkHa6m/kZq0qrnNVVp0X4c7/Pb5elJOVlKnIslNgd/eLrz -zSabToAX9OP6tbJdSRky/LmIYW+CXH/Y4YVwpEu7NisZmDo6lnCBoRQB3QgxoMLp -mM+RUY+AyHr0ZsSUSb6iicJMRZ3mhxCLvnK/Noe/3hq4pUk4Sit7s7JL7A== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert42.crt b/tests/data_files/dir4/cert42.crt deleted file mode 100644 index c0713188a..000000000 --- a/tests/data_files/dir4/cert42.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG -Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG -g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT -cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 -iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY -xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNTMFEwDwYDVR0T -BAgwBgEBAQIBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0j -BBgwFoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAGKh -pBhYSGN0KGWIG4GG4mVoTiw880ehetDuTpl3ymZNqkoUuTaAtU3PJWOctcJva7h6 -4PSgyabi/WQmhntR1GxCUt0GTuhHmyJYsSwakXUgMgF6W6TKcxg6m4vjMkkrf+ZT -1lO/MiwxhTTluHPGkl/nBG+uxySInuQMDvdyQDXp2e17qxops+G+1UnRJinqLtsd -LMkCOT4pyh6B5ysnJ8gP1Z2EKWjhKJcIHRMUm7Ap/pf8Zgh5LIqdRtDSuNuTmPLP -lkgoebOCO3c/mWCciR0xGCcz86G3fYznvGp4XqHnRkg3SpAcHQbQ/nSHA+1LdfFi -nqZQPnJPVsJctDR935c= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert43.crt b/tests/data_files/dir4/cert43.crt deleted file mode 100644 index 8e5d192b6..000000000 --- a/tests/data_files/dir4/cert43.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKAaAcY1Y2QRZYWft5pTiQ -LZaNHdG1wGyhbUyVCd1S/BZQeBxt8iDueHro6LpeXcioAyMePUnQQ8ZzBN+Yt1pG -83fwqNMyHf8WIWutQvQw2CIbGORO2FaCx9XgL+Le9ENMJb7ZQwV13r7PuHAV/6V1 -OwI/1Cn73cZ2uyWu8BHZbSqMctQsAkaT/pbPEUbrF4KB2GSigM+mux+Vkn9w3VK6 -pNg5pUwCP0lqi9K1RNWEXyi4NQumrR+IEiaiV05twZ1oBaWBGXSTw12hIulZ3/v6 -GLiwfk9I5mr7yDWVDdyCsTu1rhfen+Lp4ClyfWHISRPL1mko4W9leczgPWPz4pIp -AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFMI3a8MtjW1x6dPPJGaV -LhMF7bGKMB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 -DQEBCwUAA4IBAQCprzpoj6UaEG4eqLg2L3HqsvY73/XE8ytuZ9wDC3HodnmpezUX -48XwJPHFO7OGPGWZgsU2qX/Zp7yUXkVFSK4VnmnSzUtXNVlU0oWEEOzQLrpphksH -dcF8YNN/Y65KnhzIU784uHeFefUpPaE6yS5OSZboptZWVF9y1LoU3F7gN0UGvVG9 -hflz5O0/KvmYd+6+Yrje+2lbHiJHNXLmOPiZyk9TBDknygBuU14IOWghQim3yks9 -tKk8D38Vl85V5aG9nO4STjx5J8BtSl0x6wW3t9WwU5UC9geCROhZI1XRBafIoKkn -VSgHLpLTARtLikbbg/3SxpnW12msHvgLVasf ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert44.crt b/tests/data_files/dir4/cert44.crt deleted file mode 100644 index 084fb2d82..000000000 --- a/tests/data_files/dir4/cert44.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDMw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRKuBYUPiVhDREX/PeYlmO -fWWA0GSGcI/SFyIm/962gw3dsIH65zx+jTDENDZlxvNMBDSoE2eMm8AnWqyVkD1u -ggEqZPwlKLGKL/VdMNYjcTlo69fWHqVbrqlWwjMubQ0B/RUmfbEvDRi/yF8pvCNw -14B+bsYLAkHyySN6Qwonz57qk/hkfGauc6jSRSUKDzDxErNnqxgnFfURN6RY8RRJ -euxxD9hKOk7OMsOmHWU7iBUSsGF0mAmknOeqStEGJHt/+EiukBXfA5Ru1+vGshvk -Vc4z2u3+y9ZFGvMhQacG+jThZn4pAc+wyf73HyL7+2546DUot+zXSFbRFaxNCOY5 -AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFI4GvVTiHk9jI6oZ7+Am -DBaTsV97MB8GA1UdIwQYMBaAFMI3a8MtjW1x6dPPJGaVLhMF7bGKMA0GCSqGSIb3 -DQEBCwUAA4IBAQCB3dtsoVdschVyCWSI16Se46RZJtLW1bM019KdyZj9DdIZ2VPm -Ip+BQFcVJyzbfmhn5QBbhNDKkwsfldI9Y8IqZ132j442/XIFZIilaPi3cE/WLFUY -Nxu2opuN3+KDwDYO32CUp3frr9OjAtB5amZnkXau+C1EkJlSuWaT+/gIlYwlr4/H -uADcyqFSmy28P9jmkK8AzZHhKnlRadAn2cDB8MFXD5VxnLJfejkprQVLdxTXRovP -cE/6c7PUGIK22WcSX8KTfuviKmjdGVhgeKps2nRNKaSIlqYCztyc8IjcZwJCnh6c -ZW8V9bi7WxDK+I9PPgrgLK8W+VTkS0RtjP5a ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert45.crt b/tests/data_files/dir4/cert45.crt deleted file mode 100644 index e5d5b3d89..000000000 --- a/tests/data_files/dir4/cert45.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDMwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCA0MIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcNsE/s4nauA5vSG/23znHT5ZjFAQiRa -83xo83MD2jMrBjgBBzOW0IKedk9lmqcRmoMsWt3PbYeH2Am+EqtOjh9vbHw/wXEw -eXg7DtZaYTjeRNkrwZ0z5Bz/TTvia7YkcfaU83OG4JyL8GmmbtiGNOHZyHqTv2Ky -j6YqyBJaDE7dwBNBJd5DElEuvr6Tu/Y3K3Z6z8bZUAX/5oII2sq8rg76ZQ+Dfk8i -upjp4MVPvowh/+ys+WNMW5MA5k1dwYyU1MZ20O/aa9VTMkb4DPyv4pXZgi1dBCMc -YskPRVoPPsE5xl3DZ3h4qZ039MbcalXFYe65689+Ra1O4/dsXR5raQIDAQABo00w -SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTKtXdQZA8cZkS/89eiih4GTJX+fDAfBgNV -HSMEGDAWgBSOBr1U4h5PYyOqGe/gJgwWk7FfezANBgkqhkiG9w0BAQsFAAOCAQEA -IWynyo8ezt+So+w29h7z2ZS3/EcrErnSiDDJ0DaE/vcvflrT/tEPeDHTxy61qQuX -KoseO84foFqLPu1YqgSjRgmbk76gt8aAu0lr6/t0RHWdHKZG3QtK8696pGoMAhVg -Ha3f/YYaEkqSnHwU+/vxEXEkGHM22UHwb7dtH2LfBHtoQtjE6M+Ulv6QdkLj2LFD -XMKJIyAlibTRMW8YOP4G/DekCq1DstUOcTn7BFqeAjjzYwv3NHpOJHdZrUgyGb7B -QqDXf2rM3s7LEpwDMvfdraAEWld4/LRLkfau/PfKD5YwGYg3Nb45xyXFSEijVjAr -23G8HAIcJJu2jUIWGr9OtQ== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert51.crt b/tests/data_files/dir4/cert51.crt deleted file mode 100644 index 7065c9426..000000000 --- a/tests/data_files/dir4/cert51.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 -YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg -xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q -GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN -2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 -7SBymlokB3A8wq/LWPYPeQIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW -BBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S8cEL -j/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAWhrHGIMcEG2UJfv920hftxi+Jvj/ -ivrhEscqlVA0QNLqZV8v/ai/AiypDLk7uwKtsxF2i+sl81473aSFS9hh3F83/ofm -x8EU8X1FBQHN1zyAEpZyPXr7MiaTXn4w5sCeZLmpWyxGk+cRiPVRE0QUbXDGfVRp -3v984oCUMUzbb+zv6QlkHa6m/kZq0qrnNVVp0X4c7/Pb5elJOVlKnIslNgd/eLrz -zSabToAX9OP6tbJdSRky/LmIYW+CXH/Y4YVwpEu7NisZmDo6lnCBoRQB3QgxoMLp -mM+RUY+AyHr0ZsSUSb6iicJMRZ3mhxCLvnK/Noe/3hq4pUk4Sit7s7JL7A== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert52.crt b/tests/data_files/dir4/cert52.crt deleted file mode 100644 index c0713188a..000000000 --- a/tests/data_files/dir4/cert52.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG -Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG -g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT -cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 -iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY -xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNTMFEwDwYDVR0T -BAgwBgEBAQIBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0j -BBgwFoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAGKh -pBhYSGN0KGWIG4GG4mVoTiw880ehetDuTpl3ymZNqkoUuTaAtU3PJWOctcJva7h6 -4PSgyabi/WQmhntR1GxCUt0GTuhHmyJYsSwakXUgMgF6W6TKcxg6m4vjMkkrf+ZT -1lO/MiwxhTTluHPGkl/nBG+uxySInuQMDvdyQDXp2e17qxops+G+1UnRJinqLtsd -LMkCOT4pyh6B5ysnJ8gP1Z2EKWjhKJcIHRMUm7Ap/pf8Zgh5LIqdRtDSuNuTmPLP -lkgoebOCO3c/mWCciR0xGCcz86G3fYznvGp4XqHnRkg3SpAcHQbQ/nSHA+1LdfFi -nqZQPnJPVsJctDR935c= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert53.crt b/tests/data_files/dir4/cert53.crt deleted file mode 100644 index 8e5d192b6..000000000 --- a/tests/data_files/dir4/cert53.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKAaAcY1Y2QRZYWft5pTiQ -LZaNHdG1wGyhbUyVCd1S/BZQeBxt8iDueHro6LpeXcioAyMePUnQQ8ZzBN+Yt1pG -83fwqNMyHf8WIWutQvQw2CIbGORO2FaCx9XgL+Le9ENMJb7ZQwV13r7PuHAV/6V1 -OwI/1Cn73cZ2uyWu8BHZbSqMctQsAkaT/pbPEUbrF4KB2GSigM+mux+Vkn9w3VK6 -pNg5pUwCP0lqi9K1RNWEXyi4NQumrR+IEiaiV05twZ1oBaWBGXSTw12hIulZ3/v6 -GLiwfk9I5mr7yDWVDdyCsTu1rhfen+Lp4ClyfWHISRPL1mko4W9leczgPWPz4pIp -AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFMI3a8MtjW1x6dPPJGaV -LhMF7bGKMB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 -DQEBCwUAA4IBAQCprzpoj6UaEG4eqLg2L3HqsvY73/XE8ytuZ9wDC3HodnmpezUX -48XwJPHFO7OGPGWZgsU2qX/Zp7yUXkVFSK4VnmnSzUtXNVlU0oWEEOzQLrpphksH -dcF8YNN/Y65KnhzIU784uHeFefUpPaE6yS5OSZboptZWVF9y1LoU3F7gN0UGvVG9 -hflz5O0/KvmYd+6+Yrje+2lbHiJHNXLmOPiZyk9TBDknygBuU14IOWghQim3yks9 -tKk8D38Vl85V5aG9nO4STjx5J8BtSl0x6wW3t9WwU5UC9geCROhZI1XRBafIoKkn -VSgHLpLTARtLikbbg/3SxpnW12msHvgLVasf ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert54.crt b/tests/data_files/dir4/cert54.crt deleted file mode 100644 index e42e14f54..000000000 --- a/tests/data_files/dir4/cert54.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAcMRowGAYDVQQDExFUZXN0IExlYWYgNCB2YWxpZDCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJEq4FhQ+JWENERf895iWY59ZYDQZIZwj9IX -Iib/3raDDd2wgfrnPH6NMMQ0NmXG80wENKgTZ4ybwCdarJWQPW6CASpk/CUosYov -9V0w1iNxOWjr19YepVuuqVbCMy5tDQH9FSZ9sS8NGL/IXym8I3DXgH5uxgsCQfLJ -I3pDCifPnuqT+GR8Zq5zqNJFJQoPMPESs2erGCcV9RE3pFjxFEl67HEP2Eo6Ts4y -w6YdZTuIFRKwYXSYCaSc56pK0QYke3/4SK6QFd8DlG7X68ayG+RVzjPa7f7L1kUa -8yFBpwb6NOFmfikBz7DJ/vcfIvv7bnjoNSi37NdIVtEVrE0I5jkCAwEAAaNNMEsw -CQYDVR0TBAIwADAdBgNVHQ4EFgQUjga9VOIeT2Mjqhnv4CYMFpOxX3swHwYDVR0j -BBgwFoAUwjdrwy2NbXHp088kZpUuEwXtsYowDQYJKoZIhvcNAQELBQADggEBADdp -VpPr4AzE7ecrhclQKGjPa7leaorYuevjTLWsieY17mVQhlMX1itTNXlPBUfPAsOd -O7LUgY0yZOnV7l8TbfGal8pIF+acgFLgqM5A6z8ngChMi6iKEZChDVffAVHJs3e/ -WUm7VeFY8Mvwnay3iHj2trC7XQX2SZCovXYfNP3bVyqIaDNqt6SPY1skouWpmmUn -ISzcyH6EU/CegFjHJyXxrsIW9Nv2mDejrmcR0EJOmEAfWUgonfemeX93xkwZHW2s -lZ8/e6rTPPSGdhY/b4VRu6o1FpLcPLGZSgPwYBNVYtgT4WsoT0xUvm6Y1WipiZda -B/bpiL8l4GSVtTw1Jko= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert61.crt b/tests/data_files/dir4/cert61.crt deleted file mode 100644 index 8c2af4c45..000000000 --- a/tests/data_files/dir4/cert61.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 -YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg -xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q -GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN -2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 -7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEBMB0GA1Ud -DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S -8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAB9nLaqxsBW0isDaBGNJyzH9O -WqYY0hex9tm3UqygfE9b9aahykpkowQIzh4D9Xpbd0hZGVlK/sw2qsKj6gDOiMtL -uWs4gaFNWIQqhVsTzL88c7XaW55n+TRQdVZyy38DZVWphte1Mumc9WB8N15rZTDh -iXjwGl0mrV1egq4hJZLpy14f6ihqU7KGfmc9onxvgvWxYLi+5v8874c4ophSKsI2 -qVE8iZ6uq2oQ66Pd5S50cYk6MEW5lifAhLM5WFZmW7dRKmykBGZ9rFrJrIvhkmh9 -He7q6TEQP1Wcoc147nIg0BTkHGtdrEv3jIX6UKKUEwUUk9ARB1mSodZQHBhuww== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert62.crt b/tests/data_files/dir4/cert62.crt deleted file mode 100644 index 5dcd65def..000000000 --- a/tests/data_files/dir4/cert62.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG -Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG -g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT -cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 -iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY -xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T -BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw -FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu -DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a -lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 -7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ -i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N -j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk -5m5YpRsknaICjYs= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert63.crt b/tests/data_files/dir4/cert63.crt deleted file mode 100644 index ffa90e4fd..000000000 --- a/tests/data_files/dir4/cert63.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAcMRowGAYDVQQDExFUZXN0IExlYWYgdmFsaWQgMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAIoBoBxjVjZBFlhZ+3mlOJAtlo0d0bXAbKFt -TJUJ3VL8FlB4HG3yIO54eujoul5dyKgDIx49SdBDxnME35i3Wkbzd/Co0zId/xYh -a61C9DDYIhsY5E7YVoLH1eAv4t70Q0wlvtlDBXXevs+4cBX/pXU7Aj/UKfvdxna7 -Ja7wEdltKoxy1CwCRpP+ls8RRusXgoHYZKKAz6a7H5WSf3DdUrqk2DmlTAI/SWqL -0rVE1YRfKLg1C6atH4gSJqJXTm3BnWgFpYEZdJPDXaEi6Vnf+/oYuLB+T0jmavvI -NZUN3IKxO7WuF96f4ungKXJ9YchJE8vWaSjhb2V5zOA9Y/PikikCAwEAAaNNMEsw -CQYDVR0TBAIwADAdBgNVHQ4EFgQUwjdrwy2NbXHp088kZpUuEwXtsYowHwYDVR0j -BBgwFoAUOBl8edVm/H5xdS2EGEeLzftZ/DUwDQYJKoZIhvcNAQELBQADggEBABrt -2fKOUwAb5EFD/ebXMM4Qzg6sFYpq/mcnPlmGmqwNzmumlgYUBS15liTnA4nBgR09 -b2sejlwnzcnrsFB18YCmE/TIPuh3XMJXmUxjcnCy3qPuSwpuwG3brUGQPiIZhRZz -1+iSc7uba/JGaTqLBItaRPlB6dD3jqY3UowFaWvnYiVmCXg147EBC5Mn2EDiukg0 -xsqM03yfpUkp4/W9+WpJuGNyhicSJbNxlh3zEjrgWeMvhnFmrTr7ss6P2ZoKGS3/ -QrZBLUzkk25hCF3dTNfTDVSQUt0rONJvx3ym+Kp+zQWc/oHsDs0STs5Db2J0dGp8 -VEyxyevfwivF4EQ70Jw= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert71.crt b/tests/data_files/dir4/cert71.crt deleted file mode 100644 index 8c2af4c45..000000000 --- a/tests/data_files/dir4/cert71.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV -BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 -YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg -xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q -GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN -2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 -7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEBMB0GA1Ud -DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S -8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAB9nLaqxsBW0isDaBGNJyzH9O -WqYY0hex9tm3UqygfE9b9aahykpkowQIzh4D9Xpbd0hZGVlK/sw2qsKj6gDOiMtL -uWs4gaFNWIQqhVsTzL88c7XaW55n+TRQdVZyy38DZVWphte1Mumc9WB8N15rZTDh -iXjwGl0mrV1egq4hJZLpy14f6ihqU7KGfmc9onxvgvWxYLi+5v8874c4ophSKsI2 -qVE8iZ6uq2oQ66Pd5S50cYk6MEW5lifAhLM5WFZmW7dRKmykBGZ9rFrJrIvhkmh9 -He7q6TEQP1Wcoc147nIg0BTkHGtdrEv3jIX6UKKUEwUUk9ARB1mSodZQHBhuww== ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert72.crt b/tests/data_files/dir4/cert72.crt deleted file mode 100644 index 5dcd65def..000000000 --- a/tests/data_files/dir4/cert72.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 -IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV -BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG -Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG -g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT -cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 -iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY -xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T -BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw -FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu -DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a -lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 -7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ -i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N -j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk -5m5YpRsknaICjYs= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert73.crt b/tests/data_files/dir4/cert73.crt deleted file mode 100644 index 6854c74a0..000000000 --- a/tests/data_files/dir4/cert73.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDEw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaRpQTF3aPHDvaKlMP2+jz -MIjDVfCwnusAfVShz2ujhkNKPF6pLYMJ4da6I4KTIWwgKRO1F3jK+mRqvzbapjtY -TuWnVeSXoVmcr4O4+BAaRoPIlqNIzaSjCdGMdbgZJJYxHWS0x2uGyv88tjSqgzUt -slrPfzOfscOVxNnnAIOxU3F4X96udFfjOk9iGkPQcZ7U8gk/CCBdnkTP7fWPeOLP -UX85vykFSkWD7nV+2IU7fYqgiQeCaKmIbNxxDtMD5CcWOCgU1AjfeLPu41BXUa2M -XvvGGurSGFqg9/IuanRoWMa1XstS2rbAyUNhIDWKGzPy46AiytVlLLBKn9DlNm4t -AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFDgZfHnVZvx+cXUthBhH -i837Wfw1MB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 -DQEBCwUAA4IBAQDPQC9vYJegBgVZHu0StoRT7L6ShWcZc5Z/TeyrqJBdoiguSRq5 -kMiFXZpksxeFlIUYry21MigYqxOXGZ2GZYNqhLpYVh7hzAY8uYvf4U70q88zj7mw -gIcgEaMd71GHqbb2O5x3fCN7vLeU5DFYBWfqLlkL57Uqr2aRDHlucryyRNordicN -WbCxPozmqtbNMABEUbjLMCCuzJeNRSZbS0OOod6Xd3N00EK7PqaRhbihbq3L6gUG -MjUI2keSxW4vXcDfI5Hqem6SHpCc3retx2VUgwIDAoTrw7E4dwmyC4Tp7TDJL/+d -GU8qhRmoQer7mLUzpb3s8mq/4rZx+alTQ3gu ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert74.crt b/tests/data_files/dir4/cert74.crt deleted file mode 100644 index 920c4c208..000000000 --- a/tests/data_files/dir4/cert74.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 -IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx -MjM1OTU5WjAcMRowGAYDVQQDExFUZXN0IExlYWYgdmFsaWQgMzCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAIoBoBxjVjZBFlhZ+3mlOJAtlo0d0bXAbKFt -TJUJ3VL8FlB4HG3yIO54eujoul5dyKgDIx49SdBDxnME35i3Wkbzd/Co0zId/xYh -a61C9DDYIhsY5E7YVoLH1eAv4t70Q0wlvtlDBXXevs+4cBX/pXU7Aj/UKfvdxna7 -Ja7wEdltKoxy1CwCRpP+ls8RRusXgoHYZKKAz6a7H5WSf3DdUrqk2DmlTAI/SWqL -0rVE1YRfKLg1C6atH4gSJqJXTm3BnWgFpYEZdJPDXaEi6Vnf+/oYuLB+T0jmavvI -NZUN3IKxO7WuF96f4ungKXJ9YchJE8vWaSjhb2V5zOA9Y/PikikCAwEAAaNNMEsw -CQYDVR0TBAIwADAdBgNVHQ4EFgQUwjdrwy2NbXHp088kZpUuEwXtsYowHwYDVR0j -BBgwFoAUOBl8edVm/H5xdS2EGEeLzftZ/DUwDQYJKoZIhvcNAQELBQADggEBAK9R -J7H8epG2NagZ3Gpl6R1jSiIixWlPJci2Bz1Nr8NIER64TJCKHeh9ku6tzSdrVL3B -2rj5GmpubDXEWAKfMtt0ccF2UIva9rDMNzaAnCSevWHXf9Httr84X6RmhtXb9/Rm -fp3W+L0GlDfHfHn8uoVdQe5e6xkmGxtcHDUsyO/CJMkrwUyoB8zs7UtlNtOf45H4 -PPg09lzV7RQ9vFIH48F/4gZW+w3AqN9ZwvYkGcJUY8tyHpb9hDrR4F6loVInrlCE -0pQiQXNCdee1za9QsScSjYNxGfR2Dkzote41H098jvLalLTTg5Fqx/AylnX285FI -ETGOumNQ51IJLUpq+hc= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert81.crt b/tests/data_files/dir4/cert81.crt deleted file mode 100644 index 26b2bd555..000000000 --- a/tests/data_files/dir4/cert81.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBpTCCAUmgAwIBAgIBUTAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg -ODERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw -MFoXDTMwMTIzMTIzNTk1OVowMTEPMA0GA1UEAxMGUm9vdCA4MREwDwYDVQQKEwht -YmVkIFRMUzELMAkGA1UEBhMCVUswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT1 -GuTQ9vgf2l3oLM25r78cvIAQqE02GzQGjp/WWw3CysEwTwNEuZGhRiD5lDmkbUGW -UNxv/7uJjy7k3K3fDNdko1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTHFA2h -Au0tPnzeYnLcmlTQj4FAajAfBgNVHSMEGDAWgBTHFA2hAu0tPnzeYnLcmlTQj4FA -ajAMBggqhkjOPQQDAgUAA0gAMEUCIH7Z/HNb/Pwbs40iNll1a9gmgAbYOgdlVPWo -nSdcb7cZAiEAlhVb6CdBXsjOfAWWEET/QP74z608PKFccCIFPCDLkxo= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert82.crt b/tests/data_files/dir4/cert82.crt deleted file mode 100644 index d49ecc9f3..000000000 --- a/tests/data_files/dir4/cert82.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBqDCCAUygAwIBAgIBUjAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg -ODERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw -MFoXDTMwMTIzMTIzNTk1OVowMTEPMA0GA1UEAxMGSW50IDgyMREwDwYDVQQKEwht -YmVkIFRMUzELMAkGA1UEBhMCVUswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS2 -giYQt4HVfQ2t8eTS0bvISwp7ol2x17umbllBxwzGDFEUQ00JL1/SStezecK0lNhE -0AvY8Ez2soQEtdSeQGkCo1MwUTAPBgNVHRMECDAGAQH/AgEAMB0GA1UdDgQWBBS3 -+nsv3nQknSg4aDjlTiRpCPo7XzAfBgNVHSMEGDAWgBTHFA2hAu0tPnzeYnLcmlTQ -j4FAajAMBggqhkjOPQQDAgUAA0gAMEUCIQDus2Lvx3yyvaViY1s334uMm6ge484X -oktMyxLVjkAMiAIgehTHiJJaT9PnlVa+hUpxsIfVAuMexrm5fw/bDF5Nxzw= ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert83.crt b/tests/data_files/dir4/cert83.crt deleted file mode 100644 index 21a748e32..000000000 --- a/tests/data_files/dir4/cert83.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBoDCCAUWgAwIBAgIBUzAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBkludCA4 -MjERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw -MFoXDTMwMTIzMTIzNTk1OVowMDEOMAwGA1UEAxMFRUUgODMxETAPBgNVBAoTCG1i -ZWQgVExTMQswCQYDVQQGEwJVSzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMSy -6X5iBYrdxxOMfdcA23pLBoJCeyEjiWfALxTm80MJGBdRNVdnT50xNU3SDDwHWPda -/EQqHq+itsqkUeyAGAyjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGsFH/KsvM4n -r+i1gI2iCVXi3KtFMB8GA1UdIwQYMBaAFLf6ey/edCSdKDhoOOVOJGkI+jtfMAwG -CCqGSM49BAMCBQADRwAwRAIgQURH8DHWFHVK38+znWc85G1P+g4ocdkA5Gt0LbOg -SJMCIBsacOLFywxZYF8atizw6zMRw+QeHR2514JIhJUck2kd ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert91.crt b/tests/data_files/dir4/cert91.crt deleted file mode 100644 index 6d4605a7c..000000000 --- a/tests/data_files/dir4/cert91.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBqTCCAUygAwIBAgIBWzAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg -OTERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw -MFoXDTMwMTIzMTIzNTk1OVowMTEPMA0GA1UEAxMGUm9vdCA5MREwDwYDVQQKEwht -YmVkIFRMUzELMAkGA1UEBhMCVUswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATh -D2SmdS6D7cYi2vGMyuCdol/OOUN2di2pS2wfSI/MsY/Z4O9iNHqbXQP6l+hcT5ap -daycs7r6ZPNqmWM7b16go1MwUTAPBgNVHRMECDAGAQH/AgEAMB0GA1UdDgQWBBRb -zVrcAxddj0i0DEqvTGT8F37bizAfBgNVHSMEGDAWgBRbzVrcAxddj0i0DEqvTGT8 -F37bizAMBggqhkjOPQQDAgUAA0kAMEYCIQDbrSV4ndH0vAR3HqJfBn8NT8zdvMjB -qSJes6Qwa42b2wIhAKyoH0H+b1Svw8pMkvUYF4ElH5Cnn7gxb7Wl3arc0+hQ ------END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert92.crt b/tests/data_files/dir4/cert92.crt deleted file mode 100644 index 49b53a5bc..000000000 --- a/tests/data_files/dir4/cert92.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBoTCCAUWgAwIBAgIBXDAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg -OTERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw -MFoXDTMwMTIzMTIzNTk1OVowMDEOMAwGA1UEAxMFRUUgOTIxETAPBgNVBAoTCG1i -ZWQgVExTMQswCQYDVQQGEwJVSzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABC9E -tK1pE8Ei8vgScunyjx50C+qDsQS8D2RhGHC4VkE2yyiFxJA/ynhoeXTKZsHuEWI9 -CfOSvk0RrTWf9nr0pTGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLqsN52tAf1k -XlzxQmdD5qG6Sy6PMB8GA1UdIwQYMBaAFFvNWtwDF12PSLQMSq9MZPwXftuLMAwG -CCqGSM49BAMCBQADSAAwRQIgXlfKqhkhXgK112Eycl+Z5NHM+6aqXE7i9j7IyGfk -ikICIQDBYNGbpSx82XG+IS/h4AWNTa4Hs6rmWvQDWJum7NrzMQ== ------END CERTIFICATE----- diff --git a/tests/data_files/enco-ca-prstr.pem b/tests/data_files/enco-ca-prstr.pem deleted file mode 100644 index 6503314a1..000000000 --- a/tests/data_files/enco-ca-prstr.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICDTCCAXagAwIBAgIETZt8lzANBgkqhkiG9w0BAQUFADBCMUAwPgYDVQQDEzdP -cGVuVlBOIFdlYiBDQSAyMDExLjA0LjA1IDIwOjMzOjI3IFVUQyBhc2RlbW8ueW9u -YW4ubmV0MB4XDTExMDMyOTIwMzMyN1oXDTIxMDQwMjIwMzMyN1owQjFAMD4GA1UE -AxM3T3BlblZQTiBXZWIgQ0EgMjAxMS4wNC4wNSAyMDozMzoyNyBVVEMgYXNkZW1v -LnlvbmFuLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA38U3wA/eTGN/ -/AJHo2OsEHjLdO9k3Mo5QcShvg+6IoAThD7HEyOYm4Ild8s4+eEy2i9ecWvMKG6M -YSO+GwG9xOd9wDFtODpF+z6rIt8a4bLbQHcsp9Ccu+ZmjxkJkmxOCz774lxETArX -SaksAB5P6Web/LwKUv/Iy9crRM9HzSECAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQUFAAOBgQARCDFYCb9n151hgwitxzbuacIVDqIH8EouV2VBqlNR -tj8q1maliDE3pW7WRAwMi5i3+5c0auKwhTGESsBPjasd5QnjqXOkRbcZhkeVQ1ln -6NEn6xC+M+H2LGVHSSropcGa8olLlo98LrsFuHVHMewTs7SK2lc+7rU/ILec3ymj -og== ------END CERTIFICATE----- diff --git a/tests/data_files/enco-cert-utf8str.pem b/tests/data_files/enco-cert-utf8str.pem deleted file mode 100644 index 7d613d945..000000000 --- a/tests/data_files/enco-cert-utf8str.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB8jCCAVugAwIBAgIETZt8+zANBgkqhkiG9w0BAQUFADBCMUAwPgYDVQQDDDdP -cGVuVlBOIFdlYiBDQSAyMDExLjA0LjA1IDIwOjMzOjI3IFVUQyBhc2RlbW8ueW9u -YW4ubmV0MB4XDTE0MDcyOTAzNTMzM1oXDTI0MDgwMjAzNTMzM1owFzEVMBMGA1UE -AwwMZHcueW9uYW4ubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHYW8q -ZZ/HIIlU8j/YIyTh3h59JcJF0Es7RsPg25QVJkDkfhMn6l15f2neB2KPLKxCLpLD -ozYD4s/If8aq74A1C2vvOLo/Gq1erNS4b9IS5xLs3Lu643XGxS93Rf6jrsGa8lfb -Wa7DsQrp7FLT5GApwCp6CebmZq7jEImj0pDFRwIDAQABoyAwHjAJBgNVHRMEAjAA -MBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG9w0BAQUFAAOBgQAS1Ulo7iBABpm/ -S23mCnIFRY1+eFfYg4h8EiK9f8kWDwduXSYGVUqRHqh4LcNSdTOIaSEG4RGyV/EA -5RfTviaQ9PxPiSFegNja8/aHel/nORfsEk4rwBCPGKDveL5KYhAtyAs865ZzLtv+ -kEkfhaTgrBIikwlnquoX5UHOdL/iaw== ------END CERTIFICATE----- diff --git a/tests/data_files/format_gen.pub b/tests/data_files/format_gen.pub deleted file mode 100644 index 81a7ab3ff..000000000 --- a/tests/data_files/format_gen.pub +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA0UszjREl+JklUyevaN8fb0Gp -13Dzb4pY3MCoJK15BWoeoUFAIVvuI0C8bRm/i1OO4BN9tSRrRjW+S89YbYy1C73P -UgKZSejjnEFA4chcSOKOhZlM6K7+Pcrcx+sdiDu1DheODMiSFhoxt+H6IUvBEGkI -5AWFu5MDP7wlU/AZfQIDAQAB ------END PUBLIC KEY----- diff --git a/tests/data_files/format_pkcs12.fmt b/tests/data_files/format_pkcs12.fmt deleted file mode 100644 index 296d599d633ad09a8e59f9038c8dc61417ce2e31..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3381 zcmV-54a)K`f(E^;4p#*mj($chDe6@ z4FLxRpn?a8FoFk!0s#Opf(LyD2`Yw2hW8Bt2LUh~1_~;MNQUSG)6eKb-*e(h`Xt>$Zy zUeW4x+>(b#T9UqeX!q#h95Vz-+_~Y?{$VrV?OD1a6zV~ z&c6NHRA@=(k=lmDOSvEGD0z4VkW`xH`hv{zIGo{^*df_^l1=Xo}FwR>2-mi3*L~#d*xBm|vh}L-du%`_c zNsRPYaX7h8G&ouPl@<#o!e%H5EJFn>;zClz%F;UL$ojg8A%O)U_5)rcmn;9JL`DiY zKJ6D~J?gox)!aPNb>f-aKfQ0KZ*WXy=IXugXYe0jWzoBr zNm%uI5?7D!H;Vt!K}T4ue=GXo^sZ{o4V^f+k+U zyv{<6Rj~BfWONJ6jF||#c$4A2Sk5%zf{KZt%@8GyzymflteKd)22l5TZ2dZGP)@@P z5Lc{FrJ*W9tqLgbkVl9j)6uHI$$WWzj=v4VFq`oY+yK}}b&ly`$;o~14t`Iev&CMN zZ(-Aw6$HV-B#4kP9!9Wa#xh~1cT4_qpoE{2o+}(291qYRZhM6NutQ8>uB!vLh7tOq ze%RYlM9D__Bh)EWLp^;tcfCb1JL~%*&R^0*=ri2armph1Am=^b8x>p;eB~2#R#s=0 z3Fw=jK(~t}8{5rZnM5MUVaWTewTkmgS4y+16}l!d!tS3^oHks47npEErV|CXpr@08!C?{Q zO}lC!8Cp^cZy&Bz_4v&XfxgLq(0`fPRF^`_&1jWxB39kh#FRlC*9U4GC@?Pilt_Vr z%&-0U*yuQt4DjxRH9X1ASh{wY6wAHR7g0689}_0QJ1uCr+}3us+zGhL+cY44DH|(M z(aYRwbr*ZDA8^Y?-P)abm|pb4x2SD$NoXWQ*Kets#m&R;v?%0k!_>s>aL{g^kO;~C zCvS0e*tJ5m7ye0EKu2#HZDcOfC-H@tHG|T}+{55yyok+KvN!C2I`ZVQrL}|$?vmSNgi0VGSavd!b_wa;x5K$lR zM0#eJK(E9+2g}mBqBuZ~oCPJx!F~6Ny+45;dC79PNF;290b}H3sxLHKHqb?S@30^H z>KddDc(h4V@ZUE}KX?V60rhfaGUvD=%^y|cxkC&^T1Yr55IlFp&?lw2rW0T2ZQEy+ z_;~}8@}fZ2RJ{qo14`G${gV^-c9A#b-5fNZN}4obxh&4w5Zc~n@{D{PIL1HT-}dyk zE0#N26>K={3)2HJ+W9#qSM700`UY_GjM{#3IGfoCl=yDqK1k3r;Vi8u z$t!5I@CFu>)Exv?V3H4s50zG%Ak2w^Kc&%QqzmY2Ko>Kyvlc4 zV)`41$(sTuzV+~&LNQUdh5Bo=7)G>8nT?um=P#aV&cYl{rA1eNkkK9v1`77 zzSVxq<0HiP-i73-g8)~-L@Ib6i73=Be(8oX#)!WkymR@nigIwl z29oC!|5)Rx7CqL{VHs>Egx11!9vk9{S`ML&k@iyXYjGlINW7W^Oca+isLok zuq+X4N)0R&ty*GB=8-E-+}h(g;y$&iTBy)2ozkZkg9N8`%TT+*U6LOsr_}hAMI=jm z6@j>~TAIT#{%u^UHIL6d#g95ZHV?2-1HZ$E54L2jH>FUDQ8EO&Dh0;XkIgQbpO~jL zse2-)Ydg?lknr+j&hLCLy}VBY@}IkNm?4J8$y}A(4R6Pr-W4(RD`6hnQSq-sn@!Fi z;O;X5M`MTNNCyReILNa8?iO-22bg?CVfKsTta^Bf3T*#4c9W;B?cR2>x&~yGa%lNDkf%OiQL^xVwkEMqSHUEDI+R&hJU`0Ypzb- z(0oZ&qQJ2ZsV@TB$&e^b@bkxp<#87U7y|(ON3=J(xa?351^+MOW`3+#0Pa3{-dQ`I zHkb0@*J#(Bllr*nC(s+;W*1M@U~67yL>o@wp}EOzySR8@aCg?K(3uz0V+tIwD6LXj zKSczM3PV^7iHZdQICIzQE$ z{8;cwl5|tvs-&`O;&t#5|4n@!h6+8E@gyvA7OUk!Xj2^>8|0q5^d^icEtyS%&$<(g z>8BhHgTo{vK?iVB}!|vM{k`_&c^v=%V3hOyea^}#ZydeAmy{SLl7*j->^Hyt z4Y<^d9pxC^+E*iBLq7_MAf@-^S9fBP6V;$nWahZ28jN%=mhtGV3(L>OTwidaA`fl=AnL?RRng%5t* z1j$A9?RazXuEA59G=V7M zSrU`1v%)5P1TZl$AutIB1uG5%0vZJX1Qb$?xAdc;PI%Fxc{oiXnYZd80XYN+Nj0L( Lu!EV#0s;sC_v&0} diff --git a/tests/data_files/keyUsage.decipherOnly.crt b/tests/data_files/keyUsage.decipherOnly.crt deleted file mode 100644 index 7c379787a..000000000 --- a/tests/data_files/keyUsage.decipherOnly.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICFzCCAYCgAwIBAgIJAJsTzkylb95SMA0GCSqGSIb3DQEBBQUAMD8xCzAJBgNV -BAYTAkdCMRIwEAYDVQQHDAlDYW1icmlkZ2UxHDAaBgNVBAoME0RlZmF1bHQgQ29t -cGFueSBMdGQwHhcNMTUwNTEyMTAzNjU1WhcNMTgwNTExMTAzNjU1WjA/MQswCQYD -VQQGEwJHQjESMBAGA1UEBwwJQ2FtYnJpZGdlMRwwGgYDVQQKDBNEZWZhdWx0IENv -bXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9nxYOSbha/Ap4 -6rACrOMH7zfDD+0ZEHhbO0bgGRjc5ElvOaNuD321y9TnyAx+JrqPp/lFrAgNiVo1 -HPurPHfcJ+tNBUgBHboWGNENNaf9ovwFPawsBzEZraGnDaqVPEFcIsUQPVqO1lrQ -CHLUjtqo1hMZDqe/Web0Mw9cZrqOaQIDAQABoxswGTAJBgNVHRMEAjAAMAwGA1Ud -DwQFAwMH4IAwDQYJKoZIhvcNAQEFBQADgYEAJ0NS2wUbgRelK0qKxrR2Ts6jVYEH -bmykx3GHjFyKpscDIn2vNyyB7ygfFglZPcw+2mn3xuVIwOV/mWxFvKHk+j2WrTQL -tDqSC5BhFoR01veFu07JdEYvz+I+NCL5z0IGWXkUrk235Wl4w4WMZDnXTqncMNEk -fLtpo9y79XD00QY= ------END CERTIFICATE----- diff --git a/tests/data_files/passwd.psk b/tests/data_files/passwd.psk deleted file mode 100644 index 17fee37df..000000000 --- a/tests/data_files/passwd.psk +++ /dev/null @@ -1 +0,0 @@ -Client_identity:6162636465666768696a6b6c6d6e6f70 diff --git a/tests/data_files/rsa_pkcs8_1024_public.der b/tests/data_files/rsa_pkcs8_1024_public.der deleted file mode 100644 index fe429985bf29b545b3d52a24b692807062a827b5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 162 zcmV;T0A2qufuAr91_>&LNQUm7(YwGJ1K49Joe8Zo!w`XNif5NQbH1%sC%f_kI=F#?@mywZ`mBGN;klTQhjX9KsO_<5g$57CK zAH?C};RwjjNh}Hu_A!(+5C;h{^9aC%6hcyqOB9?P4dldm4Gj&942=v;OiT>SqQrTP zkhumn1PzxmkboF22sb=9wWut$NWsvciBSpJwT!F`%uS5^3_x)%rY1&4hLue6whmcW zLxa2jn!RgE)e}vO>)gNNh3kad?>fYSE`M|maGxd=nbMy9SNnn6&*FV|&rfK`77Q9{jMpRO6g)xWwK~|@ge|-*bxqp{U-d7;d zA-!0b-{D7YqiQ_Y#^7THb)uGQen!2kpEPe7YxHyB>8)FpC*8cF!giHYwX>A{?lP%< zdrrxHYg2VnUQeBU=bvMo__A9$(V1tMc8TbSsm$@ZbN0gbp!DL8x(k&5)_pNNrCV^S zlbhwX-ZKA!ym{yLMsz+3j+~blH7WH`hds{}$;Ee{zL+~z_^syc)dfO#qE2OtuMTPo z*~rAq$iTSR*T5SbfwICZOa=@FvcTY!FH%ccPe~-etutVQ*+wqDnp6m_JcfzA8T@! z2_4#?pxHEGwy}oaoy!&9XSv6&+kN)tBZ-cE+n*oVexg{pW2@8JB_Rtuw_Njkbn3>( zwTEW^|4}IR@x>9_+>%qXcl|gs)nv~rr=WGNJp6ong3V9&{W4z|@u*t-)+TEX&O+Zs z<;vTH)_U*$ac;Ll%;nGDGb%sa5T9cm5d2X3+f|2et~z@4x6W7p4 diff --git a/tests/data_files/server1.ext_ku.crt b/tests/data_files/server1.ext_ku.crt deleted file mode 100644 index 3c4f854a2..000000000 --- a/tests/data_files/server1.ext_ku.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDpzCCAo+gAwIBAgIBITANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDAxMTQ0NDQzWhcNMjQwMzI5MTQ0NDQzWjA8MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ -uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD -d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf -CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr -lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w -bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB -o4G0MIGxMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKm -MGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0GCAQAwCwYDVR0PBAQDAgXgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3 -DQEBCwUAA4IBAQANtiYR2P6+a7rEtJARIgpurw1URYejATbbp3ZhaHBW603Wyb2+ -KJtm1KPCzoju/qTRt65YYkt+tu1wTzamyrkPxt8bBKmxiWnu5j1HLxdjOz8VW9lf -vTb5egR4dU9eNXni/5QkzrdkMO+ob4puDXY7ytPuGX6YfNVhCkrhBlYDJNE57CkK -vpCNj3+Te8PEkWPAEaUhqCnQk6qvPvpBfc/hqgwzlRMt3u5NkiVOuH72dtr4fOI1 -nlAU8D2wuvDVr3X5281ONNEtHU6rXe98vlUzS9QV9lBDdsO9nRYJzv2Nb1cjRIM5 -JZl0ILLR2tc6E/W5YXalNp37jfrFii1U9WrJ ------END CERTIFICATE----- diff --git a/tests/data_files/server1.key_usage.crt b/tests/data_files/server1.key_usage.crt deleted file mode 100644 index b5a2532c2..000000000 --- a/tests/data_files/server1.key_usage.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDTzCCAjegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ -uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD -d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf -CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr -lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w -bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB -o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw -DQYJKoZIhvcNAQEFBQADggEBAE6xegEHvwuQ8I4YCLX7oXmDJiDb7m2nMin+um0v -TMqHAE3B9GvdWGUgMIEMf76ee7OMDzxfzM2vyNGemB0rn1djEv+knJBSdMQKD9X8 -tkT8cPqMHlRMYYbFFkkZEOeqeihZXQdUORao9ZSXrokYwv+Fr+PAmiUJEmkZHbA1 -Gqp6tPfGxJ2ah50Og9oAPwyND6kvE2o++Dth2evjljPCPM2Gw5kjQGw3V9CAUyUo -KtLrtZdOeRHRCWCf3UQ/tYkG70tY/+grftrHqKB2E4qkmDiCPS9sEpa7jOGT6e4k -jGVeZFNZZ10mD2Svr3xl/60++c7yLxrquujo8NOTCVcshfs= ------END CERTIFICATE----- diff --git a/tests/data_files/server1.key_usage.crt.openssl.v3_ext b/tests/data_files/server1.key_usage.crt.openssl.v3_ext deleted file mode 100644 index e255027ee..000000000 --- a/tests/data_files/server1.key_usage.crt.openssl.v3_ext +++ /dev/null @@ -1,5 +0,0 @@ -[v3_ext] -basicConstraints = CA:false -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid -keyUsage=critical, digitalSignature, nonRepudiation, keyEncipherment diff --git a/tests/data_files/server1.key_usage_noauthid.crt b/tests/data_files/server1.key_usage_noauthid.crt deleted file mode 100644 index c82a97972..000000000 --- a/tests/data_files/server1.key_usage_noauthid.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDLjCCAhagAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ -uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD -d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf -CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr -lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w -bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB -ozwwOjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAO -BgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQEFBQADggEBAKuveVlnjgJIkiH6HqZk -+oGpLPxpcoMEMskzyFxTfjP4L2Mj798qydBbobyVJdH5p/sIpcHsI0xajM/dcZKS -7b28KVwxOk+87DtwCikFT+jzWPe8fzowqsNAaKtvtDQnLYh8u2tDT1vhABwgTVAy -aHCzs+nm3o36NPSN9K+wmI+r1KFnhjtyOQ++7M8wRRT5jrC+1tYicjsnVMu07yB5 -04C99Fa3MToilg66Jos95U3gBF5GbSfDXYtd3/etNMkUiG8FEZJlkhKbTO+4E03a -X6+z2VojrAroYyO/F5ZlaC3/CsMQ8Zcate64nH/Lu/U78XAo8iKz5DLLOPBqodER -z4A= ------END CERTIFICATE----- diff --git a/tests/data_files/server1.noauthid.crt b/tests/data_files/server1.noauthid.crt deleted file mode 100644 index f778ae9e4..000000000 --- a/tests/data_files/server1.noauthid.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDHjCCAgagAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ -uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD -d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf -CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr -lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w -bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB -oywwKjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAN -BgkqhkiG9w0BAQUFAAOCAQEAaf6oVaFgPEUYjT6cNoMf3p4Ja7EKr2Lp9jX0aV0D -Q4WwTg/QG3OVBX9IdK+ezAPuBRE7YWFKfbUR5MajWQt0MQPKXh0u7Tr4Z5JG3lXH -P/QzYZqTkSD9zlb0MHvYUl1T/Ulc4Ws7qSvf3iocvtSAZJIxNi9hxu2nXk2N4OGY -zyTONjlBtKjXa1THHKZzA5o1e4n2crtCDzXJFVqLeeIwW4zAqepXhGU1nepbazNP -B3IYzD+JM36XiDPAlci7ZDwpXHrT6fqlBOtfrUH+NAHXCSG2WT+6B4nVZW/P/Qrv -Hxrq4lP5fgpyX4jxa4UFW9YwRaUN7IAWuZL5dWINbiJZbg== ------END CERTIFICATE----- diff --git a/tests/data_files/server1.req.cert_type b/tests/data_files/server1.req.cert_type deleted file mode 100644 index 39ff3fdba..000000000 --- a/tests/data_files/server1.req.cert_type +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICpTCCAY0CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAkMCIGCSqGSIb3DQEJDjEV -MBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqGSIb3DQEBBQUAA4IBAQBErZcEaEEO -hLbRVuB3+N5by0mogdJsatJFSgW2/VztLvQBYu0O+VmTbZwCAWejA8U+cr6uPlyf -b4lDqj3W+XykeK9bSzoSr1yNO2VAcE74Y0ZrSz2yXMfT5R9IyKqQZspaKD8MOmYH -BqUH9o/phnGcaEG5xeSfhM1O/YNZuGnlLDQBGwT5puHOaLfjECvs8eZLopIWEBlD -QkRlhYqZBwhGZ8D/TxqG4teFtnBX5FG7UoSSVuneBrkREQM7ElhtD9jCWjfMnqm1 -59G84OycClwaKU7/Dm6zeMGDyFoMksBud7lyDHMhxvwSbzb1JR5v8iBsmVY2dhHt -Ot3Fx2be0gIr ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.cert_type_empty b/tests/data_files/server1.req.cert_type_empty deleted file mode 100644 index 70fd11133..000000000 --- a/tests/data_files/server1.req.cert_type_empty +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICpDCCAYwCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAjMCEGCSqGSIb3DQEJDjEU -MBIwEAYJYIZIAYb4QgEBBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBACU0LLDBIMgG -B7gyNANHv42RovhQdzmUulqJPHNHx3v9G17F00bEykJb/r3awW6l5fhY/6oPydsY -hnWEM6VVCUkJ6Zqm2/wE49uaNTbFd9JU4OywRBfjHHSTOGnYFg+BYSfwaIkSCkx2 -kVhyklFm7My5wkyDPpFSU2tTfgsgaQMyTm93a2kxM7qJ/X3gFDG8o7R0vyojFVSI -mwsF9QsC6N9cygdFx23zCB0KsJ9KfmBqaTsdbKh8BsocYm5FJCw4WS/CBrCWBj+z -N7yEJj4SR5F+P7sFc5I0HANov5wQe8E3+WxxQt8jcqIje6DlaaGja44cXOzvFQyx -Hg/6H5EtBQc= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.key_usage b/tests/data_files/server1.req.key_usage deleted file mode 100644 index 30e481243..000000000 --- a/tests/data_files/server1.req.key_usage +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICnzCCAYcCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAeMBwGCSqGSIb3DQEJDjEP -MA0wCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBBQUAA4IBAQBsJ3v1Ar2X28GJsRSJ -WRQwFQwIbR/D0cHrwTf0ZfZttClytuc18JZlwkH3EG/rNkWaFp6MKIZoRMOBuSPc -MNvvKIo4nPaeouDPruymx0gNenlyRL3D4OZpBO/BmQIQjbUKWFbzEnEqvwvMDUnG -8w7UjPSFcxj2HzENr62HLPKKnVpL3nDXWK1a2A77KF9aMxyoWQ6FXb2xPD9cJjdo -c1jwskQbgosQzKKwwp5yxq0zRD3EAGw4A78mgHMfgFprq9e9azaB0JeyFG2Vn0t0 -L+vfiDEVQ3eJXSCen1kEVyHRju8g53UcSgd+JicWFboFj2/mJBuyW6yM++RGA9B5 -Zd62 ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.key_usage_empty b/tests/data_files/server1.req.key_usage_empty deleted file mode 100644 index 47e56bf1e..000000000 --- a/tests/data_files/server1.req.key_usage_empty +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICnjCCAYYCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAdMBsGCSqGSIb3DQEJDjEO -MAwwCgYDVR0PBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBAAqQ/EU/3oMt7YW4vWgm -0Q7F4v7DrFEoVMWfBzNWhMNIijzoaWKY8jwseZMzu8aCNQlJnM7c9FJF+OCgS7L5 -0ctwzjfCOi5I5cKgqv8WpuMZWHXNtB7YtjUWIZVri/RazCncZEwJGCKQjmQYrGJm -Qmu2+D+DWY+nEW47ZfDH9jOJtatnREjSNsKzc44L9zUaEy3bi+m455XGH+ABmeb7 -Iqmguh10xUyY6rEOFEuqvFyFr5g1eb53Rr5CQxGfw1j+2bbSh+rVb6Ehf9LAijyu -Ygqa91hGab/CjykS6HMrD91ouWtt2Rt3zCKo4Xxe8dlAszKB4W83M9OgDVVpiCfC -t3A= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.ku-ct b/tests/data_files/server1.req.ku-ct deleted file mode 100644 index ebd01f5cc..000000000 --- a/tests/data_files/server1.req.ku-ct +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICsjCCAZoCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAxMC8GCSqGSIb3DQEJDjEi -MCAwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG9w0BAQUF -AAOCAQEAWUMyIXHi4BbIxOeCD/Vtu9LGV8ENMV7dwYVEQcwrt1AHahtYgUtkoGcP -lOPqg1lbg22bu8dLPoY4HAzxCOAGs27otWL5LlE9M5QPH1RedEycmOuYrMl6K988 -hfDBJ+OkgCShcM91+udrc0gpDEI7N01A+fmukQ6EiaQjIf7HME/EKQqhEuEQMXHC -GBvdNuEF5BfV3aAYuT+xfdXDU2ZWwXXWAHGmVh3ntnhtEG6SnXSnBATU2wa4tpBd -KLbEbcsiy2uj0OLJlvG6LqsNggtkD58GCGpLpaVxdW80yw+f/krwLpeyocE1KGcT -7eX+9yhLe9NIZojvevw+53dNE7BUfw== ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.md4 b/tests/data_files/server1.req.md4 deleted file mode 100644 index 15585499c..000000000 --- a/tests/data_files/server1.req.md4 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA -A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY -tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz -hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K -HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm -DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp -qGZf2UmuJdLeIMzSNX2rZ+SVDX9o ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.md5 b/tests/data_files/server1.req.md5 deleted file mode 100644 index 57714ede3..000000000 --- a/tests/data_files/server1.req.md5 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBAUA -A4IBAQCEiv3QM4xyKhYTsoOjyzQdXMhsXK3Kpw+Rh874Hf6pXHxUaYy7xLUZUx6K -x5Bvem1HMHAdmOqYTzsE9ZblAMZNRwv/CKGS3pvMkx/VZwXQhFGlHLFG//fPrgl3 -j4dt20QsWP8LnL4LweYSYI1wt1rjgYRHeF6bG/VIck6BIYQhKOGlzIwWUmfAGym6 -q4SYrd+ObZullSarGGSfNKjIUEpYtfQBz31f5tRsyzSps7oG4uc7Xba4qnl2o9FN -lWOMEER79QGwr7+T41FTHFztFddfJ06CCjoRCfEn0Tcsg11tSMS0851oLkMm8RyY -aozIzO82R3Em7aPhZBiBDy3wZC2l ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha1 b/tests/data_files/server1.req.sha1 deleted file mode 100644 index 578ec7f79..000000000 --- a/tests/data_files/server1.req.sha1 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBQUA -A4IBAQCiYQMOv2ALPUeg8wHKn9L5SdDbNxOzuMwhYsCYTw2TJMQO7NLUq6icEzxY -pUIIFt60JUQjZHxQSY3y9cSivwKXQA7pPfaPaFC/aMA2GxG23t2eaIWNQX8MfcWf -XAa8bl/vmC1MTov+mP2DGoXRiKYORrEInyDS2RaTathvHckcAv25nCIx7wYO9tC9 -LUwyoE9bhiQ7fo3KFlz4dK1HukyCM/FoPbJuL7NgdzmKVPyYCLh5Ah+TTD6+sltz -dFc4fj28w1v3jsBXz+tLrgFQidzuUI2poxt5UwU9TKY0dAJaTCtfIRcXW3h6DGG7 -EDR6rim6sbIQkGzYvGqs4TNoJOR+ ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha224 b/tests/data_files/server1.req.sha224 deleted file mode 100644 index a4f2af4c1..000000000 --- a/tests/data_files/server1.req.sha224 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDgUA -A4IBAQArYR2mLKU5lsHyAyGHr4PlmC/cfePmCRyC/mj1riGTjDlNC2X3J1VZDqKb -U/uUxLudP7sbuttRksIAREATT74Pa40bMWiPUlBfA/M2mFTmKb/91uXeIISW8DL3 -xM/5BCDrhnZ/cjP23gKDgJRk+IGBNhYZDGz50TIBbDJ2e4GDkFjzANngUW64UcCQ -7hZOYtnYLBnoRvPwtal5jZqHwsgaPPePXu+SQ8mfuAJwJ78MOCAaKw0IP1h1OnPG -iubdl34lSIaYWwbHTdjaqUSQG3SSs4oxEvluYymrpZ6XGKXtphJXEPdTRiLu9d9l -A5NYVgvqHFQPmuXS92zrGzB788pV ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha256 b/tests/data_files/server1.req.sha256 deleted file mode 100644 index 6d21dc5d9..000000000 --- a/tests/data_files/server1.req.sha256 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBCwUA -A4IBAQCVlSU7qeKri7E3u8JCZbCyjsGJTH9iHYyeDZ/nDLig7iKGYvyNmyzJ76Qu -+EntSmL2OtL95Yqooc6h1AQHzoCs+SO2wPoTUs3Ypi9r7vNNVO3ZnnxVtGgqCRVA -W+z9W4p2mHXQhgW1HkuLa5JD1SvJViyZbx9z3ie1BQ9NVKfv++ArPIv70zBtA7O3 -PZNG1JYN30Esz7RsCDRHbz6Npvu9ggUQL/U3mvQQ+Yo+xhwu1yFV+dRH7PebBeQv -vjcD2fXDabeofK3zztIpUIyUULX0GGClM9jslgJ/ZHUlArWKpLZph0AgF1Dzts// -M6c/sRw7gtjXmV0zq2tf2fL4+e2b ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha384 b/tests/data_files/server1.req.sha384 deleted file mode 100644 index b857af7f1..000000000 --- a/tests/data_files/server1.req.sha384 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDAUA -A4IBAQBy35zHYLiYaScq1niQkzQ/BScUbdiWd2V90isBsB5Q3NjVoJl/yCaMrla3 -2XfrutpFpdqwenl5jM0o6+enKCmfur+z2/ije69Dju2aBd6A62cx1AEvFiMq7lyF -4DYJ32+2ty6KA8EhzE3NFs7zKXxmD5ybp+oXNEvXoeU3W8a+Ld5c1K/n+Ipa0TUy -cFBs6dCsbYO9wI6npwWqC5Hc9r/0zziMFO+4N5VORdYUFqObq4vCYOMXETpl8ryu -lGZorNUoJ7vV55T31CDqEtb0EE+nO+nT4agfDobncYjvc3WpQuLtUB4UwR5gpZl6 -ZI+j4uwikOgGO9gcx4IjaRP3q63F ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha512 b/tests/data_files/server1.req.sha512 deleted file mode 100644 index 85d52460d..000000000 --- a/tests/data_files/server1.req.sha512 +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow -GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ -ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ -HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF -W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs -FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDQUA -A4IBAQBb8jNpt0nkNVWstVoOCepQSF5R1R9hF0yEr7mk3HB9oO/nK07R1Oamgjw+ -CHQReTSjIKUX53o7ZwNZB5E+jBDsGz/2Yyj/vxNHJFk2exELtW30he8K2omVHE1F -XESbftCssWLNpTSDq6ME12+llkEDtgCtkv69oRUkuuF5ESUSZRGIZN4Vledm8SM1 -uGFtaG/PXbBbtUaNwNISDeIWDKRtbuca5web+QEi1djiUH21ZWIGEpOy7mtkYmRs -Qt1D32FoaqFNhafiaxNIXO11yd4lgpaDDlmrOSBsELcTIF9916o3DwMeVXy0GONW -BrwaO8q8rg+C+xvMY7858Kk8kwjb ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.v1.crt b/tests/data_files/server1.v1.crt deleted file mode 100644 index e85ed30fc..000000000 --- a/tests/data_files/server1.v1.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC6zCCAdMCAQEwDQYJKoZIhvcNAQEFBQAwOzELMAkGA1UEBhMCTkwxETAPBgNV -BAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMB4XDTExMDIx -MjE0NDQwNloXDTIxMDIxMjE0NDQwNlowPDELMAkGA1UEBhMCTkwxETAPBgNVBAoM -CFBvbGFyU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb -7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJ -BEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8Yw -fhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5B -Xhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1Y -ieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAATANBgkq -hkiG9w0BAQUFAAOCAQEAOKzKoIMPjmKis0WH0t9/Bn5cMAPsBAgeqROeWqAs1N7j -FIpCoyQW43t1rAtga946X6/IanTuLKScPkhNrcX4ASn0+DzaNxVelumjjfD6NEcn -/Fnq0a+5oNcqXrM9lCBtqFnGcDoFJq3VMA3P+YCqZ9ZaYy30mOkZRVlddMQCpk7g -RxVBLEaPL1DlSmR1hIvsHQ51DGU6xEnbrxGn19dFf1yfC+vnf5mhKPB8XGWd+IjZ -WkYsfmBe2hwH58XNvVf0suX9aQS16vwqpPbPi3wQ2d3cX1/vCCW4cCYW7Pytc3Op -pBjHEIkmil2/30+Rqk4SbZvo99MMPGIOREOJ81sNRw== ------END CERTIFICATE----- diff --git a/tests/data_files/server10-badsign.crt b/tests/data_files/server10-badsign.crt deleted file mode 100644 index eca171f35..000000000 --- a/tests/data_files/server10-badsign.crt +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX10= ------END CERTIFICATE----- diff --git a/tests/data_files/server10-bs_int3.pem b/tests/data_files/server10-bs_int3.pem deleted file mode 100644 index b84cee7c3..000000000 --- a/tests/data_files/server10-bs_int3.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX10= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU -ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE -732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= ------END CERTIFICATE----- diff --git a/tests/data_files/server10.crt b/tests/data_files/server10.crt deleted file mode 100644 index 96a4040ce..000000000 --- a/tests/data_files/server10.crt +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= ------END CERTIFICATE----- diff --git a/tests/data_files/server10.key b/tests/data_files/server10.key deleted file mode 100644 index 0088331ea..000000000 --- a/tests/data_files/server10.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEILBDMs7bRVxVg6ovTpf2zB9m+22jY7R3LNKRvCPfa6YJoAoGCCqGSM49 -AwEHoUQDQgAEHG336dql6qGcsnIZqAkcc63eFbvepuOzTwXobRAuOmk3l4A5wXX/ -vs5wAawLX1wUTUM/AESHmAZrJK9tq5So8g== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/server10_int3-bs.pem b/tests/data_files/server10_int3-bs.pem deleted file mode 100644 index a9e06150b..000000000 --- a/tests/data_files/server10_int3-bs.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU -ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE -732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWf0= ------END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_int-ca2.crt b/tests/data_files/server10_int3_int-ca2.crt deleted file mode 100644 index 0df2c653b..000000000 --- a/tests/data_files/server10_int3_int-ca2.crt +++ /dev/null @@ -1,40 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU -ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE -732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl -WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 -ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW -BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= ------END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_int-ca2_ca.crt b/tests/data_files/server10_int3_int-ca2_ca.crt deleted file mode 100644 index c25482b8b..000000000 --- a/tests/data_files/server10_int3_int-ca2_ca.crt +++ /dev/null @@ -1,120 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU -ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE -732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl -WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 -ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW -BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== ------END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_spurious_int-ca2.crt b/tests/data_files/server10_int3_spurious_int-ca2.crt deleted file mode 100644 index c9d6715f4..000000000 --- a/tests/data_files/server10_int3_spurious_int-ca2.crt +++ /dev/null @@ -1,64 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU -ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE -732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl -WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 -ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW -BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= ------END CERTIFICATE----- diff --git a/tests/data_files/server1_ca.crt b/tests/data_files/server1_ca.crt deleted file mode 100644 index 748d94457..000000000 --- a/tests/data_files/server1_ca.crt +++ /dev/null @@ -1,41 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ -uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD -d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf -CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr -lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w -bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB -o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf -BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC -AQEAvc+WwZUemsJu2IiI2Cp6liA+UAvIx98dQe3kZs2zAoF9VwQbXcYzWQ/BILkj -NImKbPL9x0g2jIDn4ZvGYFywMwIO/d++YbwYiQw42/v7RiMy94zBPnzeHi86dy/0 -jpOOJUx3IXRsGLdyjb/1T11klcFqGnARiK+8VYolMPP6afKvLXX7K4kiUpsFQhUp -E5VeM5pV1Mci2ETOJau2cO40FJvI/C9W/wR+GAArMaw2fxG77E3laaa0LAOlexM6 -A4KOb5f5cGTM5Ih6tEF5FVq3/9vzNIYMa1FqzacBLZF8zSHYLEimXBdzjBoN4qDU -/WzRyYRBRjAI49mzHX6raleqnw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== ------END CERTIFICATE----- diff --git a/tests/data_files/server1_csr.opensslconf b/tests/data_files/server1_csr.opensslconf deleted file mode 100644 index 6e7075ea6..000000000 --- a/tests/data_files/server1_csr.opensslconf +++ /dev/null @@ -1,10 +0,0 @@ -[ req ] -distinguished_name = req_distinguished_name -prompt = no -# Restrict to non-UTF8 PrintableStrings. -string_mask = nombstr - -[ req_distinguished_name ] -C = NL -O = PolarSSL -CN = PolarSSL Server 1 diff --git a/tests/data_files/server2-badsign.crt b/tests/data_files/server2-badsign.crt deleted file mode 100644 index 7e32d3b90..000000000 --- a/tests/data_files/server2-badsign.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD -VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw -FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY -oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw -UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y -iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M -wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS -RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8 -zhuYwjVuX6JHG08= ------END CERTIFICATE----- diff --git a/tests/data_files/server2-sha256.crt b/tests/data_files/server2-sha256.crt deleted file mode 100644 index f8a5b8b97..000000000 --- a/tests/data_files/server2-sha256.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD -VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw -FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAGGEshT5 -kvnRmLVScVeUEdwIrvW7ezbGbUvJ8VxeJ79/HSjlLiGbMc4uUathwtzEdi9R/4C5 -DXBNeEPTkbB+fhG1W06iHYj/Dp8+aaG7fuDxKVKHVZSqBnmQLn73ymyclZNHii5A -3nTS8WUaHAzxN/rajOtoM7aH1P9tULpHrl+7HOeLMpxUnwI12ZqZaLIzxbcdJVcr -ra2F00aXCGkYVLvyvbZIq7LC+yVysej5gCeQYD7VFOEks0jhFjrS06gP0/XnWv6v -eBoPez9d+CCjkrhseiWzXOiriIMICX48EloO/DrsMRAtvlwq7EDz4QhILz6ffndm -e4K1cVANRPN2o9Y= ------END CERTIFICATE----- diff --git a/tests/data_files/server2-v1-chain.crt b/tests/data_files/server2-v1-chain.crt deleted file mode 100644 index 84bb6b2b9..000000000 --- a/tests/data_files/server2-v1-chain.crt +++ /dev/null @@ -1,38 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD -ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI -UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 -MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx -ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI -p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj -+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ -4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva -i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P -6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG -3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc -ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF -53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW -GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 -o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0 -MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV -BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J -v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB -Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl -XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk -65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP -cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA -ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw -WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/ -WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3 -G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz -IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP -krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA== ------END CERTIFICATE----- diff --git a/tests/data_files/server2-v1.crt b/tests/data_files/server2-v1.crt deleted file mode 100644 index 7ef7968f5..000000000 --- a/tests/data_files/server2-v1.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD -ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI -UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 -MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx -ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI -p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj -+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ -4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva -i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P -6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG -3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc -ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF -53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW -GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 -o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== ------END CERTIFICATE----- diff --git a/tests/data_files/server2.crt b/tests/data_files/server2.crt deleted file mode 100644 index 33393ee1b..000000000 --- a/tests/data_files/server2.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD -VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw -FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF -y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF -kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd -dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu -UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1 -fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r -4mN4lW7gLdenN6g= ------END CERTIFICATE----- diff --git a/tests/data_files/server2.der b/tests/data_files/server2.der deleted file mode 100644 index ec03190e12610688838c1ff3f27b0fb26632885d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 827 zcmXqLVm3EuVv=9L%*4n9LZ#K0^{oYx4M zYhXgqa3KQ$h~b<$`N@en8TrK}22G4g$gX5$WngY%%5h)*oCMkXBRVcEPp4LJ#Bf=mI?25i>mBYX8qY_vPR`=`2)3- zo;e#dY8T#m)${D6%(OlK4zdJoHoLO;*TaovHzpiR+>#b#wn!~_)#{Qs_FBoN+gdl| z7u@8P(e+IG9<5sJ_JX_1Ka*!G!-R*ongr5n*M(?zr&dl}_$cx4SqD#!cNsh%yW1|g z?Z2>Nl_0ZReb@>qITs0j{?_hW-7ayDB#tHNA5ZK36?>!hvwEi{6u~JpTQa5Tn6# zCT2zk#>Kt{-r$In6=q>FU@(vc2BRz=ix`W@Qq~tKJMP?1;13Y;O<0k#-nZL%vVlBE zTA4+{K&(MzOVpF4o9|r;`nL1xvZ?&9?e-l1`yV;Lfyn|G;6OWyxxJ2_UU2VYvP>C^ zwlMF37Qv(aR?CmhF|8`!p&-)qF66_f4MC?X&PB5O2WI}etpAepdF!MbyEeW)S{9qA z`?788J*}Vi!5U6&&Be|SSmN0yh@{TX6R6q~A*poewPjJ@r0ZK`OZ6{XX)`{*9kA}v z$1A?kHoG0QwU#{cVtSe&qBBQ+*%>x()lR=@21;{cB76_ux{wzj*OU77rnu>{2Wt7#C=BTy4jaQ zS-KblwmeR%$PpA>swH^PQ)c!Nfz*Wdn{t_ve*M|65B|%3lw2`2?}6_1<>o5@#6dhp diff --git a/tests/data_files/server2.ku-ds.crt b/tests/data_files/server2.ku-ds.crt deleted file mode 100644 index 3bd07d0fb..000000000 --- a/tests/data_files/server2.ku-ds.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDUxWhcNMjQwNDA2MDg0NDUxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAc4kubASrFXFtplkYp6FUcnUn -Pf/6laS1htI+3y+q1UHWe2PcagZtCHTCUGBSWLeUIiaIBheaIRqv+4sSFVuXB7hV -0PGXpO5btth4R8BHzGqCdObKvPujp5BDq3xgcAFicA3HUMNsJoTDv/RYXY7je1Q5 -ntVyVPeji0AWMUYQjcqHTQQPGBgdJrRTMaYglZh15IhJ16ICNd9rWIeBA0h/+r0y -QuFEBz0nfe7Dvpqct7gJCv+7/5tCujx4LT17z7oK8BZN5SePAGU2ykJsUXk8ZICT -ongaQQVQwS6/GJ6A5V8ecaUvFrTby1h9+2sOW8n2NRGiaaG5gkvxVeayemcmOQ== ------END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ds_ke.crt b/tests/data_files/server2.ku-ds_ke.crt deleted file mode 100644 index ebee7e1c3..000000000 --- a/tests/data_files/server2.ku-ds_ke.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MTAwMjQ5WhcNMjQwNDA2MTAwMjQ5WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAnW7+h85xBP2KJzFSpWfGirVe -ApdC9bX0Z1sVMmD486N+ty9W6BP6kJRxLDX0fOuRc3x7mCy5qZg/Yj40+yQSoA0w -bTNwJjuR8iMqWIqLw9hWR+E9T4lYLZWyGJVjlVTkO4i5wifwhoJE9Doohh/6crn5 -ImWgEkgT/wDVIHoamciO6KU36d0iAEEP2eYgxv2/sVHvjjsseTdvYh3D3VuOmQtS -uUvFxc6H5kYoq/yodJWDaOn3RS8pEpDsiW+abcWyxNTPtHFroJV7e9aaVmhlRSzw -sYDyD/ZyIlavoPSEiD3LTT/Tp6BIpz+zb4WHOHLEvUCsZputqxPVcNoEAi9xuA== ------END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ka.crt b/tests/data_files/server2.ku-ka.crt deleted file mode 100644 index 90f7c4a99..000000000 --- a/tests/data_files/server2.ku-ka.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDIzWhcNMjQwNDA2MDg0NDIzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIDCDANBgkqhkiG9w0BAQUFAAOCAQEAriPloIWfu7U8d1hls97C7OBI -OiE2xFh2UmuN/9hTK2CyW6MtBf8aG3l4jQDrsutHO0gUyoR67ug4yj+s+0S/zETZ -q6mPo7cBbVwjhGciQRiYgufFpdnbXR05HDgOVPK7qqjL6UOZnbu5caIEvIJgdwXn -n8WB9x/Ii4/2S9ysmRdRhDBYekzgH3Ac2UnHJTMh1XaSL817MW6B9BDKHt4xa7pW -cplDzrFKYbmxSSxzALE4Dr+zRvmDx4bcYpBkRRfOhnnR1caQBgaZzPcX/Vu+vw8e -qs2nyBW5RBu8MBCBU1DpqOSo6jl0QTpuq3NzQZIouG9fyckqDJS5ibrxQTutPw== ------END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ke.crt b/tests/data_files/server2.ku-ke.crt deleted file mode 100644 index 8daa0c13d..000000000 --- a/tests/data_files/server2.ku-ke.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDM5WhcNMjQwNDA2MDg0NDM5WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN -owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz -NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM -tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P -hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIFIDANBgkqhkiG9w0BAQUFAAOCAQEAqreLAIuxeLGKbhoEROYRqXxO -ndaC6uDcpxhgmEW7B2DW6ZtX8155v3ov61MuMas8fEQjD5STDP9qERxNTePnhW3m -kDZd2jUBE3ioHhTBv47i1PYU+DRe42kY6z0jUmNPK8TsTKfdbqTGXg9THe1KYB7q -hdljqGS08IgBl/q2lK2OOSycu27xhfb9Mo0BcLBab92WgyBu+cFPQsKiL4mD7QyJ -+73Ndb21EuANUjsRDQ3NPklssJcyJB2v85eekwk1acZUG21no3wdTvjxhVE/Xrdz -zUP9WkvAVfUrwGjUzG4YHE8wkHO7xKbKixNt+nQmDhe+tHVbztZjVwFJ8010gg== ------END CERTIFICATE----- diff --git a/tests/data_files/server3.crt b/tests/data_files/server3.crt deleted file mode 100644 index ed0d696b4..000000000 --- a/tests/data_files/server3.crt +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICojCCAYqgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwODA5MDkxNzAzWhcNMjMwODA3MDkxNzAzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG -CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5 -fQcsej6EFasvlTdJ/6OBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTkF2s2sgaJ -OtleQ7bgZH2Hq33eNzBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/ -pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQ -b2xhclNTTCBUZXN0IENBggEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjmSIjGKD1eH5W -4bl2MXfNIsTwc2vv/MAAhBzBEbTXd3T37+zAGPGjKncvTB+oufUVRGkoKbfoC6Jm -DYSEUuxtnUZOko/C//XlCEtK0TuS2aLEqF3gJjBJTCfthEdAhJCtmPAQDCzeKsdx -CoOtH0NQx6Xl64oDt2wYSQNWUTGLPfRpdsVEvBHhHYATQijkl2ZH8BDjsYcBicrS -qmCeN+0T1B9vrOQVEZe+fwgzVL38n8lkJZNPIbdovA9WLHwXAEzPv4la3w0qh4Tb -kSb8HtILl4I474QxrFywylyXR/p2znPleRIRgB5HtUp9tLSWkB0bwMlqQlg2EHXu -CAQ1sXmQ ------END CERTIFICATE----- diff --git a/tests/data_files/server3.key b/tests/data_files/server3.key deleted file mode 100644 index fecf44db1..000000000 --- a/tests/data_files/server3.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MF8CAQEEGItTogpE7AOnjvYuTqm+9OabmsX02XKIAqAKBggqhkjOPQMBAaE0AzIA -BH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5fQcsej6EFasvlTdJ -/w== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/server4.crt b/tests/data_files/server4.crt deleted file mode 100644 index 96b1aa772..000000000 --- a/tests/data_files/server4.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC6jCCAnCgAwIBAgIBCDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKvXjL5VfYc7D/truqEpYcZcvlUhnuCNDJctYDJL -vgYYj5uxDxLHBXvnEHLgO5K+lps42p+r/dd4oE64ttRoeZZUvr+7eBnW35n0EpPA -Ik9Gwu+vg7GfxmifgIR8hZnOQkt2OjvvpChPCxvUailtB450Izh+mEK/hYFr+7Jl -NnxR1XQlbbyDM7Ect1HwYcuS3MBlBqq048J+0KEkQXICSjKeHFga9eDCq+Jyfqe5 -bt0K30hl1N0164B7aoh08Eomme+aSuAsz+MsJ3m7AO2DUYdrDxlrky1QrvRWWfX0 -d8djTM+uHTo1DviRM6o9+P9DfoFd53/Z0Km03sVLQWvUrhECAwEAAaOBnTCBmjAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTBuBgNVHSME -ZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkA -wUPifmJDzOgwCgYIKoZIzj0EAwIDaAAwZQIxAPWlxnMcjBaxaVieQYSLBqzizS3/ -O8Na6owRGPk0/UK+j5O9NTBHk+uXW/fQblKamQIwUQl4dl6gkRDE4rBR/yGjZZ1Z -3dEpvL2Wimt3keD7AcLpYB2FJ1mVcY1XQUeK1Vfc ------END CERTIFICATE----- diff --git a/tests/data_files/server4.key b/tests/data_files/server4.key deleted file mode 100644 index 9e4daee4a..000000000 --- a/tests/data_files/server4.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAq9eMvlV9hzsP+2u6oSlhxly+VSGe4I0Mly1gMku+BhiPm7EP -EscFe+cQcuA7kr6Wmzjan6v913igTri21Gh5llS+v7t4GdbfmfQSk8AiT0bC76+D -sZ/GaJ+AhHyFmc5CS3Y6O++kKE8LG9RqKW0HjnQjOH6YQr+FgWv7smU2fFHVdCVt -vIMzsRy3UfBhy5LcwGUGqrTjwn7QoSRBcgJKMp4cWBr14MKr4nJ+p7lu3QrfSGXU -3TXrgHtqiHTwSiaZ75pK4CzP4ywnebsA7YNRh2sPGWuTLVCu9FZZ9fR3x2NMz64d -OjUO+JEzqj34/0N+gV3nf9nQqbTexUtBa9SuEQIDAQABAoIBAHnxtYvgCPttG1NU -yJTTU/I7IEozWJaLIZMqfShT/Z4/0bEvfb3ag/bAKzkKDNx+6Utvlh1XJQTCMiiL -BhtHpHjc3JwdAgZ8KCMNRB2ba/2L/ouupqrm8hqOjdn2r6xM5Vi9pmegEIMWTJDM -NSX+nC0oF1Jg69X6KViFc5DOKFMhacSEwLJkv/EqCgdWaBoqMlTtTWKdm34xSN2L -P5o9kOgihTBNUUnVBUWJiT7C6bBAFwb1rECpvNOk6h+lvG+fSDZKYdwBrAsKspIy -/aXZD4qaicefGblrHcZv2og/zYkFs4riWNOmglxZyrK/3rFFk0B8mBk1mWQvrK7+ -Jq/R4k0CgYEA0hO29hJjeTBDdOWgzyXr5uppmR1WU7fv/Jy8PLRMvUvmiMQqRDK3 -zwGc6H938wdsubpdTCLPhq0rhDCTqtwIEAuFjZIYJs4yZzfy6klaD3516iIgb+W7 -fe1RkYMBp9wV0x272vzP4Y5p/fzp5xhvN52OkhQsjHRHewfDaUwSFScCgYEA0Wgi -kGVK6OxzoMCgiWx/L+y3yrYuHdWANTIIa5RvZk4UQqEFkGYGVP1rpbB/fAa1Yqev -qXkLZqad2dhJCuBVryGt29CHsbnEQ/QuTwlGmyZj1U8NnJBgNCPTdmGTBIm/7w9S -ESZ48bUlcqzsZn1Big/A6JX1e5i9b/1jyozNVgcCgYEAnRZc49iQRZjPeGQVQZEL -u5ph6DrFyMhsTistnv77uzk8Y9y79k8unz6HhFt86GAO7zrqdPo60GxBdBGW+laa -ONVEwr4SDUJ28jQmEwdSru9TYQav1ryk3N9O9U5POKQcNcewJ2qQUAvcOi6bAVGG -KMJKT/WB8m0o3ljJyL03cFUCgYBoHFTq42Fd8oj+SCbIjCej5RXvc6nz7Tzjta9Y -BSFphLIv+ixxAThustv9MYYAXLl7hhEgueyAKaBbOVv/S09uVdlBayi7pLc+bb1E -UEFJS8nguH/08hbSdWlh9tsIK5BAQ6ayniUNTtmCbRTPU8Ds6i4ntL6qp2KvthQS -FPTVqwKBgQC8m2sJapMms0/7EeGpUwMO+WNCHeRyujnriWYL8Kms0lmAn8NrQoA5 -wgbx0nZ/VrXtLPGHy915jxDXOU1Yc2gqEf5Qm/GnByUuml1mUSldiPciSJvKzMqP -LeWnb62HD60t/zwstN20Yzt6mBLocm1PPdPhPweI/EF6pSgvlw5NTw== ------END RSA PRIVATE KEY----- diff --git a/tests/data_files/server5-badsign.crt b/tests/data_files/server5-badsign.crt deleted file mode 100644 index 0c6507233..000000000 --- a/tests/data_files/server5-badsign.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S -C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V -fGa5kHvHARBPc8YAIVIqDvHH1A== ------END CERTIFICATE----- diff --git a/tests/data_files/server5-der0.crt b/tests/data_files/server5-der0.crt deleted file mode 100644 index 08d8dd311b525fd51171a1019ad3194dad91580a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 547 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z RfPe8Z2E`yPzK_SR0ss?|s)_&r diff --git a/tests/data_files/server5-der1a.crt b/tests/data_files/server5-der1a.crt deleted file mode 100644 index 015017b17db1c360392790665896ea46dc0feac2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 548 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z SfPe8Z2E`yPzK_SRG5`R+9IA={ diff --git a/tests/data_files/server5-der1b.crt b/tests/data_files/server5-der1b.crt deleted file mode 100644 index 6340d9e2ed9fb5e60822f52182c08cddf98f4417..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 548 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z SfPe8Z2E`yPzK_SR9s~fs-K$Fg diff --git a/tests/data_files/server5-der2.crt b/tests/data_files/server5-der2.crt deleted file mode 100644 index c6e320a369c20c3ee8c54d3caa1d5af0a7225206..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 549 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z TfPe8Z2E`yPzK_SR?&JahYB8%# diff --git a/tests/data_files/server5-der4.crt b/tests/data_files/server5-der4.crt deleted file mode 100644 index 4af05cce1ed05ea02e9fac3fed3a0904b44799b0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 551 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z VfPe8Z2E`yPzK_SRE*F>*4*yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z ZfPe8Z2E`yPzK_SRE?NFxU9D;rKLC6Lu2cX3 diff --git a/tests/data_files/server5-der9.crt b/tests/data_files/server5-der9.crt deleted file mode 100644 index 4947f1f83fad41a48cee838ccf8cfdf2f2100e29..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 556 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z afPe8Z2E`yPzK_SRp8sKBT=suSl_mf!qOWiO diff --git a/tests/data_files/server5-expired.crt b/tests/data_files/server5-expired.crt deleted file mode 100644 index d726e5c8e..000000000 --- a/tests/data_files/server5-expired.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHjCCAaWgAwIBAgIBHjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MDQwMzEwMTIwOTMwWhcNMTQwMzA4MTIwOTMwWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2cAMGQCMCDxvDmhlrEk0r4hqCwvQDxWEoXPbbD1gglfLT3BsGpu -XHUQ1W2HwB3o/7N5I13BBgIwcmG17zyNIOkYiyExYtPCZCpbofEMpRY5qWG0K6YL -fN08jSzyFt6kbO4ak0D6tC5Q ------END CERTIFICATE----- diff --git a/tests/data_files/server5-future.crt b/tests/data_files/server5-future.crt deleted file mode 100644 index 969c84b46..000000000 --- a/tests/data_files/server5-future.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHjCCAaWgAwIBAgIBHTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MzIwMzEwMTEwNDExWhcNNDIwMzA4MTEwNDExWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2cAMGQCMAZWcb+NYxFVK+W6Z5eknM2TrbqQGZEYHQXeV9/XF0t7 -TLDhA6a/pFDTJVZunFzesgIwfqkBYuvMkiNlS4lWcVyf8L4CZIHCn1yHnOCxu8ix -uqgLb4na3i94x9urgbZZYfVK ------END CERTIFICATE----- diff --git a/tests/data_files/server5-selfsigned.crt b/tests/data_files/server5-selfsigned.crt deleted file mode 100644 index cb5564751..000000000 --- a/tests/data_files/server5-selfsigned.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBzTCCAXKgAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV -BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy -U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY0M1oYDzIwMjQwNjE4MTEz -NjQzWjBHMRMwEQYDVQQDEwpzZWxmc2lnbmVkMRAwDgYDVQQLEwd0ZXN0aW5nMREw -DwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIBBggqhkjO -PQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/q -L9I0XV0WvYqIwmt3DVXNiioO+gHItO3/o0AwPjAMBgNVHRMBAf8EAjAAMA8GA1Ud -DwEB/wQFAwMHgAAwHQYDVR0OBBYEFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqG -SM49BAMCA0kAMEYCIQCf/bzFoge0pCOIrtHrABgc1+Cl9kjlsICpduXhdHUMOwIh -AOJ+nBHfaEGyF4PRJvn/jMDeIaH1zisinVzC2v+JQOWq ------END CERTIFICATE----- diff --git a/tests/data_files/server5-sha1.crt b/tests/data_files/server5-sha1.crt deleted file mode 100644 index 73e2d1745..000000000 --- a/tests/data_files/server5-sha1.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHTCCAaSgAwIBAgIBEjAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0x -MzA5MjQxNjIxMjdaFw0yMzA5MjIxNjIxMjdaMDQxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDESMBAGA1UEAxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI -KoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDY -IxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6OBnTCBmjAJBgNVHRMEAjAAMB0G -A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjBuBgNVHSMEZzBlgBSdbSAkSQE/ -K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFy -U1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH -KoZIzj0EAQNoADBlAjEAyjvzRWtxbXvkoYTYSQY9gFBpP7/wTZ2q6FbRiAuZULFt -lc0PMPDfVZChgA6iDH+BAjBdkOb73f2pOwZpMRqrOgqSynbt2uWY87mC5lRlNEoR -WXEv1AzIeBCv+81DN1Iuu4w= ------END CERTIFICATE----- diff --git a/tests/data_files/server5-sha224.crt b/tests/data_files/server5-sha224.crt deleted file mode 100644 index 47b11688c..000000000 --- a/tests/data_files/server5-sha224.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICIDCCAaWgAwIBAgIBEzAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMBA2kAMGYCMQCj0EyFUzDRmfokWzLVEWN0epR4/sZytfIeozp6BqWH -qaTBdAR2vthIKC7dKuUkg34CMQD6YtB2O9Vso79gbzSen2qh7gK7VvGE+31EVPbR -Ce/oNG/3OfhRSdn3FOvBBg2UErM= ------END CERTIFICATE----- diff --git a/tests/data_files/server5-sha384.crt b/tests/data_files/server5-sha384.crt deleted file mode 100644 index 5d6a79b2f..000000000 --- a/tests/data_files/server5-sha384.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBFDAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMDA2gAMGUCMQCnsd/6VB2kLIqMRsWdkJvRaQROyAg78CQExFEY3CMv -9t0kWRXPc4nCMH69RjQVvC4CMB4lk9A7hnX2zQy3bbUhOCOvXcsQdEe8AMgJBviz -5Nob2wThRqsm1wjCF60fyzXWuA== ------END CERTIFICATE----- diff --git a/tests/data_files/server5-sha512.crt b/tests/data_files/server5-sha512.crt deleted file mode 100644 index 16112ac54..000000000 --- a/tests/data_files/server5-sha512.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBFTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMEA2gAMGUCMFPL2OI8arcbRlKAbRb/YfGibo4Mwts8KX3fOuRCbXEn -pDWeb82kBqfXwzPJwamFOwIxAPGzyhWrxn0qEynWV5nzFK02PYBnYFgClISyyudH -HJGHtbEVRc5JA8ALnggaLVpuvg== ------END CERTIFICATE----- diff --git a/tests/data_files/server5-ss-expired.crt b/tests/data_files/server5-ss-expired.crt deleted file mode 100644 index 287ce9820..000000000 --- a/tests/data_files/server5-ss-expired.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB1jCCAX2gAwIBAgIJANhkYQXjo814MAoGCCqGSM49BAMCMEgxCzAJBgNVBAYT -AlVLMREwDwYDVQQKDAhtYmVkIFRMUzESMBAGA1UECwwJdGVzdHN1aXRlMRIwEAYD -VQQDDAlsb2NhbGhvc3QwHhcNMDcwNjI3MDkyNzE1WhcNMTcwNjI3MDkyNzE1WjBI -MQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxEjAQBgNVBAsMCXRlc3Rz -dWl0ZTESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD -QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d -Fr2KiMJrdw1VzYoqDvoByLTt/6NQME4wHQYDVR0OBBYEFFBhpY/UB9nXggEM5WV/ -jGNGpxO+MB8GA1UdIwQYMBaAFFBhpY/UB9nXggEM5WV/jGNGpxO+MAwGA1UdEwQF -MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIAQ47gmTsbA8pphQ1jBeLQDp7W99qr6P -oTl7/vYSJJcCICxNSJGLrNu8TfWLhgJiRsozMR9jGhp+tse1rlGUUJL6 ------END CERTIFICATE----- diff --git a/tests/data_files/server5-ss-forgeca.crt b/tests/data_files/server5-ss-forgeca.crt deleted file mode 100644 index bfd7b706a..000000000 --- a/tests/data_files/server5-ss-forgeca.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBlDCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTIwODQzWhcNMjUwODI5MTIwODQzWjBKMQswCQYD -VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl -c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3 -zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI -wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0kA -MEYCIQDF5pY54AUMNbhy3jk+8sdgsZS6bmeH/QI4D0I6UiIhXQIhAO7Y8V7Z8bx2 -gZyyk/wZpswb53ZaIP2XsJiJ/CPMCCVq ------END CERTIFICATE----- diff --git a/tests/data_files/server5.crt b/tests/data_files/server5.crt deleted file mode 100644 index 459742828..000000000 --- a/tests/data_files/server5.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S -C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V -fGa5kHvHARBPc8YAIVIqDvHH1Q== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cli.crt b/tests/data_files/server5.eku-cli.crt deleted file mode 100644 index 8aa2e44a0..000000000 --- a/tests/data_files/server5.eku-cli.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB5DCCAWmgAwIBAgIBPDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTIxWhcNMjQwNDA3MTcyMTIxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAoGCCqGSM49BAMCA2kA -MGYCMQCzHyEvd56zm1AzfDBi3psz3rDL/m0RN2WnbRBQJxIJqjwEXOrKazko9m9q -owgau88CMQDuI0fsq5tnyiHPaDSAE21/6hlrCR6deNbwzB94OuPIbx1wIas9D1jc -//iSmKtbl8Y= ------END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cs.crt b/tests/data_files/server5.eku-cs.crt deleted file mode 100644 index db97b403e..000000000 --- a/tests/data_files/server5.eku-cs.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB4zCCAWmgAwIBAgIBOjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMDQxWhcNMjQwNDA3MTcyMDQxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMDMAoGCCqGSM49BAMCA2gA -MGUCMQC294oVK6fUjH/abI1xzytTusi8dl7518L0Y19q8zi9K19OtxzPK09h7xyy -gaJRvpUCMFS6hYhrht38yqwwhSVlnmTMVtira58mEUhL6v7Qzw1sz/Dm4aXkW3s6 -JQV1kqqbRw== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cs_any.crt b/tests/data_files/server5.eku-cs_any.crt deleted file mode 100644 index 8fa8632dd..000000000 --- a/tests/data_files/server5.eku-cs_any.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB6TCCAW+gAwIBAgIBOzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMDU4WhcNMjQwNDA3MTcyMDU4WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jaDBmMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBkGA1UdJQQSMBAGCCsGAQUFBwMDBgRVHSUAMAoGCCqGSM49 -BAMCA2gAMGUCMQCSYaq/9IKOTkzIrU/eOtpha/3af3JwT6vKh4N3cSX62ksMz0GT -Uxmq4UGMBt4VmBkCMBGpYqof6hS1o92ltNRpDSHuVQ+nke1lOsoQ1plZp4SI+bY1 -bUD/WrUSLlwikZAeng== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-srv.crt b/tests/data_files/server5.eku-srv.crt deleted file mode 100644 index 64312f6c4..000000000 --- a/tests/data_files/server5.eku-srv.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB5DCCAWmgAwIBAgIBPjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTU0WhcNMjQwNDA3MTcyMTU0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kA -MGYCMQDQzjWB0xZs/8IsqJb7owYYtCiT17939Uuc/1yBF69pJRy7KV/qJlHNvlVu -qwWVTx0CMQDNW/0dlX1gU6ashrZv5Ly4sijg/g645fFpfMKCNXysEb9xiBeEj5de -2x5sX/0OSx4= ------END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-srv_cli.crt b/tests/data_files/server5.eku-srv_cli.crt deleted file mode 100644 index 9f58fedd2..000000000 --- a/tests/data_files/server5.eku-srv_cli.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB7DCCAXOgAwIBAgIBPTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTQyWhcNMjQwNDA3MTcyMTQyWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jbDBqMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggq -hkjOPQQDAgNnADBkAjAmQjJxxC82ZhBpH/GQkOQXDmaaV/JHRHGok1cWn3j3Xj8A -fqRZkp8JihpGIMse208CMFCMdNAfNd1tv+oPuynoK5Oh6/YlASX/otJT68voEIAN -SmsT1m9VPQMIyUo/3RtYjg== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ds.crt b/tests/data_files/server5.ku-ds.crt deleted file mode 100644 index 58dd0714b..000000000 --- a/tests/data_files/server5.ku-ds.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICLTCCAbKgAwIBAgIBLTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0ODM1WhcNMjQwNDA2MDg0ODM1WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEAzp4DkFMq7eDB0x5FeS9gYDaG -Ol8rVnWlRTLQzHZBQjKp+TcBdHZaBPoi8LyXtWA4AjEA6OWhsuTcv/qXOscQT0rL -eEh8wcCQeJK1uNd78lNvx3W0Pcxdb6cd7AhaAKgXL+r4 ------END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ka.crt b/tests/data_files/server5.ku-ka.crt deleted file mode 100644 index 2447326c2..000000000 --- a/tests/data_files/server5.ku-ka.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICKzCCAbKgAwIBAgIBLjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0ODUwWhcNMjQwNDA2MDg0ODUwWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIDCDAKBggqhkjOPQQDAgNnADBkAjACzKQ88/NvngMQBFc9rC484+gO -BRkXP28BqRcj8sBt3EfmEGH23BuhkZuB1OFZuMICMC4/pHgbOQtaY9WZPUROUVVZ -OuO6XsVbhiE0rb/mumqmUwuOrCtC/KFdvFZol4BNGA== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ke.crt b/tests/data_files/server5.ku-ke.crt deleted file mode 100644 index 41ae5ada3..000000000 --- a/tests/data_files/server5.ku-ke.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICKzCCAbKgAwIBAgIBLzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0OTA0WhcNMjQwNDA2MDg0OTA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIFIDAKBggqhkjOPQQDAgNnADBkAjAMl0Cjv9f45bHeJTul5XpYeJeT -52ZaOLTa/uTLy948EnEIi6sj3nFb9fvsUbsOOjECMAXAMY64KOqzixefz3y3XS/d -9miyeArPOmXU2JJ3LGuNbqqj9IbABawB1OD8v8gRmg== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.req.ku.sha1 b/tests/data_files/server5.req.ku.sha1 deleted file mode 100644 index 3281c9460..000000000 --- a/tests/data_files/server5.req.ku.sha1 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY -BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD -QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d -Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD -AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg -2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha1 b/tests/data_files/server5.req.sha1 deleted file mode 100644 index 1a14a1501..000000000 --- a/tests/data_files/server5.req.sha1 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAkGByqGSM49BAEDSQAwRgIhALSf2Mj3er+ocZCN++aEoIp5PQ9JCkPY -b88ghuTyS7DCAiEA+CnVzNN0I2kpnmKUOUcXxLcjoPaLROgxtubDvKv5ckM= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha224 b/tests/data_files/server5.req.sha224 deleted file mode 100644 index 276683410..000000000 --- a/tests/data_files/server5.req.sha224 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMBA0gAMEUCIDYaN1m9MRk5mhX1U8aZKd0alyGKWqcR -oglF2MsIii/2AiEAjFHs8XQ0Q4yDF8oLztCxlq3nAvqmPdQz9T+TkEfh+PA= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha256 b/tests/data_files/server5.req.sha256 deleted file mode 100644 index c59e15f99..000000000 --- a/tests/data_files/server5.req.sha256 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMCA0cAMEQCIGmRFdjjd53oM2Zpt3E5vfqujnA+DHWk -s9OudcSWBdjmAiA7BAYjGnXyL6ATPqM7qnLVGTf3JMT+1rXl7esBm/0APA== ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha384 b/tests/data_files/server5.req.sha384 deleted file mode 100644 index 87556c6c3..000000000 --- a/tests/data_files/server5.req.sha384 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMDA0cAMEQCIDnO+PIPZJGqiky9unvq13uXxahw1bpk -Zb5NRV0c06Q5AiAo5B49tp3kDN/n0BDNt1BBGLUfhcU+Qn2SQenCyfuGLg== ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha512 b/tests/data_files/server5.req.sha512 deleted file mode 100644 index 607741e3e..000000000 --- a/tests/data_files/server5.req.sha512 +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ -BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 -CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN -Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P -BAQDAgXgMAoGCCqGSM49BAMEA0gAMEUCIQD8xdtluTiBJM50d/WvDeUvPbXOUMlL -8xEJXU2WOK+RLAIgS8U6Z8tlJpXLEisz/j4gdABG3Y3h4PBJjlpszFisTNo= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server6-ss-child.crt b/tests/data_files/server6-ss-child.crt deleted file mode 100644 index 3c6fd4d1b..000000000 --- a/tests/data_files/server6-ss-child.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB8jCCAZmgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV -BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy -U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY1NloYDzIwMjQwNjE4MTEz -NjU2WjBNMRkwFwYDVQQDExBzZWxmc2lnbmVkLWNoaWxkMRAwDgYDVQQLEwd0ZXN0 -aW5nMREwDwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIB -BggqhkjOPQMBBwNCAASBWTF2SST6Fa2roDFuDu0zEfqRJVXBsMGcA3I+mLotpHI3 -iR9DN40fjjrY8FfoL0/JAKT323MPssYElNFAOzjjo2EwXzAMBgNVHRMBAf8EAjAA -MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDxZrEo+LvwCNi/afcvLnHqyiZlT -MB8GA1UdIwQYMBaAFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqGSM49BAMCA0cA -MEQCIAMlQ59/NW7S0hP1cu5OTD2zqT087bEmnIfOTBYfj8UFAiBBrrz2dipODVYx -vvTsQmSCzjrm+JtQQoWa+cdnAG3w5g== ------END CERTIFICATE----- diff --git a/tests/data_files/server6.crt b/tests/data_files/server6.crt deleted file mode 100644 index 6df671686..000000000 --- a/tests/data_files/server6.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ -H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd -BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= ------END CERTIFICATE----- diff --git a/tests/data_files/server6.key b/tests/data_files/server6.key deleted file mode 100644 index 1311cfa21..000000000 --- a/tests/data_files/server6.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIEQZG5j8IkRLxa9OoZJzD3KkrXqIgi9cHZMVv2s/VcPOoAoGCCqGSM49 -AwEHoUQDQgAEgVkxdkkk+hWtq6Axbg7tMxH6kSVVwbDBnANyPpi6LaRyN4kfQzeN -H4462PBX6C9PyQCk99tzD7LGBJTRQDs44w== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/server7-badsign.crt b/tests/data_files/server7-badsign.crt deleted file mode 100644 index 954b53a5b..000000000 --- a/tests/data_files/server7-badsign.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7-expired.crt b/tests/data_files/server7-expired.crt deleted file mode 100644 index a25ce4b07..000000000 --- a/tests/data_files/server7-expired.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTA3MDYwNTA4MTQwM1oXDTE3MDYwNTA4MTQwM1owNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr -d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv -bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggIBAHcG1ysT8yImc0x3Z2O0SOtSYYjCPS1Gc89j -fWdBSoS5YhPHLgEjHQgDA6XdDNL0eUo3afhucEvSexhqLUABLu89cmi7ST+TsTEb -/lu8qZUgpa1bcMOk1+whl0JllfcDEq2y0aclkO0/6M6JftNNJ3egq2qVBDEszTtY -zcYZIr1o04TNp0fAtmPUH6zjpBkNB0DQyKFhgYPJNwTapj6ZDVi1zBK3wwFfZfgK -s3QvwhWNNbHL4B0sPec/6TiF5dY3SeUM4L8oAGdT7/ELE6E74rFyS/EpjJdVzXDs -FfQvUDPb6PJuWZbr4mNg/FANeGPa3VENcPz+4fj+Azi1vV3wD4OKT7W0zIkRZ+Wq -1hLFuwa/JCSHsn1GWFyWd3+qHIoFJUSU3HNxWho+MZqta0Jx/PGvMdOxnJ2az1QX -TaRwrilvN3KwvjGJ+cvGa7V9x8y9seRHZwfXXOx1ZZ0uEYquZ0jxKpBp/SdhRbA5 -zLmq088npt7tgi+LcrXydorgltBaGZA7P+/OJA2JkbIBBwdSjyfG6T07y4pgQ90h -CeRqzu4jFcZE7mjpTdEyxAQRJa2dhHkhFB7Muq7ZTi3jlml5LZnlbUdPlR5iTgOU -yueZsAAEb//A6EU008WmG/K+EY230JxEUzGNf2l1j1H94HcP9OwjY4bn2PJdVzcb -B8PmaiMB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7-future.crt b/tests/data_files/server7-future.crt deleted file mode 100644 index eeb596fc2..000000000 --- a/tests/data_files/server7-future.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTI3MDYwNjA4MTQwM1oXDTM3MDYwNjA4MTQwM1owNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr -d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv -bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggIBAHF4y9PmCUF1yOlBIUCUAAFMZmXJwOGsMNKI -u0+At0sbs+W8J06PVyYt4UxL4TyIxHM6SOvKndFdCQxG7NQY0KU+HBdLVUM1iZy0 -Kopg7yHvEAZ0YWPptgCd10C/wmTz0b0R3cxhSb8FZjlBjNB7dJKhRQsh0za+GMx/ -LXunH/t0oP5an4yO3zTog+4+7bDGGEY7SymQJ9Z8t2gdZpn/r60j9IGhL5XI2BS/ -+cU96DMF3cMmFk24vAfduYicKc8KowhUpGCsIP0bl+TY8Vq6kepBA2lnj7/YOkDs -/f+wIS/Id/hdw9KxRUPX+cQLUt0/C7JktDVudZ5zLt1y0A971R+23ARtJGUBJGSp -5tkVX8+hK8sT6AVOkcvA51IOBsVxmuoWk/WcjBDdOjyIK2JFdbcJYvR8cpRbL+j8 -HdQEu+LorvGp28m3Q5mBTKZLKgyUeQWrbYDqeub1OvYYkuvZPZWFEDP2VYcS7AXN -IoUSTcMyhLNuncQl/z0Jbkto59+il6cQ2HIqkubLBk2X8uwMw2tloROlmklweHqR -ta6aRlLxBMgccJpK7cU5H8TMb6aR9GJGyzQJ2vET3jPBq/uEwbvK8HRVJ7Ld68k6 -ZMCwXGdTeYuDWt0ngAhf+i+GNexJRSLvzRGt18DOrpmj2X3naarNSTfRArm4EINW -WKW7hd8h ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7.crt b/tests/data_files/server7.crt deleted file mode 100644 index ed087ef61..000000000 --- a/tests/data_files/server7.crt +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- diff --git a/tests/data_files/server7.key b/tests/data_files/server7.key deleted file mode 100644 index 0088331ea..000000000 --- a/tests/data_files/server7.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEILBDMs7bRVxVg6ovTpf2zB9m+22jY7R3LNKRvCPfa6YJoAoGCCqGSM49 -AwEHoUQDQgAEHG336dql6qGcsnIZqAkcc63eFbvepuOzTwXobRAuOmk3l4A5wXX/ -vs5wAawLX1wUTUM/AESHmAZrJK9tq5So8g== ------END EC PRIVATE KEY----- diff --git a/tests/data_files/server7_all_space.crt b/tests/data_files/server7_all_space.crt deleted file mode 100644 index a979830ba..000000000 --- a/tests/data_files/server7_all_space.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAk G -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHf Y -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca-exp.crt b/tests/data_files/server7_int-ca-exp.crt deleted file mode 100644 index fc0051772..000000000 --- a/tests/data_files/server7_int-ca-exp.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX -Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep -773Ap7Gxpk168id1EFhvW22YabKs ------END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca.crt b/tests/data_files/server7_int-ca.crt deleted file mode 100644 index d3ddc46a8..000000000 --- a/tests/data_files/server7_int-ca.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca_ca2.crt b/tests/data_files/server7_int-ca_ca2.crt deleted file mode 100644 index c289c0aad..000000000 --- a/tests/data_files/server7_int-ca_ca2.crt +++ /dev/null @@ -1,62 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== ------END CERTIFICATE----- diff --git a/tests/data_files/server7_pem_space.crt b/tests/data_files/server7_pem_space.crt deleted file mode 100644 index 0ef0fc7bd..000000000 --- a/tests/data_files/server7_pem_space.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAk G -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7_spurious_int-ca.crt b/tests/data_files/server7_spurious_int-ca.crt deleted file mode 100644 index 632c4fd13..000000000 --- a/tests/data_files/server7_spurious_int-ca.crt +++ /dev/null @@ -1,65 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl -WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 -ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW -BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server7_trailing_space.crt b/tests/data_files/server7_trailing_space.crt deleted file mode 100644 index 6faf8cf08..000000000 --- a/tests/data_files/server7_trailing_space.crt +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m -47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq -vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR -wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF -CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g -Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q -AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 -qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM -uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA -kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P -d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br -Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg -updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY -a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F ------END CERTIFICATE----- diff --git a/tests/data_files/server8.crt b/tests/data_files/server8.crt deleted file mode 100644 index b435b2deb..000000000 --- a/tests/data_files/server8.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 -quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB -ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q -AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr -u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb -J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA -J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz -2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh -2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== ------END CERTIFICATE----- diff --git a/tests/data_files/server8.key b/tests/data_files/server8.key deleted file mode 100644 index aa9941ec1..000000000 --- a/tests/data_files/server8.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA2xx/LgvNv87RdRCgorjOfariBeB62ERjj7W9wLAZuTe4GUoO -8V10gGdGhwbeW38GA73BjV4HFdRb9Nzlzz35wREsrmq5ir0dZ2YX6k692xWagofk -8HjDo4WHsP2fqZlf4zPszOoLtWFe8Ul+P6Mt6gEMzEKadpvE0DfTsRcBYQEWWX4c -F8NT/dFyy0xgFdp94uqtUO+O4ovUandV1nDZa7vx7jkEOKO94tHgZmvinEeZ6Sjm -tvwuymdDhOjVg9admGsBPoHcPHrK+fOc99YoGyd4fMPQ1WOngTSJrSVqvfLq7fpX -/OU0xsEPcS3SCBAbrURB4P55oGOTirFd6bDubwIDAQABAoIBAFvf3xQXrvY2am2D -w1d31l2rQYrlTZ1RT836js41CRQ44OD5xLpATZFpvJDxuFr1MDhxYK8+NgpZORW7 -akEz432pDes0pQgftCyfCngc/E7ZCCijgsOyX5Y5b2QvdLtQrHxAUZK6sJ4lbgIO -pvlYGvB78DnV057YQfZs8j7XPqTFYVNlIx6xCFxwiMTeUGZvSrN8CpKT/5zsSE5d -xX2alaYiWl2oSOI7axrtpMEXAI0A/O/N1mI+n3cs15cfAJa/fMjEMmGz0Pqg5IlS -IwZWpr6BzbdHldO/XlVErKMo4lADUmsr2d+q3vfQmLEAyizp7OmU9vc+DXcK9jH+ -aDd0gcECgYEA7SAVA/banYejN7Ovn84pJ+mguINMwPFZd9eW9op1PgRryGCpdh77 -qV64YIjFhwt1JQQIf5GCPD5Um0Z8mY59a6MU+sJGGB7xwVuCuXbDAKJJF6/58f7/ -MoLzsoQFy50TpA90T0WOvMWDnWSLTYjRr1fFTKNWNcvPoFOnmAydGbUCgYEA7I1X -mCFRSGiu0NdN2j7mwtTudI4m/qyYfUQxpSvvgN2DSHtG56h8Dz1w7CpNlLDHodPP -e8oiXMS/bBBNwWHu9hxhBqdmvj4C+K5Ax0EKYx7CsHWK7BJ8u8Ak8xwaufMiejt5 -ioJhI4pyukBEqJbnuzmuDcuoqxPF1ZTmM/WzrhMCgYBi5V9+cMUKsFhFUf6sUqpd -iBXM/o3TZpVe4x6GIob1X5ioUJA8wH1LTULul/xx7zhjQMRemAxOHdzhictLq97p -NnH4h2/+fWFsuELUIREBQa3kYDOJV0WOBomm6WMVYaSgZwWmTidS2bmjuhxTMP3q -+FtENFcvRpqIjns2cgRPhQKBgQDcjhia5o2z9q7wV57mG3nrNL+0ewoOsHxpZ5jm -SSXBQEf038RHoIczanUMLZEyTvWDhErTP690UZmtNzJYWWiFngY1PwYD4SvCFC6f -2ZvGuVqLTr0dyUr1f3y0E4Mz12dREn0LUO8jRSYdVGjvy+v6XBhWEoqMIB54OqG8 -1p0WcwKBgF4KfzBOi1DarCuxaa6huUdNc8efog5GO1lmNenKlRuPLp5wp3qvWsyH -blfbtJQNE1DhbDGwmzPCGLc3wXx0t0gCrcMkxoRATFMNOSLodG7Mbkj9AoEMx94X -XYfi5vYftbEUmZeZtHZBI3o3up/xtPcuGNlb8BSIIOaQtIYybxKa ------END RSA PRIVATE KEY----- diff --git a/tests/data_files/server8_int-ca2.crt b/tests/data_files/server8_int-ca2.crt deleted file mode 100644 index 7a8da717d..000000000 --- a/tests/data_files/server8_int-ca2.crt +++ /dev/null @@ -1,36 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 -quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB -ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q -AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr -u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb -J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA -J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz -2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh -2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl -WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 -ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW -BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-mgfhash.crt b/tests/data_files/server9-bad-mgfhash.crt deleted file mode 100644 index 34ef69e03..000000000 --- a/tests/data_files/server9-bad-mgfhash.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3 -Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg -WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV -H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW -KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9 -uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-saltlen.crt b/tests/data_files/server9-bad-saltlen.crt deleted file mode 100644 index f4da8832f..000000000 --- a/tests/data_files/server9-bad-saltlen.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam -hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl -XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD -yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r -YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6 -JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-badsign.crt b/tests/data_files/server9-badsign.crt deleted file mode 100644 index 9e565419e..000000000 --- a/tests/data_files/server9-badsign.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g -HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo -r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCFG ------END CERTIFICATE----- diff --git a/tests/data_files/server9-defaults.crt b/tests/data_files/server9-defaults.crt deleted file mode 100644 index 4ce5c8732..000000000 --- a/tests/data_files/server9-defaults.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B -AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7 -E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL -Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC -AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf -p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU -ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy -/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm -f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd -jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a -69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS -BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B -09JqWv4DoLNnwg== ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha224.crt b/tests/data_files/server9-sha224.crt deleted file mode 100644 index 1b05f313a..000000000 --- a/tests/data_files/server9-sha224.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo -PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm -g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm -uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR -B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe -l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha256.crt b/tests/data_files/server9-sha256.crt deleted file mode 100644 index 7d0aa3956..000000000 --- a/tests/data_files/server9-sha256.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg -3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 -yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H -V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE -0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu -zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha384.crt b/tests/data_files/server9-sha384.crt deleted file mode 100644 index aaa63e6ed..000000000 --- a/tests/data_files/server9-sha384.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp -B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI -aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX -TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug -qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg -s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-sha512.crt b/tests/data_files/server9-sha512.crt deleted file mode 100644 index a211b921d..000000000 --- a/tests/data_files/server9-sha512.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR -6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu -6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk -tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU -6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ -5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= ------END CERTIFICATE----- diff --git a/tests/data_files/server9-with-ca.crt b/tests/data_files/server9-with-ca.crt deleted file mode 100644 index 0478cff85..000000000 --- a/tests/data_files/server9-with-ca.crt +++ /dev/null @@ -1,99 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g -HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo -r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== ------END CERTIFICATE----- diff --git a/tests/data_files/server9.crt b/tests/data_files/server9.crt deleted file mode 100644 index a6f9fbc76..000000000 --- a/tests/data_files/server9.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g -HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo -r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG ------END CERTIFICATE----- diff --git a/tests/data_files/server9.key b/tests/data_files/server9.key deleted file mode 100644 index e005864f9..000000000 --- a/tests/data_files/server9.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAequgOwrsTQNuK -Eo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv5zibCItjmToK -Je5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSpC9pAlQIDAQAB -AoGAHFCE2tBL0xB45Go/1e/Pi9//OVZAJ3Cw0mmEuqjVNB7I6zxhYhviWbgz92+V -g92KBlU9CIx0/ZhGMyHRNO0uYNEZUJyM8zItoo/nmU31+VaHOGgpei04HZrn1Nmw -QS01FVrn9wzKR/5qeEBmxE7rVMDQo8QLnllC3jXzIVUtX4ECQQD2g9dleWYbqIQe -Q9paXxzvODhCzNtQwD0PnOKc54Nu4zm3JI45REtunmG8et+Ncms9RycTjNlWPGJT -62jgaJexAkEA5ZMNv4u9NNRfZprmlNyvjSOf+w7fdKzhcnkHbGkfLnFdc7vq0XFC -nwORsdjpOvWQUwrV2Cw8Pl4rKa4B4iqUJQJBAMVti6maU3udN8qhXxP3js3LwctG -E/OVMpH5fMha5jl9w/B4V2tn1d3O/MmdwsKeu2JFRPd0W2+kRr+dDs6DFdECQQC1 -3g9QJRWY2n1RPXlZiJKSDxzXuOqQ9bwMAZE98vE+y5Qq8T2O+li6vAsZhysNCChz -gOvzuudmyRcMh8r6Lpz5AkAUKK3gYtJFiVH2arRig3JjZJqixgSTolMT1n+HG4uM -tnBqBiEBVwBxEqaohla/rHR5joZCdcDN8xq0yeTQyLH9 ------END RSA PRIVATE KEY----- diff --git a/tests/data_files/server9.req.sha1 b/tests/data_files/server9.req.sha1 deleted file mode 100644 index b9d005382..000000000 --- a/tests/data_files/server9.req.sha1 +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBojCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBIGCSqGSIb3DQEBCjAFogMC -AWoDgYEA2n8SOoiJCs+YyH2VXoUVxhutdXGP4+7cECakl2mmVEKhxXDMEG7hEFkB -mkk4b1kRNOQHKqUq3crfi0OkMcPGkPiLlYLKgT51CgsBhuJaMsdCYo/5POgTZD4u -FI5gfyO70Xpq9QmrWEqqTdalRG7+UmGa3VEUVyXTDnQZfU1N2QE= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha224 b/tests/data_files/server9.req.sha224 deleted file mode 100644 index fe1c797ed..000000000 --- a/tests/data_files/server9.req.sha224 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAIEoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCBKIDAgFiA4GB -AMlYYZKqpDqg5UZZq3NB3QUR9qftY/52/0gPfruw5s2gNtFmG1uyEBJX/oc7C/fU -lxo74HDraWJyvP7c3MMhOuwr/RfPNQhA2Hgwz9RuJIBhQrJfiZuHsCfiKVofMuMf -ar/4EKfyoELDdilhg6i+abahGOkqyXsjavFtyDSeCpXH ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha256 b/tests/data_files/server9.req.sha256 deleted file mode 100644 index 0ef9ef028..000000000 --- a/tests/data_files/server9.req.sha256 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFeA4GB -ACUaCTidvzWVJNKmRrriufThGUfw5Xgdsc3Ga8Cx+vRf+bPZmR3NVkc0Zq9uc0+8 -d1WXaLzbmge6IbcvTPWCLNDAWI9UzoQ6WS9myM3eDEGdruClYwb5BVLx3MvhvooK -L/H6snE1dHNPXyCNVFTJIll3bRlVMRsfZpDhmz8/ImJ4 ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha384 b/tests/data_files/server9.req.sha384 deleted file mode 100644 index 010345027..000000000 --- a/tests/data_files/server9.req.sha384 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIDAgFOA4GB -ANfZGK6nE/CP9PuALFzbA/mvOnYlI60pMowscRfCYpvR25iQJVhAJfYVXADRN3qd -NAiFWNVcjFMIkRlq7qifBN97VHGeYoWIuw9gYEb3OqDGzOsYP0KIgMNt8/A4qCkj -5MzolOYyT+N+QFGV0pdCNpX7QppfNdFyFAmWXa171RzG ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha512 b/tests/data_files/server9.req.sha512 deleted file mode 100644 index 676b5c996..000000000 --- a/tests/data_files/server9.req.sha512 +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw -EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R -ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX -yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY -mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B -CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w -CwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgE+A4GB -ACxWBhPkhyVlBY/mwkrW7OjYsaN2/ZlFSv76w63b61BpigReJsggMut5EPOgfGYJ -rzygKDlF/NtmMN22jWrFup9LsZJAX0gYbLmliiaG9Hch+i/8b42oaQTDWGFZ9LiY -W7F7X0f9lpzNKOtQ8ix0s+nYS2ONyzfu55+Rlzf8/63M ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca-alt-good.crt b/tests/data_files/test-ca-alt-good.crt deleted file mode 100644 index f9beba032..000000000 --- a/tests/data_files/test-ca-alt-good.crt +++ /dev/null @@ -1,41 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTcwNzAzMTU1MzQxWhcNMjcwNzA0MTU1MzQxWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2crirFCFKa5J4yx4gC+/Pe2kkIpoT -/SEvzefxJ8siPJl2XQVDrUFenNC8Uzw87/3Z7tW3uLKebn5++QEVYDtz5HAWfck1 -wwanGFL6noHw7qgQ5ak6HMoipPChD7Z6bKbBRgx2IVKoIbaXh0QmJ4qlaYc9rKGZ -aH9vms5pwPwDTlQqnm+VenG6ThFajWLeL/MlvcGd4pLHAWjL6S2E0vU5WQR6rev7 -He9pdtD/vLO30nOPJ6JuDp+1gB5UIm1+jP9Ww8OsQVJHGyp729dvIvEicgp8NSNB -UBtBZHpSVJM+BPlzKpXIVbiI7pU01q3xu0mleveUzL0tE0n9YT5uIcenAgMBAAGj -gZUwgZIwHQYDVR0OBBYEFJSaOPcahiGKvsg629IQvHh34EuwMGMGA1UdIwRcMFqA -FJSaOPcahiGKvsg629IQvHh34EuwoT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE -CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWsyH6AZdugfP40tiXH5PKD93QCuV -dAm9c2oUKbNfsAJMHOsWWp+b7hSNRMvKz4jcPAIQnMGNp/U4PuESp16uS0O9szud -X4HS8SD8GEto9d8uEF9J3fY6ZalCmgRrgwVpChy+MQmfqMr30OLTANsmoksA4ON3 -zdm5xDInPPjOq7emtdXoNOhv4rkM7dmeztC8DhO0n1PGeeY1CMCr93TcQzx1UVtl -QHOkQQQJM9UoV0fEA1N5lsc9uSQxPmZCVMw/W+MFIEkH6nbgh0bM/qjcaqDsWXyT -n5RutVDPESLLKaZxeR7J8srX/0nzhOiPIX+hDRWqhwQLxVkkRs6MxVDoiw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA -A4IBAQB2W2dIy4q4KysbrTL4HIaOqu62RceGuQ/KhyiI6O0ndCtQ/PgCBqHHTP8u -8F1X2ivb60ynHV6baMLPI4Kf1k4MONtLSf/++1qh0Gdycd3A8IDAfy0YnC1F3OPK -vWO/cZGitKoTbEpP4y4Rng3sFCDndRCWIRIDOEEW/H3lCcfL7sOQojdLl85ajFkh -YvcDqjmnTcspUnuq9Y00C7porXJthZwz1S18qVjcFNk0zEhVMUbupSrdXVmKtOJW -MWZjgcA+OXzcnb2hSKWbhjykH/u6/PqkuHPkD723rwXbmHdxRVS9CW57kDkn5ezJ -5pE6Sam4qFsCNFJNBV9FRf3ZBMFi ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca-alt.crt b/tests/data_files/test-ca-alt.crt deleted file mode 100644 index 7399e43d8..000000000 --- a/tests/data_files/test-ca-alt.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTcwNzAzMTU1MzQxWhcNMjcwNzA0MTU1MzQxWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2crirFCFKa5J4yx4gC+/Pe2kkIpoT -/SEvzefxJ8siPJl2XQVDrUFenNC8Uzw87/3Z7tW3uLKebn5++QEVYDtz5HAWfck1 -wwanGFL6noHw7qgQ5ak6HMoipPChD7Z6bKbBRgx2IVKoIbaXh0QmJ4qlaYc9rKGZ -aH9vms5pwPwDTlQqnm+VenG6ThFajWLeL/MlvcGd4pLHAWjL6S2E0vU5WQR6rev7 -He9pdtD/vLO30nOPJ6JuDp+1gB5UIm1+jP9Ww8OsQVJHGyp729dvIvEicgp8NSNB -UBtBZHpSVJM+BPlzKpXIVbiI7pU01q3xu0mleveUzL0tE0n9YT5uIcenAgMBAAGj -gZUwgZIwHQYDVR0OBBYEFJSaOPcahiGKvsg629IQvHh34EuwMGMGA1UdIwRcMFqA -FJSaOPcahiGKvsg629IQvHh34EuwoT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE -CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWsyH6AZdugfP40tiXH5PKD93QCuV -dAm9c2oUKbNfsAJMHOsWWp+b7hSNRMvKz4jcPAIQnMGNp/U4PuESp16uS0O9szud -X4HS8SD8GEto9d8uEF9J3fY6ZalCmgRrgwVpChy+MQmfqMr30OLTANsmoksA4ON3 -zdm5xDInPPjOq7emtdXoNOhv4rkM7dmeztC8DhO0n1PGeeY1CMCr93TcQzx1UVtl -QHOkQQQJM9UoV0fEA1N5lsc9uSQxPmZCVMw/W+MFIEkH6nbgh0bM/qjcaqDsWXyT -n5RutVDPESLLKaZxeR7J8srX/0nzhOiPIX+hDRWqhwQLxVkkRs6MxVDoiw== ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca-alt.csr b/tests/data_files/test-ca-alt.csr deleted file mode 100644 index 898c9e6a1..000000000 --- a/tests/data_files/test-ca-alt.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICgDCCAWgCAQAwOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw -FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAtnK4qxQhSmuSeMseIAvvz3tpJCKaE/0hL83n8SfLIjyZdl0FQ61B -XpzQvFM8PO/92e7Vt7iynm5+fvkBFWA7c+RwFn3JNcMGpxhS+p6B8O6oEOWpOhzK -IqTwoQ+2emymwUYMdiFSqCG2l4dEJieKpWmHPayhmWh/b5rOacD8A05UKp5vlXpx -uk4RWo1i3i/zJb3BneKSxwFoy+kthNL1OVkEeq3r+x3vaXbQ/7yzt9Jzjyeibg6f -tYAeVCJtfoz/VsPDrEFSRxsqe9vXbyLxInIKfDUjQVAbQWR6UlSTPgT5cyqVyFW4 -iO6VNNat8btJpXr3lMy9LRNJ/WE+biHHpwIDAQABoAAwDQYJKoZIhvcNAQELBQAD -ggEBAGHWUwqKMe+XwZ44u+1RKsH3jCXmxkBW4rwJwqtkrW8dzjCqFGmQoJeFivOA -o0TPchkpQXGUNssFPbXZZsq7OBt1hPkH7wMxknztu+D4F9wJ2Oxpy8x44WeUr3pI -rnl/VivUaywiIPMwR3W+7IIFTmzKfcSYf0l6uv4/A8BiSvtI4U9InfSvU+ENHuNH -rb0ynhYEqy9NHA2exD0A/gQb40CAHtJL+sTVTRgxOx8xT8K8WAQufk0HSB6iel6M -I+6VLnVjGJ5P/t6zPI4jcLzyg4V9DS282a/SadRFGc0uwPWxJW906BO5g6PNMaA8 -BdcuWaWwa2KQ/LuUCmumy+fC68E= ------END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca-alt.key b/tests/data_files/test-ca-alt.key deleted file mode 100644 index 84b8fab60..000000000 --- a/tests/data_files/test-ca-alt.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAtnK4qxQhSmuSeMseIAvvz3tpJCKaE/0hL83n8SfLIjyZdl0F -Q61BXpzQvFM8PO/92e7Vt7iynm5+fvkBFWA7c+RwFn3JNcMGpxhS+p6B8O6oEOWp -OhzKIqTwoQ+2emymwUYMdiFSqCG2l4dEJieKpWmHPayhmWh/b5rOacD8A05UKp5v -lXpxuk4RWo1i3i/zJb3BneKSxwFoy+kthNL1OVkEeq3r+x3vaXbQ/7yzt9Jzjyei -bg6ftYAeVCJtfoz/VsPDrEFSRxsqe9vXbyLxInIKfDUjQVAbQWR6UlSTPgT5cyqV -yFW4iO6VNNat8btJpXr3lMy9LRNJ/WE+biHHpwIDAQABAoIBAAT6+rmI0iPS7euo -N8lOKhyy1LrsyuHyzf4dE9DMckob92B4x5UCXL91bmlFqGZNctOJJoJeY1nZ0FAt -Ae+Qce8G9FxY0K5MBZl4G4PF4ewux522dzkj4gyyDfOHl0aeQqsR+3MaE8SNLwvR -4HVeLPW4/L0dQkgKxzfHtQzD/N0mMW2/iywyiLYmvLBSHl3eZ+te0Q+5/JEm8fjU -FkVytSvJ6Z/c5U2PR0N6ampVgB7X7Uf6nEhDJW21q+u85JC60ujIn7TEZKd4bfIM -dMZF8LFczSzQ4mWISfhfRKVRew457tJalA/8qwg14jeggEuiDBE1FnR2f/JdHA9I -e/VyrnkCgYEA32bBltrgz9V6Z1x9XD2+T2aot/u1XHORM7EPZJMA9gP4wMBcbyy8 -zdpGf1hrJX3JMoKBDy6Xty8Cs9WJytWUwfwd92Sz01It4XeLsIeqYBq51gjGN+Fp -auw/8zifKdAEPMJXNhUX9sSuUz1LaT6wFI3vatWliliMPPbdgyoRmKMCgYEA0RIj -+huEwNkHWEaj47aDafekpRoVs81IjUjrXx6c0cabco10YR+TPX9+dwmjV4O5Y2f2 -Ph+ivXlPiOpf7Psx0PFlMPawWeoKIZjKPR92bMiLDXC0uF9frTujKm7VRNbAVjFE -7tvrVJnoDITSHMGXMui69o844klJUMwNpGFOcS0CgYEAkENaBiHIBU5VIgQvC+7v -Q3UGxPCtmEsk3B2d1BO+DiBYdZiC2GQqdEBdQAUIBAjrcUunLfenj2qzMxBVT/+G -dZJqg4SrP26VJEE/mrqxAiigEyBNaG6O1bZEQbsxxR2IbvgMu2b5t6gg7q3pUchi -ipNxpSrcIK+3t/Ku7vGutUMCgYEAl5t0A1YZOk8nCFiRV/tt6FXwStlTi4L9bZbH -N77XMTe4WaVCE3v2Jc5iQqf2juuyb+dfpUUDmipyBnMPBKZTRZUHMC5zS4BvwFUv -sosyMUhrrV9hbaGbm993ProIZVblOpuXxS4sxLimkQ1v3/JyVjR1/310XoOOaszN -x7nYTDECgYEAoLAWorWXzAO5GOAc3sf51dtTNnm2gJQ8v4FlJ0kWrjStUmb+aLR0 -20MCjIDuW/zWP5bVcD+pw8YW6UN0C5m45vTpUQgF59Ic1UMC+0H4z31N+QafaRfJ -yk5Nd2sIrJSkwuI23CnEh5khhiNTE2zvgNaHs5vkJu57xDxjg0GH45k= ------END RSA PRIVATE KEY----- diff --git a/tests/data_files/test-ca-good-alt.crt b/tests/data_files/test-ca-good-alt.crt deleted file mode 100644 index f360a7696..000000000 --- a/tests/data_files/test-ca-good-alt.crt +++ /dev/null @@ -1,41 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA -A4IBAQB2W2dIy4q4KysbrTL4HIaOqu62RceGuQ/KhyiI6O0ndCtQ/PgCBqHHTP8u -8F1X2ivb60ynHV6baMLPI4Kf1k4MONtLSf/++1qh0Gdycd3A8IDAfy0YnC1F3OPK -vWO/cZGitKoTbEpP4y4Rng3sFCDndRCWIRIDOEEW/H3lCcfL7sOQojdLl85ajFkh -YvcDqjmnTcspUnuq9Y00C7porXJthZwz1S18qVjcFNk0zEhVMUbupSrdXVmKtOJW -MWZjgcA+OXzcnb2hSKWbhjykH/u6/PqkuHPkD723rwXbmHdxRVS9CW57kDkn5ezJ -5pE6Sam4qFsCNFJNBV9FRf3ZBMFi ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTcwNzAzMTU1MzQxWhcNMjcwNzA0MTU1MzQxWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2crirFCFKa5J4yx4gC+/Pe2kkIpoT -/SEvzefxJ8siPJl2XQVDrUFenNC8Uzw87/3Z7tW3uLKebn5++QEVYDtz5HAWfck1 -wwanGFL6noHw7qgQ5ak6HMoipPChD7Z6bKbBRgx2IVKoIbaXh0QmJ4qlaYc9rKGZ -aH9vms5pwPwDTlQqnm+VenG6ThFajWLeL/MlvcGd4pLHAWjL6S2E0vU5WQR6rev7 -He9pdtD/vLO30nOPJ6JuDp+1gB5UIm1+jP9Ww8OsQVJHGyp729dvIvEicgp8NSNB -UBtBZHpSVJM+BPlzKpXIVbiI7pU01q3xu0mleveUzL0tE0n9YT5uIcenAgMBAAGj -gZUwgZIwHQYDVR0OBBYEFJSaOPcahiGKvsg629IQvHh34EuwMGMGA1UdIwRcMFqA -FJSaOPcahiGKvsg629IQvHh34EuwoT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE -CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWsyH6AZdugfP40tiXH5PKD93QCuV -dAm9c2oUKbNfsAJMHOsWWp+b7hSNRMvKz4jcPAIQnMGNp/U4PuESp16uS0O9szud -X4HS8SD8GEto9d8uEF9J3fY6ZalCmgRrgwVpChy+MQmfqMr30OLTANsmoksA4ON3 -zdm5xDInPPjOq7emtdXoNOhv4rkM7dmeztC8DhO0n1PGeeY1CMCr93TcQzx1UVtl -QHOkQQQJM9UoV0fEA1N5lsc9uSQxPmZCVMw/W+MFIEkH6nbgh0bM/qjcaqDsWXyT -n5RutVDPESLLKaZxeR7J8srX/0nzhOiPIX+hDRWqhwQLxVkkRs6MxVDoiw== ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca-sha1.crt b/tests/data_files/test-ca-sha1.crt deleted file mode 100644 index e8b537c72..000000000 --- a/tests/data_files/test-ca-sha1.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI -yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv -czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST -S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM -iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS -NWqiX9GyusBZjezaCaHabjDLU0qQ ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca-sha256.crt b/tests/data_files/test-ca-sha256.crt deleted file mode 100644 index 9b08fe20a..000000000 --- a/tests/data_files/test-ca-sha256.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA -A4IBAQB2W2dIy4q4KysbrTL4HIaOqu62RceGuQ/KhyiI6O0ndCtQ/PgCBqHHTP8u -8F1X2ivb60ynHV6baMLPI4Kf1k4MONtLSf/++1qh0Gdycd3A8IDAfy0YnC1F3OPK -vWO/cZGitKoTbEpP4y4Rng3sFCDndRCWIRIDOEEW/H3lCcfL7sOQojdLl85ajFkh -YvcDqjmnTcspUnuq9Y00C7porXJthZwz1S18qVjcFNk0zEhVMUbupSrdXVmKtOJW -MWZjgcA+OXzcnb2hSKWbhjykH/u6/PqkuHPkD723rwXbmHdxRVS9CW57kDkn5ezJ -5pE6Sam4qFsCNFJNBV9FRf3ZBMFi ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca-v1.crt b/tests/data_files/test-ca-v1.crt deleted file mode 100644 index e5a3b1cde..000000000 --- a/tests/data_files/test-ca-v1.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDIzCCAgsCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA4MTRaGA8yMDI0 -MDYxODEwMDgxNFowUDEcMBoGA1UEAxMTUG9sYXJTU0wgVGVzdCBDQSB2MTEQMA4G -A1UECxMHdGVzdGluZzERMA8GA1UEChMIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUW -oM0h8ZnU7OrLfBhYCJSl7JvFi98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6j -MFKp8udAcBTLRKJyC8LlQPk+5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8 -Ko/vJ2DDxp/LuuxgfbfmhDK+T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59 -JHJpy0exFECDfWf0hvYxq/F5pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp -/KzbLijRfgJLI6AV8jhlZAnqDG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QID -AQABMA0GCSqGSIb3DQEBCwUAA4IBAQBoXC5AlXI5azyOPvmNse2qHhO7BrXOEjH+ -9g5P/VsrVADhsUGv6x0A2oLoWXtOjGDIWWH53BWHkCUCu4T5D5C6+I47rXWl4pAr -J+h+tQVZo6J0AJxfPse/NnrjsboUSWhunmo/iTrU6S4KJBguIKP6T1DZoD/8EYgU -x+fXDmvRO+MTesWDiY+p+FHEzsu3b9EBtG9dUiR/zzXi/ktFCfrgstKGSuW6+j7m -lcduTxsogi6Uc3tWKtn6qpSGR0uBoCz6emFO7Smmy/tIyVA88lH0+3UnxOvu4TAK -uvjYkOcZqhprDiMfhxBB7pxbfiviEANTbgSfCtZewSNz2RUJ9ocy ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca.crt b/tests/data_files/test-ca.crt deleted file mode 100644 index e8b537c72..000000000 --- a/tests/data_files/test-ca.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx -mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny -50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n -YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL -R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu -KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI -yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv -czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST -S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM -iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS -NWqiX9GyusBZjezaCaHabjDLU0qQ ------END CERTIFICATE----- diff --git a/tests/data_files/test-ca.der b/tests/data_files/test-ca.der deleted file mode 100644 index 039fb9e43004e622bd1404116f68208800005c6d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 837 zcmXqLVs&G%f_kI=F#?@mywZ`mBGN;klTQhjX9KsO_<5g$57CK zAH?C};RwjjNh}Hu_A!(+5C;h{^9aC%6hcyqOB9?P4dldm4Gj&942=v;OiT<6qQrTP zkhzo@-o&Vc>{v!t2IeM4eg=akMlPl%Mn;AM_s#!^?|v|Cu6^6RX-2g!OT`wPRs1;f z%9~fGYa}8#rYwCk`)K!lDY=;zGu!2=5A<5zw}>sMV81-?=HwSUivo|HTWk=t^3!vN z0+G`$i;B1pJ$3kL_jDQG=AUo8k`L_AWGI;vZoOhD%Y?#@dz)|CUt9XfMyvn5dcxsj z^H1-3lTf?;S&Pv=|KAa6O3cw$wp{)F_3<>lf&)+V_Wsd(_sB8yfQeqMN>S!%_l+VB z&9&)Y+P)dC{#dzW(^fs9pDp4alJeExvi&hv5v`G zd4cFBi_{d(S3G%r(&7sWPi&rja`nr@pU$^W>u+E(nm02df6-MYW=00a#Q_F>20Xy{ zkrifPHDG3B{BIx&;_TP!7QC4hV&D%ba$=(yp zSf5T{U|xOMYODB`ORhngYUdu$ke${2W5Fa@4<>WHgK<+21^?T)$E3-`#B5?uM^*ZC z6Nm2K9(kA78#MN@`c78-w( Date: Thu, 21 Feb 2019 13:43:56 +0000 Subject: [PATCH 1190/2197] scripts: Remove unneeded scripts --- scripts/memory.sh | 126 ---------------------------------------------- 1 file changed, 126 deletions(-) delete mode 100755 scripts/memory.sh diff --git a/scripts/memory.sh b/scripts/memory.sh deleted file mode 100755 index 3dad2899c..000000000 --- a/scripts/memory.sh +++ /dev/null @@ -1,126 +0,0 @@ -#!/bin/sh - -# Measure memory usage of a minimal client using a small configuration -# Currently hardwired to ccm-psk and suite-b, may be expanded later -# -# Use different build options for measuring executable size and memory usage, -# since for memory we want debug information. - -set -eu - -CONFIG_H='include/mbedtls/config.h' - -CLIENT='mini_client' - -CFLAGS_EXEC='-fno-asynchronous-unwind-tables -Wl,--gc-section -ffunction-sections -fdata-sections' -CFLAGS_MEM=-g3 - -if [ -r $CONFIG_H ]; then :; else - echo "$CONFIG_H not found" >&2 - exit 1 -fi - -if grep -i cmake Makefile >/dev/null; then - echo "Not compatible with CMake" >&2 - exit 1 -fi - -if [ $( uname ) != Linux ]; then - echo "Only work on Linux" >&2 - exit 1 -fi - -if git status | grep -F $CONFIG_H >/dev/null 2>&1; then - echo "config.h not clean" >&2 - exit 1 -fi - -# make measurements with one configuration -# usage: do_config -do_config() -{ - NAME=$1 - UNSET_LIST=$2 - SERVER_ARGS=$3 - - echo "" - echo "config-$NAME:" - cp configs/config-$NAME.h $CONFIG_H - scripts/config.pl unset MBEDTLS_SSL_SRV_C - - for FLAG in $UNSET_LIST; do - scripts/config.pl unset $FLAG - done - - grep -F SSL_MAX_CONTENT_LEN $CONFIG_H || echo 'SSL_MAX_CONTENT_LEN=16384' - - printf " Executable size... " - - make clean - CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os lib >/dev/null 2>&1 - cd programs - CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os ssl/$CLIENT >/dev/null - strip ssl/$CLIENT - stat -c '%s' ssl/$CLIENT - cd .. - - printf " Peak ram usage... " - - make clean - CFLAGS=$CFLAGS_MEM make OFLAGS=-Os lib >/dev/null 2>&1 - cd programs - CFLAGS=$CFLAGS_MEM make OFLAGS=-Os ssl/$CLIENT >/dev/null - cd .. - - ./ssl_server2 $SERVER_ARGS >/dev/null & - SRV_PID=$! - sleep 1; - - if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 - then - FAILED=0 - else - echo "client failed" >&2 - FAILED=1 - fi - - kill $SRV_PID - wait $SRV_PID - - scripts/massif_max.pl massif.out.* - mv massif.out.* massif-$NAME.$$ -} - -# preparation - -CONFIG_BAK=${CONFIG_H}.bak -cp $CONFIG_H $CONFIG_BAK - -rm -f massif.out.* - -printf "building server... " - -make clean -make lib >/dev/null 2>&1 -(cd programs && make ssl/ssl_server2) >/dev/null -cp programs/ssl/ssl_server2 . - -echo "done" - -# actual measurements - -do_config "ccm-psk-tls1_2" \ - "" \ - "psk=000102030405060708090A0B0C0D0E0F" - -do_config "suite-b" \ - "MBEDTLS_BASE64_C MBEDTLS_PEM_PARSE_C MBEDTLS_CERTS_C" \ - "" - -# cleanup - -mv $CONFIG_BAK $CONFIG_H -make clean -rm ssl_server2 - -exit $FAILED From 32577734e2635da3684d03ad04ba07044775cef9 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 22 Feb 2019 11:23:49 +0000 Subject: [PATCH 1191/2197] doxygen: Update for Mbed Crypto Remove references to the X.509, NET, and SSL modules. Update text from "Mbed TLS" to "Mbed Crypto". Update version number. --- doxygen/input/doc_mainpage.h | 63 +++++------------------------------- doxygen/mbedtls.doxyfile | 1 - include/mbedtls/dhm.h | 2 -- 3 files changed, 8 insertions(+), 58 deletions(-) diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index 4eff83692..2a637d1b2 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -5,7 +5,7 @@ */ /* * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2019, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -24,73 +24,26 @@ */ /** - * @mainpage mbed TLS v2.17.0 source code documentation + * @mainpage Mbed Crypto v0.1.0 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in * mbed TLS's source code using Doxygen. (See * http://www.stack.nl/~dimitri/doxygen/ for more information on Doxygen) * - * mbed TLS has a simple setup: it provides the ingredients for an SSL/TLS - * implementation. These ingredients are listed as modules in the - * \ref mainpage_modules "Modules section". This "Modules section" introduces - * the high-level module concepts used throughout this documentation.\n - * Some examples of mbed TLS usage can be found in the \ref mainpage_examples - * "Examples section". + * Mbed Crypto provides an implementation of the PSA Crypto API. The library is + * comprised of a number of independent modules, listed in the \ref + * mainpage_modules "Modules section". This "Modules section" introduces the + * high-level module concepts used throughout this documentation. * * @section mainpage_modules Modules * - * mbed TLS supports SSLv3 up to TLSv1.2 communication by providing the - * following: - * - TCP/IP communication functions: listen, connect, accept, read/write. - * - SSL/TLS communication functions: init, handshake, read/write. - * - X.509 functions: CRT, CRL and key handling + * Mbed Crypto provides the following modules: * - Random number generation * - Hashing * - Encryption/decryption * * Above functions are split up neatly into logical interfaces. These can be - * used separately to provide any of the above functions or to mix-and-match - * into an SSL server/client solution that utilises a X.509 PKI. Examples of - * such implementations are amply provided with the source code. + * used separately to provide any of the above functions or to mix-and-match. * - * Note that mbed TLS does not provide a control channel or (multiple) session - * handling without additional work from the developer. - * - * @section mainpage_examples Examples - * - * Example server setup: - * - * \b Prerequisites: - * - X.509 certificate and private key - * - session handling functions - * - * \b Setup: - * - Load your certificate and your private RSA key (X.509 interface) - * - Setup the listening TCP socket (TCP/IP interface) - * - Accept incoming client connection (TCP/IP interface) - * - Initialise as an SSL-server (SSL/TLS interface) - * - Set parameters, e.g. authentication, ciphers, CA-chain, key exchange - * - Set callback functions RNG, IO, session handling - * - Perform an SSL-handshake (SSL/TLS interface) - * - Read/write data (SSL/TLS interface) - * - Close and cleanup (all interfaces) - * - * Example client setup: - * - * \b Prerequisites: - * - X.509 certificate and private key - * - X.509 trusted CA certificates - * - * \b Setup: - * - Load the trusted CA certificates (X.509 interface) - * - Load your certificate and your private RSA key (X.509 interface) - * - Setup a TCP/IP connection (TCP/IP interface) - * - Initialise as an SSL-client (SSL/TLS interface) - * - Set parameters, e.g. authentication mode, ciphers, CA-chain, session - * - Set callback functions RNG, IO - * - Perform an SSL-handshake (SSL/TLS interface) - * - Verify the server certificate (SSL/TLS interface) - * - Write/read data (SSL/TLS interface) - * - Close and cleanup (all interfaces) */ diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index ce58d6b12..18223696e 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1618,7 +1618,6 @@ PREDEFINED = WIN32 \ P2MP \ P2MP_SERVER \ USE_CRYPTO \ - USE_SSL \ ENABLE_PLUGIN \ ENABLE_MANAGEMENT \ ENABLE_OCC \ diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 98cd4e21a..49eb6a47e 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -298,7 +298,6 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); #if defined(MBEDTLS_ASN1_PARSE_C) -/** \ingroup x509_module */ /** * \brief This function parses DHM parameters in PEM or DER format. * @@ -317,7 +316,6 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); #if defined(MBEDTLS_FS_IO) -/** \ingroup x509_module */ /** * \brief This function loads and parses DHM parameters from a file. * From dfcf84aea5413ef7c8bc1f30a972ba4ab04bc22b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 27 Feb 2019 17:09:45 +0000 Subject: [PATCH 1192/2197] tests: Update generator with Mbed Crypto comments Update comments in the top of the test code generator script with the name of the parent project. --- tests/scripts/generate_test_code.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index 1fff09992..3a25a8433 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -24,15 +24,12 @@ understanding the script it is important to understand the framework. This doc string contains a summary of the framework and explains the function of this script. -Mbed TLS test suites: -===================== +Mbed Crypto test suites: +======================== Scope: ------ -The test suites focus on unit testing the crypto primitives and also -include x509 parser tests. Tests can be added to test any Mbed TLS -module. However, the framework is not capable of testing SSL -protocol, since that requires full stack execution and that is best -tested as part of the system test. +The test suites focus on unit testing the crypto primitives. Tests can be added +to test any Mbed Crypto module. Test case definition: --------------------- From 8cedaec5097b99970b43ea1bbc4f1cc19539a84d Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 Dec 2018 16:18:02 +0000 Subject: [PATCH 1193/2197] Remove ChangeLog Periodic release notes and git history will work fine and be easier to maintain. --- ChangeLog | 3312 ----------------------------------------------------- 1 file changed, 3312 deletions(-) delete mode 100644 ChangeLog diff --git a/ChangeLog b/ChangeLog deleted file mode 100644 index 5093c4e4e..000000000 --- a/ChangeLog +++ /dev/null @@ -1,3312 +0,0 @@ -mbed TLS ChangeLog (Sorted per branch, date) - -= mbed TLS x.x.x branch released xxxx-xx-xx - -Features - * Add the Any Policy certificate policy oid, as defined in - rfc 5280 section 4.2.1.4. - * It is now possible to use NIST key wrap mode via the mbedtls_cipher API. - Contributed by Jack Lloyd and Fortanix Inc. - * Add the Wi-SUN Field Area Network (FAN) device extended key usage. - * Add the oid certificate policy x509 extension. - -Bugfix - * Fix private key DER output in the key_app_writer example. File contents - were shifted by one byte, creating an invalid ASN.1 tag. Fixed by - Christian Walther in #2239. - * Fix potential memory leak in X.509 self test. Found and fixed by - Junhwan Park, #2106. - * Reduce stack usage of hkdf tests. Fixes #2195. - * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when - used with negative inputs. Found by Guido Vranken in #2404. Credit to - OSS-Fuzz. - * Fix bugs in the AEAD test suite which would be exposed by ciphers which - either used both encrypt and decrypt key schedules, or which perform padding. - GCM and CCM were not affected. Fixed by Jack Lloyd. - * Fix incorrect default port number in ssl_mail_client example's usage. - Found and fixed by irwir. #2337 - * Add psa_util.h to test/cpp_dummy_build to fix build_default_make_gcc_and_cxx. - Fixed by Peter Kolbus (Garmin). #2579 - -Changes - * Server's RSA certificate in certs.c was SHA-1 signed. In the default - mbedTLS configuration only SHA-2 signed certificates are accepted. - This certificate is used in the demo server programs, which lead the - client programs to fail at the peer's certificate verification - due to an unacceptable hash signature. The certificate has been - updated to one that is SHA-256 signed. Fix contributed by - Illya Gerasymchuk. - * Return from various debugging routines immediately if the - provided SSL context is unset. - * Remove dead code from bignum.c in the default configuration. - Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309. - * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh. - Contributed by Peter Kolbus (Garmin). - -= mbed TLS 2.17.0 branch released 2019-03-19 - -Features - * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()` - which allows copy-less parsing of DER encoded X.509 CRTs, - at the cost of additional lifetime constraints on the input - buffer, but at the benefit of reduced RAM consumption. - * Add a new function mbedtls_asn1_write_named_bitstring() to write ASN.1 - named bitstring in DER as required by RFC 5280 Appendix B. - * Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites - from the default list (enabled by default). See - https://sweet32.info/SWEET32_CCS16.pdf. - -API Changes - * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()`. - See the Features section for more information. - * Allow to opt in to the removal the API mbedtls_ssl_get_peer_cert() - for the benefit of saving RAM, by disabling the new compile-time - option MBEDTLS_SSL_KEEP_PEER_CERTIFICATE (enabled by default for - API stability). Disabling this option makes mbedtls_ssl_get_peer_cert() - always return NULL, and removes the peer_cert field from the - mbedtls_ssl_session structure which otherwise stores the peer's - certificate. - -Security - * Make mbedtls_ecdh_get_params return an error if the second key - belongs to a different group from the first. Before, if an application - passed keys that belonged to different group, the first key's data was - interpreted according to the second group, which could lead to either - an error or a meaningless output from mbedtls_ecdh_get_params. In the - latter case, this could expose at most 5 bits of the private key. - -Bugfix - * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined - when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242. - * Run the AD too long test only if MBEDTLS_CCM_ALT is not defined. - Raised as a comment in #1996. - * Reduce the stack consumption of mbedtls_mpi_fill_random() which could - previously lead to a stack overflow on constrained targets. - * Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions - in the header files, which missed the precompilation check. #971 - * Fix returning the value 1 when mbedtls_ecdsa_genkey failed. - * Remove a duplicate #include in a sample program. Fixed by Masashi Honma #2326. - * Remove the mbedtls namespacing from the header file, to fix a "file not found" - build error. Fixed by Haijun Gu #2319. - * Fix signed-to-unsigned integer conversion warning - in X.509 module. Fixes #2212. - * Reduce stack usage of `mpi_write_hlp()` by eliminating recursion. - Fixes #2190. - * Fix false failure in all.sh when backup files exist in include/mbedtls - (e.g. config.h.bak). Fixed by Peter Kolbus (Garmin) #2407. - * Ensure that unused bits are zero when writing ASN.1 bitstrings when using - mbedtls_asn1_write_bitstring(). - * Fix issue when writing the named bitstrings in KeyUsage and NsCertType - extensions in CSRs and CRTs that caused these bitstrings to not be encoded - correctly as trailing zeroes were not accounted for as unused bits in the - leading content octet. Fixes #1610. - -Changes - * Reduce RAM consumption during session renegotiation by not storing - the peer CRT chain and session ticket twice. - * Include configuration file in all header files that use configuration, - instead of relying on other header files that they include. - Inserted as an enhancement for #1371 - * Add support for alternative CSR headers, as used by Microsoft and defined - in RFC 7468. Found by Michael Ernst. Fixes #767. - * Correct many misspellings. Fixed by MisterDA #2371. - * Provide an abstraction of vsnprintf to allow alternative implementations - for platforms that don't provide it. Based on contributions by Joris Aerts - and Nathaniel Wesley Filardo. - * Fix clobber list in MIPS assembly for large integer multiplication. - Previously, this could lead to functionally incorrect assembly being - produced by some optimizing compilers, showing up as failures in - e.g. RSA or ECC signature operations. Reported in #1722, fix suggested - by Aurelien Jarno and submitted by Jeffrey Martin. - * Reduce the complexity of the timing tests. They were assuming more than the - underlying OS actually guarantees. - * Fix configuration queries in ssl-opt.h. #2030 - * Ensure that ssl-opt.h can be run in OS X. #2029 - * Re-enable certain interoperability tests in ssl-opt.sh which had previously - been disabled for lack of a sufficiently recent version of GnuTLS on the CI. - * Ciphersuites based on 3DES now have the lowest priority by default when - they are enabled. - -= mbed TLS 2.16.0 branch released 2018-12-21 - -Features - * Add a new config.h option of MBEDTLS_CHECK_PARAMS that enables validation - of parameters in the API. This allows detection of obvious misuses of the - API, such as passing NULL pointers. The API of existing functions hasn't - changed, but requirements on parameters have been made more explicit in - the documentation. See the corresponding API documentation for each - function to see for which parameter values it is defined. This feature is - disabled by default. See its API documentation in config.h for additional - steps you have to take when enabling it. - -API Changes - * The following functions in the random generator modules have been - deprecated and replaced as shown below. The new functions change - the return type from void to int to allow returning error codes when - using MBEDTLS__ALT for the underlying AES or message digest - primitive. Fixes #1798. - mbedtls_ctr_drbg_update() -> mbedtls_ctr_drbg_update_ret() - mbedtls_hmac_drbg_update() -> mbedtls_hmac_drbg_update_ret() - * Extend ECDH interface to enable alternative implementations. - * Deprecate error codes of the form MBEDTLS_ERR_xxx_INVALID_KEY_LENGTH for - ARIA, CAMELLIA and Blowfish. These error codes will be replaced by - the more generic per-module error codes MBEDTLS_ERR_xxx_BAD_INPUT_DATA. - * Additional parameter validation checks have been added for the following - modules - AES, ARIA, Blowfish, CAMELLIA, CCM, GCM, DHM, ECP, ECDSA, ECDH, - ECJPAKE, SHA, Chacha20 and Poly1305, cipher, pk, RSA, and MPI. - Where modules have had parameter validation added, existing parameter - checks may have changed. Some modules, such as Chacha20 had existing - parameter validation whereas other modules had little. This has now been - changed so that the same level of validation is present in all modules, and - that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default - is off. That means that checks which were previously present by default - will no longer be. - -New deprecations - * Deprecate mbedtls_ctr_drbg_update and mbedtls_hmac_drbg_update - in favor of functions that can return an error code. - -Bugfix - * Fix for Clang, which was reporting a warning for the bignum.c inline - assembly for AMD64 targets creating string literals greater than those - permitted by the ISO C99 standard. Found by Aaron Jones. Fixes #482. - * Fix runtime error in `mbedtls_platform_entropy_poll()` when run - through qemu user emulation. Reported and fix suggested by randombit - in #1212. Fixes #1212. - * Fix an unsafe bounds check when restoring an SSL session from a ticket. - This could lead to a buffer overflow, but only in case ticket authentication - was broken. Reported and fix suggested by Guido Vranken in #659. - * Add explicit integer to enumeration type casts to example program - programs/pkey/gen_key which previously led to compilation failure - on some toolchains. Reported by phoenixmcallister. Fixes #2170. - * Fix double initialization of ECC hardware that made some accelerators - hang. - * Clarify documentation of mbedtls_ssl_set_own_cert() regarding the absence - of check for certificate/key matching. Reported by Attila Molnar, #507. - - = mbed TLS 2.15.1 branch released 2018-11-30 - - Changes - * Update the Mbed Crypto submodule to version 0.1.0b2. - - = mbed TLS 2.15.0 branch released 2018-11-23 - - Features - * Add an experimental build option, USE_CRYPTO_SUBMODULE, to enable use of - Mbed Crypto as the source of the cryptography implementation. - * Add an experimental configuration option, MBEDTLS_PSA_CRYPTO_C, to enable - the PSA Crypto API from Mbed Crypto when additionally used with the - USE_CRYPTO_SUBMODULE build option. - - Changes - * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx() - from the cipher abstraction layer. Fixes #2198. - -= mbed TLS 2.14.1 branch released 2018-11-30 - -Security - * Fix timing variations and memory access variations in RSA PKCS#1 v1.5 - decryption that could lead to a Bleichenbacher-style padding oracle - attack. In TLS, this affects servers that accept ciphersuites based on - RSA decryption (i.e. ciphersuites whose name contains RSA but not - (EC)DH(E)). Discovered by Eyal Ronen (Weizmann Institute), Robert Gillham - (University of Adelaide), Daniel Genkin (University of Michigan), - Adi Shamir (Weizmann Institute), David Wong (NCC Group), and Yuval Yarom - (University of Adelaide, Data61). The attack is described in more detail - in the paper available here: http://cat.eyalro.net/cat.pdf CVE-2018-19608 - * In mbedtls_mpi_write_binary(), don't leak the exact size of the number - via branching and memory access patterns. An attacker who could submit - a plaintext for RSA PKCS#1 v1.5 decryption but only observe the timing - of the decryption and not its result could nonetheless decrypt RSA - plaintexts and forge RSA signatures. Other asymmetric algorithms may - have been similarly vulnerable. Reported by Eyal Ronen, Robert Gillham, - Daniel Genkin, Adi Shamir, David Wong and Yuval Yarom. - * Wipe sensitive buffers on the stack in the CTR_DRBG and HMAC_DRBG - modules. - -API Changes - * The new functions mbedtls_ctr_drbg_update_ret() and - mbedtls_hmac_drbg_update_ret() are similar to mbedtls_ctr_drbg_update() - and mbedtls_hmac_drbg_update() respectively, but the new functions - report errors whereas the old functions return void. We recommend that - applications use the new functions. - -= mbed TLS 2.14.0 branch released 2018-11-19 - -Security - * Fix overly strict DN comparison when looking for CRLs belonging to a - particular CA. This previously led to ignoring CRLs when the CRL's issuer - name and the CA's subject name differed in their string encoding (e.g., - one using PrintableString and the other UTF8String) or in the choice of - upper and lower case. Reported by Henrik Andersson of Bosch GmbH in issue - #1784. - * Fix a flawed bounds check in server PSK hint parsing. In case the - incoming message buffer was placed within the first 64KiB of address - space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker - to trigger a memory access up to 64KiB beyond the incoming message buffer, - potentially leading to an application crash or information disclosure. - * Fix mbedtls_mpi_is_prime() to use more rounds of probabilistic testing. The - previous settings for the number of rounds made it practical for an - adversary to construct non-primes that would be erroneously accepted as - primes with high probability. This does not have an impact on the - security of TLS, but can matter in other contexts with numbers chosen - potentially by an adversary that should be prime and can be validated. - For example, the number of rounds was enough to securely generate RSA key - pairs or Diffie-Hellman parameters, but was insufficient to validate - Diffie-Hellman parameters properly. - See "Prime and Prejudice" by by Martin R. Albrecht and Jake Massimo and - Kenneth G. Paterson and Juraj Somorovsky. - -Features - * Add support for temporarily suspending expensive ECC computations after - some configurable amount of operations. This is intended to be used in - constrained, single-threaded systems where ECC is time consuming and can - block other operations until they complete. This is disabled by default, - but can be enabled by MBEDTLS_ECP_RESTARTABLE at compile time and - configured by mbedtls_ecp_set_max_ops() at runtime. It applies to the new - xxx_restartable functions in ECP, ECDSA, PK and X.509 (CRL not supported - yet), and to existing functions in ECDH and SSL (currently only - implemented client-side, for ECDHE-ECDSA ciphersuites in TLS 1.2, - including client authentication). - * Add support for Arm CPU DSP extensions to accelerate asymmetric key - operations. On CPUs where the extensions are available, they can accelerate - MPI multiplications used in ECC and RSA cryptography. Contributed by - Aurelien Jarno. - * Extend RSASSA-PSS signature to allow a smaller salt size. Previously, PSS - signature always used a salt with the same length as the hash, and returned - an error if this was not possible. Now the salt size may be up to two bytes - shorter. This allows the library to support all hash and signature sizes - that comply with FIPS 186-4, including SHA-512 with a 1024-bit key. - * Add support for 128-bit keys in CTR_DRBG. Note that using keys shorter - than 256 bits limits the security of generated material to 128 bits. - -API Changes - * Add a common error code of `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` for - a feature that is not supported by underlying alternative - implementations implementing cryptographic primitives. This is useful for - hardware accelerators that don't implement all options or features. - -New deprecations - * All module specific errors following the form - MBEDTLS_ERR_XXX_FEATURE_UNAVAILABLE that indicate a feature is not - supported are deprecated and are now replaced by the new equivalent - platform error. - * All module specific generic hardware acceleration errors following the - form MBEDTLS_ERR_XXX_HW_ACCEL_FAILED that are deprecated and are replaced - by the equivalent plaform error. - * Deprecate the function mbedtls_mpi_is_prime() in favor of - mbedtls_mpi_is_prime_ext() which allows specifying the number of - Miller-Rabin rounds. - -Bugfix - * Fix wrong order of freeing in programs/ssl/ssl_server2 example - application leading to a memory leak in case both - MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE are set. - Fixes #2069. - * Fix a bug in the update function for SSL ticket keys which previously - invalidated keys of a lifetime of less than a 1s. Fixes #1968. - * Fix failure in hmac_drbg in the benchmark sample application, when - MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095 - * Fix a bug in the record decryption routine ssl_decrypt_buf() - which lead to accepting properly authenticated but improperly - padded records in case of CBC ciphersuites using Encrypt-then-MAC. - * Fix memory leak and freeing without initialization in the example - program programs/x509/cert_write. Fixes #1422. - * Ignore IV in mbedtls_cipher_set_iv() when the cipher mode is - MBEDTLS_MODE_ECB. Found by ezdevelop. Fixes #1091. - * Zeroize memory used for buffering or reassembling handshake messages - after use. - * Use `mbedtls_platform_zeroize()` instead of `memset()` for zeroization - of sensitive data in the example programs aescrypt2 and crypt_and_hash. - * Change the default string format used for various X.509 DN attributes to - UTF8String. Previously, the use of the PrintableString format led to - wildcards and non-ASCII characters being unusable in some DN attributes. - Reported by raprepo in #1860 and by kevinpt in #468. Fix contributed by - Thomas-Dee. - * Fix compilation failure for configurations which use compile time - replacements of standard calloc/free functions through the macros - MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO. - Reported by ole-de and ddhome2006. Fixes #882, #1642 and #1706. - -Changes - * Removed support for Yotta as a build tool. - * Add tests for session resumption in DTLS. - * Close a test gap in (D)TLS between the client side and the server side: - test the handling of large packets and small packets on the client side - in the same way as on the server side. - * Change the dtls_client and dtls_server samples to work by default over - IPv6 and optionally by a build option over IPv4. - * Change the use of Windows threading to use Microsoft Visual C++ runtime - calls, rather than Win32 API calls directly. This is necessary to avoid - conflict with C runtime usage. Found and fixed by irwir. - * Remember the string format of X.509 DN attributes when replicating - X.509 DNs. Previously, DN attributes were always written in their default - string format (mostly PrintableString), which could lead to CRTs being - created which used PrintableStrings in the issuer field even though the - signing CA used UTF8Strings in its subject field; while X.509 compliant, - such CRTs were rejected in some applications, e.g. some versions of - Firefox, curl and GnuTLS. Reported in #1033 by Moschn. Fix contributed by - Thomas-Dee. - * Improve documentation of mbedtls_ssl_get_verify_result(). - Fixes #517 reported by github-monoculture. - * Add MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR flag to mbedtls_mpi_gen_prime() and - use it to reduce error probability in RSA key generation to levels mandated - by FIPS-186-4. - -= mbed TLS 2.13.1 branch released 2018-09-06 - -API Changes - * Extend the platform module with an abstraction mbedtls_platform_gmtime_r() - whose implementation should behave as a thread-safe version of gmtime(). - This allows users to configure such an implementation at compile time when - the target system cannot be deduced automatically, by setting the option - MBEDTLS_PLATFORM_GMTIME_R_ALT. At this stage Mbed TLS is only able to - automatically select implementations for Windows and POSIX C libraries. - -Bugfix - * Fix build failures on platforms where only gmtime() is available but - neither gmtime_r() nor gmtime_s() are present. Fixes #1907. - -= mbed TLS 2.13.0 branch released 2018-08-31 - -Security - * Fix an issue in the X.509 module which could lead to a buffer overread - during certificate extensions parsing. In case of receiving malformed - input (extensions length field equal to 0), an illegal read of one byte - beyond the input buffer is made. Found and analyzed by Nathan Crandall. - -Features - * Add support for fragmentation of outgoing DTLS handshake messages. This - is controlled by the maximum fragment length as set locally or negotiated - with the peer, as well as by a new per-connection MTU option, set using - mbedtls_ssl_set_mtu(). - * Add support for auto-adjustment of MTU to a safe value during the - handshake when flights do not get through (RFC 6347, section 4.1.1.1, - last paragraph). - * Add support for packing multiple records within a single datagram, - enabled by default. - * Add support for buffering out-of-order handshake messages in DTLS. - The maximum amount of RAM used for this can be controlled by the - compile-time constant MBEDTLS_SSL_DTLS_MAX_BUFFERING defined - in mbedtls/config.h. - -API Changes - * Add function mbedtls_ssl_set_datagram_packing() to configure - the use of datagram packing (enabled by default). - -Bugfix - * Fix a potential memory leak in mbedtls_ssl_setup() function. An allocation - failure in the function could lead to other buffers being leaked. - * Fixes an issue with MBEDTLS_CHACHAPOLY_C which would not compile if - MBEDTLS_ARC4_C and MBEDTLS_CIPHER_NULL_CIPHER weren't also defined. #1890 - * Fix a memory leak in ecp_mul_comb() if ecp_precompute_comb() fails. - Fix contributed by Espressif Systems. - * Add ecc extensions only if an ecc based ciphersuite is used. - This improves compliance to RFC 4492, and as a result, solves - interoperability issues with BouncyCastle. Raised by milenamil in #1157. - * Replace printf with mbedtls_printf in the ARIA module. Found by - TrinityTonic in #1908. - * Fix potential use-after-free in mbedtls_ssl_get_max_frag_len() - and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941. - * Fix a bug that caused SSL/TLS clients to incorrectly abort the handshake - with TLS versions 1.1 and earlier when the server requested authentication - without providing a list of CAs. This was due to an overly strict bounds - check in parsing the CertificateRequest message, - introduced in Mbed TLS 2.12.0. Fixes #1954. - * Fix a miscalculation of the maximum record expansion in - mbedtls_ssl_get_record_expansion() in case of ChachaPoly ciphersuites, - or CBC ciphersuites in (D)TLS versions 1.1 or higher. Fixes #1913, #1914. - * Fix undefined shifts with negative values in certificates parsing - (found by Catena cyber using oss-fuzz) - * Fix memory leak and free without initialization in pk_encrypt - and pk_decrypt example programs. Reported by Brace Stout. Fixes #1128. - * Remove redundant else statement. Raised by irwir. Fixes #1776. - -Changes - * Copy headers preserving timestamps when doing a "make install". - Contributed by xueruini. - * Allow the forward declaration of public structs. Contributed by Dawid - Drozd. Fixes #1215 raised by randombit. - * Improve compatibility with some alternative CCM implementations by using - CCM test vectors from RAM. - * Add support for buffering of out-of-order handshake messages. - * Add warnings to the documentation of the HKDF module to reduce the risk - of misusing the mbedtls_hkdf_extract() and mbedtls_hkdf_expand() - functions. Fixes #1775. Reported by Brian J. Murray. - -= mbed TLS 2.12.0 branch released 2018-07-25 - -Security - * Fix a vulnerability in TLS ciphersuites based on CBC and using SHA-384, - in (D)TLS 1.0 to 1.2, that allowed an active network attacker to - partially recover the plaintext of messages under some conditions by - exploiting timing measurements. With DTLS, the attacker could perform - this recovery by sending many messages in the same connection. With TLS - or if mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only - worked if the same secret (for example a HTTP Cookie) has been repeatedly - sent over connections manipulated by the attacker. Connections using GCM - or CCM instead of CBC, using hash sizes other than SHA-384, or using - Encrypt-then-Mac (RFC 7366) were not affected. The vulnerability was - caused by a miscalculation (for SHA-384) in a countermeasure to the - original Lucky 13 attack. Found by Kenny Paterson, Eyal Ronen and Adi - Shamir. - * Fix a vulnerability in TLS ciphersuites based on CBC, in (D)TLS 1.0 to - 1.2, that allowed a local attacker, able to execute code on the local - machine as well as manipulate network packets, to partially recover the - plaintext of messages under some conditions by using a cache attack - targeting an internal MD/SHA buffer. With TLS or if - mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if - the same secret (for example a HTTP Cookie) has been repeatedly sent over - connections manipulated by the attacker. Connections using GCM or CCM - instead of CBC or using Encrypt-then-Mac (RFC 7366) were not affected. - Found by Kenny Paterson, Eyal Ronen and Adi Shamir. - * Add a counter-measure against a vulnerability in TLS ciphersuites based - on CBC, in (D)TLS 1.0 to 1.2, that allowed a local attacker, able to - execute code on the local machine as well as manipulate network packets, - to partially recover the plaintext of messages under some conditions (see - previous entry) by using a cache attack targeting the SSL input record - buffer. Connections using GCM or CCM instead of CBC or using - Encrypt-then-Mac (RFC 7366) were not affected. Found by Kenny Paterson, - Eyal Ronen and Adi Shamir. - -Features - * Add new crypto primitives from RFC 7539: stream cipher Chacha20, one-time - authenticator Poly1305 and AEAD construct Chacha20-Poly1305. Contributed - by Daniel King. - * Add support for CHACHA20-POLY1305 ciphersuites from RFC 7905. - * Add platform support for the Haiku OS. (https://www.haiku-os.org). - Contributed by Augustin Cavalier. - * Make the receive and transmit buffers independent sizes, for situations - where the outgoing buffer can be fixed at a smaller size than the incoming - buffer, which can save some RAM. If buffer lengths are kept equal, there - is no functional difference. Contributed by Angus Gratton, and also - independently contributed again by Paul Sokolovsky. - * Add support for key wrapping modes based on AES as defined by - NIST SP 800-38F algorithms KW and KWP and by RFC 3394 and RFC 5649. - -Bugfix - * Fix the key_app_writer example which was writing a leading zero byte which - was creating an invalid ASN.1 tag. Found by Aryeh R. Fixes #1257. - * Fix compilation error on C++, because of a variable named new. - Found and fixed by Hirotaka Niisato in #1783. - * Fix "no symbols" warning issued by ranlib when building on Mac OS X. Fix - contributed by tabascoeye. - * Clarify documentation for mbedtls_ssl_write() to include 0 as a valid - return value. Found by @davidwu2000. #839 - * Fix a memory leak in mbedtls_x509_csr_parse(), found by catenacyber, - Philippe Antoine. Fixes #1623. - * Remove unused headers included in x509.c. Found by Chris Hanson and fixed - by Brendan Shanks. Part of a fix for #992. - * Fix compilation error when MBEDTLS_ARC4_C is disabled and - MBEDTLS_CIPHER_NULL_CIPHER is enabled. Found by TrinityTonic in #1719. - * Added length checks to some TLS parsing functions. Found and fixed by - Philippe Antoine from Catena cyber. #1663. - * Fix the inline assembly for the MPI multiply helper function for i386 and - i386 with SSE2. Found by László Langó. Fixes #1550 - * Fix namespacing in header files. Remove the `mbedtls` namespacing in - the `#include` in the header files. Resolves #857 - * Fix compiler warning of 'use before initialisation' in - mbedtls_pk_parse_key(). Found by Martin Boye Petersen and fixed by Dawid - Drozd. #1098 - * Fix decryption for zero length messages (which contain all padding) when a - CBC based ciphersuite is used together with Encrypt-then-MAC. Previously, - such a message was wrongly reported as an invalid record and therefore lead - to the connection being terminated. Seen most often with OpenSSL using - TLS 1.0. Reported by @kFYatek and by Conor Murphy on the forum. Fix - contributed by Espressif Systems. Fixes #1632 - * Fix ssl_client2 example to send application data with 0-length content - when the request_size argument is set to 0 as stated in the documentation. - Fixes #1833. - * Correct the documentation for `mbedtls_ssl_get_session()`. This API has - deep copy of the session, and the peer certificate is not lost. Fixes #926. - * Fix build using -std=c99. Fixed by Nick Wilson. - -Changes - * Fail when receiving a TLS alert message with an invalid length, or invalid - zero-length messages when using TLS 1.2. Contributed by Espressif Systems. - * Change the default behaviour of mbedtls_hkdf_extract() to return an error - when calling with a NULL salt and non-zero salt_len. Contributed by - Brian J Murray - * Change the shebang line in Perl scripts to look up perl in the PATH. - Contributed by fbrosson. - * Allow overriding the time on Windows via the platform-time abstraction. - Fixed by Nick Wilson. - * Use gmtime_r/gmtime_s for thread-safety. Fixed by Nick Wilson. - -= mbed TLS 2.11.0 branch released 2018-06-18 - -Features - * Add additional block mode, OFB (Output Feedback), to the AES module and - cipher abstraction module. - * Implement the HMAC-based extract-and-expand key derivation function - (HKDF) per RFC 5869. Contributed by Thomas Fossati. - * Add support for the CCM* block cipher mode as defined in IEEE Std. 802.15.4. - * Add support for the XTS block cipher mode with AES (AES-XTS). - Contributed by Aorimn in pull request #414. - * In TLS servers, support offloading private key operations to an external - cryptoprocessor. Private key operations can be asynchronous to allow - non-blocking operation of the TLS server stack. - -Bugfix - * Fix the cert_write example to handle certificates signed with elliptic - curves as well as RSA. Fixes #777 found by dbedev. - * Fix for redefinition of _WIN32_WINNT to avoid overriding a definition - used by user applications. Found and fixed by Fabio Alessandrelli. - * Fix compilation warnings with IAR toolchain, on 32 bit platform. - Reported by rahmanih in #683 - * Fix braces in mbedtls_memory_buffer_alloc_status(). Found by sbranden, #552. - -Changes - * Changed CMake defaults for IAR to treat all compiler warnings as errors. - * Changed the Clang parameters used in the CMake build files to work for - versions later than 3.6. Versions of Clang earlier than this may no longer - work. Fixes #1072 - -= mbed TLS 2.10.0 branch released 2018-06-06 - -Features - * Add support for ARIA cipher (RFC 5794) and associated TLS ciphersuites - (RFC 6209). Disabled by default, see MBEDTLS_ARIA_C in config.h - -API Changes - * Extend the platform module with a util component that contains - functionality shared by multiple Mbed TLS modules. At this stage - platform_util.h (and its associated platform_util.c) only contain - mbedtls_platform_zeroize(), which is a critical function from a security - point of view. mbedtls_platform_zeroize() needs to be regularly tested - against compilers to ensure that calls to it are not removed from the - output binary as part of redundant code elimination optimizations. - Therefore, mbedtls_platform_zeroize() is moved to the platform module to - facilitate testing and maintenance. - -Bugfix - * Fix an issue with MicroBlaze support in bn_mul.h which was causing the - build to fail. Found by zv-io. Fixes #1651. - -Changes - * Support TLS testing in out-of-source builds using cmake. Fixes #1193. - * Fix redundant declaration of mbedtls_ssl_list_ciphersuites. Raised by - TrinityTonic. #1359. - -= mbed TLS 2.9.0 branch released 2018-04-30 - -Security - * Fix an issue in the X.509 module which could lead to a buffer overread - during certificate validation. Additionally, the issue could also lead to - unnecessary callback checks being made or to some validation checks to be - omitted. The overread could be triggered remotely, while the other issues - would require a non DER-compliant certificate to be correctly signed by a - trusted CA, or a trusted CA with a non DER-compliant certificate. Found by - luocm. Fixes #825. - * Fix the buffer length assertion in the ssl_parse_certificate_request() - function which led to an arbitrary overread of the message buffer. The - overreads could be caused by receiving a malformed message at the point - where an optional signature algorithms list is expected when the signature - algorithms section is too short. In builds with debug output, the overread - data is output with the debug data. - * Fix a client-side bug in the validation of the server's ciphersuite choice - which could potentially lead to the client accepting a ciphersuite it didn't - offer or a ciphersuite that cannot be used with the TLS or DTLS version - chosen by the server. This could lead to corruption of internal data - structures for some configurations. - -Features - * Add an option, MBEDTLS_AES_FEWER_TABLES, to dynamically compute smaller AES - tables during runtime, thereby reducing the RAM/ROM footprint by ~6KiB. - Suggested and contributed by jkivilin in pull request #394. - * Add initial support for Curve448 (RFC 7748). Only mbedtls_ecp_mul() and - ECDH primitive functions (mbedtls_ecdh_gen_public(), - mbedtls_ecdh_compute_shared()) are supported for now. Contributed by - Nicholas Wilson in pull request #348. - -API Changes - * Extend the public API with the function of mbedtls_net_poll() to allow user - applications to wait for a network context to become ready before reading - or writing. - * Add function mbedtls_ssl_check_pending() to the public API to allow - a check for whether more more data is pending to be processed in the - internal message buffers. - This function is necessary to determine when it is safe to idle on the - underlying transport in case event-driven IO is used. - -Bugfix - * Fix a spurious uninitialized variable warning in cmac.c. Fix independently - contributed by Brian J Murray and David Brown. - * Add missing dependencies in test suites that led to build failures - in configurations that omit certain hashes or public-key algorithms. - Fixes #1040. - * Fix C89 incompatibility in benchmark.c. Contributed by Brendan Shanks. - #1353 - * Add missing dependencies for MBEDTLS_HAVE_TIME_DATE and - MBEDTLS_VERSION_FEATURES in some test suites. Contributed by - Deomid Ryabkov. Fixes #1299, #1475. - * Fix the Makefile build process for building shared libraries on Mac OS X. - Fixed by mnacamura. - * Fix parsing of PKCS#8 encoded Elliptic Curve keys. Previously Mbed TLS was - unable to parse keys which had only the optional parameters field of the - ECPrivateKey structure. Found by Jethro Beekman, fixed in #1379. - * Return the plaintext data more quickly on unpadded CBC decryption, as - stated in the mbedtls_cipher_update() documentation. Contributed by - Andy Leiserson. - * Fix overriding and ignoring return values when parsing and writing to - a file in pk_sign program. Found by kevlut in #1142. - * Restrict usage of error code MBEDTLS_ERR_SSL_WANT_READ to situations - where data needs to be fetched from the underlying transport in order - to make progress. Previously, this error code was also occasionally - returned when unexpected messages were being discarded, ignoring that - further messages could potentially already be pending to be processed - in the internal buffers; these cases led to deadlocks when event-driven - I/O was used. Found and reported by Hubert Mis in #772. - * Fix buffer length assertions in the ssl_parse_certificate_request() - function which leads to a potential one byte overread of the message - buffer. - * Fix invalid buffer sizes passed to zlib during record compression and - decompression. - * Fix the soversion of libmbedcrypto to match the soversion of the - maintained 2.7 branch. The soversion was increased in Mbed TLS - version 2.7.1 to reflect breaking changes in that release, but the - increment was missed in 2.8.0 and later releases outside of the 2.7 branch. - -Changes - * Remove some redundant code in bignum.c. Contributed by Alexey Skalozub. - * Support cmake builds where Mbed TLS is a subproject. Fix contributed - independently by Matthieu Volat and Arne Schwabe. - * Improve testing in configurations that omit certain hashes or - public-key algorithms. Includes contributions by Gert van Dijk. - * Improve negative testing of X.509 parsing. - * Do not define global mutexes around readdir() and gmtime() in - configurations where the feature is disabled. Found and fixed by Gergely - Budai. - * Harden the function mbedtls_ssl_config_free() against misuse, so that it - doesn't leak memory if the user doesn't use mbedtls_ssl_conf_psk() and - instead incorrectly manipulates the configuration structure directly. - Found and fix submitted by junyeonLEE in #1220. - * Provide an empty implementation of mbedtls_pkcs5_pbes2() when - MBEDTLS_ASN1_PARSE_C is not enabled. This allows the use of PBKDF2 - without PBES2. Fixed by Marcos Del Sol Vives. - * Add the order of the base point as N in the mbedtls_ecp_group structure - for Curve25519 (other curves had it already). Contributed by Nicholas - Wilson #481 - * Improve the documentation of mbedtls_net_accept(). Contributed by Ivan - Krylov. - * Improve the documentation of mbedtls_ssl_write(). Suggested by - Paul Sokolovsky in #1356. - * Add an option in the Makefile to support ar utilities where the operation - letter must not be prefixed by '-', such as LLVM. Found and fixed by - Alex Hixon. - * Allow configuring the shared library extension by setting the DLEXT - environment variable when using the project makefiles. - * Optimize unnecessary zeroing in mbedtls_mpi_copy. Based on a contribution - by Alexey Skalozub in #405. - * In the SSL module, when f_send, f_recv or f_recv_timeout report - transmitting more than the required length, return an error. Raised by - Sam O'Connor in #1245. - * Improve robustness of mbedtls_ssl_derive_keys against the use of - HMAC functions with non-HMAC ciphersuites. Independently contributed - by Jiayuan Chen in #1377. Fixes #1437. - * Improve security of RSA key generation by including criteria from - FIPS 186-4. Contributed by Jethro Beekman. #1380 - * Declare functions in header files even when an alternative implementation - of the corresponding module is activated by defining the corresponding - MBEDTLS_XXX_ALT macro. This means that alternative implementations do - not need to copy the declarations, and ensures that they will have the - same API. - * Add platform setup and teardown calls in test suites. - -= mbed TLS 2.8.0 branch released 2018-03-16 - -Default behavior changes - * The truncated HMAC extension now conforms to RFC 6066. This means - that when both sides of a TLS connection negotiate the truncated - HMAC extension, Mbed TLS can now interoperate with other - compliant implementations, but this breaks interoperability with - prior versions of Mbed TLS. To restore the old behavior, enable - the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in - config.h. Found by Andreas Walz (ivESK, Offenburg University of - Applied Sciences). - -Security - * Fix implementation of the truncated HMAC extension. The previous - implementation allowed an offline 2^80 brute force attack on the - HMAC key of a single, uninterrupted connection (with no - resumption of the session). - * Verify results of RSA private key operations to defend - against Bellcore glitch attack. - * Fix a buffer overread in ssl_parse_server_key_exchange() that could cause - a crash on invalid input. - * Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a - crash on invalid input. - * Fix CRL parsing to reject CRLs containing unsupported critical - extensions. Found by Falko Strenzke and Evangelos Karatsiolis. - -Features - * Extend PKCS#8 interface by introducing support for the entire SHA - algorithms family when encrypting private keys using PKCS#5 v2.0. - This allows reading encrypted PEM files produced by software that - uses PBKDF2-SHA2, such as OpenSSL 1.1. Submitted by Antonio Quartulli, - OpenVPN Inc. Fixes #1339 - * Add support for public keys encoded in PKCS#1 format. #1122 - -New deprecations - * Deprecate support for record compression (configuration option - MBEDTLS_ZLIB_SUPPORT). - -Bugfix - * Fix the name of a DHE parameter that was accidentally changed in 2.7.0. - Fixes #1358. - * Fix test_suite_pk to work on 64-bit ILP32 systems. #849 - * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates - with flag MBEDTLS_X509_BADCERT_BAD_PK even when the key type was correct. - In the context of SSL, this resulted in handshake failure. Reported by - daniel in the Mbed TLS forum. #1351 - * Fix Windows x64 builds with the included mbedTLS.sln file. #1347 - * Fix setting version TLSv1 as minimal version, even if TLS 1 - is not enabled. Set MBEDTLS_SSL_MIN_MAJOR_VERSION - and MBEDTLS_SSL_MIN_MINOR_VERSION instead of - MBEDTLS_SSL_MAJOR_VERSION_3 and MBEDTLS_SSL_MINOR_VERSION_1. #664 - * Fix compilation error on Mingw32 when _TRUNCATE is defined. Use _TRUNCATE - only if __MINGW32__ not defined. Fix suggested by Thomas Glanzmann and - Nick Wilson on issue #355 - * In test_suite_pk, pass valid parameters when testing for hash length - overflow. #1179 - * Fix memory allocation corner cases in memory_buffer_alloc.c module. Found - by Guido Vranken. #639 - * Log correct number of ciphersuites used in Client Hello message. #918 - * Fix X509 CRT parsing that would potentially accept an invalid tag when - parsing the subject alternative names. - * Fix a possible arithmetic overflow in ssl_parse_server_key_exchange() - that could cause a key exchange to fail on valid data. - * Fix a possible arithmetic overflow in ssl_parse_server_psk_hint() that - could cause a key exchange to fail on valid data. - * Don't define mbedtls_aes_decrypt and mbedtls_aes_encrypt under - MBEDTLS_DEPRECATED_REMOVED. #1388 - * Fix a 1-byte heap buffer overflow (read-only) during private key parsing. - Found through fuzz testing. - -Changes - * Fix tag lengths and value ranges in the documentation of CCM encryption. - Contributed by Mathieu Briand. - * Fix typo in a comment ctr_drbg.c. Contributed by Paul Sokolovsky. - * Remove support for the library reference configuration for picocoin. - * MD functions deprecated in 2.7.0 are no longer inline, to provide - a migration path for those depending on the library's ABI. - * Clarify the documentation of mbedtls_ssl_setup. - * Use (void) when defining functions with no parameters. Contributed by - Joris Aerts. #678 - -= mbed TLS 2.7.0 branch released 2018-02-03 - -Security - * Fix a heap corruption issue in the implementation of the truncated HMAC - extension. When the truncated HMAC extension is enabled and CBC is used, - sending a malicious application packet could be used to selectively corrupt - 6 bytes on the peer's heap, which could potentially lead to crash or remote - code execution. The issue could be triggered remotely from either side in - both TLS and DTLS. CVE-2018-0488 - * Fix a buffer overflow in RSA-PSS verification when the hash was too large - for the key size, which could potentially lead to crash or remote code - execution. Found by Seth Terashima, Qualcomm Product Security Initiative, - Qualcomm Technologies Inc. CVE-2018-0487 - * Fix buffer overflow in RSA-PSS verification when the unmasked data is all - zeros. - * Fix an unsafe bounds check in ssl_parse_client_psk_identity() when adding - 64 KiB to the address of the SSL buffer and causing a wrap around. - * Fix a potential heap buffer overflow in mbedtls_ssl_write(). When the (by - default enabled) maximum fragment length extension is disabled in the - config and the application data buffer passed to mbedtls_ssl_write - is larger than the internal message buffer (16384 bytes by default), the - latter overflows. The exploitability of this issue depends on whether the - application layer can be forced into sending such large packets. The issue - was independently reported by Tim Nordell via e-mail and by Florin Petriuc - and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022. - Fixes #707. - * Add a provision to prevent compiler optimizations breaking the time - constancy of mbedtls_ssl_safer_memcmp(). - * Ensure that buffers are cleared after use if they contain sensitive data. - Changes were introduced in multiple places in the library. - * Set PEM buffer to zero before freeing it, to avoid decoded private keys - being leaked to memory after release. - * Fix dhm_check_range() failing to detect trivial subgroups and potentially - leaking 1 bit of the private key. Reported by prashantkspatil. - * Make mbedtls_mpi_read_binary() constant-time with respect to the input - data. Previously, trailing zero bytes were detected and omitted for the - sake of saving memory, but potentially leading to slight timing - differences. Reported by Marco Macchetti, Kudelski Group. - * Wipe stack buffer temporarily holding EC private exponent - after keypair generation. - * Fix a potential heap buffer over-read in ALPN extension parsing - (server-side). Could result in application crash, but only if an ALPN - name larger than 16 bytes had been configured on the server. - * Change default choice of DHE parameters from untrustworthy RFC 5114 - to RFC 3526 containing parameters generated in a nothing-up-my-sleeve - manner. - -Features - * Allow comments in test data files. - * The selftest program can execute a subset of the tests based on command - line arguments. - * New unit tests for timing. Improve the self-test to be more robust - when run on a heavily-loaded machine. - * Add alternative implementation support for CCM and CMAC (MBEDTLS_CCM_ALT, - MBEDTLS_CMAC_ALT). Submitted by Steven Cooreman, Silicon Labs. - * Add support for alternative implementations of GCM, selected by the - configuration flag MBEDTLS_GCM_ALT. - * Add support for alternative implementations for ECDSA, controlled by new - configuration flags MBEDTLS_ECDSA_SIGN_ALT, MBEDTLS_ECDSA_VERIFY_ALT and - MBEDTLS_ECDSDA_GENKEY_AT in config.h. - The following functions from the ECDSA module can be replaced - with alternative implementation: - mbedtls_ecdsa_sign(), mbedtls_ecdsa_verify() and mbedtls_ecdsa_genkey(). - * Add support for alternative implementation of ECDH, controlled by the - new configuration flags MBEDTLS_ECDH_COMPUTE_SHARED_ALT and - MBEDTLS_ECDH_GEN_PUBLIC_ALT in config.h. - The following functions from the ECDH module can be replaced - with an alternative implementation: - mbedtls_ecdh_gen_public() and mbedtls_ecdh_compute_shared(). - * Add support for alternative implementation of ECJPAKE, controlled by - the new configuration flag MBEDTLS_ECJPAKE_ALT. - * Add mechanism to provide alternative implementation of the DHM module. - -API Changes - * Extend RSA interface by multiple functions allowing structure- - independent setup and export of RSA contexts. Most notably, - mbedtls_rsa_import() and mbedtls_rsa_complete() are introduced for setting - up RSA contexts from partial key material and having them completed to the - needs of the implementation automatically. This allows to setup private RSA - contexts from keys consisting of N,D,E only, even if P,Q are needed for the - purpose or CRT and/or blinding. - * The configuration option MBEDTLS_RSA_ALT can be used to define alternative - implementations of the RSA interface declared in rsa.h. - * The following functions in the message digest modules (MD2, MD4, MD5, - SHA1, SHA256, SHA512) have been deprecated and replaced as shown below. - The new functions change the return type from void to int to allow - returning error codes when using MBEDTLS__ALT. - mbedtls__starts() -> mbedtls__starts_ret() - mbedtls__update() -> mbedtls__update_ret() - mbedtls__finish() -> mbedtls__finish_ret() - mbedtls__process() -> mbedtls_internal__process() - -New deprecations - * Deprecate usage of RSA primitives with non-matching key-type - (e.g. signing with a public key). - * Direct manipulation of structure fields of RSA contexts is deprecated. - Users are advised to use the extended RSA API instead. - * Deprecate usage of message digest functions that return void - (mbedtls__starts, mbedtls__update, - mbedtls__finish and mbedtls__process where is - any of MD2, MD4, MD5, SHA1, SHA256, SHA512) in favor of functions - that can return an error code. - * Deprecate untrustworthy DHE parameters from RFC 5114. Superseded by - parameters from RFC 3526 or the newly added parameters from RFC 7919. - * Deprecate hex string DHE constants MBEDTLS_DHM_RFC3526_MODP_2048_P etc. - Supserseded by binary encoded constants MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN - etc. - * Deprecate mbedtls_ssl_conf_dh_param() for setting default DHE parameters - from hex strings. Superseded by mbedtls_ssl_conf_dh_param_bin() - accepting DHM parameters in binary form, matching the new constants. - -Bugfix - * Fix ssl_parse_record_header() to silently discard invalid DTLS records - as recommended in RFC 6347 Section 4.1.2.7. - * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times. - Found by projectgus and Jethro Beekman, #836. - * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin. - * Parse signature algorithm extension when renegotiating. Previously, - renegotiated handshakes would only accept signatures using SHA-1 - regardless of the peer's preferences, or fail if SHA-1 was disabled. - * Fix leap year calculation in x509_date_is_valid() to ensure that invalid - dates on leap years with 100 and 400 intervals are handled correctly. Found - by Nicholas Wilson. #694 - * Fix some invalid RSA-PSS signatures with keys of size 8N+1 that were - accepted. Generating these signatures required the private key. - * Fix out-of-memory problem when parsing 4096-bit PKCS8-encrypted RSA keys. - Found independently by Florian in the mbed TLS forum and by Mishamax. - #878, #1019. - * Fix variable used before assignment compilation warnings with IAR - toolchain. Found by gkerrien38. - * Fix unchecked return codes from AES, DES and 3DES functions in - pem_aes_decrypt(), pem_des_decrypt() and pem_des3_decrypt() respectively. - If a call to one of the functions of the cryptographic primitive modules - failed, the error may not be noticed by the function - mbedtls_pem_read_buffer() causing it to return invalid values. Found by - Guido Vranken. #756 - * Include configuration file in md.h, to fix compilation warnings. - Reported by aaronmdjones in #1001 - * Correct extraction of signature-type from PK instance in X.509 CRT and CSR - writing routines that prevented these functions to work with alternative - RSA implementations. Raised by J.B. in the Mbed TLS forum. Fixes #1011. - * Don't print X.509 version tag for v1 CRT's, and omit extensions for - non-v3 CRT's. - * Fix bugs in RSA test suite under MBEDTLS_NO_PLATFORM_ENTROPY. #1023 #1024 - * Fix net_would_block() to avoid modification by errno through fcntl() call. - Found by nkolban. Fixes #845. - * Fix handling of handshake messages in mbedtls_ssl_read() in case - MBEDTLS_SSL_RENEGOTIATION is disabled. Found by erja-gp. - * Add a check for invalid private parameters in mbedtls_ecdsa_sign(). - Reported by Yolan Romailler. - * Fix word size check in in pk.c to not depend on MBEDTLS_HAVE_INT64. - * Fix incorrect unit in benchmark output. #850 - * Add size-checks for record and handshake message content, securing - fragile yet non-exploitable code-paths. - * Fix crash when calling mbedtls_ssl_cache_free() twice. Found by - MilenkoMitrovic, #1104 - * Fix mbedtls_timing_alarm(0) on Unix and MinGW. - * Fix use of uninitialized memory in mbedtls_timing_get_timer() when reset=1. - * Fix possible memory leaks in mbedtls_gcm_self_test(). - * Added missing return code checks in mbedtls_aes_self_test(). - * Fix issues in RSA key generation program programs/x509/rsa_genkey and the - RSA test suite where the failure of CTR DRBG initialization lead to - freeing an RSA context and several MPI's without proper initialization - beforehand. - * Fix error message in programs/pkey/gen_key.c. Found and fixed by Chris Xue. - * Fix programs/pkey/dh_server.c so that it actually works with dh_client.c. - Found and fixed by Martijn de Milliano. - * Fix an issue in the cipher decryption with the mode - MBEDTLS_PADDING_ONE_AND_ZEROS that sometimes accepted invalid padding. - Note, this padding mode is not used by the TLS protocol. Found and fixed by - Micha Kraus. - * Fix the entropy.c module to not call mbedtls_sha256_starts() or - mbedtls_sha512_starts() in the mbedtls_entropy_init() function. - * Fix the entropy.c module to ensure that mbedtls_sha256_init() or - mbedtls_sha512_init() is called before operating on the relevant context - structure. Do not assume that zeroizing a context is a correct way to - reset it. Found independently by ccli8 on Github. - * In mbedtls_entropy_free(), properly free the message digest context. - * Fix status handshake status message in programs/ssl/dtls_client.c. Found - and fixed by muddog. - -Changes - * Extend cert_write example program by options to set the certificate version - and the message digest. Further, allow enabling/disabling of authority - identifier, subject identifier and basic constraints extensions. - * Only check for necessary RSA structure fields in `mbedtls_rsa_private`. In - particular, don't require P,Q if neither CRT nor blinding are - used. Reported and fix proposed independently by satur9nine and sliai - on GitHub. - * Only run AES-192 self-test if AES-192 is available. Fixes #963. - * Tighten the RSA PKCS#1 v1.5 signature verification code and remove the - undeclared dependency of the RSA module on the ASN.1 module. - * Update all internal usage of deprecated message digest functions to the - new ones with return codes. In particular, this modifies the - mbedtls_md_info_t structure. Propagate errors from these functions - everywhere except some locations in the ssl_tls.c module. - * Improve CTR_DRBG error handling by propagating underlying AES errors. - * Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography - modules where the software implementation can be replaced by a hardware - implementation. - * Add explicit warnings for the use of MD2, MD4, MD5, SHA-1, DES and ARC4 - throughout the library. - -= mbed TLS 2.6.0 branch released 2017-08-10 - -Security - * Fix authentication bypass in SSL/TLS: when authmode is set to optional, - mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's - X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA - (default: 8) intermediates, even when it was not trusted. This could be - triggered remotely from either side. (With authmode set to 'required' - (the default), the handshake was correctly aborted). - * Reliably wipe sensitive data after use in the AES example applications - programs/aes/aescrypt2 and programs/aes/crypt_and_hash. - Found by Laurent Simon. - -Features - * Add the functions mbedtls_platform_setup() and mbedtls_platform_teardown() - and the context struct mbedtls_platform_context to perform - platform-specific setup and teardown operations. The macro - MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT allows the functions to be overridden - by the user in a platform_alt.h file. These new functions are required in - some embedded environments to provide a means of initialising underlying - cryptographic acceleration hardware. - -API Changes - * Reverted API/ABI breaking changes introduced in mbed TLS 2.5.1, to make the - API consistent with mbed TLS 2.5.0. Specifically removed the inline - qualifier from the functions mbedtls_aes_decrypt, mbedtls_aes_encrypt, - mbedtls_ssl_ciphersuite_uses_ec and mbedtls_ssl_ciphersuite_uses_psk. Found - by James Cowgill. #978 - * Certificate verification functions now set flags to -1 in case the full - chain was not verified due to an internal error (including in the verify - callback) or chain length limitations. - * With authmode set to optional, the TLS handshake is now aborted if the - verification of the peer's certificate failed due to an overlong chain or - a fatal error in the verify callback. - -Bugfix - * Add a check if iv_len is zero in GCM, and return an error if it is zero. - Reported by roberto. #716 - * Replace preprocessor condition from #if defined(MBEDTLS_THREADING_PTHREAD) - to #if defined(MBEDTLS_THREADING_C) as the library cannot assume they will - always be implemented by pthread support. #696 - * Fix a resource leak on Windows platforms in mbedtls_x509_crt_parse_path(), - in the case of an error. Found by redplait. #590 - * Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random. - Reported and fix suggested by guidovranken. #740 - * Fix conditional preprocessor directives in bignum.h to enable 64-bit - compilation when using ARM Compiler 6. - * Fix a potential integer overflow in the version verification for DER - encoded X.509 CRLs. The overflow could enable maliciously constructed CRLs - to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, - KNOX Security, Samsung Research America - * Fix potential integer overflow in the version verification for DER - encoded X.509 CSRs. The overflow could enable maliciously constructed CSRs - to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, - KNOX Security, Samsung Research America - * Fix a potential integer overflow in the version verification for DER - encoded X.509 certificates. The overflow could enable maliciously - constructed certificates to bypass the certificate verification check. - * Fix a call to the libc function time() to call the platform abstraction - function mbedtls_time() instead. Found by wairua. #666 - * Avoid shadowing of time and index functions through mbed TLS function - arguments. Found by inestlerode. #557. - -Changes - * Added config.h option MBEDTLS_NO_UDBL_DIVISION, to prevent the use of - 64-bit division. This is useful on embedded platforms where 64-bit division - created a dependency on external libraries. #708 - * Removed mutexes from ECP hardware accelerator code. Now all hardware - accelerator code in the library leaves concurrency handling to the - platform. Reported by Steven Cooreman. #863 - * Define the macro MBEDTLS_AES_ROM_TABLES in the configuration file - config-no-entropy.h to reduce the RAM footprint. - * Added a test script that can be hooked into git that verifies commits - before they are pushed. - * Improve documentation of PKCS1 decryption functions. - -= mbed TLS 2.5.1 released 2017-06-21 - -Security - * Fixed unlimited overread of heap-based buffer in mbedtls_ssl_read(). - The issue could only happen client-side with renegotiation enabled. - Could result in DoS (application crash) or information leak - (if the application layer sent data read from mbedtls_ssl_read() - back to the server or to a third party). Can be triggered remotely. - * Removed SHA-1 and RIPEMD-160 from the default hash algorithms for - certificate verification. SHA-1 can be turned back on with a compile-time - option if needed. - * Fixed offset in FALLBACK_SCSV parsing that caused TLS server to fail to - detect it sometimes. Reported by Hugo Leisink. #810 - * Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a - potential Bleichenbacher/BERserk-style attack. - -Bugfix - * Remove size zero arrays from ECJPAKE test suite. Size zero arrays are not - valid C and they prevented the test from compiling in Visual Studio 2015 - and with GCC using the -Wpedantic compilation option. - * Fix insufficient support for signature-hash-algorithm extension, - resulting in compatibility problems with Chrome. Found by hfloyrd. #823 - * Fix behaviour that hid the original cause of fatal alerts in some cases - when sending the alert failed. The fix makes sure not to hide the error - that triggered the alert. - * Fix SSLv3 renegotiation behaviour and stop processing data received from - peer after sending a fatal alert to refuse a renegotiation attempt. - Previous behaviour was to keep processing data even after the alert has - been sent. - * Accept empty trusted CA chain in authentication mode - MBEDTLS_SSL_VERIFY_OPTIONAL. Found by Jethro Beekman. #864 - * Fix implementation of mbedtls_ssl_parse_certificate() to not annihilate - fatal errors in authentication mode MBEDTLS_SSL_VERIFY_OPTIONAL and to - reflect bad EC curves within verification result. - * Fix bug that caused the modular inversion function to accept the invalid - modulus 1 and therefore to hang. Found by blaufish. #641. - * Fix incorrect sign computation in modular exponentiation when the base is - a negative MPI. Previously the result was always negative. Found by Guido - Vranken. - * Fix a numerical underflow leading to stack overflow in mpi_read_file() - that was triggered uppon reading an empty line. Found by Guido Vranken. - -Changes - * Send fatal alerts in more cases. The previous behaviour was to skip - sending the fatal alert and just drop the connection. - * Clarify ECDSA documentation and improve the sample code to avoid - misunderstanding and potentially dangerous use of the API. Pointed out - by Jean-Philippe Aumasson. - -= mbed TLS 2.5.0 branch released 2017-05-17 - -Security - * Wipe stack buffers in RSA private key operations - (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt). Found by Laurent - Simon. - * Add exponent blinding to RSA private operations as a countermeasure - against side-channel attacks like the cache attack described in - https://arxiv.org/abs/1702.08719v2. - Found and fix proposed by Michael Schwarz, Samuel Weiser, Daniel Gruss, - Clémentine Maurice and Stefan Mangard. - -Features - * Add hardware acceleration support for the Elliptic Curve Point module. - This involved exposing parts of the internal interface to enable - replacing the core functions and adding and alternative, module level - replacement support for enabling the extension of the interface. - * Add a new configuration option to 'mbedtls_ssl_config' to enable - suppressing the CA list in Certificate Request messages. The default - behaviour has not changed, namely every configured CAs name is included. - -API Changes - * The following functions in the AES module have been deprecated and replaced - by the functions shown below. The new functions change the return type from - void to int to allow returning error codes when using MBEDTLS_AES_ALT, - MBEDTLS_AES_DECRYPT_ALT or MBEDTLS_AES_ENCRYPT_ALT. - mbedtls_aes_decrypt() -> mbedtls_internal_aes_decrypt() - mbedtls_aes_encrypt() -> mbedtls_internal_aes_encrypt() - -Bugfix - * Remove macros from compat-1.3.h that correspond to deleted items from most - recent versions of the library. Found by Kyle Keen. - * Fixed issue in the Threading module that prevented mutexes from - initialising. Found by sznaider. #667 #843 - * Add checks in the PK module for the RSA functions on 64-bit systems. - The PK and RSA modules use different types for passing hash length and - without these checks the type cast could lead to data loss. Found by Guido - Vranken. - -= mbed TLS 2.4.2 branch released 2017-03-08 - -Security - * Add checks to prevent signature forgeries for very large messages while - using RSA through the PK module in 64-bit systems. The issue was caused by - some data loss when casting a size_t to an unsigned int value in the - functions rsa_verify_wrap(), rsa_sign_wrap(), rsa_alt_sign_wrap() and - mbedtls_pk_sign(). Found by Jean-Philippe Aumasson. - * Fixed potential livelock during the parsing of a CRL in PEM format in - mbedtls_x509_crl_parse(). A string containing a CRL followed by trailing - characters after the footer could result in the execution of an infinite - loop. The issue can be triggered remotely. Found by Greg Zaverucha, - Microsoft. - * Removed MD5 from the allowed hash algorithms for CertificateRequest and - CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2. - Introduced by interoperability fix for #513. - * Fixed a bug that caused freeing a buffer that was allocated on the stack, - when verifying the validity of a key on secp224k1. This could be - triggered remotely for example with a maliciously constructed certificate - and potentially could lead to remote code execution on some platforms. - Reported independently by rongsaws and Aleksandar Nikolic, Cisco Talos - team. #569 CVE-2017-2784 - -Bugfix - * Fix output certificate verification flags set by x509_crt_verify_top() when - traversing a chain of trusted CA. The issue would cause both flags, - MBEDTLS_X509_BADCERT_NOT_TRUSTED and MBEDTLS_X509_BADCERT_EXPIRED, to be - set when the verification conditions are not met regardless of the cause. - Found by Harm Verhagen and inestlerode. #665 #561 - * Fix the redefinition of macro ssl_set_bio to an undefined symbol - mbedtls_ssl_set_bio_timeout in compat-1.3.h, by removing it. - Found by omlib-lin. #673 - * Fix unused variable/function compilation warnings in pem.c, x509_crt.c and - x509_csr.c that are reported when building mbed TLS with a config.h that - does not define MBEDTLS_PEM_PARSE_C. Found by omnium21. #562 - * Fix incorrect renegotiation condition in ssl_check_ctr_renegotiate() that - would compare 64 bits of the record counter instead of 48 bits as indicated - in RFC 6347 Section 4.3.1. This could cause the execution of the - renegotiation routines at unexpected times when the protocol is DTLS. Found - by wariua. #687 - * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing - the input string in PEM format to extract the different components. Found - by Eyal Itkin. - * Fixed potential arithmetic overflow in mbedtls_ctr_drbg_reseed() that could - cause buffer bound checks to be bypassed. Found by Eyal Itkin. - * Fixed potential arithmetic overflows in mbedtls_cipher_update() that could - cause buffer bound checks to be bypassed. Found by Eyal Itkin. - * Fixed potential arithmetic overflow in mbedtls_md2_update() that could - cause buffer bound checks to be bypassed. Found by Eyal Itkin. - * Fixed potential arithmetic overflow in mbedtls_base64_decode() that could - cause buffer bound checks to be bypassed. Found by Eyal Itkin. - * Fixed heap overreads in mbedtls_x509_get_time(). Found by Peng - Li/Yueh-Hsun Lin, KNOX Security, Samsung Research America. - * Fix potential memory leak in mbedtls_x509_crl_parse(). The leak was caused - by missing calls to mbedtls_pem_free() in cases when a - MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT error was encountered. Found and - fix proposed by Guido Vranken. #722 - * Fixed the templates used to generate project and solution files for Visual - Studio 2015 as well as the files themselves, to remove a build warning - generated in Visual Studio 2015. Reported by Steve Valliere. #742 - * Fix a resource leak in ssl_cookie, when using MBEDTLS_THREADING_C. - Raised and fix suggested by Alan Gillingham in the mbed TLS forum. #771 - * Fix 1 byte buffer overflow in mbedtls_mpi_write_string() when the MPI - number to write in hexadecimal is negative and requires an odd number of - digits. Found and fixed by Guido Vranken. - * Fix unlisted DES configuration dependency in some pkparse test cases. Found - by inestlerode. #555 - -= mbed TLS 2.4.1 branch released 2016-12-13 - -Changes - * Update to CMAC test data, taken from - NIST Special Publication 800-38B - - Recommendation for Block Cipher Modes of Operation: The CMAC Mode for - Authentication – October 2016 - -= mbed TLS 2.4.0 branch released 2016-10-17 - -Security - * Removed the MBEDTLS_SSL_AEAD_RANDOM_IV option, because it was not compliant - with RFC-5116 and could lead to session key recovery in very long TLS - sessions. "Nonce-Disrespecting Adversaries Practical Forgery Attacks on GCM in - TLS" - H. Bock, A. Zauner, S. Devlin, J. Somorovsky, P. Jovanovic. - https://eprint.iacr.org/2016/475.pdf - * Fixed potential stack corruption in mbedtls_x509write_crt_der() and - mbedtls_x509write_csr_der() when the signature is copied to the buffer - without checking whether there is enough space in the destination. The - issue cannot be triggered remotely. Found by Jethro Beekman. - -Features - * Added support for CMAC for AES and 3DES and AES-CMAC-PRF-128, as defined by - NIST SP 800-38B, RFC-4493 and RFC-4615. - * Added hardware entropy selftest to verify that the hardware entropy source - is functioning correctly. - * Added a script to print build environment info for diagnostic use in test - scripts, which is also now called by all.sh. - * Added the macro MBEDTLS_X509_MAX_FILE_PATH_LEN that enables the user to - configure the maximum length of a file path that can be buffered when - calling mbedtls_x509_crt_parse_path(). - * Added a configuration file config-no-entropy.h that configures the subset of - library features that do not require an entropy source. - * Added the macro MBEDTLS_ENTROPY_MIN_HARDWARE in config.h. This allows users - to configure the minimum number of bytes for entropy sources using the - mbedtls_hardware_poll() function. - -Bugfix - * Fix for platform time abstraction to avoid dependency issues where a build - may need time but not the standard C library abstraction, and added - configuration consistency checks to check_config.h - * Fix dependency issue in Makefile to allow parallel builds. - * Fix incorrect handling of block lengths in crypt_and_hash.c sample program, - when GCM is used. Found by udf2457. #441 - * Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't - enabled unless others were also present. Found by David Fernandez. #428 - * Fix for out-of-tree builds using CMake. Found by jwurzer, and fix based on - a contribution from Tobias Tangemann. #541 - * Fixed cert_app.c sample program for debug output and for use when no root - certificates are provided. - * Fix conditional statement that would cause a 1 byte overread in - mbedtls_asn1_get_int(). Found and fixed by Guido Vranken. #599 - * Fixed pthread implementation to avoid unintended double initialisations - and double frees. Found by Niklas Amnebratt. - * Fixed the sample applications gen_key.c, cert_req.c and cert_write.c for - builds where the configuration MBEDTLS_PEM_WRITE_C is not defined. Found - by inestlerode. #559. - * Fix mbedtls_x509_get_sig() to update the ASN1 type in the mbedtls_x509_buf - data structure until after error checks are successful. Found by - subramanyam-c. #622 - * Fix documentation and implementation missmatch for function arguments of - mbedtls_gcm_finish(). Found by cmiatpaar. #602 - * Guarantee that P>Q at RSA key generation. Found by inestlerode. #558 - * Fix potential byte overread when verifying malformed SERVER_HELLO in - ssl_parse_hello_verify_request() for DTLS. Found by Guido Vranken. - * Fix check for validity of date when parsing in mbedtls_x509_get_time(). - Found by subramanyam-c. #626 - * Fix compatibility issue with Internet Explorer client authentication, - where the limited hash choices prevented the client from sending its - certificate. Found by teumas. #513 - * Fix compilation without MBEDTLS_SELF_TEST enabled. - -Changes - * Extended test coverage of special cases, and added new timing test suite. - * Removed self-tests from the basic-built-test.sh script, and added all - missing self-tests to the test suites, to ensure self-tests are only - executed once. - * Added support for 3 and 4 byte lengths to mbedtls_asn1_write_len(). - * Added support for a Yotta specific configuration file - - through the symbol YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE. - * Added optimization for code space for X.509/OID based on configured - features. Contributed by Aviv Palivoda. - * Renamed source file library/net.c to library/net_sockets.c to avoid - naming collision in projects which also have files with the common name - net.c. For consistency, the corresponding header file, net.h, is marked as - deprecated, and its contents moved to net_sockets.h. - * Changed the strategy for X.509 certificate parsing and validation, to no - longer disregard certificates with unrecognised fields. - -= mbed TLS 2.3.0 branch released 2016-06-28 - -Security - * Fix missing padding length check in mbedtls_rsa_rsaes_pkcs1_v15_decrypt - required by PKCS1 v2.2 - * Fix potential integer overflow to buffer overflow in - mbedtls_rsa_rsaes_pkcs1_v15_encrypt and mbedtls_rsa_rsaes_oaep_encrypt - (not triggerable remotely in (D)TLS). - * Fix a potential integer underflow to buffer overread in - mbedtls_rsa_rsaes_oaep_decrypt. It is not triggerable remotely in - SSL/TLS. - -Features - * Support for platform abstraction of the standard C library time() - function. - -Bugfix - * Fix bug in mbedtls_mpi_add_mpi() that caused wrong results when the three - arguments where the same (in-place doubling). Found and fixed by Janos - Follath. #309 - * Fix potential build failures related to the 'apidoc' target, introduced - in the previous patch release. Found by Robert Scheck. #390 #391 - * Fix issue in Makefile that prevented building using armar. #386 - * Fix memory leak that occurred only when ECJPAKE was enabled and ECDHE and - ECDSA was disabled in config.h . The leak didn't occur by default. - * Fix an issue that caused valid certificates to be rejected whenever an - expired or not yet valid certificate was parsed before a valid certificate - in the trusted certificate list. - * Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the - buffer after DER certificates to be included in the raw representation. - * Fix issue that caused a hang when generating RSA keys of odd bitlength - * Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer - dereference possible. - * Fix issue that caused a crash if invalid curves were passed to - mbedtls_ssl_conf_curves. #373 - * Fix issue in ssl_fork_server which was preventing it from functioning. #429 - * Fix memory leaks in test framework - * Fix test in ssl-opt.sh that does not run properly with valgrind - * Fix unchecked calls to mmbedtls_md_setup(). Fix by Brian Murray. #502 - -Changes - * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5, - don't use the optimized assembly for bignum multiplication. This removes - the need to pass -fomit-frame-pointer to avoid a build error with -O0. - * Disabled SSLv3 in the default configuration. - * Optimized mbedtls_mpi_zeroize() for MPI integer size. (Fix by Alexey - Skalozub). - * Fix non-compliance server extension handling. Extensions for SSLv3 are now - ignored, as required by RFC6101. - -= mbed TLS 2.2.1 released 2016-01-05 - -Security - * Fix potential double free when mbedtls_asn1_store_named_data() fails to - allocate memory. Only used for certificate generation, not triggerable - remotely in SSL/TLS. Found by Rafał Przywara. #367 - * Disable MD5 handshake signatures in TLS 1.2 by default to prevent the - SLOTH attack on TLS 1.2 server authentication (other attacks from the - SLOTH paper do not apply to any version of mbed TLS or PolarSSL). - https://www.mitls.org/pages/attacks/SLOTH - -Bugfix - * Fix over-restrictive length limit in GCM. Found by Andreas-N. #362 - * Fix bug in certificate validation that caused valid chains to be rejected - when the first intermediate certificate has pathLenConstraint=0. Found by - Nicholas Wilson. Introduced in mbed TLS 2.2.0. #280 - * Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign(), found by - JayaraghavendranK. #372 - * Fix suboptimal handling of unexpected records that caused interop issues - with some peers over unreliable links. Avoid dropping an entire DTLS - datagram if a single record in a datagram is unexpected, instead only - drop the record and look at subsequent records (if any are present) in - the same datagram. Found by jeannotlapin. #345 - -= mbed TLS 2.2.0 released 2015-11-04 - -Security - * Fix potential double free if mbedtls_ssl_conf_psk() is called more than - once and some allocation fails. Cannot be forced remotely. Found by Guido - Vranken, Intelworks. - * Fix potential heap corruption on Windows when - mbedtls_x509_crt_parse_path() is passed a path longer than 2GB. Cannot be - triggered remotely. Found by Guido Vranken, Intelworks. - * Fix potential buffer overflow in some asn1_write_xxx() functions. - Cannot be triggered remotely unless you create X.509 certificates based - on untrusted input or write keys of untrusted origin. Found by Guido - Vranken, Intelworks. - * The X509 max_pathlen constraint was not enforced on intermediate - certificates. Found by Nicholas Wilson, fix and tests provided by - Janos Follath. #280 and #319 - -Features - * Experimental support for EC J-PAKE as defined in Thread 1.0.0. - Disabled by default as the specification might still change. - * Added a key extraction callback to accees the master secret and key - block. (Potential uses include EAP-TLS and Thread.) - -Bugfix - * Self-signed certificates were not excluded from pathlen counting, - resulting in some valid X.509 being incorrectly rejected. Found and fix - provided by Janos Follath. #319 - * Fix build error with configurations where ECDHE-PSK is the only key - exchange. Found and fix provided by Chris Hammond. #270 - * Fix build error with configurations where RSA, RSA-PSK, ECDH-RSA or - ECHD-ECDSA if the only key exchange. Multiple reports. #310 - * Fixed a bug causing some handshakes to fail due to some non-fatal alerts - not being properly ignored. Found by mancha and Kasom Koht-arsa, #308 - * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and - size/curve against the profile. Before that, there was no way to set a - minimum key size for end-entity certificates with RSA keys. Found by - Matthew Page of Scannex Electronics Ltd. - * Fix failures in MPI on Sparc(64) due to use of bad assembly code. - Found by Kurt Danielson. #292 - * Fix typo in name of the extKeyUsage OID. Found by inestlerode, #314 - * Fix bug in ASN.1 encoding of booleans that caused generated CA - certificates to be rejected by some applications, including OS X - Keychain. Found and fixed by Jonathan Leroy, Inikup. - -Changes - * Improved performance of mbedtls_ecp_muladd() when one of the scalars is 1 - or -1. - -= mbed TLS 2.1.2 released 2015-10-06 - -Security - * Added fix for CVE-2015-5291 to prevent heap corruption due to buffer - overflow of the hostname or session ticket. Found by Guido Vranken, - Intelworks. - * Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than - once in the same handhake and mbedtls_ssl_conf_psk() was used. - Found and patch provided by Guido Vranken, Intelworks. Cannot be forced - remotely. - * Fix stack buffer overflow in pkcs12 decryption (used by - mbedtls_pk_parse_key(file)() when the password is > 129 bytes. - Found by Guido Vranken, Intelworks. Not triggerable remotely. - * Fix potential buffer overflow in mbedtls_mpi_read_string(). - Found by Guido Vranken, Intelworks. Not exploitable remotely in the context - of TLS, but might be in other uses. On 32 bit machines, requires reading a - string of close to or larger than 1GB to exploit; on 64 bit machines, would - require reading a string of close to or larger than 2^62 bytes. - * Fix potential random memory allocation in mbedtls_pem_read_buffer() - on crafted PEM input data. Found and fix provided by Guido Vranken, - Intelworks. Not triggerable remotely in TLS. Triggerable remotely if you - accept PEM data from an untrusted source. - * Fix possible heap buffer overflow in base64_encoded() when the input - buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken, - Intelworks. Not trigerrable remotely in TLS. - * Fix potential double-free if mbedtls_conf_psk() is called repeatedly on - the same mbedtls_ssl_config object and memory allocation fails. Found by - Guido Vranken, Intelworks. Cannot be forced remotely. - * Fix potential heap buffer overflow in servers that perform client - authentication against a crafted CA cert. Cannot be triggered remotely - unless you allow third parties to pick trust CAs for client auth. - Found by Guido Vranken, Intelworks. - -Bugfix - * Fix compile error in net.c with musl libc. Found and patch provided by - zhasha (#278). - * Fix macroization of 'inline' keyword when building as C++. (#279) - -Changes - * Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure - domain names are compliant with RFC 1035. - * Fixed paths for check_config.h in example config files. (Found by bachp) - (#291) - -= mbed TLS 2.1.1 released 2015-09-17 - -Security - * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5 - signatures. (Found by Florian Weimer, Red Hat.) - https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/ - * Fix possible client-side NULL pointer dereference (read) when the client - tries to continue the handshake after it failed (a misuse of the API). - (Found and patch provided by Fabian Foerg, Gotham Digital Science using - afl-fuzz.) - -Bugfix - * Fix warning when using a 64bit platform. (found by embedthis) (#275) - * Fix off-by-one error in parsing Supported Point Format extension that - caused some handshakes to fail. - -Changes - * Made X509 profile pointer const in mbedtls_ssl_conf_cert_profile() to allow - use of mbedtls_x509_crt_profile_next. (found by NWilson) - * When a client initiates a reconnect from the same port as a live - connection, if cookie verification is available - (MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable cookie - callbacks set with mbedtls_ssl_conf_dtls_cookies()), this will be - detected and mbedtls_ssl_read() will return - MBEDTLS_ERR_SSL_CLIENT_RECONNECT - it is then possible to start a new - handshake with the same context. (See RFC 6347 section 4.2.8.) - -= mbed TLS 2.1.0 released 2015-09-04 - -Features - * Added support for yotta as a build system. - * Primary open source license changed to Apache 2.0 license. - -Bugfix - * Fix segfault in the benchmark program when benchmarking DHM. - * Fix build error with CMake and pre-4.5 versions of GCC (found by Hugo - Leisink). - * Fix bug when parsing a ServerHello without extensions (found by David - Sears). - * Fix bug in CMake lists that caused libmbedcrypto.a not to be installed - (found by Benoit Lecocq). - * Fix bug in Makefile that caused libmbedcrypto and libmbedx509 not to be - installed (found by Rawi666). - * Fix compile error with armcc 5 with --gnu option. - * Fix bug in Makefile that caused programs not to be installed correctly - (found by robotanarchy) (#232). - * Fix bug in Makefile that prevented from installing without building the - tests (found by robotanarchy) (#232). - * Fix missing -static-libgcc when building shared libraries for Windows - with make. - * Fix link error when building shared libraries for Windows with make. - * Fix error when loading libmbedtls.so. - * Fix bug in mbedtls_ssl_conf_default() that caused the default preset to - be always used (found by dcb314) (#235) - * Fix bug in mbedtls_rsa_public() and mbedtls_rsa_private() that could - result trying to unlock an unlocked mutex on invalid input (found by - Fredrik Axelsson) (#257) - * Fix -Wshadow warnings (found by hnrkp) (#240) - * Fix memory corruption on client with overlong PSK identity, around - SSL_MAX_CONTENT_LEN or higher - not triggerrable remotely (found by - Aleksandrs Saveljevs) (#238) - * Fix unused function warning when using MBEDTLS_MDx_ALT or - MBEDTLS_SHAxxx_ALT (found by Henrik) (#239) - * Fix memory corruption in pkey programs (found by yankuncheng) (#210) - -Changes - * The PEM parser now accepts a trailing space at end of lines (#226). - * It is now possible to #include a user-provided configuration file at the - end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on the - compiler's command line. - * When verifying a certificate chain, if an intermediate certificate is - trusted, no later cert is checked. (suggested by hannes-landeholm) - (#220). - * Prepend a "thread identifier" to debug messages (issue pointed out by - Hugo Leisink) (#210). - * Add mbedtls_ssl_get_max_frag_len() to query the current maximum fragment - length. - -= mbed TLS 2.0.0 released 2015-07-13 - -Features - * Support for DTLS 1.0 and 1.2 (RFC 6347). - * Ability to override core functions from MDx, SHAx, AES and DES modules - with custom implementation (eg hardware accelerated), complementing the - ability to override the whole module. - * New server-side implementation of session tickets that rotate keys to - preserve forward secrecy, and allows sharing across multiple contexts. - * Added a concept of X.509 cerificate verification profile that controls - which algorithms and key sizes (curves for ECDSA) are acceptable. - * Expanded configurability of security parameters in the SSL module with - mbedtls_ssl_conf_dhm_min_bitlen() and mbedtls_ssl_conf_sig_hashes(). - * Introduced a concept of presets for SSL security-relevant configuration - parameters. - -API Changes - * The library has been split into libmbedcrypto, libmbedx509, libmbedtls. - You now need to link to all of them if you use TLS for example. - * All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace. - Some names have been further changed to make them more consistent. - Migration helpers scripts/rename.pl and include/mbedtls/compat-1.3.h are - provided. Full list of renamings in scripts/data_files/rename-1.3-2.0.txt - * Renamings of fields inside structures, not covered by the previous list: - mbedtls_cipher_info_t.key_length -> key_bitlen - mbedtls_cipher_context_t.key_length -> key_bitlen - mbedtls_ecp_curve_info.size -> bit_size - * Headers are now found in the 'mbedtls' directory (previously 'polarssl'). - * The following _init() functions that could return errors have - been split into an _init() that returns void and another function that - should generally be the first function called on this context after init: - mbedtls_ssl_init() -> mbedtls_ssl_setup() - mbedtls_ccm_init() -> mbedtls_ccm_setkey() - mbedtls_gcm_init() -> mbedtls_gcm_setkey() - mbedtls_hmac_drbg_init() -> mbedtls_hmac_drbg_seed(_buf)() - mbedtls_ctr_drbg_init() -> mbedtls_ctr_drbg_seed() - Note that for mbedtls_ssl_setup(), you need to be done setting up the - ssl_config structure before calling it. - * Most ssl_set_xxx() functions (all except ssl_set_bio(), ssl_set_hostname(), - ssl_set_session() and ssl_set_client_transport_id(), plus - ssl_legacy_renegotiation()) have been renamed to mbedtls_ssl_conf_xxx() - (see rename.pl and compat-1.3.h above) and their first argument's type - changed from ssl_context to ssl_config. - * ssl_set_bio() changed signature (contexts merged, order switched, one - additional callback for read-with-timeout). - * The following functions have been introduced and must be used in callback - implementations (SNI, PSK) instead of their *conf counterparts: - mbedtls_ssl_set_hs_own_cert() - mbedtls_ssl_set_hs_ca_chain() - mbedtls_ssl_set_hs_psk() - * mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set - using mbedtls_ssl_set_hostname(). - * mbedtls_ssl_conf_session_cache() changed prototype (only one context - pointer, parameters reordered). - * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in - place of mbedtls_ssl_conf_session_tickets() to enable session tickets. - * The SSL debug callback gained two new arguments (file name, line number). - * Debug modes were removed. - * mbedtls_ssl_conf_truncated_hmac() now returns void. - * mbedtls_memory_buffer_alloc_init() now returns void. - * X.509 verification flags are now an uint32_t. Affect the signature of: - mbedtls_ssl_get_verify_result() - mbedtls_x509_ctr_verify_info() - mbedtls_x509_crt_verify() (flags, f_vrfy -> needs to be updated) - mbedtls_ssl_conf_verify() (f_vrfy -> needs to be updated) - * The following functions changed prototype to avoid an in-out length - parameter: - mbedtls_base64_encode() - mbedtls_base64_decode() - mbedtls_mpi_write_string() - mbedtls_dhm_calc_secret() - * In the NET module, all "int" and "int *" arguments for file descriptors - changed type to "mbedtls_net_context *". - * net_accept() gained new arguments for the size of the client_ip buffer. - * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now - return void. - * ecdsa_write_signature() gained an additional md_alg argument and - ecdsa_write_signature_det() was deprecated. - * pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA. - * Last argument of x509_crt_check_key_usage() and - mbedtls_x509write_crt_set_key_usage() changed from int to unsigned. - * test_ca_list (from certs.h) is renamed to test_cas_pem and is only - available if POLARSSL_PEM_PARSE_C is defined (it never worked without). - * Test certificates in certs.c are no longer guaranteed to be nul-terminated - strings; use the new *_len variables instead of strlen(). - * Functions mbedtls_x509_xxx_parse(), mbedtls_pk_parse_key(), - mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect the - length parameter to include the terminating null byte for PEM input. - * Signature of mpi_mul_mpi() changed to make the last argument unsigned - * calloc() is now used instead of malloc() everywhere. API of platform - layer and the memory_buffer_alloc module changed accordingly. - (Thanks to Mansour Moufid for helping with the replacement.) - * Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION - (support for renegotiation now needs explicit enabling in config.h). - * Split MBEDTLS_HAVE_TIME into MBEDTLS_HAVE_TIME and MBEDTLS_HAVE_TIME_DATE - in config.h - * net_connect() and net_bind() have a new 'proto' argument to choose - between TCP and UDP, using the macros NET_PROTO_TCP or NET_PROTO_UDP. - Their 'port' argument type is changed to a string. - * Some constness fixes - -Removals - * Removed mbedtls_ecp_group_read_string(). Only named groups are supported. - * Removed mbedtls_ecp_sub() and mbedtls_ecp_add(), use - mbedtls_ecp_muladd(). - * Removed individual mdX_hmac, shaX_hmac, mdX_file and shaX_file functions - (use generic functions from md.h) - * Removed mbedtls_timing_msleep(). Use mbedtls_net_usleep() or a custom - waiting function. - * Removed test DHM parameters from the test certs module. - * Removed the PBKDF2 module (use PKCS5). - * Removed POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()). - * Removed compat-1.2.h (helper for migrating from 1.2 to 1.3). - * Removed openssl.h (very partial OpenSSL compatibility layer). - * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on). - * Configuration options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 have - been removed (compiler is required to support 32-bit operations). - * Configuration option POLARSSL_HAVE_IPV6 was removed (always enabled). - * Removed test program o_p_test, the script compat.sh does more. - * Removed test program ssl_test, superseded by ssl-opt.sh. - * Removed helper script active-config.pl - -New deprecations - * md_init_ctx() is deprecated in favour of md_setup(), that adds a third - argument (allowing memory savings if HMAC is not used) - -Semi-API changes (technically public, morally private) - * Renamed a few headers to include _internal in the name. Those headers are - not supposed to be included by users. - * Changed md_info_t into an opaque structure (use md_get_xxx() accessors). - * Changed pk_info_t into an opaque structure. - * Changed cipher_base_t into an opaque structure. - * Removed sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and x509_crl. - * x509_crt.key_usage changed from unsigned char to unsigned int. - * Removed r and s from ecdsa_context - * Removed mode from des_context and des3_context - -Default behavior changes - * The default minimum TLS version is now TLS 1.0. - * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the - default ciphersuite list returned by ssl_list_ciphersuites() - * Support for receiving SSLv2 ClientHello is now disabled by default at - compile time. - * The default authmode for SSL/TLS clients is now REQUIRED. - * Support for RSA_ALT contexts in the PK layer is now optional. Since is is - enabled in the default configuration, this is only noticeable if using a - custom config.h - * Default DHM parameters server-side upgraded from 1024 to 2048 bits. - * A minimum RSA key size of 2048 bits is now enforced during ceritificate - chain verification. - * Negotiation of truncated HMAC is now disabled by default on server too. - * The following functions are now case-sensitive: - mbedtls_cipher_info_from_string() - mbedtls_ecp_curve_info_from_name() - mbedtls_md_info_from_string() - mbedtls_ssl_ciphersuite_from_string() - mbedtls_version_check_feature() - -Requirement changes - * The minimum MSVC version required is now 2010 (better C99 support). - * The NET layer now unconditionnaly relies on getaddrinfo() and select(). - * Compiler is required to support C99 types such as long long and uint32_t. - -API changes from the 1.4 preview branch - * ssl_set_bio_timeout() was removed, split into mbedtls_ssl_set_bio() with - new prototype, and mbedtls_ssl_set_read_timeout(). - * The following functions now return void: - mbedtls_ssl_conf_transport() - mbedtls_ssl_conf_max_version() - mbedtls_ssl_conf_min_version() - * DTLS no longer hard-depends on TIMING_C, but uses a callback interface - instead, see mbedtls_ssl_set_timer_cb(), with the Timing module providing - an example implementation, see mbedtls_timing_delay_context and - mbedtls_timing_set/get_delay(). - * With UDP sockets, it is no longer necessary to call net_bind() again - after a successful net_accept(). - -Changes - * mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now - thread-safe if MBEDTLS_THREADING_C is enabled. - * Reduced ROM fooprint of SHA-256 and added an option to reduce it even - more (at the expense of performance) MBEDTLS_SHA256_SMALLER. - -= mbed TLS 1.3 branch - -Security - * With authmode set to SSL_VERIFY_OPTIONAL, verification of keyUsage and - extendedKeyUsage on the leaf certificate was lost (results not accessible - via ssl_get_verify_results()). - * Add countermeasure against "Lucky 13 strikes back" cache-based attack, - https://dl.acm.org/citation.cfm?id=2714625 - -Features - * Improve ECC performance by using more efficient doubling formulas - (contributed by Peter Dettman). - * Add x509_crt_verify_info() to display certificate verification results. - * Add support for reading DH parameters with privateValueLength included - (contributed by Daniel Kahn Gillmor). - * Add support for bit strings in X.509 names (request by Fredrik Axelsson). - * Add support for id-at-uniqueIdentifier in X.509 names. - * Add support for overriding snprintf() (except on Windows) and exit() in - the platform layer. - * Add an option to use macros instead of function pointers in the platform - layer (helps get rid of unwanted references). - * Improved Makefiles for Windows targets by fixing library targets and making - cross-compilation easier (thanks to Alon Bar-Lev). - * The benchmark program also prints heap usage for public-key primitives - if POLARSSL_MEMORY_BUFFER_ALLOC_C and POLARSSL_MEMORY_DEBUG are defined. - * New script ecc-heap.sh helps measuring the impact of ECC parameters on - speed and RAM (heap only for now) usage. - * New script memory.sh helps measuring the ROM and RAM requirements of two - reduced configurations (PSK-CCM and NSA suite B). - * Add config flag POLARSSL_DEPRECATED_WARNING (off by default) to produce - warnings on use of deprecated functions (with GCC and Clang only). - * Add config flag POLARSSL_DEPRECATED_REMOVED (off by default) to produce - errors on use of deprecated functions. - -Bugfix - * Fix compile errors with PLATFORM_NO_STD_FUNCTIONS. - * Fix compile error with PLATFORM_EXIT_ALT (thanks to Rafał Przywara). - * Fix bug in entropy.c when THREADING_C is also enabled that caused - entropy_free() to crash (thanks to Rafał Przywara). - * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than - once on the same context. - * Fix bug in ssl_mail_client when password is longer that username (found - by Bruno Pape). - * Fix undefined behaviour (memcmp( NULL, NULL, 0 );) in X.509 modules - (detected by Clang's 3.6 UBSan). - * mpi_size() and mpi_msb() would segfault when called on an mpi that is - initialized but not set (found by pravic). - * Fix detection of support for getrandom() on Linux (reported by syzzer) by - doing it at runtime (using uname) rather that compile time. - * Fix handling of symlinks by "make install" (found by Gaël PORTAY). - * Fix potential NULL pointer dereference (not trigerrable remotely) when - ssl_write() is called before the handshake is finished (introduced in - 1.3.10) (first reported by Martin Blumenstingl). - * Fix bug in pk_parse_key() that caused some valid private EC keys to be - rejected. - * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos). - * Fix thread safety bug in RSA operations (found by Fredrik Axelsson). - * Fix hardclock() (only used in the benchmarking program) with some - versions of mingw64 (found by kxjhlele). - * Fix warnings from mingw64 in timing.c (found by kxjklele). - * Fix potential unintended sign extension in asn1_get_len() on 64-bit - platforms. - * Fix potential memory leak in ssl_set_psk() (found by Mansour Moufid). - * Fix compile error when POLARSSL_SSL_DISABLE_RENEGOTATION and - POLARSSL_SSL_SSESSION_TICKETS where both enabled in config.h (introduced - in 1.3.10). - * Add missing extern "C" guard in aesni.h (reported by amir zamani). - * Add missing dependency on SHA-256 in some x509 programs (reported by - Gergely Budai). - * Fix bug related to ssl_set_curves(): the client didn't check that the - curve picked by the server was actually allowed. - -Changes - * Remove bias in mpi_gen_prime (contributed by Pascal Junod). - * Remove potential sources of timing variations (some contributed by Pascal - Junod). - * Options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 are deprecated. - * Enabling POLARSSL_NET_C without POLARSSL_HAVE_IPV6 is deprecated. - * compat-1.2.h and openssl.h are deprecated. - * Adjusting/overriding CFLAGS and LDFLAGS with the make build system is now - more flexible (warning: OFLAGS is not used any more) (see the README) - (contributed by Alon Bar-Lev). - * ssl_set_own_cert() no longer calls pk_check_pair() since the - performance impact was bad for some users (this was introduced in 1.3.10). - * Move from SHA-1 to SHA-256 in example programs using signatures - (suggested by Thorsten Mühlfelder). - * Remove some unneeded inclusions of header files from the standard library - "minimize" others (eg use stddef.h if only size_t is needed). - * Change #include lines in test files to use double quotes instead of angle - brackets for uniformity with the rest of the code. - * Remove dependency on sscanf() in X.509 parsing modules. - -= mbed TLS 1.3.10 released 2015-02-09 -Security - * NULL pointer dereference in the buffer-based allocator when the buffer is - full and polarssl_free() is called (found by Mark Hasemeyer) - (only possible if POLARSSL_MEMORY_BUFFER_ALLOC_C is enabled, which it is - not by default). - * Fix remotely-triggerable uninitialised pointer dereference caused by - crafted X.509 certificate (TLS server is not affected if it doesn't ask for a - client certificate) (found using Codenomicon Defensics). - * Fix remotely-triggerable memory leak caused by crafted X.509 certificates - (TLS server is not affected if it doesn't ask for a client certificate) - (found using Codenomicon Defensics). - * Fix potential stack overflow while parsing crafted X.509 certificates - (TLS server is not affected if it doesn't ask for a client certificate) - (found using Codenomicon Defensics). - * Fix timing difference that could theoretically lead to a - Bleichenbacher-style attack in the RSA and RSA-PSK key exchanges - (reported by Sebastian Schinzel). - -Features - * Add support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv). - * Add support for Extended Master Secret (draft-ietf-tls-session-hash). - * Add support for Encrypt-then-MAC (RFC 7366). - * Add function pk_check_pair() to test if public and private keys match. - * Add x509_crl_parse_der(). - * Add compile-time option POLARSSL_X509_MAX_INTERMEDIATE_CA to limit the - length of an X.509 verification chain. - * Support for renegotiation can now be disabled at compile-time - * Support for 1/n-1 record splitting, a countermeasure against BEAST. - * Certificate selection based on signature hash, preferring SHA-1 over SHA-2 - for pre-1.2 clients when multiple certificates are available. - * Add support for getrandom() syscall on recent Linux kernels with Glibc or - a compatible enough libc (eg uClibc). - * Add ssl_set_arc4_support() to make it easier to disable RC4 at runtime - while using the default ciphersuite list. - * Added new error codes and debug messages about selection of - ciphersuite/certificate. - -Bugfix - * Stack buffer overflow if ctr_drbg_update() is called with too large - add_len (found by Jean-Philippe Aumasson) (not triggerable remotely). - * Possible buffer overflow of length at most POLARSSL_MEMORY_ALIGN_MULTIPLE - if memory_buffer_alloc_init() was called with buf not aligned and len not - a multiple of POLARSSL_MEMORY_ALIGN_MULTIPLE (not triggerable remotely). - * User set CFLAGS were ignored by Cmake with gcc (introduced in 1.3.9, found - by Julian Ospald). - * Fix potential undefined behaviour in Camellia. - * Fix potential failure in ECDSA signatures when POLARSSL_ECP_MAX_BITS is a - multiple of 8 (found by Gergely Budai). - * Fix unchecked return code in x509_crt_parse_path() on Windows (found by - Peter Vaskovic). - * Fix assembly selection for MIPS64 (thanks to James Cowgill). - * ssl_get_verify_result() now works even if the handshake was aborted due - to a failed verification (found by Fredrik Axelsson). - * Skip writing and parsing signature_algorithm extension if none of the - key exchanges enabled needs certificates. This fixes a possible interop - issue with some servers when a zero-length extension was sent. (Reported - by Peter Dettman.) - * On a 0-length input, base64_encode() did not correctly set output length - (found by Hendrik van den Boogaard). - -Changes - * Use deterministic nonces for AEAD ciphers in TLS by default (possible to - switch back to random with POLARSSL_SSL_AEAD_RANDOM_IV in config.h). - * Blind RSA private operations even when POLARSSL_RSA_NO_CRT is defined. - * ssl_set_own_cert() now returns an error on key-certificate mismatch. - * Forbid repeated extensions in X.509 certificates. - * debug_print_buf() now prints a text view in addition to hexadecimal. - * A specific error is now returned when there are ciphersuites in common - but none of them is usable due to external factors such as no certificate - with a suitable (extended)KeyUsage or curve or no PSK set. - * It is now possible to disable negotiation of truncated HMAC server-side - at runtime with ssl_set_truncated_hmac(). - * Example programs for SSL client and server now disable SSLv3 by default. - * Example programs for SSL client and server now disable RC4 by default. - * Use platform.h in all test suites and programs. - -= PolarSSL 1.3.9 released 2014-10-20 -Security - * Lowest common hash was selected from signature_algorithms extension in - TLS 1.2 (found by Darren Bane) (introduced in 1.3.8). - * Remotely-triggerable memory leak when parsing some X.509 certificates - (server is not affected if it doesn't ask for a client certificate) - (found using Codenomicon Defensics). - * Remotely-triggerable memory leak when parsing crafted ClientHello - (not affected if ECC support was compiled out) (found using Codenomicon - Defensics). - -Bugfix - * Support escaping of commas in x509_string_to_names() - * Fix compile error in ssl_pthread_server (found by Julian Ospald). - * Fix net_accept() regarding non-blocking sockets (found by Luca Pesce). - * Don't print uninitialised buffer in ssl_mail_client (found by Marc Abel). - * Fix warnings from Clang's scan-build (contributed by Alfred Klomp). - * Fix compile error in timing.c when POLARSSL_NET_C and POLARSSL_SELFTEST - are defined but not POLARSSL_HAVE_TIME (found by Stephane Di Vito). - * Remove non-existent file from VS projects (found by Peter Vaskovic). - * ssl_read() could return non-application data records on server while - renegotation was pending, and on client when a HelloRequest was received. - * Server-initiated renegotiation would fail with non-blocking I/O if the - write callback returned WANT_WRITE when requesting renegotiation. - * ssl_close_notify() could send more than one message in some circumstances - with non-blocking I/O. - * Fix compiler warnings on iOS (found by Sander Niemeijer). - * x509_crt_parse() did not increase total_failed on PEM error - * Fix compile error with armcc in mpi_is_prime() - * Fix potential bad read in parsing ServerHello (found by Adrien - Vialletelle). - -Changes - * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no - standard defining how to use SHA-2 with SSL 3.0). - * Ciphersuites using RSA-PSK key exchange new require TLS 1.x (the spec is - ambiguous on how to encode some packets with SSL 3.0). - * Made buffer size in pk_write_(pub)key_pem() more dynamic, eg smaller if - RSA is disabled, larger if POLARSSL_MPI_MAX_SIZE is larger. - * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than - POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts. - * POLARSSL_MPI_MAX_SIZE now defaults to 1024 in order to allow 8192 bits - RSA keys. - * Accept spaces at end of line or end of buffer in base64_decode(). - * X.509 certificates with more than one AttributeTypeAndValue per - RelativeDistinguishedName are not accepted any more. - -= PolarSSL 1.3.8 released 2014-07-11 -Security - * Fix length checking for AEAD ciphersuites (found by Codenomicon). - It was possible to crash the server (and client) using crafted messages - when a GCM suite was chosen. - -Features - * Add CCM module and cipher mode to Cipher Layer - * Support for CCM and CCM_8 ciphersuites - * Support for parsing and verifying RSASSA-PSS signatures in the X.509 - modules (certificates, CRLs and CSRs). - * Blowfish in the cipher layer now supports variable length keys. - * Add example config.h for PSK with CCM, optimized for low RAM usage. - * Optimize for RAM usage in example config.h for NSA Suite B profile. - * Add POLARSSL_REMOVE_ARC4_CIPHERSUITES to allow removing RC4 ciphersuites - from the default list (inactive by default). - * Add server-side enforcement of sent renegotiation requests - (ssl_set_renegotiation_enforced()) - * Add SSL_CIPHERSUITES config.h flag to allow specifying a list of - ciphersuites to use and save some memory if the list is small. - -Changes - * Add LINK_WITH_PTHREAD option in CMake for explicit linking that is - required on some platforms (e.g. OpenBSD) - * Migrate zeroizing of data to polarssl_zeroize() instead of memset() - against unwanted compiler optimizations - * md_list() now returns hashes strongest first - * Selection of hash for signing ServerKeyExchange in TLS 1.2 now picks - strongest offered by client. - * All public contexts have _init() and _free() functions now for simpler - usage pattern - -Bugfix - * Fix in debug_print_msg() - * Enforce alignment in the buffer allocator even if buffer is not aligned - * Remove less-than-zero checks on unsigned numbers - * Stricter check on SSL ClientHello internal sizes compared to actual packet - size (found by TrustInSoft) - * Fix WSAStartup() return value check (found by Peter Vaskovic) - * Other minor issues (found by Peter Vaskovic) - * Fix symlink command for cross compiling with CMake (found by Andre - Heinecke) - * Fix DER output of gen_key app (found by Gergely Budai) - * Very small records were incorrectly rejected when truncated HMAC was in - use with some ciphersuites and versions (RC4 in all versions, CBC with - versions < TLS 1.1). - * Very large records using more than 224 bytes of padding were incorrectly - rejected with CBC-based ciphersuites and TLS >= 1.1 - * Very large records using less padding could cause a buffer overread of up - to 32 bytes with CBC-based ciphersuites and TLS >= 1.1 - * Restore ability to use a v1 cert as a CA if trusted locally. (This had - been removed in 1.3.6.) - * Restore ability to locally trust a self-signed cert that is not a proper - CA for use as an end entity certificate. (This had been removed in - 1.3.6.) - * Fix preprocessor checks for bn_mul PPC asm (found by Barry K. Nathan). - * Use \n\t rather than semicolons for bn_mul asm, since some assemblers - interpret semicolons as comment delimiters (found by Barry K. Nathan). - * Fix off-by-one error in parsing Supported Point Format extension that - caused some handshakes to fail. - * Fix possible miscomputation of the premaster secret with DHE-PSK key - exchange that caused some handshakes to fail with other implementations. - (Failure rate <= 1/255 with common DHM moduli.) - * Disable broken Sparc64 bn_mul assembly (found by Florian Obser). - * Fix base64_decode() to return and check length correctly (in case of - tight buffers) - * Fix mpi_write_string() to write "00" as hex output for empty MPI (found - by Hui Dong) - -= PolarSSL 1.3.7 released on 2014-05-02 -Features - * debug_set_log_mode() added to determine raw or full logging - * debug_set_threshold() added to ignore messages over threshold level - * version_check_feature() added to check for compile-time options at - run-time - -Changes - * POLARSSL_CONFIG_OPTIONS has been removed. All values are individually - checked and filled in the relevant module headers - * Debug module only outputs full lines instead of parts - * Better support for the different Attribute Types from IETF PKIX (RFC 5280) - * AES-NI now compiles with "old" assemblers too - * Ciphersuites based on RC4 now have the lowest priority by default - -Bugfix - * Only iterate over actual certificates in ssl_write_certificate_request() - (found by Matthew Page) - * Typos in platform.c and pkcs11.c (found by Daniel Phillips and Steffan - Karger) - * cert_write app should use subject of issuer certificate as issuer of cert - * Fix false reject in padding check in ssl_decrypt_buf() for CBC - ciphersuites, for full SSL frames of data. - * Improve interoperability by not writing extension length in ClientHello / - ServerHello when no extensions are present (found by Matthew Page) - * rsa_check_pubkey() now allows an E up to N - * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings - * mpi_fill_random() was creating numbers larger than requested on - big-endian platform when size was not an integer number of limbs - * Fix dependencies issues in X.509 test suite. - * Some parts of ssl_tls.c were compiled even when the module was disabled. - * Fix detection of DragonflyBSD in net.c (found by Markus Pfeiffer) - * Fix detection of Clang on some Apple platforms with CMake - (found by Barry K. Nathan) - -= PolarSSL 1.3.6 released on 2014-04-11 - -Features - * Support for the ALPN SSL extension - * Add option 'use_dev_random' to gen_key application - * Enable verification of the keyUsage extension for CA and leaf - certificates (POLARSSL_X509_CHECK_KEY_USAGE) - * Enable verification of the extendedKeyUsage extension - (POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) - -Changes - * x509_crt_info() now prints information about parsed extensions as well - * pk_verify() now returns a specific error code when the signature is valid - but shorter than the supplied length. - * Use UTC time to check certificate validity. - * Reject certificates with times not in UTC, per RFC 5280. - -Security - * Avoid potential timing leak in ecdsa_sign() by blinding modular division. - (Found by Watson Ladd.) - * The notAfter date of some certificates was no longer checked since 1.3.5. - This affects certificates in the user-supplied chain except the top - certificate. If the user-supplied chain contains only one certificates, - it is not affected (ie, its notAfter date is properly checked). - * Prevent potential NULL pointer dereference in ssl_read_record() (found by - TrustInSoft) - -Bugfix - * The length of various ClientKeyExchange messages was not properly checked. - * Some example server programs were not sending the close_notify alert. - * Potential memory leak in mpi_exp_mod() when error occurs during - calculation of RR. - * Fixed malloc/free default #define in platform.c (found by Gergely Budai). - * Fixed type which made POLARSSL_ENTROPY_FORCE_SHA256 uneffective (found by - Gergely Budai). - * Fix #include path in ecdsa.h which wasn't accepted by some compilers. - (found by Gergely Budai) - * Fix compile errors when POLARSSL_ERROR_STRERROR_BC is undefined (found by - Shuo Chen). - * oid_get_numeric_string() used to truncate the output without returning an - error if the output buffer was just 1 byte too small. - * dhm_parse_dhm() (hence dhm_parse_dhmfile()) did not set dhm->len. - * Calling pk_debug() on an RSA-alt key would segfault. - * pk_get_size() and pk_get_len() were off by a factor 8 for RSA-alt keys. - * Potential buffer overwrite in pem_write_buffer() because of low length - indication (found by Thijs Alkemade) - * EC curves constants, which should be only in ROM since 1.3.3, were also - stored in RAM due to missing 'const's (found by Gergely Budai). - -= PolarSSL 1.3.5 released on 2014-03-26 -Features - * HMAC-DRBG as a separate module - * Option to set the Curve preference order (disabled by default) - * Single Platform compatilibity layer (for memory / printf / fprintf) - * Ability to provide alternate timing implementation - * Ability to force the entropy module to use SHA-256 as its basis - (POLARSSL_ENTROPY_FORCE_SHA256) - * Testing script ssl-opt.sh added for testing 'live' ssl option - interoperability against OpenSSL and PolarSSL - * Support for reading EC keys that use SpecifiedECDomain in some cases. - * Entropy module now supports seed writing and reading - -Changes - * Deprecated the Memory layer - * entropy_add_source(), entropy_update_manual() and entropy_gather() - now thread-safe if POLARSSL_THREADING_C defined - * Improvements to the CMake build system, contributed by Julian Ospald. - * Work around a bug of the version of Clang shipped by Apple with Mavericks - that prevented bignum.c from compiling. (Reported by Rafael Baptista.) - * Revamped the compat.sh interoperatibility script to include support for - testing against GnuTLS - * Deprecated ssl_set_own_cert_rsa() and ssl_set_own_cert_rsa_alt() - * Improvements to tests/Makefile, contributed by Oden Eriksson. - -Security - * Forbid change of server certificate during renegotiation to prevent - "triple handshake" attack when authentication mode is 'optional' (the - attack was already impossible when authentication is required). - * Check notBefore timestamp of certificates and CRLs from the future. - * Forbid sequence number wrapping - * Fixed possible buffer overflow with overlong PSK - * Possible remotely-triggered out-of-bounds memory access fixed (found by - TrustInSoft) - -Bugfix - * ecp_gen_keypair() does more tries to prevent failure because of - statistics - * Fixed bug in RSA PKCS#1 v1.5 "reversed" operations - * Fixed testing with out-of-source builds using cmake - * Fixed version-major intolerance in server - * Fixed CMake symlinking on out-of-source builds - * Fixed dependency issues in test suite - * Programs rsa_sign_pss and rsa_verify_pss were not using PSS since 1.3.0 - * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by - Alex Wilson.) - * ssl_cache was creating entries when max_entries=0 if TIMING_C was enabled. - * m_sleep() was sleeping twice too long on most Unix platforms. - * Fixed bug with session tickets and non-blocking I/O in the unlikely case - send() would return an EAGAIN error when sending the ticket. - * ssl_cache was leaking memory when reusing a timed out entry containing a - client certificate. - * ssl_srv was leaking memory when client presented a timed out ticket - containing a client certificate - * ssl_init() was leaving a dirty pointer in ssl_context if malloc of - out_ctr failed - * ssl_handshake_init() was leaving dirty pointers in subcontexts if malloc - of one of them failed - * Fix typo in rsa_copy() that impacted PKCS#1 v2 contexts - * x509_get_current_time() uses localtime_r() to prevent thread issues - -= PolarSSL 1.3.4 released on 2014-01-27 -Features - * Support for the Koblitz curves: secp192k1, secp224k1, secp256k1 - * Support for RIPEMD-160 - * Support for AES CFB8 mode - * Support for deterministic ECDSA (RFC 6979) - -Bugfix - * Potential memory leak in bignum_selftest() - * Replaced expired test certificate - * ssl_mail_client now terminates lines with CRLF, instead of LF - * net module handles timeouts on blocking sockets better (found by Tilman - Sauerbeck) - * Assembly format fixes in bn_mul.h - -Security - * Missing MPI_CHK calls added around unguarded mpi calls (found by - TrustInSoft) - -= PolarSSL 1.3.3 released on 2013-12-31 -Features - * EC key generation support in gen_key app - * Support for adhering to client ciphersuite order preference - (POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - * Support for Curve25519 - * Support for ECDH-RSA and ECDH-ECDSA key exchanges and ciphersuites - * Support for IPv6 in the NET module - * AES-NI support for AES, AES-GCM and AES key scheduling - * SSL Pthread-based server example added (ssl_pthread_server) - -Changes - * gen_prime() speedup - * Speedup of ECP multiplication operation - * Relaxed some SHA2 ciphersuite's version requirements - * Dropped use of readdir_r() instead of readdir() with threading support - * More constant-time checks in the RSA module - * Split off curves from ecp.c into ecp_curves.c - * Curves are now stored fully in ROM - * Memory usage optimizations in ECP module - * Removed POLARSSL_THREADING_DUMMY - -Bugfix - * Fixed bug in mpi_set_bit() on platforms where t_uint is wider than int - * Fixed X.509 hostname comparison (with non-regular characters) - * SSL now gracefully handles missing RNG - * Missing defines / cases for RSA_PSK key exchange - * crypt_and_hash app checks MAC before final decryption - * Potential memory leak in ssl_ticket_keys_init() - * Memory leak in benchmark application - * Fixed x509_crt_parse_path() bug on Windows platforms - * Added missing MPI_CHK() around some statements in mpi_div_mpi() (found by - TrustInSoft) - * Fixed potential overflow in certificate size verification in - ssl_write_certificate() (found by TrustInSoft) - -Security - * Possible remotely-triggered out-of-bounds memory access fixed (found by - TrustInSoft) - -= PolarSSL 1.3.2 released on 2013-11-04 -Features - * PK tests added to test framework - * Added optional optimization for NIST MODP curves (POLARSSL_ECP_NIST_OPTIM) - * Support for Camellia-GCM mode and ciphersuites - -Changes - * Padding checks in cipher layer are now constant-time - * Value comparisons in SSL layer are now constant-time - * Support for serialNumber, postalAddress and postalCode in X509 names - * SSL Renegotiation was refactored - -Bugfix - * More stringent checks in cipher layer - * Server does not send out extensions not advertised by client - * Prevent possible alignment warnings on casting from char * to 'aligned *' - * Misc fixes and additions to dependency checks - * Const correctness - * cert_write with selfsign should use issuer_name as subject_name - * Fix ECDSA corner case: missing reduction mod N (found by DualTachyon) - * Defines to handle UEFI environment under MSVC - * Server-side initiated renegotiations send HelloRequest - -= PolarSSL 1.3.1 released on 2013-10-15 -Features - * Support for Brainpool curves and TLS ciphersuites (RFC 7027) - * Support for ECDHE-PSK key-exchange and ciphersuites - * Support for RSA-PSK key-exchange and ciphersuites - -Changes - * RSA blinding locks for a smaller amount of time - * TLS compression only allocates working buffer once - * Introduced POLARSSL_HAVE_READDIR_R for systems without it - * config.h is more script-friendly - -Bugfix - * Missing MSVC defines added - * Compile errors with POLARSSL_RSA_NO_CRT - * Header files with 'polarssl/' - * Const correctness - * Possible naming collision in dhm_context - * Better support for MSVC - * threading_set_alt() name - * Added missing x509write_crt_set_version() - -= PolarSSL 1.3.0 released on 2013-10-01 -Features - * Elliptic Curve Cryptography module added - * Elliptic Curve Diffie Hellman module added - * Ephemeral Elliptic Curve Diffie Hellman support for SSL/TLS - (ECDHE-based ciphersuites) - * Ephemeral Elliptic Curve Digital Signature Algorithm support for SSL/TLS - (ECDSA-based ciphersuites) - * Ability to specify allowed ciphersuites based on the protocol version. - * PSK and DHE-PSK based ciphersuites added - * Memory allocation abstraction layer added - * Buffer-based memory allocator added (no malloc() / free() / HEAP usage) - * Threading abstraction layer added (dummy / pthread / alternate) - * Public Key abstraction layer added - * Parsing Elliptic Curve keys - * Parsing Elliptic Curve certificates - * Support for max_fragment_length extension (RFC 6066) - * Support for truncated_hmac extension (RFC 6066) - * Support for zeros-and-length (ANSI X.923) padding, one-and-zeros - (ISO/IEC 7816-4) padding and zero padding in the cipher layer - * Support for session tickets (RFC 5077) - * Certificate Request (CSR) generation with extensions (key_usage, - ns_cert_type) - * X509 Certificate writing with extensions (basic_constraints, - issuer_key_identifier, etc) - * Optional blinding for RSA, DHM and EC - * Support for multiple active certificate / key pairs in SSL servers for - the same host (Not to be confused with SNI!) - -Changes - * Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 - individually - * Introduced separate SSL Ciphersuites module that is based on - Cipher and MD information - * Internals for SSL module adapted to have separate IV pointer that is - dynamically set (Better support for hardware acceleration) - * Moved all OID functionality to a separate module. RSA function - prototypes for the RSA sign and verify functions changed as a result - * Split up the GCM module into a starts/update/finish cycle - * Client and server now filter sent and accepted ciphersuites on minimum - and maximum protocol version - * Ability to disable server_name extension (RFC 6066) - * Renamed error_strerror() to the less conflicting polarssl_strerror() - (Ability to keep old as well with POLARSSL_ERROR_STRERROR_BC) - * SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly - * All RSA operations require a random generator for blinding purposes - * X509 core refactored - * x509_crt_verify() now case insensitive for cn (RFC 6125 6.4) - * Also compiles / runs without time-based functions (!POLARSSL_HAVE_TIME) - * Support faulty X509 v1 certificates with extensions - (POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3) - -Bugfix - * Fixed parse error in ssl_parse_certificate_request() - * zlib compression/decompression skipped on empty blocks - * Support for AIX header locations in net.c module - * Fixed file descriptor leaks - -Security - * RSA blinding on CRT operations to counter timing attacks - (found by Cyril Arnaud and Pierre-Alain Fouque) - - -= Version 1.2.14 released 2015-05-?? - -Security - * Fix potential invalid memory read in the server, that allows a client to - crash it remotely (found by Caj Larsson). - * Fix potential invalid memory read in certificate parsing, that allows a - client to crash the server remotely if client authentication is enabled - (found using Codenomicon Defensics). - * Add countermeasure against "Lucky 13 strikes back" cache-based attack, - https://dl.acm.org/citation.cfm?id=2714625 - -Bugfix - * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos). - * Fix hardclock() (only used in the benchmarking program) with some - versions of mingw64 (found by kxjhlele). - * Fix warnings from mingw64 in timing.c (found by kxjklele). - * Fix potential unintended sign extension in asn1_get_len() on 64-bit - platforms (found with Coverity Scan). - -= Version 1.2.13 released 2015-02-16 -Note: Although PolarSSL has been renamed to mbed TLS, no changes reflecting - this will be made in the 1.2 branch at this point. - -Security - * Fix remotely-triggerable uninitialised pointer dereference caused by - crafted X.509 certificate (TLS server is not affected if it doesn't ask - for a client certificate) (found using Codenomicon Defensics). - * Fix remotely-triggerable memory leak caused by crafted X.509 certificates - (TLS server is not affected if it doesn't ask for a client certificate) - (found using Codenomicon Defensics). - * Fix potential stack overflow while parsing crafted X.509 certificates - (TLS server is not affected if it doesn't ask for a client certificate) - found using Codenomicon Defensics). - * Fix buffer overread of size 1 when parsing crafted X.509 certificates - (TLS server is not affected if it doesn't ask for a client certificate). - -Bugfix - * Fix potential undefined behaviour in Camellia. - * Fix memory leaks in PKCS#5 and PKCS#12. - * Stack buffer overflow if ctr_drbg_update() is called with too large - add_len (found by Jean-Philippe Aumasson) (not triggerable remotely). - * Fix bug in MPI/bignum on s390/s390x (reported by Dan Horák) (introduced - in 1.2.12). - * Fix unchecked return code in x509_crt_parse_path() on Windows (found by - Peter Vaskovic). - * Fix assembly selection for MIPS64 (thanks to James Cowgill). - * ssl_get_verify_result() now works even if the handshake was aborted due - to a failed verification (found by Fredrik Axelsson). - * Skip writing and parsing signature_algorithm extension if none of the - key exchanges enabled needs certificates. This fixes a possible interop - issue with some servers when a zero-length extension was sent. (Reported - by Peter Dettman.) - * On a 0-length input, base64_encode() did not correctly set output length - (found by Hendrik van den Boogaard). - -Changes - * Blind RSA private operations even when POLARSSL_RSA_NO_CRT is defined. - * Forbid repeated extensions in X.509 certificates. - * Add compile-time option POLARSSL_X509_MAX_INTERMEDIATE_CA to limit the - length of an X.509 verification chain (default = 8). -= Version 1.2.12 released 2014-10-24 - -Security - * Remotely-triggerable memory leak when parsing some X.509 certificates - (server is not affected if it doesn't ask for a client certificate). - (Found using Codenomicon Defensics.) - -Bugfix - * Fix potential bad read in parsing ServerHello (found by Adrien - Vialletelle). - * ssl_close_notify() could send more than one message in some circumstances - with non-blocking I/O. - * x509_crt_parse() did not increase total_failed on PEM error - * Fix compiler warnings on iOS (found by Sander Niemeijer). - * Don't print uninitialised buffer in ssl_mail_client (found by Marc Abel). - * Fix net_accept() regarding non-blocking sockets (found by Luca Pesce). - * ssl_read() could return non-application data records on server while - renegotation was pending, and on client when a HelloRequest was received. - * Fix warnings from Clang's scan-build (contributed by Alfred Klomp). - -Changes - * X.509 certificates with more than one AttributeTypeAndValue per - RelativeDistinguishedName are not accepted any more. - * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than - POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts. - * Accept spaces at end of line or end of buffer in base64_decode(). - -= Version 1.2.11 released 2014-07-11 -Features - * Entropy module now supports seed writing and reading - -Changes - * Introduced POLARSSL_HAVE_READDIR_R for systems without it - * Improvements to the CMake build system, contributed by Julian Ospald. - * Work around a bug of the version of Clang shipped by Apple with Mavericks - that prevented bignum.c from compiling. (Reported by Rafael Baptista.) - * Improvements to tests/Makefile, contributed by Oden Eriksson. - * Use UTC time to check certificate validity. - * Reject certificates with times not in UTC, per RFC 5280. - * Migrate zeroizing of data to polarssl_zeroize() instead of memset() - against unwanted compiler optimizations - -Security - * Forbid change of server certificate during renegotiation to prevent - "triple handshake" attack when authentication mode is optional (the - attack was already impossible when authentication is required). - * Check notBefore timestamp of certificates and CRLs from the future. - * Forbid sequence number wrapping - * Prevent potential NULL pointer dereference in ssl_read_record() (found by - TrustInSoft) - * Fix length checking for AEAD ciphersuites (found by Codenomicon). - It was possible to crash the server (and client) using crafted messages - when a GCM suite was chosen. - -Bugfix - * Fixed X.509 hostname comparison (with non-regular characters) - * SSL now gracefully handles missing RNG - * crypt_and_hash app checks MAC before final decryption - * Fixed x509_crt_parse_path() bug on Windows platforms - * Added missing MPI_CHK() around some statements in mpi_div_mpi() (found by - TrustInSoft) - * Fixed potential overflow in certificate size verification in - ssl_write_certificate() (found by TrustInSoft) - * Fix ASM format in bn_mul.h - * Potential memory leak in bignum_selftest() - * Replaced expired test certificate - * ssl_mail_client now terminates lines with CRLF, instead of LF - * Fix bug in RSA PKCS#1 v1.5 "reversed" operations - * Fixed testing with out-of-source builds using cmake - * Fixed version-major intolerance in server - * Fixed CMake symlinking on out-of-source builds - * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by - Alex Wilson.) - * ssl_init() was leaving a dirty pointer in ssl_context if malloc of - out_ctr failed - * ssl_handshake_init() was leaving dirty pointers in subcontexts if malloc - of one of them failed - * x509_get_current_time() uses localtime_r() to prevent thread issues - * Some example server programs were not sending the close_notify alert. - * Potential memory leak in mpi_exp_mod() when error occurs during - calculation of RR. - * Improve interoperability by not writing extension length in ClientHello - when no extensions are present (found by Matthew Page) - * rsa_check_pubkey() now allows an E up to N - * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings - * mpi_fill_random() was creating numbers larger than requested on - big-endian platform when size was not an integer number of limbs - * Fix detection of DragonflyBSD in net.c (found by Markus Pfeiffer) - * Stricter check on SSL ClientHello internal sizes compared to actual packet - size (found by TrustInSoft) - * Fix preprocessor checks for bn_mul PPC asm (found by Barry K. Nathan). - * Use \n\t rather than semicolons for bn_mul asm, since some assemblers - interpret semicolons as comment delimiters (found by Barry K. Nathan). - * Disable broken Sparc64 bn_mul assembly (found by Florian Obser). - * Fix base64_decode() to return and check length correctly (in case of - tight buffers) - -= Version 1.2.10 released 2013-10-07 -Changes - * Changed RSA blinding to a slower but thread-safe version - -Bugfix - * Fixed memory leak in RSA as a result of introduction of blinding - * Fixed ssl_pkcs11_decrypt() prototype - * Fixed MSVC project files - -= Version 1.2.9 released 2013-10-01 -Changes - * x509_verify() now case insensitive for cn (RFC 6125 6.4) - -Bugfix - * Fixed potential memory leak when failing to resume a session - * Fixed potential file descriptor leaks (found by Remi Gacogne) - * Minor fixes - -Security - * Fixed potential heap buffer overflow on large hostname setting - * Fixed potential negative value misinterpretation in load_file() - * RSA blinding on CRT operations to counter timing attacks - (found by Cyril Arnaud and Pierre-Alain Fouque) - -= Version 1.2.8 released 2013-06-19 -Features - * Parsing of PKCS#8 encrypted private key files - * PKCS#12 PBE and derivation functions - * Centralized module option values in config.h to allow user-defined - settings without editing header files by using POLARSSL_CONFIG_OPTIONS - -Changes - * HAVEGE random generator disabled by default - * Internally split up x509parse_key() into a (PEM) handler function - and specific DER parser functions for the PKCS#1 and unencrypted - PKCS#8 private key formats - * Added mechanism to provide alternative implementations for all - symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in - config.h) - * PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated - old PBKDF2 module - -Bugfix - * Secure renegotiation extension should only be sent in case client - supports secure renegotiation - * Fixed offset for cert_type list in ssl_parse_certificate_request() - * Fixed const correctness issues that have no impact on the ABI - * x509parse_crt() now better handles PEM error situations - * ssl_parse_certificate() now calls x509parse_crt_der() directly - instead of the x509parse_crt() wrapper that can also parse PEM - certificates - * x509parse_crtpath() is now reentrant and uses more portable stat() - * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler - * Fixed values for 2-key Triple DES in cipher layer - * ssl_write_certificate_request() can handle empty ca_chain - -Security - * A possible DoS during the SSL Handshake, due to faulty parsing of - PEM-encoded certificates has been fixed (found by Jack Lloyd) - -= Version 1.2.7 released 2013-04-13 -Features - * Ability to specify allowed ciphersuites based on the protocol version. - -Changes - * Default Blowfish keysize is now 128-bits - * Test suites made smaller to accommodate Raspberry Pi - -Bugfix - * Fix for MPI assembly for ARM - * GCM adapted to support sizes > 2^29 - -= Version 1.2.6 released 2013-03-11 -Bugfix - * Fixed memory leak in ssl_free() and ssl_reset() for active session - * Corrected GCM counter incrementation to use only 32-bits instead of - 128-bits (found by Yawning Angel) - * Fixes for 64-bit compilation with MS Visual Studio - * Fixed net_bind() for specified IP addresses on little endian systems - * Fixed assembly code for ARM (Thumb and regular) for some compilers - -Changes - * Internally split up rsa_pkcs1_encrypt(), rsa_pkcs1_decrypt(), - rsa_pkcs1_sign() and rsa_pkcs1_verify() to separate PKCS#1 v1.5 and - PKCS#1 v2.1 functions - * Added support for custom labels when using rsa_rsaes_oaep_encrypt() - or rsa_rsaes_oaep_decrypt() - * Re-added handling for SSLv2 Client Hello when the define - POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is set - * The SSL session cache module (ssl_cache) now also retains peer_cert - information (not the entire chain) - -Security - * Removed further timing differences during SSL message decryption in - ssl_decrypt_buf() - * Removed timing differences due to bad padding from - rsa_rsaes_pkcs1_v15_decrypt() and rsa_pkcs1_decrypt() for PKCS#1 v1.5 - operations - -= Version 1.2.5 released 2013-02-02 -Changes - * Allow enabling of dummy error_strerror() to support some use-cases - * Debug messages about padding errors during SSL message decryption are - disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL - * Sending of security-relevant alert messages that do not break - interoperability can be switched on/off with the flag - POLARSSL_SSL_ALL_ALERT_MESSAGES - -Security - * Removed timing differences during SSL message decryption in - ssl_decrypt_buf() due to badly formatted padding - -= Version 1.2.4 released 2013-01-25 -Changes - * More advanced SSL ciphersuite representation and moved to more dynamic - SSL core - * Added ssl_handshake_step() to allow single stepping the handshake process - -Bugfix - * Memory leak when using RSA_PKCS_V21 operations fixed - * Handle future version properly in ssl_write_certificate_request() - * Correctly handle CertificateRequest message in client for <= TLS 1.1 - without DN list - -= Version 1.2.3 released 2012-11-26 -Bugfix - * Server not always sending correct CertificateRequest message - -= Version 1.2.2 released 2012-11-24 -Changes - * Added p_hw_data to ssl_context for context specific hardware acceleration - data - * During verify trust-CA is only checked for expiration and CRL presence - -Bugfixes - * Fixed client authentication compatibility - * Fixed dependency on POLARSSL_SHA4_C in SSL modules - -= Version 1.2.1 released 2012-11-20 -Changes - * Depth that the certificate verify callback receives is now numbered - bottom-up (Peer cert depth is 0) - -Bugfixes - * Fixes for MSVC6 - * Moved mpi_inv_mod() outside POLARSSL_GENPRIME - * Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel - Pégourié-Gonnard) - * Fixed possible segfault in mpi_shift_r() (found by Manuel - Pégourié-Gonnard) - * Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 - -= Version 1.2.0 released 2012-10-31 -Features - * Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak - ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by - default! - * Added support for wildcard certificates - * Added support for multi-domain certificates through the X509 Subject - Alternative Name extension - * Added preliminary ASN.1 buffer writing support - * Added preliminary X509 Certificate Request writing support - * Added key_app_writer example application - * Added cert_req example application - * Added base Galois Counter Mode (GCM) for AES - * Added TLS 1.2 support (RFC 5246) - * Added GCM suites to TLS 1.2 (RFC 5288) - * Added commandline error code convertor (util/strerror) - * Added support for Hardware Acceleration hooking in SSL/TLS - * Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and - example application (programs/ssl/o_p_test) (requires OpenSSL) - * Added X509 CA Path support - * Added Thumb assembly optimizations - * Added DEFLATE compression support as per RFC3749 (requires zlib) - * Added blowfish algorithm (Generic and cipher layer) - * Added PKCS#5 PBKDF2 key derivation function - * Added Secure Renegotiation (RFC 5746) - * Added predefined DHM groups from RFC 5114 - * Added simple SSL session cache implementation - * Added ServerName extension parsing (SNI) at server side - * Added option to add minimum accepted SSL/TLS protocol version - -Changes - * Removed redundant POLARSSL_DEBUG_MSG define - * AES code only check for Padlock once - * Fixed const-correctness mpi_get_bit() - * Documentation for mpi_lsb() and mpi_msb() - * Moved out_msg to out_hdr + 32 to support hardware acceleration - * Changed certificate verify behaviour to comply with RFC 6125 section 6.3 - to not match CN if subjectAltName extension is present (Closes ticket #56) - * Cipher layer cipher_mode_t POLARSSL_MODE_CFB128 is renamed to - POLARSSL_MODE_CFB, to also handle different block size CFB modes. - * Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation) - * Revamped session resumption handling - * Generalized external private key implementation handling (like PKCS#11) - in SSL/TLS - * Revamped x509_verify() and the SSL f_vrfy callback implementations - * Moved from unsigned long to fixed width uint32_t types throughout code - * Renamed ciphersuites naming scheme to IANA reserved names - -Bugfix - * Fixed handling error in mpi_cmp_mpi() on longer B values (found by - Hui Dong) - * Fixed potential heap corruption in x509_name allocation - * Fixed single RSA test that failed on Big Endian systems (Closes ticket #54) - * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket - #52) - * Handle encryption with private key and decryption with public key as per - RFC 2313 - * Handle empty certificate subject names - * Prevent reading over buffer boundaries on X509 certificate parsing - * mpi_add_abs() now correctly handles adding short numbers to long numbers - with carry rollover (found by Ruslan Yushchenko) - * Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob - * Fixed MPI assembly for SPARC64 platform - -Security - * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi - Vanderbeken) - -= Version 1.1.8 released on 2013-10-01 -Bugfix - * Fixed potential memory leak when failing to resume a session - * Fixed potential file descriptor leaks - -Security - * Potential buffer-overflow for ssl_read_record() (independently found by - both TrustInSoft and Paul Brodeur of Leviathan Security Group) - * Potential negative value misinterpretation in load_file() - * Potential heap buffer overflow on large hostname setting - -= Version 1.1.7 released on 2013-06-19 -Changes - * HAVEGE random generator disabled by default - -Bugfix - * x509parse_crt() now better handles PEM error situations - * ssl_parse_certificate() now calls x509parse_crt_der() directly - instead of the x509parse_crt() wrapper that can also parse PEM - certificates - * Fixed values for 2-key Triple DES in cipher layer - * ssl_write_certificate_request() can handle empty ca_chain - -Security - * A possible DoS during the SSL Handshake, due to faulty parsing of - PEM-encoded certificates has been fixed (found by Jack Lloyd) - -= Version 1.1.6 released on 2013-03-11 -Bugfix - * Fixed net_bind() for specified IP addresses on little endian systems - -Changes - * Allow enabling of dummy error_strerror() to support some use-cases - * Debug messages about padding errors during SSL message decryption are - disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL - -Security - * Removed timing differences during SSL message decryption in - ssl_decrypt_buf() - * Removed timing differences due to bad padding from - rsa_rsaes_pkcs1_v15_decrypt() and rsa_pkcs1_decrypt() for PKCS#1 v1.5 - operations - -= Version 1.1.5 released on 2013-01-16 -Bugfix - * Fixed MPI assembly for SPARC64 platform - * Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob - * mpi_add_abs() now correctly handles adding short numbers to long numbers - with carry rollover - * Moved mpi_inv_mod() outside POLARSSL_GENPRIME - * Prevent reading over buffer boundaries on X509 certificate parsing - * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket - #52) - * Fixed possible segfault in mpi_shift_r() (found by Manuel - Pégourié-Gonnard) - * Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel - Pégourié-Gonnard) - * Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 - * Memory leak when using RSA_PKCS_V21 operations fixed - * Handle encryption with private key and decryption with public key as per - RFC 2313 - * Fixes for MSVC6 - -Security - * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi - Vanderbeken) - -= Version 1.1.4 released on 2012-05-31 -Bugfix - * Correctly handle empty SSL/TLS packets (Found by James Yonan) - * Fixed potential heap corruption in x509_name allocation - * Fixed single RSA test that failed on Big Endian systems (Closes ticket #54) - -= Version 1.1.3 released on 2012-04-29 -Bugfix - * Fixed random MPI generation to not generate more size than requested. - -= Version 1.1.2 released on 2012-04-26 -Bugfix - * Fixed handling error in mpi_cmp_mpi() on longer B values (found by - Hui Dong) - -Security - * Fixed potential memory corruption on miscrafted client messages (found by - Frama-C team at CEA LIST) - * Fixed generation of DHM parameters to correct length (found by Ruslan - Yushchenko) - -= Version 1.1.1 released on 2012-01-23 -Bugfix - * Check for failed malloc() in ssl_set_hostname() and x509_get_entries() - (Closes ticket #47, found by Hugo Leisink) - * Fixed issues with Intel compiler on 64-bit systems (Closes ticket #50) - * Fixed multiple compiler warnings for VS6 and armcc - * Fixed bug in CTR_CRBG selftest - -= Version 1.1.0 released on 2011-12-22 -Features - * Added ssl_session_reset() to allow better multi-connection pools of - SSL contexts without needing to set all non-connection-specific - data and pointers again. Adapted ssl_server to use this functionality. - * Added ssl_set_max_version() to allow clients to offer a lower maximum - supported version to a server to help buggy server implementations. - (Closes ticket #36) - * Added cipher_get_cipher_mode() and cipher_get_cipher_operation() - introspection functions (Closes ticket #40) - * Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator - * Added a generic entropy accumulator that provides support for adding - custom entropy sources and added some generic and platform dependent - entropy sources - -Changes - * Documentation for AES and Camellia in modes CTR and CFB128 clarified. - * Fixed rsa_encrypt and rsa_decrypt examples to use public key for - encryption and private key for decryption. (Closes ticket #34) - * Inceased maximum size of ASN1 length reads to 32-bits. - * Added an EXPLICIT tag number parameter to x509_get_ext() - * Added a separate CRL entry extension parsing function - * Separated the ASN.1 parsing code from the X.509 specific parsing code. - So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C. - * Changed the defined key-length of DES ciphers in cipher.h to include the - parity bits, to prevent mistakes in copying data. (Closes ticket #33) - * Loads of minimal changes to better support WINCE as a build target - (Credits go to Marco Lizza) - * Added POLARSSL_MPI_WINDOW_SIZE definition to allow easier time to memory - trade-off - * Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size - management (Closes ticket #44) - * Changed the used random function pointer to more flexible format. Renamed - havege_rand() to havege_random() to prevent mistakes. Lots of changes as - a consequence in library code and programs - * Moved all examples programs to use the new entropy and CTR_DRBG - * Added permissive certificate parsing to x509parse_crt() and - x509parse_crtfile(). With permissive parsing the parsing does not stop on - encountering a parse-error. Beware that the meaning of return values has - changed! - * All error codes are now negative. Even on mermory failures and IO errors. - -Bugfix - * Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes - ticket #37) - * Fixed a bug where the CRL parser expected an EXPLICIT ASN.1 tag - before version numbers - * Allowed X509 key usage parsing to accept 4 byte values instead of the - standard 1 byte version sometimes used by Microsoft. (Closes ticket #38) - * Fixed incorrect behaviour in case of RSASSA-PSS with a salt length - smaller than the hash length. (Closes ticket #41) - * If certificate serial is longer than 32 octets, serial number is now - appended with '....' after first 28 octets - * Improved build support for s390x and sparc64 in bignum.h - * Fixed MS Visual C++ name clash with int64 in sha4.h - * Corrected removal of leading "00:" in printing serial numbers in - certificates and CRLs - -= Version 1.0.0 released on 2011-07-27 -Features - * Expanded cipher layer with support for CFB128 and CTR mode - * Added rsa_encrypt and rsa_decrypt simple example programs. - -Changes - * The generic cipher and message digest layer now have normal error - codes instead of integers - -Bugfix - * Undid faulty bug fix in ssl_write() when flushing old data (Ticket - #18) - -= Version 0.99-pre5 released on 2011-05-26 -Features - * Added additional Cipher Block Modes to symmetric ciphers - (AES CTR, Camellia CTR, XTEA CBC) including the option to - enable and disable individual modes when needed - * Functions requiring File System functions can now be disabled - by undefining POLARSSL_FS_IO - * A error_strerror function() has been added to translate between - error codes and their description. - * Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter - functions. - * Added ssl_mail_client and ssl_fork_server as example programs. - -Changes - * Major argument / variable rewrite. Introduced use of size_t - instead of int for buffer lengths and loop variables for - better unsigned / signed use. Renamed internal bigint types - t_int and t_dbl to t_uint and t_udbl in the process - * mpi_init() and mpi_free() now only accept a single MPI - argument and do not accept variable argument lists anymore. - * The error codes have been remapped and combining error codes - is now done with a PLUS instead of an OR as error codes - used are negative. - * Changed behaviour of net_read(), ssl_fetch_input() and ssl_recv(). - net_recv() now returns 0 on EOF instead of - POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns - POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. - ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received - after the handshake. - * Network functions now return POLARSSL_ERR_NET_WANT_READ or - POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous - POLARSSL_ERR_NET_TRY_AGAIN - -= Version 0.99-pre4 released on 2011-04-01 -Features - * Added support for PKCS#1 v2.1 encoding and thus support - for the RSAES-OAEP and RSASSA-PSS operations. - * Reading of Public Key files incorporated into default x509 - functionality as well. - * Added mpi_fill_random() for centralized filling of big numbers - with random data (Fixed ticket #10) - -Changes - * Debug print of MPI now removes leading zero octets and - displays actual bit size of the value. - * x509parse_key() (and as a consequence x509parse_keyfile()) - does not zeroize memory in advance anymore. Use rsa_init() - before parsing a key or keyfile! - -Bugfix - * Debug output of MPI's now the same independent of underlying - platform (32-bit / 64-bit) (Fixes ticket #19, found by Mads - Kiilerich and Mihai Militaru) - * Fixed bug in ssl_write() when flushing old data (Fixed ticket - #18, found by Nikolay Epifanov) - * Fixed proper handling of RSASSA-PSS verification with variable - length salt lengths - -= Version 0.99-pre3 released on 2011-02-28 -This release replaces version 0.99-pre2 which had possible copyright issues. -Features - * Parsing PEM private keys encrypted with DES and AES - are now supported as well (Fixes ticket #5) - * Added crl_app program to allow easy reading and - printing of X509 CRLs from file - -Changes - * Parsing of PEM files moved to separate module (Fixes - ticket #13). Also possible to remove PEM support for - systems only using DER encoding - -Bugfixes - * Corrected parsing of UTCTime dates before 1990 and - after 1950 - * Support more exotic OID's when parsing certificates - (found by Mads Kiilerich) - * Support more exotic name representations when parsing - certificates (found by Mads Kiilerich) - * Replaced the expired test certificates - * Do not bail out if no client certificate specified. Try - to negotiate anonymous connection (Fixes ticket #12, - found by Boris Krasnovskiy) - -Security fixes - * Fixed a possible Man-in-the-Middle attack on the - Diffie Hellman key exchange (thanks to Larry Highsmith, - Subreption LLC) - -= Version 0.99-pre1 released on 2011-01-30 -Features -Note: Most of these features have been donated by Fox-IT - * Added Doxygen source code documentation parts - * Added reading of DHM context from memory and file - * Improved X509 certificate parsing to include extended - certificate fields, including Key Usage - * Improved certificate verification and verification - against the available CRLs - * Detection for DES weak keys and parity bits added - * Improvements to support integration in other - applications: - + Added generic message digest and cipher wrapper - + Improved information about current capabilities, - status, objects and configuration - + Added verification callback on certificate chain - verification to allow external blacklisting - + Additional example programs to show usage - * Added support for PKCS#11 through the use of the - libpkcs11-helper library - -Changes - * x509parse_time_expired() checks time in addition to - the existing date check - * The ciphers member of ssl_context and the cipher member - of ssl_session have been renamed to ciphersuites and - ciphersuite respectively. This clarifies the difference - with the generic cipher layer and is better naming - altogether - -= Version 0.14.0 released on 2010-08-16 -Features - * Added support for SSL_EDH_RSA_AES_128_SHA and - SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites - * Added compile-time and run-time version information - * Expanded ssl_client2 arguments for more flexibility - * Added support for TLS v1.1 - -Changes - * Made Makefile cleaner - * Removed dependency on rand() in rsa_pkcs1_encrypt(). - Now using random fuction provided to function and - changed the prototype of rsa_pkcs1_encrypt(), - rsa_init() and rsa_gen_key(). - * Some SSL defines were renamed in order to avoid - future confusion - -Bug fixes - * Fixed CMake out of source build for tests (found by - kkert) - * rsa_check_private() now supports PKCS1v2 keys as well - * Fixed deadlock in rsa_pkcs1_encrypt() on failing random - generator - -= Version 0.13.1 released on 2010-03-24 -Bug fixes - * Fixed Makefile in library that was mistakenly merged - * Added missing const string fixes - -= Version 0.13.0 released on 2010-03-21 -Features - * Added option parsing for host and port selection to - ssl_client2 - * Added support for GeneralizedTime in X509 parsing - * Added cert_app program to allow easy reading and - printing of X509 certificates from file or SSL - connection. - -Changes - * Added const correctness for main code base - * X509 signature algorithm determination is now - in a function to allow easy future expansion - * Changed symmetric cipher functions to - identical interface (returning int result values) - * Changed ARC4 to use separate input/output buffer - * Added reset function for HMAC context as speed-up - for specific use-cases - -Bug fixes - * Fixed bug resulting in failure to send the last - certificate in the chain in ssl_write_certificate() and - ssl_write_certificate_request() (found by fatbob) - * Added small fixes for compiler warnings on a Mac - (found by Frank de Brabander) - * Fixed algorithmic bug in mpi_is_prime() (found by - Smbat Tonoyan) - -= Version 0.12.1 released on 2009-10-04 -Changes - * Coverage test definitions now support 'depends_on' - tagging system. - * Tests requiring specific hashing algorithms now honor - the defines. - -Bug fixes - * Changed typo in #ifdef in x509parse.c (found - by Eduardo) - -= Version 0.12.0 released on 2009-07-28 -Features - * Added CMake makefiles as alternative to regular Makefiles. - * Added preliminary Code Coverage tests for AES, ARC4, - Base64, MPI, SHA-family, MD-family, HMAC-SHA-family, - Camellia, DES, 3-DES, RSA PKCS#1, XTEA, Diffie-Hellman - and X509parse. - -Changes - * Error codes are not (necessarily) negative. Keep - this is mind when checking for errors. - * RSA_RAW renamed to SIG_RSA_RAW for consistency. - * Fixed typo in name of POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE. - * Changed interface for AES and Camellia setkey functions - to indicate invalid key lengths. - -Bug fixes - * Fixed include location of endian.h on FreeBSD (found by - Gabriel) - * Fixed include location of endian.h and name clash on - Apples (found by Martin van Hensbergen) - * Fixed HMAC-MD2 by modifying md2_starts(), so that the - required HMAC ipad and opad variables are not cleared. - (found by code coverage tests) - * Prevented use of long long in bignum if - POLARSSL_HAVE_LONGLONG not defined (found by Giles - Bathgate). - * Fixed incorrect handling of negative strings in - mpi_read_string() (found by code coverage tests). - * Fixed segfault on handling empty rsa_context in - rsa_check_pubkey() and rsa_check_privkey() (found by - code coverage tests). - * Fixed incorrect handling of one single negative input - value in mpi_add_abs() (found by code coverage tests). - * Fixed incorrect handling of negative first input - value in mpi_sub_abs() (found by code coverage tests). - * Fixed incorrect handling of negative first input - value in mpi_mod_mpi() and mpi_mod_int(). Resulting - change also affects mpi_write_string() (found by code - coverage tests). - * Corrected is_prime() results for 0, 1 and 2 (found by - code coverage tests). - * Fixed Camellia and XTEA for 64-bit Windows systems. - -= Version 0.11.1 released on 2009-05-17 - * Fixed missing functionality for SHA-224, SHA-256, SHA384, - SHA-512 in rsa_pkcs1_sign() - -= Version 0.11.0 released on 2009-05-03 - * Fixed a bug in mpi_gcd() so that it also works when both - input numbers are even and added testcases to check - (found by Pierre Habouzit). - * Added support for SHA-224, SHA-256, SHA-384 and SHA-512 - one way hash functions with the PKCS#1 v1.5 signing and - verification. - * Fixed minor bug regarding mpi_gcd located within the - POLARSSL_GENPRIME block. - * Fixed minor memory leak in x509parse_crt() and added better - handling of 'full' certificate chains (found by Mathias - Olsson). - * Centralized file opening and reading for x509 files into - load_file() - * Made definition of net_htons() endian-clean for big endian - systems (Found by Gernot). - * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in - padlock and timing code. - * Fixed an off-by-one buffer allocation in ssl_set_hostname() - responsible for crashes and unwanted behaviour. - * Added support for Certificate Revocation List (CRL) parsing. - * Added support for CRL revocation to x509parse_verify() and - SSL/TLS code. - * Fixed compatibility of XTEA and Camellia on a 64-bit system - (found by Felix von Leitner). - -= Version 0.10.0 released on 2009-01-12 - * Migrated XySSL to PolarSSL - * Added XTEA symmetric cipher - * Added Camellia symmetric cipher - * Added support for ciphersuites: SSL_RSA_CAMELLIA_128_SHA, - SSL_RSA_CAMELLIA_256_SHA and SSL_EDH_RSA_CAMELLIA_256_SHA - * Fixed dangerous bug that can cause a heap overflow in - rsa_pkcs1_decrypt (found by Christophe Devine) - -================================================================ -XySSL ChangeLog - -= Version 0.9 released on 2008-03-16 - - * Added support for ciphersuite: SSL_RSA_AES_128_SHA - * Enabled support for large files by default in aescrypt2.c - * Preliminary openssl wrapper contributed by David Barrett - * Fixed a bug in ssl_write() that caused the same payload to - be sent twice in non-blocking mode when send returns EAGAIN - * Fixed ssl_parse_client_hello(): session id and challenge must - not be swapped in the SSLv2 ClientHello (found by Greg Robson) - * Added user-defined callback debug function (Krystian Kolodziej) - * Before freeing a certificate, properly zero out all cert. data - * Fixed the "mode" parameter so that encryption/decryption are - not swapped on PadLock; also fixed compilation on older versions - of gcc (bug reported by David Barrett) - * Correctly handle the case in padlock_xcryptcbc() when input or - output data is non-aligned by falling back to the software - implementation, as VIA Nehemiah cannot handle non-aligned buffers - * Fixed a memory leak in x509parse_crt() which was reported by Greg - Robson-Garth; some x509write.c fixes by Pascal Vizeli, thanks to - Matthew Page who reported several bugs - * Fixed x509_get_ext() to accept some rare certificates which have - an INTEGER instead of a BOOLEAN for BasicConstraints::cA. - * Added support on the client side for the TLS "hostname" extension - (patch contributed by David Patino) - * Make x509parse_verify() return BADCERT_CN_MISMATCH when an empty - string is passed as the CN (bug reported by spoofy) - * Added an option to enable/disable the BN assembly code - * Updated rsa_check_privkey() to verify that (D*E) = 1 % (P-1)*(Q-1) - * Disabled obsolete hash functions by default (MD2, MD4); updated - selftest and benchmark to not test ciphers that have been disabled - * Updated x509parse_cert_info() to correctly display byte 0 of the - serial number, setup correct server port in the ssl client example - * Fixed a critical denial-of-service with X.509 cert. verification: - peer may cause xyssl to loop indefinitely by sending a certificate - for which the RSA signature check fails (bug reported by Benoit) - * Added test vectors for: AES-CBC, AES-CFB, DES-CBC and 3DES-CBC, - HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 - * Fixed HMAC-SHA-384 and HMAC-SHA-512 (thanks to Josh Sinykin) - * Modified ssl_parse_client_key_exchange() to protect against - Daniel Bleichenbacher attack on PKCS#1 v1.5 padding, as well - as the Klima-Pokorny-Rosa extension of Bleichenbacher's attack - * Updated rsa_gen_key() so that ctx->N is always nbits in size - * Fixed assembly PPC compilation errors on Mac OS X, thanks to - David Barrett and Dusan Semen - -= Version 0.8 released on 2007-10-20 - - * Modified the HMAC functions to handle keys larger - than 64 bytes, thanks to Stephane Desneux and gary ng - * Fixed ssl_read_record() to properly update the handshake - message digests, which fixes IE6/IE7 client authentication - * Cleaned up the XYSSL* #defines, suggested by Azriel Fasten - * Fixed net_recv(), thanks to Lorenz Schori and Egon Kocjan - * Added user-defined callbacks for handling I/O and sessions - * Added lots of debugging output in the SSL/TLS functions - * Added preliminary X.509 cert. writing by Pascal Vizeli - * Added preliminary support for the VIA PadLock routines - * Added AES-CFB mode of operation, contributed by chmike - * Added an SSL/TLS stress testing program (ssl_test.c) - * Updated the RSA PKCS#1 code to allow choosing between - RSA_PUBLIC and RSA_PRIVATE, as suggested by David Barrett - * Updated ssl_read() to skip 0-length records from OpenSSL - * Fixed the make install target to comply with *BSD make - * Fixed a bug in mpi_read_binary() on 64-bit platforms - * mpi_is_prime() speedups, thanks to Kevin McLaughlin - * Fixed a long standing memory leak in mpi_is_prime() - * Replaced realloc with malloc in mpi_grow(), and set - the sign of zero as positive in mpi_init() (reported - by Jonathan M. McCune) - -= Version 0.7 released on 2007-07-07 - - * Added support for the MicroBlaze soft-core processor - * Fixed a bug in ssl_tls.c which sometimes prevented SSL - connections from being established with non-blocking I/O - * Fixed a couple bugs in the VS6 and UNIX Makefiles - * Fixed the "PIC register ebx clobbered in asm" bug - * Added HMAC starts/update/finish support functions - * Added the SHA-224, SHA-384 and SHA-512 hash functions - * Fixed the net_set_*block routines, thanks to Andreas - * Added a few demonstration programs: md5sum, sha1sum, - dh_client, dh_server, rsa_genkey, rsa_sign, rsa_verify - * Added new bignum import and export helper functions - * Rewrote README.txt in program/ssl/ca to better explain - how to create a test PKI - -= Version 0.6 released on 2007-04-01 - - * Ciphers used in SSL/TLS can now be disabled at compile - time, to reduce the memory footprint on embedded systems - * Added multiply assembly code for the TriCore and modified - havege_struct for this processor, thanks to David Patiño - * Added multiply assembly code for 64-bit PowerPCs, - thanks to Peking University and the OSU Open Source Lab - * Added experimental support of Quantum Cryptography - * Added support for autoconf, contributed by Arnaud Cornet - * Fixed "long long" compilation issues on IA-64 and PPC64 - * Fixed a bug introduced in xyssl-0.5/timing.c: hardclock - was not being correctly defined on ARM and MIPS - -= Version 0.5 released on 2007-03-01 - - * Added multiply assembly code for SPARC and Alpha - * Added (beta) support for non-blocking I/O operations - * Implemented session resuming and client authentication - * Fixed some portability issues on WinCE, MINIX 3, Plan9 - (thanks to Benjamin Newman), HP-UX, FreeBSD and Solaris - * Improved the performance of the EDH key exchange - * Fixed a bug that caused valid packets with a payload - size of 16384 bytes to be rejected - -= Version 0.4 released on 2007-02-01 - - * Added support for Ephemeral Diffie-Hellman key exchange - * Added multiply asm code for SSE2, ARM, PPC, MIPS and M68K - * Various improvement to the modular exponentiation code - * Rewrote the headers to generate the API docs with doxygen - * Fixed a bug in ssl_encrypt_buf (incorrect padding was - generated) and in ssl_parse_client_hello (max. client - version was not properly set), thanks to Didier Rebeix - * Fixed another bug in ssl_parse_client_hello: clients with - cipherlists larger than 96 bytes were incorrectly rejected - * Fixed a couple memory leak in x509_read.c - -= Version 0.3 released on 2007-01-01 - - * Added server-side SSLv3 and TLSv1.0 support - * Multiple fixes to enhance the compatibility with g++, - thanks to Xosé Antón Otero Ferreira - * Fixed a bug in the CBC code, thanks to dowst; also, - the bignum code is no longer dependent on long long - * Updated rsa_pkcs1_sign to handle arbitrary large inputs - * Updated timing.c for improved compatibility with i386 - and 486 processors, thanks to Arnaud Cornet - -= Version 0.2 released on 2006-12-01 - - * Updated timing.c to support ARM and MIPS arch - * Updated the MPI code to support 8086 on MSVC 1.5 - * Added the copyright notice at the top of havege.h - * Fixed a bug in sha2_hmac, thanks to newsoft/Wenfang Zhang - * Fixed a bug reported by Adrian Rüegsegger in x509_read_key - * Fixed a bug reported by Torsten Lauter in ssl_read_record - * Fixed a bug in rsa_check_privkey that would wrongly cause - valid RSA keys to be dismissed (thanks to oldwolf) - * Fixed a bug in mpi_is_prime that caused some primes to fail - the Miller-Rabin primality test - - I'd also like to thank Younès Hafri for the CRUX linux port, - Khalil Petit who added XySSL into pkgsrc and Arnaud Cornet - who maintains the Debian package :-) - -= Version 0.1 released on 2006-11-01 From 7242ea688a9c7b1702dd41a026e921a696a5e0e2 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 10 Apr 2019 18:00:15 +0100 Subject: [PATCH 1194/2197] config: Remove explicit ciphersuite lists Make maintaining config files easier by removing any explicit ciphersuite lists. These explicit lists are prone to being incomplete as TLS defines more and more ciphersuites. Rather than try to play catch up, let's refer to sets of ciphersuites with declarative language. --- configs/config-psa-crypto.h | 198 +++--------------------------------- include/mbedtls/config.h | 198 +++--------------------------------- 2 files changed, 26 insertions(+), 370 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 682fa87d7..97a1b2b68 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -614,26 +614,8 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA + * This module is required to support the TLS ciphersuites that use the NULL + * cipher. * * Uncomment this macro to enable the NULL cipher */ @@ -1057,65 +1039,8 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA + * This module is required to support the TLS ciphersuites that use the AES + * cipher. * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1129,17 +1054,8 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA + * This module is required to support the TLS ciphersuites that use the ARC4 + * cipher. * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1217,49 +1133,8 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module is required to support the TLS ciphersuites that use the + * Camellia cipher. */ #define MBEDTLS_CAMELLIA_C @@ -1271,45 +1146,8 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module is required to support the TLS ciphersuites that use the + * ARIA cipher. */ //#define MBEDTLS_ARIA_C @@ -1395,17 +1233,8 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module is required to support the TLS ciphersuites that use the DES + * cipher. * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1530,8 +1359,7 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in - * TLS. + * This module is required to support the TLS ciphersuites that use GCM. */ #define MBEDTLS_GCM_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 4c86e90d2..18a6097f6 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -614,26 +614,8 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA + * This module is required to support the TLS ciphersuites that use the NULL + * cipher. * * Uncomment this macro to enable the NULL cipher */ @@ -1086,65 +1068,8 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA + * This module is required to support the TLS ciphersuites that use the AES + * cipher. * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1158,17 +1083,8 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA + * This module is required to support the TLS ciphersuites that use the ARC4 + * cipher. * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1246,49 +1162,8 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module is required to support the TLS ciphersuites that use the + * Camellia cipher. */ #define MBEDTLS_CAMELLIA_C @@ -1300,45 +1175,8 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module is required to support the TLS ciphersuites that use the + * ARIA cipher. */ //#define MBEDTLS_ARIA_C @@ -1424,17 +1262,8 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module is required to support the TLS ciphersuites that use the DES + * cipher. * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1559,8 +1388,7 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in - * TLS. + * This module is required to support the TLS ciphersuites that use GCM. */ #define MBEDTLS_GCM_C From 7accf444eaf29db01b7346bd2e90e3ec25f4c8fd Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 10 Apr 2019 18:13:57 +0100 Subject: [PATCH 1195/2197] config: Simplify incorrect GCM comment GCM is not just for AES, but for at least Camellia as well. --- include/mbedtls/config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 18a6097f6..85773653b 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1382,7 +1382,7 @@ /** * \def MBEDTLS_GCM_C * - * Enable the Galois/Counter Mode (GCM) for AES. + * Enable the Galois/Counter Mode (GCM). * * Module: library/gcm.c * From 651ae684e11e856a094c9de895cab4edfbe70432 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 10 Apr 2019 18:19:16 +0100 Subject: [PATCH 1196/2197] config: Enable using ARIA-GCM without other ciphers Previously, GCM required enabling either AES or Camellia. However, we also support using GCM with ARIA and without other ciphers. Enable configurations with only ARIA enabled to use GCM. --- include/mbedtls/check_config.h | 2 +- include/mbedtls/config.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 8f6ff5f8e..78bf131e0 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -177,7 +177,7 @@ #endif #if defined(MBEDTLS_GCM_C) && ( \ - !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) ) + !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) #error "MBEDTLS_GCM_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 85773653b..56ad01c40 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1386,7 +1386,7 @@ * * Module: library/gcm.c * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_ARIA_C * * This module is required to support the TLS ciphersuites that use GCM. */ From 3495b58fcfea9667f5170d0aab171d2e172f4a57 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Apr 2019 13:47:06 +0200 Subject: [PATCH 1197/2197] Fix loading of 0-sized key on platforms where malloc(0)=NULL --- library/psa_crypto_storage.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 840f418c3..1e3ce0891 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -309,16 +309,22 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_STORAGE_FAILURE ); - *key_data = mbedtls_calloc( 1, *key_data_length ); - if( *key_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if( *key_data_length == 0 ) + { + *key_data = NULL; + } + else + { + *key_data = mbedtls_calloc( 1, *key_data_length ); + if( *key_data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( *key_data, storage_format->key_data, *key_data_length ); + } GET_UINT32_LE(*type, storage_format->type, 0); GET_UINT32_LE(policy->usage, storage_format->policy, 0); GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); - memcpy( *key_data, storage_format->key_data, *key_data_length ); - return( PSA_SUCCESS ); } From 30afafd5276cfce6e88a33f6fd484b28c02e4f75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Apr 2019 13:47:40 +0200 Subject: [PATCH 1198/2197] Fix build errors with MBEDTLS_PSA_CRYPTO_STORAGE_C disabled --- library/psa_crypto.c | 1 + library/psa_crypto_slot_management.c | 21 +++++++++++++-------- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index efec00be5..e035eceaa 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1307,6 +1307,7 @@ static psa_status_t psa_start_key_creation( static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) { psa_status_t status = PSA_SUCCESS; + (void) slot; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index d8b0a2e51..8ee561512 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -192,7 +192,6 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id ) return( 0 ); return( 1 ); } -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ /** Declare a slot as persistent and load it from storage. * @@ -215,7 +214,6 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id ) static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_key_file_id_t id ) { -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_key_slot_t *slot; psa_status_t status; @@ -228,13 +226,8 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, status = psa_load_persistent_key_into_slot( slot ); return( status ); - -#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - (void) handle; - (void) id; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, @@ -242,9 +235,16 @@ psa_status_t psa_validate_persistent_key_parameters( { if( lifetime != PSA_KEY_LIFETIME_PERSISTENT ) return( PSA_ERROR_INVALID_ARGUMENT ); + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( ! psa_is_key_id_valid( id ) ) return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_SUCCESS ); + +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + (void) id; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, @@ -260,6 +260,7 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, if( status != PSA_SUCCESS ) return( status ); +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) status = psa_internal_allocate_key_slot( handle ); if( status != PSA_SUCCESS ) return( status ); @@ -271,6 +272,10 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, *handle = 0; } return( status ); +#else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + (void) wanted_load_status; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ } psa_status_t psa_open_key( psa_key_lifetime_t lifetime, From 3a4f1f8e468cdfe841b2ad9df14e50c92bc9c99f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 26 Apr 2019 13:49:28 +0200 Subject: [PATCH 1199/2197] Set the key size as an attribute Instead of passing a separate parameter for the key size to psa_generate_key and psa_generator_import_key, set it through the attributes, like the key type and other metadata. --- include/psa/crypto.h | 30 ++++++++++----------- include/psa/crypto_struct.h | 6 +++++ library/psa_crypto.c | 9 ++++--- programs/psa/crypto_examples.c | 12 ++++----- programs/psa/key_ladder_demo.c | 16 +++++------ tests/suites/test_suite_psa_crypto.data | 2 +- tests/suites/test_suite_psa_crypto.function | 23 +++++++++------- 7 files changed, 54 insertions(+), 44 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2046947dd..2c3288ef8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -147,6 +147,7 @@ psa_status_t psa_crypto_init(void); * by the following functions: * - psa_make_key_persistent() * - psa_set_key_type() + * - psa_set_key_bits() * - psa_set_key_usage_flags() * - psa_set_key_algorithm() * - psa_reset_key_attributes() @@ -293,6 +294,20 @@ static psa_algorithm_t psa_get_key_algorithm( static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type); +/** Declare the size of a key. + * + * This function overwrites any key size previously set in \p attributes. + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. + * \param bits The key size in bits. + */ +static void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits); + /** Retrieve the key type from key attributes. * * This function may be declared as `static` (i.e. without external @@ -331,11 +346,6 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * property may not hold in future versions of this specification or * for implementation-specific values. * - * In addition to the attributes that were set when creating the key, - * this function reports the following data: - * - The key size in bits, which can be retrieved with - * psa_get_key_bits(). - * * \param[in] handle Handle to the key to query. * \param[in,out] attributes On success, the attributes of the key. * On failure, equivalent to a @@ -3018,12 +3028,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * The generator's capacity is decreased by the number of bytes read. * * \param[in] attributes The attributes for the new key. - * The key size field in \p attributes is - * ignored; the actual key size is taken - * from the \p bits parameter instead. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. - * \param bits Key size in bits. * \param[in,out] generator The generator object to read from. * * \retval #PSA_SUCCESS @@ -3054,7 +3060,6 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, */ psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - size_t bits, psa_crypto_generator_t *generator); /** Abort a generator. @@ -3383,12 +3388,8 @@ typedef struct { * \brief Generate a key or key pair. * * \param[in] attributes The attributes for the new key. - * The key size field in \p attributes is - * ignored; the actual key size is taken - * from the \p bits parameter instead. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. - * \param bits Key size in bits. * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter depends on * the key type \c type. All types support \c NULL to @@ -3447,7 +3448,6 @@ typedef struct { */ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - size_t bits, const void *extra, size_t extra_size); diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 273f6b6ec..f89073b16 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -333,6 +333,12 @@ static inline psa_key_type_t psa_get_key_type( return( attributes->type ); } +static inline void psa_set_key_bits(psa_key_attributes_t *attributes, + size_t bits) +{ + attributes->bits = bits; +} + static inline size_t psa_get_key_bits( const psa_key_attributes_t *attributes) { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e035eceaa..c1e3a3f1b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4222,7 +4222,6 @@ exit: psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - size_t bits, psa_crypto_generator_t *generator ) { psa_status_t status; @@ -4230,7 +4229,9 @@ psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, status = psa_start_key_creation( attributes, handle, &slot ); if( status == PSA_SUCCESS ) { - status = psa_generator_import_key_internal( slot, bits, generator ); + status = psa_generator_import_key_internal( slot, + attributes->bits, + generator ); } if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot ); @@ -5139,7 +5140,6 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - size_t bits, const void *extra, size_t extra_size ) { @@ -5148,7 +5148,8 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, status = psa_start_key_creation( attributes, handle, &slot ); if( status == PSA_SUCCESS ) { - status = psa_generate_key_internal( slot, bits, extra, extra_size ); + status = psa_generate_key_internal( slot, attributes->bits, + extra, extra_size ); } if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot ); diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 07d1fd25d..72fa12fcb 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -162,9 +162,9 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle, key_bits, - NULL, 0 ); + status = psa_generate_key( &attributes, &key_handle, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -213,9 +213,9 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle, key_bits, - NULL, 0 ); + status = psa_generate_key( &attributes, &key_handle, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -260,9 +260,9 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle, key_bits, - NULL, 0 ); + status = psa_generate_key( &attributes, &key_handle, NULL, 0 ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index b84e7fd6b..c1e296fd8 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -206,10 +206,9 @@ static psa_status_t generate( const char *key_file_name ) PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, KDF_ALG ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); - PSA_CHECK( psa_generate_key( &attributes, &key_handle, - PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), - NULL, 0 ) ); + PSA_CHECK( psa_generate_key( &attributes, &key_handle, NULL, 0 ) ); PSA_CHECK( save_key( key_handle, key_file_name ) ); @@ -287,6 +286,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, KDF_ALG ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); /* For each label in turn, ... */ for( i = 0; i < ladder_depth; i++ ) @@ -306,10 +306,8 @@ static psa_status_t derive_key_ladder( const char *ladder[], *key_handle = 0; /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generator_import_key( - &attributes, key_handle, - PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ), - &generator ) ); + PSA_CHECK( psa_generator_import_key( &attributes, key_handle, + &generator ) ); PSA_CHECK( psa_generator_abort( &generator ) ); } @@ -336,6 +334,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_set_key_usage_flags( &attributes, usage ); psa_set_key_algorithm( &attributes, WRAPPING_ALG ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); PSA_CHECK( psa_key_derivation( &generator, @@ -345,8 +344,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); PSA_CHECK( psa_generator_import_key( &attributes, wrapping_key_handle, - WRAPPING_KEY_BITS, - &generator ) ); + &generator ) ); exit: psa_generator_abort( &generator ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5b99b84a7..c91094cff 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2,7 +2,7 @@ PSA compile-time sanity checks static_checks: PSA key attributes structure -attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES +attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128 PSA import/export raw: 0 bytes import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1d67c6d61..152f7e998 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1157,7 +1157,7 @@ void static_checks( ) /* BEGIN_CASE */ void attributes_set_get( int id_arg, int lifetime_arg, int usage_flags_arg, int alg_arg, - int type_arg ) + int type_arg, int bits_arg ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_id_t id = id_arg; @@ -1165,23 +1165,27 @@ void attributes_set_get( int id_arg, int lifetime_arg, psa_key_usage_t usage_flags = usage_flags_arg; psa_algorithm_t alg = alg_arg; psa_key_type_t type = type_arg; + size_t bits = bits_arg; TEST_EQUAL( psa_get_key_id( &attributes ), 0 ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); psa_make_key_persistent( &attributes, id, lifetime ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, bits ); TEST_EQUAL( psa_get_key_id( &attributes ), id ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); psa_reset_key_attributes( &attributes ); @@ -1190,6 +1194,7 @@ void attributes_set_get( int id_arg, int lifetime_arg, TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); + TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); } /* END_CASE */ @@ -4294,8 +4299,8 @@ void derive_key_exercise( int alg_arg, psa_set_key_usage_flags( &attributes, derived_usage ); psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); + psa_set_key_bits( &attributes, derived_bits ); PSA_ASSERT( psa_generator_import_key( &attributes, &derived_handle, - derived_bits, &generator ) ); /* Test the key information */ @@ -4327,7 +4332,6 @@ void derive_key_export( int alg_arg, psa_key_handle_t derived_handle = 0; psa_algorithm_t alg = alg_arg; size_t bytes1 = bytes1_arg; - size_t derived_bits = PSA_BYTES_TO_BITS( bytes1 ); size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; @@ -4365,16 +4369,16 @@ void derive_key_export( int alg_arg, psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, - derived_bits, &generator ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, &length ) ); TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); + psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, - PSA_BYTES_TO_BITS( bytes2 ), &generator ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, @@ -4667,9 +4671,10 @@ void generate_key( int type_arg, psa_set_key_usage_flags( &attributes, usage ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &handle, bits, NULL, 0 ), + TEST_EQUAL( psa_generate_key( &attributes, &handle, NULL, 0 ), expected_status ); if( expected_info_status != PSA_SUCCESS ) goto exit; @@ -4722,6 +4727,7 @@ void persistent_key_load_key_from_storage( data_t *data, psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, bits ); switch( generation_method ) { @@ -4733,8 +4739,7 @@ void persistent_key_load_key_from_storage( data_t *data, case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( &attributes, &handle, - bits, NULL, 0 ) ); + PSA_ASSERT( psa_generate_key( &attributes, &handle, NULL, 0 ) ); break; case DERIVE_KEY: @@ -4757,7 +4762,7 @@ void persistent_key_load_key_from_storage( data_t *data, &generator, PSA_KDF_STEP_INFO, NULL, 0 ) ); PSA_ASSERT( psa_generator_import_key( &attributes, &handle, - bits, &generator ) ); + &generator ) ); PSA_ASSERT( psa_generator_abort( &generator ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); base_key = 0; From 8df5de42e2e094c5250686d4e5582d8630098703 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Apr 2019 12:24:48 +0100 Subject: [PATCH 1200/2197] Makefile: Output to explicit target Don't depend on the C compiler's default output file name and path. Make knows what it wants to build and where it should go, and this may not always align with the C compiler default, so tell the C compilter to output to the Make target explicitly. --- library/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/Makefile b/library/Makefile index 6ed5e6861..a2912507d 100644 --- a/library/Makefile +++ b/library/Makefile @@ -198,7 +198,7 @@ libmbedcrypto.dll: $(OBJS_CRYPTO) .c.o: echo " CC $<" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c $< + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c $< -o $@ clean: ifndef WINDOWS From a1ace9c4948612357ee6db31473d8caa7d5ce8ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 26 Apr 2019 16:03:33 +0200 Subject: [PATCH 1201/2197] Call psa_reset_key_attributes after psa_get_key_attributes After calling psa_get_key_attributes(), call psa_reset_key_attributes() if the key may have domain parameters, because that's the way to free the domain parameter substructure in the attribute structure. Keep not calling reset() in some places where the key can only be a symmetric key which doesn't have domain parameters. --- tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++++++++- ...t_suite_psa_crypto_persistent_key.function | 2 ++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 152f7e998..8bf67e63e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -598,6 +598,7 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, public_key, public_key_length ); exit: mbedtls_free( public_key ); + psa_reset_key_attributes( &attributes ); return( status ); } @@ -635,6 +636,7 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, output, sizeof( output ), &output_length ); exit: mbedtls_free( public_key ); + psa_reset_key_attributes( &attributes ); return( status ); } @@ -936,7 +938,8 @@ static int exercise_export_key( psa_key_handle_t handle, { TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ), PSA_ERROR_NOT_PERMITTED ); - return( 1 ); + ok = 1; + goto exit; } exported_size = PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( &attributes ), @@ -952,6 +955,7 @@ static int exercise_export_key( psa_key_handle_t handle, exit: mbedtls_free( exported ); + psa_reset_key_attributes( &attributes ); return( ok ); } @@ -987,6 +991,7 @@ static int exercise_export_public_key( psa_key_handle_t handle ) exit: mbedtls_free( exported ); + psa_reset_key_attributes( &attributes ); return( ok ); } @@ -1224,6 +1229,7 @@ void import( data_t *data, int type_arg, int expected_status_arg ) exit: psa_destroy_key( handle ); + psa_reset_key_attributes( &got_attributes ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1354,6 +1360,7 @@ destroy: exit: mbedtls_free( exported ); mbedtls_free( reexported ); + psa_reset_key_attributes( &got_attributes ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1417,6 +1424,7 @@ void import_export_public_key( data_t *data, exit: mbedtls_free( exported ); psa_destroy_key( handle ); + psa_reset_key_attributes( &attributes ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1458,6 +1466,7 @@ void import_and_exercise_key( data_t *data, exit: psa_destroy_key( handle ); + psa_reset_key_attributes( &got_attributes ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1489,6 +1498,7 @@ void key_policy( int usage_arg, int alg_arg ) exit: psa_destroy_key( handle ); + psa_reset_key_attributes( &attributes ); mbedtls_psa_crypto_free( ); } /* END_CASE */ @@ -1733,6 +1743,7 @@ void asymmetric_encryption_key_policy( int policy_usage, exit: psa_destroy_key( handle ); + psa_reset_key_attributes( &attributes ); mbedtls_psa_crypto_free( ); mbedtls_free( buffer ); } @@ -1977,6 +1988,8 @@ void copy_key( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_close_key( target_handle ) ); exit: + psa_reset_key_attributes( &source_attributes ); + psa_reset_key_attributes( &target_attributes ); mbedtls_psa_crypto_free( ); mbedtls_free( export_buffer ); } @@ -3488,6 +3501,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature, signature_length ); exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); @@ -3532,6 +3546,7 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( signature_length <= signature_size ); exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); @@ -3598,6 +3613,7 @@ void sign_verify( int key_type_arg, data_t *key_data, } exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( signature ); mbedtls_psa_crypto_free( ); @@ -3630,6 +3646,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, signature_data->x, signature_data->len ) ); exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -3665,6 +3682,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, TEST_EQUAL( actual_status, expected_status ); exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -3732,6 +3750,7 @@ void asymmetric_encrypt( int key_type_arg, } exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); @@ -3795,6 +3814,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, output2, output2_length ); exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_free( output2 ); @@ -3857,6 +3877,7 @@ void asymmetric_decrypt( int key_type_arg, } exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); @@ -3918,6 +3939,7 @@ void asymmetric_decrypt_fail( int key_type_arg, } exit: + psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_psa_crypto_free( ); @@ -4314,6 +4336,7 @@ void derive_key_exercise( int alg_arg, exit: psa_generator_abort( &generator ); + psa_reset_key_attributes( &got_attributes ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); mbedtls_psa_crypto_free( ); @@ -4689,6 +4712,7 @@ void generate_key( int type_arg, goto exit; exit: + psa_reset_key_attributes( &got_attributes ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4813,6 +4837,7 @@ void persistent_key_load_key_from_storage( data_t *data, goto exit; exit: + psa_reset_key_attributes( &attributes ); mbedtls_free( first_export ); mbedtls_free( second_export ); psa_generator_abort( &generator ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index e00cc234b..a2f4f779b 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -205,6 +205,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); exit: + psa_reset_key_attributes( &attributes ); psa_destroy_persistent_key( key_id ); mbedtls_psa_crypto_free(); } @@ -273,6 +274,7 @@ void import_export_persistent_key( data_t *data, int type_arg, TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); exit: + psa_reset_key_attributes( &attributes ); mbedtls_free( exported ); mbedtls_psa_crypto_free( ); psa_destroy_persistent_key( key_id ); From 92da0bd86237adf8ce3ddf966abdd668f039806e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Apr 2019 11:59:31 +0100 Subject: [PATCH 1202/2197] Makefile: Use generated source files from parent When building as a submodule of a parent project, like Mbed TLS, use the parent projects generated source files (error.c, version.c, version_features.c) --- library/Makefile | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/library/Makefile b/library/Makefile index a2912507d..3058a31c9 100644 --- a/library/Makefile +++ b/library/Makefile @@ -73,7 +73,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ dhm.o ecdh.o ecdsa.o \ ecjpake.o ecp.o \ ecp_curves.o entropy.o entropy_poll.o \ - error.o gcm.o havege.o \ + gcm.o havege.o \ hkdf.o \ hmac_drbg.o md.o md2.o \ md4.o md5.o md_wrap.o \ @@ -88,8 +88,22 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ psa_its_file.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ - threading.o timing.o version.o \ - version_features.o xtea.o + threading.o timing.o \ + xtea.o + +# For files generated by the parent project (Mbed TLS) when building Mbed +# Crypto as a submodule, ensure that the parent project instance is used. +ifeq ($(USE_CRYPTO_SUBMODULE), 1) +OBJS_CRYPTO += ../../library/error.o +OBJS_CRYPTO += ../../library/version.o +OBJS_CRYPTO += ../../library/version_features.o +else +OBJS_CRYPTO += error.o +OBJS_CRYPTO += version.o +OBJS_CRYPTO += version_features.o +endif + +$(info $(OBJS_CRYPTO)) OBJS_X509= certs.o pkcs11.o x509.o \ x509_create.o x509_crl.o x509_crt.o \ From 18d47899471bc023ee4ace185c7d9a17aaa67519 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 26 Apr 2019 12:53:02 +0100 Subject: [PATCH 1203/2197] CMake: Use generated source files from parent When building as a submodule of a parent project, like Mbed TLS, use the parent projects generated source files (error.c, version.c, version_features.c) --- library/CMakeLists.txt | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 903921677..072e74aff 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -29,7 +29,6 @@ set(src_crypto ecp_curves.c entropy.c entropy_poll.c - error.c gcm.c havege.c hkdf.c @@ -65,11 +64,27 @@ set(src_crypto sha512.c threading.c timing.c - version.c - version_features.c xtea.c ) +# For files generated by the parent project (Mbed TLS) when building Mbed +# Crypto as a submodule, ensure that the parent project instance is used. +if(USE_CRYPTO_SUBMODULE) +set(src_crypto + ${src_crypto} + ${CMAKE_SOURCE_DIR}/library/version.c + ${CMAKE_SOURCE_DIR}/library/version_features.c + ${CMAKE_SOURCE_DIR}/library/error.c +) +else() +set(src_crypto + ${src_crypto} + version.c + version_features.c + error.c +) +endif() + set(src_x509 certs.c pkcs11.c From b699f07af0c5b426cf80a7f7a6df753c2b5295ed Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 26 Apr 2019 16:06:02 +0200 Subject: [PATCH 1204/2197] Switch psa_{get,set}_domain_parameters to attributes Change psa_get_domain_parameters() and psa_set_domain_parameters() to access a psa_key_attributes_t structure rather than a key handle. In psa_get_key_attributes(), treat the RSA public exponent as a domain parameter and read it out. This is in preparation for removing the `extra` parameter of psa_generate_key() and setting the RSA public exponent for key generation via domain parameters. In this commit, the default public exponent 65537 is not treated specially, which allows us to verify that test code that should be calling psa_reset_key_attributes() after retrieving the attributes of an RSA key is doing so properly (if it wasn't, there would be a memory leak), even if the test data happens to use an RSA key with the default public exponent. --- include/psa/crypto.h | 179 ++++++++++++++++-------------------- include/psa/crypto_struct.h | 18 +++- library/psa_crypto.c | 98 +++++++++++++++++++- 3 files changed, 192 insertions(+), 103 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2c3288ef8..1045cd4c7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -332,6 +332,85 @@ static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); */ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); +/** + * \brief Set domain parameters for a key. + * + * Some key types require additional domain parameters in addition to + * the key type identifier and the key size. + * The format for the required domain parameters varies by the key type. + * + * - For RSA keys, you can use this function to choose a non-default + * public exponent when generating a key. The public exponent is + * represented as a big-endian integer with no leading zeros. + * When importing a key, the public exponent is read from the imported + * key data and the exponent recorded in the attribute structure is ignored. + * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), + * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. + * ``` + * Dss-Parms ::= SEQUENCE { + * p INTEGER, + * q INTEGER, + * g INTEGER + * } + * ``` + * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY), the + * `DomainParameters` format as defined by RFC 3279 §2.3.3. + * ``` + * DomainParameters ::= SEQUENCE { + * p INTEGER, -- odd prime, p=jq +1 + * g INTEGER, -- generator, g + * q INTEGER, -- factor of p-1 + * j INTEGER OPTIONAL, -- subgroup factor + * validationParms ValidationParms OPTIONAL + * } + * ValidationParms ::= SEQUENCE { + * seed BIT STRING, + * pgenCounter INTEGER + * } + * ``` + * + * \param[in,out] attributes Attribute structure where the specified domain + * parameters will be stored. + * If this function fails, the content of + * \p attributes is not modified. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] data Buffer containing the key domain parameters. + * The content of this buffer is interpreted + * according to \p type as described above. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + +/** + * \brief Get domain parameters for a key. + * + * Get the domain parameters for a key with this function, if any. The format + * of the domain parameters written to \p data is specified in the + * documentation for psa_set_key_domain_parameters(). + * + * \param[in] attributes The key attribute structure to query. + * \param[out] data On success, the key domain parameters. + * \param data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes + * that make up the key domain parameters data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + */ +psa_status_t psa_get_key_domain_parameters( + const psa_key_attributes_t *attributes, + uint8_t *data, + size_t data_size, + size_t *data_length); + /** Retrieve the attributes of a key. * * This function first resets the attribute structure as with @@ -542,106 +621,6 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, */ psa_status_t psa_destroy_key(psa_key_handle_t handle); -/** - * \brief Set domain parameters for a key. - * - * Some key types require additional domain parameters to be set before import - * or generation of the key. The domain parameters can be set with this - * function or, for key generation, through the \c extra parameter of - * psa_generate_key(). - * - * The format for the required domain parameters varies by the key type. - * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), - * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. - * ``` - * Dss-Parms ::= SEQUENCE { - * p INTEGER, - * q INTEGER, - * g INTEGER - * } - * ``` - * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY), the - * `DomainParameters` format as defined by RFC 3279 §2.3.3. - * ``` - * DomainParameters ::= SEQUENCE { - * p INTEGER, -- odd prime, p=jq +1 - * g INTEGER, -- generator, g - * q INTEGER, -- factor of p-1 - * j INTEGER OPTIONAL, -- subgroup factor - * validationParms ValidationParms OPTIONAL - * } - * ValidationParms ::= SEQUENCE { - * seed BIT STRING, - * pgenCounter INTEGER - * } - * ``` - * - * \param handle Handle to the slot where the key will be stored. - * This must be a valid slot for a key of the chosen - * type: it must have been obtained by calling - * psa_allocate_key() or psa_create_key() with the - * correct \p type and with a maximum size that is - * compatible with \p data. It must not contain - * key material yet. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). When - * subsequently creating key material into \p handle, - * the type must be compatible. - * \param[in] data Buffer containing the key domain parameters. The content - * of this buffer is interpreted according to \p type. of - * psa_export_key() or psa_export_public_key() for the - * chosen type. - * \param data_length Size of the \p data buffer in bytes. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_OCCUPIED_SLOT - * There is already a key in the specified slot. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_set_key_domain_parameters(psa_key_handle_t handle, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); - -/** - * \brief Get domain parameters for a key. - * - * Get the domain parameters for a key with this function, if any. The format - * of the domain parameters written to \p data is specified in the - * documentation for psa_set_key_domain_parameters(). - * - * \param handle Handle to the key to get domain parameters from. - * \param[out] data On success, the key domain parameters. - * \param data_size Size of the \p data buffer in bytes. - * \param[out] data_length On success, the number of bytes - * that make up the key domain parameters data. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT - * There is no key in the specified slot. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle, - uint8_t *data, - size_t data_size, - size_t *data_length); - /** * \brief Export a key in binary format. * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f89073b16..f6bec2cf5 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -268,9 +268,11 @@ struct psa_key_attributes_s psa_key_policy_t policy; psa_key_type_t type; size_t bits; + void *domain_parameters; + size_t domain_parameters_size; }; -#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0} +#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0, NULL, 0} static inline struct psa_key_attributes_s psa_key_attributes_init( void ) { const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; @@ -324,7 +326,19 @@ static inline psa_algorithm_t psa_get_key_algorithm( static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) { - attributes->type = type; + if( attributes->domain_parameters == NULL ) + { + /* Common case: quick path */ + attributes->type = type; + } + else + { + /* Call the bigger function to free the old domain paramteres. + * Ignore any errors which may arise due to type requiring + * non-default domain parameters, since this function can't + * report errors. */ + (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); + } } static inline psa_key_type_t psa_get_key_type( diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c1e3a3f1b..fba193647 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -983,9 +983,89 @@ static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) void psa_reset_key_attributes( psa_key_attributes_t *attributes ) { + mbedtls_free( attributes->domain_parameters ); memset( attributes, 0, sizeof( *attributes ) ); } +psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length ) +{ + uint8_t *copy = NULL; + + if( data_length != 0 ) + { + copy = mbedtls_calloc( 1, data_length ); + if( copy == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + memcpy( copy, data, data_length ); + } + /* After this point, this function is guaranteed to succeed, so it + * can start modifying `*attributes`. */ + + if( attributes->domain_parameters != NULL ) + { + mbedtls_free( attributes->domain_parameters ); + attributes->domain_parameters = NULL; + attributes->domain_parameters_size = 0; + } + + attributes->domain_parameters = copy; + attributes->domain_parameters_size = data_length; + attributes->type = type; + return( PSA_SUCCESS ); +} + +psa_status_t psa_get_key_domain_parameters( + const psa_key_attributes_t *attributes, + uint8_t *data, size_t data_size, size_t *data_length ) +{ + if( attributes->domain_parameters_size > data_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + *data_length = attributes->domain_parameters_size; + if( attributes->domain_parameters_size != 0 ) + memcpy( data, attributes->domain_parameters, + attributes->domain_parameters_size ); + return( PSA_SUCCESS ); +} + +#if defined(MBEDTLS_RSA_C) +static psa_status_t psa_get_rsa_public_exponent( + const mbedtls_rsa_context *rsa, + psa_key_attributes_t *attributes ) +{ + mbedtls_mpi mpi; + int ret; + uint8_t *buffer = NULL; + size_t buflen; + mbedtls_mpi_init( &mpi ); + + ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &mpi ); + if( ret != 0 ) + goto exit; + + buflen = mbedtls_mpi_size( &mpi ); + buffer = mbedtls_calloc( 1, buflen ); + if( buffer == NULL ) + { + ret = MBEDTLS_ERR_MPI_ALLOC_FAILED; + goto exit; + } + ret = mbedtls_mpi_write_binary( &mpi, buffer, buflen ); + if( ret != 0 ) + goto exit; + attributes->domain_parameters = buffer; + attributes->domain_parameters_size = buflen; + +exit: + mbedtls_mpi_free( &mpi ); + if( ret != 0 ) + mbedtls_free( buffer ); + return( mbedtls_to_psa_error( ret ) ); +} +#endif /* MBEDTLS_RSA_C */ + psa_status_t psa_get_key_attributes( psa_key_handle_t handle, psa_key_attributes_t *attributes ) { @@ -1003,7 +1083,23 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, attributes->policy = slot->policy; attributes->type = slot->type; attributes->bits = psa_get_key_slot_bits( slot ); - return( PSA_SUCCESS ); + + switch( slot->type ) + { +#if defined(MBEDTLS_RSA_C) + case PSA_KEY_TYPE_RSA_KEYPAIR: + case PSA_KEY_TYPE_RSA_PUBLIC_KEY: + status = psa_get_rsa_public_exponent( slot->data.rsa, attributes ); + break; +#endif + default: + /* Nothing else to do. */ + break; + } + + if( status != PSA_SUCCESS ) + psa_reset_key_attributes( attributes ); + return( status ); } psa_status_t psa_get_key_information( psa_key_handle_t handle, From 772c8b16b45847baeecc25262a92347eac48e770 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 26 Apr 2019 17:37:21 +0200 Subject: [PATCH 1205/2197] psa_get_domain_parameters: for RSA, if e=65537, output an empty string --- library/psa_crypto.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fba193647..dba244a40 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1044,6 +1044,12 @@ static psa_status_t psa_get_rsa_public_exponent( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &mpi ); if( ret != 0 ) goto exit; + if( mbedtls_mpi_cmp_int( &mpi, 65537 ) == 0 ) + { + /* It's the default value, which is reported as an empty string, + * so there's nothing to do. */ + goto exit; + } buflen = mbedtls_mpi_size( &mpi ); buffer = mbedtls_calloc( 1, buflen ); From e56e878207c339c60f17e2ef0fef835a50a8efb6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 26 Apr 2019 17:34:02 +0200 Subject: [PATCH 1206/2197] Remove `extra` parameter from psa_generate_key Read extra data from the domain parameters in the attribute structure instead of taking an argument on the function call. Implement this for RSA key generation, where the public exponent can be set as a domain parameter. Add tests that generate RSA keys with various public exponents. --- docs/getting_started.md | 2 +- include/psa/crypto.h | 78 +++++--------- library/psa_crypto.c | 75 ++++++++----- programs/psa/crypto_examples.c | 6 +- programs/psa/key_ladder_demo.c | 2 +- tests/suites/test_suite_psa_crypto.data | 18 ++++ tests/suites/test_suite_psa_crypto.function | 112 ++++++++++++++++++-- 7 files changed, 205 insertions(+), 88 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 3008a19ce..84ed891ac 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -510,7 +510,7 @@ Generate a piece of random 128-bit AES data: psa_set_key_policy(slot, &policy); /* Generate a key */ - psa_generate_key(slot, PSA_KEY_TYPE_AES, bits, NULL, 0); + psa_generate_key(slot, PSA_KEY_TYPE_AES, bits); psa_export_key(slot, exported, exported_size, &exported_length) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1045cd4c7..9ec3b9074 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -339,12 +339,15 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * the key type identifier and the key size. * The format for the required domain parameters varies by the key type. * - * - For RSA keys, you can use this function to choose a non-default - * public exponent when generating a key. The public exponent is + * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEYPAIR), + * the domain parameter data consists of the public exponent, * represented as a big-endian integer with no leading zeros. + * This information is used when generating an RSA key pair. * When importing a key, the public exponent is read from the imported * key data and the exponent recorded in the attribute structure is ignored. - * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), + * As an exception, the public exponent 65537 is represented by an empty + * byte string. + * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEYPAIR), * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. * ``` * Dss-Parms ::= SEQUENCE { @@ -353,7 +356,8 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * g INTEGER * } * ``` - * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY), the + * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY or + * #PSA_KEY_TYPE_DH_KEYPAIR), the * `DomainParameters` format as defined by RFC 3279 §2.3.3. * ``` * DomainParameters ::= SEQUENCE { @@ -3354,57 +3358,29 @@ psa_status_t psa_key_agreement_raw_shared_secret(psa_algorithm_t alg, psa_status_t psa_generate_random(uint8_t *output, size_t output_size); -/** Extra parameters for RSA key generation. - * - * You may pass a pointer to a structure of this type as the \c extra - * parameter to psa_generate_key(). - */ -typedef struct { - uint32_t e; /**< Public exponent value. Default: 65537. */ -} psa_generate_key_extra_rsa; - /** * \brief Generate a key or key pair. * + * The key is generated randomly. + * Its location, policy, type and size are taken from \p attributes. + * + * If the type requires additional domain parameters, these are taken + * from \p attributes as well. The following types use domain parameters: + * - When generating an RSA key (#PSA_KEY_TYPE_RSA_KEYPAIR), + * the default public exponent is 65537. This value is used if + * \p attributes was set with psa_set_key_type() or by passing an empty + * byte string as domain parameters to psa_set_key_domain_parameters(). + * If psa_set_key_domain_parameters() was used to set a non-empty + * domain parameter string in \p attributes, this string is read as + * a big-endian integer which is used as the public exponent. + * - When generating a DSA key (#PSA_KEY_TYPE_DSA_KEYPAIR) or a + * Diffie-Hellman key (#PSA_KEY_TYPE_DH_KEYPAIR), the domain parameters + * from \p attributes are interpreted as described for + * psa_set_key_domain_parameters(). + * * \param[in] attributes The attributes for the new key. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. - * \param[in] extra Extra parameters for key generation. The - * interpretation of this parameter depends on - * the key type \c type. All types support \c NULL to - * use default parameters. Implementation that support - * the generation of vendor-specific key types - * that allow extra parameters shall document - * the format of these extra parameters and - * the default values. For standard parameters, - * the meaning of \p extra is as follows: - * - For a symmetric key type (a type such - * that #PSA_KEY_TYPE_IS_ASYMMETRIC(\c type) is - * false), \p extra must be \c NULL. - * - For an elliptic curve key type (a type - * such that #PSA_KEY_TYPE_IS_ECC(\c type) is - * false), \p extra must be \c NULL. - * - For an RSA key (\c type is - * #PSA_KEY_TYPE_RSA_KEYPAIR), \p extra is an - * optional #psa_generate_key_extra_rsa structure - * specifying the public exponent. The - * default public exponent used when \p extra - * is \c NULL is 65537. - * - For an DSA key (\c type is - * #PSA_KEY_TYPE_DSA_KEYPAIR), \p extra is an - * optional structure specifying the key domain - * parameters. The key domain parameters can also be - * provided by psa_set_key_domain_parameters(), - * which documents the format of the structure. - * - For a DH key (\c type is - * #PSA_KEY_TYPE_DH_KEYPAIR), the \p extra is an - * optional structure specifying the key domain - * parameters. The key domain parameters can also be - * provided by psa_set_key_domain_parameters(), - * which documents the format of the structure. - * \param extra_size Size of the buffer that \p extra - * points to, in bytes. Note that if \p extra is - * \c NULL then \p extra_size must be zero. * * \retval #PSA_SUCCESS * Success. @@ -3426,9 +3402,7 @@ typedef struct { * results in this error code. */ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, - const void *extra, - size_t extra_size); + psa_key_handle_t *handle); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dba244a40..abef43a17 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5098,14 +5098,41 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ -static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, - size_t bits, - const void *extra, - size_t extra_size ) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) +static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, + size_t domain_parameters_size, + int *exponent ) +{ + size_t i; + uint32_t acc = 0; + + if( domain_parameters_size == 0 ) + { + *exponent = 65537; + return( PSA_SUCCESS ); + } + + /* Mbed TLS encodes the public exponent as an int. For simplicity, only + * support values that fit in a 32-bit integer, which is larger than + * int on just about every platform anyway. */ + if( domain_parameters_size > sizeof( acc ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + for( i = 0; i < domain_parameters_size; i++ ) + acc = ( acc << 8 ) | domain_parameters[i]; + if( acc > INT_MAX ) + return( PSA_ERROR_NOT_SUPPORTED ); + *exponent = acc; + return( PSA_SUCCESS ); +} +#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ + +static psa_status_t psa_generate_key_internal( + psa_key_slot_t *slot, size_t bits, + const uint8_t *domain_parameters, size_t domain_parameters_size ) { psa_key_type_t type = slot->type; - if( extra == NULL && extra_size != 0 ) + if( domain_parameters == NULL && domain_parameters_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); if( key_type_is_raw_bytes( type ) ) @@ -5134,26 +5161,19 @@ static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, { mbedtls_rsa_context *rsa; int ret; - int exponent = 65537; + int exponent; + psa_status_t status; if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); /* Accept only byte-aligned keys, for the same reasons as * in psa_import_rsa_key(). */ if( bits % 8 != 0 ) return( PSA_ERROR_NOT_SUPPORTED ); - if( extra != NULL ) - { - const psa_generate_key_extra_rsa *p = extra; - if( extra_size != sizeof( *p ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); -#if INT_MAX < 0xffffffff - /* Check that the uint32_t value passed by the caller fits - * in the range supported by this implementation. */ - if( p->e > INT_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); -#endif - exponent = p->e; - } + status = psa_read_rsa_exponent( domain_parameters, + domain_parameters_size, + &exponent ); + if( status != PSA_SUCCESS ) + return( status ); rsa = mbedtls_calloc( 1, sizeof( *rsa ) ); if( rsa == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); @@ -5183,7 +5203,7 @@ static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, mbedtls_ecp_curve_info_from_grp_id( grp_id ); mbedtls_ecp_keypair *ecp; int ret; - if( extra != NULL ) + if( domain_parameters_size != 0 ) return( PSA_ERROR_NOT_SUPPORTED ); if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -5221,6 +5241,12 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, psa_key_slot_t *slot; psa_status_t status; +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) + /* The old public exponent encoding is no longer supported. */ + if( extra_size != 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); +#endif + status = psa_get_empty_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -5241,17 +5267,16 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, } psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, - const void *extra, - size_t extra_size ) + psa_key_handle_t *handle ) { psa_status_t status; psa_key_slot_t *slot = NULL; status = psa_start_key_creation( attributes, handle, &slot ); if( status == PSA_SUCCESS ) { - status = psa_generate_key_internal( slot, attributes->bits, - extra, extra_size ); + status = psa_generate_key_internal( + slot, attributes->bits, + attributes->domain_parameters, attributes->domain_parameters_size ); } if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot ); diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 72fa12fcb..1a81f45f8 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -164,7 +164,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle, NULL, 0 ); + status = psa_generate_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -215,7 +215,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle, NULL, 0 ); + status = psa_generate_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -262,7 +262,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle, NULL, 0 ); + status = psa_generate_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index c1e296fd8..6d4c707ac 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name ) psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); - PSA_CHECK( psa_generate_key( &attributes, &key_handle, NULL, 0 ) ); + PSA_CHECK( psa_generate_key( &attributes, &key_handle ) ); PSA_CHECK( save_key( key_handle, key_file_name ) ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c91094cff..e29cbf7e3 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2036,6 +2036,24 @@ PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT +PSA generate key: RSA, default e +generate_key_rsa:512:"":PSA_SUCCESS + +PSA generate key: RSA, e=3 +generate_key_rsa:512:"03":PSA_SUCCESS + +PSA generate key: RSA, e=65537 +generate_key_rsa:512:"010001":PSA_SUCCESS + +PSA generate key: RSA, e=513 +generate_key_rsa:512:"0201":PSA_SUCCESS + +PSA generate key: RSA, e=1 +generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT + +PSA generate key: RSA, e=2 +generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT + PSA import persistent key: raw data, 0 bits depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8bf67e63e..9e9378ae8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4684,8 +4684,6 @@ void generate_key( int type_arg, size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - psa_status_t expected_info_status = - expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4697,9 +4695,8 @@ void generate_key( int type_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &handle, NULL, 0 ), - expected_status ); - if( expected_info_status != PSA_SUCCESS ) + TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); + if( expected_status != PSA_SUCCESS ) goto exit; /* Test the key information */ @@ -4718,6 +4715,109 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 */ +void generate_key_rsa( int bits_arg, + data_t *e_arg, + int expected_status_arg ) +{ + psa_key_handle_t handle = 0; + psa_key_type_t type = PSA_KEY_TYPE_RSA_KEYPAIR; + size_t bits = bits_arg; + psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; + psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW; + psa_status_t expected_status = expected_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t *exported = NULL; + size_t exported_size = + PSA_KEY_EXPORT_MAX_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits ); + size_t exported_length = SIZE_MAX; + uint8_t *e_read_buffer = NULL; + int is_default_public_exponent = 0; + size_t e_read_size = e_arg->len; + size_t e_read_length = SIZE_MAX; + + if( e_arg->len == 0 || + ( e_arg->len == 3 && + e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1 ) ) + { + is_default_public_exponent = 1; + e_read_size = 0; + } + ASSERT_ALLOC( e_read_buffer, e_read_size ); + ASSERT_ALLOC( exported, exported_size ); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + PSA_ASSERT( psa_set_key_domain_parameters( &attributes, type, + e_arg->x, e_arg->len ) ); + psa_set_key_bits( &attributes, bits ); + + /* Generate a key */ + TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); + if( expected_status != PSA_SUCCESS ) + goto exit; + + /* Test the key information */ + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); + PSA_ASSERT( psa_get_key_domain_parameters( &attributes, + e_read_buffer, e_read_size, + &e_read_length ) ); + if( is_default_public_exponent ) + TEST_EQUAL( e_read_length, 0 ); + else + ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len ); + + /* Do something with the key according to its type and permitted usage. */ + if( ! exercise_key( handle, usage, alg ) ) + goto exit; + + /* Export the key and check the public exponent. */ + PSA_ASSERT( psa_export_public_key( handle, + exported, exported_size, + &exported_length ) ); + { + uint8_t *p = exported; + uint8_t *end = exported + exported_length; + size_t len; + /* RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + */ + TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ) ); + TEST_ASSERT( asn1_skip_integer( &p, end, bits, bits, 1 ) ); + TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_INTEGER ) ); + if( len >= 1 && p[0] == 0 ) + { + ++p; + --len; + } + if( e_arg->len == 0 ) + { + TEST_EQUAL( len, 3 ); + TEST_EQUAL( p[0], 1 ); + TEST_EQUAL( p[1], 0 ); + TEST_EQUAL( p[2], 1 ); + } + else + ASSERT_COMPARE( p, len, e_arg->x, e_arg->len ); + } + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( handle ); + mbedtls_psa_crypto_free( ); + mbedtls_free( e_read_buffer ); + mbedtls_free( exported ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_key_load_key_from_storage( data_t *data, int type_arg, int bits_arg, @@ -4763,7 +4863,7 @@ void persistent_key_load_key_from_storage( data_t *data, case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( &attributes, &handle, NULL, 0 ) ); + PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); break; case DERIVE_KEY: From 06af0cd4a3e40a279a4400c07092a41a0f4d2fad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Apr 2019 11:32:30 +0200 Subject: [PATCH 1207/2197] Always require reset after psa_get_key_attributes There was a guarantee that psa_get_key_attributes() does not require a subsequent psa_reset_key_attributes() to free resources as long as the key was created with attributes having this property. This requirement was hard to pin down because if a key is created with default parameters, there are cases where it is difficult to ensure that the domain parameters will be reported without allocating memory. So remove this guarantee. Now the only case psa_reset_key_attributes() is not required is if the attribute structure has only been modified with certain specific setters. --- include/psa/crypto.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9ec3b9074..705f2ca37 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -151,13 +151,12 @@ psa_status_t psa_crypto_init(void); * - psa_set_key_usage_flags() * - psa_set_key_algorithm() * - psa_reset_key_attributes() - * - psa_get_key_attributes() on a key which has been created with - * attribute structure that itself did not contain auxiliary resources * * If the attribute structure has been modified with other functions, * you must free auxiliary resources by calling psa_reset_key_attributes(). * The following functions may create auxiliary resouces: * - psa_set_key_domain_parameters() + * - psa_get_key_attributes() */ typedef struct psa_key_attributes_s psa_key_attributes_t; From 9c640f91d4dbb0bc9e8e267e0ad95f0cff00c75f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Apr 2019 11:36:21 +0200 Subject: [PATCH 1208/2197] Improve documentation of key attributes --- include/psa/crypto.h | 95 +++++++++++++++++++++++++++++++------------- 1 file changed, 68 insertions(+), 27 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 705f2ca37..6356c5858 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -100,13 +100,44 @@ psa_status_t psa_crypto_init(void); /** The type of a structure containing key attributes. * * This is an opaque structure that can represent the metadata of a key - * object, including the key type and size, domain parameters, usage policies, - * location in storage, and any other similar information. + * object. Metadata that can be stored in attributes includes: + * - The location of the key in storage, indicated by its key identifier + * and its lifetime. + * - The key's policy, comprising usage flags and a specification of + * the permitted algorithm(s). + * - Information about the key itself: the key type, the key size, and + * for some key type additional domain parameters. + * - Implementations may define additional attributes. * * The actual key material is not considered an attribute of a key. * Key attributes do not contain information that is generally considered * highly confidential. * + * An attribute structure can be a simple data structure where each function + * `psa_set_key_xxx` sets a field and the corresponding function + * `psa_get_key_xxx` retrieves the value of the corresponding field. + * However, implementations may report values that are equivalent to the + * original one, but have a different encoding. For example, an + * implementation may use a more compact representation for types where + * many bit-patterns are invalid or not supported, and store all values + * that it does not support as a special marker value. In such an + * implementation, after setting an invalid value, the corresponding + * get function returns an invalid value which may not be the one that + * was originally stored. + * + * An attribute structure may contain references to auxiliary resources, + * for example pointers to allocated memory or indirect references to + * pre-calculated values. In order to free such resources, the application + * must call psa_reset_key_attributes(). As an exception, calling + * psa_reset_key_attributes() on an attribute structure is optional if + * the structure has only been modified by the following functions + * since it was initialized or last reset with psa_reset_key_attributes(): + * - psa_make_key_persistent() + * - psa_set_key_type() + * - psa_set_key_bits() + * - psa_set_key_usage_flags() + * - psa_set_key_algorithm() + * * Before calling any function on a key attribute structure, the application * must initialize it by any of the following means: * - Set the structure to all-bits-zero, for example: @@ -140,23 +171,33 @@ psa_status_t psa_crypto_init(void); * - usage flags: \c 0. * - algorithm: \c 0. * - * A freshly initialized attribute structure does not own any auxiliary - * resources such as pointers to allocated memory, and therefore can be - * freed simply by freeing the memory allocated for the structure itself. - * This property still holds if the structure has only been modified - * by the following functions: - * - psa_make_key_persistent() - * - psa_set_key_type() - * - psa_set_key_bits() - * - psa_set_key_usage_flags() - * - psa_set_key_algorithm() - * - psa_reset_key_attributes() + * A typical sequence to create a key is as follows: + * -# Create and initialize an attribute structure. + * -# If the key is persistent, call psa_make_key_persistent(). + * -# Set the key policy with psa_set_key_usage_flags() and + * psa_set_key_algorithm(). + * -# Set the key type with psa_set_key_type(). If the key type requires + * domain parameters, call psa_set_key_domain_parameters() instead. + * Skip this step if copying an existing key with psa_copy_key(). + * -# When generating a random key with psa_generate_key() or deriving a key + * with psa_generator_import_key(), set the desired key size with + * psa_set_key_bits(). + * -# Call a key creation function: psa_import_key(), psa_generate_key(), + * psa_generator_import_key() or psa_copy_key(). + * -# The attribute structure is no longer necessary. If you called + * psa_set_key_domain_parameters() earlier, you must call + * psa_reset_key_attributes() to free any resources used by the + * domain parameters. Otherwise calling psa_reset_key_attributes() + * is optional. * - * If the attribute structure has been modified with other functions, - * you must free auxiliary resources by calling psa_reset_key_attributes(). - * The following functions may create auxiliary resouces: - * - psa_set_key_domain_parameters() - * - psa_get_key_attributes() + * A typical sequence to query a key's attributes is as follows: + * -# Call psa_get_key_attributes(). + * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that + * you are interested in. + * -# Call psa_reset_key_attributes() to free any resources that may be + * used by the attribute structure. + * + * Once a key has been created, it is impossible to change its attributes. */ typedef struct psa_key_attributes_s psa_key_attributes_t; @@ -372,6 +413,10 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * } * ``` * + * \note This function may allocate memory or other resources. + * Once you have called this function on an attribute structure, + * you must call psa_reset_key_attributes() to free these resources. + * * \param[in,out] attributes Attribute structure where the specified domain * parameters will be stored. * If this function fails, the content of @@ -417,16 +462,12 @@ psa_status_t psa_get_key_domain_parameters( /** Retrieve the attributes of a key. * * This function first resets the attribute structure as with - * psa_reset_key_attributes(). It then populates the attribute - * structure with the attributes of the given key. + * psa_reset_key_attributes(). It then copies the attributes of + * the given key into the given attribute structure. * - * The attributes that were set when creating the key are reported in a - * semantically equivalent manner, not necessarily with the same - * numerical value or the same bit pattern. In this specification, - * all key types, usage flags, algorithms and lifetime values are - * equivalent only if they have the same numerical encoding, but this - * property may not hold in future versions of this specification or - * for implementation-specific values. + * \note This function may allocate memory or other resources. + * Once you have called this function on an attribute structure, + * you must call psa_reset_key_attributes() to free these resources. * * \param[in] handle Handle to the key to query. * \param[in,out] attributes On success, the attributes of the key. From 9bc88c6e2c6ccb3c277f89aa4fb1fdd90b774027 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Apr 2019 11:37:03 +0200 Subject: [PATCH 1209/2197] Document the key creation flow (start, variable, finish, and fail) --- library/psa_crypto.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index abef43a17..6e01997a4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1361,9 +1361,22 @@ static psa_status_t psa_set_key_policy_internal( * * If this function fails, call psa_fail_key_creation(). * + * This function is intended to be used as follows: + * -# Call psa_start_key_creation() to allocate a key slot, prepare + * it with the specified attributes, and assign it a handle. + * -# Populate the slot with the key material. + * -# Call psa_finish_key_creation() to finalize the creation of the slot. + * In case of failure at any step, stop the sequence and call + * psa_fail_key_creation(). + * * \param attributes Key attributes for the new key. - * \param handle On success, the allocated handle. + * \param handle On success, a handle for the allocated slot. * \param p_slot On success, a pointer to the prepared slot. + * + * \retval #PSA_SUCCESS + * The key slot is ready to receive key material. + * \return If this function fails, the key slot is an invalid state. + * You must call psa_fail_key_creation() to wipe and free the slot. */ static psa_status_t psa_start_key_creation( const psa_key_attributes_t *attributes, @@ -1403,8 +1416,15 @@ static psa_status_t psa_start_key_creation( * This entails writing the key to persistent storage. * * If this function fails, call psa_fail_key_creation(). + * See the documentation of psa_start_key_creation() for the intended use + * of this function. * * \param slot Pointer to the slot with key material. + * + * \retval #PSA_SUCCESS + * The key was successfully created. The handle is now valid. + * \return If this function fails, the key slot is an invalid state. + * You must call psa_fail_key_creation() to wipe and free the slot. */ static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) { @@ -1448,6 +1468,8 @@ static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) * You may call this function after calling psa_start_key_creation(), * or after psa_finish_key_creation() fails. In other circumstances, this * function may not clean up persistent storage. + * See the documentation of psa_start_key_creation() for the intended use + * of this function. * * \param slot Pointer to the slot with key material. */ From aa02c17dfa1e73a826787c6cd41c7048bb9cbde0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Apr 2019 11:44:17 +0200 Subject: [PATCH 1210/2197] Add buffer size macro for psa_get_key_domain_parameters --- include/psa/crypto.h | 4 +++ include/psa/crypto_sizes.h | 32 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 2 +- 3 files changed, 37 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6356c5858..e8f9a18b3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -447,6 +447,10 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, * \param[in] attributes The key attribute structure to query. * \param[out] data On success, the key domain parameters. * \param data_size Size of the \p data buffer in bytes. + * The buffer is guaranteed to be large + * enough if its size in bytes is at least + * the value given by + * PSA_KEY_DOMAIN_PARAMETERS_SIZE(). * \param[out] data_length On success, the number of bytes * that make up the key domain parameters data. * diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 3c879e884..5f6282c40 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -598,4 +598,36 @@ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ 0) +/** Safe output buffer size for psa_get_key_domain_parameters(). + * + * This macro returns a compile-time constant if its arguments are + * compile-time constants. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param key_type A supported key type. + * \param key_bits The size of the key in bits. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_get_key_domain_parameters() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ + PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ + 0) +#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ + (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/) +#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ + (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/) + #endif /* PSA_CRYPTO_SIZES_H */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9e9378ae8..c19439696 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4733,7 +4733,7 @@ void generate_key_rsa( int bits_arg, size_t exported_length = SIZE_MAX; uint8_t *e_read_buffer = NULL; int is_default_public_exponent = 0; - size_t e_read_size = e_arg->len; + size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE( type, bits ); size_t e_read_length = SIZE_MAX; if( e_arg->len == 0 || From d29db1f8ab404ef359135ed383013c3390643567 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 29 Apr 2019 15:04:42 +0100 Subject: [PATCH 1211/2197] Makefile: Remove extra debug print Remove debug print added to print list of source files used in making libmbedcrypto. Fixes 92da0bd86237 ("Makefile: Use generated source files from parent"). --- library/Makefile | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/Makefile b/library/Makefile index 3058a31c9..2e685695e 100644 --- a/library/Makefile +++ b/library/Makefile @@ -103,8 +103,6 @@ OBJS_CRYPTO += version.o OBJS_CRYPTO += version_features.o endif -$(info $(OBJS_CRYPTO)) - OBJS_X509= certs.o pkcs11.o x509.o \ x509_create.o x509_crl.o x509_crt.o \ x509_csr.o x509write_crt.o x509write_csr.o From 182b0b9966506c8116b35f5a2e55307b7af313f7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 26 Apr 2019 14:28:19 +0100 Subject: [PATCH 1212/2197] Add test for ECP multiplication The tests we had for ECP point multiplication were tailored for test vectors symulating crypto operations and tested a series of operations against public test vectors. This commit adds a test function that exercises a single multiplication. This is much better suited for negative testing than the preexisting test. Only one new test case is added that exercises a fraction of an existing test, just to make sure that the test is consistent with the existing test functions. --- tests/suites/test_suite_ecp.data | 4 +++ tests/suites/test_suite_ecp.function | 50 ++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 86533665c..22f36fa3b 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -426,6 +426,10 @@ ECP test vectors Curve25519 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"47DC3D214174820E1154B49BC6CDB2ABD45EE95817055D255AA35831B70D3260":"6EB89DA91989AE37C7EAC7618D9E5C4951DBA1D73C285AE1CD26A855020EEF04":"61450CD98E36016B58776A897A9F0AEF738B99F09468B8D6B8511184D53494AB" +ECP point multiplication Curve25519 (normalized) #1 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"09":"00":"01":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":0 + ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07" diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 7eeea28ee..03c3e538b 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -674,6 +674,56 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void ecp_test_mul( int id, data_t * n_hex, + data_t * Px_hex, data_t * Py_hex, data_t * Pz_hex, + data_t * nPx_hex, data_t * nPy_hex, data_t * nPz_hex, + int expected_ret ) +{ + mbedtls_ecp_group grp; + mbedtls_ecp_point P, nP, R; + mbedtls_mpi n; + rnd_pseudo_info rnd_info; + + mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); + mbedtls_ecp_point_init( &P ); mbedtls_ecp_point_init( &nP ); + mbedtls_mpi_init( &n ); + memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) ); + + TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + + TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + + TEST_ASSERT( mbedtls_mpi_read_binary( &n, n_hex->x, n_hex->len ) == 0 ); + + TEST_ASSERT( mbedtls_mpi_read_binary( &P.X, Px_hex->x, Px_hex->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &P.Y, Py_hex->x, Py_hex->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &P.Z, Pz_hex->x, Pz_hex->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &nP.X, nPx_hex->x, nPx_hex->len ) + == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Y, nPy_hex->x, nPy_hex->len ) + == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Z, nPz_hex->x, nPz_hex->len ) + == 0 ); + + TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &n, &P, + &rnd_pseudo_rand, &rnd_info ) + == expected_ret ); + + if( expected_ret == 0 ) + { + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.X, &R.X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Y, &R.Y ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Z, &R.Z ) == 0 ); + } + +exit: + mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); + mbedtls_ecp_point_free( &P ); mbedtls_ecp_point_free( &nP ); + mbedtls_mpi_free( &n ); +} +/* END_CASE */ + /* BEGIN_CASE */ void ecp_fast_mod( int id, char * N_str ) { From 05a708f7e2d7a1a264b7b0e3210dbdf7e884b5da Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 26 Apr 2019 15:06:22 +0100 Subject: [PATCH 1213/2197] Add negative tests for Curve25519 If we provide low order element as a public key and the implementation maps the point in infinity to the origin, we can force the common secret to be zero. According to the standard (RFC 7748) this is allowed but in this case the primitive must not be used in a protocol that requires contributory behaviour. Mbed Crypto returns an error when the result is the point in the infinity and does not map it to the origin. This is safe even if used in protocols that require contributory behaviour. This commit adds test cases that verify that Mbed Crypto returns an error when low order public keys are processed. The low order elements in the test cases were taken from this website: https://cr.yp.to/ecdh.html --- tests/suites/test_suite_ecp.data | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 22f36fa3b..51f7e39e6 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -430,6 +430,22 @@ ECP point multiplication Curve25519 (normalized) #1 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"09":"00":"01":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":0 +ECP point multiplication Curve25519 (not normalized) #2 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"1B":"00":"03":"057E23EA9F1CBE8A27168F6E696A791DE61DD3AF7ACD4EEACC6E7BA514FDA863":"00":"01":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP point multiplication Curve25519 (element of order 2: origin) #3 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"00":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +ECP point multiplication Curve25519 (element of order 4: 1) #4 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"01":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +ECP point multiplication Curve25519 (element of order 8) #5 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_test_mul:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660":"B8495F16056286FDB1329CEB8D09DA6AC49FF1FAE35616AEB8413B7C7AEBE0":"00":"01":"00":"01":"00":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07" From 1ea5e44c9384dbc8009c42670bdf73b6771232eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 May 2019 20:31:10 +0200 Subject: [PATCH 1214/2197] Minor documentation improvement --- include/psa/crypto.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e8f9a18b3..fff144cab 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -183,8 +183,10 @@ psa_status_t psa_crypto_init(void); * with psa_generator_import_key(), set the desired key size with * psa_set_key_bits(). * -# Call a key creation function: psa_import_key(), psa_generate_key(), - * psa_generator_import_key() or psa_copy_key(). - * -# The attribute structure is no longer necessary. If you called + * psa_generator_import_key() or psa_copy_key(). This function reads + * the attribute structure, creates a key with these attributes, and + * outputs a handle to the newly created key. + * -# The attribute structure is now no longer necessary. If you called * psa_set_key_domain_parameters() earlier, you must call * psa_reset_key_attributes() to free any resources used by the * domain parameters. Otherwise calling psa_reset_key_attributes() From 5a5a79ae2a8a82e7ad9c345e51ce3b5ab3c19dab Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Fri, 3 May 2019 15:44:28 +0100 Subject: [PATCH 1215/2197] Rename psa_generate_key() and psa_generator_import_key() --- docs/getting_started.md | 8 ++++---- include/psa/crypto.h | 20 ++++++++++---------- include/psa/crypto_extra.h | 4 ++-- include/psa/crypto_se_driver.h | 2 +- library/psa_crypto.c | 18 +++++++++--------- library/ssl_cli.c | 2 +- programs/psa/crypto_examples.c | 6 +++--- programs/psa/key_ladder_demo.c | 6 +++--- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.function | 14 +++++++------- 10 files changed, 41 insertions(+), 41 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 84ed891ac..ec8cc08ce 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -335,7 +335,7 @@ Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF w 1. Set up the generator using the `psa_key_derivation` function providing a key slot containing a key that can be used for key derivation and a salt and label (Note: salt and label are optional). 1. Initiate a key policy to for the derived key by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR`. 1. Set the key policy to the derived key slot. -1. Import a key from generator into the desired key slot using (`psa_generator_import_key`). +1. Import a key from generator into the desired key slot using (`psa_generate_derived_key`). 1. Clean up generator. At this point the derived key slot holds a new 128-bit AES-CTR encryption key derived from the key, salt and label provided: @@ -378,7 +378,7 @@ At this point the derived key slot holds a new 128-bit AES-CTR encryption key de psa_set_key_policy(derived_key, &policy); - psa_generator_import_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator); + psa_generate_derived_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator); /* Clean up generator and key */ psa_generator_abort(&generator); @@ -494,7 +494,7 @@ Prerequisites to using key generation and export APIs: Generate a piece of random 128-bit AES data: 1. Set the key policy for key generation by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_EXPORT` parameter and the algorithm `PSA_ALG_GCM`. -1. Generate a random AES key by calling `psa_generate_key()`. +1. Generate a random AES key by calling `psa_generate_random_key()`. 1. Export the generated key by calling `psa_export_key()`: ```C int slot = 1; @@ -510,7 +510,7 @@ Generate a piece of random 128-bit AES data: psa_set_key_policy(slot, &policy); /* Generate a key */ - psa_generate_key(slot, PSA_KEY_TYPE_AES, bits); + psa_generate_random_key(slot, PSA_KEY_TYPE_AES, bits); psa_export_key(slot, exported, exported_size, &exported_length) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fff144cab..2e680b101 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -179,11 +179,11 @@ psa_status_t psa_crypto_init(void); * -# Set the key type with psa_set_key_type(). If the key type requires * domain parameters, call psa_set_key_domain_parameters() instead. * Skip this step if copying an existing key with psa_copy_key(). - * -# When generating a random key with psa_generate_key() or deriving a key - * with psa_generator_import_key(), set the desired key size with + * -# When generating a random key with psa_generate_random_key() or deriving a key + * with psa_generate_derived_key(), set the desired key size with * psa_set_key_bits(). - * -# Call a key creation function: psa_import_key(), psa_generate_key(), - * psa_generator_import_key() or psa_copy_key(). This function reads + * -# Call a key creation function: psa_import_key(), psa_generate_random_key(), + * psa_generate_derived_key() or psa_copy_key(). This function reads * the attribute structure, creates a key with these attributes, and * outputs a handle to the newly created key. * -# The attribute structure is now no longer necessary. If you called @@ -208,8 +208,8 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; * This function does not access storage, it merely fills the attribute * structure with given values. The persistent key will be written to * storage when the attribute structure is passed to a key creation - * function such as psa_import_key(), psa_generate_key(), - * psa_generator_import_key() or psa_copy_key(). + * function such as psa_import_key(), psa_generate_random_key(), + * psa_generate_derived_key() or psa_copy_key(). * * This function overwrites any identifier and lifetime values * previously set in \p attributes. @@ -3087,7 +3087,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes, +psa_status_t psa_generate_derived_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle, psa_crypto_generator_t *generator); @@ -3148,7 +3148,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * or after providing inputs. For some algorithms, this step is mandatory * because the output depends on the maximum capacity. * - Generate output with psa_generator_read() or - * psa_generator_import_key(). Successive calls to these functions + * psa_generate_derived_key(). Successive calls to these functions * use successive output bytes from the generator. * - Clean up the generator object with psa_generator_abort(). * @@ -3385,7 +3385,7 @@ psa_status_t psa_key_agreement_raw_shared_secret(psa_algorithm_t alg, * and MUST NOT use the content of the output buffer if the return * status is not #PSA_SUCCESS. * - * \note To generate a key, use psa_generate_key() instead. + * \note To generate a key, use psa_generate_random_key() instead. * * \param[out] output Output buffer for the generated data. * \param output_size Number of bytes to generate and output. @@ -3447,7 +3447,7 @@ psa_status_t psa_generate_random(uint8_t *output, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, +psa_status_t psa_generate_random_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle); /**@}*/ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f2cf05150..216039c85 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -430,12 +430,12 @@ psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, psa_key_handle_t target_handle, const psa_key_policy_t *constraint); -psa_status_t psa_generator_import_key_to_handle(psa_key_handle_t handle, +psa_status_t psa_generate_derived_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator); -psa_status_t psa_generate_key_to_handle(psa_key_handle_t handle, +psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 5fb7bc3ae..8c7ad6d00 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -783,7 +783,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter should match the * interpretation in the `extra` parameter is the - * `psa_generate_key` function + * `psa_generate_random_key` function * \param[in] extra_size The size in bytes of the \p extra buffer * \param[out] p_pubkey_out The buffer where the public key information will * be placed diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6e01997a4..9cf90ddaf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4313,7 +4313,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) } #endif /* MBEDTLS_DES_C */ -static psa_status_t psa_generator_import_key_internal( +static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, size_t bits, psa_crypto_generator_t *generator ) @@ -4344,7 +4344,7 @@ exit: return( status ); } -psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, +psa_status_t psa_generate_derived_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle, psa_crypto_generator_t *generator ) { @@ -4353,7 +4353,7 @@ psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, status = psa_start_key_creation( attributes, handle, &slot ); if( status == PSA_SUCCESS ) { - status = psa_generator_import_key_internal( slot, + status = psa_generate_derived_key_internal( slot, attributes->bits, generator ); } @@ -4367,7 +4367,7 @@ psa_status_t psa_generator_import_key( const psa_key_attributes_t *attributes, return( status ); } -psa_status_t psa_generator_import_key_to_handle( psa_key_handle_t handle, +psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, psa_crypto_generator_t *generator ) @@ -5148,7 +5148,7 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, } #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ -static psa_status_t psa_generate_key_internal( +static psa_status_t psa_generate_random_key_internal( psa_key_slot_t *slot, size_t bits, const uint8_t *domain_parameters, size_t domain_parameters_size ) { @@ -5254,7 +5254,7 @@ static psa_status_t psa_generate_key_internal( return( PSA_SUCCESS ); } -psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, +psa_status_t psa_generate_random_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, @@ -5274,7 +5274,7 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, return( status ); slot->type = type; - status = psa_generate_key_internal( slot, bits, extra, extra_size ); + status = psa_generate_random_key_internal( slot, bits, extra, extra_size ); if( status != PSA_SUCCESS ) slot->type = 0; @@ -5288,7 +5288,7 @@ psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, return( status ); } -psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, +psa_status_t psa_generate_random_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle ) { psa_status_t status; @@ -5296,7 +5296,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, status = psa_start_key_creation( attributes, handle, &slot ); if( status == PSA_SUCCESS ) { - status = psa_generate_key_internal( + status = psa_generate_random_key_internal( slot, attributes->bits, attributes->domain_parameters, attributes->domain_parameters_size ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 65bc64cb7..81c69dd5f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3148,7 +3148,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); /* Generate ECDH private key. */ - status = psa_generate_key_to_handle( handshake->ecdh_psa_privkey, + status = psa_generate_random_key_to_handle( handshake->ecdh_psa_privkey, PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ), MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), NULL, 0 ); diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 1a81f45f8..922a30125 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -164,7 +164,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle ); + status = psa_generate_random_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -215,7 +215,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle ); + status = psa_generate_random_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -262,7 +262,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_key( &attributes, &key_handle ); + status = psa_generate_random_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 6d4c707ac..523668e13 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name ) psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); - PSA_CHECK( psa_generate_key( &attributes, &key_handle ) ); + PSA_CHECK( psa_generate_random_key( &attributes, &key_handle ) ); PSA_CHECK( save_key( key_handle, key_file_name ) ); @@ -306,7 +306,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], *key_handle = 0; /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generator_import_key( &attributes, key_handle, + PSA_CHECK( psa_generate_derived_key( &attributes, key_handle, &generator ) ); PSA_CHECK( psa_generator_abort( &generator ) ); } @@ -343,7 +343,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_generator_import_key( &attributes, wrapping_key_handle, + PSA_CHECK( psa_generate_derived_key( &attributes, wrapping_key_handle, &generator ) ); exit: diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 7415b63a9..a23487b4c 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -97,7 +97,7 @@ psa_key_handle_t pk_psa_genkey( void ) return( PK_PSA_INVALID_SLOT ); /* generate key */ - if( PSA_SUCCESS != psa_generate_key_to_handle( key, type, bits, NULL, 0 ) ) + if( PSA_SUCCESS != psa_generate_random_key_to_handle( key, type, bits, NULL, 0 ) ) return( PK_PSA_INVALID_SLOT ); return( key ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c19439696..67c2c77f9 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4322,7 +4322,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_generator_import_key( &attributes, &derived_handle, + PSA_ASSERT( psa_generate_derived_key( &attributes, &derived_handle, &generator ) ); /* Test the key information */ @@ -4393,7 +4393,7 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, + PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &derived_handle, &generator ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, @@ -4401,7 +4401,7 @@ void derive_key_export( int alg_arg, TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_generator_import_key( &derived_attributes, &derived_handle, + PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &derived_handle, &generator ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, @@ -4695,7 +4695,7 @@ void generate_key( int type_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); + TEST_EQUAL( psa_generate_random_key( &attributes, &handle ), expected_status ); if( expected_status != PSA_SUCCESS ) goto exit; @@ -4755,7 +4755,7 @@ void generate_key_rsa( int bits_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); + TEST_EQUAL( psa_generate_random_key( &attributes, &handle ), expected_status ); if( expected_status != PSA_SUCCESS ) goto exit; @@ -4863,7 +4863,7 @@ void persistent_key_load_key_from_storage( data_t *data, case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + PSA_ASSERT( psa_generate_random_key( &attributes, &handle ) ); break; case DERIVE_KEY: @@ -4885,7 +4885,7 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_ASSERT( psa_key_derivation_input_bytes( &generator, PSA_KDF_STEP_INFO, NULL, 0 ) ); - PSA_ASSERT( psa_generator_import_key( &attributes, &handle, + PSA_ASSERT( psa_generate_derived_key( &attributes, &handle, &generator ) ); PSA_ASSERT( psa_generator_abort( &generator ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); From 4ce2a9dcbf9635a05f17fc583ae586e3f97b43ab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 May 2019 16:57:15 +0200 Subject: [PATCH 1216/2197] Check unused attributes in import and copy In psa_import_key and psa_copy_key, some information comes from the key data (input buffer or source key) rather than from the attributes: key size for import, key size and type and domain parameters for copy. If an unused attribute is nonzero in the attribute structure, check that it matches the correct value. This protects against application errors. --- include/psa/crypto.h | 27 ++++++++++----- library/psa_crypto.c | 80 +++++++++++++++++++++++++++++++++++++++----- 2 files changed, 91 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fff144cab..af3353c01 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -583,9 +583,10 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * according to a different format. * * \param[in] attributes The attributes for the new key. - * The key size field in \p attributes is - * ignored; the actual key size is determined - * from the \p data buffer. + * The key size is always determined from the + * \p data buffer. + * If the key size in \p attributes is nonzero, + * it must be equal to the size from \p data. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. * \param[in] data Buffer containing the key data. The content of this @@ -612,8 +613,12 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * The key type or key size is not supported, either by the * implementation in general or in this particular persistent location. * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key attributes, as a whole, are invalid, - * or the key data is not correctly formatted. + * The key attributes, as a whole, are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key data is not correctly formatted. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The size in \p attributes is nonzero and does not match the size + * of the key data. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -859,9 +864,12 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * occupied slot. * \param[in] attributes The attributes for the new key. * They are used as follows: - * - The key type, key size and domain parameters - * are ignored. This information is copied - * from the source key. + * - The key type and size may be 0. If either is + * nonzero, it must match the corresponding + * attribute of the source key. + * - If \p attributes contains domain parameters, + * they must match the domain parameters of + * the source key. * - The key location (the lifetime and, for * persistent keys, the key identifier) is * used directly. @@ -884,6 +892,9 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_ERROR_INVALID_ARGUMENT * The policy constraints on the source and specified in * \p attributes are incompatible. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p attributes specifies a key type, domain parameters or key size + * which does not match the attributes of the source key. * \retval #PSA_ERROR_NOT_PERMITTED * The source key is not exportable and its lifetime does not * allow copying it to the target's lifetime. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6e01997a4..c8b1931e8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1480,6 +1480,58 @@ static void psa_fail_key_creation( psa_key_slot_t *slot ) psa_wipe_key_slot( slot ); } +static psa_status_t psa_check_key_slot_attributes( + const psa_key_slot_t *slot, + const psa_key_attributes_t *attributes ) +{ + if( attributes->type != 0 ) + { + if( attributes->type != slot->type ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + if( attributes->domain_parameters_size != 0 ) + { +#if defined(MBEDTLS_RSA_C) + if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + { + mbedtls_mpi actual, required; + int ret; + mbedtls_mpi_init( &actual ); + mbedtls_mpi_init( &required ); + ret = mbedtls_rsa_export( slot->data.rsa, + NULL, NULL, NULL, NULL, &actual ); + if( ret != 0 ) + goto rsa_exit; + ret = mbedtls_mpi_read_binary( &required, + attributes->domain_parameters, + attributes->domain_parameters_size ); + if( ret != 0 ) + goto rsa_exit; + if( mbedtls_mpi_cmp_mpi( &actual, &required ) != 0 ) + ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + rsa_exit: + mbedtls_mpi_free( &actual ); + mbedtls_mpi_free( &required ); + if( ret != 0) + return( mbedtls_to_psa_error( ret ) ); + } + else +#endif + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + } + + if( attributes->bits != 0 ) + { + if( attributes->bits != psa_get_key_slot_bits( slot ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + return( PSA_SUCCESS ); +} + psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle, const uint8_t *data, @@ -1487,13 +1539,20 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, { psa_status_t status; psa_key_slot_t *slot = NULL; + status = psa_start_key_creation( attributes, handle, &slot ); - if( status == PSA_SUCCESS ) - { - status = psa_import_key_into_slot( slot, data, data_length ); - } - if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_import_key_into_slot( slot, data, data_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_check_key_slot_attributes( slot, attributes ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_finish_key_creation( slot ); +exit: if( status != PSA_SUCCESS ) { psa_fail_key_creation( slot ); @@ -1575,6 +1634,10 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) goto exit; + status = psa_check_key_slot_attributes( source_slot, specified_attributes ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_restrict_key_policy( &actual_attributes.policy, &source_slot->policy ); if( status != PSA_SUCCESS ) @@ -1586,10 +1649,11 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, goto exit; status = psa_copy_key_material( source_slot, target_slot ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_finish_key_creation( target_slot ); exit: - if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( target_slot ); if( status != PSA_SUCCESS ) { psa_fail_key_creation( target_slot ); From 8fb3a9ead4f45ee9deee0496f2c5ce4175f4f7a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 May 2019 16:59:21 +0200 Subject: [PATCH 1217/2197] Test psa_import_key: test for size in attributes Add tests where psa_import_key is called with attributes specifying an incorrect size. --- tests/suites/test_suite_psa_crypto.data | 54 ++++++++++++++------- tests/suites/test_suite_psa_crypto.function | 8 ++- 2 files changed, 44 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e29cbf7e3..6f4265f02 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -39,7 +39,7 @@ invalid_handle:-1 PSA import AES: bad key size depends_on:MBEDTLS_AES_C -import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT +import:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -95,19 +95,19 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_INVALID_ARGUMENT +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: valid key but EC depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -135,19 +135,19 @@ import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5f PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED +import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED +import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED +import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED +import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED @@ -241,27 +241,27 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d == n - 1 (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_SUCCESS +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_SUCCESS PSA import EC keypair: secp256r1, d == n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d > n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -269,11 +269,31 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED # one would expect the status to be PSA_ERROR_INVALID_ARGUMENT. But the # Mbed TLS pkparse module returns MBEDTLS_ERR_PK_INVALID_ALG, I think because # it's looking for an OID where there is no OID. -import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED +import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_NOT_SUPPORTED PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C -import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT +import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA import AES: bits=0 ok +depends_on:MBEDTLS_AES_C +import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:0:PSA_SUCCESS + +PSA import AES: bits=128 ok +depends_on:MBEDTLS_AES_C +import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS + +PSA import AES: bits=256 wrong +depends_on:MBEDTLS_AES_C +import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT + +PSA import AES: bits=256 ok +depends_on:MBEDTLS_AES_C +import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS + +PSA import AES: bits=128 wrong +depends_on:MBEDTLS_AES_C +import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c19439696..cddcb2e07 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1204,18 +1204,22 @@ void attributes_set_get( int id_arg, int lifetime_arg, /* END_CASE */ /* BEGIN_CASE */ -void import( data_t *data, int type_arg, int expected_status_arg ) +void import( data_t *data, int type_arg, + int attr_bits_arg, + int expected_status_arg ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t handle = 0; psa_key_type_t type = type_arg; + size_t attr_bits = attr_bits_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, attr_bits ); status = psa_import_key( &attributes, &handle, data->x, data->len ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) @@ -1223,6 +1227,8 @@ void import( data_t *data, int type_arg, int expected_status_arg ) PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); + if( attr_bits != 0 ) + TEST_EQUAL( attr_bits, got_attributes.bits ); PSA_ASSERT( psa_destroy_key( handle ) ); test_operations_on_invalid_handle( handle ); From 4a6446482ad65dc8d39a79390ebfdf64d4b46ffd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 May 2019 17:14:08 +0200 Subject: [PATCH 1218/2197] Test psa_copy_key with wrong type or size in attributes Split the test function copy_key into two: one for success and one for failure. Add failure tests where the attributes specify an incorrect type or size. --- tests/suites/test_suite_psa_crypto.data | 44 ++++++++------- tests/suites/test_suite_psa_crypto.function | 60 +++++++++++++++------ 2 files changed, 70 insertions(+), 34 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6f4265f02..4a1a04fc4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -498,79 +498,85 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) Copy key: raw, 0 bytes -copy_key:0:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:PSA_SUCCESS:0:0 +copy_success:0:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:0:0 Copy key: AES, copy attributes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR Copy key: AES, same usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR Copy key: AES, fewer usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, 2 more usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, intersect usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, intersect usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_SUCCESS:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC -copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT:-1:-1 +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT:-1:-1 +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT:-1:-1 +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT:-1:-1 +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_key:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT:-1:-1 +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +Copy fail: incorrect type in attributes +copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT + +Copy fail: incorrect size in attributes +copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cddcb2e07..c48ee649f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1924,12 +1924,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void copy_key( int source_usage_arg, int source_alg_arg, - int type_arg, data_t *material, - int copy_attributes, - int target_usage_arg, int target_alg_arg, - int expected_status_arg, - int expected_usage_arg, int expected_alg_arg ) +void copy_success( int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int copy_attributes, + int target_usage_arg, int target_alg_arg, + int expected_usage_arg, int expected_alg_arg ) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1947,7 +1946,6 @@ void copy_key( int source_usage_arg, int source_alg_arg, psa_set_key_type( &source_attributes, type_arg ); PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, material->x, material->len ) ); - /* Retrieve the key size. */ PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); /* Prepare the target attributes. */ @@ -1959,14 +1957,8 @@ void copy_key( int source_usage_arg, int source_alg_arg, psa_set_key_algorithm( &target_attributes, target_alg_arg ); /* Copy the key. */ - TEST_EQUAL( psa_copy_key( source_handle, - &target_attributes, &target_handle ), - expected_status_arg ); - if( expected_status_arg != PSA_SUCCESS ) - { - TEST_EQUAL( target_handle, 0 ); - goto exit; - } + PSA_ASSERT( psa_copy_key( source_handle, + &target_attributes, &target_handle ) ); /* Destroy the source to ensure that this doesn't affect the target. */ PSA_ASSERT( psa_destroy_key( source_handle ) ); @@ -2001,6 +1993,44 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void copy_fail( int source_usage_arg, int source_alg_arg, + int type_arg, data_t *material, + int target_type_arg, int target_bits_arg, + int target_usage_arg, int target_alg_arg, + int expected_status_arg ) +{ + psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t source_handle = 0; + psa_key_handle_t target_handle = 0; + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Prepare the source key. */ + psa_set_key_usage_flags( &source_attributes, source_usage_arg ); + psa_set_key_algorithm( &source_attributes, source_alg_arg ); + psa_set_key_type( &source_attributes, type_arg ); + PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, + material->x, material->len ) ); + + /* Prepare the target attributes. */ + psa_set_key_type( &target_attributes, target_type_arg ); + psa_set_key_bits( &target_attributes, target_bits_arg ); + psa_set_key_usage_flags( &target_attributes, target_usage_arg ); + psa_set_key_algorithm( &target_attributes, target_alg_arg ); + + /* Try to copy the key. */ + TEST_EQUAL( psa_copy_key( source_handle, + &target_attributes, &target_handle ), + expected_status_arg ); +exit: + psa_reset_key_attributes( &source_attributes ); + psa_reset_key_attributes( &target_attributes ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_operation_init( ) { From d8cf464f7d3d725de8759d790089c88fa3013e9d Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 6 May 2019 06:18:24 -0400 Subject: [PATCH 1219/2197] Add a link to the seedfile for out-of-tree cmake builds --- tests/CMakeLists.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 513979454..42d99d623 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -148,6 +148,9 @@ endif() # Make scripts and data files needed for testing available in an # out-of-source build. if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) + if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/seedfile") + link_to_source(seedfile) + endif() link_to_source(data_files) link_to_source(scripts) link_to_source(suites) From 679693ee4904d74b7bfa99060475a8e4c9f2a569 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:10:16 +0200 Subject: [PATCH 1220/2197] Algorithm encoding: add flag bit PSA_ALG_AEAD_FROM_BLOCK_FLAG Make it easy to distinguish generic constructions on top of block ciphers, such as CCM or GCM, from specialized algorithms such as Chacha20-Poly1305. --- include/psa/crypto_values.h | 25 +++++++++++++++++-- .../test_suite_psa_crypto_metadata.data | 4 +-- .../test_suite_psa_crypto_metadata.function | 2 ++ 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index eddf63262..d01367d05 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -874,13 +874,34 @@ */ #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101) +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) + +/** Whether the specified algorithm is an AEAD mode on a block cipher. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is an AEAD algorithm which is an AEAD mode based on + * a block cipher, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) \ + (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) == \ + (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) + /** The CCM authenticated encryption algorithm. */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x06001001) +#define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) /** The GCM authenticated encryption algorithm. */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x06001002) +#define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) + +/** The Chacha20-Poly1305 AEAD algorithm. + * + * The ChaCha20_Poly1305 construction is defined in RFC 7539. + */ +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) /* In the encoding of a AEAD algorithm, the bits corresponding to * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index edb09a8fc..45aef1072 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -192,11 +192,11 @@ cipher_algorithm:PSA_ALG_XTS:0 AEAD: CCM depends_on:MBEDTLS_CCM_C -aead_algorithm:PSA_ALG_CCM:0:16 +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 AEAD: GCM depends_on:MBEDTLS_GCM_C -aead_algorithm:PSA_ALG_GCM:0:16 +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 Asymmetric signature: RSA PKCS#1 v1.5 raw depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 1bc8d64d8..0e6994664 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -36,6 +36,7 @@ #define ALG_IS_ECDH ( 1u << 18 ) #define ALG_IS_WILDCARD ( 1u << 19 ) #define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 20 ) +#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 21 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that @@ -77,6 +78,7 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags ) TEST_CLASSIFICATION_MACRO( ALG_IS_ECDH, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_FFDH, alg, flags ); TEST_CLASSIFICATION_MACRO( ALG_IS_RAW_KEY_AGREEMENT, alg, flags ); + TEST_CLASSIFICATION_MACRO( ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags ); exit: ; } From bdc27860c2dc228a3c1ae8b58baf80cc922bf077 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:45:16 +0200 Subject: [PATCH 1221/2197] Reorder macros for clarity Group PSA_AEAD_DECRYPT_OUTPUT_SIZE with PSA_AEAD_ENCRYPT_OUTPUT_SIZE. --- include/psa/crypto_sizes.h | 42 +++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 5f6282c40..439f20de6 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -268,27 +268,6 @@ (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ 0) -/** The maximum size of the output of psa_aead_finish(), in bytes. - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_aead_finish() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the ciphertext may be smaller. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return The maximum trailing ciphertext size for the - * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. - * An implementation may return either 0 or a - * correct size for an AEAD algorithm that it - * recognizes, but does not support. - */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ - ((size_t)0) - /** The maximum size of the output of psa_aead_decrypt(), in bytes. * * If the size of the plaintext buffer is at least this large, it is @@ -313,6 +292,27 @@ (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ 0) +/** The maximum size of the output of psa_aead_finish(), in bytes. + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_finish() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The maximum trailing ciphertext size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ + ((size_t)0) + #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ (PSA_ALG_IS_RSA_OAEP(alg) ? \ 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ From 5211efb317d8a0867e1bc9f2b945dbe6cd976c4b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:56:05 +0200 Subject: [PATCH 1222/2197] Add output parameter for psa_aead_verify Like psa_aead_finish(), psa_aead_verify() needs to produce output from the last partial block of input if psa_aead_update() cannot produce output byte by byte. --- include/psa/crypto.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2e680b101..374f985c6 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2602,6 +2602,14 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * When this function returns, the operation becomes inactive. * * \param[in,out] operation Active AEAD operation. + * \param[out] plaintext Buffer where the last part of the plaintext + * is to be written. This is the remaining + * from previous calls to psa_aead_update() + * that could not be processed until the end + * of the input. + * \param plaintext_size Size of the \p plaintext buffer in bytes. + * \param[out] plaintext_length On success, the number of bytes of + * returned plaintext. * \param[in] tag Buffer containing the authentication tag. * \param tag_length Size of the \p tag buffer in bytes. * @@ -2624,6 +2632,9 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_TAMPERING_DETECTED */ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, const uint8_t *tag, size_t tag_length); From 49dd8d8cec020c0dfd1af14dda1c6ebf6ed484ef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:16:19 +0200 Subject: [PATCH 1223/2197] Add size macros for multipart AEAD New macros PSA_AEAD_UPDATE_OUTPUT_SIZE, PSA_AEAD_FINISH_OUTPUT_SIZE and PSA_AEAD_VERIFY_OUTPUT_SIZE to determine the output buffer sizes for psa_aead_update(), psa_aead_finish() and psa_aead_verify(). --- include/psa/crypto.h | 28 ++++++++++++++++ include/psa/crypto_sizes.h | 65 ++++++++++++++++++++++++++++++++++---- 2 files changed, 87 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 374f985c6..a0961c74a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2501,6 +2501,10 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \param input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. * \param output_size Size of the \p output buffer in bytes. + * This must be at least + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, + * \p input_length) where \c alg is the + * algorithm that is being calculated. * \param[out] output_length On success, the number of bytes * that make up the returned output. * @@ -2511,6 +2515,9 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. + * You can determine a sufficient buffer size by calling + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length) + * where \c alg is the algorithm that is being calculated. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2554,11 +2561,18 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \param[out] ciphertext Buffer where the last part of the ciphertext * is to be written. * \param ciphertext_size Size of the \p ciphertext buffer in bytes. + * This must be at least + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where + * \c alg is the algorithm that is being + * calculated. * \param[out] ciphertext_length On success, the number of bytes of * returned ciphertext. * \param[out] tag Buffer where the authentication tag is * to be written. * \param tag_size Size of the \p tag buffer in bytes. + * This must be at least + * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is + * the algorithm that is being calculated. * \param[out] tag_length On success, the number of bytes * that make up the returned tag. * @@ -2569,6 +2583,11 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * decryption, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p ciphertext or \p tag buffer is too small. + * You can determine a sufficient buffer size for \p ciphertext by + * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) + * where \c alg is the algorithm that is being calculated. + * You can determine a sufficient buffer size for \p tag by + * calling #PSA_AEAD_TAG_LENGTH(\c alg). * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2608,6 +2627,10 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * that could not be processed until the end * of the input. * \param plaintext_size Size of the \p plaintext buffer in bytes. + * This must be at least + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where + * \c alg is the algorithm that is being + * calculated. * \param[out] plaintext_length On success, the number of bytes of * returned plaintext. * \param[in] tag Buffer containing the authentication tag. @@ -2618,6 +2641,11 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not set up, nonce not set, * encryption, or already completed). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p plaintext buffer is too small. + * You can determine a sufficient buffer size for \p plaintext by + * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) + * where \c alg is the algorithm that is being calculated. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 439f20de6..353792791 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -292,26 +292,79 @@ (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ 0) -/** The maximum size of the output of psa_aead_finish(), in bytes. +/** A sufficient output buffer size for psa_aead_update(). + * + * If the size of the output buffer is at least this large, it is + * guaranteed that psa_aead_finish() will not fail due to an + * insufficient buffer size. The actual size of the output may be smaller + * in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param input_length Size of the input in bytes. + * + * \return A sufficient output buffer size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +/* For all the AEAD modes defined in this specification, it is possible + * to emit output without delay. However, hardware may not always be + * capable of this. So for modes based on a block cipher, allow the + * implementation to delay the output until it has a full block. */ +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + ((plaintext_length) + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE - 1) / PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + (plaintext_length)) + +/** A sufficient ciphertext buffer size for psa_aead_finish(). * * If the size of the ciphertext buffer is at least this large, it is * guaranteed that psa_aead_finish() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the ciphertext may be smaller. + * insufficient ciphertext buffer size. The actual size of the output may + * be smaller in any given call. * * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * - * \return The maximum trailing ciphertext size for the + * \return A sufficient ciphertext buffer size for the * specified algorithm. * If the AEAD algorithm is not recognized, return 0. * An implementation may return either 0 or a * correct size for an AEAD algorithm that it * recognizes, but does not support. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ - ((size_t)0) +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + 0) + +/** A sufficient plaintext buffer size for psa_aead_verify(). + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_verify() will not fail due to an + * insufficient plaintext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient plaintext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + * An implementation may return either 0 or a + * correct size for an AEAD algorithm that it + * recognizes, but does not support. + */ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ + 0) #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ (PSA_ALG_IS_RSA_OAEP(alg) ? \ From 423005ea93dadede87828a75ee211a156e1875e5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:22:57 +0200 Subject: [PATCH 1224/2197] Cipher tests: pass the IV from the test data Don't hard-code an IV in cipher test functions. It restricts what can be used as test data. --- tests/suites/test_suite_psa_crypto.data | 100 ++++++++++---------- tests/suites/test_suite_psa_crypto.function | 40 ++------ 2 files changed, 58 insertions(+), 82 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e29cbf7e3..6ea927ad4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -882,75 +882,75 @@ cipher_bad_order: PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS PSA symmetric encrypt: AES-CBC-nopad, input too short depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encrypt: AES-CTR, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS +cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE PSA symmetric decrypt: AES-CTR, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS +cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC @@ -970,127 +970,127 @@ cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4 PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b" PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" +cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" PSA symmetric encryption multipart: AES-CTR, 0+15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric encryption multipart: AES-CTR, 15+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric encryption multipart: AES-CTR, 0+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encryption multipart: AES-CTR, 16+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a" PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC -cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" +cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" PSA symmetric encryption multipart: AES-CTR, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encryption multipart: AES-CTR, 16+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+20 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" PSA symmetric encryption multipart: AES-CTR, 12+10 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" PSA symmetric decryption multipart: AES-CTR, 0+15 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric decryption multipart: AES-CTR, 15+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd" PSA symmetric decryption multipart: AES-CTR, 0+16 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric decryption multipart: AES-CTR, 16+0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" +cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32" PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC @@ -1282,7 +1282,7 @@ aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WI PSA AEAD encrypt/decrypt: invalid algorithm (CTR) depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED +aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_NOT_SUPPORTED PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 67c2c77f9..12195ece7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2807,7 +2807,7 @@ exit: /* BEGIN_CASE */ void cipher_encrypt( int alg_arg, int key_type_arg, - data_t *key, + data_t *key, data_t *iv, data_t *input, data_t *expected_output, int expected_status_arg ) { @@ -2816,8 +2816,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - unsigned char iv[16] = {0}; - size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -2825,9 +2823,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - memset( iv, 0x2a, iv_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -2840,8 +2835,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_size ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); @@ -2874,7 +2868,7 @@ exit: /* BEGIN_CASE */ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key, + data_t *key, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, @@ -2886,8 +2880,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; - unsigned char iv[16] = {0}; - size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -2895,9 +2887,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - memset( iv, 0x2a, iv_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -2910,8 +2899,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); ASSERT_ALLOC( output, output_buffer_size ); @@ -2949,7 +2937,7 @@ exit: /* BEGIN_CASE */ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key, + data_t *key, data_t *iv, data_t *input, int first_part_size_arg, int output1_length_arg, int output2_length_arg, @@ -2962,8 +2950,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t first_part_size = first_part_size_arg; size_t output1_length = output1_length_arg; size_t output2_length = output2_length_arg; - unsigned char iv[16] = {0}; - size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -2971,9 +2957,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - memset( iv, 0x2a, iv_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); @@ -2986,8 +2969,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); @@ -3027,7 +3009,7 @@ exit: /* BEGIN_CASE */ void cipher_decrypt( int alg_arg, int key_type_arg, - data_t *key, + data_t *key, data_t *iv, data_t *input, data_t *expected_output, int expected_status_arg ) { @@ -3036,8 +3018,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - unsigned char iv[16] = {0}; - size_t iv_size; unsigned char *output = NULL; size_t output_buffer_size = 0; size_t function_output_length = 0; @@ -3045,9 +3025,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - memset( iv, 0x2a, iv_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); @@ -3060,8 +3037,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_size ) ); + PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ); From ff2d200fa5e3238ff3271404fad3e23211a59854 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:26:23 +0200 Subject: [PATCH 1225/2197] Always include platform.h for MBEDTLS_ERR_PLATFORM_xxx Recognize MBEDTLS_ERR_PLATFORM_xxx in mbedtls_to_psa_error(). --- library/psa_crypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9cf90ddaf..45ce313d3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -39,9 +39,8 @@ #include #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else +#if !defined(MBEDTLS_PLATFORM_C) #define mbedtls_calloc calloc #define mbedtls_free free #endif @@ -284,6 +283,11 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_PK_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED: + return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED: + return( PSA_ERROR_NOT_SUPPORTED ); + case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); From f7e7b01a252fd39fd8f21e4b68674c63db64dd76 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:27:16 +0200 Subject: [PATCH 1226/2197] Minor refactoring in AEAD code Make it a little easier to add ChaCha20-Poly1305. This also fixes the error code in case mbedtls_gcm_setkey() fails with a status that doesn't map to INVALID_ARGUMENT. --- library/psa_crypto.c | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 45ce313d3..3e3c5eb3c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3681,6 +3681,9 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ): operation->core_alg = PSA_ALG_CCM; operation->full_tag_length = 16; + /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. + * The call to mbedtls_ccm_encrypt_and_tag or + * mbedtls_ccm_auth_decrypt will validate the tag length. */ if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &operation->ctx.ccm ); @@ -3697,6 +3700,9 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ): operation->core_alg = PSA_ALG_GCM; operation->full_tag_length = 16; + /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. + * The call to mbedtls_gcm_crypt_and_tag or + * mbedtls_gcm_auth_decrypt will validate the tag length. */ if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_gcm_init( &operation->ctx.gcm ); @@ -3704,6 +3710,8 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, operation->slot->data.raw.data, (unsigned int) key_bits ) ); + if( status != 0 ) + goto cleanup; break; #endif /* MBEDTLS_GCM_C */ @@ -3717,9 +3725,6 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, goto cleanup; } operation->tag_length = PSA_AEAD_TAG_LENGTH( alg ); - /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. - * GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. - * In both cases, mbedtls_xxx will validate the tag length below. */ return( PSA_SUCCESS ); @@ -3844,15 +3849,15 @@ psa_status_t psa_aead_decrypt( psa_key_handle_t handle, if( status != PSA_SUCCESS ) return( status ); + status = psa_aead_unpadded_locate_tag( operation.tag_length, + ciphertext, ciphertext_length, + plaintext_size, &tag ); + if( status != PSA_SUCCESS ) + goto exit; + #if defined(MBEDTLS_GCM_C) if( operation.core_alg == PSA_ALG_GCM ) { - status = psa_aead_unpadded_locate_tag( operation.tag_length, - ciphertext, ciphertext_length, - plaintext_size, &tag ); - if( status != PSA_SUCCESS ) - goto exit; - status = mbedtls_to_psa_error( mbedtls_gcm_auth_decrypt( &operation.ctx.gcm, ciphertext_length - operation.tag_length, @@ -3867,12 +3872,6 @@ psa_status_t psa_aead_decrypt( psa_key_handle_t handle, #if defined(MBEDTLS_CCM_C) if( operation.core_alg == PSA_ALG_CCM ) { - status = psa_aead_unpadded_locate_tag( operation.tag_length, - ciphertext, ciphertext_length, - plaintext_size, &tag ); - if( status != PSA_SUCCESS ) - goto exit; - status = mbedtls_to_psa_error( mbedtls_ccm_auth_decrypt( &operation.ctx.ccm, ciphertext_length - operation.tag_length, From 3e79c8ecfd6ee364ec48608133c793586114f4ec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:20:04 +0200 Subject: [PATCH 1227/2197] Declare ChaCha20 cipher and AEAD Declare algorithms for ChaCha20 and ChaCha20-Poly1305, and a corresponding (common) key type. Don't declare Poly1305 as a separate algorithm because it's a one-time authenticator, not a MAC, so the API isn't suitable for it (no way to use a nonce). --- include/psa/crypto_values.h | 27 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.data | 12 +++++++++ 2 files changed, 39 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index d01367d05..9777ae90e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -402,6 +402,15 @@ * legacy protocols. */ #define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) +/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. + * + * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539. + * + * Implementations must support 12-byte nonces, may support 8-byte nonces, + * and should reject other sizes. + */ +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) + /** RSA public key. */ #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) /** RSA key pair (private and public key). */ @@ -836,6 +845,18 @@ */ #define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001) +/** The ChaCha20 stream cipher. + * + * ChaCha20 is defined in RFC 7539. + * + * The nonce size for psa_cipher_set_iv() or psa_cipher_generate_iv() + * must be 12. + * + * The initial block counter is always 0. + * + */ +#define PSA_ALG_CHACHA20 ((psa_algorithm_t)0x04800005) + /** The CTR stream cipher mode. * * CTR is a stream cipher which is built from a block cipher. @@ -900,6 +921,11 @@ /** The Chacha20-Poly1305 AEAD algorithm. * * The ChaCha20_Poly1305 construction is defined in RFC 7539. + * + * Implementations must support 12-byte nonces, may support 8-byte nonces, + * and should reject other sizes. + * + * Implementations must support 16-byte tags and should reject other sizes. */ #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x06001005) @@ -945,6 +971,7 @@ ( \ PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CCM) \ PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_GCM) \ + PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \ 0) #define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, ref) \ PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 45aef1072..94b80acdd 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -166,6 +166,10 @@ Cipher: ARC4 depends_on:MBEDTLS_ARC4_C cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER +Cipher: ChaCha20 +depends_on:MBEDTLS_CHACHA_C +cipher_algorithm:PSA_ALG_CHACHA20:ALG_IS_STREAM_CIPHER + Cipher: CTR depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER @@ -198,6 +202,10 @@ AEAD: GCM depends_on:MBEDTLS_GCM_C aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 +AEAD: ChaCha20_Poly1305 +depends_on:MBEDTLS_CHACHAPOLY_C +aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16 + Asymmetric signature: RSA PKCS#1 v1.5 raw depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN @@ -307,6 +315,10 @@ Key type: ARC4 depends_on:MBEDTLS_ARC4_C key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED +Key type: ChaCha20 +depends_on:MBEDTLS_CHACHA20_C +key_type:PSA_KEY_TYPE_CHACHA20:KEY_TYPE_IS_UNSTRUCTURED + Key type: RSA public key depends_on:MBEDTLS_RSA_C key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA From 26869f2d9b874c83d4da9b31b69d30c023595b1e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:25:00 +0200 Subject: [PATCH 1228/2197] Implement ChaCha20 and ChaCha20-Poly1305 Smoke tests: test data for ChaCha20 calculated with PyCryptodome; test vector from RFC 7539 for ChaCha20-Poly1305. --- library/psa_crypto.c | 87 +++++++++++++++++++++++++ tests/suites/test_suite_psa_crypto.data | 36 ++++++++++ 2 files changed, 123 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3e3c5eb3c..7794e7a49 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -51,6 +51,8 @@ #include "mbedtls/bignum.h" #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" +#include "mbedtls/chacha20.h" +#include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" #include "mbedtls/ccm.h" #include "mbedtls/cmac.h" @@ -179,6 +181,14 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA: + return( PSA_ERROR_INVALID_ARGUMENT ); + + case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE: + return( PSA_ERROR_BAD_STATE ); + case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED: + return( PSA_ERROR_INVALID_SIGNATURE ); + case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA: @@ -465,6 +475,12 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, if( bits < 8 || bits > 2048 ) return( PSA_ERROR_INVALID_ARGUMENT ); break; +#endif +#if defined(MBEDTLS_CHACHA20_C) + case PSA_KEY_TYPE_CHACHA20: + if( bits != 256 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; #endif default: return( PSA_ERROR_NOT_SUPPORTED ); @@ -2026,6 +2042,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch( alg ) { case PSA_ALG_ARC4: + case PSA_ALG_CHACHA20: mode = MBEDTLS_MODE_STREAM; break; case PSA_ALG_CTR: @@ -2049,6 +2066,9 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ): mode = MBEDTLS_MODE_GCM; break; + case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CHACHA20_POLY1305, 0 ): + mode = MBEDTLS_MODE_CHACHAPOLY; + break; default: return( NULL ); } @@ -2084,6 +2104,9 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_KEY_TYPE_ARC4: cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4; break; + case PSA_KEY_TYPE_CHACHA20: + cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20; + break; default: return( NULL ); } @@ -3318,6 +3341,11 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, { operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ); } +#if defined(MBEDTLS_CHACHA20_C) + else + if( alg == PSA_ALG_CHACHA20 ) + operation->iv_size = 12; +#endif exit: if( status == 0 ) @@ -3631,6 +3659,9 @@ typedef struct #if defined(MBEDTLS_GCM_C) mbedtls_gcm_context gcm; #endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) + mbedtls_chachapoly_context chachapoly; +#endif /* MBEDTLS_CHACHAPOLY_C */ } ctx; psa_algorithm_t core_alg; uint8_t full_tag_length; @@ -3715,6 +3746,22 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, break; #endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) + case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CHACHA20_POLY1305, 0 ): + operation->core_alg = PSA_ALG_CHACHA20_POLY1305; + operation->full_tag_length = 16; + /* We only support the default tag length. */ + if( alg != PSA_ALG_CHACHA20_POLY1305 ) + return( PSA_ERROR_NOT_SUPPORTED ); + mbedtls_chachapoly_init( &operation->ctx.chachapoly ); + status = mbedtls_to_psa_error( + mbedtls_chachapoly_setkey( &operation->ctx.chachapoly, + operation->slot->data.raw.data ) ); + if( status != 0 ) + goto cleanup; + break; +#endif /* MBEDTLS_CHACHAPOLY_C */ + default: return( PSA_ERROR_NOT_SUPPORTED ); } @@ -3792,6 +3839,26 @@ psa_status_t psa_aead_encrypt( psa_key_handle_t handle, } else #endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) + if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 ) + { + if( nonce_length != 12 || operation.tag_length != 16 ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = mbedtls_to_psa_error( + mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly, + plaintext_length, + nonce, + additional_data, + additional_data_length, + plaintext, + ciphertext, + tag ) ); + } + else +#endif /* MBEDTLS_CHACHAPOLY_C */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -3883,6 +3950,26 @@ psa_status_t psa_aead_decrypt( psa_key_handle_t handle, } else #endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) + if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 ) + { + if( nonce_length != 12 || operation.tag_length != 16 ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = mbedtls_to_psa_error( + mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly, + ciphertext_length - operation.tag_length, + nonce, + additional_data, + additional_data_length, + tag, + ciphertext, + plaintext ) ); + } + else +#endif /* MBEDTLS_CHACHAPOLY_C */ { return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6ea927ad4..6f81a8ea2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1100,6 +1100,26 @@ PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4 +PSA symmetric encrypt: ChaCha20, K=0 N=0 +depends_on:MBEDTLS_CHACHA20_C +cipher_encrypt:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS + +PSA symmetric encrypt: ChaCha20, K=rand N=rand +depends_on:MBEDTLS_CHACHA20_C +cipher_encrypt:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS + +PSA symmetric encryption multipart: ChaCha20, 14+50 bytes +depends_on:MBEDTLS_CHACHA20_C +cipher_encrypt_multipart:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" + +PSA symmetric decrypt: ChaCha20, K=rand N=rand +depends_on:MBEDTLS_CHACHA20_C +cipher_decrypt:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS + +PSA symmetric decryption multipart: ChaCha20, 14+50 bytes +depends_on:MBEDTLS_CHACHA20_C +cipher_decrypt_multipart:PSA_ALG_CHACHA20:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4" + PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS @@ -1280,10 +1300,26 @@ PSA AEAD decrypt: AES-GCM, invalid tag length 18 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT +PSA AEAD encrypt: ChaCha20-Poly1305 (RFC7539) +depends_on:MBEDTLS_CHACHAPOLY_C +aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691" + +PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, good tag) +depends_on:MBEDTLS_CHACHAPOLY_C +aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS + +PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, bad tag) +depends_on:MBEDTLS_CHACHAPOLY_C +aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600690":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_SIGNATURE + PSA AEAD encrypt/decrypt: invalid algorithm (CTR) depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_NOT_SUPPORTED +PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20) +depends_on:MBEDTLS_CHACHA20_C +aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20:"":"":"":PSA_ERROR_NOT_SUPPORTED + PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 From f02aec90dc2dc6caafc529adbbe46d8963854dbf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 15:42:54 +0200 Subject: [PATCH 1229/2197] Allow AEAD update output to be delayed Do not require finish() to have empty output for any algorithm. Some hardware does not support immediate stream processing. --- include/psa/crypto.h | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a0961c74a..c0d79dd1e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2495,6 +2495,14 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * - In particular, do not copy the output anywhere but to a * memory or storage space that you have exclusive access to. * + * This function does not require the input to be aligned to any + * particular block boundary. If the implementation can only process + * a whole block at a time, it must store the last partial input block + * or adjust its internal state accordingly until the next call to + * psa_aead_update(), psa_aead_finish() or psa_aead_verify(), and produce + * the corresponding output when sufficient input is available or on the + * finish or verify call. + * * \param[in,out] operation Active AEAD operation. * \param[in] input Buffer containing the message fragment to * encrypt or decrypt. @@ -2548,9 +2556,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * * This function has two output buffers: * - \p ciphertext contains trailing ciphertext that was buffered from - * preceding calls to psa_aead_update(). For all standard AEAD algorithms, - * psa_aead_update() does not buffer any output and therefore \p ciphertext - * will not contain any output and can be a 0-sized buffer. + * preceding calls to psa_aead_update(). * - \p tag contains the authentication tag. Its length is always * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm * that the operation performs. From ee32cd4af6ad6436caa04b86ceae05806edf862e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 18:39:37 +0200 Subject: [PATCH 1230/2197] Slot management tests: more robust storage purge Record what key ids have been used in a test case and purge them. The cleanup code no longer requires the key identifiers used in the tests to be in a certain small range. --- ..._suite_psa_crypto_slot_management.function | 66 ++++++++++++------- 1 file changed, 41 insertions(+), 25 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 03b7197a6..267353e5b 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -23,31 +23,47 @@ typedef enum } reopen_policy_t; /* All test functions that create persistent keys must call - * `TEST_MAX_KEY_ID( key_id )` before creating a persistent key with this + * `TEST_USES_KEY_ID( key_id )` before creating a persistent key with this * identifier, and must call psa_purge_key_storage() in their cleanup * code. */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -/* There is no API to purge all keys. For this test suite, require that - * all key IDs be less than a certain maximum, or a well-known value - * which corresponds to a file that does not contain a key. */ -#define MAX_KEY_ID_FOR_TEST 32 -#define KEY_ID_IS_WELL_KNOWN( key_id ) \ - ( ( key_id ) == PSA_CRYPTO_ITS_RANDOM_SEED_UID ) -#define TEST_MAX_KEY_ID( key_id ) \ - TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST || \ - KEY_ID_IS_WELL_KNOWN( key_id ) ) -void psa_purge_key_storage( void ) +static psa_key_id_t key_ids_used_in_test[9]; +static size_t num_key_ids_used; + +/* Record a key id as potentially used in a test case. */ +static int test_uses_key_id( psa_key_id_t key_id ) { - psa_key_id_t i; - /* The tests may have potentially created key ids from 1 to - * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id - * 0, which file-based storage uses as a temporary file. */ - for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ ) - psa_destroy_persistent_key( i ); + size_t i; + if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + { + /* Don't touch key id values that designate non-key files. */ + return( 1 ); + } + for( i = 0; i < num_key_ids_used ; i++ ) + { + if( key_id == key_ids_used_in_test[i] ) + return( 1 ); + } + if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) ) + return( 0 ); + key_ids_used_in_test[num_key_ids_used] = key_id; + ++num_key_ids_used; + return( 1 ); +} +#define TEST_USES_KEY_ID( key_id ) \ + TEST_ASSERT( test_uses_key_id( key_id ) ) + +/* Destroy all key ids that may have been created by the current test case. */ +static void psa_purge_key_storage( void ) +{ + size_t i; + for( i = 0; i < num_key_ids_used; i++ ) + psa_destroy_persistent_key( key_ids_used_in_test[i] ); + num_key_ids_used = 0; } #else -#define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) ) +#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) ) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ /* END_HEADER */ @@ -122,7 +138,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_MAX_KEY_ID( id ); + TEST_USES_KEY_ID( id ); PSA_ASSERT( psa_crypto_init( ) ); @@ -200,7 +216,7 @@ void create_existent( int lifetime_arg, int id_arg, size_t reexported_length; reopen_policy_t reopen_policy = reopen_policy_arg; - TEST_MAX_KEY_ID( id ); + TEST_USES_KEY_ID( id ); PSA_ASSERT( psa_crypto_init( ) ); @@ -279,7 +295,7 @@ void create_fail( int lifetime_arg, int id_arg, psa_key_handle_t handle = 0xdead; uint8_t material[1] = {'k'}; - TEST_MAX_KEY_ID( id ); + TEST_USES_KEY_ID( id ); PSA_ASSERT( psa_crypto_init( ) ); @@ -323,8 +339,8 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_algorithm_t expected_alg = expected_alg_arg; uint8_t *export_buffer = NULL; - TEST_MAX_KEY_ID( source_id ); - TEST_MAX_KEY_ID( target_id ); + TEST_USES_KEY_ID( source_id ); + TEST_USES_KEY_ID( target_id ); PSA_ASSERT( psa_crypto_init( ) ); @@ -427,8 +443,8 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes2 = PSA_KEY_ATTRIBUTES_INIT; - TEST_MAX_KEY_ID( source_id ); - TEST_MAX_KEY_ID( target_id ); + TEST_USES_KEY_ID( source_id ); + TEST_USES_KEY_ID( target_id ); PSA_ASSERT( psa_crypto_init( ) ); From 225010fdf77debcdcd8697c330d62038dac20a4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 18:44:55 +0200 Subject: [PATCH 1231/2197] Remove lifetime parameter from psa_open_key Change the scope of key identifiers to be global, rather than per lifetime. As a result, you now need to specify the lifetime of a key only when creating it. --- include/psa/crypto.h | 14 ++++---------- include/psa/crypto_types.h | 13 +++++++++++++ library/psa_crypto_slot_management.c | 7 +++---- tests/suites/test_suite_psa_crypto.function | 5 ++--- ...test_suite_psa_crypto_persistent_key.function | 12 ++++-------- .../test_suite_psa_crypto_slot_management.data | 14 ++++---------- ...est_suite_psa_crypto_slot_management.function | 16 +++++++--------- 7 files changed, 37 insertions(+), 44 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2e680b101..424c16e31 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -512,9 +512,6 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * * Open a handle to a key which was previously created with psa_create_key(). * - * \param lifetime The lifetime of the key. This designates a storage - * area where the key material is stored. This must not - * be #PSA_KEY_LIFETIME_VOLATILE. * \param id The persistent identifier of the key. * \param[out] handle On success, a handle to a key slot which contains * the data and metadata loaded from the specified @@ -526,19 +523,16 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is invalid for the specified lifetime. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p lifetime is not supported. + * \p id is invalid. * \retval #PSA_ERROR_NOT_PERMITTED * The specified key exists, but the application does not have the * permission to access it. Note that this specification does not * define any way to create such a key, but it may be possible * through implementation-specific means. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_open_key(psa_key_lifetime_t lifetime, - psa_key_id_t id, +psa_status_t psa_open_key(psa_key_id_t id, psa_key_handle_t *handle); /** Close a key handle. diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 7054de72e..da6e6b9c5 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -85,6 +85,19 @@ typedef uint32_t psa_algorithm_t; */ /** Encoding of key lifetimes. + * + * The lifetime of a key indicates where it is stored and what system actions + * may create and destroy it. + * + * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically + * destroyed when the application terminates or on a power reset. + * + * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said + * to be _persistent_. + * Persistent keys are preserved if the application or the system restarts. + * Persistent keys have a key identifier of type #psa_key_id_t. + * The application can call psa_open_key() to open a persistent key that + * it created previously. */ typedef uint32_t psa_key_lifetime_t; diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 8ee561512..30cc05bd3 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -278,11 +278,10 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, #endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ } -psa_status_t psa_open_key( psa_key_lifetime_t lifetime, - psa_key_file_id_t id, - psa_key_handle_t *handle ) +psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) { - return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) ); + return( persistent_key_setup( PSA_KEY_LIFETIME_PERSISTENT, + id, handle, PSA_SUCCESS ) ); } psa_status_t psa_create_key( psa_key_lifetime_t lifetime, diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 67c2c77f9..85ac4ebba 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4911,8 +4911,7 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_ASSERT( psa_crypto_init() ); /* Check key slot still contains key data */ - PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); + PSA_ASSERT( psa_open_key( key_id, &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_id( &attributes ), key_id ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), @@ -4947,7 +4946,7 @@ exit: /* In case there was a test failure after creating the persistent key * but while it was not open, try to re-open the persistent key * to delete it. */ - psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ); + psa_open_key( key_id, &handle ); } psa_destroy_key( handle ); mbedtls_psa_crypto_free(); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index a2f4f779b..827a7d8e4 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -134,8 +134,7 @@ void persistent_key_destroy( int key_id_arg, int restart, psa_close_key( handle ); mbedtls_psa_crypto_free(); PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); + PSA_ASSERT( psa_open_key( key_id, &handle ) ); } TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); @@ -144,8 +143,7 @@ void persistent_key_destroy( int key_id_arg, int restart, /* Check key slot storage is removed */ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); - TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( psa_open_key( key_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); TEST_EQUAL( handle, 0 ); /* Shutdown and restart */ @@ -191,8 +189,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, psa_close_key( handle ); mbedtls_psa_crypto_free(); PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); + PSA_ASSERT( psa_open_key( key_id, &handle ) ); } psa_reset_key_attributes( &attributes ); @@ -242,8 +239,7 @@ void import_export_persistent_key( data_t *data, int type_arg, psa_close_key( handle ); mbedtls_psa_crypto_free(); PSA_ASSERT( psa_crypto_init() ); - PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, - &handle ) ); + PSA_ASSERT( psa_open_key( key_id, &handle ) ); } /* Test the key information */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 5dc2b6787..c5afdfa95 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -27,21 +27,15 @@ create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN Open failure: invalid identifier (0) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT +open_fail:0:PSA_ERROR_INVALID_ARGUMENT Open failure: invalid identifier (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT +open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT Open failure: non-existent identifier depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_DOES_NOT_EXIST - -Open failure: volatile lifetime -open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT - -Open failure: invalid lifetime -open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT +open_fail:1:PSA_ERROR_DOES_NOT_EXIST Create failure: invalid lifetime create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT @@ -56,7 +50,7 @@ create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR Open not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED +open_fail:1:PSA_ERROR_NOT_SUPPORTED Create not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 267353e5b..d06d3d749 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -155,7 +155,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, /* Close the key and reopen it. */ PSA_ASSERT( psa_close_key( handle ) ); - PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -184,12 +184,12 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, { case CLOSE_BY_CLOSE: case CLOSE_BY_SHUTDOWN: - PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); break; case CLOSE_BY_DESTROY: - TEST_EQUAL( psa_open_key( lifetime, id, &handle ), + TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); break; } @@ -241,7 +241,7 @@ void create_existent( int lifetime_arg, int id_arg, if( reopen_policy == CLOSE_AFTER ) PSA_ASSERT( psa_close_key( handle1 ) ); if( reopen_policy == CLOSE_BEFORE || reopen_policy == CLOSE_AFTER ) - PSA_ASSERT( psa_open_key( lifetime, id, &handle1 ) ); + PSA_ASSERT( psa_open_key( id, &handle1 ) ); /* Check that the original key hasn't changed. */ psa_reset_key_attributes( &attributes ); @@ -266,17 +266,16 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void open_fail( int lifetime_arg, int id_arg, +void open_fail( int id_arg, int expected_status_arg ) { - psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; psa_status_t expected_status = expected_status_arg; psa_key_handle_t handle = 0xdead; PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( psa_open_key( lifetime, id, &handle ), expected_status ); + TEST_EQUAL( psa_open_key( id, &handle ), expected_status ); TEST_EQUAL( handle, 0 ); exit: @@ -376,8 +375,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, { mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_open_key( target_lifetime, target_id, - &target_handle ) ); + PSA_ASSERT( psa_open_key( target_id, &target_handle ) ); } /* Test that the target slot has the expected content. */ From 4a231b8d3b195abad1e8ef28d564a1f69c733a8d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 18:56:14 +0200 Subject: [PATCH 1232/2197] Break up key identifiers into user, vendor and reserved ranges Define a range of key identifiers for use by the application (0..2^30-1), a range for use by implementations (2^30..2^31), and a range that is reserved for future use (2^31..2^32-1). --- include/psa/crypto.h | 4 ++++ include/psa/crypto_types.h | 7 +++++++ include/psa/crypto_values.h | 13 +++++++++++++ 3 files changed, 24 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 424c16e31..a62dd8bff 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -512,6 +512,10 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * * Open a handle to a key which was previously created with psa_create_key(). * + * Implementations may provide additional keys that can be opened with + * psa_open_key(). Such keys have a key identifier in the vendor range, + * as documented in the description of #psa_key_id_t. + * * \param id The persistent identifier of the key. * \param[out] handle On success, a handle to a key slot which contains * the data and metadata loaded from the specified diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index da6e6b9c5..44c7c66e0 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -102,6 +102,13 @@ typedef uint32_t psa_algorithm_t; typedef uint32_t psa_key_lifetime_t; /** Encoding of identifiers of persistent keys. + * + * - Applications may freely choose key identifiers in the range + * #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX. + * - Implementations may define additional key identifiers in the range + * #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX. + * - Key identifiers outside these ranges are reserved for future use + * in future versions of this specification. */ /* Implementation-specific quirk: The Mbed Crypto library can be built as * part of a multi-client service that exposes the PSA Crypto API in each diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index eddf63262..40172b32d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1440,6 +1440,19 @@ */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +/** The minimum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000000) +/** The minimum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) +/** The minimum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) +/** The minimum value for a key identifier chosen by the application. + */ +#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) + /**@}*/ /** \defgroup policy Key policies From f9666595e147cdb9efcc680cc39d9653f3a61f4c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 May 2019 18:56:30 +0200 Subject: [PATCH 1233/2197] Implement and test the new key identifier range Only allow creating keys in the application (user) range. Allow opening keys in the implementation (vendor) range as well. Compared with what the implementation allowed, which was undocumented: 0 is now allowed; values from 0x40000000 to 0xfffeffff are now forbidden. --- library/psa_crypto.c | 2 +- library/psa_crypto_slot_management.c | 29 +++++++----- library/psa_crypto_slot_management.h | 5 ++- library/psa_crypto_storage.h | 2 +- ...test_suite_psa_crypto_slot_management.data | 45 +++++++++++++------ 5 files changed, 54 insertions(+), 29 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9cf90ddaf..fa459a176 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1401,7 +1401,7 @@ static psa_status_t psa_start_key_creation( if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE ) { status = psa_validate_persistent_key_parameters( attributes->lifetime, - attributes->id ); + attributes->id, 1 ); if( status != PSA_SUCCESS ) return( status ); slot->persistent_storage_id = attributes->id; diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 30cc05bd3..2ef70db59 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -176,20 +176,23 @@ exit: * is provided. * * \param file_id The key identifier to check. + * \param vendor_ok Nonzero to allow key ids in the vendor range. + * 0 to allow only key ids in the application range. * * \return 1 if \p file_id is acceptable, otherwise 0. */ -static int psa_is_key_id_valid( psa_key_file_id_t file_id ) +static int psa_is_key_id_valid( psa_key_file_id_t file_id, + int vendor_ok ) { psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id ); - /* Reject id=0 because by general library conventions, 0 is an invalid - * value wherever possible. */ - if( key_id == 0 ) - return( 0 ); /* Reject high values because the file names are reserved for the * library's internal use. */ if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) return( 0 ); + /* Applications may only create keys in the range + * 0..PSA_KEY_ID_USER_MAX. */ + if( ! vendor_ok && key_id > PSA_KEY_ID_USER_MAX ) + return( 0 ); return( 1 ); } @@ -231,13 +234,14 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, - psa_key_file_id_t id ) + psa_key_file_id_t id, + int creating ) { if( lifetime != PSA_KEY_LIFETIME_PERSISTENT ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ! psa_is_key_id_valid( id ) ) + if( ! psa_is_key_id_valid( id, ! creating ) ) return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_SUCCESS ); @@ -250,13 +254,15 @@ psa_status_t psa_validate_persistent_key_parameters( static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, psa_key_file_id_t id, psa_key_handle_t *handle, - psa_status_t wanted_load_status ) + int creating ) { psa_status_t status; + psa_status_t wanted_load_status = + ( creating ? PSA_ERROR_DOES_NOT_EXIST : PSA_SUCCESS ); *handle = 0; - status = psa_validate_persistent_key_parameters( lifetime, id ); + status = psa_validate_persistent_key_parameters( lifetime, id, creating ); if( status != PSA_SUCCESS ) return( status ); @@ -281,7 +287,7 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) { return( persistent_key_setup( PSA_KEY_LIFETIME_PERSISTENT, - id, handle, PSA_SUCCESS ) ); + id, handle, 0 ) ); } psa_status_t psa_create_key( psa_key_lifetime_t lifetime, @@ -290,8 +296,7 @@ psa_status_t psa_create_key( psa_key_lifetime_t lifetime, { psa_status_t status; - status = persistent_key_setup( lifetime, id, handle, - PSA_ERROR_DOES_NOT_EXIST ); + status = persistent_key_setup( lifetime, id, handle, 1 ); switch( status ) { case PSA_SUCCESS: return( PSA_ERROR_ALREADY_EXISTS ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 914e2d507..2e459d1a7 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -64,6 +64,8 @@ void psa_wipe_all_key_slots( void ); * * \param lifetime The lifetime to test. * \param id The key id to test. + * \param creating 0 if attempting to open an existing key. + * Nonzero if attempting to create a key. * * \retval PSA_SUCCESS * The given parameters are valid. @@ -74,7 +76,8 @@ void psa_wipe_all_key_slots( void ); */ psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, - psa_key_file_id_t id ); + psa_key_file_id_t id, + int creating ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 5434d0529..2af624a0c 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -59,7 +59,7 @@ extern "C" { * This limitation will probably become moot when we implement client * separation for key storage. */ -#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff +#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER PSA_KEY_ID_VENDOR_MAX /** * \brief Checks if persistent data is stored for the given key slot number diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index c5afdfa95..519e81ec7 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -7,14 +7,23 @@ transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789ab Transient slot, check after restart transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN -Persistent slot, check after closing -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +Persistent slot, check after closing, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE -Persistent slot, check after destroying -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +Persistent slot, check after destroying, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY -Persistent slot, check after restart -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +Persistent slot, check after restart, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN + +Persistent slot, check after closing, id=max +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE + +Persistent slot, check after destroying, id=max +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY + +Persistent slot, check after restart, id=max +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE @@ -25,14 +34,18 @@ create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_AFTER Attempt to overwrite: keep open create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN -Open failure: invalid identifier (0) -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -open_fail:0:PSA_ERROR_INVALID_ARGUMENT - Open failure: invalid identifier (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT +Open failure: invalid identifier (reserved range) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT + +Open failure: invalid identifier (implementation range) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_DOES_NOT_EXIST + Open failure: non-existent identifier depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:1:PSA_ERROR_DOES_NOT_EXIST @@ -40,14 +53,18 @@ open_fail:1:PSA_ERROR_DOES_NOT_EXIST Create failure: invalid lifetime create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT -Create failure: invalid key id (0) -depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT - Create failure: invalid key id (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT +Create failure: invalid key id (reserved range) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT + +Create failure: invalid key id (implementation range) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_ARGUMENT + Open not supported depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:1:PSA_ERROR_NOT_SUPPORTED From 4318dfc8ec5dfdd91c74570c854cb177e30db670 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 14:23:32 +0200 Subject: [PATCH 1234/2197] psa_export_key, psa_export_public_key: document the EXPORT flag --- include/psa/crypto.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 77ade6c89..ba2692cc4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -733,6 +733,8 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is * true), the format is the same as for psa_export_public_key(). * + * The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set. + * * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. @@ -743,6 +745,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_EXPORT flag. * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p data buffer is too small. You can determine a @@ -801,6 +804,9 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * big-endian byte string. The length of the byte string is the length of the * base prime `p` in bytes. * + * Exporting a public key object or the public part of a key pair is + * always permitted, regardless of the key's usage flags. + * * \param handle Handle to the key to export. * \param[out] data Buffer where the key data is to be written. * \param data_size Size of the \p data buffer in bytes. From 8e0206aa2611c36d0dc256d8c20faa34fc143f9a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 14:24:28 +0200 Subject: [PATCH 1235/2197] New usage flag PSA_KEY_USAGE_COPY Document the new flag and allow its use. --- include/psa/crypto.h | 11 +++++++++++ include/psa/crypto_values.h | 14 ++++++++++++++ library/psa_crypto.c | 1 + 3 files changed, 26 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ba2692cc4..51a2b0e52 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -850,6 +850,15 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * this function may be used to share a key with a different party, * subject to implementation-defined restrictions on key sharing. * + * The policy on the source key must have the usage flag + * #PSA_KEY_USAGE_COPY set. + * In addition, some lifetimes also require the source key to have the + * usage flag #PSA_KEY_USAGE_EXPORT, because otherwise the source key + * is locked inside a secure processing environment and cannot be + * extracted. For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or + * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY + * is sufficient to permit the copy. + * * The resulting key may only be used in a way that conforms to * both the policy of the original key and the policy specified in * the \p attributes parameter: @@ -902,6 +911,8 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \p attributes specifies a key type, domain parameters or key size * which does not match the attributes of the source key. * \retval #PSA_ERROR_NOT_PERMITTED + * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. + * \retval #PSA_ERROR_NOT_PERMITTED * The source key is not exportable and its lifetime does not * allow copying it to the target's lifetime. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index eddf63262..766e396d4 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1459,6 +1459,20 @@ */ #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) +/** Whether the key may be copied. + * + * This flag allows the use of psa_crypto_copy() to make a copy of the key + * with the same policy or a more restrictive policy. + * + * For some lifetimes, copying a key also requires the usage flag + * #PSA_KEY_USAGE_EXPORT, because otherwise the source key + * is locked inside a secure processing environment and cannot be + * extracted. For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or + * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY + * is sufficient to permit the copy. + */ +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) + /** Whether the key may be used to encrypt a message. * * This flag allows the key to be used for a symmetric encryption operation, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6a4f180c4..b0acc308d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1344,6 +1344,7 @@ static psa_status_t psa_set_key_policy_internal( const psa_key_policy_t *policy ) { if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN | From f9f4a4849c8adf9b1bce6612b2bf1f25027a6092 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 14:24:49 +0200 Subject: [PATCH 1236/2197] Update psa_copy_key tests to use PSA_KEY_USAGE_COPY Pass the new flag to the existing tests and add a few more test cases to explore more variations of flag sets. --- tests/suites/test_suite_psa_crypto.data | 60 +++++++++++-------- ...test_suite_psa_crypto_slot_management.data | 14 ++--- 2 files changed, 43 insertions(+), 31 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4a1a04fc4..bdf5be614 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -498,85 +498,97 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) Copy key: raw, 0 bytes -copy_success:0:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:0:0 +copy_success:PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:PSA_KEY_USAGE_COPY:0 Copy key: AES, copy attributes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR Copy key: AES, same usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR -Copy key: AES, fewer usage flags +Copy key: AES, fewer usage flags (-EXPORT) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, fewer usage flags (-COPY) +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR Copy key: AES, 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: AES, 2 more usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR -Copy key: AES, intersect usage flags +Copy key: AES, intersect usage flags #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +Copy key: AES, intersect usage flags #2 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) -Copy key: RSA key pair, intersect usage flags +Copy key: RSA key pair, intersect usage flags #0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) + +Copy key: RSA key pair, intersect usage flags #1 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect type in attributes -copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect size in attributes -copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 5dc2b6787..c5f62220a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -63,31 +63,31 @@ depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED Copy volatile to volatile -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy volatile to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy persistent to volatile depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy persistent to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 Copy volatile to occupied depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" +copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" Copy persistent to occupied depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" +copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" Copy persistent to same depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" +copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" Close/destroy invalid handle invalid_handle: From c160d9ec83d201f7988835185ac29cf896fd5899 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 14:32:03 +0200 Subject: [PATCH 1237/2197] psa_copy_key: enforce PSA_KEY_USAGE_COPY Implement the check and add a negative test. --- library/psa_crypto.c | 6 ++++-- tests/suites/test_suite_psa_crypto.data | 7 +++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b0acc308d..6465c3a92 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1596,7 +1596,8 @@ psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, psa_key_slot_t *target_slot = NULL; psa_key_policy_t new_policy; psa_status_t status; - status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 ); + status = psa_get_key_from_slot( source_handle, &source_slot, + PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) return( status ); status = psa_get_empty_key_slot( target_handle, &target_slot ); @@ -1631,7 +1632,8 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, psa_key_slot_t *target_slot = NULL; psa_key_attributes_t actual_attributes = *specified_attributes; - status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 ); + status = psa_get_key_from_slot( source_handle, &source_slot, + PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) goto exit; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bdf5be614..e901d8491 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -564,6 +564,13 @@ Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +Copy fail: raw data, no COPY flag +copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_PERMITTED + +Copy key: AES, no COPY flag +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ERROR_NOT_PERMITTED + Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT From 248010caa002035506252b2a4df32b92f700c567 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 16:08:59 +0200 Subject: [PATCH 1238/2197] Fix calculation in PSA_AEAD_UPDATE_OUTPUT_SIZE --- include/psa/crypto_sizes.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 353792791..8002132a3 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -53,6 +53,9 @@ #define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) #define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) +#define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \ + (((length) + (block_size) - 1) / (block_size) * (block_size)) + /** The size of the output of psa_hash_finish(), in bytes. * * This is also the hash size that psa_hash_verify() expects. @@ -315,10 +318,10 @@ * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - ((plaintext_length) + PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE - 1) / PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \ - (plaintext_length)) + PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \ + (input_length)) /** A sufficient ciphertext buffer size for psa_aead_finish(). * From 36d477de44232bea11bfa29c6d3ef7346e139aee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 16:09:22 +0200 Subject: [PATCH 1239/2197] Fix copypasta in PSA_AEAD_DECRYPT_OUTPUT_SIZE --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 8002132a3..11858ba2d 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -292,7 +292,7 @@ */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_update(). From 003a4a97d31a23db9f71fab24ce09dcd29fd8845 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 16:09:40 +0200 Subject: [PATCH 1240/2197] Use PSA_AEAD_{ENCRYPT,DECRYPT}_OUTPUT_SIZE in tests --- tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++++++++--- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 12195ece7..da118bba3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3272,11 +3272,16 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, size_t output_length = 0; unsigned char *output_data2 = NULL; size_t output_length2 = 0; - size_t tag_length = 16; + size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_status_t expected_result = expected_result_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; output_size = input_data->len + tag_length; + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); ASSERT_ALLOC( output_data, output_size ); PSA_ASSERT( psa_crypto_init( ) ); @@ -3301,6 +3306,11 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, { ASSERT_ALLOC( output_data2, output_length ); + /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( input_data->len, + PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) ); + TEST_EQUAL( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, additional_data->x, @@ -3336,10 +3346,14 @@ void aead_encrypt( int key_type_arg, data_t *key_data, unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = 16; + size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; output_size = input_data->len + tag_length; + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); ASSERT_ALLOC( output_data, output_size ); PSA_ASSERT( psa_crypto_init( ) ); @@ -3383,11 +3397,16 @@ void aead_decrypt( int key_type_arg, data_t *key_data, unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = 16; + size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_result = expected_result_arg; - output_size = input_data->len + tag_length; + output_size = input_data->len - tag_length; + /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE + * should be exact. */ + if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) + TEST_EQUAL( output_size, + PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) ); ASSERT_ALLOC( output_data, output_size ); PSA_ASSERT( psa_crypto_init( ) ); From ac99e32b79a865a49d3eb38e2ac237be9d155983 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 16:10:53 +0200 Subject: [PATCH 1241/2197] Documentation improvements --- include/psa/crypto.h | 12 ++++++------ include/psa/crypto_sizes.h | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c0d79dd1e..ece9fd072 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2497,11 +2497,11 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * * This function does not require the input to be aligned to any * particular block boundary. If the implementation can only process - * a whole block at a time, it must store the last partial input block - * or adjust its internal state accordingly until the next call to - * psa_aead_update(), psa_aead_finish() or psa_aead_verify(), and produce - * the corresponding output when sufficient input is available or on the - * finish or verify call. + * a whole block at a time, it must consume all the input provided, but + * it may delay the end of the corresponding output until a subsequent + * call to psa_aead_update(), psa_aead_finish() or psa_aead_verify() + * provides sufficient input. The amount of data that can be delayed + * in this way is bounded by #PSA_AEAD_UPDATE_OUTPUT_SIZE. * * \param[in,out] operation Active AEAD operation. * \param[in] input Buffer containing the message fragment to @@ -2628,7 +2628,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * * \param[in,out] operation Active AEAD operation. * \param[out] plaintext Buffer where the last part of the plaintext - * is to be written. This is the remaining + * is to be written. This is the remaining data * from previous calls to psa_aead_update() * that could not be processed until the end * of the input. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 11858ba2d..002fe414b 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -298,7 +298,7 @@ /** A sufficient output buffer size for psa_aead_update(). * * If the size of the output buffer is at least this large, it is - * guaranteed that psa_aead_finish() will not fail due to an + * guaranteed that psa_aead_update() will not fail due to an * insufficient buffer size. The actual size of the output may be smaller * in any given call. * From d6a8f5f1b584444b55d16a0c9068b46d52dbb419 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 16:25:50 +0200 Subject: [PATCH 1242/2197] Improve description of PSA_KEY_USAGE_COPY Be more clear about when EXPORT is also required. --- include/psa/crypto.h | 13 +++++++------ include/psa/crypto_values.h | 12 +++++++----- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 51a2b0e52..e87892b63 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -852,12 +852,13 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * * The policy on the source key must have the usage flag * #PSA_KEY_USAGE_COPY set. - * In addition, some lifetimes also require the source key to have the - * usage flag #PSA_KEY_USAGE_EXPORT, because otherwise the source key - * is locked inside a secure processing environment and cannot be - * extracted. For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or - * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY - * is sufficient to permit the copy. + * This flag is sufficient to permit the copy if the key has the lifetime + * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT. + * Some secure elements do not provide a way to copy a key without + * making it extractable from the secure element. If a key is located + * in such a secure element, then the key must have both usage flags + * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make + * a copy of the key outside the secure element. * * The resulting key may only be used in a way that conforms to * both the policy of the original key and the policy specified in diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 766e396d4..fa0d14d4f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1461,13 +1461,15 @@ /** Whether the key may be copied. * - * This flag allows the use of psa_crypto_copy() to make a copy of the key + * This flag allows the use of psa_copy_key() to make a copy of the key * with the same policy or a more restrictive policy. * - * For some lifetimes, copying a key also requires the usage flag - * #PSA_KEY_USAGE_EXPORT, because otherwise the source key - * is locked inside a secure processing environment and cannot be - * extracted. For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or + * For lifetimes for which the key is located in a secure element which + * enforce the non-exportability of keys, copying a key outside the secure + * element also requires the usage flag #PSA_KEY_USAGE_EXPORT. + * Copying the key inside the secure element is permitted with just + * #PSA_KEY_USAGE_COPY if the secure element supports it. + * For keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE or * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * is sufficient to permit the copy. */ From f9fbc38e66fbd6ee0a375e3ff43df2370c3502f1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 18:42:09 +0200 Subject: [PATCH 1243/2197] Declare key id 0 as invalid In keeping with other integral types, declare 0 to be an invalid key identifier. Documented, implemented and tested. --- include/psa/crypto_types.h | 4 ++-- include/psa/crypto_values.h | 2 +- library/psa_crypto_slot_management.c | 15 +++++++-------- .../test_suite_psa_crypto_slot_management.data | 8 ++++++++ 4 files changed, 18 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 44c7c66e0..ced42de1a 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -107,8 +107,8 @@ typedef uint32_t psa_key_lifetime_t; * #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX. * - Implementations may define additional key identifiers in the range * #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX. - * - Key identifiers outside these ranges are reserved for future use - * in future versions of this specification. + * - 0 is reserved as an invalid key identifier. + * - Key identifiers outside these ranges are reserved for future use. */ /* Implementation-specific quirk: The Mbed Crypto library can be built as * part of a multi-client service that exposes the PSA Crypto API in each diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 40172b32d..2ee8839c6 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1442,7 +1442,7 @@ /** The minimum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000000) +#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) /** The minimum value for a key identifier chosen by the application. */ #define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 2ef70db59..22cac619d 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -185,15 +185,14 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id, int vendor_ok ) { psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id ); - /* Reject high values because the file names are reserved for the - * library's internal use. */ - if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + if( PSA_KEY_ID_USER_MIN <= key_id && key_id <= PSA_KEY_ID_USER_MAX ) + return( 1 ); + else if( vendor_ok && + PSA_KEY_ID_VENDOR_MIN <= key_id && + key_id <= PSA_KEY_ID_VENDOR_MAX ) + return( 1 ); + else return( 0 ); - /* Applications may only create keys in the range - * 0..PSA_KEY_ID_USER_MAX. */ - if( ! vendor_ok && key_id > PSA_KEY_ID_USER_MAX ) - return( 0 ); - return( 1 ); } /** Declare a slot as persistent and load it from storage. diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 519e81ec7..ecfb37a0c 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -34,6 +34,10 @@ create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_AFTER Attempt to overwrite: keep open create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN +Open failure: invalid identifier (0) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +open_fail:0:PSA_ERROR_INVALID_ARGUMENT + Open failure: invalid identifier (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT @@ -53,6 +57,10 @@ open_fail:1:PSA_ERROR_DOES_NOT_EXIST Create failure: invalid lifetime create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT +Create failure: invalid key id (0) +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C +create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT + Create failure: invalid key id (random seed UID) depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT From 80b39ae753e3126da94298d1d27c182d0c766195 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 16:09:46 +0200 Subject: [PATCH 1244/2197] Remove obsolete use of key policy structure in API text --- include/psa/crypto_values.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index eddf63262..c0d35f400 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -663,10 +663,8 @@ * Then you may create and use a key as follows: * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: * ``` - * psa_key_policy_set_usage(&policy, - * PSA_KEY_USAGE_SIGN, //or PSA_KEY_USAGE_VERIFY - * PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); - * psa_set_key_policy(handle, &policy); + * psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); // or VERIFY + * psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); * ``` * - Import or generate key material. * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing From dc8219a10da08964ab4127219dce776c7da4850c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 16:11:15 +0200 Subject: [PATCH 1245/2197] Replace psa_make_key_persistent by id/lifetime setters Use individual setters for the id and lifetime fields of an attribute structure, like the other attributes. This commit updates the specification and adds an implementation of the new setters. --- include/psa/crypto.h | 46 ++++++++++++++++++++++++++++--------- include/psa/crypto_struct.h | 16 +++++++++++++ 2 files changed, 51 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 77ade6c89..0d0de2e0a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -132,7 +132,8 @@ psa_status_t psa_crypto_init(void); * psa_reset_key_attributes() on an attribute structure is optional if * the structure has only been modified by the following functions * since it was initialized or last reset with psa_reset_key_attributes(): - * - psa_make_key_persistent() + * - psa_set_key_id() + * - psa_set_key_lifetime() * - psa_set_key_type() * - psa_set_key_bits() * - psa_set_key_usage_flags() @@ -173,7 +174,9 @@ psa_status_t psa_crypto_init(void); * * A typical sequence to create a key is as follows: * -# Create and initialize an attribute structure. - * -# If the key is persistent, call psa_make_key_persistent(). + * -# If the key is persistent, call psa_set_key_id(). + * Also call psa_set_key_lifetime() to place the key in a non-default + * location. * -# Set the key policy with psa_set_key_usage_flags() and * psa_set_key_algorithm(). * -# Set the key type with psa_set_key_type(). If the key type requires @@ -203,30 +206,51 @@ psa_status_t psa_crypto_init(void); */ typedef struct psa_key_attributes_s psa_key_attributes_t; -/** Declare a key as persistent. +/** Declare a key as persistent and set its key identifier. + * + * If the attribute structure declares the key as volatile (which is + * the default content of an attribute structure), this function sets + * the lifetime attribute to #PSA_KEY_LIFETIME_PERSISTENT. * * This function does not access storage, it merely fills the attribute - * structure with given values. The persistent key will be written to + * structure with given value. The persistent key will be written to * storage when the attribute structure is passed to a key creation * function such as psa_import_key(), psa_generate_random_key(), * psa_generate_derived_key() or psa_copy_key(). * - * This function overwrites any identifier and lifetime values - * previously set in \p attributes. - * * This function may be declared as `static` (i.e. without external * linkage). This function may be provided as a function-like macro, * but in this case it must evaluate each of its arguments exactly once. * * \param[out] attributes The attribute structure to write to. * \param id The persistent identifier for the key. + */ +static void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id); + +/** Set the location of a persistent key. + * + * To make a key persistent, you must give it a persistent key identifier + * with psa_set_key_id(). + * + * This function does not access storage, it merely fills the attribute + * structure with given value. The persistent key will be written to + * storage when the attribute structure is passed to a key creation + * function such as psa_import_key(), psa_generate_random_key(), + * psa_generate_derived_key() or psa_copy_key(). + * + * This function may be declared as `static` (i.e. without external + * linkage). This function may be provided as a function-like macro, + * but in this case it must evaluate each of its arguments exactly once. + * + * \param[out] attributes The attribute structure to write to. * \param lifetime The lifetime for the key. * If this is #PSA_KEY_LIFETIME_VOLATILE, the - * key will be volatile, and \p id is ignored. + * key will be volatile, and the key identifier + * attribute is reset to 0. */ -static void psa_make_key_persistent(psa_key_attributes_t *attributes, - psa_key_id_t id, - psa_key_lifetime_t lifetime); +static void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime); /** Retrieve the key identifier from key attributes. * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f6bec2cf5..91adc85f6 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -287,12 +287,28 @@ static inline void psa_make_key_persistent(psa_key_attributes_t *attributes, attributes->lifetime = lifetime; } +static inline void psa_set_key_id(psa_key_attributes_t *attributes, + psa_key_id_t id) +{ + attributes->id = id; + if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE ) + attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT; +} + static inline psa_key_id_t psa_get_key_id( const psa_key_attributes_t *attributes) { return( attributes->id ); } +static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, + psa_key_lifetime_t lifetime) +{ + attributes->lifetime = lifetime; + if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + attributes->id = 0; +} + static inline psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes) { From c87af66325f55db15c72671e47f4800a67bb16ef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 16:12:22 +0200 Subject: [PATCH 1246/2197] Replace psa_make_key_persistent by id/lifetime setters in tests Remove all internal uses of psa_make_key_persistent. --- tests/suites/test_suite_psa_crypto.function | 7 ++-- ...t_suite_psa_crypto_persistent_key.function | 10 +++--- ..._suite_psa_crypto_slot_management.function | 33 ++++++++++++------- 3 files changed, 31 insertions(+), 19 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6002da088..4ae9deb09 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1096,7 +1096,7 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) size_t length; int ok = 0; - psa_make_key_persistent( &attributes, 0x6964, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, 0x6964 ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); @@ -1179,7 +1179,8 @@ void attributes_set_get( int id_arg, int lifetime_arg, TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); - psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); @@ -4883,7 +4884,7 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_ASSERT( psa_crypto_init() ); - psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, key_id ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index a2f4f779b..38893f7c6 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -96,7 +96,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) PSA_ASSERT( psa_crypto_init() ); - psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); TEST_EQUAL( psa_import_key( &attributes, &handle, @@ -123,7 +123,7 @@ void persistent_key_destroy( int key_id_arg, int restart, PSA_ASSERT( psa_crypto_init() ); - psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, first_type ); PSA_ASSERT( psa_import_key( &attributes, &handle, @@ -153,7 +153,7 @@ void persistent_key_destroy( int key_id_arg, int restart, PSA_ASSERT( psa_crypto_init() ); /* Create another key in the same slot */ - psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, second_type ); PSA_ASSERT( psa_import_key( &attributes, &handle, second_data->x, second_data->len ) ); @@ -175,7 +175,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, PSA_ASSERT( psa_crypto_init() ); - psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, type ); TEST_EQUAL( psa_import_key( &attributes, &handle, data->x, data->len ), expected_status ); @@ -228,7 +228,7 @@ void import_export_persistent_key( data_t *data, int type_arg, PSA_ASSERT( psa_crypto_init( ) ); - psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); + psa_set_key_id( &attributes, key_id ); psa_set_key_type( &attributes, type ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 03b7197a6..f03776895 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -127,7 +127,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Get a handle and import a key. */ - psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_type( &attributes, type ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); @@ -205,7 +206,8 @@ void create_existent( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ - psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_type( &attributes, type1 ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, 0 ); @@ -283,7 +285,8 @@ void create_fail( int lifetime_arg, int id_arg, PSA_ASSERT( psa_crypto_init( ) ); - psa_make_key_persistent( &attributes, id, lifetime ); + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); TEST_EQUAL( psa_import_key( &attributes, &handle, material, sizeof( material ) ), @@ -330,8 +333,10 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, /* Populate the source slot. */ if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE ) - psa_make_key_persistent( &source_attributes, - source_id, source_lifetime ); + { + psa_set_key_id( &source_attributes, source_id ); + psa_set_key_lifetime( &source_attributes, source_lifetime ); + } psa_set_key_type( &source_attributes, source_type ); psa_set_key_usage_flags( &source_attributes, source_usage ); psa_set_key_algorithm( &source_attributes, source_alg ); @@ -342,8 +347,10 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, /* Prepare the target slot. */ if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) - psa_make_key_persistent( &target_attributes, - target_id, target_lifetime ); + { + psa_set_key_id( &target_attributes, target_id ); + psa_set_key_lifetime( &target_attributes, target_lifetime ); + } psa_set_key_usage_flags( &target_attributes, target_usage ); psa_set_key_algorithm( &target_attributes, target_alg ); @@ -434,8 +441,10 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, /* Populate the source slot. */ if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE ) - psa_make_key_persistent( &attributes, - source_id, source_lifetime ); + { + psa_set_key_id( &attributes, source_id ); + psa_set_key_lifetime( &attributes, source_lifetime ); + } psa_set_key_type( &attributes, source_type ); psa_set_key_usage_flags( &attributes, source_usage ); psa_set_key_algorithm( &attributes, source_alg ); @@ -449,7 +458,8 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, } else { - psa_make_key_persistent( &attributes1, target_id, target_lifetime ); + psa_set_key_id( &attributes1, target_id ); + psa_set_key_lifetime( &attributes1, target_lifetime ); psa_set_key_type( &attributes1, target_type ); psa_set_key_usage_flags( &attributes1, target_usage ); psa_set_key_algorithm( &attributes1, target_alg ); @@ -459,7 +469,8 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) ); /* Make a copy attempt. */ - psa_make_key_persistent( &attributes, target_id, target_lifetime ); + psa_set_key_id( &attributes, target_id ); + psa_set_key_lifetime( &attributes, target_lifetime ); TEST_EQUAL( psa_copy_key( source_handle, &attributes, &new_handle ), PSA_ERROR_ALREADY_EXISTS ); From 9de5eb0a2f56654be2c88565bad7ca62a4d6e606 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 16:14:48 +0200 Subject: [PATCH 1247/2197] Remove psa_make_key_persistent --- include/psa/crypto_struct.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 91adc85f6..df765711c 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -279,14 +279,6 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) return( v ); } -static inline void psa_make_key_persistent(psa_key_attributes_t *attributes, - psa_key_id_t id, - psa_key_lifetime_t lifetime) -{ - attributes->id = id; - attributes->lifetime = lifetime; -} - static inline void psa_set_key_id(psa_key_attributes_t *attributes, psa_key_id_t id) { From dd835cbea6d8788dcc2f662bf65c30f85f73bcb0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 16:14:57 +0200 Subject: [PATCH 1248/2197] Add a few tests for persistent attributes psa_set_key_lifetime and psa_set_key_id aren't pure setters: they also set the other attribute in some conditions. Add dedicated tests for this behavior. --- tests/suites/test_suite_psa_crypto.data | 15 ++++++++++++++ tests/suites/test_suite_psa_crypto.function | 23 +++++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4a1a04fc4..1d3e3cfe2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -4,6 +4,21 @@ static_checks: PSA key attributes structure attributes_set_get:0x6963:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:128 +PSA key attributes: id only +persistence_attributes:0x1234:-1:-1:0x1234:PSA_KEY_LIFETIME_PERSISTENT + +PSA key attributes: lifetime=3 only +persistence_attributes:-1:3:-1:0:3 + +PSA key attributes: id then back to volatile +persistence_attributes:0x1234:PSA_KEY_LIFETIME_VOLATILE:-1:0:PSA_KEY_LIFETIME_VOLATILE + +PSA key attributes: id then lifetime +persistence_attributes:0x1234:3:-1:0x1234:3 + +PSA key attributes: lifetime then id +persistence_attributes:0x1234:3:0x1235:0x1235:3 + PSA import/export raw: 0 bytes import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4ae9deb09..cbe6616fd 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1204,6 +1204,29 @@ void attributes_set_get( int id_arg, int lifetime_arg, } /* END_CASE */ +/* BEGIN_CASE */ +void persistence_attributes( int id1_arg, int lifetime_arg, int id2_arg, + int expected_id_arg, int expected_lifetime_arg ) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_id_t id1 = id1_arg; + psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_id_t id2 = id2_arg; + psa_key_id_t expected_id = expected_id_arg; + psa_key_lifetime_t expected_lifetime = expected_lifetime_arg; + + if( id1_arg != -1 ) + psa_set_key_id( &attributes, id1 ); + if( lifetime_arg != -1 ) + psa_set_key_lifetime( &attributes, lifetime ); + if( id2_arg != -1 ) + psa_set_key_id( &attributes, id2 ); + + TEST_EQUAL( psa_get_key_id( &attributes ), expected_id ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import( data_t *data, int type_arg, int attr_bits_arg, From 98dd779eb5e1ad1c7a250a2f54cb7447157252a0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 19:43:49 +0200 Subject: [PATCH 1249/2197] Put handle parameter last: psa_generate_derived_key In psa_generate_derived_key, change the order of parameters to pass the pointer where the newly created handle will be stored last. This is consistent with most other library functions that put inputs before outputs. --- include/psa/crypto.h | 6 +++--- library/psa_crypto.c | 4 ++-- programs/psa/key_ladder_demo.c | 8 ++++---- tests/suites/test_suite_psa_crypto.function | 16 ++++++++-------- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 77ade6c89..6ff001318 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3068,9 +3068,9 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * The generator's capacity is decreased by the number of bytes read. * * \param[in] attributes The attributes for the new key. + * \param[in,out] generator The generator object to read from. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. - * \param[in,out] generator The generator object to read from. * * \retval #PSA_SUCCESS * Success. @@ -3099,8 +3099,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * results in this error code. */ psa_status_t psa_generate_derived_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, - psa_crypto_generator_t *generator); + psa_crypto_generator_t *generator, + psa_key_handle_t *handle); /** Abort a generator. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6a4f180c4..b0b7de10f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4409,8 +4409,8 @@ exit: } psa_status_t psa_generate_derived_key( const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, - psa_crypto_generator_t *generator ) + psa_crypto_generator_t *generator, + psa_key_handle_t *handle ) { psa_status_t status; psa_key_slot_t *slot = NULL; diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 523668e13..82e79a978 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -306,8 +306,8 @@ static psa_status_t derive_key_ladder( const char *ladder[], *key_handle = 0; /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generate_derived_key( &attributes, key_handle, - &generator ) ); + PSA_CHECK( psa_generate_derived_key( &attributes, &generator, + key_handle ) ); PSA_CHECK( psa_generator_abort( &generator ) ); } @@ -343,8 +343,8 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_generate_derived_key( &attributes, wrapping_key_handle, - &generator ) ); + PSA_CHECK( psa_generate_derived_key( &attributes, &generator, + wrapping_key_handle ) ); exit: psa_generator_abort( &generator ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6002da088..740cb11b3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4358,8 +4358,8 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_generate_derived_key( &attributes, &derived_handle, - &generator ) ); + PSA_ASSERT( psa_generate_derived_key( &attributes, &generator, + &derived_handle ) ); /* Test the key information */ PSA_ASSERT( psa_get_key_attributes( derived_handle, &got_attributes ) ); @@ -4429,16 +4429,16 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &derived_handle, - &generator ) ); + PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &generator, + &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, &length ) ); TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &derived_handle, - &generator ) ); + PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &generator, + &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, &length ) ); @@ -4921,8 +4921,8 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_ASSERT( psa_key_derivation_input_bytes( &generator, PSA_KDF_STEP_INFO, NULL, 0 ) ); - PSA_ASSERT( psa_generate_derived_key( &attributes, &handle, - &generator ) ); + PSA_ASSERT( psa_generate_derived_key( &attributes, &generator, + &handle ) ); PSA_ASSERT( psa_generator_abort( &generator ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); base_key = 0; From 806051f17e16b74773515aff1ca4ec4a81d6677f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 19:50:17 +0200 Subject: [PATCH 1250/2197] Update an obsolete use of psa_import_key in documentation psa_import_key now takes an attribute structure, not a type. --- include/psa/crypto.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6ff001318..bdea08b0a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3294,10 +3294,10 @@ psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, * public key type corresponding to the type of * private_key. That is, this function performs the * equivalent of - * #psa_import_key(`internal_public_key_handle`, - * #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(`private_key_type`), + * #psa_import_key(..., * `peer_key`, `peer_key_length`) where - * `private_key_type` is the type of `private_key`. + * with key attributes indicating the public key + * type corresponding to the type of `private_key`. * For example, for EC keys, this means that peer_key * is interpreted as a point on the curve that the * private key is on. The standard formats for public From 73676cbc50074635b1fabc8487909068e36a324e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 20:15:10 +0200 Subject: [PATCH 1251/2197] Put handle parameter last: psa_import_key In psa_import_key, change the order of parameters to pass the pointer where the newly created handle will be stored last. This is consistent with most other library functions that put inputs before outputs. --- include/psa/crypto.h | 4 +- library/psa_crypto.c | 4 +- programs/psa/key_ladder_demo.c | 4 +- tests/suites/test_suite_psa_crypto.function | 153 +++++++----------- .../test_suite_psa_crypto_init.function | 2 +- ...t_suite_psa_crypto_persistent_key.function | 14 +- ..._suite_psa_crypto_slot_management.function | 32 ++-- 7 files changed, 79 insertions(+), 134 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index bdea08b0a..12281478c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -631,9 +631,9 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * results in this error code. */ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, const uint8_t *data, - size_t data_length); + size_t data_length, + psa_key_handle_t *handle); /** * \brief Destroy a key. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b0b7de10f..4d74c3607 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1533,9 +1533,9 @@ static psa_status_t psa_check_key_slot_attributes( } psa_status_t psa_import_key( const psa_key_attributes_t *attributes, - psa_key_handle_t *handle, const uint8_t *data, - size_t data_length ) + size_t data_length, + psa_key_handle_t *handle ) { psa_status_t status; psa_key_slot_t *slot = NULL; diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 82e79a978..aded3bc38 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -252,8 +252,8 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, psa_set_key_usage_flags( &attributes, usage ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_CHECK( psa_import_key( &attributes, master_key_handle, - key_data, key_size ) ); + PSA_CHECK( psa_import_key( &attributes, key_data, key_size, + master_key_handle ) ); exit: if( key_file != NULL ) fclose( key_file ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 740cb11b3..f1fea3809 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -216,7 +216,7 @@ int exercise_mac_setup( psa_key_type_t key_type, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, key_bytes, key_length ) ); + PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &handle ) ); *status = psa_mac_sign_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -250,7 +250,7 @@ int exercise_cipher_setup( psa_key_type_t key_type, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, key_bytes, key_length ) ); + PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &handle ) ); *status = psa_cipher_encrypt_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -1220,7 +1220,7 @@ void import( data_t *data, int type_arg, psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, attr_bits ); - status = psa_import_key( &attributes, &handle, data->x, data->len ); + status = psa_import_key( &attributes, data->x, data->len, &handle ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; @@ -1266,7 +1266,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) /* Try importing the key */ psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, &handle, p, length ); + status = psa_import_key( &attributes, p, length, &handle ); TEST_EQUAL( status, expected_status ); if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -1311,7 +1311,7 @@ void import_export( data_t *data, psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); /* Test the key information */ PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); @@ -1346,8 +1346,7 @@ void import_export( data_t *data, else { psa_key_handle_t handle2; - PSA_ASSERT( psa_import_key( &attributes, &handle2, - exported, exported_length ) ); + PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, &handle2 ) ); PSA_ASSERT( psa_export_key( handle2, reexported, export_size, @@ -1407,7 +1406,7 @@ void import_export_public_key( data_t *data, psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); /* Export the public key */ ASSERT_ALLOC( exported, export_size ); @@ -1456,7 +1455,7 @@ void import_and_exercise_key( data_t *data, psa_set_key_type( &attributes, type ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, &handle, data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); /* Test the key information */ PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); @@ -1495,7 +1494,7 @@ void key_policy( int usage_arg, int alg_arg ) psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, key, sizeof( key ) ) ); + PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), key_type ); @@ -1563,8 +1562,7 @@ void mac_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); status = psa_mac_sign_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && @@ -1607,8 +1605,7 @@ void cipher_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && @@ -1659,8 +1656,7 @@ void aead_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); status = psa_aead_encrypt( handle, exercise_alg, nonce, nonce_length, @@ -1714,8 +1710,7 @@ void asymmetric_encryption_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -1782,8 +1777,7 @@ void asymmetric_signature_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); status = psa_asymmetric_sign( handle, exercise_alg, payload, payload_length, @@ -1827,8 +1821,7 @@ void derive_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); status = psa_key_derivation( &generator, handle, exercise_alg, @@ -1867,8 +1860,7 @@ void agreement_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); status = key_agreement_with_self( &generator, handle ); @@ -1905,8 +1897,7 @@ void raw_agreement_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); status = raw_key_agreement_with_self( exercise_alg, handle ); @@ -1944,8 +1935,7 @@ void copy_success( int source_usage_arg, int source_alg_arg, psa_set_key_usage_flags( &source_attributes, source_usage_arg ); psa_set_key_algorithm( &source_attributes, source_alg_arg ); psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, - material->x, material->len ) ); + PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); /* Prepare the target attributes. */ @@ -2011,8 +2001,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, psa_set_key_usage_flags( &source_attributes, source_usage_arg ); psa_set_key_algorithm( &source_attributes, source_alg_arg ); psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, - material->x, material->len ) ); + PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); /* Prepare the target attributes. */ psa_set_key_type( &target_attributes, target_type_arg ); @@ -2420,8 +2409,7 @@ void mac_bad_order( ) psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key, sizeof(key) ) ); + PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) ); /* Call update without calling setup beforehand. */ TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), @@ -2547,8 +2535,7 @@ void mac_sign( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); /* Calculate the MAC. */ PSA_ASSERT( psa_mac_sign_setup( &operation, @@ -2594,8 +2581,7 @@ void mac_verify( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_mac_verify_setup( &operation, handle, alg ) ); @@ -2712,8 +2698,7 @@ void cipher_bad_order( ) psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key, sizeof(key) ) ); + PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) ); /* Call encrypt setup twice in a row. */ @@ -2870,8 +2855,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); @@ -2940,8 +2924,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) ); @@ -3016,8 +2999,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); @@ -3090,8 +3072,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) ); @@ -3157,8 +3138,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, handle, alg ) ); @@ -3243,8 +3223,7 @@ void cipher_verify_output_multipart( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key->x, key->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, handle, alg ) ); @@ -3345,8 +3324,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_EQUAL( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, @@ -3408,8 +3386,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, @@ -3456,8 +3433,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_EQUAL( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, @@ -3514,8 +3490,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -3567,8 +3542,7 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); actual_status = psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, @@ -3608,8 +3582,7 @@ void sign_verify( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -3674,8 +3647,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3707,8 +3679,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); actual_status = psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3751,8 +3722,7 @@ void asymmetric_encrypt( int key_type_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); /* Determine the maximum output length */ PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -3818,8 +3788,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); /* Determine the maximum ciphertext length */ PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -3883,8 +3852,7 @@ void asymmetric_decrypt( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -3947,8 +3915,7 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); actual_status = psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -4034,8 +4001,7 @@ void derive_setup( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_EQUAL( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, @@ -4070,8 +4036,9 @@ void test_derive_invalid_generator_state( ) psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data, sizeof( key_data ) ) ); + PSA_ASSERT( psa_import_key( &attributes, + key_data, sizeof( key_data ), + &handle ) ); /* valid key derivation */ PSA_ASSERT( psa_key_derivation( &generator, handle, alg, @@ -4164,8 +4131,7 @@ void derive_output( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) @@ -4260,8 +4226,7 @@ void derive_full( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) @@ -4346,8 +4311,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, &base_handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &base_handle ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4407,8 +4371,7 @@ void derive_key_export( int alg_arg, psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &base_attributes, alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, &base_handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, &base_handle ) ); /* Derive some material and output it. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4477,8 +4440,7 @@ void key_agreement_setup( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, our_key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); /* The tests currently include inputs that should fail at either step. * Test cases that fail at the setup step should be changed to call @@ -4523,8 +4485,7 @@ void raw_key_agreement( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, our_key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); PSA_ASSERT( psa_key_agreement_raw_shared_secret( alg, our_key, @@ -4559,8 +4520,7 @@ void key_agreement_capacity( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, our_key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, @@ -4619,8 +4579,7 @@ void key_agreement_output( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, &our_key, - our_key_data->x, our_key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, @@ -4893,8 +4852,7 @@ void persistent_key_load_key_from_storage( data_t *data, { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, &handle, - data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); break; case GENERATE_KEY: @@ -4911,8 +4869,7 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &base_attributes, derive_alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, &base_key, - data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &base_attributes, data->x, data->len, &base_key ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) ); PSA_ASSERT( psa_key_derivation_input_key( &generator, diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 9551e1ae3..f10a4b232 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -193,7 +193,7 @@ void validate_module_init_key_based( int count ) mbedtls_psa_crypto_free( ); } psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - status = psa_import_key( &attributes, &handle, data, sizeof( data ) ); + status = psa_import_key( &attributes, data, sizeof( data ), &handle ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); TEST_EQUAL( handle, 0 ); } diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index a2f4f779b..154e0d4fd 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -99,8 +99,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key( &attributes, &handle, - data, data_length ), + TEST_EQUAL( psa_import_key( &attributes, data, data_length, &handle ), expected_status ); exit: @@ -126,8 +125,7 @@ void persistent_key_destroy( int key_id_arg, int restart, psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); psa_set_key_type( &attributes, first_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - first_data->x, first_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len, &handle ) ); if( restart ) { @@ -155,8 +153,7 @@ void persistent_key_destroy( int key_id_arg, int restart, /* Create another key in the same slot */ psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); psa_set_key_type( &attributes, second_type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - second_data->x, second_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, &handle ) ); exit: mbedtls_psa_crypto_free(); @@ -177,7 +174,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); psa_set_key_type( &attributes, type ); - TEST_EQUAL( psa_import_key( &attributes, &handle, data->x, data->len ), + TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &handle ), expected_status ); if( expected_status != PSA_SUCCESS ) @@ -233,8 +230,7 @@ void import_export_persistent_key( data_t *data, int type_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, &handle, - data->x, data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); if( restart ) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 03b7197a6..a82b8065a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -75,8 +75,7 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg, psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_ASSERT( handle != 0 ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -131,8 +130,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_set_key_type( &attributes, type ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, &handle, - key_data->x, key_data->len ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_ASSERT( handle != 0 ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -209,16 +207,14 @@ void create_existent( int lifetime_arg, int id_arg, psa_set_key_type( &attributes, type1 ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, &handle1, - material1, sizeof( material1 ) ) ); + PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), &handle1 ) ); TEST_ASSERT( handle1 != 0 ); if( reopen_policy == CLOSE_BEFORE ) PSA_ASSERT( psa_close_key( handle1 ) ); /* Attempt to create a new key in the same slot. */ - TEST_EQUAL( psa_import_key( &attributes, &handle2, - material2, sizeof( material2 ) ), + TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), &handle2 ), PSA_ERROR_ALREADY_EXISTS ); TEST_EQUAL( handle2, 0 ); @@ -285,8 +281,7 @@ void create_fail( int lifetime_arg, int id_arg, psa_make_key_persistent( &attributes, id, lifetime ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key( &attributes, &handle, - material, sizeof( material ) ), + TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), &handle ), expected_status ); TEST_EQUAL( handle, 0 ); @@ -335,8 +330,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &source_attributes, source_type ); psa_set_key_usage_flags( &source_attributes, source_usage ); psa_set_key_algorithm( &source_attributes, source_alg ); - PSA_ASSERT( psa_import_key( &source_attributes, &source_handle, - material->x, material->len ) ); + PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); /* Update the attributes with the bit size. */ PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); @@ -439,8 +433,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &attributes, source_type ); psa_set_key_usage_flags( &attributes, source_usage ); psa_set_key_algorithm( &attributes, source_alg ); - PSA_ASSERT( psa_import_key( &attributes, &source_handle, - source_material->x, source_material->len ) ); + PSA_ASSERT( psa_import_key( &attributes, source_material->x, source_material->len, &source_handle ) ); /* Populate the target slot. */ if( target_id == source_id ) @@ -453,8 +446,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &attributes1, target_type ); psa_set_key_usage_flags( &attributes1, target_usage ); psa_set_key_algorithm( &attributes1, target_alg ); - PSA_ASSERT( psa_import_key( &attributes1, &target_handle, - target_material->x, target_material->len ) ); + PSA_ASSERT( psa_import_key( &attributes1, target_material->x, target_material->len, &target_handle ) ); } PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) ); @@ -513,8 +505,7 @@ void invalid_handle( ) psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_usage_flags( &attributes, 0 ); psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, &handle1, - material, sizeof( material ) ) ); + PSA_ASSERT( psa_import_key( &attributes, material, sizeof( material ), &handle1 ) ); TEST_ASSERT( handle1 != 0 ); /* Attempt to close and destroy some invalid handles. */ @@ -556,8 +547,9 @@ void many_transient_handles( int max_handles_arg ) for( i = 0; i < max_handles; i++ ) { - status = psa_import_key( &attributes, &handles[i], - (uint8_t *) &i, sizeof( i ) ); + status = psa_import_key( &attributes, + (uint8_t *) &i, sizeof( i ), + &handles[i] ); if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) break; PSA_ASSERT( status ); From 049c7535af74e7491ed370c8eeef5b8a417e08e3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 May 2019 20:22:09 +0200 Subject: [PATCH 1252/2197] Split long lines after psa_import_key refactoring --- tests/suites/test_suite_psa_crypto.function | 115 ++++++++++++------ ...t_suite_psa_crypto_persistent_key.function | 6 +- ..._suite_psa_crypto_slot_management.function | 31 +++-- 3 files changed, 105 insertions(+), 47 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f1fea3809..52b92ca6d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -216,7 +216,8 @@ int exercise_mac_setup( psa_key_type_t key_type, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, + &handle ) ); *status = psa_mac_sign_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -250,7 +251,8 @@ int exercise_cipher_setup( psa_key_type_t key_type, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, + &handle ) ); *status = psa_cipher_encrypt_setup( operation, handle, alg ); /* Whether setup succeeded or failed, abort must succeed. */ @@ -1346,7 +1348,8 @@ void import_export( data_t *data, else { psa_key_handle_t handle2; - PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, &handle2 ) ); + PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, + &handle2 ) ); PSA_ASSERT( psa_export_key( handle2, reexported, export_size, @@ -1562,7 +1565,8 @@ void mac_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); status = psa_mac_sign_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && @@ -1605,7 +1609,8 @@ void cipher_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && @@ -1656,7 +1661,8 @@ void aead_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); status = psa_aead_encrypt( handle, exercise_alg, nonce, nonce_length, @@ -1710,7 +1716,8 @@ void asymmetric_encryption_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -1777,7 +1784,8 @@ void asymmetric_signature_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); status = psa_asymmetric_sign( handle, exercise_alg, payload, payload_length, @@ -1821,7 +1829,8 @@ void derive_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); status = psa_key_derivation( &generator, handle, exercise_alg, @@ -1860,7 +1869,8 @@ void agreement_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); status = key_agreement_with_self( &generator, handle ); @@ -1897,7 +1907,8 @@ void raw_agreement_key_policy( int policy_usage, psa_set_key_algorithm( &attributes, policy_alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); status = raw_key_agreement_with_self( exercise_alg, handle ); @@ -1935,7 +1946,9 @@ void copy_success( int source_usage_arg, int source_alg_arg, psa_set_key_usage_flags( &source_attributes, source_usage_arg ); psa_set_key_algorithm( &source_attributes, source_alg_arg ); psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); + PSA_ASSERT( psa_import_key( &source_attributes, + material->x, material->len, + &source_handle ) ); PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); /* Prepare the target attributes. */ @@ -2001,7 +2014,9 @@ void copy_fail( int source_usage_arg, int source_alg_arg, psa_set_key_usage_flags( &source_attributes, source_usage_arg ); psa_set_key_algorithm( &source_attributes, source_alg_arg ); psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); + PSA_ASSERT( psa_import_key( &source_attributes, + material->x, material->len, + &source_handle ) ); /* Prepare the target attributes. */ psa_set_key_type( &target_attributes, target_type_arg ); @@ -3324,7 +3339,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); TEST_EQUAL( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, @@ -3386,7 +3402,8 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_aead_encrypt( handle, alg, nonce->x, nonce->len, @@ -3433,7 +3450,8 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); TEST_EQUAL( psa_aead_decrypt( handle, alg, nonce->x, nonce->len, @@ -3490,7 +3508,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -3542,7 +3561,8 @@ void sign_fail( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); actual_status = psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, @@ -3582,7 +3602,8 @@ void sign_verify( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); key_bits = psa_get_key_bits( &attributes ); @@ -3647,7 +3668,8 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3679,7 +3701,8 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); actual_status = psa_asymmetric_verify( handle, alg, hash_data->x, hash_data->len, @@ -3722,7 +3745,8 @@ void asymmetric_encrypt( int key_type_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); /* Determine the maximum output length */ PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -3788,7 +3812,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); /* Determine the maximum ciphertext length */ PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); @@ -3852,7 +3877,8 @@ void asymmetric_decrypt( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); PSA_ASSERT( psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -3915,7 +3941,8 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); actual_status = psa_asymmetric_decrypt( handle, alg, input_data->x, input_data->len, @@ -4001,7 +4028,8 @@ void derive_setup( int key_type_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); TEST_EQUAL( psa_key_derivation( &generator, handle, alg, salt->x, salt->len, @@ -4131,7 +4159,8 @@ void derive_output( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) @@ -4226,7 +4255,8 @@ void derive_full( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) @@ -4311,7 +4341,8 @@ void derive_key_exercise( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &base_handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &base_handle ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4371,7 +4402,8 @@ void derive_key_export( int alg_arg, psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &base_attributes, alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, &base_handle ) ); + PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, + &base_handle ) ); /* Derive some material and output it. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4440,7 +4472,9 @@ void key_agreement_setup( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); + PSA_ASSERT( psa_import_key( &attributes, + our_key_data->x, our_key_data->len, + &our_key ) ); /* The tests currently include inputs that should fail at either step. * Test cases that fail at the setup step should be changed to call @@ -4485,7 +4519,9 @@ void raw_key_agreement( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); + PSA_ASSERT( psa_import_key( &attributes, + our_key_data->x, our_key_data->len, + &our_key ) ); PSA_ASSERT( psa_key_agreement_raw_shared_secret( alg, our_key, @@ -4520,7 +4556,9 @@ void key_agreement_capacity( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); + PSA_ASSERT( psa_import_key( &attributes, + our_key_data->x, our_key_data->len, + &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, @@ -4579,7 +4617,9 @@ void key_agreement_output( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, our_key_data->x, our_key_data->len, &our_key ) ); + PSA_ASSERT( psa_import_key( &attributes, + our_key_data->x, our_key_data->len, + &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, @@ -4852,7 +4892,8 @@ void persistent_key_load_key_from_storage( data_t *data, { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, + &handle ) ); break; case GENERATE_KEY: @@ -4869,7 +4910,9 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &base_attributes, derive_alg ); psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, data->x, data->len, &base_key ) ); + PSA_ASSERT( psa_import_key( &base_attributes, + data->x, data->len, + &base_key ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) ); PSA_ASSERT( psa_key_derivation_input_key( &generator, diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 154e0d4fd..d7f3f1c5d 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -125,7 +125,8 @@ void persistent_key_destroy( int key_id_arg, int restart, psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); psa_set_key_type( &attributes, first_type ); - PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len, + &handle ) ); if( restart ) { @@ -153,7 +154,8 @@ void persistent_key_destroy( int key_id_arg, int restart, /* Create another key in the same slot */ psa_make_key_persistent( &attributes, key_id, PSA_KEY_LIFETIME_PERSISTENT ); psa_set_key_type( &attributes, second_type ); - PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, + &handle ) ); exit: mbedtls_psa_crypto_free(); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index a82b8065a..04aad6816 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -75,7 +75,8 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg, psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); TEST_ASSERT( handle != 0 ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); @@ -130,7 +131,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_set_key_type( &attributes, type ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); TEST_ASSERT( handle != 0 ); PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); TEST_EQUAL( read_type, type ); @@ -207,14 +209,16 @@ void create_existent( int lifetime_arg, int id_arg, psa_set_key_type( &attributes, type1 ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), &handle1 ) ); + PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), + &handle1 ) ); TEST_ASSERT( handle1 != 0 ); if( reopen_policy == CLOSE_BEFORE ) PSA_ASSERT( psa_close_key( handle1 ) ); /* Attempt to create a new key in the same slot. */ - TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), &handle2 ), + TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), + &handle2 ), PSA_ERROR_ALREADY_EXISTS ); TEST_EQUAL( handle2, 0 ); @@ -281,7 +285,8 @@ void create_fail( int lifetime_arg, int id_arg, psa_make_key_persistent( &attributes, id, lifetime ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), &handle ), + TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), + &handle ), expected_status ); TEST_EQUAL( handle, 0 ); @@ -330,7 +335,9 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &source_attributes, source_type ); psa_set_key_usage_flags( &source_attributes, source_usage ); psa_set_key_algorithm( &source_attributes, source_alg ); - PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); + PSA_ASSERT( psa_import_key( &source_attributes, + material->x, material->len, + &source_handle ) ); /* Update the attributes with the bit size. */ PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) ); @@ -433,7 +440,9 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &attributes, source_type ); psa_set_key_usage_flags( &attributes, source_usage ); psa_set_key_algorithm( &attributes, source_alg ); - PSA_ASSERT( psa_import_key( &attributes, source_material->x, source_material->len, &source_handle ) ); + PSA_ASSERT( psa_import_key( &attributes, + source_material->x, source_material->len, + &source_handle ) ); /* Populate the target slot. */ if( target_id == source_id ) @@ -446,7 +455,9 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &attributes1, target_type ); psa_set_key_usage_flags( &attributes1, target_usage ); psa_set_key_algorithm( &attributes1, target_alg ); - PSA_ASSERT( psa_import_key( &attributes1, target_material->x, target_material->len, &target_handle ) ); + PSA_ASSERT( psa_import_key( &attributes1, + target_material->x, target_material->len, + &target_handle ) ); } PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) ); @@ -505,7 +516,9 @@ void invalid_handle( ) psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_usage_flags( &attributes, 0 ); psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, material, sizeof( material ), &handle1 ) ); + PSA_ASSERT( psa_import_key( &attributes, + material, sizeof( material ), + &handle1 ) ); TEST_ASSERT( handle1 != 0 ); /* Attempt to close and destroy some invalid handles. */ From 6c9514427b7c2ba55c09dd02d280deb5b27ecd65 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 12:51:03 +0200 Subject: [PATCH 1253/2197] New macro to get the bit size of an elliptic curve --- include/psa/crypto_sizes.h | 41 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.function | 4 +- 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 5f6282c40..39dbccb89 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -187,6 +187,47 @@ #define PSA_VENDOR_ECC_MAX_CURVE_BITS 0 #endif +/** Bit size associated with an elliptic curve. + * + * \param curve An elliptic curve (value of type #psa_ecc_curve_t). + * + * \return The size associated with \p curve, in bits. + * This may be 0 if the implementation does not support + * the specified curve. + */ +#define PSA_ECC_CURVE_BITS(curve) \ + ((curve) == PSA_ECC_CURVE_SECT163K1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R2 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT193R1 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT193R2 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT233K1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT233R1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT239K1 ? 239 : \ + (curve) == PSA_ECC_CURVE_SECT283K1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT283R1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT409K1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT409R1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT571K1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECT571R1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECP160K1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R2 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP192K1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP192R1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP224K1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP224R1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP256K1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_SECP521R1 ? 521 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ + (curve) == PSA_ECC_CURVE_CURVE25519 ? 255 : \ + (curve) == PSA_ECC_CURVE_CURVE448 ? 448 : \ + 0) + /** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN * * This macro returns the maximum length of the PSK supported diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 1bc8d64d8..0b7e7ae24 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -451,9 +451,7 @@ void ecc_key_types( int curve_arg, int curve_bits_arg ) TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve ); TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve ); - /* Validate that the bit size is less than the maximum ECC bit size - * in this implementation. There's no parameter that should be equal - * to curve_bits and can be validated without creating a key. */ + TEST_EQUAL( curve_bits, PSA_ECC_CURVE_BITS( curve ) ); TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); } /* END_CASE */ From c9d910bed69fbfa5b68fa34019ef913a3b0c36a5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:21:57 +0200 Subject: [PATCH 1254/2197] EC key pair import: check the buffer size When importing a private elliptic curve key, require the input to have exactly the right size. RFC 5915 requires the right size (you aren't allow to omit leading zeros). A different buffer size likely means that something is wrong, e.g. a mismatch between the declared key type and the actual data. --- library/psa_crypto.c | 3 +++ tests/suites/test_suite_psa_crypto.data | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6a4f180c4..38977cf06 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -621,6 +621,9 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, mbedtls_ecp_keypair *ecp = NULL; mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + if( PSA_BITS_TO_BYTES( PSA_ECC_CURVE_BITS( curve ) ) != data_length ) + return( PSA_ERROR_INVALID_ARGUMENT ); + *p_ecp = NULL; ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); if( ecp == NULL ) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4a1a04fc4..5c3e33953 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -243,6 +243,10 @@ PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair: too short +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT + PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT From e2f62ba9ec89685abe53ca6733df6f4eb246bcbd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 00:31:48 +0200 Subject: [PATCH 1255/2197] Fix unused variable in builds without storage --- library/psa_crypto_slot_management.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 22cac619d..4f0245c62 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -246,6 +246,7 @@ psa_status_t psa_validate_persistent_key_parameters( #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ (void) id; + (void) creating; return( PSA_ERROR_NOT_SUPPORTED ); #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } From 280948a32be8e2a145851bc6f368cb47e9e78e92 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 15:27:14 +0200 Subject: [PATCH 1256/2197] Fix copypasta in the documentation of PSA_KEY_ID_xxx_{MIN,MAX} --- include/psa/crypto_values.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 2ee8839c6..89d85e09e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1443,13 +1443,13 @@ /** The minimum value for a key identifier chosen by the application. */ #define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) -/** The minimum value for a key identifier chosen by the application. +/** The maximum value for a key identifier chosen by the application. */ #define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) -/** The minimum value for a key identifier chosen by the application. +/** The minimum value for a key identifier chosen by the implementation. */ #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) -/** The minimum value for a key identifier chosen by the application. +/** The maximum value for a key identifier chosen by the implementation. */ #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) From f1b7694768048f653179ece50234c08204927bf6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 16:10:59 +0200 Subject: [PATCH 1257/2197] Minor documentation improvements --- include/psa/crypto.h | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0d0de2e0a..e43a301a0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -208,14 +208,15 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; /** Declare a key as persistent and set its key identifier. * - * If the attribute structure declares the key as volatile (which is - * the default content of an attribute structure), this function sets + * If the attribute structure currently declares the key as volatile (which + * is the default content of an attribute structure), this function sets * the lifetime attribute to #PSA_KEY_LIFETIME_PERSISTENT. * - * This function does not access storage, it merely fills the attribute - * structure with given value. The persistent key will be written to - * storage when the attribute structure is passed to a key creation - * function such as psa_import_key(), psa_generate_random_key(), + * This function does not access storage, it merely stores the given + * value in the structure. + * The persistent key will be written to storage when the attribute + * structure is passed to a key creation function such as + * psa_import_key(), psa_generate_random_key(), * psa_generate_derived_key() or psa_copy_key(). * * This function may be declared as `static` (i.e. without external @@ -231,12 +232,16 @@ static void psa_set_key_id(psa_key_attributes_t *attributes, /** Set the location of a persistent key. * * To make a key persistent, you must give it a persistent key identifier - * with psa_set_key_id(). + * with psa_set_key_id(). By default, a key that has a persistent identifier + * is stored in the default storage area identifier by + * #PSA_KEY_LIFETIME_PERSISTENT. Call this function to choose a storage + * area, or to explicitly declare the key as volatile. * - * This function does not access storage, it merely fills the attribute - * structure with given value. The persistent key will be written to - * storage when the attribute structure is passed to a key creation - * function such as psa_import_key(), psa_generate_random_key(), + * This function does not access storage, it merely stores the given + * value in the structure. + * The persistent key will be written to storage when the attribute + * structure is passed to a key creation function such as + * psa_import_key(), psa_generate_random_key(), * psa_generate_derived_key() or psa_copy_key(). * * This function may be declared as `static` (i.e. without external From a99d3fbd058bf1247bc23bf051a22fb2f8792515 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 15:28:51 +0200 Subject: [PATCH 1258/2197] Rename generator functions to psa_key_derivation_xxx Generators are mostly about key derivation (currently: only about key derivation). "Generator" is not a commonly used term in cryptography. So favor "derivation" as terminology. Call a generator a key derivation operation structure, since it behaves like other multipart operation structures. Furthermore, the function names are not fully consistent. In this commit, I rename the functions to consistently have the prefix "psa_key_derivation_". I used the following command: perl -i -pe '%t = ( psa_crypto_generator_t => "psa_key_derivation_operation_t", psa_crypto_generator_init => "psa_key_derivation_init", psa_key_derivation_setup => "psa_key_derivation_setup", psa_key_derivation_input_key => "psa_key_derivation_input_key", psa_key_derivation_input_bytes => "psa_key_derivation_input_bytes", psa_key_agreement => "psa_key_derivation_key_agreement", psa_set_generator_capacity => "psa_key_derivation_set_capacity", psa_get_generator_capacity => "psa_key_derivation_get_capacity", psa_generator_read => "psa_key_derivation_output_bytes", psa_generate_derived_key => "psa_key_derivation_output_key", psa_generator_abort => "psa_key_derivation_abort", PSA_CRYPTO_GENERATOR_INIT => "PSA_KEY_DERIVATION_OPERATION_INIT", PSA_GENERATOR_UNBRIDLED_CAPACITY => "PSA_KEY_DERIVATION_UNLIMITED_CAPACITY", ); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files) --- docs/getting_started.md | 8 +- include/psa/crypto.h | 74 ++++----- include/psa/crypto_extra.h | 6 +- include/psa/crypto_struct.h | 6 +- library/psa_crypto.c | 64 ++++---- library/ssl_cli.c | 10 +- library/ssl_tls.c | 20 +-- programs/psa/key_ladder_demo.c | 14 +- tests/suites/test_suite_psa_crypto.function | 162 ++++++++++---------- 9 files changed, 182 insertions(+), 182 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index ec8cc08ce..9a702eaed 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -335,7 +335,7 @@ Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF w 1. Set up the generator using the `psa_key_derivation` function providing a key slot containing a key that can be used for key derivation and a salt and label (Note: salt and label are optional). 1. Initiate a key policy to for the derived key by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR`. 1. Set the key policy to the derived key slot. -1. Import a key from generator into the desired key slot using (`psa_generate_derived_key`). +1. Import a key from generator into the desired key slot using (`psa_key_derivation_output_key`). 1. Clean up generator. At this point the derived key slot holds a new 128-bit AES-CTR encryption key derived from the key, salt and label provided: @@ -358,7 +358,7 @@ At this point the derived key slot holds a new 128-bit AES-CTR encryption key de psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; size_t derived_bits = 128; size_t capacity = PSA_BITS_TO_BYTES(derived_bits); @@ -378,10 +378,10 @@ At this point the derived key slot holds a new 128-bit AES-CTR encryption key de psa_set_key_policy(derived_key, &policy); - psa_generate_derived_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator); + psa_key_derivation_output_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator); /* Clean up generator and key */ - psa_generator_abort(&generator); + psa_key_derivation_abort(&generator); /* as part of clean up you may want to clean up the keys used by calling: * psa_destroy_key( base_key ); or psa_destroy_key( derived_key ); */ mbedtls_psa_crypto_free(); diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8c42e932e..0bff6cee9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -183,10 +183,10 @@ psa_status_t psa_crypto_init(void); * domain parameters, call psa_set_key_domain_parameters() instead. * Skip this step if copying an existing key with psa_copy_key(). * -# When generating a random key with psa_generate_random_key() or deriving a key - * with psa_generate_derived_key(), set the desired key size with + * with psa_key_derivation_output_key(), set the desired key size with * psa_set_key_bits(). * -# Call a key creation function: psa_import_key(), psa_generate_random_key(), - * psa_generate_derived_key() or psa_copy_key(). This function reads + * psa_key_derivation_output_key() or psa_copy_key(). This function reads * the attribute structure, creates a key with these attributes, and * outputs a handle to the newly created key. * -# The attribute structure is now no longer necessary. If you called @@ -217,7 +217,7 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; * The persistent key will be written to storage when the attribute * structure is passed to a key creation function such as * psa_import_key(), psa_generate_random_key(), - * psa_generate_derived_key() or psa_copy_key(). + * psa_key_derivation_output_key() or psa_copy_key(). * * This function may be declared as `static` (i.e. without external * linkage). This function may be provided as a function-like macro, @@ -242,7 +242,7 @@ static void psa_set_key_id(psa_key_attributes_t *attributes, * The persistent key will be written to storage when the attribute * structure is passed to a key creation function such as * psa_import_key(), psa_generate_random_key(), - * psa_generate_derived_key() or psa_copy_key(). + * psa_key_derivation_output_key() or psa_copy_key(). * * This function may be declared as `static` (i.e. without external * linkage). This function may be provided as a function-like macro, @@ -2979,46 +2979,46 @@ psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, * initialize it by any of the following means: * - Set the structure to all-bits-zero, for example: * \code - * psa_crypto_generator_t generator; + * psa_key_derivation_operation_t generator; * memset(&generator, 0, sizeof(generator)); * \endcode * - Initialize the structure to logical zero values, for example: * \code - * psa_crypto_generator_t generator = {0}; + * psa_key_derivation_operation_t generator = {0}; * \endcode - * - Initialize the structure to the initializer #PSA_CRYPTO_GENERATOR_INIT, + * - Initialize the structure to the initializer #PSA_KEY_DERIVATION_OPERATION_INIT, * for example: * \code - * psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + * psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; * \endcode - * - Assign the result of the function psa_crypto_generator_init() + * - Assign the result of the function psa_key_derivation_operation_init() * to the structure, for example: * \code - * psa_crypto_generator_t generator; - * generator = psa_crypto_generator_init(); + * psa_key_derivation_operation_t generator; + * generator = psa_key_derivation_operation_init(); * \endcode * * This is an implementation-defined \c struct. Applications should not * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ -typedef struct psa_crypto_generator_s psa_crypto_generator_t; +typedef struct psa_crypto_generator_s psa_key_derivation_operation_t; -/** \def PSA_CRYPTO_GENERATOR_INIT +/** \def PSA_KEY_DERIVATION_OPERATION_INIT * * This macro returns a suitable initializer for a generator object - * of type #psa_crypto_generator_t. + * of type #psa_key_derivation_operation_t. */ #ifdef __DOXYGEN_ONLY__ /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_CRYPTO_GENERATOR_INIT {0} +#define PSA_KEY_DERIVATION_OPERATION_INIT {0} #endif /** Return an initial value for a generator object. */ -static psa_crypto_generator_t psa_crypto_generator_init(void); +static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); /** Retrieve the current capacity of a generator. * @@ -3032,7 +3032,7 @@ static psa_crypto_generator_t psa_crypto_generator_init(void); * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ -psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *generator, size_t *capacity); /** Set the maximum capacity of a generator. @@ -3048,7 +3048,7 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ -psa_status_t psa_set_generator_capacity(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *generator, size_t capacity); /** Read some data from a generator. @@ -3076,7 +3076,7 @@ psa_status_t psa_set_generator_capacity(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_generator_read(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *generator, uint8_t *output, size_t output_length); @@ -3088,7 +3088,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * * - For key types for which the key is an arbitrary sequence of bytes * of a given size, - * this function is functionally equivalent to calling #psa_generator_read + * this function is functionally equivalent to calling #psa_key_derivation_output_bytes * and passing the resulting output to #psa_import_key. * However, this function has a security benefit: * if the implementation provides an isolation boundary then @@ -3188,8 +3188,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_derived_key(const psa_key_attributes_t *attributes, - psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *generator, psa_key_handle_t *handle); /** Abort a generator. @@ -3199,9 +3199,9 @@ psa_status_t psa_generate_derived_key(const psa_key_attributes_t *attributes, * \c generator structure itself. * * This function may be called at any time as long as the generator - * object has been initialized to #PSA_CRYPTO_GENERATOR_INIT, to - * psa_crypto_generator_init() or a zero value. In particular, it is valid - * to call psa_generator_abort() twice, or to call psa_generator_abort() + * object has been initialized to #PSA_KEY_DERIVATION_OPERATION_INIT, to + * psa_key_derivation_operation_init() or a zero value. In particular, it is valid + * to call psa_key_derivation_abort() twice, or to call psa_key_derivation_abort() * on a generator that has not been set up. * * Once aborted, the generator object may be called. @@ -3214,7 +3214,7 @@ psa_status_t psa_generate_derived_key(const psa_key_attributes_t *attributes, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); +psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *generator); /** Use the maximum possible capacity for a generator. * @@ -3223,7 +3223,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * The value of the maximum possible capacity depends on the generator * algorithm. */ -#define PSA_GENERATOR_UNBRIDLED_CAPACITY ((size_t)(-1)) +#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) /**@}*/ @@ -3238,20 +3238,20 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * cryptographic material. * * To use a generator for key derivation: - * - Start with an initialized object of type #psa_crypto_generator_t. + * - Start with an initialized object of type #psa_key_derivation_operation_t. * - Call psa_key_derivation_setup() to select the algorithm. * - Provide the inputs for the key derivation by calling * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() * as appropriate. Which inputs are needed, in what order, and whether * they may be keys and if so of what type depends on the algorithm. * - Optionally set the generator's maximum capacity with - * psa_set_generator_capacity(). You may do this before, in the middle of + * psa_key_derivation_set_capacity(). You may do this before, in the middle of * or after providing inputs. For some algorithms, this step is mandatory * because the output depends on the maximum capacity. - * - Generate output with psa_generator_read() or - * psa_generate_derived_key(). Successive calls to these functions + * - Generate output with psa_key_derivation_output_bytes() or + * psa_key_derivation_output_key(). Successive calls to these functions * use successive output bytes from the generator. - * - Clean up the generator object with psa_generator_abort(). + * - Clean up the generator object with psa_key_derivation_abort(). * * \param[in,out] generator The generator object to set up. It must * have been initialized but not set up yet. @@ -3271,7 +3271,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator); * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_key_derivation_setup(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *generator, psa_algorithm_t alg); /** Provide an input for key derivation or key agreement. @@ -3309,7 +3309,7 @@ psa_status_t psa_key_derivation_setup(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_input_bytes(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length); @@ -3354,7 +3354,7 @@ psa_status_t psa_key_derivation_input_bytes(psa_crypto_generator_t *generator, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, psa_key_handle_t handle); @@ -3411,7 +3411,7 @@ psa_status_t psa_key_derivation_input_key(psa_crypto_generator_t *generator, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, @@ -3427,7 +3427,7 @@ psa_status_t psa_key_agreement(psa_crypto_generator_t *generator, * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should * not be used directly as key material. It should instead be passed as * input to a key derivation algorithm. To chain a key agreement with - * a key derivation, use psa_key_agreement() and other functions from + * a key derivation, use psa_key_derivation_key_agreement() and other functions from * the key derivation and generator interface. * * \param alg The key agreement algorithm to compute diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 216039c85..66e5dbc64 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -159,7 +159,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * * \param[in,out] generator The generator object to set up. It must have * been initialized as per the documentation for - * #psa_crypto_generator_t and not yet in use. + * #psa_key_derivation_operation_t and not yet in use. * \param handle Handle to the secret key. * \param alg The key derivation algorithm to compute * (\c PSA_ALG_XXX value such that @@ -190,7 +190,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation(psa_key_derivation_operation_t *generator, psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, @@ -433,7 +433,7 @@ psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, psa_status_t psa_generate_derived_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, size_t bits, - psa_crypto_generator_t *generator); + psa_key_derivation_operation_t *generator); psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index df765711c..74e362d8e 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -240,10 +240,10 @@ struct psa_crypto_generator_s } ctx; }; -#define PSA_CRYPTO_GENERATOR_INIT {0, 0, {{0, 0}}} -static inline struct psa_crypto_generator_s psa_crypto_generator_init( void ) +#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {{0, 0}}} +static inline struct psa_crypto_generator_s psa_key_derivation_operation_init( void ) { - const struct psa_crypto_generator_s v = PSA_CRYPTO_GENERATOR_INIT; + const struct psa_crypto_generator_s v = PSA_KEY_DERIVATION_OPERATION_INIT; return( v ); } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 90de4fa87..88e646ab1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4066,7 +4066,7 @@ exit: #define HKDF_STATE_OUTPUT 3 /* output started */ static psa_algorithm_t psa_generator_get_kdf_alg( - const psa_crypto_generator_t *generator ) + const psa_key_derivation_operation_t *generator ) { if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) return( PSA_ALG_KEY_AGREEMENT_GET_KDF( generator->alg ) ); @@ -4075,7 +4075,7 @@ static psa_algorithm_t psa_generator_get_kdf_alg( } -psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) +psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator ) { psa_status_t status = PSA_SUCCESS; psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); @@ -4129,7 +4129,7 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) return( status ); } -psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *generator, size_t *capacity) { if( generator->alg == 0 ) @@ -4142,7 +4142,7 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, return( PSA_SUCCESS ); } -psa_status_t psa_set_generator_capacity( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *generator, size_t capacity ) { if( generator->alg == 0 ) @@ -4181,7 +4181,7 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, if( output_length == 0 ) break; /* We can't be wanting more output after block 0xff, otherwise - * the capacity check in psa_generator_read() would have + * the capacity check in psa_key_derivation_output_bytes() would have * prevented this call. It could happen only if the generator * object was corrupted or if this function is called directly * inside the library. */ @@ -4236,7 +4236,7 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block( size_t Ai_len; /* We can't be wanting more output after block 0xff, otherwise - * the capacity check in psa_generator_read() would have + * the capacity check in psa_key_derivation_output_bytes() would have * prevented this call. It could happen only if the generator * object was corrupted or if this function is called directly * inside the library. */ @@ -4376,7 +4376,7 @@ static psa_status_t psa_generator_tls12_prf_read( } #endif /* MBEDTLS_MD_C */ -psa_status_t psa_generator_read( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *generator, uint8_t *output, size_t output_length ) { @@ -4454,7 +4454,7 @@ exit: * blank generators, so we can return PSA_ERROR_BAD_STATE on blank * generators. */ psa_algorithm_t alg = generator->alg; - psa_generator_abort( generator ); + psa_key_derivation_abort( generator ); generator->alg = alg; memset( output, '!', output_length ); } @@ -4476,7 +4476,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, size_t bits, - psa_crypto_generator_t *generator ) + psa_key_derivation_operation_t *generator ) { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); @@ -4490,7 +4490,7 @@ static psa_status_t psa_generate_derived_key_internal( if( data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_generator_read( generator, data, bytes ); + status = psa_key_derivation_output_bytes( generator, data, bytes ); if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) @@ -4504,8 +4504,8 @@ exit: return( status ); } -psa_status_t psa_generate_derived_key( const psa_key_attributes_t *attributes, - psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *generator, psa_key_handle_t *handle ) { psa_status_t status; @@ -4530,7 +4530,7 @@ psa_status_t psa_generate_derived_key( const psa_key_attributes_t *attributes, psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, - psa_crypto_generator_t *generator ) + psa_key_derivation_operation_t *generator ) { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); @@ -4544,7 +4544,7 @@ psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, if( data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_generator_read( generator, data, bytes ); + status = psa_key_derivation_output_bytes( generator, data, bytes ); if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) @@ -4568,7 +4568,7 @@ exit: /* Set up an HKDF-based generator. This is exactly the extract phase * of the HKDF algorithm. * - * Note that if this function fails, you must call psa_generator_abort() + * Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, @@ -4613,7 +4613,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, #if defined(MBEDTLS_MD_C) /* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). * - * Note that if this function fails, you must call psa_generator_abort() + * Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_generator_tls12_prf_setup( @@ -4661,7 +4661,7 @@ static psa_status_t psa_generator_tls12_prf_setup( } /* The first block gets generated when - * psa_generator_read() is called. */ + * psa_key_derivation_output_bytes() is called. */ tls12_prf->block_number = 0; tls12_prf->offset_in_block = hash_length; @@ -4710,11 +4710,11 @@ static psa_status_t psa_generator_tls12_psk_to_ms_setup( } #endif /* MBEDTLS_MD_C */ -/* Note that if this function fails, you must call psa_generator_abort() +/* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_key_derivation_internal( - psa_crypto_generator_t *generator, + psa_key_derivation_operation_t *generator, const uint8_t *secret, size_t secret_length, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, @@ -4801,7 +4801,7 @@ static psa_status_t psa_key_derivation_internal( if( capacity <= max_capacity ) generator->capacity = capacity; - else if( capacity == PSA_GENERATOR_UNBRIDLED_CAPACITY ) + else if( capacity == PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ) generator->capacity = max_capacity; else return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4809,7 +4809,7 @@ static psa_status_t psa_key_derivation_internal( return( PSA_SUCCESS ); } -psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, @@ -4845,12 +4845,12 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator, label, label_length, capacity ); if( status != PSA_SUCCESS ) - psa_generator_abort( generator ); + psa_key_derivation_abort( generator ); return( status ); } static psa_status_t psa_key_derivation_setup_kdf( - psa_crypto_generator_t *generator, + psa_key_derivation_operation_t *generator, psa_algorithm_t kdf_alg ) { /* Make sure that kdf_alg is a supported key derivation algorithm. */ @@ -4877,7 +4877,7 @@ static psa_status_t psa_key_derivation_setup_kdf( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t psa_key_derivation_setup( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *generator, psa_algorithm_t alg ) { psa_status_t status; @@ -4972,7 +4972,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, #endif /* MBEDTLS_MD_C */ static psa_status_t psa_key_derivation_input_raw( - psa_crypto_generator_t *generator, + psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) @@ -5018,11 +5018,11 @@ static psa_status_t psa_key_derivation_input_raw( } if( status != PSA_SUCCESS ) - psa_generator_abort( generator ); + psa_key_derivation_abort( generator ); return( status ); } -psa_status_t psa_key_derivation_input_bytes( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) @@ -5039,7 +5039,7 @@ psa_status_t psa_key_derivation_input_bytes( psa_crypto_generator_t *generator, } } -psa_status_t psa_key_derivation_input_key( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, psa_key_handle_t handle ) { @@ -5148,10 +5148,10 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, } } -/* Note that if this function fails, you must call psa_generator_abort() +/* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, +static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, psa_key_slot_t *private_key, const uint8_t *peer_key, @@ -5183,7 +5183,7 @@ exit: return( status ); } -psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, +psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *generator, psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, @@ -5201,7 +5201,7 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator, slot, peer_key, peer_key_length ); if( status != PSA_SUCCESS ) - psa_generator_abort( generator ); + psa_key_derivation_abort( generator ); return( status ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 81c69dd5f..41c2bd23a 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3116,7 +3116,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) unsigned char *own_pubkey_ecpoint; size_t own_pubkey_ecpoint_len; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; header_len = 4; @@ -3178,7 +3178,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) content_len = own_pubkey_ecpoint_len + 1; /* Compute ECDH shared secret. */ - status = psa_key_agreement( &generator, + status = psa_key_derivation_key_agreement( &generator, handshake->ecdh_psa_privkey, handshake->ecdh_psa_peerkey, handshake->ecdh_psa_peerkey_len, @@ -3191,16 +3191,16 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->handshake->pmslen = MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( handshake->ecdh_psa_curve ); - status = psa_generator_read( &generator, + status = psa_key_derivation_output_bytes( &generator, ssl->handshake->premaster, ssl->handshake->pmslen ); if( status != PSA_SUCCESS ) { - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - status = psa_generator_abort( &generator ); + status = psa_key_derivation_abort( &generator ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 26814429e..42d823063 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -526,7 +526,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, psa_algorithm_t alg; psa_key_policy_t policy; psa_key_handle_t master_slot; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; if( ( status = psa_allocate_key( &master_slot ) ) != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); @@ -556,20 +556,20 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, dlen ); if( status != PSA_SUCCESS ) { - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( master_slot ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - status = psa_generator_read( &generator, dstbuf, dlen ); + status = psa_key_derivation_output_bytes( &generator, dstbuf, dlen ); if( status != PSA_SUCCESS ) { - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( master_slot ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - status = psa_generator_abort( &generator ); + status = psa_key_derivation_abort( &generator ); if( status != PSA_SUCCESS ) { psa_destroy_key( master_slot ); @@ -892,7 +892,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) /* Perform PSK-to-MS expansion in a single step. */ psa_status_t status; psa_algorithm_t alg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_handle_t psk; MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); @@ -913,19 +913,19 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) master_secret_len ); if( status != PSA_SUCCESS ) { - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - status = psa_generator_read( &generator, session->master, + status = psa_key_derivation_output_bytes( &generator, session->master, master_secret_len ); if( status != PSA_SUCCESS ) { - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } - status = psa_generator_abort( &generator ); + status = psa_key_derivation_abort( &generator ); if( status != PSA_SUCCESS ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index aded3bc38..4ebb7e049 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -279,7 +279,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; size_t i; psa_set_key_usage_flags( &attributes, @@ -306,13 +306,13 @@ static psa_status_t derive_key_ladder( const char *ladder[], *key_handle = 0; /* Use the generator obtained from the parent key to create * the next intermediate key. */ - PSA_CHECK( psa_generate_derived_key( &attributes, &generator, + PSA_CHECK( psa_key_derivation_output_key( &attributes, &generator, key_handle ) ); - PSA_CHECK( psa_generator_abort( &generator ) ); + PSA_CHECK( psa_key_derivation_abort( &generator ) ); } exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); if( status != PSA_SUCCESS ) { psa_close_key( *key_handle ); @@ -328,7 +328,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; *wrapping_key_handle = 0; psa_set_key_usage_flags( &attributes, usage ); @@ -343,11 +343,11 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, NULL, 0, PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_generate_derived_key( &attributes, &generator, + PSA_CHECK( psa_key_derivation_output_key( &attributes, &generator, wrapping_key_handle ) ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); if( status != PSA_SUCCESS ) { psa_close_key( *wrapping_key_handle ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8b5773733..ab74bafb3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -525,7 +525,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char label[16] = "This is a label."; size_t label_length = sizeof( label ); unsigned char seed[16] = "abcdefghijklmnop"; @@ -558,10 +558,10 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, seed, seed_length, sizeof( output ) ) ); } - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, output, sizeof( output ) ) ); - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); } return( 1 ); @@ -572,7 +572,7 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ -static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, +static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *generator, psa_key_handle_t handle ) { psa_key_type_t private_key_type; @@ -581,7 +581,7 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, uint8_t *public_key = NULL; size_t public_key_length; /* Return GENERIC_ERROR if something other than the final call to - * psa_key_agreement fails. This isn't fully satisfactory, but it's + * psa_key_derivation_key_agreement fails. This isn't fully satisfactory, but it's * good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -596,7 +596,7 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator, public_key, public_key_length, &public_key_length ) ); - status = psa_key_agreement( generator, PSA_KDF_STEP_SECRET, handle, + status = psa_key_derivation_key_agreement( generator, PSA_KDF_STEP_SECRET, handle, public_key, public_key_length ); exit: mbedtls_free( public_key ); @@ -617,7 +617,7 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, uint8_t output[1024]; size_t output_length; /* Return GENERIC_ERROR if something other than the final call to - * psa_key_agreement fails. This isn't fully satisfactory, but it's + * psa_key_derivation_key_agreement fails. This isn't fully satisfactory, but it's * good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -664,7 +664,7 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char output[1]; int ok = 0; @@ -674,10 +674,10 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, * private key against its own public key. */ PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( key_agreement_with_self( &generator, handle ) ); - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, output, sizeof( output ) ) ); - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); } ok = 1; @@ -1844,7 +1844,7 @@ void derive_key_policy( int policy_usage, { psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1868,7 +1868,7 @@ void derive_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -1884,7 +1884,7 @@ void agreement_key_policy( int policy_usage, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1906,7 +1906,7 @@ void agreement_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -1922,7 +1922,7 @@ void raw_agreement_key_policy( int policy_usage, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1943,7 +1943,7 @@ void raw_agreement_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4003,24 +4003,24 @@ void crypto_generator_init( ) * though it's OK by the C standard. We could test for this, but we'd need * to supress the Clang warning for the test. */ size_t capacity; - psa_crypto_generator_t func = psa_crypto_generator_init( ); - psa_crypto_generator_t init = PSA_CRYPTO_GENERATOR_INIT; - psa_crypto_generator_t zero; + psa_key_derivation_operation_t func = psa_key_derivation_operation_init( ); + psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t zero; memset( &zero, 0, sizeof( zero ) ); /* A default generator should not be able to report its capacity. */ - TEST_EQUAL( psa_get_generator_capacity( &func, &capacity ), + TEST_EQUAL( psa_key_derivation_get_capacity( &func, &capacity ), PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_get_generator_capacity( &init, &capacity ), + TEST_EQUAL( psa_key_derivation_get_capacity( &init, &capacity ), PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_get_generator_capacity( &zero, &capacity ), + TEST_EQUAL( psa_key_derivation_get_capacity( &zero, &capacity ), PSA_ERROR_BAD_STATE ); /* A default generator should be abortable without error. */ - PSA_ASSERT( psa_generator_abort(&func) ); - PSA_ASSERT( psa_generator_abort(&init) ); - PSA_ASSERT( psa_generator_abort(&zero) ); + PSA_ASSERT( psa_key_derivation_abort(&func) ); + PSA_ASSERT( psa_key_derivation_abort(&init) ); + PSA_ASSERT( psa_key_derivation_abort(&zero) ); } /* END_CASE */ @@ -4038,7 +4038,7 @@ void derive_setup( int key_type_arg, psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_status_t expected_status = expected_status_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -4057,7 +4057,7 @@ void derive_setup( int key_type_arg, expected_status ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4068,7 +4068,7 @@ void test_derive_invalid_generator_state( ) { psa_key_handle_t handle = 0; size_t key_type = PSA_KEY_TYPE_DERIVE; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); uint8_t buffer[42]; size_t capacity = sizeof( buffer ); @@ -4100,13 +4100,13 @@ void test_derive_invalid_generator_state( ) capacity ), PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) ); + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, buffer, capacity ) ); - TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ), + TEST_EQUAL( psa_key_derivation_output_bytes( &generator, buffer, capacity ), PSA_ERROR_INSUFFICIENT_DATA ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4118,24 +4118,24 @@ void test_derive_invalid_generator_tests( ) uint8_t output_buffer[16]; size_t buffer_size = 16; size_t capacity = 0; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; - TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) + TEST_ASSERT( psa_key_derivation_get_capacity( &generator, &capacity ) == PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); - TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity ) + TEST_ASSERT( psa_key_derivation_get_capacity( &generator, &capacity ) == PSA_ERROR_BAD_STATE ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); } /* END_CASE */ @@ -4151,7 +4151,7 @@ void derive_output( int alg_arg, psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = {expected_output1->x, expected_output2->x}; size_t output_sizes[2] = @@ -4185,7 +4185,7 @@ void derive_output( int alg_arg, if( PSA_ALG_IS_HKDF( alg ) ) { PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_set_generator_capacity( &generator, + PSA_ASSERT( psa_key_derivation_set_capacity( &generator, requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, PSA_KDF_STEP_SALT, @@ -4205,7 +4205,7 @@ void derive_output( int alg_arg, label->x, label->len, requested_capacity ) ); } - PSA_ASSERT( psa_get_generator_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &generator, ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); expected_capacity = requested_capacity; @@ -4214,7 +4214,7 @@ void derive_output( int alg_arg, for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) { /* Read some bytes. */ - status = psa_generator_read( &generator, + status = psa_key_derivation_output_bytes( &generator, output_buffer, output_sizes[i] ); if( expected_capacity == 0 && output_sizes[i] == 0 ) { @@ -4238,15 +4238,15 @@ void derive_output( int alg_arg, expected_outputs[i], output_sizes[i] ); /* Check the generator status. */ expected_capacity -= output_sizes[i]; - PSA_ASSERT( psa_get_generator_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &generator, ¤t_capacity ) ); TEST_EQUAL( expected_capacity, current_capacity ); } - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); exit: mbedtls_free( output_buffer ); - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4262,7 +4262,7 @@ void derive_full( int alg_arg, psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char output_buffer[16]; size_t expected_capacity = requested_capacity; size_t current_capacity; @@ -4281,7 +4281,7 @@ void derive_full( int alg_arg, if( PSA_ALG_IS_HKDF( alg ) ) { PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_set_generator_capacity( &generator, + PSA_ASSERT( psa_key_derivation_set_capacity( &generator, requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, PSA_KDF_STEP_SALT, @@ -4301,7 +4301,7 @@ void derive_full( int alg_arg, label->x, label->len, requested_capacity ) ); } - PSA_ASSERT( psa_get_generator_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &generator, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); @@ -4311,23 +4311,23 @@ void derive_full( int alg_arg, size_t read_size = sizeof( output_buffer ); if( read_size > current_capacity ) read_size = current_capacity; - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, read_size ) ); expected_capacity -= read_size; - PSA_ASSERT( psa_get_generator_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &generator, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); } /* Check that the generator refuses to go over capacity. */ - TEST_EQUAL( psa_generator_read( &generator, output_buffer, 1 ), + TEST_EQUAL( psa_key_derivation_output_bytes( &generator, output_buffer, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4351,7 +4351,7 @@ void derive_key_exercise( int alg_arg, psa_key_usage_t derived_usage = derived_usage_arg; psa_algorithm_t derived_alg = derived_alg_arg; size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4372,7 +4372,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_generate_derived_key( &attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, &derived_handle ) ); /* Test the key information */ @@ -4385,7 +4385,7 @@ void derive_key_exercise( int alg_arg, goto exit; exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_reset_key_attributes( &got_attributes ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); @@ -4407,7 +4407,7 @@ void derive_key_export( int alg_arg, size_t bytes1 = bytes1_arg; size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *output_buffer = NULL; uint8_t *export_buffer = NULL; psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4429,10 +4429,10 @@ void derive_key_export( int alg_arg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, capacity ) ); - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); /* Derive the same output again, but this time store it in key objects. */ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, @@ -4443,7 +4443,7 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &generator, &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, @@ -4451,7 +4451,7 @@ void derive_key_export( int alg_arg, TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_generate_derived_key( &derived_attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &generator, &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, @@ -4465,7 +4465,7 @@ void derive_key_export( int alg_arg, exit: mbedtls_free( output_buffer ); mbedtls_free( export_buffer ); - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); mbedtls_psa_crypto_free( ); @@ -4481,7 +4481,7 @@ void key_agreement_setup( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -4502,7 +4502,7 @@ void key_agreement_setup( int alg_arg, status = psa_key_derivation_setup( &generator, alg ); if( status == PSA_SUCCESS ) { - TEST_EQUAL( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, + TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, peer_key_data->x, peer_key_data->len ), expected_status ); @@ -4513,7 +4513,7 @@ void key_agreement_setup( int alg_arg, } exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); } @@ -4565,7 +4565,7 @@ void key_agreement_capacity( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t actual_capacity; unsigned char output[16]; @@ -4580,7 +4580,7 @@ void key_agreement_capacity( int alg_arg, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, + PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) @@ -4592,24 +4592,24 @@ void key_agreement_capacity( int alg_arg, } /* Test the advertized capacity. */ - PSA_ASSERT( psa_get_generator_capacity( + PSA_ASSERT( psa_key_derivation_get_capacity( &generator, &actual_capacity ) ); TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg ); /* Test the actual capacity by reading the output. */ while( actual_capacity > sizeof( output ) ) { - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, output, sizeof( output ) ) ); actual_capacity -= sizeof( output ); } - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, output, actual_capacity ) ); - TEST_EQUAL( psa_generator_read( &generator, output, 1 ), + TEST_EQUAL( psa_key_derivation_output_bytes( &generator, output, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); } @@ -4624,7 +4624,7 @@ void key_agreement_output( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; @@ -4641,7 +4641,7 @@ void key_agreement_output( int alg_arg, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_agreement( &generator, PSA_KDF_STEP_SECRET, + PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) @@ -4652,14 +4652,14 @@ void key_agreement_output( int alg_arg, NULL, 0 ) ); } - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, actual_output, expected_output1->len ) ); ASSERT_COMPARE( actual_output, expected_output1->len, expected_output1->x, expected_output1->len ); if( expected_output2->len != 0 ) { - PSA_ASSERT( psa_generator_read( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &generator, actual_output, expected_output2->len ) ); ASSERT_COMPARE( actual_output, expected_output2->len, @@ -4667,7 +4667,7 @@ void key_agreement_output( int alg_arg, } exit: - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); mbedtls_free( actual_output ); @@ -4886,7 +4886,7 @@ void persistent_key_load_key_from_storage( data_t *data, size_t bits = bits_arg; psa_key_usage_t usage_flags = usage_flags_arg; psa_algorithm_t alg = alg_arg; - psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); @@ -4940,9 +4940,9 @@ void persistent_key_load_key_from_storage( data_t *data, PSA_ASSERT( psa_key_derivation_input_bytes( &generator, PSA_KDF_STEP_INFO, NULL, 0 ) ); - PSA_ASSERT( psa_generate_derived_key( &attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, &handle ) ); - PSA_ASSERT( psa_generator_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &generator ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); base_key = 0; } @@ -4994,7 +4994,7 @@ exit: psa_reset_key_attributes( &attributes ); mbedtls_free( first_export ); mbedtls_free( second_export ); - psa_generator_abort( &generator ); + psa_key_derivation_abort( &generator ); psa_destroy_key( base_key ); if( handle == 0 ) { From 03410b5c5f5229661ddf57745b8511f050b522f2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 16:05:19 +0200 Subject: [PATCH 1259/2197] Rename PSA_KDF_STEP_xxx -> PSA_KEY_DERIVATION_INPUT_xxx More consistent with the new function names. --- include/psa/crypto_values.h | 18 +++++------ library/psa_crypto.c | 14 ++++----- tests/suites/test_suite_psa_crypto.function | 34 ++++++++++----------- 3 files changed, 33 insertions(+), 33 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e67fc6098..c57d06a36 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1216,12 +1216,12 @@ * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. * * This key derivation algorithm uses the following inputs: - * - #PSA_KDF_STEP_SALT is the salt used in the "extract" step. + * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step. * It is optional; if omitted, the derivation uses an empty salt. - * - #PSA_KDF_STEP_SECRET is the secret key used in the "extract" step. - * - #PSA_KDF_STEP_INFO is the info string used in the "expand" step. - * You must pass #PSA_KDF_STEP_SALT before #PSA_KDF_STEP_SECRET. - * You may pass #PSA_KDF_STEP_INFO at any time after steup and before + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step. + * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step. + * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET. + * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before * starting to generate output. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that @@ -1590,25 +1590,25 @@ * * This must be a key of type #PSA_KEY_TYPE_DERIVE. */ -#define PSA_KDF_STEP_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) /** A label for key derivation. * * This must be a direct input. */ -#define PSA_KDF_STEP_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) /** A salt for key derivation. * * This must be a direct input. */ -#define PSA_KDF_STEP_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) /** An information string for key derivation. * * This must be a direct input. */ -#define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 88e646ab1..71648eba2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4914,7 +4914,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, psa_status_t status; switch( step ) { - case PSA_KDF_STEP_SALT: + case PSA_KEY_DERIVATION_INPUT_SALT: if( hkdf->state != HKDF_STATE_INIT ) return( PSA_ERROR_BAD_STATE ); status = psa_hmac_setup_internal( &hkdf->hmac, @@ -4924,7 +4924,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, return( status ); hkdf->state = HKDF_STATE_STARTED; return( PSA_SUCCESS ); - case PSA_KDF_STEP_SECRET: + case PSA_KEY_DERIVATION_INPUT_SECRET: /* If no salt was provided, use an empty salt. */ if( hkdf->state == HKDF_STATE_INIT ) { @@ -4950,7 +4950,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, hkdf->block_number = 0; hkdf->state = HKDF_STATE_KEYED; return( PSA_SUCCESS ); - case PSA_KDF_STEP_INFO: + case PSA_KEY_DERIVATION_INPUT_INFO: if( hkdf->state == HKDF_STATE_OUTPUT ) return( PSA_ERROR_BAD_STATE ); if( hkdf->info_set ) @@ -5029,9 +5029,9 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *gen { switch( step ) { - case PSA_KDF_STEP_LABEL: - case PSA_KDF_STEP_SALT: - case PSA_KDF_STEP_INFO: + case PSA_KEY_DERIVATION_INPUT_LABEL: + case PSA_KEY_DERIVATION_INPUT_SALT: + case PSA_KEY_DERIVATION_INPUT_INFO: return( psa_key_derivation_input_raw( generator, step, data, data_length ) ); default: @@ -5058,7 +5058,7 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *gener * the material should be dedicated to a particular input step, * otherwise this may allow the key to be used in an unintended way * and leak values derived from the key. So be conservative. */ - if( step != PSA_KDF_STEP_SECRET ) + if( step != PSA_KEY_DERIVATION_INPUT_SECRET ) return( PSA_ERROR_INVALID_ARGUMENT ); return( psa_key_derivation_input_raw( generator, step, diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ab74bafb3..5527e3966 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -538,14 +538,14 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, { PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_SALT, + PSA_KEY_DERIVATION_INPUT_SALT, label, label_length ) ); PSA_ASSERT( psa_key_derivation_input_key( &generator, - PSA_KDF_STEP_SECRET, + PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_INFO, + PSA_KEY_DERIVATION_INPUT_INFO, seed, seed_length ) ); } @@ -596,7 +596,7 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *gen public_key, public_key_length, &public_key_length ) ); - status = psa_key_derivation_key_agreement( generator, PSA_KDF_STEP_SECRET, handle, + status = psa_key_derivation_key_agreement( generator, PSA_KEY_DERIVATION_INPUT_SECRET, handle, public_key, public_key_length ); exit: mbedtls_free( public_key ); @@ -4188,13 +4188,13 @@ void derive_output( int alg_arg, PSA_ASSERT( psa_key_derivation_set_capacity( &generator, requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_SALT, + PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); PSA_ASSERT( psa_key_derivation_input_key( &generator, - PSA_KDF_STEP_SECRET, + PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_INFO, + PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } else @@ -4284,13 +4284,13 @@ void derive_full( int alg_arg, PSA_ASSERT( psa_key_derivation_set_capacity( &generator, requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_SALT, + PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); PSA_ASSERT( psa_key_derivation_input_key( &generator, - PSA_KDF_STEP_SECRET, + PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_INFO, + PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } else @@ -4502,7 +4502,7 @@ void key_agreement_setup( int alg_arg, status = psa_key_derivation_setup( &generator, alg ); if( status == PSA_SUCCESS ) { - TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET, + TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ), expected_status ); @@ -4580,14 +4580,14 @@ void key_agreement_capacity( int alg_arg, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET, + PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_INFO, + PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); } @@ -4641,14 +4641,14 @@ void key_agreement_output( int alg_arg, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET, + PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ PSA_ASSERT( psa_key_derivation_input_bytes( &generator, - PSA_KDF_STEP_INFO, + PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); } @@ -4935,10 +4935,10 @@ void persistent_key_load_key_from_storage( data_t *data, /* Derive a key. */ PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) ); PSA_ASSERT( psa_key_derivation_input_key( &generator, - PSA_KDF_STEP_SECRET, + PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) ); PSA_ASSERT( psa_key_derivation_input_bytes( - &generator, PSA_KDF_STEP_INFO, + &generator, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, &handle ) ); From cbe6650394bfff149f4221ac7db7653cde5214ab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 16:59:18 +0200 Subject: [PATCH 1260/2197] Rename generator-related internal identifiers perl -pe 's/crypto_generator/key_derivation/gi' $(git ls-files) perl -pe 's/_generator/_key_derivation/gi' $(git ls-files) --- include/psa/crypto.h | 2 +- include/psa/crypto_struct.h | 16 +++---- library/psa_crypto.c | 46 ++++++++++----------- tests/suites/test_suite_psa_crypto.data | 6 +-- tests/suites/test_suite_psa_crypto.function | 6 +-- 5 files changed, 38 insertions(+), 38 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0bff6cee9..17af57dec 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3002,7 +3002,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, * make any assumptions about the content of this structure except * as directed by the documentation of a specific implementation. */ -typedef struct psa_crypto_generator_s psa_key_derivation_operation_t; +typedef struct psa_key_derivation_s psa_key_derivation_operation_t; /** \def PSA_KEY_DERIVATION_OPERATION_INIT * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 74e362d8e..be570c2fa 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -188,11 +188,11 @@ typedef struct uint8_t block_number; unsigned int state : 2; unsigned int info_set : 1; -} psa_hkdf_generator_t; +} psa_hkdf_key_derivation_t; #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) -typedef struct psa_tls12_prf_generator_s +typedef struct psa_tls12_prf_key_derivation_s { /* The TLS 1.2 PRF uses the key for each HMAC iteration, * hence we must store it for the lifetime of the generator. @@ -219,10 +219,10 @@ typedef struct psa_tls12_prf_generator_s /* The 1-based number of the block. */ uint8_t block_number; -} psa_tls12_prf_generator_t; +} psa_tls12_prf_key_derivation_t; #endif /* MBEDTLS_MD_C */ -struct psa_crypto_generator_s +struct psa_key_derivation_s { psa_algorithm_t alg; size_t capacity; @@ -234,16 +234,16 @@ struct psa_crypto_generator_s size_t size; } buffer; #if defined(MBEDTLS_MD_C) - psa_hkdf_generator_t hkdf; - psa_tls12_prf_generator_t tls12_prf; + psa_hkdf_key_derivation_t hkdf; + psa_tls12_prf_key_derivation_t tls12_prf; #endif } ctx; }; #define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {{0, 0}}} -static inline struct psa_crypto_generator_s psa_key_derivation_operation_init( void ) +static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) { - const struct psa_crypto_generator_s v = PSA_KEY_DERIVATION_OPERATION_INIT; + const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; return( v ); } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 71648eba2..29a0496bc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4065,7 +4065,7 @@ exit: #define HKDF_STATE_KEYED 2 /* got key */ #define HKDF_STATE_OUTPUT 3 /* output started */ -static psa_algorithm_t psa_generator_get_kdf_alg( +static psa_algorithm_t psa_key_derivation_get_kdf_alg( const psa_key_derivation_operation_t *generator ) { if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) @@ -4078,7 +4078,7 @@ static psa_algorithm_t psa_generator_get_kdf_alg( psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator ) { psa_status_t status = PSA_SUCCESS; - psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); if( kdf_alg == 0 ) { /* The object has (apparently) been initialized but it is not @@ -4156,7 +4156,7 @@ psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *ge #if defined(MBEDTLS_MD_C) /* Read some bytes from an HKDF-based generator. This performs a chunk * of the expand phase of the HKDF algorithm. */ -static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, +static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf, psa_algorithm_t hash_alg, uint8_t *output, size_t output_length ) @@ -4223,8 +4223,8 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf, return( PSA_SUCCESS ); } -static psa_status_t psa_generator_tls12_prf_generate_next_block( - psa_tls12_prf_generator_t *tls12_prf, +static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( + psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg ) { psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); @@ -4258,7 +4258,7 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block( * A(0) = seed * A(i) = HMAC_hash( secret, A(i-1) ) * - * The `psa_tls12_prf_generator` structures saves the block + * The `psa_tls12_prf_key_derivation` structures saves the block * `HMAC_hash(secret, A(i) + seed)` from which the output * is currently extracted as `output_block`, while * `A(i) + seed` is stored in `Ai_with_seed`. @@ -4337,8 +4337,8 @@ cleanup: /* Read some bytes from an TLS-1.2-PRF-based generator. * See Section 5 of RFC 5246. */ -static psa_status_t psa_generator_tls12_prf_read( - psa_tls12_prf_generator_t *tls12_prf, +static psa_status_t psa_key_derivation_tls12_prf_read( + psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg, uint8_t *output, size_t output_length ) @@ -4355,7 +4355,7 @@ static psa_status_t psa_generator_tls12_prf_read( /* Check if we have fully processed the current block. */ if( n == 0 ) { - status = psa_generator_tls12_prf_generate_next_block( tls12_prf, + status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -4381,7 +4381,7 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *ge size_t output_length ) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); if( generator->alg == 0 ) { @@ -4430,13 +4430,13 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *ge if( PSA_ALG_IS_HKDF( kdf_alg ) ) { psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg, + status = psa_key_derivation_hkdf_read( &generator->ctx.hkdf, hash_alg, output, output_length ); } else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf, + status = psa_key_derivation_tls12_prf_read( &generator->ctx.tls12_prf, kdf_alg, output, output_length ); } @@ -4571,7 +4571,7 @@ exit: * Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, +static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hkdf, const uint8_t *secret, size_t secret_length, psa_algorithm_t hash_alg, @@ -4616,8 +4616,8 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, * Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_generator_tls12_prf_setup( - psa_tls12_prf_generator_t *tls12_prf, +static psa_status_t psa_key_derivation_tls12_prf_setup( + psa_tls12_prf_key_derivation_t *tls12_prf, const unsigned char *key, size_t key_len, psa_algorithm_t hash_alg, @@ -4669,8 +4669,8 @@ static psa_status_t psa_generator_tls12_prf_setup( } /* Set up a TLS-1.2-PSK-to-MS-based generator. */ -static psa_status_t psa_generator_tls12_psk_to_ms_setup( - psa_tls12_prf_generator_t *tls12_prf, +static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( + psa_tls12_prf_key_derivation_t *tls12_prf, const unsigned char *psk, size_t psk_len, psa_algorithm_t hash_alg, @@ -4699,7 +4699,7 @@ static psa_status_t psa_generator_tls12_psk_to_ms_setup( pms[2 + psk_len + 1] = pms[1]; memcpy( pms + 4 + psk_len, psk, psk_len ); - status = psa_generator_tls12_prf_setup( tls12_prf, + status = psa_key_derivation_tls12_prf_setup( tls12_prf, pms, 4 + 2 * psk_len, hash_alg, salt, salt_length, @@ -4752,7 +4752,7 @@ static psa_status_t psa_key_derivation_internal( if( hash_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); max_capacity = 255 * hash_size; - status = psa_generator_hkdf_setup( &generator->ctx.hkdf, + status = psa_key_derivation_hkdf_setup( &generator->ctx.hkdf, secret, secret_length, hash_alg, salt, salt_length, @@ -4776,14 +4776,14 @@ static psa_status_t psa_key_derivation_internal( if( PSA_ALG_IS_TLS12_PRF( alg ) ) { - status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf, + status = psa_key_derivation_tls12_prf_setup( &generator->ctx.tls12_prf, secret, secret_length, hash_alg, salt, salt_length, label, label_length ); } else { - status = psa_generator_tls12_psk_to_ms_setup( + status = psa_key_derivation_tls12_psk_to_ms_setup( &generator->ctx.tls12_prf, secret, secret_length, hash_alg, salt, salt_length, @@ -4905,7 +4905,7 @@ psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *generator } #if defined(MBEDTLS_MD_C) -static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf, +static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, psa_algorithm_t hash_alg, psa_key_derivation_step_t step, const uint8_t *data, @@ -4978,7 +4978,7 @@ static psa_status_t psa_key_derivation_input_raw( size_t data_length ) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); if( kdf_alg == PSA_ALG_SELECT_RAW ) { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 991d91a3e..d98470d3d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1717,7 +1717,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT Crypto generator initializers zero properly -crypto_generator_init: +key_derivation_init: PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -1757,11 +1757,11 @@ derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b": PSA key derivation: invalid generator state ( double generate + read past capacity ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -test_derive_invalid_generator_state: +test_derive_invalid_key_derivation_state: PSA key derivation: invalid generator state ( call read/get_capacity after init and abort ) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -test_derive_invalid_generator_tests: +test_derive_invalid_key_derivation_tests: PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5527e3966..52c41e7eb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3996,7 +3996,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void crypto_generator_init( ) +void key_derivation_init( ) { /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even @@ -4064,7 +4064,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_generator_state( ) +void test_derive_invalid_key_derivation_state( ) { psa_key_handle_t handle = 0; size_t key_type = PSA_KEY_TYPE_DERIVE; @@ -4113,7 +4113,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_derive_invalid_generator_tests( ) +void test_derive_invalid_key_derivation_tests( ) { uint8_t output_buffer[16]; size_t buffer_size = 16; From 35675b6b26c222105b5d1c8be7532bf982eab3f6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 17:26:11 +0200 Subject: [PATCH 1261/2197] Terminology: say "key derivation operation", not "generator" Generators are mostly about key derivation (currently: only about key derivation). "Generator" is not a commonly used term in cryptography. So favor "derivation" as terminology. This commit updates the function descriptions. --- include/psa/crypto.h | 202 +++++++++++++++++++----------------- include/psa/crypto_extra.h | 8 +- include/psa/crypto_struct.h | 2 +- 3 files changed, 112 insertions(+), 100 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 17af57dec..c4aab460f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2969,33 +2969,33 @@ psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle, /**@}*/ -/** \defgroup generators Generators +/** \defgroup key_derivation Key derivation and pseudorandom generation * @{ */ -/** The type of the state data structure for generators. +/** The type of the state data structure for key derivation operations. * - * Before calling any function on a generator, the application must - * initialize it by any of the following means: + * Before calling any function on a key derivation operation object, the + * application must initialize it by any of the following means: * - Set the structure to all-bits-zero, for example: * \code - * psa_key_derivation_operation_t generator; - * memset(&generator, 0, sizeof(generator)); + * psa_key_derivation_operation_t operation; + * memset(&operation, 0, sizeof(operation)); * \endcode * - Initialize the structure to logical zero values, for example: * \code - * psa_key_derivation_operation_t generator = {0}; + * psa_key_derivation_operation_t operation = {0}; * \endcode * - Initialize the structure to the initializer #PSA_KEY_DERIVATION_OPERATION_INIT, * for example: * \code - * psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + * psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; * \endcode * - Assign the result of the function psa_key_derivation_operation_init() * to the structure, for example: * \code - * psa_key_derivation_operation_t generator; - * generator = psa_key_derivation_operation_init(); + * psa_key_derivation_operation_t operation; + * operation = psa_key_derivation_operation_init(); * \endcode * * This is an implementation-defined \c struct. Applications should not @@ -3006,8 +3006,8 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; /** \def PSA_KEY_DERIVATION_OPERATION_INIT * - * This macro returns a suitable initializer for a generator object - * of type #psa_key_derivation_operation_t. + * This macro returns a suitable initializer for a key derivation operation + * object of type #psa_key_derivation_operation_t. */ #ifdef __DOXYGEN_ONLY__ /* This is an example definition for documentation purposes. @@ -3016,58 +3016,66 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; #define PSA_KEY_DERIVATION_OPERATION_INIT {0} #endif -/** Return an initial value for a generator object. +/** Return an initial value for a key derivation operation object. */ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); -/** Retrieve the current capacity of a generator. +/** Retrieve the current capacity of a key derivation operation. * - * The capacity of a generator is the maximum number of bytes that it can - * return. Reading *N* bytes from a generator reduces its capacity by *N*. + * The capacity of a key derivation is the maximum number of bytes that it can + * return. When you get *N* bytes of output from a key derivation operation, + * this reduces its capacity by *N*. * - * \param[in] generator The generator to query. - * \param[out] capacity On success, the capacity of the generator. + * \param[in] operation The operation to query. + * \param[out] capacity On success, the capacity of the operation. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ -psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity); -/** Set the maximum capacity of a generator. +/** Set the maximum capacity of a key derivation operation. * - * \param[in,out] generator The generator object to modify. - * \param capacity The new capacity of the generator. - * It must be less or equal to the generator's + * The capacity of a key derivation operation is the maximum number of bytes + * that the key derivation operation can return from this point onwards. + * + * \param[in,out] operation The key derivation operation object to modify. + * \param capacity The new capacity of the operation. + * It must be less or equal to the operation's * current capacity. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p capacity is larger than the generator's current capacity. + * \p capacity is larger than the operation's current capacity. + * In this case, the operation object remains valid and its capacity + * remains unchanged. * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ -psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, size_t capacity); -/** Read some data from a generator. +/** Read some data from a key derivation operation. * - * This function reads and returns a sequence of bytes from a generator. - * The data that is read is discarded from the generator. The generator's - * capacity is decreased by the number of bytes read. + * This function calculates output bytes from a key derivation algorithm and + * return those bytes. + * If you view the key derivation's output as a stream of bytes, this + * function destructively reads the requested number of bytes from the + * stream. + * The operation's capacity decreases by the number of bytes read. * - * \param[in,out] generator The generator object to read from. - * \param[out] output Buffer where the generator output will be - * written. + * \param[in,out] operation The key derivation operation object to read from. + * \param[out] output Buffer where the output will be written. * \param output_length Number of bytes to output. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INSUFFICIENT_DATA - * There were fewer than \p output_length bytes - * in the generator. Note that in this case, no - * output is written to the output buffer. - * The generator's capacity is set to 0, thus + * The operation's capacity was less than + * \p output_length bytes. Note that in this case, + * no output is written to the output buffer. + * The operation's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller output buffer. * \retval #PSA_ERROR_BAD_STATE @@ -3076,15 +3084,21 @@ psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *gen * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length); -/** Generate a key deterministically from data read from a generator. +/** Derive a key from an ongoing key derivation operation. * - * This function uses the output of a generator to derive a key. - * How much output it consumes and how the key is derived depends on the - * key type. + * This function calculates output bytes from a key derivation algorithm + * and uses those bytes to generate a key deterministically. + * If you view the key derivation's output as a stream of bytes, this + * function destructively reads as many bytes as required from the + * stream. + * The operation's capacity decreases by the number of bytes read. + * + * How much output is produced and consumed from the operation, and how + * the key is derived, depends on the key type: * * - For key types for which the key is an arbitrary sequence of bytes * of a given size, @@ -3094,7 +3108,7 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *gen * if the implementation provides an isolation boundary then * the key material is not exposed outside the isolation boundary. * As a consequence, for these key types, this function always consumes - * exactly (\p bits / 8) bytes from the generator. + * exactly (\p bits / 8) bytes from the operation. * The following key types defined in this specification follow this scheme: * * - #PSA_KEY_TYPE_AES; @@ -3120,7 +3134,7 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *gen * up to the nearest whole number of bytes. If the resulting byte string * is acceptable, it becomes the key, otherwise the drawn bytes are discarded. * This process is repeated until an acceptable byte string is drawn. - * The byte string drawn from the generator is interpreted as specified + * The byte string drawn from the operation is interpreted as specified * for the output produced by psa_export_key(). * The following key types defined in this specification follow this scheme: * @@ -3130,7 +3144,7 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *gen * successively (for example, for 3-key triple-DES, * if the first 8 bytes specify a weak key and the next 8 bytes do not, * discard the first 8 bytes, use the next 8 bytes as the first key, - * and continue reading output from the generator to derive the other + * and continue reading output from the operation to derive the other * two keys). * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEYPAIR), * DSA keys (#PSA_KEY_TYPE_DSA_KEYPAIR), and @@ -3151,14 +3165,14 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *gen * FIPS 186-4 §B.4.2 for elliptic curve keys. * * - For other key types, including #PSA_KEY_TYPE_RSA_KEYPAIR, - * the way in which the generator output is consumed is + * the way in which the operation output is consumed is * implementation-defined. * - * In all cases, the data that is read is discarded from the generator. - * The generator's capacity is decreased by the number of bytes read. + * In all cases, the data that is read is discarded from the operation. + * The operation's capacity is decreased by the number of bytes read. * * \param[in] attributes The attributes for the new key. - * \param[in,out] generator The generator object to read from. + * \param[in,out] operation The key derivation operation object to read from. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. * @@ -3172,7 +3186,7 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *gen * \retval #PSA_ERROR_INSUFFICIENT_DATA * There was not enough data to create the desired key. * Note that in this case, no output is written to the output buffer. - * The generator's capacity is set to 0, thus subsequent calls to + * The operation's capacity is set to 0, thus subsequent calls to * this function will not succeed, even with a smaller output buffer. * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the @@ -3189,24 +3203,24 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *gen * results in this error code. */ psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_key_handle_t *handle); -/** Abort a generator. +/** Abort a key derivation operation. * - * Once a generator has been aborted, its capacity is zero. - * Aborting a generator frees all associated resources except for the - * \c generator structure itself. + * Once a key derivation operation has been aborted, its capacity is zero. + * Aborting an operation frees all associated resources except for the + * \c operation structure itself. * - * This function may be called at any time as long as the generator + * This function may be called at any time as long as the operation * object has been initialized to #PSA_KEY_DERIVATION_OPERATION_INIT, to * psa_key_derivation_operation_init() or a zero value. In particular, it is valid * to call psa_key_derivation_abort() twice, or to call psa_key_derivation_abort() - * on a generator that has not been set up. + * on an operation that has not been set up. * - * Once aborted, the generator object may be called. + * Once aborted, the key derivation operation object may be called. * - * \param[in,out] generator The generator to abort. + * \param[in,out] operation The operation to abort. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE @@ -3214,46 +3228,44 @@ psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attribute * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *generator); +psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation); -/** Use the maximum possible capacity for a generator. +/** Use the maximum possible capacity for a key derivation operation. * - * Use this value as the capacity argument when setting up a generator - * to indicate that the generator should have the maximum possible capacity. - * The value of the maximum possible capacity depends on the generator + * Use this value as the capacity argument when setting up a key derivation + * to indicate that the operation should have the maximum possible capacity. + * The value of the maximum possible capacity depends on the key derivation * algorithm. */ #define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) -/**@}*/ - -/** \defgroup derivation Key derivation - * @{ - */ - /** Set up a key derivation operation. * - * A key derivation algorithm takes some inputs and uses them to create - * a byte generator which can be used to produce keys and other + * A key derivation algorithm takes some inputs and uses them to generate + * a byte stream in a deterministic way. + * This byte stream can be used to produce keys and other * cryptographic material. * - * To use a generator for key derivation: + * To derive a key: * - Start with an initialized object of type #psa_key_derivation_operation_t. * - Call psa_key_derivation_setup() to select the algorithm. * - Provide the inputs for the key derivation by calling * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() * as appropriate. Which inputs are needed, in what order, and whether * they may be keys and if so of what type depends on the algorithm. - * - Optionally set the generator's maximum capacity with + * - Optionally set the operation's maximum capacity with * psa_key_derivation_set_capacity(). You may do this before, in the middle of * or after providing inputs. For some algorithms, this step is mandatory * because the output depends on the maximum capacity. - * - Generate output with psa_key_derivation_output_bytes() or - * psa_key_derivation_output_key(). Successive calls to these functions - * use successive output bytes from the generator. - * - Clean up the generator object with psa_key_derivation_abort(). + * - To derive a key, call psa_key_derivation_output_key(). + * To derive a byte string for a different purpose, call + * - psa_key_derivation_output_bytes(). + * Successive calls to these functions use successive output bytes + * calculated by the key derivation algorithm. + * - Clean up the key derivation operation object with psa_key_derivation_abort(). * - * \param[in,out] generator The generator object to set up. It must + * \param[in,out] operation The key derivation operation object + * to set up. It must * have been initialized but not set up yet. * \param alg The key derivation algorithm to compute * (\c PSA_ALG_XXX value such that @@ -3271,7 +3283,7 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *generator) * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_algorithm_t alg); /** Provide an input for key derivation or key agreement. @@ -3284,8 +3296,8 @@ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *generator, * using psa_key_derivation_input_key() instead of this function. Refer to * the documentation of individual step types for information. * - * \param[in,out] generator The generator object to use. It must - * have been set up with + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with * psa_key_derivation_setup() and must not * have produced any output yet. * \param step Which step the input data is for. @@ -3295,7 +3307,7 @@ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *generator, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the generator's algorithm. + * \c step is not compatible with the operation's algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step does not allow direct inputs. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -3303,13 +3315,13 @@ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *generator, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid given the state of \p generator. + * The value of \p step is not valid given the state of \p operation. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length); @@ -3325,8 +3337,8 @@ psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *gene * passed as direct inputs using psa_key_derivation_input_bytes(). Refer to * the documentation of individual step types for information. * - * \param[in,out] generator The generator object to use. It must - * have been set up with + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with * psa_key_derivation_setup() and must not * have produced any output yet. * \param step Which step the input data is for. @@ -3340,7 +3352,7 @@ psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *gene * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the generator's algorithm. + * \c step is not compatible with the operation's algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step does not allow key inputs. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -3348,13 +3360,13 @@ psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *gene * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid given the state of \p generator. + * The value of \p step is not valid given the state of \p operation. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t handle); @@ -3365,17 +3377,17 @@ psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *genera * a public key \p peer_key. * The result of this function is passed as input to a key derivation. * The output of this key derivation can be extracted by reading from the - * resulting generator to produce keys and other cryptographic material. + * resulting operation to produce keys and other cryptographic material. * - * \param[in,out] generator The generator object to use. It must - * have been set up with + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with * psa_key_derivation_setup() with a * key agreement and derivation algorithm * \c alg (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) * is false). - * The generator must be ready for an + * The operation must be ready for an * input of the type given by \p step. * \param step Which step the input data is for. * \param private_key Handle to the private key to use. @@ -3411,7 +3423,7 @@ psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *genera * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, @@ -3428,7 +3440,7 @@ psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *ge * not be used directly as key material. It should instead be passed as * input to a key derivation algorithm. To chain a key agreement with * a key derivation, use psa_key_derivation_key_agreement() and other functions from - * the key derivation and generator interface. + * the key derivation interface. * * \param alg The key agreement algorithm to compute * (\c PSA_ALG_XXX value such that diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 66e5dbc64..1fb052b27 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -157,7 +157,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step * and \p label is the info string used in the "expand" step. * - * \param[in,out] generator The generator object to set up. It must have + * \param[in,out] operation The key derivation object to set up. It must have * been initialized as per the documentation for * #psa_key_derivation_operation_t and not yet in use. * \param handle Handle to the secret key. @@ -169,7 +169,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * \param[in] label Label to use. * \param label_length Size of the \p label buffer in bytes. * \param capacity The maximum number of bytes that the - * generator will be able to provide. + * operation will be able to provide. * * \retval #PSA_SUCCESS * Success. @@ -190,7 +190,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation(psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation(psa_key_derivation_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, @@ -433,7 +433,7 @@ psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, psa_status_t psa_generate_derived_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, size_t bits, - psa_key_derivation_operation_t *generator); + psa_key_derivation_operation_t *operation); psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index be570c2fa..01d3069bf 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -195,7 +195,7 @@ typedef struct typedef struct psa_tls12_prf_key_derivation_s { /* The TLS 1.2 PRF uses the key for each HMAC iteration, - * hence we must store it for the lifetime of the generator. + * hence we must store it for the lifetime of the operation. * This is different from HKDF, where the key is only used * in the extraction phase, but not during expansion. */ unsigned char *key; From 51ae0e4b79718b9e31d7fb9b80b302b8851f3ad3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 17:31:03 +0200 Subject: [PATCH 1262/2197] Rename "generator" to "operation" Generators are now key derivation operations. Keep "random generator" intact. --- library/psa_crypto.c | 232 ++++++++++---------- tests/suites/test_suite_psa_crypto.data | 6 +- tests/suites/test_suite_psa_crypto.function | 218 +++++++++--------- 3 files changed, 228 insertions(+), 228 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 29a0496bc..3e77dceb0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4066,19 +4066,19 @@ exit: #define HKDF_STATE_OUTPUT 3 /* output started */ static psa_algorithm_t psa_key_derivation_get_kdf_alg( - const psa_key_derivation_operation_t *generator ) + const psa_key_derivation_operation_t *operation ) { - if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) - return( PSA_ALG_KEY_AGREEMENT_GET_KDF( generator->alg ) ); + if ( PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) + return( PSA_ALG_KEY_AGREEMENT_GET_KDF( operation->alg ) ); else - return( generator->alg ); + return( operation->alg ); } -psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator ) +psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation ) { psa_status_t status = PSA_SUCCESS; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); if( kdf_alg == 0 ) { /* The object has (apparently) been initialized but it is not @@ -4088,36 +4088,36 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator else if( kdf_alg == PSA_ALG_SELECT_RAW ) { - if( generator->ctx.buffer.data != NULL ) + if( operation->ctx.buffer.data != NULL ) { - mbedtls_platform_zeroize( generator->ctx.buffer.data, - generator->ctx.buffer.size ); - mbedtls_free( generator->ctx.buffer.data ); + mbedtls_platform_zeroize( operation->ctx.buffer.data, + operation->ctx.buffer.size ); + mbedtls_free( operation->ctx.buffer.data ); } } else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { - mbedtls_free( generator->ctx.hkdf.info ); - status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac ); + mbedtls_free( operation->ctx.hkdf.info ); + status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac ); } else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - /* TLS-1.2 PSK-to-MS KDF uses the same generator as TLS-1.2 PRF */ + /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - if( generator->ctx.tls12_prf.key != NULL ) + if( operation->ctx.tls12_prf.key != NULL ) { - mbedtls_platform_zeroize( generator->ctx.tls12_prf.key, - generator->ctx.tls12_prf.key_len ); - mbedtls_free( generator->ctx.tls12_prf.key ); + mbedtls_platform_zeroize( operation->ctx.tls12_prf.key, + operation->ctx.tls12_prf.key_len ); + mbedtls_free( operation->ctx.tls12_prf.key ); } - if( generator->ctx.tls12_prf.Ai_with_seed != NULL ) + if( operation->ctx.tls12_prf.Ai_with_seed != NULL ) { - mbedtls_platform_zeroize( generator->ctx.tls12_prf.Ai_with_seed, - generator->ctx.tls12_prf.Ai_with_seed_len ); - mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed ); + mbedtls_platform_zeroize( operation->ctx.tls12_prf.Ai_with_seed, + operation->ctx.tls12_prf.Ai_with_seed_len ); + mbedtls_free( operation->ctx.tls12_prf.Ai_with_seed ); } } else @@ -4125,36 +4125,36 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator { status = PSA_ERROR_BAD_STATE; } - memset( generator, 0, sizeof( *generator ) ); + memset( operation, 0, sizeof( *operation ) ); return( status ); } -psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity) { - if( generator->alg == 0 ) + if( operation->alg == 0 ) { - /* This is a blank generator. */ + /* This is a blank key derivation operation. */ return PSA_ERROR_BAD_STATE; } - *capacity = generator->capacity; + *capacity = operation->capacity; return( PSA_SUCCESS ); } -psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation, size_t capacity ) { - if( generator->alg == 0 ) + if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); - if( capacity > generator->capacity ) + if( capacity > operation->capacity ) return( PSA_ERROR_INVALID_ARGUMENT ); - generator->capacity = capacity; + operation->capacity = capacity; return( PSA_SUCCESS ); } #if defined(MBEDTLS_MD_C) -/* Read some bytes from an HKDF-based generator. This performs a chunk +/* Read some bytes from an HKDF-based operation. This performs a chunk * of the expand phase of the HKDF algorithm. */ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf, psa_algorithm_t hash_alg, @@ -4182,7 +4182,7 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd break; /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have - * prevented this call. It could happen only if the generator + * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ if( hkdf->block_number == 0xff ) @@ -4237,7 +4237,7 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have - * prevented this call. It could happen only if the generator + * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ if( tls12_prf->block_number == 0xff ) @@ -4335,7 +4335,7 @@ cleanup: return( status ); } -/* Read some bytes from an TLS-1.2-PRF-based generator. +/* Read some bytes from an TLS-1.2-PRF-based operation. * See Section 5 of RFC 5246. */ static psa_status_t psa_key_derivation_tls12_prf_read( psa_tls12_prf_key_derivation_t *tls12_prf, @@ -4376,53 +4376,53 @@ static psa_status_t psa_key_derivation_tls12_prf_read( } #endif /* MBEDTLS_MD_C */ -psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length ) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); - if( generator->alg == 0 ) + if( operation->alg == 0 ) { - /* This is a blank generator. */ + /* This is a blank operation. */ return PSA_ERROR_BAD_STATE; } - if( output_length > generator->capacity ) + if( output_length > operation->capacity ) { - generator->capacity = 0; + operation->capacity = 0; /* Go through the error path to wipe all confidential data now - * that the generator object is useless. */ + * that the operation object is useless. */ status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } - if( output_length == 0 && generator->capacity == 0 ) + if( output_length == 0 && operation->capacity == 0 ) { - /* Edge case: this is a finished generator, and 0 bytes + /* Edge case: this is a finished operation, and 0 bytes * were requested. The right error in this case could * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return * INSUFFICIENT_CAPACITY, which is right for a finished - * generator, for consistency with the case when + * operation, for consistency with the case when * output_length > 0. */ return( PSA_ERROR_INSUFFICIENT_DATA ); } - generator->capacity -= output_length; + operation->capacity -= output_length; if( kdf_alg == PSA_ALG_SELECT_RAW ) { - /* Initially, the capacity of a selection generator is always - * the size of the buffer, i.e. `generator->ctx.buffer.size`, + /* Initially, the capacity of a selection operation is always + * the size of the buffer, i.e. `operation->ctx.buffer.size`, * abbreviated in this comment as `size`. When the remaining * capacity is `c`, the next bytes to serve start `c` bytes * from the end of the buffer, i.e. `size - c` from the - * beginning of the buffer. Since `generator->capacity` was just + * beginning of the buffer. Since `operation->capacity` was just * decremented above, we need to serve the bytes from - * `size - generator->capacity - output_length` to - * `size - generator->capacity`. */ + * `size - operation->capacity - output_length` to + * `size - operation->capacity`. */ size_t offset = - generator->ctx.buffer.size - generator->capacity - output_length; - memcpy( output, generator->ctx.buffer.data + offset, output_length ); + operation->ctx.buffer.size - operation->capacity - output_length; + memcpy( output, operation->ctx.buffer.data + offset, output_length ); status = PSA_SUCCESS; } else @@ -4430,13 +4430,13 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *ge if( PSA_ALG_IS_HKDF( kdf_alg ) ) { psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - status = psa_key_derivation_hkdf_read( &generator->ctx.hkdf, hash_alg, + status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg, output, output_length ); } else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - status = psa_key_derivation_tls12_prf_read( &generator->ctx.tls12_prf, + status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf, kdf_alg, output, output_length ); } @@ -4450,12 +4450,12 @@ exit: if( status != PSA_SUCCESS ) { /* Preserve the algorithm upon errors, but clear all sensitive state. - * This allows us to differentiate between exhausted generators and - * blank generators, so we can return PSA_ERROR_BAD_STATE on blank - * generators. */ - psa_algorithm_t alg = generator->alg; - psa_key_derivation_abort( generator ); - generator->alg = alg; + * This allows us to differentiate between exhausted operations and + * blank operations, so we can return PSA_ERROR_BAD_STATE on blank + * operations. */ + psa_algorithm_t alg = operation->alg; + psa_key_derivation_abort( operation ); + operation->alg = alg; memset( output, '!', output_length ); } return( status ); @@ -4476,7 +4476,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, size_t bits, - psa_key_derivation_operation_t *generator ) + psa_key_derivation_operation_t *operation ) { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); @@ -4490,7 +4490,7 @@ static psa_status_t psa_generate_derived_key_internal( if( data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_key_derivation_output_bytes( generator, data, bytes ); + status = psa_key_derivation_output_bytes( operation, data, bytes ); if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) @@ -4505,7 +4505,7 @@ exit: } psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_key_handle_t *handle ) { psa_status_t status; @@ -4515,7 +4515,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut { status = psa_generate_derived_key_internal( slot, attributes->bits, - generator ); + operation ); } if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot ); @@ -4530,7 +4530,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, - psa_key_derivation_operation_t *generator ) + psa_key_derivation_operation_t *operation ) { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); @@ -4544,7 +4544,7 @@ psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, if( data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_key_derivation_output_bytes( generator, data, bytes ); + status = psa_key_derivation_output_bytes( operation, data, bytes ); if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) @@ -4565,7 +4565,7 @@ exit: /****************************************************************/ #if defined(MBEDTLS_MD_C) -/* Set up an HKDF-based generator. This is exactly the extract phase +/* Set up an HKDF-based operation. This is exactly the extract phase * of the HKDF algorithm. * * Note that if this function fails, you must call psa_key_derivation_abort() @@ -4611,7 +4611,7 @@ static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hk #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) -/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). +/* Set up a TLS-1.2-prf-based operation (see RFC 5246, Section 5). * * Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. @@ -4668,7 +4668,7 @@ static psa_status_t psa_key_derivation_tls12_prf_setup( return( PSA_SUCCESS ); } -/* Set up a TLS-1.2-PSK-to-MS-based generator. */ +/* Set up a TLS-1.2-PSK-to-MS-based operation. */ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( psa_tls12_prf_key_derivation_t *tls12_prf, const unsigned char *psk, @@ -4714,7 +4714,7 @@ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_key_derivation_internal( - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, const uint8_t *secret, size_t secret_length, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, @@ -4724,8 +4724,8 @@ static psa_status_t psa_key_derivation_internal( psa_status_t status; size_t max_capacity; - /* Set generator->alg even on failure so that abort knows what to do. */ - generator->alg = alg; + /* Set operation->alg even on failure so that abort knows what to do. */ + operation->alg = alg; if( alg == PSA_ALG_SELECT_RAW ) { @@ -4735,11 +4735,11 @@ static psa_status_t psa_key_derivation_internal( (void) label; if( label_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); - if( generator->ctx.buffer.data == NULL ) + operation->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); + if( operation->ctx.buffer.data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( generator->ctx.buffer.data, secret, secret_length ); - generator->ctx.buffer.size = secret_length; + memcpy( operation->ctx.buffer.data, secret, secret_length ); + operation->ctx.buffer.size = secret_length; max_capacity = secret_length; status = PSA_SUCCESS; } @@ -4752,7 +4752,7 @@ static psa_status_t psa_key_derivation_internal( if( hash_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); max_capacity = 255 * hash_size; - status = psa_key_derivation_hkdf_setup( &generator->ctx.hkdf, + status = psa_key_derivation_hkdf_setup( &operation->ctx.hkdf, secret, secret_length, hash_alg, salt, salt_length, @@ -4776,7 +4776,7 @@ static psa_status_t psa_key_derivation_internal( if( PSA_ALG_IS_TLS12_PRF( alg ) ) { - status = psa_key_derivation_tls12_prf_setup( &generator->ctx.tls12_prf, + status = psa_key_derivation_tls12_prf_setup( &operation->ctx.tls12_prf, secret, secret_length, hash_alg, salt, salt_length, label, label_length ); @@ -4784,7 +4784,7 @@ static psa_status_t psa_key_derivation_internal( else { status = psa_key_derivation_tls12_psk_to_ms_setup( - &generator->ctx.tls12_prf, + &operation->ctx.tls12_prf, secret, secret_length, hash_alg, salt, salt_length, label, label_length ); @@ -4800,16 +4800,16 @@ static psa_status_t psa_key_derivation_internal( return( status ); if( capacity <= max_capacity ) - generator->capacity = capacity; + operation->capacity = capacity; else if( capacity == PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ) - generator->capacity = max_capacity; + operation->capacity = max_capacity; else return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_SUCCESS ); } -psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, @@ -4821,7 +4821,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, psa_key_slot_t *slot; psa_status_t status; - if( generator->alg != 0 ) + if( operation->alg != 0 ) return( PSA_ERROR_BAD_STATE ); /* Make sure that alg is a key derivation algorithm. This prevents @@ -4837,7 +4837,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, if( slot->type != PSA_KEY_TYPE_DERIVE ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_key_derivation_internal( generator, + status = psa_key_derivation_internal( operation, slot->data.raw.data, slot->data.raw.bytes, alg, @@ -4845,12 +4845,12 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, label, label_length, capacity ); if( status != PSA_SUCCESS ) - psa_key_derivation_abort( generator ); + psa_key_derivation_abort( operation ); return( status ); } static psa_status_t psa_key_derivation_setup_kdf( - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_algorithm_t kdf_alg ) { /* Make sure that kdf_alg is a supported key derivation algorithm. */ @@ -4869,7 +4869,7 @@ static psa_status_t psa_key_derivation_setup_kdf( { return( PSA_ERROR_NOT_SUPPORTED ); } - generator->capacity = 255 * hash_size; + operation->capacity = 255 * hash_size; return( PSA_SUCCESS ); } #endif /* MBEDTLS_MD_C */ @@ -4877,12 +4877,12 @@ static psa_status_t psa_key_derivation_setup_kdf( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation, psa_algorithm_t alg ) { psa_status_t status; - if( generator->alg != 0 ) + if( operation->alg != 0 ) return( PSA_ERROR_BAD_STATE ); if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) @@ -4890,17 +4890,17 @@ psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *generator else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) { psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); - status = psa_key_derivation_setup_kdf( generator, kdf_alg ); + status = psa_key_derivation_setup_kdf( operation, kdf_alg ); } else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) { - status = psa_key_derivation_setup_kdf( generator, alg ); + status = psa_key_derivation_setup_kdf( operation, alg ); } else return( PSA_ERROR_INVALID_ARGUMENT ); if( status == PSA_SUCCESS ) - generator->alg = alg; + operation->alg = alg; return( status ); } @@ -4972,31 +4972,31 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, #endif /* MBEDTLS_MD_C */ static psa_status_t psa_key_derivation_input_raw( - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); if( kdf_alg == PSA_ALG_SELECT_RAW ) { - if( generator->capacity != 0 ) + if( operation->capacity != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - generator->ctx.buffer.data = mbedtls_calloc( 1, data_length ); - if( generator->ctx.buffer.data == NULL ) + operation->ctx.buffer.data = mbedtls_calloc( 1, data_length ); + if( operation->ctx.buffer.data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( generator->ctx.buffer.data, data, data_length ); - generator->ctx.buffer.size = data_length; - generator->capacity = data_length; + memcpy( operation->ctx.buffer.data, data, data_length ); + operation->ctx.buffer.size = data_length; + operation->capacity = data_length; status = PSA_SUCCESS; } else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { - status = psa_hkdf_input( &generator->ctx.hkdf, + status = psa_hkdf_input( &operation->ctx.hkdf, PSA_ALG_HKDF_GET_HASH( kdf_alg ), step, data, data_length ); } @@ -5013,16 +5013,16 @@ static psa_status_t psa_key_derivation_input_raw( else #endif /* MBEDTLS_MD_C */ { - /* This can't happen unless the generator object was not initialized */ + /* This can't happen unless the operation object was not initialized */ return( PSA_ERROR_BAD_STATE ); } if( status != PSA_SUCCESS ) - psa_key_derivation_abort( generator ); + psa_key_derivation_abort( operation ); return( status ); } -psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) @@ -5032,14 +5032,14 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *gen case PSA_KEY_DERIVATION_INPUT_LABEL: case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: - return( psa_key_derivation_input_raw( generator, step, + return( psa_key_derivation_input_raw( operation, step, data, data_length ) ); default: return( PSA_ERROR_INVALID_ARGUMENT ); } } -psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t handle ) { @@ -5047,7 +5047,7 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *gener psa_status_t status; status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DERIVE, - generator->alg ); + operation->alg ); if( status != PSA_SUCCESS ) return( status ); if( slot->type != PSA_KEY_TYPE_DERIVE ) @@ -5060,7 +5060,7 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *gener * and leak values derived from the key. So be conservative. */ if( step != PSA_KEY_DERIVATION_INPUT_SECRET ) return( PSA_ERROR_INVALID_ARGUMENT ); - return( psa_key_derivation_input_raw( generator, + return( psa_key_derivation_input_raw( operation, step, slot->data.raw.data, slot->data.raw.bytes ) ); @@ -5151,7 +5151,7 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, /* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *generator, +static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_slot_t *private_key, const uint8_t *peer_key, @@ -5160,7 +5160,7 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * psa_status_t status; uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; size_t shared_secret_length = 0; - psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( generator->alg ); + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( operation->alg ); /* Step 1: run the secret agreement algorithm to generate the shared * secret. */ @@ -5175,7 +5175,7 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * /* Step 2: set up the key derivation to generate key material from * the shared secret. */ - status = psa_key_derivation_input_raw( generator, step, + status = psa_key_derivation_input_raw( operation, step, shared_secret, shared_secret_length ); exit: @@ -5183,7 +5183,7 @@ exit: return( status ); } -psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, @@ -5191,17 +5191,17 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *g { psa_key_slot_t *slot; psa_status_t status; - if( ! PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) + if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_from_slot( private_key, &slot, - PSA_KEY_USAGE_DERIVE, generator->alg ); + PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) return( status ); - status = psa_key_agreement_internal( generator, step, + status = psa_key_agreement_internal( operation, step, slot, peer_key, peer_key_length ); if( status != PSA_SUCCESS ) - psa_key_derivation_abort( generator ); + psa_key_derivation_abort( operation ); return( status ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d98470d3d..abc73aebe 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1716,7 +1716,7 @@ PSA decrypt: RSA OAEP-SHA-256, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT -Crypto generator initializers zero properly +Crypto derivation operation object initializers zero properly key_derivation_init: PSA key derivation: HKDF-SHA-256, good case @@ -1755,11 +1755,11 @@ PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED -PSA key derivation: invalid generator state ( double generate + read past capacity ) +PSA key derivation: invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state: -PSA key derivation: invalid generator state ( call read/get_capacity after init and abort ) +PSA key derivation: invalid state (call read/get_capacity after init and abort) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_tests: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 52c41e7eb..4c28b80a6 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -525,7 +525,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char label[16] = "This is a label."; size_t label_length = sizeof( label ); unsigned char seed[16] = "abcdefghijklmnop"; @@ -536,15 +536,15 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, { if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, label, label_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, seed, seed_length ) ); @@ -552,16 +552,16 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, else { // legacy - PSA_ASSERT( psa_key_derivation( &generator, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, label, label_length, seed, seed_length, sizeof( output ) ) ); } - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } return( 1 ); @@ -572,7 +572,7 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ -static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *generator, +static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *operation, psa_key_handle_t handle ) { psa_key_type_t private_key_type; @@ -596,7 +596,7 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *gen public_key, public_key_length, &public_key_length ) ); - status = psa_key_derivation_key_agreement( generator, PSA_KEY_DERIVATION_INPUT_SECRET, handle, + status = psa_key_derivation_key_agreement( operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle, public_key, public_key_length ); exit: mbedtls_free( public_key ); @@ -664,7 +664,7 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char output[1]; int ok = 0; @@ -672,12 +672,12 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( key_agreement_with_self( &generator, handle ) ); - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( key_agreement_with_self( &operation, handle ) ); + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } ok = 1; @@ -1844,7 +1844,7 @@ void derive_key_policy( int policy_usage, { psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1856,7 +1856,7 @@ void derive_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - status = psa_key_derivation( &generator, handle, + status = psa_key_derivation( &operation, handle, exercise_alg, NULL, 0, NULL, 0, @@ -1868,7 +1868,7 @@ void derive_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -1884,7 +1884,7 @@ void agreement_key_policy( int policy_usage, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1896,8 +1896,8 @@ void agreement_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); - status = key_agreement_with_self( &generator, handle ); + PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); + status = key_agreement_with_self( &operation, handle ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) @@ -1906,7 +1906,7 @@ void agreement_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -1922,7 +1922,7 @@ void raw_agreement_key_policy( int policy_usage, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1943,7 +1943,7 @@ void raw_agreement_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4009,7 +4009,7 @@ void key_derivation_init( ) memset( &zero, 0, sizeof( zero ) ); - /* A default generator should not be able to report its capacity. */ + /* A default operation should not be able to report its capacity. */ TEST_EQUAL( psa_key_derivation_get_capacity( &func, &capacity ), PSA_ERROR_BAD_STATE ); TEST_EQUAL( psa_key_derivation_get_capacity( &init, &capacity ), @@ -4017,7 +4017,7 @@ void key_derivation_init( ) TEST_EQUAL( psa_key_derivation_get_capacity( &zero, &capacity ), PSA_ERROR_BAD_STATE ); - /* A default generator should be abortable without error. */ + /* A default operation should be abortable without error. */ PSA_ASSERT( psa_key_derivation_abort(&func) ); PSA_ASSERT( psa_key_derivation_abort(&init) ); PSA_ASSERT( psa_key_derivation_abort(&zero) ); @@ -4038,7 +4038,7 @@ void derive_setup( int key_type_arg, psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_status_t expected_status = expected_status_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -4050,14 +4050,14 @@ void derive_setup( int key_type_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - TEST_EQUAL( psa_key_derivation( &generator, handle, alg, + TEST_EQUAL( psa_key_derivation( &operation, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ), expected_status ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4068,7 +4068,7 @@ void test_derive_invalid_key_derivation_state( ) { psa_key_handle_t handle = 0; size_t key_type = PSA_KEY_TYPE_DERIVE; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); uint8_t buffer[42]; size_t capacity = sizeof( buffer ); @@ -4088,25 +4088,25 @@ void test_derive_invalid_key_derivation_state( ) &handle ) ); /* valid key derivation */ - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, NULL, 0, NULL, 0, capacity ) ); - /* state of generator shouldn't allow additional generation */ - TEST_EQUAL( psa_key_derivation( &generator, handle, alg, + /* state of operation shouldn't allow additional generation */ + TEST_EQUAL( psa_key_derivation( &operation, handle, alg, NULL, 0, NULL, 0, capacity ), PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, buffer, capacity ) ); + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, buffer, capacity ) ); - TEST_EQUAL( psa_key_derivation_output_bytes( &generator, buffer, capacity ), + TEST_EQUAL( psa_key_derivation_output_bytes( &operation, buffer, capacity ), PSA_ERROR_INSUFFICIENT_DATA ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4118,24 +4118,24 @@ void test_derive_invalid_key_derivation_tests( ) uint8_t output_buffer[16]; size_t buffer_size = 16; size_t capacity = 0; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - TEST_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_key_derivation_get_capacity( &generator, &capacity ) + TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) == PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); - TEST_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_key_derivation_get_capacity( &generator, &capacity ) + TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) == PSA_ERROR_BAD_STATE ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); } /* END_CASE */ @@ -4151,7 +4151,7 @@ void derive_output( int alg_arg, psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = {expected_output1->x, expected_output2->x}; size_t output_sizes[2] = @@ -4184,28 +4184,28 @@ void derive_output( int alg_arg, /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_set_capacity( &operation, requested_capacity ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } else { // legacy - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) ); } - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); expected_capacity = requested_capacity; @@ -4214,7 +4214,7 @@ void derive_output( int alg_arg, for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) { /* Read some bytes. */ - status = psa_key_derivation_output_bytes( &generator, + status = psa_key_derivation_output_bytes( &operation, output_buffer, output_sizes[i] ); if( expected_capacity == 0 && output_sizes[i] == 0 ) { @@ -4236,17 +4236,17 @@ void derive_output( int alg_arg, if( output_sizes[i] != 0 ) ASSERT_COMPARE( output_buffer, output_sizes[i], expected_outputs[i], output_sizes[i] ); - /* Check the generator status. */ + /* Check the operation status. */ expected_capacity -= output_sizes[i]; - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( expected_capacity, current_capacity ); } - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); exit: mbedtls_free( output_buffer ); - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4262,7 +4262,7 @@ void derive_full( int alg_arg, psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char output_buffer[16]; size_t expected_capacity = requested_capacity; size_t current_capacity; @@ -4280,28 +4280,28 @@ void derive_full( int alg_arg, /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_set_capacity( &operation, requested_capacity ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } else { // legacy - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) ); } - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); @@ -4311,23 +4311,23 @@ void derive_full( int alg_arg, size_t read_size = sizeof( output_buffer ); if( read_size > current_capacity ) read_size = current_capacity; - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, read_size ) ); expected_capacity -= read_size; - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); } - /* Check that the generator refuses to go over capacity. */ - TEST_EQUAL( psa_key_derivation_output_bytes( &generator, output_buffer, 1 ), + /* Check that the operation refuses to go over capacity. */ + TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output_buffer, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4351,7 +4351,7 @@ void derive_key_exercise( int alg_arg, psa_key_usage_t derived_usage = derived_usage_arg; psa_algorithm_t derived_alg = derived_alg_arg; size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4364,7 +4364,7 @@ void derive_key_exercise( int alg_arg, &base_handle ) ); /* Derive a key. */ - PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) ); @@ -4372,7 +4372,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, &derived_handle ) ); /* Test the key information */ @@ -4385,7 +4385,7 @@ void derive_key_exercise( int alg_arg, goto exit; exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_reset_key_attributes( &got_attributes ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); @@ -4407,7 +4407,7 @@ void derive_key_export( int alg_arg, size_t bytes1 = bytes1_arg; size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *output_buffer = NULL; uint8_t *export_buffer = NULL; psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4425,17 +4425,17 @@ void derive_key_export( int alg_arg, &base_handle ) ); /* Derive some material and output it. */ - PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, capacity ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); /* Derive the same output again, but this time store it in key objects. */ - PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) ); @@ -4443,7 +4443,7 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, @@ -4451,7 +4451,7 @@ void derive_key_export( int alg_arg, TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, @@ -4465,7 +4465,7 @@ void derive_key_export( int alg_arg, exit: mbedtls_free( output_buffer ); mbedtls_free( export_buffer ); - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); mbedtls_psa_crypto_free( ); @@ -4481,7 +4481,7 @@ void key_agreement_setup( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -4499,10 +4499,10 @@ void key_agreement_setup( int alg_arg, * Test cases that fail at the setup step should be changed to call * key_derivation_setup instead, and this function should be renamed * to key_agreement_fail. */ - status = psa_key_derivation_setup( &generator, alg ); + status = psa_key_derivation_setup( &operation, alg ); if( status == PSA_SUCCESS ) { - TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, + TEST_EQUAL( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ), expected_status ); @@ -4513,7 +4513,7 @@ void key_agreement_setup( int alg_arg, } exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); } @@ -4565,7 +4565,7 @@ void key_agreement_capacity( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t actual_capacity; unsigned char output[16]; @@ -4579,37 +4579,37 @@ void key_agreement_capacity( int alg_arg, our_key_data->x, our_key_data->len, &our_key ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); } /* Test the advertized capacity. */ PSA_ASSERT( psa_key_derivation_get_capacity( - &generator, &actual_capacity ) ); + &operation, &actual_capacity ) ); TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg ); /* Test the actual capacity by reading the output. */ while( actual_capacity > sizeof( output ) ) { - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); actual_capacity -= sizeof( output ); } - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, actual_capacity ) ); - TEST_EQUAL( psa_key_derivation_output_bytes( &generator, output, 1 ), + TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); } @@ -4624,7 +4624,7 @@ void key_agreement_output( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; @@ -4640,26 +4640,26 @@ void key_agreement_output( int alg_arg, our_key_data->x, our_key_data->len, &our_key ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); } - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, actual_output, expected_output1->len ) ); ASSERT_COMPARE( actual_output, expected_output1->len, expected_output1->x, expected_output1->len ); if( expected_output2->len != 0 ) { - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, actual_output, expected_output2->len ) ); ASSERT_COMPARE( actual_output, expected_output2->len, @@ -4667,7 +4667,7 @@ void key_agreement_output( int alg_arg, } exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); mbedtls_free( actual_output ); @@ -4886,7 +4886,7 @@ void persistent_key_load_key_from_storage( data_t *data, size_t bits = bits_arg; psa_key_usage_t usage_flags = usage_flags_arg; psa_algorithm_t alg = alg_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); @@ -4933,16 +4933,16 @@ void persistent_key_load_key_from_storage( data_t *data, data->x, data->len, &base_key ) ); /* Derive a key. */ - PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) ); + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) ); PSA_ASSERT( psa_key_derivation_input_bytes( - &generator, PSA_KEY_DERIVATION_INPUT_INFO, + &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, &handle ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); base_key = 0; } @@ -4994,7 +4994,7 @@ exit: psa_reset_key_attributes( &attributes ); mbedtls_free( first_export ); mbedtls_free( second_export ); - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( base_key ); if( handle == 0 ) { From cf7292e25783d455cbf561b614df4f722e09b3f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 17:53:40 +0200 Subject: [PATCH 1263/2197] Wrap and reindent some lines After renaming several identifiers, re-wrap and re-indent some lines to make the code prettier. --- include/psa/crypto.h | 80 ++++++++------ include/psa/crypto_extra.h | 7 +- include/psa/crypto_values.h | 8 +- library/psa_crypto.c | 50 ++++----- tests/suites/test_suite_psa_crypto.function | 116 +++++++++++--------- 5 files changed, 140 insertions(+), 121 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c4aab460f..959af96fb 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3033,8 +3033,9 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ -psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, - size_t *capacity); +psa_status_t psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *operation, + size_t *capacity); /** Set the maximum capacity of a key derivation operation. * @@ -3054,8 +3055,9 @@ psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_ * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE */ -psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, - size_t capacity); +psa_status_t psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *operation, + size_t capacity); /** Read some data from a key derivation operation. * @@ -3084,9 +3086,10 @@ psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *ope * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, - uint8_t *output, - size_t output_length); +psa_status_t psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *operation, + uint8_t *output, + size_t output_length); /** Derive a key from an ongoing key derivation operation. * @@ -3101,8 +3104,8 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *ope * the key is derived, depends on the key type: * * - For key types for which the key is an arbitrary sequence of bytes - * of a given size, - * this function is functionally equivalent to calling #psa_key_derivation_output_bytes + * of a given size, this function is functionally equivalent to + * calling #psa_key_derivation_output_bytes * and passing the resulting output to #psa_import_key. * However, this function has a security benefit: * if the implementation provides an isolation boundary then @@ -3202,9 +3205,10 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *ope * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *operation, - psa_key_handle_t *handle); +psa_status_t psa_key_derivation_output_key( + const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + psa_key_handle_t *handle); /** Abort a key derivation operation. * @@ -3214,9 +3218,9 @@ psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attribute * * This function may be called at any time as long as the operation * object has been initialized to #PSA_KEY_DERIVATION_OPERATION_INIT, to - * psa_key_derivation_operation_init() or a zero value. In particular, it is valid - * to call psa_key_derivation_abort() twice, or to call psa_key_derivation_abort() - * on an operation that has not been set up. + * psa_key_derivation_operation_init() or a zero value. In particular, + * it is valid to call psa_key_derivation_abort() twice, or to call + * psa_key_derivation_abort() on an operation that has not been set up. * * Once aborted, the key derivation operation object may be called. * @@ -3228,7 +3232,8 @@ psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attribute * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation); +psa_status_t psa_key_derivation_abort( + psa_key_derivation_operation_t *operation); /** Use the maximum possible capacity for a key derivation operation. * @@ -3254,15 +3259,16 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation) * as appropriate. Which inputs are needed, in what order, and whether * they may be keys and if so of what type depends on the algorithm. * - Optionally set the operation's maximum capacity with - * psa_key_derivation_set_capacity(). You may do this before, in the middle of - * or after providing inputs. For some algorithms, this step is mandatory + * psa_key_derivation_set_capacity(). You may do this before, in the middle + * of or after providing inputs. For some algorithms, this step is mandatory * because the output depends on the maximum capacity. * - To derive a key, call psa_key_derivation_output_key(). * To derive a byte string for a different purpose, call * - psa_key_derivation_output_bytes(). * Successive calls to these functions use successive output bytes * calculated by the key derivation algorithm. - * - Clean up the key derivation operation object with psa_key_derivation_abort(). + * - Clean up the key derivation operation object with + * psa_key_derivation_abort(). * * \param[in,out] operation The key derivation operation object * to set up. It must @@ -3283,8 +3289,9 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation) * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, - psa_algorithm_t alg); +psa_status_t psa_key_derivation_setup( + psa_key_derivation_operation_t *operation, + psa_algorithm_t alg); /** Provide an input for key derivation or key agreement. * @@ -3321,10 +3328,11 @@ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length); +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length); /** Provide an input for key derivation in the form of a key. * @@ -3366,9 +3374,10 @@ psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *oper * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t handle); +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle); /** Perform a key agreement and use the shared secret as input to a key * derivation. @@ -3423,11 +3432,12 @@ psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operat * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length); +psa_status_t psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length); /** Perform a key agreement and use the shared secret as input to a key * derivation. @@ -3439,8 +3449,8 @@ psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *op * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should * not be used directly as key material. It should instead be passed as * input to a key derivation algorithm. To chain a key agreement with - * a key derivation, use psa_key_derivation_key_agreement() and other functions from - * the key derivation interface. + * a key derivation, use psa_key_derivation_key_agreement() and other + * functions from the key derivation interface. * * \param alg The key agreement algorithm to compute * (\c PSA_ALG_XXX value such that diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 1fb052b27..45655ddfc 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -157,9 +157,10 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step * and \p label is the info string used in the "expand" step. * - * \param[in,out] operation The key derivation object to set up. It must have - * been initialized as per the documentation for - * #psa_key_derivation_operation_t and not yet in use. + * \param[in,out] operation The key derivation object to set up. It must + * have been initialized as per the documentation + * for #psa_key_derivation_operation_t and not + * yet be in use. * \param handle Handle to the secret key. * \param alg The key derivation algorithm to compute * (\c PSA_ALG_XXX value such that diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c57d06a36..c54fc9a60 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1590,25 +1590,25 @@ * * This must be a key of type #PSA_KEY_TYPE_DERIVE. */ -#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) /** A label for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) /** A salt for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) /** An information string for key derivation. * * This must be a direct input. */ -#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3e77dceb0..4b6dcf0a5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4572,13 +4572,13 @@ exit: * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hkdf, - const uint8_t *secret, - size_t secret_length, - psa_algorithm_t hash_alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length ) + const uint8_t *secret, + size_t secret_length, + psa_algorithm_t hash_alg, + const uint8_t *salt, + size_t salt_length, + const uint8_t *label, + size_t label_length ) { psa_status_t status; status = psa_hmac_setup_internal( &hkdf->hmac, @@ -4637,7 +4637,7 @@ static psa_status_t psa_key_derivation_tls12_prf_setup( memcpy( tls12_prf->key, key, key_len ); overflow = ( salt_length + label_length < salt_length ) || - ( salt_length + label_length + hash_length < hash_length ); + ( salt_length + label_length + hash_length < hash_length ); if( overflow ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4700,10 +4700,10 @@ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( memcpy( pms + 4 + psk_len, psk, psk_len ); status = psa_key_derivation_tls12_prf_setup( tls12_prf, - pms, 4 + 2 * psk_len, - hash_alg, - salt, salt_length, - label, label_length ); + pms, 4 + 2 * psk_len, + hash_alg, + salt, salt_length, + label, label_length ); mbedtls_platform_zeroize( pms, sizeof( pms ) ); return( status ); @@ -4753,10 +4753,10 @@ static psa_status_t psa_key_derivation_internal( return( PSA_ERROR_NOT_SUPPORTED ); max_capacity = 255 * hash_size; status = psa_key_derivation_hkdf_setup( &operation->ctx.hkdf, - secret, secret_length, - hash_alg, - salt, salt_length, - label, label_length ); + secret, secret_length, + hash_alg, + salt, salt_length, + label, label_length ); } /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ else if( PSA_ALG_IS_TLS12_PRF( alg ) || @@ -4777,9 +4777,9 @@ static psa_status_t psa_key_derivation_internal( if( PSA_ALG_IS_TLS12_PRF( alg ) ) { status = psa_key_derivation_tls12_prf_setup( &operation->ctx.tls12_prf, - secret, secret_length, - hash_alg, salt, salt_length, - label, label_length ); + secret, secret_length, + hash_alg, salt, salt_length, + label, label_length ); } else { @@ -5003,9 +5003,9 @@ static psa_status_t psa_key_derivation_input_raw( else #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) - /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ + /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) + PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { // To do: implement this status = PSA_ERROR_NOT_SUPPORTED; @@ -5184,10 +5184,10 @@ exit: } psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length ) + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length ) { psa_key_slot_t *slot; psa_status_t status; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4c28b80a6..e9fd3f612 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -559,8 +559,8 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, sizeof( output ) ) ); } PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, - sizeof( output ) ) ); + output, + sizeof( output ) ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } @@ -572,8 +572,9 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ -static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *operation, - psa_key_handle_t handle ) +static psa_status_t key_agreement_with_self( + psa_key_derivation_operation_t *operation, + psa_key_handle_t handle ) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -581,8 +582,8 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *ope uint8_t *public_key = NULL; size_t public_key_length; /* Return GENERIC_ERROR if something other than the final call to - * psa_key_derivation_key_agreement fails. This isn't fully satisfactory, but it's - * good enough: callers will report it as a failed test anyway. */ + * psa_key_derivation_key_agreement fails. This isn't fully satisfactory, + * but it's good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -596,8 +597,9 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *ope public_key, public_key_length, &public_key_length ) ); - status = psa_key_derivation_key_agreement( operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle, - public_key, public_key_length ); + status = psa_key_derivation_key_agreement( + operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle, + public_key, public_key_length ); exit: mbedtls_free( public_key ); psa_reset_key_attributes( &attributes ); @@ -617,8 +619,8 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, uint8_t output[1024]; size_t output_length; /* Return GENERIC_ERROR if something other than the final call to - * psa_key_derivation_key_agreement fails. This isn't fully satisfactory, but it's - * good enough: callers will report it as a failed test anyway. */ + * psa_key_derivation_key_agreement fails. This isn't fully satisfactory, + * but it's good enough: callers will report it as a failed test anyway. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -675,8 +677,8 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); PSA_ASSERT( key_agreement_with_self( &operation, handle ) ); PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, - sizeof( output ) ) ); + output, + sizeof( output ) ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } ok = 1; @@ -2488,7 +2490,7 @@ void mac_bad_order( ) /* Call update after verify finish. */ PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + handle, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_verify_finish( &operation, verify_mac, sizeof( verify_mac ) ) ); @@ -2511,7 +2513,7 @@ void mac_bad_order( ) /* Call verify finish twice in a row. */ PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + handle, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); PSA_ASSERT( psa_mac_verify_finish( &operation, verify_mac, sizeof( verify_mac ) ) ); @@ -2531,7 +2533,7 @@ void mac_bad_order( ) /* Setup verify but try sign. */ PSA_ASSERT( psa_mac_verify_setup( &operation, - handle, alg ) ); + handle, alg ) ); PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), @@ -4120,7 +4122,8 @@ void test_derive_invalid_key_derivation_tests( ) size_t capacity = 0; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &operation, + output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) @@ -4128,7 +4131,8 @@ void test_derive_invalid_key_derivation_tests( ) PSA_ASSERT( psa_key_derivation_abort( &operation ) ); - TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &operation, + output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) @@ -4186,7 +4190,7 @@ void derive_output( int alg_arg, { PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); + requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); @@ -4206,7 +4210,7 @@ void derive_output( int alg_arg, requested_capacity ) ); } PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); + ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); expected_capacity = requested_capacity; @@ -4215,7 +4219,7 @@ void derive_output( int alg_arg, { /* Read some bytes. */ status = psa_key_derivation_output_bytes( &operation, - output_buffer, output_sizes[i] ); + output_buffer, output_sizes[i] ); if( expected_capacity == 0 && output_sizes[i] == 0 ) { /* Reading 0 bytes when 0 bytes are available can go either way. */ @@ -4239,7 +4243,7 @@ void derive_output( int alg_arg, /* Check the operation status. */ expected_capacity -= output_sizes[i]; PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); + ¤t_capacity ) ); TEST_EQUAL( expected_capacity, current_capacity ); } PSA_ASSERT( psa_key_derivation_abort( &operation ) ); @@ -4282,7 +4286,7 @@ void derive_full( int alg_arg, { PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); + requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); @@ -4302,7 +4306,7 @@ void derive_full( int alg_arg, requested_capacity ) ); } PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); + ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); /* Expansion phase. */ @@ -4312,11 +4316,11 @@ void derive_full( int alg_arg, if( read_size > current_capacity ) read_size = current_capacity; PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, - read_size ) ); + output_buffer, + read_size ) ); expected_capacity -= read_size; PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); + ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); } @@ -4373,7 +4377,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, - &derived_handle ) ); + &derived_handle ) ); /* Test the key information */ PSA_ASSERT( psa_get_key_attributes( derived_handle, &got_attributes ) ); @@ -4430,8 +4434,8 @@ void derive_key_export( int alg_arg, label->x, label->len, capacity ) ); PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, - capacity ) ); + output_buffer, + capacity ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); /* Derive the same output again, but this time store it in key objects. */ @@ -4444,7 +4448,7 @@ void derive_key_export( int alg_arg, psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_handle ) ); + &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, &length ) ); @@ -4452,7 +4456,7 @@ void derive_key_export( int alg_arg, PSA_ASSERT( psa_destroy_key( derived_handle ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_handle ) ); + &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, &length ) ); @@ -4502,9 +4506,10 @@ void key_agreement_setup( int alg_arg, status = psa_key_derivation_setup( &operation, alg ); if( status == PSA_SUCCESS ) { - TEST_EQUAL( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - our_key, - peer_key_data->x, peer_key_data->len ), + TEST_EQUAL( psa_key_derivation_key_agreement( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + our_key, + peer_key_data->x, peer_key_data->len ), expected_status ); } else @@ -4580,9 +4585,10 @@ void key_agreement_capacity( int alg_arg, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - our_key, - peer_key_data->x, peer_key_data->len ) ); + PSA_ASSERT( psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, our_key, + peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ @@ -4600,11 +4606,11 @@ void key_agreement_capacity( int alg_arg, while( actual_capacity > sizeof( output ) ) { PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, sizeof( output ) ) ); + output, sizeof( output ) ) ); actual_capacity -= sizeof( output ); } PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, actual_capacity ) ); + output, actual_capacity ) ); TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); @@ -4641,9 +4647,10 @@ void key_agreement_output( int alg_arg, &our_key ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - our_key, - peer_key_data->x, peer_key_data->len ) ); + PSA_ASSERT( psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, our_key, + peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ @@ -4653,15 +4660,15 @@ void key_agreement_output( int alg_arg, } PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - actual_output, - expected_output1->len ) ); + actual_output, + expected_output1->len ) ); ASSERT_COMPARE( actual_output, expected_output1->len, expected_output1->x, expected_output1->len ); if( expected_output2->len != 0 ) { PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - actual_output, - expected_output2->len ) ); + actual_output, + expected_output2->len ) ); ASSERT_COMPARE( actual_output, expected_output2->len, expected_output2->x, expected_output2->len ); } @@ -4842,8 +4849,8 @@ void generate_key_rsa( int bits_arg, * publicExponent INTEGER } -- e */ TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) ); + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED ) ); TEST_ASSERT( asn1_skip_integer( &p, end, bits, bits, 1 ) ); TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_INTEGER ) ); @@ -4934,19 +4941,20 @@ void persistent_key_load_key_from_storage( data_t *data, &base_key ) ); /* Derive a key. */ PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) ); - PSA_ASSERT( psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - base_key ) ); + PSA_ASSERT( psa_key_derivation_input_key( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, - &handle ) ); + PSA_ASSERT( psa_key_derivation_output_key( &attributes, + &operation, + &handle ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); base_key = 0; } - break; + break; } psa_reset_key_attributes( &attributes ); From 1cb9a08d6a916eb230a98faa8fbe6771b895707e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 17:56:47 +0200 Subject: [PATCH 1264/2197] Reorder key derivation functions in the header file Present key derivation functions in a more logical order, corresponding roughly to the order in which an application would call them. --- include/psa/crypto.h | 408 +++++++++++++++++++++---------------------- 1 file changed, 204 insertions(+), 204 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 959af96fb..1d4fc319a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3020,6 +3020,55 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; */ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); +/** Set up a key derivation operation. + * + * A key derivation algorithm takes some inputs and uses them to generate + * a byte stream in a deterministic way. + * This byte stream can be used to produce keys and other + * cryptographic material. + * + * To derive a key: + * - Start with an initialized object of type #psa_key_derivation_operation_t. + * - Call psa_key_derivation_setup() to select the algorithm. + * - Provide the inputs for the key derivation by calling + * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() + * as appropriate. Which inputs are needed, in what order, and whether + * they may be keys and if so of what type depends on the algorithm. + * - Optionally set the operation's maximum capacity with + * psa_key_derivation_set_capacity(). You may do this before, in the middle + * of or after providing inputs. For some algorithms, this step is mandatory + * because the output depends on the maximum capacity. + * - To derive a key, call psa_key_derivation_output_key(). + * To derive a byte string for a different purpose, call + * - psa_key_derivation_output_bytes(). + * Successive calls to these functions use successive output bytes + * calculated by the key derivation algorithm. + * - Clean up the key derivation operation object with + * psa_key_derivation_abort(). + * + * \param[in,out] operation The key derivation operation object + * to set up. It must + * have been initialized but not set up yet. + * \param alg The key derivation algorithm to compute + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c alg is not a key derivation algorithm. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + */ +psa_status_t psa_key_derivation_setup( + psa_key_derivation_operation_t *operation, + psa_algorithm_t alg); + /** Retrieve the current capacity of a key derivation operation. * * The capacity of a key derivation is the maximum number of bytes that it can @@ -3059,6 +3108,161 @@ psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation, size_t capacity); +/** Use the maximum possible capacity for a key derivation operation. + * + * Use this value as the capacity argument when setting up a key derivation + * to indicate that the operation should have the maximum possible capacity. + * The value of the maximum possible capacity depends on the key derivation + * algorithm. + */ +#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) + +/** Provide an input for key derivation or key agreement. + * + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function passes direct inputs. Some inputs must be passed as keys + * using psa_key_derivation_input_key() instead of this function. Refer to + * the documentation of individual step types for information. + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param[in] data Input data to use. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow direct inputs. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The value of \p step is not valid given the state of \p operation. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length); + +/** Provide an input for key derivation in the form of a key. + * + * Which inputs are required and in what order depends on the algorithm. + * Refer to the documentation of each key derivation or key agreement + * algorithm for information. + * + * This function passes key inputs. Some inputs must be passed as keys + * of the appropriate type using this function, while others must be + * passed as direct inputs using psa_key_derivation_input_bytes(). Refer to + * the documentation of individual step types for information. + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() and must not + * have produced any output yet. + * \param step Which step the input data is for. + * \param handle Handle to the key. It must have an + * appropriate type for \p step and must + * allow the usage #PSA_KEY_USAGE_DERIVE. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow key inputs. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The value of \p step is not valid given the state of \p operation. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle); + +/** Perform a key agreement and use the shared secret as input to a key + * derivation. + * + * A key agreement algorithm takes two inputs: a private key \p private_key + * a public key \p peer_key. + * The result of this function is passed as input to a key derivation. + * The output of this key derivation can be extracted by reading from the + * resulting operation to produce keys and other cryptographic material. + * + * \param[in,out] operation The key derivation operation object to use. + * It must have been set up with + * psa_key_derivation_setup() with a + * key agreement and derivation algorithm + * \c alg (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true + * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) + * is false). + * The operation must be ready for an + * input of the type given by \p step. + * \param step Which step the input data is for. + * \param private_key Handle to the private key to use. + * \param[in] peer_key Public key of the peer. The peer key must be in the + * same format that psa_import_key() accepts for the + * public key type corresponding to the type of + * private_key. That is, this function performs the + * equivalent of + * #psa_import_key(..., + * `peer_key`, `peer_key_length`) where + * with key attributes indicating the public key + * type corresponding to the type of `private_key`. + * For example, for EC keys, this means that peer_key + * is interpreted as a point on the curve that the + * private key is on. The standard formats for public + * keys are documented in the documentation of + * psa_export_public_key(). + * \param peer_key_length Size of \p peer_key in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c private_key is not compatible with \c alg, + * or \p peer_key is not valid for \c alg or not compatible with + * \c private_key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_TAMPERING_DETECTED + */ +psa_status_t psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length); + /** Read some data from a key derivation operation. * * This function calculates output bytes from a key derivation algorithm and @@ -3235,210 +3439,6 @@ psa_status_t psa_key_derivation_output_key( psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation); -/** Use the maximum possible capacity for a key derivation operation. - * - * Use this value as the capacity argument when setting up a key derivation - * to indicate that the operation should have the maximum possible capacity. - * The value of the maximum possible capacity depends on the key derivation - * algorithm. - */ -#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) - -/** Set up a key derivation operation. - * - * A key derivation algorithm takes some inputs and uses them to generate - * a byte stream in a deterministic way. - * This byte stream can be used to produce keys and other - * cryptographic material. - * - * To derive a key: - * - Start with an initialized object of type #psa_key_derivation_operation_t. - * - Call psa_key_derivation_setup() to select the algorithm. - * - Provide the inputs for the key derivation by calling - * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() - * as appropriate. Which inputs are needed, in what order, and whether - * they may be keys and if so of what type depends on the algorithm. - * - Optionally set the operation's maximum capacity with - * psa_key_derivation_set_capacity(). You may do this before, in the middle - * of or after providing inputs. For some algorithms, this step is mandatory - * because the output depends on the maximum capacity. - * - To derive a key, call psa_key_derivation_output_key(). - * To derive a byte string for a different purpose, call - * - psa_key_derivation_output_bytes(). - * Successive calls to these functions use successive output bytes - * calculated by the key derivation algorithm. - * - Clean up the key derivation operation object with - * psa_key_derivation_abort(). - * - * \param[in,out] operation The key derivation operation object - * to set up. It must - * have been initialized but not set up yet. - * \param alg The key derivation algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c alg is not a key derivation algorithm. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - */ -psa_status_t psa_key_derivation_setup( - psa_key_derivation_operation_t *operation, - psa_algorithm_t alg); - -/** Provide an input for key derivation or key agreement. - * - * Which inputs are required and in what order depends on the algorithm. - * Refer to the documentation of each key derivation or key agreement - * algorithm for information. - * - * This function passes direct inputs. Some inputs must be passed as keys - * using psa_key_derivation_input_key() instead of this function. Refer to - * the documentation of individual step types for information. - * - * \param[in,out] operation The key derivation operation object to use. - * It must have been set up with - * psa_key_derivation_setup() and must not - * have produced any output yet. - * \param step Which step the input data is for. - * \param[in] data Input data to use. - * \param data_length Size of the \p data buffer in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the operation's algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow direct inputs. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid given the state of \p operation. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_input_bytes( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length); - -/** Provide an input for key derivation in the form of a key. - * - * Which inputs are required and in what order depends on the algorithm. - * Refer to the documentation of each key derivation or key agreement - * algorithm for information. - * - * This function passes key inputs. Some inputs must be passed as keys - * of the appropriate type using this function, while others must be - * passed as direct inputs using psa_key_derivation_input_bytes(). Refer to - * the documentation of individual step types for information. - * - * \param[in,out] operation The key derivation operation object to use. - * It must have been set up with - * psa_key_derivation_setup() and must not - * have produced any output yet. - * \param step Which step the input data is for. - * \param handle Handle to the key. It must have an - * appropriate type for \p step and must - * allow the usage #PSA_KEY_USAGE_DERIVE. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the operation's algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow key inputs. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid given the state of \p operation. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation_input_key( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t handle); - -/** Perform a key agreement and use the shared secret as input to a key - * derivation. - * - * A key agreement algorithm takes two inputs: a private key \p private_key - * a public key \p peer_key. - * The result of this function is passed as input to a key derivation. - * The output of this key derivation can be extracted by reading from the - * resulting operation to produce keys and other cryptographic material. - * - * \param[in,out] operation The key derivation operation object to use. - * It must have been set up with - * psa_key_derivation_setup() with a - * key agreement and derivation algorithm - * \c alg (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true - * and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) - * is false). - * The operation must be ready for an - * input of the type given by \p step. - * \param step Which step the input data is for. - * \param private_key Handle to the private key to use. - * \param[in] peer_key Public key of the peer. The peer key must be in the - * same format that psa_import_key() accepts for the - * public key type corresponding to the type of - * private_key. That is, this function performs the - * equivalent of - * #psa_import_key(..., - * `peer_key`, `peer_key_length`) where - * with key attributes indicating the public key - * type corresponding to the type of `private_key`. - * For example, for EC keys, this means that peer_key - * is interpreted as a point on the curve that the - * private key is on. The standard formats for public - * keys are documented in the documentation of - * psa_export_public_key(). - * \param peer_key_length Size of \p peer_key in bytes. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c private_key is not compatible with \c alg, - * or \p peer_key is not valid for \c alg or not compatible with - * \c private_key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED - */ -psa_status_t psa_key_derivation_key_agreement( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length); - /** Perform a key agreement and use the shared secret as input to a key * derivation. * From be697d8324d245be969c5a1f2c07bf909072329f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 18:00:41 +0200 Subject: [PATCH 1265/2197] Shorten the name of psa_key_agreement_raw_shared_secret There is less of a risk of confusion with the KA+KDF function now. --- include/psa/crypto.h | 14 +++++++------- library/psa_crypto.c | 14 +++++++------- tests/suites/test_suite_psa_crypto.function | 15 +++++++-------- 3 files changed, 21 insertions(+), 22 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1d4fc319a..53babd46d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3487,13 +3487,13 @@ psa_status_t psa_key_derivation_abort( * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED */ -psa_status_t psa_key_agreement_raw_shared_secret(psa_algorithm_t alg, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *output, - size_t output_size, - size_t *output_length); +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length); /**@}*/ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4b6dcf0a5..01ef0f5d5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5205,13 +5205,13 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o return( status ); } -psa_status_t psa_key_agreement_raw_shared_secret( psa_algorithm_t alg, - psa_key_handle_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, + psa_key_handle_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { psa_key_slot_t *slot; psa_status_t status; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e9fd3f612..e695ea568 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -634,10 +634,9 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, public_key, public_key_length, &public_key_length ) ); - status = psa_key_agreement_raw_shared_secret( - alg, handle, - public_key, public_key_length, - output, sizeof( output ), &output_length ); + status = psa_raw_key_agreement( alg, handle, + public_key, public_key_length, + output, sizeof( output ), &output_length ); exit: mbedtls_free( public_key ); psa_reset_key_attributes( &attributes ); @@ -4547,10 +4546,10 @@ void raw_key_agreement( int alg_arg, our_key_data->x, our_key_data->len, &our_key ) ); - PSA_ASSERT( psa_key_agreement_raw_shared_secret( - alg, our_key, - peer_key_data->x, peer_key_data->len, - output, expected_output->len, &output_length ) ); + PSA_ASSERT( psa_raw_key_agreement( alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len, + &output_length ) ); ASSERT_COMPARE( output, output_length, expected_output->x, expected_output->len ); From 58fe9e8afe3d9426a6cbbdea1c7a2efe9b5b4456 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 18:01:45 +0200 Subject: [PATCH 1266/2197] Correct the description of psa_raw_key_agreement There was some copypasta from the KA+KDF function's description. --- include/psa/crypto.h | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 53babd46d..84026c91c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3439,11 +3439,7 @@ psa_status_t psa_key_derivation_output_key( psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation); -/** Perform a key agreement and use the shared secret as input to a key - * derivation. - * - * A key agreement algorithm takes two inputs: a private key \p private_key - * a public key \p peer_key. +/** Perform a key agreement and return the raw shared secret. * * \warning The raw result of a key agreement algorithm such as finite-field * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should From 24f10f85e2d771d8eccd5b1f5674ac57327e8dc6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 12:18:32 +0200 Subject: [PATCH 1267/2197] Remove domain parameters from the official API Move psa_get_key_domain_parameters() and psa_set_key_domain_parameters() out of the official API and declare them to be implementation-specific extensions. Expand the documentation of psa_set_key_domain_parameters() a bit to explain how domain parameters are used. Remove all mentions of domain parameters from the documentation of API functions. This leaves DH and DSA effectively unusable. --- include/psa/crypto.h | 138 +++-------------------------------- include/psa/crypto_extra.h | 141 ++++++++++++++++++++++++++++++++++++ include/psa/crypto_sizes.h | 32 -------- include/psa/crypto_struct.h | 7 ++ 4 files changed, 160 insertions(+), 158 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 84026c91c..487fce822 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -105,8 +105,7 @@ psa_status_t psa_crypto_init(void); * and its lifetime. * - The key's policy, comprising usage flags and a specification of * the permitted algorithm(s). - * - Information about the key itself: the key type, the key size, and - * for some key type additional domain parameters. + * - Information about the key itself: the key type and its size. * - Implementations may define additional attributes. * * The actual key material is not considered an attribute of a key. @@ -167,7 +166,7 @@ psa_status_t psa_crypto_init(void); * * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. * - key identifier: unspecified. - * - type: \c 0, with no domain parameters. + * - type: \c 0. * - key size: \c 0. * - usage flags: \c 0. * - algorithm: \c 0. @@ -179,8 +178,7 @@ psa_status_t psa_crypto_init(void); * location. * -# Set the key policy with psa_set_key_usage_flags() and * psa_set_key_algorithm(). - * -# Set the key type with psa_set_key_type(). If the key type requires - * domain parameters, call psa_set_key_domain_parameters() instead. + * -# Set the key type with psa_set_key_type(). * Skip this step if copying an existing key with psa_copy_key(). * -# When generating a random key with psa_generate_random_key() or deriving a key * with psa_key_derivation_output_key(), set the desired key size with @@ -189,11 +187,11 @@ psa_status_t psa_crypto_init(void); * psa_key_derivation_output_key() or psa_copy_key(). This function reads * the attribute structure, creates a key with these attributes, and * outputs a handle to the newly created key. - * -# The attribute structure is now no longer necessary. If you called - * psa_set_key_domain_parameters() earlier, you must call - * psa_reset_key_attributes() to free any resources used by the - * domain parameters. Otherwise calling psa_reset_key_attributes() - * is optional. + * -# The attribute structure is now no longer necessary. + * You may call psa_reset_key_attributes(), although this is optional + * with the workflow presented here because the attributes currently + * defined in this specification do not require any additional resources + * beyond the structure itself. * * A typical sequence to query a key's attributes is as follows: * -# Call psa_get_key_attributes(). @@ -349,10 +347,7 @@ static psa_algorithm_t psa_get_key_algorithm( /** Declare the type of a key. * - * If a type requires domain parameters, you must call - * psa_set_key_domain_parameters() instead of this function. - * - * This function overwrites any key type and domain parameters + * This function overwrites any key type * previously set in \p attributes. * * This function may be declared as `static` (i.e. without external @@ -403,97 +398,6 @@ static psa_key_type_t psa_get_key_type(const psa_key_attributes_t *attributes); */ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); -/** - * \brief Set domain parameters for a key. - * - * Some key types require additional domain parameters in addition to - * the key type identifier and the key size. - * The format for the required domain parameters varies by the key type. - * - * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEYPAIR), - * the domain parameter data consists of the public exponent, - * represented as a big-endian integer with no leading zeros. - * This information is used when generating an RSA key pair. - * When importing a key, the public exponent is read from the imported - * key data and the exponent recorded in the attribute structure is ignored. - * As an exception, the public exponent 65537 is represented by an empty - * byte string. - * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEYPAIR), - * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. - * ``` - * Dss-Parms ::= SEQUENCE { - * p INTEGER, - * q INTEGER, - * g INTEGER - * } - * ``` - * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY or - * #PSA_KEY_TYPE_DH_KEYPAIR), the - * `DomainParameters` format as defined by RFC 3279 §2.3.3. - * ``` - * DomainParameters ::= SEQUENCE { - * p INTEGER, -- odd prime, p=jq +1 - * g INTEGER, -- generator, g - * q INTEGER, -- factor of p-1 - * j INTEGER OPTIONAL, -- subgroup factor - * validationParms ValidationParms OPTIONAL - * } - * ValidationParms ::= SEQUENCE { - * seed BIT STRING, - * pgenCounter INTEGER - * } - * ``` - * - * \note This function may allocate memory or other resources. - * Once you have called this function on an attribute structure, - * you must call psa_reset_key_attributes() to free these resources. - * - * \param[in,out] attributes Attribute structure where the specified domain - * parameters will be stored. - * If this function fails, the content of - * \p attributes is not modified. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param[in] data Buffer containing the key domain parameters. - * The content of this buffer is interpreted - * according to \p type as described above. - * \param data_length Size of the \p data buffer in bytes. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - */ -psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); - -/** - * \brief Get domain parameters for a key. - * - * Get the domain parameters for a key with this function, if any. The format - * of the domain parameters written to \p data is specified in the - * documentation for psa_set_key_domain_parameters(). - * - * \param[in] attributes The key attribute structure to query. - * \param[out] data On success, the key domain parameters. - * \param data_size Size of the \p data buffer in bytes. - * The buffer is guaranteed to be large - * enough if its size in bytes is at least - * the value given by - * PSA_KEY_DOMAIN_PARAMETERS_SIZE(). - * \param[out] data_length On success, the number of bytes - * that make up the key domain parameters data. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - */ -psa_status_t psa_get_key_domain_parameters( - const psa_key_attributes_t *attributes, - uint8_t *data, - size_t data_size, - size_t *data_length); - /** Retrieve the attributes of a key. * * This function first resets the attribute structure as with @@ -617,9 +521,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. * \param[in] data Buffer containing the key data. The content of this - * buffer is interpreted according to the type and, - * if applicable, domain parameters declared in - * \p attributes. + * buffer is interpreted according to the type declared + * in \p attributes. * All implementations must support at least the format * described in the documentation * of psa_export_key() or psa_export_public_key() for @@ -910,9 +813,6 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * - The key type and size may be 0. If either is * nonzero, it must match the corresponding * attribute of the source key. - * - If \p attributes contains domain parameters, - * they must match the domain parameters of - * the source key. * - The key location (the lifetime and, for * persistent keys, the key identifier) is * used directly. @@ -936,7 +836,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * The policy constraints on the source and specified in * \p attributes are incompatible. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p attributes specifies a key type, domain parameters or key size + * \p attributes specifies a key type or key size * which does not match the attributes of the source key. * \retval #PSA_ERROR_NOT_PERMITTED * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. @@ -3529,20 +3429,6 @@ psa_status_t psa_generate_random(uint8_t *output, * The key is generated randomly. * Its location, policy, type and size are taken from \p attributes. * - * If the type requires additional domain parameters, these are taken - * from \p attributes as well. The following types use domain parameters: - * - When generating an RSA key (#PSA_KEY_TYPE_RSA_KEYPAIR), - * the default public exponent is 65537. This value is used if - * \p attributes was set with psa_set_key_type() or by passing an empty - * byte string as domain parameters to psa_set_key_domain_parameters(). - * If psa_set_key_domain_parameters() was used to set a non-empty - * domain parameter string in \p attributes, this string is read as - * a big-endian integer which is used as the public exponent. - * - When generating a DSA key (#PSA_KEY_TYPE_DSA_KEYPAIR) or a - * Diffie-Hellman key (#PSA_KEY_TYPE_DH_KEYPAIR), the domain parameters - * from \p attributes are interpreted as described for - * psa_set_key_domain_parameters(). - * * \param[in] attributes The attributes for the new key. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 45655ddfc..5016ba87c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -444,6 +444,147 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, /**@}*/ + +/** \addtogroup attributes + * @{ + */ + +/** + * \brief Set domain parameters for a key. + * + * Some key types require additional domain parameters in addition to + * the key type identifier and the key size. Use this function instead + * of psa_set_key_type() when you need to specify domain parameters. + * + * The format for the required domain parameters varies based on the key type. + * + * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEYPAIR), + * the domain parameter data consists of the public exponent, + * represented as a big-endian integer with no leading zeros. + * This information is used when generating an RSA key pair. + * When importing a key, the public exponent is read from the imported + * key data and the exponent recorded in the attribute structure is ignored. + * As an exception, the public exponent 65537 is represented by an empty + * byte string. + * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEYPAIR), + * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. + * ``` + * Dss-Parms ::= SEQUENCE { + * p INTEGER, + * q INTEGER, + * g INTEGER + * } + * ``` + * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY or + * #PSA_KEY_TYPE_DH_KEYPAIR), the + * `DomainParameters` format as defined by RFC 3279 §2.3.3. + * ``` + * DomainParameters ::= SEQUENCE { + * p INTEGER, -- odd prime, p=jq +1 + * g INTEGER, -- generator, g + * q INTEGER, -- factor of p-1 + * j INTEGER OPTIONAL, -- subgroup factor + * validationParms ValidationParms OPTIONAL + * } + * ValidationParms ::= SEQUENCE { + * seed BIT STRING, + * pgenCounter INTEGER + * } + * ``` + * + * \note This function may allocate memory or other resources. + * Once you have called this function on an attribute structure, + * you must call psa_reset_key_attributes() to free these resources. + * + * \note This is an experimental extension to the interface. It may change + * in future versions of the library. + * + * \param[in,out] attributes Attribute structure where the specified domain + * parameters will be stored. + * If this function fails, the content of + * \p attributes is not modified. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] data Buffer containing the key domain parameters. + * The content of this buffer is interpreted + * according to \p type as described above. + * \param data_length Size of the \p data buffer in bytes. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + +/** + * \brief Get domain parameters for a key. + * + * Get the domain parameters for a key with this function, if any. The format + * of the domain parameters written to \p data is specified in the + * documentation for psa_set_key_domain_parameters(). + * + * \note This is an experimental extension to the interface. It may change + * in future versions of the library. + * + * \param[in] attributes The key attribute structure to query. + * \param[out] data On success, the key domain parameters. + * \param data_size Size of the \p data buffer in bytes. + * The buffer is guaranteed to be large + * enough if its size in bytes is at least + * the value given by + * PSA_KEY_DOMAIN_PARAMETERS_SIZE(). + * \param[out] data_length On success, the number of bytes + * that make up the key domain parameters data. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + */ +psa_status_t psa_get_key_domain_parameters( + const psa_key_attributes_t *attributes, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/** Safe output buffer size for psa_get_key_domain_parameters(). + * + * This macro returns a compile-time constant if its arguments are + * compile-time constants. + * + * \warning This function may call its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \note This is an experimental extension to the interface. It may change + * in future versions of the library. + * + * \param key_type A supported key type. + * \param key_bits The size of the key in bits. + * + * \return If the parameters are valid and supported, return + * a buffer size in bytes that guarantees that + * psa_get_key_domain_parameters() will not fail with + * #PSA_ERROR_BUFFER_TOO_SMALL. + * If the parameters are a valid combination that is not supported + * by the implementation, this macro either shall return either a + * sensible size or 0. + * If the parameters are not valid, the + * return value is unspecified. + */ +#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ + PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ + 0) +#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ + (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/) +#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ + (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/) + +/**@}*/ + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index cab896e8a..11c73a9de 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -695,36 +695,4 @@ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ 0) -/** Safe output buffer size for psa_get_key_domain_parameters(). - * - * This macro returns a compile-time constant if its arguments are - * compile-time constants. - * - * \warning This function may call its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param key_type A supported key type. - * \param key_bits The size of the key in bits. - * - * \return If the parameters are valid and supported, return - * a buffer size in bytes that guarantees that - * psa_get_key_domain_parameters() will not fail with - * #PSA_ERROR_BUFFER_TOO_SMALL. - * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a - * sensible size or 0. - * If the parameters are not valid, the - * return value is unspecified. - */ -#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \ - PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ - PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \ - 0) -#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ - (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/) -#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \ - (4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/) - #endif /* PSA_CRYPTO_SIZES_H */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 01d3069bf..885d90888 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -331,6 +331,13 @@ static inline psa_algorithm_t psa_get_key_algorithm( return( attributes->policy.alg ); } +/* This function is declared in crypto_extra.h, which comes after this + * header file, but we need the function here, so repeat the declaration. */ +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length); + static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) { From dcaefae8491d955a230245ffd85b6daaa6630c0f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 12:55:35 +0200 Subject: [PATCH 1268/2197] Parametrize Diffie-Hellman keys by a group identifier Parametrize finite-field Diffie-Hellman key types with a DH group identifier, in the same way elliptic curve keys are parametrized with an EC curve identifier. Define the DH groups from the TLS registry (these are the groups from RFC 7919). Replicate the macro definitions and the metadata tests from elliptic curve identifiers to DH group identifiers. Define PSA_DH_GROUP_CUSTOM as an implementation-specific extension for which domain parameters are used to specify the group. --- include/psa/crypto.h | 9 ++-- include/psa/crypto_extra.h | 15 +++++- include/psa/crypto_types.h | 3 ++ include/psa/crypto_values.h | 47 +++++++++++++++---- programs/psa/psa_constant_names.c | 45 ++++++++++++++++++ scripts/generate_psa_constants.py | 40 +++++++++++++++- tests/scripts/test_psa_constant_names.py | 6 +++ .../test_suite_psa_crypto_metadata.data | 16 +++++++ .../test_suite_psa_crypto_metadata.function | 27 +++++++++++ 9 files changed, 193 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 487fce822..08bdb8468 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -656,7 +656,8 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`). * This is the content of the `privateKey` field of the `ECPrivateKey` * format defined by RFC 5915. - * - For Diffie-Hellman key exchange key pairs (#PSA_KEY_TYPE_DH_KEYPAIR), the + * - For Diffie-Hellman key exchange key pairs (key types for which + * #PSA_KEY_TYPE_IS_DH_KEYPAIR is true), the * format is the representation of the private key `x` as a big-endian byte * string. The length of the byte string is the private key size in bytes * (leading zeroes are not stripped). @@ -729,7 +730,8 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * representation of the public key `y = g^x mod p` as a big-endian byte * string. The length of the byte string is the length of the base prime `p` * in bytes. - * - For Diffie-Hellman key exchange public keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY), + * - For Diffie-Hellman key exchange public keys (key types for which + * #PSA_KEY_TYPE_IS_DH_PUBLIC_KEY is true), * the format is the representation of the public key `y = g^x mod p` as a * big-endian byte string. The length of the byte string is the length of the * base prime `p` in bytes. @@ -3253,7 +3255,8 @@ psa_status_t psa_key_derivation_output_bytes( * discard the first 8 bytes, use the next 8 bytes as the first key, * and continue reading output from the operation to derive the other * two keys). - * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEYPAIR), + * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEYPAIR(\c group) + * where \c group designates any Diffie-Hellman group), * DSA keys (#PSA_KEY_TYPE_DSA_KEYPAIR), and * ECC keys on a Weierstrass elliptic curve * (#PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 5016ba87c..37d9b40b2 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -449,6 +449,16 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * @{ */ +/** Custom Diffie-Hellman group. + * + * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or + * #PSA_KEY_TYPE_DH_KEYPAIR(#PSA_DH_GROUP_CUSTOM), the group data comes + * from domain parameters set by psa_set_key_domain_parameters(). + */ +/* This value is reserved for private use in the TLS named group registry. */ +#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x01fc) + + /** * \brief Set domain parameters for a key. * @@ -475,8 +485,9 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * g INTEGER * } * ``` - * - For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY or - * #PSA_KEY_TYPE_DH_KEYPAIR), the + * - For Diffie-Hellman key exchange keys + * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or + * #PSA_KEY_TYPE_DH_KEYPAIR(#PSA_DH_GROUP_CUSTOM)), the * `DomainParameters` format as defined by RFC 3279 §2.3.3. * ``` * DomainParameters ::= SEQUENCE { diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index ced42de1a..02c26788f 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -68,6 +68,9 @@ typedef uint32_t psa_key_type_t; /** The type of PSA elliptic curve identifiers. */ typedef uint16_t psa_ecc_curve_t; +/** The type of PSA Diffie-Hellman group identifiers. */ +typedef uint16_t psa_dh_group_t; + /** \brief Encoding of a cryptographic algorithm. * * For algorithms that can be applied to multiple key types, this type diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c54fc9a60..6cd22c840 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -492,14 +492,45 @@ #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) -/** Diffie-Hellman key exchange public key. */ -#define PSA_KEY_TYPE_DH_PUBLIC_KEY ((psa_key_type_t)0x60040000) -/** Diffie-Hellman key exchange key pair (private and public key). */ -#define PSA_KEY_TYPE_DH_KEYPAIR ((psa_key_type_t)0x70040000) -/** Whether a key type is a Diffie-Hellman key exchange key (pair or - * public-only). */ -#define PSA_KEY_TYPE_IS_DH(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DH_PUBLIC_KEY) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) +#define PSA_KEY_TYPE_DH_KEYPAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) +/** Diffie-Hellman key pair. */ +#define PSA_KEY_TYPE_DH_KEYPAIR(group) \ + (PSA_KEY_TYPE_DH_KEYPAIR_BASE | (group)) +/** Diffie-Hellman public key. */ +#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ + (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) + +/** Whether a key type is a Diffie-Hellman key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_DH(type) \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ + ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) +/** Whether a key type is a Diffie-Hellman key pair. */ +#define PSA_KEY_TYPE_IS_DH_KEYPAIR(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ + PSA_KEY_TYPE_DH_KEYPAIR_BASE) +/** Whether a key type is a Diffie-Hellman public key. */ +#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ + (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ + PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) + +/** Extract the group from a Diffie-Hellman key type. */ +#define PSA_KEY_TYPE_GET_GROUP(type) \ + ((psa_dh_group_t) (PSA_KEY_TYPE_IS_DH(type) ? \ + ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ + 0)) + +/* The encoding of group identifiers is currently aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 7919. */ +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) /** The block size of a block cipher. * diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 5240b084a..73692d022 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -64,6 +64,7 @@ static void append_integer(char **buffer, size_t buffer_size, /* The code of these function is automatically generated and included below. */ static const char *psa_ecc_curve_name(psa_ecc_curve_t curve); +static const char *psa_dh_group_name(psa_dh_group_t group); static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg); static void append_with_curve(char **buffer, size_t buffer_size, @@ -84,6 +85,24 @@ static void append_with_curve(char **buffer, size_t buffer_size, append(buffer, buffer_size, required_size, ")", 1); } +static void append_with_group(char **buffer, size_t buffer_size, + size_t *required_size, + const char *string, size_t length, + psa_dh_group_t group) +{ + const char *group_name = psa_dh_group_name(group); + append(buffer, buffer_size, required_size, string, length); + append(buffer, buffer_size, required_size, "(", 1); + if (group_name != NULL) { + append(buffer, buffer_size, required_size, + group_name, strlen(group_name)); + } else { + append_integer(buffer, buffer_size, required_size, + "0x%04x", group); + } + append(buffer, buffer_size, required_size, ")", 1); +} + typedef const char *(*psa_get_algorithm_name_func_ptr)(psa_algorithm_t alg); static void append_with_alg(char **buffer, size_t buffer_size, @@ -137,6 +156,23 @@ static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, } } +static int psa_snprint_dh_group(char *buffer, size_t buffer_size, + psa_dh_group_t group) +{ + const char *name = psa_dh_group_name(group); + if (name == NULL) { + return snprintf(buffer, buffer_size, "0x%04x", (unsigned) group); + } else { + size_t length = strlen(name); + if (length < buffer_size) { + memcpy(buffer, name, length + 1); + return (int) length; + } else { + return (int) buffer_size; + } + } +} + static void usage(const char *program_name) { printf("Usage: %s TYPE VALUE [VALUE...]\n", @@ -145,6 +181,7 @@ static void usage(const char *program_name) printf("Supported types (with = between aliases):\n"); printf(" alg=algorithm Algorithm (psa_algorithm_t)\n"); printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_curve_t)\n"); + printf(" group=dh_group Diffie-Hellman group identifier (psa_dh_group_t)\n"); printf(" type=key_type Key type (psa_key_type_t)\n"); printf(" usage=key_usage Key usage (psa_key_usage_t)\n"); printf(" error=status Status code (psa_status_t)\n"); @@ -188,6 +225,7 @@ int process_signed(signed_value_type type, long min, long max, char **argp) typedef enum { TYPE_ALGORITHM, TYPE_ECC_CURVE, + TYPE_DH_GROUP, TYPE_KEY_TYPE, TYPE_KEY_USAGE, } unsigned_value_type; @@ -216,6 +254,10 @@ int process_unsigned(unsigned_value_type type, unsigned long max, char **argp) psa_snprint_ecc_curve(buffer, sizeof(buffer), (psa_ecc_curve_t) value); break; + case TYPE_DH_GROUP: + psa_snprint_dh_group(buffer, sizeof(buffer), + (psa_dh_group_t) value); + break; case TYPE_KEY_TYPE: psa_snprint_key_type(buffer, sizeof(buffer), (psa_key_type_t) value); @@ -252,6 +294,9 @@ int main(int argc, char *argv[]) } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) { return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_curve_t) (-1), argv + 2); + } else if (!strcmp(argv[1], "group") || !strcmp(argv[1], "dh_group")) { + return process_unsigned(TYPE_DH_GROUP, (psa_dh_group_t) (-1), + argv + 2); } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { return process_unsigned(TYPE_KEY_TYPE, (psa_key_type_t) (-1), argv + 2); diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index dac60034d..ab7f1341f 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -22,6 +22,14 @@ static const char *psa_ecc_curve_name(psa_ecc_curve_t curve) } } +static const char *psa_dh_group_name(psa_dh_group_t group) +{ + switch (group) { + %(dh_group_cases)s + default: return NULL; + } +} + static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) { switch (hash_alg) { @@ -145,6 +153,12 @@ key_type_from_curve_template = '''if (%(tester)s(type)) { PSA_KEY_TYPE_GET_CURVE(type)); } else ''' +key_type_from_group_template = '''if (%(tester)s(type)) { + append_with_group(&buffer, buffer_size, &required_size, + "%(builder)s", %(builder_length)s, + PSA_KEY_TYPE_GET_GROUP(type)); + } else ''' + algorithm_from_hash_template = '''if (%(tester)s(core_alg)) { append(&buffer, buffer_size, &required_size, "%(builder)s(", %(builder_length)s + 1); @@ -169,7 +183,9 @@ class MacroCollector: self.statuses = set() self.key_types = set() self.key_types_from_curve = {} + self.key_types_from_group = {} self.ecc_curves = set() + self.dh_groups = set() self.algorithms = set() self.hash_algorithms = set() self.ka_algorithms = set() @@ -206,8 +222,12 @@ class MacroCollector: self.key_types.add(name) elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve': self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:] + elif name.startswith('PSA_KEY_TYPE_') and parameter == 'group': + self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:] elif name.startswith('PSA_ECC_CURVE_') and not parameter: self.ecc_curves.add(name) + elif name.startswith('PSA_DH_GROUP_') and not parameter: + self.dh_groups.add(name) elif name.startswith('PSA_ALG_') and not parameter: if name in ['PSA_ALG_ECDSA_BASE', 'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']: @@ -265,6 +285,10 @@ class MacroCollector: return '\n '.join(map(self.make_return_case, sorted(self.ecc_curves))) + def make_dh_group_cases(self): + return '\n '.join(map(self.make_return_case, + sorted(self.dh_groups))) + def make_key_type_cases(self): return '\n '.join(map(self.make_append_case, sorted(self.key_types))) @@ -274,11 +298,21 @@ class MacroCollector: 'builder_length': len(builder), 'tester': tester} - def make_key_type_code(self): + def make_key_type_from_group_code(self, builder, tester): + return key_type_from_group_template % {'builder': builder, + 'builder_length': len(builder), + 'tester': tester} + + def make_ecc_key_type_code(self): d = self.key_types_from_curve make = self.make_key_type_from_curve_code return ''.join([make(k, d[k]) for k in sorted(d.keys())]) + def make_dh_key_type_code(self): + d = self.key_types_from_group + make = self.make_key_type_from_group_code + return ''.join([make(k, d[k]) for k in sorted(d.keys())]) + def make_hash_algorithm_cases(self): return '\n '.join(map(self.make_return_case, sorted(self.hash_algorithms))) @@ -309,8 +343,10 @@ class MacroCollector: data = {} data['status_cases'] = self.make_status_cases() data['ecc_curve_cases'] = self.make_ecc_curve_cases() + data['dh_group_cases'] = self.make_dh_group_cases() data['key_type_cases'] = self.make_key_type_cases() - data['key_type_code'] = self.make_key_type_code() + data['key_type_code'] = (self.make_ecc_key_type_code() + + self.make_dh_key_type_code()) data['hash_algorithm_cases'] = self.make_hash_algorithm_cases() data['ka_algorithm_cases'] = self.make_ka_algorithm_cases() data['algorithm_cases'] = self.make_algorithm_cases() diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 421cf4e48..cbe68b10d 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -58,6 +58,7 @@ when applicable.''' self.statuses = set(['PSA_SUCCESS']) self.algorithms = set(['0xffffffff']) self.ecc_curves = set(['0xffff']) + self.dh_groups = set(['0xffff']) self.key_types = set(['0xffffffff']) self.key_usage_flags = set(['0x80000000']) # Hard-coded value for unknown algorithms @@ -74,6 +75,7 @@ when applicable.''' 'ERROR': self.statuses, 'ALG': self.algorithms, 'CURVE': self.ecc_curves, + 'GROUP': self.dh_groups, 'KEY_TYPE': self.key_types, 'KEY_USAGE': self.key_usage_flags, } @@ -94,6 +96,7 @@ Call this after parsing all the inputs.''' self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms) self.arguments_for['aead_alg'] = sorted(self.aead_algorithms) self.arguments_for['curve'] = sorted(self.ecc_curves) + self.arguments_for['group'] = sorted(self.dh_groups) def format_arguments(self, name, arguments): '''Format a macro call with arguments..''' @@ -184,6 +187,8 @@ where each argument takes each possible value at least once.''' self.key_types.add(argument) elif function == 'ecc_key_types': self.ecc_curves.add(argument) + elif function == 'dh_key_types': + self.dh_groups.add(argument) # Regex matching a *.data line containing a test function call and # its arguments. The actual definition is partly positional, but this @@ -299,6 +304,7 @@ not as expected.''' for type, names in [('status', inputs.statuses), ('algorithm', inputs.algorithms), ('ecc_curve', inputs.ecc_curves), + ('dh_group', inputs.dh_groups), ('key_type', inputs.key_types), ('key_usage', inputs.key_usage_flags)]: c, e = do_test(options, inputs, type, names) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 94b80acdd..165b86654 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -454,3 +454,19 @@ ecc_key_types:PSA_ECC_CURVE_CURVE25519:255 ECC key types: Curve448 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecc_key_types:PSA_ECC_CURVE_CURVE448:448 + +DH group types: FFDHE2048 +dh_key_types:PSA_DH_GROUP_FFDHE2048:2048 + +DH group types: FFDHE3072 +dh_key_types:PSA_DH_GROUP_FFDHE3072:2048 + +DH group types: FFDHE4096 +dh_key_types:PSA_DH_GROUP_FFDHE4096:2048 + +DH group types: FFDHE6144 +dh_key_types:PSA_DH_GROUP_FFDHE6144:2048 + +DH group types: FFDHE8192 +dh_key_types:PSA_DH_GROUP_FFDHE8192:2048 + diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index e1eb1c526..81b2937fa 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -49,6 +49,7 @@ #define KEY_TYPE_IS_RSA ( 1u << 4 ) #define KEY_TYPE_IS_DSA ( 1u << 5 ) #define KEY_TYPE_IS_ECC ( 1u << 6 ) +#define KEY_TYPE_IS_DH ( 1u << 7 ) #define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) @@ -91,6 +92,7 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_DH, type, flags ); /* Macros with derived semantics */ TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ), @@ -102,6 +104,12 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ), ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); + TEST_EQUAL( PSA_KEY_TYPE_IS_DH_KEYPAIR( type ), + ( PSA_KEY_TYPE_IS_DH( type ) && + PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + TEST_EQUAL( PSA_KEY_TYPE_IS_DH_PUBLIC_KEY( type ), + ( PSA_KEY_TYPE_IS_DH( type ) && + PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); exit: ; } @@ -457,3 +465,22 @@ void ecc_key_types( int curve_arg, int curve_bits_arg ) TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ +void dh_key_types( int group_arg, int group_bits_arg ) +{ + psa_dh_group_t group = group_arg; + size_t group_bits = group_bits_arg; + psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); + psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEYPAIR( group ); + + test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY ); + test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEYPAIR ); + + TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( public_type ), group ); + TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( pair_type ), group ); + + /* We have nothing to validate about the group size yet. */ + (void) group_bits; +} +/* END_CASE */ From e38ab1ac4faef8e69306647cf7b577c5d9c23a02 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 13:51:50 +0200 Subject: [PATCH 1269/2197] Move DSA definitions out of the specification Move DSA-related key types and algorithms to the implementation-specific header file. Not that we actually implement DSA, but with domain parameters, we should be able to. --- include/psa/crypto_extra.h | 67 +++++++++++++++++++++++++++++++++++++ include/psa/crypto_values.h | 55 +----------------------------- 2 files changed, 68 insertions(+), 54 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 37d9b40b2..5a066146b 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -445,6 +445,73 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, /**@}*/ +/** \addtogroup crypto_types + * @{ + */ + +/** DSA public key. */ +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) +/** DSA key pair (private and public key). */ +#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) +/** Whether a key type is an DSA key (pair or public-only). */ +#define PSA_KEY_TYPE_IS_DSA(type) \ + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) + +#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) +/** DSA signature with hashing. + * + * This is the signature scheme defined by FIPS 186-4, + * with a random per-message secret number (*k*). + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding DSA signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DSA(hash_alg) \ + (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) +#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +/** Deterministic DSA signature with hashing. + * + * This is the deterministic variant defined by RFC 6979 of + * the signature scheme defined by FIPS 186-4. + * + * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. + * + * \return The corresponding DSA signature algorithm. + * \return Unspecified if \p hash_alg is not a supported + * hash algorithm. + */ +#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ + (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_IS_DSA(alg) \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + PSA_ALG_DSA_BASE) +#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ + (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) +#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ + (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) +#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ + (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) + + +/* We need to expand the sample definition of this macro from + * the API definition. */ +#undef PSA_ALG_IS_HASH_AND_SIGN +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) + +/**@}*/ + /** \addtogroup attributes * @{ */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 6cd22c840..823d04450 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -419,14 +419,6 @@ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -/** DSA public key. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) -/** DSA key pair (private and public key). */ -#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) -/** Whether a key type is an DSA key (pair or public-only). */ -#define PSA_KEY_TYPE_IS_DSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) - #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) @@ -1059,51 +1051,6 @@ #define PSA_ALG_IS_RSA_PSS(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE) -#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) -/** DSA signature with hashing. - * - * This is the signature scheme defined by FIPS 186-4, - * with a random per-message secret number (*k*). - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * This includes #PSA_ALG_ANY_HASH - * when specifying the algorithm in a usage policy. - * - * \return The corresponding DSA signature algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_DSA(hash_alg) \ - (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) -#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) -/** Deterministic DSA signature with hashing. - * - * This is the deterministic variant defined by RFC 6979 of - * the signature scheme defined by FIPS 186-4. - * - * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_HASH(\p hash_alg) is true). - * This includes #PSA_ALG_ANY_HASH - * when specifying the algorithm in a usage policy. - * - * \return The corresponding DSA signature algorithm. - * \return Unspecified if \p hash_alg is not a supported - * hash algorithm. - */ -#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \ - (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_IS_DSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ - PSA_ALG_DSA_BASE) -#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \ - (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) -#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \ - (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg)) -#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \ - (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg)) - #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000) /** ECDSA signature with hashing. * @@ -1187,7 +1134,7 @@ */ #define PSA_ALG_IS_HASH_AND_SIGN(alg) \ (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) + PSA_ALG_IS_ECDSA(alg)) /** Get the hash used by a hash-and-sign signature algorithm. * From a130219ac039c93245d5d95949f59076ff7f8e2c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 13:58:24 +0200 Subject: [PATCH 1270/2197] Move remaining text about DSA out of the specification --- include/psa/crypto.h | 11 +---------- include/psa/crypto_extra.h | 27 +++++++++++++++++++++++++-- include/psa/crypto_values.h | 1 - 3 files changed, 26 insertions(+), 13 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 08bdb8468..2b95f238f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -641,10 +641,6 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * coefficient INTEGER, -- (inverse of q) mod p * } * ``` - * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format is the - * representation of the private key `x` as a big-endian byte string. The - * length of the byte string is the private key size in bytes (leading zeroes - * are not stripped). * - For elliptic curve key pairs (key types for which * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is * a representation of the private value as a `ceiling(m/8)`-byte string @@ -726,10 +722,6 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * - The byte 0x04; * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. - * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), the format is the - * representation of the public key `y = g^x mod p` as a big-endian byte - * string. The length of the byte string is the length of the base prime `p` - * in bytes. * - For Diffie-Hellman key exchange public keys (key types for which * #PSA_KEY_TYPE_IS_DH_PUBLIC_KEY is true), * the format is the representation of the public key `y = g^x mod p` as a @@ -3256,8 +3248,7 @@ psa_status_t psa_key_derivation_output_bytes( * and continue reading output from the operation to derive the other * two keys). * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEYPAIR(\c group) - * where \c group designates any Diffie-Hellman group), - * DSA keys (#PSA_KEY_TYPE_DSA_KEYPAIR), and + * where \c group designates any Diffie-Hellman group) and * ECC keys on a Weierstrass elliptic curve * (#PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a * Weierstrass curve). diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 5a066146b..732149dcd 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -449,10 +449,33 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * @{ */ -/** DSA public key. */ +/** DSA public key. + * + * The import and export format is the + * representation of the public key `y = g^x mod p` as a big-endian byte + * string. The length of the byte string is the length of the base prime `p` + * in bytes. + */ #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) -/** DSA key pair (private and public key). */ + +/** DSA key pair (private and public key). + * + * The import and export format is the + * representation of the private key `x` as a big-endian byte string. The + * length of the byte string is the private key size in bytes (leading zeroes + * are not stripped). + * + * Determinstic DSA key derivation with psa_generate_derived_key follows + * FIPS 186-4 §B.1.2: interpret the byte string as integer + * in big-endian order. Discard it if it is not in the range + * [0, *N* - 2] where *N* is the boundary of the private key domain + * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, + * or the order of the curve's base point for ECC). + * Add 1 to the resulting integer and use this as the private key *x*. + * + */ #define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) + /** Whether a key type is an DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 823d04450..bab706339 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -690,7 +690,6 @@ * * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros: * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, - * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA, * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. * Then you may create and use a key as follows: * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: From 20a77aeac728f0d0529cae4261093f149e1593ce Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 14:05:56 +0200 Subject: [PATCH 1271/2197] RSA key generation: require e=65537 --- include/psa/crypto.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2b95f238f..c6a13acb8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3423,6 +3423,13 @@ psa_status_t psa_generate_random(uint8_t *output, * The key is generated randomly. * Its location, policy, type and size are taken from \p attributes. * + * The following type-specific considerations apply: + * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR), + * the public exponent is 65537. + * The modulus is a product of two probabilistic primes + * between 2^{n-1} and 2^n where n is the bit size specified in the + * attributes. + * * \param[in] attributes The attributes for the new key. * \param[out] handle On success, a handle to the newly created key. * \c 0 on failure. From 27a983d93c40bc63e5b74e4552dbe81216e96398 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 17:24:53 +0200 Subject: [PATCH 1272/2197] Grammar fix --- include/psa/crypto_extra.h | 2 +- include/psa/crypto_sizes.h | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 732149dcd..4ffd858e4 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -669,7 +669,7 @@ psa_status_t psa_get_key_domain_parameters( * psa_get_key_domain_parameters() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a + * by the implementation, this macro shall return either a * sensible size or 0. * If the parameters are not valid, the * return value is unspecified. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 11c73a9de..d7eb48272 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -447,7 +447,7 @@ * psa_asymmetric_sign() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a + * by the implementation, this macro shall return either a * sensible size or 0. * If the parameters are not valid, the * return value is unspecified. @@ -478,7 +478,7 @@ * psa_asymmetric_encrypt() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a + * by the implementation, this macro shall return either a * sensible size or 0. * If the parameters are not valid, the * return value is unspecified. @@ -509,7 +509,7 @@ * psa_asymmetric_decrypt() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a + * by the implementation, this macro shall return either a * sensible size or 0. * If the parameters are not valid, the * return value is unspecified. @@ -680,7 +680,7 @@ * psa_asymmetric_sign() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported - * by the implementation, this macro either shall return either a + * by the implementation, this macro shall return either a * sensible size or 0. * If the parameters are not valid, the * return value is unspecified. From 4b3eb692711cc5a83274d8e25448823a5f8cf22f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 21:35:18 +0200 Subject: [PATCH 1273/2197] Rename PSA_ERROR_TAMPERING_DETECTED to ..._CORRUPTION_DETECTED MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit “Tampering detected” was misleading because in the real world it can also arise due to a software bug. “Corruption detected” is neutral and more precisely reflects what can trigger the error. perl -i -pe 's/PSA_ERROR_TAMPERING_DETECTED/PSA_ERROR_CORRUPTION_DETECTED/gi' $(git ls-files) --- include/mbedtls/psa_util.h | 2 +- include/psa/crypto.h | 114 +++++++++++++-------------- include/psa/crypto_extra.h | 10 +-- include/psa/crypto_se_driver.h | 2 +- include/psa/crypto_values.h | 4 +- library/psa_crypto.c | 10 +-- library/psa_crypto_core.h | 2 +- library/psa_crypto_slot_management.c | 2 +- 8 files changed, 73 insertions(+), 73 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index b0c042827..b5f0b7fe9 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -413,7 +413,7 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) /* All other failures */ case PSA_ERROR_COMMUNICATION_FAILURE: case PSA_ERROR_HARDWARE_FAILURE: - case PSA_ERROR_TAMPERING_DETECTED: + case PSA_ERROR_CORRUPTION_DETECTED: return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); default: /* We return the same as for the 'other failures', * but list them separately nonetheless to indicate diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 84026c91c..111555607 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -86,7 +86,7 @@ extern "C" { * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY */ psa_status_t psa_crypto_init(void); @@ -651,7 +651,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -692,7 +692,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * to erase key material even in this stage, however applications * should be aware that it may be impossible to guarantee that the * key material is not recoverable in such cases. - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * An unexpected condition which is not a storage corruption or * a communication failure occurred. The cryptoprocessor may have * been compromised. @@ -782,7 +782,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * and \c bits is the key size in bits. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -854,7 +854,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * and \c bits is the key size in bits. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -947,7 +947,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_copy_key(psa_key_handle_t source_handle, const psa_key_attributes_t *attributes, @@ -981,7 +981,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, @@ -1010,7 +1010,7 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, @@ -1104,7 +1104,7 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg); @@ -1126,7 +1126,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, @@ -1167,7 +1167,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, @@ -1203,7 +1203,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, @@ -1234,7 +1234,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * \p operation is not an active hash operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); @@ -1260,7 +1260,7 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \p target_operation is active. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation); @@ -1303,7 +1303,7 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1342,7 +1342,7 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_mac_verify(psa_key_handle_t handle, psa_algorithm_t alg, @@ -1445,7 +1445,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). @@ -1505,7 +1505,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). @@ -1537,7 +1537,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, @@ -1579,7 +1579,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, @@ -1615,7 +1615,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, @@ -1647,7 +1647,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * \p operation is not an active MAC operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); @@ -1690,7 +1690,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, @@ -1732,7 +1732,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, @@ -1837,7 +1837,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). @@ -1899,7 +1899,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). @@ -1938,7 +1938,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, unsigned char *iv, @@ -1973,7 +1973,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const unsigned char *iv, @@ -2009,7 +2009,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, @@ -2047,7 +2047,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, @@ -2080,7 +2080,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * \p operation is not an active cipher operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); @@ -2130,7 +2130,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2188,7 +2188,7 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2307,7 +2307,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2369,7 +2369,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2406,7 +2406,7 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, unsigned char *nonce, @@ -2440,7 +2440,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const unsigned char *nonce, @@ -2478,7 +2478,7 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, size_t ad_length, @@ -2520,7 +2520,7 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, const uint8_t *input, @@ -2592,7 +2592,7 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, @@ -2661,7 +2661,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, uint8_t *ciphertext, @@ -2719,7 +2719,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, uint8_t *plaintext, @@ -2754,7 +2754,7 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * \p operation is not an active AEAD operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); @@ -2796,7 +2796,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). @@ -2840,7 +2840,7 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2893,7 +2893,7 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). @@ -2949,7 +2949,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_INVALID_PADDING * \retval #PSA_ERROR_BAD_STATE @@ -3062,7 +3062,7 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE */ psa_status_t psa_key_derivation_setup( @@ -3144,7 +3144,7 @@ psa_status_t psa_key_derivation_set_capacity( * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The value of \p step is not valid given the state of \p operation. * \retval #PSA_ERROR_BAD_STATE @@ -3190,7 +3190,7 @@ psa_status_t psa_key_derivation_input_bytes( * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The value of \p step is not valid given the state of \p operation. * \retval #PSA_ERROR_BAD_STATE @@ -3254,7 +3254,7 @@ psa_status_t psa_key_derivation_input_key( * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, @@ -3288,7 +3288,7 @@ psa_status_t psa_key_derivation_key_agreement( * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, @@ -3403,7 +3403,7 @@ psa_status_t psa_key_derivation_output_bytes( * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3434,7 +3434,7 @@ psa_status_t psa_key_derivation_output_key( * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation); @@ -3481,7 +3481,7 @@ psa_status_t psa_key_derivation_abort( * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, psa_key_handle_t private_key, @@ -3514,7 +3514,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3560,7 +3560,7 @@ psa_status_t psa_generate_random(uint8_t *output, * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 45655ddfc..cb8899f97 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -185,7 +185,7 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -283,7 +283,7 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -301,7 +301,7 @@ psa_status_t psa_set_key_policy(psa_key_handle_t handle, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -393,7 +393,7 @@ psa_status_t psa_allocate_key(psa_key_handle_t *handle); * The handle is to a key slot which does not contain key material yet. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -413,7 +413,7 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle, * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 8c7ad6d00..3d2ad12c1 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -756,7 +756,7 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key); * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, uint8_t *p_data, diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c54fc9a60..d43312448 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -162,7 +162,7 @@ * * This error indicates that some persistent storage is corrupted. * It should not be used for a corruption of volatile memory - * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error + * (use #PSA_ERROR_CORRUPTION_DETECTED), for a communication error * between the cryptoprocessor and its external storage (use * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE). @@ -218,7 +218,7 @@ * This error indicates an attack against the application. Implementations * shall not return this error code as a consequence of the behavior of * the application itself. */ -#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)-151) +#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151) /** There is not enough entropy to generate random data needed * for the requested action. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 01ef0f5d5..545a27603 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -202,7 +202,7 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_CIPHER_AUTH_FAILED: return( PSA_ERROR_INVALID_SIGNATURE ); case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT: - return( PSA_ERROR_TAMPERING_DETECTED ); + return( PSA_ERROR_CORRUPTION_DETECTED ); case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); @@ -311,7 +311,7 @@ static psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_INVALID_ARGUMENT ); case MBEDTLS_ERR_RSA_PUBLIC_FAILED: case MBEDTLS_ERR_RSA_PRIVATE_FAILED: - return( PSA_ERROR_TAMPERING_DETECTED ); + return( PSA_ERROR_CORRUPTION_DETECTED ); case MBEDTLS_ERR_RSA_VERIFY_FAILED: return( PSA_ERROR_INVALID_SIGNATURE ); case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE: @@ -588,7 +588,7 @@ static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, size_t data_length, mbedtls_ecp_keypair **p_ecp ) { - psa_status_t status = PSA_ERROR_TAMPERING_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); @@ -637,7 +637,7 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, size_t data_length, mbedtls_ecp_keypair **p_ecp ) { - psa_status_t status = PSA_ERROR_TAMPERING_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); @@ -901,7 +901,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { /* Shouldn't happen: the key type is not any type that we * put in. */ - return( PSA_ERROR_TAMPERING_DETECTED ); + return( PSA_ERROR_CORRUPTION_DETECTED ); } return( PSA_SUCCESS ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 0f7562459..595897257 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -68,7 +68,7 @@ typedef struct * \retval PSA_SUCCESS * Success. This includes the case of a key slot that was * already fully wiped. - * \retval PSA_ERROR_TAMPERING_DETECTED + * \retval PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4f0245c62..3876f4b23 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -129,7 +129,7 @@ static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_TAMPERING_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED */ static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) { From 67e1c7ac800dd08192393107afbd7bf05581b316 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 14 May 2019 15:24:21 +0100 Subject: [PATCH 1274/2197] Remove remaining mentions of slots --- include/psa/crypto.h | 36 +++++++++++++++++------------------ include/psa/crypto_extra.h | 38 ++++++++++++++++++------------------- include/psa/crypto_values.h | 6 +++--- 3 files changed, 39 insertions(+), 41 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 84026c91c..5f80b131b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -334,6 +334,7 @@ static psa_key_usage_t psa_get_key_usage_flags( static void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg); + /** Retrieve the algorithm policy from key attributes. * * This function may be declared as `static` (i.e. without external @@ -365,6 +366,7 @@ static psa_algorithm_t psa_get_key_algorithm( static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type); + /** Declare the size of a key. * * This function overwrites any key size previously set in \p attributes. @@ -537,22 +539,20 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * @{ */ -/** Open a handle to an existing persistent key. +/** Get a handle to an existing persistent key. * - * Open a handle to a key which was previously created with psa_create_key(). + * Get a handle to a key which was previously created with psa_create_key(). * * Implementations may provide additional keys that can be opened with * psa_open_key(). Such keys have a key identifier in the vendor range, * as documented in the description of #psa_key_id_t. * * \param id The persistent identifier of the key. - * \param[out] handle On success, a handle to a key slot which contains - * the data and metadata loaded from the specified - * persistent location. + * \param[out] handle On success, a handle to the key. * * \retval #PSA_SUCCESS * Success. The application can now use the value of `*handle` - * to access the newly allocated key slot. + * to access the key. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -568,13 +568,14 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); psa_status_t psa_open_key(psa_key_id_t id, psa_key_handle_t *handle); + /** Close a key handle. * * If the handle designates a volatile key, destroy the key material and * free all associated resources, just like psa_destroy_key(). * * If the handle designates a persistent key, free all resources associated - * with the key in volatile memory. The key slot in persistent storage is + * with the key in volatile memory. The key in persistent storage is * not affected and can be opened again later with psa_open_key(). * * If the key is currently in use in a multipart operation, @@ -609,6 +610,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * minimize the risk that an invalid input is accidentally interpreted * according to a different format. * + * \param[in] attributes The attributes for the new key. * The key size is always determined from the * \p data buffer. @@ -665,23 +667,20 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, /** * \brief Destroy a key. * - * This function destroys the content of the key slot from both volatile + * This function destroys a key from both volatile * memory and, if applicable, non-volatile storage. Implementations shall - * make a best effort to ensure that any previous content of the slot is + * make a best effort to ensure that any previous content of the handle is * unrecoverable. * * This function also erases any metadata such as policies and frees all * resources associated with the key. * - * If the key is currently in use in a multipart operation, - * the multipart operation is aborted. - * - * \param handle Handle to the key slot to erase. + * \param handle Handle to the key to erase. * * \retval #PSA_SUCCESS - * The slot's content, if any, has been erased. + * The handle's content, if any, has been erased. * \retval #PSA_ERROR_NOT_PERMITTED - * The slot holds content and cannot be erased because it is + * The handle holds content and cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -873,7 +872,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * to another, since it populates a key using the material from * another key which may have a different lifetime. * - * In an implementation where slots have different ownerships, + * In an implementation where handles have different ownerships, * this function may be used to share a key with a different party, * subject to implementation-defined restrictions on key sharing. * @@ -903,8 +902,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * The effect of this function on implementation-defined attributes is * implementation-defined. * - * \param source_handle The key to copy. It must be a handle to an - * occupied slot. + * \param source_handle The key to copy. It must be a valid key handle. * \param[in] attributes The attributes for the new key. * They are used as follows: * - The key type and size may be 0. If either is @@ -3397,7 +3395,7 @@ psa_status_t psa_key_derivation_output_bytes( * this function will not succeed, even with a smaller output buffer. * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the - * implementation in general or in this particular slot. + * implementation in general or in this particular location. * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 45655ddfc..c8876178c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -232,7 +232,7 @@ static psa_key_policy_t psa_key_policy_init(void); * * Note that this function does not make any consistency check of the * parameters. The values are only checked when applying the policy to - * a key slot with psa_set_key_policy(). + * a key with psa_set_key_policy(). * * \param[in,out] policy The key policy to modify. It must have been * initialized as per the documentation for @@ -260,14 +260,14 @@ psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); */ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); -/** \brief Set the usage policy on a key slot. +/** \brief Set the usage policy for a key. * - * This function must be called on an empty key slot, before importing, - * generating or creating a key in the slot. Changing the policy of an + * This function must be called on a key handle before importing, + * generating or creating a key. Changing the policy of an * existing key is not permitted. * * Implementations may set restrictions on supported key policies - * depending on the key type and the key slot. + * depending on the key type. * * \param handle Handle to the key whose policy is to be changed. * \param[in] policy The policy object to query. @@ -292,9 +292,9 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); psa_status_t psa_set_key_policy(psa_key_handle_t handle, const psa_key_policy_t *policy); -/** \brief Get the usage policy for a key slot. +/** \brief Get the usage policy for a key. * - * \param handle Handle to the key slot whose policy is being queried. + * \param handle Handle to the key whose policy is being queried. * \param[out] policy On success, the key's policy. * * \retval #PSA_SUCCESS @@ -321,9 +321,9 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, * a structure that represents the properties. */ -/** Create a new persistent key slot. +/** Create a new persistent key. * - * Create a new persistent key slot and return a handle to it. The handle + * Create a new persistent key and return a handle to it. The handle * remains valid until the application calls psa_close_key() or terminates. * The application can open the key again with psa_open_key() until it * removes the key by calling psa_destroy_key(). @@ -332,13 +332,13 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle, * area where the key material is stored. This must not * be #PSA_KEY_LIFETIME_VOLATILE. * \param id The persistent identifier of the key. - * \param[out] handle On success, a handle to the newly created key slot. - * When key material is later created in this key slot, + * \param[out] handle On success, a handle to the newly created key. + * When key material is later created in this key, * it will be saved to the specified persistent location. * * \retval #PSA_SUCCESS * Success. The application can now use the value of `*handle` - * to access the newly allocated key slot. + * for key operations. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_ALREADY_EXISTS @@ -358,20 +358,20 @@ psa_status_t psa_create_key(psa_key_lifetime_t lifetime, psa_key_id_t id, psa_key_handle_t *handle); -/** Allocate a key slot for a transient key, i.e. a key which is only stored +/** Allocate space for a transient key, i.e. a key which is only stored * in volatile memory. * - * The allocated key slot and its handle remain valid until the + * The allocated key and its handle remain valid until the * application calls psa_close_key() or psa_destroy_key() or until the * application terminates. * - * \param[out] handle On success, a handle to a volatile key slot. + * \param[out] handle On success, a handle to a volatile key. * * \retval #PSA_SUCCESS * Success. The application can now use the value of `*handle` - * to access the newly allocated key slot. + * to refer to the key. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * There was not enough memory, or the maximum number of key slots + * There was not enough memory, or the maximum number of transient keys * has been reached. */ psa_status_t psa_allocate_key(psa_key_handle_t *handle); @@ -379,7 +379,7 @@ psa_status_t psa_allocate_key(psa_key_handle_t *handle); /** * \brief Get basic metadata about a key. * - * \param handle Handle to the key slot to query. + * \param handle Handle to the key to query. * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value). * This may be a null pointer, in which case the key type * is not written. @@ -390,7 +390,7 @@ psa_status_t psa_allocate_key(psa_key_handle_t *handle); * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_DOES_NOT_EXIST - * The handle is to a key slot which does not contain key material yet. + * The handle does not contain a key. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c54fc9a60..d5c62de90 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -105,8 +105,8 @@ * descriptions for permitted sequencing of functions. * * Implementations shall not return this error code to indicate - * that a key slot is occupied when it needs to be free or vice versa, - * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST + * that a key either exists or not, + * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST * as applicable. */ #define PSA_ERROR_BAD_STATE ((psa_status_t)-137) @@ -116,7 +116,7 @@ * combination of parameters are recognized as invalid. * * Implementations shall not return this error code to indicate - * that a key slot is occupied when it needs to be free or vice versa, + * that a key either exists or not, * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST * as applicable. * From d56456cbe8967c77aaed1cc5bdd96ecb8459d307 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 15 May 2019 11:36:13 +0100 Subject: [PATCH 1275/2197] Improve descriptions that mention handles and fix incorrect mention of psa_create_key --- include/psa/crypto.h | 10 +++++----- include/psa/crypto_values.h | 13 ++++++------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5f80b131b..22dea8feb 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -539,9 +539,10 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * @{ */ -/** Get a handle to an existing persistent key. +/** Open a handle to an existing persistent key. * - * Get a handle to a key which was previously created with psa_create_key(). + * Open a handle to a key which was previously created with + * psa_make_key_persistent() when setting its attributes. * * Implementations may provide additional keys that can be opened with * psa_open_key(). Such keys have a key identifier in the vendor range, @@ -669,8 +670,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * * This function destroys a key from both volatile * memory and, if applicable, non-volatile storage. Implementations shall - * make a best effort to ensure that any previous content of the handle is - * unrecoverable. + * make a best effort to ensure that that the key material cannot be recovered. * * This function also erases any metadata such as policies and frees all * resources associated with the key. @@ -678,7 +678,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * \param handle Handle to the key to erase. * * \retval #PSA_SUCCESS - * The handle's content, if any, has been erased. + * The key material has been erased. * \retval #PSA_ERROR_NOT_PERMITTED * The handle holds content and cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index d5c62de90..83a65053d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -107,7 +107,11 @@ * Implementations shall not return this error code to indicate * that a key either exists or not, * but shall instead return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST - * as applicable. */ + * as applicable. + * + * Implementations shall not return this error code to indicate that a + * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE + * instead. */ #define PSA_ERROR_BAD_STATE ((psa_status_t)-137) /** The parameters passed to the function are invalid. @@ -115,12 +119,7 @@ * Implementations may return this error any time a parameter or * combination of parameters are recognized as invalid. * - * Implementations shall not return this error code to indicate - * that a key either exists or not, - * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST - * as applicable. - * - * Implementation shall not return this error code to indicate that a + * Implementations shall not return this error code to indicate that a * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE * instead. */ From 52d83dabd636fa4b97b1ee73d6bc1a6476d1406e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 15 May 2019 11:39:06 +0100 Subject: [PATCH 1276/2197] Mention psa_close_key in the description of psa_open_key --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 22dea8feb..fc5d8079c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -543,6 +543,8 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * * Open a handle to a key which was previously created with * psa_make_key_persistent() when setting its attributes. + * The handle should eventually be closed with psa_close_key() + * to release associated resources. * * Implementations may provide additional keys that can be opened with * psa_open_key(). Such keys have a key identifier in the vendor range, From 0a695bd13e6d00cb67f8e65d69e089a728940951 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 15 May 2019 13:28:41 +0100 Subject: [PATCH 1277/2197] Simplify description of psa_copy_key --- include/psa/crypto.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fc5d8079c..ca0d57dd7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -682,7 +682,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * \retval #PSA_SUCCESS * The key material has been erased. * \retval #PSA_ERROR_NOT_PERMITTED - * The handle holds content and cannot be erased because it is + * The key cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -874,8 +874,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * to another, since it populates a key using the material from * another key which may have a different lifetime. * - * In an implementation where handles have different ownerships, - * this function may be used to share a key with a different party, + * This function may be used to share a key with a different party, * subject to implementation-defined restrictions on key sharing. * * The policy on the source key must have the usage flag From c93b80c350eaff9dc6e754db2617c0b8a58fad40 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 19:39:54 +0200 Subject: [PATCH 1278/2197] Rename *KEYPAIR* to *KEY_PAIR* Be consistent with PUBLIC_KEY. perl -i -pe 's/KEYPAIR/KEY_PAIR/g' $(git ls-files) --- docs/getting_started.md | 4 +- include/psa/crypto.h | 18 +- include/psa/crypto_extra.h | 12 +- include/psa/crypto_sizes.h | 16 +- include/psa/crypto_values.h | 34 +- library/pk.c | 4 +- library/psa_crypto.c | 24 +- library/ssl_cli.c | 2 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.data | 334 +++++++++--------- tests/suites/test_suite_psa_crypto.function | 16 +- .../test_suite_psa_crypto_metadata.data | 4 +- .../test_suite_psa_crypto_metadata.function | 40 +-- .../test_suite_psa_crypto_persistent_key.data | 30 +- 14 files changed, 270 insertions(+), 270 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 9a702eaed..ac1bc3166 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -73,7 +73,7 @@ Importing a key and checking key information: 1. Test the information stored in this slot: ```C int key_slot = 1; - uint8_t *data = "KEYPAIR_KEY_DATA"; + uint8_t *data = "KEY_PAIR_KEY_DATA"; size_t data_size; psa_key_type_t type = PSA_KEY_TYPE_RSA_PUBLIC_KEY; size_t got_bits; @@ -127,7 +127,7 @@ This allows the key in the key slot to be used for RSA signing. PSA_ALG_RSA_PKCS1V15_SIGN_RAW); status = psa_set_key_policy(key_slot, &policy); - status = psa_import_key(key_slot, PSA_KEY_TYPE_RSA_KEYPAIR, + status = psa_import_key(key_slot, PSA_KEY_TYPE_RSA_KEY_PAIR, key, sizeof(key)); /* Sing message using the key */ diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c6a13acb8..4a3388994 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -625,7 +625,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * correct. * - For Triple-DES, the format is the concatenation of the * two or three DES keys. - * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format + * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEY_PAIR), the format * is the non-encrypted DER encoding of the representation defined by * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0. * ``` @@ -642,7 +642,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * } * ``` * - For elliptic curve key pairs (key types for which - * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is + * #PSA_KEY_TYPE_IS_ECC_KEY_PAIR is true), the format is * a representation of the private value as a `ceiling(m/8)`-byte string * where `m` is the bit size associated with the curve, i.e. the bit size * of the order of the curve's coordinate field. This byte string is @@ -653,7 +653,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * This is the content of the `privateKey` field of the `ECPrivateKey` * format defined by RFC 5915. * - For Diffie-Hellman key exchange key pairs (key types for which - * #PSA_KEY_TYPE_IS_DH_KEYPAIR is true), the + * #PSA_KEY_TYPE_IS_DH_KEY_PAIR is true), the * format is the representation of the private key `x` as a big-endian byte * string. The length of the byte string is the private key size in bytes * (leading zeroes are not stripped). @@ -746,7 +746,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p data buffer is too small. You can determine a * sufficient buffer size by calling - * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(\c type), \c bits) + * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits) * where \c type is the key type * and \c bits is the key size in bits. * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -3219,7 +3219,7 @@ psa_status_t psa_key_derivation_output_bytes( * - #PSA_KEY_TYPE_HMAC. * * - For ECC keys on a Montgomery elliptic curve - * (#PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a + * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a * Montgomery curve), this function always draws a byte string whose * length is determined by the curve, and sets the mandatory bits * accordingly. That is: @@ -3247,10 +3247,10 @@ psa_status_t psa_key_derivation_output_bytes( * discard the first 8 bytes, use the next 8 bytes as the first key, * and continue reading output from the operation to derive the other * two keys). - * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEYPAIR(\c group) + * - Finite-field Diffie-Hellman keys (#PSA_KEY_TYPE_DH_KEY_PAIR(\c group) * where \c group designates any Diffie-Hellman group) and * ECC keys on a Weierstrass elliptic curve - * (#PSA_KEY_TYPE_ECC_KEYPAIR(\c curve) where \c curve designates a + * (#PSA_KEY_TYPE_ECC_KEY_PAIR(\c curve) where \c curve designates a * Weierstrass curve). * For these key types, interpret the byte string as integer * in big-endian order. Discard it if it is not in the range @@ -3265,7 +3265,7 @@ psa_status_t psa_key_derivation_output_bytes( * in NIST SP 800-56A §5.6.1.2.2 or * FIPS 186-4 §B.4.2 for elliptic curve keys. * - * - For other key types, including #PSA_KEY_TYPE_RSA_KEYPAIR, + * - For other key types, including #PSA_KEY_TYPE_RSA_KEY_PAIR, * the way in which the operation output is consumed is * implementation-defined. * @@ -3424,7 +3424,7 @@ psa_status_t psa_generate_random(uint8_t *output, * Its location, policy, type and size are taken from \p attributes. * * The following type-specific considerations apply: - * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR), + * - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR), * the public exponent is 65537. * The modulus is a product of two probabilistic primes * between 2^{n-1} and 2^n where n is the bit size specified in the diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 4ffd858e4..a260964ce 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -474,11 +474,11 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70020000) /** Whether a key type is an DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) #define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000) /** DSA signature with hashing. @@ -542,7 +542,7 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, /** Custom Diffie-Hellman group. * * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or - * #PSA_KEY_TYPE_DH_KEYPAIR(#PSA_DH_GROUP_CUSTOM), the group data comes + * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes * from domain parameters set by psa_set_key_domain_parameters(). */ /* This value is reserved for private use in the TLS named group registry. */ @@ -558,7 +558,7 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * * The format for the required domain parameters varies based on the key type. * - * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEYPAIR), + * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR), * the domain parameter data consists of the public exponent, * represented as a big-endian integer with no leading zeros. * This information is used when generating an RSA key pair. @@ -566,7 +566,7 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * key data and the exponent recorded in the attribute structure is ignored. * As an exception, the public exponent 65537 is represented by an empty * byte string. - * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEYPAIR), + * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR), * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. * ``` * Dss-Parms ::= SEQUENCE { @@ -577,7 +577,7 @@ psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, * ``` * - For Diffie-Hellman key exchange keys * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or - * #PSA_KEY_TYPE_DH_KEYPAIR(#PSA_DH_GROUP_CUSTOM)), the + * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM)), the * `DomainParameters` format as defined by RFC 3279 §2.3.3. * ``` * DomainParameters ::= SEQUENCE { diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index d7eb48272..e7b0bb444 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -568,7 +568,7 @@ * overapproximated as 9 half-size INTEGERS; * - 7 bytes for the public exponent. */ -#define PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) \ +#define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) \ (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14) /* Maximum size of the export encoding of a DSA public key. @@ -606,7 +606,7 @@ * - 3 full-size INTEGERs (p, g, y); * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits). */ -#define PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) \ +#define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) \ (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75) /* Maximum size of the export encoding of an ECC public key. @@ -626,7 +626,7 @@ * * An ECC key pair is represented by the secret value. */ -#define PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) \ +#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \ (PSA_BITS_TO_BYTES(key_bits)) /** Safe output buffer size for psa_export_key() or psa_export_public_key(). @@ -655,7 +655,7 @@ * \endcode * * For psa_export_public_key(), calculate the buffer size from the - * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR + * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR * to convert a key pair type to the corresponding public key type. * \code{c} * psa_key_type_t key_type; @@ -663,7 +663,7 @@ * psa_status_t status; * status = psa_get_key_information(key, &key_type, &key_bits); * if (status != PSA_SUCCESS) handle_error(...); - * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(key_type); + * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type); * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); * unsigned char *buffer = malloc(buffer_size); * if (buffer != NULL) handle_error(...); @@ -687,11 +687,11 @@ */ #define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ - (key_type) == PSA_KEY_TYPE_RSA_KEYPAIR ? PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \ (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - (key_type) == PSA_KEY_TYPE_DSA_KEYPAIR ? PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) : \ + (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \ (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - PSA_KEY_TYPE_IS_ECC_KEYPAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) : \ + PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ 0) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index bab706339..a3552807d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -324,7 +324,7 @@ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY) /** Whether a key type is a key pair containing a private part and a public * part. */ -#define PSA_KEY_TYPE_IS_KEYPAIR(type) \ +#define PSA_KEY_TYPE_IS_KEY_PAIR(type) \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR) /** The key pair type corresponding to a public key type. * @@ -336,7 +336,7 @@ * If \p type is not a public key or a key pair, * the return value is undefined. */ -#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \ +#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** The public key type corresponding to a key pair type. * @@ -348,7 +348,7 @@ * If \p type is not a public key or a key pair, * the return value is undefined. */ -#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \ +#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** Raw data. @@ -414,29 +414,29 @@ /** RSA public key. */ #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ - (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) + (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) -#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) /** Elliptic curve key pair. */ -#define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \ - (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve)) +#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ + (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) /** Elliptic curve public key. */ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) /** Whether a key type is an elliptic curve key (pair or public-only). */ #define PSA_KEY_TYPE_IS_ECC(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE) /** Whether a key type is an elliptic curve key pair. */ -#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \ +#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ - PSA_KEY_TYPE_ECC_KEYPAIR_BASE) + PSA_KEY_TYPE_ECC_KEY_PAIR_BASE) /** Whether a key type is an elliptic curve public key. */ #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \ @@ -485,23 +485,23 @@ #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) -#define PSA_KEY_TYPE_DH_KEYPAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) /** Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_DH_KEYPAIR(group) \ - (PSA_KEY_TYPE_DH_KEYPAIR_BASE | (group)) +#define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ + (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) /** Diffie-Hellman public key. */ #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) /** Whether a key type is a Diffie-Hellman key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DH(type) \ - ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \ + ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) & \ ~PSA_KEY_TYPE_DH_GROUP_MASK) == PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) /** Whether a key type is a Diffie-Hellman key pair. */ -#define PSA_KEY_TYPE_IS_DH_KEYPAIR(type) \ +#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) \ (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ - PSA_KEY_TYPE_DH_KEYPAIR_BASE) + PSA_KEY_TYPE_DH_KEY_PAIR_BASE) /** Whether a key type is a Diffie-Hellman public key. */ #define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) \ (((type) & ~PSA_KEY_TYPE_DH_GROUP_MASK) == \ diff --git a/library/pk.c b/library/pk.c index 6bbfdd1dd..bcf7e0a88 100644 --- a/library/pk.c +++ b/library/pk.c @@ -168,7 +168,7 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); /* Current implementation of can_do() relies on this. */ - if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) + if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ; if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) @@ -614,7 +614,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( ret ); curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; - key_type = PSA_KEY_TYPE_ECC_KEYPAIR( + key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); /* allocate a key slot */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 01ef0f5d5..5fab16268 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -535,7 +535,7 @@ static psa_status_t psa_import_rsa_key( psa_key_type_t type, mbedtls_pk_init( &pk ); /* Parse the data. */ - if( PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) status = mbedtls_to_psa_error( mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ) ); else @@ -709,7 +709,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, } else #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) ) + if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->type ) ) { status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), data, data_length, @@ -1116,7 +1116,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, switch( slot->type ) { #if defined(MBEDTLS_RSA_C) - case PSA_KEY_TYPE_RSA_KEYPAIR: + case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: status = psa_get_rsa_public_exponent( slot->data.rsa, attributes ); break; @@ -1196,7 +1196,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, return( PSA_SUCCESS ); } #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) && !export_public_key ) + if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->type ) && !export_public_key ) { psa_status_t status; @@ -3018,14 +3018,14 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; - if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( slot->type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { status = psa_rsa_sign( slot->data.rsa, alg, @@ -3162,7 +3162,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, if( status != PSA_SUCCESS ) return( status ); if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || - PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) + PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) @@ -3241,11 +3241,11 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( slot->type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; @@ -5130,7 +5130,7 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, { #if defined(MBEDTLS_ECDH_C) case PSA_ALG_ECDH: - if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) ) + if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); return( psa_key_agreement_ecdh( peer_key, peer_key_length, private_key->data.ecp, @@ -5339,7 +5339,7 @@ static psa_status_t psa_generate_random_key_internal( else #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if ( type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa; int ret; @@ -5377,7 +5377,7 @@ static psa_status_t psa_generate_random_key_internal( #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ #if defined(MBEDTLS_ECP_C) - if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEYPAIR( type ) ) + if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) { psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE( type ); mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 41c2bd23a..cde368f2f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3149,7 +3149,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) /* Generate ECDH private key. */ status = psa_generate_random_key_to_handle( handshake->ecdh_psa_privkey, - PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ), + PSA_KEY_TYPE_ECC_KEY_PAIR( handshake->ecdh_psa_curve ), MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), NULL, 0 ); if( status != PSA_SUCCESS ) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index a23487b4c..8064be573 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -81,7 +81,7 @@ psa_key_handle_t pk_psa_genkey( void ) psa_key_handle_t key; const int curve = PSA_ECC_CURVE_SECP256R1; - const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve); + const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve); const size_t bits = 256; psa_key_policy_t policy; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index abc73aebe..f4dc19dd7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -82,39 +82,39 @@ import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_INVALID_ARGUMENT +import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_INVALID_ARGUMENT +import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -122,7 +122,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e PSA import RSA keypair: valid key but EC depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_INVALID_ARGUMENT +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -130,7 +130,7 @@ import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8a PSA import/export-public RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -138,7 +138,7 @@ import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8a PSA import/export-public RSA keypair: buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -146,7 +146,7 @@ import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab PSA import/export RSA keypair: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -154,7 +154,7 @@ import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8a PSA import RSA keypair: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_NOT_SUPPORTED +import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -162,63 +162,63 @@ import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751 PSA import RSA keypair: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:0:PSA_ERROR_NOT_SUPPORTED +import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -238,11 +238,11 @@ import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA import/export RSA keypair: policy forbids export (crypt) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. @@ -252,35 +252,35 @@ import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d4 PSA import/export RSA keypair: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: too short depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d == n - 1 (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_SUCCESS +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_SUCCESS PSA import EC keypair: secp256r1, d == n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d > n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -292,7 +292,7 @@ import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f5 PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C -import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):0:PSA_ERROR_INVALID_ARGUMENT +import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import AES: bits=0 ok depends_on:MBEDTLS_AES_C @@ -390,71 +390,71 @@ aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa PSA key policy: asymmetric encryption, encrypt | decrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, encrypt but not decrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, decrypt but not encrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, neither encrypt nor decrypt depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric signature, sign | verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, wrong algorithm family depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, wrong hash algorithm depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, sign but not verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, verify but not sign depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, neither sign nor verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: derive via HKDF, permitted depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -482,39 +482,39 @@ derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KE PSA key policy: agreement + KDF, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, not permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, wrong agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, wrong KDF algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)) PSA key policy: agreement + KDF, key only permits raw agreement depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: raw agreement, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH PSA key policy: raw agreement, not permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH +raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH PSA key policy: raw agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH PSA key policy: raw agreement, key only permits a KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) Copy key: raw, 0 bytes copy_success:PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:PSA_KEY_USAGE_COPY:0 @@ -553,35 +553,35 @@ copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:P Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, intersect usage flags #0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, intersect usage flags #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) Copy fail: raw data, no COPY flag copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_PERMITTED @@ -596,19 +596,19 @@ copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES Copy fail: RSA, incompatible target policy (source wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect type in attributes copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT @@ -1385,30 +1385,30 @@ depends_on:MBEDTLS_CHACHA20_C aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20:"":"":"":PSA_ERROR_NOT_SUPPORTED PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 +signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256 -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128 +signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128 PSA signature size: RSA keypair, 1024 bits, PSS -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128 +signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128 PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 +signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw -signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 +signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW +import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA keypair, PSS-SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) +import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA public key, PKCS#1 v1.5 raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1420,57 +1420,57 @@ import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa PSA import/exercise: ECP SECP256R1 keypair, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) PSA import/exercise: ECP SECP256R1 keypair, ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" +sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" PSA sign: RSA PKCS#1 v1.5 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 # Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler # to implement. -sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED PSA sign: RSA PKCS#1 v1.5 raw, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid key type, signing with a public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -1478,35 +1478,35 @@ sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13 PSA sign: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 -sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" +sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" PSA sign/verify: RSA PKCS#1 v1.5 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify: RSA PSS SHA-256, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" +sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify: RSA PSS SHA-256, 129 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1514,7 +1514,7 @@ asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fd PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +asymmetric_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C @@ -1542,7 +1542,7 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e4 PSA verify with keypair: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C @@ -1554,7 +1554,7 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d PSA verify: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1578,11 +1578,11 @@ asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75f PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1606,87 +1606,87 @@ asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_R PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"" PSA encrypt-decrypt: RSA OAEP-SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA OAEP-SHA-256, with label depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" PSA encrypt-decrypt: RSA OAEP-SHA-384 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" +asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA decrypt: RSA PKCS#1 v1.5: good #2 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":"" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":"" PSA decrypt: RSA OAEP-SHA-256, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":"" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":"" PSA decrypt: RSA OAEP-SHA-256, 30 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" +asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5: salt not allowed depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, invalid padding depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: invalid algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -1702,19 +1702,19 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ PSA decrypt: RSA PKCS#1 v1.5, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT +asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT Crypto derivation operation object initializers zero properly key_derivation_init: @@ -1961,11 +1961,11 @@ derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key agreement setup: ECDH + HKDF-SHA-256: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -1973,71 +1973,71 @@ key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: bad key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: KDF instead of a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA raw key agreement: ECDH SECP256R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" PSA raw key agreement: ECDH SECP384R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" PSA raw key agreement: ECDH SECP521R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 +key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA generate random: 0 bytes generate_random:0 @@ -2098,43 +2098,43 @@ generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS PSA generate key: RSA, 1022 bits: not supported depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED PSA generate key: RSA, 1023 bits: not supported depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED PSA generate key: RSA, maximum size exceeded depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED PSA generate key: ECC, SECP256R1, good depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT PSA generate key: RSA, default e generate_key_rsa:512:"":PSA_SUCCESS @@ -2184,11 +2184,11 @@ persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT PSA generate persistent key: RSA, 1024 bits, exportable depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY PSA generate persistent key: ECC, SECP256R1, exportable depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY PSA derive persistent key: HKDF SHA-256, exportable depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e695ea568..c7c3e3d88 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -590,7 +590,7 @@ static psa_status_t key_agreement_with_self( PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); private_key_type = psa_get_key_type( &attributes ); key_bits = psa_get_key_bits( &attributes ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); PSA_ASSERT( psa_export_public_key( handle, @@ -627,7 +627,7 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg, PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); private_key_type = psa_get_key_type( &attributes ); key_bits = psa_get_key_bits( &attributes ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type ); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits ); ASSERT_ALLOC( public_key, public_key_length ); PSA_ASSERT( psa_export_public_key( handle, @@ -810,7 +810,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_KEYPAIR ) + if( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { uint8_t *p = exported; uint8_t *end = exported + exported_length; @@ -857,7 +857,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ) + if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) { /* Just the secret value */ TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); @@ -979,7 +979,7 @@ static int exercise_export_public_key( psa_key_handle_t handle ) return( 1 ); } - public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( + public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( psa_get_key_type( &attributes ) ); exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, psa_get_key_bits( &attributes ) ); @@ -1275,7 +1275,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) psa_status_t expected_status = expected_status_arg; psa_status_t status; psa_key_type_t type = - keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; + keypair ? PSA_KEY_TYPE_RSA_KEY_PAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; size_t buffer_size = /* Slight overapproximations */ keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; unsigned char *buffer = NULL; @@ -1444,7 +1444,7 @@ void import_export_public_key( data_t *data, TEST_EQUAL( status, expected_export_status ); if( status == PSA_SUCCESS ) { - psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); size_t bits; PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); bits = psa_get_key_bits( &attributes ); @@ -4781,7 +4781,7 @@ void generate_key_rsa( int bits_arg, int expected_status_arg ) { psa_key_handle_t handle = 0; - psa_key_type_t type = PSA_KEY_TYPE_RSA_KEYPAIR; + psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR; size_t bits = bits_arg; psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW; diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 165b86654..b011ad501 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -325,7 +325,7 @@ key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA Key type: RSA key pair depends_on:MBEDTLS_RSA_C -key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA +key_type:PSA_KEY_TYPE_RSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_RSA Key type: DSA public key depends_on:MBEDTLS_DSA_C @@ -333,7 +333,7 @@ key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA Key type: DSA key pair depends_on:MBEDTLS_DSA_C -key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA +key_type:PSA_KEY_TYPE_DSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_DSA ECC key types: sect163k1 depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 81b2937fa..a9f1b3938 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -45,7 +45,7 @@ #define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 ) #define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 ) #define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 ) -#define KEY_TYPE_IS_KEYPAIR ( 1u << 3 ) +#define KEY_TYPE_IS_KEY_PAIR ( 1u << 3 ) #define KEY_TYPE_IS_RSA ( 1u << 4 ) #define KEY_TYPE_IS_DSA ( 1u << 5 ) #define KEY_TYPE_IS_ECC ( 1u << 6 ) @@ -89,7 +89,7 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags ); - TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags ); + TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEY_PAIR, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags ); TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_DH, type, flags ); @@ -97,16 +97,16 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) /* Macros with derived semantics */ TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ), ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) || - PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ), + PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); + TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ), ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ), ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_DH_KEYPAIR( type ), + TEST_EQUAL( PSA_KEY_TYPE_IS_DH_KEY_PAIR( type ), ( PSA_KEY_TYPE_IS_DH( type ) && - PSA_KEY_TYPE_IS_KEYPAIR( type ) ) ); + PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); TEST_EQUAL( PSA_KEY_TYPE_IS_DH_PUBLIC_KEY( type ), ( PSA_KEY_TYPE_IS_DH( type ) && PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); @@ -426,23 +426,23 @@ void key_type( int type_arg, int classification_flags ) /* For asymmetric types, check the corresponding pair/public type */ if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY ) { - psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ); - TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ), type ); + psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ); + TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( pair_type ), type ); key_type_classification( pair_type, ( classification_flags & ~KEY_TYPE_IS_PUBLIC_KEY ) - | KEY_TYPE_IS_KEYPAIR ); - TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ), type ); + | KEY_TYPE_IS_KEY_PAIR ); + TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ), type ); } - if( classification_flags & KEY_TYPE_IS_KEYPAIR ) + if( classification_flags & KEY_TYPE_IS_KEY_PAIR ) { - psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); - TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ), type ); + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); + TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( public_type ), type ); key_type_classification( public_type, ( classification_flags - & ~KEY_TYPE_IS_KEYPAIR ) + & ~KEY_TYPE_IS_KEY_PAIR ) | KEY_TYPE_IS_PUBLIC_KEY ); - TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ), type ); + TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ), type ); } } /* END_CASE */ @@ -453,10 +453,10 @@ void ecc_key_types( int curve_arg, int curve_bits_arg ) psa_ecc_curve_t curve = curve_arg; size_t curve_bits = curve_bits_arg; psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve ); + psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve ); test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY ); - test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR ); + test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR ); TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve ); TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve ); @@ -472,10 +472,10 @@ void dh_key_types( int group_arg, int group_bits_arg ) psa_dh_group_t group = group_arg; size_t group_bits = group_bits_arg; psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); - psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEYPAIR( group ); + psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group ); test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY ); - test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEYPAIR ); + test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR ); TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( public_type ), group ); TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( pair_type ), group ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index c16f871ca..0e5f745bc 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,20 +1,20 @@ PSA Storage format data for storage -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION PSA Storage parse stored data -parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS +parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS PSA Storage parse stored data wrong version, should fail -parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE PSA Storage parse too big data, should fail -parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE PSA Storage parse bad magic, should fail -parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE PSA Storage parse not enough magic, should fail -parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE # Not specific to files, but only run this test in an environment where the maximum size could be reached. Save maximum size persistent raw key @@ -26,23 +26,23 @@ save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE Persistent key destroy depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" +persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key destroy after restart depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" +persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key import (RSA) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS Persistent key import with restart (RSA) depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS Persistent key import garbage data, should fail depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT +persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT import/export persistent raw key: 0 byte import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0:0 @@ -56,7 +56,7 @@ import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654 import/export persistent key RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:0 +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:0 import/export persistent raw key file not exist: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1 @@ -67,7 +67,7 @@ import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654 import/export persistent key RSA keypair file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:1 +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1 PSA import/export-persistent symmetric key: 16 bytes depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -85,7 +85,7 @@ import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654 import/export persistent key RSA keypair with restart: good, 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1:0 +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:0 import/export persistent raw key file not exist with restart: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1 @@ -96,7 +96,7 @@ import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654 import/export persistent key RSA keypair file not exist with restart: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1:1 +import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1 PSA import/export-persistent symmetric key: 16 bytes depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C From 35ef36b62fc4bf4cb7d3d7777849ece063d84f78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 May 2019 19:42:05 +0200 Subject: [PATCH 1279/2197] Rename psa_generate_random_key back to psa_generate_key generate_key is a more classical name. The longer name was only introduced to avoid confusion with getting a key from a generator, which is key derivation, but we no longer use the generator terminology so this reason no longer applies. perl -i -pe 's/psa_generate_random_key/psa_generate_key/g' $(git ls-files) --- docs/getting_started.md | 4 ++-- include/psa/crypto.h | 12 ++++++------ include/psa/crypto_extra.h | 2 +- include/psa/crypto_se_driver.h | 2 +- library/psa_crypto.c | 10 +++++----- library/ssl_cli.c | 2 +- programs/psa/crypto_examples.c | 6 +++--- programs/psa/key_ladder_demo.c | 2 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.function | 6 +++--- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index ac1bc3166..9ab4f8f6c 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -494,7 +494,7 @@ Prerequisites to using key generation and export APIs: Generate a piece of random 128-bit AES data: 1. Set the key policy for key generation by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_EXPORT` parameter and the algorithm `PSA_ALG_GCM`. -1. Generate a random AES key by calling `psa_generate_random_key()`. +1. Generate a random AES key by calling `psa_generate_key()`. 1. Export the generated key by calling `psa_export_key()`: ```C int slot = 1; @@ -510,7 +510,7 @@ Generate a piece of random 128-bit AES data: psa_set_key_policy(slot, &policy); /* Generate a key */ - psa_generate_random_key(slot, PSA_KEY_TYPE_AES, bits); + psa_generate_key(slot, PSA_KEY_TYPE_AES, bits); psa_export_key(slot, exported, exported_size, &exported_length) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4a3388994..4e1f18d4e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -180,10 +180,10 @@ psa_status_t psa_crypto_init(void); * psa_set_key_algorithm(). * -# Set the key type with psa_set_key_type(). * Skip this step if copying an existing key with psa_copy_key(). - * -# When generating a random key with psa_generate_random_key() or deriving a key + * -# When generating a random key with psa_generate_key() or deriving a key * with psa_key_derivation_output_key(), set the desired key size with * psa_set_key_bits(). - * -# Call a key creation function: psa_import_key(), psa_generate_random_key(), + * -# Call a key creation function: psa_import_key(), psa_generate_key(), * psa_key_derivation_output_key() or psa_copy_key(). This function reads * the attribute structure, creates a key with these attributes, and * outputs a handle to the newly created key. @@ -214,7 +214,7 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; * value in the structure. * The persistent key will be written to storage when the attribute * structure is passed to a key creation function such as - * psa_import_key(), psa_generate_random_key(), + * psa_import_key(), psa_generate_key(), * psa_key_derivation_output_key() or psa_copy_key(). * * This function may be declared as `static` (i.e. without external @@ -239,7 +239,7 @@ static void psa_set_key_id(psa_key_attributes_t *attributes, * value in the structure. * The persistent key will be written to storage when the attribute * structure is passed to a key creation function such as - * psa_import_key(), psa_generate_random_key(), + * psa_import_key(), psa_generate_key(), * psa_key_derivation_output_key() or psa_copy_key(). * * This function may be declared as `static` (i.e. without external @@ -3398,7 +3398,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * and MUST NOT use the content of the output buffer if the return * status is not #PSA_SUCCESS. * - * \note To generate a key, use psa_generate_random_key() instead. + * \note To generate a key, use psa_generate_key() instead. * * \param[out] output Output buffer for the generated data. * \param output_size Number of bytes to generate and output. @@ -3453,7 +3453,7 @@ psa_status_t psa_generate_random(uint8_t *output, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_generate_random_key(const psa_key_attributes_t *attributes, +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle); /**@}*/ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a260964ce..d731c0350 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -436,7 +436,7 @@ psa_status_t psa_generate_derived_key_to_handle(psa_key_handle_t handle, size_t bits, psa_key_derivation_operation_t *operation); -psa_status_t psa_generate_random_key_to_handle(psa_key_handle_t handle, +psa_status_t psa_generate_key_to_handle(psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 8c7ad6d00..5fb7bc3ae 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -783,7 +783,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * \param[in] extra Extra parameters for key generation. The * interpretation of this parameter should match the * interpretation in the `extra` parameter is the - * `psa_generate_random_key` function + * `psa_generate_key` function * \param[in] extra_size The size in bytes of the \p extra buffer * \param[out] p_pubkey_out The buffer where the public key information will * be placed diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5fab16268..ae93e8b8f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5308,7 +5308,7 @@ static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters, } #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ -static psa_status_t psa_generate_random_key_internal( +static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, size_t bits, const uint8_t *domain_parameters, size_t domain_parameters_size ) { @@ -5414,7 +5414,7 @@ static psa_status_t psa_generate_random_key_internal( return( PSA_SUCCESS ); } -psa_status_t psa_generate_random_key_to_handle( psa_key_handle_t handle, +psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, const void *extra, @@ -5434,7 +5434,7 @@ psa_status_t psa_generate_random_key_to_handle( psa_key_handle_t handle, return( status ); slot->type = type; - status = psa_generate_random_key_internal( slot, bits, extra, extra_size ); + status = psa_generate_key_internal( slot, bits, extra, extra_size ); if( status != PSA_SUCCESS ) slot->type = 0; @@ -5448,7 +5448,7 @@ psa_status_t psa_generate_random_key_to_handle( psa_key_handle_t handle, return( status ); } -psa_status_t psa_generate_random_key( const psa_key_attributes_t *attributes, +psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle ) { psa_status_t status; @@ -5456,7 +5456,7 @@ psa_status_t psa_generate_random_key( const psa_key_attributes_t *attributes, status = psa_start_key_creation( attributes, handle, &slot ); if( status == PSA_SUCCESS ) { - status = psa_generate_random_key_internal( + status = psa_generate_key_internal( slot, attributes->bits, attributes->domain_parameters, attributes->domain_parameters_size ); } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index cde368f2f..c20ff1e90 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3148,7 +3148,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); /* Generate ECDH private key. */ - status = psa_generate_random_key_to_handle( handshake->ecdh_psa_privkey, + status = psa_generate_key_to_handle( handshake->ecdh_psa_privkey, PSA_KEY_TYPE_ECC_KEY_PAIR( handshake->ecdh_psa_curve ), MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), NULL, 0 ); diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 922a30125..1a81f45f8 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -164,7 +164,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_random_key( &attributes, &key_handle ); + status = psa_generate_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -215,7 +215,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_random_key( &attributes, &key_handle ); + status = psa_generate_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), @@ -262,7 +262,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, key_bits ); - status = psa_generate_random_key( &attributes, &key_handle ); + status = psa_generate_key( &attributes, &key_handle ); ASSERT_STATUS( status, PSA_SUCCESS ); status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ), diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 4ebb7e049..36d7b5dcb 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name ) psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); - PSA_CHECK( psa_generate_random_key( &attributes, &key_handle ) ); + PSA_CHECK( psa_generate_key( &attributes, &key_handle ) ); PSA_CHECK( save_key( key_handle, key_file_name ) ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 8064be573..de90b47ea 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -97,7 +97,7 @@ psa_key_handle_t pk_psa_genkey( void ) return( PK_PSA_INVALID_SLOT ); /* generate key */ - if( PSA_SUCCESS != psa_generate_random_key_to_handle( key, type, bits, NULL, 0 ) ) + if( PSA_SUCCESS != psa_generate_key_to_handle( key, type, bits, NULL, 0 ) ) return( PK_PSA_INVALID_SLOT ); return( key ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c7c3e3d88..4aa4026fd 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4755,7 +4755,7 @@ void generate_key( int type_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_random_key( &attributes, &handle ), expected_status ); + TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); if( expected_status != PSA_SUCCESS ) goto exit; @@ -4815,7 +4815,7 @@ void generate_key_rsa( int bits_arg, psa_set_key_bits( &attributes, bits ); /* Generate a key */ - TEST_EQUAL( psa_generate_random_key( &attributes, &handle ), expected_status ); + TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status ); if( expected_status != PSA_SUCCESS ) goto exit; @@ -4923,7 +4923,7 @@ void persistent_key_load_key_from_storage( data_t *data, case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_random_key( &attributes, &handle ) ); + PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); break; case DERIVE_KEY: From a0c0655c912500e96a5d78f93e76d90261b16825 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 15:54:54 +0200 Subject: [PATCH 1280/2197] Add missing declarations to the API document PSA_KEY_ATTRIBUTES_INIT and psa_key_attributes_init weren't declared in the API document, only defined in our implementation, but they are referenced in the API document. --- include/psa/crypto.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f4198c8d0..f1a290d7b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -204,6 +204,22 @@ psa_status_t psa_crypto_init(void); */ typedef struct psa_key_attributes_s psa_key_attributes_t; +/** \def PSA_KEY_ATTRIBUTES_INIT + * + * This macro returns a suitable initializer for a key attribute structure + * of type #psa_key_attributes_t. + */ +#ifdef __DOXYGEN_ONLY__ +/* This is an example definition for documentation purposes. + * Implementations should define a suitable value in `crypto_struct.h`. + */ +#define PSA_KEY_ATTRIBUTES_INIT {0} +#endif + +/** Return an initial value for a key attributes structure. + */ +static psa_key_attributes_t psa_key_attributes_init(void); + /** Declare a key as persistent and set its key identifier. * * If the attribute structure currently declares the key as volatile (which From d7d43b9791c1fe84c8c96a4a54d837e3999eca42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 15:56:03 +0200 Subject: [PATCH 1281/2197] Convert code samples to the new attribute-based key creation API --- include/psa/crypto_sizes.h | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index e7b0bb444..02c1892e8 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -641,14 +641,16 @@ * The following code illustrates how to allocate enough memory to export * a key by querying the key type and size at runtime. * \code{c} - * psa_key_type_t key_type; - * size_t key_bits; + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; * psa_status_t status; - * status = psa_get_key_information(key, &key_type, &key_bits); + * status = psa_get_key_attributes(key, &attributes); * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t key_type = psa_get_key_type(&attributes); + * size_t key_bits = psa_get_key_bits(&attributes); * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits); + * psa_reset_key_attributes(&attributes); * unsigned char *buffer = malloc(buffer_size); - * if (buffer != NULL) handle_error(...); + * if (buffer == NULL) handle_error(...); * size_t buffer_length; * status = psa_export_key(key, buffer, buffer_size, &buffer_length); * if (status != PSA_SUCCESS) handle_error(...); @@ -658,15 +660,17 @@ * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR * to convert a key pair type to the corresponding public key type. * \code{c} - * psa_key_type_t key_type; - * size_t key_bits; + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; * psa_status_t status; - * status = psa_get_key_information(key, &key_type, &key_bits); + * status = psa_get_key_attributes(key, &attributes); * if (status != PSA_SUCCESS) handle_error(...); + * psa_key_type_t key_type = psa_get_key_type(&attributes); * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type); + * size_t key_bits = psa_get_key_bits(&attributes); * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); + * psa_reset_key_attributes(&attributes); * unsigned char *buffer = malloc(buffer_size); - * if (buffer != NULL) handle_error(...); + * if (buffer == NULL) handle_error(...); * size_t buffer_length; * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); * if (status != PSA_SUCCESS) handle_error(...); From d6f371b1baca09d51ea6e1a914be921c76fa8bf8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 May 2019 19:33:38 +0200 Subject: [PATCH 1282/2197] Keys may allow a second algorithm Add a second permitted algorithm to key policies. This commit includes smoke tests that do not cover psa_copy_key. --- include/psa/crypto_extra.h | 39 ++++++++++++++++ include/psa/crypto_struct.h | 3 +- library/psa_crypto.c | 52 +++++++++++++++------ tests/suites/test_suite_psa_crypto.data | 8 ++++ tests/suites/test_suite_psa_crypto.function | 37 +++++++++++++++ 5 files changed, 124 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index c89c55df3..a1a658971 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -62,6 +62,45 @@ extern "C" { MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) #endif +/** \addtogroup policy + * @{ + */ + +/** \brief Set the enrollment algorithm in a key policy. + * + * An operation on a key may indifferently use the algorithm set with + * psa_key_policy_set_usage() or with this function. + * + * \param[in,out] policy The key policy to modify. It must have been + * initialized as per the documentation for + * #psa_key_policy_t. + * \param alg2 A second algorithm that the key may be used for, + * in addition to the algorithm set with + * psa_key_policy_set_usage(). + * + * \warning Setting an enrollment algorithm is not recommended, because + * using the same key with different algorithms can allow some + * attacks based on arithmetic relations between different + * computations made with the same key, or can escalate harmless + * side channels into exploitable ones. Use this function only + * if it is necessary to support a protocol for which is has been + * verified that the usage of the key with multiple algorithms + * is safe. + */ +void psa_key_policy_set_enrollment_algorithm(psa_key_policy_t *policy, + psa_algorithm_t alg2); + +/** \brief Retrieve the enrollment algorithm field of a policy structure. + * + * \param[in] policy The policy object to query. + * + * \return The enrollment algorithm for a key with this policy. + */ +psa_algorithm_t psa_key_policy_get_enrollment_algorithm( + const psa_key_policy_t *policy); + +/**@}*/ + /** * \brief Library deinitialization. * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index ee3ecd776..88503572f 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -228,9 +228,10 @@ struct psa_key_policy_s { psa_key_usage_t usage; psa_algorithm_t alg; + psa_algorithm_t alg2; }; -#define PSA_KEY_POLICY_INIT {0, 0} +#define PSA_KEY_POLICY_INIT {0, 0, 0} static inline struct psa_key_policy_s psa_key_policy_init( void ) { const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3b9c78ffc..17f2c2293 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -763,6 +763,25 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( return( 0 ); } +static int psa_key_algorithm_permits( psa_algorithm_t policy_alg, + psa_algorithm_t requested_alg ) +{ + /* Common case: the policy only allows alg. */ + if( requested_alg == policy_alg ) + return( 1 ); + /* If policy_alg is a hash-and-sign with a wildcard for the hash, + * and alg is the same hash-and-sign family with any hash, + * then alg is compliant with policy_alg. */ + if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) && + PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) + { + return( ( policy_alg & ~PSA_ALG_HASH_MASK ) == + ( requested_alg & ~PSA_ALG_HASH_MASK ) ); + } + /* If it isn't permitted, it's forbidden. */ + return( 0 ); +} + /** Test whether a policy permits an algorithm. * * The caller must test usage flags separately. @@ -770,20 +789,8 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( static int psa_key_policy_permits( const psa_key_policy_t *policy, psa_algorithm_t alg ) { - /* Common case: the policy only allows alg. */ - if( alg == policy->alg ) - return( 1 ); - /* If policy->alg is a hash-and-sign with a wildcard for the hash, - * and alg is the same hash-and-sign family with any hash, - * then alg is compliant with policy->alg. */ - if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && - PSA_ALG_SIGN_GET_HASH( policy->alg ) == PSA_ALG_ANY_HASH ) - { - return( ( policy->alg & ~PSA_ALG_HASH_MASK ) == - ( alg & ~PSA_ALG_HASH_MASK ) ); - } - /* If it isn't permitted, it's forbidden. */ - return( 0 ); + return( psa_key_algorithm_permits( policy->alg, alg ) || + psa_key_algorithm_permits( policy->alg2, alg ) ); } /** Restrict a key policy based on a constraint. @@ -804,10 +811,15 @@ static psa_status_t psa_restrict_key_policy( { psa_algorithm_t intersection_alg = psa_key_policy_algorithm_intersection( policy->alg, constraint->alg ); + psa_algorithm_t intersection_alg2 = + psa_key_policy_algorithm_intersection( policy->alg2, constraint->alg2 ); if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); + if( intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); policy->usage &= constraint->usage; policy->alg = intersection_alg; + policy->alg2 = intersection_alg2; return( PSA_SUCCESS ); } @@ -3218,6 +3230,18 @@ psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) { return( policy->alg ); } + +void psa_key_policy_set_enrollment_algorithm( psa_key_policy_t *policy, + psa_algorithm_t alg2 ) +{ + policy->alg2 = alg2; +} + +psa_algorithm_t psa_key_policy_get_enrollment_algorithm( + const psa_key_policy_t *policy ) +{ + return( policy->alg2 ); +} #endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */ psa_status_t psa_set_key_policy( psa_key_handle_t handle, diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 65ac6d7fb..e93bc15e2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -492,6 +492,14 @@ PSA key policy: agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW) +PSA key policy algorithm2: CTR, CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC_NOPAD +key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING + +PSA key policy algorithm2: ECDH, ECDSA +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C +key_policy_alg2:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA_ANY + Copy key: raw, 0 bytes copy_key_policy:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:-1:-1:0:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4cec11881..a79b73834 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1932,6 +1932,43 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_policy_alg2( int key_type_arg, data_t *key_data, + int usage_arg, int alg_arg, int alg2_arg ) +{ + psa_key_handle_t handle = 0; + psa_key_type_t key_type = key_type_arg; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_policy_t got_policy = PSA_KEY_POLICY_INIT; + psa_key_usage_t usage = usage_arg; + psa_algorithm_t alg = alg_arg; + psa_algorithm_t alg2 = alg2_arg; + + PSA_ASSERT( psa_crypto_init( ) ); + + PSA_ASSERT( psa_allocate_key( &handle ) ); + psa_key_policy_set_usage( &policy, usage, alg ); + psa_key_policy_set_enrollment_algorithm( &policy, alg2 ); + PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); + PSA_ASSERT( psa_import_key( handle, key_type, + key_data->x, key_data->len ) ); + + PSA_ASSERT( psa_get_key_policy( handle, &got_policy ) ); + TEST_EQUAL( psa_key_policy_get_usage( &got_policy ), usage ); + TEST_EQUAL( psa_key_policy_get_algorithm( &got_policy ), alg ); + TEST_EQUAL( psa_key_policy_get_enrollment_algorithm( &got_policy ), alg2 ); + + if( ! exercise_key( handle, usage, alg ) ) + goto exit; + if( ! exercise_key( handle, usage, alg2 ) ) + goto exit; + +exit: + psa_destroy_key( handle ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void copy_key_policy( int source_usage_arg, int source_alg_arg, int type_arg, data_t *material, From ca5bed742fd1a886284baca48b2b7574d875630c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 11:29:51 +0200 Subject: [PATCH 1283/2197] Align test functions to usage/alg parameter order --- tests/suites/test_suite_psa_crypto.data | 74 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 5 +- ..._suite_psa_crypto_slot_management.function | 4 +- 3 files changed, 41 insertions(+), 42 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e93bc15e2..99e12d5d6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2,28 +2,28 @@ PSA compile-time sanity checks static_checks: PSA import/export raw: 0 bytes -import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 +import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export AES-128 depends_on:MBEDTLS_AES_C -import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:128:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:128:0:PSA_SUCCESS:1 PSA import/export AES-192 depends_on:MBEDTLS_AES_C -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:192:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:192:0:PSA_SUCCESS:1 PSA import/export AES-256 depends_on:MBEDTLS_AES_C -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1 PSA import to non empty key slot depends_on:MBEDTLS_AES_C @@ -78,55 +78,55 @@ import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -162,11 +162,11 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5 PSA import/export RSA public key: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -186,7 +186,7 @@ import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754 PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED @@ -194,7 +194,7 @@ import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be07 PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -202,7 +202,7 @@ import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab1 PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED @@ -210,7 +210,7 @@ import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c6 PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED @@ -218,7 +218,7 @@ import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06 PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED @@ -226,7 +226,7 @@ import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8 PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED @@ -234,7 +234,7 @@ import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202a PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED @@ -246,33 +246,33 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export HMAC key: policy forbids export depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. PSA import/export RSA public key: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 +import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 PSA import/export RSA keypair: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -312,7 +312,7 @@ import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b1 PSA import failure preserves policy depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS +import_twice:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a79b73834..6aed64dd5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1055,7 +1055,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void import_twice( int alg_arg, int usage_arg, +void import_twice( int usage_arg, int alg_arg, int type1_arg, data_t *data1, int expected_import1_status_arg, int type2_arg, data_t *data2, @@ -1133,8 +1133,7 @@ exit: /* BEGIN_CASE */ void import_export( data_t *data, int type_arg, - int alg_arg, - int usage_arg, + int usage_arg, int alg_arg, int expected_bits, int export_size_delta, int expected_export_status_arg, diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 0278b880d..92c9d6589 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -65,7 +65,7 @@ static int psa_key_policy_equal( psa_key_policy_t *p1, */ /* BEGIN_CASE */ -void transient_slot_lifecycle( int alg_arg, int usage_arg, +void transient_slot_lifecycle( int usage_arg, int alg_arg, int type_arg, data_t *key_data, int close_method_arg ) { @@ -114,7 +114,7 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, - int alg_arg, int usage_arg, + int usage_arg, int alg_arg, int type_arg, data_t *key_data, int close_method_arg ) { From 536e20571a077db11b82b646ab0199ebf34cb99c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 12:51:03 +0200 Subject: [PATCH 1284/2197] New macro to get the bit size of an elliptic curve --- include/psa/crypto_sizes.h | 41 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.function | 4 +- 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 34664fc10..3cb0c73ab 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -187,6 +187,47 @@ #define PSA_VENDOR_ECC_MAX_CURVE_BITS 0 #endif +/** Bit size associated with an elliptic curve. + * + * \param curve An elliptic curve (value of type #psa_ecc_curve_t). + * + * \return The size associated with \p curve, in bits. + * This may be 0 if the implementation does not support + * the specified curve. + */ +#define PSA_ECC_CURVE_BITS(curve) \ + ((curve) == PSA_ECC_CURVE_SECT163K1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R1 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT163R2 ? 163 : \ + (curve) == PSA_ECC_CURVE_SECT193R1 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT193R2 ? 193 : \ + (curve) == PSA_ECC_CURVE_SECT233K1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT233R1 ? 233 : \ + (curve) == PSA_ECC_CURVE_SECT239K1 ? 239 : \ + (curve) == PSA_ECC_CURVE_SECT283K1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT283R1 ? 283 : \ + (curve) == PSA_ECC_CURVE_SECT409K1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT409R1 ? 409 : \ + (curve) == PSA_ECC_CURVE_SECT571K1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECT571R1 ? 571 : \ + (curve) == PSA_ECC_CURVE_SECP160K1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R1 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP160R2 ? 160 : \ + (curve) == PSA_ECC_CURVE_SECP192K1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP192R1 ? 192 : \ + (curve) == PSA_ECC_CURVE_SECP224K1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP224R1 ? 224 : \ + (curve) == PSA_ECC_CURVE_SECP256K1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_SECP384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_SECP521R1 ? 521 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ + (curve) == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ + (curve) == PSA_ECC_CURVE_CURVE25519 ? 255 : \ + (curve) == PSA_ECC_CURVE_CURVE448 ? 448 : \ + 0) + /** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN * * This macro returns the maximum length of the PSK supported diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 01c8628ce..4686bfa3f 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -477,9 +477,7 @@ void ecc_key_types( int curve_arg, int curve_bits_arg ) TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve ); TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve ); - /* Validate that the bit size is less than the maximum ECC bit size - * in this implementation. There's no parameter that should be equal - * to curve_bits and can be validated without creating a key. */ + TEST_EQUAL( curve_bits, PSA_ECC_CURVE_BITS( curve ) ); TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); } /* END_CASE */ From 2c86ebc2f87a0326eb18fd56e0baa0ac7b4ce98f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:21:57 +0200 Subject: [PATCH 1285/2197] EC key pair import: check the buffer size When importing a private elliptic curve key, require the input to have exactly the right size. RFC 5915 requires the right size (you aren't allowed to omit leading zeros). A different buffer size likely means that something is wrong, e.g. a mismatch between the declared key type and the actual data. --- library/psa_crypto.c | 3 +++ tests/suites/test_suite_psa_crypto.data | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 17f2c2293..d3a013447 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -621,6 +621,9 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, mbedtls_ecp_keypair *ecp = NULL; mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + if( PSA_BITS_TO_BYTES( PSA_ECC_CURVE_BITS( curve ) ) != data_length ) + return( PSA_ERROR_INVALID_ARGUMENT ); + *p_ecp = NULL; ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); if( ecp == NULL ) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 99e12d5d6..cb7bfb3fb 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -278,6 +278,10 @@ PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT +PSA import EC keypair: too short +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +import:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT + PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT From cbce4d8889d5507fd88c1fcea692c1d98dcccf55 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:24:15 +0200 Subject: [PATCH 1286/2197] Persistent key reload: test more metadata In the tests for opening a persistent key after closing it, also read back and check the key data if permitted by policy, and the key policy. --- ...test_suite_psa_crypto_slot_management.data | 8 +++++ ..._suite_psa_crypto_slot_management.function | 34 +++++++++++++++++-- 2 files changed, 39 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e937465a1..e520d345d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -16,6 +16,14 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DAT Persistent slot, check after restart persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +Persistent slot: ECP keypair (ECDSA, exportable); close +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE + +Persistent slot: ECP keypair (ECDSA, exportable); restart +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN + Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 92c9d6589..d983c0ee0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -123,10 +123,15 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_algorithm_t alg = alg_arg; psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; + size_t bits; close_method_t close_method = close_method_arg; psa_key_type_t read_type; + size_t read_bits; psa_key_handle_t handle = 0; psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_policy_t read_policy = PSA_KEY_POLICY_INIT; + uint8_t *reexported = NULL; + size_t reexported_length = -1; TEST_MAX_KEY_ID( id ); @@ -138,7 +143,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_key_policy_set_usage( &policy, usage_flags, alg ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); - PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); + PSA_ASSERT( psa_get_key_information( handle, &read_type, &bits ) ); TEST_EQUAL( read_type, type ); /* Close the key and reopen it. */ @@ -167,14 +172,36 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); /* Try to reopen the key. If we destroyed it, check that it doesn't - * exist, otherwise check that it still exists. */ + * exist. Otherwise check that it still exists and has the expected + * content. */ switch( close_method ) { case CLOSE_BY_CLOSE: case CLOSE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( lifetime, id, &handle ) ); - PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); + PSA_ASSERT( psa_get_key_policy( handle, &read_policy ) ); + PSA_ASSERT( psa_get_key_information( handle, + &read_type, &read_bits ) ); TEST_EQUAL( read_type, type ); + TEST_EQUAL( read_bits, bits ); + TEST_EQUAL( psa_key_policy_get_usage( &read_policy ), usage_flags ); + TEST_EQUAL( psa_key_policy_get_algorithm( &read_policy ), alg ); + if( policy.usage & PSA_KEY_USAGE_EXPORT ) + { + ASSERT_ALLOC( reexported, key_data->len ); + PSA_ASSERT( psa_export_key( handle, + reexported, key_data->len, + &reexported_length ) ); + ASSERT_COMPARE( key_data->x, key_data->len, + reexported, reexported_length ); + } + else + { + TEST_EQUAL( psa_export_key( handle, + reexported, sizeof( reexported ), + &reexported_length ), + PSA_ERROR_NOT_PERMITTED ); + } break; case CLOSE_BY_DESTROY: TEST_EQUAL( psa_open_key( lifetime, id, &handle ), @@ -185,6 +212,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, exit: mbedtls_psa_crypto_free( ); psa_purge_key_storage( ); + mbedtls_free( reexported ); } /* END_CASE */ From 6fbfdb9e06a586f541b1821d31416af28b533bd1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:32:11 +0200 Subject: [PATCH 1287/2197] Enrollment algorithm in policy: test persistent keys --- .../test_suite_psa_crypto_slot_management.data | 18 +++++++++++++----- ...t_suite_psa_crypto_slot_management.function | 6 +++++- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e520d345d..7b6863ffb 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -8,21 +8,29 @@ Transient slot, check after restart transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot, check after closing -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE Persistent slot, check after destroying -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY Persistent slot, check after restart -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable); close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE Persistent slot: ECP keypair (ECDSA, exportable); restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN + +Persistent slot: ECP keypair (ECDH+ECDSA, exportable); close +depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE + +Persistent slot: ECP keypair (ECDH+ECDSA, exportable); restart +depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index d983c0ee0..a50180ba4 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -114,13 +114,14 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, - int usage_arg, int alg_arg, + int usage_arg, int alg_arg, int alg2_arg, int type_arg, data_t *key_data, int close_method_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; psa_algorithm_t alg = alg_arg; + psa_algorithm_t alg2 = alg2_arg; psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; size_t bits; @@ -141,6 +142,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, PSA_ASSERT( psa_create_key( lifetime, id, &handle ) ); TEST_ASSERT( handle != 0 ); psa_key_policy_set_usage( &policy, usage_flags, alg ); + psa_key_policy_set_enrollment_algorithm( &policy, alg2 ); PSA_ASSERT( psa_set_key_policy( handle, &policy ) ); PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) ); PSA_ASSERT( psa_get_key_information( handle, &read_type, &bits ) ); @@ -186,6 +188,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_EQUAL( read_bits, bits ); TEST_EQUAL( psa_key_policy_get_usage( &read_policy ), usage_flags ); TEST_EQUAL( psa_key_policy_get_algorithm( &read_policy ), alg ); + TEST_EQUAL( psa_key_policy_get_enrollment_algorithm( &read_policy ), + alg2 ); if( policy.usage & PSA_KEY_USAGE_EXPORT ) { ASSERT_ALLOC( reexported, key_data->len ); From 81efb391ebc5ae425d614a74fdf067425da0259c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:38:16 +0200 Subject: [PATCH 1288/2197] Enrollment algorithm in policy: implement persistent keys --- library/psa_crypto_storage.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 840f418c3..babc5bb95 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -269,6 +269,7 @@ void psa_format_key_data_for_storage( const uint8_t *data, PUT_UINT32_LE(type, storage_format->type, 0); PUT_UINT32_LE(policy->usage, storage_format->policy, 0); PUT_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); + PUT_UINT32_LE(policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); PUT_UINT32_LE(data_length, storage_format->data_len, 0); memcpy( storage_format->key_data, data, data_length ); } @@ -316,6 +317,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, GET_UINT32_LE(*type, storage_format->type, 0); GET_UINT32_LE(policy->usage, storage_format->policy, 0); GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); + GET_UINT32_LE(policy->alg2, storage_format->policy, 2 * sizeof( uint32_t )); memcpy( *key_data, storage_format->key_data, *key_data_length ); From 468c96cccc1292f17c14d317ec20b0bf2681cbda Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 11:16:10 +0200 Subject: [PATCH 1289/2197] Enrollment algorithm in policy: update persistent key tests The storage format has changed, so update the test data accordingly. --- .../suites/test_suite_psa_crypto_persistent_key.data | 12 ++++++------ .../test_suite_psa_crypto_persistent_key.function | 6 +++++- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index f97a5e063..36a3bfa76 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,20 +1,20 @@ PSA Storage format data for storage -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN PSA Storage parse stored data -parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS +parse_storage_data_check:"505341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS PSA Storage parse stored data wrong version, should fail -parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff00000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse too big data, should fail -parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b4559000000000000000170010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse bad magic, should fail -parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse not enough magic, should fail -parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE # Not specific to files, but only run this test in an environment where the maximum size could be reached. Save maximum size persistent raw key diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 90e10f66b..2582534b2 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -26,7 +26,8 @@ typedef struct { /* BEGIN_CASE */ void format_storage_data_check( data_t *key_data, data_t *expected_file_data, - int key_type, int key_usage, int key_alg ) + int key_type, + int key_usage, int key_alg, int key_alg2 ) { uint8_t *file_data; size_t file_data_length; @@ -34,6 +35,7 @@ void format_storage_data_check( data_t *key_data, key_policy.usage = (psa_key_usage_t) key_usage; key_policy.alg = (psa_algorithm_t) key_alg; + key_policy.alg2 = (psa_algorithm_t) key_alg2; file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format ); file_data = mbedtls_calloc( 1, file_data_length ); @@ -53,6 +55,7 @@ void parse_storage_data_check( data_t *file_data, int expected_key_type, int expected_key_usage, int expected_key_alg, + int expected_key_alg2, int expected_status ) { uint8_t *key_data = NULL; @@ -72,6 +75,7 @@ void parse_storage_data_check( data_t *file_data, TEST_EQUAL( key_type, (psa_key_type_t) expected_key_type ); TEST_EQUAL( key_policy.usage, (uint32_t) expected_key_usage ); TEST_EQUAL( key_policy.alg, (uint32_t) expected_key_alg ); + TEST_EQUAL( key_policy.alg2, (uint32_t) expected_key_alg2 ); ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, key_data, key_data_length ); From 640273a35ecbafe34fe7a9b3e59cb7af1412de91 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 17:16:43 +0200 Subject: [PATCH 1290/2197] Update key file format information for 1.0.0 The storage specification described a version tentatively called 0.2.0. This was actually released as 1.0.0 with the format as described here. --- .../mbed-crypto-storage-specification.md | 41 ++++++++++--------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index 2d4fed56c..9edf6aa05 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -84,46 +84,47 @@ An undocumented build-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` al * `sprintf(CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#key-names-for-0.1.0) is `key_id`. * Other files: unused. -Mbed Crypto 0.2.0 +Mbed Crypto 1.0.0 ----------------- -**Warning:** the information in this section is provisional and may change before Mbed Crypto is released for Mbed OS 5.12. At the time of writing, we don't even know whether this version will be called 0.2.0. +Tags: mbedcrypto-1.0.0d4, mbedcrypto-1.0.0 -To be released for Mbed OS 5.12. +Released in February 2019.
+Integrated in Mbed OS 5.12. Supported integrations: -* [PSA platform](#file-namespace-on-a-psa-platform-for-0.2.0) -* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-0.2.0) -* [library using C stdio](#file-namespace-on-stdio-for-0.2.0) +* [PSA platform](#file-namespace-on-a-psa-platform-for-1.0.0) +* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-1.0.0) +* [library using C stdio](#file-namespace-on-stdio-for-1.0.0) Supported features: -* [Persistent transparent keys](#key-file-format-for-0.2.0) designated by a [key identifier and owner](#key-names-for-0.2.0). -* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0) on ITS only. +* [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and owner](#key-names-for-1.0.0). +* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0) on ITS only. Backward compatibility commitments: TBD -### Key names for 0.2.0 +### Key names for 1.0.0 Information about each key is stored in a dedicated file designated by a _key file identifier_ (`psa_key_file_id_t`). The key file identifier is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, an identifier of the owner of the key. In integrations where there is no concept of key owner (in particular, in library integrations), the key file identifier is exactly the key identifier. When the library is integrated into a service, the service determines the semantics of the owner identifier. -The way in which the file name is constructed from the key file identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0). +The way in which the file name is constructed from the key file identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-1.0.0). The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid. * Library integration: the key file name is just the key identifer. This is a 32-bit value. * PSA service integration: the key file identifier is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier specified by the application and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. -### Key file format for 0.2.0 +### Key file format for 1.0.0 The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far). -### Nonvolatile random seed file format for 0.2.0 +### Nonvolatile random seed file format for 1.0.0 [Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0). -### File namespace on a PSA platform for 0.2.0 +### File namespace on a PSA platform for 1.0.0 Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. @@ -131,30 +132,30 @@ Assumption: the owner identifier is a nonzero value of type `int32_t`. * Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of the crypto library or crypto service. * File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0). -* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). The upper 32 bits determine the owner. +* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). The upper 32 bits determine the owner. -### File namespace on ITS as a library for 0.2.0 +### File namespace on ITS as a library for 1.0.0 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. This is a library integration, so there is no owner. The key file identifier is identical to the key identifier. * File 0: unused. -* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). -* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0). +* Files 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). +* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0). * Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff, 0x100000000 through 0xffffffffffffffff: unused. -### File namespace on stdio for 0.2.0 +### File namespace on stdio for 1.0.0 This is a library integration, so there is no owner. The key file identifier is identical to the key identifier. [Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0). -### Upgrade from 0.1.0 to 0.2.0. +### Upgrade from 0.1.0 to 1.0.0. * Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported. -### Suggested changes to make before 0.2.0 +### Suggested changes to make before 1.0.0 The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration). From 131aa31c8213a48f53793a9d5630c4564a2a697e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 17:17:17 +0200 Subject: [PATCH 1291/2197] New key file format for 1.0.1 Add alg2 field and note that some encodings have changed. --- .../mbed-crypto-storage-specification.md | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index 9edf6aa05..f4abd3e70 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -160,3 +160,36 @@ This is a library integration, so there is no owner. The key file identifier is The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration). It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use. + +Mbed Crypto 1.0.1 +----------------- + +Tags: TBD + +Released in May 2019.
+Integrated in Mbed OS 5.13. + +Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format. + +### Key file format for 1.0.1 + +The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following changes: + +* A new policy field, marked as [NEW:1.0.1] below. +* The encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far). + +A self-contained description of the file layout follows. + +All integers are encoded in little-endian order in 8-bit bytes. + +The layout of a key file is: + +* magic (8 bytes): `"PSA\0KEY\0"` +* version (4 bytes): 0 +* type (4 bytes): `psa_key_type_t` value +* policy usage flags (4 bytes): `psa_key_usage_t` value +* policy usage algorithm (4 bytes): `psa_algorithm_t` value +* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.0.1] +* key material length (4 bytes) +* key material: output of `psa_export_key` +* Any trailing data is rejected on load. From 705cbfd802df67710a7ffcaa79357519a1cd5fe1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 17:28:11 +0200 Subject: [PATCH 1292/2197] Enrollment algorithm in policy: add support in psa_copy_key tests Add parameters to psa_copy_key tests for the enrollment algorithm (alg2). This commit only tests with alg2=0, which is equivalent to not setting an enrollment algorithm. --- tests/suites/test_suite_psa_crypto.data | 56 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 38 ++++++++++--- ...test_suite_psa_crypto_slot_management.data | 8 +-- ..._suite_psa_crypto_slot_management.function | 16 +++++- 4 files changed, 76 insertions(+), 42 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index cb7bfb3fb..60d6d2bd7 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -505,115 +505,115 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE key_policy_alg2:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA_ANY Copy key: raw, 0 bytes -copy_key_policy:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:-1:-1:0:0 +copy_key_policy:0:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:0:-1:-1:0:0:0:0 Copy key: AES, same usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:-1:-1:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:-1:-1:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:-1:-1:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, 2 more usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:-1:-1:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:-1:-1:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, source=target, constraint with same usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, source=target, constraint with fewer usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, source=target, constraint with 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, source=target, constraint with 2 more usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, source=target, constraint with different usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, permissive target, restrictive constraint depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:-1:-1:0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:-1:-1:0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:-1:-1:0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:-1:-1:0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:-1:-1:0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:-1:-1:0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:-1:-1:0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: RSA key pair, wildcard in constraint depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: RSA key pair, wildcard, restrictive constraint depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible constraint (wildcard on different base) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible constraint depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 6aed64dd5..b5bf7de9c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1969,30 +1969,38 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void copy_key_policy( int source_usage_arg, int source_alg_arg, +void copy_key_policy( int source_usage_arg, + int source_alg_arg, int source_alg2_arg, int type_arg, data_t *material, - int target_usage_arg, int target_alg_arg, - int constraint_usage_arg, int constraint_alg_arg, - int expected_usage_arg, int expected_alg_arg ) + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int constraint_usage_arg, + int constraint_alg_arg, int constraint_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg ) { psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; + psa_algorithm_t source_alg2 = source_alg2_arg; psa_key_handle_t source_handle = 0; psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; psa_key_type_t source_type = type_arg; size_t source_bits; psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; + psa_algorithm_t target_alg2 = target_alg2_arg; psa_key_handle_t target_handle = 0; psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; psa_key_type_t target_type; size_t target_bits; psa_key_usage_t constraint_usage = constraint_usage_arg; psa_algorithm_t constraint_alg = constraint_alg_arg; + psa_algorithm_t constraint_alg2 = constraint_alg2_arg; psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; psa_key_policy_t *p_constraint = NULL; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; + psa_algorithm_t expected_alg2 = expected_alg2_arg; uint8_t *export_buffer = NULL; if( constraint_usage_arg != -1 ) @@ -2000,6 +2008,8 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, p_constraint = &constraint; psa_key_policy_set_usage( p_constraint, constraint_usage, constraint_alg ); + psa_key_policy_set_enrollment_algorithm( p_constraint, + constraint_alg2 ); } PSA_ASSERT( psa_crypto_init( ) ); @@ -2007,6 +2017,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, /* Populate the source slot. */ PSA_ASSERT( psa_allocate_key( &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + psa_key_policy_set_enrollment_algorithm( &source_policy, source_alg2 ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); PSA_ASSERT( psa_import_key( source_handle, source_type, material->x, material->len ) ); @@ -2015,6 +2026,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, /* Prepare the target slot. */ PSA_ASSERT( psa_allocate_key( &target_handle ) ); psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + psa_key_policy_set_enrollment_algorithm( &target_policy, target_alg2 ); PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); target_policy = psa_key_policy_init(); @@ -2032,6 +2044,8 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) ); TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) ); + TEST_EQUAL( expected_alg2, + psa_key_policy_get_enrollment_algorithm( &target_policy ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; @@ -2053,10 +2067,11 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void copy_fail( int source_usage_arg, int source_alg_arg, +void copy_fail( int source_usage_arg, int source_alg_arg, int source_alg2_arg, int type_arg, data_t *material, - int target_usage_arg, int target_alg_arg, - int constraint_usage_arg, int constraint_alg_arg, + int target_usage_arg, int target_alg_arg, int target_alg2_arg, + int constraint_usage_arg, + int constraint_alg_arg, int constraint_alg2_arg, int expected_status_arg ) { /* Test copy failure into an empty slot. There is a test for copy failure @@ -2065,18 +2080,21 @@ void copy_fail( int source_usage_arg, int source_alg_arg, psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; + psa_algorithm_t source_alg2 = source_alg2_arg; psa_key_handle_t source_handle = 0; psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; psa_key_type_t source_type = type_arg; size_t source_bits; psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; + psa_algorithm_t target_alg2 = target_alg2_arg; psa_key_handle_t target_handle = 0; psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; psa_key_type_t target_type; size_t target_bits; psa_key_usage_t constraint_usage = constraint_usage_arg; psa_algorithm_t constraint_alg = constraint_alg_arg; + psa_algorithm_t constraint_alg2 = constraint_alg2_arg; psa_key_policy_t constraint = PSA_KEY_POLICY_INIT; psa_key_policy_t *p_constraint = NULL; psa_status_t expected_status = expected_status_arg; @@ -2086,6 +2104,8 @@ void copy_fail( int source_usage_arg, int source_alg_arg, p_constraint = &constraint; psa_key_policy_set_usage( p_constraint, constraint_usage, constraint_alg ); + psa_key_policy_set_enrollment_algorithm( p_constraint, + constraint_alg2 ); } PSA_ASSERT( psa_crypto_init( ) ); @@ -2093,6 +2113,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, /* Populate the source slot. */ PSA_ASSERT( psa_allocate_key( &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + psa_key_policy_set_enrollment_algorithm( &source_policy, source_alg2 ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); PSA_ASSERT( psa_import_key( source_handle, source_type, material->x, material->len ) ); @@ -2101,6 +2122,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, /* Prepare the target slot. */ PSA_ASSERT( psa_allocate_key( &target_handle ) ); psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + psa_key_policy_set_enrollment_algorithm( &target_policy, target_alg2 ); PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); target_policy = psa_key_policy_init(); @@ -2115,6 +2137,8 @@ void copy_fail( int source_usage_arg, int source_alg_arg, PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); TEST_EQUAL( target_usage, psa_key_policy_get_usage( &target_policy ) ); TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &target_policy ) ); + TEST_EQUAL( target_alg2, + psa_key_policy_get_enrollment_algorithm( &target_policy ) ); exit: mbedtls_psa_crypto_free( ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 7b6863ffb..802c7d9f9 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -82,19 +82,19 @@ depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED Copy volatile to volatile -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy volatile to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy persistent to volatile depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy persistent to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy empty volatile to volatile copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0 diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index a50180ba4..d036e9e56 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -327,16 +327,20 @@ exit: /* BEGIN_CASE */ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, - int source_usage_arg, int source_alg_arg, + int source_usage_arg, + int source_alg_arg, int source_alg2_arg, int type_arg, data_t *material, int target_lifetime_arg, int target_id_arg, - int target_usage_arg, int target_alg_arg, - int expected_usage_arg, int expected_alg_arg ) + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg ) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; psa_key_id_t source_id = source_id_arg; psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; + psa_algorithm_t source_alg2 = source_alg2_arg; psa_key_handle_t source_handle = 0; psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT; psa_key_type_t source_type = type_arg; @@ -345,12 +349,14 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_key_id_t target_id = target_id_arg; psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; + psa_algorithm_t target_alg2 = target_alg2_arg; psa_key_handle_t target_handle = 0; psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT; psa_key_type_t target_type; size_t target_bits; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; + psa_algorithm_t expected_alg2 = expected_alg2_arg; uint8_t *export_buffer = NULL; TEST_MAX_KEY_ID( source_id ); @@ -365,6 +371,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_create_key( source_lifetime, source_id, &source_handle ) ); psa_key_policy_set_usage( &source_policy, source_usage, source_alg ); + psa_key_policy_set_enrollment_algorithm( &source_policy, source_alg2 ); PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) ); PSA_ASSERT( psa_import_key( source_handle, source_type, material->x, material->len ) ); @@ -377,6 +384,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_create_key( target_lifetime, target_id, &target_handle ) ); psa_key_policy_set_usage( &target_policy, target_usage, target_alg ); + psa_key_policy_set_enrollment_algorithm( &target_policy, target_alg2 ); PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) ); target_policy = psa_key_policy_init(); @@ -404,6 +412,8 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) ); TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) ); TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) ); + TEST_EQUAL( expected_alg2, + psa_key_policy_get_enrollment_algorithm( &target_policy ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; From 52315e4c1664d0806c329980af9af2892f4e68e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 18:03:39 +0200 Subject: [PATCH 1293/2197] Enrollment algorithm in policy: add tests of psa_copy_key --- tests/suites/test_suite_psa_crypto.data | 32 +++++++++++++++++++ ...test_suite_psa_crypto_slot_management.data | 4 +++ 2 files changed, 36 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 60d6d2bd7..029cfb567 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -587,6 +587,30 @@ Copy key: RSA key pair, wildcard, restrictive constraint depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):-1:-1:-1:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) + +Copy key: source=ECDSA+ECDH, target=ECDSA+0 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:-1:-1:-1:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 + +Copy key: source=ECDSA+ECDH, target=0+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):-1:-1:-1:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) + +Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):-1:-1:-1:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW) + +Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA(PSA_ALG_SHA_256):-1:-1:-1:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA(PSA_ALG_SHA_256) + +Copy key: source=target=ECDSA(any)+ECDSAdet(any), constraint +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224) + Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT @@ -615,6 +639,14 @@ Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:-1:-1:0:PSA_ERROR_INVALID_ARGUMENT +Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):-1:-1:-1::PSA_ERROR_INVALID_ARGUMENT + +Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_ALG_ECDSA(PSA_ALG_SHA_256):-1:-1:-1::PSA_ERROR_INVALID_ARGUMENT + Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 802c7d9f9..1b9e0de1d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -96,6 +96,10 @@ Copy persistent to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 +Copy persistent to persistent with enrollment algorithm +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING + Copy empty volatile to volatile copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0 From 4754cdeef806f5167edc0d140b7fce52581c9aa5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 15:56:29 +0200 Subject: [PATCH 1294/2197] Improve description of psa_open_key() Remove obsolete reference to psa_make_key_persistent(). --- include/psa/crypto.h | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f1a290d7b..f099967a0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -461,10 +461,17 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); /** Open a handle to an existing persistent key. * - * Open a handle to a key which was previously created with - * psa_make_key_persistent() when setting its attributes. - * The handle should eventually be closed with psa_close_key() - * to release associated resources. + * Open a handle to a persistent key. A key is persistent if it was created + * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key + * always has a nonzero key identifier, set with psa_set_key_id() when + * creating the key. Implementations may provide additional pre-provisioned + * keys with identifiers in the range + * #PSA_KEY_ID_VENDOR_MIN–#PSA_KEY_ID_VENDOR_MAX. + * + * The application must eventually close the handle with psa_close_key() + * to release associated resources. If the application dies without calling + * psa_close_key(), the implementation should perform the equivalent of a + * call to psa_close_key(). * * Implementations may provide additional keys that can be opened with * psa_open_key(). Such keys have a key identifier in the vendor range, From 6c6195d7bab6edc0664fa552695efb4752887460 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 15:57:11 +0200 Subject: [PATCH 1295/2197] Remove implementation comment from API specification --- include/psa/crypto_types.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 02c26788f..156838daf 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -46,8 +46,8 @@ * * This is either #PSA_SUCCESS (which is zero), indicating success, * or a nonzero value indicating that an error occurred. Errors are - * encoded as one of the \c PSA_ERROR_xxx values defined here. - * If #PSA_SUCCESS is already defined, it means that #psa_status_t + * encoded as one of the \c PSA_ERROR_xxx values defined here. */ +/* If #PSA_SUCCESS is already defined, it means that #psa_status_t * is also defined in an external header, so prevent its multiple * definition. */ From 2cb9e39b505eeaf6b9e2859027f64adc1d2f8646 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 15:58:13 +0200 Subject: [PATCH 1296/2197] Convert TLS1.2 KDF descriptions to multistep key derivation Convert the description of PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS to the key derivation API that takes one input at a time rather than the old {secret,salt,label} interface. Define a new input category "seed". --- include/psa/crypto_values.h | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index c50b63742..b78d11a3b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1232,11 +1232,14 @@ * specified in Section 5 of RFC 5246. It is based on HMAC and can be * used with either SHA-256 or SHA-384. * - * For the application to TLS-1.2, the salt and label arguments passed - * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246, - * respectively. For example, for TLS key expansion, the salt is the + * This key derivation algorithm uses the following inputs: + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. + * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. + * + * For the application to TLS-1.2 key expansion, the seed is the * concatenation of ServerHello.Random + ClientHello.Random, - * while the label is "key expansion". + * and the label is "key expansion". * * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the * TLS 1.2 PRF using HMAC-SHA-256. @@ -1273,10 +1276,15 @@ * The latter is based on HMAC and can be used with either SHA-256 * or SHA-384. * - * For the application to TLS-1.2, the salt passed to psa_key_derivation() - * (and forwarded to the TLS-1.2 PRF) is the concatenation of the - * ClientHello.Random + ServerHello.Random, while the label is "master secret" - * or "extended master secret". + * This key derivation algorithm uses the following inputs: + * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. + * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. + * + * For the application to TLS-1.2, the seed (which is + * forwarded to the TLS-1.2 PRF) is the concatenation of the + * ClientHello.Random + ServerHello.Random, + * and the label is "master secret" or "extended master secret". * * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. @@ -1586,6 +1594,12 @@ */ #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) +/** A seed for key derivation. + * + * This must be a direct input. + */ +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) + /**@}*/ #endif /* PSA_CRYPTO_VALUES_H */ From 56e2dc8010902bdfb6ba87658b510e943b06dbcc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 15:59:56 +0200 Subject: [PATCH 1297/2197] Use "sufficient buffer size" in buffer size macros Don't use "safe buffer size", because this it's somewhat misleading to make it about safety: a buffer size that's too small will lead to a runtime error, not to undefined behavior. --- include/psa/crypto_sizes.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 02c1892e8..f0f31e6dc 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -426,9 +426,9 @@ #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ (PSA_BITS_TO_BYTES(curve_bits) * 2) -/** Safe signature buffer size for psa_asymmetric_sign(). +/** Sufficient signature buffer size for psa_asymmetric_sign(). * - * This macro returns a safe buffer size for a signature using a key + * This macro returns a sufficient buffer size for a signature using a key * of the specified type and size, with the specified algorithm. * Note that the actual size of the signature may be smaller * (some algorithms produce a variable-size signature). @@ -457,9 +457,9 @@ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ ((void)alg, 0)) -/** Safe output buffer size for psa_asymmetric_encrypt(). +/** Sufficient output buffer size for psa_asymmetric_encrypt(). * - * This macro returns a safe buffer size for a ciphertext produced using + * This macro returns a sufficient buffer size for a ciphertext produced using * a key of the specified type and size, with the specified algorithm. * Note that the actual size of the ciphertext may be smaller, depending * on the algorithm. @@ -488,9 +488,9 @@ ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ 0) -/** Safe output buffer size for psa_asymmetric_decrypt(). +/** Sufficient output buffer size for psa_asymmetric_decrypt(). * - * This macro returns a safe buffer size for a ciphertext produced using + * This macro returns a sufficient buffer size for a ciphertext produced using * a key of the specified type and size, with the specified algorithm. * Note that the actual size of the ciphertext may be smaller, depending * on the algorithm. @@ -629,7 +629,7 @@ #define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \ (PSA_BITS_TO_BYTES(key_bits)) -/** Safe output buffer size for psa_export_key() or psa_export_public_key(). +/** Sufficient output buffer size for psa_export_key() or psa_export_public_key(). * * This macro returns a compile-time constant if its arguments are * compile-time constants. From 737c6bef6a4509586023ce627c6eb0e540661ed9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 16:01:06 +0200 Subject: [PATCH 1298/2197] Fix grammar --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index b78d11a3b..d766b9d24 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -373,7 +373,7 @@ */ #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) -/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher. +/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). @@ -391,7 +391,7 @@ */ #define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) -/** Key for an cipher, AEAD or MAC algorithm based on the +/** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) From a741d39893e017941136dd994c2ff61f0329106e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 16:01:09 +0200 Subject: [PATCH 1299/2197] State that all error codes are negative --- include/psa/crypto_types.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 156838daf..7f0f38cdd 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -45,7 +45,7 @@ * \brief Function return status. * * This is either #PSA_SUCCESS (which is zero), indicating success, - * or a nonzero value indicating that an error occurred. Errors are + * or a small negative value indicating that an error occurred. Errors are * encoded as one of the \c PSA_ERROR_xxx values defined here. */ /* If #PSA_SUCCESS is already defined, it means that #psa_status_t * is also defined in an external header, so prevent its multiple From 6a2112361959b931869bc9e9dfe32e9b9f916dc5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 19:11:07 +0200 Subject: [PATCH 1300/2197] Remove obsolete mentions of PSA_ERROR_EMPTY_SLOT There are no more "empty slots", so finish removing the corresponding error. --- include/psa/crypto.h | 7 ------- 1 file changed, 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f099967a0..3036d17b4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1210,7 +1210,6 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -1249,7 +1248,6 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * The MAC of the message was calculated successfully, but it * differs from the expected value. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -1596,7 +1594,6 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -1638,7 +1635,6 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -2214,7 +2210,6 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -2276,7 +2271,6 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -3384,7 +3378,6 @@ psa_status_t psa_key_derivation_abort( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a key agreement algorithm From a9b9cf7d1ee961d05b6c2e5040f08fa742258e9e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 19:18:33 +0200 Subject: [PATCH 1301/2197] Document macros that are referenced Without documentation, Doxygen does not generate hyperlinks when the macro is referenced and prints out #PSA_xxx instead. --- include/psa/crypto_values.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index d766b9d24..e9fb9ad01 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -480,7 +480,19 @@ #define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) #define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) #define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +/** Curve25519. + * + * This is the curve defined in Bernstein et al., + * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. + * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. + */ #define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +/** Curve448 + * + * This is the curve defined in Hamburg, + * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. + * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. + */ #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) From 7a91ece3be684a05cdc78530ae34b851bd8ac7e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 May 2019 20:05:34 +0200 Subject: [PATCH 1302/2197] Update link to PSA Crypto API HTML Now that we aren't using Doxygen directly any longer, there is no longer a modules.html. Link to index.html instead. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 107f7ddd5..e243fe7e8 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ There are currently a few deviations where the library does not yet implement th ### PSA Cryptography API -You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/modules.html). +You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/index.html). ### Browsable library documentation From 549ea8676a49ac885cfe2f50d3c9a5adbc71f2c4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 May 2019 11:45:59 +0200 Subject: [PATCH 1303/2197] Minor documentation improvements --- include/psa/crypto_extra.h | 2 +- library/psa_crypto.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a1a658971..35eee11eb 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -83,7 +83,7 @@ extern "C" { * attacks based on arithmetic relations between different * computations made with the same key, or can escalate harmless * side channels into exploitable ones. Use this function only - * if it is necessary to support a protocol for which is has been + * if it is necessary to support a protocol for which it has been * verified that the usage of the key with multiple algorithms * is safe. */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d3a013447..c9ee8c990 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -748,7 +748,7 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( psa_algorithm_t alg1, psa_algorithm_t alg2 ) { - /* Common case: the policy only allows alg. */ + /* Common case: both sides actually specify the same policy. */ if( alg1 == alg2 ) return( alg1 ); /* If the policies are from the same hash-and-sign family, check @@ -769,12 +769,12 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( static int psa_key_algorithm_permits( psa_algorithm_t policy_alg, psa_algorithm_t requested_alg ) { - /* Common case: the policy only allows alg. */ + /* Common case: the policy only allows requested_alg. */ if( requested_alg == policy_alg ) return( 1 ); /* If policy_alg is a hash-and-sign with a wildcard for the hash, - * and alg is the same hash-and-sign family with any hash, - * then alg is compliant with policy_alg. */ + * and requested_alg is the same hash-and-sign family with any hash, + * then requested_alg is compliant with policy_alg. */ if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) && PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) { From 8d4d4f55f043bec7ed21f1f84cfc6ee8bcc4e690 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 22 May 2019 13:53:00 +0100 Subject: [PATCH 1304/2197] Makefile: Use full paths to refer to parent files When running lcov, files can't be found relative to the parent project (Mbed TLS) root. Use full, non-relative paths to refer to files used in building Mbed Crypto from Mbed TLS in order to enable lcov to locate the files properly. --- library/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/Makefile b/library/Makefile index 30bc96fb0..921b68ec7 100644 --- a/library/Makefile +++ b/library/Makefile @@ -92,9 +92,9 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ # For files generated by the parent project (Mbed TLS) when building Mbed # Crypto as a submodule, ensure that the parent project instance is used. ifeq ($(USE_CRYPTO_SUBMODULE), 1) -OBJS_CRYPTO += ../../library/error.o -OBJS_CRYPTO += ../../library/version.o -OBJS_CRYPTO += ../../library/version_features.o +OBJS_CRYPTO += $(patsubst %.c,%.o, $(realpath ../../library/error.c)) +OBJS_CRYPTO += $(patsubst %.c,%.o, $(realpath ../../library/version.c)) +OBJS_CRYPTO += $(patsubst %.c,%.o, $(realpath ../../library/version_features.c)) else OBJS_CRYPTO += error.o OBJS_CRYPTO += version.o From 58501e5ecc88496089374f7d143ea422921cd241 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 May 2019 19:28:12 +0200 Subject: [PATCH 1305/2197] API spec PDF: link to the actual PDF Link to the PDF file, not to a page with an embedded PDF reader --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e243fe7e8..8d9f2de95 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ There are currently a few deviations where the library does not yet implement th ### PSA Cryptography API -You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/index.html). +You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/raw/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/index.html). ### Browsable library documentation From f81f87f4ccb47c59791a5a1e604ddf42348290eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 May 2019 19:30:32 +0200 Subject: [PATCH 1306/2197] API spec HTML: Use Github Pages rather than htmlpreview htmlpreview.github.io breaks some links: in index.html viewed through this service, the links that should go to from_doxygen.html are shown as internal links, so the meat of the document is invisible. Link to Github pages instead. This relies on the documentation being available on the `master` branch of the mbed-crypto repository. This has the added benefit of not depending on a third-party service. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8d9f2de95..9d34c556a 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ There are currently a few deviations where the library does not yet implement th ### PSA Cryptography API -You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/raw/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/index.html). +You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/raw/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://armmbed.github.io/mbed-crypto/html/index.html). ### Browsable library documentation From 1ecf92c2f85b162d9475a9526522d724bcce4b6f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 24 May 2019 15:00:06 +0200 Subject: [PATCH 1307/2197] Align test functions to usage/alg parameter order Manually cherry-picked from ca5bed742fd1a886284baca48b2b7574d875630c by taking that patch, replacing KEYPAIR by KEY_PAIR throughout (renaming applied in this branch), and discarding parts about import_twice in test_suite_psa_crypto (this test function was removed from this branch). --- tests/suites/test_suite_psa_crypto.data | 72 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 3 +- ..._suite_psa_crypto_slot_management.function | 4 +- 3 files changed, 39 insertions(+), 40 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f4dc19dd7..b454cec9e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -20,28 +20,28 @@ PSA key attributes: lifetime then id persistence_attributes:0x1234:3:0x1235:0x1235:3 PSA import/export raw: 0 bytes -import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1 +import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, larger buffer -import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1 +import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:1:PSA_SUCCESS:1 PSA import/export raw: 2 bytes, buffer too small -import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export AES-128 depends_on:MBEDTLS_AES_C -import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:128:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:128:0:PSA_SUCCESS:1 PSA import/export AES-192 depends_on:MBEDTLS_AES_C -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:192:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:192:0:PSA_SUCCESS:1 PSA import/export AES-256 depends_on:MBEDTLS_AES_C -import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1 PSA invalid handle (0) invalid_handle:0 @@ -58,55 +58,55 @@ import:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -142,11 +142,11 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5 PSA import/export RSA public key: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1 +import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -166,7 +166,7 @@ import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754 PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED @@ -174,7 +174,7 @@ import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be07 PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -182,7 +182,7 @@ import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab1 PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED @@ -190,7 +190,7 @@ import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c6 PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED @@ -198,7 +198,7 @@ import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06 PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED @@ -206,7 +206,7 @@ import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8 PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED @@ -214,7 +214,7 @@ import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202a PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED @@ -226,33 +226,33 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export HMAC key: policy forbids export depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. PSA import/export RSA public key: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 +import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 PSA import/export RSA keypair: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4aa4026fd..e351603d0 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1307,8 +1307,7 @@ exit: /* BEGIN_CASE */ void import_export( data_t *data, int type_arg, - int alg_arg, - int usage_arg, + int usage_arg, int alg_arg, int expected_bits, int export_size_delta, int expected_export_status_arg, diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 5e594c27b..f1b332fbe 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -74,7 +74,7 @@ static void psa_purge_key_storage( void ) */ /* BEGIN_CASE */ -void transient_slot_lifecycle( int alg_arg, int usage_arg, +void transient_slot_lifecycle( int usage_arg, int alg_arg, int type_arg, data_t *key_data, int close_method_arg ) { @@ -124,7 +124,7 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, - int alg_arg, int usage_arg, + int usage_arg, int alg_arg, int type_arg, data_t *key_data, int close_method_arg ) { From d3bb7bb2f2b85f730eb08474b3b8d41c1e5432cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:24:15 +0200 Subject: [PATCH 1308/2197] Persistent key reload: test more metadata In the tests for opening a persistent key after closing it, also read back and check the key data if permitted by policy, and the key policy. --- ...test_suite_psa_crypto_slot_management.data | 8 +++ ..._suite_psa_crypto_slot_management.function | 57 ++++++++++++++++--- 2 files changed, 56 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 862919a7f..fe4abf1c0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -25,6 +25,14 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PS Persistent slot, check after restart, id=max persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +Persistent slot: ECP keypair (ECDSA, exportable); close +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE + +Persistent slot: ECP keypair (ECDSA, exportable); restart +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN + Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index f1b332fbe..c073f0ba0 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -134,9 +134,11 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; - psa_key_type_t read_type; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t read_attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t *reexported = NULL; + size_t reexported_length = -1; TEST_USES_KEY_ID( id ); @@ -151,14 +153,22 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_ASSERT( handle != 0 ); - PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_EQUAL( read_type, type ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); + TEST_EQUAL( psa_get_key_id( &attributes ), id ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Close the key and reopen it. */ PSA_ASSERT( psa_close_key( handle ) ); PSA_ASSERT( psa_open_key( id, &handle ) ); - PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_EQUAL( read_type, type ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); + TEST_EQUAL( psa_get_key_id( &attributes ), id ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Do something that invalidates the handle. */ switch( close_method ) @@ -175,19 +185,47 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, break; } /* Test that the handle is now invalid. */ - TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ), + TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), PSA_ERROR_INVALID_HANDLE ); + psa_reset_key_attributes( &read_attributes ); TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); /* Try to reopen the key. If we destroyed it, check that it doesn't - * exist, otherwise check that it still exists. */ + * exist. Otherwise check that it still exists and has the expected + * content. */ switch( close_method ) { case CLOSE_BY_CLOSE: case CLOSE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( id, &handle ) ); - PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ); - TEST_EQUAL( read_type, type ); + PSA_ASSERT( psa_get_key_attributes( handle, &read_attributes ) ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), + psa_get_key_lifetime( &read_attributes ) ); + TEST_EQUAL( psa_get_key_id( &attributes ), + psa_get_key_id( &read_attributes ) ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), + psa_get_key_algorithm( &read_attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), + psa_get_key_type( &read_attributes ) ); + TEST_EQUAL( psa_get_key_bits( &attributes ), + psa_get_key_bits( &read_attributes ) ); + if( usage_flags & PSA_KEY_USAGE_EXPORT ) + { + ASSERT_ALLOC( reexported, key_data->len ); + PSA_ASSERT( psa_export_key( handle, + reexported, key_data->len, + &reexported_length ) ); + ASSERT_COMPARE( key_data->x, key_data->len, + reexported, reexported_length ); + } + else + { + TEST_EQUAL( psa_export_key( handle, + reexported, sizeof( reexported ), + &reexported_length ), + PSA_ERROR_NOT_PERMITTED ); + } break; case CLOSE_BY_DESTROY: TEST_EQUAL( psa_open_key( id, &handle ), @@ -198,6 +236,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, exit: mbedtls_psa_crypto_free( ); psa_purge_key_storage( ); + mbedtls_free( reexported ); } /* END_CASE */ From 96f0b3b1d35708607faa91531540e1b65d35e82a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 May 2019 19:33:38 +0200 Subject: [PATCH 1309/2197] Keys may allow a second algorithm Add a second permitted algorithm to key policies. This commit includes smoke tests that do not cover psa_copy_key. --- include/psa/crypto_extra.h | 44 +++++++++++++++++++++ include/psa/crypto_struct.h | 5 ++- library/psa_crypto.c | 40 ++++++++++++------- tests/suites/test_suite_psa_crypto.data | 8 ++++ tests/suites/test_suite_psa_crypto.function | 37 +++++++++++++++++ 5 files changed, 118 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 497fd752a..0de4e1f0f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -62,6 +62,50 @@ extern "C" { MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) #endif +/** \addtogroup attributes + * @{ + */ + +/** \brief Declare the enrollment algorithm for a key. + * + * An operation on a key may indifferently use the algorithm set with + * psa_set_key_algorithm() or with this function. + * + * \param[out] attributes The attribute structure to write to. + * \param alg2 A second algorithm that the key may be used + * for, in addition to the algorithm set with + * psa_set_key_algorithm(). + * + * \warning Setting an enrollment algorithm is not recommended, because + * using the same key with different algorithms can allow some + * attacks based on arithmetic relations between different + * computations made with the same key, or can escalate harmless + * side channels into exploitable ones. Use this function only + * if it is necessary to support a protocol for which is has been + * verified that the usage of the key with multiple algorithms + * is safe. + */ +static inline void psa_set_key_enrollment_algorithm( + psa_key_attributes_t *attributes, + psa_algorithm_t alg2) +{ + attributes->policy.alg2 = alg2; +} + +/** Retrieve the enrollment algorithm policy from key attributes. + * + * \param[in] attributes The key attribute structure to query. + * + * \return The enrollment algorithm stored in the attribute structure. + */ +static inline psa_algorithm_t psa_get_key_enrollment_algorithm( + const psa_key_attributes_t *attributes) +{ + return( attributes->policy.alg2 ); +} + +/**@}*/ + /** * \brief Library deinitialization. * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 885d90888..977b021b8 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -251,10 +251,11 @@ struct psa_key_policy_s { psa_key_usage_t usage; psa_algorithm_t alg; + psa_algorithm_t alg2; }; typedef struct psa_key_policy_s psa_key_policy_t; -#define PSA_KEY_POLICY_INIT {0, 0} +#define PSA_KEY_POLICY_INIT {0, 0, 0} static inline struct psa_key_policy_s psa_key_policy_init( void ) { const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; @@ -272,7 +273,7 @@ struct psa_key_attributes_s size_t domain_parameters_size; }; -#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0, 0}, 0, 0, NULL, 0} static inline struct psa_key_attributes_s psa_key_attributes_init( void ) { const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c306727ed..8ed9deb5b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -786,6 +786,25 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( return( 0 ); } +static int psa_key_algorithm_permits( psa_algorithm_t policy_alg, + psa_algorithm_t requested_alg ) +{ + /* Common case: the policy only allows alg. */ + if( requested_alg == policy_alg ) + return( 1 ); + /* If policy_alg is a hash-and-sign with a wildcard for the hash, + * and alg is the same hash-and-sign family with any hash, + * then alg is compliant with policy_alg. */ + if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) && + PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) + { + return( ( policy_alg & ~PSA_ALG_HASH_MASK ) == + ( requested_alg & ~PSA_ALG_HASH_MASK ) ); + } + /* If it isn't permitted, it's forbidden. */ + return( 0 ); +} + /** Test whether a policy permits an algorithm. * * The caller must test usage flags separately. @@ -793,20 +812,8 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( static int psa_key_policy_permits( const psa_key_policy_t *policy, psa_algorithm_t alg ) { - /* Common case: the policy only allows alg. */ - if( alg == policy->alg ) - return( 1 ); - /* If policy->alg is a hash-and-sign with a wildcard for the hash, - * and alg is the same hash-and-sign family with any hash, - * then alg is compliant with policy->alg. */ - if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && - PSA_ALG_SIGN_GET_HASH( policy->alg ) == PSA_ALG_ANY_HASH ) - { - return( ( policy->alg & ~PSA_ALG_HASH_MASK ) == - ( alg & ~PSA_ALG_HASH_MASK ) ); - } - /* If it isn't permitted, it's forbidden. */ - return( 0 ); + return( psa_key_algorithm_permits( policy->alg, alg ) || + psa_key_algorithm_permits( policy->alg2, alg ) ); } /** Restrict a key policy based on a constraint. @@ -827,10 +834,15 @@ static psa_status_t psa_restrict_key_policy( { psa_algorithm_t intersection_alg = psa_key_policy_algorithm_intersection( policy->alg, constraint->alg ); + psa_algorithm_t intersection_alg2 = + psa_key_policy_algorithm_intersection( policy->alg2, constraint->alg2 ); if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); + if( intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); policy->usage &= constraint->usage; policy->alg = intersection_alg; + policy->alg2 = intersection_alg2; return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b454cec9e..e81aba76f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -516,6 +516,14 @@ PSA key policy: raw agreement, key only permits a KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +PSA key policy algorithm2: CTR, CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC_NOPAD +key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING + +PSA key policy algorithm2: ECDH, ECDSA +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C +key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY + Copy key: raw, 0 bytes copy_success:PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:PSA_KEY_USAGE_COPY:0 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index e351603d0..8cf30c8cb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1912,6 +1912,43 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_policy_alg2( int key_type_arg, data_t *key_data, + int usage_arg, int alg_arg, int alg2_arg ) +{ + psa_key_handle_t handle = 0; + psa_key_type_t key_type = key_type_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t usage = usage_arg; + psa_algorithm_t alg = alg_arg; + psa_algorithm_t alg2 = alg2_arg; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_enrollment_algorithm( &attributes, alg2 ); + psa_set_key_type( &attributes, key_type ); + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &handle ) ); + + PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); + TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); + TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 ); + + if( ! exercise_key( handle, usage, alg ) ) + goto exit; + if( ! exercise_key( handle, usage, alg2 ) ) + goto exit; + +exit: + psa_destroy_key( handle ); + mbedtls_psa_crypto_free( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void raw_agreement_key_policy( int policy_usage, int policy_alg, From f25c9ec02e11febeb51f1fe7f16fd1175e4f8777 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 May 2019 11:45:59 +0200 Subject: [PATCH 1310/2197] Minor documentation improvements --- include/psa/crypto_extra.h | 2 +- library/psa_crypto.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 0de4e1f0f..b3ec54fb2 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -81,7 +81,7 @@ extern "C" { * attacks based on arithmetic relations between different * computations made with the same key, or can escalate harmless * side channels into exploitable ones. Use this function only - * if it is necessary to support a protocol for which is has been + * if it is necessary to support a protocol for which it has been * verified that the usage of the key with multiple algorithms * is safe. */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8ed9deb5b..768410c99 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -768,7 +768,7 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( psa_algorithm_t alg1, psa_algorithm_t alg2 ) { - /* Common case: the policy only allows alg. */ + /* Common case: both sides actually specify the same policy. */ if( alg1 == alg2 ) return( alg1 ); /* If the policies are from the same hash-and-sign family, check @@ -789,12 +789,12 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( static int psa_key_algorithm_permits( psa_algorithm_t policy_alg, psa_algorithm_t requested_alg ) { - /* Common case: the policy only allows alg. */ + /* Common case: the policy only allows requested_alg. */ if( requested_alg == policy_alg ) return( 1 ); /* If policy_alg is a hash-and-sign with a wildcard for the hash, - * and alg is the same hash-and-sign family with any hash, - * then alg is compliant with policy_alg. */ + * and requested_alg is the same hash-and-sign family with any hash, + * then requested_alg is compliant with policy_alg. */ if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) && PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) { From 183442c854fec81e7aed7f6f5987b6b2fbfb5a9a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:32:11 +0200 Subject: [PATCH 1311/2197] Enrollment algorithm in policy: test persistent keys --- ...test_suite_psa_crypto_slot_management.data | 24 ++++++++++++------- ..._suite_psa_crypto_slot_management.function | 8 ++++++- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index fe4abf1c0..27af6efce 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -8,30 +8,38 @@ Transient slot, check after restart transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot, check after closing, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE Persistent slot, check after destroying, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY Persistent slot, check after restart, id=min -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot, check after closing, id=max -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE Persistent slot, check after destroying, id=max -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY Persistent slot, check after restart, id=max -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable); close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE Persistent slot: ECP keypair (ECDSA, exportable); restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN + +Persistent slot: ECP keypair (ECDH+ECDSA, exportable); close +depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE + +Persistent slot: ECP keypair (ECDH+ECDSA, exportable); restart +depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index c073f0ba0..b9dfc9bf6 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -124,13 +124,14 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, - int usage_arg, int alg_arg, + int usage_arg, int alg_arg, int alg2_arg, int type_arg, data_t *key_data, int close_method_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_id_t id = id_arg; psa_algorithm_t alg = alg_arg; + psa_algorithm_t alg2 = alg2_arg; psa_key_usage_t usage_flags = usage_arg; psa_key_type_t type = type_arg; close_method_t close_method = close_method_arg; @@ -150,6 +151,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, psa_set_key_type( &attributes, type ); psa_set_key_usage_flags( &attributes, usage_flags ); psa_set_key_algorithm( &attributes, alg ); + psa_set_key_enrollment_algorithm( &attributes, alg2 ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); TEST_ASSERT( handle != 0 ); @@ -158,6 +160,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_EQUAL( psa_get_key_id( &attributes ), id ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Close the key and reopen it. */ @@ -168,6 +171,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_EQUAL( psa_get_key_id( &attributes ), id ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Do something that invalidates the handle. */ @@ -206,6 +210,8 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), psa_get_key_algorithm( &read_attributes ) ); + TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), + psa_get_key_enrollment_algorithm( &read_attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), psa_get_key_type( &read_attributes ) ); TEST_EQUAL( psa_get_key_bits( &attributes ), From 110aff4c3870d71c2df047862a59c860cf60a05a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 May 2019 14:38:16 +0200 Subject: [PATCH 1312/2197] Enrollment algorithm in policy: implement persistent keys --- library/psa_crypto_storage.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 1e3ce0891..cd36bb910 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -269,6 +269,7 @@ void psa_format_key_data_for_storage( const uint8_t *data, PUT_UINT32_LE(type, storage_format->type, 0); PUT_UINT32_LE(policy->usage, storage_format->policy, 0); PUT_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); + PUT_UINT32_LE(policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); PUT_UINT32_LE(data_length, storage_format->data_len, 0); memcpy( storage_format->key_data, data, data_length ); } @@ -324,6 +325,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, GET_UINT32_LE(*type, storage_format->type, 0); GET_UINT32_LE(policy->usage, storage_format->policy, 0); GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); + GET_UINT32_LE(policy->alg2, storage_format->policy, 2 * sizeof( uint32_t )); return( PSA_SUCCESS ); } From b4e0cda8dbd5013bddcfb160b51e372519d3f2ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 May 2019 11:16:10 +0200 Subject: [PATCH 1313/2197] Enrollment algorithm in policy: update persistent key tests The storage format has changed, so update the test data accordingly. --- .../suites/test_suite_psa_crypto_persistent_key.data | 12 ++++++------ .../test_suite_psa_crypto_persistent_key.function | 6 +++++- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 0e5f745bc..dead13d01 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,20 +1,20 @@ PSA Storage format data for storage -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN PSA Storage parse stored data -parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS +parse_storage_data_check:"505341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS PSA Storage parse stored data wrong version, should fail -parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff00000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse too big data, should fail -parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b4559000000000000000170010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse bad magic, should fail -parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse not enough magic, should fail -parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE # Not specific to files, but only run this test in an environment where the maximum size could be reached. Save maximum size persistent raw key diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 636f2603b..0417d8490 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -26,7 +26,8 @@ typedef struct { /* BEGIN_CASE */ void format_storage_data_check( data_t *key_data, data_t *expected_file_data, - int key_type, int key_usage, int key_alg ) + int key_type, + int key_usage, int key_alg, int key_alg2 ) { uint8_t *file_data; size_t file_data_length; @@ -34,6 +35,7 @@ void format_storage_data_check( data_t *key_data, key_policy.usage = (psa_key_usage_t) key_usage; key_policy.alg = (psa_algorithm_t) key_alg; + key_policy.alg2 = (psa_algorithm_t) key_alg2; file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format ); file_data = mbedtls_calloc( 1, file_data_length ); @@ -53,6 +55,7 @@ void parse_storage_data_check( data_t *file_data, int expected_key_type, int expected_key_usage, int expected_key_alg, + int expected_key_alg2, int expected_status ) { uint8_t *key_data = NULL; @@ -72,6 +75,7 @@ void parse_storage_data_check( data_t *file_data, TEST_EQUAL( key_type, (psa_key_type_t) expected_key_type ); TEST_EQUAL( key_policy.usage, (uint32_t) expected_key_usage ); TEST_EQUAL( key_policy.alg, (uint32_t) expected_key_alg ); + TEST_EQUAL( key_policy.alg2, (uint32_t) expected_key_alg2 ); ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, key_data, key_data_length ); From bcdd44b9be57b9ca08ef2c08e3cf41d8aa05ce67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 17:28:11 +0200 Subject: [PATCH 1314/2197] Enrollment algorithm in policy: add support in psa_copy_key tests Add parameters to psa_copy_key tests for the enrollment algorithm (alg2). This commit only tests with alg2=0, which is equivalent to not setting an enrollment algorithm. --- tests/suites/test_suite_psa_crypto.data | 52 +++++++++---------- tests/suites/test_suite_psa_crypto.function | 25 +++++++-- ...test_suite_psa_crypto_slot_management.data | 8 +-- ..._suite_psa_crypto_slot_management.function | 14 +++-- 4 files changed, 61 insertions(+), 38 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e81aba76f..9ce90034f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -525,104 +525,104 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY Copy key: raw, 0 bytes -copy_success:PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:PSA_KEY_USAGE_COPY:0 +copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 Copy key: AES, copy attributes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":1:-1:-1:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, same usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags (-EXPORT) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, fewer usage flags (-COPY) depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0 Copy key: AES, 1 more usage flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, 2 more usage flags depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags #1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: AES, intersect usage flags #2 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy fail: raw data, no COPY flag -copy_fail:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_PERMITTED +copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED Copy key: AES, no COPY flag depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR -copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ERROR_NOT_PERMITTED +copy_fail:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0:PSA_ERROR_NOT_PERMITTED Copy fail: AES, incompatible target policy depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect type in attributes -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect size in attributes -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8cf30c8cb..aaa3189a8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1987,16 +1987,20 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void copy_success( int source_usage_arg, int source_alg_arg, +void copy_success( int source_usage_arg, + int source_alg_arg, int source_alg2_arg, int type_arg, data_t *material, int copy_attributes, - int target_usage_arg, int target_alg_arg, - int expected_usage_arg, int expected_alg_arg ) + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg ) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; + psa_algorithm_t expected_alg2 = expected_alg2_arg; psa_key_handle_t source_handle = 0; psa_key_handle_t target_handle = 0; uint8_t *export_buffer = NULL; @@ -2006,6 +2010,7 @@ void copy_success( int source_usage_arg, int source_alg_arg, /* Prepare the source key. */ psa_set_key_usage_flags( &source_attributes, source_usage_arg ); psa_set_key_algorithm( &source_attributes, source_alg_arg ); + psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); psa_set_key_type( &source_attributes, type_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, @@ -2019,6 +2024,8 @@ void copy_success( int source_usage_arg, int source_alg_arg, psa_set_key_usage_flags( &target_attributes, target_usage_arg ); if( target_alg_arg != -1 ) psa_set_key_algorithm( &target_attributes, target_alg_arg ); + if( target_alg2_arg != -1 ) + psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); /* Copy the key. */ PSA_ASSERT( psa_copy_key( source_handle, @@ -2035,6 +2042,8 @@ void copy_success( int source_usage_arg, int source_alg_arg, psa_get_key_bits( &target_attributes ) ); TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); + TEST_EQUAL( expected_alg2, + psa_get_key_enrollment_algorithm( &target_attributes ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; @@ -2046,6 +2055,8 @@ void copy_success( int source_usage_arg, int source_alg_arg, } if( ! exercise_key( target_handle, expected_usage, expected_alg ) ) goto exit; + if( ! exercise_key( target_handle, expected_usage, expected_alg2 ) ) + goto exit; PSA_ASSERT( psa_close_key( target_handle ) ); @@ -2058,10 +2069,12 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void copy_fail( int source_usage_arg, int source_alg_arg, +void copy_fail( int source_usage_arg, + int source_alg_arg, int source_alg2_arg, int type_arg, data_t *material, int target_type_arg, int target_bits_arg, - int target_usage_arg, int target_alg_arg, + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, int expected_status_arg ) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -2074,6 +2087,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, /* Prepare the source key. */ psa_set_key_usage_flags( &source_attributes, source_usage_arg ); psa_set_key_algorithm( &source_attributes, source_alg_arg ); + psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); psa_set_key_type( &source_attributes, type_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, @@ -2084,6 +2098,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg, psa_set_key_bits( &target_attributes, target_bits_arg ); psa_set_key_usage_flags( &target_attributes, target_usage_arg ); psa_set_key_algorithm( &target_attributes, target_alg_arg ); + psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); /* Try to copy the key. */ TEST_EQUAL( psa_copy_key( source_handle, diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 27af6efce..0e7419352 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -98,19 +98,19 @@ depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED Copy volatile to volatile -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy volatile to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy persistent to volatile depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy persistent to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C -copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0 +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 Copy volatile to occupied depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index b9dfc9bf6..3bc9f7885 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -363,11 +363,14 @@ exit: /* BEGIN_CASE */ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, - int source_usage_arg, int source_alg_arg, + int source_usage_arg, + int source_alg_arg, int source_alg2_arg, int type_arg, data_t *material, int target_lifetime_arg, int target_id_arg, - int target_usage_arg, int target_alg_arg, - int expected_usage_arg, int expected_alg_arg ) + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg ) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; psa_key_id_t source_id = source_id_arg; @@ -384,6 +387,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t expected_usage = expected_usage_arg; psa_algorithm_t expected_alg = expected_alg_arg; + psa_algorithm_t expected_alg2 = expected_alg2_arg; uint8_t *export_buffer = NULL; TEST_USES_KEY_ID( source_id ); @@ -400,6 +404,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_set_key_type( &source_attributes, source_type ); psa_set_key_usage_flags( &source_attributes, source_usage ); psa_set_key_algorithm( &source_attributes, source_alg ); + psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); PSA_ASSERT( psa_import_key( &source_attributes, material->x, material->len, &source_handle ) ); @@ -414,6 +419,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, } psa_set_key_usage_flags( &target_attributes, target_usage ); psa_set_key_algorithm( &target_attributes, target_alg ); + psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); /* Copy the key. */ PSA_ASSERT( psa_copy_key( source_handle, @@ -441,6 +447,8 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, psa_get_key_bits( &target_attributes ) ); TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); + TEST_EQUAL( expected_alg2, + psa_get_key_enrollment_algorithm( &target_attributes ) ); if( expected_usage & PSA_KEY_USAGE_EXPORT ) { size_t length; From 3027ba64295da9a9812114febd896181cb8e7442 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 18:03:39 +0200 Subject: [PATCH 1315/2197] Enrollment algorithm in policy: add tests of psa_copy_key --- tests/suites/test_suite_psa_crypto.data | 28 +++++++++++++++++++ ...test_suite_psa_crypto_slot_management.data | 4 +++ 2 files changed, 32 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9ce90034f..b3d27a8b4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -591,6 +591,26 @@ Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 +Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH + +Copy key: source=ECDSA+ECDH, target=ECDSA+0 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 + +Copy key: source=ECDSA+ECDH, target=0+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH + +Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH + +Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + Copy fail: raw data, no COPY flag copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED @@ -624,6 +644,14 @@ copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4 Copy fail: incorrect size in attributes copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_INVALID_ARGUMENT +Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH::PSA_ERROR_INVALID_ARGUMENT + +Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)::PSA_ERROR_INVALID_ARGUMENT + Hash operation object initializers zero properly hash_operation_init: diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 0e7419352..e65befe38 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -112,6 +112,10 @@ Copy persistent to persistent depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_USAGE_EXPORT:0:0 +Copy persistent to persistent with enrollment algorithm +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC +copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING + Copy volatile to occupied depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f" From 6f3c30e9dba90e135c1f8e6b420eb7e5c9f5fe05 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 14:31:27 +0200 Subject: [PATCH 1316/2197] Merge follow-up: remove unused code from the development branch --- library/psa_crypto.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bfd3b5cf4..768410c99 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3666,18 +3666,6 @@ psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) { return( policy->alg ); } - -void psa_key_policy_set_enrollment_algorithm( psa_key_policy_t *policy, - psa_algorithm_t alg2 ) -{ - policy->alg2 = alg2; -} - -psa_algorithm_t psa_key_policy_get_enrollment_algorithm( - const psa_key_policy_t *policy ) -{ - return( policy->alg2 ); -} #endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */ psa_status_t psa_set_key_policy( psa_key_handle_t handle, From 0bbad741f4373bb3c862a1547812c69b3cd3f42f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 18:24:31 +0200 Subject: [PATCH 1317/2197] Switch script to Python3 generate_psa_constants.py was accidentally declared with an implicitly-Python2 shebang. --- scripts/generate_psa_constants.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index ab7f1341f..a76bf7e07 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 import os import re import sys From 9d4d7500414c8371343025682bcf109e01e0f8b6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 18:25:46 +0200 Subject: [PATCH 1318/2197] Add a bit of documentation --- scripts/generate_psa_constants.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index a76bf7e07..997bd3c95 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -1,4 +1,11 @@ #!/usr/bin/env python3 + +"""Generate programs/psa/psa_constant_names_generated.c +which is included by programs/psa/psa_constant_names.c. +The code generated by this module is only meant to be used in the context +of that program. +""" + import os import re import sys @@ -179,6 +186,12 @@ bit_test_template = '''\ ''' class MacroCollector: + """Collect PSA crypto macro definitions from C header files. + +1. Call `read_file` on the input header file(s). +2. Call `write_file` to write ``psa_constant_names_generated.c``. +""" + def __init__(self): self.statuses = set() self.key_types = set() @@ -198,6 +211,10 @@ class MacroCollector: definition_re = re.compile(r'\s*#\s*define\s+(\w+)(?:\s+|\((\w+)\)\s*)(.+)(?:/[*/])?') def read_line(self, line): + """Parse a C header line and record the PSA identifier it defines if any. + This function analyzes lines that start with "#define PSA_" + (up to non-significant whitespace) and skips all non-matching lines.""" + # pylint: disable=too-many-branches m = re.match(self.definition_re, line) if not m: return From 42a0a0aeeab7bf793c510e7c8618fb248855e2a7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 18:29:47 +0200 Subject: [PATCH 1319/2197] Obey Python naming and method structure conventions * Rename internal methods and fields to start with an underscore. * Rename global constants to uppercase. * Change methods that don't use self to be class methods or static methods as appropriate. No behavior change in this commit. --- scripts/generate_psa_constants.py | 112 ++++++++++++----------- tests/scripts/test_psa_constant_names.py | 92 ++++++++++--------- 2 files changed, 106 insertions(+), 98 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 997bd3c95..d772a77fe 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -10,7 +10,7 @@ import os import re import sys -output_template = '''\ +OUTPUT_TEMPLATE = '''\ /* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ static const char *psa_strerror(psa_status_t status) @@ -154,19 +154,19 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size, /* End of automatically generated file. */ ''' -key_type_from_curve_template = '''if (%(tester)s(type)) { +KEY_TYPE_FROM_CURVE_TEMPLATE = '''if (%(tester)s(type)) { append_with_curve(&buffer, buffer_size, &required_size, "%(builder)s", %(builder_length)s, PSA_KEY_TYPE_GET_CURVE(type)); } else ''' -key_type_from_group_template = '''if (%(tester)s(type)) { +KEY_TYPE_FROM_GROUP_TEMPLATE = '''if (%(tester)s(type)) { append_with_group(&buffer, buffer_size, &required_size, "%(builder)s", %(builder_length)s, PSA_KEY_TYPE_GET_GROUP(type)); } else ''' -algorithm_from_hash_template = '''if (%(tester)s(core_alg)) { +ALGORITHM_FROM_HASH_TEMPLATE = '''if (%(tester)s(core_alg)) { append(&buffer, buffer_size, &required_size, "%(builder)s(", %(builder_length)s + 1); append_with_alg(&buffer, buffer_size, &required_size, @@ -175,7 +175,7 @@ algorithm_from_hash_template = '''if (%(tester)s(core_alg)) { append(&buffer, buffer_size, &required_size, ")", 1); } else ''' -bit_test_template = '''\ +BIT_TEST_TEMPLATE = '''\ if (%(var)s & %(flag)s) { if (required_size != 0) { append(&buffer, buffer_size, &required_size, " | ", 3); @@ -274,102 +274,104 @@ class MacroCollector: for line in header_file: self.read_line(line) - def make_return_case(self, name): + @staticmethod + def _make_return_case(name): return 'case %(name)s: return "%(name)s";' % {'name': name} - def make_append_case(self, name): + @staticmethod + def _make_append_case(name): template = ('case %(name)s: ' 'append(&buffer, buffer_size, &required_size, "%(name)s", %(length)d); ' 'break;') return template % {'name': name, 'length': len(name)} - def make_inner_append_case(self, name): - template = ('case %(name)s: ' - 'append(buffer, buffer_size, required_size, "%(name)s", %(length)d); ' - 'break;') - return template % {'name': name, 'length': len(name)} - - def make_bit_test(self, var, flag): - return bit_test_template % {'var': var, + @staticmethod + def _make_bit_test(var, flag): + return BIT_TEST_TEMPLATE % {'var': var, 'flag': flag, 'length': len(flag)} - def make_status_cases(self): - return '\n '.join(map(self.make_return_case, + def _make_status_cases(self): + return '\n '.join(map(self._make_return_case, sorted(self.statuses))) - def make_ecc_curve_cases(self): - return '\n '.join(map(self.make_return_case, + def _make_ecc_curve_cases(self): + return '\n '.join(map(self._make_return_case, sorted(self.ecc_curves))) - def make_dh_group_cases(self): - return '\n '.join(map(self.make_return_case, + def _make_dh_group_cases(self): + return '\n '.join(map(self._make_return_case, sorted(self.dh_groups))) - def make_key_type_cases(self): - return '\n '.join(map(self.make_append_case, + def _make_key_type_cases(self): + return '\n '.join(map(self._make_append_case, sorted(self.key_types))) - def make_key_type_from_curve_code(self, builder, tester): - return key_type_from_curve_template % {'builder': builder, + @staticmethod + def _make_key_type_from_curve_code(builder, tester): + return KEY_TYPE_FROM_CURVE_TEMPLATE % {'builder': builder, 'builder_length': len(builder), 'tester': tester} - def make_key_type_from_group_code(self, builder, tester): - return key_type_from_group_template % {'builder': builder, + @staticmethod + def _make_key_type_from_group_code(builder, tester): + return KEY_TYPE_FROM_GROUP_TEMPLATE % {'builder': builder, 'builder_length': len(builder), 'tester': tester} - def make_ecc_key_type_code(self): + def _make_ecc_key_type_code(self): d = self.key_types_from_curve - make = self.make_key_type_from_curve_code + make = self._make_key_type_from_curve_code return ''.join([make(k, d[k]) for k in sorted(d.keys())]) - def make_dh_key_type_code(self): + def _make_dh_key_type_code(self): d = self.key_types_from_group - make = self.make_key_type_from_group_code + make = self._make_key_type_from_group_code return ''.join([make(k, d[k]) for k in sorted(d.keys())]) - def make_hash_algorithm_cases(self): - return '\n '.join(map(self.make_return_case, + def _make_hash_algorithm_cases(self): + return '\n '.join(map(self._make_return_case, sorted(self.hash_algorithms))) - def make_ka_algorithm_cases(self): - return '\n '.join(map(self.make_return_case, + def _make_ka_algorithm_cases(self): + return '\n '.join(map(self._make_return_case, sorted(self.ka_algorithms))) - def make_algorithm_cases(self): - return '\n '.join(map(self.make_append_case, + def _make_algorithm_cases(self): + return '\n '.join(map(self._make_append_case, sorted(self.algorithms))) - def make_algorithm_from_hash_code(self, builder, tester): - return algorithm_from_hash_template % {'builder': builder, + @staticmethod + def _make_algorithm_from_hash_code(builder, tester): + return ALGORITHM_FROM_HASH_TEMPLATE % {'builder': builder, 'builder_length': len(builder), 'tester': tester} - def make_algorithm_code(self): + def _make_algorithm_code(self): d = self.algorithms_from_hash - make = self.make_algorithm_from_hash_code + make = self._make_algorithm_from_hash_code return ''.join([make(k, d[k]) for k in sorted(d.keys())]) - def make_key_usage_code(self): - return '\n'.join([self.make_bit_test('usage', bit) + def _make_key_usage_code(self): + return '\n'.join([self._make_bit_test('usage', bit) for bit in sorted(self.key_usages)]) def write_file(self, output_file): + """Generate the pretty-printer function code from the gathered + constant definitions.""" data = {} - data['status_cases'] = self.make_status_cases() - data['ecc_curve_cases'] = self.make_ecc_curve_cases() - data['dh_group_cases'] = self.make_dh_group_cases() - data['key_type_cases'] = self.make_key_type_cases() - data['key_type_code'] = (self.make_ecc_key_type_code() + - self.make_dh_key_type_code()) - data['hash_algorithm_cases'] = self.make_hash_algorithm_cases() - data['ka_algorithm_cases'] = self.make_ka_algorithm_cases() - data['algorithm_cases'] = self.make_algorithm_cases() - data['algorithm_code'] = self.make_algorithm_code() - data['key_usage_code'] = self.make_key_usage_code() - output_file.write(output_template % data) + data['status_cases'] = self._make_status_cases() + data['ecc_curve_cases'] = self._make_ecc_curve_cases() + data['dh_group_cases'] = self._make_dh_group_cases() + data['key_type_cases'] = self._make_key_type_cases() + data['key_type_code'] = (self._make_ecc_key_type_code() + + self._make_dh_key_type_code()) + data['hash_algorithm_cases'] = self._make_hash_algorithm_cases() + data['ka_algorithm_cases'] = self._make_ka_algorithm_cases() + data['algorithm_cases'] = self._make_algorithm_cases() + data['algorithm_code'] = self._make_algorithm_code() + data['key_usage_code'] = self._make_key_usage_code() + output_file.write(OUTPUT_TEMPLATE % data) def generate_psa_constants(header_file_names, output_file_name): collector = MacroCollector() diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index cbe68b10d..43056bca3 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -44,10 +44,10 @@ snippet annotates the exception with the file name and line number.''' self.line_number = line_number yield content self.line_number = 'exit' - def __exit__(self, type, value, traceback): - if type is not None: + def __exit__(self, exc_type, exc_value, exc_traceback): + if exc_type is not None: raise ReadFileLineException(self.filename, self.line_number) \ - from value + from exc_value class Inputs: '''Accumulate information about macros to test. @@ -98,7 +98,8 @@ Call this after parsing all the inputs.''' self.arguments_for['curve'] = sorted(self.ecc_curves) self.arguments_for['group'] = sorted(self.dh_groups) - def format_arguments(self, name, arguments): + @staticmethod + def _format_arguments(name, arguments): '''Format a macro call with arguments..''' return name + '(' + ', '.join(arguments) + ')' @@ -117,51 +118,56 @@ where each argument takes each possible value at least once.''' return argument_lists = [self.arguments_for[arg] for arg in argspec] arguments = [values[0] for values in argument_lists] - yield self.format_arguments(name, arguments) + yield self._format_arguments(name, arguments) for i in range(len(arguments)): for value in argument_lists[i][1:]: arguments[i] = value - yield self.format_arguments(name, arguments) + yield self._format_arguments(name, arguments) arguments[i] = argument_lists[0][0] except BaseException as e: raise Exception('distribute_arguments({})'.format(name)) from e + _argument_split_re = re.compile(r' *, *') + @classmethod + def _argument_split(cls, arguments): + return re.split(cls._argument_split_re, arguments) + # Regex for interesting header lines. # Groups: 1=macro name, 2=type, 3=argument list (optional). - header_line_re = \ + _header_line_re = \ re.compile(r'#define +' + r'(PSA_((?:KEY_)?[A-Z]+)_\w+)' + r'(?:\(([^\n()]*)\))?') # Regex of macro names to exclude. - excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') + _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') # Additional excluded macros. # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script # currently doesn't support them. Deprecated errors are also excluded. - excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', - 'PSA_ALG_FULL_LENGTH_MAC', - 'PSA_ALG_ECDH', - 'PSA_ALG_FFDH', - 'PSA_ERROR_UNKNOWN_ERROR', - 'PSA_ERROR_OCCUPIED_SLOT', - 'PSA_ERROR_EMPTY_SLOT', - 'PSA_ERROR_INSUFFICIENT_CAPACITY', + _excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', + 'PSA_ALG_FULL_LENGTH_MAC', + 'PSA_ALG_ECDH', + 'PSA_ALG_FFDH', + 'PSA_ERROR_UNKNOWN_ERROR', + 'PSA_ERROR_OCCUPIED_SLOT', + 'PSA_ERROR_EMPTY_SLOT', + 'PSA_ERROR_INSUFFICIENT_CAPACITY', ]) - argument_split_re = re.compile(r' *, *') + def parse_header_line(self, line): '''Parse a C header line, looking for "#define PSA_xxx".''' - m = re.match(self.header_line_re, line) + m = re.match(self._header_line_re, line) if not m: return name = m.group(1) - if re.search(self.excluded_name_re, name) or \ - name in self.excluded_names: + if re.search(self._excluded_name_re, name) or \ + name in self._excluded_names: return dest = self.table_by_prefix.get(m.group(2)) if dest is None: return dest.add(name) if m.group(3): - self.argspecs[name] = re.split(self.argument_split_re, m.group(3)) + self.argspecs[name] = self._argument_split(m.group(3)) def parse_header(self, filename): '''Parse a C header file, looking for "#define PSA_xxx".''' @@ -193,12 +199,12 @@ where each argument takes each possible value at least once.''' # Regex matching a *.data line containing a test function call and # its arguments. The actual definition is partly positional, but this # regex is good enough in practice. - test_case_line_re = re.compile('(?!depends_on:)(\w+):([^\n :][^:\n]*)') + _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)') def parse_test_cases(self, filename): '''Parse a test case file (*.data), looking for algorithm metadata tests.''' with read_file_lines(filename) as lines: for line in lines: - m = re.match(self.test_case_line_re, line) + m = re.match(self._test_case_line_re, line) if m: self.add_test_case_line(m.group(1), m.group(2)) @@ -221,9 +227,9 @@ def remove_file_if_exists(filename): except: pass -def run_c(options, type, names): +def run_c(options, type_word, names): '''Generate and run a program to print out numerical values for names.''' - if type == 'status': + if type_word == 'status': cast_to = 'long' printf_format = '%ld' else: @@ -232,7 +238,7 @@ def run_c(options, type, names): c_name = None exe_name = None try: - c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type), + c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type_word), suffix='.c', dir='programs/psa') exe_suffix = '.exe' if platform.system() == 'Windows' else '' @@ -240,7 +246,7 @@ def run_c(options, type, names): remove_file_if_exists(exe_name) c_file = os.fdopen(c_fd, 'w', encoding='ascii') c_file.write('/* Generated by test_psa_constant_names.py for {} values */' - .format(type)) + .format(type_word)) c_file.write(''' #include #include @@ -260,7 +266,7 @@ int main(void) ['-o', exe_name, c_name]) if options.keep_c: sys.stderr.write('List of {} tests kept at {}\n' - .format(type, c_name)) + .format(type_word, c_name)) else: os.remove(c_name) output = subprocess.check_output([exe_name]) @@ -268,31 +274,31 @@ int main(void) finally: remove_file_if_exists(exe_name) -normalize_strip_re = re.compile(r'\s+') +NORMALIZE_STRIP_RE = re.compile(r'\s+') def normalize(expr): '''Normalize the C expression so as not to care about trivial differences. Currently "trivial differences" means whitespace.''' - expr = re.sub(normalize_strip_re, '', expr, len(expr)) + expr = re.sub(NORMALIZE_STRIP_RE, '', expr, len(expr)) return expr.strip().split('\n') -def do_test(options, inputs, type, names): +def do_test(options, inputs, type_word, names): '''Test psa_constant_names for the specified type. Run program on names. Use inputs to figure out what arguments to pass to macros that take arguments.''' names = sorted(itertools.chain(*map(inputs.distribute_arguments, names))) - values = run_c(options, type, names) - output = subprocess.check_output([options.program, type] + values) + values = run_c(options, type_word, names) + output = subprocess.check_output([options.program, type_word] + values) outputs = output.decode('ascii').strip().split('\n') - errors = [(type, name, value, output) + errors = [(type_word, name, value, output) for (name, value, output) in zip(names, values, outputs) if normalize(name) != normalize(output)] return len(names), errors def report_errors(errors): '''Describe each case where the output is not as expected.''' - for type, name, value, output in errors: + for type_word, name, value, output in errors: print('For {} "{}", got "{}" (value: {})' - .format(type, name, output, value)) + .format(type_word, name, output, value)) def run_tests(options, inputs): '''Run psa_constant_names on all the gathered inputs. @@ -301,13 +307,13 @@ that were tested and errors is the list of cases where the output was not as expected.''' count = 0 errors = [] - for type, names in [('status', inputs.statuses), - ('algorithm', inputs.algorithms), - ('ecc_curve', inputs.ecc_curves), - ('dh_group', inputs.dh_groups), - ('key_type', inputs.key_types), - ('key_usage', inputs.key_usage_flags)]: - c, e = do_test(options, inputs, type, names) + for type_word, names in [('status', inputs.statuses), + ('algorithm', inputs.algorithms), + ('ecc_curve', inputs.ecc_curves), + ('dh_group', inputs.dh_groups), + ('key_type', inputs.key_types), + ('key_usage', inputs.key_usage_flags)]: + c, e = do_test(options, inputs, type_word, names) count += c errors += e return count, errors From 54f544581a2c213699a9e9930a70e29b8b401eea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 18:31:59 +0200 Subject: [PATCH 1320/2197] Pacify Pylint Pass Pylint by cleaning up the code where possible and silencing Pylint where I know better. No behavior change. --- scripts/generate_psa_constants.py | 6 ++---- tests/scripts/test_psa_constant_names.py | 13 +++++++++++-- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index d772a77fe..9def42a86 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -8,7 +8,6 @@ of that program. import os import re -import sys OUTPUT_TEMPLATE = '''\ /* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ @@ -224,12 +223,11 @@ class MacroCollector: return elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \ and not parameter: - if name in [ - 'PSA_ERROR_UNKNOWN_ERROR', + if name in ['PSA_ERROR_UNKNOWN_ERROR', 'PSA_ERROR_OCCUPIED_SLOT', 'PSA_ERROR_EMPTY_SLOT', 'PSA_ERROR_INSUFFICIENT_CAPACITY', - ]: + ]: # Ad hoc skipping of deprecated error codes, which share # numerical values with non-deprecated error codes return diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 43056bca3..1f08721a7 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -23,6 +23,8 @@ class ReadFileLineException(Exception): self.line_number = line_number class read_file_lines: + # Dear Pylint, conventionally, a context manager class name is lowercase. + # pylint: disable=invalid-name,too-few-public-methods '''Context manager to read a text file line by line. with read_file_lines(filename) as lines: for line in lines: @@ -36,6 +38,7 @@ snippet annotates the exception with the file name and line number.''' def __init__(self, filename): self.filename = filename self.line_number = 'entry' + self.generator = None def __enter__(self): self.generator = enumerate(open(self.filename, 'r')) return self @@ -119,6 +122,9 @@ where each argument takes each possible value at least once.''' argument_lists = [self.arguments_for[arg] for arg in argspec] arguments = [values[0] for values in argument_lists] yield self._format_arguments(name, arguments) + # Dear Pylint, enumerate won't work here since we're modifying + # the array. + # pylint: disable=consider-using-enumerate for i in range(len(arguments)): for value in argument_lists[i][1:]: arguments[i] = value @@ -224,7 +230,7 @@ def remove_file_if_exists(filename): return try: os.remove(filename) - except: + except OSError: pass def run_c(options, type_word, names): @@ -318,7 +324,7 @@ not as expected.''' errors += e return count, errors -if __name__ == '__main__': +def main(): parser = argparse.ArgumentParser(description=globals()['__doc__']) parser.add_argument('--include', '-I', action='append', default=['include'], @@ -344,3 +350,6 @@ if __name__ == '__main__': else: print('{} test cases, {} FAIL'.format(count, len(errors))) exit(1) + +if __name__ == '__main__': + main() From 8b0f9e63882d5b153b91e325c15bb2f9b7e64cd3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 31 May 2019 17:28:59 +0100 Subject: [PATCH 1321/2197] Allow DHM selftest to run if MBEDTLS_PEM_PARSE_C is unset If MBEDTLS_PEM_PARSE_C is unset, the DHM selftest fails because it uses PEM encoded test data. This commit fixes this by providing the DER encoded form of the test data instead in case MBEDTLS_PEM_PARSE_C is unset. --- library/dhm.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/library/dhm.c b/library/dhm.c index fb6937e85..8255632a9 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -649,12 +649,28 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) #if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PEM_PARSE_C) static const char mbedtls_test_dhm_params[] = "-----BEGIN DH PARAMETERS-----\r\n" "MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" "1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" "9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" "-----END DH PARAMETERS-----\r\n"; +#else /* MBEDTLS_PEM_PARSE_C */ +static const char mbedtls_test_dhm_params[] = { + 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44, + 0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d, + 0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3, + 0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1, + 0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18, + 0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a, + 0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1, + 0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6, + 0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64, + 0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8, + 0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f, + 0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 }; +#endif /* MBEDTLS_PEM_PARSE_C */ static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params ); From a3b93ff89345c3294815d435595d709dee922174 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Jun 2019 11:23:56 +0200 Subject: [PATCH 1322/2197] Make docstring style consistent Use PEP 257 indented docstring style, mostly: always with """, with the terminating """ on a separate line if the docstring is more than one line, and with all lines indented to the opening """. This commit does not change the text to keep the first paragraph single-line. --- scripts/generate_psa_constants.py | 12 +-- tests/scripts/test_psa_constant_names.py | 94 ++++++++++++++---------- 2 files changed, 62 insertions(+), 44 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 9def42a86..bf76c2d7b 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -187,9 +187,9 @@ BIT_TEST_TEMPLATE = '''\ class MacroCollector: """Collect PSA crypto macro definitions from C header files. -1. Call `read_file` on the input header file(s). -2. Call `write_file` to write ``psa_constant_names_generated.c``. -""" + 1. Call `read_file` on the input header file(s). + 2. Call `write_file` to write ``psa_constant_names_generated.c``. + """ def __init__(self): self.statuses = set() @@ -212,7 +212,8 @@ class MacroCollector: def read_line(self, line): """Parse a C header line and record the PSA identifier it defines if any. This function analyzes lines that start with "#define PSA_" - (up to non-significant whitespace) and skips all non-matching lines.""" + (up to non-significant whitespace) and skips all non-matching lines. + """ # pylint: disable=too-many-branches m = re.match(self.definition_re, line) if not m: @@ -356,7 +357,8 @@ class MacroCollector: def write_file(self, output_file): """Generate the pretty-printer function code from the gathered - constant definitions.""" + constant definitions. + """ data = {} data['status_cases'] = self._make_status_cases() data['ecc_curve_cases'] = self._make_ecc_curve_cases() diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 1f08721a7..d248ade18 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -1,10 +1,11 @@ #!/usr/bin/env python3 -'''Test the program psa_constant_names. +"""Test the program psa_constant_names. Gather constant names from header files and test cases. Compile a C program to print out their numerical values, feed these numerical values to psa_constant_names, and check that the output is the original name. Return 0 if all test cases pass, 1 if the output was not always as expected, -or 1 (with a Python backtrace) if there was an operational error.''' +or 1 (with a Python backtrace) if there was an operational error. +""" import argparse import itertools @@ -25,16 +26,22 @@ class ReadFileLineException(Exception): class read_file_lines: # Dear Pylint, conventionally, a context manager class name is lowercase. # pylint: disable=invalid-name,too-few-public-methods - '''Context manager to read a text file line by line. -with read_file_lines(filename) as lines: - for line in lines: - process(line) -is equivalent to -with open(filename, 'r') as input_file: - for line in input_file: - process(line) -except that if process(line) raises an exception, then the read_file_lines -snippet annotates the exception with the file name and line number.''' + """Context manager to read a text file line by line. + + ``` + with read_file_lines(filename) as lines: + for line in lines: + process(line) + ``` + is equivalent to + ``` + with open(filename, 'r') as input_file: + for line in input_file: + process(line) + ``` + except that if process(line) raises an exception, then the read_file_lines + snippet annotates the exception with the file name and line number. + """ def __init__(self, filename): self.filename = filename self.line_number = 'entry' @@ -53,9 +60,11 @@ snippet annotates the exception with the file name and line number.''' from exc_value class Inputs: - '''Accumulate information about macros to test. -This includes macro names as well as information about their arguments -when applicable.''' + """Accumulate information about macros to test. + This includes macro names as well as information about their arguments + when applicable. + """ + def __init__(self): # Sets of names per type self.statuses = set(['PSA_SUCCESS']) @@ -91,8 +100,9 @@ when applicable.''' } def gather_arguments(self): - '''Populate the list of values for macro arguments. -Call this after parsing all the inputs.''' + """Populate the list of values for macro arguments. + Call this after parsing all the inputs. + """ self.arguments_for['hash_alg'] = sorted(self.hash_algorithms) self.arguments_for['mac_alg'] = sorted(self.mac_algorithms) self.arguments_for['ka_alg'] = sorted(self.ka_algorithms) @@ -103,14 +113,16 @@ Call this after parsing all the inputs.''' @staticmethod def _format_arguments(name, arguments): - '''Format a macro call with arguments..''' + """Format a macro call with arguments..""" return name + '(' + ', '.join(arguments) + ')' def distribute_arguments(self, name): - '''Generate macro calls with each tested argument set. -If name is a macro without arguments, just yield "name". -If name is a macro with arguments, yield a series of "name(arg1,...,argN)" -where each argument takes each possible value at least once.''' + """Generate macro calls with each tested argument set. + If name is a macro without arguments, just yield "name". + If name is a macro with arguments, yield a series of + "name(arg1,...,argN)" where each argument takes each possible + value at least once. + """ try: if name not in self.argspecs: yield name @@ -160,7 +172,7 @@ where each argument takes each possible value at least once.''' ]) def parse_header_line(self, line): - '''Parse a C header line, looking for "#define PSA_xxx".''' + """Parse a C header line, looking for "#define PSA_xxx".""" m = re.match(self._header_line_re, line) if not m: return @@ -176,13 +188,13 @@ where each argument takes each possible value at least once.''' self.argspecs[name] = self._argument_split(m.group(3)) def parse_header(self, filename): - '''Parse a C header file, looking for "#define PSA_xxx".''' + """Parse a C header file, looking for "#define PSA_xxx".""" with read_file_lines(filename) as lines: for line in lines: self.parse_header_line(line) def add_test_case_line(self, function, argument): - '''Parse a test case data line, looking for algorithm metadata tests.''' + """Parse a test case data line, looking for algorithm metadata tests.""" if function.endswith('_algorithm'): # As above, ECDH and FFDH algorithms are excluded for now. # Support for them will be added in the future. @@ -207,7 +219,7 @@ where each argument takes each possible value at least once.''' # regex is good enough in practice. _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)') def parse_test_cases(self, filename): - '''Parse a test case file (*.data), looking for algorithm metadata tests.''' + """Parse a test case file (*.data), looking for algorithm metadata tests.""" with read_file_lines(filename) as lines: for line in lines: m = re.match(self._test_case_line_re, line) @@ -215,7 +227,7 @@ where each argument takes each possible value at least once.''' self.add_test_case_line(m.group(1), m.group(2)) def gather_inputs(headers, test_suites): - '''Read the list of inputs to test psa_constant_names with.''' + """Read the list of inputs to test psa_constant_names with.""" inputs = Inputs() for header in headers: inputs.parse_header(header) @@ -225,7 +237,7 @@ def gather_inputs(headers, test_suites): return inputs def remove_file_if_exists(filename): - '''Remove the specified file, ignoring errors.''' + """Remove the specified file, ignoring errors.""" if not filename: return try: @@ -234,7 +246,7 @@ def remove_file_if_exists(filename): pass def run_c(options, type_word, names): - '''Generate and run a program to print out numerical values for names.''' + """Generate and run a program to print out numerical values for names.""" if type_word == 'status': cast_to = 'long' printf_format = '%ld' @@ -282,15 +294,18 @@ int main(void) NORMALIZE_STRIP_RE = re.compile(r'\s+') def normalize(expr): - '''Normalize the C expression so as not to care about trivial differences. -Currently "trivial differences" means whitespace.''' + """Normalize the C expression so as not to care about trivial differences. + Currently "trivial differences" means whitespace. + """ expr = re.sub(NORMALIZE_STRIP_RE, '', expr, len(expr)) return expr.strip().split('\n') def do_test(options, inputs, type_word, names): - '''Test psa_constant_names for the specified type. -Run program on names. -Use inputs to figure out what arguments to pass to macros that take arguments.''' + """Test psa_constant_names for the specified type. + Run program on names. + Use inputs to figure out what arguments to pass to macros that + take arguments. + """ names = sorted(itertools.chain(*map(inputs.distribute_arguments, names))) values = run_c(options, type_word, names) output = subprocess.check_output([options.program, type_word] + values) @@ -301,16 +316,17 @@ Use inputs to figure out what arguments to pass to macros that take arguments.'' return len(names), errors def report_errors(errors): - '''Describe each case where the output is not as expected.''' + """Describe each case where the output is not as expected.""" for type_word, name, value, output in errors: print('For {} "{}", got "{}" (value: {})' .format(type_word, name, output, value)) def run_tests(options, inputs): - '''Run psa_constant_names on all the gathered inputs. -Return a tuple (count, errors) where count is the total number of inputs -that were tested and errors is the list of cases where the output was -not as expected.''' + """Run psa_constant_names on all the gathered inputs. + Return a tuple (count, errors) where count is the total number of inputs + that were tested and errors is the list of cases where the output was + not as expected. + """ count = 0 errors = [] for type_word, names in [('status', inputs.statuses), From 5163a929658e8a4da11a0df1f09327fd0705ec8c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 14:52:34 +0200 Subject: [PATCH 1323/2197] Remove spurious obsolete function call --- programs/psa/crypto_examples.c | 3 --- programs/psa/key_ladder_demo.c | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 1a81f45f8..f156b7b26 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -206,9 +206,6 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) status = psa_generate_random( input, sizeof( input ) ); ASSERT_STATUS( status, PSA_SUCCESS ); - status = psa_allocate_key( &key_handle ); - ASSERT_STATUS( status, PSA_SUCCESS ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); psa_set_key_algorithm( &attributes, alg ); diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 36d7b5dcb..af7be1e0a 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -260,7 +260,7 @@ exit: mbedtls_platform_zeroize( key_data, sizeof( key_data ) ); if( status != PSA_SUCCESS ) { - /* If psa_allocate_key hasn't been called yet or has failed, + /* If the key creation hasn't happened yet or has failed, * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do * nothing and return PSA_ERROR_INVALID_HANDLE. */ (void) psa_destroy_key( *master_key_handle ); From baea7aac89e695517cd35d06352af3cb802bd7a0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 14:53:07 +0200 Subject: [PATCH 1324/2197] Convert remaining obsolete function call --- .../test_suite_psa_crypto_slot_management.function | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 3bc9f7885..db4632810 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -584,8 +584,6 @@ void invalid_handle( ) { psa_key_handle_t handle1 = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t read_type; - size_t read_bits; uint8_t material[1] = "a"; PSA_ASSERT( psa_crypto_init( ) ); @@ -608,9 +606,10 @@ void invalid_handle( ) TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); /* After all this, check that the original handle is intact. */ - PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) ); - TEST_EQUAL( read_type, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( read_bits, PSA_BYTES_TO_BITS( sizeof( material ) ) ); + PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL( psa_get_key_bits( &attributes ), + PSA_BYTES_TO_BITS( sizeof( material ) ) ); PSA_ASSERT( psa_close_key( handle1 ) ); exit: From f46f81ceb5d61789fb3c865861ef97b861af253e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 14:53:10 +0200 Subject: [PATCH 1325/2197] Remove obsolete key creation functions Remove the key creation functions from before the attribute-based API, i.e. the key creation functions that worked by allocating a slot, then setting metadata through the handle and finally creating key material. --- include/psa/crypto_extra.h | 242 ---------------------- library/psa_crypto.c | 297 --------------------------- library/psa_crypto_slot_management.c | 15 -- library/psa_crypto_slot_management.h | 10 + 4 files changed, 10 insertions(+), 554 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b3ec54fb2..56e053604 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -247,248 +247,6 @@ psa_status_t psa_key_derivation(psa_key_derivation_operation_t *operation, /* FIXME Deprecated. Remove this as soon as all the tests are updated. */ #define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) -/** \defgroup policy Key policies - * @{ - * - * The functions in this section are legacy interfaces where the properties - * of a key object are set after allocating a handle, in constrast with the - * preferred interface where key objects are created atomically from - * a structure that represents the properties. - */ - -/** \def PSA_KEY_POLICY_INIT - * - * This macro returns a suitable initializer for a key policy object of type - * #psa_key_policy_t. - */ -#ifdef __DOXYGEN_ONLY__ -/* This is an example definition for documentation purposes. - * Implementations should define a suitable value in `crypto_struct.h`. - */ -#define PSA_KEY_POLICY_INIT {0} -#endif - -/** Return an initial value for a key policy that forbids all usage of the key. - */ -static psa_key_policy_t psa_key_policy_init(void); - -/** \brief Set the standard fields of a policy structure. - * - * Note that this function does not make any consistency check of the - * parameters. The values are only checked when applying the policy to - * a key with psa_set_key_policy(). - * - * \param[in,out] policy The key policy to modify. It must have been - * initialized as per the documentation for - * #psa_key_policy_t. - * \param usage The permitted uses for the key. - * \param alg The algorithm that the key may be used for. - */ -void psa_key_policy_set_usage(psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg); - -/** \brief Retrieve the usage field of a policy structure. - * - * \param[in] policy The policy object to query. - * - * \return The permitted uses for a key with this policy. - */ -psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy); - -/** \brief Retrieve the algorithm field of a policy structure. - * - * \param[in] policy The policy object to query. - * - * \return The permitted algorithm for a key with this policy. - */ -psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy); - -/** \brief Set the usage policy for a key. - * - * This function must be called on a key handle before importing, - * generating or creating a key. Changing the policy of an - * existing key is not permitted. - * - * Implementations may set restrictions on supported key policies - * depending on the key type. - * - * \param handle Handle to the key whose policy is to be changed. - * \param[in] policy The policy object to query. - * - * \retval #PSA_SUCCESS - * Success. - * If the key is persistent, it is implementation-defined whether - * the policy has been saved to persistent storage. Implementations - * may defer saving the policy until the key material is created. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_set_key_policy(psa_key_handle_t handle, - const psa_key_policy_t *policy); - -/** \brief Get the usage policy for a key. - * - * \param handle Handle to the key whose policy is being queried. - * \param[out] policy On success, the key's policy. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_policy(psa_key_handle_t handle, - psa_key_policy_t *policy); - -/**@}*/ - -/** \defgroup to_handle Key creation to allocated handle - * @{ - * - * The functions in this section are legacy interfaces where the properties - * of a key object are set after allocating a handle, in constrast with the - * preferred interface where key objects are created atomically from - * a structure that represents the properties. - */ - -/** Create a new persistent key. - * - * Create a new persistent key and return a handle to it. The handle - * remains valid until the application calls psa_close_key() or terminates. - * The application can open the key again with psa_open_key() until it - * removes the key by calling psa_destroy_key(). - * - * \param lifetime The lifetime of the key. This designates a storage - * area where the key material is stored. This must not - * be #PSA_KEY_LIFETIME_VOLATILE. - * \param id The persistent identifier of the key. - * \param[out] handle On success, a handle to the newly created key. - * When key material is later created in this key, - * it will be saved to the specified persistent location. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * for key operations. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * There is already a key with the identifier \p id in the storage - * area designated by \p lifetime. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is invalid for the specified lifetime. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \p lifetime is not supported. - * \retval #PSA_ERROR_NOT_PERMITTED - * \p lifetime is valid, but the application does not have the - * permission to create a key there. - */ -psa_status_t psa_create_key(psa_key_lifetime_t lifetime, - psa_key_id_t id, - psa_key_handle_t *handle); - -/** Allocate space for a transient key, i.e. a key which is only stored - * in volatile memory. - * - * The allocated key and its handle remain valid until the - * application calls psa_close_key() or psa_destroy_key() or until the - * application terminates. - * - * \param[out] handle On success, a handle to a volatile key. - * - * \retval #PSA_SUCCESS - * Success. The application can now use the value of `*handle` - * to refer to the key. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * There was not enough memory, or the maximum number of transient keys - * has been reached. - */ -psa_status_t psa_allocate_key(psa_key_handle_t *handle); - -/** - * \brief Get basic metadata about a key. - * - * \param handle Handle to the key to query. - * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value). - * This may be a null pointer, in which case the key type - * is not written. - * \param[out] bits On success, the key size in bits. - * This may be a null pointer, in which case the key size - * is not written. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST - * The handle does not contain a key. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_information(psa_key_handle_t handle, - psa_key_type_t *type, - size_t *bits); - -/** \brief Retrieve the lifetime of an open key. - * - * \param handle Handle to query. - * \param[out] lifetime On success, the lifetime value. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_get_key_lifetime_from_handle(psa_key_handle_t handle, - psa_key_lifetime_t *lifetime); - -psa_status_t psa_import_key_to_handle(psa_key_handle_t handle, - psa_key_type_t type, - const uint8_t *data, - size_t data_length); - -psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, - psa_key_handle_t target_handle, - const psa_key_policy_t *constraint); - -psa_status_t psa_generate_derived_key_to_handle(psa_key_handle_t handle, - psa_key_type_t type, - size_t bits, - psa_key_derivation_operation_t *operation); - -psa_status_t psa_generate_key_to_handle(psa_key_handle_t handle, - psa_key_type_t type, - size_t bits, - const void *extra, - size_t extra_size); - -/**@}*/ - - /** \addtogroup crypto_types * @{ */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 768410c99..f4eb3a11f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -739,27 +739,6 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, return( status ); } -/* Retrieve an empty key slot (slot with no key data, but possibly - * with some metadata such as a policy or domain parameters). */ -static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, - psa_key_slot_t **p_slot ) -{ - psa_status_t status; - psa_key_slot_t *slot = NULL; - - *p_slot = NULL; - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - if( slot->type != PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_ALREADY_EXISTS ); - - *p_slot = slot; - return( status ); -} - /** Calculate the intersection of two algorithm usage policies. * * Return 0 (which allows no operation) on incompatibility. @@ -938,45 +917,6 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) return( status ); } -psa_status_t psa_import_key_to_handle( psa_key_handle_t handle, - psa_key_type_t type, - const uint8_t *data, - size_t data_length ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - status = psa_get_empty_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - slot->type = type; - - status = psa_import_key_into_slot( slot, data, data_length ); - if( status != PSA_SUCCESS ) - { - slot->type = PSA_KEY_TYPE_NONE; - return( status ); - } - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) - { - /* Store in file location */ - status = psa_save_persistent_key( slot->persistent_storage_id, - slot->type, &slot->policy, data, - data_length ); - if( status != PSA_SUCCESS ) - { - (void) psa_remove_key_data_from_memory( slot ); - slot->type = PSA_KEY_TYPE_NONE; - } - } -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - - return( status ); -} - psa_status_t psa_destroy_key( psa_key_handle_t handle ) { psa_key_slot_t *slot; @@ -1143,30 +1083,6 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, return( status ); } -psa_status_t psa_get_key_information( psa_key_handle_t handle, - psa_key_type_t *type, - size_t *bits ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - if( type != NULL ) - *type = 0; - if( bits != NULL ) - *bits = 0; - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - if( slot->type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_DOES_NOT_EXIST ); - if( type != NULL ) - *type = slot->type; - if( bits != NULL ) - *bits = psa_get_key_slot_bits( slot ); - return( PSA_SUCCESS ); -} - #if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) static int pk_write_pubkey_simple( mbedtls_pk_context *key, unsigned char *buf, size_t size ) @@ -1341,39 +1257,6 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, data_length, 1 ) ); } -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t *slot, - size_t bits ) -{ - psa_status_t status; - uint8_t *data; - size_t key_length; - size_t data_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, bits ); - data = mbedtls_calloc( 1, data_size ); - if( data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - /* Get key data in export format */ - status = psa_internal_export_key( slot, data, data_size, &key_length, 0 ); - if( status != PSA_SUCCESS ) - { - slot->type = PSA_KEY_TYPE_NONE; - goto exit; - } - /* Store in file location */ - status = psa_save_persistent_key( slot->persistent_storage_id, - slot->type, &slot->policy, - data, key_length ); - if( status != PSA_SUCCESS ) - { - slot->type = PSA_KEY_TYPE_NONE; - } -exit: - mbedtls_platform_zeroize( data, key_length ); - mbedtls_free( data ); - return( status ); -} -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - static psa_status_t psa_set_key_policy_internal( psa_key_slot_t *slot, const psa_key_policy_t *policy ) @@ -1623,41 +1506,6 @@ exit: return( status ); } -psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle, - psa_key_handle_t target_handle, - const psa_key_policy_t *constraint) -{ - psa_key_slot_t *source_slot = NULL; - psa_key_slot_t *target_slot = NULL; - psa_key_policy_t new_policy; - psa_status_t status; - status = psa_get_key_from_slot( source_handle, &source_slot, - PSA_KEY_USAGE_COPY, 0 ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_get_empty_key_slot( target_handle, &target_slot ); - if( status != PSA_SUCCESS ) - return( status ); - - new_policy = target_slot->policy; - status = psa_restrict_key_policy( &new_policy, &source_slot->policy ); - if( status != PSA_SUCCESS ) - return( status ); - if( constraint != NULL ) - { - status = psa_restrict_key_policy( &new_policy, constraint ); - if( status != PSA_SUCCESS ) - return( status ); - } - - status = psa_copy_key_material( source_slot, target_slot ); - if( status != PSA_SUCCESS ) - return( status ); - - target_slot->policy = new_policy; - return( PSA_SUCCESS ); -} - psa_status_t psa_copy_key( psa_key_handle_t source_handle, const psa_key_attributes_t *specified_attributes, psa_key_handle_t *target_handle ) @@ -3644,86 +3492,6 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) -/****************************************************************/ -/* Key Policy */ -/****************************************************************/ - -#if !defined(MBEDTLS_PSA_CRYPTO_SPM) -void psa_key_policy_set_usage( psa_key_policy_t *policy, - psa_key_usage_t usage, - psa_algorithm_t alg ) -{ - policy->usage = usage; - policy->alg = alg; -} - -psa_key_usage_t psa_key_policy_get_usage( const psa_key_policy_t *policy ) -{ - return( policy->usage ); -} - -psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy ) -{ - return( policy->alg ); -} -#endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */ - -psa_status_t psa_set_key_policy( psa_key_handle_t handle, - const psa_key_policy_t *policy ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - if( policy == NULL ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - status = psa_get_empty_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - return( psa_set_key_policy_internal( slot, policy ) ); -} - -psa_status_t psa_get_key_policy( psa_key_handle_t handle, - psa_key_policy_t *policy ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - if( policy == NULL ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - *policy = slot->policy; - - return( PSA_SUCCESS ); -} - - - -/****************************************************************/ -/* Key Lifetime */ -/****************************************************************/ - -psa_status_t psa_get_key_lifetime_from_handle( psa_key_handle_t handle, - psa_key_lifetime_t *lifetime ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - *lifetime = slot->lifetime; - - return( PSA_SUCCESS ); -} - - /****************************************************************/ /* AEAD */ @@ -4539,37 +4307,6 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut return( status ); } -psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, - psa_key_type_t type, - size_t bits, - psa_key_derivation_operation_t *operation ) -{ - uint8_t *data = NULL; - size_t bytes = PSA_BITS_TO_BYTES( bits ); - psa_status_t status; - - if( ! key_type_is_raw_bytes( type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( bits % 8 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - data = mbedtls_calloc( 1, bytes ); - if( data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - - status = psa_key_derivation_output_bytes( operation, data, bytes ); - if( status != PSA_SUCCESS ) - goto exit; -#if defined(MBEDTLS_DES_C) - if( type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( data, bytes ); -#endif /* MBEDTLS_DES_C */ - status = psa_import_key_to_handle( handle, type, data, bytes ); - -exit: - mbedtls_free( data ); - return( status ); -} - /****************************************************************/ @@ -5426,40 +5163,6 @@ static psa_status_t psa_generate_key_internal( return( PSA_SUCCESS ); } -psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle, - psa_key_type_t type, - size_t bits, - const void *extra, - size_t extra_size ) -{ - psa_key_slot_t *slot; - psa_status_t status; - -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - /* The old public exponent encoding is no longer supported. */ - if( extra_size != 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); -#endif - - status = psa_get_empty_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - slot->type = type; - status = psa_generate_key_internal( slot, bits, extra, extra_size ); - if( status != PSA_SUCCESS ) - slot->type = 0; - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) - { - return( psa_save_generated_persistent_key( slot, bits ) ); - } -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - - return( status ); -} - psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_handle_t *handle ) { diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3876f4b23..5251c19df 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -290,21 +290,6 @@ psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) id, handle, 0 ) ); } -psa_status_t psa_create_key( psa_key_lifetime_t lifetime, - psa_key_file_id_t id, - psa_key_handle_t *handle ) -{ - psa_status_t status; - - status = persistent_key_setup( lifetime, id, handle, 1 ); - switch( status ) - { - case PSA_SUCCESS: return( PSA_ERROR_ALREADY_EXISTS ); - case PSA_ERROR_DOES_NOT_EXIST: return( PSA_SUCCESS ); - default: return( status ); - } -} - psa_status_t psa_close_key( psa_key_handle_t handle ) { return( psa_internal_release_key_slot( handle ) ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 2e459d1a7..d31067c53 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -55,6 +55,16 @@ psa_status_t psa_initialize_key_slots( void ); * This does not affect persistent storage. */ void psa_wipe_all_key_slots( void ); +/** Allocate a key slot. + * + * \param[out] handle On success, a handle to a newly allocated key slot. + * 0 if an error occurs. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t psa_allocate_key( psa_key_handle_t *handle ); + /** Test whether the given parameters are acceptable for a persistent key. * * This function does not access the storage in any way. It only tests From d2d45c1738332114614d316a341900cbe16fcbcf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 14:53:13 +0200 Subject: [PATCH 1326/2197] Convert cipher and pk to PSA attribute-based key creation This fixes the build under MBEDTLS_USE_PSA_CRYPTO. --- library/cipher.c | 52 ++++++++++++----------------- library/pk.c | 33 ++++++++---------- library/pk_wrap.c | 46 ++++++++++++------------- library/pkwrite.c | 9 +++-- tests/suites/test_suite_pk.function | 36 ++++++++------------ 5 files changed, 74 insertions(+), 102 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 1f74fccb1..69079aae7 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -297,8 +297,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, psa_status_t status; psa_key_type_t key_type; - psa_key_usage_t key_usage; - psa_key_policy_t key_policy; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; /* PSA Crypto API only accepts byte-aligned keys. */ if( key_bitlen % 8 != 0 ) @@ -312,40 +311,33 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, ctx->cipher_info->type ); if( key_type == 0 ) return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - - /* Allocate a key slot to use. */ - status = psa_allocate_key( &cipher_psa->slot ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - - /* Indicate that we own the key slot and need to - * destroy it in mbedtls_cipher_free(). */ - cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; - - /* From that point on, the responsibility for destroying the - * key slot is on mbedtls_cipher_free(). This includes the case - * where the policy setup or key import below fail, as - * mbedtls_cipher_free() needs to be called in any case. */ - - /* Setup policy for the new key slot. */ - key_policy = psa_key_policy_init(); + psa_set_key_type( &attributes, key_type ); /* Mbed TLS' cipher layer doesn't enforce the mode of operation * (encrypt vs. decrypt): it is possible to setup a key for encryption * and use it for AEAD decryption. Until tests relying on this * are changed, allow any usage in PSA. */ - /* key_usage = mbedtls_psa_translate_cipher_operation( operation ); */ - key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; - psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg ); - status = psa_set_key_policy( cipher_psa->slot, &key_policy ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + psa_set_key_usage_flags( &attributes, + /* mbedtls_psa_translate_cipher_operation( operation ); */ + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, cipher_psa->alg ); - /* Populate new key slot. */ - status = psa_import_key_to_handle( cipher_psa->slot, - key_type, key, key_bytelen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + status = psa_import_key( &attributes, key, key_bytelen, + &cipher_psa->slot ); + switch( status ) + { + case PSA_SUCCESS: + break; + case PSA_ERROR_INSUFFICIENT_MEMORY: + return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + case PSA_ERROR_NOT_SUPPORTED: + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + default: + return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + } + /* Indicate that we own the key slot and need to + * destroy it in mbedtls_cipher_free(). */ + cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED; ctx->key_bitlen = key_bitlen; ctx->operation = operation; diff --git a/library/pk.c b/library/pk.c index bcf7e0a88..e93ccfdab 100644 --- a/library/pk.c +++ b/library/pk.c @@ -158,14 +158,17 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key ) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t *pk_ctx; psa_key_type_t type; if( ctx == NULL || ctx->pk_info != NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - if( PSA_SUCCESS != psa_get_key_information( key, &type, NULL ) ) + if( PSA_SUCCESS != psa_get_key_attributes( key, &attributes ) ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + type = psa_get_key_type( &attributes ); + psa_reset_key_attributes( &attributes ); /* Current implementation of can_do() relies on this. */ if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) @@ -589,19 +592,18 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) * Currently only works for EC private keys. */ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_handle_t *slot, + psa_key_handle_t *handle, psa_algorithm_t hash_alg ) { #if !defined(MBEDTLS_ECP_C) return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); #else - psa_key_handle_t key; const mbedtls_ecp_keypair *ec; unsigned char d[MBEDTLS_ECP_MAX_BYTES]; size_t d_len; psa_ecc_curve_t curve_id; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; - psa_key_policy_t policy; int ret; /* export the private key material in the format PSA wants */ @@ -617,29 +619,20 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); - /* allocate a key slot */ - if( PSA_SUCCESS != psa_allocate_key( &key ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + /* prepare the key attributes */ + psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); - /* set policy */ - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, - PSA_ALG_ECDSA(hash_alg) ); - if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) ) + /* import private key into PSA */ + if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, handle ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); - /* import private key in slot */ - if( PSA_SUCCESS != psa_import_key_to_handle( key, key_type, d, d_len ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); - - /* remember slot number to be destroyed later by caller */ - *slot = key; - /* make PK context wrap the key slot */ mbedtls_pk_free( pk ); mbedtls_pk_init( pk ); - return( mbedtls_pk_setup_opaque( pk, key ) ); + return( mbedtls_pk_setup_opaque( pk, *handle ) ); #endif /* MBEDTLS_ECP_C */ } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 0c7482571..5a699c030 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -546,9 +546,9 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len ) { int ret; - psa_key_handle_t key_slot; - psa_key_policy_t policy; - psa_key_type_t psa_type; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t key_handle = 0; + psa_status_t status; mbedtls_pk_context key; int key_len; /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */ @@ -576,23 +576,17 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( psa_md == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); psa_sig_md = PSA_ALG_ECDSA( psa_md ); - psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - if( ( ret = psa_allocate_key( &key_slot ) ) != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( ret ) ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, psa_sig_md ); - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md ); - if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS ) + status = psa_import_key( &attributes, + buf + sizeof( buf ) - key_len, key_len, + &key_handle ); + if( status != PSA_SUCCESS ) { - ret = mbedtls_psa_err_translate_pk( ret ); - goto cleanup; - } - - if( psa_import_key_to_handle( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len ) - != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; + ret = mbedtls_psa_err_translate_pk( status ); goto cleanup; } @@ -611,7 +605,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_asymmetric_verify( key_slot, psa_sig_md, + if( psa_asymmetric_verify( key_handle, psa_sig_md, hash, hash_len, buf, 2 * signature_part_size ) != PSA_SUCCESS ) @@ -628,7 +622,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, ret = 0; cleanup: - psa_destroy_key( key_slot ); + psa_destroy_key( key_handle ); return( ret ); } #else /* MBEDTLS_USE_PSA_CRYPTO */ @@ -898,10 +892,13 @@ static size_t pk_opaque_get_bitlen( const void *ctx ) { const psa_key_handle_t *key = (const psa_key_handle_t *) ctx; size_t bits; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if( PSA_SUCCESS != psa_get_key_information( *key, NULL, &bits ) ) + if( PSA_SUCCESS != psa_get_key_attributes( *key, &attributes ) ) return( 0 ); + bits = psa_get_key_bits( &attributes ); + psa_reset_key_attributes( &attributes ); return( bits ); } @@ -1002,8 +999,9 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { const psa_key_handle_t *key = (const psa_key_handle_t *) ctx; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); - size_t bits, buf_len; + size_t buf_len; psa_status_t status; /* PSA has its own RNG */ @@ -1014,11 +1012,11 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, * that information. Assume that the buffer is large enough for a * maximal-length signature with that key (otherwise the application is * buggy anyway). */ - status = psa_get_key_information( *key, NULL, &bits ); + status = psa_get_key_attributes( *key, &attributes ); if( status != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( status ) ); - - buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( bits ); + buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); + psa_reset_key_attributes( &attributes ); /* make the signature */ status = psa_asymmetric_sign( *key, alg, hash, hash_len, diff --git a/library/pkwrite.c b/library/pkwrite.c index b87f81b8b..438816078 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -246,17 +246,16 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si #if defined(MBEDTLS_USE_PSA_CRYPTO) if( pk_type == MBEDTLS_PK_OPAQUE ) { - psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; psa_key_handle_t handle; psa_ecc_curve_t curve; handle = *((psa_key_handle_t*) key->pk_ctx ); - - status = psa_get_key_information( handle, &key_type, - NULL /* bitsize not needed */ ); - if( status != PSA_SUCCESS ) + if( PSA_SUCCESS != psa_get_key_attributes( handle, &attributes ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + key_type = psa_get_key_type( &attributes ); + psa_reset_key_attributes( &attributes ); curve = PSA_KEY_TYPE_GET_CURVE( key_type ); if( curve == 0 ) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index de90b47ea..fd923c286 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -69,37 +69,26 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) #include "mbedtls/psa_util.h" -#define PK_PSA_INVALID_SLOT 0 /* guaranteed invalid */ - /* - * Generate a key in a free key slot and return this key slot, - * or PK_PSA_INVALID_SLOT if no slot was available. + * Generate a key using PSA and return a handle to that key, + * or 0 if the key generation failed. * The key uses NIST P-256 and is usable for signing with SHA-256. */ psa_key_handle_t pk_psa_genkey( void ) { psa_key_handle_t key; - + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const int curve = PSA_ECC_CURVE_SECP256R1; const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve); const size_t bits = 256; - psa_key_policy_t policy; - /* Allocate a key slot */ - if( PSA_SUCCESS != psa_allocate_key( &key ) ) - return( PK_PSA_INVALID_SLOT ); - - /* set up policy on key slot */ - policy = psa_key_policy_init(); - psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, - PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); - if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) ) - return( PK_PSA_INVALID_SLOT ); - - /* generate key */ - if( PSA_SUCCESS != psa_generate_key_to_handle( key, type, bits, NULL, 0 ) ) - return( PK_PSA_INVALID_SLOT ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); + psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, bits ); + PSA_ASSERT( psa_generate_key( &attributes, &key ) ); +exit: return( key ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -115,6 +104,7 @@ void pk_psa_utils( ) { mbedtls_pk_context pk, pk2; psa_key_handle_t key; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const char * const name = "Opaque"; const size_t bitlen = 256; /* harcoded in genkey() */ @@ -136,7 +126,8 @@ void pk_psa_utils( ) mbedtls_pk_init( &pk ); key = pk_psa_genkey(); - TEST_ASSERT( key != 0 ); + if( key == 0 ) + goto exit; TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); @@ -173,7 +164,7 @@ void pk_psa_utils( ) /* test that freeing the context does not destroy the key */ mbedtls_pk_free( &pk ); - TEST_ASSERT( PSA_SUCCESS == psa_get_key_information( key, NULL, NULL ) ); + TEST_ASSERT( PSA_SUCCESS == psa_get_key_attributes( key, &attributes ) ); TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); exit: @@ -1233,7 +1224,6 @@ void pk_psa_sign( ) pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy; /* Turn PK context into an opaque one. */ - TEST_ASSERT( psa_allocate_key( &handle ) == PSA_SUCCESS ); TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle, PSA_ALG_SHA_256 ) == 0 ); From 1139249bfaa82636bb1cbeab23a5abb1dffc11da Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 14:53:19 +0200 Subject: [PATCH 1327/2197] Don't refer to PSA keys as slots anymore The PSA documentation no longer uses the word "slot", so using it in the Mbed Crypto documentation would be misleading. --- include/mbedtls/cipher_internal.h | 13 ++++++------- include/mbedtls/pk.h | 29 +++++++++++++++-------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index d71133900..8ea2a9882 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -124,14 +124,13 @@ typedef enum MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ /* use raw key material internally imported */ - /* into a allocated key slot, and which */ - /* hence need to destroy that key slot */ - /* when they are no longer needed. */ + /* as a volatile key, and which hence need */ + /* to destroy that key when the context is */ + /* freed. */ MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts */ - /* which use a key from a key slot */ - /* provided by the user, and which */ - /* hence should not be destroyed when */ - /* the context is no longer needed. */ + /* which use a key provided by the */ + /* user, and which hence will not be */ + /* destroyed when the context is freed. */ } mbedtls_cipher_psa_key_ownership; typedef struct diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 24951a6e1..0e24b1a5e 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -217,7 +217,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ); * * \note For contexts that have been set up with * mbedtls_pk_setup_opaque(), this does not free the underlying - * key slot and you still need to call psa_destroy_key() + * PSA key and you still need to call psa_destroy_key() * independently if you want to destroy that key. */ void mbedtls_pk_free( mbedtls_pk_context *ctx ); @@ -259,21 +259,21 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** - * \brief Initialize a PK context to wrap a PSA key slot. + * \brief Initialize a PK context to wrap a PSA key. * * \note This function replaces mbedtls_pk_setup() for contexts - * that wrap a (possibly opaque) PSA key slot instead of + * that wrap a (possibly opaque) PSA key instead of * storing and manipulating the key material directly. * * \param ctx The context to initialize. It must be empty (type NONE). - * \param key The PSA key slot to wrap, which must hold an ECC key pair + * \param key The PSA key to wrap, which must hold an ECC key pair * (see notes below). * - * \note The wrapped key slot must remain valid as long as the + * \note The wrapped key must remain valid as long as the * wrapping PK context is in use, that is at least between * the point this function is called and the point * mbedtls_pk_free() is called on this context. The wrapped - * key slot might then be independently used or destroyed. + * key might then be independently used or destroyed. * * \note This function is currently only available for ECC key * pairs (that is, ECC keys containing private key material). @@ -281,7 +281,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * * \return \c 0 on success. * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input - * (context already used, invalid key slot). + * (context already used, invalid key handle). * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an * ECC key pair. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. @@ -788,7 +788,7 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** - * \brief Turn an EC key into an Opaque one + * \brief Turn an EC key into an opaque one. * * \warning This is a temporary utility function for tests. It might * change or be removed at any time without notice. @@ -796,18 +796,19 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); * \note Only ECDSA keys are supported so far. Signing with the * specified hash is the only allowed use of that key. * - * \param pk Input: the EC key to transfer to a PSA key slot. - * Output: a PK context wrapping that PSA key slot. - * \param slot Output: the chosen slot for storing the key. - * It's the caller's responsibility to destroy that slot - * after calling mbedtls_pk_free() on the PK context. + * \param pk Input: the EC key to import to a PSA key. + * Output: a PK context wrapping that PSA key. + * \param handle Output: a PSA key handle. + * It's the caller's responsibility to call + * psa_destroy_key() on that handle after calling + * mbedtls_pk_free() on the PK context. * \param hash_alg The hash algorithm to allow for use with that key. * * \return \c 0 if successful. * \return An Mbed TLS error code otherwise. */ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_handle_t *slot, + psa_key_handle_t *handle, psa_algorithm_t hash_alg ); #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 267c65666a1dbce3cd69df02419709b9b884d5b5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 19:01:54 +0200 Subject: [PATCH 1328/2197] Simplify key slot allocation Now that psa_allocate_key() is no longer a public function, expose psa_internal_allocate_key_slot() instead, which provides a pointer to the slot to its caller. --- library/psa_crypto.c | 5 +- library/psa_crypto_slot_management.c | 103 +++++++-------------------- library/psa_crypto_slot_management.h | 11 +-- 3 files changed, 32 insertions(+), 87 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f4eb3a11f..b3be2617b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1305,10 +1305,7 @@ static psa_status_t psa_start_key_creation( psa_status_t status; psa_key_slot_t *slot; - status = psa_allocate_key( handle ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_get_key_slot( *handle, p_slot ); + status = psa_internal_allocate_key_slot( handle, p_slot ); if( status != PSA_SUCCESS ) return( status ); slot = *p_slot; diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5251c19df..36900d92e 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -99,56 +99,25 @@ void psa_wipe_all_key_slots( void ) global_data.key_slots_initialized = 0; } -/** Find a free key slot and mark it as in use. - * - * \param[out] handle On success, a slot number that is not in use. This - * value can be used as a handle to the slot. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - */ -static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle ) +psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, + psa_key_slot_t **p_slot ) { + if( ! global_data.key_slots_initialized ) + return( PSA_ERROR_BAD_STATE ); + for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) { - psa_key_slot_t *slot = &global_data.key_slots[*handle - 1]; - if( ! slot->allocated ) + *p_slot = &global_data.key_slots[*handle - 1]; + if( ! ( *p_slot )->allocated ) { - slot->allocated = 1; + ( *p_slot )->allocated = 1; return( PSA_SUCCESS ); } } + *p_slot = NULL; return( PSA_ERROR_INSUFFICIENT_MEMORY ); } -/** Wipe a key slot and mark it as available. - * - * This does not affect persistent storage. - * - * \param handle The handle to the key slot to release. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_CORRUPTION_DETECTED - */ -static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - return( psa_wipe_key_slot( slot ) ); -} - -psa_status_t psa_allocate_key( psa_key_handle_t *handle ) -{ - *handle = 0; - return( psa_internal_allocate_key_slot( handle ) ); -} - #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) { @@ -194,41 +163,6 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id, else return( 0 ); } - -/** Declare a slot as persistent and load it from storage. - * - * This function may only be called immediately after a successful call - * to psa_internal_allocate_key_slot(). - * - * \param handle A handle to a key slot freshly allocated with - * psa_internal_allocate_key_slot(). - * - * \retval #PSA_SUCCESS - * The slot content was loaded successfully. - * \retval #PSA_ERROR_DOES_NOT_EXIST - * There is no content for this slot in persistent storage. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is not acceptable. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_STORAGE_FAILURE - */ -static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, - psa_key_file_id_t id ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - status = psa_get_key_slot( handle, &slot ); - if( status != PSA_SUCCESS ) - return( status ); - - slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT; - slot->persistent_storage_id = id; - status = psa_load_persistent_key_into_slot( slot ); - - return( status ); -} #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ psa_status_t psa_validate_persistent_key_parameters( @@ -259,6 +193,7 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, psa_status_t status; psa_status_t wanted_load_status = ( creating ? PSA_ERROR_DOES_NOT_EXIST : PSA_SUCCESS ); + psa_key_slot_t *slot; *handle = 0; @@ -267,14 +202,17 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, return( status ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - status = psa_internal_allocate_key_slot( handle ); + status = psa_internal_allocate_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); - status = psa_internal_make_key_persistent( *handle, id ); + slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT; + slot->persistent_storage_id = id; + + status = psa_load_persistent_key_into_slot( slot ); if( status != wanted_load_status ) { - psa_internal_release_key_slot( *handle ); + psa_wipe_key_slot( slot ); *handle = 0; } return( status ); @@ -292,7 +230,14 @@ psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) psa_status_t psa_close_key( psa_key_handle_t handle ) { - return( psa_internal_release_key_slot( handle ) ); + psa_status_t status; + psa_key_slot_t *slot; + + status = psa_get_key_slot( handle, &slot ); + if( status != PSA_SUCCESS ) + return( status ); + + return( psa_wipe_key_slot( slot ) ); } #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index d31067c53..aebe7db04 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -55,15 +55,18 @@ psa_status_t psa_initialize_key_slots( void ); * This does not affect persistent storage. */ void psa_wipe_all_key_slots( void ); -/** Allocate a key slot. +/** Find a free key slot and mark it as in use. * - * \param[out] handle On success, a handle to a newly allocated key slot. - * 0 if an error occurs. + * \param[out] handle On success, a slot number that is not in use. This + * value can be used as a handle to the slot. + * \param[out] p_slot On success, a pointer to the slot. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_allocate_key( psa_key_handle_t *handle ); +psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, + psa_key_slot_t **p_slot ); /** Test whether the given parameters are acceptable for a persistent key. * From 70e085a7d985da23d0d7662c1b7c4e338b0e7a42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 May 2019 19:04:07 +0200 Subject: [PATCH 1329/2197] Simplify psa_open_key Simplify psa_open_key now that the old method for key creation (returning a handle to a slot with no key material) no longer exists. --- library/psa_crypto_slot_management.c | 24 ++++++++---------------- 1 file changed, 8 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 36900d92e..0ffc2aae7 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -185,23 +185,19 @@ psa_status_t psa_validate_persistent_key_parameters( #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } -static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, - psa_key_file_id_t id, - psa_key_handle_t *handle, - int creating ) +psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) { +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_status_t status; - psa_status_t wanted_load_status = - ( creating ? PSA_ERROR_DOES_NOT_EXIST : PSA_SUCCESS ); psa_key_slot_t *slot; *handle = 0; - status = psa_validate_persistent_key_parameters( lifetime, id, creating ); + status = psa_validate_persistent_key_parameters( + PSA_KEY_LIFETIME_PERSISTENT, id, 0 ); if( status != PSA_SUCCESS ) return( status ); -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) status = psa_internal_allocate_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); @@ -210,24 +206,20 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, slot->persistent_storage_id = id; status = psa_load_persistent_key_into_slot( slot ); - if( status != wanted_load_status ) + if( status != PSA_SUCCESS ) { psa_wipe_key_slot( slot ); *handle = 0; } return( status ); + #else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - (void) wanted_load_status; + (void) id; + *handle = 0; return( PSA_ERROR_NOT_SUPPORTED ); #endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ } -psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) -{ - return( persistent_key_setup( PSA_KEY_LIFETIME_PERSISTENT, - id, handle, 0 ) ); -} - psa_status_t psa_close_key( psa_key_handle_t handle ) { psa_status_t status; From bfcae2e436a59d74fcc7d42e19253ebe622253e0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 5 Jun 2019 11:39:57 +0200 Subject: [PATCH 1330/2197] Improve documentation of psa_internal_allocate_key_slot --- library/psa_crypto_slot_management.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index aebe7db04..5c1bde146 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -57,8 +57,11 @@ void psa_wipe_all_key_slots( void ); /** Find a free key slot and mark it as in use. * - * \param[out] handle On success, a slot number that is not in use. This - * value can be used as a handle to the slot. + * \param[out] handle On success, a slot number that can be used as a + * handle to the slot. The selected slot was not + * in use before. This function marks it as in use + * and otherwise leaves it in a freshly-initialized + * state. * \param[out] p_slot On success, a pointer to the slot. * * \retval #PSA_SUCCESS From 7654161dbf622d797029a9ae2a4bfa0893787874 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 4 Jun 2019 17:14:43 +0100 Subject: [PATCH 1331/2197] psa: Add NV seed as an entropy source when needed When MBEDTLS_PSA_INJECT_ENTROPY is used, we now require also defining MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES. When MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES is defined, we do not add entropy sources by default. This includes the NV seed entropy source, which the PSA entropy injection API is built upon. The PSA entropy injection feature depends on using NV seed as an entropy source. Add NV seed as an entropy source for PSA entropy injection. Fixes e3dbdd8d9082 ("Gate entropy injection through a dedicated configuration option") --- library/psa_crypto.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c9ee8c990..3c318727f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4639,6 +4639,15 @@ psa_status_t psa_crypto_init( void ) /* Initialize the random generator. */ global_data.entropy_init( &global_data.entropy ); +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ + defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) + /* The PSA entropy injection feature depends on using NV seed as an entropy + * source. Add NV seed as an entropy source for PSA entropy injection. */ + mbedtls_entropy_add_source( &global_data.entropy, + mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG ); +#endif mbedtls_ctr_drbg_init( &global_data.ctr_drbg ); global_data.rng_state = RNG_INITIALIZED; status = mbedtls_to_psa_error( From 952f40962aedd53b3f0fe81a7eb922579a1d76e0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 May 2019 20:25:48 +0200 Subject: [PATCH 1332/2197] Create PSA-specific helper function file Create a specific file for helper functions that are related to the PSA API. The reason for a separate file is so that it can include , without forcing this header inclusion into every test suite. In this commit, psa_helpers.function doesn't need psa/crypto.h yet, but this will be the case in a subsequent commit. Move PSA_ASSERT to psa_helpers.function, since that's the sort of things it's for. Include "psa_helpers.function" from the PSA crypto tests. In the ITS test, don't include "psa_helpers". The ITS tests are meant to stand alone from the rest of the library. --- tests/Makefile | 1 + tests/psa_helpers.function | 39 +++++++++++++++++++ tests/suites/helpers.function | 8 ---- tests/suites/test_suite_pk.function | 7 +++- tests/suites/test_suite_psa_crypto.function | 6 +-- .../test_suite_psa_crypto_entropy.function | 2 +- .../test_suite_psa_crypto_hash.function | 6 +-- .../test_suite_psa_crypto_init.function | 6 +-- ...t_suite_psa_crypto_persistent_key.function | 4 +- ..._suite_psa_crypto_slot_management.function | 6 +-- tests/suites/test_suite_psa_its.function | 2 + 11 files changed, 55 insertions(+), 32 deletions(-) create mode 100644 tests/psa_helpers.function diff --git a/tests/Makefile b/tests/Makefile index aba002bf1..bc88e829d 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -104,6 +104,7 @@ $(BINARIES): %$(EXEXT): %.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +$(filter test_suite_psa_crypto%, $(BINARIES)): psa_helpers.function clean: ifndef WINDOWS diff --git a/tests/psa_helpers.function b/tests/psa_helpers.function new file mode 100644 index 000000000..1c5214b0b --- /dev/null +++ b/tests/psa_helpers.function @@ -0,0 +1,39 @@ +/* + * Helper functions for tests that use the PSA API. + */ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif +#include + +/** Evaluate an expression and fail the test case if it returns an error. + * + * \param expr The expression to evaluate. This is typically a call + * to a \c psa_xxx function that returns a value of type + * #psa_status_t. + */ +#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) + +/* + * Local Variables: + * mode: c + * End: + */ diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 122a17da7..e06527247 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -126,14 +126,6 @@ typedef enum #define TEST_EQUAL( expr1, expr2 ) \ TEST_ASSERT( ( expr1 ) == ( expr2 ) ) -/** Evaluate an expression and fail the test case if it returns an error. - * - * \param expr The expression to evaluate. This is typically a call - * to a \c psa_xxx function that returns a value of type - * #psa_status_t. - */ -#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) - /** Allocate memory dynamically and fail the test case if this fails. * * You must set \p pointer to \c NULL before calling this macro and diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index fd923c286..0e02c3e47 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -10,6 +10,11 @@ #include #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#include "psa_helpers.function" +#endif + static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); #define RSA_KEY_SIZE 512 @@ -67,8 +72,6 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) #if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" - /* * Generate a key using PSA and return a handle to that key, * or 0 if the key generation failed. diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index aaa3189a8..2e2606f21 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1,15 +1,11 @@ /* BEGIN_HEADER */ #include -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -#include "spm/psa_defs.h" -#endif - #include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" -#include "psa/crypto.h" +#include "psa_helpers.function" /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 91e210e0e..8576c7d95 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -1,10 +1,10 @@ /* BEGIN_HEADER */ #include -#include "psa/crypto.h" #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#include "psa_helpers.function" #if defined(MBEDTLS_PSA_ITS_FILE_C) #include #else diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 8abd4e228..90636b97d 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -2,11 +2,7 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -#include "spm/psa_defs.h" -#endif - -#include "psa/crypto.h" +#include "psa_helpers.function" /* END_HEADER */ diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index f10a4b232..79131587c 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -1,11 +1,7 @@ /* BEGIN_HEADER */ #include -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -#include "spm/psa_defs.h" -#endif -#include "psa/crypto.h" - +#include "psa_helpers.function" /* Some tests in this module configure entropy sources. */ #include "psa_crypto_invasive.h" diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 0417d8490..7e98fae87 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -1,7 +1,9 @@ /* BEGIN_HEADER */ #include -#include "psa/crypto.h" + +#include "psa_helpers.function" #include "psa_crypto_storage.h" + #include "mbedtls/md.h" #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index db4632810..a7bb59673 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -1,11 +1,7 @@ /* BEGIN_HEADER */ #include -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -#include "spm/psa_defs.h" -#endif -#include "psa/crypto.h" - +#include "psa_helpers.function" #include "psa_crypto_storage.h" typedef enum diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function index 867f64f6b..873e1a21a 100644 --- a/tests/suites/test_suite_psa_its.function +++ b/tests/suites/test_suite_psa_its.function @@ -1,6 +1,8 @@ /* BEGIN_HEADER */ #include "../library/psa_crypto_its.h" +#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) + /* Internal definitions of the implementation, copied for the sake of * some of the tests and of the cleanup code. */ #define PSA_ITS_STORAGE_PREFIX "" From 4bac9a4c4b059e887de297de8b3ec7713eaf7420 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 May 2019 20:32:30 +0200 Subject: [PATCH 1333/2197] New function to get key slot statistics New function mbedtls_psa_get_stats to obtain some data about how many key slots are in use. This is intended for debugging and testing purposes. --- include/psa/crypto_extra.h | 37 ++++++++++++++++++++++++++++ library/psa_crypto_slot_management.c | 32 ++++++++++++++++++++++++ 2 files changed, 69 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 56e053604..b08f46d09 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -116,6 +116,43 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( */ void mbedtls_psa_crypto_free( void ); +/** \brief Statistics about + * resource consumption related to the PSA keystore. + * + * \note The content of this structure is not part of the stable API and ABI + * of Mbed Crypto and may change arbitrarily from version to version. + */ +typedef struct mbedtls_psa_stats_s +{ + /** Number of slots containing key material for a volatile key. */ + size_t volatile_slots; + /** Number of slots containing key material for a key which is in + * internal persistent storage. */ + size_t persistent_slots; + /** Number of slots containing a reference to a key in a + * secure element. */ + size_t external_slots; + /** Number of slots which are occupied, but do not contain + * key material yet. */ + size_t half_filled_slots; + /** Number of slots that contain cache data. */ + size_t cache_slots; + /** Number of slots that are not used for anything. */ + size_t empty_slots; + /** Largest key id value among open keys in internal persistent storage. */ + psa_key_id_t max_open_internal_key_id; + /** Largest key id value among open keys in secure elements. */ + psa_key_id_t max_open_external_key_id; +} mbedtls_psa_stats_t; + +/** \brief Get statistics about + * resource consumption related to the PSA keystore. + * + * \note When Mbed Crypto is built as part of a service, with isolation + * between the application and the keystore, the service may or + * may not expose this function. + */ +void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); /** * \brief Inject an initial entropy seed for the random generator into diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0ffc2aae7..900aa41a5 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -232,4 +232,36 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) return( psa_wipe_key_slot( slot ) ); } +void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) +{ + psa_key_handle_t key; + memset( stats, 0, sizeof( *stats ) ); + for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) + { + psa_key_slot_t *slot = &global_data.key_slots[key - 1]; + if( slot->type == PSA_KEY_TYPE_NONE ) + { + if( slot->allocated ) + ++stats->half_filled_slots; + else + ++stats->empty_slots; + continue; + } + if( slot->lifetime == PSA_KEY_LIFETIME_VOLATILE ) + ++stats->volatile_slots; + else if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + ++stats->persistent_slots; + if( slot->persistent_storage_id > stats->max_open_internal_key_id ) + stats->max_open_internal_key_id = slot->persistent_storage_id; + } + else + { + ++stats->external_slots; + if( slot->persistent_storage_id > stats->max_open_external_key_id ) + stats->max_open_external_key_id = slot->persistent_storage_id; + } + } +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ From a6d252a986345e2b722634bd131879f50ec85503 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 May 2019 20:34:30 +0200 Subject: [PATCH 1334/2197] New macro PSA_DONE for a clean PSA shutdown The new macro PSA_DONE calls mbedtls_psa_crypto_free, but before that, it checks that no key slots are in use. The goal is to allow tests to verify that functions like psa_close_key properly mark slots as unused, and more generally to detect key slot leaks. We call mbedtls_psa_crypto_free at the end of each test case, which could mask a bug whereby slots are not freed when they should be, but their content is correctly reclaimed by mbedtls_psa_crypto_free. --- tests/psa_helpers.function | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tests/psa_helpers.function b/tests/psa_helpers.function index 1c5214b0b..22055003b 100644 --- a/tests/psa_helpers.function +++ b/tests/psa_helpers.function @@ -32,6 +32,36 @@ */ #define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) +static void test_helper_psa_done( int line, const char *file ) +{ + mbedtls_psa_stats_t stats; + const char *msg = NULL; + + mbedtls_psa_get_stats( &stats ); + + if( stats.volatile_slots != 0 ) + msg = "A volatile slot has not been closed properly."; + else if( stats.persistent_slots != 0 ) + msg = "A persistent slot has not been closed properly."; + else if( stats.external_slots != 0 ) + msg = "An external slot has not been closed properly."; + else if( stats.half_filled_slots != 0 ) + msg = "A half-filled slot has not been cleared properly."; + + /* If the test failed, don't overwrite the failure information. + * Do keep the stats lookup above, because it can be convenient to + * break on it when debugging a failure. */ + if( msg != NULL && test_info.failed == 0 ) + test_fail( msg, line, file ); + + mbedtls_psa_crypto_free( ); +} + +/** Shut down the PSA subsystem. Expect a clean shutdown, with no slots + * in use. + */ +#define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ ) + /* * Local Variables: * mode: c From 1153e7bd574aee4f1727c3c9a2dc7c0221ec4e83 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 May 2019 15:10:21 +0200 Subject: [PATCH 1335/2197] Replace all calls to mbedtls_psa_crypto_free by PSA_DONE Replace all calls to mbedtls_psa_crypto_free in tests by PSA_DONE. This is correct for most tests, because most tests close open keys. A few tests now fail; these tests need to be reviewed and switched back to mbedtls_psa_crypto_free if they genuinely expected to end with some slots still in use. --- tests/suites/test_suite_psa_crypto.function | 126 +++++++++--------- .../test_suite_psa_crypto_entropy.function | 6 +- .../test_suite_psa_crypto_hash.function | 6 +- .../test_suite_psa_crypto_init.function | 16 +-- ...t_suite_psa_crypto_persistent_key.function | 16 +-- ..._suite_psa_crypto_slot_management.function | 24 ++-- 6 files changed, 97 insertions(+), 97 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2e2606f21..acc2f8c18 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1259,7 +1259,7 @@ void import( data_t *data, int type_arg, exit: psa_destroy_key( handle ); psa_reset_key_attributes( &got_attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1296,7 +1296,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) exit: mbedtls_free( buffer ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1389,7 +1389,7 @@ exit: mbedtls_free( exported ); mbedtls_free( reexported ); psa_reset_key_attributes( &got_attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1400,7 +1400,7 @@ void invalid_handle( int handle ) test_operations_on_invalid_handle( handle ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1453,7 +1453,7 @@ exit: mbedtls_free( exported ); psa_destroy_key( handle ); psa_reset_key_attributes( &attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1495,7 +1495,7 @@ void import_and_exercise_key( data_t *data, exit: psa_destroy_key( handle ); psa_reset_key_attributes( &got_attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1527,7 +1527,7 @@ void key_policy( int usage_arg, int alg_arg ) exit: psa_destroy_key( handle ); psa_reset_key_attributes( &attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1607,7 +1607,7 @@ void mac_key_policy( int policy_usage, exit: psa_mac_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1650,7 +1650,7 @@ void cipher_key_policy( int policy_usage, exit: psa_cipher_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1711,7 +1711,7 @@ void aead_key_policy( int policy_usage, exit: psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1772,7 +1772,7 @@ void asymmetric_encryption_key_policy( int policy_usage, exit: psa_destroy_key( handle ); psa_reset_key_attributes( &attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( buffer ); } /* END_CASE */ @@ -1827,7 +1827,7 @@ void asymmetric_signature_key_policy( int policy_usage, exit: psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1866,7 +1866,7 @@ void derive_key_policy( int policy_usage, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1904,7 +1904,7 @@ void agreement_key_policy( int policy_usage, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1941,7 +1941,7 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, exit: psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -1978,7 +1978,7 @@ void raw_agreement_key_policy( int policy_usage, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2059,7 +2059,7 @@ void copy_success( int source_usage_arg, exit: psa_reset_key_attributes( &source_attributes ); psa_reset_key_attributes( &target_attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( export_buffer ); } /* END_CASE */ @@ -2103,7 +2103,7 @@ void copy_fail( int source_usage_arg, exit: psa_reset_key_attributes( &source_attributes ); psa_reset_key_attributes( &target_attributes ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2165,7 +2165,7 @@ void hash_setup( int alg_arg, #endif exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2253,7 +2253,7 @@ void hash_bad_order( ) PSA_ASSERT( psa_hash_abort( &operation ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2288,7 +2288,7 @@ void hash_verify_bad_args( ) PSA_ERROR_INVALID_SIGNATURE ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2310,7 +2310,7 @@ void hash_finish_bad_args( ) PSA_ERROR_BUFFER_TOO_SMALL ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2355,7 +2355,7 @@ exit: psa_hash_abort( &op_setup ); psa_hash_abort( &op_finished ); psa_hash_abort( &op_aborted ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2396,7 +2396,7 @@ exit: psa_hash_abort( &op_setup ); psa_hash_abort( &op_finished ); psa_hash_abort( &op_aborted ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2467,7 +2467,7 @@ void mac_setup( int key_type_arg, #endif exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2588,7 +2588,7 @@ void mac_bad_order( ) PSA_ASSERT( psa_mac_abort( &operation ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2643,7 +2643,7 @@ void mac_sign( int key_type_arg, exit: psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2681,7 +2681,7 @@ void mac_verify( int key_type_arg, exit: psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2759,7 +2759,7 @@ void cipher_setup( int key_type_arg, #endif exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2909,7 +2909,7 @@ void cipher_bad_order( ) PSA_ASSERT( psa_cipher_abort( &operation ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -2969,7 +2969,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3037,7 +3037,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3108,7 +3108,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3169,7 +3169,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, exit: mbedtls_free( output ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3251,7 +3251,7 @@ exit: mbedtls_free( output1 ); mbedtls_free( output2 ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3354,7 +3354,7 @@ exit: mbedtls_free( output1 ); mbedtls_free( output2 ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3430,7 +3430,7 @@ exit: psa_destroy_key( handle ); mbedtls_free( output_data ); mbedtls_free( output_data2 ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3480,7 +3480,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, exit: psa_destroy_key( handle ); mbedtls_free( output_data ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3536,7 +3536,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, exit: psa_destroy_key( handle ); mbedtls_free( output_data ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3601,7 +3601,7 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( signature ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3646,7 +3646,7 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( signature ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3713,7 +3713,7 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( signature ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3745,7 +3745,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3781,7 +3781,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3850,7 +3850,7 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3915,7 +3915,7 @@ exit: psa_destroy_key( handle ); mbedtls_free( output ); mbedtls_free( output2 ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -3977,7 +3977,7 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4039,7 +4039,7 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); mbedtls_free( output ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4107,7 +4107,7 @@ void derive_setup( int key_type_arg, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4156,7 +4156,7 @@ void test_derive_invalid_key_derivation_state( ) exit: psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4298,7 +4298,7 @@ exit: mbedtls_free( output_buffer ); psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4379,7 +4379,7 @@ void derive_full( int alg_arg, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4439,7 +4439,7 @@ exit: psa_reset_key_attributes( &got_attributes ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4518,7 +4518,7 @@ exit: psa_key_derivation_abort( &operation ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4566,7 +4566,7 @@ void key_agreement_setup( int alg_arg, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4603,7 +4603,7 @@ void raw_key_agreement( int alg_arg, exit: mbedtls_free( output ); psa_destroy_key( our_key ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4663,7 +4663,7 @@ void key_agreement_capacity( int alg_arg, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4722,7 +4722,7 @@ void key_agreement_output( int alg_arg, exit: psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( actual_output ); } /* END_CASE */ @@ -4772,7 +4772,7 @@ void generate_random( int bytes_arg ) } exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( output ); mbedtls_free( changed ); } @@ -4818,7 +4818,7 @@ void generate_key( int type_arg, exit: psa_reset_key_attributes( &got_attributes ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -4919,7 +4919,7 @@ void generate_key_rsa( int bits_arg, exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( e_read_buffer ); mbedtls_free( exported ); } @@ -5016,7 +5016,7 @@ void persistent_key_load_key_from_storage( data_t *data, } /* Shutdown and restart */ - mbedtls_psa_crypto_free(); + PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); /* Check key slot still contains key data */ @@ -5058,6 +5058,6 @@ exit: psa_open_key( key_id, &handle ); } psa_destroy_key( handle ); - mbedtls_psa_crypto_free(); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 8576c7d95..cd1b81f9e 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -77,7 +77,7 @@ void validate_entropy_seed_injection( int seed_length_a, exit: mbedtls_free( seed ); remove_seed_file( ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -105,12 +105,12 @@ void run_entropy_inject_with_crypto_init( ) PSA_ASSERT( status ); status = psa_crypto_init( ); PSA_ASSERT( status ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); /* The seed is written by nv_seed callback functions therefore the injection will fail */ status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: remove_seed_file( ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 90636b97d..e15f335e8 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -31,7 +31,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) actual_hash, actual_hash_length ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -52,7 +52,7 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) expected_hash->len ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -95,6 +95,6 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) } while( len++ != input->len ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 79131587c..eaf1b8b1e 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -138,7 +138,7 @@ void init_deinit( int count ) PSA_ASSERT( status ); status = psa_crypto_init( ); PSA_ASSERT( status ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } } /* END_CASE */ @@ -150,9 +150,9 @@ void deinit_without_init( int count ) for( i = 0; i < count; i++ ) { PSA_ASSERT( psa_crypto_init( ) ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -166,7 +166,7 @@ void validate_module_init_generate_random( int count ) { status = psa_crypto_init( ); PSA_ASSERT( status ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } status = psa_generate_random( random, sizeof( random ) ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); @@ -186,7 +186,7 @@ void validate_module_init_key_based( int count ) { status = psa_crypto_init( ); PSA_ASSERT( status ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); status = psa_import_key( &attributes, data, sizeof( data ), &handle ); @@ -212,7 +212,7 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -252,7 +252,7 @@ void fake_entropy_source( int threshold, PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -280,6 +280,6 @@ void entropy_from_nv_seed( int seed_size_arg, exit: mbedtls_free( seed ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 7e98fae87..e4ab1633c 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -110,7 +110,7 @@ void save_large_persistent_key( int data_too_large, int expected_status ) exit: mbedtls_free( data ); - mbedtls_psa_crypto_free(); + PSA_DONE(); psa_destroy_persistent_key( key_id ); } /* END_CASE */ @@ -137,7 +137,7 @@ void persistent_key_destroy( int key_id_arg, int restart, if( restart ) { psa_close_key( handle ); - mbedtls_psa_crypto_free(); + PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_open_key( key_id, &handle ) ); } @@ -152,7 +152,7 @@ void persistent_key_destroy( int key_id_arg, int restart, TEST_EQUAL( handle, 0 ); /* Shutdown and restart */ - mbedtls_psa_crypto_free(); + PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); /* Create another key in the same slot */ @@ -162,7 +162,7 @@ void persistent_key_destroy( int key_id_arg, int restart, &handle ) ); exit: - mbedtls_psa_crypto_free(); + PSA_DONE(); psa_destroy_persistent_key( key_id ); } /* END_CASE */ @@ -192,7 +192,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, if( restart ) { psa_close_key( handle ); - mbedtls_psa_crypto_free(); + PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_open_key( key_id, &handle ) ); } @@ -209,7 +209,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, exit: psa_reset_key_attributes( &attributes ); psa_destroy_persistent_key( key_id ); - mbedtls_psa_crypto_free(); + PSA_DONE(); } /* END_CASE */ @@ -241,7 +241,7 @@ void import_export_persistent_key( data_t *data, int type_arg, if( restart ) { psa_close_key( handle ); - mbedtls_psa_crypto_free(); + PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); PSA_ASSERT( psa_open_key( key_id, &handle ) ); } @@ -276,7 +276,7 @@ void import_export_persistent_key( data_t *data, int type_arg, exit: psa_reset_key_attributes( &attributes ); mbedtls_free( exported ); - mbedtls_psa_crypto_free( ); + PSA_DONE( ); psa_destroy_persistent_key( key_id ); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index a7bb59673..fde3b4dfe 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -103,7 +103,7 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, PSA_ASSERT( psa_destroy_key( handle ) ); break; case CLOSE_BY_SHUTDOWN: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); PSA_ASSERT( psa_crypto_init( ) ); break; } @@ -114,7 +114,7 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -180,7 +180,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, PSA_ASSERT( psa_destroy_key( handle ) ); break; case CLOSE_BY_SHUTDOWN: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); PSA_ASSERT( psa_crypto_init( ) ); break; } @@ -236,7 +236,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, } exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); psa_purge_key_storage( ); mbedtls_free( reexported ); } @@ -303,7 +303,7 @@ void create_existent( int lifetime_arg, int id_arg, reexported, reexported_length ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); psa_purge_key_storage( ); } /* END_CASE */ @@ -322,7 +322,7 @@ void open_fail( int id_arg, TEST_EQUAL( handle, 0 ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -350,7 +350,7 @@ void create_fail( int lifetime_arg, int id_arg, TEST_EQUAL( handle, 0 ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_purge_key_storage( ); #endif @@ -428,7 +428,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, * sure that the material is still alive. */ if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - mbedtls_psa_crypto_free( ); + PSA_DONE( ); PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_open_key( target_id, &target_handle ) ); } @@ -464,7 +464,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, } exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( export_buffer ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_purge_key_storage( ); @@ -567,7 +567,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, } exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( export_buffer ); #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_purge_key_storage( ); @@ -609,7 +609,7 @@ void invalid_handle( ) PSA_ASSERT( psa_close_key( handle1 ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); } /* END_CASE */ @@ -657,7 +657,7 @@ void many_transient_handles( int max_handles_arg ) PSA_ASSERT( psa_close_key( handles[i - 1] ) ); exit: - mbedtls_psa_crypto_free( ); + PSA_DONE( ); mbedtls_free( handles ); } /* END_CASE */ From 76b29a77fbf23d51807fd2ab0ac0b5a773fbab85 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 May 2019 14:08:50 +0200 Subject: [PATCH 1336/2197] Close or destroy keys explicitly in tests --- tests/suites/test_suite_psa_crypto.function | 9 +++++++++ .../test_suite_psa_crypto_persistent_key.function | 7 +++++++ .../test_suite_psa_crypto_slot_management.function | 11 ++++++++++- 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index acc2f8c18..22eec33a2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1291,6 +1291,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) psa_set_key_type( &attributes, type ); status = psa_import_key( &attributes, p, length, &handle ); TEST_EQUAL( status, expected_status ); + if( status == PSA_SUCCESS ) PSA_ASSERT( psa_destroy_key( handle ) ); @@ -2100,6 +2101,9 @@ void copy_fail( int source_usage_arg, TEST_EQUAL( psa_copy_key( source_handle, &target_attributes, &target_handle ), expected_status_arg ); + + PSA_ASSERT( psa_destroy_key( source_handle ) ); + exit: psa_reset_key_attributes( &source_attributes ); psa_reset_key_attributes( &target_attributes ); @@ -2587,6 +2591,8 @@ void mac_bad_order( ) PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT( psa_destroy_key( handle ) ); + exit: PSA_DONE( ); } @@ -2908,6 +2914,8 @@ void cipher_bad_order( ) PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT( psa_destroy_key( handle ) ); + exit: PSA_DONE( ); } @@ -5016,6 +5024,7 @@ void persistent_key_load_key_from_storage( data_t *data, } /* Shutdown and restart */ + PSA_ASSERT( psa_close_key( handle ) ); PSA_DONE(); PSA_ASSERT( psa_crypto_init() ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index e4ab1633c..53f6cb84b 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -108,6 +108,9 @@ void save_large_persistent_key( int data_too_large, int expected_status ) TEST_EQUAL( psa_import_key( &attributes, data, data_length, &handle ), expected_status ); + if( expected_status == PSA_SUCCESS ) + PSA_ASSERT( psa_destroy_key( handle ) ); + exit: mbedtls_free( data ); PSA_DONE(); @@ -161,6 +164,8 @@ void persistent_key_destroy( int key_id_arg, int restart, PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, &handle ) ); + PSA_ASSERT( psa_destroy_key( handle ) ); + exit: PSA_DONE(); psa_destroy_persistent_key( key_id ); @@ -206,6 +211,8 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data, TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + PSA_ASSERT( psa_destroy_key( handle ) ); + exit: psa_reset_key_attributes( &attributes ); psa_destroy_persistent_key( key_id ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index fde3b4dfe..589d1ecb1 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -228,6 +228,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, &reexported_length ), PSA_ERROR_NOT_PERMITTED ); } + PSA_ASSERT( psa_close_key( handle ) ); break; case CLOSE_BY_DESTROY: TEST_EQUAL( psa_open_key( id, &handle ), @@ -302,6 +303,8 @@ void create_existent( int lifetime_arg, int id_arg, ASSERT_COMPARE( material1, sizeof( material1 ), reexported, reexported_length ); + PSA_ASSERT( psa_close_key( handle1 ) ); + exit: PSA_DONE( ); psa_purge_key_storage( ); @@ -428,7 +431,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, * sure that the material is still alive. */ if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - PSA_DONE( ); + mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_open_key( target_id, &target_handle ) ); } @@ -463,6 +466,8 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg, PSA_ERROR_NOT_PERMITTED ); } + PSA_ASSERT( psa_destroy_key( target_handle ) ); + exit: PSA_DONE( ); mbedtls_free( export_buffer ); @@ -566,6 +571,10 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, export_buffer, length ); } + PSA_ASSERT( psa_destroy_key( source_handle ) ); + if( target_handle != source_handle ) + PSA_ASSERT( psa_destroy_key( target_handle ) ); + exit: PSA_DONE( ); mbedtls_free( export_buffer ); From dd413d3c928e8941ea4d74ff89fd4e1632f4ed23 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 May 2019 15:06:43 +0200 Subject: [PATCH 1337/2197] Test shutdown without closing handles Add some test cases that shut down and restart without explicitly closing handles, and check that the handles are properly invalidated. --- tests/psa_helpers.function | 24 ++++- ...test_suite_psa_crypto_slot_management.data | 24 ++++- ..._suite_psa_crypto_slot_management.function | 98 +++++++++++++------ 3 files changed, 111 insertions(+), 35 deletions(-) diff --git a/tests/psa_helpers.function b/tests/psa_helpers.function index 22055003b..edaea8024 100644 --- a/tests/psa_helpers.function +++ b/tests/psa_helpers.function @@ -32,7 +32,7 @@ */ #define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) -static void test_helper_psa_done( int line, const char *file ) +static int test_helper_is_psa_pristine( int line, const char *file ) { mbedtls_psa_stats_t stats; const char *msg = NULL; @@ -48,12 +48,28 @@ static void test_helper_psa_done( int line, const char *file ) else if( stats.half_filled_slots != 0 ) msg = "A half-filled slot has not been cleared properly."; - /* If the test failed, don't overwrite the failure information. - * Do keep the stats lookup above, because it can be convenient to - * break on it when debugging a failure. */ + /* If the test has already failed, don't overwrite the failure + * information. Do keep the stats lookup above, because it can be + * convenient to break on it when debugging a failure. */ if( msg != NULL && test_info.failed == 0 ) test_fail( msg, line, file ); + return( msg == NULL ); +} + +/** Check that no PSA slots are in use. + */ +#define ASSERT_PSA_PRISTINE( ) \ + do \ + { \ + if( ! test_helper_is_psa_pristine( __LINE__, __FILE__ ) ) \ + goto exit; \ + } \ + while( 0 ) + +static void test_helper_psa_done( int line, const char *file ) +{ + (void) test_helper_is_psa_pristine( line, file ); mbedtls_psa_crypto_free( ); } diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index e65befe38..233b16698 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -1,19 +1,31 @@ Transient slot, check after closing transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +Transient slot, check after closing and restarting +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE_WITH_SHUTDOWN + Transient slot, check after destroying transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY -Transient slot, check after restart +Transient slot, check after destroying and restarting +transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY_WITH_SHUTDOWN + +Transient slot, check after restart with live handles transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot, check after closing, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE +Persistent slot, check after closing and restarting, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE + Persistent slot, check after destroying, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY -Persistent slot, check after restart, id=min +Persistent slot, check after destroying and restarting, id=min +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY + +Persistent slot, check after restart with live handle, id=min persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN Persistent slot, check after closing, id=max @@ -29,6 +41,10 @@ Persistent slot: ECP keypair (ECDSA, exportable); close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +Persistent slot: ECP keypair (ECDSA, exportable); close+restart +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN + Persistent slot: ECP keypair (ECDSA, exportable); restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN @@ -37,6 +53,10 @@ Persistent slot: ECP keypair (ECDH+ECDSA, exportable); close depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +Persistent slot: ECP keypair (ECDH+ECDSA, exportable); close+restart +depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN + Persistent slot: ECP keypair (ECDH+ECDSA, exportable); restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 589d1ecb1..da93bc829 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -6,9 +6,11 @@ typedef enum { - CLOSE_BY_CLOSE, - CLOSE_BY_DESTROY, - CLOSE_BY_SHUTDOWN, + CLOSE_BY_CLOSE, /**< Close the handle(s). */ + CLOSE_BY_DESTROY, /**< Destroy the handle(s). */ + CLOSE_BY_SHUTDOWN, /**< Deinit and reinit without closing handles. */ + CLOSE_BY_CLOSE_WITH_SHUTDOWN, /**< Close handle(s) then deinit/reinit. */ + CLOSE_BY_DESTROY_WITH_SHUTDOWN, /**< Destroy handle(s) then deinit/reinit. */ } close_method_t; typedef enum @@ -62,6 +64,58 @@ static void psa_purge_key_storage( void ) #define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) ) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ +/** Apply \p close_method to invalidate the specified handles: + * close it, destroy it, or do nothing; + */ +static int invalidate_handle( close_method_t close_method, + psa_key_handle_t handle ) +{ + switch( close_method ) + { + case CLOSE_BY_CLOSE: + case CLOSE_BY_CLOSE_WITH_SHUTDOWN: + PSA_ASSERT( psa_close_key( handle ) ); + break; + case CLOSE_BY_DESTROY: + case CLOSE_BY_DESTROY_WITH_SHUTDOWN: + PSA_ASSERT( psa_destroy_key( handle ) ); + break; + case CLOSE_BY_SHUTDOWN: + break; + } + return( 1 ); +exit: + return( 0 ); +} + +/** Restart the PSA subsystem if \p close_method says so. */ +static int invalidate_psa( close_method_t close_method ) +{ + switch( close_method ) + { + case CLOSE_BY_CLOSE: + case CLOSE_BY_DESTROY: + return( 1 ); + case CLOSE_BY_CLOSE_WITH_SHUTDOWN: + case CLOSE_BY_DESTROY_WITH_SHUTDOWN: + /* All keys must have been closed. */ + PSA_DONE( ); + break; + case CLOSE_BY_SHUTDOWN: + /* Some keys may remain behind, and we're testing that this + * properly closes them. */ + mbedtls_psa_crypto_free( ); + break; + } + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_PSA_PRISTINE( ); + return( 1 ); + +exit: + return( 0 ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -94,19 +148,10 @@ void transient_slot_lifecycle( int usage_arg, int alg_arg, TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Do something that invalidates the handle. */ - switch( close_method ) - { - case CLOSE_BY_CLOSE: - PSA_ASSERT( psa_close_key( handle ) ); - break; - case CLOSE_BY_DESTROY: - PSA_ASSERT( psa_destroy_key( handle ) ); - break; - case CLOSE_BY_SHUTDOWN: - PSA_DONE( ); - PSA_ASSERT( psa_crypto_init( ) ); - break; - } + if( ! invalidate_handle( close_method, handle ) ) + goto exit; + if( ! invalidate_psa( close_method ) ) + goto exit; /* Test that the handle is now invalid. */ TEST_EQUAL( psa_get_key_attributes( handle, &attributes ), @@ -171,19 +216,11 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, TEST_EQUAL( psa_get_key_type( &attributes ), type ); /* Do something that invalidates the handle. */ - switch( close_method ) - { - case CLOSE_BY_CLOSE: - PSA_ASSERT( psa_close_key( handle ) ); - break; - case CLOSE_BY_DESTROY: - PSA_ASSERT( psa_destroy_key( handle ) ); - break; - case CLOSE_BY_SHUTDOWN: - PSA_DONE( ); - PSA_ASSERT( psa_crypto_init( ) ); - break; - } + if( ! invalidate_handle( close_method, handle ) ) + goto exit; + if( ! invalidate_psa( close_method ) ) + goto exit; + /* Test that the handle is now invalid. */ TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), PSA_ERROR_INVALID_HANDLE ); @@ -196,6 +233,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, switch( close_method ) { case CLOSE_BY_CLOSE: + case CLOSE_BY_CLOSE_WITH_SHUTDOWN: case CLOSE_BY_SHUTDOWN: PSA_ASSERT( psa_open_key( id, &handle ) ); PSA_ASSERT( psa_get_key_attributes( handle, &read_attributes ) ); @@ -230,7 +268,9 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg, } PSA_ASSERT( psa_close_key( handle ) ); break; + case CLOSE_BY_DESTROY: + case CLOSE_BY_DESTROY_WITH_SHUTDOWN: TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); break; From d58a00d5b78a04e35cfd038663e817b220f510e5 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 7 Jun 2019 11:49:59 +0100 Subject: [PATCH 1338/2197] psa: Avoid use of relative include paths Relative include paths should be avoided. The build system will determine where to pull in includes from. Specifically, `#include "../mbedtls/config.h"` shouldn't be used. Use `#include "mbedtls/config.h` instead, so that the submodule-building makefiles can change which directory to use to get mbedtls include files from. Fixes #141 --- include/psa/crypto_platform.h | 2 +- include/psa/crypto_sizes.h | 2 +- include/psa/crypto_struct.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 42cdad32a..86af08f91 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -38,7 +38,7 @@ /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ #if !defined(MBEDTLS_CONFIG_FILE) -#include "../mbedtls/config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 3cb0c73ab..f360fd627 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -45,7 +45,7 @@ /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ #if !defined(MBEDTLS_CONFIG_FILE) -#include "../mbedtls/config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 88503572f..53da2a8f2 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -38,7 +38,7 @@ /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ #if !defined(MBEDTLS_CONFIG_FILE) -#include "../mbedtls/config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif From 5ab80efa10e1ab61f912feeb02ee9f913d223373 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 5 Jun 2019 15:35:08 +0100 Subject: [PATCH 1339/2197] test: Check empty buffer decryption for chachapoly Previously, even in the Chacha20 and Chacha20-Poly1305 tests, we would test that decryption of an empty buffer would work with MBEDTLS_CIPHER_AES_128_CBC. Make the cipher used with the dec_empty_buf() test configurable, so that Chacha20 and Chacha20-Poly1305 empty buffer tests can use ciphers other than AES CBC. Then, make the Chacha20 and Chacha20-Poly1305 empty buffer tests use the MBEDTLS_CIPHER_CHACHA20 and MBEDTLS_CIPHER_CHACHA20_POLY1305 cipher suites. --- tests/suites/test_suite_cipher.aes.data | 2 +- tests/suites/test_suite_cipher.chacha20.data | 2 +- .../suites/test_suite_cipher.chachapoly.data | 2 +- tests/suites/test_suite_cipher.function | 30 +++++++++++++++---- 4 files changed, 28 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index 1a8ff1e4b..c42fc7911 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1,6 +1,6 @@ Decrypt empty buffer depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf: +dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC AES-128 CBC - Encrypt and decrypt 0 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.chacha20.data b/tests/suites/test_suite_cipher.chacha20.data index c67e582e7..1c394a7ec 100644 --- a/tests/suites/test_suite_cipher.chacha20.data +++ b/tests/suites/test_suite_cipher.chacha20.data @@ -1,6 +1,6 @@ Decrypt empty buffer depends_on:MBEDTLS_CHACHA20_C -dec_empty_buf: +dec_empty_buf:MBEDTLS_CIPHER_CHACHA20 Chacha20 RFC 7539 Test Vector #1 depends_on:MBEDTLS_CHACHA20_C diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data index 7310a84d7..ccd0dfb57 100644 --- a/tests/suites/test_suite_cipher.chachapoly.data +++ b/tests/suites/test_suite_cipher.chachapoly.data @@ -1,6 +1,6 @@ Decrypt empty buffer depends_on:MBEDTLS_CHACHAPOLY_C -dec_empty_buf: +dec_empty_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305 ChaCha20+Poly1305 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CHACHAPOLY_C diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index ca39937c2..1ea14088b 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -710,7 +710,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void dec_empty_buf( ) +void dec_empty_buf( int cipher ) { unsigned char key[32]; unsigned char iv[16]; @@ -723,6 +723,8 @@ void dec_empty_buf( ) size_t outlen = 0; + int expected_ret; + memset( key, 0, 32 ); memset( iv , 0, 16 ); @@ -732,12 +734,15 @@ void dec_empty_buf( ) memset( decbuf, 0, 64 ); /* Initialise context */ - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC ); + cipher_info = mbedtls_cipher_info_from_type( cipher ); TEST_ASSERT( NULL != cipher_info); + TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen ); TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, 128, MBEDTLS_DECRYPT ) ); + TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, + key, cipher_info->key_bitlen, + MBEDTLS_DECRYPT ) ); TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); @@ -750,8 +755,23 @@ void dec_empty_buf( ) /* decode 0-byte string */ TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); TEST_ASSERT( 0 == outlen ); - TEST_ASSERT( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED == mbedtls_cipher_finish( - &ctx_dec, decbuf + outlen, &outlen ) ); + + if ( cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_ECB ) + { + /* CBC and ECB ciphers need a full block of input. */ + expected_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } + else + { + /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and + * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when + * decrypting an empty buffer. */ + expected_ret = 0; + } + + TEST_ASSERT( expected_ret == mbedtls_cipher_finish( + &ctx_dec, decbuf + outlen, &outlen ) ); TEST_ASSERT( 0 == outlen ); exit: From b01314683a5c6d40cce3c4ade3f190da0a9c528c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 5 Jun 2019 16:50:39 +0100 Subject: [PATCH 1340/2197] test: Remove redundant 0-byte decryption test Remove the "Decrypt empty buffer" test, as ChaCha20 is a stream cipher and 0 bytes encrypted is identical to a 0 length buffer. The "ChaCha20 Encrypt and decrypt 0 bytes" test will test decryption of a 0 length buffer. --- tests/suites/test_suite_cipher.chacha20.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_cipher.chacha20.data b/tests/suites/test_suite_cipher.chacha20.data index 1c394a7ec..11de1038a 100644 --- a/tests/suites/test_suite_cipher.chacha20.data +++ b/tests/suites/test_suite_cipher.chacha20.data @@ -1,7 +1,3 @@ -Decrypt empty buffer -depends_on:MBEDTLS_CHACHA20_C -dec_empty_buf:MBEDTLS_CIPHER_CHACHA20 - Chacha20 RFC 7539 Test Vector #1 depends_on:MBEDTLS_CHACHA20_C decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20:-1:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"":"":0:0 From 9e23bea692021f3be46d931aa5843b7d7615c2e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Jun 2019 14:52:07 +0200 Subject: [PATCH 1341/2197] Make test suites compatible with #include Don't use the macro name assert. It's technically permitted as long as is not included, but it's fragile, because it means the code and any header that it includes must not include . --- tests/suites/helpers.function | 12 ++++++------ tests/suites/host_test.function | 2 +- tests/suites/target_test.function | 12 ++++++------ 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 122a17da7..ba4010bc4 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -286,7 +286,7 @@ typedef enum #define TEST_VALID_PARAM( TEST ) \ TEST_ASSERT( ( TEST, 1 ) ); -#define assert(a) if( !( a ) ) \ +#define TEST_HELPER_ASSERT(a) if( !( a ) ) \ { \ mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ __FILE__, __LINE__, #a ); \ @@ -504,7 +504,7 @@ static int unhexify( unsigned char *obuf, const char *ibuf ) { unsigned char c, c2; int len = strlen( ibuf ) / 2; - assert( strlen( ibuf ) % 2 == 0 ); /* must be even number of bytes */ + TEST_HELPER_ASSERT( strlen( ibuf ) % 2 == 0 ); /* must be even number of bytes */ while( *ibuf != 0 ) { @@ -516,7 +516,7 @@ static int unhexify( unsigned char *obuf, const char *ibuf ) else if( c >= 'A' && c <= 'F' ) c -= 'A' - 10; else - assert( 0 ); + TEST_HELPER_ASSERT( 0 ); c2 = *ibuf++; if( c2 >= '0' && c2 <= '9' ) @@ -526,7 +526,7 @@ static int unhexify( unsigned char *obuf, const char *ibuf ) else if( c2 >= 'A' && c2 <= 'F' ) c2 -= 'A' - 10; else - assert( 0 ); + TEST_HELPER_ASSERT( 0 ); *obuf++ = ( c << 4 ) | c2; } @@ -571,7 +571,7 @@ static unsigned char *zero_alloc( size_t len ) size_t actual_len = ( len != 0 ) ? len : 1; p = mbedtls_calloc( 1, actual_len ); - assert( p != NULL ); + TEST_HELPER_ASSERT( p != NULL ); memset( p, 0x00, actual_len ); @@ -598,7 +598,7 @@ static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen ) return( zero_alloc( *olen ) ); obuf = mbedtls_calloc( 1, *olen ); - assert( obuf != NULL ); + TEST_HELPER_ASSERT( obuf != NULL ); (void) unhexify( obuf, ibuf ); diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 3c4303208..fe6a2bc07 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -179,7 +179,7 @@ static int parse_arguments( char *buf, size_t len, char **params, if( p + 1 < buf + len ) { cur = p + 1; - assert( cnt < params_len ); + TEST_HELPER_ASSERT( cnt < params_len ); params[cnt++] = cur; } *p = '\0'; diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index 56abf2948..e4c3e30de 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -13,11 +13,11 @@ */ #define INCR_ASSERT(p, start, len, step) do \ { \ - assert( ( p ) >= ( start ) ); \ - assert( sizeof( *( p ) ) == sizeof( *( start ) ) ); \ + TEST_HELPER_ASSERT( ( p ) >= ( start ) ); \ + TEST_HELPER_ASSERT( sizeof( *( p ) ) == sizeof( *( start ) ) ); \ /* <= is checked to support use inside a loop where \ pointer is incremented after reading data. */ \ - assert( (uint32_t)( ( ( p ) - ( start ) ) + ( step ) ) <= ( len ) );\ + TEST_HELPER_ASSERT( (uint32_t)( ( ( p ) - ( start ) ) + ( step ) ) <= ( len ) );\ ( p ) += ( step ); \ } \ while( 0 ) @@ -127,7 +127,7 @@ uint8_t * receive_data( uint32_t * data_len ) /* Read data length */ *data_len = receive_uint32(); data = (uint8_t *)malloc( *data_len ); - assert( data != NULL ); + TEST_HELPER_ASSERT( data != NULL ); greentea_getc(); // read ';' received after key i.e. *data_len @@ -221,7 +221,7 @@ void ** parse_parameters( uint8_t count, uint8_t * data, uint32_t data_len, hex_count = find_hex_count(count, data, data_len); params = (void **)malloc( sizeof( void *) * ( count + hex_count ) ); - assert( params != NULL ); + TEST_HELPER_ASSERT( params != NULL ); cur = params; p = data; @@ -360,7 +360,7 @@ int execute_tests( int args, const char ** argv ) { /* Read dependency count */ count = *p; - assert( count < data_len ); + TEST_HELPER_ASSERT( count < data_len ); INCR_ASSERT( p, data, data_len, sizeof( uint8_t ) ); ret = verify_dependencies( count, p ); if ( ret != DEPENDENCY_SUPPORTED ) From 7846299adb4d52342f0ec2da3cca7165b3946cf7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Jun 2019 16:38:28 +0200 Subject: [PATCH 1342/2197] Fix misuse of signed ints in the HAVEGE module The elements of the HAVEGE state are manipulated with bitwise operations, with the expectations that the elements are 32-bit unsigned integers (or larger). But they are declared as int, and so the code has undefined behavior. Clang with Asan correctly points out some shifts that reach the sign bit. Since these are supposed to be 32-bit unsigned integers, declare them as uint32_t. This is technically an API break, since the type mbedtls_havege_state is exposed in a public header. However normal applications should not be affected. --- include/mbedtls/havege.h | 7 ++++--- library/havege.c | 22 ++++++++++++---------- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h index 4c1c86087..749257a36 100644 --- a/include/mbedtls/havege.h +++ b/include/mbedtls/havege.h @@ -31,6 +31,7 @@ #endif #include +#include #define MBEDTLS_HAVEGE_COLLECT_SIZE 1024 @@ -43,9 +44,9 @@ extern "C" { */ typedef struct mbedtls_havege_state { - int PT1, PT2, offset[2]; - int pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; - int WALK[8192]; + uint32_t PT1, PT2, offset[2]; + uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; + uint32_t WALK[8192]; } mbedtls_havege_state; diff --git a/library/havege.c b/library/havege.c index 54f897c6e..a9dded1cf 100644 --- a/library/havege.c +++ b/library/havege.c @@ -38,6 +38,7 @@ #include "mbedtls/timing.h" #include "mbedtls/platform_util.h" +#include #include /* ------------------------------------------------------------------------ @@ -54,7 +55,7 @@ * ------------------------------------------------------------------------ */ -#define SWAP(X,Y) { int *T = (X); (X) = (Y); (Y) = T; } +#define SWAP(X,Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; } #define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; #define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; @@ -77,7 +78,7 @@ PTX = (PT1 >> 18) & 7; \ PT1 &= 0x1FFF; \ PT2 &= 0x1FFF; \ - CLK = (int) mbedtls_timing_hardclock(); \ + CLK = (uint32_t) mbedtls_timing_hardclock(); \ \ i = 0; \ A = &WALK[PT1 ]; RES[i++] ^= *A; \ @@ -100,7 +101,7 @@ \ IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \ *A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \ - *B = IN; CLK = (int) mbedtls_timing_hardclock(); \ + *B = IN; CLK = (uint32_t) mbedtls_timing_hardclock(); \ *C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \ *D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \ \ @@ -158,10 +159,11 @@ */ static void havege_fill( mbedtls_havege_state *hs ) { - int i, n = 0; - int U1, U2, *A, *B, *C, *D; - int PT1, PT2, *WALK, RES[16]; - int PTX, PTY, CLK, PTEST, IN; + size_t n = 0; + unsigned i; + uint32_t U1, U2, *A, *B, *C, *D; + uint32_t PT1, PT2, *WALK, RES[16]; + uint32_t PTX, PTY, CLK, PTEST, IN; WALK = hs->WALK; PT1 = hs->PT1; @@ -212,7 +214,7 @@ void mbedtls_havege_free( mbedtls_havege_state *hs ) */ int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len ) { - int val; + uint32_t val; size_t use_len; mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng; unsigned char *p = buf; @@ -220,8 +222,8 @@ int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len ) while( len > 0 ) { use_len = len; - if( use_len > sizeof(int) ) - use_len = sizeof(int); + if( use_len > sizeof( val ) ) + use_len = sizeof( val ); if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE ) havege_fill( hs ); From 982fe790c188936fb7ed41878e444760a4a40f64 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 19 Jun 2019 18:18:58 +0200 Subject: [PATCH 1343/2197] Remove unused functions These functions became obsolete when the key export format changed from including the SubjectPublicKeyInfo to being just the key material. --- tests/suites/test_suite_psa_crypto.function | 56 --------------------- 1 file changed, 56 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 22eec33a2..cb64532cc 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -682,43 +682,6 @@ exit: return( ok ); } -static int is_oid_of_key_type( psa_key_type_t type, - const uint8_t *oid, size_t oid_length ) -{ - const uint8_t *expected_oid = NULL; - size_t expected_oid_length = 0; -#if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - expected_oid = (uint8_t *) MBEDTLS_OID_PKCS1_RSA; - expected_oid_length = sizeof( MBEDTLS_OID_PKCS1_RSA ) - 1; - } - else -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - expected_oid = (uint8_t *) MBEDTLS_OID_EC_ALG_UNRESTRICTED; - expected_oid_length = sizeof( MBEDTLS_OID_EC_ALG_UNRESTRICTED ) - 1; - } - else -#endif /* MBEDTLS_ECP_C */ - { - char message[40]; - mbedtls_snprintf( message, sizeof( message ), - "OID not known for key type=0x%08lx", - (unsigned long) type ); - test_fail( message, __LINE__, __FILE__ ); - return( 0 ); - } - - ASSERT_COMPARE( expected_oid, expected_oid_length, oid, oid_length ); - return( 1 ); - -exit: - return( 0 ); -} - static int asn1_skip_integer( unsigned char **p, const unsigned char *end, size_t min_bits, size_t max_bits, int must_be_odd ) @@ -758,25 +721,6 @@ exit: return( 0 ); } -static int asn1_get_implicit_tag( unsigned char **p, const unsigned char *end, - size_t *len, - unsigned char n, unsigned char tag ) -{ - int ret; - ret = mbedtls_asn1_get_tag( p, end, len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | ( n ) ); - if( ret != 0 ) - return( ret ); - end = *p + *len; - ret = mbedtls_asn1_get_tag( p, end, len, tag ); - if( ret != 0 ) - return( ret ); - if( *p + *len != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - return( 0 ); -} - static int exported_key_sanity_check( psa_key_type_t type, size_t bits, uint8_t *exported, size_t exported_length ) { From 1838e821905bf571844e865131856103462e201b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 Jun 2019 12:40:56 +0200 Subject: [PATCH 1344/2197] Rename psa_helpers.function to psa_crypto_helpers.h This file isn't like the other .function files: it isn't concatenated by a separate preprocessing script, but included via C preprocessing. Rename this file to .h. This isn't a normal C header, because it defines auxiliary functions. But the functions aren't big and we only have one compilation unit per executable, so this is good enough for what we're doing. --- tests/Makefile | 2 +- tests/{psa_helpers.function => psa_crypto_helpers.h} | 9 ++++----- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.function | 2 +- tests/suites/test_suite_psa_crypto_entropy.function | 2 +- tests/suites/test_suite_psa_crypto_hash.function | 2 +- tests/suites/test_suite_psa_crypto_init.function | 2 +- .../suites/test_suite_psa_crypto_persistent_key.function | 2 +- .../test_suite_psa_crypto_slot_management.function | 2 +- 9 files changed, 12 insertions(+), 13 deletions(-) rename tests/{psa_helpers.function => psa_crypto_helpers.h} (96%) diff --git a/tests/Makefile b/tests/Makefile index bc88e829d..e2a32a12f 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -104,7 +104,7 @@ $(BINARIES): %$(EXEXT): %.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -$(filter test_suite_psa_crypto%, $(BINARIES)): psa_helpers.function +$(filter test_suite_psa_crypto%, $(BINARIES)): psa_crypto_helpers.h clean: ifndef WINDOWS diff --git a/tests/psa_helpers.function b/tests/psa_crypto_helpers.h similarity index 96% rename from tests/psa_helpers.function rename to tests/psa_crypto_helpers.h index edaea8024..b1c5968c9 100644 --- a/tests/psa_helpers.function +++ b/tests/psa_crypto_helpers.h @@ -19,6 +19,9 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ +#ifndef PSA_CRYPTO_HELPERS_H +#define PSA_CRYPTO_HELPERS_H + #if defined(MBEDTLS_PSA_CRYPTO_SPM) #include "spm/psa_defs.h" #endif @@ -78,8 +81,4 @@ static void test_helper_psa_done( int line, const char *file ) */ #define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ ) -/* - * Local Variables: - * mode: c - * End: - */ +#endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 0e02c3e47..3d38535e3 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -12,7 +12,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" #endif static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cb64532cc..4441e9b4c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -5,7 +5,7 @@ #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index cd1b81f9e..8538d6d8d 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -4,7 +4,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" #if defined(MBEDTLS_PSA_ITS_FILE_C) #include #else diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index e15f335e8..d50ff5ad2 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -2,7 +2,7 @@ #include -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" /* END_HEADER */ diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index eaf1b8b1e..3c4b42e03 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ #include -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" /* Some tests in this module configure entropy sources. */ #include "psa_crypto_invasive.h" diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 53f6cb84b..fc1924897 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ #include -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" #include "psa_crypto_storage.h" #include "mbedtls/md.h" diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index da93bc829..3b9eada83 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ #include -#include "psa_helpers.function" +#include "psa_crypto_helpers.h" #include "psa_crypto_storage.h" typedef enum From 3cff768ad4d6149c34188ad3dd081e3587e9e6aa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 Jun 2019 12:54:43 +0200 Subject: [PATCH 1345/2197] Move the one non-crypto-specific PSA helper macro to a new header Create a new header file psa_helpers.h and put the one helper macro that isn't specific to PSA crypto there. Use this header file in the ITS test suite. --- tests/Makefile | 1 + tests/psa_crypto_helpers.h | 19 ++++-------- tests/psa_helpers.h | 37 ++++++++++++++++++++++++ tests/suites/test_suite_psa_its.function | 2 +- 4 files changed, 44 insertions(+), 15 deletions(-) create mode 100644 tests/psa_helpers.h diff --git a/tests/Makefile b/tests/Makefile index e2a32a12f..52f916356 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -105,6 +105,7 @@ $(BINARIES): %$(EXEXT): %.c $(DEP) $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(filter test_suite_psa_crypto%, $(BINARIES)): psa_crypto_helpers.h +$(filter test_suite_psa_%, $(BINARIES)): psa_helpers.h clean: ifndef WINDOWS diff --git a/tests/psa_crypto_helpers.h b/tests/psa_crypto_helpers.h index b1c5968c9..26d562344 100644 --- a/tests/psa_crypto_helpers.h +++ b/tests/psa_crypto_helpers.h @@ -1,5 +1,5 @@ /* - * Helper functions for tests that use the PSA API. + * Helper functions for tests that use the PSA Crypto API. */ /* Copyright (C) 2019, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 @@ -22,18 +22,9 @@ #ifndef PSA_CRYPTO_HELPERS_H #define PSA_CRYPTO_HELPERS_H -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -#include "spm/psa_defs.h" -#endif -#include +#include "psa_helpers.h" -/** Evaluate an expression and fail the test case if it returns an error. - * - * \param expr The expression to evaluate. This is typically a call - * to a \c psa_xxx function that returns a value of type - * #psa_status_t. - */ -#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) +#include static int test_helper_is_psa_pristine( int line, const char *file ) { @@ -60,7 +51,7 @@ static int test_helper_is_psa_pristine( int line, const char *file ) return( msg == NULL ); } -/** Check that no PSA slots are in use. +/** Check that no PSA Crypto key slots are in use. */ #define ASSERT_PSA_PRISTINE( ) \ do \ @@ -76,7 +67,7 @@ static void test_helper_psa_done( int line, const char *file ) mbedtls_psa_crypto_free( ); } -/** Shut down the PSA subsystem. Expect a clean shutdown, with no slots +/** Shut down the PSA Crypto subsystem. Expect a clean shutdown, with no slots * in use. */ #define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ ) diff --git a/tests/psa_helpers.h b/tests/psa_helpers.h new file mode 100644 index 000000000..79f683707 --- /dev/null +++ b/tests/psa_helpers.h @@ -0,0 +1,37 @@ +/* + * Helper functions for tests that use any PSA API. + */ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_HELPERS_H +#define PSA_HELPERS_H + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif + +/** Evaluate an expression and fail the test case if it returns an error. + * + * \param expr The expression to evaluate. This is typically a call + * to a \c psa_xxx function that returns a value of type + * #psa_status_t. + */ +#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) + +#endif /* PSA_HELPERS_H */ diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function index 873e1a21a..8b1500599 100644 --- a/tests/suites/test_suite_psa_its.function +++ b/tests/suites/test_suite_psa_its.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ #include "../library/psa_crypto_its.h" -#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) +#include "psa_helpers.h" /* Internal definitions of the implementation, copied for the sake of * some of the tests and of the cleanup code. */ From 9e5bcbd8d1e9757cc0236bdccb5f5f45b08e4498 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 19 Jun 2019 18:18:58 +0200 Subject: [PATCH 1346/2197] Remove unused functions These functions became obsolete when the key export format changed from including the SubjectPublicKeyInfo to being just the key material. --- tests/suites/test_suite_psa_crypto.function | 56 --------------------- 1 file changed, 56 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b5bf7de9c..597e391cc 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -604,43 +604,6 @@ exit: return( ok ); } -static int is_oid_of_key_type( psa_key_type_t type, - const uint8_t *oid, size_t oid_length ) -{ - const uint8_t *expected_oid = NULL; - size_t expected_oid_length = 0; -#if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - expected_oid = (uint8_t *) MBEDTLS_OID_PKCS1_RSA; - expected_oid_length = sizeof( MBEDTLS_OID_PKCS1_RSA ) - 1; - } - else -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - expected_oid = (uint8_t *) MBEDTLS_OID_EC_ALG_UNRESTRICTED; - expected_oid_length = sizeof( MBEDTLS_OID_EC_ALG_UNRESTRICTED ) - 1; - } - else -#endif /* MBEDTLS_ECP_C */ - { - char message[40]; - mbedtls_snprintf( message, sizeof( message ), - "OID not known for key type=0x%08lx", - (unsigned long) type ); - test_fail( message, __LINE__, __FILE__ ); - return( 0 ); - } - - ASSERT_COMPARE( expected_oid, expected_oid_length, oid, oid_length ); - return( 1 ); - -exit: - return( 0 ); -} - static int asn1_skip_integer( unsigned char **p, const unsigned char *end, size_t min_bits, size_t max_bits, int must_be_odd ) @@ -680,25 +643,6 @@ exit: return( 0 ); } -static int asn1_get_implicit_tag( unsigned char **p, const unsigned char *end, - size_t *len, - unsigned char n, unsigned char tag ) -{ - int ret; - ret = mbedtls_asn1_get_tag( p, end, len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | ( n ) ); - if( ret != 0 ) - return( ret ); - end = *p + *len; - ret = mbedtls_asn1_get_tag( p, end, len, tag ); - if( ret != 0 ) - return( ret ); - if( *p + *len != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - return( 0 ); -} - static int exported_key_sanity_check( psa_key_type_t type, size_t bits, uint8_t *exported, size_t exported_length ) { From 1d10257d215fc2ea366e7b6f15b532e2f40504b9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 Jun 2019 17:23:58 +0200 Subject: [PATCH 1347/2197] Copy the new header files to Mbed OS on-target test directories The new PSA helper headers are needed at build time. When building Mbed OS tests, the source files are copied to a directory under TESTS. The required header files need to be present in this directory. --- tests/Makefile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/tests/Makefile b/tests/Makefile index 52f916356..94f0bc40e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -104,8 +104,11 @@ $(BINARIES): %$(EXEXT): %.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +# Some test suites require additional header files. $(filter test_suite_psa_crypto%, $(BINARIES)): psa_crypto_helpers.h +$(addprefix embedded_,$(filter test_suite_psa_crypto%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_crypto_helpers.h $(filter test_suite_psa_%, $(BINARIES)): psa_helpers.h +$(addprefix embedded_,$(filter test_suite_psa_%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_helpers.h clean: ifndef WINDOWS @@ -143,3 +146,17 @@ $(EMBEDDED_TESTS): embedded_%: suites/$$(firstword $$(subst ., ,$$*)).function s generate-target-tests: $(EMBEDDED_TESTS) +define copy_header_to_target +TESTS/mbedtls/$(1)/$(2): $(2) + echo " Copy ./$$@" +ifndef WINDOWS + mkdir -p $$(@D) + cp $$< $$@ +else + mkdir $$(@D) + copy $$< $$@ +endif + +endef +$(foreach app, $(APPS), $(foreach file, $(wildcard *.h), \ + $(eval $(call copy_header_to_target,$(app),$(file))))) From b6cadea6a5db02c4faedb40f08fa57f58b1ed31a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 13:46:37 +0200 Subject: [PATCH 1348/2197] Secure element driver structure Define a structure type containing all the methods of a secure element driver. --- include/psa/crypto_se_driver.h | 42 ++++++++++++++++++++++++++++++---- 1 file changed, 37 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 9f54947ca..95947dbdd 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -8,11 +8,11 @@ * space in which the PSA Crypto implementation runs, typically secure * elements (SEs). * - * This file is part of the PSA Crypto Driver Model, containing functions for - * driver developers to implement to enable hardware to be called in a - * standardized way by a PSA Cryptographic API implementation. The functions - * comprising the driver model, which driver authors implement, are not - * intended to be called by application developers. + * This file is part of the PSA Crypto Driver HAL (hardware abstraction layer), + * containing functions for driver developers to implement to enable hardware + * to be called in a standardized way by a PSA Cryptography API + * implementation. The functions comprising the driver HAL, which driver + * authors implement, are not intended to be called by application developers. */ /* @@ -961,6 +961,38 @@ typedef struct { /**@}*/ +/** \defgroup se_registration Secure element driver registration + */ +/**@{*/ + +/** A structure containing pointers to all the entry points of a + * secure element driver. + * + * Future versions of this specification may add extra substructures at + * the end of this structure. + */ +typedef struct { + /** The version of the driver model that this driver implements. + * This is a protection against linking driver binaries built against + * a different version of this specification. + * Use #PSA_DRV_SE_HAL_VERSION. + */ + uint32_t hal_version; + psa_drv_se_key_management_t key_management; + psa_drv_se_mac_t mac; + psa_drv_se_cipher_t cipher; + psa_drv_se_aead_t aead; + psa_drv_se_asymmetric_t asymmetric; + psa_drv_se_key_derivation_t derivation; +} psa_drv_se_t; + +/** The current version of the opaque driver model. + */ +/* 0.0.0 patchlevel 5 */ +#define PSA_DRV_SE_HAL_VERSION 0x00000005 + +/**@}*/ + #ifdef __cplusplus } #endif From d910e928e889faeb4692bff06823610497b5ffaa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 13:47:07 +0200 Subject: [PATCH 1349/2197] Declare a function to register a secure element driver --- include/psa/crypto_se_driver.h | 45 ++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 95947dbdd..85dc05a54 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -991,6 +991,51 @@ typedef struct { /* 0.0.0 patchlevel 5 */ #define PSA_DRV_SE_HAL_VERSION 0x00000005 +/** Register an external cryptoprocessor driver. + * + * This function is only intended to be used by driver code, not by + * application code. In implementations with separation between the + * PSA cryptography module and applications, this function should + * only be available to callers that run in the same memory space as + * the cryptography module, and should not be exposed to applications + * running in a different memory space. + * + * This function may be called before psa_crypto_init(). It is + * implementation-defined whether this function may be called + * after psa_crypto_init(). + * + * \param lifetime The lifetime value through which this driver will + * be exposed to applications. + * The values #PSA_KEY_LIFETIME_VOLATILE and + * #PSA_KEY_LIFETIME_PERSISTENT are reserved and + * may not be used for opaque drivers. Implementations + * may reserve other values. + * \param[in] methods The method table of the driver. This structure must + * remain valid for as long as the cryptography + * module keeps running. It is typically a global + * constant. + * + * \return PSA_SUCCESS + * The driver was successfully registered. Applications can now + * use \p lifetime to access keys through the methods passed to + * this function. + * \return PSA_ERROR_BAD_STATE + * This function was called after the initialization of the + * cryptography module, and this implementation does not support + * driver registration at this stage. + * \return PSA_ERROR_ALREADY_EXISTS + * There is already a registered driver for this value of \p lifetime. + * \return PSA_ERROR_INVALID_ARGUMENT + * \p lifetime is a reserved value + * \return PSA_ERROR_NOT_SUPPORTED + * `methods->interface_version` is not supported by this implementation. + * \return PSA_ERROR_INSUFFICIENT_MEMORY + * \return PSA_ERROR_NOT_PERMITTED + */ +psa_status_t psa_register_se_driver( + psa_key_lifetime_t lifetime, + const psa_drv_se_t *methods); + /**@}*/ #ifdef __cplusplus From 2c2243dc0b750743c4a1eaf5dca5891b5b07908f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 13:47:24 +0200 Subject: [PATCH 1350/2197] Smoke test for secure element driver registration --- tests/CMakeLists.txt | 1 + .../test_suite_psa_crypto_se_driver_hal.data | 2 ++ ...st_suite_psa_crypto_se_driver_hal.function | 29 +++++++++++++++++++ 3 files changed, 32 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_se_driver_hal.data create mode 100644 tests/suites/test_suite_psa_crypto_se_driver_hal.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 42d99d623..323ad2dc6 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -135,6 +135,7 @@ add_test_suite(psa_crypto_hash) add_test_suite(psa_crypto_init) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) +add_test_suite(psa_crypto_se_driver_hal) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_its) add_test_suite(shax) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data new file mode 100644 index 000000000..1d27fb9b6 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -0,0 +1,2 @@ +Register SE driver: good +register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function new file mode 100644 index 000000000..efbbd4e36 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -0,0 +1,29 @@ +/* BEGIN_HEADER */ +#include "psa_crypto_helpers.h" +#include "psa/crypto_se_driver.h" + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void register_one( int lifetime, int version, int expected_status_arg ) +{ + psa_status_t expected_status = expected_status_arg; + psa_drv_se_t driver; + + memset( &driver, 0, sizeof( driver ) ); + driver.hal_version = version; + + TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + expected_status ); + + PSA_ASSERT( psa_crypto_init( ) ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ From bc2adf94a8f807e69abe291ca7447f4d9a4763a6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 15:45:09 +0200 Subject: [PATCH 1351/2197] Fix minor type choice inconsistency --- library/havege.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/havege.c b/library/havege.c index a9dded1cf..ca7dd17fb 100644 --- a/library/havege.c +++ b/library/havege.c @@ -160,7 +160,7 @@ static void havege_fill( mbedtls_havege_state *hs ) { size_t n = 0; - unsigned i; + size_t i; uint32_t U1, U2, *A, *B, *C, *D; uint32_t PT1, PT2, *WALK, RES[16]; uint32_t PTX, PTY, CLK, PTEST, IN; From a899a72fd0a854199048e3ca69ccc55f14a4678a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 14:06:43 +0200 Subject: [PATCH 1352/2197] Implement the secure element driver registration function --- library/CMakeLists.txt | 1 + library/Makefile | 2 +- library/psa_crypto_se.c | 72 ++++++++++++++++++++++++++++++++++ library/psa_crypto_se.h | 37 +++++++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 2 + 5 files changed, 113 insertions(+), 1 deletion(-) create mode 100644 library/psa_crypto_se.c create mode 100644 library/psa_crypto_se.h diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 61bc13d32..78c233a08 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -53,6 +53,7 @@ set(src_crypto platform_util.c poly1305.c psa_crypto.c + psa_crypto_se.c psa_crypto_slot_management.c psa_crypto_storage.c psa_its_file.c diff --git a/library/Makefile b/library/Makefile index 921b68ec7..2b979b487 100644 --- a/library/Makefile +++ b/library/Makefile @@ -80,7 +80,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ pk.o pk_wrap.o pkcs12.o \ pkcs5.o pkparse.o pkwrite.o \ platform.o platform_util.o poly1305.o \ - psa_crypto.o \ + psa_crypto.o psa_crypto_se.o \ psa_crypto_slot_management.o \ psa_crypto_storage.o \ psa_its_file.o \ diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c new file mode 100644 index 000000000..33d0da894 --- /dev/null +++ b/library/psa_crypto_se.c @@ -0,0 +1,72 @@ +/* + * PSA crypto support for secure element drivers + */ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include "psa_crypto_se.h" + +typedef struct +{ + psa_key_lifetime_t lifetime; + const psa_drv_se_t *methods; +} method_table_entry_t; + +static method_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; + +psa_status_t psa_register_se_driver( + psa_key_lifetime_t lifetime, + const psa_drv_se_t *methods) +{ + size_t i; + + if( methods->hal_version != PSA_DRV_SE_HAL_VERSION ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( lifetime == PSA_KEY_LIFETIME_VOLATILE || + lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) + { + if( driver_table[i].lifetime == 0 ) + break; + /* Check that lifetime isn't already in use up to the first free + * entry. Since entries are created in order and never deleted, + * there can't be a used entry after the first free entry. */ + if( driver_table[i].lifetime == lifetime ) + return( PSA_ERROR_ALREADY_EXISTS ); + } + if( i == PSA_MAX_SE_DRIVERS ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + driver_table[i].lifetime = lifetime; + driver_table[i].methods = methods; + return( PSA_SUCCESS ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h new file mode 100644 index 000000000..1085f488d --- /dev/null +++ b/library/psa_crypto_se.h @@ -0,0 +1,37 @@ +/* + * PSA crypto support for secure element drivers + */ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_SE_H +#define PSA_CRYPTO_SE_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "psa/crypto.h" +#include "psa/crypto_se_driver.h" + +/** The maximum number of registered secure element driver lifetimes. */ +#define PSA_MAX_SE_DRIVERS 4 + +#endif /* PSA_CRYPTO_SE_H */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 07c80e84f..2034a8411 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -225,6 +225,7 @@ + @@ -281,6 +282,7 @@ + From d0890211287d80b06f8851bfc3c80498fb4ed2f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 14:34:43 +0200 Subject: [PATCH 1353/2197] Unregister drivers on library deinitialization --- library/psa_crypto.c | 4 ++++ library/psa_crypto_se.c | 7 +++++++ library/psa_crypto_se.h | 8 ++++++++ 3 files changed, 19 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b3be2617b..7e2007129 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -32,6 +32,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_invasive.h" +#include "psa_crypto_se.h" #include "psa_crypto_slot_management.h" /* Include internal declarations that are useful for implementing persistently * stored keys. */ @@ -5211,6 +5212,9 @@ void mbedtls_psa_crypto_free( void ) * In particular, this sets all state indicator to the value * indicating "uninitialized". */ mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); + /* Unregister all secure element drivers, so that we restart from + * a pristine state. */ + psa_unregister_all_se_drivers( ); } psa_status_t psa_crypto_init( void ) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 33d0da894..32142eb9a 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -27,6 +27,8 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) +#include + #include "psa_crypto_se.h" typedef struct @@ -69,4 +71,9 @@ psa_status_t psa_register_se_driver( return( PSA_SUCCESS ); } +void psa_unregister_all_se_drivers( void ) +{ + memset( driver_table, 0, sizeof( driver_table ) ); +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 1085f488d..e99bd2576 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -34,4 +34,12 @@ /** The maximum number of registered secure element driver lifetimes. */ #define PSA_MAX_SE_DRIVERS 4 +/** Unregister all secure element drivers. + * + * \warning Do not call this function while the library is in the initialized + * state. This function is only intended to be called at the end + * of mbedtls_psa_crypto_free(). + */ +void psa_unregister_all_se_drivers( void ); + #endif /* PSA_CRYPTO_SE_H */ From 55a6acfe4d596db313706e1c83d369f15e7af251 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 14:34:59 +0200 Subject: [PATCH 1354/2197] Add negative tests for driver registration --- .../test_suite_psa_crypto_se_driver_hal.data | 20 ++++++++ ...st_suite_psa_crypto_se_driver_hal.function | 51 +++++++++++++++++++ 2 files changed, 71 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 1d27fb9b6..b55ab3264 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -1,2 +1,22 @@ Register SE driver: good register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS + +# Run this test case a second time to verify that the library deinit +# unregistered the first driver. +Register SE driver: good, again +register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS + +Register SE driver: invalid lifetime (VOLATILE) +register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT + +Register SE driver: invalid lifetime (PERSISTENT) +register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT + +Register SE driver: invalid version +register_one:2:PSA_DRV_SE_HAL_VERSION - 1:PSA_ERROR_NOT_SUPPORTED + +Register SE driver: already registered +register_twice:3 + +Register SE driver: maximum number of drivers +register_max: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index efbbd4e36..522065a90 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -2,6 +2,11 @@ #include "psa_crypto_helpers.h" #include "psa/crypto_se_driver.h" +#include "psa_crypto_se.h" + +/* The minimum valid lifetime value for a secure element driver. */ +#define MIN_DRIVER_LIFETIME 2 + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -27,3 +32,49 @@ exit: PSA_DONE( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void register_twice( int count ) +{ + psa_drv_se_t driver; + psa_key_lifetime_t lifetime; + psa_key_lifetime_t max = MIN_DRIVER_LIFETIME + count; + + memset( &driver, 0, sizeof( driver ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ ) + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ ) + TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + PSA_ERROR_ALREADY_EXISTS ); + + PSA_ASSERT( psa_crypto_init( ) ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void register_max( ) +{ + psa_drv_se_t driver; + psa_key_lifetime_t lifetime; + psa_key_lifetime_t max = MIN_DRIVER_LIFETIME + PSA_MAX_SE_DRIVERS; + + memset( &driver, 0, sizeof( driver ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ ) + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + + TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + PSA_ERROR_INSUFFICIENT_MEMORY ); + + PSA_ASSERT( psa_crypto_init( ) ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ From 45a8ca373c34e314191155e689ec1a5adfdf012b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 15:08:56 +0200 Subject: [PATCH 1355/2197] Fix typos in function argument names --- include/psa/crypto_se_driver.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 85dc05a54..b7a37133b 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -726,7 +726,7 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. */ -typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key); +typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key_slot); /** * \brief A function that exports a secure element key in binary format @@ -878,7 +878,7 @@ typedef struct { * \param[in,out] p_context A hardware-specific structure containing any * context information for the implementation * \param[in] kdf_alg The algorithm to be used for the key derivation - * \param[in] souce_key The key to be used as the source material for the + * \param[in] source_key The key to be used as the source material for the * key derivation * * \retval PSA_SUCCESS From 7a52464fbae9a550798ab291b88b158a6aa0e501 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 Jun 2019 19:58:12 +0200 Subject: [PATCH 1356/2197] Driver registration: more future-proof bad-version test --- tests/suites/test_suite_psa_crypto_se_driver_hal.data | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index b55ab3264..20a06e843 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -12,8 +12,11 @@ register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ Register SE driver: invalid lifetime (PERSISTENT) register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT -Register SE driver: invalid version -register_one:2:PSA_DRV_SE_HAL_VERSION - 1:PSA_ERROR_NOT_SUPPORTED +Register SE driver: invalid version (ancient) +register_one:2:0x00000003:PSA_ERROR_NOT_SUPPORTED + +Register SE driver: invalid version (future) +register_one:2:PSA_DRV_SE_HAL_VERSION + 1:PSA_ERROR_NOT_SUPPORTED Register SE driver: already registered register_twice:3 From 8f2a6dcc253a81d6a1bccd6e8a19c101ef5bdeec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 May 2019 17:32:21 +0200 Subject: [PATCH 1357/2197] Support PSA_KEY_DERIVATION_INPUT_SEED --- library/psa_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b3be2617b..d45a85200 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4778,6 +4778,7 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *ope case PSA_KEY_DERIVATION_INPUT_LABEL: case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: + case PSA_KEY_DERIVATION_INPUT_SEED: return( psa_key_derivation_input_raw( operation, step, data, data_length ) ); default: From ed87d31d7d07fec5ddedc8afb19975e50d29a911 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 May 2019 17:32:39 +0200 Subject: [PATCH 1358/2197] Specify the order of inputs for TLS-1.2 KDFs From the implementation point of view does not make much difference to constrain the input order. We constrain it because, this way the code is easier to review, the data flow easier to understand and the implementations in general are easier to validate. --- include/psa/crypto_values.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e9fb9ad01..19dc28bf4 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1244,10 +1244,11 @@ * specified in Section 5 of RFC 5246. It is based on HMAC and can be * used with either SHA-256 or SHA-384. * - * This key derivation algorithm uses the following inputs: + * This key derivation algorithm uses the following inputs, which must be + * passed in the order given here: + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. - * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. * * For the application to TLS-1.2 key expansion, the seed is the * concatenation of ServerHello.Random + ClientHello.Random, @@ -1288,10 +1289,11 @@ * The latter is based on HMAC and can be used with either SHA-256 * or SHA-384. * - * This key derivation algorithm uses the following inputs: + * This key derivation algorithm uses the following inputs, which must be + * passed in the order given here: + * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key. * - #PSA_KEY_DERIVATION_INPUT_LABEL is the label. - * - #PSA_KEY_DERIVATION_INPUT_SEED is the seed. * * For the application to TLS-1.2, the seed (which is * forwarded to the TLS-1.2 PRF) is the concatenation of the From 71a4c9125b8d4df9151ee849ffb3511906b46818 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 09:14:47 +0100 Subject: [PATCH 1359/2197] Add flag for removing deprecated API Add the compile time option PSA_PRE_1_0_KEY_DERIVATION. If this is not turned on, then the function `psa_key_derivation()` is removed. Most of the tests regarding key derivation haven't been adapted to the new API yet and some of them have only been adapted partially. When this new option is turned off, the tests using the old API and test cases using the old API of partially adapted tests are skipped. The sole purpose of this option is to make the transition to the new API smoother. Once the transition is complete it can and should be removed along with the old API and its implementation. --- include/psa/crypto_extra.h | 12 ++++++++ library/psa_crypto.c | 10 +++++++ programs/psa/key_ladder_demo.c | 6 ++-- tests/suites/test_suite_psa_crypto.data | 32 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 17 +++++++---- 5 files changed, 54 insertions(+), 23 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b08f46d09..3675ac61b 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -224,6 +224,17 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, size_t seed_size); +/* + * If this option is not turned on, then the function `psa_key_derivation()` + * is removed. + * + * The sole purpose of this option is to make the transition to the new API + * smoother. Once the transition is complete it can and should be removed + * along with the old API and its implementation. + */ +#define PSA_PRE_1_0_KEY_DERIVATION + +#if defined(PSA_PRE_1_0_KEY_DERIVATION) /** Set up a key derivation operation. * * FIMXE This function is no longer part of the official API. Its prototype @@ -280,6 +291,7 @@ psa_status_t psa_key_derivation(psa_key_derivation_operation_t *operation, const uint8_t *label, size_t label_length, size_t capacity); +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ /* FIXME Deprecated. Remove this as soon as all the tests are updated. */ #define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d45a85200..bf425df38 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4311,6 +4311,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut /****************************************************************/ #if defined(MBEDTLS_MD_C) +#if defined(PSA_PRE_1_0_KEY_DERIVATION) /* Set up an HKDF-based operation. This is exactly the extract phase * of the HKDF algorithm. * @@ -4354,9 +4355,11 @@ static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hk hkdf->info_set = 1; return( PSA_SUCCESS ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) +#if defined(PSA_PRE_1_0_KEY_DERIVATION) /* Set up a TLS-1.2-prf-based operation (see RFC 5246, Section 5). * * Note that if this function fails, you must call psa_key_derivation_abort() @@ -4413,7 +4416,9 @@ static psa_status_t psa_key_derivation_tls12_prf_setup( return( PSA_SUCCESS ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ +#if defined(PSA_PRE_1_0_KEY_DERIVATION) /* Set up a TLS-1.2-PSK-to-MS-based operation. */ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( psa_tls12_prf_key_derivation_t *tls12_prf, @@ -4454,8 +4459,10 @@ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( mbedtls_platform_zeroize( pms, sizeof( pms ) ); return( status ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ +#if defined(PSA_PRE_1_0_KEY_DERIVATION) /* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ @@ -4554,7 +4561,9 @@ static psa_status_t psa_key_derivation_internal( return( PSA_SUCCESS ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ +#if defined(PSA_PRE_1_0_KEY_DERIVATION) psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg, @@ -4594,6 +4603,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, psa_key_derivation_abort( operation ); return( status ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ static psa_status_t psa_key_derivation_setup_kdf( psa_key_derivation_operation_t *operation, diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index af7be1e0a..426e41f87 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -66,12 +66,14 @@ /* If the build options we need are not enabled, compile a placeholder. */ #if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ - !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) ||\ + !defined(PSA_PRE_1_0_KEY_DERIVATION) int main( void ) { printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " - "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO and/or " + "PSA_PRE_1_0_KEY_DERIVATION not defined.\n"); return( 0 ); } #else diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b3d27a8b4..f057f7797 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1849,70 +1849,70 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0 # Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":"" PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66" PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" # Test case manually extracted from debug output of TLS-PSK run # Label: "master secret" # Salt: Concatenation of ClientHello.Random and ServerHello.Random PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: HKDF SHA-256, request maximum capacity diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4441e9b4c..b21a8f16d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -545,6 +545,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, seed, seed_length ) ); } +#if defined(PSA_PRE_1_0_KEY_DERIVATION) else { // legacy @@ -554,6 +555,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, seed, seed_length, sizeof( output ) ) ); } +#endif PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); @@ -1776,7 +1778,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ void derive_key_policy( int policy_usage, int policy_alg, int key_type, @@ -4024,7 +4026,7 @@ void key_derivation_init( ) } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ void derive_setup( int key_type_arg, data_t *key_data, int alg_arg, @@ -4063,7 +4065,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ void test_derive_invalid_key_derivation_state( ) { psa_key_handle_t handle = 0; @@ -4199,6 +4201,7 @@ void derive_output( int alg_arg, PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } +#if defined(PSA_PRE_1_0_KEY_DERIVATION) else { // legacy @@ -4207,6 +4210,7 @@ void derive_output( int alg_arg, label->x, label->len, requested_capacity ) ); } +#endif PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); @@ -4295,6 +4299,8 @@ void derive_full( int alg_arg, PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } + +#if defined(PSA_PRE_1_0_KEY_DERIVATION) else { // legacy @@ -4303,6 +4309,7 @@ void derive_full( int alg_arg, label->x, label->len, requested_capacity ) ); } +#endif PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); @@ -4335,7 +4342,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ void derive_key_exercise( int alg_arg, data_t *key_data, data_t *salt, @@ -4395,7 +4402,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ void derive_key_export( int alg_arg, data_t *key_data, data_t *salt, From 083036af64c79c097b90c8eeb23036072ec1bf3b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 10:22:26 +0100 Subject: [PATCH 1360/2197] Safely erase key material upon abort Some key derivation operation contexts (like psa_tls12_prf_key_derivation_t) directly contain buffers with parts of the derived key. Erase them safely as part of the abort. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bf425df38..924b291f4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3902,7 +3902,7 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation { status = PSA_ERROR_BAD_STATE; } - memset( operation, 0, sizeof( *operation ) ); + mbedtls_platform_zeroize( operation, sizeof( *operation ) ); return( status ); } From e3e8166cdd3e27684c63162fea7d0f3c0c18b67c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 14:07:27 +0100 Subject: [PATCH 1361/2197] Move PSA_PRE_1_0_KEY_DERIVATION to crypto_struct.h We want to make the PRF context structure depend on this flag, but crypto_extra.h is included after crypto_struct.h and having the option at its original place would not affect crypto_struct.h. --- include/psa/crypto_extra.h | 10 ---------- include/psa/crypto_struct.h | 11 +++++++++++ 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 3675ac61b..3fc73b9d3 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -224,16 +224,6 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, size_t seed_size); -/* - * If this option is not turned on, then the function `psa_key_derivation()` - * is removed. - * - * The sole purpose of this option is to make the transition to the new API - * smoother. Once the transition is complete it can and should be removed - * along with the old API and its implementation. - */ -#define PSA_PRE_1_0_KEY_DERIVATION - #if defined(PSA_PRE_1_0_KEY_DERIVATION) /** Set up a key derivation operation. * diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 977b021b8..0e0ecb22d 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -191,6 +191,17 @@ typedef struct } psa_hkdf_key_derivation_t; #endif /* MBEDTLS_MD_C */ +/* + * If this option is not turned on, then the function `psa_key_derivation()` + * is removed. And the new psa_tls12_prf_key_derivation_t context is used along + * with the corresponding new API. + * + * The sole purpose of this option is to make the transition to the new API + * smoother. Once the transition is complete it can and should be removed + * along with the old API and its implementation. + */ +#define PSA_PRE_1_0_KEY_DERIVATION + #if defined(MBEDTLS_MD_C) typedef struct psa_tls12_prf_key_derivation_s { From 999f648437ebec0f93021ae7b638f96cc69ca14b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 12:04:10 +0100 Subject: [PATCH 1362/2197] Add new psa_tls12_prf_key_derivation_t As part of adapting TLS 1.2 key derivation to the PSA 1.0 API we need to change the context structure. --- include/psa/crypto_struct.h | 38 +++++++++++++++++++++++++++++++++++++ library/psa_crypto.c | 10 ++++++++++ 2 files changed, 48 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 0e0ecb22d..e6197cb9b 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -203,6 +203,7 @@ typedef struct #define PSA_PRE_1_0_KEY_DERIVATION #if defined(MBEDTLS_MD_C) +#if defined(PSA_PRE_1_0_KEY_DERIVATION) typedef struct psa_tls12_prf_key_derivation_s { /* The TLS 1.2 PRF uses the key for each HMAC iteration, @@ -231,6 +232,43 @@ typedef struct psa_tls12_prf_key_derivation_s uint8_t block_number; } psa_tls12_prf_key_derivation_t; +#else + +typedef enum +{ + TLS12_PRF_STATE_INIT, /* no input provided */ + TLS12_PRF_STATE_SEED_SET, /* seed has been set */ + TLS12_PRF_STATE_KEY_SET, /* key has been set */ + TLS12_PRF_STATE_LABEL_SET, /* label has been set */ + TLS12_PRF_STATE_OUTPUT /* output has been started */ +} psa_tls12_prf_key_derivation_state_t; + +typedef struct psa_tls12_prf_key_derivation_s +{ +#if PSA_HASH_MAX_SIZE > 0xff +#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" +#endif + + /* Indicates how many bytes in the current HMAC block have + * already been read by the user. */ + uint8_t offset_in_block; + + /* The 1-based number of the block. */ + uint8_t block_number; + + psa_tls12_prf_key_derivation_state_t state; + + uint8_t *seed; + size_t seed_length; + uint8_t *label; + size_t label_length; + psa_hmac_internal_data hmac; + uint8_t Ai[PSA_HASH_MAX_SIZE]; + + /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ + uint8_t output_block[PSA_HASH_MAX_SIZE]; +} psa_tls12_prf_key_derivation_t; +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ struct psa_key_derivation_s diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 924b291f4..f4e94bf2f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2122,11 +2122,13 @@ static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac ) return( psa_hash_abort( &hmac->hash_ctx ) ); } +#if defined(PSA_PRE_1_0_KEY_DERIVATION) static void psa_hmac_init_internal( psa_hmac_internal_data *hmac ) { /* Instances of psa_hash_operation_s can be initialized by zeroization. */ memset( hmac, 0, sizeof( *hmac ) ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) @@ -3879,6 +3881,7 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation mbedtls_free( operation->ctx.hkdf.info ); status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac ); } +#if defined(PSA_PRE_1_0_KEY_DERIVATION) else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) @@ -3897,6 +3900,7 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation mbedtls_free( operation->ctx.tls12_prf.Ai_with_seed ); } } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ else #endif /* MBEDTLS_MD_C */ { @@ -4000,6 +4004,7 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd return( PSA_SUCCESS ); } +#if defined(PSA_PRE_1_0_KEY_DERIVATION) static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg ) @@ -4111,7 +4116,9 @@ cleanup: return( status ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ +#if defined(PSA_PRE_1_0_KEY_DERIVATION) /* Read some bytes from an TLS-1.2-PRF-based operation. * See Section 5 of RFC 5246. */ static psa_status_t psa_key_derivation_tls12_prf_read( @@ -4151,6 +4158,7 @@ static psa_status_t psa_key_derivation_tls12_prf_read( return( PSA_SUCCESS ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, @@ -4210,6 +4218,7 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *op status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg, output, output_length ); } +#if defined(PSA_PRE_1_0_KEY_DERIVATION) else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { @@ -4217,6 +4226,7 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *op kdf_alg, output, output_length ); } +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ else #endif /* MBEDTLS_MD_C */ { From 6a1d262803c4808791e082c56116bc709555b2ea Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 10:37:28 +0100 Subject: [PATCH 1363/2197] Adapt psa_key_derivation_abort to the new context --- library/psa_crypto.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f4e94bf2f..6d3260bf8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3881,11 +3881,11 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation mbedtls_free( operation->ctx.hkdf.info ); status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac ); } -#if defined(PSA_PRE_1_0_KEY_DERIVATION) else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { +#if defined(PSA_PRE_1_0_KEY_DERIVATION) if( operation->ctx.tls12_prf.key != NULL ) { mbedtls_platform_zeroize( operation->ctx.tls12_prf.key, @@ -3899,8 +3899,27 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation operation->ctx.tls12_prf.Ai_with_seed_len ); mbedtls_free( operation->ctx.tls12_prf.Ai_with_seed ); } - } +#else + if( operation->ctx.tls12_prf.seed != NULL ) + { + mbedtls_platform_zeroize( operation->ctx.tls12_prf.seed, + operation->ctx.tls12_prf.seed_length ); + mbedtls_free( operation->ctx.tls12_prf.seed ); + } + + if( operation->ctx.tls12_prf.label != NULL ) + { + mbedtls_platform_zeroize( operation->ctx.tls12_prf.label, + operation->ctx.tls12_prf.label_length ); + mbedtls_free( operation->ctx.tls12_prf.label ); + } + + status = psa_hmac_abort_internal( &operation->ctx.tls12_prf.hmac ); + + /* We leave the fields Ai and output_block to be erased safely by the + * mbedtls_platform_zeroize() in the end of this function. */ #endif /* PSA_PRE_1_0_KEY_DERIVATION */ + } else #endif /* MBEDTLS_MD_C */ { From b03233e196002255ff7605d21dd64f10f71355f7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 15:30:30 +0100 Subject: [PATCH 1364/2197] Add stubs for psa_tls12_prf_input --- library/psa_crypto.c | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6d3260bf8..1e20f47cc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4754,6 +4754,41 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, return( PSA_ERROR_INVALID_ARGUMENT ); } } + +#if defined(PSA_PRE_1_0_KEY_DERIVATION) +static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + (void) prf; + (void) hash_alg; + (void) step; + (void) data; + (void) data_length; + + return( PSA_ERROR_INVALID_ARGUMENT ); +} +#else +static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + (void) prf; + (void) hash_alg; + (void) data; + (void) data_length; + + switch( step ) + { + default: + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ static psa_status_t psa_key_derivation_input_raw( @@ -4793,7 +4828,10 @@ static psa_status_t psa_key_derivation_input_raw( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { // To do: implement this - status = PSA_ERROR_NOT_SUPPORTED; + status = psa_tls12_prf_input( &operation->ctx.tls12_prf, + PSA_ALG_HKDF_GET_HASH( kdf_alg ), + step, data, data_length ); + } else #endif /* MBEDTLS_MD_C */ From af3c2a070042be4ba3c83cd63453350966e825b7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 12 Jun 2019 12:34:34 +0100 Subject: [PATCH 1365/2197] Add a test for psa_key_derivation_input --- tests/suites/test_suite_psa_crypto.data | 4 ++ tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f057f7797..08da0474d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1791,6 +1791,10 @@ PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED +PSA key derivation: HKDF-SHA-256, good case +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + PSA key derivation: invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b21a8f16d..7954d33eb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4065,6 +4065,65 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_input( int alg_arg, + int key_type_arg, + int step1_arg, data_t *input1, + int step2_arg, data_t *input2, + int step3_arg, data_t *input3, + int expected_status_arg1, + int expected_status_arg2, + int expected_status_arg3 ) +{ + psa_algorithm_t alg = alg_arg; + size_t key_type = key_type_arg; + psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; + psa_status_t expected_statuses[] = {expected_status_arg1, + expected_status_arg2, + expected_status_arg3}; + data_t *inputs[] = {input1, input2, input3}; + psa_key_handle_t handles[] = {0, 0, 0}; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + size_t i; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + + for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) + { + switch( steps[i] ) + { + case PSA_KEY_DERIVATION_INPUT_SECRET: + PSA_ASSERT( psa_import_key( &attributes, + inputs[i]->x, inputs[i]->len, + &handles[i] ) ); + TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i], + handles[i] ), + expected_statuses[i] ); + break; + default: + TEST_EQUAL( psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len ), + expected_statuses[i] ); + break; + } + } + +exit: + psa_key_derivation_abort( &operation ); + for( i = 0; i < ARRAY_LENGTH( handles ); i++ ) + psa_destroy_key( handles[i] ); + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ void test_derive_invalid_key_derivation_state( ) { From 99dd6acdcec9d9b932521f33a349a9f335187449 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 12 Jun 2019 15:06:40 +0100 Subject: [PATCH 1366/2197] Add test cases for derive_input In the 1.0 API some functionality has been split from the psa_key_derivation_setup() function and is now done with the psa_key_derivation_input_*() functions. The new tests maintain the existing test coverage of this functionality. --- tests/suites/test_suite_psa_crypto.data | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 08da0474d..c008aa483 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1795,6 +1795,22 @@ PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +PSA key derivation: HKDF-SHA-512, good case +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, bad key type +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, good case +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, bad key type +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE + PSA key derivation: invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state: From 4b7effd35af523fbd9dcc163fb8e3bf99b946e01 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 12 Jun 2019 15:27:53 +0100 Subject: [PATCH 1367/2197] Add more tests for TLS 1.2 PRF input --- tests/suites/test_suite_psa_crypto.data | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c008aa483..46baea230 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1807,6 +1807,26 @@ PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +PSA key derivation: TLS 1.2 PRF SHA-256, key first +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, label first +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, early label +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, double seed +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, double key +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE + PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE From b80a94e2ea280322de8282969685ab564acb5201 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 12 Jun 2019 15:54:46 +0100 Subject: [PATCH 1368/2197] Rename psa_key_derivation_input_raw The function dispatches between all the available methods and does not just handle the raw key derivation case like the name suggests. --- library/psa_crypto.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1e20f47cc..96150f854 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4791,7 +4791,7 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ -static psa_status_t psa_key_derivation_input_raw( +static psa_status_t psa_key_derivation_input_internal( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, @@ -4856,8 +4856,8 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *ope case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: case PSA_KEY_DERIVATION_INPUT_SEED: - return( psa_key_derivation_input_raw( operation, step, - data, data_length ) ); + return( psa_key_derivation_input_internal( operation, step, + data, data_length ) ); default: return( PSA_ERROR_INVALID_ARGUMENT ); } @@ -4884,10 +4884,10 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *opera * and leak values derived from the key. So be conservative. */ if( step != PSA_KEY_DERIVATION_INPUT_SECRET ) return( PSA_ERROR_INVALID_ARGUMENT ); - return( psa_key_derivation_input_raw( operation, - step, - slot->data.raw.data, - slot->data.raw.bytes ) ); + return( psa_key_derivation_input_internal( operation, + step, + slot->data.raw.data, + slot->data.raw.bytes ) ); } @@ -4999,8 +4999,9 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * /* Step 2: set up the key derivation to generate key material from * the shared secret. */ - status = psa_key_derivation_input_raw( operation, step, - shared_secret, shared_secret_length ); + status = psa_key_derivation_input_internal( operation, step, + shared_secret, + shared_secret_length ); exit: mbedtls_platform_zeroize( shared_secret, shared_secret_length ); From ef83f5e98eb859ff3baf7cf2662b55a45872c0a0 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 12 Jun 2019 16:05:43 +0100 Subject: [PATCH 1369/2197] Move raw key derivation input to a new function --- library/psa_crypto.c | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 96150f854..ebd98a852 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4791,6 +4791,25 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ +static psa_status_t psa_key_derivation_input_raw( + psa_key_derivation_operation_t *operation, + const uint8_t *data, + size_t data_length ) +{ + if( operation->capacity != 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + operation->ctx.buffer.data = mbedtls_calloc( 1, data_length ); + if( operation->ctx.buffer.data == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + memcpy( operation->ctx.buffer.data, data, data_length ); + operation->ctx.buffer.size = data_length; + operation->capacity = data_length; + + return PSA_SUCCESS; +} + static psa_status_t psa_key_derivation_input_internal( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, @@ -4802,15 +4821,7 @@ static psa_status_t psa_key_derivation_input_internal( if( kdf_alg == PSA_ALG_SELECT_RAW ) { - if( operation->capacity != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - operation->ctx.buffer.data = mbedtls_calloc( 1, data_length ); - if( operation->ctx.buffer.data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( operation->ctx.buffer.data, data, data_length ); - operation->ctx.buffer.size = data_length; - operation->capacity = data_length; - status = PSA_SUCCESS; + status = psa_key_derivation_input_raw( operation, data, data_length ); } else #if defined(MBEDTLS_MD_C) From f08e2654ed55339ebd536eeaaab61b4ef22a4cbd Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 Jun 2019 09:05:41 +0100 Subject: [PATCH 1370/2197] Add seed input for psa_tls12_prf_input --- library/psa_crypto.c | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ebd98a852..a2bf203c6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4771,19 +4771,37 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, return( PSA_ERROR_INVALID_ARGUMENT ); } #else +static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length ) +{ + if( prf->state != TLS12_PRF_STATE_INIT ) + return( PSA_ERROR_BAD_STATE ); + + prf->seed = mbedtls_calloc( 1, data_length ); + if( prf->seed == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + memcpy( prf->seed, data, data_length ); + prf->seed_length = data_length; + + prf->state = TLS12_PRF_STATE_SEED_SET; + + return( PSA_SUCCESS ); +} + static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, psa_algorithm_t hash_alg, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) { - (void) prf; (void) hash_alg; - (void) data; - (void) data_length; switch( step ) { + case PSA_KEY_DERIVATION_INPUT_SEED: + return( psa_tls12_prf_set_seed( prf, data, data_length ) ); default: return( PSA_ERROR_INVALID_ARGUMENT ); } From 8155054e28e92c416f6118af495b79b544135303 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 Jun 2019 14:26:34 +0100 Subject: [PATCH 1371/2197] Add key import for psa_tls12_prf_input --- library/psa_crypto.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a2bf203c6..c84098a6f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4790,18 +4790,36 @@ static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, return( PSA_SUCCESS ); } +static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf, + psa_algorithm_t hash_alg, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status; + if( prf->state != TLS12_PRF_STATE_SEED_SET ) + return( PSA_ERROR_BAD_STATE ); + + status = psa_hmac_setup_internal( &prf->hmac, data, data_length, hash_alg ); + if( status != PSA_SUCCESS ) + return( status ); + + prf->state = TLS12_PRF_STATE_KEY_SET; + + return( PSA_SUCCESS ); +} + static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, psa_algorithm_t hash_alg, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) { - (void) hash_alg; - switch( step ) { case PSA_KEY_DERIVATION_INPUT_SEED: return( psa_tls12_prf_set_seed( prf, data, data_length ) ); + case PSA_KEY_DERIVATION_INPUT_SECRET: + return( psa_tls12_prf_set_key( prf, hash_alg, data, data_length ) ); default: return( PSA_ERROR_INVALID_ARGUMENT ); } From 63028dd906c23a31a67e60db326ba448ccbad493 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 Jun 2019 09:15:47 +0100 Subject: [PATCH 1372/2197] Add label input for psa_tls12_prf_input --- library/psa_crypto.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c84098a6f..bd9fca585 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4808,6 +4808,25 @@ static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf, return( PSA_SUCCESS ); } +static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length ) +{ + if( prf->state != TLS12_PRF_STATE_KEY_SET ) + return( PSA_ERROR_BAD_STATE ); + + prf->label = mbedtls_calloc( 1, data_length ); + if( prf->label == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + memcpy( prf->label, data, data_length ); + prf->label_length = data_length; + + prf->state = TLS12_PRF_STATE_LABEL_SET; + + return( PSA_SUCCESS ); +} + static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, psa_algorithm_t hash_alg, psa_key_derivation_step_t step, @@ -4820,6 +4839,8 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, return( psa_tls12_prf_set_seed( prf, data, data_length ) ); case PSA_KEY_DERIVATION_INPUT_SECRET: return( psa_tls12_prf_set_key( prf, hash_alg, data, data_length ) ); + case PSA_KEY_DERIVATION_INPUT_LABEL: + return( psa_tls12_prf_set_label( prf, data, data_length ) ); default: return( PSA_ERROR_INVALID_ARGUMENT ); } From ba3fab9074b292d3cf219c9d393f0a6715119a1e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 11 Jun 2019 14:50:16 +0100 Subject: [PATCH 1373/2197] Adapt derive_key_policy test to the new API --- tests/suites/test_suite_psa_crypto.data | 6 +++--- tests/suites/test_suite_psa_crypto.function | 20 ++++++++++++++------ 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 46baea230..c9e681746 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -461,7 +461,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key policy: derive via TLS 1.2 PRF, permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key policy: derive via HKDF, not permitted @@ -469,7 +469,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key policy: derive via TLS 1.2 PRF, not permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key policy: derive via HKDF, wrong algorithm @@ -477,7 +477,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: derive via TLS 1.2 PRF, wrong algorithm -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: agreement + KDF, permitted diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 7954d33eb..a049ee8cb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1778,7 +1778,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ +/* BEGIN_CASE */ void derive_key_policy( int policy_usage, int policy_alg, int key_type, @@ -1799,11 +1799,19 @@ void derive_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - status = psa_key_derivation( &operation, handle, - exercise_alg, - NULL, 0, - NULL, 0, - 1 ); + PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); + + if( PSA_ALG_IS_TLS12_PRF( exercise_alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( exercise_alg ) ) + PSA_ASSERT( psa_key_derivation_input_bytes( + &operation, + PSA_KEY_DERIVATION_INPUT_SEED, + (const uint8_t*) "", 0) ); + + status = psa_key_derivation_input_key( &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle ); + if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) PSA_ASSERT( status ); From 16de4a4017b541a86ce226e81ba4b05e1f0a6d38 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 Jun 2019 16:32:24 +0100 Subject: [PATCH 1374/2197] Adapt the derive_setup tests to the new API Part of the tests are adapted in this commit, another part is already covered by the derive_input tests and some of them are not applicable to the new API (the new API does not request capacity at the setup stage). The test coverage temporarily drops with this commit, the two test cases conserning capacity will be re-added in a later commit. --- tests/suites/test_suite_psa_crypto.data | 34 ++++++--------------- tests/suites/test_suite_psa_crypto.function | 27 ++-------------- 2 files changed, 12 insertions(+), 49 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c9e681746..e58abf9ca 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1757,39 +1757,31 @@ key_derivation_init: PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS +derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS - -PSA key derivation: HKDF-SHA-256, bad key type -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT +derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS - -PSA key derivation: TLS 1.2 PRF SHA-256, bad key type -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT +derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS PSA key derivation: not a key derivation algorithm (selection) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_SELECT_RAW:"":"":42:PSA_ERROR_INVALID_ARGUMENT +derive_setup:PSA_ALG_SELECT_RAW:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: not a key derivation algorithm (HMAC) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT +derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED +derive_setup::PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED +derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -1963,17 +1955,9 @@ PSA key derivation: HKDF SHA-1, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" -PSA key derivation: HKDF SHA-256, request too much capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT - -PSA key derivation: HKDF SHA-1, request too much capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C -derive_setup:PSA_KEY_TYPE_DERIVE:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_ALG_HKDF(PSA_ALG_SHA_1):"":"":255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT - PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"":"":100:PSA_ERROR_INVALID_ARGUMENT +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: over capacity 42: output 42+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a049ee8cb..316f2edcd 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4034,41 +4034,20 @@ void key_derivation_init( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ -void derive_setup( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *salt, - data_t *label, - int requested_capacity_arg, - int expected_status_arg ) +/* BEGIN_CASE */ +void derive_setup( int alg_arg, int expected_status_arg ) { - psa_key_handle_t handle = 0; - size_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - size_t requested_capacity = requested_capacity_arg; psa_status_t expected_status = expected_status_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); - - TEST_EQUAL( psa_key_derivation( &operation, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ), + TEST_EQUAL( psa_key_derivation_setup( &operation, alg ), expected_status ); exit: psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); PSA_DONE( ); } /* END_CASE */ From a27c927d4a30fa37a1ccb7f1b2074bd6eedb3ade Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 Jun 2019 09:59:36 +0100 Subject: [PATCH 1375/2197] Add test for psa_key_derivation_set_capacity This commit restores the test coverage to the level before adapting the derive_setup tests. --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ tests/suites/test_suite_psa_crypto.function | 22 +++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e58abf9ca..361308b63 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1955,6 +1955,14 @@ PSA key derivation: HKDF SHA-1, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" +PSA key derivation: HKDF SHA-256, request too much capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256):255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: HKDF SHA-1, request too much capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 316f2edcd..858356d9c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4052,6 +4052,28 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_set_capacity( int alg_arg, int capacity_arg, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + size_t capacity = capacity_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + + TEST_EQUAL( psa_key_derivation_set_capacity( &operation, capacity ), + expected_status ); + +exit: + psa_key_derivation_abort( &operation ); + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void derive_input( int alg_arg, int key_type_arg, From adbec81cc4ec05a4adaeceac9a16b7f3f8b90138 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 Jun 2019 11:05:39 +0100 Subject: [PATCH 1376/2197] Remove the deprecated PSA_ALG_SELECT_RAW option This change affects the psa_key_derivation_s structure. With the buffer removed from the union, it is empty if MBEDTLS_MD_C is not defined. We can avoid undefined behaviour by adding a new dummy field that is always present or make the whole union conditional on MBEDTLS_MD_C. In this latter case the initialiser macro has to depend on MBEDTLS_MD_C as well. Furthermore the first structure would be either psa_hkdf_key_derivation_t or psa_tls12_prf_key_derivation_t both of which are very deep and would make the initialisation macro difficult to maintain, therefore we go with the first option. --- include/psa/crypto_extra.h | 3 - include/psa/crypto_struct.h | 10 ++-- library/psa_crypto.c | 73 +------------------------ tests/suites/test_suite_psa_crypto.data | 4 -- 4 files changed, 7 insertions(+), 83 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 3fc73b9d3..0ab589226 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -283,9 +283,6 @@ psa_status_t psa_key_derivation(psa_key_derivation_operation_t *operation, size_t capacity); #endif /* PSA_PRE_1_0_KEY_DERIVATION */ -/* FIXME Deprecated. Remove this as soon as all the tests are updated. */ -#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001) - /** \addtogroup crypto_types * @{ */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index e6197cb9b..d9e9b86da 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -277,11 +277,8 @@ struct psa_key_derivation_s size_t capacity; union { - struct - { - uint8_t *data; - size_t size; - } buffer; + /* Make the union non-empty even with no supported algorithms. */ + uint8_t dummy; #if defined(MBEDTLS_MD_C) psa_hkdf_key_derivation_t hkdf; psa_tls12_prf_key_derivation_t tls12_prf; @@ -289,7 +286,8 @@ struct psa_key_derivation_s } ctx; }; -#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {{0, 0}}} +/* This only zeroes out the first byte in the union, the rest is unspecified. */ +#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {0}} static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) { const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bd9fca585..31520b8b1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3865,16 +3865,6 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation * nothing to do. */ } else - if( kdf_alg == PSA_ALG_SELECT_RAW ) - { - if( operation->ctx.buffer.data != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.buffer.data, - operation->ctx.buffer.size ); - mbedtls_free( operation->ctx.buffer.data ); - } - } - else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { @@ -4213,23 +4203,6 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *op } operation->capacity -= output_length; - if( kdf_alg == PSA_ALG_SELECT_RAW ) - { - /* Initially, the capacity of a selection operation is always - * the size of the buffer, i.e. `operation->ctx.buffer.size`, - * abbreviated in this comment as `size`. When the remaining - * capacity is `c`, the next bytes to serve start `c` bytes - * from the end of the buffer, i.e. `size - c` from the - * beginning of the buffer. Since `operation->capacity` was just - * decremented above, we need to serve the bytes from - * `size - operation->capacity - output_length` to - * `size - operation->capacity`. */ - size_t offset = - operation->ctx.buffer.size - operation->capacity - output_length; - memcpy( output, operation->ctx.buffer.data + offset, output_length ); - status = PSA_SUCCESS; - } - else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { @@ -4237,16 +4210,17 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *op status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg, output, output_length ); } + else #if defined(PSA_PRE_1_0_KEY_DERIVATION) - else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || + if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf, kdf_alg, output, output_length ); } -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ else +#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ { return( PSA_ERROR_BAD_STATE ); @@ -4509,23 +4483,6 @@ static psa_status_t psa_key_derivation_internal( /* Set operation->alg even on failure so that abort knows what to do. */ operation->alg = alg; - if( alg == PSA_ALG_SELECT_RAW ) - { - (void) salt; - if( salt_length != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - (void) label; - if( label_length != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - operation->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); - if( operation->ctx.buffer.data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( operation->ctx.buffer.data, secret, secret_length ); - operation->ctx.buffer.size = secret_length; - max_capacity = secret_length; - status = PSA_SUCCESS; - } - else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( alg ) ) { @@ -4848,25 +4805,6 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ -static psa_status_t psa_key_derivation_input_raw( - psa_key_derivation_operation_t *operation, - const uint8_t *data, - size_t data_length ) -{ - if( operation->capacity != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - operation->ctx.buffer.data = mbedtls_calloc( 1, data_length ); - if( operation->ctx.buffer.data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - - memcpy( operation->ctx.buffer.data, data, data_length ); - operation->ctx.buffer.size = data_length; - operation->capacity = data_length; - - return PSA_SUCCESS; -} - static psa_status_t psa_key_derivation_input_internal( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, @@ -4876,11 +4814,6 @@ static psa_status_t psa_key_derivation_input_internal( psa_status_t status; psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); - if( kdf_alg == PSA_ALG_SELECT_RAW ) - { - status = psa_key_derivation_input_raw( operation, data, data_length ); - } - else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 361308b63..d9f02715a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1767,10 +1767,6 @@ PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key derivation: not a key derivation algorithm (selection) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup:PSA_ALG_SELECT_RAW:PSA_ERROR_INVALID_ARGUMENT - PSA key derivation: not a key derivation algorithm (HMAC) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT From c56215163fa2abd1d735b75c77866c7b1f9dab80 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 Jun 2019 11:27:57 +0100 Subject: [PATCH 1377/2197] Simplify psa_key_derivation_input_bytes The specific key derivation input functions support a subset of the input options and need to check it anyway. Checking it at the top level is redundant, it brings a very little value and comes with a cost in code size and maintainability. --- library/psa_crypto.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 31520b8b1..7b1d16b78 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4851,17 +4851,11 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *ope const uint8_t *data, size_t data_length ) { - switch( step ) - { - case PSA_KEY_DERIVATION_INPUT_LABEL: - case PSA_KEY_DERIVATION_INPUT_SALT: - case PSA_KEY_DERIVATION_INPUT_INFO: - case PSA_KEY_DERIVATION_INPUT_SEED: - return( psa_key_derivation_input_internal( operation, step, - data, data_length ) ); - default: - return( PSA_ERROR_INVALID_ARGUMENT ); - } + if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + return( psa_key_derivation_input_internal( operation, step, + data, data_length ) ); } psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, From 51f4a0f9acc284fe42535a01aab9dceed3669040 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 14 Jun 2019 11:35:55 +0100 Subject: [PATCH 1378/2197] Style: enforce 80 column limit --- library/psa_crypto.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7b1d16b78..093d2e568 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4846,10 +4846,11 @@ static psa_status_t psa_key_derivation_input_internal( return( status ); } -psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) +psa_status_t psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) { if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4858,9 +4859,10 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *ope data, data_length ) ); } -psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_handle_t handle ) +psa_status_t psa_key_derivation_input_key( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_handle_t handle ) { psa_key_slot_t *slot; psa_status_t status; From 6660f0eb9819c15ddfd6355a4daaffe1c160c1d7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 17 Jun 2019 08:44:03 +0100 Subject: [PATCH 1379/2197] Add TLS 1.2 PSK master secret generation --- library/psa_crypto.c | 74 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 69 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 093d2e568..b64662906 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4727,6 +4727,22 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, return( PSA_ERROR_INVALID_ARGUMENT ); } + +static psa_status_t psa_tls12_prf_psk_to_ms_input( + psa_tls12_prf_key_derivation_t *prf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + (void) prf; + (void) hash_alg; + (void) step; + (void) data; + (void) data_length; + + return( PSA_ERROR_INVALID_ARGUMENT ); +} #else static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, const uint8_t *data, @@ -4765,6 +4781,38 @@ static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf, return( PSA_SUCCESS ); } +static psa_status_t psa_tls12_prf_psk_to_ms_set_key( + psa_tls12_prf_key_derivation_t *prf, + psa_algorithm_t hash_alg, + const uint8_t *data, + size_t data_length ) +{ + psa_status_t status; + unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; + + if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + /* Quoting RFC 4279, Section 2: + * + * The premaster secret is formed as follows: if the PSK is N octets + * long, concatenate a uint16 with the value N, N zero octets, a second + * uint16 with the value N, and the PSK itself. + */ + + pms[0] = ( data_length >> 8 ) & 0xff; + pms[1] = ( data_length >> 0 ) & 0xff; + memset( pms + 2, 0, data_length ); + pms[2 + data_length + 0] = pms[0]; + pms[2 + data_length + 1] = pms[1]; + memcpy( pms + 4 + data_length, data, data_length ); + + status = psa_tls12_prf_set_key( prf, hash_alg, pms, 4 + 2 * data_length ); + + mbedtls_platform_zeroize( pms, sizeof( pms ) ); + return( status ); +} + static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf, const uint8_t *data, size_t data_length ) @@ -4802,6 +4850,20 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, return( PSA_ERROR_INVALID_ARGUMENT ); } } + +static psa_status_t psa_tls12_prf_psk_to_ms_input( + psa_tls12_prf_key_derivation_t *prf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length ) +{ + if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + return( psa_tls12_prf_psk_to_ms_set_key( prf, hash_alg, + data, data_length ) ); + + return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) ); +} #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ @@ -4824,15 +4886,17 @@ static psa_status_t psa_key_derivation_input_internal( else #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) - /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) + if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) { - // To do: implement this status = psa_tls12_prf_input( &operation->ctx.tls12_prf, PSA_ALG_HKDF_GET_HASH( kdf_alg ), step, data, data_length ); - + } + else if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) + { + status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf, + PSA_ALG_HKDF_GET_HASH( kdf_alg ), + step, data, data_length ); } else #endif /* MBEDTLS_MD_C */ From 1468da76a5cf2429b1f99219c8fdfb595a08c9b7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 May 2019 17:35:49 +0200 Subject: [PATCH 1380/2197] Convert derive_output to the new KDF API --- tests/suites/test_suite_psa_crypto.data | 100 ++++++++++---------- tests/suites/test_suite_psa_crypto.function | 64 ++++++------- 2 files changed, 82 insertions(+), 82 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d9f02715a..f618e13db 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1829,127 +1829,127 @@ test_derive_invalid_key_derivation_tests: PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858" PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":"" PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":"" PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":"" PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":"" PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":"" PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" # Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":"" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":"" PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66" PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" # Test case manually extracted from debug output of TLS-PSK run # Label: "master secret" # Salt: Concatenation of ClientHello.Random and ServerHello.Random PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":"" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION -derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: HKDF SHA-256, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" PSA key derivation: HKDF SHA-1, request maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" PSA key derivation: HKDF SHA-256, request too much capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -1965,19 +1965,19 @@ derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KE PSA key derivation: over capacity 42: output 42+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff" PSA key derivation: over capacity 42: output 41+2 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff" PSA key derivation: over capacity 42: output 43+0 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"" PSA key derivation: over capacity 42: output 43+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff" +derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff" PSA key derivation: HKDF SHA-256, read maximum capacity minus 1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 858356d9c..8e638b68d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4213,15 +4213,17 @@ exit: /* BEGIN_CASE */ void derive_output( int alg_arg, - data_t *key_data, - data_t *salt, - data_t *label, + int step1_arg, data_t *input1, + int step2_arg, data_t *input2, + int step3_arg, data_t *input3, int requested_capacity_arg, data_t *expected_output1, data_t *expected_output2 ) { - psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; + psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; + data_t *inputs[] = {input1, input2, input3}; + psa_key_handle_t handles[] = {0, 0, 0}; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = @@ -4234,7 +4236,7 @@ void derive_output( int alg_arg, size_t current_capacity; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; - unsigned i; + size_t i; for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) { @@ -4250,35 +4252,32 @@ void derive_output( int alg_arg, psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &handle ) ); - /* Extraction phase. */ - if( PSA_ALG_IS_HKDF( alg ) ) + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_set_capacity( &operation, + requested_capacity ) ); + for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) { - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_SALT, - salt->x, salt->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - label->x, label->len ) ); + switch( steps[i] ) + { + case 0: + break; + case PSA_KEY_DERIVATION_INPUT_SECRET: + PSA_ASSERT( psa_import_key( &attributes, + inputs[i]->x, inputs[i]->len, + &handles[i] ) ); + PSA_ASSERT( psa_key_derivation_input_key( + &operation, steps[i], + handles[i] ) ); + break; + default: + PSA_ASSERT( psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len ) ); + break; + } } -#if defined(PSA_PRE_1_0_KEY_DERIVATION) - else - { - // legacy - PSA_ASSERT( psa_key_derivation( &operation, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) ); - } -#endif + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); @@ -4321,7 +4320,8 @@ void derive_output( int alg_arg, exit: mbedtls_free( output_buffer ); psa_key_derivation_abort( &operation ); - psa_destroy_key( handle ); + for( i = 0; i < ARRAY_LENGTH( handles ); i++ ) + psa_destroy_key( handles[i] ); PSA_DONE( ); } /* END_CASE */ From 6c6c8fceaac62a570bb89ba7c7b09eb43d50fdb1 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 17 Jun 2019 12:38:20 +0100 Subject: [PATCH 1381/2197] Improve style --- library/psa_crypto.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b64662906..95f9197d1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4131,10 +4131,10 @@ cleanup: /* Read some bytes from an TLS-1.2-PRF-based operation. * See Section 5 of RFC 5246. */ static psa_status_t psa_key_derivation_tls12_prf_read( - psa_tls12_prf_key_derivation_t *tls12_prf, - psa_algorithm_t alg, - uint8_t *output, - size_t output_length ) + psa_tls12_prf_key_derivation_t *tls12_prf, + psa_algorithm_t alg, + uint8_t *output, + size_t output_length ) { psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); @@ -4149,7 +4149,7 @@ static psa_status_t psa_key_derivation_tls12_prf_read( if( n == 0 ) { status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf, - alg ); + alg ); if( status != PSA_SUCCESS ) return( status ); @@ -4170,9 +4170,10 @@ static psa_status_t psa_key_derivation_tls12_prf_read( #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ -psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, - uint8_t *output, - size_t output_length ) +psa_status_t psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *operation, + uint8_t *output, + size_t output_length ) { psa_status_t status; psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); From 7742feea539d5b55ebdb4b9dd03f9a2b3c390d16 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 17 Jun 2019 12:58:10 +0100 Subject: [PATCH 1382/2197] Add stub for new tls12_prf_generate_next_block --- library/psa_crypto.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 95f9197d1..74ca1d671 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4125,6 +4125,50 @@ cleanup: return( status ); } +#else +static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( + psa_tls12_prf_key_derivation_t *tls12_prf, + psa_algorithm_t alg ) +{ + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); + uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + psa_status_t status; + + /* We can't be wanting more output after block 0xff, otherwise + * the capacity check in psa_key_derivation_output_bytes() would have + * prevented this call. It could happen only if the operation + * object was corrupted or if this function is called directly + * inside the library. */ + if( tls12_prf->block_number == 0xff ) + return( PSA_ERROR_BAD_STATE ); + + /* We need a new block */ + ++tls12_prf->block_number; + tls12_prf->offset_in_block = 0; + + /* Recall the definition of the TLS-1.2-PRF from RFC 5246: + * + * PRF(secret, label, seed) = P_(secret, label + seed) + * + * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + + * HMAC_hash(secret, A(2) + seed) + + * HMAC_hash(secret, A(3) + seed) + ... + * + * A(0) = seed + * A(i) = HMAC_hash( secret, A(i-1) ) + * + * The `psa_tls12_prf_key_derivation` structures saves the block + * `HMAC_hash(secret, A(i) + seed)` from which the output + * is currently extracted as `output_block`. + */ + + (void) hash_length; + (void) status; + +cleanup: + + return( PSA_ERROR_NOT_SUPPORTED ); +} #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #if defined(PSA_PRE_1_0_KEY_DERIVATION) From 844eb0e5fae1f1f9e1cae45cfa08e34caa587e1e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 19 Jun 2019 12:10:49 +0100 Subject: [PATCH 1383/2197] Add tls12_prf_read for the new API Technically we could have reused the old one for the new API, but then we had to set an extra field during setup. The new version works when all the fields that haven't been set explicitely are zero-initialised. --- include/psa/crypto_struct.h | 4 ++-- library/psa_crypto.c | 41 ++++++++++++++++++++++++++++++++++++- 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index d9e9b86da..fdf78a8eb 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -250,8 +250,8 @@ typedef struct psa_tls12_prf_key_derivation_s #endif /* Indicates how many bytes in the current HMAC block have - * already been read by the user. */ - uint8_t offset_in_block; + * not yet been read by the user. */ + uint8_t left_in_block; /* The 1-based number of the block. */ uint8_t block_number; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 74ca1d671..ba9b3e346 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4144,7 +4144,7 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( /* We need a new block */ ++tls12_prf->block_number; - tls12_prf->offset_in_block = 0; + tls12_prf->left_in_block = hash_length; /* Recall the definition of the TLS-1.2-PRF from RFC 5246: * @@ -4211,6 +4211,45 @@ static psa_status_t psa_key_derivation_tls12_prf_read( return( PSA_SUCCESS ); } +#else +static psa_status_t psa_key_derivation_tls12_prf_read( + psa_tls12_prf_key_derivation_t *tls12_prf, + psa_algorithm_t alg, + uint8_t *output, + size_t output_length ) +{ + psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); + uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); + psa_status_t status; + uint8_t offset, length; + + while( output_length != 0 ) + { + /* Check if we have fully processed the current block. */ + if( tls12_prf->left_in_block == 0 ) + { + status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf, + alg ); + if( status != PSA_SUCCESS ) + return( status ); + + continue; + } + + if( tls12_prf->left_in_block > output_length ) + length = (uint8_t) output_length; + else + length = tls12_prf->left_in_block; + + offset = hash_length - tls12_prf->left_in_block; + memcpy( output, tls12_prf->output_block + offset, length ); + output += length; + output_length -= length; + tls12_prf->left_in_block -= length; + } + + return( PSA_SUCCESS ); +} #endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ From ea29bfb14893c8334558269488dcb92396449b30 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 19 Jun 2019 12:21:20 +0100 Subject: [PATCH 1384/2197] Add tls12_prf key derivation to the new API The TLS 1.2 pseudorandom function does a lot of distinct HMAC operations with the same key. To save the battery and CPU cycles spent on calculating the paddings and hashing the inner padding, we keep the hash context in the status right after the inner padding having been hashed and clone it as needed. --- library/psa_crypto.c | 77 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 69 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ba9b3e346..153bc6d97 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4132,7 +4132,8 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( { psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); - psa_status_t status; + psa_hash_operation_t backup = PSA_HASH_OPERATION_INIT; + psa_status_t status, cleanup_status; /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have @@ -4155,19 +4156,81 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * HMAC_hash(secret, A(3) + seed) + ... * * A(0) = seed - * A(i) = HMAC_hash( secret, A(i-1) ) + * A(i) = HMAC_hash(secret, A(i-1)) * - * The `psa_tls12_prf_key_derivation` structures saves the block + * The `psa_tls12_prf_key_derivation` structure saves the block * `HMAC_hash(secret, A(i) + seed)` from which the output * is currently extracted as `output_block`. */ - (void) hash_length; - (void) status; + /* Save the hash context before using it, to preserve the hash state with + * only the inner padding in it. We need this, because inner padding depends + * on the key (secret in the RFC's terminology). */ + status = psa_hash_clone( &tls12_prf->hmac.hash_ctx, &backup ); + if( status != PSA_SUCCESS ) + goto cleanup; + + /* Calculate A(i) where i = tls12_prf->block_number. */ + if( tls12_prf->block_number == 1 ) + { + /* A(1) = HMAC_hash(secret, A(0)), where A(0) = seed. (The RFC overloads + * the variable seed and in this instance means it in the context of the + * P_hash function, where seed = label + seed.) */ + status = psa_hash_update( &tls12_prf->hmac.hash_ctx, + tls12_prf->label, tls12_prf->label_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hash_update( &tls12_prf->hmac.hash_ctx, + tls12_prf->seed, tls12_prf->seed_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + } + else + { + /* A(i) = HMAC_hash(secret, A(i-1)) */ + status = psa_hash_update( &tls12_prf->hmac.hash_ctx, + tls12_prf->Ai, hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + } + + status = psa_hmac_finish_internal( &tls12_prf->hmac, + tls12_prf->Ai, hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hash_clone( &backup, &tls12_prf->hmac.hash_ctx ); + if( status != PSA_SUCCESS ) + goto cleanup; + + /* Calculate HMAC_hash(secret, A(i) + label + seed). */ + status = psa_hash_update( &tls12_prf->hmac.hash_ctx, + tls12_prf->Ai, hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hash_update( &tls12_prf->hmac.hash_ctx, + tls12_prf->label, tls12_prf->label_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hash_update( &tls12_prf->hmac.hash_ctx, + tls12_prf->seed, tls12_prf->seed_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hmac_finish_internal( &tls12_prf->hmac, + tls12_prf->output_block, hash_length ); + if( status != PSA_SUCCESS ) + goto cleanup; + status = psa_hash_clone( &backup, &tls12_prf->hmac.hash_ctx ); + if( status != PSA_SUCCESS ) + goto cleanup; + cleanup: - return( PSA_ERROR_NOT_SUPPORTED ); + cleanup_status = psa_hash_abort( &backup ); + if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS ) + status = cleanup_status; + + return( status ); } #endif /* PSA_PRE_1_0_KEY_DERIVATION */ @@ -4295,7 +4358,6 @@ psa_status_t psa_key_derivation_output_bytes( output, output_length ); } else -#if defined(PSA_PRE_1_0_KEY_DERIVATION) if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { @@ -4304,7 +4366,6 @@ psa_status_t psa_key_derivation_output_bytes( output_length ); } else -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ { return( PSA_ERROR_BAD_STATE ); From 5fe19734d509b2fe36471ed0a15385ce51c52bd6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 20 Jun 2019 15:09:30 +0100 Subject: [PATCH 1385/2197] Make key derivation initialisation consistent The macro initialiser might leave bytes in the union unspecified. Zeroising it in setup makes sure that the behaviour is the same independently of the initialisation method used. --- library/psa_crypto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 153bc6d97..9d02a971d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4740,6 +4740,10 @@ static psa_status_t psa_key_derivation_setup_kdf( psa_key_derivation_operation_t *operation, psa_algorithm_t kdf_alg ) { + /* Make sure that operation->ctx is properly zero-initialised. (Macro + * initialisers for this union leave some bytes unspecified.) */ + memset( &operation->ctx, 0, sizeof( operation->ctx ) ); + /* Make sure that kdf_alg is a supported key derivation algorithm. */ #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) || From 30090bc2cfcddc8e321507a9e4e72acdd496f821 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 Jun 2019 10:15:04 +0100 Subject: [PATCH 1386/2197] Fix error code PSA_ERROR_BAD_STATE means that the function was called on a context in a bad state. This error is something that can't happen while only using the PSA API and therefore a PSA_ERROR_CORRUPTION_DETECTED is a more appropriate error code. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9d02a971d..4b7ae1f7c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4141,7 +4141,7 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * object was corrupted or if this function is called directly * inside the library. */ if( tls12_prf->block_number == 0xff ) - return( PSA_ERROR_BAD_STATE ); + return( PSA_ERROR_CORRUPTION_DETECTED ); /* We need a new block */ ++tls12_prf->block_number; From c93a43bed677d21cde1bc6072db77d97c8e091b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 11:21:41 +0200 Subject: [PATCH 1387/2197] Improve documentation --- include/psa/crypto_se_driver.h | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index b7a37133b..85247051e 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -972,8 +972,8 @@ typedef struct { * the end of this structure. */ typedef struct { - /** The version of the driver model that this driver implements. - * This is a protection against linking driver binaries built against + /** The version of the driver HAL that this driver implements. + * This is a protection against loading driver binaries built against * a different version of this specification. * Use #PSA_DRV_SE_HAL_VERSION. */ @@ -986,12 +986,12 @@ typedef struct { psa_drv_se_key_derivation_t derivation; } psa_drv_se_t; -/** The current version of the opaque driver model. +/** The current version of the secure element driver HAL. */ /* 0.0.0 patchlevel 5 */ #define PSA_DRV_SE_HAL_VERSION 0x00000005 -/** Register an external cryptoprocessor driver. +/** Register an external cryptoprocessor (secure element) driver. * * This function is only intended to be used by driver code, not by * application code. In implementations with separation between the @@ -1004,11 +1004,18 @@ typedef struct { * implementation-defined whether this function may be called * after psa_crypto_init(). * + * \note Implementations store metadata about keys including the lifetime + * value. Therefore, from one instantiation of the PSA Cryptography + * library to the next one, if there is a key in storage with a certain + * lifetime value, you must always register the same driver (or an + * updated version that communicates with the same secure element) + * with the same lifetime value. + * * \param lifetime The lifetime value through which this driver will * be exposed to applications. * The values #PSA_KEY_LIFETIME_VOLATILE and * #PSA_KEY_LIFETIME_PERSISTENT are reserved and - * may not be used for opaque drivers. Implementations + * may not be used for drivers. Implementations * may reserve other values. * \param[in] methods The method table of the driver. This structure must * remain valid for as long as the cryptography @@ -1026,9 +1033,9 @@ typedef struct { * \return PSA_ERROR_ALREADY_EXISTS * There is already a registered driver for this value of \p lifetime. * \return PSA_ERROR_INVALID_ARGUMENT - * \p lifetime is a reserved value + * \p lifetime is a reserved value. * \return PSA_ERROR_NOT_SUPPORTED - * `methods->interface_version` is not supported by this implementation. + * `methods->hal_version` is not supported by this implementation. * \return PSA_ERROR_INSUFFICIENT_MEMORY * \return PSA_ERROR_NOT_PERMITTED */ From d85a7e9b09fe3998be72667e965b74d97d4b2df5 Mon Sep 17 00:00:00 2001 From: Ashley Duncan Date: Mon, 29 Apr 2019 20:35:06 +1200 Subject: [PATCH 1388/2197] Remove use of CMAKE_SOURCE_DIR Remove use of CMAKE_SOURCE_DIR in case mbedtls is built from within another CMake project. Define MBEDTLS_DIR to ${CMAKE_CURRENT_SOURCE_DIR} in the main CMakeLists.txt file and refer to that when defining target include paths to enable mbedtls to be built as a sub project. Fixes https://github.com/ARMmbed/mbedtls/issues/2609 Signed-off-by: Ashley Duncan Signed-off-by: Jaeden Amero --- CMakeLists.txt | 3 +++ library/CMakeLists.txt | 21 ++++++++++++++------- tests/CMakeLists.txt | 13 ++++++++++--- 3 files changed, 27 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 5d29839e0..c512ad628 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,6 +5,9 @@ else() project("mbed TLS" C) endif() +# Set the project root directory. +set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) + option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 61bc13d32..6b2a8508a 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -2,6 +2,13 @@ option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) +# Set the project root directory if it's not already defined, as may happen if +# the library folder is included directly by a parent project, without +# including the top level CMakeLists.txt. +if(NOT DEFINED MBEDTLS_DIR) + set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) +endif() + set(src_crypto aes.c aesni.c @@ -72,9 +79,9 @@ set(src_crypto if(USE_CRYPTO_SUBMODULE) set(src_crypto ${src_crypto} - ${CMAKE_SOURCE_DIR}/library/version.c - ${CMAKE_SOURCE_DIR}/library/version_features.c - ${CMAKE_SOURCE_DIR}/library/error.c + ${MBEDTLS_DIR}/library/version.c + ${MBEDTLS_DIR}/library/version_features.c + ${MBEDTLS_DIR}/library/error.c ) else() set(src_crypto @@ -133,8 +140,8 @@ if(USE_STATIC_MBEDTLS_LIBRARY) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} ${libs}) target_include_directories(${mbedcrypto_static_target} - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/) install(TARGETS ${mbedcrypto_static_target} DESTINATION ${LIB_INSTALL_DIR} @@ -146,8 +153,8 @@ if(USE_SHARED_MBEDTLS_LIBRARY) set_target_properties(mbedcrypto PROPERTIES VERSION 2.17.0 SOVERSION 3) target_link_libraries(mbedcrypto ${libs}) target_include_directories(mbedcrypto - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/) install(TARGETS mbedcrypto DESTINATION ${LIB_INSTALL_DIR} diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 42d99d623..9dc190816 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -2,6 +2,13 @@ set(libs mbedcrypto ) +# Set the project root directory if it's not already defined, as may happen if +# the tests folder is included directly by a parent project, without including +# the top level CMakeLists.txt. +if(NOT DEFINED MBEDTLS_DIR) + set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) +endif() + find_package(Perl) if(NOT PERL_FOUND) message(FATAL_ERROR "Cannot build test suites without Perl") @@ -43,9 +50,9 @@ function(add_test_suite suite_name) add_executable(${exe_name} test_suite_${data_name}.c) target_link_libraries(${exe_name} ${libs}) target_include_directories(${exe_name} - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/ - PRIVATE ${CMAKE_SOURCE_DIR}/crypto/library/) + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/ + PRIVATE ${MBEDTLS_DIR}/crypto/library/) if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") From 77dd25d98fc5c42b4aafe11ad4e067085509e603 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 Jun 2019 17:17:48 +0100 Subject: [PATCH 1389/2197] tests: Enable building with add_subdirectory() When building Mbed Crypto when including it via CMake's `add_subdirectory()`, the tests are also built by default. This means all headers the tests need must be public, in order for the build of the tests to have access to the headers. --- tests/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 9dc190816..fd48a227e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -52,7 +52,7 @@ function(add_test_suite suite_name) target_include_directories(${exe_name} PUBLIC ${MBEDTLS_DIR}/include/ PUBLIC ${MBEDTLS_DIR}/crypto/include/ - PRIVATE ${MBEDTLS_DIR}/crypto/library/) + PUBLIC ${MBEDTLS_DIR}/crypto/library/) if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") From e8451f22740cba05488ba7489ce72368c7224fad Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 Jun 2019 17:38:22 +0100 Subject: [PATCH 1390/2197] CMake: Add a subdirectory build regression test If we have a regression with the "build Mbed Crypto as a subdirectory with CMake" feature and fail to build, fail the test. --- programs/test/cmake_subproject/.gitignore | 3 + programs/test/cmake_subproject/CMakeLists.txt | 17 ++++++ .../test/cmake_subproject/cmake_subproject.c | 56 +++++++++++++++++++ tests/scripts/all.sh | 18 ++++++ 4 files changed, 94 insertions(+) create mode 100644 programs/test/cmake_subproject/.gitignore create mode 100644 programs/test/cmake_subproject/CMakeLists.txt create mode 100644 programs/test/cmake_subproject/cmake_subproject.c diff --git a/programs/test/cmake_subproject/.gitignore b/programs/test/cmake_subproject/.gitignore new file mode 100644 index 000000000..464833b93 --- /dev/null +++ b/programs/test/cmake_subproject/.gitignore @@ -0,0 +1,3 @@ +build +Makefile +cmake_subproject diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt new file mode 100644 index 000000000..3afbdb21e --- /dev/null +++ b/programs/test/cmake_subproject/CMakeLists.txt @@ -0,0 +1,17 @@ +cmake_minimum_required(VERSION 2.6) + +# We use the parent Mbed TLS directory as the MBEDTLS_DIR for this test. Other +# projects that use Mbed TLS as a subproject are likely to add by their own +# relative paths. +set(MBEDTLS_DIR ../../../) + +# Add Mbed TLS as a subdirectory. +add_subdirectory(${MBEDTLS_DIR} build) + +# Link against the Mbed Crypto library. +set(libs + mbedcrypto +) + +add_executable(cmake_subproject cmake_subproject.c) +target_link_libraries(cmake_subproject ${libs}) diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c new file mode 100644 index 000000000..ca899bcaf --- /dev/null +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -0,0 +1,56 @@ +/* + * Simple program to test that CMake builds with Mbed TLS as a subdirectory + * work correctly. + * + * Copyright (C) 2006-2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#include "mbedtls/version.h" + +/* The main reason to build this is for testing the CMake build, so the program + * doesn't need to do very much. It calls a single library function to ensure + * linkage works, but that is all. */ +int main() +{ + /* This version string is 18 bytes long, as advised by version.h. */ + char version[18]; + + mbedtls_version_get_string_full( version ); + + mbedtls_printf( "Built against %s\n", version ); + + return( 0 ); +} diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b38c7d457..25c0db984 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -218,6 +218,11 @@ cleanup() git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile + # Remove any artifacts from the component_test_cmake_as_subdirectory test. + rm -rf programs/test/cmake_subproject/build + rm -f programs/test/cmake_subproject/Makefile + rm -f programs/test/cmake_subproject/cmake_subproject + if [ -f "$CONFIG_BAK" ]; then mv "$CONFIG_BAK" "$CONFIG_H" fi @@ -1046,6 +1051,19 @@ component_test_cmake_out_of_source () { unset MBEDTLS_ROOT_DIR } +component_test_cmake_as_subdirectory () { + msg "build: cmake 'as-subdirectory' build" + MBEDTLS_ROOT_DIR="$PWD" + + cd programs/test/cmake_subproject + cmake . + make + if_build_succeeded ./cmake_subproject + + cd "$MBEDTLS_ROOT_DIR" + unset MBEDTLS_ROOT_DIR +} + component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by # different combinations of compilers and optimization flags by using an From 76c398447715430e0ac7b3e933526a9bf3d4b343 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 Jun 2019 12:50:36 +0100 Subject: [PATCH 1391/2197] Clarify TLS PRF algorithm description --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4b7ae1f7c..766223f25 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4160,7 +4160,8 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * * The `psa_tls12_prf_key_derivation` structure saves the block * `HMAC_hash(secret, A(i) + seed)` from which the output - * is currently extracted as `output_block`. + * is currently extracted as `output_block` and where i is + * `block_number`. */ /* Save the hash context before using it, to preserve the hash state with From 40e13938168af152db8e3ce9b02e1b0bca91735c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 26 Jun 2019 13:22:29 +0100 Subject: [PATCH 1392/2197] Optimize TLS PRF PSK key calculation --- library/psa_crypto.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 766223f25..e821ef682 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4939,6 +4939,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( { psa_status_t status; unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; + unsigned char* cur = pms; if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4950,14 +4951,16 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - pms[0] = ( data_length >> 8 ) & 0xff; - pms[1] = ( data_length >> 0 ) & 0xff; - memset( pms + 2, 0, data_length ); - pms[2 + data_length + 0] = pms[0]; - pms[2 + data_length + 1] = pms[1]; - memcpy( pms + 4 + data_length, data, data_length ); + *cur++ = ( data_length >> 8 ) & 0xff; + *cur++ = ( data_length >> 0 ) & 0xff; + memset( cur, 0, data_length ); + cur += data_length; + *cur++ = pms[0]; + *cur++ = pms[1]; + memcpy( cur, data, data_length ); + cur += data_length; - status = psa_tls12_prf_set_key( prf, hash_alg, pms, 4 + 2 * data_length ); + status = psa_tls12_prf_set_key( prf, hash_alg, pms, cur - pms ); mbedtls_platform_zeroize( pms, sizeof( pms ) ); return( status ); From 0291cb71806c6f4e0d9f1e73e63adacaa83d9e18 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Wed, 26 Jun 2019 15:52:12 +0200 Subject: [PATCH 1393/2197] Add an alternarive full build component to all.sh --- tests/scripts/all.sh | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b38c7d457..224322312 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -602,13 +602,23 @@ component_test_full_cmake_clang () { CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . make - msg "test: main suites (full config)" # ~ 5s + msg "test: main suites (full config, clang)" # ~ 5s make test - msg "test: psa_constant_names (full config)" # ~ 1s + msg "test: psa_constant_names (full config, clang)" # ~ 1s record_status tests/scripts/test_psa_constant_names.py } +component_test_full_make_gcc () { + msg "build: make, full config, gcc" # ~ 50s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + make + + msg "test: main suites (full config, gcc)" # ~ 5s + make test +} + component_build_deprecated () { msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s scripts/config.pl full From a8ade16ffd4e8466be75a03fbec4e98cb4db479f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 11:24:49 +0200 Subject: [PATCH 1394/2197] Gate secure element support by a separate config option Secure element support has its own source file, and in addition requires many hooks in other files. This is a nontrivial amount of code, so make it optional (but default on). --- include/mbedtls/check_config.h | 6 ++++++ include/mbedtls/config.h | 13 +++++++++++++ library/psa_crypto.c | 4 ++++ library/psa_crypto_se.c | 4 ++-- library/version_features.c | 3 +++ programs/test/query_config.c | 8 ++++++++ scripts/config.pl | 1 + tests/scripts/all.sh | 5 +++++ .../test_suite_psa_crypto_se_driver_hal.function | 2 +- 9 files changed, 43 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 78bf131e0..13210746d 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -458,6 +458,12 @@ #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) && \ + ! ( defined(MBEDTLS_PSA_CRYPTO_C) && \ + defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) ) +#error "MBEDTLS_PSA_CRYPTO_SE_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ ! defined(MBEDTLS_PSA_CRYPTO_C) #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 56ad01c40..0e8d7550e 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1709,6 +1709,19 @@ */ #define MBEDTLS_PSA_CRYPTO_C +/** + * \def MBEDTLS_PSA_CRYPTO_SE_C + * + * Enable secure element support in the Platform Security Architecture + * cryptography API. + * + * Module: library/psa_crypto_se.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C + * + */ +#define MBEDTLS_PSA_CRYPTO_SE_C + /** * \def MBEDTLS_PSA_CRYPTO_STORAGE_C * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7e2007129..8789084d1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -32,7 +32,9 @@ #include "psa_crypto_core.h" #include "psa_crypto_invasive.h" +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #include "psa_crypto_se.h" +#endif #include "psa_crypto_slot_management.h" /* Include internal declarations that are useful for implementing persistently * stored keys. */ @@ -5212,9 +5214,11 @@ void mbedtls_psa_crypto_free( void ) * In particular, this sets all state indicator to the value * indicating "uninitialized". */ mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Unregister all secure element drivers, so that we restart from * a pristine state. */ psa_unregister_all_se_drivers( ); +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ } psa_status_t psa_crypto_init( void ) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 32142eb9a..814c6a003 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -25,7 +25,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #include @@ -76,4 +76,4 @@ void psa_unregister_all_se_drivers( void ) memset( driver_table, 0, sizeof( driver_table ) ); } -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ diff --git a/library/version_features.c b/library/version_features.c index 4f1da6aea..57015986c 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -555,6 +555,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_C) "MBEDTLS_PSA_CRYPTO_C", #endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + "MBEDTLS_PSA_CRYPTO_SE_C", +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) "MBEDTLS_PSA_CRYPTO_STORAGE_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index fc25353fa..ee754d9b0 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1509,6 +1509,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( strcmp( "MBEDTLS_PSA_CRYPTO_SE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SE_C ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 ) { diff --git a/scripts/config.pl b/scripts/config.pl index b66790514..05cc52e64 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -107,6 +107,7 @@ MBEDTLS_MEMORY_BACKTRACE MBEDTLS_MEMORY_BUFFER_ALLOC_C MBEDTLS_PLATFORM_TIME_ALT MBEDTLS_PLATFORM_FPRINTF_ALT +MBEDTLS_PSA_CRYPTO_SE_C MBEDTLS_PSA_CRYPTO_STORAGE_C MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C MBEDTLS_PSA_ITS_FILE_C diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b38c7d457..c1e1ffe24 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -709,6 +709,7 @@ component_test_no_platform () { scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl unset MBEDTLS_FS_IO + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C @@ -894,6 +895,7 @@ component_build_arm_none_eabi_gcc () { scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED @@ -913,6 +915,7 @@ component_build_arm_none_eabi_gcc_no_udbl_division () { scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED @@ -935,6 +938,7 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED @@ -957,6 +961,7 @@ component_build_armcc () { scripts/config.pl unset MBEDTLS_TIMING_C scripts/config.pl unset MBEDTLS_FS_IO scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.pl unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 522065a90..b9d0a1f0a 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -10,7 +10,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PSA_CRYPTO_C + * depends_on:MBEDTLS_PSA_CRYPTO_SE_C * END_DEPENDENCIES */ From 9717d107ca5bcc8d9a32b0cae64686297b942f36 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 11:50:04 +0200 Subject: [PATCH 1395/2197] Explain that lifetime=0 from static initialization means VOLATILE --- library/psa_crypto_se.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 814c6a003..688d4e7c8 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -27,6 +27,7 @@ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#include #include #include "psa_crypto_se.h" @@ -47,6 +48,12 @@ psa_status_t psa_register_se_driver( if( methods->hal_version != PSA_DRV_SE_HAL_VERSION ) return( PSA_ERROR_NOT_SUPPORTED ); + /* Driver table entries are 0-initialized. 0 is not a valid driver + * lifetime because it means a volatile key. */ +#if defined(static_assert) + static_assert( PSA_KEY_LIFETIME_VOLATILE == 0, + "Secure element support requires 0 to mean a volatile key" ); +#endif if( lifetime == PSA_KEY_LIFETIME_VOLATILE || lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { From 651447905c56c1eebf656658a898dbe4590c6174 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 11:50:30 +0200 Subject: [PATCH 1396/2197] Fix typo in invalid-lifetime test and add explicit test for 0 --- tests/suites/test_suite_psa_crypto_se_driver_hal.data | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 20a06e843..c04b70d96 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -6,11 +6,14 @@ register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS Register SE driver: good, again register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS +Register SE driver: invalid lifetime (0) +register_one:0:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT + Register SE driver: invalid lifetime (VOLATILE) register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT Register SE driver: invalid lifetime (PERSISTENT) -register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT +register_one:PSA_KEY_LIFETIME_PERSISTENT:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT Register SE driver: invalid version (ancient) register_one:2:0x00000003:PSA_ERROR_NOT_SUPPORTED From 5559b31b6b120b9685ab30d463ca959ebfa8dab3 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Thu, 27 Jun 2019 11:28:11 +0200 Subject: [PATCH 1397/2197] Disable optimizations for the full+make+gcc all.sh component --- tests/scripts/all.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 224322312..be0eb2a55 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -609,13 +609,13 @@ component_test_full_cmake_clang () { record_status tests/scripts/test_psa_constant_names.py } -component_test_full_make_gcc () { - msg "build: make, full config, gcc" # ~ 50s +component_test_full_make_gcc_o0 () { + msg "build: make, full config, gcc -O0" # ~ 50s scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests - make + make CC=gcc CFLAGS='-O0' - msg "test: main suites (full config, gcc)" # ~ 5s + msg "test: main suites (full config, gcc -O0)" # ~ 5s make test } From 0c1ed84258101607d8edea561e2457044074b1e6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 28 Jun 2019 13:35:36 +0100 Subject: [PATCH 1398/2197] Improve style --- library/psa_crypto.c | 2 ++ tests/suites/test_suite_psa_crypto.function | 2 ++ 2 files changed, 4 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e821ef682..953a3ede5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5012,8 +5012,10 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input( size_t data_length ) { if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + { return( psa_tls12_prf_psk_to_ms_set_key( prf, hash_alg, data, data_length ) ); + } return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8e638b68d..48f533764 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1803,10 +1803,12 @@ void derive_key_policy( int policy_usage, if( PSA_ALG_IS_TLS12_PRF( exercise_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( exercise_alg ) ) + { PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SEED, (const uint8_t*) "", 0) ); + } status = psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, From d6dce9f4f310efc7f60f23d1e7987fe4f7501f4b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 4 Jul 2019 09:11:38 +0100 Subject: [PATCH 1399/2197] Fix zero-length seed or label in TLS 1.2 PRF The psa_tls12_prf_set_seed() and psa_tls12_prf_set_label() functions did not work on platforms where malloc(0) returns NULL. It does not affect the TLS use case but these PRFs are used in other protocols as well and might not be used the same way. For example EAP uses the TLS PRF with an empty secret. (This would not trigger the bug, but is a strong indication that it is not safe to assume that certain inputs to this function are not zero length.) The conditional block includes the memcpy() call as well to avoid passing a NULL pointer as a parameter resulting in undefined behaviour. The current tests are already using zero length label and seed, there is no need to add new test for this bug. --- library/psa_crypto.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 953a3ede5..a47f9567d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4901,12 +4901,15 @@ static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, if( prf->state != TLS12_PRF_STATE_INIT ) return( PSA_ERROR_BAD_STATE ); - prf->seed = mbedtls_calloc( 1, data_length ); - if( prf->seed == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if( data_length != 0 ) + { + prf->seed = mbedtls_calloc( 1, data_length ); + if( prf->seed == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( prf->seed, data, data_length ); - prf->seed_length = data_length; + memcpy( prf->seed, data, data_length ); + prf->seed_length = data_length; + } prf->state = TLS12_PRF_STATE_SEED_SET; @@ -4973,12 +4976,15 @@ static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf if( prf->state != TLS12_PRF_STATE_KEY_SET ) return( PSA_ERROR_BAD_STATE ); - prf->label = mbedtls_calloc( 1, data_length ); - if( prf->label == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if( data_length != 0 ) + { + prf->label = mbedtls_calloc( 1, data_length ); + if( prf->label == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( prf->label, data, data_length ); - prf->label_length = data_length; + memcpy( prf->label, data, data_length ); + prf->label_length = data_length; + } prf->state = TLS12_PRF_STATE_LABEL_SET; From 653a4a2fba9739c7a9e048f2a5a4bbfeb1f4e4c0 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Wed, 3 Jul 2019 14:31:09 +0200 Subject: [PATCH 1400/2197] Prevent dead code warning The window size variable in ecp_pick_window_size() can take values 4, 5 or 6, but we clamp it not to exceed the value of MBEDTLS_ECP_WINDOW_SIZE. If that is 6 (default) or higher, the static analyzer will point out that the test: w > MBEDTLS_ECP_WINDOW_SIZE always evaluates to false. This commit removes the test for the cases of the window size large enough to fit all the potential values of the variable. --- library/ecp.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ecp.c b/library/ecp.c index 03f5fefd4..ccc0788c2 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2004,8 +2004,10 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, * Make sure w is within bounds. * (The last test is useful only for very small curves in the test suite.) */ +#if( MBEDTLS_ECP_WINDOW_SIZE < 6 ) if( w > MBEDTLS_ECP_WINDOW_SIZE ) w = MBEDTLS_ECP_WINDOW_SIZE; +#endif if( w >= grp->nbits ) w = 2; From 7607cd6e576b3c4ea0430fb0989b56975e56fd56 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 May 2019 17:35:00 +0200 Subject: [PATCH 1401/2197] Convert exercise_key_derivation_key to the new KDF API --- tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++++------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 48f533764..de88bfb0d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -530,9 +530,9 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, if( usage & PSA_KEY_USAGE_DERIVE ) { + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, label, @@ -545,17 +545,26 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, seed, seed_length ) ); } -#if defined(PSA_PRE_1_0_KEY_DERIVATION) + else if( PSA_ALG_IS_TLS12_PRF( alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) + { + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, + PSA_KEY_DERIVATION_INPUT_SEED, + seed, + seed_length ) ); + PSA_ASSERT( psa_key_derivation_input_key( &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, + PSA_KEY_DERIVATION_INPUT_LABEL, + label, + label_length ) ); + } else { - // legacy - PSA_ASSERT( psa_key_derivation( &operation, - handle, alg, - label, label_length, - seed, seed_length, - sizeof( output ) ) ); + TEST_ASSERT( ! "Key derivation algorithm not supported" ); } -#endif + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); From 46d9fbc4a9ed2814c6850303a8088884c4df26d6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 2 Jul 2019 13:42:16 +0100 Subject: [PATCH 1402/2197] Add test cases for exercise_key_derivation_key --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f618e13db..61faed49e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1466,6 +1466,14 @@ PSA import/exercise: ECP SECP256R1 keypair, ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH +PSA import/exercise: HKDF SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_HKDF(PSA_ALG_SHA_256) + +PSA import/exercise: TLS 1.2 PRF SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) + PSA sign: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" From 47f27ed752488a8193096c719692339fd6cd8324 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 Jun 2019 13:24:52 +0100 Subject: [PATCH 1403/2197] Convert derive_full test to the new KDF API --- tests/suites/test_suite_psa_crypto.function | 38 +++++++++++++-------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index de88bfb0d..90948d7ba 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4340,8 +4340,8 @@ exit: /* BEGIN_CASE */ void derive_full( int alg_arg, data_t *key_data, - data_t *salt, - data_t *label, + data_t *input1, + data_t *input2, int requested_capacity_arg ) { psa_key_handle_t handle = 0; @@ -4362,33 +4362,41 @@ void derive_full( int alg_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_set_capacity( &operation, + requested_capacity ) ); + /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, - salt->x, salt->len ) ); + input1->x, input1->len ) ); PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, - label->x, label->len ) ); + input2->x, input2->len ) ); + } + else if( PSA_ALG_IS_TLS12_PRF( alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) + { + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, + PSA_KEY_DERIVATION_INPUT_SEED, + input1->x, input1->len ) ); + PSA_ASSERT( psa_key_derivation_input_key( &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, + PSA_KEY_DERIVATION_INPUT_LABEL, + input2->x, input2->len ) ); } - -#if defined(PSA_PRE_1_0_KEY_DERIVATION) else { - // legacy - PSA_ASSERT( psa_key_derivation( &operation, handle, alg, - salt->x, salt->len, - label->x, label->len, - requested_capacity ) ); + TEST_ASSERT( ! "Key derivation algorithm not supported" ); } -#endif + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); From e7e4706230a9e2a91aae5bf6d473bbc570814e7b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 Jun 2019 14:35:43 +0100 Subject: [PATCH 1404/2197] Add derive_full test cases for TLS 1.2 PRF --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 61faed49e..10dac8f64 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1995,6 +1995,14 @@ PSA key derivation: HKDF SHA-256, read maximum capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 +PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1 + +PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 + PSA key derivation: HKDF SHA-256, exercise AES128-CTR depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR From f2815eaec6fd5e30f991cd936244a051bf06a7ae Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 12:41:36 +0100 Subject: [PATCH 1405/2197] Refactor key derivation setup in tests --- tests/suites/test_suite_psa_crypto.function | 136 +++++++++----------- 1 file changed, 63 insertions(+), 73 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 90948d7ba..9efee51e3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -517,57 +517,76 @@ exit: return( 0 ); } +static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation, + psa_key_handle_t handle, + psa_algorithm_t alg, + unsigned char* input1, size_t input1_length, + unsigned char* input2, size_t input2_length, + size_t capacity ) +{ + PSA_ASSERT( psa_key_derivation_setup( operation, alg ) ); + if( PSA_ALG_IS_HKDF( alg ) ) + { + PSA_ASSERT( psa_key_derivation_input_bytes( operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length ) ); + PSA_ASSERT( psa_key_derivation_input_key( operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length ) ); + } + else if( PSA_ALG_IS_TLS12_PRF( alg ) || + PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) + { + PSA_ASSERT( psa_key_derivation_input_bytes( operation, + PSA_KEY_DERIVATION_INPUT_SEED, + input1, input1_length ) ); + PSA_ASSERT( psa_key_derivation_input_key( operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( operation, + PSA_KEY_DERIVATION_INPUT_LABEL, + input2, input2_length ) ); + } + else + { + TEST_ASSERT( ! "Key derivation algorithm not supported" ); + } + + PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) ); + + return( 1 ); + +exit: + return( 0 ); +} + + static int exercise_key_derivation_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - unsigned char label[16] = "This is a label."; - size_t label_length = sizeof( label ); - unsigned char seed[16] = "abcdefghijklmnop"; - size_t seed_length = sizeof( seed ); + unsigned char input1[] = "Input 1"; + size_t input1_length = sizeof( input1 ); + unsigned char input2[] = "Input 2"; + size_t input2_length = sizeof( input2 ); unsigned char output[1]; + size_t capacity = sizeof( output ); if( usage & PSA_KEY_USAGE_DERIVE ) { - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - if( PSA_ALG_IS_HKDF( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_SALT, - label, - label_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - seed, - seed_length ) ); - } - else if( PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_SEED, - seed, - seed_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_LABEL, - label, - label_length ) ); - } - else - { - TEST_ASSERT( ! "Key derivation algorithm not supported" ); - } + if( !setup_key_derivation_wrap( &operation, handle, alg, + input1, input1_length, + input2, input2_length, capacity ) ) + goto exit; PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, - sizeof( output ) ) ); + capacity ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } @@ -4362,40 +4381,11 @@ void derive_full( int alg_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); - - /* Extraction phase. */ - if( PSA_ALG_IS_HKDF( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_SALT, - input1->x, input1->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - input2->x, input2->len ) ); - } - else if( PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_SEED, - input1->x, input1->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_LABEL, - input2->x, input2->len ) ); - } - else - { - TEST_ASSERT( ! "Key derivation algorithm not supported" ); - } + if( !setup_key_derivation_wrap( &operation, handle, alg, + input1->x, input1->len, + input2->x, input2->len, + requested_capacity ) ) + goto exit; PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); From e60c9052ecb714b1bf5692f11ff1bba444e25ec5 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 13:51:30 +0100 Subject: [PATCH 1406/2197] Convert derive_key_exercise to the new KDF API --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ tests/suites/test_suite_psa_crypto.function | 15 ++++++++------- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 10dac8f64..e83618fd2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2004,27 +2004,27 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 PSA key derivation: HKDF SHA-256, exercise AES128-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise AES256-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: HKDF SHA-256, exercise HKDF-SHA-256 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9efee51e3..a36a8aff5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4419,11 +4419,11 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ +/* BEGIN_CASE */ void derive_key_exercise( int alg_arg, data_t *key_data, - data_t *salt, - data_t *label, + data_t *input1, + data_t *input2, int derived_type_arg, int derived_bits_arg, int derived_usage_arg, @@ -4450,10 +4450,11 @@ void derive_key_exercise( int alg_arg, &base_handle ) ); /* Derive a key. */ - PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, - salt->x, salt->len, - label->x, label->len, - capacity ) ); + if ( setup_key_derivation_wrap( &operation, base_handle, alg, + input1->x, input1->len, + input2->x, input2->len, capacity ) ) + goto exit; + psa_set_key_usage_flags( &attributes, derived_usage ); psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); From 8d98a1e62648443b06a1085b5b2777bb4b1857f7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 14:02:15 +0100 Subject: [PATCH 1407/2197] Add derive_key_exercise test cases for TLS 1.2 PRF --- tests/suites/test_suite_psa_crypto.data | 30 ++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e83618fd2..11d61d4b3 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2027,9 +2027,33 @@ PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) -PSA key derivation: HKDF SHA-256, exercise HKDF-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) +PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key derivation: HKDF SHA-256, derive key, 16+32 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C From 42fd888ab09c1aa32c7b20bd3ac8f6b7ea618f4f Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 14:17:09 +0100 Subject: [PATCH 1408/2197] Convert derive_key_export to the new KDF API --- tests/suites/test_suite_psa_crypto.data | 8 +++---- tests/suites/test_suite_psa_crypto.function | 24 +++++++++++---------- 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 11d61d4b3..cf1911fc8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2055,12 +2055,12 @@ PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) -PSA key derivation: HKDF SHA-256, derive key, 16+32 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +PSA key derivation: HKDF SHA-256, derive key export, 16+32 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 -PSA key derivation: HKDF SHA-256, derive key, 1+41 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +PSA key derivation: HKDF SHA-256, derive key export, 1+41 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 PSA key agreement setup: ECDH + HKDF-SHA-256: good diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a36a8aff5..a6fcdb5c2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4480,11 +4480,11 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ +/* BEGIN_CASE */ void derive_key_export( int alg_arg, data_t *key_data, - data_t *salt, - data_t *label, + data_t *input1, + data_t *input2, int bytes1_arg, int bytes2_arg ) { @@ -4512,20 +4512,22 @@ void derive_key_export( int alg_arg, &base_handle ) ); /* Derive some material and output it. */ - PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, - salt->x, salt->len, - label->x, label->len, - capacity ) ); + if( !setup_key_derivation_wrap( &operation, base_handle, alg, + input1->x, input1->len, + input2->x, input2->len, capacity ) ) + goto exit; + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, capacity ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) ); /* Derive the same output again, but this time store it in key objects. */ - PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, - salt->x, salt->len, - label->x, label->len, - capacity ) ); + if( !setup_key_derivation_wrap( &operation, base_handle, alg, + input1->x, input1->len, + input2->x, input2->len, capacity ) ) + goto exit; + psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); From 5ab0e0b601f0d82abd515fd8843fe1be040a00a3 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 14:21:29 +0100 Subject: [PATCH 1409/2197] Add derive_key_export test cases for TLS 1.2 PRF --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index cf1911fc8..c609a0231 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2063,6 +2063,14 @@ PSA key derivation: HKDF SHA-256, derive key export, 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 +PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 16+32 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 + +PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41 +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 + PSA key agreement setup: ECDH + HKDF-SHA-256: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS From d958bb7aae4e45a125cb82cbbac431ee1d6662d1 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 15:02:16 +0100 Subject: [PATCH 1410/2197] Convert invalid_key_derivation_state to new API Convert the test_derive_invalid_key_derivation_state() test to the new KDF API. --- tests/suites/test_suite_psa_crypto.data | 6 +++--- tests/suites/test_suite_psa_crypto.function | 24 +++++++++++---------- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c609a0231..7a52f804d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1827,9 +1827,9 @@ PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE -PSA key derivation: invalid state (double generate + read past capacity) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -test_derive_invalid_key_derivation_state: +PSA key derivation: HKDF invalid state (double generate + read past capacity) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key derivation: invalid state (call read/get_capacity after init and abort) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a6fcdb5c2..1d06d62e7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4163,13 +4163,17 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */ -void test_derive_invalid_key_derivation_state( ) +/* BEGIN_CASE */ +void test_derive_invalid_key_derivation_state( int alg_arg ) { + psa_algorithm_t alg = alg_arg; psa_key_handle_t handle = 0; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); + unsigned char input1[] = "Input 1"; + size_t input1_length = sizeof( input1 ); + unsigned char input2[] = "Input 2"; + size_t input2_length = sizeof( input2 ); uint8_t buffer[42]; size_t capacity = sizeof( buffer ); const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, @@ -4188,16 +4192,14 @@ void test_derive_invalid_key_derivation_state( ) &handle ) ); /* valid key derivation */ - PSA_ASSERT( psa_key_derivation( &operation, handle, alg, - NULL, 0, - NULL, 0, - capacity ) ); + if( !setup_key_derivation_wrap( &operation, handle, alg, + input1, input1_length, + input2, input2_length, + capacity ) ) + goto exit; /* state of operation shouldn't allow additional generation */ - TEST_EQUAL( psa_key_derivation( &operation, handle, alg, - NULL, 0, - NULL, 0, - capacity ), + TEST_EQUAL( psa_key_derivation_setup( &operation, alg ), PSA_ERROR_BAD_STATE ); PSA_ASSERT( psa_key_derivation_output_bytes( &operation, buffer, capacity ) ); From 343067e0d196e6c5b0f827104b87e33f6a4c010d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 3 Jul 2019 15:07:53 +0100 Subject: [PATCH 1411/2197] Add invalid_key_derivation test cases for TLS PRF Add test_derive_invalid_key_derivation_state test cases for TLS 1.2 PRF. --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7a52f804d..53f842201 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1831,6 +1831,10 @@ PSA key derivation: HKDF invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256) +PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) + PSA key derivation: invalid state (call read/get_capacity after init and abort) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_tests: From 4e2cc5353cada4eddd6066e612bdb8e006cc0067 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 May 2019 14:30:27 +0200 Subject: [PATCH 1412/2197] Update key_ladder_demo to the current key derivation API --- programs/psa/key_ladder_demo.c | 65 ++++++++++++++++++---------------- 1 file changed, 34 insertions(+), 31 deletions(-) diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 426e41f87..800896f12 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -63,27 +63,25 @@ #include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize +#include + /* If the build options we need are not enabled, compile a placeholder. */ #if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) ||\ - !defined(PSA_PRE_1_0_KEY_DERIVATION) + defined(PSA_PRE_1_0_KEY_DERIVATION) int main( void ) { printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO and/or " - "PSA_PRE_1_0_KEY_DERIVATION not defined.\n"); + "not defined and/or PSA_PRE_1_0_KEY_DERIVATION defined.\n"); return( 0 ); } #else /* The real program starts here. */ - - -#include - /* Run a system function and bail out if it fails. */ #define SYS_CHECK( expr ) \ do \ @@ -281,7 +279,7 @@ static psa_status_t derive_key_ladder( const char *ladder[], { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; size_t i; psa_set_key_usage_flags( &attributes, @@ -295,26 +293,28 @@ static psa_status_t derive_key_ladder( const char *ladder[], { /* Start deriving material from the master key (if i=0) or from * the current intermediate key (if i>0). */ - PSA_CHECK( psa_key_derivation( - &generator, - *key_handle, - KDF_ALG, - DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH, - (uint8_t*) ladder[i], strlen( ladder[i] ), - KEY_SIZE_BYTES ) ); + PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) ); + PSA_CHECK( psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + *key_handle ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + (uint8_t*) ladder[i], strlen( ladder[i] ) ) ); /* When the parent key is not the master key, destroy it, * since it is no longer needed. */ PSA_CHECK( psa_close_key( *key_handle ) ); *key_handle = 0; - /* Use the generator obtained from the parent key to create - * the next intermediate key. */ - PSA_CHECK( psa_key_derivation_output_key( &attributes, &generator, - key_handle ) ); - PSA_CHECK( psa_key_derivation_abort( &generator ) ); + /* Derive the next intermediate key from the parent key. */ + PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, + key_handle ) ); + PSA_CHECK( psa_key_derivation_abort( &operation ) ); } exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); if( status != PSA_SUCCESS ) { psa_close_key( *key_handle ); @@ -330,7 +330,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; *wrapping_key_handle = 0; psa_set_key_usage_flags( &attributes, usage ); @@ -338,18 +338,21 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); - PSA_CHECK( psa_key_derivation( - &generator, - derived_key_handle, - KDF_ALG, - WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH, - NULL, 0, - PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) ); - PSA_CHECK( psa_key_derivation_output_key( &attributes, &generator, - wrapping_key_handle ) ); + PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) ); + PSA_CHECK( psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + derived_key_handle ) ); + PSA_CHECK( psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0 ) ); + PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, + wrapping_key_handle ) ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); if( status != PSA_SUCCESS ) { psa_close_key( *wrapping_key_handle ); From 2a38e2477aeca86c881f04a9acc95ee4cd1171fa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 May 2019 14:33:00 +0200 Subject: [PATCH 1413/2197] Slightly simplify derive_wrapping_key No error can arise after the wrapping key is created, so remove the corresponding cleanup code. --- programs/psa/key_ladder_demo.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 800896f12..91e517870 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -333,11 +333,9 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; *wrapping_key_handle = 0; - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, WRAPPING_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); + /* Set up a key derivation operation from the key derived from + * the master key. */ PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); PSA_CHECK( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, @@ -348,16 +346,17 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, PSA_CHECK( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); + + /* Create the wrapping key. */ + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, WRAPPING_ALG ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, wrapping_key_handle ) ); exit: psa_key_derivation_abort( &operation ); - if( status != PSA_SUCCESS ) - { - psa_close_key( *wrapping_key_handle ); - *wrapping_key_handle = 0; - } return( status ); } From 4150335a2753714145bf3faa589b6b178ff20d9d Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 28 Jun 2019 14:14:02 +0200 Subject: [PATCH 1414/2197] Fix handling of md failure The failure of mbedtls_md was not checked in one place. This could have led to an incorrect computation if a hardware accelerator failed. In most cases this would have led to the key exchange failing, so the impact would have been a hard-to-diagnose error reported in the wrong place. If the two sides of the key exchange failed in the same way with an output from mbedtls_md that was independent of the input, this could have led to an apparently successful key exchange with a predictable key, thus a glitching md accelerator could have caused a security vulnerability. --- library/ecjpake.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ecjpake.c b/library/ecjpake.c index b276514e8..1845c936a 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -226,7 +226,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, p += id_len; /* Compute hash */ - mbedtls_md( md_info, buf, p - buf, hash ); + MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) ); /* Turn it into an integer mod n */ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash, From 01b3be4aa87559c9f9502b14d55d2206a9b0ec63 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 28 Jun 2019 14:17:04 +0200 Subject: [PATCH 1415/2197] Add a test for mlaformed ECJPAKE context --- tests/suites/test_suite_ecjpake.data | 3 +++ tests/suites/test_suite_ecjpake.function | 21 +++++++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/tests/suites/test_suite_ecjpake.data b/tests/suites/test_suite_ecjpake.data index 84c99c985..ffa59e546 100644 --- a/tests/suites/test_suite_ecjpake.data +++ b/tests/suites/test_suite_ecjpake.data @@ -4,6 +4,9 @@ ecjpake_invalid_param: ECJPAKE selftest ecjpake_selftest: +ECJPAKE fail read corrupt MD +read_bad_md:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51620934d74eb43e54df424fd96306c0117bf131afabf90a9d33d1198d905193735144104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb12" + ECJPAKE round one: client, valid read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410409f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb51620934d74eb43e54df424fd96306c0117bf131afabf90a9d33d1198d905193735144104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb12":0 diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function index d26729522..38f190de2 100644 --- a/tests/suites/test_suite_ecjpake.function +++ b/tests/suites/test_suite_ecjpake.function @@ -236,6 +236,27 @@ void ecjpake_selftest( ) } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +void read_bad_md( data_t *msg ) +{ + mbedtls_ecjpake_context corrupt_ctx; + const unsigned char * pw = NULL; + const size_t pw_len = 0; + int any_role = MBEDTLS_ECJPAKE_CLIENT; + + mbedtls_ecjpake_init( &corrupt_ctx ); + TEST_ASSERT( mbedtls_ecjpake_setup( &corrupt_ctx, any_role, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + corrupt_ctx.md_info = NULL; + + TEST_ASSERT( mbedtls_ecjpake_read_round_one( &corrupt_ctx, msg->x, + msg->len ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + +exit: + mbedtls_ecjpake_free( &corrupt_ctx ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ void read_round_one( int role, data_t * msg, int ref_ret ) { From 2c8f909782dbc7a6d1d916fb75613ffb278232b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 10 Jul 2019 17:18:13 +0200 Subject: [PATCH 1416/2197] Correct version number for 1.1.0 format (formerly 1.0.1) Update the 1.1.0 format description now that its version number has been decided. This release turned out to be 1.1.0, not 1.0.1. --- .../mbed-crypto-storage-specification.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index f4abd3e70..a9984a337 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -161,21 +161,21 @@ The library integration and the PSA platform integration use different sets of f It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use. -Mbed Crypto 1.0.1 +Mbed Crypto 1.1.0 ----------------- -Tags: TBD +Tags: mbedcrypto-1.1.0 -Released in May 2019.
+Released in early June 2019.
Integrated in Mbed OS 5.13. Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format. -### Key file format for 1.0.1 +### Key file format for 1.1.0 The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following changes: -* A new policy field, marked as [NEW:1.0.1] below. +* A new policy field, marked as [NEW:1.1.0] below. * The encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far). A self-contained description of the file layout follows. @@ -189,7 +189,7 @@ The layout of a key file is: * type (4 bytes): `psa_key_type_t` value * policy usage flags (4 bytes): `psa_key_usage_t` value * policy usage algorithm (4 bytes): `psa_algorithm_t` value -* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.0.1] +* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0] * key material length (4 bytes) * key material: output of `psa_export_key` * Any trailing data is rejected on load. From fd2aed4d76b908c96f96a10cadd2cbdf6cf0d62e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 11 Jul 2019 15:47:40 +0100 Subject: [PATCH 1417/2197] Document cipher modes --- include/psa/crypto_values.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 19dc28bf4..472ad3847 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -837,7 +837,13 @@ (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +/** The CBC-MAC construction over a block cipher + * + * \warning CBC-MAC is insecure in many cases. + * A more secure mode, such as #PSA_ALG_CMAC, is recommended. + */ #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +/** The CMAC construction over a block cipher */ #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) @@ -897,8 +903,16 @@ */ #define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) +/** The CFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ #define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) +/** The OFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ #define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) /** The XTS cipher mode. @@ -942,10 +956,14 @@ (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) /** The CCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. */ #define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) /** The GCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. */ #define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) From 2282cfa660da0470608ba93c1d4c383c96d60b06 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 11 Jul 2019 15:51:45 +0100 Subject: [PATCH 1418/2197] Remove GMAC algorithm (for now) It can't be implemented with the current version of the API --- include/psa/crypto_values.h | 1 - library/psa_crypto.c | 2 -- tests/suites/test_suite_psa_crypto_metadata.data | 12 ------------ 3 files changed, 15 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 472ad3847..2c0acf326 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -845,7 +845,6 @@ #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) /** The CMAC construction over a block cipher */ #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) -#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2285694ee..5245e61bf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2005,8 +2005,6 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( } else if( alg == PSA_ALG_CMAC ) mode = MBEDTLS_MODE_ECB; - else if( alg == PSA_ALG_GMAC ) - mode = MBEDTLS_MODE_GCM; else return( NULL ); diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b011ad501..f5d5a33d9 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -150,18 +150,6 @@ MAC: CMAC-3DES depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 -MAC: GMAC-AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 - -MAC: GMAC-AES-192 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 - -MAC: GMAC-AES-256 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 - Cipher: ARC4 depends_on:MBEDTLS_ARC4_C cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER From e62b74e68f4d2cf79a6218ae3abf4fb910643fb7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jun 2019 15:25:09 +0200 Subject: [PATCH 1419/2197] Add public-key export method --- include/psa/crypto_se_driver.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 85247051e..fc0d96162 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -819,6 +819,8 @@ typedef struct { psa_drv_se_destroy_key_t p_destroy; /** Function that performs a key export operation */ psa_drv_se_export_key_t p_export; + /** Function that performs a public key export operation */ + psa_drv_se_export_key_t p_export_public; } psa_drv_se_key_management_t; /**@}*/ From f989dbe6d8b2f355303f1aaff5644b11349a18ca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 18:18:12 +0200 Subject: [PATCH 1420/2197] SE driver lookup functions Expose the type of an entry in the SE driver table as an opaque type to other library modules. Soon, driver table entries will have state, and callers will need to be able to access this state through functions using this opaque type. Provide functions to look up a driver by its lifetime and to retrieve the method table from an entry. --- library/psa_crypto_se.c | 52 ++++++++++++++++++++++++++++++++++++++--- library/psa_crypto_se.h | 38 ++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 688d4e7c8..70e3a1680 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -32,13 +32,53 @@ #include "psa_crypto_se.h" -typedef struct +/****************************************************************/ +/* Driver lookup */ +/****************************************************************/ + +typedef struct psa_se_drv_table_entry_s { psa_key_lifetime_t lifetime; const psa_drv_se_t *methods; -} method_table_entry_t; +} psa_se_drv_table_entry_t; -static method_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; +static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; + +const psa_se_drv_table_entry_t *psa_get_se_driver_entry( + psa_key_lifetime_t lifetime ) +{ + size_t i; + if( lifetime == 0 ) + return( NULL ); + for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) + { + if( driver_table[i].lifetime == lifetime ) + return( &driver_table[i] ); + } + return( NULL ); +} + +const psa_drv_se_t *psa_get_se_driver_methods( + const psa_se_drv_table_entry_t *drv ) +{ + return( drv->methods ); +} + +const psa_drv_se_t *psa_get_se_driver( psa_key_lifetime_t lifetime ) +{ + const psa_se_drv_table_entry_t *drv = psa_get_se_driver_entry( lifetime ); + if( drv == NULL ) + return( NULL ); + else + return( drv->methods ); +} + + + + +/****************************************************************/ +/* Driver registration */ +/****************************************************************/ psa_status_t psa_register_se_driver( psa_key_lifetime_t lifetime, @@ -83,4 +123,10 @@ void psa_unregister_all_se_drivers( void ) memset( driver_table, 0, sizeof( driver_table ) ); } + + +/****************************************************************/ +/* The end */ +/****************************************************************/ + #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index e99bd2576..88b0127c6 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -42,4 +42,42 @@ */ void psa_unregister_all_se_drivers( void ); +/** A structure that describes a registered secure element driver. + * + * A secure element driver table entry contains a pointer to the + * driver's method table and a pointer to the driver's slot usage + * structure. + */ +typedef struct psa_se_drv_table_entry_s psa_se_drv_table_entry_t; + +/** Return the secure element driver table entry for a lifetime value. + * + * \param lifetime The lifetime value to query. + * + * \return The driver table entry for \p lifetime, or + * \p NULL if \p lifetime does not correspond to a registered driver. + */ +const psa_se_drv_table_entry_t *psa_get_se_driver_entry( + psa_key_lifetime_t lifetime ); + +/** Return the method table for a secure element driver. + * + * \param[in] drv The driver table entry to access. + * + * \return The driver table entry for \p lifetime, or + * \p NULL if \p lifetime does not correspond to a registered driver. + */ +const psa_drv_se_t *psa_get_se_driver_methods( + const psa_se_drv_table_entry_t *drv ); + +/** Return the secure element driver method table for a lifetime value. + * + * \param lifetime The lifetime value to query. + * + * \return The driver method table for \p lifetime, or + * \p NULL if \p lifetime does not correspond to a registered driver. + */ +const psa_drv_se_t *psa_get_se_driver( + psa_key_lifetime_t lifetime ); + #endif /* PSA_CRYPTO_SE_H */ From 6e59c42d1d2453919500ba75f2a71a9c3cc1d2f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 19:06:52 +0200 Subject: [PATCH 1421/2197] Split the secure element driver method table memory layout Instead of having one giant table containing all possible methods, represent a driver's method table as a structure containing pointers to substructures. This way a driver that doesn't implement a certain class of operations can use NULL for this class as a whole instead of storing NULL for each method. --- include/psa/crypto_se_driver.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index fc0d96162..87a935475 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -980,12 +980,12 @@ typedef struct { * Use #PSA_DRV_SE_HAL_VERSION. */ uint32_t hal_version; - psa_drv_se_key_management_t key_management; - psa_drv_se_mac_t mac; - psa_drv_se_cipher_t cipher; - psa_drv_se_aead_t aead; - psa_drv_se_asymmetric_t asymmetric; - psa_drv_se_key_derivation_t derivation; + const psa_drv_se_key_management_t *key_management; + const psa_drv_se_mac_t *mac; + const psa_drv_se_cipher_t *cipher; + const psa_drv_se_aead_t *aead; + const psa_drv_se_asymmetric_t *asymmetric; + const psa_drv_se_key_derivation_t *derivation; } psa_drv_se_t; /** The current version of the secure element driver HAL. From 011e4284a1709bd8306c016ee9040922af45a24b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Jun 2019 18:34:38 +0200 Subject: [PATCH 1422/2197] Look up the SE driver when creating a key When creating a key with a lifetime that places it in a secure element, retrieve the appropriate driver table entry. This commit doesn't yet achieve behavior: so far the code only retrieves the driver, it doesn't call the driver. --- library/psa_crypto.c | 71 ++++++++++++++++++++-------- library/psa_crypto_slot_management.c | 14 +++++- library/psa_crypto_slot_management.h | 30 ++++++++++++ 3 files changed, 93 insertions(+), 22 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5245e61bf..65e1e2a74 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1291,9 +1291,11 @@ static psa_status_t psa_set_key_policy_internal( * In case of failure at any step, stop the sequence and call * psa_fail_key_creation(). * - * \param attributes Key attributes for the new key. - * \param handle On success, a handle for the allocated slot. - * \param p_slot On success, a pointer to the prepared slot. + * \param[in] attributes Key attributes for the new key. + * \param[out] handle On success, a handle for the allocated slot. + * \param[out] p_slot On success, a pointer to the prepared slot. + * \param[out] p_drv On any return, the driver for the key, if any. + * NULL for a transparent key. * * \retval #PSA_SUCCESS * The key slot is ready to receive key material. @@ -1303,11 +1305,14 @@ static psa_status_t psa_set_key_policy_internal( static psa_status_t psa_start_key_creation( const psa_key_attributes_t *attributes, psa_key_handle_t *handle, - psa_key_slot_t **p_slot ) + psa_key_slot_t **p_slot, + const psa_se_drv_table_entry_t **p_drv ) { psa_status_t status; psa_key_slot_t *slot; + *p_drv = NULL; + status = psa_internal_allocate_key_slot( handle, p_slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1317,10 +1322,12 @@ static psa_status_t psa_start_key_creation( if( status != PSA_SUCCESS ) return( status ); slot->lifetime = attributes->lifetime; + if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE ) { status = psa_validate_persistent_key_parameters( attributes->lifetime, - attributes->id, 1 ); + attributes->id, + p_drv, 1 ); if( status != PSA_SUCCESS ) return( status ); slot->persistent_storage_id = attributes->id; @@ -1338,17 +1345,22 @@ static psa_status_t psa_start_key_creation( * See the documentation of psa_start_key_creation() for the intended use * of this function. * - * \param slot Pointer to the slot with key material. + * \param[in,out] slot Pointer to the slot with key material. + * \param[in] driver The secure element driver for the key, + * or NULL for a transparent key. * * \retval #PSA_SUCCESS * The key was successfully created. The handle is now valid. * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. */ -static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) +static psa_status_t psa_finish_key_creation( + psa_key_slot_t *slot, + const psa_se_drv_table_entry_t *driver ) { psa_status_t status = PSA_SUCCESS; (void) slot; + (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) @@ -1390,12 +1402,25 @@ static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot ) * See the documentation of psa_start_key_creation() for the intended use * of this function. * - * \param slot Pointer to the slot with key material. + * \param[in,out] slot Pointer to the slot with key material. + * \param[in] driver The secure element driver for the key, + * or NULL for a transparent key. */ -static void psa_fail_key_creation( psa_key_slot_t *slot ) +static void psa_fail_key_creation( psa_key_slot_t *slot, + const psa_se_drv_table_entry_t *driver ) { + (void) driver; + if( slot == NULL ) return; + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* TOnogrepDO: If the key has already been created in the secure + * element, and the failure happened later (when saving metadata + * to internal storage), we need to destroy the key in the secure + * element. */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + psa_wipe_key_slot( slot ); } @@ -1458,8 +1483,9 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, { psa_status_t status; psa_key_slot_t *slot = NULL; + const psa_se_drv_table_entry_t *driver = NULL; - status = psa_start_key_creation( attributes, handle, &slot ); + status = psa_start_key_creation( attributes, handle, &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -1470,11 +1496,11 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - status = psa_finish_key_creation( slot ); + status = psa_finish_key_creation( slot, driver ); exit: if( status != PSA_SUCCESS ) { - psa_fail_key_creation( slot ); + psa_fail_key_creation( slot, driver ); *handle = 0; } return( status ); @@ -1514,6 +1540,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, psa_key_slot_t *source_slot = NULL; psa_key_slot_t *target_slot = NULL; psa_key_attributes_t actual_attributes = *specified_attributes; + const psa_se_drv_table_entry_t *driver = NULL; status = psa_get_key_from_slot( source_handle, &source_slot, PSA_KEY_USAGE_COPY, 0 ); @@ -1530,7 +1557,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, goto exit; status = psa_start_key_creation( &actual_attributes, - target_handle, &target_slot ); + target_handle, &target_slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -1538,11 +1565,11 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) goto exit; - status = psa_finish_key_creation( target_slot ); + status = psa_finish_key_creation( target_slot, driver ); exit: if( status != PSA_SUCCESS ) { - psa_fail_key_creation( target_slot ); + psa_fail_key_creation( target_slot, driver ); *target_handle = 0; } return( status ); @@ -4437,7 +4464,8 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut { psa_status_t status; psa_key_slot_t *slot = NULL; - status = psa_start_key_creation( attributes, handle, &slot ); + const psa_se_drv_table_entry_t *driver = NULL; + status = psa_start_key_creation( attributes, handle, &slot, &driver ); if( status == PSA_SUCCESS ) { status = psa_generate_derived_key_internal( slot, @@ -4445,10 +4473,10 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut operation ); } if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot ); + status = psa_finish_key_creation( slot, driver ); if( status != PSA_SUCCESS ) { - psa_fail_key_creation( slot ); + psa_fail_key_creation( slot, driver ); *handle = 0; } return( status ); @@ -5467,7 +5495,8 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, { psa_status_t status; psa_key_slot_t *slot = NULL; - status = psa_start_key_creation( attributes, handle, &slot ); + const psa_se_drv_table_entry_t *driver = NULL; + status = psa_start_key_creation( attributes, handle, &slot, &driver ); if( status == PSA_SUCCESS ) { status = psa_generate_key_internal( @@ -5475,10 +5504,10 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, attributes->domain_parameters, attributes->domain_parameters_size ); } if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot ); + status = psa_finish_key_creation( slot, driver ); if( status != PSA_SUCCESS ) { - psa_fail_key_creation( slot ); + psa_fail_key_creation( slot, driver ); *handle = 0; } return( status ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 900aa41a5..eb24b6b4c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -168,8 +168,20 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id, psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, psa_key_file_id_t id, + const psa_se_drv_table_entry_t **p_drv, int creating ) { + if( p_drv != NULL ) + *p_drv = NULL; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_key_lifetime_is_external( lifetime ) ) + { + *p_drv = psa_get_se_driver_entry( lifetime ); + if( *p_drv == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ if( lifetime != PSA_KEY_LIFETIME_PERSISTENT ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -194,7 +206,7 @@ psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) *handle = 0; status = psa_validate_persistent_key_parameters( - PSA_KEY_LIFETIME_PERSISTENT, id, 0 ); + PSA_KEY_LIFETIME_PERSISTENT, id, NULL, 0 ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 5c1bde146..8111c4a62 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -22,6 +22,9 @@ #ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H #define PSA_CRYPTO_SLOT_MANAGEMENT_H +#include "psa/crypto.h" +#include "psa_crypto_se.h" + /* Number of key slots (plus one because 0 is not used). * The value is a compile-time constant for now, for simplicity. */ #define PSA_KEY_SLOT_COUNT 32 @@ -71,6 +74,24 @@ void psa_wipe_all_key_slots( void ); psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, psa_key_slot_t **p_slot ); +/** Test whether a lifetime designates a key in an external cryptoprocessor. + * + * \param lifetime The lifetime to test. + * + * \retval 1 + * The lifetime designates an external key. There should be a + * registered driver for this lifetime, otherwise the key cannot + * be created or manipulated. + * \retval 0 + * The lifetime designates a key that is volatile or in internal + * storage. + */ +static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) +{ + return( lifetime != PSA_KEY_LIFETIME_VOLATILE && + lifetime != PSA_KEY_LIFETIME_PERSISTENT ); +} + /** Test whether the given parameters are acceptable for a persistent key. * * This function does not access the storage in any way. It only tests @@ -78,8 +99,16 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, * It does not test whether the a file by the given id exists or could be * created. * + * If the key is in external storage, this function returns the corresponding + * driver. + * * \param lifetime The lifetime to test. * \param id The key id to test. + * \param[out] p_drv On output, if \p lifetime designates a key + * in an external processor, \c *p_drv is a pointer + * to the driver table entry fot this lifetime. + * If \p lifetime designates a transparent key, + * \c *p_drv is \c NULL. * \param creating 0 if attempting to open an existing key. * Nonzero if attempting to create a key. * @@ -93,6 +122,7 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, psa_key_file_id_t id, + const psa_se_drv_table_entry_t **p_drv, int creating ); From 2cd9051d5feef12086dbed788f7cc270b9ec231c Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 12 Jul 2019 14:48:12 +0200 Subject: [PATCH 1423/2197] Add decoding empty buffer test calls for cipher modes that benefit from this --- tests/suites/test_suite_cipher.aes.data | 2 +- tests/suites/test_suite_cipher.arc4.data | 4 ++++ tests/suites/test_suite_cipher.aria.data | 3 +++ tests/suites/test_suite_cipher.blowfish.data | 4 ++++ tests/suites/test_suite_cipher.camellia.data | 4 ++++ tests/suites/test_suite_cipher.des.data | 12 ++++++++++++ tests/suites/test_suite_cipher.gcm.data | 12 ++++++++++++ 7 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 tests/suites/test_suite_cipher.aria.data diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index c42fc7911..b2eb26e9d 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1,4 +1,4 @@ -Decrypt empty buffer +AES-128 CBC - Decrypt empty buffer depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data index 6e69b811f..d29d2ae9d 100644 --- a/tests/suites/test_suite_cipher.arc4.data +++ b/tests/suites/test_suite_cipher.arc4.data @@ -1,3 +1,7 @@ +ARC4 Decrypt empty buffer +depends_on:MBEDTLS_ARC4_C +dec_empty_buf:MBEDTLS_CIPHER_ARC4_128 + ARC4 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_ARC4_C enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:0:-1 diff --git a/tests/suites/test_suite_cipher.aria.data b/tests/suites/test_suite_cipher.aria.data new file mode 100644 index 000000000..c1ecafbd1 --- /dev/null +++ b/tests/suites/test_suite_cipher.aria.data @@ -0,0 +1,3 @@ +Aria CBC Decrypt empty buffer +depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data index b94bc4704..627c42b74 100644 --- a/tests/suites/test_suite_cipher.blowfish.data +++ b/tests/suites/test_suite_cipher.blowfish.data @@ -1,3 +1,7 @@ +BLOWFISH CBC Decrypt empty buffer +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC + BLOWFISH Encrypt and decrypt 0 bytes depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1 diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index e6342da2b..a078be198 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -1,3 +1,7 @@ +CAMELLIA CBC Decrypt empty buffer +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC + CAMELLIA Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:-1 diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index ba9020eab..dbd6809b1 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -1,3 +1,15 @@ +DES CBC Decrypt empty buffer +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_DES_CBC + +DES EDE CBC Decrypt empty buffer +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE_CBC + +DES EDE3 CBC Decrypt empty buffer +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC + DES Encrypt and decrypt 0 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:-1 diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 03d08ce32..dc33116c1 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,3 +1,15 @@ +AES 128 GCM Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +dec_empty_buf:MBEDTLS_CIPHER_AES_128_GCM + +CAMELLIA GCM Decrypt empty buffer +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_PADDING_PKCS7 +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM + +Aria GCM Decrypt empty buffer +depends_on:MBEDTLS_ARIA_C +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM + AES 128 GCM Encrypt and decrypt 0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_128_GCM:"AES-128-GCM":128:0:-1 From f03143a4d1b9eed8674d61884a09ba773e4572a9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:18:29 +0200 Subject: [PATCH 1424/2197] Change driver key slot numbers to 64 bits This slightly increases storage requirements, but works in more use cases. In particular, it allows drivers to treat choose slot numbers with a monotonic counter that is incremented each time a key is created, without worrying about overflow in practice. --- include/psa/crypto_se_driver.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 87a935475..c53b34ade 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -43,7 +43,7 @@ extern "C" { /** An internal designation of a key slot between the core part of the * PSA Crypto implementation and the driver. The meaning of this value * is driver-dependent. */ -typedef uint32_t psa_key_slot_number_t; // Change this to psa_key_slot_t after psa_key_slot_t is removed from Mbed crypto +typedef uint64_t psa_key_slot_number_t; /** \defgroup se_mac Secure Element Message Authentication Codes * Generation and authentication of Message Authentication Codes (MACs) using From 7a86da1d428fd7041cfed572c1ae6dc1a0777f53 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:25:38 +0200 Subject: [PATCH 1425/2197] Define a driver context structure type Define a structure that is to be instantiated once per driver instance. Define a driver initialization method and pass it the driver context. --- include/psa/crypto_se_driver.h | 89 ++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index c53b34ade..58515a188 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -40,11 +40,84 @@ extern "C" { #endif +/** \defgroup se_init Secure element driver initialization + */ +/**@{*/ + +/** \brief Driver context structure + * + * Driver functions receive a pointer to this structure. + * Each registered driver has one instance of this structure. + * + * Implementations must include the fields specified here and + * may include other fields. + */ +typedef struct { + /** A read-only pointer to the driver's persistent data. + * + * The PSA Cryptography core saves the persistent data from one + * session to the next. + * + * The core allocates a memory buffer for the persistent data. + * The pointer is guaranteed to be suitably alignedfor any data type, + * like a pointer returned by `malloc` (but the core can use any + * method to allocate the buffer, not necessarily `malloc`). + * + * The size of this buffer is given by psa_drv_se_t::persistent_data_size + * when the driver is registered, and this value is also recorded in the + * ::persistent_data_size field of this structure. + * + * Before the driver is initialized for the first time, the content of + * the persistent data is all-bits-zero. After a driver upgrade, if the + * size of the persistent data has increased, the original data is padded + * on the right with zeros; if the size has decreased, the original data + * is truncated to the new size. + * + * This pointer is to read-only data. Only a few driver functions are + * allowed to modify the persistent data. These functions receive a + * writable pointer. + */ + const void *const persistent_data; + + /** The size of \c persistent_data in bytes. + * + * This is always equal to the value of + * psa_drv_se_t::persistent_data_size when the driver is registered. + */ + const size_t persistent_data_size; + + /** Driver transient data. + * + * The core initializes this value to 0 and does not read or modify it + * afterwards. The driver may store whatever it wants in this field. + */ + uintptr_t transient_data; +} psa_drv_se_context_t; + +/** \brief A driver initialization function. + * + * \param[in,out] drv_context The driver context structure. + * \param lifetime The lifetime value for which this driver + * is registered. + * + * \retval #PSA_SUCCESS + * The driver is operational. + * The core will update the persistent data in storage. + * \return + * Any other return value prevents the driver from being used in + * this session. + * The core will NOT update the persistent data in storage. + */ +typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, + psa_key_lifetime_t lifetime); + /** An internal designation of a key slot between the core part of the * PSA Crypto implementation and the driver. The meaning of this value * is driver-dependent. */ typedef uint64_t psa_key_slot_number_t; +/**@}*/ + /** \defgroup se_mac Secure Element Message Authentication Codes * Generation and authentication of Message Authentication Codes (MACs) using * a secure element can be done either as a single function call (via the @@ -980,6 +1053,22 @@ typedef struct { * Use #PSA_DRV_SE_HAL_VERSION. */ uint32_t hal_version; + + /** The size of the driver's persistent data in bytes. */ + size_t persistent_data_size; + + /** The driver initialization function. + * + * This function is called once during the initialization of the + * PSA Cryptography subsystem, before any other function of the + * driver is called. If this function returns a failure status, + * the driver will be unusable, at least until the next system reset. + * + * If this field is \c NULL, it is equivalent to a function that does + * nothing and returns #PSA_SUCCESS. + */ + psa_drv_se_init_t p_init; + const psa_drv_se_key_management_t *key_management; const psa_drv_se_mac_t *mac; const psa_drv_se_cipher_t *cipher; From 8597bc13e7250db36f55e9521f9e7c56b468bab0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:28:46 +0200 Subject: [PATCH 1426/2197] Pass the driver context to most driver methods Pass the driver context to all driver methods except the ones that operate on an already-setup operation context. Rename `p_context` arguments to `op_context` to avoid confusion between contexts. --- include/psa/crypto_se_driver.h | 115 +++++++++++++++++++++------------ 1 file changed, 74 insertions(+), 41 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 58515a188..7e1d3573d 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -138,7 +138,8 @@ typedef uint64_t psa_key_slot_number_t; /** \brief A function that starts a secure element MAC operation for a PSA * Crypto Driver implementation * - * \param[in,out] p_context A structure that will contain the + * \param[in,out] drv_context The driver context structure. + * \param[in,out] op_context A structure that will contain the * hardware-specific MAC context * \param[in] key_slot The slot of the key to be used for the * operation @@ -148,28 +149,29 @@ typedef uint64_t psa_key_slot_number_t; * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_mac_setup_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_mac_setup_t)(psa_drv_se_context_t *drv_context, + void *op_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm); /** \brief A function that continues a previously started secure element MAC * operation * - * \param[in,out] p_context A hardware-specific structure for the + * \param[in,out] op_context A hardware-specific structure for the * previously-established MAC operation to be * updated * \param[in] p_input A buffer containing the message to be appended * to the MAC operation * \param[in] input_length The size in bytes of the input message buffer */ -typedef psa_status_t (*psa_drv_se_mac_update_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_mac_update_t)(void *op_context, const uint8_t *p_input, size_t input_length); /** \brief a function that completes a previously started secure element MAC * operation by returning the resulting MAC. * - * \param[in,out] p_context A hardware-specific structure for the + * \param[in,out] op_context A hardware-specific structure for the * previously started MAC operation to be * finished * \param[out] p_mac A buffer where the generated MAC will be @@ -182,7 +184,7 @@ typedef psa_status_t (*psa_drv_se_mac_update_t)(void *p_context, * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context, uint8_t *p_mac, size_t mac_size, size_t *p_mac_length); @@ -190,7 +192,7 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *p_context, /** \brief A function that completes a previously started secure element MAC * operation by comparing the resulting MAC against a provided value * - * \param[in,out] p_context A hardware-specific structure for the previously + * \param[in,out] op_context A hardware-specific structure for the previously * started MAC operation to be fiinished * \param[in] p_mac The MAC value against which the resulting MAC will * be compared against @@ -203,21 +205,22 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *p_context, * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ -typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *op_context, const uint8_t *p_mac, size_t mac_length); /** \brief A function that aborts a previous started secure element MAC * operation * - * \param[in,out] p_context A hardware-specific structure for the previously + * \param[in,out] op_context A hardware-specific structure for the previously * started MAC operation to be aborted */ -typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *p_context); +typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *op_context); /** \brief A function that performs a secure element MAC operation in one * command and returns the calculated MAC * + * \param[in,out] drv_context The driver context structure. * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `p_input` * \param[in] key_slot The slot of the key to be used @@ -232,7 +235,8 @@ typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *p_context); * \retval PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, +typedef psa_status_t (*psa_drv_se_mac_generate_t)(psa_drv_se_context_t *drv_context, + const uint8_t *p_input, size_t input_length, psa_key_slot_number_t key_slot, psa_algorithm_t alg, @@ -243,6 +247,7 @@ typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, /** \brief A function that performs a secure element MAC operation in one * command and compares the resulting MAC against a provided value * + * \param[in,out] drv_context The driver context structure. * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `input` * \param[in] key_slot The slot of the key to be used @@ -259,7 +264,8 @@ typedef psa_status_t (*psa_drv_se_mac_generate_t)(const uint8_t *p_input, * The operation completed successfully, but the calculated MAC did * not match the provided MAC */ -typedef psa_status_t (*psa_drv_se_mac_verify_t)(const uint8_t *p_input, +typedef psa_status_t (*psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_context, + const uint8_t *p_input, size_t input_length, psa_key_slot_number_t key_slot, psa_algorithm_t alg, @@ -336,7 +342,8 @@ typedef struct { /** \brief A function that provides the cipher setup function for a * secure element driver * - * \param[in,out] p_context A structure that will contain the + * \param[in,out] drv_context The driver context structure. + * \param[in,out] op_context A structure that will contain the * hardware-specific cipher context. * \param[in] key_slot The slot of the key to be used for the * operation @@ -348,7 +355,8 @@ typedef struct { * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*psa_drv_se_cipher_setup_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context, + void *op_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction); @@ -361,21 +369,21 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(void *p_context, * generate function is not necessary for the drivers to implement as the PSA * Crypto implementation can do the generation using its RNG features. * - * \param[in,out] p_context A structure that contains the previously set up + * \param[in,out] op_context A structure that contains the previously set up * hardware-specific cipher context * \param[in] p_iv A buffer containing the initialization vector * \param[in] iv_length The size (in bytes) of the `p_iv` buffer * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, const uint8_t *p_iv, size_t iv_length); /** \brief A function that continues a previously started secure element cipher * operation * - * \param[in,out] p_context A hardware-specific structure for the + * \param[in,out] op_context A hardware-specific structure for the * previously started cipher operation * \param[in] p_input A buffer containing the data to be * encrypted/decrypted @@ -390,7 +398,7 @@ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, const uint8_t *p_input, size_t input_size, uint8_t *p_output, @@ -400,7 +408,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *p_context, /** \brief A function that completes a previously started secure element cipher * operation * - * \param[in,out] p_context A hardware-specific structure for the + * \param[in,out] op_context A hardware-specific structure for the * previously started cipher operation * \param[out] p_output The caller-allocated buffer where the output * will be placed @@ -411,7 +419,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context, uint8_t *p_output, size_t output_size, size_t *p_output_length); @@ -419,10 +427,10 @@ typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *p_context, /** \brief A function that aborts a previously started secure element cipher * operation * - * \param[in,out] p_context A hardware-specific structure for the + * \param[in,out] op_context A hardware-specific structure for the * previously started cipher operation */ -typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *p_context); +typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context); /** \brief A function that performs the ECB block mode for secure element * cipher operations @@ -430,6 +438,7 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *p_context); * Note: this function should only be used with implementations that do not * provide a needed higher-level operation. * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot The slot of the key to be used for the operation * \param[in] algorithm The algorithm to be used in the cipher operation * \param[in] direction Indicates whether the operation is an encrypt or @@ -446,7 +455,8 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *p_context); * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED */ -typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction, const uint8_t *p_input, @@ -500,6 +510,7 @@ typedef struct { * \brief A function that signs a hash or short message with a private key in * a secure element * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg A signature algorithm that is compatible * with the type of `key` @@ -512,7 +523,8 @@ typedef struct { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, @@ -524,6 +536,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_number_t key_s * \brief A function that verifies the signature a hash or short message using * an asymmetric public key in a secure element * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of a public key or an asymmetric key * pair * \param[in] alg A signature algorithm that is compatible with @@ -536,7 +549,8 @@ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_key_slot_number_t key_s * \retval PSA_SUCCESS * The signature is valid. */ -typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, @@ -547,6 +561,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_number_t key * \brief A function that encrypts a short message with an asymmetric public * key in a secure element * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of a public key or an asymmetric key * pair * \param[in] alg An asymmetric encryption algorithm that is @@ -572,7 +587,8 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_key_slot_number_t key * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, @@ -586,6 +602,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_number_t ke * \brief A function that decrypts a short message with an asymmetric private * key in a secure element. * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg An asymmetric encryption algorithm that is * compatible with the type of `key` @@ -610,7 +627,8 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_key_slot_number_t ke * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, @@ -654,6 +672,7 @@ typedef struct { /** \brief A function that performs a secure element authenticated encryption * operation * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot containing the key to use. * \param[in] algorithm The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that @@ -681,7 +700,8 @@ typedef struct { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -695,6 +715,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_number_t key_slot /** A function that peforms a secure element authenticated decryption operation * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot containing the key to use * \param[in] algorithm The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that @@ -721,7 +742,8 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_key_slot_number_t key_slot * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_aead_decrypt_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, @@ -763,6 +785,7 @@ typedef struct { * This function can support any output from psa_export_key(). Refer to the * documentation of psa_export_key() for the format for each key type. * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot where the key will be stored * This must be a valid slot for a key of the chosen * type. It must be unoccupied. @@ -776,7 +799,8 @@ typedef struct { * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_key_lifetime_t lifetime, psa_key_type_t type, psa_algorithm_t algorithm, @@ -794,12 +818,15 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_key_slot_number_t key_slot, * * This function returns the specified slot to its default state. * - * \param[in] key_slot The key slot to erase. + * \param[in,out] drv_context The driver context structure. + * \param key_slot The key slot to erase. * * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. */ -typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key_slot); +typedef psa_status_t (*psa_drv_se_destroy_key_t)( + psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot); /** * \brief A function that exports a secure element key in binary format @@ -816,6 +843,7 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key_slot) * `psa_export_key()` does. Refer to the * documentation of `psa_export_key()` for the format for each key type. * + * \param[in,out] drv_context The driver context structure. * \param[in] key Slot whose content is to be exported. This must * be an occupied key slot. * \param[out] p_data Buffer where the key data is to be written. @@ -831,7 +859,8 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_key_slot_number_t key_slot) * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED */ -typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, +typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length); @@ -845,6 +874,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * The format of the public key information will match the format specified for * the psa_export_key() function for the key type. * + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot where the generated key will be placed * \param[in] type The type of the key to be generated * \param[in] usage The prescribed usage of the generated key @@ -864,7 +894,8 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_key_slot_number_t key, * \param[out] p_pubkey_length Upon successful completion, will contain the * size of the data placed in `p_pubkey_out`. */ -typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_key_slot_number_t key_slot, +typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, psa_key_type_t type, psa_key_usage_t usage, size_t bits, @@ -950,7 +981,8 @@ typedef struct { /** \brief A function that Sets up a secure element key derivation operation by * specifying the algorithm and the source key sot * - * \param[in,out] p_context A hardware-specific structure containing any + * \param[in,out] drv_context The driver context structure. + * \param[in,out] op_context A hardware-specific structure containing any * context information for the implementation * \param[in] kdf_alg The algorithm to be used for the key derivation * \param[in] source_key The key to be used as the source material for the @@ -958,7 +990,8 @@ typedef struct { * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context, + void *op_context, psa_algorithm_t kdf_alg, psa_key_slot_number_t source_key); @@ -969,7 +1002,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(void *p_context, * expeced that this function may be called multiple times for the same * operation, each with a different algorithm-specific `collateral_id` * - * \param[in,out] p_context A hardware-specific structure containing any + * \param[in,out] op_context A hardware-specific structure containing any * context information for the implementation * \param[in] collateral_id An ID for the collateral being provided * \param[in] p_collateral A buffer containing the collateral data @@ -977,7 +1010,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, uint32_t collateral_id, const uint8_t *p_collateral, size_t collateral_size); @@ -985,14 +1018,14 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *p_context, /** \brief A function that performs the final secure element key derivation * step and place the generated key material in a slot * - * \param[in,out] p_context A hardware-specific structure containing any + * \param[in,out] op_context A hardware-specific structure containing any * context information for the implementation * \param[in] dest_key The slot where the generated key material * should be placed * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, psa_key_slot_number_t dest_key); /** \brief A function that performs the final step of a secure element key @@ -1006,7 +1039,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *p_context, * * \retval PSA_SUCCESS */ -typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *p_context, +typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context, uint8_t *p_output, size_t output_size, size_t *p_output_length); From f2223c868db35192472b82fcd57cfd34c1e8e227 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:33:02 +0200 Subject: [PATCH 1427/2197] New driver method: allocate Add a driver method to allocate a key slot for a key that is about to be created. --- include/psa/crypto_se_driver.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 7e1d3573d..4458562d1 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -780,6 +780,30 @@ typedef struct { */ /**@{*/ +/* This type is documented in crypto.h. As far as drivers are concerned, + * this is an opaque type. */ +typedef struct psa_key_attributes_s psa_key_attributes_t; + +/** \brief A function that allocates a slot for a key. + * + * \param[in,out] drv_context The driver context structure. + * \param[in] attributes Attributes of the key. + * \param[out] key_slot Slot where the key will be stored. + * This must be a valid slot for a key of the + * chosen type. It must be unoccupied. + * + * \retval #PSA_SUCCESS + * Success. + * The core will record \c *key_slot as the key slot where the key + * is stored and will update the persistent data in storage. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + */ +typedef psa_status_t (*psa_drv_se_allocate_key_t)( + psa_drv_se_context_t *drv_context, + const psa_key_attributes_t *attributes, + psa_key_slot_number_t *key_slot); + /** \brief A function that imports a key into a secure element in binary format * * This function can support any output from psa_export_key(). Refer to the @@ -915,6 +939,8 @@ typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_cont * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { + /** Function that allocates a slot. */ + psa_drv_se_allocate_key_t p_allocate; /** Function that performs a key import operation */ psa_drv_se_import_key_t p_import; /** Function that performs a generation */ From 94cc42c28f3f1e4d3c63ef0da8b767255c5d8118 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:34:20 +0200 Subject: [PATCH 1428/2197] Pass a writable pointer to the persistent data when needed Most driver methods are not allowed to modify the persistent data, so the driver context structure contains a const pointer to it. Pass a non-const pointer to the persstent data to the driver methods that need it: init, allocate, destroy. --- include/psa/crypto_se_driver.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 4458562d1..bdc038e88 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -97,6 +97,8 @@ typedef struct { /** \brief A driver initialization function. * * \param[in,out] drv_context The driver context structure. + * \param[in,out] persistent_data A pointer to the persistent data + * that allows writing. * \param lifetime The lifetime value for which this driver * is registered. * @@ -109,6 +111,7 @@ typedef struct { * The core will NOT update the persistent data in storage. */ typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, + void *persistent_data, psa_key_lifetime_t lifetime); /** An internal designation of a key slot between the core part of the @@ -787,6 +790,8 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; /** \brief A function that allocates a slot for a key. * * \param[in,out] drv_context The driver context structure. + * \param[in,out] persistent_data A pointer to the persistent data + * that allows writing. * \param[in] attributes Attributes of the key. * \param[out] key_slot Slot where the key will be stored. * This must be a valid slot for a key of the @@ -801,6 +806,7 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; */ typedef psa_status_t (*psa_drv_se_allocate_key_t)( psa_drv_se_context_t *drv_context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_slot_number_t *key_slot); @@ -843,6 +849,8 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_contex * This function returns the specified slot to its default state. * * \param[in,out] drv_context The driver context structure. + * \param[in,out] persistent_data A pointer to the persistent data + * that allows writing. * \param key_slot The key slot to erase. * * \retval #PSA_SUCCESS @@ -850,6 +858,7 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_contex */ typedef psa_status_t (*psa_drv_se_destroy_key_t)( psa_drv_se_context_t *drv_context, + void *persistent_data, psa_key_slot_number_t key_slot); /** From 5243a202c3e1d9193e02d2725fb516aa179159bc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:38:19 +0200 Subject: [PATCH 1429/2197] Driver context manipulation functions Create the driver context when registering the driver. Implement some helper functions to access driver information. --- library/psa_crypto_se.c | 102 ++++++++++++++++++++++++++++++++++++---- library/psa_crypto_se.h | 61 +++++++++++++++++++----- 2 files changed, 141 insertions(+), 22 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 70e3a1680..b95b2a5d5 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -28,23 +28,49 @@ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) #include +#include #include +#include "psa/crypto_se_driver.h" + #include "psa_crypto_se.h" +#include "mbedtls/platform.h" +#if !defined(MBEDTLS_PLATFORM_C) +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + + + /****************************************************************/ /* Driver lookup */ /****************************************************************/ +/* This structure is identical to psa_drv_se_context_t declared in + * `crypto_se_driver.h`, except that some parts are writable here + * (non-const, or pointer to non-const). */ +typedef struct +{ + void *persistent_data; + size_t persistent_data_size; + uintptr_t transient_data; +} psa_drv_se_internal_context_t; + typedef struct psa_se_drv_table_entry_s { psa_key_lifetime_t lifetime; const psa_drv_se_t *methods; + union + { + psa_drv_se_internal_context_t internal; + psa_drv_se_context_t context; + }; } psa_se_drv_table_entry_t; static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; -const psa_se_drv_table_entry_t *psa_get_se_driver_entry( +psa_se_drv_table_entry_t *psa_get_se_driver_entry( psa_key_lifetime_t lifetime ) { size_t i; @@ -59,20 +85,50 @@ const psa_se_drv_table_entry_t *psa_get_se_driver_entry( } const psa_drv_se_t *psa_get_se_driver_methods( - const psa_se_drv_table_entry_t *drv ) + const psa_se_drv_table_entry_t *driver ) { - return( drv->methods ); + return( driver->methods ); } -const psa_drv_se_t *psa_get_se_driver( psa_key_lifetime_t lifetime ) +psa_drv_se_context_t *psa_get_se_driver_context( + psa_se_drv_table_entry_t *driver ) { - const psa_se_drv_table_entry_t *drv = psa_get_se_driver_entry( lifetime ); - if( drv == NULL ) - return( NULL ); - else - return( drv->methods ); + return( &driver->context ); } +int psa_get_se_driver( psa_key_lifetime_t lifetime, + const psa_drv_se_t **p_methods, + psa_drv_se_context_t **p_drv_context) +{ + psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime ); + if( p_methods != NULL ) + *p_methods = ( driver ? driver->methods : NULL ); + if( p_drv_context != NULL ) + *p_drv_context = ( driver ? &driver->context : NULL ); + return( driver != NULL ); +} + + + +/****************************************************************/ +/* Persistent data management */ +/****************************************************************/ + +psa_status_t psa_load_se_persistent_data( + const psa_se_drv_table_entry_t *driver ) +{ + /*TODO*/ + (void) driver; + return( PSA_SUCCESS ); +} + +psa_status_t psa_save_se_persistent_data( + const psa_se_drv_table_entry_t *driver ) +{ + /*TODO*/ + (void) driver; + return( PSA_SUCCESS ); +} @@ -85,6 +141,7 @@ psa_status_t psa_register_se_driver( const psa_drv_se_t *methods) { size_t i; + psa_status_t status; if( methods->hal_version != PSA_DRV_SE_HAL_VERSION ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -115,11 +172,38 @@ psa_status_t psa_register_se_driver( driver_table[i].lifetime = lifetime; driver_table[i].methods = methods; + + if( methods->persistent_data_size != 0 ) + { + driver_table[i].internal.persistent_data = + mbedtls_calloc( 1, methods->persistent_data_size ); + if( driver_table[i].internal.persistent_data == NULL ) + { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto error; + } + status = psa_load_se_persistent_data( &driver_table[i] ); + if( status != PSA_SUCCESS ) + goto error; + } + driver_table[i].internal.persistent_data_size = + methods->persistent_data_size; + return( PSA_SUCCESS ); + +error: + memset( &driver_table[i], 0, sizeof( driver_table[i] ) ); + return( status ); } void psa_unregister_all_se_drivers( void ) { + size_t i; + for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) + { + if( driver_table[i].internal.persistent_data != NULL ) + mbedtls_free( driver_table[i].internal.persistent_data ); + } memset( driver_table, 0, sizeof( driver_table ) ); } diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 88b0127c6..a9951e661 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -45,11 +45,30 @@ void psa_unregister_all_se_drivers( void ); /** A structure that describes a registered secure element driver. * * A secure element driver table entry contains a pointer to the - * driver's method table and a pointer to the driver's slot usage - * structure. + * driver's method table as well as the driver context structure. */ typedef struct psa_se_drv_table_entry_s psa_se_drv_table_entry_t; +/** Return the secure element driver information for a lifetime value. + * + * \param lifetime The lifetime value to query. + * \param[out] p_methods On output, if there is a driver, + * \c *methods points to its method table. + * Otherwise \c *methods is \c NULL. + * \param[out] p_drv_context On output, if there is a driver, + * \c *drv_context points to its context + * structure. + * Otherwise \c *drv_context is \c NULL. + * + * \retval 1 + * \p lifetime corresponds to a registered driver. + * \retval 0 + * \p lifetime does not correspond to a registered driver. + */ +int psa_get_se_driver( psa_key_lifetime_t lifetime, + const psa_drv_se_t **p_methods, + psa_drv_se_context_t **p_drv_context); + /** Return the secure element driver table entry for a lifetime value. * * \param lifetime The lifetime value to query. @@ -57,27 +76,43 @@ typedef struct psa_se_drv_table_entry_s psa_se_drv_table_entry_t; * \return The driver table entry for \p lifetime, or * \p NULL if \p lifetime does not correspond to a registered driver. */ -const psa_se_drv_table_entry_t *psa_get_se_driver_entry( +psa_se_drv_table_entry_t *psa_get_se_driver_entry( psa_key_lifetime_t lifetime ); /** Return the method table for a secure element driver. * - * \param[in] drv The driver table entry to access. + * \param[in] driver The driver table entry to access, or \c NULL. * - * \return The driver table entry for \p lifetime, or - * \p NULL if \p lifetime does not correspond to a registered driver. + * \return The driver's method table. + * \c NULL if \p driver is \c NULL. */ const psa_drv_se_t *psa_get_se_driver_methods( - const psa_se_drv_table_entry_t *drv ); + const psa_se_drv_table_entry_t *driver ); -/** Return the secure element driver method table for a lifetime value. +/** Return the context of a secure element driver. * - * \param lifetime The lifetime value to query. + * \param[in] driver The driver table entry to access, or \c NULL. * - * \return The driver method table for \p lifetime, or - * \p NULL if \p lifetime does not correspond to a registered driver. + * \return A pointer to the driver context. + * \c NULL if \p driver is \c NULL. */ -const psa_drv_se_t *psa_get_se_driver( - psa_key_lifetime_t lifetime ); +psa_drv_se_context_t *psa_get_se_driver_context( + psa_se_drv_table_entry_t *driver ); + +/** Load the persistent data of a secure element driver. + * + * \param driver The driver table entry containing the persistent + * data to load from storage. + */ +psa_status_t psa_load_se_persistent_data( + const psa_se_drv_table_entry_t *driver ); + +/** Save the persistent data of a secure element driver. + * + * \param[in] driver The driver table entry containing the persistent + * data to save to storage. + */ +psa_status_t psa_save_se_persistent_data( + const psa_se_drv_table_entry_t *driver ); #endif /* PSA_CRYPTO_SE_H */ From 8abe6a2d5ca502f0f451d29f45563fc0235aae90 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:40:35 +0200 Subject: [PATCH 1430/2197] Driver table entries are now mutable Since driver table entries contain the driver context, which is mutable, they can't be const anymore. --- library/psa_crypto.c | 14 +++++++------- library/psa_crypto_slot_management.c | 2 +- library/psa_crypto_slot_management.h | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 65e1e2a74..db6a11fb2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1306,7 +1306,7 @@ static psa_status_t psa_start_key_creation( const psa_key_attributes_t *attributes, psa_key_handle_t *handle, psa_key_slot_t **p_slot, - const psa_se_drv_table_entry_t **p_drv ) + psa_se_drv_table_entry_t **p_drv ) { psa_status_t status; psa_key_slot_t *slot; @@ -1356,7 +1356,7 @@ static psa_status_t psa_start_key_creation( */ static psa_status_t psa_finish_key_creation( psa_key_slot_t *slot, - const psa_se_drv_table_entry_t *driver ) + psa_se_drv_table_entry_t *driver ) { psa_status_t status = PSA_SUCCESS; (void) slot; @@ -1407,7 +1407,7 @@ static psa_status_t psa_finish_key_creation( * or NULL for a transparent key. */ static void psa_fail_key_creation( psa_key_slot_t *slot, - const psa_se_drv_table_entry_t *driver ) + psa_se_drv_table_entry_t *driver ) { (void) driver; @@ -1483,7 +1483,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, { psa_status_t status; psa_key_slot_t *slot = NULL; - const psa_se_drv_table_entry_t *driver = NULL; + psa_se_drv_table_entry_t *driver = NULL; status = psa_start_key_creation( attributes, handle, &slot, &driver ); if( status != PSA_SUCCESS ) @@ -1540,7 +1540,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, psa_key_slot_t *source_slot = NULL; psa_key_slot_t *target_slot = NULL; psa_key_attributes_t actual_attributes = *specified_attributes; - const psa_se_drv_table_entry_t *driver = NULL; + psa_se_drv_table_entry_t *driver = NULL; status = psa_get_key_from_slot( source_handle, &source_slot, PSA_KEY_USAGE_COPY, 0 ); @@ -4464,7 +4464,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut { psa_status_t status; psa_key_slot_t *slot = NULL; - const psa_se_drv_table_entry_t *driver = NULL; + psa_se_drv_table_entry_t *driver = NULL; status = psa_start_key_creation( attributes, handle, &slot, &driver ); if( status == PSA_SUCCESS ) { @@ -5495,7 +5495,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, { psa_status_t status; psa_key_slot_t *slot = NULL; - const psa_se_drv_table_entry_t *driver = NULL; + psa_se_drv_table_entry_t *driver = NULL; status = psa_start_key_creation( attributes, handle, &slot, &driver ); if( status == PSA_SUCCESS ) { diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index eb24b6b4c..40e9683e5 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -168,7 +168,7 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id, psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, psa_key_file_id_t id, - const psa_se_drv_table_entry_t **p_drv, + psa_se_drv_table_entry_t **p_drv, int creating ) { if( p_drv != NULL ) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 8111c4a62..049520d4b 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -122,7 +122,7 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) psa_status_t psa_validate_persistent_key_parameters( psa_key_lifetime_t lifetime, psa_key_file_id_t id, - const psa_se_drv_table_entry_t **p_drv, + psa_se_drv_table_entry_t **p_drv, int creating ); From 73167e128f44727333502c5709e5aad2d554fdbc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:44:37 +0200 Subject: [PATCH 1431/2197] SE keys: store the slot number in the memory slot --- library/psa_crypto.c | 14 ++++++++++++++ library/psa_crypto_core.h | 9 +++++++++ 2 files changed, 23 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index db6a11fb2..84b10df3e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -363,6 +363,13 @@ static psa_status_t mbedtls_to_psa_error( int ret ) /* Key management */ /****************************************************************/ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +static inline int psa_key_slot_is_external( const psa_key_slot_t *slot ) +{ + return( psa_key_lifetime_is_external( slot->lifetime ) ); +} +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + #if defined(MBEDTLS_ECP_C) static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) { @@ -867,6 +874,13 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, /** Wipe key data from a slot. Preserve metadata such as the policy. */ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_key_slot_is_external( slot ) ) + { + /* No key material to clean. */ + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ if( slot->type == PSA_KEY_TYPE_NONE ) { /* No key material to clean. */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 595897257..6096810f4 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -29,6 +29,7 @@ #endif #include "psa/crypto.h" +#include "psa/crypto_se_driver.h" #include "mbedtls/ecp.h" #include "mbedtls/rsa.h" @@ -45,17 +46,25 @@ typedef struct unsigned allocated : 1; union { + /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */ struct raw_data { uint8_t *data; size_t bytes; } raw; #if defined(MBEDTLS_RSA_C) + /* RSA public key or key pair */ mbedtls_rsa_context *rsa; #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) + /* EC public key or key pair */ mbedtls_ecp_keypair *ecp; #endif /* MBEDTLS_ECP_C */ + /* Any key type in a secure element */ + struct se + { + psa_key_slot_number_t slot_number; + } se; } data; } psa_key_slot_t; From cbaff467efd1f81cc09dd81ae10c48e872f32360 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:46:04 +0200 Subject: [PATCH 1432/2197] SE keys: allocate a slot before creating the key --- library/psa_crypto.c | 24 ++++++++++++++++++++++++ library/psa_crypto_se.c | 29 +++++++++++++++++++++++++++++ library/psa_crypto_se.h | 15 +++++++++++++++ 3 files changed, 68 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84b10df3e..93c9ce444 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1348,6 +1348,18 @@ static psa_status_t psa_start_key_creation( } slot->type = attributes->type; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* Find a slot number. Don't yet mark it as allocated in case + * the key creation fails or there is a power failure. */ + if( *p_drv != NULL ) + { + status = psa_find_se_slot_for_key( attributes, *p_drv, + &slot->data.se.slot_number ); + if( status != PSA_SUCCESS ) + return( status ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + return( status ); } @@ -1405,6 +1417,18 @@ static psa_status_t psa_finish_key_creation( } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + status = psa_save_se_persistent_data( driver ); + if( status != PSA_SUCCESS ) + { + psa_destroy_persistent_key( slot->persistent_storage_id ); + return( status ); + } + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + return( status ); } diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index b95b2a5d5..fb57fc962 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -130,6 +130,35 @@ psa_status_t psa_save_se_persistent_data( return( PSA_SUCCESS ); } +psa_status_t psa_find_se_slot_for_key( + const psa_key_attributes_t *attributes, + psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t *slot_number ) +{ + psa_status_t status; + psa_drv_se_allocate_key_t p_allocate = NULL; + + /* If the lifetime is wrong, it's a bug in the library. */ + if( driver->lifetime != attributes->lifetime ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + /* If the driver doesn't support key creation in any way, give up now. */ + if( driver->methods->key_management == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + p_allocate = driver->methods->key_management->p_allocate; + + /* If the driver doesn't tell us how to allocate a slot, that's + * not supported for the time being. */ + if( p_allocate == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + + status = ( *p_allocate )( &driver->context, + driver->internal.persistent_data, + attributes, + slot_number ); + return( status ); +} + /****************************************************************/ diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index a9951e661..02819d9b3 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -99,6 +99,21 @@ const psa_drv_se_t *psa_get_se_driver_methods( psa_drv_se_context_t *psa_get_se_driver_context( psa_se_drv_table_entry_t *driver ); +/** Find a free slot for a key that is to be created. + * + * This function calls the relevant method in the driver to find a suitable + * slot for a key with the given attributes. + * + * \param[in] attributes Metadata about the key that is about to be created. + * \param[in] driver The driver table entry to query. + * \param[out] slot_number On success, a slot number that is free in this + * secure element. + */ +psa_status_t psa_find_se_slot_for_key( + const psa_key_attributes_t *attributes, + psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t *slot_number ); + /** Load the persistent data of a secure element driver. * * \param driver The driver table entry containing the persistent From 354f7671f48945ffa9e68e0a4564e7f16279a152 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:46:38 +0200 Subject: [PATCH 1433/2197] SE keys: support destroy When destroying a key in a secure element, call the driver's destroy method and update the driver's persistent data in storage. --- library/psa_crypto.c | 11 +++++++++++ library/psa_crypto_se.c | 16 ++++++++++++++++ library/psa_crypto_se.h | 8 ++++++++ 3 files changed, 35 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 93c9ce444..70ef9be0d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -939,10 +939,20 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) psa_key_slot_t *slot; psa_status_t status = PSA_SUCCESS; psa_status_t storage_status = PSA_SUCCESS; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + psa_se_drv_table_entry_t *driver; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + driver = psa_get_se_driver_entry( slot->lifetime ); + if( driver != NULL ) + status = psa_destroy_se_key( driver, slot->data.se.slot_number ); +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { @@ -950,6 +960,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) psa_destroy_persistent_key( slot->persistent_storage_id ); } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + status = psa_wipe_key_slot( slot ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index fb57fc962..7287ac0d7 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -159,6 +159,22 @@ psa_status_t psa_find_se_slot_for_key( return( status ); } +psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t slot_number ) +{ + psa_status_t status; + psa_status_t storage_status; + if( driver->methods->key_management == NULL || + driver->methods->key_management->p_destroy == NULL ) + return( PSA_ERROR_NOT_PERMITTED ); + status = driver->methods->key_management->p_destroy( + &driver->context, + driver->internal.persistent_data, + slot_number ); + storage_status = psa_save_se_persistent_data( driver ); + return( status == PSA_SUCCESS ? storage_status : status ); +} + /****************************************************************/ diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 02819d9b3..f1d7e7c36 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -114,6 +114,14 @@ psa_status_t psa_find_se_slot_for_key( psa_se_drv_table_entry_t *driver, psa_key_slot_number_t *slot_number ); +/** Destoy a key in a secure element. + * + * This function calls the relevant driver method to destroy a key + * and updates the driver's persistent data. + */ +psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t slot_number ); + /** Load the persistent data of a secure element driver. * * \param driver The driver table entry containing the persistent From 5d309672af3a0ceb873a8c641682ff2948edf9fa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:47:28 +0200 Subject: [PATCH 1434/2197] SE keys: support import and export --- library/psa_crypto.c | 55 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 49 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 70ef9be0d..77acf2edd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1133,11 +1133,33 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, size_t *data_length, int export_public_key ) { +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + *data_length = 0; if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_get_se_driver( slot->lifetime, &drv, &drv_context ) ) + { + psa_drv_se_export_key_t method; + if( drv->key_management == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + method = ( export_public_key ? + drv->key_management->p_export_public : + drv->key_management->p_export ); + if( method == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + return( ( *method )( drv_context, + slot->data.se.slot_number, + data, data_size, data_length ) ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + if( key_type_is_raw_bytes( slot->type ) ) { if( slot->data.raw.bytes > data_size ) @@ -1538,12 +1560,33 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; - status = psa_import_key_into_slot( slot, data, data_length ); - if( status != PSA_SUCCESS ) - goto exit; - status = psa_check_key_slot_attributes( slot, attributes ); - if( status != PSA_SUCCESS ) - goto exit; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); + if( drv->key_management == NULL || + drv->key_management->p_import == NULL ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = drv->key_management->p_import( + psa_get_se_driver_context( driver ), + slot->data.se.slot_number, + slot->lifetime, slot->type, slot->policy.alg, slot->policy.usage, + data, data_length ); + /* TOnogrepDO: psa_check_key_slot_attributes? */ + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + { + status = psa_import_key_into_slot( slot, data, data_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_check_key_slot_attributes( slot, attributes ); + if( status != PSA_SUCCESS ) + goto exit; + } status = psa_finish_key_creation( slot, driver ); exit: From 5dc742c36a8c5487e602ebe0a9632215b8d933e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Jul 2019 23:47:47 +0200 Subject: [PATCH 1435/2197] SE keys: smoke test import, export, destroy --- .../test_suite_psa_crypto_se_driver_hal.data | 6 + ...st_suite_psa_crypto_se_driver_hal.function | 166 +++++++++++++++++- 2 files changed, 171 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index c04b70d96..28c7d7583 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -26,3 +26,9 @@ register_twice:3 Register SE driver: maximum number of drivers register_max: + +Key creation smoke test (p_allocate allows all slots) +key_creation_import_export:0 + +Key creation smoke test (p_allocate allows 1 slot) +key_creation_import_export:ARRAY_LENGTH( ram_slots ) - 1 diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index b9d0a1f0a..2e2a6480f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -4,9 +4,117 @@ #include "psa_crypto_se.h" -/* The minimum valid lifetime value for a secure element driver. */ +/** The minimum valid lifetime value for a secure element driver. */ #define MIN_DRIVER_LIFETIME 2 +/** The driver detected a condition that shouldn't happen. + * This is probably a bug in the library. */ +#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 )) + +/** Like #TEST_ASSERT for use in a driver method. + * + * Use this macro to assert on guarantees provided by the core. + */ +#define DRIVER_ASSERT( TEST ) \ + do { \ + if( ! (TEST) ) \ + { \ + test_fail( #TEST, __LINE__, __FILE__ ); \ + return( PSA_ERROR_DETECTED_BY_DRIVER ); \ + } \ + } while( 0 ) + +#define RAM_MAX_KEY_SIZE 64 +typedef struct +{ + psa_key_lifetime_t lifetime; + psa_key_type_t type; + size_t bits; + uint8_t content[RAM_MAX_KEY_SIZE]; +} ram_slot_t; +static ram_slot_t ram_slots[16]; + +/* A type with at least ARRAY_LENGTH(ram_slots) bits, containing a + * bit vector indicating which slots are in use. */ +typedef uint16_t ram_slot_usage_t; + +static uint8_t ram_min_slot = 0; + +static void ram_slots_reset( void ) +{ + memset( ram_slots, 0, sizeof( ram_slots ) ); + ram_min_slot = 0; +} + +static psa_status_t ram_import( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_key_lifetime_t lifetime, + psa_key_type_t type, + psa_algorithm_t algorithm, + psa_key_usage_t usage, + const uint8_t *p_data, + size_t data_length ) +{ + (void) context; + DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); + if( data_length > sizeof( ram_slots[slot_number].content ) ) + return( PSA_ERROR_INSUFFICIENT_STORAGE ); + ram_slots[slot_number].lifetime = lifetime; + ram_slots[slot_number].type = type; + ram_slots[slot_number].bits = PSA_BYTES_TO_BITS( data_length ); + (void) algorithm; + (void) usage; + memcpy( ram_slots[slot_number].content, p_data, data_length ); + return( PSA_SUCCESS ); +} + +psa_status_t ram_export( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ) +{ + size_t actual_size; + (void) context; + DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); + actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ); + if( actual_size > data_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + *p_data_length = actual_size; + memcpy( p_data, ram_slots[slot_number].content, actual_size ); + return( PSA_SUCCESS ); +} + +psa_status_t ram_destroy( psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number ) +{ + ram_slot_usage_t *slot_usage = persistent_data; + DRIVER_ASSERT( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); + DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); + memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); + *slot_usage &= ~(ram_slot_usage_t)( 1 << slot_number ); + return( PSA_SUCCESS ); +} + +psa_status_t ram_allocate( psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_slot_number_t *slot_number ) +{ + ram_slot_usage_t *slot_usage = persistent_data; + (void) attributes; + DRIVER_ASSERT( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); + for( *slot_number = ram_min_slot; + *slot_number < ARRAY_LENGTH( ram_slots ); + ++( *slot_number ) ) + { + if( ! ( *slot_usage & 1 << *slot_number ) ) + return( PSA_SUCCESS ); + } + return( PSA_ERROR_INSUFFICIENT_STORAGE ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -78,3 +186,59 @@ exit: PSA_DONE( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void key_creation_import_export( int min_slot ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + uint8_t exported[sizeof( key_material )]; + size_t exported_length; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + driver.persistent_data_size = sizeof( ram_slot_usage_t ); + key_management.p_allocate = ram_allocate; + key_management.p_import = ram_import; + key_management.p_destroy = ram_destroy; + key_management.p_export = ram_export; + ram_min_slot = min_slot; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + /* Create a key. */ + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + /* Test that the key was created in the expected slot. */ + TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA ); + + PSA_ASSERT( psa_export_key( handle, + exported, sizeof( exported ), + &exported_length ) ); + ASSERT_COMPARE( key_material, sizeof( key_material ), + exported, exported_length ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + + /* Test that the key has been erased from the designated slot. */ + TEST_ASSERT( ram_slots[min_slot].type == 0 ); + +exit: + PSA_DONE( ); + ram_slots_reset( ); +} +/* END_CASE */ From 47629d076e1a9c0aea637b551fb8d03888f721ef Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Fri, 22 Mar 2019 11:24:17 +0000 Subject: [PATCH 1436/2197] Use stdint.h types Follow MISRA C 2012 rules by using exact width types from stdint.h. --- include/psa/crypto.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3036d17b4..fb9424a49 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1853,7 +1853,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, - unsigned char *iv, + uint8_t *iv, size_t iv_size, size_t *iv_length); @@ -1888,7 +1888,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, - const unsigned char *iv, + const uint8_t *iv, size_t iv_length); /** Encrypt or decrypt a message fragment in an active cipher operation. @@ -1926,7 +1926,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - unsigned char *output, + uint8_t *output, size_t output_size, size_t *output_length); From 163639b830539454b61d6f552b80a7f0cb3f63fb Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 15 May 2019 12:33:23 +0100 Subject: [PATCH 1437/2197] Apply same changes to implementation source code --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5245e61bf..08eff519b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3300,7 +3300,7 @@ psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, } psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, - unsigned char *iv, + uint8_t *iv, size_t iv_size, size_t *iv_length ) { @@ -3333,7 +3333,7 @@ exit: } psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, - const unsigned char *iv, + const uint8_t *iv, size_t iv_length ) { psa_status_t status; @@ -3360,7 +3360,7 @@ exit: psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - unsigned char *output, + uint8_t *output, size_t output_size, size_t *output_length ) { From d16bdac9b5209d60ab4711a454e4bcedad306649 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 15 May 2019 12:34:01 +0100 Subject: [PATCH 1438/2197] Use stdint.h types in multipart AEAD functions No implementation yet. --- include/psa/crypto.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fb9424a49..4226587a8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2319,7 +2319,7 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, - unsigned char *nonce, + uint8_t *nonce, size_t nonce_size, size_t *nonce_length); @@ -2353,7 +2353,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, - const unsigned char *nonce, + const uint8_t *nonce, size_t nonce_length); /** Declare the lengths of the message and additional data for AEAD. @@ -2507,7 +2507,7 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, size_t input_length, - unsigned char *output, + uint8_t *output, size_t output_size, size_t *output_length); From f82088a5f44169c359e70358b4350a008e45fb42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 15 Jul 2019 11:07:38 +0200 Subject: [PATCH 1439/2197] Favor stdint.h types in example code --- include/psa/crypto_sizes.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index f0f31e6dc..09a292b2d 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -649,7 +649,7 @@ * size_t key_bits = psa_get_key_bits(&attributes); * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits); * psa_reset_key_attributes(&attributes); - * unsigned char *buffer = malloc(buffer_size); + * uint8_t *buffer = malloc(buffer_size); * if (buffer == NULL) handle_error(...); * size_t buffer_length; * status = psa_export_key(key, buffer, buffer_size, &buffer_length); @@ -669,7 +669,7 @@ * size_t key_bits = psa_get_key_bits(&attributes); * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits); * psa_reset_key_attributes(&attributes); - * unsigned char *buffer = malloc(buffer_size); + * uint8_t *buffer = malloc(buffer_size); * if (buffer == NULL) handle_error(...); * size_t buffer_length; * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length); From 7228da25f9685bb0bff34d2ee9959308130eb4c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 15 Jul 2019 11:06:15 +0200 Subject: [PATCH 1440/2197] Favor stdint.h types in implementation-specific API --- include/psa/crypto_extra.h | 2 +- library/psa_crypto.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 0ab589226..b2d4633de 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -221,7 +221,7 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); * The library has already been initialized. It is no longer * possible to call this function. */ -psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed, +psa_status_t mbedtls_psa_inject_entropy(uint8_t *seed, size_t seed_size); #if defined(PSA_PRE_1_0_KEY_DERIVATION) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 08eff519b..ff7654a8f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5313,7 +5313,7 @@ psa_status_t psa_generate_random( uint8_t *output, #if defined(MBEDTLS_PSA_INJECT_ENTROPY) #include "mbedtls/entropy_poll.h" -psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, +psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed, size_t seed_size ) { if( global_data.initialized ) From c11c4dcf9525c10ff24c7caac5e234822f06251f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 15 Jul 2019 11:06:38 +0200 Subject: [PATCH 1441/2197] Favor stdint.h types in internal types Use uint8_t for PSA buffers. Keep unsigned char for generic libc buffers and for mbedtls buffers. --- include/psa/crypto_struct.h | 2 +- library/psa_crypto.c | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index fdf78a8eb..0ddc7a3eb 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -210,7 +210,7 @@ typedef struct psa_tls12_prf_key_derivation_s * hence we must store it for the lifetime of the operation. * This is different from HKDF, where the key is only used * in the extraction phase, but not during expansion. */ - unsigned char *key; + uint8_t *key; size_t key_len; /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ff7654a8f..95088a0d1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2207,7 +2207,7 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, size_t key_length, psa_algorithm_t hash_alg ) { - unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; + uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; size_t i; size_t hash_size = PSA_HASH_SIZE( hash_alg ); size_t block_size = psa_get_hash_block_size( hash_alg ); @@ -2281,7 +2281,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, size_t key_bits; psa_key_usage_t usage = is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; - unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg ); + uint8_t truncated = PSA_MAC_TRUNCATED_LENGTH( alg ); psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg ); /* A context must be freshly initialized before it can be set up. */ @@ -2446,7 +2446,7 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac, uint8_t *mac, size_t mac_size ) { - unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; + uint8_t tmp[MBEDTLS_MD_MAX_SIZE]; psa_algorithm_t hash_alg = hmac->hash_ctx.alg; size_t hash_size = 0; size_t block_size = psa_get_hash_block_size( hash_alg ); @@ -3227,7 +3227,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( slot->type == PSA_KEY_TYPE_DES && key_bits == 128 ) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ - unsigned char keys[24]; + uint8_t keys[24]; memcpy( keys, slot->data.raw.data, 16 ); memcpy( keys + 16, slot->data.raw.data, 8 ); ret = mbedtls_cipher_setkey( &operation->ctx.cipher, @@ -4024,7 +4024,7 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( psa_hmac_internal_data hmac; psa_status_t status, cleanup_status; - unsigned char *Ai; + uint8_t *Ai; size_t Ai_len; /* We can't be wanting more output after block 0xff, otherwise @@ -4517,7 +4517,7 @@ static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hk */ static psa_status_t psa_key_derivation_tls12_prf_setup( psa_tls12_prf_key_derivation_t *tls12_prf, - const unsigned char *key, + const uint8_t *key, size_t key_len, psa_algorithm_t hash_alg, const uint8_t *salt, @@ -4572,7 +4572,7 @@ static psa_status_t psa_key_derivation_tls12_prf_setup( /* Set up a TLS-1.2-PSK-to-MS-based operation. */ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( psa_tls12_prf_key_derivation_t *tls12_prf, - const unsigned char *psk, + const uint8_t *psk, size_t psk_len, psa_algorithm_t hash_alg, const uint8_t *salt, @@ -4581,7 +4581,7 @@ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( size_t label_length ) { psa_status_t status; - unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; + uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; if( psk_len > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4942,8 +4942,8 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( size_t data_length ) { psa_status_t status; - unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; - unsigned char* cur = pms; + uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; + uint8_t *cur = pms; if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ) return( PSA_ERROR_INVALID_ARGUMENT ); From c49fbbf3eb2d7caa9c9f8edb44f857435d37347f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 4 Jul 2019 20:01:14 +0100 Subject: [PATCH 1442/2197] Use mbedtls-based path for includes To help the build system find the correct include files, paths starting with "mbedtls/" or "psa/" must be used. Otherwise, you can run into build failures like the following when building Mbed Crypto as a submodule. In file included from chachapoly.c:31:0: ../../include/mbedtls/chachapoly.h:43:10: fatal error: poly1305.h: No such file or directory #include "poly1305.h" ^~~~~~~~~~~~ compilation terminated. Includes for ALT implementations are not modified, as the alt headers are provided by system integrators and not Mbed TLS or Mbed Crypto. --- configs/config-no-entropy.h | 2 +- configs/config-psa-crypto.h | 2 +- include/mbedtls/aes.h | 2 +- include/mbedtls/aesni.h | 4 ++-- include/mbedtls/arc4.h | 2 +- include/mbedtls/aria.h | 4 ++-- include/mbedtls/asn1.h | 4 ++-- include/mbedtls/asn1write.h | 4 ++-- include/mbedtls/base64.h | 2 +- include/mbedtls/bignum.h | 2 +- include/mbedtls/blowfish.h | 4 ++-- include/mbedtls/bn_mul.h | 4 ++-- include/mbedtls/camellia.h | 4 ++-- include/mbedtls/ccm.h | 4 ++-- include/mbedtls/certs.h | 2 +- include/mbedtls/chacha20.h | 2 +- include/mbedtls/chachapoly.h | 6 +++--- include/mbedtls/cipher.h | 4 ++-- include/mbedtls/cipher_internal.h | 4 ++-- include/mbedtls/cmac.h | 4 ++-- include/mbedtls/compat-1.3.h | 2 +- include/mbedtls/config.h | 2 +- include/mbedtls/ctr_drbg.h | 6 +++--- include/mbedtls/des.h | 2 +- include/mbedtls/dhm.h | 4 ++-- include/mbedtls/ecdh.h | 4 ++-- include/mbedtls/ecdsa.h | 6 +++--- include/mbedtls/ecjpake.h | 6 +++--- include/mbedtls/ecp.h | 4 ++-- include/mbedtls/ecp_internal.h | 2 +- include/mbedtls/entropy.h | 10 +++++----- include/mbedtls/entropy_poll.h | 2 +- include/mbedtls/error.h | 2 +- include/mbedtls/gcm.h | 4 ++-- include/mbedtls/havege.h | 2 +- include/mbedtls/hkdf.h | 4 ++-- include/mbedtls/hmac_drbg.h | 6 +++--- include/mbedtls/md.h | 2 +- include/mbedtls/md2.h | 2 +- include/mbedtls/md4.h | 2 +- include/mbedtls/md5.h | 2 +- include/mbedtls/md_internal.h | 4 ++-- include/mbedtls/memory_buffer_alloc.h | 2 +- include/mbedtls/nist_kw.h | 4 ++-- include/mbedtls/oid.h | 10 +++++----- include/mbedtls/padlock.h | 4 ++-- include/mbedtls/pem.h | 2 +- include/mbedtls/pk.h | 10 +++++----- include/mbedtls/pk_internal.h | 4 ++-- include/mbedtls/pkcs12.h | 8 ++++---- include/mbedtls/pkcs5.h | 6 +++--- include/mbedtls/platform.h | 4 ++-- include/mbedtls/platform_time.h | 2 +- include/mbedtls/platform_util.h | 4 ++-- include/mbedtls/poly1305.h | 2 +- include/mbedtls/psa_util.h | 10 +++++----- include/mbedtls/ripemd160.h | 2 +- include/mbedtls/rsa.h | 8 ++++---- include/mbedtls/rsa_internal.h | 4 ++-- include/mbedtls/sha1.h | 2 +- include/mbedtls/sha256.h | 2 +- include/mbedtls/sha512.h | 2 +- include/mbedtls/threading.h | 2 +- include/mbedtls/timing.h | 2 +- include/mbedtls/version.h | 2 +- include/mbedtls/xtea.h | 2 +- 66 files changed, 123 insertions(+), 123 deletions(-) diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 6f44899e4..502ca0320 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -81,6 +81,6 @@ /* Miscellaneous options */ #define MBEDTLS_AES_ROM_TABLES -#include "check_config.h" +#include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 97a1b2b68..58a2c88cf 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1971,6 +1971,6 @@ #include MBEDTLS_USER_CONFIG_FILE #endif -#include "check_config.h" +#include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 94e7282d3..63c0f672b 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -42,7 +42,7 @@ #define MBEDTLS_AES_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h index a4ca012f8..955b7c990 100644 --- a/include/mbedtls/aesni.h +++ b/include/mbedtls/aesni.h @@ -28,12 +28,12 @@ #define MBEDTLS_AESNI_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "aes.h" +#include "mbedtls/aes.h" #define MBEDTLS_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_CLMUL 0x00000002u diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h index fb044d5b7..acad623ad 100644 --- a/include/mbedtls/arc4.h +++ b/include/mbedtls/arc4.h @@ -29,7 +29,7 @@ #define MBEDTLS_ARC4_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 1e8956ed1..a72a8c22a 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -31,7 +31,7 @@ #define MBEDTLS_ARIA_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif @@ -39,7 +39,7 @@ #include #include -#include "platform_util.h" +#include "mbedtls/platform_util.h" #define MBEDTLS_ARIA_ENCRYPT 1 /**< ARIA encryption. */ #define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */ diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index f80acd7e1..ab947ab7e 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -25,7 +25,7 @@ #define MBEDTLS_ASN1_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif @@ -33,7 +33,7 @@ #include #if defined(MBEDTLS_BIGNUM_C) -#include "bignum.h" +#include "mbedtls/bignum.h" #endif /** diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 8aa01b43a..336f2daf1 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -25,12 +25,12 @@ #define MBEDTLS_ASN1_WRITE_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "asn1.h" +#include "mbedtls/asn1.h" #define MBEDTLS_ASN1_CHK_ADD(g, f) \ do \ diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 0d024164c..07ae3bf54 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -25,7 +25,7 @@ #define MBEDTLS_BASE64_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index a04a145a8..0b26727f3 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -25,7 +25,7 @@ #define MBEDTLS_BIGNUM_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h index f01573dca..1e5dba3a3 100644 --- a/include/mbedtls/blowfish.h +++ b/include/mbedtls/blowfish.h @@ -25,7 +25,7 @@ #define MBEDTLS_BLOWFISH_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif @@ -33,7 +33,7 @@ #include #include -#include "platform_util.h" +#include "mbedtls/platform_util.h" #define MBEDTLS_BLOWFISH_ENCRYPT 1 #define MBEDTLS_BLOWFISH_DECRYPT 0 diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index c33bd8d4a..db03ba2c0 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -39,12 +39,12 @@ #define MBEDTLS_BN_MUL_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "bignum.h" +#include "mbedtls/bignum.h" #if defined(MBEDTLS_HAVE_ASM) diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 3eeb66366..a8324543c 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -25,7 +25,7 @@ #define MBEDTLS_CAMELLIA_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif @@ -33,7 +33,7 @@ #include #include -#include "platform_util.h" +#include "mbedtls/platform_util.h" #define MBEDTLS_CAMELLIA_ENCRYPT 1 #define MBEDTLS_CAMELLIA_DECRYPT 0 diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index f03e3b580..ceac36ca3 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -50,12 +50,12 @@ #define MBEDTLS_CCM_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "cipher.h" +#include "mbedtls/cipher.h" #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h index b7c5708f8..c61790208 100644 --- a/include/mbedtls/certs.h +++ b/include/mbedtls/certs.h @@ -25,7 +25,7 @@ #define MBEDTLS_CERTS_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index 2ae5e6e5f..243ae63af 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -34,7 +34,7 @@ #define MBEDTLS_CHACHA20_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 49e615d27..3d842ef19 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -34,13 +34,13 @@ #define MBEDTLS_CHACHAPOLY_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif /* for shared error codes */ -#include "poly1305.h" +#include "mbedtls/poly1305.h" #define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */ #define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */ @@ -58,7 +58,7 @@ mbedtls_chachapoly_mode_t; #if !defined(MBEDTLS_CHACHAPOLY_ALT) -#include "chacha20.h" +#include "mbedtls/chacha20.h" typedef struct mbedtls_chachapoly_context { diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index ea00703c5..96efd937f 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -30,13 +30,13 @@ #define MBEDTLS_CIPHER_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif #include -#include "platform_util.h" +#include "mbedtls/platform_util.h" #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #define MBEDTLS_CIPHER_MODE_AEAD diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index d71133900..702b5491c 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -27,12 +27,12 @@ #define MBEDTLS_CIPHER_WRAP_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "cipher.h" +#include "mbedtls/cipher.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 9d42b3f20..792fbdc33 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -29,12 +29,12 @@ #define MBEDTLS_CMAC_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "cipher.h" +#include "mbedtls/cipher.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h index a58b47243..361cf569c 100644 --- a/include/mbedtls/compat-1.3.h +++ b/include/mbedtls/compat-1.3.h @@ -26,7 +26,7 @@ */ #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 56ad01c40..e795bb830 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2000,6 +2000,6 @@ #include MBEDTLS_USER_CONFIG_FILE #endif -#include "check_config.h" +#include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index cc3df7b11..ffaf8ad79 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -37,15 +37,15 @@ #define MBEDTLS_CTR_DRBG_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "aes.h" +#include "mbedtls/aes.h" #if defined(MBEDTLS_THREADING_C) -#include "threading.h" +#include "mbedtls/threading.h" #endif #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 54e6b7894..1c80b5365 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -30,7 +30,7 @@ #define MBEDTLS_DES_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 49eb6a47e..831cfd74b 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -66,11 +66,11 @@ #define MBEDTLS_DHM_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "bignum.h" +#include "mbedtls/bignum.h" /* * DHM Error codes diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 384c3dc07..d870a5bd5 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -35,12 +35,12 @@ #define MBEDTLS_ECDH_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "ecp.h" +#include "mbedtls/ecp.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 294394551..effbb1ed0 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -33,13 +33,13 @@ #define MBEDTLS_ECDSA_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "ecp.h" -#include "md.h" +#include "mbedtls/ecp.h" +#include "mbedtls/md.h" /** * \brief Maximum ECDSA signature size for a given curve bit size diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 3d8d02ae6..97387c3b4 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -41,13 +41,13 @@ * also be use outside TLS. */ #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "ecp.h" -#include "md.h" +#include "mbedtls/ecp.h" +#include "mbedtls/md.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 1a6ec13c1..6aa677ad0 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -37,12 +37,12 @@ #define MBEDTLS_ECP_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "bignum.h" +#include "mbedtls/bignum.h" /* * ECP error codes diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h index 7625ed48e..3b6fbf112 100644 --- a/include/mbedtls/ecp_internal.h +++ b/include/mbedtls/ecp_internal.h @@ -62,7 +62,7 @@ #define MBEDTLS_ECP_INTERNAL_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index ca06dc3c5..06aaffaf7 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -25,7 +25,7 @@ #define MBEDTLS_ENTROPY_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif @@ -33,21 +33,21 @@ #include #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) -#include "sha512.h" +#include "mbedtls/sha512.h" #define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR #else #if defined(MBEDTLS_SHA256_C) #define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR -#include "sha256.h" +#include "mbedtls/sha256.h" #endif #endif #if defined(MBEDTLS_THREADING_C) -#include "threading.h" +#include "mbedtls/threading.h" #endif #if defined(MBEDTLS_HAVEGE_C) -#include "havege.h" +#include "mbedtls/havege.h" #endif #define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h index 94dd657eb..ba42805f0 100644 --- a/include/mbedtls/entropy_poll.h +++ b/include/mbedtls/entropy_poll.h @@ -25,7 +25,7 @@ #define MBEDTLS_ENTROPY_POLL_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index bee0fe485..9edafea14 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -25,7 +25,7 @@ #define MBEDTLS_ERROR_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index fd130abd7..a71a2af46 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -34,12 +34,12 @@ #define MBEDTLS_GCM_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "cipher.h" +#include "mbedtls/cipher.h" #include diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h index 749257a36..acd7e489a 100644 --- a/include/mbedtls/havege.h +++ b/include/mbedtls/havege.h @@ -25,7 +25,7 @@ #define MBEDTLS_HAVEGE_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 40ee64eb0..20f325dd8 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -28,12 +28,12 @@ #define MBEDTLS_HKDF_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "md.h" +#include "mbedtls/md.h" /** * \name HKDF Error codes diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index f1289cb30..46536a1f4 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -25,15 +25,15 @@ #define MBEDTLS_HMAC_DRBG_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "md.h" +#include "mbedtls/md.h" #if defined(MBEDTLS_THREADING_C) -#include "threading.h" +#include "mbedtls/threading.h" #endif /* diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 69ab21f40..0b0ec91ff 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -30,7 +30,7 @@ #include #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h index fe97cf08d..df1d5f7e6 100644 --- a/include/mbedtls/md2.h +++ b/include/mbedtls/md2.h @@ -30,7 +30,7 @@ #define MBEDTLS_MD2_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h index ce703c0ba..e7accd455 100644 --- a/include/mbedtls/md4.h +++ b/include/mbedtls/md4.h @@ -30,7 +30,7 @@ #define MBEDTLS_MD4_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 6eed6cc86..4206c1fbf 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -29,7 +29,7 @@ #define MBEDTLS_MD5_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 04de48291..267cebadc 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -29,12 +29,12 @@ #define MBEDTLS_MD_WRAP_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "md.h" +#include "mbedtls/md.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 705f9a636..8e77f6f7c 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -25,7 +25,7 @@ #define MBEDTLS_MEMORY_BUFFER_ALLOC_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 3b67b59cd..b39406f44 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -38,12 +38,12 @@ #define MBEDTLS_NIST_KW_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "cipher.h" +#include "mbedtls/cipher.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 17cdba74a..59ce0206b 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -25,22 +25,22 @@ #define MBEDTLS_OID_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "asn1.h" -#include "pk.h" +#include "mbedtls/asn1.h" +#include "mbedtls/pk.h" #include #if defined(MBEDTLS_CIPHER_C) -#include "cipher.h" +#include "mbedtls/cipher.h" #endif #if defined(MBEDTLS_MD_C) -#include "md.h" +#include "mbedtls/md.h" #endif #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */ diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h index 721a5d493..513d72f3d 100644 --- a/include/mbedtls/padlock.h +++ b/include/mbedtls/padlock.h @@ -29,12 +29,12 @@ #define MBEDTLS_PADLOCK_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "aes.h" +#include "mbedtls/aes.h" #define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index a29e9ce30..02a94af5b 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -25,7 +25,7 @@ #define MBEDTLS_PEM_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 24951a6e1..eedcfeab9 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -26,23 +26,23 @@ #define MBEDTLS_PK_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "md.h" +#include "mbedtls/md.h" #if defined(MBEDTLS_RSA_C) -#include "rsa.h" +#include "mbedtls/rsa.h" #endif #if defined(MBEDTLS_ECP_C) -#include "ecp.h" +#include "mbedtls/ecp.h" #endif #if defined(MBEDTLS_ECDSA_C) -#include "ecdsa.h" +#include "mbedtls/ecdsa.h" #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h index fc9ba13fe..7ef6322e4 100644 --- a/include/mbedtls/pk_internal.h +++ b/include/mbedtls/pk_internal.h @@ -26,12 +26,12 @@ #define MBEDTLS_PK_WRAP_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "pk.h" +#include "mbedtls/pk.h" struct mbedtls_pk_info_t { diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index d441357b7..9d42d7ffe 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -25,14 +25,14 @@ #define MBEDTLS_PKCS12_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "md.h" -#include "cipher.h" -#include "asn1.h" +#include "mbedtls/md.h" +#include "mbedtls/cipher.h" +#include "mbedtls/asn1.h" #include diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index c92185f7a..bbec7e7ed 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -27,13 +27,13 @@ #define MBEDTLS_PKCS5_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "asn1.h" -#include "md.h" +#include "mbedtls/asn1.h" +#include "mbedtls/md.h" #include #include diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 801a948bc..bc0c17dfa 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -34,13 +34,13 @@ #define MBEDTLS_PLATFORM_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif #if defined(MBEDTLS_HAVE_TIME) -#include "platform_time.h" +#include "mbedtls/platform_time.h" #endif #define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */ diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index 2ed36f56c..fe484fd75 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -25,7 +25,7 @@ #define MBEDTLS_PLATFORM_TIME_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index dba6d4598..b0e72ad14 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -26,14 +26,14 @@ #define MBEDTLS_PLATFORM_UTIL_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif #include #if defined(MBEDTLS_HAVE_TIME_DATE) -#include "platform_time.h" +#include "mbedtls/platform_time.h" #include #endif /* MBEDTLS_HAVE_TIME_DATE */ diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index f0ec44c96..05866a2da 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -34,7 +34,7 @@ #define MBEDTLS_POLY1305_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index b0c042827..ab3c3bbf2 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -29,7 +29,7 @@ #define MBEDTLS_PSA_UTIL_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif @@ -38,10 +38,10 @@ #include "psa/crypto.h" -#include "ecp.h" -#include "md.h" -#include "pk.h" -#include "oid.h" +#include "mbedtls/ecp.h" +#include "mbedtls/md.h" +#include "mbedtls/pk.h" +#include "mbedtls/oid.h" #include diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index b42f6d2a9..be048c01f 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -25,7 +25,7 @@ #define MBEDTLS_RIPEMD160_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 489f2ed45..840540b0d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -31,16 +31,16 @@ #define MBEDTLS_RSA_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "bignum.h" -#include "md.h" +#include "mbedtls/bignum.h" +#include "mbedtls/md.h" #if defined(MBEDTLS_THREADING_C) -#include "threading.h" +#include "mbedtls/threading.h" #endif /* diff --git a/include/mbedtls/rsa_internal.h b/include/mbedtls/rsa_internal.h index 53abd3c5b..c1c844ef7 100644 --- a/include/mbedtls/rsa_internal.h +++ b/include/mbedtls/rsa_internal.h @@ -58,12 +58,12 @@ #define MBEDTLS_RSA_INTERNAL_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#include "bignum.h" +#include "mbedtls/bignum.h" #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index bb6ecf05a..988d2f93d 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -32,7 +32,7 @@ #define MBEDTLS_SHA1_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index d64739820..1c5974021 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -28,7 +28,7 @@ #define MBEDTLS_SHA256_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index c06ceed1d..48923e5bc 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -27,7 +27,7 @@ #define MBEDTLS_SHA512_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 92e6e6b98..cab40f71a 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -25,7 +25,7 @@ #define MBEDTLS_THREADING_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index a965fe0d3..b264a5a95 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -25,7 +25,7 @@ #define MBEDTLS_TIMING_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 79b42b26c..fd7783044 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -29,7 +29,7 @@ #define MBEDTLS_VERSION_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h index b47f55350..2dc0afc73 100644 --- a/include/mbedtls/xtea.h +++ b/include/mbedtls/xtea.h @@ -25,7 +25,7 @@ #define MBEDTLS_XTEA_H #if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" +#include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif From 8045cfbaa8ac6c8a83e36a73d07fff6614ac470d Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 4 Jul 2019 20:26:59 +0100 Subject: [PATCH 1443/2197] Enable ALT implementations of ripemd160 In configurations wanting an alternative ripemd160 implementation, We were including the ordinary Mbed Crypto ripemd160.h instead of the user-provided ripemd160_alt.h. Use the user-provided header instead. --- include/mbedtls/ripemd160.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index be048c01f..3c1f5bf50 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -57,7 +57,7 @@ typedef struct mbedtls_ripemd160_context mbedtls_ripemd160_context; #else /* MBEDTLS_RIPEMD160_ALT */ -#include "ripemd160.h" +#include "ripemd160_alt.h" #endif /* MBEDTLS_RIPEMD160_ALT */ /** From b8e4ae18cf24644fa8daea6add26ad33aa1e52a7 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 4 Jul 2019 20:40:36 +0100 Subject: [PATCH 1444/2197] Remove certs.h certs.h is not needed in Mbed Crypto. No programs or other library code use it. --- include/mbedtls/certs.h | 106 ---------------------------- programs/test/cpp_dummy_build.cpp | 1 - programs/test/query_config.c | 1 - scripts/data_files/query_config.fmt | 1 - visualc/VS2010/mbedTLS.vcxproj | 1 - 5 files changed, 110 deletions(-) delete mode 100644 include/mbedtls/certs.h diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h deleted file mode 100644 index c61790208..000000000 --- a/include/mbedtls/certs.h +++ /dev/null @@ -1,106 +0,0 @@ -/** - * \file certs.h - * - * \brief Sample certificates and DHM parameters for testing - */ -/* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_CERTS_H -#define MBEDTLS_CERTS_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) -/* Concatenation of all CA certificates in PEM format if available */ -extern const char mbedtls_test_cas_pem[]; -extern const size_t mbedtls_test_cas_pem_len; -#endif - -/* List of all CA certificates, terminated by NULL */ -extern const char * mbedtls_test_cas[]; -extern const size_t mbedtls_test_cas_len[]; - -/* - * Convenience for users who just want a certificate: - * RSA by default, or ECDSA if RSA is not available - */ -extern const char * mbedtls_test_ca_crt; -extern const size_t mbedtls_test_ca_crt_len; -extern const char * mbedtls_test_ca_key; -extern const size_t mbedtls_test_ca_key_len; -extern const char * mbedtls_test_ca_pwd; -extern const size_t mbedtls_test_ca_pwd_len; -extern const char * mbedtls_test_srv_crt; -extern const size_t mbedtls_test_srv_crt_len; -extern const char * mbedtls_test_srv_key; -extern const size_t mbedtls_test_srv_key_len; -extern const char * mbedtls_test_cli_crt; -extern const size_t mbedtls_test_cli_crt_len; -extern const char * mbedtls_test_cli_key; -extern const size_t mbedtls_test_cli_key_len; - -#if defined(MBEDTLS_ECDSA_C) -extern const char mbedtls_test_ca_crt_ec[]; -extern const size_t mbedtls_test_ca_crt_ec_len; -extern const char mbedtls_test_ca_key_ec[]; -extern const size_t mbedtls_test_ca_key_ec_len; -extern const char mbedtls_test_ca_pwd_ec[]; -extern const size_t mbedtls_test_ca_pwd_ec_len; -extern const char mbedtls_test_srv_crt_ec[]; -extern const size_t mbedtls_test_srv_crt_ec_len; -extern const char mbedtls_test_srv_key_ec[]; -extern const size_t mbedtls_test_srv_key_ec_len; -extern const char mbedtls_test_cli_crt_ec[]; -extern const size_t mbedtls_test_cli_crt_ec_len; -extern const char mbedtls_test_cli_key_ec[]; -extern const size_t mbedtls_test_cli_key_ec_len; -#endif - -#if defined(MBEDTLS_RSA_C) -extern const char mbedtls_test_ca_crt_rsa[]; -extern const size_t mbedtls_test_ca_crt_rsa_len; -extern const char mbedtls_test_ca_key_rsa[]; -extern const size_t mbedtls_test_ca_key_rsa_len; -extern const char mbedtls_test_ca_pwd_rsa[]; -extern const size_t mbedtls_test_ca_pwd_rsa_len; -extern const char mbedtls_test_srv_crt_rsa[]; -extern const size_t mbedtls_test_srv_crt_rsa_len; -extern const char mbedtls_test_srv_key_rsa[]; -extern const size_t mbedtls_test_srv_key_rsa_len; -extern const char mbedtls_test_cli_crt_rsa[]; -extern const size_t mbedtls_test_cli_crt_rsa_len; -extern const char mbedtls_test_cli_key_rsa[]; -extern const size_t mbedtls_test_cli_key_rsa_len; -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* certs.h */ diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index c1dc7433d..c27ae053c 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -38,7 +38,6 @@ #include "mbedtls/bn_mul.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" -#include "mbedtls/certs.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" #include "mbedtls/check_config.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index fc25353fa..e90847a9d 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -47,7 +47,6 @@ #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" -#include "mbedtls/certs.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 600f13030..911900f8b 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -47,7 +47,6 @@ #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" -#include "mbedtls/certs.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 07c80e84f..bb05f3a5f 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -158,7 +158,6 @@ - From 3a0f08d911dd5ccee99fa5545d707c1c4ca3e7c1 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 27 Jun 2019 17:32:49 +0100 Subject: [PATCH 1445/2197] Revert "cpp_dummy_build: Remove dependency on compat-1.3.h" There is now a test that ensures all headers are included in the cpp_dummy_build test, so we can't remove compat-1.3.h from the cpp_dummy_build test until we remove compat-1.3.h. This reverts commit 2b725ef727583c95eed05e33acdbdc71997a9a9e. --- programs/test/cpp_dummy_build.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index c27ae053c..81ca32c8f 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -44,6 +44,7 @@ #include "mbedtls/cipher.h" #include "mbedtls/cipher_internal.h" #include "mbedtls/cmac.h" +#include "mbedtls/compat-1.3.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" From f7dca865220fc32b2bd48ceaa7f66b20fa8533e1 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 27 Jun 2019 17:31:33 +0100 Subject: [PATCH 1446/2197] Allow building with the -Wunused flag Make some functions non-static, to avoid Wunused function warnings. Make a function scoped variable block scoped instead, to avoid Wunused variable warnings in some configurations. --- tests/suites/test_suite_entropy.function | 8 ++++---- tests/suites/test_suite_psa_crypto.function | 8 ++++---- .../suites/test_suite_psa_crypto_slot_management.function | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 0b1cfe80d..46137da63 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -48,7 +48,7 @@ static int entropy_dummy_source( void *data, unsigned char *output, * This might break memory checks in the future if sources need 'free-ing' then * as well. */ -static void entropy_clear_sources( mbedtls_entropy_context *ctx ) +void entropy_clear_sources( mbedtls_entropy_context *ctx ) { ctx->source_count = 0; } @@ -58,7 +58,7 @@ static void entropy_clear_sources( mbedtls_entropy_context *ctx ) */ static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; -static int buffer_nv_seed_read( unsigned char *buf, size_t buf_len ) +int buffer_nv_seed_read( unsigned char *buf, size_t buf_len ) { if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) return( -1 ); @@ -67,7 +67,7 @@ static int buffer_nv_seed_read( unsigned char *buf, size_t buf_len ) return( 0 ); } -static int buffer_nv_seed_write( unsigned char *buf, size_t buf_len ) +int buffer_nv_seed_write( unsigned char *buf, size_t buf_len ) { if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) return( -1 ); @@ -98,7 +98,7 @@ static int write_nv_seed( unsigned char *buf, size_t buf_len ) return( 0 ); } -static int read_nv_seed( unsigned char *buf, size_t buf_len ) +int read_nv_seed( unsigned char *buf, size_t buf_len ) { FILE *f; diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 597e391cc..9626c3969 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -604,9 +604,9 @@ exit: return( ok ); } -static int asn1_skip_integer( unsigned char **p, const unsigned char *end, - size_t min_bits, size_t max_bits, - int must_be_odd ) +int asn1_skip_integer( unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd ) { size_t len; size_t actual_bits; @@ -731,10 +731,10 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, { uint8_t *p = exported; uint8_t *end = exported + exported_length; - size_t len; #if defined(MBEDTLS_RSA_C) if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { + size_t len; /* RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n * publicExponent INTEGER } -- e diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index d036e9e56..f0191a871 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -50,8 +50,8 @@ void psa_purge_key_storage( void ) #define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) ) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -static int psa_key_policy_equal( psa_key_policy_t *p1, - psa_key_policy_t *p2 ) +int psa_key_policy_equal( psa_key_policy_t *p1, + psa_key_policy_t *p2 ) { return( psa_key_policy_get_usage( p1 ) == psa_key_policy_get_usage( p2 ) && psa_key_policy_get_algorithm( p1 ) == psa_key_policy_get_algorithm( p2 ) ); From 2306d1534450e29bdf85581e0458c07806fb0228 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 12:36:53 +0200 Subject: [PATCH 1447/2197] Declare new config.h option MBEDTLS_SHA512_SMALLER --- include/mbedtls/config.h | 10 ++++++++++ library/version_features.c | 3 +++ programs/test/query_config.c | 8 ++++++++ 3 files changed, 21 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 56ad01c40..f1b6605b2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -982,6 +982,16 @@ */ //#define MBEDTLS_SHA256_SMALLER +/** + * \def MBEDTLS_SHA512_SMALLER + * + * Enable an implementation of SHA-512 that has lower ROM footprint but also + * lower performance. + * + * Uncomment to enable the smaller implementation of SHA512. + */ +//#define MBEDTLS_SHA512_SMALLER + /** * \def MBEDTLS_THREADING_ALT * diff --git a/library/version_features.c b/library/version_features.c index 4f1da6aea..7feeee419 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -405,6 +405,9 @@ static const char *features[] = { #if defined(MBEDTLS_SHA256_SMALLER) "MBEDTLS_SHA256_SMALLER", #endif /* MBEDTLS_SHA256_SMALLER */ +#if defined(MBEDTLS_SHA512_SMALLER) + "MBEDTLS_SHA512_SMALLER", +#endif /* MBEDTLS_SHA512_SMALLER */ #if defined(MBEDTLS_THREADING_ALT) "MBEDTLS_THREADING_ALT", #endif /* MBEDTLS_THREADING_ALT */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index fc25353fa..10634306a 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1109,6 +1109,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA256_SMALLER */ +#if defined(MBEDTLS_SHA512_SMALLER) + if( strcmp( "MBEDTLS_SHA512_SMALLER", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_SMALLER ); + return( 0 ); + } +#endif /* MBEDTLS_SHA512_SMALLER */ + #if defined(MBEDTLS_THREADING_ALT) if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) { From 7f0719598ff8e1c7bb23d73086a96efbee5bdc07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 12:46:56 +0200 Subject: [PATCH 1448/2197] Make SHA512_SMALLER turn a macro into a function Saves 356 bytes on sha512.o compiling for Cortex-M0+ with ARM-GCC Size measured with: arm-none-eabi-gcc -Wall -Wextra -Iinclude -Os -mcpu=cortex-m0plus -mthumb -c library/sha512.c arm-none-eabi-size sha512.o GCC version: arm-none-eabi-gcc (GNU Tools for Arm Embedded Processors 7-2018-q2-update) 7.3.1 20180622 (release) [ARM/embedded-7-branch revision 261907] --- library/sha512.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index bdd20b284..72a8ac1dc 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -92,6 +92,15 @@ } #endif /* PUT_UINT64_BE */ +#if defined(MBEDTLS_SHA512_SMALLER) +static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) +{ + PUT_UINT64_BE(n, b, i); +} +#else +#define sha512_put_uint64_be PUT_UINT64_BE +#endif /* MBEDTLS_SHA512_SMALLER */ + void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { SHA512_VALIDATE( ctx != NULL ); @@ -403,8 +412,8 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, | ( ctx->total[1] << 3 ); low = ( ctx->total[0] << 3 ); - PUT_UINT64_BE( high, ctx->buffer, 112 ); - PUT_UINT64_BE( low, ctx->buffer, 120 ); + sha512_put_uint64_be( high, ctx->buffer, 112 ); + sha512_put_uint64_be( low, ctx->buffer, 120 ); if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); @@ -412,17 +421,17 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, /* * Output final state */ - PUT_UINT64_BE( ctx->state[0], output, 0 ); - PUT_UINT64_BE( ctx->state[1], output, 8 ); - PUT_UINT64_BE( ctx->state[2], output, 16 ); - PUT_UINT64_BE( ctx->state[3], output, 24 ); - PUT_UINT64_BE( ctx->state[4], output, 32 ); - PUT_UINT64_BE( ctx->state[5], output, 40 ); + sha512_put_uint64_be( ctx->state[0], output, 0 ); + sha512_put_uint64_be( ctx->state[1], output, 8 ); + sha512_put_uint64_be( ctx->state[2], output, 16 ); + sha512_put_uint64_be( ctx->state[3], output, 24 ); + sha512_put_uint64_be( ctx->state[4], output, 32 ); + sha512_put_uint64_be( ctx->state[5], output, 40 ); if( ctx->is384 == 0 ) { - PUT_UINT64_BE( ctx->state[6], output, 48 ); - PUT_UINT64_BE( ctx->state[7], output, 56 ); + sha512_put_uint64_be( ctx->state[6], output, 48 ); + sha512_put_uint64_be( ctx->state[7], output, 56 ); } return( 0 ); From 0270ed99bb1c6b07e84d46920c1470ef3e470aa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 13:01:56 +0200 Subject: [PATCH 1449/2197] Use tables and roll up some loops Saves 108 bytes (measured as in previous commit). --- library/sha512.c | 40 ++++++++++++++-------------------------- 1 file changed, 14 insertions(+), 26 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index 72a8ac1dc..3b5339ce5 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -228,7 +228,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, { int i; uint64_t temp1, temp2, W[80]; - uint64_t A, B, C, D, E, F, G, H; + uint64_t A[8]; SHA512_VALIDATE_RET( ctx != NULL ); SHA512_VALIDATE_RET( (const unsigned char *)data != NULL ); @@ -253,6 +253,9 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, (d) += temp1; (h) = temp1 + temp2; \ } while( 0 ) + for( i = 0; i < 8; i++ ) + A[i] = ctx->state[i]; + for( i = 0; i < 16; i++ ) { GET_UINT64_BE( W[i], data, i << 3 ); @@ -264,37 +267,22 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, S0(W[i - 15]) + W[i - 16]; } - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - F = ctx->state[5]; - G = ctx->state[6]; - H = ctx->state[7]; i = 0; - do { - P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++; - P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++; - P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++; - P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++; - P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++; - P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++; - P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++; - P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++; + P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); i++; + P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i], K[i] ); i++; + P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i], K[i] ); i++; + P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i], K[i] ); i++; + P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i], K[i] ); i++; + P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i], K[i] ); i++; + P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i], K[i] ); i++; + P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i], K[i] ); i++; } while( i < 80 ); - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; - ctx->state[5] += F; - ctx->state[6] += G; - ctx->state[7] += H; + for( i = 0; i < 8; i++ ) + ctx->state[i] += A[i]; return( 0 ); } From 49d65ba9290fb24d1b5295d5218d6ea44d4ad362 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 13:16:54 +0200 Subject: [PATCH 1450/2197] Re-roll main loop with SHA512_SMALLER Saves 1924 bytes (same measurement as before). --- library/sha512.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/library/sha512.c b/library/sha512.c index 3b5339ce5..2e2b79787 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -256,6 +256,25 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, for( i = 0; i < 8; i++ ) A[i] = ctx->state[i]; +#if defined(MBEDTLS_SHA512_SMALLER) + for( i = 0; i < 80; i++ ) + { + if( i < 16 ) + { + GET_UINT64_BE( W[i], data, i << 3 ); + } + else + { + W[i] = S1(W[i - 2]) + W[i - 7] + + S0(W[i - 15]) + W[i - 16]; + } + + P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); + + temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3]; + A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1; + } +#else /* MBEDTLS_SHA512_SMALLER */ for( i = 0; i < 16; i++ ) { GET_UINT64_BE( W[i], data, i << 3 ); @@ -280,6 +299,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i], K[i] ); i++; } while( i < 80 ); +#endif /* MBEDTLS_SHA512_SMALLER */ for( i = 0; i < 8; i++ ) ctx->state[i] += A[i]; From 3b3b34f608006b0c352f7a87fc2f77b3e6124d3f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jul 2019 21:08:27 +0200 Subject: [PATCH 1451/2197] Replace some macros by functions Replace some frequently-used macros by inline functions: instead of calling MOD_{ADD,SUB,MUL} after the mbedtls_mpi_{add,sub,mul}_mpi, call a function mbedtls_mpi_xxx_mod that does the same. In the baremetal config, with "gcc -Os -mthumb -mcpu=cortex-m0plus", ecp.o goes down from 13878 bytes to 12234. No noticeable performance change for benchmarks on x86_64 with either "gcc -O2" or "gcc -Os". --- library/ecp.c | 213 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 130 insertions(+), 83 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index ccc0788c2..38040479a 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1080,6 +1080,18 @@ cleanup: INC_MUL_COUNT \ } while( 0 ) +static inline int mbedtls_mpi_mul_mod( const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B ) +{ + int ret; + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( X, A, B ) ); + MOD_MUL( *X ); +cleanup: + return( ret ); +} + /* * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi * N->s < 0 is a very fast test, which fails only if N is 0 @@ -1088,6 +1100,18 @@ cleanup: while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 ) \ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) ) +static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B ) +{ + int ret; + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( X, A, B ) ); + MOD_SUB( *X ); +cleanup: + return( ret ); +} + /* * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int. * We known P, N and the result are positive, so sub_abs is correct, and @@ -1097,6 +1121,29 @@ cleanup: while( mbedtls_mpi_cmp_mpi( &(N), &grp->P ) >= 0 ) \ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &(N), &(N), &grp->P ) ) +static inline int mbedtls_mpi_add_mod( const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B ) +{ + int ret; + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, A, B ) ); + MOD_ADD( *X ); +cleanup: + return( ret ); +} + +static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + size_t count ) +{ + int ret; + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, count ) ); + MOD_ADD( *X ); +cleanup: + return( ret ); +} + #if defined(ECP_SHORTWEIERSTRASS) /* * For curves in short Weierstrass form, we do all the internal operations in @@ -1129,14 +1176,14 @@ static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p * X = X / Z^2 mod p */ MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi, &pt->Z, &grp->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ZZi, &Zi, &Zi ) ); MOD_MUL( ZZi ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->X, &pt->X, &ZZi ) ); MOD_MUL( pt->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi, &Zi, &Zi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X, &pt->X, &ZZi ) ); /* * Y = Y / Z^3 mod p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y, &pt->Y, &ZZi ) ); MOD_MUL( pt->Y ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y, &pt->Y, &Zi ) ); MOD_MUL( pt->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &ZZi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &Zi ) ); /* * Z = 1 @@ -1190,8 +1237,7 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) ); for( i = 1; i < T_size; i++ ) { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &c[i], &c[i-1], &T[i]->Z ) ); - MOD_MUL( c[i] ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &c[i], &c[i-1], &T[i]->Z ) ); } /* @@ -1210,17 +1256,17 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, } else { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &Zi, &u, &c[i-1] ) ); MOD_MUL( Zi ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u, &u, &T[i]->Z ) ); MOD_MUL( u ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Zi, &u, &c[i-1] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &u, &u, &T[i]->Z ) ); } /* * proceed as in normalize() */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ZZi, &Zi, &Zi ) ); MOD_MUL( ZZi ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->X, &T[i]->X, &ZZi ) ); MOD_MUL( T[i]->X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &ZZi ) ); MOD_MUL( T[i]->Y ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &Zi ) ); MOD_MUL( T[i]->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi, &Zi, &Zi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->X, &T[i]->X, &ZZi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &ZZi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &Zi ) ); /* * Post-precessing: reclaim some memory by shrinking coordinates @@ -1306,52 +1352,52 @@ static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, if( grp->A.p == NULL ) { /* M = 3(X + Z^2)(X - Z^2) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->Z, &P->Z ) ); MOD_MUL( S ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &P->X, &S ) ); MOD_ADD( T ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U, &P->X, &S ) ); MOD_SUB( U ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &T, &U ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->Z, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &T, &P->X, &S ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &U, &P->X, &S ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &T, &U ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); } else { /* M = 3.X^2 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->X, &P->X ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->X, &P->X ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); /* Optimize away for "koblitz" curves with A = 0 */ if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 ) { /* M += A.Z^4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->Z, &P->Z ) ); MOD_MUL( S ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &S, &S ) ); MOD_MUL( T ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &T, &grp->A ) ); MOD_MUL( S ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &M, &M, &S ) ); MOD_ADD( M ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->Z, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &S, &S ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &T, &grp->A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &M, &M, &S ) ); } } /* S = 4.X.Y^2 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &P->Y, &P->Y ) ); MOD_MUL( T ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T, 1 ) ); MOD_ADD( T ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->X, &T ) ); MOD_MUL( S ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &S, 1 ) ); MOD_ADD( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &P->Y, &P->Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->X, &T ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &S, 1 ) ); /* U = 8.Y^4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &U, &T, &T ) ); MOD_MUL( U ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &U, 1 ) ); MOD_ADD( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U, &T, &T ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U, 1 ) ); /* T = M^2 - 2.S */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &M, &M ) ); MOD_MUL( T ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &T, &S ) ); MOD_SUB( T ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &T, &S ) ); MOD_SUB( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &M, &M ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T, &T, &S ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T, &T, &S ) ); /* S = M(S - T) - U */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S, &S, &T ) ); MOD_SUB( S ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &S, &M ) ); MOD_MUL( S ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S, &S, &U ) ); MOD_SUB( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S, &S, &T ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &S, &M ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S, &S, &U ) ); /* U = 2.Y.Z */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &U, &P->Y, &P->Z ) ); MOD_MUL( U ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &U, 1 ) ); MOD_ADD( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U, &P->Y, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &T ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &S ) ); @@ -1414,12 +1460,12 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T3 ); mbedtls_mpi_init( &T4 ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &P->Z, &P->Z ) ); MOD_MUL( T1 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T2, &T1, &P->Z ) ); MOD_MUL( T2 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &T1, &Q->X ) ); MOD_MUL( T1 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T2, &T2, &Q->Y ) ); MOD_MUL( T2 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T1, &T1, &P->X ) ); MOD_SUB( T1 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T2, &T2, &P->Y ) ); MOD_SUB( T2 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1, &P->Z, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2, &T1, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1, &T1, &Q->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2, &T2, &Q->Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T1, &T1, &P->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T2, &T2, &P->Y ) ); /* Special cases (2) and (3) */ if( mbedtls_mpi_cmp_int( &T1, 0 ) == 0 ) @@ -1436,18 +1482,19 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, } } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &Z, &P->Z, &T1 ) ); MOD_MUL( Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3, &T1, &T1 ) ); MOD_MUL( T3 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T4, &T3, &T1 ) ); MOD_MUL( T4 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3, &T3, &P->X ) ); MOD_MUL( T3 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T3, 2 ) ); MOD_ADD( T1 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &T2, &T2 ) ); MOD_MUL( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) ); MOD_SUB( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T4 ) ); MOD_SUB( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T3, &T3, &X ) ); MOD_SUB( T3 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3, &T3, &T2 ) ); MOD_MUL( T3 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T4, &T4, &P->Y ) ); MOD_MUL( T4 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &Y, &T3, &T4 ) ); MOD_SUB( Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Z, &P->Z, &T1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T1, &T1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4, &T3, &T1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T3, &P->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &T3 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T1, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &X, &T2, &T2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X, &X, &T1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X, &X, &T4 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T3, &T3, &X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T3, &T2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4, &T4, &P->Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &Y, &T3, &T4 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &X ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &Y ) ); @@ -1498,15 +1545,15 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 ); /* Z = l * Z */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Z, &pt->Z, &l ) ); MOD_MUL( pt->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Z, &pt->Z, &l ) ); /* X = l^2 * X */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ll, &l, &l ) ); MOD_MUL( ll ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->X, &pt->X, &ll ) ); MOD_MUL( pt->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll, &l, &l ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X, &pt->X, &ll ) ); /* Y = l^3 * Y */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ll, &ll, &l ) ); MOD_MUL( ll ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y, &pt->Y, &ll ) ); MOD_MUL( pt->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll, &ll, &l ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &ll ) ); cleanup: mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll ); @@ -2173,7 +2220,7 @@ static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P #endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->X, &P->X, &P->Z ) ); MOD_MUL( P->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &P->Z ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); cleanup: @@ -2217,8 +2264,8 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P } while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->X, &P->X, &l ) ); MOD_MUL( P->X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->Z, &P->Z, &l ) ); MOD_MUL( P->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &l ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->Z, &P->Z, &l ) ); cleanup: mbedtls_mpi_free( &l ); @@ -2258,24 +2305,24 @@ static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &A, &P->X, &P->Z ) ); MOD_ADD( A ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &AA, &A, &A ) ); MOD_MUL( AA ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &B, &P->X, &P->Z ) ); MOD_SUB( B ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &BB, &B, &B ) ); MOD_MUL( BB ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &E, &AA, &BB ) ); MOD_SUB( E ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &C, &Q->X, &Q->Z ) ); MOD_ADD( C ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &D, &Q->X, &Q->Z ) ); MOD_SUB( D ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DA, &D, &A ) ); MOD_MUL( DA ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &CB, &C, &B ) ); MOD_MUL( CB ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &A, &P->X, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &AA, &A, &A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &B, &P->X, &P->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &BB, &B, &B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &E, &AA, &BB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &C, &Q->X, &Q->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &D, &Q->X, &Q->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &DA, &D, &A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &CB, &C, &B ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &S->X, &DA, &CB ) ); MOD_MUL( S->X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->X, &S->X, &S->X ) ); MOD_MUL( S->X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S->Z, &DA, &CB ) ); MOD_SUB( S->Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->Z, &S->Z, &S->Z ) ); MOD_MUL( S->Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->Z, d, &S->Z ) ); MOD_MUL( S->Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->X, &AA, &BB ) ); MOD_MUL( R->X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &grp->A, &E ) ); MOD_MUL( R->Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &R->Z, &BB, &R->Z ) ); MOD_ADD( R->Z ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &E, &R->Z ) ); MOD_MUL( R->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->X, &S->X, &S->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S->Z, &DA, &CB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, &S->Z, &S->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, d, &S->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->X, &AA, &BB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &grp->A, &E ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &R->Z, &BB, &R->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &E, &R->Z ) ); cleanup: mbedtls_mpi_free( &A ); mbedtls_mpi_free( &AA ); mbedtls_mpi_free( &B ); @@ -2450,8 +2497,8 @@ static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_ * YY = Y^2 * RHS = X (X^2 + A) + B = X^3 + A X + B */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &YY, &pt->Y, &pt->Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &pt->X, &pt->X ) ); /* Special case for A = -3 */ if( grp->A.p == NULL ) @@ -2460,11 +2507,11 @@ static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_ } else { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->A ) ); MOD_ADD( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->A ) ); } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &RHS, &pt->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->B ) ); if( mbedtls_mpi_cmp_mpi( &YY, &RHS ) != 0 ) ret = MBEDTLS_ERR_ECP_INVALID_KEY; From 80bb77e16d0c6295d998a25c7f6b3a81b8727e10 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 19 Jul 2019 14:44:36 +0100 Subject: [PATCH 1452/2197] ECP restart: Don't calculate address of sub ctx if ctx is NULL All modules using restartable ECC operations support passing `NULL` as the restart context as a means to not use the feature. The restart contexts for ECDSA and ECP are nested, and when calling restartable ECP operations from restartable ECDSA operations, the address of the ECP restart context to use is calculated by adding the to the address of the ECDSA restart context the offset the of the ECP restart context. If the ECP restart context happens to not reside at offset `0`, this leads to a non-`NULL` pointer being passed to restartable ECP operations from restartable ECDSA-operations; those ECP operations will hence assume that the pointer points to a valid ECP restart address and likely run into a segmentation fault when trying to dereference the non-NULL but close-to-NULL address. The problem doesn't arise currently because luckily the ECP restart context has offset 0 within the ECDSA restart context, but we should not rely on it. This commit fixes the passage from restartable ECDSA to restartable ECP operations by propagating NULL as the restart context pointer. Apart from being fragile, the previous version could also lead to NULL pointer dereference failures in ASanDbg builds which dereferenced the ECDSA restart context even though it's not needed to calculate the address of the offset'ed ECP restart context. --- library/ecdsa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ecdsa.c b/library/ecdsa.c index dc19384d6..74576b387 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -172,11 +172,11 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#define ECDSA_RS_ECP &rs_ctx->ecp +#define ECDSA_RS_ECP ( rs_ctx == NULL ? NULL : &rs_ctx->ecp ) /* Utility macro for checking and updating ops budget */ #define ECDSA_BUDGET( ops ) \ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, &rs_ctx->ecp, ops ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) ); /* Call this when entering a function that needs its own sub-context */ #define ECDSA_RS_ENTER( SUB ) do { \ From 69c0ea26c74cbdb2adb6f48b2afb3d60c455f73c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Jun 2019 15:38:59 +0200 Subject: [PATCH 1453/2197] Test suites: cope with psa_crypto_init failure psa_crypto_init() can fail. Do check its return code. Don't call it before initializing local objects that are going to be cleaned up. --- tests/suites/test_suite_pk.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index d85d9ed3d..3282214fb 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -124,11 +124,11 @@ void pk_psa_utils( ) size_t len; mbedtls_pk_debug_item dbg; - TEST_ASSERT( psa_crypto_init() == 0 ); - mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk2 ); + TEST_ASSERT( psa_crypto_init() == 0 ); + TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); From 614faa26ac8e1fa978a34480013b3ae57c7f72fe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Jun 2019 15:39:07 +0200 Subject: [PATCH 1454/2197] Test PSA functions against PSA_SUCCESS, not 0 Writing 0 instead of PSA_SUCCESS is correct, but bad form. --- tests/suites/test_suite_cipher.function | 4 ++-- tests/suites/test_suite_pk.function | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 1ea14088b..209d8e46f 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -982,7 +982,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, #else if( use_psa == 1 ) { - TEST_ASSERT( psa_crypto_init() == 0 ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); /* PSA requires that the tag immediately follows the ciphertext. */ tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len ); @@ -1143,7 +1143,7 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key, #else if( use_psa == 1 ) { - TEST_ASSERT( psa_crypto_init() == 0 ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, mbedtls_cipher_info_from_type( cipher_id ), 0 ) ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 3282214fb..98c5a8321 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -127,7 +127,7 @@ void pk_psa_utils( ) mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk2 ); - TEST_ASSERT( psa_crypto_init() == 0 ); + TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); From 9bb1f64706d98efc7a584ba19403ad7ffa398e8d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 7 Jun 2019 17:10:39 +0200 Subject: [PATCH 1455/2197] Don't call memset after calloc memset has undefined behavior when either pointer can be NULL, which is the case when it's the result of malloc/calloc with a size of 0. The memset calls here are useless anyway since they come immediately after calloc. --- tests/suites/test_suite_nist_kw.function | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function index f1acde91a..9c34ea619 100644 --- a/tests/suites/test_suite_nist_kw.function +++ b/tests/suites/test_suite_nist_kw.function @@ -170,10 +170,6 @@ void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res ) TEST_ASSERT( ciphertext != NULL ); } - memset( plaintext, 0, in_len ); - memset( ciphertext, 0, output_len ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof( key ), 1 ) == 0 ); @@ -225,10 +221,6 @@ void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res ) TEST_ASSERT( ciphertext != NULL ); } - memset( plaintext, 0, output_len ); - memset( ciphertext, 0, in_len ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof( key ), 0 ) == 0 ); unwrap_ret = mbedtls_nist_kw_unwrap( &ctx, mode, ciphertext, in_len, From e39b903de54c6c92cd89c81116bb80a3cc7f019c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Jun 2019 19:31:29 +0200 Subject: [PATCH 1456/2197] entropy_nv_seed: clean up properly Call mbedtls_entropy_free on test failure. Restore the previous NV seed functions which the call to mbedtls_platform_set_nv_seed() changed. This didn't break anything, but only because the NV seed functions used for these tests happened to work for the tests that got executed later in the .data file. --- tests/suites/test_suite_entropy.function | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 0b1cfe80d..35efc7800 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -306,6 +306,10 @@ void entropy_nv_seed( data_t * read_seed ) { mbedtls_sha512_context accumulator; mbedtls_entropy_context ctx; + int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) = + mbedtls_nv_seed_read; + int (*original_mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) = + mbedtls_nv_seed_write; unsigned char header[2]; unsigned char entropy[MBEDTLS_ENTROPY_BLOCK_SIZE]; @@ -372,7 +376,10 @@ void entropy_nv_seed( data_t * read_seed ) TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); +exit: mbedtls_entropy_free( &ctx ); + mbedtls_nv_seed_read = original_mbedtls_nv_seed_read; + mbedtls_nv_seed_write = original_mbedtls_nv_seed_write; } /* END_CASE */ From 66afcca5a9f94abe6d9b8b9b9e2349efdc649e29 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Jun 2019 19:33:42 +0200 Subject: [PATCH 1457/2197] entropy_nv_seed: cope with SHA-256 This test case was only executed if the SHA-512 module was enabled and MBEDTLS_ENTROPY_FORCE_SHA256 was not enabled, so "config.pl full" didn't have a chance to reach it even if that enabled MBEDTLS_PLATFORM_NV_SEED_ALT. Now all it takes to enable this test is MBEDTLS_PLATFORM_NV_SEED_ALT and its requirements, and the near-ubiquitous MD module. --- tests/suites/test_suite_entropy.function | 59 +++++++++++++++--------- 1 file changed, 37 insertions(+), 22 deletions(-) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 35efc7800..31722a2f3 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -301,10 +301,19 @@ void entropy_nv_seed_std_io( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT:MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ +/* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */ void entropy_nv_seed( data_t * read_seed ) { - mbedtls_sha512_context accumulator; +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); +#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) + const mbedtls_md_info_t *md_info = + mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); +#else +#error "Unsupported entropy accumulator" +#endif + mbedtls_md_context_t accumulator; mbedtls_entropy_context ctx; int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) = mbedtls_nv_seed_read; @@ -320,17 +329,14 @@ void entropy_nv_seed( data_t * read_seed ) memset( entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( buffer_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); memset( empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); memset( check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE ); memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE ); - // Set the initial NV seed to read - memcpy( buffer_seed, read_seed->x, read_seed->len ); - // Make sure we read/write NV seed from our buffers mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write ); + mbedtls_md_init( &accumulator ); mbedtls_entropy_init( &ctx ); entropy_clear_sources( &ctx ); @@ -338,45 +344,54 @@ void entropy_nv_seed( data_t * read_seed ) MBEDTLS_ENTROPY_BLOCK_SIZE, MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 ); + // Set the initial NV seed to read + TEST_ASSERT( read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE ); + memcpy( buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ); + // Do an entropy run TEST_ASSERT( mbedtls_entropy_func( &ctx, entropy, sizeof( entropy ) ) == 0 ); - // Determine what should have happened with manual entropy internal logic - // Only use the SHA-512 version to check // Init accumulator header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE; - mbedtls_sha512_starts( &accumulator, 0 ); + TEST_ASSERT( mbedtls_md_setup( &accumulator, md_info, 0 ) == 0 ); // First run for updating write_seed header[0] = 0; - mbedtls_sha512_update( &accumulator, header, 2 ); - mbedtls_sha512_update( &accumulator, read_seed->x, read_seed->len ); - mbedtls_sha512_finish( &accumulator, buf ); + TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 ); + TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); + TEST_ASSERT( mbedtls_md_update( &accumulator, + read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 ); - memset( &accumulator, 0, sizeof( mbedtls_sha512_context ) ); - mbedtls_sha512_starts( &accumulator, 0 ); - mbedtls_sha512_update( &accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); + TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 ); + TEST_ASSERT( mbedtls_md_update( &accumulator, + buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, check_seed, 0 ); + TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + check_seed ) == 0 ); // Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed) header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL; - mbedtls_sha512_update( &accumulator, header, 2 ); - mbedtls_sha512_update( &accumulator, empty, MBEDTLS_ENTROPY_BLOCK_SIZE ); + TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); + TEST_ASSERT( mbedtls_md_update( &accumulator, + empty, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); header[0] = 0; - mbedtls_sha512_update( &accumulator, header, 2 ); - mbedtls_sha512_update( &accumulator, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); - mbedtls_sha512_finish( &accumulator, buf ); + TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); + TEST_ASSERT( mbedtls_md_update( &accumulator, + check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 ); - mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, check_entropy, 0 ); + TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + check_entropy ) == 0 ); // Check result of both NV file and entropy received with the manual calculations TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); exit: + mbedtls_md_free( &accumulator ); mbedtls_entropy_free( &ctx ); mbedtls_nv_seed_read = original_mbedtls_nv_seed_read; mbedtls_nv_seed_write = original_mbedtls_nv_seed_write; From 84867cffdd0693da50de7ad527fa8582c8c59480 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Jul 2019 15:46:03 +0200 Subject: [PATCH 1458/2197] Don't use dynamic pointer dispatch in md In the generic message digest abstraction, instead of storing method pointers in the per-algorithm data structure and using wrapper functions as those methods, call the per-algorithm function directly. This saves some code size (2336B -> 2043B for md with all algorithms enabled on M0+ with gcc -Os). This should also make it easier to optimize the case when a single algorithm is supported. In addition, this is a very slight security improvement since it removes one opportunity for a buffer overflow to directly turn into letting the attacker overwrite a pointer to a function pointer. This commit does not modify the documented API. However, it removes the possibility for users to define their own hash implementations and use them by building their own md_info. Changing mbedtls_md_context to contain a md type identifier rather than a pointer to an info structure would save a few more bytes and a few more runtime memory accesses, but would be a major API break since a lot of code uses `const mbedtls_md_info *` to keep track of which hash is in use. --- include/mbedtls/md_internal.h | 25 -- library/CMakeLists.txt | 1 - library/Makefile | 2 +- library/md.c | 460 ++++++++++++++++++++++++-- library/md_wrap.c | 586 --------------------------------- visualc/VS2010/mbedTLS.vcxproj | 1 - 6 files changed, 431 insertions(+), 644 deletions(-) delete mode 100644 library/md_wrap.c diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 04de48291..96ff53429 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -57,31 +57,6 @@ struct mbedtls_md_info_t /** Block length of the digest function in bytes */ int block_size; - - /** Digest initialisation function */ - int (*starts_func)( void *ctx ); - - /** Digest update function */ - int (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); - - /** Digest finalisation function */ - int (*finish_func)( void *ctx, unsigned char *output ); - - /** Generic digest function */ - int (*digest_func)( const unsigned char *input, size_t ilen, - unsigned char *output ); - - /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); - - /** Free the given context */ - void (*ctx_free_func)( void *ctx ); - - /** Clone state from a context */ - void (*clone_func)( void *dst, const void *src ); - - /** Internal use only */ - int (*process_func)( void *ctx, const unsigned char *input ); }; #if defined(MBEDTLS_MD2_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6b2a8508a..092cb62ec 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -44,7 +44,6 @@ set(src_crypto md2.c md4.c md5.c - md_wrap.c memory_buffer_alloc.c nist_kw.c oid.c diff --git a/library/Makefile b/library/Makefile index 921b68ec7..c6a7da64c 100644 --- a/library/Makefile +++ b/library/Makefile @@ -74,7 +74,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ gcm.o havege.o \ hkdf.o \ hmac_drbg.o md.o md2.o \ - md4.o md5.o md_wrap.o \ + md4.o md5.o \ memory_buffer_alloc.o nist_kw.o \ oid.o padlock.o pem.o \ pk.o pk_wrap.o pkcs12.o \ diff --git a/library/md.c b/library/md.c index ac8fac5bb..2ef50f67f 100644 --- a/library/md.c +++ b/library/md.c @@ -35,6 +35,14 @@ #include "mbedtls/md_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/md2.h" +#include "mbedtls/md4.h" +#include "mbedtls/md5.h" +#include "mbedtls/ripemd160.h" +#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -49,6 +57,83 @@ #include #endif +#if defined(MBEDTLS_MD2_C) +const mbedtls_md_info_t mbedtls_md2_info = { + MBEDTLS_MD_MD2, + "MD2", + 16, + 16, +}; +#endif + +#if defined(MBEDTLS_MD4_C) +const mbedtls_md_info_t mbedtls_md4_info = { + MBEDTLS_MD_MD4, + "MD4", + 16, + 64, +}; +#endif + +#if defined(MBEDTLS_MD5_C) +const mbedtls_md_info_t mbedtls_md5_info = { + MBEDTLS_MD_MD5, + "MD5", + 16, + 64, +}; +#endif + +#if defined(MBEDTLS_RIPEMD160_C) +const mbedtls_md_info_t mbedtls_ripemd160_info = { + MBEDTLS_MD_RIPEMD160, + "RIPEMD160", + 20, + 64, +}; +#endif + +#if defined(MBEDTLS_SHA1_C) +const mbedtls_md_info_t mbedtls_sha1_info = { + MBEDTLS_MD_SHA1, + "SHA1", + 20, + 64, +}; +#endif + +#if defined(MBEDTLS_SHA256_C) +const mbedtls_md_info_t mbedtls_sha224_info = { + MBEDTLS_MD_SHA224, + "SHA224", + 28, + 64, +}; + +const mbedtls_md_info_t mbedtls_sha256_info = { + MBEDTLS_MD_SHA256, + "SHA256", + 32, + 64, +}; +#endif + +#if defined(MBEDTLS_SHA512_C) +const mbedtls_md_info_t mbedtls_sha384_info = { + MBEDTLS_MD_SHA384, + "SHA384", + 48, + 128, +}; + +const mbedtls_md_info_t mbedtls_sha512_info = { + MBEDTLS_MD_SHA512, + "SHA512", + 64, + 128, +}; +#endif + /* * Reminder: update profiles in Mbed TLS's x509_crt.c when adding a new hash! */ @@ -185,7 +270,52 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) return; if( ctx->md_ctx != NULL ) - ctx->md_info->ctx_free_func( ctx->md_ctx ); + { + switch( ctx->md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + mbedtls_md2_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + mbedtls_md4_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + mbedtls_md5_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + mbedtls_ripemd160_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + mbedtls_sha1_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + case MBEDTLS_MD_SHA256: + mbedtls_sha256_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + case MBEDTLS_MD_SHA512: + mbedtls_sha512_free( ctx->md_ctx ); + break; +#endif + default: + /* Shouldn't happen */ + break; + } + mbedtls_free( ctx->md_ctx ); + } if( ctx->hmac_ctx != NULL ) { @@ -207,7 +337,48 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - dst->md_info->clone_func( dst->md_ctx, src->md_ctx ); + switch( src->md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + mbedtls_md2_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + mbedtls_md4_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + mbedtls_md5_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + mbedtls_sha1_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + case MBEDTLS_MD_SHA256: + mbedtls_sha256_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + case MBEDTLS_MD_SHA512: + mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); + break; +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } return( 0 ); } @@ -219,20 +390,69 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ } #endif +#define ALLOC( type ) \ + do { \ + ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \ + if( ctx->md_ctx == NULL ) \ + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); \ + mbedtls_##type##_init( ctx->md_ctx ); \ + } \ + while( 0 ) + int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) { if( md_info == NULL || ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + switch( md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + ALLOC( md2 ); + break; +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + ALLOC( md4 ); + break; +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + ALLOC( md5 ); + break; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + ALLOC( ripemd160 ); + break; +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + ALLOC( sha1 ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + case MBEDTLS_MD_SHA256: + ALLOC( sha256 ); + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + case MBEDTLS_MD_SHA512: + ALLOC( sha512 ); + break; +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } if( hmac != 0 ) { ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size ); if( ctx->hmac_ctx == NULL ) { - md_info->ctx_free_func( ctx->md_ctx ); + mbedtls_md_free( ctx ); return( MBEDTLS_ERR_MD_ALLOC_FAILED ); } } @@ -241,13 +461,50 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf return( 0 ); } +#undef ALLOC int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { if( ctx == NULL || ctx->md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->starts_func( ctx->md_ctx ) ); + switch( ctx->md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( mbedtls_md2_starts_ret( ctx->md_ctx ) ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( mbedtls_md4_starts_ret( ctx->md_ctx ) ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( mbedtls_md5_starts_ret( ctx->md_ctx ) ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( mbedtls_sha1_starts_ret( ctx->md_ctx ) ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) ); + case MBEDTLS_MD_SHA256: + return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); + case MBEDTLS_MD_SHA512: + return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } } int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) @@ -255,7 +512,43 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si if( ctx == NULL || ctx->md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); + switch( ctx->md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); + case MBEDTLS_MD_SHA256: + return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); + case MBEDTLS_MD_SHA512: + return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } } int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -263,7 +556,43 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) if( ctx == NULL || ctx->md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); + switch( ctx->md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); + case MBEDTLS_MD_SHA256: + return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); + case MBEDTLS_MD_SHA512: + return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } } int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, @@ -272,7 +601,43 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si if( md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( md_info->digest_func( input, ilen, output ) ); + switch( md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( mbedtls_md2_ret( input, ilen, output ) ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( mbedtls_md4_ret( input, ilen, output ) ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( mbedtls_md5_ret( input, ilen, output ) ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( mbedtls_ripemd160_ret( input, ilen, output ) ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( mbedtls_sha1_ret( input, ilen, output ) ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); + case MBEDTLS_MD_SHA256: + return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); + case MBEDTLS_MD_SHA512: + return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } } #if defined(MBEDTLS_FS_IO) @@ -295,17 +660,17 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) goto cleanup; - if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) goto cleanup; while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 ) + if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 ) goto cleanup; if( ferror( f ) != 0 ) ret = MBEDTLS_ERR_MD_FILE_IO_ERROR; else - ret = md_info->finish_func( ctx.md_ctx, output ); + ret = mbedtls_md_finish( &ctx, output ); cleanup: mbedtls_platform_zeroize( buf, sizeof( buf ) ); @@ -328,11 +693,11 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, if( keylen > (size_t) ctx->md_info->block_size ) { - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) goto cleanup; - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 ) + if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 ) goto cleanup; - if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 ) + if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 ) goto cleanup; keylen = ctx->md_info->size; @@ -351,10 +716,10 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, opad[i] = (unsigned char)( opad[i] ^ key[i] ); } - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) goto cleanup; - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad, - ctx->md_info->block_size ) ) != 0 ) + if( ( ret = mbedtls_md_update( ctx, ipad, + ctx->md_info->block_size ) ) != 0 ) goto cleanup; cleanup: @@ -368,7 +733,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md_update( ctx, input, ilen ) ); } int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -382,17 +747,17 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; - if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 ) + if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad, - ctx->md_info->block_size ) ) != 0 ) + if( ( ret = mbedtls_md_update( ctx, opad, + ctx->md_info->block_size ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp, - ctx->md_info->size ) ) != 0 ) + if( ( ret = mbedtls_md_update( ctx, tmp, + ctx->md_info->size ) ) != 0 ) return( ret ); - return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); + return( mbedtls_md_finish( ctx, output ) ); } int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) @@ -405,10 +770,9 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) ipad = (unsigned char *) ctx->hmac_ctx; - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) return( ret ); - return( ctx->md_info->update_func( ctx->md_ctx, ipad, - ctx->md_info->block_size ) ); + return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) ); } int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, @@ -445,7 +809,43 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) if( ctx == NULL || ctx->md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->process_func( ctx->md_ctx, data ) ); + switch( ctx->md_info->type ) + { +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( mbedtls_internal_md2_process( ctx->md_ctx ) ); +#endif +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( mbedtls_internal_md4_process( ctx->md_ctx, data ) ); +#endif +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( mbedtls_internal_md5_process( ctx->md_ctx, data ) ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); + case MBEDTLS_MD_SHA256: + return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); + case MBEDTLS_MD_SHA512: + return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); +#endif + default: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } } unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) diff --git a/library/md_wrap.c b/library/md_wrap.c deleted file mode 100644 index 32f087197..000000000 --- a/library/md_wrap.c +++ /dev/null @@ -1,586 +0,0 @@ -/** - * \file md_wrap.c - * - * \brief Generic message digest wrapper for mbed TLS - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_MD_C) - -#include "mbedtls/md_internal.h" - -#if defined(MBEDTLS_MD2_C) -#include "mbedtls/md2.h" -#endif - -#if defined(MBEDTLS_MD4_C) -#include "mbedtls/md4.h" -#endif - -#if defined(MBEDTLS_MD5_C) -#include "mbedtls/md5.h" -#endif - -#if defined(MBEDTLS_RIPEMD160_C) -#include "mbedtls/ripemd160.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "mbedtls/sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "mbedtls/sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "mbedtls/sha512.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#if defined(MBEDTLS_MD2_C) - -static int md2_starts_wrap( void *ctx ) -{ - return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); -} - -static int md2_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); -} - -static int md2_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); -} - -static void *md2_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); - - if( ctx != NULL ) - mbedtls_md2_init( (mbedtls_md2_context *) ctx ); - - return( ctx ); -} - -static void md2_ctx_free( void *ctx ) -{ - mbedtls_md2_free( (mbedtls_md2_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md2_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md2_clone( (mbedtls_md2_context *) dst, - (const mbedtls_md2_context *) src ); -} - -static int md2_process_wrap( void *ctx, const unsigned char *data ) -{ - ((void) data); - - return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); -} - -const mbedtls_md_info_t mbedtls_md2_info = { - MBEDTLS_MD_MD2, - "MD2", - 16, - 16, - md2_starts_wrap, - md2_update_wrap, - md2_finish_wrap, - mbedtls_md2_ret, - md2_ctx_alloc, - md2_ctx_free, - md2_clone_wrap, - md2_process_wrap, -}; - -#endif /* MBEDTLS_MD2_C */ - -#if defined(MBEDTLS_MD4_C) - -static int md4_starts_wrap( void *ctx ) -{ - return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); -} - -static int md4_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); -} - -static int md4_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); -} - -static void *md4_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); - - if( ctx != NULL ) - mbedtls_md4_init( (mbedtls_md4_context *) ctx ); - - return( ctx ); -} - -static void md4_ctx_free( void *ctx ) -{ - mbedtls_md4_free( (mbedtls_md4_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md4_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md4_clone( (mbedtls_md4_context *) dst, - (const mbedtls_md4_context *) src ); -} - -static int md4_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_md4_info = { - MBEDTLS_MD_MD4, - "MD4", - 16, - 64, - md4_starts_wrap, - md4_update_wrap, - md4_finish_wrap, - mbedtls_md4_ret, - md4_ctx_alloc, - md4_ctx_free, - md4_clone_wrap, - md4_process_wrap, -}; - -#endif /* MBEDTLS_MD4_C */ - -#if defined(MBEDTLS_MD5_C) - -static int md5_starts_wrap( void *ctx ) -{ - return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); -} - -static int md5_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); -} - -static int md5_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); -} - -static void *md5_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); - - if( ctx != NULL ) - mbedtls_md5_init( (mbedtls_md5_context *) ctx ); - - return( ctx ); -} - -static void md5_ctx_free( void *ctx ) -{ - mbedtls_md5_free( (mbedtls_md5_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md5_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md5_clone( (mbedtls_md5_context *) dst, - (const mbedtls_md5_context *) src ); -} - -static int md5_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_md5_info = { - MBEDTLS_MD_MD5, - "MD5", - 16, - 64, - md5_starts_wrap, - md5_update_wrap, - md5_finish_wrap, - mbedtls_md5_ret, - md5_ctx_alloc, - md5_ctx_free, - md5_clone_wrap, - md5_process_wrap, -}; - -#endif /* MBEDTLS_MD5_C */ - -#if defined(MBEDTLS_RIPEMD160_C) - -static int ripemd160_starts_wrap( void *ctx ) -{ - return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); -} - -static int ripemd160_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, - input, ilen ) ); -} - -static int ripemd160_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, - output ) ); -} - -static void *ripemd160_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); - - if( ctx != NULL ) - mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); - - return( ctx ); -} - -static void ripemd160_ctx_free( void *ctx ) -{ - mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); - mbedtls_free( ctx ); -} - -static void ripemd160_clone_wrap( void *dst, const void *src ) -{ - mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, - (const mbedtls_ripemd160_context *) src ); -} - -static int ripemd160_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_ripemd160_process( - (mbedtls_ripemd160_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_ripemd160_info = { - MBEDTLS_MD_RIPEMD160, - "RIPEMD160", - 20, - 64, - ripemd160_starts_wrap, - ripemd160_update_wrap, - ripemd160_finish_wrap, - mbedtls_ripemd160_ret, - ripemd160_ctx_alloc, - ripemd160_ctx_free, - ripemd160_clone_wrap, - ripemd160_process_wrap, -}; - -#endif /* MBEDTLS_RIPEMD160_C */ - -#if defined(MBEDTLS_SHA1_C) - -static int sha1_starts_wrap( void *ctx ) -{ - return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); -} - -static int sha1_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, - input, ilen ) ); -} - -static int sha1_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); -} - -static void *sha1_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); - - if( ctx != NULL ) - mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); - - return( ctx ); -} - -static void sha1_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, - (const mbedtls_sha1_context *) src ); -} - -static void sha1_ctx_free( void *ctx ) -{ - mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); - mbedtls_free( ctx ); -} - -static int sha1_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha1_info = { - MBEDTLS_MD_SHA1, - "SHA1", - 20, - 64, - sha1_starts_wrap, - sha1_update_wrap, - sha1_finish_wrap, - mbedtls_sha1_ret, - sha1_ctx_alloc, - sha1_ctx_free, - sha1_clone_wrap, - sha1_process_wrap, -}; - -#endif /* MBEDTLS_SHA1_C */ - -/* - * Wrappers for generic message digests - */ -#if defined(MBEDTLS_SHA256_C) - -static int sha224_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); -} - -static int sha224_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, - input, ilen ) ); -} - -static int sha224_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, - output ) ); -} - -static int sha224_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); -} - -static void *sha224_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); - - if( ctx != NULL ) - mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); - - return( ctx ); -} - -static void sha224_ctx_free( void *ctx ) -{ - mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha224_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, - (const mbedtls_sha256_context *) src ); -} - -static int sha224_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha224_info = { - MBEDTLS_MD_SHA224, - "SHA224", - 28, - 64, - sha224_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha224_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, -}; - -static int sha256_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); -} - -static int sha256_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); -} - -const mbedtls_md_info_t mbedtls_sha256_info = { - MBEDTLS_MD_SHA256, - "SHA256", - 32, - 64, - sha256_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha256_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, -}; - -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - -static int sha384_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); -} - -static int sha384_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, - input, ilen ) ); -} - -static int sha384_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, - output ) ); -} - -static int sha384_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); -} - -static void *sha384_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); - - if( ctx != NULL ) - mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); - - return( ctx ); -} - -static void sha384_ctx_free( void *ctx ) -{ - mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha384_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, - (const mbedtls_sha512_context *) src ); -} - -static int sha384_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha384_info = { - MBEDTLS_MD_SHA384, - "SHA384", - 48, - 128, - sha384_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha384_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, -}; - -static int sha512_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); -} - -static int sha512_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); -} - -const mbedtls_md_info_t mbedtls_sha512_info = { - MBEDTLS_MD_SHA512, - "SHA512", - 64, - 128, - sha512_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha512_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, -}; - -#endif /* MBEDTLS_SHA512_C */ - -#endif /* MBEDTLS_MD_C */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 07c80e84f..1bb6d5fe5 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -265,7 +265,6 @@ - From 2838b7bfbaa5ecc78ef01cd8b8b26f917119c398 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 19 Jul 2019 16:03:39 +0200 Subject: [PATCH 1459/2197] Use smaller types in mbedtls_md_info_t Saves a few bytes of code size. --- include/mbedtls/md_internal.h | 10 +++++----- library/md.c | 18 +++++++++--------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 96ff53429..e7bf16ba1 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -46,17 +46,17 @@ extern "C" { */ struct mbedtls_md_info_t { - /** Digest identifier */ - mbedtls_md_type_t type; - /** Name of the message digest */ const char * name; + /** Digest identifier */ + mbedtls_md_type_t type; + /** Output length of the digest function in bytes */ - int size; + unsigned char size; /** Block length of the digest function in bytes */ - int block_size; + unsigned char block_size; }; #if defined(MBEDTLS_MD2_C) diff --git a/library/md.c b/library/md.c index 2ef50f67f..e1b5183b6 100644 --- a/library/md.c +++ b/library/md.c @@ -59,8 +59,8 @@ #if defined(MBEDTLS_MD2_C) const mbedtls_md_info_t mbedtls_md2_info = { - MBEDTLS_MD_MD2, "MD2", + MBEDTLS_MD_MD2, 16, 16, }; @@ -68,8 +68,8 @@ const mbedtls_md_info_t mbedtls_md2_info = { #if defined(MBEDTLS_MD4_C) const mbedtls_md_info_t mbedtls_md4_info = { - MBEDTLS_MD_MD4, "MD4", + MBEDTLS_MD_MD4, 16, 64, }; @@ -77,8 +77,8 @@ const mbedtls_md_info_t mbedtls_md4_info = { #if defined(MBEDTLS_MD5_C) const mbedtls_md_info_t mbedtls_md5_info = { - MBEDTLS_MD_MD5, "MD5", + MBEDTLS_MD_MD5, 16, 64, }; @@ -86,8 +86,8 @@ const mbedtls_md_info_t mbedtls_md5_info = { #if defined(MBEDTLS_RIPEMD160_C) const mbedtls_md_info_t mbedtls_ripemd160_info = { - MBEDTLS_MD_RIPEMD160, "RIPEMD160", + MBEDTLS_MD_RIPEMD160, 20, 64, }; @@ -95,8 +95,8 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = { #if defined(MBEDTLS_SHA1_C) const mbedtls_md_info_t mbedtls_sha1_info = { - MBEDTLS_MD_SHA1, "SHA1", + MBEDTLS_MD_SHA1, 20, 64, }; @@ -104,15 +104,15 @@ const mbedtls_md_info_t mbedtls_sha1_info = { #if defined(MBEDTLS_SHA256_C) const mbedtls_md_info_t mbedtls_sha224_info = { - MBEDTLS_MD_SHA224, "SHA224", + MBEDTLS_MD_SHA224, 28, 64, }; const mbedtls_md_info_t mbedtls_sha256_info = { - MBEDTLS_MD_SHA256, "SHA256", + MBEDTLS_MD_SHA256, 32, 64, }; @@ -120,15 +120,15 @@ const mbedtls_md_info_t mbedtls_sha256_info = { #if defined(MBEDTLS_SHA512_C) const mbedtls_md_info_t mbedtls_sha384_info = { - MBEDTLS_MD_SHA384, "SHA384", + MBEDTLS_MD_SHA384, 48, 128, }; const mbedtls_md_info_t mbedtls_sha512_info = { - MBEDTLS_MD_SHA512, "SHA512", + MBEDTLS_MD_SHA512, 64, 128, }; From c8336cb8f95f96740d5cfdc5b90758624550c08d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Jul 2019 19:26:12 +0200 Subject: [PATCH 1460/2197] Implement a transaction record storage for resilience Implement a transaction record that can be used for actions that modify more than one piece of persistent data (whether in the persistent storage or elsewhere such as in a secure element). While performing a transaction, the transaction file is present in storage. If the system starts with an ongoing transaction, it must complete the transaction (not implemented yet). --- library/psa_crypto_storage.c | 66 +++++++++++++++++ library/psa_crypto_storage.h | 133 +++++++++++++++++++++++++++++++++++ 2 files changed, 199 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index cd36bb910..d07bdc580 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -50,6 +50,12 @@ #define mbedtls_free free #endif + + +/****************************************************************/ +/* Key storage */ +/****************************************************************/ + /* Determine a file name (ITS file identifier) for the given key file * identifier. The file name must be distinct from any file that is used * for a purpose other than storing a key. Currently, the only such file @@ -399,6 +405,60 @@ exit: return( status ); } + + +/****************************************************************/ +/* Transactions */ +/****************************************************************/ + +#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) + +psa_crypto_transaction_t psa_crypto_transaction; + +psa_status_t psa_crypto_save_transaction( void ) +{ + struct psa_storage_info_t p_info; + psa_status_t status; + status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); + if( status == PSA_SUCCESS ) + { + /* This shouldn't happen: we're trying to start a transaction while + * there is still a transaction that hasn't been replayed. */ + return( PSA_ERROR_CORRUPTION_DETECTED ); + } + else if( status != PSA_ERROR_DOES_NOT_EXIST ) + return( status ); + return( psa_its_set( PSA_CRYPTO_ITS_TRANSACTION_UID, + sizeof( psa_crypto_transaction ), + &psa_crypto_transaction, + 0 ) ); +} + +psa_status_t psa_crypto_load_transaction( void ) +{ + return( psa_its_get( PSA_CRYPTO_ITS_TRANSACTION_UID, 0, + sizeof( psa_crypto_transaction ), + &psa_crypto_transaction ) ); +} + +psa_status_t psa_crypto_stop_transaction( void ) +{ + psa_status_t status = psa_its_remove( PSA_CRYPTO_ITS_TRANSACTION_UID ); + /* Whether or not updating the storage succeeded, the transaction is + * finished now. It's too late to go back, so zero out the in-memory + * data. */ + memset( &psa_crypto_transaction, 0, sizeof( psa_crypto_transaction ) ); + return( status ); +} + +#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ + + + +/****************************************************************/ +/* Random generator state */ +/****************************************************************/ + #if defined(MBEDTLS_PSA_INJECT_ENTROPY) psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, size_t seed_size ) @@ -421,4 +481,10 @@ psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + + +/****************************************************************/ +/* The end */ +/****************************************************************/ + #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 2af624a0c..16f5d5cac 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -39,6 +39,7 @@ extern "C" { #include "psa/crypto.h" #include +#include /* Limit the maximum key size to 30kB (just in case someone tries to * inadvertently store an obscene amount of data) */ @@ -203,6 +204,138 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, psa_key_type_t *type, psa_key_policy_t *policy ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +/** This symbol is defined if transaction support is required. */ +#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS +#endif + +#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) + +/** The type of transaction that is in progress. + */ +/* This is an integer type rather than an enum for two reasons: to support + * unknown values when loading a transaction file, and to ensure that the + * type has a known size. + */ +typedef uint16_t psa_crypto_transaction_type_t; + +/** No transaction is in progress. + */ +#define PSA_CRYPTO_TRANSACTION_NONE ( (psa_crypto_transaction_type_t) 0x0000 ) + +/** Transaction data. + * + * This type is designed to be serialized by writing the memory representation + * and reading it back on the same device. + * + * \note The transaction mechanism is designed for a single active transaction + * at a time. The transaction object is #psa_crypto_transaction. + * + * \note If an API call starts a transaction, it must complete this transaction + * before returning to the application. + * + * The lifetime of a transaction is the following (note that only one + * transaction may be active at a time): + * + * -# Call psa_crypto_prepare_transaction() to initialize the transaction + * object in memory and declare the type of transaction that is starting. + * -# Fill in the type-specific fields of #psa_crypto_transaction. + * -# Call psa_crypto_save_transaction() to start the transaction. This + * saves the transaction data to internal storage. + * -# If there are intermediate stages in the transaction, update + * the fields of #psa_crypto_transaction and call + * psa_crypto_save_transaction() again when each stage is reached. + * -# When the transaction is over, whether it has been committed or aborted, + * call psa_crypto_stop_transaction() to remove the transaction data in + * storage and in memory. + * + * If the system crashes while a transaction is in progress, psa_crypto_init() + * calls psa_crypto_load_transaction() and takes care of completing or + * rewinding the transaction. + */ +typedef union +{ + /* Each element of this union must have the following properties + * to facilitate serialization and deserialization: + * + * - The element is a struct. + * - The first field of the struct is `psa_crypto_transaction_type_t type`. + * - Elements of the struct are arranged such a way that there is + * no padding. + */ + struct psa_crypto_transaction_unknown_s + { + psa_crypto_transaction_type_t type; + } unknown; +} psa_crypto_transaction_t; + +/** The single active transaction. + */ +extern psa_crypto_transaction_t psa_crypto_transaction; + +/** Prepare for a transaction. + * + * There must not be an ongoing transaction. + * + * \param type The type of transaction to start. + */ +static inline void psa_crypto_prepare_transaction( + psa_crypto_transaction_type_t type ) +{ + psa_crypto_transaction.unknown.type = type; +} + +/** Save the transaction data to storage. + * + * You may call this function multiple times during a transaction to + * atomically update the transaction state. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_crypto_save_transaction( void ); + +/** Load the transaction data from storage, if any. + * + * This function is meant to be called from psa_crypto_init() to recover + * in case a transaction was interrupted by a system crash. + * + * \retval #PSA_SUCCESS + * The data about the ongoing transaction has been loaded to + * #psa_crypto_transaction. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no ongoing transaction. + * \retval #PSA_ERROR_STORAGE_FAILURE + */ +psa_status_t psa_crypto_load_transaction( void ); + +/** Indicate that the current transaction is finished. + * + * Call this function at the very end of transaction processing, whether + * the transaction has been committed or aborted. + * + * This function erases the transaction data in storage (if any) and + * resets the transaction data in memory. + * + * \retval #PSA_SUCCESS + * There was transaction data in storage. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There was no transaction data in storage. + * \retval #PSA_ERROR_STORAGE_FAILURE + * It was impossible to determine whether there was transaction data + * in storage, or the transaction data could not be erased. + */ +psa_status_t psa_crypto_stop_transaction( void ); + +/** The ITS file identifier for the transaction data. + * + * 0xffffffNN = special file; 0x74 = 't' for transaction. + */ +#define PSA_CRYPTO_ITS_TRANSACTION_UID ( (psa_key_id_t) 0xffffff74 ) + +#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ + #if defined(MBEDTLS_PSA_INJECT_ENTROPY) /** Backend side of mbedtls_psa_inject_entropy(). * From fc76265385420739fa671590a98d2bc3df07af45 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Jul 2019 19:30:34 +0200 Subject: [PATCH 1461/2197] Do secure element key creation and destruction in a transaction Key creation and key destruction for a key in a secure element both require updating three pieces of data: the key data in the secure element, the key metadata in internal storage, and the SE driver's persistent data. Perform these actions in a transaction so that recovery is possible if the action is interrupted midway. --- library/psa_crypto.c | 59 ++++++++++++++++++++++++++++++++++-- library/psa_crypto_storage.h | 40 +++++++++++++++++++----- 2 files changed, 89 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 77acf2edd..c482747b7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -950,7 +950,20 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) #if defined(MBEDTLS_PSA_CRYPTO_SE_C) driver = psa_get_se_driver_entry( slot->lifetime ); if( driver != NULL ) + { + psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY ); + psa_crypto_transaction.key.lifetime = slot->lifetime; + psa_crypto_transaction.key.slot = slot->data.se.slot_number; + psa_crypto_transaction.key.id = slot->persistent_storage_id; + status = psa_crypto_save_transaction( ); + if( status != PSA_SUCCESS ) + { + /* TOnogrepDO: destroy what can be destroyed anyway */ + return( status ); + } + status = psa_destroy_se_key( driver, slot->data.se.slot_number ); + } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) @@ -961,6 +974,18 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + status = psa_crypto_stop_transaction( ); + if( status != PSA_SUCCESS ) + { + /* TOnogrepDO: destroy what can be destroyed anyway */ + return( status ); + } + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + status = psa_wipe_key_slot( slot ); if( status != PSA_SUCCESS ) return( status ); @@ -1382,8 +1407,10 @@ static psa_status_t psa_start_key_creation( slot->type = attributes->type; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* Find a slot number. Don't yet mark it as allocated in case - * the key creation fails or there is a power failure. */ + /* Find a slot number for the new key. Save the slot number in + * persistent storage, but do not yet save the driver's persistent + * state, so that if the power fails during the key creation process, + * we can roll back to a state where the key doesn't exist. */ if( *p_drv != NULL ) { status = psa_find_se_slot_for_key( attributes, *p_drv, @@ -1391,6 +1418,13 @@ static psa_status_t psa_start_key_creation( if( status != PSA_SUCCESS ) return( status ); } + psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY ); + psa_crypto_transaction.key.lifetime = slot->lifetime; + psa_crypto_transaction.key.slot = slot->data.se.slot_number; + psa_crypto_transaction.key.id = slot->persistent_storage_id; + status = psa_crypto_save_transaction( ); + if( status != PSA_SUCCESS ) + return( status ); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ return( status ); @@ -1459,6 +1493,9 @@ static psa_status_t psa_finish_key_creation( psa_destroy_persistent_key( slot->persistent_storage_id ); return( status ); } + status = psa_crypto_stop_transaction( ); + if( status != PSA_SUCCESS ) + return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1490,6 +1527,11 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, * element, and the failure happened later (when saving metadata * to internal storage), we need to destroy the key in the secure * element. */ + + /* Abort the ongoing transaction if any. We already did what it + * takes to undo any partial creation. All that's left is to update + * the transaction data itself. */ + (void) psa_crypto_stop_transaction( ); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ psa_wipe_key_slot( slot ); @@ -5674,6 +5716,19 @@ psa_status_t psa_crypto_init( void ) if( status != PSA_SUCCESS ) goto exit; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + status = psa_crypto_load_transaction( ); + if( status == PSA_SUCCESS ) + { + /*TOnogrepDO: complete or abort the transaction*/ + } + else if( status == PSA_ERROR_DOES_NOT_EXIST ) + { + /* There's no transaction to complete. It's all good. */ + status = PSA_SUCCESS; + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + /* All done. */ global_data.initialized = 1; diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 16f5d5cac..2e4079f7d 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -29,15 +29,9 @@ extern "C" { #endif -/* Include the Mbed TLS configuration file, the way Mbed TLS does it - * in each of its header files. */ -#if defined(MBEDTLS_CONFIG_FILE) -#include MBEDTLS_CONFIG_FILE -#else -#include "mbedtls/config.h" -#endif - #include "psa/crypto.h" +#include "psa/crypto_se_driver.h" + #include #include @@ -223,6 +217,22 @@ typedef uint16_t psa_crypto_transaction_type_t; */ #define PSA_CRYPTO_TRANSACTION_NONE ( (psa_crypto_transaction_type_t) 0x0000 ) +/** A key creation transaction. + * + * This is only used for keys in an external cryptoprocessor (secure element). + * Keys in RAM or in internal storage are created atomically in storage + * (simple file creation), so they do not need a transaction mechanism. + */ +#define PSA_CRYPTO_TRANSACTION_CREATE_KEY ( (psa_crypto_transaction_type_t) 0x0001 ) + +/** A key destruction transaction. + * + * This is only used for keys in an external cryptoprocessor (secure element). + * Keys in RAM or in internal storage are destroyed atomically in storage + * (simple file deletion), so they do not need a transaction mechanism. + */ +#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY ( (psa_crypto_transaction_type_t) 0x0002 ) + /** Transaction data. * * This type is designed to be serialized by writing the memory representation @@ -266,7 +276,21 @@ typedef union struct psa_crypto_transaction_unknown_s { psa_crypto_transaction_type_t type; + uint16_t unused1; + uint32_t unused2; + uint64_t unused3; + uint64_t unused4; } unknown; + /* ::type is #PSA_CRYPTO_TRANSACTION_CREATE_KEY or + * #PSA_CRYPTO_TRANSACTION_DESTROY_KEY. */ + struct psa_crypto_transaction_key_s + { + psa_crypto_transaction_type_t type; + uint16_t unused1; + psa_key_lifetime_t lifetime; + psa_key_slot_number_t slot; + psa_key_id_t id; + } key; } psa_crypto_transaction_t; /** The single active transaction. From 6032673b399746b356979d960bf30ccbb446881f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Jul 2019 20:10:36 +0200 Subject: [PATCH 1462/2197] Fix Doxygen reference Pass doxygen.sh --- include/psa/crypto_se_driver.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index bdc038e88..e7fe00671 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -65,7 +65,7 @@ typedef struct { * * The size of this buffer is given by psa_drv_se_t::persistent_data_size * when the driver is registered, and this value is also recorded in the - * ::persistent_data_size field of this structure. + * psa_drv_se_context_t::persistent_data_size field of this structure. * * Before the driver is initialized for the first time, the content of * the persistent data is all-bits-zero. After a driver upgrade, if the From 274a2637f21e13cf0d7075c241dd4a53ff0ad2ea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 11:27:38 +0200 Subject: [PATCH 1463/2197] Make whitespace consistent --- library/psa_crypto_storage.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index d07bdc580..97b2481d4 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -227,7 +227,7 @@ static psa_status_t psa_crypto_storage_get_data_length( * 32-bit integer manipulation macros (little endian) */ #ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ +#define GET_UINT32_LE( n, b, i ) \ { \ (n) = ( (uint32_t) (b)[(i) ] ) \ | ( (uint32_t) (b)[(i) + 1] << 8 ) \ @@ -237,7 +237,7 @@ static psa_status_t psa_crypto_storage_get_data_length( #endif #ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ +#define PUT_UINT32_LE( n, b, i ) \ { \ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ @@ -271,12 +271,12 @@ void psa_format_key_data_for_storage( const uint8_t *data, (psa_persistent_key_storage_format *) storage_data; memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); - PUT_UINT32_LE(0, storage_format->version, 0); - PUT_UINT32_LE(type, storage_format->type, 0); - PUT_UINT32_LE(policy->usage, storage_format->policy, 0); - PUT_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); - PUT_UINT32_LE(policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); - PUT_UINT32_LE(data_length, storage_format->data_len, 0); + PUT_UINT32_LE( 0, storage_format->version, 0 ); + PUT_UINT32_LE( type, storage_format->type, 0 ); + PUT_UINT32_LE( policy->usage, storage_format->policy, 0 ); + PUT_UINT32_LE( policy->alg, storage_format->policy, sizeof( uint32_t ) ); + PUT_UINT32_LE( policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); memcpy( storage_format->key_data, data, data_length ); } @@ -307,11 +307,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, if( status != PSA_SUCCESS ) return( status ); - GET_UINT32_LE(version, storage_format->version, 0); + GET_UINT32_LE( version, storage_format->version, 0 ); if( version != 0 ) return( PSA_ERROR_STORAGE_FAILURE ); - GET_UINT32_LE(*key_data_length, storage_format->data_len, 0); + GET_UINT32_LE( *key_data_length, storage_format->data_len, 0 ); if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) return( PSA_ERROR_STORAGE_FAILURE ); @@ -328,10 +328,10 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE(*type, storage_format->type, 0); - GET_UINT32_LE(policy->usage, storage_format->policy, 0); - GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t )); - GET_UINT32_LE(policy->alg2, storage_format->policy, 2 * sizeof( uint32_t )); + GET_UINT32_LE( *type, storage_format->type, 0 ); + GET_UINT32_LE( policy->usage, storage_format->policy, 0 ); + GET_UINT32_LE( policy->alg, storage_format->policy, sizeof( uint32_t ) ); + GET_UINT32_LE( policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } From bfd322ff346f8aba5f7c560918cbc0dc1d307059 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 11:58:03 +0200 Subject: [PATCH 1464/2197] Use a key attribute structure in the internal storage interface Pass information via a key attribute structure rather than as separate parameters to psa_crypto_storage functions. This makes it easier to maintain the code when the metadata of a key evolves. This has negligible impact on code size (+4B with "gcc -Os" on x86_64). --- library/psa_crypto.c | 27 +++++++++--- library/psa_crypto_slot_management.c | 10 +++-- library/psa_crypto_storage.c | 37 +++++++--------- library/psa_crypto_storage.h | 44 ++++++++----------- ...t_suite_psa_crypto_persistent_key.function | 28 +++++++----- 5 files changed, 76 insertions(+), 70 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c482747b7..e048e9f2b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1100,6 +1100,22 @@ exit: } #endif /* MBEDTLS_RSA_C */ +/** Retrieve the readily-accessible attributes of a key in a slot. + * + * This function does not compute attributes that are not directly + * stored in the slot, such as the bit size of a transparent key. + */ +static void psa_get_key_slot_attributes( psa_key_slot_t *slot, + psa_key_attributes_t *attributes ) +{ + attributes->id = slot->persistent_storage_id; + attributes->lifetime = slot->lifetime; + attributes->policy = slot->policy; + attributes->type = slot->type; +} + +/** Retrieve all the publicly-accessible attributes of a key. + */ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, psa_key_attributes_t *attributes ) { @@ -1112,10 +1128,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, if( status != PSA_SUCCESS ) return( status ); - attributes->id = slot->persistent_storage_id; - attributes->lifetime = slot->lifetime; - attributes->policy = slot->policy; - attributes->type = slot->type; + psa_get_key_slot_attributes( slot, attributes ); attributes->bits = psa_get_key_slot_bits( slot ); switch( slot->type ) @@ -1473,9 +1486,9 @@ static psa_status_t psa_finish_key_creation( if( status == PSA_SUCCESS ) { - status = psa_save_persistent_key( slot->persistent_storage_id, - slot->type, &slot->policy, - buffer, length ); + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_get_key_slot_attributes( slot, &attributes ); + status = psa_save_persistent_key( &attributes, buffer, length ); } if( buffer_size != 0 ) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 40e9683e5..5326fbd6a 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -124,13 +124,15 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) psa_status_t status = PSA_SUCCESS; uint8_t *key_data = NULL; size_t key_data_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - status = psa_load_persistent_key( p_slot->persistent_storage_id, - &( p_slot )->type, - &( p_slot )->policy, &key_data, - &key_data_length ); + psa_set_key_id( &attributes, p_slot->persistent_storage_id ); + status = psa_load_persistent_key( &attributes, + &key_data, &key_data_length ); if( status != PSA_SUCCESS ) goto exit; + p_slot->type = psa_get_key_type( &attributes ); + p_slot->policy = attributes.policy; status = psa_import_key_into_slot( p_slot, key_data, key_data_length ); exit: diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 97b2481d4..a35808a61 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -263,8 +263,7 @@ typedef struct { void psa_format_key_data_for_storage( const uint8_t *data, const size_t data_length, - const psa_key_type_t type, - const psa_key_policy_t *policy, + const psa_key_attributes_t *attributes, uint8_t *storage_data ) { psa_persistent_key_storage_format *storage_format = @@ -272,10 +271,10 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); PUT_UINT32_LE( 0, storage_format->version, 0 ); - PUT_UINT32_LE( type, storage_format->type, 0 ); - PUT_UINT32_LE( policy->usage, storage_format->policy, 0 ); - PUT_UINT32_LE( policy->alg, storage_format->policy, sizeof( uint32_t ) ); - PUT_UINT32_LE( policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + PUT_UINT32_LE( psa_get_key_type( attributes ), storage_format->type, 0 ); + PUT_UINT32_LE( psa_get_key_usage_flags( attributes ), storage_format->policy, 0 ); + PUT_UINT32_LE( psa_get_key_algorithm( attributes ), storage_format->policy, sizeof( uint32_t ) ); + PUT_UINT32_LE( psa_get_key_enrollment_algorithm( attributes ), storage_format->policy, 2 * sizeof( uint32_t ) ); PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); memcpy( storage_format->key_data, data, data_length ); } @@ -292,8 +291,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, size_t storage_data_length, uint8_t **key_data, size_t *key_data_length, - psa_key_type_t *type, - psa_key_policy_t *policy ) + psa_key_attributes_t *attributes ) { psa_status_t status; const psa_persistent_key_storage_format *storage_format = @@ -328,17 +326,15 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE( *type, storage_format->type, 0 ); - GET_UINT32_LE( policy->usage, storage_format->policy, 0 ); - GET_UINT32_LE( policy->alg, storage_format->policy, sizeof( uint32_t ) ); - GET_UINT32_LE( policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + GET_UINT32_LE( attributes->type, storage_format->type, 0 ); + GET_UINT32_LE( attributes->policy.usage, storage_format->policy, 0 ); + GET_UINT32_LE( attributes->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + GET_UINT32_LE( attributes->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } -psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, - const psa_key_type_t type, - const psa_key_policy_t *policy, +psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, const uint8_t *data, const size_t data_length ) { @@ -354,10 +350,10 @@ psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, if( storage_data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - psa_format_key_data_for_storage( data, data_length, type, policy, + psa_format_key_data_for_storage( data, data_length, attributes, storage_data ); - status = psa_crypto_storage_store( key, + status = psa_crypto_storage_store( psa_get_key_id( attributes ), storage_data, storage_data_length ); mbedtls_free( storage_data ); @@ -374,15 +370,14 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) mbedtls_free( key_data ); } -psa_status_t psa_load_persistent_key( psa_key_file_id_t key, - psa_key_type_t *type, - psa_key_policy_t *policy, +psa_status_t psa_load_persistent_key( psa_key_attributes_t *attributes, uint8_t **data, size_t *data_length ) { psa_status_t status = PSA_SUCCESS; uint8_t *loaded_data; size_t storage_data_length = 0; + psa_key_id_t key = psa_get_key_id( attributes ); status = psa_crypto_storage_get_data_length( key, &storage_data_length ); if( status != PSA_SUCCESS ) @@ -398,7 +393,7 @@ psa_status_t psa_load_persistent_key( psa_key_file_id_t key, goto exit; status = psa_parse_key_data_from_storage( loaded_data, storage_data_length, - data, data_length, type, policy ); + data, data_length, attributes ); exit: mbedtls_free( loaded_data ); diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 2e4079f7d..25049b08d 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -83,12 +83,11 @@ int psa_is_key_present_in_storage( const psa_key_file_id_t key ); * already occupied non-persistent key, as well as validating the key data. * * - * \param key Persistent identifier of the key to be stored. This - * should be an unoccupied storage location. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param[in] policy The key policy to save. - * \param[in] data Buffer containing the key data. - * \param data_length The number of bytes that make up the key data. + * \param[in] attributes The attributes of the key to save. + * The key identifier field in the attributes + * determines the key's location. + * \param[in] data Buffer containing the key data. + * \param data_length The number of bytes that make up the key data. * * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_MEMORY @@ -96,9 +95,7 @@ int psa_is_key_present_in_storage( const psa_key_file_id_t key ); * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_ALREADY_EXISTS */ -psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, - const psa_key_type_t type, - const psa_key_policy_t *policy, +psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, const uint8_t *data, const size_t data_length ); @@ -114,11 +111,11 @@ psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, * this function to zeroize and free this buffer, regardless of whether this * function succeeds or fails. * - * \param key Persistent identifier of the key to be loaded. This - * should be an occupied storage location. - * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX - * value). - * \param[out] policy On success, the key's policy. + * \param[in,out] attributes + * On input, the key identifier field identifies + * the key to load. Other fields are ignored. + * On success, the attribute structure contains + * the key metadata that was loaded from storage. * \param[out] data Pointer to an allocated key data buffer on return. * \param[out] data_length The number of bytes that make up the key data. * @@ -127,9 +124,7 @@ psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_load_persistent_key( psa_key_file_id_t key, - psa_key_type_t *type, - psa_key_policy_t *policy, +psa_status_t psa_load_persistent_key( psa_key_attributes_t *attributes, uint8_t **data, size_t *data_length ); @@ -161,17 +156,15 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); /** * \brief Formats key data and metadata for persistent storage * - * \param[in] data Buffer for the key data. + * \param[in] data Buffer containing the key data. * \param data_length Length of the key data buffer. - * \param type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param policy The key policy. + * \param[in] attributes The attributes of the key. * \param[out] storage_data Output buffer for the formatted data. * */ void psa_format_key_data_for_storage( const uint8_t *data, const size_t data_length, - const psa_key_type_t type, - const psa_key_policy_t *policy, + const psa_key_attributes_t *attributes, uint8_t *storage_data ); /** @@ -183,8 +176,8 @@ void psa_format_key_data_for_storage( const uint8_t *data, * containing the key data. This must be freed * using psa_free_persistent_key_data() * \param[out] key_data_length Length of the key data buffer - * \param[out] type Key type (a \c PSA_KEY_TYPE_XXX value). - * \param[out] policy The key policy. + * \param[out] attributes On success, the attribute structure is filled + * with the loaded key metadata. * * \retval PSA_SUCCESS * \retval PSA_ERROR_INSUFFICIENT_STORAGE @@ -195,8 +188,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, size_t storage_data_length, uint8_t **key_data, size_t *key_data_length, - psa_key_type_t *type, - psa_key_policy_t *policy ); + psa_key_attributes_t *attributes ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** This symbol is defined if transaction support is required. */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index fc1924897..fb9860748 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -33,16 +33,17 @@ void format_storage_data_check( data_t *key_data, { uint8_t *file_data; size_t file_data_length; - psa_key_policy_t key_policy; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - key_policy.usage = (psa_key_usage_t) key_usage; - key_policy.alg = (psa_algorithm_t) key_alg; - key_policy.alg2 = (psa_algorithm_t) key_alg2; + psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags( &attributes, key_usage ); + psa_set_key_algorithm( &attributes, key_alg ); + psa_set_key_enrollment_algorithm( &attributes, key_alg2 ); file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format ); file_data = mbedtls_calloc( 1, file_data_length ); psa_format_key_data_for_storage( key_data->x, key_data->len, - (psa_key_type_t) key_type, &key_policy, + &attributes, file_data ); ASSERT_COMPARE( expected_file_data->x, expected_file_data->len, @@ -62,22 +63,25 @@ void parse_storage_data_check( data_t *file_data, { uint8_t *key_data = NULL; size_t key_data_length = 0; - psa_key_type_t key_type = 0; - psa_key_policy_t key_policy; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; status = psa_parse_key_data_from_storage( file_data->x, file_data->len, &key_data, &key_data_length, - &key_type, &key_policy ); + &attributes ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) goto exit; - TEST_EQUAL( key_type, (psa_key_type_t) expected_key_type ); - TEST_EQUAL( key_policy.usage, (uint32_t) expected_key_usage ); - TEST_EQUAL( key_policy.alg, (uint32_t) expected_key_alg ); - TEST_EQUAL( key_policy.alg2, (uint32_t) expected_key_alg2 ); + TEST_EQUAL( psa_get_key_type( &attributes ), + (psa_key_type_t) expected_key_type ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), + (uint32_t) expected_key_usage ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), + (uint32_t) expected_key_alg ); + TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), + (uint32_t) expected_key_alg2 ); ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, key_data, key_data_length ); From 0e8d495bd9b1f63717ee146070430d32e0f82c27 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 14:46:52 +0200 Subject: [PATCH 1465/2197] Add the lifetime to the key storage format Stored keys must contain lifetime information. The lifetime used to be implied by the location of the key, back when applications supplied the lifetime value when opening the key. Now that all keys' metadata are stored in a central location, this location needs to store the lifetime explicitly. --- library/psa_crypto_storage.c | 3 +++ .../suites/test_suite_psa_crypto_persistent_key.data | 12 ++++++------ .../test_suite_psa_crypto_persistent_key.function | 7 ++++++- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index a35808a61..b8569beb8 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -255,6 +255,7 @@ static psa_status_t psa_crypto_storage_get_data_length( typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; + uint8_t lifetime[sizeof( psa_key_lifetime_t )]; uint8_t type[sizeof( psa_key_type_t )]; uint8_t policy[sizeof( psa_key_policy_t )]; uint8_t data_len[4]; @@ -271,6 +272,7 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); PUT_UINT32_LE( 0, storage_format->version, 0 ); + PUT_UINT32_LE( psa_get_key_lifetime( attributes ), storage_format->lifetime, 0 ); PUT_UINT32_LE( psa_get_key_type( attributes ), storage_format->type, 0 ); PUT_UINT32_LE( psa_get_key_usage_flags( attributes ), storage_format->policy, 0 ); PUT_UINT32_LE( psa_get_key_algorithm( attributes ), storage_format->policy, sizeof( uint32_t ) ); @@ -326,6 +328,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } + GET_UINT32_LE( attributes->lifetime, storage_format->lifetime, 0 ); GET_UINT32_LE( attributes->type, storage_format->type, 0 ); GET_UINT32_LE( attributes->policy.usage, storage_format->policy, 0 ); GET_UINT32_LE( attributes->policy.alg, storage_format->policy, sizeof( uint32_t ) ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index dead13d01..925c0f54a 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,20 +1,20 @@ PSA Storage format data for storage -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN PSA Storage parse stored data -parse_storage_data_check:"505341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS +parse_storage_data_check:"505341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS PSA Storage parse stored data wrong version, should fail -parse_storage_data_check:"505341004b455900ffffffff00000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff0100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse too big data, should fail -parse_storage_data_check:"505341004b4559000000000000000170010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900000000000100000000000170010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse bad magic, should fail -parse_storage_data_check:"645341004b4559000000000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE PSA Storage parse not enough magic, should fail -parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE # Not specific to files, but only run this test in an environment where the maximum size could be reached. Save maximum size persistent raw key diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index fb9860748..b76c7330a 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -12,6 +12,7 @@ typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; + uint8_t lifetime[sizeof( psa_key_lifetime_t )]; uint8_t type[sizeof( psa_key_type_t )]; uint8_t policy[sizeof( psa_key_policy_t )]; uint8_t data_len[4]; @@ -28,13 +29,14 @@ typedef struct { /* BEGIN_CASE */ void format_storage_data_check( data_t *key_data, data_t *expected_file_data, - int key_type, + int key_lifetime, int key_type, int key_usage, int key_alg, int key_alg2 ) { uint8_t *file_data; size_t file_data_length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_lifetime( &attributes, key_lifetime ); psa_set_key_type( &attributes, key_type ); psa_set_key_usage_flags( &attributes, key_usage ); psa_set_key_algorithm( &attributes, key_alg ); @@ -55,6 +57,7 @@ void format_storage_data_check( data_t *key_data, /* BEGIN_CASE */ void parse_storage_data_check( data_t *file_data, data_t *expected_key_data, + int expected_key_lifetime, int expected_key_type, int expected_key_usage, int expected_key_alg, @@ -74,6 +77,8 @@ void parse_storage_data_check( data_t *file_data, if( status != PSA_SUCCESS ) goto exit; + TEST_EQUAL( psa_get_key_lifetime( &attributes ), + (psa_key_type_t) expected_key_lifetime ); TEST_EQUAL( psa_get_key_type( &attributes ), (psa_key_type_t) expected_key_type ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), From 1df83d4f5b0e6c701a13acd7b795aad3313f2a0e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 16:13:14 +0200 Subject: [PATCH 1466/2197] SE keys: implement persistent storage For a key in a secure element, persist the key slot. This is implemented in the nominal case. Failures may not be handled properly. --- library/psa_crypto.c | 41 +++++++++++++------ library/psa_crypto_slot_management.c | 22 +++++++++- .../test_suite_psa_crypto_se_driver_hal.data | 10 ++++- ...st_suite_psa_crypto_se_driver_hal.function | 25 ++++++++++- 4 files changed, 80 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e048e9f2b..84b691196 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1469,20 +1469,30 @@ static psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE ) { uint8_t *buffer = NULL; size_t buffer_size = 0; - size_t length; + size_t length = 0; - buffer_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, - psa_get_key_slot_bits( slot ) ); - buffer = mbedtls_calloc( 1, buffer_size ); - if( buffer == NULL && buffer_size != 0 ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_internal_export_key( slot, - buffer, buffer_size, &length, - 0 ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + buffer = (uint8_t*) &slot->data.se.slot_number; + length = sizeof( slot->data.se.slot_number ); + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + { + buffer_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, + psa_get_key_slot_bits( slot ) ); + buffer = mbedtls_calloc( 1, buffer_size ); + if( buffer == NULL && buffer_size != 0 ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + status = psa_internal_export_key( slot, + buffer, buffer_size, &length, + 0 ); + } if( status == PSA_SUCCESS ) { @@ -1491,9 +1501,14 @@ static psa_status_t psa_finish_key_creation( status = psa_save_persistent_key( &attributes, buffer, length ); } - if( buffer_size != 0 ) - mbedtls_platform_zeroize( buffer, buffer_size ); - mbedtls_free( buffer ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver == NULL ) +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + { + if( buffer_size != 0 ) + mbedtls_platform_zeroize( buffer, buffer_size ); + mbedtls_free( buffer ); + } } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5326fbd6a..6b87ea0b0 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -131,10 +131,28 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) &key_data, &key_data_length ); if( status != PSA_SUCCESS ) goto exit; + p_slot->lifetime = psa_get_key_lifetime( &attributes ); p_slot->type = psa_get_key_type( &attributes ); p_slot->policy = attributes.policy; - status = psa_import_key_into_slot( p_slot, - key_data, key_data_length ); + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_key_lifetime_is_external( p_slot->lifetime ) ) + { + if( key_data_length != sizeof( p_slot->data.se.slot_number ) ) + { + status = PSA_ERROR_STORAGE_FAILURE; + goto exit; + } + memcpy( &p_slot->data.se.slot_number, key_data, + sizeof( p_slot->data.se.slot_number ) ); + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + { + status = psa_import_key_into_slot( p_slot, + key_data, key_data_length ); + } + exit: psa_free_persistent_key_data( key_data, key_data_length ); return( status ); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 28c7d7583..cb21ab549 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -28,7 +28,13 @@ Register SE driver: maximum number of drivers register_max: Key creation smoke test (p_allocate allows all slots) -key_creation_import_export:0 +key_creation_import_export:0:0 Key creation smoke test (p_allocate allows 1 slot) -key_creation_import_export:ARRAY_LENGTH( ram_slots ) - 1 +key_creation_import_export:ARRAY_LENGTH( ram_slots ) - 1:0 + +Key creation smoke test, check after restart (slot 0) +key_creation_import_export:0:1 + +Key creation smoke test, check after restart (slot 3) +key_creation_import_export:3:1 diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 2e2a6480f..5a2ebe71b 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -3,6 +3,7 @@ #include "psa/crypto_se_driver.h" #include "psa_crypto_se.h" +#include "psa_crypto_storage.h" /** The minimum valid lifetime value for a secure element driver. */ #define MIN_DRIVER_LIFETIME 2 @@ -115,6 +116,18 @@ psa_status_t ram_allocate( psa_drv_se_context_t *context, return( PSA_ERROR_INSUFFICIENT_STORAGE ); } +#define MAX_KEY_ID_FOR_TEST 10 +void psa_purge_storage( void ) +{ + psa_key_id_t i; + /* The tests may have potentially created key ids from 1 to + * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id + * 0, which file-based storage uses as a temporary file. */ + for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ ) + psa_destroy_persistent_key( i ); + psa_crypto_stop_transaction( ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -188,7 +201,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void key_creation_import_export( int min_slot ) +void key_creation_import_export( int min_slot, int restart ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -223,6 +236,15 @@ void key_creation_import_export( int min_slot ) key_material, sizeof( key_material ), &handle ) ); + /* Maybe restart, to check that the information is saved correctly. */ + if( restart ) + { + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); + } + /* Test that the key was created in the expected slot. */ TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA ); @@ -240,5 +262,6 @@ void key_creation_import_export( int min_slot ) exit: PSA_DONE( ); ram_slots_reset( ); + psa_purge_storage( ); } /* END_CASE */ From 8b96cad20483554ff3d7825d8c94807bdd2ce3ca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 17:38:08 +0200 Subject: [PATCH 1467/2197] SE drivers: implement persistent storage Store the persistent data of secure element drivers. This is fully implemented, but not at all tested. --- library/psa_crypto_se.c | 58 ++++++++++++++++--- library/psa_crypto_se.h | 33 +++++++++++ ...st_suite_psa_crypto_se_driver_hal.function | 11 +++- 3 files changed, 92 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 7287ac0d7..bae44fa04 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -35,6 +35,13 @@ #include "psa_crypto_se.h" +#if defined(MBEDTLS_PSA_ITS_FILE_C) +#include "psa_crypto_its.h" +#else /* Native ITS implementation */ +#include "psa/error.h" +#include "psa/internal_trusted_storage.h" +#endif + #include "mbedtls/platform.h" #if !defined(MBEDTLS_PLATFORM_C) #define mbedtls_calloc calloc @@ -114,20 +121,52 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime, /* Persistent data management */ /****************************************************************/ +static psa_status_t psa_get_se_driver_its_file_uid( + const psa_se_drv_table_entry_t *driver, + psa_storage_uid_t *uid ) +{ + if( driver->lifetime > PSA_MAX_SE_LIFETIME ) + return( PSA_ERROR_NOT_SUPPORTED ); + *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->lifetime; + return( PSA_SUCCESS ); +} + psa_status_t psa_load_se_persistent_data( const psa_se_drv_table_entry_t *driver ) { - /*TODO*/ - (void) driver; - return( PSA_SUCCESS ); + psa_status_t status; + psa_storage_uid_t uid; + + status = psa_get_se_driver_its_file_uid( driver, &uid ); + if( status != PSA_SUCCESS ) + return( status ); + + return( psa_its_get( uid, 0, driver->internal.persistent_data_size, + driver->internal.persistent_data ) ); } psa_status_t psa_save_se_persistent_data( const psa_se_drv_table_entry_t *driver ) { - /*TODO*/ - (void) driver; - return( PSA_SUCCESS ); + psa_status_t status; + psa_storage_uid_t uid; + + status = psa_get_se_driver_its_file_uid( driver, &uid ); + if( status != PSA_SUCCESS ) + return( status ); + + return( psa_its_set( uid, driver->internal.persistent_data_size, + driver->internal.persistent_data, + 0 ) ); +} + +psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime ) +{ + psa_storage_uid_t uid; + if( lifetime > PSA_MAX_SE_LIFETIME ) + return( PSA_ERROR_NOT_SUPPORTED ); + uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime; + return( psa_its_remove( uid ) ); } psa_status_t psa_find_se_slot_for_key( @@ -201,6 +240,8 @@ psa_status_t psa_register_se_driver( { return( PSA_ERROR_INVALID_ARGUMENT ); } + if( lifetime > PSA_MAX_SE_LIFETIME ) + return( PSA_ERROR_NOT_SUPPORTED ); for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) { @@ -227,8 +268,11 @@ psa_status_t psa_register_se_driver( status = PSA_ERROR_INSUFFICIENT_MEMORY; goto error; } + /* Load the driver's persistent data. On first use, the persistent + * data does not exist in storage, and is initialized to + * all-bits-zero by the calloc call just above. */ status = psa_load_se_persistent_data( &driver_table[i] ); - if( status != PSA_SUCCESS ) + if( status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST ) goto error; } driver_table[i].internal.persistent_data_size = diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index f1d7e7c36..08e658cdd 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -31,6 +31,30 @@ #include "psa/crypto.h" #include "psa/crypto_se_driver.h" +/** The maximum lifetime value that this implementation supports + * for a secure element. + * + * This is not a characteristic that each PSA implementation has, but a + * limitation of the current implementation due to the constraints imposed + * by storage. See #PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. + * + * The minimum lifetime value for a secure element is 2, like on any + * PSA implementation (0=volatile and 1=internal-storage are taken). + */ +#define PSA_MAX_SE_LIFETIME 255 + +/** The base of the range of ITS file identifiers for secure element + * driver persistent data. + * + * We use a slice of the implemenation reserved range 0xffff0000..0xffffffff, + * specifically the range 0xfffffe00..0xfffffeff. The length of this range + * drives the value of #PSA_MAX_SE_LIFETIME. + * The identifiers 0xfffffe00 and 0xfffffe01 are actually not used since + * they correspond to #PSA_KEY_LIFETIME_VOLATILE and + * #PSA_KEY_LIFETIME_PERSISTENT which don't have a driver. + */ +#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 ) + /** The maximum number of registered secure element driver lifetimes. */ #define PSA_MAX_SE_DRIVERS 4 @@ -138,4 +162,13 @@ psa_status_t psa_load_se_persistent_data( psa_status_t psa_save_se_persistent_data( const psa_se_drv_table_entry_t *driver ); +/** Destroy the persistent data of a secure element driver. + * + * This is currently only used for testing. + * + * \param[in] lifetime The driver lifetime whose persistent data should + * be erased. + */ +psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime ); + #endif /* PSA_CRYPTO_SE_H */ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 5a2ebe71b..010f69684 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -119,13 +119,18 @@ psa_status_t ram_allocate( psa_drv_se_context_t *context, #define MAX_KEY_ID_FOR_TEST 10 void psa_purge_storage( void ) { - psa_key_id_t i; + psa_key_id_t id; + psa_key_lifetime_t lifetime; /* The tests may have potentially created key ids from 1 to * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id * 0, which file-based storage uses as a temporary file. */ - for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ ) - psa_destroy_persistent_key( i ); + for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ ) + psa_destroy_persistent_key( id ); + /* Purge the transaction file. */ psa_crypto_stop_transaction( ); + /* Purge driver persistent data. */ + for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ ) + psa_destroy_se_persistent_data( lifetime ); } /* END_HEADER */ From 1d04b05fae0fc7f475aa6e17eaeb4b61a16f3125 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 17:38:41 +0200 Subject: [PATCH 1468/2197] Dear check-names, where you accept struct, also accept union. --- tests/scripts/list-identifiers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index eaf270c7a..4828c80eb 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -41,7 +41,7 @@ rm -f identifiers grep '^[^ /#{]' $HEADERS | \ sed -e 's/^[^:]*://' | \ - egrep -v '^(extern "C"|(typedef )?(struct|enum)( {)?$|};?$)' \ + egrep -v '^(extern "C"|(typedef )?(struct|union|enum)( {)?$|};?$)' \ > _decls if true; then From bda5a211122fdb03b20b80ad33e407cb23c15cda Mon Sep 17 00:00:00 2001 From: Simon D Hughes Date: Wed, 10 Jul 2019 16:34:21 +0100 Subject: [PATCH 1469/2197] Add psa_trusted_storage_linux persistent storage support for v1.0.0 APIs The following provides more information on this PR: - PSA stands for Platform Security Architecture. - Add support for use of psa_trusted_storage_api internal_trusted_storage.h v1.0.0 as the interface to the psa_trusted_storage_linux backend (i.e. for persistent storage when MBEDTLS_PSA_ITS_FILE_C is not defined). This requires changes to psa_crypto_its.h and psa_crypto_storage.c to migrate to the new API. --- library/psa_crypto_its.h | 4 ++- library/psa_crypto_storage.c | 5 +++- library/psa_its_file.c | 7 +++++- tests/suites/test_suite_psa_its.function | 31 ++++++++++++++---------- 4 files changed, 31 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h index 44d51982a..380978760 100644 --- a/library/psa_crypto_its.h +++ b/library/psa_crypto_its.h @@ -91,6 +91,7 @@ psa_status_t psa_its_set(psa_storage_uid_t uid, * \param[in] data_offset The starting offset of the data requested * \param[in] data_length the amount of data requested (and the minimum allocated size of the `p_data` buffer) * \param[out] p_data The buffer where the data will be placed upon successful completion + * \param[out] p_data_length The amount of data returned in the p_data buffer * * * \return A status indicating the success/failure of the operation @@ -106,7 +107,8 @@ psa_status_t psa_its_set(psa_storage_uid_t uid, psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, - void *p_data); + void *p_data, + size_t *p_data_length ); /** * \brief Retrieve the metadata about the provided uid diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index babc5bb95..3c33c1def 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -96,12 +96,15 @@ static psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, psa_status_t status; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_storage_info_t data_identifier_info; + size_t data_length = 0; status = psa_its_get_info( data_identifier, &data_identifier_info ); if( status != PSA_SUCCESS ) return( status ); - status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data ); + status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data, &data_length ); + if( data_size != data_length ) + return( PSA_ERROR_STORAGE_FAILURE ); return( status ); } diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 8cdf783a7..05ca8afc7 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -44,7 +44,9 @@ #include #include +#if !defined(PSA_ITS_STORAGE_PREFIX) #define PSA_ITS_STORAGE_PREFIX "" +#endif #define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx" #define PSA_ITS_STORAGE_SUFFIX ".psa_its" @@ -137,7 +139,8 @@ psa_status_t psa_its_get_info( psa_storage_uid_t uid, psa_status_t psa_its_get( psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, - void *p_data ) + void *p_data, + size_t *p_data_length ) { psa_status_t status; FILE *stream = NULL; @@ -172,6 +175,8 @@ psa_status_t psa_its_get( psa_storage_uid_t uid, if( n != data_length ) goto exit; status = PSA_SUCCESS; + if( p_data_length != NULL ) + *p_data_length = n; exit: if( stream != NULL ) diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function index 867f64f6b..2266b900c 100644 --- a/tests/suites/test_suite_psa_its.function +++ b/tests/suites/test_suite_psa_its.function @@ -69,6 +69,7 @@ void set_get_remove( int uid_arg, int flags_arg, data_t *data ) uint32_t flags = flags_arg; struct psa_storage_info_t info; unsigned char *buffer = NULL; + size_t ret_len = 0; ASSERT_ALLOC( buffer, data->len ); @@ -77,8 +78,8 @@ void set_get_remove( int uid_arg, int flags_arg, data_t *data ) PSA_ASSERT( psa_its_get_info( uid, &info ) ); TEST_ASSERT( info.size == data->len ); TEST_ASSERT( info.flags == flags ); - PSA_ASSERT( psa_its_get( uid, 0, data->len, buffer ) ); - ASSERT_COMPARE( data->x, data->len, buffer, data->len ); + PSA_ASSERT( psa_its_get( uid, 0, data->len, buffer, &ret_len ) ); + ASSERT_COMPARE( data->x, data->len, buffer, ret_len ); PSA_ASSERT( psa_its_remove( uid ) ); @@ -98,6 +99,7 @@ void set_overwrite( int uid_arg, uint32_t flags2 = flags2_arg; struct psa_storage_info_t info; unsigned char *buffer = NULL; + size_t ret_len = 0; ASSERT_ALLOC( buffer, MAX( data1->len, data2->len ) ); @@ -105,15 +107,16 @@ void set_overwrite( int uid_arg, PSA_ASSERT( psa_its_get_info( uid, &info ) ); TEST_ASSERT( info.size == data1->len ); TEST_ASSERT( info.flags == flags1 ); - PSA_ASSERT( psa_its_get( uid, 0, data1->len, buffer ) ); - ASSERT_COMPARE( data1->x, data1->len, buffer, data1->len ); + PSA_ASSERT( psa_its_get( uid, 0, data1->len, buffer, &ret_len ) ); + ASSERT_COMPARE( data1->x, data1->len, buffer, ret_len ); PSA_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) ); PSA_ASSERT( psa_its_get_info( uid, &info ) ); TEST_ASSERT( info.size == data2->len ); TEST_ASSERT( info.flags == flags2 ); - PSA_ASSERT( psa_its_get( uid, 0, data2->len, buffer ) ); - ASSERT_COMPARE( data2->x, data2->len, buffer, data2->len ); + ret_len = 0; + PSA_ASSERT( psa_its_get( uid, 0, data2->len, buffer, &ret_len ) ); + ASSERT_COMPARE( data2->x, data2->len, buffer, ret_len ); PSA_ASSERT( psa_its_remove( uid ) ); @@ -130,6 +133,7 @@ void set_multiple( int first_id, int count ) psa_storage_uid_t uid; char stored[40]; char retrieved[40]; + size_t ret_len = 0; memset( stored, '.', sizeof( stored ) ); for( uid = uid0; uid < uid0 + count; uid++ ) @@ -143,11 +147,11 @@ void set_multiple( int first_id, int count ) { mbedtls_snprintf( stored, sizeof( stored ), "Content of file 0x%08lx", (unsigned long) uid ); - PSA_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved ) ); - ASSERT_COMPARE( retrieved, sizeof( stored ), + PSA_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved, &ret_len ) ); + ASSERT_COMPARE( retrieved, ret_len, stored, sizeof( stored ) ); PSA_ASSERT( psa_its_remove( uid ) ); - TEST_ASSERT( psa_its_get( uid, 0, 0, NULL ) == + TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) == PSA_ERROR_DOES_NOT_EXIST ); } @@ -171,7 +175,7 @@ void nonexistent( int uid_arg, int create_and_remove ) TEST_ASSERT( psa_its_remove( uid ) == PSA_ERROR_DOES_NOT_EXIST ); TEST_ASSERT( psa_its_get_info( uid, &info ) == PSA_ERROR_DOES_NOT_EXIST ); - TEST_ASSERT( psa_its_get( uid, 0, 0, NULL ) == + TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) == PSA_ERROR_DOES_NOT_EXIST ); exit: @@ -190,6 +194,7 @@ void get_at( int uid_arg, data_t *data, size_t length = length_arg >= 0 ? length_arg : 0; unsigned char *trailer; size_t i; + size_t ret_len = 0; ASSERT_ALLOC( buffer, length + 16 ); trailer = buffer + length; @@ -197,11 +202,11 @@ void get_at( int uid_arg, data_t *data, PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); - status = psa_its_get( uid, offset, length_arg, buffer ); + status = psa_its_get( uid, offset, length_arg, buffer, &ret_len ); TEST_ASSERT( status == (psa_status_t) expected_status ); if( status == PSA_SUCCESS ) - ASSERT_COMPARE( data->x + offset, length, - buffer, length ); + ASSERT_COMPARE( data->x + offset, (size_t) length_arg, + buffer, ret_len ); for( i = 0; i < 16; i++ ) TEST_ASSERT( trailer[i] == '-' ); PSA_ASSERT( psa_its_remove( uid ) ); From 9dd125d8bb2d84853ac771cacba2cd1e66a8f8e2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 18:26:43 +0200 Subject: [PATCH 1470/2197] Fix overly complex Doxygen markup --- include/psa/crypto_se_driver.h | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index e7fe00671..3f3d7ca8d 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -63,9 +63,8 @@ typedef struct { * like a pointer returned by `malloc` (but the core can use any * method to allocate the buffer, not necessarily `malloc`). * - * The size of this buffer is given by psa_drv_se_t::persistent_data_size - * when the driver is registered, and this value is also recorded in the - * psa_drv_se_context_t::persistent_data_size field of this structure. + * The size of this buffer is in the \c persistent_data_size field of + * this structure. * * Before the driver is initialized for the first time, the content of * the persistent data is all-bits-zero. After a driver upgrade, if the @@ -81,8 +80,8 @@ typedef struct { /** The size of \c persistent_data in bytes. * - * This is always equal to the value of - * psa_drv_se_t::persistent_data_size when the driver is registered. + * This is always equal to the value of the `persistent_data_size` field + * of the ::psa_drv_se_t structure when the driver is registered. */ const size_t persistent_data_size; @@ -902,7 +901,7 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_contex * \brief A function that generates a symmetric or asymmetric key on a secure * element * - * If \p type is asymmetric (`#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) == 1`), + * If \p type is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) = 1), * the public component of the generated key will be placed in `p_pubkey_out`. * The format of the public key information will match the format specified for * the psa_export_key() function for the key type. From 105f67f0fa050315aaaec650b35a9f36c1b5ec93 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 18:16:05 +0200 Subject: [PATCH 1471/2197] Move the definition of psa_key_attributes_t to crypto_types.h psa_key_attributes_t is used in the SE driver HAL, so it must be defined in a common header, not in the API-only header crypto.h. --- include/psa/crypto.h | 109 +------------------------------ include/psa/crypto_se_driver.h | 4 -- include/psa/crypto_types.h | 113 +++++++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+), 112 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3036d17b4..ea7d18d2b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -93,117 +93,10 @@ psa_status_t psa_crypto_init(void); /**@}*/ -/** \defgroup attributes Key attributes +/** \addtogroup attributes * @{ */ -/** The type of a structure containing key attributes. - * - * This is an opaque structure that can represent the metadata of a key - * object. Metadata that can be stored in attributes includes: - * - The location of the key in storage, indicated by its key identifier - * and its lifetime. - * - The key's policy, comprising usage flags and a specification of - * the permitted algorithm(s). - * - Information about the key itself: the key type and its size. - * - Implementations may define additional attributes. - * - * The actual key material is not considered an attribute of a key. - * Key attributes do not contain information that is generally considered - * highly confidential. - * - * An attribute structure can be a simple data structure where each function - * `psa_set_key_xxx` sets a field and the corresponding function - * `psa_get_key_xxx` retrieves the value of the corresponding field. - * However, implementations may report values that are equivalent to the - * original one, but have a different encoding. For example, an - * implementation may use a more compact representation for types where - * many bit-patterns are invalid or not supported, and store all values - * that it does not support as a special marker value. In such an - * implementation, after setting an invalid value, the corresponding - * get function returns an invalid value which may not be the one that - * was originally stored. - * - * An attribute structure may contain references to auxiliary resources, - * for example pointers to allocated memory or indirect references to - * pre-calculated values. In order to free such resources, the application - * must call psa_reset_key_attributes(). As an exception, calling - * psa_reset_key_attributes() on an attribute structure is optional if - * the structure has only been modified by the following functions - * since it was initialized or last reset with psa_reset_key_attributes(): - * - psa_set_key_id() - * - psa_set_key_lifetime() - * - psa_set_key_type() - * - psa_set_key_bits() - * - psa_set_key_usage_flags() - * - psa_set_key_algorithm() - * - * Before calling any function on a key attribute structure, the application - * must initialize it by any of the following means: - * - Set the structure to all-bits-zero, for example: - * \code - * psa_key_attributes_t attributes; - * memset(&attributes, 0, sizeof(attributes)); - * \endcode - * - Initialize the structure to logical zero values, for example: - * \code - * psa_key_attributes_t attributes = {0}; - * \endcode - * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT, - * for example: - * \code - * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - * \endcode - * - Assign the result of the function psa_key_attributes_init() - * to the structure, for example: - * \code - * psa_key_attributes_t attributes; - * attributes = psa_key_attributes_init(); - * \endcode - * - * A freshly initialized attribute structure contains the following - * values: - * - * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. - * - key identifier: unspecified. - * - type: \c 0. - * - key size: \c 0. - * - usage flags: \c 0. - * - algorithm: \c 0. - * - * A typical sequence to create a key is as follows: - * -# Create and initialize an attribute structure. - * -# If the key is persistent, call psa_set_key_id(). - * Also call psa_set_key_lifetime() to place the key in a non-default - * location. - * -# Set the key policy with psa_set_key_usage_flags() and - * psa_set_key_algorithm(). - * -# Set the key type with psa_set_key_type(). - * Skip this step if copying an existing key with psa_copy_key(). - * -# When generating a random key with psa_generate_key() or deriving a key - * with psa_key_derivation_output_key(), set the desired key size with - * psa_set_key_bits(). - * -# Call a key creation function: psa_import_key(), psa_generate_key(), - * psa_key_derivation_output_key() or psa_copy_key(). This function reads - * the attribute structure, creates a key with these attributes, and - * outputs a handle to the newly created key. - * -# The attribute structure is now no longer necessary. - * You may call psa_reset_key_attributes(), although this is optional - * with the workflow presented here because the attributes currently - * defined in this specification do not require any additional resources - * beyond the structure itself. - * - * A typical sequence to query a key's attributes is as follows: - * -# Call psa_get_key_attributes(). - * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that - * you are interested in. - * -# Call psa_reset_key_attributes() to free any resources that may be - * used by the attribute structure. - * - * Once a key has been created, it is impossible to change its attributes. - */ -typedef struct psa_key_attributes_s psa_key_attributes_t; - /** \def PSA_KEY_ATTRIBUTES_INIT * * This macro returns a suitable initializer for a key attribute structure diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 3f3d7ca8d..57d077c2e 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -782,10 +782,6 @@ typedef struct { */ /**@{*/ -/* This type is documented in crypto.h. As far as drivers are concerned, - * this is an opaque type. */ -typedef struct psa_key_attributes_s psa_key_attributes_t; - /** \brief A function that allocates a slot for a key. * * \param[in,out] drv_context The driver context structure. diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 7f0f38cdd..1944be4b2 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -133,6 +133,119 @@ typedef uint32_t psa_key_usage_t; /**@}*/ +/** \defgroup attributes Key attributes + * @{ + */ + +/** The type of a structure containing key attributes. + * + * This is an opaque structure that can represent the metadata of a key + * object. Metadata that can be stored in attributes includes: + * - The location of the key in storage, indicated by its key identifier + * and its lifetime. + * - The key's policy, comprising usage flags and a specification of + * the permitted algorithm(s). + * - Information about the key itself: the key type and its size. + * - Implementations may define additional attributes. + * + * The actual key material is not considered an attribute of a key. + * Key attributes do not contain information that is generally considered + * highly confidential. + * + * An attribute structure can be a simple data structure where each function + * `psa_set_key_xxx` sets a field and the corresponding function + * `psa_get_key_xxx` retrieves the value of the corresponding field. + * However, implementations may report values that are equivalent to the + * original one, but have a different encoding. For example, an + * implementation may use a more compact representation for types where + * many bit-patterns are invalid or not supported, and store all values + * that it does not support as a special marker value. In such an + * implementation, after setting an invalid value, the corresponding + * get function returns an invalid value which may not be the one that + * was originally stored. + * + * An attribute structure may contain references to auxiliary resources, + * for example pointers to allocated memory or indirect references to + * pre-calculated values. In order to free such resources, the application + * must call psa_reset_key_attributes(). As an exception, calling + * psa_reset_key_attributes() on an attribute structure is optional if + * the structure has only been modified by the following functions + * since it was initialized or last reset with psa_reset_key_attributes(): + * - psa_set_key_id() + * - psa_set_key_lifetime() + * - psa_set_key_type() + * - psa_set_key_bits() + * - psa_set_key_usage_flags() + * - psa_set_key_algorithm() + * + * Before calling any function on a key attribute structure, the application + * must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_key_attributes_t attributes; + * memset(&attributes, 0, sizeof(attributes)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_key_attributes_t attributes = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_KEY_ATTRIBUTES_INIT, + * for example: + * \code + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * \endcode + * - Assign the result of the function psa_key_attributes_init() + * to the structure, for example: + * \code + * psa_key_attributes_t attributes; + * attributes = psa_key_attributes_init(); + * \endcode + * + * A freshly initialized attribute structure contains the following + * values: + * + * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. + * - key identifier: unspecified. + * - type: \c 0. + * - key size: \c 0. + * - usage flags: \c 0. + * - algorithm: \c 0. + * + * A typical sequence to create a key is as follows: + * -# Create and initialize an attribute structure. + * -# If the key is persistent, call psa_set_key_id(). + * Also call psa_set_key_lifetime() to place the key in a non-default + * location. + * -# Set the key policy with psa_set_key_usage_flags() and + * psa_set_key_algorithm(). + * -# Set the key type with psa_set_key_type(). + * Skip this step if copying an existing key with psa_copy_key(). + * -# When generating a random key with psa_generate_key() or deriving a key + * with psa_key_derivation_output_key(), set the desired key size with + * psa_set_key_bits(). + * -# Call a key creation function: psa_import_key(), psa_generate_key(), + * psa_key_derivation_output_key() or psa_copy_key(). This function reads + * the attribute structure, creates a key with these attributes, and + * outputs a handle to the newly created key. + * -# The attribute structure is now no longer necessary. + * You may call psa_reset_key_attributes(), although this is optional + * with the workflow presented here because the attributes currently + * defined in this specification do not require any additional resources + * beyond the structure itself. + * + * A typical sequence to query a key's attributes is as follows: + * -# Call psa_get_key_attributes(). + * -# Call `psa_get_key_xxx` functions to retrieve the attribute(s) that + * you are interested in. + * -# Call psa_reset_key_attributes() to free any resources that may be + * used by the attribute structure. + * + * Once a key has been created, it is impossible to change its attributes. + */ +typedef struct psa_key_attributes_s psa_key_attributes_t; + +/**@}*/ + /** \defgroup derivation Key derivation * @{ */ From 831ac72338d16ce8b9ee0a299db81b12f322cc1d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 19:29:35 +0200 Subject: [PATCH 1472/2197] Add transaction file and driver storage; new key file format Update the storage architecture with the new features introduced for secure element support: * Lifetime field in key files. * Slot number in key files for keys in a secure element. * Transaction file (name and format). * Persistent storage for secure element drivers (name and format). The version number is not determined yet. --- .../mbed-crypto-storage-specification.md | 89 +++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index f4abd3e70..2c3119fbd 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -193,3 +193,92 @@ The layout of a key file is: * key material length (4 bytes) * key material: output of `psa_export_key` * Any trailing data is rejected on load. + +Mbed Crypto TBD +--------------- + +Tags: TBD + +Released in TBD 2019.
+Integrated in Mbed OS TBD. + +### Changes introduced in TBD + +* The layout of a key file now has a lifetime field before the type field. +* Key files can store references to keys in a secure element. In such key files, the key material contains the slot number. + +### File namespace on a PSA platform on TBD + +Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +Assumption: the owner identifier is a nonzero value of type `int32_t`. + +* Files 0 through 0xfffeffff: unused. +* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tbd). +* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). The upper 32 bits determine the owner. + +### File namespace on ITS as a library on TBD + +Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +This is a library integration, so there is no owner. The key file identifier is identical to the key identifier. + +* File 0: unused. +* Files 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file identifier](#key-names-for-1.0.0). +* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tbd). +* Files 0x100000000 through 0xffffffffffffffff: unused. + +### Non-key files on TBD + +File identifiers in the range 0xffff0000 through 0xffffffff are reserved for internal use in Mbed Crypto. + +* Files 0xfffffe02 through 0xfffffeff (`PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): secure element driver storage. The content of the file is the secure element driver's persistent data. +* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0). +* File 0xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-tbd). +* Other files are unused and reserved for future use. + +### Key file format for TBD + +All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated. + +The layout of a key file is: + +* magic (8 bytes): `"PSA\0KEY\0"`. +* version (4 bytes): 0. +* lifetime (4 bytes): `psa_key_lifetime_t` value. +* type (4 bytes): `psa_key_type_t` value. +* policy usage flags (4 bytes): `psa_key_usage_t` value. +* policy usage algorithm (4 bytes): `psa_algorithm_t` value. +* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value. +* key material length (4 bytes). +* key material: + * For a transparent key: output of `psa_export_key`. + * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness. +* Any trailing data is rejected on load. + +### Transaction file format for TBD + +The transaction file contains data about an ongoing action that cannot be completed atomically. It exists only if there is an ongoing transaction. + +All integers are encoded in platform endianness. + +All currently existing transactions concern a key in a secure element. + +The layout of a transaction file is: + +* type (2 bytes): the [transaction type](#transaction-types-on-tbd). +* unused (2 bytes) +* lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element. +* slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element driver. +* key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal representation of the key identifier. On a PSA platform, this encodes the key owner in the same way as [in file identifiers for key files](#file-namespace-on-a-psa-platform-on-tbd)). + +#### Transaction types on TBD + +* 0x0001: key creation. The following locations may or may not contain data about the key that is being created: + * The slot in the secure element designated by the slot number. + * The file containing the key metadata designated by the key identifier. + * The driver persistent data. +* 0x0002: key destruction. The following locations may or may not still contain data about the key that is being destroyed: + * The slot in the secure element designated by the slot number. + * The file containing the key metadata designated by the key identifier. + * The driver persistent data. From 573bbc1b4e744080fb9735e5e7c30298cd9b31b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jul 2019 19:59:23 +0200 Subject: [PATCH 1473/2197] Error out if a driver tries to store more than ITS can handle Cast explicitly for the sake of MSVC which otherwise (usefully!) warns about the truncation. --- library/psa_crypto_se.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index bae44fa04..714a03904 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -127,6 +127,13 @@ static psa_status_t psa_get_se_driver_its_file_uid( { if( driver->lifetime > PSA_MAX_SE_LIFETIME ) return( PSA_ERROR_NOT_SUPPORTED ); + +#if SIZE_MAX > UINT32_MAX + /* ITS file sizes are limited to 32 bits. */ + if( driver->internal.persistent_data_size > UINT32_MAX ) + return( PSA_ERROR_NOT_SUPPORTED ); +#endif + *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->lifetime; return( PSA_SUCCESS ); } @@ -141,7 +148,8 @@ psa_status_t psa_load_se_persistent_data( if( status != PSA_SUCCESS ) return( status ); - return( psa_its_get( uid, 0, driver->internal.persistent_data_size, + return( psa_its_get( uid, 0, + (uint32_t) driver->internal.persistent_data_size, driver->internal.persistent_data ) ); } @@ -155,7 +163,8 @@ psa_status_t psa_save_se_persistent_data( if( status != PSA_SUCCESS ) return( status ); - return( psa_its_set( uid, driver->internal.persistent_data_size, + return( psa_its_set( uid, + (uint32_t) driver->internal.persistent_data_size, driver->internal.persistent_data, 0 ) ); } From 7e367659452a871086be1c77d386610808bc6656 Mon Sep 17 00:00:00 2001 From: Moshe Shahar Date: Mon, 15 Jul 2019 15:50:19 +0300 Subject: [PATCH 1474/2197] Add CMake option for explicitly link library to trusted_storage (#2) option name: LINK_WITH_TRUSTED_STORAGE default value: ON --- library/CMakeLists.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6b2a8508a..cbbaf06fa 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -1,6 +1,7 @@ option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." ON) # Set the project root directory if it's not already defined, as may happen if # the library folder is included directly by a parent project, without @@ -125,6 +126,10 @@ if(LINK_WITH_PTHREAD) set(libs ${libs} pthread) endif() +if(LINK_WITH_TRUSTED_STORAGE) + set(libs ${libs} trusted_storage) +endif() + if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) message(FATAL_ERROR "Need to choose static or shared mbedtls build!") endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) From 6763fe4a12f4c97daba9e70ecb0fb6a007228077 Mon Sep 17 00:00:00 2001 From: Moshe Shahar Date: Wed, 24 Jul 2019 14:19:35 +0300 Subject: [PATCH 1475/2197] Change LINK_WITH_TRUSTED_STORAGE option to OFF --- library/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index cbbaf06fa..f46cb4c51 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -1,7 +1,7 @@ option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) -option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." ON) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF) # Set the project root directory if it's not already defined, as may happen if # the library folder is included directly by a parent project, without From 28f8f3068f97bb3c23c4f4aebc47abe094b12f81 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 13:30:31 +0200 Subject: [PATCH 1476/2197] SE keys: ensure that functions that lack support properly error out Introduce a new function psa_get_transparent_key which returns NOT_SUPPORTED if the key is in a secure element. Use this function in functions that don't support keys in a secure element. After this commit, all functions that access a key slot directly via psa_get_key_slot or psa_get_key_from_slot rather than via psa_get_transparent_key have at least enough support for secure elements not to crash or otherwise cause undefined behavior. Lesser bad behavior such as wrong results or resource leakage is still possible in error cases. --- library/psa_crypto.c | 59 ++++++++++++++++++++++++++++++++++---------- 1 file changed, 46 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84b691196..5fcf0ac86 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -871,6 +871,39 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, return( PSA_SUCCESS ); } +/** Retrieve a slot which must contain a transparent key. + * + * A transparent key is a key for which the key material is directly + * available, as opposed to a key in a secure element. + * + * This is a temporary function until secure element support is + * fully implemented. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, + psa_key_slot_t **p_slot, + psa_key_usage_t usage, + psa_algorithm_t alg ) +{ + psa_status_t status = psa_get_key_from_slot( handle, p_slot, usage, alg ); + if( status != PSA_SUCCESS ) + return( status ); + /* Use a simple, cheap test to check whether the key is transparent. + * This check assumes that there are no persistent lifetimes other than + * PSA_KEY_LIFETIME_PERSISTENT. */ + if( ( *p_slot )->lifetime > PSA_KEY_LIFETIME_PERSISTENT ) + { + *p_slot = NULL; + return( PSA_ERROR_NOT_SUPPORTED ); + } + return( PSA_SUCCESS ); +} +#else /* MBEDTLS_PSA_CRYPTO_SE_C */ +/* With no secure element support, all keys are transparent. */ +#define psa_get_transparent_key( handle, p_slot, usage, alg ) \ + psa_get_key_from_slot( handle, p_slot, usage, alg ) +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + /** Wipe key data from a slot. Preserve metadata such as the policy. */ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { @@ -1124,7 +1157,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, psa_reset_key_attributes( attributes ); - status = psa_get_key_slot( handle, &slot ); + status = psa_get_transparent_key( handle, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); @@ -1704,7 +1737,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, psa_key_attributes_t actual_attributes = *specified_attributes; psa_se_drv_table_entry_t *driver = NULL; - status = psa_get_key_from_slot( source_handle, &source_slot, + status = psa_get_transparent_key( source_handle, &source_slot, PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) goto exit; @@ -2485,7 +2518,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, if( is_sign ) operation->is_sign = 1; - status = psa_get_key_from_slot( handle, &slot, usage, alg ); + status = psa_get_transparent_key( handle, &slot, usage, alg ); if( status != PSA_SUCCESS ) goto exit; key_bits = psa_get_key_slot_bits( slot ); @@ -3064,7 +3097,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, *signature_length = signature_size; - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) @@ -3137,7 +3170,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, psa_key_slot_t *slot; psa_status_t status; - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -3207,7 +3240,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || @@ -3287,7 +3320,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg ); + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) @@ -3396,7 +3429,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - status = psa_get_key_from_slot( handle, &slot, usage, alg); + status = psa_get_transparent_key( handle, &slot, usage, alg); if( status != PSA_SUCCESS ) goto exit; key_bits = psa_get_key_slot_bits( slot ); @@ -3733,7 +3766,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, size_t key_bits; mbedtls_cipher_id_t cipher_id; - status = psa_get_key_from_slot( handle, &operation->slot, usage, alg ); + status = psa_get_transparent_key( handle, &operation->slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -4908,7 +4941,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DERIVE, alg ); + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DERIVE, alg ); if( status != PSA_SUCCESS ) return( status ); @@ -5282,7 +5315,7 @@ psa_status_t psa_key_derivation_input_key( { psa_key_slot_t *slot; psa_status_t status; - status = psa_get_key_from_slot( handle, &slot, + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) @@ -5431,7 +5464,7 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o psa_status_t status; if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_key_from_slot( private_key, &slot, + status = psa_get_transparent_key( private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) return( status ); @@ -5459,7 +5492,7 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_key_from_slot( private_key, &slot, + status = psa_get_transparent_key( private_key, &slot, PSA_KEY_USAGE_DERIVE, alg ); if( status != PSA_SUCCESS ) goto exit; From 89870eb1238159abaaec84bc8a01f06a463a6639 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 13:44:03 +0200 Subject: [PATCH 1477/2197] Cosmetic improvements in SE driver tests --- .../test_suite_psa_crypto_se_driver_hal.data | 8 ++-- ...st_suite_psa_crypto_se_driver_hal.function | 44 +++++++++++++------ 2 files changed, 35 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index cb21ab549..e9c069477 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -27,14 +27,14 @@ register_twice:3 Register SE driver: maximum number of drivers register_max: -Key creation smoke test (p_allocate allows all slots) +SE key import-export (p_allocate allows all slots) key_creation_import_export:0:0 -Key creation smoke test (p_allocate allows 1 slot) +SE key import-export (p_allocate allows 1 slot) key_creation_import_export:ARRAY_LENGTH( ram_slots ) - 1:0 -Key creation smoke test, check after restart (slot 0) +SE key import-export, check after restart (slot 0) key_creation_import_export:0:1 -Key creation smoke test, check after restart (slot 3) +SE key import-export, check after restart (slot 3) key_creation_import_export:3:1 diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 010f69684..661fb054f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -5,6 +5,12 @@ #include "psa_crypto_se.h" #include "psa_crypto_storage.h" + + +/****************************************************************/ +/* Test driver helpers */ +/****************************************************************/ + /** The minimum valid lifetime value for a secure element driver. */ #define MIN_DRIVER_LIFETIME 2 @@ -25,6 +31,12 @@ } \ } while( 0 ) + + +/****************************************************************/ +/* RAM-based test driver */ +/****************************************************************/ + #define RAM_MAX_KEY_SIZE 64 typedef struct { @@ -69,11 +81,11 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, return( PSA_SUCCESS ); } -psa_status_t ram_export( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ) +static psa_status_t ram_export( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ) { size_t actual_size; (void) context; @@ -86,9 +98,9 @@ psa_status_t ram_export( psa_drv_se_context_t *context, return( PSA_SUCCESS ); } -psa_status_t ram_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +static psa_status_t ram_destroy( psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number ) { ram_slot_usage_t *slot_usage = persistent_data; DRIVER_ASSERT( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); @@ -98,10 +110,10 @@ psa_status_t ram_destroy( psa_drv_se_context_t *context, return( PSA_SUCCESS ); } -psa_status_t ram_allocate( psa_drv_se_context_t *context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_slot_number_t *slot_number ) +static psa_status_t ram_allocate( psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_slot_number_t *slot_number ) { ram_slot_usage_t *slot_usage = persistent_data; (void) attributes; @@ -116,8 +128,14 @@ psa_status_t ram_allocate( psa_drv_se_context_t *context, return( PSA_ERROR_INSUFFICIENT_STORAGE ); } + + +/****************************************************************/ +/* Other test helper functions */ +/****************************************************************/ + #define MAX_KEY_ID_FOR_TEST 10 -void psa_purge_storage( void ) +static void psa_purge_storage( void ) { psa_key_id_t id; psa_key_lifetime_t lifetime; From f4ee6628681f7889b2dd82d8feee2c1a8712998b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 13:44:30 +0200 Subject: [PATCH 1478/2197] SE keys: error out in key creation function that lack support --- library/psa_crypto.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5fcf0ac86..e508f8f09 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1756,6 +1756,15 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) goto exit; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + /* Copying to a secure element is not implemented yet. */ + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + status = psa_copy_key_material( source_slot, target_slot ); if( status != PSA_SUCCESS ) goto exit; @@ -4661,6 +4670,13 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; status = psa_start_key_creation( attributes, handle, &slot, &driver ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + /* Deriving a key in a secure element is not implemented yet. */ + status = PSA_ERROR_NOT_SUPPORTED; + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ if( status == PSA_SUCCESS ) { status = psa_generate_derived_key_internal( slot, @@ -5692,6 +5708,13 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; status = psa_start_key_creation( attributes, handle, &slot, &driver ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( driver != NULL ) + { + /* Generating a key in a secure element is not implemented yet. */ + status = PSA_ERROR_NOT_SUPPORTED; + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ if( status == PSA_SUCCESS ) { status = psa_generate_key_internal( From d1cd766e96e8c4a2d9a0cb04c632f50cae5e04dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 13:45:02 +0200 Subject: [PATCH 1479/2197] SE keys: test NOT_SUPPORTED error from generate_key --- .../test_suite_psa_crypto_se_driver_hal.data | 3 ++ ...st_suite_psa_crypto_se_driver_hal.function | 36 +++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index e9c069477..275197f41 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -38,3 +38,6 @@ key_creation_import_export:0:1 SE key import-export, check after restart (slot 3) key_creation_import_export:3:1 + +Generate key: not supported +generate_key_not_supported:PSA_KEY_TYPE_AES:128 diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 661fb054f..38066a34f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -288,3 +288,39 @@ exit: psa_purge_storage( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void generate_key_not_supported( int type_arg, int bits_arg ) +{ + psa_key_type_t type = type_arg; + size_t bits = bits_arg; + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + key_management.p_allocate = counter_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, bits ); + TEST_EQUAL( psa_generate_key( &attributes, &handle ), + PSA_ERROR_NOT_SUPPORTED ); + +exit: + PSA_DONE( ); + ram_slots_reset( ); + psa_purge_storage( ); +} +/* END_CASE */ From 105736653ffcfa530fe989b81880acffc2c02441 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 13:45:36 +0200 Subject: [PATCH 1480/2197] SE keys: test that no function goes crazy Run all functions that take a key handle as input with a key that is in a secure element. All calls are expected to error out one way or another (not permitted by policy, invalid key type, method not implemented in the secure element, ...). The goal of this test is to ensure that nothing bad happens (e.g. invalid pointer dereference). Run with various key types and algorithms to get good coverage. --- .../test_suite_psa_crypto_se_driver_hal.data | 54 ++++ ...st_suite_psa_crypto_se_driver_hal.function | 233 ++++++++++++++++++ 2 files changed, 287 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 275197f41..6fb65f02a 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -39,5 +39,59 @@ key_creation_import_export:0:1 SE key import-export, check after restart (slot 3) key_creation_import_export:3:1 +Key creation smoke test: AES-CTR +key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: AES-CBC +key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: AES-CMAC +key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: AES-CCM +key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: AES-GCM +key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: CAMELLIA-CTR +key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: CAMELLIA-CBC +key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: CAMELLIA-CMAC +key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: CAMELLIA-CCM +key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: CAMELLIA-CCM +key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: HMAC-SHA-256 +key_creation_smoke:PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: HKDF-SHA-256 +key_creation_smoke:PSA_KEY_TYPE_DERIVE:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +Key creation smoke test: RSA PKCS#1v1.5 signature +key_creation_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +Key creation smoke test: RSA PKCS#1v1.5 encryption +key_creation_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +Key creation smoke test: RSA OAEP encryption +key_creation_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" + +Key creation smoke test: ECDSA secp256r1 +key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +Key creation smoke test: ECDH secp256r1 +key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +Key creation smoke test: ECDH secp256r1 with HKDF +key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + Generate key: not supported generate_key_not_supported:PSA_KEY_TYPE_AES:128 diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 38066a34f..e0b8d29a5 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -33,6 +33,50 @@ +/****************************************************************/ +/* Miscellaneous driver methods */ +/****************************************************************/ + +/* Allocate slot numbers with a monotonic counter. */ +static psa_status_t counter_allocate( psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_slot_number_t *slot_number ) +{ + psa_key_slot_number_t *p_counter = persistent_data; + (void) attributes; + if( context->persistent_data_size != sizeof( psa_key_slot_number_t ) ) + return( PSA_ERROR_DETECTED_BY_DRIVER ); + ++*p_counter; + if( *p_counter == 0 ) + return( PSA_ERROR_INSUFFICIENT_STORAGE ); + *slot_number = *p_counter; + return( PSA_SUCCESS ); +} + +/* Null import: do nothing, but pretend it worked. */ +static psa_status_t null_import( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_key_lifetime_t lifetime, + psa_key_type_t type, + psa_algorithm_t algorithm, + psa_key_usage_t usage, + const uint8_t *p_data, + size_t data_length ) +{ + (void) context; + (void) slot_number; + (void) lifetime; + (void) type; + (void) algorithm; + (void) usage; + (void) p_data; + (void) data_length; + return( PSA_SUCCESS ); +} + + + /****************************************************************/ /* RAM-based test driver */ /****************************************************************/ @@ -134,6 +178,136 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, /* Other test helper functions */ /****************************************************************/ +/* Check that a function's return status is "smoke-free", i.e. that + * it's an acceptable error code when calling an API function that operates + * on a key with potentially bogus parameters. */ +static int is_status_smoke_free( psa_status_t status ) +{ + switch( status ) + { + case PSA_SUCCESS: + case PSA_ERROR_NOT_SUPPORTED: + case PSA_ERROR_NOT_PERMITTED: + case PSA_ERROR_BUFFER_TOO_SMALL: + case PSA_ERROR_INVALID_ARGUMENT: + case PSA_ERROR_INVALID_SIGNATURE: + case PSA_ERROR_INVALID_PADDING: + return( 1 ); + default: + return( 0 ); + } +} +#define SMOKE_ASSERT( expr ) \ + TEST_ASSERT( is_status_smoke_free( expr ) ) + +/* Smoke test a key. There are mostly no wrong answers here since we pass + * mostly bogus parameters: the goal is to ensure that there is no memory + * corruption or crash. This test function is most useful when run under + * an environment with sanity checks such as ASan or MSan. */ +static int smoke_test_key( psa_key_handle_t handle ) +{ + int ok = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT; + psa_cipher_operation_t cipher_operation = PSA_CIPHER_OPERATION_INIT; + psa_key_derivation_operation_t derivation_operation = + PSA_KEY_DERIVATION_OPERATION_INIT; + uint8_t buffer[80]; /* large enough for a public key for ECDH */ + size_t length; + psa_key_handle_t handle2 = 0; + + SMOKE_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + + SMOKE_ASSERT( psa_export_key( handle, + buffer, sizeof( buffer ), &length ) ); + SMOKE_ASSERT( psa_export_public_key( handle, + buffer, sizeof( buffer ), &length ) ); + + SMOKE_ASSERT( psa_copy_key( handle, &attributes, &handle2 ) ); + if( handle2 != 0 ) + PSA_ASSERT( psa_close_key( handle2 ) ); + + SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, handle, PSA_ALG_CMAC ) ); + PSA_ASSERT( psa_mac_abort( &mac_operation ) ); + SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, handle, + PSA_ALG_HMAC( PSA_ALG_SHA_256 ) ) ); + PSA_ASSERT( psa_mac_abort( &mac_operation ) ); + + SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, handle, + PSA_ALG_CTR ) ); + PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); + SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, handle, + PSA_ALG_CTR ) ); + PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); + + SMOKE_ASSERT( psa_aead_encrypt( handle, PSA_ALG_CCM, + buffer, sizeof( buffer ), + NULL, 0, + buffer, sizeof( buffer), + buffer, sizeof( buffer), &length ) ); + SMOKE_ASSERT( psa_aead_decrypt( handle, PSA_ALG_CCM, + buffer, sizeof( buffer ), + NULL, 0, + buffer, sizeof( buffer), + buffer, sizeof( buffer), &length ) ); + + SMOKE_ASSERT( psa_asymmetric_sign( handle, PSA_ALG_ECDSA_ANY, + buffer, 32, + buffer, sizeof( buffer ), &length ) ); + SMOKE_ASSERT( psa_asymmetric_verify( handle, PSA_ALG_ECDSA_ANY, + buffer, 32, + buffer, sizeof( buffer ) ) ); + + SMOKE_ASSERT( psa_asymmetric_encrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT, + buffer, 10, NULL, 0, + buffer, sizeof( buffer ), &length ) ); + SMOKE_ASSERT( psa_asymmetric_decrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT, + buffer, sizeof( buffer ), NULL, 0, + buffer, sizeof( buffer ), &length ) ); + +#if defined(MBEDTLS_SHA256_C) + /* Try the key in a plain key derivation. */ + PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, + PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &derivation_operation, + PSA_KEY_DERIVATION_INPUT_SALT, + NULL, 0 ) ); + SMOKE_ASSERT( psa_key_derivation_input_key( &derivation_operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle ) ); + PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); + + /* If the key is asymmetric, try it in a key agreement, both as + * part of a derivation operation and standalone. */ + if( psa_export_public_key( handle, buffer, sizeof( buffer ), &length ) == + PSA_SUCCESS ) + { + psa_algorithm_t alg = + PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, + PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ); + PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, alg ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( + &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT, + NULL, 0 ) ); + SMOKE_ASSERT( psa_key_derivation_key_agreement( + &derivation_operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + handle, buffer, length ) ); + PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); + + SMOKE_ASSERT( psa_raw_key_agreement( + alg, handle, buffer, length, + buffer, sizeof( buffer ), &length ) ); + } +#endif /* MBEDTLS_SHA256_C */ + + ok = 1; + +exit: + psa_reset_key_attributes( &attributes ); + return( ok ); +} + #define MAX_KEY_ID_FOR_TEST 10 static void psa_purge_storage( void ) { @@ -289,6 +463,65 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_creation_smoke( int type_arg, int alg_arg, + data_t *key_material ) +{ + psa_key_type_t type = type_arg; + psa_algorithm_t alg = alg_arg; + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + key_management.p_allocate = counter_allocate; + key_management.p_import = null_import; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + /* Create a key. */ + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); + PSA_ASSERT( psa_import_key( &attributes, + key_material->x, key_material->len, + &handle ) ); + + /* Do stuff with the key. */ + if( ! smoke_test_key( handle ) ) + goto exit; + + /* Restart and try again. */ + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); + if( ! smoke_test_key( handle ) ) + goto exit; + + /* We're done. */ + PSA_ASSERT( psa_destroy_key( handle ) ); + +exit: + PSA_DONE( ); + ram_slots_reset( ); + psa_purge_storage( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_key_not_supported( int type_arg, int bits_arg ) { From d0e66b00fbf588b4fee72df7ee3f226b2a431163 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 13:52:51 +0200 Subject: [PATCH 1481/2197] Turn off secure element support by default Secure element support is not yet usable in the real world. Only part of the feature is implemented and the part that's implemented is not sufficient for real-world uses. A lot of error handling is missing, and there are no tests. This commit should be reverted once the feature has stabilized. --- include/mbedtls/config.h | 5 ++++- scripts/config.pl | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 0e8d7550e..bd6f7b6a0 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1715,12 +1715,15 @@ * Enable secure element support in the Platform Security Architecture * cryptography API. * + * \warning This feature is not yet suitable for production. It is provided + * for API evaluation and testing purposes only. + * * Module: library/psa_crypto_se.c * * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C * */ -#define MBEDTLS_PSA_CRYPTO_SE_C +//#define MBEDTLS_PSA_CRYPTO_SE_C /** * \def MBEDTLS_PSA_CRYPTO_STORAGE_C diff --git a/scripts/config.pl b/scripts/config.pl index 05cc52e64..6479c6d53 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -85,6 +85,7 @@ MBEDTLS_NO_PLATFORM_ENTROPY MBEDTLS_RSA_NO_CRT MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION +MBEDTLS_PSA_CRYPTO_SE_C MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER MBEDTLS_PSA_INJECT_ENTROPY From f96aefe3ad2fc3bfb0165a6b49c66cde25ec555e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 14:58:38 +0200 Subject: [PATCH 1482/2197] Test with secure element support Test with default config + SE with Clang and with full config + SE with GCC, for variety. Full+Clang+Asan has known issues so don't do that. --- tests/scripts/all.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c1e1ffe24..28225899f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -783,6 +783,24 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } +component_test_se_default () { + msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C" + scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C + make CC=clang CFLAGS='-Werror -Wall -Wextra -Wno-unused-function -Os -fsanitize=address' LDFLAGS='-fsanitize=address' + + msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C" + make test +} + +component_test_se_full () { + msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" + scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O2 -fsanitize=address' LDFLAGS='-fsanitize=address' + + msg "test: full config + MBEDTLS_PSA_CRYPTO_SE_C" + make test +} + component_test_make_shared () { msg "build/test: make shared" # ~ 40s make SHARED=1 all check From 75c126b958295be1c45257b4e4bba86b7924c8db Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 15:56:01 +0200 Subject: [PATCH 1483/2197] Explain some non-obvious parts of the code Comment changes only. --- library/psa_crypto_se.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 714a03904..648022aed 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -81,6 +81,10 @@ psa_se_drv_table_entry_t *psa_get_se_driver_entry( psa_key_lifetime_t lifetime ) { size_t i; + /* In the driver table, lifetime=0 means an entry that isn't used. + * No driver has a lifetime of 0 because it's a reserved value + * (which designates volatile keys). Make sure we never return + * a driver entry for lifetime 0. */ if( lifetime == 0 ) return( NULL ); for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) @@ -134,6 +138,7 @@ static psa_status_t psa_get_se_driver_its_file_uid( return( PSA_ERROR_NOT_SUPPORTED ); #endif + /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */ *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->lifetime; return( PSA_SUCCESS ); } @@ -148,6 +153,9 @@ psa_status_t psa_load_se_persistent_data( if( status != PSA_SUCCESS ) return( status ); + /* psa_get_se_driver_its_file_uid ensures that the size_t + * persistent_data_size is in range, but compilers don't know that, + * so cast to reassure them. */ return( psa_its_get( uid, 0, (uint32_t) driver->internal.persistent_data_size, driver->internal.persistent_data ) ); @@ -163,6 +171,9 @@ psa_status_t psa_save_se_persistent_data( if( status != PSA_SUCCESS ) return( status ); + /* psa_get_se_driver_its_file_uid ensures that the size_t + * persistent_data_size is in range, but compilers don't know that, + * so cast to reassure them. */ return( psa_its_set( uid, (uint32_t) driver->internal.persistent_data_size, driver->internal.persistent_data, From 4b734223180a81751cbd189f430803464db37cd9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 15:56:31 +0200 Subject: [PATCH 1484/2197] Transaction support: be more future-proof If there's ever a non-SE-related transaction, make sure it gets handled during init. --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e508f8f09..f175fc2d0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5800,7 +5800,7 @@ psa_status_t psa_crypto_init( void ) if( status != PSA_SUCCESS ) goto exit; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction( ); if( status == PSA_SUCCESS ) { @@ -5811,7 +5811,7 @@ psa_status_t psa_crypto_init( void ) /* There's no transaction to complete. It's all good. */ status = PSA_SUCCESS; } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ /* All done. */ global_data.initialized = 1; From f77a6acf83875b02a489169ca6164c364983e5a5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 10:51:03 +0200 Subject: [PATCH 1485/2197] Fix indentation --- library/psa_crypto.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f175fc2d0..8595a0f9a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1738,7 +1738,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, psa_se_drv_table_entry_t *driver = NULL; status = psa_get_transparent_key( source_handle, &source_slot, - PSA_KEY_USAGE_COPY, 0 ); + PSA_KEY_USAGE_COPY, 0 ); if( status != PSA_SUCCESS ) goto exit; @@ -5332,8 +5332,8 @@ psa_status_t psa_key_derivation_input_key( psa_key_slot_t *slot; psa_status_t status; status = psa_get_transparent_key( handle, &slot, - PSA_KEY_USAGE_DERIVE, - operation->alg ); + PSA_KEY_USAGE_DERIVE, + operation->alg ); if( status != PSA_SUCCESS ) return( status ); if( slot->type != PSA_KEY_TYPE_DERIVE ) @@ -5481,7 +5481,7 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *o if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_transparent_key( private_key, &slot, - PSA_KEY_USAGE_DERIVE, operation->alg ); + PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) return( status ); status = psa_key_agreement_internal( operation, step, @@ -5509,7 +5509,7 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, goto exit; } status = psa_get_transparent_key( private_key, &slot, - PSA_KEY_USAGE_DERIVE, alg ); + PSA_KEY_USAGE_DERIVE, alg ); if( status != PSA_SUCCESS ) goto exit; From 6a3dd89a64daaba135ecc9b304c099f7c89d2768 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 10:56:39 +0200 Subject: [PATCH 1486/2197] Improve alignment in comments --- include/psa/crypto_se_driver.h | 129 +++++++++++++++++---------------- 1 file changed, 65 insertions(+), 64 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 57d077c2e..60447ce3b 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -59,7 +59,7 @@ typedef struct { * session to the next. * * The core allocates a memory buffer for the persistent data. - * The pointer is guaranteed to be suitably alignedfor any data type, + * The pointer is guaranteed to be suitably aligned for any data type, * like a pointer returned by `malloc` (but the core can use any * method to allocate the buffer, not necessarily `malloc`). * @@ -164,7 +164,7 @@ typedef psa_status_t (*psa_drv_se_mac_setup_t)(psa_drv_se_context_t *drv_context * updated * \param[in] p_input A buffer containing the message to be appended * to the MAC operation - * \param[in] input_length The size in bytes of the input message buffer + * \param[in] input_length The size in bytes of the input message buffer */ typedef psa_status_t (*psa_drv_se_mac_update_t)(void *op_context, const uint8_t *p_input, @@ -195,10 +195,10 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context, * operation by comparing the resulting MAC against a provided value * * \param[in,out] op_context A hardware-specific structure for the previously - * started MAC operation to be fiinished - * \param[in] p_mac The MAC value against which the resulting MAC will - * be compared against - * \param[in] mac_length The size in bytes of the value stored in `p_mac` + * started MAC operation to be fiinished + * \param[in] p_mac The MAC value against which the resulting MAC + * will be compared against + * \param[in] mac_length The size in bytes of the value stored in `p_mac` * * \retval PSA_SUCCESS * The operation completed successfully and the MACs matched each @@ -215,14 +215,14 @@ typedef psa_status_t (*psa_drv_se_mac_finish_verify_t)(void *op_context, * operation * * \param[in,out] op_context A hardware-specific structure for the previously - * started MAC operation to be aborted + * started MAC operation to be aborted */ typedef psa_status_t (*psa_drv_se_mac_abort_t)(void *op_context); /** \brief A function that performs a secure element MAC operation in one * command and returns the calculated MAC * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] p_input A buffer containing the message to be MACed * \param[in] input_length The size in bytes of `p_input` * \param[in] key_slot The slot of the key to be used @@ -344,7 +344,7 @@ typedef struct { /** \brief A function that provides the cipher setup function for a * secure element driver * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in,out] op_context A structure that will contain the * hardware-specific cipher context. * \param[in] key_slot The slot of the key to be used for the @@ -440,19 +440,19 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context); * Note: this function should only be used with implementations that do not * provide a needed higher-level operation. * - * \param[in,out] drv_context The driver context structure. - * \param[in] key_slot The slot of the key to be used for the operation - * \param[in] algorithm The algorithm to be used in the cipher operation - * \param[in] direction Indicates whether the operation is an encrypt or - * decrypt - * \param[in] p_input A buffer containing the data to be - * encrypted/decrypted - * \param[in] input_size The size in bytes of the buffer pointed to by - * `p_input` - * \param[out] p_output The caller-allocated buffer where the output will - * be placed - * \param[in] output_size The allocated size in bytes of the `p_output` - * buffer + * \param[in,out] drv_context The driver context structure. + * \param[in] key_slot The slot of the key to be used for the operation + * \param[in] algorithm The algorithm to be used in the cipher operation + * \param[in] direction Indicates whether the operation is an encrypt or + * decrypt + * \param[in] p_input A buffer containing the data to be + * encrypted/decrypted + * \param[in] input_size The size in bytes of the buffer pointed to by + * `p_input` + * \param[out] p_output The caller-allocated buffer where the output + * will be placed + * \param[in] output_size The allocated size in bytes of the `p_output` + * buffer * * \retval PSA_SUCCESS * \retval PSA_ERROR_NOT_SUPPORTED @@ -538,7 +538,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_c * \brief A function that verifies the signature a hash or short message using * an asymmetric public key in a secure element * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of a public key or an asymmetric key * pair * \param[in] alg A signature algorithm that is compatible with @@ -563,7 +563,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv * \brief A function that encrypts a short message with an asymmetric public * key in a secure element * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of a public key or an asymmetric key * pair * \param[in] alg An asymmetric encryption algorithm that is @@ -604,7 +604,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *dr * \brief A function that decrypts a short message with an asymmetric private * key in a secure element. * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Key slot of an asymmetric key pair * \param[in] alg An asymmetric encryption algorithm that is * compatible with the type of `key` @@ -674,7 +674,7 @@ typedef struct { /** \brief A function that performs a secure element authenticated encryption * operation * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot containing the key to use. * \param[in] algorithm The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that @@ -717,7 +717,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_cont /** A function that peforms a secure element authenticated decryption operation * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot containing the key to use * \param[in] algorithm The AEAD algorithm to compute * (\c PSA_ALG_XXX value such that @@ -787,10 +787,10 @@ typedef struct { * \param[in,out] drv_context The driver context structure. * \param[in,out] persistent_data A pointer to the persistent data * that allows writing. - * \param[in] attributes Attributes of the key. - * \param[out] key_slot Slot where the key will be stored. - * This must be a valid slot for a key of the - * chosen type. It must be unoccupied. + * \param[in] attributes Attributes of the key. + * \param[out] key_slot Slot where the key will be stored. + * This must be a valid slot for a key of the + * chosen type. It must be unoccupied. * * \retval #PSA_SUCCESS * Success. @@ -810,16 +810,16 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( * This function can support any output from psa_export_key(). Refer to the * documentation of psa_export_key() for the format for each key type. * - * \param[in,out] drv_context The driver context structure. - * \param[in] key_slot Slot where the key will be stored - * This must be a valid slot for a key of the chosen - * type. It must be unoccupied. - * \param[in] lifetime The required lifetime of the key storage - * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value) - * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value) - * \param[in] usage The allowed uses of the key - * \param[in] p_data Buffer containing the key data - * \param[in] data_length Size of the `data` buffer in bytes + * \param[in,out] drv_context The driver context structure. + * \param[in] key_slot Slot where the key will be stored + * This must be a valid slot for a key of the chosen + * type. It must be unoccupied. + * \param[in] lifetime The required lifetime of the key storage + * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value) + * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value) + * \param[in] usage The allowed uses of the key + * \param[in] p_data Buffer containing the key data + * \param[in] data_length Size of the `data` buffer in bytes * * \retval #PSA_SUCCESS * Success. @@ -846,7 +846,7 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_contex * \param[in,out] drv_context The driver context structure. * \param[in,out] persistent_data A pointer to the persistent data * that allows writing. - * \param key_slot The key slot to erase. + * \param key_slot The key slot to erase. * * \retval #PSA_SUCCESS * The slot's content, if any, has been erased. @@ -871,7 +871,7 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)( * `psa_export_key()` does. Refer to the * documentation of `psa_export_key()` for the format for each key type. * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in] key Slot whose content is to be exported. This must * be an occupied key slot. * \param[out] p_data Buffer where the key data is to be written. @@ -902,22 +902,23 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_contex * The format of the public key information will match the format specified for * the psa_export_key() function for the key type. * - * \param[in,out] drv_context The driver context structure. - * \param[in] key_slot Slot where the generated key will be placed - * \param[in] type The type of the key to be generated - * \param[in] usage The prescribed usage of the generated key - * Note: Not all Secure Elements support the same - * restrictions that PSA Crypto does (and vice versa). - * Driver developers should endeavor to match the - * usages as close as possible. - * \param[in] bits The size in bits of the key to be generated. - * \param[in] extra Extra parameters for key generation. The - * interpretation of this parameter should match the - * interpretation in the `extra` parameter is the - * `psa_generate_key` function - * \param[in] extra_size The size in bytes of the \p extra buffer - * \param[out] p_pubkey_out The buffer where the public key information will - * be placed + * \param[in,out] drv_context The driver context structure. + * \param[in] key_slot Slot where the generated key will be placed + * \param[in] type The type of the key to be generated + * \param[in] usage The prescribed usage of the generated key + * Note: Not all Secure Elements support the same + * restrictions that PSA Crypto does (and vice + * versa). + * Driver developers should endeavor to match the + * usages as close as possible. + * \param[in] bits The size in bits of the key to be generated. + * \param[in] extra Extra parameters for key generation. The + * interpretation of this parameter should match + * the interpretation in the `extra` parameter is + * the `psa_generate_key` function + * \param[in] extra_size The size in bytes of the \p extra buffer + * \param[out] p_pubkey_out The buffer where the public key information will + * be placed * \param[in] pubkey_out_size The size in bytes of the `p_pubkey_out` buffer * \param[out] p_pubkey_length Upon successful completion, will contain the * size of the data placed in `p_pubkey_out`. @@ -1011,12 +1012,12 @@ typedef struct { /** \brief A function that Sets up a secure element key derivation operation by * specifying the algorithm and the source key sot * - * \param[in,out] drv_context The driver context structure. + * \param[in,out] drv_context The driver context structure. * \param[in,out] op_context A hardware-specific structure containing any - * context information for the implementation - * \param[in] kdf_alg The algorithm to be used for the key derivation - * \param[in] source_key The key to be used as the source material for the - * key derivation + * context information for the implementation + * \param[in] kdf_alg The algorithm to be used for the key derivation + * \param[in] source_key The key to be used as the source material for + * the key derivation * * \retval PSA_SUCCESS */ From adad813d7b5b780c59c5049b97e4cffdf26a578c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 11:31:23 +0200 Subject: [PATCH 1487/2197] psa_key_slot_is_external exists. Use it. --- library/psa_crypto.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8595a0f9a..92364ca4c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -888,10 +888,7 @@ static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, psa_status_t status = psa_get_key_from_slot( handle, p_slot, usage, alg ); if( status != PSA_SUCCESS ) return( status ); - /* Use a simple, cheap test to check whether the key is transparent. - * This check assumes that there are no persistent lifetimes other than - * PSA_KEY_LIFETIME_PERSISTENT. */ - if( ( *p_slot )->lifetime > PSA_KEY_LIFETIME_PERSISTENT ) + if( psa_key_slot_is_external( *p_slot ) ) { *p_slot = NULL; return( PSA_ERROR_NOT_SUPPORTED ); From 725f22a545c12b135bbd68ca42f4cefae40baf88 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 11:31:48 +0200 Subject: [PATCH 1488/2197] Bug fix: save the driver's persistent data in destroy_key --- library/psa_crypto.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 92364ca4c..eefb26116 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1007,7 +1007,11 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { - status = psa_crypto_stop_transaction( ); + psa_status_t status2; + status = psa_save_se_persistent_data( driver ); + status2 = psa_crypto_stop_transaction( ); + if( status == PSA_SUCCESS ) + status = status2; if( status != PSA_SUCCESS ) { /* TOnogrepDO: destroy what can be destroyed anyway */ From 60450a4812d6e72e9140f8de0acf86f299524652 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 11:32:45 +0200 Subject: [PATCH 1489/2197] Improve comments --- library/psa_crypto.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index eefb26116..84070c1cc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -876,8 +876,8 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, * A transparent key is a key for which the key material is directly * available, as opposed to a key in a secure element. * - * This is a temporary function until secure element support is - * fully implemented. + * This is a temporary function to use instead of psa_get_key_from_slot() + * until secure element support is fully implemented. */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) static psa_status_t psa_get_transparent_key( psa_key_handle_t handle, @@ -981,6 +981,11 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) driver = psa_get_se_driver_entry( slot->lifetime ); if( driver != NULL ) { + /* For a key in a secure element, we need to do three things: + * remove the key file in internal storage, destroy the + * key inside the secure element, and update the driver's + * persistent data. Start a transaction that will encompass these + * three actions. */ psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY ); psa_crypto_transaction.key.lifetime = slot->lifetime; psa_crypto_transaction.key.slot = slot->data.se.slot_number; @@ -1454,9 +1459,18 @@ static psa_status_t psa_start_key_creation( slot->type = attributes->type; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* Find a slot number for the new key. Save the slot number in - * persistent storage, but do not yet save the driver's persistent - * state, so that if the power fails during the key creation process, + /* For a key in a secure element, we need to do three things: + * create the key file in internal storage, create the + * key inside the secure element, and update the driver's + * persistent data. Start a transaction that will encompass these + * three actions. */ + /* The first thing to do is to find a slot number for the new key. + * We save the slot number in persistent storage as part of the + * transaction data. It will be needed to recover if the power + * fails during the key creation process, to clean up on the secure + * element side after restarting. Obtaining a slot number from the + * secure element driver updates its persistent state, but we do not yet + * save the driver's persistent state, so that if the power fails, * we can roll back to a state where the key doesn't exist. */ if( *p_drv != NULL ) { From 2e0f388d2afcaaa171c996ab3301e3cbb52ff85d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 11:34:33 +0200 Subject: [PATCH 1490/2197] Don't explicitly dereference function pointers Be stylistically consistent. --- library/psa_crypto.c | 6 +++--- library/psa_crypto_se.c | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84070c1cc..4bd2d13d2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1231,9 +1231,9 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, drv->key_management->p_export ); if( method == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - return( ( *method )( drv_context, - slot->data.se.slot_number, - data, data_size, data_length ) ); + return( method( drv_context, + slot->data.se.slot_number, + data, data_size, data_length ) ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 648022aed..e6dbe3241 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -211,10 +211,10 @@ psa_status_t psa_find_se_slot_for_key( if( p_allocate == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - status = ( *p_allocate )( &driver->context, - driver->internal.persistent_data, - attributes, - slot_number ); + status = p_allocate( &driver->context, + driver->internal.persistent_data, + attributes, + slot_number ); return( status ); } From 0c3ae1f0b4b75f343dfb17af62c615490dce07c3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 14:04:38 +0200 Subject: [PATCH 1491/2197] Improve documentation of SE driver persistent state Explain what it can be used for and when it is saved to storage. --- include/psa/crypto_se_driver.h | 36 ++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 60447ce3b..9aebc45c1 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -55,8 +55,13 @@ extern "C" { typedef struct { /** A read-only pointer to the driver's persistent data. * - * The PSA Cryptography core saves the persistent data from one - * session to the next. + * Drivers typically use this persistent data to keep track of + * which slot numbers are available. This is only a guideline: + * drivers may use the persistent data for any purpose, keeping + * in mind the restrictions on when the persistent data is saved + * to storage: the persistent data is only saved after calling + * certain functions that receive a writable pointer to the + * persistent data. * * The core allocates a memory buffer for the persistent data. * The pointer is guaranteed to be suitably aligned for any data type, @@ -74,7 +79,23 @@ typedef struct { * * This pointer is to read-only data. Only a few driver functions are * allowed to modify the persistent data. These functions receive a - * writable pointer. + * writable pointer. These functions are: + * - psa_drv_se_t::p_init + * - psa_drv_se_key_management_t::p_allocate + * - psa_drv_se_key_management_t::p_destroy + * + * The PSA Cryptography core saves the persistent data from one + * session to the next. It does this before returning from API functions + * that call a driver method that is allowed to modify the persistent + * data, specifically: + * - psa_crypto_init() causes a call to psa_drv_se_t::p_init, and may call + * psa_drv_se_key_management_t::p_destroy to complete an action + * that was interrupted by a power failure. + * - Key creation functions cause a call to + * psa_drv_se_key_management_t::p_allocate, and may cause a call to + * psa_drv_se_key_management_t::p_destroy in case an error occurs. + * - psa_destroy_key() causes a call to + * psa_drv_se_key_management_t::p_destroy. */ const void *const persistent_data; @@ -1118,7 +1139,14 @@ typedef struct { */ uint32_t hal_version; - /** The size of the driver's persistent data in bytes. */ + /** The size of the driver's persistent data in bytes. + * + * This can be 0 if the driver does not need persistent data. + * + * See the documentation of psa_drv_se_context_t::persistent_data + * for more information about why and how a driver can use + * persistent data. + */ size_t persistent_data_size; /** The driver initialization function. From 340b127ed1a697dd97ce9974a3f314820c62af97 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 14:13:24 +0200 Subject: [PATCH 1492/2197] psa_destroy_se_key: explain why the error is NOT_PERMITTED --- library/psa_crypto_se.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index e6dbe3241..aece47d01 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -223,6 +223,14 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, { psa_status_t status; psa_status_t storage_status; + /* Normally a missing method would mean that the action is not + * supported. But psa_destroy_key() is not supposed to return + * PSA_ERROR_NOT_SUPPORTED: if you can create a key, you should + * be able to destroy it. The only use case for a driver that + * does not have a way to destroy keys at all is if the keys are + * locked in a read-only state: we can use the keys but not + * destroy them. Hence, if the driver doesn't support destroying + * keys, it's really a lack of permission. */ if( driver->methods->key_management == NULL || driver->methods->key_management->p_destroy == NULL ) return( PSA_ERROR_NOT_PERMITTED ); From 4aea1036c64ed9b57c30e80f84d9f8301d66435c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 17:38:34 +0200 Subject: [PATCH 1493/2197] Bug fix: don't start a transaction for non-SE keys --- library/psa_crypto.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4bd2d13d2..50be99799 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1478,14 +1478,14 @@ static psa_status_t psa_start_key_creation( &slot->data.se.slot_number ); if( status != PSA_SUCCESS ) return( status ); + psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY ); + psa_crypto_transaction.key.lifetime = slot->lifetime; + psa_crypto_transaction.key.slot = slot->data.se.slot_number; + psa_crypto_transaction.key.id = slot->persistent_storage_id; + status = psa_crypto_save_transaction( ); + if( status != PSA_SUCCESS ) + return( status ); } - psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY ); - psa_crypto_transaction.key.lifetime = slot->lifetime; - psa_crypto_transaction.key.slot = slot->data.se.slot_number; - psa_crypto_transaction.key.id = slot->persistent_storage_id; - status = psa_crypto_save_transaction( ); - if( status != PSA_SUCCESS ) - return( status ); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ return( status ); From f9bb29ec2628aefc4f5564c20384b59f71871d87 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 17:52:59 +0200 Subject: [PATCH 1494/2197] Add boilerplate to recover a transaction during init --- library/psa_crypto.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 50be99799..92c9668d3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5782,6 +5782,30 @@ void mbedtls_psa_crypto_free( void ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ } +#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) +/** Recover a transaction that was interrupted by a power failure. + * + * This function is called during initialization, before psa_crypto_init() + * returns. If this function returns a failure status, the initialization + * fails. + */ +static psa_status_t psa_crypto_recover_transaction( + const psa_crypto_transaction_t *transaction ) +{ + switch( transaction->unknown.type ) + { + case PSA_CRYPTO_TRANSACTION_CREATE_KEY: + case PSA_CRYPTO_TRANSACTION_DESTROY_KEY: + /* TOnogrepDO - fall through to the failure case until this + * is implemented */ + default: + /* We found an unsupported transaction in the storage. + * We don't know what state the storage is in. Give up. */ + return( PSA_ERROR_STORAGE_FAILURE ); + } +} +#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ + psa_status_t psa_crypto_init( void ) { psa_status_t status; @@ -5819,7 +5843,10 @@ psa_status_t psa_crypto_init( void ) status = psa_crypto_load_transaction( ); if( status == PSA_SUCCESS ) { - /*TOnogrepDO: complete or abort the transaction*/ + status = psa_crypto_recover_transaction( &psa_crypto_transaction ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_crypto_stop_transaction( ); } else if( status == PSA_ERROR_DOES_NOT_EXIST ) { From 2ea06fd48da7a02dd13aaa25b01c2354f2b8537d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 17:53:16 +0200 Subject: [PATCH 1495/2197] Improve documentation of transaction storage --- library/psa_crypto_storage.h | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 25049b08d..8fe20ac32 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -206,6 +206,9 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, typedef uint16_t psa_crypto_transaction_type_t; /** No transaction is in progress. + * + * This has the value 0, so zero-initialization sets a transaction's type to + * this value. */ #define PSA_CRYPTO_TRANSACTION_NONE ( (psa_crypto_transaction_type_t) 0x0000 ) @@ -244,16 +247,22 @@ typedef uint16_t psa_crypto_transaction_type_t; * -# Fill in the type-specific fields of #psa_crypto_transaction. * -# Call psa_crypto_save_transaction() to start the transaction. This * saves the transaction data to internal storage. + * -# Perform the work of the transaction by modifying files, contacting + * external entities, or whatever needs doing. Note that the transaction + * may be interrupted by a power failure, so you need to have a way + * recover from interruptions either by undoing what has been done + * so far or by resuming where you left off. * -# If there are intermediate stages in the transaction, update * the fields of #psa_crypto_transaction and call * psa_crypto_save_transaction() again when each stage is reached. - * -# When the transaction is over, whether it has been committed or aborted, - * call psa_crypto_stop_transaction() to remove the transaction data in - * storage and in memory. + * -# When the transaction is over, call psa_crypto_stop_transaction() to + * remove the transaction data in storage and in memory. * * If the system crashes while a transaction is in progress, psa_crypto_init() * calls psa_crypto_load_transaction() and takes care of completing or - * rewinding the transaction. + * rewinding the transaction. This is done in psa_crypto_recover_transaction() + * in psa_crypto.c. If you add a new type of transaction, be + * sure to add code for it in psa_crypto_recover_transaction(). */ typedef union { @@ -328,8 +337,10 @@ psa_status_t psa_crypto_load_transaction( void ); /** Indicate that the current transaction is finished. * - * Call this function at the very end of transaction processing, whether - * the transaction has been committed or aborted. + * Call this function at the very end of transaction processing. + * This function does not "commit" or "abort" the transaction: the storage + * subsystem has no concept of "commit" and "abort", just saving and + * removing the transaction information in storage. * * This function erases the transaction data in storage (if any) and * resets the transaction data in memory. From 66be51c35d2e67cdce99fed0bd7636195495afba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jul 2019 18:02:52 +0200 Subject: [PATCH 1496/2197] If starting a transaction fails, wipe the transaction data Nothing has been saved to disk yet, but there is stale data in psa_crypto_transaction. This stale data should not be reused, but do wipe it to reduce the risk of it mattering somehow in the future. --- library/psa_crypto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 92c9668d3..b2fc26e1b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -993,6 +993,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) status = psa_crypto_save_transaction( ); if( status != PSA_SUCCESS ) { + (void) psa_crypto_stop_transaction( ); /* TOnogrepDO: destroy what can be destroyed anyway */ return( status ); } @@ -1484,7 +1485,10 @@ static psa_status_t psa_start_key_creation( psa_crypto_transaction.key.id = slot->persistent_storage_id; status = psa_crypto_save_transaction( ); if( status != PSA_SUCCESS ) + { + (void) psa_crypto_stop_transaction( ); return( status ); + } } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ From 8e88a8f4eac5a2e720b459e77630e7af5af31f6c Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Mon, 29 Jul 2019 15:09:29 +0200 Subject: [PATCH 1497/2197] Remove redundant empty buffer decoding test --- tests/suites/test_suite_cipher.gcm.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index dc33116c1..15c94a022 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,7 +1,3 @@ -AES 128 GCM Decrypt empty buffer -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -dec_empty_buf:MBEDTLS_CIPHER_AES_128_GCM - CAMELLIA GCM Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM From c5899a0fca7287a3f7fb915210f7b8d4f1954cec Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Mon, 29 Jul 2019 15:11:16 +0200 Subject: [PATCH 1498/2197] Fix dependencies for some GCM empty buffer decoding tests --- tests/suites/test_suite_cipher.gcm.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 15c94a022..11a12c964 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,9 +1,9 @@ CAMELLIA GCM Decrypt empty buffer -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM Aria GCM Decrypt empty buffer -depends_on:MBEDTLS_ARIA_C +depends_on:MBEDTLS_ARIA_C:MBEDTLS_GCM_C dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM AES 128 GCM Encrypt and decrypt 0 bytes From 424f89453b27091a1fc7e51c8f9848a1a8a944e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 15 Jul 2019 21:59:53 +0200 Subject: [PATCH 1499/2197] SE keys: store the bit size internally (partial implementation) This commit blindingly copies the size from the attributes. This is not correct for copy and import. --- library/psa_crypto.c | 9 +++++++++ library/psa_crypto_core.h | 1 + 2 files changed, 10 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0b33d764b..fc9161d8e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1035,6 +1035,11 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) /* Return the size of the key in the given slot, in bits. */ static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) { +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_get_se_driver( slot->lifetime, NULL, NULL ) ) + return( slot->data.se.bits ); +#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ + if( key_type_is_raw_bytes( slot->type ) ) return( slot->data.raw.bytes * 8 ); #if defined(MBEDTLS_RSA_C) @@ -1489,6 +1494,10 @@ static psa_status_t psa_start_key_creation( (void) psa_crypto_stop_transaction( ); return( status ); } + + /* TOnogrepDO: validate bits. How to do this depends on the key + * creation method, so setting bits might not belong here. */ + slot->data.se.bits = psa_get_key_bits( attributes ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 6096810f4..86584907c 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -64,6 +64,7 @@ typedef struct struct se { psa_key_slot_number_t slot_number; + size_t bits; } se; } data; } psa_key_slot_t; From d8727230f7876312d77ee63925cb5c8a845ea049 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Mon, 29 Jul 2019 17:46:29 +0200 Subject: [PATCH 1500/2197] Add negative tests for empty buffer decoding for certain ciphers --- tests/suites/test_suite_cipher.aes.data | 6 +++- tests/suites/test_suite_cipher.arc4.data | 2 +- tests/suites/test_suite_cipher.aria.data | 2 +- tests/suites/test_suite_cipher.blowfish.data | 2 +- tests/suites/test_suite_cipher.camellia.data | 2 +- .../suites/test_suite_cipher.chachapoly.data | 2 +- tests/suites/test_suite_cipher.des.data | 6 ++-- tests/suites/test_suite_cipher.function | 33 ++++++++++--------- tests/suites/test_suite_cipher.gcm.data | 4 +-- tests/suites/test_suite_cipher.nist_kw.data | 9 ++++- 10 files changed, 41 insertions(+), 27 deletions(-) diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index b2eb26e9d..6293408d4 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1,6 +1,10 @@ AES-128 CBC - Decrypt empty buffer depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC +dec_empty_buf:MBEDTLS_CIPHER_AES_128_CBC:0:0 + +AES-128 XTS - Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +dec_empty_buf:MBEDTLS_CIPHER_AES_128_XTS:MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:0 AES-128 CBC - Encrypt and decrypt 0 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data index d29d2ae9d..adeed83c5 100644 --- a/tests/suites/test_suite_cipher.arc4.data +++ b/tests/suites/test_suite_cipher.arc4.data @@ -1,6 +1,6 @@ ARC4 Decrypt empty buffer depends_on:MBEDTLS_ARC4_C -dec_empty_buf:MBEDTLS_CIPHER_ARC4_128 +dec_empty_buf:MBEDTLS_CIPHER_ARC4_128:0:0 ARC4 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_ARC4_C diff --git a/tests/suites/test_suite_cipher.aria.data b/tests/suites/test_suite_cipher.aria.data index c1ecafbd1..2c50a21fc 100644 --- a/tests/suites/test_suite_cipher.aria.data +++ b/tests/suites/test_suite_cipher.aria.data @@ -1,3 +1,3 @@ Aria CBC Decrypt empty buffer depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC -dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC:0:0 diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data index 627c42b74..bbb39343b 100644 --- a/tests/suites/test_suite_cipher.blowfish.data +++ b/tests/suites/test_suite_cipher.blowfish.data @@ -1,6 +1,6 @@ BLOWFISH CBC Decrypt empty buffer depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC +dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0 BLOWFISH Encrypt and decrypt 0 bytes depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index a078be198..8fbbbe91e 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -1,6 +1,6 @@ CAMELLIA CBC Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:0:0 CAMELLIA Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data index ccd0dfb57..8c246adb4 100644 --- a/tests/suites/test_suite_cipher.chachapoly.data +++ b/tests/suites/test_suite_cipher.chachapoly.data @@ -1,6 +1,6 @@ Decrypt empty buffer depends_on:MBEDTLS_CHACHAPOLY_C -dec_empty_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305 +dec_empty_buf:MBEDTLS_CIPHER_CHACHA20_POLY1305:0:0 ChaCha20+Poly1305 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CHACHAPOLY_C diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index dbd6809b1..c272a3e33 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -1,14 +1,14 @@ DES CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_DES_CBC +dec_empty_buf:MBEDTLS_CIPHER_DES_CBC:0:0 DES EDE CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_DES_EDE_CBC +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE_CBC:0:0 DES EDE3 CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC +dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:0:0 DES Encrypt and decrypt 0 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 1ea14088b..70f4bc120 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -1,6 +1,10 @@ /* BEGIN_HEADER */ #include "mbedtls/cipher.h" +#if defined(MBEDTLS_AES_C) +#include "mbedtls/aes.h" +#endif + #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" #endif @@ -710,7 +714,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void dec_empty_buf( int cipher ) +void dec_empty_buf( int cipher, + int expected_update_ret, + int expected_finish_ret ) { unsigned char key[32]; unsigned char iv[16]; @@ -723,8 +729,6 @@ void dec_empty_buf( int cipher ) size_t outlen = 0; - int expected_ret; - memset( key, 0, 32 ); memset( iv , 0, 16 ); @@ -753,25 +757,24 @@ void dec_empty_buf( int cipher ) #endif /* decode 0-byte string */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); + TEST_ASSERT( expected_update_ret == + mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); TEST_ASSERT( 0 == outlen ); - if ( cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_ECB ) - { - /* CBC and ECB ciphers need a full block of input. */ - expected_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; - } - else + if ( expected_finish_ret == 0 && + ( cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_ECB ) ) { /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when - * decrypting an empty buffer. */ - expected_ret = 0; + * decrypting an empty buffer. + * On the other hand, CBC and ECB ciphers need a full block of input. + */ + expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } - TEST_ASSERT( expected_ret == mbedtls_cipher_finish( - &ctx_dec, decbuf + outlen, &outlen ) ); + TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish( + &ctx_dec, decbuf + outlen, &outlen ) ); TEST_ASSERT( 0 == outlen ); exit: diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 11a12c964..83889de47 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -1,10 +1,10 @@ CAMELLIA GCM Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C -dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM +dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM:0:0 Aria GCM Decrypt empty buffer depends_on:MBEDTLS_ARIA_C:MBEDTLS_GCM_C -dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM +dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_GCM:0:0 AES 128 GCM Encrypt and decrypt 0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C diff --git a/tests/suites/test_suite_cipher.nist_kw.data b/tests/suites/test_suite_cipher.nist_kw.data index 59ef931e3..820189159 100644 --- a/tests/suites/test_suite_cipher.nist_kw.data +++ b/tests/suites/test_suite_cipher.nist_kw.data @@ -1,3 +1,11 @@ +KW AES-128 wrap - Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +dec_empty_buf:MBEDTLS_CIPHER_AES_128_KW:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE + +KWP AES-128 wrap - Decrypt empty buffer +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +dec_empty_buf:MBEDTLS_CIPHER_AES_128_KWP:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE + KW AES-128 wrap rfc 3394 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"000102030405060708090A0B0C0D0E0F":"":"":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5":"":"":"00112233445566778899AABBCCDDEEFF":0 @@ -268,4 +276,3 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"21fb6600c1d34a74adee67612672593a86cf23 KWP AES-256 wrap CAVS 17.4 FAIL COUNT 4 CLEN 32 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"c32cb3e1e41a4b9f4de79989957866f5dd48dba38c22a6ebb80e14c84bdd9534":"":"":"c29b05c2619a58ecc1d239e7a34273cd":"":"FAIL":"":0 - From dc5bfe97842667e89ac1394effc02875d85342b2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 19:09:30 +0200 Subject: [PATCH 1501/2197] SE keys: implement and test psa_get_key_attributes --- library/psa_crypto.c | 18 ++++++--- ...st_suite_psa_crypto_se_driver_hal.function | 38 +++++++++++++++++++ 2 files changed, 50 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fc9161d8e..b3a6f8a9a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1145,10 +1145,10 @@ exit: } #endif /* MBEDTLS_RSA_C */ -/** Retrieve the readily-accessible attributes of a key in a slot. +/** Retrieve the generic attributes of a key in a slot. * - * This function does not compute attributes that are not directly - * stored in the slot, such as the bit size of a transparent key. + * This function does not retrieve domain parameters, which require + * additional memory management. */ static void psa_get_key_slot_attributes( psa_key_slot_t *slot, psa_key_attributes_t *attributes ) @@ -1157,6 +1157,7 @@ static void psa_get_key_slot_attributes( psa_key_slot_t *slot, attributes->lifetime = slot->lifetime; attributes->policy = slot->policy; attributes->type = slot->type; + attributes->bits = psa_get_key_slot_bits( slot ); } /** Retrieve all the publicly-accessible attributes of a key. @@ -1169,21 +1170,26 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, psa_reset_key_attributes( attributes ); - status = psa_get_transparent_key( handle, &slot, 0, 0 ); + status = psa_get_key_from_slot( handle, &slot, 0, 0 ); if( status != PSA_SUCCESS ) return( status ); psa_get_key_slot_attributes( slot, attributes ); - attributes->bits = psa_get_key_slot_bits( slot ); switch( slot->type ) { #if defined(MBEDTLS_RSA_C) case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* TOnogrepDO: reporting the public exponent for opaque keys + * is not yet implemented. */ + if( psa_get_se_driver( slot->lifetime, NULL, NULL ) ) + break; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_get_rsa_public_exponent( slot->data.rsa, attributes ); break; -#endif +#endif /* MBEDTLS_RSA_C */ default: /* Nothing else to do. */ break; diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index e0b8d29a5..f6b480ff1 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -178,6 +178,41 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, /* Other test helper functions */ /****************************************************************/ +/* Check that the attributes of a key reported by psa_get_key_attributes() + * are consistent with the attributes used when creating the key. */ +static int check_key_attributes( + psa_key_handle_t handle, + const psa_key_attributes_t *reference_attributes ) +{ + int ok = 0; + psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_get_key_attributes( handle, &actual_attributes ) ); + + TEST_EQUAL( psa_get_key_id( &actual_attributes ), + psa_get_key_id( reference_attributes ) ); + TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ), + psa_get_key_lifetime( reference_attributes ) ); + TEST_EQUAL( psa_get_key_type( &actual_attributes ), + psa_get_key_type( reference_attributes ) ); + TEST_EQUAL( psa_get_key_usage_flags( &actual_attributes ), + psa_get_key_usage_flags( reference_attributes ) ); + TEST_EQUAL( psa_get_key_algorithm( &actual_attributes ), + psa_get_key_algorithm( reference_attributes ) ); + TEST_EQUAL( psa_get_key_enrollment_algorithm( &actual_attributes ), + psa_get_key_enrollment_algorithm( reference_attributes ) ); + if( psa_get_key_bits( reference_attributes ) != 0 ) + { + TEST_EQUAL( psa_get_key_bits( &actual_attributes ), + psa_get_key_bits( reference_attributes ) ); + } + + ok = 1; + +exit: + return( ok ); +} + /* Check that a function's return status is "smoke-free", i.e. that * it's an acceptable error code when calling an API function that operates * on a key with potentially bogus parameters. */ @@ -445,6 +480,9 @@ void key_creation_import_export( int min_slot, int restart ) /* Test that the key was created in the expected slot. */ TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA ); + /* Test the key attributes and the key data. */ + if( ! check_key_attributes( handle, &attributes ) ) + goto exit; PSA_ASSERT( psa_export_key( handle, exported, sizeof( exported ), &exported_length ) ); From 1801740a7c82137f637a2ad68384e22a60f826cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 20:25:59 +0200 Subject: [PATCH 1502/2197] SE driver: report the bit size on key import Add a parameter to the key import method of a secure element driver to make it report the key size in bits. This is necessary (otherwise the core has no idea what the bit-size is), and making import report it is easier than adding a separate method (for other key creation methods, this information is an input, not an output). --- include/psa/crypto_se_driver.h | 11 ++++++++--- library/psa_crypto.c | 10 +++++----- .../test_suite_psa_crypto_se_driver_hal.function | 11 ++++++++--- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 9aebc45c1..f95eaeb33 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -833,14 +833,18 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( * * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot where the key will be stored - * This must be a valid slot for a key of the chosen - * type. It must be unoccupied. + * This must be a valid slot for a key of the + * chosen type. It must be unoccupied. * \param[in] lifetime The required lifetime of the key storage * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value) * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value) * \param[in] usage The allowed uses of the key * \param[in] p_data Buffer containing the key data * \param[in] data_length Size of the `data` buffer in bytes + * \param[out] bits On success, the key size in bits. The driver + * must determine this value after parsing the + * key according to the key type. + * This value is not used if the function fails. * * \retval #PSA_SUCCESS * Success. @@ -852,7 +856,8 @@ typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_contex psa_algorithm_t algorithm, psa_key_usage_t usage, const uint8_t *p_data, - size_t data_length); + size_t data_length, + size_t *bits); /** * \brief A function that destroys a secure element key and restore the slot to diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b3a6f8a9a..b2e863e6f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1711,8 +1711,8 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_get_se_driver_context( driver ), slot->data.se.slot_number, slot->lifetime, slot->type, slot->policy.alg, slot->policy.usage, - data, data_length ); - /* TOnogrepDO: psa_check_key_slot_attributes? */ + data, data_length, + &slot->data.se.bits ); } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1720,10 +1720,10 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, status = psa_import_key_into_slot( slot, data, data_length ); if( status != PSA_SUCCESS ) goto exit; - status = psa_check_key_slot_attributes( slot, attributes ); - if( status != PSA_SUCCESS ) - goto exit; } + status = psa_check_key_slot_attributes( slot, attributes ); + if( status != PSA_SUCCESS ) + goto exit; status = psa_finish_key_creation( slot, driver ); exit: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index f6b480ff1..261058258 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -62,7 +62,8 @@ static psa_status_t null_import( psa_drv_se_context_t *context, psa_algorithm_t algorithm, psa_key_usage_t usage, const uint8_t *p_data, - size_t data_length ) + size_t data_length, + size_t *bits ) { (void) context; (void) slot_number; @@ -71,7 +72,9 @@ static psa_status_t null_import( psa_drv_se_context_t *context, (void) algorithm; (void) usage; (void) p_data; - (void) data_length; + /* We're supposed to return a key size. Return one that's correct for + * plain data keys. */ + *bits = PSA_BYTES_TO_BITS( data_length ); return( PSA_SUCCESS ); } @@ -110,7 +113,8 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, psa_algorithm_t algorithm, psa_key_usage_t usage, const uint8_t *p_data, - size_t data_length ) + size_t data_length, + size_t *bits ) { (void) context; DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); @@ -119,6 +123,7 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, ram_slots[slot_number].lifetime = lifetime; ram_slots[slot_number].type = type; ram_slots[slot_number].bits = PSA_BYTES_TO_BITS( data_length ); + *bits = PSA_BYTES_TO_BITS( data_length ); (void) algorithm; (void) usage; memcpy( ram_slots[slot_number].content, p_data, data_length ); From e60d1d08a4c746eba03502c6a178efa20256eb1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 20:27:59 +0200 Subject: [PATCH 1503/2197] SE keys: save the bit size in storage For a key in a secure element, save the bit size alongside the slot number. This is a quick-and-dirty implementation where the storage format depends on sizeof(size_t), which is fragile. This should be replaced by a more robust implementation before going into production. --- library/psa_crypto.c | 32 +++++++++++----------------- library/psa_crypto_slot_management.c | 5 ++--- 2 files changed, 14 insertions(+), 23 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b2e863e6f..875252803 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1538,40 +1538,32 @@ static psa_status_t psa_finish_key_creation( #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - uint8_t *buffer = NULL; - size_t buffer_size = 0; - size_t length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_get_key_slot_attributes( slot, &attributes ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { - buffer = (uint8_t*) &slot->data.se.slot_number; - length = sizeof( slot->data.se.slot_number ); + status = psa_save_persistent_key( &attributes, + (uint8_t*) &slot->data.se, + sizeof( slot->data.se ) ); } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ { - buffer_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, - psa_get_key_slot_bits( slot ) ); - buffer = mbedtls_calloc( 1, buffer_size ); + size_t buffer_size = + PSA_KEY_EXPORT_MAX_SIZE( slot->type, + psa_get_key_bits( &attributes ) ); + uint8_t *buffer = mbedtls_calloc( 1, buffer_size ); + size_t length = 0; if( buffer == NULL && buffer_size != 0 ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); status = psa_internal_export_key( slot, buffer, buffer_size, &length, 0 ); - } + if( status == PSA_SUCCESS ) + status = psa_save_persistent_key( &attributes, buffer, length ); - if( status == PSA_SUCCESS ) - { - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_get_key_slot_attributes( slot, &attributes ); - status = psa_save_persistent_key( &attributes, buffer, length ); - } - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver == NULL ) -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - { if( buffer_size != 0 ) mbedtls_platform_zeroize( buffer, buffer_size ); mbedtls_free( buffer ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6b87ea0b0..e63dcdae6 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -138,13 +138,12 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( psa_key_lifetime_is_external( p_slot->lifetime ) ) { - if( key_data_length != sizeof( p_slot->data.se.slot_number ) ) + if( key_data_length != sizeof( p_slot->data.se ) ) { status = PSA_ERROR_STORAGE_FAILURE; goto exit; } - memcpy( &p_slot->data.se.slot_number, key_data, - sizeof( p_slot->data.se.slot_number ) ); + memcpy( &p_slot->data.se, key_data, sizeof( p_slot->data.se ) ); } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ From fc321f1a5e687d55bcbf63996b69a537d090326e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jul 2019 20:30:14 +0200 Subject: [PATCH 1504/2197] SE keys: test that the bit size is saved and loaded correctly --- tests/suites/test_suite_psa_crypto_se_driver_hal.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 261058258..6ac19a60e 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -486,6 +486,8 @@ void key_creation_import_export( int min_slot, int restart ) TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA ); /* Test the key attributes and the key data. */ + psa_set_key_bits( &attributes, + PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); if( ! check_key_attributes( handle, &attributes ) ) goto exit; PSA_ASSERT( psa_export_key( handle, From b84b6a68c73f1b5e67d7f2addb159f13674d8987 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 11:38:12 +0200 Subject: [PATCH 1505/2197] Add some negative tests for policy checks Add a few test cases to ensure that alg=0 in policy does not allow using the key for an operation. Add a test case to ensure that ANY_HASH does not have a wildcard meaning for HMAC. --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 53f842201..5c12caafd 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -336,6 +336,14 @@ PSA key policy: MAC, wrong algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224) +PSA key policy: MAC, alg=0 in policy +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key policy: MAC, ANY_HASH in policy is not meaningful +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) + PSA key policy: MAC, sign but not verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) @@ -368,6 +376,10 @@ PSA key policy: cipher, neither encrypt nor decrypt depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR +PSA key policy: cipher, alg=0 in policy +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR + PSA key policy: AEAD, encrypt | decrypt depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM @@ -376,6 +388,10 @@ PSA key policy: AEAD, wrong algorithm depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_GCM_C aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM +PSA key policy: AEAD, alg=0 in policy +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_CCM + PSA key policy: AEAD, encrypt but not decrypt depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM @@ -400,6 +416,10 @@ PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +PSA key policy: asymmetric encryption, alg=0 in policy +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT + PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) @@ -444,6 +464,10 @@ PSA key policy: asymmetric signature, wrong hash algorithm depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 +PSA key policy: asymmetric signature, alg=0 in policy +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 + PSA key policy: asymmetric signature, sign but not verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 From 7e0cff90b9bb6ed0295919e79512902dfe51ed79 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 13:48:52 +0200 Subject: [PATCH 1506/2197] Move attribute fields to a substructure Move the "core attributes" to a substructure of psa_key_attribute_t. The motivation is to be able to use the new structure psa_core_key_attributes_t internally. --- include/psa/crypto_extra.h | 4 +- include/psa/crypto_struct.h | 49 ++++++++++++--------- library/psa_crypto.c | 40 ++++++++--------- library/psa_crypto_core.h | 2 +- library/psa_crypto_se.c | 2 +- library/psa_crypto_slot_management.c | 2 +- library/psa_crypto_storage.c | 10 ++--- tests/suites/test_suite_psa_crypto.function | 2 +- 8 files changed, 59 insertions(+), 52 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index b2d4633de..6dfaa1300 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -89,7 +89,7 @@ static inline void psa_set_key_enrollment_algorithm( psa_key_attributes_t *attributes, psa_algorithm_t alg2) { - attributes->policy.alg2 = alg2; + attributes->core.policy.alg2 = alg2; } /** Retrieve the enrollment algorithm policy from key attributes. @@ -101,7 +101,7 @@ static inline void psa_set_key_enrollment_algorithm( static inline psa_algorithm_t psa_get_key_enrollment_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->policy.alg2 ); + return( attributes->core.policy.alg2 ); } /**@}*/ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 0ddc7a3eb..fea59df37 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -309,18 +309,25 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) return( v ); } +typedef struct +{ + psa_key_type_t type; + psa_key_lifetime_t lifetime; + psa_key_id_t id; + psa_key_policy_t policy; + size_t bits; +} psa_core_key_attributes_t; + +#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0} + struct psa_key_attributes_s { - psa_key_id_t id; - psa_key_lifetime_t lifetime; - psa_key_policy_t policy; - psa_key_type_t type; - size_t bits; + psa_core_key_attributes_t core; void *domain_parameters; size_t domain_parameters_size; }; -#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0, 0}, 0, 0, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} static inline struct psa_key_attributes_s psa_key_attributes_init( void ) { const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; @@ -330,53 +337,53 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline void psa_set_key_id(psa_key_attributes_t *attributes, psa_key_id_t id) { - attributes->id = id; - if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE ) - attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT; + attributes->core.id = id; + if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE ) + attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT; } static inline psa_key_id_t psa_get_key_id( const psa_key_attributes_t *attributes) { - return( attributes->id ); + return( attributes->core.id ); } static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { - attributes->lifetime = lifetime; + attributes->core.lifetime = lifetime; if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) - attributes->id = 0; + attributes->core.id = 0; } static inline psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes) { - return( attributes->lifetime ); + return( attributes->core.lifetime ); } static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags) { - attributes->policy.usage = usage_flags; + attributes->core.policy.usage = usage_flags; } static inline psa_key_usage_t psa_get_key_usage_flags( const psa_key_attributes_t *attributes) { - return( attributes->policy.usage ); + return( attributes->core.policy.usage ); } static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, psa_algorithm_t alg) { - attributes->policy.alg = alg; + attributes->core.policy.alg = alg; } static inline psa_algorithm_t psa_get_key_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->policy.alg ); + return( attributes->core.policy.alg ); } /* This function is declared in crypto_extra.h, which comes after this @@ -392,7 +399,7 @@ static inline void psa_set_key_type(psa_key_attributes_t *attributes, if( attributes->domain_parameters == NULL ) { /* Common case: quick path */ - attributes->type = type; + attributes->core.type = type; } else { @@ -407,19 +414,19 @@ static inline void psa_set_key_type(psa_key_attributes_t *attributes, static inline psa_key_type_t psa_get_key_type( const psa_key_attributes_t *attributes) { - return( attributes->type ); + return( attributes->core.type ); } static inline void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits) { - attributes->bits = bits; + attributes->core.bits = bits; } static inline size_t psa_get_key_bits( const psa_key_attributes_t *attributes) { - return( attributes->bits ); + return( attributes->core.bits ); } #endif /* PSA_CRYPTO_STRUCT_H */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 875252803..4721f6bfe 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1086,7 +1086,7 @@ psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, attributes->domain_parameters = copy; attributes->domain_parameters_size = data_length; - attributes->type = type; + attributes->core.type = type; return( PSA_SUCCESS ); } @@ -1153,11 +1153,11 @@ exit: static void psa_get_key_slot_attributes( psa_key_slot_t *slot, psa_key_attributes_t *attributes ) { - attributes->id = slot->persistent_storage_id; - attributes->lifetime = slot->lifetime; - attributes->policy = slot->policy; - attributes->type = slot->type; - attributes->bits = psa_get_key_slot_bits( slot ); + attributes->core.id = slot->persistent_storage_id; + attributes->core.lifetime = slot->lifetime; + attributes->core.policy = slot->policy; + attributes->core.type = slot->type; + attributes->core.bits = psa_get_key_slot_bits( slot ); } /** Retrieve all the publicly-accessible attributes of a key. @@ -1454,21 +1454,21 @@ static psa_status_t psa_start_key_creation( return( status ); slot = *p_slot; - status = psa_set_key_policy_internal( slot, &attributes->policy ); + status = psa_set_key_policy_internal( slot, &attributes->core.policy ); if( status != PSA_SUCCESS ) return( status ); - slot->lifetime = attributes->lifetime; + slot->lifetime = attributes->core.lifetime; - if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - status = psa_validate_persistent_key_parameters( attributes->lifetime, - attributes->id, + status = psa_validate_persistent_key_parameters( attributes->core.lifetime, + attributes->core.id, p_drv, 1 ); if( status != PSA_SUCCESS ) return( status ); - slot->persistent_storage_id = attributes->id; + slot->persistent_storage_id = attributes->core.id; } - slot->type = attributes->type; + slot->type = attributes->core.type; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: @@ -1628,9 +1628,9 @@ static psa_status_t psa_check_key_slot_attributes( const psa_key_slot_t *slot, const psa_key_attributes_t *attributes ) { - if( attributes->type != 0 ) + if( attributes->core.type != 0 ) { - if( attributes->type != slot->type ) + if( attributes->core.type != slot->type ) return( PSA_ERROR_INVALID_ARGUMENT ); } @@ -1667,9 +1667,9 @@ static psa_status_t psa_check_key_slot_attributes( } } - if( attributes->bits != 0 ) + if( attributes->core.bits != 0 ) { - if( attributes->bits != psa_get_key_slot_bits( slot ) ) + if( attributes->core.bits != psa_get_key_slot_bits( slot ) ) return( PSA_ERROR_INVALID_ARGUMENT ); } @@ -1772,7 +1772,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) goto exit; - status = psa_restrict_key_policy( &actual_attributes.policy, + status = psa_restrict_key_policy( &actual_attributes.core.policy, &source_slot->policy ); if( status != PSA_SUCCESS ) goto exit; @@ -4706,7 +4706,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut if( status == PSA_SUCCESS ) { status = psa_generate_derived_key_internal( slot, - attributes->bits, + attributes->core.bits, operation ); } if( status == PSA_SUCCESS ) @@ -5744,7 +5744,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, if( status == PSA_SUCCESS ) { status = psa_generate_key_internal( - slot, attributes->bits, + slot, attributes->core.bits, attributes->domain_parameters, attributes->domain_parameters_size ); } if( status == PSA_SUCCESS ) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 86584907c..d335b758e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -40,9 +40,9 @@ typedef struct { psa_key_type_t type; - psa_key_policy_t policy; psa_key_lifetime_t lifetime; psa_key_file_id_t persistent_storage_id; + psa_key_policy_t policy; unsigned allocated : 1; union { diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index aece47d01..58b0f3807 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -198,7 +198,7 @@ psa_status_t psa_find_se_slot_for_key( psa_drv_se_allocate_key_t p_allocate = NULL; /* If the lifetime is wrong, it's a bug in the library. */ - if( driver->lifetime != attributes->lifetime ) + if( driver->lifetime != psa_get_key_lifetime( attributes ) ) return( PSA_ERROR_CORRUPTION_DETECTED ); /* If the driver doesn't support key creation in any way, give up now. */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index e63dcdae6..6add6b860 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -133,7 +133,7 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) goto exit; p_slot->lifetime = psa_get_key_lifetime( &attributes ); p_slot->type = psa_get_key_type( &attributes ); - p_slot->policy = attributes.policy; + p_slot->policy = attributes.core.policy; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( psa_key_lifetime_is_external( p_slot->lifetime ) ) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index b8569beb8..4113fb7e1 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -328,11 +328,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE( attributes->lifetime, storage_format->lifetime, 0 ); - GET_UINT32_LE( attributes->type, storage_format->type, 0 ); - GET_UINT32_LE( attributes->policy.usage, storage_format->policy, 0 ); - GET_UINT32_LE( attributes->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - GET_UINT32_LE( attributes->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + GET_UINT32_LE( attributes->core.lifetime, storage_format->lifetime, 0 ); + GET_UINT32_LE( attributes->core.type, storage_format->type, 0 ); + GET_UINT32_LE( attributes->core.policy.usage, storage_format->policy, 0 ); + GET_UINT32_LE( attributes->core.policy.alg, storage_format->policy, sizeof( uint32_t ) ); + GET_UINT32_LE( attributes->core.policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1d06d62e7..887ff84d1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1225,7 +1225,7 @@ void import( data_t *data, int type_arg, PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); if( attr_bits != 0 ) - TEST_EQUAL( attr_bits, got_attributes.bits ); + TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) ); PSA_ASSERT( psa_destroy_key( handle ) ); test_operations_on_invalid_handle( handle ); From c744d99386adda801ea879814e47a08f73a94cc0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 17:26:54 +0200 Subject: [PATCH 1507/2197] Limit keys to 65528 bits 65528 bits is more than any reasonable key until we start supporting post-quantum cryptography. This limit is chosen to allow bit-sizes to be stored in 16 bits, with 65535 left to indicate an invalid value. It's a whole number of bytes, which facilitates some calculations, in particular allowing a key of exactly PSA_CRYPTO_MAX_STORAGE_SIZE to be created but not one bit more. As a resource usage limit, this is arguably too large, but that's out of scope of the current commit. Test that key import, generation and derivation reject overly large sizes. --- include/psa/crypto_struct.h | 6 ++ library/psa_crypto.c | 16 ++- library/psa_crypto_storage.h | 11 +- tests/suites/test_suite_psa_crypto.data | 26 +++++ tests/suites/test_suite_psa_crypto.function | 102 +++++++++++++++++- .../test_suite_psa_crypto_persistent_key.data | 4 +- ...t_suite_psa_crypto_persistent_key.function | 7 +- 7 files changed, 158 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index fea59df37..b37b0b5cc 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -309,6 +309,12 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) return( v ); } +/* The maximum size of a key in bits. + * This is a whole number of bytes, to facilitate some calculations + * such as the maximum size of key data in storage. + */ +#define PSA_MAX_KEY_BITS 0xfff8 + typedef struct { psa_key_type_t type; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4721f6bfe..4c93dd0ad 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -706,11 +706,14 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, if( key_type_is_raw_bytes( slot->type ) ) { - /* Ensure that a bytes-to-bit conversion won't overflow. */ + size_t bit_size = PSA_BYTES_TO_BITS( data_length ); + /* Ensure that the bytes-to-bit conversion doesn't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); - status = prepare_raw_data_slot( slot->type, - PSA_BYTES_TO_BITS( data_length ), + /* Ensure that the key is not overly large. */ + if( bit_size > PSA_MAX_KEY_BITS ) + return( PSA_ERROR_NOT_SUPPORTED ); + status = prepare_raw_data_slot( slot->type, bit_size, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); @@ -1470,6 +1473,13 @@ static psa_status_t psa_start_key_creation( } slot->type = attributes->core.type; + /* Refuse to create overly large keys. + * Note that this doesn't trigger on import if the attributes don't + * explicitly specify a size (so psa_get_key_bits returns 0), so + * psa_import_key() needs its own checks. */ + if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) + return( PSA_ERROR_NOT_SUPPORTED ); + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: * create the key file in internal storage, create the diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 8fe20ac32..938cc4f89 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -35,9 +35,14 @@ extern "C" { #include #include -/* Limit the maximum key size to 30kB (just in case someone tries to - * inadvertently store an obscene amount of data) */ -#define PSA_CRYPTO_MAX_STORAGE_SIZE ( 30 * 1024 ) +/* Limit the maximum key size in storage. This should have no effect + * since the key size is limited in memory. */ +#define PSA_CRYPTO_MAX_STORAGE_SIZE ( PSA_BITS_TO_BYTES( PSA_MAX_KEY_BITS ) ) +/* Sanity check: a file size must fit in 32 bits. Allow a generous + * 64kB of metadata. */ +#if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 +#error PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 +#endif /** The maximum permitted persistent slot number. * diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 53f842201..a0e7f7a90 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -314,6 +314,14 @@ PSA import AES: bits=128 wrong depends_on:MBEDTLS_AES_C import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT +PSA import large key: raw, 65528 bits (ok) +depends_on:HAVE_RAM_AVAILABLE_128k +import_large_key:PSA_KEY_TYPE_RAW_DATA:8191:PSA_SUCCESS + +PSA import large key: raw, 65536 bits (not supported) +depends_on:HAVE_RAM_AVAILABLE_128k +import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED + PSA import RSA key pair: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED @@ -2075,6 +2083,17 @@ PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 +# This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes +# and not expected to be raised any time soon) is less than the maximum +# output from HKDF-SHA512 (255*64 = 16320 bytes). +PSA key derivation: largest possible key +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_large_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_MAX_KEY_BITS:PSA_SUCCESS + +PSA key derivation: key too large +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_large_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED + PSA key agreement setup: ECDH + HKDF-SHA-256: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS @@ -2188,6 +2207,13 @@ generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_AR PSA generate key: raw data, 8 bits generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS +PSA generate key: raw data, 65528 bits (ok) +depends_on:HAVE_RAM_AVAILABLE_128k +generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS + +PSA generate key: raw data, 65536 bits (not supported) +generate_key:PSA_KEY_TYPE_RAW_DATA:65536:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED + PSA generate key: AES, 128 bits, CTR depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 887ff84d1..8ed7a7d5c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -7,6 +7,13 @@ #include "psa_crypto_helpers.h" +/* Tests that require more than 128kB of RAM plus change have this symbol + * as a dependency. Currently we always define this symbol, so the tests + * are always executed. In the future we should make this conditional + * so that tests that require a lot of memory are skipped on constrained + * platforms. */ +#define HAVE_RAM_AVAILABLE_128k + /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -556,7 +563,8 @@ static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation, TEST_ASSERT( ! "Key derivation algorithm not supported" ); } - PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) ); + if( capacity != SIZE_MAX ) + PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) ); return( 1 ); @@ -1237,6 +1245,54 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void import_large_key( int type_arg, int byte_size_arg, + int expected_status_arg ) +{ + psa_key_type_t type = type_arg; + size_t byte_size = byte_size_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t expected_status = expected_status_arg; + psa_key_handle_t handle = 0; + psa_status_t status; + uint8_t *buffer = NULL; + size_t buffer_size = byte_size + 1; + size_t n; + + /* It would be better to skip the test than fail it if the allocation + * fails, but the test framework doesn't support this yet. */ + ASSERT_ALLOC( buffer, buffer_size ); + memset( buffer, 'K', byte_size ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Try importing the key */ + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, type ); + status = psa_import_key( &attributes, buffer, byte_size, &handle ); + TEST_EQUAL( status, expected_status ); + + if( status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), + PSA_BYTES_TO_BITS( byte_size ) ); + memset( buffer, 0, byte_size + 1 ); + PSA_ASSERT( psa_export_key( handle, buffer, byte_size, &n ) ); + for( n = 0; n < byte_size; n++ ) + TEST_EQUAL( buffer[n], 'K' ); + for( n = byte_size; n < buffer_size; n++ ) + TEST_EQUAL( buffer[n], 0 ); + } + +exit: + psa_destroy_key( handle ); + PSA_DONE( ); + mbedtls_free( buffer ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) { @@ -4563,6 +4619,50 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void derive_large_key( int alg_arg, + data_t *key_data, data_t *input1, data_t *input2, + int bits_arg, + int expected_status_arg ) +{ + psa_key_handle_t base_handle = 0; + psa_key_handle_t derived_handle = 0; + psa_algorithm_t alg = alg_arg; + size_t bits = bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); + psa_set_key_algorithm( &base_attributes, alg ); + psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); + PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, + &base_handle ) ); + + if( !setup_key_derivation_wrap( &operation, base_handle, alg, + input1->x, input1->len, + input2->x, input2->len, SIZE_MAX ) ) + goto exit; + + psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &derived_attributes, 0 ); + psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_bits( &derived_attributes, bits ); + TEST_EQUAL( psa_key_derivation_output_key( &derived_attributes, &operation, + &derived_handle ), + expected_status ); + +exit: + psa_key_derivation_abort( &operation ); + psa_destroy_key( base_handle ); + psa_destroy_key( derived_handle ); + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_agreement_setup( int alg_arg, int our_key_type_arg, data_t *our_key_data, diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 925c0f54a..3f40d35c7 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -19,10 +19,10 @@ parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY # Not specific to files, but only run this test in an environment where the maximum size could be reached. Save maximum size persistent raw key depends_on:MBEDTLS_PSA_ITS_FILE_C -save_large_persistent_key:0:PSA_SUCCESS +save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE:PSA_SUCCESS Save larger than maximum size persistent raw key, should fail -save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE +save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED Persistent key destroy depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index b76c7330a..61f7f886a 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -96,17 +96,14 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void save_large_persistent_key( int data_too_large, int expected_status ) +void save_large_persistent_key( int data_length_arg, int expected_status ) { psa_key_id_t key_id = 42; psa_key_handle_t handle = 0; uint8_t *data = NULL; - size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE; + size_t data_length = data_length_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if( data_too_large ) - data_length += 1; - ASSERT_ALLOC( data, data_length ); PSA_ASSERT( psa_crypto_init() ); From 68cc433b5b1e03a066af0088ffdd728909ddd45c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 17:42:47 +0200 Subject: [PATCH 1508/2197] Store key sizes in 16 bits in attributes This is larger than the maximum key size introduced in the previous commit, by design. Make some room for flags (not used yet). --- include/psa/crypto_struct.h | 23 +++++++++++++++++------ library/psa_crypto.c | 2 +- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b37b0b5cc..453c83565 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -309,10 +309,17 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) return( v ); } +/* The type used internally for key sizes. + * Public interfaces use size_t, but internally we use a smaller type. */ +typedef uint16_t psa_key_bits_t; +/* The maximum value of the type used to represent bit-sizes. + * This is used to mark an invalid key size. */ +#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) /* The maximum size of a key in bits. - * This is a whole number of bytes, to facilitate some calculations - * such as the maximum size of key data in storage. - */ + * Currently defined as the maximum that can be represented, rounded down + * to a whole number of bytes. + * This is an uncast value so that it can be used in preprocessor + * conditionals. */ #define PSA_MAX_KEY_BITS 0xfff8 typedef struct @@ -321,10 +328,11 @@ typedef struct psa_key_lifetime_t lifetime; psa_key_id_t id; psa_key_policy_t policy; - size_t bits; + psa_key_bits_t bits; + uint16_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0, 0} struct psa_key_attributes_s { @@ -426,7 +434,10 @@ static inline psa_key_type_t psa_get_key_type( static inline void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits) { - attributes->core.bits = bits; + if( bits > PSA_MAX_KEY_BITS ) + attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; + else + attributes->core.bits = (psa_key_bits_t) bits; } static inline size_t psa_get_key_bits( diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4c93dd0ad..1b2fa209e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -710,7 +710,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, /* Ensure that the bytes-to-bit conversion doesn't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); - /* Ensure that the key is not overly large. */ + /* Ensure that the bit size fits in its representation type. */ if( bit_size > PSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); status = prepare_raw_data_slot( slot->type, bit_size, From 8e3387029d292f18b473d5d6cc242a1f99b0f152 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 20:06:31 +0200 Subject: [PATCH 1509/2197] Use psa_core_key_attributes_t in key slots in memory Change the type of key slots in memory to use psa_core_key_attributes_t rather than separate fields. The goal is to simplify some parts of the code. This commit only does the mechanical replacement, not the substitution. The bit-field `allocate` is now a flag `PSA_KEY_SLOT_FLAG_ALLOCATED` in the `flags` field. Write accessor functions for flags. Key slots now contain a bit size field which is currently unused. Subsequent commits will make use of it. --- library/psa_crypto.c | 163 ++++++++++++++------------- library/psa_crypto_core.h | 60 +++++++++- library/psa_crypto_slot_management.c | 37 +++--- 3 files changed, 156 insertions(+), 104 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1b2fa209e..1646ae584 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -366,7 +366,7 @@ static psa_status_t mbedtls_to_psa_error( int ret ) #if defined(MBEDTLS_PSA_CRYPTO_SE_C) static inline int psa_key_slot_is_external( const psa_key_slot_t *slot ) { - return( psa_key_lifetime_is_external( slot->lifetime ) ); + return( psa_key_lifetime_is_external( slot->attr.lifetime ) ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -695,7 +695,7 @@ exit: } #endif /* defined(MBEDTLS_ECP_C) */ -/** Import key data into a slot. `slot->type` must have been set +/** Import key data into a slot. `slot->attr.type` must have been set * previously. This function assumes that the slot does not contain * any key material yet. On failure, the slot content is unchanged. */ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, @@ -704,7 +704,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, { psa_status_t status = PSA_SUCCESS; - if( key_type_is_raw_bytes( slot->type ) ) + if( key_type_is_raw_bytes( slot->attr.type ) ) { size_t bit_size = PSA_BYTES_TO_BITS( data_length ); /* Ensure that the bytes-to-bit conversion doesn't overflow. */ @@ -713,7 +713,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, /* Ensure that the bit size fits in its representation type. */ if( bit_size > PSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); - status = prepare_raw_data_slot( slot->type, bit_size, + status = prepare_raw_data_slot( slot->attr.type, bit_size, &slot->data.raw ); if( status != PSA_SUCCESS ) return( status ); @@ -722,25 +722,25 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, } else #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->type ) ) + if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->attr.type ) ) { - status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ), + status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->attr.type ), data, data_length, &slot->data.ecp ); } - else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->type ) ) + else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->attr.type ) ) { status = psa_import_ec_public_key( - PSA_KEY_TYPE_GET_CURVE( slot->type ), + PSA_KEY_TYPE_GET_CURVE( slot->attr.type ), data, data_length, &slot->data.ecp ); } else #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { - status = psa_import_rsa_key( slot->type, + status = psa_import_rsa_key( slot->attr.type, data, data_length, &slot->data.rsa ); } @@ -854,20 +854,20 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); - if( slot->type == PSA_KEY_TYPE_NONE ) + if( slot->attr.type == PSA_KEY_TYPE_NONE ) return( PSA_ERROR_DOES_NOT_EXIST ); /* Enforce that usage policy for the key slot contains all the flags * required by the usage parameter. There is one exception: public * keys can always be exported, so we treat public key objects as * if they had the export flag. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) + if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ) usage &= ~PSA_KEY_USAGE_EXPORT; - if( ( slot->policy.usage & usage ) != usage ) + if( ( slot->attr.policy.usage & usage ) != usage ) return( PSA_ERROR_NOT_PERMITTED ); /* Enforce that the usage policy permits the requested algortihm. */ - if( alg != 0 && ! psa_key_policy_permits( &slot->policy, alg ) ) + if( alg != 0 && ! psa_key_policy_permits( &slot->attr.policy, alg ) ) return( PSA_ERROR_NOT_PERMITTED ); *p_slot = slot; @@ -914,17 +914,17 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( slot->type == PSA_KEY_TYPE_NONE ) + if( slot->attr.type == PSA_KEY_TYPE_NONE ) { /* No key material to clean. */ } - else if( key_type_is_raw_bytes( slot->type ) ) + else if( key_type_is_raw_bytes( slot->attr.type ) ) { mbedtls_free( slot->data.raw.data ); } else #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_rsa_free( slot->data.rsa ); mbedtls_free( slot->data.rsa ); @@ -932,7 +932,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) else #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) { mbedtls_ecp_keypair_free( slot->data.ecp ); mbedtls_free( slot->data.ecp ); @@ -981,7 +981,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) return( status ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - driver = psa_get_se_driver_entry( slot->lifetime ); + driver = psa_get_se_driver_entry( slot->attr.lifetime ); if( driver != NULL ) { /* For a key in a secure element, we need to do three things: @@ -990,9 +990,9 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) * persistent data. Start a transaction that will encompass these * three actions. */ psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY ); - psa_crypto_transaction.key.lifetime = slot->lifetime; + psa_crypto_transaction.key.lifetime = slot->attr.lifetime; psa_crypto_transaction.key.slot = slot->data.se.slot_number; - psa_crypto_transaction.key.id = slot->persistent_storage_id; + psa_crypto_transaction.key.id = slot->attr.id; status = psa_crypto_save_transaction( ); if( status != PSA_SUCCESS ) { @@ -1006,10 +1006,10 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { storage_status = - psa_destroy_persistent_key( slot->persistent_storage_id ); + psa_destroy_persistent_key( slot->attr.id ); } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ @@ -1039,18 +1039,18 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver( slot->lifetime, NULL, NULL ) ) + if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) ) return( slot->data.se.bits ); #endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ - if( key_type_is_raw_bytes( slot->type ) ) + if( key_type_is_raw_bytes( slot->attr.type ) ) return( slot->data.raw.bytes * 8 ); #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) ); #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) return( slot->data.ecp->grp.pbits ); #endif /* defined(MBEDTLS_ECP_C) */ /* Shouldn't happen except on an empty slot. */ @@ -1156,10 +1156,10 @@ exit: static void psa_get_key_slot_attributes( psa_key_slot_t *slot, psa_key_attributes_t *attributes ) { - attributes->core.id = slot->persistent_storage_id; - attributes->core.lifetime = slot->lifetime; - attributes->core.policy = slot->policy; - attributes->core.type = slot->type; + attributes->core.id = slot->attr.id; + attributes->core.lifetime = slot->attr.lifetime; + attributes->core.policy = slot->attr.policy; + attributes->core.type = slot->attr.type; attributes->core.bits = psa_get_key_slot_bits( slot ); } @@ -1179,7 +1179,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, psa_get_key_slot_attributes( slot, attributes ); - switch( slot->type ) + switch( slot->attr.type ) { #if defined(MBEDTLS_RSA_C) case PSA_KEY_TYPE_RSA_KEY_PAIR: @@ -1187,7 +1187,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* TOnogrepDO: reporting the public exponent for opaque keys * is not yet implemented. */ - if( psa_get_se_driver( slot->lifetime, NULL, NULL ) ) + if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) ) break; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_get_rsa_public_exponent( slot->data.rsa, attributes ); @@ -1232,11 +1232,11 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, *data_length = 0; - if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) + if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver( slot->lifetime, &drv, &drv_context ) ) + if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) ) { psa_drv_se_export_key_t method; if( drv->key_management == NULL ) @@ -1252,7 +1252,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( key_type_is_raw_bytes( slot->type ) ) + if( key_type_is_raw_bytes( slot->attr.type ) ) { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -1266,7 +1266,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, return( PSA_SUCCESS ); } #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->type ) && !export_public_key ) + if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->attr.type ) && !export_public_key ) { psa_status_t status; @@ -1285,12 +1285,12 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, else { #if defined(MBEDTLS_PK_WRITE_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) || - PSA_KEY_TYPE_IS_ECC( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) || + PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) { mbedtls_pk_context pk; int ret; - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { #if defined(MBEDTLS_RSA_C) mbedtls_pk_init( &pk ); @@ -1310,7 +1310,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, return( PSA_ERROR_NOT_SUPPORTED ); #endif } - if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) + if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ) { ret = pk_write_pubkey_simple( &pk, data, data_size ); } @@ -1412,7 +1412,7 @@ static psa_status_t psa_set_key_policy_internal( PSA_KEY_USAGE_DERIVE ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - slot->policy = *policy; + slot->attr.policy = *policy; return( PSA_SUCCESS ); } @@ -1460,7 +1460,7 @@ static psa_status_t psa_start_key_creation( status = psa_set_key_policy_internal( slot, &attributes->core.policy ); if( status != PSA_SUCCESS ) return( status ); - slot->lifetime = attributes->core.lifetime; + slot->attr.lifetime = attributes->core.lifetime; if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { @@ -1469,9 +1469,9 @@ static psa_status_t psa_start_key_creation( p_drv, 1 ); if( status != PSA_SUCCESS ) return( status ); - slot->persistent_storage_id = attributes->core.id; + slot->attr.id = attributes->core.id; } - slot->type = attributes->core.type; + slot->attr.type = attributes->core.type; /* Refuse to create overly large keys. * Note that this doesn't trigger on import if the attributes don't @@ -1501,9 +1501,9 @@ static psa_status_t psa_start_key_creation( if( status != PSA_SUCCESS ) return( status ); psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY ); - psa_crypto_transaction.key.lifetime = slot->lifetime; + psa_crypto_transaction.key.lifetime = slot->attr.lifetime; psa_crypto_transaction.key.slot = slot->data.se.slot_number; - psa_crypto_transaction.key.id = slot->persistent_storage_id; + psa_crypto_transaction.key.id = slot->attr.id; status = psa_crypto_save_transaction( ); if( status != PSA_SUCCESS ) { @@ -1546,7 +1546,7 @@ static psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE ) + if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_get_key_slot_attributes( slot, &attributes ); @@ -1562,7 +1562,7 @@ static psa_status_t psa_finish_key_creation( #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ { size_t buffer_size = - PSA_KEY_EXPORT_MAX_SIZE( slot->type, + PSA_KEY_EXPORT_MAX_SIZE( slot->attr.type, psa_get_key_bits( &attributes ) ); uint8_t *buffer = mbedtls_calloc( 1, buffer_size ); size_t length = 0; @@ -1587,7 +1587,7 @@ static psa_status_t psa_finish_key_creation( status = psa_save_se_persistent_data( driver ); if( status != PSA_SUCCESS ) { - psa_destroy_persistent_key( slot->persistent_storage_id ); + psa_destroy_persistent_key( slot->attr.id ); return( status ); } status = psa_crypto_stop_transaction( ); @@ -1640,14 +1640,14 @@ static psa_status_t psa_check_key_slot_attributes( { if( attributes->core.type != 0 ) { - if( attributes->core.type != slot->type ) + if( attributes->core.type != slot->attr.type ) return( PSA_ERROR_INVALID_ARGUMENT ); } if( attributes->domain_parameters_size != 0 ) { #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_mpi actual, required; int ret; @@ -1712,7 +1712,8 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, status = drv->key_management->p_import( psa_get_se_driver_context( driver ), slot->data.se.slot_number, - slot->lifetime, slot->type, slot->policy.alg, slot->policy.usage, + slot->attr.lifetime, slot->attr.type, + slot->attr.policy.alg, slot->attr.policy.usage, data, data_length, &slot->data.se.bits ); } @@ -1745,7 +1746,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, size_t buffer_size = 0; size_t length; - buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->type, + buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->attr.type, psa_get_key_slot_bits( source ) ); buffer = mbedtls_calloc( 1, buffer_size ); if( buffer == NULL && buffer_size != 0 ) @@ -1753,7 +1754,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) goto exit; - target->type = source->type; + target->attr.type = source->attr.type; status = psa_import_key_into_slot( target, buffer, length ); exit: @@ -1783,7 +1784,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, goto exit; status = psa_restrict_key_policy( &actual_attributes.core.policy, - &source_slot->policy ); + &source_slot->attr.policy ); if( status != PSA_SUCCESS ) goto exit; @@ -2573,7 +2574,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, { const mbedtls_cipher_info_t *cipher_info = mbedtls_cipher_info_from_psa( full_length_alg, - slot->type, key_bits, NULL ); + slot->attr.type, key_bits, NULL ); int ret; if( cipher_info == NULL ) { @@ -2605,7 +2606,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, goto exit; } - if( slot->type != PSA_KEY_TYPE_HMAC ) + if( slot->attr.type != PSA_KEY_TYPE_HMAC ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; @@ -3145,14 +3146,14 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEY_PAIR ) + if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { status = psa_rsa_sign( slot->data.rsa, alg, @@ -3163,7 +3164,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, else #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) { #if defined(MBEDTLS_ECDSA_C) if( @@ -3220,7 +3221,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, return( status ); #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { return( psa_rsa_verify( slot->data.rsa, alg, @@ -3230,7 +3231,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, else #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) + if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) { #if defined(MBEDTLS_ECDSA_C) if( PSA_ALG_IS_ECDSA( alg ) ) @@ -3288,12 +3289,12 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || - PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) ) + if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) || + PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->type ) ) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; @@ -3368,11 +3369,11 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->type ) ) + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C) - if( slot->type == PSA_KEY_TYPE_RSA_KEY_PAIR ) + if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa = slot->data.rsa; int ret; @@ -3479,7 +3480,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, goto exit; key_bits = psa_get_key_slot_bits( slot ); - cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL ); + cipher_info = mbedtls_cipher_info_from_psa( alg, slot->attr.type, key_bits, NULL ); if( cipher_info == NULL ) { status = PSA_ERROR_NOT_SUPPORTED; @@ -3491,7 +3492,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, goto exit; #if defined(MBEDTLS_DES_C) - if( slot->type == PSA_KEY_TYPE_DES && key_bits == 128 ) + if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 ) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ uint8_t keys[24]; @@ -3533,10 +3534,10 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, operation->key_set = 1; operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : - PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) ); + PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type ) ); if( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG ) { - operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ); + operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type ); } #if defined(MBEDTLS_CHACHA20_C) else @@ -3818,7 +3819,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, key_bits = psa_get_key_slot_bits( operation->slot ); operation->cipher_info = - mbedtls_cipher_info_from_psa( alg, operation->slot->type, key_bits, + mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits, &cipher_id ); if( operation->cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); @@ -3832,7 +3833,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. * The call to mbedtls_ccm_encrypt_and_tag or * mbedtls_ccm_auth_decrypt will validate the tag length. */ - if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_ccm_init( &operation->ctx.ccm ); status = mbedtls_to_psa_error( @@ -3851,7 +3852,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. * The call to mbedtls_gcm_crypt_and_tag or * mbedtls_gcm_auth_decrypt will validate the tag length. */ - if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 ) + if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 ) return( PSA_ERROR_INVALID_ARGUMENT ); mbedtls_gcm_init( &operation->ctx.gcm ); status = mbedtls_to_psa_error( @@ -4676,7 +4677,7 @@ static psa_status_t psa_generate_derived_key_internal( size_t bytes = PSA_BITS_TO_BYTES( bits ); psa_status_t status; - if( ! key_type_is_raw_bytes( slot->type ) ) + if( ! key_type_is_raw_bytes( slot->attr.type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( bits % 8 != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -4688,7 +4689,7 @@ static psa_status_t psa_generate_derived_key_internal( if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) - if( slot->type == PSA_KEY_TYPE_DES ) + if( slot->attr.type == PSA_KEY_TYPE_DES ) psa_des_set_key_parity( data, bytes ); #endif /* MBEDTLS_DES_C */ status = psa_import_key_into_slot( slot, data, bytes ); @@ -4997,7 +4998,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); - if( slot->type != PSA_KEY_TYPE_DERIVE ) + if( slot->attr.type != PSA_KEY_TYPE_DERIVE ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_key_derivation_internal( operation, @@ -5372,7 +5373,7 @@ psa_status_t psa_key_derivation_input_key( operation->alg ); if( status != PSA_SUCCESS ) return( status ); - if( slot->type != PSA_KEY_TYPE_DERIVE ) + if( slot->attr.type != PSA_KEY_TYPE_DERIVE ) return( PSA_ERROR_INVALID_ARGUMENT ); /* Don't allow a key to be used as an input that is usually public. * This is debatable. It's ok from a cryptographic perspective to @@ -5452,7 +5453,7 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, { #if defined(MBEDTLS_ECDH_C) case PSA_ALG_ECDH: - if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->type ) ) + if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->attr.type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); return( psa_key_agreement_ecdh( peer_key, peer_key_length, private_key->data.ecp, @@ -5635,7 +5636,7 @@ static psa_status_t psa_generate_key_internal( psa_key_slot_t *slot, size_t bits, const uint8_t *domain_parameters, size_t domain_parameters_size ) { - psa_key_type_t type = slot->type; + psa_key_type_t type = slot->attr.type; if( domain_parameters == NULL && domain_parameters_size != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index d335b758e..88a328983 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -39,11 +39,7 @@ */ typedef struct { - psa_key_type_t type; - psa_key_lifetime_t lifetime; - psa_key_file_id_t persistent_storage_id; - psa_key_policy_t policy; - unsigned allocated : 1; + psa_core_key_attributes_t attr; union { /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */ @@ -69,6 +65,60 @@ typedef struct } data; } psa_key_slot_t; +/** Flag for psa_key_slot_t::attr::core::flags indicating that the + * slot is in use. */ +#define PSA_KEY_SLOT_FLAG_ALLOCATED ( (uint16_t) 0x0001 ) + +/** Retrieve flags from psa_key_slot_t::attr::core::flags. + * + * \param[in] slot The key slot to query. + * \param mask The mask of bits to extract. + * + * \return The key attribute flags in the given slot, + * bitwise-anded with \p mask. + */ +static inline uint16_t psa_key_slot_get_flags( const psa_key_slot_t *slot, + uint16_t mask ) +{ + return( slot->attr.flags & mask ); +} + +/** Set flags in psa_key_slot_t::attr::core::flags. + * + * \param[in,out] slot The key slot to modify. + * \param mask The mask of bits to modify. + * \param value The new value of the selected bits. + */ +static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, + uint16_t mask, + uint16_t value ) +{ + slot->attr.flags = ( ( ~mask & slot->attr.flags ) | + ( mask & value ) ); +} + +/** Turn on flags in psa_key_slot_t::attr::core::flags. + * + * \param[in,out] slot The key slot to modify. + * \param mask The mask of bits to set. + */ +static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, + uint16_t mask ) +{ + slot->attr.flags |= mask; +} + +/** Turn off flags in psa_key_slot_t::attr::core::flags. + * + * \param[in,out] slot The key slot to modify. + * \param mask The mask of bits to clear. + */ +static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, + uint16_t mask ) +{ + slot->attr.flags &= ~mask; +} + /** Completely wipe a slot in memory, including its policy. * * Persistent storage is not affected. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 6add6b860..bfa7baaa5 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -72,7 +72,7 @@ psa_status_t psa_get_key_slot( psa_key_handle_t handle, slot = &global_data.key_slots[handle - 1]; /* If the slot hasn't been allocated, the handle is invalid. */ - if( ! slot->allocated ) + if( ! psa_key_slot_get_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED ) ) return( PSA_ERROR_INVALID_HANDLE ); *p_slot = slot; @@ -108,9 +108,10 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) { *p_slot = &global_data.key_slots[*handle - 1]; - if( ! ( *p_slot )->allocated ) + if( ! psa_key_slot_get_flags( *p_slot, PSA_KEY_SLOT_FLAG_ALLOCATED ) ) { - ( *p_slot )->allocated = 1; + psa_key_slot_set_bits_in_flags( *p_slot, + PSA_KEY_SLOT_FLAG_ALLOCATED ); return( PSA_SUCCESS ); } } @@ -126,17 +127,17 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) size_t key_data_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_id( &attributes, p_slot->persistent_storage_id ); + psa_set_key_id( &attributes, p_slot->attr.id ); status = psa_load_persistent_key( &attributes, &key_data, &key_data_length ); if( status != PSA_SUCCESS ) goto exit; - p_slot->lifetime = psa_get_key_lifetime( &attributes ); - p_slot->type = psa_get_key_type( &attributes ); - p_slot->policy = attributes.core.policy; + p_slot->attr.lifetime = psa_get_key_lifetime( &attributes ); + p_slot->attr.type = psa_get_key_type( &attributes ); + p_slot->attr.policy = attributes.core.policy; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_key_lifetime_is_external( p_slot->lifetime ) ) + if( psa_key_lifetime_is_external( p_slot->attr.lifetime ) ) { if( key_data_length != sizeof( p_slot->data.se ) ) { @@ -233,8 +234,8 @@ psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) if( status != PSA_SUCCESS ) return( status ); - slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT; - slot->persistent_storage_id = id; + slot->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; + slot->attr.id = id; status = psa_load_persistent_key_into_slot( slot ); if( status != PSA_SUCCESS ) @@ -270,27 +271,27 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) { psa_key_slot_t *slot = &global_data.key_slots[key - 1]; - if( slot->type == PSA_KEY_TYPE_NONE ) + if( slot->attr.type == PSA_KEY_TYPE_NONE ) { - if( slot->allocated ) + if( psa_key_slot_get_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED ) ) ++stats->half_filled_slots; else ++stats->empty_slots; continue; } - if( slot->lifetime == PSA_KEY_LIFETIME_VOLATILE ) + if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE ) ++stats->volatile_slots; - else if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { ++stats->persistent_slots; - if( slot->persistent_storage_id > stats->max_open_internal_key_id ) - stats->max_open_internal_key_id = slot->persistent_storage_id; + if( slot->attr.id > stats->max_open_internal_key_id ) + stats->max_open_internal_key_id = slot->attr.id; } else { ++stats->external_slots; - if( slot->persistent_storage_id > stats->max_open_external_key_id ) - stats->max_open_external_key_id = slot->persistent_storage_id; + if( slot->attr.id > stats->max_open_external_key_id ) + stats->max_open_external_key_id = slot->attr.id; } } } From 4ed0e6f11a6526896b3b17e82d0f04e0b88d741c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 20:22:33 +0200 Subject: [PATCH 1510/2197] Switch storage functions over to psa_core_key_attributes_t --- library/psa_crypto.c | 5 ++- library/psa_crypto_slot_management.c | 2 +- library/psa_crypto_storage.c | 37 +++++++++---------- library/psa_crypto_storage.h | 17 ++++----- ...t_suite_psa_crypto_persistent_key.function | 4 +- 5 files changed, 32 insertions(+), 33 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1646ae584..03e56a1c0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1554,7 +1554,7 @@ static psa_status_t psa_finish_key_creation( #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { - status = psa_save_persistent_key( &attributes, + status = psa_save_persistent_key( &attributes.core, (uint8_t*) &slot->data.se, sizeof( slot->data.se ) ); } @@ -1572,7 +1572,8 @@ static psa_status_t psa_finish_key_creation( buffer, buffer_size, &length, 0 ); if( status == PSA_SUCCESS ) - status = psa_save_persistent_key( &attributes, buffer, length ); + status = psa_save_persistent_key( &attributes.core, + buffer, length ); if( buffer_size != 0 ) mbedtls_platform_zeroize( buffer, buffer_size ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index bfa7baaa5..2cfc4a9e8 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -128,7 +128,7 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_id( &attributes, p_slot->attr.id ); - status = psa_load_persistent_key( &attributes, + status = psa_load_persistent_key( &attributes.core, &key_data, &key_data_length ); if( status != PSA_SUCCESS ) goto exit; diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 4113fb7e1..55fd65af9 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -264,7 +264,7 @@ typedef struct { void psa_format_key_data_for_storage( const uint8_t *data, const size_t data_length, - const psa_key_attributes_t *attributes, + const psa_core_key_attributes_t *attr, uint8_t *storage_data ) { psa_persistent_key_storage_format *storage_format = @@ -272,11 +272,11 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); PUT_UINT32_LE( 0, storage_format->version, 0 ); - PUT_UINT32_LE( psa_get_key_lifetime( attributes ), storage_format->lifetime, 0 ); - PUT_UINT32_LE( psa_get_key_type( attributes ), storage_format->type, 0 ); - PUT_UINT32_LE( psa_get_key_usage_flags( attributes ), storage_format->policy, 0 ); - PUT_UINT32_LE( psa_get_key_algorithm( attributes ), storage_format->policy, sizeof( uint32_t ) ); - PUT_UINT32_LE( psa_get_key_enrollment_algorithm( attributes ), storage_format->policy, 2 * sizeof( uint32_t ) ); + PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + PUT_UINT32_LE( attr->type, storage_format->type, 0 ); + PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); memcpy( storage_format->key_data, data, data_length ); } @@ -293,7 +293,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, size_t storage_data_length, uint8_t **key_data, size_t *key_data_length, - psa_key_attributes_t *attributes ) + psa_core_key_attributes_t *attr ) { psa_status_t status; const psa_persistent_key_storage_format *storage_format = @@ -328,16 +328,16 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, memcpy( *key_data, storage_format->key_data, *key_data_length ); } - GET_UINT32_LE( attributes->core.lifetime, storage_format->lifetime, 0 ); - GET_UINT32_LE( attributes->core.type, storage_format->type, 0 ); - GET_UINT32_LE( attributes->core.policy.usage, storage_format->policy, 0 ); - GET_UINT32_LE( attributes->core.policy.alg, storage_format->policy, sizeof( uint32_t ) ); - GET_UINT32_LE( attributes->core.policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); + GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); + GET_UINT32_LE( attr->type, storage_format->type, 0 ); + GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); + GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); + GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); return( PSA_SUCCESS ); } -psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, +psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, const uint8_t *data, const size_t data_length ) { @@ -353,10 +353,9 @@ psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, if( storage_data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - psa_format_key_data_for_storage( data, data_length, attributes, - storage_data ); + psa_format_key_data_for_storage( data, data_length, attr, storage_data ); - status = psa_crypto_storage_store( psa_get_key_id( attributes ), + status = psa_crypto_storage_store( attr->id, storage_data, storage_data_length ); mbedtls_free( storage_data ); @@ -373,14 +372,14 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) mbedtls_free( key_data ); } -psa_status_t psa_load_persistent_key( psa_key_attributes_t *attributes, +psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, uint8_t **data, size_t *data_length ) { psa_status_t status = PSA_SUCCESS; uint8_t *loaded_data; size_t storage_data_length = 0; - psa_key_id_t key = psa_get_key_id( attributes ); + psa_key_id_t key = attr->id; status = psa_crypto_storage_get_data_length( key, &storage_data_length ); if( status != PSA_SUCCESS ) @@ -396,7 +395,7 @@ psa_status_t psa_load_persistent_key( psa_key_attributes_t *attributes, goto exit; status = psa_parse_key_data_from_storage( loaded_data, storage_data_length, - data, data_length, attributes ); + data, data_length, attr ); exit: mbedtls_free( loaded_data ); diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 938cc4f89..1b7dbd67c 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -88,7 +88,7 @@ int psa_is_key_present_in_storage( const psa_key_file_id_t key ); * already occupied non-persistent key, as well as validating the key data. * * - * \param[in] attributes The attributes of the key to save. + * \param[in] attr The attributes of the key to save. * The key identifier field in the attributes * determines the key's location. * \param[in] data Buffer containing the key data. @@ -100,7 +100,7 @@ int psa_is_key_present_in_storage( const psa_key_file_id_t key ); * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_ALREADY_EXISTS */ -psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, +psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, const uint8_t *data, const size_t data_length ); @@ -116,8 +116,7 @@ psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, * this function to zeroize and free this buffer, regardless of whether this * function succeeds or fails. * - * \param[in,out] attributes - * On input, the key identifier field identifies + * \param[in,out] attr On input, the key identifier field identifies * the key to load. Other fields are ignored. * On success, the attribute structure contains * the key metadata that was loaded from storage. @@ -129,7 +128,7 @@ psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes, * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_load_persistent_key( psa_key_attributes_t *attributes, +psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, uint8_t **data, size_t *data_length ); @@ -163,13 +162,13 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); * * \param[in] data Buffer containing the key data. * \param data_length Length of the key data buffer. - * \param[in] attributes The attributes of the key. + * \param[in] attr The core attributes of the key. * \param[out] storage_data Output buffer for the formatted data. * */ void psa_format_key_data_for_storage( const uint8_t *data, const size_t data_length, - const psa_key_attributes_t *attributes, + const psa_core_key_attributes_t *attr, uint8_t *storage_data ); /** @@ -181,7 +180,7 @@ void psa_format_key_data_for_storage( const uint8_t *data, * containing the key data. This must be freed * using psa_free_persistent_key_data() * \param[out] key_data_length Length of the key data buffer - * \param[out] attributes On success, the attribute structure is filled + * \param[out] attr On success, the attribute structure is filled * with the loaded key metadata. * * \retval PSA_SUCCESS @@ -193,7 +192,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, size_t storage_data_length, uint8_t **key_data, size_t *key_data_length, - psa_key_attributes_t *attributes ); + psa_core_key_attributes_t *attr ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** This symbol is defined if transaction support is required. */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 61f7f886a..115bfea5d 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -45,7 +45,7 @@ void format_storage_data_check( data_t *key_data, file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format ); file_data = mbedtls_calloc( 1, file_data_length ); psa_format_key_data_for_storage( key_data->x, key_data->len, - &attributes, + &attributes.core, file_data ); ASSERT_COMPARE( expected_file_data->x, expected_file_data->len, @@ -71,7 +71,7 @@ void parse_storage_data_check( data_t *file_data, status = psa_parse_key_data_from_storage( file_data->x, file_data->len, &key_data, &key_data_length, - &attributes ); + &attributes.core ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) From 2431859dc77400eef4b5aedceebd34f76df35f22 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 20:30:51 +0200 Subject: [PATCH 1511/2197] Take advantage of psa_core_key_attributes_t internally: key loading --- library/psa_crypto_slot_management.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 2cfc4a9e8..f3a438996 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -120,37 +120,31 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot ) +static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) { psa_status_t status = PSA_SUCCESS; uint8_t *key_data = NULL; size_t key_data_length = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_id( &attributes, p_slot->attr.id ); - status = psa_load_persistent_key( &attributes.core, + status = psa_load_persistent_key( &slot->attr, &key_data, &key_data_length ); if( status != PSA_SUCCESS ) goto exit; - p_slot->attr.lifetime = psa_get_key_lifetime( &attributes ); - p_slot->attr.type = psa_get_key_type( &attributes ); - p_slot->attr.policy = attributes.core.policy; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_key_lifetime_is_external( p_slot->attr.lifetime ) ) + if( psa_key_lifetime_is_external( slot->attr.lifetime ) ) { - if( key_data_length != sizeof( p_slot->data.se ) ) + if( key_data_length != sizeof( slot->data.se ) ) { status = PSA_ERROR_STORAGE_FAILURE; goto exit; } - memcpy( &p_slot->data.se, key_data, sizeof( p_slot->data.se ) ); + memcpy( &slot->data.se, key_data, sizeof( slot->data.se ) ); } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ { - status = psa_import_key_into_slot( p_slot, - key_data, key_data_length ); + status = psa_import_key_into_slot( slot, key_data, key_data_length ); } exit: From b46bef2f76eb00cd8af7a9fe1864c5602037fa7f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jul 2019 21:32:04 +0200 Subject: [PATCH 1512/2197] Store the key size in the slot in memory There is now a field for the key size in the key slot in memory. Use it. This makes psa_get_key_attributes() marginally faster at the expense of memory that is available anyway in the current memory layout (16 bits for the size, 16 bits for flags). That's not the goal, though: the goal is to simplify the code, in particular to make it more uniform between transparent keys (whose size can be recomputed) and keys in secure elements (whose size cannot be recomputed). For keys in a secure element, the bit size is now saved by serializing the type psa_key_bits_t (which is an alias for uint16_t) rather than size_t. --- library/psa_crypto.c | 108 +++++++++++++++++++-------- library/psa_crypto_core.h | 1 - library/psa_crypto_se.h | 9 +++ library/psa_crypto_slot_management.c | 12 ++- 4 files changed, 95 insertions(+), 35 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 03e56a1c0..dacb80e79 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -40,6 +40,7 @@ * stored keys. */ #include "psa_crypto_storage.h" +#include #include #include #include "mbedtls/platform.h" @@ -695,6 +696,40 @@ exit: } #endif /* defined(MBEDTLS_ECP_C) */ + +/** Return the size of the key in the given slot, in bits. + * + * \param[in] slot A key slot. + * + * \return The key size in bits, read from the metadata in the slot. + */ +static inline size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) +{ + return( slot->attr.bits ); +} + +/** Calculate the size of the key in the given slot, in bits. + * + * \param[in] slot A key slot containing a transparent key. + * + * \return The key size in bits, calculated from the key data. + */ +static size_t psa_calculate_key_bits( const psa_key_slot_t *slot ) +{ + if( key_type_is_raw_bytes( slot->attr.type ) ) + return( slot->data.raw.bytes * 8 ); +#if defined(MBEDTLS_RSA_C) + if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) + return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) ); +#endif /* defined(MBEDTLS_RSA_C) */ +#if defined(MBEDTLS_ECP_C) + if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) + return( slot->data.ecp->grp.pbits ); +#endif /* defined(MBEDTLS_ECP_C) */ + /* Shouldn't happen except on an empty slot. */ + return( 0 ); +} + /** Import key data into a slot. `slot->attr.type` must have been set * previously. This function assumes that the slot does not contain * any key material yet. On failure, the slot content is unchanged. */ @@ -749,6 +784,14 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, { return( PSA_ERROR_NOT_SUPPORTED ); } + + if( status == PSA_SUCCESS ) + { + /* Write the actual key size to the slot. + * psa_start_key_creation() wrote the size declared by the + * caller, which may be 0 (meaning unspecified) or wrong. */ + slot->attr.bits = psa_calculate_key_bits( slot ); + } return( status ); } @@ -1035,28 +1078,6 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) return( storage_status ); } -/* Return the size of the key in the given slot, in bits. */ -static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) -{ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) ) - return( slot->data.se.bits ); -#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ - - if( key_type_is_raw_bytes( slot->attr.type ) ) - return( slot->data.raw.bytes * 8 ); -#if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) - return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) ); -#endif /* defined(MBEDTLS_RSA_C) */ -#if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) - return( slot->data.ecp->grp.pbits ); -#endif /* defined(MBEDTLS_ECP_C) */ - /* Shouldn't happen except on an empty slot. */ - return( 0 ); -} - void psa_reset_key_attributes( psa_key_attributes_t *attributes ) { mbedtls_free( attributes->domain_parameters ); @@ -1160,7 +1181,7 @@ static void psa_get_key_slot_attributes( psa_key_slot_t *slot, attributes->core.lifetime = slot->attr.lifetime; attributes->core.policy = slot->attr.policy; attributes->core.type = slot->attr.type; - attributes->core.bits = psa_get_key_slot_bits( slot ); + attributes->core.bits = slot->attr.bits; } /** Retrieve all the publicly-accessible attributes of a key. @@ -1270,7 +1291,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, { psa_status_t status; - size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_slot_bits( slot ) ); + size_t bytes = PSA_BITS_TO_BYTES( slot->attr.bits ); if( bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); status = mbedtls_to_psa_error( @@ -1479,6 +1500,12 @@ static psa_status_t psa_start_key_creation( * psa_import_key() needs its own checks. */ if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); + /* Store the declared bit-size of the key. It's up to each creation + * mechanism to verify that this information is correct. It's + * automatically correct for mechanisms that use the bit-size as + * an input (generate, device) but not for those where the bit-size + * is optional (import, copy). */ + slot->attr.bits = psa_get_key_bits( attributes ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: @@ -1510,10 +1537,6 @@ static psa_status_t psa_start_key_creation( (void) psa_crypto_stop_transaction( ); return( status ); } - - /* TOnogrepDO: validate bits. How to do this depends on the key - * creation method, so setting bits might not belong here. */ - slot->data.se.bits = psa_get_key_bits( attributes ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1554,9 +1577,21 @@ static psa_status_t psa_finish_key_creation( #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { + psa_se_key_data_storage_t data; +#if defined(static_assert) + static_assert( sizeof( slot->data.se.slot_number ) == + sizeof( data.slot_number ), + "Slot number size does not match psa_se_key_data_storage_t" ); + static_assert( sizeof( slot->attr.bits ) == sizeof( data.bits ), + "Bit-size size does not match psa_se_key_data_storage_t" ); +#endif + memcpy( &data.slot_number, &slot->data.se.slot_number, + sizeof( slot->data.se.slot_number ) ); + memcpy( &data.bits, &slot->attr.bits, + sizeof( slot->attr.bits ) ); status = psa_save_persistent_key( &attributes.core, - (uint8_t*) &slot->data.se, - sizeof( slot->data.se ) ); + (uint8_t*) &data, + sizeof( data ) ); } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1680,7 +1715,7 @@ static psa_status_t psa_check_key_slot_attributes( if( attributes->core.bits != 0 ) { - if( attributes->core.bits != psa_get_key_slot_bits( slot ) ) + if( attributes->core.bits != slot->attr.bits ) return( PSA_ERROR_INVALID_ARGUMENT ); } @@ -1704,6 +1739,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( driver != NULL ) { const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); + size_t bits; if( drv->key_management == NULL || drv->key_management->p_import == NULL ) { @@ -1716,7 +1752,15 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, slot->attr.lifetime, slot->attr.type, slot->attr.policy.alg, slot->attr.policy.usage, data, data_length, - &slot->data.se.bits ); + &bits ); + if( status != PSA_SUCCESS ) + goto exit; + if( bits > PSA_MAX_KEY_BITS ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + slot->attr.bits = (psa_key_bits_t) bits; } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 88a328983..1ae298e5f 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -60,7 +60,6 @@ typedef struct struct se { psa_key_slot_number_t slot_number; - size_t bits; } se; } data; } psa_key_slot_t; diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 08e658cdd..378c78ffe 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -171,4 +171,13 @@ psa_status_t psa_save_se_persistent_data( */ psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime ); + +/** The storage representation of a key whose data is in a secure element. + */ +typedef struct +{ + uint8_t slot_number[sizeof( psa_key_slot_number_t )]; + uint8_t bits[sizeof( psa_key_bits_t )]; +} psa_se_key_data_storage_t; + #endif /* PSA_CRYPTO_SE_H */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index f3a438996..43ba4123c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -33,6 +33,9 @@ #include "psa_crypto_core.h" #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#include "psa_crypto_se.h" +#endif #include #include @@ -134,12 +137,17 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( psa_key_lifetime_is_external( slot->attr.lifetime ) ) { - if( key_data_length != sizeof( slot->data.se ) ) + psa_se_key_data_storage_t *data; + if( key_data_length != sizeof( *data ) ) { status = PSA_ERROR_STORAGE_FAILURE; goto exit; } - memcpy( &slot->data.se, key_data, sizeof( slot->data.se ) ); + data = (psa_se_key_data_storage_t *) key_data; + memcpy( &slot->data.se.slot_number, &data->slot_number, + sizeof( slot->data.se.slot_number ) ); + memcpy( &slot->attr.bits, &data->bits, + sizeof( slot->attr.bits ) ); } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ From 76aa09c9a96f38e46e387d84935983d1245a99cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 14:15:34 +0200 Subject: [PATCH 1513/2197] Take advantage of psa_core_key_attributes_t internally #2 Key creation and psa_get_key_attributes --- library/psa_crypto.c | 56 +++++++++++++++----------------------------- 1 file changed, 19 insertions(+), 37 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index dacb80e79..cb8054681 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1169,21 +1169,6 @@ exit: } #endif /* MBEDTLS_RSA_C */ -/** Retrieve the generic attributes of a key in a slot. - * - * This function does not retrieve domain parameters, which require - * additional memory management. - */ -static void psa_get_key_slot_attributes( psa_key_slot_t *slot, - psa_key_attributes_t *attributes ) -{ - attributes->core.id = slot->attr.id; - attributes->core.lifetime = slot->attr.lifetime; - attributes->core.policy = slot->attr.policy; - attributes->core.type = slot->attr.type; - attributes->core.bits = slot->attr.bits; -} - /** Retrieve all the publicly-accessible attributes of a key. */ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, @@ -1198,7 +1183,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, if( status != PSA_SUCCESS ) return( status ); - psa_get_key_slot_attributes( slot, attributes ); + attributes->core = slot->attr; switch( slot->attr.type ) { @@ -1420,10 +1405,10 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, data_length, 1 ) ); } -static psa_status_t psa_set_key_policy_internal( - psa_key_slot_t *slot, - const psa_key_policy_t *policy ) +static psa_status_t psa_check_key_slot_policy( + const psa_key_slot_t *slot ) { + const psa_key_policy_t *policy = &slot->attr.policy; if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | @@ -1433,7 +1418,6 @@ static psa_status_t psa_set_key_policy_internal( PSA_KEY_USAGE_DERIVE ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - slot->attr.policy = *policy; return( PSA_SUCCESS ); } @@ -1478,11 +1462,6 @@ static psa_status_t psa_start_key_creation( return( status ); slot = *p_slot; - status = psa_set_key_policy_internal( slot, &attributes->core.policy ); - if( status != PSA_SUCCESS ) - return( status ); - slot->attr.lifetime = attributes->core.lifetime; - if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { status = psa_validate_persistent_key_parameters( attributes->core.lifetime, @@ -1490,9 +1469,11 @@ static psa_status_t psa_start_key_creation( p_drv, 1 ); if( status != PSA_SUCCESS ) return( status ); - slot->attr.id = attributes->core.id; } - slot->attr.type = attributes->core.type; + + status = psa_check_key_slot_policy( slot ); + if( status != PSA_SUCCESS ) + return( status ); /* Refuse to create overly large keys. * Note that this doesn't trigger on import if the attributes don't @@ -1500,12 +1481,16 @@ static psa_status_t psa_start_key_creation( * psa_import_key() needs its own checks. */ if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); - /* Store the declared bit-size of the key. It's up to each creation - * mechanism to verify that this information is correct. It's - * automatically correct for mechanisms that use the bit-size as + /* We're storing the declared bit-size of the key. It's up to each + * creation mechanism to verify that this information is correct. + * It's automatically correct for mechanisms that use the bit-size as * an input (generate, device) but not for those where the bit-size * is optional (import, copy). */ - slot->attr.bits = psa_get_key_bits( attributes ); + + slot->attr = attributes->core; + /* This is awkward... Copying the attributes has overwritten the + * flag that marks this slot as used. Restore it. */ + psa_key_slot_set_bits_in_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: @@ -1571,9 +1556,6 @@ static psa_status_t psa_finish_key_creation( #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_get_key_slot_attributes( slot, &attributes ); - #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { @@ -1589,7 +1571,7 @@ static psa_status_t psa_finish_key_creation( sizeof( slot->data.se.slot_number ) ); memcpy( &data.bits, &slot->attr.bits, sizeof( slot->attr.bits ) ); - status = psa_save_persistent_key( &attributes.core, + status = psa_save_persistent_key( &slot->attr, (uint8_t*) &data, sizeof( data ) ); } @@ -1598,7 +1580,7 @@ static psa_status_t psa_finish_key_creation( { size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE( slot->attr.type, - psa_get_key_bits( &attributes ) ); + slot->attr.bits ); uint8_t *buffer = mbedtls_calloc( 1, buffer_size ); size_t length = 0; if( buffer == NULL && buffer_size != 0 ) @@ -1607,7 +1589,7 @@ static psa_status_t psa_finish_key_creation( buffer, buffer_size, &length, 0 ); if( status == PSA_SUCCESS ) - status = psa_save_persistent_key( &attributes.core, + status = psa_save_persistent_key( &slot->attr, buffer, length ); if( buffer_size != 0 ) From 41e50d26eac2fefff81c374731c53838480d598b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 15:01:55 +0200 Subject: [PATCH 1514/2197] Remove "allocated" flag from key slots The flag to mark key slots as allocated was introduced to mark slots that are claimed and in use, but do not have key material yet, at a time when creating a key used several API functions: allocate a slot, then progressively set its metadata, and finally create the key material. Now that all of these steps are combined into a single API function call, the notion of allocated-but-not-filled slot is no longer relevant. So remove the corresponding flag. A slot is occupied iff there is a key in it. (For a key in a secure element, the key material is not present, but the slot contains the key metadata.) This key must have a type which is nonzero, so use this as an indicator that a slot is in use. --- library/psa_crypto.c | 5 ----- library/psa_crypto_core.h | 16 +++++++++++++--- library/psa_crypto_slot_management.c | 19 ++++++------------- library/psa_crypto_slot_management.h | 10 +++++----- 4 files changed, 24 insertions(+), 26 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cb8054681..f1ddb147e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -897,8 +897,6 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); - if( slot->attr.type == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_DOES_NOT_EXIST ); /* Enforce that usage policy for the key slot contains all the flags * required by the usage parameter. There is one exception: public @@ -1488,9 +1486,6 @@ static psa_status_t psa_start_key_creation( * is optional (import, copy). */ slot->attr = attributes->core; - /* This is awkward... Copying the attributes has overwritten the - * flag that marks this slot as used. Restore it. */ - psa_key_slot_set_bits_in_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 1ae298e5f..fbfb6daef 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -64,9 +64,19 @@ typedef struct } data; } psa_key_slot_t; -/** Flag for psa_key_slot_t::attr::core::flags indicating that the - * slot is in use. */ -#define PSA_KEY_SLOT_FLAG_ALLOCATED ( (uint16_t) 0x0001 ) +/** Test whether a key slot is occupied. + * + * A key slot is occupied iff the key type is nonzero. This works because + * no valid key can have 0 as its key type. + * + * \param[in] slot The key slot to test. + * + * \return 1 if the slot is occupied, 0 otherwise. + */ +static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) +{ + return( slot->attr.type != 0 ); +} /** Retrieve flags from psa_key_slot_t::attr::core::flags. * diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 43ba4123c..073400988 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -74,8 +74,8 @@ psa_status_t psa_get_key_slot( psa_key_handle_t handle, return( PSA_ERROR_INVALID_HANDLE ); slot = &global_data.key_slots[handle - 1]; - /* If the slot hasn't been allocated, the handle is invalid. */ - if( ! psa_key_slot_get_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED ) ) + /* If the slot isn't occupied, the handle is invalid. */ + if( ! psa_is_key_slot_occupied( slot ) ) return( PSA_ERROR_INVALID_HANDLE ); *p_slot = slot; @@ -111,12 +111,8 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) ) { *p_slot = &global_data.key_slots[*handle - 1]; - if( ! psa_key_slot_get_flags( *p_slot, PSA_KEY_SLOT_FLAG_ALLOCATED ) ) - { - psa_key_slot_set_bits_in_flags( *p_slot, - PSA_KEY_SLOT_FLAG_ALLOCATED ); + if( ! psa_is_key_slot_occupied( *p_slot ) ) return( PSA_SUCCESS ); - } } *p_slot = NULL; return( PSA_ERROR_INSUFFICIENT_MEMORY ); @@ -272,13 +268,10 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) memset( stats, 0, sizeof( *stats ) ); for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ ) { - psa_key_slot_t *slot = &global_data.key_slots[key - 1]; - if( slot->attr.type == PSA_KEY_TYPE_NONE ) + const psa_key_slot_t *slot = &global_data.key_slots[key - 1]; + if( ! psa_is_key_slot_occupied( slot ) ) { - if( psa_key_slot_get_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED ) ) - ++stats->half_filled_slots; - else - ++stats->empty_slots; + ++stats->empty_slots; continue; } if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE ) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 049520d4b..cde590fc5 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -58,13 +58,13 @@ psa_status_t psa_initialize_key_slots( void ); * This does not affect persistent storage. */ void psa_wipe_all_key_slots( void ); -/** Find a free key slot and mark it as in use. +/** Find a free key slot. + * + * This function returns a key slot that is available for use and is in its + * ground state (all-bits-zero). * * \param[out] handle On success, a slot number that can be used as a - * handle to the slot. The selected slot was not - * in use before. This function marks it as in use - * and otherwise leaves it in a freshly-initialized - * state. + * handle to the slot. * \param[out] p_slot On success, a pointer to the slot. * * \retval #PSA_SUCCESS From 7c227aee5ee53e7b99dfc795a76f4898b8425879 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 15:14:44 +0200 Subject: [PATCH 1515/2197] Test key creation with an invalid type (0 and nonzero) --- tests/suites/test_suite_psa_crypto.data | 21 +++++++++++++++++++-- tests/suites/test_suite_psa_crypto.function | 11 ++++++----- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a0e7f7a90..53aa41a6b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -52,6 +52,12 @@ invalid_handle:1 PSA invalid handle (largest plausible handle) invalid_handle:-1 +PSA import: invalid type (0) +import:"0123":PSA_KEY_TYPE_NONE:0:PSA_ERROR_NOT_SUPPORTED + +PSA import: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) +import:"0123":PSA_KEY_TYPE_CATEGORY_MASK:0:PSA_ERROR_NOT_SUPPORTED + PSA import AES: bad key size depends_on:MBEDTLS_AES_C import:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT @@ -2083,16 +2089,24 @@ PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 +PSA key derivation: invalid type (0) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_NOT_SUPPORTED + +PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_NOT_SUPPORTED + # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum # output from HKDF-SHA512 (255*64 = 16320 bytes). PSA key derivation: largest possible key depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION -derive_large_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_MAX_KEY_BITS:PSA_SUCCESS +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS PSA key derivation: key too large depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION -derive_large_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: ECDH + HKDF-SHA-256: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -2192,6 +2206,9 @@ generate_random:19 PSA generate random: 260 bytes generate_random:260 +PSA generate key: bad type (0) +generate_key:PSA_KEY_TYPE_NONE:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED + PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK) generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8ed7a7d5c..60514f854 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4620,14 +4620,15 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void derive_large_key( int alg_arg, - data_t *key_data, data_t *input1, data_t *input2, - int bits_arg, - int expected_status_arg ) +void derive_key( int alg_arg, + data_t *key_data, data_t *input1, data_t *input2, + int type_arg, int bits_arg, + int expected_status_arg ) { psa_key_handle_t base_handle = 0; psa_key_handle_t derived_handle = 0; psa_algorithm_t alg = alg_arg; + psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -4649,7 +4650,7 @@ void derive_large_key( int alg_arg, psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &derived_attributes, 0 ); - psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_type( &derived_attributes, type ); psa_set_key_bits( &derived_attributes, bits ); TEST_EQUAL( psa_key_derivation_output_key( &derived_attributes, &operation, &derived_handle ), From 6edfa293c2b638a19a0b10a360ae5c1a1431a3c1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 15:53:45 +0200 Subject: [PATCH 1516/2197] Add test function for import with a bad policy --- tests/suites/test_suite_psa_crypto.data | 50 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 50 +++++++++++++++++++-- 2 files changed, 72 insertions(+), 28 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 53aa41a6b..9bf2290f2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -53,14 +53,14 @@ PSA invalid handle (largest plausible handle) invalid_handle:-1 PSA import: invalid type (0) -import:"0123":PSA_KEY_TYPE_NONE:0:PSA_ERROR_NOT_SUPPORTED +import_with_policy:PSA_KEY_TYPE_NONE:0:0:PSA_ERROR_NOT_SUPPORTED PSA import: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) -import:"0123":PSA_KEY_TYPE_CATEGORY_MASK:0:PSA_ERROR_NOT_SUPPORTED +import_with_policy:PSA_KEY_TYPE_CATEGORY_MASK:0:0:PSA_ERROR_NOT_SUPPORTED PSA import AES: bad key size depends_on:MBEDTLS_AES_C -import:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -116,19 +116,19 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import RSA keypair: truncated depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: valid key but EC depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export-public RSA public key: good, 1024-bit depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -156,19 +156,19 @@ import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5f PSA import RSA public key: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1022-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1023-bit (not supported) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C -import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED @@ -262,31 +262,31 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: too short depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d == n - 1 (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_SUCCESS +import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_SUCCESS PSA import EC keypair: secp256r1, d == n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d > n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -294,31 +294,31 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED # one would expect the status to be PSA_ERROR_INVALID_ARGUMENT. But the # Mbed TLS pkparse module returns MBEDTLS_ERR_PK_INVALID_ALG, I think because # it's looking for an OID where there is no OID. -import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_NOT_SUPPORTED PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C -import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import AES: bits=0 ok depends_on:MBEDTLS_AES_C -import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:0:PSA_SUCCESS +import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:0:PSA_SUCCESS PSA import AES: bits=128 ok depends_on:MBEDTLS_AES_C -import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS +import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS PSA import AES: bits=256 wrong depends_on:MBEDTLS_AES_C -import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT PSA import AES: bits=256 ok depends_on:MBEDTLS_AES_C -import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS +import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS PSA import AES: bits=128 wrong depends_on:MBEDTLS_AES_C -import:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT PSA import large key: raw, 65528 bits (ok) depends_on:HAVE_RAM_AVAILABLE_128k diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 60514f854..f6447520e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1209,9 +1209,52 @@ void persistence_attributes( int id1_arg, int lifetime_arg, int id2_arg, /* END_CASE */ /* BEGIN_CASE */ -void import( data_t *data, int type_arg, - int attr_bits_arg, - int expected_status_arg ) +void import_with_policy( int type_arg, + int usage_arg, int alg_arg, + int expected_status_arg ) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle = 0; + psa_key_type_t type = type_arg; + psa_key_usage_t usage = usage_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + const uint8_t key_material[16] = {0}; + psa_status_t status; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags( &attributes, usage ); + psa_set_key_algorithm( &attributes, alg ); + + status = psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ); + TEST_EQUAL( status, expected_status ); + if( status != PSA_SUCCESS ) + goto exit; + + PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); + TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); + TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); + TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + test_operations_on_invalid_handle( handle ); + +exit: + psa_destroy_key( handle ); + psa_reset_key_attributes( &got_attributes ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void import_with_data( data_t *data, int type_arg, + int attr_bits_arg, + int expected_status_arg ) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1225,6 +1268,7 @@ void import( data_t *data, int type_arg, psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, attr_bits ); + status = psa_import_key( &attributes, data->x, data->len, &handle ); TEST_EQUAL( status, expected_status ); if( status != PSA_SUCCESS ) From 3825e14e65186b26709876dc389d6630a192664e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 15:54:33 +0200 Subject: [PATCH 1517/2197] Fix policy validity check on key creation. Add a non-regression test. --- library/psa_crypto.c | 8 ++++---- tests/suites/test_suite_psa_crypto.data | 3 +++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f1ddb147e..258caad59 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1469,10 +1469,6 @@ static psa_status_t psa_start_key_creation( return( status ); } - status = psa_check_key_slot_policy( slot ); - if( status != PSA_SUCCESS ) - return( status ); - /* Refuse to create overly large keys. * Note that this doesn't trigger on import if the attributes don't * explicitly specify a size (so psa_get_key_bits returns 0), so @@ -1487,6 +1483,10 @@ static psa_status_t psa_start_key_creation( slot->attr = attributes->core; + status = psa_check_key_slot_policy( slot ); + if( status != PSA_SUCCESS ) + return( status ); + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: * create the key file in internal storage, create the diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9bf2290f2..e04fdf8b2 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -52,6 +52,9 @@ invalid_handle:1 PSA invalid handle (largest plausible handle) invalid_handle:-1 +PSA import: bad usage flag +import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT + PSA import: invalid type (0) import_with_policy:PSA_KEY_TYPE_NONE:0:0:PSA_ERROR_NOT_SUPPORTED From 1b8594a218c840248d81562e30e2dbc6610843f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 17:21:46 +0200 Subject: [PATCH 1518/2197] More refactoring: consolidate attribute validation Consolidate attribute validation at the beginning of key creation into a single function. Improve comments. --- library/psa_crypto.c | 91 ++++++++++++++++++++++++++++++++------------ 1 file changed, 66 insertions(+), 25 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 258caad59..3f5f371f8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1403,10 +1403,14 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, data_length, 1 ) ); } -static psa_status_t psa_check_key_slot_policy( - const psa_key_slot_t *slot ) +/** Validate that a key policy is internally well-formed. + * + * This function only rejects invalid policies. It does not validate the + * consistency of the policy with respect to other attributes of the key + * such as the key type. + */ +static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) { - const psa_key_policy_t *policy = &slot->attr.policy; if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | @@ -1419,6 +1423,48 @@ static psa_status_t psa_check_key_slot_policy( return( PSA_SUCCESS ); } +/** Validate the internal consistency of key attributes. + * + * This function only rejects invalid attribute values. If does not + * validate the consistency of the attributes with any key data that may + * be involved in the creation of the key. + * + * Call this function early in the key creation process. + * + * \param[in] attributes Key attributes for the new key. + * \param[out] p_drv On any return, the driver for the key, if any. + * NULL for a transparent key. + * + */ +static psa_status_t psa_validate_key_attributes( + const psa_key_attributes_t *attributes, + psa_se_drv_table_entry_t **p_drv ) +{ + psa_status_t status; + + if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE ) + { + status = psa_validate_persistent_key_parameters( + attributes->core.lifetime, attributes->core.id, + p_drv, 1 ); + if( status != PSA_SUCCESS ) + return( status ); + } + + status = psa_validate_key_policy( &attributes->core.policy ); + if( status != PSA_SUCCESS ) + return( status ); + + /* Refuse to create overly large keys. + * Note that this doesn't trigger on import if the attributes don't + * explicitly specify a size (so psa_get_key_bits returns 0), so + * psa_import_key() needs its own checks. */ + if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) + return( PSA_ERROR_NOT_SUPPORTED ); + + return( PSA_SUCCESS ); +} + /** Prepare a key slot to receive key material. * * This function allocates a key slot and sets its metadata. @@ -1455,26 +1501,15 @@ static psa_status_t psa_start_key_creation( *p_drv = NULL; + status = psa_validate_key_attributes( attributes, p_drv ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_internal_allocate_key_slot( handle, p_slot ); if( status != PSA_SUCCESS ) return( status ); slot = *p_slot; - if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE ) - { - status = psa_validate_persistent_key_parameters( attributes->core.lifetime, - attributes->core.id, - p_drv, 1 ); - if( status != PSA_SUCCESS ) - return( status ); - } - - /* Refuse to create overly large keys. - * Note that this doesn't trigger on import if the attributes don't - * explicitly specify a size (so psa_get_key_bits returns 0), so - * psa_import_key() needs its own checks. */ - if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); /* We're storing the declared bit-size of the key. It's up to each * creation mechanism to verify that this information is correct. * It's automatically correct for mechanisms that use the bit-size as @@ -1483,10 +1518,6 @@ static psa_status_t psa_start_key_creation( slot->attr = attributes->core; - status = psa_check_key_slot_policy( slot ); - if( status != PSA_SUCCESS ) - return( status ); - #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: * create the key file in internal storage, create the @@ -1647,7 +1678,16 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, psa_wipe_key_slot( slot ); } -static psa_status_t psa_check_key_slot_attributes( +/** Validate optional attributes during key creation. + * + * Some key attributes are optional during key creation. If they are + * specified in the attributes structure, check that they are consistent + * with the data in the slot. + * + * This function should be called near the end of key creation, after + * the slot in memory is fully populated but before saving persistent data. + */ +static psa_status_t psa_validate_optional_attributes( const psa_key_slot_t *slot, const psa_key_attributes_t *attributes ) { @@ -1746,7 +1786,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( status != PSA_SUCCESS ) goto exit; } - status = psa_check_key_slot_attributes( slot, attributes ); + status = psa_validate_optional_attributes( slot, attributes ); if( status != PSA_SUCCESS ) goto exit; @@ -1801,7 +1841,8 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) goto exit; - status = psa_check_key_slot_attributes( source_slot, specified_attributes ); + status = psa_validate_optional_attributes( source_slot, + specified_attributes ); if( status != PSA_SUCCESS ) goto exit; From 8b66389d0deb2553f9f1f2d12be785c9695cec26 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 17:57:57 +0200 Subject: [PATCH 1519/2197] Adjust secure element code to the new ITS interface --- library/psa_crypto_se.c | 8 +++++++- library/psa_crypto_storage.c | 13 ++++++++++--- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index aece47d01..9451e528f 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -148,17 +148,23 @@ psa_status_t psa_load_se_persistent_data( { psa_status_t status; psa_storage_uid_t uid; + size_t length; status = psa_get_se_driver_its_file_uid( driver, &uid ); if( status != PSA_SUCCESS ) return( status ); + /* Read the amount of persistent data that the driver requests. + * If the data in storage is larger, it is truncated. If the data + * in storage is smaller, silently keep what is already at the end + * of the output buffer. */ /* psa_get_se_driver_its_file_uid ensures that the size_t * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ return( psa_its_get( uid, 0, (uint32_t) driver->internal.persistent_data_size, - driver->internal.persistent_data ) ); + driver->internal.persistent_data, + &length ) ); } psa_status_t psa_save_se_persistent_data( diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 43a19b3c6..687d22a9c 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -437,9 +437,16 @@ psa_status_t psa_crypto_save_transaction( void ) psa_status_t psa_crypto_load_transaction( void ) { - return( psa_its_get( PSA_CRYPTO_ITS_TRANSACTION_UID, 0, - sizeof( psa_crypto_transaction ), - &psa_crypto_transaction ) ); + psa_status_t status; + size_t length; + status = psa_its_get( PSA_CRYPTO_ITS_TRANSACTION_UID, 0, + sizeof( psa_crypto_transaction ), + &psa_crypto_transaction, &length ); + if( status != PSA_SUCCESS ) + return( status ); + if( length != sizeof( psa_crypto_transaction ) ) + return( PSA_ERROR_STORAGE_FAILURE ); + return( PSA_SUCCESS ); } psa_status_t psa_crypto_stop_transaction( void ) From 8908c5e81c8bf2f109feef843bc2981de2f86cca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 Jul 2019 18:55:00 +0200 Subject: [PATCH 1520/2197] Make psa_calculate_key_bits return psa_key_bits_t This is cleaner and solves a complaint from MSVC about truncation from size_t to psa_key_bits_t. --- library/psa_crypto.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3f5f371f8..cbe326126 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -714,20 +714,24 @@ static inline size_t psa_get_key_slot_bits( const psa_key_slot_t *slot ) * * \return The key size in bits, calculated from the key data. */ -static size_t psa_calculate_key_bits( const psa_key_slot_t *slot ) +static psa_key_bits_t psa_calculate_key_bits( const psa_key_slot_t *slot ) { + size_t bits = 0; /* return 0 on an empty slot */ + if( key_type_is_raw_bytes( slot->attr.type ) ) - return( slot->data.raw.bytes * 8 ); + bits = PSA_BYTES_TO_BITS( slot->data.raw.bytes ); #if defined(MBEDTLS_RSA_C) - if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) - return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) ); + else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) + bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ); #endif /* defined(MBEDTLS_RSA_C) */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) - return( slot->data.ecp->grp.pbits ); + else if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) + bits = slot->data.ecp->grp.pbits; #endif /* defined(MBEDTLS_ECP_C) */ - /* Shouldn't happen except on an empty slot. */ - return( 0 ); + + /* We know that the size fits in psa_key_bits_t thanks to checks + * when the key was created. */ + return( (psa_key_bits_t) bits ); } /** Import key data into a slot. `slot->attr.type` must have been set From 5386f6ba071a36e105b52cd5c6dc3efbc07633c0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 12:47:40 +0200 Subject: [PATCH 1521/2197] Fix PSA init/deinit in mbedtls_xxx tests when using PSA In tests of mbedtls_cipher_xxx and mbedtls_pk_xxx with MBEDTLS_USE_PSA_CRYPTO enabled, initialize and deinitialize the PSA subsystem in every function. Before, the tests were only passing because the first function to be called happened to call psa_crypto_init() but not mbedtls_psa_crypto_free(). In some configurations (not tested on CI), psa_crypto_init() was not called so the tests using PSA failed. Call PSA_DONE() at the end of each test function. This ensures that no resources are leaked in the form of PSA crypto slot contents. Incidentally, this also fixes a build error due to test_helper_psa_done() being unused in test_suite_pk: the fact that it wasn't used betrayed the missing calls to PSA_DONE(). --- tests/suites/test_suite_cipher.function | 17 +++++++++++++---- tests/suites/test_suite_pk.function | 18 ++++++++++++++++-- 2 files changed, 29 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 1ea14088b..f6367f175 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -4,6 +4,11 @@ #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" #endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa_crypto_helpers.h" +#endif + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -982,7 +987,7 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, #else if( use_psa == 1 ) { - TEST_ASSERT( psa_crypto_init() == 0 ); + PSA_ASSERT( psa_crypto_init( ) ); /* PSA requires that the tag immediately follows the ciphertext. */ tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len ); @@ -1066,14 +1071,15 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, exit: + mbedtls_cipher_free( &ctx ); + #if defined(MBEDTLS_USE_PSA_CRYPTO) if( use_psa == 1 ) { mbedtls_free( tmp_cipher ); + PSA_DONE( ); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - - mbedtls_cipher_free( &ctx ); } /* END_CASE */ @@ -1143,7 +1149,7 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key, #else if( use_psa == 1 ) { - TEST_ASSERT( psa_crypto_init() == 0 ); + PSA_ASSERT( psa_crypto_init( ) ); TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, mbedtls_cipher_info_from_type( cipher_id ), 0 ) ); } @@ -1172,6 +1178,9 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key, exit: mbedtls_cipher_free( &ctx ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + PSA_DONE( ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ } /* END_CASE */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 3d38535e3..fbb69073e 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -13,6 +13,13 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" #include "psa_crypto_helpers.h" +#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) ) +#else +/* Define empty macros so that we can use them in the preamble and teardown + * of every test function that uses PSA conditionally based on + * MBEDTLS_USE_PSA_CRYPTO. */ +#define PSA_INIT( ) ( (void) 0 ) +#define PSA_DONE( ) ( (void) 0 ) #endif static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); @@ -117,7 +124,7 @@ void pk_psa_utils( ) size_t len; mbedtls_pk_debug_item dbg; - TEST_ASSERT( psa_crypto_init() == 0 ); + PSA_ASSERT( psa_crypto_init( ) ); mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk2 ); @@ -173,6 +180,7 @@ void pk_psa_utils( ) exit: mbedtls_pk_free( &pk ); /* redundant except upon error */ mbedtls_pk_free( &pk2 ); + PSA_DONE( ); } /* END_CASE */ @@ -763,7 +771,7 @@ void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash, mbedtls_ecp_keypair *eckey; mbedtls_pk_init( &pk ); - + PSA_INIT( ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); @@ -780,6 +788,7 @@ void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash, exit: mbedtls_pk_free( &pk ); + PSA_DONE( ); } /* END_CASE */ @@ -904,6 +913,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) #endif mbedtls_pk_init( &pk ); + PSA_INIT( ); memset( hash, 0x2a, sizeof hash ); memset( sig, 0, sizeof sig ); @@ -955,6 +965,7 @@ exit: mbedtls_pk_restart_free( rs_ctx ); #endif mbedtls_pk_free( &pk ); + PSA_DONE( ); } /* END_CASE */ @@ -1210,6 +1221,8 @@ void pk_psa_sign( ) * - parse it to a PK context and verify the signature this way */ + PSA_ASSERT( psa_crypto_init( ) ); + /* Create legacy EC public/private key in PK context. */ mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_setup( &pk, @@ -1259,5 +1272,6 @@ void pk_psa_sign( ) exit: mbedtls_pk_free( &pk ); + PSA_DONE( ); } /* END_CASE */ From 21599b6622aef85d4b29eae7706d9adbe3ca6553 Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Fri, 2 Aug 2019 12:26:29 +0100 Subject: [PATCH 1522/2197] Return right error code. Issue : 126 https://github.com/ARMmbed/mbed-crypto/issues/126 PSA_ERROR_BUFFER_TOO_SMALL error returned when we check for output_size. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3c318727f..f631d830d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2755,7 +2755,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, mbedtls_rsa_context *rsa = slot->data.rsa; int ret; if( output_size < mbedtls_rsa_get_len( rsa ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { From 1b9505c451eaf8cd2eef93efaa9e734946bb97bd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 10:59:45 +0200 Subject: [PATCH 1523/2197] Correct some comments --- library/psa_crypto.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cbe326126..f01a4c084 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -746,10 +746,11 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot, if( key_type_is_raw_bytes( slot->attr.type ) ) { size_t bit_size = PSA_BYTES_TO_BITS( data_length ); - /* Ensure that the bytes-to-bit conversion doesn't overflow. */ + /* Ensure that the bytes-to-bit conversion didn't overflow. */ if( data_length > SIZE_MAX / 8 ) return( PSA_ERROR_NOT_SUPPORTED ); - /* Ensure that the bit size fits in its representation type. */ + /* Enforce a size limit, and in particular ensure that the bit + * size fits in its representation type. */ if( bit_size > PSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); status = prepare_raw_data_slot( slot->attr.type, bit_size, From 49232e8b0677cf699026d056a6d880547590a4b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 11:01:30 +0200 Subject: [PATCH 1524/2197] Avoid a lowercase letter in a macro name --- tests/suites/test_suite_psa_crypto.data | 6 +++--- tests/suites/test_suite_psa_crypto.function | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e04fdf8b2..c8d803864 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -324,11 +324,11 @@ depends_on:MBEDTLS_AES_C import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_ERROR_INVALID_ARGUMENT PSA import large key: raw, 65528 bits (ok) -depends_on:HAVE_RAM_AVAILABLE_128k +depends_on:HAVE_RAM_AVAILABLE_128K import_large_key:PSA_KEY_TYPE_RAW_DATA:8191:PSA_SUCCESS PSA import large key: raw, 65536 bits (not supported) -depends_on:HAVE_RAM_AVAILABLE_128k +depends_on:HAVE_RAM_AVAILABLE_128K import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED PSA import RSA key pair: maximum size exceeded @@ -2228,7 +2228,7 @@ PSA generate key: raw data, 8 bits generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS PSA generate key: raw data, 65528 bits (ok) -depends_on:HAVE_RAM_AVAILABLE_128k +depends_on:HAVE_RAM_AVAILABLE_128K generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS PSA generate key: raw data, 65536 bits (not supported) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f6447520e..69b49f35c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -12,7 +12,7 @@ * are always executed. In the future we should make this conditional * so that tests that require a lot of memory are skipped on constrained * platforms. */ -#define HAVE_RAM_AVAILABLE_128k +#define HAVE_RAM_AVAILABLE_128K /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; From b1f6c5fd4d281c6d93600ff3601f7340ab79dfb5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 13:37:22 +0200 Subject: [PATCH 1525/2197] Fix copypasta in test data --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c8d803864..ccbffffbc 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2229,7 +2229,7 @@ generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS PSA generate key: raw data, 65528 bits (ok) depends_on:HAVE_RAM_AVAILABLE_128K -generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS PSA generate key: raw data, 65536 bits (not supported) generate_key:PSA_KEY_TYPE_RAW_DATA:65536:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED From a6b2f60b4c2ce28991e2b5f1f860c901ab6f8ab8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 13:37:33 +0200 Subject: [PATCH 1526/2197] Fix double free in psa_generate_key when psa_generate_random fails When psa_generate_random fails, psa_generate_key_internal frees the key buffer but a the pointer to the now-freed buffer in the slot. Then psa_generate_key calls psa_fail_key_creation which sees the pointer and calls free() again. This bug was introduced by ff5f0e7221d54e5a11db13c5198093a6b6bf4d53 "Implement atomic-creation psa_{generate,generator_import}_key" which changed how psa_generate_key() cleans up on errors. I went through the code and could not find a similar bug in cleanup on an error during key creation. Fix #207 --- library/psa_crypto.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f01a4c084..c6bc7a267 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5718,10 +5718,7 @@ static psa_status_t psa_generate_key_internal( status = psa_generate_random( slot->data.raw.data, slot->data.raw.bytes ); if( status != PSA_SUCCESS ) - { - mbedtls_free( slot->data.raw.data ); return( status ); - } #if defined(MBEDTLS_DES_C) if( type == PSA_KEY_TYPE_DES ) psa_des_set_key_parity( slot->data.raw.data, From bdc96fd636c71d4adf2034f09fe7097ee4573caa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 12:08:04 +0200 Subject: [PATCH 1527/2197] Add tests to generate more random than MBEDTLS_CTR_DRBG_MAX_REQUEST Add tests that call psa_generate_random() (possibly via psa_generate_key()) with a size that's larger than MBEDTLS_CTR_DRBG_MAX_REQUEST. This causes psa_generate_random() to fail because it calls mbedtls_ctr_drbg_random() without taking the maximum request size of CTR_DRBG into account. Non-regression test for #206 --- tests/suites/test_suite_psa_crypto.data | 15 +++++++++++++++ tests/suites/test_suite_psa_crypto.function | 6 ++++++ 2 files changed, 21 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ccbffffbc..b04984024 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2209,6 +2209,15 @@ generate_random:19 PSA generate random: 260 bytes generate_random:260 +PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST bytes +generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST + +PSA generate random: MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes +generate_random:MBEDTLS_CTR_DRBG_MAX_REQUEST + 1 + +PSA generate random: 2*MBEDTLS_CTR_DRBG_MAX_REQUEST+1 bytes +generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1 + PSA generate key: bad type (0) generate_key:PSA_KEY_TYPE_NONE:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED @@ -2227,6 +2236,12 @@ generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_AR PSA generate key: raw data, 8 bits generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS +PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits +generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS + +PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits +generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS + PSA generate key: raw data, 65528 bits (ok) depends_on:HAVE_RAM_AVAILABLE_128K generate_key:PSA_KEY_TYPE_RAW_DATA:65528:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 69b49f35c..81ccb4ce3 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -5,6 +5,10 @@ #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" +/* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random() + * uses mbedtls_ctr_drbg internally. */ +#include "mbedtls/ctr_drbg.h" + #include "psa_crypto_helpers.h" /* Tests that require more than 128kB of RAM plus change have this symbol @@ -14,6 +18,8 @@ * platforms. */ #define HAVE_RAM_AVAILABLE_128K +#include "psa/crypto.h" + /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; From f181eca3503e85a84171b60fa747f1f2b3cbf0c8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 13:49:00 +0200 Subject: [PATCH 1528/2197] Fix psa_generate_random for >1024 bytes mbedtls_ctr_drbg_random can only return up to MBEDTLS_CTR_DRBG_MAX_REQUEST (normally 1024) bytes at a time. So if more than that is requested, call mbedtls_ctr_drbg_random in a loop. --- library/psa_crypto.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c6bc7a267..b602f1961 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5650,6 +5650,17 @@ psa_status_t psa_generate_random( uint8_t *output, int ret; GUARD_MODULE_INITIALIZED; + while( output_size > MBEDTLS_CTR_DRBG_MAX_REQUEST ) + { + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, + output, + MBEDTLS_CTR_DRBG_MAX_REQUEST ); + if( ret != 0 ) + return( mbedtls_to_psa_error( ret ) ); + output += MBEDTLS_CTR_DRBG_MAX_REQUEST; + output_size -= MBEDTLS_CTR_DRBG_MAX_REQUEST; + } + ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size ); return( mbedtls_to_psa_error( ret ) ); } From 1f5e6abfb93a2d49552aed373e6265b01e627d5b Mon Sep 17 00:00:00 2001 From: Alexander K Date: Wed, 7 Aug 2019 20:40:46 +0300 Subject: [PATCH 1529/2197] Remove extra mbedtls_ecp_group_free() call since the grp is free at the top of the function. --- library/ecp_curves.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 282481d05..4335f2d60 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -836,7 +836,6 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ default: - mbedtls_ecp_group_free( grp ); return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); } } From 91e8c33f48a6e36a97e28513f3bdb8007ac7ad5d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Aug 2019 19:19:39 +0200 Subject: [PATCH 1530/2197] Add infrastructure for key attribute flags Add infrastructure for internal, external and dual-use flags, with a compile-time check (if static_assert is available) to ensure that the same numerical value doesn't get declared for two different purposes in crypto_struct.h (external or dual-use) and psa_crypto_core.h (internal). --- include/psa/crypto_struct.h | 23 ++++++++++++++++++++++- library/psa_crypto.c | 18 ++++++++++++++++++ library/psa_crypto_core.h | 5 +++++ 3 files changed, 45 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 9e38e53ce..3bace6088 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -322,6 +322,27 @@ typedef uint16_t psa_key_bits_t; * conditionals. */ #define PSA_MAX_KEY_BITS 0xfff8 +/** A mask of flags that can be stored in key attributes. + * + * This type is also used internally to store flags in slots. Internal + * flags are defined in library/psa_crypto_core.h. Internal flags may have + * the same value as external flags if they are properly handled during + * key creation and in psa_get_key_attributes. + */ +typedef uint16_t psa_key_attributes_flag_t; + +#define MBEDLTS_PSA_KA_FLAG_SLOT_NUMBER ( (psa_key_attributes_flag_t) 0x0001 ) + +/* A mask of key attribute flags used externally only. + * Only meant for internal checks inside the library. */ +#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ + 0 ) + +/* A mask of key attribute flags used both internally and externally. + * Currently there aren't any. */ +#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ + 0 ) + typedef struct { psa_key_type_t type; @@ -329,7 +350,7 @@ typedef struct psa_key_id_t id; psa_key_policy_t policy; psa_key_bits_t bits; - uint16_t flags; + psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; #define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0, 0} diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 41289c607..e043d7000 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1408,6 +1408,15 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, data_length, 1 ) ); } +#if defined(static_assert) +static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, + "One or more key attribute flag is listed as both external-only and dual-use" ); +static_assert( ( MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, + "One or more key attribute flag is listed as both external-only and dual-use" ); +static_assert( ( MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0, + "One or more key attribute flag is listed as both internal-only and external-only" ); +#endif + /** Validate that a key policy is internally well-formed. * * This function only rejects invalid policies. It does not validate the @@ -1467,6 +1476,11 @@ static psa_status_t psa_validate_key_attributes( if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) return( PSA_ERROR_NOT_SUPPORTED ); + /* Reject invalid flags. These should not be reachable through the API. */ + if( attributes->core.flags & ~ ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | + MBEDTLS_PSA_KA_MASK_DUAL_USE ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_SUCCESS ); } @@ -1523,6 +1537,10 @@ static psa_status_t psa_start_key_creation( slot->attr = attributes->core; + /* Erase external-only flags from the internal copy. To access + * external-only flags, query `attributes`. */ + slot->attr.flags |= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY; + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: * create the key file in internal storage, create the diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index fbfb6daef..e289dbeef 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -64,6 +64,11 @@ typedef struct } data; } psa_key_slot_t; +/* A mask of key attribute flags used only internally. + * Currently there aren't any. */ +#define MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY ( \ + 0 ) + /** Test whether a key slot is occupied. * * A key slot is occupied iff the key type is nonzero. This works because From 74f3352b05a6d1b119fa6325ac1882eedf3860f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Aug 2019 19:21:49 +0200 Subject: [PATCH 1531/2197] Add missing guard around a union field --- library/psa_crypto_core.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index e289dbeef..b67c0c576 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -56,11 +56,13 @@ typedef struct /* EC public key or key pair */ mbedtls_ecp_keypair *ecp; #endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Any key type in a secure element */ struct se { psa_key_slot_number_t slot_number; } se; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ } data; } psa_key_slot_t; From c8000c005aa16da442e716ed89009631e3770c8a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Aug 2019 20:15:51 +0200 Subject: [PATCH 1532/2197] Add slot_number attribute Add a slot_number field to psa_key_attributes_t and getter/setter functions. Since slot numbers can have the value 0, indicate the presence of the field via a separate flag. In psa_get_key_attributes(), report the slot number if the key is in a secure element. When creating a key, for now, applications cannot choose a slot number. A subsequent commit will add this capability in the secure element HAL. --- include/psa/crypto_extra.h | 61 ++++++++++++++++++++++++++++++++++ include/psa/crypto_se_driver.h | 7 ++++ include/psa/crypto_struct.h | 12 ++++++- include/psa/crypto_types.h | 11 ++++++ library/psa_crypto.c | 28 +++++++++++++++- 5 files changed, 117 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 6dfaa1300..5359b580a 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -104,6 +104,67 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( return( attributes->core.policy.alg2 ); } +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + +/** Retrieve the slot number where a key is stored. + * + * A slot number is only defined for keys that are stored in a secure + * element. + * + * This information is only useful if the secure element is not entirely + * managed through the PSA Cryptography API. It is up to the secure + * element driver to decide how PSA slot numbers map to any other interface + * that the secure element may have. + * + * \param[in] attributes The key attribute structure to query. + * \param[out] slot_number On success, the slot number containing the key. + * + * \retval #PSA_SUCCESS + * The key is located in a secure element, and \p *slot_number + * indicates the slot number that contains it. + * \retval #PSA_ERROR_NOT_PERMITTED + * The caller is not permitted to query the slot number. + * Mbed Crypto currently does not return this error. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key is not located in a secure element. + */ +psa_status_t psa_get_key_slot_number( + const psa_key_attributes_t *attributes, + psa_key_slot_number_t *slot_number ); + +/** Choose the slot number where a key is stored. + * + * This function declares a slot number in the specified attribute + * structure. + * + * A slot number is only meaningful for keys that are stored in a secure + * element. It is up to the secure element driver to decide how PSA slot + * numbers map to any other interface that the secure element may have. + * + * \note Setting a slot number in key attributes for a key creation can + * cause the following errors when creating the key: + * - #PSA_ERROR_NOT_SUPPORTED if the selected secure element does + * not support choosing a specific slot number. + * - #PSA_ERROR_NOT_PERMITTED if the caller is not permitted to + * choose slot numbers in general or to choose this specific slot. + * - #PSA_ERROR_INVALID_ARGUMENT if the chosen slot number is not + * valid in general or not valid for this specific key. + * - #PSA_ERROR_ALREADY_EXISTS if there is already a key in the + * selected slot. + * + * \param[out] attributes The attribute structure to write to. + * \param slot_number The slot number to set. + */ +static inline void psa_set_key_slot_number( + psa_key_attributes_t *attributes, + psa_key_slot_number_t slot_number ) +{ + attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; + attributes->slot_number = slot_number; +} + +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + /**@}*/ /** diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f95eaeb33..69cdababa 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -134,10 +134,17 @@ typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, void *persistent_data, psa_key_lifetime_t lifetime); +#if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C) +/* Mbed Crypto with secure element support enabled defines this type in + * crypto_types.h because it is also visible to applications through an + * implementation-specific extension. + * For the PSA Cryptography specification, this type is only visible + * via crypto_se_driver.h. */ /** An internal designation of a key slot between the core part of the * PSA Crypto implementation and the driver. The meaning of this value * is driver-dependent. */ typedef uint64_t psa_key_slot_number_t; +#endif /* __DOXYGEN_ONLY__ || !MBEDTLS_PSA_CRYPTO_SE_C */ /**@}*/ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 3bace6088..fbfe77e62 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -331,11 +331,13 @@ typedef uint16_t psa_key_bits_t; */ typedef uint16_t psa_key_attributes_flag_t; -#define MBEDLTS_PSA_KA_FLAG_SLOT_NUMBER ( (psa_key_attributes_flag_t) 0x0001 ) +#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ + ( (psa_key_attributes_flag_t) 0x0001 ) /* A mask of key attribute flags used externally only. * Only meant for internal checks inside the library. */ #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ + MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ 0 ) /* A mask of key attribute flags used both internally and externally. @@ -358,11 +360,19 @@ typedef struct struct psa_key_attributes_s { psa_core_key_attributes_t core; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + psa_key_slot_number_t slot_number; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ void *domain_parameters; size_t domain_parameters_size; }; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0} +#else #define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} +#endif + static inline struct psa_key_attributes_s psa_key_attributes_init( void ) { const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 1944be4b2..9af4957df 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -244,6 +244,17 @@ typedef uint32_t psa_key_usage_t; */ typedef struct psa_key_attributes_s psa_key_attributes_t; + +#ifndef __DOXYGEN_ONLY__ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +/* Mbed Crypto defines this type in crypto_types.h because it is also + * visible to applications through an implementation-specific extension. + * For the PSA Cryptography specification, this type is only visible + * via crypto_se_driver.h. */ +typedef uint64_t psa_key_slot_number_t; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#endif /* !__DOXYGEN_ONLY__ */ + /**@}*/ /** \defgroup derivation Key derivation diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e043d7000..a54cd73bb 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1187,6 +1187,13 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, return( status ); attributes->core = slot->attr; + attributes->core.flags &= ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | + MBEDTLS_PSA_KA_MASK_DUAL_USE ); + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_key_slot_is_external( slot ) ) + psa_set_key_slot_number( attributes, slot->data.se.slot_number ); +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ switch( slot->attr.type ) { @@ -1196,7 +1203,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* TOnogrepDO: reporting the public exponent for opaque keys * is not yet implemented. */ - if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) ) + if( psa_key_slot_is_external( slot ) ) break; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_get_rsa_public_exponent( slot->data.rsa, attributes ); @@ -1212,6 +1219,21 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, return( status ); } +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +psa_status_t psa_get_key_slot_number( + const psa_key_attributes_t *attributes, + psa_key_slot_number_t *slot_number ) +{ + if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER ) + { + *slot_number = attributes->slot_number; + return( PSA_SUCCESS ); + } + else + return( PSA_ERROR_INVALID_ARGUMENT ); +} +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + #if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) static int pk_write_pubkey_simple( mbedtls_pk_context *key, unsigned char *buf, size_t size ) @@ -1557,6 +1579,10 @@ static psa_status_t psa_start_key_creation( * we can roll back to a state where the key doesn't exist. */ if( *p_drv != NULL ) { + /* Choosing a slot number is not supported yet. */ + if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER ) + return( PSA_ERROR_NOT_SUPPORTED ); + status = psa_find_se_slot_for_key( attributes, *p_drv, &slot->data.se.slot_number ); if( status != PSA_SUCCESS ) From 5fe5e2759160a040ae47561d7d26db12e392f07b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Aug 2019 20:30:01 +0200 Subject: [PATCH 1533/2197] Test slot_number attribute Test the behavior of the getter/setter functions. Test that psa_get_key_slot_number() reports a slot number for a key in a secure element, and doesn't report a slot number for a key that is not in a secure element. Test that psa_get_key_slot_number() reports the correct slot number for a key in a secure element. --- include/psa/crypto_extra.h | 12 ++++ tests/suites/test_suite_psa_crypto.data | 3 + tests/suites/test_suite_psa_crypto.function | 61 +++++++++++++++++++ ...st_suite_psa_crypto_se_driver_hal.function | 30 ++++++++- 4 files changed, 105 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 5359b580a..130ce7544 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -163,6 +163,18 @@ static inline void psa_set_key_slot_number( attributes->slot_number = slot_number; } +/** Remove the slot number attribute from a key attribute structure. + * + * This function undoes the action of psa_set_key_slot_number(). + * + * \param[out] attributes The attribute structure to write to. + */ +static inline void psa_clear_key_slot_number( + psa_key_attributes_t *attributes ) +{ + attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; +} + #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ /**@}*/ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b04984024..4118d2f3e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -19,6 +19,9 @@ persistence_attributes:0x1234:3:-1:0x1234:3 PSA key attributes: lifetime then id persistence_attributes:0x1234:3:0x1235:0x1235:3 +PSA key attributes: slot number +slot_number_attribute: + PSA import/export raw: 0 bytes import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 0eb6172a4..3225bef34 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1113,6 +1113,23 @@ exit: return( ok ); } +/* Assert that a key isn't reported as having a slot number. */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#define ASSERT_NO_SLOT_NUMBER( attributes ) \ + do \ + { \ + psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number; \ + TEST_EQUAL( psa_get_key_slot_number( \ + attributes, \ + &ASSERT_NO_SLOT_NUMBER_slot_number ), \ + PSA_ERROR_INVALID_ARGUMENT ); \ + } \ + while( 0 ) +#else /* MBEDTLS_PSA_CRYPTO_SE_C */ +#define ASSERT_NO_SLOT_NUMBER( attributes ) \ + ( (void) 0 ) +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + /* An overapproximation of the amount of storage needed for a key of the * given type and with the given content. The API doesn't make it easy * to find a good value for the size. The current implementation doesn't @@ -1214,6 +1231,46 @@ void persistence_attributes( int id1_arg, int lifetime_arg, int id2_arg, } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */ +void slot_number_attribute( ) +{ + psa_key_slot_number_t slot_number = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + /* Initially, there is no slot number. */ + TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), + PSA_ERROR_INVALID_ARGUMENT ); + + /* Test setting a slot number. */ + psa_set_key_slot_number( &attributes, 0 ); + PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); + TEST_EQUAL( slot_number, 0 ); + + /* Test changing the slot number. */ + psa_set_key_slot_number( &attributes, 42 ); + PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); + TEST_EQUAL( slot_number, 42 ); + + /* Test clearing the slot number. */ + psa_clear_key_slot_number( &attributes ); + TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), + PSA_ERROR_INVALID_ARGUMENT ); + + /* Clearing again should have no effect. */ + psa_clear_key_slot_number( &attributes ); + TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), + PSA_ERROR_INVALID_ARGUMENT ); + + /* Test that reset clears the slot number. */ + psa_set_key_slot_number( &attributes, 42 ); + PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); + TEST_EQUAL( slot_number, 42 ); + psa_reset_key_attributes( &attributes ); + TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), + PSA_ERROR_INVALID_ARGUMENT ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_with_policy( int type_arg, int usage_arg, int alg_arg, @@ -1246,6 +1303,7 @@ void import_with_policy( int type_arg, TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); + ASSERT_NO_SLOT_NUMBER( &got_attributes ); PSA_ASSERT( psa_destroy_key( handle ) ); test_operations_on_invalid_handle( handle ); @@ -1284,6 +1342,7 @@ void import_with_data( data_t *data, int type_arg, TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); if( attr_bits != 0 ) TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) ); + ASSERT_NO_SLOT_NUMBER( &got_attributes ); PSA_ASSERT( psa_destroy_key( handle ) ); test_operations_on_invalid_handle( handle ); @@ -1328,6 +1387,7 @@ void import_large_key( int type_arg, int byte_size_arg, TEST_EQUAL( psa_get_key_type( &attributes ), type ); TEST_EQUAL( psa_get_key_bits( &attributes ), PSA_BYTES_TO_BITS( byte_size ) ); + ASSERT_NO_SLOT_NUMBER( &attributes ); memset( buffer, 0, byte_size + 1 ); PSA_ASSERT( psa_export_key( handle, buffer, byte_size, &n ) ); for( n = 0; n < byte_size; n++ ) @@ -1420,6 +1480,7 @@ void import_export( data_t *data, PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) ); TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits ); + ASSERT_NO_SLOT_NUMBER( &got_attributes ); /* Export the key */ status = psa_export_key( handle, diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 6ac19a60e..9a5746476 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -212,6 +212,31 @@ static int check_key_attributes( psa_get_key_bits( reference_attributes ) ); } + { + psa_key_slot_number_t actual_slot_number = 0xdeadbeef; + psa_key_slot_number_t desired_slot_number = 0xb90cc011; + psa_key_lifetime_t lifetime = + psa_get_key_lifetime( &actual_attributes ); + psa_status_t status = psa_get_key_slot_number( &actual_attributes, + &actual_slot_number ); + if( lifetime < MIN_DRIVER_LIFETIME ) + { + /* The key is not in a secure element. */ + TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + } + else + { + /* The key is in a secure element. If it had been created + * in a specific slot, check that it is reported there. */ + PSA_ASSERT( status ); + status = psa_get_key_slot_number( reference_attributes, + &desired_slot_number ); + if( status == PSA_SUCCESS ) + { + TEST_EQUAL( desired_slot_number, actual_slot_number ); + } + } + } ok = 1; exit: @@ -485,11 +510,14 @@ void key_creation_import_export( int min_slot, int restart ) /* Test that the key was created in the expected slot. */ TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA ); - /* Test the key attributes and the key data. */ + /* Test the key attributes, including the reported slot number. */ psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); + psa_set_key_slot_number( &attributes, min_slot ); if( ! check_key_attributes( handle, &attributes ) ) goto exit; + + /* Test the key data. */ PSA_ASSERT( psa_export_key( handle, exported, sizeof( exported ), &exported_length ) ); From 5a68056755f6e75f281b4d2884cff72ca85ecd78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 17:32:13 +0200 Subject: [PATCH 1534/2197] Rename internal macro to pass check-names.sh check-names.sh rejects MBEDTLS_XXX identifiers that are not defined in a public header. --- library/psa_crypto.c | 4 ++-- library/psa_crypto_core.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a54cd73bb..9f7b5cbc0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1433,9 +1433,9 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, #if defined(static_assert) static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, "One or more key attribute flag is listed as both external-only and dual-use" ); -static_assert( ( MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, +static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, "One or more key attribute flag is listed as both external-only and dual-use" ); -static_assert( ( MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0, +static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0, "One or more key attribute flag is listed as both internal-only and external-only" ); #endif diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index b67c0c576..edf3ab603 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -68,7 +68,7 @@ typedef struct /* A mask of key attribute flags used only internally. * Currently there aren't any. */ -#define MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY ( \ +#define PSA_KA_MASK_INTERNAL_ONLY ( \ 0 ) /** Test whether a key slot is occupied. From 013f5474cfc639412d787246b5af45a971e0493e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 15:42:14 +0200 Subject: [PATCH 1535/2197] Fix erasure of external flags This didn't break anything now, but would have broken things once we start to add internal flags. --- library/psa_crypto.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9f7b5cbc0..5742f627d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1560,8 +1560,11 @@ static psa_status_t psa_start_key_creation( slot->attr = attributes->core; /* Erase external-only flags from the internal copy. To access - * external-only flags, query `attributes`. */ - slot->attr.flags |= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY; + * external-only flags, query `attributes`. Thanks to the check + * in psa_validate_key_attributes(), this leaves the dual-use + * flags and any internal flag that psa_internal_allocate_key_slot() + * may have set. */ + slot->attr.flags &= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things: From 094dac1d12e16c3c0a933cf9c548b2a73cee478a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 18:19:46 +0200 Subject: [PATCH 1536/2197] Fix copypasta --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5742f627d..254ab2a71 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1434,7 +1434,7 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle, static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, "One or more key attribute flag is listed as both external-only and dual-use" ); static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, - "One or more key attribute flag is listed as both external-only and dual-use" ); + "One or more key attribute flag is listed as both internal-only and dual-use" ); static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0, "One or more key attribute flag is listed as both internal-only and external-only" ); #endif From edbed5670afe1caa6be6cb9ec8dbca4fab3b82c8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 18:19:59 +0200 Subject: [PATCH 1537/2197] Rename psa_internal_allocate_key_slot to psa_get_empty_key_slot This function no longer modifies anything, so it doesn't actually allocate the slot. Now, it just returns the empty key slot, and it's up to the caller to cause the slot to be in use (or not). --- library/psa_crypto.c | 4 ++-- library/psa_crypto_slot_management.c | 4 ++-- library/psa_crypto_slot_management.h | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 254ab2a71..5cb88de7e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1546,7 +1546,7 @@ static psa_status_t psa_start_key_creation( if( status != PSA_SUCCESS ) return( status ); - status = psa_internal_allocate_key_slot( handle, p_slot ); + status = psa_get_empty_key_slot( handle, p_slot ); if( status != PSA_SUCCESS ) return( status ); slot = *p_slot; @@ -1562,7 +1562,7 @@ static psa_status_t psa_start_key_creation( /* Erase external-only flags from the internal copy. To access * external-only flags, query `attributes`. Thanks to the check * in psa_validate_key_attributes(), this leaves the dual-use - * flags and any internal flag that psa_internal_allocate_key_slot() + * flags and any internal flag that psa_get_empty_key_slot() * may have set. */ slot->attr.flags &= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY; diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 073400988..fe9214831 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -102,7 +102,7 @@ void psa_wipe_all_key_slots( void ) global_data.key_slots_initialized = 0; } -psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, +psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, psa_key_slot_t **p_slot ) { if( ! global_data.key_slots_initialized ) @@ -228,7 +228,7 @@ psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle ) if( status != PSA_SUCCESS ) return( status ); - status = psa_internal_allocate_key_slot( handle, &slot ); + status = psa_get_empty_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index cde590fc5..472253dd9 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -71,8 +71,8 @@ void psa_wipe_all_key_slots( void ); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle, - psa_key_slot_t **p_slot ); +psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle, + psa_key_slot_t **p_slot ); /** Test whether a lifetime designates a key in an external cryptoprocessor. * From 0a233224316f85bcd30c40106579c3d35addf4c4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 14:50:28 +0200 Subject: [PATCH 1538/2197] Improve documentation of the allocate method --- include/psa/crypto_se_driver.h | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 69cdababa..cd57b065d 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -977,7 +977,21 @@ typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_cont * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { - /** Function that allocates a slot. */ + /** Function that allocates a slot for a key. + * + * The core calls this function to determine a slot number, then + * calls the actual creation function (such as + * psa_drv_se_key_management_t::p_import or + * psa_drv_se_key_management_t::p_generate). + * + * If this function succeeds, the next call that the core makes to the + * driver is either the creation function or + * psa_drv_se_key_management_t::p_destroy. Note that + * if the platform is reset after this function returns, the core + * may either subsequently call + * psa_drv_se_key_management_t::p_destroy or may behave as if the + * last call to this function had not taken place. + */ psa_drv_se_allocate_key_t p_allocate; /** Function that performs a key import operation */ psa_drv_se_import_key_t p_import; From ae9964d3ef2bc9f76a05eb43fcc216bdf5252c72 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 14:55:14 +0200 Subject: [PATCH 1539/2197] Add validate_slot_number method to SE drivers Pave the way for allowing the application to choose the slot number in a secure element, rather than always letting the driver choose. --- include/psa/crypto_se_driver.h | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index cd57b065d..127f17b5c 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -833,6 +833,30 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( const psa_key_attributes_t *attributes, psa_key_slot_number_t *key_slot); +/** \brief A function that determines whether a slot number is valid + * for a key. + * + * \param[in,out] drv_context The driver context structure. + * \param[in] attributes Attributes of the key. + * \param[in] key_slot Slot where the key is to be stored. + * + * \retval #PSA_SUCCESS + * The given slot number is valid for a key with the given + * attributes. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The given slot number is not valid for a key with the + * given attributes. This includes the case where the slot + * number is not valid at all. + * \retval #PSA_ERROR_ALREADY_EXISTS + * There is already a key with the specified slot number. + * Drivers may choose to return this error from the key + * creation function instead. + */ +typedef psa_status_t (*psa_drv_se_validate_slot_number_t)( + psa_drv_se_context_t *drv_context, + const psa_key_attributes_t *attributes, + psa_key_slot_number_t key_slot); + /** \brief A function that imports a key into a secure element in binary format * * This function can support any output from psa_export_key(). Refer to the @@ -993,6 +1017,16 @@ typedef struct { * last call to this function had not taken place. */ psa_drv_se_allocate_key_t p_allocate; + /** Function that checks the validity of a slot for a key. + * + * The core calls this function instead of + * psa_drv_se_key_management_t::p_allocate to create + * a key in a specific slot. It then calls the actual creation function + * (such as psa_drv_se_key_management_t::p_import or + * psa_drv_se_key_management_t::p_generate) or + * psa_drv_se_key_management_t::p_destroy. + */ + psa_drv_se_validate_slot_number_t p_validate_slot_number; /** Function that performs a key import operation */ psa_drv_se_import_key_t p_import; /** Function that performs a generation */ From 46d9439a5ec82d09b76d007f785cef74924f969c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 14:55:50 +0200 Subject: [PATCH 1540/2197] Support slot_number attribute when creating a key Allow the application to choose the slot number in a secure element, rather than always letting the driver choose. With this commit, any application may request any slot. In an implementation with isolation, it's up to the service to filter key creation requests and apply policies to limit which applications can request which slot. --- library/psa_crypto.c | 4 -- library/psa_crypto_se.c | 37 +++++++--- .../test_suite_psa_crypto_se_driver_hal.data | 9 +++ ...st_suite_psa_crypto_se_driver_hal.function | 70 +++++++++++++++++++ 4 files changed, 105 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5cb88de7e..856d8622d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1582,10 +1582,6 @@ static psa_status_t psa_start_key_creation( * we can roll back to a state where the key doesn't exist. */ if( *p_drv != NULL ) { - /* Choosing a slot number is not supported yet. */ - if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = psa_find_se_slot_for_key( attributes, *p_drv, &slot->data.se.slot_number ); if( status != PSA_SUCCESS ) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index bc7325180..ca38e2065 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -201,7 +201,6 @@ psa_status_t psa_find_se_slot_for_key( psa_key_slot_number_t *slot_number ) { psa_status_t status; - psa_drv_se_allocate_key_t p_allocate = NULL; /* If the lifetime is wrong, it's a bug in the library. */ if( driver->lifetime != psa_get_key_lifetime( attributes ) ) @@ -210,17 +209,33 @@ psa_status_t psa_find_se_slot_for_key( /* If the driver doesn't support key creation in any way, give up now. */ if( driver->methods->key_management == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - p_allocate = driver->methods->key_management->p_allocate; - /* If the driver doesn't tell us how to allocate a slot, that's - * not supported for the time being. */ - if( p_allocate == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - - status = p_allocate( &driver->context, - driver->internal.persistent_data, - attributes, - slot_number ); + if( psa_get_key_slot_number( attributes, slot_number ) == PSA_SUCCESS ) + { + /* The application wants to use a specific slot. Allow it if + * the driver supports it. On a system with isolation, + * the crypto service must check that the application is + * permitted to request this slot. */ + psa_drv_se_validate_slot_number_t p_validate_slot_number = + driver->methods->key_management->p_validate_slot_number; + if( p_validate_slot_number == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + status = p_validate_slot_number( &driver->context, attributes, + *slot_number ); + } + else + { + /* The application didn't tell us which slot to use. Let the driver + * choose. This is the normal case. */ + psa_drv_se_allocate_key_t p_allocate = + driver->methods->key_management->p_allocate; + if( p_allocate == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + status = p_allocate( &driver->context, + driver->internal.persistent_data, + attributes, + slot_number ); + } return( status ); } diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 6fb65f02a..57aa47f76 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -39,6 +39,15 @@ key_creation_import_export:0:1 SE key import-export, check after restart (slot 3) key_creation_import_export:3:1 +Key creation in a specific slot (0) +key_creation_in_chosen_slot:0:PSA_SUCCESS + +Key creation in a specific slot (max) +key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ) - 1:PSA_SUCCESS + +Key creation in a specific slot (too large) +key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ):PSA_ERROR_INVALID_ARGUMENT + Key creation smoke test: AES-CTR key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 9a5746476..8924ae1e7 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -177,6 +177,18 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, return( PSA_ERROR_INSUFFICIENT_STORAGE ); } +static psa_status_t ram_validate_slot_number( + psa_drv_se_context_t *context, + const psa_key_attributes_t *attributes, + psa_key_slot_number_t slot_number ) +{ + (void) context; + (void) attributes; + if( slot_number >= ARRAY_LENGTH( ram_slots ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_SUCCESS ); +} + /****************************************************************/ @@ -536,6 +548,64 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void key_creation_in_chosen_slot( int slot_arg, + int expected_status_arg ) +{ + psa_key_slot_number_t wanted_slot = slot_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t status; + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + driver.persistent_data_size = sizeof( ram_slot_usage_t ); + key_management.p_validate_slot_number = ram_validate_slot_number; + key_management.p_import = ram_import; + key_management.p_destroy = ram_destroy; + key_management.p_export = ram_export; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + /* Create a key. */ + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_slot_number( &attributes, wanted_slot ); + status = psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ); + TEST_EQUAL( status, expected_status ); + + if( status == PSA_SUCCESS ) + { + /* Test that the key was created in the expected slot. */ + TEST_EQUAL( ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA ); + + /* Test that the key is reported with the correct attributes, + * including the expected slot. */ + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + } + +exit: + PSA_DONE( ); + ram_slots_reset( ); + psa_purge_storage( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_creation_smoke( int type_arg, int alg_arg, data_t *key_material ) From 0a1104474b5a2ff2405d7d1807506c20a727333d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 14:59:15 +0200 Subject: [PATCH 1541/2197] Test restarting after creating a key in a specific slot --- .../test_suite_psa_crypto_se_driver_hal.data | 12 ++++++-- ...st_suite_psa_crypto_se_driver_hal.function | 28 +++++++++++++------ 2 files changed, 28 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 57aa47f76..e6482ddbc 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -40,13 +40,19 @@ SE key import-export, check after restart (slot 3) key_creation_import_export:3:1 Key creation in a specific slot (0) -key_creation_in_chosen_slot:0:PSA_SUCCESS +key_creation_in_chosen_slot:0:0:PSA_SUCCESS Key creation in a specific slot (max) -key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ) - 1:PSA_SUCCESS +key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ) - 1:0:PSA_SUCCESS + +Key creation in a specific slot (0, restart) +key_creation_in_chosen_slot:0:1:PSA_SUCCESS + +Key creation in a specific slot (max, restart) +key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ) - 1:1:PSA_SUCCESS Key creation in a specific slot (too large) -key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ):PSA_ERROR_INVALID_ARGUMENT +key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ):0:PSA_ERROR_INVALID_ARGUMENT Key creation smoke test: AES-CTR key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 8924ae1e7..0fab0433f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -550,6 +550,7 @@ exit: /* BEGIN_CASE */ void key_creation_in_chosen_slot( int slot_arg, + int restart, int expected_status_arg ) { psa_key_slot_number_t wanted_slot = slot_arg; @@ -587,18 +588,27 @@ void key_creation_in_chosen_slot( int slot_arg, &handle ); TEST_EQUAL( status, expected_status ); - if( status == PSA_SUCCESS ) + if( status != PSA_SUCCESS ) + goto exit; + + /* Maybe restart, to check that the information is saved correctly. */ + if( restart ) { - /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA ); - - /* Test that the key is reported with the correct attributes, - * including the expected slot. */ - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); - - PSA_ASSERT( psa_destroy_key( handle ) ); + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); } + /* Test that the key was created in the expected slot. */ + TEST_EQUAL( ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA ); + + /* Test that the key is reported with the correct attributes, + * including the expected slot. */ + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + exit: PSA_DONE( ); ram_slots_reset( ); From 849b05afb805d84cf986f206e6a0a0fe0cf02a0d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 9 Aug 2019 10:22:32 +0100 Subject: [PATCH 1542/2197] Fix PSA tests The test framework has changed, but it did not cause any merge conflicts. Still it affected new code in the tests. --- tests/psa_crypto_helpers.h | 2 +- tests/suites/target_test.function | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/psa_crypto_helpers.h b/tests/psa_crypto_helpers.h index 26d562344..3780d161a 100644 --- a/tests/psa_crypto_helpers.h +++ b/tests/psa_crypto_helpers.h @@ -45,7 +45,7 @@ static int test_helper_is_psa_pristine( int line, const char *file ) /* If the test has already failed, don't overwrite the failure * information. Do keep the stats lookup above, because it can be * convenient to break on it when debugging a failure. */ - if( msg != NULL && test_info.failed == 0 ) + if( msg != NULL && test_info.result == TEST_RESULT_SUCCESS ) test_fail( msg, line, file ); return( msg == NULL ); diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index d430d9d5d..91f719873 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -374,7 +374,7 @@ int execute_tests( int args, const char ** argv ) while ( 1 ) { ret = 0; - test_info.failed = 0; + test_info.result = TEST_RESULT_SUCCESS; data_len = 0; data = receive_data( &data_len ); @@ -432,7 +432,7 @@ int execute_tests( int args, const char ** argv ) if ( ret ) send_failure( ret ); else - send_status( test_info.failed ); + send_status( test_info.result ); } return( 0 ); } From 9d75202efb8267e34e871a023539b2d9050aedf9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 9 Aug 2019 11:33:48 +0200 Subject: [PATCH 1543/2197] Clarify and expand the documentation of the allocate/create sequence --- include/psa/crypto_se_driver.h | 74 +++++++++++++++++++++++----------- 1 file changed, 50 insertions(+), 24 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 127f17b5c..9a5d97da7 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -811,6 +811,42 @@ typedef struct { /**@{*/ /** \brief A function that allocates a slot for a key. + * + * To create a key in a specific slot in a secure element, the core + * first calls this function to determine a valid slot number, + * then calls a function to create the key material in that slot. + * For example, in nominal conditions (that is, if no error occurs), + * the effect of a call to psa_import_key() with a lifetime that places + * the key in a secure element is the following: + * -# The core calls psa_drv_se_key_management_t::p_allocate + * (or in some implementations + * psa_drv_se_key_management_t::p_validate_slot_number). The driver + * selects (or validates) a suitable slot number given the key attributes + * and the state of the secure element. + * -# The core calls psa_drv_se_key_management_t::p_import to import + * the key material in the selected slot. + * + * Other key creation methods lead to similar sequences. For example, the + * sequence for psa_generate_key() is the same except that the second step + * is a call to psa_drv_se_key_management_t::p_generate. + * + * In case of errors, other behaviors are possible. + * - If the PSA Cryptography subsystem dies after the first step, + * for example because the device has lost power abruptly, + * the second step may never happen, or may happen after a reset + * and re-initialization. Alternatively, after a reset and + * re-initialization, the core may call + * psa_drv_se_key_management_t::p_destroy on the slot number that + * was allocated (or validated) instead of calling a key creation function. + * - If an error occurs, the core may call + * psa_drv_se_key_management_t::p_destroy on the slot number that + * was allocated (or validated) instead of calling a key creation function. + * + * Errors and system resets also have an impact on the driver's persistent + * data. If a reset happens before the overall key creation process is + * completed (before or after the second step above), it is unspecified + * whether the persistent data after the reset is identical to what it + * was before or after the call to `p_allocate` (or `p_validate_slot_number`). * * \param[in,out] drv_context The driver context structure. * \param[in,out] persistent_data A pointer to the persistent data @@ -836,6 +872,18 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( /** \brief A function that determines whether a slot number is valid * for a key. * + * To create a key in a specific slot in a secure element, the core + * first calls this function to validate the choice of slot number, + * then calls a function to create the key material in that slot. + * See the documentation of #psa_drv_se_allocate_key_t for more details. + * + * As of the PSA Cryptography API specification version 1.0, there is no way + * for applications to trigger a call to this function. However some + * implementations offer the capability to create or declare a key in + * a specific slot via implementation-specific means, generally for the + * sake of initial device provisioning or onboarding. Such a mechanism may + * be added to a future version of the PSA Cryptography API specification. + * * \param[in,out] drv_context The driver context structure. * \param[in] attributes Attributes of the key. * \param[in] key_slot Slot where the key is to be stored. @@ -1001,31 +1049,9 @@ typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_cont * If one of the functions is not implemented, it should be set to NULL. */ typedef struct { - /** Function that allocates a slot for a key. - * - * The core calls this function to determine a slot number, then - * calls the actual creation function (such as - * psa_drv_se_key_management_t::p_import or - * psa_drv_se_key_management_t::p_generate). - * - * If this function succeeds, the next call that the core makes to the - * driver is either the creation function or - * psa_drv_se_key_management_t::p_destroy. Note that - * if the platform is reset after this function returns, the core - * may either subsequently call - * psa_drv_se_key_management_t::p_destroy or may behave as if the - * last call to this function had not taken place. - */ + /** Function that allocates a slot for a key. */ psa_drv_se_allocate_key_t p_allocate; - /** Function that checks the validity of a slot for a key. - * - * The core calls this function instead of - * psa_drv_se_key_management_t::p_allocate to create - * a key in a specific slot. It then calls the actual creation function - * (such as psa_drv_se_key_management_t::p_import or - * psa_drv_se_key_management_t::p_generate) or - * psa_drv_se_key_management_t::p_destroy. - */ + /** Function that checks the validity of a slot for a key. */ psa_drv_se_validate_slot_number_t p_validate_slot_number; /** Function that performs a key import operation */ psa_drv_se_import_key_t p_import; From df17914e01f923dd1c32c9e6067ca46cd4d8e1cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 15 Jul 2019 22:02:14 +0200 Subject: [PATCH 1544/2197] psa_start_key_creation: take the method as a parameter Let psa_start_key_creation know what type of key creation this is. This will be used at least for key registration in a secure element, which is a peculiar kind of creation since it uses existing key material. --- library/psa_crypto.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 856d8622d..0c8b99b37 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1506,6 +1506,16 @@ static psa_status_t psa_validate_key_attributes( return( PSA_SUCCESS ); } +/** An enumeration indicating how a key is created. + */ +typedef enum +{ + PSA_KEY_CREATION_IMPORT, + PSA_KEY_CREATION_GENERATE, + PSA_KEY_CREATION_DERIVE, + PSA_KEY_CREATION_COPY, +} psa_key_creation_method_t; + /** Prepare a key slot to receive key material. * * This function allocates a key slot and sets its metadata. @@ -1520,6 +1530,7 @@ static psa_status_t psa_validate_key_attributes( * In case of failure at any step, stop the sequence and call * psa_fail_key_creation(). * + * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. * \param[out] handle On success, a handle for the allocated slot. * \param[out] p_slot On success, a pointer to the prepared slot. @@ -1532,6 +1543,7 @@ static psa_status_t psa_validate_key_attributes( * You must call psa_fail_key_creation() to wipe and free the slot. */ static psa_status_t psa_start_key_creation( + psa_key_creation_method_t method, const psa_key_attributes_t *attributes, psa_key_handle_t *handle, psa_key_slot_t **p_slot, @@ -1540,6 +1552,7 @@ static psa_status_t psa_start_key_creation( psa_status_t status; psa_key_slot_t *slot; + (void) method; *p_drv = NULL; status = psa_validate_key_attributes( attributes, p_drv ); @@ -1796,7 +1809,8 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; - status = psa_start_key_creation( attributes, handle, &slot, &driver ); + status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, + handle, &slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -1899,7 +1913,8 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle, if( status != PSA_SUCCESS ) goto exit; - status = psa_start_key_creation( &actual_attributes, + status = psa_start_key_creation( PSA_KEY_CREATION_COPY, + &actual_attributes, target_handle, &target_slot, &driver ); if( status != PSA_SUCCESS ) goto exit; @@ -4817,7 +4832,8 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; - status = psa_start_key_creation( attributes, handle, &slot, &driver ); + status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, + attributes, handle, &slot, &driver ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { @@ -5863,7 +5879,8 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; - status = psa_start_key_creation( attributes, handle, &slot, &driver ); + status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, + attributes, handle, &slot, &driver ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { From e88c2c1338e57cfae2c793eab111860e01c77edc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 16:44:14 +0200 Subject: [PATCH 1545/2197] Pass the key creation method to drivers Pass the key creation method (import/generate/derive/copy) to the driver methods to allocate or validate a slot number. This allows drivers to enforce policies such as "this key slot can only be used for keys generated inside the secure element". --- include/psa/crypto_se_driver.h | 46 ++++++++++++++----- library/psa_crypto.c | 12 +---- library/psa_crypto_se.c | 6 ++- library/psa_crypto_se.h | 1 + ...st_suite_psa_crypto_se_driver_hal.function | 6 +++ 5 files changed, 47 insertions(+), 24 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 9a5d97da7..cdf0de116 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -810,25 +810,45 @@ typedef struct { */ /**@{*/ +/** An enumeration indicating how a key is created. + */ +typedef enum +{ + PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */ + PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ + PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ + PSA_KEY_CREATION_COPY, /**< During psa_copy_key() */ +} psa_key_creation_method_t; + /** \brief A function that allocates a slot for a key. * * To create a key in a specific slot in a secure element, the core * first calls this function to determine a valid slot number, * then calls a function to create the key material in that slot. - * For example, in nominal conditions (that is, if no error occurs), - * the effect of a call to psa_import_key() with a lifetime that places - * the key in a secure element is the following: + * In nominal conditions (that is, if no error occurs), + * the effect of a call to a key creation function in the PSA Cryptography + * API with a lifetime that places the key in a secure element is the + * following: * -# The core calls psa_drv_se_key_management_t::p_allocate * (or in some implementations * psa_drv_se_key_management_t::p_validate_slot_number). The driver * selects (or validates) a suitable slot number given the key attributes * and the state of the secure element. - * -# The core calls psa_drv_se_key_management_t::p_import to import - * the key material in the selected slot. + * -# The core calls a key creation function in the driver. * - * Other key creation methods lead to similar sequences. For example, the - * sequence for psa_generate_key() is the same except that the second step - * is a call to psa_drv_se_key_management_t::p_generate. + * The key creation functions in the PSA Cryptography API are: + * - psa_import_key(), which causes + * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_IMPORT + * then a call to psa_drv_se_key_management_t::p_import. + * - psa_generate_key(), which causes + * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_GENERATE + * then a call to psa_drv_se_key_management_t::p_import. + * - psa_key_derivation_output_key(), which causes + * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_DERIVE + * then a call to psa_drv_se_key_derivation_t::p_derive. + * - psa_copy_key(), which causes + * a call to `p_allocate` with \p method = #PSA_KEY_CREATION_COPY + * then a call to psa_drv_se_key_management_t::p_export. * * In case of errors, other behaviors are possible. * - If the PSA Cryptography subsystem dies after the first step, @@ -852,6 +872,7 @@ typedef struct { * \param[in,out] persistent_data A pointer to the persistent data * that allows writing. * \param[in] attributes Attributes of the key. + * \param method The way in which the key is being created. * \param[out] key_slot Slot where the key will be stored. * This must be a valid slot for a key of the * chosen type. It must be unoccupied. @@ -867,6 +888,7 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_key_slot_number_t *key_slot); /** \brief A function that determines whether a slot number is valid @@ -884,9 +906,10 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( * sake of initial device provisioning or onboarding. Such a mechanism may * be added to a future version of the PSA Cryptography API specification. * - * \param[in,out] drv_context The driver context structure. - * \param[in] attributes Attributes of the key. - * \param[in] key_slot Slot where the key is to be stored. + * \param[in,out] drv_context The driver context structure. + * \param[in] attributes Attributes of the key. + * \param method The way in which the key is being created. + * \param[in] key_slot Slot where the key is to be stored. * * \retval #PSA_SUCCESS * The given slot number is valid for a key with the given @@ -903,6 +926,7 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( typedef psa_status_t (*psa_drv_se_validate_slot_number_t)( psa_drv_se_context_t *drv_context, const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_key_slot_number_t key_slot); /** \brief A function that imports a key into a secure element in binary format diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0c8b99b37..08f9476f9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1506,16 +1506,6 @@ static psa_status_t psa_validate_key_attributes( return( PSA_SUCCESS ); } -/** An enumeration indicating how a key is created. - */ -typedef enum -{ - PSA_KEY_CREATION_IMPORT, - PSA_KEY_CREATION_GENERATE, - PSA_KEY_CREATION_DERIVE, - PSA_KEY_CREATION_COPY, -} psa_key_creation_method_t; - /** Prepare a key slot to receive key material. * * This function allocates a key slot and sets its metadata. @@ -1595,7 +1585,7 @@ static psa_status_t psa_start_key_creation( * we can roll back to a state where the key doesn't exist. */ if( *p_drv != NULL ) { - status = psa_find_se_slot_for_key( attributes, *p_drv, + status = psa_find_se_slot_for_key( attributes, method, *p_drv, &slot->data.se.slot_number ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index ca38e2065..523c62105 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -197,6 +197,7 @@ psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime ) psa_status_t psa_find_se_slot_for_key( const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_se_drv_table_entry_t *driver, psa_key_slot_number_t *slot_number ) { @@ -220,7 +221,8 @@ psa_status_t psa_find_se_slot_for_key( driver->methods->key_management->p_validate_slot_number; if( p_validate_slot_number == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - status = p_validate_slot_number( &driver->context, attributes, + status = p_validate_slot_number( &driver->context, + attributes, method, *slot_number ); } else @@ -233,7 +235,7 @@ psa_status_t psa_find_se_slot_for_key( return( PSA_ERROR_NOT_SUPPORTED ); status = p_allocate( &driver->context, driver->internal.persistent_data, - attributes, + attributes, method, slot_number ); } return( status ); diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 378c78ffe..900a72bd3 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -135,6 +135,7 @@ psa_drv_se_context_t *psa_get_se_driver_context( */ psa_status_t psa_find_se_slot_for_key( const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_se_drv_table_entry_t *driver, psa_key_slot_number_t *slot_number ); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 0fab0433f..19b421dd3 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -41,10 +41,12 @@ static psa_status_t counter_allocate( psa_drv_se_context_t *context, void *persistent_data, const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_key_slot_number_t *slot_number ) { psa_key_slot_number_t *p_counter = persistent_data; (void) attributes; + (void) method; if( context->persistent_data_size != sizeof( psa_key_slot_number_t ) ) return( PSA_ERROR_DETECTED_BY_DRIVER ); ++*p_counter; @@ -162,10 +164,12 @@ static psa_status_t ram_destroy( psa_drv_se_context_t *context, static psa_status_t ram_allocate( psa_drv_se_context_t *context, void *persistent_data, const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_key_slot_number_t *slot_number ) { ram_slot_usage_t *slot_usage = persistent_data; (void) attributes; + (void) method; DRIVER_ASSERT( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); for( *slot_number = ram_min_slot; *slot_number < ARRAY_LENGTH( ram_slots ); @@ -180,10 +184,12 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, static psa_status_t ram_validate_slot_number( psa_drv_se_context_t *context, const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, psa_key_slot_number_t slot_number ) { (void) context; (void) attributes; + (void) method; if( slot_number >= ARRAY_LENGTH( ram_slots ) ) return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_SUCCESS ); From d772958ffc8c500af436ca700d83815244789e43 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 15:55:54 +0200 Subject: [PATCH 1546/2197] New function mbedtls_psa_register_se_key Register an existing key in a secure element. Minimal implementation that doesn't call any driver method and just lets the application declare whatever it wants. --- include/psa/crypto_extra.h | 38 ++++++++++ include/psa/crypto_se_driver.h | 1 + library/psa_crypto.c | 75 +++++++++++++++++-- .../test_suite_psa_crypto_se_driver_hal.data | 12 +++ ...st_suite_psa_crypto_se_driver_hal.function | 56 ++++++++++++++ 5 files changed, 176 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 130ce7544..355012236 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -175,6 +175,44 @@ static inline void psa_clear_key_slot_number( attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; } +/** Register a key that is already present in a secure element. + * + * The key must be located in a secure element designated by the + * lifetime field in \p attributes, in the slot set with + * psa_set_key_slot_number() in the attribute structure. + * This function makes the key available through the key identifier + * specified in \p attributes. + * + * \param[in] attributes The attributes of the existing key. + * + * \retval #PSA_SUCCESS + * The key was successfully registered. + * Note that depending on the design of the driver, this may or may + * not guarantee that a key actually exists in the designated slot + * and is compatible with the specified attributes. + * \retval #PSA_ERROR_ALREADY_EXISTS + * There is already a key with the identifier specified in + * \p attributes. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p attributes specifies a lifetime which is not located + * in a secure element. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * No slot number is specified in \p attributes, + * or the specified slot number is not valid. + * \retval #PSA_ERROR_NOT_PERMITTED + * The caller is not authorized to register the specified key slot. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t mbedtls_psa_register_se_key( + const psa_key_attributes_t *attributes); + #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ /**@}*/ diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index cdf0de116..1b0b3b2cc 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -818,6 +818,7 @@ typedef enum PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ PSA_KEY_CREATION_COPY, /**< During psa_copy_key() */ + PSA_KEY_CREATION_REGISTER, /*TEMPORARY*/ } psa_key_creation_method_t; /** \brief A function that allocates a slot for a key. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 08f9476f9..086ba82d3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1570,7 +1570,8 @@ static psa_status_t psa_start_key_creation( slot->attr.flags &= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* For a key in a secure element, we need to do three things: + /* For a key in a secure element, we need to do three things + * when creating a key (but not when registering an existing key): * create the key file in internal storage, create the * key inside the secure element, and update the driver's * persistent data. Start a transaction that will encompass these @@ -1583,7 +1584,7 @@ static psa_status_t psa_start_key_creation( * secure element driver updates its persistent state, but we do not yet * save the driver's persistent state, so that if the power fails, * we can roll back to a state where the key doesn't exist. */ - if( *p_drv != NULL ) + if( *p_drv != NULL && method != PSA_KEY_CREATION_REGISTER ) { status = psa_find_se_slot_for_key( attributes, method, *p_drv, &slot->data.se.slot_number ); @@ -1677,7 +1678,13 @@ static psa_status_t psa_finish_key_creation( #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) + /* Finish the transaction for a key creation. This does not + * happen when registering an existing key. Detect this case + * by checking whether a transaction is in progress (actual + * creation of a key in a secure element requires a transaction, + * but registration doesn't use one). */ + if( driver != NULL && + psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY ) { status = psa_save_se_persistent_data( driver ); if( status != PSA_SUCCESS ) @@ -1720,9 +1727,12 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, * to internal storage), we need to destroy the key in the secure * element. */ - /* Abort the ongoing transaction if any. We already did what it - * takes to undo any partial creation. All that's left is to update - * the transaction data itself. */ + /* Abort the ongoing transaction if any (there may not be one if + * the creation process failed before starting one, or if the + * key creation is a registration of a key in a secure element). + * Earlier functions must already have done what it takes to undo any + * partial creation. All that's left is to update the transaction data + * itself. */ (void) psa_crypto_stop_transaction( ); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1852,6 +1862,59 @@ exit: return( status ); } +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +psa_status_t mbedtls_psa_register_se_key( + const psa_key_attributes_t *attributes ) +{ + psa_status_t status; + psa_key_slot_t *slot = NULL; + psa_se_drv_table_entry_t *driver = NULL; + const psa_drv_se_t *drv; + psa_key_handle_t handle = 0; + + /* Leaving attributes unspecified is not currently supported. + * It could make sense to query the key type and size from the + * secure element, but not all secure elements support this + * and the driver HAL doesn't currently support it. */ + if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_NONE ) + return( PSA_ERROR_NOT_SUPPORTED ); + if( psa_get_key_bits( attributes ) == 0 ) + return( PSA_ERROR_NOT_SUPPORTED ); + + status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes, + &handle, &slot, &driver ); + if( status != PSA_SUCCESS ) + goto exit; + + if( driver == NULL ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + drv = psa_get_se_driver_methods( driver ); + + if ( psa_get_key_slot_number( attributes, + &slot->data.se.slot_number ) != PSA_SUCCESS ) + { + /* The application didn't specify a slot number. This doesn't + * make sense when registering a slot. */ + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + status = psa_finish_key_creation( slot, driver ); + +exit: + if( status != PSA_SUCCESS ) + { + psa_fail_key_creation( slot, driver ); + } + /* Registration doesn't keep the key in RAM. */ + psa_close_key( handle ); + return( status ); +} +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, psa_key_slot_t *target ) { diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index e6482ddbc..a8dd0c71d 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -110,3 +110,15 @@ key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ Generate key: not supported generate_key_not_supported:PSA_KEY_TYPE_AES:128 + +Key registration: smoke test +register_key_smoke_test:MIN_DRIVER_LIFETIME:PSA_SUCCESS + +Key registration: invalid lifetime (volatile) +register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT + +Key registration: invalid lifetime (internal storage) +register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT + +Key registration: invalid lifetime (no registered driver) +register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 19b421dd3..2edf94f55 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -716,3 +716,59 @@ exit: psa_purge_storage( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void register_key_smoke_test( int lifetime_arg, int expected_status_arg ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_status_t expected_status = expected_status_arg; + psa_drv_se_t driver; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_id_t id = 1; + size_t bit_size = 48; + psa_key_slot_number_t wanted_slot = 0x123456789; + psa_key_handle_t handle = 0; + psa_status_t status; + + memset( &driver, 0, sizeof( driver ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LIFETIME, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_bits( &attributes, bit_size ); + psa_set_key_slot_number( &attributes, wanted_slot ); + + status = mbedtls_psa_register_se_key( &attributes ); + TEST_EQUAL( status, expected_status ); + + if( status != PSA_SUCCESS ) + goto exit; + + /* Test that the key exists and has the expected attributes. */ + PSA_ASSERT( psa_open_key( id, &handle ) ); + if( ! check_key_attributes( handle, &attributes ) ) + goto exit; + PSA_ASSERT( psa_close_key( handle ) ); + + /* Restart and try again. */ + PSA_DONE( ); + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); + if( ! check_key_attributes( handle, &attributes ) ) + goto exit; + /* This time, destroy the key. */ + PSA_ASSERT( psa_destroy_key( handle ) ); + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( handle ); + PSA_DONE( ); + psa_purge_storage( ); +} +/* END_CASE */ From a5f8749812db2ccde29b3e1ecb4bd4709eb7bf28 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 16:46:18 +0200 Subject: [PATCH 1547/2197] SE key registration: call p_validate_slot_number When registering a key in a secure element, if the driver has a p_validate_slot_number method, call it. --- include/psa/crypto_se_driver.h | 22 +++++++++++++++++++++- library/psa_crypto.c | 15 +++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 1b0b3b2cc..f04aa3468 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -818,7 +818,27 @@ typedef enum PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ PSA_KEY_CREATION_COPY, /**< During psa_copy_key() */ - PSA_KEY_CREATION_REGISTER, /*TEMPORARY*/ + +#ifndef __DOXYGEN_ONLY__ + /** A key is being registered with mbedtls_psa_register_se_key(). + * + * The core only passes this value to + * psa_drv_se_key_management_t::p_validate_slot_number, not to + * psa_drv_se_key_management_t::p_allocate. The call to + * `p_validate_slot_number` is not followed by any other call to the + * driver: the key is considered successfully registered if the call to + * `p_validate_slot_number` succeeds, or if `p_validate_slot_number` is + * null. + * + * With this creation method, the driver must return #PSA_SUCCESS if + * the given attributes are compatible with the existing key in the slot, + * and #PSA_ERROR_DOES_NOT_EXIST if the driver can determine that there + * is no key with the specified slot number. + * + * This is an Mbed Crypto extension. + */ + PSA_KEY_CREATION_REGISTER, +#endif } psa_key_creation_method_t; /** \brief A function that allocates a slot for a key. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 086ba82d3..87ac037b6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1902,6 +1902,21 @@ psa_status_t mbedtls_psa_register_se_key( goto exit; } + /* If the driver has a slot number validation method, call it. + * If it doesn't, it means the secure element is unable to validate + * anything and so we have to trust the application. */ + if( drv->key_management != NULL && + drv->key_management->p_validate_slot_number != NULL ) + { + status = drv->key_management->p_validate_slot_number( + psa_get_se_driver_context( driver ), + attributes, + PSA_KEY_CREATION_REGISTER, + slot->data.se.slot_number ); + if( status != PSA_SUCCESS ) + goto exit; + } + status = psa_finish_key_creation( slot, driver ); exit: From 49bd58274eec426468bab9fd5753bccc9393bfc0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 5 Aug 2019 17:17:52 +0200 Subject: [PATCH 1548/2197] Test the call to p_validate_slot_number when registering a key --- .../test_suite_psa_crypto_se_driver_hal.data | 14 +++++-- ...st_suite_psa_crypto_se_driver_hal.function | 39 ++++++++++++++++++- 2 files changed, 48 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index a8dd0c71d..267c7b88b 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -112,13 +112,19 @@ Generate key: not supported generate_key_not_supported:PSA_KEY_TYPE_AES:128 Key registration: smoke test -register_key_smoke_test:MIN_DRIVER_LIFETIME:PSA_SUCCESS +register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_SUCCESS Key registration: invalid lifetime (volatile) -register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT +register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:-1:PSA_ERROR_INVALID_ARGUMENT Key registration: invalid lifetime (internal storage) -register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT +register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:-1:PSA_ERROR_INVALID_ARGUMENT Key registration: invalid lifetime (no registered driver) -register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:PSA_ERROR_INVALID_ARGUMENT +register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:-1:PSA_ERROR_INVALID_ARGUMENT + +Key registration: with driver validation (accepted) +register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS + +Key registration: with driver validation (rejected) +register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 2edf94f55..4673835d5 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -37,6 +37,28 @@ /* Miscellaneous driver methods */ /****************************************************************/ +typedef struct +{ + psa_key_slot_number_t slot_number; + psa_key_creation_method_t method; + psa_status_t status; +} validate_slot_number_directions_t; +static validate_slot_number_directions_t validate_slot_number_directions; + +/* Validate a choice of slot number as directed. */ +static psa_status_t validate_slot_number_as_directed( + psa_drv_se_context_t *context, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t slot_number ) +{ + (void) context; + (void) attributes; + DRIVER_ASSERT( slot_number == validate_slot_number_directions.slot_number ); + DRIVER_ASSERT( method == validate_slot_number_directions.method ); + return( validate_slot_number_directions.status ); +} + /* Allocate slot numbers with a monotonic counter. */ static psa_status_t counter_allocate( psa_drv_se_context_t *context, void *persistent_data, @@ -718,11 +740,14 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void register_key_smoke_test( int lifetime_arg, int expected_status_arg ) +void register_key_smoke_test( int lifetime_arg, + int validate, + int expected_status_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_id_t id = 1; size_t bit_size = 48; @@ -732,6 +757,16 @@ void register_key_smoke_test( int lifetime_arg, int expected_status_arg ) memset( &driver, 0, sizeof( driver ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; + if( validate >= 0 ) + { + memset( &key_management, 0, sizeof( key_management ) ); + driver.key_management = &key_management; + key_management.p_validate_slot_number = validate_slot_number_as_directed; + validate_slot_number_directions.slot_number = wanted_slot; + validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER; + validate_slot_number_directions.status = + ( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED ); + } PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LIFETIME, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -770,5 +805,7 @@ exit: psa_destroy_key( handle ); PSA_DONE( ); psa_purge_storage( ); + memset( &validate_slot_number_directions, 0, + sizeof( validate_slot_number_directions ) ); } /* END_CASE */ From f3801fff773bcf2641bf5a3aec341c2af923b892 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Aug 2019 17:32:04 +0200 Subject: [PATCH 1549/2197] Update import_key and generate_key SE methods to the current API The methods to import and generate a key in a secure element drivers were written for an earlier version of the application-side interface. Now that there is a psa_key_attributes_t structure that combines all key metadata including its lifetime (location), type, size, policy and extra type-specific data (domain parameters), pass that to drivers instead of separate arguments for each piece of metadata. This makes the interface less cluttered. Update parameter names and descriptions to follow general conventions. Document the public-key output on key generation more precisely. Explain that it is optional in a driver, and when a driver would implement it. Declare that it is optional in the core, too (which means that a crypto core might not support drivers for secure elements that do need this feature). Update the implementation and the tests accordingly. --- include/psa/crypto_se_driver.h | 110 ++++++++++-------- library/psa_crypto.c | 5 +- ...st_suite_psa_crypto_se_driver_hal.function | 29 ++--- 3 files changed, 72 insertions(+), 72 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f04aa3468..a43e0db48 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -956,15 +956,21 @@ typedef psa_status_t (*psa_drv_se_validate_slot_number_t)( * documentation of psa_export_key() for the format for each key type. * * \param[in,out] drv_context The driver context structure. - * \param[in] key_slot Slot where the key will be stored + * \param key_slot Slot where the key will be stored. * This must be a valid slot for a key of the * chosen type. It must be unoccupied. - * \param[in] lifetime The required lifetime of the key storage - * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value) - * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value) - * \param[in] usage The allowed uses of the key - * \param[in] p_data Buffer containing the key data - * \param[in] data_length Size of the `data` buffer in bytes + * \param[in] attributes The key attributes, including the lifetime, + * the key type and the usage policy. + * Drivers should not access the key size stored + * in the attributes: it may not match the + * data passed in \p data. + * Drivers can call psa_get_key_lifetime(), + * psa_get_key_type(), + * psa_get_key_usage_flags() and + * psa_get_key_algorithm() to access this + * information. + * \param[in] data Buffer containing the key data. + * \param[in] data_length Size of the \p data buffer in bytes. * \param[out] bits On success, the key size in bits. The driver * must determine this value after parsing the * key according to the key type. @@ -973,15 +979,13 @@ typedef psa_status_t (*psa_drv_se_validate_slot_number_t)( * \retval #PSA_SUCCESS * Success. */ -typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_context, - psa_key_slot_number_t key_slot, - psa_key_lifetime_t lifetime, - psa_key_type_t type, - psa_algorithm_t algorithm, - psa_key_usage_t usage, - const uint8_t *p_data, - size_t data_length, - size_t *bits); +typedef psa_status_t (*psa_drv_se_import_key_t)( + psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits); /** * \brief A function that destroys a secure element key and restore the slot to @@ -1048,41 +1052,51 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_contex * element * * If \p type is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) = 1), - * the public component of the generated key will be placed in `p_pubkey_out`. - * The format of the public key information will match the format specified for - * the psa_export_key() function for the key type. + * the driver may export the public key at the time of generation, + * in the format documented for psa_export_public_key() by writing it + * to the \p pubkey buffer. + * This is optional, intended for secure elements that output the + * public key at generation time and that cannot export the public key + * later. Drivers that do not need this feature should leave + * \p *pubkey_length set to 0 and should + * implement the psa_drv_key_management_t::p_export_public function. + * Some implementations do not support this feature, in which case + * \p pubkey is \c NULL and \p pubkey_size is 0. * * \param[in,out] drv_context The driver context structure. - * \param[in] key_slot Slot where the generated key will be placed - * \param[in] type The type of the key to be generated - * \param[in] usage The prescribed usage of the generated key - * Note: Not all Secure Elements support the same - * restrictions that PSA Crypto does (and vice - * versa). - * Driver developers should endeavor to match the - * usages as close as possible. - * \param[in] bits The size in bits of the key to be generated. - * \param[in] extra Extra parameters for key generation. The - * interpretation of this parameter should match - * the interpretation in the `extra` parameter is - * the `psa_generate_key` function - * \param[in] extra_size The size in bytes of the \p extra buffer - * \param[out] p_pubkey_out The buffer where the public key information will - * be placed - * \param[in] pubkey_out_size The size in bytes of the `p_pubkey_out` buffer - * \param[out] p_pubkey_length Upon successful completion, will contain the - * size of the data placed in `p_pubkey_out`. + * \param key_slot Slot where the key will be stored. + * This must be a valid slot for a key of the + * chosen type. It must be unoccupied. + * \param[in] attributes The key attributes, including the lifetime, + * the key type and size, and the usage policy. + * Drivers can call psa_get_key_lifetime(), + * psa_get_key_type(), psa_get_key_bits(), + * psa_get_key_usage_flags() and + * psa_get_key_algorithm() to access this + * information. + * \param[out] pubkey A buffer where the driver can write the + * public key, when generating an asymmetric + * key pair. + * This is \c NULL when generating a symmetric + * key or if the core does not support + * exporting the public key at generation time. + * \param pubkey_size The size of the `pubkey` buffer in bytes. + * This is 0 when generating a symmetric + * key or if the core does not support + * exporting the public key at generation time. + * \param[out] pubkey_length On entry, this is always 0. + * On success, the number of bytes written to + * \p pubkey. If this is 0 or unchanged on return, + * the core will not read the \p pubkey buffer, + * and will instead call the driver's + * psa_drv_key_management_t::p_export_public + * function to export the public key when needed. */ -typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_context, - psa_key_slot_number_t key_slot, - psa_key_type_t type, - psa_key_usage_t usage, - size_t bits, - const void *extra, - size_t extra_size, - uint8_t *p_pubkey_out, - size_t pubkey_out_size, - size_t *p_pubkey_length); +typedef psa_status_t (*psa_drv_se_generate_key_t)( + psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, size_t pubkey_size, size_t *pubkey_length); /** * \brief A struct containing all of the function pointers needed to for secure diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 87ac037b6..f64487b85 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1827,10 +1827,7 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, } status = drv->key_management->p_import( psa_get_se_driver_context( driver ), - slot->data.se.slot_number, - slot->attr.lifetime, slot->attr.type, - slot->attr.policy.alg, slot->attr.policy.usage, - data, data_length, + slot->data.se.slot_number, attributes, data, data_length, &bits ); if( status != PSA_SUCCESS ) goto exit; diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 4673835d5..6c308512c 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -81,21 +81,15 @@ static psa_status_t counter_allocate( psa_drv_se_context_t *context, /* Null import: do nothing, but pretend it worked. */ static psa_status_t null_import( psa_drv_se_context_t *context, psa_key_slot_number_t slot_number, - psa_key_lifetime_t lifetime, - psa_key_type_t type, - psa_algorithm_t algorithm, - psa_key_usage_t usage, - const uint8_t *p_data, + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, size_t *bits ) { (void) context; (void) slot_number; - (void) lifetime; - (void) type; - (void) algorithm; - (void) usage; - (void) p_data; + (void) attributes; + (void) data; /* We're supposed to return a key size. Return one that's correct for * plain data keys. */ *bits = PSA_BYTES_TO_BITS( data_length ); @@ -132,11 +126,8 @@ static void ram_slots_reset( void ) static psa_status_t ram_import( psa_drv_se_context_t *context, psa_key_slot_number_t slot_number, - psa_key_lifetime_t lifetime, - psa_key_type_t type, - psa_algorithm_t algorithm, - psa_key_usage_t usage, - const uint8_t *p_data, + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, size_t *bits ) { @@ -144,13 +135,11 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); if( data_length > sizeof( ram_slots[slot_number].content ) ) return( PSA_ERROR_INSUFFICIENT_STORAGE ); - ram_slots[slot_number].lifetime = lifetime; - ram_slots[slot_number].type = type; + ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); + ram_slots[slot_number].type = psa_get_key_type( attributes ); ram_slots[slot_number].bits = PSA_BYTES_TO_BITS( data_length ); *bits = PSA_BYTES_TO_BITS( data_length ); - (void) algorithm; - (void) usage; - memcpy( ram_slots[slot_number].content, p_data, data_length ); + memcpy( ram_slots[slot_number].content, data, data_length ); return( PSA_SUCCESS ); } From 11792086cc475a6a362752de82447f38f936b638 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Aug 2019 18:36:36 +0200 Subject: [PATCH 1550/2197] SE keys: implement and smoke-test p_generate --- library/psa_crypto.c | 22 ++++- .../test_suite_psa_crypto_se_driver_hal.data | 81 ++++++++++-------- ...st_suite_psa_crypto_se_driver_hal.function | 85 ++++++++++++++++++- 3 files changed, 147 insertions(+), 41 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f64487b85..35c03dde3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5944,21 +5944,37 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes, handle, &slot, &driver ); + if( status != PSA_SUCCESS ) + goto exit; + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { - /* Generating a key in a secure element is not implemented yet. */ - status = PSA_ERROR_NOT_SUPPORTED; + const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); + size_t pubkey_length = 0; /* We don't support this feature yet */ + if( drv->key_management == NULL || + drv->key_management->p_generate == NULL ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = drv->key_management->p_generate( + psa_get_se_driver_context( driver ), + slot->data.se.slot_number, attributes, + NULL, 0, &pubkey_length ); } + else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( status == PSA_SUCCESS ) { status = psa_generate_key_internal( slot, attributes->core.bits, attributes->domain_parameters, attributes->domain_parameters_size ); } + +exit: if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot, driver ); if( status != PSA_SUCCESS ) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 267c7b88b..0bec8419c 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -54,63 +54,72 @@ key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ) - 1:1:PSA_SUCCESS Key creation in a specific slot (too large) key_creation_in_chosen_slot:ARRAY_LENGTH( ram_slots ):0:PSA_ERROR_INVALID_ARGUMENT -Key creation smoke test: AES-CTR -key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: AES-CTR +import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: AES-CBC -key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: AES-CBC +import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: AES-CMAC -key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: AES-CMAC +import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: AES-CCM -key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: AES-CCM +import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_CCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: AES-GCM -key_creation_smoke:PSA_KEY_TYPE_AES:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: AES-GCM +import_key_smoke:PSA_KEY_TYPE_AES:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: CAMELLIA-CTR -key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: CAMELLIA-CTR +import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CTR:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: CAMELLIA-CBC -key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: CAMELLIA-CBC +import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CBC_NO_PADDING:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: CAMELLIA-CMAC -key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: CAMELLIA-CMAC +import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: CAMELLIA-CCM -key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: CAMELLIA-CCM +import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: CAMELLIA-CCM -key_creation_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: CAMELLIA-CCM +import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: HMAC-SHA-256 -key_creation_smoke:PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: HMAC-SHA-256 +import_key_smoke:PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: HKDF-SHA-256 -key_creation_smoke:PSA_KEY_TYPE_DERIVE:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +Key import smoke test: HKDF-SHA-256 +import_key_smoke:PSA_KEY_TYPE_DERIVE:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key creation smoke test: RSA PKCS#1v1.5 signature -key_creation_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +Key import smoke test: RSA PKCS#1v1.5 signature +import_key_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -Key creation smoke test: RSA PKCS#1v1.5 encryption -key_creation_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +Key import smoke test: RSA PKCS#1v1.5 encryption +import_key_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -Key creation smoke test: RSA OAEP encryption -key_creation_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +Key import smoke test: RSA OAEP encryption +import_key_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -Key creation smoke test: ECDSA secp256r1 -key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +Key import smoke test: ECDSA secp256r1 +import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" -Key creation smoke test: ECDH secp256r1 -key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +Key import smoke test: ECDH secp256r1 +import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" -Key creation smoke test: ECDH secp256r1 with HKDF -key_creation_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +Key import smoke test: ECDH secp256r1 with HKDF +import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" Generate key: not supported generate_key_not_supported:PSA_KEY_TYPE_AES:128 +Key generation smoke test: AES-128-CTR +generate_key_smoke:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR + +Key generation smoke test: AES-256-CTR +generate_key_smoke:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR + +Key generation smoke test: HMAC-SHA-256 +generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 ) + Key registration: smoke test register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 6c308512c..d13e2f248 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -96,6 +96,28 @@ static psa_status_t null_import( psa_drv_se_context_t *context, return( PSA_SUCCESS ); } +/* Null generate: do nothing, but pretend it worked. */ +static psa_status_t null_generate( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length ) +{ + (void) context; + (void) slot_number; + (void) attributes; + + DRIVER_ASSERT( *pubkey_length == 0 ); + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) + { + DRIVER_ASSERT( pubkey == NULL ); + DRIVER_ASSERT( pubkey_size == 0 ); + } + + return( PSA_SUCCESS ); +} + /****************************************************************/ @@ -634,8 +656,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void key_creation_smoke( int type_arg, int alg_arg, - data_t *key_material ) +void import_key_smoke( int type_arg, int alg_arg, + data_t *key_material ) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; @@ -710,6 +732,7 @@ void generate_key_not_supported( int type_arg, int bits_arg ) driver.key_management = &key_management; driver.persistent_data_size = sizeof( psa_key_slot_number_t ); key_management.p_allocate = counter_allocate; + /* No p_generate method */ PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -728,6 +751,64 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) +{ + psa_key_type_t type = type_arg; + psa_key_bits_t bits = bits_arg; + psa_algorithm_t alg = alg_arg; + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + key_management.p_allocate = counter_allocate; + key_management.p_generate = null_generate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + /* Create a key. */ + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); + psa_set_key_bits( &attributes, bits ); + PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + + /* Do stuff with the key. */ + if( ! smoke_test_key( handle ) ) + goto exit; + + /* Restart and try again. */ + mbedtls_psa_crypto_free( ); + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT( psa_open_key( id, &handle ) ); + if( ! smoke_test_key( handle ) ) + goto exit; + + /* We're done. */ + PSA_ASSERT( psa_destroy_key( handle ) ); + +exit: + PSA_DONE( ); + ram_slots_reset( ); + psa_purge_storage( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void register_key_smoke_test( int lifetime_arg, int validate, From edc6424d7760f30879638eb4ecc9f8c798c1ee01 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 21:05:07 +0200 Subject: [PATCH 1551/2197] SE driver support: Implement sign and verify hooks --- library/psa_crypto.c | 44 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 35c03dde3..3a78f5653 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3331,10 +3331,14 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, { psa_key_slot_t *slot; psa_status_t status; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ *signature_length = signature_size; - status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) @@ -3343,6 +3347,24 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, goto exit; } +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) ) + { + if( drv->asymmetric == NULL || + drv->asymmetric->p_sign == NULL ) + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = drv->asymmetric->p_sign( drv_context, + slot->data.se.slot_number, + alg, + hash, hash_length, + signature, signature_size, + signature_length ); + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_RSA_C) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { @@ -3406,11 +3428,29 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, { psa_key_slot_t *slot; psa_status_t status; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); if( status != PSA_SUCCESS ) return( status ); +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) ) + { + if( drv->asymmetric == NULL || + drv->asymmetric->p_verify == NULL ) + return( PSA_ERROR_NOT_SUPPORTED ); + return( drv->asymmetric->p_verify( drv_context, + slot->data.se.slot_number, + alg, + hash, hash_length, + signature, signature_length ) ); + } + else +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_RSA_C) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { From eecadde6adb6b1d1c5662a449081823ab85a1047 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Aug 2019 21:05:24 +0200 Subject: [PATCH 1552/2197] SE support: Test sign and verify hooks with a passthrough driver --- .../test_suite_psa_crypto_se_driver_hal.data | 16 + ...st_suite_psa_crypto_se_driver_hal.function | 296 +++++++++++++++++- 2 files changed, 298 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 0bec8419c..bdd5703b0 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -137,3 +137,19 @@ register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS Key registration: with driver validation (rejected) register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED + +Import-sign-verify: sign in driver, ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:1:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" + +Import-sign-verify: sign in software, ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:0:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" + +Generate-sign-verify: sign in driver, ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:1:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" + +Generate-sign-verify: sign in software, ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:0:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index d13e2f248..e14fa5838 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -18,7 +18,25 @@ * This is probably a bug in the library. */ #define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 )) -/** Like #TEST_ASSERT for use in a driver method. +/** Like #TEST_ASSERT for use in a driver method, with no cleanup. + * + * If an error happens, this macro returns from the calling function. + * + * Use this macro to assert on guarantees provided by the core. + */ +#define DRIVER_ASSERT_RETURN( TEST ) \ + do { \ + if( ! (TEST) ) \ + { \ + test_fail( #TEST, __LINE__, __FILE__ ); \ + return( PSA_ERROR_DETECTED_BY_DRIVER ); \ + } \ + } while( 0 ) + +/** Like #TEST_ASSERT for use in a driver method, with cleanup. + * + * In case of error, this macro sets `status` and jumps to the + * label `exit`. * * Use this macro to assert on guarantees provided by the core. */ @@ -27,10 +45,34 @@ if( ! (TEST) ) \ { \ test_fail( #TEST, __LINE__, __FILE__ ); \ - return( PSA_ERROR_DETECTED_BY_DRIVER ); \ + status = PSA_ERROR_DETECTED_BY_DRIVER; \ + goto exit; \ } \ } while( 0 ) +/** Like #PSA_ASSERT for a PSA API call that calls a driver underneath. + * + * Run the code \p expr. If this returns \p expected_status, + * do nothing. If this returns #PSA_ERROR_DETECTED_BY_DRIVER, + * jump directly to the `exit` label. If this returns any other + * status, call test_fail() then jump to `exit`. + * + * The special case for #PSA_ERROR_DETECTED_BY_DRIVER is because in this + * case, the test driver code is expected to have called test_fail() + * already, so we make sure not to overwrite the failure information. + */ +#define PSA_ASSERT_VIA_DRIVER( expr, expected_status ) \ + do { \ + psa_status_t PSA_ASSERT_VIA_DRIVER_status = ( expr ); \ + if( PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER ) \ + goto exit; \ + if( PSA_ASSERT_VIA_DRIVER_status != ( expected_status ) ) \ + { \ + test_fail( #expr, __LINE__, __FILE__ ); \ + goto exit; \ + } \ + } while( 0 ) + /****************************************************************/ @@ -54,8 +96,10 @@ static psa_status_t validate_slot_number_as_directed( { (void) context; (void) attributes; - DRIVER_ASSERT( slot_number == validate_slot_number_directions.slot_number ); - DRIVER_ASSERT( method == validate_slot_number_directions.method ); + DRIVER_ASSERT_RETURN( slot_number == + validate_slot_number_directions.slot_number ); + DRIVER_ASSERT_RETURN( method == + validate_slot_number_directions.method ); return( validate_slot_number_directions.status ); } @@ -108,11 +152,11 @@ static psa_status_t null_generate( psa_drv_se_context_t *context, (void) slot_number; (void) attributes; - DRIVER_ASSERT( *pubkey_length == 0 ); + DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) { - DRIVER_ASSERT( pubkey == NULL ); - DRIVER_ASSERT( pubkey_size == 0 ); + DRIVER_ASSERT_RETURN( pubkey == NULL ); + DRIVER_ASSERT_RETURN( pubkey_size == 0 ); } return( PSA_SUCCESS ); @@ -146,6 +190,42 @@ static void ram_slots_reset( void ) ram_min_slot = 0; } +/* This function does everything except actually generating key material. + * After calling it, you must copy the desired key material to + * ram_slots[slot_number].content. */ +static psa_status_t ram_fake_generate( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length ) +{ + (void) context; + + DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) + { + DRIVER_ASSERT_RETURN( pubkey == NULL ); + DRIVER_ASSERT_RETURN( pubkey_size == 0 ); + } + + { + /* Check that the key can be stored in the memory slot. + * This check only works for key in a "raw" representation: + * symmetric keys or ECC are ok, but not RSA or FFDH. */ + size_t required_storage = + PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ); + size_t available_storage = sizeof( ram_slots[slot_number].content ); + if( required_storage > available_storage ) + return( PSA_ERROR_INSUFFICIENT_STORAGE ); + } + + ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); + ram_slots[slot_number].type = psa_get_key_type( attributes ); + ram_slots[slot_number].bits = psa_get_key_bits( attributes ); + return( PSA_SUCCESS ); +} + static psa_status_t ram_import( psa_drv_se_context_t *context, psa_key_slot_number_t slot_number, const psa_key_attributes_t *attributes, @@ -154,7 +234,7 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, size_t *bits ) { (void) context; - DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); if( data_length > sizeof( ram_slots[slot_number].content ) ) return( PSA_ERROR_INSUFFICIENT_STORAGE ); ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); @@ -173,7 +253,7 @@ static psa_status_t ram_export( psa_drv_se_context_t *context, { size_t actual_size; (void) context; - DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ); if( actual_size > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); @@ -187,8 +267,8 @@ static psa_status_t ram_destroy( psa_drv_se_context_t *context, psa_key_slot_number_t slot_number ) { ram_slot_usage_t *slot_usage = persistent_data; - DRIVER_ASSERT( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); - DRIVER_ASSERT( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); *slot_usage &= ~(ram_slot_usage_t)( 1 << slot_number ); return( PSA_SUCCESS ); @@ -203,7 +283,7 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, ram_slot_usage_t *slot_usage = persistent_data; (void) attributes; (void) method; - DRIVER_ASSERT( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); + DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); for( *slot_number = ram_min_slot; *slot_number < ARRAY_LENGTH( ram_slots ); ++( *slot_number ) ) @@ -228,6 +308,76 @@ static psa_status_t ram_validate_slot_number( return( PSA_SUCCESS ); } +static psa_status_t ram_sign( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + ram_slot_t *slot; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle = 0; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + (void) context; + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + slot = &ram_slots[slot_number]; + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, slot->type ); + DRIVER_ASSERT( psa_import_key( &attributes, + slot->content, + PSA_BITS_TO_BYTES( slot->bits ), + &handle ) == PSA_SUCCESS ); + status = psa_asymmetric_sign( handle, alg, + hash, hash_length, + signature, signature_size, + signature_length ); + +exit: + psa_destroy_key( handle ); + return( status ); +} + +static psa_status_t ram_verify( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ) +{ + ram_slot_t *slot; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle = 0; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + (void) context; + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + slot = &ram_slots[slot_number]; + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, slot->type ); + DRIVER_ASSERT( psa_import_key( &attributes, + slot->content, + PSA_BITS_TO_BYTES( slot->bits ), + &handle ) == + PSA_SUCCESS ); + status = psa_asymmetric_verify( handle, alg, + hash, hash_length, + signature, signature_length ); + +exit: + psa_destroy_key( handle ); + return( status ); +} + + /****************************************************************/ @@ -709,7 +859,6 @@ void import_key_smoke( int type_arg, int alg_arg, exit: PSA_DONE( ); - ram_slots_reset( ); psa_purge_storage( ); } /* END_CASE */ @@ -746,7 +895,6 @@ void generate_key_not_supported( int type_arg, int bits_arg ) exit: PSA_DONE( ); - ram_slots_reset( ); psa_purge_storage( ); } /* END_CASE */ @@ -803,6 +951,126 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) PSA_ASSERT( psa_destroy_key( handle ) ); exit: + PSA_DONE( ); + psa_purge_storage( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_verify( int sign_in_driver, + int type_arg, int alg_arg, + int bits_arg, data_t *key_material, + data_t *input ) +{ + psa_key_type_t type = type_arg; + psa_algorithm_t alg = alg_arg; + size_t bits = bits_arg; + /* Pass bits=0 to import, bits>0 to fake-generate */ + int generating = ( bits != 0 ); + + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_drv_se_asymmetric_t asymmetric; + + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t drv_handle = 0; /* key managed by the driver */ + psa_key_handle_t sw_handle = 0; /* transparent key */ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE]; + size_t signature_length; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + driver.asymmetric = &asymmetric; + driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof( ram_slot_usage_t ); + key_management.p_allocate = ram_allocate; + key_management.p_destroy = ram_destroy; + if( generating ) + key_management.p_generate = ram_fake_generate; + else + key_management.p_import = ram_import; + if( sign_in_driver ) + asymmetric.p_sign = ram_sign; + asymmetric.p_verify = ram_verify; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + /* Create two keys with the same key material: a transparent key, + * and one that goes through the driver. */ + psa_set_key_usage_flags( &attributes, + PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, type ); + PSA_ASSERT( psa_import_key( &attributes, + key_material->x, key_material->len, + &sw_handle ) ); + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + if( generating ) + { + psa_set_key_bits( &attributes, bits ); + PSA_ASSERT( psa_generate_key( &attributes, &drv_handle ) ); + /* Since we called a generate method that does not actually + * generate material, store the desired result of generation in + * the mock secure element storage. */ + PSA_ASSERT( psa_get_key_attributes( drv_handle, &attributes ) ); + TEST_ASSERT( key_material->len == PSA_BITS_TO_BYTES( bits ) ); + memcpy( ram_slots[ram_min_slot].content, key_material->x, + key_material->len ); + } + else + { + PSA_ASSERT( psa_import_key( &attributes, + key_material->x, key_material->len, + &drv_handle ) ); + } + + /* Sign with the chosen key. */ + if( sign_in_driver ) + PSA_ASSERT_VIA_DRIVER( + psa_asymmetric_sign( drv_handle, + alg, + input->x, input->len, + signature, sizeof( signature ), + &signature_length ), + PSA_SUCCESS ); + else + PSA_ASSERT( psa_asymmetric_sign( sw_handle, + alg, + input->x, input->len, + signature, sizeof( signature ), + &signature_length ) ); + + /* Verify with both keys. */ + PSA_ASSERT( psa_asymmetric_verify( sw_handle, alg, + input->x, input->len, + signature, signature_length ) ); + PSA_ASSERT_VIA_DRIVER( + psa_asymmetric_verify( drv_handle, alg, + input->x, input->len, + signature, signature_length ), + PSA_SUCCESS ); + + /* Change the signature and verify again. */ + signature[0] ^= 1; + TEST_EQUAL( psa_asymmetric_verify( sw_handle, alg, + input->x, input->len, + signature, signature_length ), + PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT_VIA_DRIVER( + psa_asymmetric_verify( drv_handle, alg, + input->x, input->len, + signature, signature_length ), + PSA_ERROR_INVALID_SIGNATURE ); + +exit: + psa_destroy_key( drv_handle ); + psa_destroy_key( sw_handle ); PSA_DONE( ); ram_slots_reset( ); psa_purge_storage( ); From c068ded0155e76ed951c5eb57c07a69aa13d7470 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 9 Aug 2019 12:49:06 +0200 Subject: [PATCH 1553/2197] RAM test driver: improve key creation Factor common code of ram_import and ram_fake_generate into a common auxiliary function. Reject key types that aren't supported by this test code. Report the bit size correctly for EC key pairs. --- ...st_suite_psa_crypto_se_driver_hal.function | 85 +++++++++++++------ 1 file changed, 59 insertions(+), 26 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index e14fa5838..4cba693c2 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -190,6 +190,35 @@ static void ram_slots_reset( void ) ram_min_slot = 0; } +/* Common parts of key creation. + * + * In case of error, zero out ram_slots[slot_number]. But don't + * do that if the error is PSA_ERROR_DETECTED_BY_DRIVER: in this case + * you don't need to clean up (ram_slot_reset() will take care of it + * in the test case function's cleanup code) and it might be wrong + * (if slot_number is invalid). + */ +static psa_status_t ram_create_common( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + size_t required_storage ) +{ + (void) context; + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + + ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); + ram_slots[slot_number].type = psa_get_key_type( attributes ); + ram_slots[slot_number].bits = psa_get_key_bits( attributes ); + + if( required_storage > sizeof( ram_slots[slot_number].content ) ) + { + memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); + return( PSA_ERROR_INSUFFICIENT_STORAGE ); + } + + return( PSA_SUCCESS ); +} + /* This function does everything except actually generating key material. * After calling it, you must copy the desired key material to * ram_slots[slot_number].content. */ @@ -200,7 +229,10 @@ static psa_status_t ram_fake_generate( psa_drv_se_context_t *context, size_t pubkey_size, size_t *pubkey_length ) { - (void) context; + psa_status_t status; + size_t required_storage = + PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( attributes ), + psa_get_key_bits( attributes ) ); DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) @@ -209,21 +241,9 @@ static psa_status_t ram_fake_generate( psa_drv_se_context_t *context, DRIVER_ASSERT_RETURN( pubkey_size == 0 ); } - { - /* Check that the key can be stored in the memory slot. - * This check only works for key in a "raw" representation: - * symmetric keys or ECC are ok, but not RSA or FFDH. */ - size_t required_storage = - PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ); - size_t available_storage = sizeof( ram_slots[slot_number].content ); - if( required_storage > available_storage ) - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - } - - ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); - ram_slots[slot_number].type = psa_get_key_type( attributes ); - ram_slots[slot_number].bits = psa_get_key_bits( attributes ); - return( PSA_SUCCESS ); + status = ram_create_common( context, slot_number, attributes, + required_storage ); + return( status ); } static psa_status_t ram_import( psa_drv_se_context_t *context, @@ -233,23 +253,36 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, size_t data_length, size_t *bits ) { - (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); - if( data_length > sizeof( ram_slots[slot_number].content ) ) - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); - ram_slots[slot_number].type = psa_get_key_type( attributes ); - ram_slots[slot_number].bits = PSA_BYTES_TO_BITS( data_length ); - *bits = PSA_BYTES_TO_BITS( data_length ); + psa_key_type_t type = psa_get_key_type( attributes ); + psa_status_t status = ram_create_common( context, slot_number, attributes, + data_length ); + if( status != PSA_SUCCESS ) + return( status ); + + /* The RAM driver only works for certain key types: raw keys, + * and ECC key pairs. This is true in particular of the bit-size + * calculation here. */ + if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) + *bits = PSA_BYTES_TO_BITS( data_length ); + else if ( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) + *bits = PSA_ECC_CURVE_BITS( PSA_KEY_TYPE_GET_CURVE( type ) ); + else + { + memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); + return( PSA_ERROR_NOT_SUPPORTED ); + } + + ram_slots[slot_number].bits = *bits; memcpy( ram_slots[slot_number].content, data, data_length ); + return( PSA_SUCCESS ); } static psa_status_t ram_export( psa_drv_se_context_t *context, psa_key_slot_number_t slot_number, - uint8_t *p_data, + uint8_t *data, size_t data_size, - size_t *p_data_length ) + size_t *data_length ) { size_t actual_size; (void) context; From af906f852cf20f24cd49a90ae303bee71a098536 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 9 Aug 2019 12:50:18 +0200 Subject: [PATCH 1554/2197] RAM test driver: implement export_public --- ...st_suite_psa_crypto_se_driver_hal.function | 31 +++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 4cba693c2..4757f6c0c 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -290,8 +290,35 @@ static psa_status_t ram_export( psa_drv_se_context_t *context, actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ); if( actual_size > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - *p_data_length = actual_size; - memcpy( p_data, ram_slots[slot_number].content, actual_size ); + *data_length = actual_size; + memcpy( data, ram_slots[slot_number].content, actual_size ); + return( PSA_SUCCESS ); +} + +static psa_status_t ram_export_public( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *data, + size_t data_size, + size_t *data_length ) +{ + psa_status_t status; + psa_key_handle_t handle; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + (void) context; + DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN( + PSA_KEY_TYPE_IS_KEY_PAIR( ram_slots[slot_number].type ) ); + + psa_set_key_type( &attributes, ram_slots[slot_number].type ); + status = psa_import_key( &attributes, + ram_slots[slot_number].content, + PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ), + &handle ); + if( status != PSA_SUCCESS ) + return( status ); + status = psa_export_public_key( handle, data, data_size, data_length ); + psa_destroy_key( handle ); return( PSA_SUCCESS ); } From 8df72f271f593116810795cad52b02693fd52ae5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 9 Aug 2019 12:50:39 +0200 Subject: [PATCH 1555/2197] SE generate/sign/verify tests: also test export_public Add a flow where the key is imported or fake-generated in the secure element, then call psa_export_public_key and do the software verification with the public key. --- .../test_suite_psa_crypto_se_driver_hal.data | 16 ++- ...st_suite_psa_crypto_se_driver_hal.function | 119 +++++++++++++----- 2 files changed, 98 insertions(+), 37 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index bdd5703b0..5819f785b 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -140,16 +140,24 @@ register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED Import-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:1:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" + +Import-sign-verify: sign in driver then export_public, ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Import-sign-verify: sign in software, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:0:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:1:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" + +Generate-sign-verify: sign in driver then export_public, ECDSA +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in software, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:0:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 4757f6c0c..202f18c6d 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -444,6 +444,13 @@ exit: /* Other test helper functions */ /****************************************************************/ +typedef enum +{ + SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION, + SIGN_IN_DRIVER_AND_PARALLEL_CREATION, + SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC, +} sign_verify_method_t; + /* Check that the attributes of a key reported by psa_get_key_attributes() * are consistent with the attributes used when creating the key. */ static int check_key_attributes( @@ -1017,7 +1024,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_verify( int sign_in_driver, +void sign_verify( int flow, int type_arg, int alg_arg, int bits_arg, data_t *key_material, data_t *input ) @@ -1036,16 +1043,17 @@ void sign_verify( int sign_in_driver, psa_key_id_t id = 1; psa_key_handle_t drv_handle = 0; /* key managed by the driver */ psa_key_handle_t sw_handle = 0; /* transparent key */ - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t drv_attributes; uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE]; size_t signature_length; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); + memset( &asymmetric, 0, sizeof( asymmetric ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; driver.asymmetric = &asymmetric; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); driver.persistent_data_size = sizeof( ram_slot_usage_t ); key_management.p_allocate = ram_allocate; key_management.p_destroy = ram_destroy; @@ -1053,58 +1061,103 @@ void sign_verify( int sign_in_driver, key_management.p_generate = ram_fake_generate; else key_management.p_import = ram_import; - if( sign_in_driver ) - asymmetric.p_sign = ram_sign; + switch( flow ) + { + case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: + break; + case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: + asymmetric.p_sign = ram_sign; + break; + case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: + asymmetric.p_sign = ram_sign; + key_management.p_export_public = ram_export_public; + break; + default: + TEST_ASSERT( ! "unsupported flow (should be SIGN_IN_xxx)" ); + break; + } asymmetric.p_verify = ram_verify; PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); - /* Create two keys with the same key material: a transparent key, - * and one that goes through the driver. */ - psa_set_key_usage_flags( &attributes, + /* Prepare to create two keys with the same key material: a transparent + * key, and one that goes through the driver. */ + psa_set_key_usage_flags( &sw_attributes, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, - key_material->x, key_material->len, - &sw_handle ) ); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_algorithm( &sw_attributes, alg ); + psa_set_key_type( &sw_attributes, type ); + drv_attributes = sw_attributes; + psa_set_key_id( &drv_attributes, id ); + psa_set_key_lifetime( &drv_attributes, lifetime ); + + /* Create the key in the driver. */ if( generating ) { - psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &drv_handle ) ); + psa_set_key_bits( &drv_attributes, bits ); + PSA_ASSERT( psa_generate_key( &drv_attributes, &drv_handle ) ); /* Since we called a generate method that does not actually * generate material, store the desired result of generation in * the mock secure element storage. */ - PSA_ASSERT( psa_get_key_attributes( drv_handle, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( drv_handle, &drv_attributes ) ); TEST_ASSERT( key_material->len == PSA_BITS_TO_BYTES( bits ) ); memcpy( ram_slots[ram_min_slot].content, key_material->x, key_material->len ); } else { - PSA_ASSERT( psa_import_key( &attributes, + PSA_ASSERT( psa_import_key( &drv_attributes, key_material->x, key_material->len, &drv_handle ) ); } + /* Either import the same key in software, or export the driver's + * public key and import that. */ + switch( flow ) + { + case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: + case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: + PSA_ASSERT( psa_import_key( &sw_attributes, + key_material->x, key_material->len, + &sw_handle ) ); + break; + case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: + { + uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )]; + size_t public_key_length; + PSA_ASSERT( psa_export_public_key( drv_handle, + public_key, sizeof( public_key ), + &public_key_length ) ); + psa_set_key_type( &sw_attributes, + PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ) ); + PSA_ASSERT( psa_import_key( &sw_attributes, + public_key, public_key_length, + &sw_handle ) ); + break; + } + } + /* Sign with the chosen key. */ - if( sign_in_driver ) - PSA_ASSERT_VIA_DRIVER( - psa_asymmetric_sign( drv_handle, - alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ), - PSA_SUCCESS ); - else - PSA_ASSERT( psa_asymmetric_sign( sw_handle, - alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ) ); + switch( flow ) + { + case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: + case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: + PSA_ASSERT_VIA_DRIVER( + psa_asymmetric_sign( drv_handle, + alg, + input->x, input->len, + signature, sizeof( signature ), + &signature_length ), + PSA_SUCCESS ); + break; + case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: + PSA_ASSERT( psa_asymmetric_sign( sw_handle, + alg, + input->x, input->len, + signature, sizeof( signature ), + &signature_length ) ); + break; + } /* Verify with both keys. */ PSA_ASSERT( psa_asymmetric_verify( sw_handle, alg, From 1d57a20cbef448347ad00e08de3a403d42a4d302 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 13 Aug 2019 12:15:34 +0100 Subject: [PATCH 1556/2197] Make TODO comments consistent --- library/psa_crypto.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4f75ee4f3..bd801441a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -996,7 +996,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) static void psa_abort_operations_using_key( psa_key_slot_t *slot ) { - /*FIXME how to implement this?*/ + /*TODO how to implement this?*/ (void) slot; } @@ -1043,7 +1043,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) if( status != PSA_SUCCESS ) { (void) psa_crypto_stop_transaction( ); - /* TOnogrepDO: destroy what can be destroyed anyway */ + /* TODO: destroy what can be destroyed anyway */ return( status ); } @@ -1069,7 +1069,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) status = status2; if( status != PSA_SUCCESS ) { - /* TOnogrepDO: destroy what can be destroyed anyway */ + /* TODO: destroy what can be destroyed anyway */ return( status ); } } @@ -1194,7 +1194,7 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* TOnogrepDO: reporting the public exponent for opaque keys + /* TODO: reporting the public exponent for opaque keys * is not yet implemented. */ if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) ) break; @@ -1669,7 +1669,7 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, return; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* TOnogrepDO: If the key has already been created in the secure + /* TODO: If the key has already been created in the secure * element, and the failure happened later (when saving metadata * to internal storage), we need to destroy the key in the secure * element. */ @@ -5894,7 +5894,7 @@ static psa_status_t psa_crypto_recover_transaction( { case PSA_CRYPTO_TRANSACTION_CREATE_KEY: case PSA_CRYPTO_TRANSACTION_DESTROY_KEY: - /* TOnogrepDO - fall through to the failure case until this + /* TODO - fall through to the failure case until this * is implemented */ default: /* We found an unsupported transaction in the storage. From 40244bc34840b15a2731f5324c9d32dc677e6e38 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 31 Jul 2019 13:58:29 +0300 Subject: [PATCH 1557/2197] Fix the license header of hkdf Change the license header of `hkdf.h` to a format the that script `apache_to_gpl.pl` knows how to parse. --- include/mbedtls/hkdf.h | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 40ee64eb0..713c3a533 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -7,22 +7,22 @@ * specified by RFC 5869. */ /* - * Copyright (C) 2016-2018, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 + * Copyright (C) 2018-2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of mbed TLS (https://tls.mbed.org) */ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H From b4e73e9747ecc5ffa749100f91b18c2b79bcf5b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 15:00:57 +0200 Subject: [PATCH 1558/2197] Add some design notes about multipart operation structures --- include/psa/crypto_struct.h | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index fbfe77e62..28bbc6ac8 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -12,6 +12,26 @@ * In implementations with isolation between the application and the * cryptography module, it is expected that the front-end and the back-end * would have different versions of this file. + * + *

Design notes about multipart operation structures

+ * + * Each multipart operation structure contains a `psa_algorithm_t alg` + * field which indicates which specific algorithm the structure is for. + * When the structure is not in use, `alg` is 0. Most of the structure + * consists of a union which is discriminated by `alg`. + * + * Note that when `alg` is 0, the content of other fields is undefined. + * In particular, it is not guaranteed that a freshly-initialized structure + * is all-zero: we initialize structures to something like `{0, 0}`, which + * is only guaranteed to initializes the first member of the union; + * GCC and Clang initialize the whole structure to 0 (at the time of writing), + * but MSVC and CompCert don't. + * + * In Mbed Crypto, multipart operation structures live independently from + * the key. This allows Mbed Crypto to free the key objects when destroying + * a key slot. If a multipart operation needs to remember the key after + * the setup function returns, the operation structure needs to contain a + * copy of the key. */ /* * Copyright (C) 2018, ARM Limited, All Rights Reserved From 3f7cd62ff5cfd8e6e23800bca93f7f56c0592d84 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 15:01:08 +0200 Subject: [PATCH 1559/2197] Document better what wiping a key slot does not do When a key slot is wiped, a copy of the key material may remain in operations. This is undesirable, but does not violate the safety of the code. Tracked in https://github.com/ARMmbed/mbed-crypto/issues/86 --- library/psa_crypto.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3a78f5653..6041732fd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -994,18 +994,16 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) return( PSA_SUCCESS ); } -static void psa_abort_operations_using_key( psa_key_slot_t *slot ) -{ - /*FIXME how to implement this?*/ - (void) slot; -} - /** Completely wipe a slot in memory, including its policy. * Persistent storage is not affected. */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) { psa_status_t status = psa_remove_key_data_from_memory( slot ); - psa_abort_operations_using_key( slot ); + /* Multipart operations may still be using the key. This is safe + * because all multipart operation objects are independent from + * the key slot: if they need to access the key after the setup + * phase, they have a copy of the key. Note that this means that + * key material can linger until all operations are completed. */ /* At this point, key material and other type-specific content has * been wiped. Clear remaining metadata. We can call memset and not * zeroize because the metadata is not particularly sensitive. */ From 8fe253ae4abe8e5f3fb7436cedee09e1ec67cd8d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 15:11:25 +0200 Subject: [PATCH 1560/2197] SE keys: test that psa_destroy_key removes the key from storage --- .../test_suite_psa_crypto_se_driver_hal.function | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 202f18c6d..867016b3e 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -793,6 +793,9 @@ void key_creation_import_export( int min_slot, int restart ) exported, exported_length ); PSA_ASSERT( psa_destroy_key( handle ) ); + handle = 0; + TEST_EQUAL( psa_open_key( id, &handle ), + PSA_ERROR_DOES_NOT_EXIST ); /* Test that the key has been erased from the designated slot. */ TEST_ASSERT( ram_slots[min_slot].type == 0 ); @@ -864,6 +867,9 @@ void key_creation_in_chosen_slot( int slot_arg, PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); PSA_ASSERT( psa_destroy_key( handle ) ); + handle = 0; + TEST_EQUAL( psa_open_key( id, &handle ), + PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -923,6 +929,9 @@ void import_key_smoke( int type_arg, int alg_arg, /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); + handle = 0; + TEST_EQUAL( psa_open_key( id, &handle ), + PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -1016,6 +1025,9 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); + handle = 0; + TEST_EQUAL( psa_open_key( id, &handle ), + PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); @@ -1250,6 +1262,9 @@ void register_key_smoke_test( int lifetime_arg, goto exit; /* This time, destroy the key. */ PSA_ASSERT( psa_destroy_key( handle ) ); + handle = 0; + TEST_EQUAL( psa_open_key( id, &handle ), + PSA_ERROR_DOES_NOT_EXIST ); exit: psa_reset_key_attributes( &attributes ); From caec27821fab3db60bc52bea08602d7b1528d724 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 15:11:49 +0200 Subject: [PATCH 1561/2197] SE keys: make psa_destroy_key remove the key from storage --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6041732fd..4fee3cd02 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1050,7 +1050,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT ) + if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { storage_status = psa_destroy_persistent_key( slot->attr.id ); From 9ce31c466d181848f31ba932428db3d4da398a6d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 15:14:20 +0200 Subject: [PATCH 1562/2197] Note about destroying a key with other open handles https://github.com/ARMmbed/mbed-crypto/issues/214 --- library/psa_crypto.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4fee3cd02..66c515108 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1052,8 +1052,11 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - storage_status = - psa_destroy_persistent_key( slot->attr.id ); + storage_status = psa_destroy_persistent_key( slot->attr.id ); + /* TODO: other slots may have a copy of the same key. We should + * invalidate them. + * https://github.com/ARMmbed/mbed-crypto/issues/214 + */ } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ From 4b7f340fbfb8b3e85e1fa44a9230ae933d0e58e3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 15:58:36 +0200 Subject: [PATCH 1563/2197] Clean up status code handling inside psa_destroy_key Adopt a simple method for tracking whether there was a failure: each fallible operation sets overall_status, unless overall_status is already non-successful. Thus in case of multiple failures, the function always reports whatever failed first. This may not always be the right thing, but it's simple. This revealed a bug whereby if the only failure was the call to psa_destroy_se_key(), i.e. if the driver reported a failure or if the driver lacked support for destroying keys, psa_destroy_key() would ignore that failure. For a key in a secure element, if creating a transaction file fails, don't touch storage, but close the key in memory. This may not be right, but it's no wronger than it was before. Tracked in https://github.com/ARMmbed/mbed-crypto/issues/215 --- library/psa_crypto.c | 46 ++++++++++++++++++++++++++++---------------- 1 file changed, 29 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 66c515108..bce777b15 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1014,8 +1014,8 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) psa_status_t psa_destroy_key( psa_key_handle_t handle ) { psa_key_slot_t *slot; - psa_status_t status = PSA_SUCCESS; - psa_status_t storage_status = PSA_SUCCESS; + psa_status_t status; /* status of the last operation */ + psa_status_t overall_status = PSA_SUCCESS; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_se_drv_table_entry_t *driver; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1041,18 +1041,30 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) if( status != PSA_SUCCESS ) { (void) psa_crypto_stop_transaction( ); - /* TOnogrepDO: destroy what can be destroyed anyway */ - return( status ); + /* We should still try to destroy the key in the secure + * element and the key metadata in storage. This is especially + * important if the error is that the storage is full. + * But how to do it exactly without risking an inconsistent + * state after a reset? + * https://github.com/ARMmbed/mbed-crypto/issues/215 + */ + overall_status = status; + goto exit; } status = psa_destroy_se_key( driver, slot->data.se.slot_number ); + if( overall_status == PSA_SUCCESS ) + overall_status = status; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE ) { - storage_status = psa_destroy_persistent_key( slot->attr.id ); + status = psa_destroy_persistent_key( slot->attr.id ); + if( overall_status == PSA_SUCCESS ) + overall_status = status; + /* TODO: other slots may have a copy of the same key. We should * invalidate them. * https://github.com/ARMmbed/mbed-crypto/issues/214 @@ -1063,23 +1075,23 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( driver != NULL ) { - psa_status_t status2; status = psa_save_se_persistent_data( driver ); - status2 = psa_crypto_stop_transaction( ); - if( status == PSA_SUCCESS ) - status = status2; - if( status != PSA_SUCCESS ) - { - /* TOnogrepDO: destroy what can be destroyed anyway */ - return( status ); - } + if( overall_status == PSA_SUCCESS ) + overall_status = status; + status = psa_crypto_stop_transaction( ); + if( overall_status == PSA_SUCCESS ) + overall_status = status; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +exit: +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_wipe_key_slot( slot ); - if( status != PSA_SUCCESS ) - return( status ); - return( storage_status ); + /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ + if( overall_status == PSA_SUCCESS ) + overall_status = status; + return( overall_status ); } void psa_reset_key_attributes( psa_key_attributes_t *attributes ) From 5da7b3e55cf01c85da5a70bdb48c6ec80451a135 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 16:03:28 +0200 Subject: [PATCH 1564/2197] Drivers must have a psa_destroy_key method Drivers that allow destroying a key must have a destroy method. This test bug was previously not caught because of an implementation bug that lost the error triggered by the missing destroy method. --- ...est_suite_psa_crypto_se_driver_hal.function | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 867016b3e..fc6f66816 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -162,6 +162,17 @@ static psa_status_t null_generate( psa_drv_se_context_t *context, return( PSA_SUCCESS ); } +/* Null destroy: do nothing, but pretend it worked. */ +static psa_status_t null_destroy( psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number ) +{ + (void) context; + (void) persistent_data; + (void) slot_number; + return( PSA_SUCCESS ); +} + /****************************************************************/ @@ -898,6 +909,7 @@ void import_key_smoke( int type_arg, int alg_arg, driver.persistent_data_size = sizeof( psa_key_slot_number_t ); key_management.p_allocate = counter_allocate; key_management.p_import = null_import; + key_management.p_destroy = null_destroy; PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -995,6 +1007,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) driver.persistent_data_size = sizeof( psa_key_slot_number_t ); key_management.p_allocate = counter_allocate; key_management.p_generate = null_generate; + key_management.p_destroy = null_destroy; PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -1220,10 +1233,11 @@ void register_key_smoke_test( int lifetime_arg, memset( &driver, 0, sizeof( driver ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; + memset( &key_management, 0, sizeof( key_management ) ); + driver.key_management = &key_management; + key_management.p_destroy = null_destroy; if( validate >= 0 ) { - memset( &key_management, 0, sizeof( key_management ) ); - driver.key_management = &key_management; key_management.p_validate_slot_number = validate_slot_number_as_directed; validate_slot_number_directions.slot_number = wanted_slot; validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER; From c9d7f94a654815fe8dbf1fef1ca074e865423f46 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Aug 2019 16:17:16 +0200 Subject: [PATCH 1565/2197] Add issue numbers for some missing parts of secure element support --- library/psa_crypto.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bce777b15..34a023190 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1214,8 +1214,10 @@ psa_status_t psa_get_key_attributes( psa_key_handle_t handle, case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* TOnogrepDO: reporting the public exponent for opaque keys - * is not yet implemented. */ + /* TODO: reporting the public exponent for opaque keys + * is not yet implemented. + * https://github.com/ARMmbed/mbed-crypto/issues/216 + */ if( psa_key_slot_is_external( slot ) ) break; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -1735,10 +1737,12 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, return; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* TOnogrepDO: If the key has already been created in the secure + /* TODO: If the key has already been created in the secure * element, and the failure happened later (when saving metadata * to internal storage), we need to destroy the key in the secure - * element. */ + * element. + * https://github.com/ARMmbed/mbed-crypto/issues/217 + */ /* Abort the ongoing transaction if any (there may not be one if * the creation process failed before starting one, or if the @@ -6088,8 +6092,10 @@ static psa_status_t psa_crypto_recover_transaction( { case PSA_CRYPTO_TRANSACTION_CREATE_KEY: case PSA_CRYPTO_TRANSACTION_DESTROY_KEY: - /* TOnogrepDO - fall through to the failure case until this - * is implemented */ + /* TODO - fall through to the failure case until this + * is implemented. + * https://github.com/ARMmbed/mbed-crypto/issues/218 + */ default: /* We found an unsupported transaction in the storage. * We don't know what state the storage is in. Give up. */ From 0b74cf85ea6e9dcf71bb3ff2a440f828cfcc3479 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Tue, 13 Aug 2019 14:20:39 +0200 Subject: [PATCH 1566/2197] Remove psa_key_derivation() and associated static functions --- include/psa/crypto_extra.h | 59 -------- library/psa_crypto.c | 278 ------------------------------------- 2 files changed, 337 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 6dfaa1300..93ff6fb9d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -224,65 +224,6 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); psa_status_t mbedtls_psa_inject_entropy(uint8_t *seed, size_t seed_size); -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -/** Set up a key derivation operation. - * - * FIMXE This function is no longer part of the official API. Its prototype - * is only kept around for the sake of tests that haven't been updated yet. - * - * A key derivation algorithm takes three inputs: a secret input \p handle and - * two non-secret inputs \p label and p salt. - * The result of this function is a byte generator which can - * be used to produce keys and other cryptographic material. - * - * The role of \p label and \p salt is as follows: - * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step - * and \p label is the info string used in the "expand" step. - * - * \param[in,out] operation The key derivation object to set up. It must - * have been initialized as per the documentation - * for #psa_key_derivation_operation_t and not - * yet be in use. - * \param handle Handle to the secret key. - * \param alg The key derivation algorithm to compute - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true). - * \param[in] salt Salt to use. - * \param salt_length Size of the \p salt buffer in bytes. - * \param[in] label Label to use. - * \param label_length Size of the \p label buffer in bytes. - * \param capacity The maximum number of bytes that the - * operation will be able to provide. - * - * \retval #PSA_SUCCESS - * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_EMPTY_SLOT - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c key is not compatible with \c alg, - * or \p capacity is too large for the specified algorithm and key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_key_derivation(psa_key_derivation_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length, - size_t capacity); -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ - /** \addtogroup crypto_types * @{ */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bd801441a..787b5a737 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4804,284 +4804,6 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut /* Key derivation */ /****************************************************************/ -#if defined(MBEDTLS_MD_C) -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -/* Set up an HKDF-based operation. This is exactly the extract phase - * of the HKDF algorithm. - * - * Note that if this function fails, you must call psa_key_derivation_abort() - * to potentially free embedded data structures and wipe confidential data. - */ -static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hkdf, - const uint8_t *secret, - size_t secret_length, - psa_algorithm_t hash_alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length ) -{ - psa_status_t status; - status = psa_hmac_setup_internal( &hkdf->hmac, - salt, salt_length, - hash_alg ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_hash_update( &hkdf->hmac.hash_ctx, secret, secret_length ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_hmac_finish_internal( &hkdf->hmac, - hkdf->prk, - sizeof( hkdf->prk ) ); - if( status != PSA_SUCCESS ) - return( status ); - hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg ); - hkdf->block_number = 0; - hkdf->info_length = label_length; - if( label_length != 0 ) - { - hkdf->info = mbedtls_calloc( 1, label_length ); - if( hkdf->info == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( hkdf->info, label, label_length ); - } - hkdf->state = HKDF_STATE_KEYED; - hkdf->info_set = 1; - return( PSA_SUCCESS ); -} -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_MD_C) -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -/* Set up a TLS-1.2-prf-based operation (see RFC 5246, Section 5). - * - * Note that if this function fails, you must call psa_key_derivation_abort() - * to potentially free embedded data structures and wipe confidential data. - */ -static psa_status_t psa_key_derivation_tls12_prf_setup( - psa_tls12_prf_key_derivation_t *tls12_prf, - const uint8_t *key, - size_t key_len, - psa_algorithm_t hash_alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length ) -{ - uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); - size_t Ai_with_seed_len = hash_length + salt_length + label_length; - int overflow; - - tls12_prf->key = mbedtls_calloc( 1, key_len ); - if( tls12_prf->key == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - tls12_prf->key_len = key_len; - memcpy( tls12_prf->key, key, key_len ); - - overflow = ( salt_length + label_length < salt_length ) || - ( salt_length + label_length + hash_length < hash_length ); - if( overflow ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - tls12_prf->Ai_with_seed = mbedtls_calloc( 1, Ai_with_seed_len ); - if( tls12_prf->Ai_with_seed == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - tls12_prf->Ai_with_seed_len = Ai_with_seed_len; - - /* Write `label + seed' at the end of the `A(i) + seed` buffer, - * leaving the initial `hash_length` bytes unspecified for now. */ - if( label_length != 0 ) - { - memcpy( tls12_prf->Ai_with_seed + hash_length, - label, label_length ); - } - - if( salt_length != 0 ) - { - memcpy( tls12_prf->Ai_with_seed + hash_length + label_length, - salt, salt_length ); - } - - /* The first block gets generated when - * psa_key_derivation_output_bytes() is called. */ - tls12_prf->block_number = 0; - tls12_prf->offset_in_block = hash_length; - - return( PSA_SUCCESS ); -} -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ - -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -/* Set up a TLS-1.2-PSK-to-MS-based operation. */ -static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( - psa_tls12_prf_key_derivation_t *tls12_prf, - const uint8_t *psk, - size_t psk_len, - psa_algorithm_t hash_alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length ) -{ - psa_status_t status; - uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ]; - - if( psk_len > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - /* Quoting RFC 4279, Section 2: - * - * The premaster secret is formed as follows: if the PSK is N octets - * long, concatenate a uint16 with the value N, N zero octets, a second - * uint16 with the value N, and the PSK itself. - */ - - pms[0] = ( psk_len >> 8 ) & 0xff; - pms[1] = ( psk_len >> 0 ) & 0xff; - memset( pms + 2, 0, psk_len ); - pms[2 + psk_len + 0] = pms[0]; - pms[2 + psk_len + 1] = pms[1]; - memcpy( pms + 4 + psk_len, psk, psk_len ); - - status = psa_key_derivation_tls12_prf_setup( tls12_prf, - pms, 4 + 2 * psk_len, - hash_alg, - salt, salt_length, - label, label_length ); - - mbedtls_platform_zeroize( pms, sizeof( pms ) ); - return( status ); -} -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ -#endif /* MBEDTLS_MD_C */ - -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -/* Note that if this function fails, you must call psa_key_derivation_abort() - * to potentially free embedded data structures and wipe confidential data. - */ -static psa_status_t psa_key_derivation_internal( - psa_key_derivation_operation_t *operation, - const uint8_t *secret, size_t secret_length, - psa_algorithm_t alg, - const uint8_t *salt, size_t salt_length, - const uint8_t *label, size_t label_length, - size_t capacity ) -{ - psa_status_t status; - size_t max_capacity; - - /* Set operation->alg even on failure so that abort knows what to do. */ - operation->alg = alg; - -#if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_HKDF( alg ) ) - { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); - size_t hash_size = PSA_HASH_SIZE( hash_alg ); - if( hash_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - max_capacity = 255 * hash_size; - status = psa_key_derivation_hkdf_setup( &operation->ctx.hkdf, - secret, secret_length, - hash_alg, - salt, salt_length, - label, label_length ); - } - /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */ - else if( PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); - size_t hash_size = PSA_HASH_SIZE( hash_alg ); - - /* TLS-1.2 PRF supports only SHA-256 and SHA-384. */ - if( hash_alg != PSA_ALG_SHA_256 && - hash_alg != PSA_ALG_SHA_384 ) - { - return( PSA_ERROR_NOT_SUPPORTED ); - } - - max_capacity = 255 * hash_size; - - if( PSA_ALG_IS_TLS12_PRF( alg ) ) - { - status = psa_key_derivation_tls12_prf_setup( &operation->ctx.tls12_prf, - secret, secret_length, - hash_alg, salt, salt_length, - label, label_length ); - } - else - { - status = psa_key_derivation_tls12_psk_to_ms_setup( - &operation->ctx.tls12_prf, - secret, secret_length, - hash_alg, salt, salt_length, - label, label_length ); - } - } - else -#endif - { - return( PSA_ERROR_NOT_SUPPORTED ); - } - - if( status != PSA_SUCCESS ) - return( status ); - - if( capacity <= max_capacity ) - operation->capacity = capacity; - else if( capacity == PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ) - operation->capacity = max_capacity; - else - return( PSA_ERROR_INVALID_ARGUMENT ); - - return( PSA_SUCCESS ); -} -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ - -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, - psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *salt, - size_t salt_length, - const uint8_t *label, - size_t label_length, - size_t capacity ) -{ - psa_key_slot_t *slot; - psa_status_t status; - - if( operation->alg != 0 ) - return( PSA_ERROR_BAD_STATE ); - - /* Make sure that alg is a key derivation algorithm. This prevents - * key selection algorithms, which psa_key_derivation_internal - * accepts for the sake of key agreement. */ - if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DERIVE, alg ); - if( status != PSA_SUCCESS ) - return( status ); - - if( slot->attr.type != PSA_KEY_TYPE_DERIVE ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - status = psa_key_derivation_internal( operation, - slot->data.raw.data, - slot->data.raw.bytes, - alg, - salt, salt_length, - label, label_length, - capacity ); - if( status != PSA_SUCCESS ) - psa_key_derivation_abort( operation ); - return( status ); -} -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ - static psa_status_t psa_key_derivation_setup_kdf( psa_key_derivation_operation_t *operation, psa_algorithm_t kdf_alg ) From 012dcc4b875f7950d50be67e24a0444719024301 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Tue, 13 Aug 2019 14:55:03 +0200 Subject: [PATCH 1567/2197] Remove PSA_PRE_1_0_KEY_DERIVATION and the corresponding code --- include/psa/crypto_struct.h | 43 ----- library/psa_crypto.c | 218 +----------------------- programs/psa/key_ladder_demo.c | 7 +- tests/suites/test_suite_psa_crypto.data | 106 ++++++------ 4 files changed, 57 insertions(+), 317 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 9e38e53ce..816454992 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -191,49 +191,7 @@ typedef struct } psa_hkdf_key_derivation_t; #endif /* MBEDTLS_MD_C */ -/* - * If this option is not turned on, then the function `psa_key_derivation()` - * is removed. And the new psa_tls12_prf_key_derivation_t context is used along - * with the corresponding new API. - * - * The sole purpose of this option is to make the transition to the new API - * smoother. Once the transition is complete it can and should be removed - * along with the old API and its implementation. - */ -#define PSA_PRE_1_0_KEY_DERIVATION - #if defined(MBEDTLS_MD_C) -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -typedef struct psa_tls12_prf_key_derivation_s -{ - /* The TLS 1.2 PRF uses the key for each HMAC iteration, - * hence we must store it for the lifetime of the operation. - * This is different from HKDF, where the key is only used - * in the extraction phase, but not during expansion. */ - uint8_t *key; - size_t key_len; - - /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */ - uint8_t *Ai_with_seed; - size_t Ai_with_seed_len; - - /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ - uint8_t output_block[PSA_HASH_MAX_SIZE]; - -#if PSA_HASH_MAX_SIZE > 0xff -#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" -#endif - - /* Indicates how many bytes in the current HMAC block have - * already been read by the user. */ - uint8_t offset_in_block; - - /* The 1-based number of the block. */ - uint8_t block_number; - -} psa_tls12_prf_key_derivation_t; -#else - typedef enum { TLS12_PRF_STATE_INIT, /* no input provided */ @@ -268,7 +226,6 @@ typedef struct psa_tls12_prf_key_derivation_s /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */ uint8_t output_block[PSA_HASH_MAX_SIZE]; } psa_tls12_prf_key_derivation_t; -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ struct psa_key_derivation_s diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 787b5a737..073317c04 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2458,14 +2458,6 @@ static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac ) mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) ); return( psa_hash_abort( &hmac->hash_ctx ) ); } - -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -static void psa_hmac_init_internal( psa_hmac_internal_data *hmac ) -{ - /* Instances of psa_hash_operation_s can be initialized by zeroization. */ - memset( hmac, 0, sizeof( *hmac ) ); -} -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) @@ -4212,21 +4204,6 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { -#if defined(PSA_PRE_1_0_KEY_DERIVATION) - if( operation->ctx.tls12_prf.key != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.key, - operation->ctx.tls12_prf.key_len ); - mbedtls_free( operation->ctx.tls12_prf.key ); - } - - if( operation->ctx.tls12_prf.Ai_with_seed != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.Ai_with_seed, - operation->ctx.tls12_prf.Ai_with_seed_len ); - mbedtls_free( operation->ctx.tls12_prf.Ai_with_seed ); - } -#else if( operation->ctx.tls12_prf.seed != NULL ) { mbedtls_platform_zeroize( operation->ctx.tls12_prf.seed, @@ -4245,7 +4222,6 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation /* We leave the fields Ai and output_block to be erased safely by the * mbedtls_platform_zeroize() in the end of this function. */ -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ } else #endif /* MBEDTLS_MD_C */ @@ -4350,119 +4326,6 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd return( PSA_SUCCESS ); } -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( - psa_tls12_prf_key_derivation_t *tls12_prf, - psa_algorithm_t alg ) -{ - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); - uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); - psa_hmac_internal_data hmac; - psa_status_t status, cleanup_status; - - uint8_t *Ai; - size_t Ai_len; - - /* We can't be wanting more output after block 0xff, otherwise - * the capacity check in psa_key_derivation_output_bytes() would have - * prevented this call. It could happen only if the operation - * object was corrupted or if this function is called directly - * inside the library. */ - if( tls12_prf->block_number == 0xff ) - return( PSA_ERROR_BAD_STATE ); - - /* We need a new block */ - ++tls12_prf->block_number; - tls12_prf->offset_in_block = 0; - - /* Recall the definition of the TLS-1.2-PRF from RFC 5246: - * - * PRF(secret, label, seed) = P_(secret, label + seed) - * - * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + - * HMAC_hash(secret, A(2) + seed) + - * HMAC_hash(secret, A(3) + seed) + ... - * - * A(0) = seed - * A(i) = HMAC_hash( secret, A(i-1) ) - * - * The `psa_tls12_prf_key_derivation` structures saves the block - * `HMAC_hash(secret, A(i) + seed)` from which the output - * is currently extracted as `output_block`, while - * `A(i) + seed` is stored in `Ai_with_seed`. - * - * Generating a new block means recalculating `Ai_with_seed` - * from the A(i)-part of it, and afterwards recalculating - * `output_block`. - * - * A(0) is computed at setup time. - * - */ - - psa_hmac_init_internal( &hmac ); - - /* We must distinguish the calculation of A(1) from those - * of A(2) and higher, because A(0)=seed has a different - * length than the other A(i). */ - if( tls12_prf->block_number == 1 ) - { - Ai = tls12_prf->Ai_with_seed + hash_length; - Ai_len = tls12_prf->Ai_with_seed_len - hash_length; - } - else - { - Ai = tls12_prf->Ai_with_seed; - Ai_len = hash_length; - } - - /* Compute A(i+1) = HMAC_hash(secret, A(i)) */ - status = psa_hmac_setup_internal( &hmac, - tls12_prf->key, - tls12_prf->key_len, - hash_alg ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hash_update( &hmac.hash_ctx, - Ai, Ai_len ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hmac_finish_internal( &hmac, - tls12_prf->Ai_with_seed, - hash_length ); - if( status != PSA_SUCCESS ) - goto cleanup; - - /* Compute the next block `HMAC_hash(secret, A(i+1) + seed)`. */ - status = psa_hmac_setup_internal( &hmac, - tls12_prf->key, - tls12_prf->key_len, - hash_alg ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hash_update( &hmac.hash_ctx, - tls12_prf->Ai_with_seed, - tls12_prf->Ai_with_seed_len ); - if( status != PSA_SUCCESS ) - goto cleanup; - - status = psa_hmac_finish_internal( &hmac, - tls12_prf->output_block, - hash_length ); - if( status != PSA_SUCCESS ) - goto cleanup; - -cleanup: - - cleanup_status = psa_hmac_abort_internal( &hmac ); - if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS ) - status = cleanup_status; - - return( status ); -} -#else static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg ) @@ -4570,49 +4433,7 @@ cleanup: return( status ); } -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -/* Read some bytes from an TLS-1.2-PRF-based operation. - * See Section 5 of RFC 5246. */ -static psa_status_t psa_key_derivation_tls12_prf_read( - psa_tls12_prf_key_derivation_t *tls12_prf, - psa_algorithm_t alg, - uint8_t *output, - size_t output_length ) -{ - psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); - uint8_t hash_length = PSA_HASH_SIZE( hash_alg ); - psa_status_t status; - - while( output_length != 0 ) - { - /* Copy what remains of the current block */ - uint8_t n = hash_length - tls12_prf->offset_in_block; - - /* Check if we have fully processed the current block. */ - if( n == 0 ) - { - status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf, - alg ); - if( status != PSA_SUCCESS ) - return( status ); - - continue; - } - - if( n > output_length ) - n = (uint8_t) output_length; - memcpy( output, tls12_prf->output_block + tls12_prf->offset_in_block, - n ); - output += n; - output_length -= n; - tls12_prf->offset_in_block += n; - } - - return( PSA_SUCCESS ); -} -#else static psa_status_t psa_key_derivation_tls12_prf_read( psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg, @@ -4651,7 +4472,6 @@ static psa_status_t psa_key_derivation_tls12_prf_read( return( PSA_SUCCESS ); } -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ psa_status_t psa_key_derivation_output_bytes( @@ -4929,38 +4749,6 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, } } -#if defined(PSA_PRE_1_0_KEY_DERIVATION) -static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, - psa_algorithm_t hash_alg, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) -{ - (void) prf; - (void) hash_alg; - (void) step; - (void) data; - (void) data_length; - - return( PSA_ERROR_INVALID_ARGUMENT ); -} - -static psa_status_t psa_tls12_prf_psk_to_ms_input( - psa_tls12_prf_key_derivation_t *prf, - psa_algorithm_t hash_alg, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) -{ - (void) prf; - (void) hash_alg; - (void) step; - (void) data; - (void) data_length; - - return( PSA_ERROR_INVALID_ARGUMENT ); -} -#else static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, const uint8_t *data, size_t data_length ) @@ -5092,7 +4880,6 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input( return( psa_tls12_prf_input( prf, hash_alg, step, data, data_length ) ); } -#endif /* PSA_PRE_1_0_KEY_DERIVATION */ #endif /* MBEDTLS_MD_C */ static psa_status_t psa_key_derivation_input_internal( @@ -5111,10 +4898,7 @@ static psa_status_t psa_key_derivation_input_internal( PSA_ALG_HKDF_GET_HASH( kdf_alg ), step, data, data_length ); } - else -#endif /* MBEDTLS_MD_C */ -#if defined(MBEDTLS_MD_C) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) + else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) { status = psa_tls12_prf_input( &operation->ctx.tls12_prf, PSA_ALG_HKDF_GET_HASH( kdf_alg ), diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 91e517870..f492e0e5d 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -68,14 +68,13 @@ /* If the build options we need are not enabled, compile a placeholder. */ #if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ - !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) ||\ - defined(PSA_PRE_1_0_KEY_DERIVATION) + !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) int main( void ) { printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " - "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO and/or " - "not defined and/or PSA_PRE_1_0_KEY_DERIVATION defined.\n"); + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " + "not defined.\n"); return( 0 ); } #else diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b04984024..759da3548 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -478,7 +478,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key policy: derive via TLS 1.2 PRF, permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key policy: derive via HKDF, not permitted @@ -486,7 +486,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key policy: derive via TLS 1.2 PRF, not permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key policy: derive via HKDF, wrong algorithm @@ -494,7 +494,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: derive via TLS 1.2 PRF, wrong algorithm -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: agreement + KDF, permitted @@ -1488,7 +1488,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA import/exercise: TLS 1.2 PRF SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA sign: RSA PKCS#1 v1.5, raw @@ -1817,39 +1817,39 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, good case -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, key first -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, early label -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double seed -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double key -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, bad key type -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: HKDF invalid state (double generate + read past capacity) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key derivation: invalid state (call read/get_capacity after init and abort) @@ -1906,70 +1906,70 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_K # Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":"" PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66" PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" # Test case manually extracted from debug output of TLS-PSK run # Label: "master secret" # Salt: Concatenation of ClientHello.Random and ServerHello.Random PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: HKDF SHA-256, request maximum capacity @@ -1989,7 +1989,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: over capacity 42: output 42+1 @@ -2017,98 +2017,98 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1 PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 PSA key derivation: HKDF SHA-256, exercise AES128-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise AES256-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key derivation: HKDF SHA-256, derive key export, 16+32 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 PSA key derivation: HKDF SHA-256, derive key export, 1+41 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 16+32 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 PSA key derivation: invalid type (0) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_NOT_SUPPORTED PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_NOT_SUPPORTED # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum # output from HKDF-SHA512 (255*64 = 16320 bytes). PSA key derivation: largest possible key -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS PSA key derivation: key too large -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!PSA_PRE_1_0_KEY_DERIVATION +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: ECDH + HKDF-SHA-256: good From 3794dec52bd1fee786af86ec6df4508c40295857 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Wed, 14 Aug 2019 19:23:24 +0200 Subject: [PATCH 1568/2197] Change the expected error for two key derivation tests --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 759da3548..c9c32eec5 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2094,11 +2094,11 @@ derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: invalid type (0) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_NOT_SUPPORTED +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_NOT_SUPPORTED +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum From b9b4f09c47d941b9c61a07738cb3ad00d44774d0 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Thu, 15 Aug 2019 19:01:59 +0200 Subject: [PATCH 1569/2197] Document new error type returned from the key derivation API --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2b5bb97fc..f5d17965d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3201,6 +3201,8 @@ psa_status_t psa_key_derivation_output_bytes( * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size is not supported, either by the * implementation in general or in this particular location. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The provided key attributes are not valid for the operation. * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE From 79a11fa0d635a56dff7b2359962e7c164fded166 Mon Sep 17 00:00:00 2001 From: Alexander K Date: Fri, 16 Aug 2019 16:10:34 +0300 Subject: [PATCH 1570/2197] Explicitly nullify grp->id instead of freeing. --- library/ecp_curves.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 4335f2d60..400f208a0 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -836,6 +836,7 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ default: + grp->id = id; return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); } } From e8ad49f069a171dee614715621593247d01e28b0 Mon Sep 17 00:00:00 2001 From: Alexander K Date: Fri, 16 Aug 2019 16:16:07 +0300 Subject: [PATCH 1571/2197] Remove unused TG variable in mbedtls_mpi_gcd() --- library/bignum.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 98ee12a71..200766250 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2139,13 +2139,13 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B { int ret; size_t lz, lzt; - mbedtls_mpi TG, TA, TB; + mbedtls_mpi TA, TB; MPI_VALIDATE_RET( G != NULL ); MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); - mbedtls_mpi_init( &TG ); mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); + mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); @@ -2183,7 +2183,7 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B cleanup: - mbedtls_mpi_free( &TG ); mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB ); + mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB ); return( ret ); } From c95d9eedbf062714c43e49701287cd66cf8f988e Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 14 Apr 2019 17:36:10 +0300 Subject: [PATCH 1572/2197] Remove a redundant function call Remove a call to `mbedtls_mpi_bitlen()` since the returned value is overwritten in the line after. This is redundant since da31fa137a1183d3feed5981af6d05c550a8c005. Fixes #2377. --- library/bignum.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 98ee12a71..5987ea8b4 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2410,8 +2410,6 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) ); - i = mbedtls_mpi_bitlen( X ); - for( i = 0; i < rounds; i++ ) { /* From bee486146e267b7b8f5104bf7d125a5933da3211 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 12:32:07 +0100 Subject: [PATCH 1573/2197] ECDH: Add Everest Curve25519 to 3rdparty/everest These files are automatically generated by the Everest toolchain from F* files. They do not respect the mbedTLS code style guidelines as manual modification would invalidate verification guarantees. The files in 3rdparty/everest/include/kremli{n,b} are a customized (minimzed) version of the support headers expected by the code extracted using KreMLin. --- 3rdparty/everest/README.md | 1 + 3rdparty/everest/apache-2.0.txt | 202 +++++ .../everest/include/everest/Hacl_Curve25519.h | 21 + 3rdparty/everest/include/everest/kremlib.h | 29 + .../include/everest/kremlib/FStar_UInt128.h | 124 +++ ...64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h | 280 +++++++ .../include/everest/kremlin/c_endianness.h | 204 +++++ .../everest/kremlin/internal/builtin.h | 16 + .../everest/kremlin/internal/callconv.h | 44 + .../include/everest/kremlin/internal/compat.h | 34 + .../include/everest/kremlin/internal/debug.h | 57 ++ .../include/everest/kremlin/internal/target.h | 102 +++ .../include/everest/kremlin/internal/types.h | 61 ++ .../everest/kremlin/internal/wasmsupport.h | 5 + 3rdparty/everest/library/Hacl_Curve25519.c | 760 ++++++++++++++++++ .../library/kremlib/FStar_UInt128_extracted.c | 413 ++++++++++ ...64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c | 100 +++ .../everest/library/kremlib/fstar_uint128.c | 216 +++++ 18 files changed, 2669 insertions(+) create mode 100644 3rdparty/everest/README.md create mode 100644 3rdparty/everest/apache-2.0.txt create mode 100644 3rdparty/everest/include/everest/Hacl_Curve25519.h create mode 100644 3rdparty/everest/include/everest/kremlib.h create mode 100644 3rdparty/everest/include/everest/kremlib/FStar_UInt128.h create mode 100644 3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h create mode 100644 3rdparty/everest/include/everest/kremlin/c_endianness.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/builtin.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/callconv.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/compat.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/debug.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/target.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/types.h create mode 100644 3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h create mode 100644 3rdparty/everest/library/Hacl_Curve25519.c create mode 100644 3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c create mode 100644 3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c create mode 100644 3rdparty/everest/library/kremlib/fstar_uint128.c diff --git a/3rdparty/everest/README.md b/3rdparty/everest/README.md new file mode 100644 index 000000000..69134f6ac --- /dev/null +++ b/3rdparty/everest/README.md @@ -0,0 +1 @@ +The files in this directory stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. diff --git a/3rdparty/everest/apache-2.0.txt b/3rdparty/everest/apache-2.0.txt new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/3rdparty/everest/apache-2.0.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/3rdparty/everest/include/everest/Hacl_Curve25519.h b/3rdparty/everest/include/everest/Hacl_Curve25519.h new file mode 100644 index 000000000..e3f5ba44b --- /dev/null +++ b/3rdparty/everest/include/everest/Hacl_Curve25519.h @@ -0,0 +1,21 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: /mnt/e/everest/verify/kremlin/krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -fbuiltin-uint128 -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -I /mnt/e/everest/verify/hacl-star/code/lib/kremlin -I /mnt/e/everest/verify/kremlin/kremlib/compat -I /mnt/e/everest/verify/hacl-star/specs -I /mnt/e/everest/verify/hacl-star/specs/old -I . -ccopt -march=native -verbose -ldopt -flto -tmpdir x25519-c -I ../bignum -bundle Hacl.Curve25519=* -minimal -add-include "kremlib.h" -skip-compilation x25519-c/out.krml -o x25519-c/Hacl_Curve25519.c + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + + +#ifndef __Hacl_Curve25519_H +#define __Hacl_Curve25519_H + + +#include "kremlib.h" + +void Hacl_Curve25519_crypto_scalarmult(uint8_t *mypublic, uint8_t *secret, uint8_t *basepoint); + +#define __Hacl_Curve25519_H_DEFINED +#endif diff --git a/3rdparty/everest/include/everest/kremlib.h b/3rdparty/everest/include/everest/kremlib.h new file mode 100644 index 000000000..f06663f09 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlib.h @@ -0,0 +1,29 @@ +/* + * Copyright 2016-2018 INRIA and Microsoft Corporation + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) and + * originated from Project Everest (https://project-everest.github.io/) + */ + +#ifndef __KREMLIB_H +#define __KREMLIB_H + +#include "kremlin/internal/target.h" +#include "kremlin/internal/types.h" +#include "kremlin/c_endianness.h" + +#endif /* __KREMLIB_H */ diff --git a/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h b/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h new file mode 100644 index 000000000..d71c8820b --- /dev/null +++ b/3rdparty/everest/include/everest/kremlib/FStar_UInt128.h @@ -0,0 +1,124 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: ../krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrB9w -minimal -fparentheses -fcurly-braces -fno-shadow -header copyright-header.txt -minimal -tmpdir dist/uint128 -skip-compilation -extract-uints -add-include -add-include -add-include "kremlin/internal/types.h" -bundle FStar.UInt128=* extracted/prims.krml extracted/FStar_Pervasives_Native.krml extracted/FStar_Pervasives.krml extracted/FStar_Mul.krml extracted/FStar_Squash.krml extracted/FStar_Classical.krml extracted/FStar_StrongExcludedMiddle.krml extracted/FStar_FunctionalExtensionality.krml extracted/FStar_List_Tot_Base.krml extracted/FStar_List_Tot_Properties.krml extracted/FStar_List_Tot.krml extracted/FStar_Seq_Base.krml extracted/FStar_Seq_Properties.krml extracted/FStar_Seq.krml extracted/FStar_Math_Lib.krml extracted/FStar_Math_Lemmas.krml extracted/FStar_BitVector.krml extracted/FStar_UInt.krml extracted/FStar_UInt32.krml extracted/FStar_Int.krml extracted/FStar_Int16.krml extracted/FStar_Preorder.krml extracted/FStar_Ghost.krml extracted/FStar_ErasedLogic.krml extracted/FStar_UInt64.krml extracted/FStar_Set.krml extracted/FStar_PropositionalExtensionality.krml extracted/FStar_PredicateExtensionality.krml extracted/FStar_TSet.krml extracted/FStar_Monotonic_Heap.krml extracted/FStar_Heap.krml extracted/FStar_Map.krml extracted/FStar_Monotonic_HyperHeap.krml extracted/FStar_Monotonic_HyperStack.krml extracted/FStar_HyperStack.krml extracted/FStar_Monotonic_Witnessed.krml extracted/FStar_HyperStack_ST.krml extracted/FStar_HyperStack_All.krml extracted/FStar_Date.krml extracted/FStar_Universe.krml extracted/FStar_GSet.krml extracted/FStar_ModifiesGen.krml extracted/LowStar_Monotonic_Buffer.krml extracted/LowStar_Buffer.krml extracted/Spec_Loops.krml extracted/LowStar_BufferOps.krml extracted/C_Loops.krml extracted/FStar_UInt8.krml extracted/FStar_Kremlin_Endianness.krml extracted/FStar_UInt63.krml extracted/FStar_Exn.krml extracted/FStar_ST.krml extracted/FStar_All.krml extracted/FStar_Dyn.krml extracted/FStar_Int63.krml extracted/FStar_Int64.krml extracted/FStar_Int32.krml extracted/FStar_Int8.krml extracted/FStar_UInt16.krml extracted/FStar_Int_Cast.krml extracted/FStar_UInt128.krml extracted/C_Endianness.krml extracted/FStar_List.krml extracted/FStar_Float.krml extracted/FStar_IO.krml extracted/C.krml extracted/FStar_Char.krml extracted/FStar_String.krml extracted/LowStar_Modifies.krml extracted/C_String.krml extracted/FStar_Bytes.krml extracted/FStar_HyperStack_IO.krml extracted/C_Failure.krml extracted/TestLib.krml extracted/FStar_Int_Cast_Full.krml + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + + +#ifndef __FStar_UInt128_H +#define __FStar_UInt128_H + + +#include +#include +#include "kremlin/internal/types.h" + +uint64_t FStar_UInt128___proj__Mkuint128__item__low(FStar_UInt128_uint128 projectee); + +uint64_t FStar_UInt128___proj__Mkuint128__item__high(FStar_UInt128_uint128 projectee); + +typedef FStar_UInt128_uint128 FStar_UInt128_t; + +FStar_UInt128_uint128 FStar_UInt128_add(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 +FStar_UInt128_add_underspec(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_add_mod(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_sub(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 +FStar_UInt128_sub_underspec(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_sub_mod(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_logand(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_logxor(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_logor(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_lognot(FStar_UInt128_uint128 a); + +FStar_UInt128_uint128 FStar_UInt128_shift_left(FStar_UInt128_uint128 a, uint32_t s); + +FStar_UInt128_uint128 FStar_UInt128_shift_right(FStar_UInt128_uint128 a, uint32_t s); + +bool FStar_UInt128_eq(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +bool FStar_UInt128_gt(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +bool FStar_UInt128_lt(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +bool FStar_UInt128_gte(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +bool FStar_UInt128_lte(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_eq_mask(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_gte_mask(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b); + +FStar_UInt128_uint128 FStar_UInt128_uint64_to_uint128(uint64_t a); + +uint64_t FStar_UInt128_uint128_to_uint64(FStar_UInt128_uint128 a); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Plus_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Plus_Question_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Plus_Percent_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Subtraction_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Subtraction_Question_Hat)( + FStar_UInt128_uint128 x0, + FStar_UInt128_uint128 x1 +); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Subtraction_Percent_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Amp_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Hat_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Bar_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Less_Less_Hat)(FStar_UInt128_uint128 x0, uint32_t x1); + +extern FStar_UInt128_uint128 +(*FStar_UInt128_op_Greater_Greater_Hat)(FStar_UInt128_uint128 x0, uint32_t x1); + +extern bool (*FStar_UInt128_op_Equals_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern bool +(*FStar_UInt128_op_Greater_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern bool (*FStar_UInt128_op_Less_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern bool +(*FStar_UInt128_op_Greater_Equals_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern bool +(*FStar_UInt128_op_Less_Equals_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +FStar_UInt128_uint128 FStar_UInt128_mul32(uint64_t x, uint32_t y); + +FStar_UInt128_uint128 FStar_UInt128_mul_wide(uint64_t x, uint64_t y); + +#define __FStar_UInt128_H_DEFINED +#endif diff --git a/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h b/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h new file mode 100644 index 000000000..21560c4a5 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h @@ -0,0 +1,280 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: ../krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrB9w -minimal -fparentheses -fcurly-braces -fno-shadow -header copyright-header.txt -minimal -tmpdir dist/minimal -skip-compilation -extract-uints -add-include -add-include -add-include "kremlin/internal/compat.h" -add-include "kremlin/internal/types.h" -bundle FStar.UInt64+FStar.UInt32+FStar.UInt16+FStar.UInt8=* extracted/prims.krml extracted/FStar_Pervasives_Native.krml extracted/FStar_Pervasives.krml extracted/FStar_Mul.krml extracted/FStar_Squash.krml extracted/FStar_Classical.krml extracted/FStar_StrongExcludedMiddle.krml extracted/FStar_FunctionalExtensionality.krml extracted/FStar_List_Tot_Base.krml extracted/FStar_List_Tot_Properties.krml extracted/FStar_List_Tot.krml extracted/FStar_Seq_Base.krml extracted/FStar_Seq_Properties.krml extracted/FStar_Seq.krml extracted/FStar_Math_Lib.krml extracted/FStar_Math_Lemmas.krml extracted/FStar_BitVector.krml extracted/FStar_UInt.krml extracted/FStar_UInt32.krml extracted/FStar_Int.krml extracted/FStar_Int16.krml extracted/FStar_Preorder.krml extracted/FStar_Ghost.krml extracted/FStar_ErasedLogic.krml extracted/FStar_UInt64.krml extracted/FStar_Set.krml extracted/FStar_PropositionalExtensionality.krml extracted/FStar_PredicateExtensionality.krml extracted/FStar_TSet.krml extracted/FStar_Monotonic_Heap.krml extracted/FStar_Heap.krml extracted/FStar_Map.krml extracted/FStar_Monotonic_HyperHeap.krml extracted/FStar_Monotonic_HyperStack.krml extracted/FStar_HyperStack.krml extracted/FStar_Monotonic_Witnessed.krml extracted/FStar_HyperStack_ST.krml extracted/FStar_HyperStack_All.krml extracted/FStar_Date.krml extracted/FStar_Universe.krml extracted/FStar_GSet.krml extracted/FStar_ModifiesGen.krml extracted/LowStar_Monotonic_Buffer.krml extracted/LowStar_Buffer.krml extracted/Spec_Loops.krml extracted/LowStar_BufferOps.krml extracted/C_Loops.krml extracted/FStar_UInt8.krml extracted/FStar_Kremlin_Endianness.krml extracted/FStar_UInt63.krml extracted/FStar_Exn.krml extracted/FStar_ST.krml extracted/FStar_All.krml extracted/FStar_Dyn.krml extracted/FStar_Int63.krml extracted/FStar_Int64.krml extracted/FStar_Int32.krml extracted/FStar_Int8.krml extracted/FStar_UInt16.krml extracted/FStar_Int_Cast.krml extracted/FStar_UInt128.krml extracted/C_Endianness.krml extracted/FStar_List.krml extracted/FStar_Float.krml extracted/FStar_IO.krml extracted/C.krml extracted/FStar_Char.krml extracted/FStar_String.krml extracted/LowStar_Modifies.krml extracted/C_String.krml extracted/FStar_Bytes.krml extracted/FStar_HyperStack_IO.krml extracted/C_Failure.krml extracted/TestLib.krml extracted/FStar_Int_Cast_Full.krml + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + + +#ifndef __FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8_H +#define __FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8_H + + +#include +#include +#include "kremlin/internal/compat.h" +#include "kremlin/internal/types.h" + +extern Prims_int FStar_UInt64_n; + +extern Prims_int FStar_UInt64_v(uint64_t x0); + +extern uint64_t FStar_UInt64_uint_to_t(Prims_int x0); + +extern uint64_t FStar_UInt64_add(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_add_underspec(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_add_mod(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_sub(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_sub_underspec(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_sub_mod(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_mul(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_mul_underspec(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_mul_mod(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_mul_div(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_div(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_rem(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_logand(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_logxor(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_logor(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_lognot(uint64_t x0); + +extern uint64_t FStar_UInt64_shift_right(uint64_t x0, uint32_t x1); + +extern uint64_t FStar_UInt64_shift_left(uint64_t x0, uint32_t x1); + +extern bool FStar_UInt64_eq(uint64_t x0, uint64_t x1); + +extern bool FStar_UInt64_gt(uint64_t x0, uint64_t x1); + +extern bool FStar_UInt64_gte(uint64_t x0, uint64_t x1); + +extern bool FStar_UInt64_lt(uint64_t x0, uint64_t x1); + +extern bool FStar_UInt64_lte(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_minus(uint64_t x0); + +extern uint32_t FStar_UInt64_n_minus_one; + +uint64_t FStar_UInt64_eq_mask(uint64_t a, uint64_t b); + +uint64_t FStar_UInt64_gte_mask(uint64_t a, uint64_t b); + +extern Prims_string FStar_UInt64_to_string(uint64_t x0); + +extern uint64_t FStar_UInt64_of_string(Prims_string x0); + +extern Prims_int FStar_UInt32_n; + +extern Prims_int FStar_UInt32_v(uint32_t x0); + +extern uint32_t FStar_UInt32_uint_to_t(Prims_int x0); + +extern uint32_t FStar_UInt32_add(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_add_underspec(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_add_mod(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_sub(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_sub_underspec(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_sub_mod(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_mul(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_mul_underspec(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_mul_mod(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_mul_div(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_div(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_rem(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_logand(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_logxor(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_logor(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_lognot(uint32_t x0); + +extern uint32_t FStar_UInt32_shift_right(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_shift_left(uint32_t x0, uint32_t x1); + +extern bool FStar_UInt32_eq(uint32_t x0, uint32_t x1); + +extern bool FStar_UInt32_gt(uint32_t x0, uint32_t x1); + +extern bool FStar_UInt32_gte(uint32_t x0, uint32_t x1); + +extern bool FStar_UInt32_lt(uint32_t x0, uint32_t x1); + +extern bool FStar_UInt32_lte(uint32_t x0, uint32_t x1); + +extern uint32_t FStar_UInt32_minus(uint32_t x0); + +extern uint32_t FStar_UInt32_n_minus_one; + +uint32_t FStar_UInt32_eq_mask(uint32_t a, uint32_t b); + +uint32_t FStar_UInt32_gte_mask(uint32_t a, uint32_t b); + +extern Prims_string FStar_UInt32_to_string(uint32_t x0); + +extern uint32_t FStar_UInt32_of_string(Prims_string x0); + +extern Prims_int FStar_UInt16_n; + +extern Prims_int FStar_UInt16_v(uint16_t x0); + +extern uint16_t FStar_UInt16_uint_to_t(Prims_int x0); + +extern uint16_t FStar_UInt16_add(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_add_underspec(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_add_mod(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_sub(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_sub_underspec(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_sub_mod(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_mul(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_mul_underspec(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_mul_mod(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_mul_div(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_div(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_rem(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_logand(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_logxor(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_logor(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_lognot(uint16_t x0); + +extern uint16_t FStar_UInt16_shift_right(uint16_t x0, uint32_t x1); + +extern uint16_t FStar_UInt16_shift_left(uint16_t x0, uint32_t x1); + +extern bool FStar_UInt16_eq(uint16_t x0, uint16_t x1); + +extern bool FStar_UInt16_gt(uint16_t x0, uint16_t x1); + +extern bool FStar_UInt16_gte(uint16_t x0, uint16_t x1); + +extern bool FStar_UInt16_lt(uint16_t x0, uint16_t x1); + +extern bool FStar_UInt16_lte(uint16_t x0, uint16_t x1); + +extern uint16_t FStar_UInt16_minus(uint16_t x0); + +extern uint32_t FStar_UInt16_n_minus_one; + +uint16_t FStar_UInt16_eq_mask(uint16_t a, uint16_t b); + +uint16_t FStar_UInt16_gte_mask(uint16_t a, uint16_t b); + +extern Prims_string FStar_UInt16_to_string(uint16_t x0); + +extern uint16_t FStar_UInt16_of_string(Prims_string x0); + +extern Prims_int FStar_UInt8_n; + +extern Prims_int FStar_UInt8_v(uint8_t x0); + +extern uint8_t FStar_UInt8_uint_to_t(Prims_int x0); + +extern uint8_t FStar_UInt8_add(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_add_underspec(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_add_mod(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_sub(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_sub_underspec(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_sub_mod(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_mul(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_mul_underspec(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_mul_mod(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_mul_div(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_div(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_rem(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_logand(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_logxor(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_logor(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_lognot(uint8_t x0); + +extern uint8_t FStar_UInt8_shift_right(uint8_t x0, uint32_t x1); + +extern uint8_t FStar_UInt8_shift_left(uint8_t x0, uint32_t x1); + +extern bool FStar_UInt8_eq(uint8_t x0, uint8_t x1); + +extern bool FStar_UInt8_gt(uint8_t x0, uint8_t x1); + +extern bool FStar_UInt8_gte(uint8_t x0, uint8_t x1); + +extern bool FStar_UInt8_lt(uint8_t x0, uint8_t x1); + +extern bool FStar_UInt8_lte(uint8_t x0, uint8_t x1); + +extern uint8_t FStar_UInt8_minus(uint8_t x0); + +extern uint32_t FStar_UInt8_n_minus_one; + +uint8_t FStar_UInt8_eq_mask(uint8_t a, uint8_t b); + +uint8_t FStar_UInt8_gte_mask(uint8_t a, uint8_t b); + +extern Prims_string FStar_UInt8_to_string(uint8_t x0); + +extern uint8_t FStar_UInt8_of_string(Prims_string x0); + +typedef uint8_t FStar_UInt8_byte; + +#define __FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8_H_DEFINED +#endif diff --git a/3rdparty/everest/include/everest/kremlin/c_endianness.h b/3rdparty/everest/include/everest/kremlin/c_endianness.h new file mode 100644 index 000000000..5cfde5d9e --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/c_endianness.h @@ -0,0 +1,204 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef __KREMLIN_ENDIAN_H +#define __KREMLIN_ENDIAN_H + +#include +#include + +/******************************************************************************/ +/* Implementing C.fst (part 2: endian-ness macros) */ +/******************************************************************************/ + +/* ... for Linux */ +#if defined(__linux__) || defined(__CYGWIN__) +# include + +/* ... for OSX */ +#elif defined(__APPLE__) +# include +# define htole64(x) OSSwapHostToLittleInt64(x) +# define le64toh(x) OSSwapLittleToHostInt64(x) +# define htobe64(x) OSSwapHostToBigInt64(x) +# define be64toh(x) OSSwapBigToHostInt64(x) + +# define htole16(x) OSSwapHostToLittleInt16(x) +# define le16toh(x) OSSwapLittleToHostInt16(x) +# define htobe16(x) OSSwapHostToBigInt16(x) +# define be16toh(x) OSSwapBigToHostInt16(x) + +# define htole32(x) OSSwapHostToLittleInt32(x) +# define le32toh(x) OSSwapLittleToHostInt32(x) +# define htobe32(x) OSSwapHostToBigInt32(x) +# define be32toh(x) OSSwapBigToHostInt32(x) + +/* ... for Solaris */ +#elif defined(__sun__) +# include +# define htole64(x) LE_64(x) +# define le64toh(x) LE_64(x) +# define htobe64(x) BE_64(x) +# define be64toh(x) BE_64(x) + +# define htole16(x) LE_16(x) +# define le16toh(x) LE_16(x) +# define htobe16(x) BE_16(x) +# define be16toh(x) BE_16(x) + +# define htole32(x) LE_32(x) +# define le32toh(x) LE_32(x) +# define htobe32(x) BE_32(x) +# define be32toh(x) BE_32(x) + +/* ... for the BSDs */ +#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__DragonFly__) +# include +#elif defined(__OpenBSD__) +# include + +/* ... for Windows (MSVC)... not targeting XBOX 360! */ +#elif defined(_MSC_VER) + +# include +# define htobe16(x) _byteswap_ushort(x) +# define htole16(x) (x) +# define be16toh(x) _byteswap_ushort(x) +# define le16toh(x) (x) + +# define htobe32(x) _byteswap_ulong(x) +# define htole32(x) (x) +# define be32toh(x) _byteswap_ulong(x) +# define le32toh(x) (x) + +# define htobe64(x) _byteswap_uint64(x) +# define htole64(x) (x) +# define be64toh(x) _byteswap_uint64(x) +# define le64toh(x) (x) + +/* ... for Windows (GCC-like, e.g. mingw or clang) */ +#elif (defined(_WIN32) || defined(_WIN64)) && \ + (defined(__GNUC__) || defined(__clang__)) + +# define htobe16(x) __builtin_bswap16(x) +# define htole16(x) (x) +# define be16toh(x) __builtin_bswap16(x) +# define le16toh(x) (x) + +# define htobe32(x) __builtin_bswap32(x) +# define htole32(x) (x) +# define be32toh(x) __builtin_bswap32(x) +# define le32toh(x) (x) + +# define htobe64(x) __builtin_bswap64(x) +# define htole64(x) (x) +# define be64toh(x) __builtin_bswap64(x) +# define le64toh(x) (x) + +/* ... generic big-endian fallback code */ +#elif defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ + +/* byte swapping code inspired by: + * https://github.com/rweather/arduinolibs/blob/master/libraries/Crypto/utility/EndianUtil.h + * */ + +# define htobe32(x) (x) +# define be32toh(x) (x) +# define htole32(x) \ + (__extension__({ \ + uint32_t _temp = (x); \ + ((_temp >> 24) & 0x000000FF) | ((_temp >> 8) & 0x0000FF00) | \ + ((_temp << 8) & 0x00FF0000) | ((_temp << 24) & 0xFF000000); \ + })) +# define le32toh(x) (htole32((x))) + +# define htobe64(x) (x) +# define be64toh(x) (x) +# define htole64(x) \ + (__extension__({ \ + uint64_t __temp = (x); \ + uint32_t __low = htobe32((uint32_t)__temp); \ + uint32_t __high = htobe32((uint32_t)(__temp >> 32)); \ + (((uint64_t)__low) << 32) | __high; \ + })) +# define le64toh(x) (htole64((x))) + +/* ... generic little-endian fallback code */ +#elif defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ + +# define htole32(x) (x) +# define le32toh(x) (x) +# define htobe32(x) \ + (__extension__({ \ + uint32_t _temp = (x); \ + ((_temp >> 24) & 0x000000FF) | ((_temp >> 8) & 0x0000FF00) | \ + ((_temp << 8) & 0x00FF0000) | ((_temp << 24) & 0xFF000000); \ + })) +# define be32toh(x) (htobe32((x))) + +# define htole64(x) (x) +# define le64toh(x) (x) +# define htobe64(x) \ + (__extension__({ \ + uint64_t __temp = (x); \ + uint32_t __low = htobe32((uint32_t)__temp); \ + uint32_t __high = htobe32((uint32_t)(__temp >> 32)); \ + (((uint64_t)__low) << 32) | __high; \ + })) +# define be64toh(x) (htobe64((x))) + +/* ... couldn't determine endian-ness of the target platform */ +#else +# error "Please define __BYTE_ORDER__!" + +#endif /* defined(__linux__) || ... */ + +/* Loads and stores. These avoid undefined behavior due to unaligned memory + * accesses, via memcpy. */ + +inline static uint16_t load16(uint8_t *b) { + uint16_t x; + memcpy(&x, b, 2); + return x; +} + +inline static uint32_t load32(uint8_t *b) { + uint32_t x; + memcpy(&x, b, 4); + return x; +} + +inline static uint64_t load64(uint8_t *b) { + uint64_t x; + memcpy(&x, b, 8); + return x; +} + +inline static void store16(uint8_t *b, uint16_t i) { + memcpy(b, &i, 2); +} + +inline static void store32(uint8_t *b, uint32_t i) { + memcpy(b, &i, 4); +} + +inline static void store64(uint8_t *b, uint64_t i) { + memcpy(b, &i, 8); +} + +#define load16_le(b) (le16toh(load16(b))) +#define store16_le(b, i) (store16(b, htole16(i))) +#define load16_be(b) (be16toh(load16(b))) +#define store16_be(b, i) (store16(b, htobe16(i))) + +#define load32_le(b) (le32toh(load32(b))) +#define store32_le(b, i) (store32(b, htole32(i))) +#define load32_be(b) (be32toh(load32(b))) +#define store32_be(b, i) (store32(b, htobe32(i))) + +#define load64_le(b) (le64toh(load64(b))) +#define store64_le(b, i) (store64(b, htole64(i))) +#define load64_be(b) (be64toh(load64(b))) +#define store64_be(b, i) (store64(b, htobe64(i))) + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/builtin.h b/3rdparty/everest/include/everest/kremlin/internal/builtin.h new file mode 100644 index 000000000..219b26686 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/builtin.h @@ -0,0 +1,16 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef __KREMLIN_BUILTIN_H +#define __KREMLIN_BUILTIN_H + +/* For alloca, when using KreMLin's -falloca */ +#if (defined(_WIN32) || defined(_WIN64)) +# include +#endif + +/* If some globals need to be initialized before the main, then kremlin will + * generate and try to link last a function with this type: */ +void kremlinit_globals(void); + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/callconv.h b/3rdparty/everest/include/everest/kremlin/internal/callconv.h new file mode 100644 index 000000000..24b5fffa8 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/callconv.h @@ -0,0 +1,44 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef __KREMLIN_CALLCONV_H +#define __KREMLIN_CALLCONV_H + +/******************************************************************************/ +/* Some macros to ease compatibility */ +/******************************************************************************/ + +/* We want to generate __cdecl safely without worrying about it being undefined. + * When using MSVC, these are always defined. When using MinGW, these are + * defined too. They have no meaning for other platforms, so we define them to + * be empty macros in other situations. */ +#ifndef _MSC_VER +#ifndef __cdecl +#define __cdecl +#endif +#ifndef __stdcall +#define __stdcall +#endif +#ifndef __fastcall +#define __fastcall +#endif +#endif + +/* TODO: review these two definitions and understand why they're needed. */ +#ifdef __GNUC__ +# define inline __inline__ +#endif + +/* GCC-specific attribute syntax; everyone else gets the standard C inline + * attribute. */ +#ifdef __GNU_C__ +# ifndef __clang__ +# define force_inline inline __attribute__((always_inline)) +# else +# define force_inline inline +# endif +#else +# define force_inline inline +#endif + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/compat.h b/3rdparty/everest/include/everest/kremlin/internal/compat.h new file mode 100644 index 000000000..a5b8889da --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/compat.h @@ -0,0 +1,34 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef KRML_COMPAT_H +#define KRML_COMPAT_H + +#include + +/* A series of macros that define C implementations of types that are not Low*, + * to facilitate porting programs to Low*. */ + +typedef const char *Prims_string; + +typedef struct { + uint32_t length; + const char *data; +} FStar_Bytes_bytes; + +typedef int32_t Prims_pos, Prims_nat, Prims_nonzero, Prims_int, + krml_checked_int_t; + +#define RETURN_OR(x) \ + do { \ + int64_t __ret = x; \ + if (__ret < INT32_MIN || INT32_MAX < __ret) { \ + KRML_HOST_PRINTF( \ + "Prims.{int,nat,pos} integer overflow at %s:%d\n", __FILE__, \ + __LINE__); \ + KRML_HOST_EXIT(252); \ + } \ + return (int32_t)__ret; \ + } while (0) + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/debug.h b/3rdparty/everest/include/everest/kremlin/internal/debug.h new file mode 100644 index 000000000..44ac22cd6 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/debug.h @@ -0,0 +1,57 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef __KREMLIN_DEBUG_H +#define __KREMLIN_DEBUG_H + +#include + +#include "kremlin/internal/target.h" + +/******************************************************************************/ +/* Debugging helpers - intended only for KreMLin developers */ +/******************************************************************************/ + +/* In support of "-wasm -d force-c": we might need this function to be + * forward-declared, because the dependency on WasmSupport appears very late, + * after SimplifyWasm, and sadly, after the topological order has been done. */ +void WasmSupport_check_buffer_size(uint32_t s); + +/* A series of GCC atrocities to trace function calls (kremlin's [-d c-calls] + * option). Useful when trying to debug, say, Wasm, to compare traces. */ +/* clang-format off */ +#ifdef __GNUC__ +#define KRML_FORMAT(X) _Generic((X), \ + uint8_t : "0x%08" PRIx8, \ + uint16_t: "0x%08" PRIx16, \ + uint32_t: "0x%08" PRIx32, \ + uint64_t: "0x%08" PRIx64, \ + int8_t : "0x%08" PRIx8, \ + int16_t : "0x%08" PRIx16, \ + int32_t : "0x%08" PRIx32, \ + int64_t : "0x%08" PRIx64, \ + default : "%s") + +#define KRML_FORMAT_ARG(X) _Generic((X), \ + uint8_t : X, \ + uint16_t: X, \ + uint32_t: X, \ + uint64_t: X, \ + int8_t : X, \ + int16_t : X, \ + int32_t : X, \ + int64_t : X, \ + default : "unknown") +/* clang-format on */ + +# define KRML_DEBUG_RETURN(X) \ + ({ \ + __auto_type _ret = (X); \ + KRML_HOST_PRINTF("returning: "); \ + KRML_HOST_PRINTF(KRML_FORMAT(_ret), KRML_FORMAT_ARG(_ret)); \ + KRML_HOST_PRINTF(" \n"); \ + _ret; \ + }) +#endif + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/target.h b/3rdparty/everest/include/everest/kremlin/internal/target.h new file mode 100644 index 000000000..b552f52b0 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/target.h @@ -0,0 +1,102 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef __KREMLIN_TARGET_H +#define __KREMLIN_TARGET_H + +#include +#include +#include +#include +#include + +#include "kremlin/internal/callconv.h" + +/******************************************************************************/ +/* Macros that KreMLin will generate. */ +/******************************************************************************/ + +/* For "bare" targets that do not have a C stdlib, the user might want to use + * [-add-early-include '"mydefinitions.h"'] and override these. */ +#ifndef KRML_HOST_PRINTF +# define KRML_HOST_PRINTF printf +#endif + +#if ( \ + (defined __STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) && \ + (!(defined KRML_HOST_EPRINTF))) +# define KRML_HOST_EPRINTF(...) fprintf(stderr, __VA_ARGS__) +#endif + +#ifndef KRML_HOST_EXIT +# define KRML_HOST_EXIT exit +#endif + +#ifndef KRML_HOST_MALLOC +# define KRML_HOST_MALLOC malloc +#endif + +#ifndef KRML_HOST_CALLOC +# define KRML_HOST_CALLOC calloc +#endif + +#ifndef KRML_HOST_FREE +# define KRML_HOST_FREE free +#endif + +#ifndef KRML_HOST_TIME + +# include + +/* Prims_nat not yet in scope */ +inline static int32_t krml_time() { + return (int32_t)time(NULL); +} + +# define KRML_HOST_TIME krml_time +#endif + +/* In statement position, exiting is easy. */ +#define KRML_EXIT \ + do { \ + KRML_HOST_PRINTF("Unimplemented function at %s:%d\n", __FILE__, __LINE__); \ + KRML_HOST_EXIT(254); \ + } while (0) + +/* In expression position, use the comma-operator and a malloc to return an + * expression of the right size. KreMLin passes t as the parameter to the macro. + */ +#define KRML_EABORT(t, msg) \ + (KRML_HOST_PRINTF("KreMLin abort at %s:%d\n%s\n", __FILE__, __LINE__, msg), \ + KRML_HOST_EXIT(255), *((t *)KRML_HOST_MALLOC(sizeof(t)))) + +/* In FStar.Buffer.fst, the size of arrays is uint32_t, but it's a number of + * *elements*. Do an ugly, run-time check (some of which KreMLin can eliminate). + */ + +#ifdef __GNUC__ +# define _KRML_CHECK_SIZE_PRAGMA \ + _Pragma("GCC diagnostic ignored \"-Wtype-limits\"") +#else +# define _KRML_CHECK_SIZE_PRAGMA +#endif + +#define KRML_CHECK_SIZE(size_elt, sz) \ + do { \ + _KRML_CHECK_SIZE_PRAGMA \ + if (((size_t)(sz)) > ((size_t)(SIZE_MAX / (size_elt)))) { \ + KRML_HOST_PRINTF( \ + "Maximum allocatable size exceeded, aborting before overflow at " \ + "%s:%d\n", \ + __FILE__, __LINE__); \ + KRML_HOST_EXIT(253); \ + } \ + } while (0) + +#if defined(_MSC_VER) && _MSC_VER < 1900 +# define KRML_HOST_SNPRINTF(buf, sz, fmt, arg) _snprintf_s(buf, sz, _TRUNCATE, fmt, arg) +#else +# define KRML_HOST_SNPRINTF(buf, sz, fmt, arg) snprintf(buf, sz, fmt, arg) +#endif + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/types.h b/3rdparty/everest/include/everest/kremlin/internal/types.h new file mode 100644 index 000000000..b936f00db --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/types.h @@ -0,0 +1,61 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +#ifndef KRML_TYPES_H +#define KRML_TYPES_H + +#include +#include +#include + +/* Types which are either abstract, meaning that have to be implemented in C, or + * which are models, meaning that they are swapped out at compile-time for + * hand-written C types (in which case they're marked as noextract). */ + +typedef uint64_t FStar_UInt64_t, FStar_UInt64_t_; +typedef int64_t FStar_Int64_t, FStar_Int64_t_; +typedef uint32_t FStar_UInt32_t, FStar_UInt32_t_; +typedef int32_t FStar_Int32_t, FStar_Int32_t_; +typedef uint16_t FStar_UInt16_t, FStar_UInt16_t_; +typedef int16_t FStar_Int16_t, FStar_Int16_t_; +typedef uint8_t FStar_UInt8_t, FStar_UInt8_t_; +typedef int8_t FStar_Int8_t, FStar_Int8_t_; + +/* Only useful when building Kremlib, because it's in the dependency graph of + * FStar.Int.Cast. */ +typedef uint64_t FStar_UInt63_t, FStar_UInt63_t_; +typedef int64_t FStar_Int63_t, FStar_Int63_t_; + +typedef double FStar_Float_float; +typedef uint32_t FStar_Char_char; +typedef FILE *FStar_IO_fd_read, *FStar_IO_fd_write; + +typedef void *FStar_Dyn_dyn; + +typedef const char *C_String_t, *C_String_t_; + +typedef int exit_code; +typedef FILE *channel; + +typedef unsigned long long TestLib_cycles; + +typedef uint64_t FStar_Date_dateTime, FStar_Date_timeSpan; + +/* The uint128 type is a special case since we offer several implementations of + * it, depending on the compiler and whether the user wants the verified + * implementation or not. */ +#if !defined(KRML_VERIFIED_UINT128) && defined(_MSC_VER) && defined(_M_X64) +# include +typedef __m128i FStar_UInt128_uint128; +#elif !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) +typedef unsigned __int128 FStar_UInt128_uint128; +#else +typedef struct FStar_UInt128_uint128_s { + uint64_t low; + uint64_t high; +} FStar_UInt128_uint128; +#endif + +typedef FStar_UInt128_uint128 FStar_UInt128_t, FStar_UInt128_t_, uint128_t; + +#endif diff --git a/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h b/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h new file mode 100644 index 000000000..b44fa3f75 --- /dev/null +++ b/3rdparty/everest/include/everest/kremlin/internal/wasmsupport.h @@ -0,0 +1,5 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file is automatically included when compiling with -wasm -d force-c */ +#define WasmSupport_check_buffer_size(X) diff --git a/3rdparty/everest/library/Hacl_Curve25519.c b/3rdparty/everest/library/Hacl_Curve25519.c new file mode 100644 index 000000000..450b9f8dd --- /dev/null +++ b/3rdparty/everest/library/Hacl_Curve25519.c @@ -0,0 +1,760 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: /mnt/e/everest/verify/kremlin/krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -fbuiltin-uint128 -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -I /mnt/e/everest/verify/hacl-star/code/lib/kremlin -I /mnt/e/everest/verify/kremlin/kremlib/compat -I /mnt/e/everest/verify/hacl-star/specs -I /mnt/e/everest/verify/hacl-star/specs/old -I . -ccopt -march=native -verbose -ldopt -flto -tmpdir x25519-c -I ../bignum -bundle Hacl.Curve25519=* -minimal -add-include "kremlib.h" -skip-compilation x25519-c/out.krml -o x25519-c/Hacl_Curve25519.c + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + +#include "Hacl_Curve25519.h" + +extern uint64_t FStar_UInt64_eq_mask(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_gte_mask(uint64_t x0, uint64_t x1); + +extern uint128_t FStar_UInt128_add(uint128_t x0, uint128_t x1); + +extern uint128_t FStar_UInt128_add_mod(uint128_t x0, uint128_t x1); + +extern uint128_t FStar_UInt128_logand(uint128_t x0, uint128_t x1); + +extern uint128_t FStar_UInt128_shift_right(uint128_t x0, uint32_t x1); + +extern uint128_t FStar_UInt128_uint64_to_uint128(uint64_t x0); + +extern uint64_t FStar_UInt128_uint128_to_uint64(uint128_t x0); + +extern uint128_t FStar_UInt128_mul_wide(uint64_t x0, uint64_t x1); + +static void Hacl_Bignum_Modulo_carry_top(uint64_t *b) +{ + uint64_t b4 = b[4U]; + uint64_t b0 = b[0U]; + uint64_t b4_ = b4 & (uint64_t)0x7ffffffffffffU; + uint64_t b0_ = b0 + (uint64_t)19U * (b4 >> (uint32_t)51U); + b[4U] = b4_; + b[0U] = b0_; +} + +inline static void Hacl_Bignum_Fproduct_copy_from_wide_(uint64_t *output, uint128_t *input) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint128_t xi = input[i]; + output[i] = (uint64_t)xi; + } +} + +inline static void +Hacl_Bignum_Fproduct_sum_scalar_multiplication_(uint128_t *output, uint64_t *input, uint64_t s) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint128_t xi = output[i]; + uint64_t yi = input[i]; + output[i] = xi + (uint128_t)yi * s; + } +} + +inline static void Hacl_Bignum_Fproduct_carry_wide_(uint128_t *tmp) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) + { + uint32_t ctr = i; + uint128_t tctr = tmp[ctr]; + uint128_t tctrp1 = tmp[ctr + (uint32_t)1U]; + uint64_t r0 = (uint64_t)tctr & (uint64_t)0x7ffffffffffffU; + uint128_t c = tctr >> (uint32_t)51U; + tmp[ctr] = (uint128_t)r0; + tmp[ctr + (uint32_t)1U] = tctrp1 + c; + } +} + +inline static void Hacl_Bignum_Fmul_shift_reduce(uint64_t *output) +{ + uint64_t tmp = output[4U]; + uint64_t b0; + { + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) + { + uint32_t ctr = (uint32_t)5U - i - (uint32_t)1U; + uint64_t z = output[ctr - (uint32_t)1U]; + output[ctr] = z; + } + } + output[0U] = tmp; + b0 = output[0U]; + output[0U] = (uint64_t)19U * b0; +} + +static void +Hacl_Bignum_Fmul_mul_shift_reduce_(uint128_t *output, uint64_t *input, uint64_t *input2) +{ + uint32_t i; + uint64_t input2i; + { + uint32_t i0; + for (i0 = (uint32_t)0U; i0 < (uint32_t)4U; i0 = i0 + (uint32_t)1U) + { + uint64_t input2i0 = input2[i0]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i0); + Hacl_Bignum_Fmul_shift_reduce(input); + } + } + i = (uint32_t)4U; + input2i = input2[i]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i); +} + +inline static void Hacl_Bignum_Fmul_fmul(uint64_t *output, uint64_t *input, uint64_t *input2) +{ + uint64_t tmp[5U] = { 0U }; + memcpy(tmp, input, (uint32_t)5U * sizeof input[0U]); + KRML_CHECK_SIZE(sizeof (uint128_t), (uint32_t)5U); + { + uint128_t t[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + t[_i] = (uint128_t)(uint64_t)0U; + } + { + uint128_t b4; + uint128_t b0; + uint128_t b4_; + uint128_t b0_; + uint64_t i0; + uint64_t i1; + uint64_t i0_; + uint64_t i1_; + Hacl_Bignum_Fmul_mul_shift_reduce_(t, tmp, input2); + Hacl_Bignum_Fproduct_carry_wide_(t); + b4 = t[4U]; + b0 = t[0U]; + b4_ = b4 & (uint128_t)(uint64_t)0x7ffffffffffffU; + b0_ = b0 + (uint128_t)(uint64_t)19U * (uint64_t)(b4 >> (uint32_t)51U); + t[4U] = b4_; + t[0U] = b0_; + Hacl_Bignum_Fproduct_copy_from_wide_(output, t); + i0 = output[0U]; + i1 = output[1U]; + i0_ = i0 & (uint64_t)0x7ffffffffffffU; + i1_ = i1 + (i0 >> (uint32_t)51U); + output[0U] = i0_; + output[1U] = i1_; + } + } +} + +inline static void Hacl_Bignum_Fsquare_fsquare__(uint128_t *tmp, uint64_t *output) +{ + uint64_t r0 = output[0U]; + uint64_t r1 = output[1U]; + uint64_t r2 = output[2U]; + uint64_t r3 = output[3U]; + uint64_t r4 = output[4U]; + uint64_t d0 = r0 * (uint64_t)2U; + uint64_t d1 = r1 * (uint64_t)2U; + uint64_t d2 = r2 * (uint64_t)2U * (uint64_t)19U; + uint64_t d419 = r4 * (uint64_t)19U; + uint64_t d4 = d419 * (uint64_t)2U; + uint128_t s0 = (uint128_t)r0 * r0 + (uint128_t)d4 * r1 + (uint128_t)d2 * r3; + uint128_t s1 = (uint128_t)d0 * r1 + (uint128_t)d4 * r2 + (uint128_t)(r3 * (uint64_t)19U) * r3; + uint128_t s2 = (uint128_t)d0 * r2 + (uint128_t)r1 * r1 + (uint128_t)d4 * r3; + uint128_t s3 = (uint128_t)d0 * r3 + (uint128_t)d1 * r2 + (uint128_t)r4 * d419; + uint128_t s4 = (uint128_t)d0 * r4 + (uint128_t)d1 * r3 + (uint128_t)r2 * r2; + tmp[0U] = s0; + tmp[1U] = s1; + tmp[2U] = s2; + tmp[3U] = s3; + tmp[4U] = s4; +} + +inline static void Hacl_Bignum_Fsquare_fsquare_(uint128_t *tmp, uint64_t *output) +{ + uint128_t b4; + uint128_t b0; + uint128_t b4_; + uint128_t b0_; + uint64_t i0; + uint64_t i1; + uint64_t i0_; + uint64_t i1_; + Hacl_Bignum_Fsquare_fsquare__(tmp, output); + Hacl_Bignum_Fproduct_carry_wide_(tmp); + b4 = tmp[4U]; + b0 = tmp[0U]; + b4_ = b4 & (uint128_t)(uint64_t)0x7ffffffffffffU; + b0_ = b0 + (uint128_t)(uint64_t)19U * (uint64_t)(b4 >> (uint32_t)51U); + tmp[4U] = b4_; + tmp[0U] = b0_; + Hacl_Bignum_Fproduct_copy_from_wide_(output, tmp); + i0 = output[0U]; + i1 = output[1U]; + i0_ = i0 & (uint64_t)0x7ffffffffffffU; + i1_ = i1 + (i0 >> (uint32_t)51U); + output[0U] = i0_; + output[1U] = i1_; +} + +static void +Hacl_Bignum_Fsquare_fsquare_times_(uint64_t *input, uint128_t *tmp, uint32_t count1) +{ + uint32_t i; + Hacl_Bignum_Fsquare_fsquare_(tmp, input); + for (i = (uint32_t)1U; i < count1; i = i + (uint32_t)1U) + Hacl_Bignum_Fsquare_fsquare_(tmp, input); +} + +inline static void +Hacl_Bignum_Fsquare_fsquare_times(uint64_t *output, uint64_t *input, uint32_t count1) +{ + KRML_CHECK_SIZE(sizeof (uint128_t), (uint32_t)5U); + { + uint128_t t[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + t[_i] = (uint128_t)(uint64_t)0U; + } + memcpy(output, input, (uint32_t)5U * sizeof input[0U]); + Hacl_Bignum_Fsquare_fsquare_times_(output, t, count1); + } +} + +inline static void Hacl_Bignum_Fsquare_fsquare_times_inplace(uint64_t *output, uint32_t count1) +{ + KRML_CHECK_SIZE(sizeof (uint128_t), (uint32_t)5U); + { + uint128_t t[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + t[_i] = (uint128_t)(uint64_t)0U; + } + Hacl_Bignum_Fsquare_fsquare_times_(output, t, count1); + } +} + +inline static void Hacl_Bignum_Crecip_crecip(uint64_t *out, uint64_t *z) +{ + uint64_t buf[20U] = { 0U }; + uint64_t *a0 = buf; + uint64_t *t00 = buf + (uint32_t)5U; + uint64_t *b0 = buf + (uint32_t)10U; + uint64_t *t01; + uint64_t *b1; + uint64_t *c0; + uint64_t *a; + uint64_t *t0; + uint64_t *b; + uint64_t *c; + Hacl_Bignum_Fsquare_fsquare_times(a0, z, (uint32_t)1U); + Hacl_Bignum_Fsquare_fsquare_times(t00, a0, (uint32_t)2U); + Hacl_Bignum_Fmul_fmul(b0, t00, z); + Hacl_Bignum_Fmul_fmul(a0, b0, a0); + Hacl_Bignum_Fsquare_fsquare_times(t00, a0, (uint32_t)1U); + Hacl_Bignum_Fmul_fmul(b0, t00, b0); + Hacl_Bignum_Fsquare_fsquare_times(t00, b0, (uint32_t)5U); + t01 = buf + (uint32_t)5U; + b1 = buf + (uint32_t)10U; + c0 = buf + (uint32_t)15U; + Hacl_Bignum_Fmul_fmul(b1, t01, b1); + Hacl_Bignum_Fsquare_fsquare_times(t01, b1, (uint32_t)10U); + Hacl_Bignum_Fmul_fmul(c0, t01, b1); + Hacl_Bignum_Fsquare_fsquare_times(t01, c0, (uint32_t)20U); + Hacl_Bignum_Fmul_fmul(t01, t01, c0); + Hacl_Bignum_Fsquare_fsquare_times_inplace(t01, (uint32_t)10U); + Hacl_Bignum_Fmul_fmul(b1, t01, b1); + Hacl_Bignum_Fsquare_fsquare_times(t01, b1, (uint32_t)50U); + a = buf; + t0 = buf + (uint32_t)5U; + b = buf + (uint32_t)10U; + c = buf + (uint32_t)15U; + Hacl_Bignum_Fmul_fmul(c, t0, b); + Hacl_Bignum_Fsquare_fsquare_times(t0, c, (uint32_t)100U); + Hacl_Bignum_Fmul_fmul(t0, t0, c); + Hacl_Bignum_Fsquare_fsquare_times_inplace(t0, (uint32_t)50U); + Hacl_Bignum_Fmul_fmul(t0, t0, b); + Hacl_Bignum_Fsquare_fsquare_times_inplace(t0, (uint32_t)5U); + Hacl_Bignum_Fmul_fmul(out, t0, a); +} + +inline static void Hacl_Bignum_fsum(uint64_t *a, uint64_t *b) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint64_t xi = a[i]; + uint64_t yi = b[i]; + a[i] = xi + yi; + } +} + +inline static void Hacl_Bignum_fdifference(uint64_t *a, uint64_t *b) +{ + uint64_t tmp[5U] = { 0U }; + uint64_t b0; + uint64_t b1; + uint64_t b2; + uint64_t b3; + uint64_t b4; + memcpy(tmp, b, (uint32_t)5U * sizeof b[0U]); + b0 = tmp[0U]; + b1 = tmp[1U]; + b2 = tmp[2U]; + b3 = tmp[3U]; + b4 = tmp[4U]; + tmp[0U] = b0 + (uint64_t)0x3fffffffffff68U; + tmp[1U] = b1 + (uint64_t)0x3ffffffffffff8U; + tmp[2U] = b2 + (uint64_t)0x3ffffffffffff8U; + tmp[3U] = b3 + (uint64_t)0x3ffffffffffff8U; + tmp[4U] = b4 + (uint64_t)0x3ffffffffffff8U; + { + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint64_t xi = a[i]; + uint64_t yi = tmp[i]; + a[i] = yi - xi; + } + } +} + +inline static void Hacl_Bignum_fscalar(uint64_t *output, uint64_t *b, uint64_t s) +{ + KRML_CHECK_SIZE(sizeof (uint128_t), (uint32_t)5U); + { + uint128_t tmp[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + tmp[_i] = (uint128_t)(uint64_t)0U; + } + { + uint128_t b4; + uint128_t b0; + uint128_t b4_; + uint128_t b0_; + { + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint64_t xi = b[i]; + tmp[i] = (uint128_t)xi * s; + } + } + Hacl_Bignum_Fproduct_carry_wide_(tmp); + b4 = tmp[4U]; + b0 = tmp[0U]; + b4_ = b4 & (uint128_t)(uint64_t)0x7ffffffffffffU; + b0_ = b0 + (uint128_t)(uint64_t)19U * (uint64_t)(b4 >> (uint32_t)51U); + tmp[4U] = b4_; + tmp[0U] = b0_; + Hacl_Bignum_Fproduct_copy_from_wide_(output, tmp); + } + } +} + +inline static void Hacl_Bignum_fmul(uint64_t *output, uint64_t *a, uint64_t *b) +{ + Hacl_Bignum_Fmul_fmul(output, a, b); +} + +inline static void Hacl_Bignum_crecip(uint64_t *output, uint64_t *input) +{ + Hacl_Bignum_Crecip_crecip(output, input); +} + +static void +Hacl_EC_Point_swap_conditional_step(uint64_t *a, uint64_t *b, uint64_t swap1, uint32_t ctr) +{ + uint32_t i = ctr - (uint32_t)1U; + uint64_t ai = a[i]; + uint64_t bi = b[i]; + uint64_t x = swap1 & (ai ^ bi); + uint64_t ai1 = ai ^ x; + uint64_t bi1 = bi ^ x; + a[i] = ai1; + b[i] = bi1; +} + +static void +Hacl_EC_Point_swap_conditional_(uint64_t *a, uint64_t *b, uint64_t swap1, uint32_t ctr) +{ + if (!(ctr == (uint32_t)0U)) + { + uint32_t i; + Hacl_EC_Point_swap_conditional_step(a, b, swap1, ctr); + i = ctr - (uint32_t)1U; + Hacl_EC_Point_swap_conditional_(a, b, swap1, i); + } +} + +static void Hacl_EC_Point_swap_conditional(uint64_t *a, uint64_t *b, uint64_t iswap) +{ + uint64_t swap1 = (uint64_t)0U - iswap; + Hacl_EC_Point_swap_conditional_(a, b, swap1, (uint32_t)5U); + Hacl_EC_Point_swap_conditional_(a + (uint32_t)5U, b + (uint32_t)5U, swap1, (uint32_t)5U); +} + +static void Hacl_EC_Point_copy(uint64_t *output, uint64_t *input) +{ + memcpy(output, input, (uint32_t)5U * sizeof input[0U]); + memcpy(output + (uint32_t)5U, + input + (uint32_t)5U, + (uint32_t)5U * sizeof (input + (uint32_t)5U)[0U]); +} + +static void Hacl_EC_Format_fexpand(uint64_t *output, uint8_t *input) +{ + uint64_t i0 = load64_le(input); + uint8_t *x00 = input + (uint32_t)6U; + uint64_t i1 = load64_le(x00); + uint8_t *x01 = input + (uint32_t)12U; + uint64_t i2 = load64_le(x01); + uint8_t *x02 = input + (uint32_t)19U; + uint64_t i3 = load64_le(x02); + uint8_t *x0 = input + (uint32_t)24U; + uint64_t i4 = load64_le(x0); + uint64_t output0 = i0 & (uint64_t)0x7ffffffffffffU; + uint64_t output1 = i1 >> (uint32_t)3U & (uint64_t)0x7ffffffffffffU; + uint64_t output2 = i2 >> (uint32_t)6U & (uint64_t)0x7ffffffffffffU; + uint64_t output3 = i3 >> (uint32_t)1U & (uint64_t)0x7ffffffffffffU; + uint64_t output4 = i4 >> (uint32_t)12U & (uint64_t)0x7ffffffffffffU; + output[0U] = output0; + output[1U] = output1; + output[2U] = output2; + output[3U] = output3; + output[4U] = output4; +} + +static void Hacl_EC_Format_fcontract_first_carry_pass(uint64_t *input) +{ + uint64_t t0 = input[0U]; + uint64_t t1 = input[1U]; + uint64_t t2 = input[2U]; + uint64_t t3 = input[3U]; + uint64_t t4 = input[4U]; + uint64_t t1_ = t1 + (t0 >> (uint32_t)51U); + uint64_t t0_ = t0 & (uint64_t)0x7ffffffffffffU; + uint64_t t2_ = t2 + (t1_ >> (uint32_t)51U); + uint64_t t1__ = t1_ & (uint64_t)0x7ffffffffffffU; + uint64_t t3_ = t3 + (t2_ >> (uint32_t)51U); + uint64_t t2__ = t2_ & (uint64_t)0x7ffffffffffffU; + uint64_t t4_ = t4 + (t3_ >> (uint32_t)51U); + uint64_t t3__ = t3_ & (uint64_t)0x7ffffffffffffU; + input[0U] = t0_; + input[1U] = t1__; + input[2U] = t2__; + input[3U] = t3__; + input[4U] = t4_; +} + +static void Hacl_EC_Format_fcontract_first_carry_full(uint64_t *input) +{ + Hacl_EC_Format_fcontract_first_carry_pass(input); + Hacl_Bignum_Modulo_carry_top(input); +} + +static void Hacl_EC_Format_fcontract_second_carry_pass(uint64_t *input) +{ + uint64_t t0 = input[0U]; + uint64_t t1 = input[1U]; + uint64_t t2 = input[2U]; + uint64_t t3 = input[3U]; + uint64_t t4 = input[4U]; + uint64_t t1_ = t1 + (t0 >> (uint32_t)51U); + uint64_t t0_ = t0 & (uint64_t)0x7ffffffffffffU; + uint64_t t2_ = t2 + (t1_ >> (uint32_t)51U); + uint64_t t1__ = t1_ & (uint64_t)0x7ffffffffffffU; + uint64_t t3_ = t3 + (t2_ >> (uint32_t)51U); + uint64_t t2__ = t2_ & (uint64_t)0x7ffffffffffffU; + uint64_t t4_ = t4 + (t3_ >> (uint32_t)51U); + uint64_t t3__ = t3_ & (uint64_t)0x7ffffffffffffU; + input[0U] = t0_; + input[1U] = t1__; + input[2U] = t2__; + input[3U] = t3__; + input[4U] = t4_; +} + +static void Hacl_EC_Format_fcontract_second_carry_full(uint64_t *input) +{ + uint64_t i0; + uint64_t i1; + uint64_t i0_; + uint64_t i1_; + Hacl_EC_Format_fcontract_second_carry_pass(input); + Hacl_Bignum_Modulo_carry_top(input); + i0 = input[0U]; + i1 = input[1U]; + i0_ = i0 & (uint64_t)0x7ffffffffffffU; + i1_ = i1 + (i0 >> (uint32_t)51U); + input[0U] = i0_; + input[1U] = i1_; +} + +static void Hacl_EC_Format_fcontract_trim(uint64_t *input) +{ + uint64_t a0 = input[0U]; + uint64_t a1 = input[1U]; + uint64_t a2 = input[2U]; + uint64_t a3 = input[3U]; + uint64_t a4 = input[4U]; + uint64_t mask0 = FStar_UInt64_gte_mask(a0, (uint64_t)0x7ffffffffffedU); + uint64_t mask1 = FStar_UInt64_eq_mask(a1, (uint64_t)0x7ffffffffffffU); + uint64_t mask2 = FStar_UInt64_eq_mask(a2, (uint64_t)0x7ffffffffffffU); + uint64_t mask3 = FStar_UInt64_eq_mask(a3, (uint64_t)0x7ffffffffffffU); + uint64_t mask4 = FStar_UInt64_eq_mask(a4, (uint64_t)0x7ffffffffffffU); + uint64_t mask = (((mask0 & mask1) & mask2) & mask3) & mask4; + uint64_t a0_ = a0 - ((uint64_t)0x7ffffffffffedU & mask); + uint64_t a1_ = a1 - ((uint64_t)0x7ffffffffffffU & mask); + uint64_t a2_ = a2 - ((uint64_t)0x7ffffffffffffU & mask); + uint64_t a3_ = a3 - ((uint64_t)0x7ffffffffffffU & mask); + uint64_t a4_ = a4 - ((uint64_t)0x7ffffffffffffU & mask); + input[0U] = a0_; + input[1U] = a1_; + input[2U] = a2_; + input[3U] = a3_; + input[4U] = a4_; +} + +static void Hacl_EC_Format_fcontract_store(uint8_t *output, uint64_t *input) +{ + uint64_t t0 = input[0U]; + uint64_t t1 = input[1U]; + uint64_t t2 = input[2U]; + uint64_t t3 = input[3U]; + uint64_t t4 = input[4U]; + uint64_t o0 = t1 << (uint32_t)51U | t0; + uint64_t o1 = t2 << (uint32_t)38U | t1 >> (uint32_t)13U; + uint64_t o2 = t3 << (uint32_t)25U | t2 >> (uint32_t)26U; + uint64_t o3 = t4 << (uint32_t)12U | t3 >> (uint32_t)39U; + uint8_t *b0 = output; + uint8_t *b1 = output + (uint32_t)8U; + uint8_t *b2 = output + (uint32_t)16U; + uint8_t *b3 = output + (uint32_t)24U; + store64_le(b0, o0); + store64_le(b1, o1); + store64_le(b2, o2); + store64_le(b3, o3); +} + +static void Hacl_EC_Format_fcontract(uint8_t *output, uint64_t *input) +{ + Hacl_EC_Format_fcontract_first_carry_full(input); + Hacl_EC_Format_fcontract_second_carry_full(input); + Hacl_EC_Format_fcontract_trim(input); + Hacl_EC_Format_fcontract_store(output, input); +} + +static void Hacl_EC_Format_scalar_of_point(uint8_t *scalar, uint64_t *point) +{ + uint64_t *x = point; + uint64_t *z = point + (uint32_t)5U; + uint64_t buf[10U] = { 0U }; + uint64_t *zmone = buf; + uint64_t *sc = buf + (uint32_t)5U; + Hacl_Bignum_crecip(zmone, z); + Hacl_Bignum_fmul(sc, x, zmone); + Hacl_EC_Format_fcontract(scalar, sc); +} + +static void +Hacl_EC_AddAndDouble_fmonty( + uint64_t *pp, + uint64_t *ppq, + uint64_t *p, + uint64_t *pq, + uint64_t *qmqp +) +{ + uint64_t *qx = qmqp; + uint64_t *x2 = pp; + uint64_t *z2 = pp + (uint32_t)5U; + uint64_t *x3 = ppq; + uint64_t *z3 = ppq + (uint32_t)5U; + uint64_t *x = p; + uint64_t *z = p + (uint32_t)5U; + uint64_t *xprime = pq; + uint64_t *zprime = pq + (uint32_t)5U; + uint64_t buf[40U] = { 0U }; + uint64_t *origx = buf; + uint64_t *origxprime0 = buf + (uint32_t)5U; + uint64_t *xxprime0 = buf + (uint32_t)25U; + uint64_t *zzprime0 = buf + (uint32_t)30U; + uint64_t *origxprime; + uint64_t *xx0; + uint64_t *zz0; + uint64_t *xxprime; + uint64_t *zzprime; + uint64_t *zzzprime; + uint64_t *zzz; + uint64_t *xx; + uint64_t *zz; + uint64_t scalar; + memcpy(origx, x, (uint32_t)5U * sizeof x[0U]); + Hacl_Bignum_fsum(x, z); + Hacl_Bignum_fdifference(z, origx); + memcpy(origxprime0, xprime, (uint32_t)5U * sizeof xprime[0U]); + Hacl_Bignum_fsum(xprime, zprime); + Hacl_Bignum_fdifference(zprime, origxprime0); + Hacl_Bignum_fmul(xxprime0, xprime, z); + Hacl_Bignum_fmul(zzprime0, x, zprime); + origxprime = buf + (uint32_t)5U; + xx0 = buf + (uint32_t)15U; + zz0 = buf + (uint32_t)20U; + xxprime = buf + (uint32_t)25U; + zzprime = buf + (uint32_t)30U; + zzzprime = buf + (uint32_t)35U; + memcpy(origxprime, xxprime, (uint32_t)5U * sizeof xxprime[0U]); + Hacl_Bignum_fsum(xxprime, zzprime); + Hacl_Bignum_fdifference(zzprime, origxprime); + Hacl_Bignum_Fsquare_fsquare_times(x3, xxprime, (uint32_t)1U); + Hacl_Bignum_Fsquare_fsquare_times(zzzprime, zzprime, (uint32_t)1U); + Hacl_Bignum_fmul(z3, zzzprime, qx); + Hacl_Bignum_Fsquare_fsquare_times(xx0, x, (uint32_t)1U); + Hacl_Bignum_Fsquare_fsquare_times(zz0, z, (uint32_t)1U); + zzz = buf + (uint32_t)10U; + xx = buf + (uint32_t)15U; + zz = buf + (uint32_t)20U; + Hacl_Bignum_fmul(x2, xx, zz); + Hacl_Bignum_fdifference(zz, xx); + scalar = (uint64_t)121665U; + Hacl_Bignum_fscalar(zzz, zz, scalar); + Hacl_Bignum_fsum(zzz, xx); + Hacl_Bignum_fmul(z2, zzz, zz); +} + +static void +Hacl_EC_Ladder_SmallLoop_cmult_small_loop_step( + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint8_t byt +) +{ + uint64_t bit0 = (uint64_t)(byt >> (uint32_t)7U); + uint64_t bit; + Hacl_EC_Point_swap_conditional(nq, nqpq, bit0); + Hacl_EC_AddAndDouble_fmonty(nq2, nqpq2, nq, nqpq, q); + bit = (uint64_t)(byt >> (uint32_t)7U); + Hacl_EC_Point_swap_conditional(nq2, nqpq2, bit); +} + +static void +Hacl_EC_Ladder_SmallLoop_cmult_small_loop_double_step( + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint8_t byt +) +{ + uint8_t byt1; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop_step(nq, nqpq, nq2, nqpq2, q, byt); + byt1 = byt << (uint32_t)1U; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop_step(nq2, nqpq2, nq, nqpq, q, byt1); +} + +static void +Hacl_EC_Ladder_SmallLoop_cmult_small_loop( + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint8_t byt, + uint32_t i +) +{ + if (!(i == (uint32_t)0U)) + { + uint32_t i_ = i - (uint32_t)1U; + uint8_t byt_; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop_double_step(nq, nqpq, nq2, nqpq2, q, byt); + byt_ = byt << (uint32_t)2U; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop(nq, nqpq, nq2, nqpq2, q, byt_, i_); + } +} + +static void +Hacl_EC_Ladder_BigLoop_cmult_big_loop( + uint8_t *n1, + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint32_t i +) +{ + if (!(i == (uint32_t)0U)) + { + uint32_t i1 = i - (uint32_t)1U; + uint8_t byte = n1[i1]; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop(nq, nqpq, nq2, nqpq2, q, byte, (uint32_t)4U); + Hacl_EC_Ladder_BigLoop_cmult_big_loop(n1, nq, nqpq, nq2, nqpq2, q, i1); + } +} + +static void Hacl_EC_Ladder_cmult(uint64_t *result, uint8_t *n1, uint64_t *q) +{ + uint64_t point_buf[40U] = { 0U }; + uint64_t *nq = point_buf; + uint64_t *nqpq = point_buf + (uint32_t)10U; + uint64_t *nq2 = point_buf + (uint32_t)20U; + uint64_t *nqpq2 = point_buf + (uint32_t)30U; + Hacl_EC_Point_copy(nqpq, q); + nq[0U] = (uint64_t)1U; + Hacl_EC_Ladder_BigLoop_cmult_big_loop(n1, nq, nqpq, nq2, nqpq2, q, (uint32_t)32U); + Hacl_EC_Point_copy(result, nq); +} + +void Hacl_Curve25519_crypto_scalarmult(uint8_t *mypublic, uint8_t *secret, uint8_t *basepoint) +{ + uint64_t buf0[10U] = { 0U }; + uint64_t *x0 = buf0; + uint64_t *z = buf0 + (uint32_t)5U; + uint64_t *q; + Hacl_EC_Format_fexpand(x0, basepoint); + z[0U] = (uint64_t)1U; + q = buf0; + { + uint8_t e[32U] = { 0U }; + uint8_t e0; + uint8_t e31; + uint8_t e01; + uint8_t e311; + uint8_t e312; + uint8_t *scalar; + memcpy(e, secret, (uint32_t)32U * sizeof secret[0U]); + e0 = e[0U]; + e31 = e[31U]; + e01 = e0 & (uint8_t)248U; + e311 = e31 & (uint8_t)127U; + e312 = e311 | (uint8_t)64U; + e[0U] = e01; + e[31U] = e312; + scalar = e; + { + uint64_t buf[15U] = { 0U }; + uint64_t *nq = buf; + uint64_t *x = nq; + x[0U] = (uint64_t)1U; + Hacl_EC_Ladder_cmult(nq, scalar, q); + Hacl_EC_Format_scalar_of_point(mypublic, nq); + } + } +} + diff --git a/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c b/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c new file mode 100644 index 000000000..1060515d9 --- /dev/null +++ b/3rdparty/everest/library/kremlib/FStar_UInt128_extracted.c @@ -0,0 +1,413 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: ../krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrB9w -minimal -fparentheses -fcurly-braces -fno-shadow -header copyright-header.txt -minimal -tmpdir extracted -warn-error +9+11 -skip-compilation -extract-uints -add-include -add-include "kremlib.h" -add-include "kremlin/internal/compat.h" extracted/prims.krml extracted/FStar_Pervasives_Native.krml extracted/FStar_Pervasives.krml extracted/FStar_Mul.krml extracted/FStar_Squash.krml extracted/FStar_Classical.krml extracted/FStar_StrongExcludedMiddle.krml extracted/FStar_FunctionalExtensionality.krml extracted/FStar_List_Tot_Base.krml extracted/FStar_List_Tot_Properties.krml extracted/FStar_List_Tot.krml extracted/FStar_Seq_Base.krml extracted/FStar_Seq_Properties.krml extracted/FStar_Seq.krml extracted/FStar_Math_Lib.krml extracted/FStar_Math_Lemmas.krml extracted/FStar_BitVector.krml extracted/FStar_UInt.krml extracted/FStar_UInt32.krml extracted/FStar_Int.krml extracted/FStar_Int16.krml extracted/FStar_Preorder.krml extracted/FStar_Ghost.krml extracted/FStar_ErasedLogic.krml extracted/FStar_UInt64.krml extracted/FStar_Set.krml extracted/FStar_PropositionalExtensionality.krml extracted/FStar_PredicateExtensionality.krml extracted/FStar_TSet.krml extracted/FStar_Monotonic_Heap.krml extracted/FStar_Heap.krml extracted/FStar_Map.krml extracted/FStar_Monotonic_HyperHeap.krml extracted/FStar_Monotonic_HyperStack.krml extracted/FStar_HyperStack.krml extracted/FStar_Monotonic_Witnessed.krml extracted/FStar_HyperStack_ST.krml extracted/FStar_HyperStack_All.krml extracted/FStar_Date.krml extracted/FStar_Universe.krml extracted/FStar_GSet.krml extracted/FStar_ModifiesGen.krml extracted/LowStar_Monotonic_Buffer.krml extracted/LowStar_Buffer.krml extracted/Spec_Loops.krml extracted/LowStar_BufferOps.krml extracted/C_Loops.krml extracted/FStar_UInt8.krml extracted/FStar_Kremlin_Endianness.krml extracted/FStar_UInt63.krml extracted/FStar_Exn.krml extracted/FStar_ST.krml extracted/FStar_All.krml extracted/FStar_Dyn.krml extracted/FStar_Int63.krml extracted/FStar_Int64.krml extracted/FStar_Int32.krml extracted/FStar_Int8.krml extracted/FStar_UInt16.krml extracted/FStar_Int_Cast.krml extracted/FStar_UInt128.krml extracted/C_Endianness.krml extracted/FStar_List.krml extracted/FStar_Float.krml extracted/FStar_IO.krml extracted/C.krml extracted/FStar_Char.krml extracted/FStar_String.krml extracted/LowStar_Modifies.krml extracted/C_String.krml extracted/FStar_Bytes.krml extracted/FStar_HyperStack_IO.krml extracted/C_Failure.krml extracted/TestLib.krml extracted/FStar_Int_Cast_Full.krml + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + +#include "FStar_UInt128.h" +#include "kremlin/c_endianness.h" +#include "FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h" + +uint64_t FStar_UInt128___proj__Mkuint128__item__low(FStar_UInt128_uint128 projectee) +{ + return projectee.low; +} + +uint64_t FStar_UInt128___proj__Mkuint128__item__high(FStar_UInt128_uint128 projectee) +{ + return projectee.high; +} + +static uint64_t FStar_UInt128_constant_time_carry(uint64_t a, uint64_t b) +{ + return (a ^ ((a ^ b) | ((a - b) ^ b))) >> (uint32_t)63U; +} + +static uint64_t FStar_UInt128_carry(uint64_t a, uint64_t b) +{ + return FStar_UInt128_constant_time_carry(a, b); +} + +FStar_UInt128_uint128 FStar_UInt128_add(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = { a.low + b.low, a.high + b.high + FStar_UInt128_carry(a.low + b.low, b.low) }; + return flat; +} + +FStar_UInt128_uint128 +FStar_UInt128_add_underspec(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = { a.low + b.low, a.high + b.high + FStar_UInt128_carry(a.low + b.low, b.low) }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_add_mod(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = { a.low + b.low, a.high + b.high + FStar_UInt128_carry(a.low + b.low, b.low) }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_sub(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = { a.low - b.low, a.high - b.high - FStar_UInt128_carry(a.low, a.low - b.low) }; + return flat; +} + +FStar_UInt128_uint128 +FStar_UInt128_sub_underspec(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = { a.low - b.low, a.high - b.high - FStar_UInt128_carry(a.low, a.low - b.low) }; + return flat; +} + +static FStar_UInt128_uint128 +FStar_UInt128_sub_mod_impl(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = { a.low - b.low, a.high - b.high - FStar_UInt128_carry(a.low, a.low - b.low) }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_sub_mod(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + return FStar_UInt128_sub_mod_impl(a, b); +} + +FStar_UInt128_uint128 FStar_UInt128_logand(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 flat = { a.low & b.low, a.high & b.high }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_logxor(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 flat = { a.low ^ b.low, a.high ^ b.high }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_logor(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 flat = { a.low | b.low, a.high | b.high }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_lognot(FStar_UInt128_uint128 a) +{ + FStar_UInt128_uint128 flat = { ~a.low, ~a.high }; + return flat; +} + +static uint32_t FStar_UInt128_u32_64 = (uint32_t)64U; + +static uint64_t FStar_UInt128_add_u64_shift_left(uint64_t hi, uint64_t lo, uint32_t s) +{ + return (hi << s) + (lo >> (FStar_UInt128_u32_64 - s)); +} + +static uint64_t FStar_UInt128_add_u64_shift_left_respec(uint64_t hi, uint64_t lo, uint32_t s) +{ + return FStar_UInt128_add_u64_shift_left(hi, lo, s); +} + +static FStar_UInt128_uint128 +FStar_UInt128_shift_left_small(FStar_UInt128_uint128 a, uint32_t s) +{ + if (s == (uint32_t)0U) + { + return a; + } + else + { + FStar_UInt128_uint128 + flat = { a.low << s, FStar_UInt128_add_u64_shift_left_respec(a.high, a.low, s) }; + return flat; + } +} + +static FStar_UInt128_uint128 +FStar_UInt128_shift_left_large(FStar_UInt128_uint128 a, uint32_t s) +{ + FStar_UInt128_uint128 flat = { (uint64_t)0U, a.low << (s - FStar_UInt128_u32_64) }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_shift_left(FStar_UInt128_uint128 a, uint32_t s) +{ + if (s < FStar_UInt128_u32_64) + { + return FStar_UInt128_shift_left_small(a, s); + } + else + { + return FStar_UInt128_shift_left_large(a, s); + } +} + +static uint64_t FStar_UInt128_add_u64_shift_right(uint64_t hi, uint64_t lo, uint32_t s) +{ + return (lo >> s) + (hi << (FStar_UInt128_u32_64 - s)); +} + +static uint64_t FStar_UInt128_add_u64_shift_right_respec(uint64_t hi, uint64_t lo, uint32_t s) +{ + return FStar_UInt128_add_u64_shift_right(hi, lo, s); +} + +static FStar_UInt128_uint128 +FStar_UInt128_shift_right_small(FStar_UInt128_uint128 a, uint32_t s) +{ + if (s == (uint32_t)0U) + { + return a; + } + else + { + FStar_UInt128_uint128 + flat = { FStar_UInt128_add_u64_shift_right_respec(a.high, a.low, s), a.high >> s }; + return flat; + } +} + +static FStar_UInt128_uint128 +FStar_UInt128_shift_right_large(FStar_UInt128_uint128 a, uint32_t s) +{ + FStar_UInt128_uint128 flat = { a.high >> (s - FStar_UInt128_u32_64), (uint64_t)0U }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_shift_right(FStar_UInt128_uint128 a, uint32_t s) +{ + if (s < FStar_UInt128_u32_64) + { + return FStar_UInt128_shift_right_small(a, s); + } + else + { + return FStar_UInt128_shift_right_large(a, s); + } +} + +bool FStar_UInt128_eq(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + return a.low == b.low && a.high == b.high; +} + +bool FStar_UInt128_gt(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + return a.high > b.high || (a.high == b.high && a.low > b.low); +} + +bool FStar_UInt128_lt(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + return a.high < b.high || (a.high == b.high && a.low < b.low); +} + +bool FStar_UInt128_gte(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + return a.high > b.high || (a.high == b.high && a.low >= b.low); +} + +bool FStar_UInt128_lte(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + return a.high < b.high || (a.high == b.high && a.low <= b.low); +} + +FStar_UInt128_uint128 FStar_UInt128_eq_mask(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = + { + FStar_UInt64_eq_mask(a.low, + b.low) + & FStar_UInt64_eq_mask(a.high, b.high), + FStar_UInt64_eq_mask(a.low, + b.low) + & FStar_UInt64_eq_mask(a.high, b.high) + }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_gte_mask(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b) +{ + FStar_UInt128_uint128 + flat = + { + (FStar_UInt64_gte_mask(a.high, b.high) & ~FStar_UInt64_eq_mask(a.high, b.high)) + | (FStar_UInt64_eq_mask(a.high, b.high) & FStar_UInt64_gte_mask(a.low, b.low)), + (FStar_UInt64_gte_mask(a.high, b.high) & ~FStar_UInt64_eq_mask(a.high, b.high)) + | (FStar_UInt64_eq_mask(a.high, b.high) & FStar_UInt64_gte_mask(a.low, b.low)) + }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_uint64_to_uint128(uint64_t a) +{ + FStar_UInt128_uint128 flat = { a, (uint64_t)0U }; + return flat; +} + +uint64_t FStar_UInt128_uint128_to_uint64(FStar_UInt128_uint128 a) +{ + return a.low; +} + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Plus_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_add; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Plus_Question_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_add_underspec; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Plus_Percent_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_add_mod; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Subtraction_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_sub; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Subtraction_Question_Hat)( + FStar_UInt128_uint128 x0, + FStar_UInt128_uint128 x1 +) = FStar_UInt128_sub_underspec; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Subtraction_Percent_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_sub_mod; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Amp_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_logand; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Hat_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_logxor; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Bar_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_logor; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Less_Less_Hat)(FStar_UInt128_uint128 x0, uint32_t x1) = + FStar_UInt128_shift_left; + +FStar_UInt128_uint128 +(*FStar_UInt128_op_Greater_Greater_Hat)(FStar_UInt128_uint128 x0, uint32_t x1) = + FStar_UInt128_shift_right; + +bool +(*FStar_UInt128_op_Equals_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_eq; + +bool +(*FStar_UInt128_op_Greater_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_gt; + +bool +(*FStar_UInt128_op_Less_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_lt; + +bool +(*FStar_UInt128_op_Greater_Equals_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_gte; + +bool +(*FStar_UInt128_op_Less_Equals_Hat)(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1) = + FStar_UInt128_lte; + +static uint64_t FStar_UInt128_u64_mod_32(uint64_t a) +{ + return a & (uint64_t)0xffffffffU; +} + +static uint32_t FStar_UInt128_u32_32 = (uint32_t)32U; + +static uint64_t FStar_UInt128_u32_combine(uint64_t hi, uint64_t lo) +{ + return lo + (hi << FStar_UInt128_u32_32); +} + +FStar_UInt128_uint128 FStar_UInt128_mul32(uint64_t x, uint32_t y) +{ + FStar_UInt128_uint128 + flat = + { + FStar_UInt128_u32_combine((x >> FStar_UInt128_u32_32) + * (uint64_t)y + + (FStar_UInt128_u64_mod_32(x) * (uint64_t)y >> FStar_UInt128_u32_32), + FStar_UInt128_u64_mod_32(FStar_UInt128_u64_mod_32(x) * (uint64_t)y)), + ((x >> FStar_UInt128_u32_32) + * (uint64_t)y + + (FStar_UInt128_u64_mod_32(x) * (uint64_t)y >> FStar_UInt128_u32_32)) + >> FStar_UInt128_u32_32 + }; + return flat; +} + +typedef struct K___uint64_t_uint64_t_uint64_t_uint64_t_s +{ + uint64_t fst; + uint64_t snd; + uint64_t thd; + uint64_t f3; +} +K___uint64_t_uint64_t_uint64_t_uint64_t; + +static K___uint64_t_uint64_t_uint64_t_uint64_t +FStar_UInt128_mul_wide_impl_t_(uint64_t x, uint64_t y) +{ + K___uint64_t_uint64_t_uint64_t_uint64_t + flat = + { + FStar_UInt128_u64_mod_32(x), + FStar_UInt128_u64_mod_32(FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y)), + x + >> FStar_UInt128_u32_32, + (x >> FStar_UInt128_u32_32) + * FStar_UInt128_u64_mod_32(y) + + (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32) + }; + return flat; +} + +static uint64_t FStar_UInt128_u32_combine_(uint64_t hi, uint64_t lo) +{ + return lo + (hi << FStar_UInt128_u32_32); +} + +static FStar_UInt128_uint128 FStar_UInt128_mul_wide_impl(uint64_t x, uint64_t y) +{ + K___uint64_t_uint64_t_uint64_t_uint64_t scrut = FStar_UInt128_mul_wide_impl_t_(x, y); + uint64_t u1 = scrut.fst; + uint64_t w3 = scrut.snd; + uint64_t x_ = scrut.thd; + uint64_t t_ = scrut.f3; + FStar_UInt128_uint128 + flat = + { + FStar_UInt128_u32_combine_(u1 * (y >> FStar_UInt128_u32_32) + FStar_UInt128_u64_mod_32(t_), + w3), + x_ + * (y >> FStar_UInt128_u32_32) + + (t_ >> FStar_UInt128_u32_32) + + ((u1 * (y >> FStar_UInt128_u32_32) + FStar_UInt128_u64_mod_32(t_)) >> FStar_UInt128_u32_32) + }; + return flat; +} + +FStar_UInt128_uint128 FStar_UInt128_mul_wide(uint64_t x, uint64_t y) +{ + return FStar_UInt128_mul_wide_impl(x, y); +} + diff --git a/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c b/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c new file mode 100644 index 000000000..08265248f --- /dev/null +++ b/3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c @@ -0,0 +1,100 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: ../krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrB9w -minimal -fparentheses -fcurly-braces -fno-shadow -header copyright-header.txt -minimal -tmpdir dist/minimal -skip-compilation -extract-uints -add-include -add-include -add-include "kremlin/internal/compat.h" -add-include "kremlin/internal/types.h" -bundle FStar.UInt64+FStar.UInt32+FStar.UInt16+FStar.UInt8=* extracted/prims.krml extracted/FStar_Pervasives_Native.krml extracted/FStar_Pervasives.krml extracted/FStar_Mul.krml extracted/FStar_Squash.krml extracted/FStar_Classical.krml extracted/FStar_StrongExcludedMiddle.krml extracted/FStar_FunctionalExtensionality.krml extracted/FStar_List_Tot_Base.krml extracted/FStar_List_Tot_Properties.krml extracted/FStar_List_Tot.krml extracted/FStar_Seq_Base.krml extracted/FStar_Seq_Properties.krml extracted/FStar_Seq.krml extracted/FStar_Math_Lib.krml extracted/FStar_Math_Lemmas.krml extracted/FStar_BitVector.krml extracted/FStar_UInt.krml extracted/FStar_UInt32.krml extracted/FStar_Int.krml extracted/FStar_Int16.krml extracted/FStar_Preorder.krml extracted/FStar_Ghost.krml extracted/FStar_ErasedLogic.krml extracted/FStar_UInt64.krml extracted/FStar_Set.krml extracted/FStar_PropositionalExtensionality.krml extracted/FStar_PredicateExtensionality.krml extracted/FStar_TSet.krml extracted/FStar_Monotonic_Heap.krml extracted/FStar_Heap.krml extracted/FStar_Map.krml extracted/FStar_Monotonic_HyperHeap.krml extracted/FStar_Monotonic_HyperStack.krml extracted/FStar_HyperStack.krml extracted/FStar_Monotonic_Witnessed.krml extracted/FStar_HyperStack_ST.krml extracted/FStar_HyperStack_All.krml extracted/FStar_Date.krml extracted/FStar_Universe.krml extracted/FStar_GSet.krml extracted/FStar_ModifiesGen.krml extracted/LowStar_Monotonic_Buffer.krml extracted/LowStar_Buffer.krml extracted/Spec_Loops.krml extracted/LowStar_BufferOps.krml extracted/C_Loops.krml extracted/FStar_UInt8.krml extracted/FStar_Kremlin_Endianness.krml extracted/FStar_UInt63.krml extracted/FStar_Exn.krml extracted/FStar_ST.krml extracted/FStar_All.krml extracted/FStar_Dyn.krml extracted/FStar_Int63.krml extracted/FStar_Int64.krml extracted/FStar_Int32.krml extracted/FStar_Int8.krml extracted/FStar_UInt16.krml extracted/FStar_Int_Cast.krml extracted/FStar_UInt128.krml extracted/C_Endianness.krml extracted/FStar_List.krml extracted/FStar_Float.krml extracted/FStar_IO.krml extracted/C.krml extracted/FStar_Char.krml extracted/FStar_String.krml extracted/LowStar_Modifies.krml extracted/C_String.krml extracted/FStar_Bytes.krml extracted/FStar_HyperStack_IO.krml extracted/C_Failure.krml extracted/TestLib.krml extracted/FStar_Int_Cast_Full.krml + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + +#include "FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h" + +uint64_t FStar_UInt64_eq_mask(uint64_t a, uint64_t b) +{ + uint64_t x = a ^ b; + uint64_t minus_x = ~x + (uint64_t)1U; + uint64_t x_or_minus_x = x | minus_x; + uint64_t xnx = x_or_minus_x >> (uint32_t)63U; + return xnx - (uint64_t)1U; +} + +uint64_t FStar_UInt64_gte_mask(uint64_t a, uint64_t b) +{ + uint64_t x = a; + uint64_t y = b; + uint64_t x_xor_y = x ^ y; + uint64_t x_sub_y = x - y; + uint64_t x_sub_y_xor_y = x_sub_y ^ y; + uint64_t q = x_xor_y | x_sub_y_xor_y; + uint64_t x_xor_q = x ^ q; + uint64_t x_xor_q_ = x_xor_q >> (uint32_t)63U; + return x_xor_q_ - (uint64_t)1U; +} + +uint32_t FStar_UInt32_eq_mask(uint32_t a, uint32_t b) +{ + uint32_t x = a ^ b; + uint32_t minus_x = ~x + (uint32_t)1U; + uint32_t x_or_minus_x = x | minus_x; + uint32_t xnx = x_or_minus_x >> (uint32_t)31U; + return xnx - (uint32_t)1U; +} + +uint32_t FStar_UInt32_gte_mask(uint32_t a, uint32_t b) +{ + uint32_t x = a; + uint32_t y = b; + uint32_t x_xor_y = x ^ y; + uint32_t x_sub_y = x - y; + uint32_t x_sub_y_xor_y = x_sub_y ^ y; + uint32_t q = x_xor_y | x_sub_y_xor_y; + uint32_t x_xor_q = x ^ q; + uint32_t x_xor_q_ = x_xor_q >> (uint32_t)31U; + return x_xor_q_ - (uint32_t)1U; +} + +uint16_t FStar_UInt16_eq_mask(uint16_t a, uint16_t b) +{ + uint16_t x = a ^ b; + uint16_t minus_x = ~x + (uint16_t)1U; + uint16_t x_or_minus_x = x | minus_x; + uint16_t xnx = x_or_minus_x >> (uint32_t)15U; + return xnx - (uint16_t)1U; +} + +uint16_t FStar_UInt16_gte_mask(uint16_t a, uint16_t b) +{ + uint16_t x = a; + uint16_t y = b; + uint16_t x_xor_y = x ^ y; + uint16_t x_sub_y = x - y; + uint16_t x_sub_y_xor_y = x_sub_y ^ y; + uint16_t q = x_xor_y | x_sub_y_xor_y; + uint16_t x_xor_q = x ^ q; + uint16_t x_xor_q_ = x_xor_q >> (uint32_t)15U; + return x_xor_q_ - (uint16_t)1U; +} + +uint8_t FStar_UInt8_eq_mask(uint8_t a, uint8_t b) +{ + uint8_t x = a ^ b; + uint8_t minus_x = ~x + (uint8_t)1U; + uint8_t x_or_minus_x = x | minus_x; + uint8_t xnx = x_or_minus_x >> (uint32_t)7U; + return xnx - (uint8_t)1U; +} + +uint8_t FStar_UInt8_gte_mask(uint8_t a, uint8_t b) +{ + uint8_t x = a; + uint8_t y = b; + uint8_t x_xor_y = x ^ y; + uint8_t x_sub_y = x - y; + uint8_t x_sub_y_xor_y = x_sub_y ^ y; + uint8_t q = x_xor_y | x_sub_y_xor_y; + uint8_t x_xor_q = x ^ q; + uint8_t x_xor_q_ = x_xor_q >> (uint32_t)7U; + return x_xor_q_ - (uint8_t)1U; +} + diff --git a/3rdparty/everest/library/kremlib/fstar_uint128.c b/3rdparty/everest/library/kremlib/fstar_uint128.c new file mode 100644 index 000000000..cadfbc7fa --- /dev/null +++ b/3rdparty/everest/library/kremlib/fstar_uint128.c @@ -0,0 +1,216 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/******************************************************************************/ +/* Machine integers (128-bit arithmetic) */ +/******************************************************************************/ + +/* This header makes KreMLin-generated C code work with: + * - the default setting where we assume the target compiler defines __int128 + * - the setting where we use FStar.UInt128's implementation instead; in that + * case, generated C files must be compiled with -DKRML_VERIFIED_UINT128 + * - a refinement of the case above, wherein all structures are passed by + * reference, a.k.a. "-fnostruct-passing", meaning that the KreMLin-generated + * must be compiled with -DKRML_NOSTRUCT_PASSING + * Note: no MSVC support in this file. + */ + +#include "FStar_UInt128.h" +#include "kremlin/c_endianness.h" +#include "FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h" + +#if !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) + +/* GCC + using native unsigned __int128 support */ + +uint128_t load128_le(uint8_t *b) { + uint128_t l = (uint128_t)load64_le(b); + uint128_t h = (uint128_t)load64_le(b + 8); + return (h << 64 | l); +} + +void store128_le(uint8_t *b, uint128_t n) { + store64_le(b, (uint64_t)n); + store64_le(b + 8, (uint64_t)(n >> 64)); +} + +uint128_t load128_be(uint8_t *b) { + uint128_t h = (uint128_t)load64_be(b); + uint128_t l = (uint128_t)load64_be(b + 8); + return (h << 64 | l); +} + +void store128_be(uint8_t *b, uint128_t n) { + store64_be(b, (uint64_t)(n >> 64)); + store64_be(b + 8, (uint64_t)n); +} + +uint128_t FStar_UInt128_add(uint128_t x, uint128_t y) { + return x + y; +} + +uint128_t FStar_UInt128_mul(uint128_t x, uint128_t y) { + return x * y; +} + +uint128_t FStar_UInt128_add_mod(uint128_t x, uint128_t y) { + return x + y; +} + +uint128_t FStar_UInt128_sub(uint128_t x, uint128_t y) { + return x - y; +} + +uint128_t FStar_UInt128_sub_mod(uint128_t x, uint128_t y) { + return x - y; +} + +uint128_t FStar_UInt128_logand(uint128_t x, uint128_t y) { + return x & y; +} + +uint128_t FStar_UInt128_logor(uint128_t x, uint128_t y) { + return x | y; +} + +uint128_t FStar_UInt128_logxor(uint128_t x, uint128_t y) { + return x ^ y; +} + +uint128_t FStar_UInt128_lognot(uint128_t x) { + return ~x; +} + +uint128_t FStar_UInt128_shift_left(uint128_t x, uint32_t y) { + return x << y; +} + +uint128_t FStar_UInt128_shift_right(uint128_t x, uint32_t y) { + return x >> y; +} + +uint128_t FStar_UInt128_uint64_to_uint128(uint64_t x) { + return (uint128_t)x; +} + +uint64_t FStar_UInt128_uint128_to_uint64(uint128_t x) { + return (uint64_t)x; +} + +uint128_t FStar_UInt128_mul_wide(uint64_t x, uint64_t y) { + return ((uint128_t) x) * y; +} + +uint128_t FStar_UInt128_eq_mask(uint128_t x, uint128_t y) { + uint64_t mask = + FStar_UInt64_eq_mask((uint64_t)(x >> 64), (uint64_t)(y >> 64)) & + FStar_UInt64_eq_mask(x, y); + return ((uint128_t)mask) << 64 | mask; +} + +uint128_t FStar_UInt128_gte_mask(uint128_t x, uint128_t y) { + uint64_t mask = + (FStar_UInt64_gte_mask(x >> 64, y >> 64) & + ~(FStar_UInt64_eq_mask(x >> 64, y >> 64))) | + (FStar_UInt64_eq_mask(x >> 64, y >> 64) & FStar_UInt64_gte_mask(x, y)); + return ((uint128_t)mask) << 64 | mask; +} + +uint128_t FStar_Int_Cast_Full_uint64_to_uint128(uint64_t x) { + return x; +} + +uint64_t FStar_Int_Cast_Full_uint128_to_uint64(uint128_t x) { + return x; +} + +#elif !defined(_MSC_VER) && defined(KRML_VERIFIED_UINT128) + +/* Verified uint128 implementation. */ + +/* Access 64-bit fields within the int128. */ +#define HIGH64_OF(x) ((x)->high) +#define LOW64_OF(x) ((x)->low) + +typedef FStar_UInt128_uint128 FStar_UInt128_t_, uint128_t; + +/* A series of definitions written using pointers. */ + +void load128_le_(uint8_t *b, uint128_t *r) { + LOW64_OF(r) = load64_le(b); + HIGH64_OF(r) = load64_le(b + 8); +} + +void store128_le_(uint8_t *b, uint128_t *n) { + store64_le(b, LOW64_OF(n)); + store64_le(b + 8, HIGH64_OF(n)); +} + +void load128_be_(uint8_t *b, uint128_t *r) { + HIGH64_OF(r) = load64_be(b); + LOW64_OF(r) = load64_be(b + 8); +} + +void store128_be_(uint8_t *b, uint128_t *n) { + store64_be(b, HIGH64_OF(n)); + store64_be(b + 8, LOW64_OF(n)); +} + +void +FStar_Int_Cast_Full_uint64_to_uint128_(uint64_t x, uint128_t *dst) { + /* C89 */ + LOW64_OF(dst) = x; + HIGH64_OF(dst) = 0; +} + +uint64_t FStar_Int_Cast_Full_uint128_to_uint64_(uint128_t *x) { + return LOW64_OF(x); +} + +# ifndef KRML_NOSTRUCT_PASSING + +uint128_t load128_le(uint8_t *b) { + uint128_t r; + load128_le_(b, &r); + return r; +} + +void store128_le(uint8_t *b, uint128_t n) { + store128_le_(b, &n); +} + +uint128_t load128_be(uint8_t *b) { + uint128_t r; + load128_be_(b, &r); + return r; +} + +void store128_be(uint8_t *b, uint128_t n) { + store128_be_(b, &n); +} + +uint128_t FStar_Int_Cast_Full_uint64_to_uint128(uint64_t x) { + uint128_t dst; + FStar_Int_Cast_Full_uint64_to_uint128_(x, &dst); + return dst; +} + +uint64_t FStar_Int_Cast_Full_uint128_to_uint64(uint128_t x) { + return FStar_Int_Cast_Full_uint128_to_uint64_(&x); +} + +# else /* !defined(KRML_STRUCT_PASSING) */ + +# define print128 print128_ +# define load128_le load128_le_ +# define store128_le store128_le_ +# define load128_be load128_be_ +# define store128_be store128_be_ +# define FStar_Int_Cast_Full_uint128_to_uint64 \ + FStar_Int_Cast_Full_uint128_to_uint64_ +# define FStar_Int_Cast_Full_uint64_to_uint128 \ + FStar_Int_Cast_Full_uint64_to_uint128_ + +# endif /* KRML_STRUCT_PASSING */ + +#endif From 2a9684e7c9475c17351bb0717fc46330a8459dd5 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 12:32:55 +0100 Subject: [PATCH 1574/2197] ECDH: Add VS2010 support files for Everest Curve25519 --- .../include/everest/vs2010/Hacl_Curve25519.h | 21 + .../everest/include/everest/vs2010/inttypes.h | 36 + .../everest/include/everest/vs2010/stdbool.h | 31 + .../everest/library/vs2010/Hacl_Curve25519.c | 805 ++++++++++++++++++ 4 files changed, 893 insertions(+) create mode 100644 3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h create mode 100644 3rdparty/everest/include/everest/vs2010/inttypes.h create mode 100644 3rdparty/everest/include/everest/vs2010/stdbool.h create mode 100644 3rdparty/everest/library/vs2010/Hacl_Curve25519.c diff --git a/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h b/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h new file mode 100644 index 000000000..27ebe0794 --- /dev/null +++ b/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h @@ -0,0 +1,21 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: /mnt/e/everest/verify/kremlin/krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -I /mnt/e/everest/verify/hacl-star/code/lib/kremlin -I /mnt/e/everest/verify/kremlin/kremlib/compat -I /mnt/e/everest/verify/hacl-star/specs -I /mnt/e/everest/verify/hacl-star/specs/old -I . -ccopt -march=native -verbose -ldopt -flto -tmpdir x25519-c -I ../bignum -bundle Hacl.Curve25519=* -minimal -add-include "kremlib.h" -skip-compilation x25519-c/out.krml -o x25519-c/Hacl_Curve25519.c + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + + +#ifndef __Hacl_Curve25519_H +#define __Hacl_Curve25519_H + + +#include "kremlib.h" + +void Hacl_Curve25519_crypto_scalarmult(uint8_t *mypublic, uint8_t *secret, uint8_t *basepoint); + +#define __Hacl_Curve25519_H_DEFINED +#endif diff --git a/3rdparty/everest/include/everest/vs2010/inttypes.h b/3rdparty/everest/include/everest/vs2010/inttypes.h new file mode 100644 index 000000000..d53f87f21 --- /dev/null +++ b/3rdparty/everest/include/everest/vs2010/inttypes.h @@ -0,0 +1,36 @@ +/* + * Custom inttypes.h for VS2010 KreMLin requires these definitions, + * but VS2010 doesn't provide them. + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef _INTTYPES_H_VS2010 +#define _INTTYPES_H_VS2010 + +#include + +#ifdef _MSC_VER +#define inline __inline +#endif + +/* VS2010 unsigned long == 8 bytes */ + +#define PRIu64 "I64u" + +#endif diff --git a/3rdparty/everest/include/everest/vs2010/stdbool.h b/3rdparty/everest/include/everest/vs2010/stdbool.h new file mode 100644 index 000000000..5b7039c4f --- /dev/null +++ b/3rdparty/everest/include/everest/vs2010/stdbool.h @@ -0,0 +1,31 @@ +/* + * Custom stdbool.h for VS2010 KreMLin requires these definitions, + * but VS2010 doesn't provide them. + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef _STDBOOL_H_VS2010 +#define _STDBOOL_H_VS2010 + +typedef int bool; + +static bool true = 1; +static bool false = 0; + +#endif diff --git a/3rdparty/everest/library/vs2010/Hacl_Curve25519.c b/3rdparty/everest/library/vs2010/Hacl_Curve25519.c new file mode 100644 index 000000000..babebe4f1 --- /dev/null +++ b/3rdparty/everest/library/vs2010/Hacl_Curve25519.c @@ -0,0 +1,805 @@ +/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. + Licensed under the Apache 2.0 License. */ + +/* This file was generated by KreMLin + * KreMLin invocation: /mnt/e/everest/verify/kremlin/krml -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -fc89 -fparentheses -fno-shadow -header /mnt/e/everest/verify/hdrcLh -minimal -I /mnt/e/everest/verify/hacl-star/code/lib/kremlin -I /mnt/e/everest/verify/kremlin/kremlib/compat -I /mnt/e/everest/verify/hacl-star/specs -I /mnt/e/everest/verify/hacl-star/specs/old -I . -ccopt -march=native -verbose -ldopt -flto -tmpdir x25519-c -I ../bignum -bundle Hacl.Curve25519=* -minimal -add-include "kremlib.h" -skip-compilation x25519-c/out.krml -o x25519-c/Hacl_Curve25519.c + * F* version: 059db0c8 + * KreMLin version: 916c37ac + */ + + +#include "Hacl_Curve25519.h" + +extern uint64_t FStar_UInt64_eq_mask(uint64_t x0, uint64_t x1); + +extern uint64_t FStar_UInt64_gte_mask(uint64_t x0, uint64_t x1); + +extern FStar_UInt128_uint128 +FStar_UInt128_add(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +FStar_UInt128_add_mod(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 +FStar_UInt128_logand(FStar_UInt128_uint128 x0, FStar_UInt128_uint128 x1); + +extern FStar_UInt128_uint128 FStar_UInt128_shift_right(FStar_UInt128_uint128 x0, uint32_t x1); + +extern FStar_UInt128_uint128 FStar_UInt128_uint64_to_uint128(uint64_t x0); + +extern uint64_t FStar_UInt128_uint128_to_uint64(FStar_UInt128_uint128 x0); + +extern FStar_UInt128_uint128 FStar_UInt128_mul_wide(uint64_t x0, uint64_t x1); + +static void Hacl_Bignum_Modulo_carry_top(uint64_t *b) +{ + uint64_t b4 = b[4U]; + uint64_t b0 = b[0U]; + uint64_t b4_ = b4 & (uint64_t)0x7ffffffffffffU; + uint64_t b0_ = b0 + (uint64_t)19U * (b4 >> (uint32_t)51U); + b[4U] = b4_; + b[0U] = b0_; +} + +inline static void +Hacl_Bignum_Fproduct_copy_from_wide_(uint64_t *output, FStar_UInt128_uint128 *input) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + FStar_UInt128_uint128 xi = input[i]; + output[i] = FStar_UInt128_uint128_to_uint64(xi); + } +} + +inline static void +Hacl_Bignum_Fproduct_sum_scalar_multiplication_( + FStar_UInt128_uint128 *output, + uint64_t *input, + uint64_t s +) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + FStar_UInt128_uint128 xi = output[i]; + uint64_t yi = input[i]; + output[i] = FStar_UInt128_add_mod(xi, FStar_UInt128_mul_wide(yi, s)); + } +} + +inline static void Hacl_Bignum_Fproduct_carry_wide_(FStar_UInt128_uint128 *tmp) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) + { + uint32_t ctr = i; + FStar_UInt128_uint128 tctr = tmp[ctr]; + FStar_UInt128_uint128 tctrp1 = tmp[ctr + (uint32_t)1U]; + uint64_t r0 = FStar_UInt128_uint128_to_uint64(tctr) & (uint64_t)0x7ffffffffffffU; + FStar_UInt128_uint128 c = FStar_UInt128_shift_right(tctr, (uint32_t)51U); + tmp[ctr] = FStar_UInt128_uint64_to_uint128(r0); + tmp[ctr + (uint32_t)1U] = FStar_UInt128_add(tctrp1, c); + } +} + +inline static void Hacl_Bignum_Fmul_shift_reduce(uint64_t *output) +{ + uint64_t tmp = output[4U]; + uint64_t b0; + { + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) + { + uint32_t ctr = (uint32_t)5U - i - (uint32_t)1U; + uint64_t z = output[ctr - (uint32_t)1U]; + output[ctr] = z; + } + } + output[0U] = tmp; + b0 = output[0U]; + output[0U] = (uint64_t)19U * b0; +} + +static void +Hacl_Bignum_Fmul_mul_shift_reduce_( + FStar_UInt128_uint128 *output, + uint64_t *input, + uint64_t *input2 +) +{ + uint32_t i; + uint64_t input2i; + { + uint32_t i0; + for (i0 = (uint32_t)0U; i0 < (uint32_t)4U; i0 = i0 + (uint32_t)1U) + { + uint64_t input2i0 = input2[i0]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i0); + Hacl_Bignum_Fmul_shift_reduce(input); + } + } + i = (uint32_t)4U; + input2i = input2[i]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i); +} + +inline static void Hacl_Bignum_Fmul_fmul(uint64_t *output, uint64_t *input, uint64_t *input2) +{ + uint64_t tmp[5U] = { 0U }; + memcpy(tmp, input, (uint32_t)5U * sizeof input[0U]); + KRML_CHECK_SIZE(sizeof (FStar_UInt128_uint128), (uint32_t)5U); + { + FStar_UInt128_uint128 t[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + t[_i] = FStar_UInt128_uint64_to_uint128((uint64_t)0U); + } + { + FStar_UInt128_uint128 b4; + FStar_UInt128_uint128 b0; + FStar_UInt128_uint128 b4_; + FStar_UInt128_uint128 b0_; + uint64_t i0; + uint64_t i1; + uint64_t i0_; + uint64_t i1_; + Hacl_Bignum_Fmul_mul_shift_reduce_(t, tmp, input2); + Hacl_Bignum_Fproduct_carry_wide_(t); + b4 = t[4U]; + b0 = t[0U]; + b4_ = FStar_UInt128_logand(b4, FStar_UInt128_uint64_to_uint128((uint64_t)0x7ffffffffffffU)); + b0_ = + FStar_UInt128_add(b0, + FStar_UInt128_mul_wide((uint64_t)19U, + FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(b4, (uint32_t)51U)))); + t[4U] = b4_; + t[0U] = b0_; + Hacl_Bignum_Fproduct_copy_from_wide_(output, t); + i0 = output[0U]; + i1 = output[1U]; + i0_ = i0 & (uint64_t)0x7ffffffffffffU; + i1_ = i1 + (i0 >> (uint32_t)51U); + output[0U] = i0_; + output[1U] = i1_; + } + } +} + +inline static void Hacl_Bignum_Fsquare_fsquare__(FStar_UInt128_uint128 *tmp, uint64_t *output) +{ + uint64_t r0 = output[0U]; + uint64_t r1 = output[1U]; + uint64_t r2 = output[2U]; + uint64_t r3 = output[3U]; + uint64_t r4 = output[4U]; + uint64_t d0 = r0 * (uint64_t)2U; + uint64_t d1 = r1 * (uint64_t)2U; + uint64_t d2 = r2 * (uint64_t)2U * (uint64_t)19U; + uint64_t d419 = r4 * (uint64_t)19U; + uint64_t d4 = d419 * (uint64_t)2U; + FStar_UInt128_uint128 + s0 = + FStar_UInt128_add(FStar_UInt128_add(FStar_UInt128_mul_wide(r0, r0), + FStar_UInt128_mul_wide(d4, r1)), + FStar_UInt128_mul_wide(d2, r3)); + FStar_UInt128_uint128 + s1 = + FStar_UInt128_add(FStar_UInt128_add(FStar_UInt128_mul_wide(d0, r1), + FStar_UInt128_mul_wide(d4, r2)), + FStar_UInt128_mul_wide(r3 * (uint64_t)19U, r3)); + FStar_UInt128_uint128 + s2 = + FStar_UInt128_add(FStar_UInt128_add(FStar_UInt128_mul_wide(d0, r2), + FStar_UInt128_mul_wide(r1, r1)), + FStar_UInt128_mul_wide(d4, r3)); + FStar_UInt128_uint128 + s3 = + FStar_UInt128_add(FStar_UInt128_add(FStar_UInt128_mul_wide(d0, r3), + FStar_UInt128_mul_wide(d1, r2)), + FStar_UInt128_mul_wide(r4, d419)); + FStar_UInt128_uint128 + s4 = + FStar_UInt128_add(FStar_UInt128_add(FStar_UInt128_mul_wide(d0, r4), + FStar_UInt128_mul_wide(d1, r3)), + FStar_UInt128_mul_wide(r2, r2)); + tmp[0U] = s0; + tmp[1U] = s1; + tmp[2U] = s2; + tmp[3U] = s3; + tmp[4U] = s4; +} + +inline static void Hacl_Bignum_Fsquare_fsquare_(FStar_UInt128_uint128 *tmp, uint64_t *output) +{ + FStar_UInt128_uint128 b4; + FStar_UInt128_uint128 b0; + FStar_UInt128_uint128 b4_; + FStar_UInt128_uint128 b0_; + uint64_t i0; + uint64_t i1; + uint64_t i0_; + uint64_t i1_; + Hacl_Bignum_Fsquare_fsquare__(tmp, output); + Hacl_Bignum_Fproduct_carry_wide_(tmp); + b4 = tmp[4U]; + b0 = tmp[0U]; + b4_ = FStar_UInt128_logand(b4, FStar_UInt128_uint64_to_uint128((uint64_t)0x7ffffffffffffU)); + b0_ = + FStar_UInt128_add(b0, + FStar_UInt128_mul_wide((uint64_t)19U, + FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(b4, (uint32_t)51U)))); + tmp[4U] = b4_; + tmp[0U] = b0_; + Hacl_Bignum_Fproduct_copy_from_wide_(output, tmp); + i0 = output[0U]; + i1 = output[1U]; + i0_ = i0 & (uint64_t)0x7ffffffffffffU; + i1_ = i1 + (i0 >> (uint32_t)51U); + output[0U] = i0_; + output[1U] = i1_; +} + +static void +Hacl_Bignum_Fsquare_fsquare_times_( + uint64_t *input, + FStar_UInt128_uint128 *tmp, + uint32_t count1 +) +{ + uint32_t i; + Hacl_Bignum_Fsquare_fsquare_(tmp, input); + for (i = (uint32_t)1U; i < count1; i = i + (uint32_t)1U) + Hacl_Bignum_Fsquare_fsquare_(tmp, input); +} + +inline static void +Hacl_Bignum_Fsquare_fsquare_times(uint64_t *output, uint64_t *input, uint32_t count1) +{ + KRML_CHECK_SIZE(sizeof (FStar_UInt128_uint128), (uint32_t)5U); + { + FStar_UInt128_uint128 t[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + t[_i] = FStar_UInt128_uint64_to_uint128((uint64_t)0U); + } + memcpy(output, input, (uint32_t)5U * sizeof input[0U]); + Hacl_Bignum_Fsquare_fsquare_times_(output, t, count1); + } +} + +inline static void Hacl_Bignum_Fsquare_fsquare_times_inplace(uint64_t *output, uint32_t count1) +{ + KRML_CHECK_SIZE(sizeof (FStar_UInt128_uint128), (uint32_t)5U); + { + FStar_UInt128_uint128 t[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + t[_i] = FStar_UInt128_uint64_to_uint128((uint64_t)0U); + } + Hacl_Bignum_Fsquare_fsquare_times_(output, t, count1); + } +} + +inline static void Hacl_Bignum_Crecip_crecip(uint64_t *out, uint64_t *z) +{ + uint64_t buf[20U] = { 0U }; + uint64_t *a0 = buf; + uint64_t *t00 = buf + (uint32_t)5U; + uint64_t *b0 = buf + (uint32_t)10U; + uint64_t *t01; + uint64_t *b1; + uint64_t *c0; + uint64_t *a; + uint64_t *t0; + uint64_t *b; + uint64_t *c; + Hacl_Bignum_Fsquare_fsquare_times(a0, z, (uint32_t)1U); + Hacl_Bignum_Fsquare_fsquare_times(t00, a0, (uint32_t)2U); + Hacl_Bignum_Fmul_fmul(b0, t00, z); + Hacl_Bignum_Fmul_fmul(a0, b0, a0); + Hacl_Bignum_Fsquare_fsquare_times(t00, a0, (uint32_t)1U); + Hacl_Bignum_Fmul_fmul(b0, t00, b0); + Hacl_Bignum_Fsquare_fsquare_times(t00, b0, (uint32_t)5U); + t01 = buf + (uint32_t)5U; + b1 = buf + (uint32_t)10U; + c0 = buf + (uint32_t)15U; + Hacl_Bignum_Fmul_fmul(b1, t01, b1); + Hacl_Bignum_Fsquare_fsquare_times(t01, b1, (uint32_t)10U); + Hacl_Bignum_Fmul_fmul(c0, t01, b1); + Hacl_Bignum_Fsquare_fsquare_times(t01, c0, (uint32_t)20U); + Hacl_Bignum_Fmul_fmul(t01, t01, c0); + Hacl_Bignum_Fsquare_fsquare_times_inplace(t01, (uint32_t)10U); + Hacl_Bignum_Fmul_fmul(b1, t01, b1); + Hacl_Bignum_Fsquare_fsquare_times(t01, b1, (uint32_t)50U); + a = buf; + t0 = buf + (uint32_t)5U; + b = buf + (uint32_t)10U; + c = buf + (uint32_t)15U; + Hacl_Bignum_Fmul_fmul(c, t0, b); + Hacl_Bignum_Fsquare_fsquare_times(t0, c, (uint32_t)100U); + Hacl_Bignum_Fmul_fmul(t0, t0, c); + Hacl_Bignum_Fsquare_fsquare_times_inplace(t0, (uint32_t)50U); + Hacl_Bignum_Fmul_fmul(t0, t0, b); + Hacl_Bignum_Fsquare_fsquare_times_inplace(t0, (uint32_t)5U); + Hacl_Bignum_Fmul_fmul(out, t0, a); +} + +inline static void Hacl_Bignum_fsum(uint64_t *a, uint64_t *b) +{ + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint64_t xi = a[i]; + uint64_t yi = b[i]; + a[i] = xi + yi; + } +} + +inline static void Hacl_Bignum_fdifference(uint64_t *a, uint64_t *b) +{ + uint64_t tmp[5U] = { 0U }; + uint64_t b0; + uint64_t b1; + uint64_t b2; + uint64_t b3; + uint64_t b4; + memcpy(tmp, b, (uint32_t)5U * sizeof b[0U]); + b0 = tmp[0U]; + b1 = tmp[1U]; + b2 = tmp[2U]; + b3 = tmp[3U]; + b4 = tmp[4U]; + tmp[0U] = b0 + (uint64_t)0x3fffffffffff68U; + tmp[1U] = b1 + (uint64_t)0x3ffffffffffff8U; + tmp[2U] = b2 + (uint64_t)0x3ffffffffffff8U; + tmp[3U] = b3 + (uint64_t)0x3ffffffffffff8U; + tmp[4U] = b4 + (uint64_t)0x3ffffffffffff8U; + { + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint64_t xi = a[i]; + uint64_t yi = tmp[i]; + a[i] = yi - xi; + } + } +} + +inline static void Hacl_Bignum_fscalar(uint64_t *output, uint64_t *b, uint64_t s) +{ + KRML_CHECK_SIZE(sizeof (FStar_UInt128_uint128), (uint32_t)5U); + { + FStar_UInt128_uint128 tmp[5U]; + { + uint32_t _i; + for (_i = 0U; _i < (uint32_t)5U; ++_i) + tmp[_i] = FStar_UInt128_uint64_to_uint128((uint64_t)0U); + } + { + FStar_UInt128_uint128 b4; + FStar_UInt128_uint128 b0; + FStar_UInt128_uint128 b4_; + FStar_UInt128_uint128 b0_; + { + uint32_t i; + for (i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) + { + uint64_t xi = b[i]; + tmp[i] = FStar_UInt128_mul_wide(xi, s); + } + } + Hacl_Bignum_Fproduct_carry_wide_(tmp); + b4 = tmp[4U]; + b0 = tmp[0U]; + b4_ = FStar_UInt128_logand(b4, FStar_UInt128_uint64_to_uint128((uint64_t)0x7ffffffffffffU)); + b0_ = + FStar_UInt128_add(b0, + FStar_UInt128_mul_wide((uint64_t)19U, + FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(b4, (uint32_t)51U)))); + tmp[4U] = b4_; + tmp[0U] = b0_; + Hacl_Bignum_Fproduct_copy_from_wide_(output, tmp); + } + } +} + +inline static void Hacl_Bignum_fmul(uint64_t *output, uint64_t *a, uint64_t *b) +{ + Hacl_Bignum_Fmul_fmul(output, a, b); +} + +inline static void Hacl_Bignum_crecip(uint64_t *output, uint64_t *input) +{ + Hacl_Bignum_Crecip_crecip(output, input); +} + +static void +Hacl_EC_Point_swap_conditional_step(uint64_t *a, uint64_t *b, uint64_t swap1, uint32_t ctr) +{ + uint32_t i = ctr - (uint32_t)1U; + uint64_t ai = a[i]; + uint64_t bi = b[i]; + uint64_t x = swap1 & (ai ^ bi); + uint64_t ai1 = ai ^ x; + uint64_t bi1 = bi ^ x; + a[i] = ai1; + b[i] = bi1; +} + +static void +Hacl_EC_Point_swap_conditional_(uint64_t *a, uint64_t *b, uint64_t swap1, uint32_t ctr) +{ + if (!(ctr == (uint32_t)0U)) + { + uint32_t i; + Hacl_EC_Point_swap_conditional_step(a, b, swap1, ctr); + i = ctr - (uint32_t)1U; + Hacl_EC_Point_swap_conditional_(a, b, swap1, i); + } +} + +static void Hacl_EC_Point_swap_conditional(uint64_t *a, uint64_t *b, uint64_t iswap) +{ + uint64_t swap1 = (uint64_t)0U - iswap; + Hacl_EC_Point_swap_conditional_(a, b, swap1, (uint32_t)5U); + Hacl_EC_Point_swap_conditional_(a + (uint32_t)5U, b + (uint32_t)5U, swap1, (uint32_t)5U); +} + +static void Hacl_EC_Point_copy(uint64_t *output, uint64_t *input) +{ + memcpy(output, input, (uint32_t)5U * sizeof input[0U]); + memcpy(output + (uint32_t)5U, + input + (uint32_t)5U, + (uint32_t)5U * sizeof (input + (uint32_t)5U)[0U]); +} + +static void Hacl_EC_Format_fexpand(uint64_t *output, uint8_t *input) +{ + uint64_t i0 = load64_le(input); + uint8_t *x00 = input + (uint32_t)6U; + uint64_t i1 = load64_le(x00); + uint8_t *x01 = input + (uint32_t)12U; + uint64_t i2 = load64_le(x01); + uint8_t *x02 = input + (uint32_t)19U; + uint64_t i3 = load64_le(x02); + uint8_t *x0 = input + (uint32_t)24U; + uint64_t i4 = load64_le(x0); + uint64_t output0 = i0 & (uint64_t)0x7ffffffffffffU; + uint64_t output1 = i1 >> (uint32_t)3U & (uint64_t)0x7ffffffffffffU; + uint64_t output2 = i2 >> (uint32_t)6U & (uint64_t)0x7ffffffffffffU; + uint64_t output3 = i3 >> (uint32_t)1U & (uint64_t)0x7ffffffffffffU; + uint64_t output4 = i4 >> (uint32_t)12U & (uint64_t)0x7ffffffffffffU; + output[0U] = output0; + output[1U] = output1; + output[2U] = output2; + output[3U] = output3; + output[4U] = output4; +} + +static void Hacl_EC_Format_fcontract_first_carry_pass(uint64_t *input) +{ + uint64_t t0 = input[0U]; + uint64_t t1 = input[1U]; + uint64_t t2 = input[2U]; + uint64_t t3 = input[3U]; + uint64_t t4 = input[4U]; + uint64_t t1_ = t1 + (t0 >> (uint32_t)51U); + uint64_t t0_ = t0 & (uint64_t)0x7ffffffffffffU; + uint64_t t2_ = t2 + (t1_ >> (uint32_t)51U); + uint64_t t1__ = t1_ & (uint64_t)0x7ffffffffffffU; + uint64_t t3_ = t3 + (t2_ >> (uint32_t)51U); + uint64_t t2__ = t2_ & (uint64_t)0x7ffffffffffffU; + uint64_t t4_ = t4 + (t3_ >> (uint32_t)51U); + uint64_t t3__ = t3_ & (uint64_t)0x7ffffffffffffU; + input[0U] = t0_; + input[1U] = t1__; + input[2U] = t2__; + input[3U] = t3__; + input[4U] = t4_; +} + +static void Hacl_EC_Format_fcontract_first_carry_full(uint64_t *input) +{ + Hacl_EC_Format_fcontract_first_carry_pass(input); + Hacl_Bignum_Modulo_carry_top(input); +} + +static void Hacl_EC_Format_fcontract_second_carry_pass(uint64_t *input) +{ + uint64_t t0 = input[0U]; + uint64_t t1 = input[1U]; + uint64_t t2 = input[2U]; + uint64_t t3 = input[3U]; + uint64_t t4 = input[4U]; + uint64_t t1_ = t1 + (t0 >> (uint32_t)51U); + uint64_t t0_ = t0 & (uint64_t)0x7ffffffffffffU; + uint64_t t2_ = t2 + (t1_ >> (uint32_t)51U); + uint64_t t1__ = t1_ & (uint64_t)0x7ffffffffffffU; + uint64_t t3_ = t3 + (t2_ >> (uint32_t)51U); + uint64_t t2__ = t2_ & (uint64_t)0x7ffffffffffffU; + uint64_t t4_ = t4 + (t3_ >> (uint32_t)51U); + uint64_t t3__ = t3_ & (uint64_t)0x7ffffffffffffU; + input[0U] = t0_; + input[1U] = t1__; + input[2U] = t2__; + input[3U] = t3__; + input[4U] = t4_; +} + +static void Hacl_EC_Format_fcontract_second_carry_full(uint64_t *input) +{ + uint64_t i0; + uint64_t i1; + uint64_t i0_; + uint64_t i1_; + Hacl_EC_Format_fcontract_second_carry_pass(input); + Hacl_Bignum_Modulo_carry_top(input); + i0 = input[0U]; + i1 = input[1U]; + i0_ = i0 & (uint64_t)0x7ffffffffffffU; + i1_ = i1 + (i0 >> (uint32_t)51U); + input[0U] = i0_; + input[1U] = i1_; +} + +static void Hacl_EC_Format_fcontract_trim(uint64_t *input) +{ + uint64_t a0 = input[0U]; + uint64_t a1 = input[1U]; + uint64_t a2 = input[2U]; + uint64_t a3 = input[3U]; + uint64_t a4 = input[4U]; + uint64_t mask0 = FStar_UInt64_gte_mask(a0, (uint64_t)0x7ffffffffffedU); + uint64_t mask1 = FStar_UInt64_eq_mask(a1, (uint64_t)0x7ffffffffffffU); + uint64_t mask2 = FStar_UInt64_eq_mask(a2, (uint64_t)0x7ffffffffffffU); + uint64_t mask3 = FStar_UInt64_eq_mask(a3, (uint64_t)0x7ffffffffffffU); + uint64_t mask4 = FStar_UInt64_eq_mask(a4, (uint64_t)0x7ffffffffffffU); + uint64_t mask = (((mask0 & mask1) & mask2) & mask3) & mask4; + uint64_t a0_ = a0 - ((uint64_t)0x7ffffffffffedU & mask); + uint64_t a1_ = a1 - ((uint64_t)0x7ffffffffffffU & mask); + uint64_t a2_ = a2 - ((uint64_t)0x7ffffffffffffU & mask); + uint64_t a3_ = a3 - ((uint64_t)0x7ffffffffffffU & mask); + uint64_t a4_ = a4 - ((uint64_t)0x7ffffffffffffU & mask); + input[0U] = a0_; + input[1U] = a1_; + input[2U] = a2_; + input[3U] = a3_; + input[4U] = a4_; +} + +static void Hacl_EC_Format_fcontract_store(uint8_t *output, uint64_t *input) +{ + uint64_t t0 = input[0U]; + uint64_t t1 = input[1U]; + uint64_t t2 = input[2U]; + uint64_t t3 = input[3U]; + uint64_t t4 = input[4U]; + uint64_t o0 = t1 << (uint32_t)51U | t0; + uint64_t o1 = t2 << (uint32_t)38U | t1 >> (uint32_t)13U; + uint64_t o2 = t3 << (uint32_t)25U | t2 >> (uint32_t)26U; + uint64_t o3 = t4 << (uint32_t)12U | t3 >> (uint32_t)39U; + uint8_t *b0 = output; + uint8_t *b1 = output + (uint32_t)8U; + uint8_t *b2 = output + (uint32_t)16U; + uint8_t *b3 = output + (uint32_t)24U; + store64_le(b0, o0); + store64_le(b1, o1); + store64_le(b2, o2); + store64_le(b3, o3); +} + +static void Hacl_EC_Format_fcontract(uint8_t *output, uint64_t *input) +{ + Hacl_EC_Format_fcontract_first_carry_full(input); + Hacl_EC_Format_fcontract_second_carry_full(input); + Hacl_EC_Format_fcontract_trim(input); + Hacl_EC_Format_fcontract_store(output, input); +} + +static void Hacl_EC_Format_scalar_of_point(uint8_t *scalar, uint64_t *point) +{ + uint64_t *x = point; + uint64_t *z = point + (uint32_t)5U; + uint64_t buf[10U] = { 0U }; + uint64_t *zmone = buf; + uint64_t *sc = buf + (uint32_t)5U; + Hacl_Bignum_crecip(zmone, z); + Hacl_Bignum_fmul(sc, x, zmone); + Hacl_EC_Format_fcontract(scalar, sc); +} + +static void +Hacl_EC_AddAndDouble_fmonty( + uint64_t *pp, + uint64_t *ppq, + uint64_t *p, + uint64_t *pq, + uint64_t *qmqp +) +{ + uint64_t *qx = qmqp; + uint64_t *x2 = pp; + uint64_t *z2 = pp + (uint32_t)5U; + uint64_t *x3 = ppq; + uint64_t *z3 = ppq + (uint32_t)5U; + uint64_t *x = p; + uint64_t *z = p + (uint32_t)5U; + uint64_t *xprime = pq; + uint64_t *zprime = pq + (uint32_t)5U; + uint64_t buf[40U] = { 0U }; + uint64_t *origx = buf; + uint64_t *origxprime0 = buf + (uint32_t)5U; + uint64_t *xxprime0 = buf + (uint32_t)25U; + uint64_t *zzprime0 = buf + (uint32_t)30U; + uint64_t *origxprime; + uint64_t *xx0; + uint64_t *zz0; + uint64_t *xxprime; + uint64_t *zzprime; + uint64_t *zzzprime; + uint64_t *zzz; + uint64_t *xx; + uint64_t *zz; + uint64_t scalar; + memcpy(origx, x, (uint32_t)5U * sizeof x[0U]); + Hacl_Bignum_fsum(x, z); + Hacl_Bignum_fdifference(z, origx); + memcpy(origxprime0, xprime, (uint32_t)5U * sizeof xprime[0U]); + Hacl_Bignum_fsum(xprime, zprime); + Hacl_Bignum_fdifference(zprime, origxprime0); + Hacl_Bignum_fmul(xxprime0, xprime, z); + Hacl_Bignum_fmul(zzprime0, x, zprime); + origxprime = buf + (uint32_t)5U; + xx0 = buf + (uint32_t)15U; + zz0 = buf + (uint32_t)20U; + xxprime = buf + (uint32_t)25U; + zzprime = buf + (uint32_t)30U; + zzzprime = buf + (uint32_t)35U; + memcpy(origxprime, xxprime, (uint32_t)5U * sizeof xxprime[0U]); + Hacl_Bignum_fsum(xxprime, zzprime); + Hacl_Bignum_fdifference(zzprime, origxprime); + Hacl_Bignum_Fsquare_fsquare_times(x3, xxprime, (uint32_t)1U); + Hacl_Bignum_Fsquare_fsquare_times(zzzprime, zzprime, (uint32_t)1U); + Hacl_Bignum_fmul(z3, zzzprime, qx); + Hacl_Bignum_Fsquare_fsquare_times(xx0, x, (uint32_t)1U); + Hacl_Bignum_Fsquare_fsquare_times(zz0, z, (uint32_t)1U); + zzz = buf + (uint32_t)10U; + xx = buf + (uint32_t)15U; + zz = buf + (uint32_t)20U; + Hacl_Bignum_fmul(x2, xx, zz); + Hacl_Bignum_fdifference(zz, xx); + scalar = (uint64_t)121665U; + Hacl_Bignum_fscalar(zzz, zz, scalar); + Hacl_Bignum_fsum(zzz, xx); + Hacl_Bignum_fmul(z2, zzz, zz); +} + +static void +Hacl_EC_Ladder_SmallLoop_cmult_small_loop_step( + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint8_t byt +) +{ + uint64_t bit0 = (uint64_t)(byt >> (uint32_t)7U); + uint64_t bit; + Hacl_EC_Point_swap_conditional(nq, nqpq, bit0); + Hacl_EC_AddAndDouble_fmonty(nq2, nqpq2, nq, nqpq, q); + bit = (uint64_t)(byt >> (uint32_t)7U); + Hacl_EC_Point_swap_conditional(nq2, nqpq2, bit); +} + +static void +Hacl_EC_Ladder_SmallLoop_cmult_small_loop_double_step( + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint8_t byt +) +{ + uint8_t byt1; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop_step(nq, nqpq, nq2, nqpq2, q, byt); + byt1 = byt << (uint32_t)1U; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop_step(nq2, nqpq2, nq, nqpq, q, byt1); +} + +static void +Hacl_EC_Ladder_SmallLoop_cmult_small_loop( + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint8_t byt, + uint32_t i +) +{ + if (!(i == (uint32_t)0U)) + { + uint32_t i_ = i - (uint32_t)1U; + uint8_t byt_; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop_double_step(nq, nqpq, nq2, nqpq2, q, byt); + byt_ = byt << (uint32_t)2U; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop(nq, nqpq, nq2, nqpq2, q, byt_, i_); + } +} + +static void +Hacl_EC_Ladder_BigLoop_cmult_big_loop( + uint8_t *n1, + uint64_t *nq, + uint64_t *nqpq, + uint64_t *nq2, + uint64_t *nqpq2, + uint64_t *q, + uint32_t i +) +{ + if (!(i == (uint32_t)0U)) + { + uint32_t i1 = i - (uint32_t)1U; + uint8_t byte = n1[i1]; + Hacl_EC_Ladder_SmallLoop_cmult_small_loop(nq, nqpq, nq2, nqpq2, q, byte, (uint32_t)4U); + Hacl_EC_Ladder_BigLoop_cmult_big_loop(n1, nq, nqpq, nq2, nqpq2, q, i1); + } +} + +static void Hacl_EC_Ladder_cmult(uint64_t *result, uint8_t *n1, uint64_t *q) +{ + uint64_t point_buf[40U] = { 0U }; + uint64_t *nq = point_buf; + uint64_t *nqpq = point_buf + (uint32_t)10U; + uint64_t *nq2 = point_buf + (uint32_t)20U; + uint64_t *nqpq2 = point_buf + (uint32_t)30U; + Hacl_EC_Point_copy(nqpq, q); + nq[0U] = (uint64_t)1U; + Hacl_EC_Ladder_BigLoop_cmult_big_loop(n1, nq, nqpq, nq2, nqpq2, q, (uint32_t)32U); + Hacl_EC_Point_copy(result, nq); +} + +void Hacl_Curve25519_crypto_scalarmult(uint8_t *mypublic, uint8_t *secret, uint8_t *basepoint) +{ + uint64_t buf0[10U] = { 0U }; + uint64_t *x0 = buf0; + uint64_t *z = buf0 + (uint32_t)5U; + uint64_t *q; + Hacl_EC_Format_fexpand(x0, basepoint); + z[0U] = (uint64_t)1U; + q = buf0; + { + uint8_t e[32U] = { 0U }; + uint8_t e0; + uint8_t e31; + uint8_t e01; + uint8_t e311; + uint8_t e312; + uint8_t *scalar; + memcpy(e, secret, (uint32_t)32U * sizeof secret[0U]); + e0 = e[0U]; + e31 = e[31U]; + e01 = e0 & (uint8_t)248U; + e311 = e31 & (uint8_t)127U; + e312 = e311 | (uint8_t)64U; + e[0U] = e01; + e[31U] = e312; + scalar = e; + { + uint64_t buf[15U] = { 0U }; + uint64_t *nq = buf; + uint64_t *x = nq; + x[0U] = (uint64_t)1U; + Hacl_EC_Ladder_cmult(nq, scalar, q); + Hacl_EC_Format_scalar_of_point(mypublic, nq); + } + } +} + From de4fcf2ae3d9146af902c85308cac1a16c614fef Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 12:41:04 +0100 Subject: [PATCH 1575/2197] ECDH: Add new ECDH context for Everest Curve25519 --- 3rdparty/everest/include/everest/everest.h | 228 +++++++++++++++++++++ 3rdparty/everest/include/everest/x25519.h | 181 ++++++++++++++++ 3rdparty/everest/library/everest.c | 151 ++++++++++++++ 3rdparty/everest/library/x25519.c | 187 +++++++++++++++++ include/mbedtls/config.h | 16 ++ include/mbedtls/ecdh.h | 11 + 6 files changed, 774 insertions(+) create mode 100644 3rdparty/everest/include/everest/everest.h create mode 100644 3rdparty/everest/include/everest/x25519.h create mode 100644 3rdparty/everest/library/everest.c create mode 100644 3rdparty/everest/library/x25519.c diff --git a/3rdparty/everest/include/everest/everest.h b/3rdparty/everest/include/everest/everest.h new file mode 100644 index 000000000..aceeeae69 --- /dev/null +++ b/3rdparty/everest/include/everest/everest.h @@ -0,0 +1,228 @@ +/* + * Interface to code from Project Everest + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org). + */ + +#ifndef MBEDTLS_EVEREST_H +#define MBEDTLS_EVEREST_H + +#ifdef __cplusplus +extern "C" { +#endif + +struct mbedtls_ecdh_context; +typedef struct mbedtls_ecdh_context mbedtls_ecdh_context; + +struct mbedtls_x25519_context_; + +typedef struct { + struct mbedtls_x25519_context_ *ctx; +} mbedtls_ecdh_context_everest; + + +/** + * \brief This function sets up the ECDH context with the information + * given. + * + * This function should be called after mbedtls_ecdh_init() but + * before mbedtls_ecdh_make_params(). There is no need to call + * this function before mbedtls_ecdh_read_params(). + * + * This is the first function used by a TLS server for ECDHE + * ciphersuites. + * + * \param ctx The ECDH context to set up. + * \param grp The group id of the group to set up the context for. + * + * \return \c 0 on success. + */ +int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ); + +/** + * \brief This function frees a context. + * + * \param ctx The context to free. + */ +void mbedtls_everest_free( mbedtls_ecdh_context *ctx ); + +/** + * \brief This function generates a public key and a TLS + * ServerKeyExchange payload. + * + * This is the second function used by a TLS server for ECDHE + * ciphersuites. (It is called after mbedtls_ecdh_setup().) + * + * \note This function assumes that the ECP group (grp) of the + * \p ctx context has already been properly set, + * for example, using mbedtls_ecp_group_load(). + * + * \see ecp.h + * + * \param ctx The ECDH context. + * \param olen The number of characters written. + * \param buf The destination buffer. + * \param blen The length of the destination buffer. + * \param f_rng The RNG function. + * \param p_rng The RNG context. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ); + +/** + * \brief This function parses and processes a TLS ServerKeyExhange + * payload. + * + * This is the first function used by a TLS client for ECDHE + * ciphersuites. + * + * \see ecp.h + * + * \param ctx The ECDH context. + * \param buf The pointer to the start of the input buffer. + * \param end The address for one Byte past the end of the buffer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * + */ +int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, + const unsigned char **buf, const unsigned char *end ); + +/** + * \brief This function parses and processes a TLS ServerKeyExhange + * payload. + * + * This is the first function used by a TLS client for ECDHE + * ciphersuites. + * + * \see ecp.h + * + * \param ctx The ECDH context. + * \param buf The pointer to the start of the input buffer. + * \param end The address for one Byte past the end of the buffer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * + */ +int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, + const unsigned char **buf, const unsigned char *end ); + +/** + * \brief This function sets up an ECDH context from an EC key. + * + * It is used by clients and servers in place of the + * ServerKeyEchange for static ECDH, and imports ECDH + * parameters from the EC key information of a certificate. + * + * \see ecp.h + * + * \param ctx The ECDH context to set up. + * \param key The EC key to use. + * \param side Defines the source of the key: 1: Our key, or + * 0: The key of the peer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * + */ +int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, + int side ); + +/** + * \brief This function generates a public key and a TLS + * ClientKeyExchange payload. + * + * This is the second function used by a TLS client for ECDH(E) + * ciphersuites. + * + * \see ecp.h + * + * \param ctx The ECDH context. + * \param olen The number of Bytes written. + * \param buf The destination buffer. + * \param blen The size of the destination buffer. + * \param f_rng The RNG function. + * \param p_rng The RNG context. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ); + +/** + * \brief This function parses and processes a TLS ClientKeyExchange + * payload. + * + * This is the third function used by a TLS server for ECDH(E) + * ciphersuites. (It is called after mbedtls_ecdh_setup() and + * mbedtls_ecdh_make_params().) + * + * \see ecp.h + * + * \param ctx The ECDH context. + * \param buf The start of the input buffer. + * \param blen The length of the input buffer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen ); + +/** + * \brief This function derives and exports the shared secret. + * + * This is the last function used by both TLS client + * and servers. + * + * \note If \p f_rng is not NULL, it is used to implement + * countermeasures against side-channel attacks. + * For more information, see mbedtls_ecp_mul(). + * + * \see ecp.h + * + * \param ctx The ECDH context. + * \param olen The number of Bytes written. + * \param buf The destination buffer. + * \param blen The length of the destination buffer. + * \param f_rng The RNG function. + * \param p_rng The RNG context. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ); + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_EVEREST_H */ diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h new file mode 100644 index 000000000..e332ff23c --- /dev/null +++ b/3rdparty/everest/include/everest/x25519.h @@ -0,0 +1,181 @@ +/* + * ECDH with curve-optimized implementation multiplexing + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_X25519_H +#define MBEDTLS_X25519_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define MBEDTLS_ECP_TLS_CURVE25519 0x1d + +/** + * \brief The x25519 context structure. + */ +typedef struct mbedtls_x25519_context_ { + unsigned char our_secret[32]; + unsigned char peer_point[32]; +} mbedtls_x25519_context; + +/** + * \brief This function initializes an x25519 context. + * + * \param ctx The x25519 context to initialize. + */ +void mbedtls_x25519_init( mbedtls_x25519_context *ctx ); + +/** + * \brief This function frees a context. + * + * \param ctx The context to free. + */ +void mbedtls_x25519_free( mbedtls_x25519_context *ctx ); + +/** + * \brief This function generates a public key and a TLS + * ServerKeyExchange payload. + * + * This is the first function used by a TLS server for x25519. + * + * + * \param ctx The x25519 context. + * \param olen The number of characters written. + * \param buf The destination buffer. + * \param blen The length of the destination buffer. + * \param f_rng The RNG function. + * \param p_rng The RNG context. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief This function parses and processes a TLS ServerKeyExchange + * payload. + * + * + * \param ctx The x25519 context. + * \param buf The pointer to the start of the input buffer. + * \param end The address for one Byte past the end of the buffer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * + */ +int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, + const unsigned char **buf, const unsigned char *end ); + +/** + * \brief This function sets up an x25519 context from an EC key. + * + * It is used by clients and servers in place of the + * ServerKeyEchange for static ECDH, and imports ECDH + * parameters from the EC key information of a certificate. + * + * \see ecp.h + * + * \param ctx The x25519 context to set up. + * \param key The EC key to use. + * \param side Defines the source of the key: 1: Our key, or + * 0: The key of the peer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * + */ +int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key, + int side ); + +/** + * \brief This function derives and exports the shared secret. + * + * This is the last function used by both TLS client + * and servers. + * + * + * \param ctx The x25519 context. + * \param olen The number of Bytes written. + * \param buf The destination buffer. + * \param blen The length of the destination buffer. + * \param f_rng The RNG function. + * \param p_rng The RNG context. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_x25519_calc_secret( mbedtls_x25519_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief This function generates a public key and a TLS + * ClientKeyExchange payload. + * + * This is the second function used by a TLS client for x25519. + * + * \see ecp.h + * + * \param ctx The x25519 context. + * \param olen The number of Bytes written. + * \param buf The destination buffer. + * \param blen The size of the destination buffer. + * \param f_rng The RNG function. + * \param p_rng The RNG context. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief This function parses and processes a TLS ClientKeyExchange + * payload. + * + * This is the second function used by a TLS server for x25519. + * + * \see ecp.h + * + * \param ctx The x25519 context. + * \param buf The start of the input buffer. + * \param blen The length of the input buffer. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + */ +int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, + const unsigned char *buf, size_t blen ); + +#ifdef __cplusplus +} +#endif + +#endif /* x25519.h */ diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c new file mode 100644 index 000000000..2b7861de6 --- /dev/null +++ b/3rdparty/everest/library/everest.c @@ -0,0 +1,151 @@ +/* + * Interface to code from Project Everest + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org). + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include + +#include "mbedtls/ecdh.h" + +#include "everest/x25519.h" +#include "everest/everest.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ) +{ + if( grp != MBEDTLS_ECP_DP_CURVE25519 ) + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + + ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; + ctx->grp_id = grp; + + ctx->ctx.everest_ecdh.ctx = mbedtls_calloc( 1, sizeof( mbedtls_x25519_context ) ); + mbedtls_x25519_init( ctx->ctx.everest_ecdh.ctx ); + + return 0; +} + +void mbedtls_everest_free( mbedtls_ecdh_context *ctx ) +{ + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + + mbedtls_x25519_free( x25519_ctx ); + mbedtls_free( x25519_ctx ); + + ctx->var = MBEDTLS_ECDH_VARIANT_NONE; + ctx->grp_id = MBEDTLS_ECP_DP_NONE; +} + +int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ) +{ + int ret = 0; + size_t grp_len; + mbedtls_ecp_group grp; + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + + mbedtls_ecp_group_init( &grp ); + + if( ( ret = mbedtls_x25519_make_params( x25519_ctx, olen, buf, blen, f_rng, p_rng ) ) != 0 ) + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + + mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE25519 ); + ret = mbedtls_ecp_tls_write_group( &grp, &grp_len, buf, blen ); + mbedtls_ecp_group_free( &grp ); + if (ret != 0) + return( ret ); + + buf += grp_len; + blen -= grp_len; + + if( blen < 32 ) + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + + memcpy( x25519_ctx->peer_point, buf, 32 ); + *olen = grp_len + 1 + 32; + return( ret ); +} + +int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, + const unsigned char **buf, const unsigned char *end ) +{ + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + return mbedtls_x25519_read_params( x25519_ctx, buf, end ); +} + +int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, + int side ) +{ + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + return mbedtls_x25519_get_params( x25519_ctx, key, side ); +} + +int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ) +{ + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + return mbedtls_x25519_make_public( x25519_ctx, olen, buf, blen, f_rng, p_rng ); +} + +int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen ) +{ + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + return mbedtls_x25519_read_public ( x25519_ctx, buf, blen ); +} + +int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )( void *, unsigned char *, size_t ), + void *p_rng ) +{ + mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; + mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + return mbedtls_x25519_calc_secret( x25519_ctx, olen, buf, blen, f_rng, p_rng ); +} diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c new file mode 100644 index 000000000..72cab6bbe --- /dev/null +++ b/3rdparty/everest/library/x25519.c @@ -0,0 +1,187 @@ +/* + * ECDH with curve-optimized implementation multiplexing + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_ECDH_C) + +#include +#include + +#include "x25519.h" + +#include + +/* + * Initialize context + */ +void mbedtls_x25519_init( mbedtls_x25519_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_x25519_context ) ); +} + +/* + * Free context + */ +void mbedtls_x25519_free( mbedtls_x25519_context *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_platform_zeroize( ctx->our_secret, 32 ); + mbedtls_platform_zeroize( ctx->peer_point, 32 ); +} + +int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret = 0; + + uint8_t base[32] = {0}; + + if( ( ret = f_rng( p_rng, ctx->our_secret, 32 ) ) != 0 ) + return ret; + + *olen = 36; + if( blen < *olen ) + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + + *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE; + *buf++ = MBEDTLS_ECP_TLS_CURVE25519 >> 8; + *buf++ = MBEDTLS_ECP_TLS_CURVE25519 & 0xFF; + *buf++ = 32; + + base[0] = 9; + Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, base ); + + base[0] = 0; + if( memcmp( buf, base, 32) == 0 ) + return MBEDTLS_ERR_ECP_RANDOM_FAILED; + + return( 0 ); +} + +int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, + const unsigned char **buf, const unsigned char *end ) +{ + if( end - *buf < 33 ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + + if( ( *(*buf)++ != 32 ) ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + + memcpy( ctx->peer_point, *buf, 32 ); + *buf += 32; + return( 0 ); +} + +int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key, + int side ) +{ + size_t olen = 0; + + switch( side ) { + case MBEDTLS_ECDH_THEIRS: + mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, 32 ); + /* untested; defensively throw an error for now. */ + return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); + case MBEDTLS_ECDH_OURS: + mbedtls_mpi_write_binary( &key->d, ctx->our_secret, 32 ); + /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */ + /* untested; defensively throw an error for now. */ + return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + default: + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } +} + +int mbedtls_x25519_calc_secret( mbedtls_x25519_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )(void *, unsigned char *, size_t), + void *p_rng ) +{ + /* CMW: Is it okay that f_rng, p_rng are not used? */ + (( void )f_rng); + (( void )p_rng); + + *olen = 32; + + if( blen < *olen ) + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + + Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, ctx->peer_point); + + /* Wipe the DH secret and don't let the peer chose a small subgroup point */ + memset( ctx->our_secret, 0, 32 ); + if( memcmp( buf, ctx->our_secret, 32) == 0 ) + return MBEDTLS_ERR_ECP_RANDOM_FAILED; + + return( 0 ); +} + +int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int( *f_rng )(void *, unsigned char *, size_t), + void *p_rng ) +{ + unsigned char base[32] = { 0 }; + + /* CMW: Is it okay that f_rng, p_rng are not used? */ + (( void )f_rng); + (( void )p_rng); + + if( ctx == NULL ) + return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + + *olen = 33; + if( blen < *olen ) + return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL); + *buf++ = 32; + + base[0] = 9; + Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, base ); + + base[0] = 0; + if( memcmp( buf, base, 32 ) == 0 ) + return MBEDTLS_ERR_ECP_RANDOM_FAILED; + + return(0); +} + +int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, + const unsigned char *buf, size_t blen ) +{ + if( blen < 33 ) + return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL); + if( (*buf++ != 32) ) + return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + memcpy( ctx->peer_point, buf, 32 ); + return(0); +} + + +#endif /* MBEDTLS_ECDH_C */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index e202cb49b..155a085b8 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2078,6 +2078,22 @@ */ //#define MBEDTLS_PLATFORM_GMTIME_R_ALT +/* + * \def MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + * + * Enable the verified implementations of crypto primitives + * from Project Everest (currently only Curve25519). + * This feature breaks ECDH backward compatibility (see also + * MBEDTLS_ECDH_LEGACY_CONTEXT). + * + */ +#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + +/* \} name SECTION: Customisation configuration options */ + +/* Target and application specific configurations */ +//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h" + /* \} name SECTION: Customisation configuration options */ /* Target and application specific configurations diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index d870a5bd5..4bb704bc5 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -42,6 +42,11 @@ #include "mbedtls/ecp.h" +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) +#undef MBEDTLS_ECDH_LEGACY_CONTEXT +#include "everest/everest.h" +#endif + #ifdef __cplusplus extern "C" { #endif @@ -66,6 +71,9 @@ typedef enum { MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */ MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */ +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + MBEDTLS_ECDH_VARIANT_EVEREST /*!< Everest implementation */ +#endif } mbedtls_ecdh_variant; /** @@ -119,6 +127,9 @@ typedef struct mbedtls_ecdh_context union { mbedtls_ecdh_context_mbed mbed_ecdh; +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + mbedtls_ecdh_context_everest everest_ecdh; +#endif } ctx; /*!< Implementation-specific context. The context in use is specified by the \c var field. */ From d5fd766c49ec91cff3eb3139d2501bddd9b1fd88 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 12:47:03 +0100 Subject: [PATCH 1576/2197] ECDH: Include Everest Curve25519 in build scripts --- 3rdparty/everest/.gitignore | 1 + CMakeLists.txt | 2 +- include/CMakeLists.txt | 3 ++- library/CMakeLists.txt | 9 +++++++++ library/Makefile | 14 +++++++++++++- programs/Makefile | 2 ++ tests/Makefile | 2 ++ 7 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 3rdparty/everest/.gitignore diff --git a/3rdparty/everest/.gitignore b/3rdparty/everest/.gitignore new file mode 100644 index 000000000..5761abcfd --- /dev/null +++ b/3rdparty/everest/.gitignore @@ -0,0 +1 @@ +*.o diff --git a/CMakeLists.txt b/CMakeLists.txt index 6115f0588..f756d4331 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -176,7 +176,7 @@ else() set(LIB_INSTALL_DIR lib) endif() -include_directories(include/) +include_directories(include/ 3rdparty/everest/include/ 3rdparty/everest/include/everest/ 3rdparty/everest/include/everest/kremlin/ 3rdparty/everest/include/everest/kremlib/) include_directories(library/) add_subdirectory(library) diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 02f924df4..727fa210c 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -4,8 +4,9 @@ if(INSTALL_MBEDTLS_HEADERS) file(GLOB headers "mbedtls/*.h") file(GLOB psa_headers "psa/*.h") + file(GLOB everest_headers "../3rdparty/everest/include/*.h") - install(FILES ${headers} + install(FILES ${headers} ${everest_headers} DESTINATION include/mbedtls PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index b1f1fb34c..009fb3e74 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -94,6 +94,15 @@ set(src_crypto ) endif() +set(src_everest + ../3rdparty/everest/library/everest.c + ../3rdparty/everest/library/Hacl_Curve25519.c + ../3rdparty/everest/library/x25519.c + ../3rdparty/everest/library/kremlib/fstar_uint128.c + ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c +) + +set(src_crypto ${src_crypto} ${src_everest}) if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") endif(CMAKE_COMPILER_IS_GNUCC) diff --git a/library/Makefile b/library/Makefile index 736ce09b2..58ecb0c27 100644 --- a/library/Makefile +++ b/library/Makefile @@ -19,6 +19,9 @@ endif # To compile on Plan9: # CFLAGS += -D_BSD_EXTENSION +# Include directories for Everest code +CFLAGS+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib + # if were running on Windows build for Windows ifdef WINDOWS WINDOWS_BUILD=1 @@ -101,6 +104,13 @@ OBJS_CRYPTO += version.o OBJS_CRYPTO += version_features.o endif +OBJS_CRYPTO+= \ + ../3rdparty/everest/library/everest.o \ + ../3rdparty/everest/library/Hacl_Curve25519.o \ + ../3rdparty/everest/library/x25519.o \ + ../3rdparty/everest/library/kremlib/fstar_uint128.o \ + ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o + .SILENT: .PHONY: all static shared clean @@ -148,8 +158,10 @@ libmbedcrypto.dll: $(OBJS_CRYPTO) clean: ifndef WINDOWS - rm -f *.o libmbed* + rm -f *.o libmbed* $(OBJS_CRYPTO) else if exist *.o del /Q /F *.o if exist libmbed* del /Q /F libmbed* + if exist $(OBJS_CRYPTO) del /Q /F $(OBJS_CRYPTO) endif + diff --git a/programs/Makefile b/programs/Makefile index 1a69b7469..871b75b77 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -11,6 +11,8 @@ LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ -lmbedcrypto$(SHARED_SUFFIX) +LOCAL_CFLAGS+=-I../3rdparty/everest/include + ifndef SHARED DEP=../library/libmbedcrypto.a else diff --git a/tests/Makefile b/tests/Makefile index 6b72523eb..00a14bc21 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -10,6 +10,8 @@ LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -I../library -D_FILE_OFFSET_ LOCAL_LDFLAGS = -L../library \ -lmbedcrypto$(SHARED_SUFFIX) +LOCAL_CFLAGS+=-I../3rdparty/everest/include + # Enable definition of various functions used throughout the testsuite # (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless # on non-POSIX platforms. From 696dedaed695a82a5f12f6af4150e2e458cde5a9 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 12:47:18 +0100 Subject: [PATCH 1577/2197] ECDH: Add new (non-legacy) ECDH benchmark --- programs/test/benchmark.c | 47 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 2b8656692..4282276f5 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -97,7 +97,7 @@ int main( void ) /* * Size to use for the alloc buffer if MEMORY_BUFFER_ALLOC_C is defined. */ -#define HEAP_SIZE (1u << 16) // 64k +#define HEAP_SIZE (1u << 16) /* 64k */ #define BUFSIZE 1024 #define HEADER_FORMAT " %-24s : " @@ -988,6 +988,51 @@ int main( int argc, char *argv[] ) } #endif +#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + if( todo.ecdh ) + { + mbedtls_ecdh_context ecdh_srv, ecdh_cli; + unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE]; + const mbedtls_ecp_curve_info * curve_list = mbedtls_ecp_curve_list(); + const mbedtls_ecp_curve_info *curve_info; + size_t olen; + + for( curve_info = curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++ ) + { + mbedtls_ecdh_init( &ecdh_srv ); + mbedtls_ecdh_init( &ecdh_cli ); + mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ); + mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ); + + if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 && ( + mbedtls_ecp_group_load( &ecdh_srv.ctx.mbed_ecdh.grp, curve_info->grp_id ) != 0 || + mbedtls_ecdh_gen_public( &ecdh_srv.ctx.mbed_ecdh.grp, + &ecdh_srv.ctx.mbed_ecdh.d, + &ecdh_srv.ctx.mbed_ecdh.Q, myrand, NULL ) != 0 )) + mbedtls_exit( 1 ); + + mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); + TIME_PUBLIC( title, "handshake", + const unsigned char * p_srv = buf_srv; + ret |= mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ); + + ret |= mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ); + ret |= mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ); + + ret |= mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ); + ret |= mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ); + + ret |= mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ); + ); + + mbedtls_ecdh_free( &ecdh_srv ); + mbedtls_ecdh_free( &ecdh_cli ); + } + } +#endif + mbedtls_printf( "\n" ); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) From c9f737b4ba075435c6a27f6fff2631762a487c99 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 13:03:05 +0100 Subject: [PATCH 1578/2197] ECDH: Enable Everest Curve25519 in ECDH/ECDSA/ECP --- library/ecdh.c | 40 +++++++++++++++++++++++++++++++++++++++- library/ecdsa.c | 6 ++++-- library/ecp.c | 3 +++ 3 files changed, 46 insertions(+), 3 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index eecae9131..be3637466 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -47,6 +47,10 @@ #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; +#else +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) +#include "everest/everest.h" +#endif #endif static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( @@ -215,6 +219,11 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) #else switch( grp_id ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: + return( mbedtls_everest_setup( ctx, grp_id ) ); +#endif + break; default: ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; @@ -266,6 +275,11 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + mbedtls_everest_free( ctx ); + break; +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: ecdh_free_internal( &ctx->ctx.mbed_ecdh ); break; @@ -331,7 +345,7 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, } /* - * Setup and write the ServerKeyExhange parameters (RFC 4492) + * Setup and write the ServerKeyExchange parameters (RFC 4492) * struct { * ECParameters curve_params; * ECPoint public; @@ -360,6 +374,10 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + return( mbedtls_everest_make_params( ctx, olen, buf, blen, f_rng, p_rng ) ); +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen, ctx->point_format, buf, blen, @@ -409,6 +427,10 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + return( mbedtls_everest_read_params( ctx, buf, end) ); +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh, buf, end ) ); @@ -473,6 +495,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + return( mbedtls_everest_get_params( ctx, key, side ) ); +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh, key, side ) ); @@ -544,6 +570,10 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + return( mbedtls_everest_make_public( ctx, olen, buf, blen, f_rng, p_rng ) ); +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen, ctx->point_format, buf, blen, @@ -585,6 +615,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + return( mbedtls_everest_read_public( ctx, buf, blen ) ); +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh, buf, blen ) ); @@ -667,6 +701,10 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, #else switch( ctx->var ) { +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + case MBEDTLS_ECDH_VARIANT_EVEREST: + return( mbedtls_everest_calc_secret( ctx, olen, buf, blen, f_rng, p_rng ) ); +#endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf, blen, f_rng, p_rng, diff --git a/library/ecdsa.c b/library/ecdsa.c index 58e1a5fce..6411a5e19 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -263,8 +263,10 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *pk = &k, *pr = r; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( grp->N.p == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if( grp->id == MBEDTLS_ECP_DP_CURVE25519 || + grp->id == MBEDTLS_ECP_DP_CURVE448 || + grp->N.p == NULL ) + return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); /* Make sure d is in range 1..n-1 */ if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) diff --git a/library/ecp.c b/library/ecp.c index 38040479a..1420f22cb 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -409,6 +409,9 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] = #endif #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) { MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" }, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + { MBEDTLS_ECP_DP_CURVE25519, 0x001D, 256, "x25519" }, #endif { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; From 6817b9e81955eaf77f99b0ea8283bcd4d2289832 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 25 Oct 2018 13:12:05 +0100 Subject: [PATCH 1579/2197] ECDH: Add #ifdef filter to tests/scripts/list-enum-consts.pl This allows the use of #ifdef ... #endif in enum definitions (e.g., mbedtls_ecdh_variant in ecdh.h). --- tests/scripts/list-enum-consts.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl index 21c25b33e..ebd9b7ebc 100755 --- a/tests/scripts/list-enum-consts.pl +++ b/tests/scripts/list-enum-consts.pl @@ -22,7 +22,7 @@ while (<>) $state = 'in'; } elsif( $state eq 'in' and /}/ ) { $state = 'out'; - } elsif( $state eq 'in' ) { + } elsif( $state eq 'in' and not (/^#if/ or /#endif/)) { s/=.*//; s!/\*.*!!; s/,.*//; s/\s+//g; chomp; push @consts, $_ if $_; } From 65bab9772e75e8c26232c20f220416cb9a50ec6a Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 6 Dec 2018 17:15:12 +0000 Subject: [PATCH 1580/2197] ECDH: Rename full handshake benchmark --- programs/test/benchmark.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 programs/test/benchmark.c diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c old mode 100644 new mode 100755 index 4282276f5..a7a01074c --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1014,7 +1014,7 @@ int main( int argc, char *argv[] ) mbedtls_exit( 1 ); mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); - TIME_PUBLIC( title, "handshake", + TIME_PUBLIC( title, "full handshake", const unsigned char * p_srv = buf_srv; ret |= mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ); From 78c9c461cff9232cef326bd8213ccbc80595d0c1 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 6 Dec 2018 17:16:32 +0000 Subject: [PATCH 1581/2197] ECDH: Fix typo in ecdh.c --- library/ecdh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 library/ecdh.c diff --git a/library/ecdh.c b/library/ecdh.c old mode 100644 new mode 100755 index be3637466..b0367ec15 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -222,8 +222,8 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECP_DP_CURVE25519: return( mbedtls_everest_setup( ctx, grp_id ) ); -#endif break; +#endif default: ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; From fba94e97264d33e896dcac80b963579e7f2c3be9 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 6 Dec 2018 17:18:24 +0000 Subject: [PATCH 1582/2197] ECDH: Fix error code in mbedtls_ecdsa_sign --- library/ecdsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 library/ecdsa.c diff --git a/library/ecdsa.c b/library/ecdsa.c old mode 100644 new mode 100755 index 6411a5e19..2daabeedf --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -266,7 +266,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, if( grp->id == MBEDTLS_ECP_DP_CURVE25519 || grp->id == MBEDTLS_ECP_DP_CURVE448 || grp->N.p == NULL ) - return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* Make sure d is in range 1..n-1 */ if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) From fb72367f960d2d4ae48997e308e3b359631841b7 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 6 Dec 2018 17:23:07 +0000 Subject: [PATCH 1583/2197] ECDH: Remove old code from mbedtls_everest_make_params --- 3rdparty/everest/library/everest.c | 29 ++--------------------------- 1 file changed, 2 insertions(+), 27 deletions(-) mode change 100644 => 100755 3rdparty/everest/library/everest.c diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c old mode 100644 new mode 100755 index 2b7861de6..da1e426f9 --- a/3rdparty/everest/library/everest.c +++ b/3rdparty/everest/library/everest.c @@ -70,35 +70,10 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - int ret = 0; - size_t grp_len; - mbedtls_ecp_group grp; mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) - return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - - mbedtls_ecp_group_init( &grp ); - - if( ( ret = mbedtls_x25519_make_params( x25519_ctx, olen, buf, blen, f_rng, p_rng ) ) != 0 ) - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - - mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE25519 ); - ret = mbedtls_ecp_tls_write_group( &grp, &grp_len, buf, blen ); - mbedtls_ecp_group_free( &grp ); - if (ret != 0) - return( ret ); - - buf += grp_len; - blen -= grp_len; - - if( blen < 32 ) - return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; - - memcpy( x25519_ctx->peer_point, buf, 32 ); - *olen = grp_len + 1 + 32; - return( ret ); + if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + return mbedtls_x25519_make_params( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, From 86e36c4c2b6ccc6053afa2657ccb5659edf9af6a Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 6 Dec 2018 17:27:31 +0000 Subject: [PATCH 1584/2197] ECDH: Replace hex literal with decimal in ecp.c --- library/ecp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 library/ecp.c diff --git a/library/ecp.c b/library/ecp.c old mode 100644 new mode 100755 index 1420f22cb..c7f54a195 --- a/library/ecp.c +++ b/library/ecp.c @@ -411,7 +411,7 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] = { MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" }, #endif #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - { MBEDTLS_ECP_DP_CURVE25519, 0x001D, 256, "x25519" }, + { MBEDTLS_ECP_DP_CURVE25519, 29, 256, "x25519" }, #endif { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; From 6acfbb52d77acc6f119610a1d4debaeaed1d3423 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 7 Dec 2018 13:19:53 +0000 Subject: [PATCH 1585/2197] ECDH: Add #ifdef to cleanly disable the Everest code --- 3rdparty/everest/library/everest.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c index da1e426f9..2b111af00 100755 --- a/3rdparty/everest/library/everest.c +++ b/3rdparty/everest/library/everest.c @@ -39,6 +39,8 @@ #define mbedtls_free free #endif +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ) { if( grp != MBEDTLS_ECP_DP_CURVE25519 ) @@ -124,3 +126,5 @@ int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; return mbedtls_x25519_calc_secret( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } + +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ \ No newline at end of file From 79acf95199310cbbdc99be845717a141108478df Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 7 Dec 2018 13:32:59 +0000 Subject: [PATCH 1586/2197] ECDH: Improve ECDH full handshake benchmark --- programs/test/benchmark.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index a7a01074c..ba2c9370a 100755 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -988,7 +988,7 @@ int main( int argc, char *argv[] ) } #endif -#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) +#if defined(MBEDTLS_ECDH_C) if( todo.ecdh ) { mbedtls_ecdh_context ecdh_srv, ecdh_cli; @@ -1006,11 +1006,18 @@ int main( int argc, char *argv[] ) mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ); mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ); +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + if (mbedtls_ecp_group_load(&ecdh_srv.grp, curve_info->grp_id) != 0 || + mbedtls_ecdh_gen_public(&ecdh_srv.grp, + &ecdh_srv.d, + &ecdh_srv.Q, myrand, NULL) != 0) +#else if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 && ( mbedtls_ecp_group_load( &ecdh_srv.ctx.mbed_ecdh.grp, curve_info->grp_id ) != 0 || mbedtls_ecdh_gen_public( &ecdh_srv.ctx.mbed_ecdh.grp, &ecdh_srv.ctx.mbed_ecdh.d, &ecdh_srv.ctx.mbed_ecdh.Q, myrand, NULL ) != 0 )) +#endif mbedtls_exit( 1 ); mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); From 48d26c21c61c3f0e1c4ca38035366f8ae968401b Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 6 Dec 2018 18:59:19 +0000 Subject: [PATCH 1587/2197] ECDH: Add Everest Curve25519 to VS project files This being the first 3rdparty-contribution, we may want to consider the structure of the project file generation scripts. Perhaps add small, constribution-specific scripts to each directory in 3rdparty instead of adding all constraints to generate_visualc_files.pl? --- .../data_files/vs2010-app-template.vcxproj | 8 +++--- .../data_files/vs2010-main-template.vcxproj | 16 ++++++------ scripts/generate_visualc_files.pl | 19 +++++++++++--- visualc/VS2010/aescrypt2.vcxproj | 8 +++--- visualc/VS2010/benchmark.vcxproj | 8 +++--- visualc/VS2010/crypt_and_hash.vcxproj | 8 +++--- visualc/VS2010/crypto_examples.vcxproj | 8 +++--- visualc/VS2010/dh_genprime.vcxproj | 8 +++--- visualc/VS2010/ecdh_curve25519.vcxproj | 8 +++--- visualc/VS2010/ecdsa.vcxproj | 8 +++--- visualc/VS2010/gen_entropy.vcxproj | 8 +++--- visualc/VS2010/gen_key.vcxproj | 8 +++--- visualc/VS2010/gen_random_ctr_drbg.vcxproj | 8 +++--- visualc/VS2010/gen_random_havege.vcxproj | 8 +++--- visualc/VS2010/generic_sum.vcxproj | 8 +++--- visualc/VS2010/hello.vcxproj | 8 +++--- visualc/VS2010/key_app.vcxproj | 8 +++--- visualc/VS2010/key_app_writer.vcxproj | 8 +++--- visualc/VS2010/key_ladder_demo.vcxproj | 8 +++--- visualc/VS2010/mbedTLS.vcxproj | 26 +++++++++++++------ visualc/VS2010/mpi_demo.vcxproj | 8 +++--- visualc/VS2010/pem2der.vcxproj | 8 +++--- visualc/VS2010/pk_decrypt.vcxproj | 8 +++--- visualc/VS2010/pk_encrypt.vcxproj | 8 +++--- visualc/VS2010/pk_sign.vcxproj | 8 +++--- visualc/VS2010/pk_verify.vcxproj | 8 +++--- visualc/VS2010/psa_constant_names.vcxproj | 8 +++--- .../VS2010/query_compile_time_config.vcxproj | 8 +++--- visualc/VS2010/rsa_decrypt.vcxproj | 8 +++--- visualc/VS2010/rsa_encrypt.vcxproj | 8 +++--- visualc/VS2010/rsa_genkey.vcxproj | 8 +++--- visualc/VS2010/rsa_sign.vcxproj | 8 +++--- visualc/VS2010/rsa_sign_pss.vcxproj | 8 +++--- visualc/VS2010/rsa_verify.vcxproj | 8 +++--- visualc/VS2010/rsa_verify_pss.vcxproj | 8 +++--- visualc/VS2010/selftest.vcxproj | 8 +++--- visualc/VS2010/strerror.vcxproj | 8 +++--- visualc/VS2010/zeroize.vcxproj | 8 +++--- 38 files changed, 182 insertions(+), 159 deletions(-) diff --git a/scripts/data_files/vs2010-app-template.vcxproj b/scripts/data_files/vs2010-app-template.vcxproj index 1db7ee42a..5480a445c 100644 --- a/scripts/data_files/vs2010-app-template.vcxproj +++ b/scripts/data_files/vs2010-app-template.vcxproj @@ -93,7 +93,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -113,7 +113,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -135,7 +135,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -155,7 +155,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/scripts/data_files/vs2010-main-template.vcxproj b/scripts/data_files/vs2010-main-template.vcxproj index 773b58a33..7071cd28a 100644 --- a/scripts/data_files/vs2010-main-template.vcxproj +++ b/scripts/data_files/vs2010-main-template.vcxproj @@ -85,8 +85,8 @@ Level3 Disabled - WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib CompileAsC @@ -100,8 +100,8 @@ Level3 Disabled - WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib CompileAsC @@ -117,8 +117,8 @@ MaxSpeed true true - WIN32;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN32;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Windows @@ -135,8 +135,8 @@ MaxSpeed true true - WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Windows diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 42f302428..5d07b885c 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -22,6 +22,8 @@ my $programs_dir = 'programs'; my $mbedtls_header_dir = 'include/mbedtls'; my $psa_header_dir = 'include/psa'; my $source_dir = 'library'; +my $everest_header_dir = '3rdparty/everest/include/everest'; +my @everest_source_dirs = ('3rdparty/everest/library', '3rdparty/everest/library/kremlib', '3rdparty/everest/library/vs2010'); # Need windows line endings! my $vsx_hdr_tpl = <; + my @everest_sources = (); + foreach my $d (@everest_source_dirs) { push @everest_sources, <$d/*.c>; } + @everest_sources = grep !/3rdparty\/everest\/library\/Hacl_Curve25519.c/, @everest_sources; + map { s!/!\\!g } @everest_headers; + map { s!/!\\!g } @everest_sources; + gen_app_files( @app_list ); gen_main_file( \@mbedtls_headers, \@psa_headers, \@source_headers, - \@sources, $vsx_hdr_tpl, $vsx_src_tpl, - $vsx_main_tpl_file, $vsx_main_file ); + \@everest_headers, \@sources, \@everest_sources, $vsx_hdr_tpl, + $vsx_src_tpl, $vsx_main_tpl_file, $vsx_main_file ); gen_vsx_solution( @app_list ); diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj index 63a124aee..f900580a2 100644 --- a/visualc/VS2010/aescrypt2.vcxproj +++ b/visualc/VS2010/aescrypt2.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj index ffbd1ad4d..e77d4b99e 100644 --- a/visualc/VS2010/benchmark.vcxproj +++ b/visualc/VS2010/benchmark.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj index fb7ef77d1..1f7db3014 100644 --- a/visualc/VS2010/crypt_and_hash.vcxproj +++ b/visualc/VS2010/crypt_and_hash.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj index 2fa23a7f9..9df713bdb 100644 --- a/visualc/VS2010/crypto_examples.vcxproj +++ b/visualc/VS2010/crypto_examples.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj index fdd6c6fdf..9b2f9f90d 100644 --- a/visualc/VS2010/dh_genprime.vcxproj +++ b/visualc/VS2010/dh_genprime.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj index 748b6d121..7e668eac1 100644 --- a/visualc/VS2010/ecdh_curve25519.vcxproj +++ b/visualc/VS2010/ecdh_curve25519.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj index 03418d082..cf59d45eb 100644 --- a/visualc/VS2010/ecdsa.vcxproj +++ b/visualc/VS2010/ecdsa.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj index 89b41c081..08d23f574 100644 --- a/visualc/VS2010/gen_entropy.vcxproj +++ b/visualc/VS2010/gen_entropy.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj index c8ea11f42..bd44e9775 100644 --- a/visualc/VS2010/gen_key.vcxproj +++ b/visualc/VS2010/gen_key.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj index 64200afbe..338a92835 100644 --- a/visualc/VS2010/gen_random_ctr_drbg.vcxproj +++ b/visualc/VS2010/gen_random_ctr_drbg.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_random_havege.vcxproj b/visualc/VS2010/gen_random_havege.vcxproj index 70c8138a0..31d09d4c1 100644 --- a/visualc/VS2010/gen_random_havege.vcxproj +++ b/visualc/VS2010/gen_random_havege.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj index 21bd90f62..4ed977a70 100644 --- a/visualc/VS2010/generic_sum.vcxproj +++ b/visualc/VS2010/generic_sum.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj index b5f6eb005..71a13dd58 100644 --- a/visualc/VS2010/hello.vcxproj +++ b/visualc/VS2010/hello.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj index 0fc246a8f..3d8d45735 100644 --- a/visualc/VS2010/key_app.vcxproj +++ b/visualc/VS2010/key_app.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj index e4ef62b04..b17a485dc 100644 --- a/visualc/VS2010/key_app_writer.vcxproj +++ b/visualc/VS2010/key_app_writer.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj index b8fe6a09b..4b419afec 100644 --- a/visualc/VS2010/key_ladder_demo.vcxproj +++ b/visualc/VS2010/key_ladder_demo.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 2db9a162e..fade3d1a2 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -85,8 +85,8 @@ Level3 Disabled - WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib CompileAsC @@ -100,8 +100,8 @@ Level3 Disabled - WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib CompileAsC @@ -117,8 +117,8 @@ MaxSpeed true true - WIN32;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN32;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Windows @@ -135,8 +135,8 @@ MaxSpeed true true - WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;%(PreprocessorDefinitions) - ../../include + WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Windows @@ -228,6 +228,10 @@ + + + + @@ -296,6 +300,12 @@ + + + + + + diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj index d770d35af..2015cff0e 100644 --- a/visualc/VS2010/mpi_demo.vcxproj +++ b/visualc/VS2010/mpi_demo.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj index 2f1248c5d..45799c1f9 100644 --- a/visualc/VS2010/pem2der.vcxproj +++ b/visualc/VS2010/pem2der.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj index 168adf34b..baf3d7c30 100644 --- a/visualc/VS2010/pk_decrypt.vcxproj +++ b/visualc/VS2010/pk_decrypt.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj index bb09f06aa..38eb66155 100644 --- a/visualc/VS2010/pk_encrypt.vcxproj +++ b/visualc/VS2010/pk_encrypt.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj index 98941f4be..2bbea277a 100644 --- a/visualc/VS2010/pk_sign.vcxproj +++ b/visualc/VS2010/pk_sign.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj index 6d3006e61..8804a9c1c 100644 --- a/visualc/VS2010/pk_verify.vcxproj +++ b/visualc/VS2010/pk_verify.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj index 41cb85b6d..046505a9b 100644 --- a/visualc/VS2010/psa_constant_names.vcxproj +++ b/visualc/VS2010/psa_constant_names.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj index 8e7f07bd0..e95a49f91 100644 --- a/visualc/VS2010/query_compile_time_config.vcxproj +++ b/visualc/VS2010/query_compile_time_config.vcxproj @@ -95,7 +95,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -115,7 +115,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -137,7 +137,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -157,7 +157,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj index ffba32a6a..8ba60e38d 100644 --- a/visualc/VS2010/rsa_decrypt.vcxproj +++ b/visualc/VS2010/rsa_decrypt.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj index 9f5f32784..af8663193 100644 --- a/visualc/VS2010/rsa_encrypt.vcxproj +++ b/visualc/VS2010/rsa_encrypt.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj index 824e3043c..2a6782423 100644 --- a/visualc/VS2010/rsa_genkey.vcxproj +++ b/visualc/VS2010/rsa_genkey.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj index dda4756cd..37bae35b7 100644 --- a/visualc/VS2010/rsa_sign.vcxproj +++ b/visualc/VS2010/rsa_sign.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj index 31da8cade..2dfe7510e 100644 --- a/visualc/VS2010/rsa_sign_pss.vcxproj +++ b/visualc/VS2010/rsa_sign_pss.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj index b78dfc338..ee834de5a 100644 --- a/visualc/VS2010/rsa_verify.vcxproj +++ b/visualc/VS2010/rsa_verify.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj index 220ad2d42..00b4ebe8c 100644 --- a/visualc/VS2010/rsa_verify_pss.vcxproj +++ b/visualc/VS2010/rsa_verify_pss.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj index 1f5e10918..184c3743f 100644 --- a/visualc/VS2010/selftest.vcxproj +++ b/visualc/VS2010/selftest.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj index c3ec8fa74..91c7ff7d2 100644 --- a/visualc/VS2010/strerror.vcxproj +++ b/visualc/VS2010/strerror.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj index dff71d30e..0697ca6fa 100644 --- a/visualc/VS2010/zeroize.vcxproj +++ b/visualc/VS2010/zeroize.vcxproj @@ -94,7 +94,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +114,7 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +136,7 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +156,7 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include + ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console From 4936beb5136e26271247de49588045f71f740806 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 12 Dec 2018 17:26:41 +0000 Subject: [PATCH 1588/2197] ECDH: Clean up the interface to Everest code --- 3rdparty/everest/include/everest/everest.h | 38 +++++++----- 3rdparty/everest/include/everest/x25519.h | 13 +++- 3rdparty/everest/library/everest.c | 70 ++++++++-------------- 3rdparty/everest/library/x25519.c | 8 ++- library/ecdh.c | 35 ++++++++--- 5 files changed, 88 insertions(+), 76 deletions(-) mode change 100644 => 100755 3rdparty/everest/include/everest/everest.h mode change 100644 => 100755 3rdparty/everest/include/everest/x25519.h mode change 100644 => 100755 3rdparty/everest/library/x25519.c diff --git a/3rdparty/everest/include/everest/everest.h b/3rdparty/everest/include/everest/everest.h old mode 100644 new mode 100755 index aceeeae69..58065001f --- a/3rdparty/everest/include/everest/everest.h +++ b/3rdparty/everest/include/everest/everest.h @@ -22,17 +22,23 @@ #ifndef MBEDTLS_EVEREST_H #define MBEDTLS_EVEREST_H +#include "everest/x25519.h" + #ifdef __cplusplus extern "C" { #endif -struct mbedtls_ecdh_context; -typedef struct mbedtls_ecdh_context mbedtls_ecdh_context; - -struct mbedtls_x25519_context_; +/** + * Defines the source of the imported EC key. + */ +typedef enum +{ + MBEDTLS_EVEREST_ECDH_OURS, /**< Our key. */ + MBEDTLS_EVEREST_ECDH_THEIRS, /**< The key of the peer. */ +} mbedtls_everest_ecdh_side; typedef struct { - struct mbedtls_x25519_context_ *ctx; + mbedtls_x25519_context ctx; } mbedtls_ecdh_context_everest; @@ -48,18 +54,18 @@ typedef struct { * ciphersuites. * * \param ctx The ECDH context to set up. - * \param grp The group id of the group to set up the context for. + * \param grp_id The group id of the group to set up the context for. * * \return \c 0 on success. */ -int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ); +int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id ); /** * \brief This function frees a context. * * \param ctx The context to free. */ -void mbedtls_everest_free( mbedtls_ecdh_context *ctx ); +void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx ); /** * \brief This function generates a public key and a TLS @@ -84,7 +90,7 @@ void mbedtls_everest_free( mbedtls_ecdh_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ); @@ -106,7 +112,7 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, const unsigned char **buf, const unsigned char *end ); /** @@ -126,7 +132,7 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, const unsigned char **buf, const unsigned char *end ); /** @@ -147,8 +153,8 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, - int side ); +int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx, const mbedtls_ecp_keypair *key, + mbedtls_everest_ecdh_side side ); /** * \brief This function generates a public key and a TLS @@ -169,7 +175,7 @@ int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_key * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ); @@ -191,7 +197,7 @@ int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx, const unsigned char *buf, size_t blen ); /** @@ -216,7 +222,7 @@ int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ); diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h old mode 100644 new mode 100755 index e332ff23c..cdfb16f53 --- a/3rdparty/everest/include/everest/x25519.h +++ b/3rdparty/everest/include/everest/x25519.h @@ -22,14 +22,21 @@ #ifndef MBEDTLS_X25519_H #define MBEDTLS_X25519_H -#include - #ifdef __cplusplus extern "C" { #endif #define MBEDTLS_ECP_TLS_CURVE25519 0x1d +/** + * Defines the source of the imported EC key. + */ +typedef enum +{ + MBEDTLS_X25519_ECDH_OURS, /**< Our key. */ + MBEDTLS_X25519_ECDH_THEIRS, /**< The key of the peer. */ +} mbedtls_x25519_ecdh_side; + /** * \brief The x25519 context structure. */ @@ -109,7 +116,7 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, * */ int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key, - int side ); + mbedtls_x25519_ecdh_side side ); /** * \brief This function derives and exports the shared secret. diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c index 2b111af00..4b3a799dc 100755 --- a/3rdparty/everest/library/everest.c +++ b/3rdparty/everest/library/everest.c @@ -41,89 +41,69 @@ #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) -int mbedtls_everest_setup( mbedtls_ecdh_context *ctx, int grp ) +int mbedtls_everest_setup( mbedtls_ecdh_context_everest *ctx, int grp_id ) { - if( grp != MBEDTLS_ECP_DP_CURVE25519 ) + if( grp_id != MBEDTLS_ECP_DP_CURVE25519 ) return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - - ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; - ctx->grp_id = grp; - - ctx->ctx.everest_ecdh.ctx = mbedtls_calloc( 1, sizeof( mbedtls_x25519_context ) ); - mbedtls_x25519_init( ctx->ctx.everest_ecdh.ctx ); - + mbedtls_x25519_init( &ctx->ctx ); return 0; } -void mbedtls_everest_free( mbedtls_ecdh_context *ctx ) +void mbedtls_everest_free( mbedtls_ecdh_context_everest *ctx ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - - mbedtls_x25519_free( x25519_ctx ); - mbedtls_free( x25519_ctx ); - - ctx->var = MBEDTLS_ECDH_VARIANT_NONE; - ctx->grp_id = MBEDTLS_ECP_DP_NONE; + mbedtls_x25519_free( &ctx->ctx ); } -int mbedtls_everest_make_params( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_make_params( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } -int mbedtls_everest_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, const unsigned char *end ) +int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, + const unsigned char **buf, + const unsigned char *end ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_read_params( x25519_ctx, buf, end ); } -int mbedtls_everest_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, - int side ) +int mbedtls_everest_get_params( mbedtls_ecdh_context_everest *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_everest_ecdh_side side ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - return mbedtls_x25519_get_params( x25519_ctx, key, side ); + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; + mbedtls_x25519_ecdh_side s = side == MBEDTLS_EVEREST_ECDH_OURS ? + MBEDTLS_X25519_ECDH_OURS : + MBEDTLS_X25519_ECDH_THEIRS; + return mbedtls_x25519_get_params( x25519_ctx, key, s ); } -int mbedtls_everest_make_public( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_make_public( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_make_public( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } -int mbedtls_everest_read_public( mbedtls_ecdh_context *ctx, +int mbedtls_everest_read_public( mbedtls_ecdh_context_everest *ctx, const unsigned char *buf, size_t blen ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_read_public ( x25519_ctx, buf, blen ); } -int mbedtls_everest_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, +int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen, unsigned char *buf, size_t blen, int( *f_rng )( void *, unsigned char *, size_t ), void *p_rng ) { - mbedtls_ecdh_context_everest *everest_ctx = &ctx->ctx.everest_ecdh; - mbedtls_x25519_context *x25519_ctx = ( mbedtls_x25519_context* )everest_ctx->ctx; - if( ctx->var != MBEDTLS_ECDH_VARIANT_EVEREST ) return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + mbedtls_x25519_context *x25519_ctx = &ctx->ctx; return mbedtls_x25519_calc_secret( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c old mode 100644 new mode 100755 index 72cab6bbe..830018c46 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -27,6 +27,8 @@ #if defined(MBEDTLS_ECDH_C) +#include + #include #include @@ -100,16 +102,16 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, } int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_keypair *key, - int side ) + mbedtls_x25519_ecdh_side side ) { size_t olen = 0; switch( side ) { - case MBEDTLS_ECDH_THEIRS: + case MBEDTLS_X25519_ECDH_THEIRS: mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, 32 ); /* untested; defensively throw an error for now. */ return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); - case MBEDTLS_ECDH_OURS: + case MBEDTLS_X25519_ECDH_OURS: mbedtls_mpi_write_binary( &key->d, ctx->our_secret, 32 ); /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */ /* untested; defensively throw an error for now. */ diff --git a/library/ecdh.c b/library/ecdh.c index b0367ec15..fec88d081 100755 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -221,8 +221,12 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECP_DP_CURVE25519: - return( mbedtls_everest_setup( ctx, grp_id ) ); - break; + { + ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; + ctx->grp_id = grp_id; + return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); + } #endif default: ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; @@ -277,7 +281,9 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - mbedtls_everest_free( ctx ); + mbedtls_everest_free( &ctx->ctx.everest_ecdh ); + ctx->var = MBEDTLS_ECDH_VARIANT_NONE; + ctx->grp_id = MBEDTLS_ECP_DP_NONE; break; #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: @@ -376,7 +382,8 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_make_params( ctx, olen, buf, blen, f_rng, p_rng ) ); + return( mbedtls_everest_make_params( &ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng ) ); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen, @@ -429,7 +436,8 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_params( ctx, buf, end) ); + return( mbedtls_everest_read_params( &ctx->ctx.everest_ecdh, + buf, end) ); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh, @@ -497,7 +505,13 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_get_params( ctx, key, side ) ); + { + mbedtls_x25519_ecdh_side s = side == MBEDTLS_ECDH_OURS ? + MBEDTLS_EVEREST_ECDH_OURS : + MBEDTLS_EVEREST_ECDH_THEIRS; + return( mbedtls_everest_get_params( &ctx->ctx.everest_ecdh, + key, s) ); + } #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh, @@ -572,7 +586,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_make_public( ctx, olen, buf, blen, f_rng, p_rng ) ); + return( mbedtls_everest_make_public( &ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng ) ); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen, @@ -617,7 +632,8 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_public( ctx, buf, blen ) ); + return( mbedtls_everest_read_public( &ctx->ctx.everest_ecdh, + buf, blen ) ); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh, @@ -703,7 +719,8 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_calc_secret( ctx, olen, buf, blen, f_rng, p_rng ) ); + return( mbedtls_everest_calc_secret( &ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng ) ); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf, From 999f3b53a1cfac57075659d9cacf63f513865afb Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 10:57:01 +0000 Subject: [PATCH 1589/2197] ECDH: Remove YOTTA config #define --- include/mbedtls/config.h | 5 ----- 1 file changed, 5 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 155a085b8..ce00ca114 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2091,11 +2091,6 @@ /* \} name SECTION: Customisation configuration options */ -/* Target and application specific configurations */ -//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h" - -/* \} name SECTION: Customisation configuration options */ - /* Target and application specific configurations * * Allow user to override any previous default. From c3cbddecb50dd54773bcfeca3a4d10c6361a3f22 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 11:03:02 +0000 Subject: [PATCH 1590/2197] ECDH: Fix whitespace, permissions --- 3rdparty/everest/include/everest/everest.h | 0 3rdparty/everest/include/everest/x25519.h | 0 3rdparty/everest/library/everest.c | 3 ++- 3rdparty/everest/library/x25519.c | 0 include/mbedtls/config.h | 2 +- include/mbedtls/ecdh.h | 2 +- library/ecdh.c | 0 library/ecdsa.c | 0 library/ecp.c | 0 programs/test/benchmark.c | 2 +- 10 files changed, 5 insertions(+), 4 deletions(-) mode change 100755 => 100644 3rdparty/everest/include/everest/everest.h mode change 100755 => 100644 3rdparty/everest/include/everest/x25519.h mode change 100755 => 100644 3rdparty/everest/library/everest.c mode change 100755 => 100644 3rdparty/everest/library/x25519.c mode change 100755 => 100644 library/ecdh.c mode change 100755 => 100644 library/ecdsa.c mode change 100755 => 100644 library/ecp.c mode change 100755 => 100644 programs/test/benchmark.c diff --git a/3rdparty/everest/include/everest/everest.h b/3rdparty/everest/include/everest/everest.h old mode 100755 new mode 100644 diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h old mode 100755 new mode 100644 diff --git a/3rdparty/everest/library/everest.c b/3rdparty/everest/library/everest.c old mode 100755 new mode 100644 index 4b3a799dc..2e2422f3e --- a/3rdparty/everest/library/everest.c +++ b/3rdparty/everest/library/everest.c @@ -107,4 +107,5 @@ int mbedtls_everest_calc_secret( mbedtls_ecdh_context_everest *ctx, size_t *olen return mbedtls_x25519_calc_secret( x25519_ctx, olen, buf, blen, f_rng, p_rng ); } -#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ \ No newline at end of file +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ + diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c old mode 100755 new mode 100644 diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index ce00ca114..b91fa702b 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2078,7 +2078,7 @@ */ //#define MBEDTLS_PLATFORM_GMTIME_R_ALT -/* +/** * \def MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED * * Enable the verified implementations of crypto primitives diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 4bb704bc5..7f61c453c 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -43,7 +43,7 @@ #include "mbedtls/ecp.h" #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) -#undef MBEDTLS_ECDH_LEGACY_CONTEXT +#undef MBEDTLS_ECDH_LEGACY_CONTEXT #include "everest/everest.h" #endif diff --git a/library/ecdh.c b/library/ecdh.c old mode 100755 new mode 100644 diff --git a/library/ecdsa.c b/library/ecdsa.c old mode 100755 new mode 100644 diff --git a/library/ecp.c b/library/ecp.c old mode 100755 new mode 100644 diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c old mode 100755 new mode 100644 index ba2c9370a..a808a84b6 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -988,7 +988,7 @@ int main( int argc, char *argv[] ) } #endif -#if defined(MBEDTLS_ECDH_C) +#if defined(MBEDTLS_ECDH_C) if( todo.ecdh ) { mbedtls_ecdh_context ecdh_srv, ecdh_cli; From 34811a8db249f5c7134ac1965ec67fbf060addb4 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 11:46:43 +0000 Subject: [PATCH 1591/2197] ECDH: Use LOCAL_CFLAGS instead of CFLAGS --- library/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/Makefile b/library/Makefile index 58ecb0c27..30663eae2 100644 --- a/library/Makefile +++ b/library/Makefile @@ -20,7 +20,7 @@ endif # CFLAGS += -D_BSD_EXTENSION # Include directories for Everest code -CFLAGS+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib +LOCAL_CFLAGS+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib # if were running on Windows build for Windows ifdef WINDOWS From 3c449621ceaed42fcfe708d3907afff9f1cd6dbe Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 11:54:59 +0000 Subject: [PATCH 1592/2197] ECDH: Fix error checks in benchmark.c --- programs/test/benchmark.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) mode change 100644 => 100755 programs/test/benchmark.c diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c old mode 100644 new mode 100755 index a808a84b6..0d4837f60 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -225,6 +225,14 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } +#if defined(MBEDTLS_ECDH_C) +static void check( int r ) +{ + if( r != 0 ) + mbedtls_exit( 1 ); +} +#endif + /* * Clear some memory that was used to prepare the context */ @@ -1003,8 +1011,8 @@ int main( int argc, char *argv[] ) { mbedtls_ecdh_init( &ecdh_srv ); mbedtls_ecdh_init( &ecdh_cli ); - mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ); - mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ); + check( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); + check( mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ) ); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) if (mbedtls_ecp_group_load(&ecdh_srv.grp, curve_info->grp_id) != 0 || @@ -1023,15 +1031,15 @@ int main( int argc, char *argv[] ) mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "full handshake", const unsigned char * p_srv = buf_srv; - ret |= mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ); + check( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); - ret |= mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ); - ret |= mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ); + check( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) ); + check( mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); - ret |= mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ); - ret |= mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ); + check( mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ) ); + check( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); - ret |= mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ); + check( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); ); mbedtls_ecdh_free( &ecdh_srv ); From 24fbceff50cd784d3c0becc0a816ff0bf4b9562a Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 12:36:10 +0000 Subject: [PATCH 1593/2197] ECDH: Everest: Remove unnecessary file --- .../everest/library/kremlib/fstar_uint128.c | 216 ------------------ library/Makefile | 1 - visualc/VS2010/mbedTLS.vcxproj | 1 - 3 files changed, 218 deletions(-) delete mode 100644 3rdparty/everest/library/kremlib/fstar_uint128.c diff --git a/3rdparty/everest/library/kremlib/fstar_uint128.c b/3rdparty/everest/library/kremlib/fstar_uint128.c deleted file mode 100644 index cadfbc7fa..000000000 --- a/3rdparty/everest/library/kremlib/fstar_uint128.c +++ /dev/null @@ -1,216 +0,0 @@ -/* Copyright (c) INRIA and Microsoft Corporation. All rights reserved. - Licensed under the Apache 2.0 License. */ - -/******************************************************************************/ -/* Machine integers (128-bit arithmetic) */ -/******************************************************************************/ - -/* This header makes KreMLin-generated C code work with: - * - the default setting where we assume the target compiler defines __int128 - * - the setting where we use FStar.UInt128's implementation instead; in that - * case, generated C files must be compiled with -DKRML_VERIFIED_UINT128 - * - a refinement of the case above, wherein all structures are passed by - * reference, a.k.a. "-fnostruct-passing", meaning that the KreMLin-generated - * must be compiled with -DKRML_NOSTRUCT_PASSING - * Note: no MSVC support in this file. - */ - -#include "FStar_UInt128.h" -#include "kremlin/c_endianness.h" -#include "FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.h" - -#if !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) - -/* GCC + using native unsigned __int128 support */ - -uint128_t load128_le(uint8_t *b) { - uint128_t l = (uint128_t)load64_le(b); - uint128_t h = (uint128_t)load64_le(b + 8); - return (h << 64 | l); -} - -void store128_le(uint8_t *b, uint128_t n) { - store64_le(b, (uint64_t)n); - store64_le(b + 8, (uint64_t)(n >> 64)); -} - -uint128_t load128_be(uint8_t *b) { - uint128_t h = (uint128_t)load64_be(b); - uint128_t l = (uint128_t)load64_be(b + 8); - return (h << 64 | l); -} - -void store128_be(uint8_t *b, uint128_t n) { - store64_be(b, (uint64_t)(n >> 64)); - store64_be(b + 8, (uint64_t)n); -} - -uint128_t FStar_UInt128_add(uint128_t x, uint128_t y) { - return x + y; -} - -uint128_t FStar_UInt128_mul(uint128_t x, uint128_t y) { - return x * y; -} - -uint128_t FStar_UInt128_add_mod(uint128_t x, uint128_t y) { - return x + y; -} - -uint128_t FStar_UInt128_sub(uint128_t x, uint128_t y) { - return x - y; -} - -uint128_t FStar_UInt128_sub_mod(uint128_t x, uint128_t y) { - return x - y; -} - -uint128_t FStar_UInt128_logand(uint128_t x, uint128_t y) { - return x & y; -} - -uint128_t FStar_UInt128_logor(uint128_t x, uint128_t y) { - return x | y; -} - -uint128_t FStar_UInt128_logxor(uint128_t x, uint128_t y) { - return x ^ y; -} - -uint128_t FStar_UInt128_lognot(uint128_t x) { - return ~x; -} - -uint128_t FStar_UInt128_shift_left(uint128_t x, uint32_t y) { - return x << y; -} - -uint128_t FStar_UInt128_shift_right(uint128_t x, uint32_t y) { - return x >> y; -} - -uint128_t FStar_UInt128_uint64_to_uint128(uint64_t x) { - return (uint128_t)x; -} - -uint64_t FStar_UInt128_uint128_to_uint64(uint128_t x) { - return (uint64_t)x; -} - -uint128_t FStar_UInt128_mul_wide(uint64_t x, uint64_t y) { - return ((uint128_t) x) * y; -} - -uint128_t FStar_UInt128_eq_mask(uint128_t x, uint128_t y) { - uint64_t mask = - FStar_UInt64_eq_mask((uint64_t)(x >> 64), (uint64_t)(y >> 64)) & - FStar_UInt64_eq_mask(x, y); - return ((uint128_t)mask) << 64 | mask; -} - -uint128_t FStar_UInt128_gte_mask(uint128_t x, uint128_t y) { - uint64_t mask = - (FStar_UInt64_gte_mask(x >> 64, y >> 64) & - ~(FStar_UInt64_eq_mask(x >> 64, y >> 64))) | - (FStar_UInt64_eq_mask(x >> 64, y >> 64) & FStar_UInt64_gte_mask(x, y)); - return ((uint128_t)mask) << 64 | mask; -} - -uint128_t FStar_Int_Cast_Full_uint64_to_uint128(uint64_t x) { - return x; -} - -uint64_t FStar_Int_Cast_Full_uint128_to_uint64(uint128_t x) { - return x; -} - -#elif !defined(_MSC_VER) && defined(KRML_VERIFIED_UINT128) - -/* Verified uint128 implementation. */ - -/* Access 64-bit fields within the int128. */ -#define HIGH64_OF(x) ((x)->high) -#define LOW64_OF(x) ((x)->low) - -typedef FStar_UInt128_uint128 FStar_UInt128_t_, uint128_t; - -/* A series of definitions written using pointers. */ - -void load128_le_(uint8_t *b, uint128_t *r) { - LOW64_OF(r) = load64_le(b); - HIGH64_OF(r) = load64_le(b + 8); -} - -void store128_le_(uint8_t *b, uint128_t *n) { - store64_le(b, LOW64_OF(n)); - store64_le(b + 8, HIGH64_OF(n)); -} - -void load128_be_(uint8_t *b, uint128_t *r) { - HIGH64_OF(r) = load64_be(b); - LOW64_OF(r) = load64_be(b + 8); -} - -void store128_be_(uint8_t *b, uint128_t *n) { - store64_be(b, HIGH64_OF(n)); - store64_be(b + 8, LOW64_OF(n)); -} - -void -FStar_Int_Cast_Full_uint64_to_uint128_(uint64_t x, uint128_t *dst) { - /* C89 */ - LOW64_OF(dst) = x; - HIGH64_OF(dst) = 0; -} - -uint64_t FStar_Int_Cast_Full_uint128_to_uint64_(uint128_t *x) { - return LOW64_OF(x); -} - -# ifndef KRML_NOSTRUCT_PASSING - -uint128_t load128_le(uint8_t *b) { - uint128_t r; - load128_le_(b, &r); - return r; -} - -void store128_le(uint8_t *b, uint128_t n) { - store128_le_(b, &n); -} - -uint128_t load128_be(uint8_t *b) { - uint128_t r; - load128_be_(b, &r); - return r; -} - -void store128_be(uint8_t *b, uint128_t n) { - store128_be_(b, &n); -} - -uint128_t FStar_Int_Cast_Full_uint64_to_uint128(uint64_t x) { - uint128_t dst; - FStar_Int_Cast_Full_uint64_to_uint128_(x, &dst); - return dst; -} - -uint64_t FStar_Int_Cast_Full_uint128_to_uint64(uint128_t x) { - return FStar_Int_Cast_Full_uint128_to_uint64_(&x); -} - -# else /* !defined(KRML_STRUCT_PASSING) */ - -# define print128 print128_ -# define load128_le load128_le_ -# define store128_le store128_le_ -# define load128_be load128_be_ -# define store128_be store128_be_ -# define FStar_Int_Cast_Full_uint128_to_uint64 \ - FStar_Int_Cast_Full_uint128_to_uint64_ -# define FStar_Int_Cast_Full_uint64_to_uint128 \ - FStar_Int_Cast_Full_uint64_to_uint128_ - -# endif /* KRML_STRUCT_PASSING */ - -#endif diff --git a/library/Makefile b/library/Makefile index 30663eae2..ee9ca389b 100644 --- a/library/Makefile +++ b/library/Makefile @@ -108,7 +108,6 @@ OBJS_CRYPTO+= \ ../3rdparty/everest/library/everest.o \ ../3rdparty/everest/library/Hacl_Curve25519.o \ ../3rdparty/everest/library/x25519.o \ - ../3rdparty/everest/library/kremlib/fstar_uint128.o \ ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o .SILENT: diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index fade3d1a2..2206bb196 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -302,7 +302,6 @@ - From 2e724a18a10c3243b85f9cff15d9b33d7571564c Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 7 Jan 2019 14:19:41 +0000 Subject: [PATCH 1594/2197] ECDH: Fix Everest ECDH side type --- library/ecdh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 library/ecdh.c diff --git a/library/ecdh.c b/library/ecdh.c old mode 100644 new mode 100755 index fec88d081..58e67bfab --- a/library/ecdh.c +++ b/library/ecdh.c @@ -506,7 +506,7 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: { - mbedtls_x25519_ecdh_side s = side == MBEDTLS_ECDH_OURS ? + mbedtls_everest_ecdh_side s = side == MBEDTLS_ECDH_OURS ? MBEDTLS_EVEREST_ECDH_OURS : MBEDTLS_EVEREST_ECDH_THEIRS; return( mbedtls_everest_get_params( &ctx->ctx.everest_ecdh, From 62dddd08fd5a73f7ffdfbe754d5688c9c5277bd3 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 13:07:50 +0000 Subject: [PATCH 1595/2197] Add new 3rdparty build scripts --- 3rdparty/CMakeLists.txt | 6 ++++++ 3rdparty/Makefile.inc | 1 + 3rdparty/everest/CMakeLists.txt | 9 +++++++++ 3rdparty/everest/Makefile.inc | 7 +++++++ CMakeLists.txt | 1 + library/CMakeLists.txt | 10 +--------- library/Makefile | 12 +++--------- 7 files changed, 28 insertions(+), 18 deletions(-) create mode 100755 3rdparty/CMakeLists.txt create mode 100755 3rdparty/Makefile.inc create mode 100755 3rdparty/everest/CMakeLists.txt create mode 100755 3rdparty/everest/Makefile.inc diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt new file mode 100755 index 000000000..df28699f1 --- /dev/null +++ b/3rdparty/CMakeLists.txt @@ -0,0 +1,6 @@ +add_subdirectory(everest) + +set(src_thirdparty + ${src_everest} + PARENT_SCOPE +) diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc new file mode 100755 index 000000000..757bd5f1b --- /dev/null +++ b/3rdparty/Makefile.inc @@ -0,0 +1 @@ +include ../3rdparty/everest/Makefile.inc \ No newline at end of file diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt new file mode 100755 index 000000000..25f50cae9 --- /dev/null +++ b/3rdparty/everest/CMakeLists.txt @@ -0,0 +1,9 @@ +include_directories(include include/everest include/everest/kremlib) + +set(src_everest + ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c + PARENT_SCOPE +) \ No newline at end of file diff --git a/3rdparty/everest/Makefile.inc b/3rdparty/everest/Makefile.inc new file mode 100755 index 000000000..bbdba56a3 --- /dev/null +++ b/3rdparty/everest/Makefile.inc @@ -0,0 +1,7 @@ +THIRDPARTY_INCLUDES+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib + +THIRDPARTY_OBJECTS+= \ + ../3rdparty/everest/library/everest.o \ + ../3rdparty/everest/library/Hacl_Curve25519.o \ + ../3rdparty/everest/library/x25519.o \ + ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o \ No newline at end of file diff --git a/CMakeLists.txt b/CMakeLists.txt index f756d4331..044ddc281 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -179,6 +179,7 @@ endif() include_directories(include/ 3rdparty/everest/include/ 3rdparty/everest/include/everest/ 3rdparty/everest/include/everest/kremlin/ 3rdparty/everest/include/everest/kremlib/) include_directories(library/) +add_subdirectory(3rdparty) add_subdirectory(library) add_subdirectory(include) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 009fb3e74..a6eb1ed06 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -74,6 +74,7 @@ set(src_crypto threading.c timing.c xtea.c + ${src_thirdparty} ) # For files generated by the parent project (Mbed TLS) when building Mbed @@ -94,15 +95,6 @@ set(src_crypto ) endif() -set(src_everest - ../3rdparty/everest/library/everest.c - ../3rdparty/everest/library/Hacl_Curve25519.c - ../3rdparty/everest/library/x25519.c - ../3rdparty/everest/library/kremlib/fstar_uint128.c - ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c -) - -set(src_crypto ${src_crypto} ${src_everest}) if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") endif(CMAKE_COMPILER_IS_GNUCC) diff --git a/library/Makefile b/library/Makefile index ee9ca389b..31c9208b9 100644 --- a/library/Makefile +++ b/library/Makefile @@ -19,9 +19,6 @@ endif # To compile on Plan9: # CFLAGS += -D_BSD_EXTENSION -# Include directories for Everest code -LOCAL_CFLAGS+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib - # if were running on Windows build for Windows ifdef WINDOWS WINDOWS_BUILD=1 @@ -104,11 +101,9 @@ OBJS_CRYPTO += version.o OBJS_CRYPTO += version_features.o endif -OBJS_CRYPTO+= \ - ../3rdparty/everest/library/everest.o \ - ../3rdparty/everest/library/Hacl_Curve25519.o \ - ../3rdparty/everest/library/x25519.o \ - ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o +include ../3rdparty/Makefile.inc +LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) +OBJS_CRYPTO+=$(THIRDPARTY_OBJECTS) .SILENT: @@ -163,4 +158,3 @@ else if exist libmbed* del /Q /F libmbed* if exist $(OBJS_CRYPTO) del /Q /F $(OBJS_CRYPTO) endif - From 7cc4c68eb63a24f9cbf814254cd537df819958e5 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 13:18:52 +0000 Subject: [PATCH 1596/2197] Fix preprocessor directive recognition in list-enum-consts.pl --- tests/scripts/list-enum-consts.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl index ebd9b7ebc..a30421734 100755 --- a/tests/scripts/list-enum-consts.pl +++ b/tests/scripts/list-enum-consts.pl @@ -22,7 +22,7 @@ while (<>) $state = 'in'; } elsif( $state eq 'in' and /}/ ) { $state = 'out'; - } elsif( $state eq 'in' and not (/^#if/ or /#endif/)) { + } elsif( $state eq 'in' and not /^#/) { s/=.*//; s!/\*.*!!; s/,.*//; s/\s+//g; chomp; push @consts, $_ if $_; } From 1083a25a29825e36c70c7dbbd4d6e4f704bb5e1a Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 13:34:06 +0000 Subject: [PATCH 1597/2197] ECDH: Exclude FStar and Hacl* from exported symbol checks --- tests/scripts/list-symbols.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/list-symbols.sh b/tests/scripts/list-symbols.sh index 930722c1b..6ecc199bf 100755 --- a/tests/scripts/list-symbols.sh +++ b/tests/scripts/list-symbols.sh @@ -30,9 +30,9 @@ if [ -n "$make_ret" ]; then fi if uname | grep -F Darwin >/dev/null; then - nm -gUj library/libmbed*.a 2>/dev/null | sed -n -e 's/^_//p' + nm -gUj library/libmbed*.a 2>/dev/null | sed -n -e 's/^_//p' | grep -v -e ^FStar -e ^Hacl elif uname | grep -F Linux >/dev/null; then - nm -og library/libmbed*.a | grep -v '^[^ ]*: *U \|^$\|^[^ ]*:$' | sed 's/^[^ ]* . //' + nm -og library/libmbed*.a | grep -v '^[^ ]*: *U \|^$\|^[^ ]*:$' | sed 's/^[^ ]* . //' | grep -v -e ^FStar -e ^Hacl fi | sort > exported-symbols make clean From 8a0f5bb3c11196a5bc0df6393a47e56c40adb7ac Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 14 Dec 2018 15:46:34 +0000 Subject: [PATCH 1598/2197] Make check-names.sh find the right names in 3rdparty Essentially adds the Everest .h and .c files to the various variables. This should be generalized at some point, but there is no infrastructure for this yet. --- 3rdparty/everest/include/everest/x25519.h | 3 ++- tests/scripts/check-names.sh | 4 +++- tests/scripts/list-enum-consts.pl | 3 +++ tests/scripts/list-identifiers.sh | 1 + tests/scripts/list-macros.sh | 1 + 5 files changed, 10 insertions(+), 2 deletions(-) mode change 100644 => 100755 3rdparty/everest/include/everest/x25519.h diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h old mode 100644 new mode 100755 index cdfb16f53..b8cc214f6 --- a/3rdparty/everest/include/everest/x25519.h +++ b/3rdparty/everest/include/everest/x25519.h @@ -40,7 +40,8 @@ typedef enum /** * \brief The x25519 context structure. */ -typedef struct mbedtls_x25519_context_ { +typedef struct +{ unsigned char our_secret[32]; unsigned char peer_point[32]; } mbedtls_x25519_context; diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index 7d2302cb2..b07db23d2 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -82,10 +82,12 @@ done printf "Likely typos: " sort -u actual-macros enum-consts > _caps HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) +HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" +LIBRARY="$( ls library/*.c ) 3rdparty/everest/library/everest.c 3rdparty/everest/library/x25519.c" NL=' ' sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \ - $HEADERS library/*.c \ + $HEADERS $LIBRARY \ | grep MBEDTLS | sort -u > _MBEDTLS_XXX TYPOS=$( diff _caps _MBEDTLS_XXX | sed -n 's/^> //p' \ | egrep -v 'XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$' || true ) diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl index a30421734..e59517b88 100755 --- a/tests/scripts/list-enum-consts.pl +++ b/tests/scripts/list-enum-consts.pl @@ -9,6 +9,9 @@ use open qw(:std utf8); -d 'include/mbedtls' or die "$0: must be run from root\n"; @ARGV = grep { ! /compat-1\.3\.h/ } ; +push @ARGV, "3rdparty/everest/include/everest/everest.h"; +push @ARGV, "3rdparty/everest/include/everest/x25519.h"; + my @consts; my $state = 'out'; diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index 4828c80eb..24e74043b 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -35,6 +35,7 @@ then HEADERS=$( ls include/mbedtls/*_internal.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' ) else HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' ) + HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" fi rm -f identifiers diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 3fa66f191..9a89737df 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -8,6 +8,7 @@ if [ -d include/mbedtls ]; then :; else fi HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) +HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" # White-list macros we want to be able to refer to that don't exist in the # crypto library, useful when referring to macros in Mbed TLS from comments. From 0082f9df6f26b982f74a3301399f66ba7a6eb039 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 7 Jan 2019 13:47:30 +0000 Subject: [PATCH 1599/2197] ECDSA: Add mbedtls_ecdsa_can_do --- include/mbedtls/ecdsa.h | 11 ++++++++++- library/ecdsa.c | 20 ++++++++++++++++---- programs/test/benchmark.c | 6 ++++++ 3 files changed, 32 insertions(+), 5 deletions(-) mode change 100644 => 100755 include/mbedtls/ecdsa.h mode change 100644 => 100755 library/ecdsa.c diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h old mode 100644 new mode 100755 index effbb1ed0..e19d8d1c1 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -125,6 +125,16 @@ typedef void mbedtls_ecdsa_restart_ctx; #endif /* MBEDTLS_ECP_RESTARTABLE */ +/** + * \brief This function checks whether a given group can be used + * for ECDSA. + * + * \param gid The ECP group ID to check. + * + * \return \c 1 if the group can be used, \c 0 otherwise + */ +int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); + /** * \brief This function computes the ECDSA signature of a * previously-hashed message. @@ -469,7 +479,6 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen, mbedtls_ecdsa_restart_ctx *rs_ctx ); - /** * \brief This function generates an ECDSA keypair on the given curve. * diff --git a/library/ecdsa.c b/library/ecdsa.c old mode 100644 new mode 100755 index 2daabeedf..f34652650 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -263,9 +263,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *pk = &k, *pr = r; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( grp->id == MBEDTLS_ECP_DP_CURVE25519 || - grp->id == MBEDTLS_ECP_DP_CURVE448 || - grp->N.p == NULL ) + if( !mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* Make sure d is in range 1..n-1 */ @@ -380,6 +378,20 @@ cleanup: return( ret ); } +int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ) +{ + switch( gid ) + { +#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED + case MBEDTLS_ECP_DP_CURVE25519: return 0; +#endif +#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED + case MBEDTLS_ECP_DP_CURVE448: return 0; +#endif + default: return 1; + } +} + /* * Compute ECDSA signature of a hashed message */ @@ -504,7 +516,7 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( grp->N.p == NULL ) + if( !mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); ECDSA_RS_ENTER( ver ); diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 0d4837f60..a53851acb 100755 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -835,6 +835,9 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { + if( mbedtls_ecdsa_can_do( curve_info->grp_id ) == 0 ) + continue; + mbedtls_ecdsa_init( &ecdsa ); if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ) @@ -854,6 +857,9 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { + if( mbedtls_ecdsa_can_do( curve_info->grp_id ) == 0 ) + continue; + mbedtls_ecdsa_init( &ecdsa ); if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 || From ea24394c03ce5947237f3b015a14dd20a3c34d2c Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 7 Jan 2019 14:12:25 +0000 Subject: [PATCH 1600/2197] ECDH: Fix whitespace and permission problems --- 3rdparty/CMakeLists.txt | 12 +++++----- 3rdparty/everest/CMakeLists.txt | 19 ++++++++------- .../everest/kremlin/internal/callconv.h | 4 +++- 3rdparty/everest/include/everest/x25519.h | 0 include/mbedtls/ecdsa.h | 0 library/ecdh.c | 24 +++++++++---------- library/ecdsa.c | 0 programs/test/benchmark.c | 0 8 files changed, 30 insertions(+), 29 deletions(-) mode change 100755 => 100644 3rdparty/CMakeLists.txt mode change 100755 => 100644 3rdparty/everest/CMakeLists.txt mode change 100755 => 100644 3rdparty/everest/include/everest/x25519.h mode change 100755 => 100644 include/mbedtls/ecdsa.h mode change 100755 => 100644 library/ecdh.c mode change 100755 => 100644 library/ecdsa.c mode change 100755 => 100644 programs/test/benchmark.c diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt old mode 100755 new mode 100644 index df28699f1..4511e4358 --- a/3rdparty/CMakeLists.txt +++ b/3rdparty/CMakeLists.txt @@ -1,6 +1,6 @@ -add_subdirectory(everest) - -set(src_thirdparty - ${src_everest} - PARENT_SCOPE -) +add_subdirectory(everest) + +set(src_thirdparty + ${src_everest} + PARENT_SCOPE +) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt old mode 100755 new mode 100644 index 25f50cae9..84e2763c8 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -1,9 +1,10 @@ -include_directories(include include/everest include/everest/kremlib) - -set(src_everest - ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c - PARENT_SCOPE -) \ No newline at end of file +include_directories(include include/everest include/everest/kremlib) + +set(src_everest + ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c + PARENT_SCOPE +) + diff --git a/3rdparty/everest/include/everest/kremlin/internal/callconv.h b/3rdparty/everest/include/everest/kremlin/internal/callconv.h index 24b5fffa8..bf631ff46 100644 --- a/3rdparty/everest/include/everest/kremlin/internal/callconv.h +++ b/3rdparty/everest/include/everest/kremlin/internal/callconv.h @@ -24,7 +24,9 @@ #endif #endif -/* TODO: review these two definitions and understand why they're needed. */ +/* Since KreMLin emits the inline keyword unconditionally, we follow the + * guidelines at https://gcc.gnu.org/onlinedocs/gcc/Inline.html and make this + * __inline__ to ensure the code compiles with -std=c90 and earlier. */ #ifdef __GNUC__ # define inline __inline__ #endif diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h old mode 100755 new mode 100644 diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h old mode 100755 new mode 100644 diff --git a/library/ecdh.c b/library/ecdh.c old mode 100755 new mode 100644 index 58e67bfab..66a2d1687 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -220,20 +220,18 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) switch( grp_id ) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - case MBEDTLS_ECP_DP_CURVE25519: - { - ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; - ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; - ctx->grp_id = grp_id; - return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); - } + case MBEDTLS_ECP_DP_CURVE25519: + ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; + ctx->grp_id = grp_id; + return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); #endif - default: - ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; - ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; - ctx->grp_id = grp_id; - ecdh_init_internal( &ctx->ctx.mbed_ecdh ); - return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); + default: + ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; + ctx->grp_id = grp_id; + ecdh_init_internal( &ctx->ctx.mbed_ecdh ); + return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); } #endif } diff --git a/library/ecdsa.c b/library/ecdsa.c old mode 100755 new mode 100644 diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c old mode 100755 new mode 100644 From 78450a3dd145730d1ee2440eb6a6d3b9643577fa Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 17 Jan 2019 12:17:54 +0000 Subject: [PATCH 1601/2197] ECDH: Disables MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED by default --- include/mbedtls/config.h | 2 +- scripts/config.pl | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index b91fa702b..f040c932c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2087,7 +2087,7 @@ * MBEDTLS_ECDH_LEGACY_CONTEXT). * */ -#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED +//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED /* \} name SECTION: Customisation configuration options */ diff --git a/scripts/config.pl b/scripts/config.pl index 458875768..ed0967d56 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -91,6 +91,7 @@ MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER MBEDTLS_PSA_INJECT_ENTROPY MBEDTLS_ECP_RESTARTABLE +MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED _ALT\s*$ ); From 405b371a840dc9a5ed2c45965044757d0bd61e29 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Thu, 17 Jan 2019 13:40:58 +0000 Subject: [PATCH 1602/2197] Silences missing documentation warning for MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED --- include/mbedtls/config.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f040c932c..2e246e4a2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2079,8 +2079,6 @@ //#define MBEDTLS_PLATFORM_GMTIME_R_ALT /** - * \def MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - * * Enable the verified implementations of crypto primitives * from Project Everest (currently only Curve25519). * This feature breaks ECDH backward compatibility (see also From 6ea2dea1c5aa1f1cc6ffe3f7ef7c56a2259a2668 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 21 Jan 2019 17:26:19 +0000 Subject: [PATCH 1603/2197] 3rdparty: Add additional build facilities for 3rd-party code --- 3rdparty/CMakeLists.txt | 13 ++++-- 3rdparty/everest/CMakeLists.txt | 46 +++++++++++++++---- 3rdparty/everest/Makefile.inc | 25 +++++++--- .../{vs2010 => legacy}/Hacl_Curve25519.c | 0 CMakeLists.txt | 6 ++- include/CMakeLists.txt | 3 +- library/CMakeLists.txt | 3 +- programs/Makefile | 3 +- scripts/generate_visualc_files.pl | 2 +- tests/Makefile | 3 +- visualc/VS2010/mbedTLS.vcxproj | 2 +- 11 files changed, 79 insertions(+), 27 deletions(-) rename 3rdparty/everest/library/{vs2010 => legacy}/Hacl_Curve25519.c (100%) diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt index 4511e4358..dca4bd76b 100644 --- a/3rdparty/CMakeLists.txt +++ b/3rdparty/CMakeLists.txt @@ -1,6 +1,11 @@ +list (APPEND thirdparty_src) +list (APPEND thirdparty_lib) +list (APPEND thirdparty_inc) +list (APPEND thirdparty_def) + add_subdirectory(everest) -set(src_thirdparty - ${src_everest} - PARENT_SCOPE -) +set(thirdparty_src ${thirdparty_src} PARENT_SCOPE) +set(thirdparty_lib ${thirdparty_lib} PARENT_SCOPE) +set(thirdparty_inc ${thirdparty_inc} PARENT_SCOPE) +set(thirdparty_def ${thirdparty_def} PARENT_SCOPE) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index 84e2763c8..5b0a078dd 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -1,10 +1,40 @@ -include_directories(include include/everest include/everest/kremlib) +list (APPEND everest_src) +list (APPEND everest_inc) +list (APPEND everest_def) -set(src_everest - ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c - PARENT_SCOPE -) +execute_process(COMMAND ${PERL_EXECUTABLE} scripts/config.pl -f include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) +if(${result} EQUAL 0) + set(everest_src + ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c + ) + + if (${CMAKE_LIBRARY_ARCHITECTURE} STREQUAL "x86_64-linux-gnu") + list(APPEND everest_src ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c) + else() + list(APPEND everest_def -DKRML_VERIFIED_UINT128) + list(APPEND everest_src + ${CMAKE_CURRENT_SOURCE_DIR}/library/legacy/Hacl_Curve25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt128_extracted.c + ) + endif() + + list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/../../include ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) + + if(INSTALL_MBEDTLS_HEADERS) + + file(GLOB_RECURSE headers "${CMAKE_CURRENT_SOURCE_DIR}/include/everest/*.h") + + install(FILES ${headers} + DESTINATION include/everest + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + + endif(INSTALL_MBEDTLS_HEADERS) + +endif() + +set(thirdparty_src ${thirdparty_src} ${everest_src} PARENT_SCOPE) +set(thirdparty_inc ${thirdparty_inc} ${everest_inc} PARENT_SCOPE) +set(thirdparty_def ${thirdparty_def} ${everest_def} PARENT_SCOPE) diff --git a/3rdparty/everest/Makefile.inc b/3rdparty/everest/Makefile.inc index bbdba56a3..0b71e2a9f 100755 --- a/3rdparty/everest/Makefile.inc +++ b/3rdparty/everest/Makefile.inc @@ -1,7 +1,18 @@ -THIRDPARTY_INCLUDES+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib - -THIRDPARTY_OBJECTS+= \ - ../3rdparty/everest/library/everest.o \ - ../3rdparty/everest/library/Hacl_Curve25519.o \ - ../3rdparty/everest/library/x25519.o \ - ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o \ No newline at end of file +EVEREST_ENABLED=$(shell perl ../scripts/config.pl -f ../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED; echo $$?) + +ifeq ($(EVEREST_ENABLED),0) +THIRDPARTY_INCLUDES+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib + +THIRDPARTY_OBJECTS+= \ + ../3rdparty/everest/library/everest.o \ + ../3rdparty/everest/library/x25519.o \ + ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o + +ifeq ($(shell getconf LONG_BIT),64) +THIRDPARTY_OBJECTS+=../3rdparty/everest/library/Hacl_Curve25519.o +else +CFLAGS+="-DKRML_VERIFIED_UINT128" +THIRDPARTY_OBJECTS+=../3rdparty/everest/library/legacy/Hacl_Curve25519.o \ + ../3rdparty/everest/library/kremlib/FStar_UInt128_extracted.o +endif +endif diff --git a/3rdparty/everest/library/vs2010/Hacl_Curve25519.c b/3rdparty/everest/library/legacy/Hacl_Curve25519.c similarity index 100% rename from 3rdparty/everest/library/vs2010/Hacl_Curve25519.c rename to 3rdparty/everest/library/legacy/Hacl_Curve25519.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 044ddc281..5a0921926 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -176,10 +176,14 @@ else() set(LIB_INSTALL_DIR lib) endif() -include_directories(include/ 3rdparty/everest/include/ 3rdparty/everest/include/everest/ 3rdparty/everest/include/everest/kremlin/ 3rdparty/everest/include/everest/kremlib/) +include_directories(include/) include_directories(library/) add_subdirectory(3rdparty) +include_directories(${thirdparty_inc}) +list(APPEND libs ${thirdparty_lib}) +add_definitions(${thirdparty_def}) + add_subdirectory(library) add_subdirectory(include) diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 727fa210c..02f924df4 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -4,9 +4,8 @@ if(INSTALL_MBEDTLS_HEADERS) file(GLOB headers "mbedtls/*.h") file(GLOB psa_headers "psa/*.h") - file(GLOB everest_headers "../3rdparty/everest/include/*.h") - install(FILES ${headers} ${everest_headers} + install(FILES ${headers} DESTINATION include/mbedtls PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index a6eb1ed06..f4bb4725c 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -74,7 +74,6 @@ set(src_crypto threading.c timing.c xtea.c - ${src_thirdparty} ) # For files generated by the parent project (Mbed TLS) when building Mbed @@ -95,6 +94,8 @@ set(src_crypto ) endif() +list(APPEND src_crypto ${thirdparty_src}) + if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") endif(CMAKE_COMPILER_IS_GNUCC) diff --git a/programs/Makefile b/programs/Makefile index 871b75b77..add1a8649 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -11,7 +11,8 @@ LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ -lmbedcrypto$(SHARED_SUFFIX) -LOCAL_CFLAGS+=-I../3rdparty/everest/include +include ../3rdparty/Makefile.inc +LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) ifndef SHARED DEP=../library/libmbedcrypto.a diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 5d07b885c..2134f53a6 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -23,7 +23,7 @@ my $mbedtls_header_dir = 'include/mbedtls'; my $psa_header_dir = 'include/psa'; my $source_dir = 'library'; my $everest_header_dir = '3rdparty/everest/include/everest'; -my @everest_source_dirs = ('3rdparty/everest/library', '3rdparty/everest/library/kremlib', '3rdparty/everest/library/vs2010'); +my @everest_source_dirs = ('3rdparty/everest/library', '3rdparty/everest/library/kremlib', '3rdparty/everest/library/legacy'); # Need windows line endings! my $vsx_hdr_tpl = < - + From 9597238058ddd72ac82a25c2eaa06dcc5ec3780b Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 6 Feb 2019 18:06:15 +0000 Subject: [PATCH 1604/2197] ECDH: Make benchmarks check MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED --- programs/test/benchmark.c | 127 +++++++++++++++++++------------------- 1 file changed, 62 insertions(+), 65 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index a53851acb..e90ef2de7 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -190,7 +190,12 @@ do { \ CODE; \ } \ \ - if( ret != 0 ) \ + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) \ + { \ + mbedtls_printf( "Feature Not Supported. Skipping.\n" ); \ + ret = 0; \ + } \ + else if( ret != 0 ) \ { \ PRINT_ERROR; \ } \ @@ -225,13 +230,17 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } -#if defined(MBEDTLS_ECDH_C) -static void check( int r ) -{ - if( r != 0 ) - mbedtls_exit( 1 ); -} -#endif +#define CHECK_AND_CONTINUE( R ) \ + { \ + int ret = ( R ); \ + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) { \ + mbedtls_printf( "Feature not supported. Skipping.\n" ); \ + continue; \ + } \ + else if( ret != 0 ) { \ + mbedtls_exit( 1 ); \ + } \ + } /* * Clear some memory that was used to prepare the context @@ -904,22 +913,19 @@ int main( int argc, char *argv[] ) { mbedtls_ecdh_init( &ecdh ); - if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 || - mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) != 0 || - mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ) - { - mbedtls_exit( 1 ); - } + CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), + myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) ); ecp_clear_precomputed( &ecdh.grp ); mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "handshake", - ret |= mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ); - ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), + CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), + myrand, NULL ) ) ); mbedtls_ecdh_free( &ecdh ); } @@ -931,19 +937,16 @@ int main( int argc, char *argv[] ) mbedtls_ecdh_init( &ecdh ); mbedtls_mpi_init( &z ); - if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 || - mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 ) - { - mbedtls_exit( 1 ); - } + CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) ); mbedtls_snprintf( title, sizeof(title), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "handshake", - ret |= mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, - myrand, NULL ); - ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, - myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, + myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, + myrand, NULL ) ) ); mbedtls_ecdh_free( &ecdh ); mbedtls_mpi_free( &z ); @@ -955,22 +958,19 @@ int main( int argc, char *argv[] ) { mbedtls_ecdh_init( &ecdh ); - if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 || - mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) != 0 || - mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 || - mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) != 0 ) - { - mbedtls_exit( 1 ); - } + CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), + myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), + myrand, NULL ) ); ecp_clear_precomputed( &ecdh.grp ); mbedtls_snprintf( title, sizeof( title ), "ECDH-%s", curve_info->name ); TIME_PUBLIC( title, "handshake", - ret |= mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), - myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), + myrand, NULL ) ) ); mbedtls_ecdh_free( &ecdh ); } @@ -982,19 +982,16 @@ int main( int argc, char *argv[] ) mbedtls_ecdh_init( &ecdh ); mbedtls_mpi_init( &z ); - if( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) != 0 || - mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, - myrand, NULL ) != 0 || - mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 ) - { - mbedtls_exit( 1 ); - } + CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, + myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) ); mbedtls_snprintf( title, sizeof(title), "ECDH-%s", curve_info->name ); TIME_PUBLIC( title, "handshake", - ret |= mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, - myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, + myrand, NULL ) ) ); mbedtls_ecdh_free( &ecdh ); mbedtls_mpi_free( &z ); @@ -1017,35 +1014,35 @@ int main( int argc, char *argv[] ) { mbedtls_ecdh_init( &ecdh_srv ); mbedtls_ecdh_init( &ecdh_cli ); - check( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); - check( mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ) ); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - if (mbedtls_ecp_group_load(&ecdh_srv.grp, curve_info->grp_id) != 0 || - mbedtls_ecdh_gen_public(&ecdh_srv.grp, - &ecdh_srv.d, - &ecdh_srv.Q, myrand, NULL) != 0) + CHECK_AND_CONTINUE( mbedtls_ecp_group_load(&ecdh_srv.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public(&ecdh_srv.grp, + &ecdh_srv.d, + &ecdh_srv.Q, myrand, NULL)); #else - if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 && ( - mbedtls_ecp_group_load( &ecdh_srv.ctx.mbed_ecdh.grp, curve_info->grp_id ) != 0 || - mbedtls_ecdh_gen_public( &ecdh_srv.ctx.mbed_ecdh.grp, - &ecdh_srv.ctx.mbed_ecdh.d, - &ecdh_srv.ctx.mbed_ecdh.Q, myrand, NULL ) != 0 )) + if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 ) { + CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh_srv.ctx.mbed_ecdh.grp, curve_info->grp_id )); + CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh_srv.ctx.mbed_ecdh.grp, + &ecdh_srv.ctx.mbed_ecdh.d, + &ecdh_srv.ctx.mbed_ecdh.Q, myrand, NULL )); + } #endif - mbedtls_exit( 1 ); mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "full handshake", const unsigned char * p_srv = buf_srv; - check( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); - check( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) ); - check( mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); - check( mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ) ); - check( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); - check( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); + CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); ); mbedtls_ecdh_free( &ecdh_srv ); From 1fdf2c2d1c17bc915b5d2d3a3e8bbd15de247da7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Feb 2019 18:23:42 +0100 Subject: [PATCH 1605/2197] Fix build with gcc -Wshadow --- programs/test/benchmark.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index e90ef2de7..7524f5cb4 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -232,12 +232,12 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) #define CHECK_AND_CONTINUE( R ) \ { \ - int ret = ( R ); \ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) { \ + int CHECK_AND_CONTINUE_ret = ( R ); \ + if( CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) { \ mbedtls_printf( "Feature not supported. Skipping.\n" ); \ continue; \ } \ - else if( ret != 0 ) { \ + else if( CHECK_AND_CONTINUE_ret != 0 ) { \ mbedtls_exit( 1 ); \ } \ } From 20b3ef3caddc65d25904e6585a4e6d3b858ad157 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Feb 2019 18:41:27 +0100 Subject: [PATCH 1606/2197] Add mbedtls_ecdh_can_do All curves can currently do ECDH, but to make the API symmetric and future-proof, add mbedtls_ecdh_can_do() to go with mbedtls_ecdsa_can_do(). --- include/mbedtls/ecdh.h | 9 +++++++++ library/ecdh.c | 7 +++++++ programs/test/benchmark.c | 9 +++++++++ 3 files changed, 25 insertions(+) diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 7f61c453c..3948d7c98 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -144,6 +144,15 @@ typedef struct mbedtls_ecdh_context } mbedtls_ecdh_context; +/** + * \brief Check whether a given group can be used for ECDH. + * + * \param gid The ECP group ID to check. + * + * \return \c 1 if the group can be used, \c 0 otherwise + */ +int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); + /** * \brief This function generates an ECDH keypair on an elliptic * curve. diff --git a/library/ecdh.c b/library/ecdh.c index 66a2d1687..648becbe4 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -63,6 +63,13 @@ static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( #endif } +int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ) +{ + /* At this time, all groups support ECDH. */ + (void) gid; + return 1; +} + #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) /* * Generate public key (restartable version) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 7524f5cb4..502b15d9a 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -911,6 +911,9 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { + if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + continue; + mbedtls_ecdh_init( &ecdh ); CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); @@ -956,6 +959,9 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { + if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + continue; + mbedtls_ecdh_init( &ecdh ); CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); @@ -1012,6 +1018,9 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { + if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + continue; + mbedtls_ecdh_init( &ecdh_srv ); mbedtls_ecdh_init( &ecdh_cli ); CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); From d2085f5a17adea8a502fd289f173b9ab07139454 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 Feb 2019 18:43:55 +0100 Subject: [PATCH 1607/2197] Document that curve lists can include partially-supported curves Document that a curve returned by mbedtls_ecp_curve_list() or mbedtls_ecp_grp_id_list() may lack support for ECDH or ECDSA. Add a corresponding changelog entry, under "API Changes" because we have changed the behavior: formerly, these functions skipped ECDH-only curves, although this was not documented. --- include/mbedtls/ecp.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 6aa677ad0..d04cc49b6 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -437,6 +437,12 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); * mbedtls_ecp_curve_info() for all supported curves in order * of preference. * + * \note This function returns information about all curves + * supported by the library. Some curves may not be + * supported for all algorithms. Call mbedtls_ecdh_can_do() + * or mbedtls_ecdsa_can_do() to check if a curve is + * supported for ECDH or ECDSA. + * * \return A statically allocated array. The last entry is 0. */ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); @@ -446,6 +452,12 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); * identifiers of all supported curves in the order of * preference. * + * \note This function returns information about all curves + * supported by the library. Some curves may not be + * supported for all algorithms. Call mbedtls_ecdh_can_do() + * or mbedtls_ecdsa_can_do() to check if a curve is + * supported for ECDH or ECDSA. + * * \return A statically allocated array, * terminated with MBEDTLS_ECP_DP_NONE. */ From 41fb2c05e807f842ba01e902c857db1dbf2029a9 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:34:40 +0000 Subject: [PATCH 1608/2197] ECDSA: Refactor return value checks for mbedtls_ecdsa_can_do --- programs/test/benchmark.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 programs/test/benchmark.c diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c old mode 100644 new mode 100755 index 502b15d9a..7cdff10b1 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -844,7 +844,7 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { - if( mbedtls_ecdsa_can_do( curve_info->grp_id ) == 0 ) + if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) ) continue; mbedtls_ecdsa_init( &ecdsa ); @@ -866,7 +866,7 @@ int main( int argc, char *argv[] ) curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { - if( mbedtls_ecdsa_can_do( curve_info->grp_id ) == 0 ) + if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) ) continue; mbedtls_ecdsa_init( &ecdsa ); From 02174b90dcdc79bdfebcfd4fe0aa9a2efcfca89e Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:39:21 +0000 Subject: [PATCH 1609/2197] 3rdparty: Fix Makefile coding conventions --- 3rdparty/Makefile.inc | 3 ++- 3rdparty/everest/Makefile.inc | 1 + tests/scripts/check-files.py | 3 ++- 3 files changed, 5 insertions(+), 2 deletions(-) mode change 100755 => 100644 3rdparty/everest/Makefile.inc diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc index 757bd5f1b..51080b7df 100755 --- a/3rdparty/Makefile.inc +++ b/3rdparty/Makefile.inc @@ -1 +1,2 @@ -include ../3rdparty/everest/Makefile.inc \ No newline at end of file +include ../3rdparty/everest/Makefile.inc + diff --git a/3rdparty/everest/Makefile.inc b/3rdparty/everest/Makefile.inc old mode 100755 new mode 100644 index 0b71e2a9f..7ca70ece7 --- a/3rdparty/everest/Makefile.inc +++ b/3rdparty/everest/Makefile.inc @@ -16,3 +16,4 @@ THIRDPARTY_OBJECTS+=../3rdparty/everest/library/legacy/Hacl_Curve25519.o \ ../3rdparty/everest/library/kremlib/FStar_UInt128_extracted.o endif endif + diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index 255bed8b9..6e35f5224 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -144,6 +144,7 @@ class TabIssueTracker(LineIssueTracker): heading = "Tabs present:" files_exemptions = frozenset([ "Makefile", + "Makefile.inc", "generate_visualc_files.pl", ]) @@ -181,7 +182,7 @@ class IntegrityChecker(object): self.setup_logger(log_file) self.files_to_check = ( ".c", ".h", ".sh", ".pl", ".py", ".md", ".function", ".data", - "Makefile", "CMakeLists.txt", "ChangeLog" + "Makefile", "Makefile.inc", "CMakeLists.txt", "ChangeLog" ) self.excluded_directories = ['.git', 'mbed-os'] self.excluded_paths = list(map(os.path.normpath, [ From 20819afcad3448babb8c8a4ca7067c679ef19bb1 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:43:12 +0000 Subject: [PATCH 1610/2197] 3rdparty: Adjust .gitignore --- 3rdparty/.gitignore | 1 + 3rdparty/everest/.gitignore | 1 + 2 files changed, 2 insertions(+) create mode 100644 3rdparty/.gitignore diff --git a/3rdparty/.gitignore b/3rdparty/.gitignore new file mode 100644 index 000000000..f3c7a7c5d --- /dev/null +++ b/3rdparty/.gitignore @@ -0,0 +1 @@ +Makefile diff --git a/3rdparty/everest/.gitignore b/3rdparty/everest/.gitignore index 5761abcfd..6eb25f66a 100644 --- a/3rdparty/everest/.gitignore +++ b/3rdparty/everest/.gitignore @@ -1 +1,2 @@ *.o +Makefile From f43e1d942f33133d0fab682b588c499dd7ea3538 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:44:35 +0000 Subject: [PATCH 1611/2197] 3rdparty: Remove unnecessary copy of license file --- 3rdparty/everest/apache-2.0.txt | 202 -------------------------------- 1 file changed, 202 deletions(-) delete mode 100644 3rdparty/everest/apache-2.0.txt diff --git a/3rdparty/everest/apache-2.0.txt b/3rdparty/everest/apache-2.0.txt deleted file mode 100644 index d64569567..000000000 --- a/3rdparty/everest/apache-2.0.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. From 5833de7ab2f853ff46de3638df87be7eae062998 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:49:27 +0000 Subject: [PATCH 1612/2197] 3rdparty: Update description of MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED --- include/mbedtls/config.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) mode change 100644 => 100755 include/mbedtls/config.h diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h old mode 100644 new mode 100755 index 2e246e4a2..95ab1f2c2 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2079,11 +2079,11 @@ //#define MBEDTLS_PLATFORM_GMTIME_R_ALT /** - * Enable the verified implementations of crypto primitives - * from Project Everest (currently only Curve25519). - * This feature breaks ECDH backward compatibility (see also - * MBEDTLS_ECDH_LEGACY_CONTEXT). - * + * Enable the verified implementations of ECDH primitives from Project Everest + * (currently only Curve25519). This feature changes the layout of ECDH + * contexts and therefore is a compatibility break for applications that access + * fields of a mbedtls_ecdh_context structure directly. See also + * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. */ //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED From ef17e3b59c0c2335031f7b0bf94012cc501f34be Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:52:09 +0000 Subject: [PATCH 1613/2197] ECDSA: Fix formatting --- include/mbedtls/ecdsa.h | 1 + 1 file changed, 1 insertion(+) mode change 100644 => 100755 include/mbedtls/ecdsa.h diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h old mode 100644 new mode 100755 index e19d8d1c1..ad5118814 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -479,6 +479,7 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen, mbedtls_ecdsa_restart_ctx *rs_ctx ); + /** * \brief This function generates an ECDSA keypair on the given curve. * From 3ff60bcf1ae96ea40ab98ffd51d6b0c82e7aa5ba Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 12:59:59 +0000 Subject: [PATCH 1614/2197] ECDH/ECDSA: Fix indentation --- library/ecdh.c | 22 +++++++++++----------- library/ecdsa.c | 4 ++-- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index 648becbe4..d795ec4da 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -227,18 +227,18 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) switch( grp_id ) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - case MBEDTLS_ECP_DP_CURVE25519: - ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; - ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; - ctx->grp_id = grp_id; - return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); + case MBEDTLS_ECP_DP_CURVE25519: + ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; + ctx->grp_id = grp_id; + return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); #endif - default: - ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; - ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; - ctx->grp_id = grp_id; - ecdh_init_internal( &ctx->ctx.mbed_ecdh ); - return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); + default: + ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; + ctx->grp_id = grp_id; + ecdh_init_internal( &ctx->ctx.mbed_ecdh ); + return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); } #endif } diff --git a/library/ecdsa.c b/library/ecdsa.c index f34652650..162e62f02 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -383,10 +383,10 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ) switch( gid ) { #ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED - case MBEDTLS_ECP_DP_CURVE25519: return 0; + case MBEDTLS_ECP_DP_CURVE25519: return 0; #endif #ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED - case MBEDTLS_ECP_DP_CURVE448: return 0; + case MBEDTLS_ECP_DP_CURVE448: return 0; #endif default: return 1; } From 2d4725f204cdc61eed48da5b22b10afd0fc56af4 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 13:35:04 +0000 Subject: [PATCH 1615/2197] 3rdparty: Rename THIRDPARTY_OBJECTS --- 3rdparty/everest/Makefile.inc | 6 +++--- library/Makefile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/3rdparty/everest/Makefile.inc b/3rdparty/everest/Makefile.inc index 7ca70ece7..7aaa37446 100644 --- a/3rdparty/everest/Makefile.inc +++ b/3rdparty/everest/Makefile.inc @@ -3,16 +3,16 @@ EVEREST_ENABLED=$(shell perl ../scripts/config.pl -f ../include/mbedtls/config.h ifeq ($(EVEREST_ENABLED),0) THIRDPARTY_INCLUDES+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib -THIRDPARTY_OBJECTS+= \ +THIRDPARTY_CRYPTO_OBJECTS+= \ ../3rdparty/everest/library/everest.o \ ../3rdparty/everest/library/x25519.o \ ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o ifeq ($(shell getconf LONG_BIT),64) -THIRDPARTY_OBJECTS+=../3rdparty/everest/library/Hacl_Curve25519.o +THIRDPARTY_CRYPTO_OBJECTS+=../3rdparty/everest/library/Hacl_Curve25519.o else CFLAGS+="-DKRML_VERIFIED_UINT128" -THIRDPARTY_OBJECTS+=../3rdparty/everest/library/legacy/Hacl_Curve25519.o \ +THIRDPARTY_CRYPTO_OBJECTS+=../3rdparty/everest/library/legacy/Hacl_Curve25519.o \ ../3rdparty/everest/library/kremlib/FStar_UInt128_extracted.o endif endif diff --git a/library/Makefile b/library/Makefile index 31c9208b9..8e276941d 100644 --- a/library/Makefile +++ b/library/Makefile @@ -103,7 +103,7 @@ endif include ../3rdparty/Makefile.inc LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) -OBJS_CRYPTO+=$(THIRDPARTY_OBJECTS) +OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS) .SILENT: From 9b5e77e2e3fa3555c385c1b170a8dd99455253c9 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 13:38:18 +0000 Subject: [PATCH 1616/2197] 3rdparty: Use LOCAL_FLAGS instead of CFLAGS --- 3rdparty/everest/Makefile.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/everest/Makefile.inc b/3rdparty/everest/Makefile.inc index 7aaa37446..5387e180f 100644 --- a/3rdparty/everest/Makefile.inc +++ b/3rdparty/everest/Makefile.inc @@ -11,7 +11,7 @@ THIRDPARTY_CRYPTO_OBJECTS+= \ ifeq ($(shell getconf LONG_BIT),64) THIRDPARTY_CRYPTO_OBJECTS+=../3rdparty/everest/library/Hacl_Curve25519.o else -CFLAGS+="-DKRML_VERIFIED_UINT128" +LOCAL_CFLAGS+="-DKRML_VERIFIED_UINT128" THIRDPARTY_CRYPTO_OBJECTS+=../3rdparty/everest/library/legacy/Hacl_Curve25519.o \ ../3rdparty/everest/library/kremlib/FStar_UInt128_extracted.o endif From 737df0c755992bb44771051b9ec4b165fb29b839 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 13:46:31 +0000 Subject: [PATCH 1617/2197] Fix file permissions --- 3rdparty/Makefile.inc | 0 include/mbedtls/config.h | 0 include/mbedtls/ecdsa.h | 0 programs/test/benchmark.c | 0 4 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 3rdparty/Makefile.inc mode change 100755 => 100644 include/mbedtls/config.h mode change 100755 => 100644 include/mbedtls/ecdsa.h mode change 100755 => 100644 programs/test/benchmark.c diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc old mode 100755 new mode 100644 diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h old mode 100755 new mode 100644 diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h old mode 100755 new mode 100644 diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c old mode 100755 new mode 100644 From 4061f04acd76bce06fd70b90088a0ca6c3446105 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 15:18:52 +0000 Subject: [PATCH 1618/2197] ECDH: Remove unnecessary #include --- library/ecdh.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index d795ec4da..35e3f4efc 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -47,10 +47,6 @@ #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; -#else -#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) -#include "everest/everest.h" -#endif #endif static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( From cb31073e1c505cbc0a7898dc8420826061be3db4 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 15:50:38 +0000 Subject: [PATCH 1619/2197] ECP: add Curve448 to ecp_supported_curves --- library/ecp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/ecp.c b/library/ecp.c index c7f54a195..8ee517e38 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -366,7 +366,7 @@ int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, /* * List of supported curves: * - internal ID - * - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2) + * - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2, RFC 8446 sec. 4.2.7) * - size in bits * - readable name * @@ -412,6 +412,9 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] = #endif #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) { MBEDTLS_ECP_DP_CURVE25519, 29, 256, "x25519" }, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + { MBEDTLS_ECP_DP_CURVE448, 30, 448, "x448" }, #endif { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; From f21aba4cb2869d0f229c5a2d9e8461ce23592ea0 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 16:06:19 +0000 Subject: [PATCH 1620/2197] 3rdparty: Fix Everest platform detection for CMake --- 3rdparty/everest/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index 5b0a078dd..2c5d7d5b7 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -11,7 +11,7 @@ if(${result} EQUAL 0) ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c ) - if (${CMAKE_LIBRARY_ARCHITECTURE} STREQUAL "x86_64-linux-gnu") + if ("${CMAKE_LIBRARY_ARCHITECTURE}" STREQUAL "x86_64-linux-gnu") list(APPEND everest_src ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c) else() list(APPEND everest_def -DKRML_VERIFIED_UINT128) From fb779f17000ff50d02c97788f0647b820c4bc422 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 16:20:54 +0000 Subject: [PATCH 1621/2197] 3rdparty: Pull Everest x25519 key size into macro --- 3rdparty/everest/include/everest/x25519.h | 5 +-- 3rdparty/everest/library/x25519.c | 38 +++++++++++------------ 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h index b8cc214f6..7a973dcf0 100644 --- a/3rdparty/everest/include/everest/x25519.h +++ b/3rdparty/everest/include/everest/x25519.h @@ -27,6 +27,7 @@ extern "C" { #endif #define MBEDTLS_ECP_TLS_CURVE25519 0x1d +#define MBEDTLS_X25519_KEY_SIZE_BYTES 32 /** * Defines the source of the imported EC key. @@ -42,8 +43,8 @@ typedef enum */ typedef struct { - unsigned char our_secret[32]; - unsigned char peer_point[32]; + unsigned char our_secret[MBEDTLS_X25519_KEY_SIZE_BYTES]; + unsigned char peer_point[MBEDTLS_X25519_KEY_SIZE_BYTES]; } mbedtls_x25519_context; /** diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index 830018c46..52496c6e1 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -52,8 +52,8 @@ void mbedtls_x25519_free( mbedtls_x25519_context *ctx ) if( ctx == NULL ) return; - mbedtls_platform_zeroize( ctx->our_secret, 32 ); - mbedtls_platform_zeroize( ctx->peer_point, 32 ); + mbedtls_platform_zeroize( ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ); + mbedtls_platform_zeroize( ctx->peer_point, MBEDTLS_X25519_KEY_SIZE_BYTES ); } int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, @@ -63,9 +63,9 @@ int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, { int ret = 0; - uint8_t base[32] = {0}; + uint8_t base[MBEDTLS_X25519_KEY_SIZE_BYTES] = {0}; - if( ( ret = f_rng( p_rng, ctx->our_secret, 32 ) ) != 0 ) + if( ( ret = f_rng( p_rng, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ) ) != 0 ) return ret; *olen = 36; @@ -75,13 +75,13 @@ int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE; *buf++ = MBEDTLS_ECP_TLS_CURVE25519 >> 8; *buf++ = MBEDTLS_ECP_TLS_CURVE25519 & 0xFF; - *buf++ = 32; + *buf++ = MBEDTLS_X25519_KEY_SIZE_BYTES; base[0] = 9; Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, base ); base[0] = 0; - if( memcmp( buf, base, 32) == 0 ) + if( memcmp( buf, base, MBEDTLS_X25519_KEY_SIZE_BYTES) == 0 ) return MBEDTLS_ERR_ECP_RANDOM_FAILED; return( 0 ); @@ -93,11 +93,11 @@ int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, if( end - *buf < 33 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( *(*buf)++ != 32 ) ) + if( ( *(*buf)++ != MBEDTLS_X25519_KEY_SIZE_BYTES ) ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - memcpy( ctx->peer_point, *buf, 32 ); - *buf += 32; + memcpy( ctx->peer_point, *buf, MBEDTLS_X25519_KEY_SIZE_BYTES ); + *buf += MBEDTLS_X25519_KEY_SIZE_BYTES; return( 0 ); } @@ -108,11 +108,11 @@ int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_ke switch( side ) { case MBEDTLS_X25519_ECDH_THEIRS: - mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, 32 ); + mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, MBEDTLS_X25519_KEY_SIZE_BYTES ); /* untested; defensively throw an error for now. */ return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); case MBEDTLS_X25519_ECDH_OURS: - mbedtls_mpi_write_binary( &key->d, ctx->our_secret, 32 ); + mbedtls_mpi_write_binary( &key->d, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ); /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */ /* untested; defensively throw an error for now. */ return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); @@ -130,7 +130,7 @@ int mbedtls_x25519_calc_secret( mbedtls_x25519_context *ctx, size_t *olen, (( void )f_rng); (( void )p_rng); - *olen = 32; + *olen = MBEDTLS_X25519_KEY_SIZE_BYTES; if( blen < *olen ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -138,8 +138,8 @@ int mbedtls_x25519_calc_secret( mbedtls_x25519_context *ctx, size_t *olen, Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, ctx->peer_point); /* Wipe the DH secret and don't let the peer chose a small subgroup point */ - memset( ctx->our_secret, 0, 32 ); - if( memcmp( buf, ctx->our_secret, 32) == 0 ) + memset( ctx->our_secret, 0, MBEDTLS_X25519_KEY_SIZE_BYTES ); + if( memcmp( buf, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES) == 0 ) return MBEDTLS_ERR_ECP_RANDOM_FAILED; return( 0 ); @@ -150,7 +150,7 @@ int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, int( *f_rng )(void *, unsigned char *, size_t), void *p_rng ) { - unsigned char base[32] = { 0 }; + unsigned char base[MBEDTLS_X25519_KEY_SIZE_BYTES] = { 0 }; /* CMW: Is it okay that f_rng, p_rng are not used? */ (( void )f_rng); @@ -162,13 +162,13 @@ int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, *olen = 33; if( blen < *olen ) return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL); - *buf++ = 32; + *buf++ = MBEDTLS_X25519_KEY_SIZE_BYTES; base[0] = 9; Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, base ); base[0] = 0; - if( memcmp( buf, base, 32 ) == 0 ) + if( memcmp( buf, base, MBEDTLS_X25519_KEY_SIZE_BYTES ) == 0 ) return MBEDTLS_ERR_ECP_RANDOM_FAILED; return(0); @@ -179,9 +179,9 @@ int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, { if( blen < 33 ) return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL); - if( (*buf++ != 32) ) + if( (*buf++ != MBEDTLS_X25519_KEY_SIZE_BYTES) ) return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); - memcpy( ctx->peer_point, buf, 32 ); + memcpy( ctx->peer_point, buf, MBEDTLS_X25519_KEY_SIZE_BYTES ); return(0); } From 088ef49681737fb4968c464a8e7a494a5cceed64 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 16:25:48 +0000 Subject: [PATCH 1622/2197] 3rdparty: Make proper use of mbedtls_platform_zeroize in Everest x25519 --- 3rdparty/everest/library/x25519.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index 52496c6e1..7660b6433 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -41,7 +41,7 @@ */ void mbedtls_x25519_init( mbedtls_x25519_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_x25519_context ) ); + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x25519_context ) ); } /* @@ -138,7 +138,8 @@ int mbedtls_x25519_calc_secret( mbedtls_x25519_context *ctx, size_t *olen, Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, ctx->peer_point); /* Wipe the DH secret and don't let the peer chose a small subgroup point */ - memset( ctx->our_secret, 0, MBEDTLS_X25519_KEY_SIZE_BYTES ); + mbedtls_platform_zeroize( ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ); + if( memcmp( buf, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES) == 0 ) return MBEDTLS_ERR_ECP_RANDOM_FAILED; From 537f41ebbf2cb848cc5c6ef95bb41fc1e12fb354 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 16:50:54 +0000 Subject: [PATCH 1623/2197] 3rdparty: Updated comments for Everest x25519 --- 3rdparty/everest/library/x25519.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index 7660b6433..e5ec2e832 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -126,7 +126,8 @@ int mbedtls_x25519_calc_secret( mbedtls_x25519_context *ctx, size_t *olen, int( *f_rng )(void *, unsigned char *, size_t), void *p_rng ) { - /* CMW: Is it okay that f_rng, p_rng are not used? */ + /* f_rng and p_rng are not used here because this implementation does not + need blinding since it has constant trace. */ (( void )f_rng); (( void )p_rng); From efdf4d7baa25762e7564738333492ad8876278b9 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 17:21:04 +0000 Subject: [PATCH 1624/2197] ECDH: Fix Everest x25519 make_public --- 3rdparty/everest/library/x25519.c | 14 +++++++------- programs/test/benchmark.c | 9 +-------- 2 files changed, 8 insertions(+), 15 deletions(-) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index e5ec2e832..edaf5da1d 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -152,14 +152,14 @@ int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, int( *f_rng )(void *, unsigned char *, size_t), void *p_rng ) { + int ret = 0; unsigned char base[MBEDTLS_X25519_KEY_SIZE_BYTES] = { 0 }; - /* CMW: Is it okay that f_rng, p_rng are not used? */ - (( void )f_rng); - (( void )p_rng); - if( ctx == NULL ) - return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + + if( ( ret = f_rng( p_rng, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ) ) != 0 ) + return ret; *olen = 33; if( blen < *olen ) @@ -173,7 +173,7 @@ int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, if( memcmp( buf, base, MBEDTLS_X25519_KEY_SIZE_BYTES ) == 0 ) return MBEDTLS_ERR_ECP_RANDOM_FAILED; - return(0); + return( ret ); } int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, @@ -184,7 +184,7 @@ int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, if( (*buf++ != MBEDTLS_X25519_KEY_SIZE_BYTES) ) return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); memcpy( ctx->peer_point, buf, MBEDTLS_X25519_KEY_SIZE_BYTES ); - return(0); + return( 0 ); } diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 7cdff10b1..244174ddf 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1028,16 +1028,9 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) CHECK_AND_CONTINUE( mbedtls_ecp_group_load(&ecdh_srv.grp, curve_info->grp_id)); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public(&ecdh_srv.grp, - &ecdh_srv.d, - &ecdh_srv.Q, myrand, NULL)); #else - if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 ) { + if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 ) CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh_srv.ctx.mbed_ecdh.grp, curve_info->grp_id )); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh_srv.ctx.mbed_ecdh.grp, - &ecdh_srv.ctx.mbed_ecdh.d, - &ecdh_srv.ctx.mbed_ecdh.Q, myrand, NULL )); - } #endif mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); From ac0e64df6819a1b0970dd7f34015c90f67b31afc Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 15 Feb 2019 19:04:26 +0000 Subject: [PATCH 1625/2197] ECDH: Removed unnecessary calls to mbedtls_ecp_group_load in ECDH benchmark --- programs/test/benchmark.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 244174ddf..e05470a8a 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1026,13 +1026,6 @@ int main( int argc, char *argv[] ) CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ) ); -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - CHECK_AND_CONTINUE( mbedtls_ecp_group_load(&ecdh_srv.grp, curve_info->grp_id)); -#else - if( ecdh_srv.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0 ) - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh_srv.ctx.mbed_ecdh.grp, curve_info->grp_id )); -#endif - mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "full handshake", const unsigned char * p_srv = buf_srv; From 2be66d44a5b395b669b7712d46d34b25ee45266a Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 18 Feb 2019 13:04:39 +0000 Subject: [PATCH 1626/2197] ECDH: Remove duplicate lines of code --- library/ecdh.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index 35e3f4efc..f1609bde0 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -283,8 +283,6 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: mbedtls_everest_free( &ctx->ctx.everest_ecdh ); - ctx->var = MBEDTLS_ECDH_VARIANT_NONE; - ctx->grp_id = MBEDTLS_ECP_DP_NONE; break; #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: From 2f563e3482460c237e19e931ed2e5bfb7ac49b81 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 18 Feb 2019 13:06:02 +0000 Subject: [PATCH 1627/2197] ECDH: Fix memory leaks due to context re-initialization --- library/ecdh.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/ecdh.c b/library/ecdh.c index f1609bde0..9c4ddce9c 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -162,6 +162,12 @@ int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) { + mbedtls_ecp_group_free( &ctx->grp ); + mbedtls_mpi_free( &ctx->d ); + mbedtls_ecp_point_free( &ctx->Q ); + mbedtls_ecp_point_free( &ctx->Qp ); + mbedtls_mpi_free( &ctx->z ); + mbedtls_ecp_group_init( &ctx->grp ); mbedtls_mpi_init( &ctx->d ); mbedtls_ecp_point_init( &ctx->Q ); @@ -169,6 +175,7 @@ static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) mbedtls_mpi_init( &ctx->z ); #if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_free( &ctx->rs ); mbedtls_ecp_restart_init( &ctx->rs ); #endif } From 8592958205bc446a80fe4c9ee7b7fb25db95fb29 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 18 Feb 2019 13:20:33 +0000 Subject: [PATCH 1628/2197] ECDH: Use macro-based sizes in Everest x25519 --- 3rdparty/everest/library/x25519.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index edaf5da1d..f5856c2c5 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -68,7 +68,7 @@ int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, if( ( ret = f_rng( p_rng, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ) ) != 0 ) return ret; - *olen = 36; + *olen = MBEDTLS_X25519_KEY_SIZE_BYTES + 4; if( blen < *olen ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); @@ -90,7 +90,7 @@ int mbedtls_x25519_make_params( mbedtls_x25519_context *ctx, size_t *olen, int mbedtls_x25519_read_params( mbedtls_x25519_context *ctx, const unsigned char **buf, const unsigned char *end ) { - if( end - *buf < 33 ) + if( end - *buf < MBEDTLS_X25519_KEY_SIZE_BYTES + 1 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); if( ( *(*buf)++ != MBEDTLS_X25519_KEY_SIZE_BYTES ) ) @@ -161,7 +161,7 @@ int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, if( ( ret = f_rng( p_rng, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ) ) != 0 ) return ret; - *olen = 33; + *olen = MBEDTLS_X25519_KEY_SIZE_BYTES + 1; if( blen < *olen ) return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL); *buf++ = MBEDTLS_X25519_KEY_SIZE_BYTES; @@ -179,7 +179,7 @@ int mbedtls_x25519_make_public( mbedtls_x25519_context *ctx, size_t *olen, int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, const unsigned char *buf, size_t blen ) { - if( blen < 33 ) + if( blen < MBEDTLS_X25519_KEY_SIZE_BYTES + 1 ) return(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL); if( (*buf++ != MBEDTLS_X25519_KEY_SIZE_BYTES) ) return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); From 1b73a71ac16b1383d03e17e7452678258b14b43b Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 18 Feb 2019 13:22:19 +0000 Subject: [PATCH 1629/2197] 3rdparty: Fix .gitignore --- 3rdparty/.gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/.gitignore b/3rdparty/.gitignore index f3c7a7c5d..5fc607b9e 100644 --- a/3rdparty/.gitignore +++ b/3rdparty/.gitignore @@ -1 +1 @@ -Makefile +/Makefile From e7e74ba33b0e8be4d141f0441a26203b7c2d203c Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 18 Feb 2019 14:13:44 +0000 Subject: [PATCH 1630/2197] 3rdparty: Improve Everest README.md --- 3rdparty/everest/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/3rdparty/everest/README.md b/3rdparty/everest/README.md index 69134f6ac..aa7d04d46 100644 --- a/3rdparty/everest/README.md +++ b/3rdparty/everest/README.md @@ -1 +1,5 @@ The files in this directory stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. + +This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS. + +The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc, clang, or arm-cc, and Visual C (2010 and later). From 30bc9cebda27d0682a1e5ca828a27e9ba4d4c27b Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 18 Feb 2019 15:45:23 +0000 Subject: [PATCH 1631/2197] ECDH: Fix context initialization --- library/ecdh.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index 9c4ddce9c..4f50e6ef1 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -186,6 +186,7 @@ static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) { ECDH_VALIDATE( ctx != NULL ); + memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) ecdh_init_internal( ctx ); @@ -193,8 +194,6 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) mbedtls_ecp_point_init( &ctx->Vf ); mbedtls_mpi_init( &ctx->_d ); #else - memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); - ctx->var = MBEDTLS_ECDH_VARIANT_NONE; #endif ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; From d8c45d5550f072991fd2c5c5bf6f92e137353d71 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 20 Feb 2019 17:16:53 +0000 Subject: [PATCH 1632/2197] Revert "ECDH: Fix context initialization" This reverts commit 4a43d14146220e8550d6ad87cb798f74ce9ee209. --- library/ecdh.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ecdh.c b/library/ecdh.c index 4f50e6ef1..9c4ddce9c 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -186,7 +186,6 @@ static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) { ECDH_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) ecdh_init_internal( ctx ); @@ -194,6 +193,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) mbedtls_ecp_point_init( &ctx->Vf ); mbedtls_mpi_init( &ctx->_d ); #else + memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); + ctx->var = MBEDTLS_ECDH_VARIANT_NONE; #endif ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; From bfc8eb2b78f2b7eaedebea5b9070cf10ef6f73de Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 20 Feb 2019 17:17:22 +0000 Subject: [PATCH 1633/2197] Revert "ECDH: Fix memory leaks due to context re-initialization" This reverts commit 2340f03c597b923c0f427c76b4c3d2cd11638410. --- library/ecdh.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index 9c4ddce9c..f1609bde0 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -162,12 +162,6 @@ int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) { - mbedtls_ecp_group_free( &ctx->grp ); - mbedtls_mpi_free( &ctx->d ); - mbedtls_ecp_point_free( &ctx->Q ); - mbedtls_ecp_point_free( &ctx->Qp ); - mbedtls_mpi_free( &ctx->z ); - mbedtls_ecp_group_init( &ctx->grp ); mbedtls_mpi_init( &ctx->d ); mbedtls_ecp_point_init( &ctx->Q ); @@ -175,7 +169,6 @@ static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) mbedtls_mpi_init( &ctx->z ); #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_free( &ctx->rs ); mbedtls_ecp_restart_init( &ctx->rs ); #endif } From 3b58700d3895971c9500fc34b7b9d494a011a337 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 20 Feb 2019 17:26:42 +0000 Subject: [PATCH 1634/2197] ECDH: Fix use of ECDH API in full handshake benchmark --- programs/test/benchmark.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index e05470a8a..ada42df99 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1022,13 +1022,13 @@ int main( int argc, char *argv[] ) continue; mbedtls_ecdh_init( &ecdh_srv ); - mbedtls_ecdh_init( &ecdh_cli ); - CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_cli, curve_info->grp_id ) ); + mbedtls_ecdh_init( &ecdh_cli ); mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "full handshake", const unsigned char * p_srv = buf_srv; + + CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); CHECK_AND_CONTINUE( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); CHECK_AND_CONTINUE( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) ); @@ -1038,10 +1038,11 @@ int main( int argc, char *argv[] ) CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); + mbedtls_ecdh_free( &ecdh_cli ); + + mbedtls_ecdh_free( &ecdh_srv ); ); - mbedtls_ecdh_free( &ecdh_srv ); - mbedtls_ecdh_free( &ecdh_cli ); } } #endif From cf5603f712fba54fb06ec6b73dcaa649f2d1e50d Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 20 Feb 2019 18:06:00 +0000 Subject: [PATCH 1635/2197] ECDH: Fix inclusion of platform.h for proper use of MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED --- programs/test/benchmark.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index ada42df99..fc84f5756 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -25,9 +25,8 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else +#if !defined(MBEDTLS_PLATFORM_C) #include #include #define mbedtls_exit exit From 7ec367ffc169dc42b76f3f222c4f9f3842f5e1ed Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Wed, 20 Feb 2019 18:12:09 +0000 Subject: [PATCH 1636/2197] 3rdparty: don't claim armcc support in Everest Readme.md --- 3rdparty/everest/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/everest/README.md b/3rdparty/everest/README.md index aa7d04d46..0e2546662 100644 --- a/3rdparty/everest/README.md +++ b/3rdparty/everest/README.md @@ -2,4 +2,4 @@ The files in this directory stem from [Project Everest](https://project-everest. This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS. -The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc, clang, or arm-cc, and Visual C (2010 and later). +The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later). From 2c69d10bac678d0d86615de3d01b3d5bbb4b8c45 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 22 Feb 2019 15:05:02 +0000 Subject: [PATCH 1637/2197] 3rdparty: Adjust use of Everest in ecp_supported_curves --- library/ecp.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 8ee517e38..c281d8419 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -410,11 +410,8 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] = #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) { MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" }, #endif -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) { MBEDTLS_ECP_DP_CURVE25519, 29, 256, "x25519" }, -#endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - { MBEDTLS_ECP_DP_CURVE448, 30, 448, "x448" }, #endif { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; From 6e0cac1f577db5042655c11e3562dcc53fb9df55 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 22 Feb 2019 17:02:12 +0000 Subject: [PATCH 1638/2197] 3rdparty: Fix Everest build to not depend on build-time macros --- 3rdparty/everest/CMakeLists.txt | 25 ++++------- 3rdparty/everest/Makefile.inc | 15 +------ .../everest/library/Hacl_Curve25519_joined.c | 44 +++++++++++++++++++ 3rdparty/everest/library/x25519.c | 8 +++- 4 files changed, 59 insertions(+), 33 deletions(-) create mode 100644 3rdparty/everest/library/Hacl_Curve25519_joined.c diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index 2c5d7d5b7..ede0e8313 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -2,26 +2,17 @@ list (APPEND everest_src) list (APPEND everest_inc) list (APPEND everest_def) +set(everest_src + ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c +) + +list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/../../include ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) + execute_process(COMMAND ${PERL_EXECUTABLE} scripts/config.pl -f include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) if(${result} EQUAL 0) - set(everest_src - ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c - ) - - if ("${CMAKE_LIBRARY_ARCHITECTURE}" STREQUAL "x86_64-linux-gnu") - list(APPEND everest_src ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519.c) - else() - list(APPEND everest_def -DKRML_VERIFIED_UINT128) - list(APPEND everest_src - ${CMAKE_CURRENT_SOURCE_DIR}/library/legacy/Hacl_Curve25519.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/kremlib/FStar_UInt128_extracted.c - ) - endif() - - list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/../../include ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) if(INSTALL_MBEDTLS_HEADERS) diff --git a/3rdparty/everest/Makefile.inc b/3rdparty/everest/Makefile.inc index 5387e180f..77a6b4965 100644 --- a/3rdparty/everest/Makefile.inc +++ b/3rdparty/everest/Makefile.inc @@ -1,19 +1,6 @@ -EVEREST_ENABLED=$(shell perl ../scripts/config.pl -f ../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED; echo $$?) - -ifeq ($(EVEREST_ENABLED),0) THIRDPARTY_INCLUDES+=-I../3rdparty/everest/include -I../3rdparty/everest/include/everest -I../3rdparty/everest/include/everest/kremlib THIRDPARTY_CRYPTO_OBJECTS+= \ ../3rdparty/everest/library/everest.o \ ../3rdparty/everest/library/x25519.o \ - ../3rdparty/everest/library/kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.o - -ifeq ($(shell getconf LONG_BIT),64) -THIRDPARTY_CRYPTO_OBJECTS+=../3rdparty/everest/library/Hacl_Curve25519.o -else -LOCAL_CFLAGS+="-DKRML_VERIFIED_UINT128" -THIRDPARTY_CRYPTO_OBJECTS+=../3rdparty/everest/library/legacy/Hacl_Curve25519.o \ - ../3rdparty/everest/library/kremlib/FStar_UInt128_extracted.o -endif -endif - + ../3rdparty/everest/library/Hacl_Curve25519_joined.o diff --git a/3rdparty/everest/library/Hacl_Curve25519_joined.c b/3rdparty/everest/library/Hacl_Curve25519_joined.c new file mode 100644 index 000000000..8a764bbf2 --- /dev/null +++ b/3rdparty/everest/library/Hacl_Curve25519_joined.c @@ -0,0 +1,44 @@ +/* + * Interface to code from Project Everest + * + * Copyright 2016-2018 INRIA and Microsoft Corporation + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + +#if defined(__SIZEOF_INT128__) && (__SIZEOF_INT128__ == 16) +#define MBEDTLS_HAVE_INT128 +#endif + +#if defined(MBEDTLS_HAVE_INT128) +#include "Hacl_Curve25519.c" +#else +#define KRML_VERIFIED_UINT128 +#include "kremlib/FStar_UInt128_extracted.c" +#include "legacy/Hacl_Curve25519.c" +#endif + +#include "kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c" + +#endif /* defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) */ \ No newline at end of file diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index f5856c2c5..c3bc8626c 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -25,10 +25,14 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_ECDH_C) +#if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #include +#if !(defined(__SIZEOF_INT128__) && (__SIZEOF_INT128__ == 16)) +#define KRML_VERIFIED_UINT128 +#endif + #include #include @@ -188,4 +192,4 @@ int mbedtls_x25519_read_public( mbedtls_x25519_context *ctx, } -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_ECDH_C && MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ From 26b98e12c55c24bb93d5985447cd74e9b5abe815 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Tue, 26 Feb 2019 12:26:04 +0000 Subject: [PATCH 1639/2197] 3rdparty: Fix newlines and trailing whitespace --- 3rdparty/everest/CMakeLists.txt | 2 +- 3rdparty/everest/library/Hacl_Curve25519_joined.c | 3 ++- programs/test/benchmark.c | 6 +++--- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index ede0e8313..c7749d8cb 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -4,7 +4,7 @@ list (APPEND everest_def) set(everest_src ${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c - ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c + ${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c ) diff --git a/3rdparty/everest/library/Hacl_Curve25519_joined.c b/3rdparty/everest/library/Hacl_Curve25519_joined.c index 8a764bbf2..18b32d200 100644 --- a/3rdparty/everest/library/Hacl_Curve25519_joined.c +++ b/3rdparty/everest/library/Hacl_Curve25519_joined.c @@ -41,4 +41,5 @@ #include "kremlib/FStar_UInt64_FStar_UInt32_FStar_UInt16_FStar_UInt8.c" -#endif /* defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) */ \ No newline at end of file +#endif /* defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) */ + diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index fc84f5756..74fcaa673 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1021,12 +1021,12 @@ int main( int argc, char *argv[] ) continue; mbedtls_ecdh_init( &ecdh_srv ); - mbedtls_ecdh_init( &ecdh_cli ); + mbedtls_ecdh_init( &ecdh_cli ); mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "full handshake", const unsigned char * p_srv = buf_srv; - + CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); CHECK_AND_CONTINUE( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); @@ -1038,7 +1038,7 @@ int main( int argc, char *argv[] ) CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); mbedtls_ecdh_free( &ecdh_cli ); - + mbedtls_ecdh_free( &ecdh_srv ); ); From ec70771a71bbe79a4b91cf2007927c9eb39e78bb Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 5 Apr 2019 14:17:51 +0100 Subject: [PATCH 1640/2197] 3rdparty: fix paths in Everest build scripts --- 3rdparty/everest/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index c7749d8cb..babd18314 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -10,7 +10,7 @@ set(everest_src list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/../../include ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) -execute_process(COMMAND ${PERL_EXECUTABLE} scripts/config.pl -f include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) +execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) if(${result} EQUAL 0) From d64e1e1e1ce632b2f013ee610e907f03ad803c0f Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 8 Apr 2019 14:08:02 +0100 Subject: [PATCH 1641/2197] 3rdparty: Fix Everest header installation --- 3rdparty/everest/CMakeLists.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index babd18314..3eff1c7df 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -16,11 +16,11 @@ if(${result} EQUAL 0) if(INSTALL_MBEDTLS_HEADERS) - file(GLOB_RECURSE headers "${CMAKE_CURRENT_SOURCE_DIR}/include/everest/*.h") - - install(FILES ${headers} - DESTINATION include/everest - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + install(DIRECTORY include/everest + DESTINATION include + FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ + DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE + FILES_MATCHING PATTERN "*.h") endif(INSTALL_MBEDTLS_HEADERS) From 7b747fcdc9832e8e733078fc106a831d2a738238 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 8 Apr 2019 17:00:34 +0100 Subject: [PATCH 1642/2197] 3rdparty: fix inclusion order of CMakeLists.txt This is so that third-party modules pick up the INSTALL_MBEDTLS_HEADERS variable. --- CMakeLists.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 5a0921926..16d71979a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -179,13 +179,14 @@ endif() include_directories(include/) include_directories(library/) +add_subdirectory(include) + add_subdirectory(3rdparty) include_directories(${thirdparty_inc}) list(APPEND libs ${thirdparty_lib}) add_definitions(${thirdparty_def}) add_subdirectory(library) -add_subdirectory(include) if(ENABLE_PROGRAMS) add_subdirectory(programs) From f8d4c883a78637798e71772003c6043c719eca4b Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Fri, 12 Apr 2019 18:01:08 +0100 Subject: [PATCH 1643/2197] Update generated files --- programs/test/query_config.c | 8 ++++++++ visualc/VS2010/mbedTLS.vcxproj | 1 + 2 files changed, 9 insertions(+) diff --git a/programs/test/query_config.c b/programs/test/query_config.c index f57ca3107..4f2800917 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1972,6 +1972,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ + /* If the symbol is not found, return an error */ return( 1 ); } diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index d3bfaade8..0456bc225 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -301,6 +301,7 @@ + From 6212617097634aeda4b3b1b529f0cd2ed73e7e1d Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 15 Apr 2019 11:09:00 +0100 Subject: [PATCH 1644/2197] Fix macros in benchmark.c #2124 may suffer from the same problem. --- programs/test/benchmark.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 74fcaa673..b005c203a 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -31,11 +31,7 @@ #include #define mbedtls_exit exit #define mbedtls_printf printf -#define mbedtls_snprintf snprintf #define mbedtls_free free -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #endif #if !defined(MBEDTLS_TIMING_C) From 19d5c80c338b6e71ec0d4ff7b27c578bf2b97c75 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 15 Apr 2019 11:09:33 +0100 Subject: [PATCH 1645/2197] 3rdparty: Added config checks for Everest --- include/mbedtls/check_config.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 13210746d..4965e1743 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -125,6 +125,11 @@ #error "MBEDTLS_ECP_RESTARTABLE defined, but not MBEDTLS_ECDH_LEGACY_CONTEXT" #endif +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) && \ + defined(MBEDTLS_ECDH_LEGACY_CONTEXT) +#error "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED defined, but MBEDTLS_ECDH_LEGACY_CONTEXT not disabled" +#endif + #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif From 0969eeecbc85f2df7561b1598efa1f611d26479f Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Mon, 15 Apr 2019 12:00:16 +0100 Subject: [PATCH 1646/2197] 3rdparty: Fix Everest's mbedtls_x25519_get_params --- 3rdparty/everest/library/x25519.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index c3bc8626c..990bb4d6d 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -112,14 +112,9 @@ int mbedtls_x25519_get_params( mbedtls_x25519_context *ctx, const mbedtls_ecp_ke switch( side ) { case MBEDTLS_X25519_ECDH_THEIRS: - mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, MBEDTLS_X25519_KEY_SIZE_BYTES ); - /* untested; defensively throw an error for now. */ - return(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); + return mbedtls_ecp_point_write_binary( &key->grp, &key->Q, MBEDTLS_ECP_PF_COMPRESSED, &olen, ctx->peer_point, MBEDTLS_X25519_KEY_SIZE_BYTES ); case MBEDTLS_X25519_ECDH_OURS: - mbedtls_mpi_write_binary( &key->d, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ); - /* CMW: key->Q = key->d * base; do we need to set up ctx.peer_point here? */ - /* untested; defensively throw an error for now. */ - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return mbedtls_mpi_write_binary_le( &key->d, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES ); default: return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } From 09a24b3ddae1288495c06d7dc9f1405a88a2cf26 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 12 Apr 2019 20:29:48 +0200 Subject: [PATCH 1647/2197] Add Everest components to all.sh Test a native build and a 32-bit build. For variety, the native build is with CMake and clang, and the 32-bit build is with GNU make and gcc. --- tests/scripts/all.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 513cf9b0d..244fdc327 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -618,6 +618,17 @@ component_test_new_ecdh_context () { make test } +component_test_everest () { + msg "build: Everest ECDH context (ASan build)" # ~ 6 min + scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT + scripts/config.pl set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + CC=clang cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s + make test +} + component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s scripts/config.pl full @@ -904,6 +915,19 @@ support_test_m32_o1 () { support_test_m32_o0 "$@" } +component_test_m32_everest () { + msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min + scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT + scripts/config.pl set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -m32 -fsanitize=address' + + msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s + make test +} +support_test_m32_everest () { + support_test_m32_o0 "$@" +} + component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s scripts/config.pl full From c25df6848b5b26279a098a24a025bd2b24c90c02 Mon Sep 17 00:00:00 2001 From: "Christoph M. Wintersteiger" Date: Tue, 16 Apr 2019 12:54:56 +0100 Subject: [PATCH 1648/2197] Fix code style --- library/ecdh.c | 2 +- library/ecdsa.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index f1609bde0..914eb5055 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -63,7 +63,7 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ) { /* At this time, all groups support ECDH. */ (void) gid; - return 1; + return( 1 ); } #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) diff --git a/library/ecdsa.c b/library/ecdsa.c index 162e62f02..5c3038048 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -263,7 +263,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *pk = &k, *pr = r; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( !mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) + if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* Make sure d is in range 1..n-1 */ @@ -516,7 +516,7 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( !mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) + if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); ECDSA_RS_ENTER( ver ); From 20082cb488d24b5f7817e440e800b52ad14d550d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 20 Aug 2019 15:18:19 +0100 Subject: [PATCH 1649/2197] Correct 3rdparty include path for Mbed TLS --- 3rdparty/Makefile.inc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc index 51080b7df..c93fcbcc6 100644 --- a/3rdparty/Makefile.inc +++ b/3rdparty/Makefile.inc @@ -1,2 +1,5 @@ +ifeq ($(INCLUDING_FROM_MBEDTLS), 1) +include ../crypto/3rdparty/everest/Makefile.inc +else include ../3rdparty/everest/Makefile.inc - +endif From e2e19959d76fe6a8fe594ca4fc8bdc2f2826d4a3 Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 21 Aug 2019 03:33:04 -0400 Subject: [PATCH 1650/2197] Rename AEAD macro to not use double underscores This pattern (identifiers containing a double underscore anywhere in them) is reserved. --- include/psa/crypto_values.h | 16 ++++++++-------- tests/scripts/test_psa_constant_names.py | 1 + 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 2c0acf326..e0600a189 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1015,15 +1015,15 @@ * \return The corresponding AEAD algorithm with the default * tag length for that algorithm. */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ - ( \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CCM) \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_GCM) \ - PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ + ( \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CCM) \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_GCM) \ + PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, PSA_ALG_CHACHA20_POLY1305) \ 0) -#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, ref) \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ - PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE(aead_alg, ref) \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \ + PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \ ref : #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index d248ade18..cf3a2243a 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -162,6 +162,7 @@ class Inputs: # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script # currently doesn't support them. Deprecated errors are also excluded. _excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', + 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE', 'PSA_ALG_FULL_LENGTH_MAC', 'PSA_ALG_ECDH', 'PSA_ALG_FFDH', From 712f7a804e391737b0e9d2593abe291f4ccb0303 Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 21 Aug 2019 03:34:00 -0400 Subject: [PATCH 1651/2197] Add a check for double underscores in identifiers in check-names.sh --- tests/scripts/check-names.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index 7d2302cb2..68e8c74bf 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -57,11 +57,14 @@ for THING in actual-macros enum-consts; do printf "Names of $THING: " test -r $THING BAD=$( grep -E -v '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$' $THING || true ) - if [ "x$BAD" = "x" ]; then + UNDERSCORES=$( grep -E '.*__.*' $THING || true ) + + if [ "x$BAD" = "x" ] && [ "x$UNDERSCORES" = "x" ]; then echo "PASS" else echo "FAIL" echo "$BAD" + echo "$UNDERSCORES" FAIL=1 fi done From 8013f44e1af353f90cfb18a177e6cc711a8132ce Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 16 Aug 2019 16:13:51 +0100 Subject: [PATCH 1652/2197] Make crypto_struct C++ compatible Avoid an error with differing linkages being expressed for psa_set_key_domain_parameters() between crypto_extra.h and crypto_struct.h in C++ builds. [Error] crypto_extra.h@456,14: conflicting declaration of 'psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t*, psa_key_type_t, const uint8_t *, size_t)' with 'C' linkage --- include/psa/crypto_struct.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 28bbc6ac8..e28b6daa5 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -55,6 +55,10 @@ #ifndef PSA_CRYPTO_STRUCT_H #define PSA_CRYPTO_STRUCT_H +#ifdef __cplusplus +extern "C" { +#endif + /* Include the Mbed TLS configuration file, the way Mbed TLS does it * in each of its header files. */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -497,4 +501,8 @@ static inline size_t psa_get_key_bits( return( attributes->core.bits ); } +#ifdef __cplusplus +} +#endif + #endif /* PSA_CRYPTO_STRUCT_H */ From 71dcefbb8a04865dfc3e4c1b16301d3a353b936e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 21 Aug 2019 13:01:18 +0100 Subject: [PATCH 1653/2197] Remove Mbed Crypto headers from everest_inc At this point Mbed TLS and Mbed Crypto headers with the same name, including the Mbed Crypto headers in `everest_inc` breaks Mbed TLS builds. --- 3rdparty/everest/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index 3eff1c7df..18c8731bd 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -8,7 +8,7 @@ set(everest_src ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c ) -list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/../../include ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) +list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) From c9ad5910aa937bf7fcca9de707ed73d4b140a963 Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 10 Jul 2019 06:45:31 -0400 Subject: [PATCH 1654/2197] crypto_se_driver: add mock tests Mock key importing and exporting --- tests/CMakeLists.txt | 1 + ..._suite_psa_crypto_se_driver_hal_mocks.data | 5 + ...te_psa_crypto_se_driver_hal_mocks.function | 206 ++++++++++++++++++ 3 files changed, 212 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data create mode 100644 tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7e543700e..7dcc98d0e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -143,6 +143,7 @@ add_test_suite(psa_crypto_init) add_test_suite(psa_crypto_metadata) add_test_suite(psa_crypto_persistent_key) add_test_suite(psa_crypto_se_driver_hal) +add_test_suite(psa_crypto_se_driver_hal_mocks) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_its) add_test_suite(shax) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data new file mode 100644 index 000000000..6be018e1b --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -0,0 +1,5 @@ +SE key importing mock test +mock_import: + +SE key exporting mock test +mock_export: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function new file mode 100644 index 000000000..b0033f092 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -0,0 +1,206 @@ +/* BEGIN_HEADER */ +#include "psa_crypto_helpers.h" +#include "psa/crypto_se_driver.h" + +#include "psa_crypto_se.h" + +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_key_attributes_t attributes; + size_t data_length; +} mock_import_data; + +static struct +{ + uint16_t called; + psa_key_slot_number_t slot_number; + size_t data_size; +} mock_export_data; + +static struct +{ + uint16_t called; +} mock_allocate_data; + +static struct +{ + uint16_t called; + psa_key_slot_number_t slot_number; +} mock_destroy_data; + +static void mock_teardown( void ) +{ + memset( &mock_import_data, 0, sizeof( mock_import_data ) ); + memset( &mock_export_data, 0, sizeof( mock_export_data ) ); + memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); + memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); +} + +static psa_status_t mock_import( psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits ) +{ + (void) drv_context; + (void) data; + (void) bits; + + mock_import_data.called++; + mock_import_data.key_slot = key_slot; + mock_import_data.attributes = *attributes; + mock_import_data.data_length = data_length; + + return( PSA_SUCCESS ); +} + +psa_status_t mock_export( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ) +{ + (void) context; + (void) p_data; + (void) p_data_length; + + mock_export_data.called++; + mock_export_data.slot_number = slot_number; + mock_export_data.data_size = data_size; + + return( PSA_SUCCESS ); +} + +psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *key_slot ) +{ + (void) drv_context; + (void) persistent_data; + (void) attributes; + (void) method; + (void) key_slot; + + mock_allocate_data.called++; + *key_slot = 0; + + return( PSA_SUCCESS ); +} + +psa_status_t mock_destroy( psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number ) +{ + (void) context; + (void) persistent_data; + + mock_destroy_data.called++; + mock_destroy_data.slot_number = slot_number; + + return( PSA_SUCCESS ); +} + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_SE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void mock_import( ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( mock_allocate_data.called == 1 ); + TEST_ASSERT( mock_import_data.called == 1 ); + TEST_ASSERT( mock_import_data.attributes.core.type == PSA_KEY_TYPE_RAW_DATA ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mock_export( ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + uint8_t exported[sizeof( key_material )]; + size_t exported_length; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_export = mock_export; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + PSA_ASSERT( psa_export_key( handle, + exported, sizeof( exported ), + &exported_length ) ); + + TEST_ASSERT( mock_export_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From 9fd6b0cb6fa8a05d874d1f077f76fc2950e6ba93 Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 10 Jul 2019 07:02:36 -0400 Subject: [PATCH 1655/2197] crypto_se_driver: add key generation mock and test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 3 + ...te_psa_crypto_se_driver_hal_mocks.function | 69 +++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index 6be018e1b..5f440fd0f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -3,3 +3,6 @@ mock_import: SE key exporting mock test mock_export: + +SE key generating mock test +mock_generate: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index b0033f092..1a132fd91 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -4,6 +4,14 @@ #include "psa_crypto_se.h" +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_key_attributes_t attributes; + size_t pubkey_size; +} mock_generate_data; + static struct { uint16_t called; @@ -36,6 +44,26 @@ static void mock_teardown( void ) memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); + memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); +} + +static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length ) +{ + (void) drv_context; + (void) pubkey; + (void) pubkey_length; + + mock_generate_data.called++; + mock_generate_data.key_slot = key_slot; + mock_generate_data.attributes = *attributes; + mock_generate_data.pubkey_size = pubkey_size; + + return( PSA_SUCCESS ); } static psa_status_t mock_import( psa_drv_se_context_t *drv_context, @@ -204,3 +232,44 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_generate( ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_generate = mock_generate; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + TEST_ASSERT( mock_allocate_data.called == 1 ); + TEST_ASSERT( mock_generate_data.called == 1 ); + + if( expected_result == PSA_SUCCESS ) + { + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + } + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From 903b5da51c009d2299c7d8b5b147f2059c6a6e3b Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 10 Jul 2019 09:11:01 -0400 Subject: [PATCH 1656/2197] crypto_se_driver: add an error injection mechanism to the mocks --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 21 +++++- ...te_psa_crypto_se_driver_hal_mocks.function | 74 +++++++++++++------ 2 files changed, 71 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index 5f440fd0f..bb6586d85 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -1,8 +1,23 @@ SE key importing mock test -mock_import: +mock_import:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +SE key importing mock test: alloc failed +mock_import:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE + +SE key importing mock test: import failed +mock_import:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE SE key exporting mock test -mock_export: +mock_export:PSA_SUCCESS:PSA_SUCCESS + +SE key exporting mock test: export failed +mock_export:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE SE key generating mock test -mock_generate: +mock_generate:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +SE key generating mock test: alloc failed +mock_generate:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE + +SE key generating mock test: generating failed +mock_generate:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 1a132fd91..78eaedaa3 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -10,6 +10,7 @@ static struct psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; size_t pubkey_size; + psa_status_t return_value; } mock_generate_data; static struct @@ -18,6 +19,7 @@ static struct psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; size_t data_length; + psa_status_t return_value; } mock_import_data; static struct @@ -25,17 +27,20 @@ static struct uint16_t called; psa_key_slot_number_t slot_number; size_t data_size; + psa_status_t return_value; } mock_export_data; static struct { uint16_t called; + psa_status_t return_value; } mock_allocate_data; static struct { uint16_t called; psa_key_slot_number_t slot_number; + psa_status_t return_value; } mock_destroy_data; static void mock_teardown( void ) @@ -63,7 +68,7 @@ static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, mock_generate_data.attributes = *attributes; mock_generate_data.pubkey_size = pubkey_size; - return( PSA_SUCCESS ); + return( mock_generate_data.return_value ); } static psa_status_t mock_import( psa_drv_se_context_t *drv_context, @@ -82,7 +87,7 @@ static psa_status_t mock_import( psa_drv_se_context_t *drv_context, mock_import_data.attributes = *attributes; mock_import_data.data_length = data_length; - return( PSA_SUCCESS ); + return( mock_import_data.return_value ); } psa_status_t mock_export( psa_drv_se_context_t *context, @@ -99,7 +104,7 @@ psa_status_t mock_export( psa_drv_se_context_t *context, mock_export_data.slot_number = slot_number; mock_export_data.data_size = data_size; - return( PSA_SUCCESS ); + return( mock_export_data.return_value ); } psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, @@ -117,7 +122,7 @@ psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, mock_allocate_data.called++; *key_slot = 0; - return( PSA_SUCCESS ); + return( mock_allocate_data.return_value ); } psa_status_t mock_destroy( psa_drv_se_context_t *context, @@ -130,7 +135,7 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, mock_destroy_data.called++; mock_destroy_data.slot_number = slot_number; - return( PSA_SUCCESS ); + return( mock_destroy_data.return_value ); } /* END_HEADER */ @@ -141,7 +146,9 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, */ /* BEGIN_CASE */ -void mock_import( ) +void mock_import( int mock_alloc_return_value, + int mock_import_return_value, + int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -151,6 +158,8 @@ void mock_import( ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + mock_allocate_data.return_value = mock_alloc_return_value; + mock_import_data.return_value = mock_import_return_value; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -166,18 +175,27 @@ void mock_import( ) psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &handle ) ); + TEST_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_import_data.called == 1 ); - TEST_ASSERT( mock_import_data.attributes.core.type == PSA_KEY_TYPE_RAW_DATA ); - - PSA_ASSERT( psa_destroy_key( handle ) ); - - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT( mock_import_data.called == + ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.id == + ( mock_alloc_return_value == PSA_SUCCESS? id : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.lifetime == + ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.policy.usage == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); + TEST_ASSERT( mock_import_data.attributes.core.type == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); + if( expected_result == PSA_SUCCESS ) + { + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + } exit: PSA_DONE( ); mock_teardown( ); @@ -185,7 +203,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mock_export( ) +void mock_export( int mock_export_return_value, int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -197,6 +215,7 @@ void mock_export( ) uint8_t exported[sizeof( key_material )]; size_t exported_length; + mock_export_data.return_value = mock_export_return_value; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -217,9 +236,9 @@ void mock_export( ) key_material, sizeof( key_material ), &handle ) ); - PSA_ASSERT( psa_export_key( handle, + TEST_ASSERT( psa_export_key( handle, exported, sizeof( exported ), - &exported_length ) ); + &exported_length ) == expected_result ); TEST_ASSERT( mock_export_data.called == 1 ); @@ -234,7 +253,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mock_generate( ) +void mock_generate( int mock_alloc_return_value, + int mock_generate_return_value, + int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -243,6 +264,8 @@ void mock_generate( ) psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mock_allocate_data.return_value = mock_alloc_return_value; + mock_generate_data.return_value = mock_generate_return_value; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -258,9 +281,18 @@ void mock_generate( ) psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + TEST_ASSERT( psa_generate_key( &attributes, &handle ) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_generate_data.called == 1 ); + TEST_ASSERT( mock_generate_data.called == + ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.id == + ( mock_alloc_return_value == PSA_SUCCESS? id : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.lifetime == + ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.policy.usage == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); + TEST_ASSERT( mock_generate_data.attributes.core.type == + ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); if( expected_result == PSA_SUCCESS ) { From 136901c24c8f2ebc6398cdf2b8a604d0a74e8ae6 Mon Sep 17 00:00:00 2001 From: Unknown Date: Thu, 11 Jul 2019 04:11:17 -0400 Subject: [PATCH 1657/2197] crypto_se_driver: add public key exporting test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 6 ++ ...te_psa_crypto_se_driver_hal_mocks.function | 75 +++++++++++++++++++ 2 files changed, 81 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index bb6586d85..deab44fff 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -13,6 +13,12 @@ mock_export:PSA_SUCCESS:PSA_SUCCESS SE key exporting mock test: export failed mock_export:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE +SE public key exporting mock test +mock_export_public:PSA_SUCCESS:PSA_SUCCESS + +SE public key exporting mock test: export failed +mock_export_public:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE + SE key generating mock test mock_generate:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 78eaedaa3..bce3c18f8 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -30,6 +30,14 @@ static struct psa_status_t return_value; } mock_export_data; +static struct +{ + uint16_t called; + psa_key_slot_number_t slot_number; + size_t data_size; + psa_status_t return_value; +} mock_export_public_data; + static struct { uint16_t called; @@ -47,6 +55,7 @@ static void mock_teardown( void ) { memset( &mock_import_data, 0, sizeof( mock_import_data ) ); memset( &mock_export_data, 0, sizeof( mock_export_data ) ); + memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); @@ -107,6 +116,23 @@ psa_status_t mock_export( psa_drv_se_context_t *context, return( mock_export_data.return_value ); } +psa_status_t mock_export_public( psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length ) +{ + (void) context; + (void) p_data; + (void) p_data_length; + + mock_export_public_data.called++; + mock_export_public_data.slot_number = slot_number; + mock_export_public_data.data_size = data_size; + + return( mock_export_public_data.return_value ); +} + psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -305,3 +331,52 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_export_public( int mock_export_public_return_value, + int expected_result ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + uint8_t exported[sizeof( key_material )]; + size_t exported_length; + + mock_export_public_data.return_value = mock_export_public_return_value; + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_export_public = mock_export_public; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY ); + + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( psa_export_public_key( handle, exported, sizeof(exported), + &exported_length ) == expected_result ); + TEST_ASSERT( mock_export_public_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From b7656a8a85c6863ae77b6caec7133a00d975f416 Mon Sep 17 00:00:00 2001 From: Unknown Date: Thu, 11 Jul 2019 06:01:33 -0400 Subject: [PATCH 1658/2197] crypto_se_driver: add signing mock test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 6 ++ ...te_psa_crypto_se_driver_hal_mocks.function | 90 +++++++++++++++++++ 2 files changed, 96 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index deab44fff..ca294c2a4 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -27,3 +27,9 @@ mock_generate:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE SE key generating mock test: generating failed mock_generate:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE + +SE signing mock test +mock_sign:PSA_SUCCESS:PSA_SUCCESS + +SE signing mock test: sign failed +mock_sign:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index bce3c18f8..dae0905d5 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -38,6 +38,16 @@ static struct psa_status_t return_value; } mock_export_public_data; +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_algorithm_t alg; + size_t hash_length; + size_t signature_size; + psa_status_t return_value; +} mock_sign_data; + static struct { uint16_t called; @@ -56,6 +66,7 @@ static void mock_teardown( void ) memset( &mock_import_data, 0, sizeof( mock_import_data ) ); memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); + memset( &mock_sign_data, 0, sizeof( mock_sign_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); @@ -133,6 +144,29 @@ psa_status_t mock_export_public( psa_drv_se_context_t *context, return( mock_export_public_data.return_value ); } +psa_status_t mock_sign( psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length ) +{ + (void) context; + (void) p_hash; + (void) p_signature; + (void) p_signature_length; + + mock_sign_data.called++; + mock_sign_data.key_slot = key_slot; + mock_sign_data.alg = alg; + mock_sign_data.hash_length = hash_length; + mock_sign_data.signature_size = signature_size; + + return mock_sign_data.return_value; +} + psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -380,3 +414,59 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_sign( int mock_sign_return_value, int expected_result ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_drv_se_asymmetric_t asymmetric; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + size_t signature_length; + + mock_sign_data.return_value = mock_sign_return_value; + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + memset( &asymmetric, 0, sizeof( asymmetric ) ); + + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + driver.asymmetric = &asymmetric; + asymmetric.p_sign = mock_sign; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_algorithm( &attributes, algorithm ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR ); + + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( psa_asymmetric_sign( handle, algorithm, NULL, 0, NULL, 0, + &signature_length) + == expected_result ); + TEST_ASSERT( mock_sign_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From f740b0abbbbdd819f7aa2f73996bb4ddd352cd00 Mon Sep 17 00:00:00 2001 From: Unknown Date: Thu, 11 Jul 2019 06:35:46 -0400 Subject: [PATCH 1659/2197] crypto_se_driver: add verification mock test --- ..._suite_psa_crypto_se_driver_hal_mocks.data | 6 ++ ...te_psa_crypto_se_driver_hal_mocks.function | 86 +++++++++++++++++++ 2 files changed, 92 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index ca294c2a4..c05b18274 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -33,3 +33,9 @@ mock_sign:PSA_SUCCESS:PSA_SUCCESS SE signing mock test: sign failed mock_sign:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE + +SE verification mock test +mock_verify:PSA_SUCCESS:PSA_SUCCESS + +SE verification mock test: verify failed +mock_verify:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index dae0905d5..ba5142823 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -48,6 +48,16 @@ static struct psa_status_t return_value; } mock_sign_data; +static struct +{ + uint16_t called; + psa_key_slot_number_t key_slot; + psa_algorithm_t alg; + size_t hash_length; + size_t signature_length; + psa_status_t return_value; +} mock_verify_data; + static struct { uint16_t called; @@ -67,6 +77,7 @@ static void mock_teardown( void ) memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); memset( &mock_sign_data, 0, sizeof( mock_sign_data ) ); + memset( &mock_verify_data, 0, sizeof( mock_verify_data ) ); memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); @@ -167,6 +178,27 @@ psa_status_t mock_sign( psa_drv_se_context_t *context, return mock_sign_data.return_value; } +psa_status_t mock_verify( psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length ) +{ + (void) context; + (void) p_hash; + (void) p_signature; + + mock_verify_data.called++; + mock_verify_data.key_slot = key_slot; + mock_verify_data.alg = alg; + mock_verify_data.hash_length = hash_length; + mock_verify_data.signature_length = signature_length; + + return mock_verify_data.return_value; +} + psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -470,3 +502,57 @@ exit: mock_teardown( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void mock_verify( int mock_verify_return_value, int expected_result ) +{ + psa_drv_se_t driver; + psa_drv_se_key_management_t key_management; + psa_drv_se_asymmetric_t asymmetric; + psa_key_lifetime_t lifetime = 2; + psa_key_id_t id = 1; + psa_key_handle_t handle = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + + mock_verify_data.return_value = mock_verify_return_value; + memset( &driver, 0, sizeof( driver ) ); + memset( &key_management, 0, sizeof( key_management ) ); + memset( &asymmetric, 0, sizeof( asymmetric ) ); + + driver.hal_version = PSA_DRV_SE_HAL_VERSION; + + driver.key_management = &key_management; + key_management.p_import = mock_import; + key_management.p_destroy = mock_destroy; + key_management.p_allocate = mock_allocate; + + driver.asymmetric = &asymmetric; + asymmetric.p_verify = mock_verify; + + PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_id( &attributes, id ); + psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_algorithm( &attributes, algorithm ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + + PSA_ASSERT( psa_import_key( &attributes, + key_material, sizeof( key_material ), + &handle ) ); + + TEST_ASSERT( psa_asymmetric_verify( handle, algorithm, NULL, 0, NULL, 0) + == expected_result ); + TEST_ASSERT( mock_verify_data.called == 1 ); + + PSA_ASSERT( psa_destroy_key( handle ) ); + TEST_ASSERT( mock_destroy_data.called == 1 ); + +exit: + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ From 4abb40cab3003567f1b4d1c91ffd9ba6033b7cdc Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 30 Jul 2019 16:01:45 +0100 Subject: [PATCH 1660/2197] Clean up core storage between tests --- ...te_psa_crypto_se_driver_hal_mocks.function | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index ba5142823..9d73d8f1a 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -3,6 +3,7 @@ #include "psa/crypto_se_driver.h" #include "psa_crypto_se.h" +#include "psa_crypto_storage.h" static struct { @@ -71,6 +72,23 @@ static struct psa_status_t return_value; } mock_destroy_data; +#define MAX_KEY_ID_FOR_TEST 10 +static void psa_purge_storage( void ) +{ + psa_key_id_t id; + psa_key_lifetime_t lifetime; + /* The tests may have potentially created key ids from 1 to + * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id + * 0, which file-based storage uses as a temporary file. */ + for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ ) + psa_destroy_persistent_key( id ); + /* Purge the transaction file. */ + psa_crypto_stop_transaction( ); + /* Purge driver persistent data. */ + for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ ) + psa_destroy_se_persistent_data( lifetime ); +} + static void mock_teardown( void ) { memset( &mock_import_data, 0, sizeof( mock_import_data ) ); @@ -81,6 +99,7 @@ static void mock_teardown( void ) memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); + psa_purge_storage( ); } static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, From 74c932e596e23bf5a8034ce5b80c7b116deb139b Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 16 Aug 2019 15:24:14 +0100 Subject: [PATCH 1661/2197] Parametrize key bits in import mock test --- .../test_suite_psa_crypto_se_driver_hal_mocks.data | 12 +++++++++--- ...est_suite_psa_crypto_se_driver_hal_mocks.function | 6 +++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index c05b18274..dba68758f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -1,11 +1,17 @@ SE key importing mock test -mock_import:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +mock_import:PSA_SUCCESS:PSA_SUCCESS:0:PSA_SUCCESS + +SE key importing mock test: max key bits +mock_import:PSA_SUCCESS:PSA_SUCCESS:PSA_MAX_KEY_BITS:PSA_SUCCESS + +SE key importing mock test: more than max key bits +mock_import:PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_MAX_KEY_BITS+1:PSA_ERROR_NOT_SUPPORTED SE key importing mock test: alloc failed -mock_import:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE +mock_import:PSA_ERROR_HARDWARE_FAILURE:PSA_SUCCESS:0:PSA_ERROR_HARDWARE_FAILURE SE key importing mock test: import failed -mock_import:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE +mock_import:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:0:PSA_ERROR_HARDWARE_FAILURE SE key exporting mock test mock_export:PSA_SUCCESS:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 9d73d8f1a..e3641789f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -19,6 +19,7 @@ static struct uint16_t called; psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; + size_t bits; size_t data_length; psa_status_t return_value; } mock_import_data; @@ -130,7 +131,8 @@ static psa_status_t mock_import( psa_drv_se_context_t *drv_context, { (void) drv_context; (void) data; - (void) bits; + + *bits = mock_import_data.bits; mock_import_data.called++; mock_import_data.key_slot = key_slot; @@ -259,6 +261,7 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, /* BEGIN_CASE */ void mock_import( int mock_alloc_return_value, int mock_import_return_value, + int bits, int expected_result ) { psa_drv_se_t driver; @@ -271,6 +274,7 @@ void mock_import( int mock_alloc_return_value, mock_allocate_data.return_value = mock_alloc_return_value; mock_import_data.return_value = mock_import_return_value; + mock_import_data.bits = bits; memset( &driver, 0, sizeof( driver ) ); memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; From 0892d0fbbf5778d40d9cd1c81ba841d86e19c5c4 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 20 Aug 2019 09:50:14 +0100 Subject: [PATCH 1662/2197] Initialize key bits to max size + 1 in psa_import_key In psa_import_key, the key bits value was uninitialized before calling the secure element driver import function. There is a potential issue if the driver returns PSA_SUCCESS without setting the key bits. This shouldn't happen, but shouldn't be discounted either, so we initialize the key bits to an invalid issue. --- library/psa_crypto.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6ec2a1c38..93af0d398 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1835,7 +1835,9 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, if( driver != NULL ) { const psa_drv_se_t *drv = psa_get_se_driver_methods( driver ); - size_t bits; + /* The driver should set the number of key bits, however in + * case it doesn't, we initialize bits to an invalid value. */ + size_t bits = PSA_MAX_KEY_BITS + 1; if( drv->key_management == NULL || drv->key_management->p_import == NULL ) { From 203491c65d143631688fd306ecaf81e5b27e16e1 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 21 Aug 2019 17:55:30 +0100 Subject: [PATCH 1663/2197] Remove duplicated information in psa_open_key The information about implmementation keys is duplicated. --- include/psa/crypto.h | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2b5bb97fc..81739bcdc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -358,18 +358,14 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key * always has a nonzero key identifier, set with psa_set_key_id() when * creating the key. Implementations may provide additional pre-provisioned - * keys with identifiers in the range - * #PSA_KEY_ID_VENDOR_MIN–#PSA_KEY_ID_VENDOR_MAX. + * keys that can be opened with psa_open_key(). Such keys have a key identifier + * in the vendor range, as documented in the description of #psa_key_id_t. * * The application must eventually close the handle with psa_close_key() * to release associated resources. If the application dies without calling * psa_close_key(), the implementation should perform the equivalent of a * call to psa_close_key(). * - * Implementations may provide additional keys that can be opened with - * psa_open_key(). Such keys have a key identifier in the vendor range, - * as documented in the description of #psa_key_id_t. - * * \param id The persistent identifier of the key. * \param[out] handle On success, a handle to the key. * From 9741b114402b5552cdbeaf52352391d10bd3ddc7 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 21 Aug 2019 18:20:41 +0100 Subject: [PATCH 1664/2197] Update psa_open_key documentation - Describe the implementation defined behavior for opening multiple keys, and provide a reference to the relevant section. - Describe the use of INSUFFICENT_MEMORY error to indicate additional implementation resource constaints. - Clarify the distinction between DOES_NOT_EXIST and INVALID_HANDLE error conditions. --- include/psa/crypto.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 81739bcdc..e067cbdd1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -366,6 +366,11 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * psa_close_key(), the implementation should perform the equivalent of a * call to psa_close_key(). * + * Some implementations permit an application to open the same key multiple + * times. Applications that rely on this behavior will not be portable to + * implementations that only permit a single key handle to be opened. See + * also :ref:\`key-handles\`. + * * \param id The persistent identifier of the key. * \param[out] handle On success, a handle to the key. * @@ -373,9 +378,14 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * Success. The application can now use the value of `*handle` * to access the key. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * The implementation does not have sufficient resources to open the + * key. This can be due to reaching an implementation limit on the + * number of open keys, the number of open key handles, or available + * memory. * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no persistent key with key identifier \p id. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p id is invalid. + * \p id is not a valid persistent key identifier. * \retval #PSA_ERROR_NOT_PERMITTED * The specified key exists, but the application does not have the * permission to access it. Note that this specification does not From 3daba812d7640274f40069aedb0a943c0e61f799 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 21 Aug 2019 22:46:56 +0100 Subject: [PATCH 1665/2197] Update documentation for psa_close_key Adjust the wording to permit multiple handles to a single key - closing a handle does not necessarily release volatile memory associated with the key, that only occurs when the last handle is closed. --- include/psa/crypto.h | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e067cbdd1..8aa11ce94 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -400,15 +400,19 @@ psa_status_t psa_open_key(psa_key_id_t id, /** Close a key handle. * - * If the handle designates a volatile key, destroy the key material and - * free all associated resources, just like psa_destroy_key(). + * If the handle designates a volatile key, this will destroy the key material + * and free all associated resources, just like psa_destroy_key(). * - * If the handle designates a persistent key, free all resources associated - * with the key in volatile memory. The key in persistent storage is - * not affected and can be opened again later with psa_open_key(). + * If this is the last open handle to a persistent key, then closing the handle + * will free all resources associated with the key in volatile memory. The key + * data in persistent storage is not affected and can be opened again later + * with a call to psa_open_key(). * - * If the key is currently in use in a multipart operation, - * the multipart operation is aborted. + * Closing the key handle makes the handle invalid, and the key handle + * must not be used again by the application.. + * + * If the key is currently in use in a multipart operation, then closing the + * last handle to the key will abort the multipart operation. * * \param handle The key handle to close. * From 07f16b78ffc90a0d1a735289c5eee33f40ec3fe8 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 21 Aug 2019 22:48:47 +0100 Subject: [PATCH 1666/2197] Update documentation for psa_destroy_key Define the affect on handles to the key and on active multipart operations. --- include/psa/crypto.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8aa11ce94..eac0ff2bf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -506,6 +506,11 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * This function also erases any metadata such as policies and frees all * resources associated with the key. * + * Destroying a key will invalidate all existing handles to the key. + * + * If the key is currently in use in a multipart operation, then destroying the + * key will abort the multipart operation. + * * \param handle Handle to the key to erase. * * \retval #PSA_SUCCESS From 3c2b80377b208ee1ffd4e04ff9646c47fe4255a6 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Thu, 22 Aug 2019 12:20:12 +0100 Subject: [PATCH 1667/2197] Cross reference 'key handles' from INVALID_HANDLE --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e0600a189..0781fa441 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -268,7 +268,7 @@ * to read from a resource. */ #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) -/** The key handle is not valid. +/** The key handle is not valid. See also :ref:\`key-handles\`. */ #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) From 8824daec6ff61a513c23331e0990a9e9c44daf5b Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Thu, 22 Aug 2019 15:04:48 +0100 Subject: [PATCH 1668/2197] Editorial fixes. --- include/psa/crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index eac0ff2bf..c3f8b6ea7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -409,10 +409,10 @@ psa_status_t psa_open_key(psa_key_id_t id, * with a call to psa_open_key(). * * Closing the key handle makes the handle invalid, and the key handle - * must not be used again by the application.. + * must not be used again by the application. * * If the key is currently in use in a multipart operation, then closing the - * last handle to the key will abort the multipart operation. + * last remaining handle to the key will abort the multipart operation. * * \param handle The key handle to close. * From 884738a2d65104879b59d9d11ee322c438a39f85 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 16 Aug 2019 17:58:31 +0100 Subject: [PATCH 1669/2197] getting_started: Update for PSA Crypto API 1.0b3 --- docs/getting_started.md | 769 +++++++++++++++++++++++++++++----------- 1 file changed, 564 insertions(+), 205 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 9ab4f8f6c..4d380e088 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -63,35 +63,50 @@ To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other A ### Importing a key -To use a key for cryptography operations in Mbed Crypto, you need to first import it into a key slot. Each slot can store only one key at a time. The slot where the key is stored must be unoccupied, and valid for a key of the chosen type. +To use a key for cryptography operations in Mbed Crypto, you need to first +import it. Upon importing, you'll be given a handle to refer to the key for use +with other function calls. -Prerequisites to importing keys: +Prerequisites for importing keys: * Initialize the library with a successful call to `psa_crypto_init`. -Importing a key and checking key information: -1. Import a key pair into key slot `1`. -1. Test the information stored in this slot: +Importing a key: ```C - int key_slot = 1; - uint8_t *data = "KEY_PAIR_KEY_DATA"; - size_t data_size; - psa_key_type_t type = PSA_KEY_TYPE_RSA_PUBLIC_KEY; - size_t got_bits; - psa_key_type_t got_type; - size_t expected_bits = data_size; - psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA; - size_t export_size = data_size; + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t data[] = AES_KEY; + psa_key_handle_t handle; - psa_crypto_init(); + printf("Import an AES key...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } + + /* Set key attributes */ + psa_set_key_usage_flags(&attributes, 0); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, 128); /* Import the key */ - status = psa_import_key(key_slot, type, data, data_size); + status = psa_import_key(&attributes, data, sizeof(data), &handle); + if (status != PSA_SUCCESS) { + printf("Failed to import key\n"); + return; + } + printf("Imported a key\n"); - /* Test the key information */ - status = psa_get_key_information(slot, &got_type, &got_bits); + /* Free the attributes */ + psa_reset_key_attributes(&attributes); /* Destroy the key */ - psa_destroy_key(key_slot); + psa_destroy_key(handle); + mbedtls_psa_crypto_free(); ``` @@ -99,48 +114,70 @@ Importing a key and checking key information: Mbed Crypto provides support for encrypting, decrypting, signing and verifying messages using public key signature algorithms (such as RSA or ECDSA). -Prerequisites to working with the asymmetric cipher API: +Prerequisites for performing asymmetric signature operations: * Initialize the library with a successful call to `psa_crypto_init`. -* Configure the key policy accordingly: - * `PSA_KEY_USAGE_SIGN` to allow signing. - * `PSA_KEY_USAGE_VERIFY` to allow signature verification. -* Have a valid key in the key slot. +* Have a valid key with appropriate attributes set: + * Usage flag `PSA_KEY_USAGE_SIGN` to allow signing. + * Usage flag `PSA_KEY_USAGE_VERIFY` to allow signature verification. + * Algorithm set to desired signature algorithm. -To sign a given message `payload` using RSA: -1. Set the key policy of the chosen key slot by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_SIGN` parameter and the algorithm `PSA_ALG_RSA_PKCS1V15_SIGN_RAW`. -This allows the key in the key slot to be used for RSA signing. -1. Import the key into the key slot by calling `psa_import_key()`. You can use an already imported key instead of importing a new one. -1. Call `psa_asymmetric_sign()` and get the output buffer that contains the signature: +To sign a given `hash` using RSA: +1. Call `psa_asymmetric_sign()` and get the output buffer that contains the + signature: ```C psa_status_t status; - int key_slot = 1; - unsigned char key[] = "RSA_KEY"; - unsigned char payload[] = "ASYMMETRIC_INPUT_FOR_SIGN"; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t key[] = RSA_KEY; + uint8_t hash[] = "INPUT_FOR_SIGN"; + uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; + psa_key_handle_t handle; + printf("Sign a message...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } + + /* Set key attributes */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); + psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_SIGN_RAW); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); + psa_set_key_bits(&attributes, 1024); /* Import the key */ - psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_SIGN, - PSA_ALG_RSA_PKCS1V15_SIGN_RAW); - status = psa_set_key_policy(key_slot, &policy); + status = psa_import_key(&attributes, key, sizeof(key), &handle); + if (status != PSA_SUCCESS) { + printf("Failed to import key\n"); + return; + } - status = psa_import_key(key_slot, PSA_KEY_TYPE_RSA_KEY_PAIR, - key, sizeof(key)); - - /* Sing message using the key */ - status = psa_asymmetric_sign(key_slot, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, - payload, sizeof(payload), + /* Sign message using the key */ + status = psa_asymmetric_sign(handle, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, + hash, sizeof(hash), signature, sizeof(signature), &signature_length); + if (status != PSA_SUCCESS) { + printf("Failed to sign\n"); + return; + } + + printf("Signed a message\n"); + + /* Free the attributes */ + psa_reset_key_attributes(&attributes); + /* Destroy the key */ - psa_destroy_key(key_slot); + psa_destroy_key(handle); + mbedtls_psa_crypto_free(); ``` -### Encrypting or decrypting using symmetric ciphers +### Using symmetric ciphers Mbed Crypto provides support for encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers). @@ -156,32 +193,78 @@ Encrypting a message with a symmetric cipher: 1. Call `psa_cipher_update` one or more times, passing either the whole or only a fragment of the message each time. 1. Call `psa_cipher_finish` to end the operation and output the encrypted message. -Encrypting random data using an AES key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled): +Encrypting data using an AES key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled): ```c - psa_key_slot_t key_slot = 1; + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), + }; + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; - psa_cipher_operation_t operation; - size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES); - unsigned char input[block_size]; - unsigned char iv[block_size]; + uint8_t plaintext[block_size] = SOME_PLAINTEXT; + uint8_t iv[block_size]; size_t iv_len; - unsigned char output[block_size]; + uint8_t key[] = AES_KEY; + uint8_t output[block_size]; size_t output_len; + psa_key_handle_t handle; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - /* generate some random data to be encrypted */ - psa_generate_random(input, sizeof(input)); + printf("Encrypt with cipher...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) + { + printf("Failed to initialize PSA Crypto\n"); + return; + } + + /* Import a key */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, 128); + status = psa_import_key(&attributes, key, sizeof(key), &handle); + if (status != PSA_SUCCESS) { + printf("Failed to import a key\n"); + return; + } + psa_reset_key_attributes(&attributes); + + /* Encrypt the plaintext */ + status = psa_cipher_encrypt_setup(&operation, handle, alg); + if (status != PSA_SUCCESS) { + printf("Failed to begin cipher operation\n"); + return; + } + status = psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len); + if (status != PSA_SUCCESS) { + printf("Failed to generate IV\n"); + return; + } + status = psa_cipher_update(&operation, plaintext, sizeof(plaintext), + output, sizeof(output), &output_len); + if (status != PSA_SUCCESS) { + printf("Failed to update cipher operation\n"); + return; + } + status = psa_cipher_finish(&operation, output + output_len, + sizeof(output) - output_len, &output_len); + if (status != PSA_SUCCESS) { + printf("Failed to finish cipher operation\n"); + return; + } + printf("Encrypted plaintext\n"); - /* encrypt the key */ - psa_cipher_encrypt_setup(&operation, key_slot, alg); - psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len); - psa_cipher_update(&operation, input, sizeof(input), - output, sizeof(output), - &output_len); - psa_cipher_finish(&operation, - output + output_len, sizeof(output) - output_len, - &output_len); /* Clean up cipher operation context */ psa_cipher_abort(&operation); + + /* Destroy the key */ + psa_destroy_key(handle); + + mbedtls_psa_crypto_free(); ``` Decrypting a message with a symmetric cipher: @@ -194,31 +277,75 @@ Decrypting a message with a symmetric cipher: Decrypting encrypted data using an AES key in CBC mode with no padding (assuming all prerequisites have been fulfilled): ```c - psa_key_slot_t key_slot = 1; + enum { + block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), + }; + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; - psa_cipher_operation_t operation; - size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES); - unsigned char input[block_size]; - unsigned char iv[block_size]; - size_t iv_len; - unsigned char output[block_size]; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + uint8_t ciphertext[block_size] = SOME_CIPHERTEXT; + uint8_t iv[block_size] = ENCRYPTED_WITH_IV; + uint8_t key[] = AES_KEY; + uint8_t output[block_size]; size_t output_len; + psa_key_handle_t handle; - /* setup input data */ - fetch_iv(iv, sizeof(iv)); /* fetch the IV used when the data was encrypted */ - fetch_input(input, sizeof(input)); /* fetch the data to be decrypted */ + printf("Decrypt with cipher...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) + { + printf("Failed to initialize PSA Crypto\n"); + return; + } + + /* Import a key */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, 128); + status = psa_import_key(&attributes, key, sizeof(key), &handle); + if (status != PSA_SUCCESS) { + printf("Failed to import a key\n"); + return; + } + psa_reset_key_attributes(&attributes); + + /* Decrypt the ciphertext */ + status = psa_cipher_decrypt_setup(&operation, handle, alg); + if (status != PSA_SUCCESS) { + printf("Failed to begin cipher operation\n"); + return; + } + status = psa_cipher_set_iv(&operation, iv, sizeof(iv)); + if (status != PSA_SUCCESS) { + printf("Failed to set IV\n"); + return; + } + status = psa_cipher_update(&operation, ciphertext, sizeof(ciphertext), + output, sizeof(output), &output_len); + if (status != PSA_SUCCESS) { + printf("Failed to update cipher operation\n"); + return; + } + status = psa_cipher_finish(&operation, output + output_len, + sizeof(output) - output_len, &output_len); + if (status != PSA_SUCCESS) { + printf("Failed to finish cipher operation\n"); + return; + } + printf("Decrypted ciphertext\n"); - /* encrypt the encrypted data */ - psa_cipher_decrypt_setup(&operation, key_slot, alg); - psa_cipher_set_iv(&operation, iv, sizeof(iv)); - psa_cipher_update(&operation, input, sizeof(input), - output, sizeof(output), - &output_len); - psa_cipher_finish(&operation, - output + output_len, sizeof(output) - output_len, - &output_len); /* Clean up cipher operation context */ psa_cipher_abort(&operation); + + /* Destroy the key */ + psa_destroy_key(handle); + + mbedtls_psa_crypto_free(); ``` #### Handling cipher operation contexts @@ -237,9 +364,8 @@ Multiple sequential calls to `psa_cipher_abort` on an operation that has already ### Hashing a message -Mbed Crypto lets you compute and verify hashes using various hashing algorithms. - -The current implementation supports the following hash algorithms: `MD2`, `MD4`, `MD5`, `RIPEMD160`, `SHA-1`, `SHA-224`, `SHA-256`, `SHA-384`, and `SHA-512`. +Mbed Crypto lets you compute and verify hashes using various hashing +algorithms. Prerequisites to working with the hash APIs: * Initialize the library with a successful call to `psa_crypto_init`. @@ -252,25 +378,54 @@ To calculate a hash: Calculate the `SHA-256` hash of a message: ```c + psa_status_t status; psa_algorithm_t alg = PSA_ALG_SHA_256; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; unsigned char input[] = { 'a', 'b', 'c' }; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_len; + printf("Hash a message...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } + /* Compute hash of message */ - psa_hash_setup(&operation, alg); - psa_hash_update(&operation, input, sizeof(input)); - psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_len); + status = psa_hash_setup(&operation, alg); + if (status != PSA_SUCCESS) { + printf("Failed to begin hash operation\n"); + return; + } + status = psa_hash_update(&operation, input, sizeof(input)); + if (status != PSA_SUCCESS) { + printf("Failed to update hash operation\n"); + return; + } + status = psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), + &actual_hash_len); + if (status != PSA_SUCCESS) { + printf("Failed to finish hash operation\n"); + return; + } + + printf("Hashed a message\n"); /* Clean up hash operation context */ psa_hash_abort(&operation); + + mbedtls_psa_crypto_free(); ``` Verify the `SHA-256` hash of a message: ```c + psa_status_t status; psa_algorithm_t alg = PSA_ALG_SHA_256; - psa_hash_operation_t operation; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; unsigned char input[] = { 'a', 'b', 'c' }; unsigned char expected_hash[] = { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, @@ -279,10 +434,39 @@ Verify the `SHA-256` hash of a message: }; size_t expected_hash_len = PSA_HASH_SIZE(alg); + printf("Verify a hash...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } + /* Verify message hash */ - psa_hash_setup(&operation, alg); - psa_hash_update(&operation, input, sizeof(input)); - psa_hash_verify(&operation, expected_hash, expected_hash_len); + status = psa_hash_setup(&operation, alg); + if (status != PSA_SUCCESS) { + printf("Failed to begin hash operation\n"); + return; + } + status = psa_hash_update(&operation, input, sizeof(input)); + if (status != PSA_SUCCESS) { + printf("Failed to update hash operation\n"); + return; + } + status = psa_hash_verify(&operation, expected_hash, expected_hash_len); + if (status != PSA_SUCCESS) { + printf("Failed to verify hash\n"); + return; + } + + printf("Verified a hash\n"); + + /* Clean up hash operation context */ + psa_hash_abort(&operation); + + mbedtls_psa_crypto_free(); ``` The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm. @@ -304,86 +488,172 @@ Multiple sequential calls to `psa_hash_abort` on an operation that has already b ### Generating a random value -Mbed Crypto can generate random data. +Mbed Crypto can generate random data. To generate a random key, use +`psa_generate_key()` instead of `psa_generate_random()` Prerequisites to random generation: -* Initialize the library with a successful call to `psa_crypto_init`. +* Initialize the library with a successful call to `psa_crypto_init()`. Generate a random, ten-byte piece of data: 1. Generate random bytes by calling `psa_generate_random()`: ```C psa_status_t status; uint8_t random[10] = { 0 }; - psa_crypto_init(); - status = psa_generate_random(random, sizeof(random)); + printf("Generate random...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } + + status = psa_generate_random(random, sizeof(random)); + if (status != PSA_SUCCESS) { + printf("Failed to generate a random value\n"); + return; + } + + printf("Generated random data\n"); + + /* Clean up */ mbedtls_psa_crypto_free(); ``` ### Deriving a new key from an existing key -Mbed Crypto provides a key derivation API that lets you derive new keys from existing ones. Key derivation is based upon the generator abstraction. A generator must first be initialized and set up (provided with a key and optionally other data) and then derived data can be read from it either to a buffer or directly imported into a key slot. +Mbed Crypto provides a key derivation API that lets you derive new keys from +existing ones. The key derivation API has functions to take inputs, including +other keys and data, and functions to generate outputs, such as new keys or +other data. A key derivation context must first be initialized and set up, +provided with a key and optionally other data, and then derived data can be +read from it either to a buffer or directly sent to a key slot. Refer to the +documentation for the particular algorithm (such as HKDF or the TLS1.2 PRF) for +information on which inputs to pass when and when you can obtain which outputs. Prerequisites to working with the key derivation APIs: * Initialize the library with a successful call to `psa_crypto_init`. -* Configure the key policy for the key used for derivation (`PSA_KEY_USAGE_DERIVE`) -* The key type must be `PSA_KEY_TYPE_DERIVE`. +* Use a key with the appropriate attributes set: + * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`) + * Key type set to `PSA_KEY_TYPE_DERIVE`. + * Algorithm set to a key derivation algorithm + (`PSA_ALG_HKDF(PSA_ALG_SHA_256)`). -Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF with a given key, salt and label: -1. Set the key policy for key derivation by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_DERIVE` parameter, and the algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. -1. Import the key into the key slot by calling `psa_import_key()`. You can skip this step and the previous one if the key has already been imported into a known key slot. -1. Set up the generator using the `psa_key_derivation` function providing a key slot containing a key that can be used for key derivation and a salt and label (Note: salt and label are optional). -1. Initiate a key policy to for the derived key by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR`. -1. Set the key policy to the derived key slot. -1. Import a key from generator into the desired key slot using (`psa_key_derivation_output_key`). -1. Clean up generator. +Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF +with a given key, salt and info: +1. Set up the key derivation context using the `psa_key_derivation_setup` +function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. +1. Provide an optional salt with `psa_key_derivation_input_bytes`. +1. Provide info with `psa_key_derivation_input_bytes`. +1. Provide secret with `psa_key_derivation_input_key`, referencing a key that + can be used for key derivation. +1. Set the key attributes desired for the new derived key. We'll set + `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR` for this + example. +1. Derive the key by calling `psa_key_derivation_output_key()`. +1. Clean up the key derivation context. -At this point the derived key slot holds a new 128-bit AES-CTR encryption key derived from the key, salt and label provided: +At this point the derived key slot holds a new 128-bit AES-CTR encryption key +derived from the key, salt and info provided: ```C - psa_key_slot_t base_key = 1; - psa_key_slot_t derived_key = 2; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - - unsigned char key[] = { + psa_status_t status; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + static const unsigned char key[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; - - unsigned char salt[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c }; - - unsigned char label[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, - 0xf7, 0xf8, 0xf9 }; - + static const unsigned char salt[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + static const unsigned char info[] = { + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, + 0xf7, 0xf8, 0xf9 }; psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = + PSA_KEY_DERIVATION_OPERATION_INIT; size_t derived_bits = 128; size_t capacity = PSA_BITS_TO_BYTES(derived_bits); + psa_key_handle_t base_key; + psa_key_handle_t derived_key; + printf("Derive a key (HKDF)...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } - /* Import a key for use in key derivation, if such a key has already been imported you can skip this part */ - psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DERIVE, alg); - status = psa_set_key_policy(base_key, &policy); + /* Import a key for use in key derivation. If such a key has already been + * generated or imported, you can skip this part. */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + status = psa_import_key(&attributes, key, sizeof(key), &base_key); + if (status != PSA_SUCCESS) { + printf("Failed to import a key\n"); + return; + } + psa_reset_key_attributes(&attributes); - status = psa_import_key(base_key, PSA_KEY_TYPE_DERIVE, key, sizeof(key)); + /* Derive a key */ + status = psa_key_derivation_setup(&operation, alg); + if (status != PSA_SUCCESS) { + printf("Failed to begin key derivation\n"); + return; + } + status = psa_key_derivation_set_capacity(&operation, capacity); + if (status != PSA_SUCCESS) { + printf("Failed to set capacity\n"); + return; + } + status = psa_key_derivation_input_bytes(&operation, + PSA_KEY_DERIVATION_INPUT_SALT, + salt, sizeof(salt)); + if (status != PSA_SUCCESS) { + printf("Failed to input salt (extract)\n"); + return; + } + status = psa_key_derivation_input_key(&operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + base_key); + if (status != PSA_SUCCESS) { + printf("Failed to input key (extract)\n"); + return; + } + status = psa_key_derivation_input_bytes(&operation, + PSA_KEY_DERIVATION_INPUT_INFO, + info, sizeof(info)); + if (status != PSA_SUCCESS) { + printf("Failed to input info (expand)\n"); + return; + } + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, PSA_ALG_CTR); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, 128); + status = psa_key_derivation_output_key(&attributes, &operation, + &derived_key); + if (status != PSA_SUCCESS) { + printf("Failed to derive key\n"); + return; + } + psa_reset_key_attributes(&attributes); - /* Derive a key into a key slot*/ - status = psa_key_derivation(&generator, base_key, alg, salt, sizeof(salt), - label, sizeof(label), capacity); + printf("Derived key\n"); - psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR); + /* Clean up key derivation operation */ + psa_key_derivation_abort(&operation); - psa_set_key_policy(derived_key, &policy); + /* Destroy the keys */ + psa_destroy_key(derived_key); + psa_destroy_key(base_key); - psa_key_derivation_output_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator); - - /* Clean up generator and key */ - psa_key_derivation_abort(&generator); - /* as part of clean up you may want to clean up the keys used by calling: - * psa_destroy_key( base_key ); or psa_destroy_key( derived_key ); */ mbedtls_psa_crypto_free(); ``` @@ -393,95 +663,152 @@ Mbed Crypto provides a simple way for authenticate and encrypt with associated d Prerequisites to working with the AEAD ciphers APIs: * Initialize the library with a successful call to `psa_crypto_init`. -* The key policy for the key used for derivation must be configured accordingly (`PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT`). +* The key attributes for the key used for derivation must have usage flags + `PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT`. To authenticate and encrypt a message: ```C - int slot = 1; psa_status_t status; - unsigned char key[] = { 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; - - unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B }; - - unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, - 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; - - unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, - 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, - 0xD2, 0xD7, 0xC2 }; - unsigned char *output_data = NULL; + static const uint8_t key[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; + static const uint8_t nonce[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B }; + static const uint8_t additional_data[] = { + 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, + 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; + static const uint8_t input_data[] = { + 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, + 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, + 0xD2, 0xD7, 0xC2 }; + uint8_t *output_data = NULL; size_t output_size = 0; size_t output_length = 0; size_t tag_length = 16; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle; + + printf("Authenticate encrypt...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } output_size = sizeof(input_data) + tag_length; - output_data = malloc(output_size); - status = psa_crypto_init(); + output_data = (uint8_t *)malloc(output_size); + if (!output_data) { + printf("Out of memory\n"); + return; + } - psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM); - status = psa_set_key_policy(slot, &policy); + /* Import a key */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, PSA_ALG_CCM); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, 128); + status = psa_import_key(&attributes, key, sizeof(key), &handle); + psa_reset_key_attributes(&attributes); - status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key)); - - status = psa_aead_encrypt(slot, PSA_ALG_CCM, + /* Authenticate and encrypt */ + status = psa_aead_encrypt(handle, PSA_ALG_CCM, nonce, sizeof(nonce), additional_data, sizeof(additional_data), input_data, sizeof(input_data), output_data, output_size, &output_length); + if (status != PSA_SUCCESS) { + printf("Failed to authenticate and encrypt\n"); + return; + } + + printf("Authenticated and encrypted\n"); + + /* Clean up */ + free(output_data); + + /* Destroy the key */ + psa_destroy_key(handle); - psa_destroy_key(slot); - mbedtls_free(output_data); mbedtls_psa_crypto_free(); ``` To authenticate and decrypt a message: ```C - int slot = 1; psa_status_t status; - unsigned char key[] = { + static const uint8_t key[] = { 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF - }; - - unsigned char nonce[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3, - 0x3C, 0x49, 0xFD, 0x70 - }; - - unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, - 0xC3, 0x3C, 0x49, 0xFD, 0x70 - }; - unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, - 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, - 0xD2, 0xD7, 0xC2 - }; - unsigned char *output_data = NULL; + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; + static const uint8_t nonce[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B }; + static const uint8_t additional_data[] = { + 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, + 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; + static const uint8_t input_data[] = { + 0x20, 0x30, 0xE0, 0x36, 0xED, 0x09, 0xA0, 0x45, 0xAF, 0x3C, 0xBA, 0xEE, + 0x0F, 0xC8, 0x48, 0xAF, 0xCD, 0x89, 0x54, 0xF4, 0xF6, 0x3F, 0x28, 0x9A, + 0xA1, 0xDD, 0xB2, 0xB8, 0x09, 0xCD, 0x7C, 0xE1, 0x46, 0xE9, 0x98 }; + uint8_t *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle; + + printf("Authenticate decrypt...\t"); + fflush(stdout); + + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } output_size = sizeof(input_data); - output_data = malloc(output_size); - status = psa_crypto_init(); + output_data = (uint8_t *)malloc(output_size); + if (!output_data) { + printf("Out of memory\n"); + return; + } - psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM); - status = psa_set_key_policy(slot, &policy); + /* Import a key */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, PSA_ALG_CCM); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, 128); + status = psa_import_key(&attributes, key, sizeof(key), &handle); + if (status != PSA_SUCCESS) { + printf("Failed to import a key\n"); + return; + } + psa_reset_key_attributes(&attributes); - status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key)); - - status = psa_aead_decrypt(slot, PSA_ALG_CCM, + /* Authenticate and decrypt */ + status = psa_aead_decrypt(handle, PSA_ALG_CCM, nonce, sizeof(nonce), additional_data, sizeof(additional_data), input_data, sizeof(input_data), output_data, output_size, &output_length); + if (status != PSA_SUCCESS) { + printf("Failed to authenticate and decrypt %ld\n", status); + return; + } + + printf("Authenticated and decrypted\n"); + + /* Clean up */ + free(output_data); + + /* Destroy the key */ + psa_destroy_key(handle); - psa_destroy_key(slot); - mbedtls_free(output_data); mbedtls_psa_crypto_free(); ``` @@ -492,29 +819,61 @@ Mbed Crypto provides a simple way to generate a key or key pair. Prerequisites to using key generation and export APIs: * Initialize the library with a successful call to `psa_crypto_init`. -Generate a piece of random 128-bit AES data: -1. Set the key policy for key generation by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_EXPORT` parameter and the algorithm `PSA_ALG_GCM`. -1. Generate a random AES key by calling `psa_generate_key()`. -1. Export the generated key by calling `psa_export_key()`: +Generate an ECDSA key: +1. Set the desired key attributes for key generation by calling + `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as + `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). We don't set + `PSA_KEY_USAGE_EXPORT` as we only want to export the public key, not the key + pair (or private key). +1. Generate a key by calling `psa_generate_key()`. +1. Export the generated public key by calling `psa_export_public_key()` +: ```C - int slot = 1; - size_t bits = 128; - size_t exported_size = bits; + enum { + key_bits = 256, + }; + psa_status_t status; size_t exported_length = 0; - uint8_t *exported = malloc(exported_size); - psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)]; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_handle_t handle; - psa_crypto_init(); + printf("Generate a key pair...\t"); + fflush(stdout); - psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_GCM); - psa_set_key_policy(slot, &policy); + /* Initialize PSA Crypto */ + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("Failed to initialize PSA Crypto\n"); + return; + } /* Generate a key */ - psa_generate_key(slot, PSA_KEY_TYPE_AES, bits); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); + psa_set_key_algorithm(&attributes, + PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)); + psa_set_key_type(&attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1)); + psa_set_key_bits(&attributes, key_bits); + status = psa_generate_key(&attributes, &handle); + if (status != PSA_SUCCESS) { + printf("Failed to generate key\n"); + return; + } + psa_reset_key_attributes(&attributes); - psa_export_key(slot, exported, exported_size, &exported_length) + status = psa_export_public_key(handle, exported, sizeof(exported), + &exported_length); + if (status != PSA_SUCCESS) { + printf("Failed to export public key %ld\n", status); + return; + } + + printf("Exported a public key\n"); + + /* Destroy the key */ + psa_destroy_key(handle); - psa_destroy_key(slot); mbedtls_psa_crypto_free(); ``` From c7529c910bdc8cbc071ae97288fcdede6e17c7bc Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 19 Aug 2019 11:08:04 +0100 Subject: [PATCH 1670/2197] crypto_extra: Use const seed for entropy injection The crypto.c implementation of psa_inject_entropy() didn't match the declaration in crypto_extra.h. Use a const seed in both files. --- include/psa/crypto_extra.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 355012236..62d7b824a 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -332,7 +332,7 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); * The library has already been initialized. It is no longer * possible to call this function. */ -psa_status_t mbedtls_psa_inject_entropy(uint8_t *seed, +psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size); #if defined(PSA_PRE_1_0_KEY_DERIVATION) From f89cc6966045d3236144258391adff8141f17c90 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 20 Aug 2019 11:16:27 +0100 Subject: [PATCH 1671/2197] psa: Don't duplicate policy initializer Use the PSA_KEY_POLICY_INIT macro in the definition of PSA_CORE_KEY_ATTRIBUTES_INIT in order to avoid duplicating the key policy initializer. --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index e28b6daa5..b1db42338 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -379,7 +379,7 @@ typedef struct psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, PSA_KEY_POLICY_INIT, 0, 0} struct psa_key_attributes_s { From 39f03fcf1a4d840b27f0cbf8389c2b70beb1c4f4 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 20 Aug 2019 11:11:55 +0100 Subject: [PATCH 1672/2197] psa: Add PSA_KEY_ID_INIT A macro useful for initializing psa_key_id_t, whether MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER is set or not. Without this macro, it is necessary to know if MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER as with it the key ID is non-scalar and needs to be initialized with {0, 0}, and 0 otherwise when key ID is scalar. --- include/psa/crypto_platform.h | 1 + include/psa/crypto_struct.h | 2 +- include/psa/crypto_types.h | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 86af08f91..572f40cd5 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -89,6 +89,7 @@ typedef struct * `psa_key_file_id_t` argument. As a workaround, make `psa_key_id_t` an * alias for `psa_key_file_id_t` when building for a multi-client service. */ typedef psa_key_file_id_t psa_key_id_t; +#define PSA_KEY_ID_INIT {0, 0} #else /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b1db42338..5296202e9 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -379,7 +379,7 @@ typedef struct psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, PSA_KEY_POLICY_INIT, 0, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0} struct psa_key_attributes_s { diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 9af4957df..b79c3b523 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -120,6 +120,7 @@ typedef uint32_t psa_key_lifetime_t; * psa_key_id_t in crypto_platform.h instead of here. */ #if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) typedef uint32_t psa_key_id_t; +#define PSA_KEY_ID_INIT 0 #endif /**@}*/ From e3cdf284b2673e5f345b018bc414e58bb2fcc58f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 20 Aug 2019 12:58:20 +0100 Subject: [PATCH 1673/2197] psa: Adapt set_key_id() for when owner is included --- include/psa/crypto_struct.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 5296202e9..804bd340c 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -422,7 +422,14 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, { attributes->core.lifetime = lifetime; if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + { +#ifdef MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER + attributes->core.id.key_id = 0; + attributes->core.id.owner = 0; +#else attributes->core.id = 0; +#endif + } } static inline psa_key_lifetime_t psa_get_key_lifetime( From 6fa62a5b8f202f7006e16cea0302b352906ca250 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 20 Aug 2019 17:43:48 +0100 Subject: [PATCH 1674/2197] psa: Use application key ID where necessary Avoid compiler errors when MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER is set by using the application ID type. [Error] psa_crypto_slot_management.c@175,9: used type 'psa_key_id_t' (aka 'psa_key_file_id_t') where arithmetic or pointer type is required --- include/psa/crypto_extra.h | 4 ++-- include/psa/crypto_values.h | 8 ++++---- library/psa_crypto_slot_management.c | 10 ++++++---- 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 62d7b824a..6293e3e5c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -251,9 +251,9 @@ typedef struct mbedtls_psa_stats_s /** Number of slots that are not used for anything. */ size_t empty_slots; /** Largest key id value among open keys in internal persistent storage. */ - psa_key_id_t max_open_internal_key_id; + psa_app_key_id_t max_open_internal_key_id; /** Largest key id value among open keys in secure elements. */ - psa_key_id_t max_open_external_key_id; + psa_app_key_id_t max_open_external_key_id; } mbedtls_psa_stats_t; /** \brief Get statistics about diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e0600a189..bbe4d8fbb 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1503,16 +1503,16 @@ /** The minimum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) +#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) /** The maximum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) +#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) /** The minimum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) +#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) /** The maximum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) +#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) /**@}*/ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index fe9214831..59be319ce 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -278,15 +278,17 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) ++stats->volatile_slots; else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT ) { + psa_app_key_id_t id = PSA_KEY_FILE_GET_KEY_ID(slot->attr.id); ++stats->persistent_slots; - if( slot->attr.id > stats->max_open_internal_key_id ) - stats->max_open_internal_key_id = slot->attr.id; + if( id > stats->max_open_internal_key_id ) + stats->max_open_internal_key_id = id; } else { + psa_app_key_id_t id = PSA_KEY_FILE_GET_KEY_ID(slot->attr.id); ++stats->external_slots; - if( slot->attr.id > stats->max_open_external_key_id ) - stats->max_open_external_key_id = slot->attr.id; + if( id > stats->max_open_external_key_id ) + stats->max_open_external_key_id = id; } } } From a823d4c7f0adc0bbb9af90689fcab979c55fb20e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 27 Aug 2019 06:47:18 +0100 Subject: [PATCH 1675/2197] HMAC DRBG: Split entropy-gathering requests to reduce request sizes According to SP800-90A, the DRBG seeding process should use a nonce of length `security_strength / 2` bits as part of the DRBG seed. It further notes that this nonce may be drawn from the same source of entropy that is used for the first `security_strength` bits of the DRBG seed. The present HMAC DRBG implementation does that, requesting `security_strength * 3 / 2` bits of entropy from the configured entropy source in total to form the initial part of the DRBG seed. However, some entropy sources may have thresholds in terms of how much entropy they can provide in a single call to their entropy gathering function which may be exceeded by the present HMAC DRBG implementation even if the threshold is not smaller than `security_strength` bits. Specifically, this is the case for our own entropy module implementation which only allows requesting at most 32 Bytes of entropy at a time in configurations disabling SHA-512, and this leads to runtime failure of HMAC DRBG when used with Mbed Crypto' own entropy callbacks in such configurations. This commit fixes this by splitting the seed entropy acquisition into two calls, one requesting `security_strength` bits first, and another one requesting `security_strength / 2` bits for the nonce. Fixes #237. --- library/hmac_drbg.c | 86 +++++++++++++++++++++++++++++++++------------ 1 file changed, 64 insertions(+), 22 deletions(-) diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index c50330e7d..50d88bd54 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -149,20 +149,32 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, } /* - * HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman) + * Internal function used both for seeding and reseeding the DRBG. + * Comments starting with arabic numbers refer to section 10.1.2.4 + * of SP800-90A, while roman numbers refer to section 9.2. */ -int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len ) +static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len, + int use_nonce ) { unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; - size_t seedlen; + size_t seedlen = 0; int ret; - /* III. Check input length */ - if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || - ctx->entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ) { - return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + size_t total_entropy_len; + + if( use_nonce == 0 ) + total_entropy_len = ctx->entropy_len; + else + total_entropy_len = ctx->entropy_len * 3 / 2; + + /* III. Check input length */ + if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || + total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ) + { + return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + } } memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); @@ -170,9 +182,32 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, /* IV. Gather entropy_len bytes of entropy for the seed */ if( ( ret = ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) ) != 0 ) + { return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + } + seedlen += ctx->entropy_len; + + /* For initial seeding, allow adding of nonce generated + * from the entropy source. See Sect 8.6.7 in SP800-90A. */ + if( use_nonce ) + { + /* Note: We don't merge the two calls to f_entropy() in order + * to avoid requesting too much entropy from f_entropy() + * at once. Specifically, if the underlying digest is not + * SHA-1, 3 / 2 * entropy_len is at least 36 Bytes, which + * is larger than the maximum of 32 Bytes that our own + * entropy source implementation can emit in a single + * call in configurations disabling SHA-512. */ + if( ( ret = ctx->f_entropy( ctx->p_entropy, + seed + seedlen, + ctx->entropy_len / 2 ) ) != 0 ) + { + return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + } + + seedlen += ctx->entropy_len / 2; + } - seedlen = ctx->entropy_len; /* 1. Concatenate entropy and additional data if any */ if( additional != NULL && len != 0 ) @@ -194,8 +229,20 @@ exit: return( ret ); } +/* + * HMAC_DRBG reseeding: 10.1.2.4 + 9.2 + */ +int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len ) +{ + return( hmac_drbg_reseed_core( ctx, additional, len, 0 ) ); +} + /* * HMAC_DRBG initialisation (10.1.2.3 + 9.1) + * + * The nonce is not passed as a separate parameter but extracted + * from the entropy source as suggested in 8.6.7. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t * md_info, @@ -205,7 +252,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, size_t len ) { int ret; - size_t entropy_len, md_size; + size_t md_size; if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -233,20 +280,15 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * * (This also matches the sizes used in the NIST test vectors.) */ - entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */ - md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */ - 32; /* better (256+) -> 256 bits */ + ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */ + md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */ + 32; /* better (256+) -> 256 bits */ - /* - * For initialisation, use more entropy to emulate a nonce - * (Again, matches test vectors.) - */ - ctx->entropy_len = entropy_len * 3 / 2; - - if( ( ret = mbedtls_hmac_drbg_reseed( ctx, custom, len ) ) != 0 ) + if( ( ret = hmac_drbg_reseed_core( ctx, custom, len, + 1 /* add nonce */ ) ) != 0 ) + { return( ret ); - - ctx->entropy_len = entropy_len; + } return( 0 ); } From 03d2daf55c97b833d675e9a1e1c0f6c9dfb240b4 Mon Sep 17 00:00:00 2001 From: Ko- Date: Thu, 16 Aug 2018 01:59:49 -0700 Subject: [PATCH 1676/2197] Enable 64-bit limbs for all Aarch64 builds. GCC and Clang do not define __ARMCC_VERSION when building for Aarch64. Yet they should also use 64-bit limbs for Aarch64 builds. --- include/mbedtls/bignum.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 0b26727f3..f854ca8d2 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -140,9 +140,8 @@ typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ - #elif defined(__ARMCC_VERSION) && defined(__aarch64__) + #elif defined(__aarch64__) /* - * __ARMCC_VERSION is defined for both armcc and armclang and * __aarch64__ is only defined by armclang when compiling 64-bit code */ #if !defined(MBEDTLS_HAVE_INT64) From cc1871e674c2508f88dd77106c9f0ba0dbee2120 Mon Sep 17 00:00:00 2001 From: Ko- Date: Thu, 16 Aug 2018 02:01:57 -0700 Subject: [PATCH 1677/2197] Add optimized bignum multiplication for Aarch64. x0-x3 are skipped such that function parameters to not have to be moved. MULADDC_INIT and MULADDC_STOP are mostly empty because it is more efficient to keep everything in registers (and that should easily be possible). I considered a MULADDC_HUIT implementation, but could not think of something that would be more efficient than basically 8 consecutive MULADDC_CORE. You could combine the loads and stores, but it's probably more efficient to interleave them with arithmetic, depending on the specific microarchitecture. NEON allows to do a 64x64->128 bit multiplication (and optional accumulation) in one instruction, but is not great at handling carries. --- include/mbedtls/bn_mul.h | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index f7cb07252..4200ad43a 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -198,6 +198,30 @@ #endif /* AMD64 */ +#if defined(__aarch64__) + +#define MULADDC_INIT \ + asm( + +#define MULADDC_CORE \ + "ldr x4, [%3], #8 \n\t" \ + "ldr x5, [%4] \n\t" \ + "mul x6, x4, %6 \n\t" \ + "umulh x7, x4, %6 \n\t" \ + "adds x5, x5, x6 \n\t" \ + "adc x7, x7, xzr \n\t" \ + "adds x5, x5, %5 \n\t" \ + "adc %0, x7, xzr \n\t" \ + "str x5, [%1], #8 \n\t" + +#define MULADDC_STOP \ + : "+r" (c), "=r" (d), "=r" (s) \ + : "r" (s), "r" (d), "r" (c), "r" (b) \ + : "x4", "x5", "x6", "x7", "cc" \ + ); + +#endif /* Aarch64 */ + #if defined(__mc68020__) || defined(__mcpu32__) #define MULADDC_INIT \ From 05cff953c99d12cf6d67c86a84a1b94367763fbb Mon Sep 17 00:00:00 2001 From: Ko- Date: Mon, 20 Aug 2018 12:59:57 +0100 Subject: [PATCH 1678/2197] Make GNUC-compatible compilers use the right mbedtls_t_udbl again on Aarch64 builds. --- include/mbedtls/bignum.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index f854ca8d2..2c5ace690 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -129,7 +129,8 @@ defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ia64__) || defined(__alpha__) || \ ( defined(__sparc__) && defined(__arch64__) ) || \ - defined(__s390x__) || defined(__mips64) ) + defined(__s390x__) || defined(__mips64) || \ + defined(__aarch64__) ) #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* MBEDTLS_HAVE_INT64 */ @@ -140,8 +141,9 @@ typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ - #elif defined(__aarch64__) + #elif defined(__ARMCC_VERSION) && defined(__aarch64__) /* + * __ARMCC_VERSION is defined for both armcc and armclang and * __aarch64__ is only defined by armclang when compiling 64-bit code */ #if !defined(MBEDTLS_HAVE_INT64) From cb260bb30d5d3e17ab7ca945f03b0808a67b1812 Mon Sep 17 00:00:00 2001 From: Ko- Date: Mon, 20 Aug 2018 13:59:53 +0100 Subject: [PATCH 1679/2197] Fix -O0 build for Aarch64 bignum multiplication. --- include/mbedtls/bn_mul.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index 4200ad43a..163869ae7 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -204,20 +204,20 @@ asm( #define MULADDC_CORE \ - "ldr x4, [%3], #8 \n\t" \ - "ldr x5, [%4] \n\t" \ - "mul x6, x4, %6 \n\t" \ - "umulh x7, x4, %6 \n\t" \ + "ldr x4, [%2], #8 \n\t" \ + "ldr x5, [%1] \n\t" \ + "mul x6, x4, %3 \n\t" \ + "umulh x7, x4, %3 \n\t" \ "adds x5, x5, x6 \n\t" \ "adc x7, x7, xzr \n\t" \ - "adds x5, x5, %5 \n\t" \ + "adds x5, x5, %0 \n\t" \ "adc %0, x7, xzr \n\t" \ "str x5, [%1], #8 \n\t" -#define MULADDC_STOP \ - : "+r" (c), "=r" (d), "=r" (s) \ - : "r" (s), "r" (d), "r" (c), "r" (b) \ - : "x4", "x5", "x6", "x7", "cc" \ +#define MULADDC_STOP \ + : "+r" (c), "+r" (d), "+r" (s) \ + : "r" (b) \ + : "x4", "x5", "x6", "x7", "cc" \ ); #endif /* Aarch64 */ From c03c0fcd9392a0119798b7fa344d32408bc55894 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Tue, 3 Sep 2019 13:18:04 +0300 Subject: [PATCH 1680/2197] Update getting_started.md --- docs/getting_started.md | 186 ++++++++++++++++++++-------------------- 1 file changed, 92 insertions(+), 94 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 4d380e088..3097a1ae9 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -18,7 +18,7 @@ The Mbed Crypto library is distributed under the Apache License, version 2.0. #### Platform Security Architecture (PSA) Arm's Platform Security Architecture (PSA) is a holistic set of threat models, -security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives. +security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that enables you to design security into both hardware and firmware consistently. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives. ### Using Mbed Crypto @@ -37,19 +37,19 @@ security analyses, hardware and firmware architecture specifications, and an ope ### Getting the Mbed Crypto library -Mbed Crypto releases are available in the [public Github repository]( https://github.com/ARMmbed/mbed-crypto). +Mbed Crypto releases are available in the [public GitHub repository](https://github.com/ARMmbed/mbed-crypto). ### Building the Mbed Crypto library -You need the following tools to build the library with the provided makefiles: +**Prerequisites to building the library with the provided makefiles:** * GNU Make. * A C toolchain (compiler, linker, archiver). * Python 2 or Python 3 (either works) to generate the test code. * Perl to run the tests. -If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. +If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. -To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`), such as: +To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`); for example: ``` make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar ``` @@ -64,13 +64,13 @@ To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other A ### Importing a key To use a key for cryptography operations in Mbed Crypto, you need to first -import it. Upon importing, you'll be given a handle to refer to the key for use +import it. After you import the key, you'll be given a handle that refers to the key for use with other function calls. -Prerequisites for importing keys: -* Initialize the library with a successful call to `psa_crypto_init`. +**Prerequisites for importing keys:** +* Initialize the library with a successful call to `psa_crypto_init()`. -Importing a key: +This example shows how to import a key: ```C psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -112,18 +112,16 @@ Importing a key: ### Signing a message using RSA -Mbed Crypto provides support for encrypting, decrypting, signing and verifying messages using public key signature algorithms (such as RSA or ECDSA). +Mbed Crypto supports encrypting, decrypting, signing and verifying messages using public key signature algorithms, such as RSA or ECDSA. -Prerequisites for performing asymmetric signature operations: -* Initialize the library with a successful call to `psa_crypto_init`. +**Prerequisites to performing asymmetric signature operations:** +* Initialize the library with a successful call to `psa_crypto_init()`. * Have a valid key with appropriate attributes set: * Usage flag `PSA_KEY_USAGE_SIGN` to allow signing. * Usage flag `PSA_KEY_USAGE_VERIFY` to allow signature verification. - * Algorithm set to desired signature algorithm. + * Algorithm set to the desired signature algorithm. -To sign a given `hash` using RSA: -1. Call `psa_asymmetric_sign()` and get the output buffer that contains the - signature: +This example shows how to sign a given hash using RSA, call `psa_asymmetric_sign()` and get the output buffer that contains the signature: ```C psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -179,21 +177,21 @@ To sign a given `hash` using RSA: ### Using symmetric ciphers -Mbed Crypto provides support for encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers). +Mbed Crypto supports encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers). -Prerequisites to working with the symmetric cipher API: -* Initialize the library with a successful call to `psa_crypto_init`. -* Configure the key policy accordingly (`PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption). +**Prerequisites to working with the symmetric cipher API:** +* Initialize the library with a successful call to `psa_crypto_init()`. +* Configure the key policy accordingly (set `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption). * Have a valid key in the key slot. -Encrypting a message with a symmetric cipher: +**To encrypt a message with a symmetric cipher:** 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Call `psa_cipher_encrypt_setup` to initialize the operation structure and specify the algorithm and the key to be used. -1. Call either `psa_cipher_generate_iv` or `psa_cipher_set_iv` to generate or set the initialization vector (IV). We recommended `psa_cipher_generate_iv`, unless you require a specific IV value. -1. Call `psa_cipher_update` one or more times, passing either the whole or only a fragment of the message each time. -1. Call `psa_cipher_finish` to end the operation and output the encrypted message. +1. Call `psa_cipher_encrypt_setup()` to initialize the operation structure and specify the algorithm and the key to be used. +1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommended calling `psa_cipher_generate_iv()`, unless you require a specific IV value. +1. Call `psa_cipher_update()` one or more times, passing the whole message or only a fragment of the message each time. +1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. -Encrypting data using an AES key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled): +This example shows how to encrypt data using an Advanced Encryption Standard (AES) key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled): ```c enum { block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), @@ -267,14 +265,14 @@ Encrypting data using an AES key in cipher block chain (CBC) mode with no paddin mbedtls_psa_crypto_free(); ``` -Decrypting a message with a symmetric cipher: +**To decrypt a message with a symmetric cipher:** 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Call `psa_cipher_decrypt_setup` to initialize the operation structure and to specify the algorithm and the key to be used. -1. Call `psa_cipher_set_iv` with the IV for the decryption. -1. Call `psa_cipher_update` one or more times passing either the whole or only a fragment of the message each time. -1. Call `psa_cipher_finish` to end the operation and output the decrypted message. +1. Call `psa_cipher_decrypt_setup()` to initialize the operation structure and to specify the algorithm and the key to be used. +1. Call `psa_cipher_set_iv()` with the IV for the decryption. +1. Call `psa_cipher_update()` one or more times, passing the whole message or only a fragment of the message each time. +1. Call `psa_cipher_finish()` to end the operation and output the decrypted message. -Decrypting encrypted data using an AES key in CBC mode with no padding +This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding (assuming all prerequisites have been fulfilled): ```c enum { @@ -350,33 +348,35 @@ Decrypting encrypted data using an AES key in CBC mode with no padding #### Handling cipher operation contexts -Once you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`, you can terminate the operation at any time by calling `psa_cipher_abort`. +After you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`, you can terminate the operation at any time by calling `psa_cipher_abort()`. -The call to `psa_cipher_abort` frees any resources associated with the operation (except for the operation structure itself). An implicit call to `psa_cipher_abort` occurs when any of these conditions occur: -* A call to `psa_cipher_generate_iv`, `psa_cipher_set_iv` or `psa_cipher_update` has failed (returning any status other than `PSA_SUCCESS`). -* Either a successful or failed call to `psa_cipher_finish`. +The call to `psa_cipher_abort()` frees any resources associated with the operation, except for the operation structure itself. -Once `psa_cipher_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling either `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup` again. +Mbed Crypto implicitly calls `psa_cipher_abort()` when: +* A call to `psa_cipher_generate_iv()`, `psa_cipher_set_iv()` or `psa_cipher_update()` fails (returning any status other than `PSA_SUCCESS`). +* A call to `psa_cipher_finish()` succeeds or fails. -For an operation that has been initialized successfully (by a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`) it is imperative that at some time `psa_cipher_abort` is called. +After an implicit or explicit call to `psa_cipher_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling either `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()` again. -Multiple sequential calls to `psa_cipher_abort` on an operation that has already been terminated (either implicitly or explicitly) are safe and have no effect. +You must call `psa_cipher_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`). + +Making multiple sequential calls to `psa_cipher_abort()` on an operation that is terminated (either implicitly or explicitly) is safe and has no effect. ### Hashing a message Mbed Crypto lets you compute and verify hashes using various hashing algorithms. -Prerequisites to working with the hash APIs: -* Initialize the library with a successful call to `psa_crypto_init`. +**Prerequisites to working with the hash APIs:** +* Initialize the library with a successful call to `psa_crypto_init()`. -To calculate a hash: +**To calculate a hash:** 1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. -1. Call `psa_hash_setup` to initialize the operation structure and specify the hash algorithm. -1. Call `psa_hash_update` one or more times, passing either the whole or only a fragment of the message each time. -1. Call `psa_hash_finish` to calculate the hash, or `psa_hash_verify` to compare the computed hash with an expected hash value. +1. Call `psa_hash_setup()` to initialize the operation structure and specify the hash algorithm. +1. Call `psa_hash_update()` one or more times, passing the whole message or only a fragment of the message each time. +1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value. -Calculate the `SHA-256` hash of a message: +This example shows how to calculate the `SHA-256` hash of a message: ```c psa_status_t status; psa_algorithm_t alg = PSA_ALG_SHA_256; @@ -421,7 +421,7 @@ Calculate the `SHA-256` hash of a message: mbedtls_psa_crypto_free(); ``` -Verify the `SHA-256` hash of a message: +This example shows how to verify the `SHA-256` hash of a message: ```c psa_status_t status; psa_algorithm_t alg = PSA_ALG_SHA_256; @@ -473,29 +473,27 @@ The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash leng #### Handling hash operation contexts -Once the operation structure has been successfully initialized by a successful call to `psa_hash_setup`, it's possible to terminate the operation at any time by calling `psa_hash_abort`. The call to `psa_hash_abort` frees any resources associated with the operation (except for the operation structure itself). +After a successful call to `psa_hash_setup()` initializes the operation structure, you can terminate the operation at any time by calling `psa_hash_abort()`. The call to `psa_hash_abort()` frees any resources associated with the operation, except for the operation structure itself. -An implicit call to `psa_hash_abort` occurs when any of these conditions occur: -1. A call to `psa_hash_update` has failed (returning any status other than `PSA_SUCCESS`). -1. Either a successful or failed call to `psa_hash_finish`. -1. Either a successful or failed call to `psa_hash_verify`. +Mbed Crypto implicitly calls `psa_hash_abort()` when: +1. A call to `psa_hash_update()` fails (returning any status other than `PSA_SUCCESS`). +1. A call to `psa_hash_finish()` succeeds or fails. +1. A call to `psa_hash_verify()` succeeds or fails. -Once `psa_hash_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling `psa_hash_setup` again. +After an implicit or explicit call to `psa_hash_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling `psa_hash_setup()` again. -For an operation that has been initialized successfully (by a successful call to `psa_hash_setup`) it is imperative that at some time `psa_hash_abort` is called. +You must call `psa_hash_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_hash_setup()`) . -Multiple sequential calls to `psa_hash_abort` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect. +Making multiple sequential calls to `psa_hash_abort()` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect. ### Generating a random value -Mbed Crypto can generate random data. To generate a random key, use -`psa_generate_key()` instead of `psa_generate_random()` +Mbed Crypto can generate random data. -Prerequisites to random generation: +**Prerequisites to random generation:** * Initialize the library with a successful call to `psa_crypto_init()`. -Generate a random, ten-byte piece of data: -1. Generate random bytes by calling `psa_generate_random()`: +This example shows how to generate a random, ten-byte piece of data by calling `psa_generate_random()`: ```C psa_status_t status; uint8_t random[10] = { 0 }; @@ -521,42 +519,46 @@ Generate a random, ten-byte piece of data: /* Clean up */ mbedtls_psa_crypto_free(); ``` +To generate a random key, use `psa_generate_key()` instead of `psa_generate_random()`. ### Deriving a new key from an existing key Mbed Crypto provides a key derivation API that lets you derive new keys from existing ones. The key derivation API has functions to take inputs, including other keys and data, and functions to generate outputs, such as new keys or -other data. A key derivation context must first be initialized and set up, -provided with a key and optionally other data, and then derived data can be -read from it either to a buffer or directly sent to a key slot. Refer to the -documentation for the particular algorithm (such as HKDF or the TLS1.2 PRF) for -information on which inputs to pass when and when you can obtain which outputs. +other data. -Prerequisites to working with the key derivation APIs: -* Initialize the library with a successful call to `psa_crypto_init`. +You must first initialize and set up a key derivation context, +provided with a key and, optionally, other data. Then, use the key derivation context to either read derived data to a buffer or send derived data directly to a key slot. + +See the documentation for the particular algorithm (such as HKDF or the TLS1.2 PRF) for +information about which inputs to pass when, and when you can obtain which outputs. + +**Prerequisites to working with the key derivation APIs:** +* Initialize the library with a successful call to `psa_crypto_init()`. * Use a key with the appropriate attributes set: * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`) * Key type set to `PSA_KEY_TYPE_DERIVE`. * Algorithm set to a key derivation algorithm (`PSA_ALG_HKDF(PSA_ALG_SHA_256)`). -Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF -with a given key, salt and info: -1. Set up the key derivation context using the `psa_key_derivation_setup` +**To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF +with a given key, salt and information:** + +1. Set up the key derivation context using the `psa_key_derivation_setup()` function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. -1. Provide an optional salt with `psa_key_derivation_input_bytes`. -1. Provide info with `psa_key_derivation_input_bytes`. -1. Provide secret with `psa_key_derivation_input_key`, referencing a key that +1. Provide an optional salt with `psa_key_derivation_input_bytes()`. +1. Provide information with `psa_key_derivation_input_bytes()`. +1. Provide a secret with `psa_key_derivation_input_key()`, referencing a key that can be used for key derivation. 1. Set the key attributes desired for the new derived key. We'll set - `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR` for this + the `PSA_KEY_USAGE_ENCRYPT` parameter and the `PSA_ALG_CTR` algorithm for this example. 1. Derive the key by calling `psa_key_derivation_output_key()`. 1. Clean up the key derivation context. -At this point the derived key slot holds a new 128-bit AES-CTR encryption key -derived from the key, salt and info provided: +At this point, the derived key slot holds a new 128-bit AES-CTR encryption key +derived from the key, salt and information provided: ```C psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -659,14 +661,13 @@ derived from the key, salt and info provided: ### Authenticating and encrypting or decrypting a message -Mbed Crypto provides a simple way for authenticate and encrypt with associated data (AEAD) supporting `PSA_ALG_CCM` algorithm. +Mbed Crypto provides a simple way to authenticate and encrypt with associated data (AEAD), supporting the `PSA_ALG_CCM` algorithm. -Prerequisites to working with the AEAD ciphers APIs: -* Initialize the library with a successful call to `psa_crypto_init`. -* The key attributes for the key used for derivation must have usage flags - `PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT`. +**Prerequisites to working with the AEAD cipher APIs:** +* Initialize the library with a successful call to `psa_crypto_init()`. +* The key attributes for the key used for derivation must have the `PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT` usage flags. -To authenticate and encrypt a message: +This example shows how to authenticate and encrypt a message: ```C psa_status_t status; static const uint8_t key[] = { @@ -737,7 +738,7 @@ To authenticate and encrypt a message: mbedtls_psa_crypto_free(); ``` -To authenticate and decrypt a message: +This example shows how to authenticate and decrypt a message: ```C psa_status_t status; @@ -816,18 +817,17 @@ To authenticate and decrypt a message: Mbed Crypto provides a simple way to generate a key or key pair. -Prerequisites to using key generation and export APIs: -* Initialize the library with a successful call to `psa_crypto_init`. +**Prerequisites to using key generation and export APIs:** +* Initialize the library with a successful call to `psa_crypto_init()`. -Generate an ECDSA key: +**To generate an ECDSA key:** 1. Set the desired key attributes for key generation by calling `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as - `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). We don't set - `PSA_KEY_USAGE_EXPORT` as we only want to export the public key, not the key + `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). Do not set + `PSA_KEY_USAGE_EXPORT` because we only want to export the public key, not the key pair (or private key). 1. Generate a key by calling `psa_generate_key()`. -1. Export the generated public key by calling `psa_export_public_key()` -: +1. Export the generated public key by calling `psa_export_public_key()`: ```C enum { key_bits = 256, @@ -877,8 +877,6 @@ Generate an ECDSA key: mbedtls_psa_crypto_free(); ``` -### More about the Mbed Crypto library +### More about the Mbed Crypto -More information on [Mbed Crypto](https://github.com/ARMmbed/mbed-crypto/). - -More information on [PSA Crypto](https://github.com/ARMmbed/mbed-crypto/blob/development/docs/PSA_Crypto_API_Overview.pdf). +For more information about PSA Crypto, download the *PSA Cryptography API* PDF under [PSA APIs](https://developer.arm.com/architectures/security-architectures/platform-security-architecture#implement). From 802b19f6613b0f991209ee9347739cdfc3652268 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Tue, 3 Sep 2019 16:40:44 +0300 Subject: [PATCH 1681/2197] Update getting_started.md --- docs/getting_started.md | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 3097a1ae9..de257a912 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -67,7 +67,7 @@ To use a key for cryptography operations in Mbed Crypto, you need to first import it. After you import the key, you'll be given a handle that refers to the key for use with other function calls. -**Prerequisites for importing keys:** +**Prerequisites to importing keys:** * Initialize the library with a successful call to `psa_crypto_init()`. This example shows how to import a key: @@ -188,10 +188,10 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. 1. Call `psa_cipher_encrypt_setup()` to initialize the operation structure and specify the algorithm and the key to be used. 1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommended calling `psa_cipher_generate_iv()`, unless you require a specific IV value. -1. Call `psa_cipher_update()` one or more times, passing the whole message or only a fragment of the message each time. +1. Call `psa_cipher_update()` one or more times, passing the whole message or a fragment of the message on each call. 1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. -This example shows how to encrypt data using an Advanced Encryption Standard (AES) key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled): +This example shows how to encrypt data using an Advanced Encryption Standard (AES) key in Cipher Block Chaining (CBC) mode with no padding (assuming all prerequisites have been fulfilled): ```c enum { block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), @@ -269,7 +269,7 @@ This example shows how to encrypt data using an Advanced Encryption Standard (AE 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. 1. Call `psa_cipher_decrypt_setup()` to initialize the operation structure and to specify the algorithm and the key to be used. 1. Call `psa_cipher_set_iv()` with the IV for the decryption. -1. Call `psa_cipher_update()` one or more times, passing the whole message or only a fragment of the message each time. +1. Call `psa_cipher_update()` one or more times, passing the whole message or a fragment of the message on each call. 1. Call `psa_cipher_finish()` to end the operation and output the decrypted message. This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding @@ -373,7 +373,7 @@ algorithms. **To calculate a hash:** 1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. 1. Call `psa_hash_setup()` to initialize the operation structure and specify the hash algorithm. -1. Call `psa_hash_update()` one or more times, passing the whole message or only a fragment of the message each time. +1. Call `psa_hash_update()` one or more times, passing the whole message or a fragment of the message on each call. 1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value. This example shows how to calculate the `SHA-256` hash of a message: @@ -490,10 +490,12 @@ Making multiple sequential calls to `psa_hash_abort()` on an operation that has Mbed Crypto can generate random data. -**Prerequisites to random generation:** +**Prerequisites to generating random data:** * Initialize the library with a successful call to `psa_crypto_init()`. -This example shows how to generate a random, ten-byte piece of data by calling `psa_generate_random()`: +**Note:** To generate a random key, use `psa_generate_key()` instead of `psa_generate_random()`. + +This example shows how to generate ten bytes of random data by calling `psa_generate_random()`: ```C psa_status_t status; uint8_t random[10] = { 0 }; @@ -519,7 +521,6 @@ This example shows how to generate a random, ten-byte piece of data by calling ` /* Clean up */ mbedtls_psa_crypto_free(); ``` -To generate a random key, use `psa_generate_key()` instead of `psa_generate_random()`. ### Deriving a new key from an existing key @@ -548,8 +549,8 @@ with a given key, salt and information:** 1. Set up the key derivation context using the `psa_key_derivation_setup()` function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. 1. Provide an optional salt with `psa_key_derivation_input_bytes()`. -1. Provide information with `psa_key_derivation_input_bytes()`. -1. Provide a secret with `psa_key_derivation_input_key()`, referencing a key that +1. Provide `info` with `psa_key_derivation_input_bytes()`. +1. Provide `secret` with `psa_key_derivation_input_key()`, referencing a key that can be used for key derivation. 1. Set the key attributes desired for the new derived key. We'll set the `PSA_KEY_USAGE_ENCRYPT` parameter and the `PSA_ALG_CTR` algorithm for this @@ -824,7 +825,7 @@ Mbed Crypto provides a simple way to generate a key or key pair. 1. Set the desired key attributes for key generation by calling `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). Do not set - `PSA_KEY_USAGE_EXPORT` because we only want to export the public key, not the key + `PSA_KEY_USAGE_EXPORT`; we only want to export the public key, not the key pair (or private key). 1. Generate a key by calling `psa_generate_key()`. 1. Export the generated public key by calling `psa_export_public_key()`: @@ -877,6 +878,6 @@ Mbed Crypto provides a simple way to generate a key or key pair. mbedtls_psa_crypto_free(); ``` -### More about the Mbed Crypto +### More about the Mbed Crypto API For more information about PSA Crypto, download the *PSA Cryptography API* PDF under [PSA APIs](https://developer.arm.com/architectures/security-architectures/platform-security-architecture#implement). From 5033fdd0e4bf619c545b1df34b849e208b1c11a9 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 09:14:55 +0300 Subject: [PATCH 1682/2197] Update getting_started.md --- docs/getting_started.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index de257a912..41a0c2567 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -47,7 +47,7 @@ Mbed Crypto releases are available in the [public GitHub repository](https://git * Python 2 or Python 3 (either works) to generate the test code. * Perl to run the tests. -If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. +If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`); for example: ``` @@ -64,7 +64,7 @@ To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other A ### Importing a key To use a key for cryptography operations in Mbed Crypto, you need to first -import it. After you import the key, you'll be given a handle that refers to the key for use +import it. Importing the key creates a handle that refers to the key for use with other function calls. **Prerequisites to importing keys:** @@ -121,12 +121,15 @@ Mbed Crypto supports encrypting, decrypting, signing and verifying messages usin * Usage flag `PSA_KEY_USAGE_VERIFY` to allow signature verification. * Algorithm set to the desired signature algorithm. -This example shows how to sign a given hash using RSA, call `psa_asymmetric_sign()` and get the output buffer that contains the signature: +This example shows how to sign a hash that has already been calculated: ```C psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t key[] = RSA_KEY; - uint8_t hash[] = "INPUT_FOR_SIGN"; + uint8_t hash[32] = {0x50, 0xd8, 0x58, 0xe0, 0x98, 0x5e, 0xcc, 0x7f, + 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, + 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, + 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; psa_key_handle_t handle; @@ -181,8 +184,7 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric **Prerequisites to working with the symmetric cipher API:** * Initialize the library with a successful call to `psa_crypto_init()`. -* Configure the key policy accordingly (set `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption). -* Have a valid key in the key slot. +* Have a handle to a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption. **To encrypt a message with a symmetric cipher:** 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. From 33d421dd6abbbc7b48488d99bf5d25c411e6c5cd Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 09:16:14 +0300 Subject: [PATCH 1683/2197] Update docs/getting_started.md Co-Authored-By: Gilles Peskine --- docs/getting_started.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 41a0c2567..15410c118 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -188,7 +188,8 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric **To encrypt a message with a symmetric cipher:** 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Call `psa_cipher_encrypt_setup()` to initialize the operation structure and specify the algorithm and the key to be used. +1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. +1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used. 1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommended calling `psa_cipher_generate_iv()`, unless you require a specific IV value. 1. Call `psa_cipher_update()` one or more times, passing the whole message or a fragment of the message on each call. 1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. From eefc517b1f7f34d2802fa6f5fc80d2580b9400ae Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 09:16:53 +0300 Subject: [PATCH 1684/2197] Update docs/getting_started.md Co-Authored-By: Gilles Peskine --- docs/getting_started.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 15410c118..5d123a602 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -375,7 +375,8 @@ algorithms. **To calculate a hash:** 1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. -1. Call `psa_hash_setup()` to initialize the operation structure and specify the hash algorithm. +1. Initialize the operation structure to zero or to `PSA_HASH_OPERATION_INIT`. +1. Call `psa_hash_setup()` to specify the hash algorithm. 1. Call `psa_hash_update()` one or more times, passing the whole message or a fragment of the message on each call. 1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value. From ad067c64f371747827ad774d500ec2b452967ea9 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 09:17:23 +0300 Subject: [PATCH 1685/2197] Update docs/getting_started.md Co-Authored-By: Gilles Peskine --- docs/getting_started.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 5d123a602..6b87fa8d8 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -545,7 +545,7 @@ information about which inputs to pass when, and when you can obtain which outpu * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`) * Key type set to `PSA_KEY_TYPE_DERIVE`. * Algorithm set to a key derivation algorithm - (`PSA_ALG_HKDF(PSA_ALG_SHA_256)`). + (for example `PSA_ALG_HKDF(PSA_ALG_SHA_256)`). **To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF with a given key, salt and information:** From 0058ab61e7260adedff07109f9e3faff36d705d9 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 09:17:54 +0300 Subject: [PATCH 1686/2197] Update docs/getting_started.md Co-Authored-By: Gilles Peskine --- docs/getting_started.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 6b87fa8d8..b4a2554e5 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -557,7 +557,7 @@ function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. 1. Provide `secret` with `psa_key_derivation_input_key()`, referencing a key that can be used for key derivation. 1. Set the key attributes desired for the new derived key. We'll set - the `PSA_KEY_USAGE_ENCRYPT` parameter and the `PSA_ALG_CTR` algorithm for this + the `PSA_KEY_USAGE_ENCRYPT` usage flag and the `PSA_ALG_CTR` algorithm for this example. 1. Derive the key by calling `psa_key_derivation_output_key()`. 1. Clean up the key derivation context. From 94113dbff342a2d27de60a7062b67432c0913b19 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 09:56:51 +0300 Subject: [PATCH 1687/2197] Update getting_started.md --- docs/getting_started.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index b4a2554e5..d8ddd4b13 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -190,11 +190,11 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. 1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. 1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used. -1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommended calling `psa_cipher_generate_iv()`, unless you require a specific IV value. +1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommend calling `psa_cipher_generate_iv()`, unless you require a specific IV value. 1. Call `psa_cipher_update()` one or more times, passing the whole message or a fragment of the message on each call. 1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. -This example shows how to encrypt data using an Advanced Encryption Standard (AES) key in Cipher Block Chaining (CBC) mode with no padding (assuming all prerequisites have been fulfilled): +This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining)) mode with no padding (assuming all prerequisites have been fulfilled): ```c enum { block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), @@ -548,7 +548,7 @@ information about which inputs to pass when, and when you can obtain which outpu (for example `PSA_ALG_HKDF(PSA_ALG_SHA_256)`). **To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF -with a given key, salt and information:** +with a given key, salt and `info`:** 1. Set up the key derivation context using the `psa_key_derivation_setup()` function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. @@ -563,7 +563,7 @@ function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. 1. Clean up the key derivation context. At this point, the derived key slot holds a new 128-bit AES-CTR encryption key -derived from the key, salt and information provided: +derived from the key, salt and `info` provided: ```C psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -828,9 +828,7 @@ Mbed Crypto provides a simple way to generate a key or key pair. **To generate an ECDSA key:** 1. Set the desired key attributes for key generation by calling `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as - `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). Do not set - `PSA_KEY_USAGE_EXPORT`; we only want to export the public key, not the key - pair (or private key). + `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). You only want to export the public key, not the key pair (or private key); therefore, do not set `PSA_KEY_USAGE_EXPORT`. 1. Generate a key by calling `psa_generate_key()`. 1. Export the generated public key by calling `psa_export_public_key()`: ```C @@ -884,4 +882,4 @@ Mbed Crypto provides a simple way to generate a key or key pair. ### More about the Mbed Crypto API -For more information about PSA Crypto, download the *PSA Cryptography API* PDF under [PSA APIs](https://developer.arm.com/architectures/security-architectures/platform-security-architecture#implement). +For more information about the PSA Crypto API, please see the [PSA Cryptography API Specification](https://armmbed.github.io/mbed-crypto/html/index.html). From 355b4b0c2596d59f68492979bdc103f90c6e9048 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 29 May 2019 10:13:23 +0100 Subject: [PATCH 1688/2197] des: Reduce number of self-test iterations Tiny slow processors take a long time to go through 10,000 iterations. Try with 100 iterations instead. Fixes https://github.com/ARMmbed/mbedtls/issues/807 --- library/des.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/library/des.c b/library/des.c index 8a33d82e5..24e517ed9 100644 --- a/library/des.c +++ b/library/des.c @@ -834,16 +834,16 @@ static const unsigned char des3_test_buf[8] = static const unsigned char des3_test_ecb_dec[3][8] = { - { 0xCD, 0xD6, 0x4F, 0x2F, 0x94, 0x27, 0xC1, 0x5D }, - { 0x69, 0x96, 0xC8, 0xFA, 0x47, 0xA2, 0xAB, 0xEB }, - { 0x83, 0x25, 0x39, 0x76, 0x44, 0x09, 0x1A, 0x0A } + { 0x37, 0x2B, 0x98, 0xBF, 0x52, 0x65, 0xB0, 0x59 }, + { 0xC2, 0x10, 0x19, 0x9C, 0x38, 0x5A, 0x65, 0xA1 }, + { 0xA2, 0x70, 0x56, 0x68, 0x69, 0xE5, 0x15, 0x1D } }; static const unsigned char des3_test_ecb_enc[3][8] = { - { 0x6A, 0x2A, 0x19, 0xF4, 0x1E, 0xCA, 0x85, 0x4B }, - { 0x03, 0xE6, 0x9F, 0x5B, 0xFA, 0x58, 0xEB, 0x42 }, - { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 } + { 0x1C, 0xD5, 0x97, 0xEA, 0x84, 0x26, 0x73, 0xFB }, + { 0xB3, 0x92, 0x4D, 0xF3, 0xC5, 0xB5, 0x42, 0x93 }, + { 0xDA, 0x37, 0x64, 0x41, 0xBA, 0x6F, 0x62, 0x6F } }; #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -854,16 +854,16 @@ static const unsigned char des3_test_iv[8] = static const unsigned char des3_test_cbc_dec[3][8] = { - { 0x12, 0x9F, 0x40, 0xB9, 0xD2, 0x00, 0x56, 0xB3 }, - { 0x47, 0x0E, 0xFC, 0x9A, 0x6B, 0x8E, 0xE3, 0x93 }, - { 0xC5, 0xCE, 0xCF, 0x63, 0xEC, 0xEC, 0x51, 0x4C } + { 0x58, 0xD9, 0x48, 0xEF, 0x85, 0x14, 0x65, 0x9A }, + { 0x5F, 0xC8, 0x78, 0xD4, 0xD7, 0x92, 0xD9, 0x54 }, + { 0x25, 0xF9, 0x75, 0x85, 0xA8, 0x1E, 0x48, 0xBF } }; static const unsigned char des3_test_cbc_enc[3][8] = { - { 0x54, 0xF1, 0x5A, 0xF6, 0xEB, 0xE3, 0xA4, 0xB4 }, - { 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D }, - { 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 } + { 0x91, 0x1C, 0x6D, 0xCF, 0x48, 0xA7, 0xC3, 0x4D }, + { 0x60, 0x1A, 0x76, 0x8F, 0xA1, 0xF9, 0x66, 0xF1 }, + { 0xA1, 0x50, 0x0F, 0x99, 0xB2, 0xCD, 0x64, 0x76 } }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -928,7 +928,7 @@ int mbedtls_des_self_test( int verbose ) return( 1 ); } - for( j = 0; j < 10000; j++ ) + for( j = 0; j < 100; j++ ) { if( u == 0 ) mbedtls_des_crypt_ecb( &ctx, buf, buf ); @@ -1005,7 +1005,7 @@ int mbedtls_des_self_test( int verbose ) if( v == MBEDTLS_DES_DECRYPT ) { - for( j = 0; j < 10000; j++ ) + for( j = 0; j < 100; j++ ) { if( u == 0 ) mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); @@ -1015,7 +1015,7 @@ int mbedtls_des_self_test( int verbose ) } else { - for( j = 0; j < 10000; j++ ) + for( j = 0; j < 100; j++ ) { unsigned char tmp[8]; From 95d8438138bf3dd1e94da497068d40eee6da5ef3 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 30 May 2019 13:14:00 +0100 Subject: [PATCH 1689/2197] crypto_platform: Fix typo --- include/psa/crypto_platform.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 42cdad32a..8a9c401c2 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -1,7 +1,7 @@ /** * \file psa/crypto_platform.h * - * \brief PSA cryptography module: Mbed TLS platfom definitions + * \brief PSA cryptography module: Mbed TLS platform definitions * * \note This file may not be included directly. Applications must * include psa/crypto.h. From 29b64073af945f3ac7bcd0f17d75683dee38802e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:02:12 +0100 Subject: [PATCH 1690/2197] Added missing return codes to get_key_attributes Note that PSA_ERROR_NOT_PERMITTED is not included because I can't think of a scenario where you have a valid key handle but aren't allowed to read the attributes --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0d8cbfa1f..2a63098a8 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -328,6 +328,8 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE */ psa_status_t psa_get_key_attributes(psa_key_handle_t handle, psa_key_attributes_t *attributes); From 89b7152ed037624044557c453267369f0784f71d Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:21:00 +0100 Subject: [PATCH 1691/2197] Added PSA_ERROR_STORAGE_FAILURE to psa_export_key It may be possible that an implementation does not fetch key material until a command like this is called and such an error may occur if an off-chip secure storage dependency may have been wiped. --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2a63098a8..96ffa0bbb 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -617,6 +617,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 0542d595ce7b9f3f9af0873fcf9c93c831641427 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:34:44 +0100 Subject: [PATCH 1692/2197] Add PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_key It may be possible that the implementation runs out of memory when exporting a key from storage or a secure element. For example, it may not be possible to directly move the data from storage to the caller, so the implementation will have to buffer the material temporarily (an issue if dynamic memory allocation scheme is used). For a large key this is more likely to return. --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 96ffa0bbb..d62c2a9dd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -618,6 +618,7 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 742084ea25e11c10f0a7843728ebca05376d262e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:54:52 +0100 Subject: [PATCH 1693/2197] Removed PSA_ERROR_DOES_NOT_EXIST from psa_export_key If the key doesn't exist by the time this call is made then the handle is invalid, which means that PSA_ERROR_INVALID_HANDLE should be returned rather than "does not exist" --- include/psa/crypto.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d62c2a9dd..f787b1369 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -604,7 +604,6 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_EXPORT flag. * \retval #PSA_ERROR_NOT_SUPPORTED From 88c51adfc08720dd7dcf2ba75a5c8a415d53713c Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:09:33 +0100 Subject: [PATCH 1694/2197] Added PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_public_key For the same reasons that psa_export_key can fail with this error --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f787b1369..8a987e9b1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -687,6 +687,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From e926e7370fb59a0d4ce9266c266334deb8c88505 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:12:44 +0100 Subject: [PATCH 1695/2197] Removed PSA_DOES_NOT_EXIST from psa_export_public_key The implementation should return PSA_ERROR_INVALID_HANDLE instead. --- include/psa/crypto.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8a987e9b1..49f98b101 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -674,7 +674,6 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is neither a public key nor a key pair. * \retval #PSA_ERROR_NOT_SUPPORTED From 398b3c27e0eff516c4ac7b6ad710600a50bea4f4 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:22:41 +0100 Subject: [PATCH 1696/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_export_public_key The same reason that it is included in psa_export_key --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 49f98b101..ed3aec7f1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -686,6 +686,7 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). From 60b0320af0579a21a2f3123f1d8bb5a81a050b1e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:26:16 +0100 Subject: [PATCH 1697/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_copy_key --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ed3aec7f1..2f5ec018c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -775,6 +775,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t psa_copy_key(psa_key_handle_t source_handle, From f7d852a9d5d41d351610dc3d6ee36bef8e50b746 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:50:26 +0100 Subject: [PATCH 1698/2197] Added PSA_ERROR_BUFFER_TOO_SMALL to psa_hash_compute --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2f5ec018c..a797cd54f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -807,6 +807,8 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p hash_size is too small * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE From fa591c44afa8771a0c472252ecfa5b65bb9393ca Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 10:47:47 +0100 Subject: [PATCH 1699/2197] Added PSA_ERROR_STORAGE_FAILURE to psa_mac_compute In case the key could not be retrieved from storage. --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a797cd54f..de79c9b21 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1134,6 +1134,8 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From dec47b6f9dbab4f8679c69203465807bc8e06629 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 14:25:38 +0100 Subject: [PATCH 1700/2197] Added the possibility of PSA_ERROR_BAD_STATE to all functions --- include/psa/crypto.h | 165 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 163 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index de79c9b21..e6fa93af6 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -330,6 +330,10 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_get_key_attributes(psa_key_handle_t handle, psa_key_attributes_t *attributes); @@ -395,6 +399,10 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * through implementation-specific means. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_open_key(psa_key_id_t id, psa_key_handle_t *handle); @@ -421,6 +429,10 @@ psa_status_t psa_open_key(psa_key_id_t id, * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_close_key(psa_key_handle_t handle); @@ -777,6 +789,10 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_copy_key(psa_key_handle_t source_handle, const psa_key_attributes_t *attributes, @@ -813,6 +829,10 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_compute(psa_algorithm_t alg, const uint8_t *input, @@ -842,6 +862,10 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, @@ -936,6 +960,10 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg); @@ -958,6 +986,10 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_update(psa_hash_operation_t *operation, const uint8_t *input, @@ -999,6 +1031,10 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, uint8_t *hash, @@ -1035,6 +1071,10 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, const uint8_t *hash, @@ -1066,6 +1106,10 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); @@ -1092,6 +1136,10 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation); @@ -1174,6 +1222,12 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_verify(psa_key_handle_t handle, psa_algorithm_t alg, @@ -1369,6 +1423,10 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_update(psa_mac_operation_t *operation, const uint8_t *input, @@ -1411,6 +1469,10 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, @@ -1447,6 +1509,10 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, @@ -1479,6 +1545,10 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); @@ -1521,6 +1591,10 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, psa_algorithm_t alg, @@ -1561,7 +1635,11 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. * \retval #PSA_ERROR_CORRUPTION_DETECTED + */ psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, @@ -1768,6 +1846,10 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, uint8_t *iv, @@ -1803,6 +1885,10 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, const uint8_t *iv, @@ -1839,6 +1925,10 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, const uint8_t *input, @@ -1877,6 +1967,10 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, uint8_t *output, @@ -1910,6 +2004,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); @@ -2234,6 +2332,10 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, uint8_t *nonce, @@ -2268,6 +2370,10 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, const uint8_t *nonce, @@ -2306,6 +2412,10 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, size_t ad_length, @@ -2348,6 +2458,10 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, const uint8_t *input, @@ -2420,6 +2534,10 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_update(psa_aead_operation_t *operation, const uint8_t *input, @@ -2489,6 +2607,10 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, uint8_t *ciphertext, @@ -2547,6 +2669,10 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, uint8_t *plaintext, @@ -2582,6 +2708,10 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); @@ -2891,6 +3021,11 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is either not initialized or has been setup. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation, @@ -2906,8 +3041,13 @@ psa_status_t psa_key_derivation_setup( * \param[out] capacity On success, the capacity of the operation. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation_get_capacity( const psa_key_derivation_operation_t *operation, @@ -2929,7 +3069,12 @@ psa_status_t psa_key_derivation_get_capacity( * In this case, the operation object remains valid and its capacity * remains unchanged. * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation, @@ -3082,6 +3227,10 @@ psa_status_t psa_key_derivation_input_key( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, @@ -3116,6 +3265,10 @@ psa_status_t psa_key_derivation_key_agreement( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, @@ -3264,6 +3417,10 @@ psa_status_t psa_key_derivation_output_key( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation); @@ -3310,6 +3467,10 @@ psa_status_t psa_key_derivation_abort( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. */ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, psa_key_handle_t private_key, From d5ae06b1e34d00033f496abf427a117dd6ba5705 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 15:59:33 +0100 Subject: [PATCH 1701/2197] Add PSA_ERROR_BUFFER_TOO_SMALL to psa_mac_compute --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e6fa93af6..2ee7cf60c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1178,6 +1178,8 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p mac_size is too small * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE From 7563ed17ab9026248f5eb2e7c4944884e6f87a6c Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 16:02:45 +0100 Subject: [PATCH 1702/2197] Remove PSA_ERROR_DOES_NOT_EXIST from psa_mac_sign_setup --- include/psa/crypto.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2ee7cf60c..1fb1515cf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1323,7 +1323,6 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. From 2409ba04292fae6d437f8621f07c68481b7e7732 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 16:05:06 +0100 Subject: [PATCH 1703/2197] Added PSA_ERROR_STORAGE_FAILURE to psa_mac_sign_setup --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 1fb1515cf..a48e7e75c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1332,6 +1332,8 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). From 9770d0e0f89986bdada221706e62c331677d1a08 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 16:18:18 +0100 Subject: [PATCH 1704/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_mac_verify_setup --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a48e7e75c..58412196c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1394,6 +1394,8 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). From 53d90c51994cdaf30470d0ac4d45e5fdba46cde3 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 16:47:23 +0100 Subject: [PATCH 1705/2197] Only return PSA_ERROR_DOES_NOT_EXIST from psa_open_key --- include/psa/crypto.h | 7 ------- 1 file changed, 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 58412196c..b865177d1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1384,7 +1384,6 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. @@ -1740,7 +1739,6 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -1802,7 +1800,6 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -2053,7 +2050,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -2109,7 +2105,6 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_INVALID_SIGNATURE * The ciphertext is not authentic. * \retval #PSA_ERROR_NOT_PERMITTED @@ -3158,7 +3153,6 @@ psa_status_t psa_key_derivation_input_bytes( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step is not compatible with the operation's algorithm. @@ -3220,7 +3214,6 @@ psa_status_t psa_key_derivation_input_key( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_DOES_NOT_EXIST * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \c private_key is not compatible with \c alg, From f961d5c9e60ca30638546548ac94bfa9479bbb0a Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 10:27:50 +0100 Subject: [PATCH 1706/2197] Add missing return codes to psa_asymmetric_encrypt --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b865177d1..273ddcb09 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2839,6 +2839,8 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, * that make up the returned output. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling @@ -2851,6 +2853,7 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). From 96f31ada184799a28358edafc498007f4d22b126 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 10:30:58 +0100 Subject: [PATCH 1707/2197] Add missing return codes to psa_asymmetric_decrypt --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 273ddcb09..9c6ad82e7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2898,6 +2898,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * that make up the returned output. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling @@ -2910,6 +2912,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_INVALID_PADDING * \retval #PSA_ERROR_BAD_STATE From c207ba376e7f61e505844791e4d4706527381eae Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 10:55:38 +0100 Subject: [PATCH 1708/2197] Added missing return codes to psa_aead_decrypt --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9c6ad82e7..fbe294753 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2113,9 +2113,12 @@ psa_status_t psa_aead_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p plaintext_size or \p nonce_length is too small * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From d21c6e6566abd4da05953c6d36b4b5cfe8b18fb7 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 10:58:08 +0100 Subject: [PATCH 1709/2197] Add missing return codes to psa_generate_key --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fbe294753..d25c1dc6a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3550,6 +3550,8 @@ psa_status_t psa_generate_random(uint8_t *output, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 27c121574b6bf6a0ee1bb3960dcc5064538207b6 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 11:10:32 +0100 Subject: [PATCH 1710/2197] Add missing parameters to psa_asymmetric_sign --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d25c1dc6a..e5af9c605 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2745,6 +2745,8 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * that make up the returned signature value. * * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling @@ -2757,6 +2759,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). From 6e758c9bb8ccd047e05f4c5fcef65cd4f207e03d Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 11:11:43 +0100 Subject: [PATCH 1711/2197] Add missing return codes to psa_asymmetric_verify --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index e5af9c605..65d992d8d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2795,6 +2795,8 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, * * \retval #PSA_SUCCESS * The signature is valid. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was perfomed successfully, but the passed * signature is not a valid signature. @@ -2804,6 +2806,7 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From e970d6527313f0585421dcba5d14b4faaad14556 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 14:40:04 +0100 Subject: [PATCH 1712/2197] Added extra bad state case to psa_hash_setup --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 65d992d8d..3d517d292 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -961,6 +961,8 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * \p operation is either not initialized or is in use + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. From 320659b54cb5f01256f548a89ed0fa56826a0063 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 14:49:01 +0100 Subject: [PATCH 1713/2197] Added PSA_ERROR_BAD_STATE to functions with operations In the case that the operation object has not been initialized appropriately. --- include/psa/crypto.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3d517d292..140d8922b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -989,6 +989,8 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1034,6 +1036,8 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1074,6 +1078,8 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1109,6 +1115,8 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid. + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1139,6 +1147,8 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is either not initialized or has already been setup. + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -3038,7 +3048,7 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The operation state is either not initialized or has been setup. + * The operation state is either not initialized or has already been setup. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From a3f6ba5843dc8cff69cc97cd82b1bb3c8d6fd60b Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 14:51:49 +0100 Subject: [PATCH 1714/2197] Added PSA_ERROR_STORAGE_FAILURE to psa_cipher_(encrypt/decrypt) --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 140d8922b..7014be823 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1607,6 +1607,7 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1651,6 +1652,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 0d280b9873a68eed143c2ff978d18ff37e4f4941 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 15:07:07 +0100 Subject: [PATCH 1715/2197] Add missing error codes for psa_raw_key_agreement --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7014be823..b999fd115 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3488,12 +3488,15 @@ psa_status_t psa_key_derivation_abort( * \p private_key is not compatible with \p alg, * or \p peer_key is not valid for \p alg or not compatible with * \p private_key. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p output_size is too small * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not a supported key agreement algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 71b33ffcf8b01ea42a96c0584fbd0dd37bb0508d Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 15:07:57 +0100 Subject: [PATCH 1716/2197] Add missing error codes to psa_generate_random --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b999fd115..89dbd3fac 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3531,6 +3531,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * \retval #PSA_SUCCESS * \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED From 3e412494174eed9e310eaec42c3d18f78a3a294f Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 15:10:33 +0100 Subject: [PATCH 1717/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_aead_*_setup functions --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 89dbd3fac..c080f30ac 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2251,6 +2251,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2312,6 +2313,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From d789dc13da7d1457ccd87bae1d890788d56e5705 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Mon, 12 Aug 2019 15:06:48 +0100 Subject: [PATCH 1718/2197] Added a few more return codes --- include/psa/crypto.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c080f30ac..a3a821d45 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -398,6 +398,7 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * define any way to create such a key, but it may be possible * through implementation-specific means. * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). @@ -1146,6 +1147,7 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The operation state is either not initialized or has already been setup. * \retval #PSA_ERROR_BAD_STATE @@ -1439,6 +1441,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From df3c7ac6450319768f6b741bb093ed928c882321 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Mon, 12 Aug 2019 16:43:30 +0100 Subject: [PATCH 1719/2197] Remove trailing whitespace --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a3a821d45..3ffe07b01 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1347,7 +1347,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage. + * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). From 8d0bcf27ecf7a3864be9a19b8ce16fc3cfe469ff Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 11:36:29 +0100 Subject: [PATCH 1720/2197] Add PSA_ERROR_INVALID_ARGUMENT to psa_hash_compare --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3ffe07b01..0ecc41ff2 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -859,6 +859,8 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * differs from the expected hash. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p input_length or \p hash_length do not match the hash size for \p alg * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE From 263223689fc241e738be4ba4beb978570a8cb8fd Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 11:43:40 +0100 Subject: [PATCH 1721/2197] Add storage failure to psa_mac_sign_finish --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0ecc41ff2..fb48d34c7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1490,6 +1490,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From d9e902488565db35a441a932705d372a1c3e3cd1 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 11:44:30 +0100 Subject: [PATCH 1722/2197] Add storage failure to psa_mac_verify_finish --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fb48d34c7..dace09bf5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1531,6 +1531,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From dc5bf5c8e771b2df0e7311aff7774c20022cbcef Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 11:46:09 +0100 Subject: [PATCH 1723/2197] Add storage failure to (encrypt/decrypt)_setup --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index dace09bf5..ece8edadd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1769,6 +1769,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). @@ -1830,6 +1831,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). From 484ba88a0f6c891df8a756bc2777455fc8ea2b10 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 14:41:52 +0100 Subject: [PATCH 1724/2197] Add STORAGE_FAILURE everywhere + add missing codes --- include/psa/crypto.h | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ece8edadd..18eee530a 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1950,6 +1950,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2079,6 +2080,8 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p ciphertext_size is too small * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED @@ -2227,7 +2230,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * of the non-encrypted additional authenticated data each time. * -# Call psa_aead_update() zero, one or more times, passing a fragment * of the message to encrypt each time. - * -# Call psa_aead_finish(). + * -# Call psa_aead_finish(psa_aead_encrypt). * * The application may call psa_aead_abort() at any time after the operation * has been initialized. @@ -2360,6 +2363,7 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2398,6 +2402,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2440,6 +2445,7 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2486,6 +2492,7 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2562,6 +2569,7 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2635,6 +2643,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2697,6 +2706,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3084,6 +3094,8 @@ psa_status_t psa_key_derivation_setup( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid. + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3111,6 +3123,8 @@ psa_status_t psa_key_derivation_get_capacity( * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid. * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3157,6 +3171,7 @@ psa_status_t psa_key_derivation_set_capacity( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The value of \p step is not valid given the state of \p operation. * \retval #PSA_ERROR_BAD_STATE @@ -3202,6 +3217,7 @@ psa_status_t psa_key_derivation_input_bytes( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The value of \p step is not valid given the state of \p operation. * \retval #PSA_ERROR_BAD_STATE @@ -3265,6 +3281,7 @@ psa_status_t psa_key_derivation_input_key( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3303,6 +3320,7 @@ psa_status_t psa_key_derivation_key_agreement( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3424,6 +3442,7 @@ psa_status_t psa_key_derivation_output_bytes( * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 6725757cecdf1b8743b3af7be75a32843c8e9339 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 15 Aug 2019 10:53:47 +0100 Subject: [PATCH 1725/2197] Remove errorneous insert --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 18eee530a..3bdc3aaa9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2230,7 +2230,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * of the non-encrypted additional authenticated data each time. * -# Call psa_aead_update() zero, one or more times, passing a fragment * of the message to encrypt each time. - * -# Call psa_aead_finish(psa_aead_encrypt). + * -# Call psa_aead_finish(). * * The application may call psa_aead_abort() at any time after the operation * has been initialized. From f97c8523ee60933efd7bc22047b087cb0bff23cf Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 15 Aug 2019 13:27:12 +0100 Subject: [PATCH 1726/2197] Add CORRUPTION_DETECTED to psa_close_key --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 3bdc3aaa9..5b8be02b0 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -430,6 +430,7 @@ psa_status_t psa_open_key(psa_key_id_t id, * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 66200c4e98700f614e1f89928f748392508ee3af Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 15 Aug 2019 13:30:57 +0100 Subject: [PATCH 1727/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5b8be02b0..c5f2971e3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1872,6 +1872,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From fbf7f121f95be250d90690813f85924aa4dfe780 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 15 Aug 2019 13:34:51 +0100 Subject: [PATCH 1728/2197] Separate return codes for unsupported and invalid algorithms --- include/psa/crypto.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c5f2971e3..35fe5e33b 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -956,7 +956,9 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a hash algorithm. + * \p alg is not a supported hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a hash algorithm. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (already set up and not * subsequently completed). From 39797aa34c81620871c4e329e36ea2246d511f6e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Fri, 23 Aug 2019 16:17:43 +0100 Subject: [PATCH 1729/2197] Fix erroneous cut and paste --- include/psa/crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 35fe5e33b..4742120db 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1663,11 +1663,11 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. * \retval #PSA_ERROR_CORRUPTION_DETECTED - + * results in this error code. */ psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, From 23c006f45e76c412333c220e1042fb33c39a0087 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:02:12 +0100 Subject: [PATCH 1730/2197] Added missing return codes to get_key_attributes Note that PSA_ERROR_NOT_PERMITTED is not included because I can't think of a scenario where you have a valid key handle but aren't allowed to read the attributes --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 4742120db..aa63396f7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1667,7 +1667,7 @@ psa_status_t psa_cipher_encrypt(psa_key_handle_t handle, * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. + * results in this error code. */ psa_status_t psa_cipher_decrypt(psa_key_handle_t handle, psa_algorithm_t alg, From 15731c14221e58cbeb8c892ce048a0fe11e5699d Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:21:00 +0100 Subject: [PATCH 1731/2197] Added PSA_ERROR_STORAGE_FAILURE to psa_export_key It may be possible that an implementation does not fetch key material until a command like this is called and such an error may occur if an off-chip secure storage dependency may have been wiped. --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index aa63396f7..05d76e1c1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -831,6 +831,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 7f1863c905c7b565a64d284303c79b9fecf52999 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 16:34:44 +0100 Subject: [PATCH 1732/2197] Add PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_key It may be possible that the implementation runs out of memory when exporting a key from storage or a secure element. For example, it may not be possible to directly move the data from storage to the caller, so the implementation will have to buffer the material temporarily (an issue if dynamic memory allocation scheme is used). For a large key this is more likely to return. --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 05d76e1c1..57d3766ab 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -832,6 +832,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 11638b99a0169288d239e0311d9656f15e33557c Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:09:33 +0100 Subject: [PATCH 1733/2197] Added PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_public_key For the same reasons that psa_export_key can fail with this error --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 57d3766ab..d57011530 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -868,6 +868,7 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 2a889781c55f6c289fa2103768104f629d2b4d84 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 6 Aug 2019 17:22:41 +0100 Subject: [PATCH 1734/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_export_public_key The same reason that it is included in psa_export_key --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d57011530..84f1646a5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -868,6 +868,7 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). From 650229ba386a9f68563023149a4b3693197c572e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 10:47:47 +0100 Subject: [PATCH 1735/2197] Added PSA_ERROR_STORAGE_FAILURE to psa_mac_compute In case the key could not be retrieved from storage. --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 84f1646a5..6259a976f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1575,6 +1575,8 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 52fa174a5a055e7b8e6ec7e2aa4df19986979064 Mon Sep 17 00:00:00 2001 From: Vikas Katariya Date: Thu, 15 Aug 2019 11:59:08 +0100 Subject: [PATCH 1736/2197] Check for zero length and NULL buffer pointer. In reference to issue https://github.com/ARMmbed/mbed-crypto/issues/49 --- library/platform_util.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/platform_util.c b/library/platform_util.c index 756e22679..b1f745097 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -72,7 +72,10 @@ static void * (* const volatile memset_func)( void *, int, size_t ) = memset; void mbedtls_platform_zeroize( void *buf, size_t len ) { - memset_func( buf, 0, len ); + MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL ); + + if( len > 0 ) + memset_func( buf, 0, len ); } #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ From 1f42a84a13e137d05c85228e6b71e335690222b9 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 7 Aug 2019 15:59:33 +0100 Subject: [PATCH 1737/2197] Add PSA_ERROR_BUFFER_TOO_SMALL to psa_mac_compute --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6259a976f..8a1e26240 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1243,6 +1243,8 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p mac_size is too small * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE From 23649246199d6028d8adb53b67c41bd289eeaa18 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 10:58:08 +0100 Subject: [PATCH 1738/2197] Add missing return codes to psa_generate_key --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8a1e26240..f721b7dbd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3577,6 +3577,8 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 97d3bc3674906ce373ad3b70fbc4bb83ce725a20 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 14:40:04 +0100 Subject: [PATCH 1739/2197] Added extra bad state case to psa_hash_setup --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f721b7dbd..71b1de231 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -503,6 +503,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE + * \p operation is either not initialized or is in use + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. From 8f7cd1ee55cd5da92218b73e79f1715f00a9f8cc Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 14:49:01 +0100 Subject: [PATCH 1740/2197] Added PSA_ERROR_BAD_STATE to functions with operations In the case that the operation object has not been initialized appropriately. --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 71b1de231..2a3c171db 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1162,6 +1162,8 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \retval #PSA_ERROR_BAD_STATE * The operation state is either not initialized or has already been setup. * \retval #PSA_ERROR_BAD_STATE + * The operation state is either not initialized or has already been setup. + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. From 22bc8fff0ceb55b1695540a961bd01d7acf255eb Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 8 Aug 2019 15:10:33 +0100 Subject: [PATCH 1741/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_aead_*_setup functions --- include/psa/crypto.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2a3c171db..09115f9c5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2046,6 +2046,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2101,6 +2102,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 56b32b126cc71ec851b8af14c610199841914a11 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 11:43:40 +0100 Subject: [PATCH 1742/2197] Add storage failure to psa_mac_sign_finish --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 09115f9c5..35a196796 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1926,6 +1926,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 1f1e1a52537554e96d81306c1fec8a97ac02b2a3 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 11:44:30 +0100 Subject: [PATCH 1743/2197] Add storage failure to psa_mac_verify_finish --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 35a196796..d714de04e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2010,6 +2010,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 1505b2108aa547a8cc2725cbc41f0c9aad3b9513 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 13 Aug 2019 14:41:52 +0100 Subject: [PATCH 1744/2197] Add STORAGE_FAILURE everywhere + add missing codes --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d714de04e..5b556bc4f 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2250,7 +2250,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * of the non-encrypted additional authenticated data each time. * -# Call psa_aead_update() zero, one or more times, passing a fragment * of the message to encrypt each time. - * -# Call psa_aead_finish(). + * -# Call psa_aead_finish(psa_aead_encrypt). * * The application may call psa_aead_abort() at any time after the operation * has been initialized. From 599c7126680eaa57adcf9f1a2ce04ffb0a7468ff Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 15 Aug 2019 10:53:47 +0100 Subject: [PATCH 1745/2197] Remove errorneous insert --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5b556bc4f..d714de04e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2250,7 +2250,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * of the non-encrypted additional authenticated data each time. * -# Call psa_aead_update() zero, one or more times, passing a fragment * of the message to encrypt each time. - * -# Call psa_aead_finish(psa_aead_encrypt). + * -# Call psa_aead_finish(). * * The application may call psa_aead_abort() at any time after the operation * has been initialized. From f483973c37fe0f1e70015351332b93d6dd8e7efd Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 15 Aug 2019 13:30:57 +0100 Subject: [PATCH 1746/2197] Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv --- include/psa/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d714de04e..2a418a47c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2766,6 +2766,7 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From fa2cefa001c9afcbf274d7105185be77e9394a58 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Tue, 3 Sep 2019 16:51:19 +0100 Subject: [PATCH 1747/2197] Fix warnings --- include/psa/crypto.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2a418a47c..5fa75aea4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -827,6 +827,7 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p hash_size is too small * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2465,7 +2466,6 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3091,6 +3091,7 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The operation state is either not initialized or has already been setup. * \retval #PSA_ERROR_BAD_STATE From 2a9e9f7d52f2aebaa079ec68b77137fb91489bfa Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Wed, 4 Sep 2019 13:45:54 +0300 Subject: [PATCH 1748/2197] Update getting_started.md --- docs/getting_started.md | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index d8ddd4b13..1afc19b67 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -191,10 +191,10 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric 1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. 1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used. 1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommend calling `psa_cipher_generate_iv()`, unless you require a specific IV value. -1. Call `psa_cipher_update()` one or more times, passing the whole message or a fragment of the message on each call. +1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. 1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. -This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining)) mode with no padding (assuming all prerequisites have been fulfilled): +This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining) mode with no padding (assuming all prerequisites have been fulfilled): ```c enum { block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), @@ -270,9 +270,10 @@ This example shows how to encrypt data using an AES (Advanced Encryption Standar **To decrypt a message with a symmetric cipher:** 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Call `psa_cipher_decrypt_setup()` to initialize the operation structure and to specify the algorithm and the key to be used. +1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. +1. Call `psa_cipher_decrypt_setup()` to specify the algorithm and the key to be used. 1. Call `psa_cipher_set_iv()` with the IV for the decryption. -1. Call `psa_cipher_update()` one or more times, passing the whole message or a fragment of the message on each call. +1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. 1. Call `psa_cipher_finish()` to end the operation and output the decrypted message. This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding @@ -377,10 +378,10 @@ algorithms. 1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. 1. Initialize the operation structure to zero or to `PSA_HASH_OPERATION_INIT`. 1. Call `psa_hash_setup()` to specify the hash algorithm. -1. Call `psa_hash_update()` one or more times, passing the whole message or a fragment of the message on each call. +1. Call `psa_hash_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. 1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value. -This example shows how to calculate the `SHA-256` hash of a message: +This example shows how to calculate the SHA-256 hash of a message: ```c psa_status_t status; psa_algorithm_t alg = PSA_ALG_SHA_256; @@ -425,7 +426,7 @@ This example shows how to calculate the `SHA-256` hash of a message: mbedtls_psa_crypto_free(); ``` -This example shows how to verify the `SHA-256` hash of a message: +This example shows how to verify the SHA-256 hash of a message: ```c psa_status_t status; psa_algorithm_t alg = PSA_ALG_SHA_256; @@ -477,7 +478,7 @@ The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash leng #### Handling hash operation contexts -After a successful call to `psa_hash_setup()` initializes the operation structure, you can terminate the operation at any time by calling `psa_hash_abort()`. The call to `psa_hash_abort()` frees any resources associated with the operation, except for the operation structure itself. +After a successful call to `psa_hash_setup()`, you can terminate the operation at any time by calling `psa_hash_abort()`. The call to `psa_hash_abort()` frees any resources associated with the operation, except for the operation structure itself. Mbed Crypto implicitly calls `psa_hash_abort()` when: 1. A call to `psa_hash_update()` fails (returning any status other than `PSA_SUCCESS`). @@ -545,10 +546,10 @@ information about which inputs to pass when, and when you can obtain which outpu * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`) * Key type set to `PSA_KEY_TYPE_DERIVE`. * Algorithm set to a key derivation algorithm - (for example `PSA_ALG_HKDF(PSA_ALG_SHA_256)`). + (for example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)`). **To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF -with a given key, salt and `info`:** +with a given key, salt and info:** 1. Set up the key derivation context using the `psa_key_derivation_setup()` function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. @@ -880,6 +881,6 @@ Mbed Crypto provides a simple way to generate a key or key pair. mbedtls_psa_crypto_free(); ``` -### More about the Mbed Crypto API +### More about the PSA Crypto API For more information about the PSA Crypto API, please see the [PSA Cryptography API Specification](https://armmbed.github.io/mbed-crypto/html/index.html). From b26c8d8bb49797fe35470dbd85dbb3035fa961ef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 19:26:17 +0200 Subject: [PATCH 1749/2197] Create a driver interface test strategy document Just the structure for now, no actual content. --- .../testing/driver-interface-test-strategy.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 docs/architecture/testing/driver-interface-test-strategy.md diff --git a/docs/architecture/testing/driver-interface-test-strategy.md b/docs/architecture/testing/driver-interface-test-strategy.md new file mode 100644 index 000000000..5db91888c --- /dev/null +++ b/docs/architecture/testing/driver-interface-test-strategy.md @@ -0,0 +1,24 @@ +# Mbed Crypto driver interface test strategy + +This document describes the test strategy for the driver interfaces in Mbed Crypto. Mbed Crypto has interfaces for secure element drivers, accelerator drivers and entropy drivers. This document is about testing Mbed Crypto itself; testing drivers is out of scope. + +The driver interfaces are standardized through PSA Cryptography functional specifications. + +## Secure element driver interface + +The secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers. + +TODO + + +## Accelerator driver interface + +The accelerator driver interface is defined by [`psa/crypto_accel_driver.h`](../../../include/psa/crypto_accel_driver.h). + +TODO + +## Entropy driver interface + +The entropy driver interface is defined by [`psa/crypto_entropy_driver.h`](../../../include/psa/crypto_entropy_driver.h). + +TODO From 92bcfdbb6652c6065a9a953d9abc94950d0a7e4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 19:26:50 +0200 Subject: [PATCH 1750/2197] Write secure element driver interface test strategy --- .../testing/driver-interface-test-strategy.md | 92 ++++++++++++++++++- 1 file changed, 91 insertions(+), 1 deletion(-) diff --git a/docs/architecture/testing/driver-interface-test-strategy.md b/docs/architecture/testing/driver-interface-test-strategy.md index 5db91888c..d8dade6eb 100644 --- a/docs/architecture/testing/driver-interface-test-strategy.md +++ b/docs/architecture/testing/driver-interface-test-strategy.md @@ -8,8 +8,98 @@ The driver interfaces are standardized through PSA Cryptography functional speci The secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers. -TODO +The SE interface consists of one function provided by Mbed Crypto (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed Crypto, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function. +### SE driver interface unit tests + +This section describes unit tests that must be implemented to validate the secure element driver interface. Note that a test case may cover multiple requirements; for example a “good case” test can validate that the proper function is called, that it receives the expected inputs and that it produces the expected outputs. + +Many SE driver interface unit tests could be covered by running the existing API tests with a key in a secure element. + +#### SE driver registration + +* Test `psa_register_se_driver` with valid and with invalid arguments. +* Make at least one failing call to `psa_register_se_driver` followed by a successful call. +* Make at least one test that successfully registers the maximum number of drivers and fails to register one more. + +#### Dispatch to SE driver + +For each API function that can lead to a driver call (more precisely, for each driver method call site, but this is practically equivalent): + +* Make at least one test with a key in a secure element that checks that the driver method is called. A few API functions involve multiple driver methods; these should validate that all the expected driver methods are called. +* Make at least one test with a key that is not in a secure element that checks that the driver method is not called. +* Make at least one test with a key in a secure element with a driver that does not have the requisite method (i.e. the method pointer is `NULL`) but has the substructure containing that method, and check that the return value is `PSA_ERROR_NOT_SUPPORTED`. +* Make at least one test with a key in a secure element with a driver that does not have the substructure containing that method (i.e. the pointer to the substructure is `NULL`), and check that the return value is `PSA_ERROR_NOT_SUPPORTED`. +* At least one test should register multiple drivers with a key in each driver and check that the expected driver is called. This does not need to be done for all operations (use a white-box approach to determine if operations may use different code paths to choose the driver). +* At least one test should register the same driver structure with multiple lifetime values and check that the driver receives the expected lifetime value. + +Some methods only make sense as a group (for example a driver that provides the MAC methods must provide all or none). In those cases, test with all of them null and none of them null. + +#### SE driver inputs + +For each API function that can lead to a driver call (more precisely, for each driver method call site, but this is practically equivalent): + +* Wherever the specification guarantees parameters that satisfy certain preconditions, check these preconditions whenever practical. +* If the API function can take parameters that are invalid and must not reach the driver, call the API function with such parameters and verify that the driver method is not called. + +#### SE driver outputs + +For each API function that leads to a driver call, call it with parameters that cause a driver to be invoked and check how Mbed Crypto handles the outputs. + +* Correct outputs. +* Incorrect outputs such as an invalid output length. +* Expected errors (e.g. `PSA_ERROR_INVALID_SIGNATURE` from a signature verification method). +* Unexpected errors. At least test that if the driver returns `PSA_ERROR_GENERIC_ERROR`, this is propagated correctly. + +Key creation functions invoke multiple methods and need more complex error handling: + +* Check the consequence of errors detected at each stage (slot number allocation or validation, key creation method, storage accesses). +* Check that the storage ends up in the expected state. At least make sure that no intermediate file remains after a failure. + +#### Persistence of SE keys + +The following tests must be performed at least one for each key creation method (import, generate, ...). + +* Test that keys in a secure element survive `psa_close_key(); psa_open_key()`. +* Test that keys in a secure element survive `mbedtls_psa_crypto_free(); psa_crypto_init()`. +* Test that the driver's persistent data survives `mbedtls_psa_crypto_free(); psa_crypto_init()`. +* Test that `psa_destroy_key()` does not leave any trace of the key. + +#### Resilience for SE drivers + +Creating or removing a key in a secure element involves multiple storage modifications (M1, ..., Mn). If the operation is interrupted by a reset at any point, it must be either rolled back or completed. + +* For each potential interruption point (before M1, between M1 and M2, ..., after Mn), call `mbedtls_psa_crypto_free(); psa_crypto_init()` at that point and check that this either rolls back or completes the operation that was started. +* This must be done for each key creation method and for key destruction. +* This must be done for each possible flow, including error cases (e.g. a key creation that fails midway due to `OUT_OF_MEMORY`). +* The recovery during `psa_crypto_init` can itself be interrupted. Test those interruptions too. +* Two things need to be tested: the key that is being created or destroyed, and the driver's persistent storage. +* Check both that the storage has the expected content (this can be done by e.g. using a key that is supposed to be present) and does not have any unexpected content (for keys, this can be done by checking that `psa_open_key` fails with `PSA_ERRROR_DOES_NOT_EXIST`). + +This requires instrumenting the storage implementation, either to force it to fail at each point or to record successive storage states and replay each of them. Each `psa_its_xxx` function call is assumed to be atomic. + +### SE driver system tests + +#### Real-world use case + +We must have at least one driver that is close to real-world conditions: + +* With its own source tree. +* Running on actual hardware. +* Run the full driver validation test suite (which does not yet exist). +* Run at least one test application (e.g. the Mbed OS TLS example). + +This requirement shall be fulfilled by the [Microchip ATECC508A driver](https://github.com/ARMmbed/mbed-cryptoauthlib). + +#### Complete driver + +We should have at least one driver that covers the whole interface: + +* With its own source tree. +* Implementing all the methods. +* Run the full driver validation test suite (which does not yet exist). + +A PKCS#11 driver would be a good candidate. It would be useful as part of our product offering. ## Accelerator driver interface From 545c28bf706382eb36d64838da95170e28c835f7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 19:41:16 +0200 Subject: [PATCH 1751/2197] Fix URL of ATECC driver --- docs/architecture/testing/driver-interface-test-strategy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/testing/driver-interface-test-strategy.md b/docs/architecture/testing/driver-interface-test-strategy.md index d8dade6eb..2f31c0010 100644 --- a/docs/architecture/testing/driver-interface-test-strategy.md +++ b/docs/architecture/testing/driver-interface-test-strategy.md @@ -89,7 +89,7 @@ We must have at least one driver that is close to real-world conditions: * Run the full driver validation test suite (which does not yet exist). * Run at least one test application (e.g. the Mbed OS TLS example). -This requirement shall be fulfilled by the [Microchip ATECC508A driver](https://github.com/ARMmbed/mbed-cryptoauthlib). +This requirement shall be fulfilled by the [Microchip ATECC508A driver](https://github.com/ARMmbed/mbed-os-atecc608a/). #### Complete driver From 3b5975641e614d7954b8da248d43c82e309794b1 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 4 Sep 2019 19:20:32 +0100 Subject: [PATCH 1752/2197] Fix return code warnings - Remove STORAGE_FAILURE from hash and abort functions - Remove BUFFER_TOO_SMALL from psa_mac_verify --- include/psa/crypto.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5fa75aea4..9f6fcac32 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -834,7 +834,6 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). @@ -871,7 +870,6 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). @@ -1248,8 +1246,6 @@ psa_status_t psa_mac_compute(psa_key_handle_t handle, * \p handle is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p mac_size is too small * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1582,8 +1578,6 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2049,7 +2043,6 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2766,7 +2759,6 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From 5b1347a59e977c738240535b19734059f1cbf64f Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Thu, 5 Sep 2019 09:46:31 +0300 Subject: [PATCH 1753/2197] Update getting_started.md --- docs/getting_started.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 1afc19b67..a1c40eed9 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -127,9 +127,9 @@ This example shows how to sign a hash that has already been calculated: psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t key[] = RSA_KEY; uint8_t hash[32] = {0x50, 0xd8, 0x58, 0xe0, 0x98, 0x5e, 0xcc, 0x7f, - 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, - 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, - 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; + 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, + 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, + 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; psa_key_handle_t handle; From ce56077f97553caa447fe4227bf832ad6153c383 Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Thu, 5 Sep 2019 11:35:16 +0300 Subject: [PATCH 1754/2197] Update based on Jaeden's comments. --- docs/getting_started.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index a1c40eed9..8c995f3c8 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -553,7 +553,7 @@ with a given key, salt and info:** 1. Set up the key derivation context using the `psa_key_derivation_setup()` function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. -1. Provide an optional salt with `psa_key_derivation_input_bytes()`. +1. Provide `salt` (optional) with `psa_key_derivation_input_bytes()`. 1. Provide `info` with `psa_key_derivation_input_bytes()`. 1. Provide `secret` with `psa_key_derivation_input_key()`, referencing a key that can be used for key derivation. @@ -564,7 +564,7 @@ function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. 1. Clean up the key derivation context. At this point, the derived key slot holds a new 128-bit AES-CTR encryption key -derived from the key, salt and `info` provided: +derived from the key, salt and info provided: ```C psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; From de183416f8b4ea9e48286ca5172559547224f46c Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Thu, 5 Sep 2019 09:38:06 +0100 Subject: [PATCH 1755/2197] Update the behavior of key handles * open output distinct key handles * each handle must be closed * destroying a key does not invalidate other handles * closing a key can/might fail an active operation (but not required) --- include/psa/crypto.h | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0d8cbfa1f..f6211a800 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -361,15 +361,18 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * keys that can be opened with psa_open_key(). Such keys have a key identifier * in the vendor range, as documented in the description of #psa_key_id_t. * - * The application must eventually close the handle with psa_close_key() - * to release associated resources. If the application dies without calling - * psa_close_key(), the implementation should perform the equivalent of a - * call to psa_close_key(). + * The application must eventually close the handle with psa_close_key() or + * psa_destroy_key() to release associated resources. If the application dies + * without calling one of these functions, the implementation should perform + * the equivalent of a call to psa_close_key(). * * Some implementations permit an application to open the same key multiple - * times. Applications that rely on this behavior will not be portable to - * implementations that only permit a single key handle to be opened. See - * also :ref:\`key-handles\`. + * times. If this is successful, each call to psa_open_key() will return a + * different key handle. + * + * \note Applications that rely on opening a key multiple times will not be + * portable to implementations that only permit a single key handle to be + * opened. See also :ref:\`key-handles\`. * * \param id The persistent identifier of the key. * \param[out] handle On success, a handle to the key. @@ -411,8 +414,10 @@ psa_status_t psa_open_key(psa_key_id_t id, * Closing the key handle makes the handle invalid, and the key handle * must not be used again by the application. * - * If the key is currently in use in a multipart operation, then closing the - * last remaining handle to the key will abort the multipart operation. + * \note If the key handle was used to setup an active + * :ref:\`multipart operation \`, then closing the + * key handle can cause the multipart operation to fail. Applications should + * maintain the key handle until after the multipart operation has finished. * * \param handle The key handle to close. * @@ -503,13 +508,16 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * memory and, if applicable, non-volatile storage. Implementations shall * make a best effort to ensure that that the key material cannot be recovered. * - * This function also erases any metadata such as policies and frees all - * resources associated with the key. + * This function also erases any metadata such as policies and frees + * resources associated with the key. To free all resources associated with + * the key, all handles to the key must be closed or destroyed. * - * Destroying a key will invalidate all existing handles to the key. + * Destroying the key makes the handle invalid, and the key handle + * must not be used again by the application. Using other open handles to the + * destroyed key in a cryptographic operation will result in an error. * - * If the key is currently in use in a multipart operation, then destroying the - * key will abort the multipart operation. + * If a key is currently in use in a multipart operation, then destroying the + * key will cause the multipart operation to fail. * * \param handle Handle to the key to erase. * From 2900811b01e1d2451e32d435aca58fc2afb5a14b Mon Sep 17 00:00:00 2001 From: Guy Wild Date: Thu, 5 Sep 2019 11:38:14 +0300 Subject: [PATCH 1756/2197] Update getting_started.md --- docs/getting_started.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 8c995f3c8..236c1a26c 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -553,9 +553,9 @@ with a given key, salt and info:** 1. Set up the key derivation context using the `psa_key_derivation_setup()` function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. -1. Provide `salt` (optional) with `psa_key_derivation_input_bytes()`. -1. Provide `info` with `psa_key_derivation_input_bytes()`. -1. Provide `secret` with `psa_key_derivation_input_key()`, referencing a key that +1. Provide an optional salt with `psa_key_derivation_input_bytes()`. +1. Provide info with `psa_key_derivation_input_bytes()`. +1. Provide a secret with `psa_key_derivation_input_key()`, referencing a key that can be used for key derivation. 1. Set the key attributes desired for the new derived key. We'll set the `PSA_KEY_USAGE_ENCRYPT` usage flag and the `PSA_ALG_CTR` algorithm for this From 8619f8cd07ef5f9c2766973c1df87c62d3c9dbb3 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 5 Sep 2019 10:37:22 +0100 Subject: [PATCH 1757/2197] Remove storage errors from psa_generate_random --- include/psa/crypto.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9f6fcac32..d5e713e06 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3579,8 +3579,6 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize From dca667ac80b09de6150dd4038b1a11b5ae4311c5 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 4 Jan 2019 14:32:30 +0000 Subject: [PATCH 1758/2197] Add a safer deterministic ECDSA function `mbedtls_ecdsa_sign_det` reuses the internal HMAC-DRBG instance to implement blinding. The advantage of this is that the algorithm is deterministic too, not just the resulting signature. The drawback is that the blinding is always the same for the same key and message. This diminishes the efficiency of blinding and leaks information about the private key. A function that takes external randomness fixes this weakness. --- include/mbedtls/ecdsa.h | 45 +++++++++++++++++++++++++ library/ecdsa.c | 73 ++++++++++++++++++++++++++++++++--------- 2 files changed, 103 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index ad5118814..6e4bc6c04 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -215,6 +215,51 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg ); +/** + * \brief This function computes the ECDSA signature of a + * previously-hashed message, deterministic version. + * + * For more information, see RFC-6979: Deterministic + * Usage of the Digital Signature Algorithm (DSA) and Elliptic + * Curve Digital Signature Algorithm (ECDSA). + * + * \note If the bitlength of the message hash is larger than the + * bitlength of the group order, then the hash is truncated as + * defined in Standards for Efficient Cryptography Group + * (SECG): SEC1 Elliptic Curve Cryptography, section + * 4.1.3, step 5. + * + * \see ecp.h + * + * \param grp The context for the elliptic curve to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param r The MPI context in which to store the first part + * the signature. This must be initialized. + * \param s The MPI context in which to store the second part + * the signature. This must be initialized. + * \param d The private signing key. This must be initialized + * and setup, for example through mbedtls_ecp_gen_privkey(). + * \param buf The hashed content to be signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param md_alg The hash algorithm used to hash the original data. + * \param f_rng_blind The RNG function used for blinding. This must not be + * \c NULL. + * \param p_rng_blind The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context parameter. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX + * error code on failure. + */ +int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind ); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /** diff --git a/library/ecdsa.c b/library/ecdsa.c index 5c3038048..6a5413205 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -254,6 +254,8 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, mbedtls_ecdsa_restart_ctx *rs_ctx ) { int ret, key_tries, sign_tries; @@ -323,7 +325,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mul: #endif MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G, - f_rng, p_rng, ECDSA_RS_ECP ) ); + f_rng_blind, + p_rng_blind, + ECDSA_RS_ECP ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) ); } while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 ); @@ -349,7 +353,8 @@ modn: * Generate a random value to blind inv_mod in next step, * avoiding a potential timing leak. */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng_blind, + p_rng_blind ) ); /* * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n @@ -406,8 +411,9 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, ECDSA_VALIDATE_RET( f_rng != NULL ); ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + /* Use the same RNG for both blinding and ephemeral key generation */ return( ecdsa_sign_restartable( grp, r, s, d, buf, blen, - f_rng, p_rng, NULL ) ); + f_rng, p_rng, f_rng, p_rng, NULL ) ); } #endif /* !MBEDTLS_ECDSA_SIGN_ALT */ @@ -419,6 +425,8 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, mbedtls_ecdsa_restart_ctx *rs_ctx ) { int ret; @@ -465,8 +473,22 @@ sign: ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng ); #else - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, rs_ctx ); + if( f_rng_blind != NULL ) + ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx ); + else + /* + * Use the same RNG for both blinding and ephemeral key generation. + * Since the RNG output is always the same for the same key and message, + * this limits the efficiency of blinding and leaks information through + * side channels. After mbedtls_ecdsa_sign_det() is removed NULL won't + * be a valid value for f_rng_blind anymore. Therefore it should be + * checked by the caller and this branch and check can be removed. + */ + ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + mbedtls_hmac_drbg_random, p_rng, rs_ctx ); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: @@ -479,11 +501,12 @@ cleanup: } /* - * Deterministic signature wrapper + * Deterministic signature wrappers */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) +int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg ) { ECDSA_VALIDATE_RET( grp != NULL ); ECDSA_VALIDATE_RET( r != NULL ); @@ -491,7 +514,27 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi ECDSA_VALIDATE_RET( d != NULL ); ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, NULL ) ); + return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, + NULL, NULL, NULL ) ); +} + +int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, + size_t), + void *p_rng_blind ) +{ + ECDSA_VALIDATE_RET( grp != NULL ); + ECDSA_VALIDATE_RET( r != NULL ); + ECDSA_VALIDATE_RET( s != NULL ); + ECDSA_VALIDATE_RET( d != NULL ); + ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + ECDSA_VALIDATE_RET( f_rng_blind != NULL ); + + return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, + f_rng_blind, p_rng_blind, NULL ) ); } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -670,11 +713,9 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, mbedtls_mpi_init( &s ); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - (void) f_rng; - (void) p_rng; - MBEDTLS_MPI_CHK( ecdsa_sign_det_restartable( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, md_alg, rs_ctx ) ); + hash, hlen, md_alg, f_rng, + p_rng, rs_ctx ) ); #else (void) md_alg; @@ -682,8 +723,10 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d, hash, hlen, f_rng, p_rng ) ); #else + /* Use the same RNG for both blinding and ephemeral key generation */ MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng, rs_ctx ) ); + hash, hlen, f_rng, p_rng, f_rng, + p_rng, rs_ctx ) ); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ From 651eac8c5e4634e3381fee6fa06967b370dff820 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 4 Jan 2019 15:51:24 +0000 Subject: [PATCH 1759/2197] Make tests use the new deterministic ECDSA function In preparation of deprecating the old and less secure deterministic ECDSA signature function we need to remove it from the test. At the same time, the new function needs to be tested. Modifying the tests to use the new function achieves both of these goals. --- tests/suites/test_suite_ecdsa.function | 40 +++++++++++++++----------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 22d92b6df..ab3db3adf 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -55,25 +55,30 @@ void ecdsa_invalid_param( ) #if defined(MBEDTLS_ECDSA_DETERMINISTIC) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det( NULL, &m, &m, &m, - buf, sizeof( buf ), - valid_md ) ); + mbedtls_ecdsa_sign_det_ext( NULL, &m, &m, &m, + buf, sizeof( buf ), + valid_md, + rnd_std_rand, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det( &grp, NULL, &m, &m, - buf, sizeof( buf ), - valid_md ) ); + mbedtls_ecdsa_sign_det_ext( &grp, NULL, &m, &m, + buf, sizeof( buf ), + valid_md, + rnd_std_rand, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det( &grp, &m, NULL, &m, - buf, sizeof( buf ), - valid_md ) ); + mbedtls_ecdsa_sign_det_ext( &grp, &m, NULL, &m, + buf, sizeof( buf ), + valid_md, + rnd_std_rand, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det( &grp, &m, &m, NULL, - buf, sizeof( buf ), - valid_md ) ); + mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, NULL, + buf, sizeof( buf ), + valid_md, + rnd_std_rand, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det( &grp, &m, &m, &m, - NULL, sizeof( buf ), - valid_md ) ); + mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, &m, + NULL, sizeof( buf ), + valid_md, + rnd_std_rand, NULL ) ); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, @@ -325,7 +330,10 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_sign_det( &grp, &r, &s, &d, hash, hlen, md_alg ) == 0 ); + TEST_ASSERT( + mbedtls_ecdsa_sign_det_ext( &grp, &r, &s, &d, hash, hlen, + md_alg, rnd_std_rand, NULL ) + == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 ); From e65e0597a83fbf74dcd8d91a639b3a77586a82d5 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 4 Jan 2019 15:55:43 +0000 Subject: [PATCH 1760/2197] Deprecate the old deterministic ECDSA function The current interface does not allow passing an RNG, which is needed for blinding. Using the scheme's internal HMAC-DRBG results the same blinding values for the same key and message, diminishing the effectiveness of the countermeasure. A new function `mbedtls_ecdsa_det_ext` is available to address this problem. --- include/mbedtls/ecdsa.h | 14 ++++++++++++-- library/ecdsa.c | 3 +++ 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 6e4bc6c04..775b58b77 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -176,6 +176,12 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif /** * \brief This function computes the ECDSA signature of a * previously-hashed message, deterministic version. @@ -214,7 +220,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ); + mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; +#undef MBEDTLS_DEPRECATED +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + /** * \brief This function computes the ECDSA signature of a * previously-hashed message, deterministic version. @@ -338,7 +347,8 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * the signature written. Must not be \c NULL. * \param f_rng The RNG function. This must not be \c NULL if * #MBEDTLS_ECDSA_DETERMINISTIC is unset. Otherwise, - * it is unused and may be set to \c NULL. + * it is used only for blinding and may be set to \c NULL, but + * doing so is DEPRECATED. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng is \c NULL or doesn't use a context. * diff --git a/library/ecdsa.c b/library/ecdsa.c index 6a5413205..3ae8eedf8 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -503,6 +503,8 @@ cleanup: /* * Deterministic signature wrappers */ + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, @@ -517,6 +519,7 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, NULL, NULL, NULL ) ); } +#endif /* MBEDTLS_DEPRECATED_REMOVED */ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, From 1231d210e10c402c702b6ef6f84d99b6ea42f3ea Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 7 Jan 2019 15:01:32 +0000 Subject: [PATCH 1761/2197] Add warning for alternative ECDSA implementations Alternative implementations are often hardware accelerators and might not need an RNG for blinding. But if they do, then we make them misuse the RNG in the deterministic case. There are several way around this: - Exposing a lower level function for replacement. This would be the optimal solution, but litters the API and is not backward compatible. - Introducing a new compile time option for replacing the deterministic function. This would mostly cover the same code as MBEDTLS_ECDSA_DETERMINISTIC and would be yet another compile time flag. - Reusing the existing MBEDTLS_ECDSA_DETERMINISTIC macro. This changes the algorithm used by the PK layer from deterministic to randomised if the alternative implementation is present. This commit implements the third option. This is a temporary solution and should be fixed at the next device driver API change. --- include/mbedtls/config.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 3c1430ce9..e14fc74d7 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -441,6 +441,16 @@ * dependencies on them, and considering stronger message digests * and ciphers instead. * + * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are + * enabled, then the deterministic ECDH signature functions pass the + * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore + * alternative implementations should use the RNG only for generating + * the ephemeral key and nothing else. If this is not possible, then + * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative + * implementation should be provided for mbedtls_ecdsa_sign_det_ext() + * (and for mbedtls_ecdsa_sign_det() too if backward compatibility is + * desirable). + * */ //#define MBEDTLS_MD2_PROCESS_ALT //#define MBEDTLS_MD4_PROCESS_ALT From 896a2942117514bf0427c187f05d687d08e2b0c9 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 7 Jan 2019 17:27:56 +0000 Subject: [PATCH 1762/2197] Correct deterministic ECDSA behavior We were still reusing the internal HMAC-DRBG of the deterministic ECDSA for blinding. This meant that with cryptographically low likelyhood the result was not the same signature as the one the deterministic ECDSA algorithm has to produce (however it is still a valid ECDSA signature). To correct this we seed a second HMAC-DRBG with the same seed to restore correct behavior. We also apply a label to avoid reusing the bits of the ephemeral key for a different purpose and reduce the chance that they leak. This workaround can't be implemented in the restartable case without penalising the case where external RNG is available or completely defeating the purpose of the restartable feature, therefore in this case the small chance of incorrect behavior remains. --- library/ecdsa.c | 61 +++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 54 insertions(+), 7 deletions(-) diff --git a/library/ecdsa.c b/library/ecdsa.c index 3ae8eedf8..bda9262c9 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -478,17 +478,64 @@ sign: mbedtls_hmac_drbg_random, p_rng, f_rng_blind, p_rng_blind, rs_ctx ); else + { + mbedtls_hmac_drbg_context *p_rng_blind_det; + +#if !defined(MBEDTLS_ECP_RESTARTABLE) /* - * Use the same RNG for both blinding and ephemeral key generation. - * Since the RNG output is always the same for the same key and message, - * this limits the efficiency of blinding and leaks information through - * side channels. After mbedtls_ecdsa_sign_det() is removed NULL won't - * be a valid value for f_rng_blind anymore. Therefore it should be - * checked by the caller and this branch and check can be removed. + * To avoid reusing rng_ctx and risking incorrect behavior we seed a + * second HMAC-DRBG with the same seed. We also apply a label to avoid + * reusing the bits of the ephemeral key for blinding and eliminate the + * risk that they leak this way. + */ + const char* blind_label = "BLINDING CONTEXT"; + mbedtls_hmac_drbg_context rng_ctx_blind; + + mbedtls_hmac_drbg_init( &rng_ctx_blind ); + p_rng_blind_det = &rng_ctx_blind; + mbedtls_hmac_drbg_seed_buf( p_rng_blind_det, md_info, + data, 2 * grp_len ); + ret = mbedtls_hmac_drbg_update_ret( p_rng_blind_det, + (const unsigned char*) blind_label, + strlen( blind_label ) ); + if( ret != 0 ) + { + mbedtls_hmac_drbg_free( &rng_ctx_blind ); + goto cleanup; + } +#else + /* + * In the case of restartable computations we would either need to store + * the second RNG in the restart context too or set it up at every + * restart. The first option would penalize the correct application of + * the function and the second would defeat the purpose of the + * restartable feature. + * + * Therefore in this case we reuse the original RNG. This comes with the + * price that the resulting signature might not be a valid deterministic + * ECDSA signature with a very low probability (same magnitude as + * successfully guessing the private key). However even then it is still + * a valid ECDSA signature. + */ + p_rng_blind_det = p_rng; +#endif /* MBEDTLS_ECP_RESTARTABLE */ + + /* + * Since the output of the RNGs is always the same for the same key and + * message, this limits the efficiency of blinding and leaks information + * through side channels. After mbedtls_ecdsa_sign_det() is removed NULL + * won't be a valid value for f_rng_blind anymore. Therefore it should + * be checked by the caller and this branch and check can be removed. */ ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng, - mbedtls_hmac_drbg_random, p_rng, rs_ctx ); + mbedtls_hmac_drbg_random, p_rng_blind_det, + rs_ctx ); + +#if !defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_hmac_drbg_free( &rng_ctx_blind ); +#endif + } #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: From 75f2c20f9c59ce702edd5e73d777a3a01b06f542 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 15 Jan 2019 11:44:31 +0000 Subject: [PATCH 1763/2197] ECDSA: Explain limitations of constant blinding --- include/mbedtls/ecdsa.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 775b58b77..b009e7345 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -196,6 +196,19 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * (SECG): SEC1 Elliptic Curve Cryptography, section * 4.1.3, step 5. * + * \warning Since the output of the internal RNG is always the same for + * the same key and message, this limits the efficiency of + * blinding and leaks information through side channels. For + * secure behavior use mbedtls_ecdsa_sign_det_ext() instead. + * + * (Optimally the blinding is a random value that is different + * on every execution. In this case the blinding is still + * random from the attackers perspective, but is the same on + * each execution. This means that this blinding does not + * prevent attackers from recovering secrets by combining + * several measurement traces, but may prevent some attacks + * that exploit relationships between secret data.) + * * \see ecp.h * * \param grp The context for the elliptic curve to use. From 5e843fa133e01fd852e9b0a69709a66b1c4b7fbf Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Thu, 5 Sep 2019 14:06:34 +0100 Subject: [PATCH 1764/2197] Use safer deterministic function in psa_ecdsa_sign --- library/psa_crypto.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ef2d50e62..a80f13de3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3271,9 +3271,11 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp->grp, &r, &s, &ecp->d, - hash, hash_length, - md_alg ) ); + MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( &ecp->grp, &r, &s, + &ecp->d, hash, + hash_length, md_alg, + mbedtls_ctr_drbg_random, + &global_data.ctr_drbg ) ); } else #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ From dc22d8d022496483722ed0b9b0365435c0616068 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 5 Sep 2019 09:34:34 -0400 Subject: [PATCH 1765/2197] Add an input check in psa_its_set --- library/psa_its_file.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 05ca8afc7..0935b2780 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -214,9 +214,12 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, n = fwrite( &header, 1, sizeof( header ), stream ); if( n != sizeof( header ) ) goto exit; - n = fwrite( p_data, 1, data_length, stream ); - if( n != data_length ) - goto exit; + if( data_length != 0 ) + { + n = fwrite( p_data, 1, data_length, stream ); + if( n != data_length ) + goto exit; + } status = PSA_SUCCESS; exit: From 10d42b686ad3e84af6019fae12d9ba010e2d122e Mon Sep 17 00:00:00 2001 From: Unknown Date: Wed, 28 Aug 2019 02:29:20 -0400 Subject: [PATCH 1766/2197] Unify gcc and clang cmake flags to test with UBsan Previously, not all flags were supported by the gcc version that was used (pre-4.9). Now, since the minimum version gcc version tested is 5.4, the flags can be unified. --- CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 16d71979a..81fa6cb89 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -137,8 +137,8 @@ if(CMAKE_COMPILER_IS_GNU) set(CMAKE_C_FLAGS_RELEASE "-O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") - set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -O3") - set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ") + set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") + set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") set(CMAKE_C_FLAGS_CHECK "-Werror -Os") set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual") endif(CMAKE_COMPILER_IS_GNU) @@ -149,7 +149,7 @@ if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") - set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ") + set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") set(CMAKE_C_FLAGS_MEMSAN "-Werror -fsanitize=memory -O3") set(CMAKE_C_FLAGS_MEMSANDBG "-Werror -fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") set(CMAKE_C_FLAGS_CHECK "-Werror -Os") From f094b53e8e6dff79cb62aaff532215b3b2f8e092 Mon Sep 17 00:00:00 2001 From: Unknown Date: Tue, 3 Sep 2019 07:52:21 -0400 Subject: [PATCH 1767/2197] all.sh: disable MEMORY_BUFFER_ALLOC in cmake asan build Enabling MBEDTLS_MEMORY_BUFFER_ALLOC_C bypasses ASan leak checks because system calloc() and free() aren't used. --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 244fdc327..20458af2c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -701,7 +701,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan" scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl set MBEDTLS_ECP_RESTARTABLE # not using PSA, so enable restartable ECC scripts/config.pl set MBEDTLS_PSA_CRYPTO_C scripts/config.pl unset MBEDTLS_USE_PSA_CRYPTO From 8b193c10cac024b7e33320818cbb3b156efb8d1e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Sep 2019 17:58:13 +0200 Subject: [PATCH 1768/2197] Check inputs too --- docs/architecture/testing/driver-interface-test-strategy.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/architecture/testing/driver-interface-test-strategy.md b/docs/architecture/testing/driver-interface-test-strategy.md index 2f31c0010..d6769da0b 100644 --- a/docs/architecture/testing/driver-interface-test-strategy.md +++ b/docs/architecture/testing/driver-interface-test-strategy.md @@ -41,6 +41,7 @@ For each API function that can lead to a driver call (more precisely, for each d * Wherever the specification guarantees parameters that satisfy certain preconditions, check these preconditions whenever practical. * If the API function can take parameters that are invalid and must not reach the driver, call the API function with such parameters and verify that the driver method is not called. +* Check that the expected inputs reach the driver. This may be implicit in a test that checks the outputs if the only realistic way to obtain the correct outputs is to start from the expected inputs (as is often the case for cryptographic material, but not for metadata). #### SE driver outputs From 77233ec411c1642c79c81ccaf8b665063faba540 Mon Sep 17 00:00:00 2001 From: Alexander K Date: Thu, 5 Sep 2019 21:37:39 +0300 Subject: [PATCH 1769/2197] Fix misprint --- library/ecp_curves.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 400f208a0..941ac69e1 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -836,7 +836,7 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ default: - grp->id = id; + grp->id = 0; return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); } } From 5c196fb599f82ce8a7325b95fd7d15c6946b17fd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 May 2019 12:04:41 +0200 Subject: [PATCH 1770/2197] Readability improvements No indented semantic change. --- scripts/generate_psa_constants.py | 17 +++++++------ tests/scripts/test_psa_constant_names.py | 31 ++++++++++++++---------- 2 files changed, 28 insertions(+), 20 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index bf76c2d7b..91d0b29d6 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -205,9 +205,12 @@ class MacroCollector: self.key_usages = set() # "#define" followed by a macro name with either no parameters - # or a single parameter. Grab the macro name in group 1, the - # parameter name if any in group 2 and the definition in group 3. - definition_re = re.compile(r'\s*#\s*define\s+(\w+)(?:\s+|\((\w+)\)\s*)(.+)(?:/[*/])?') + # or a single parameter and a non-empty expansion. + # Grab the macro name in group 1, the parameter name if any in group 2 + # and the expansion in group 3. + _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' + + r'(?:\s+|\((\w+)\)\s*)' + + r'(.+)(?:/[*/])?') def read_line(self, line): """Parse a C header line and record the PSA identifier it defines if any. @@ -215,10 +218,10 @@ class MacroCollector: (up to non-significant whitespace) and skips all non-matching lines. """ # pylint: disable=too-many-branches - m = re.match(self.definition_re, line) + m = re.match(self._define_directive_re, line) if not m: return - name, parameter, definition = m.groups() + name, parameter, expansion = m.groups() if name.endswith('_FLAG') or name.endswith('MASK'): # Macro only to build actual values return @@ -251,10 +254,10 @@ class MacroCollector: return self.algorithms.add(name) # Ad hoc detection of hash algorithms - if re.search(r'0x010000[0-9A-Fa-f]{2}', definition): + if re.search(r'0x010000[0-9A-Fa-f]{2}', expansion): self.hash_algorithms.add(name) # Ad hoc detection of key agreement algorithms - if re.search(r'0x30[0-9A-Fa-f]{2}0000', definition): + if re.search(r'0x30[0-9A-Fa-f]{2}0000', expansion): self.ka_algorithms.add(name) elif name.startswith('PSA_ALG_') and parameter == 'hash_alg': if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']: diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index cf3a2243a..1469c3d41 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -159,19 +159,24 @@ class Inputs: # Regex of macro names to exclude. _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') # Additional excluded macros. - # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script - # currently doesn't support them. Deprecated errors are also excluded. - _excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', - 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE', - 'PSA_ALG_FULL_LENGTH_MAC', - 'PSA_ALG_ECDH', - 'PSA_ALG_FFDH', - 'PSA_ERROR_UNKNOWN_ERROR', - 'PSA_ERROR_OCCUPIED_SLOT', - 'PSA_ERROR_EMPTY_SLOT', - 'PSA_ERROR_INSUFFICIENT_CAPACITY', - ]) - + _excluded_names = set([ + # Macros that provide an alternative way to build the same + # algorithm as another macro. + 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH', + 'PSA_ALG_FULL_LENGTH_MAC', + # Auxiliary macro whose name doesn't fit the usual patterns for + # auxiliary macros. + 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE', + # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script + # currently doesn't support them. + 'PSA_ALG_ECDH', + 'PSA_ALG_FFDH', + # Deprecated aliases. + 'PSA_ERROR_UNKNOWN_ERROR', + 'PSA_ERROR_OCCUPIED_SLOT', + 'PSA_ERROR_EMPTY_SLOT', + 'PSA_ERROR_INSUFFICIENT_CAPACITY', + ]) def parse_header_line(self, line): """Parse a C header line, looking for "#define PSA_xxx".""" m = re.match(self._header_line_re, line) From f30d4d9b34420f577852f90b4e0b4e85783efe67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 May 2019 12:05:19 +0200 Subject: [PATCH 1771/2197] More accurate parsing of #define directives Support continuation lines and remove comments. --- scripts/generate_psa_constants.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 91d0b29d6..a3cd130a0 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -210,7 +210,7 @@ class MacroCollector: # and the expansion in group 3. _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' + r'(?:\s+|\((\w+)\)\s*)' + - r'(.+)(?:/[*/])?') + r'(.+)') def read_line(self, line): """Parse a C header line and record the PSA identifier it defines if any. @@ -222,6 +222,7 @@ class MacroCollector: if not m: return name, parameter, expansion = m.groups() + expansion = re.sub(r'/\*.*?\*/|//.*', r' ', expansion) if name.endswith('_FLAG') or name.endswith('MASK'): # Macro only to build actual values return @@ -274,6 +275,9 @@ class MacroCollector: def read_file(self, header_file): for line in header_file: + while line.endswith('\\\n'): + cont = next(header_file) + line = line[:-2] + cont self.read_line(line) @staticmethod From 33b84f4db7cf33dbc486b937e423865b84b1e165 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 May 2019 12:05:59 +0200 Subject: [PATCH 1772/2197] Omit all deprecated definitions rather than a hard-coded list Rather than hard-coding a list of deprecated aliases, assume that anything that's deprecated is an alias or otherwise not desired. --- scripts/generate_psa_constants.py | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index a3cd130a0..c2d255809 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -211,6 +211,7 @@ class MacroCollector: _define_directive_re = re.compile(r'\s*#\s*define\s+(\w+)' + r'(?:\s+|\((\w+)\)\s*)' + r'(.+)') + _deprecated_definition_re = re.compile(r'\s*MBEDTLS_DEPRECATED') def read_line(self, line): """Parse a C header line and record the PSA identifier it defines if any. @@ -223,20 +224,16 @@ class MacroCollector: return name, parameter, expansion = m.groups() expansion = re.sub(r'/\*.*?\*/|//.*', r' ', expansion) + if re.match(self._deprecated_definition_re, expansion): + # Skip deprecated values, which are assumed to be + # backward compatibility aliases that share + # numerical values with non-deprecated values. + return if name.endswith('_FLAG') or name.endswith('MASK'): # Macro only to build actual values return elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \ and not parameter: - if name in ['PSA_ERROR_UNKNOWN_ERROR', - 'PSA_ERROR_OCCUPIED_SLOT', - 'PSA_ERROR_EMPTY_SLOT', - 'PSA_ERROR_INSUFFICIENT_CAPACITY', - ]: - # Ad hoc skipping of deprecated error codes, which share - # numerical values with non-deprecated error codes - return - self.statuses.add(name) elif name.startswith('PSA_KEY_TYPE_') and not parameter: self.key_types.add(name) From 19835128034658467fc495380704754edb0795d1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 17 May 2019 12:06:55 +0200 Subject: [PATCH 1773/2197] Add backward compatibility alias for PSA_ERROR_CORRUPTION_DETECTED This was renamed from PSA_ERROR_TAMPERING_DETECTED. Add a backward compatibility alias in case somebody was already using it. --- include/psa/crypto_extra.h | 11 ++--------- tests/scripts/test_psa_constant_names.py | 1 + 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 636c88110..f0e47821c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -45,21 +45,14 @@ extern "C" { #if !defined(MBEDTLS_DEPRECATED_REMOVED) #define PSA_ERROR_UNKNOWN_ERROR \ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) #define PSA_ERROR_OCCUPIED_SLOT \ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) #define PSA_ERROR_EMPTY_SLOT \ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) #define PSA_ERROR_INSUFFICIENT_CAPACITY \ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) +#define PSA_ERROR_TAMPERING_DETECTED \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_CORRUPTION_DETECTED ) #endif /** \addtogroup attributes diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 1469c3d41..724f8d94b 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -176,6 +176,7 @@ class Inputs: 'PSA_ERROR_OCCUPIED_SLOT', 'PSA_ERROR_EMPTY_SLOT', 'PSA_ERROR_INSUFFICIENT_CAPACITY', + 'PSA_ERROR_TAMPERING_DETECTED', ]) def parse_header_line(self, line): """Parse a C header line, looking for "#define PSA_xxx".""" From 51681556cfdeb9db9ba5c39e95ef0593db346329 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 May 2019 19:35:37 +0200 Subject: [PATCH 1774/2197] PSA return status coverage script Add infrastructure to run unit tests and collect the return values for every PSA API function that returns psa_status_t. ./tests/scripts/psa_collect_statuses.py >statuses.txt --- tests/.gitignore | 2 + tests/Makefile | 10 +++ tests/psa_crypto_helpers.h | 55 ++++++++++++ tests/scripts/psa_collect_statuses.py | 125 ++++++++++++++++++++++++++ 4 files changed, 192 insertions(+) create mode 100755 tests/scripts/psa_collect_statuses.py diff --git a/tests/.gitignore b/tests/.gitignore index 3c9b0cf25..fbbd0dfe2 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -7,3 +7,5 @@ data_files/mpi_write data_files/hmac_drbg_seed data_files/ctr_drbg_seed data_files/entropy_seed + +/instrument_record_status.h diff --git a/tests/Makefile b/tests/Makefile index 4eb914231..f7505b602 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -28,6 +28,10 @@ ifdef DEBUG LOCAL_CFLAGS += -g3 endif +ifdef RECORD_PSA_STATUS_COVERAGE_LOG +LOCAL_CFLAGS += -Werror -DRECORD_PSA_STATUS_COVERAGE_LOG +endif + # if we're running on Windows, build for Windows ifdef WINDOWS WINDOWS_BUILD=1 @@ -163,3 +167,9 @@ endif endef $(foreach app, $(APPS), $(foreach file, $(wildcard *.h), \ $(eval $(call copy_header_to_target,$(app),$(file))))) + +ifdef RECORD_PSA_STATUS_COVERAGE_LOG +$(BINARIES): instrument_record_status.h +instrument_record_status.h: ../include/psa/crypto.h Makefile + sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p' +endif diff --git a/tests/psa_crypto_helpers.h b/tests/psa_crypto_helpers.h index 3780d161a..19303de57 100644 --- a/tests/psa_crypto_helpers.h +++ b/tests/psa_crypto_helpers.h @@ -72,4 +72,59 @@ static void test_helper_psa_done( int line, const char *file ) */ #define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ ) + + +#if defined(RECORD_PSA_STATUS_COVERAGE_LOG) +#include + +/** Name of the file where return statuses are logged by #RECORD_STATUS. */ +#define STATUS_LOG_FILE_NAME "statuses.log" + +static psa_status_t record_status( psa_status_t status, + const char *func, + const char *file, int line, + const char *expr ) +{ + /* We open the log file on first use. + * We never close the log file, so the record_status feature is not + * compatible with resource leak detectors such as Asan. + */ + static FILE *log; + if( log == NULL ) + log = fopen( STATUS_LOG_FILE_NAME, "a" ); + fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr ); + return( status ); +} + +/** Return value logging wrapper macro. + * + * Evaluate \p expr. Write a line recording its value to the log file + * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated + * list of fields: + * ``` + * value of expr:string:__FILE__:__LINE__:expr + * ``` + * + * The test code does not call this macro explicitly because that would + * be very invasive. Instead, we instrument the source code by defining + * a bunch of wrapper macros like + * ``` + * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init()) + * ``` + * These macro definitions must be present in `instrument_record_status.h` + * when building the test suites. + * + * \param string A string, normally a function name. + * \param expr An expression to evaluate, normally a call of the function + * whose name is in \p string. This expression must return + * a value of type #psa_status_t. + * \return The value of \p expr. + */ +#define RECORD_STATUS( string, expr ) \ + record_status( ( expr ), string, __FILE__, __LINE__, #expr ) + +#include "instrument_record_status.h" + +#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ + #endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py new file mode 100755 index 000000000..e38beeac3 --- /dev/null +++ b/tests/scripts/psa_collect_statuses.py @@ -0,0 +1,125 @@ +#!/usr/bin/env python3 +"""Describe the test coverage of PSA functions in terms of return statuses. + +1. Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG +2. Run psa_collect_statuses.py + +The output is a series of line of the form "psa_foo PSA_ERROR_XXX". Each +function/status combination appears only once. + +This script must be run from the top of an Mbed Crypto source tree. +The build command is "make -DRECORD_PSA_STATUS_COVERAGE_LOG", which is +only supported with make (as opposed to CMake or other build methods). +""" + +import argparse +import os +import subprocess +import sys + +DEFAULT_STATUS_LOG_FILE = 'tests/statuses.log' +DEFAULT_PSA_CONSTANT_NAMES = 'programs/psa/psa_constant_names' + +class Statuses: + """Information about observed return statues of API functions.""" + + def __init__(self): + self.functions = {} + self.codes = set() + self.status_names = {} + + def collect_log(self, log_file_name): + """Read logs from RECORD_PSA_STATUS_COVERAGE_LOG. + + Read logs produced by running Mbed Crypto test suites built with + -DRECORD_PSA_STATUS_COVERAGE_LOG. + """ + with open(log_file_name) as log: + for line in log: + value, function, tail = line.split(':', 2) + if function not in self.functions: + self.functions[function] = {} + fdata = self.functions[function] + if value not in self.functions[function]: + fdata[value] = [] + fdata[value].append(tail) + self.codes.add(int(value)) + + def get_constant_names(self, psa_constant_names): + """Run psa_constant_names to obtain names for observed numerical values.""" + values = [str(value) for value in self.codes] + cmd = [psa_constant_names, 'status'] + values + output = subprocess.check_output(cmd).decode('ascii') + for value, name in zip(values, output.rstrip().split('\n')): + self.status_names[value] = name + + def report(self): + """Report observed return values for each function. + + The report is a series of line of the form "psa_foo PSA_ERROR_XXX". + """ + for function in sorted(self.functions.keys()): + fdata = self.functions[function] + names = [self.status_names[value] for value in fdata.keys()] + for name in sorted(names): + sys.stdout.write('{} {}\n'.format(function, name)) + +def collect_status_logs(options): + """Build and run unit tests and report observed function return statuses. + + Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the + test suites and display information about observed return statuses. + """ + rebuilt = False + if not options.use_existing_log and os.path.exists(options.log_file): + os.remove(options.log_file) + if not os.path.exists(options.log_file): + if options.clean_before: + subprocess.check_call(['make', 'clean'], + cwd='tests', + stdout=sys.stderr) + with open(os.devnull, 'w') as devnull: + make_q_ret = subprocess.call(['make', '-q', 'lib', 'tests'], + stdout=devnull, stderr=devnull) + if make_q_ret != 0: + subprocess.check_call(['make', 'RECORD_PSA_STATUS_COVERAGE_LOG=1'], + stdout=sys.stderr) + rebuilt = True + subprocess.check_call(['make', 'test'], + stdout=sys.stderr) + data = Statuses() + data.collect_log(options.log_file) + data.get_constant_names(options.psa_constant_names) + if rebuilt and options.clean_after: + subprocess.check_call(['make', 'clean'], + cwd='tests', + stdout=sys.stderr) + return data + +def main(): + parser = argparse.ArgumentParser(description=globals()['__doc__']) + parser.add_argument('--clean-after', + action='store_true', + help='Run "make clean" after rebuilding') + parser.add_argument('--clean-before', + action='store_true', + help='Run "make clean" before regenerating the log file)') + parser.add_argument('--log-file', metavar='FILE', + default=DEFAULT_STATUS_LOG_FILE, + help='Log file location (default: {})'.format( + DEFAULT_STATUS_LOG_FILE + )) + parser.add_argument('--psa-constant-names', metavar='PROGRAM', + default=DEFAULT_PSA_CONSTANT_NAMES, + help='Path to psa_constant_names (default: {})'.format( + DEFAULT_PSA_CONSTANT_NAMES + )) + parser.add_argument('--use-existing-log', '-e', + action='store_true', + help='Don\'t regenerate the log file if it exists') + options = parser.parse_args() + data = collect_status_logs(options) + data.report() + +if __name__ == '__main__': + main() From be061337c1299270b649ec2fe97c3fccedbfb36e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jul 2019 13:52:30 +0200 Subject: [PATCH 1775/2197] Document more error codes --- include/psa/crypto.h | 8 ++++++++ include/psa/crypto_values.h | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d5e713e06..e8d37a7b9 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1996,6 +1996,14 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The total input size passed to this operation is not valid for + * this particular algorithm. For example, the algorithm is a based + * on block cipher and requires a whole number of blocks, but the + * total input size is not a multiple of the block size. + * \retval #PSA_ERROR_INVALID_PADDING + * This is a decryption operation for an algorithm that includes + * padding, and the ciphertext does not contain valid padding. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not set up, IV required but * not set, or already completed). diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index b53e1c769..fc0f9637f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -149,7 +149,7 @@ * * \warning If a function returns this error, it is undetermined * whether the requested action has completed or not. Implementations - * should return #PSA_SUCCESS on successful completion whenver + * should return #PSA_SUCCESS on successful completion whenever * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE * if the requested action was completed successfully in an external * cryptoprocessor but there was a breakdown of communication before From 75cc771d3a7fc90d7e4030b5de0dce48cef3fc4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Sep 2019 19:47:17 +0200 Subject: [PATCH 1776/2197] Run psa_collect_statuses.py in all.sh Since it needs a slightly different build, even if that's only for the tests, make it its own component. --- tests/scripts/all.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 20458af2c..e3a8c0e31 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -629,6 +629,16 @@ component_test_everest () { make test } +component_test_psa_collect_statuses () { + msg "build+test: psa_collect_statuses" # ~30s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # slow and irrelevant + record_status tests/scripts/psa_collect_statuses.py + # Check that psa_crypto_init() succeeded at least once + record_status grep -q '^0:psa_crypto_init:' tests/statuses.log + rm -f tests/statuses.log +} + component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s scripts/config.pl full From 970629fc9a3959e9d2d5c8e493215d6c2af3edfa Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Mon, 9 Sep 2019 09:56:34 +0100 Subject: [PATCH 1777/2197] Fix grammar. --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f6211a800..9d141b29e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -414,7 +414,7 @@ psa_status_t psa_open_key(psa_key_id_t id, * Closing the key handle makes the handle invalid, and the key handle * must not be used again by the application. * - * \note If the key handle was used to setup an active + * \note If the key handle was used to set up an active * :ref:\`multipart operation \`, then closing the * key handle can cause the multipart operation to fail. Applications should * maintain the key handle until after the multipart operation has finished. From 1ff67cc65cf08ebbdff01fa46dd412dfee795f89 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 9 Sep 2019 18:25:13 +0200 Subject: [PATCH 1778/2197] Build the driver interface test strategy document --- docs/architecture/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile index f763c9c54..5bde64044 100644 --- a/docs/architecture/Makefile +++ b/docs/architecture/Makefile @@ -4,6 +4,7 @@ default: all all_markdown = \ mbed-crypto-storage-specification.md \ + testing/driver-interface-test-strategy.md \ # This line is intentionally left blank html: $(all_markdown:.md=.html) From 4b3db7382d0a5596a53b67a2a1ea0006d66fe38b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 9 Sep 2019 18:26:20 +0200 Subject: [PATCH 1779/2197] Add "clean" rule --- docs/architecture/Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile index 5bde64044..258abcdb0 100644 --- a/docs/architecture/Makefile +++ b/docs/architecture/Makefile @@ -18,3 +18,6 @@ all: html pdf $(PANDOC) -o $@ $< .md.pdf: $(PANDOC) -o $@ $< + +clean: + rm -f *.html *.pdf From 296eca6e76d986989bf2274a59e243fd0c59c661 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Tue, 10 Sep 2019 15:21:37 +0300 Subject: [PATCH 1780/2197] Fix a buffer overflow in hmac_setup_internal At the end of `psa_hmac_setup_internal()`, the ipad is cleared. However, the size that was given to clear was `key_len` which is larger than the size of `ipad`. --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a80f13de3..98239c32e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2735,7 +2735,7 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, status = psa_hash_update( &hmac->hash_ctx, ipad, block_size ); cleanup: - mbedtls_platform_zeroize( ipad, key_length ); + mbedtls_platform_zeroize( ipad, sizeof(ipad) ); return( status ); } From 56a74cdcc9dfcf0f4355ecdc10538496c6719f9d Mon Sep 17 00:00:00 2001 From: Alexander K Date: Tue, 10 Sep 2019 17:58:20 +0300 Subject: [PATCH 1781/2197] Replace 0 by MBEDTLS_ECP_DP_NONE to avoid IAR compiler complains --- library/ecp_curves.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 941ac69e1..dcc70739d 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -836,7 +836,7 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ default: - grp->id = 0; + grp->id = MBEDTLS_ECP_DP_NONE; return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); } } From 16cca804fb2d2dca53f9eb2abffa5ee9bc697f34 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 11 Sep 2019 10:14:48 +0300 Subject: [PATCH 1782/2197] Add non regression test Add a test that adds a very long key for an unsupported algorithm. --- tests/suites/test_suite_psa_crypto.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8eee9893d..ca57530c4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -995,6 +995,10 @@ PSA MAC verify: CMAC-AES-128, truncated to 4 bytes depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747" +PSA MAC setup: incompatible key MD for HMAC +depends_on:!MBEDTLS_MD5_C +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + Cipher operation object initializers zero properly cipher_operation_init: From 5a0f45b61bb97e404eac9dfa4a01eca31aa658bb Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 11 Sep 2019 14:09:08 +0300 Subject: [PATCH 1783/2197] Modify tests 1. Rephrase test description and move it to the section where all other same tests are located. 2. Add another test for short key. --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ca57530c4..58b7eabf1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -799,6 +799,14 @@ depends_on:MBEDTLS_CMAC_C # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED +PSA MAC setup: algorithm known but not supported, long key +depends_on:!MBEDTLS_MD5_C +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA MAC setup: algorithm known but not supported, short key +depends_on:!MBEDTLS_MD5_C +mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + PSA MAC: bad order function calls depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_bad_order: @@ -995,10 +1003,6 @@ PSA MAC verify: CMAC-AES-128, truncated to 4 bytes depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747" -PSA MAC setup: incompatible key MD for HMAC -depends_on:!MBEDTLS_MD5_C -mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED - Cipher operation object initializers zero properly cipher_operation_init: From 4c61c1a736a957515c4a3e4d254ef8ed00cc2298 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Wed, 11 Sep 2019 14:40:51 +0100 Subject: [PATCH 1784/2197] Move psa_destroy_key and psa_copy_key to Key Management section --- include/psa/crypto.h | 267 ++++++++++++++++++++++--------------------- 1 file changed, 136 insertions(+), 131 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 71bad3b7a..5288815c3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -443,6 +443,140 @@ psa_status_t psa_open_key(psa_key_id_t id, */ psa_status_t psa_close_key(psa_key_handle_t handle); +/** Make a copy of a key. + * + * Copy key material from one location to another. + * + * This function is primarily useful to copy a key from one location + * to another, since it populates a key using the material from + * another key which may have a different lifetime. + * + * This function may be used to share a key with a different party, + * subject to implementation-defined restrictions on key sharing. + * + * The policy on the source key must have the usage flag + * #PSA_KEY_USAGE_COPY set. + * This flag is sufficient to permit the copy if the key has the lifetime + * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT. + * Some secure elements do not provide a way to copy a key without + * making it extractable from the secure element. If a key is located + * in such a secure element, then the key must have both usage flags + * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make + * a copy of the key outside the secure element. + * + * The resulting key may only be used in a way that conforms to + * both the policy of the original key and the policy specified in + * the \p attributes parameter: + * - The usage flags on the resulting key are the bitwise-and of the + * usage flags on the source policy and the usage flags in \p attributes. + * - If both allow the same algorithm or wildcard-based + * algorithm policy, the resulting key has the same algorithm policy. + * - If either of the policies allows an algorithm and the other policy + * allows a wildcard-based algorithm policy that includes this algorithm, + * the resulting key allows the same algorithm. + * - If the policies do not allow any algorithm in common, this function + * fails with the status #PSA_ERROR_INVALID_ARGUMENT. + * + * The effect of this function on implementation-defined attributes is + * implementation-defined. + * + * \param source_handle The key to copy. It must be a valid key handle. + * \param[in] attributes The attributes for the new key. + * They are used as follows: + * - The key type and size may be 0. If either is + * nonzero, it must match the corresponding + * attribute of the source key. + * - The key location (the lifetime and, for + * persistent keys, the key identifier) is + * used directly. + * - The policy constraints (usage flags and + * algorithm policy) are combined from + * the source key and \p attributes so that + * both sets of restrictions apply, as + * described in the documentation of this function. + * \param[out] target_handle On success, a handle to the newly created key. + * \c 0 on failure. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \p source_handle is invalid. + * \retval #PSA_ERROR_ALREADY_EXISTS + * This is an attempt to create a persistent key, and there is + * already a persistent key with the given identifier. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The lifetime or identifier in \p attributes are invalid. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The policy constraints on the source and specified in + * \p attributes are incompatible. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p attributes specifies a key type or key size + * which does not match the attributes of the source key. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. + * \retval #PSA_ERROR_NOT_PERMITTED + * The source key is not exportable and its lifetime does not + * allow copying it to the target's lifetime. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_copy_key(psa_key_handle_t source_handle, + const psa_key_attributes_t *attributes, + psa_key_handle_t *target_handle); + + +/** + * \brief Destroy a key. + * + * This function destroys a key from both volatile + * memory and, if applicable, non-volatile storage. Implementations shall + * make a best effort to ensure that that the key material cannot be recovered. + * + * This function also erases any metadata such as policies and frees + * resources associated with the key. To free all resources associated with + * the key, all handles to the key must be closed or destroyed. + * + * Destroying the key makes the handle invalid, and the key handle + * must not be used again by the application. Using other open handles to the + * destroyed key in a cryptographic operation will result in an error. + * + * If a key is currently in use in a multipart operation, then destroying the + * key will cause the multipart operation to fail. + * + * \param handle Handle to the key to erase. + * + * \retval #PSA_SUCCESS + * The key material has been erased. + * \retval #PSA_ERROR_NOT_PERMITTED + * The key cannot be erased because it is + * read-only, either due to a policy or due to physical restrictions. + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * There was an failure in communication with the cryptoprocessor. + * The key material may still be present in the cryptoprocessor. + * \retval #PSA_ERROR_STORAGE_FAILURE + * The storage is corrupted. Implementations shall make a best effort + * to erase key material even in this stage, however applications + * should be aware that it may be impossible to guarantee that the + * key material is not recoverable in such cases. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * An unexpected condition which is not a storage corruption or + * a communication failure occurred. The cryptoprocessor may have + * been compromised. + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_destroy_key(psa_key_handle_t handle); + /**@}*/ /** \defgroup import_export Key import and export @@ -519,50 +653,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, size_t data_length, psa_key_handle_t *handle); -/** - * \brief Destroy a key. - * - * This function destroys a key from both volatile - * memory and, if applicable, non-volatile storage. Implementations shall - * make a best effort to ensure that that the key material cannot be recovered. - * - * This function also erases any metadata such as policies and frees - * resources associated with the key. To free all resources associated with - * the key, all handles to the key must be closed or destroyed. - * - * Destroying the key makes the handle invalid, and the key handle - * must not be used again by the application. Using other open handles to the - * destroyed key in a cryptographic operation will result in an error. - * - * If a key is currently in use in a multipart operation, then destroying the - * key will cause the multipart operation to fail. - * - * \param handle Handle to the key to erase. - * - * \retval #PSA_SUCCESS - * The key material has been erased. - * \retval #PSA_ERROR_NOT_PERMITTED - * The key cannot be erased because it is - * read-only, either due to a policy or due to physical restrictions. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * There was an failure in communication with the cryptoprocessor. - * The key material may still be present in the cryptoprocessor. - * \retval #PSA_ERROR_STORAGE_FAILURE - * The storage is corrupted. Implementations shall make a best effort - * to erase key material even in this stage, however applications - * should be aware that it may be impossible to guarantee that the - * key material is not recoverable in such cases. - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * An unexpected condition which is not a storage corruption or - * a communication failure occurred. The cryptoprocessor may have - * been compromised. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_destroy_key(psa_key_handle_t handle); + /** * \brief Export a key in binary format. @@ -722,93 +813,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle, size_t data_size, size_t *data_length); -/** Make a copy of a key. - * - * Copy key material from one location to another. - * - * This function is primarily useful to copy a key from one location - * to another, since it populates a key using the material from - * another key which may have a different lifetime. - * - * This function may be used to share a key with a different party, - * subject to implementation-defined restrictions on key sharing. - * - * The policy on the source key must have the usage flag - * #PSA_KEY_USAGE_COPY set. - * This flag is sufficient to permit the copy if the key has the lifetime - * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT. - * Some secure elements do not provide a way to copy a key without - * making it extractable from the secure element. If a key is located - * in such a secure element, then the key must have both usage flags - * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make - * a copy of the key outside the secure element. - * - * The resulting key may only be used in a way that conforms to - * both the policy of the original key and the policy specified in - * the \p attributes parameter: - * - The usage flags on the resulting key are the bitwise-and of the - * usage flags on the source policy and the usage flags in \p attributes. - * - If both allow the same algorithm or wildcard-based - * algorithm policy, the resulting key has the same algorithm policy. - * - If either of the policies allows an algorithm and the other policy - * allows a wildcard-based algorithm policy that includes this algorithm, - * the resulting key allows the same algorithm. - * - If the policies do not allow any algorithm in common, this function - * fails with the status #PSA_ERROR_INVALID_ARGUMENT. - * - * The effect of this function on implementation-defined attributes is - * implementation-defined. - * - * \param source_handle The key to copy. It must be a valid key handle. - * \param[in] attributes The attributes for the new key. - * They are used as follows: - * - The key type and size may be 0. If either is - * nonzero, it must match the corresponding - * attribute of the source key. - * - The key location (the lifetime and, for - * persistent keys, the key identifier) is - * used directly. - * - The policy constraints (usage flags and - * algorithm policy) are combined from - * the source key and \p attributes so that - * both sets of restrictions apply, as - * described in the documentation of this function. - * \param[out] target_handle On success, a handle to the newly created key. - * \c 0 on failure. - * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \p source_handle is invalid. - * \retval #PSA_ERROR_ALREADY_EXISTS - * This is an attempt to create a persistent key, and there is - * already a persistent key with the given identifier. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The lifetime or identifier in \p attributes are invalid. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The policy constraints on the source and specified in - * \p attributes are incompatible. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p attributes specifies a key type or key size - * which does not match the attributes of the source key. - * \retval #PSA_ERROR_NOT_PERMITTED - * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. - * \retval #PSA_ERROR_NOT_PERMITTED - * The source key is not exportable and its lifetime does not - * allow copying it to the target's lifetime. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). - * It is implementation-dependent whether a failure to initialize - * results in this error code. - */ -psa_status_t psa_copy_key(psa_key_handle_t source_handle, - const psa_key_attributes_t *attributes, - psa_key_handle_t *target_handle); + /**@}*/ From 5605591cc183c5d31e0e8dd17ffea9c1432118fd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 14:26:30 +0100 Subject: [PATCH 1785/2197] Report step number when a test case fails Allow test code to declare a "step number". Report the current step number when a test fails. --- tests/suites/helpers.function | 14 ++++++++++++++ tests/suites/host_test.function | 13 ++++++++++--- tests/suites/target_test.function | 1 + 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 1a524a677..d45fd4ea7 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -393,6 +393,7 @@ static struct const char *test; const char *filename; int line_no; + unsigned long step; } test_info; @@ -423,6 +424,19 @@ jmp_buf jmp_tmp; /*----------------------------------------------------------------------------*/ /* Helper Functions */ +/** Set the test step number for failure reports. + * + * Call this function to display "step NNN" in addition to the line number + * and file name if a test fails. Typically the "step number" is the index + * of a for loop but it can be whatever you want. + * + * \param step The step number to report. + */ +void test_set_step( unsigned long step ) +{ + test_info.step = step; +} + void test_fail( const char *test, int line_no, const char* filename ) { test_info.result = TEST_RESULT_FAILED; diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 0f98d23aa..24d9b9747 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -548,6 +548,7 @@ int execute_tests( int argc , const char ** argv ) { test_info.result = TEST_RESULT_SUCCESS; test_info.paramfail_test_state = PARAMFAIL_TESTSTATE_IDLE; + test_info.step = (unsigned long)( -1 ); #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) /* Suppress all output from the library unless we're verbose @@ -624,9 +625,15 @@ int execute_tests( int argc , const char ** argv ) { total_errors++; mbedtls_fprintf( stdout, "FAILED\n" ); - mbedtls_fprintf( stdout, " %s\n at line %d, %s\n", - test_info.test, test_info.line_no, - test_info.filename ); + mbedtls_fprintf( stdout, " %s\n at ", + test_info.test ); + if( test_info.step != (unsigned long)( -1 ) ) + { + mbedtls_fprintf( stdout, "step %lu, ", + test_info.step ); + } + mbedtls_fprintf( stdout, "line %d, %s", + test_info.line_no, test_info.filename ); } fflush( stdout ); } diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index 91f719873..937e8dd72 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -375,6 +375,7 @@ int execute_tests( int args, const char ** argv ) { ret = 0; test_info.result = TEST_RESULT_SUCCESS; + test_info.step = (unsigned long)( -1 ); data_len = 0; data = receive_data( &data_len ); From bcbe1dfb23f05c5b3431c96dc187ea2b1cffbe03 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 17:57:43 +0100 Subject: [PATCH 1786/2197] Improve the documentation of ASN.1 parsing functions Document preconditions on parameters, values changed through pointers, and error codes. This commit leaves some issues regarding integers (especially negative integers) open, because we don't have a policy decision on how to handle them yet. --- include/mbedtls/asn1.h | 227 +++++++++++++++++++++++++++++------------ 1 file changed, 161 insertions(+), 66 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index ab947ab7e..6891bb9c3 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -176,119 +176,203 @@ mbedtls_asn1_named_data; * \brief Get the length of an ASN.1 element. * Updates the pointer to immediately behind the length. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param len The variable that will receive the value + * \param p On entry, \c *p points to the first byte of the length, + * i.e. immediately after the tag. + * On successful completion, \c *p points to the first byte + * after the length, i.e. the first byte of the content. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param len On successful completion, \c *len contains the lengtth + * read from the ASN.1 input. * - * \return 0 if successful, MBEDTLS_ERR_ASN1_OUT_OF_DATA on reaching - * end of data, MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is - * unparseable. + * \return 0 if successful. + * \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element + * would end beyond \p end. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable. */ int mbedtls_asn1_get_len( unsigned char **p, - const unsigned char *end, - size_t *len ); + const unsigned char *end, + size_t *len ); /** - * \brief Get the tag and length of the tag. Check for the requested tag. + * \brief Get the tag and length of the element. + * Check for the requested tag. * Updates the pointer to immediately behind the tag and length. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param len The variable that will receive the length - * \param tag The expected tag + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * after the length, i.e. the first byte of the content. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param len On successful completion, \c *len contains the lengtth + * read from the ASN.1 input. + * \param tag The expected tag. * - * \return 0 if successful, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did - * not match requested tag, or another specific ASN.1 error code. + * \return 0 if successful. + * \return #MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the data does not start + * with the requested tag. + * \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element + * would end beyond \p end. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable. */ int mbedtls_asn1_get_tag( unsigned char **p, - const unsigned char *end, - size_t *len, int tag ); + const unsigned char *end, + size_t *len, int tag ); /** * \brief Retrieve a boolean ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param val The variable that will receive the value + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * beyond the ASN.1 element. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param val On success, the parsed value (\c 0 or \c 1). * - * \return 0 if successful or a specific ASN.1 error code. + * \return 0 if successful. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 BOOLEAN. */ int mbedtls_asn1_get_bool( unsigned char **p, - const unsigned char *end, - int *val ); + const unsigned char *end, + int *val ); /** * \brief Retrieve an integer ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param val The variable that will receive the value + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * beyond the ASN.1 element. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param val On success, the parsed value. * - * \return 0 if successful or a specific ASN.1 error code. + * \return 0 if successful. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 INTEGER. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does + * not fit in an \c int. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 INTEGER. */ int mbedtls_asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ); + const unsigned char *end, + int *val ); /** * \brief Retrieve a bitstring ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param bs The variable that will receive the value + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p is equal to \p end. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param bs On success, ::mbedtls_asn1_bitstring information about + * the parsed value. * - * \return 0 if successful or a specific ASN.1 error code. + * \return 0 if successful. + * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input contains + * extra data after a valid BIT STRING. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 BIT STRING. */ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, - mbedtls_asn1_bitstring *bs); + mbedtls_asn1_bitstring *bs ); /** * \brief Retrieve a bitstring ASN.1 tag without unused bits and its * value. * Updates the pointer to the beginning of the bit/octet string. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param len Length of the actual bit/octect string in bytes + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * of the content of the BIT STRING. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param len On success, \c *len is the length of the content in bytes. * - * \return 0 if successful or a specific ASN.1 error code. + * \return 0 if successful. + * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if the input starts with + * a valid BIT STRING with a nonzero number of unused bits. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 BIT STRING. */ -int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, - size_t *len ); +int mbedtls_asn1_get_bitstring_null( unsigned char **p, + const unsigned char *end, + size_t *len ); /** * \brief Parses and splits an ASN.1 "SEQUENCE OF " * Updated the pointer to immediately behind the full sequence tag. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param cur First variable in the chain to fill - * \param tag Type of sequence + * \note On error, this function may return a partial list in \p cur. + * You must set `cur->next = NULL` before calling this function! + * Otherwise it is impossible to distinguish a previously non-null + * pointer from a pointer to an object allocated by this function. * - * \return 0 if successful or a specific ASN.1 error code. + * \note If the sequence is empty, this function does not modify + * \c *cur. If the sequence is valid and non-empty, this + * function sets `cur->buf.tag` to \p tag. This allows + * callers to distinguish between an empty sequence and + * a one-element sequence. + * + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p is equal to \p end. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param cur A ::mbedtls_asn1_sequence which this function fills. + * When this function returns, \c *cur is the head of a linked + * list. Each node in this list is allocated with + * mbedtls_calloc() apart from \p cur itself, and should + * therefore be freed with mbedtls_free(). + * The list describes the content of the sequence. + * The head of the list (i.e. \c *cur itself) describes the + * first element, `*cur->next` describes the second element, etc. + * For each element, `buf.tag == tag`, `buf.len` is the length + * of the content of the content of the element, and `buf.p` + * points to the first byte of the content (i.e. immediately + * past the length of the element). + * Note that list elements may be allocated even on error. + * \param tag Each element of the sequence must have this tag. + * + * \return 0 if successful. + * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input contains + * extra data after a valid SEQUENCE OF \p tag. + * \return #MBEDTLS_ERR_ASN1_ALLOC_FAILED if a memory allocation failed. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 BIT STRING. */ int mbedtls_asn1_get_sequence_of( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_sequence *cur, - int tag); + const unsigned char *end, + mbedtls_asn1_sequence *cur, + int tag ); #if defined(MBEDTLS_BIGNUM_C) /** - * \brief Retrieve a MPI value from an integer ASN.1 tag. + * \brief Retrieve an integer ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param X The MPI that will receive the value + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * beyond the ASN.1 element. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param X On success, the parsed value. * - * \return 0 if successful or a specific ASN.1 or MPI error code. + * \return 0 if successful. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 INTEGER. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does + * not fit in an \c int. + * \return An MPI error code if the parsed value is too large. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 INTEGER. */ int mbedtls_asn1_get_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ); + const unsigned char *end, + mbedtls_mpi *X ); #endif /* MBEDTLS_BIGNUM_C */ /** @@ -296,10 +380,14 @@ int mbedtls_asn1_get_mpi( unsigned char **p, * Updates the pointer to immediately behind the full * AlgorithmIdentifier. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param alg The buffer to receive the OID - * \param params The buffer to receive the params (if any) + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * beyond the AlgorithmIdentifier element. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param alg The buffer to receive the OID. + * \param params The buffer to receive the parameters. + * This is zeroized if there are no parameters. * * \return 0 if successful or a specific ASN.1 or MPI error code. */ @@ -313,9 +401,12 @@ int mbedtls_asn1_get_alg( unsigned char **p, * Updates the pointer to immediately behind the full * AlgorithmIdentifier. * - * \param p The position in the ASN.1 data - * \param end End of data - * \param alg The buffer to receive the OID + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * beyond the AlgorithmIdentifier element. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param alg The buffer to receive the OID. * * \return 0 if successful or a specific ASN.1 or MPI error code. */ @@ -339,15 +430,19 @@ mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data * /** * \brief Free a mbedtls_asn1_named_data entry * - * \param entry The named data entry to free + * \param entry The named data entry to free. + * This function calls mbedtls_free() on + * `entry->oid.p` and `entry->val.p`. */ void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); /** - * \brief Free all entries in a mbedtls_asn1_named_data list - * Head will be set to NULL + * \brief Free all entries in a mbedtls_asn1_named_data list. * - * \param head Pointer to the head of the list of named data entries to free + * \param head Pointer to the head of the list of named data entries to free. + * This function calls mbedtls_asn1_free_named_data() and + * mbedtls_free() on each list element and + * sets \c *head to \c NULL. */ void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); From 27d806fab41a11441d97017158fcb1356ef7e74f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 18:02:53 +0100 Subject: [PATCH 1787/2197] Add ASN.1 parsing tests Add self-contained ASN.1 parsing tests, so that ASN.1 parsing is not solely tested through X.509 and TLS. The tests cover every function and almost complete line coverage in asn1parse.c. A few test cases containing negative and edge case INTEGER values are deliberately deactivated because the historical library behavior is at odds with official specifications, but changing the behavior might break interoperability. Other than that, these tests revealed a couple of minor bugs which will be fixed in subsequent commits. --- tests/CMakeLists.txt | 1 + tests/suites/test_suite_asn1parse.data | 438 ++++++++++++++++ tests/suites/test_suite_asn1parse.function | 568 +++++++++++++++++++++ 3 files changed, 1007 insertions(+) create mode 100644 tests/suites/test_suite_asn1parse.data create mode 100644 tests/suites/test_suite_asn1parse.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7dcc98d0e..bcf462f39 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -79,6 +79,7 @@ add_test_suite(aes aes.rest) add_test_suite(aes aes.xts) add_test_suite(arc4) add_test_suite(aria) +add_test_suite(asn1parse) add_test_suite(asn1write) add_test_suite(base64) add_test_suite(blowfish) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data new file mode 100644 index 000000000..83319e3e5 --- /dev/null +++ b/tests/suites/test_suite_asn1parse.data @@ -0,0 +1,438 @@ +Empty length +parse_prefixes:"04":0:MBEDTLS_ERR_ASN1_INVALID_LENGTH + +Prefixes of OCTET STRING, length=0 +parse_prefixes:"04007e":2:0 + +Prefixes of OCTET STRING, length=0 (0 length bytes) +parse_prefixes:"04807e":2:MBEDTLS_ERR_ASN1_INVALID_LENGTH + +Prefixes of OCTET STRING, length=1 +parse_prefixes:"0401417e":3:0 + +Prefixes of OCTET STRING, length=2 +parse_prefixes:"040241427e":4:0 + +Prefixes of BOOLEAN, length=0 +parse_prefixes:"01007e":2:MBEDTLS_ERR_ASN1_INVALID_LENGTH + +Prefixes of BOOLEAN, length=1 +parse_prefixes:"0101007e":3:0 + +Prefixes of BOOLEAN, length=2 +parse_prefixes:"010200007e":4:MBEDTLS_ERR_ASN1_INVALID_LENGTH + +Prefixes of INTEGER, length=1 +parse_prefixes:"0201417e":3:0 + +Prefixes of INTEGER, length=2 +parse_prefixes:"020241427e":4:0 + +Prefixes of INTEGER, length=5 +parse_prefixes:"020541424344457e":7:0 + +Prefixes of empty BIT STRING +parse_prefixes:"03007e":2:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +Prefixes of BIT STRING, unused_bits=0, payload_length=0 +parse_prefixes:"030100":3:0 + +Prefixes of BIT STRING, unused_bits=0, payload_length=1 +parse_prefixes:"0302002a":4:0 + +Prefixes of BIT STRING, unused_bits=1, payload_length=1 +parse_prefixes:"0302012a":4:0 + +Prefixes of empty SEQUENCE +parse_prefixes:"30007e":2:0 + +Prefixes of SEQUENCE of BOOLEAN, INTEGER, INTEGER +parse_prefixes:"300b01010102012a02031234567e":13:0 + +Prefixes of SEQUENCE of (SEQUENCE of INTEGER, INTEGER), INTEGER +parse_prefixes:"300b30060201410201420201617e":13:0 + +length=0 (short form) +get_len:"00":0 + +length=0 (1 length byte) +get_len:"8100":0 + +length=0 (2 length bytes) +get_len:"820000":0 + +length=1 (short form) +get_len:"01":1 + +length=1 (1 length byte) +get_len:"8101":1 + +length=1 (2 length bytes) +get_len:"820001":1 + +length=1 (3 length bytes) +get_len:"83000001":1 + +length=1 (4 length bytes) +get_len:"8400000001":1 + +length=2 (short form) +get_len:"02":2 + +length=2 (1 length byte) +get_len:"8102":2 + +length=2 (2 length bytes) +get_len:"820002":2 + +length=2 (3 length bytes) +get_len:"83000002":2 + +length=2 (4 length bytes) +get_len:"8400000002":2 + +length=127 (short form) +get_len:"7f":127 + +length=128 (1 length byte) +get_len:"8180":128 + +length=128 (2 length bytes) +get_len:"820080":128 + +length=255 (1 length byte) +get_len:"81ff":255 + +length=255 (2 length bytes) +get_len:"8200ff":255 + +length=256 (2 length bytes) +get_len:"820100":256 + +length=256 (3 length bytes) +get_len:"83000100":256 + +length=258 (2 length bytes) +get_len:"820102":258 + +length=258 (3 length bytes) +get_len:"83000102":258 + +length=65535 (2 length bytes) +get_len:"82ffff":65535 + +length=65535 (3 length bytes) +get_len:"8300ffff":65535 + +length=65535 (4 length bytes) +get_len:"840000ffff":65535 + +length=65536 (3 length bytes) +get_len:"83010000":65536 + +length=65536 (4 length bytes) +get_len:"8400010000":65536 + +length=16777215 (3 length bytes) +get_len:"83ffffff":16777215 + +length=16777215 (4 length bytes) +get_len:"8400ffffff":16777215 + +length=16777216 (4 length bytes) +get_len:"8401000000":16777216 + +length=16909060 (4 length bytes) +get_len:"8401020304":16909060 + +BOOLEAN FALSE +get_boolean:"010100":0:0 + +BOOLEAN TRUE (1) +get_boolean:"010101":1:0 + +BOOLEAN TRUE (2) +get_boolean:"010101":1:0 + +BOOLEAN TRUE (128) +get_boolean:"010180":1:0 + +BOOLEAN TRUE (255) +get_boolean:"0101ff":1:0 + +Not BOOLEAN +get_boolean:"020101":0:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Empty INTEGER +depends_on:SUPPORT_NEGATIVE_INTEGERS +get_integer:"0200":"":MBEDTLS_ERR_ASN1_INVALID_LENGTH + +INTEGER 0 +get_integer:"020100":"0":0 + +INTEGER 0, extra leading 0 +get_integer:"02020000":"0":0 + +INTEGER -0 +depends_on:SUPPORT_NEGATIVE_INTEGERS +get_integer:"020180":"0":0 + +INTEGER 1 +get_integer:"020101":"1":0: + +INTEGER 1, extra leading 0 +get_integer:"02020001":"1":0: + +INTEGER -1 +depends_on:SUPPORT_NEGATIVE_INTEGERS +get_integer:"020181":"-1":0 + +INTEGER 0x7f +get_integer:"02017f":"7f":0 + +INTEGER -0x7f +depends_on:SUPPORT_NEGATIVE_INTEGERS +get_integer:"0201ff":"-7f":0 + +INTEGER 0x80 +get_integer:"02020080":"80":0 + +INTEGER 0x80, extra leading 0 +get_integer:"0203000080":"80":0 + +INTEGER 0xff +get_integer:"020200ff":"ff":0 + +INTEGER 0x7fff +get_integer:"02027fff":"7fff":0 + +INTEGER 0x12345678 +get_integer:"020412345678":"12345678":0 + +INTEGER 0x12345678, extra leading 0 +get_integer:"02050012345678":"12345678":0 + +INTEGER 0x123456789abcdef0 +get_integer:"0208123456789abcdef0":"123456789abcdef0":0 + +INTEGER with 127 value octets +get_integer:"027f0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd":"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd":0 + +INTEGER with 127 value octets (long length encoding) +get_integer:"02817f0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd":"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd":0 + +INTEGER with 128 value octets +get_integer:"0281800123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":0 + +INTEGER with 128 value octets (leading 0 in length) +get_integer:"028200800123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":0 + +Not INTEGER +get_integer:"010101":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +INTEGER too large for mpi +get_mpi_too_large: + +BIT STRING: empty +get_bitstring:"0300":0:0:MBEDTLS_ERR_ASN1_OUT_OF_DATA:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING: octets=0, unused_bits=0 +get_bitstring:"030100":0:0:0:0 + +BIT STRING: octets=0, unused_bits=7 +get_bitstring:"030107":0:7:0:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING: octets=0, unused_bits=8 +get_bitstring:"030108":0:0:MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING: octets=1, unused_bits=0 +get_bitstring:"03020041":1:0:0:0 + +BIT STRING: octets=1, unused_bits=7 +get_bitstring:"03020741":1:7:0:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING: octets=1, unused_bits=8 +get_bitstring:"03020841":1:8:MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING: octets=2, unused_bits=0 +get_bitstring:"0303004142":2:0:0:0 + +BIT STRING: octets=2, unused_bits=7 +get_bitstring:"0303074142":2:7:0:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING: octets=2, unused_bits=8 +get_bitstring:"0303084142":2:8:MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING with trailing garbage, unused_bits=0 +get_bitstring:"030200417e":1:0:MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:0 + +BIT STRING with trailing garbage, unused_bits=7 +get_bitstring:"030207417e":1:7:MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:MBEDTLS_ERR_ASN1_INVALID_DATA + +BIT STRING with trailing garbage, unused_bits=8 +get_bitstring:"030208417e":1:8:MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_DATA + +Not BIT STRING +get_bitstring:"04020100":0:0:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +SEQUENCE OF 0 OCTET STRING +get_sequence_of:"3000":0x04:"":0 + +SEQUENCE OF 0 OCTET STRING plus trailing garbage +get_sequence_of:"30007e":0x04:"":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +SEQUENCE of 1 OCTET STRING truncated after tag +get_sequence_of:"300104":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 1 OCTET STRING truncated in length #1 +get_sequence_of:"30020481":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 1 OCTET STRING truncated in length #2 +get_sequence_of:"3003048201":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 1 OCTET STRING truncated in content #1 +get_sequence_of:"30020401":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 1 OCTET STRING truncated in content #2 +get_sequence_of:"3003040241":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 1 OCTET STRING truncated in content #3 +get_sequence_of:"300404034142":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 1 OCTET STRING (0) +get_sequence_of:"30020400":0x04:"4,0":0 + +SEQUENCE of 1 OCTET STRING (1) +get_sequence_of:"3003040141":0x04:"4,1":0 + +SEQUENCE of 1 OCTET STRING (126) +get_sequence_of:"308180047e414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141":0x04:"5,126":0 + +SEQUENCE of 2 OCTET STRINGs, second truncated after tag +get_sequence_of:"30050402414104":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 2 OCTET STRINGs, second truncated in length #1 +get_sequence_of:"3006040241410481":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 2 OCTET STRINGs, second truncated in length #2 +get_sequence_of:"300704024141048201":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 2 OCTET STRINGs, second truncated in content #1 +get_sequence_of:"3006040241410401":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 2 OCTET STRINGs, second truncated in content #2 +get_sequence_of:"300704024141040241":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 2 OCTET STRINGs, second truncated in content #3 +get_sequence_of:"30080402414104034142":0x04:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +SEQUENCE of 2 OCTET STRINGs (2, 0) +get_sequence_of:"3006040241410400":0x04:"4,2,8,0":0 + +SEQUENCE of 2 OCTET STRINGs (2, 1) +get_sequence_of:"300704024141040142":0x04:"4,2,8,1":0 + +SEQUENCE of 2 OCTET STRINGs (0, 2) +get_sequence_of:"3006040004024141":0x04:"4,0,6,2":0 + +SEQUENCE of 2 OCTET STRINGs (1, 2) +get_sequence_of:"300704014104024242":0x04:"4,1,7,2":0 + +Not a SEQUENCE (not CONSTRUCTED) +get_sequence_of:"1000":0x04:"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Not a SEQUENCE (not SEQUENCE) +get_sequence_of:"3100":0x04:"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +AlgorithmIdentifier, no params +get_alg:"300506034f4944":4:3:0:0:0:7:0 + +AlgorithmIdentifier, no params, trailing garbage +get_alg:"300506034f49447e":4:3:0:0:0:7:0 + +AlgorithmIdentifier, null params +get_alg:"300706034f49440500":4:3:0x05:9:0:9:0 + +AlgorithmIdentifier, null params, trailing garbage +get_alg:"300706034f494405007e":4:3:0x05:9:0:9:0 + +AlgorithmIdentifier, OCTET STRING params +get_alg:"300c06034f494404056162636465":4:3:0x04:9:5:14:0 + +AlgorithmIdentifier, truncated before OID +get_alg:"3000":4:3:0:0:0:2:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +AlgorithmIdentifier, truncated in OID after tag +get_alg:"300106":0:0:0:0:0:3:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +AlgorithmIdentifier, truncated in OID after length +get_alg:"30020603":4:3:0:0:0:4:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +AlgorithmIdentifier, truncated inside OID content +get_alg:"300406034f49":4:3:0:0:0:6:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +AlgorithmIdentifier, truncated in params after tag +get_alg:"300606034f494404":4:3:0x04:0:0:8:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +AlgorithmIdentifier, truncated in params after length +get_alg:"300706034f49440405":4:3:0x04:9:0:9:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +AlgorithmIdentifier, truncated inside params content +get_alg:"300806034f4944040561":4:3:0x04:9:5:10:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +Not an AlgorithmIdentifier (not a SEQUENCE) +get_alg:"310506034f4944":0:0:0:0:0:0:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Not an AlgorithmIdentifier (empty SEQUENCE) +get_alg:"3000":0:0:0:0:0:0:MBEDTLS_ERR_ASN1_OUT_OF_DATA + +Not an AlgorithmIdentifier (not an OID) +get_alg:"3006050006034f4944":0:0:0:0:0:0:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Not an AlgorithmIdentifier (too many elements) +get_alg:"300f06034f494406034f494406034f4944":0:0:0:0:0:0:MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +Find named data: not found +find_named_data:"414141":"424242":"434343":"444444":"7f7f7f":0:4 + +Find named data: empty haystack +find_named_data:"414141":"424242":"434343":"444444":"7f7f7f":4:4 + +Find named data: first +find_named_data:"414141":"424242":"434343":"444444":"414141":0:0 + +Find named data: last +find_named_data:"414141":"424242":"434343":"444444":"444444":0:3 + +Find named data: skip suffix +find_named_data:"41414141":"414141":"434343":"444444":"414141":0:1 + +Find named data: skip prefix +find_named_data:"4141":"414141":"434343":"444444":"414141":0:1 + +Find named data: first match +find_named_data:"414141":"414141":"434343":"444444":"414141":0:0 + +Free named data: null pointer +free_named_data_null: + +Free named data: all null +free_named_data:0:0:0 + +Free named data: with oid +free_named_data:1:0:0 + +Free named data: with val +free_named_data:0:1:0 + +Free named data: with next +free_named_data:0:0:1 + +Free named data list (empty) +free_named_data_list:0 + +Free named data list (1) +free_named_data_list:0 + +Free named data list (2) +free_named_data_list:0 diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function new file mode 100644 index 000000000..9e9f50949 --- /dev/null +++ b/tests/suites/test_suite_asn1parse.function @@ -0,0 +1,568 @@ +/* BEGIN_HEADER */ +#include +#include +#include + +#include "mbedtls/bignum.h" +#include "mbedtls/asn1.h" +#if defined(MBEDTLS_ASN1_WRITE_C) +#include "mbedtls/asn1write.h" +#endif + +#define ERR_PARSE_INCONSISTENCY INT_MAX + +static int nested_parse( unsigned char **const p, + const unsigned char *const end ) +{ + int ret; + size_t len = 0; + size_t len2 = 0; + unsigned char *const start = *p; + unsigned char *content_start; + unsigned char tag; + + /* First get the length, skipping over the tag. */ + content_start = start + 1; + ret = mbedtls_asn1_get_len( &content_start, end, &len ); + TEST_ASSERT( content_start <= end ); + if( ret != 0 ) + return( ret ); + + /* Since we have a valid element start (tag and length), retrieve and + * check the tag. */ + tag = start[0]; + TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ^ 1 ), + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + *p = start; + TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ), 0 ); + TEST_EQUAL( len, len2 ); + TEST_ASSERT( *p == content_start ); + *p = content_start; + + switch( tag & 0x1f ) + { + case MBEDTLS_ASN1_BOOLEAN: + { + int val = -257; + *p = start; + ret = mbedtls_asn1_get_bool( p, end, &val ); + if( ret == 0 ) + TEST_ASSERT( val == 0 || val == 1 ); + break; + } + + case MBEDTLS_ASN1_INTEGER: + { +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi mpi; + mbedtls_mpi_init( &mpi ); + *p = start; + ret = mbedtls_asn1_get_mpi( p, end, &mpi ); + mbedtls_mpi_free( &mpi ); +#endif + /* If we're sure that the number fits in an int, also + * call mbedtls_asn1_get_int(). */ + if( ret == 0 && len < sizeof( int ) ) + { + int val = -257; + unsigned char *q = start; + ret = mbedtls_asn1_get_int( &q, end, &val ); + TEST_ASSERT( *p == q ); + } + break; + } + + case MBEDTLS_ASN1_BIT_STRING: + { + mbedtls_asn1_bitstring bs; + *p = start; + ret = mbedtls_asn1_get_bitstring( p, end, &bs ); + break; + } + + case MBEDTLS_ASN1_SEQUENCE: + { + while( *p <= end && *p < content_start + len && ret == 0 ) + ret = nested_parse( p, content_start + len ); + break; + } + + case MBEDTLS_ASN1_OCTET_STRING: + case MBEDTLS_ASN1_NULL: + case MBEDTLS_ASN1_OID: + case MBEDTLS_ASN1_UTF8_STRING: + case MBEDTLS_ASN1_SET: + case MBEDTLS_ASN1_PRINTABLE_STRING: + case MBEDTLS_ASN1_T61_STRING: + case MBEDTLS_ASN1_IA5_STRING: + case MBEDTLS_ASN1_UTC_TIME: + case MBEDTLS_ASN1_GENERALIZED_TIME: + case MBEDTLS_ASN1_UNIVERSAL_STRING: + case MBEDTLS_ASN1_BMP_STRING: + default: + /* No further testing implemented for this tag. */ + *p += len; + return( 0 ); + } + + TEST_ASSERT( *p <= end ); + return( ret ); + +exit: + return( ERR_PARSE_INCONSISTENCY ); +} + +int get_len_step( const data_t *input, size_t buffer_size, + size_t actual_length ) +{ + unsigned char *buf = NULL; + unsigned char *p = NULL; + size_t parsed_length; + int ret; + + test_set_step( buffer_size ); + /* Allocate a new buffer of exactly the length to parse each time. + * This gives memory sanitizers a chance to catch buffer overreads. */ + if( buffer_size == 0 ) + { + ASSERT_ALLOC( buf, 1 ); + p = buf + 1; + } + else + { + ASSERT_ALLOC( buf, buffer_size ); + if( buffer_size > input->len ) + { + memcpy( buf, input->x, input->len ); + memset( buf + input->len, 'A', buffer_size - input->len ); + } + else + { + memcpy( buf, input->x, buffer_size ); + } + p = buf; + } + + ret = mbedtls_asn1_get_len( &p, buf + buffer_size, &parsed_length ); + + if( buffer_size >= input->len + actual_length ) + { + TEST_EQUAL( ret, 0 ); + TEST_ASSERT( p == buf + input->len ); + TEST_EQUAL( parsed_length, actual_length ); + } + else + { + TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + } + mbedtls_free( buf ); + return( 1 ); + +exit: + /* It may be impossible to allocate large lengths on embedded platforms. + * Pass in this case (though it would be better to mark the test + * as skipped). */ + if( buf == NULL ) + return( 1 ); + + mbedtls_free( buf ); + return( 0 ); +} + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_ASN1_PARSE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void parse_prefixes( const data_t *input, + int actual_length_arg, + int last_result ) +{ + size_t actual_length = actual_length_arg; + unsigned char *buf = NULL; + unsigned char *p = NULL; + size_t buffer_size; + int ret; + + for( buffer_size = 1; buffer_size <= input->len; buffer_size++ ) + { + test_set_step( buffer_size ); + /* Allocate a new buffer of exactly the length to parse each time. + * This gives memory sanitizers a chance to catch buffer overreads. */ + ASSERT_ALLOC( buf, buffer_size ); + memcpy( buf, input->x, buffer_size ); + p = buf; + ret = nested_parse( &p, buf + buffer_size ); + if( ret == ERR_PARSE_INCONSISTENCY ) + goto exit; + if( actual_length > 0 && buffer_size >= actual_length ) + { + TEST_EQUAL( ret, last_result ); + if( ret == 0 ) + TEST_ASSERT( p == buf + actual_length ); + } + else + { + TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + } + mbedtls_free( buf ); + buf = NULL; + } + +exit: + mbedtls_free( buf ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_len( const data_t *input, int actual_length_arg ) +{ + size_t actual_length = actual_length_arg; + size_t buffer_size; + + for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) + { + if( ! get_len_step( input, buffer_size, actual_length ) ) + goto exit; + } + if( ! get_len_step( input, input->len + actual_length - 1, actual_length ) ) + goto exit; + if( ! get_len_step( input, input->len + actual_length, actual_length ) ) + goto exit; +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_boolean( const data_t *input, + int expected_value, int expected_result ) +{ + unsigned char *p = input->x; + int val; + int ret; + ret = mbedtls_asn1_get_bool( &p, input->x + input->len, &val ); + TEST_EQUAL( ret, expected_result ); + if( expected_result == 0 ) + { + TEST_EQUAL( val, expected_value ); + TEST_ASSERT( p == input->x + input->len ); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_integer( const data_t *input, + const char *expected_hex, int expected_result ) +{ + unsigned char *p; +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi expected_mpi; + mbedtls_mpi actual_mpi; +#endif + long expected_value; + int expected_result_for_int = expected_result; + int expected_result_for_mpi = expected_result; + int val; + int ret; + +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_init( &expected_mpi ); + mbedtls_mpi_init( &actual_mpi ); +#endif + + errno = 0; + expected_value = strtol( expected_hex, NULL, 16 ); + if( expected_result == 0 && + ( errno == ERANGE +#if LONG_MAX > INT_MAX + || expected_value > INT_MAX || expected_value < INT_MIN +#endif + ) ) + { + expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + + p = input->x; + ret = mbedtls_asn1_get_int( &p, input->x + input->len, &val ); + TEST_EQUAL( ret, expected_result_for_int ); + if( ret == 0 ) + { + TEST_EQUAL( val, expected_value ); + TEST_ASSERT( p == input->x + input->len ); + } + +#if defined(MBEDTLS_BIGNUM_C) + ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex ); + TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) + { + /* The data overflows the maximum MPI size. */ + expected_result_for_mpi = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + p = input->x; + ret = mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ); + TEST_EQUAL( ret, expected_result_for_mpi ); + if( ret == 0 ) + { + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi , &expected_mpi ) == 0 ); + TEST_ASSERT( p == input->x + input->len ); + } +#endif + +exit: +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_free( &expected_mpi ); + mbedtls_mpi_free( &actual_mpi ); +#endif +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ +void get_mpi_too_large( ) +{ + unsigned char *buf = NULL; + unsigned char *p; + mbedtls_mpi actual_mpi; + size_t too_many_octets = + MBEDTLS_MPI_MAX_LIMBS * sizeof(mbedtls_mpi_uint) + 1; + size_t size = too_many_octets + 6; + + mbedtls_mpi_init( &actual_mpi ); + + ASSERT_ALLOC( buf, size ); + buf[0] = 0x02; /* tag: INTEGER */ + buf[1] = 0x84; /* 4-octet length */ + buf[2] = ( too_many_octets >> 24 ) & 0xff; + buf[3] = ( too_many_octets >> 16 ) & 0xff; + buf[4] = ( too_many_octets >> 8 ) & 0xff; + buf[5] = too_many_octets & 0xff; + buf[6] = 0x01; /* most significant octet */ + + p = buf; + TEST_EQUAL( mbedtls_asn1_get_mpi( &p, buf + size, &actual_mpi ), + MBEDTLS_ERR_MPI_ALLOC_FAILED ); + +exit: + mbedtls_mpi_free( &actual_mpi ); + mbedtls_free( buf ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_bitstring( const data_t *input, + int expected_length, int expected_unused_bits, + int expected_result, int expected_result_null ) +{ + mbedtls_asn1_bitstring bs = { 0xdead, 0x21, NULL }; + unsigned char *p = input->x; + + TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, input->x + input->len, &bs ), + expected_result ); + if( expected_result == 0 ) + { + TEST_EQUAL( bs.len, (size_t) expected_length ); + TEST_EQUAL( bs.unused_bits, expected_unused_bits ); + TEST_ASSERT( bs.p != NULL ); + TEST_EQUAL( bs.p - input->x + bs.len, input->len ); + TEST_ASSERT( p == input->x + input->len ); + } + + p = input->x; + TEST_EQUAL( mbedtls_asn1_get_bitstring_null( &p, input->x + input->len, + &bs.len ), + expected_result_null ); + if( expected_result_null == 0 ) + { + TEST_EQUAL( bs.len, (size_t) expected_length ); + if( expected_result == 0 ) + TEST_ASSERT( p == input->x + input->len - bs.len ); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_sequence_of( const data_t *input, int tag, + const char *description, + int expected_result ) +{ + mbedtls_asn1_sequence head = { { 0, 0, NULL }, NULL }; + mbedtls_asn1_sequence *cur, *next; + unsigned char *p = input->x; + const char *rest = description; + unsigned long n; + + TEST_EQUAL( mbedtls_asn1_get_sequence_of( &p, input->x + input->len, + &head, tag ), + expected_result ); + if( expected_result == 0 ) + { + TEST_ASSERT( p == input->x + input->len ); + + if( ! *rest ) + { + TEST_EQUAL( head.buf.tag, 0 ); + TEST_ASSERT( head.buf.p == NULL ); + TEST_EQUAL( head.buf.len, 0 ); + TEST_ASSERT( head.next == NULL ); + } + else + { + cur = &head; + while( *rest ) + { + ++test_info.step; + TEST_ASSERT( cur != NULL ); + TEST_EQUAL( cur->buf.tag, tag ); + n = strtoul( rest, (char **) &rest, 0 ); + TEST_EQUAL( n, (size_t)( cur->buf.p - input->x ) ); + ++rest; + n = strtoul( rest, (char **) &rest, 0 ); + TEST_EQUAL( n, cur->buf.len ); + if( *rest ) + ++rest; + cur = cur->next; + } + TEST_ASSERT( cur == NULL ); + } + } + +exit: + cur = head.next; + while( cur != NULL ) + { + next = cur->next; + mbedtls_free( cur ); + cur = next; + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void get_alg( const data_t *input, + int oid_offset, int oid_length, + int params_tag, int params_offset, int params_length, + int total_length, + int expected_result ) +{ + mbedtls_asn1_buf oid = { -1, 0, NULL }; + mbedtls_asn1_buf params = { -1, 0, NULL }; + unsigned char *p = input->x; + int ret; + + TEST_EQUAL( mbedtls_asn1_get_alg( &p, input->x + input->len, + &oid, ¶ms ), + expected_result ); + if( expected_result == 0 ) + { + TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); + TEST_EQUAL( oid.p - input->x, oid_offset ); + TEST_EQUAL( oid.len, (size_t) oid_length ); + TEST_EQUAL( params.tag, params_tag ); + if( params_offset != 0 ) + TEST_EQUAL( params.p - input->x, params_offset ); + else + TEST_ASSERT( params.p == NULL ); + TEST_EQUAL( params.len, (size_t) params_length ); + TEST_EQUAL( p - input->x, total_length ); + } + + ret = mbedtls_asn1_get_alg_null( &p, input->x + input->len, &oid ); + if( expected_result == 0 && params_offset == 0 ) + { + TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); + TEST_EQUAL( oid.p - input->x, oid_offset ); + TEST_EQUAL( oid.len, (size_t) oid_length ); + TEST_EQUAL( p - input->x, total_length ); + } + else + TEST_ASSERT( ret != 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void find_named_data( data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3, + data_t *needle, int from, int position ) +{ + mbedtls_asn1_named_data nd[] ={ + { {0x06, oid0->len, oid0->x}, {0, 0, NULL}, NULL, 0 }, + { {0x06, oid1->len, oid1->x}, {0, 0, NULL}, NULL, 0 }, + { {0x06, oid2->len, oid2->x}, {0, 0, NULL}, NULL, 0 }, + { {0x06, oid3->len, oid3->x}, {0, 0, NULL}, NULL, 0 }, + }; + mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; + size_t i; + mbedtls_asn1_named_data *found; + + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + pointers[i] = &nd[i]; + pointers[ARRAY_LENGTH( nd )] = NULL; + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + nd[i].next = pointers[i+1]; + + found = mbedtls_asn1_find_named_data( pointers[from], + (const char *) needle->x, + needle->len ); + TEST_ASSERT( found == pointers[position] ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void free_named_data_null( ) +{ + mbedtls_asn1_free_named_data( NULL ); + goto exit; /* Silence unused label warning */ +} +/* END_CASE */ + +/* BEGIN_CASE */ +void free_named_data( int with_oid, int with_val, int with_next ) +{ + mbedtls_asn1_named_data next = + { {0x06, 0, NULL}, {0, 0xcafe, NULL}, NULL, 0 }; + mbedtls_asn1_named_data head = + { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }; + + if( with_oid ) + ASSERT_ALLOC( head.oid.p, 1 ); + if( with_val ) + ASSERT_ALLOC( head.val.p, 1 ); + if( with_next ) + head.next = &next; + + mbedtls_asn1_free_named_data( &head ); + TEST_ASSERT( head.oid.p == NULL ); + TEST_ASSERT( head.val.p == NULL ); + TEST_ASSERT( head.next == NULL ); + TEST_ASSERT( next.val.len == 0xcafe ); + +exit: + mbedtls_free( head.oid.p ); + mbedtls_free( head.val.p ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void free_named_data_list( int length ) +{ + mbedtls_asn1_named_data *head = NULL; + int i; + + for( i = 0; i < length; i++ ) + { + mbedtls_asn1_named_data *new = NULL; + ASSERT_ALLOC( new, sizeof( mbedtls_asn1_named_data ) ); + head->next = new; + head = new; + } + + mbedtls_asn1_free_named_data_list( &head ); + TEST_ASSERT( head == NULL ); + /* Most of the point of the test is that it doesn't leak memory. + * So this test is only really useful under a memory leak detection + * framework. */ +exit: + mbedtls_asn1_free_named_data_list( &head ); +} +/* END_CASE */ From f7d6acd4754b732084aea5f0a94ecdc6b4156185 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 18:06:08 +0100 Subject: [PATCH 1788/2197] mbedtls_asn1_get_int: allow leading zeros properly Allow any number of leading zeros, not just based on sizeof(int). --- library/asn1parse.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index 171c340b8..20e8177b6 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -149,11 +149,18 @@ int mbedtls_asn1_get_int( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) return( ret ); - if( len == 0 || len > sizeof( int ) || ( **p & 0x80 ) != 0 ) + if( len == 0 || ( **p & 0x80 ) != 0 ) + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + + while( len > 0 && **p == 0 ) + { + ++( *p ); + --len; + } + if( len > sizeof( int ) ) return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); *val = 0; - while( len-- > 0 ) { *val = ( *val << 8 ) | **p; From e40d1207ebb30dc9549e86c6be9180069a00fefa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 18:08:35 +0100 Subject: [PATCH 1789/2197] mbedtls_asn1_get_bitstring_null: fix rejection of short inputs Fix improper rejection of bitstrings with length less than 2. --- library/asn1parse.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index 20e8177b6..4764ca4cb 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -230,8 +230,13 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) return( ret ); - if( (*len)-- < 2 || *(*p)++ != 0 ) + if( *len == 0 ) return( MBEDTLS_ERR_ASN1_INVALID_DATA ); + --( *len ); + + if( **p != 0 ) + return( MBEDTLS_ERR_ASN1_INVALID_DATA ); + ++( *p ); return( 0 ); } From 3a032c36c1a0a6e8f7d62994287b5e9a31ae8598 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 18:13:36 +0100 Subject: [PATCH 1790/2197] Add test cases for BOOLEANs and INTEGERs Omit negative integers and MPIs that would result in values that look like negative INTEGERs, since the library doesn't respect the specifications there, but fixing it has a serious risk of breaking interoperability when ASN.1 is used in X.509 and other cryptography-related applications. --- tests/suites/test_suite_asn1write.data | 84 ++++++++++++++++ tests/suites/test_suite_asn1write.function | 112 +++++++++++++++++++++ 2 files changed, 196 insertions(+) diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index 9982d03a7..f98df4e25 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -1,3 +1,87 @@ +ASN.1 Write BOOLEAN FALSE +mbedtls_asn1_write_bool:0:"010100" + +ASN.1 Write BOOLEAN TRUE +mbedtls_asn1_write_bool:1:"0101ff" + +ASN.1 Write int 0 +mbedtls_asn1_write_int:0:"020100" + +ASN.1 Write int 1 +mbedtls_asn1_write_int:1:"020101" + +ASN.1 Write int 127 +mbedtls_asn1_write_int:0x7f:"02017f" + +ASN.1 Write int 128 +mbedtls_asn1_write_int:0x80:"02020080" + +ASN.1 Write int 255 +mbedtls_asn1_write_int:0xff:"020200ff" + +ASN.1 Write int 256 +mbedtls_asn1_write_int:0x100:"02020100" + +ASN.1 Write int 32767 +mbedtls_asn1_write_int:0x7fff:"02027fff" + +ASN.1 Write int 32768 +mbedtls_asn1_write_int:0x8000:"0203008000" + +ASN.1 Write int 65535 +mbedtls_asn1_write_int:0xffff:"020300ffff" + +ASN.1 Write int 65536 +mbedtls_asn1_write_int:0x10000:"0203010000" + +ASN.1 Write int 8388607 +mbedtls_asn1_write_int:0x7fffff:"02037fffff" + +ASN.1 Write int 8388608 +mbedtls_asn1_write_int:0x800000:"020400800000" + +ASN.1 Write int 0x12345678 +mbedtls_asn1_write_int:0x12345678:"020412345678" + +ASN.1 Write int 2147483647 +mbedtls_asn1_write_int:0x7fffffff:"02047fffffff" + +#ASN.1 Write mpi 0 +#mbedtls_asn1_write_mpi:"00":"020100" + +ASN.1 Write mpi 1 +mbedtls_asn1_write_mpi:"01":"020101" + +ASN.1 Write mpi 0x7f +mbedtls_asn1_write_mpi:"7f":"02017f" + +#ASN.1 Write mpi 0x80 +#mbedtls_asn1_write_mpi:"7f":"02020080" + +#ASN.1 Write mpi 0xff +#mbedtls_asn1_write_mpi:"7f":"020200ff" + +ASN.1 Write mpi 0x100 +mbedtls_asn1_write_mpi:"0100":"02020100" + +ASN.1 Write mpi, 127*8-1 bits +mbedtls_asn1_write_mpi:"7f7b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"027f7f7b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8" + +#ASN.1 Write mpi, 127*8 bits +#mbedtls_asn1_write_mpi:"e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"028180e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8" + +ASN.1 Write mpi, 127*8+1 bits +mbedtls_asn1_write_mpi:"108446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c":"028180108446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c" + +ASN.1 Write mpi, 255*8-1 bits +mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0281ff7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c" + +#ASN.1 Write mpi, 255*8 bits +#mbedtls_asn1_write_mpi:"fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0282010000fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c" + +ASN.1 Write mpi, 256*8-1 bits +mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89":"028201007bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89" + ASN.1 Write Octet String #0 (Empty string) mbedtls_asn1_write_octet_string:"":"0400":2:2 diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index e45583cbb..7dfc16217 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -3,6 +3,53 @@ #define GUARD_LEN 4 #define GUARD_VAL 0x2a + +typedef struct +{ + unsigned char *output; + unsigned char *start; + unsigned char *end; + unsigned char *p; + size_t size; +} generic_write_data_t; + +int generic_write_start_step( generic_write_data_t *data ) +{ + test_set_step( data->size ); + ASSERT_ALLOC( data->output, data->size == 0 ? 1 : data->size ); + data->end = data->output + data->size; + data->p = data->end; + data->start = data->end - data->size; + return( 1 ); +exit: + return( 0 ); +} + +int generic_write_finish_step( generic_write_data_t *data, + const data_t *expected, int ret ) +{ + int ok = 0; + + if( data->size < expected->len ) + { + TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + } + else + { + TEST_EQUAL( ret, data->end - data->p ); + TEST_ASSERT( data->p >= data->start ); + TEST_ASSERT( data->p <= data->end ); + ASSERT_COMPARE( data->p, (size_t)( data->end - data->p ), + expected->x, expected->len ); + } + ok = 1; + +exit: + mbedtls_free( data->output ); + data->output = NULL; + return( ok ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -10,6 +57,71 @@ * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void mbedtls_asn1_write_bool( int val, data_t *expected ) +{ + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; + int ret; + + for( data.size = 0; data.size < expected->len + 1; data.size++ ) + { + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = mbedtls_asn1_write_bool( &data.p, data.start, val ); + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + } + +exit: + mbedtls_free( data.output ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_asn1_write_int( int val, data_t *expected ) +{ + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; + int ret; + + for( data.size = 0; data.size < expected->len + 1; data.size++ ) + { + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = mbedtls_asn1_write_int( &data.p, data.start, val ); + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + } + +exit: + mbedtls_free( data.output ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ +void mbedtls_asn1_write_mpi( data_t *val, data_t *expected ) +{ + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; + mbedtls_mpi mpi; + int ret; + + mbedtls_mpi_init( &mpi ); + TEST_ASSERT( mbedtls_mpi_read_binary( &mpi, val->x, val->len ) == 0 ); + + for( data.size = 0; data.size < expected->len + 1; data.size++ ) + { + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = mbedtls_asn1_write_mpi( &data.p, data.start, &mpi ); + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + } + +exit: + mbedtls_mpi_free( &mpi ); + mbedtls_free( data.output ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_asn1_write_octet_string( data_t * str, data_t * asn1, int buf_len, int result ) From 1dbab67ce8e79457cceeeee8510b2f781fb950bf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 18:15:18 +0100 Subject: [PATCH 1791/2197] Improve mbedtls_asn1_write_int to support values >255 mbedtls_asn1_write_int had an undocumented restriction to values that fit in a single octet. Fix this. Negative integers are still not supported. --- library/asn1write.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/library/asn1write.c b/library/asn1write.c index b54e26bd8..98c676672 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -236,17 +236,20 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) int ret; size_t len = 0; - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - len += 1; - *--(*p) = val; - - if( val > 0 && **p & 0x80 ) + do { if( *p - start < 1 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + len += 1; + *--(*p) = val & 0xff; + val >>= 8; + } + while( val > 0 ); + if( **p & 0x80 ) + { + if( *p - start < 1 ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = 0x00; len += 1; } From 105031b1e14e3f80a66a27e1745fc220292b0f4b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 19:28:41 +0100 Subject: [PATCH 1792/2197] asn1_write documentation: say that integers must be non-negative The documentation never said it explicitly, but the ASN.1 library doesn't support negative integers. Say it explicitly. Also fix a copypasta error. --- include/mbedtls/asn1write.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 336f2daf1..8ecab4e2d 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -100,6 +100,7 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, * \param p The reference to the current position pointer. * \param start The start of the buffer, for bounds-checking. * \param X The MPI to write. + * It must be non-negative. * * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. @@ -184,6 +185,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, * \param p The reference to the current position pointer. * \param start The start of the buffer, for bounds-checking. * \param val The integer value to write. + * It must be non-negative. * * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. @@ -232,7 +234,7 @@ int mbedtls_asn1_write_printable_string( unsigned char **p, /** * \brief Write a UTF8 string in ASN.1 format using the UTF8String - * string encoding tag (#MBEDTLS_ASN1_PRINTABLE_STRING). + * string encoding tag (#MBEDTLS_ASN1_UTF8_STRING). * * \note This function works backwards in data buffer. * From 3f37dca794d41f1fb077d3dbe483501b636877b6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 19:30:20 +0100 Subject: [PATCH 1793/2197] asn1write: Test short and large buffers more systematically Use the test-many-sizes framework for string writes as well (previously, it was only used for booleans and integers). This way, more edge cases are tested with less test code. This commit removes buffer overwrite checks. Instead of these checks, run the test suite under a memory sanitizer (which we do in our CI). --- tests/suites/test_suite_asn1write.data | 122 ++++++++--------- tests/suites/test_suite_asn1write.function | 144 ++++++++------------- 2 files changed, 117 insertions(+), 149 deletions(-) diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index f98df4e25..90654d75c 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -82,56 +82,62 @@ mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7 ASN.1 Write mpi, 256*8-1 bits mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89":"028201007bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89" -ASN.1 Write Octet String #0 (Empty string) -mbedtls_asn1_write_octet_string:"":"0400":2:2 +ASN.1 Write OCTET STRING: length=0 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"":"0400" -ASN.1 Write Octet String #1 (Large buffer) -mbedtls_asn1_write_octet_string:"AABBCC":"0403AABBCC":10:5 +ASN.1 Write OCTET STRING: length=1 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"41":"040141" -ASN.1 Write Octet String #2 (Buffer just fits) -mbedtls_asn1_write_octet_string:"AABBCC":"0403AABBCC":5:5 +ASN.1 Write OCTET STRING: length=2 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"4142":"04024142" -ASN.1 Write Octet String #3 (Buffer too small for tag) -mbedtls_asn1_write_octet_string:"AABBCC":"0403AABBCC":4:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write OCTET STRING: length=127 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"99a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"047f99a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" -ASN.1 Write Octet String #4 (Buffer too small for len) -mbedtls_asn1_write_octet_string:"AABBCC":"0403AABBCC":3:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write OCTET STRING: length=128 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"0199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"0481800199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" -ASN.1 Write Octet String #5 (Buffer too small for string) -mbedtls_asn1_write_octet_string:"AABBCC":"0403AABBCC":2:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write OCTET STRING: length=255 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"633ed2cb0a2915dc4438a4c063017eb336cd9571d2a0585522c5073ca22a30ca7b8c9bd167d89ba1827bc6fb5d6ef6dcc52ee6eecc47e84ee0dd18fa3ebbdb6edfc679f037160d48d46a0d7e571335b24a28c8fd29b7f4a93d013b74e522bc1f5f605096bb99d438814b77b54d6dde608417b0a0ce9a8cb507fbeb95e9926b4bb6eec725599493d4b156ef3a5fd701426456029111c20f1d03c5d8999d2c042277ef91c5114a6c06218c1ba28d41ef08e4870d0cef260cba9de16d7d11ed5889b88fb93073746ebb158a4246cdb8a4ce403a5d1d598a0d11548f22070f833c1344d15e7a1445c133d19b8295b7c071bf2227178938031249d22d21c6f8e53d":"0481ff633ed2cb0a2915dc4438a4c063017eb336cd9571d2a0585522c5073ca22a30ca7b8c9bd167d89ba1827bc6fb5d6ef6dcc52ee6eecc47e84ee0dd18fa3ebbdb6edfc679f037160d48d46a0d7e571335b24a28c8fd29b7f4a93d013b74e522bc1f5f605096bb99d438814b77b54d6dde608417b0a0ce9a8cb507fbeb95e9926b4bb6eec725599493d4b156ef3a5fd701426456029111c20f1d03c5d8999d2c042277ef91c5114a6c06218c1ba28d41ef08e4870d0cef260cba9de16d7d11ed5889b88fb93073746ebb158a4246cdb8a4ce403a5d1d598a0d11548f22070f833c1344d15e7a1445c133d19b8295b7c071bf2227178938031249d22d21c6f8e53d" -ASN.1 Write Octet String #6 (l = 128, large buffer) -mbedtls_asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"048180000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":140:131 +ASN.1 Write OCTET STRING: length=256 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OCTET_STRING:"5a633ed2cb0a2915dc4438a4c063017eb336cd9571d2a0585522c5073ca22a30ca7b8c9bd167d89ba1827bc6fb5d6ef6dcc52ee6eecc47e84ee0dd18fa3ebbdb6edfc679f037160d48d46a0d7e571335b24a28c8fd29b7f4a93d013b74e522bc1f5f605096bb99d438814b77b54d6dde608417b0a0ce9a8cb507fbeb95e9926b4bb6eec725599493d4b156ef3a5fd701426456029111c20f1d03c5d8999d2c042277ef91c5114a6c06218c1ba28d41ef08e4870d0cef260cba9de16d7d11ed5889b88fb93073746ebb158a4246cdb8a4ce403a5d1d598a0d11548f22070f833c1344d15e7a1445c133d19b8295b7c071bf2227178938031249d22d21c6f8e53d":"048201005a633ed2cb0a2915dc4438a4c063017eb336cd9571d2a0585522c5073ca22a30ca7b8c9bd167d89ba1827bc6fb5d6ef6dcc52ee6eecc47e84ee0dd18fa3ebbdb6edfc679f037160d48d46a0d7e571335b24a28c8fd29b7f4a93d013b74e522bc1f5f605096bb99d438814b77b54d6dde608417b0a0ce9a8cb507fbeb95e9926b4bb6eec725599493d4b156ef3a5fd701426456029111c20f1d03c5d8999d2c042277ef91c5114a6c06218c1ba28d41ef08e4870d0cef260cba9de16d7d11ed5889b88fb93073746ebb158a4246cdb8a4ce403a5d1d598a0d11548f22070f833c1344d15e7a1445c133d19b8295b7c071bf2227178938031249d22d21c6f8e53d" -ASN.1 Write Octet String #7 (l = 128, buffer just fits) -mbedtls_asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"048180000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":131:131 +ASN.1 Write UTF8 STRING: length=0 +mbedtls_asn1_write_string:MBEDTLS_ASN1_UTF8_STRING:"":"0c00" -ASN.1 Write Octet String #8 (l = 128, buffer too small for tag) -mbedtls_asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":130:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write UTF8 STRING: length=1 +mbedtls_asn1_write_string:MBEDTLS_ASN1_UTF8_STRING:"41":"0c0141" -ASN.1 Write Octet String #9 (l = 128, buffer too small for len) -mbedtls_asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":129:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write UTF8 STRING: length=128 +mbedtls_asn1_write_string:MBEDTLS_ASN1_UTF8_STRING:"0199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"0c81800199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" -ASN.1 Write Octet String #9 (l = 128, buffer too small for string) -mbedtls_asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":127:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write PRINTABLE STRING: length=0 +mbedtls_asn1_write_string:MBEDTLS_ASN1_PRINTABLE_STRING:"":"1300" -ASN.1 Write IA5 String #0 (Empty string) -mbedtls_asn1_write_ia5_string:"":"1600":2:2 +ASN.1 Write PRINTABLE STRING: length=1 +mbedtls_asn1_write_string:MBEDTLS_ASN1_PRINTABLE_STRING:"41":"130141" -ASN.1 Write IA5 String #1 (Large buffer) -mbedtls_asn1_write_ia5_string:"ABC":"1603414243":10:5 +ASN.1 Write PRINTABLE STRING: length=128 +mbedtls_asn1_write_string:MBEDTLS_ASN1_PRINTABLE_STRING:"0199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"1381800199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" -ASN.1 Write IA5 String #2 (Buffer just fits) -mbedtls_asn1_write_ia5_string:"ABC":"1603414243":5:5 +ASN.1 Write IA5 STRING: length=0 +mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING:"":"1600" -ASN.1 Write IA5 String #3 (Buffer too small for tag) -mbedtls_asn1_write_ia5_string:"ABC":"":4:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write IA5 STRING: length=1 +mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING:"41":"160141" -ASN.1 Write IA5 String #4 (Buffer too small for len) -mbedtls_asn1_write_ia5_string:"ABC":"":3:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write IA5 STRING: length=128 +mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING:"0199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"1681800199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" -ASN.1 Write IA5 String #5 (Buffer too small for string) -mbedtls_asn1_write_ia5_string:"ABC":"":2:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ASN.1 Write tagged string: length=0 +mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING | MBEDTLS_ASN1_CONTEXT_SPECIFIC:"":"9600" + +ASN.1 Write tagged string: length=1 +mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING | MBEDTLS_ASN1_CONTEXT_SPECIFIC:"41":"960141" + +ASN.1 Write tagged string: length=128 +mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING | MBEDTLS_ASN1_CONTEXT_SPECIFIC:"0199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"9681800199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" ASN.1 Write / Read Length #0 (Len = 0, short form) mbedtls_asn1_write_len:0:"00":1:1 @@ -176,73 +182,73 @@ ASN.1 Write / Read Length #12 (Len = 16909060, buffer too small) mbedtls_asn1_write_len:16909060:"8401020304":4:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ASN.1 Write Named Bitstring / Unused bits #0 -test_asn1_write_bitstrings:"FF":8:"030200FF":4:1 +test_asn1_write_bitstrings:"FF":8:"030200FF":1 ASN.1 Write Named Bitstring / Unused bits #1 -test_asn1_write_bitstrings:"FE":8:"030201FE":4:1 +test_asn1_write_bitstrings:"FE":8:"030201FE":1 ASN.1 Write Named Bitstring / Unused bits #2 -test_asn1_write_bitstrings:"FC":7:"030202FC":4:1 +test_asn1_write_bitstrings:"FC":7:"030202FC":1 ASN.1 Write Named Bitstring / Unused bits #3 -test_asn1_write_bitstrings:"F8":8:"030203F8":4:1 +test_asn1_write_bitstrings:"F8":8:"030203F8":1 ASN.1 Write Named Bitstring / Unused bits #4 -test_asn1_write_bitstrings:"F0":6:"030204F0":4:1 +test_asn1_write_bitstrings:"F0":6:"030204F0":1 ASN.1 Write Named Bitstring / Unused bits #5 -test_asn1_write_bitstrings:"E0":6:"030205E0":4:1 +test_asn1_write_bitstrings:"E0":6:"030205E0":1 ASN.1 Write Named Bitstring / Unused bits #6 -test_asn1_write_bitstrings:"C0":8:"030206C0":4:1 +test_asn1_write_bitstrings:"C0":8:"030206C0":1 ASN.1 Write Named Bitstring / Unused bits #7 -test_asn1_write_bitstrings:"80":8:"03020780":4:1 +test_asn1_write_bitstrings:"80":8:"03020780":1 ASN.1 Write Named Bitstring / Empty bitstring -test_asn1_write_bitstrings:"00":7:"030100":3:1 +test_asn1_write_bitstrings:"00":7:"030100":1 ASN.1 Write Named Bitstring / Empty bitstring (bits = 16) -test_asn1_write_bitstrings:"0000":16:"030100":3:1 +test_asn1_write_bitstrings:"0000":16:"030100":1 ASN.1 Write Named Bitstring / Empty bitstring (bits = 24) -test_asn1_write_bitstrings:"FFFFFF":0:"030100":3:1 +test_asn1_write_bitstrings:"FFFFFF":0:"030100":1 ASN.1 Write Named Bitstring / 15 trailing bits all unset -test_asn1_write_bitstrings:"F88000":24:"030307F880":5:1 +test_asn1_write_bitstrings:"F88000":24:"030307F880":1 ASN.1 Write Named Bitstring / 15 trailing bits all set -test_asn1_write_bitstrings:"F8FFFF":9:"030307F880":5:1 +test_asn1_write_bitstrings:"F8FFFF":9:"030307F880":1 ASN.1 Write Bitstring / Unused bits #0 -test_asn1_write_bitstrings:"FF":8:"030200FF":4:0 +test_asn1_write_bitstrings:"FF":8:"030200FF":0 ASN.1 Write Bitstring / Unused bits #1 -test_asn1_write_bitstrings:"FF":7:"030201FE":4:0 +test_asn1_write_bitstrings:"FF":7:"030201FE":0 ASN.1 Write Bitstring / Unused bits #2 -test_asn1_write_bitstrings:"FF":6:"030202FC":4:0 +test_asn1_write_bitstrings:"FF":6:"030202FC":0 ASN.1 Write Bitstring / Unused bits #3 -test_asn1_write_bitstrings:"FF":5:"030203F8":4:0 +test_asn1_write_bitstrings:"FF":5:"030203F8":0 ASN.1 Write Bitstring / Unused bits #4 -test_asn1_write_bitstrings:"FF":4:"030204F0":4:0 +test_asn1_write_bitstrings:"FF":4:"030204F0":0 ASN.1 Write Bitstring / Unused bits #5 -test_asn1_write_bitstrings:"FF":3:"030205E0":4:0 +test_asn1_write_bitstrings:"FF":3:"030205E0":0 ASN.1 Write Bitstring / Unused bits #6 -test_asn1_write_bitstrings:"FF":2:"030206C0":4:0 +test_asn1_write_bitstrings:"FF":2:"030206C0":0 ASN.1 Write Bitstring / Unused bits #7 -test_asn1_write_bitstrings:"FF":1:"03020780":4:0 +test_asn1_write_bitstrings:"FF":1:"03020780":0 ASN.1 Write Bitstring / 1 trailing bit (bits 15) -test_asn1_write_bitstrings:"0003":15:"0303010002":5:0 +test_asn1_write_bitstrings:"0003":15:"0303010002":0 ASN.1 Write Bitstring / 0 bits -test_asn1_write_bitstrings:"":0:"030100":3:0 +test_asn1_write_bitstrings:"":0:"030100":0 ASN.1 Write Bitstring / long string all bits unset except trailing bits -test_asn1_write_bitstrings:"000000000007":45:"030703000000000000":9:0 +test_asn1_write_bitstrings:"000000000007":45:"030703000000000000":0 diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 7dfc16217..1669ca86d 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -114,6 +114,8 @@ void mbedtls_asn1_write_mpi( data_t *val, data_t *expected ) ret = mbedtls_asn1_write_mpi( &data.p, data.start, &mpi ); if( ! generic_write_finish_step( &data, expected, ret ) ) goto exit; + if( expected->len > 10 && data.size == 8 ) + data.size = expected->len - 2; } exit: @@ -123,70 +125,49 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_octet_string( data_t * str, data_t * asn1, - int buf_len, int result ) +void mbedtls_asn1_write_string( int tag, data_t *content, data_t *expected ) { + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - unsigned char buf[150]; - size_t i; - unsigned char *p; - memset( buf, GUARD_VAL, sizeof( buf ) ); - - - p = buf + GUARD_LEN + buf_len; - - ret = mbedtls_asn1_write_octet_string( &p, buf + GUARD_LEN, str->x, str->len ); - - /* Check for buffer overwrite on both sides */ - for( i = 0; i < GUARD_LEN; i++ ) + for( data.size = 0; data.size < expected->len + 1; data.size++ ) { - TEST_ASSERT( buf[i] == GUARD_VAL ); - TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL ); + if( ! generic_write_start_step( &data ) ) + goto exit; + switch( tag ) + { + case MBEDTLS_ASN1_OCTET_STRING: + ret = mbedtls_asn1_write_octet_string( + &data.p, data.start, content->x, content->len ); + break; + case MBEDTLS_ASN1_UTF8_STRING: + ret = mbedtls_asn1_write_utf8_string( + &data.p, data.start, + (const char *) content->x, content->len ); + break; + case MBEDTLS_ASN1_PRINTABLE_STRING: + ret = mbedtls_asn1_write_printable_string( + &data.p, data.start, + (const char *) content->x, content->len ); + break; + case MBEDTLS_ASN1_IA5_STRING: + ret = mbedtls_asn1_write_ia5_string( + &data.p, data.start, + (const char *) content->x, content->len ); + break; + default: + ret = mbedtls_asn1_write_tagged_string( + &data.p, data.start, tag, + (const char *) content->x, content->len ); + } + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + if( expected->len > 10 && data.size == 8 ) + data.size = expected->len - 2; } - if( result >= 0 ) - { - TEST_ASSERT( (size_t) ret == asn1->len ); - TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len ); - - TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 ); - } -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_asn1_write_ia5_string( char * str, data_t * asn1, - int buf_len, int result ) -{ - int ret; - unsigned char buf[150]; - size_t str_len; - size_t i; - unsigned char *p; - - memset( buf, GUARD_VAL, sizeof( buf ) ); - - str_len = strlen( str ); - - p = buf + GUARD_LEN + buf_len; - - ret = mbedtls_asn1_write_ia5_string( &p, buf + GUARD_LEN, str, str_len ); - - /* Check for buffer overwrite on both sides */ - for( i = 0; i < GUARD_LEN; i++ ) - { - TEST_ASSERT( buf[i] == GUARD_VAL ); - TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL ); - } - - if( result >= 0 ) - { - TEST_ASSERT( (size_t) ret == asn1->len ); - TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len ); - - TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 ); - } +exit: + mbedtls_free( data.output ); } /* END_CASE */ @@ -243,44 +224,25 @@ void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, /* BEGIN_CASE */ void test_asn1_write_bitstrings( data_t *bitstring, int bits, - data_t *expected_asn1, int result, - int is_named ) + data_t *expected, int is_named ) { + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - size_t i; - unsigned char buf[150]; - unsigned char *p; + int ( *func )( unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits ) = + ( is_named ? mbedtls_asn1_write_named_bitstring : + mbedtls_asn1_write_bitstring ); - memset( buf, GUARD_VAL, sizeof( buf ) ); - - p = buf + GUARD_LEN + expected_asn1->len; - - if ( is_named == 0 ) + for( data.size = 0; data.size < expected->len + 1; data.size++ ) { - ret = mbedtls_asn1_write_bitstring( &p, - buf, - (unsigned char *)bitstring->x, - (size_t) bits ); - } - else - { - ret = mbedtls_asn1_write_named_bitstring( &p, - buf, - (unsigned char *)bitstring->x, - (size_t) bits ); - } - TEST_ASSERT( ret == result ); - - /* Check for buffer overwrite on both sides */ - for( i = 0; i < GUARD_LEN; i++ ) - { - TEST_ASSERT( buf[i] == GUARD_VAL ); - TEST_ASSERT( buf[GUARD_LEN + expected_asn1->len + i] == GUARD_VAL ); + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = ( *func )( &data.p, data.start, bitstring->x, bits ); + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; } - if ( result >= 0 ) - { - TEST_ASSERT( memcmp( p, expected_asn1->x, expected_asn1->len ) == 0 ); - } +exit: + mbedtls_free( data.output ); } /* END_CASE */ From 91d8d023c29bc18b8cbb1549649a8ad9c2c12e7c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 19:34:24 +0100 Subject: [PATCH 1794/2197] Fix typo that prevented mbedtls_asn1_write_len tests from running --- tests/suites/test_suite_asn1write.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 1669ca86d..4b1319de5 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -171,7 +171,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, int result ) { From 9311cf509364d5dec5bfbc3d850d3aba1931a707 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 20:05:05 +0100 Subject: [PATCH 1795/2197] asn1write: test NULL, OID and AlgorithmIdentifier --- tests/suites/test_suite_asn1write.data | 39 +++++++++++++++ tests/suites/test_suite_asn1write.function | 55 ++++++++++++++++++++++ 2 files changed, 94 insertions(+) diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index 90654d75c..9ee439b06 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -1,3 +1,6 @@ +ASN.1 Write NULL +mbedtls_asn1_write_null:"0500" + ASN.1 Write BOOLEAN FALSE mbedtls_asn1_write_bool:0:"010100" @@ -139,6 +142,42 @@ mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING | MBEDTLS_ASN1_CONTEXT_SPECIFI ASN.1 Write tagged string: length=128 mbedtls_asn1_write_string:MBEDTLS_ASN1_IA5_STRING | MBEDTLS_ASN1_CONTEXT_SPECIFIC:"0199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38":"9681800199a66790856f7199641f55cadabb660aaed6aa0d9ef8cef4417118c6e8c6e15becbaa21c63faf48726e92357a38b3079a0b9d60be7457ec6552f900dd032577167c91e829927343c3a769b362db4de0ad2ffb8f13cc2eeca9e52dc557118baa88b857477595622bc301a1ae2150030d652c4a482cf88d0ded85d6731ff2d38" +ASN.1 Write OID: length=0 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OID:"":"0600" + +ASN.1 Write OID: length=1 +mbedtls_asn1_write_string:MBEDTLS_ASN1_OID:"41":"060141" + +ASN.1 Write AlgorithmIdentifier, null parameters +mbedtls_asn1_write_algorithm_identifier:"4f4944":8:"300d06034f4944" + +ASN.1 Write AlgorithmIdentifier, parameters (8 bytes) +mbedtls_asn1_write_algorithm_identifier:"4f4944":8:"300d06034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0x7f +mbedtls_asn1_write_algorithm_identifier:"4f4944":0x7a:"307f06034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0x80 +mbedtls_asn1_write_algorithm_identifier:"4f4944":0x7b:"30818006034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0xff +mbedtls_asn1_write_algorithm_identifier:"4f4944":0xfa:"3081ff06034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0x100 +mbedtls_asn1_write_algorithm_identifier:"4f4944":0xfb:"3082010006034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0xffff +mbedtls_asn1_write_algorithm_identifier:"4f4944":0xfffa:"3082ffff06034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0x10000 +mbedtls_asn1_write_algorithm_identifier:"4f4944":0xfffb:"308301000006034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0xffffff +mbedtls_asn1_write_algorithm_identifier:"4f4944":0xfffffa:"3083ffffff06034f4944" + +ASN.1 Write AlgorithmIdentifier, total length=0x1000000 +mbedtls_asn1_write_algorithm_identifier:"4f4944":0xfffffb:"30840100000006034f4944" + ASN.1 Write / Read Length #0 (Len = 0, short form) mbedtls_asn1_write_len:0:"00":1:1 diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 4b1319de5..3cbe072af 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -57,6 +57,26 @@ exit: * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void mbedtls_asn1_write_null( data_t *expected ) +{ + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; + int ret; + + for( data.size = 0; data.size < expected->len + 1; data.size++ ) + { + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = mbedtls_asn1_write_null( &data.p, data.start ); + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + } + +exit: + mbedtls_free( data.output ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_asn1_write_bool( int val, data_t *expected ) { @@ -140,6 +160,11 @@ void mbedtls_asn1_write_string( int tag, data_t *content, data_t *expected ) ret = mbedtls_asn1_write_octet_string( &data.p, data.start, content->x, content->len ); break; + case MBEDTLS_ASN1_OID: + ret = mbedtls_asn1_write_oid( + &data.p, data.start, + (const char *) content->x, content->len ); + break; case MBEDTLS_ASN1_UTF8_STRING: ret = mbedtls_asn1_write_utf8_string( &data.p, data.start, @@ -171,6 +196,36 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_asn1_write_algorithm_identifier( data_t *oid, + int par_len, + data_t *expected ) +{ + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; + int ret; + + for( data.size = 0; data.size < expected->len + 1; data.size++ ) + { + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = mbedtls_asn1_write_algorithm_identifier( + &data.p, data.start, + (const char *) oid->x, oid->len, par_len ); + /* If params_len != 0, mbedtls_asn1_write_algorithm_identifier() + * assumes that the parameters are already present in the buffer + * and returns a length that accounts for this, but our test + * data omits the parameters. */ + if( ret >= 0 ) + ret -= par_len; + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + } + +exit: + mbedtls_free( data.output ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, int result ) From a902303587513273299108dd6c3e88c5d1c586df Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 1 Mar 2019 23:26:05 +0100 Subject: [PATCH 1796/2197] Test mbedtls_asn1_store_named_data --- tests/suites/test_suite_asn1write.data | 48 +++++++ tests/suites/test_suite_asn1write.function | 149 +++++++++++++++++++++ 2 files changed, 197 insertions(+) diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index 9ee439b06..fd589fb23 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -291,3 +291,51 @@ test_asn1_write_bitstrings:"":0:"030100":0 ASN.1 Write Bitstring / long string all bits unset except trailing bits test_asn1_write_bitstrings:"000000000007":45:"030703000000000000":0 + +Store named data: not found +store_named_data_find:"414141":"424242":"434343":"444444":"7f7f7f":0:-1 + +Store named data: empty haystack +store_named_data_find:"414141":"424242":"434343":"444444":"7f7f7f":4:-1 + +Store named data: first +store_named_data_find:"414141":"424242":"434343":"444444":"414141":0:0 + +Store named data: last +store_named_data_find:"414141":"424242":"434343":"444444":"444444":0:3 + +Store named data: skip suffix +store_named_data_find:"41414141":"414141":"434343":"444444":"414141":0:1 + +Store named data: skip prefix +store_named_data_find:"4141":"414141":"434343":"444444":"414141":0:1 + +Store named data: first match +store_named_data_find:"414141":"414141":"434343":"444444":"414141":0:0 + +Store named data: found, null to zero +store_named_data_val_found:0:0 + +Store named data: found, null to data +store_named_data_val_found:0:9 + +Store named data: found, data to zero +store_named_data_val_found:9:0 + +Store named data: found, smaller data +store_named_data_val_found:9:2 + +Store named data: found, same-size data +store_named_data_val_found:9:9 + +Store named data: found, larger data +store_named_data_val_found:4:9 + +Store named data: new, val_len=0 +store_named_data_val_new:0 + +Store named data: new, val_len=4 +store_named_data_val_new:4 + +Store named data: new, val_len=4, val=NULL +store_named_data_val_new:-4 diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 3cbe072af..b69f6b5c3 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -301,3 +301,152 @@ exit: mbedtls_free( data.output ); } /* END_CASE */ + +/* BEGIN_CASE */ +void store_named_data_find( data_t *oid0, data_t *oid1, + data_t *oid2, data_t *oid3, + data_t *needle, int from, int position ) +{ + data_t *oid[4] = {oid0, oid1, oid2, oid3}; + mbedtls_asn1_named_data nd[] ={ + { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, + { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, + { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, + { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, + }; + mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; + size_t i; + mbedtls_asn1_named_data *head = NULL; + mbedtls_asn1_named_data *found = NULL; + + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + pointers[i] = &nd[i]; + pointers[ARRAY_LENGTH( nd )] = NULL; + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + { + ASSERT_ALLOC( nd[i].oid.p, oid[i]->len ); + memcpy( nd[i].oid.p, oid[i]->x, oid[i]->len ); + nd[i].oid.len = oid[i]->len; + nd[i].next = pointers[i+1]; + } + + head = pointers[from]; + found = mbedtls_asn1_store_named_data( &head, + (const char *) needle->x, + needle->len, + NULL, 0 ); + + /* In any case, the existing list structure must be unchanged. */ + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + TEST_ASSERT( nd[i].next == pointers[i+1] ); + + if( position >= 0 ) + { + /* position should have been found and modified. */ + TEST_ASSERT( head == pointers[from] ); + TEST_ASSERT( found == pointers[position] ); + } + else + { + /* A new entry should have been created. */ + TEST_ASSERT( found == head ); + TEST_ASSERT( head->next == pointers[from] ); + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + TEST_ASSERT( found != &nd[i] ); + } + +exit: + if( found != NULL && found == head && found != pointers[from] ) + { + mbedtls_free( found->oid.p ); + mbedtls_free( found ); + } + for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + mbedtls_free( nd[i].oid.p ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void store_named_data_val_found( int old_len, int new_len ) +{ + mbedtls_asn1_named_data nd = + { {0x06, 3, (unsigned char *) "OID"}, {0, 0, NULL}, NULL, 0 }; + mbedtls_asn1_named_data *head = &nd; + mbedtls_asn1_named_data *found = NULL; + unsigned char *old_val = NULL; + unsigned char *new_val = (unsigned char *) "new value"; + + if( old_len != 0 ) + { + ASSERT_ALLOC( nd.val.p, (size_t) old_len ); + old_val = nd.val.p; + nd.val.len = old_len; + memset( old_val, 'x', old_len ); + } + if( new_len <= 0 ) + { + new_len = - new_len; + new_val = NULL; + } + + found = mbedtls_asn1_store_named_data( &head, "OID", 3, + new_val, new_len ); + TEST_ASSERT( head == &nd ); + TEST_ASSERT( found == head ); + + if( new_val != NULL) + ASSERT_COMPARE( found->val.p, found->val.len, + new_val, (size_t) new_len ); + if( new_len == 0) + TEST_ASSERT( found->val.p == NULL ); + else if( new_len == old_len ) + TEST_ASSERT( found->val.p == old_val ); + else + TEST_ASSERT( found->val.p != old_val ); + +exit: + mbedtls_free( nd.val.p ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void store_named_data_val_new( int new_len ) +{ + mbedtls_asn1_named_data *head = NULL; + mbedtls_asn1_named_data *found = NULL; + const unsigned char *oid = (unsigned char *) "OID"; + size_t oid_len = strlen( (const char *) oid ); + const unsigned char *new_val = (unsigned char *) "new value"; + + if( new_len <= 0 ) + new_val = NULL; + if( new_len < 0 ) + new_len = - new_len; + + found = mbedtls_asn1_store_named_data( &head, + (const char *) oid, oid_len, + new_val, (size_t) new_len ); + TEST_ASSERT( found != NULL ); + TEST_ASSERT( found == head ); + TEST_ASSERT( found->oid.p != oid ); + ASSERT_COMPARE( found->oid.p, found->oid.len, oid, oid_len ); + if( new_len == 0 ) + TEST_ASSERT( found->val.p == NULL ); + else if( new_val == NULL ) + TEST_ASSERT( found->val.p != NULL ); + else + { + TEST_ASSERT( found->val.p != new_val ); + ASSERT_COMPARE( found->val.p, found->val.len, + new_val, (size_t) new_len ); + } + +exit: + if( found != NULL ) + { + mbedtls_free( found->oid.p ); + mbedtls_free( found->val.p ); + } + mbedtls_free( found ); +} +/* END_CASE */ From 09c0a2364b9603936bf4e56e839ea7d10dcc120a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Mar 2019 15:00:06 +0100 Subject: [PATCH 1797/2197] mbedtls_asn1_store_named_data: clarify val allocation behavior Document how mbedtls_asn1_store_named_data allocates val.p in the new or modified entry. Change the behavior to be more regular, always setting the new length to val_len. This does not affect the previous documented behavior since this aspect was not documented. This does not affect current usage in Mbed TLS's X.509 module where calls with the same OID always use the same size for the associated value. --- include/mbedtls/asn1write.h | 8 ++++++-- library/asn1write.c | 20 ++++++++++++++------ 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 8ecab4e2d..982414626 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -334,9 +334,13 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, * through (will be updated in case of a new entry). * \param oid The OID to look for. * \param oid_len The size of the OID. - * \param val The data to store (can be \c NULL if you want to fill - * it by hand). + * \param val The associated data to store. If this is \c NULL, + * no data is copied to the new or existing buffer. * \param val_len The minimum length of the data buffer needed. + * If this is 0, do not allocate a buffer for the associated + * data. + * If the OID was already present, enlarge, shrink or free + * the existing buffer to fit \p val_len. * * \return A pointer to the new / existing entry on success. * \return \c NULL if if there was a memory allocation error. diff --git a/library/asn1write.c b/library/asn1write.c index 98c676672..a138d0b75 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -432,18 +432,26 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( memcpy( cur->oid.p, oid, oid_len ); cur->val.len = val_len; - cur->val.p = mbedtls_calloc( 1, val_len ); - if( cur->val.p == NULL ) + if( val_len != 0 ) { - mbedtls_free( cur->oid.p ); - mbedtls_free( cur ); - return( NULL ); + cur->val.p = mbedtls_calloc( 1, val_len ); + if( cur->val.p == NULL ) + { + mbedtls_free( cur->oid.p ); + mbedtls_free( cur ); + return( NULL ); + } } cur->next = *head; *head = cur; } - else if( cur->val.len < val_len ) + else if( val_len == 0 ) + { + mbedtls_free( cur->val.p ); + cur->val.p = NULL; + } + else if( cur->val.len != val_len ) { /* * Enlarge existing value buffer if needed From 2cd8ecc08b9e73196daa12e22feb90fd446b3407 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Mar 2019 17:13:43 +0100 Subject: [PATCH 1798/2197] New test helper macro ASSERT_ALLOC_WEAK The new macro ASSERT_ALLOC_WEAK does not fail the test case if the memory allocation fails. This is useful for tests that allocate a large amount of memory, but that aren't useful on platforms where allocating such a large amount is not possible. Ideally this macro should mark the test as skipped. We don't yet have a facility for that but we're working on it. Once we have a skip functionality, this macro should be changed to use it. --- tests/suites/helpers.function | 20 ++++++++++++++++++++ tests/suites/test_suite_asn1parse.function | 8 +------- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index d45fd4ea7..00320bca3 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -158,6 +158,26 @@ typedef enum } \ while( 0 ) +/** Allocate memory dynamically. Exit the test if this fails, but do + * not mark the test as failed. + * + * This macro behaves like #ASSERT_ALLOC, except that if the allocation + * fails, it jumps to the \c exit label without calling test_fail(). + */ +#define ASSERT_ALLOC_WEAK( pointer, length ) \ + do \ + { \ + TEST_ASSERT( ( pointer ) == NULL ); \ + if( ( length ) != 0 ) \ + { \ + ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ + ( length ) ); \ + if( ( pointer ) == NULL ) \ + goto exit; \ + } \ + } \ + while( 0 ) + /** Compare two buffers and fail the test case if they differ. * * This macro expands to an instruction, not an expression. diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 9e9f50949..f5ecd5515 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -130,7 +130,7 @@ int get_len_step( const data_t *input, size_t buffer_size, } else { - ASSERT_ALLOC( buf, buffer_size ); + ASSERT_ALLOC_WEAK( buf, buffer_size ); if( buffer_size > input->len ) { memcpy( buf, input->x, input->len ); @@ -159,12 +159,6 @@ int get_len_step( const data_t *input, size_t buffer_size, return( 1 ); exit: - /* It may be impossible to allocate large lengths on embedded platforms. - * Pass in this case (though it would be better to mark the test - * as skipped). */ - if( buf == NULL ) - return( 1 ); - mbedtls_free( buf ); return( 0 ); } From aac38533489dfec073a453f614be971798be0bdb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 11 Sep 2019 16:52:01 +0200 Subject: [PATCH 1799/2197] Fix long-standing bug in error code description MBEDTLS_ERR_ASN1_INVALID_DATA is documented as "not used", but it has been used since the PolarSSL days. --- include/mbedtls/asn1.h | 2 +- library/error.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 6891bb9c3..92f3bcbdd 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -52,7 +52,7 @@ #define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ #define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ #define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ -#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ +#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. */ #define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */ #define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ diff --git a/library/error.c b/library/error.c index 7d7155ba0..649b3baa4 100644 --- a/library/error.c +++ b/library/error.c @@ -467,7 +467,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) if( use_ret == -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH) ) mbedtls_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" ); if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_DATA) ) - mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" ); + mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid" ); if( use_ret == -(MBEDTLS_ERR_ASN1_ALLOC_FAILED) ) mbedtls_snprintf( buf, buflen, "ASN1 - Memory allocation failed" ); if( use_ret == -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) ) From 5ae24ec7af30db8aeab776d15746d3a544071280 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Thu, 12 Sep 2019 09:44:33 +0100 Subject: [PATCH 1800/2197] Add missing error case to psa_aead_verify --- include/psa/crypto.h | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5288815c3..1517f0edd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2695,13 +2695,25 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * * The operation must have been set up with psa_aead_decrypt_setup(). * - * This function finishes the authentication of the additional data - * formed by concatenating the inputs passed to preceding calls to - * psa_aead_update_ad() with the ciphertext formed by concatenating the - * inputs passed to preceding calls to psa_aead_update(). + * This function finishes the authenticated decryption of the message + * components: + * + * - The additional data consisting of the concatenation of the inputs + * passed to preceding calls to psa_aead_update_ad(). + * - The ciphertext consisting of the concatenation of the inputs passed to + * preceding calls to psa_aead_update(). + * - The tag passed to this function call. + * + * If the authentication tag is correct, this function outputs any remaining + * plaintext and reports success. If the authentication tag is not correct, + * this function returns #PSA_ERROR_INVALID_SIGNATURE. * * When this function returns, the operation becomes inactive. * + * \note Implementations shall make the best effort to ensure that the + * comparison between the actual tag and the expected tag is performed + * in constant time. + * * \param[in,out] operation Active AEAD operation. * \param[out] plaintext Buffer where the last part of the plaintext * is to be written. This is the remaining data @@ -2720,6 +2732,9 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculations were successful, but the authentication tag is + * not correct. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (not set up, nonce not set, * encryption, or already completed). From a170d927ddb07fdc682c30907f5b731fd1c52c70 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 16:59:37 +0200 Subject: [PATCH 1801/2197] Clarify how key creation functions use attributes and what 0 means Clarify how key creation functions use attributes. Explain the meaning of attribute values, espcially what 0 means in each field where it has a special meaning. Explain what an algorithm usage policy can be (an algorithm, a wildcard with ANY_HASH, or 0). --- include/psa/crypto.h | 19 ++++++++++++++++--- include/psa/crypto_types.h | 11 ++++++----- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 71bad3b7a..c21809ce1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -226,7 +226,14 @@ static psa_key_usage_t psa_get_key_usage_flags( /** Declare the permitted algorithm policy for a key. * * The permitted algorithm policy of a key encodes which algorithm or - * algorithms are permitted to be used with this key. + * algorithms are permitted to be used with this key. The following + * algorithm policies are supported: + * - 0 does not allow any cryptographic operation with the key. The key + * may be used for non-cryptographic actions such as exporting (if + * permitted by the usage flags). + * - An algorithm value permits this particular algorithm. + * - An algorithm wildcard built from #PSA_ALG_ANY_HASH allows the specified + * signature scheme with any hash algorithm. * * This function overwrites any algorithm policy * previously set in \p attributes. @@ -266,6 +273,8 @@ static psa_algorithm_t psa_get_key_algorithm( * * \param[out] attributes The attribute structure to write to. * \param type The key type to write. + * If this is 0, the key type in \p attributes + * becomes unspecified. */ static void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type); @@ -281,6 +290,8 @@ static void psa_set_key_type(psa_key_attributes_t *attributes, * * \param[out] attributes The attribute structure to write to. * \param bits The key size in bits. + * If this is 0, the key size in \p attributes + * becomes unspecified. */ static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits); @@ -464,7 +475,6 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * minimize the risk that an invalid input is accidentally interpreted * according to a different format. * - * \param[in] attributes The attributes for the new key. * The key size is always determined from the * \p data buffer. @@ -3365,6 +3375,9 @@ psa_status_t psa_key_derivation_output_bytes( * * This function calculates output bytes from a key derivation algorithm * and uses those bytes to generate a key deterministically. + * The key's location, usage policy, type and size are taken from + * \p attributes. + * * If you view the key derivation's output as a stream of bytes, this * function destructively reads as many bytes as required from the * stream. @@ -3607,7 +3620,7 @@ psa_status_t psa_generate_random(uint8_t *output, * \brief Generate a key or key pair. * * The key is generated randomly. - * Its location, policy, type and size are taken from \p attributes. + * Its location, usage policy, type and size are taken from \p attributes. * * The following type-specific considerations apply: * - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR), diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index b79c3b523..b6b61984b 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -206,11 +206,12 @@ typedef uint32_t psa_key_usage_t; * values: * * - lifetime: #PSA_KEY_LIFETIME_VOLATILE. - * - key identifier: unspecified. - * - type: \c 0. - * - key size: \c 0. - * - usage flags: \c 0. - * - algorithm: \c 0. + * - key identifier: 0 (which is not a valid key identifier). + * - type: \c 0 (meaning that the type is unspecified). + * - key size: \c 0 (meaning that the size is unspecified). + * - usage flags: \c 0 (which allows no usage except exporting a public key). + * - algorithm: \c 0 (which allows no cryptographic usage, but allows + * exporting). * * A typical sequence to create a key is as follows: * -# Create and initialize an attribute structure. From 05c900b576f83038f137a11723e322b81eb22e82 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 18:29:43 +0200 Subject: [PATCH 1802/2197] Forbid keys of size 0 Keys of size 0 generally don't make sense: a key is supposed to be secret. There is one edge case which is "raw data" keys, which are useful to store non-key objects in the same storage location as keys. However those are also problematic because they involve a zero-length buffer. Manipulating zero-length buffers in C requires special cases with functions like malloc() and memcpy(). Additionally, 0 as a key size already has a meaning "unspecified", which does not always overlap seamlessly with the meaning "0". Therefore, forbid keys of size 0. No implementation may accept them. --- include/psa/crypto.h | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c21809ce1..7c88bd680 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -291,7 +291,8 @@ static void psa_set_key_type(psa_key_attributes_t *attributes, * \param[out] attributes The attribute structure to write to. * \param bits The key size in bits. * If this is 0, the key size in \p attributes - * becomes unspecified. + * becomes unspecified. Keys of size 0 are + * not supported. */ static void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits); @@ -468,6 +469,13 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * and to the documentation of psa_export_key() for the format for * other key types. * + * The key data determines the key size. The attributes may optionally + * specify a key size; in this case it must match the size determined + * from the key data. A key size of 0 in \p attributes indicates that + * the key size is solely determined by the key data. + * + * Implementations must reject an attempt to import a key of size 0. + * * This specification supports a single format for each key type. * Implementations may support other formats as long as the standard * format is supported. Implementations that support other formats @@ -3092,6 +3100,8 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * - Clean up the key derivation operation object with * psa_key_derivation_abort(). * + * Implementations must reject an attempt to derive a key of size 0. + * * \param[in,out] operation The key derivation operation object * to set up. It must * have been initialized but not set up yet. @@ -3622,6 +3632,8 @@ psa_status_t psa_generate_random(uint8_t *output, * The key is generated randomly. * Its location, usage policy, type and size are taken from \p attributes. * + * Implementations must reject an attempt to generate a key of size 0. + * * The following type-specific considerations apply: * - For RSA keys (#PSA_KEY_TYPE_RSA_KEY_PAIR), * the public exponent is 65537. From 491181bd9d6e4d8745b644aaf5e969961c872c0d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 18:47:14 +0200 Subject: [PATCH 1803/2197] Remove test cases that use zero-length keys If there isn't already a test with a raw data key of the now-minimal length (1 byte), change the test case to a 1-byte key. --- tests/suites/test_suite_psa_crypto.data | 14 ++++---------- .../test_suite_psa_crypto_persistent_key.data | 6 ------ 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8eee9893d..80b34c14a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -22,9 +22,6 @@ persistence_attributes:0x1234:3:0x1235:0x1235:3 PSA key attributes: slot number slot_number_attribute: -PSA import/export raw: 0 bytes -import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_SUCCESS:1 - PSA import/export raw: 1 bytes import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1 @@ -568,8 +565,8 @@ PSA key policy algorithm2: ECDH, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY -Copy key: raw, 0 bytes -copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 +Copy key: raw, 1 byte +copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 Copy key: AES, copy attributes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR @@ -2254,9 +2251,6 @@ generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT PSA generate key: bad type (RSA public key) generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED -PSA generate key: raw data, 0 bits -generate_key:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS - PSA generate key: raw data, 7 bits: invalid argument generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT @@ -2358,9 +2352,9 @@ generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT PSA generate key: RSA, e=2 generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT -PSA import persistent key: raw data, 0 bits +PSA import persistent key: raw data, 8 bits depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY +persistent_key_load_key_from_storage:"2a":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY PSA import persistent key: AES, 128 bits, exportable depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 3f40d35c7..f228b266d 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -44,9 +44,6 @@ Persistent key import garbage data, should fail depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C persistent_key_import:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT -import/export persistent raw key: 0 byte -import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0:0 - import/export persistent raw key: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0 @@ -73,9 +70,6 @@ PSA import/export-persistent symmetric key: 16 bytes depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0 -import/export persistent raw key with restart: 0 byte -import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:1:0 - import/export persistent raw key with restart: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0 From a782b95806a1589395089f7c3633ce9eb9777763 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 18:59:22 +0200 Subject: [PATCH 1804/2197] Add test cases for zero-length keys Check that zero-length keys cannot be imported, generated or derived. --- tests/suites/test_suite_psa_crypto.data | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 80b34c14a..1a78ac6e1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -263,6 +263,18 @@ PSA import/export RSA keypair: import PEM depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_SUCCESS:0 +PSA import: reject raw data key of length 0 +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +import_with_data:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA import: reject raw data key of length 0 and declared size 1 bit +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +import_with_data:"":PSA_KEY_TYPE_RAW_DATA:1:PSA_ERROR_INVALID_ARGUMENT + +PSA import: reject raw data key of length 0 and declared size 8 bits +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT + PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT @@ -2124,6 +2136,11 @@ PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: invalid length (0) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT + # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum # output from HKDF-SHA512 (255*64 = 16320 bytes). @@ -2251,6 +2268,10 @@ generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT PSA generate key: bad type (RSA public key) generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED +PSA generate key: raw data, 0 bits: invalid argument +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +generate_key:PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT + PSA generate key: raw data, 7 bits: invalid argument generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT @@ -2314,6 +2335,11 @@ PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS +PSA generate key: RSA, 0 bits: invalid +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + PSA generate key: RSA, 1022 bits: not supported depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED From 0f84d6245b9b9940084ed75570b4e377d502501d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 19:03:13 +0200 Subject: [PATCH 1805/2197] Reject keys of size 0 Implement the prohibition on keys of size 0. --- library/psa_crypto.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a80f13de3..f0fbcdcde 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1826,6 +1826,12 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + /* Reject zero-length symmetric keys (including raw data key objects). + * This also rejects any key which might be encoded as an empty string, + * which is never valid. */ + if( data_length == 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, handle, &slot, &driver ); if( status != PSA_SUCCESS ) @@ -4778,6 +4784,12 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + + /* Reject any attempt to create a zero-length key so that we don't + * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ + if( psa_get_key_bits( attributes ) == 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes, handle, &slot, &driver ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -5512,6 +5524,11 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; + /* Reject any attempt to create a zero-length key so that we don't + * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ + if( psa_get_key_bits( attributes ) == 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes, handle, &slot, &driver ); if( status != PSA_SUCCESS ) From 043b28171410805f32378658e647fdb2917db361 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 19:03:41 +0200 Subject: [PATCH 1806/2197] Add a few test cases for non-byte-aligned raw data keys Add tests for derivation. Test both 7 bits and 9 bits, in case the implementation truncated the bit size down and 7 was rejected as 0 rather than because it isn't a multiple of 8. There is no corresponding test for import because import determines the key size from the key data, which is always a whole number of bytes. --- tests/suites/test_suite_psa_crypto.data | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1a78ac6e1..16edd382a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2141,6 +2141,18 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: invalid length (7 bits) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: raw data, 8 bits +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS + +PSA key derivation: invalid length (9 bits) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT + # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum # output from HKDF-SHA512 (255*64 = 16320 bytes). @@ -2278,6 +2290,9 @@ generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_AR PSA generate key: raw data, 8 bits generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS +PSA generate key: raw data, 9 bits: invalid argument +generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT + PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS From f916894ef3c9ba5f3f8d995ee715945491dbda46 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 19:20:29 +0200 Subject: [PATCH 1807/2197] Remove special handling for zero-length keys Zero-length keys are rejected at creation time, so we don't need any special handling internally. When exporting a key, we do need to take care of the case where the output buffer is empty, but this is easy: an empty output buffer is never valid. --- library/psa_crypto.c | 37 ++++++++++++++----------------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f0fbcdcde..ac2eae667 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -451,13 +451,6 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type, switch( type ) { case PSA_KEY_TYPE_RAW_DATA: - if( bits == 0 ) - { - raw->bytes = 0; - raw->data = NULL; - return( PSA_SUCCESS ); - } - break; #if defined(MBEDTLS_MD_C) case PSA_KEY_TYPE_HMAC: #endif @@ -1281,6 +1274,12 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) ) return( PSA_ERROR_INVALID_ARGUMENT ); + /* Reject a zero-length output buffer now, since this can never be a + * valid key representation. This way we know that data must be a valid + * pointer and we can do things like memset(data, ..., data_size). */ + if( data_size == 0 ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + #if defined(MBEDTLS_PSA_CRYPTO_SE_C) if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) ) { @@ -1302,12 +1301,9 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, { if( slot->data.raw.bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - if( data_size != 0 ) - { - memcpy( data, slot->data.raw.data, slot->data.raw.bytes ); - memset( data + slot->data.raw.bytes, 0, - data_size - slot->data.raw.bytes ); - } + memcpy( data, slot->data.raw.data, slot->data.raw.bytes ); + memset( data + slot->data.raw.bytes, 0, + data_size - slot->data.raw.bytes ); *data_length = slot->data.raw.bytes; return( PSA_SUCCESS ); } @@ -1366,10 +1362,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, } if( ret < 0 ) { - /* If data_size is 0 then data may be NULL and then the - * call to memset would have undefined behavior. */ - if( data_size != 0 ) - memset( data, 0, data_size ); + memset( data, 0, data_size ); return( mbedtls_to_psa_error( ret ) ); } /* The mbedtls_pk_xxx functions write to the end of the buffer. @@ -1676,7 +1669,7 @@ static psa_status_t psa_finish_key_creation( slot->attr.bits ); uint8_t *buffer = mbedtls_calloc( 1, buffer_size ); size_t length = 0; - if( buffer == NULL && buffer_size != 0 ) + if( buffer == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); status = psa_internal_export_key( slot, buffer, buffer_size, &length, @@ -1685,8 +1678,7 @@ static psa_status_t psa_finish_key_creation( status = psa_save_persistent_key( &slot->attr, buffer, length ); - if( buffer_size != 0 ) - mbedtls_platform_zeroize( buffer, buffer_size ); + mbedtls_platform_zeroize( buffer, buffer_size ); mbedtls_free( buffer ); } } @@ -1963,7 +1955,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->attr.type, psa_get_key_slot_bits( source ) ); buffer = mbedtls_calloc( 1, buffer_size ); - if( buffer == NULL && buffer_size != 0 ) + if( buffer == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 ); if( status != PSA_SUCCESS ) @@ -1972,8 +1964,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_import_key_into_slot( target, buffer, length ); exit: - if( buffer_size != 0 ) - mbedtls_platform_zeroize( buffer, buffer_size ); + mbedtls_platform_zeroize( buffer, buffer_size ); mbedtls_free( buffer ); return( status ); } From 4019f0e914416ca6c80bfad51509404265b5bf45 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 22:05:59 +0200 Subject: [PATCH 1808/2197] Immediately reject 0-size signature buffer when signing In psa_asymmetric_sign, immediately reject an empty signature buffer. This can never be right. Add test cases (one RSA and one ECDSA). Change the SE HAL mock tests not to use an empty signature buffer. --- library/psa_crypto.c | 8 +++++++- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ ...st_suite_psa_crypto_se_driver_hal_mocks.function | 13 +++++++++++-- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ac2eae667..c53d15b01 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3347,6 +3347,12 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ *signature_length = signature_size; + /* Immediately reject a zero-length signature buffer. This guarantees + * that signature must be a valid pointer. (On the other hand, the hash + * buffer can in principle be empty since it doesn't actually have + * to be a hash.) */ + if( signature_size == 0 ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) @@ -3422,7 +3428,7 @@ exit: if( status == PSA_SUCCESS ) memset( signature + *signature_length, '!', signature_size - *signature_length ); - else if( signature_size != 0 ) + else memset( signature, '!', signature_size ); /* If signature_size is 0 then we have nothing to do. We must not call * memset because signature may be NULL in this case. */ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 16edd382a..9df4b43be 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1561,6 +1561,14 @@ PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL +PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL + +PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL + PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index e3641789f..e6b3f7b1f 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -396,6 +396,7 @@ void mock_generate( int mock_alloc_return_value, psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_bits( &attributes, 8 ); TEST_ASSERT( psa_generate_key( &attributes, &handle ) == expected_result ); TEST_ASSERT( mock_allocate_data.called == 1 ); TEST_ASSERT( mock_generate_data.called == @@ -482,6 +483,8 @@ void mock_sign( int mock_sign_return_value, int expected_result ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + const uint8_t hash[1] = {'H'}; + uint8_t signature[1] = {'S'}; size_t signature_length; mock_sign_data.return_value = mock_sign_return_value; @@ -512,7 +515,9 @@ void mock_sign( int mock_sign_return_value, int expected_result ) key_material, sizeof( key_material ), &handle ) ); - TEST_ASSERT( psa_asymmetric_sign( handle, algorithm, NULL, 0, NULL, 0, + TEST_ASSERT( psa_asymmetric_sign( handle, algorithm, + hash, sizeof( hash ), + signature, sizeof( signature ), &signature_length) == expected_result ); TEST_ASSERT( mock_sign_data.called == 1 ); @@ -538,6 +543,8 @@ void mock_verify( int mock_verify_return_value, int expected_result ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + const uint8_t hash[1] = {'H'}; + const uint8_t signature[1] = {'S'}; mock_verify_data.return_value = mock_verify_return_value; memset( &driver, 0, sizeof( driver ) ); @@ -567,7 +574,9 @@ void mock_verify( int mock_verify_return_value, int expected_result ) key_material, sizeof( key_material ), &handle ) ); - TEST_ASSERT( psa_asymmetric_verify( handle, algorithm, NULL, 0, NULL, 0) + TEST_ASSERT( psa_asymmetric_verify( handle, algorithm, + hash, sizeof( hash ), + signature, sizeof( signature ) ) == expected_result ); TEST_ASSERT( mock_verify_data.called == 1 ); From 89cc74f44728ed929ee7388767070fdd02d514d4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Sep 2019 22:08:23 +0200 Subject: [PATCH 1809/2197] Fix signature size checks in psa_asymmetric_verify for RSA The signature must have exactly the same length as the key, it can't be longer. Fix #258 If the signature doesn't have the correct size, that's an invalid signature, not a problem with an output buffer size. Fix the error code. Add test cases. --- library/psa_crypto.c | 4 +-- tests/suites/test_suite_psa_crypto.data | 36 +++++++++++++++++++++++-- 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c53d15b01..09254b249 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3191,8 +3191,8 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, if( status != PSA_SUCCESS ) return( status ); - if( signature_length < mbedtls_rsa_get_len( rsa ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if( signature_length != mbedtls_rsa_get_len( rsa ) ) + return( PSA_ERROR_INVALID_SIGNATURE ); #if defined(MBEDTLS_PKCS1_V15) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9df4b43be..a8e97e090 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1621,14 +1621,30 @@ PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash length depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE + PSA verify: RSA PSS SHA-256, good signature, 0 bytes depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" @@ -1657,6 +1673,22 @@ PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +PSA verify: ECDSA SECP256R1, wrong signature (empty) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: ECDSA SECP256R1, wrong signature (truncated) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: ECDSA SECP256R1, wrong signature (trailing junk) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE + +PSA verify: ECDSA SECP256R1, wrong signature (leading junk) +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE + PSA verify: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT From 9b88efc378e2968b08a5e827b9131e08eff0854b Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 13 Sep 2019 15:26:53 +0200 Subject: [PATCH 1810/2197] Check len against buffers size upper bound in PSA tests --- tests/suites/test_suite_psa_crypto.function | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3225bef34..a70fa9e87 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -736,6 +736,11 @@ int asn1_skip_integer( unsigned char **p, const unsigned char *end, TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ), 0 ); + + /* Check if the retrieved length doesn't extend the actual buffer's size. + * It is assumed here, that end >= p, which validates casting to size_t. */ + TEST_ASSERT( len <= (size_t)( end - *p) ); + /* Tolerate a slight departure from DER encoding: * - 0 may be represented by an empty string or a 1-byte string. * - The sign bit may be used as a value bit. */ From 340984b003c4a9e047a19442a4b5a81b0197231e Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 11 Sep 2019 21:33:41 +0100 Subject: [PATCH 1811/2197] Fix PSA_ERROR_BAD_STATE messages Remove some duplicated entries and added some missing ones. --- include/psa/crypto.h | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 5288815c3..2529a0a11 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -642,8 +642,6 @@ psa_status_t psa_destroy_key(psa_key_handle_t handle); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * \p operation is either not initialized or is in use - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -985,8 +983,6 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * \p operation is either not initialized or is in use - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1013,8 +1009,6 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1060,8 +1054,6 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1102,8 +1094,6 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1139,8 +1129,6 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1172,10 +1160,6 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE - * The operation state is either not initialized or has already been setup. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is either not initialized or has already been setup. - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -2288,7 +2272,10 @@ static psa_aead_operation_t psa_aead_operation_init(void); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -2350,7 +2337,10 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT * \p handle is not compatible with \p alg. @@ -3304,6 +3294,9 @@ psa_status_t psa_key_derivation_input_key( * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_BAD_STATE + * The value of \p step is not valid for a key agreement given the + * state of \p operation. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT From 272ba1dd965a528c112223884c635b9036aa56d0 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 11 Sep 2019 22:53:21 +0100 Subject: [PATCH 1812/2197] Update documentation for multipart hash operations --- include/psa/crypto.h | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2529a0a11..d3ba75e75 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -946,7 +946,7 @@ static psa_hash_operation_t psa_hash_operation_init(void); * -# Allocate an operation object which will be passed to all the functions * listed here. * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_hash_operation_t, e.g. PSA_HASH_OPERATION_INIT. + * documentation for #psa_hash_operation_t, e.g. #PSA_HASH_OPERATION_INIT. * -# Call psa_hash_setup() to specify the algorithm. * -# Call psa_hash_update() zero, one or more times, passing a fragment * of the message each time. The hash that is calculated is the hash @@ -954,14 +954,16 @@ static psa_hash_operation_t psa_hash_operation_init(void); * -# To calculate the hash, call psa_hash_finish(). * To compare the hash with an expected value, call psa_hash_verify(). * - * The application may call psa_hash_abort() at any time after the operation + * If an error occurs at any step after a call to psa_hash_setup(), the + * operation will need to be reset by a call to psa_hash_abort(). The + * application may call psa_hash_abort() at any time after the operation * has been initialized. * * After a successful call to psa_hash_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to psa_hash_update(). - * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort(). + * - A successful call to psa_hash_finish() or psa_hash_verify(). + * - A call to psa_hash_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -976,8 +978,7 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a hash algorithm. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -994,7 +995,8 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * * The application must call psa_hash_setup() before calling this function. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). * * \param[in,out] operation Active hash operation. * \param[in] input Buffer containing the message fragment to hash. @@ -1003,7 +1005,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or already completed). + * The operation state is not valid (it muct be active). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1023,7 +1025,9 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * This function calculates the hash of the message formed by concatenating * the inputs passed to preceding calls to psa_hash_update(). * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). * * \warning Applications should not call this function if they expect * a specific value for the hash. Call psa_hash_verify() instead. @@ -1044,7 +1048,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or already completed). + * The operation state is not valid (it must be active). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) @@ -1072,7 +1076,9 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * compares the calculated hash with the expected hash passed as a * parameter to this function. * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_hash_abort(). * * \note Implementations shall make the best effort to ensure that the * comparison between the actual hash and the expected hash is performed @@ -1088,7 +1094,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * The hash of the message was calculated successfully, but it * differs from the expected hash. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or already completed). + * The operation state is not valid (it must be active). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1110,11 +1116,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * psa_hash_setup() again. * * You may call this function any time after the operation object has - * been initialized by any of the following methods: - * - A call to psa_hash_setup(), whether it succeeds or not. - * - Initializing the \c struct to all-bits-zero. - * - Initializing the \c struct to logical zeros, e.g. - * `psa_hash_operation_t operation = {0}`. + * been initialized by one of the methods described in #psa_hash_operation_t. * * In particular, calling psa_hash_abort() after the operation has been * terminated by a call to psa_hash_abort(), psa_hash_finish() or @@ -1123,8 +1125,6 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * \param[in,out] operation Initialized hash operation. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE - * \p operation is not an active hash operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED @@ -1152,9 +1152,9 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_BAD_STATE - * \p source_operation is not an active hash operation. + * The \p source_operation state is not valid (it must be active). * \retval #PSA_ERROR_BAD_STATE - * \p target_operation is active. + * The \p target_operation state is not valid (it must be inactive). * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED From 9f208cc8c24a6dc3b1e861a6d3c1bd97dc444c83 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 11 Sep 2019 23:04:42 +0100 Subject: [PATCH 1813/2197] Update documentation for multipart mac operations --- include/psa/crypto.h | 54 +++++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 26 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d3ba75e75..0ec67d7fc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1318,7 +1318,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * -# Allocate an operation object which will be passed to all the functions * listed here. * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT. + * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. * -# Call psa_mac_sign_setup() to specify the algorithm and key. * -# Call psa_mac_update() zero, one or more times, passing a fragment * of the message each time. The MAC that is calculated is the MAC @@ -1326,13 +1326,15 @@ static psa_mac_operation_t psa_mac_operation_init(void); * -# At the end of the message, call psa_mac_sign_finish() to finish * calculating the MAC value and retrieve it. * - * The application may call psa_mac_abort() at any time after the operation + * If an error occurs at any step after a call to psa_mac_sign_setup(), the + * operation will need to be reset by a call to psa_mac_abort(). The + * application may call psa_mac_abort() at any time after the operation * has been initialized. * * After a successful call to psa_mac_sign_setup(), the application must * eventually terminate the operation through one of the following methods: - * - A failed call to psa_mac_update(). - * - A call to psa_mac_sign_finish() or psa_mac_abort(). + * - A successful call to psa_mac_sign_finish(). + * - A call to psa_mac_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -1358,8 +1360,7 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1378,7 +1379,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * -# Allocate an operation object which will be passed to all the functions * listed here. * -# Initialize the operation object with one of the methods described in the - * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT. + * documentation for #psa_mac_operation_t, e.g. #PSA_MAC_OPERATION_INIT. * -# Call psa_mac_verify_setup() to specify the algorithm and key. * -# Call psa_mac_update() zero, one or more times, passing a fragment * of the message each time. The MAC that is calculated is the MAC @@ -1387,13 +1388,15 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * calculating the actual MAC of the message and verify it against * the expected value. * - * The application may call psa_mac_abort() at any time after the operation + * If an error occurs at any step after a call to psa_mac_verify_setup(), the + * operation will need to be reset by a call to psa_mac_abort(). The + * application may call psa_mac_abort() at any time after the operation * has been initialized. * * After a successful call to psa_mac_verify_setup(), the application must * eventually terminate the operation through one of the following methods: - * - A failed call to psa_mac_update(). - * - A call to psa_mac_verify_finish() or psa_mac_abort(). + * - A successful call to psa_mac_verify_finish(). + * - A call to psa_mac_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -1419,8 +1422,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1435,7 +1437,8 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * The application must call psa_mac_sign_setup() or psa_mac_verify_setup() * before calling this function. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). * * \param[in,out] operation Active MAC operation. * \param[in] input Buffer containing the message fragment to add to @@ -1445,7 +1448,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or already completed). + * The operation state is not valid (it must be active). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1466,7 +1469,9 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * This function calculates the MAC of the message formed by concatenating * the inputs passed to preceding calls to psa_mac_update(). * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). * * \warning Applications should not call this function if they expect * a specific value for the MAC. Call psa_mac_verify_finish() instead. @@ -1489,7 +1494,8 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or already completed). + * The operation state is not valid (it must be an active mac sign + * operation). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). @@ -1517,7 +1523,9 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * compares the calculated MAC with the expected MAC passed as a * parameter to this function. * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_mac_abort(). * * \note Implementations shall make the best effort to ensure that the * comparison between the actual MAC and the expected MAC is performed @@ -1533,7 +1541,8 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * The MAC of the message was calculated successfully, but it * differs from the expected MAC. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or already completed). + * The operation state is not valid (it must be an active mac verify + * operation). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1556,12 +1565,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * psa_mac_sign_setup() or psa_mac_verify_setup() again. * * You may call this function any time after the operation object has - * been initialized by any of the following methods: - * - A call to psa_mac_sign_setup() or psa_mac_verify_setup(), whether - * it succeeds or not. - * - Initializing the \c struct to all-bits-zero. - * - Initializing the \c struct to logical zeros, e.g. - * `psa_mac_operation_t operation = {0}`. + * been initialized by one of the methods described in #psa_mac_operation_t. * * In particular, calling psa_mac_abort() after the operation has been * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or @@ -1570,8 +1574,6 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * \param[in,out] operation Initialized MAC operation. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE - * \p operation is not an active MAC operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED From db6f44f875dbdc19a16aaaba3a504c2ee53702e2 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 11 Sep 2019 23:33:30 +0100 Subject: [PATCH 1814/2197] Update documentation for multipart cipher operations --- include/psa/crypto.h | 64 +++++++++++++++++++++++--------------------- 1 file changed, 33 insertions(+), 31 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 0ec67d7fc..bf7fd18fa 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1593,7 +1593,8 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); /** Encrypt a message using a symmetric cipher. * * This function encrypts a message with a random IV (initialization - * vector). + * vector). Use the multipart #psa_cipher_operation_t object to provide + * other foms of IV. * * \param handle Handle to the key to use for the operation. * It must remain valid until the operation @@ -1737,7 +1738,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * listed here. * -# Initialize the operation object with one of the methods described in the * documentation for #psa_cipher_operation_t, e.g. - * PSA_CIPHER_OPERATION_INIT. + * #PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key. * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to * generate or set the IV (initialization vector). You should use @@ -1747,14 +1748,16 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * of the message each time. * -# Call psa_cipher_finish(). * - * The application may call psa_cipher_abort() at any time after the operation + * If an error occurs at any step after a call to psa_cipher_encrypt_setup(), + * the operation will need to be reset by a call to psa_cipher_abort(). The + * application may call psa_cipher_abort() at any time after the operation * has been initialized. * * After a successful call to psa_cipher_encrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to any of the \c psa_cipher_xxx functions. - * - A call to psa_cipher_finish() or psa_cipher_abort(). + * - A successful call to psa_cipher_finish(). + * - A call to psa_cipher_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -1780,8 +1783,7 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1799,7 +1801,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * listed here. * -# Initialize the operation object with one of the methods described in the * documentation for #psa_cipher_operation_t, e.g. - * PSA_CIPHER_OPERATION_INIT. + * #PSA_CIPHER_OPERATION_INIT. * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key. * -# Call psa_cipher_set_iv() with the IV (initialization vector) for the * decryption. If the IV is prepended to the ciphertext, you can call @@ -1809,14 +1811,16 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * of the message each time. * -# Call psa_cipher_finish(). * - * The application may call psa_cipher_abort() at any time after the operation + * If an error occurs at any step after a call to psa_cipher_decrypt_setup(), + * the operation will need to be reset by a call to psa_cipher_abort(). The + * application may call psa_cipher_abort() at any time after the operation * has been initialized. * * After a successful call to psa_cipher_decrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to any of the \c psa_cipher_xxx functions. - * - A call to psa_cipher_finish() or psa_cipher_abort(). + * - A successful call to psa_cipher_finish(). + * - A call to psa_cipher_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -1842,8 +1846,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1862,7 +1865,8 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * The application must call psa_cipher_encrypt_setup() before * calling this function. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). * * \param[in,out] operation Active cipher operation. * \param[out] iv Buffer where the generated IV is to be written. @@ -1873,7 +1877,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or IV already set). + * The operation state is not valid (it must be active, with no IV set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p iv buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1899,7 +1903,8 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * The application must call psa_cipher_encrypt_setup() before * calling this function. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). * * \note When encrypting, applications should use psa_cipher_generate_iv() * instead of this function, unless implementing a protocol that requires @@ -1912,7 +1917,8 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or IV already set). + * The operation state is not valid (it must be an active cipher + * encrypt operation, with no IV set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. @@ -1939,7 +1945,8 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * 2. If the algorithm requires an IV, call psa_cipher_generate_iv() * (recommended when encrypting) or psa_cipher_set_iv(). * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). * * \param[in,out] operation Active cipher operation. * \param[in] input Buffer containing the message fragment to @@ -1953,8 +1960,8 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, IV required but - * not set, or already completed). + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1985,7 +1992,9 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * formed by concatenating the inputs passed to preceding calls to * psa_cipher_update(). * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_cipher_abort(). * * \param[in,out] operation Active cipher operation. * \param[out] output Buffer where the output is to be written. @@ -2004,8 +2013,8 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * This is a decryption operation for an algorithm that includes * padding, and the ciphertext does not contain valid padding. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, IV required but - * not set, or already completed). + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2031,12 +2040,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again. * * You may call this function any time after the operation object has - * been initialized by any of the following methods: - * - A call to psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(), - * whether it succeeds or not. - * - Initializing the \c struct to all-bits-zero. - * - Initializing the \c struct to logical zeros, e.g. - * `psa_cipher_operation_t operation = {0}`. + * been initialized as described in #psa_cipher_operation_t. * * In particular, calling psa_cipher_abort() after the operation has been * terminated by a call to psa_cipher_abort() or psa_cipher_finish() @@ -2045,8 +2049,6 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * \param[in,out] operation Initialized cipher operation. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE - * \p operation is not an active cipher operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED From 414415a45707dd49b7e30cb163516483a348a8a6 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Thu, 12 Sep 2019 00:02:45 +0100 Subject: [PATCH 1815/2197] Update documentation for multipart aead operations --- include/psa/crypto.h | 92 ++++++++++++++++++++++++-------------------- 1 file changed, 50 insertions(+), 42 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index bf7fd18fa..f677afe60 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2239,7 +2239,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * listed here. * -# Initialize the operation object with one of the methods described in the * documentation for #psa_aead_operation_t, e.g. - * PSA_AEAD_OPERATION_INIT. + * #PSA_AEAD_OPERATION_INIT. * -# Call psa_aead_encrypt_setup() to specify the algorithm and key. * -# If needed, call psa_aead_set_lengths() to specify the length of the * inputs to the subsequent calls to psa_aead_update_ad() and @@ -2255,14 +2255,16 @@ static psa_aead_operation_t psa_aead_operation_init(void); * of the message to encrypt each time. * -# Call psa_aead_finish(). * - * The application may call psa_aead_abort() at any time after the operation + * If an error occurs at any step after a call to psa_aead_encrypt_setup(), + * the operation will need to be reset by a call to psa_aead_abort(). The + * application may call psa_aead_abort() at any time after the operation * has been initialized. * * After a successful call to psa_aead_encrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to any of the \c psa_aead_xxx functions. - * - A call to psa_aead_finish(), psa_aead_verify() or psa_aead_abort(). + * - A successful call to psa_aead_finish(). + * - A call to psa_aead_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -2277,8 +2279,7 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2307,7 +2308,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * listed here. * -# Initialize the operation object with one of the methods described in the * documentation for #psa_aead_operation_t, e.g. - * PSA_AEAD_OPERATION_INIT. + * #PSA_AEAD_OPERATION_INIT. * -# Call psa_aead_decrypt_setup() to specify the algorithm and key. * -# If needed, call psa_aead_set_lengths() to specify the length of the * inputs to the subsequent calls to psa_aead_update_ad() and @@ -2320,14 +2321,16 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * of the ciphertext to decrypt each time. * -# Call psa_aead_verify(). * - * The application may call psa_aead_abort() at any time after the operation + * If an error occurs at any step after a call to psa_aead_decrypt_setup(), + * the operation will need to be reset by a call to psa_aead_abort(). The + * application may call psa_aead_abort() at any time after the operation * has been initialized. * * After a successful call to psa_aead_decrypt_setup(), the application must * eventually terminate the operation. The following events terminate an * operation: - * - A failed call to any of the \c psa_aead_xxx functions. - * - A call to psa_aead_finish(), psa_aead_verify() or psa_aead_abort(). + * - A successful call to psa_aead_verify(). + * - A call to psa_aead_abort(). * * \param[in,out] operation The operation object to set up. It must have * been initialized as per the documentation for @@ -2342,8 +2345,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (already set up and not - * subsequently completed). + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -2373,7 +2375,8 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * The application must call psa_aead_encrypt_setup() before * calling this function. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). * * \param[in,out] operation Active AEAD operation. * \param[out] nonce Buffer where the generated nonce is to be @@ -2385,7 +2388,8 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or nonce already set). + * The operation state is not valid (it must be an active aead encrypt + operation, with no nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p nonce buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2408,10 +2412,11 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * This function sets the nonce for the authenticated * encryption or decryption operation. * - * The application must call psa_aead_encrypt_setup() before - * calling this function. + * The application must call psa_aead_encrypt_setup() or + * psa_aead_decrypt_setup() before calling this function. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). * * \note When encrypting, applications should use psa_aead_generate_nonce() * instead of this function, unless implementing a protocol that requires @@ -2424,7 +2429,8 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, or nonce already set). + * The operation state is not valid (it must be active, with no nonce + * set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p nonce is not acceptable for the chosen algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -2457,6 +2463,9 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * this function is not required. * - For vendor-defined algorithm, refer to the vendor documentation. * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). + * * \param[in,out] operation Active AEAD operation. * \param ad_length Size of the non-encrypted additional * authenticated data in bytes. @@ -2465,8 +2474,8 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, already completed, - * or psa_aead_update_ad() or psa_aead_update() already called). + * The operation state is not valid (it must be active, but before + * psa_aead_update_ad() or psa_aead_update() are called). * \retval #PSA_ERROR_INVALID_ARGUMENT * At least one of the lengths is not acceptable for the chosen * algorithm. @@ -2495,7 +2504,8 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * 1. Call either psa_aead_encrypt_setup() or psa_aead_decrypt_setup(). * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). * * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, * there is no guarantee that the input is valid. Therefore, until @@ -2511,8 +2521,8 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, nonce not set, - * psa_aead_update() already called, or operation already completed). + * The operation state is not valid (it must be active and ready to + * receive additional data). * \retval #PSA_ERROR_INVALID_ARGUMENT * The total input length overflows the additional data length that * was previously specified with psa_aead_set_lengths(). @@ -2539,7 +2549,8 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * 2. Set the nonce with psa_aead_generate_nonce() or psa_aead_set_nonce(). * 3. Call psa_aead_update_ad() to pass all the additional data. * - * If this function returns an error status, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). * * \warning When decrypting, until psa_aead_verify() has returned #PSA_SUCCESS, * there is no guarantee that the input is valid. Therefore, until @@ -2579,8 +2590,8 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, nonce not set - * or already completed). + * The operation state is not valid (it must be active and ready to + * recieve message data). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * You can determine a sufficient buffer size by calling @@ -2626,7 +2637,9 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm * that the operation performs. * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). * * \param[in,out] operation Active AEAD operation. * \param[out] ciphertext Buffer where the last part of the ciphertext @@ -2650,8 +2663,8 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, nonce not set, - * decryption, or already completed). + * The operation state is not valid (it must be an active aead encrypt + * operation, with all data provided). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p ciphertext or \p tag buffer is too small. * You can determine a sufficient buffer size for \p ciphertext by @@ -2694,7 +2707,9 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * psa_aead_update_ad() with the ciphertext formed by concatenating the * inputs passed to preceding calls to psa_aead_update(). * - * When this function returns, the operation becomes inactive. + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_aead_abort(). * * \param[in,out] operation Active AEAD operation. * \param[out] plaintext Buffer where the last part of the plaintext @@ -2715,8 +2730,8 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not set up, nonce not set, - * encryption, or already completed). + * The operation state is not valid (it must be an active aead decrypt + * operation, with all data provided). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p plaintext buffer is too small. * You can determine a sufficient buffer size for \p plaintext by @@ -2755,22 +2770,15 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * psa_aead_encrypt_setup() or psa_aead_decrypt_setup() again. * * You may call this function any time after the operation object has - * been initialized by any of the following methods: - * - A call to psa_aead_encrypt_setup() or psa_aead_decrypt_setup(), - * whether it succeeds or not. - * - Initializing the \c struct to all-bits-zero. - * - Initializing the \c struct to logical zeros, e.g. - * `psa_aead_operation_t operation = {0}`. + * been initialized as described in #psa_aead_operation_t. * * In particular, calling psa_aead_abort() after the operation has been - * terminated by a call to psa_aead_abort() or psa_aead_finish() - * is safe and has no effect. + * terminated by a call to psa_aead_abort(), psa_aead_finish() or + * psa_aead_verify() is safe and has no effect. * * \param[in,out] operation Initialized AEAD operation. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE - * \p operation is not an active AEAD operation. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED From beb97ba0663d05a3cc946cb877f4ed6c6864e0d9 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Fri, 13 Sep 2019 15:27:46 +0100 Subject: [PATCH 1816/2197] Update documentation for multipart key derivation operations --- include/psa/crypto.h | 90 +++++++++++++++++++++++++++----------------- 1 file changed, 56 insertions(+), 34 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index f677afe60..d2788caab 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3071,23 +3071,29 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * cryptographic material. * * To derive a key: - * - Start with an initialized object of type #psa_key_derivation_operation_t. - * - Call psa_key_derivation_setup() to select the algorithm. - * - Provide the inputs for the key derivation by calling - * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() - * as appropriate. Which inputs are needed, in what order, and whether - * they may be keys and if so of what type depends on the algorithm. - * - Optionally set the operation's maximum capacity with - * psa_key_derivation_set_capacity(). You may do this before, in the middle - * of or after providing inputs. For some algorithms, this step is mandatory - * because the output depends on the maximum capacity. - * - To derive a key, call psa_key_derivation_output_key(). - * To derive a byte string for a different purpose, call - * - psa_key_derivation_output_bytes(). - * Successive calls to these functions use successive output bytes - * calculated by the key derivation algorithm. - * - Clean up the key derivation operation object with - * psa_key_derivation_abort(). + * -# Start with an initialized object of type #psa_key_derivation_operation_t. + * -# Call psa_key_derivation_setup() to select the algorithm. + * -# Provide the inputs for the key derivation by calling + * psa_key_derivation_input_bytes() or psa_key_derivation_input_key() + * as appropriate. Which inputs are needed, in what order, and whether + * they may be keys and if so of what type depends on the algorithm. + * -# Optionally set the operation's maximum capacity with + * psa_key_derivation_set_capacity(). You may do this before, in the middle + * of or after providing inputs. For some algorithms, this step is mandatory + * because the output depends on the maximum capacity. + * -# To derive a key, call psa_key_derivation_output_key(). + * To derive a byte string for a different purpose, call + * psa_key_derivation_output_bytes(). + * Successive calls to these functions use successive output bytes + * calculated by the key derivation algorithm. + * -# Clean up the key derivation operation object with + * psa_key_derivation_abort(). + * + * If this function returns an error, the key derivation operation object is + * not changed. + * + * If an error occurs at any step after a call to psa_key_derivation_setup(), + * the operation will need to be reset by a call to psa_key_derivation_abort(). * * \param[in,out] operation The key derivation operation object * to set up. It must @@ -3108,7 +3114,7 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE - * The operation state is either not initialized or has already been setup. + * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3130,7 +3136,7 @@ psa_status_t psa_key_derivation_setup( * \retval #PSA_SUCCESS * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. + * The operation state is not valid (it must be active). * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE @@ -3158,7 +3164,7 @@ psa_status_t psa_key_derivation_get_capacity( * In this case, the operation object remains valid and its capacity * remains unchanged. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid. + * The operation state is not valid (it must be active). * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED @@ -3190,6 +3196,9 @@ psa_status_t psa_key_derivation_set_capacity( * using psa_key_derivation_input_key() instead of this function. Refer to * the documentation of individual step types for information. * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * * \param[in,out] operation The key derivation operation object to use. * It must have been set up with * psa_key_derivation_setup() and must not @@ -3210,7 +3219,7 @@ psa_status_t psa_key_derivation_set_capacity( * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid given the state of \p operation. + * The operation state is not valid for this input \p step. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3233,6 +3242,9 @@ psa_status_t psa_key_derivation_input_bytes( * passed as direct inputs using psa_key_derivation_input_bytes(). Refer to * the documentation of individual step types for information. * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * * \param[in,out] operation The key derivation operation object to use. * It must have been set up with * psa_key_derivation_setup() and must not @@ -3256,7 +3268,7 @@ psa_status_t psa_key_derivation_input_bytes( * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid given the state of \p operation. + * The operation state is not valid for this input \p step. * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3276,6 +3288,9 @@ psa_status_t psa_key_derivation_input_key( * The output of this key derivation can be extracted by reading from the * resulting operation to produce keys and other cryptographic material. * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * * \param[in,out] operation The key derivation operation object to use. * It must have been set up with * psa_key_derivation_setup() with a @@ -3307,8 +3322,7 @@ psa_status_t psa_key_derivation_input_key( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The value of \p step is not valid for a key agreement given the - * state of \p operation. + * The operation state is not valid for this key agreement \p step. * \retval #PSA_ERROR_INVALID_HANDLE * \retval #PSA_ERROR_NOT_PERMITTED * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -3343,7 +3357,10 @@ psa_status_t psa_key_derivation_key_agreement( * stream. * The operation's capacity decreases by the number of bytes read. * - * \param[in,out] operation The key derivation operation object to read from. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * +* \param[in,out] operation The key derivation operation object to read from. * \param[out] output Buffer where the output will be written. * \param output_length Number of bytes to output. * @@ -3356,6 +3373,8 @@ psa_status_t psa_key_derivation_key_agreement( * subsequent calls to this function will not * succeed, even with a smaller output buffer. * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active and completed + * all required input steps). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -3380,6 +3399,9 @@ psa_status_t psa_key_derivation_output_bytes( * stream. * The operation's capacity decreases by the number of bytes read. * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling psa_key_derivation_abort(). + * * How much output is produced and consumed from the operation, and how * the key is derived, depends on the key type: * @@ -3477,6 +3499,8 @@ psa_status_t psa_key_derivation_output_bytes( * \retval #PSA_ERROR_INVALID_ARGUMENT * The provided key attributes are not valid for the operation. * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active and completed + * all required input steps). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_COMMUNICATION_FAILURE @@ -3496,21 +3520,19 @@ psa_status_t psa_key_derivation_output_key( /** Abort a key derivation operation. * * Once a key derivation operation has been aborted, its capacity is zero. - * Aborting an operation frees all associated resources except for the - * \c operation structure itself. + * Aborting an operation frees all associated resources except for the \c + * operation structure itself. Once aborted, the operation object can be reused + * for another operation by calling psa_key_derivation_setup() again. * - * This function may be called at any time as long as the operation - * object has been initialized to #PSA_KEY_DERIVATION_OPERATION_INIT, to - * psa_key_derivation_operation_init() or a zero value. In particular, - * it is valid to call psa_key_derivation_abort() twice, or to call - * psa_key_derivation_abort() on an operation that has not been set up. + * This function may be called at any time after the operation + * object has been initialized as described in #psa_key_derivation_operation_t. * - * Once aborted, the key derivation operation object may be called. + * In particular, it is valid to call psa_key_derivation_abort() twice, or to + * call psa_key_derivation_abort() on an operation that has not been set up. * * \param[in,out] operation The operation to abort. * * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED From 4104afb7708785ee8950a65d82eabf009f44e069 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 18 Sep 2019 17:47:25 +0100 Subject: [PATCH 1817/2197] Clarify valid state descriptions --- include/psa/crypto.h | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d2788caab..bce8e2be4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1593,8 +1593,8 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); /** Encrypt a message using a symmetric cipher. * * This function encrypts a message with a random IV (initialization - * vector). Use the multipart #psa_cipher_operation_t object to provide - * other foms of IV. + * vector). Use the multipart operation interface with a + * #psa_cipher_operation_t object to provide other forms of IV. * * \param handle Handle to the key to use for the operation. * It must remain valid until the operation @@ -2474,8 +2474,9 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, but before - * psa_aead_update_ad() or psa_aead_update() are called). + * The operation state is not valid (it must be active, and + * psa_aead_update_ad() and psa_aead_update() must not have been + * called yet). * \retval #PSA_ERROR_INVALID_ARGUMENT * At least one of the lengths is not acceptable for the chosen * algorithm. @@ -2521,8 +2522,9 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active and ready to - * receive additional data). + * The operation state is not valid (it must be active, have a nonce + * set, have lengths set if required by the algorithm, and + * psa_aead_update() must not have been called yet). * \retval #PSA_ERROR_INVALID_ARGUMENT * The total input length overflows the additional data length that * was previously specified with psa_aead_set_lengths(). @@ -2590,8 +2592,8 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active and ready to - * recieve message data). + * The operation state is not valid (it must be active, have a nonce + * set, and have lengths set if required by the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * You can determine a sufficient buffer size by calling @@ -2663,8 +2665,8 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active aead encrypt - * operation, with all data provided). + * The operation state is not valid (it must be an active encryption + * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p ciphertext or \p tag buffer is too small. * You can determine a sufficient buffer size for \p ciphertext by @@ -2730,8 +2732,8 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active aead decrypt - * operation, with all data provided). + * The operation state is not valid (it must be an active decryption + * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p plaintext buffer is too small. * You can determine a sufficient buffer size for \p plaintext by From 51514f57e914db438b48575edf4797c9e169f0bd Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 18 Sep 2019 17:50:01 +0100 Subject: [PATCH 1818/2197] Resolve inconsistent descipriton of operation state after exhausting a key derivation operation --- include/psa/crypto.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index bce8e2be4..f0ad9b267 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3359,10 +3359,11 @@ psa_status_t psa_key_derivation_key_agreement( * stream. * The operation's capacity decreases by the number of bytes read. * - * If this function returns an error status, the operation enters an error + * If this function returns an error status other than + * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error * state and must be aborted by calling psa_key_derivation_abort(). * -* \param[in,out] operation The key derivation operation object to read from. + * \param[in,out] operation The key derivation operation object to read from. * \param[out] output Buffer where the output will be written. * \param output_length Number of bytes to output. * @@ -3401,7 +3402,8 @@ psa_status_t psa_key_derivation_output_bytes( * stream. * The operation's capacity decreases by the number of bytes read. * - * If this function returns an error status, the operation enters an error + * If this function returns an error status other than + * #PSA_ERROR_INSUFFICIENT_DATA, the operation enters an error * state and must be aborted by calling psa_key_derivation_abort(). * * How much output is produced and consumed from the operation, and how @@ -3521,7 +3523,6 @@ psa_status_t psa_key_derivation_output_key( /** Abort a key derivation operation. * - * Once a key derivation operation has been aborted, its capacity is zero. * Aborting an operation frees all associated resources except for the \c * operation structure itself. Once aborted, the operation object can be reused * for another operation by calling psa_key_derivation_setup() again. From d89338ac470dbee720cc23bd5b32d4a0b4caf8c6 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 19 Sep 2019 13:32:57 +0100 Subject: [PATCH 1819/2197] Add API versioning --- include/psa/crypto.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 89392da67..cf2c1ef31 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -57,6 +57,22 @@ extern "C" { * algorithms, key types, policies, etc. */ #include "crypto_types.h" +/** \defgroup API version + * @{ + */ + +/** + * The major version of this implementation of the PSA Crypto API + */ +#define PSA_CRYPTO_API_VERSION_MAJOR 1 + +/** + * The minor version of this implementation of the PSA Crypto API + */ +#define PSA_CRYPTO_API_VERSION_MINOR 0 + +/**@}*/ + /* The file "crypto_values.h" declares macros to build and analyze values * of integral types defined in "crypto_types.h". */ #include "crypto_values.h" From 429fff487a0da3fcc7cff998d6f41edc16865ed7 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 19 Sep 2019 14:03:49 +0100 Subject: [PATCH 1820/2197] Remove whitespace --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cf2c1ef31..7643a13e5 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -57,7 +57,7 @@ extern "C" { * algorithms, key types, policies, etc. */ #include "crypto_types.h" -/** \defgroup API version +/** \defgroup API version * @{ */ From 95758f8d61942a4301ddd9ae62987a0660a0191f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 16 Sep 2019 19:38:52 +0200 Subject: [PATCH 1821/2197] *.data: remove semicolons from test case descriptions Don't use semicolons in test case descriptions. The test outcome file is a semicolon-separated CSV file without quotes to keep things simple, so fields in that file may not contain semicolons. --- .../test_suite_psa_crypto_slot_management.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 233b16698..6fa872312 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -37,27 +37,27 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0: Persistent slot, check after restart, id=max persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN -Persistent slot: ECP keypair (ECDSA, exportable); close +Persistent slot: ECP keypair (ECDSA, exportable), close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE -Persistent slot: ECP keypair (ECDSA, exportable); close+restart +Persistent slot: ECP keypair (ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN -Persistent slot: ECP keypair (ECDSA, exportable); restart +Persistent slot: ECP keypair (ECDSA, exportable), restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN -Persistent slot: ECP keypair (ECDH+ECDSA, exportable); close +Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE -Persistent slot: ECP keypair (ECDH+ECDSA, exportable); close+restart +Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN -Persistent slot: ECP keypair (ECDH+ECDSA, exportable); restart +Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN From e07960cf4027906725c13b0a29bf42747752949d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 20:46:49 +0200 Subject: [PATCH 1822/2197] aria: Remove duplicate test cases No data seems to be missing, just some duplicated cases, perhaps due to naming inconsistencies "ECB_Xxcrypt" vs "ECB Xxcrypt" which I also fixed. --- tests/suites/test_suite_aria.data | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/tests/suites/test_suite_aria.data b/tests/suites/test_suite_aria.data index 2da0b30c2..8848978e2 100644 --- a/tests/suites/test_suite_aria.data +++ b/tests/suites/test_suite_aria.data @@ -16,18 +16,9 @@ aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f1011121314151617":"00112233445 ARIA-192-ECB Decrypt - RFC 5794 aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f1011121314151617":"26449c1805dbe7aa25a468ce263a9e79":"00112233445566778899aabbccddeeff":0 -ARIA-256-ECB_Encrypt - RFC 5794 +ARIA-256-ECB Encrypt - RFC 5794 aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc":0 -ARIA-256-ECB_Decrypt - RFC 5794 -aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"f92bd7c79fb72e2f2b8f80c1972d24fc":"00112233445566778899aabbccddeeff":0 - -ARIA-128-ECB Decrypt - RFC 5794 -aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"d718fbd6ab644c739da95f3be6451778":"00112233445566778899aabbccddeeff":0 - -ARIA-192-ECB Decrypt - RFC 5794 -aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f1011121314151617":"26449c1805dbe7aa25a468ce263a9e79":"00112233445566778899aabbccddeeff":0 - ARIA-256-ECB Decrypt - RFC 5794 aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"f92bd7c79fb72e2f2b8f80c1972d24fc":"00112233445566778899aabbccddeeff":0 From bfcb69cd5c510719667e0824b76a0beecc4321c4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 20:48:21 +0200 Subject: [PATCH 1823/2197] blowfish: Fix encrypt test case that should have been decrypt Test vector #15 was encrypted twice. Decrypt it the second time. --- tests/suites/test_suite_blowfish.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_blowfish.data b/tests/suites/test_suite_blowfish.data index fd172d3b2..85ab35de2 100644 --- a/tests/suites/test_suite_blowfish.data +++ b/tests/suites/test_suite_blowfish.data @@ -148,8 +148,8 @@ blowfish_decrypt_ecb:"04b915ba43feb5b6":"353882b109ce8f1a":"42fd443059577fa2":0 BLOWFISH-ECB Decrypt SSLeay reference #14 blowfish_decrypt_ecb:"0113b970fd34f2ce":"48f4d0884c379918":"059b5e0851cf143a":0 -BLOWFISH-ECB Encrypt SSLeay reference #15 -blowfish_encrypt_ecb:"0170f175468fb5e6":"0756d8e0774761d2":"432193b78951fc98":0 +BLOWFISH-ECB Decrypt SSLeay reference #15 +blowfish_decrypt_ecb:"0170f175468fb5e6":"432193b78951fc98":"0756d8e0774761d2":0 BLOWFISH-ECB Decrypt SSLeay reference #16 blowfish_decrypt_ecb:"43297fad38e373fe":"13f04154d69d1ae5":"762514b829bf486a":0 From c5dce20b4e2eaecc163fc29f34341025eb52ad63 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 20:49:16 +0200 Subject: [PATCH 1824/2197] cipher.nist_kw: Fix duplicate test case There are two test vectors in RFC 5649. There was only one in our test suite, run twice. Put the second test vector instead of repeating the first. --- tests/suites/test_suite_cipher.nist_kw.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_cipher.nist_kw.data b/tests/suites/test_suite_cipher.nist_kw.data index 820189159..9fec97615 100644 --- a/tests/suites/test_suite_cipher.nist_kw.data +++ b/tests/suites/test_suite_cipher.nist_kw.data @@ -22,13 +22,13 @@ KW AES-256 wrap rfc 3394 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"":"":"64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7":"":"":"00112233445566778899AABBCCDDEEFF":0 -KWP AES-192 RFC 5649 +KWP AES-192 RFC 5649 #1 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8"::"":"":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a":"":"":"c37b7e6492584340bed12207808941155068f738":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"":"":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a":"":"":"c37b7e6492584340bed12207808941155068f738":0 -KWP AES-192 RFC 5649 +KWP AES-192 RFC 5649 #2 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8"::"":"":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a":"":"":"c37b7e6492584340bed12207808941155068f738":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"":"":"afbeb0f07dfbf5419200f2ccb50bb24f":"":"":"466f7250617369":0 KWP AES-128 1 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C From f3eddd68bbb45a2ae41b6d44ac5145da3a356622 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 20:57:23 +0200 Subject: [PATCH 1825/2197] pkcs1_v21: Fix copypasta in test case There should have been a good-saltlen test case and a bad-saltlen test case for both sizes 522 and 528, but the 522-bad-saltlen test case was missing and the 528-good-saltlen test case was repeated. Fix this. --- tests/suites/test_suite_pkcs1_v21.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v21.data b/tests/suites/test_suite_pkcs1_v21.data index 012867c0f..2dde5e97c 100644 --- a/tests/suites/test_suite_pkcs1_v21.data +++ b/tests/suites/test_suite_pkcs1_v21.data @@ -816,9 +816,9 @@ RSASSA-PSS verify ext, 522-bit key, SHA-512, empty salt, good signature depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_verify_ext:522:16:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:0 -RSASSA-PSS verify ext, 528-bit key, SHA-512, saltlen=64, good signature with saltlen=0 +RSASSA-PSS verify ext, 522-bit key, SHA-512, saltlen=64, good signature with saltlen=0 depends_on:MBEDTLS_SHA512_C -pkcs1_rsassa_pss_verify_ext:528:16:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_rsassa_pss_verify_ext:522:16:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":16:"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS verify ext, 528-bit key, SHA-512, empty salt, good signature depends_on:MBEDTLS_SHA512_C From 52c7d998af039a5ed95339ef97208cbf9d1c9cd4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 20:59:15 +0200 Subject: [PATCH 1826/2197] psa_crypto_se_driver_hal: Fix copypasta in test cases Before: say CCM twice, do GCM twice. After: say CCM and do CCM, then say GCM and do GCM. --- tests/suites/test_suite_psa_crypto_se_driver_hal.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 5819f785b..53e3fc5b8 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -79,9 +79,9 @@ Key import smoke test: CAMELLIA-CMAC import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" Key import smoke test: CAMELLIA-CCM -import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_CCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -Key import smoke test: CAMELLIA-CCM +Key import smoke test: CAMELLIA-GCM import_key_smoke:PSA_KEY_TYPE_CAMELLIA:PSA_ALG_GCM:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" Key import smoke test: HMAC-SHA-256 From d17cf9d0c49ff061ebcb4d011d307763eabf34ae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 21:16:30 +0200 Subject: [PATCH 1827/2197] psa_crypto: Remove duplicate test case Nothing seems to be missing in its stead. --- tests/suites/test_suite_psa_crypto.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 58b7eabf1..83b765c33 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2174,10 +2174,6 @@ PSA raw key agreement: ECDH SECP256R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" -PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" - PSA raw key agreement: ECDH SECP384R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" From d9be186a390e1fd0e7b6bd6c28a3f32fe5119c69 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 21:16:54 +0200 Subject: [PATCH 1828/2197] psa_crypto: Fix OAEP test There's a SHA256 test without a label and one with a label, so do the same for SHA384. --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 83b765c33..befd8f6e6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1668,9 +1668,9 @@ PSA encrypt: RSA OAEP-SHA-384, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS -PSA encrypt: RSA OAEP-SHA-384, good +PSA encrypt: RSA OAEP-SHA-384, good, with label depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C -asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS +asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 From 44393c81aab3addf087c79098ce9b4fffec8c0f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 21:17:33 +0200 Subject: [PATCH 1829/2197] psa_crypto: Add an ECDH+HKDF test with longer output A test case for 32+0 was present three times, evidently overeager copy-paste. Replace the duplicates by test cases that read more than 32 bytes, which exercises HKDF a little more (32 bytes is significant because HKDF-SHA-256 produces output in blocks of 32 bytes). I obtained the test data by running our implementation, because we're confident in our implementation now thanks to other test cases: this data is useful as a non-regression test. --- tests/suites/test_suite_psa_crypto.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index befd8f6e6..a80e3e4d9 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2214,13 +2214,13 @@ PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" -PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992" -PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 +PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":"" PSA generate random: 0 bytes generate_random:0 From efa2ac879d39bb834c8667bd377f1ab12cfd6136 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 21:20:26 +0200 Subject: [PATCH 1830/2197] Uniquify test case descriptions Make check-test-cases.py pass. Prior to this commit, there were many repeated test descriptions, but none with the same test data and dependencies and comments, as checked with the following command: for x in tests/suites/*.data; do perl -00 -ne 'warn "$ARGV: $. = $seen{$_}\n" if $seen{$_}; $seen{$_}=$.' $x; done Wherever a test suite contains multiple test cases with the exact same description, add " [#1]", " [#2]", etc. to make the descriptions unique. We don't currently use this particular arrangement of punctuation, so all occurrences of " [#" were added by this script. I used the following ad hoc code: import sys def fix_test_suite(data_file_name): in_paragraph = False total = {} index = {} lines = None with open(data_file_name) as data_file: lines = list(data_file.readlines()) for line in lines: if line == '\n': in_paragraph = False continue if line.startswith('#'): continue if not in_paragraph: # This is a test case description line. total[line] = total.get(line, 0) + 1 index[line] = 0 in_paragraph = True with open(data_file_name, 'w') as data_file: for line in lines: if line in total and total[line] > 1: index[line] += 1 line = '%s [#%d]\n' % (line[:-1], index[line]) data_file.write(line) for data_file_name in sys.argv[1:]: fix_test_suite(data_file_name) --- tests/suites/test_suite_blowfish.data | 8 +- tests/suites/test_suite_camellia.data | 12 +- tests/suites/test_suite_cipher.arc4.data | 10 +- tests/suites/test_suite_cipher.blowfish.data | 168 +- tests/suites/test_suite_cipher.camellia.data | 272 +-- tests/suites/test_suite_cipher.des.data | 126 +- tests/suites/test_suite_cipher.gcm.data | 2068 ++++++++--------- tests/suites/test_suite_cipher.nist_kw.data | 8 +- tests/suites/test_suite_cipher.null.data | 6 +- tests/suites/test_suite_ctr_drbg.data | 364 +-- tests/suites/test_suite_dhm.data | 4 +- tests/suites/test_suite_ecdsa.data | 100 +- tests/suites/test_suite_ecp.data | 4 +- tests/suites/test_suite_entropy.data | 4 +- tests/suites/test_suite_gcm.aes128_de.data | 336 +-- tests/suites/test_suite_gcm.aes128_en.data | 336 +-- tests/suites/test_suite_gcm.aes192_de.data | 336 +-- tests/suites/test_suite_gcm.aes192_en.data | 336 +-- tests/suites/test_suite_gcm.aes256_de.data | 336 +-- tests/suites/test_suite_gcm.aes256_en.data | 336 +-- tests/suites/test_suite_hmac_drbg.misc.data | 20 +- tests/suites/test_suite_md.data | 8 +- tests/suites/test_suite_mpi.data | 20 +- tests/suites/test_suite_nist_kw.data | 4 +- tests/suites/test_suite_psa_crypto.data | 36 +- .../test_suite_psa_crypto_metadata.data | 8 +- .../test_suite_psa_crypto_persistent_key.data | 4 +- 27 files changed, 2635 insertions(+), 2635 deletions(-) diff --git a/tests/suites/test_suite_blowfish.data b/tests/suites/test_suite_blowfish.data index 85ab35de2..c9639f6e7 100644 --- a/tests/suites/test_suite_blowfish.data +++ b/tests/suites/test_suite_blowfish.data @@ -289,16 +289,16 @@ blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbcc BLOWFISH-SETKEY Setkey 456 bits blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fffff":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -BLOWFISH-CBC Encrypt +BLOWFISH-CBC Encrypt [#1] blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000000000":"6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc":0 -BLOWFISH-CBC Decrypt +BLOWFISH-CBC Decrypt [#1] blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC":"37363534333231204e6f77206973207468652074696d6520666f722000000000":0 -BLOWFISH-CBC Encrypt +BLOWFISH-CBC Encrypt [#2] blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F7220000000":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -BLOWFISH-CBC Decrypt +BLOWFISH-CBC Decrypt [#2] blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC00":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH BLOWFISH-CFB Encrypt diff --git a/tests/suites/test_suite_camellia.data b/tests/suites/test_suite_camellia.data index 671d57002..3d11b8cb0 100644 --- a/tests/suites/test_suite_camellia.data +++ b/tests/suites/test_suite_camellia.data @@ -13,16 +13,16 @@ camellia_encrypt_ecb:"0123456789abcdeffedcba98765432100011223344556677":"0123456 Camellia-256-ECB Encrypt RFC3713 #1 camellia_encrypt_ecb:"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff":"0123456789abcdeffedcba9876543210":"9acc237dff16d76c20ef7c919e3a7509":0 -Camellia-128-ECB Encrypt Perl EVP #1 +Camellia-128-ECB Encrypt Perl EVP #1 [#1] camellia_encrypt_ecb:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"77CF412067AF8270613529149919546F":0 -Camellia-192-ECB Encrypt Perl EVP #1 +Camellia-192-ECB Encrypt Perl EVP #1 [#1] camellia_encrypt_ecb:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"B22F3C36B72D31329EEE8ADDC2906C68":0 -Camellia-256-ECB Encrypt Perl EVP #1 +Camellia-256-ECB Encrypt Perl EVP #1 [#1] camellia_encrypt_ecb:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"2EDF1F3418D53B88841FC8985FB1ECF2":0 -Camellia-128-ECB Encrypt Perl EVP #1 +Camellia-128-ECB Encrypt Perl EVP #1 [#2] camellia_encrypt_ecb:"2B7E151628AED2A6ABF7158809CF4F3C":"6BC1BEE22E409F96E93D7E117393172A":"432FC5DCD628115B7C388D770B270C96":0 Camellia-128-ECB Encrypt Perl EVP #2 @@ -34,7 +34,7 @@ camellia_encrypt_ecb:"2B7E151628AED2A6ABF7158809CF4F3C":"30C81C46A35CE411E5FBC11 Camellia-128-ECB Encrypt Perl EVP #4 camellia_encrypt_ecb:"2B7E151628AED2A6ABF7158809CF4F3C":"F69F2445DF4F9B17AD2B417BE66C3710":"E61925E0D5DFAA9BB29F815B3076E51A":0 -Camellia-192-ECB Encrypt Perl EVP #1 +Camellia-192-ECB Encrypt Perl EVP #1 [#2] camellia_encrypt_ecb:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"6BC1BEE22E409F96E93D7E117393172A":"CCCC6C4E138B45848514D48D0D3439D3":0 Camellia-192-ECB Encrypt Perl EVP #2 @@ -46,7 +46,7 @@ camellia_encrypt_ecb:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"30C81C4 Camellia-192-ECB Encrypt Perl EVP #4 camellia_encrypt_ecb:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"F69F2445DF4F9B17AD2B417BE66C3710":"909DBD95799096748CB27357E73E1D26":0 -Camellia-256-ECB Encrypt Perl EVP #1 +Camellia-256-ECB Encrypt Perl EVP #1 [#2] camellia_encrypt_ecb:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"6BC1BEE22E409F96E93D7E117393172A":"BEFD219B112FA00098919CD101C9CCFA":0 Camellia-256-ECB Encrypt Perl EVP #2 diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data index adeed83c5..7a473739a 100644 --- a/tests/suites/test_suite_cipher.arc4.data +++ b/tests/suites/test_suite_cipher.arc4.data @@ -42,11 +42,11 @@ ARC4 Encrypt and decrypt 31 bytes depends_on:MBEDTLS_ARC4_C enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:31:-1 -ARC4 Encrypt and decrypt 32 bytes +ARC4 Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_ARC4_C enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:32:-1 -ARC4 Encrypt and decrypt 32 bytes +ARC4 Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_ARC4_C enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:33:-1 @@ -90,15 +90,15 @@ ARC4 Encrypt and decrypt 16 bytes in multiple parts 4 depends_on:MBEDTLS_ARC4_C enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:1:-1:15:1:15:1 -ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 +ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_ARC4_C enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:7:-1:15:7:15:7 -ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 +ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_ARC4_C enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:6:-1:16:6:16:6 -ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 +ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_ARC4_C enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:17:6:-1:17:6:17:6 diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data index bbb39343b..a05a4e7b3 100644 --- a/tests/suites/test_suite_cipher.blowfish.data +++ b/tests/suites/test_suite_cipher.blowfish.data @@ -2,63 +2,63 @@ BLOWFISH CBC Decrypt empty buffer depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0 -BLOWFISH Encrypt and decrypt 0 bytes +BLOWFISH Encrypt and decrypt 0 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1 -BLOWFISH Encrypt and decrypt 1 byte +BLOWFISH Encrypt and decrypt 1 byte [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:-1 -BLOWFISH Encrypt and decrypt 2 bytes +BLOWFISH Encrypt and decrypt 2 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:-1 -BLOWFISH Encrypt and decrypt 7 bytes +BLOWFISH Encrypt and decrypt 7 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1 -BLOWFISH Encrypt and decrypt 8 bytes +BLOWFISH Encrypt and decrypt 8 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1 -BLOWFISH Encrypt and decrypt 9 bytes +BLOWFISH Encrypt and decrypt 9 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:-1 -BLOWFISH Encrypt and decrypt 15 bytes +BLOWFISH Encrypt and decrypt 15 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1 -BLOWFISH Encrypt and decrypt 16 bytes +BLOWFISH Encrypt and decrypt 16 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1 -BLOWFISH Encrypt and decrypt 17 bytes +BLOWFISH Encrypt and decrypt 17 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:-1 -BLOWFISH Encrypt and decrypt 31 bytes +BLOWFISH Encrypt and decrypt 31 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1 -BLOWFISH Encrypt and decrypt 32 bytes +BLOWFISH Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1 -BLOWFISH Encrypt and decrypt 32 bytes +BLOWFISH Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:-1 -BLOWFISH Encrypt and decrypt 47 bytes +BLOWFISH Encrypt and decrypt 47 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1 -BLOWFISH Encrypt and decrypt 48 bytes +BLOWFISH Encrypt and decrypt 48 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1 -BLOWFISH Encrypt and decrypt 49 bytes +BLOWFISH Encrypt and decrypt 49 bytes [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1 @@ -102,11 +102,11 @@ BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS -BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding +BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS -BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding +BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS @@ -162,11 +162,11 @@ BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN -BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding +BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN -BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding +BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN @@ -222,11 +222,11 @@ BLOWFISH Encrypt and decrypt 31 bytes with zeros padding depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS -BLOWFISH Encrypt and decrypt 32 bytes with zeros padding +BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS -BLOWFISH Encrypt and decrypt 32 bytes with zeros padding +BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS @@ -302,255 +302,255 @@ BLOWFISH Try encrypting 49 bytes with no padding depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -BLOWFISH Encrypt and decrypt 0 bytes in multiple parts +BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0 -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:0:-1:0:0:0:0 -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 +BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:1:-1:0:0:0:0 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:7:-1:8:8:8:8 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:6:-1:16:0:8:8 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:17:6:-1:16:0:16:0 -BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:16:-1:16:16:8:24 -BLOWFISH Encrypt and decrypt 0 bytes +BLOWFISH Encrypt and decrypt 0 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:0:-1 -BLOWFISH Encrypt and decrypt 1 byte +BLOWFISH Encrypt and decrypt 1 byte [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:1:-1 -BLOWFISH Encrypt and decrypt 2 bytes +BLOWFISH Encrypt and decrypt 2 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:2:-1 -BLOWFISH Encrypt and decrypt 7 bytes +BLOWFISH Encrypt and decrypt 7 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:7:-1 -BLOWFISH Encrypt and decrypt 8 bytes +BLOWFISH Encrypt and decrypt 8 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:8:-1 -BLOWFISH Encrypt and decrypt 9 bytes +BLOWFISH Encrypt and decrypt 9 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:9:-1 -BLOWFISH Encrypt and decrypt 15 bytes +BLOWFISH Encrypt and decrypt 15 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:15:-1 -BLOWFISH Encrypt and decrypt 16 bytes +BLOWFISH Encrypt and decrypt 16 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:16:-1 -BLOWFISH Encrypt and decrypt 17 bytes +BLOWFISH Encrypt and decrypt 17 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:17:-1 -BLOWFISH Encrypt and decrypt 31 bytes +BLOWFISH Encrypt and decrypt 31 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:31:-1 -BLOWFISH Encrypt and decrypt 32 bytes +BLOWFISH Encrypt and decrypt 32 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:32:-1 -BLOWFISH Encrypt and decrypt 32 bytes +BLOWFISH Encrypt and decrypt 32 bytes [#4] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:33:-1 -BLOWFISH Encrypt and decrypt 47 bytes +BLOWFISH Encrypt and decrypt 47 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:47:-1 -BLOWFISH Encrypt and decrypt 48 bytes +BLOWFISH Encrypt and decrypt 48 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:48:-1 -BLOWFISH Encrypt and decrypt 49 bytes +BLOWFISH Encrypt and decrypt 49 bytes [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:49:-1 -BLOWFISH Encrypt and decrypt 0 bytes in multiple parts +BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:0:-1:0:0:0:0 -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:0:-1:1:0:1:0 -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 +BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:1:-1:0:1:0:1 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:0:-1:16:0:16:0 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:16:-1:0:16:0:16 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:15:-1:1:15:1:15 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:1:-1:15:1:15:1 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:7:-1:15:7:15:7 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:6:-1:16:6:16:6 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#6] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:17:6:-1:17:6:17:6 -BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:16:-1:16:16:16:16 -BLOWFISH Encrypt and decrypt 0 bytes +BLOWFISH Encrypt and decrypt 0 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:0:-1 -BLOWFISH Encrypt and decrypt 1 byte +BLOWFISH Encrypt and decrypt 1 byte [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:1:-1 -BLOWFISH Encrypt and decrypt 2 bytes +BLOWFISH Encrypt and decrypt 2 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:2:-1 -BLOWFISH Encrypt and decrypt 7 bytes +BLOWFISH Encrypt and decrypt 7 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:7:-1 -BLOWFISH Encrypt and decrypt 8 bytes +BLOWFISH Encrypt and decrypt 8 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:8:-1 -BLOWFISH Encrypt and decrypt 9 bytes +BLOWFISH Encrypt and decrypt 9 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:9:-1 -BLOWFISH Encrypt and decrypt 15 bytes +BLOWFISH Encrypt and decrypt 15 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:15:-1 -BLOWFISH Encrypt and decrypt 16 bytes +BLOWFISH Encrypt and decrypt 16 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:16:-1 -BLOWFISH Encrypt and decrypt 17 bytes +BLOWFISH Encrypt and decrypt 17 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:17:-1 -BLOWFISH Encrypt and decrypt 31 bytes +BLOWFISH Encrypt and decrypt 31 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:31:-1 -BLOWFISH Encrypt and decrypt 32 bytes +BLOWFISH Encrypt and decrypt 32 bytes [#5] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:32:-1 -BLOWFISH Encrypt and decrypt 32 bytes +BLOWFISH Encrypt and decrypt 32 bytes [#6] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:33:-1 -BLOWFISH Encrypt and decrypt 47 bytes +BLOWFISH Encrypt and decrypt 47 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:47:-1 -BLOWFISH Encrypt and decrypt 48 bytes +BLOWFISH Encrypt and decrypt 48 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:48:-1 -BLOWFISH Encrypt and decrypt 49 bytes +BLOWFISH Encrypt and decrypt 49 bytes [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:49:-1 -BLOWFISH Encrypt and decrypt 0 bytes in multiple parts +BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:0:-1:0:0:0:0 -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:0:-1:1:0:1:0 -BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 +BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:1:-1:0:1:0:1 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:0:-1:16:0:16:0 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:16:-1:0:16:0:16 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:15:-1:1:15:1:15 -BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 +BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:1:-1:15:1:15:1 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#7] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:7:-1:15:7:15:7 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#8] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:6:-1:16:6:16:6 -BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#9] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:17:6:-1:17:6:17:6 -BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 +BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:16:-1:16:16:16:16 diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index 8fbbbe91e..667f424fe 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -2,63 +2,63 @@ CAMELLIA CBC Decrypt empty buffer depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:0:0 -CAMELLIA Encrypt and decrypt 0 bytes +CAMELLIA Encrypt and decrypt 0 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:-1 -CAMELLIA Encrypt and decrypt 1 byte +CAMELLIA Encrypt and decrypt 1 byte [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:-1 -CAMELLIA Encrypt and decrypt 2 bytes +CAMELLIA Encrypt and decrypt 2 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:-1 -CAMELLIA Encrypt and decrypt 7 bytes +CAMELLIA Encrypt and decrypt 7 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:-1 -CAMELLIA Encrypt and decrypt 8 bytes +CAMELLIA Encrypt and decrypt 8 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:-1 -CAMELLIA Encrypt and decrypt 9 bytes +CAMELLIA Encrypt and decrypt 9 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:-1 -CAMELLIA Encrypt and decrypt 15 bytes +CAMELLIA Encrypt and decrypt 15 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:-1 -CAMELLIA Encrypt and decrypt 16 bytes +CAMELLIA Encrypt and decrypt 16 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:-1 -CAMELLIA Encrypt and decrypt 17 bytes +CAMELLIA Encrypt and decrypt 17 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:-1 -CAMELLIA Encrypt and decrypt 31 bytes +CAMELLIA Encrypt and decrypt 31 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:-1 -CAMELLIA Encrypt and decrypt 47 bytes +CAMELLIA Encrypt and decrypt 47 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:-1 -CAMELLIA Encrypt and decrypt 48 bytes +CAMELLIA Encrypt and decrypt 48 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:-1 -CAMELLIA Encrypt and decrypt 49 bytes +CAMELLIA Encrypt and decrypt 49 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:-1 @@ -102,11 +102,11 @@ CAMELLIA Encrypt and decrypt 31 bytes with one and zeros padding depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS -CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding +CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS -CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding +CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS @@ -162,11 +162,11 @@ CAMELLIA Encrypt and decrypt 31 bytes with zeros and len padding depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN -CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding +CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN -CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding +CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN @@ -222,11 +222,11 @@ CAMELLIA Encrypt and decrypt 31 bytes with zeros padding depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS -CAMELLIA Encrypt and decrypt 32 bytes with zeros padding +CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS -CAMELLIA Encrypt and decrypt 32 bytes with zeros padding +CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS @@ -302,462 +302,462 @@ CAMELLIA Try encrypting 49 bytes with no padding depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_fail:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -CAMELLIA Encrypt and decrypt 0 bytes in multiple parts +CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:1:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:1:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:0:-1:16:0:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:16:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:1:15:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:15:1:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:15:7:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:6:-1:16:0:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:17:6:-1:16:0:16:0 -CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:16:-1:16:16:0:32 -CAMELLIA Encrypt and decrypt 0 bytes +CAMELLIA Encrypt and decrypt 0 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:0:-1 -CAMELLIA Encrypt and decrypt 1 byte +CAMELLIA Encrypt and decrypt 1 byte [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:1:-1 -CAMELLIA Encrypt and decrypt 2 bytes +CAMELLIA Encrypt and decrypt 2 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:2:-1 -CAMELLIA Encrypt and decrypt 7 bytes +CAMELLIA Encrypt and decrypt 7 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:7:-1 -CAMELLIA Encrypt and decrypt 8 bytes +CAMELLIA Encrypt and decrypt 8 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:8:-1 -CAMELLIA Encrypt and decrypt 9 bytes +CAMELLIA Encrypt and decrypt 9 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:9:-1 -CAMELLIA Encrypt and decrypt 15 bytes +CAMELLIA Encrypt and decrypt 15 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:15:-1 -CAMELLIA Encrypt and decrypt 16 bytes +CAMELLIA Encrypt and decrypt 16 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:16:-1 -CAMELLIA Encrypt and decrypt 17 bytes +CAMELLIA Encrypt and decrypt 17 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:17:-1 -CAMELLIA Encrypt and decrypt 31 bytes +CAMELLIA Encrypt and decrypt 31 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:31:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:32:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:33:-1 -CAMELLIA Encrypt and decrypt 47 bytes +CAMELLIA Encrypt and decrypt 47 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:47:-1 -CAMELLIA Encrypt and decrypt 48 bytes +CAMELLIA Encrypt and decrypt 48 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:48:-1 -CAMELLIA Encrypt and decrypt 49 bytes +CAMELLIA Encrypt and decrypt 49 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:"CAMELLIA-128-CFB128":128:49:-1 -CAMELLIA Encrypt and decrypt 0 bytes in multiple parts +CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:0:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:1:0:-1:1:0:1:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:0:1:-1:0:1:0:1 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:16:0:-1:16:0:16:0 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:0:16:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:1:15:-1:1:15:1:15 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:15:1:-1:15:1:15:1 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:15:7:-1:15:7:15:7 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:16:6:-1:16:6:16:6 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#6] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:17:6:-1:17:6:17:6 -CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CFB128:128:16:16:-1:16:16:16:16 -CAMELLIA Encrypt and decrypt 0 bytes +CAMELLIA Encrypt and decrypt 0 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:0:-1 -CAMELLIA Encrypt and decrypt 1 byte +CAMELLIA Encrypt and decrypt 1 byte [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:1:-1 -CAMELLIA Encrypt and decrypt 2 bytes +CAMELLIA Encrypt and decrypt 2 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:2:-1 -CAMELLIA Encrypt and decrypt 7 bytes +CAMELLIA Encrypt and decrypt 7 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:7:-1 -CAMELLIA Encrypt and decrypt 8 bytes +CAMELLIA Encrypt and decrypt 8 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:8:-1 -CAMELLIA Encrypt and decrypt 9 bytes +CAMELLIA Encrypt and decrypt 9 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:9:-1 -CAMELLIA Encrypt and decrypt 15 bytes +CAMELLIA Encrypt and decrypt 15 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:15:-1 -CAMELLIA Encrypt and decrypt 16 bytes +CAMELLIA Encrypt and decrypt 16 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:16:-1 -CAMELLIA Encrypt and decrypt 17 bytes +CAMELLIA Encrypt and decrypt 17 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:17:-1 -CAMELLIA Encrypt and decrypt 31 bytes +CAMELLIA Encrypt and decrypt 31 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:31:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:32:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#6] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:33:-1 -CAMELLIA Encrypt and decrypt 47 bytes +CAMELLIA Encrypt and decrypt 47 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:47:-1 -CAMELLIA Encrypt and decrypt 48 bytes +CAMELLIA Encrypt and decrypt 48 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:48:-1 -CAMELLIA Encrypt and decrypt 49 bytes +CAMELLIA Encrypt and decrypt 49 bytes [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CTR:"CAMELLIA-128-CTR":128:49:-1 -CAMELLIA Encrypt and decrypt 0 bytes in multiple parts +CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:0:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:1:0:-1:1:0:1:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:0:1:-1:0:1:0:1 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:16:0:-1:16:0:16:0 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:0:16:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:1:15:-1:1:15:1:15 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:15:1:-1:15:1:15:1 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#7] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:15:7:-1:15:7:15:7 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#8] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:16:6:-1:16:6:16:6 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#9] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:17:6:-1:17:6:17:6 -CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:16:16:-1:16:16:16:16 -CAMELLIA Encrypt and decrypt 0 bytes +CAMELLIA Encrypt and decrypt 0 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:0:-1 -CAMELLIA Encrypt and decrypt 1 byte +CAMELLIA Encrypt and decrypt 1 byte [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:1:-1 -CAMELLIA Encrypt and decrypt 2 bytes +CAMELLIA Encrypt and decrypt 2 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:2:-1 -CAMELLIA Encrypt and decrypt 7 bytes +CAMELLIA Encrypt and decrypt 7 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:7:-1 -CAMELLIA Encrypt and decrypt 8 bytes +CAMELLIA Encrypt and decrypt 8 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:8:-1 -CAMELLIA Encrypt and decrypt 9 bytes +CAMELLIA Encrypt and decrypt 9 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:9:-1 -CAMELLIA Encrypt and decrypt 15 bytes +CAMELLIA Encrypt and decrypt 15 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:15:-1 -CAMELLIA Encrypt and decrypt 16 bytes +CAMELLIA Encrypt and decrypt 16 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:16:-1 -CAMELLIA Encrypt and decrypt 17 bytes +CAMELLIA Encrypt and decrypt 17 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:17:-1 -CAMELLIA Encrypt and decrypt 31 bytes +CAMELLIA Encrypt and decrypt 31 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:31:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#7] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:32:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#8] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:33:-1 -CAMELLIA Encrypt and decrypt 47 bytes +CAMELLIA Encrypt and decrypt 47 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:47:-1 -CAMELLIA Encrypt and decrypt 48 bytes +CAMELLIA Encrypt and decrypt 48 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:48:-1 -CAMELLIA Encrypt and decrypt 49 bytes +CAMELLIA Encrypt and decrypt 49 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:49:-1 -CAMELLIA Encrypt and decrypt 0 bytes in multiple parts +CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:1:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:1:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:0:-1:16:0:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:16:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:1:15:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:15:1:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#10] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:15:7:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#11] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:6:-1:16:0:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#12] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:17:6:-1:16:0:16:0 -CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:16:-1:16:16:0:32 -CAMELLIA Encrypt and decrypt 0 bytes +CAMELLIA Encrypt and decrypt 0 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:0:-1 -CAMELLIA Encrypt and decrypt 1 byte +CAMELLIA Encrypt and decrypt 1 byte [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:1:-1 -CAMELLIA Encrypt and decrypt 2 bytes +CAMELLIA Encrypt and decrypt 2 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:2:-1 -CAMELLIA Encrypt and decrypt 7 bytes +CAMELLIA Encrypt and decrypt 7 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:7:-1 -CAMELLIA Encrypt and decrypt 8 bytes +CAMELLIA Encrypt and decrypt 8 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:8:-1 -CAMELLIA Encrypt and decrypt 9 bytes +CAMELLIA Encrypt and decrypt 9 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:9:-1 -CAMELLIA Encrypt and decrypt 15 bytes +CAMELLIA Encrypt and decrypt 15 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:15:-1 -CAMELLIA Encrypt and decrypt 16 bytes +CAMELLIA Encrypt and decrypt 16 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:16:-1 -CAMELLIA Encrypt and decrypt 17 bytes +CAMELLIA Encrypt and decrypt 17 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:17:-1 -CAMELLIA Encrypt and decrypt 31 bytes +CAMELLIA Encrypt and decrypt 31 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:31:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#9] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:32:-1 -CAMELLIA Encrypt and decrypt 32 bytes +CAMELLIA Encrypt and decrypt 32 bytes [#10] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:33:-1 -CAMELLIA Encrypt and decrypt 47 bytes +CAMELLIA Encrypt and decrypt 47 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:47:-1 -CAMELLIA Encrypt and decrypt 48 bytes +CAMELLIA Encrypt and decrypt 48 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:48:-1 -CAMELLIA Encrypt and decrypt 49 bytes +CAMELLIA Encrypt and decrypt 49 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:49:-1 -CAMELLIA Encrypt and decrypt 0 bytes in multiple parts +CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:1:0:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:1:-1:0:0:0:0 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:0:-1:16:0:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:16:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:1:15:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 +CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:15:1:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#13] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:15:7:-1:0:16:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#14] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:6:-1:16:0:0:16 -CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#15] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:17:6:-1:16:0:16:0 -CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 +CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:16:-1:16:16:0:32 diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index c272a3e33..9410262e6 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -10,7 +10,7 @@ DES EDE3 CBC Decrypt empty buffer depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:0:0 -DES Encrypt and decrypt 0 bytes +DES Encrypt and decrypt 0 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:-1 @@ -50,11 +50,11 @@ DES Encrypt and decrypt 31 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:-1 -DES Encrypt and decrypt 32 bytes +DES Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:-1 -DES Encrypt and decrypt 32 bytes +DES Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:-1 @@ -110,11 +110,11 @@ DES Encrypt and decrypt 31 bytes with one and zeros padding depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ONE_AND_ZEROS -DES Encrypt and decrypt 32 bytes with one and zeros padding +DES Encrypt and decrypt 32 bytes with one and zeros padding [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ONE_AND_ZEROS -DES Encrypt and decrypt 32 bytes with one and zeros padding +DES Encrypt and decrypt 32 bytes with one and zeros padding [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ONE_AND_ZEROS @@ -170,11 +170,11 @@ DES Encrypt and decrypt 31 bytes with zeros and len padding depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS_AND_LEN -DES Encrypt and decrypt 32 bytes with zeros and len padding +DES Encrypt and decrypt 32 bytes with zeros and len padding [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS_AND_LEN -DES Encrypt and decrypt 32 bytes with zeros and len padding +DES Encrypt and decrypt 32 bytes with zeros and len padding [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS_AND_LEN @@ -230,11 +230,11 @@ DES Encrypt and decrypt 31 bytes with zeros padding depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS -DES Encrypt and decrypt 32 bytes with zeros padding +DES Encrypt and decrypt 32 bytes with zeros padding [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS -DES Encrypt and decrypt 32 bytes with zeros padding +DES Encrypt and decrypt 32 bytes with zeros padding [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS @@ -338,15 +338,15 @@ DES Encrypt and decrypt 16 bytes in multiple parts 4 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:15:1:-1:8:8:8:8 -DES Encrypt and decrypt 22 bytes in multiple parts 1 +DES Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:15:7:-1:8:8:8:8 -DES Encrypt and decrypt 22 bytes in multiple parts 1 +DES Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:6:-1:16:0:8:8 -DES Encrypt and decrypt 22 bytes in multiple parts 1 +DES Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:17:6:-1:16:0:16:0 @@ -354,107 +354,107 @@ DES Encrypt and decrypt 32 bytes in multiple parts 1 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:16:-1:16:16:8:24 -DES Encrypt and decrypt 0 bytes +DES Encrypt and decrypt 0 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:0:-1 -DES3 Encrypt and decrypt 1 byte +DES3 Encrypt and decrypt 1 byte [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:1:-1 -DES3 Encrypt and decrypt 2 bytes +DES3 Encrypt and decrypt 2 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:2:-1 -DES3 Encrypt and decrypt 7 bytes +DES3 Encrypt and decrypt 7 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:7:-1 -DES3 Encrypt and decrypt 8 bytes +DES3 Encrypt and decrypt 8 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:8:-1 -DES3 Encrypt and decrypt 9 bytes +DES3 Encrypt and decrypt 9 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:9:-1 -DES3 Encrypt and decrypt 15 bytes +DES3 Encrypt and decrypt 15 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:15:-1 -DES3 Encrypt and decrypt 16 bytes +DES3 Encrypt and decrypt 16 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:16:-1 -DES3 Encrypt and decrypt 17 bytes +DES3 Encrypt and decrypt 17 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:17:-1 -DES3 Encrypt and decrypt 31 bytes +DES3 Encrypt and decrypt 31 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:31:-1 -DES3 Encrypt and decrypt 32 bytes +DES3 Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:32:-1 -DES3 Encrypt and decrypt 32 bytes +DES3 Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:33:-1 -DES3 Encrypt and decrypt 47 bytes +DES3 Encrypt and decrypt 47 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:47:-1 -DES3 Encrypt and decrypt 48 bytes +DES3 Encrypt and decrypt 48 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:48:-1 -DES3 Encrypt and decrypt 49 bytes +DES3 Encrypt and decrypt 49 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:49:-1 -DES3 Encrypt and decrypt 0 bytes in multiple parts +DES3 Encrypt and decrypt 0 bytes in multiple parts [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:0:-1:0:0:0:0 -DES3 Encrypt and decrypt 1 bytes in multiple parts 1 +DES3 Encrypt and decrypt 1 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:1:0:-1:0:0:0:0 -DES3 Encrypt and decrypt 1 bytes in multiple parts 2 +DES3 Encrypt and decrypt 1 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:1:-1:0:0:0:0 -DES3 Encrypt and decrypt 16 bytes in multiple parts 1 +DES3 Encrypt and decrypt 16 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:0:-1:16:0:8:8 -DES3 Encrypt and decrypt 16 bytes in multiple parts 2 +DES3 Encrypt and decrypt 16 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:16:-1:0:16:0:16 -DES3 Encrypt and decrypt 16 bytes in multiple parts 3 +DES3 Encrypt and decrypt 16 bytes in multiple parts 3 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:1:15:-1:0:16:0:16 -DES3 Encrypt and decrypt 16 bytes in multiple parts 4 +DES3 Encrypt and decrypt 16 bytes in multiple parts 4 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:15:1:-1:8:8:8:8 -DES3 Encrypt and decrypt 22 bytes in multiple parts 1 +DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:15:7:-1:8:8:8:8 -DES3 Encrypt and decrypt 22 bytes in multiple parts 1 +DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:6:-1:16:0:8:8 -DES3 Encrypt and decrypt 22 bytes in multiple parts 1 +DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:17:6:-1:16:0:16:0 -DES3 Encrypt and decrypt 32 bytes in multiple parts 1 +DES3 Encrypt and decrypt 32 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:16:-1:16:16:8:24 @@ -462,103 +462,103 @@ DES3 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:0:-1 -DES3 Encrypt and decrypt 1 byte +DES3 Encrypt and decrypt 1 byte [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:1:-1 -DES3 Encrypt and decrypt 2 bytes +DES3 Encrypt and decrypt 2 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:2:-1 -DES3 Encrypt and decrypt 7 bytes +DES3 Encrypt and decrypt 7 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:7:-1 -DES3 Encrypt and decrypt 8 bytes +DES3 Encrypt and decrypt 8 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:8:-1 -DES3 Encrypt and decrypt 9 bytes +DES3 Encrypt and decrypt 9 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:9:-1 -DES3 Encrypt and decrypt 15 bytes +DES3 Encrypt and decrypt 15 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:15:-1 -DES3 Encrypt and decrypt 16 bytes +DES3 Encrypt and decrypt 16 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:16:-1 -DES3 Encrypt and decrypt 17 bytes +DES3 Encrypt and decrypt 17 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:17:-1 -DES3 Encrypt and decrypt 31 bytes +DES3 Encrypt and decrypt 31 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:31:-1 -DES3 Encrypt and decrypt 32 bytes +DES3 Encrypt and decrypt 32 bytes [#3] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:32:-1 -DES3 Encrypt and decrypt 32 bytes +DES3 Encrypt and decrypt 32 bytes [#4] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:33:-1 -DES3 Encrypt and decrypt 47 bytes +DES3 Encrypt and decrypt 47 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:47:-1 -DES3 Encrypt and decrypt 48 bytes +DES3 Encrypt and decrypt 48 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:48:-1 -DES3 Encrypt and decrypt 49 bytes +DES3 Encrypt and decrypt 49 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:49:-1 -DES3 Encrypt and decrypt 0 bytes in multiple parts +DES3 Encrypt and decrypt 0 bytes in multiple parts [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:0:-1:0:0:0:0 -DES3 Encrypt and decrypt 1 bytes in multiple parts 1 +DES3 Encrypt and decrypt 1 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:1:0:-1:0:0:0:0 -DES3 Encrypt and decrypt 1 bytes in multiple parts 2 +DES3 Encrypt and decrypt 1 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:1:-1:0:0:0:0 -DES3 Encrypt and decrypt 16 bytes in multiple parts 1 +DES3 Encrypt and decrypt 16 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:0:-1:16:0:8:8 -DES3 Encrypt and decrypt 16 bytes in multiple parts 2 +DES3 Encrypt and decrypt 16 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:16:-1:0:16:0:16 -DES3 Encrypt and decrypt 16 bytes in multiple parts 3 +DES3 Encrypt and decrypt 16 bytes in multiple parts 3 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:1:15:-1:0:16:0:16 -DES3 Encrypt and decrypt 16 bytes in multiple parts 4 +DES3 Encrypt and decrypt 16 bytes in multiple parts 4 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:15:1:-1:8:8:8:8 -DES3 Encrypt and decrypt 22 bytes in multiple parts 1 +DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:15:7:-1:8:8:8:8 -DES3 Encrypt and decrypt 22 bytes in multiple parts 1 +DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:6:-1:16:0:8:8 -DES3 Encrypt and decrypt 22 bytes in multiple parts 1 +DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#6] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:17:6:-1:16:0:16:0 -DES3 Encrypt and decrypt 32 bytes in multiple parts 1 +DES3 Encrypt and decrypt 32 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:16:-1:16:16:8:24 diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 83889de47..c526b2e56 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -46,11 +46,11 @@ AES 128 GCM Encrypt and decrypt 31 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_128_GCM:"AES-128-GCM":128:31:-1 -AES 128 GCM Encrypt and decrypt 32 bytes +AES 128 GCM Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_128_GCM:"AES-128-GCM":128:32:-1 -AES 128 GCM Encrypt and decrypt 32 bytes +AES 128 GCM Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_128_GCM:"AES-128-GCM":128:33:-1 @@ -98,31 +98,31 @@ AES 128 GCM Encrypt and decrypt 32 bytes in multiple parts 1 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_GCM:128:16:16:-1:16:16:16:16 -AES 128 GCM Decrypt test vector #1 +AES 128 GCM Decrypt test vector #1 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":0:0 -AES 128 GCM Decrypt test vector #2 +AES 128 GCM Decrypt test vector #2 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"":"6e0c53ef":0:0 -AES 128 GCM Decrypt test vector #3 +AES 128 GCM Decrypt test vector #3 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"":"e8c09ddd":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED -AES 128 GCM Decrypt test vector #4 +AES 128 GCM Decrypt test vector #4 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"":"":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"756292d8b4653887edef51679b161812":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED -AES 128 GCM Decrypt test vector #5 +AES 128 GCM Decrypt test vector #5 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"":"":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"ebdd7c8e87fe733138a433543542d1":0:0 -AES 128 GCM Decrypt test vector #6 +AES 128 GCM Decrypt test vector #6 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":"":"a81d13973baa22a751833d7d3f94b3b1":0:0 -AES 128 GCM Decrypt test vector #7 +AES 128 GCM Decrypt test vector #7 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"":"":"8526fd25daf890e79946a205b698f287":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED @@ -174,11 +174,11 @@ AES 192 GCM Encrypt and decrypt 31 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:31:-1 -AES 192 GCM Encrypt and decrypt 32 bytes +AES 192 GCM Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:32:-1 -AES 192 GCM Encrypt and decrypt 32 bytes +AES 192 GCM Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:33:-1 @@ -290,11 +290,11 @@ AES 256 GCM Encrypt and decrypt 31 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:31:-1 -AES 256 GCM Encrypt and decrypt 32 bytes +AES 256 GCM Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:32:-1 -AES 256 GCM Encrypt and decrypt 32 bytes +AES 256 GCM Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:33:-1 @@ -346,31 +346,31 @@ AES 128 GCM Decrypt test vector #0 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED -AES 128 GCM Decrypt test vector #1 +AES 128 GCM Decrypt test vector #1 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"":"35214bbc510430e3":0:0 -AES 128 GCM Decrypt test vector #2 +AES 128 GCM Decrypt test vector #2 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"":"":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"c595b9d99414891228c9fa5edb5fcce3":0:0 -AES 128 GCM Decrypt test vector #3 +AES 128 GCM Decrypt test vector #3 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"":"":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"a8e29e08623a3efdbbe8b111de30a4":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED -AES 128 GCM Decrypt test vector #4 +AES 128 GCM Decrypt test vector #4 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":"":"6d9d3a5dbc8dce385f092fff14bfffda":0:0 -AES 128 GCM Decrypt test vector #5 +AES 128 GCM Decrypt test vector #5 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"":"":"3a3a771dd5f31c977e154ef5c73a":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED -AES 128 GCM Decrypt test vector #6 +AES 128 GCM Decrypt test vector #6 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"e49beb083a9b008ae97a17e3825692f0":0:0 -AES 128 GCM Decrypt test vector #7 +AES 128 GCM Decrypt test vector #7 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"ffdf56e1c1a7252b88422787536484":0:0 @@ -414,11 +414,11 @@ CAMELLIA 128 GCM Encrypt and decrypt 31 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM:"CAMELLIA-128-GCM":128:31:-1 -CAMELLIA 128 GCM Encrypt and decrypt 32 bytes +CAMELLIA 128 GCM Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM:"CAMELLIA-128-GCM":128:32:-1 -CAMELLIA 128 GCM Encrypt and decrypt 32 bytes +CAMELLIA 128 GCM Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_GCM:"CAMELLIA-128-GCM":128:33:-1 @@ -526,11 +526,11 @@ CAMELLIA 192 GCM Encrypt and decrypt 31 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_GCM:"CAMELLIA-192-GCM":192:31:-1 -CAMELLIA 192 GCM Encrypt and decrypt 32 bytes +CAMELLIA 192 GCM Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_GCM:"CAMELLIA-192-GCM":192:32:-1 -CAMELLIA 192 GCM Encrypt and decrypt 32 bytes +CAMELLIA 192 GCM Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_GCM:"CAMELLIA-192-GCM":192:33:-1 @@ -638,11 +638,11 @@ CAMELLIA 256 GCM Encrypt and decrypt 31 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_GCM:"CAMELLIA-256-GCM":256:31:-1 -CAMELLIA 256 GCM Encrypt and decrypt 32 bytes +CAMELLIA 256 GCM Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_GCM:"CAMELLIA-256-GCM":256:32:-1 -CAMELLIA 256 GCM Encrypt and decrypt 32 bytes +CAMELLIA 256 GCM Encrypt and decrypt 32 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_GCM:"CAMELLIA-256-GCM":256:33:-1 @@ -710,4034 +710,4034 @@ CAMELLIA 256 GCM Decrypt test vector #5 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"cafebabefacedbad":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"e6472b8ebd331bfcc7c0fa63ce094462":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED -AES-GCM NIST Validation (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0 -AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":1 -AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1 -AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1 diff --git a/tests/suites/test_suite_cipher.nist_kw.data b/tests/suites/test_suite_cipher.nist_kw.data index 9fec97615..7825458c9 100644 --- a/tests/suites/test_suite_cipher.nist_kw.data +++ b/tests/suites/test_suite_cipher.nist_kw.data @@ -14,11 +14,11 @@ KW AES-192 wrap rfc 3394 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"000102030405060708090A0B0C0D0E0F1011121314151617":"":"":"96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D":"":"":"00112233445566778899AABBCCDDEEFF":0 -KW AES-256 wrap rfc 3394 +KW AES-256 wrap rfc 3394 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"":"":"A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1":"":"":"00112233445566778899AABBCCDDEEFF0001020304050607":0 -KW AES-256 wrap rfc 3394 +KW AES-256 wrap rfc 3394 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"":"":"64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7":"":"":"00112233445566778899AABBCCDDEEFF":0 @@ -142,11 +142,11 @@ KWP AES-128 28 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"EFD0BC7612331A98F2D68F86E606717197BF57E35114234C675D40E9462ACF00DE7860C0F38677F7":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B":0 -KW AES-128 wrap CAVS 17.4 COUNT 0 PLEN 16 +KW AES-128 wrap CAVS 17.4 COUNT 0 PLEN 16 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"7575da3a93607cc2bfd8cec7aadfd9a6":"":"":"031f6bd7e61e643df68594816f64caa3f56fabea2548f5fb":"":"":"42136d3c384a3eeac95a066fd28fed3f":0 -KW AES-128 wrap CAVS 17.4 COUNT 0 PLEN 16 +KW AES-128 wrap CAVS 17.4 COUNT 0 PLEN 16 [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"7575da3a93607cc2bfd8cec7aadfd9a7":"":"":"031f6bd7e61e643df68594816f64cbb3f56fabea2548f5fb":"":"FAIL":"":0 diff --git a/tests/suites/test_suite_cipher.null.data b/tests/suites/test_suite_cipher.null.data index 371b30677..3a063ab11 100644 --- a/tests/suites/test_suite_cipher.null.data +++ b/tests/suites/test_suite_cipher.null.data @@ -78,15 +78,15 @@ NULL Encrypt and decrypt 16 bytes in multiple parts 4 depends_on:MBEDTLS_CIPHER_NULL_CIPHER enc_dec_buf_multipart:MBEDTLS_CIPHER_NULL:0:15:1:-1:15:1:15:1 -NULL Encrypt and decrypt 22 bytes in multiple parts 1 +NULL Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CIPHER_NULL_CIPHER enc_dec_buf_multipart:MBEDTLS_CIPHER_NULL:0:15:7:-1:15:7:15:7 -NULL Encrypt and decrypt 22 bytes in multiple parts 1 +NULL Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_CIPHER_NULL_CIPHER enc_dec_buf_multipart:MBEDTLS_CIPHER_NULL:0:16:6:-1:16:6:16:6 -NULL Encrypt and decrypt 22 bytes in multiple parts 1 +NULL Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_CIPHER_NULL_CIPHER enc_dec_buf_multipart:MBEDTLS_CIPHER_NULL:0:17:6:-1:17:6:17:6 diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index d2307bf10..312910edd 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -270,723 +270,723 @@ CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #14 depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_pr:"1e4644df1d01f9a0f31d1d0c67bc9fb9a1ee2223fbfb25520d3881cde2b183b73fe1a8cc5f17796cf22aaaed57607420":"cdac62b5e4ccee8609b1f4b7a8733e69068c71219b6292ecb318b9d3479516807af280cfa20e455d5e96eb6794a3b963957f3c099fd1e1199706d36a06011836af890f3b7b15cda6346a06fdd0f194de40bfbec12b021b02eeabaa34d35b30a3":"8169251ea55cce534c6efd0e8a2956d32ed73be71d12477cea8e0f1ab8251b50":"865d14cb37dd160a3f02f56ac32738f9e350da9e789a1f280ee7b7961ec918a7":"ff11ba8349daa9b9c87cf6ab4c2adfd7" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1b54b8ff0642bff521f15c1c0b665f3f":"5a194d5e2b31581454def675fb7958fec7db873e5689fc9d03217c68d8033820f9e65e04d856f3a9c44a4cbdc1d00846f5983d771c1b137e4e0f9d8ef409f92e":"":"":"":"a054303d8a7ea9889d903e077c6f218f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"90bc3b555b9d6b6aeb1774a583f98cad":"93b7055d7888ae234bfb431e379069d00ae810fbd48f2e06c204beae3b0bfaf091d1d0e853525ead0e7f79abb0f0bf68064576339c3585cfd6d9b55d4f39278d":"":"":"":"aaf27fc2bf64b0320dd3564bb9b03377" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"4a2a7dcbde58b8b3c3f4697beb67bba2":"58364ceefad37581c518b7d42ac4f9aae22befd84cbc986c08d1fb20d3bd2400a899bafd470278fad8f0a50f8490af29f938471b4075654fda577dad20fa01ca":"":"":"":"20c5117a8aca72ee5ab91468daf44f29" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"911faab1347ae2b3093a607c8bc77bfe":"2f044b8651e1c9d99317084cc6c4fa1f502dd62466a57d4b88bc0d703cabc562708201ac19cdb5cf918fae29c009fb1a2cf42fd714cc9a53ca5acb715482456a":"":"":"":"aae0c0ac97f53d222b83578a2b3dd05d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"f959f1bc100ae30088017fae51289d8e":"77d0f0efbc7ca794a51dff96e85b8e7dfd4875fbfb6e5593ae17908bfbddc313e051cb7d659c838180d834fdd987ae3c7f605aaa1b3a936575384b002a35dd98":"":"":"":"5d80bc3fffa42b89ccb390e8447e33e5" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"45a8bb33062783eede09b05a35bd44dd":"6bb14dc34f669759f8fa5453c4899eb5ac4e33a69e35e89b19a46dbd0888429d1367f7f3191e911b3b355b6e3b2426e242ef4140ddcc9676371101209662f253":"":"":"":"0dfa9955a13a9c57a3546a04108b8e9e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0ada129f9948073d628c11274cec3f69":"b3d01bcb1ec747fdb7feb5a7de92807afa4338aba1c81ce1eb50955e125af46b19aed891366ec0f70b079037a5aeb33f07f4c894fdcda3ff41e2867ace1aa05c":"":"":"":"f34710c9ebf9d5aaa5f797fd85a1c413" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"052a5ad4cd38de90e5d3c2fc430fa51e":"98482e58e44b8e4a6b09fa02c05fcc491da03a479a7fad13a83b6080d30b3b255e01a43568a9d6dd5cecf99b0ce9fd594d69eff8fa88159b2da24c33ba81a14d":"":"":"":"3f55144eec263aed50f9c9a641538e55" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"004cd2f28f083d1cee68975d5cbbbe4f":"6238d448015e86aa16af62cdc287f1c17b78a79809fa00b8c655e06715cd2b935bf4df966e3ec1f14b28cc1d080f882a7215e258430c91a4a0a2aa98d7cd8053":"":"":"":"b137119dbbd9d752a8dfceec05b884b6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"f985b3ea2d8b15db26a71895a2ff57cd":"50d3c4ecb1d6e95aebb87e9e8a5c869c11fb945dfad2e45ee90fb61931fcedd47d6005aa5df24bb9efc11bbb96bb21065d44e2532a1e17493f974a4bf8f8b580":"":"":"":"eb419628fbc441ae6a03e26aeecb34a6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"100f196991b6e96f8b96a3456f6e2baf":"d27cbeac39a6c899938197f0e61dc90be3a3a20fa5c5e1f7a76adde00598e59555c1e9fd102d4b52e1ae9fb004be8944bad85c58e341d1bee014057da98eb3bc":"":"":"":"e3e09d0ed827e4f24a20553fd1087c9d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"88f55d9ba8fef7828483298321133fec":"16f9f5354d624c5ab1f82c750e05f51f2a2eeca7e5b774fd96148ddba3b38d34ba7f1472567c52087252480d305ad1c69e4aac8472a154ae03511d0e8aac905a":"":"":"":"07cd821012ef03f16d8510c23b86baf3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"126479abd70b25acd891e1c4c92044f9":"70afbc83bf9ff09535d6f0ddc51278ad7909f11e6f198b59132c9e269deb41ba901c62346283e293b8714fd3241ae870f974ff33c35f9aff05144be039d24e50":"":"":"":"0f90df350741d88552a5b03b6488e9fb" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a45f2fca553089fe04e7832059dc7976":"5e5a9e1e3cb80738c238464ede1b6b6a321261a3b006a98a79265ad1f635573bba48dccf17b12f6868478252f556b77c3ec57a3bf6bb6599429453db2d050352":"":"":"":"6eb85ae2406c43814b687f74f4e942bc" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"52dbb43241002415966eaec2615aba27":"31cfe60e5ed12ff37d7f2270963def598726320c02b910b5c6c795e2209b4b4a95866c64cb097af1d6404d1e6182edf9600e1855345375b201801d6f4c4e4b32":"":"":"":"2a270f5ef815665ddd07527c48719ab1" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"176200bb44808b5400b24e1b5f56cf73":"f84d395b1734eac4600dbc36f6b1e1599bc7f2608dc8ecb3a55369d7b1b122a09f5ac9c16d9a2be37d2ff70a9bba732fc3785b23ff4ade3c8404da3f09f95a8f":"aef28c9169e9af74c73432d4aa6f5dff9ea4a53433de2ecb9bf380a8868c86e1":"0626ae19763c5313b627a8d65cf1cfba46dfd6773242738b9b81fde8d566ade1":"63c160ed6a6c1fffd0586f52fa488a9055533930b36d4fa5ea3467cda9ffe198":"e8f91633725d786081625fb99336a993" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"19c3d16197ac93bf58c4110c9e864804":"50755cc0178c68ae70befd7744f6f1e3f6a59b3bbe484a744436079c7fae8d83c4965516fb952c63e1d0561d92cccc56037465815c9e549c9adce4a064877128":"5cb82d2c297404f3db1909480c597dd081d94ca282ba9370786a50f3cbab6a9b":"96d130faf1a971920c2bf57bcd6c02d5a4af7d3c840706081e4a50e55f38bf96":"1b0d04f179690a30d501e8f6f82201dbab6d972ece2a0edfb5ca66a8c9bcf47d":"4628b26492e5cb3b21956d4160f0b911" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"4b1edd0f53bf4e012def80efd740140b":"e50c31ebbb735c4a53fc0535647ae1fff7a5ac4fa4068ba90f1fa03ca4ddedecd5b1898d5e38185054b0de7e348034b57067a82a478b0057e0c46de4a7280cd9":"e7154ec1f7ac369d0bd41238f603b5315314d1dc82f71191de9e74364226eb09":"9444238bd27c45128a25d55e0734d3adafecccb2c24abdaa50ac2ca479c3830b":"ab2488c8b7e819d8ce5ec1ffb77efc770453970d6b852b496426d5db05c03947":"a488a87c04eb1c7586b8141ed45e7761" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1f89c914649ae8a234c0e9230f3460f9":"5e029c173dc28ab19851a8db008efbcf862f4187fca84e4e6f5ba686e3005dba5b95c5a0bcf78fb35ada347af58ec0aca09ed4799cd8a734739f3c425273e441":"b51f5fd5888552af0e9b667c2750c79106ce37c00c850afbe3776746d8c3bce1":"9b132a2cbffb8407aa06954ae6ebee265f986666757b5453601207e0cbb4871b":"f1c435e2ebf083a222218ee4602263872a2d3e097b536a8cc32a5a2220b8065f":"a065cc203881254ca81bd9595515e705" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0ef2be2d00a16051404fc2a0faa74fdc":"b66c882ae02c5215ed3bcd9e9a40934b09bf48a15fe7558c9d9ceb0ebec63625ea18f7c3ab341d9f7edd8e1d8816edecb34dbd71ae02771327b5ebc74613dadd":"1ebe9893957a5c4a707793906d31bb201e88d88a22abd6baa6461fc61def7ffb":"f81e26744834413cb95af8d438d0050c7c968f929a33e35ee5c6715a0a520950":"687a848b2b6c715a0e613b3f3bb16cf2f056543eb9dd6b8aee8de8aa6fd8a1e6":"a6c4a7e99d08cc847ac0b8c8bcf22ec0" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"eb2439d156c4f51fb1943c26f27de8af":"ad153fd266d9f73b21f4e5e88d3d13ba8325abdec427d5d8f671cfccdbd3510e9774d59a14d9b5472b217b7bcf355436a51965d2dff7c4ac586ab812f20d326e":"e24bd6b69a40fa0a02cefbbaa282f8f63a80e154be338d1b913418d4ff7a810d":"fd40baf11d7cdd77641a2b46916cb0c12980e02612ef59fb6fe7dabbbe7a85c0":"a40019e3b85d7d5775e793dd4c09b2bdc8253694b1dcb73e63a18b066a7f7d0c":"7cd8d2710147a0b7f053bb271edf07b5" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b23796d88ee5ae75ff2ba4fbbd5e2de8":"b249d2d9b269b58c5355710aaae98be12d8fb2e79046b4e6deeec28adad7e789999847e20de11f7c3277216374f117e3e006bdf99bb8631aa4c4c542cd482840":"79f0214b6b0c5ffb21b1d521498b71d22c67be4607c16300ab8dde3b52498097":"582be1e080264b3e68ec184347a5b6db1e8be1811578206e14ad84029fe39f71":"f5e9c3356810793f461f889d8c5003b1c0b20a284cb348301ce7b2dd7a1c7dd7":"1aa8cf54994be6b329e9eb897007abf0" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"081db0b1620a56afd87c2fd2bebb1db3":"3f1e90d88870a0bd03364036b655495e3e7d51bf67fb64ba0cbf003430af5585f5936b84ab3b8a55c02b8b6c54bea09cf2d77691858c5818991383add5f0c644":"5b98bc83ae8bed5c49cb71689dc39fee38d5d08bdfa2a01cee9d61e9f3d1e115":"aad3e58fdd98aa60fc2cae0df3fc734fff01a07f29f69c5ffeb96d299200d0d8":"bad9039ebb7c3a44061353542a2b1c1a89b3e9b493e9f59e438bfc80de3d1836":"8d01e3dc48b28f016fc34655c54be81f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a8427443d9c34abcdcca061a2bbcff52":"b0e9b2192adc8912653d90a634d5d40c53ca4383290a8764bdf92667f859d833c3e72ad0ff41e07fe257b1ead11649be655c58a5df233114e7eda2558b7214d7":"c6cad9fb17ada437d195d1f8b6a7fa463e20050e94024170d2ffc34b80a50108":"be461a9c1a72ebaf28ee732219e3ca54cbee36921daaa946917a7c63279a6b0e":"b6d110d6b746d7ccf7a48a4337ba341d52508d0336d017ae20377977163c1a20":"16ccd63dbf7b24b6b427126b863f7c86" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"86bd02976e6c50656372b8c212cf0a7a":"89900b0febf6b4e19ab8fc5babb4122a8aad86d658d0c2f98988c99fbd8530ff4ad365bd5fddaa15f96537bd72deb5384405b610e6ebae83e848307051fd6c82":"41bf3794ee54647a48a2588fdfdea686f1af6792e957d42f181f2631b207ac0c":"c4478afbea4eecb225448f069b02a74c2a222698c68e37eb144aff9e457f9610":"41a99e0d3f5b767f9bedcb2f878a5d99d42856bed29042d568b04e347624bf7f":"863337529aac9ab1e9f7f8187ea7aa7d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e809ef8d4c3d82575833d51ac69481b2":"3e831b7715ce202c95ec85337e2c0061d972169955bd96fbe1f758508c0336b3226260ea5e66f943b538eb115ffe4d5e534cbe58262a610528641629bc12fc75":"4d40c6a961168445c1691fea02ebd693cb4b3f74b03d45a350c65f0aaccb118b":"b07dc50e6ca7544ed6fdebd8f00ed5fa9b1f2213b477de8568eb92dddaabfe3f":"cbac982aa9f1830d0dc7373d9907670f561642adb1888f66b4150d3487bf0b8d":"2814be767d79778ebb82a096976f30db" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ad71caa50420d213b25f5558e0dc1170":"6a3fd23e7dc934e6de6eb4cc846c0dc3cf35ea4be3f561c34666aed1bbd6331004afba5a5b83fff1e7b8a957fbee7cd9f8142326c796ca129ec9fbacf295b882":"3042dd041b89aaa61f185fdda706c77667515c037f2a88c6d47f23ddadc828ae":"9b1e3f72aaab66b202f17c5cc075cfba7242817b2b38c19fe8924ca325b826ea":"8660b503329aaea56acdb73ca83763299bac0f30264702cb9d52cbaf3d71d69d":"c204a3174784d82b664e9a1c0a13ffa6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"5fd6606b08e7e625af788814bef7f263":"baf8750e07194fc7172c736e0fdea0a632810d45602dff17ce37adf106d652f87e31b6bd24d21481c86444d8109586118672a6f93731b7438a3f0f39648b83a3":"3c37193d40e79ce8d569d8aa7ef80aabaa294f1b6d5a8341805f5ac67a6abf42":"c7033b3b68be178d120379e7366980d076c73280e629dd6e82f5af1af258931b":"452218a426a58463940785a67cb34799a1787f39d376c9e56e4a3f2215785dad":"561e16a8b297e458c4ec39ba43f0b67e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"08def734914ecf74b9eccb5dfaa045b8":"6697f889fcf6dae16881dc1e540e5c07f9461d409acee31842b04f93c00efbba670dfbf6040c1c2e29ad89064eae283fd6d431832f356e492bc5b2049f229892":"a6ac87af21efd3508990aac51d36243d46237b3755a0e68680adb59e19e8ae23":"0052152872b21615775431eb51889a264fed6ca44fa0436b72a419b91f92604c":"ebadf71565d9a8cc2621403c36e6411e7bed67193a843b90ccf2f7aa9f229ca2":"c83fa5df210b63f4bf4a0aca63650aab" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"6437862e93060def199029ff2182f1e5":"719d1afcb6dc8ca26cba6a7c10f59cf82345b2a0c631a7879812d6f2d2663b49f9e92daecb81ff7c0790205d66694526477d6de54a269f542cb5e77fe4bc8db3":"5c961db0ac2ea8caf62c9acc44465dcfb4d721fcb2cd3e1c76cdcb61bfaa7e75":"24eabd392d37493e306705d0b287be11a4d72dd4b9577ac4098ef0dae69b0000":"9e4f05c1b85613e97958bc3863e521331b2bd78fdf2585f84607bf2238e82415":"21aaae76dc97c9bf7cf858054839653e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"cd7a1981c1b7079c1c38f5aeee86db22207cb9faed8c576b1724ca7817aa6abfb26c42a019eb4c2f4064f0587ea2b952":"7f88c3805ae0857c5cbb085a5d6259d26fb3a88dfe7084172ec959066f26296a800953ce19a24785b6acef451c4ce4c2dfb565cbe057f21b054a28633afbdd97":"":"":"":"76c1cdb0b95af271b52ac3b0c9289146" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0ccdac2fd65a86bf8f8e9ddcabffb9d29a935139f627c165a815b23137eeee94cbb21be86ac5117379177d37728db6fd":"6f61703f92d3192cd982b2e52a8683e0d62918d51b12e084deae06c4a8e08ecfb3d2d30a980a70b083710bc45d9d407966b52829cf3813cc970b859aa4c871fe":"":"":"":"e6c73e159d73c2ba8950cd77acb39c10" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"fbbcc4abfd671296de3e0dcf409a139e35deae126c1941bf1afcc8d3da3a2d65f54a6d317bb6d683a3a77f6266b007ff":"c662ed723e7041877542fdcf629533d4a74393eb4dae4f3ec06d2d1c0d37ed7f519609a8485cb8deb578ae4cbb45c98ef7f2f2e677363e89fb3744286db6bfc1":"":"":"":"9d934d34417c6d0858f4a3faacbe759e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1b824790b6b22b246bcc1bcfbbb61a76045476672f917b72e79cca358e650eb29ed49fb0a5739e097f5f5336d46fc619":"c57a5686486ebacc2422236b19110c754795a869a8157901cf71303de1adc6af16a952190a395d6c20e155e690f41922f6f721dc8e93da81afb844f68714cba7":"":"":"":"13e7bf23d88f3bb5a5106a8227c8c456" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2ea7861e374232cb8ceecbbd9a18fc1f63c31f833fe394f1e19c8ef61092a56f28342fa5b591f7b951583d50c12ef081":"6a0873634094be7028b885c345cd5016295eec5e524f069de6510ae8ac843dba2cc05c10baa8aad75eac8e8d1a8570f4d2a3cf718914a199deb3edf8c993a822":"":"":"":"c008f46a242ae0babad17268c9e0839a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"39caa986b82b5303d98e07b211ddc5ce89a67506095cad1aeed63b8bfe0d9c3d3c906f0c05cfb6b26bab4af7d03c9e1a":"f2059f7fb797e8e22de14dac783c56942a33d092c1ab68a762528ae8d74b7ad0690694ede462edbd6527550677b6d080d80cdabe51c963d5d6830a4ae04c993f":"":"":"":"202d3b2870be8f29b518f2e3e52f1564" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a4e25102c1b04bafd66bfe1ce4a4b340797f776f54a2b3afe351eede44e75c28e3525155f837e7974269d398048c83c3":"0a03b7d026fab3773e9724dacb436197954b770eca3060535f2f8152aa136942915304dede1de0f5e89bd91d8e92531b5e39373013628fea4ee7622b9255d179":"":"":"":"be21cab637218ddffa3510c86271db7f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"6de33a116425ebfe01f0a0124ad3fad382ca28473f5fc53885639788f9b1a470ab523b649bad87e76dee768f6abacb55":"d88312da6acbe792d087012c0bf3c83f363fa6b7a9dd45c3501009fb47b4cfcfeb7b31386155fe3b967f46e2898a00ecf51ec38b6e420852bef0a16081d778cc":"":"":"":"2c285bfd758f0156e782bb4467f6832c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b8ab42fd3f6306426602cae0c48eb02ffa7053940389900c17846e1d9726251762095383f2ec3406b3381d94a6d53dd8":"6a7873ccb7afb140e923acbec8256fa78232f40c0c8ba3dcbcf7074d26d6d18a7e78fffda328f097706b6d358048ee6a4728c92a6f62b3f2730a753b7bf5ec1f":"":"":"":"13504a2b09474f90d2e9ef40d1f2d0d5" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"042b524444b9903c1ecb80af21eef0e884115561a15a1ab2f9f3a322edcbf14174f54d315196a632940c2c6f56612c09":"31ba5f801aeaac790f2480fbd2373a76ba1685ebebc5ae7cd4844733ec3cfb112634b3899104dcc16050e1206f8b3fb787d43d54de2c804fd3d8eb98e512bb00":"":"":"":"0a0484c14e7868178e68d6d5c5f57c5c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"632758f92efaca39615862177c267906ab0424230d481ee0a5aa1a5f66697d3918d4aab3f310b72a7f2d71c0a96b9247":"46dc837620872a5ffa642399213b4eebfb28ca069c5eaaf2a636f5bd647de365c11402b10ecd7780c56d464f56b653e17af8550b90a54adb38173a0b2f9e2ea7":"":"":"":"90432ce3f7b580961abecde259aa5af6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"7b389118af3d0f8336b41cf58c2d810f0e5f9940703fd56a46c10a315fb09aafd7670c9e96ffa61e0cb750cb2aa6a7fe":"76e92e9f00fc7d0c525c48739a8b3601c51f8f5996117a7e07497afee36829636e714dbcb84c8f8d57e0850a361a5bdfc21084a1c30fb7797ce6280e057309b7":"":"":"":"7243964051082c0617e200fcbbe7ff45" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e50d38434e9dfe3601e7ea1765d9fe777d467d9918974b5599ec19f42d7054b70ff6db63a3403d2fd09333eda17a5e76":"c9aa4739011c60f8e99db0580b3cad4269874d1dda1c81ffa872f01669e8f75215aaad1ccc301c12f90cd240bf99ad42bb06965afb0aa2bd3fcb681c710aa375":"":"":"":"28499495c94c6ceec1bd494e364ad97c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"3253cb074d610db602b0a0d2836df1f20c3ee162d80b90b31660bb86ef3f0789fa857af4f45a5897bdd73c2295f879b6":"b06960a92d32a9e9658d9800de87a3800f3595e173fdc46bef22966264953672e2d7c638cc7b1cada747026726baf6cea4c64ba956be8bb1d1801158bee5e5d4":"":"":"":"b6608d6e5fcb4591a718f9149b79f8f1" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"83e4733566f90c8d69e6bcbe9fb52521ff3e26f806d9b7b86e9344cca0305dbf106de855240f1d35492cc6d651b8b6ae":"0e0105b12af35ac87cb23cf9ca8fb6a44307c3dcdc5bc890eb5253f4034c1533392a1760c98ba30d7751af93dd865d4bd66fbbeb215d7ff239b700527247775d":"":"":"":"68d64d1522c09a859b9b85b528d0d912" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a94da55afdc50ce51c9a3b8a4c4484408b52a24a93c34ea71e1ca705eb829ba65de4d4e07fa3d86b37845ff1c7d5f6d2":"a53e371017439193591e475087aaddd5c1c386cdca0ddb68e002d80fdc401a47dd40e5987b2716731568d276bf0c6715757903d3dede914642ddd467c879c81e":"20f422edf85ca16a01cfbe5f8d6c947fae12a857db2aa9bfc7b36581808d0d46":"7fd81fbd2ab51c115d834e99f65ca54020ed388ed59ee07593fe125e5d73fb75":"cd2cff14693e4c9efdfe260de986004930bab1c65057772a62392c3b74ebc90d":"4f78beb94d978ce9d097feadfafd355e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e8649d4f86b3de85fe39ff04d7afe6e4dd00770931330b27e975a7b1e7b5206ee2f247d50401a372c3a27197fec5da46":"78d7d65c457218a63e2eb1eba287f121c5466728ac4f963aeaabf593b9d72b6376daea6436e55415ad097dee10c40a1ff61fca1c30b8ab51ed11ff090d19ef9a":"cc57adc98b2540664403ad6fd50c9042f0bf0e0b54ed33584ee189e072d0fb8f":"ab2f99e2d983aa8dd05336a090584f4f84d485a4763e00ced42ddda72483cd84":"0ecd7680e2e9f0250a43e28f2f8936d7ef16f45d79c0fa3f69e4fafce4aeb362":"08e38625611bb0fb844f43439550bd7a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"6c79e1556889b3c074fc083a120d73784b888c5acb877899f17ce52e424b84178d144441aa9f328c730a951b02b048df":"c78ff6b9fc91cbce246c9fcc2366d5f7dd6d99fb1325d8997f36819232d5fcd12ccafdcbefd01409d90acd0e0ffb7427c820b2d729fe7e845e6a6168fc1af0b5":"60cba10826de22c5e85d06357de63d6b2ff0719694dafca6ab33283f3a4aacdd":"8943c22fb68b30811790a99b9cbb056e1a2c329185a199c76ba5aeceb2fcd769":"70671a50e8387bf232989d904c19215c7535ad2d0c5dec30a744c8d2706be6ec":"f6b94b671cae8dfa8387719bfd75ee84" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"f5ab77b2a8e370548b88febfd79772144cd5fc8d78062582addd4ff1e5c10094b390e66b3c4efb087510de1b9d25703f":"21a21c9314b37d4ade4a50a5d85995e0be07e358ed9bca19daa867a8d47847105dca7a424f32f715adb8fea5d3a41cfe388872a42ab18aa5cbcd7bde4adc3f8b":"023d582569a7ff1405e44cf09ceebb9d3254eef72286e4b87e6577a8ab091a06":"39597519872d49fbd186704241ba1dc10b1f84f9296fb61d597dbd655a18f997":"3091c9fe96109b41da63aa5fa00d716b5fa20e96d4f3e0f9c97666a706fa56f1":"1fb57058b3ba8751df5a99f018798983" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"f0b79e292d0e393e78b6d6117e06d2e725823fe35bde1146502967a78d99d6bca564f0e2f324272f968be5baab4aeb29":"192054dddac02157a35eb7f75ae8ebdb43d6b969e33942fb16ff06cd6d8a602506c41e4e743b8230e8239b71b31b2d5e3614e3a65d79e91d5b9fc9d2a66f8553":"b12241e90d80f129004287c5b9911a70f7159794e6f9c1023b3b68da9237e8b7":"59e9c3c0f90e91f22c35a3be0c65f16157c569c7e3c78a545d9840f648c60069":"089a59af69f47ddb4191bd27720bb4c29216f738c48c0e14d2b8afd68de63c17":"15287156e544617529e7eede4aa9c70e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e3f33843aecb35d01001ff92ab9a0f1a5431ba9de3e4f3247cda8c62acc86f7066448f639d8ba8b5249337f8c353bbbd":"ef081af1f62400a3d193969d689a40234998afb646d99a7c4b9cbbf47e650cda93a90e754a16fffa25fc2a2edab09720b4520c47309ec4f6d9f76f0162af6cae":"e7cc55b72862544a8661b5034e15587b1e5a45eb5dc744f5fa1db9b267f1c3ff":"882d30c888eb8e344b1d17057074606fe232ceb42eb71055264ede7bb638f2a2":"9ce65e95c1e735fe950e52c324e7551403d0ef70ad865bd31fef1e22b129fdd6":"205e3a53367c4a5183be74bb875fa717" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"f30a18d597d8591a22dee908de95c5af74884b025f39b4f6707d28447d9d0a3114a57bc2d9eed8e621ec75e8ce389a16":"fae3d554d12a14e29de1b622922f27559559ca1518c9f800375a37a212e8b9a653cc3700223e9404d5bf781d15fccf638050a1394592caba001cfc65d61ef90b":"54240edd89016ed27e3bb3977a206836f5ef1fba0f000af95337d79caca9cf71":"250611e51852d933ff1a177b509c05e3228cb9f46dfb7b26848a68aad2ce4779":"f8b602d89fa1a0bfb31d0bd49246b458200a1adb28b64a68f7c197f335d69706":"7b63bfb325bafe7d9ef342cd14ea40a4" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"c8dbc3d39beb612811c52e2b46ef76d2b7bd5d3a90ceddf9fb864fe6f44e36687d88158d61014e192f9a3cd474338e13":"8e60115b4af9c8e5606223792539e9ba87e9ef46cd16fcc09046db1ef8d3c036241cae5d61141711818e9e861dbd833632069ebf5af1bd6d4e513f059ab1efd3":"9b56eba0838457f736fc5efa2cfbe698908340f07d4680e279d21dd530fdc8c8":"62c47ece469a7a409e4b2b76d1c793aaf11654e177cc8bf63faff3e6c5a5395c":"4251597013d0c949c53bbd945477b78aa91baa95f1ff757c3a039ccc4e1f4789":"af2f37160940f0cc27d144a043ddf79b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a37f9ed6c4e8f74ff16046b0678ef7bd24fcdca247b771ea1ce1fd48e3f5d2067e38aaf64ec59f1f49d96fa85e60ef03":"95da91f4185b254322ef0fc852473a9b9e4c274b242ded8a4eae6f1e2badde0664cf57f2128aa3dc83e436f7e80928a01d93bf25011eedf0190d0bf3619cd555":"b4a22f5598f79d34f0b9600763c081b0200ba489da7028ad0283828545c6d594":"fa3edc0962b20a9d9e1d0afcad907c8097c21d7a65c0e47c63d65cea94bf43bd":"49ba791a227e9e391e04225ad67f43f64754daac0b0bb4c6db77320943231ec3":"32f313ded225289793c14a71d1d32c9f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"87f85b9c19eba1d953b6613cf555c21bc74428d9a8fee15e6cd717e240506f3e80860423973a66c61820d4ce1c6bb77d":"f22dd3517350176e35e1b7ecc8c00bea4747f0ac17bda1b1ddf8cdf7be53ff8c326268366e89cf3b023a9646177a0dcca902f0c98bf3840c9cbdf5c0494bee3c":"611caa00f93d4456fd2abb90de4dbcd934afbf1a56c2c4633b704c998f649960":"cba68367dc2fc92250e23e2b1a547fb3231b2beaab5e5a2ee39c5c74c9bab5f5":"f4895c9653b44a96152b893b7c94db80057fb67824d61c5c4186b9d8f16d3d98":"a05de6531a1aa1b2ba3faea8ad6ac209" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"9670deb707caabc888a3b0df7270942934732e02be728a4bedb5fc9ca4d675b2f3b47c7132c364ce6292cef7c19b60c7":"bba34e6f4ee27e5d4e885e59f8bbb0dc7353a8912e66637d7515a66e5398d9a8cbd328fed32f71bdd34c73cdf97e0d211be6dabfb0144e1011fd136cf01ea4e4":"9f55da36babd6ea42082f5f5d4330f023440bb864f8ad5498a29cf89757eaeab":"8013a309058c91c80f4d966f98bce1d4291003ad547e915777a3fce8ae2eaf77":"c83106272d44e832e94c7096c9c11f6342e12ec06d5db336424af73d12451406":"bc8d4d00609662c1163dca930901821d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"6d984c8ab923a7e118447fd53ad287b8f01d1e6112cff12bfb338ecd3ed16bafdd634677c600bdd68f852a946f45c3d9":"ed0e524ed2990ef348dbb15b3f964b12ad3109978d6952ae193b21e94510a47406926620798e71a0ffcbdd2e54ec45509d784a8bfc9d59cb733f9f11fc474b5e":"0a3a32260d04dd7a82fb0873ecae7db5e5a4b6a51b09f4bf8a989e1afacbda3b":"3cbcabb83aab5a3e54836bbf12d3a7862a18e2dffeeb8bdd5770936d61fd839a":"f63b30a3efc0273eba03bf3cf90b1e4ac20b00e53a317dbf77b0fe70960e7c60":"ab9af144e8fad6a978a636ad84e0469e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2c59520d6f8ce946dcc5222f4fc80ba83f38df9dce2861412eebb1614245331626e7fb93eedbad33a12e94c276deff0a":"2882d4a30b22659b87ad2d71db1d7cf093ffca80079a4ef21660de9223940969afec70b0384a54b1de9bcca6b43fb182e58d8dfcad82b0df99a8929201476ae9":"d3c17a2d9c5da051b2d1825120814eaee07dfca65ab4df01195c8b1fcea0ed41":"dcc39555b87f31973ae085f83eaf497441d22ab6d87b69e47296b0ab51733687":"9a8a1b4ccf8230e3d3a1be79e60ae06c393fe6b1ca245281825317468ca114c7":"fba523a09c587ecad4e7e7fd81e5ca39" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1c1207f50b645aaed5c16fe36f6aae83af4924e6b98a7e2a2533a584c1bac123f8b6f0e05109e0132950ae97b389001a":"8ae9a5903da32a38b7c6fed92dd0c6a035ca5104a3528d71a3eacc2f1681379724991a0053e8dac65e35f3deee0435e99f86364577c8ebdba321872973dc9790":"568bfee681d7f9be23a175a3cbf441b513829a9cbdf0706c145fdcd7803ce099":"e32cb5fec72c068894aaeabfc1b8d5e0de0b5acdf287a82e130a46e846770dc2":"d4418c333687a1c15cac7d4021f7d8823a114bb98f92c8a6dccc59ff8ad51c1f":"194e3018377cef71610794006b95def5" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 [#1] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"28254014c5d6ebf9bd9e5f3946fc98e55fe351deee8fc70333e4f20f1f7719a522b3ea9a4424afe68208d1cc6c128c47":"98a0db985544c33990aee0f69655dba7198e6720ce56ff9d4662e26f0c6b4ee7ab599932c05295f6c5a4011085c5b2c861a5a8ae4f572ce614ff2dafc0fddb34":"64215cbe384f1f4cf548078ffd51f91eee9a8bae5aacdd19ca16bcaaf354f8ad":"2e21df638dabe24aebf62d97e25f701f781d12d0064f2f5a4a44d320c90b7260":"7f936274f74a466cbf69dbfe46db79f3c349377df683cb461f2da3b842ad438e":"25c469cc8407b82f42e34f11db3d8462" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e26c8a13dae5c2da81023f27ab10b878":"fea104f90c5881df7ad1c863307bad22c98770ecd0d717513a2807682582e3e18e81d7935c8a7bacddd5176e7ca4911b9f8f5b1d9c349152fa215393eb006384":"":"":"":"fd87337c305a0a8ef8eef797601732c2" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"8d7dda20a9807804bfc37bd7472d3b0c":"1d723cbc2ff2c115160e7240340adbf31c717696d0fdfecf3ec21150fca00cde477d37e2abbe32f399a505b74d82e502fbff94cecac87e87127d1397d3d76532":"":"":"":"7221761b913b1f50125abca6c3b2f229" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"c02e3b6fd4fea7ec517a232f48aaa8cb":"0820fc21cecba6b2fe053a269a34e6a7637dedaf55ef46d266f672ca7cfd9cc21cd807e2b7f6a1c640b4f059952ae6da7282c5c32959fed39f734a5e88a408d2":"":"":"":"667d4dbefe938d6a662440a17965a334" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"9aee0326f9b16f88a4114e8d49b8e282":"ef0aae3f9c425253205215e5bf0ad70f141ad8cc72a332247cfe989601ca4fc52ba48b82db4d00fe1f279979b5aed1ae2ec2b02d2c921ee2d9cb89e3a900b97d":"":"":"":"651ad783fe3def80a8456552e405b98d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1e7a4961d1cd2fd30f571b92a763c2c5":"a9262ed5b54880cc8ecd4119cce9afe3de8875d403f7ca6b8ed8c88559470b29e644fddd83e127c5f938bc8a425db169c33c5c2d0b0c5133c8f87bbc0b0a7d79":"":"":"":"1124c509ca52693977cf461b0f0a0da9" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ae0b0d2e84f48c632f031356cdea60ac":"554cf6fad1c376ad6148cd40b53105c16e2f5dd5fa564865b26faa8c318150bfb2294e711735df5eb86ff4b4e778531793bad42403d93a80d05c5421229a53da":"":"":"":"1212e5d3070b1cdf52c0217866481c58" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"16b8c7495d43cd2ff5f65ad2ab48ecef":"7cffe2bef0d42374f7263a386b67fba991e59cefd73590cbcde3a4dc635a5a328f1a8e5edd3ada75854f251ee9f2de6cd247f64c6ca4f6c983805aa0fe9d3106":"":"":"":"d3869a9c5004b8a6ae8d8f0f461b602b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a2d5eff6f73f98e5b04c01967dffa69b":"59759bb91b3c4feb18c0f086269ec52e097b67698f4dfe91ebe8bef851caa35cadb3fd22d1309f13510e1252856c71394a8e210fdbf3c7aae7998865f98e8744":"":"":"":"a1f99bd9522342e963af2ec8eed25c08" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ea1f47fe5e281136706419ea9b652967":"0ec7c617f85bec74044111020c977be32ab8050b326ebc03715bbbffa5a34622f2264d4b5141b7883281c21ea91981155a64fb7b902e674e9a41a8a86c32052b":"":"":"":"daf75b8288fc66802b23af5fd04a9434" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"6f072c681a82c00dcd0d9dd5b7ffa2af":"cd7ce90f0141e80f6bd6ff3d981d8a0a877d0ddae7c98f9091763b5946fc38b64c1ef698485007d53251ad278daf5d4ae94a725d617fc9a45a919a9e785a9849":"":"":"":"39c0144f28c5a490eff6221b62384602" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"9d730655366e2aa89ee09332bd0a5053":"854766e842eb165a31551f96008354bca1628a9520d29c3cc4f6a41068bf76d8054b75b7d69f5865266c310b5e9f0290af37c5d94535cb5dc9c854ea1cb36eb7":"":"":"":"baa2a3ed6fdc049d0f158693db8c70ef" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"3363881611bfd5d16814360e83d8544f":"6abfab14cbf222d553d0e930a38941f6f271b48943ea6f69e796e30135bc9eb30204b77ab416ac066da0a649c8558e5a0eac62f54f2f6e66c207cab461c71510":"":"":"":"5be410ce54288e881acd3e566964df78" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"14e589065423528ff84a1f89507ab519":"0d2e446cad387a962ff2217c7cf4826dcabb997ab7f74f64aa18fbcb69151993f263925ae71f9dfdff122bb61802480f2803930efce01a3f37c97101893c140f":"":"":"":"fc2d3df6c9aae68fb01d8382fcd82104" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"974c5ae90347d839475f0f994f2bf01d":"aa04d9fc56349fdd31d868e9efc2938f9104c0291e55ac0aa0c24ec4609731b8e0ac04b42180bde1af6ad1b26faff8a6de60a8a4a828cd6f8758c54b6037a0ee":"":"":"":"3caec482015003643d5a319a2af48fb4" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b3a110587a16c1eafe51128a66816ecf":"203bba645fb5ccee3383cf402e04c713b7a6b6cca8b154e827520daac4ea3a0247bbdc3b2cd853e170587d22c70fb96c320ea71cb80c04826316c7317c797b8a":"":"":"":"9af4f67a30a4346e0cfcf51c45fd2589" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"55546068cd524c51496c5fc9622b64c6":"951e712d057028158831ca8c74d4ae303c6e4641c344a1c80292260bdd9d8e2f5b97606370e95903e3124659de3e3f6e021cd9ccc86aa4a619c0e94b2a9aa3cc":"2d6de8661c7a30a0ca6a20c13c4c04421ba200fbef4f6eb499c17aee1561faf1":"41797b2eeaccb8a002538d3480cb0b76060ee5ba9d7e4a2bb2b201154f61c975":"b744980bb0377e176b07f48e7994fffd7b0d8a539e1f02a5535d2f4051f054f3":"65b9f7382ed578af03efa2008dbdd56f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a0c92565640a3315cac8da6d0458fb07":"6e9b31755c1f45df7d685f86044ab3bc25433a3ff08ab5de7154e06b0867f4e3531ed2e2a15ab63c611fc2894240fdac1d3292d1b36da87caa2080d1c41bcf24":"c6c74690bdee26288d2f87a06435d664431206b23b24f426e847fb892d40d5d5":"4e7dc1adbc8bc16ba7b584c18a0d7e4383c470bff2f320af54ad5ade5f43265b":"c6fb8ee194a339726f5051b91925c6a214079a661ec78358e98fc4f41e8c4724":"c3f849ee7d87291301e11b467fa2162f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"63e143bd6a87065a00eea930593f9b29":"62c2c790cb56518ed2d8d65952bbd4ab85a56463495c940b94f403a93338bdc96129feea9335b1a3e0ada7cf4c207f4732013bc6a52db41407bf5d6fe9183b3c":"7b4e9ff0c8f8c90f8b324c7189226d3adccd79df2d0c22b52fb31dbb5dfefba6":"49e1aecf2b96a366325dc1892c016a5535dd2480360a382e9cc78bf75b2bba37":"f4ce1d27e759f3ba4a56aaab713642b4c56810c9995fbfc04ce285429f95a8f4":"513111abaae3069e599b56f7e5fb91d1" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"98dc16e95f97b5b9d8287875774d9d19":"2fab4a629e4b21f27488a0c9ed36fc8e75bee0c386346c6ec59a6f045975e29818440a6638eb3b9e952e19df82d6dc7b8b9c18530aef763d0709b3b55433ddc6":"2e9d2f52a55df05fb8b9549947f8690c9ce410268d1d3aa7d69e63cbb28e4eb8":"57ecdad71d709dcdb1eba6cf36e0ecf04aaccd7527ca44c6f96768968027274f":"7b2da3d1ae252a71bccbb318e0eec95493a236f0dec97f2600de9f0743030529":"841882e4d9346bea32b1216eebc06aac" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"5dbac5c313527d4d0e5ca9b6f5596ed7":"c00b28c78da4f9ce159741437fe7f90e4e23ecd01cd292f197202decbbc823d9ce46b8191c11e8f8d007d38e2ecd93b8bd9bbad5812aaf547ddf4c7a6738b777":"460c54f4c3fe49d9b25b069ff6664517ed3b234890175a59cde5c3bc230c0a9e":"bf5187f1f55ae6711c2bc1884324490bf2d29d29e95cad7a1c295045eed5a310":"28fd8277dcb807741d4d5cb255a8d9a32ef56a880ccf2b3dcca54645bd6f1013":"b488f5c13bb017b0d9de2092d577c76e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"254d5f5044415c694a89249b0b6e1a2c":"4c1cc9ebe7a03cde31860637d8222faeefa9cbf789fab62e99a98d83084fef29eafcf7177d62d55435a1acb77e7a61ad86c47d1950b8683e167fe3ece3f8c9e8":"71af584657160f0f0b81740ef93017a37c174bee5a02c8967f087fdbfd33bfde":"96e8522f6ed8e8a9772ffb19e9416a1c6293ad6d1ecd317972e2f6258d7d68dd":"3aaa5e4d6af79055742150e630c5e3a46288e216d6607793c021d6705349f96a":"66629af4a0e90550b9bd3811243d6b86" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b46fceed0fcc29665815cc9459971913":"ff62d52aed55d8e966044f7f7c5013b4915197c73668e01b4487c3243bbf5f9248a4fdd6ef0f63b87fc8d1c5d514ff243319b2fbdfa474d5f83b935399655e15":"994d6b5393fbf0351f0bcfb48e1e763b377b732c73bf8e28dec720a2cadcb8a5":"118bb8c7a43b9c30afaf9ce4db3e6a60a3f9d01c30b9ab3572662955808b41e4":"bb47e443090afc32ee34873bd106bf867650adf5b5d90a2e7d0e58ed0ae83e8a":"1865fee6024db510690725f16b938487" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e1a5dd32fc7cefb281d5d6ce3200f4ca":"bf1ba4166007b53fcaee41f9c54771c8a0b309a52ea7894a005783c1e3e43e2eb9871d7909a1c3567953aabdf75e38c8f5578c51a692d883755102a0c82c7c12":"32e9922bd780303828091a140274d04f879cd821f352bd18bcaa49ffef840010":"01830ddd2f0e323c90830beddedf1480e6c23b0d99c2201871f18cc308ab3139":"f36d792dbde7609b8bf4724d7d71362840b309c5f2961e2537c8b5979a569ae8":"7080e8379a43c2e28e07d0c7ed9705a8" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"d1b7be857a422b425ae62c61e90a192a":"6ac34c4ce22b644632283ab13e294df2093e939d32411340b046c26fcc449d0fd6d14132c7205df303dbb663190e6e86ad12e14e145b6603308241f38d94eb5d":"aacfe8553d5ffef6abc3fd8f94d796cae2079ff04f7ab1b41982003f02427c7a":"01d2d1bc29d6a6b52bb29bd6652be772096ca23c838c40730d5b4a4f8f735daa":"27af728ee07d3f5902f4e56453b6a9feb308ef14795eb5630b2651debdd36d5b":"b03fbcd03fa1cc69db0a4e3492a52bad" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a2c49aa6f3f92e36266bf267af5877ed":"5684c3eb99314127078484959314d52b3bc50cb3615c0eef6b48850d98aee04c528b0693be13ed1bb4040e8e96cb13c316143f0815cd68d1bb7931a3d9b88a3d":"566522085426b76bdef152adefd73ef0f76eee4614bc5a4391629ec49e0acffb":"30ef9585148dd2270c41540a4235328de8952f28cf5472df463e88e837419e99":"adc46e0afcf69302f62c84c5c4bfcbb7132f8db118d1a84dc2b910753fe86a2d":"4edc4383977ee91aaa2f5b9ac4257570" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"43852c53041a3a4f710435dbd3e4382b":"ab7bca5595084bccdba80ade7ac3df2a0ce198fa49d29414c0249ec3d1c50d271ca74ba5c3521576a89a1964e6deded2d5ba7ff28a364a8f9235981bec1bedfa":"c5612a9540b64fc134074cb36f4c9ea62fff993938709b5d354a917e5265adee":"eee2258aba665aa6d3f5b8c2207f135276f597adb2a0fbfb16a20460e8cc3c68":"a6d6d126bed13dbcf2b327aa884b7260a9c388cb03751dbe9feb28a3fe351d62":"e04c3de51a1ffe8cda89e881c396584b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"52628551ce90c338ed94b655d4f05811":"b3a4a3c4d3d53ffa41b85ce3b8f292b1cc8e5af7488286d4c581005f8c02c5545c09bb08d8470b8cffdf62731b1d4b75c036af7dc4f2f1fc7e9a496f3d235f2d":"f5f9d5b51075b12aa300afdc7b8ea3944fc8cf4d1e95625cc4e42fdfdcbeb169":"60bccbc7345f23733fe8f8eb9760975057238705d9cee33b3269f9bfedd72202":"c0fa3afd6e9decfbffa7ea6678d2481c5f55ec0a35172ff93214b997400e97c3":"5a113906e1ef76b7b75fefbf20d78ef8" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0e4873c4cbcde280abc6711a66dbb81a":"1ab7c7d8fe8f505e1dd7ddb8e7cda962572f7004b2a14c7a7c5bcf24bd16616e2c42c50ae5db9981ccd7d0c79062ac572d3893486bd0ae1f99cbc1d28a9e4c1e":"e4b89e28663e853f8b380c8a4491b54121fe6927340a74342362c37d8d615b66":"619775878879eff9ee2189790ff6f187baed4ed1b156029b80e7a070a1072a09":"ba3d673e5e41bd1abbc7191cc4b9a945201b8fef0016e4774047ee2abf499e74":"4758fd021c34a5cf6bea760ad09438a0" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0684e8ef93c3363ba535c4e573af1c24":"748a5f5fde271c563a8f8d15520d6818f7ed0efb9b434adf2ff9471b391dd225b37868179ffa9a6e58df3b1b765b8945685a2f966d29648dd86a42078339650b":"e90c82153d2280f1ddb55bd65e7752bf6717fbe08c49414f6c129bf608578db7":"c17e97c93cfabe0b925ca5d22615a06430a201b7595ad0d9967cc89a4777947d":"3d554c430c8928dcdb1f6d5e5a4306b309856a9b78c5f431c55d7ebd519443bb":"d3da71af70e196483c951d95eb3f0135" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"89b885ddb12abc4f7422334f27c00439":"e2366eec626bfd9cb932bcaa0569de6a7a37cf1dfde1f25d00d1a0c89fe25fea592cbd2af7c8202521fa48e15f7cc7e97e431b222b516a3ad2bb7b55b7fcf7f4":"c77ee92bd17939efe9bee48af66589aee1d9fe4cd6c8ae26b74b3799e35342a6":"23e80d36ca72ecc38551e7e0a4f9502bed0e160f382d802f48fb2714ec6e3315":"6b83f7458dc813ce0b963b231c424e8bced599d002c0ef91a9c20dcc3f172ea5":"81d13a6b79f05137e233e3c3a1091360" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ff568be02a46343113f06949a16cc7d9da315aef82f5681f0459650e5e180e65d1d77b00e5ce3e3f9eb6c18efff4db36":"77de4e5db3b308c38c814228583dfd1eb415771f4ae30f9cc2d35b48075286a4e8c2c6f441d1aac496d0d4be395d078519e31cb77d06d6f7fd4c033bc40fd659":"":"":"":"448ac707ba934c909335425de62944d6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"6f092b85eb9f96427642f69467911172cba6df86e0db08d04e824cde6fb91d9b9af2cea53f42d53c45ee3e69a2327172":"667d3ed9f41a154ea33b55182b8bee4d7d46eff8e890c7036cf7c2665d44c28f9e3a8cff166dabfaf262933d337e729e0b6a60a51d00ba18f877bdc9d0cc659e":"":"":"":"16a200f683ab862947e061cddaac5597" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"26e635a6a2b6402b968c1eea13c6a980a0ee9b8497abc14fccdc5bf8439008861f74de2c200505185bf5907d3adc9de2":"80e56f9893beb9f22b2b03caa8f1861d5b31b37f636f2ccbc7e4040ad3073aa20f2f3c6bfefc041df8e57e7100794c42732b6d4b63d8bb51329ca99671d53c7c":"":"":"":"807586c977febcf2ad28fcd45e1a1deb" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b239c485d319ce964d69bd3dbc5b7ab9cc72ac9134a25e641bcd3c8b6f89e7e08ef2d0a45cf67667a4e2e634b32d73ff":"c963e17ef46b7b2c68756019704ec7435ec093c423600b3f2f99dd8989f8539a11b1b0598e93e84d50b65e816e794421ab546b202e4b224a8494538dda85da82":"":"":"":"2a3218b4d59f99bd3825631a6eefb09c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0239545a23735b803ae7cb7766194917d6cce164f7ec4f65c6ccd5ec1db5297722d4b7466589da4d39f4585856bc1d7e":"71a440b70a2b5ce41b85de27d987fa2a0628d7990dd7cd1460fddc5410ce6e9bb0ae4f90231f45bc71188fd94e4170389a8bbe4a7e781c95c9a97ad78ba7d07b":"":"":"":"9dafaa8b727c4829dda10a831e67419d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"237e8916eadd65e3422fe59ab257b7e6957fe24f760b499fbd052241879e8294b01d2169ec2b98f52660d9f5170dee22":"d8908cfc1ea8518c1442e46731f30fdad85399894db262b8f4fdc0dbcbf11b60b60b25d3108f4b169fcbef621a14c635525fa3af8ccef6b91f808479509967f4":"":"":"":"593c39c56bb9e476550299ee8d85d2fc" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"28b6639b415c79012c749dc2a0d18433ec36eda55815f0841241453fa11b9d572b7c29208e01dbb0be91e1075f305d7f":"6767c3eb6ba1b19412c32bfe44e4d0317beba10f3abea328cda7b7c14109b72046c8691c1c7b28487037d381f77a3bbc8464a51b87de68bdc50ec9c658f915ab":"":"":"":"e390806219fa727e74a90011b4835ed6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ce735a8549fc3f9dfc7b96bf0d48936a711439ac7271d715a278718aca9e2fe3c801030bc74b048ac1e40852345e87cc":"510b0dc06e84ceb901c7195c2f00ad7a04bdd75e0ab52b3d2cd47ddfcd89248dd58e3f1aa8c1ffe306f493905f65369eaed2a5b337dff8ac81c4c1e8903a6ad5":"":"":"":"ba871ba5843083b553a57cf8defa39d7" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"841ea92fa42c06769c5c52fe152d07837b8ff0048392caa5dd045054353d363b25439eb5885e96771dded4005f2baf42":"97511ae52590a0b64b75c37e10b89671880d2d6e8f90780ac27263dbc0e32d0824be5e80a88cf8fc3d4c607eb873c0322d09b9ca3498c4015c53ca6fee890093":"":"":"":"a8fb31362bd997adf4d9116e23dbaf10" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"55cd76fa5f004b97bb8e14170f79f52715d18c60f142b06d16e8e06c274798190a79c8b325163989d86323c03dbe0d68":"bafc0ba64669c9a36514bde6169034101f29e2a0a4b9a55c0aae7dff0c5aca2371b523e26dc44bf75493bdaa023d1555294178288b70f1ae72150d9f7265b4e6":"":"":"":"fa16dbdaf01b3c202426adabf61fa64a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ff3f3098fa3d2b23b38ed982e7afb61d46b4848c878b9280f8e5ed6bd81176e76f0a2a85071a411829cf84421c22f23e":"92194e2c700fa724489683d0b6ddcf72c89b9c3f3ff584e802ae426be4908b1ade093bcf9baf7738b988dc0fde1739498a97c9610da853a7c83981c6a7b68096":"":"":"":"f85490426dc243ba09f9719bff73545a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"7242c1020a63770cccf6f8100970990232a9d11d61c9b0d38fe5e7a568a86252a66481212e5d53c868561298dd5bdeec":"7c3806a32ccf3252ac27a92a07209cd7000b160faa70b9024420b903587d1d77f002d3abe28b563d32ccc502b88f83bc5996f3dbbf0f57835839eadd94563b9d":"":"":"":"2232181f08c1569efaad1a82bcb5f3ba" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a2e445290fed8187df6d2a57e68385bb62d700cb8f140410766b53e69e6a0f2939bbfa7ce091525c9051f064e383a2e1":"fdae5f1ea253108fcb255d215a3ce1dc1d101acf89de4423b75a74619e95f3feaa35b5e0bec430b0ad9567df818989c36c77742129af335c90ceb6dd79c7d2c4":"":"":"":"3841e2d795b17cb9a2081d6016a1a71d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"bc885454e385d911336dda9b7a609a6a7079a4a5a860fcd704161c34658bd98685bb03418b7f24f2ed9475eb8ceb232e":"77bef884a91126564b3214029ac6842d86e4c1fa283e33d6828d428377416f66947e39a4a6708e10bfdae8337a6f302420a6649fc109d0f094c18c1e9361375a":"":"":"":"ea20780ed280d8109f811a6a398c3e76" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"c1825cf00cdc2da93adb3e7a33c1f3a76c49166887883744ea2683ddca23f31900f25c434364c992a6d913f753a9c42a":"56940a6fc4823c9e42e8ffed63fc3cf46d0a2b305c236a511b0b5ec7005ecd8989bf2006ebe52ed55845f7cc25d3d0086cece95f0bff6fa7e17ddf474704abfe":"":"":"":"b037c7f0f85f4d7eaeeb17f4c8643a74" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"19b83c0deea6463a3912d21ffc8d8041a5b30640352abc9652770cfca99dc53c9c09942ddd67b91f4da50a8615462ce4":"5d85c56d0d20ee39958a90f301d2f8bb136fa34d09b41a0c9375114a0df9c1dcdb2a62c4be398d9eaf2440949b806f0e5a977da608eeb652a41711d1e9b72655":"9c1db928b95c84cb674060a6d2f6b7a6a5d43e9ee967e9f821bf309ca5f8821f":"a3111cb57365c617df0b0bb3a1aada49ca789bc75903eeb21e42a7d3d0dd0825":"ce7f557c70676987d13aca60bc4585147efeed97be139871a1b29caa1e180af9":"4a49430277d64446e2fa75763eb79ec6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"239f21be6cda23e8660c8a5e04c79f6dad6f363ac6dcffd9228699ae43fbce5ac3c51645500cb3eae68f0b604dc4472c":"2975a099f7e6530e5576534c25171f39131d6bffb99259f7f2bbf7d77de9fb1e829052b54a9631a733113021692eba1097438347c6de82307a0c2bb308edf065":"d451a54584e6d1d634217379e7e60e67303e19dd4ba63b097899c7349a5a7433":"a33dc24c6a656eb26275415581d568b7c2424a9c5fb9e2944ca35ecbf641f713":"8dfccc62379af46844df136122b72a878d9d61b40ccaa029b09e6b9f0b4d0192":"005e91760d89ecb64b5fc3b0e222fca3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e326abbe1db3ead3738d2ca4d9f1d62080cd23ff3396f43a0af992bed2420cec6661dfaac83c3c4d83347ac840f7dc14":"37c94d11ed0e93b8199d43d6eb242165dddd12fe39c0bea4cdef6bcfeb5d17bb866f080a9daef128f685fb3bc59c945927fb0aa3e17068515c3c92fbdf04a228":"1ff41405dbb3b12b8ddc973069edc2d2801af0e0dc9bde2cdd35c5b2d4091509":"138b6d2eabef4b32174afb0156ad1df570cf6e5f6ebde5d19cc30daffd9ca4f2":"f27cf7422808c54c58fcdde1cece92f5342c7a10ac43ab3b2e53362b2272e3ad":"506d6fae6fff9f222e65ac86df61a832" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"cb0229d2bb72d910b0169e8f93318905aef8dd93ed91a2f8388545db32db3f2489e7988b50de64c49a9f7feb5abe8630":"514ec8c02439290853434e75e3d0bd159eacd5ac13b8f202cfd5c36cdc0fe99b53a1b7a1619e94eb661ac825a48ea5ef8bb9120dd6efc351e39eb7cc5223f637":"a6ed69c9216c551793107f1bdaa04944f6d76fe4474f64bb08b0ebc10a18f337":"e0bc1cc56fdfeef686e0c7ec359e2e8bd48d76c8643c40d12325328170bbf702":"87c5b23aa3c100ff9e368fc47534ff8fa2f9e2bfd3599519ee6f60164485cf6d":"bd419968f636e374268ccdd62403f79c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"bdd156ef3c4e09b77fe8781c446eac55b562e4ee1b7d15515a966882d4c7fadb0fc7b37554ba03908838db40499ded5b":"9facd9f4587819acb358e4936d9f44b67ddf82616e79a44ffd6a2510f652f6b9cebc1424b5c642362b19f63c615f49686df66a8f80ddffb56ce0c0d8540150fb":"35ea316fe302786f626e3831530622b62eb33a3608d4af3384ecfcbd198f3f05":"8d4fae22290b6ef8618ded1c3412e85fab7b8d17fb9cbd09dbc87f97279cc72d":"2f54928372e4ce447201427a3ae05769ae1c54b2e83bdc86d380a90b07f2890c":"8045e8da88b1bc126785c8a771db5354" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"154876298a1b63334624b367da984eb31d7260abe79ced41de35ba68a716233a5df0937b90f89dde7fd55a9693c9031f":"36895f574e9e9d08e6c885d305eb4764c1e5689d1f99c2462b3ebdf659e8ce43818dfc886ec797843bfee361b554cd5f969b0c7b0381b53f4afc1bcadbf7eb1c":"c3a46105c50a167a5b0391053f3814a06c90cea2c1fa9329d97fdbc62887ff6d":"54c7d66c65dbddb4665981bff0f503de37d724362aeb67abce6a870fd6a7398a":"58204ca953cbd46dd6c8870b358cba77c436870db49bcd3e2f92697bb580b460":"cd903c0f11ea701214f91715cfec11a3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"94e273fde1e699f84aeef343eb0277c50d169bb5496575301021a2be50df6a555d1422ea88e0e4d905158e93fd8d0089":"1cd97b6e6e7f19401e409aea7b3ec33a8faefd71402b8f34a73c1cb1af215e0e87debe68bce590d41c1f90c6ad9db3d30b3901862e076d765ffdf58776e5fb7e":"6ee75e9f9aee6ac93e20f742f20427e5eb9b4ad2ed06fbba8c7b7870a96941ac":"0ba60399893ede284372bc4e0a37702a23b16aa8e5fe70ea95429af87ff291aa":"94bd2b51c32d29cd14e2123221e45ec0cf1f38766fb6bb0716856d0138f6fa39":"831793686abd406f7b385cd59e497b18" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"5a699113ebf98bff9cb780ce29747a61ba2d7581a5716065d018c89348d7c2ed3f5bba32442cd192c1e37b77b98f5791":"de6d2a3b6ad9af07058d3b1d1976cf61d49566b965eb4e9b74a4cad8e286e7a40b254b860e2e209a8cb4cff3a8e615b84f5ae7505957a758e266a4c3e915d251":"ed18c16a61ba5ecc0755f94c286390a6d46e6e26439dadd36c83ebdee42b4b4c":"7c4550d058b85580be2053fd9d933c87041c5c3f62a5b6b303259dafc90d9041":"ebebfcb9b4b3595e516939ca0688422bbdfc4b9f67b0d6619757cb315b7d7908":"1a5a496aa2268483444b3740c9cc4104" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"42450f2689b87a3dd940f3b9e3b32d4654c725a24ddd2c22f006694321dacf1980b50f7ac0401626453ec836039bfdc9":"4765399ccbbf3d33433bb992ee29e4381f28d800b05431f1c5b3e949c5db72c582bfe8ba08db1575b866816cabbe5e1d31d8a870ceed49fb75676c97020d1f22":"6ee5a7613c25ecec263a2fd2288948b2df9a05d50040c4031b0653878fdb067f":"68a1038481be7412d6a7c8474d4b2a2535c9b55ea301ee800d5a846127d345cb":"7a1915cf78e6da2dc7840cba40390d668d07571608b77857d2224c4531c17bb8":"80a6c622e64495f9a391f5a8a9c76818" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"873869e194201b822b140bdd7797dd1ed408f2190b759c068b7019e6707f60751e101d3465c4ec57dbf9d1ea7597fa44":"d2f92706ca3fb9ced8183c74704440d7eedee1542c2e812f65afc83f4b62dadf1c51fa68f8d5f457a893211c8afc82c93e6a1e15822eff0d4ada6efd25d271a0":"8d0393d2a1ae8930ea88773adfa47b49060f0bf2d3def2acc57786bfbd1e2d6f":"5bcf5ff4fbd9eaabf8bf82ec7c59b043fd64b0025ad1ab2b384e399b9e13147a":"6e2d05e286c90502a3abf2ee72ab7ffb520ce5facfb27e095787a09a412abec3":"e1ceda71b8feb4b0d14d35bbb57a79a2" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1fecb5fe87c2a208b4f193e9c3ff810954c554150d544baea1685fb4774320315d5cb651be493ef120ef6966e3e7518c":"34bc292809674352ffb60786dca59ec799188aa401b366a48cdeddf37c12ee4c666f8fb3a0d53df4cd7191166d50ff01d992f94cd92da7a385ffe5795b197ced":"38249fed34a907768eac49267c2c613a65154eec5b73b541d7d7b314b5080061":"115be9cb914b50480fffe078d8170870b56129a0a74271dee063f8b2049e1be3":"69fa6faf7223f5bb1b55f35a544f78181579b1745990053357916fe507e51db6":"60cc92d3ba3ff0715f5627182334ed1b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"4d283eb5ecd85a1613c975e24832770643613c9a5aee0d8649bc0d68c89cf1ea6ec3a1a22eefd9e212d602c338d64c6e":"4aa6917a5c9f370590d70536fdd89c916fec5e5bcbade8c6a6cfcf5b232c98a6b3e6b79a2dfb0778fbc3f1da7b06044d7b0fa2c04ffc3b71324aca1ee19f936b":"05a7092a684ba7a7fbd33533f9be58a4140a3855d4c5f44a31d665a0720c1739":"557ef1bedc890d1543de6cfeb25642782683d77a46bc8aa0836b07157599c7c3":"e87e45073ff8e36c38b128cd2275a160e431787b5e81f6c2fd7a37909eb72ea5":"31ecfb1bcf3253ba5f71b185a66c7cff" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a6f488104a6c03e354d5d1805c62dcd3016322d218747fa83f9199e20f6ab1cfbc2b889536bda1187f59b7294d557ff2":"22f8ad57a2dfa8010e2865ad6263823652917b84dfea61f639efdb0fdbb35c6341ca7721095d69686212dffe78410c0d0db94f04756d52e7d76165d5a1d516d9":"fb9951d563f7aa88db545874b1a3049c5f79774d486e7a28aed1ed75f59224a5":"b1ea7c6b53e79e4e947e63086dee32dcc17bc4f27fba6142f8215ec081cdd5c9":"0d12cc0a39bfbf87194e4070f6b54caaabbe48fa192b96cfed2a794d95fa299d":"62a1c5678e6e8fc738d375e2ca48751f" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"9d67e017e0abdd7c079bc0354f33dab696ad64146802f06d6cefd9cdefbf55b197f5899e5efaa269cc0432c87648ce18":"d8be0ec1119ff959c32c9cf29914e3f7bf2b01bdbf806c2d9ba119ae2a2cfb565871762b02ee7bf68f1d280532fd7ae7368517f6f751739b228d23df2f207f35":"74a5e24477e8759bedfbaa196f398777108392efb8c64c65c0c9ecd6cd3b5f04":"70cbc6cfe1d6ab4bc30d66fa162d5d4b3029e4b1b9d759f3eae17fb508e91a46":"d3c538e042f0eb796b4af9b4e65cd850425c72e2c896fcea741c17172faf27d9":"559a5e04b75cec250aac2433176a725e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 [#2] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"10914608a6d373a26c53ab83014283b678d73dfea65b4a3540af17f2fafa3b3cf698925b423edb9f946b906f43110795":"9ded87d289412dfda8935e5b08ec66b68abd1bae1fc5363e4341f58db954f1f9bc4b681c0d930ba080f85f8fd04c173cb2b77723ce67692efa7ade48b82b6926":"225159b4c679094f277516b2335b1e8b7d0a7ea33fd56822906d481fe412586d":"4967cd401cd466aba0be5f55615ca0d9fb8adbde5cb4e6ae3a0159fcd6c36bf0":"fec14f325b8b458ddf3e7f2e10938f4c2d04c8d9885bb5b9277bdc229c70b354":"1cd5c0bdeb87c79235bead416c565d32" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b023f6a6f73d4749b36eb54867994432":"2462ad760ddbca4e013688bf61381f190c7b2de57cbeeec81d6ab7b6f067b75adc3545887f8d2aa5d9b9dfcbfa425d610faa9c247eb5d71145f302918e908ae5":"":"":"":"c0620c68515a4618e572db6e4c14473d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"7e0fcd953c1c8bb8d03d7a0e918fb59d":"56b2e11d5c2d87d2c9c90c285e0041beb4594a6efdd577580095612e50cf47c0b76208337e1e18453082d725629667d86226ab22944bbfb40c38b7986e489adb":"":"":"":"7194eee0d333fa5282dc44db964ecf5b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0130217d4a3945402ed99d7b8504fe4b":"28e592fd9db72b40ae4888078aedde260f6de4f0472a7601258e694d7bb6af6810ff4eabdffb332932765fa1d66650fb78cc2be484c0ba803eb9a2502020e865":"":"":"":"4652f0545385fdbe02d05aec21668608" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"07854447e33521d2d997d90c0887f42d":"c561ab6acfbfb98879982ac7add92b80471e0154b77ccc9fd98e7c2013c411e8075948e97ab4db7505797a99d456e54e6585042efeff7e3970e399ea0d27537c":"":"":"":"1a14a810c11b4f0af23c6467c47bbde0" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"68a8ec01581d6066391f3e5977465026":"747c7e9aace6d4f840c7b5261e0af796c516477421d52850a7072a0ab2c768fcc80c9ba8d18b228e77a7f6131c788a76515fe31aef4ed67376568231a4700fac":"":"":"":"a5723c43743442fae3637bb553891aeb" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1459038c60b70bae7af0da6cfab707a2":"9f7d839310846bd452827a185539c0eb0f106acc7bc4de80d3521a970b23483d57826b1484d329a2d1c2ecfeaf8eeffbaa6e1a305e3f1e47b96ad48a711ad1aa":"":"":"":"5fcd6bf108fe68b85f61f85c0556f5c0" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a3357db173df98da4dd02ee24ce5c303":"f1ce08587ac0338b4d0b8e075b42b6501e77758b30087de028a8622fb7abd7f65e3b4f802d1a472dedb9c1a6dc9263c65918d8b7fafd0ae7e9c39e2e8684af3f":"":"":"":"8a5fa11d8e78fbf1ca4e4ca3e1ae82b8" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"212f4c80c7e9287c8d25e3b965f91a3c":"bf1d715b3f56c433827c9cb429bee5ca61c80a8d9b2fd4498e1c86ce703637f8f7f34056ab0039e0baa63320df0ec61de60354f2ece06356d9be3c6d1cdcc4cf":"":"":"":"04ac2f969e828f375b03ee16317e8572" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"46e85752e0af82fc63932950120e4b5d":"ae4316424fa765179404188eb8839ce84ad8db92cb12f39089a93a2dbdc371e2fdbef1ad080eb354eecdda3a10ea66ef647aa095afa1786c01bd1c9f70d8da4f":"":"":"":"de576284d8ad36b31bd4f8f3da633e36" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ec2459b1dd7f50df63e14e40aa4a4e66":"b964a24bf98264327c0b9e2e1c99ed1b35f534be801c996f318bc2074ed2500ba8488c4feb442b507c3220523c0041c9543133379365e65e092850a5e3f96cc9":"":"":"":"4d466e2f388aae40d1b31ce1f8ddc5e8" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"acf480d54f4c66d611519b72f2c0dca6":"d5b3277cf8badf6be86af27dd36f23ffc580847c5fcb56c4d8a42339336f185c38ffb86f4d8aa7646c1aaed6c2b0c7ae7e4d435f481d62bb01e632f6bbb2abf9":"":"":"":"746aaa5423ef77ea6b1eda47410262dd" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"edb80fddc595b234e3c5c03b2be3d721":"94aad8c772201435543efd9013c9f5f022038db6864e9ed4141ea75beb236844da6e6a17109262bc80f528427b37d9da6df03c7dd25be233774384a7f53197ea":"":"":"":"511927f10f800445b705ea3cfe6ec823" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"c7790c9888b0e731ca6ccd60c32bb98a":"967050c11050a6d99a5da428d1f0fc8068b29ba4c66965addbfd31b745cb07d2439d268ab32a5fa2b1934bf277ff586506a941768468905ed980537d8baa1d07":"":"":"":"978493f0cece6f94d21863a519e06dbe" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"58c75625771df61c48a82590eeed3378":"be3120e8515a98701b4b2fb0667de2bad3f32bcbf10fb9b820956f9aa7ffa1bbbafb70002a9c7fdd1cf7e76a735261798dc60a1163919d58e39ef0c38b54b27b":"":"":"":"90f5c486e7efe932258610e744506487" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"d3f64c11aa21bb2d12278847547fb11b":"855c0e3a7567730b11e197c136e5c22b1dc7271d4dbe04bcdfd2fc0ef806b3c05b4264ee6c60d526506622ebf6130738dba4bf35c13ce33db19487312ee691fe":"":"":"":"33ed7089ebae738c6a7e6e2390d573e4" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"132ad1c40afb066620f004f08409c59e":"2e5beadd89b663b3903d3a63c3ab5605bfb1a0045a42430e0220243c51a69f7ff7678c2f8edb7bb4a29b646f3edfaca2463f9defd342da87d22b1b8fdb012fd5":"150deb841d1a4d90e66e85b036d9f5a7efca726b907ae3e8f05e1d1338cdfd32":"fb199beeeaf3939be2a5f9e6ba22f97cdd2c7576e81eccc686facbdf8bb4f2aa":"4293341721f57e4548ce8c003531d38622446c8825904e1b868dcddc626c5164":"66d8f3bfb78186b57136ec2c1602e1ef" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"1c1502ca97c109399a72a77c8d6cc22b":"1d33b1b257a3ae1210fa2099307916a73dd92270769697ea2d7901f56865e3cae1be94b5024d0da3880bce06f0b31231c5a889f8ba3d92a20844b61009db672d":"23eede46eff4a04b08dcc2133e4537b332351f8469630f11b0c8853fb762a4bc":"6fd9f9da108e68aea9d1cecd81c49bcd0e7bedb348890f2248cb31c4277369f7":"76bcc11bd952123f78dd2ba60dd932d49203e418bb832d60b45c083e1e129834":"a1eee46001616f2bf87729895da0d0d1" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"c79c0a1db75e83af258cdf9ead81264d":"5e8cc0fdadc170ed0f5e12f79a6b9e585f9d7c2926c163686a6a724495d88fabcec940d752545cae63f1792dcb966a7325f61997ba8883559ad6f6f8fc09898a":"a2cf6c1c9e4489f504e17f385f08aa82775aa2b0a84abd0b7ee3c6b393d7fd50":"c7529b874e07d4b876196786d510cc038c9e1ab93c461df2474eba484ae6876f":"63c6e7f3548529386c9f47c5aece52ce8454da5db9a807a1b960f7730a61582b":"43b7931e0b3b3769ef8972d0026896a3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"b44d1dd914e88840bc65a94ee199b3ac":"c3dae1863d323cc78f43ccb3f632fde29130e6b23b843ff5a8d79fddc3c1f92b55cd3dcaf7848d40d189c0de7790bebb889e01be05980dcdf30d2b3333426c50":"41e2fce9b48642a1b9bd1695314adcdd38e1a8afe4891e633c5088c6753438a2":"1eb3f8bbacb0c6b901718bfd7eba29f6f87e1fe056ad442d6d38c1351a684e1f":"85570db773f3f5202967376f91a0a9c09c89cd4eddd58cdc6210335fd5e7acef":"bd53036538d9ed904a49966b5428a2a8" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"5ef97f7af7df5cc6fa94f8428ec7be5c":"be67434ac4d77f0f50ec5bacc8112d1480bd9f20d6b4ea768d9b51bb69c1dffcd8c30e4412127644aaa6fc453e59fb633f6a5a8c2f69e40d1863e35d4d4c0227":"a64195b1e56cf97fd81e99fa1833d191faf62f534c874def4b8bed0ae7195ac7":"353cd3a8d9cd92bce82cd8d1cc198baa9276db478b0cfe50249e30c3042ee9db":"393ab4726f088fdfeb4df752e1b2aec678e41fa60781bc5e914296227d6b3dfc":"24bdc2cad5dccd2309425f11a24c8c39" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"567130da4e7ecc4db0f035d7ecb11878":"cc070df6aa3623f74afd85b59d1bef2b1fcd9c8093362512ff109ebfe992ed75bd58b5ae1561d702b69065eb3cc0bd328ab698d4c6ca274e96d673309b5df5df":"42033054cefa1f20b3443f8ab7d9635ae8f047b833c8529245ba8b4aa07edba3":"72972fb947bff60df291888ddbfd91e698e0c1c26a346b95fc7c5dac596d0073":"af29b6a13602ba9c6b11f8dbdeb6cb52e211f9cd2fc96e63b61e3c1ec631d2ea":"b0849f8317e043271a3fc5f2eaaaaba2" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2c20ae36f1e74542ed8b0a177b8050aa":"c4bf7a39caf26dc3f61311f54ab3095493c626a988f5abee2826c67a4f4b4d6a02329c99a6bcb5e387fa160741c871acc2929c1cc07f2f0a7ce1619eb7da1ec4":"97c148dd10c3dd72b1eaaafbe37a9310ed15b23872e9f2b62d1feb91ea81ffe3":"23df0c30c68bf2eeb55d273a596f1f54ed916271595b906e4f7793b7a52f2573":"22f120fa09215105116919aaf8eebcb69eccd5da42feb737018a05268bf08e46":"b7c73b9ceea2e6ca0be6a3773cdd6886" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2076f9e116a2648e1e664b815b1b3674":"979b5aeafe555aeba152ed66e32e30e110df20ee1f227932a72acfb8218aec767941efaefa091c0128dad9b93b06b28fc76e01f275e8ce1c02f0eb567c914f89":"d12fb10b9fa6d2fd0f39cf76294cd44dcbfa80dca7c2f8537c75453d985ef551":"4228a99faf35547a58c1a4d842301dca374f1f13c6fd067b7c1b815863b73158":"a3a7d5f1e2dcf95a90715ec5fd32e7f88c38b0a452b6ccd1f107458db4f74fd6":"8a63a5002a3636b241f0bec14fd9c2ac" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a71015cf06ddd0a6cd72fa014cf0aee6":"c810cb9db0f169dbc30fda85ccb6d4c40db68d429eeb3653070db7641fbbaba60ef0ff970eaf40887b7e154e2ecd5331de7004689ec604e69927da630a8dd7a7":"5f99f45d8770041703e5a14521c501904fd05ff3340835ac0c41b86442e4939c":"eb7efa6e46ab926ea04c87eb9ce454f5b10717bd9d85305f27d71bea1bc991b3":"cbc80c6171d098fc81023486d327efe2415a0f32e5fa6f6793ce1d0e98783258":"a353f6b350404f3f7b4fb724f84a948a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"395931837614c322d8488ec6a2c4c919":"831fc8d63592b6ce358c08aeac39d67c3e48b4c2617735b6fe5e9fa44d7aee9d60f2fcf549db239d5bed9c608c94e8f8c23b32901442ac53442127377bdcf205":"eb261c737c0a17c8cb1ae055c143f701b74c96c852e4a76ca3ea045e7efdf5ee":"153276007b3843a897efbf022bd1bcabcf655c7eb8acef9baac710b339ecfd99":"a8a5cb17a2945e5b41ff370cc88ac498389b89b6cd82bb3bbde81c212f7c17d4":"537fc2b73183d2c0c106886937a6609c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"9a1983859dd6c4cb602970d705952b2b":"68c5cf31f7959ffaa83af9dd55a75ec001befbf835e42a789ac42d39d96128eb6d9b3f07ced15e57e39760390c065fb4425c19ef7184635c18e5ed28256937e1":"e06497a181a5362980579c91d263f630ad4794519a64261ede8b36cf0ac5e713":"714e4fc52aea763e23a1f5b18949ab8fd949f1768560559bccb49d78d51dfab5":"6b6b7f65fd472ad428df2bbb86b85067d0a6f89d9233eea92f5189a9163d0419":"e32af8a81c59dc44540ed8845b447fdb" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"230576e9518fb9a6a8391a84919b0d97":"6193f0e7b33ce19fde922aec9c93f1271ebcdd296d9c8c77029b59afa2064e3159088e07e91c14a4a3dc23b6005dd8ef1425d7d2ae8282a5b30b7498b6754234":"ffaca30a256d18836a0d49bbaad599a28fc7821d71aa91b97158a492d84a6280":"a3da13852d0717afed7c58c52530d2ae047b645a5e7aa8cfabc11478444151ac":"e15fdaeea31c95555fc509d2a266abf78d86ca11aa2f87ce1041142eb9f82bae":"7906f8da1e140345c191dbc2de5ead1b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e08a3a33adb4399a9be72fead224155f":"cfbe8b1464b00bb9e0d18b04d2040ed9bd822741188812b98a440fbc66ff018ddf6c0ea20c62d01b8237bc7c3da9e3f9fb874fca79a360b4f0f967d8d02083ba":"56f975849197e2eae5a2e6fb445a93c1fadf57280ac27e27c7cbea2cb00c10cc":"0a6d9e2d6e181addab0ea1ee89c65ce557e10fb8e8d43a24cdd27033d3fff507":"823e9400a9f563cc1fa5daf10f4ff1ab8affa18d8371f9cd0e067fcddce8caed":"5ded298f98cffb2e7f5ea97bd50c7e3e" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"11c13b917d9f94fd7a008566d8598e89":"f53343a5a455132df3d1b03db39e44d933855b375d7422ad0d07dfdfb352af28946eb29980793456ec8634bf113e75783246bbd05aa8a7cb5886d372fa012f58":"ff1d8d33083023ffbe28f153bddfa9d9f3c221da16f8f20967d2508fa7752b55":"66a98c7d778d798617e1d31d4bdfabf8d381d38b82125838ddf43fb7f5b27dc6":"407c72d7c890c00b249be00a53ae722e5d8033c84b1e1a6a69d4b278ba5db9eb":"67ab88156f20d03b3a1bc363daefc0c6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"7b95343a4ac0f8c8b2645c33757a3146":"3d7e2987860cbcba14a12594e1a394ee754c9a7a65cecc990bc79b5e86e672e12f8c144d843e1abca46b4759a11b3d29f4e219077a8696efadee618f254cb80a":"16297534a79c4ae7493178226b29e42a6f1e0066aeaee8b5af65bcefa2ee3ebb":"b429ee986f16fb35fe2c47c03c0918870b4560f4ec4678f9df471cbd7ca6a887":"2b14d612eb00c7fba0d8e23bf91df91daef6f8e279e0050d5497ddf0f3466c76":"8f72c17405163090fe0bd795b65811c6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"327290da2e9a19c840de8d33e425efaa5aa7a7afa4e5a812065965478d640f78520cf3c670b098943fec1914d4c8c411":"80bdf18288cb8adb6e3dacb09c553af2e7317c194d37f433eec27e324a0bad752899bda91fd41e5a08acdfd76007aecabc19c95a8bcede310f7320ce97aaad0e":"":"":"":"c26222662ed3a649a1745dee5df4eef0" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"be14f473472db07a43b7f9a517735d7f7ede2aa70dbdb729bc4f578a0dce9d7fe9fd97939cd1ef731262417b5213bd7f":"ac71ff53140c1383eb379e5311e37637af933db494e5e689d065661e9095b8302e4174c392f324fac43695d9381e3cf4626a5347938ed9e21502cbd789cca363":"":"":"":"4bab95f9f05fc36a337b6f2582c2ce98" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"88c31e24f4f859b668946ce73f8600621a70731440762b3c267ceab52a9d77a23d6f70ddba0e46a786697a906ccb18a3":"bf9bf25a949d447274a8c72f1ae51399521f8aca39b1b37bb7b4d5cf3c67d55ef8dbacfb71aa9c5949416e2868b968883e517215bc20292894f8406ab39c1ea1":"":"":"":"841aaa0b171d1526ef365b9201adbff3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"8545a0de5ea028c8e5976d5b58fa50079b20ba716f0856cc1af7b98537c895f0266b956542d2b8ca661aef5da1f7f8c5":"686f4f9ee74c3402845fbad9353d7dfeff727584d892eb64bd84b764110cbe4ac8581e7e23acb95caf12979983e8947c570264aec292f1c7b756f7184007dcba":"":"":"":"f6d6ae6449b2984df8bcb69584fb16f3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"d6cd4b4fb9105374605deac7bb49ad792eb225daa560f2a86f66269bf9afc2ea01b6ee6f0eb4926d2f09329df6e90d79":"5d1b8fa0ca2ee127d1bd41423c17b9a8c736715cc2906818e9216dfd81b7637b66c89b772b55ae707c6effa2d9ce7425df26f966646ab613d5599143cf51e5e8":"":"":"":"c36ab451116d733eb4377de3511db5ce" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"e73ebae0d0834fdff1829ac3d9722fe9f1bc65b5f652fae5f7615af116440e3d5709b5cddd6065d568c246820de46b09":"2026cf7c1b1fe9645ab8759958ac04fb1d8938b9913c3b7f22da81e398b2c00b1921e1d4edb5d21c4531515cb0f9644fe8068685b9fca813176e6780796e8ded":"":"":"":"98d1dce30593de8a8d5b4d956f6c684b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a53c1813c06b609eff9ddc77204b085ca985f22170b8ecfcbbf45ea11c45c24fcf25bc33150f9f97ce48244d5beb685c":"1d0dd1a87d59c69f28e118e1083d65f1ee0df31f6308a92dcc47503ec4d20a018d9821c6a7d64385724f0e941231426e028efe6d75e53ff8edf095ef1baf2656":"":"":"":"035cec3a24ba7c44e5c19436c2689a75" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"16d5b8290693a5c40c5a526dd6d653ac54cabb5608d77bb2cb7d6270b96c2fe2de076716ae8cf0a5c781edbde861dc70":"aa82a5ea33439d0c16a1cc13cbae53b169f4d369bcbdae81a9a38129c65ae0ea4f720576c012f8d7eb1c0202003c39d28453a22e502b4949cf5ba23a727721bf":"":"":"":"de4ed9d163d11e9b52470d078df4c869" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"68bfabdbb821cb978527ff18ce37c96c79ad751756551f36b6991981285a68854ec7f72f548c3395ad3ee40410064d4b":"3da9e9518eb1f1b6268e4597f158844ff672ddb414f7ec23fa66d6c86b90a732a7b3016a3387ec3dbed34eb479413d017932ebf9f2a2fea0b35d2bf4e06718f9":"":"":"":"ec4e3e2b6b8763deb17b8611d1fe7953" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"171a74ab694a7d7c2baa3ccf103ad94f11094e07a955ae9ac3bad370f1448753e99b63cc23d1878ab66f94136ec2ecac":"72ebeda7342770d03bc0e531754f946ca5cca684c41f9d089fe9147fad93b6154919c5cb2e6d162fbfde7b9ff0aa590a17993ca6c80bd59eee4134fc2ce944d8":"":"":"":"582ab4f105c3e1fed9593f58fc335fc3" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"caed30015b34064762591eba9a59f440566a6621832f650572362229e8a38cd0f5d6d322afd8444132056690d6fa5540":"8e27f0dbeae4613bcf0011105f824ed2ecb150a83a0994f8f6607833755216e016fb175e51d42370afe27b11c18477886b530c95bc31bd1c0f8fe00f61fc15a0":"":"":"":"d42787e97147d457f1590c742443ad92" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"c58d62f8145622cd86cfbda66bc26d2ce4c5610cd9cd1c326b99b60355a6fe751783c07f2cc21ba68f1f20ca70f0ad31":"38a8b685e6bbab67824f4cc72995043ea2854f067f2afaec762c9e78ff9d585a25bc63c8d0d075d06d43f3f694733982d26cbe0648b2d0cf8053918b912c303a":"":"":"":"84001709f15a2fd167c161b5d376d86d" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"dc9719050d5257152d8a7d60d3ef1fc5b8cb1700bafc7de863c019f244779c464b6214f21a2f6d0aa3ca282007615ce5":"f188a1ba21b1791ebf8a08d8ba555e49423d9178a561bcc1672539c3a7ba1d856eae9922c4d96c181ed045d6f1d15e855690cdae451edac60f1ca2021f1fec57":"":"":"":"7540fed313c96261cac255bf83b5ae99" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ff057781af4a4a1eefeb26ab38f82a2efb6f065de290ebf225bd693dfb1f97455b49143bdb430324c9d945c48824f6cc":"0ddd0f4a43a7b54d9abb0928a2242c378db7a95a0b206baa642afe5cd55108f412f1d727fd591bca2c76355aa62aa8638cfa1916739bc66e02b9459ccd0881ba":"":"":"":"8b6e74a94fcac0d2f212d3594213fbb6" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"ef027327e47fc5875c01cb17d798fdc2b27a5c78000727842f8a516f4e8dd34afc167ae145b1e763bebdca51e2f461a7":"128566fe6c5b5595742190519445c25db85ee0ce29371f4cab213400d479d2bfe27655155be0fa237173abb214f0226a2f1770802dd69485adb25e6d837485e1":"":"":"":"76cd1553b2b73d4ef6043a09fb90d679" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"8e1a59210f876d017109cb90c7d5dd669b375d971266b7320ba8db9bd79b373bcc895974460e08eadd07a00ce7bdade9":"23677c04a2d6ab446b7b3c582a8071654d27859441b10799f08b788378b926ca4306e7cb5c0f9f104c607fbf0c379be49426e53bf5637225b551f0cc694d6593":"19e914ffbc6d872be010d66b17874010ec8b036a3d60d7f7dda5accc6962a542":"bd7a0c09e780e0ad783fd708355b8df77b4454c3d606fb8de053bffa5ecf9021":"d284dc2caf6d214f8909efc9a75297bccfc04353c2788a96f8b752749c7fec0c":"129d256e7db6269e5a0a160d2278f305" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"00674e633670c9971be7af789d37d5a4ef567b3ca4766722cd8f67e09d21cbbfa08d43ea1aa259999c6a307ae6347d62":"ec47b029643f85ea19388b6e9de6ab22705b060ae10cee71262027d0bdff5efd7393af619bc6658612fabc78439a0bd5a01255563a96013fa130dd06fd0f5442":"5b92bce3f87645126daa4704fd7df98b880aa07743a57399b985ad1a00b1f2fc":"8199de1338c688234c77262ef35423f4695b277726c76d8b5f426399c14d83b5":"eb95f5a4d8400cec2d4e0f548b6e92636b5e284fb6b61766a1f35bb9cdc5df0a":"9fbe95817578eb272aa9da2f509c2a06" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2553423c3cb0fae8ca54af56f496e9935d5af4738898f77f789a9bee867dfbc6010c4e5bc68da2b922cdd84eea68e1da":"a9bebd13711c0c22c94b3252654854515a9dc015fe69e688fbac9676b3d77ab67e19b020cd2427ac789ca17f656e499be3ba3ab2075ff95247c6355157eebc79":"e74e45fa28697a06dab08545fde0cc26e7eca31c40aa68ee41c4de402fdcc961":"5aa8abf7062079929d6a131cd3844a5fb6514c07061e25cad67677d867297685":"84819109b2e09b46ba3f5464c34b28ce25a186f0e0fd83fe5fa0ab026c01292a":"3846f3406e49040c48b5cfc9cbc75d1a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"856f1371454bb9aa06be897dcda9b295817c6eeb865a9acb3a89d145bfe29ce5e1b3b12b714571afdfaca7951cd47e33":"a691b8bf6a407c93a36d18aeced4c75f76d8397d4ecbcd4e8f820cb393186897f05c1ef668b027fc78ba6da9bd554cc31a467d47b5e534b5340c7799383ec05c":"2c81d1e94b33164a177d0183d182fe7d23ef4f88444246464e58bdd0de38d82c":"1b5dae81c96771bea091521c0973c5af76a03e3624160e2511e57ff43a1d32a9":"bf5878e2bd139f8f058f3d834acd771514da6d4c5b9ef84466e5a4e0e4b2eaaf":"6a5ea73aad476ce201e173d4d5a7ffcc" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"0436075cf8cf62ce623c2301ebd45203c98282611cfa5a12dd7c04525ffa7eb343a607af2f57feb7ce3af97e0abc2285":"1ab9ada5eeebc3fc8e53f358b643476fcfd4dd9f092f21d2bc1c4bb1ffd01a0c5b207aaa09ff76a9cab0aa6ce62b6a65b2650ab448b8bb2e8696a7aa4b6f4e8d":"62f07d1f49e40f7f472985947ac4d8ef2d58216d918f7942b9c70f43daff8972":"37ae758141fbc890ee7e1d0854426b2984fb1c094677e6a61546e9315bab0898":"353d1dd0c8d8656bc418a6a3ace138ecd62819d4e21b8bd87694ea683ec0cc37":"bfee6bb4afc228da981bfe7f0d17578b" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"d004a0893bf326d50ee52e04cb3e64409f204f4e9af780d5dd092d04162d088385b1f243000914c62cba3dadf9827c81":"c36004075f5fd078137ea08de6cb15f71aeb9eca21c891cfdf7a8c0d21790c94ffa93be5fa06beb5e82d9fbf173ef9b29c18511fee2455dbbe61d6b01baf024a":"7d313ada131650c7a506d2c194444ed202d568544caa75bbc60e57a0b74c9a10":"791d60238677ff53150cf7074061eac68335c0a7cec7de43ea63a5df0f312cd8":"6754366be264deb9e94f39e92ac2894bd93c1d7e1198d39e6eddccb0ea486f4d":"1c29795f03e3c771603293473e347ab4" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"9a8c79b48ada409183f7260aa1415c9ee4e0b662e0fb81b5c56f85d76ed75efac5751dd4de7e7f8b53a36ee0dce2bc9e":"c4d68b76dc0e785823be2da9d339dc900132f12721e8a63ebe92e36d740c5a5e5564c367bff4a52bc70b1c60c86f0bcb7c1d99c414956a259963207184f01246":"04c7060f36569a5d9578c718627fc2695e8d783c0c8aefca2744da6664e67c8c":"1d4b7d587421dea4f7f3e77fcf997607ecfeb6e665a9a184138eb5736b16f516":"8cb8daf9cda230d8d39b829b968aaa5f5d3e3106d8b693227ab1b6201b78a7b8":"faa146098526546927a43fa4a5073e46" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"a0736a5a8b0a394625d8985b05e3a9f277c7ba03b253c0e783359a8c4c086121cb46ea469c7756d5f099f5ee8ed16243":"ea7a046fa1760866bcb37fecf9ade7bcea4444662ea782d6f2820b22a96bab97b4c5adcb0a50ced885121b6b85a5074444b1555d9655f4f6ded31fe15281b30e":"47f3655dd05c42454fad68e330aabca49f27c76ba05ef07b6d77fba41153c0ab":"a5d07da3e399cc51d136096599fcbd9779e839b1fd86f21d7d1e23acd91f9fa7":"150b028b64a988fc1ffdfc9e66b4c8dfe4fcd8538ee976c89923638ebad33802":"6ffdc685169b174ad0dd84cdeed050a7" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"d445a3d9332c8577715c1e93f119521bd31a464db08cdbd73d50080d62d5a48fba4cef2dd097ec749973037e33e8d6fa":"da5f9b2db13d0555846c00da96115036bb75ace66d56fc582d6cd0171e3e23335c5c2b8691e58af8899ed0204316479f849ca6f47309cae571ccb42d3d35c166":"79346394f795f05c5a5199423649b8b5345355ef11eb4239db1c767c68afa70a":"c22810de9987b228c19680eb044da22a08032148a6015f358849d6d608a214b9":"7747d68ca8bcb43931f1edce4f8c9727dd56c1d1d2600ad1fb767eb4fbc7b2d6":"f5c40babbec97cb60ba65200e82d7a68" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2728be06796e2a77c60a401752cd36e4a051724aa3276a146b4b351017eee79c8257398c612fc1129c0e74ecef455cd3":"d663d2cfcddf40ff61377c3811266d927a5dfc7b73cf549e673e5a15f4056ad1f9733c8ed875ff77928284dc1cdb33accc47971d3626615a45b9a16d9baf426e":"62349efbac4a4747d0e92727c67a6bc7f8404cf746002e7d3eeffb9a9be0bbdc":"381c0cffbdfa61a6af3f11ccd0e543208b584c3f520130e33617564ec7a48cf7":"6974043362f834fd793de07ceebd051599163d50489441005afc9db09a9ab44f":"df7894746c599e02d985b195ca3b4863" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"2b65b56de410ee82e55bd2bf80e6cee356a37c3a3aa7042df45fa750a74e097b071fc18d6eed96523dd4fbb677b8c729":"bf03a6b3e8e23ff53369b971217dc3d3f4c1211329c94847347b3aa77dc7a3e0670381573527844a1ade786f18631944558defffb9a00900ca55f97ec726126b":"59255e5cd2221316c945bd614471df76d5b2f394b8829de82e5c30bc178565e2":"5739bc14f0f2ef9d3393928aee67b0908adaf587650928916d8ae78b0077a3b3":"6b236cf0ee0dba0c92b26c60235d3868715a80c0efbc0c898b6f0b1ace8146e9":"8374b571d7f2d94ce2bdadeb9d815397" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"8756ee2c5e381c7c1dc530748b76a6274ef6583090e555d85210e2356feb2974a8f15119a04e9b481cd3bc557a197b8e":"19705743eaaaa0e8890a0faa2e0df37c820d556c7a45f04d76276f9f9ce2e7c133258ae6d1ba9cdf7745d01745763d18dcd1af2c9e9b0bed2806e60f0f9b636c":"2b4a92b682e9a557466af97b735e2ffdbac3bfc31fd5be2cd212cfbd4b8d690a":"e86504f10317bbeab346f3b9e4b310cbe9fbd81a42054f358eacd08cccab6eff":"19ffad856a6675268cc464ca6fdb8afd0912143e552668528d1484c9a54592cf":"f347fd58aff2999530e258be77591701" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"f58be57e5035d5c455b17a41ccf7542ffd77f5c009e0a737118ed6c4188f78fcbdbe946bf82e1fa50fd81691de82dcf3":"f9939592ab2b31d92ac72673da013a588ea17bbf02cfd6e79d79f8296601633d04ceb005110f266e6100040ef33194858def8b535314c73caa0e48fc4d2f6e2d":"bb1cb21a316d4b88093cbfc7917d614dca97090cdc8bb340d864547cb3e1fef6":"7e42d5439d81680c8edf5c571d548699730cfada33b650a4d510172a42b298bb":"e9e3cf180f72ba2c1a45d0a94b822943612143e0b642398796b0428ae1af6cf5":"d0c83a4bf3517648b441d411ddcb808c" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"898064243e44ff67151736ce8bb6f1c759cab4aaca9b87543a1ac984ef955cd5db76c1aa56aff83f1f6799f18fe531cc":"b8d6be3036eeb5657fb10766354d4be897bd27973b3530270ccc02a08169a2e437b30a3635eb6ccb310f319257f58d8aa030c8aab616418e0914a46131306a0c":"37572428df5826e6ae5ce95db4ef63f41e908f685204a7b64edb9f473c41e45c":"28beda0e0e346b447d32208c6b4c42dcd567acfe1e483fb4a95ea82cb8ce55a5":"7a0fffa541d723e16340eeb960b1b9c9aae912477e0ebfac03f8f1a3a8bdc531":"611c9f6fc5193dbe3db96cbcd276168a" -CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 +CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 [#3] depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_between:"50de72903b9d99764123ffaa0c721e14ad1ab5c46a34c040f25324ba1d937b8ef10467161fcf2978c2a680ac5570c6d2":"5c9954fd0143e62c3bf2d5734052e3c9370f7b9d75c70f58fe33b12e3997ee2c8db84f8467affd7cfd9a9e7ec60da6f31bf9bf32aedf644e4934bd1fc916bc8d":"d5dc4c9fc7171fcbfdaead558a565ffd55d245a58b22ad1666ee05131e33f49e":"ea3114e92e6a19f53b207a0a54cd363a6d053fed0a827f92556f0a8580f7a342":"53686f069b455af4692888d11fac15cf7b4bd38e198de4e62b7098f875198a75":"9fb0df053e0345e5640aa97fedef50a6" @@ -1073,10 +1073,10 @@ ctr_drbg_validate_pr:"d4f1f4ae08bcb3e1":"5d4041942bcf68864a4997d8171f1f9fef55a76 CTR_DRBG entropy usage ctr_drbg_entropy_usage: -CTR_DRBG write/update seed file +CTR_DRBG write/update seed file [#1] ctr_drbg_seed_file:"data_files/ctr_drbg_seed":0 -CTR_DRBG write/update seed file +CTR_DRBG write/update seed file [#2] ctr_drbg_seed_file:"no_such_dir/file":MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR CTR_DRBG Special Behaviours diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data index edebce087..4e884f465 100644 --- a/tests/suites/test_suite_dhm.data +++ b/tests/suites/test_suite_dhm.data @@ -22,10 +22,10 @@ dhm_do_dhm:10:"3":10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED Diffie-Hellman zero modulus dhm_do_dhm:10:"0":10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA -Diffie-Hellman load parameters from file +Diffie-Hellman load parameters from file [#1] dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128 -Diffie-Hellman load parameters from file +Diffie-Hellman load parameters from file [#2] dhm_file:"data_files/dh.optlen.pem":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256 Diffie-Hellman selftest diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index 59e209b36..2aa0a2a6e 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -53,203 +53,203 @@ ECDSA write-read random #5 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP521R1 -ECDSA deterministic test vector rfc 6979 p192 sha1 +ECDSA deterministic test vector rfc 6979 p192 sha1 [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"sample":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64" -ECDSA deterministic test vector rfc 6979 p192 sha224 +ECDSA deterministic test vector rfc 6979 p192 sha224 [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"sample":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A" -ECDSA deterministic test vector rfc 6979 p192 sha256 +ECDSA deterministic test vector rfc 6979 p192 sha256 [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"sample":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85" -ECDSA deterministic test vector rfc 6979 p192 sha384 +ECDSA deterministic test vector rfc 6979 p192 sha384 [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"sample":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E" -ECDSA deterministic test vector rfc 6979 p192 sha512 +ECDSA deterministic test vector rfc 6979 p192 sha512 [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"sample":"4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8":"3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67" -ECDSA deterministic test vector rfc 6979 p192 sha1 +ECDSA deterministic test vector rfc 6979 p192 sha1 [#2] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"test":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7" -ECDSA deterministic test vector rfc 6979 p192 sha224 +ECDSA deterministic test vector rfc 6979 p192 sha224 [#2] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"test":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293" -ECDSA deterministic test vector rfc 6979 p192 sha256 +ECDSA deterministic test vector rfc 6979 p192 sha256 [#2] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"test":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F" -ECDSA deterministic test vector rfc 6979 p192 sha384 +ECDSA deterministic test vector rfc 6979 p192 sha384 [#2] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"test":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A" -ECDSA deterministic test vector rfc 6979 p192 sha512 +ECDSA deterministic test vector rfc 6979 p192 sha512 [#2] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"test":"FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739":"74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290" -ECDSA deterministic test vector rfc 6979 p224 sha1 +ECDSA deterministic test vector rfc 6979 p224 sha1 [#1] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"sample":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69" -ECDSA deterministic test vector rfc 6979 p224 sha224 +ECDSA deterministic test vector rfc 6979 p224 sha224 [#1] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"sample":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC" -ECDSA deterministic test vector rfc 6979 p224 sha256 +ECDSA deterministic test vector rfc 6979 p224 sha256 [#1] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"sample":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101" -ECDSA deterministic test vector rfc 6979 p224 sha384 +ECDSA deterministic test vector rfc 6979 p224 sha384 [#1] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"sample":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D" -ECDSA deterministic test vector rfc 6979 p224 sha512 +ECDSA deterministic test vector rfc 6979 p224 sha512 [#1] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"sample":"074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397":"A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084" -ECDSA deterministic test vector rfc 6979 p224 sha1 +ECDSA deterministic test vector rfc 6979 p224 sha1 [#2] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"test":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2" -ECDSA deterministic test vector rfc 6979 p224 sha224 +ECDSA deterministic test vector rfc 6979 p224 sha224 [#2] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"test":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4" -ECDSA deterministic test vector rfc 6979 p224 sha256 +ECDSA deterministic test vector rfc 6979 p224 sha256 [#2] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"test":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD" -ECDSA deterministic test vector rfc 6979 p224 sha384 +ECDSA deterministic test vector rfc 6979 p224 sha384 [#2] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"test":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB" -ECDSA deterministic test vector rfc 6979 p224 sha512 +ECDSA deterministic test vector rfc 6979 p224 sha512 [#2] depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"test":"049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C":"077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF" -ECDSA deterministic test vector rfc 6979 p256 sha1 +ECDSA deterministic test vector rfc 6979 p256 sha1 [#1] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"sample":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB" -ECDSA deterministic test vector rfc 6979 p256 sha224 +ECDSA deterministic test vector rfc 6979 p256 sha224 [#1] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"sample":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C" -ECDSA deterministic test vector rfc 6979 p256 sha256 +ECDSA deterministic test vector rfc 6979 p256 sha256 [#1] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"sample":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8" -ECDSA deterministic test vector rfc 6979 p256 sha384 +ECDSA deterministic test vector rfc 6979 p256 sha384 [#1] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"sample":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954" -ECDSA deterministic test vector rfc 6979 p256 sha512 +ECDSA deterministic test vector rfc 6979 p256 sha512 [#1] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"sample":"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00":"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE" -ECDSA deterministic test vector rfc 6979 p256 sha1 +ECDSA deterministic test vector rfc 6979 p256 sha1 [#2] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"test":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1" -ECDSA deterministic test vector rfc 6979 p256 sha224 +ECDSA deterministic test vector rfc 6979 p256 sha224 [#2] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"test":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D" -ECDSA deterministic test vector rfc 6979 p256 sha256 +ECDSA deterministic test vector rfc 6979 p256 sha256 [#2] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083" -ECDSA deterministic test vector rfc 6979 p256 sha384 +ECDSA deterministic test vector rfc 6979 p256 sha384 [#2] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"test":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C" -ECDSA deterministic test vector rfc 6979 p256 sha512 +ECDSA deterministic test vector rfc 6979 p256 sha512 [#2] depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"test":"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04":"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55" -ECDSA deterministic test vector rfc 6979 p384 sha1 +ECDSA deterministic test vector rfc 6979 p384 sha1 [#1] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"sample":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443" -ECDSA deterministic test vector rfc 6979 p384 sha224 +ECDSA deterministic test vector rfc 6979 p384 sha224 [#1] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"sample":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D" -ECDSA deterministic test vector rfc 6979 p384 sha256 +ECDSA deterministic test vector rfc 6979 p384 sha256 [#1] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"sample":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0" -ECDSA deterministic test vector rfc 6979 p384 sha384 +ECDSA deterministic test vector rfc 6979 p384 sha384 [#1] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"sample":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8" -ECDSA deterministic test vector rfc 6979 p384 sha512 +ECDSA deterministic test vector rfc 6979 p384 sha512 [#1] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"sample":"ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709":"512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5" -ECDSA deterministic test vector rfc 6979 p384 sha1 +ECDSA deterministic test vector rfc 6979 p384 sha1 [#2] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"test":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282" -ECDSA deterministic test vector rfc 6979 p384 sha224 +ECDSA deterministic test vector rfc 6979 p384 sha224 [#2] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"test":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66" -ECDSA deterministic test vector rfc 6979 p384 sha256 +ECDSA deterministic test vector rfc 6979 p384 sha256 [#2] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"test":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265" -ECDSA deterministic test vector rfc 6979 p384 sha384 +ECDSA deterministic test vector rfc 6979 p384 sha384 [#2] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"test":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5" -ECDSA deterministic test vector rfc 6979 p384 sha512 +ECDSA deterministic test vector rfc 6979 p384 sha512 [#2] depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"test":"A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277":"976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736" -ECDSA deterministic test vector rfc 6979 p521 sha1 +ECDSA deterministic test vector rfc 6979 p521 sha1 [#1] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"sample":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16" -ECDSA deterministic test vector rfc 6979 p521 sha224 +ECDSA deterministic test vector rfc 6979 p521 sha224 [#1] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"sample":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F" -ECDSA deterministic test vector rfc 6979 p521 sha256 +ECDSA deterministic test vector rfc 6979 p521 sha256 [#1] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"sample":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC" -ECDSA deterministic test vector rfc 6979 p521 sha384 +ECDSA deterministic test vector rfc 6979 p521 sha384 [#1] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"sample":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61" -ECDSA deterministic test vector rfc 6979 p521 sha512 +ECDSA deterministic test vector rfc 6979 p521 sha512 [#1] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"sample":"0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA":"0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A" -ECDSA deterministic test vector rfc 6979 p521 sha1 +ECDSA deterministic test vector rfc 6979 p521 sha1 [#2] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"test":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF" -ECDSA deterministic test vector rfc 6979 p521 sha224 +ECDSA deterministic test vector rfc 6979 p521 sha224 [#2] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"test":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4" -ECDSA deterministic test vector rfc 6979 p521 sha256 +ECDSA deterministic test vector rfc 6979 p521 sha256 [#2] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"test":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86" -ECDSA deterministic test vector rfc 6979 p521 sha384 +ECDSA deterministic test vector rfc 6979 p521 sha384 [#2] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"test":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979" -ECDSA deterministic test vector rfc 6979 p521 sha512 +ECDSA deterministic test vector rfc 6979 p521 sha512 [#2] depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"test":"13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D":"1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3" diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 51f7e39e6..921917922 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -264,11 +264,11 @@ ECP check public-private #7 (wrong Qy) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ERR_ECP_BAD_INPUT_DATA -ECP gen keypair +ECP gen keypair [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_SECP192R1 -ECP gen keypair +ECP gen keypair [#2] depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_CURVE25519 diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data index 5cff39984..11ced64b3 100644 --- a/tests/suites/test_suite_entropy.data +++ b/tests/suites/test_suite_entropy.data @@ -1,10 +1,10 @@ Create NV seed_file nv_seed_file_create: -Entropy write/update seed file +Entropy write/update seed file [#1] entropy_seed_file:"data_files/entropy_seed":0 -Entropy write/update seed file +Entropy write/update seed file [#2] entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR Entropy too many sources diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data index a42fe859d..c865b0cba 100644 --- a/tests/suites/test_suite_gcm.aes128_de.data +++ b/tests/suites/test_suite_gcm.aes128_de.data @@ -1,672 +1,672 @@ -AES-GCM NIST Validation (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d785dafea3e966731ef6fc6202262584":"":"d91a46205ee94058b3b8403997592dd2":"":128:"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aec963833b9098de1ababc853ab74d96":"":"4e0ffd93beffd732c6f7d6ad606a2d24":"":128:"e9fcedc176dfe587dc61b2011010cdf1":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4fb9e3393681da9cec5ec96f87c5c31":"":"845e910bc055d895879f62101d08b4c7":"":128:"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a930f2e09beceacd9919cb76f2ac8d3":"":"340d9af44f6370eff534c653033a785a":"":120:"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe71177e02073b1c407b5724e2263a5e":"":"83c23d20d2a9d4b8f92da96587c96b18":"":120:"43b2ca795420f35f6cb39f5dfa47a2":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b02392fd7f228888c281e59d1eaa15fb":"":"2726344ba8912c737e195424e1e6679e":"":120:"a10b601ca8053536a2af2cc255d2b6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"21895cbafc16b7b8bf5867e88e0853d4":"":"f987ce1005d9bbd31d2452fb80957753":"":112:"952a7e265830d58a6778d68b9450":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb9742bf47f68caf64963d7c10a97b0":"":"34a85669de64e1cd44731905fddbcbc5":"":112:"e9b6be928aa77b2de28b480ae74c":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"":"1c53a9fdd23919b036d99560619a9939":"":112:"6611b50d6fbca83047f9f5fe1768":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"82fede79db25f00be96eb050a22cea87":"":"e9c50b517ab26c89b83c1f0cac50162c":"":104:"d0c0ce9db60b77b0e31d05e048":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1d98566fca5201abb12914311a8bd532":"":"590aef4b46a9023405d075edab7e6849":"":104:"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3038771820c2e1319f02a74b8a7a0c08":"":"e556d9f07fb69d7e9a644261c80fac92":"":104:"4d2f005d662b6a8787f231c5e1":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0fb7eef50de598d7d8b508d019a30d5a":"":"a2a2617040116c2c7e4236d2d8278213":"":96:"68413c58df7bb5f067197ca0":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cc58b609204215c8ab4908286e56e5c":"":"fb83ea637279332677b5f68081173e99":"":96:"a2a9160d82739a55d8cd419f":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81a5fd184742a478432963f6477e8f92":"":"da297cbb53b11d7c379e0566299b4d5a":"":96:"200bee49466fdda2f21f0062":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f604ac66d626959e595cbb7b4128e096":"":"269d2a49d533c6bb38008711f38e0b39":"":64:"468200fa4683e8be":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2e308ba7903e925f768c1d00ff3eb623":"":"335acd2aa48a47a37cfe21e491f1b141":"":64:"4872bfd5e2ff55f6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1304e2a5a3520454a5109df61a67da7a":"":"dbe8b452acf4fa1444c3668e9ee72d26":"":64:"83a0d3440200ca95":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"":"ddf0b695aef5df2b594fcaae72b7e41c":"":32:"2819aedf":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9ab5c8ca905b5fe50461f4a68941144b":"":"96dd3927a96e16123f2e9d6b367d303f":"":32:"6e0c53ef":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fc7af605721a9cfe61c1ee6a4b3e22":"":"6b757d4055823d1035d01077666037d6":"":32:"e8c09ddd":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03c0b4a6e508a8490db0d086a82c9db7":"":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":128:"756292d8b4653887edef51679b161812":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b228d3d15219ea9ad5651fce02c8374d":"":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":128:"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"776afcbabedd5577fe660a60f920b536":"":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":128:"a5347d41d93b587240651bcd5230264f":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":120:"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bc73fba942ff105823b5dccf6befb1c":"":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":120:"ebdd7c8e87fe733138a433543542d1":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"356a4c245868243d61756cabe86da887":"":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":120:"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfa7e93aff73600fc552324253066e2c":"":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":112:"6ba5e4dace9a54b50b901d9b73ad":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2ecea80b48d2ecd194a7699aa7d8ccfc":"":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":112:"246a9d37553088b6411ebb62aa16":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d38fee3fd3d6d08224c3c83529a25d08":"":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":112:"803a08700ec86fdeb88f7a388921":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1899b0cbae41d705c6eed3226afb5bc0":"":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":104:"c5d58870fee9ce157f5ec1fa8f":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b95323d86d02754f4c2874b42ec6eb0":"":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":104:"c4724ff1d2c57295eb733e9cad":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30da555559eb11cf7e0eff9d99e9607d":"":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":104:"3c82272130e17c4a0a007a908e":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ed2ac74af896c5190c271cfa6af02fd2":"":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":96:"db8af7a0d548fc54d9457c73":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0225b73fe5fbbe52f838d873173959d8":"":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":96:"e2c2ce4022c49a95c9ac9026":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"89ca3771a0ef3287568b4ac036120198":"":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":96:"06b2bf62591dc7ec1b814705":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a41a297bd96e224942998fe2192934a1":"":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":64:"49a4917eef61f78e":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9372c058f42e0a1d019bdb528313919":"":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":64:"b82cd11cd3575c8d":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6302b7338f8fa84195ad9abbacd89b4e":"":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":64:"5222d092e9e8bd6c":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78b5c28d62e4b2097873a1180bd5a3a5":"":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":32:"eae48137":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d84130578070e036c9e3df5b5509473":"":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":32:"79987692":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08428605ab4742a3e8a55354d4764620":"":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":32:"3eb3e3a2":"":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b":"":128:"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"43b5f18227e5c74288dbeff03801acd6":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"08ee12246cf7edb81da3d610f3ebd167":"":128:"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a433c612d7e1bdff881e4d63ba8b141":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8b670cf31f470f79a6c0b79e73863ca1":"":128:"8526fd25daf890e79946a205b698f287":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e9d75c781d63b29f1816859f7a0e0a0":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"748a3b486b62a164cedcf1bab9325add":"":120:"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe6b8553002c69396d9976bb48d30779":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"595b17d0d76b83780235f5e0c92bd21f":"":120:"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14898c56009b459172fef9c17993b54f":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"0862f8f87289988711a877d3231d44eb":"":120:"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5253d4b071793b081ebc122cc2a5f8":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"49e82d86804e196421ec19ddc8541066":"":112:"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3502d6f0d172246e16503cdf5793296":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"6ce994689ff72f9df62f386a187c1a13":"":112:"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5fb33dd73db309b9dfd3aee605cd94bf":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"3f6486f9e9e645292e0e425bac232268":"":112:"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a958fe3b520081b638d9e4c7d5da7ac7":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"c396109e96afde6f685d3c38aa3c2fae":"":104:"06ca91004be43cf46ed4599e23":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec319fb143eac8215b51541daec268f2":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"8a4684f42a1775b03806574f401cff78":"":104:"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14a3e69f351ac39b4297749a90c1365c":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"eb1c6c04437aa5a32bcc208bb3c01724":"":104:"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c34827771fc3918d1cee09ba9401b832":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"2379bbd39a1c22bc93b9b9cc45f3840b":"":96:"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b1f9bd2006ec550b7b9913d383200b5d":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"ca28fa6b64bb3b32ef7d211f1c8be759":"":96:"c87aac7ad0e85dbb103c0733":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b2cef1a92aa0af2b00fb2a99855d5bc":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"08d87b7acee87d884667f6b1e32e34d0":"":96:"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"175c306f8644b0c4b894ae3d0971505e":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"9860268ca2e10974f3726a0e5b9b310f":"":64:"f809105e5fc5b13c":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08c0edcfe342a676ccdc04bdf854b4b0":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"4a7b70753930fe659f8cc38e5833f0c7":"":64:"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"241067a0301edf0f825d793e03383ea1":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"a30994261f48a66bb6c1fc3d69659228":"":64:"36c3b4a732ba75ae":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03cccb5357bd2848332d1696f2ff90cb":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"e0754022dfb1f813ccaf321558790806":"":32:"c75f0246":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e5e53c84a05d5a5348bac7b2611cf62":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"47e40543b7d16bc9122c40b106d31d43":"":32:"81eec75d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c94008bf377f90b7a1c0d2ea38f730c":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"abfe92931a8411a39986b74560a38211":"":32:"47d42e78":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"69eedf3777e594c30e94e9c5e2bce467":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":128:"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45cc35311eedf0ba093bf901931a7036":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":128:"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9edb5231ca4a136b4df4ae22b8588f9f":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":128:"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5fdcb8f5225090e63fae9b68f92c7cb":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":120:"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036198cd3a3ab9319684d0f811cf2992":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":120:"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c9fbbff8f25f951ba874dfc5ff38584e":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":120:"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a314ec178da96311e42334a616fb38b":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":112:"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e818372a63b7e2c23b524e29ba752bdb":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":112:"3744262bc76f283964c1c15dc069":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a04f16882ff45816739d1b6697ce8b7":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":112:"fbb37084396394fecd9581741f3c":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38cf029a4b20607030586cd2d82146e6":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":104:"7b021de5cda915ba58f90ceef4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cf4d81fc5997c744a572bed71f4ae609":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":104:"0a86142a0af81c8df64ba689f4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d88ad40b42ead744f1b7a36685658be1":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":104:"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3ce86a212a30e724b4c624057db4e79":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":96:"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0155360b84420b5bf4fb410ea02f31e":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":96:"ac5addcc10cae6c1345520f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"694f621f594d96b16c32254ff06f3f9c":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":96:"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78826a5215a1d5e1b39cad5a06861f8f":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":64:"a724bbb295a02883":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d450f5253251121606e56687952bf2f1":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":64:"6446398aff73ed23":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90a59f6b0abf932311f0b65623c17740":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":64:"dc77c1d7e0902d48":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be4ef629f0b38194c74f7b66418922d":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":32:"3d8fc6fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c50e37244931e8debc12b3d561c83ba2":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":32:"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8531ddb03977383405baf2ee9ca7d64b":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":32:"2fc9de46":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"862dd5b362cfa556ca37e73cff7f4a0e":"":"81530a243655a60d22d9ab40d2520447":"":128:"3b9b2af54e610ed0b3dda96961dd8783":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3452b7bc100c334292e08343f139b9d0":"":"8f92739a30fe4ba24079f5d42753d6ac":"":128:"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"31a0cbaf21b943f8badc939e94eac7eb":"":"d5bb2c4eaec47088230972ae34fcda9c":"":128:"580e728512c8e44fbb3fe2c498e05323":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e8fca537746e7cbff97f1dcd40a3392":"":"43e9f2bf186b2af8cc022e7c7412d641":"":120:"4465a3f9d9751789bcef5c7c58cbc5":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"35b5854ca83792ad691dbda1a66790fb":"":"cff61cf9b32ea30cf7e3692aa6e74bed":"":120:"726793199df533dd9055b0ac7c939d":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"07259267c1c6a015437a5d8cfa92f9e6":"":"18b9cf2ad7ace6ec1c8366b72878cf20":"":120:"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa1df8955aa3ef191900b06e7c1b7d46":"":"6928c138c98a4350c318fbdccd3f44ba":"":112:"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c04200ce41ce77d772babb206315ec7d":"":"a885d58f0f38f9ff26d906fa1bfb12f4":"":112:"9ee0d025421f2bf18caf563953fb":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"650df049461be341c3099bd1613dcead":"":"8a4ff6327b49d297248ce2d5bd38afa8":"":112:"13f067ef0d7b448d56e70d282fed":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee61b5bf5060fcc637dc833926898508":"":"b2dcf21f9ffa4a883044d29f087f9b85":"":104:"9ab1d66666d4dea3cbb5982238":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"01cc56ca7e64db7fbef66236a5c49493":"":"8ea5b63004189792cc040ef18b37e550":"":104:"d685aeb54aa129a21bed17766e":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"134dd72ac8e28ab46720c2f42284a303":"":"c6368e4c0ba0ec90fa7488af9997a4c7":"":104:"4ad9cdf19ff7d7fd7e273efced":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"180c04b2bde6901edcda66085f73ecd9":"":"9193b206beade4cb036f01a9db187cb8":"":96:"530f5e9ed0879ccef3a7b360":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaac85742a55ffa07e98106d6d6b1004":"":"630cd8ab849253c4da95ac80324ecc28":"":96:"37911820c810e3700c3a9321":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"":"86e6100669929e329a1d258cd3552dc9":"":96:"958d6141f7fb2b2dc7d851a6":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd756d49fd25380c4026ea03cafc2da":"":"6a6f7e39b0d730ea1670e13d16c12c28":"":64:"872ef05a28da5ea1":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bd8a834b288bdc7578b6c6ab36f5d068":"":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":64:"c5c094e83755f2b6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"020d280dbd06939bbb5e6edc6f6d39c6":"":"09aea6f0e57598452719d6f63b6fe5a0":"":64:"05d6c56ba601e85b":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e47f41a27a2722df293c1431badc0f90":"":"227c036fca03171a890806b9fa0c250d":"":32:"86c22189":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9d3e112114b94e26e93d3855d4be26bd":"":"99b98525160c4bb2029da5553ff82b59":"":32:"33bee715":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b4b7688588125349fbb66004a30d5d4":"":"b4ae363edb529d8b927c051cf21a2d9d":"":32:"6a920617":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":128:"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":128:"c53d01e53ee4a6ea106ea4a66538265e":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c88b191ce6e8e4a3941f7960b7eae5":"":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":128:"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c818dfa0885a09f65ef78712f5ce6609":"":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":120:"20e9a3a98d71d460743e1efaab13c6":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2354c6b6afaa883e7ce91faca4981f8b":"":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":120:"3588c9aa769897dfa328549fbbd10a":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0af48e6aebbb6ff5b7c92bd140b085f":"":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":120:"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a05fe482fe164b2eca7f6c3e377b39d8":"":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":112:"3900bde9fa9ae2cbeee54d04f224":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dacbadf819eb16a63f6f091d13ed04d4":"":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":112:"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"969244c7444f3f3bf193b28f8e8e96dc":"":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":112:"a291c7527385f037f62e60fd8a96":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"525abe490c8434802b69439c590a5290":"":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":104:"038c7e95f790e6ca5ce73f9551":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51644e025659de983f5c8156516b812e":"":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":104:"77e3deba2c7f9386f85bc4a801":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08566ca7310302dfb84d76ea0525ba20":"":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":104:"873f037fc05252a44dc76f8155":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfb54db96383fa911bf5b4fa1218ef9a":"":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":96:"dada7fc7fed58db462854ef6":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"389cf888474e9403e5f4d0e22ffec439":"":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":96:"92726d90ad26130e65f2beb4":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e55abb2ca36c822bf2a030ac703cb8b4":"":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":96:"65025250343ed8c09b3fceed":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"586114f3b1dc087e1b2739b28c592dfe":"":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":64:"467a815610faeb82":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbfe806bddb7f06b3826b097550c68f5":"":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":64:"0697ac372a9acafd":"":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"96ce3a095a91effdd91d616f1f02ddcd":"":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":64:"55a0f61032e048f3":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24ece168c2971cf2b404ea206dc9e29d":"":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":32:"d2b15a23":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d3c3cf993f6740a019e61ce13c29955c":"":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":32:"f2d3a6ff":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f1e5bd45ee8bb207ebbd730510ff218":"":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":32:"0d6c15da":"":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3997050377cfbb802cc438d973661688":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"c95c84c263bdfd5f1de66e7e616cf3fb":"":128:"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"cee448b48d3506ff3ecc227a87987846":"":128:"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc2bde877e881aea512068105694968":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"05f0c34ab2e8e8026b0a23719344b71f":"":128:"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e14f45ba5d1eb52e0412240da5d7b5f9":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":120:"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a64579f3601b0022d357b601cd876ab":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"515efc6d036f95db7df56b1bbec0aff2":"":120:"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bda4acfd10ab635f357935bb0ab7020":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"48b77c587616ffaa449533a91230b449":"":120:"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d21cf24bc5bd176b4b0fd4c8477bb70d":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"208cb9dced20b18edddb91596e902124":"":112:"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d02e2b02170986944487cba8448f998":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"6336077bb83eff1c9ea715de99b372cd":"":112:"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd1ad1de0521d41645d13c97a18f4a20":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"413873a0b063ad039da5513896233286":"":112:"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cb120e9cd718b5119b4a58af0644eff":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"5a7087989bfe2f6eddcb56fde4d72529":"":104:"95d8bd12af8a5ab677309df0fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"315b206778c28ed0bfdd6e66088a5c39":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":104:"930750c53effc7b84aa10b2276":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e886de1c907c97e7db8ec80a79df90f8":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"612cacbf33266353d0a29a24532f3c0c":"":104:"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b936e09a6477f3bd52030a29df5001d":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"f93105be83fa5e315d73acfdcf578de7":"":96:"91b55bb5e3f3f1abcf335db5":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc9e2095de7b1b48481b56bf6a3604cd":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"9e5268db19a1b51c0496a160ca76f8f7":"":96:"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3f93901fd7cc88db3ba76a158d658c7b":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"7e98de461e6d96c0ce6c8d8b3854cf49":"":96:"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"42289f3d3cd5838e250ef54b128e60d1":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"e557389a216ad724aafdab0180e1892e":"":64:"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d772eabb7f19475665ca2a7e693bcfc":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"0747cbb486a013453fde1ca6abb11dbe":"":64:"8e761ffaea68f967":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fb7fd753ee6eaaf283a42a121dab4e43":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"8164929fb54485377ecccc9b9621af5e":"":64:"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30d757fd73a0fd5fa49159ad0653296d":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"b35b8df0aebd0608517f2830e0e70cd0":"":32:"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9d3cfd5900de5d5e2109e7721cfeef6":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":32:"2b81e8ce":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"68dc138f19354d73eaa1cf0e79231d74":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"e7147749560f491420a2d893c075bb76":"":32:"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7362c86344e0aefb0cf0d04768f9c05d":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":128:"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"58748bb204ccb7bdafdbf739b6c19a3e":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":128:"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6cc13cbd62428bb8658dd3954fe9181f":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":128:"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"286d3f5080cfe88538571188fbeb2dd5":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":120:"d90d34094d740214dd3de685010ce3":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"726ae113a096769b657f973ea6d2d5dd":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":120:"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73a9eeda721c6f292e6b399e2647f8a6":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":120:"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90dbda7397d8fc46215a1218a6ffd0d8":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":112:"776d871944159c51b2f5ec1980a6":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c85174d428fc1c7c89ca5d1b8aaba25":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":112:"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d89f06eb07744d43d44734faf9751d07":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":112:"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6150f14dc53f391e815acfabed9f9e20":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":104:"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e8216072ed6fcde0fe0f636b27ed718":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":104:"531a65cc5dfeca671cc64078d1":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1af434b73a1210b08595ffa686079832":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":104:"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04036d2f5273c6ff5b8364aa595359c9":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":96:"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59fe44c6e28d025b2ad05e6e867051ab":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":96:"296c4cdaeb94beb2847dc53d":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c314264cee0e6db30ebe9b2f6d4991b2":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":96:"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"26072018bd0bda524b5beb66a622c63e":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":64:"edffe55c60235556":"FAIL":"":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"201751d3da98bd39ff4e5990a56cfea7":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":64:"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bc0dcb5261a641a08e6cb00d23e4deb":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":64:"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"239c15492d6deec979e79236baca4635":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":32:"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db68a96e216b0dd9945f14b878487e03":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":32:"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0 diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data index 9453ffa70..b1dae7539 100644 --- a/tests/suites/test_suite_gcm.aes128_en.data +++ b/tests/suites/test_suite_gcm.aes128_en.data @@ -1,672 +1,672 @@ -AES-GCM NIST Validation (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1014f74310d1718d1cc8f65f033aaf83":"":"6bb54c9fd83c12f5ba76cc83f7650d2c":"":"":128:"0b6b57db309eff920c8133b8691e0cac":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d874a25f2269e352ccdd83cc2d4e45b7":"":"9717abb9ed114f2760a067279c3821e3":"":"":128:"0e09e53e5fe8d818c5397c51173eda97":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7dab77e23b901c926454f29677eb62d4":"":"8aaec11c4a0f053d7f40badd31a63e27":"":"":128:"cec2e3230d8b762acee527e184e4c0db":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2397f163a0cb50b0e8c85f909b96adc1":"":"97a631f5f6fc928ffce32ee2c92f5e50":"":"":120:"3b74cca7bcdc07c8f8d4818de714f2":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7adc0d3aacef42397bbca79dd65dbdf":"":"c6d3114c1429e37314683081d484c87c":"":"":120:"d88141d27fe1748919845cfa5934bc":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"10171805d7f7a6d87b64bda57474d7fc":"":"fad65b50c1007c4b0c83c7a6720cacb8":"":"":120:"c3d3f240d3f3da317eae42a238bcc1":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8aaa0c85d214c6c9e9e260e62f695827":"":"84e25c916f38dd6fdb732c0d6d8f86bb":"":"":112:"a774815a2a8432ca891ef4003125":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"def8b6a58b8e582e57700bab4f2a4109":"":"3615439e9fb777439eb814256c894fb2":"":"":112:"537be9c88d3a46845e6cf5f91e11":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5894231d743f79638687c070b60beee1":"":"e34cd13b897d1c9b8011a0e63950c099":"":"":112:"d582c4bc083a8cf1af4d5c2c9b11":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6b25f9cbdc3bcd27fd245a1c411594bc":"":"a6526f8c803b69dd5f59feca1cff78e2":"":"":104:"c7e19e08a09a9c1fa698202890":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b3235422897b6459798a97ddd709db3d":"":"96679e9362f919217d5e64068969d958":"":"":104:"44ed41bda0eb0958d407b7b787":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f65bc795434efba3c5399ed3c99ff045":"":"2e727c19a89cba6f9c04d990245fceed":"":"":104:"64830ed7f772e898800fc9ae2a":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c6c66d50f2f76c4e911b3b17fcdcba1d":"":"77b42158a4ef5dc33039d33631bb0161":"":"":96:"1bce3ba33f73e750ab284d78":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13558db9b7441c585d381ffc16b32517":"":"addf5dbe0975c5ad321e14dd4bdc2ad2":"":"":96:"f413c3bf125ce5317cd1c6bd":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74638628b1361c2954ce0ac5456a1155":"":"c5861507c879e6864d7cb1f77cc55cc6":"":"":96:"8a514fdc7835711e4f458199":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7815d22c5c081df9ac2114aaa2c0cbf9":"":"822f83cd9f249dfc204b5957f0b0deab":"":"":64:"aa1f69f5d3bb79e5":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a847a47823cb9c298e4107c6aaff95c":"":"39348f80c6bc489f9315be7a6fcbb96f":"":"":64:"c3b3f31e56cf4895":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16e67ea248ea6db08af1d810cb10574e":"":"50386e2075eb15ca3f3e6db6bff01969":"":"":64:"3d4f3b8526a376ae":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26a8301636ba93e7f56309143f184241":"":"c7e32b1d312971bdc344aefaf45461bc":"":"":32:"25f1b41c":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"130a07c467067148da2790f90d73ff32":"":"800b81c9d2ff3a8e15690ffb4117e211":"":"":32:"abcc8d71":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccfaae59c3196b8c403716424ea601f5":"":"f9b059de0efa4e3f364763d63d098410":"":"":32:"8933444f":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5beefbdd23360f2dd1e6e3c1ddbfebf":"":"81a8494f85be635d71e5663789162494":"f9ebf242b616a42e2057ede3b56b4c27349fed148817a710654de75d1cfc5f6304709b46ef1e2ccb42f877c50f484f8a8c6b0a25cff61d9537c3fd0c69bbc6ef21cbec8986cbc9b6e87963b8d9db91b7134afe69d3d9dec3a76b6c645f9c5528968f27396cc9e989d589369c90bbfefb249e3fa416451bc3d6592cc5feefbd76":"":128:"159a642185e0756d46f1db57af975fa3":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c465aa8fe5d534c912e654f5aaed5857":"":"5c155f7194b0d0a17b9a0c234d609443":"a3f8d705b233b574399f72350b256cb4893e130688913ce3def8e44687688c0352ff987aea35dc53bc95cdb9cdcc6e6eb280265d9a1af38d526392ab63c9b043c1b1b43e18321e84eb7e08884f2463c32b55eb5859fb10918595a724a61cfdf935e4f96d0721612720d46a946487b525779f6ce0abf04fc5608351119b7427d2":"":128:"9595a6d879cd7a949fa08e95d2b76c69":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"744b9e1692d8974d7dec349ebd7fe1e8":"":"62ad4b09fd554e0d6b3937839e693e5b":"6f9978f7078f0030c45caf49128ff72943a208a2398d08d132239f3ab5c184708e4222ec9ccde69dc86d1700c2fe0af939454bbb3962327158557860b6fa492ab8201df262a6209705c7e3129419bce8b827320893c1579ca05b32c81b3963b849428f71fe7528e710557a272117199163a35ebfbaba78f7676f7e566b16311a":"":128:"634f6fe9625be8b1af9f46bcc0fa3162":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"097c059535037c6b358dbb5a68b5f2b1":"":"00caedfa078c27e3d9551e3fb8d98d77":"6c4bde11129a959fcd6a482cb19f5f1c582c042b314f7997b0450242f9e669dc1cbb0a3b7a185bf8b035267e6f03206268008e2b97864d44d6a9c6b1b4b067d623c4b4e9c608042ea9120aed3bee80886352683891496d8980e40b8480c98c2fe08f945aa1ef6007c65220319dd8678184ab54e81083b746ec6441e87a568e0c":"":120:"5075ef45c6326726264703f72badde":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d25db5eca46c16490294423ca0c35660":"":"6f37f15d6c7ea816278ab977c29fa45e":"bd76fd431cea72a288e5d7289c651c93b5f429a54f85249021d6b595eb9ce26e18914a381a6b0299acc3725431b352670f206b731be718a598ec123dce0a2c5ac0aa4641b092e704da9f967b909ca55c2722298365a50dcb5b5ec03a1d0cbb67b8de1e8b06e724af91137e0d98e7dc1e8253887da453cdcbd2eca03deacaabb8":"":120:"00510851e9682213d4124d5517ebaf":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b3c6258a726aff94a7bcc41646c68157":"":"7f5b3315afe5167a7e9061ab8b005588":"0ef3384862c7e00c2912e7fde91345dc3134b5448e6838f41135ba9199c03a7f208887e467563b39a6c1316540c1401e8ff148386c50fcf15724a65d3210b17832d63cdce76bd2b458348332b0b542122a57e381475a59440f280db6e1f4b8d0babfd47e3db11a9ef89cba5f334f0e8e72be30afb2b1ef2df8eb7f8d3da033c4":"":120:"180489039ccf4a86c5f6349fc2235b":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73cd0a1e2b6e12fbaa7cbace77d5119c":"":"d897681764bcc3b62c26b4aaf407cefa":"8c773e14a906c7deae362d1bf3d7e54c6be4c74c691b7f2d248693b2619219fba6eb5bc45f77af1cf7c05d3dd463158f884fe82290d145135889fd851b86ee282aa20bbdf6af78c7f9db6128b8b99e7f9b270fd222efa18f7aca6932a1024efb72113e812b3f9d2d4ccc7c85f5898ddacccbf1b441cd74097740dd922b57bade":"":112:"d8811a8990191f1e5bd15be84995":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c1dfddafe076d0ceebb0f37bb25bc0b1":"":"29c56db10cea802c19fb6230227ab2bf":"287b73cdc62ce058cdceff8e9af7afc321716f69da9eef60c2de93630ba7d0ed0a9d303cd15521a2647159b8478593f3dd3f5b7c52081e5154e55ccbff371d7e5dfc2d05e14d666a01ec2cc6028aacadfd78dfc73bf639fc4dfa0a0c46415902bbda2443620fa5e0ce4fccf1b8591e3a548f95755102a8438300753ea5f61b9f":"":112:"309fedad1f3b81e51d69e4162e6f":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2c4087ccd28ceda147d2fcfc18579b1e":"":"9cbdd67c79ab46bcbcfa96fa2c3d7e87":"35088d18dff0a9d3929ce087668aae1d364b37a97102f3f43e11950e6ec8296d0c99b00cd1c5dff53d3a38475e7da7b9ee4ce0c6388a95d3f8b036414e4b79cd02b5468cbb277f930e7c92432a609db1effe65f60f1174b58f713e199491f9e0c29ba1f2e43306775d18c1136274af61488a2f932e95eceadfe3fe4b854fe899":"":112:"b7e83207eb313b3ceb2360bc8d4f":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bb66584c8b18f44c11f3bd7180b9b11d":"":"39c82aee03ce0862ff99f8812cdbdcf0":"45ec858e0a5c6d81144ba893e0002818a70e9a19002a5471993077241b3fcfb4fd984f2450803293882d1c7ecb654e611578fe7d258f9a2ca3b5f0c0f0d0ec4828bdeb9299914ff2ac4cc997cf54fa908afdb3eae9f91d67c4637e1f9eb1eae2b3f482ddd5467668bc368b96bbbfc33b9ae2658e4ca43fcf4b66ba2a079d65f1":"":104:"24332fd35a83b1dfb75969819b":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b2a230c8978d4e38fa5096ddc19d6f5":"":"cd25e744a78af858e825e1fd070324ee":"628baac336862573cee158cd3935c34df3055dadc9c1695e9ea18724f6457f0d1833aab30b85a99e0793e56000de5d6d5cb2327a4cc8bec40cd198459e7b93617713e63bbd15381a066bc44a69c9ad3dfb1984f8b33a9429eda3068d3ac5fbbaaee2b952a486e58d674ffca641d9ec1d102600af11641fd5fff725204e6c34a8":"":104:"68d49d495ff092ca8e5a2c16cb":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73aa576e1dfad2c993afcc088bd8d62b":"":"712e665a0a83e8ecad97e92afeb35706":"314e5fee776e9d5d2a1fb64ceb78e2c9a560a34724e30da860b5588fe63d50838cb480ff8ac61d7958b470b1bfd4c84799af6cb74c4a331b198204a251e731f7d785b966da595b745d01769623492c18b9dd8bd3c75249effd2032658c715906a71dbbed847027ea75d647f9803296a41906e0915250854597a163035a8d3f45":"":104:"a41f5c9c7de2694c75856460d4":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83f7631c4d4c466c9246cbc48e2dde6f":"":"f5d6c8c252cb687a931c38f58f74943c":"1f35e94a35d0f424bf690a15038126a41502593612efe6333cf94ea0565ca6acdefae8d74dae62df95e9261c6596c3397220e044c5b08cf39cccb27315d9b795da321204910274a93436bc0573fdba04ae6bb14c6ca955cf8b9e193a12e05796d7f4b397507614dabc457f1cd3ce19e439b6e62703f2189372938b29b7a542b9":"":96:"bb85dbd858ab7b752da7e53c":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"784e023b2d4c978151d05ee71533c56c":"":"f16d041b9f0f454db9985c8558ef8a61":"91f6e108c294640c7bc65d102d3d25a7bfbbe114acec9b495636689afd65fff794837946602ef04de7d4304a81809e0f7ddc45c476c29fd5286fcf4dd1ba76ed3ce88abdb51cd21e7aaeecb13238ac031da87ab96b2a13157278bf669d0efae28852ec3585d520d54502881322f7977d03954e17e7c0c0d8f762e34f59ca141e":"":96:"59699c639d67be6a6d7c9789":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3a2ec66e4a72cb3540e87f4e67c7e58":"":"07a9cf9f44b07e3067d60e276322e9fb":"d7e722b82e8607a64fbfeefc7887009298f06a637fe937277e3a76e8addaeeb460ba0743912c07b500b4b51e9fec2b7eddf691d155baf689f75968160c19a8330e254220142ae843bf0687aabeb74ab607227b0a7539ec3cfea72a5c35f236623af78beffaee6e7b1adc2895732ffedb3f8520710f04eb9c2ce9b2cae215ed5c":"":96:"f29aec72368bfcfa9ae815fd":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83f382a90146544ef4871bde891aed22":"":"c6f664f5ccfd1aaefb60f7fa3b642302":"656a2f221a1339d8f5c26393a08fa31859f626eec9a68afb6ee30e5b6859d1cbb5ed7dea6cbc4a5d537d70227d0608185df71a0252fa313be4d804567c162b743814f8b8306155931fdecf13822a524868b99a27fd2ff8f98c16edccd64520e2dce1ad645fd5255c7c436d9b876f592ef468397b00857ba948edf21215d63d99":"":64:"09df79dd8b476f69":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"64334f10a62c26fef79d9024d4ba7c5f":"":"7b85251554d4f0ff89980cf3568c5caa":"dab2892262a1832a473cd3481acbd3d1820f14361c275514ec693b40f2170ea5ff82c4f7e95a7c783ea52c43a0a399c37b31319a122fd1a722e6631efa33f8bfb6dc193986580f0344d28842a3a4a5ca6880552557f3915a65501f6ee0c1b68a4c9040f0fac381cbccb6a6e9bca23b99f2ef1abbca71c69aa27af2db176bf37d":"":64:"3e8406900a4c28bc":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c98ca4971c3a6333c18b88addf13368":"":"7f617f08e826a3c61882c3e00c203d4b":"ab1531fce0f279d21091c3334bd20afa55c7155bfc275330ed45f91cfc953771cbde2582f4be279918ac8b9ae07cb3b2efd14292e094891d4841be329678ad58d714fc8ce4bffe51f539f4240c14ba883b95cdc32cf4a9fd6ba4ffeafa0d6718989c46483c96cfca3fe91000f9f923d7f96725e966de068b5da65546fe38f70e":"":64:"58cc756d3bf9b6f9":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"247d3abeb807bde959e68b40a3750045":"":"3f5390cd7921fcb42c59f0db05a8a62f":"81abf375da7157a1a56068d0918037fecb7296d9b1771c54ae6030abda4b9d76feff818de81747980b2c1b005e36b3be36afbf1092edef6fd875d2903d73612addf206a6ae65886421059c70990a6ee33197f92bed649901fed62fdd20c30d81baf6090f50d9f59290528e58a0b7412ace0a293369f2b4c8d72c2fb0e1c432f5":"":32:"37bb4857":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"622be8cd3c757de00fbb7ab4563ce14f":"":"16c53a843b1549716d7c06b141861862":"a15d101580d549f2401bf0f36be0f83724875205c9109d2d69d2609cbf67504b918f0859303192b4075f952454f3e7152f898f997b36afc0356712fc08db3343054b20e88ad1274e019bf8fcc3c921d3bc8f9c1d1d24adc61f6033a83ef46a84762304f1903553748b13b1647c96eb8702ebb41ccea4d9cfebcb177c453277f2":"":32:"35778596":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a660aa0191f9816261387d5aeb262f6":"":"c720cb31e841480da5ba656e9b93f066":"d979affe395bd048db26d26908a1c2a435905299086cc55bb65ef782f5aed99c41743c3ae252ea087f5453bdc605abd784b337b60960946358da2218b076826659a1fafa59124a00a3424fce0d00c38eea85cfb3d1e01bcb09d9870d5b3fe728f394e0e512f5aa849d0550d45a7cc384f1e4c6b2e138efbc8f586b5b5ed09212":"":32:"cf7944b1":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"ad4c3627a494fc628316dc03faf81db8":"":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":128:"5f6a3620e59fe8977286f502d0da7517":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"81371acd5553fdadc6af96fdeee4c64d":"940806fd5ddcab9937b4ba875e46bb4b7e9688d616d17fd24646f1ef1457819f55887f53bd70039bb83b4d346aabe805288ab7a5756874bdc2b3d4894217d3a036da5e9e162fa2d9819ceb561ecf817efc9493b9a60796f6dc5e717ac99bc4ba298eee4f3cd56bbc07dde970d4f07bbfa1f5fe18c29a3927abe11369091df28f":"3262501ed230bc4f5a190ab050e1bcee":"":"ffeb1907bdbfea877890a6e972a533ae661a903a257b3b912c7c768cc988e05afd71a9e6117d90d1e1b54f55de9b10cbce7a109452567483cc8d6a68b9e56da10802630591fdd8d55f9e172f0f58a7e0c56a73a1ae3c3062f0997b364eb0885d48e039b2ba1bd14dbb9c74a41cbd4b52564e470d1a8038d15207a7650bd3f1d6":128:"227d422f8797b58aa6a189658b770da9":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef5295e9ae74729e222df6dab251158d":"59372848432f86f5740500391d2e5d5fbe1f80ea876a0ecb9a5b298d9ea7cdc28620aeb2fda015345ae476f265351b2c6b6fcd66bc8aae4dc8a95c1350cda204da3d2d2fc5e6e142dc448296d5df0cc349d1eba2fa98d2f468662616274a147fbe07927440afa3967ac09a03a8de0b03f3036bde5e272e3c4c5ff169dd730238":"194d08fcc3c08ab96fa724c381274d3f":"":"fdceeffdc8390bde6b910544db61db2f345eba0664f78f65d94b90e3e2a5251be374b3c5d881460cfff3549a01f84eb9d54087306a20f5156cd555e46bd2173386c90ea47983320fcbf24e09a05f2ec4b2577287d05e050b55b3002b753de49abef895ee97015810c06d09212b0c09e4910c64ac3981795a1e360197740360fd":128:"e94603dbd8af99ab1e14c602a38a0328":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26db035f2ddd9f5672c6f6af156838d7":"92c315936847649756b0b1bb4a3453e6e6da866f8088d96da44412d9f47a22dda0cd817287ba42163be59a69f73963059139fb3ba44bc5ebfd95b6742546dfb4fe95608dca71911d1347be68179d99c9ebf7ee1d56b17195f8794f3a658d7cad2317ed1d4bc246cd4530e17147e9ecdf41091a411a98bb6047eee8b4f1e4a9ef":"3686d49bb8c7bd15546d453fdf30e1f3":"":"1ac98e9ccfe63a2f12a011e514f446c4c0e22dd93613b1b9b8f56d148be8a24e3682dfc1cde2b69e72d200b516a99e7466dae8cc678c6117dc14b2364cd2b952aed59722056d7dae4cfdb7d9c4f716aef2aa91a4f161d01c98d92d974247bb972de0557e175177ce34361be40c30ab9ac46240016e5ad350c3b7232c5920e051":120:"b744316880b0df3d4f90c3ffa44144":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5c63757197a132cbb33351fd2d81a46":"e970b62ce5f06b15f8448aa2a095c2b3c8adf535e110e7f374411ed51fa19f9c4926045f796b7cd8a942b6a19811b7aae59fce37e50d6ca5a4a57bfb041a5b51c1ee82b54d03be22d9dc2bb9a2e708503b85e2479b0425a033ae825b4f232ca373e280e3cc97cf0d79397a81fb30d3b41cdaa3e788470cde86734e10a58b1e3a":"a669a4d2f841f9a0b9ede1fb61fee911":"":"522ba7220d0d4bea7ab9ca74ad8fa96ba337f7aa749cd26186499081ba325df6d6b90a81bd1c7adda0cd1ca065894f14a074ec13eff117b2a00042038aea55850056a63adf04f58fcd7269085f5ad1ef17ce7b6c40804127f14747a2ad93ec31fada83663af025a3b90c20a4ae415b1c960094e5fd57db0d93a81edcce64f72d":120:"7bfce3c8e513a89a5ee1480db9441f":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f380d3bf0d55a1cd56b7e78359eb6c66":"c0e977e91c1c50ee78d4a56c527b2d31a1a14f261aa77e52d910f8f230de4908b5cc6943e28b8c6e7ac61eebe270dcfde48d140ec13792371932e545b6ef4b52d1dfdf54c60ff892b74095a3f4a2b9000acd2cac04666a2305343b8c09f89dcc0c25bbe2a39b14624118df025962edec3dfc58d36fcac531b291ec45b5159e22":"ba3300f3a01e07dde1708343f01304d4":"":"752f09b518616a91a802cf181532c7ec65b54c59c1bab3860f0ad19971a9e5bc8843524c5ffac827067b462ebb328e2eff4dd931728de882055129997204e78717becd66e1f6c9e8a273c4251896343604ac289eb1880207a8ea012626e18e69ad7573ef73071b8e2fb22c75c7fc7bf22382d55a5d709c15e4e8ff14e2bf81e4":120:"fbf8818aee5c71ebfd19b0bcd96a7a":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47c807cd1cf181040a4e3b1d94659db8":"c4a52c1f1f0d32c21fb85fba21d1b358b332efa066c7893c566b2e859efdde99fc67bb6167cdb0485a8ed53dd1068d90bc990f360b044039791be6048ba0ee4ce1090c9fce602af59d69069f5bff8b6219aaaed5a9b1bfc8c5b7250c5a6cfe86586fa8064124d551da38d429a17696eb1a7a0341c363f010eafd26683eecdf82":"9963a3fb156beacd6dd88c15e83929df":"":"e784ab006de8a52de1d04bc2c680d847c5decdd777cb2475ad4ab1dc529882d9e51cff5451b14ea5ff9a9bab5c5474e8a331d79564acdb2ac8159e0f46e9019bf80650c481fdaf1680cadcb8c5de9f924760b376ce5736cc4970cb8715b5999f577436283a4c21469306840af36d1e069616157d1b9ce75de3adb13d201cdf1b":112:"51e8ce23f415a39be5991a7a925b":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a0b033d14fe902aa0892b0e87f966c41":"1cc751d890cd102486d81c618c23fa335067ac324ef11f7eddc937853db6e16d0f73727725a5a5bd580705416ecd97e368464ed0aea923ffb71c23c37f9cf9c8bd81cdbdc3d0ac34a875db3167ec1d519004d4fa4bba041af67af1ed3d4e09c32b3e8e10abd91f46836cec74b1f9c5b06c05f3b18caa78e7ff185db212b52ce0":"ad4dee18e6c19433ad52021164f8afb7":"":"a30044582dacf57332b04402e993831df0a4c1364a83c9bce7353979fb444cd1b3fe747e2c933457ff21f39e943a38a85457bfe99dc09af886734d6e4218fc65138055ad8eb5d3044f4eed658e312b6165199e682ffa226558dc4b516f8d519f149bb5a40d2bb7d59ece9e5fd05358c89e635792ad20c73c174719f9b28c7358":112:"6a18a4f880ce9e6796e1086ed05b":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4030ca84f132bfabaf660e036f56377":"a8fe98e2b4880d12c99c9d5193b3537b3fbc5165cc1327395174d989be5741f867332271cdc52ddb295ddbeba33698073054c6d2416fafaeb0a76aad870a6fb6097a29fba99f858d49418572c8e4dc0d074ca8af7727c773c8617495b1195d6b2687a2e37fad116dd721b60bcb5471d548c6dafe3ecdcf0c962e4659a61f4df3":"975df9c932a46d54d677af8a6c9c9cc3":"":"86b20fecebc4cf88a6a382d693117cd2a3c9eab747bf5df5f1d35e341d204d8fea6694b92552e347da676bc8d3353984e96472a509f5208ce100a2a9232478417947f85f10993c9d6939c8138bd6151aef8e2038536e8ba1ba84442e27586c1b642f9505455c738e9fd2c1b2527d1ecd3a2f6ed6e3869000ef68417ec99ff7a2":112:"3516909124c0c1f9c30453c90052":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e210de363f170a7ccb1b9cec8d34737":"89853fa002985a45651f2a7db2b45b7e7a7d33ce6c438ec4533c7fa257e1a384130369a68184a807fd0d92a70d91d7ddc56e5c5172c872257230d7aeb9293d785b1b8835dcde753798caff4abcd8bbc5378cd505dcf904aa69902e4f38699be972099adffc8778bd844a9a03e6b58a721a73324d956f20f2ffd00d3491f72f42":"39fe20b051ba21319a745349d908c4bf":"":"ac9d74f8f405fd482287a4a7fa359caca095c0f1b46744f19c3c11e13b0c605b9857c8cc5a1754b95bcc658416f463bf8764f373205941885948259916eaabd964f2d6c2d784f928dc5eefe331f6c04b4862d4c8e966530de6bf533a10818de852de3af7f521b167cb4eb7141ba8ae8a17be1eb714fd26a474bbbbe870a659dc":104:"7a2dfc88ad34d889f5e344ee0e":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bbfeda23ea644fb37666b05dc47f590":"a85ec4c2c160deda7e3de0ae449eea6ed1d24e2c8f3d5151f2ac0fd869f5a763981733b68f46c5197d76c26cce7ddc8afc6cdf4536d771cf3e9cef0098e270c5e1ff72cb0ad7f84abf44b726e0eae052d0c1553afc67c7289a43851a4d04c2856cc46b4039380436465a3b19deb56e41b859aecaf22b90578a23288d5f7d9b0e":"9d154f3cc2c5b0bdd77e86e351220960":"":"dbe575ea04b58429e68c733d99d7fb3a57e5604d6fc3baf17e0c6f981d78c070144702861316f892023515f20b697a8f3a40d821162dc9255d4775e7578285acf2cca67e902c060f80eaae29b9c011b6c110371409d914782e1e4115dc59439a2823507330852f10436b121538f22a3b619075610f1da87b6035138d78c75a79":104:"8698763c121bf3c2262ba87a40":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce1407f666f2aa142ed4ef50eb2a4f64":"585fc1e86809247826f87424741f6ce2ce7c7228fb960803be643acd28332b2036715e2b639fe3f8de7e43e88bd8e65a6e2259391360aaf534ae7566cbd2b3961c874d08636fca117d4123b3063931d7a161d00220014339ae9f447f31b8a2d7d5466fb1ff2508397b5fa71f9b4cd278c541442a052ae4367889deaed4095127":"1225a2662d6652e3d4e9c5556bc54af4":"":"8bc13cc1cb52fbd15390cb5663ce3111c3fb943f8ed3c4f07b7aeb723649fccb90895999ec5dbdb69712d8e34ae3f325fefa49ecc7c074de8bb2ea01fa0554d7adbf49498f2f6e78aa0cd24620bab0f11bf9b2c73ad0eff780eb6c03ee9c4538952af754c566aba7c717d1ee6ac2f5ffe21dab9afd649cd65313ee686596fef0":104:"9a1f1137f9ed217815551657bf":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5ecea1da76d6df90fd0d4077ef631b17":"d87e9a0c6a9796d60ed78924f7a8c408d5b9fab03fc76790e74029f13358fcae0035bd971a400845f508c2c2cdc3949be498193afcca6d75f8d21521ac673bd41a936a133fb5ed61098f3cb89df5234c5ca5ad3dbbe488243d282412844df0d816c430de3280ab0680a2a5629dce53f94e8eb60b790f438a70fafb8a3ed78a1b":"7d7ae2ed1cfc972f60122dec79ff06fc":"":"1eb19da71857854420c0b171f1f0714972fe7090db125d509aff6d92e5192353187f0906e3e8187f73709d1a60e074af01e83d1306d582a82edbdbebc797a733d72e2d4208675ef98ea4eaaddae2292e336fcd3fa85cdc577f4b8d3f324f0c5cf3919701208d6978f83466a02ae6cc368f57e18b9ee16e04cf6024b0c7fbad33":96:"f74b3635ec3d755dc6defbd2":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d6de51c30692d7863482cbbaa5ccbc3":"9f242c230ae44ad91cb0f4fe259684883968f3ca4f57a3e0cc4b03ab063a4eacdf63f9e7900a98073e345d1b497b985887e1ffb5fe7d88cefa57dd41076f2da55ce7ab0899bdc5799b23773f8f7a4dfbf1861cf4de377281fae9763dd4ea8dc7c0d632b874c86ac8e4c90339ec3f14cc51bf9241660ab828605cc602984a0f10":"c6c0fa3da95255af5f15706274fa54ee":"":"55e75daa3df3b13a33f784d5adacb2ff6861cacb297d5eaa61693985b6a0f82e9e0b3a28d10648191c6e62d6260d8a8bb471e6b37aca00dafdb2fb17454660f90c2849a9ad1733d7bc227d962b3cd86ab32d5b031eb2e717e4551cb23d448e06bac7b2a4cadb0886fde472d45de39eca2df474ba79eb58504318207325c81813":96:"8eb9086a53c41c6a67bad490":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76b7f2307e9cf9221c8f3ff7105327f9":"bc076bfd1ff7a9fb043a371e5af7112bb0c9c442be44ca648567937bcc091c127f02ab70b81ce51b2f7a38954dca3d94b3716c6114f0ba349d6f87f5efd84506ed289dfe8a1277a5d1821c56f9f297cb647cdf36d308e6ad41c55d68a5baaa520d11d18f5ddea061c4b1b1ec162b2d5bcf7c7716235dd31eda3dc3094cb15b26":"3cdaf7932a953999a6ce5c3cbd0df7e8":"":"88c70d3cf5817f9fa669aadf731c0eb03c3d8e552f2dc763001ac94837353ab75b0c6553bb8ba2f83ef0556f73dae78f76bc22de9a9167d7be8e31da6e68b0f0bdf5566059901726b6f2890ac8745ed14f8898a937e7d3e4454246185124f65cebd278f8c11fb0de22da7248f33ef6bb82cb1c08259970714de39ea4114f85af":96:"6006fe48f74f30bc467c7c50":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bac83044f9d8fefcd24766644317c533":"a72daba9de96bc03b5cd7449c2e97c858385475127b9614e37c197225d5789535b69f9123993c89a4815c1b4393bfe23754ddc6c01fc44cd2009b5f886988dc70a8cebb12664fa4a692db89acb91de6a9eda48542b04459149f59537e703e3e89f6d683ebb797fce3874c819d08676d926bf2da2f83a22449b89e204b5ece58a":"1307cd0e6f9ba5570e9781fca9a4f577":"":"479cdb5f65b9baff52a96c75790e3b7e239125f94525068cd1d73a1b8475080f33451ec83789d7189f5ad6a9130e7aa4df10d71ecabb5ccd980d84d0fbfb342506edcf7298ccb310c0e297dd443ded77cf1d96fc49055534439f1af583217a5de36e4df036a3b640d0212658399b629193080d38aff0d4e8aecd6c8d8f48b44f":64:"ca192f8153aa5fb7":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"627776b20ce9bb070a88f1a13d484550":"1da4a24fb12538a724f62b277410d50e918bd6224d4a61df6fb7734300643198debea71686e018bcd8455c2041265d11f7f5dcec08c31fc94784404423bcf1dc8e615227d2b0840be123a1efb8201aaa15254a14a2d76a6ddf536701cb3379d3c6b1b0d689e5896186c88d4a2c53a70bb422ecc8e0a5c3b9f3d89ce40676e4f9":"57f3f9388ea1e2c1c73f60b7d711f6ea":"":"f8a06eea528dad12b11ead51763aa68ca062f9f6c1c1f740fb910974f7ad9d2ac87c16fb74d07c3bd3b45f2e26af417e00416bdfee7ed0b69274ead70a52201c1fc05937438855f5564ec3e824daa0c59da1aa6f6cb8a44ab5f73d661b219766b80656cd3ff1e2d6909c6ce91fb14931af8580e859e9d7642678c1c35d9435d4":64:"05b432826dd9b044":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8954e2c0a7ea80fe3c8e75246f75bdbd":"d77e11a837eff95c77dd56e9cd97f0ffcee0adcca4a2203d23ce74c804a75cef1bdd69b16228472a2395118dfce636b8916372d6a24106f9a168055c6d4b44264674ce3905b3b30f5108ebf939f3fa8f55c12e001b457b73669acd23c1dcabea05aaba34e2d0f66a4d1c9162764228ebc4d3974fdb38b1a61a207788c5deb878":"2b5f9420b3c583403d92d76a2dd681c3":"":"35b8a04d6557426def9915eb798312a7572e040a65990ce15a8a6e5acd6b419c3fa26828b6efd2f1f50f91f672fed0feaa09a6ca6b4844fac5d3db571db8bbce250086b8c89aa6fa07bdca8dd0e1fe76e0f5a821145bafa11f3a9b0b003ad09de73ad71849ac58f7fd50851aa0fbbed17d222a0a5607f9f75dd3b0d3fa45a135":64:"96511adc097838e6":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7d0f9109dd846c47527a429b98d53301":"506efc29c0f02910cc9f5b2e677bb811e366b9e4910c00b36e48e5d5b42718f3b6d1a08a2de9c6d4ce44fce00fb7e10cf89396a88bdb38dcb0dba69449195e19b72ff989666b366f03166dd47cf4c7bf72dba3048fa34329ba86bbbf32934a0992d72c463fffee94653379d23b8bb4dff03fd86cfc971a2f7cdb90589bbbcb28":"f58a5bb77f4488ee60dd85ca66fad59a":"":"2e2760c649f17c1b4ba92b1fc9b78d149a9fc831f0d0fe4125cbfc70d52047f32a7f25c716533d199af77ed05e259cc31d551187dbc2e7d9e853d5f65ab8a48840f22391072cbe29e8529cd11740f27d11513c68ad41f4acc6fb363428930fe3d7c0e698387594156e6cc789d432817c788480f3b31326fa5f034e51d2af8c44":32:"6ced7aac":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"034c805b5e83b59ad9d6a65ade3940a9":"efbec09f8189404f3dbe569d3bab9b8bfabde419fc80abb3b21a07a5fe42326d23d022406981abd558e94f4debf38f2c34c3c315cb1ae1d5f2d48eae1335b50af9dd05b60aee724edb7d4e12703d5ec8873c55e3a3d6d8d5e4daddd5240fa3ec2d1f32442ce32cde66dfac77ed213207dc4838ca9782beb9a98d6dc52838831b":"b0c19448b9f2a818fd21ba6489c34fb0":"":"a45ba5836011fc65882ba8b1d6bf7b08b17f26b9cd971eece86fbb6aac5cdfd42790a7c7390099b10dee98cb8e4bd8b3ccb3ca5d0b9d02f759431de640ad7f5dffb919a8aaa74695f94df8eff4c7cb242d643c55d6f9c8323006f3be595aa8cdbfb0d9260ad2473b244ca65a5df53d2edd69f47df608e22a68b05623150b5665":32:"43e20e94":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f3bad89e79691ae72f53964b928a09f3":"01913e4ef10226d80c5026ba9243fa41edaf5f5c232d17c034db4c0c8369f48d89a1d58b3b2dda496506c30457365bdd76710173a97022d647276a4a8ac73f0e9e211cfd7d64849409ef61cce618675eaffe88b3f14496e5eb013c0f8a122dbf16f2c675edf7f813abe9c56101e570e208e651fd956e710dc09f13ebd22b81ab":"aabf77116a75046e7ecc51a468aa21fe":"":"f7453670604ff6287ebdaa35705cf7553410452fdb1129a7fcae92565a4217b0d2927da21f3d1b2bd5ae9b7d4dcc1698fb97fc8b6622ddc04299fdebaba7f7090917776b86b2af4031fe04fa1b62987fa9ec78fbbc2badc3a31449be3a858ac7f277d331b77c0e9b12240bd98488a131dbd275b6a0ce9830ff7301d51921ba85":32:"15852690":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"839664bb6c352e64714254e4d590fb28":"752c7e877663d10f90e5c96cce2686f4aa846a12272a0aba399e860f2838827c7c718365e704084fbe1e68adb27ad18e993c800da2e05bcaf44b651944bde766e7b3ac22f068b525dd0b80b490b3498d7b7199f60faf69fee338087f7a752fb52147034de8922a3ed73b512d9c741f7bac1206e9b0871a970271f50688038ab7":"5482db71d85039076a541aaba287e7f7":"4d75a10ff29414c74d945da046ed45dc02783da28c1ee58b59cbc6f953dd09788b6d513f7366be523e6c2d877c36795942690ce9543050f7ab6f6f647d262360994f7f892e9f59941a8d440619fda8aa20350be14c13d7924c0451c1489da9a0cafd759c3798776245170ad88dbceb3cacde6ba122b656601ccb726e99d54115":"c7ee1c32f8bc0181b53ce57f116e863481db6f21666ba3fa19bd99ce83eee2d573388a0459dfede92e701982a9cc93d697f313062dbea9866526f1d720a128ab97452a35f458637116f7d9294ffc76079539061dfeff9642a049db53d89f2480a6d74a05ff25d46d7048cc16d43f7888b5aff9957b5dc828973afccff63bd42a":128:"63c8aa731a60076725cd5f9973eeadb5":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f2af1b14ca9598c341785189ac6e085":"790bc975865f44e3a1534e978e90b064530321a2280a9172dc7f3451773b01d4a56c1857ad0474350b945e4f34cd677c22ca89445a564b47a8526d31d18160c35d2be1e89428c3593b53877cea0d88d85b2a7ed0552e39a0e96e35ae0384a5d7868243045dcbfc245a3eb3ff99f4dd86c0a314f68d1971e773caf9c168b0aa0b":"bbf23307ad2718398b2791c16f69cc45":"26b160695de2ba40afca6bd93f1c2895f92ca9108847a8ab71ad35cac9f9c9f537ef196c5d41b10e3777c9a02ad3c73cd299a85f60e5d02794c3be2643c3e63f105b94d32cb4e3eb131d3f487fa5d1de1a4ad80cad742704ed5c19a7cf4e55531fa0f4e40a4e3808fb4875b4b5feaf576c46a03013625f04331806149e0f6057":"52c373a15e1bf86edfb4242049f186029b458e156da500ce7a8fc7a5fd8a526191ac33e6b4b79b36fda160570e2b67d0402a09b03f46c9b17317a04a4b9fbe2ddcfc128bd0e01b0be3fe23e51b69c28bcf8725b8e4208aefb1cf34fe91a2bb6d5bef7b936bec624a8f38c9cd4ac51a0187635138d55da1fb1791adfbf8459d3f":128:"db3bbdf556c9c1be9b750a208fe55c37":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02980dff205bfa5b18037486618e1fbd":"f037ae281e45c50c9fa875f0ec9eb43251d3ae1b6acde27cb5edda7a4e384f50301a68bb6f4caf426adb31457c5eeaa789edc84fd902cb82e00dccbebe272d90cf690ca82ee748885f02daf377970e985d55994fa668fc5e3e06763e6829059fe0c3eb67033b3f5223cd4bb654484c57370d2b856d7117e32ead3d179064315b":"27354e68a004b255a380d8480dc9b19e":"37eed8620136842938ee3c3c08311d1298d3fd3f0456c056e0851a75d844fe6c61aeb2191c024ffce38686c09ab456f0ec26bd76f935d747002af9b47648502713301d5632c2e0d599b95d5543ac1206170ee6c7b365729c4d04ea042f04363857f9b8ea34e54df89e98fef0df3e67eaf241ed7ebbc7d02931934c14bb7a71ad":"f8090d0a96fc99acb8f82bbbe58343fe227d3f43fceece5492036b51ac2fa6db4bf8c98bf28b40132b1ab46517d488b147e12ceb5e6b269bb476a648d8a1133d5e97d4f4fbdfa3866a04948851cfb664f3432de223f3333248a1affa671096708ce6e2c9b4f8e79d44c504ff3cd74e8dffd4ddff490bcba3abffbade0a4e209d":128:"b5762b41241cbee4557f4be6d14d55d4":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1fc9bcc5aee350f1ef160346b642cc20":"e0fb08cf7dc901bf698385a38e1a81acd4118f083e52aa52e1ded16ab1e840cc49fa1ead3292ce21096cc75c89dc3701102b0982fd3a6bfa55a7799e579aa7336edf365574a904bad924ec080b093a604994db4dcd8323d7d39c3c35750b0741b170481539d22551871d6a0e2ea17e4bebe8ce19ec3bc3bf4f6edae9cd7ab123":"910a81a5211ce0f542f1183c08ba96a7":"2dcf7492c4539d6abc3d259ba5970033ebc2e7ddfa1af8be11f81b459d7477f310be2171290bec2f2ae2cc51266f46e98c878dd2444afefdbdb73a417518f5fd4c116547bf442fa9a8cb2300c5ff563117b2641dcd65018081e62a7ce5c4d822563824e5eafea90cbceee788ed44e6c4f23fe8926603a15adfdb556f11a0be9a":"514d27f8413d7ed59d96c14e7e74b9f3d4518486876c469b369f8c5734145f4aa52506c8f832d4811e5f981caadedcf09875033c5b28a00f35605d773c7f9e1af7f0c795e3df1fa9b5a524f1f753836c1e2dc9edf1602d37ac120f3d8a5c093a5285dbe93957643a65f22995a2782bb455d23318f01bd18ae0d0813b01d233e5":120:"feb7a25a68b5f68000cf6245056a1f":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9cf329dc10bcebb484424c77eb785aa2":"92728a696b07704fb1deb648c5036a1c8602b4006fb2fd2d401c4b6692e252c7f66918078542cc0b1a97486964276d6e6c77bbb88a9fff0285aef70783d9f2be3b7b22f8a8c02771492150122fe022722bf64263f5d2406884108d8d608273bc02a9127fe4dbcb321ac44a7d2090cff7017d59d73ecf927b8b05968675a63ca0":"a430b979168f5df5ba21962d1bd6dd15":"4d94b7650297c66b43210c84e6e7b09385117ed8fb91adf643b2339f39a5d8dd0b0d75a793e2a669e42c5ddb0873714e01cb65da9eb73fd976a49ae9a4762bcbc06be5052f750d110a407764280b510da5fd0fdce969f86ea6bf52ad4fd9e2d81ec5cb84af0a1d406504a34c51c751daebb4421fe1994bf6db642e64bd471d9a":"c13dbfc60b34d75f8a84db1f6aa946dbfc19479d63900450389756cd1ada8f6d2d0776607f7053db6bfa6752c4b8456f0ace314ff3fd4890d6093a4a5d47dd8fbf902e3e3000f5e02ba93a00985f29ad651cb697cc061d8f3cc74e6d8d0743a1988947c9dc2305e2b7c5a78b29400d736acc238131700af38e72d8c98ba007eb":120:"82f1dd58425eb9821fcf67a6b35206":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf43ff6a1ef35c37862ae3b87171a173":"a1e670b3fd62039cf29edb61b26555bcd0f9184be4593bf6b20ceab263bdc76cdef34992fe0ce4d43bd93bd979b78bb252c120fbaafe4947fc0ec05cce4358a5089a841c7476b0ebfca6476e690cb9ee0b73c6700aa82aa8f4050f2c98500052a2d3274b30b0be67549d756efd163c4369b6df0236d608bfbecd784467db2488":"6c56540b3a9595f3c43f5595ace926bc":"5c0bc6e44362299642f3756acf09878bb05549eb6cd6c4942d39fe586ceac228d2aa9c92f8393e5017e73ee41002e60aa8b993c48a7638ce2ae0ae0eaa536bd749b07a8672fc620a5110af61232b6a3d527b36c86637cc1fa92c84008465fd861920884d8a784e194ec52fcbb767a68ca6fabb64ab0a0d680963140d5cfd9421":"8ad36522e4ad47d4a54c5eae0a8b9ff4911aa5b9b13b88b00488a7b678f63cf85945b8d4998d1007e27529b56f50b9e3b373bb6fd861a990514743b9707d535b40d1bdbc3f58a63b8ca30dd7934ee98ec3325d80afaa37e38b4e82d8851166589027d91347727b314e02ed08a7846e29fcd0c764834d12429d9f568b312081f3":120:"f5bf21d5eadeebdef3104d39362b85":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a0ec7b0052541d9e9c091fb7fc481409":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":112:"4365847fe0b7b7fbed325953df34":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9ba053776afb01d15915e7f82a04f21":"fb59858421ffbf43d09415a77320cc9250df861e4414817e7b78cab918fa890ea0400d4237f7ebf522d97318ea79f9979a73970296827a1a9690a039e6c605a0a3efc0077156e1b15f14d88685833e09f6cd6f783d0f50579de7a30907b9d8efc4c650ec57dbf7b425ffaf9a900ec91087d470409da4d67cae7328c15a5db1fb":"df26b109244f5a808f3ea7137f2f49fa":"b21c8101ac96c41bad2925b9b6c863f54888f36e4995820ebd51f53e323e46f528d91f4318183be0282312ccde8da075fc2e82041cb41a79e9933012a4cb6e9f89717444bc734da3b7e40e903e58dd0f38bcb115684227ec533c09a93c89c2c2584bbac83a4648f82b4c9207f43b61e5ec470602076ed4731756c87d4e0e24af":"2c306fc60bff58308f2b9f08d52369e87119d7f6de2279fcdea0c46c901c8dc5b4f83578b17a00786014a17d3e380e1af4b9f32fa58b9ac763bdf86ff0c6084afe413a5dcb7617f94d76e59e370eae4829e69bcb70f10545b04ed5fd137e1159f3961b2c01089ebbe2f16a91c782d4f383fbd4d61b66138319b63d79ce9fdec3":112:"d6db5aa539a6e2e70885508d637d":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbbc406a669b94374c7970f2ac10c91c":"a9f334d1ae7d2960f39da4f1df85830d27c0f13fa0bd23d607ace4cf58b359584120e7c90d3062b1b23b1a9e85a740c9063ff80423b5846257e4426c174e8cd77a3dbcfe12970ebddaaa00a8ffb554b2a80decc81f9917f5a1369e8bf7288ed868457993f480d8aff0b92b3db2fda233e32fabec1a4514715364d4f70f98d62c":"46152f5a68c03dbe2f28e69f5b52e2fc":"1052f8b2d3e11da53ba9efe02ce985098d171dff9b98cbc2f6755fd88214ddb8660225a63a1c8bcaf43ff3930e239824ae8e122068b89d7fe73c658ce030cb51dae9836aafb68fad77b1cb5bff8d7d9c920ec449181e10ea643cc73abb9620dbdfa32e06c29cfbd8c7cb8b1103763616ae6f9b19c4a6e1eed88c3971c4778c2b":"7b16424c508da3fed14bb53462d1805f0f9d09f803d4e166fdadbac76f9fc566665554317431642f6e527123ea6c1c0ddcf45005213b0f2747321fa112d7b893cdcf4c1a59e8bd1c48b7d77881c6d79de3d850bce449969305797196d187196d0d81dc3423295f552d3c27d6d70e42c9a1a744a039181e733450c9985c94ae94":112:"b51dca8e00988af0987860a663ad":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe96eab10ff48c7942025422583d0377":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f":104:"6bac793bdc2190a195122c9854":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f2956384a65f9627dccf5126141c7bca":"89dfd185bc33adbea0c69b55d37087de3fa7fd69a9fa76aa1568ac363c5f212ae92d202b9338ef397266dd8bd1ef36cab6d1368feafec69a4e3e11e1bf1beba35d96e040d91e9d3a838966bae62a15b18d621f33efd9ec511de4bd287c722cd39b4ba43e7a6f8c8ab672d69eac6b21a8d3544ab1d64f9de31956b93b1104431e":"2f61f76bcf074a3d02f51816c0411052":"bde1508823be7984d5921db4cab1ed3017c0d73cb9bff9874f39a6f5bc449719c1c43d8fb4e76f6813b0985d4b124517f9e4e2d3c552b2f75876563c93a44c18fb6523ee732ea5b6d13417db45120653df3820a32ebdb42d544768461b1d0b55b46b09f688e47240880930fca7097ddfae35f854891e21891dbad13f661a2534":"023a9c3ab3ed0181ec8926e4bfbc0fa63e38ec8980eabd2ed75e29b681b3ec04cc8b27fad3a7ce6dc1efd680479a78f02de7ba92f45dc03de02852a2e67b35bb1dd154568df7acf59081dfc05aca02c0aa9f3f7b4fd4dbdb671b1b973a48af0c325a23467ba5cb59183540f6edf4c00376be39a3a672feb9e795d1bda96f0017":104:"613eeca3decbe09e977e0beeda":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e9bb30ea25f50b3e7711fac05f9d44a":"17a52f4faa608dc9853d4511feb3dd9d2fb92d7a3deb3f8a7a6df3fa2a909b7db30babef12d9da71aadfad16bfd2bcb5706ef2addc58eeb8d8d13f31326f7ab1d0aabfe5525014f05cd8fb80e1ecb0654e62078440157df66f618f078cdf2b322b0f8878bcd924609c33e42059aa69fe0ddca659aea42ab907b483aa55aacc63":"9668e8b1ce9623ad52468431dfbed632":"f776c6e892e373ec86ccf706704d47cd89fa45c2abdeb0f9f6f32cde88c22f001150cc66f0fd83e9b75b97bceb98913cf143cd8a68bf06e1125031e3e7f09dfefbcaef4f04d7bf28aca1992a7e4228fd4017a5b32fc48101c8f5a609eaee9489d02200e8a13efeda60b57df53ccf2fe26309a1c1e1d40db6eb8431dbfe8d43ea":"407171db1dfb7ff20d5c97407375574220534ef75ba18dc616400e5e967e72db23783a6eb9506b611d0c67a83f5c423380ceae66d5dcdffc31e31239357b91794018e9c4c36c286f7b17ee911136d9cacf564baf5f9b9831779375e63aaade8734a91bd4000e53e5e412b3f92f8b68e0b7ad3bf6f274744e2c5a635894bf918e":104:"2741ebc33a4d4c156c21385a23":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa705ee70297e9212f70585d92f42aa4":"5e4b47d986d55f49708cb3e4d27072a7e850936b27b24723856acec7b2e03caccd98c2a002a2dd1d3f4dad8827a5910b42986cb00be7bff47eb401be5f324cd2cd3ea2fa41f4ef61f9771a4c0184d85d6023f37f3f54bb9d7cd621fe36ce11a82678a0754a33049106be597c53f287692ac5a42e59f09a2a117fad6c034a91b9":"89822c9db69229d1e4880afd19965908":"fdd655584a92e29a14a368f28a73f9dc608e5c2ffd308d4aeff7326bbef5ea58f84620c9ad43c0b598c271527ae60dae6db4ffd3f590e503ae7057d8c48e9b1bd8f8a8832629bbfc1391b954a4fcee77d40096eb5dcec5e0439375ed455378d716ee8f8b04ccde3291e580068dd7dbef4ba3685b51940471f24859f8e93b659b":"0f34bb4e2a4016ba41eb23e7688edd455f2d46a5097236d9a124ae0bd47349876319976aa4c3aa41680a63cea85f433e3a1b4376f79d004710d486a3fb5afbb7db2c41aca400e04f75ba91660bb68354029defeaae1853447f8fa0d470b25371da73c9e8ee841ba95fc273f88c2e4604ff29a131a7d73e60a00340e886df5359":96:"a247e88acbd4e354d7c8a80d":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddeec78a0c23e8c5c32d3d4f9830f927":"134fd6be1a934053a539398aeaf5d3aceda3ef722a6b3568af6958a4b1207f7e9b9e835cfd46a7f3d4faed829ad23554fc7c0d1a9b32bad9477d9dd397a259cfb0bea30268aba7b8cf4a35dbf99a6b2ca968649847f717749bc5f41374e1574ad6c357f7b60b0cffcb822bd3924208d0472a973ae97550b921338792ca88fde6":"ae428ebb974ccfbbdbcf6203105724f1":"e3d5ce768c688e881e72f036341b2d91947e02b7327eb53240c85b0b93a40eb0f3346817e2c9e126209b31b57633c4384f7af46846d9bbe6fd0d6babc57b84d0f5be2a8a7b146b38914a4cea70273d5461126cfd7527ab397510176e790300a06066655907d499bded79f5bb39f6fdb03f85a415c2cc2ad1f25078f0da7df215":"865d6148c9820b67c08c17c9214de612ada6e24ed67933d13c3b3ec43637fa305673d8d52d15a195b27a6b2563682a9f98912908668e3335192b1daabf26e1e73d7d34764af006b0c14a0ffad3b6a0def59964b11eb52e829ad790069997931d09be88b8d60aef90e39dfcb0df4fd54b71597b8ac64670e703e7cb83efa3f2cb":96:"64b2458a6eaa6f12937a8643":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"829008339e983918b8d142091f84ee28":"6f30604d8c2fae216b1ed3d67485631eaada68fe89a7020d6e29f42b937e7640fc1f23c00ba48bf239740f6468289ed211ba81e809cda55fe067bdfa198bf0461daf86d4a7969de9a629513809b358630ce7eb50a783b8c98ec1bd5e56cb47032ee8fc64a939dfc4a870ea9419b16178109f1966ab964da34debcf00cc49f57e":"dc62cf12b6d0439578b457e516d8205e":"e700cd917923b16c968712b2fdbf08be1b5c3b5d9e42cc45465549898daa07c44b4cd321ba16a38aeb6720e217a58428e3a4cc125920cb3fc92f039b66716543bab71b64ebedbb1e5e3e8fbbecff3385ab0ab16b7f6554b7fbb3b4c92307c654361f984d5a6cb69b8708684d90bb1fdfabc0cb59f42c2b3707b3755a8c7abf34":"adf60c4affb2ac76cce20cf9f302b909bfda1bedc60be21b53f65d0b81bff08f7e90ecaaf12ee1f9d921926b75e244b7e8357c1cfc26013a6d1c874ed2e5cd0cce012bbfff0dff85b372d92c18dce887c1651b6467f173a67ac8cea194a6c41e77842675f60cacfbc9c81597a08959d19af632d3c191bf69505620e4290bb040":96:"6209c09dd1b7ea85d02eb9fb":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4aec55c7e4bb36c32cb543b57cfba3fc":"4cf1443a5448fd09e09e91b7cc5f8e00f53f0b75a6b17db5ab9a721167de5f7bc5de1fb711accdafb7f3f1bf6b98393e5f09e9091e26d1340122edc91f7e60f62caa218f1927c8f0032be0752520aa650f6f1ddf40412c96d49dcc2287ee17834504f1dda3f4a723e2fce064f0b8dae0789ec455922a14488623e3ac10b6e312":"6669c3022e0820634a95efa2b5578e93":"f6ae9b1aaba18acb741c9fc64cfba3841f5127b1cda5cbcd48af5987428daa5782d2676bc3e2ef23936ec29a80d6b5310282b39b77181dc680799ac9c8125fc48afd185cba2ca8900bd9a0039787b4f3a6846f3edf5f7b921dec2608fd3df67600ae0aba9378da0015bd57d66d2999bf751806d1b89214332bac50f721ca9474":"720c32b0d454f086af36a32cc7274e2f2fe08db9cf1cefecc14b42b3e5c573aefa7e9e1ee0042eee21104dc3e4d19b012099280c5a53e40a0bf662d8295dde743143a28be7305729767a37cbdf08fb3c87667939a8ffe44c96ad272e30b75aafada2963bb9636f189c37d976ed1c458295fe85ed19662c463d7c8155e9f04115":64:"4b3343b627095f60":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8629e8064b3ba2b95bc20dd075f8e931":"85896de4b6454acf8568ccf95ab68a632330ce71ca8b4e7bfe26ad8d7e2e6b63f2032e2cd365999ffd24ece0df16904d749d06e829a291f3d07fccee27d9c6f3ff3a139d9e33f0660803de8fe79dc6ad291fad47c93543522a1c38e40697426a9855255e3e0abcb84d474ead15341c6b235ccd755e58fe6e87898d216d65abac":"dc4bcefe284cfc606f39b057b7df411b":"abfd0cb6fee8588aa68606b7e487bb9c0d2bd11205611a6f30a78d9ccf28e827cef4e966fa245e4b7b39533a4bd00176ce3c97858b0c8abdff4c548c835bf1962a6115c4ce7c05b1ce5aa29b412e816abc925b8cb998eb4b69c43a7dda1b3cf0d728072d42cb5a489db521698c5daffc3013537bbf622ef76a2e96089b7d4b96":"b295ca0d7707892fb08537f42d28a844f5877177f136b4620f69b05c83f43bf2e61323e80076c88660f5385060228bdb91d866686e691cc7e96fdaff41f2ca5f5b5d93ecec7bba82515a6e0bd604c99ef93d3ea013d899464558bc822bd765eb1ca2b8b8a7d961a6a316bf135c22d2ee552e62d8bbc5b60ca31bb53cde82fb5f":64:"d26cba11f68a5e1a":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d901e59a491c86bf538f7b38247bb21":"4c370a9f316d25702195409d8e73bbfa40aa15c2b0ea55db9257a9ae4e8dccad14589718741a78e5a74c26a801857e388c9f141ef7df08bc01384b2b2338c38abce51d547056f4bbaf7484f9edc96df122e71f132b7bcb6484228c3ae2f741a2c8b9b208b6f49b07081334b93c501938808cdbd2e40cf95ae4f27a29e1121480":"39e2788c9697e82cae0e222a9e413d8f":"48d7d20e424df3c3efced29e860771647ae01312a96e68d33f982c540e74160a7fbdb623d4b19abb1871d74c6dadc56038954b154389b752bebc40cf4ee1505ec8d844e1a04dcae430befdb081cc84252e0840f5f5146ffe5b9594f856afc2edb33b3c6f9041c9631c5e3d812959c5504938635f72c6fe29a25bbf66a4ecd211":"262718671dd0e2c9a40b9d7297c7f6a26cd5fe4f301999a32059812719896d3a2f5350f6ec20d999fc80b8d7af5a421545b325de9180f14505f0c72250658a5014768fed63ab553de0fb01ab1368356043f6d1a6c9950c80e3d9d4637bbeea44c9d58a4148bb10974d507c62b67cc4e37eaebd7eb8e67077856cc5d1702f8e2d":64:"bd814b4584941681":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f54229167862034ef6c5ff4a1246697":"af2c89d3600329779abfbcf5be8bb83c357d4d2435fc8f4c413b956b898d22a8a889db9e2ff5e7229d7495576989695a0b52d796f9a23e9570b7caec6b46059749c29a293d31a6224baaf73711bc0e4a587abe9d0379adec6de04ce444676dfd8672e6660cfc79d7ee2e7625ce57dd4681bad66aa29bea2baf936122c3db17e7":"8168ef8ef278c832fc0ec846bc9f62e9":"abb9ed24137915265bddbd4b63f1d02efa2a99c8c373f19077c7e1c389feae36a7af42c661b0adc5dc8e4b5520d334e8e0e112d42c2977fa23485c0a85aef83f1e52d6749bd29cbebe14aea6ee1c1098aa96c6360b0192894bb2001c7c0fed7f00bb84953c23bfdda00818d1568fb94c1bd971982d6c01c12a35ef7af34f947f":"cd6dede25433fd3da6137001219b57aa54bdf6039a5a8d66138171b006194fe3e13d484e5cf57a1acdaa8e76f001df7bf41cbed2c5561a37a32113fa116d0918167c29dd9e7d46f7c18d9db33d7f1bc33ac21d159ddec57a2e158f0c0993c16dbf50582371100a8d7c55cd47c03473c5770ad562240f754c99d95ec593dca284":32:"4ab63349":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7b52fe74c5c3266edf731578d28a72e":"01a4b7da57c0f7d9aea51283004b23f899669dccd6dbaec9cd6e747c7adb52432c7c29d1411ec1df4e5e33311ad84218075dabe17f73c95511ce7950f08b618feff56bd452b33455a1a03caa8371dc7fb9aebedb3cb652d94e06bd00a98bb06d30b506d41cb516c759f6d7f793472e6d6dc9ae50cf3dc8b1ad3d0517c4f555a3":"a005750e9f8c68ae238668f0a8f015ba":"805cf3635f9d84c7608c242ee23a4837dd3f260de9afd6166b08164a0256200be9b52e5259a4a54186ec067ddfad90f5c4f92afd1c7e4f2d8443312ba3c4818b664439a02644e55467045071aa2cc7939a940e89cc52c8a53623bc6473bf843a4e0f00149b2ce1543a6540aa0d9c2c5b68ba2bd5791078deed1de3b5f48257c5":"d6124da0896d99fc7f2c3688fbca164f8fecd75b6260162c4dc2d2773ce75cf41a8c7a57998e0a7e49cc71e5ad6a04c7415f8d4fd11f1035d3a02ed744345d74ebc9c4f202f65bfa88d55c747fe777225e218f2149da22b53e6584823dbda42cc2dda56fc72b753f3923c443eb5c656515dd824d8c08cc78152226ed8c1808db":32:"60d86287":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a3501d9fbb86ab80f5faeaf8876b7c1":"4f0dfbd2aeab70c80814a1f261a1fe442eacff5d267fd0c0f93757919810f6610113f1b442270afcc47f2fa01ab01797683ec9267691a0dec45033c57f5cbdfcafdf154fc99e6140176eea92503b3f6fee5dfa5aad05f802e08a08f10e49a8b32a50c028f2bc7aa451be3747d10b96b3a1105c67c5167eccdc18b4a9b0612d03":"6d59be1833e75ce7f54ddc91ad6f5187":"3e556b1b33c42f1ad6cca67dabc6ff79d6cb667527335858e26cb4f6a3d8503ec415968ba97d2d79a3f80c1a10d75174eb5294cce8b89224eba7dfb258fb17cb5c5db7a914ace06e94cd2f2cafe3febc8adc4c2264afa2db2c6356e4c3e8667393a77a0afc36be678d5c0a4b63ae82d9922bbbc60559f331ece9947b67469469":"615ea4535f1e579d7aa45c011018f272c2e234c3ea9e2d102cfaa4a437c41e64bdef7a211ea4d858bdb656215e600911435ef9c8da68e8239e4782ced7e7add063f33f5bc62b85d9ae44ed1b139580118c5fc054ead08257b0a97632e8c503c6219294af423f0deb36758e05857ebb05c6835972488306ebfedd2ca4ce3b2c48":32:"74c6bf0e":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #0 +AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"195ddad2b0da195ea54a9dad0f86c161":"":"265ab1995fac4fca7c2b26c84e4a2dbc":"":"":128:"930f719034b76c232619ef2792fe6e65":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #1 +AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12be48e90c849063637b1c2ab0f2b467":"":"0020c3dff2f6f3acaaae982ce38f63c3":"":"":128:"c8891f32b8015024ca42536d633b1863":0 -AES-GCM NIST Validation (AES-128,128,0,0,128) #2 +AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e792fc91675d5efd4d80d5a06378d24":"":"15ad63b969f8e313eac3c717ff9a994d":"":"":128:"de9a04b030954b0141dd78ffc67323d6":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #0 +AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a668cfd45b6ef8b766a4bb187d0824d1":"":"a111e94a6426ad9b4362132052eadf4a":"":"":120:"3a3331e6a41cada2cca8e856135549":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #1 +AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f36e07f2689832b914e0b817010c528c":"":"654104f9d16348231e6ba6fd30c1f02c":"":"":120:"be897583bae073f42138d64e622c35":0 -AES-GCM NIST Validation (AES-128,128,0,0,120) #2 +AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25d839a709d98ef9c0c9e78ece961eba":"":"b64537609040790ff648d51406710b9a":"":"":120:"4d5854c69cc973be8de41d5584407c":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #0 +AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"957dd619f9f19445c374ceda9e9ac082":"":"34887be03b4d4ca8ea2261b600ab0b0e":"":"":112:"60e2d50adff707d8b279bdedb277":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #1 +AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a5c9a2dcaf576e67828e806082d8e780":"":"f93732aac9448c4a427e634089d7edcc":"":"":112:"f67ed1c98bd2c5f3a738e75f15ac":0 -AES-GCM NIST Validation (AES-128,128,0,0,112) #2 +AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0a30a816e8d4d85d40c8e4d7c93b777e":"":"bf1f332aa19682d05cf95f2b03d26af9":"":"":112:"acfb2f7884bc496f3089e50dbf42":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #0 +AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b45a16bba5fba362704149dc56ba8a13":"":"64cca850412091bf4e120ccd612df353":"":"":104:"7b1adc23af9be185e5ae0b0f0e":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #1 +AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cbcbc1c72aa90e3ea7e2fe328d79723":"":"2fc5fd964b45082546636ae1e208a937":"":"":104:"fe091a768c731e54e2237bfdc4":0 -AES-GCM NIST Validation (AES-128,128,0,0,104) #2 +AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94297a1ad3f0c333cd9b087b1efd43c0":"":"52ec9dc82131d7b1c69c01fed6aada10":"":"":104:"5c927dda855b76ab8fc077203b":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #0 +AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e8cf32008bdf867f0ff76e7d7ec21bd":"":"3854b7412de72fefcc4b0c2155f6910e":"":"":96:"cc8e7eccc056b06cffc307e0":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #1 +AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce1a9bd93fdde2adfd8c2c16a395b95":"":"64072313ed36eef8209f079fa622d7f0":"":"":96:"cd9e8ffc1423270015bf8e8b":0 -AES-GCM NIST Validation (AES-128,128,0,0,96) #2 +AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b15354ad3d874fe472719ebccd45f123":"":"1b2013153290edef60a6a438bd7517de":"":"":96:"f65a841ed510becf52b1eae7":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #0 +AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14ef129784776647eb3fb8897915ab9e":"":"f7bbe9f699156549935f2b92c1dda163":"":"":64:"dd10fa64fd51231d":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #1 +AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d4470053c46a577bba7000075e9bf2c":"":"854b768fdd7492c21618ca716bc8790d":"":"":64:"1f3c73722006023a":0 -AES-GCM NIST Validation (AES-128,128,0,0,64) #2 +AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ea87d675a0d406c57f78a2531bfc0c9a":"":"0907503fcb06ee384526f7206180a080":"":"":64:"65d5466392b63bf6":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #0 +AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3e8e27568e6e17ff807cc207e5d4eea":"":"18e51cdfb4a3a5ebc7b0d7b17727aa95":"":"":32:"a7e3f637":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #1 +AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"596a602164b1a0bb50ef91bce3a98796":"":"2025e72bd6a511980a8ddce34565d16a":"":"":32:"f84f92de":0 -AES-GCM NIST Validation (AES-128,128,0,0,32) #2 +AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"32ea8970a8cb70d6ffb3972a146c6984":"":"":32:"eef4b97a":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"869ce65e5e5e12c620076365f149784f":"":"317bf07e83c2e9717880b7d080957fe1":"ee185d738260de67f1792a7d548ea73267fbbb6543bc081fac43e00e6cca92d7d646f27054894664ffdcbe635e34cfa800912b59fdaa624b36c44c9ff4f193d3be2f97a7820a6d4ceabe967091ef672098baf82dd3b671cac4fd4f4b14e4ee388fbdaafb4dab2385df4fca23a78d31f11bca15eedd7cac778484258778106a07":"":128:"add6c89153c4c0eead03df44487742a0":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0a05baee927bf23dd2f4b57b90fb6434":"":"8147e99dc9e462efea9c1d7f30bdf45c":"6424ca7fbf24c6c3b0b5eb9d769b26a9792c96a8585dc596208ae6cfc0b265bd8d26af31027f278bb92a9e3b365beae8d964ec7a4096513f84fa73f8739fa7e11d54d678bed19546d2b71b3d0166b25b47ad7cfa69d74057d889258a796a65f2bf8d3bb151f4e721d398e74594a186e6182c16fe4c8813dfec67215b3c4a94c0":"":128:"05fac5520a99ad7fb407c48995a2c331":0 -AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"":128:"2ce6d74cda466354a736636bf18acfc0":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b2bec16c7d326a35a8e4c0b8c2e3674":"":"4573eb54491ed91bfa2185b762115bc8":"7a4a6b3114dabc50b201472c5cb13a79430f78eedb2ba8492c01ce10a74d08565b9bf9874bb8fb72f694a23babdd08684cb68d7e09e65813728aaa5c41f9c2b10d921f8271e200e0c519c7c46f572bc9fe3f27e13d1e6d7bda4bd66c1c4b0fec8c68a1b0ed7b0659009dc894ad55e0712ddd0837315734f2bc3b757241af35ba":"":120:"5f5d4695795b8580b0bc414a81b002":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886fb12554b075dd9663efd076acbe56":"":"7e7a73542868fc27a01865c3aa635ad5":"cb25c2f029c7a877a0aa565c7f7347b317ad534821edeeea838996dfc42b13787e5bb237525ac926ca8a6c5078210f4a27863e8114c728d09653fa93ae990e99f0c856bc8097c2cd33cdca1a407897e2f495d2e75356aabd891702f25ff20e6b6c8a785d74b78a734e311fd236f9e970202674004ee4151879d59340b20aa23b":"":120:"8255116ee1e3cf936633017c4dec3a":0 -AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"920fdf4b39c63947d57a07eabbf3f2f5":"":"77431ebaad53e42ca7eead0d45e5bd18":"11f82f9ef7c2161ba73cf7da82c5397da5e8278da180a976f43222402e983b057171f793641a8343d6366d6cc9260dfe8becb8396b5bcfa0f46908bd809bdab61126cbb8d63f601965fb9e4b3afd66c594dfd394d4cf06f79f361771a85dcead6f45dc7df10fa434736eb109a76fe6cda32c5773d4db6449494f2a3f6c884bfe":"":120:"1291cbea1a9f8b166c7306ff9eb281":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"114060534f526895f30dfb4007356ea7":"":"5ed7fb59618ec3d081e60d8259a3f184":"a56566a98d9d4fdcebc932adc405e0b8190d537f931983168283d0431e7589333d42f2a3d6e41f268e7b566cf48694cdcfe01fbb9198804ad39e7d387039575c5de787610a23ec265505a448c3a64ddac1b0d8c567eefe5c3c2dc1bb15af45b4bd8fc2e1506ddeb2e39e04f72fd24a64cbbbc929800e0687b53eb89b3049f271":"":112:"62f770b3985388ac37e14e8d4696":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"697ca4e9de580b525d7149e8b69e8093":"":"e844153734eaebd86983aa3bf50068df":"cedcd5ffeb7988837c38a0be4234ab1b03f14367a1a3854b6dc9f33eb9a87c411326e5cb7d12dc730cb6f363da2ba68affdfb651fe497942e0dd59668f56c23dae80b7bbf905d36b501ff037fcdffa472efa4bcc1c975b67e5d7f348db73e0ce648b44ecc5b5bbbdf3101bf32ea99e3c8e8991c94fa609c93d4b375a4389023b":"":112:"95becb04cd39c868c9dbd1d4e59b":0 -AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2fa92cc97ef469efeb2c25838193435a":"":"07e6492f2377c04a85045d24940fbe8f":"0f021fb787c6de2be054bdb2741aef82ce35d951de2986c86c3dac77ee0804dfbd010d33a5dcc109769d4b8ff1471eb98fe917c7b0b374e80539f2f4432f92aa55d8398a71510c2acf85c54975fb09ff5638b936283efa3c1d3b054865f97685d6bfa0dfcffde3a20525b5324573b69dde230ea87c685e4f6b5c3c4c55828a86":"":112:"397b2b0dad7f1926bfc25a3ba0ca":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a61f8a5777ec3da0c3e257d421286696":"":"14894cc4ff71e249f0053bbc1680331f":"9df46dde257054160854248e70625183bf957ecec36fa4f5a79a1650e04b500f7f2fab4bb873f0e813f0d6b17610bde0de95427a8e2d1293dcdde053f5b1a5a81af25d553289e89e77e4ad7d0a1190151724730149050bd021ec61a08ce2271390161c752df8b5f61c33ee39366de4c1db41d085ab9dd88e170e8c41c571e2cf":"":104:"e062ab7984221ed226be353731":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa2d04f4f5258c6363b1210c91aff7d1":"":"6b24c03273dcfd508cead2df0c65ef2d":"81a1b326f8f22bfecdf1f386bf8fe678a427e3886801b823a37860b9a832356724b1d352d6250cf8e8f89d0bf2314fd11464c3b4871478f0bc290ee1096c8f6cb5484176d70762289b44309d6a88e4750185abf30901bcf8d952da9abaaf9807c0c0ee8be2b247dbbfd182b83f9bfa67ca3bf448c3f5a3de3c31b058c3f944a9":"":104:"80dee09fed5183d6405beeb268":0 -AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf221e6cade9f6cf509afa6979cc1fb9":"":"d35433be41a259dfaf58aac1d82af462":"b31c477490e5624c4aac8e590725bfa8b3efca618e2369e9b980d6a463a014d55aa8317a9e70ce6de7c574cd15242cf4eb3eb078cd2f49fd82d1a56c6c4241342e62a2e9d94f0aaa024055cb441d650f0a6ecabfe9ef563d6bd87d4cb1bed348aee42487c13b73e52fb70f0ca6ed81924fd519806e04babfd08df1a00191caa1":"":104:"f1776b1ee7a3c49f99f34f582d":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c98eb634c7caf52d3f3d9f344e141988":"":"a0e58176826910a69c2d68ae1c6a05c0":"6e559278bc469cc670c4d9105c3c2f8fa308e11b4a60f75664a9bfaff4f0176175ddd3c6c17ff91a208dbbc7c49efff099fa873f60849ffaa3a3003419cadaa06b92a678b80bf6c952bbbe596dd0a2eed35507c55c48a9e6131bcbda0621cff87e02be5d082944f2c8e27211527717272839601b0e26cb5aa2301afd05ae1b35":"":96:"3d8617b2db536ba7d367013c":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5018f4a8e2a850979b006d0498dd0fe":"":"75e4bebdd170159cff59f895ebdeb118":"25ed2831fef205690381c73e925ef7ba20d5f2e3a4b5d7beabd749fafa08a6941acb1385aed977ea824322d378649f646a812e6c87ded6ae437c68ffdd4fae937a8498ae825d7523746730af84d56380be8f575c60e7f836a862343916e98cc2aa5a27cd63cd92df63b8bb47c81fa6a53740a125bb9cbb247c916363e60f5f65":"":96:"0aa5aced93e0237bea9a0015":0 -AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cefd40aeac28fbea6e3343a125fe1c9a":"":"324b9722166edc3831bd19c1db5bfbf2":"72b7a4289bf7f5a752665839adde8f79644424839db059ce40de326414c09691d5c7071e43722104a94e430e263bc974b98f167c50b97490bcd4286b502f607ddcec5387695463154bd9598ce8ffb6104d1f7010bc196ea2dcbfbf452d6257b1da00271fe1e6fb56c43656d5570b965e0369502443536cc46d4c05b1e863ed8f":"":96:"0c6b28de22e02fe6a4595d5f":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"58cb7cb58518ff3fecea4b44ad9fdef1":"":"fe619efb1c9502c03cb8a70792f9e046":"1a7c444a84267f52c36f3c09f8c4a88b6ffe3309b8edaad93a08d3961af28b7c2baba5165f0a9efe13fa6a0ac595da156741dc7f728c11edbd8ab02f03e45716be504778a75374ee882af488bfbc6cdd58fd81d3ac5f369f85ba42c6fd7f9df4b25fdd2fd32607ea800047e06058388c4f71a5eb4d825e8578106041c84c25a1":"":64:"8243f32002d33cdd":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"15cc4cb979a343f4adfb821d6f6e9c66":"":"68464e7eb64360c7c0a8540ac3473513":"d69f4a9595a48a50ec33ac1848df3d994eff838b28ea7c8b2c42876dadd60a3f9769bd4f61d8007c9dd4fde55edcec8f5ac3bf23b1a958fa714dd88cd5261edb69b7b086ef0f442179943f0871a6253aae99d31fdca448bc3efef353b5cc55cfc576e4a7fb73a5ab6b5af58dbd381bf7f9d69a5c2bfc902901fd485967b23bd9":"":64:"c0f4302d8276c3d3":0 -AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6398de910ff8f3acdc2217811a1da2a1":"":"fc69b21ec18195901ffa62260fa20454":"021f225240cc9a68c4886824d373f3a70fa32b3a926c78164642450287d269d39dbd49c8c71ce7b914f83e8b53bc61c6773f98318557b45f0cc2ef2539939df7a1e6765117f75631dc5640291d20e6402d22cd2e231f9c2c67cb24ab5d8a69933c49b89c9fb2ea57136a6bf1bffe8e04d8d6c813040215f051c654d93224edfc":"":64:"314d1a332d3c590b":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"382d86868ccd08d417d94f3b73729e09":"":"069069c377958235171437b34e0fce76":"049af372e34ef7a92d0d49cf2dd03052dabacf2982eae6a817e6146ad799971be239ef5810ec3f6cc6990e9641a7b696392ad3faee38bb50746c1e93913c02dbbcbc6bf54f0d062f176779b7c0dd5d7ec7752601c9812fa80508a78bbd26922bed4f64b1ff2a8340ce1c01e317e3526cd8218ac24af87b07f8792849f6479b8e":"":32:"ffa59fa2":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21052b2fc7bc7a662aa9dc4b6a04f25d":"":"d7e5432def6a24d486a608e5c5c919a8":"1970ed40003bccabf7f3c57bbe5ba27e4254c1511413ed421cef3a6ffb9f0192987de83ae965478c3e9979637f8b3fa5d10d69b916f03fdc92ace7736f171660156d880114aefdcc164adb6f8c03940d9b43ce8881441b41cafee3351a56fcb632aa4b09ea81adea26fb0d8c6e1ae380df922a429ae1f5b82b38d9bda4323c51":"":32:"ff342f4b":0 -AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6c53aa91a115db64653016375bd747e":"":"8163a4fd9c2c7010bc85c86177b194ab":"93cddd318b999262c7cde2838cb5c4d78f3eb1e78d305e5f808fa5613526d724e84a0188ff42a2c34bdf3b5fff70e82b3c30346e179fb3faf378bc4e207e335a44da53a5ae33770104b95397fb5acb746e6418d0dfc7368b035af53b470fc66bd0c210b68ce1b276820b621e919f044e5cff5ced7e07dbb8825bca6b4ddd8ee2":"":32:"50b8acce":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2251815f5bdfe1111c7f9ca246662f93":"2247e781763edb1349db2cda53e5853b726c697b34497761373c3b6a1c44939207e570e14ea94bd5f9bf9b79de9cafedeabc9241e9147453648071f2240e10488c6e3d7077750a6f7ede235d44c5a96392778ec51f8aeb1a17fabe9b6c95fbc479fff954a676813ad3d2f71c76b9d096a0527f2e1b151aa8972147582c0fd2bf":"58973280c2a7122ddfcb25eb33e7270c":"":"b202eb243338849600e2feba7f25a05fe98323bd7cb721ac49d5a8136422564391462439fd92caad95fc8cdcaa9a797e1df3ef6ba7af6c761ceaf8922436dd5c8b1b257f801c40914c1331deb274c58eed102fd5fa63161c697e63dc9dfe60bd83cea885d241983a7e5f0d6a8fd02762084d52bf88ec35f156934e53dffc0395":128:"c3701ce3284d08145ad8c6d48e4ced8c":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3199b70e7115c74e3aa3745c18fce8d1":"4fa0b090652d5a8dcd9b5f2ceaaa2dc87a40b30e2d59bdff09e1f204d1b90371de70935c385cf5b4d7e0c4e88661f418705370b901b97bf199b366e669bc727882d4aedf8171a8c39431f11af830358cd0d9e110da1a0cc6ef70efb255efdac1dc61e722a2d8b7fb4cd752c6350d558ae1ccd1c89f8ba44ab697df96681ee301":"808a019f7fb761e9701c0c4f1a1690e4":"":"8d5ed4146fb491db9456e92f753aa4f688a9bc276e6aebb782a0cdf7fe578d74ca3946fa7b7893eff6345e64251cb1b146442acb64041324e2847481fd4388b17f83206948e67c1e66b894d5d40ecac0bbe4db0c6f58b65a1f19f29429a9e76f78ef5dba0c94d88dfc06e6222a506f004d24cdb3fe26d6eb6e08e4fdf6289651":128:"908806d668451d849ba0268523eb0e4a":0 -AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"63805cef84ca7fcf281b226c3ae37230":"543fd64d1454ef6c007ee96b3ff5d2e4b7f5d15c23e7548dfd1dfad4da7774b8795e817fab3be7fbf8e4d0d351a743ea793d9d01385a552f78ede054be079aebd1511013de2096456e9fc1b83457fa1240cd39c17440d4b55c4e390119a759055ac851a02ea481eb83e294922d35f687a56d801eed638d289350e141116ffba8":"1aa9e75d7854509a85d995ee482b8eca":"":"98db9e8e3ff23f09e585e5326f525e4f8350a1f233a0aebd60d5951583eaf5220f1690ee3607ba98cf8cc99a90efb7197835957f2bda918a32e528f55d548e3c83d65910b956634224cd5415ff0332c165d1241f7a93976649ebed2cc7e62addb76231bb738ee8a291b62365965392aeb72acc5f0fbd2f88f5613fcf44a1b074":128:"9b1baa0b318e1f6e953a9f90b21cd914":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ec9245e8f567e1cc8795bbf72f2999b":"f266d0060d290339def5f6d8dbf7d120a4c645aa90470e168b4f35342a00b8c7b7230003657d377d8568d252765df142e97a9dbfb9711d9ccf396f3d51bd91673f129d58efd80ab83a0678303e29a0dbeb1fa9fdb7fbde586a17ace65e894374ec8da1ccd3e21851ab998534de46cb43b38e241edc04b5c571dfc0aa0074d4fa":"413628d9ff3e4067d840b0abc2cda0eb":"":"145d83092a269c8afea604e9192b8bb550b9bea85f842fcc4997c2b00c6f3ca46100e814e82389f27a69a12d29340c5827e607657a00fc72c4de30079e23760769e800ee4ce46957f82d61935d07d1c70dca836c19969dfd0fe0ea740a52e2d09b1c9aa137b5e8527756fb2c2298f8400949ba24a8351c1093626723a68a79f5":120:"ad174d1edc713c187a5859a390fff8":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b08df4acd253f9dd4abc52c4be488015":"82f665910d853fd2b775bf66a1707935443574c90483fc33ba02d6479fafd99c5f816bc58a1393a44fb32711fbeb0d6936efeb3580f147c3019e9f2e2ef48b202bdd369c277791bce524f3b22ceb74c664143c4b1da819b229a5b480aa954be110ca006615d9cff5a158342a47cb6d04fbb817ae4ddff6d4f86b74205799c9c0":"e1c27d35520ea527f9a2cd9b0f717841":"":"f5b0fcd812061be999901595b3547e70f7144cc9e0b0098262be4c440e8637af782f536f571534a658ad1fb44360d9c454d1000d6957f261401e09c0f19f5146ee5433e378423f9c94a90af2185d38cbe2940a459d8409d987d04a1f3e686c2b91d4fae1f3e3bdc5a30569838201b7d30c7320d7cbd787bfd6cd40e7e2d071a1":120:"fa31e58fa32d1208dd8a67fed44033":0 -AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c08d6efb167beb035f71554f64c12cd":"704f59d5202108b949170532ac1e78edb0e06fa323c1c69202d7d22dea4d7342199cebe949e980a21ff0fac282b868cc31ff4f6674c393c0f2cae2374664314afaf7791974b6bd6af26ade7fc266a6cd2de4f3c1f479f895ff597998cc8b929c1f05db13d9b9a4d98c9bc606eee32915bbdaeec6576e1fa6e8b22e0bb1098074":"608d56f6dea2fdf175eae189d42a85fb":"":"2c7d2618808adcf8edf5a54119471b930e07488d5fac3dcb53f4ade43674d162881bee1f27dea6d158b254d4b432e17f211515bf595a9874d89f8cf748ddaf2324078029c6463312ad32eb0aa5ebefc31c7fbfd04b37ba6b766375952c211d160b943e9d3c5e144b581157bff9071d31cfc082b55c4a0fced386ef2fc75e1a7b":120:"7a1ae03e2838294e286dca4fbbd9f1":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"192dbfdf86e48bf18710e706dc90e356":"1d7c45c8ef6f9f073c7f186e4c876c2b8fbf22feeecdc111a19071f276e838ab0572c9a68e9ad464fa88ba8d8a162e9f5ee1c4983395a890990357673467988c057eb8a0342c41867baab41456edc3932531d1c4aa0b42ce2b388d2be579dfe332f40a9b864c5e33e2b3cfd73b68d65c4db9ec46d3ba1587a56cb7887dcb3c5e":"1a511f85e0e138f4241882c20689f881":"":"3e50e821fbf83433155de7b4eb3c9a2c148b08d9d3998a3486f517fb5d0a1338faabbf95e85fa9186385bcb9e26aaa5e473d3cc7af869872e4fb36ad16c5468d994e9c71a09dd2868977f3f9064664f6ffcbac1bd313a7803c304273d69ad20369bad36adeb38480563bc6db9aa0d11a0e03d09731171c1229a756037b2c285c":112:"9393edf0934796eb97a8c513bbfc":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"daf9455bad8bee905c6cd464677b803f":"af04226cc6eb84f8167a68c2cfde33a1521dcbe781e7b97a3fae732bcd8c0616a588200328902faa5a65a27e769a720d7ea23333cc1c66c4d4e4c53facca5d6af06aea7fb49b12b04cd6ae38fe28d71cd66f769d640beeb07f508a0e3f856902cbfde6919077de378cf0486cf177f897cd0a56b69db3a31b448ebbf8fdf63736":"6cfe8490e892f5ddba8bbd1cd522ba0b":"":"e5622ca7360272a33e30f7fbeaa00956e8af0d871c433c070c8854d818eab9717293e845106770ec07da372c75266239a225ad74465e255520218c6736e51070477d70976aa7d449c32a5c85bbd6931c76e9e4355f9697bad2ea3bcc0be005da15c62db219b074b71fe4a5512157143df2c1f70bb17c6d3740d8d20eef88535f":112:"25fe6c9b2303b40ed31d1beea39a":0 -AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82d166dddcbf4f7f66aa5ac6b12516bc":"7883f4f96c0ef7f6d9fd7c2eaad25995943078559eb24a3e6650126ddaa32301b04f737dc27b648d6115ce08feac862cb888073b22aa648c752934bb7f9c566209a97499236f782758d6f6f9a012a2fb6885ca91858f9779cc93950baa731f1874629351e6186935475a20593f66cddefff89be0fc0f9b57695b147d9acd8157":"540c2a07689bf314bc8ede71df3f4358":"":"44806e76a40bbbc2de860cd36e93d64c9f4c11994f754db6a279d6eaecfdf19966512de5223d8332a407381114d50fadb03e33e347a5f4d87c3fbf35f2d5967ba295003a2c6c12fba8394aa5b7a31365791c630734a6b2ef84eed0738cb4bc229e93c4e8529aaeadecff7ab93887b9fad5f05a88a5ba9fb449053ce4c6375d1f":112:"756d65c1b8a04485c3944e2a3cbc":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"81c1fca371968513a68ac09a7459042d":"182cb89c94171b685016bad76c445cc4561aff8e3170dd251f62efbd44910ddf8eba8a67dd1a237f2f7336f436edcfbdf9928e94c3488189110d672488c6c4e0dc4a1fb6e67dee9a1bfc3f49d2f934f305f139e98f0ba9c1ab56b5ce9ddce4ab54b6970bf6499e5e825abbb23f9e320ee05aaf0d712c09b0134839c5609e178a":"7c962a92b8daa294b4962cc3020dcd0b":"":"f91e36c79db6789a3acec9e82ec777efc1958e7e5634d30a60239eb7cae1b48f40557965e8a6f6993db3f4ae443ba167753c89f52f610ab69159ff60233310c1bb2baccb936433270f8839758bc85c53604e771e3ab0df6d6bb02e860d0eb27f425c7d30fb7566aff982d289228da5ce5a45842e10ffbe9016c9e926d7f69863":104:"0114c2de8f733fc18f203150a0":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"09ce73e733e880c6d7be92be3144db40":"a283e20adb6efedc5530f4efd71840d5fe61c902a7511cdaa939f5030880f3675959ee96e39abe082a66eba2a5a93214b22c249d7167b7a0fda360d02df855d508c7ebae7016137e54290904909b2d41a59942abec76612b17ea76ffd1ee715aa2b05b1314c0ab28631f3934d0e9efe2aef0c711e75a5c62701b3358a414958d":"f72a2fc910fdeeefe8743f57290e80af":"":"fe9a7f59abc3720706c33fa40e106663d26c0f8da0d25deb90ada8130b6f95aaec07f4a7db342b678d102b2c81464e4ca9458732783cdc3a9d504232f44e2878b0aaeec0f88efa5d7e5fb146911dcdb4569de7f114e1854ad7a95894561bd0fc4d9a5b58b5164872833283ed88fdb4900b2a596db4e8379eed4e3a5c08d5fadf":104:"9de97bfec1325936bd171c996a":0 -AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e61d415db78d9f2695344350e0a8291e":"730c3fa9e07eea73a734b17fcbc5a969dc2c04f448f44c7f6276e32ae3504e9b15fb664908f530e83a74e25a4525f74d315ab85d7b85005401370dc50fdb86e97baf3e7acb403e476193527a1a5d642ffad6cf2555d16d28cf4c4127189056389368b76aea806906b0a38b808cb02378eea48edc005cf2c21e6547502e31d2cb":"e09dee93466a3f35605b647d16b48452":"":"ae87e754c1af1175b474b0718e3560240f55194d946d101e7c0bc7af18d90a50fa41d68516e45dc2a4dba48d457ebff18a657a873e15620ed7cf6ed3a26195b9d354ea279b24ec7802e4e95d3f3765188a64d7b8d4b7c215e7d67385efc6288724a33a1a7994f21e0dc2970076af7cf31e9ad1098537543052a2b0f62e4e8a87":104:"5de3c5716735d7d1b859debb6e":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19bf00b228ddb6e8f1fa4ba85f866475":"10742aeda590024bac2696af8402580d2ec6ba3f51cc6f79b6cfbb3057634ced6033fa43dbaec9af8ce7e9706ca699ede88d89caed89ea023d14761bec49da724538b4f9672163a5bb5dbf92f5278fc0014eafce402cb408a1eaad6bc17ec0e835d6b80f4701f946661757b9b2d54d1b137841519dd38d72835893ea6d52a27f":"760c5b929ac3d33bee4dae0088a894f9":"":"b03d27bc7f4c9d48d555a38091347f371d0522ad4c347b4a23194c234c7877cd3621ce5a7c2fc26b38c7e6f1c2bf228ccec491f5bc352556c08e4e19ddc4e4b2c036f45a42aa425a5ff9a2e9c9e5580b538ee56fa804a86d9b1b59b6fb0d00216a96936755462979dc14990935919026fb51cdfef05b8dad03320a8112b7ada5":96:"2f1cc79408c85a9867214061":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"65bd9e7d9009dd6110dca657ccfe603e":"c1b539324a001901c2461b9747f605a2f4043b9b0f54d1357049fd1819de06df6e29880d62ef7d91f9cdd1108f3cce323f6c32cec16f7bd434e539fd00ada476ef41efe7c6907ad1cb726717ab56d6e2d32042ee2df3f90d15e1515f0a15a5f06703e06e14229d18328116148b3cc39683918e42927f62aec49ee9bcc19be38d":"3fddf7e943326e431be540c49bb917c6":"":"2813d6eef070cbdee9d5d71caa8a88c631f0b71c41813c6219a765e4fb3e6eff9afe8f8f4394fbd5646fe80bab78806eddf7549d6ca3d0d16d47ef63db93cb5620e3814efd86be151b338ee6e2c681bd37be4039b2ea4a190feccd7d65cbd56ebda81f4b66ce12cc3e2cece731c37d4237a9dd0a2c1a7697bae42176a673d62a":96:"96200bd3e64d5eea746693ba":0 -AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9b8ac9215289aa003cecd53a90e0407":"8a6fbd067144b6d50ea73a2a7abba3ee9677bbf00312c70d808fd124541ab936229d59842c8846569a063fecb8bd1945882abd987a936991d5cdbec087937f91c4f5513feffa1984a6b8d04a7b69eb4e93e90b6825778cd2ce9a0ce54d4a468c93884619f851d2294be0bbbeef5fc0c05d2384126289283d5ddaaccd89711d73":"27d367f3f0c60acf921f8d8b228a0b2f":"":"42d98ecfb4f707ec233c7f990b0cad8f39546b861b11d8cb9d939b29ff5ab315229d946ff55927dbde82c03aa73fd7857b2ad38fa55a827dda54d2726bcee66347ce42c9cfd13ba1507d209ff2388c0ea2474e17e31d8056593b722d3c2a302a716a288592b0a36547c7fd47f7595fee9d30f5bc09a9555d7f3169e26a924db1":96:"d66974c95917ae1bf79b6685":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccbcc39512425bc32350587f0fc3e8fd":"57d6ccda317b7ea150b18d9558b39fd78d9cb52509aa5c095c5b46da89b79918c85d469ffac7226caddd670ac8f5add47fc382df1f32b4de9cc1b2ca7c2acfbdcaa08429b97e77eedea55c8ddc7814fe4c3cc1e21f95d94301ab77b4df7572d0b8778cb2befc0f4c4a5e93429ad52d6c2a75481f38d92edb1dac563154bf90b2":"0862ebfeb40ff24bfc65d3cc600f2897":"":"e6a77e90750cf0e4c276c50c3880b3f6fa357179cbd84e22f5b43cd10abcbe04b43f191ed3fabf83eaca886f4a7f48490fb1fd92ebdacb68c5158e9f81243f7cadc7a8ba39721df68dbf2406fcb5dab823202ceea7112e5d25952de1b922beda271e7677421fde25f8cde450c40667387e5abf8da42dfe891c52bdd9f5060dba":64:"927d13cb90ee5f44":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"396b53a694b28b717c104111c4752074":"bbc3b818f4ff10b6822ea41f63ca53c27578a8126f5163a5014c60e1bc8c1a9bba67a3808c8aeee09ba9e584a3584e9b86895a3f0db2e64e71bb18b843b12f4ebbfaa1dff3734196f70c5a6d970277ab5337e8b940ae7c957646f8e96c6b5d84e9e97b620a926e655850d09bc2d94678704aa45d1788e7c23ecf37e2904a0786":"0981a151c6f6867d3830c1f9ef99c433":"":"72a5587076a1050b2b514f047ccdf7176c118db9236c0f72091513da39d7416734ac50e0a35b2905420214be8426a36e86863c9957693292bfc5bfc2e93d234a09e80f517edb7cf8e5d21d5ae6c2362b779a9b62b4c66202894d369d219ef0e4b52a342b71f248c18ffc345dc7eb0b47b3bc83ffdef921eb42b6d51abd889ef4":64:"af99f8797495dd16":0 -AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"af090618cb454324a82a75a91944dd6f":"3ebca6ff138c527b851b27b9e3917bb9a07282197868351dd599b74b332610bd634422911393171305caa4fe3f6e89ab6c033ca759e118c2d8684b903966999125c748e04312ecd2c1ac3135c3be2df9c8c67be4d8303ac7aa6c21ca7b7c20b1108f5622d8e6079f41e4be4abda99f782ad35a085b7db83482dc71b8e5d8e71c":"3380a6f20875b7d561c4a137519cccd3":"":"6be8eebe7af78c062812513785e9803f302c771e8215e4c606fc5eddc3efd8b12c96e029b4287da55d8626583e58ce0e50c4ac5a39a1b0f309d5803386738397376c0ae155087f36fd86fdda4b5c8dd079011fa9a134ca8a76de570ef165b20d7d803544cd2f3a0ffede9b35ca1c982978bf95ac100af755553fdac38d988fe9":64:"3e869dcac087aa6c":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"041cae51d9e631ef70115be58f8818ef":"f6748f4a261d876e37fe44a419cfe965888aa5ee195ae12237322f6e7ac4bfaaf16e8e29be507e2978339a1855ab918485011fd52f834bf0876ba8d89dfc01927e0930d03c0ac7dc7ba1554a879a2051011bcb34a5e4c7cea4d4fb5ed53b41ec8d17bd52b2e1b9dd417a84ac5913ce3f9fb04daf4d14be65f49d0767b9431b47":"c32f227659e0566faa09eb72d99f89c2":"":"f30fe6c8765c8c0af579c95bc2d182ccc346e587a57aa226eafb692675377a85e9ee08339a047b9cb674dabf5a25301d2c8c264bc06573e36e55ceaee39239e367b8f1a3d781a2020e548001f9f98850994c3aa79b13dfc93c1d7291befd91e044b2f5d2583d1a9f868fab4afecd46fec7d315b0cbf8a7331ef8f588d75f97e2":32:"5629e1a4":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0577d9a7dbf7b4ada5b9758eec4c847":"5b559738634825921b5cb620b5b9f637f8b7ce33998cce1ed1a23ff01f84e58255d852a02e59e4394752405ecc15248f7616a33e64936f726de6fc6d10c3fce9ac0b3fcffbd755f16bff8462b3be24f7cf342c8d0bf1ca79b1cb4ea88d690644998a8ac3cafc8c18c8cb737e38a681026d46966b89c7d6c7a4ce7a1e1faecdd5":"b432473ae67205bc7a99f5ab2a2721e6":"":"ddfe664e28c5face3761deda1ab2dac6e36cfed538e3faf9d79c54e3c85b4baea9eedcef7f8f28c2feedec72ab2cc6aaae101b99512ef18e759b7828364e4daf9a572f8c6ad88eb82f7304989345aa4985e498dfebc58cbc45aa31c18c0dda5b1991fd998901c65807c8cff6058b1d5dfd583297da8451cef13f246547ad11df":32:"ce55ac00":0 -AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca1d6ae9b5ddd6e3d68656c508df318":"d160740aed955e30c1f946088b5bc5bbaf5c84f282c32f65d099509993628ba5a51b411c6ebf57d58e9176b490ab90fa8db8a3cdc67a5f8322d06d719d91f00ca07aa2a3977dd0838487f2e9d4dd285067a1f72bb8a6c9dfca107acf1f404995bb68ed9d7e12423efe570f144e0533fa34b8d0b7156112b85c94a8fa33d7a6d9":"68a494c9002dadf4f0303dd0ebd600c0":"":"276e362cb73b405b10a98731333f6accf0d19cb96c21419d6d56b30dcf73f7208906b0e3eb103b721cdbb7eb1d4ff29ec3b7e9d433205bd9ec48c59d0075a1507ddf09275426c0ce9a58b973e06d6fceee7054ba92b1df771011ac73e39e451d9ac3375c595631090a2296d423e3ef806ac20770abf78ad04114f65661804fae":32:"8ff9a26e":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a3e577743b4581519b84b7538fb32e7":"172a0a14820448e5ffd017c18ee02219906f721c915c4f0ff13b7b7889812c0edb89f28be0c22deff76bc975d1ef8ef3fc40b10cce0d78933aa22e6adf2d4b7ee4ed6ef487eaddb666afd8671427f7525eb99af54a55d98159fc5d651266c65ccd915cbba60fb6e2c408ef177d682253c0b5410d77d08be1d8f175ca360becd0":"1e155ada52e250cee145d69b4a307bc0":"b9be2145b842d2f5c3d15ac032010400bffe31856441cb484d5c93e6710194b13e14077e132cfe03985d4b936bda9383c22c392968c748f7265213a8eac584aaa11eea35589e3536e39b3e4418248927fa9fcc027c5516e402445068ef793d349eb778b77fb0b37f51bfcc3c21df9999ca9985cc5bec6502445b068c2d061f41":"b5bd224140d6b826062e55754299a43a87cbe861360334897e82b7a6023ab0041736479c9aaca7c73f27e239a63e7433e048a8d2c2d26f0b18476aca7ac20837affacdffb57c618ce5982ba61fe1792c8a3a856970c095b0c4695dce961a354135075e0a786192d5875d16793a3ad0e3572a81efa24099f5ed9c92df55c15dd1":128:"74df58fd4a2a68657ce35a3ef11a9c0b":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"deb0ab6e8b0f392af6b89d253e923f1a":"14a86c431bde5c0861e6bd2cb748a13b9bfb2a4a67a0bcf067960b3a9c7a75fc7ea321863c83693c70076462ec3179f4d82ed4a1155a4b5004842fb47482bd6a83804a05af2504f6f535eb9bdc95a9a2eb80c7dcd7dff54e3c00437e4da9c433c88f6d248e4754656acdf8ea7d68106b04ebb2f1cdb247fddb0bca1f8e9ed6a5":"c1bc587c3440f1f5dea5b0a4b5ee8dfd":"602cfb09e8bf250c3a2c248c4e91234629a4fe9a18c5f8b59df215e97dd873a7c1204bd0695796908daa28b77353e0e5b37877a7441d35633119c0aee9aa82c3c18a7f577d09293fafce1895dafea42f97222a33b001907b978f11471cc0adc46243e8f7fce94803d4d0595bc9fccb9b9396b52deb943280eac2c4eda54841bc":"a72d27136d0b4efc0aa2126a246ae4946e2c62cf5055f7bde263e7516ace2b7e12179980f8dcff18dc4fcd662f38d3b9dc7f8a057827ebf27e5dab85264d9325e0eea3b12f8e9e39ad686263df75b0758cc8af0be89882bb159c95b8de392b3e295c039a520d2e56b50a6370afa57adc967f7e4ff670dab471a57fb6c81401eb":128:"eb26cdf879e0cb1320d786a642c4dfc0":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"adf6006fb1cfea0f9641a4c35b864101":"d21777e1fab632bffd82a58cb732794f112cd88bdda5a7a8d19c68ace343fd786e5e512013887105c21299f2d6ae23cae4f03047c68f019d98e76d2aa1b3a204f13f4cba13f5a8957b9aa3ebb44b8024b26cb6139a3bca3ada0520a68b8571ae89501b212a1f8ede5753d557ad2f38d9465dbb09b555300b13194bf7817321f7":"a349d97fc677d8ba6f72e8cc7191ab78":"5717bee8b31640f3999efda463d4b604c1cef62fc0dcc856efb4c50a8c6b902019c663279e1bf66fb52d82f8570b9a314647f4b1ed86eb89f4be8981225f94d4285f5ca9167434a1569b520b071ee4448d08cb8623b4cda6d1f7ad28e51a2df980b5a999025e9ba646707075a6cb2464c2a0d5fc804c98a79946fae0b4fa61fd":"345af0d804490586c9ffbada0404176f4cb1331fc77705175619f27d107512d3e6068323b276743284feb938c5718a5b013305fb42282a89e270d24585236fa18265dc7e8ddd2b3efe93a2ea05ab359323c75211f2133aa97022c9a937a467af37c92a795c682a30f2ba1c4ab2dc45e63c56cd3b29b0efac2caa3150e6a72aa3":128:"ae7d2827c4f1422b728a9fd31d8d1918":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97c83d4628b65d94341984bbc266dc7a":"e998cc0b7677fa2e504994e99cf7bbd84ba7e356d7da178f8ff40dddc046c70554ddec1d28aa23f9c4e6fcb9effeb8e28a883ad05bd0a6041b8a24d0fceff200a4e33996e279cbf029b11d58185adeb5e5e797a74d0d8b17adcf06dfbe3ee11d8e6bc3b6a8434de6e0ddfa0fd08c913f9fb911cefca72bc3f616b4ac9821f53c":"671dcc5001c2146bf8a4e522ad702bd8":"9eb12a42d2ca06a7da37fbc23d213f5e3f5e15580f01b0ea80eb4b6bd283e307dec965745ea3b3509d3269cf25808fc6a923e97d87d0c1a30b447a5a27a06d0c88a96cd90d990bf208f1abc4934f6a0ae34a694750a74ffb27f4bb66bc799d43570b01897b98b00e6a01b95b356b11d33e852b2010da5785a691246d0be2bcfb":"5a6d8930e473e292e67425748e8618569b7a478f1e183ba4e4a64385ac4b75d3d42b1afc34cc6daff341f10c1ad8f03d77179f52a7239ab3261f5fcd5a0b4282d26fa4d08bf0c8a5c96782c073ad63ad233dfe3aa0290a03d73de14d445b9ce4ea0e3b10a4aef71c5919969b7086353c942c479a1c052a749afde2325ef46f7f":120:"b81cb7bfd0aaf22b7233bcfe363b95":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2dcd5c974c5d78cde0d3a677d0b1acdc":"21b61035ca3c149d66608d77edd9770411e0ef73a97d4be9dcde95ed7997ba97117ae6c1979195a5d916ff7a1d43ddced5287004fb60a2c81c82b5f7c8a336a603c3eb7cb160bbf21b454f810681450d65deb64e7cd229333fc5e85dc29040d7da48511b6b2524f02eaeab422b5ca817796c47b9f2d7d498abc619b2ce2912bf":"7455fea1bbbfe9479830d403e33c9d1c":"d684d38f2b12111197ca512c54c8e29ef1c3b9b089a6923cdb327c763f0ac8c2ec0900c716e211e7cba1d7c13a60fe87f5d78e5d5215d92e57a0645d9b2eab4b11870b5f7bfa9f2c9e4b9fcf7596e7719b7d0c0e6cc16efe71d8bc92e16a83d4782f08e9b97dc85a18c435b51c940189a3c2608379a21a8c46633020b9b6cd10":"eb039d8cf0bf217e3f2aa529ba872c385f2770ede6ca4ed32fd22cd3fcbfddfb92d681f00df6fbf170a5dad71c9988d556cd74bc99e18a68683e0ea7b6ef90b21ff42cef8c4627e4051bff0da00054390e10036f430dbe217e5bd939295d9c9f64c2614d42ba62efe78763cc427027edbd0b7f72eceaa8b4776ba633f2c3d500":120:"18e7b50fcec11c98fe5438a40a4164":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e5b132bb7aca3e01105848f9b37ff516":"3b6d1a432b7fdb4022fc35d6b79ea03b6aa14d4ddf60a160e976909ca069242fb2e7d414d4e34ffdf9416823c4b3f4e018ac8ca689446647eda6a12029f886bcc9d18be150b451d78fa72b9c4dc13314077a5b04cffeb167005c7e8379940e6b998316bef9bf8b5a742e337663c0ed91d88d09d0c3ebec37aecaeb8277b13661":"24c1ba77d37f99253576f4963779fd59":"dedf78f05957bde906639bd35eacd8fba8582d288c9f14a25eb851a0a34c82fd91f2b78614ff46ca17fe7781d155cc30f3a62764b0614d57c89fddfdd46af4fa5fc540b9ee9076805d4d121aa0dad2449d228f1fc3c07d466c051c06db6846b9012e8d268c6e1e336121d272ca70d965389a5382fbfec0a439e979f16fab0283":"9976d2f3e16485b6b3699a541b6df386562b5ea4f6f9ff41d265b16e2d7d3c5f131bb5874cdffa87e704ae3cc24f1dccb62bababdcdedf8bac277a7277ca53a4d38fd31f9fc83f86a105663f045b70dabd553137b6d6222abb334b7be7689a4afa28103619f11b8b61aa92a63136ad5639f11bae64b25f09f1e2db701938fa5e":120:"29d1b8a68472f2da27aa84be714108":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"63628519a0f010620cbae37f8ad34570":"6db2919208b09a8abe5e95dcfe0f957dce1ae0e5b29f06bf321dc815ceca094f38c5c812f591aedbc9fc28cc0317bd1d89d4a3ba14f7b3e5fb2e03778990a6006e0ec2ceb47c923f3b17473f99521491a4cb2f9bd435e3133dc90e129ded9d15d78e75bfb3492458ce0964d5614508ef2a38ea02ec8664ba901891a7cc86a62b":"ce0ad75b94ab2d3918abf255c854ecf6":"c29384bd7cd013fa02487867595d739d99886a3bbed7fd5acd689f3a74f240f14c8fffd0bdea1f83bfef7b58ce512849e3a986f37afa54ddc11719169a49bd7e7138a745053417ff80cab1a32ae9be476ccb61ae055b319fdee5dcab629bb237aeb7d998ce36dd9c6908451c3bca9d3582f7fd60e69f6298d43a3b958341b611":"6205d37d720cbb628dbd5069f38ded8e566030eadb7fbdf2ed827d5f5a0117a21c75ade89782b3dc4e7307d9a7ae406ead0145aea1b6cce286103a55ce195999214b84bc25281bd7fe511868a69944d483e05ea6b39b11558ab46a33d227734eb3a386e30d58c3029ef0cb4046c0856078d57a6df194aa8c0e10f9b6ed8fb40b":112:"423fd542498825cc54501cb42b2c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c0e1c6bde79315f79f22ebc77107228":"9cd56b16aa4e130c3dbf30e701e8784ff39f866031e778e9ab72b858c3e333e9589b4b6cd89d6546e52a478d92bd59d0e4756d6b5037ab1873d88242ef31be643745d26395385b71034f6f0c0c84816f0c6755965fc8a7718f891d618f226684bcc77f87fe168e178b330d4b4c0eb4791028017fe6c42e68b0e195654a5d65e5":"9011dee57c3b8e112efa4d2b816cf189":"57bfcccc6f00c0abbc5f30589dbb47597838fdd50dd622eeedee33824e63ba78753c05d2543687f60dde501757b6fb74c17fe34b3e9c455eb38cf078c8c77eff68d3e3b8c244cde70ddf61703664d34159a11785cc6626eb1cad70ab94405616fff52c0f781ee6b43ef2a449924a76b762035ff479cd6006c21a62a56a14650f":"2c1ef998747163104e5a7d2a440a1a1cc2c20446a9d0cf5f138f85c1f5afd90fdc3fa4932845c150518f40bfd56569a5479126c49061ef350b4fae895170b4eb94dad7b456890a822e1bcb57f9bde5bea747d17be3d18ea201cd99bc46fee21132c6918ffb0117744f6ba3f25bc8a50f9719854314b934c3a3230f4757a49113":112:"4ef9aebb721dabe2d09101037a63":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"93f3fa85dbdb2784fb078a34b1116eb1":"e7a0fafda0b90cada671f5e2adfd2e2a5f14e4613ea76aad57e79e2cb532f655210614e2036d7ac005ed5e516814d8667ed71e0f29b9c7b470f4722327407cd6ce6dbd298cee37bff33c35e34cdfebbbf33934673469d6b98becd6d26868977e69e06deee99c118fd4da3530d367d20d15107c03efe0d7e7b38710231e0dcdf0":"f5a7b0b26d1e86f4fc69f81c9eeff2cd":"3d2a1dadccc597b5e7b6ce48760150dee01c8550b525c587abcce8c2c7fb6291683a58c2e42e7b7ba6a3c2a117ddb7e67ea058a78989d67946fd9551e30fcb52618dcb9fae079ca56b74572d7b6a7b6a5c60e906e9639eac5ee1a5a2db864721119da2c4c5110c2b8d487e792cf6929600f1587cb2d48efe6864019afc32af6e":"60da3f4b3a263bc0178379646bce391bf552f60d2833261962375d2960c629dedac681d86f7915ea3cffdad0f37e409668f923d7c860525b994b325396531994a2fbb2d4e909d0b1dce322e078b4b8cd99820a39ffd7b468bd3e73b418b9a2cd5757b7d45f0363574c925bc22d66645abd95a6b29ea6366d8c2252d1c5710d45":112:"833d2c55f5ee493060540d6b5349":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"163c05f69cdc4e518ff6445911d1ede0":"84d8a1855423293de37ebfd9715a9b46b175bc6d44e94ac8a3e7d409e8a227a57a6b85144a8ee23564fadc28742b69e89c0d4aadf0a786f9a5d5f9198923643ffc0bfd0f96e43b08f1435d4afc0e49c0e2241d938780975bc7a31cdf38f30380753bdd66be72b4dff260a35dc10b9ba35059ba61b0beab16e35068721bd950e3":"4b16188249096682b88aa5e4a13f62c1":"a238d1111efb7811f6838c3cb6f3bf3e0ecee6d8efb26845391f8adb51e497e840ea40318bf8e3cf0681c3b69951c4f03d5a4b5edf7119a150eafe6dc16b68f3d2b91e1454637135148f4fec132bfd96ca088169a35961d4c663535b9852f12a00ec4c08082553a09ea046379ce747c717036154d063d876a2b95cd7bdb42daa":"3bf751cf63bc1b433be6075303986ac1d0592dee400774d0bb7a9e72224417639e1e83e69f34226b873365f41fdac925628f32ed4b572b374310edfd892c5e0c3197e59efbc22ee11f0d4a66bd73a6f5b0de7c1cbb0612a63a262af51d418577a9bae0a8577e547382878f13047a92f51a867f8b7d283d2099c34c236918f718":104:"0d778299c4dc0415ca789dd5b2":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a2ff7cb9fe33b04a087d9ee6db58ec0e":"ed7c22218009ceb5b322045fecc1fd748f27655397a09c2c29813eba9a5cbeebe88d4a35dfd741ef0ac1d11c4adbc6bfae824af88e3ce09f68d8ca7671de91ec9e2bd5f790d1cb1748e34b3560c9b10726ea4b85b127731d8a7fdfd0ddbed11aaf181799f71a68e542b43ed9889237d2fffe370f41064b810c2e14d1ab661517":"6c58eb8f1f561b180f07ede0d3ae3358":"00cb63fa0cf526c6db37e33cf092f3f421fd258d28446c9a7c687b941c7eb5e1c5be267db992d0d93ede0b09030f979d451ecbdbbbb386cf1d74b23d55b74f5f4d520c000c9a41922f54567ca7dfcd84c68883a23c7acc3db3cd8d340217ee7c5ea39b41cf2c0e58c270a19ee9e146d2dbfdaf8ba3e24fda7f2c5e4ba6563ef4":"f0f119bddf5ddf147fe06da9d4510d97369d8e345519df2188b8d2dbaf8b7d3e01f3c26475141aae224e5ce1b131c8096f0e2a17c4c2df62f76f009cfc8aa20ddcd75a6a4281cfa2225485ca22aabcb60ff11265acb92a19ed66797fc2b418ae4b8c70fbecf0fd63f6c22ad62bfd6f40d8d0e2abeb620b7b4f5d8b3e041a53e6":104:"7885ca22c4afd7dc6cb440ea35":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e739a485b6293b43535379e3b309fe8":"699b9a5668042c48c63ffb323c0fab18446546417b2f33a69addce6178f9d5b7dfa891ff2004eb57a98ca012c2668e0614276d89b21b7bfa436b2aa1582daaa81a6a7722186e99dd16a5786fd0e8b09b194746232fd413984484524793a379112e297d733dce063408fe59367f5929c5086bc2191a8fdd60a346052c0d109d57":"c4deca3eeea80352624c93523f35e0ae":"704aa36a82d02c56f4992469bb7e8a3f7dda1326068bf6017e4a0c810352b476aea129c1ba1d4974bc0d0503dcf816b89c0dc8e6d066774ce97cea65b5fb5c7b5a7f93e5e2c7126dd3b241b958e47d8150b422bb91c4afc47d53cfc2d20176c2ea0c85b376dc46a86bbaa53c584aa561f6662d11de4e39e50f1a095b8555137b":"30b8fa2e52577a7e5cdc12a7c619615b134ad4b41893ba9120651cd35c6f2d48ec6b8b9fa99366c4d60e643a8ccb2cbb3568f7647f4ad1a12d14deb8aac00dc4ef780133ee8df8f494675deb7f678fed54e70d6bf43476854eb0286a49cd322cc18daa238d4580ee665fbc759295a3e12567beff3e823811093cf0f02d00820b":104:"ff89ee52fa4eaeb748c8676490":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bbb12361c95953a8d757bcbb92568eb":"c3fccc5693abe53a13e5209f80611fad1e81e7ce19a4612666d954b4b6d2062bee764181716d5fe0fe1de485bb739d6e8625d5b6cedcaaf6e4e5ec350bc2168c24d7764e75b0cf079d7ad1b5fc24dbed14c5ae4714734f424b3611de0f70a0a8d752fb143e1b7e51ebc965a06021de3718af30b067dde270d804fb5b87ffb29f":"48ca821e5e43fd58668380491d58cdfb":"e97280fd78eb8bd695227fc79420971081de8f24bc95d9a1794ed2bebf5b68d8b43ae8288eb5ce72db0740334ff9bc9b4e660418d3cff8c344e50c7962c367c26247806d0b5c2ae0420a724203dcf4fdefd6513f8263d995afa4780a9c4e92c25496106fec370d0450d907225190ecccfae634f11f8f74f6422a652b2b9af9e5":"61cfc5a6ab6847bf0127b35ce0712cbfa9cd28dfb3f0b4cac2624c52cf55f311e55e9abff2d4514c6feff801ea8739f874ded2efce4a440f2acd95eba6c75e09bcd91b898c98563a26b3df415658c4d04a6aaf547a90b03d1789bdf7ab8f09f6d9f222f567461380372a976240b7b180c3fa7b4507e53815af3f6b4a46973806":96:"f86d5374d1ad269cc3f36756":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a0a9b2dd1ae31b3e47b6df979dd2fbf":"353786f96620ae7dfa7aee163c7bb30384bb324b516cad13872f48e7251f6f4c5906748bf2a2f6167bc14453b2b2f513804308ba92d69639beac2f25274bd5477744281b7ef7d0661b3672cd45abd5bd30d98deac4ad0a565308c0224dff59e3190c86df6a5c52055f8e0f73fa024f99162219837c999a9c0a12c806f01227af":"b39c8615fa062412fd9b6ac3a7e626f6":"dea75b17cd13dd33b5016de549c44fa9c88baf424ac80c4835e868acb58082ffc4255c655878a1c627a44160d5e5054a0a04f65fdfb542cd342be2aa2e000117bf8cd67b02f3a3700755508f9af8379c226aded404117a5ca3fa70968495eab287064ee584b4ce596612f2c465d997518c6995518e3bb881967ab6b99d7f62d7":"8430b8735f0b002e098d513eec7b3a8431a3fdac2b7faf256a7bcf08f3dcd6fa549f029240acae4dbd4ad54752ba358c14893aaa67a003261c252020d14b521906b23c37dd80af703c2964ce13773dd72fa56c389768c6efbd485953900b56f6bbaa837f1668f478677621a297d4b5a2c1a86f689d8644caec51435b0dd66c77":96:"f000f2d398df18534428f382":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4da736fba2b7202ea2ba60793da3344d":"4f004852edd5dcde13507252ed8c2b20a093ac9081ce2a8133c48d2807e5f968c04a20dd52c070d6c43c704b8650da7f94e5450e0d34cfc2b2d2ba7cb5343e6b4281633c6c065dae27fab18ca71bea018eba94d20e78c5e3223c70f50cb77399c1a89436f1e7213673ae825d4fc5523645031696df10f9b5238c03f733b4dfcf":"8572af442c9af9652a192d893c18b8c3":"429915c3309fba2a42b8e89f42a9376a2f329805a4d6daae11e9a20c2f982671ef8a7539a9657777d03cbf755ef93be0d8e426ed00899a59e8b963fd44269d64692ed07b231cde93e85397cf125a75032ca3726ea1ff1b05d79f2040c1135012b90597186c1db2e16cd128d45a7b9d934ec01341d9030e9721c62f62003059b8":"ff4e46c4236304b8d52ba2d6db269f95d2cd5fe4318ce930d407051469c7e36e44bbcc909c4966276f5a2ec70021982fecbeae34df235a3e9e0370afa5a269ca8847a84b8477f7ddd6055d0f800ff4d413f63db517c96d15dbe78655748edd820f2ee79df5eca31711870022f1f5394b84f05bfef97f99cbd6205f8e522b3d5e":96:"624b0b5b6374c5153835b8e5":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bcc874114b9d78c3eb748a783d1448c":"7d57418bcea007247f5e18c17a2e4601c3eb8c89f61ed365d5aebee7593cdd63871d964a25fc9d723f291d39e0c4f75012471faf8e06db60c4ad8a26cf434bd82a29a8b653fdda1b86a7e4800c1d70cb5d8b8a1d1af52894082bb282ffdde8f0128a4abb68aedcfcb59160f6b5aaf452812f4d00472d2862a8b22480e71231b3":"5f4fde440faa9537d62e62994ab20fb5":"b5dfe0d971f2920ba4c029d4c346a49788b499faacdb18b8f905f1457a8b9fa48709893516a7b48bc601710bfd73c12da094c29df5776d491c9978f8ab237f605785b0304488f1c20bf5a767ba6d5e1e2961957aa107bdba2358b81ef1e06576db985b3ef8194725b75d49de1de3a57f161dede508e37ad3356134fa0a1aa48e":"6bc0dec98bece6c4e245fe978f6db113deca75e1b475bc31f1da0c7457a85ee7aac8be5f2121c0610b99a2c64519fc2514b643c379b4f53c5432b9729aea9fcecb88a2e2d0a6e74be04859a66f55fb2af1598bcb039108ef7fcfd99d94e79287ec1f62bd1bf5ff9dd51ab12fae4f6e21b95ca50032f9a65bd85f9a1aa0524950":64:"354fb8bcd38f2a26":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"427c89146eb7d76578dc173bd9e15cda":"1d39249130404d60ed40241cf3354458e06f1474b3723569d88235f03098053fc99010f39435620acc710a4e386b2ecbf9b327a8dcfbeddc084353fff029d24787ce81e74a5e1ac1ef096e0a2ae882a669ca168275806bb7f462e66c941fffc6ed44b9628450e03a5032676c1ee4aedfcb1767150d56c7d73a8a47f6d19854fa":"0092e76cd8882e5f77f4c8514491705d":"0ac4631358bb9375e07756692bde59d27012e921f054fdfea0ddb242c43421f4c7241cb210cb5c172d053de2763efd565f1138fbe7f9cd998d825ab800df900843474ebf857b3371c555b89670e86354fe430f715ebbd0ecad974fea34e3bbae43d3ca3ca178f3361f0a11fd75f60e9140f44364b02a073dcce8339fa28cb5ad":"2b385e9df4ed41cdca53a4ac8cb3e0af75eddd518b6727380712950d96c34bc6a0a6ac02184c1987548932b116ec9ae7abf01157a50e422b3e6aa62deb0cb2d81bf7fe0c25041a355ccaaeb049abb0393acfe90d869e9edfdfb646971bbb1ba9e5983cd0e2739158fab31be26cfdf9286d347b58b00f75d9f48ece1353308a91":64:"905cdf228a68bebb":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e09660909a9aa0a50958016c3e07895":"d7b2ceb182d4a8ed57572c4237ba99bbdd589093db0f71732f9e67559d3054fa1af195aa4864fde413549d27468ffe7c5c23e242cab4ae4bb9e2657422dc3fc78fbdcde892ed202be1e47f095b09cfc53cfe86cb16e2e95444492ad5d0eef053178d6b0485731be7a5193563bf56f63cc0687fc01679254d74e9ed788645004c":"c4f865be8b5062e488b1725749a87945":"26f50acdefde4d585fc6de6c6234c9ead40684349a2bfd022df93d9774c9f5b8f50474032a417bdcc21a74da72c0297437a0cef8f527c9205797f77b4227c272e08ad0b120a2a31ef13e372cad2387ccc1bcefc88dd58899821d68f3be6a4b2cd08697d1897efcd6ed3a0d7849f6cbb50e46800627cfd26964e2cfe9f36624d9":"321f6d79a6658c7c2b67fe3c932237593a6ec7e6fd8198abc6b0b6ba5d4dac9e0695f0c64dde1c94c0383839ee37f8bbfcc516f24871fd79a9b9135ceef841e4c8ddf6b57962c0e8ad7aaf210e97a43489097270756404fddde637de461b8644fef244142820e1af12b90f16748b0915a6b773dfbbdf6b16f1beaccb4cd5edba":64:"b294db7ed69912dc":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5e45d57981f65a6b170efa758cf4553d":"bc8d4c418442743f2fdbaf95b8f87b7c15a3176085e34addf4cf0fb3c2df15587526691b07e6407ba16999b72382635a2aebb62d05c1547a7d074c857a23107c7577864e7f7bcdb5b6d1fb50136391f89c42d3f02754b0e4ed0fcb0c03576b986af5c12cf9bf5e0c585d6aaf49d0c6fb2ec30eae97b2b850a35474bfb9a2c069":"b43403b627fe9e0135192d1a048c6faa":"7a27ea26c7607e4e7e627f3161bdf15f21f3d62dc33df14951971712f960d3b2082d75395c5008e5ea00d282d350f86dac8c61f5c0f90e7797a5b61ee96f7e332ec5de51cb1377e47c641f326d1e58817c8c95feb5b2923758e33b279191d0a9ffd09b7619b0318a70775e36abf5f7ab59422ff68914e7b478c448a7b141c4bf":"90d8a6218da063c38e0f06d548a3d5685fd3e0fbaf609c77bdd573bb9c63f30590eaf8b181a2feb81c8b3f5f34a94dc94b905036a6c69b97263302b8674d9e09325065588e97c0b5b33116981f1f362a7c5bb1e996c126c31fbd63791772f4d594632f408fdf011b3f2cc750b060452c181e8e09697c8662c00c8d4f29d875a7":32:"611abef7":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"00d4bf20509a61bc76430ffa5f013589":"036a191a388cf3c57c9e6f0e2f5c8bc3d5c25ee8e2fedfadb7b7433155c7e79304f0905ab2a17e1f04f2f2dacd4a41521d6ce213961df9dc9101d41df4e44246488fbedb75a01256fbc7784769eb8f99d44d5eabf93cf667ebae2437ccedc79efa58c075183d46a5c20bf4c81e0f9754ad35af65f7c8aafe7daa3460c6892b1a":"25b1026a009470a5ca8caeeb67200792":"fd75acfd5aa25fb8bccb53672e5d6a8080081506cf03df2bab0746a353510996e0237d6354ee0210a41f20f88ec6569f2b200b28c6a31464a0533a6bc45afef3ae381425a3606de2866dba694124d96da9d0a2b061b787524ee6e5d3b1ef5c4bcf168810aa177660b7e1379ac8a480ce43d73dfcc696873cea2df419f372651e":"cab80615b666c47fcabf0d9805842ab2805150abad4de0ae8b12306bed504d4a7f91f52379df65cb9587577e59dafcd4203d2ed2743d35472285e9522db0ce3dd027a01c79ac64caee29ef3752a077254b0dca269f6f206f6cc575e8fedb0ba525dcf6252fa6f7b688556933f1dee84b2ad36a266695ce8672229cedd82f20a1":32:"3287478c":0 -AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"246e1f2babab8da98b17cc928bd49504d7d87ea2cc174f9ffb7dbafe5969ff824a0bcb52f35441d22f3edcd10fab0ec04c0bde5abd3624ca25cbb4541b5d62a3deb52c00b75d68aaf0504d51f95b8dcbebdd8433f4966c584ac7f8c19407ca927a79fa4ead2688c4a7baafb4c31ef83c05e8848ec2b4f657aab84c109c91c277":"1a2c18c6bf13b3b2785610c71ccd98ca":"b0ab3cb5256575774b8242b89badfbe0dfdfd04f5dd75a8e5f218b28d3f6bc085a013defa5f5b15dfb46132db58ed7a9ddb812d28ee2f962796ad988561a381c02d1cf37dca5fd33e081d61cc7b3ab0b477947524a4ca4cb48c36f48b302c440be6f5777518a60585a8a16cea510dbfc5580b0daac49a2b1242ff55e91a8eae8":"5587620bbb77f70afdf3cdb7ae390edd0473286d86d3f862ad70902d90ff1d315947c959f016257a8fe1f52cc22a54f21de8cb60b74808ac7b22ea7a15945371e18b77c9571aad631aa080c60c1e472019fa85625fc80ed32a51d05e397a8987c8fece197a566689d24d05361b6f3a75616c89db6123bf5902960b21a18bc03a":32:"bd4265a8":0 diff --git a/tests/suites/test_suite_gcm.aes192_de.data b/tests/suites/test_suite_gcm.aes192_de.data index 34f74ac06..96d8059ee 100644 --- a/tests/suites/test_suite_gcm.aes192_de.data +++ b/tests/suites/test_suite_gcm.aes192_de.data @@ -1,672 +1,672 @@ -AES-GCM NIST Validation (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"":"4f801c772395c4519ec830980c8ca5a4":"":128:"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"":"335ca01a07081fea4e605eb5f23a778e":"":128:"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"":"d9172c3344d37ff93d2dcb2170ea5d01":"":128:"017fef05260a496654896d4703db3888":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"":"f47e915163fa3df7f6c15b9d69f53907":"":120:"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"":"a35b397b34a14a8e24d05a37be4d1822":"":120:"e045ecba220d22c80826b77a21b013":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"":"169a449ccb3eb29805b15304d603b132":"":120:"3a807251f3d6242849a69972b14f6d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"":"538641f7d1cc5c68715971cee607da73":"":112:"07d68fffe417adc3397706d73b95":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"":"0d8eb78032d83c676820b2ef5ccc2cc8":"":112:"7da181563b26c7aefeb29e71cc69":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"":"646a91d83ae72b9b9e9fce64135cbf73":"":112:"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"":"55e10d5e9b438b02505d30f211b16fea":"":104:"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"":"e25ef162a4295d7d24de75a673172346":"":104:"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"":"08ea464baac54469b0498419d83820e6":"":104:"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"":"766996fb67ace9e6a22d7f802455d4ef":"":96:"9a641be173dc3557ea015372":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"":"75cdb8b83017f3dc5ac8733016ab47c7":"":96:"81e3a5580234d8e0b2204bc3":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"":"cfbefe265583ab3a2285e8080141ba48":"":96:"355a43bcebbe7f72b6cd27ea":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":64:"34b8e037084b3f2d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"":"118d0283294d4084127cce4b0cd5b5fa":"":64:"507a361d8ac59882":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"":"b78d518b6c41a9e031a00b10fb178327":"":64:"f401d546c8b739ff":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"":"14eb280288740d464e3b8f296c642daa":"":32:"39e64d7a":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"":"f54bf4aac8fb631c8b6ff5e96465fae6":"":32:"1ec1c1a1":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"":"75532d15e582e6c477b411e727d4171e":"":32:"76a0e017":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":128:"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":128:"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":128:"d22407fd3ae1921d1b380461d2e60210":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":120:"fcbb932ddb0128df78a71971c52838":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":120:"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":120:"fd78b9956e4e4522605db410f97e84":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":112:"b11f5c0e8cb6fea1a170c9342437":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":112:"6cdf60e62c91a6a944fa80da1854":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc9922299b47725952f06272168b728218d2443028d81597":"":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":112:"dd515e5a8b41ecc441443a749b31":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":104:"f33e8f42b58f45a0456f83a13e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":104:"380128ad7f35be87a17c9590fa":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":104:"e9e5beea7d39c9250347a2a33d":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":96:"24483a57c20826a709b7d10a":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":96:"23012503febbf26dc2d872dc":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":96:"e8e80bf6e5c4a55e7964f455":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":64:"74264163131d16ac":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":64:"8f4877806daff10e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":64:"4eff7227b42f9a7d":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":32:"ff355f10":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":32:"cb4d8c1d":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":32:"4a28ec97":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"eb16ed8de81efde2915a901f557fba95":"":128:"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":128:"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"70835abab9f945c84ef4e97cdcf2a694":"":128:"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"7f770140df5b8678bc9c4b962b8c9034":"":120:"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"151fd3ba32f5bde72adce6291bcf63ea":"":120:"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"743699d3759781e82a3d21c7cd7991c8":"":120:"1da347f9b6341049e63140395ad445":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"85b241d516b94759c9ef975f557bccea":"":112:"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"9769f71c76b5b6c60462a845d2c123ad":"":112:"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"4b12c6701534098e23e1b4659f684d6f":"":112:"729b31c65d8699c93d741caac8e3":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":104:"fe1e427bcb15ce026413a0da87":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"927ce8a596ed28c85d9cb8e688a829e6":"":104:"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"508c55f1726896f5b9f0a7024fe2fad0":"":104:"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"b2a7c0d52fc60bacc3d1a94f33087095":"":96:"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"1bd17f04d1dc2e447b41665952ad9031":"":96:"01b0a815dc6da3e32851e1fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"5ea9198b860679759357befdbb106b62":"":96:"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7474d9b07739001b25baf6867254994e06e54c578508232f":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"3ade6c92fe2dc575c136e3fbbba5c484":"":64:"67c25240b8e39b63":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"41b37c04ab8a80f5a8d9d82a3a444772":"":64:"4ee54d280829e6ef":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"9af53cf6891a749ab286f5c34238088a":"":64:"6f6f344dd43b0d20":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"623df5a0922d1e8c883debb2e0e5e0b1":"":32:"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"9265abe966cb83838d7fd9302938f49d":"":32:"6f6c38bc":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"9b3781165e7ff113ecd1d83d1df2366d":"":32:"62f32d4e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":128:"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":128:"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":128:"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":120:"0943abb85adee47741540900cc833f":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":120:"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":120:"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":112:"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":112:"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":112:"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":104:"8781b045a509c4239b9f44624e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":104:"2ad4520ddc3b907414d934cc1d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4382507dddccf1385fc831da8924147563416d0656e168ec":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":104:"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":96:"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":96:"b124eea927e2a62a875494a1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":96:"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":64:"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":64:"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":64:"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":32:"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":32:"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":32:"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"":"f1a23ce6e2bc9088a62c887abecd30ae":"":128:"d4d5c22f993c8c610145fcbe4e021687":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"":"ef221a1c66fda17906190b7c99ab60b8":"":128:"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"":"7c29b3196d44df78fa514a1967fcd3a6":"":128:"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"":"783f9a3c36b6d0c9fd57c15105316535":"":120:"23e21a803cac5237777014686564f2":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"":"2acc2073089a34d4651eee39a262e8ae":"":120:"7ac742c859a02a543b50464c66dcf5":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"":"c937615675738f4b3227c799833d1e61":"":120:"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"":"1f939226feab012dabfc2193637d15b1":"":112:"eed5fcb7607c038b354746d91c5b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"":"e2076e1050070d468659885ea77e88d0":"":112:"b4586bdbd4b6b899648f2333eee0":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"":"2d07bb8616fc0bbb71755a1bd256e7fb":"":112:"6b60d645220cfde42d88296ac193":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"":"6c31194df99d08881fa5b1dd33b45a92":"":104:"69431593c376c9f8052bf10747":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"":"73599275f8237f14c4a52b283c07275d":"":104:"6f7249d25c9f273434c4720275":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"":"d0871bfc3693245be478e6a257c79efb":"":104:"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"":"c72bb300b624c27cded863eba56e7587":"":96:"ea2528e7439be2ed0a0d6b2a":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"":"28899601fa95f532b030f11bbeb87011":"":96:"35625638589bb7f6ccdb0222":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"":"375d4134e8649367f4db9bdb07aa8594":"":96:"70610bf329683e15ecf8c79f":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"":"9f502fb5ac90ff5f5616dd1fa837387d":"":64:"a4b5138122e1209d":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"":"2ee96384dd29f8a4c4a6102549a026ab":"":64:"3b33a10189338c3b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"":"8d97f354564d8185b57f7727626850a0":"":64:"813d2f98a760130c":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"":"daf13501a47ee73c0197d8b774eec399":"":32:"a6d108c0":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":32:"a47cdadd":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"":"817199254a912880405c9729d75ed391":"":32:"d81d9b41":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":128:"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":128:"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":128:"2c84bf7a8947ab93b10ae408243b4993":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":120:"e8aac14b53cdbc2028d330fc8d92a7":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":120:"dc034564d4be7de243ff059b5f9160":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":120:"942b52277e9dc0a30d737d00f5e597":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":112:"87737873b82586bb29b406946cae":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":112:"06f95ca69c222a8985887925b15e":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":112:"c68842cafc50070799f7c8acd62a":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":104:"ec9a79a88a164e1a6253d8312e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":104:"9779b7c3ece6c23d5813e243ec":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":104:"ca82448429106009094c21d70b":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":96:"9d1603799e2485a03e7b05a0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":96:"05ee6ce13711535864674a5b":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":96:"0c9c17388d0610f99d0a093f":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":64:"1c3bd1e0d4918e36":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":64:"dab612351f75e2cb":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":64:"f1d743b7e1b73af5":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":32:"4dc74971":"":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":32:"fb845ab7":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":32:"c840d994":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"cff291d2364fc06a3a89e867b0e67e56":"":128:"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"1c8f41424acaf009996ceaa815b24ad4":"":128:"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"a950ab0dd84115e3829ab0ad3bbb1193":"":128:"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"3a2acf69bba19f5d1d1947af2cfda781":"":120:"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"3cd95429c6de1d327b9eb3c45424a87c":"":120:"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"bd505fcba464e6e2c58fdf29f5695fb9":"":120:"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"776248381941e16908f52d19207881f5":"":112:"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"603977845d82faccb401817ecce6e2fe":"":112:"c955a3bc316841be07e406d289c8":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"4cd56de54e5140a587be7dfd02d3a39e":"":112:"1a29527a41330259f918d99d7509":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"afe986ead799727063958e2ce13ca846f76c51605439f839":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"f85a95ed10b69623162ab68d1098de94":"":104:"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"537a4ee307af3072e745570aaaadce34":"":104:"df01cffbd3978850e07328e6b8":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"5124b410c43d875eca6ce298c45994a7":"":104:"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"ff10234524433b871202c2cca6acb194":"":96:"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"49da91e926091a448d57d521cc90f3c0":"":96:"99198f55f9fa763651bba58e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"b5efb9feae3de41b5ce9aa75583b8d21":"":96:"9604d031fa43dcd0853e641c":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"aef257dd44d14d0bc75f9311ef24e85a":"":64:"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c15c9c0b0b70c7321df044bfde2b15fb":"":64:"c5c9851a6bf686d0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"0bd64d222532dae8ab63dc299355bf2a":"":64:"3477cad1fd4098b2":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"37e3a300542d9caf3975c6429cb8a2e8":"":32:"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"6cba4efc8d4840aa044a92d03d6b4d69":"":32:"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"4f4636d1b283bfa72c82809eb4f12519":"":32:"16c80a62":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87b5372571fb244648053c99405999130f87a7c178052297":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":128:"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":128:"010195091d4e1684029e58439039d91e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":128:"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":120:"28a43253d8b37795433140641e9ffd":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":120:"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":120:"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":112:"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":112:"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":112:"3269922affb9d767f5abe041cc8e":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":104:"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":104:"673afea592b2ce16bd058469f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":104:"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":96:"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":96:"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":96:"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":64:"84f1efd34ff84e83":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":64:"15d456da7645abf2":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":64:"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":32:"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":32:"613ba486":"FAIL":"":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":32:"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0 diff --git a/tests/suites/test_suite_gcm.aes192_en.data b/tests/suites/test_suite_gcm.aes192_en.data index 5ea110186..9cc267ec9 100644 --- a/tests/suites/test_suite_gcm.aes192_en.data +++ b/tests/suites/test_suite_gcm.aes192_en.data @@ -1,672 +1,672 @@ -AES-GCM NIST Validation (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f8022b8988383d5cfd7d9e0e208146e7868d3d714fe85744":"":"5fccd8cb551cfc9c20998da4cb981d49":"":"":128:"1b5c6c9a28f5edfa4cf99176b0f14077":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7d4456b8e16b82283b677bd8c4b1f56dc7f153b5cfa746f":"":"081de4a3f71f5d6fdf7801ff6c667f7d":"":"":128:"90c2729c5ba04f8f5c73726c910640aa":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5779b60b536b096c9348cd8dafb3451280791e319b7198c2":"":"62f8e195bc79957ca8ce99a88ded1a02":"":"":128:"699d71bb63c668b533c357662f861513":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"966cfb078f695c8ad84ede2fb96fb89488fa271dd3b50346":"":"4a7b709d45745d94c5433b01fc9d57fb":"":"":120:"4a9bd213420629a5f6e471650060e0":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc69ed684af2c2bd2b3e2d2f9faf98acf8071a686c31e8e3":"":"0bd4197e5ab294ab7ab1e6ec75db2ac0":"":"":120:"6632b618b4cab963dd671fd53d2075":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"99deafc5ec6155043b53a86d466c2b652d59b7274bb844ef":"":"09d18e85e5ed38f51e04a724faf33a0e":"":"":120:"90bfade2f07f38b2192e24689b61cb":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c0c706a1fd48005e0fd0ed91b4d9f0028c500dccb28ca73":"":"595716e15498454577d3581e94f5c77e":"":"":112:"8b10eacb1f127f4c58cbb8c3516c":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8e125507ea16d5282fe8bac42d3cb4908b717f345e6a38":"":"0a7f64edb8cd8052fcd5b92e20c0bc2d":"":"":112:"467a2c0ba1d24c414f758200b8a4":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02176a5a5d8cb8f5ccee3f66a22181765ce730751c135198":"":"c19ed1f52f5ebbcf89ab1907b9ebc7f7":"":"":112:"6525beb5856d6f29105777e31457":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4434d6bce3a33551733d7afe8cd477a79be8eeac19bc0a05":"":"b0eafdf326886eaacb750dcf2c104abe":"":"":104:"ab9f7923a3b9228cb9ecd7f907":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39994c2520a6196cc3f3e8c6e4833286ce37399e0379563b":"":"dbf9c40266d95191d70739e932cd8572":"":"":104:"b29acaf5addd6b379315535375":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1f27d054114a264b37ee1821a077773750cc79d28594f506":"":"6739d43092620f44b57e65035ce14565":"":"":104:"25e0434a3660704eee4bb82962":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0e97d15f4992a6354e43944fd346da65ac1f0f1229189442":"":"32a64e826b500d7e85f4c42a784f7c19":"":"":96:"da8f3e0a6f156ec260aa34fd":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"27504fc47a9e9a85eaded3782cb5b088359ea1c0abbf2730":"":"c55c8dc3d6d2970c81659f2f87bf849d":"":"":96:"113e637538de291e2463abcf":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5fc67f73de736768e5c64c37459c5eec3d27f7e337c346c":"":"2691432d3935d4ea8cb8f7c17bef3558":"":"":96:"c0af76d6f62430106ca54928":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f28292ee2c54119511a67db0d2317433abaeccabfdd5d1f1":"":"cf9331a1bb3851b2fc3aeed2d1a33eb8":"":"":64:"8e14b869a95eb12e":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2042f9244079736291ba7fe1f030cba99672a97ce361dc14":"":"aadfa619bafb21b5c738b65d632bb8b2":"":"":64:"ad6f52f25aea1c55":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d9b4eb00ac03fabb5304ac38414f7782cb0186436a4b9036":"":"809939260117b759d8dac1a69c27c12a":"":"":64:"1f7d0b3104aae50b":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5128f4cf91d53b3a50e9b76b0b27da33cbd4b9349d89413":"":"644909f5fbcd61d850e43fbef1fb454f":"":"":32:"2ddbf709":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7ab2ade7a8e397d66be6dc7671f19cd39ad65490f1712":"":"d152359d765f41dd9cabf5c8f37cfd8a":"":"":32:"a6e4e30d":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9c2de7e3c74b7e318413a32892d4fd070de9882158bbc82":"":"63410c83fa363a63fa78303b9994b6c6":"":"":32:"49c514ac":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66ebdc2332276784a69b6bb137161210bac9f1d6a36d6a4c":"":"647f41b60c6a579086ba8854d043495c":"da26eebd04c27bbe7fa7b54b87d3b7227f056dd9c085fabfcb59ec665a257c6de68fd2c1c51aad5e6188e02a56f70aac49ba489802247ca327de57ea3cfa87e72cae7dd82b50341a2133b03cd0027216fcd94cf43ec8a48e1c04145b597924b37f7977db3ff23b8edc913357037d0fe02afe2bba6b91e27554edbfb77f51cc41":"":128:"420b320c2d616a0b11a7605a84f88e26":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26b04d8427582b04318fefebac2a2298ec3ce61146f39a35":"":"99f3449c8538414e7ab595b92a7e6e10":"edfc2aa8ed91cfc0e117fc9e2d1bfe843c7cf365a2b6cabd4259686cd7aede9c7453623967a30ffbd52b30fc205208bb346ffc70584478f5f39a79d4971ed71cc3dd0200a89aef6aecda0a1f3a4bf2929b7b9e141be0ddd3671f727e5e793ef085f52ecb77a266b9a02a2c700b63d8c43da0b569510285e98b530abcdbf7739d":"":128:"091cfc38b248460eafb181ab58634a39":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82c8197e6641d0832639e2b1d7691fbac79618b2f5db45bf":"":"69e1a3e5eed54bedc941646e3ad25a6c":"d0fcb4f4d764efc0fb52c8108e61b67a1386f1a13c1761941cc9a28c6ad15e78474cd2a65ae9475d70d9c845f14bf4d2bd2bc46c29e507a347391829e0f24495b026f681c387b3e6aec8acfa5ecaf4c3cfe796c22469478ee6744cf04a22e6aec82489f53109551f58cc6602933d1780b8b45b933f76a94ef652a8ce8bac2cc6":"":128:"8e74343ae8cf1cdda4969c1a94aab5cc":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a349ba960b2c8f49b7e5314911ba8de358f2e74ceddf126":"":"f5998a62ec507c5fe5b280f9c57ac626":"78445eceecf2e6d2ecf2589fd24e854bed3aecc63aef934aec9aea93dca95d58629002a4ba91e9bf6d12e13f0a844977b3c2700645281db5de381adbccd34a84346a99f34889bd46c75b1956e21aa9f87684af55d7fd0de6da07e856d9b791c0a45e9e37881092f6040a9ae9d87757142d3c9c7fc6f25db0e5b5d377865ec4da":"":120:"4d7eab0a3719fa53e552b9e5a85bdd":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"019af03d23342f7916e329b6843161e566aa859402cb07ff":"":"c5fd96765fcf6d51e23ac6d206744af0":"f9808af3403051a52b6652df03b6b37d90a471bc242c436cab6ba699139eaad16847665093798731b9969709287199233c5e77351c5e42b15453b4171237a6d16aee63773c8c0d736b3a8bf38ccf922e561c456682fbc2c7161da3b89526d9de222351bbd04ecd4e8680f26d70fe57d577ea287b199be1bbb8b76328ddee3d33":"":120:"fd36fafe4f5571fafb6ece59b77381":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab39ad2946b2a343d76b1ccc1939cce7ae3cd7b6ea187bc":"":"247bc71446489dd3495c4dee8a071c76":"cb2c06fa5aa54ad079741afc56dbed79061a02045b6c099d0ae2d7883b78c5fe09636cc8a5dbba0c0c76ebfdb81217526afbbe04fa4b2b78f3357025930b0f9488369bf3aa088a2107bfb6c4ba714f1c26d0380d647ada5852d2c539300a4779295412b202c3cb977a7b94c24c4dd2a891a2035f388257b84e5b31bdc895f062":"":120:"65e1aad214f49881a067d8b372ab6d":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57b52697f72ae2df6354410a69dc3c5f28b31e6617bd78c1":"":"0d96720526491d196eca66457e3c9e71":"cbdfdb3cc73aed4297ff9aba76dd8ca4d8efe11b0f521fd7170f07461c7885252874b2ff8fd05a3943ecdc824ffcef0396980ebbddc0a53c6c99086c14fc806d90d35347d45e556e9a55ecc3a9fd74c8e5dbd19ed8b452eaeb673818ddc0695f56ddf3b139a3df378fcfe5b6ccfa358f5a5bcd1550f1d9d5f325f15f9dcd007f":"":112:"f0c49960e60fb63edbb50bfebd98":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7bf69ed06271107e11fdf016edc4aafb0e2d2ac05bdbc46f":"":"50e65aa338cfe856c80cbe1331b46abd":"a7cab4e1e56f4b9fccca08d3791560e4b6c7ceb40a10adec0536861c5c46fc3fd06c0a8eb32c9f18c40463b0f06cd0053e615dfd7caeb2b353b08ad6da1f8a23ebddf16524d2eaed70d4d7e565412dcc9598df7e107beb464b103cd8de9301cafe8b0420f0c156025d72b73d6e015ed2312535d35899aed73aa54374674d7f02":"":112:"d7fb9d78fede77981948eb013ea1":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"caa781bbed41d7a1c56d47673f74d4310a3bf8b1275031d6":"":"7795dc04261d9433367f51c3b87bf18d":"f44d77bd541e02a737c693ff3ea0adc091fff1966a593524e68954a2d7d66a48199366a5a600331cf392965b5ebedbf949203975fa9db53b72586615975e8a7b84e0633c6cf69caf482dd72b26b0a5687ec71667e7f6e5abea89c3d69d2dc42a242ef959e4039ba5b2d22a3e48424a431a77e816604769d13b7f892e2b33fcd2":"":112:"386930ced9a46097c0d1f6e65c62":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1b268de4ff644cfa4361f8014656d5d4decbcf9cede8605c":"":"4009bb00afad026cbad117c6047f4ed8":"140c5a93293598fab85b3948b53e0ba15438a0b948e91041a13104f0ad263c8a10613e20e87ef261999a54d469ba6f1abe56ec3979623df8520a0476801987c15410ec24f5a9be72acfca71e8c5904e2ea5f8b22b8cf404b9fd533aa37e33b3d4cf91599cbb3b85ecda4aebaa27ac0365df8312c399ba1767c47fe0923f2c53e":"":104:"af36bcee7561cd7d0861085d55":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c2843bd689ccbba60ce961b7dd50619a59234dad97567e39":"":"55a68cbaa5755d8c67bf26f03c5863c6":"d7980ab86ceb9b66ab265b68e078deddf7ba084b8967c3227839e8f31cdcfbbffa004953f3582ea9274dcf46e3ad7e7744a576dec37e0cb36fced2b2c2fcf4328f506302f5741e696ce25c49492e33c6a0c8aed5af03cdc1a266352623c6a52a555ce906f684bfd597b5e37f60b5175a981088b9d8b8b5493e4fc1bfeca64f95":"":104:"66cccb7d28d3fa70bce2900a84":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f451c5edf9849a390486dfecad437cb809c33d31f6898ba0":"":"9e2dd52c04651ceea88caf4adfb2e8ee":"87b804d4a81dc203d67a92b4fdeab959c2056dcedb28d29f216f9172817bcfb3d2256bc1c8aac23feb22b71f1fd02ea28cdf91785931750ba4865d672345b5001b1aade4f6acc7edb03758d2540e6472aff50ab3ea61a0b9ff37ff7a87b91013b14867c3e43cb097a923e6d8ddb1f52e4bd940b60d500a4e35bfa91935065f26":"":104:"e192a49f5f2b22fa39dcfa54c8":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd02ff8cb540ba572af3431597bdf3f23e61665f96a19b4f":"":"7198af3f594a4f0597f45fb592edef50":"ef06de48bd34f362fdb425c6e35e37d0dfa1ea874df7d201b6a1c25b736c96e3cc8ed0915807fb7ed759482ca701d28c08cbf955be244bf887df37394d1ca4d2e7eace0dc61c807b714f3161f9d7f554c9f87ad674849c136108cfd8f777997656489d3e993aad4a51b68616083876832b3085a5f8f154b83ea44702c70f2980":"":96:"43298281cd27a36e5cbac4b9":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ecab4a4a9dda43477c993d6388387443c66ac253071c504":"":"9523b2722b927dc3afcc5f7dab2bf033":"fb84e38a84225c8ebb307df88325d020a5853bb05ac7a75ee38552c40c302d263181081b05918775cf9cd6905b9982b2ae9ef7993f28fd8714e878c9a4a8101c08e9f13581dcf4f16dabfcb9d3c471c0056805f51e67e9b75572639c3d6ce62d2f8abd64e1e66ffb292360c20155e4d528374a5a22d845340d6f1ac68d33040e":"":96:"696bb674e43cdc7d69346555":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"733df8c42cc2e70ac195615d4911ffbecbe2712230c5c292":"":"f76135eab5d42e82aedff3090a1ba606":"0c8aea747cacf2f0fdfaf368cf32b12dc49f5da9a29bee380d2d64035b73efb56fef13aa20c0b612d9615cefb94f26978fa0b371a47dd20051a1605b9f5e133b52dc514577c53319c9e2bd4ac7cdf37d56a9e715e27860a09d86cc21d0b9f0f302f6acf06f2ff00cc6c878dacb8bde51082f701314de7efd36a246f80f8a8fb6":"":96:"82e6d0c076c7d8ac0839fe18":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ba33c24c41bf9836607b6dd05e66a3d16298c897dd1d70ae":"":"4b30423df6de76dd684274afbea089d8":"71f5f6ee7bbd774fa691a3d7e0f694a6c8dfe8aaf9cd720e163ef6d5cd949c798f9e9c993adb6d64e7220aa0f17331bfa9a43b659be101726a80e5529e827c3e4b05cfb4d78db9952e58eebe64dfbc0d1baf20e7e48902215277a49ee953108526a70ee150eda85e6a0e49955f8c6323766ae10e13ecfdbe4815f4bb4ba43786":"":64:"73e80018235ded70":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1711553980e3fc5c14c98611ddbdf426463f82c66df83a70":"":"3396bd96b83ba611ed22e12e8a5ec911":"9506f34c90611acd6ecea385a782a5739f88b4fd13b77570c4d7e0617283e7b21568e32c42ada1cf6aca1a2e2ba184d4101306ff21c9d03e0ffda4854773c26a88a5173d52960286c18753df17361bb7046d2884ee600f58775304f49cf4e782ac70cb00b3d9c345cfcb38e3880743034640bbcae83112543cd1622ebaedb221":"":64:"5d51a0868a2161a5":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d69dbec7ebe80f2b5b8f61fdff1f4413f5f6624010fb795":"":"a2eb3ba50dd93fa375cf682db7b2bc7b":"a0f9c0de86b54d3c176ece3305463237e1f70be3c52e2ab1c773a9d27d6fc5dadf61ce7a3d10dba8730d12c306fca8952403983bf242fc1b6efaaa153ca446a07d16a70af4cb1aa4d4c0c93d646dc3a5630f5a610aa9e6eeb873f9a06d3234642bc86b03c596235ec03019e762458abe17d37409a18ca5b7e0e0088391dd3acb":"":64:"1a827855ee98d679":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7aa732879f290aa442217212156920c69457b8ec41eab153":"":"cb593221c59846dc82fc0d0cd04af3f0":"15d7ebf94985c34b72b6675d7346f0b05bdb8fd3a278555939d2999028e4179e69352d398a5dd0e5b370bdd9cbd24d576b89709c98b6142f71f5b1ba224222afb67599fc58fe043d1a91d7ea95b56dbd086db8e3a061b1bfc6e82dc9ac728174fd3669d65db62a06380a5f72c3d091b7a1b6998041d5501e9fba8bf91a7d278c":"":32:"55b86d22":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"961a3e78f6a75944455f9d9d0345e08f4669972f3d5c202c":"":"ce43a19ac648e62ddc49d243fb34e29f":"393736558133078a0367b8248bc18c8352f92a9212e90318a5b63ad3c422ccda7c181c565629acf4fc73b2de85bc9cf38310fe703a877b3e7d3b2d416aeb962f1027077232cfa39c5e5284a1b323264175546ddfb250ce693e2dc78a0479bd89a7ab44b63e504866d2ec6b5153cfd51f29a91cd4fa2b8e09878747ae53981875":"":32:"ac701373":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4d492904becde4e46c2557ac833265c715bb57f18cd040d":"":"df41b22b92d43a96a7504514b92e644f":"c4dd46ce3e486d89903482de247c1e7df05809a247302db3ca8457b93d6886c0a3d1be40a90f6502ec58d0ddd715896cee37322d48ec3f0c3ad716f1bb679afdcc0e4c79e5e2e346702d349ec7b391ef7eafde618bbadce5d14d22123de611c065780a4d05e928e87d12b749888d6004224c3e457aca0190bf1a7fba2453680b":"":32:"7a259bda":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"316660f013ced78a16701b35479ffb1f7c8c4e964c1b52b8":"d262c15d08aea46f614c7f8f6a54631289e54ca97d698777388e137f431bb783601e7999e7af98775d7b87ce061d9ba56570ed8c58b6bbac5f12f751fc376ab0f14b36b40b2b5533727be3bbc9a51183405d5fd0121201ff592817d06613b504a3440b0e1a57e9ed1771766a9a5b789054f7032d20b23c5c37d77f293c677fd8":"919ceb172d2cb460bdb3b3e58debe889":"":"5f5128f7f948f0cc9fb248a24b07c54247e40080a992acddb2615d90ef9328a17bd5e9a698b00103855738aea55c4944cde4a9148bfa8db12233231861c455e52c9889119ca402eabc8f41b27000156dd29b901024336cb2b7088eb5fd534ba58f23caf140a8b2549486074e4edbfc262ed9c7c7ccaae24be8de873ad43cd13e":128:"ae22ec4c19e7616a5b877f168febd202":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1bdb707c328304809bf0608874c9db373df3c7104a5a7049":"ca243caa145124997f5e2e6bb25d021a38d58d0ab1bbf06d086c2416c08e3512aa887cc215fdb34d0f2d78f6a45885767f15fc00b68a4df1130587de777efb9cfd59cafa077477e97edabf2bf04c9a6ce029c230385ca5f9928bca7fe5503b18774849199d2a39a378a2d3144aef4416c1718319ff1bed8021dd77a07f61eaa6":"b7e7fc0d5adaed1632c5f7d1f56458f1":"":"91c7954bdd6a49360fdce11c1bc710512bf5a57bcef241fb63e5ceabcdc9699d0c0ddb025c75195ec25e631507f13e18799e6be9798e5639ad8401f6244c5b0ace3905ae0de08e2d0fcd19d193de83943fe449af4b503a454c248e677d2f51100fd9b8b7e5388d5091089369a7c2ff38bd353e9757ef873a87f15f30232bafb4":128:"72337bdb2bfdd1f1ebe0dba6f9b7b649":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6dd0d7e9d6ad1ad7c7394d53e9e081c436d34c8158bbc95":"2d95d64ed3be857a5c79c7af20aee00f142557e10d780383fef2d45f16c7e2823ffee495b220c87971610e5650f7c3e8d296b3f03fc883c00351df48d97717427101aa0c08a23c408b24511621b640c210b316cf17e3dfd714f0c9aa9ddd974692d1c2ae27b9bb0fbb428e7a9da3b3cf9bd869e730ccaa3aa4bd08f01f84039a":"60b4b9c77d01232c5d3d4af81becb0dc":"":"4494460ee73d3513814e1f779bfe3a229b49348d7641e9ed4dd959b582960097ef08b91292bb9db87b4e728d01b92683f4cdc81151a69bed2096bf6fb2e45d0148404420ea16b631b421e6f4c6665fe33c2d11e7b22b6aa82b610b83214ae4d17e681972e3a1f77306d3c54d96c47d8be1fb2c8cae8300ac9db99013f25a65a1":128:"d40a246c18518ea9f8d733b42181123c":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e9ed78cb5c10df05ad00c6f1fb35b4d28e6ddfcc16456807":"e465e57cbac0dcd1e8ccda22042abecd9d89c4ac91b0e82a41fd51107a792099e63f7cf23a889d8c04edae2c2b3a9e51dbee6c3b71ace3de08ab354a295888bb99ae0fe428dd69bc013d49a70511ef60524282347787a542fe9501b6452b5faad2f129a9795c2c4cc0881ec4af8f0e0d2d4a7a628cb051055fe831b51e250608":"3a8ad989c621ae1e82b8d255a3c95028":"":"6855e4702f1ea593bfe30ee65b3fab832778d6b11a0ad902dd37361b8d85ab76d1f2ccf7927d695eb3129286c26737b9573e26bf64b31de26f97525f84345f73bda2888a1f53c9b405ad627bbe5dea123c9fb0a4b7f193cd8fbc8fa4a5e5f64e9c083f5c048d61fd1d347b49afdc69e0ca6a82e3b064c49d5bffa2800b5cfcdf":120:"9661f5c3b0d99d4f762bdcabd48df2":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76a5bc9a8d7c6e2822456156cea7d493702d61e7d504e3c3":"0a7fbca875fd620c3d8de788e5c27534160f68d60d70fa4167adf0c18ea25fa1f2cc551fdf447aa16678d3f82193cf421a6fa953532a3765bcb54183bf0e96527ae5e695ed3bba5d9911f36c1aa73132cd43b2698996eb43ff84420e315a06d7db02aee815461892c7ab9026953c4bc25f47153d5cb7b966b71b24dad69fa565":"09b681de6683751300c2ada84a214d02":"":"dd66e08fc500426feb497c39c5853b26376272dfabb82ab5978167faa91adb025a6ca0e8fe3d04a0d97062eee8ca6530c3788bebe4436ecdd3d9eab96d38a0cf9b8cc6a584a0facaea33ec2f4a6e61f780c3dad524df902f421e3204cec7c9a4bb3f0860e017eddeb939cdfbe6f924e1eebfbbf8ec63c55b62137d9f8845f38f":120:"4acc40a4882d7733d8f526365f2560":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f5cb564cdd6974219e87f93a030fdcad35313d4adf9d7a97":"210a799d480b4933e16fcbed632579beb6b00aec74c205dbaf64e2cb152c12f9b6969122f296efcfe328f54202446514066594848f42a3031425020b56d065d6eaf2caf507d5f51df493c11514400b889f33d0b996e721eb613569396df0528aa14eaed117dbb7c01d9c3ac39507e42a158413dab80aa687772475105eabcbbf":"90f91da5239640a70eec60d849d9ae70":"":"69a3dcf5b94a507a53fa5e62cfca269453623ccd3a537d971130a21bee884cf271b9833dec19862ab0dfe7052e7dc07b20f34aac42bc39bf1d495360c1d701ea53a9bba64b02962b4ef64fb1c90a1a2f3a6f81a6ba781d5f28b786efc365ec6a35c826544aab94b53b96613fddb65660dd336acc34a217960f6c22b9fe60dde1":120:"b67495a863fffcc773021dc7865304":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc2c5a020d3ea731362c29d559cb14aa4f8e3f6a554a5fee":"8cf098cb6ad79e0f0eb4ca888da004dfe6431b5982bf1490c5f2d1486c288b5d50ea0a5a63cf9d097a71348632391b4bf962bf464419c2c971e76c03eedd09d069a070c86837e16a2c39a2cb8de3e2d3f274e03998a874fa98de0933b0856e076e7f575f351d7ecd024753781f51ef600405b304e37f326846b84692448d3f2f":"bd4d45d970085e0b2bfc9477f5cd0244":"":"d44a4fd303e657670632da8dddb6a117f3e35d8afce245e7e6576711c663f36806b813ba6421ef9788681d9717a36d3eff4ae1789c242f686d8cf4ae81165191220e338bf204744c9fc70560683ec07c212846d257d924d5fc43a3d4297ac54428a32c8bb9d5137e0f4aaa42df8dec37793f3965ca658f22c866e259c80bcc59":112:"9c1d6c70e1457a8d67f81cb3dc8e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"167cb184ab6ad15be36536f505ea5447fd996b1d9a092ef3":"0b6ec08685b5a9d32346a5fa25d208136433204f3b86182bd1d9578f0634dcbb5b59937fb87df0679334d7f41eb8bec60ae1b87994ed2cfddcb56e95a6fb4e3ab7845b0294e4afa5ad46eb5a431cbd7ad0eb0473c42c06f3f62de03d10ddda449d41137c8010af5c7c0eac7a5fde5a39b5437a2382639fe3388ce029a7d4465c":"b5cc89a1c10329bb417e6b519091cee4":"":"7ebe4a9547fb115b39b09880d6f36f8cd402bb798c6d9db036b1ebd8b87a8e9d56fc23b7ae4e8cac3500bf2f73952c37a068f1e472369b62319a8b1bc085a51fbe47e1c321dd1ba2a40692ecd68762a63467d5ecad66a3d720a8a81e02dac0ebe8df867e2f7afa367aa2688ca73565e55cf2b0072fa3681750d61e8e60275aad":112:"30454dae78f14b9616b57fdc81ba":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9bc7aad4f4bd73acf756311ff1b72b41631344b9b57cf447":"7cdf07e17f667227edc986827d55bb803c6e51f93e72d98a1cbd161b58155a1c14ca54d52254e5f88f2a08614df68cc37f6e9fac88895b53090f69544b18aee4cc03763d35e7dd94ed82d1435316e7e02367b1c43506b3ccd31e248dce81fe62fdaea3a0bfba03477d5c151b0f76f09799048d8b23699d000a9da11281efffc1":"ffa8e719f29139d12f741f0228e11dfe":"":"6ab304cb9d1ed675383ff95f7f61ffc2aa73ab1b9a691bb84777b14c7014e986ffb91da6847d3abc0349a7aa09ed1d86f2dabc09e0e25a05800bd5d616c1a665bdb119ef71bae065ed019aed20ad3b13262a902f24ccb4819dc71419994a8b4774a3b9f4f672d31aaec997cfe340d2abdc3958c41373d0315076d22189eb5065":112:"260cce7d5ed6a8666c9feaad7058":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bd47bea08eab8694defc2b66e60da1be40fc1e398224f9b":"083ad3fe9273b8063e144a03f88fb179b18327aba37259d7f8532303306ac9d18cfcb746cab3f9385b5bb685fbc4a252dda268044642f5dbe33ea6e1634445311e440c5507fa6beaed343c83aeb0ffc4f1cba21b39f0ff6edfff961aed3ae1796f8bfeebcd3392d92e26dd26a19a7b7c2e5910f22557fad600f8cca8aba988d4":"e45a52c5e5ecc87b4320864b38683777":"":"8fa3cd91fb93a346e1f9595088c5503a840c7d7c33aa1be147e484e2aef2a8bda77275348ca59810abef6e179888f6781862990ba8e6d96af70febd2f671a3a8d6dce9be46c1cc6dbfaae35c35a7073205411cc8ab4ddd266b31b64edab4ffea076b29803149850cca41c857b05c10148182f8e7252e67069e7517da5fc08ee1":104:"9fa3372199a2484f82c330093f":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"850a811ca18044dee4487729e619cca71f05a5b164dd1250":"6ee76712d0b1fc00e43c2312743a881ed95a0b06276c5a4d93e3d56732af6b12c7c0d1aa6ffaec562229b6443e576caecffeadd9a65b91efa1bfe48ab1ecc63c381d00fe8dc7f11365f2b28945e844e7c6ca60972f733a96f29cc12e259c7cf29e2c7bbf8f572e158782a46093c5754656d0f2e1e1ea2a0b315b5fa02dadf408":"6f79e0f62236790c89156c14bd9540a9":"":"eb1ebd78d7ac88e6f927e09fecf7feb1aa64d7435aae76cc917edd9e0624a96e945df67648c187e397954da7b0888005f7a0d05d09de424c1a0648b56707b90da4021d5a36175500337e7341d1a474fbaa94e56d7ea52155829eb6bb9d95457c138875f0738034924d59681e7c2dfffb7dc0959697468ea2b65a884c897208ab":104:"91c74a30e5bff5b2585ac7699e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91469828dafd30de415067236d5f49ea14e813637f1ee0c3":"e3aac00bd05ce3c9b87720db82104364c8ef6ef25d6f3c8bcf5f73f1a26f8619e831bf7bb28c4dcbac7013dc6282d07cc225bd969c582a26accd7cfffe878a3159a5ad3cb6c8b89131aada61e2960cc5431f4ef94394634e4c8b2938409bcd2e7668986c7c5cd2ed5f2c525fa0212996960ab842a43869ed430d3291799a2a1e":"cb5409aad9d227a3cf0e2c5f1031873e":"":"4aa82b1c81a911cbe84231ce7afb95188f2177b539fb77de68f3d4801a2bd09f5ee2f7e59b5d9e79be5f7a23f0612ae39d59259dabc8b1bf7dbd4adc0db520bf7e71b988fa96d6b4dfc76afdc22ea31f64c64388dd93b27518b3263b0a19007405fc08645350a69e863a97dd952c8d886b5e0f444a6e77a9ef7c7de54f405a04":104:"2a6b14c78bcb6e2718d8a28e42":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b6907853b7d4c4a19468111d96c5de048200b5441b9411d":"3622ba252c067ce7d6cae1d1f5068e457a0cf93be01fdce6dc8652a53135d5ed445388679e3f388ee6a81220b19356b275878fbcc2a6751bee7e2a50adb7c430e4c8cae03e88465f97bcaeb151d4f0007bee6bb9864b33020717adc42d6f8a283a20f6b62ec79fb8060e3e5ecc1e91a2eaef57e9dabd3b3634236f12d4bff475":"a66ee64c15094be079084c89cb1739c1":"":"2b8c1490e13881ab3bac875cbdb86baabe7fa30445bcb39315d057171e80d02aa8471355e80ba891b26d80b375508ba2756162cc688578be313a50096d7cd6253a8094970898fb99cd2967e78a57d12b8b3e3c10502634bead5bfe2c9dad332fcbda0c1bca16fd5cac78ebcbc7f15aad8b28abf3ed74a245a8e7a85cfaa712ab":96:"e52af33988855d1a31158c78":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe63e247e8de838a197a9e937e34c0f5a0b282533d445015":"17c5d748b8596901e97df660ca94fc970f7ebb769aff88f60acc425f50ebfb6744c6d8778c226c5d63653d9388d3fa0d4d630f94d668f3478c89e2708501edb12307a9b2189576cbc79388d291354cb9a5d1eace4ca1d9f734fc78e55ecbf86338a31ebe583cace752e8bafd0a820384136963eb2d2f4eea7b2f69597737a1ca":"8e018305675c287f802f28fe56ae5c4b":"":"c3d34e2cf1c3ad629490d70a0fec1a63c88d025ffed46ff8f5d8c0879c166ad716b702682cd0a437bdaa03a9b2e69a32fb7259b0fa930ca7a344aea37886cc9850e44de0aa049b8bc300caee82e26b2a1e5ab45c4c7cc6a15f5f595199999a0cacaa59da1b2be2a204fe13005b92ce722a000228545ae8a61b2c667a386f431b":96:"d7a6a917a286d8edf1289183":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c739dae83a5e64bd98ffaf68b5bcbcd0155d8109e9ff2518":"56dafc06b354e84ce3ce31b7f88193124ca7e7049272beb93fbedcb3ede8e017bdb9ee5d314ec5168443fe01258d9abc4c4c27580f6299b20082b4ca87eb2589bedc459f132dfaefafffdd13f82e153a2165dcab9a9b6c10f1d0d13b127312a6f5f3d65a73b8fd057f1d88038c5137254111f7aedf21af07a35e34cf4d2166d9":"d80ac4dacb0f1441839e2068013dde3f":"":"9ae5107f4394c9050f8ca8ae6d1eb66099ccd0166f38e45c1cbc17b30e218fcf6015ac92dd7ab48bbb095a0523904c72710a86e50518d6aade269c82bc5ecdfa729802441e09aeb939abb43f5960542ad87961e2141f967d12f7190b07de99811b264dc62cb8f067872f84d21b661558ceeae4922900ffd76084e450650de79b":96:"6a180ed4f3a9d5739e559d00":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c23ed64375d42c3a402fdadd143336d2f6babf4d4ebc176":"5541a219108ce3ce593cca8c6aa6504c84983a98851bf8610d71f79a38bdc21d5219266ad56e10ccba4898ea969815ed0d6df75312d657631e1e22e46f727a499696399a0955d94942a641383cadebc5328da2ac75bf0db709000ba3277581e1318cb5825ba112df3ea9c453ad04d03eb29d1715412cc03dbce6c8e380b36167":"daa6f68b3ce298310bcc2a7e0b2f9fec":"":"2a4e04101d4c822eba024dcea27d67eca7ba7f0ea6d5290ced9376049ae085ccae3ecb624c03eb5b2808982c88f0a5c4363a7271610b674317bbdf1538776f1fa2454c249a1b0d6c3e64bd4a356ac2aa2fd601a83d4fa76291f3ef1a9bfc858cc0aea10cff34ab9eb55411efec2a82a90af3fc80f3d8e2b56181630230890acc":64:"d408209fabf82a35":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"695dfde34f0af192faa50244ab95a6059e2e637e237eb60d":"33ca2c61a04467ad2bbd2ba8144573f0c2504a4e9945fbae250385406ed1757adb70534bd6ed854f227d93eee57c73a314f5955208e1ba5af8cc1e8b5bb07cb63030e3ae5f0ad287536f49b576418bb1d2dec40562f6bdda59c373d6668aaa9b791285716325fccbda2180e33955c8be19d05e389820ed69258c9b93e3c82e96":"a6a57792b5a738286fb575b84eea2aaa":"":"b2ce449fc806dfb93cd7c97c018c2ba7d702216ae29a530a8f22d07279c7570c6288fc01fa9915b42a6be7a7d9569f71b8fc2411dd9747b5c9c7b5c0a592bcd7e8f4530ebaee37e9c7d48d7a56be7e2df1d91cecfd11bec09bbca7ce7106942989594e791e00e23557c843acf5164f3863d90f606ad8328696f4ca51fd29346c":64:"050bd720de1b1350":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a89a516204837bc780ad9b26717e51ccf42591bf58c75c1":"c72a1b8707522442b992cb21a7526dfd341e27a11e761f594abbfacc2ac26ea48523d0113e38adbfc06d4af8809cb606454467fd253ca442241e8921b906d6c007dd09e139e568194666d5da0b33c7ca67876856cf504e8dfab4a5b0a77cfb1883d532ef7c70b35b0838882f144991c25a2331863eaaaa2059401f61378750e5":"a9b1ef7744075cd6cc024f8c7b3b0b6e":"":"0ec50150590bb419df0d6c410edfc2f8805a602ff247e3b50881ad3efb598ed053d8dd1deff86460db0081c0eb3effe9ea94564f74000166f08db24da6cfcba91a9ee1e98b8671db99edbe8fde11d0e898bb130e1b27358fc42be03fb3348af7de9376af495c0ec71aed56d680632195539b2d1d5bf804328d0928a44c9731ce":64:"6c9f55e67533828c":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4107d51f7d6e24aa605959d5d46b4c7e1743b7d5e3ae07b6":"e5074ffbaf5e771e12f9e7cc8e7701b970aa7897928681383ea0f91bce8200ec6782dc9618e065e142c4ef2f7019791e74edfe2040b08bdf328d7d9658e7473beab65359d35ed168a2bb39f3c3f59890353405a82f48e16d388eb8f2145ed9bff016e725791cabca913813e7485f387223711c1ad098ffa0f72f74a048ec17ea":"94a88f6872995b26da39efb5e3f93334":"":"bf32a717c945e1e2fe91fd38f3c7084210a7966cb83235d28f701ebcae6b2042226e932e4601eb3ed4728ca32bf7065fcdc98017dabcac23f0f80c65e92518db6c78bf4cd91f817b69f3c3a8891786d433f6c3c1a025c1d37bd1c587ba6004085571245591d615906f5c18994f09a03f3eef180d7af34f00ecfe153d5ab73933":32:"8d43426d":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0fa6270a44c8d14937cc3ff4cc2d2c997254a42ca8a09eaf":"2252d1c4706cc46ad3e4f8c49a92cdc7d1af24deaf7b08ab7304ef804cfe261acc3a202bec0d8df42cc36a5a3ace9ed7a9465cdec3513d31de9ae7821f9444226439c8f98a9a7d99b36b91b1b00eac71080d7eb550209af5fb7b3f28d09f5060070da73a40456d60c0470773af95d16c0b33d0b5327d44188619b950590ea862":"b5f3fde841156bc408ec3de9ef3438fc":"":"4fcfc56fa722af32e804dee0f4b67f5fea542b381bc47c41451844c82e5427f6cd90c37e088dbaff722d8700a11d5dfb4282e565f32e055324e5069931c86b62feb2cdf82ca1f62aee02a70e4e274b2b957650a5cc772be86c1b1cfc41b01d20d9be8b05b9e3ff65413520789ca0f198fe00d83483a1d85aeb13094c9a827e7d":32:"1ae8f9c3":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"104c18bd2a0641fd46c2d7590d60d6d8eea74a2758ed0f4d":"4434cf5d12d07614227cfc12716a8adfc651ffe5c6476cf4489afaa698d9d19947016bdbcb5b625773252745dfeaf9b10021a5b38f742ea8a0fc5f926c80cef6568ab8639cddcf8fee9678d45ad4937d6e6b054b65512f929e897ed5f965cd14cad939732c53a847bb2758d818d5d131977649db5b59a0c5ebac37db961f9d69":"2902faec60f754f0fbb1981aeba277ff":"":"1789524845a1e36322c44dd1e938ee5d0fe6df244b751f3023d5d64d40a72598d352d9d2faba68be4e035c258b68782273925a94527fcdb977a41c1e0a96f53119b5909b23b0327c820e8f6da049a5d144a98019c4953aafd481190117573869109c265012a42f76bb4c3353f6613ccbc40a4af2f9e148bf0a0324bb43337fb7":32:"d36d2d06":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"263451f187b6dcab9d8dc4364217a483dd80c1d75f24fcea":"5e236c282eb4646fbd16a95eff2b27873f625a7e919237d75989a8a112ea80ce8db0b4aeaf5da59c3b22649dabb584284ab9673ba7edef59043eb8e99763643941a4788e7cf11bad63e13c9ef08644044b76beef68928dac22975481da4afc723b3ab3b498189542cbdffbc3f467d190cd02e9b36b6981122aa80cfa3aa3561f":"6c4552b3a03152aa464e88fd5b14356d":"435453a304fcd3c4bd6ab90d6ed8c54e6d21f75b9e56c9d48030499b04f6754cff628c4c9216f7d8a0abed5b8b7ca128c099a7deab74ecfe2c4a494b30d74833f837d254aa00d75aa963ce9c041f1916eb63d673a4af3f88817c65d4c86f5a3c28a67de2aaf75f08d1b628af333e518a7e99d980571db608407d3f447563f2df":"12dea5ea9b54957c689c7c9c6a711e2880645109a4057fafe3b32727a60ee1e24f8450310d6b8402c26b307bb0bf3cb7c6407270d95590efb938e6d77359666b11a7a3833a7122697e959645d8e9d835e0bd39bdc30397115b4c348ea825c850c1e54a60a2522a6321e4b99fa2ad9215205628c595b07c6ffed939c779d23ab2":128:"585677e0f37ae13d886c38202c3860b7":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbcf735d7c8701f537090d3dcf914c741ed783c24bd8265b":"18eb70dff73341298ce33ff4049fa631f2c72c158fcdea55d1231c46c95ba4013012b713bc95ba25a2114d0380c297acd05c323696db466874083e18bf544dabffbc70be4649cfe7e8bf449aeb9789d6fa412a1adf57ce732702ab962561f9e1fa850733c97b8a4158786e8ccf32af0fc2b04907124e731ffaf3fa7eacaa64b2":"09ecced8460af635e46bc82450352be5":"cc5b8f82fce3797009fbd38dfad7055a5e2ac241363f6773191d0e534e2b4592a6805c191daad377245c414df8edc4d3d9ecd191a50cf9747dde65187484802e15797d7c7e1db49ea4e423e94d9ad3b99aea6bf2928ce6addfc00848550b4d2e466e85a282cc022c7c4469d2cb16151e81bf63df378e0c676036197d9470f42a":"8298f796428faffa6085e458f149675d6c6e2cdfbc7994ee6f19af40fe8926c28904fd5ac0b9bdbd2de3f1614500a3eab1f980f82ac23cae80f3e6ba71539d1723e9f3412df345536f7517d847aae79a83ee9ad5fe38d60c6618d870cb1f203a3e1847d14d8de5295209c0e05aa196fec0eab8389e4eb66bdf3dd49d0800ffad":128:"e53ca266dd93def5bee5daf70c953dd2":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f8d84908a8b7f5e118482bb867102a244bcbf48b7229115":"9cd2a4e2acbeea6a73b5bffc1191d8045f63f3a14aa762eb776f35518f72bde4f9c8decd61a9319e3dfca82e682910a43de2719451e1a32839b29b27c3eb1c8f6118512d6a19cf189e2d04cf4e22459397936d60f7551244387294a7994320546f070e54f166cd7c243d13f3017b786f7df6a7fa4ece05a2fe49fc39e2225b92":"5ba986f5115d40c2cfe404007a1e2403":"06f98d4807efecfc863309f3bc64b0f04e4c16c32675ff97a3295d5657d4443f6c8b0a394d3f942705bdc19c22b8ff58e9b7c209b528b745fa0424d5898ef0e42e0909aa5ad0b01f8549e3674102ddaf4784f0ff8908cf9f9a25e7e4dd9af4da7bd13ae0cd87b6aaa6b132dc518f4a95af403e612edce63e1424dacf8e349372":"2f168fd1c819b159739a7cc783ecdb0ef9639b7965918e343e2a55f196daf584f7f14bb6e42d37b504bfc2cc08c218c5b841b2d2abce05bbf15315f471e56f04f7d54d6f1dc7b7a68b8bc7026a1441105015bcee2c39d83be35d25f0d514bd1ffe75411b32867ebf2d532a766f9bfce9e55ea3e0240d2a3713ddc2ba790bad21":128:"7f121ea36b36449e1db85e8a91ab16f3":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c3037a59e98a9a81094d65ca52752ad92f93bcfa671821":"26647f8f4092f80fc19f81f029c354c582b582516e8e27e97d50866e8ff755f50a8ae6422f4e996f0cf50826a68c007a5b16fd59002d368ed3285bbd04f8f9a5a524243cb8d5b3ffa184ba7384771bfc508f2e93abd2a1e7170d694d35cc0ff7f247e84ca8889efc820c3f6d9cd40afd56c5799972d7556c91cde50ac808652c":"43b4f15bbe525913a31a9adf23d1971e":"60826c97f0a99b88e7aeab774a3f2278f9d35b6c1a5fce49d9389a421543c99f68797224535dca4d7040313340da73982220040a063b045843a14f5d38763f95bdd26ef818f6e5171c8d5b47f183589afd6acd36e59b9946c1edf038ae285f500171e9850603cda36043c29860e75bfe03c21e0ef11a9aecc5d5c51bb2201d29":"e58df99cce5b2548cf39684df6a26b8f9b7969168ff21c410bc40b763842ab3b30cbb3c82e0b420c8100da61c9037a9f112db9563a3d069cdf2997e7f4dbb0b5d79b56f0e985cd8cb70355366f7afd211bd9909c48b142c6556326062d27f7f82d76b83c433f00f1716ebc95038cb57c550b5810b77788c8bf1e686a8a14b610":120:"ba6aa6d68a560642c266bf4469eaac":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8fd9b08232a1d3fbe319d0897c74098f75b3e801d10e183a":"a677a13ae26b7a05cecfd153aaaea02ccb50db601221a3df545164bb5fe638f6ed276d4bd172b9e740a82a690aec4f18f4f3a0afb80c9a32188958e1cb3651064f55ca1211647903f63013e46b46c7f4f95589012eb4ccd2451d8e8dacc3cd066281f1f0c71f69f1c49f3f94136a522fff0d02427e4bccab056e615ff6fde1d6":"304c759800b8e275dfcfd3e5e3c61a7e":"5d2dffb00a25788548ff1b2c94745e5bfcc05eeb11e63501007335d4bd06bfb3223d4682e7e83eca0e163d1a8f2a76096ab2839ad14b45eb59ea9b29feb76f40b0d8dac55247c65e5dbe6bb2d5155ddcf2b2f924c48e1c16c990b69ac48ef2350873c1ed524ce1b8ef6c92a11c8e461303f7c32b5d65b57154197e45f1c6b792":"0779e5050dd17837d40fe3427322e717f074312f160c1951e5560797c13e4fbe47f320dc8053a39d2def4d3cc20e215978647d917ddf93fdf9eee5e54a974060dbac2a478afe5f5acbf65af4dccbd3942d130dddfd90cfc969da0c7f4b4050e34ce2e049c3bb004782abf4744c9a3ca2713ebfc5dfa16d011bc0b33d0368c108":120:"54c8a1dddfaa1cafbcc1883587b4cd":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19d38467c1024611433a0b2780980538d88f3e8907a86e42":"2623cd0eb46a7366877149ce0204d7dc08a5e64a1adb3b6759178c4eab26ca1806fc25fc0fc99dfc77d1811e61ac1e04ee82eb69ef7527962df1707734e4aca970b8a499eb70c2b0386942906945abcd9234b92e7bec33009e70786c39bd241da3905d961473e50367cb7726df8da2662fb32101d13b75032838f01ad7946670":"8d56a9e4bed67a7eb0f7b8c5e6bbf04e":"1c7d2744a56f5185b9cdf14eb9776ffd315214540daffc69c217dd64c7d0fb4a9f7b1ccc4c1e325fc046eec4feb8df35d32f492a28d35858ad1e9bfaf95211f111473c2ff799a124b308fba996b08f185103607605922bad319c6b7fd211f97c861565bea34948bfd751e4ce2591ae777ab1df8dc9e820cdad13066ed74303c6":"edfdfa35b41c5642e5b4dd1769b635811a48ecf21915cbef3c9e2f8230953f2ed4fda8903ec7634f10d55aa58c975a6c6133a173c2aeb83d6d7fc6534ea1781dfc62408e7a17d255a983bd1c33d2f423c364893db8128a599cd037b2db318f86f1fbd895a64a9fb209490b7e9a30db8cdf42e348cfcfa7984e15c17db810ec19":120:"17dff78f61d21de4c0744e57174f70":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d69bdc9d35589e33ea9c2b956780cd9618e0df79d1083e69":"d8a75de22fd3e2d50127c6fdeabc09fab1178875998319e1ea83c9745a1d5833c6ba9df08177c349dfa412e13e1927bbd4cdfb54a21c86c149be1feb4d9de99ffd590850875a3d9c8d9306971a9802ad4ca48f73d0517322525ac8463e3d59ae9895c9b363b6f0728d7585de78cbb49757bd1919ba2f2d6ba042d0781e7a79d7":"abd4b94362501b8f307fca076fccc60d":"1ad9aa99a4c8158ec08d21ebfb62604a043fc0c248fe08daa15a89f4a7855916af8aeb681ac6600c0268ade231f918fe508f48c9cfa998effc350fa117e2772f04839f8fa1a53bca00693ecd28db27c6507750404bd89af07451d66fb7dfa47065e9d3fe24a910eb27911591e4f4e4746b35359afada4356676b3c7331c610ab":"52e88b54b410dbfb4d88092df52688ba9502b906752b4802aca5428437d795de0d3539945bebdf2bab070df4a7e630469b92fe2dde0998d44094cae7f21f84ea7806637fa5c73b138e87d04005ef1206ddf30a21f46c0aa718665e809ffc0b42b5250143604b20225ec460defaf554a8bfb5f69ef4244e02e9563c374a44f0a9":112:"1024f8e9997f5fa4684930d17431":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6960be8fe82061e9cd783cd1c03f63a00d60ce9fc47ea496":"e0f574ddbb04831b5a86f40182f5f10d8667fe13c7065b471df157f67230c41b8c069c0218ceab93d63964be8ee853c567add2c3eab1670b03a51f9175e8e763be778ec43833cd716e1c8fe5cfb1d663149b21e06df772a3973fe1297d65188201cdb0c3533f5e9d40bb0664a97db60fc99d7e48eedebf264024006ca36361ac":"672f4378862c82738055273c72555b39":"e3a4dbce87edac519ce86349eed2dba0d371cef0d8f20b4dda3e1cd9f5799c9fd0b7494daec5bc995a6936c501212eb957ccc9ddd4c9b8a205cac122ba87b5c5a0eeba6b2af2cbc2326d953d61d089b6334ce03257203072f8e06b8c6f37692748a13e681082900fd32f0df6a3072f3a8b9bbeb3ea558e97a43d6656093d7c75":"2a3c4b79bbcfa4af04baa8413f6f1d18c9c579060ecd0cc359fcdcfc0566697ff834f7dffec84b2292e8583ecb59c9e5e5d87913a6ccaacebf371f1fff67f0be749d4ea5f5c6f4c959e9d932414a54a8e25bf2f485ecce9e70990bbc4e621ce2c8fcc3caa66b0730c6639de1bfa0124afe351912279bc3ca363f4e6013496cf1":112:"dbdd6af194f2578a0d0832d0cba1":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b7d0115612c56a1f28c6b3cb3d51c2b4bbd4cd36ccf3dda":"3a88efa524a90b31873cba177a7e6e050dc59f42c934923db1e75fec924908370ad0c9c3b0b3c05adf12c6ef2627d8d16f832071c055aef5f581a39a8e7d9bed2629e26d5e3ecaed24048d744fba08d8d12132def62059f1a549044c1db121f47f10b3dc4a02849150aef53bd259d6814162761cbc9e1a8731d82101696e32d4":"317a60c3c29440b8ba04daf980994c46":"80d816bf4008ae51b9dd9a25c30cd7482f2289f5616c41d99881aa8f78b5efff84efe307a822174f3a5c08b381bc99b169b92057627f21dddc367723eaca2545ce3a4fba2b4633fd99459fb03e85d6d11ed041b63185f3b94f6004bdce556e2a0aaf811faf0153b3974d0bae3eabadccfc95474c940ecad5b4d5ea88f88b8c4a":"f193303bb781164e42b3d4d25569a446c86646bc0fbc93059603c0b46ec737ddfcd55df8c90e6d806bd9fef90f2b122a1758bef5c75fcdff95ce44217d9b6b0e75e77656cc7f8a8cc47729c74faf43cbf08202e9ad16c7ef8c832ce5f97f51153e178ccc3c168928f3c328cd5b4c341bb0482f6a292cfa2fa85e03d95bcd4cb1":112:"42308ffc76cb6ab3c770e06f78ba":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75737e01a95c2ad9c860e72a57da646e01c2286a14dfec75":"fa749799afcf2242a6000c4fe1e0628db53933dde99d672e3c7b24b0cd6533b8002bb7aa8633322f4ee2e343db3a0067ad44edaa398cd90ebdb50c732e8bf95aceb4aaa4dfd1eaca617c30c30c1a18761a6d24c2de0790f54f73e0802eb82ffc0124517ddafe8336f4ec6197219346deef4ce930e8ae20117e6ebe49a2582346":"1060d78543be384e7a9dc32a06bcd524":"528a6c34c3cb3aba402b856dd7c9677d0d88821686edd86287e7484b72248f949bbdfb640df27e3d1d6b6dc1293ea6c84be72c85e5ff497f5da74d796a21f2513385a177f29f2154b2362d5ac83c3897f368d06513333f2995b701fb3e5aabac559f6018fffd02cd6b65eba9cdc629067f15d1ae431d6a22811508cd913009f8":"7e8774cb73468ad9647f6946aea30e9468fac3850b5ff173c7b346891ecda32a78b58df8d835328615f36a12c18370f3abcf021ed723830b08627767272f769a2105e4786451db0512027ce0e3f770fbb0ee0e1850a5fc479df4ad5ceff4fa3b2b9124c330c2e79d770e6f5e89acdc8d0ca9c758980dfefaaac41aaf6d472f8a":104:"6bc6632bb5b3296ede9e1c5fcd":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a326226b24222b3389d793b61b723e9ac7059495a1b597f5":"1cc26e453a54c94c1cf902fe12307cce2fba4d5f0fc3bb63cdbac0dd0b5ba31d08dae2b4f054c86f3a3ee920d8b9f7ad8ae8b4eca090c8783cf35db5de3b95889a84f09ff3f70263c61681f00a454b0813813f0fe3ec38a6d30cc3c6a93c91a422743e7a72340cb012718b8a4a3b66a75f13e0165aa51ee4b00046cba12e966d":"327972d0c2ebc20ed5bdedc8a3a7aee5":"2edb1455bf4573a54ab921d31b7fc9e534bce0870eb6e973afccc3b1f93dd2c1a476dd88e705919caeb5d4f4a8516a718cff8858eb443ca7785579036cc7273570e7bf2489ce71a52ad623bf7223ce31232d8c9b18e52a2dd4519bb08d87301f3ae69dcc36c6dcb3b03d8fc39b6621f6b4471092e941ef090c9821a05df8575a":"5a219a0d997e879ffeb548d43de8e4f32a9ad196dc425c83f766134735ad2c9ff5d9665bd54ac3efdc50bb4a7a04ba59825f31a0f3e530aef45bba00cd6479efaa19c85edb4734f91fdad6686e50f9cc531fcabce9e8397381b4d691da4a27b7c487e93de3e3a9e769e831c69b07697e4bab470ebff628e710efa17e4c184e0f":104:"2b9ac273c059865fab46f05ae3":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf5f2d843042ab94fc4519d57d9229ea7e8172acf515fab7":"0e20f5a2afffa4a5f9219320716c8a26e35a19c525dddd528e5f5f06f0da082f43272361f07cfdf57423f67ad3cfdda9cf1747c602a93747cc571adfabcc9d1ec1a8128908df45fe0ede0e14ff40169dd1ecbff7f4062ee7be0a1afb370c9d5103132c1fbee9262309cb05ea150fa862d6303af71677d2de9cafdb4ecdab8d5b":"95b06c3ce1a3de73cf51e781b941097a":"765c3fae74b6fa4b6ed4ca7ab9b829d76a7759c50874a38d2ecfddaca2365f7a143c9584e255608be829950393e5f94131caf4caa04aeeeb9d595e39ef3f9830246d6066995b2d40438f7eb0944bd452ab493b422e93a3e0dc3c0fc2a4b83711ac6693f07f035fd9d031242b6ea45beb259dc0203f497a77106392e4da93c285":"f43628a227dc852e0ad931e23548fedfd57020a26638ceb95dc5601827a0691c44209d14113da56e6a1e44c72845e42ebbc7ffbbc1cf18c1d33ca459bf94b1393a4725682f911f933e3fb21f2f8cd1ac48bc5afb6cb853a09e109dadcb740a98e5e7ec875cea90be16bcdfec5f7de176eeeb07a3768b84b091c661f65e2b905e":104:"77964b5ce53209ee5307065d49":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11cf18bbbc1d8778faf40391c30ca417739ff8e2a521926c":"a2e11ac093ab648118759183cd52ca7d5728ca87fe2f31eca28cfb13325e3e6e95974456857866dda78359023e2c998d2c93c6dfe8f72c6d4ac39ca0585a53fc074bf1124c3ada92e78462a445da23e650bf52e26b782ff50312ee2beb7410e93c8435f7b88dfb0ed63d9a3823992d796bf3ab147c33593c5e6193ef32f7a620":"bdd9a2b70e4ee0cc501feca2a5209c3b":"051c68fe0cd81b52fede137d0105e69c74771b770ea9b573ad92ecae86f420953f459755597f68c29f6fca39a27239faa940ce6c949ccd44c9f12a0160cf74a575753310f52ec5c5bb9c4474b85266494e63b6810ddf7a6abd1cf8244cebbf69d3198c4a09e8dccbc9429f81791f5c02628e9477b988e2bd10f9bd5d6731ad01":"ca899a00654730d68219ca2ed9b23058a5f40150c237143b24245de1e440329e513690f00c0c52bbd0de8074fe5d7a50fe420470249227f967340efeeb64c424881c7f3a20c405d58ea81f2309c7f74ae572b30313e2d4b419fbf5f2cf90c6706a1ae1a800a883e8b00fbbc9dc28bf5aa4a329246bbe94df5c2d4524f57370d9":96:"dd45503cc20493ec61f54f01":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"812481f8982b42b2fb86297c4b7c739652908dc498171c69":"32b27127582ceac21f968f5418e24ec8b84617f4daab0eb007f02d45812e81d486dc50909d79221c438def535b8a55946f50297963139a6b21e139e810d19bc1566b374d080a387a646bb582dc738c44156eb6c8dad613586662418edcbb18fe688d271108318de71734cb571d442e4d9537b0fcb2f5c763b3fbcac010f5c4e1":"0dad658c73c9c88dd927a502d7b14e8b":"af44f747d77a83ef0944f3bac8e835d752bb55772a7fbd3c6af27ca0eaadd122c9af1e2a9f37c2ba42779ed8cde2199125378fc88c7d6d58edc01c65491c5efc6bee58e7e8bf72f1a69d3dba47b38a50077130cbd71accd3dd4f193a53c6f2d1df694476767f79f8b71fd42745ee5bd41e90a7dd50a1597445251b32de303169":"003ae4798f6a0b97990d41373623e528618f9299cebdb0d23e3799f62bb063e5530eef7fc40c06af16965ff6895f675ffb81c004d826cbd36b5eec9bd3d90d785af03b64d12d311b6f90bcd75a40497d0fad5e54f829a097b25f7a9604f6fad475c9239a0f8d5589b8a76c6f7bc852a3b820734b426f59ee845ec3f09dd7d3d1":96:"b80bbc002cbebfb4ec5d48c0":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6657a7a9ddc6b4595df94d7c6bee9d13ad231cdc46ae5b4":"36857eccb5b3c220265a40980e8949135e840ef270602940d3394f3f679aed55217c1de175f6b48a16f7b394ad7d288bc425762f971b752d1372b369fb1c3a64970c8d18ad6de2e1a9a561a749e3cf9a8524e239f3121e8643bebee471e55fb5d54a3453c51b1747defac98ead8b25854ed1cae7ac44fd28cf4b1ed8988875c1":"68621ea7c6aaf1e86a3b841df9c43aa8":"bc25c38d3a200fc17f620444e404f3b3999f51ed5b860c04186750f55cc53c6423c44d0eee02a83af27d16b9652a7cb3d34a5cb19694e5399a272dacd56c4b17872fd23fdca129a4299b9c87baf209dd1cd1f355088e3f938e6d5053a847b5913f0b9135d6f290e365508bed73c61160a11a2c23aaed7551b32882c79a807230":"de8bb8e69f9ff1322f0a6c30cba5a6fccd7d17a2173a86cff5478ac8ea4ad6f4e99ddd4149e6a9b24865cc8fd6394066e24a556f3f6d48c599592c56f06a946c6b3414e2fb47e14d1f128ef26b385912367f35082099c1f3d4ea86687f19f059c56dac21923e9a151567299416eb311f5bbf9a28968b080b0b200044668f0919":96:"065f6c2b86891c719ea76984":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20cf8c2c47cd583286157b45b575d4d69c793b4250274fe4":"a64c2131c94fa827c3a510b23b20fb6d04579bc292d2ec33efc9eb31459115da143f73fba9bd8b03b67e591497d108f900a7279542b480bd3a13ea588a29efe66688b52c3fd58598c66d8595888e87b27734e6c5b2796cc60ab2aa3dd06a29c577de5bdbf0b6c69c7034f0181050f286b9300d214f549165a0b5b56ba8e40641":"ab58d2e18eb83c20df94cd6b569c65fe":"93ff6057eaaa9559d87e3276d4d900888cb1f56434ce2677ee1486a0aa8f4e8d02c47d06e6841f3fbe5bd72dd37fa9d81bbef807dca6961910844eb9611419936310d717e1843e7b278f48ae44a57c1f227a75fa8cbc7fd57c8cc3b101e036c8ef3043642c81f381561b61da7c9d79b6da9ec46f7cf093c29c1930b27c14f991":"a3f621261af17ec4756245414280017fd36133f2f9ff89eb8979d4417b8f93892bbf7b08bab785341bf0c7b5e3643f0e33f036633e5ebeae7a750ffdfcfbab690291731e92238ba6b45859b309629224fa7efc72298d3cf1ae3b6a9e94797552afc4e3a46205f9bab7eb64e4a41aee0e45289704a97221b7118d209e0b267a68":64:"ae53564271d5de5d":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a311bf356cb1d1f58eab411b45b8d78b88052f3c8ab821d":"3e915e92f186fde05ad55a2597ceab81495abbaa0be107dbf6a375525d1157a322b1f65460dce0c3aa2bc08fa89f777dac4d2fc3e5f7f20a0d5e33373c7f1c3551369737124c702928726bd9db96a33bacb56f1d645fa02ca1d88629c547c0eaf9585ee23b530ea971bf439c67e3b752af882668ebe0c739b26c837887b9d2be":"0569d05f3825d16aaa89e86812f80628":"28494a12026eb89b46b6139573dcda0836a617e00e25e2daa92f9372d86c3c162cfec34d634ea48294c784825615f41e06e555cf916983931e3d6a7ccbb4448670139616e3bbf7109387a852703b0b9d12c1fbd966f72bf49a7e1461ca714872ccdc59dc775c24a85e9864461123710fd8dcc26815894ee8cf2ca48a4ec73b3b":"9ba776653e8d9d240d9c1ec355027a18731c500928925e7c50ef83c6f36957073a8386ecbfaf430634cd557b1da1bf122f37456fea3e9b58a6e99413d9d16a2f1b40dff843fe16a2fa0219ad5dd8ae4611de53d7aabbef7a87ce402e62276addc7f44e09ae9e62c5cce4ddce5695db987084385ae9a98884ec97e67b549ad440":64:"c669ca821b6ef584":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82fc47638cfb361ecf7924c03925d6006cb99459ef5691e8":"d14a550d419b8e03762429a7abda3b17ad7a1305e5fc639e71538285cd70d78fa30e0c048e2c32d2a7fd7f82c874d63ae922db5a77111b46caefbfe4feef4df19786e5fec6a4df84f76df412b1f06bea149f1996b41b117d00d422bba5566d3af5289ca9377f325ca1e72f7d6a32df6607bde194cf4ac52c28e8aa1e8f1c9a67":"2a8e1cadd2f264f2ad7be9e7bdfa24a2":"8088358d7c3ca8951d7e8cd6cae15844edabccc8d0fcf8f169a48cf434d4814f1d7d9ae410e5581d414f952f52b852eb10fcf0f2a67bea826ea2e28331f0597152e624e148462d5952f10fa363666d57ebfe036695e1e68f79161b991e20c8ae6095232e63fde073c79603135849c62f8d98a1d80608fc081171114db41883f6":"e54cc95e845f4d1b28885e9b90d1d9d3cc51fd9d8fec9bce57de8781a28b4e5b7ab446074e84471d7a9a23748b689c354e402be77f9890a9c52a2eb9022a6a415e01285db1c6eb66d5e15f4216a4f3f45782677b6ccbf20ac7b35bd153f52a599712d09712ef1454ccf72ee48cca967f4917f1aeaeaa6eaaf8493ec7ff2dc1d4":64:"093343e49b70c938":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3180703e1ec93b20d1ac4d64e85d5461d75f783bcd2f4fa":"b7b350db6fc0796e9fd0cb239f561bf7e27b2aa26b8e3e76d8b737caa1c1c5ad624a32f5709e4b751f8c21172d4d0f4ba38ca4d1d0e2570c084cabdd0e8880b35140c84f775c3c301a9b260825e1fd75f9835777d6c0e23d359af1a5f7caef934b91bee521531582b639be2cca87c2991f5525f4a2f64c30a1453013d73c16cf":"916d72d515d3247ba48828d4113bda3b":"1002513035cb1d7e8b2710ff8c93cec55e2e2c2b56000d4c1182b5286736acd2d6f2fc9b82f71156dba6f77463805627e4bc38c96e091ecd945df7e996e7fc3bbfdae3d85ef1337fbce960fd1d60d06962a1669e9e8d20be151f6323cb38ef68ab5e838f02a0f379567f518f15d81b192cb25a42356807c1b9c02bef8309ff44":"d590f2afcd64c574ece12c675f509efdffc01e1404cbafbc923c4b44390eff66dd839e6d800df67bc06f49f76911df3cec36a3a1521762d6d4a8ee602ebefde0178863443f918668fcde8a531f3b5ee0e4c379ecf3e75e7c59f753e41f4e39811bd3e7dd3d6bbaa1e81fdbf8bd976384a6c4505f7e4270321c7329bba7f15506":32:"22e50ed0":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02bc0a8ab5468123009b2c69aaffd0a20a1fb082b55a7ecb":"8bf32af1632a7903f00e801ee6e5c690147c021be6886cf2462b2172786ab296e0feb96648e4a602ae6dc45e2aa60e6610356cde26b1dde3aa114c5449216a467fcde18332a6d482d24a1ee952379340d036a48b63efa092db4c30a95f402d57b9c837183e900b47805f170cfe9e69baea2b939799e983f7470bb1297f937bbf":"bcfc15308e891f32506a50c4ed41bff6":"01bff5e606a536e951213b23672db9074fa8bbf947e815d32cbfe30adc1e736517f86139840a4aa0a671b4e9bbd6a59d292db34cc87742c0dfd2d658ef157734c5fdebb3e5772d4990ad1b2675c23ddf1472e892dafe7bf140d614c50cf937923491662299ab957606f4ca5eed2facdc5c657784bac871fab04d6cd3ccb18332":"b8dff03141832970c925e7ff0038394a0df7f35add3046cc56f73e3eff59e18932aac697456107b6da7da3249049c3be5c098dd730cd4bf68cdf798c3a932b2c51f18d29e4386cbf1b7998a81b603372337784307b0beb59235eba4d3e4810899f6d71a994ba9742aea1875878ccef1bf674ee655a0720bd37e44b33cafe5742":32:"bd0be868":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c07d5ccaadb9e3ba5b5ddf380a7a2a175522b98e31e1d34":"04d3e6bcd5ebf696fe84a702ffd5f76dcbe9679c909b36d41ce6362f229304aeb19896c6376cb3c25081f709af57d36f39f421ecdb70bed9f829558bec6e78823275fc11f9a2d5f773d27136d903ff08e5926338dfdcbc182825794e5f739efc1f0ecda8e53751edbe0d08963471fb5099f2ff31f76b479677bd6d186a409525":"e4db5c6403a03daa703516763052bce0":"b747d97f263d0ff6119df1b5332640d2e4568813adc12ed76175fdfffafd087456748abb267195688d2db41caef301117979dfd2db9714b352398594005bebb449ea20415fcfb2671253f69bf6467ce7f5bce350a834c4586eb03e766c1930e7e6ccf01283ea31b8c73d7967cde0f2a53cc46b1b50c48649044d6f753f1d54b5":"f5faf7bdd99c62ec87f93da2ca3ce31e694df0a0fd04d61914f9a7a4235de20e0a406e297ba1099fff8c14e8fd37a9d6cbe2c5c572c988cb1ff87ffe7825e1947ea3da73b8b3633721fb4e08deb3f8fcae2407d73bd4c07f32b4f9ad0b1364003b11f84037a28239e96c3996874ba8e4ec7270bf0441d648f52f3730d30e3536":32:"e0820c4d":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #0 +AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd01d48789ef7f07f80a7385e4d1b1734903bc6ec768c9f2":"":"944ed7743be9ce370cba7b7c9b7dece2":"":"":128:"dfa0ab389c3a780f598af80200c84da8":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #1 +AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0383849ed0db3e52743aa82fe8cd9173b457755be8bbd46c":"":"c6b8518346ec52c001697b7bd38dc795":"":"":128:"48a1992549b627c8621e8fbaadacb16c":0 -AES-GCM NIST Validation (AES-192,128,0,0,128) #2 +AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"936388053ee0116b3f783ae34f000d5fe2c5d712842d46f9":"":"c5426b20c014e472c7b85be2ed0f64c8":"":"":128:"4cf0f6a45f3544e3d391375c8fe176b1":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #0 +AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40dfcb3151a8dab1cb79a6a1e6a24fb55024d0e256bd4b07":"":"b8495cc54653e7ad74206153ea64c3cb":"":"":120:"1d3786412e0ceb383de3898ef2cffe":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #1 +AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83ca41d8b33c6134a14d8b30b0c36d5b799574dd925f3b8b":"":"fb9aca5b4932035c65b571d170fdf524":"":"":120:"9787f7d68d2648963cb49fd7459121":0 -AES-GCM NIST Validation (AES-192,128,0,0,120) #2 +AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886e646688d573c2dcc8ca229a11b394b3400408dd801503":"":"c0744685722cb87717c76fd09a721dac":"":"":120:"794fe4df0084c21ffeaf959e5b0382":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #0 +AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0b845dc2c4e9e5a94bd3e8969300b16b45d3ad5eadb2e80a":"":"0900b3fa3cc9833d702655d285f904ed":"":"":112:"dc670518e150d326921bd5f43e80":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #1 +AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac9fac2e32ab44a0774949d53a62c1cda04b132a3b07a211":"":"8cf6a81bfa21633ad95ffc690c737511":"":"":112:"4cd7a6e4f3ec3d41d086e6abf14c":0 -AES-GCM NIST Validation (AES-192,128,0,0,112) #2 +AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f9721ef784980d03140490f760313cc8a56424affb01672":"":"c104bd8482e3fe7359c85e0e94fd4070":"":"":112:"3f682fc71989804ba74bdad04a97":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #0 +AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7c935f56970678ab89f6d97315a33efae76148263e95f1e":"":"1a91965c5458f4a1fde309cd42a3f277":"":"":104:"ce266c6f0447623a3ef1f6f57c":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #1 +AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30ecea6cac70a9de4f4f7f441d6b9b5608cca39d07c0ded5":"":"361e5cd21c670de39b5f0b2b89437f99":"":"":104:"48a9621522a98bc6c0acf03429":0 -AES-GCM NIST Validation (AES-192,128,0,0,104) #2 +AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb80c4fd026c3f68ab8fcb8e28e144fdb3ba00d70295ebf":"":"ee552fb94a527d18d285d6c195ca7b2f":"":"":104:"5ec97630ce593e9d560136774c":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #0 +AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c0261023ee9f682789ce9ae970fb7601f07551259ef91945":"":"bffe4af76db75bc4a3d42b57c73c51b6":"":"":96:"bf827b4526da77ab2e21908c":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #1 +AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb4ab2071bff4ec239ac05c04800806df2c256a4845b13a":"":"3ee0e2e72eea437e46a873bd659b1c4a":"":"":96:"572d3ec2650ad57eec84fe00":0 -AES-GCM NIST Validation (AES-192,128,0,0,96) #2 +AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"193d5ebeb466d3fe68754bba413c65112ae29c5ca5e450c4":"":"04e9d31b3b1205cae37c435d5a5579df":"":"":96:"71004356f266688374437aef":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #0 +AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a455ea1d9a78425a41d43e293e88de40dd6ad9ab2a63ef0":"":"c108c56a1b3261042adc89046ad1ecf8":"":"":64:"213d77ed0534cc20":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #1 +AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6fff8797db2f1884b7d71e3ef3e5983234a837dbd0c2cd6":"":"6be4417d7c00fe9c731e0932a7037a71":"":"":64:"68b6c28786a017e7":0 -AES-GCM NIST Validation (AES-192,128,0,0,64) #2 +AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86e6c451ea0ecaec9e365bc4831e7a6c092b65ee9bcf1b86":"":"6258168da407ce43cc18d6931497c1f3":"":"":64:"cbf20172e75a6316":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #0 +AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9295cc6458d907da5e7c356a7de51eb8e8d3031f72a05fb7":"":"c7eaad3389fc24a4ef96a711ffbfff9e":"":"":32:"12508e37":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #1 +AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"308b6ee958f81a7fbf3bc386e167459206df9c1cb999d904":"":"2c61b991ce478d9aac818d7aa75ada36":"":"":32:"32ead170":0 -AES-GCM NIST Validation (AES-192,128,0,0,32) #2 +AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"873d033773218387690c2871448578d8440ef36553583928":"":"02072ec745c856c6e86873a0523d603a":"":"":32:"e6a5726b":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cfd9c1375dfd19e64b5e4b75022fabaa049627d5238cba3a":"":"0a745c6910b23c78b1b44c02f1ce11b2":"0cc6724b9f3675619fbc70117bfcfb5871e903b0f01382e404793c1dfaff5a5b4131a7fc3041014941dc2c53871bee3ff18c08e9abbb13a8ea220cb89cf65bea1581eb8ac43d148203532dad8854616210ed7f1f9467e6b22071ccc8bb7e3bd89a0ed02a7058401aa4f2b5d0ce050092b650591282e66ee789bbf032dc105503":"":128:"8ec41e9c76e96c031c18621b00c33a13":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6c9f16c5dff4bd8d1855995dcad1c4253759b6e2a833995b":"":"3f25e3210d6d9caa8725eb55c6813cef":"7c6a66d930c95ce1028310cfa3670b77ffeb5e9b627a667859665c1dee8e69930c287fb1f1a3706ed1a0d35eb6d1becb236352a226a5b686bc27e1e1dce4ac6d5974d88b9812b39ba289b2490821319b5fd677da23fab3adbae4fb3630e2571ac887ed951a49051b0cc551e7ebe924c0cbb1c516f71db60e24773430dc34f47b":"":128:"5e000478b55ecb080c1b685f24f255a9":0 -AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a8e393e00714cd94de0347351b924ebd555003f3a297493f":"":"9c7eaf730fa8074acd372fdc53b726c0":"ce4cb46e67d85c5e68afe61ddecb1a36da4de42774d45250d0d52b328834385ce1ceba96f703daab81d7a981cd80c469855e14d834df41e4c0c98873f3dbb777fc0562f284c466b701a530f27fc4e6838cecbd162db34b8e8a23131d60d1f9dac6c14d32a2141173f59f057f38af51a89a9c783afd3410de3f2bbd07b90a4eb2":"":128:"66bb46adf7b981f7c7e39cfffc53390f":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd356a8acd12b06de9f63825e93664cab1beae7f4112cc70":"":"72eaf459b8af0f787e91d117931e3cdd":"9295b227be3e1faf4e969be6c7f20d507431cf5da9e2a577c9b31538058472683bd52f0ad3f2fa9f68159c1df88e7dde40d6612f8abb0f11a0078419b34b558d9144ea6596a09e5d5548b275620e5a3096dceb2768d2f77a0b79e0b963387d3016ecc2f155d9182e3209d97c76329b830bb62df195cb2be11223565f496e751a":"":120:"2ff4aecc90e2de9a7d3d15eb314cc8":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80ecc9587bc2cec1ba87ab431c7ed03926169c01eba19729":"":"5a65f279f453572e169db33807d9b52d":"29520d9020efa1ecf514e39a286f398c7225b945608d4b57ec873ae8bfbdd40e4cbd75b9b535c9f171cd7913ed4b21e09d6bb030eaa27ca58b08131817113c852b6cbdf550d94dddfde8595e689470cf92f9c20960b936ac0692171158e54041155482f29e4acae41565d87f5641d1aac96b8cb763b7f1267ccdbce234d067d4":"":120:"83dec0fb36463b86270656681455a0":0 -AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94345293fb7733fea9c8b94be2f4fc26f8c3655f583e2b0e":"":"8bad4f3f289b9f4063ba39622ba2b7ee":"7e2b6520d7a554e612d01f462606c0e6d0181bafece1daf54f4316d707483a5dcd4275a08caecc1c20f3e32872fe3e57fa62d598949f5e49ef0efd53e918617e0a140338c007025493f2e0f8dbe5fca4a57d1db6333551bbca79243a73ae8a68dafb3089998359159df916ee6ba4f928a6a173390f15f2ee6045d578dd757bb1":"":120:"da305181a12517420c6f0d71fd3ee1":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a3915523031c3caa58ce02c2b1e6ee2eb42cdaf31332432c":"":"d5416986beb3131afd6b7967836d243b":"ba4e883147c8f07afc08735e6e439798bec60e00ed3f5982f66d6b82a9af7580934112a9858f83abbd71193190298f0683453d3f8388c475fbbc8f9b6a3d2c77046b73986a54cc4559c57cbb86330267e04bcf5fd583c6d2968a7971da64c99d98623676154b0ee413ba531ebf12fce5e06b4ee0617e43bdaeb408b54d1b4445":"":112:"f273fe664e5190a506da28ea8307":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"799d3ff266644128f330ceb8c028297991b2a5593e4afa3b":"":"9d27061dd9d50817b3086f453f1f401a":"d3b5c420ac597daaac7503cd17f580e94ad779fae0d4199ada2c7da7c4a611228752375647a03241f29f810d3a6a74a140ef9651e4a6099259f7d41ec4e51a02917e8cc35edf7f60ffc473805f56f0ad51fcc767670157c050c3214d36f831a54bfeb7ab2039cb10f7919b89b0f623a572aaed313983b105fdff495d979b8a84":"":112:"e690c9afdecea2494b6cf5a576bd":0 -AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7480905cee8be7f42b9490936041a19b060331712882da55":"":"27500a09506e0133c88f65e77721b547":"52832d4118fddf182b21513db25d54a19220335f8676ea35c0941d2a38a3aa536b8c9cbf093de83c6b24da3372baba2826289bb3cac415795b9bd3ea62bb9b48450978e79b936cd70cd551e580a6de3418a2be0f4c1f062954aed6adc94d805e59ff703d239fc2318b80cee45c57f916977b319a9ce884d7e02726fdb71c3287":"":112:"52a5721e98ba1a553d8e550f137c":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"042db3f8af95ad68966bce9ca0297ed41b608683a37457f5":"":"32d3e97edd3f393da5abc3827cae1e67":"4d7c2ee6e024e95a6e684ded9898f5c7fae7da8658bdb40560dac6495e46a691e97c047e66046b55e8cf9b02d31d3caeebe3a9f8aeed756d6b0da1ac5d4ba2c5e7b54add22f681ab1d5a2ac1463e8447e08592e0c2f32605bd02f2f03c925a2159e5bdd880323f4ce18a826a00962ce418dbbd5c276e3ff30f1cbaa4795d1ce5":"":104:"e2afbb95a4944353ed21851f10":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f5ea90f99fc76594f0f06448321bd4bb5e494a5e351e41b":"":"002a5da3c543ca56dd7e5b013b094f70":"b8150b50e36de85158a96d2096678f31f179c8765ae6ba5723ca655e890528eae96d438f9d9365575dadea3cebb4d7df3a9d5323f93696c40781a6661dd4849531e672f5cee7cdfc529416c9c3faa889d0f66ee4049c949c3c8459680f490bbb0a25e50af54de57d9e3241e0dff72604af55827b9c4d61b7d1a89f551cea2956":"":104:"db9fd90a0be35a29f805989410":0 -AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da287d34379d56f542edb02ea673bac097150f87648a57b9":"":"6696034b1b362927b89ae1b7ab5297d7":"45818b7b69b05a121fe5c573c9903cb11477873b24a544ba919baec78d1565f4ad0766da58bfabfaa17ac3c628238a4d38b5c0b14b52e397bcac991408dd7b322ff614bd697ce2b5b94ca155a4442ddd9e502c4a5f81210c32dff33481f4211897db38f619b308f3708d554bdb6c7b8a4d2a80ccdfd5f70501c83502a312ca8a":"":104:"8e65d86edc071446454a1bef34":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1782ac334cbffc92769a170c3cd43915f735b4423ebb4dc3":"":"736f2f24cd04e26d38e69c55b38cca7a":"5827d391efec2f8f102e5f053ac496e2910248a0eb72e8a0b3bf377c6349df02ab0410a3d28bc27abc7cbe582a03000db57843565e4fb06c4078de75c3f1a21130d55befb7ecb919ad789a4de2816c3a42d4e9b32e38d980c06045987d03739cbe7710d839c42f04f5088072c1a1044c3b89809b780e74e54ec135fbe4129ee0":"":96:"c6dc3c4ae52f3948503d84a4":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20529c374f21c97b0a8f96f7bd5bdeb3fcd2b12db30b3ee4":"":"e6e45b7c28f7fbcae658acb533614e48":"b41290031906709ec8048f450a940eff0422a6ebc7b44666c05f17aec9debc1bfecce62d896d5df4618517fb57ce7b04ef1579ebb2636da0eead063bc74ec184b0a69ca3eba675fc7107bb52a49f93783608677565205ada7bf5a731441e44cede781120a026cc93cfe06a06fb3104a521c6987f1070823e5a880cbb3a8ecc88":"":96:"e9ec5ad57892ce18babfde73":0 -AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5634789b29e373760ecb9952f4b94ca76f40dda57ba363dd":"":"7cd1d2d6beef44a6d6155181dfca3dc6":"0130a67935e2df082a95d0bc6dab17093fb08746a809cc82da7893c97c5efc0065388bb85c9c2986a481cc4bbdeb6e0f62d6cd22b7785a1662c70ca92a796341e90a538fe6e072976d41f2f59787d5a23c24d95a4ca73ce92a1048f0b1c79e454fb446d16587737f7cc335124b0a8fb32205e66b93bc135ad310b35eea0f670e":"":96:"4006685e2d317a1c74ef5024":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0072110572321ad9804efb5bcbc2ae7b271b1cbb0f4897b":"":"604ed8056666b17fd27b111afd419375":"97f68c00513b2247bc88a331a3ffa1208038736d6761b3b080884a8dd46e0596f2c00c1a93bceeeee814210e57d7f1cbdb4e0c2ea6a0834baf716945af9aa98e2826ae0eb5717b241ede2b9e873f94c1db9eb5e1b25f75827c25849a2c7b92098b54845ed81f52871a2b0d12d317846cec34defaaafc3bd3cc53a6ab812bd250":"":64:"64881eaf78aeaa7d":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e91e8c2d6928bbaf870e141ee34d3a56d00dacc8c7e50514":"":"6f3d661a3e321844d1fc12d5ec2becf6":"fc8e5b45ad1647f9dbdbb6b437abecf0a8ac66065d0e250aa2ae75525455ee13adce8c59d643b96de9002d780db64f1eb9d823c6b9a4238171db26bf5d05153d1e3c839b93495084363b845fed75671ace0c009800454596674217b19832751252f051f3995776a89209c1636b4f4b28a364bccdedb78ad36876745c1a438406":"":64:"1f4f495adfed6c1e":0 -AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"138ff9c8c556ffe7637f7602cae428d7e20dff882d44ddc3":"":"38d7005fadee55b5a0434d924d971491":"3facceb047e486998c945839ee5eddd67054bbb28308365b2909dabaed29fd5b7b34644043fa443165e07b20214710cd652fecd816d9273c700d6828d216db8f3ceaa9eed0e251585f4ee5ba4beb3c0582b8128a3ecc01f4b29cab099ba2a8931e56120802fdf6004a6c02e6dd00257a83adc95b3acb270e8000fd2126b8eb83":"":64:"fa8aed1987868388":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1187a34ccb75fc06dafeca0235186c64ba929adac6cf6e49":"":"9dd515d3481f21efbe43198f623b34f7":"8a1b00ea5d1f4e451cea71b3d2fc9bb03b9790a8ae8ae262b3e97ebf34911f9d865c8810b9fe779fff701c72f3639654e60898d1f57eb93381749f0e2cecb4ee342f5f34473215d5c46818338ff688637217fdfa8b7ee552db01973fdb6084c3c20b530863eeb1ce798046890994f5625df2a56042d62742097cc10d512a543a":"":32:"83f45529":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c1052610d05fb77543b6b517eb64b487ed902f9969a420f":"":"90f4c93301371158271a8f46df1c86c9":"83d009a1238f8aa40e36cbddf08a5f3d96403a03f7d079359cd6d3d0c719bf79c908654882919dbc6c27db34007b6732cb344a0f4babd26b1209ce6b134a8d2318f9a38af034b265562097b63794d7efee306e97c6ac0a991b3764ecd936c87000fa58e6689e302f12c2851b1ffc950dad7a553c8c67e01a2270e1e5e9caf30a":"":32:"30b3fd85":0 -AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3dc62e54957bdd1968be71b7d205fedaa291349d69f2854f":"":"b8bce0f9263688ca41c4cefb26e79453":"22b6d92d8908bbdbcd0ff35299eddaf0cfb039befa2d2d83c896f373b92091d145f1771c58d60f94d3548d0cbbeabeb796d7632b5da3c66ef75cb41a35e7d1b032ccfbddbb9423e0ee054bd56b6288bdf1b616492c85393e4134ff9c066b23f3f626eac63a5fe191ce61810379c698de62922d3bdbe30697a3e3e78190756c3d":"":32:"67887aeb":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f170a6a761090355592968d67fb3514b8bfdb41cbf121341":"a050f858c87d56dfcba3ac1ccf5ba60628b3ab1b89845682a95b7f291c80f6eb1cbced4fa21e3584e21528746231e7311ec319a0fcecc329e1a7aaed0a8548e613e51db78c86c8d0cefa15e30b745b952809f87d8a4a7bbefc76a8eb824827d4334201bda7743dc497ef5fffa2812e67f2a04e5c10bf464179c6178db932ecd3":"e02ef73aee414041b137dd3cae8f2765":"":"c08c9bccf298c8a352cd72e9174f57dc9bf64d65191a9e97b43ce70afacfe76feb5b2695d72ea4635fa94144de02a54333a77c7d4adcde17c166b303f1d664e6edb081a85433a7496f91ce640f113935cdd4e7ad14c95247506ddc6620913b5c67422f599ca00b95d62a9371e44c5af5295bf96743d0f1228c96e95af3b4d366":128:"d64d9ac91548dc1bad618509633e0c25":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce5a40618b8bb2d9fc1d87a3333a9cd4945cfa838c8e0c6":"4ad4d103da3fb2ef8adcd1e0e823f4a857f1d6fa6273bb66574033c18ba2f760951ee0fdbe06c5cd3a0a30bd11142450f2d7e71af2fa7b9556b663fc30766508aa24e1fb2219f30ec23a6cd48b58944541d1f3e3fbf596e2ef263bddf789e7a666a68638081f0ec1a6cb3cb7feb0fddbe323b307675324ebceb25cba6d9002d4":"0c4b6c940d091efee98bf27fad79b04e":"":"ad611dd6ebaeb5a634d4bfba9f965948ea79d16294b976b7c8bb57240c5d13e10a9fe7a5b5d39143000b4f24fc331cc4988685c8d6401593a420c12e6cbd7cded06504d6a1034f70153f7b5019084a66ce818761841cab52d5bcb2a579a4acd9df50caf582bc6da2b94d4b3b78922850993ccec560795417016e55cfab651473":128:"317596eefdc011081f1dda6dae748a53":0 -AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f71d789a63213bbe17aa14f2956e9da2496a1efd1a63f6a5":"f5bf20dc6a11ce5142ff34d6c4771dbee4e74790c4ccd3cb5af408a5c7bd706bac550d7ed56805f550efc7648ab501fbbc63a1070402626c5788f076ae40e6bef2b9aab9a4bd8550fe38f7cdb0fcca2657ca26f1f729074326f45ae932182905d849b1534d3effe20dbfc3fc26dc6453d6544d481e58891405dbf876d0f254e8":"17327996f18c7096fc5b8e375ed86f47":"":"fed961a497502b2e49043ff29b9426a1e864a7fe0a88281a1572fbe62203f071710ea1d77873906369b195919a7bd5b44cbabab6eee23c3692cb8b9e4db7ee595b8d4b063d209b11d64150c45545b7eda984144e1d336a3bd3f187834bbc6950b3e7cd84895a3a5e27f8394a9aa9b657fba77181c9040b741c12fc40e849ba4b":128:"9dba8faf9d12905970ba0e29bc7e9dc4":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83182ba753ac16554e873281599113b7620bdb042704bce8":"6915d46189fcb0f9ab9b838da2124ce06398d638fec9c1c53f07a43fa0ea09feb2bf868fd1dd521f301f9f38e2e76716038f34cc0d18ab9bf27ac282dc349002427ca774e211027baacb9f6bfad6fd7885a665e508f654bb018f0323215153cd3a5b3e7b83482c08cf07ee5ef91d64a671b3ef22801ff21cfae95d6843ccdc16":"805c6b736d62f69a4c2cd4aa3745a615":"":"76dcefca6305ded697be4488513cc3fd3d9f08f06a7c1a9133b9b3fb0f44badf5c7544881b5babcb873cab912cc8a00337fc36100e6a5ad998eac5d8568795b41166377c5114757044b9b73206d19fc34b6378a06d55b5d5e9498c7693e818dd962af9b9da2345f4ebf152f33fe85f3398a65ad7dec823a1b1155c38cf67df84":120:"746c9972aa8481253d0d54db77398a":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b176e7a68da4c74aeb91760448c0257b1e17101299e1405c":"691c436811f82e747468571f80fa8502ef5f25936fca58a8fb6b619a7a95f4938da558a3b26a2f09c8fc1f5bd347c7724d9fa377d0a52094bfaac88f3fa9b3dacc2f56d880e825809533da5980a63e01d6199fbea07f3d070e29c5d50e1013224f0ea86e7c008e3a2e63df394ef6ad93ea97d73fd4429feee495b144ef3a0d6c":"42e2e70b0096ebd489bfcf4d6ac0f2a4":"":"81f9c34c5b0668fd58ec8822c6ba75bd7eb0d1741260fad6ad5e637903aa29d5f5facaccb4b885f62e10b7371f9b6b43e3aeb69bc5093bcccd49f3ee744e49f87cd2a2c36c808c47e4687194cbfd4faec4da66b99e3d4ced9cb8ac6ffb94d7fef3ae2b92b9f613f2bda3ca6c8efa9c6df8bec998e455f6eb48519e8f8ce4e526":120:"26d0921dbb7987ef4eb428c04a583d":0 -AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8bab5bf1cd8f259129ce358cc56ace2bbbbaefa79727f66e":"57385955b9909a0856bf54ad25d00779cd7d3dea78e1ae8965c4b7a568934d15ba1a7b2ab899f69fb1b864bd4d529319b51bf85a9b63de9cd51997ee4b2f015307cc42be9257e1b0a84e1c9e55a370476bff0a5325b21850f5b686a3bd4f1599f36d0772c406047b8ef29245c42ade862cb9d25b1e108db4f33a42dccf45c985":"ca5beea7dac2d9d24d548463977d5956":"":"67deff1accc4f279ec2eb4c2a515c17886371bc4847bdaff4aa70e170775b64855a6fb0d347baf39bb53d7239b7a63ce451effc69e8d8c3e544b77c75170a68cbc45dc96ad238aabeb5ebec159f38089b08dfbbe94e1d3934a95bd70f0b799fd84a8f563d629a5bfbb4eb3d4886b04e7dba5137d9255268dac36cbb5b5c8d35a":120:"f212eaad0e2616a02c1ec475c039e0":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd0e0d0c7907bdb4b4e60510f73d8ab2a30700349206ce22":"e6835a650047033a4940f72029857fae6fff2773f2aa0e4f7cb0a4abe86b6e8cb0c3e468637057f7eb20d1d30723e3c3107d0f579e31a4c3e6fa8133e1b1b51fd21a8aa80ec657c4f674c032bc4a2d3e1389cb877883317c4451ab90692337bd8aa6e9312388a0acddb508fa477cc30eb33a886e8fbced97492c9d3733cf3fc2":"1f183eea676c7ed2ead9a31928f4df5c":"":"9f1a3017d16024dbfea4ba9df5154a6a2c794f00da070043c17f0204f06f637c8fffc760424187dce4fef044faccadefa1b1bd818522915e389d307caa481af0f1f767c38216fa048f621d46880afca5c8fc582853dec95d19d19cc943e9a1861597c99041c59e8bf8e7245f9e30b1f6607843a978d0ae7a4e0f716dabc9d9f6":112:"4ceea20bf9616eb73cac15fe7e2f":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d59c476dcef60a45be253d5cfbb24742de9e3879bdfe6949":"144696d85126c682f8446fcc2724fabe4b8840d46f3de6ae2ceacb2f06a1a80fed430e3a0242f4f7c308611c802c8b8e9c992b78a5cf401fe7a4671bf081f97520919f02b66e8bffd4fe3f4a69cf3d16667e7724890cc4b66c6ae487d2d987bfacec424fdc9865af4474b04cce03fffc828b2df66d99087e63f35eca52abe864":"9bca808f02295477f2aa7f6ac1a7bfe5":"":"9d23989edd8dd9911a3f5a80de051ec7812c6ce018e683751380ff990a079f3502ec0fabfcdacf6c1fb2503094124c39ec531b5d29ee8e4e46c324fc10dbe0f31e9aa56522bcc7085ccf768425227cbab6db4127671a4cab7bc65dc1d3d9d81469493329e29a9a1cb7e5e088e84eb243493cdf1a49b16fc8d4ea2f142aa9ad23":112:"d8b20d72d95a44dfb899bc6aea25":0 -AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f1594e840375405a682dbc1836344be8c6b3f3199ee7fd6":"9bc6b715c65347a383f77000b3efb33b16019d01605159e09c116ded52d20721bcdde3796b6f4dc33cb29ce1c48438e95d4db6102465440cecaa50ca33ebce470d8986663652e069079f9d92ff167b3f7ae568218fc62ff5a7be50b3b987dab4fc7979e5967bb0574de4bc51e774ba05f9780a49ac7b3ea46fdf35804e740812":"7f1f4a80210bcc243877fccd3e7cd42e":"":"773d6901ea64d6840ded9a05a7351c0c74737ad27e7c3dbd38dedcdede94722ae67e88851ee471aefc1f80b29a7312fa2a6f178ef2c9dde729717977e85783e2e49a1fa2e847d830fac181e95fe30077b338b9ac5d2cfa22ff9348a0771054322bc717343b9a686dafda02d6354cf9b53c932da1712b9bb352b2380de3208530":112:"fc3e0ca7de8fb79eb6851b7bca16":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"88a6d441c1b7472aecf92c294f56f3c1da1702d174eff431":"eecc12fbd00c636a7ff897c244593239d2dbca9d1f370660c9bf9759cc41dc6e95075516f8d7fc06fa91ff68701777725171c2dc0767a1953fac13008d77065cce8ee329283d3f64adb8a298aa100c42e75d62e47fbf5134a21b826fcc89ebb18707c0f4d54f6e93220484706a23a737341c601b56f6a28cc8659da56b6b51b1":"058a37eaee052daf7d1cd0e618f69a6c":"":"0f5e889deff370810ed2911f349481dfb34e8a9623abd657a9a2dc14df43dc8917451ddeee5f967af832296b148d6a5d267be4443e54cef2e21c06da74f9a614cf29ead3ca4f267068716a9fd208aefa6a9f4a8a40deee8c9fa7da76a70fcb4e6db8abc566ccdf97688aaad1a889ac505792b5ede95c57422dfec785c5e471b0":104:"5fa75148886e255a4833850d7f":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abb4c4f8d3c44f07d5a57acba6ccf7852030daa84d09e13a":"24d82903e5074beb9a769f24a99b18c7b53c160a3c3ae4065335bec1c4170aa4c656bd7c87a8a13c0ffc6653c045445bf8a135d25a13b2d44a32c219adc6ea2695fb9e8c65f3c454dc0e2772f4a4ce51ff62ad34064b31b0f664f635de0c46530c966b54e8a081042309afb8cf1f337625fa27c0cc9e628c4ae402cbf57b813a":"c9489a51152eec2f8f1699f733dc98f5":"":"3e5528ab16aed5be8d016fe07f2ff7ac4d393439c4fe0d55437a68967d685815e359fdb8f77d68241940ce7b1947c5a98f515216254ac29977cc2a591fc8e580241442d08facbdbee9a9ff7cfbde7004346772b4607dafb91c8f66f712abee557d3da675bb3130e978a1e692fa75236676b9205341ead5277cc306f05e4eaea0":104:"fecca951ba45f5a7829be8421e":0 -AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cbce5e6d0fdcd3ab08ccd86115149b5569584dfadf40256d":"3974339a1b90b19fd3857d812a0e59dcf43f9b0f360839940b99834ddedead79785396ab8fd0fc0e523c06f0555371fd5bc857a95c3ead26536e6deb1faabdc776ac7cfec4b60d9c24b0856ecf381efd98f941d5b2a38108922d9cf1113d1e484354b55f9c0f09d95a77fd30ec9cc04d19199931e187c56fd231f96fce5e1eb4":"ae3a25be73876b6e9dc88573d617653a":"":"4f57be0de00ca2c7c52c54b931c235fecb4ee1e5a30e29bf68f57248bafad87e484cc68465d9f64bbf502cefd2c84e5596c3c8e58a9fb51a8c8b132579a94bc32e92f7c7247dc5f69fda98727c423de5430f01b37d77e3ae6bcd06eaf5625e5c7c9c228b9dca5aad8f571369fe0964731bf1f143f2f709c7ed51641ecfc88ebc":104:"33375e21fd8df9f0196198b4b1":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96779eaa8699469e2a3bfae8a03fd4bff7abc62d427ff985":"a343fd32fc513e0e9772acbf99feafe9de4b54e404807999b02e921e0914b2d64d0d402ef06f31e1db852899fb6db231ad4465af015b0c16407fa3666ef5c2a6d52d5b4f60b0f7fbcb13574b2aa5183393f3a91b455a85b3ed99d619bc9c5c2dbcc4f0a61a7b03e5ab98a99cee086be408ce394203f02d6d23a1e75df44a4a20":"cd7dca2969872581d51b24af40f22c6f":"":"74422abbde6e4ab674025735874d95d9fe3015620a8f748dbed63ef0e2271063b6c0d65e00d41bcf4ea86ac8b922b4d475f904c0724f0adebc2eef4a3abd0f9efd75408cc054cbd400436e0545e09e6b0bc83a9c7d1c1717589d180c7b1d4fe4ca18bde4d9b6bc98481b7971c7eb81c391ac4dd79cdefeabb5bbc210d914d30c":96:"b0e425435fd2c8a911808ba5":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39bfb4cf533d71c02932e1cd7b800dca9ce9bca843886962":"de76f63ecf9c8d4643599f4dc3f9ed837924915ce4216759013cdb46daa0a508e06bcdb77437b0a58c40a0bd30a05ca41433218c6869f1ecd26318aff27999a2ebbb651de8e03061b8ffe3e14060720eb35a8e4dfd8c870aa4562291e3758cc1ea6c4b0fafcf210e10b31f8521bb0f6b29e8450b0cd6f8c8196ca2f7acb807a3":"d2b937bb5d2ea7d54d2b96826433f297":"":"0b0b4c92f06b17103ed581fb32d46e874fea2a2171d32aac331daa4d6c863f844fbbad72e455cd5a3ef941d8cf667fed5855da6df0ccd0c61d99b2e40a0d697368138be510a2bf2e08a7648850d2410e4a179a6d0193e49a135524092ab1f842ed4057611daaeb93e7aa46e5618b354a1091a9e77fb92a8c3c0e8e017f72deb3":96:"a188107e506c91484e632229":0 -AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"41b7d80ae487ac35aa498e5939a0f27baeedf48a494c8e91":"c26d4b918a0c967141fb5712a28698d16640d200b2934187b81ec58486b706ea1caaeb654e5fbbc0d078215aceed7d66939e0fb54d6131d8948cf58ec9571646ca75a051c2b5c98fe16f7733d42e5897b0263272015042f3134143ea3b08bc65292d8d31f30f2ed9830ccbfca2d33d290c28f4dad07c7137a4ca05f432a457c2":"626e1d936b38cf9c4c3a44ee669936ed":"":"8998e799985890d0f7e8b0fc12a8a9c63171e456ef5cb211f836a2dc7c9e3f4d1cd6280f9b0c469b703c55876b57cd1d8cef70dc745e3af8438d878cb2fe9fb1c5b2d9a2d90edf3bc5702ef3630d316574c07b5629f0db1510460af8e537dcf28d9c5b5cec6996eaa3dcde3354e39f60d5d896d8bb92718a758adb5cb9cc17d5":96:"69901cbafe637de5963e7331":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ecce8fb50a28a085af744b44bc0ea59d6bc2c8ff1f2ff8e":"54300bfd55b227b4758cf64d8a3f56cb49b436adb4b927afa8c4b70d2584a6cba425af4fbc3840dd6f2e313f793cbc7aca8219f171c809cf1eb9b4ae8a9d0cf1a7aa203d38d67cf7719ce2248d751e8605548118e5bb9ce364349944a2205e1b77137270b83555d5d804edba2f74400f26d2d0d28eb29d7beb91e80ad66b60be":"b7e43d859697efe6681e8d0c66096d50":"":"45dac078c05e6a2c480543d406c23f3dda63f2b616007d08fbfb075a90eefab8dfbc26d334266f5d72fbc52800cf457f2bbc8062a895f75e86df7b8d87112386c9bad85573431ccfcef6a5e96d717fc37b08673bf4a5eecedf1a8215a8538e1ddb11d31a24cb1497c7b5ba380576acb9d641d71412a675f29d7abd750d84dfd1":64:"2dfe162c577dc410":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6773e627f6c49a1687a3a75d2ee6754ebfc2628bdfceba28":"eb0a64ad510968c68a816550d9fe2eccab3bd8409ab5a685a8638f81b4b50a9a96318bff4e86f7f6e9076960be8eef60e72cee4ea81f3ba269d8ab4c9581a54638421520a6411a83e9dc83b6981a9dcdd9e4a367d57f156d131cf385c01a736b327218e6b6468d317ff78a01f1588c359a3a9b188bbe5d3ffad6b57483a976d0":"ad85becb03a05caa4533b88940ca141a":"":"959658fdff5fd802fca5c5a79d59536ba8ef1359ac7bfff81264c7827bd31b8f02ecb54f309b442a54a5a57c588ace4b49463f030b325880e7e334b43ab6a2fce469907055e548caffa2fe4679edbe291377c16c7096a48aef5659ad37702aed774188cb4426c3b727878755d683ed8c163a98a05f069a0a3c22085600759170":64:"4c0f4621b04b5667":0 -AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c086f7404c14160f33d6efde231eda610f92fa55ac147b4":"fc8e5cd81755e489de7e3ddd2b587149ee013bffa2ce198c514641b0e1659261edd60bdbfd873e30e399869748bfe56ba543ceb9bf5fd0e7ba2b4dc175c52f28a8a02b4816f2056648e90faf654368c64f54fd50b41ea7ca199d766728980e2ebd11246c28cfc9a0a1e11cf0df7765819af23c70f920c3efb5e2663949aaa301":"71f154f1dc19bae34b58f3d160bb432a":"":"6d60da2fd060d2aec35faf989d8df33f2413ba14842b0406e38a6a847e191eac9f4570cea647c3988faaa5505ea20f99132df2a8799cf0543e204962da1fd4f60523d7149e0dee77c16590d7e114ac5d8f88fa371dcdd254eccaa8316ee922ba23a0a07b289739413ddffc2c709c391afee9289252ddf3ddb62a4532a5515e35":64:"f47bae6488f038fe":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae1b3eef91ba79032117c60fb847d46f18175565d0ed10c":"9b71eeccdc91cb5f7a567a9189774f4c30d96477b88ac553df66b78a56e5c9e0986a17d80c811116d31985acfbf9d7a9bed291aa2fb6329457a836b3f8f11c16416f0a3b86dd9c717c8a050c6ceb5c27d8e2ee0dbe63f3e1e4f0aff4809e1f6f6ed64d31d494b7399cfa0dd9446321bd4256a49d0793a10a670e3f086408428e":"cec8b66a657e4bdf693f48ac52e60770":"":"015a318acb6198189ce908ab1af28578a37a48beeed772c6ed4dceb0a3bcb092df85f653234c56a25c075c8e028d4a8d90d974fb0477834ae2de8d5df53d0d03a979450b6e7a66fdc9b11f879ea9072699837f2de7192156f8e5d9411fd83d97d31fe63ece4e4326ff50a24fc75004a5ba2bd4845b29e0794696943dff1e5d6e":32:"9cf6f90a":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c1582240ad301f831902c66334546dd681c12308add0870":"d4b716b49858a23aad478581cbb6dfd015ae550d76497229b5b1776e83f2ded8542675c63ca6a007a204b497ed2ef71ca125d91f386be9b4213cd352a797a5d78a1373f00916bb993de14e1a0af67524acfcc9fd71daa32e5def9a3f2dab5b3bba4d2f9f2cfc5f52768b41157fe79d95229d0611944e8308ec76425a966b21ec":"b6f4f3959914df413b849d559dd43055":"":"79964f8775c78009bca1b218c03056b659e5382e25e43759c8adfa78aec48d70b32ffd56b230fc1ce8c21636a80a8c150e5dbb2bd3f51607d97ed097617963dc6e7653126fe40cb36a7f71051d77e4f3b768a85ee707c45d33cc67473f94c31da3e8b4c21859002331b5f7350e3e8f9806209255ceac7089176e9d6b70abd484":32:"79e5a00b":0 -AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fd55a356943824d20630b1539627ad1a9dcd8ee2cb4dbf49":"b8d8d6dd0631f9183ca858033a31dd583d3ee3b9510fcc69d8cd412016bf854b9edcf65c2831e63d72f4cb61a99f6f4e6dab0c2ce9c5a8cdbc179ae93aaca2c8a5b848a15309be9b34e5226aa9a5908f543fdda983fec02e4073edcc3985da5222b53f8c84b9c54c78dd8b2712b59209463595c7552e28f2a45f51cb882c0354":"aa89a122c68e997d0326984fa5bef805":"":"107a9ed561e6c45c375d31dea321c7b4a4b7641024d2c9eef6a103a750ba15e1acacbcae121510b4f56f19d29e6fb3e6fc06950b1daa521528f42284130a40e5a6c1b58b3b28003673511abcf59a4b9df1548a00f769d8681978b632f75e5da2cf21b499a24fbdd4f7efe053d4a1b20b240856d3ae27948e35098aa617def5bd":32:"7f9c886a":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4cddc8f525640fc0a0875c65b788ea75c673f84f4aacaed4":"55e3ccb855c1fd6d33e28d308485fd85abbd8ade1299936996851d44dde063ddc37962f9f67e95df02eaf3d877516240771c469be2abf2ef6c8dcbb79eb1976f825b109f752079957a7c981faa2fcea599cc52e262b84f4c2031821619f0be6fa3c38d660e9eb3e0d5de2da6b83de9866eb3efbc6a2dff27e52587c6f79e1c26":"1b883a89413f62dd6d507cd70c048855":"eeaf21bc317660b0e2afb9cd5bd450ff0bfa6cfa7e49edad600f71b971347e93b9712a6e895540c665a1d8338f61b51da9e0a4a9122409824287ba4bc06bdbba10290a40b31b5eae9dfeb6471f4a0a0c15c52a2c677c4d472630d4078ecf36dc6008faa0235a688ebbe2662e46a49b1dd58cbee82f285f3cdebda1dc54673195":"18d11513661296035f6f42d264e0b4cc7ec47f43b758c6dac95e5e3b3834362eb64447d923e107a60cd66ac359cf3a203f9070eab9fe61ae64a86606c9b50a97a19e12f731de28719fe178c9713edbb4525b221f656a340c867405c41bed3bbcb9c6da5cc6a4d37acd7a55f251a50fa15ea8f9b8955606eaa645c759ef2481e8":128:"dec3edc19fd39f29e67c9e78211c71ce":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b8c31830b1139a60425f6a34387f5ca2be6f5a5074adf13":"95f4ea90729de0f0b890fdf697948053f656bddf57e3d461e7ee1770161904bb2cbc8c2f801481bb54145af760e91c8b30cb22faa87efcc6f01e3f798af0bd460475754726514d53f419af2f2c373c76f05bf57d3fc1b763f72ba0fd2682d9d1d76f6ce8d55b56fc7ba883fad94f59d502244804bb87bd06f1217a4a6c5055b5":"ab5bf317ad1d6bec9cac8bc520a37b1d":"5a47d7474be6c48fa4bdbb090f4b6da494f153a4c9c8561cae4fe883000b81769b46cd65f4ce34abc3e5c6880a21d12c186974b0c933a16ba33d511e79b5f994c38e383b93eea1259d38f9fb955480792206461dd29d6d3b8ff239ea6788c8e09c15be99f094d2d5980c6c1a8efe0f97f58f7725a972111daeb87d862a90a7d0":"1d0211d7d7bc891e4fba1ba7d47ac5a4f3b7ba49df69fcfde64bf8689b0eab379d2f5567fcff691836601b96c0a3b0ec14c03bc00e9682ef0043071507988cf1453603d2aa3dc9fa490cdb0dd263b12733adb4d68a098e1ccd27c92fe1bb82fa4a94f8a1cc045a975ac368e3224ba8f57800455cc4047901bba6bf67d6e41f94":128:"23681228c722295c480397fc04c848a1":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c2386b948f59ce651888451021772287f14a92d807d88a8":"44f00c8a7c84e8207ec15a7be0b79c88fa347e2c3d5e8d07234536d86513bc39bebfff02efb9ff27280eb37f7e8a60a426538bc1e3830bca0e76faa33b30719fab51578d15df77893bce8740f50c491b8b9f1739a695c78406b5ee4d56f80d8d564b586b0f22ffa86eca46a9d8134a9507c5b9ad82757ec51b18741abc61f23b":"7a1f7d0be4c7f8869432cb8b13527670":"f76ea9d6e976616689709700a9638204e616f4c1c3a54a27fb0dc852990d81dfd6787aa5a83b9be5087d3f7dfcd522044911fa4186511de1957b80338025c6c4aa72058aa3160047cf42166aa0089e2ec1ac8ea6d9f5f2c057f9f838a72319dbd7bb4948da3bc87fc2036a0e7b5e8cee7f045463152ff80a1711ef1096e75463":"666c4d6d3f1bec49ba936eea90d864e8ecbe0ccc7b23872a4ad7596afaec628a8165a70397289a10c67d62942e1c158f1489a9de44443ac4181e74ebf2562995c9182b57bc960f4b5d3e33fb7cf7a0c32a59c716de23639de9bc430712524d74a087647e27ff1af87a2aa0cf0b58978ad8ed616b566225d3aef2ef460be7393d":128:"53d926af7bbf7fba9798f895d182b09e":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5852b4bbfa623e5e2f83b888f5eb6cbe06b57299e29a518c":"8cc85e520b45a85c69cd80072642ef1500b1e0a409c435d685544a6b96d3224cc40e5fe8a21c4959b2891d4a53bbff03db9939c655e6e92222c6b44c95204827bd800c74666db64907894bc4e3043fab318aa55a011ab9397592ced73f07a06282c22d9a57dd7a37eadb02f59b879b030d0a5005226c461281ce3061bf26de56":"b96f4bda25857c28fdfa42bfe598f11a":"0bfdc1b16eeae85d550a97a20211216a66b496c8c19030a263f896958e4d1decc310b955523e314647edcbe3f69970cda8e07f8b81f9074434fd86b8ec5b3fa8b155377ad28050b50523d3d185e5869bc9651d97c56ec6b8047c20d671f6dc657f4cdf73fd7d3caf4b872f3fb6376eda11b80d99cf0e85c4957607a767642da6":"b148312074ecfc8f118e3800dbd17226d55fc2c91bcbceeae2a7ca3b376f6d568dd7fcb5c0d09ce424868f1544097a0f966d354455e129096ec803a9435bbbf8f16432d30991384b88d14bcad1191b82273157d646f7a98507dc0c95c33d22e0b721c046f1c13545f4ed2df631fd2b8fc4940e10e3e66c0a4af089941a8ad94a":120:"e3f548e24a189dbbfd6ae6b9ee44c2":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2bd897e969ccee405ba9becf24787a1e1be17a571442c6da":"50b8ade5e6547c350c3f43a35a3cb641459c5ef902afc706ce2fb980b275fda62e8974d1577ef65ce9fd854d88caa10295d1045ed7563e9391d60700b5d2a4a7ba5f3de7a7d1541780b95a08eb3f0996d96aac7ee838b67ee869447617684c08566647a4991e31829907ebe4b32cfa46c0433a64f864b8b9316cb0ec2578ccee":"fef6a08d92b5b9bdae4c368fcd0cf9e8":"fb3144ec6d93704d625aa9e95be96351c6e25bccf1eaaaf9a1d405e679efe0f2da07510ab07533295a52cdc1f5a15ef5bec9e72b199625730e1baf5c1482f362f485d74233fbf764d0b6363075cebd676920a0b315d680e899733d6da05d78765db159c4f942a31d115d53f1d89cd948bc99c03adad1eee8adcef7543f9dea39":"e65ed5b6d0f51f8876f483f3d8ab8fed78ab6c2e1cf50693c8511e1cc9823e1030740ac33f05a5aa0d88205bb3071a087655f28eee7d0a07945d25e3dc00221a1dade4170cab9084c47b82376d5d439bed99150811843b176543f7944b1dd9684fa9a52117c2335dda750d9de0d9b3ef718123b6534cb012080f6ef8eda8d4d6":120:"468546d4199b9d923a607a78fa4b40":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12141d5834b8ca48b57e0892b6027c997669dac12fe60411":"cf475b50672fd8cc4ba84d17ab1b733fee2073a584d5427155f144ddd945d4901d5a9d76e3d6ae55ab3f9514861c83bca7d53868f35bdc8606a167ac83591be30ddb954ee173ee172e8d7742a71c0fee04ccd16fb5d54a45820640405209e20f8494f08d791a2a15f5cb848df689296a04e4b01e2c19bd8d9ca8b4525853549a":"b6dcb39939a31df176dcec87eb8db90f":"daf4e0cd0b29343defb65562594b2b6fd3f005e6255500330f77a0550c1cfbade5f5973e836ce7046bc2b2ab8bb7983830ce6ce148d0998116183d1aed320d28adef9ffab48e0f6d6451c98eb83fafc75fb054991d123965dbddcf74a2c01c746bbbc8276b77f6732cf364d8a4a5dbf5aedbbe16793e8c406ba609c90f0e7669":"4c2d979b9c2dc9cbbd6d4ed04094285a44df92e7ebcdee7feccf04c66c45137a7df12110b8af805f5cae9b4a225c3f8dcfd8f401e05c6ce937cbfc5620acdf3a4917c5b857bff76f3d728cf6a82a5b356fb95d144125d53e568b313cef11c11585d310ca0f7f1234090b1b62536885e9e39b969060ad3893e476e88941fe2cdd":120:"99cec94a68d3e2d21e30cb25d03cd2":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14b9197b7980d95b71ce1a1de6577ce769d6af4cb45f7c8f":"03b37942f12435f1c19dbcff496738207dc92edf1ab6935b564e693da1865da67fb51e8a838559ae1640da441f22ee79787f1e909cf3c32187b41a48fbc595df1c097fb37881b329fd7b30dd1e05d6052fe81edf2e10786acc8aeeb4fac636aac9432c3be3dafb55c76ec85cc13881735609773350b95eedbdb695b2de071a03":"cad0cfa7924e1e5cff90d749cfadf9f8":"283c8a38c7fc9dce071d4ff9ed79002a6862f9718678b435534e43657a94178353b9ec7e5bb877db5e4f62a2ca6bd557562989363c6fdedbd7f0f3eeec5445c41a2a8bc98117a1443ad4d5dd63a07806622cca8ea6f9f6019bd511634db28651b916e2399bbd84b03f8ec696ed5846f30320adef22ae6d164aed09edcfa25027":"83940097301e9867623c107d4447b250bf6db7d06f9e07b8d8bc6b72b079b725ea1f4b5f79bb80c518bc69a2bd73cf3aa7b88162773ac5b27a2dcccecce66e158ec0875937910e0b6f396cc7d7cac5d53b0fddf3cd70b570a647245a5264927be1b2d9c46fbc6a630b21fead46c4f35af1d163268e49a16083590893e6df4671":112:"3e3f677e68208208e5315b681b73":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80e2eaa70362203b7561b135db581cf32e9cd816464f0b2e":"62cc2db32584a8d90f348be32224bfdcefd1fd25c5cb05c7e74becb4b40ea09d6495f73adc1fd23d148c11849bd825efdf15e144587f785770d2aef2788b748c338373a0ea43882141bc9f7c693a291c512cdcdea6d5defb2efa2324736df7fc4b434d7f4d423fb1b8853ec3fdf2c1c2881610a8d81da5de5e761f814ed38e35":"3d7e99ddea0baa45e2f9f2289d2182a3":"71663fab717ec4d9da34d4851437f4504dbd71b65b0d04eccc513282c351925c23892958b4c9dc023c5a34944ef507e0b40857d8b508ab7104d13c2fbfce2d086d466291aaa449ad36977837216a496ff375959afe4dd50dc2620a062c926b939ffdb144a656bc04bcca8d1d4fa0a9cb0a5d713721accef2d2c9688a77bb42bc":"1c56b492f50fc362c5bf70622f817e1814ae0b69db7e3055fc9e690d2adb940f9a78cfd7e08044671913baec663d9f9af6dede42fe16d200e8421d22066009535704b05b3775ac41359d7c2697e2f4bec40df69b242392eb30e2d8a664d84cf95ec21797f1ccddb72926cfdff22848d14e373f5e6c3dd349196464c98dc38365":112:"e0c1b140cd7bc4ded916aab8780e":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b7aa649cb1488a658b4387451bf59852e845ec7d2273c69":"245251595d10d719d8d00610d391735fad377b60d7430c7db488488c1ec25c12ee0dee3aac3d7dc19aa602924a1f27a2cfa8f6354315db93b5e4d2b6e8402c4254921e683ca681dfb3c7f433a97f119e01f2acb20988dced8494e086395351f2af356b11832472cbcb109c13ff92f10a4c8fe69bd264c8933cded19a980bdbd2":"07b50b1aacdadeb03e7488458db03aaf":"2a7970ee97d612b63d2a0c29e5045ddfc6621c237bc270b3147fc0191de199b6923947e3bd3750de5155e1df29caf96ac702f948c38619e218138945595156cc5f1dcfde0d1d6a5aec48ff37c9ff2b2209a904c59593779820ea68ad95898c7ca0d0d81583c44feb0fec30665cc56620a8c9408e4275e60f5284ed7c0e58285d":"6bd53e4415765f387239c6664f837371b39f6d7ff22453211e91de5dd14272784fffb4f6b2c0bb8c6b7d1cafc55133aa0d54d410ae383008fdd87645655062322fbaa06df0a2d7ccf4cc170d1f98ec6a7ad524a3e5b07761f8ae53c9c8297faa5b5621c3854643e0085410daf5bf6c7e1f92bbbfc3691eeff1c5241d2307bbc2":112:"78d37215234f9a32571d0d8b1e51":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"512bbb490d062fe5ecc8e5ad95920a9e9b78bec6a7694dc2":"862f2724ad82a53e0574c0a2a0515bd86c5ed0b5ae92278a78ea1a90c03059d08a91d1a46678aef862b56d0320e970b7f941b784841b4d8a38d056f2bd352d48c0028086a36426bbc1436da9e021dcac705b6e03649b426cebd7a235f6d060ab6302d777fc9316db4a85e8c1387648a8f5ce2398a247413cb9374124449e498d":"2d14fb3e058f97b7c9e9edd1d97cac7e":"290078e63c81abfe99010b8344ff1a03dac095e2473d7a31888102e838768892e8216439dc3355aedd073892f4449d9d4d3ea6c25a9152c329d24cc73eaa0004832691740e60f17581201c8f7f4023d8e55faa3942ad725d21dade4c03c790b5370d4cad3923527c20ca925a2ce534a652ed7e032cb1c7906aebbdc24e6b39a4":"44e78cf3a2ce4a5e498315cb8d5e841f926408921f3665d533caebe0a7fa6c164b3d2c0b21ff3a608a7194e3194fda165ada8d5fc2e924316aa4ce201531b857877c5519f875eb49e5908d8d81b69472d03d08c785ee374c5fe91b16aee173761af7ff244571fd40aadabb360f38d301463e9da8cf8dc44d20848688ab3be47b":104:"6037cb18f8478630bc9d8090e2":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3964ee03ec5e500f2f8c05313b78615420183fe2950be32":"b9424e4a79a08a7937da1da15061c1eb9a873748691ec9c1fc76aaa164bd34873d07437d203c92c0e89c0c5befedfbb17f721f576473253617547206fb2b340945536cd7a049864d099419cf3f7a9154c0ac8d676b0e9ec02947caa4057560af347ddb46002703f3531f27b2197790ba135e3d3c0709c86f4781890deb50f3ba":"d3d4e5fdf6e36ac75b4d51c47ce5b8f9":"6146a97a2a1c709458bef5049088fdf339e4fe29cbdf519c93d525b71c9fb501c4b58bef49d43cc7699b18fc89cee1a4a45834f517214a77fb3b91d741977308e1585c474245802118d0e2c7003057c4a19752a143195ec2a57102cb2a127d2dbefe1168492e072e74c5f6ee102a0c371b1fe2ddfd8ecbc04c6f42befecd7d46":"a2ae334bac969072e754c0e37765ca6253744941a35587bb4feda54233a7a59f037e971d254c67948b16e4c35f306c0984f00465399405ce701ba554419a736cdff5a1b4ae5ab05e625c91651f74aa64c96ab628243d31021ad56f535eae33a885b45730268f900b6df0aff18a433e2823ddb0628a7026b86b3835160e5121b0":104:"817be7dcf7adef064161b6c42d":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a8049f521fe9a00f7bf566369e540a48ab59d83305e2829":"67243a336a10b82a0a8638b35dc147c14ac63b20977922a13de459ae2cfbdb262a79004c3a656dfbc073ec8878595e24998dc44b9435439af117c9635c479676f6edb8f522cf01571be5aa5b5bc7d1cc3264436566f8d3c684973d1e88d46282b53836a1ab5a698560e5bf7629ec12cb141867f684b369546a1d8bf48315b6c7":"e4d81f71e1de8cf4689bfe66a4647f15":"4cf6733482c218af832e99970d0717ac942ebace0fed4ce4dfa1f710b9e131a21cc03dd3ced25b78bccd1991a30bb53b463c1440b6543b19af91e31c18866c2acebb78c2a340b930518e61a63ff8d6a6e8e7960523de40a178614dad4ce5ab253e1090a097f8ec00dfeecb46aa0e8f772f01c4e706de7e824386a13944600542":"cfa8ba247ada9e6b3e5ab7dd0a7108574cc811c2986cad951168559ff697b77684880ec266f0b7d87a2ff559e368a85846becee312bb2991692d928a7c191cfdb7f1468f8b84be4bb592ea640743443bd4941a8b856c57be21eb22fcb3f6c0a80728ddc9dc5fab1c77dfceb91699009054c5a4eb0714a10b74cf0e09fa630299":104:"1dcee251cda10b2ea8f2bfe6a0":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"657567a56e585c84e4033268f08f712aa280015b77cd657f":"96d889651c4f3f5120bee233f6395fa0bbba1f6548b109be568ff96f11d24e34d67beb6c20268feba89240674b0b4552d0a6455d43e8edf943da3d8d785a5221df8ddb3a98d2fc611ac7362aef71f8f004eb455a16d1dcac488ee83d4f11c4a00c29d9990c5a2a97b897d67e51faa40999b1e510ac62fa4859123cdb37d202ae":"94dc757b6bdbfe925b762923cd0a08ed":"a2c54e8da7dca49c73550bd1f5e68449295f062d5dfe5aa4201bdf353a2a1ac9c3c61f2b5482184cef481fa378a1ea990ce203c2c7d76993c62b415ece06b9b7caacec0c4147c0cbf292e528d97c1a176fcb1ca6147cfa4bcce92cbdfe617738a92273282c7a65fcb997bceb867ce01ec74541582d3961dddf3a2af21cad3ce6":"55a5d07a77fc37090c4206f19483aa3cc03815194ded71c2b2806ad9563edfebfcf962806ba829373947e3e93f4f39794514ad7b6dbc626e29fbc35f90f573da33ab6afb5c94383fd0fdd1ee074d650d192f6d08fbd1e24a6966a81a2ffd83fab644ee914952de77e9427262314ac47c11a44bf7d2890f9b9980499bb6a1f692":96:"41c72043f6116ee6f7c11986":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61159242d48c2ca0c30377ec2ad701135adb62d113c9f9ba":"8ae40603f6cdae4b63ac7b18b4bcbb83c65867c2ae270102efb6f00aa8af5d0400dc95085910a50a16cbcf71f06c3f3eab71345d59c6054aaac02971111c7146add8c072158e0b374d481bb540036a136ccb91523f96f24ea237940ab011ad38f2a3095c0785df91604be1fe7734cc4119b27aa784875d0a251c678900334a0b":"4fda7236bd6ebe0b316feeea31cb5ebc":"ed28e9954634ec2c9e2df493062abf3ea3e199299053a15ce8d6fe051d1076287e4e7c0b2bab0a599b763a29d0aab680626f280c4f5ad94b7792d9af532681f6e4eb2672781f2342304daff902d03b396853eaf585af4d3bf5078d064e9eea6e94e667722f15c004f4cf52253a5c65b75319b07ba539558d8a2b552390a21577":"dba251e35422f60f902f594bb58dce37131e8ae06b5f40ad23c4a70a5e25fe24c76982c9bc11a7f4e3cc62d8c1326170432633eba1634972a9bcd093b08e1c63ece07c4be79cadc888b0408e40c09636e1cf1e5e9a6f2ea44eea5409a2ffe9c3ac9a18ad7aa9041f08eb109c01ed90732a8afe0694319ef98a0269685b4d16b1":96:"b0feebfc8324fd1e9e40f7f0":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5b4c37150f8bf0e14e0bfd37ac14e606dd273577007f24b4":"48c6486b2691b86f5f107e8fe0122a821248206d2dd3ce898a2bb3772202ffe97292852bc61513529ad95faf6383b5f6c5a7c16c4cbe33cb02e5e50f32db95ee2962aae1c9c0f5470b3baa216cc19be5ab86b53316beef14397effb8afba5b5159074e26bf5dd3b700f4ea5abd43e93ca18494e1779b8c48fcd51f46664dd262":"664f553a14dcd4dcba42f06e10b186aa":"4386e28ebd16d8276c6e84e1d7a3d9f1283e12cb177478ab46acb256b71df5a2da868134ed72ef43f73e8226df1f34e350b7f936bd43caff84a317b1e5b2e9a2b92ccab1e3e817f93222dd1e2cf870d45a8458e57948a649360c6e2439bbcc682383b50bcd3d8b000592c3ca599e598a03b9953af485f1ecc22501dcacb7110e":"05fdbb5ad403d64011e15d27cd6f5a2247e018e479e58ad3fee1e0e8ddd9e114c0e82f2c947ff9af525ce752f4aea959463899542b85c9b413d065ea175103c3b3c35f56eea52af2c54ec08a1d5b7cd5ee4f59de8be86512b770e42ab176b6b70ccbcd264d6d5cfdd2e52e618dc24251ac339ea38cdc446c778d2db3c7c3e93d":96:"77f32401db21adb775e7f1d0":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"531a380b109098eafd997bd25bfde4868d2a1ca781795e9a":"466237db78d4c770a658b9693420a2e087c978fcc434c9ac82f3e2447b2fa08be32d2ce6da25846555ffe5764234b07b35dd1d1bcb710e8a49f918f2c873681f32765b092a836e9418faba61dc59a254c923159be16f585e526616fedd3acfe2748ce19ee03868ea9836bee2c6acb1b821e231eb2d30d300387c93390d51e3a5":"ad079d0b958f09732aaa2158f6215573":"09e002c2c48beaf1122411e8624522a9e90cc3f2a040c52ffcb91136519277c39fd6a79292b8835e0fbcaef2279218106aaf75036590f8a46f6b6912053a3b391849f7e204f096288d6141d5f80c7f91dd2f2b6ebc1ced6af8216e0a594814b56bd592df800299b29e26ed7461ba3f6f3cf151b9c10ad634a01d9c5e578aa372":"d1f49f94e6fbef7e21abad23e16c06fcdfa75a8c342be67baea8e0e57dbcd2971276e993faa124ac81e6be18f68af303518efd926513cee9dbcc5ef6cf5e9c068a1210e53fdd56776148d51597e359dbaa0570b4fe15476ccc9aa79f7c765755b6f694af4269b9e18fc62a0d47708bca67dcf080e200718c22bac256f641e7a2":64:"01ec395c99a17db6":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbd7a92120ff973ec69b6a8189c6ea827ca20743a8781518":"1583c1578a8c8d272a970f05d875f199e497c55f03f10f7bc934fee21c30379dad3c580b3f99304a5747b61fd43428506439ede2c57f5229e13da9cb7cd6174cccbb397e98fb90455ccf3ea3b1304f432a070a2eb5205ed863326b3b86d4eb7f54ee2ffcd50ed6ef01b3ee216c53f4f2659a88fb6343396b2ded0b389c6266c5":"57658c71b2c45f6ae2d1b6775a9731cf":"45ca8a168ecca7a42847b779ef152766b902192db621d2770b56c7d592207afaf52d19a6059feb76e96b90628995bd6517af3f114e97af8d602a493b77405e93095fee6761877dc292fab696a4303102dece60951cca20cacb171abdcfd0ef6da6c90b44edba63b9b6087d876b3fff24dea909899ebd0d0371c424f51a9a84b8":"58a290cf0e774293d1b55f5ef8a305f68605c0c81668b8a1ba95fceeaa65229404e18fa54dd811a6af085c98b8854d0f956adc2aaad742cafa9ed53d7cb445451ee7a4dc1e8399ec7e5b4d004ecd22496565bf444b2e3d82ddf6a6d5e6256c5095a699d7ff3f8cf2addec73e21013ee6f3dfc0a3abf316ea5ee1d6943bc394e1":64:"af737ec3512da2b4":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54bfc8379e0a8180b931c5188c95ab3ed3461d6e9004d182":"93327664eb576bbb64e4ff061874346b4e80a779cdeb1fbe630bf5e4307d4f2c5d5ecc94aa8bdea755c1af165fc8925bfcdf128c1ee6571e9f8344b22dfc90ed893316031661a9438b305396f3a80452c9b11924163b7fc4422b00dc58ee0e674710239975a2cf3253bf2601cd155e09547a5f3be1adda84a4b29631a8e13161":"9d15df8de4150f44d342f2031de3611c":"63331936d2972abd44c1c9f62e42bfa932dff8cc75d9f555f5a7847d08558e76f5393e08909760edbef8d2922a7ca8e1c0c505ca627c02af73253791bb35ff080b4db7dddf4c8b304999ff645227cd79f13ac87f9c963b93a79a0e946e5781cdbf1b4b1967a75314f19c7219e3b69dc2c24ba09fbbdf7184278f82818bdd0958":"18ff87dccbc24c396190c7b37c4a77f86e609db7fb2b326802714d0f196b00b84af887f1b3bd30ee0b0b192d0801ac4e59ac40e5c652b3da32aa024da3acf648da0253674c391d260c0674853c7821861059772c9a7f2775a7ef77d1d31a6ec1c51c5f3089bb516f8cf52d5a15724281086abd92a74d255b7cc84b5051be4e5b":64:"bf0f7f8084e79da5":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21b775ef8c40a5387d6c8eda4e90d0a00c795681a2887dfc":"6346f84301d6d83e1c5bad44fa7e0821f35723713ee8d4a9e2bf15abf953425b09bd77b2360f4e62e82bf9e14e2b56be51d032aa8a96e894f19f3e84630f9eae831b329f7638b09de7210cd29778059ef1d0bc039c1e10405f3ae5e4ca33216adcfc21869d9f825344d62b50bab03f7aa7b92fdb94951a68acd01f1dee75e428":"9763e6187d4b96b1801d1f6efe7e80a5":"3bd523c16a0022b780ae8318a28f001502120bb26e2f65f4fe94019686f9d1df330e70cef1b2ba4b6ce1f7ef37750f47e602843cbc5f13ff2ceadc5091eb3601604b70bd4acad3d61950b9dd2cbfd83a391223c8e09fddd4020c0f8a8a7057139fd92f3bbe034f03cc48afdde064c8b13ea942ec0d621db959ec9d5fa95afe45":"f25408848bc27ab087b3ea053762837a534c3702dd8be01d79f075f61d76ac1d6557d392e1fab475cc7d13a5f6be6f0718bad71c3c85b5996bd3c0159e264930988e3ed506bcc94fabecfb58caaf56e2e4315bb50817cba765636d1faa91147b3880815eeb90d0934180e49132833abfa6279247d9dd4048dff851e9a551ee1c":32:"d1fb9aed":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a7d8197d9ceebd8e3f6b3bfb74877ccf649ac91d7057af5":"37b01df357561f5aa43b5b4b0081148213f7b74babc80f4b3c6dd78ad17687f11443cd4a57f8d7a74ca3080e2a229f78d8e6db276c1142d5f4ee764eaf09cfd70c596d7a2cad5360c2de20d5e17ec6e06a9b049bb10f8742a30a94270cc6d7709b2f09f3cb8347e41117b7ddb99e4a939f3094c016330a8f170ccccb9d3651fb":"db5144951a9f1721397b7321713a723e":"ad72fa5a05adc40fb38245da019cbf50958ccfe26abf67dfdd49f4c4af6bda8bfc99d557913b2634c5c65d33ca909360adf598b703db1dbcc29481b17ca42fce3315ea1454693b5843e751fafd78158fc040c1cbe607063ba9c0ac02ae4b88989e3cc63adda8427032c70560349e1a8ec847906a9a7b0422a694a1f9eb2b3b72":"6985ec525cfe869e1709751eb6f1ff0aabcb39ae3aa708adc452ce1a8cad8ab4f1739f660b2841566f1f5c9e15e846de7f86ca1dc085188fcaa4a3f839ab2a5f0cfd36e36965ae519fe14f98899ccb07a3ca15ec705e3160df6dbc37ab89c882012eefe51e4da8d6d6b84b3144ca87a90864ff5390abfb92992e44c46807b3c8":32:"c51604f5":0 -AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"713358e746dd84ab27b8adb3b17ea59cd75fa6cb0c13d1a8":"35b8b655efdf2d09f5ed0233c9eeb0b6f85e513834848cd594dba3c6e64f78e7af4a7a6d53bba7b43764334d6373360ae3b73b1e765978dffa7dbd805fda7825b8e317e8d3f1314aa97f877be815439c5da845028d1686283735aefac79cdb9e02ec3590091cb507089b9174cd9a6111f446feead91f19b80fd222fc6299fd1c":"26ed909f5851961dd57fa950b437e17c":"c9469ad408764cb7d417f800d3d84f03080cee9bbd53f652763accde5fba13a53a12d990094d587345da2cdc99357b9afd63945ca07b760a2c2d4948dbadb1312670ccde87655a6a68edb5982d2fcf733bb4101d38cdb1a4942a5d410f4c45f5ddf00889bc1fe5ec69b40ae8aaee60ee97bea096eeef0ea71736efdb0d8a5ec9":"cc3f9983e1d673ec2c86ae4c1e1b04e30f9f395f67c36838e15ce825b05d37e9cd40041470224da345aa2da5dfb3e0c561dd05ba7984a1332541d58e8f9160e7e8457e717bab203de3161a72b7aedfa53616b16ca77fd28d566fbf7431be559caa1a129b2f29b9c5bbf3eaba594d6650c62907eb28e176f27c3be7a3aa24cef6":32:"5be7611b":0 diff --git a/tests/suites/test_suite_gcm.aes256_de.data b/tests/suites/test_suite_gcm.aes256_de.data index d20721227..95209f03e 100644 --- a/tests/suites/test_suite_gcm.aes256_de.data +++ b/tests/suites/test_suite_gcm.aes256_de.data @@ -1,672 +1,672 @@ -AES-GCM NIST Validation (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"":"3a0324d63a70400490c92e7604a3ba97":"":128:"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"":"7156358b203a44ef173706fdc81900f8":"":128:"9687fb231c4742a74d6bf78c62b8ac53":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"":"4fe6ace582c4e26ce71ee7f756fb7a88":"":128:"d5bdf8ec2896acafb7022708d74646c7":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"":"404efd26b665c97ea75437892cf676b6":"":120:"e491075851eec28c723159cc1b2c76":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"":"4037eadb11249884b6b38b5525ba2df4":"":120:"360c6ef41cbd9cd4a4e649712d2930":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"":"cebbce06a88852d3bb2978dbe2b5995a":"":120:"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"":"008d040fbd7342464209f330cf56722c":"":112:"c87107585751e666bedae2b1b7e8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"":"947c5f0432723f2d7b560eca90842df1":"":112:"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"":"51f639467083377795111d44f7d16592":"":112:"02d31f29e15f60ae3bee1ad7ea65":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"":"aea6f8690f865bca9f77a5ff843d2365":"":104:"7f2280776d6cd6802b3c85083c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":104:"ea01723a22838ed65ceb80b1cf":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"":"ae07f8c7ac82c4f4c086e04a20db12bc":"":104:"1132e4fff06db51ff135ed9ced":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"":"929b006eb30d69b49a7f52392d7d3f11":"":96:"33940d330f7c019a57b74f2d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"":"e34b19381f05693f7606ce043626664d":"":96:"2adc2c45947bfa7faa5c464a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"":"a56f27709e670b85e5917d5c1d5b0cc2":"":96:"177b9a5e6d9731419dd33c5c":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":64:"fe82300adffd8c17":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"":"1bd9ea6186450f9cd253ccfed2812b1c":"":64:"35214bbc510430e3":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"":"728cb9608b67a489a382aa677b1f4f5b":"":64:"e2ef5d9cc5791c01":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":32:"0fe57572":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"":"7b722fdd43cff20832812f9baf2d6791":"":32:"72dea6cc":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"":"729baa4c0ef75ed8aae746376b39fe3c":"":32:"2a0d607c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":128:"c595b9d99414891228c9fa5edb5fcce3":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":128:"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":128:"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":120:"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":120:"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":120:"e3645db0c600dba52044efcecfc331":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":112:"c25fc157c3f2474885e2eea48aea":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":112:"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":112:"3bcb5c2a4261d75bfa106fb25ee1":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":104:"0e463806ff34e206f703dd96b3":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":104:"3f0ccc134091e0c0425887b1b9":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":104:"888b836c9111073924a9b43069":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":96:"b6044c4d7f59491f68b2c61e":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":96:"5c5683e587baf2bd32de3df5":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":96:"52e10495105799ead991547b":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":64:"6ff8fd87e5a31eb6":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":64:"49aaa806cb2eeadd":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":64:"a5b71ecf845b25d0":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":32:"e9cdbc52":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":32:"e35dbac8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":32:"e7a37f15":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"2fc1afc1395d8409919248709f468496":"":128:"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"c571ce0e911de5d883dc4a0787483235":"":128:"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"275393276745bc43bae4af1e5d43a31e":"":128:"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"47f5264f7a5b65b671892a05fa556f63":"":120:"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":120:"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"4e022d8d86efbd347e8cbab7e979771f":"":120:"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"7c0f49fb54f5e68c84e81add009284e6":"":112:"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"5cea906737518c2cb901016e30206276":"":112:"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"387ee8c1e7f047e94d06d0322eec02fc":"":112:"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"d2b277f78e98f1fa16f977ce72ee22a7":"":104:"4c81c044101f458fdfac9ca3b9":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"94886a1845aebba5ed6b86f580be47f9":"":104:"4be34ff42085ef4443c8b6042d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"e5ca84b907ac761a5e68a9080da0a88a":"":104:"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"fa549b33b5a43d85f012929a4816297a":"":96:"afa61e843cee615c97de42a7":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"2f8512bb7e214db774a217a4615139e1":"":96:"f1da1cebe00d80eb4e025feb":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"3da9af3567d70553ca3a9636f0b26470":"":96:"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"b957f05921d21f2192f587768dc12b4f":"":64:"322374fbb192abbc":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"31bd7c971a6d330b566567ab19590545":"":64:"efc5a1acf433aaa3":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"2f9c0647a4af7f61ced45f28d45c43f1":"":64:"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"69d81c73008a6827a692fa636fbab8bb":"":32:"be2dda5c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"e119e166471ecf44bc3a070639619931":"":32:"b2f54b3a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"cf296aa43cb7b328e09c8975e067404e":"":32:"56015c1e":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":128:"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":128:"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":128:"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":120:"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":120:"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":120:"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":112:"993fc8e7176557ee9eb8dd944691":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":112:"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":112:"92282b022e393924ab9c65b258c2":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":104:"6154c6799ad7cdc2d89801943a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":104:"1d6cd4ab3914e109f22668867f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":104:"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":96:"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":96:"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":96:"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":64:"d8bd7d8773893519":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":64:"74110471ccd75912":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":64:"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":32:"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":32:"30298885":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":32:"1997daa9":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"":"7f8368254955e1b6d55b5c64458f3e66":"":128:"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"":"274367f31ec16601fe87a8e35b7a22dd":"":128:"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"":"796efaff4f172bef78453d36a237cd36":"":128:"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"":"45e6b23f8b3feefd4b0ea06880b2c324":"":120:"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"":"548c9c8fcc16416a9d2b35c29f0dacb3":"":120:"3aa21f221266e7773eeba4440d1d01":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"":"a5129e2530f47bcad42fc5774ee09fe7":"":120:"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":112:"55952a01eee29d8a1734bbdf3f8f":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"":"6404b111c6289eefa0d88ed6117bb730":"":112:"637f82e592831531a8e877adfc2c":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"":"3b87b08337a82272b192bd067e3245ec":"":112:"1f2dda372f20ffddd9dd4810e05f":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"":"58e70095c6f3a0cda2cdc7775e2f383d":"":104:"1763573f7dab8b46bc177e6147":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"":"d565c9cdfb5d0a25c4083b51729626bd":"":104:"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":104:"ea7b52490943380ccc902ca5ae":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"":"c993c1802df0f075ce92963eb9bff9bd":"":96:"edfab013213591beb53e6419":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"":"8f7e1621c2227839da4ea60548290ffa":"":96:"f9da62f59c080160ec30b43d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"":"05d363b2452beff4b47afb052ac3c973":"":96:"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"":"774f4e70a7577b5101c0c3d019655d3e":"":64:"98ff89a8e28c03fd":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"":"99f25cebd6cfa7f41390b42df6a65f48":"":64:"8e14a0a4853a156a":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"":"c1beff1ff6cdd62339aa21149c4da1e6":"":64:"f998d7c08d609b3a":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"":"88126c350dfc079c569210ee44a0e31a":"":32:"f2ebe5e4":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"":"af29fdb96f726c76f76c473c873b9e08":"":32:"13fd6dfd":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"":"1552604763453b48a57cea1aed8113f4":"":32:"660c5175":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":128:"6b4b1a84f49befe3897d59ce85598a9f":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":128:"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":128:"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":120:"2e080ba16011e22a779da1922345c2":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":120:"83de3f521fcfdaff902386f359e683":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":120:"cd4542b26094a1c8e058648874f06f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":112:"96ca402b16b0f2cd0cdff77935d3":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":112:"8233588fca3ad1698d07b25fa3c4":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":112:"477b0a884d788d1905646bd66084":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":104:"0cb67cec1820339fa0552702dd":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":104:"08d7cc52d1637db2a43c399310":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":104:"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":96:"99230019630647aedebbb24b":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":96:"9553b583d4f9a1a8946fe053":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":96:"44b95a37fab232c2efb11231":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":64:"072d4118e70cd5ab":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":64:"1bcea0ac2c1a0c73":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":64:"faa5c13d899f17ea":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":32:"a3958500":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":32:"50fd1798":"":"":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":32:"07764143":"":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"5714732145470da1c42452e10cd274b5":"":128:"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"a714e51e43aecfe2fda8f824ea1dc4b7":"":128:"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"91d55cfdcdcd7d735d48100ff82227c3":"":128:"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"19788b2e0bd757947596676436e22df1":"":120:"f26a20bea561004267a0bfbf01674e":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"c6b26117d9dbd80c1c242ad41abe2acc":"":120:"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"0db3ade15cb0dea98a47d1377e034d63":"":120:"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"83f98eec51ee4cae4cb7fe28b64d1355":"":112:"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"2bc0847d46f3d1064bbf8fe8567f54a2":"":112:"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"b9194a4d42b139f04c29178467955f1d":"":112:"05949d591793ca52e679bfdf64f3":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"6a5335901284dd3b64dc4a7f810bab96":"":104:"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"fcb962c39e4850efc8ffd43d9cd960a6":"":104:"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"b4d9248bb500e40de99ca2a13e743f1c":"":104:"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"160c50c0621c03fd1572df6ba49f0d1e":"":96:"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"04885a5846f5f75a760193de7f07853c":"":96:"0c13506ed9f082dd08434342":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"0a93b883cbd42998ae2e39aab342cb28":"":96:"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"e20957a49a27e247d00379850f934d6c":"":64:"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"d533c2170c5dc203512c81c34eff4077":"":64:"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"2e2b31214d61276a54daf2ccb98baa36":"":64:"5266e9c67c252164":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"a8339ba505a14786ad05edfe8cebb8d0":"":32:"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"4f23f04904de76d6decd4bd380ff56b1":"":32:"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"531248afdaaf1b86cf34d2394900afd9":"":32:"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":128:"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":128:"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":128:"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":120:"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":120:"7b334d7af54b916821f6136e977a1f":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":120:"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":112:"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":112:"e3ede170386e76321a575c095966":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":112:"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":104:"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":104:"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":104:"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":96:"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":96:"bea660e963b08fc657741bc8":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":96:"7859f047f32b51833333accf":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":64:"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":64:"2111d55d96a4d84d":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":64:"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":32:"b1ece9fb":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":32:"cb3f5338":"FAIL":"":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":32:"3105dddb":"FAIL":"":0 diff --git a/tests/suites/test_suite_gcm.aes256_en.data b/tests/suites/test_suite_gcm.aes256_en.data index 0ff716d5d..761a914b8 100644 --- a/tests/suites/test_suite_gcm.aes256_en.data +++ b/tests/suites/test_suite_gcm.aes256_en.data @@ -1,672 +1,672 @@ -AES-GCM NIST Validation (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fb8094dd2eddb3d8004bb79134023ca2be4de9b668a9e4608abdf2130e8becb8":"":"491a14e13b591cf2f39da96b6882b5e5":"":"":128:"80883f2c925434a5edfcefd5b123d520":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"725313f4cb3f6a0d29cefc174b7e4f43cef11b761ef75e1995cb64c1306795f1":"":"27d1ed08aba23d79fc49ad8d92a2a0ea":"":"":128:"d5d6637ba35ef2ad88e9725f938d3d2d":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4e766584ce0e885e1bba1327e5335796de0831a40f74a5cec178081dd15bfd10":"":"cece0dea024ff47851af0500d146cbfe":"":"":128:"1abe16eeab56bd0fb1ab909b8d528771":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce7f2207f83a952451e714ba3807ddb3ed67c2739a628980411aa68366b1f2f5":"":"652fd951ace288db397020687135a5d1":"":"":120:"985227b14de16722987a3d34976442":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"855f8fa4ec6a1206173509d504d0b29dfbfbfa9aa528254b189cd72e6ebc1c1f":"":"1ad1507e6463e4e2e1a63155ac0e638f":"":"":120:"693146a8b833f324c1d4cbeeb8c146":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef8dd1294a85dd39e366f65e1076d53e046188c06c96b2c9e84ebc81f5c9f550":"":"9698a07447552d1a4ecd2b4c47858f06":"":"":120:"b00590cac6e398eeb3dcb98abe1912":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25896e587570ff1823639e1e51e9c89192d551b573dd747e7c0c1c10916ece4c":"":"f0516457c09c372c358064eb6b470146":"":"":112:"5a7cadec600a180e696d946425b0":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02fc9cfffbe72e7954182993088e09d24ea8cad91a8ca9a336d9f1fe4156486d":"":"0e189e162e097eb2060b30c46d9afa70":"":"":112:"7d3d5cc55e6182ec5413ef622d4f":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f24e3d631d8961d3d4b9912d4fa7a317db837a7b81cd52f90c703a4835c632e2":"":"510740bfa2562ce99ca3839229145a46":"":"":112:"1402ddc1854e5adb33664be85ad1":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"720ab5aceb80ff1f864379add9b0d63607227f7c3f58425dd6ec3d4cea3fe2ea":"":"58f2317afb64d894243c192ef5191300":"":"":104:"e8e772402cc6bfd96a140b24c1":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f57dd16fa92a8f8c09d8f13cb5b6633a43b8762e90c670232f55949cdfdf700c":"":"3b7c14ee357b3c6b0dc09e3209ab69f2":"":"":104:"43e609664e48ad1f5478087f24":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"87c17ab919a4bc0d50343c0bb282a969283c2ada25f9a96d2858c7f89bc5139a":"":"02813d3faf30d3e186d119e89fe36574":"":"":104:"d1a1f82a8462c783b15c92b57e":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd8d5b6c5c938c905c17eab9f5ab7cd68d27f3f09d75177119010d070b91e646":"":"1df1c3ad363c973bffe29975574ffdf6":"":"":96:"749ac7ffda825fc973475b83":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d60a14cb789099c77b8991e7b0b40f787d3458f448501e8108e4d76110f94ef":"":"ca6b3485eb5dcd9dbfa7cffcdb22daa5":"":"":96:"3f868b6510d64098adc1d640":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"405b690717de993ad945d80159c2800848060de0b7d2b277efd0350a99ba609a":"":"63730acb957869f0c091f22d964cc6a3":"":"":96:"739688362337d61dab2591f0":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab5563a387e72d7d10468c99df590e1de25ec10363aa90d1448a9ffcd1de6867":"":"c511406701bad20a2fa29b1e76924d2f":"":"":64:"390291ed142ba760":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abef7c24daaa21f308a5af03df936ba3f70aa525190af0d959d6e50d836f4624":"":"e9f15950130b9524e2b09f77be39109a":"":"":64:"db2fb2b004bc8dc4":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca630b0b6779a8de7a19e5279eac94bf29f76f8b0cf8ecf8f11c4f8eb04aa0d":"":"7373befc2c8007f42eef47be1086842f":"":"":64:"e2b8620bcc7472a8":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"acea7818a71df2c9840aef1c10ecbe2bac7e92216388416a2f36119a0745d883":"":"6d46aa39fb5a6117e9adf7ee72bc50ff":"":"":32:"fd5ff17b":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b301036d4b2b28b8a4502925986861eba2b67c24cb0c79c63fd62195d9b67506":"":"bb6f398e5aed51590e3df02f5419e44d":"":"":32:"47f3a906":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"89576d2aac554c8982c7df0053be9ab19f4bd80ba9f3dd433c1c054d68e68795":"":"aedbd482a401a7c12d4755077c8dd26e":"":"":32:"506fa18d":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c9e209da3c1971d986a45b92f2fa0d2d155183730d21d71ed8e2284ec308e3":"":"78bef655dfd8990b04d2a25678d7086d":"9d8c6734546797c581b9b1d0d4f05b27fe0539bd01655d2d1a8a1489cdf804228753d77272bf6ded19d47a6abd6281ea9591d4bcc1be222305fdf689c5faa4c11331cffbf42215469b81f61b40415d81cc37161e5c0258a67642b9b8ac627d6e39f43e485e1ff522ac742a07defa3569aeb59990cb44c4f3d952f8119ff1111d":"":128:"f15ddf938bbf52c2977adabaf4120de8":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbe2d52b7f50bf23a16ff8cd864215034fdfbf4d1506ca3c1ffb015653efe33a":"":"b155f8ab1a8c0327789cfb8310051f19":"ed8d14adf1c362bbaf0d569c8083278e8225f883d75d237a4abcd775a49780603e50c00a1b5b5946c085e57a749b4946f6aca96eda04ac9944a7d3d47adc88326ed30a34d879dd02fb88182f9e2deefaeee1c306b897539fa9075bda03ba07b4ffff71ce732ef3c4befac0f18c85a0652d34524ccb1a4747ab8f72ed1c24d8fc":"":128:"c5fe27ca90e5c8b321cc391ee7f1f796":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e888721514fd01fb67513cb56bfd29af67a9ce525e3e697af47450f02053161":"":"9f6bd4a93e4f3f2f5f4a7c2c5b4790bf":"867d50923967535ce6f00395930083523c22f373cfb6c8817764f5623cd60b555572404e54f2fe7083ef32b9a4593a1f70a736d6e8fe61b77def51f3b1d8f679d3a8d50d0aad49e51ec1eb4d4a25f13d14f3e5253555c73eac759e484c6131cc868b46c18b26acd040c3e1cb27afecba7b7fc3f5ff4883f4eafc26c7f3084751":"":128:"ea269094330b6926627889fcdb06aab4":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8f82b07e7319ca607c9aa0352070ca883dd7b32af370a774f63b0270f44835a":"":"e89e4484497cb728f86585d8918b7fae":"42340d96e1852de3ed5e30eb4a05e1fb222480b450e2bf4e2cf0fb2a525eb6602ef43a896adc5c52ea5381c642b2175691c014e7a6dae91fa6ff5b95c18a2dd2e8838d3abd46ace0b305f3f22d30a0bd82a81bbf6753362b54b0624c76c0d753e30eb636365f0df7e1bf8bf130cf36062ec23f58a3f7ed0ae7bfbbd68460cd76":"":120:"b234b28917372374e7f304f1462b49":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b49b04a54a08d28b077ea54c18bfa53e916723e91453b47f88e399046b9b4dcc":"":"6276c577c530f91b434ce5719e1c59de":"6b73f996c49e368fc4d21816153aefb081509f9dc0916dbe4fdf77f39867a2bd617b8a75f39f515b1bc1454009d5247efcd90ba0d4a6743c6f12a929b666584f3b55254c32e2bab2321f94fa843dc5124c341dd509788a158191ee141eb0bc4e1b96f6987bafe664a0f9ac6d85c59cee9564a27bcc37dffae80c57fbf7e748ce":"":120:"69dd5bdeb15fdbc3a70c44b150f70e":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"398bb37bb991898c7dad7bf5930dbad20d121f68d5ec6c56ffe66f23c0c37f8e":"":"0c3bd55b54c1221b0cf25d88ea4dfe24":"4c48b929f31180e697ea6199cd96c47cecc95c9ed4c442d6a23ca3a23d4b4833601ac4bbcdbc333cd1b3a0cd90338e1c88ef8561fed7ad0f4f54120b76281958995c95e4c9daabff75d71e2d5770420211c341c6b062b6c8b31b8fe8990588fbad1e651a49b0badd9a8d8042206337a1f2aa980b3ba3b5ee8e3396a2b9150a34":"":120:"8528950bd5371681a78176ae1ea5dc":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e8f7c317b22dea8eabe7eaa87413a98ff56570720985b6743a5f9af56387cca":"":"3a9a5a839045723afdfb2d5df968bfcb":"a87d95f8f47e45a1c7c5c58d16055b52b3256c52713fd092bcd6cbc44e2c84669f23ca2a19e34163ee297f592f6054dbc88863a896c2217e93a660d55a6cd9588a7275d05649940d96815c7ddfa5fc4394c75349f05f1bcaff804095783726c0eceb79833a48cefd346b223f4e5401789684e5caeda187a323962a1f32f63f02":"":112:"faad6a9731430e148ace27214e68":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"67c95e57197f0e0bbaaa866d337fcc37f3a10dc55a059f5ea498de204d2fff61":"":"5f171d203c653a316cac43df99f4033a":"84f281b388ca18bc97323657a723a56260731234720b02b6dde00ea134bd84a1893bec38af80214c4da01b93958ab00f3b648c975371e565d5b6bf2a8f63c0f3cfcd557c9f63574390b6ae533085aca51fa9d46cd2478b7648b6dcbbac7e61197a425778debe351ac2110ba510a17e2c351ba75d5a755ef547cf9acc54650222":"":112:"9ea9c716e06a274d15a3595a0c41":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9143f00e31c72bd9fced31585d047f67f1004e6244c3d9c10c8ae005feeabc84":"":"e49cd6af9a2f0da2a7198317da92ab2f":"ab9193a155140d265aabfe2dd5efca7d3fa6129498532bccd77f09fa1a480702620b3ab53df91b01262122f1a6fc387b5fc55dadfcdb99ada83d4a5b0666c8526de309f41eb54d69b52595c43550a6bf7b4b8f0e0c48311b521762eaa567744c4c4704dd977f84068b59db98a67e33cc65302ba59360d600a22138c5ad3317f3":"":112:"8293e361fe0308a067f89aea393f":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0ba180075c373116bb037907b512add00ba9a4693a8ecc14ca0d79adada90e3":"":"5c1501b19cce5404dccc9217ac8253b7":"3a161605ec0055c479dd48cdaeed5981b8b60fb7b7781cc4e580218c7014c3060a9f706e6e16cf4021e4d38deb512534b484ff23b701975bdf901146ccaece9c3ffbbeeb172cfb64a915ae0dbe7a082b9077776a387b58559a881b9b79b90aa28ad1ac0f2bece314169a2f79ea4c08389f7f7dd10ee2d9a844fee79e7bf38bcf":"":104:"0541262fddfd5d01ff0f3c2fb4":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c975c7e59133c231d1b84c696761c413ba20aff7fb7d854c6947e65db3cc57b4":"":"d8fedda4cccaf6b0818edcfa7b1f03fa":"cb4cc9171367d6422abfaf2b4452da267eb9ccf1c4c97d21a0a125de486997832d16c7e412cb109eb9ac90c81dfe1a1dd9f79af7a14e91669b47f94e07d4e9bd645d9daa703b493179ca05ddd45433def98cf499ff11849cc88b58befbdd388728632469d8b28df4451fc671f4a3d69526a80c2e53e4fdee6300d27d97baf5f4":"":104:"77ac205d959ec10ae8cee13eed":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a86ec688222c50c07274ed2d2c8ae6f883e25f8f95d404a7538fd83224199327":"":"99c73fdb8f97f225f7a17cf79c011112":"cf5f707de0357262c0997fa3ebfe6e07192df8db5f029e418989e85e6b71e186b00c612ecedbfe3c847e58081847f39697337ae7c815d2cd0263986d06bf3a5d2db4e986dbe69071fd4b80a580f5a2cf734fc56c6d70202ea3494f67539797252d87cd7646296932959c99797a0446532f264d3089dd5f4bcceaaa7289a54380":"":104:"c2093ad4705e613b09eee74057":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3981f0aa1ed8cb369d9b0d7b0e529ec6089ff2d226c542885b1bff55276e891":"":"7331f91bd1a67c21c9dd336a2a922839":"406d9cf45fc8618d564154241dc9c006ecdcd847406e5a6e7127ac96e7bb93f4c339ff612c514b6f66df95a0845035d7535212a2aaeeb0ee512d1f4375c9a527e4e499389c2d7f7f7439c913ea91580e7303767b989c4d619df7888baf789efd489b08eda223f27da5e177cd704c638f5fc8bf1fecfcd1cab4f4adfbc9d1d8ba":"":96:"dbb7ec852c692c9a0e1a5acd":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8436967f97c59ca73b760b73c6e088d1da4e76b712188ab4781d8d849505ae47":"":"9401dd0998914645668d06d518bfe7d7":"a5f40906177417097c19a0a21dbb457a694e173141837f695b09c8eb58ac2ce28aace4e59275b6266da9369a9905b389e968aefc64d78c7e1d2f034ef413d3458edcb955f5cd7971c28cd67dc9901ef3a2abc6121704bb5ecd87a6568d0506abbc87a2f10205dc8eb0cd1b5109158d0e743c2c3a342d60b8d55bbcb8d8507ed1":"":96:"dd6d988d352decc4e70375d8":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce6b846bcedc6ae747e66e72cd9f7664e6cad9627ba5f1f1923f3d3a6ed590d1":"":"ac865ff8a6255e501b347a6650510d05":"1658b9f8469af1dfa60458cf8107db1edd1e4bba70a0bd23e13e1bba0d397abf51af8348f983fcdfcc8315ef1ffc9a26371377c62ddba08363bd2bf0ff7d0c3b603fad10be24ecee97b36d2255a8b2efc63f037123cef4bb4fe384aa0c58548b2f317c36ef3ef204b24769de6ba3e9d89e159e2bf1f9d79aeb3eb80c42eb255e":"":96:"7ee87acd138c558455fff063":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0038ecf1407bbf0d73afa5e010769b71e8649c4249345dcf923ef9da0254c6af":"":"74c6b98fc6ced3a59bd9c42d31d71095":"467f483c71c3404fe7f09d6f6b6b64c3b7613a0dd32470cf24bc590d3994a48f3e8cd5dc19ea8ca7d5366ad7c5ad31cc9612dafedaea109dde2aedfe5fc2a0db2c903dd1dc1a13949720a10babf37fba5a0ed7cb5f3dc9eb5a4d8331f218e98763e7794b3e63705d414ef332160b0b1799f1ff5cbe129a75e5c4e0a4ed35e382":"":64:"62fe088d9129450b":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19fc4c22151ee8515036c38bc5926c0e0bbd93db5d0fc522b2a6bf6298fed391":"":"9547f056c6fb9ef72b908f527cb500c1":"511b15c25b2a324159e71c3b8e47f52d3e71e5bc35e774c39067250f4494c9c4eb184ecbe8638de9418672d9ae2c6a0e7f54c017879ffb2a371de1639693d654a43cb86e94a7350508490191790d1265b99e7b3253838b302aae33590949a8761a3bb2aeb1ba798cddeb00a53daad05a33389d4a19269d65116a84f12dba5830":"":64:"04623912bb70810e":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b5d3b1920b5a105b148153ae1f1027c6d48bc99640ea853f5955fed4eb3d625":"":"9a4091c2eb7e88759bd9169fee303485":"aa680d07143ba49a9099d555105fc3cfcb898cec11ade96776dc9778cc50fe972e1e83c52c837b71e27f81d1577f9bd09afe2260dfd9a5d9dfbd3b8b09a346a2ab48647f5dd2ff43700aecce7fa6f4aeea6ea01b2463c4e82ec116e4d92b309c5879fb4e2ca820d0183a2057ae4ad96f38a7d50643a835511aedd0442b290be3":"":64:"033bfee6b228d59b":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c4ad8e27764157789252f4bc4a04145cb9721955330a2f6a2a3b65cacf22bc":"":"3de136cbd75061c888226efab136849d":"0f6951c127d6bc8970e2ad2799e26c7fb9ca31d223155f88374984b5660626c83276ffa6c160f75e0e1bcfa96616188f3945b15fc1b82a4e0ee44000a684b3c3840465aebe051208379ef3afe9f569ee94973d15f0a40c6f564fa4ba11d6e33cf8ae17854a9e12360a2b8495e2cceec463f5e3705c74069ba37ba6d725f458c0":"":32:"f658c689":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30cd99fed9706c409e366d47fefc191f79bcc47a28be78f9890fd90d4864eb85":"":"8c7ce34691503bf14c776f8809f24e61":"4b6b10c2e2905ab356769b6453dd160a08e8623b0878fcc1c1d64822f0aea1f4f5b4698ded5d23ebafa11bc1e4ce9e5cd7d7c7b13de02d11a945ba8361b102ba49cdcfd6a416e3db774cd7bda024fccd1ad3087560dc15bbfe9b1a5c6c71fae17a329f104f6c2cba7eb6a7459535ca328146d0ccc0a9bd28a3d1c961947a3876":"":32:"7777c224":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9472f2452933dcfac4bb22831ce83c6a1ddf25ef8d2d3ba59d72b0d173a986e8":"":"18fb2c34b0955d712960009617d300ef":"d283dd75cd4689c266c8e0b4b6586278aa2583c7c41bf12bd1cfdef21d349acbbabc0a2204dc4130f922949206c4fbdce3786ab8614e32908838a13b6990453abf14b84f5812e6093644accdd35f7ad611ea15aefae28b3cf1fc5da410bcea4f0a50d377fdcceffe488805bc5a71fab019b12fa8725d6e7c91e6faf12fbaf493":"":32:"c53b16a1":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e06d5319210f4107ea7267fa2e8183fcbf74fd3b0579b856577177d9cb307d42":"2b9179d21cb884581b0e4f462455167f1f7899717245d4aed3d8db5983daccccebfc2130a20c284563bea5997cc0438c83d8fa7bb9e3588efed285a0fcc31456dc9a3122b97bb22f7edc36973475925828c323565e417ec95190db63b21881016b5332f2e400bb4724c86a8ee0247149370ee5412f743dc6bf7ca5bcc31afa0f":"f2b0564705430bc672964b049115e122":"":"3fa342a76cb5d501e6a6fade14aab54a76620e4ea2287147d4ca2b9d62d2a643591e5df570ef474ee88ad22401c1059e3130a904e9bf359c4a6151ff2f3e4f78ef27a67d527da8e448b0ef5cdcfec85f3525e35f8d024540387e4cdcb1018c281a1af7d4a3688a0fec4d9f473c816f7d4c4c369f70d7dfe8f1b7fa4f581098a1":128:"18f186ed1ee1f4f8b29db495587d0ab0":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0dfa834e98b6c51ee925dd9edc9be72c209ddcd9099ded57b533f2236895a229":"7f4e4f11091bf51976c0fc71ecbcd0985cdad2135549c818c09567801d8a9a42c719aab7dc2cb58a10b5067d14c52cabe6bb9b939e7b9cd395eaf10ba6a53fd2e6446e1e501440134e04e662ef7ebb1c9c78bbd3fd7cb9de8b985418be1b43ebb5d7902ccb4c299c325c8a7cc1de9174f544bc60828c1eebad49287caa4108a0":"a101b13b238cfac6964fd6a43daea5a7":"":"bc60d2047fd8712144e95cb8de1ffd9f13de7fda995f845b1a4246a4403f61ca896bd635a1570d2eb5b8740d365225c3310bf8cea3f5597826c65876b0cbcfa0e2181575be8e4dd222d236d8a8064a10a56262056906c1ac3c4e7100a92f3f00dab5a9ba139c72519b136d387da71fefe2564d9f1aa85b206a205267b4cfa538":128:"c4cc1dbd1b7ff2e36f9f9f64e2385b9e":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce59144b114ac5587a7a8079dc0e26f1b203338bb3e4b1d1d987bddc24150a82":"bc7aa1b735a5f465cffeccd8dd4b0a33a571e9f006dc63b2a6f4df272a673bb2cc00e603248ab6be5627eebc10934fe4d1dc5cd120a475936eefa2c7bddea9f36c6c794d2c6bd2594094e56cac12d8f03e38f222a7ee4fc6c2adffe71c9c13003e301c31ff3a0405dde89bb213044d41782c4bb4eb3c262595d1c0e00522047c":"fdc5a40677110737febae4465b1a76cc":"":"084c31c8aef8c089867f6e0ce6e0aadafa3016c33c00ca520f28d45aac8f4d02a519b8ebafd13b9606ab9db4f2572f396091bc5a1d9910119ca662d476c2d875a4ab62d31ff5f875678f25a4775fa7fc85b1a3d442fb2c5047a3d349d56d85f85f172965e6477439045849a0b58014d9d442e2cae74709ed8594f0ec119d1d39":128:"4c39e0d17030a5f06ecd5f4c26e79b31":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e7a6b459a5370ceec4d429bba9472a49db07697dc66dbc2f294d3e62ffc8aac1":"cb959e5611a636317feb5265d33b315c2f5af64159029f0032e338babbdb0a525ba6b92cb3be7db9f0077561e6cffe1247bad32dea8918f562dc3cd83225cdbcaed652b87c62fea8eff153638a3a14ef9f9a88bcc8c9a6b65fa9dcc53f63d1b14fb9bb0baf17e7bfb95690c25cca2c3097497e41f7e2299a8518d5d1c5f6264e":"92468d42ad377affa7e808d95d8c673a":"":"599dbc47e2f2e3b06b641c510b238417b01869f0e7d08619752f6d9f4b08585731deaeb439ff26e02d7e51b45ca5e3d4a779fe4cfc9572d1d6407f98de69a8fca60bf01d1a769130bb38a67933a2be3aa3ea1470d8f32a34dc863dc800feb7ef71588edd9489bd59a23685ff5358f9b562fc0bbad9e11db7a6fedbd79225539d":120:"e853262ed43e4d40fea6f3835d4381":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9818904a99e3d80c95dc71a16483ade1b9b8e7df638ce6a4c1d709a24416cbe9":"2c073cdc11a8d58fb55e1dadbbc0372dde86c387fa99c9249bd04cb2f2d239de01bec8c8771a9fb33664ee06ea81c37a824525664054173b63a2894d8d7ffc60b9e93052802478a189be5835d979a28ce7025b219add0622f97c9bcf3ecf629b56408ed002a141061320400409345e94a7a7e3906611305f96f2abc9d62cc435":"96a301ab6bc0309be9735bd21cc9e10d":"":"4876e449b0cac09a37bb7e4b8da238f4c699af9714ec4fcf21a07c5aee8783311a13149d837a949c594a472dda01e8b6c064755b6328e3ef8d6063f8d8f19cfda3147b563b0f5fb8556ace49cb0f872822a63b06f261b6970f7c18be19372a852beadf02288c0b4079587c0f8eab1858eeec11c6ba8d64448282068fddd8a63d":120:"e1e8b62ce427e5192348b1f09183c9":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b34f137e3f37addad8a6573b8b6dac9a29e97db53c0a7610f37c72a0efaebfa":"c1e09c432c68a2c119aeb3b19c21180e3c8e428e12033f416a92862036f5e8a39a8893b10fe5476e388d079143ee0b79b183a3400db779cfbf1467d69887306b124a8578c173cd5308d4448eefcf1d57f117eb12bc28bd1d0ff5c3702139655197d7305bda70181c85376e1a90fb2c5b036d9ea5d318d3219132ea6c5edf7b7d":"50dddb2ebe4f8763509a63d07322277e":"":"793e1b06e1593b8c0ba13a38ff23afaa6007482262bc2d0de9fb910f349eff88d3dd05d56eb9a089eed801eae851676b7a401991b72bf45ac005c89e906a37ed7231df4aeeeb1fcf206ca1311117e7e7348faf1d58acc69c5702f802287083d3ed9e16cf87adcdfa1bb0c21c40c2102fd0def91985f92285e6ea1cdd550e7f50":120:"b3c6ae17274faaca657dcb172dc1fb":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66b40e2e671bdf244b45644d1a5adc63011b32156ba9f5e03dffacc1a9165061":"985546ee12ba89d95988ad8a4153c4f9d3c91c0e3633a95b4f9b588bba0032006c93210514357c91d574b436da13dc9f68194a981e7b65eb79e56be9cf1dabfdf531407727c034a3c7743bb22aa02b26f159c2eff3c7ed52027de2e8b8b2fefb72c04fbf20a1ffe10d6dda790a9812cdbe9f2ed6706d7a2639e851a42870efb8":"4e090871e889b4be36db5e1df1ea283d":"":"f93eebffeddfd16b4618b893d57b459b704b894b38a5eaf6cce54026c80090be8328e12261e1b10e81c73ac8261c2982bb25603c12f5ffff5c70b2199515c17200db2d950a3f2064d7b362607adbf3686f27420ec15e18467e86faa1efa946a73c8888b8fdc825742b8fbec6e48cdabbb45f3cd2b6b6e536b6fbf3429aebe934":112:"ed88c856c41cac49f4767909ac79":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"18c5105a9651144ce965b4270398b982120b885850114571ef8e2cbc5d2f5e04":"00c5ea3d91248bfe30c5a6d26dbdf0609f977afcfa842b603c1061b2a473c9a79b421b2509550309e4be9c5015c51c6def9ee68c242f6e206b3027ce8e58b7ab96aaa50ced1d78c2dfcbc2589575bec2ce3b6a5066276fe7dca4f1118808d1e5cac062667053c15350289da03cd073377c2d66c01e3098ed01b75788c7e1f9e7":"a3a5f82748acc887e33328fd7f4ce1fd":"":"d91ed6886a269dc1eb0745dc4b97fc54cbea5e6857d10a303a3caf828b4e0e20bb742bca17021b7852d09a6d7d3a56ad82298c15a2082fed0e0e326bb16dd677ee262ead93a24147de3c07eb8a95b108abf17357155f1de79171689407b6545c9fdf8ab4486576490430c0e043e21e7c40ce88e752cb006cb3c59479a7e56cf7":112:"add4e086d612a119c6aae46ba9e5":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4667cabeb3a644e371cbbe9195413daab025cc6efc12298bfaea0dd9bc028f9f":"9772ec47f3cd26f091bf117e085f2394db258c2c460dc3b1402edcb60a8f70517f82aa669607b78c2ad79c662c3b376cee1b9f34c4ec5d15319c33de78a440e7f2a4108c3c9da51604adde2025ff1dc336c49279c13a7153931df675df0e78f17a4d72973311af74fe755c85c7869baf3896bb738925942dc67f1b6e690c9d48":"7e8927c69951d901494539ab95ac5906":"":"5d62fa69cfbfdec30193408dad15cf983ad707ee921068b817676eca9f70f9ca4623a8c113df5fba86131415f4ec546c7f1a94ff9d02cb8ddcf421c7cc85ed87ce712fcd8d5f45460749ced0d900fe0368c59b1c082bd5811c1a648a51768d5e4bfbc23cada3791f289d8b61fd494398be1ad9ee9ff471abb547000ac2c1a5d1":112:"0ae6bd5e8c25d1585e4d4c266048":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3d58cd514de36ca7848aad1bf4d314b3b3415cae1ce9a169021ae84a67d4ab69":"e1c2e79e3f64c5c64f853ac9ba1a853fbf1bfd3001d48f7e73e0e97aa1b8ed1f1a7066178e75df688c5edb1c42e270ea38ab0e246c6a47fde4c3141436fe4b34beb9033ba7eebfc53cf1f6c8ae1794e9bb536152d196e1b96803316a05f1dcb9016c8b35bf4da06cd18da6243acc3a3dc641d3a1332b1915932ca89937cb0327":"4a1c2e7a3f9788c3c2fdd0dcc0cfe84b":"":"50d63c660a2b4f8e87276c5f58556cdf15d0fbb2c8ea5e3266d28c515643109aa7fc950d6d48f504dad52457e16576b581d37574574cd8b7ac12b7d59b819992c941a27e23ef9f257ed0c4ea4eda6c1f3b28b44decb63a92fae84c3556dcb9d6458e729dad6a7db9f7411690fce971b3b240f8f9979ed992f87d76e227fd7384":104:"ac842579bdd1ac77c84dffac2d":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7e4cd80f03a7ed092c776b243dfad7776d9caf3e679939038e33ac94d8931de":"102e2d2c0d01dbc69733d2451d1ac1817d60418685d4ae8aa44e1ede1c1e08d2f71f0aef41a72bd9f052ea4a9a057330c95d964f8c3679b80fc9c0952b46f38e2ef055cb33703d686757400210fa5a39bc7e3bb9b8b9cc20c95d5607e2f10bb5501507680ef3aaad96553333b1d27bf2f7ac102c983eede2262a5c6237c1d754":"af160a983d674b7d19294f89c3c9307d":"":"6bdfae299d796ef36850327b091ba7bb02e29b643ca4c8bc199eb91ecbaf88426412cfd5570e0042cab735cc46ec648b0877955b3f9a5707d56c478aa77ae5510749beb1e44dbbb37791f18477123436a985e5e9f79fda0a057504847e4ecae841f24e1b53076d3efc6bdea2ebb336ee0e4b5e6ea973e3e50a27b5c2e6fee3e2":104:"fdf21e2ac356e507745a07fc96":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3a0c46eacfe85cbc0c5f527b87cd075bdeb386d0ca6de816a87cfddcb8a87ae8":"6d1203dc8395e35a35e234203625ea9d37d1c009db2ac8b1d5b29021997b5421f1d172f4c9a7eb7dbb67f0002720fc412f5b1550c739a2d7ba4387a1f978bd548fe6169d9473893782b10fab99198cb8b4553dfe27583c017136fd8c95070d8d7f9a602d15248d38d728157a0b26404e662f9a5554d3e1582bc0e12f0054792f":"b1cde63ad2ad4b8a7bfb36ab78385c3d":"":"9de3a45c976d32ed2af5074ef13b1f86f35b1689b1c698b2e427d5dd62556eb14439f77cd8fcbe686a9a08a922e3f54a78e86fd284de493a740586360b63da09bc1d001777582969c679db54a0ddb8d7dfdb46750edc882804a1c00e417912b72b4cad54dffa1897eba6188b3e61ebf0c3dfab292c2686dcb9db3012e0788c7f":104:"641896daab917ea3c82524c194":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d540e0ba27103667eb4511ce9d243592bccb8515ab59896c9922cb5f1b47a02":"d79f9b1c74e3141f188704c8d5bdaaf6083642be50d00f20c97b56646863895250d131e00db0ecf4f035d42f08cfe20f401c2d3062a38daa0b9e7c19fa7c5d344680aff48d506daa181451f6b34ed9099b9a5b39c0166e93ac4463c9ad51f48e3063b1c16793615336f55d516d079f6c510c2891b97aaa95e5f621e3b5202620":"a2ed37daa797522a39b01dd206d06514":"":"6a891bd289ec05990424a2775287f4725aecefe1ab21fa0ca643f37829cae9fcbbf805b883f807102ff12f1a85964df818057daedd41c7349ef32b24642186c45d2858c3260d5b90594969e26b691963ac7fbd2eb4eef466ae690ca274d9194dfc4df1c3baec02abc38fbfc0e2c7c4fcafed227d4f6607329f57ee439435c714":96:"9074ecf66bbd582318495158":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"151d7e4db9e21c87bef65c2ac6aab5b6b045b7dadaf6424644a91e04ba810585":"0984c5d3f68beba1db4e6ade429cb8954cccaba9fcf4d852897ef69f8483428932c8f18a891f54b68f7d49a03c57f7144d802eb996d233cec930d5eb19f43d0faf9c94a2d7aaca40c8066a2882481f521bb5f6ba15b213810da373817eab3d52b5dd143a1521239482fbf4a07fe68c3d35c90c6ce27b55e40abcf432a261dc58":"49e0e0d089e3574fa5a33c963b403ccd":"":"6938d8a7625d1291f249ef1e086bb030ccdc844a9271fee16db60e7acfe4aedd720de76345109d5e6849fd1576c0fe0c34e73dca4011f8565cffccef427198c927f19f63b821f43844d008ceee0566f0d8062d7860e92ebdf21dcde80039a04504cd8ee94874b2eeb038962a74ac9902d9d7ce09afdac7aa706bf3892de19531":96:"48d3a8116213f92bfbe86bfe":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e9615515ca45109316cc02bbf3a23406eeeab2092dc6614db76e4e047a3b023":"46c4c6bad0f21172094ae07a47fd76477b69ca75cc08970e8dbf7b8644d4bcdce96f9d15dd3fba5fba3f851af145652ad004ee525d180d2f3e03bc0ec1c0e8ffebc1474c342732b7247f657ba87ffcef9333857123f29c4976b048c89c24107529dc5dd69004fd176eb0ca6ddae1df7be7d28b3b9da976413588f20c1fff488a":"c1facf73da64e16e4acee3fdc3cc6b10":"":"4415dc96d3daf703d392ba1318254143a58870e691570ca6b1be6074dd9c1feae12c72f9314fc3d19b6affb59b642ade6c4e64b7c99f850bff781de193cc0a321a29356addcb0918a282e53801541b5b01383fa7624c36d1f67423f02d2b54f58deca582b7031d192a4d32bc154ae1149cb3c5b48538c803a8d01fa7cfc1683f":96:"322d8d1b475a7fd3d0c45609":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"52c1a14b4ed57cbfa317fe0db87528f4c5551deb9ffc88932589e3255b1d3477":"eb9081e19b63c94b5f3a696c5fc2c0b7f434e1574394d0b41dd67dfac28a73d4ba26c86b3728b2802fb9d0930c89586b09602900d33eddc5a00a4e98881b5acd5597aae9b80b1569ede74042948f2cd66c3eeae227ae10241df001c85dfe8a5fda0aa21142ecade76290dfdd4a27b6ff3a932dacc0b5f461501239ae8d6d5f41":"36d02604b5b24f49b08bb01053a23425":"":"12fbea9e2830ba28551b681c3c0b04ac242dbbde318f79e1cb52dba6bdde58f28f75f2fb378b89f53cef2534a72870a1f526b41619c4b9f811333e8ee639be1250a5c7e47ecbee215b6927ecffaf7d714327b2c4e8b362b1a4f018ff96f67557ca25799adfac04dd980e8e33f993051f975f14e05be8b7342578d0c9d45b237a":64:"01e6af272386cf1a":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d08a07b3e94025523a4a6415029c8f9e11fbbfd72564964c53b8f56f865af0d":"4ac7c27b07a4aebe5caf1de0538d13a56e8c11bc73713bf78c7abbad3b9f6d690e00487267da108e2f2ae67c24b4657e77bb83e2d5e4b244cf34e924cf7bdb443f87ac8cdb374147449f8d06eb517a25dc86f03a389f34190aed5a7faace03ebf646fec2b173b2c15fd5cbe7c5affb6c3ee6d1cace8b00dd8f668a2336da5bfc":"98b745c7f231ba3515eddf68f7dc80f4":"":"337693c5c746d8fcdf7cd44d8f76a4db899402b891176e85b4c549c366ad709322874e986d6b939a350d2a0e3b77924d6d15454d882d1d3c94469d749a20d8f0116504cb31888a1e81d3abf25dbb7a7f9e7def26b9151ee649c059da1955f1716423c734dcd26a548844abb6b64c44383ec698e59361b6582c6883b77c338342":64:"7a9266c4e5ae48f1":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9d9fc42b58deafe9bc9734f4129dcad34a2e55ee5ad8abcc3f7bc42dd2c0e05":"11dbcd6cd53d2af766a1b6e4af2bc8bac2811ef818da2d1f81c140ab6e0298e958fef033736bc6e0dccd660b9a3e4222bdf3f89a95b206785d22852201e6dd00b44232ef3c03393893813dccf1960410b50cf50602ead8bd246fad88e66c88b50821578004779b6c45c13d8211df1cfc0fb2d7a342f58e4f2f3623fd31b12c30":"67931493096f4550633c322622bc1376":"":"66ab6e7a547705d8ae8ac3cb9bc5fbbc18cd220f89aec7dfbf4f72e7bc59b483c50c9471523c3772efc5deee3a9c34c96b098842cc42f9b7d7c0d2530f45900eeb9502e4dd15363b0543c91765121fd82fcc9db88fe6a531b718c1fe94b96a27856d07707fced3021cca9cf4740833d47091797cc87f57f5388b48e2296ff352":64:"0de60d4126733404":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97e736a63870546ec9c2325a8e367c8ea17a7ffa71f6cadd6909a5bb9eb12814":"608280a9dcbd6dd66100a9fdd00e6dac2183e32c945b2b4d255c048243bfea15aad1a10ff3eec0ba79c531239b489a5dc155dc2775519f8d3d2ed82fa7ac653fb7c77e0dfad1c175b6c69963f5c12ff9840f18e0202502e9d1e3b170965cd86ae411af20e6d69a608c99ca8dae3cb3bcce666841132a99429bcde490d9f0b6b5":"d35192b4d233507b70c6d32f8e224577":"":"568a0d584fc66c876b7beb9ef8709954a2c426fb8c1936b9024181ca2cd3a7684c412715c11eab80a181be0238e32a2b689e9db36a2ac87db651058080531e7b1110938dcb09615e385d7b224b11222469145f6fb5f4c0e87b08bb3006bc5b6d2ce0a15be7fc29b27c10c645afd9d8253c094fc0f775086bdf2adac265b474d7":32:"af18c065":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d05193cc0885f7b74057ead3a0738b74eb3118b1a7e74c5c941ce0011197122":"c58f51bad815a43a5705c311de4a846ea2a70cbdd2c30d709a2ae0ddf82b7c889dc599fb6e0328fad21555a99530be6deeeb5b1beb333322c2b747288e52fad008513f8040a4735cab3c8cf32c4e18bd57339c85cf5dd71e382067bee7e9ccaf68e767d77fb005a3b73a51acf942fc3b2c5c9eec6189d01a26c6ffb070165874":"5160b65bf7a2ccf77fa2e3e0b3866f26":"":"64dc5834a63be414c3714f1b34feddbacd568c6466cbd06f665aa269187a160db79306a53b629fedc1247bd892998fe3208b3105f6273676bbdbff6e254de332d02bc8842ef98d6b79994792eeb5be3a807452b14ae5b5027db81421cc22936ccaa7ae1b77a145462634e424ccf2dfaf001ed4477b804e204120a1416b449b8c":32:"364ef0b5":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e8006983712ddfedfebf95e6cc3b0aadc23077055e500ae49fae7705787f2e3":"e3ba14c4e39ebad925997649872b8331f1700c8f98f80e58d92c85a84f2a427094d9d771b276a0d35b17c0c030734399070a57345d4dcf082b96c7eb580618f7af8bdf036296e20379e74e29f905b52a0c46fe7d46201a075e7de7e1a523a0492c1f228102fdb89f019bcd4571e041c5d37159dc487ec139fa37d33142fc8082":"e36e39d787394f1401fc4b173e247db0":"":"4d5db4b65a1ca31f3d980cc30037b5d79d28280a31cc5d0274be77dad70dcd37f652f2ca999c9aecf08fd2a02d382457a277002a1a286ab66f9e437adee00c3bab04f831dd52147005a989606171b6017d28970c8986899fb58900e23d1bc6a9ac0bd4d8b5d6e3fcaebc9903923e68adae7d61cf929388e0e357c7223523d1ff":32:"d21637c0":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cd8ec237009eab590dbd9b31e76513dfa3501701b1a706982944441d996e1839":"9eef7c9a0fa3e9a7fcc4b2f9d210a97d6653ded7913f2fb2de825a0dfd78ae1cca68c040f2328009fffe62937d630ee9d6e0e67bc12c38c0b3d035697d4c2311371aacf41cce0d523016ee436a47d93af0df77011131856d072c718c310f0995b71530d70a3da881481f46f21dda62e3e4c898bb9f819b22f816b7c4e2fb6729":"a3cae7aa59edb5f91ee21231002db8e2":"45fa52a0e8321d82caea95bd9506f7331923e2aa95e9238908f3ff30e17a96389dfea75e225e34e1605354eaaf999a950f469c6e2e8722da5ad9daded6722baca00e5d1b8e63266ad1b42cae161b9c089f4ffdfbbaa2f1fb0245d1a4c306d46e215e8c6c6ae37652a8f6016f92adb7695d40bde8c202ab9c2d70a96220b4b01b":"833d58f0bbd735c6164ecaa295e95ad1143c564d24817d5f6dded5d2d9b2bed2dc05da4a8a16e20fdf90f839370832f9ddc94e4e564db3ae647068537669b168cc418ea7d0e55b2bb8fd861f9f893a3fdba6aace498bc6afe400fea6b2a8c58924c71ce5db98cfce835161a5cf6187870aa32f522d406c52f91c30543ea6aa16":128:"c1df4ee60b10f79173032e9baaf04d3f":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f0b24f054f7455f5821fdc6e9ca728d680e8004fe59b131bb9c7cddb0effa51":"d406138587fbcb498e8ec37f0f3d7f6b2faa02e6880424e74cdba67ae3468b6823d37fd917a7fede6b34a2f0fc47c520e4088766ba82a989f0d8051a3a80cc8b1e3e1e2b1c6620b90e99b27e65951aeb3936263fc2f76c1c8effa742f53987f8a38c731a411fa53b9f6c81340e0d7ce395c4190b364d9188dc5923f3126546c3":"f52f7a2051047f45ec6183b7c66e8b98":"756cf485b6a8e672d90d930a653c69fdbf260d3ea18cd3d0c02175d3966a88b70ab8235d998b745a0eb6a5c92899f41e8c0b7aa4ec132c8cbb1bac97a45766a03923c9b93c2a055abd0127a83f81e6df603a375ca8cc1a2ee0a8b7fd226226b0b19bd2e81f73c34dfafa4fcea08dd93dd4ab7e4b437408af91bff566068a5f34":"e58a03f664003d0ef5bdb28931afd16e7747cff62dcc85bf4eed6e573ea973cf615e4ebee40f35d44e18e391b391e98dca5669a5b0abbfa67834836b122d1909b53acd50e053d5ca836894414bb865b1fb811d8af68b88b4a302fdedf27fdd27456e9aaf34a8d53c9c8587e75843e09776392dbb0501ef41359c01e8980e5221":128:"258492b9f549d1b90555eafbe5292806":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6f50efb3946f6a6dfe63f12780f764bb6ebcf2127d3804610e11f0bd9b68ce0f":"bfc89d5049a5b4015c9eb64fdaf9fe9f4be7229e67c713a7b368f0550b3a5e12ba3a4399c64f60b7157e1b289b154a494deadecff0d0686ab44fae2a34ae4cb120a7f00268ab551f41c16a05f8999157be1103464127a8a9bccf736c32db045124178c90472e664d8e67a2ade0efe9a3b048c453d2fb5292dd8d29e62d52c5b5":"63c1192ab7fc75c17e7812fd960f296e":"335cc5c8fb5920b09e0263133eb481fd97f8d9f29db8689fb63034bc40959a176ccdca6725e1f94f822e4d871138fc39776fbe062f07bf80e5c8891c2e1007efeb77c158ced8d6c002b04442ed35c40a2187a59c02339c05762942208e3be964736a431017f472dfd5fdaf8fb8c645cdb684f9632057b9eb755253b4b75e3688":"ca974942ae0f4955ca0736218e4e356145c1ef42135b1142b55ccb3fc5caeec630eb50e69b5a6f97c11d4b604189b27496623bb0365ae69f4150e201e72bad8e7b883185588d0a31c44273bae87194b1610114a83ec47ba68a02e29891de43204977fcd0d551778335fc77fcfdf3fd63e9e5e0c02930a0321ffb093c521cd0ed":128:"2f11a01cb0ef8dcefad9233bec44d6f0":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ec566324ad9d4cd015821e2cd4ed4d3d507bdb3c65bd50acc85f690ef06740fa":"348d35768d7192415cbb92c5625f10edd79f24c56d4b821aaf80d7dc83e901ede6be94d1efe11a3acd16ac00aea8d0d4875c47522332fed11cdf0816b26978de431c89d2fe6d122b2d4980f1d53a97edc15e490a44e73cba9394ca4bbb871675c729c39de80d6678c71b1bd220e4647bfd20a7ddbefe2b7eec7276b87c92ba77":"95c8a544c4b94e9fbfd76e66f40bb975":"fa6f38f8e562a54bb2281dc9a7cbe0b981292fb00dc0053185550a300661852179d0f2beb4e7759b81316fbfead5c858e6fce73f3cd2c2462925dbb199a4e6c121d051b1b5ebf60e16d1e30f6973b19cf31830da30588fdfff6115a4a1f6d977a72583379a56055724581be5232b0d1b0ae88bab5d4a031b058bc8d03078dcd5":"8b4da79f3ae1ea35a80af2f52fc640055e6a3b92617ddfa79fe5d8a49f28ddf36a82a17ca0b3cdf1726700f7ffc09ae5b412d064fd52a90a76bacc74a0b89e38dc474e880a2b768ffa91fef34c47759a7b8fd7faa32a4fcb258349495e4438c7b2055a8f462729fa4e7223aa9b47087695e3aabf43afb32e272d536b257b748a":120:"b1faec277697add8f756391dd9c7f4":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd6aa4ff63efad53772e07e0fa7d6eda5e73be167620fd7c9f3997cf46cd25a9":"592b3a6f09841483770b767bed73498c286896d2ad3d8bd91f83f92f489b1e83b0456a54e067a79e1bf59eefc1d3bd35cecfba940811d06a06e9b8f774bfeff557bd7e3f0864cb6bd3f867efbe3f040d2384ae8e1a0e20ed38caa668159d3e33c4669478d00963a1152305aa2037a5e06cac52d84021234a7f5d46ab060bd03a":"6386e03bcb6ac98140ee0706b54c8492":"0ccdaa4f54cfea1026a4d26338b1e6d50a70b00c46147fe906c95f0a2fb5d92456ca3aa28a257c079eceb852b819e46646997df87b873bc567f69a2fae471df03b0e5b94511189eaeedd238a991b326963c46d53080f420ec9fd1a74145a0b155cbcc0b5e47fa69450c7eb447080e34868d640f923923b91a9e13a05c73550ca":"c1be540448f1e3f432a10b3cc1a913cc4046595f5a57bf57c9d856cdf381832e914088d3388199018ff26327e3001678ab363da9457ba2084f5aa81320f1a0343491e0b44424018765861c5db917ce14e91a77f7e805d7a97a17a288ee66567c5c01ee61dc46a9aa8b281438ed377b792e9539e311676f81c567339cf92b8e1e":120:"ce7e361713630ecaff81866c20fce6":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ad3990cd57ce4e95342cdca4f07d7e35d575eb19f224a7c821b1f5a8c54d4bc3":"732809c29b5eeda974039b122b875aec2823e082ef637294658cc54f9bca88eb7eea87a366234f89919975d0e7dd2f8ea83198d5a6e349149a016a4b177ba43df2f3ca28e27b8566591d225ac25dfd9ea431cf1fb3ea530d65dac93aad47764a6aef8ec6903b6d145ea9a2663034d2a320690b92afd8032084b754be97604382":"fd4ed75d861da2cc14fd1054976c8566":"ab44689839fdf47e887b70fc1b0422dbbe5c1b50f4e704f9a435967ba8b70cf1e144a025d37292f628f9f7dd9d05557b65340090503201e8cf2cea2d6a73ea4850bd0931b90fd4a4306ba84b8aec99fed47ca1b16daee6c95c97e4ba0dd1fb130cd13f5ef77c5af96f61fa05305a3aca3775e927f72f08fc34bc994e69abaad8":"f48721b08101b35cde1c4ce08a8ba0049185b9dd48b66ab9971fd67dee24f89b456e9ca19ac8a9b5b3b088cbd53898a8c2ac1129752fb7fc55a0c3e2e7266ff40f7a9d63ebc4ab65f47422fc17cbe07fcfda582fd1b8f50e840ae89837e84add8be17d4cac3d2be26bef4aa8438daec9d2b139e442f99c32f2789378c8029ad9":120:"da6da2af0fc14b591a86359b552e20":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30823396ac90db573b6587676564d09fa680906bd6eaa6b8597e2e7549c9d848":"c55be5a0b8559e02de4667ba5656f7e46f5627af13fd34d327f6fbfc4f3a9273036fce2fb21232f8e2ed115b39b0ecb9a119c8fc17070bbe4e34d3544d7117ffda5e1ef05e063b5a8fceb23158d7824d6a1eb4d90a1d0360c6bd78fb24fdd4cfa35924beb4e090891d06f53fc52cdcaa6b8bba6772d549eb95b64ebf3756ae45":"496ac734afadcd54f1a4372ceb5645fc":"2d582131f7071e80cde1b11106b7d79bb208743de759d40b897efdab018f4eff1f91d2fe67e27af25a13f201bbe4446f20ac6b942ff7b32cf10ad1cea36945b67ac08b114fc616175a87437ee05f3a8b6566e9edfbc1beec0ed8696b5d5c41a25ac43bf3ce2920dd262233ab3405d46f523894dcbfb6c90b6e911ceb93bb7fa6":"c9da3df66111dcbabf731c6891eb698ac3283780f526e81383e201244efe4eca7a1c84a3bfa9ba5616afb15c1f1af0f3af2e071df6c1d34a343c3e3440f1a3e1b6620243d9e7d9a4dbda5981c3e876fd07f392d44bf3e0a4edbd884462ec2f71d36bde4a1b5792629da09a1fb01bfdbd532fbac71887a05a7077fc119a4638d4":112:"cec973a27c42e31b779a6a91aa34":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"815f2b2f0b1621aa198eef2761380f10ac9872a5adbdf6286bdf3386e56aae4e":"d16930c570414bb620e0eaa2e9b5d96e4424127e16461aaa5885c616a02ae974fb2890e73bade9ffa5066eb88a46ac7fcf258d55733d315951b1b71c5e3c13d78d60344ce921966297a0f6361cfeab03b346a7fa4f83a7a0eaf37576fa33a496102446f9f31b06ed91b51672c879cb18d4e38fa86e156d5b1dbff27925922470":"0843984bbaa565ca24f148e57a7d9c57":"1514b99c0ad3493c36fe1216d1a887a69ea0340101aebb03f60d7ed26893119e81e8b8c3f0bb4af5e10a3bf4edcf257473be9dcebb44a9d912f04d97a556ecf020c0bed7ccef2bfd5580f1fc74b706fea45f8c63d8de6f8deccc47a02dc86d3f0624e52f6f1dcd09de8000f2d98a4cc0896da6a564b92263673adf390ed909fa":"7506175acd64224b39f890e498ee5013bb46fc571dc2b125ed5891b8ce8bcf42342f015fd2df5f4b9cc220aab52386bf2247d4163951e86467633f96c28bdda166d778855a7f60465dd2983232c9e53d5f89432407807b0402a10f155f80055c339451a106ac54438ae4a945e60d5320eab0adad9a1e66d59b9d3cc53887811d":112:"28d9d780052b36dbe80a25d41d5b":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d1325ecedb8fc0fe449de558fbc11ddebef660e47aabb84edfe69837a6a9066c":"f9a4f7029feae5cf5bdb8385d6ad7d7da6a243c5026818e5a794c6cffb8dad3227964501c5a049b5a94a7ea2e24434e086800094118444c5a971bbe575324fb6b51c5939f81e78bb11d85d324742b462ce8d13584b3882617d0c94776f328a554f9d532b6515ade9fbbd2de1c12ab53671b7f7edaa7e20223f4c371c1f229568":"8aff702c40a8c974cf24bf3c645169a5":"9ec2e851dee3834d4843aafa740f3aac4cfb1e4d3a7e3e77349113f5200768c3e9dc37481d6292ebeebd2372db02ef8ac7180830c7187995c815d1d1520c3e2f8cf2a94993b18c828b53485073c8a845066772615b26d7a3d7d3e7d81ad1725797153f7ba5e313bdec582c5482adf76b31c871cd42a313018f40d7e23f1a7f33":"3a93663aab93c6cd236cba4db2c03942d9ebc669633936370c2834357e76f6555c34d40dfaab1e78a105da9092acdba8be89e2dbf72e89518d55e09eb2fa1ea7da505484ad4531dba3eb853d1ae1a477355ea9448067b0adbc782d64ec342c7cb781d9dd8dc2b14dc1c9ab5542b679782b8bb9b45ff6a4e36c513df169c8eddc":112:"7e682b0ddbe6c55091838616c352":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b92242268e598ddcf3a5a0de26d74356693c4dbca354e44be401f3d6804ea1e":"72dc75bc4c8f5bbbd9c639fbdb34afbb84706404c9e67eaee1959aa4b51eac0db4f975cb3ed8d8ca27f72f61c8562ec953a7b8745826121a7016e60e877dcdb046f236af3826c1ddf5b929c5bd9a92b0d5c23cf8983bf2459ced6595882b3dd0cd25da7eba981bba122623dae22dbdce05cf4e5d82d2cc54eb4f68e9e8eff02b":"3c292bbcc16c94b0a263f4d22f328915":"167dfab08aac8350574693b31210138f6b99cfb61ba7ade2e2abffe2255837a913c9afe332e8fc4b2463310df46492e7d982dcb70fdda2a8b03911e6be9a5c5621d0ae8ecd1cb390910b6702aad33394c25d1160b86687e25bb6cdc4811e3158bb85ba75548329dacc19287d9c004a0473029b77ca290fc47c1f96d9583bcd67":"c2dd42ab9bf3fda78032f73cbf7d28dd8e32c582a3b7ee79795551f133234d62ea6571a466b8e1af0b3d354b71a6582c9c8013d5f8a2c34eb3e848360adac1d5005cede58eae7784f32a31c40eec5a3f03cc1e7263d8515b36225b3515ebcf8dca2a77172c797d347ed3921ca0bc73e8ae56347134a6a2a06ae084f1ebb7b0fe":104:"02fb002d8e4a1d11bb0f0b64d7":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5c50059a61692a8f1ffae1c616158c67d276dcd4a029ce197ed48567e5ff889":"ab7e13923e66d0f600accd2462af74192c3de6c718a27052ef7c1302239c7fb2413df7c662657ca18228575ed138bc54f31663df548618e98d64402feab529d5bf6a678431c714df1fe24ea80017f455a8312bb5b710df8dd3571970404a806ec493dcb1f3f1ac980663f0b9c9823e0d0304ed90689f70d4a24da7d8504c5b0b":"920d82c6b97a7bea121f64f83b75dc65":"a9bd57db2bbe83177287e5f614dab977071abfe0b538067f7d0c5acd59bfba95dfb725b8e1af4573ff10ce135148a3bab044552348378d5ff0c4f8be1aef7ed60bb9a374a6c7b8097d7c1804fdf078f212e63e9f11d7404ad0d1a9cb28d5ba199aec3a6c41b9e523b541ad38cea763159836ede6371357ab1aeaedaaf4481c29":"8f7e87e3ff4f7ccd1cedc1df125199cfb588339119a5ea5f9bdb918f89ca35f9dc16c6465fb25ea250eaaa8e7f00aca2199f92a2c244642bd15cbc9b62caa58115ef01d0b4a9e02527e035744b20892f79b07aa47b6c6db1332f82434764c43124b27148f2f611766781df8e4cc0b5ba99b858c13c233646dcb2b8749a194f08":104:"65da88676d2ab3f9c6d590eb80":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c7cc3588436ad9e877de72578d30026d32746817ca7a8fb7df9870650aa48d8":"00c2845fc495b89f870bce714f8604a7e7a96ede92c4b9bdcf044c9a176f66a28761089c083d5e2d613c746711238477c0efdf475e18af99e88cf76d04d4e40495ea16c462801443cd7f69c5d36ac9f337e828c308f1d1938b1fac732274459827cf9806c1661a247167948a93eb6e998a4cea76bb825baa27e4180e52633bb3":"5e82285a3b332c693e427f9410564489":"9971b8e234fc3e1e9644545e383eb065e1866e2faa6513278d3972add5ec0e71b1558329fe1ee038a27919e43bfdac8cf08141ab540528f74f9d5bc8c400bb6ee7867e4dbc2aa081d9126ac374dc62b10004d0e233dc93376b93c0da415e7d3e09851f2084a99feeb25939e21893056870cefe7cdfaf49f728a91ea0eef605af":"ab7bac4ddede796576e1fc265c3c598055827be74dc7ed8ef172d00a648da56727767d68fcbe6c44e7272dc8cb15f03a26dc439178849b0e9ad6c7410dd4cca3f9ef40ec7c280042bbc199155c7341e88d35e5e8d0b42856e618c6c30e43d49506ccc3518585c951a3898409315e8b3b4d0adccdb561ddcf1b9d3b2cf3de9750":104:"2474c830c6ebe9c6dcb393a32d":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9d73aec506e022c0692892f6dbc3b4d41e86b97fb377c1956ee27b9c9ab3b32a":"f02bf60f10ed876a803a96e75f3fe17b4e355246135a0cd5497baad2a40a523c27e27bf848f0cb5d0c6428d08bec9590b17fca5e697990d2a6f7d21080ab614f378a07461e7a6207229e0a087e285841ef2f119cac7d8a2d3abbb1e7272a0d7dd493c8c4f797e160c36e086227ceae4923658365b2d3a3fbea11aa2fab3499cb":"bbacc081a6107364dcdac83abceddbfb":"77e1da090e4d3a892baf1afbc12a56201a4362d8f09cda5e9bdb23411e6908915301d66403acb3524898c1c51d6970a71878accd0048cb6cfbd4bf941c174ee05eca2c4a29f1c24e936d3a63cb6cfa710617af1bbb41d755b2f79e135db914a7dd00c590cf741078eb72c3ab559787213202dcc0a4734bdd612b917e372f0e61":"d78fa4024b8d073899ac09b8151c29b10a37793b76f04921bdc7dd3d2ef530a831e53cf6a7ddeec0e033ceeabb525bf5ef57bf9b3661ffb57d3bd4024252fa11dd569102c787c2d8489a1ad1290dca2e8edf82fbe6b5f83bcc0e888045b895e20c8556ee80430cc8640fc070491d2bb81a1209428938cd8e7a27e0e858029421":96:"2235d00a47d57cfbd383b69d":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73198dfd92d26283637e451af6e26ff56e3b7d355ed7ab8b2059c1022e0ea904":"2471b3c4cc1d6884d333d1c998c7c441808ca884cb88173a225569e1689ef39e266e9ad381926adeafc2daccbdd3c9457ea1bdc3bb05168ef1eead1504d1d44dde34f96e1a7f2a5d3fb33cf5292d52fa9412800419570db0eb24fb74d55de202f5df74073c5a2eb9eb726393996eaeb32072bebb00593de41b97ecbab2554186":"e36403ce1acc63bf50b47387250ef533":"cad023cfb73d08e5b082c3061f3a6502a1c1d53038cfb19074d0ec26c9b272db93094147ef0ab2bdce440a2b3233bb0429add47601f011df679698264c0f81444aba14576a1a565e5c169f967c7571bfb32a2a4d7fcae897863d78964c5b1a040cc845494c0ad8ff4353317b28ca3798e6252d5015b58e99354ce6dfbe8b7a95":"32afd6d6fdab2019ce40771b5298aaadf753d1c4cb221f01e4dfc8b1968f898188fa4d448d8364510a7e68c7393168efb4b4ead1db1c254c5cea568a84a997a76dbc925a6c19a9092002629f1d9c52737005232e5c7620b95ed64741598a65a9ec95f2c97b6b78bd85380811c11386074b1e1e63b9a7e99d1cb2807bfaa17f0e":96:"e22deb1276a73e05feb1c6a0":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dcbd278480434135fb838ffcdc8e7716e95ea99a1cc36d544096dff9e9aeba0":"da3b8c9e4aa8443535b321c3e9bde3c6742cd9f228c971257430b27293ebeb635917d6cba976c81934c3077902911169e8c6197b2d56a046b7ff03b482c38172accac98aacc90076370df28bc8a2044c393c7541b7b69b0fb852746dcf3140ace4e76861975814d2b5966f7714fb6cfe3e4299d79182fc63a345067a0aa54d8b":"b737bcdee4ef83aa83f124cf7208a671":"49a544aae76b04e62211428a2cc3719e4451f3dbf9a23b6ac824fc472e95e38386d267415c1472a8b0707b0573b9eb2a39a5d5a13464947cc3a7a7dd3b7196f11e87ab5233944f7cea3f4d62b088febf8b82a44d4ca6148be1ba24905432b7ac2bb4ebaf22d3bce97ac2bd34158b6011fbac77ee1fa96ca0c9c9e0207044fbbd":"061b491b73f9250798a0fb1fdcd72a70eddc9cb48c1f10119387d45c50d5fbb8b85592a7977487e45342fddeb8d481eef3b99463972f66acb38fe04953c223c5f3e02611c8f33cb9ad7466860895fae585d40bc78ec14d1cf17b4c5b75e4d8c6341f1eaf80da4a78aaaa30d3bc8bff15f234aacbee4067a947e42275b12e0bdb":96:"b897da3061c77aab5eb54622":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e00467f18536ea6b4d582b2480ebee883e4f56bd91af3ad7a47ceea3ece9acc":"d5334398318ade59e6bda5cfce8e11b25c9ccefa2f651eb16f66c03d84dcc900dc7c85e6d2b778b155ae4591af0698df7f3b8b9f64d4442ecc82035f7d8e71a5f61c515a963f2fba077f3cb8276e91b31b3f8aa193988a16a86ccaec4a688ad68b5146925ec21d55ded407709d34d140f37e1f87d955619453c3704e83918088":"aa6716e6b7107876a3321d807a810e11":"5606a0b77cc9020955c7efda33b7080e9c0e9fd374c4201b4324b3e6523b0407171141e8246d01292a34dc69331f7177d6b7238e16e0303e85741f9cea5698e42fc79217d9e141474068d6c192713c04b1ba3573e93480f69e4cbf72090d46d62d5b52e4a7613af8fcf0010d0024ea11c19cb04571c6d7045a1157cf81df18d1":"249119ace4e292ffdfebb433d5b57fa1518af3389eb832146c3adc2dc62fcc9121d7f6461a53ee107ce7edf362b365d8bc18e50cf9c328cb7c7aa7b4e8bfa07c34dc81c38fe0982bbc3b543485ea4b0ce5a76c988cdfcd241911cd66f5a5f9e0c97332bb0f3926117c0437470717c63957aeba1c55d96b1ff0f4d6045f908cd4":64:"70e986fced03ae67":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a18240f6135e7b6eac071546ee58bb52394bc34ad4e91ee678b72e4514fddcf7":"02f288eea5588e7a011f4d91eca232af70f60ae3d9302cae5a8a58798c1b4e973e3b1d07695934ae871201682554ef6a5b94976c6a1aa73d354f1d65e3f025bb2a3f1e93009e822a87590dbfd1965904223049c5ac0da8596955199ff767b92df10d1f9c05c40bd8204846c719c5594000cabd87342f0447e4e466c3788723f8":"149da8186ca73941582532ede16edf3d":"4d46e1e87322ca84d5bb92d58670f644083db06bdffd99fab0055a62b64a30b5a5673a108f0b9f114d379d3fe63a1f63407881c5b5cb03142109c158af42a00eb24d3b1873edd2284a94a06b79d672bc8f13358f324af2622e9aa0da2b11e33567927e81aea24f3605168e602b532fa2cf9bde5f8cc0b51329e0930cf22e3752":"36cddac99e2673588ba783d3c085b9935626687a2dbac9ad10deb4867c577d6f80453266b2400afd773e4edeb743c32562e85f7f8f43dfd87b10a2dd79eddf6e580aeb4cea92ac21cf49ca97398cc23c02b0ca59257643fb2bc6462b9cf04658352d53c2ee50d87cc5ca2ecb722d950f0daecfa0b7c33aaa2c91dd8b093916cb":64:"73cbe40df3927e80":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b64bded6c658090a85b5d889679c6a00579498aa82be1e3a628a1cd001e52a6":"182cd59dc1934199d2d2a2712157438c347e286f66b5a2b8b5149aa41ff7ba82adc3751be379741124dfcf05c531416a64f25f0d28abb6f7bf98c80762f0fa363da679437621dcf61bce43ef4d63178779d1a3ebffb82044d427ef522cbd2643cf1f5617a0f23103cd2a164a59f182b151f47b303c4eb7387ee5cb97cabdf985":"99aa6f359534da409a18540d82fb3026":"f55fd6255d8a188ce9a4a2727699ce16c8bc5c6adba88d94106038b74deb79c9d43bfaa47375148d843a5ce248d70193c8017196941b2d9e2dfd4375a3390c19d2f833b0b265dab30f26adee07ab0aeeb930dc3a9fbcf719a707fac724deb28dee2a6788b17fa3505290c2797c6dbf930b41eca1f6d54d75b820e62ec7023e93":"5a1211218174e60690334856483a3066e2e8d996fe8ab86d0f8fef09aba9ef0acff9d3e1e5cc27efb5464bc23bea9c778fc74206ae3a16e5fdbf99694ab7096f23c4b395d7a7b8d6675e56b5505ff62f52bf183bcc4433298296e41662d6519d9c1f0a5fb3140376c8890547eae72afe75c338ba97fad9f0184dd311bbdaf3cc":64:"8dbdc0746074b486":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cadef353122cec1fdbc236c0ab195fc4d732655cef444c00b6cba5c61e01c614":"a3d5e55fa3110a268cf1414a483adab6d58ec8762a6e6be81269c0369e8840333503bc3688c7be001cdb84d163fa1dfb05f3b01ffff31151f1af780c796822e3d564f785964a546bcc2a320d81a2bc61058652a8594ae9b9b0917400e08d4a99fa161376ac53cba54c92889fd3497e233aff4e12cd85d57375c7c89e92cdf5f5":"d765b5954e5b486885dc78ce6801516e":"ba0405745971eaec5d337fd22e0ad287551e7084f1c9c38231d675719e3980356e183a99a3c760ecf7a8ede5e0dac8d2bc13e135570ff6e91a854ea3b457263b0e77896fdf7bdf0b53c8276cfd1ea3e8e22450ff2665eacd24e5fb2be89373349fc9e2967763d43cbd7adc9a376b1b4ab956ddf8b1a56d9385fb7e861bc34df7":"9b99f984ae26f9cad5b3c8058757a0a5caef0fb86b8ecef0c1bca6b99bc72b0d5345a00ae75e37d4e651008bb733105d2172edaaf5bda4ad950a49de55a514e882a470dca7c7bbfddde40d38fef4e1f3864fd7e212bbc0383d0bc29ab2303c8935d49c35d7d73df2fba0daeb5f37f9ab0d541766da71b33da1018a3f287ba312":32:"c374cd77":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cfc42773fe2d16a59da52234af5015271332344448c214a2b4a0bb53b07a0a0":"dfbf9eaa46c368b28ef50227db97f29b5d9ed599760bb83f5d52f92ef5522815d6952ebb0d9b4efe8844216d37510746caf8c775d2c862bad8d67effe109a0cbcdd14ba8e31fa420a475e55ac6b02908346ad1b064d5b6b869503e08d057ae65e9dc2a2a26345917b18d1b715a2372e8e114a071eced0c29cc9966d7205ae010":"45afb3ba2db9287f06cf48405764a955":"16d3ad553cc0fde3f32112bdb478450c65c854927b198914649a2820a9e3d01131b693765d40bd2bb74a50eb4cd7bc8dd8dbac9c6a61acaf5e4cf81570814b30a6a11877a8f9c5df342f70008cbf0576bd27a50bfaf6e22a40bd77435da16b666a06d172aa981bdcae0d25b8ab002c6c1994a356d3c3b7e4dd7b99892b0784f6":"e29db2c4bccef2dda828ce652791d424a86cd5790e6ece67bc029ba9520bd8f35a214a73d8b86564df0eccdb60eafee4170da2694eb563e5a854b25d7ba0a4c53465fdc15c6e267be2e54263f97aa3edbe2358f3d9b8d28997388a57aa427a239a74534393593196253de1c2946b7a437a00480ecb2eb08dbe55ca2b3641c36f":32:"39e01fa0":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2a840df4be22c70786c873058d2a6e16dd9895cbfb55b9c9e98f958cfe62e65d":"313eddc53f3986927a261f498283b6dc4a39d26f98c7428127237d79a11c5e626e2e9cdb68f72aa3168ab23dfa2f5e03bc65a68d781f23fb9e295909cd9f0f3e5648cf82f3f6b3b509b0a333cb7d9f2b6e444c351a318f8f200a921ccb409def21b87bc55ec211a76a518350e6ee21d7379edd004b3bfd1ce9086b9c66d80ec1":"ebf155f7cf55e6aabdc1171c95c45293":"8abb8843de1766cfb8d6474496acda2f7a14e78a5e4c787ac89e6bc06cfd42173c35b3a75ddff644f4a58aa7502fedada38a7156457365b4c3c07bc12a8f9061331139b9a2b8d840829b876beb84f27d5a64093c270fe6c310ca3afe987bbc5ec4dc06358d5bf77c7b4e4fe4078c6d3ec28e9a281318da88949c478094c0065b":"769869a55754eb5d6d42e22a2b5271b38533fc0c79642e250347d34566eeca732e0565f80672054bd10cbd3067730dbc567039c730d8bc32a2bdaad09885651533a4f03174d4e6510547c1e1dd51be6070ab0ca0cceeaccf64a46d0ef87c0311bd09973f3b588a4dfb39c85086ea5d67dc531c287b83c161dcb25e07b671343f":32:"c364c089":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #0 +AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"461566cac74f9220df97c1ab2f8bb74189a634bc752f7f04526923d30506949c":"":"546d821e437371061cf3207f3d866c15":"":"":128:"44193072791c435d6e8ea7756a0bd7bf":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #1 +AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7736dbb38f1fe351a7fa101d91da62124c22ac02ee06b9413f56691067572f73":"":"5f01779e5e4471cd95a591f08445eb5b":"":"":128:"1a1f08c8f40b93e7b5a63008dff54777":0 -AES-GCM NIST Validation (AES-256,128,0,0,128) #2 +AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eedcae924105c86190032650e2d66cf6927dd314de96a339db48e2081d19ad4a":"":"a39d400ee763a22d2a97c1983a8a06a6":"":"":128:"3b4294d34352743c4b48c40794047bea":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #0 +AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"714df4b69dc00067c4ab550f37ff72358b0a905dea2c01f00be28cec130313c2":"":"c46d63d6fead2cee03bd033fbc2e6478":"":"":120:"2a0271b0666889d2d0b34e82bf17d8":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #1 +AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"454021ece9a87a9543a1626820d39edd1eff3dca38a287d8fb68bd315a7a2677":"":"51de54b633a7c9f3b7b2c1e4b47d26a4":"":"":120:"114708102a434e3a30088b5944c272":0 -AES-GCM NIST Validation (AES-256,128,0,0,120) #2 +AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d7e90b539c99e8c2187ed72823258c1149890a69a9c0081ff8c66e1cdea9f2f6":"":"6dba3273560f30f118a2e0251f7b7d76":"":"":120:"5f45e00181cd2d7feb4723e0cdca24":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #0 +AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2948233eec9bf8adf7250b20d62df9219d30e314c5932383203805ff9f3dc5cf":"":"d6b8e723272e26922b78756d66e03432":"":"":112:"14c9a9a217a33d4c0b8e627641fe":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #1 +AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c73fb5e732ebc1dc7c91ac25de0d01d427de12baf05ff251c04d3290d77c34d1":"":"c31220835b11d61920ae2c91e335907e":"":"":112:"9eb18097d3e6b6b7d5e161ae4e96":0 -AES-GCM NIST Validation (AES-256,128,0,0,112) #2 +AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a46aff2121825814c603b258f71d47bd9c9d3db4c6fe0f900e0e99d36c8f8d66":"":"7cb5550a20d958490739be8a5c72440f":"":"":112:"8c76eebda0f1fd57f05a62c5f93d":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #0 +AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61a612c76de551f794a146962d913f60fbd4431365b711217aaa4beaa115f726":"":"2d25462c90ad9a21073729e5efc99957":"":"":104:"e4d3b277dc9a107c0392ca1e5b":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #1 +AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b233480239fabd2035a7c9207a8e1ab2da45a90a472b30848fe4b4757c628db":"":"50d45096afd0571e171e1ab1ffb3720f":"":"":104:"5393bc06b8c5ecef1264fd6084":0 -AES-GCM NIST Validation (AES-256,128,0,0,104) #2 +AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc051ac63e6b051594158399291ed101a3efbb1701b98819c4835a4863734371":"":"1f304d4d7f84ab560366215649b0a064":"":"":104:"1081dda9e0a793916dc82f7848":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #0 +AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75f76df772af8e3019a4c1588a7d59925f80ce0d5647030f29548374e7bcc9e8":"":"d407264e09fbc853b131c8a9f808f1de":"":"":96:"d515522db52bb872a4d3f9d1":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #1 +AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"608d7592c094322b31d4583a430986bdf6aa639cc4b4a0b3903e588b45c38d38":"":"6a631952e4990ae6bdd51052eb407168":"":"":96:"eb8851cfdd4fc841173c4985":0 -AES-GCM NIST Validation (AES-256,128,0,0,96) #2 +AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86a90631e5341e67dfa55e68b07522507b437fbab7f3e2e26cfc6e89ef9d2410":"":"67763ee1890e4bb430ac3c0dbc2af997":"":"":96:"c6d11901b53cf6b13ac03cc5":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #0 +AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b8d12783ba2548b499ea56e77491d2794057e05fd7af7da597241d91d832b33a":"":"0365436099fe57b4c027c7e58182e0b9":"":"":64:"41fc42d8c9999d8c":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #1 +AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eb17c1bbcd356070ca58fc3899bb3751eea5b9f3663c8e51d32c1fc3060b7ac2":"":"aca76b23575d4ec1a52a3d7214a4da2f":"":"":64:"fbcfd13a2126b2af":0 -AES-GCM NIST Validation (AES-256,128,0,0,64) #2 +AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"916aea7c3283aadb60908ec747bcf82364c1827ec29bedcbadacbb9b935221c1":"":"e4aefe6f81872729ff5a3acf164922aa":"":"":64:"2035a7ce818b1eb4":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #0 +AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47b4b7feb91582a2f6121d12fd465967352e58d9f3d1bf27478da39514510055":"":"137bc31639a8a5d6b3c410151078c662":"":"":32:"822955ba":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #1 +AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8955cddce65978bd64ef5228308317a1ba6a9fbb5a80cf5905f3aed03058b797":"":"1370e72b56d97b9b9531ec02e2a5a937":"":"":32:"b2f779e8":0 -AES-GCM NIST Validation (AES-256,128,0,0,32) #2 +AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7795d631f7e988bf53020d2b4607c04d1fab338a58b09484fe6659c500fd846b":"":"f3f5cc7c1ec0b7b113442269e478ed81":"":"":32:"e4e6dfcc":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9aab5d2ea01b9dc35c728ae24e07c54e6d1452e49d9644776f65878199bc5e4":"":"96ec2252e51ebfb731b680729be73297":"983a102a67359f4eecac465b0d65908a487c98c593be89494a39b721728edc991726e1fba49607eed1f8ba75ae9ab82a1a95b65ebdf48d7ee3c4a2b56832f21a483d48c8400dea71537f4c459d1cfcf9d2cc97b32eb7c5146cbf44d7e5ac779e9be0ae758eafff2138d4c5370b8cb62d70ebb713dfd2fd7772fa250590609844":"":128:"766b6dcf491a5836ef90f47ac6ab91ec":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d713b33af57762f933d6abfecbac7fb0dc1e545dd7c01638b0e1510af719769a":"":"5da52833b6fc73c0e4b1403e1c3c10a2":"374dd4ebdfe74450abe26d9e53556092abe36f47bbb574e8184b4e0f64d16d99eaf0666fa3d9b0723c868cf6f77e641c47ac60f0ee13dd0c1046ef202e652b652f4b5de611989223b0acf1ead9b3537bba17ccf865a4a0fda1a20b00e3c828b9726bbd0b0e92fa8ed970eed50c885e6d69604278375af7b9ae47fbce4fed7d03":"":128:"6151956162348eb397e2b1077b61ee25":0 -AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a1e4ddfbe77a0ca3513fc654e7c41609cb974a306234add2fc77770a4a9e16":"":"30d6ec88433a6bdd7786dc4d3693bde8":"69beef4dbdcdf4e8eeb9bf8ae6caff8433949afc2ffef777e2b71a99fde974797dfed2254b959430ecc48db72cee16c7ef41fa4165ce4a0636ad4e40875d193a3c6c56a6bca5a55bce3a057a2d3ac223eba76e30e7415f00e6a7643fda9a1bf4d4b96ce597ffe30c3f780dd767cb5681bb7a3fd11668380e272bdd70e66f18b6":"":128:"d4a3c91e02a94fd183cb0c9de241c7d1":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"303930b8ba50f65a50c33eccd879990d5d87b569e46f1a59db54371fcbda7fd6":"":"2b2b28d8a5c94b6f7ee50e130268a078":"c2ff20441d96bae4d2d760dcbae636ca7e01d263c28db5faed201bdb39bcacc82ebdc943968aa0accd920d258709c270df65d46d3f09910d2ea701c018ec9a68af7fb3d76a9b360de266b2ac05e95c538417fec59cec1f07d47c03511751978baebd2e0e4f7483f7351b5e61c2a60138c97b751f6a8c8323970f6be05357aeb2":"":120:"b597491dfe599eaa414b71c54063ed":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e3b94f5883239c45ed4df6930c453c9ffd70b1c6cee845bbcfe6f29a762713b":"":"61155f27c629dcb6cf49b192b0b505d6":"5b7482e9b638cb23dba327cc08309bdb40d38100a407c36091457971bad3ab263efa8f36d8d04fdc4dea38369efe7ae5e8b9c190dad2688bda857e48dfd400748a359cfe1b2a3f3d5be7ae0f64a3f44738a7c7cf840a2e6b90ec43f8c9322c60dd91e4f27fa12197fab7ed092990879e964ce014f6be2a1ef70bfefe880a75d5":"":120:"7003f04d6b6d9dc794be27b9c5d5e5":0 -AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9080effb27994ef831689da10600e7a219db93d690647457702c217b08057eb3":"":"f45514696ff5ee1e6e5797f7bcff05c0":"5251f800f7c7106c008c0122971f0070d6325b7343a82fc35f3853d25c878215e7a929bf63cc8996f0ffb817174a351b71d691f23021f58777f962fd1d45ff849e4612e3304ae3303ace7b8ca1a43f54e662071c183a1695873f5567397587283433d1e76cec1103ee76f8e0472814424b8981caea1f624131fb7353afcd2cd2":"":120:"cfb6d9bccf0378fabae08fd230edc1":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8c291f0ad78908377039f59591d0e305bdc915a3e5bfb0b4364e1af9946339c0":"":"a9830d5663418add5f3c0b1140967b06":"e43c04e1f7304c1d83235120e24429af8dc29dc94399474d06047fd09d61ddc682684776c81ef08d97f06db6e4cfb02daea728ec6ac637e1ecfdb5d48f0440d8d8ffee43146f58a396e5151701b0d61d5f713b2816d3f56d6ee19f038ccc36493d9ad1809a49aa5798e181679d82cba22b0b4e064f56af5ec05c012b132bda87":"":112:"275480889efe55c4b9a08cef720b":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96c77c11a3336a41b61ffdc1724a80735bbe91dd4c741fdbcc36e21c53335852":"":"655502d70119326405d8cc0a2c7a572c":"c01034fc6b7708128fbf4d6ffa4b4b280a1493b9e1dd07079f509479b365f55ae9290689f1c4bdfa439344e3abb17f3fd3d5e2f8b317517747714a82f0a9ace04938591d3ade6d6095491a440322d347e8634008cc4fd8add7c1c4764afdb2b098b3f5604e449e8049a46b6192647d19cf88fa5ed1abab7f313b4285560cba44":"":112:"b4d581464c4bb23433699c418ddc":0 -AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a3957393669278f052ff2df4e658e17f2fe32811e32b3f62a31a3938930764":"":"a6f5a1f1f1ac77a1cb010d2dd4325cbe":"ce9c268429ca9c35c958ca3e81935ec60166aea0be15975baf69103251efafd54cbcc0bed76a8b44a5b947199cd3c2dee6878dd14a5a491a4a3d45788405d0129354e59c047b5367f1158bcf4e066a276951d2586bafc3c11f8a982ca7c3ba4677a938498bd51171552ea032fe1bd85cfeaeb87e87168f7a28e979b08358f841":"":112:"cd5986df8e9761d52cb578e96b1b":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b17652f7f04073afe9d9eb8b2615c7550968b9776b139fcc4f9b0300912cbdb":"":"9a8ac23ea74b292b7386138666a0fb60":"2732107241e6136f1dd28d233373079d75d6ac13828ae7afc751b6f9c57e77268c52ae91f4ab3016af2764597994573cd6b41f72e21b60ffbb3aafc9487ac19d0ffe8db2ae2c7505ae5963b032d1ee1bffb4c5bd88bb0c9a350ba26ee3eb8dc0a157955333e4f28c5ec7349c39229dff9f440da72909f2870aea873a76545ee8":"":104:"f7b94229439088142619a1a6bc":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16fe502e20d6473ed9a27569b63a768ecd428738904cf0b337df510775804619":"":"431a8d78b91414737e7c6188328a6d37":"934bcacbac10ea4ff6ee94b17bd7379b88489fbf123bf496c78c9b6b02ee97dd62eedd05b8f44f4912764920129e711701628991a0009ebc7017a1a19b177ec9bc3b0f280eeefadfa310708dfe214428a184147b4523e66f2d62630d4a12fd3e366d27c3b7d1566553c9b434ed193db083160da1f241de190bcbd36f435e30f4":"":104:"1dd3e6d610f359cc4e98d36244":0 -AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccc545fd330cf17e27d75582db28807ec972b897f812d6ed4726d2a18daac76a":"":"caf2f56584a59c42a51fdbfe4ad78f3c":"e85ae6b27778893f36f130694af0b40f62a05aa386b30fc415e292761cab36fdc39bf5687a513e25ed149414f059e706d8a719b7165044fcbd48c773eae546380b8e667b56824e23685173ad9015a9449bc1cd0b767981efe09da43a07bf1aeee08ba05d387b8a00199e18c874fb3a91f77ba448c3bff971593f94747fce9cbd":"":104:"5cf5c7ca6fbfee63854f3bcd15":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8340d604770c778ee83d0fdd5703b1fb304c3bffeb6f4c65e2dd0e12c19bddcc":"":"c0a580465b1b2e8344f795a6578a5151":"799f228962ef87865dfcfa0addde7366de2e4aa78029dbc8d57d7e50fa7c74343458df3465103556a3bfc5ce217fbbb5b2835c9f76b70240b40fd605bcfa6b790d5985a8ba54354e0625263c628e8746c451504fc58a179f90f77f2b293d8dbf5582b031082025c806e60143da9ebb6133ac8367376d0572b32569ee799540ae":"":96:"318f56bd0f3832d043ef700a":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74de45262fe09e12c9ee7100030352112a6532d1874cc6792b4da6950677eb2a":"":"9f7fc7367f9afdb67fd1afffac058e2a":"289ac6f5beecbbcbde5cb3b0fdf4a27ba237fca33719f774ed33a5fd35d7e49f76d3e88c53fd35561655c35469f3eefb5b2f776ff2799aab346522d3f003154e53f4ef075f016aaa500c76870e6659a5f9af197c9a8f5b9e0416ed894e868463cc4386a7442bb0c089a9ab84981313c01fec4fc0ba35829b3cf49c6447f56a4b":"":96:"bc1b8b94ff478d9e197551cd":0 -AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"441ec8afce630805d0ce98b200e59f5656a5ce19e5ef58241e6ef16cac7646b9":"":"a1cbeffaf55708c375dcfeb496b21f4e":"5a6ba5d3f5a7a4b317c6c716564c648f0e6bc6b0f9a4c27affca6d5af04b7b13d989b7a2cb42ce8eedd710be70c04c0e40977ca1c2f536aa70677038e737064fb0e23d3dd48bc00ebdd7f988f57141e164e3c18db81e9565a62e28c73770666ff3bfd725eebd98946fed02f31d500b0b7ab4dafeb14e8cc85731a87f50d95fae":"":96:"aa4bb3d555dabaaeb4d81fcd":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d643111c973ffb7f56bfbf394eedac54be2c556963b181cf661ba144f7893a62":"":"4575b00b9af2195a0cc75855d396e4e8":"b2c53efe59c84c651979bcc1bc76b0bbf5e52b5c3115849abdbc469a063e2b1699bd292e5fcb3476e849c9edbe6ea14c2ab948ed7d21a21f69406621d3d412b043eaf813be722d92739a33a361ed8081c0eb00400c3c7d4e329f5ba4f7b75d534500f42f178048cf2e95b768ffed79c350f2ff72cb355abdb30af0a1363c0b4a":"":64:"9d1d182630d7aeee":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91301ee0ca694ae6971ee705f53c7ec467f4c88257d6466f6f8159a8970384b9":"":"345fb57e88124a414828730a85f57871":"c13623824a204385f352388098f5e2db23426f00a73c60c1bf1047ce2c7cdf7f7cc8475781fe7075d1226ad18871e12f0156f35e6ce7032efe3bade1c807f9eedc720fff7a27a2f4690f904be9c99b54a65509eab60e97c4283596eeefa2b2517e95de7620382e3f780efa1dbf5d3908373adfe784a4faf298681e171bade4b3":"":64:"325d08c5b96068c1":0 -AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6ba5c11daed7f868da9bfd7754d555a147a1ffd98c940c1cd5d136680e05c10":"":"b0c92b79d78547496d770678e1ce1552":"5b1ac8ff687f6fd2429dc90a8913f5826d143a16a372cca787845cea86d9b4778708bc0aa538f98e1031850f7c1d97fb64fe29adce6e1d51ca7f5203fc0358fe0bc54347e777dddfe04e3d7a66a1d1e2bdb8b8929e2100daf073845db5dc0b243819754c4c08f4fc3631d1cbd79ac7604746d677ff035930fcd6bd652e7864db":"":64:"b1819b6f2d788616":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5fcae1759209e784dae5a8278b267c414a03ce7c803df1db7815b2910d10ce19":"":"24c5c349b3effebfd076c88a591b8301":"ca2778e39fffce7fbe8f912e69d55931848dd5ab0d1bd32e7b94af453251a47f5408ebacd7b50ddd1103fab1c72acc0a02f404c5661d8450746d781e2c0861b6974ade9ee2515da88b470f16d5f06007f35ce97cfc17fd015e438af39ca6127db240babe9c42ed5717715f14e72f0ef6ff4ce512de95a179e60d6393e73f216a":"":32:"8e59f30b":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d71a70fd58125b0da8dddf8d23ddbe0bc44743753bdf259448d58aae54775a6":"":"d15b02572dec98398ba9e68e1a463738":"81313be1eda9f27e01b30877ca90e825f55ef60b15548c45c786c44b024e7198f333be7ddd2c3f593a9b77b68e6a7ac4cfc015aeec66f4823d9be7152f02a533f375554309a4db0fea8e76255144458e488fd19106d9a9614e828ae306fe82af89e7981369b2259c49bae77f8ec2b1f169ef0449ad083d11907234b72ed2e464":"":32:"99df1b8d":0 -AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b52398c7c75e1b146cc9998eb203159925cf6fc0b1c993ba46528e2f8e8087f0":"":"afc9a60ab8448b77fb05e8410d0a26e8":"770b3782f0e3a19d7d6bb98fa3eb0b916928a2970701c0f4a372a0ecd63499444ae02fd269ddb7d92e11a9e11d0e0b8bc60096a4be79a1e063174b710c5d739d8d05ab5c8ba119ff40843cf8c5dc4e1bd6fcad8389de3b606284c902422108d85eb3589524776641b175946c9ade1465e0d1064c5ae073be90e3261878a9af98":"":32:"32d6b756":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6793869513ac886ed66e5897bcfa263877d8465fc762b1ed929ba3d08615fdd5":"cda45e29f487f21b820e1af2c8e6d34a8bdf3f72d564a4625a6e06f9bae1c2eac3bbd5c5958fd75cf389a1a31391211745029dcd4cb2575f40ab04710a909b88c2d430cdee279f54cf7c0ff6638d1e0e631f526ee198cfd6e5cdf73d1a11b69de01d640f385fd829616cd2c0e78f09b5f64012e42dee9eb0245b72aba1404e0c":"a43de15dae25c606da1e7a4152f0df71":"":"385834c853772af70675b6be2d5087df84f88b6a303ea594a170e6dd0398ae270fcec61661ca373f4653d8dcc9e71767568c0fb03023b163bdc9ae8a08ea858cbb03b8182b4674147cb35ffda14a2f50ed9eb48d5351f00eb2fa433fdfed6f94833bcf656a7e350eb978a0aaf7a91674145f28f64693197a116b21328e273dca":128:"159ffdb05615941e11f0db46ac8f23de":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f77c141b234907b38fb45f1b3602f3c29de1ed839bb7ba51f6192aa8baaa287":"96dcb74a78e99676a71673e3c9f94c34b34dad2748a6e42cc70ea50e41ef8b86b5992295d2cbc8d621fefce09e8948de7e696b9788377d598796afd002a82b628d9890db78359e1edc075cbc0d3f11d544bfdf5c8a838390cb856735942dff260189c00accfabf720e5fef1d9b7131a6b2b769f67374602d1a7ed9b899b2c398":"1b49005788148665cef20d8dcde41889":"":"b4ca59caaa94749317789b92257f2ef1dd3d9b1f4ee9540927a6ae7bf5bb0b348fcf25ba8ddda79a89d3174ac1713421291910c8926cfbb4ec1e59be7dd50e816ff586f165c605371ee6077ba4ac0ce10499f9a2a44866ce6319fce22652226164cc0a813c3147c4461dd0410e3701d4647d5a003090082e367cb9249cf1be47":128:"8048ae0c35a656fcaa2f4c1b6be250e2":0 -AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2419fd9dbe58655122ac1022956a023446b7f4756163769fc1b99eaf8fba1474":"93bc33dc647c7321152b12303f38937bd191ab3ce3b3a43a29f6853b33e415667d97192fcab2d1baa017042b301d03bae2f657505cc58e3aa4bd849d1ce85ede0e192a373a3894c41c54edbae29a209e16c87c81445d43968595297b50b55659f8b92d7282a2b3ca85e4b5d4ac4ff5062635103f2c7806fcc7378d5c2013be72":"94ef13dbfe9f362da35209f6d62b38a4":"":"3db23c161cf352ba267dab6a55f611eb5fff78a75288779a167cd0e4db6e75d21f11f4ff2928abcb1b46d82c2a0b1f647c60da61f9a72565f629b06a7b3fe96e4141a6886436859f610724bbe43fb99fac9b78b1e0138e2d57ce5fcfac1599bdba5701cb424535fad9ac482ab381eadca074e7376101b4b436f9c43ed760a0a6":128:"ecd4a7370096dc781c3eb3f7e5985ef1":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"08e11a8b4b24e63060c5002713725bb5b4a412f1d76eac13989738ce94e19642":"d5598f4e37274f3b617aa4f9cf6b8547b4eb1e0eac79f6eedd6cd5364f8891f66b8d0cb09f54777d461bbf92d6fd74b3fac412b77f2c48e1024cf09b83c1e71bb86f0a20f82d296883ffee62a4a192b184bc6d7ba0448c1519310c83b18c00e71153137afad14f096b43d454f205ba6b6c2ec162aa992cebf50735dd9bb37c7c":"c6f1e6a39cabda1089048b536e39cf67":"":"1fdaf0156456b6b2a68d66091bf2260792748acf3e7bbb7906af8e0df3b569a7c03ee3a48bdfdff7ccd52433d0bbe8c5fe30d93633bb9d591dfad7d81bf8efd4d4a3c5c0bf2ac9832f0a8687f16be640fcf9b19169c251f46b97167d95115acdee3d4443df416275f5597a52c17a4b8c4b723d4b35a7fd0b380fdebd44df8bd5":120:"cb9f4d4610c67acfe612af5508bb8c":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da2dae0107c284ec2aaf6e7306959df1e92d3932b88954f119ab677c6b9dcdb5":"277675044caf1713109d4d3abf50c6fb67dc67f7fa584fb1a41c833feead03177cf4b42edac139807ede16eb1d9bed27db741f9542d437781405608de18418c9f7269ab3fd88f6a922a31eab5a3b8b2aa75ee4315fcea80c4954ea6613b1360b1c7c6b6da815e3f6e50f72b7e69c3b6cb3d154855e3f83cbd1947eb54018155a":"2005f79d55b12e6dfbab7fedecc50e2d":"":"c2aaab524d1738b5244af642bbd16b32ba954e69ae51acc804a6b0f89f6cb77ba2db2b0e109cda6036786f9cec5587b01e306ee8b3d588748c61ad7fce1266165729d0153ee189746b107ce15ced667279a484294725e120dc1803d2c751784436ab8ff1d5a537628ee35742d1917dc51f8cb46c2d6b983bdec502e99b85e5b5":120:"52b4d7f2cc44f0725ee903551f681d":0 -AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"637807b3e472e2287b09d5a3ee62f791a416419ba35e11c49b24dbadc209f0ba":"e91a0a7320329dabb0d0fd7f099a4d313724aeeebcffe6fcea5b00af27d258cf9774845d29aaf5dad634c6f087c3311b1c92775fda8df8820c91186da30dc79747be6ec6230f2c261063143f4fc89d94c7efc145e68bfdbd58fb14e856578ed57ee5b3cba2cc67dd6497f05d1570efa496b46f5bcbf82ff9c6a414f76fcf3f5c":"46909d8dba6c82b86c7a2aca3c9e71e0":"":"13b4ad9c51063a7f697f3fc68030144aee0aeef0b5a52c9d4920a7185b0452159cf13e64ca216ff16637d0946a75fb5da283fcd263dd7ef2c8f14cf75537742d1f0e48846fcdbf03bc343203f7c31cf61b36374033462a7b813f4dbe9386e57874591fde606fbc150d4916c339f1950b09b1911b1b9119c3ff4053e05910ffb2":120:"6a5c83f807401d1a9a3a2688289f61":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"33613dc6e029df0f3ab9ca66fa96cdeaa84c1261dd586723b1ce873545565f7a":"775862b39c2a509afd3470a56891fbb79bdb7dacfdb9ac72ba4730cb936d364e1aed3c92c01a018cfcd7953f751003934c15bdfdf2826e9947ea8e521f55fd2a04c75156e4910f38932c9732eb3e60423e849d34c55e3fd00b48d83028e3b4f35686016126ff16c942ec859d3c3aa2ee6d322a92dc9fa9b0247423416f5a4b47":"59484fbc27cdbd917bb55f815f9faab6":"":"069f80826dbee03e6a3437e7c6d16eb6022bd14827b8e45bd440d9b1a8ddae09999388ba0b1be0a6bafdb96f26dad523a3592fa610d5091f68380f4c1c3fa9ef7a0796ab183e8a82c2bf1f76300f98ce983eab7a93ddb18f1c10534fdb61ace83cae37e225930ab870a46285e733788e907255ca391945d409d2e53dd8a28390":112:"9f31f8f8459eb03dc3654caba5c2":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75d8132f70ef3f2d8946d296c83014683eb2a4a58b555c0f48e4bfa5774d6672":"a5be88fd43dc761838f3a9c7d62923c38414fa61b3678313cbc8fa9c2e5effb6cad7d5be5f39a71a28ff327b68a69f7e6a6bcb90eccacaf3a8659aeb905dd3e38efe57f2bd0d19daacae238baa01a7051084da6598fc5a3783a18decefc8efc8d46c7b1887f87d6d70c909df49340bcc680832faac3dd23cab5bcd80553dd485":"5ff41f3e75c25cedda1b08a41b89c4b4":"":"959396b86913337f2b1fb19767b787c18f00661c5d601bc65e884e15ac8043081459e889453e906ee267cb5d04fbaf250144a56c820eca34469967c73daf50796184ecf74f3c054bfa63bdd0c32425a8e10546ac342bb8e38a186e42a403cb80110aefd5f2d0bcdd353daa4430b8e7ec2134925c454745e2f708cd0b90d9d672":112:"ca0889a0eb12995079cf9ba77019":0 -AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d44344d2ff9a02b1c75785bc84f16e4d23614bf43b2b9a87798b418e905c532":"e5689cef9f8258a748a615070fcbf40ed0b24c077e2f9a362cb536737ffbc5383bcafed278d4c5e0f3c83fdd5cde79483c2c178f6fef05ab50f2b8db680027a175bc6d702d249efcd6cbc425b736f1905307c9303a4bd8aca620b57e3bb4b68f2a515259b06cf5365b675edff3457e2e915d7da1e0802f7300b3d56c4644f4ad":"256a983cd6d6eb4e80b5c1d1cd2a9f21":"":"13eeadbecc4c9991e2aa0b1ca819572ef28517528320db970739a16994f82cd8b5bb53d889f298f65c63dcc07089dbf7e9d00612d2cc8220b5630ca0262a698836d906256896eea446f6de4506e558b4f20950528c8c397b6b5b04890204b77a163e46c80c96b3e268fd2754e0380e7330782d606c771d6085b34200a80335f0":112:"b33ab1e4029998e2566583dd550d":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3999a6a394943be3d6e5732af5faf26caf483a3fd42c13b7f4f02132e93a990d":"8907e8832553264d7e92afa1595842ac661ddfec3f4294567faa0af61b3d0fdf76a922a2f3affb36b3b3b97f18d5172aec0b8f6f01239bb750c0fdd5da1e1244473cdfade83797037ca46d83123e6105c5c54071971f190da0c59821b0bf87242502bd19d19c7f463145bab0e687a18ffb2216c4a2ad2caf9488801c33c78c03":"76e2a5141d094b3a77765ba328f33576":"":"995189a396486b451db0167cf6990557287074def46eef872e6cfe1a297e256bdff2b71668ff0184eedf00ff1a3ec91358874718f0af88acf2bdb191e97332dc544d940412363840d4c03c7b2231852393c62d625093011ef314e4f755b1d0ee37690b4dfb55194a1465714cc3cbcdf93af39e666be0407508b8764f7ee95d3c":104:"87c8f61f459fd4a09d9ee8b331":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4359a62d54c43770c3a0d51da25cc32fd985d9b41c282887299d2e348aa25a36":"f020c9cafba399009bd920c3ffc165d4db47a9ee15ca8c1f51c65e306ccccd3f1d694071a3c765b5255eba6ef6a280f6095f8c195ebdfbee6968b57366e62e16d05b1768825ab7fe66300941270aa121b4fc02ab970ca6e32170cdbccb46fc548620fa1777049343b1600bfb1bdecec6682f0aa7244a0852adbc7aacedfba446":"5fefa85c958417b6bc8a61b5496fea93":"":"3b8f829aa1cc1532a434bfbbd25f42480311657215946b9216846704fd5da5e886ca9d130df466c3b58f5259102ea6b9ad756e9f484a38dd0ed289fea083ab99fefbc2747100071744f10e362351d4ffac6c7c1f5a49ef3c78e2dc667f6b3bfd0fec454c4e3139443da71e514540d7a228db193a4c35d639ec13c1198ee7f81e":104:"591db861b9060869edb228a324":0 -AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d798a357de5a686d06c329e451d7384bfbd462063fb8ea7d77a13dfa1f2aac2":"d920785bd7d7b1a2c9c20139380a6ac5f27a11b614ae110da14203146c2615d81e97649e95edb0eda71a0fa1589244ed42fd9449962a92942e38001ac64b212c7e06c113129712a01556577ae02325a26eb92581c0a690a894225e83ff1e36776f22b600508d6d96a0d1c55316b518df8d09769df5e8340cbeabaa0bf7752870":"50a003c0cb50ae8a3183cd640ea4c6f6":"":"9af6a5341cde4b7e1b88346ec481024b40ad95a51533cdd8e09e4809a20684f18eaf243e1df56f02ace9667264cc1c6af6b0914f154b332234f6468cc471ecb2078a9f81c17f4ade83d326b670795458d110e4c4b4cd7fe7f9f5f4d4fb23a038969e4ff4f74839b1edc270fc81fcdc8a0b15b9c2f0561567c471b783b4322ebf":104:"6c2f01264f9dbf29962122daff":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29b01b6d15f6e68fc2e7079429dde5363888a6410191d603941bed272daef7ed":"123b6da306978f745d1dd86d7df32d9421523a7f329dd29ad98d2c309145844010295ef443a18d37ffe093080682fb96ba9c2c92105d35d77897b589e2abc7269aba8752c2a48c843bebad2c0fa281015ba85f5f709f6aee9b1d49236d5695f7f7d01554b193c89adcd1a91749138952cb3f0ec8b5f046328b3113aaa0715ef4":"cb4ac8373bcbf1b14cf2a6a6a16a422a":"":"caf71e09395d596d5a7b091c9e87ba6d522e974451e41f33f3e7ded554f24daa9da719e87793424eca9a3eb3972983354041091ba4b16c5c8c14913e1f6cbda09779188e9b5512917a0adf4b4344f119736ba6328897726a317989cddc66f16bab64707564bb0064fe6ab7b2b5cce143e94d4b6d739f58c47b6d4850697f8101":96:"f635ff3d8bfbfb49694e05ec":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f96d8cdcc21884e050f762c049930d78360b56cef5b99ae232c9a8c6e8fa89f7":"9cf05e5065531d2539d92ae76a43da1fa3614ffa4b1c73ddc2358f8d71345c01260060239edf629efc3650e0d13174af4294b6da0f39cc7fbecfa324afff89dd7d203416bd144c5e03df60a287fd4a8d54ef9b4b44b3d6de1d9de07418b8a34ec5c28cec3c5b2fb861583178a68ea0af89f2dfbfbd86f7cf1e572e1c8d4b0675":"5a7eb964b6bc9e75450b721b4d1f8f92":"":"566abaa23b8d464d6f107699453740e9e189254145c5132fe46989a6654de297398913daacb4083b29f7b31832079616e9a43c9c2878df1df451e49f1e629c8b9de2fb0e4ae9df48e3e8880f3f1ff5ace8842d2695e702dd1b7bfa7c25b0539b8c80d31ac91856796beced082c213e8be56efd646dae932f5bf503af46f491d8":96:"c049cce29c401d3d198773b6":0 -AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"253234c3dc9cb3d50a80598c5cde0e37b6b13bf834f3595a9458dee698a6d19b":"686ad2740bdad507ebe97aa5bdbef25b8b030c4cdcaccb0d3b675ca91279db3ea75aa222c0ae98f86c24b10038cbb4fe9f897e1145b2f58cd3e9120f9a5620f38aa1e1f63906f557ff4a4c3223f5bb13dca34f8a1c6419e24ea57d114c62fec6fb9eee58a16b9e6a6bd930aa6fedcfc591311250e7167d43cca5916d5beead27":"9d156414acb63d11cb34870b937c837d":"":"96abd56d2f8aefe6c687f035df46c3f952a9933b8a51698e47d973b7d47c65ca3ba2474cb419c84a4c3cefb49e78cee1443a8fbbdaaecf73e9059ef34ac5a0df3fc152ecde2286da8840ad4617fd6ebc1e126314204bdc0a17b958430eb9f727498ff1db17aabbdaf43acca0945342d2ba9346da5373b2372b3081605e895c99":96:"3d998e5be9df433da001a686":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1054d48d52693d2797c80d3f10509d1c808f36a4d65e8fd968e5d56239f856bc":"a708e9d2d27ed4228e5b23d358561a77d684d855db9827be2bc102f2278f1961d3f056fb76f76204b2c96b916eb5e407f98e58edfed06de2388521832d97211d851d3e29658df738e3a15593b9db016d9e46fe9df98ce972d59f7058d484886ffaec7b9fd973c55644831241c1ce85bb478e83ccefd26b9718bfe910ac311ecc":"87611b936873b63abeaea990d6637a22":"":"94473e84659bc18eddcebe3112f55426f48ca4d670291fdedd42cc15a7415aa6795fb75b39434884eb266677e1fa7f530c6f3aaa733c0d9c06291bd7dff4c4e5857b2ee9e9f1f61a85571ad32dc9a3259017abe9eb5111e56df2913535669f3b2d722bd35fcdbd6541918885d9677cccaa902b9d3599cd4f0df1f35f4d11b8cf":64:"9bd7cfe1023448ac":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a95dc5127b9cb1c82d558d5b24ae049e24447fd676a49350089951afe01dc797":"45f81fa4780a256c40a0efec9547310406904d8991bcf964aa35ec9af457e2a642c1343827839f1f4b42f2b226da351731f416a4b4151f07927c278b371404f027bb2058e1765b367f5433a43fa4153883351041db3f066ef284a3eabd584d1d0b1d594b4ce7b5bca1708fbc661d95a9ac0d77dc29547f022eedc582fc7158c3":"0b177d01993ec726fff082ec88c64a31":"":"16c77b7f541d2dc4e8d31da23e04f18f4254aa283e8cee5b776f3d9a27584f459d0747955efff8945f807209ddaa6421846647d4198534b244498fe13a9073d372171d1b2fc38af66204f3de04000c093ebe659173b8d78dcfb8ca9003d2cd44ed168e6aaf55a06f29e83ceb32b98bafb59f109599f88b5c0f0557bd2b28f03f":64:"19eb5f808d65989d":0 -AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"53d6393dd7ecc40f2d52460ecdb0607133ad843ef53f380cd3a2755bfa567abe":"72199c54dd5efb28c104e3b7210855506f6577d15c4eccdaa6a621a572e15f5845d648cf71b9fafef3411f6c1a664c7974fe71126a5cbab907e2caa342d8d7a05bc68a72c824896ec40e520e90b704dea441d22c5918f98803a88293384f64f92f11650c2cf4d3b062d30e14d149160742f59a473faf8fe00f4bdab9128c3281":"db7e93da21f0c9840c54c56e9c6ceba3":"":"5e83f559fa54926b731334f815783914530bbcc472d4bbd5e65908fb1c421442cb4c57329f2e4ba3d146a6499f34d8f1ec6d43e0cf98bdba923f404b914700edb235b08b0330097ea4162fd0baa1b7177ef0b29d5a6689bc56b8f975d6b6067ade4b8baf1d47a2eeb5b2ed28ebeded381d55d280cb2fb65ce4d82b69cce0594d":64:"4e65dde857a0f5c7":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa4a53c7764a254b06e1d8003810300b70f5729306effba9fb6210f97648a499":"19f3a8c298478d6868bf3b31785eb62e844c37200672e6ef1ecc05c616d981e02c333dbc3f86dbb7ab9ba40e9e57e133e6d1d595fcc6d8e9886a84517212669d5d7ce0f1383cb58681b92dc180c06caa1a7ac1ec974dcd7f2bca7ad2ab2789c9a3a487d64c484319bffa56d854a6d40c62b02d0c7898f641f106ff50d22a12e7":"c32288f97af9b6e31aa7e40d9ef8d016":"":"1fa6aec7a28767c8961363dc4264e6ab97014264f6fe1dda7e9db8646ce9a5463f69e91aad2fce696f9b641d75635bfb0f97ed2d7beaca944cf8bd9dbfffe77b5ae9fd032575e5333c7ce27538c609922843de87b960ebca7c2a2ef9702dd0c32f787b4d7df248fdf526d594a90bad0d6a8dffe212246c36db71e2d348326624":32:"1699444e":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f420b6ef96d9bfe46dcf18246ee230790a6fc854e730f1dd2d1ffd0e8b5c4776":"658a954d6c61d0d6f0e81a3c1cc65684483fdc95f280b6d4c964358596c25ca41c389932d74a1a3a17d041e89b7110ea315fadb3128c2c469c350bf9b4723aa9c8abd9065ebbd12c317bfb7090f09633f8c1184f0c4fbe10f5486dbfb847536c886f7d144ed07272a7e62fb523a04111e5ea9e1ab415fd17e72143006db14e9e":"4982f502a37eea8bcf316ced466c9fb1":"":"8630aa78aabe35d9360a44bb2094209b6f70d46d71e3949803cf54e33dafd54c6e49eda9e26dc5c0c1e34908f5281c8cb2a1aeee81186cf45d3eb22f486320c7ee0fb7bf3c211b232a8426e7e82f3e05881bf7d9454cddec7f28e5358cd0e9ea2e9cff938be044c1b21911d50b2ae23ab1aef377511ea657adcb560c34209f8b":32:"3aa91b73":0 -AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50f3b822dfc70382d8695811e6b0a2896ea2bcd4d5268778cd484053c8a19288":"15bfb3a562ced63c92561a78374af40c88a08ce02392419e03d7543365c5b6525951ef2dec5927474a0ef85f519e5ef795881db3eafa765ec38e6be7b565a878c13d90c02889dc50cbe87081d9225a515504c7be15bf97f5d72a4d81f218a148a46fbd42983ab002fce0a54719bfe301bb761753cb330dc25be517b87d0428d9":"980810c11abd3aff43408ec9a69abcb3":"":"12632296f27eb2439009f6032a3f648370303dcebaac311b684de2496f399b271347b19e045c1060802f3f742b6c780d20b9d589cc082d7d0d580dfb7231171cfb612227fcdee7feae4f8defd34c89fb0d68570e782192a7bdd9a5464f35dc6a4282cf9cc3fdfac988d129eddf8e0795ccc24a113f872ada88834c974df8bc69":32:"32c1c4c5":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29072ab5bad2c1425ca8dd0ae56f27e93f8d26b320b08f77b8bd3fa9d03edc6c":"3c7afc5cfc5a1e141587e93fef8427d4f21d892b983b7c9b6e9de3ee168837a1533847c8a2e2ab0706ac1474e9aa54ab57e7860bca9ebb83bd6d3ae26ca5387abdb9a60c4a9928484742a91294b13ab8f51eb4f599a30e9cb1894aca32a62a4c2793ee6793df473f43234c9eafb44d585a7d92a50aebef80c73c86ef67f5b5a4":"0201edf80475d2f969a90848f639528c":"4c8ff3edeaa68e47bbc8724b37822216d42e2669ca127da14b7b488fde31a49c7d357fb9aecc1991b3c6f63a4ce43959a22de70545e6aee8674d812ecaaef93ad03b5d4c99bdef6d52f21fc7fdbeb1c5629a76df59620aaefda81a8e73cebe4c646beffd7f4a98a5283cc7bc5e78b2a70f43e0cab0b7772e03a5f048ec75081a":"f3755aae6813e4e4b84a089ca1496564676655ba3c94e59c5f682adbbfed21e76aed0db78390258cf5fbf15f06c6b6468414cb6493c8b9b953b4954ecaf07ecaf8586ae001710d4069da6d21810bcdcbb831f7041cdbb984b7c55878598a6658883178dcc0fa03394519b8b9c3bed0e5c073429f5dd071a9184b015cbbbc62e1":128:"0549dd9f2a123bd6d58e5cd16c0624a1":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa9999af53720d0c1288fd3fe307a471160635287eebf41dd77c82d1f9cc9d61":"6ce6f2dc202750219e15a24e1ff0678ffdde55b27cdcab6da188bd5235a3bdc677f72f106579d02c2970d4542e4e2372886e1a6d74c596ce735f51f2ee6aff4d62bd24112ec7cd1adc7c660561f163170cdf047c241c53b8a5b2e03fde48c249a319bb90c2693c468c9dd136e94e05f067cd1d68244ce50be318ae0464b79acd":"6299d651a032bdf3a7e6b25ace660e30":"afab0a3d1960ac973ee2f4461dacd10d189412b37e572cad7888bb4d2453f1eefbd6725aadd5f982393dfa59c3cf1ee342dd91e1fbfab10a802e3a0eda226fde2686e7db1015405a3d33c921e5aa857bfda53ca3aed3ff0e18c289406740a7c5d9f86ce43db40c9032e98ab126c7c0364e2efc008312b7641d36503d183fa5a5":"a8059fe6ff711616afb591b5e5de497b3b7813f9de658c7b47cc3e7b07d0805c1ba05856d98341869b8394f3b5df2876ae19837edb3931eebeb0f26eb6c4a2ea78003d82a98111305208ccaceaf77e5d71996cca4f9a5eb712dd916b71455f741ec2dde51f56828667b7a2da015e1886fba71e496a542d94a38efbcb5353fb89":128:"2ff4d8d00400ad63a6ae7842eefb16eb":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"31721e5e3a748a7f7369f3dffc1cbb570ceac868ef9d1f29b944b7e86a26d273":"6afc1d22233a60c3e6851447de89152a0dbadcd87e35fc947ca4bc886f1f87549ea106b097e2655136833d06dfb879a85732298860c149c5e5ff03bb2a95d9cd3deeb8ffdf951ea5f97e32c1ed75271d2ea58d158ae6d568bf197d69130977e330ebfef33f222bfd5b56bc6b0382dc99c4f0e42b0aa7a117b43f96d43f6e02dd":"523247d56cc67c752b20eab7a28f85fe":"11eb41aeae3611f0de77bfa1221ef5b7d254faf893dbdaead926a61605f8a86f20f1fb84e0c5acd195143bc5a4f297bf729129f898a2013175b3db7004115a6120134d8e354afe36699a6c6618d739c805b5b91739df67de7667729f1d6eae1a0609897999d474be4d8b826df901c6f39d522570d38d2d1aa828382932a177b1":"39e7f32bb3e8436d97a1d86a22750768001fe3a805516d3f800352323afd221991105d12da69ce7430402fa7923958ad5ed85506b968c4dd89516d6e3d02e722db3954ce098ec3299ef4f2ed4a89f383408dceca9dabc6f8eefe5a1f80093961c29a94b222d1a04d2c1e453d2e02977f3dd77a4659e2bde2fdbba8e2829db4f1":128:"506883db674fa0417e0832efc040227c":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"100bd2bf9c8b24cc2e8d57697cd131c846b55ad6ff0b214c0de14104b465b58b":"81c3370da989f774c1962f60c57299747481bea0e6b91df846e6ef93cada977bc742ee33ce085ae33eb9f7393a0943b647205a7e1ffb2a6a803a1ce7a88902456d66612362962b97c7152b57f1d54de94a39f07c1a8098da4ea5e498d426b7036c642fbeebefda50b8c421a7a33b1a8499dc35011d80a51d34285824d6f01722":"363e8af6f38307ec126e466e7056cc45":"471f7e9a0b505b12996747ec9e32731f11911ee95d70795bbd1bba34cf782d4100ce30a85b23f9f817f30e8f314e1a23e101201c920ce12ce732cc3fe01c74a9ee8d3e1599aa22f2398c3265d4dbda626a8ff4262889009e087fbef6babe33d7300e5cfc4c0056f3562a913d2594fee8e44959cf728599a9d3e7ee4a9ecd6694":"9494d01966ac887b8295bde61f0e7d006ea7b5c984a29cf5d849194f35d7b0f6ddb3bbd9646d7b9b961c515179901d2b04cb7cf7b6c8736d1d472ae8bb9a6dc9194b03b3f5373551a5ae0c0f023967669c873f0acfb02c0ae3a384e70f7a7ca05861f257f36a2ad5fbb591473dfc3ae1264dca0e889e0ddbf93dadf75db2059b":120:"5c78d914cac78c514e275a244d0ea4":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"614dd1762deb5c726eadf0e6587f9f38fa63d16bca1926955404f1b9f83e241a":"1ae828a1693d3c24651ab8ba59fb1185d08e6cc4a964f30dac59cd81ff4bdfce8023ab1b6dffb594a4250d25f611763efb4152cd35b937ca11373d237f1f8b3c0e21b942beb1f4ffe5014198c9ff59896ddfbb55e69963e3ef6b03d3fa134977870cd6f3ac10bbf59bdcc9f103cc2d58f294ef5f007a9f903c7bada08cb454e6":"10d079a86894b0c17bfcc8ffc4ecf7bc":"c4035f80b6d2ea288afd4ddaec1eb232b78be5a86583fa85f791d546102c97ace9716c2702483d762c8e4eda12f3dd10a9a49a2d72cd4694fa794477b54b4367be6b548675aee4c351e3f66c7e113aecfbcc57b8bbab4a039f28488237c75313e62612847b915ef9b582e146b2bfabbfce576a984f5ce4be0e6bff5480584fc3":"bf5fb0445aab46aba504801d5356455f28c98f300670a731bdd0c901a1d5564aa31f5d467e5f80dadbfeca61d2bf72b570f3935ba04c45a2ff7994bac6cabf84db2a42cd5db2a4f160c97c76817cc5cb62d4006d895fcdb218c1464b5caaadbd1f61779938e9a84440615eae050cd6f1713cfbd695d78818b2af78157339e9d9":120:"6d815ee12813875ce74e3aed3c7b73":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12e97fafff7d397ea34efc0a8528afcd51c1b2ccda680ae9049edc8359b78ec0":"9fbf0141cd50bd1b3ccaf137b808b698570642ab20c32120901622b34173d7ad119abca3c61bbf1e6dd5cb182a079f3e01b0e5263d984c6186f01792125dd6c47c30033008ca2e0377f990285094f652c55a348242dfaa59f76989fcf86033c8d9c0b2a526bf46cca207e055e1dbc7cf3d0b7a840c8fb5f85784c9e4563f71de":"8eb11abfe350c0d5a6b02477b44867e9":"0a830029d450e20aaef484d4abee9dadeabbd6feaf800b3a693b4746db059efb7d110405b45e45a9e5acf90957c154674dfb2c1cd787af371e01bafc4e8475d0268b969d25756a1121a519afa61f3d6ecded4e0640f0ddd471f5b8e82029fd2887df4e65af9580390b6924022e39acfede7530e5f0e54f0285ba565ff49af542":"067cd6ff8461ac80217ef70a91dcf6edb2fbdd31856815cf356fffa63ba3f5cb293d7f1ed32ae40248693617f27839a34e871fdde635c04d1e66743f730a06e2be25cafe1d67d804879fe38e009268ec50a0294da445c795742ff1e924170e4c2e0e9ef3bdc26c251f5537218d295d93d57baccc4dee6185c235d7ec5c9926a6":120:"931f44f10993c836e534a59c1aeb98":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c732da000262de558bd3ea65e66e20e11605170c90b67708bda43f40abed74fe":"7d6c981c30ef87a46f53aecb4c97124fb94b45057635d5bf1d4f3a3bdb534e9ab62b4a425de9dc52537575ed9ff406cfbf75403d3d9cdbd9fcd520d62065f81483427fa27964642cc1a07822da0f6234a689eb30e8425d7709abfd18666c76c963eecef20503ee77c96802c120abea1428cc64a08fc20860527854fecc571a6c":"523dd34ea263c31c2215053986626d02":"f170556ac5d38f0661bae33e0826356c8488218903eba1bfa49b16882537ef78283fd9351f37f44a7687049a608c3ddcc82817d4ba96a40d05807a38ee3f2d5cb8b1121db61318fe22bfd3afb319e84c4e2f94570a92433db29bd2193485449c719a2c6030696f53ac729df90678eb018783b25740d806d1ef6980e10d396595":"3470d4544f7bfa3ac0627a56e66c56fa062188440834b9238bd20e89dfc701fe6cfe0bf4ea2387014bd83c63ab7c912e1c0dce7c2d92eaea155f886b574bc94a8f4f275dffe2d84173a05b99d8029c36dd3c35c12709d33f55c3bcd96e9a815f77a4fe8e50639d8f195a526486f1209d7bf7e86ac3dfc4a1d2cbddb6d330e5db":112:"5924f3ceff0207fc8ba8179a9925":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2684bccf2b845314a0c4b8b5a780f91aa7ed1177539122dc8717c14bb50e2dff":"1a4174d4e18ae0b6434f35dcd9c86cf158c42ce00ceb12f4356ec118d659820518c326a1b2ab92279d949f74c45219c660cb84fb6b10b14d56a501173fd3b129ac89db0de22874d92bec724e94751f91a817a42a28e8e15672172c0b0db4ead46b14d4bc21ad8f5ba1f9e7e0fcc867700681349b8102a208d76ae4ef7df5b56e":"8433b59b41fe0cdc5b30e4e87c5028ec":"280026eeebf05e26e84955e4a36352d4f97f3193dce0795d526d05645bf5d2eec4b92ee8dce54d78fd3fc3e36bc79d5bf9ee3b2699310a75dbc5007bdacb4dc88d06515995f8f5b1aa90cb8fc036b763a5e819db70c091802fb7f24b9c2a68ff194032fffc4ef798936aabccbb43f22a2bbd7e1ab9d0434d443dac4929b84193":"cc155e04472c0872d5ccf8910d34496f380954da7653a1e1d3c460fbbc791c9b82e35176e938b7e21eb4690ed9fca74ba45a03dac4abc4f625ffdfad02e1acccf18b5a1878f911fb6f6e09ce0d4c6a0bb87226e914879a1b3085c30e8328aa6e0d1c49c21b760b82e469981b40ea102f3998c81dd9799f484ab89b19396ab7e1":112:"5a80008e6da40c71b316b84ae284":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"484a33ba0b97c2887a86a1476f274e236eb37a72e05f9e74348248877ea99e98":"4d81cec14b398257a31ad1e3581c00d05e12b37b71260bdd95bc0b6981b614598ffbbb3ec4bb7deb5673a1020139877122f88504c9c53265706fe76623a9b488a3dfdd4cbc1b7b46c7fce9d7378e164964c0a377337a5c172e5e4de6206375164cd7beb0305d7a90f5c73e12f445326e1bc9ac5acd1bd4bcbe4662524891a2e9":"c3a5cc19aef6d64b656d66fad697b829":"30f276f96a50e17b452dcb5e1b4ab666dc7c4c72d0d9ab2abaf77eae2e3bab7dbe5ac005d7eac5480e1bae13646b59155528abdc148b3b71f06d017c4b12d64aa3990cc96941eaac14b60eb347e0be873de2b6fe2b86e2c2fc063b29511b70144ecd315b9491001b122701b9c8cc1d85427b6c60663ccd9d1fa84e1c2f609f36":"579fd8fb50d795b5b208c2d5b0a8b1804f754a30a1003025301655aebcda2d2ff30d29a16d0fb17a28401127750fc87c9e3aa08540817228b049c387253ea2359035b8063ab4bf54504ca5ad93b54b8ac5bd0c1ef3c6769fb1ed239bb76f3e0bc51d356aa91b494d22749c8e4cdb1629e93f7c6e46ff9145916c1275669ae5ba":112:"1c39aac1d5ffe7916a08ab2ce279":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a5f5321b515cfcde493148ee4c44c693b1979b3a3ba522a2a80e5d27c93fd1b":"962b8504feb57ae73e93c2e8962c9562f409c908e51f9904df1623eaa0c6b998db6ee8919d805b6ffcc37da51300c1ae16bca21f8f6f63af989a813ae8fe28c3fb012f003dab7e71b08d757799208806062d62b4ac937712409f9fafff3e3579a4d92d4437a6f0b263e1da7e4651e0a521be5f6f49ff5a0778f07bd5d3dac696":"c2cb0166046bad0cf0a107af83921d7a":"e48abfb657ab33f58eeda8c58a20e7e299bc3e7481f704c326529408580f9a5130cf6f7368502d20b03ba6c3b8f6f28c076a3ef7b8e987750dc972be953e712483e6f328da57e4b5c501fa7c720593eb89ff9644fbdc45478f80ee89f096694dcb44a9b3a6aca0904d4aa4e475b4b24771df9fd6ef9557f4f5c842ac241b212f":"11bd55d969603ff3d46355cb19c69557b99825a4c23eeafc8eed8422dab537c0fa9753191c49a6fd9e0d6760ed816a49e7f5704b5936a498544e2bbba7875c513c031f11527ca1b9b579960be6964fba9119dcece8205c174be07ebffada83375678de76fc012b0ee179787b4aa9fb6e2b459575260eb01f23786dc24d1d45ef":104:"36853a029b5163ca76c72d4fec":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c8f7b7e6295fc8e33740bf2807caeaf4b90817cc3ef3d9f38f704d9f6164e41d":"4c26e489069b487ce9dc0e295d5e89760401185374041b0efca5bbf758e7d010ccbfe5999e2a817776aa8f49c1e5d43bcdade2989fe5be635dab54cb0e390a21b832b30f688857b9e09c346bcc5397e51cf71acbe1bfcaa1ecd7e87fe5dfde180d951922e60dd8203ff210c995eb54bb981f7e931f0b1f52dce0cf1b2eba503f":"903b2eeb9d0b3794acb7439d341cfe0d":"83e99497bfbe9393b065b0b18c13f99b67f1fdd724fd5d70cdccd2b8dd658499cb9f57e1a1fe39634ab0869182de085722a79eaabf057aac7b3f3230f51a2f9b48b49d592f02246dacbe915ff9d9a53f7e5332f7a9d89649050b075c07e5e74f281ca1a0dbe632c0aecf3b1911cd6ec4f8facc2777d0d14784bf5951a1c62c33":"63e2941bf4a13374627be66bdd4e57119149f81f4c1a8a321d27a4a79e7d61e2dcec9d7b13fcccf12f5b059cc209f8414ae81966462a266e92b4b3c25198ee240e0bc6f6197df1e24e8d4379fcae89e6240a7f9c7bab886e79990b846e98e4bacb8b3b17422249943e9973de42da5e38e4eb52830b1facce766b3389a5312476":104:"6e31c5db3146ae45ef5d50485e":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dec062efc1bd2556b87a81143d025abbaa532c586d5ebb065859a2071f8f07e4":"02191bcb060e61827dbddac6c2961dbab8812cdc2ac77bf0275628e8e36bae18ad4deb77b2682ade0aef76afd4592173ba29dae4d0735963c803856eaa6f60a6c21785358e87f3c4a91e321c59e04c150297de873679194ba5ca857f7d91ffc358e73810d555ebd4dbd1fe4fbc4ffa4ff38e4b41db9af0a84fe9828708631469":"19abd0361443c3ac2a46f2606eeb1a69":"c3785e7c0095726fd1f3ca842057b0ea2baf9c3fe1119c2147609158a2039f26cedf8a44e046955ba7e7cad9f48cb49274fc53b109d7897e080af252e7dc64807c276bcf668d2cd505c9ce8e584609d293ebd2a4515bfbaf78c413d6e29dc90974db38b564ffe9a40d3955dba9f19b6f39bf942669cf80e4676d6c10df566ca1":"91a16c7fe029e3fddacf0809dde7d041c438977b89192e6fed7605d0133f3d9e810355d186432f6529bd2c4cb9dadb4fedf5128cb45e25a3a46bf74ed93f31349f64a69dbe86592d76e437947f1c1d7270d1cffe80afe10ae8523541961eacee1838c168a2ab76703ea4674a68a96b8a298a672ffc140e98e452d501fd57f000":104:"5b4071a4be0543aaa59b56de35":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b7b700d978e33ae9311b206347f488e2832fad5ce7e6026ad5e24fb47104fcb":"37aef6e4200c6abc3d161daaf9dd6ede002ce8c63d9ed54e8ac56bdc8d36906bea663d2857d8d543166ba150827735ec78e37f92e682275e268d377b1880970df232162e55c9311882f889e7d183e5cf4972691c85f81c47e1224b9c97ee3963d75c6a032270ad6d713c999913f0b58a2d4f42b85a3b0b40541a31398cdfb4b0":"d0bbc284af767af9a31b863d66cb6138":"dfb87a65ab2d99d7d753042aa47448ad830e546d298d6ad52b85207bbb0cbe8cf3cdb12b3544f1fc228fdae04a241abf9e71de8ae14f2de2c261469c383c682e13582e07cddb1ed9bff1fd2aa0be7978096a914676dfbe7bec6edd927362f656ce1de86229bc511cfec4cda77a1e761e7ab8664e4df08cb820ebdb604c2cdbb0":"dcd5575d94fffc647d4c081e3ce03928651419a32ada2af02de2f58d68fa98eb1fd5ef671875719a9c65b9ecc69513408a79a0a5d57cabd04f8e651f5b8fc1ff42ce58d8a212ac2bcb83c5c53c542c282553a62b4e3d7d4f049ab13172739a0f46e0a2fd9aec54eb0c84141c6b341783754372df69d39e48cc24eb3d9ddb21a9":96:"4a7ac79db94b27469b92343a":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce15e61edd9320ceacbf3984d87c707159caa738e7e76285be00b5a95954b523":"8af4a7d92441ce931815fa4e24d69f66256fec7e62f79a029b684b5db304a46b2a3d3a7ee8d6b7ae38caa7de526d5c0f28dc65a0913a383b7ee1640cbe24997ba95b9b12fa1e9ce9f9100d883c16b6286dce17e381af15113f56197c97fe6b45be00a3df05045f476829d7b303211ac97cf989a18c16e27fbf23570d9d18f04b":"b1269c8495ea1469ff41d8154ae6765e":"0ad26a08a5cc2ec825347d7ffd5aac795eb68aa7e22970d991c863fa6d1fa720137aa5cde4e382625a0038e6ed72da3b5003c1b2a953c2b2138e0cf870cca4afb595c0451aa793fb0a2bc43834a0aca1e760590cca765ad672ead975993f82ae6765c5afbddc6062d7c4babebf650ab097db1a1d9a2a99e8fd2e0eb8a7b916f6":"ad0ab4e77257866e4a57cf44fa4049428e56a6e8b8fd47b4cd00bfce84fa8f5a43f1df2061b0a37311b4a1436bad0d61d52ced5e262ed41a7eb125d61cec2e3fbaa95e533b43f318048096ebc8466f0cd609bb5e7c3fc6e5701aace546618a170f88c0b7ed76b63759ca4e4b931a86ac379dd12ad2cba7d47a19a3ae7c242fb0":96:"fb1e988f9c97358a17e35e6f":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aef24b8205d4085d978505f04724293c2819ef9f3f03a6c758078690fc4bf7c8":"db26453170db2f984312e0cf961d1a7df1154f0525c31f166be5c9f516736501f9f2dd8096a69b6441888ce27aaceacb0b365a38e4e01e2e34027c023206e814f22d46fd2fa69f87509ddced4b8852a76b2532b92f069b8c922ac13b2b7f19cb7c524657a4ee6e989cf2598bef674aa31576776853fb7f9a2704d6b3ee7fbcbb":"81456baa337c3dfd162d9c5f72a2e216":"484a5f4772643cf74ccdced0e5d80862f9300f26ae3139968649d3d7bb761b313f2ba63798b2040d397c3d1569285fee8498fd9254851c15b98af5bd351fa72e7d574c62ede0d728e1279e8b4e4784fd63ea7851e99d1d2356bcbf868528f8d0a90fc3b884ece631648d916ec97abadca1b0dd7670e6ad42245021570582ec7c":"da95c61cd2bb88fea78c059c254d2b949d4fc291c73ac178ace44c1e6a339f64931c857d3a7cb276a04993620adb6918dfd3f9083edad384a8e6c1d4799d526a1c969d8deb0e2667d6d06f559baf914b49fc463244528aa6522d19699065438d939521d7d7bb149835298f2054bcaae6d786f6dde133b640697a3d37c697579a":96:"bc1c1cbcad2e1a66ace079a2":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9685aea9aaebbd691e679779034729306d5887bee4c1f90f6ee3a397a0ff3ece":"ae3b2fa1e209f72c167eb16bc15b7669b87d4ab516e428157810b87a83e90d56e267bd4996522b5b22c2a349d3765ca27ea27057dd71f7c18ddd053033bd780b6cb689f48c383e9c717b9b265cb9e32c70c4a7d8fb933e986d996b5ad914cd645b74c47ac3a0de952ee3fc73ada83d896da7ca0b2a0b10e4f701fa13cba9ec50":"b1bc140531ae8c69e2ffc784e0988038":"294ff858fa6efc82ca3be4d05332bbb951a71a7ddfa4b78472e1582b445312eec11793d8d6e1e858d9cb078b5fc9083ac8a3e3bd82964cb07c08450567922299f68fd47663c7a77c29f2b5347f229301433d5a75263158a0d80095859e7e45476b99b23412046bfbe4eafff9f7820ba49919d2c987cf00c286c784e7669d8fe8":"6575128b576e68f7b3709e325b3d616783b42ff7f7631eb62b90cb0c8a86bd324756f43af53c33cbdaf9cf64ea94cf1b7fab5003f00c1d07f3fc8eb1931d759f9c43477ba22311a111488092c42b7786facf42b861a824cd1bcdc603a77d11253f15206a929a3e16e8737d080b8e5f0da8896226989a9964d72e491187250472":64:"f78c4dd37c06b197":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3adf0da24394a98c7beae01d28f261a9cbd887aeeecc0c29e84540264d5a6bad":"8cf023d717b0f82f2b81750b53fb665c1c90f4740af4a3534b36b847df33ba5eec19eb24ead70a4b613a82572878216181d59b0c4c4df99be08d021cf182724d8ff5ec4e85884d0f69c16238fbbdbc5529ffcc4e418405e4e95139f79d3115a1ac56820cd39fc413ab72f7d447f947cb0541fc2be261f1246c0a786199013b22":"ad41288817577316df2d881ac93fcdef":"ad33ce922372fbe3531c0dece69f85f18eb1bbfb09a178403832308de0e54b1010db2636c4b7d9caa478138f61db5149c9fd7f3b45b7a1876729fe67622a37f0b322ef9cf6043b301a5d4c81e6f347d22bd3e40722059d3be945845c6b0629fbcfcaf885c7f393aa81f242c48c61a439574761ef6b671972cac664403250750e":"9d465e9c4228323946b1261892243d8455edb9eb8633d026d4033fa3965d20730979ba6952c0f6f2c5768f03c19256b64bc759d2e7b92424bbc668308504ba34384c2bb37baaf91a3a4f0952a050a3d69853141b49e86eda3bf0c4db4ebcd1c41e7f13eca20bf574a47ec45b8c98def17c0741805bf8f37923ba2b5221428578":64:"507618cec6d03964":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ef64b4132db54668568e2ae66ab61f62a820c7002a67a7e42006280a373feba":"4b96dce753273188c4cca3386a7415d5d9263757376e1f32797df47992e92e1bc0ab0833363b3acffde22602d4e47307bc8f252944414a15e1398693fd3b8bf4d8101cdcf70ce2c9de8cb7f5bb17cd83f09b1bc78ba07c34b9214e250c5940e9794199cb392309027d5ab4f32b51c533db6732024bd412f2cb0c5178d5296aa5":"07a86dbe2cce040eccdad79b3d211ecc":"af7a75748ee293015b600ca82ccc7718f4ecc20c3a2357ee02fb726330a0d79ca8bb97979bc0c89f4c60d7154f8bd29ba6ec5f2f4be286ea8a258cf6bd39b4f42d6db8e70c99ec3af26bb4d8003dc6fd0fdfbbc620d511d4d5f09ddf975a1663ac2979ae0978b0bc1e7bfcd660ae4ac7f1a8f6d8ee35752ed59a604f07dfda53":"e3e862146b6fb48b01ababc462dd560298eea7bfe5f3248e28a908d1de08c7e91fcf63922c394e7a51b64f4382225093e78598c050e588ff4ad38f3e83dc07b77ce569c6ab8f8a9cb0056b3155aa1503cebeb64c86d6d9cdbb178ea9a01a8ba33a1c48beb92ee4cf60e7dedf986019e19089cd186c98c229b0ff42c9e1aca571":64:"8614c216055c0660":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f14ac79f35bc5a685433eea5bb7fd69fc959aabda24cbd8b7795fb2e41f90ab0":"8a20da14819079960b77ed5e548d0aa0bdcffb752817c1abe4195e612cfbb58c8e5a8af69f75bad10ee8afdf0b0d5c46c4dc11c32bff16d5e7e82e77fd80e475c6a5a0be36718af232697ab22314306b8ee32484b3461da657710c06170e80a6a8844f898c2be29366c8430f2392d100ffd419603cbce406dc7315577e6e9ee2":"353e1d08edce44c966430513cb7a0383":"cb1dde4ff5a6867038c170192fc2d292f5bb349d5b9a903cf3d88c09ce78fb1f4a776ff7588a25abb5e5f6a44791d7296afef3f32ed31db1def37dd25be0570a204955121f9c65b79a3ea88fc452dbcb82719243c11bc27e3408adf802b6e8b4e701ee4e9dfd140cb3277bf605bd5fb757d2325f7805fc6f0d1ea5a6207fac5f":"49b5e4ea0421034c074cde67dd39a0310c3f31e8138672ba2ecc0777be542f1c6529836d5206b79dac83d96aab56787a35c584b31228f007f11630328c3f40a57be37487689ee5babb576e7d14ff0f1f1ba6e4be11637352a4336327681058b99df2e44f9772de4e0e456d2e34dec5eeb335b238e862841d166e0612cc0f18f3":32:"88aed643":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b55ac909e73989e310ae37d13c54bbd5a126f419a3b01a2ad8961d89bd247f81":"8a663e8b21a027c4a9545d145d42d9c67b4fcd5d0e39aa68822aedbd609e2c681f60e6315035321de739858b2b082bc05551fe9b8456c2e89c6151282c6068b915eae5762e4d6d765d667de58a315e061b3d60035ada50f59258eb6e2a1cd6b52eea7eb9d404fd96e71f19feff65b74a4b4f07061adf7c1b0e54e2ece7a2cd49":"9328abab0d3f63c75ddafd8559d96b4f":"cbae20aa1996abb62471aac91cd78080953fbe3b165d4c9435832ef1106e7e3424db8850f44a431c289ab4f2bbbea9e5c0c7aaf2e8de69c0ced176283662cadd280d8fda0c859551f0f90893ca57695c95803a1546826922ac78703d7ccae285b7ccd4bbab551756cccc6869dcf34b6af8d8b80c25c6fb1d2caa7f28161fb854":"457e13ff4eeaaae75d14bbf1bff91706c3168b9b146aed29dbe31b12ad90c1c158833be95701229ac6e4a13997e0a2d961d4a0021c4d8920ec54a9a935e5ea73b17e8fa60559df76bd07d966dfa7d86d1a77a313228b2ae7f66b5b696726c02af2c808bf75e0b9591a220e762f57c680ca68f20b2b5413b07731bbd49de039bf":32:"5de0434a":0 -AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 +AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] depends_on:MBEDTLS_AES_C gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1477e189fb3546efac5cc144f25e132ffd0081be76e912e25cbce7ad63f1c2c4":"7bd3ea956f4b938ebe83ef9a75ddbda16717e924dd4e45202560bf5f0cffbffcdd23be3ae08ff30503d698ed08568ff6b3f6b9fdc9ea79c8e53a838cc8566a8b52ce7c21b2b067e778925a066c970a6c37b8a6cfc53145f24bf698c352078a7f0409b53196e00c619237454c190b970842bb6629c0def7f166d19565127cbce0":"c109f35893aff139db8ed51c85fee237":"8f7f9f71a4b2bb0aaf55fced4eb43c57415526162070919b5f8c08904942181820d5847dfd54d9ba707c5e893a888d5a38d0130f7f52c1f638b0119cf7bc5f2b68f51ff5168802e561dff2cf9c5310011c809eba002b2fa348718e8a5cb732056273cc7d01cce5f5837ab0b09b6c4c5321a7f30a3a3cd21f29da79fce3f3728b":"7841e3d78746f07e5614233df7175931e3c257e09ebd7b78545fae484d835ffe3db3825d3aa1e5cc1541fe6cac90769dc5aaeded0c148b5b4f397990eb34b39ee7881804e5a66ccc8d4afe907948780c4e646cc26479e1da874394cb3537a8f303e0aa13bd3cc36f6cc40438bcd41ef8b6a1cdee425175dcd17ee62611d09b02":32:"cb13ce59":0 diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data index 64bce03b3..81cd62c3c 100644 --- a/tests/suites/test_suite_hmac_drbg.misc.data +++ b/tests/suites/test_suite_hmac_drbg.misc.data @@ -18,43 +18,43 @@ HMAC_DRBG entropy usage SHA-512 depends_on:MBEDTLS_SHA512_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA512 -HMAC_DRBG write/update seed file SHA-1 +HMAC_DRBG write/update seed file SHA-1 [#1] depends_on:MBEDTLS_SHA1_C hmac_drbg_seed_file:MBEDTLS_MD_SHA1:"data_files/hmac_drbg_seed":0 -HMAC_DRBG write/update seed file SHA-1 +HMAC_DRBG write/update seed file SHA-1 [#2] depends_on:MBEDTLS_SHA1_C hmac_drbg_seed_file:MBEDTLS_MD_SHA1:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -HMAC_DRBG write/update seed file SHA-224 +HMAC_DRBG write/update seed file SHA-224 [#1] depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"data_files/hmac_drbg_seed":0 -HMAC_DRBG write/update seed file SHA-224 +HMAC_DRBG write/update seed file SHA-224 [#2] depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -HMAC_DRBG write/update seed file SHA-256 +HMAC_DRBG write/update seed file SHA-256 [#1] depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"data_files/hmac_drbg_seed":0 -HMAC_DRBG write/update seed file SHA-256 +HMAC_DRBG write/update seed file SHA-256 [#2] depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -HMAC_DRBG write/update seed file SHA-384 +HMAC_DRBG write/update seed file SHA-384 [#1] depends_on:MBEDTLS_SHA512_C hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"data_files/hmac_drbg_seed":0 -HMAC_DRBG write/update seed file SHA-384 +HMAC_DRBG write/update seed file SHA-384 [#2] depends_on:MBEDTLS_SHA512_C hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -HMAC_DRBG write/update seed file SHA-512 +HMAC_DRBG write/update seed file SHA-512 [#1] depends_on:MBEDTLS_SHA512_C hmac_drbg_seed_file:MBEDTLS_MD_SHA512:"data_files/hmac_drbg_seed":0 -HMAC_DRBG write/update seed file SHA-512 +HMAC_DRBG write/update seed file SHA-512 [#2] depends_on:MBEDTLS_SHA512_C hmac_drbg_seed_file:MBEDTLS_MD_SHA512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index abd8e55d9..6cbdb4596 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -649,11 +649,11 @@ generic HMAC-SHA-384 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C mbedtls_md_hmac:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" -generic HMAC-SHA-384 Test Vector NIST CAVS #5 +generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] depends_on:MBEDTLS_SHA512_C mbedtls_md_hmac:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" -generic HMAC-SHA-384 Test Vector NIST CAVS #5 +generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] depends_on:MBEDTLS_SHA512_C mbedtls_md_hmac:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" @@ -793,11 +793,11 @@ generic multi step HMAC-SHA-384 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C md_hmac_multi:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" -generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 +generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] depends_on:MBEDTLS_SHA512_C md_hmac_multi:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" -generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 +generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] depends_on:MBEDTLS_SHA512_C md_hmac_multi:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 3eebcffe7..f8ee09c05 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -16,13 +16,13 @@ mpi_read_write_string:10:"128":16:"80":100:0:0 Base test mpi_read_write_string #3 (Read zero) mpi_read_write_string:10:"0":10:"0":100:0:0 -Base test mpi_read_write_string #3 (Negative decimal) +Base test mpi_read_write_string #3 (Negative decimal) [#1] mpi_read_write_string:10:"-23":10:"-23":100:0:0 Base test mpi_read_write_string #3 (Negative hex) mpi_read_write_string:16:"-20":10:"-32":100:0:0 -Base test mpi_read_write_string #3 (Negative decimal) +Base test mpi_read_write_string #3 (Negative decimal) [#2] mpi_read_write_string:16:"-23":16:"-23":100:0:0 Base test mpi_read_write_string #4 (Buffer just fits) @@ -295,10 +295,10 @@ mpi_add_abs_add_first:10:"123123":10:"123123":10:"246246" Test mbedtls_mpi_add_abs #3 (add to second value) mpi_add_abs_add_second:10:"123123":10:"123123":10:"246246" -Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) +Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#1] mbedtls_mpi_add_abs:16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"08":16:"1000000000000000000000000000000" -Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) +Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#2] mbedtls_mpi_add_abs:16:"08":16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"1000000000000000000000000000000" Base test mbedtls_mpi_add_mpi #1 @@ -406,10 +406,10 @@ mbedtls_mpi_shift_r:10:"128":1:10:"64" Test mbedtls_mpi_shift_r #2 mbedtls_mpi_shift_r:10:"120815570979701484704906977000760567182871429114712069861589084706550626575967516787438008593490722779337547394120718248995900363209947025063336882559539208430319216688889117222633155838468458047056355241515415159736436403445579777425189969":45:10:"3433785053053426415343295076376096153094051405637175942660777670498379921354157795219578264137985649407981651226029903483433269093721578004287291678324982297860947730012217028349628999378309630601971640587504883789518896817457" -Test mbedtls_mpi_shift_r #4 +Test mbedtls_mpi_shift_r #4 [#1] mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":63:16:"01" -Test mbedtls_mpi_shift_r #4 +Test mbedtls_mpi_shift_r #4 [#2] mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":64:16:"00" Test mbedtls_mpi_shift_r #6 @@ -541,10 +541,10 @@ mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_I Test mbedtls_mpi_exp_mod #1 mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0 -Test mbedtls_mpi_exp_mod (Negative base) +Test mbedtls_mpi_exp_mod (Negative base) [#1] mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"":10:"1":0 -Test mbedtls_mpi_exp_mod (Negative base) +Test mbedtls_mpi_exp_mod (Negative base) [#2] mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0 Base test GCD #1 @@ -633,11 +633,11 @@ Test mbedtls_mpi_is_prime #4 depends_on:MBEDTLS_GENPRIME mbedtls_mpi_is_prime:10:"195845982777569926302400511":0 -Test mbedtls_mpi_is_prime #5 +Test mbedtls_mpi_is_prime #5 [#1] depends_on:MBEDTLS_GENPRIME mbedtls_mpi_is_prime:10:"4776913109852041418248056622882488319":0 -Test mbedtls_mpi_is_prime #5 +Test mbedtls_mpi_is_prime #5 [#2] depends_on:MBEDTLS_GENPRIME mbedtls_mpi_is_prime:10:"768614336404564651":0 diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data index 446255857..d0178b612 100644 --- a/tests/suites/test_suite_nist_kw.data +++ b/tests/suites/test_suite_nist_kw.data @@ -474,10 +474,10 @@ KW AES-256 unwrap rfc 3394 depends_on:MBEDTLS_AES_C mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1":"00112233445566778899AABBCCDDEEFF0001020304050607":0 -KWP AES-192 wrap rfc 5649 +KWP AES-192 wrap rfc 5649 [#1] depends_on:MBEDTLS_AES_C mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"c37b7e6492584340bed12207808941155068f738":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a" -KWP AES-192 wrap rfc 5649 +KWP AES-192 wrap rfc 5649 [#2] depends_on:MBEDTLS_AES_C mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"466f7250617369":"afbeb0f07dfbf5419200f2ccb50bb24f" diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a80e3e4d9..448483d5c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1148,23 +1148,23 @@ PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f" -PSA symmetric encryption multipart: AES-CTR, 11+5 bytes +PSA symmetric encryption multipart: AES-CTR, 11+5 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" -PSA symmetric encryption multipart: AES-CTR, 16+16 bytes +PSA symmetric encryption multipart: AES-CTR, 16+16 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" -PSA symmetric encryption multipart: AES-CTR, 12+20 bytes +PSA symmetric encryption multipart: AES-CTR, 12+20 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" -PSA symmetric encryption multipart: AES-CTR, 20+12 bytes +PSA symmetric encryption multipart: AES-CTR, 20+12 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" -PSA symmetric encryption multipart: AES-CTR, 12+10 bytes +PSA symmetric encryption multipart: AES-CTR, 12+10 bytes [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" @@ -1208,23 +1208,23 @@ PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef" -PSA symmetric encryption multipart: AES-CTR, 11+5 bytes +PSA symmetric encryption multipart: AES-CTR, 11+5 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32" -PSA symmetric encryption multipart: AES-CTR, 16+16 bytes +PSA symmetric encryption multipart: AES-CTR, 16+16 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" -PSA symmetric encryption multipart: AES-CTR, 12+20 bytes +PSA symmetric encryption multipart: AES-CTR, 12+20 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" -PSA symmetric encryption multipart: AES-CTR, 20+12 bytes +PSA symmetric encryption multipart: AES-CTR, 20+12 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587" -PSA symmetric encryption multipart: AES-CTR, 12+10 bytes +PSA symmetric encryption multipart: AES-CTR, 12+10 bytes [#2] depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b" @@ -1815,15 +1815,15 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d3 Crypto derivation operation object initializers zero properly key_derivation_init: -PSA key derivation: HKDF-SHA-256, good case +PSA key derivation: HKDF-SHA-256, good case [#1] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key derivation: HKDF-SHA-512, good case +PSA key derivation: HKDF-SHA-512, good case [#1] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS -PSA key derivation: TLS 1.2 PRF SHA-256, good case +PSA key derivation: TLS 1.2 PRF SHA-256, good case [#1] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS @@ -1831,19 +1831,19 @@ PSA key derivation: not a key derivation algorithm (HMAC) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: unsupported key derivation algorithm +PSA key derivation: unsupported key derivation algorithm [#1] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup::PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED -PSA key derivation: unsupported key derivation algorithm +PSA key derivation: unsupported key derivation algorithm [#2] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED -PSA key derivation: HKDF-SHA-256, good case +PSA key derivation: HKDF-SHA-256, good case [#2] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS -PSA key derivation: HKDF-SHA-512, good case +PSA key derivation: HKDF-SHA-512, good case [#2] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS @@ -1851,7 +1851,7 @@ PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS -PSA key derivation: TLS 1.2 PRF SHA-256, good case +PSA key derivation: TLS 1.2 PRF SHA-256, good case [#2] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index f5d5a33d9..e989895d2 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -210,7 +210,7 @@ Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256 depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA | ALG_IS_HASH_AND_SIGN -Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 +Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 [#1] depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN @@ -222,7 +222,7 @@ Asymmetric signature: SHA-256 + randomized ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN -Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 +Asymmetric signature: SHA-256 + deterministic DSA using SHA-256 [#2] depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN @@ -238,7 +238,7 @@ Asymmetric signature: randomized DSA with wildcard hash depends_on:MBEDTLS_DSA_C asymmetric_signature_wildcard:PSA_ALG_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA -Asymmetric signature: deterministic DSA with wildcard hash +Asymmetric signature: deterministic DSA with wildcard hash [#1] depends_on:MBEDTLS_DSA_C:MBEDTLS_DSA_DETERMINISTIC asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC @@ -246,7 +246,7 @@ Asymmetric signature: randomized ECDSA with wildcard hash depends_on:MBEDTLS_ECDSA_C asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA -Asymmetric signature: deterministic DSA with wildcard hash +Asymmetric signature: deterministic DSA with wildcard hash [#2] depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 3f40d35c7..64b683ff1 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -69,7 +69,7 @@ import/export persistent key RSA keypair file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1 -PSA import/export-persistent symmetric key: 16 bytes +PSA import/export-persistent symmetric key: 16 bytes [#1] depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0 @@ -98,6 +98,6 @@ import/export persistent key RSA keypair file not exist with restart: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1 -PSA import/export-persistent symmetric key: 16 bytes +PSA import/export-persistent symmetric key: 16 bytes [#2] depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0 From 7e88e13d943eb7409439dee44391276677a65a11 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 20 Sep 2019 16:01:59 +0200 Subject: [PATCH 1831/2197] Test data: replace "::" by ":" The current test generator code accepts multiple colons as a separator, but this is just happenstance due to how the code, it isn't robust. Replace "::" by ":", which is more future-proof and allows simple separator-based navigation. --- tests/suites/test_suite_cipher.nist_kw.data | 56 ++++++++++----------- tests/suites/test_suite_psa_crypto.data | 6 +-- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/tests/suites/test_suite_cipher.nist_kw.data b/tests/suites/test_suite_cipher.nist_kw.data index 7825458c9..24204aa10 100644 --- a/tests/suites/test_suite_cipher.nist_kw.data +++ b/tests/suites/test_suite_cipher.nist_kw.data @@ -32,115 +32,115 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338 KWP AES-128 1 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"A9D2D4394815D53F2799ABD7E51D2C8B":"":"":"00":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"A9D2D4394815D53F2799ABD7E51D2C8B":"":"":"00":0 KWP AES-128 2 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"36D0CA197F638BF478D022C7E543B699":"":"":"0001":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"36D0CA197F638BF478D022C7E543B699":"":"":"0001":0 KWP AES-128 3 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"DAB4EE2853E1C44C5E553E644143902B":"":"":"000102":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"DAB4EE2853E1C44C5E553E644143902B":"":"":"000102":0 KWP AES-128 4 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"446C037F831092B147C372616357BF7D":"":"":"00010203":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"446C037F831092B147C372616357BF7D":"":"":"00010203":0 KWP AES-128 5 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"9ED0AF6457B82E0DDADBD2240A303D74":"":"":"0001020304":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"9ED0AF6457B82E0DDADBD2240A303D74":"":"":"0001020304":0 KWP AES-128 6 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"D863A8CE0DF301A564945259B4F74E7D":"":"":"000102030405":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"D863A8CE0DF301A564945259B4F74E7D":"":"":"000102030405":0 KWP AES-128 7 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"E8387E5456242B0C30BE77FC1FF0C1FD":"":"":"00010203040506":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"E8387E5456242B0C30BE77FC1FF0C1FD":"":"":"00010203040506":0 KWP AES-128 8 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"01FF4C430CDF3D2D815B0972B23D7C35":"":"":"0001020304050607":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"01FF4C430CDF3D2D815B0972B23D7C35":"":"":"0001020304050607":0 KWP AES-128 9 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"C06E2163E0CC845B348E012AC9413DEEE40C8C3B030A3681":"":"":"000102030405060708":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"C06E2163E0CC845B348E012AC9413DEEE40C8C3B030A3681":"":"":"000102030405060708":0 KWP AES-128 10 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"3DFD2F643C38B07E121C77C2CA0EF82DA742B0989B6D848E":"":"":"00010203040506070809":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"3DFD2F643C38B07E121C77C2CA0EF82DA742B0989B6D848E":"":"":"00010203040506070809":0 KWP AES-128 11 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"AFAEF390634E21E754FD09F55A4EDD918A1D23ECA9B76F2B":"":"":"000102030405060708090A":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"AFAEF390634E21E754FD09F55A4EDD918A1D23ECA9B76F2B":"":"":"000102030405060708090A":0 KWP AES-128 12 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"A42D14C830F64F0A73570BFA7FDF8DDDD5E3AD3065A09FB0":"":"":"000102030405060708090A0B":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"A42D14C830F64F0A73570BFA7FDF8DDDD5E3AD3065A09FB0":"":"":"000102030405060708090A0B":0 KWP AES-128 13 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"83F23527625FC643942279D090C1B61D10FC978B54D778CD":"":"":"000102030405060708090A0B0C":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"83F23527625FC643942279D090C1B61D10FC978B54D778CD":"":"":"000102030405060708090A0B0C":0 KWP AES-128 14 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"E073C30E0DAC595F9FD28A0CB9E53945B26D1E1DE4E66D04":"":"":"000102030405060708090A0B0C0D":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"E073C30E0DAC595F9FD28A0CB9E53945B26D1E1DE4E66D04":"":"":"000102030405060708090A0B0C0D":0 KWP AES-128 15 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"64E3C2F7E0F7CB297C6B8C4CAF665F9F0A3F7082D2522635":"":"":"000102030405060708090A0B0C0D0E":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"64E3C2F7E0F7CB297C6B8C4CAF665F9F0A3F7082D2522635":"":"":"000102030405060708090A0B0C0D0E":0 KWP AES-128 16 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"8F5982C7D265A0A40FC81D2326429A0A65BCD1368F0E16CB":"":"":"000102030405060708090A0B0C0D0E0F":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"8F5982C7D265A0A40FC81D2326429A0A65BCD1368F0E16CB":"":"":"000102030405060708090A0B0C0D0E0F":0 KWP AES-128 17 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"E29EC6664BCBA00986DD9845F8C4B26472BFDDF98522E537B5D23D5D2A8D02C5":"":"":"000102030405060708090A0B0C0D0E0F10":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"E29EC6664BCBA00986DD9845F8C4B26472BFDDF98522E537B5D23D5D2A8D02C5":"":"":"000102030405060708090A0B0C0D0E0F10":0 KWP AES-128 18 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"9451ABCA0B9756A183F8C9ADA834E1AD2400B693C33624E59F26C35AC1586E2B":"":"":"000102030405060708090A0B0C0D0E0F1011":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"9451ABCA0B9756A183F8C9ADA834E1AD2400B693C33624E59F26C35AC1586E2B":"":"":"000102030405060708090A0B0C0D0E0F1011":0 KWP AES-128 19 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"F03CB49A65FD3EF8FC83C52F029A3D73667D5B84DB429C38436619ED8320D12E":"":"":"000102030405060708090A0B0C0D0E0F101112":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"F03CB49A65FD3EF8FC83C52F029A3D73667D5B84DB429C38436619ED8320D12E":"":"":"000102030405060708090A0B0C0D0E0F101112":0 KWP AES-128 20 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"759524B855037849812D62979A18F24D3E672C2663DEA9204BA5A639FB7DB292":"":"":"000102030405060708090A0B0C0D0E0F10111213":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"759524B855037849812D62979A18F24D3E672C2663DEA9204BA5A639FB7DB292":"":"":"000102030405060708090A0B0C0D0E0F10111213":0 KWP AES-128 21 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"F352B8228FBFA0769C2E3858D7451FA603E9B751CFE780ED0F93C850C7870259":"":"":"000102030405060708090A0B0C0D0E0F1011121314":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"F352B8228FBFA0769C2E3858D7451FA603E9B751CFE780ED0F93C850C7870259":"":"":"000102030405060708090A0B0C0D0E0F1011121314":0 KWP AES-128 22 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"3491F4C8D916A1BC3824D1478EC746BE8C837415017ED52A1ABC30FB14DDE825":"":"":"000102030405060708090A0B0C0D0E0F101112131415":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"3491F4C8D916A1BC3824D1478EC746BE8C837415017ED52A1ABC30FB14DDE825":"":"":"000102030405060708090A0B0C0D0E0F101112131415":0 KWP AES-128 23 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"0E6E35C5B9D706C2FF2C4C6CFCF254849879D6C1CB577E0A73BB12CBC7AC9740":"":"":"000102030405060708090A0B0C0D0E0F10111213141516":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"0E6E35C5B9D706C2FF2C4C6CFCF254849879D6C1CB577E0A73BB12CBC7AC9740":"":"":"000102030405060708090A0B0C0D0E0F10111213141516":0 KWP AES-128 24 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"E7DB580663B113B57489E1107F2DCAF7CF80629E7CE1839E1ED044ECD0299E79":"":"":"000102030405060708090A0B0C0D0E0F1011121314151617":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"E7DB580663B113B57489E1107F2DCAF7CF80629E7CE1839E1ED044ECD0299E79":"":"":"000102030405060708090A0B0C0D0E0F1011121314151617":0 KWP AES-128 25 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"883500DB91747BAD8C5E122ED2338F3BCB6B43064F5DA9D1303E165815EC8CC4C5BFD31AEAE1B6A3":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"883500DB91747BAD8C5E122ED2338F3BCB6B43064F5DA9D1303E165815EC8CC4C5BFD31AEAE1B6A3":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718":0 KWP AES-128 26 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"24099AAAD4F19BF614ECC35DA9E3646F73AAFAA9C46975D4B56D72A332AF7EC4850B8294D94B7E1A":"":"":"000102030405060708090A0B0C0D0E0F10111213141516171819":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"24099AAAD4F19BF614ECC35DA9E3646F73AAFAA9C46975D4B56D72A332AF7EC4850B8294D94B7E1A":"":"":"000102030405060708090A0B0C0D0E0F10111213141516171819":0 KWP AES-128 27 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"C24F8CCE3425AC9638145A0DAC28B59368583FF3A7AAD85FBE1AEAAB5D23C0B128A1F9BC575B785A":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718191A":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"C24F8CCE3425AC9638145A0DAC28B59368583FF3A7AAD85FBE1AEAAB5D23C0B128A1F9BC575B785A":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718191A":0 KWP AES-128 28 byte input depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C -auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000"::"":"":"EFD0BC7612331A98F2D68F86E606717197BF57E35114234C675D40E9462ACF00DE7860C0F38677F7":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B":0 +auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"00000000000000000000000000000000":"":"":"EFD0BC7612331A98F2D68F86E606717197BF57E35114234C675D40E9462ACF00DE7860C0F38677F7":"":"":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B":0 KW AES-128 wrap CAVS 17.4 COUNT 0 PLEN 16 [#1] depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 448483d5c..1f3c1361d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -690,11 +690,11 @@ copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4 Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH::PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)::PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: @@ -1833,7 +1833,7 @@ derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation: unsupported key derivation algorithm [#1] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_setup::PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED +derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED PSA key derivation: unsupported key derivation algorithm [#2] depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C From 21e7145f46985cd653cc005b8d771bf61c5d5610 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Fri, 20 Sep 2019 16:01:11 +0100 Subject: [PATCH 1832/2197] Insert doxygen comments on old algorithms so they appear in PSA documentation --- include/psa/crypto_values.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index fc0f9637f..310c43433 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -665,11 +665,15 @@ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) - +/** MD2 */ #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) +/** MD4 */ #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) +/** MD5 */ #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) +/** PSA_ALG_RIPEMD160 */ #define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004) +/** SHA1 */ #define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005) /** SHA2-224 */ #define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008) From 583afe47cc3f5aefc54509c2aeba75c098b72cc5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Sep 2019 18:18:58 +0200 Subject: [PATCH 1833/2197] Add a calloc self-test Add a very basic test of calloc to the selftest program. The selftest program acts in its capacity as a platform compatibility checker rather than in its capacity as a test of the library. The main objective is to report whether calloc returns NULL for a size of 0. Also observe whether a free/alloc sequence returns the address that was just freed and whether a size overflow is properly detected. --- programs/test/selftest.c | 83 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 638ef7038..bde1163c6 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -65,6 +65,8 @@ #else #include #include +#define mbedtls_calloc calloc +#define mbedtls_free free #define mbedtls_printf printf #define mbedtls_snprintf snprintf #define mbedtls_exit exit @@ -77,6 +79,86 @@ #endif +#if defined MBEDTLS_SELF_TEST +/* Sanity check for malloc. This is not expected to fail, and is rather + * intended to display potentially useful information about the platform, + * in particular the behavior of malloc(0). */ +static int calloc_self_test( int verbose ) +{ + int failures = 0; + void *empty1 = mbedtls_calloc( 0, 1 ); + void *empty2 = mbedtls_calloc( 0, 1 ); + void *buffer1 = mbedtls_calloc( 1, 1 ); + void *buffer2 = mbedtls_calloc( 1, 1 ); + uintptr_t old_buffer1; + + if( empty1 == NULL && empty2 == NULL ) + { + if( verbose ) + mbedtls_printf( " CALLOC(0): passed (NULL)\n" ); + } + else if( empty1 == NULL || empty2 == NULL ) + { + if( verbose ) + mbedtls_printf( " CALLOC(0): failed (mix of NULL and non-NULL)\n" ); + ++failures; + } + else if( empty1 == empty2 ) + { + if( verbose ) + mbedtls_printf( " CALLOC(0): passed (same non-null)\n" ); + } + else + { + if( verbose ) + mbedtls_printf( " CALLOC(0): passed (distinct non-null)\n" ); + } + + if( buffer1 == NULL || buffer2 == NULL ) + { + if( verbose ) + mbedtls_printf( " CALLOC(1): failed (NULL)\n" ); + ++failures; + } + else if( buffer1 == buffer2 ) + { + if( verbose ) + mbedtls_printf( " CALLOC(1): failed (same buffer twice)\n" ); + ++failures; + } + else + { + if( verbose ) + mbedtls_printf( " CALLOC(1): passed\n" ); + } + + old_buffer1 = (uintptr_t) buffer1; + mbedtls_free( buffer1 ); + buffer1 = mbedtls_calloc( 1, 1 ); + if( buffer1 == NULL ) + { + if( verbose ) + mbedtls_printf( " CALLOC(1 again): failed (NULL)\n" ); + ++failures; + } + else + { + if( verbose ) + mbedtls_printf( " CALLOC(1 again): passed (%s address)\n", + (uintptr_t) old_buffer1 == (uintptr_t) buffer1 ? + "same" : "different" ); + } + + if( verbose ) + mbedtls_printf( "\n" ); + mbedtls_free( empty1 ); + mbedtls_free( empty2 ); + mbedtls_free( buffer1 ); + mbedtls_free( buffer2 ); + return( failures ); +} +#endif /* MBEDTLS_SELF_TEST */ + static int test_snprintf( size_t n, const char ref_buf[10], int ref_ret ) { int ret; @@ -173,6 +255,7 @@ typedef struct const selftest_t selftests[] = { + {"calloc", calloc_self_test}, #if defined(MBEDTLS_MD2_C) {"md2", mbedtls_md2_self_test}, #endif From 71657493f192f2d1333c51b0c74cd22e28a3f772 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Mon, 23 Sep 2019 19:15:54 -0400 Subject: [PATCH 1834/2197] Improve speed of PBKDF2 by caching the digest state of the passphrase --- library/pkcs5.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/library/pkcs5.c b/library/pkcs5.c index e7d805c2c..3d29fd7e5 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -243,13 +243,12 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA ); #endif + if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) + return( ret ); while( key_length ) { // U1 ends up in work // - if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 ) return( ret ); @@ -259,21 +258,24 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 ) return( ret ); + if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 ) + return( ret ); + memcpy( md1, work, md_size ); for( i = 1; i < iteration_count; i++ ) { // U2 ends up in md1 // - if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 ) return( ret ); if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 ) return( ret ); + if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 ) + return( ret ); + // U1 xor U2 // for( j = 0; j < md_size; j++ ) From 58e3f69dd35bd171526c393f3e7d3b67d8ea053d Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 21 Nov 2018 13:44:31 +0200 Subject: [PATCH 1835/2197] Reduce stack usage of test_suite_pk Reduce the stack usage of the `test_suite_pk` by reducing the size of the buffers used in the tests, to a reasonable big enough size. --- tests/suites/test_suite_pk.function | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 162cb5621..b34907522 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -664,7 +664,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, char * input_E, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; mbedtls_pk_restart_ctx *rs_ctx = NULL; @@ -679,7 +679,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, mbedtls_pk_init( &pk ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); rsa = mbedtls_pk_rsa( pk ); @@ -713,7 +713,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, data_t * result_str, int pk_type, int mgf1_hash_id, int salt_len, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; mbedtls_pk_rsassa_pss_options pss_opts; @@ -722,7 +722,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, mbedtls_pk_init( &pk ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); rsa = mbedtls_pk_rsa( pk ); @@ -976,7 +976,7 @@ void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N, char * input_N, int radix_E, char * input_E, data_t * result, int ret ) { - unsigned char output[1000]; + unsigned char output[300]; rnd_pseudo_info rnd_info; mbedtls_rsa_context *rsa; mbedtls_pk_context pk; @@ -1011,7 +1011,7 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P, int radix_N, char * input_N, int radix_E, char * input_E, data_t * clear, int ret ) { - unsigned char output[1000]; + unsigned char output[256]; rnd_pseudo_info rnd_info; mbedtls_mpi N, P, Q, E; mbedtls_rsa_context *rsa; @@ -1136,8 +1136,8 @@ void pk_rsa_alt( ) mbedtls_rsa_context raw; mbedtls_pk_context rsa, alt; mbedtls_pk_debug_item dbg_items[10]; - unsigned char hash[50], sig[1000]; - unsigned char msg[50], ciph[1000], test[1000]; + unsigned char hash[50], sig[64]; + unsigned char msg[50], ciph[64], test[50]; size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; From fdc15bd581a309a885d1b69b0ab8be5855fd3dcb Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:47:51 +0200 Subject: [PATCH 1836/2197] Reduce stack usage of test_suite_rsa Reduce the stack usage of the `test_suite_rsa` by reducing the size of the buffers used in the tests, to a reasonable big enough size, and change the data size to decrypt in the data file. --- tests/suites/test_suite_rsa.data | 4 +-- tests/suites/test_suite_rsa.function | 54 ++++++++++++++-------------- 2 files changed, 29 insertions(+), 29 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 20789e69f..3307849aa 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -272,7 +272,7 @@ mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V1 RSA PKCS1 Decrypt #1 (Verify) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 +mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 RSA PKCS1 Encrypt #2 (Data too large) depends_on:MBEDTLS_PKCS1_V15 @@ -280,7 +280,7 @@ mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c RSA PKCS1 Decrypt #2 (Data too small) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA PKCS1 Decrypt #4 (Output buffer too small) depends_on:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 89c84e8ca..d4acc2de2 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -472,8 +472,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, char * input_N, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char hash_result[1000]; - unsigned char output[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -482,8 +482,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -522,14 +522,14 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, char * input_N, int radix_E, char * input_E, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -557,7 +557,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, int radix_N, char * input_N, int radix_E, char * input_E, data_t * result_hex_str ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -566,7 +566,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -593,7 +593,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) { int res; - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output) ); res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, @@ -627,7 +627,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, char * input_N, int radix_E, char * input_E, data_t * result_str, int correct ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; @@ -688,7 +688,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; rnd_pseudo_info rnd_info; @@ -698,7 +698,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -729,14 +729,14 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -769,7 +769,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, int max_output, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[32]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -780,7 +780,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); @@ -815,7 +815,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, char * input_N, int radix_E, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, E; @@ -823,7 +823,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -847,7 +847,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result ); if( result == 0 ) { @@ -869,7 +869,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, char * input_E, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, P, Q, E; rnd_pseudo_info rnd_info; @@ -896,7 +896,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, /* repeat three times to test updating of blinding values */ for( i = 0; i < 3; i++ ) { - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info, message_str->x, output ) == result ); if( result == 0 ) @@ -913,7 +913,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info, message_str->x, output ) == result ); if( result == 0 ) @@ -1577,11 +1577,11 @@ void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, int successive ) { /* Exported buffers */ - unsigned char bufNe[1000]; - unsigned char bufPe[1000]; - unsigned char bufQe[1000]; - unsigned char bufDe[1000]; - unsigned char bufEe[1000]; + unsigned char bufNe[256]; + unsigned char bufPe[128]; + unsigned char bufQe[128]; + unsigned char bufDe[256]; + unsigned char bufEe[1]; mbedtls_rsa_context ctx; From 5b8f120fca43014fb2459d9e4e880310b04ccb8e Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:49:49 +0200 Subject: [PATCH 1837/2197] Reduce stack usage of test_suite_pkcs1_v21 Reduce the stack usage of the `test_suite_pkcs1_v21` by reducing the size of the buffers used in the tests, to a reasonable big enough size, and change the size sent to the API to sizeof output. --- tests/suites/test_suite_pkcs1_v21.function | 33 +++++++++++++--------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 180bc4ae3..7b8087b1c 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -14,7 +14,7 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[256]; mbedtls_rsa_context ctx; rnd_buf_info info; mbedtls_mpi N, E; @@ -24,7 +24,7 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -54,7 +54,7 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, char * seed, data_t * message_str, int result ) { - unsigned char output[1000]; + unsigned char output[64]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -66,7 +66,7 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -81,11 +81,16 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, if( result_hex_str->len == 0 ) { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, NULL, 0 ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, &output_len, + message_str->x, NULL, 0 ) == result ); } else { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, 1000 ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, &output_len, + message_str->x, output, + sizeof( output ) ) == result ); if( result == 0 ) { TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 ); @@ -106,8 +111,8 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char hash_result[1000]; - unsigned char output[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[256]; mbedtls_rsa_context ctx; rnd_buf_info info; mbedtls_mpi N, P, Q, E; @@ -119,8 +124,8 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); @@ -157,14 +162,14 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N, int hash, data_t * message_str, char * salt, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -194,14 +199,14 @@ void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N, data_t * result_str, int result_simple, int result_full ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; size_t hash_len; mbedtls_mpi N, E; mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); From 6fd1aa050e9c8e3e1d62d9196c9d451fd4925309 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 22 Nov 2018 15:56:06 +0200 Subject: [PATCH 1838/2197] Increase test suite timeout Increase the test suite timeouit from 180 seconds, to 800 seconds, since some tests consume more time, even if all tests are skipped. --- tests/suites/target_test.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index 91f719873..35b311c7c 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -368,7 +368,7 @@ int execute_tests( int args, const char ** argv ) void ** params = NULL; uint8_t * data = NULL, * p = NULL; - GREENTEA_SETUP( 180, "mbedtls_test" ); + GREENTEA_SETUP( 800, "mbedtls_test" ); greentea_send_kv( "GO", " " ); while ( 1 ) From 635888b2874e568784bf94d5c920b1ce9648090f Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 25 Nov 2018 15:54:52 +0200 Subject: [PATCH 1839/2197] Reduce stack usage of test_suite_pkcs1_v15 Reduce the stack usage of the `test_suite_pkcs1_v15` by reducing the size of the buffers used in the tests, to a reasonable big enough size. --- tests/suites/test_suite_pkcs1_v15.function | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 3ef4e2ce3..13fdf58f8 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -14,7 +14,7 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char output[1000]; + unsigned char output[128]; mbedtls_rsa_context ctx; rnd_buf_info info; mbedtls_mpi N, E; @@ -24,7 +24,7 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); @@ -54,7 +54,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, char * seed, data_t * message_str, int result ) { - unsigned char output[1000]; + unsigned char output[128]; mbedtls_rsa_context ctx; size_t output_len; rnd_pseudo_info rnd_info; @@ -65,7 +65,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( output, 0x00, 1000 ); + memset( output, 0x00, sizeof( output ) ); memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); @@ -253,8 +253,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, data_t * message_str, data_t * rnd_buf, data_t * result_hex_str, int result ) { - unsigned char hash_result[1000]; - unsigned char output[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; + unsigned char output[128]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; rnd_buf_info info; @@ -266,8 +266,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( hash_result, 0x00, 1000 ); - memset( output, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); + memset( output, 0x00, sizeof( output ) ); TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 ); @@ -303,14 +303,14 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, int hash, data_t * message_str, char * salt, data_t * result_str, int result ) { - unsigned char hash_result[1000]; + unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( hash_result, 0x00, 1000 ); + memset( hash_result, 0x00, sizeof( hash_result ) ); TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); From af7724e985da583a99101e716bb492529a50dbd6 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 9 Sep 2019 14:52:50 +0300 Subject: [PATCH 1840/2197] Fix endianity issue when reading uint32 The uint32 is given as a bigendian stream, in the tests, however, the char buffer that collected the stream read it as is, without converting it. Add a temporary buffer, to call `greentea_getc()` 8 times, and then put it in the correct endianity for input to `unhexify()`. --- tests/suites/target_test.function | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index 35b311c7c..4d03c3be5 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -75,7 +75,7 @@ uint8_t receive_byte() c[1] = greentea_getc(); c[2] = '\0'; - assert( unhexify( &byte, c ) != 2 ); + TEST_HELPER_ASSERT( unhexify( &byte, c ) != 2 ); return( byte ); } @@ -90,18 +90,19 @@ uint8_t receive_byte() uint32_t receive_uint32() { uint32_t value; - const uint8_t c[9] = { greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - '\0' - }; - assert( unhexify( &value, c ) != 8 ); - return( (uint32_t)value ); + uint8_t c_be[8] = { greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc() + }; + const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2], + c_be[3], c_be[0], c_be[1], '\0' }; + TEST_HELPER_ASSERT( unhexify( (uint8_t*)&value, c ) != 8 ); + return( value ); } /** From dd49cf984b720eb7c194198a5f154d73e257c2de Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Tue, 24 Sep 2019 13:11:49 +0100 Subject: [PATCH 1841/2197] Include vendor-defined algorithm macros Fixes ARMmbed/psa-crypto#264 --- include/psa/crypto_values.h | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index fc0f9637f..b3e094060 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -284,7 +284,7 @@ */ #define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) -/** Vendor-defined flag +/** Vendor-defined key type flag. * * Key types defined by this standard will never have the * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types @@ -301,7 +301,10 @@ #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) -/** Whether a key type is vendor-defined. */ +/** Whether a key type is vendor-defined. + * + * See also #PSA_KEY_TYPE_VENDOR_FLAG. + */ #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0) @@ -561,7 +564,15 @@ (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ 0) +/** Vendor-defined algorithm flag. + * + * Algorithms defined by this standard will never have the #PSA_ALG_VENDOR_FLAG + * bit set. Vendors who define additional algorithms must use an encoding with + * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure + * used by standard encodings whenever practical. + */ #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) + #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000) #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000) @@ -572,6 +583,10 @@ #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x20000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x30000000) +/** Whether an algorithm is vendor-defined. + * + * See also #PSA_ALG_VENDOR_FLAG. + */ #define PSA_ALG_IS_VENDOR_DEFINED(alg) \ (((alg) & PSA_ALG_VENDOR_FLAG) != 0) From c6f03ef6d4808e11a9e262e620085deace95f7e5 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Tue, 24 Sep 2019 13:19:49 +0100 Subject: [PATCH 1842/2197] Include IANA reference in the definition of ECC curves and DH groups Fixes ARMmbed/psa-crypto#262 --- include/psa/crypto_types.h | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index b6b61984b..f9811bdfe 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -65,10 +65,24 @@ typedef int32_t psa_status_t; */ typedef uint32_t psa_key_type_t; -/** The type of PSA elliptic curve identifiers. */ +/** The type of PSA elliptic curve identifiers. + * + * The encoding of curve identifiers is aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 8422 and RFC 7027. + */ typedef uint16_t psa_ecc_curve_t; -/** The type of PSA Diffie-Hellman group identifiers. */ +/** The type of PSA Diffie-Hellman group identifiers. + * + * The encoding of group identifiers is aligned with the + * TLS Supported Groups Registry (formerly known as the + * TLS EC Named Curve Registry) + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * The values are defined by RFC 7919. + */ typedef uint16_t psa_dh_group_t; /** \brief Encoding of a cryptographic algorithm. From 31b0a3c35118b12d57a03eff9545201cf70576d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Sep 2019 19:04:38 +0200 Subject: [PATCH 1843/2197] Add a test component with malloc(0) returning NULL Exercise the library functions with calloc returning NULL for a size of 0. Make this a separate job with UBSan (and ASan) to detect places where we try to dereference the result of calloc(0) or to do things like buf = calloc(size, 1); if (buf == NULL && size != 0) return INSUFFICIENT_MEMORY; memcpy(buf, source, size); which has undefined behavior when buf is NULL at the memcpy call even if size is 0. This is needed because other test components jobs either use the system malloc which returns non-NULL on Linux and FreeBSD, or the memory_buffer_alloc malloc which returns NULL but does not give as useful feedback with ASan (because the whole heap is a single C object). --- tests/configs/config-wrapper-malloc-0-null.h | 39 ++++++++++++++++++++ tests/scripts/all.sh | 15 ++++++++ 2 files changed, 54 insertions(+) create mode 100644 tests/configs/config-wrapper-malloc-0-null.h diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/config-wrapper-malloc-0-null.h new file mode 100644 index 000000000..ed74eda63 --- /dev/null +++ b/tests/configs/config-wrapper-malloc-0-null.h @@ -0,0 +1,39 @@ +/* config.h wrapper that forces calloc(0) to return NULL. + * Used for testing. + */ +/* + * Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_CONFIG_H +/* Don't #define MBEDTLS_CONFIG_H, let config.h do it. */ + +#include "mbedtls/config.h" + +#include +static inline void *custom_calloc( size_t nmemb, size_t size ) +{ + if( nmemb == 0 || size == 0 ) + return( NULL ); + return( calloc( nmemb, size ) ); +} + +#define MBEDTLS_PLATFORM_MEMORY +#define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e3a8c0e31..d4cb0111c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -822,6 +822,21 @@ component_test_platform_calloc_macro () { make test } +component_test_malloc_0_null () { + msg "build: malloc(0) returns NULL (ASan+UBSan build)" + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' -O -Werror -Wall -Wextra -fsanitize=address,undefined" LDFLAGS='-fsanitize=address,undefined' + + msg "test: malloc(0) returns NULL (ASan+UBSan build)" + make test + + msg "selftest: malloc(0) returns NULL (ASan+UBSan build)" + # Just the calloc selftest. "make test" ran the others as part of the + # test suites. + if_build_succeeded programs/test/selftest calloc +} + component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.pl set MBEDTLS_AES_FEWER_TABLES From 6ddb4d84341e739a9f245cca2168a1b16ae831da Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 18:37:19 +0200 Subject: [PATCH 1844/2197] Improve descriptions of derive test cases Systematically use "PSA key derivation setup" for derive_setup. This resolves the ambiguity between derive_setup and derive_input calls. --- tests/suites/test_suite_psa_crypto.data | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8fe4cd2f2..5866baed0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1864,35 +1864,35 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d3 Crypto derivation operation object initializers zero properly key_derivation_init: -PSA key derivation: HKDF-SHA-256, good case [#1] +PSA key derivation setup: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key derivation: HKDF-SHA-512, good case [#1] +PSA key derivation setup: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS -PSA key derivation: TLS 1.2 PRF SHA-256, good case [#1] +PSA key derivation setup: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS -PSA key derivation: not a key derivation algorithm (HMAC) +PSA key derivation setup: not a key derivation algorithm (HMAC) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: unsupported key derivation algorithm [#1] +PSA key derivation setup: algorithm from bad hash depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED -PSA key derivation: unsupported key derivation algorithm [#2] +PSA key derivation setup: bad algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED -PSA key derivation: HKDF-SHA-256, good case [#2] +PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS -PSA key derivation: HKDF-SHA-512, good case [#2] +PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS @@ -1900,7 +1900,7 @@ PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS -PSA key derivation: TLS 1.2 PRF SHA-256, good case [#2] +PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS From 6842ba4d7a3d7d73554a357c3db2c22dd7ae35b5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Sep 2019 13:49:33 +0200 Subject: [PATCH 1845/2197] PSA crypto KDF: test bytes/key input independently of the step type This commit only makes derive_input more flexible so that the key derivation API can be tested with different key types and raw data for each input step. The behavior of the test cases remains the same. --- tests/suites/test_suite_psa_crypto.data | 28 +++++++------- tests/suites/test_suite_psa_crypto.function | 42 ++++++++++----------- 2 files changed, 34 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5866baed0..cf95698bf 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1890,43 +1890,47 @@ derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, key first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, early label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double key depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_RAW_DATA:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: HKDF invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -2072,10 +2076,6 @@ PSA key derivation: HKDF SHA-1, request too much capacity depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:PSA_KEY_DERIVATION_INPUT_SEED:"":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE - PSA key derivation: over capacity 42: output 42+1 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3225bef34..79ef9a873 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4273,17 +4273,16 @@ exit: /* BEGIN_CASE */ void derive_input( int alg_arg, - int key_type_arg, - int step1_arg, data_t *input1, - int step2_arg, data_t *input2, - int step3_arg, data_t *input3, + int step_arg1, int key_type_arg1, data_t *input1, + int step_arg2, int key_type_arg2, data_t *input2, + int step_arg3, int key_type_arg3, data_t *input3, int expected_status_arg1, int expected_status_arg2, int expected_status_arg3 ) { psa_algorithm_t alg = alg_arg; - size_t key_type = key_type_arg; - psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; + psa_key_derivation_step_t steps[] = {step_arg1, step_arg2, step_arg3}; + psa_key_type_t key_types[] = {key_type_arg1, key_type_arg2, key_type_arg3}; psa_status_t expected_statuses[] = {expected_status_arg1, expected_status_arg2, expected_status_arg3}; @@ -4297,28 +4296,27 @@ void derive_input( int alg_arg, psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) { - switch( steps[i] ) + if( key_types[i] != 0 ) { - case PSA_KEY_DERIVATION_INPUT_SECRET: - PSA_ASSERT( psa_import_key( &attributes, - inputs[i]->x, inputs[i]->len, - &handles[i] ) ); - TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i], - handles[i] ), - expected_statuses[i] ); - break; - default: - TEST_EQUAL( psa_key_derivation_input_bytes( - &operation, steps[i], - inputs[i]->x, inputs[i]->len ), - expected_statuses[i] ); - break; + psa_set_key_type( &attributes, key_types[i] ); + PSA_ASSERT( psa_import_key( &attributes, + inputs[i]->x, inputs[i]->len, + &handles[i] ) ); + TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i], + handles[i] ), + expected_statuses[i] ); + } + else + { + TEST_EQUAL( psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len ), + expected_statuses[i] ); } } From 224b0d656a9d64ccf3d131bc41bd9f4052b8923f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Sep 2019 18:13:17 +0200 Subject: [PATCH 1846/2197] Key derivation: allow both keys and direct inputs Allow a direct input as the SECRET input step in a key derivation, in addition to allowing DERIVE keys. This makes it easier for applications to run a key derivation where the "secret" input is obtained from somewhere else. This makes it possible for the "secret" input to be empty (keys cannot be empty), which some protocols do (for example the IV derivation in EAP-TLS). Conversely, allow a RAW_DATA key as the INFO/LABEL/SALT/SEED input to a key derivation, in addition to allowing direct inputs. This doesn't improve security, but removes a step when a personalization parameter is stored in the key store, and allows this personalization parameter to remain opaque. Add test cases that explore step/key-type-and-keyhood combinations. --- include/psa/crypto.h | 5 ++- include/psa/crypto_values.h | 18 ++++++--- library/psa_crypto.c | 49 ++++++++++++++++--------- tests/suites/test_suite_psa_crypto.data | 48 ++++++++++++++++++++++++ 4 files changed, 97 insertions(+), 23 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9c303cb6e..ddc86cd58 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3298,7 +3298,8 @@ psa_status_t psa_key_derivation_input_bytes( * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step is not compatible with the operation's algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow key inputs. + * \c step does not allow key inputs of the given type + * or does not allow key inputs at all. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -3368,6 +3369,8 @@ psa_status_t psa_key_derivation_input_key( * \c private_key. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a key derivation algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step does not allow an input resulting from a key agreement. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index b3e094060..57d065149 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1618,31 +1618,39 @@ /** A secret input for key derivation. * - * This must be a key of type #PSA_KEY_TYPE_DERIVE. + * This should be a key of type #PSA_KEY_TYPE_DERIVE + * (passed to psa_key_derivation_input_key()) + * or the shared secret resulting from a key agreement + * (obtained via psa_key_derivation_key_agreement()). + * It can also be a direct input (passed to key_derivation_input_bytes()). */ #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) /** A label for key derivation. * - * This must be a direct input. + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) /** A salt for key derivation. * - * This must be a direct input. + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) /** An information string for key derivation. * - * This must be a direct input. + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) /** A seed for key derivation. * - * This must be a direct input. + * This should be a direct input. + * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fe737d2fa..149459366 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5076,13 +5076,38 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input( } #endif /* MBEDTLS_MD_C */ +static int psa_key_derivation_check_input_type( + psa_key_derivation_step_t step, + psa_key_type_t key_type ) +{ + switch( step ) + { + case PSA_KEY_DERIVATION_INPUT_SECRET: + if( key_type == PSA_KEY_TYPE_DERIVE || key_type == 0 ) + return( PSA_SUCCESS ); + break; + case PSA_KEY_DERIVATION_INPUT_LABEL: + case PSA_KEY_DERIVATION_INPUT_SALT: + case PSA_KEY_DERIVATION_INPUT_INFO: + case PSA_KEY_DERIVATION_INPUT_SEED: + if( key_type == PSA_KEY_TYPE_RAW_DATA || key_type == 0 ) + return( PSA_SUCCESS ); + break; + } + return( PSA_ERROR_INVALID_ARGUMENT ); +} + static psa_status_t psa_key_derivation_input_internal( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, + psa_key_type_t key_type, const uint8_t *data, size_t data_length ) { - psa_status_t status; + psa_status_t status = psa_key_derivation_check_input_type( step, key_type ); + if( status != PSA_SUCCESS ) + goto exit; + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); #if defined(MBEDTLS_MD_C) @@ -5111,6 +5136,7 @@ static psa_status_t psa_key_derivation_input_internal( return( PSA_ERROR_BAD_STATE ); } +exit: if( status != PSA_SUCCESS ) psa_key_derivation_abort( operation ); return( status ); @@ -5122,10 +5148,7 @@ psa_status_t psa_key_derivation_input_bytes( const uint8_t *data, size_t data_length ) { - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - return( psa_key_derivation_input_internal( operation, step, + return( psa_key_derivation_input_internal( operation, step, 0, data, data_length ) ); } @@ -5141,18 +5164,8 @@ psa_status_t psa_key_derivation_input_key( operation->alg ); if( status != PSA_SUCCESS ) return( status ); - if( slot->attr.type != PSA_KEY_TYPE_DERIVE ) - return( PSA_ERROR_INVALID_ARGUMENT ); - /* Don't allow a key to be used as an input that is usually public. - * This is debatable. It's ok from a cryptographic perspective to - * use secret material as an input that is usually public. However - * the material should be dedicated to a particular input step, - * otherwise this may allow the key to be used in an unintended way - * and leak values derived from the key. So be conservative. */ - if( step != PSA_KEY_DERIVATION_INPUT_SECRET ) - return( PSA_ERROR_INVALID_ARGUMENT ); return( psa_key_derivation_input_internal( operation, - step, + step, slot->attr.type, slot->data.raw.data, slot->data.raw.bytes ) ); } @@ -5265,8 +5278,10 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * goto exit; /* Step 2: set up the key derivation to generate key material from - * the shared secret. */ + * the shared secret. A shared secret is permitted wherever a key + * of type DERIVE is permitted. */ status = psa_key_derivation_input_internal( operation, step, + PSA_KEY_TYPE_DERIVE, shared_secret, shared_secret_length ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index cf95698bf..bfa3c1df8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1900,6 +1900,30 @@ PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS +PSA key derivation: HKDF-SHA-256, direct secret +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, direct empty secret +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, RAW_DATA key as info +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, DERIVE key as salt +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, DERIVE key as info +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS @@ -1928,6 +1952,30 @@ PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +PSA key derivation: TLS 1.2 PRF SHA-256, direct secret +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS + +PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE From 593773d9f23f2a494c462f6e02d9fba47b1afd88 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Sep 2019 18:17:40 +0200 Subject: [PATCH 1847/2197] Consistently abort key derivation operations on input error --- library/psa_crypto.c | 3 +++ tests/suites/test_suite_psa_crypto.data | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 149459366..07c6261d6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5163,7 +5163,10 @@ psa_status_t psa_key_derivation_input_key( PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) + { + psa_key_derivation_abort( operation ); return( status ); + } return( psa_key_derivation_input_internal( operation, step, slot->attr.type, slot->data.raw.data, diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bfa3c1df8..bf5b4cdff 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1898,7 +1898,7 @@ derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PS PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C From 46d7faf195c8e160de5a641e218417bf5e399d60 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Sep 2019 19:22:55 +0200 Subject: [PATCH 1848/2197] Don't jump past a variable declaration This is valid C99 (since the variable in question is not a VLA and is not used) but not accepted by IAR 8.20. --- library/psa_crypto.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 07c6261d6..9aa33df99 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5104,12 +5104,13 @@ static psa_status_t psa_key_derivation_input_internal( const uint8_t *data, size_t data_length ) { - psa_status_t status = psa_key_derivation_check_input_type( step, key_type ); + psa_status_t status; + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); + + status = psa_key_derivation_check_input_type( step, key_type ); if( status != PSA_SUCCESS ) goto exit; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); - #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { From b8965193a08c923f5c0665a88f44ace363025574 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 16:21:10 +0200 Subject: [PATCH 1849/2197] Use the constant PSA_KEY_TYPE_NONE rather than 0 No behavior change, just a readability improvement. --- library/psa_crypto.c | 20 +++++++-- tests/suites/test_suite_psa_crypto.data | 46 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 2 +- 3 files changed, 41 insertions(+), 27 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9aa33df99..cc60901a3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5076,6 +5076,15 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input( } #endif /* MBEDTLS_MD_C */ +/** Check whether the given key type is acceptable for the given + * input step of a key derivation. + * + * Secret inputs must have the type #PSA_KEY_TYPE_DERIVE. + * Non-secret inputs must have the type #PSA_KEY_TYPE_RAW_DATA. + * Both secret and non-secret inputs can alternatively have the type + * #PSA_KEY_TYPE_NONE, which is never the type of a key object, meaning + * that the input was passed as a buffer rather than via a key object. + */ static int psa_key_derivation_check_input_type( psa_key_derivation_step_t step, psa_key_type_t key_type ) @@ -5083,14 +5092,18 @@ static int psa_key_derivation_check_input_type( switch( step ) { case PSA_KEY_DERIVATION_INPUT_SECRET: - if( key_type == PSA_KEY_TYPE_DERIVE || key_type == 0 ) + if( key_type == PSA_KEY_TYPE_DERIVE ) + return( PSA_SUCCESS ); + if( key_type == PSA_KEY_TYPE_NONE ) return( PSA_SUCCESS ); break; case PSA_KEY_DERIVATION_INPUT_LABEL: case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: case PSA_KEY_DERIVATION_INPUT_SEED: - if( key_type == PSA_KEY_TYPE_RAW_DATA || key_type == 0 ) + if( key_type == PSA_KEY_TYPE_RAW_DATA ) + return( PSA_SUCCESS ); + if( key_type == PSA_KEY_TYPE_NONE ) return( PSA_SUCCESS ); break; } @@ -5149,7 +5162,8 @@ psa_status_t psa_key_derivation_input_bytes( const uint8_t *data, size_t data_length ) { - return( psa_key_derivation_input_internal( operation, step, 0, + return( psa_key_derivation_input_internal( operation, step, + PSA_KEY_TYPE_NONE, data, data_length ) ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bf5b4cdff..a77c2bf16 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1890,95 +1890,95 @@ derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, direct empty secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, DERIVE key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, DERIVE key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, key first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, early label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double key depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:0:"":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE PSA key derivation: HKDF invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 79ef9a873..8c2d24863 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4301,7 +4301,7 @@ void derive_input( int alg_arg, for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) { - if( key_types[i] != 0 ) + if( key_types[i] != PSA_KEY_TYPE_NONE ) { psa_set_key_type( &attributes, key_types[i] ); PSA_ASSERT( psa_import_key( &attributes, From 7ebd4dcf575b55c37fb5d2e823d067c034c3db76 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 17:15:58 +0200 Subject: [PATCH 1850/2197] Key derivation: allow both keys and direct inputs (function doc) Update the documentation of psa_key_derivation_input_key() and psa_key_derivation_input_bytes() now that the key/buffer distinction is not mandatory. --- include/psa/crypto.h | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index ddc86cd58..cca77197c 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3229,9 +3229,12 @@ psa_status_t psa_key_derivation_set_capacity( * Refer to the documentation of each key derivation or key agreement * algorithm for information. * - * This function passes direct inputs. Some inputs must be passed as keys - * using psa_key_derivation_input_key() instead of this function. Refer to - * the documentation of individual step types for information. + * This function passes direct inputs, which is usually correct for + * non-secret inputs. To pass a secret input, which should be in a key + * object, call psa_key_derivation_input_key() instead of this function. + * Refer to the documentation of individual step types + * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) + * for more information. * * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_key_derivation_abort(). @@ -3274,10 +3277,13 @@ psa_status_t psa_key_derivation_input_bytes( * Refer to the documentation of each key derivation or key agreement * algorithm for information. * - * This function passes key inputs. Some inputs must be passed as keys - * of the appropriate type using this function, while others must be - * passed as direct inputs using psa_key_derivation_input_bytes(). Refer to - * the documentation of individual step types for information. + * This function obtains input from a key object, which is usually correct for + * secret inputs or for non-secret personalization strings kept in the key + * store. To pass a non-secret parameter which is not in the key store, + * call psa_key_derivation_input_bytes() instead of this function. + * Refer to the documentation of individual step types + * (`PSA_KEY_DERIVATION_INPUT_xxx` values of type ::psa_key_derivation_step_t) + * for more information. * * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_key_derivation_abort(). From 2058c077244f95c658fff324c6de6191b90a48a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 17:19:33 +0200 Subject: [PATCH 1851/2197] derive_input test function: More logical parameter order No behavior change. --- tests/suites/test_suite_psa_crypto.data | 46 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 4 +- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a77c2bf16..6a123cddf 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1890,95 +1890,95 @@ derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: HKDF-SHA-256, direct empty secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS PSA key derivation: HKDF-SHA-256, DERIVE key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, DERIVE key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, key first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, early label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double key depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_SUCCESS:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE PSA key derivation: HKDF invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 8c2d24863..11b17bcaa 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4274,10 +4274,10 @@ exit: /* BEGIN_CASE */ void derive_input( int alg_arg, int step_arg1, int key_type_arg1, data_t *input1, - int step_arg2, int key_type_arg2, data_t *input2, - int step_arg3, int key_type_arg3, data_t *input3, int expected_status_arg1, + int step_arg2, int key_type_arg2, data_t *input2, int expected_status_arg2, + int step_arg3, int key_type_arg3, data_t *input3, int expected_status_arg3 ) { psa_algorithm_t alg = alg_arg; From 1a2904c49aaf6aab1a2cb54aec7b76720515af96 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 17:45:07 +0200 Subject: [PATCH 1852/2197] derive_input test function: Try output afterwards After passing some inputs, try getting one byte of output, just to check that this succeeds (for a valid sequence of inputs) or fails with BAD_STATE (for an invalid sequence of inputs). Either output a 1-byte key or a 1-byte buffer depending on the test data. The test data was expanded as follows: * Output key type (or not a key): same as the SECRET input if success is expected, otherwise NONE. * Expected status: PSA_SUCCESS after valid inputs, BAD_STATE after any invalid input. --- tests/suites/test_suite_psa_crypto.data | 46 ++++++++++----------- tests/suites/test_suite_psa_crypto.function | 26 +++++++++++- 2 files changed, 48 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6a123cddf..cc468165d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1890,95 +1890,95 @@ derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED PSA key derivation: HKDF-SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-512, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, direct empty secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, DERIVE key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, DERIVE key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, key first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, early label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double key depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, direct secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT +derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE +derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 11b17bcaa..87529ac6c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -4278,7 +4278,8 @@ void derive_input( int alg_arg, int step_arg2, int key_type_arg2, data_t *input2, int expected_status_arg2, int step_arg3, int key_type_arg3, data_t *input3, - int expected_status_arg3 ) + int expected_status_arg3, + int output_key_type_arg, int expected_output_status_arg ) { psa_algorithm_t alg = alg_arg; psa_key_derivation_step_t steps[] = {step_arg1, step_arg2, step_arg3}; @@ -4291,6 +4292,10 @@ void derive_input( int alg_arg, psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t i; + psa_key_type_t output_key_type = output_key_type_arg; + psa_key_handle_t output_handle = 0; + psa_status_t expected_output_status = expected_output_status_arg; + psa_status_t actual_output_status; PSA_ASSERT( psa_crypto_init( ) ); @@ -4320,10 +4325,29 @@ void derive_input( int alg_arg, } } + if( output_key_type != PSA_KEY_TYPE_NONE ) + { + psa_reset_key_attributes( &attributes ); + psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_bits( &attributes, 8 ); + actual_output_status = + psa_key_derivation_output_key( &attributes, &operation, + &output_handle ); + } + else + { + uint8_t buffer[1]; + actual_output_status = + psa_key_derivation_output_bytes( &operation, + buffer, sizeof( buffer ) ); + } + TEST_EQUAL( actual_output_status, expected_output_status ); + exit: psa_key_derivation_abort( &operation ); for( i = 0; i < ARRAY_LENGTH( handles ); i++ ) psa_destroy_key( handles[i] ); + psa_destroy_key( output_handle ); PSA_DONE( ); } /* END_CASE */ From 178c9aa96691c2ff9cdd1d194601b6c6353c6a7b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 18:21:06 +0200 Subject: [PATCH 1853/2197] Key derivation: forbid output_key without input_key If none of the inputs to a key derivation is a PSA_KEY_DERIVATION_INPUT_SECRET passed with psa_key_derivation_input_key(), forbid psa_key_derivation_output_key(). It usually doesn't make sense to derive a key object if the secret isn't itself a proper key. --- include/psa/crypto.h | 8 +++++++ include/psa/crypto_struct.h | 3 ++- include/psa/crypto_values.h | 6 ++++- library/psa_crypto.c | 10 ++++++++ tests/suites/test_suite_psa_crypto.data | 32 +++++++++++++++++++++---- 5 files changed, 53 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index cca77197c..1e7aaa8f7 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3527,6 +3527,11 @@ psa_status_t psa_key_derivation_output_bytes( * In all cases, the data that is read is discarded from the operation. * The operation's capacity is decreased by the number of bytes read. * + * For algorithms that take an input step #PSA_KEY_DERIVATION_INPUT_SECRET, + * the input to that step must be provided with psa_key_derivation_input_key(). + * Future versions of this specification may include additional restrictions + * on the derived key based on the attributes and strength of the secret key. + * * \param[in] attributes The attributes for the new key. * \param[in,out] operation The key derivation operation object to read from. * \param[out] handle On success, a handle to the newly created key. @@ -3549,6 +3554,9 @@ psa_status_t psa_key_derivation_output_bytes( * implementation in general or in this particular location. * \retval #PSA_ERROR_INVALID_ARGUMENT * The provided key attributes are not valid for the operation. + * \retval #PSA_ERROR_NOT_PERMITTED + * The #PSA_KEY_DERIVATION_INPUT_SECRET input was not provided through + * a key. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps). diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f177d5d91..9f55484e2 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -255,6 +255,7 @@ typedef struct psa_tls12_prf_key_derivation_s struct psa_key_derivation_s { psa_algorithm_t alg; + unsigned int can_output_key : 1; size_t capacity; union { @@ -268,7 +269,7 @@ struct psa_key_derivation_s }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {0}} +#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, 0, {0}} static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) { const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 57d065149..6b6a9f85b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1622,7 +1622,11 @@ * (passed to psa_key_derivation_input_key()) * or the shared secret resulting from a key agreement * (obtained via psa_key_derivation_key_agreement()). - * It can also be a direct input (passed to key_derivation_input_bytes()). + * + * The secret can also be a direct input (passed to + * key_derivation_input_bytes()). In this case, the derivation operation + * may not be used to derive keys: the operation will only allow + * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key(). */ #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc60901a3..b9ea00f2c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4787,6 +4787,9 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut if( psa_get_key_bits( attributes ) == 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); + if( ! operation->can_output_key ) + return( PSA_ERROR_NOT_PERMITTED ); + status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes, handle, &slot, &driver ); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -5174,6 +5177,7 @@ psa_status_t psa_key_derivation_input_key( { psa_key_slot_t *slot; psa_status_t status; + status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); @@ -5182,6 +5186,12 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_abort( operation ); return( status ); } + + /* Passing a key object as a SECRET input unlocks the permission + * to output to a key object. */ + if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + operation->can_output_key = 1; + return( psa_key_derivation_input_internal( operation, step, slot->attr.type, slot->data.raw.data, diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index cc468165d..6efdc01d1 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1888,7 +1888,11 @@ PSA key derivation setup: bad algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED -PSA key derivation: HKDF-SHA-256, good case +PSA key derivation: HKDF-SHA-256, good case, direct output +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: HKDF-SHA-256, good case, key output depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS @@ -1900,14 +1904,28 @@ PSA key derivation: HKDF-SHA-256, bad key type depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE -PSA key derivation: HKDF-SHA-256, direct secret +PSA key derivation: HKDF-SHA-256, bad key type, key output +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation +# detail. +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED + +PSA key derivation: HKDF-SHA-256, direct secret, direct output depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS -PSA key derivation: HKDF-SHA-256, direct empty secret +PSA key derivation: HKDF-SHA-256, direct empty secret, direct output depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS +PSA key derivation: HKDF-SHA-256, direct secret, key output +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED + +PSA key derivation: HKDF-SHA-256, direct empty secret, key output +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED + PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS @@ -1916,10 +1934,16 @@ PSA key derivation: HKDF-SHA-256, RAW_DATA key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS -PSA key derivation: HKDF-SHA-256, DERIVE key as salt +PSA key derivation: HKDF-SHA-256, DERIVE key as salt, direct output depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE +PSA key derivation: HKDF-SHA-256, DERIVE key as salt, key output +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +# Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation +# detail. +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_BAD_STATE + PSA key derivation: HKDF-SHA-256, DERIVE key as info depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE From 038ab053d65e5641905494fa554f90a4a0da9fd8 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 25 Sep 2019 14:06:15 +0300 Subject: [PATCH 1854/2197] Add const to variable Add const type that was accidently removed. --- tests/suites/target_test.function | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function index 4d03c3be5..89835d2bf 100644 --- a/tests/suites/target_test.function +++ b/tests/suites/target_test.function @@ -90,15 +90,15 @@ uint8_t receive_byte() uint32_t receive_uint32() { uint32_t value; - uint8_t c_be[8] = { greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc(), - greentea_getc() - }; + const uint8_t c_be[8] = { greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc(), + greentea_getc() + }; const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2], c_be[3], c_be[0], c_be[1], '\0' }; TEST_HELPER_ASSERT( unhexify( (uint8_t*)&value, c ) != 8 ); From c625045da6d7f55d830dd3fe90505abe1bfc2072 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 25 Sep 2019 22:11:36 +0100 Subject: [PATCH 1855/2197] Tighten up language regarding direct use of the IANA registry values --- include/psa/crypto_types.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index f9811bdfe..03fe9bc42 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -67,21 +67,29 @@ typedef uint32_t psa_key_type_t; /** The type of PSA elliptic curve identifiers. * - * The encoding of curve identifiers is aligned with the + * The encoding of curve identifiers is taken from the * TLS Supported Groups Registry (formerly known as the * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * The values are defined by RFC 8422 and RFC 7027. + * + * This specification defines identifiers for some of the curves in the IANA + * registry. Implementations that support other curves that are in the IANA + * registry should use the IANA value and a implementation-specific identifier. */ typedef uint16_t psa_ecc_curve_t; /** The type of PSA Diffie-Hellman group identifiers. * - * The encoding of group identifiers is aligned with the + * The encoding of group identifiers is taken from the * TLS Supported Groups Registry (formerly known as the * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * The values are defined by RFC 7919. + * + * This specification defines identifiers for some of the groups in the IANA + * registry. Implementations that support other groups that are in the IANA + * registry should use the IANA value and a implementation-specific identifier. */ typedef uint16_t psa_dh_group_t; From fd368e50d5ffd93e52235db0b6480d746ffdffda Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 25 Sep 2019 22:14:29 +0100 Subject: [PATCH 1856/2197] Support for vendor-defined ECC curves and DH groups Define a vendor-range within the the private use ranges in the IANA registry. Provide recommendations for how to support vendor-defined curves and groups. --- include/psa/crypto_types.h | 18 ++++++++++++++++++ include/psa/crypto_values.h | 26 ++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 03fe9bc42..521a765a0 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -76,6 +76,15 @@ typedef uint32_t psa_key_type_t; * This specification defines identifiers for some of the curves in the IANA * registry. Implementations that support other curves that are in the IANA * registry should use the IANA value and a implementation-specific identifier. + * Implemenations that support non-IANA curves should use one of the following + * approaches for allocating a key type: + * + * 1. Select a ::psa_ecc_curve_t value in the range #PSA_ECC_CURVE_VENDOR_MIN to + * #PSA_ECC_CURVE_VENDOR_MAX, which is a subset of the IANA private use + * range. + * 2. Use a ::psa_key_type_t value that is vendor-defined. + * + * The first option is recommended. */ typedef uint16_t psa_ecc_curve_t; @@ -90,6 +99,15 @@ typedef uint16_t psa_ecc_curve_t; * This specification defines identifiers for some of the groups in the IANA * registry. Implementations that support other groups that are in the IANA * registry should use the IANA value and a implementation-specific identifier. + * Implemenations that support non-IANA groups should use one of the following + * approaches for allocating a key type: + * + * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to + * #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use + * range. + * 2. Use a ::psa_key_type_t value that is vendor-defined. + * + * The first option is recommended. */ typedef uint16_t psa_dh_group_t; diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index fc0f9637f..58276c90b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -495,6 +495,19 @@ */ #define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) +/** Minimum value for a vendor-defined ECC curve identifier + * + * The range for vendor-defined curve identifiers is a subset of the IANA + * registry private use range, `0xfe00` - `0xfeff`. + */ +#define PSA_ECC_CURVE_VENDOR_MIN ((psa_ecc_curve_t) 0xfe00) +/** Maximum value for a vendor-defined ECC curve identifier + * + * The range for vendor-defined curve identifiers is a subset of the IANA + * registry private use range, `0xfe00` - `0xfeff`. + */ +#define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f) + #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) @@ -535,6 +548,19 @@ #define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) #define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) +/** Minimum value for a vendor-defined Diffie Hellman group identifier + * + * The range for vendor-defined group identifiers is a subset of the IANA + * registry private use range, `0x01fc` - `0x01ff`. + */ +#define PSA_DH_GROUP_VENDOR_MIN ((psa_dh_group_t) 0x01fc) +/** Maximum value for a vendor-defined Diffie Hellman group identifier + * + * The range for vendor-defined group identifiers is a subset of the IANA + * registry private use range, `0x01fc` - `0x01ff`. + */ +#define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd) + /** The block size of a block cipher. * * \param type A cipher key type (value of type #psa_key_type_t). From 214064ea85a92980b22eb32fefbef3e138db83ce Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 25 Sep 2019 22:16:21 +0100 Subject: [PATCH 1857/2197] Xref documentation for ECC curves and DH groups. Connect the types to the key type construction macros by x-refs. --- include/psa/crypto_types.h | 8 ++++++++ include/psa/crypto_values.h | 24 ++++++++++++++++++++---- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 521a765a0..fbbb737ae 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -66,6 +66,10 @@ typedef int32_t psa_status_t; typedef uint32_t psa_key_type_t; /** The type of PSA elliptic curve identifiers. + * + * The curve identifier is required to create an ECC key using the + * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() + * macros. * * The encoding of curve identifiers is taken from the * TLS Supported Groups Registry (formerly known as the @@ -89,6 +93,10 @@ typedef uint32_t psa_key_type_t; typedef uint16_t psa_ecc_curve_t; /** The type of PSA Diffie-Hellman group identifiers. + * + * The group identifier is required to create an Diffie-Hellman key using the + * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() + * macros. * * The encoding of group identifiers is taken from the * TLS Supported Groups Registry (formerly known as the diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 58276c90b..ca04c4a7a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -421,10 +421,18 @@ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) -/** Elliptic curve key pair. */ +/** Elliptic curve key pair. + * + * \param curve A value of type ::psa_ecc_curve_t that identifies the + * ECC curve to be used. + */ #define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) \ (PSA_KEY_TYPE_ECC_KEY_PAIR_BASE | (curve)) -/** Elliptic curve public key. */ +/** Elliptic curve public key. + * + * \param curve A value of type ::psa_ecc_curve_t that identifies the + * ECC curve to be used. + */ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve)) @@ -511,10 +519,18 @@ #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) -/** Diffie-Hellman key pair. */ +/** Diffie-Hellman key pair. + * + * \param group A value of type ::psa_dh_group_t that identifies the + * Diffie-Hellman group to be used. + */ #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) -/** Diffie-Hellman public key. */ +/** Diffie-Hellman public key. + * + * \param group A value of type ::psa_dh_group_t that identifies the + * Diffie-Hellman group to be used. + */ #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ (PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE | (group)) From 7edad280360df0c85d0d38c0d31074111c26e8fc Mon Sep 17 00:00:00 2001 From: Benjamin Kier Date: Thu, 30 May 2019 14:49:17 -0400 Subject: [PATCH 1858/2197] Fixed possibly undefined variable warnings by initializing variables to 0. --- library/entropy.c | 2 +- library/hmac_drbg.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/entropy.c b/library/entropy.c index f8db1a550..ac7e9051f 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -258,7 +258,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, */ static int entropy_gather_internal( mbedtls_entropy_context *ctx ) { - int ret, i, have_one_strong = 0; + int ret = 0, i, have_one_strong = 0; unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; size_t olen; diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 50d88bd54..edecc6e12 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -74,7 +74,7 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; - int ret; + int ret = 0; for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) { From 006c1b5f4e8dd2da632ddd5df97f1b5ec9163734 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 30 Sep 2019 17:29:54 +0200 Subject: [PATCH 1859/2197] Prefer initializing ret to error values These initial values shouldn't be used, but in case they accidentally get used after a code change, fail safe. --- library/entropy.c | 4 +++- library/hmac_drbg.c | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/library/entropy.c b/library/entropy.c index ac7e9051f..d7091cbf7 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -258,7 +258,9 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, */ static int entropy_gather_internal( mbedtls_entropy_context *ctx ) { - int ret = 0, i, have_one_strong = 0; + int ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + int i; + int have_one_strong = 0; unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; size_t olen; diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index edecc6e12..67123dfd2 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -74,7 +74,7 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; - int ret = 0; + int ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) { From 3efcebbc5e9852082f06590f9325d53cf405e80f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 14:18:35 +0200 Subject: [PATCH 1860/2197] SE support: Use a transaction when registering a key When registering a key in a secure element, go through the transaction mechanism. This makes the code simpler, at the expense of a few extra storage operations. Given that registering a key is typically very rare over the lifetime of a device, this is an acceptable loss. Drivers must now have a p_validate_slot_number method, otherwise registering a key is not possible. This reduces the risk that due to a mistake during the integration of a device, an application might claim a slot in a way that is not supported by the driver. --- include/psa/crypto_extra.h | 3 ++ library/psa_crypto.c | 42 ++++--------------- library/psa_crypto_se.c | 6 +++ .../test_suite_psa_crypto_se_driver_hal.data | 26 ++++++------ 4 files changed, 30 insertions(+), 47 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f0e47821c..99bb0635a 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -186,6 +186,9 @@ static inline void psa_clear_key_slot_number( * \retval #PSA_ERROR_ALREADY_EXISTS * There is already a key with the identifier specified in * \p attributes. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The secure element driver for the specified lifetime does not + * support registering a key. * \retval #PSA_ERROR_INVALID_ARGUMENT * \p attributes specifies a lifetime which is not located * in a secure element. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b9ea00f2c..90158f852 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1579,7 +1579,7 @@ static psa_status_t psa_start_key_creation( #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* For a key in a secure element, we need to do three things - * when creating a key (but not when registering an existing key): + * when creating or registering a key: * create the key file in internal storage, create the * key inside the secure element, and update the driver's * persistent data. Start a transaction that will encompass these @@ -1592,7 +1592,7 @@ static psa_status_t psa_start_key_creation( * secure element driver updates its persistent state, but we do not yet * save the driver's persistent state, so that if the power fails, * we can roll back to a state where the key doesn't exist. */ - if( *p_drv != NULL && method != PSA_KEY_CREATION_REGISTER ) + if( *p_drv != NULL ) { status = psa_find_se_slot_for_key( attributes, method, *p_drv, &slot->data.se.slot_number ); @@ -1609,6 +1609,12 @@ static psa_status_t psa_start_key_creation( return( status ); } } + + if( *p_drv == NULL && method == PSA_KEY_CREATION_REGISTER ) + { + /* Key registration only makes sense with a secure element. */ + return( PSA_ERROR_INVALID_ARGUMENT ); + } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ return( status ); @@ -1883,7 +1889,6 @@ psa_status_t mbedtls_psa_register_se_key( psa_status_t status; psa_key_slot_t *slot = NULL; psa_se_drv_table_entry_t *driver = NULL; - const psa_drv_se_t *drv; psa_key_handle_t handle = 0; /* Leaving attributes unspecified is not currently supported. @@ -1900,37 +1905,6 @@ psa_status_t mbedtls_psa_register_se_key( if( status != PSA_SUCCESS ) goto exit; - if( driver == NULL ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } - drv = psa_get_se_driver_methods( driver ); - - if ( psa_get_key_slot_number( attributes, - &slot->data.se.slot_number ) != PSA_SUCCESS ) - { - /* The application didn't specify a slot number. This doesn't - * make sense when registering a slot. */ - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } - - /* If the driver has a slot number validation method, call it. - * If it doesn't, it means the secure element is unable to validate - * anything and so we have to trust the application. */ - if( drv->key_management != NULL && - drv->key_management->p_validate_slot_number != NULL ) - { - status = drv->key_management->p_validate_slot_number( - psa_get_se_driver_context( driver ), - attributes, - PSA_KEY_CREATION_REGISTER, - slot->data.se.slot_number ); - if( status != PSA_SUCCESS ) - goto exit; - } - status = psa_finish_key_creation( slot, driver ); exit: diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 523c62105..2cda4ccdc 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -225,6 +225,12 @@ psa_status_t psa_find_se_slot_for_key( attributes, method, *slot_number ); } + else if( method == PSA_KEY_CREATION_REGISTER ) + { + /* The application didn't specify a slot number. This doesn't + * make sense when registering a slot. */ + return( PSA_ERROR_INVALID_ARGUMENT ); + } else { /* The application didn't tell us which slot to use. Let the driver diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 53e3fc5b8..1b0ef0494 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -121,23 +121,23 @@ Key generation smoke test: HMAC-SHA-256 generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 ) Key registration: smoke test -register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_SUCCESS - -Key registration: invalid lifetime (volatile) -register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:-1:PSA_ERROR_INVALID_ARGUMENT - -Key registration: invalid lifetime (internal storage) -register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:-1:PSA_ERROR_INVALID_ARGUMENT - -Key registration: invalid lifetime (no registered driver) -register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:-1:PSA_ERROR_INVALID_ARGUMENT - -Key registration: with driver validation (accepted) register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS -Key registration: with driver validation (rejected) +Key registration: invalid lifetime (volatile) +register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT + +Key registration: invalid lifetime (internal storage) +register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_INVALID_ARGUMENT + +Key registration: invalid lifetime (no registered driver) +register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:1:PSA_ERROR_INVALID_ARGUMENT + +Key registration: rejected register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED +Key registration: not supported +register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED + Import-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" From 5ec3a30edb344760738f565f83d193a2fe6bad79 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 14:27:23 +0200 Subject: [PATCH 1861/2197] SE driver: validate_slot_number: support changing persistent data Add a parameter to the p_validate_slot_number method to allow the driver to modify the persistent data. With the current structure of the core, the persistent data is already updated. All it took was adding a way to modify it. --- include/psa/crypto_se_driver.h | 8 ++++++++ library/psa_crypto_se.c | 1 + tests/suites/test_suite_psa_crypto_se_driver_hal.function | 4 ++++ 3 files changed, 13 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index a43e0db48..7ac1ed1c4 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -927,7 +927,14 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( * sake of initial device provisioning or onboarding. Such a mechanism may * be added to a future version of the PSA Cryptography API specification. * + * This function may update the driver's persistent data through + * \p persistent_data. The core will save the updated persistent data at the + * end of the key creation process. See the description of + * ::psa_drv_se_allocate_key_t for more information. + * * \param[in,out] drv_context The driver context structure. + * \param[in,out] persistent_data A pointer to the persistent data + * that allows writing. * \param[in] attributes Attributes of the key. * \param method The way in which the key is being created. * \param[in] key_slot Slot where the key is to be stored. @@ -946,6 +953,7 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( */ typedef psa_status_t (*psa_drv_se_validate_slot_number_t)( psa_drv_se_context_t *drv_context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t key_slot); diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 2cda4ccdc..81b310367 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -222,6 +222,7 @@ psa_status_t psa_find_se_slot_for_key( if( p_validate_slot_number == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); status = p_validate_slot_number( &driver->context, + driver->internal.persistent_data, attributes, method, *slot_number ); } diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index fc6f66816..539c563c4 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -90,11 +90,13 @@ static validate_slot_number_directions_t validate_slot_number_directions; /* Validate a choice of slot number as directed. */ static psa_status_t validate_slot_number_as_directed( psa_drv_se_context_t *context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t slot_number ) { (void) context; + (void) persistent_data; (void) attributes; DRIVER_ASSERT_RETURN( slot_number == validate_slot_number_directions.slot_number ); @@ -367,11 +369,13 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, static psa_status_t ram_validate_slot_number( psa_drv_se_context_t *context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t slot_number ) { (void) context; + (void) persistent_data; (void) attributes; (void) method; if( slot_number >= ARRAY_LENGTH( ram_slots ) ) From d9348f218e708dc99a300f624f4c1ccea0949109 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 15:22:29 +0200 Subject: [PATCH 1862/2197] SE driver: call the p_init method during psa_crypto_init() --- library/psa_crypto.c | 6 ++ library/psa_crypto_se.c | 22 +++++++ library/psa_crypto_se.h | 6 ++ ..._suite_psa_crypto_se_driver_hal_mocks.data | 9 +++ ...te_psa_crypto_se_driver_hal_mocks.function | 57 +++++++++++++++++++ 5 files changed, 100 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 90158f852..e26a7ec01 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5687,6 +5687,12 @@ psa_status_t psa_crypto_init( void ) if( status != PSA_SUCCESS ) goto exit; +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + status = psa_init_all_se_drivers( ); + if( status != PSA_SUCCESS ) + goto exit; +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction( ); if( status == PSA_SUCCESS ) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 81b310367..81f0a1a8f 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -272,6 +272,28 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, return( status == PSA_SUCCESS ? storage_status : status ); } +psa_status_t psa_init_all_se_drivers( void ) +{ + size_t i; + for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) + { + psa_se_drv_table_entry_t *driver = &driver_table[i]; + if( driver->lifetime == 0 ) + continue; /* skipping unused entry */ + const psa_drv_se_t *methods = psa_get_se_driver_methods( driver ); + if( methods->p_init != NULL ) + { + psa_status_t status = methods->p_init( + &driver->context, + driver->internal.persistent_data, + driver->lifetime ); + if( status != PSA_SUCCESS ) + return( status ); + } + } + return( PSA_SUCCESS ); +} + /****************************************************************/ diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 900a72bd3..86bf7a7b1 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -66,6 +66,12 @@ */ void psa_unregister_all_se_drivers( void ); +/** Initialize all secure element drivers. + * + * Called from psa_crypto_init(). + */ +psa_status_t psa_init_all_se_drivers( void ); + /** A structure that describes a registered secure element driver. * * A secure element driver table entry contains a pointer to the diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index dba68758f..f60bd7602 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -1,3 +1,12 @@ +SE init mock test: success +mock_init:2:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:1 + +SE init mock test: failure +mock_init:2:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE:1 + +SE init mock test: invalid lifetime +mock_init:1:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0 + SE key importing mock test mock_import:PSA_SUCCESS:PSA_SUCCESS:0:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index e6b3f7b1f..7088a5226 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -5,6 +5,13 @@ #include "psa_crypto_se.h" #include "psa_crypto_storage.h" +static struct +{ + uint16_t called; + psa_key_lifetime_t lifetime; + psa_status_t return_value; +} mock_init_data; + static struct { uint16_t called; @@ -92,6 +99,7 @@ static void psa_purge_storage( void ) static void mock_teardown( void ) { + memset( &mock_init_data, 0, sizeof( mock_init_data ) ); memset( &mock_import_data, 0, sizeof( mock_import_data ) ); memset( &mock_export_data, 0, sizeof( mock_export_data ) ); memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); @@ -103,6 +111,18 @@ static void mock_teardown( void ) psa_purge_storage( ); } +static psa_status_t mock_init( psa_drv_se_context_t *drv_context, + void *persistent_data, + psa_key_lifetime_t lifetime ) +{ + (void) drv_context; + (void) persistent_data; + + mock_init_data.called++; + mock_init_data.lifetime = lifetime; + return( mock_init_data.return_value ); +} + static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, @@ -258,6 +278,42 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void mock_init( int lifetime_arg, + int expected_register_status_arg, + int driver_status_arg, + int expected_psa_status_arg, + int expected_called ) +{ + psa_key_lifetime_t lifetime = lifetime_arg; + psa_status_t expected_register_status = expected_register_status_arg; + psa_status_t driver_status = driver_status_arg; + psa_status_t expected_psa_status = expected_psa_status_arg; + psa_drv_se_t driver = { + .hal_version = PSA_DRV_SE_HAL_VERSION, + .p_init = mock_init, + }; + int psa_crypto_init_called = 0; + + mock_init_data.return_value = driver_status; + + TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + expected_register_status ); + + psa_crypto_init_called = 1; + TEST_EQUAL( psa_crypto_init( ), expected_psa_status ); + + TEST_EQUAL( mock_init_data.called, expected_called ); + if( expected_called ) + TEST_EQUAL( mock_init_data.lifetime, lifetime ); + +exit: + if( psa_crypto_init_called ) + PSA_DONE( ); + mock_teardown( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mock_import( int mock_alloc_return_value, int mock_import_return_value, @@ -335,6 +391,7 @@ void mock_export( int mock_export_return_value, int expected_result ) memset( &key_management, 0, sizeof( key_management ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; + driver.p_init = mock_init; key_management.p_import = mock_import; key_management.p_export = mock_export; key_management.p_destroy = mock_destroy; From c84c70a83c98e4020868be4f3c961b1cbcb18bb6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 15:41:42 +0200 Subject: [PATCH 1863/2197] SE driver: save the persistent data after calling p_init --- library/psa_crypto_se.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 81f0a1a8f..11604c219 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -289,6 +289,9 @@ psa_status_t psa_init_all_se_drivers( void ) driver->lifetime ); if( status != PSA_SUCCESS ) return( status ); + status = psa_save_se_persistent_data( driver ); + if( status != PSA_SUCCESS ) + return( status ); } } return( PSA_SUCCESS ); From d5536d8a5b9187a1e4648cbac9c1168aeba2421c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 16:55:29 +0200 Subject: [PATCH 1864/2197] SE driver: Fix loading of persistent data The persistent data was not loaded correctly (the code was loading 0 bytes instead of the correct size). --- library/psa_crypto_se.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 11604c219..b7fa0c5c5 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -341,6 +341,8 @@ psa_status_t psa_register_se_driver( driver_table[i].lifetime = lifetime; driver_table[i].methods = methods; + driver_table[i].internal.persistent_data_size = + methods->persistent_data_size; if( methods->persistent_data_size != 0 ) { @@ -358,8 +360,6 @@ psa_status_t psa_register_se_driver( if( status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST ) goto error; } - driver_table[i].internal.persistent_data_size = - methods->persistent_data_size; return( PSA_SUCCESS ); From e1ee8f157c5f8525e4d66be1a97b56743ee099a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 16:56:27 +0200 Subject: [PATCH 1865/2197] Test that SE driver persistent data is saved correctly Add invasive checks that peek at the stored persistent data after some successful import, generation or destruction operations and after reinitialization to ensure that the persistent data in storage has the expected content. --- ...st_suite_psa_crypto_se_driver_hal.function | 96 +++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 539c563c4..61fb91805 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -5,6 +5,13 @@ #include "psa_crypto_se.h" #include "psa_crypto_storage.h" +/* Invasive peeking: check the persistent data */ +#if defined(MBEDTLS_PSA_ITS_FILE_C) +#include "psa_crypto_its.h" +#else /* Native ITS implementation */ +#include "psa/error.h" +#include "psa/internal_trusted_storage.h" +#endif /****************************************************************/ @@ -106,6 +113,11 @@ static psa_status_t validate_slot_number_as_directed( } /* Allocate slot numbers with a monotonic counter. */ +static psa_key_slot_number_t shadow_counter; +static void counter_reset( void ) +{ + shadow_counter = 0; +} static psa_status_t counter_allocate( psa_drv_se_context_t *context, void *persistent_data, const psa_key_attributes_t *attributes, @@ -120,6 +132,7 @@ static psa_status_t counter_allocate( psa_drv_se_context_t *context, ++*p_counter; if( *p_counter == 0 ) return( PSA_ERROR_INSUFFICIENT_STORAGE ); + shadow_counter = *p_counter; *slot_number = *p_counter; return( PSA_SUCCESS ); } @@ -195,12 +208,15 @@ static ram_slot_t ram_slots[16]; * bit vector indicating which slots are in use. */ typedef uint16_t ram_slot_usage_t; +static ram_slot_usage_t ram_shadow_slot_usage; + static uint8_t ram_min_slot = 0; static void ram_slots_reset( void ) { memset( ram_slots, 0, sizeof( ram_slots ) ); ram_min_slot = 0; + ram_shadow_slot_usage = 0; } /* Common parts of key creation. @@ -344,6 +360,7 @@ static psa_status_t ram_destroy( psa_drv_se_context_t *context, DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); *slot_usage &= ~(ram_slot_usage_t)( 1 << slot_number ); + ram_shadow_slot_usage = *slot_usage; return( PSA_SUCCESS ); } @@ -362,7 +379,10 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, ++( *slot_number ) ) { if( ! ( *slot_usage & 1 << *slot_number ) ) + { + ram_shadow_slot_usage = *slot_usage; return( PSA_SUCCESS ); + } } return( PSA_ERROR_INSUFFICIENT_STORAGE ); } @@ -526,6 +546,37 @@ exit: return( ok ); } +/* Get the file UID corresponding to the specified lifetime. + * If this changes, the storage format version must change. + * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c. + */ +psa_storage_uid_t file_uid_for_lifetime( psa_key_lifetime_t lifetime ) +{ + if( lifetime > PSA_MAX_SE_LIFETIME ) + return( 0 ); + return( 0xfffffe00 + lifetime ); +} + +/* Check that the persistent data of a driver has its expected content. */ +static int check_persistent_data( psa_key_lifetime_t lifetime, + const void *expected_data, + size_t size ) +{ + psa_storage_uid_t uid = file_uid_for_lifetime( lifetime ); + struct psa_storage_info_t info; + uint8_t *loaded = NULL; + + PSA_ASSERT( psa_its_get_info( uid, &info ) ); + ASSERT_ALLOC( loaded, info.size ); + PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) ); + ASSERT_COMPARE( expected_data, size, loaded, info.size ); + return( 1 ); + +exit: + mbedtls_free( loaded ); + return( 0 ); +} + /* Check that a function's return status is "smoke-free", i.e. that * it's an acceptable error code when calling an API function that operates * on a key with potentially bogus parameters. */ @@ -780,6 +831,10 @@ void key_creation_import_export( int min_slot, int restart ) PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), &handle ) ); + if( ! check_persistent_data( lifetime, + &ram_shadow_slot_usage, + sizeof( ram_shadow_slot_usage ) ) ) + goto exit; /* Maybe restart, to check that the information is saved correctly. */ if( restart ) @@ -787,6 +842,10 @@ void key_creation_import_export( int min_slot, int restart ) mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); + if( ! check_persistent_data( lifetime, + &ram_shadow_slot_usage, + sizeof( ram_shadow_slot_usage ) ) ) + goto exit; PSA_ASSERT( psa_open_key( id, &handle ) ); } @@ -809,6 +868,10 @@ void key_creation_import_export( int min_slot, int restart ) PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; + if( ! check_persistent_data( lifetime, + &ram_shadow_slot_usage, + sizeof( ram_shadow_slot_usage ) ) ) + goto exit; TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); @@ -864,6 +927,10 @@ void key_creation_in_chosen_slot( int slot_arg, if( status != PSA_SUCCESS ) goto exit; + if( ! check_persistent_data( lifetime, + &ram_shadow_slot_usage, + sizeof( ram_shadow_slot_usage ) ) ) + goto exit; /* Maybe restart, to check that the information is saved correctly. */ if( restart ) @@ -871,6 +938,10 @@ void key_creation_in_chosen_slot( int slot_arg, mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); + if( ! check_persistent_data( lifetime, + &ram_shadow_slot_usage, + sizeof( ram_shadow_slot_usage ) ) ) + goto exit; PSA_ASSERT( psa_open_key( id, &handle ) ); } @@ -883,6 +954,10 @@ void key_creation_in_chosen_slot( int slot_arg, PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; + if( ! check_persistent_data( lifetime, + &ram_shadow_slot_usage, + sizeof( ram_shadow_slot_usage ) ) ) + goto exit; TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); @@ -930,6 +1005,9 @@ void import_key_smoke( int type_arg, int alg_arg, PSA_ASSERT( psa_import_key( &attributes, key_material->x, key_material->len, &handle ) ); + if( ! check_persistent_data( lifetime, + &shadow_counter, sizeof( shadow_counter ) ) ) + goto exit; /* Do stuff with the key. */ if( ! smoke_test_key( handle ) ) @@ -939,6 +1017,9 @@ void import_key_smoke( int type_arg, int alg_arg, mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); + if( ! check_persistent_data( lifetime, + &shadow_counter, sizeof( shadow_counter ) ) ) + goto exit; PSA_ASSERT( psa_open_key( id, &handle ) ); if( ! smoke_test_key( handle ) ) goto exit; @@ -946,11 +1027,15 @@ void import_key_smoke( int type_arg, int alg_arg, /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; + if( ! check_persistent_data( lifetime, + &shadow_counter, sizeof( shadow_counter ) ) ) + goto exit; TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); + counter_reset( ); psa_purge_storage( ); } /* END_CASE */ @@ -987,6 +1072,7 @@ void generate_key_not_supported( int type_arg, int bits_arg ) exit: PSA_DONE( ); + counter_reset( ); psa_purge_storage( ); } /* END_CASE */ @@ -1027,6 +1113,9 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, bits ); PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + if( ! check_persistent_data( lifetime, + &shadow_counter, sizeof( shadow_counter ) ) ) + goto exit; /* Do stuff with the key. */ if( ! smoke_test_key( handle ) ) @@ -1036,6 +1125,9 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) mbedtls_psa_crypto_free( ); PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); + if( ! check_persistent_data( lifetime, + &shadow_counter, sizeof( shadow_counter ) ) ) + goto exit; PSA_ASSERT( psa_open_key( id, &handle ) ); if( ! smoke_test_key( handle ) ) goto exit; @@ -1043,11 +1135,15 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; + if( ! check_persistent_data( lifetime, + &shadow_counter, sizeof( shadow_counter ) ) ) + goto exit; TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); exit: PSA_DONE( ); + counter_reset( ); psa_purge_storage( ); } /* END_CASE */ From 02b372b7b26792f1251d24a88a9a25b16592f1fd Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Wed, 2 Oct 2019 09:32:21 +0100 Subject: [PATCH 1866/2197] Fix defgroup syntax for API version section --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 68a4f6576..d3b7522ab 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -57,7 +57,7 @@ extern "C" { * algorithms, key types, policies, etc. */ #include "crypto_types.h" -/** \defgroup API version +/** \defgroup version API version * @{ */ From 08875d441ecf04807e3f24db65efc82d72d21e00 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 14:40:40 +0200 Subject: [PATCH 1867/2197] CTR_DRBG documentation clarifications * State explicit whether several numbers are in bits or bytes. * Clarify whether buffer pointer parameters can be NULL. * Explain the value of constants that are dependent on the configuration. --- include/mbedtls/ctr_drbg.h | 60 ++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index ffaf8ad79..db614746a 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -15,7 +15,7 @@ * keys and operations that use random values generated to 128-bit security. */ /* - * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved + * Copyright (C) 2006-2019, Arm Limited (or its affiliates), All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -56,9 +56,19 @@ #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */ #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) -#define MBEDTLS_CTR_DRBG_KEYSIZE 16 /**< The key size used by the cipher (compile-time choice: 128 bits). */ +#define MBEDTLS_CTR_DRBG_KEYSIZE 16 +/**< The key size in bytes used by the cipher. + * + * Compile-time choice: 16 bytes (128 bits) + * because #MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is set. + */ #else -#define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< The key size used by the cipher (compile-time choice: 256 bits). */ +#define MBEDTLS_CTR_DRBG_KEYSIZE 32 +/**< The key size in bytes used by the cipher. + * + * Compile-time choice: 32 bytes (256 bits) + * because `MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` is not set. + */ #endif #define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */ @@ -75,17 +85,25 @@ #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) +/** The amount of entropy used per seed by default. + * + * This is 48 bytes because the entropy module uses SHA-512 + * (`MBEDTLS_ENTROPY_FORCE_SHA256` is not set). + * + * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are + * acceptable. + */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 -/**< The amount of entropy used per seed by default: - *
  • 48 with SHA-512.
    • - *
  • 32 with SHA-256.
- */ #else -#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 -/**< Amount of entropy used per seed by default: - *
  • 48 with SHA-512.
    • - *
  • 32 with SHA-256.
+/** The amount of entropy used per seed by default. + * + * This is 32 bytes because the entropy module uses SHA-256 + * (the SHA-512 module is disabled or `MBEDTLS_ENTROPY_FORCE_SHA256` is set). + * + * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are + * acceptable. */ +#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 #endif #endif @@ -106,7 +124,7 @@ #if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) #define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 -/**< The maximum size of seed or reseed buffer. */ +/**< The maximum size of seed or reseed buffer in bytes. */ #endif /* \} name SECTION: Module settings */ @@ -170,10 +188,12 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \param ctx The CTR_DRBG context to seed. * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the - length of the buffer. + * length of the buffer. * \param p_entropy The entropy context. * \param custom Personalization data, that is device-specific - identifiers. Can be NULL. + * identifiers. This can be NULL, in which case the + * personalization data is empty regardless of the value + * of \p len. * \param len The length of the personalization data. * * \return \c 0 on success. @@ -213,7 +233,7 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * * \param ctx The CTR_DRBG context. - * \param len The amount of entropy to grab. + * \param len The amount of entropy to grab, in bytes. */ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len ); @@ -246,7 +266,8 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * \brief This function updates the state of the CTR_DRBG context. * * \param ctx The CTR_DRBG context. - * \param additional The data to update the state with. + * \param additional The data to update the state with. This must not be + * null unless \p add_len is 0. * \param add_len Length of \p additional in bytes. This must be at * most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * @@ -270,8 +291,11 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * #mbedtls_ctr_drbg_context structure. * \param output The buffer to fill. * \param output_len The length of the buffer. - * \param additional Additional data to update. Can be NULL. - * \param add_len The length of the additional data. + * \param additional Additional data to update. Can be NULL, in which + * case the additional data is empty regardless of + * the value of \p add_len. + * \param add_len The length of the additional data + * if \p additional is non-null. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or From 944bc587e8b3bfe45826fedaeb3c7e8b765f30a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 14:48:30 +0200 Subject: [PATCH 1868/2197] CTR_DRBG: Document the maximum size of some parameters --- include/mbedtls/ctr_drbg.h | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index db614746a..5e699264d 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -195,6 +195,9 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * personalization data is empty regardless of the value * of \p len. * \param len The length of the personalization data. + * This must be at most + * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + * - #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. @@ -234,6 +237,7 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * * \param ctx The CTR_DRBG context. * \param len The amount of entropy to grab, in bytes. + * This must be at most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. */ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len ); @@ -255,6 +259,10 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, * \param ctx The CTR_DRBG context. * \param additional Additional data to add to the state. Can be NULL. * \param len The length of the additional data. + * This must be less than + * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - \c entropy_len + * where \c entropy_len is the entropy length + * configured for the context. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. @@ -296,6 +304,11 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * the value of \p add_len. * \param add_len The length of the additional data * if \p additional is non-null. + * This must be less than #MBEDTLS_CTR_DRBG_MAX_INPUT + * and less than + * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - \c entropy_len + * where \c entropy_len is the entropy length + * configured for the context. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or @@ -313,7 +326,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, * \param p_rng The CTR_DRBG context. This must be a pointer to a * #mbedtls_ctr_drbg_context structure. * \param output The buffer to fill. - * \param output_len The length of the buffer. + * \param output_len The length of the buffer in bytes. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or From 223deea86b9371421eee75212046c9f2832af726 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 24 Sep 2019 14:48:53 +0200 Subject: [PATCH 1869/2197] CTR_DRBG: Document the security strength and SP 800-90A compliance Document that a derivation function is used. Document the security strength of the DRBG depending on the compile-time configuration and how it is set up. In particular, document how the nonce specified in SP 800-90A is set. Mention how to link the ctr_drbg module with the entropy module. --- include/mbedtls/ctr_drbg.h | 57 +++++++++++++++++++++++++++++++++++--- 1 file changed, 53 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 5e699264d..1a9f5e80f 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -9,9 +9,24 @@ * Bit Generators. * * The Mbed TLS implementation of CTR_DRBG uses AES-256 (default) or AES-128 - * as the underlying block cipher. + * as the underlying block cipher, with a derivation function. The security + * strength is: + * - 256 bits under the default configuration of the library, with AES-256 + * (`MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` not set) and + * with #MBEDTLS_CTR_DRBG_ENTROPY_LEN set to 48 or more. + * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set + * to 32 or more, and the DRBG is initialized with an explicit + * nonce in the \c custom parameter to mbedtls_ctr_drbg_seed(). + * - 128 bits if AES-256 is used but #MBEDTLS_CTR_DRBG_ENTROPY_LEN is + * between 24 and 47 and the DRBG is not initialized with an explicit + * nonce (see mbedtls_ctr_drbg_seed()). + * - 128 bits if AES-128 is used (`MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` set) + * and #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set to 24 or more (which is + * always the case unless it is explicitly set to a different value + * in `config.h`). * - * \warning Using 128-bit keys for CTR_DRBG limits the security of generated + * \warning Using 128-bit keys for CTR_DRBG or using SHA-256 as the entropy + * compression function limits the security of generated * keys and operations that use random values generated to 128-bit security. */ /* @@ -182,8 +197,35 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \brief This function seeds and sets up the CTR_DRBG * entropy source for future reseeds. * - * \note Personalization data can be provided in addition to the more generic - * entropy source, to make this instantiation as unique as possible. + * A typical choice for the \p f_entropy and \p p_entropy parameters is + * to use the entropy module: + * - \p f_entropy is mbedtls_entropy_func(); + * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized + * with mbedtls_entropy_init() (which registers the platform's default + * entropy sources). + * + * Personalization data can be provided in addition to the more generic + * entropy source, to make this instantiation as unique as possible. + * + * \note The _seed_material_ value passed to the derivation + * function in the CTR_DRBG Instantiate Process + * described in NIST SP 800-90A §10.2.1.3.2 + * is the concatenation of the string obtained from + * calling \p f_entropy and the \p custom string. + * The origin of the nonce depends on the value of + * the entropy length relative to the security strength. + * See the documentation of + * mbedtls_ctr_drbg_set_entropy_len() for information + * about the entropy length. + * - If the entropy length is at least 1.5 times the + * security strength then the nonce is taken from the + * string obtained with \p f_entropy. + * - If the entropy length is less than the security + * strength, then the nonce is taken from \p custom. + * In this case, for compliance with SP 800-90A, + * you must pass a unique value of \p custom at + * each invocation. See SP 800-90A §8.6.7 for more + * details. * * \param ctx The CTR_DRBG context to seed. * \param f_entropy The entropy callback, taking as arguments the @@ -235,6 +277,13 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * seed or reseed. The default value is * #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * + * \note For compliance with NIST SP 800-90A, the entropy length + * must be at least 1.5 times security strength, since + * the entropy source is used both as the entropy input + * and to provide the initial nonce: + * - 24 bytes if using AES-128; + * - 48 bytes if using AES-256. + * * \param ctx The CTR_DRBG context. * \param len The amount of entropy to grab, in bytes. * This must be at most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. From 6fdf0b3a47d53dc58343a136a33ba097a99ef1e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 25 Sep 2019 20:22:40 +0200 Subject: [PATCH 1870/2197] CTR_DRBG: improve the discussion of entropy length vs strength --- include/mbedtls/ctr_drbg.h | 33 ++++++++++++++++++++++++--------- 1 file changed, 24 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 1a9f5e80f..8d8882ac4 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -24,10 +24,6 @@ * and #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set to 24 or more (which is * always the case unless it is explicitly set to a different value * in `config.h`). - * - * \warning Using 128-bit keys for CTR_DRBG or using SHA-256 as the entropy - * compression function limits the security of generated - * keys and operations that use random values generated to 128-bit security. */ /* * Copyright (C) 2006-2019, Arm Limited (or its affiliates), All Rights Reserved @@ -278,11 +274,30 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * * \note For compliance with NIST SP 800-90A, the entropy length - * must be at least 1.5 times security strength, since - * the entropy source is used both as the entropy input - * and to provide the initial nonce: - * - 24 bytes if using AES-128; - * - 48 bytes if using AES-256. + * (\p len bytes = \p len * 8 bits) + * must be at least the security strength. + * Furthermore, if the entropy input is used to provide + * the nonce, the entropy length must be 1.5 times + * the security strength. + * Per NIST SP 800-57A table 2, the achievable security + * strength is 128 bits if using AES-128 and + * 256 bits if using AES-256. + * Therefore, to provide full security, + * the entropy input must be at least: + * - 24 bytes if using AES-128 and the \p custom + * argument to mbedtls_ctr_drbg_seed() may repeat + * (for example because it is empty, or more generally + * constant); + * - 48 bytes if using AES-256 and the \p custom + * argument to mbedtls_ctr_drbg_seed() may repeat + * (for example because it is empty, or more generally + * constant); + * - 16 bytes if using AES-128 and the \p custom + * argument to mbedtls_ctr_drbg_seed() includes + * a nonce; + * - 32 bytes if using AES-256 and the \p custom + * argument to mbedtls_ctr_drbg_seed() includes + * a nonce. * * \param ctx The CTR_DRBG context. * \param len The amount of entropy to grab, in bytes. From ec51dd12faf797849196a8e3c9fe9326baa0d6fc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 30 Sep 2019 15:01:02 +0200 Subject: [PATCH 1871/2197] More CTR_DRBG documentation improvements and clarifications --- include/mbedtls/ctr_drbg.h | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 8d8882ac4..ec9baa746 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -1,7 +1,8 @@ /** * \file ctr_drbg.h * - * \brief This file contains CTR_DRBG definitions and functions. + * \brief This file contains definitions and functions for the + * CTR_DRBG pseudorandom generator. * * CTR_DRBG is a standardized way of building a PRNG from a block-cipher * in counter mode operation, as defined in NIST SP 800-90A: @@ -200,6 +201,9 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * with mbedtls_entropy_init() (which registers the platform's default * entropy sources). * + * \p f_entropy is always called with a buffer size equal to the entropy + * length described in the documentation of mbedtls_ctr_drbg_set_entropy_len(). + * * Personalization data can be provided in addition to the more generic * entropy source, to make this instantiation as unique as possible. * @@ -227,7 +231,7 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the * length of the buffer. - * \param p_entropy The entropy context. + * \param p_entropy The entropy context to pass to \p f_entropy. * \param custom Personalization data, that is device-specific * identifiers. This can be NULL, in which case the * personalization data is empty regardless of the value @@ -258,7 +262,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); * The default value is off. * * \note If enabled, entropy is gathered at the beginning of - * every call to mbedtls_ctr_drbg_random_with_add(). + * every call to mbedtls_ctr_drbg_random_with_add() + * or mbedtls_ctr_drbg_random(). * Only use this if your entropy source has sufficient * throughput. * @@ -270,8 +275,9 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, /** * \brief This function sets the amount of entropy grabbed on each - * seed or reseed. The default value is - * #MBEDTLS_CTR_DRBG_ENTROPY_LEN. + * seed or reseed. + * + * The default value is #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * * \note For compliance with NIST SP 800-90A, the entropy length * (\p len bytes = \p len * 8 bits) @@ -308,7 +314,12 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, /** * \brief This function sets the reseed interval. - * The default value is #MBEDTLS_CTR_DRBG_RESEED_INTERVAL. + * + * The reseed interval is the number of calls to mbedtls_ctr_drbg_random() + * or mbedtls_ctr_drbg_random_with_add() after which the entropy function + * is called again. + * + * The default value is #MBEDTLS_CTR_DRBG_RESEED_INTERVAL. * * \param ctx The CTR_DRBG context. * \param interval The reseed interval. @@ -362,7 +373,7 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * \param p_rng The CTR_DRBG context. This must be a pointer to a * #mbedtls_ctr_drbg_context structure. * \param output The buffer to fill. - * \param output_len The length of the buffer. + * \param output_len The length of the buffer in bytes. * \param additional Additional data to update. Can be NULL, in which * case the additional data is empty regardless of * the value of \p add_len. @@ -437,7 +448,7 @@ MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error. - * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on + * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed * failure. */ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); @@ -451,8 +462,10 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char * * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error. - * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or - * #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG on failure. + * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on + * reseed failure. + * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing + * seed file is too large. */ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); #endif /* MBEDTLS_FS_IO */ From 74efcd2b717ed6a0a39b05240246c891cf042aa4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 30 Sep 2019 15:01:15 +0200 Subject: [PATCH 1872/2197] HMAC_DRBG documentation improvements clarifications Improve the formatting and writing of the documentation based on what had been done for CTR_DRBG. Document the maximum size and nullability of some buffer parameters. --- include/mbedtls/hmac_drbg.h | 258 ++++++++++++++++++++++-------------- 1 file changed, 158 insertions(+), 100 deletions(-) diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 46536a1f4..678e1654a 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -1,10 +1,14 @@ /** * \file hmac_drbg.h * - * \brief HMAC_DRBG (NIST SP 800-90A) + * \brief The HMAC_DRBG pseudorandom generator. + * + * This module implements the HMAC_DRBG pseudorandom generator described + * in NIST SP 800-90A: Recommendation for Random Number Generation Using + * Deterministic Random Bit Generators. */ /* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2019, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -104,38 +108,50 @@ typedef struct mbedtls_hmac_drbg_context } mbedtls_hmac_drbg_context; /** - * \brief HMAC_DRBG context initialization - * Makes the context ready for mbedtls_hmac_drbg_seed(), - * mbedtls_hmac_drbg_seed_buf() or - * mbedtls_hmac_drbg_free(). + * \brief HMAC_DRBG context initialization. * - * \param ctx HMAC_DRBG context to be initialized + * This function makes the context ready for mbedtls_hmac_drbg_seed(), + * mbedtls_hmac_drbg_seed_buf() or mbedtls_hmac_drbg_free(). + * + * \param ctx HMAC_DRBG context to be initialized. */ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); /** - * \brief HMAC_DRBG initial seeding - * Seed and setup entropy source for future reseeds. + * \brief HMAC_DRBG initial seeding. * - * \param ctx HMAC_DRBG context to be seeded - * \param md_info MD algorithm to use for HMAC_DRBG - * \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer - * length) - * \param p_entropy Entropy context - * \param custom Personalization data (Device specific identifiers) - * (Can be NULL) - * \param len Length of personalization data + * Set the initial seed and set up the entropy source for future reseeds. + * + * \param ctx HMAC_DRBG context to be seeded. + * \param md_info MD algorithm to use for HMAC_DRBG. + * \param f_entropy The entropy callback, taking as arguments the + * \p p_entropy context, the buffer to fill, and the + * length of the buffer. + * \param p_entropy The entropy context to pass to \p f_entropy. + * \param custom Personalization data, that is device-specific + * identifiers. This can be NULL, in which case the + * personalization data is empty regardless of the value + * of \p len. + * \param len The length of the personalization data. + * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT + * and also at most + * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2 + * where \p entropy_len is the entropy length + * (see mbedtls_hmac_drbg_set_entropy_len()). * * \note The "security strength" as defined by NIST is set to: - * 128 bits if md_alg is SHA-1, - * 192 bits if md_alg is SHA-224, - * 256 bits if md_alg is SHA-256 or higher. + * 128 bits if \p md_info is SHA-1, + * 192 bits if \p md_info is SHA-224, + * 256 bits if \p md_info is SHA-256, SHA-384 or SHA-512. * Note that SHA-256 is just as efficient as SHA-224. * - * \return 0 if successful, or - * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or - * MBEDTLS_ERR_MD_ALLOC_FAILED, or - * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED. + * \return 0 if successful. + * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is + * invalid. + * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough + * memory to allocate context data. + * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * if the call to \p f_entropy failed. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t * md_info, @@ -146,98 +162,131 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, /** * \brief Initilisation of simpified HMAC_DRBG (never reseeds). - * (For use with deterministic ECDSA.) * - * \param ctx HMAC_DRBG context to be initialised - * \param md_info MD algorithm to use for HMAC_DRBG - * \param data Concatenation of entropy string and additional data - * \param data_len Length of data in bytes + * This function is meant for use in algorithms that need a pseudorandom + * input such as deterministic ECDSA. * - * \return 0 if successful, or - * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or - * MBEDTLS_ERR_MD_ALLOC_FAILED. + * \param ctx HMAC_DRBG context to be initialised. + * \param md_info MD algorithm to use for HMAC_DRBG. + * \param data Concatenation of the initial entropy string and + * the additional data. + * \param data_len Length of \p data in bytes. + * + * \return 0 if successful. or + * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is + * invalid. + * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough + * memory to allocate context data. */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t * md_info, const unsigned char *data, size_t data_len ); /** - * \brief Enable / disable prediction resistance (Default: Off) + * \brief This function turns prediction resistance on or off. + * The default value is off. * - * Note: If enabled, entropy is used for ctx->entropy_len before each call! - * Only use this if you have ample supply of good entropy! + * \note If enabled, entropy is gathered at the beginning of + * every call to mbedtls_hmac_drbg_random_with_add() + * or mbedtls_hmac_drbg_random(). + * Only use this if your entropy source has sufficient + * throughput. * - * \param ctx HMAC_DRBG context - * \param resistance MBEDTLS_HMAC_DRBG_PR_ON or MBEDTLS_HMAC_DRBG_PR_OFF + * \param ctx The HMAC_DRBG context. + * \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF. */ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, int resistance ); /** - * \brief Set the amount of entropy grabbed on each reseed - * (Default: given by the security strength, which - * depends on the hash used, see \c mbedtls_hmac_drbg_init() ) + * \brief This function sets the amount of entropy grabbed on each + * seed or reseed. * - * \param ctx HMAC_DRBG context - * \param len Amount of entropy to grab, in bytes + * The default value is given by the security strength, which depends on the + * hash used. See mbedtls_hmac_drbg_init(). + * + * \param ctx The HMAC_DRBG context. + * \param len The amount of entropy to grab, in bytes. */ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len ); /** - * \brief Set the reseed interval - * (Default: MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) + * \brief Set the reseed interval. * - * \param ctx HMAC_DRBG context - * \param interval Reseed interval + * The reseed interval is the number of calls to mbedtls_hmac_drbg_random() + * or mbedtls_hmac_drbg_random_with_add() after which the entropy function + * is called again. + * + * The default value is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL. + * + * \param ctx The HMAC_DRBG context. + * \param interval The reseed interval. */ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval ); /** - * \brief HMAC_DRBG update state + * \brief This function updates the state of the HMAC_DRBG context. * - * \param ctx HMAC_DRBG context - * \param additional Additional data to update state with, or NULL - * \param add_len Length of additional data, or 0 + * \param ctx The HMAC_DRBG context. + * \param additional The data to update the state with. + * If this is \p NULL, there is no additional data. + * \param add_len Length of \p additional in bytes. + * Unused if \p additional is null. * * \return \c 0 on success, or an error from the underlying * hash calculation. - * - * \note Additional data is optional, pass NULL and 0 as second - * third argument if no additional data is being used. */ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ); /** - * \brief HMAC_DRBG reseeding (extracts data from entropy source) + * \brief This function reseeds the HMAC_DRBG context, that is + * extracts data from the entropy source. * - * \param ctx HMAC_DRBG context - * \param additional Additional data to add to state (Can be NULL) - * \param len Length of additional data + * \param ctx The HMAC_DRBG context. + * \param additional Additional data to add to the state. + * If this is \c NULL, there is no additional data + * and \p len should be \c 0. + * \param len The length of the additional data. + * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT + * and also at most + * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len + * where \p entropy_len is the entropy length + * (see mbedtls_hmac_drbg_set_entropy_len()). * - * \return 0 if successful, or - * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * \return 0 if successful. + * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * if a call to the entropy function failed. */ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len ); /** - * \brief HMAC_DRBG generate random with additional update input + * \brief This function updates an HMAC_DRBG instance with additional + * data and uses it to generate random data. * - * Note: Automatically reseeds if reseed_counter is reached or PR is enabled. + * \note The function automatically reseeds if the reseed counter is exceeded. * - * \param p_rng HMAC_DRBG context - * \param output Buffer to fill - * \param output_len Length of the buffer - * \param additional Additional data to update with (can be NULL) - * \param add_len Length of additional data (can be 0) + * \param p_rng The HMAC_DRBG context. This must be a pointer to a + * #mbedtls_hmac_drbg_context structure. + * \param output The buffer to fill. + * \param output_len The length of the buffer in bytes. + * This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST. + * \param additional Additional data to update with. + * If this is \p NULL, there is no additional data + * and \p add_len should be \c 0. + * \param add_len The length of the additional data. + * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT. * - * \return 0 if successful, or - * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or - * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or - * MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG. + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * if a call to the entropy source failed. + * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if + * \p output_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST. + * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if + * \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT. */ int mbedtls_hmac_drbg_random_with_add( void *p_rng, unsigned char *output, size_t output_len, @@ -245,24 +294,28 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, size_t add_len ); /** - * \brief HMAC_DRBG generate random + * \brief This function uses HMAC_DRBG to generate random data. * - * Note: Automatically reseeds if reseed_counter is reached or PR is enabled. + * \note The function automatically reseeds if the reseed counter is exceeded. * - * \param p_rng HMAC_DRBG context - * \param output Buffer to fill - * \param out_len Length of the buffer + * \param p_rng The HMAC_DRBG context. This must be a pointer to a + * #mbedtls_hmac_drbg_context structure. + * \param output The buffer to fill. + * \param out_len The length of the buffer in bytes. + * This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST. * - * \return 0 if successful, or - * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or - * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * if a call to the entropy source failed. + * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if + * \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST. */ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); /** * \brief Free an HMAC_DRBG context * - * \param ctx HMAC_DRBG context to free. + * \param ctx The HMAC_DRBG context to free. */ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); @@ -273,17 +326,16 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); #define MBEDTLS_DEPRECATED #endif /** - * \brief HMAC_DRBG update state + * \brief This function updates the state of the HMAC_DRBG context. * * \deprecated Superseded by mbedtls_hmac_drbg_update_ret() * in 2.16.0. * - * \param ctx HMAC_DRBG context - * \param additional Additional data to update state with, or NULL - * \param add_len Length of additional data, or 0 - * - * \note Additional data is optional, pass NULL and 0 as second - * third argument if no additional data is being used. + * \param ctx The HMAC_DRBG context. + * \param additional The data to update the state with. + * If this is \p NULL, there is no additional data. + * \param add_len Length of \p additional in bytes. + * Unused if \p additional is null. */ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, @@ -293,26 +345,31 @@ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( #if defined(MBEDTLS_FS_IO) /** - * \brief Write a seed file + * \brief This function writes a seed file. * - * \param ctx HMAC_DRBG context - * \param path Name of the file + * \param ctx The HMAC_DRBG context. + * \param path The name of the file. * - * \return 0 if successful, 1 on file error, or - * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * \return \c 0 on success. + * \return #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error. + * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed + * failure. */ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); /** - * \brief Read and update a seed file. Seed is added to this - * instance + * \brief This function reads and updates a seed file. The seed + * is added to this instance. * - * \param ctx HMAC_DRBG context - * \param path Name of the file + * \param ctx The HMAC_DRBG context. + * \param path The name of the file. * - * \return 0 if successful, 1 on file error, - * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or - * MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG + * \return \c 0 on success. + * \return #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error. + * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on + * reseed failure. + * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing + * seed file is too large. */ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); #endif /* MBEDTLS_FS_IO */ @@ -320,9 +377,10 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch #if defined(MBEDTLS_SELF_TEST) /** - * \brief Checkup routine + * \brief The HMAC_DRBG Checkup routine. * - * \return 0 if successful, or 1 if the test failed + * \return \c 0 if successful. + * \return \c 1 if the test failed. */ int mbedtls_hmac_drbg_self_test( int verbose ); #endif From 3457b5e05e5f03588e7be604bcb0548379a7b8cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 30 Sep 2019 15:20:52 +0200 Subject: [PATCH 1873/2197] HMAC_DRBG: improve the documentation of the entropy length --- include/mbedtls/hmac_drbg.h | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 678e1654a..547008db1 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -122,6 +122,32 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * * Set the initial seed and set up the entropy source for future reseeds. * + * A typical choice for the \p f_entropy and \p p_entropy parameters is + * to use the entropy module: + * - \p f_entropy is mbedtls_entropy_func(); + * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized + * with mbedtls_entropy_init() (which registers the platform's default + * entropy sources). + * + * \note By default, the security strength as defined by NIST is: + * - 128 bits if \p md_info is SHA-1; + * - 192 bits if \p md_info is SHA-224; + * - 256 bits if \p md_info is SHA-256, SHA-384 or SHA-512. + * Note that SHA-256 is just as efficient as SHA-224. + * The security strength can be reduced if a smaller + * entropy length is set with + * mbedtls_hmac_drbg_set_entropy_len(). + * + * \note The default entropy length is the security strength + * (converted from bits to bytes). You can override + * it mbedtls_hmac_drbg_set_entropy_len(). + * \p f_entropy is always called with a length that is + * less than or equal to the entropy length. + * + * \note During the initial seeding, this function calls + * the entropy source to obtain a nonce + * whose length is half the entropy length. + * * \param ctx HMAC_DRBG context to be seeded. * \param md_info MD algorithm to use for HMAC_DRBG. * \param f_entropy The entropy callback, taking as arguments the @@ -137,13 +163,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * and also at most * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2 * where \p entropy_len is the entropy length - * (see mbedtls_hmac_drbg_set_entropy_len()). - * - * \note The "security strength" as defined by NIST is set to: - * 128 bits if \p md_info is SHA-1, - * 192 bits if \p md_info is SHA-224, - * 256 bits if \p md_info is SHA-256, SHA-384 or SHA-512. - * Note that SHA-256 is just as efficient as SHA-224. + * described above. * * \return 0 if successful. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is @@ -203,7 +223,7 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx * seed or reseed. * * The default value is given by the security strength, which depends on the - * hash used. See mbedtls_hmac_drbg_init(). + * hash used. See the documentation of mbedtls_hmac_drbg_seed() for details. * * \param ctx The HMAC_DRBG context. * \param len The amount of entropy to grab, in bytes. From 10f16ac74a5cf29e132831b42c8219a49cb9751c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 18:30:02 +0200 Subject: [PATCH 1874/2197] Consistently use \c NULL and \c 0 --- include/mbedtls/ctr_drbg.h | 10 +++++----- include/mbedtls/hmac_drbg.h | 18 +++++++++--------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index ec9baa746..50d3a30fc 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -233,7 +233,7 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * length of the buffer. * \param p_entropy The entropy context to pass to \p f_entropy. * \param custom Personalization data, that is device-specific - * identifiers. This can be NULL, in which case the + * identifiers. This can be \c NULL, in which case the * personalization data is empty regardless of the value * of \p len. * \param len The length of the personalization data. @@ -332,7 +332,7 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, * extracts data from the entropy source. * * \param ctx The CTR_DRBG context. - * \param additional Additional data to add to the state. Can be NULL. + * \param additional Additional data to add to the state. Can be \c NULL. * \param len The length of the additional data. * This must be less than * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - \c entropy_len @@ -350,7 +350,7 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * * \param ctx The CTR_DRBG context. * \param additional The data to update the state with. This must not be - * null unless \p add_len is 0. + * \c NULL unless \p add_len is \c 0. * \param add_len Length of \p additional in bytes. This must be at * most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * @@ -374,11 +374,11 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * #mbedtls_ctr_drbg_context structure. * \param output The buffer to fill. * \param output_len The length of the buffer in bytes. - * \param additional Additional data to update. Can be NULL, in which + * \param additional Additional data to update. Can be \c NULL, in which * case the additional data is empty regardless of * the value of \p add_len. * \param add_len The length of the additional data - * if \p additional is non-null. + * if \p additional is not \c NULL. * This must be less than #MBEDTLS_CTR_DRBG_MAX_INPUT * and less than * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - \c entropy_len diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 547008db1..241058bb7 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -155,7 +155,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * length of the buffer. * \param p_entropy The entropy context to pass to \p f_entropy. * \param custom Personalization data, that is device-specific - * identifiers. This can be NULL, in which case the + * identifiers. This can be \c NULL, in which case the * personalization data is empty regardless of the value * of \p len. * \param len The length of the personalization data. @@ -165,7 +165,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * where \p entropy_len is the entropy length * described above. * - * \return 0 if successful. + * \return \c 0 if successful. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is * invalid. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough @@ -192,7 +192,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * the additional data. * \param data_len Length of \p data in bytes. * - * \return 0 if successful. or + * \return \c 0 if successful. or * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is * invalid. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough @@ -251,9 +251,9 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, * * \param ctx The HMAC_DRBG context. * \param additional The data to update the state with. - * If this is \p NULL, there is no additional data. + * If this is \c NULL, there is no additional data. * \param add_len Length of \p additional in bytes. - * Unused if \p additional is null. + * Unused if \p additional is \c NULL. * * \return \c 0 on success, or an error from the underlying * hash calculation. @@ -276,7 +276,7 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, * where \p entropy_len is the entropy length * (see mbedtls_hmac_drbg_set_entropy_len()). * - * \return 0 if successful. + * \return \c 0 if successful. * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * if a call to the entropy function failed. */ @@ -295,7 +295,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * \param output_len The length of the buffer in bytes. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST. * \param additional Additional data to update with. - * If this is \p NULL, there is no additional data + * If this is \c NULL, there is no additional data * and \p add_len should be \c 0. * \param add_len The length of the additional data. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT. @@ -353,9 +353,9 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); * * \param ctx The HMAC_DRBG context. * \param additional The data to update the state with. - * If this is \p NULL, there is no additional data. + * If this is \c NULL, there is no additional data. * \param add_len Length of \p additional in bytes. - * Unused if \p additional is null. + * Unused if \p additional is \c NULL. */ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, From 2d8f069472f9df09065716925711e11358ea625b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 18:31:28 +0200 Subject: [PATCH 1875/2197] Do note that xxx_drbg_random functions reseed with PR enabled --- include/mbedtls/ctr_drbg.h | 7 +++++-- include/mbedtls/hmac_drbg.h | 6 ++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 50d3a30fc..a8294f8cc 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -368,7 +368,8 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * \brief This function updates a CTR_DRBG instance with additional * data and uses it to generate random data. * - * \note The function automatically reseeds if the reseed counter is exceeded. + * This function automatically reseeds if the reseed counter is exceeded + * or prediction resistance is enabled. * * \param p_rng The CTR_DRBG context. This must be a pointer to a * #mbedtls_ctr_drbg_context structure. @@ -396,7 +397,9 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, /** * \brief This function uses CTR_DRBG to generate random data. * - * \note The function automatically reseeds if the reseed counter is exceeded. + * This function automatically reseeds if the reseed counter is exceeded + * or prediction resistance is enabled. + * * * \param p_rng The CTR_DRBG context. This must be a pointer to a * #mbedtls_ctr_drbg_context structure. diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 241058bb7..12f863fed 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -287,7 +287,8 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * \brief This function updates an HMAC_DRBG instance with additional * data and uses it to generate random data. * - * \note The function automatically reseeds if the reseed counter is exceeded. + * This function automatically reseeds if the reseed counter is exceeded + * or prediction resistance is enabled. * * \param p_rng The HMAC_DRBG context. This must be a pointer to a * #mbedtls_hmac_drbg_context structure. @@ -316,7 +317,8 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, /** * \brief This function uses HMAC_DRBG to generate random data. * - * \note The function automatically reseeds if the reseed counter is exceeded. + * This function automatically reseeds if the reseed counter is exceeded + * or prediction resistance is enabled. * * \param p_rng The HMAC_DRBG context. This must be a pointer to a * #mbedtls_hmac_drbg_context structure. From 217b8159da89ee63bcffb4f4e9a7d5925a48afc3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 18:39:45 +0200 Subject: [PATCH 1876/2197] Use standard terminology to describe the personalization string NIST and many other sources call it a "personalization string", and certainly not "device-specific identifiers" which is actually somewhat misleading since this is just one of many things that might go into a personalization string. --- include/mbedtls/ctr_drbg.h | 11 +++++------ include/mbedtls/hmac_drbg.h | 12 +++++++----- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index a8294f8cc..a31ec88aa 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -204,7 +204,7 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \p f_entropy is always called with a buffer size equal to the entropy * length described in the documentation of mbedtls_ctr_drbg_set_entropy_len(). * - * Personalization data can be provided in addition to the more generic + * You can provide a personalization string in addition to the * entropy source, to make this instantiation as unique as possible. * * \note The _seed_material_ value passed to the derivation @@ -232,11 +232,10 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \p p_entropy context, the buffer to fill, and the * length of the buffer. * \param p_entropy The entropy context to pass to \p f_entropy. - * \param custom Personalization data, that is device-specific - * identifiers. This can be \c NULL, in which case the - * personalization data is empty regardless of the value - * of \p len. - * \param len The length of the personalization data. + * \param custom The personalization string. + * This can be \c NULL, in which case the personalization + * string is empty regardless of the value of \p len. + * \param len The length of the personalization string. * This must be at most * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT * - #MBEDTLS_CTR_DRBG_ENTROPY_LEN. diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 12f863fed..496baa08d 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -129,6 +129,9 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * with mbedtls_entropy_init() (which registers the platform's default * entropy sources). * + * You can provide a personalization string in addition to the + * entropy source, to make this instantiation as unique as possible. + * * \note By default, the security strength as defined by NIST is: * - 128 bits if \p md_info is SHA-1; * - 192 bits if \p md_info is SHA-224; @@ -154,11 +157,10 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * \p p_entropy context, the buffer to fill, and the * length of the buffer. * \param p_entropy The entropy context to pass to \p f_entropy. - * \param custom Personalization data, that is device-specific - * identifiers. This can be \c NULL, in which case the - * personalization data is empty regardless of the value - * of \p len. - * \param len The length of the personalization data. + * \param custom The personalization string. + * This can be \c NULL, in which case the personalization + * string is empty regardless of the value of \p len. + * \param len The length of the personalization string. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * and also at most * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2 From 5d9fd079388b206e6f484b728efae7420d102ee0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 18:41:12 +0200 Subject: [PATCH 1877/2197] HMAC_DRBG: note that the initial seeding grabs entropy for the nonce --- include/mbedtls/hmac_drbg.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 496baa08d..e39f9f0f0 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -224,6 +224,9 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx * \brief This function sets the amount of entropy grabbed on each * seed or reseed. * + * During the initial seeding, mbedtls_hmac_drbg_seed() additionally grabs + * half this amount to create the nonce. + * * The default value is given by the security strength, which depends on the * hash used. See the documentation of mbedtls_hmac_drbg_seed() for details. * From 017778e9d80cce9ec3d14b22102ec24951868fb2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Oct 2019 18:23:38 +0200 Subject: [PATCH 1878/2197] CTR_DRBG: make it easier to understand the security strength Explain how MBEDTLS_CTR_DRBG_ENTROPY_LEN is set next to the security strength statement, rather than giving a partial explanation (current setting only) in the documentation of MBEDTLS_CTR_DRBG_ENTROPY_LEN. --- include/mbedtls/ctr_drbg.h | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index a31ec88aa..671b2f856 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -25,6 +25,13 @@ * and #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set to 24 or more (which is * always the case unless it is explicitly set to a different value * in `config.h`). + * + * Note that the value of #MBEDTLS_CTR_DRBG_ENTROPY_LEN defaults to: + * - \c 48 if the module #MBEDTLS_SHA512_C is enabled and the symbol + * #MBEDTLS_ENTROPY_FORCE_SHA256 is not enabled at compile time. + * This is the default configuration of the library. + * - \c 32 if the module #MBEDTLS_SHA512_C is disabled at compile time. + * - \c 32 if #MBEDTLS_ENTROPY_FORCE_SHA256 is enabled at compile time. */ /* * Copyright (C) 2006-2019, Arm Limited (or its affiliates), All Rights Reserved @@ -100,7 +107,7 @@ /** The amount of entropy used per seed by default. * * This is 48 bytes because the entropy module uses SHA-512 - * (`MBEDTLS_ENTROPY_FORCE_SHA256` is not set). + * #MBEDTLS_ENTROPY_FORCE_SHA256 is not set). * * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are * acceptable. @@ -110,7 +117,7 @@ /** The amount of entropy used per seed by default. * * This is 32 bytes because the entropy module uses SHA-256 - * (the SHA-512 module is disabled or `MBEDTLS_ENTROPY_FORCE_SHA256` is set). + * (the SHA512 module is disabled or #MBEDTLS_ENTROPY_FORCE_SHA256 is set). * * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are * acceptable. From 2884ba372090696e5c66788dd826c5f50154c8d0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Oct 2019 19:01:31 +0200 Subject: [PATCH 1879/2197] CTR_DRBG: Improve the explanation of security strength Separate the cases that achieve a 128-bit strength and the cases that achieve a 256-bit strength. --- include/mbedtls/ctr_drbg.h | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 671b2f856..5d8ae3228 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -294,22 +294,24 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * Per NIST SP 800-57A table 2, the achievable security * strength is 128 bits if using AES-128 and * 256 bits if using AES-256. - * Therefore, to provide full security, + * + * To achieve 256-bit security, + * you must use AES-256 and * the entropy input must be at least: - * - 24 bytes if using AES-128 and the \p custom - * argument to mbedtls_ctr_drbg_seed() may repeat - * (for example because it is empty, or more generally - * constant); - * - 48 bytes if using AES-256 and the \p custom - * argument to mbedtls_ctr_drbg_seed() may repeat - * (for example because it is empty, or more generally - * constant); - * - 16 bytes if using AES-128 and the \p custom - * argument to mbedtls_ctr_drbg_seed() includes - * a nonce; - * - 32 bytes if using AES-256 and the \p custom - * argument to mbedtls_ctr_drbg_seed() includes - * a nonce. + * - 48 bytes if the \p custom argument to + * mbedtls_ctr_drbg_seed() may repeat (for example + * because it is empty, or more generally constant); + * - 32 bytes if the \p custom argument to + * mbedtls_ctr_drbg_seed() includes a nonce. + * + * To achieve 128-bit security, + * whether AES-128 or AES-256 is used, + * the entropy input must be at least: + * - 24 bytes if the \p custom argument to + * mbedtls_ctr_drbg_seed() may repeat (for example + * because it is empty, or more generally constant); + * - 16 bytes if the \p custom argument to + * mbedtls_ctr_drbg_seed() includes a nonce. * * \param ctx The CTR_DRBG context. * \param len The amount of entropy to grab, in bytes. From d0c64c856dcd006b3488cdf0efec40435fcfba9a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Oct 2019 14:20:46 +0200 Subject: [PATCH 1880/2197] CTR_DRBG: more consistent formatting and wording In particular, don't use #MBEDTLS_xxx on macros that are undefined in some configurations, since this would be typeset with a literal '#'. --- include/mbedtls/ctr_drbg.h | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 5d8ae3228..1106ac873 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -12,26 +12,26 @@ * The Mbed TLS implementation of CTR_DRBG uses AES-256 (default) or AES-128 * as the underlying block cipher, with a derivation function. The security * strength is: + * (if \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled at compile time) * - 256 bits under the default configuration of the library, with AES-256 - * (`MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` not set) and - * with #MBEDTLS_CTR_DRBG_ENTROPY_LEN set to 48 or more. + * and with #MBEDTLS_CTR_DRBG_ENTROPY_LEN set to 48 or more. * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set * to 32 or more, and the DRBG is initialized with an explicit * nonce in the \c custom parameter to mbedtls_ctr_drbg_seed(). * - 128 bits if AES-256 is used but #MBEDTLS_CTR_DRBG_ENTROPY_LEN is * between 24 and 47 and the DRBG is not initialized with an explicit * nonce (see mbedtls_ctr_drbg_seed()). - * - 128 bits if AES-128 is used (`MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` set) + * - 128 bits if AES-128 is used (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) * and #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set to 24 or more (which is * always the case unless it is explicitly set to a different value - * in `config.h`). + * in config.h). * * Note that the value of #MBEDTLS_CTR_DRBG_ENTROPY_LEN defaults to: - * - \c 48 if the module #MBEDTLS_SHA512_C is enabled and the symbol - * #MBEDTLS_ENTROPY_FORCE_SHA256 is not enabled at compile time. + * - \c 48 if the module \c MBEDTLS_SHA512_C is enabled and the symbol + * \c MBEDTLS_ENTROPY_FORCE_SHA256 is disabled at compile time. * This is the default configuration of the library. - * - \c 32 if the module #MBEDTLS_SHA512_C is disabled at compile time. - * - \c 32 if #MBEDTLS_ENTROPY_FORCE_SHA256 is enabled at compile time. + * - \c 32 if the module \c MBEDTLS_SHA512_C is disabled at compile time. + * - \c 32 if \c MBEDTLS_ENTROPY_FORCE_SHA256 is enabled at compile time. */ /* * Copyright (C) 2006-2019, Arm Limited (or its affiliates), All Rights Reserved @@ -79,14 +79,14 @@ /**< The key size in bytes used by the cipher. * * Compile-time choice: 16 bytes (128 bits) - * because #MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is set. + * because #MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled. */ #else #define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< The key size in bytes used by the cipher. * * Compile-time choice: 32 bytes (256 bits) - * because `MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` is not set. + * because \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is disabled. */ #endif @@ -107,7 +107,7 @@ /** The amount of entropy used per seed by default. * * This is 48 bytes because the entropy module uses SHA-512 - * #MBEDTLS_ENTROPY_FORCE_SHA256 is not set). + * (\c MBEDTLS_ENTROPY_FORCE_SHA256 is disabled). * * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are * acceptable. @@ -117,7 +117,7 @@ /** The amount of entropy used per seed by default. * * This is 32 bytes because the entropy module uses SHA-256 - * (the SHA512 module is disabled or #MBEDTLS_ENTROPY_FORCE_SHA256 is set). + * (the SHA512 module is disabled or #MBEDTLS_ENTROPY_FORCE_SHA256 is enabled). * * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are * acceptable. From 1540e5bd04e463e83870f88e8531582fbfd4575d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Oct 2019 14:21:14 +0200 Subject: [PATCH 1881/2197] Move MBEDTLS_CTR_DRBG_USE_128_BIT_KEY to the correct section It's an on/off feature, so it should be listed in version_features. --- include/mbedtls/config.h | 10 ++++++++-- library/version_features.c | 3 +++ programs/test/query_config.c | 16 ++++++++-------- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index e14fc74d7..4974f4774 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -671,6 +671,13 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS +/** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + * + * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. + * By default, CTR_DRBG uses a 256-bit key. + */ +//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -1295,7 +1302,7 @@ * * Enable the CTR_DRBG AES-based random generator. * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. + * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. * * Module: library/ctr_drbg.c * Caller: @@ -1971,7 +1978,6 @@ //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ -//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ /* HMAC_DRBG options */ //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ diff --git a/library/version_features.c b/library/version_features.c index 5404d79f0..a91723fcf 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -300,6 +300,9 @@ static const char * const features[] = { #if defined(MBEDTLS_CIPHER_PADDING_ZEROS) "MBEDTLS_CIPHER_PADDING_ZEROS", #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) + "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", +#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) "MBEDTLS_ECP_DP_SECP192R1_ENABLED", #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index da3dfb080..1832b2c88 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -828,6 +828,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) + if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ); + return( 0 ); + } +#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ + #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) { @@ -1676,14 +1684,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */ -#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) - if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ - #if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 ) { From 7e27936767c1b018057c83f72246edeabe888fba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Oct 2019 14:21:39 +0200 Subject: [PATCH 1882/2197] Add a note about CTR_DRBG security strength to config.h --- include/mbedtls/config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 4974f4774..a4db6ba49 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1304,6 +1304,10 @@ * The CTR_DRBG generator uses AES-256 by default. * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. * + * \note To achieve a 256-bit security strength with CTR_DRBG, + * you must use AES-256 *and* use sufficient entropy. + * See ctr_drbg.h for more details. + * * Module: library/ctr_drbg.c * Caller: * From dc2db4832dcb4aad1fb95ab3b12db37879080969 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 20 Sep 2019 21:06:01 +0200 Subject: [PATCH 1883/2197] Fix typos in documentation --- include/mbedtls/asn1.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 92f3bcbdd..1a7611168 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -182,7 +182,7 @@ mbedtls_asn1_named_data; * after the length, i.e. the first byte of the content. * On error, the value of \c *p is undefined. * \param end End of data. - * \param len On successful completion, \c *len contains the lengtth + * \param len On successful completion, \c *len contains the length * read from the ASN.1 input. * * \return 0 if successful. @@ -204,7 +204,7 @@ int mbedtls_asn1_get_len( unsigned char **p, * after the length, i.e. the first byte of the content. * On error, the value of \c *p is undefined. * \param end End of data. - * \param len On successful completion, \c *len contains the lengtth + * \param len On successful completion, \c *len contains the length * read from the ASN.1 input. * \param tag The expected tag. * @@ -304,8 +304,8 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, size_t *len ); /** - * \brief Parses and splits an ASN.1 "SEQUENCE OF " - * Updated the pointer to immediately behind the full sequence tag. + * \brief Parses and splits an ASN.1 "SEQUENCE OF ". + * Updates the pointer to immediately behind the full sequence tag. * * \note On error, this function may return a partial list in \p cur. * You must set `cur->next = NULL` before calling this function! From 88f136f98b14144e86212ec5ebc994d71ceaee67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 20 Sep 2019 21:06:27 +0200 Subject: [PATCH 1884/2197] Fix free_named_data_list tests Fix copypasta in test data and fix a switcho in test code. --- tests/suites/test_suite_asn1parse.data | 4 ++-- tests/suites/test_suite_asn1parse.function | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index 83319e3e5..c5d9136b7 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -432,7 +432,7 @@ Free named data list (empty) free_named_data_list:0 Free named data list (1) -free_named_data_list:0 +free_named_data_list:1 Free named data list (2) -free_named_data_list:0 +free_named_data_list:2 diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index f5ecd5515..3bfb1c703 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -547,7 +547,7 @@ void free_named_data_list( int length ) { mbedtls_asn1_named_data *new = NULL; ASSERT_ALLOC( new, sizeof( mbedtls_asn1_named_data ) ); - head->next = new; + new->next = head; head = new; } From dddda81fbc874846eda78cecf7f0806642145bba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Oct 2019 14:22:04 +0200 Subject: [PATCH 1885/2197] mbedtls_ctr_drbg_set_entropy_len() only matters when reseeding The documentation of CTR_DRBG erroneously claimed that mbedtls_ctr_drbg_set_entropy_len() had an impact on the initial seeding. This is in fact not the case: mbedtls_ctr_drbg_seed() forces the initial seeding to grab MBEDTLS_CTR_DRBG_ENTROPY_LEN bytes of entropy. Fix the documentation and rewrite the discussion of the entropy length and the security strength accordingly. --- include/mbedtls/ctr_drbg.h | 106 ++++++++++++++++++++----------------- 1 file changed, 56 insertions(+), 50 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 1106ac873..2db402133 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -10,9 +10,13 @@ * Bit Generators. * * The Mbed TLS implementation of CTR_DRBG uses AES-256 (default) or AES-128 - * as the underlying block cipher, with a derivation function. The security - * strength is: * (if \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled at compile time) + * as the underlying block cipher, with a derivation function. + * The initial seeding grabs #MBEDTLS_CTR_DRBG_ENTROPY_LEN bytes of entropy. + * See the documentation of mbedtls_ctr_drbg_seed() for more details. + * + * Based on NIST SP 800-90A §10.2.1 table 3 and NIST SP 800-57 part 1 table 2, + * here are the security strengths achieved in typical configuration: * - 256 bits under the default configuration of the library, with AES-256 * and with #MBEDTLS_CTR_DRBG_ENTROPY_LEN set to 48 or more. * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set @@ -102,29 +106,31 @@ * \{ */ +/** \def MBEDTLS_CTR_DRBG_ENTROPY_LEN + * + * \brief The amount of entropy used per seed by default, in bytes. + */ #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) -/** The amount of entropy used per seed by default. - * - * This is 48 bytes because the entropy module uses SHA-512 +/** This is 48 bytes because the entropy module uses SHA-512 * (\c MBEDTLS_ENTROPY_FORCE_SHA256 is disabled). - * - * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are - * acceptable. */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 -#else -/** The amount of entropy used per seed by default. - * - * This is 32 bytes because the entropy module uses SHA-256 - * (the SHA512 module is disabled or #MBEDTLS_ENTROPY_FORCE_SHA256 is enabled). - * - * \note See mbedtls_ctr_drbg_set_entropy_len() regarding what values are - * acceptable. + +#else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */ + +/** This is 32 bytes because the entropy module uses SHA-256 + * (the SHA512 module is disabled or + * \c MBEDTLS_ENTROPY_FORCE_SHA256 is enabled). */ +#if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) +/** \warning To achieve a 256-bit security strength, you must pass a nonce + * to mbedtls_ctr_drbg_seed(). + */ +#endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 -#endif -#endif +#endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */ +#endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */ #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 @@ -209,7 +215,10 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * entropy sources). * * \p f_entropy is always called with a buffer size equal to the entropy - * length described in the documentation of mbedtls_ctr_drbg_set_entropy_len(). + * length. The entropy length is initially #MBEDTLS_CTR_DRBG_ENTROPY_LEN + * and this value is always used for the initial seeding. You can change + * the entropy length for subsequent seeding by calling + * mbedtls_ctr_drbg_set_entropy_len() after this function. * * You can provide a personalization string in addition to the * entropy source, to make this instantiation as unique as possible. @@ -221,9 +230,6 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * calling \p f_entropy and the \p custom string. * The origin of the nonce depends on the value of * the entropy length relative to the security strength. - * See the documentation of - * mbedtls_ctr_drbg_set_entropy_len() for information - * about the entropy length. * - If the entropy length is at least 1.5 times the * security strength then the nonce is taken from the * string obtained with \p f_entropy. @@ -233,7 +239,18 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * you must pass a unique value of \p custom at * each invocation. See SP 800-90A §8.6.7 for more * details. - * + */ +#if MBEDTLS_CTR_DRBG_ENTROPY_LEN < MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 +/** \warning When #MBEDTLS_CTR_DRBG_ENTROPY_LEN is less than + * #MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2, to achieve the + * maximum security strength permitted by CTR_DRBG, + * you must pass a value of \p custom that is a nonce: + * this value must never be repeated in subsequent + * runs of the same application or on a different + * device. + */ +#endif +/** * \param ctx The CTR_DRBG context to seed. * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the @@ -281,37 +298,26 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, /** * \brief This function sets the amount of entropy grabbed on each - * seed or reseed. + * subsequent reseed. * * The default value is #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * - * \note For compliance with NIST SP 800-90A, the entropy length - * (\p len bytes = \p len * 8 bits) - * must be at least the security strength. - * Furthermore, if the entropy input is used to provide - * the nonce, the entropy length must be 1.5 times - * the security strength. - * Per NIST SP 800-57A table 2, the achievable security - * strength is 128 bits if using AES-128 and - * 256 bits if using AES-256. + * \note mbedtls_ctr_drbg_seed() always sets the entropy length + * to #MBEDTLS_CTR_DRBG_ENTROPY_LEN, so this function + * only has an effect when it is called after + * mbedtls_ctr_drbg_seed(). * - * To achieve 256-bit security, - * you must use AES-256 and - * the entropy input must be at least: - * - 48 bytes if the \p custom argument to - * mbedtls_ctr_drbg_seed() may repeat (for example - * because it is empty, or more generally constant); - * - 32 bytes if the \p custom argument to - * mbedtls_ctr_drbg_seed() includes a nonce. - * - * To achieve 128-bit security, - * whether AES-128 or AES-256 is used, - * the entropy input must be at least: - * - 24 bytes if the \p custom argument to - * mbedtls_ctr_drbg_seed() may repeat (for example - * because it is empty, or more generally constant); - * - 16 bytes if the \p custom argument to - * mbedtls_ctr_drbg_seed() includes a nonce. + * \note The security strength of CTR_DRBG is bounded by the + * entropy length. Thus: + * - When using AES-256 + * (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is disabled, + * which is the default), + * \p len must be at least 32 (in bytes) + * to achieve a 256-bit strength. + * - When using AES-128 + * (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled) + * \p len must be at least 16 (in bytes) + * to achieve a 128-bit strength. * * \param ctx The CTR_DRBG context. * \param len The amount of entropy to grab, in bytes. From 77d44573cb2439f8054d91a4a10aef43abd07aae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Oct 2019 11:52:22 +0200 Subject: [PATCH 1886/2197] mbedtls_hmac_drbg_set_entropy_len() only matters when reseeding The documentation of HMAC_DRBG erroneously claimed that mbedtls_hmac_drbg_set_entropy_len() had an impact on the initial seeding. This is in fact not the case: mbedtls_hmac_drbg_seed() forces the entropy length to its chosen value. Fix the documentation. --- include/mbedtls/hmac_drbg.h | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index e39f9f0f0..519d692fb 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -139,13 +139,13 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * Note that SHA-256 is just as efficient as SHA-224. * The security strength can be reduced if a smaller * entropy length is set with - * mbedtls_hmac_drbg_set_entropy_len(). + * mbedtls_hmac_drbg_set_entropy_len() afterwards. * - * \note The default entropy length is the security strength - * (converted from bits to bytes). You can override - * it mbedtls_hmac_drbg_set_entropy_len(). - * \p f_entropy is always called with a length that is - * less than or equal to the entropy length. + * \note The entropy length for the initial seeding is + * the security strength (converted from bits to bytes). + * You can set a different entropy length for subsequent + * seeding by calling mbedtls_hmac_drbg_set_entropy_len() + * after this function. * * \note During the initial seeding, this function calls * the entropy source to obtain a nonce @@ -156,6 +156,8 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the * length of the buffer. + * \p f_entropy is always called with a length that is + * less than or equal to the entropy length. * \param p_entropy The entropy context to pass to \p f_entropy. * \param custom The personalization string. * This can be \c NULL, in which case the personalization @@ -222,13 +224,14 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx /** * \brief This function sets the amount of entropy grabbed on each - * seed or reseed. + * reseed. * - * During the initial seeding, mbedtls_hmac_drbg_seed() additionally grabs - * half this amount to create the nonce. + * The default value is set by mbedtls_hmac_drbg_seed(). * - * The default value is given by the security strength, which depends on the - * hash used. See the documentation of mbedtls_hmac_drbg_seed() for details. + * \note mbedtls_hmac_drbg_seed() always sets the entropy length + * to the default value based on the chosen MD algorithm, + * so this function only has an effect if it is called + * after mbedtls_hmac_drbg_seed(). * * \param ctx The HMAC_DRBG context. * \param len The amount of entropy to grab, in bytes. From e249c0e6b3cc983a549a0938901cbcbbb280350f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 15:57:50 +0200 Subject: [PATCH 1887/2197] config.pl full: exclude MBEDTLS_CTR_DRBG_USE_128_BIT_KEY This is a variant toggle, not an extra feature, so it should be tested separately. --- scripts/config.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.pl b/scripts/config.pl index ed0967d56..8066bb019 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -78,6 +78,7 @@ MBEDTLS_TEST_NULL_ENTROPY MBEDTLS_DEPRECATED_REMOVED MBEDTLS_HAVE_SSE2 MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +MBEDTLS_CTR_DRBG_USE_128_BIT_KEY MBEDTLS_ECP_DP_M221_ENABLED MBEDTLS_ECP_DP_M383_ENABLED MBEDTLS_ECP_DP_M511_ENABLED From 691ec526947fe9f696ee83d1d23561a5a5b5dfd4 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Mon, 7 Oct 2019 15:28:36 +0100 Subject: [PATCH 1888/2197] Remove over-specific RFC references Rely on general reference to IANA documentation --- include/psa/crypto_types.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index fbbb737ae..dfc17a95f 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -75,7 +75,6 @@ typedef uint32_t psa_key_type_t; * TLS Supported Groups Registry (formerly known as the * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 8422 and RFC 7027. * * This specification defines identifiers for some of the curves in the IANA * registry. Implementations that support other curves that are in the IANA @@ -102,7 +101,6 @@ typedef uint16_t psa_ecc_curve_t; * TLS Supported Groups Registry (formerly known as the * TLS EC Named Curve Registry) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 7919. * * This specification defines identifiers for some of the groups in the IANA * registry. Implementations that support other groups that are in the IANA From 6e59505bb297e5a3ea7ad90734c75111122e72b7 Mon Sep 17 00:00:00 2001 From: Andrew Thoelke Date: Mon, 7 Oct 2019 22:27:17 +0100 Subject: [PATCH 1889/2197] Recommend use of GREASE values for vendor defined DH groups --- include/psa/crypto_types.h | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index dfc17a95f..c4f9acd46 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -111,9 +111,35 @@ typedef uint16_t psa_ecc_curve_t; * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to * #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use * range. - * 2. Use a ::psa_key_type_t value that is vendor-defined. + * 2. Select a ::psa_dh_group_t value from the named groups allocated for + * GREASE in the IETF draft specification. The GREASE specification and + * values are listed below. + * 3. Use a ::psa_key_type_t value that is vendor-defined. * - * The first option is recommended. + * Option 1 or 2 are recommended. + * + * The current draft of the GREASE specification is + * https://datatracker.ietf.org/doc/draft-ietf-tls-grease + * + * The following GREASE values are allocated for named groups: + * \code + * 0x0A0A + * 0x1A1A + * 0x2A2A + * 0x3A3A + * 0x4A4A + * 0x5A5A + * 0x6A6A + * 0x7A7A + * 0x8A8A + * 0x9A9A + * 0xAAAA + * 0xBABA + * 0xCACA + * 0xDADA + * 0xEAEA + * 0xFAFA + * \endcode */ typedef uint16_t psa_dh_group_t; From c34b839d85186aeafe6b29cfa85dda812f7456d3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 14:21:18 +0200 Subject: [PATCH 1890/2197] Improve the descriptions of some entropy test cases --- tests/suites/test_suite_entropy.data | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data index 11ced64b3..7460d74b8 100644 --- a/tests/suites/test_suite_entropy.data +++ b/tests/suites/test_suite_entropy.data @@ -1,43 +1,43 @@ Create NV seed_file nv_seed_file_create: -Entropy write/update seed file [#1] +Entropy write/update seed file: good entropy_seed_file:"data_files/entropy_seed":0 -Entropy write/update seed file [#2] +Entropy write/update seed file: nonexistent entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR Entropy too many sources entropy_too_many_sources: -Entropy output length #1 +Entropy output length: 0 entropy_func_len:0:0 -Entropy output length #2 +Entropy output length: 1 entropy_func_len:1:0 -Entropy output length #3 +Entropy output length: 2 entropy_func_len:2:0 -Entropy output length #4 +Entropy output length: 31 entropy_func_len:31:0 -Entropy output length #5 +Entropy output length: 65 > BLOCK_SIZE entropy_func_len:65:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Entropy failing source entropy_source_fail:"data_files/entropy_seed" -Entropy threshold #1 +Entropy threshold: 16=2*8 entropy_threshold:16:2:8 -Entropy threshold #2 +Entropy threshold: 32=1*32 entropy_threshold:32:1:32 -Entropy threshold #3 +Entropy threshold: 0* never reaches the threshold entropy_threshold:16:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -Entropy threshold #4 +Entropy threshold: 1024 never reached entropy_threshold:1024:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Check NV seed standard IO From ed04a676ee52e3ce54192dd4ff15f79bc5636a9e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 14:37:27 +0200 Subject: [PATCH 1891/2197] Entropy tests: support multiple dummy sources Always pass a context object to entropy_dummy_source. This lets us write tests that register more than one source and keep track of how many times each one is called. --- tests/suites/test_suite_entropy.function | 54 ++++++++++++++---------- 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 0d86eadbe..8563b11f0 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -3,10 +3,19 @@ #include "mbedtls/entropy_poll.h" #include "string.h" -/* - * Number of calls made to entropy_dummy_source() - */ -static size_t entropy_dummy_calls; +typedef enum +{ + DUMMY_CONSTANT_LENGTH, /* Output context->length bytes */ + DUMMY_REQUESTED_LENGTH, /* Output whatever length was requested */ + DUMMY_FAIL, /* Return an error code */ +} entropy_dummy_instruction; + +typedef struct +{ + entropy_dummy_instruction instruction; + size_t length; /* Length to return for DUMMY_CONSTANT_LENGTH */ + size_t calls; /* Incremented at each call */ +} entropy_dummy_context; /* * Dummy entropy source @@ -14,25 +23,25 @@ static size_t entropy_dummy_calls; * If data is NULL, write exactly the requested length. * Otherwise, write the length indicated by data or error if negative */ -static int entropy_dummy_source( void *data, unsigned char *output, +static int entropy_dummy_source( void *arg, unsigned char *output, size_t len, size_t *olen ) { - entropy_dummy_calls++; + entropy_dummy_context *context = arg; + ++context->calls; - if( data == NULL ) - *olen = len; - else + switch( context->instruction ) { - int *d = (int *) data; - - if( *d < 0 ) + case DUMMY_CONSTANT_LENGTH: + *olen = context->length; + break; + case DUMMY_REQUESTED_LENGTH: + *olen = len; + break; + case DUMMY_FAIL: return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - else - *olen = *d; } memset( output, 0x2a, *olen ); - return( 0 ); } @@ -144,6 +153,7 @@ void entropy_too_many_sources( ) { mbedtls_entropy_context ctx; size_t i; + entropy_dummy_context dummy = {DUMMY_REQUESTED_LENGTH, 0, 0}; mbedtls_entropy_init( &ctx ); @@ -152,10 +162,10 @@ void entropy_too_many_sources( ) * since we don't know how many sources were automatically added. */ for( i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++ ) - (void) mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, + (void) mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy, 16, MBEDTLS_ENTROPY_SOURCE_WEAK ); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, + TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy, 16, MBEDTLS_ENTROPY_SOURCE_WEAK ) == MBEDTLS_ERR_ENTROPY_MAX_SOURCES ); @@ -197,13 +207,13 @@ void entropy_func_len( int len, int ret ) void entropy_source_fail( char * path ) { mbedtls_entropy_context ctx; - int fail = -1; unsigned char buf[16]; + entropy_dummy_context dummy = {DUMMY_FAIL, 0, 0}; mbedtls_entropy_init( &ctx ); TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &fail, 16, + &dummy, 16, MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 ); @@ -229,16 +239,16 @@ exit: void entropy_threshold( int threshold, int chunk_size, int result ) { mbedtls_entropy_context ctx; + entropy_dummy_context dummy = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; mbedtls_entropy_init( &ctx ); TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &chunk_size, threshold, + &dummy, threshold, MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 ); - entropy_dummy_calls = 0; ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); if( result >= 0 ) @@ -248,7 +258,7 @@ void entropy_threshold( int threshold, int chunk_size, int result ) // Two times as much calls due to the NV seed update result *= 2; #endif - TEST_ASSERT( entropy_dummy_calls == (size_t) result ); + TEST_ASSERT( dummy.calls == (size_t) result ); } else { From 7f246510d0b5f19e3e1fcf16167b1c4e3cae0143 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 14:51:49 +0200 Subject: [PATCH 1892/2197] Add a test case for MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED --- tests/suites/test_suite_entropy.data | 3 +++ tests/suites/test_suite_entropy.function | 20 ++++++++++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data index 7460d74b8..abf36c0ec 100644 --- a/tests/suites/test_suite_entropy.data +++ b/tests/suites/test_suite_entropy.data @@ -7,6 +7,9 @@ entropy_seed_file:"data_files/entropy_seed":0 Entropy write/update seed file: nonexistent entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR +Entropy no sources +entropy_no_sources: + Entropy too many sources entropy_too_many_sources: diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 8563b11f0..a125f6202 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -45,7 +45,6 @@ static int entropy_dummy_source( void *arg, unsigned char *output, return( 0 ); } -#if defined(MBEDTLS_ENTROPY_NV_SEED) /* * Ability to clear entropy sources to allow testing with just predefined * entropy sources. This function or tests depending on it might break if there @@ -57,11 +56,12 @@ static int entropy_dummy_source( void *arg, unsigned char *output, * This might break memory checks in the future if sources need 'free-ing' then * as well. */ -void entropy_clear_sources( mbedtls_entropy_context *ctx ) +static void entropy_clear_sources( mbedtls_entropy_context *ctx ) { ctx->source_count = 0; } +#if defined(MBEDTLS_ENTROPY_NV_SEED) /* * NV seed read/write functions that use a buffer instead of a file */ @@ -148,6 +148,22 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void entropy_no_sources( ) +{ + mbedtls_entropy_context ctx; + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; + + mbedtls_entropy_init( &ctx ); + entropy_clear_sources( &ctx ); + TEST_EQUAL( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ), + MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); + +exit: + mbedtls_entropy_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE */ void entropy_too_many_sources( ) { From 65fc0686a7df290fc3f0f58d318241bf8f61c76a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 15:01:34 +0200 Subject: [PATCH 1893/2197] Add tests to ensure that we gather as much entropy as expected There were tests to ensure that each entropy source reaches its threshold, but no test that covers the total amount of entropy. Add test cases with a known set of entropy sources and make sure that we always gather at least MBEDTLS_ENTROPY_BLOCK_SIZE bytes from a strong source. --- tests/suites/test_suite_entropy.data | 18 ++++++++++ tests/suites/test_suite_entropy.function | 43 ++++++++++++++++++++++++ 2 files changed, 61 insertions(+) diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data index abf36c0ec..b2d20b472 100644 --- a/tests/suites/test_suite_entropy.data +++ b/tests/suites/test_suite_entropy.data @@ -43,6 +43,24 @@ entropy_threshold:16:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED Entropy threshold: 1024 never reached entropy_threshold:1024:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +Entropy calls: no strong +entropy_calls:MBEDTLS_ENTROPY_SOURCE_WEAK:MBEDTLS_ENTROPY_SOURCE_WEAK:1:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE + +Entropy calls: 1 strong, 1*BLOCK_SIZE +entropy_calls:MBEDTLS_ENTROPY_SOURCE_STRONG:MBEDTLS_ENTROPY_SOURCE_WEAK:1:MBEDTLS_ENTROPY_BLOCK_SIZE:1 + +Entropy calls: 1 strong, 2*(BLOCK_SIZE/2) +entropy_calls:MBEDTLS_ENTROPY_SOURCE_STRONG:MBEDTLS_ENTROPY_SOURCE_WEAK:1:(MBEDTLS_ENTROPY_BLOCK_SIZE+1)/2:2 + +Entropy calls: 1 strong, BLOCK_SIZE*1 +entropy_calls:MBEDTLS_ENTROPY_SOURCE_STRONG:MBEDTLS_ENTROPY_SOURCE_WEAK:1:1:MBEDTLS_ENTROPY_BLOCK_SIZE + +Entropy calls: 1 strong, 2*BLOCK_SIZE to reach threshold +entropy_calls:MBEDTLS_ENTROPY_SOURCE_STRONG:MBEDTLS_ENTROPY_SOURCE_WEAK:MBEDTLS_ENTROPY_BLOCK_SIZE+1:MBEDTLS_ENTROPY_BLOCK_SIZE:2 + +Entropy calls: 2 strong, BLOCK_SIZE/2 each +entropy_calls:MBEDTLS_ENTROPY_SOURCE_STRONG:MBEDTLS_ENTROPY_SOURCE_WEAK:(MBEDTLS_ENTROPY_BLOCK_SIZE+1)/2:(MBEDTLS_ENTROPY_BLOCK_SIZE+1)/2:2 + Check NV seed standard IO entropy_nv_seed_std_io: diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index a125f6202..d1d88c5fa 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -286,6 +286,49 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void entropy_calls( int strength1, int strength2, + int threshold, int chunk_size, + int result ) +{ + /* + * if result >= 0: result = expected number of calls to source 1 + * if result < 0: result = expected return code from mbedtls_entropy_func() + */ + + mbedtls_entropy_context ctx; + entropy_dummy_context dummy1 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + entropy_dummy_context dummy2 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; + int ret; + + mbedtls_entropy_init( &ctx ); + entropy_clear_sources( &ctx ); + + TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, + &dummy1, threshold, + strength1 ) == 0 ); + TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, + &dummy2, threshold, + strength2 ) == 0 ); + + ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); + + if( result >= 0 ) + { + TEST_ASSERT( ret == 0 ); + TEST_ASSERT( dummy1.calls == (size_t) result ); + } + else + { + TEST_ASSERT( ret == result ); + } + +exit: + mbedtls_entropy_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ void nv_seed_file_create( ) { From 2493401af48ba57a778e7e4e76795a7271f07960 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 15:43:13 +0200 Subject: [PATCH 1894/2197] Document that psa_close_key(0) and psa_destroy_key(0) succeed Document that passing 0 to a close/destroy function does nothing and returns PSA_SUCCESS. Although this was not written explicitly, the specification strongly suggested that this would return PSA_ERROR_INVALID_HANDLE. While returning INVALID_HANDLE makes sense, it was awkward for a very common programming style where applications can store 0 in a handle variable to indicate that the handle has been closed or has never been open: applications had to either check if (handle != 0) before calling psa_close_key(handle) or psa_destroy_key(handle), or ignore errors from the close/destroy function. Now applications following this style can just call psa_close_key(handle) or psa_destroy_key(handle). --- include/psa/crypto.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index d3b7522ab..7291c3e57 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -459,9 +459,12 @@ psa_status_t psa_open_key(psa_key_id_t id, * maintain the key handle until after the multipart operation has finished. * * \param handle The key handle to close. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. * * \retval #PSA_SUCCESS + * \p handle was a valid handle or \c 0. It is now closed. * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_BAD_STATE @@ -579,13 +582,17 @@ psa_status_t psa_copy_key(psa_key_handle_t source_handle, * key will cause the multipart operation to fail. * * \param handle Handle to the key to erase. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. * * \retval #PSA_SUCCESS - * The key material has been erased. + * \p handle was a valid handle and the key material that it + * referred to has been erased. + * Alternatively, \p handle is \c 0. * \retval #PSA_ERROR_NOT_PERMITTED * The key cannot be erased because it is * read-only, either due to a policy or due to physical restrictions. * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * There was an failure in communication with the cryptoprocessor. * The key material may still be present in the cryptoprocessor. From f102e4e4f655ded6af873677b54b32f1db0ab208 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 15:47:31 +0200 Subject: [PATCH 1895/2197] Test that psa_close_key(0) and psa_destroy_key(0) succeed --- tests/suites/test_suite_psa_crypto.data | 27 ++++++++----- tests/suites/test_suite_psa_crypto.function | 42 ++++++++++++++------- 2 files changed, 46 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6efdc01d1..d5b14fe79 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -22,6 +22,24 @@ persistence_attributes:0x1234:3:0x1235:0x1235:3 PSA key attributes: slot number slot_number_attribute: +psa_destroy_key(0) +destroy_invalid:0:PSA_SUCCESS + +psa_destroy_key(invalid) +destroy_invalid:1:PSA_ERROR_INVALID_HANDLE + +psa_destroy_key(huge) +destroy_invalid:-1:PSA_ERROR_INVALID_HANDLE + +psa_close_key(0) +close_invalid:0:PSA_SUCCESS + +psa_close_key(invalid) +close_invalid:1:PSA_ERROR_INVALID_HANDLE + +psa_close_key(huge) +close_invalid:-1:PSA_ERROR_INVALID_HANDLE + PSA import/export raw: 1 bytes import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1 @@ -43,15 +61,6 @@ PSA import/export AES-256 depends_on:MBEDTLS_AES_C import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:256:0:PSA_SUCCESS:1 -PSA invalid handle (0) -invalid_handle:0 - -PSA invalid handle (smallest plausible handle) -invalid_handle:1 - -PSA invalid handle (largest plausible handle) -invalid_handle:-1 - PSA import: bad usage flag import_with_policy:PSA_KEY_TYPE_RAW_DATA:0x40000000:0:PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 87529ac6c..9eb2803a7 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1103,9 +1103,6 @@ static int test_operations_on_invalid_handle( psa_key_handle_t handle ) buffer, sizeof( buffer ), &length ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_destroy_key( handle ), PSA_ERROR_INVALID_HANDLE ); - ok = 1; exit: @@ -1271,6 +1268,34 @@ void slot_number_attribute( ) } /* END_CASE */ +/* BEGIN_CASE */ +void destroy_invalid( int handle_arg, int expected_status_arg ) +{ + psa_key_handle_t handle = handle_arg; + psa_status_t expected_status = expected_status_arg; + + PSA_ASSERT( psa_crypto_init( ) ); + TEST_EQUAL( psa_destroy_key( handle ), expected_status ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void close_invalid( int handle_arg, int expected_status_arg ) +{ + psa_key_handle_t handle = handle_arg; + psa_status_t expected_status = expected_status_arg; + + PSA_ASSERT( psa_crypto_init( ) ); + TEST_EQUAL( psa_close_key( handle ), expected_status ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void import_with_policy( int type_arg, int usage_arg, int alg_arg, @@ -1535,17 +1560,6 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void invalid_handle( int handle ) -{ - PSA_ASSERT( psa_crypto_init( ) ); - test_operations_on_invalid_handle( handle ); - -exit: - PSA_DONE( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void import_export_public_key( data_t *data, int type_arg, From 1841cf43ee438e31512bdf5bc43c673c9a26e015 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 15:48:25 +0200 Subject: [PATCH 1896/2197] Make psa_close_key(0) and psa_destroy_key(0) succeed --- library/psa_crypto.c | 3 +++ library/psa_crypto_slot_management.c | 3 +++ 2 files changed, 6 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b9ea00f2c..e8ab01f63 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1013,6 +1013,9 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle ) psa_se_drv_table_entry_t *driver; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + if( handle == 0 ) + return( PSA_SUCCESS ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 59be319ce..6cd6a1135 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -255,6 +255,9 @@ psa_status_t psa_close_key( psa_key_handle_t handle ) psa_status_t status; psa_key_slot_t *slot; + if( handle == 0 ) + return( PSA_SUCCESS ); + status = psa_get_key_slot( handle, &slot ); if( status != PSA_SUCCESS ) return( status ); From cb25cdd53a40bba752baf0f3357bfea71bbb7559 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 11:57:31 +0200 Subject: [PATCH 1897/2197] Add ECDSA tests with hash and key of different lengths Add some ECDSA test cases where the hash is shorter or longer than the key length, to check that the API doesn't enforce a relationship between the two. For the sign_deterministic tests, the keys are tests/data_files/ec_256_prv.pem and tests/data_files/ec_384_prv.pem and the signatures were obtained with Python Cryptodome: from binascii import hexlify, unhexlify from Crypto.Hash import SHA256, SHA384 from Crypto.PublicKey import ECC from Crypto.Signature import DSS k2 = ECC.import_key(unhexlify("3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45")) SHA384.new(b'hello').hexdigest() hexlify(DSS.new(k2, 'deterministic-rfc6979').sign(SHA384.new(b'hello'))) k3 = ECC.import_key(unhexlify("3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747")) SHA256.new(b'hello').hexdigest() hexlify(DSS.new(k3, 'deterministic-rfc6979').sign(SHA256.new(b'hello'))) --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6efdc01d1..8865a6817 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1547,6 +1547,14 @@ PSA sign: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +PSA sign: deterministic ECDSA SECP256R1 SHA-384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" + +PSA sign: deterministic ECDSA SECP384R1 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" + PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT @@ -1621,6 +1629,22 @@ PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +PSA sign/verify: randomized ECDSA SECP256R1 SHA-384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" + +PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" + +PSA sign/verify: randomized ECDSA SECP384R1 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + +PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" From 85485c73380e44e6d6e00a340883d1972d5f9e21 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Oct 2019 15:04:16 +0200 Subject: [PATCH 1898/2197] Always gather MBEDTLS_ENTROPY_BLOCK_SIZE bytes of entropy mbedtls_entropy_func returns up to MBEDTLS_ENTROPY_BLOCK_SIZE bytes. This is the output of a hash function and does not indicate how many bytes of entropy went into the hash computation. Enforce that mbedtls_entropy_func gathers a total of MBEDTLS_ENTROPY_BLOCK_SIZE bytes or more from strong sources. Weak sources don't count for this calculation. This is complementary to the per-source threshold mechanism. In particular, we define system sources with a threshold of 32. But when using SHA-512 for the entropy accumulator, MBEDTLS_ENTROPY_BLOCK_SIZE = 64, so users can expect 64 bytes' worth of entropy. Before, you only got 64 bytes of entropy if there were two sources. Now you get 64 bytes of entropy even with a single source with a threshold of 32. --- library/entropy.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/library/entropy.c b/library/entropy.c index f8db1a550..565525396 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -325,7 +325,8 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) { - int ret, count = 0, i, done; + int ret, count = 0, i, thresholds_reached; + size_t strong_size; mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; @@ -363,12 +364,17 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) if( ( ret = entropy_gather_internal( ctx ) ) != 0 ) goto exit; - done = 1; + thresholds_reached = 1; + strong_size = 0; for( i = 0; i < ctx->source_count; i++ ) + { if( ctx->source[i].size < ctx->source[i].threshold ) - done = 0; + thresholds_reached = 0; + if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) + strong_size += ctx->source[i].size; + } } - while( ! done ); + while( ! thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE ); memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); From 04129a0d960d5b7831fcfb1f71574ff3ffc6fe5e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Oct 2019 16:23:49 +0200 Subject: [PATCH 1899/2197] Update slot management tests now that {close,destroy}_key(0) succeed --- ..._suite_psa_crypto_slot_management.function | 21 +++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 3b9eada83..c269280bf 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -643,12 +643,21 @@ void invalid_handle( ) TEST_ASSERT( handle1 != 0 ); /* Attempt to close and destroy some invalid handles. */ - TEST_EQUAL( psa_close_key( 0 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_destroy_key( 0 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_destroy_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); + if( handle1 - 1 != 0 ) + { + TEST_EQUAL( psa_close_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); + } + if( handle1 + 1 != 0 ) + { + TEST_EQUAL( psa_close_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); + } + + /* 0 is special: it isn't a valid handle, but close/destroy + * succeeds on it. */ + TEST_EQUAL( psa_close_key( 0 ), PSA_SUCCESS ); + TEST_EQUAL( psa_destroy_key( 0 ), PSA_SUCCESS ); /* After all this, check that the original handle is intact. */ PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) ); From 43326f0d1eec9cc95ea411e6d48681b30ad7c246 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 9 Oct 2019 16:43:39 +0200 Subject: [PATCH 1900/2197] Change PSA_DH_GROUP_CUSTOM to not be in the vendor-defined range --- include/psa/crypto_extra.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f0e47821c..4329bf828 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -428,8 +428,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes * from domain parameters set by psa_set_key_domain_parameters(). */ -/* This value is reserved for private use in the TLS named group registry. */ -#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x01fc) +/* This value is a deprecated value meaning an explicit curve in the IANA + * registry. */ +#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0xff01) /** From 03c165e1e1ce9e25a0883b28dbd05e249ec670e0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:15:18 +0200 Subject: [PATCH 1901/2197] Fix the build and the tests when MBEDTLS_BIGNUM_C is unset When the asn1parse module is enabled but the bignum module is disabled, the asn1parse test suite did not work. Fix this. * Fix a syntax error in get_integer() (label immediately followed by a closing brace). * Fix an unused variable in get_integer(). * Fix `TEST_ASSERT( *p == q );` in nested_parse() failing because `*p` was not set. * Fix nested_parse() not outputting the length of what it parsed. --- tests/suites/test_suite_asn1parse.function | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 3bfb1c703..049763142 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -59,6 +59,10 @@ static int nested_parse( unsigned char **const p, *p = start; ret = mbedtls_asn1_get_mpi( p, end, &mpi ); mbedtls_mpi_free( &mpi ); +#else + *p = start + 1; + ret = mbedtls_asn1_get_len( p, end, &len ); + *p += len; #endif /* If we're sure that the number fits in an int, also * call mbedtls_asn1_get_int(). */ @@ -254,10 +258,10 @@ void get_integer( const data_t *input, #if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi expected_mpi; mbedtls_mpi actual_mpi; + int expected_result_for_mpi = expected_result; #endif long expected_value; int expected_result_for_int = expected_result; - int expected_result_for_mpi = expected_result; int val; int ret; @@ -310,6 +314,7 @@ exit: mbedtls_mpi_free( &expected_mpi ); mbedtls_mpi_free( &actual_mpi ); #endif + /*empty cleanup in some configurations*/ ; } /* END_CASE */ From 321adb297c1c19be2d2120658cd43929e5f3faa4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:18:21 +0200 Subject: [PATCH 1902/2197] ASN1 tests: Match "Empty INTEGER" with the actual library behavior mbedtls_asn1_get_int() and mbedtls_asn1_get_mpi() behave differently on an empty INTEGER (0200). Don't change the library behavior for now because this might break interoperability in some applications. Write a test function that matches the library behavior. --- tests/suites/test_suite_asn1parse.data | 3 +- tests/suites/test_suite_asn1parse.function | 35 ++++++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index c5d9136b7..e9172413d 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -164,8 +164,7 @@ Not BOOLEAN get_boolean:"020101":0:MBEDTLS_ERR_ASN1_UNEXPECTED_TAG Empty INTEGER -depends_on:SUPPORT_NEGATIVE_INTEGERS -get_integer:"0200":"":MBEDTLS_ERR_ASN1_INVALID_LENGTH +empty_integer:"0200" INTEGER 0 get_integer:"020100":"0":0 diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 049763142..f794db7fc 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -250,6 +250,41 @@ void get_boolean( const data_t *input, } /* END_CASE */ +/* BEGIN_CASE */ +void empty_integer( const data_t *input ) +{ + unsigned char *p; +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi actual_mpi; +#endif + int val; + +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_init( & actual_mpi ); +#endif + + /* An INTEGER with no content is not valid. */ + p = input->x; + TEST_EQUAL( mbedtls_asn1_get_int( &p, input->x + input->len, &val ), + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + +#if defined(MBEDTLS_BIGNUM_C) + /* INTEGERs are sometimes abused as bitstrings, so the library accepts + * an INTEGER with empty content and gives it the value 0. */ + p = input->x; + TEST_EQUAL( mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ), + 0 ); + TEST_EQUAL( mbedtls_mpi_cmp_int( &actual_mpi, 0 ), 0 ); +#endif + +exit: +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_free( &actual_mpi ); +#endif + /*empty cleanup in some configurations*/ ; +} +/* END_CASE */ + /* BEGIN_CASE */ void get_integer( const data_t *input, const char *expected_hex, int expected_result ) From 970dcbf453489a10fa544ef3fe1aeb56e254eaef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:21:12 +0200 Subject: [PATCH 1903/2197] ASN1 tests: Match negative INTEGERs with the actual library behavior mbedtls_asn1_get_int() and mbedtls_asn1_get_mpi() behave differently on negative INTEGERs (0200). Don't change the library behavior for now because this might break interoperability in some applications. Change the test function to the library behavior. Fix the test data with negative INTEGERs. These test cases were previously not run (they were introduced but deliberately deactivated in 27d806fab41a11441d97017158fcb1356ef7e74f). The test data was actually wrong: ASN.1 uses two's complement, which has no negative 0, and some encodings were wrong. Now the tests have correct data, and the test code rectifies the expected data to match the library behavior. --- tests/suites/test_suite_asn1parse.data | 18 ++++------ tests/suites/test_suite_asn1parse.function | 42 +++++++++++++++++++++- 2 files changed, 47 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index e9172413d..10333d3ed 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -172,27 +172,15 @@ get_integer:"020100":"0":0 INTEGER 0, extra leading 0 get_integer:"02020000":"0":0 -INTEGER -0 -depends_on:SUPPORT_NEGATIVE_INTEGERS -get_integer:"020180":"0":0 - INTEGER 1 get_integer:"020101":"1":0: INTEGER 1, extra leading 0 get_integer:"02020001":"1":0: -INTEGER -1 -depends_on:SUPPORT_NEGATIVE_INTEGERS -get_integer:"020181":"-1":0 - INTEGER 0x7f get_integer:"02017f":"7f":0 -INTEGER -0x7f -depends_on:SUPPORT_NEGATIVE_INTEGERS -get_integer:"0201ff":"-7f":0 - INTEGER 0x80 get_integer:"02020080":"80":0 @@ -226,6 +214,12 @@ get_integer:"0281800123456789abcdef0123456789abcdef0123456789abcdef0123456789abc INTEGER with 128 value octets (leading 0 in length) get_integer:"028200800123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":0 +INTEGER -1 +get_integer:"0201ff":"-1":0 + +INTEGER -0x7f +get_integer:"020181":"-7f":0 + Not INTEGER get_integer:"010101":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index f794db7fc..defbd01bb 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -293,6 +293,7 @@ void get_integer( const data_t *input, #if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi expected_mpi; mbedtls_mpi actual_mpi; + mbedtls_mpi complement; int expected_result_for_mpi = expected_result; #endif long expected_value; @@ -303,6 +304,7 @@ void get_integer( const data_t *input, #if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi_init( &expected_mpi ); mbedtls_mpi_init( &actual_mpi ); + mbedtls_mpi_init( &complement ); #endif errno = 0; @@ -314,6 +316,16 @@ void get_integer( const data_t *input, #endif ) ) { + /* The library returns the dubious error code INVALID_LENGTH + * for integers that are out of range. */ + expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + if( expected_result == 0 && expected_value < 0 ) + { + /* The library does not support negative INTEGERs and + * returns the dubious error code INVALID_LENGTH. + * Test that we preserve the historical behavior. If we + * decide to change the behavior, we'll also change this test. */ expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; } @@ -339,7 +351,34 @@ void get_integer( const data_t *input, TEST_EQUAL( ret, expected_result_for_mpi ); if( ret == 0 ) { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi , &expected_mpi ) == 0 ); + if( expected_value >= 0 ) + { + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi, + &expected_mpi ) == 0 ); + } + else + { + /* The library ignores the sign bit in ASN.1 INTEGERs + * (which makes sense insofar as INTEGERs are sometimes + * abused as bit strings), so the result of parsing them + * is a positive integer such that expected_mpi + + * actual_mpi = 2^n where n is the length of the content + * of the INTEGER. (Leading ff octets don't matter for the + * expected value, but they matter for the actual value.) + * Test that we don't change from this behavior. If we + * decide to fix the library to change the behavior on + * negative INTEGERs, we'll fix this test code. */ + unsigned char *q = input->x + 1; + size_t len; + TEST_ASSERT( mbedtls_asn1_get_len( &q, input->x + input->len, + &len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_lset( &complement, 1 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_shift_l( &complement, len * 8 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_add_mpi( &complement, &complement, + &expected_mpi ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &complement, + &actual_mpi ) == 0 ); + } TEST_ASSERT( p == input->x + input->len ); } #endif @@ -348,6 +387,7 @@ exit: #if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi_free( &expected_mpi ); mbedtls_mpi_free( &actual_mpi ); + mbedtls_mpi_free( &complement ); #endif /*empty cleanup in some configurations*/ ; } From 0370b1bd7d1bc4714aede69e03eb5db3c77a8424 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:25:39 +0200 Subject: [PATCH 1904/2197] ASN1 tests: more INTEGER test cases Test more INTEGER values, especially near the boundary of int (which is at 2^31-1 on all our officially supported platforms). --- tests/suites/test_suite_asn1parse.data | 60 ++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index 10333d3ed..4abae0bb4 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -199,9 +199,30 @@ get_integer:"020412345678":"12345678":0 INTEGER 0x12345678, extra leading 0 get_integer:"02050012345678":"12345678":0 +INTEGER 0x7fffffff +get_integer:"02047fffffff":"7fffffff":0 + +INTEGER 0x7fffffff, extra leading 0 +get_integer:"0205007fffffff":"7fffffff":0 + +INTEGER 0x80000000 +get_integer:"02050080000000":"80000000":0 + +INTEGER 0xffffffff +get_integer:"020500ffffffff":"ffffffff":0 + +INTEGER 0x100000000 +get_integer:"02050100000000":"0100000000":0 + INTEGER 0x123456789abcdef0 get_integer:"0208123456789abcdef0":"123456789abcdef0":0 +INTEGER 0xfedcab9876543210 +get_integer:"020900fedcab9876543210":"fedcab9876543210":0 + +INTEGER 0x1fedcab9876543210 +get_integer:"020901fedcab9876543210":"1fedcab9876543210":0 + INTEGER with 127 value octets get_integer:"027f0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd":"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd":0 @@ -217,9 +238,48 @@ get_integer:"028200800123456789abcdef0123456789abcdef0123456789abcdef0123456789a INTEGER -1 get_integer:"0201ff":"-1":0 +INTEGER -1, extra leading ff +get_integer:"0202ffff":"-1":0 + INTEGER -0x7f get_integer:"020181":"-7f":0 +INTEGER -0x80 +get_integer:"020180":"-80":0 + +INTEGER -0x81 +get_integer:"0202ff7f":"-81":0 + +INTEGER -0xff +get_integer:"0202ff01":"-ff":0 + +INTEGER -0x100 +get_integer:"0202ff00":"-100":0 + +INTEGER -0x7fffffff +get_integer:"020480000001":"-7fffffff":0 + +INTEGER -0x80000000 +get_integer:"020480000000":"-80000000":0 + +INTEGER -0x80000001 +get_integer:"0205ff7fffffff":"-80000001":0 + +INTEGER -0xffffffff +get_integer:"0205ff00000001":"-ffffffff":0 + +INTEGER -0x100000000 +get_integer:"0205ff00000000":"-100000000":0 + +INTEGER -0x123456789abcdef0 +get_integer:"0208edcba98765432110":"-123456789abcdef0":0 + +INTEGER -0xfedcba9876543210 +get_integer:"0209ff0123456789abcdf0":"-fedcba9876543210":0 + +INTEGER -0x1fedcab9876543210 +get_integer:"0209fe0123546789abcdf0":"-1fedcab9876543210":0 + Not INTEGER get_integer:"010101":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG From 9fd9794d109ffbd7f9ebed92f4a90dc429e1a1df Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:27:53 +0200 Subject: [PATCH 1905/2197] mbedtls_asn1_get_int: explain the logic No behavior change. --- library/asn1parse.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index 4764ca4cb..4f9d6aef3 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -149,14 +149,22 @@ int mbedtls_asn1_get_int( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) return( ret ); - if( len == 0 || ( **p & 0x80 ) != 0 ) + /* len==0 is malformed (0 must be represented as 020100). */ + if( len == 0 ) + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + /* This is a cryptography library. Reject negative integers. */ + if( ( **p & 0x80 ) != 0 ) return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + /* Skip leading zeros. */ while( len > 0 && **p == 0 ) { ++( *p ); --len; } + + /* Reject integers that don't fit in an int. This code assumes that + * the int type has no padding bit. */ if( len > sizeof( int ) ) return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); From 37570e81528d3a1d7354ece12dfb972e5f576e39 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 19:29:27 +0200 Subject: [PATCH 1906/2197] mbedtls_asn1_get_int: fix int overflow Fix a signed int overflow in mbedtls_asn1_get_int() for numbers between INT_MAX+1 and UINT_MAX (typically 0x80000000..0xffffffff). This was undefined behavior which in practice would typically have resulted in an incorrect value, but which may plausibly also have caused the postcondition (*p == initial<*p> + len) to be violated. Credit to OSS-Fuzz. --- library/asn1parse.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/asn1parse.c b/library/asn1parse.c index 4f9d6aef3..412259e35 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -167,6 +167,8 @@ int mbedtls_asn1_get_int( unsigned char **p, * the int type has no padding bit. */ if( len > sizeof( int ) ) return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if( len == sizeof( int ) && ( **p & 0x80 ) != 0 ) + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); *val = 0; while( len-- > 0 ) From b8cde4ec039bcf69b789e019502c8835129343c4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Oct 2019 11:44:48 +0200 Subject: [PATCH 1907/2197] Consolidate invalid-handle tests Consolidate the invalid-handle tests from test_suite_psa_crypto and test_suite_psa_crypto_slot_management. Start with the code in test_suite_psa_crypto_slot_management and adapt it to test one invalid handle value per run of the test function. --- tests/suites/test_suite_psa_crypto.data | 18 ----- tests/suites/test_suite_psa_crypto.function | 28 -------- ...test_suite_psa_crypto_slot_management.data | 13 +++- ..._suite_psa_crypto_slot_management.function | 68 +++++++++++++------ 4 files changed, 60 insertions(+), 67 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d5b14fe79..fdeb0f3f4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -22,24 +22,6 @@ persistence_attributes:0x1234:3:0x1235:0x1235:3 PSA key attributes: slot number slot_number_attribute: -psa_destroy_key(0) -destroy_invalid:0:PSA_SUCCESS - -psa_destroy_key(invalid) -destroy_invalid:1:PSA_ERROR_INVALID_HANDLE - -psa_destroy_key(huge) -destroy_invalid:-1:PSA_ERROR_INVALID_HANDLE - -psa_close_key(0) -close_invalid:0:PSA_SUCCESS - -psa_close_key(invalid) -close_invalid:1:PSA_ERROR_INVALID_HANDLE - -psa_close_key(huge) -close_invalid:-1:PSA_ERROR_INVALID_HANDLE - PSA import/export raw: 1 bytes import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_KEY_USAGE_EXPORT:0:8:0:PSA_SUCCESS:1 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 9eb2803a7..40e9e57e6 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1268,34 +1268,6 @@ void slot_number_attribute( ) } /* END_CASE */ -/* BEGIN_CASE */ -void destroy_invalid( int handle_arg, int expected_status_arg ) -{ - psa_key_handle_t handle = handle_arg; - psa_status_t expected_status = expected_status_arg; - - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( psa_destroy_key( handle ), expected_status ); - -exit: - PSA_DONE( ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void close_invalid( int handle_arg, int expected_status_arg ) -{ - psa_key_handle_t handle = handle_arg; - psa_status_t expected_status = expected_status_arg; - - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( psa_close_key( handle ), expected_status ); - -exit: - PSA_DONE( ); -} -/* END_CASE */ - /* BEGIN_CASE */ void import_with_policy( int type_arg, int usage_arg, int alg_arg, diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 6fa872312..803917dbe 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -148,8 +148,17 @@ Copy persistent to same depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f" -Close/destroy invalid handle -invalid_handle: +invalid handle: 0 +invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS:PSA_ERROR_INVALID_HANDLE + +invalid handle: never opened +invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE + +invalid handle: already closed +invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE + +invalid handle: huge +invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE Open many transient handles many_transient_handles:42 diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index c269280bf..4c824f7de 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -20,6 +20,14 @@ typedef enum CLOSE_AFTER, } reopen_policy_t; +typedef enum +{ + INVALID_HANDLE_0, + INVALID_HANDLE_UNOPENED, + INVALID_HANDLE_CLOSED, + INVALID_HANDLE_HUGE, +} invalid_handle_construction_t; + /* All test functions that create persistent keys must call * `TEST_USES_KEY_ID( key_id )` before creating a persistent key with this * identifier, and must call psa_purge_key_storage() in their cleanup @@ -625,9 +633,13 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void invalid_handle( ) +void invalid_handle( int handle_construction, + int close_status_arg, int usage_status_arg ) { - psa_key_handle_t handle1 = 0; + psa_key_handle_t valid_handle = 0; + psa_key_handle_t invalid_handle = 0; + psa_status_t close_status = close_status_arg; + psa_status_t usage_status = usage_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t material[1] = "a"; @@ -639,32 +651,50 @@ void invalid_handle( ) psa_set_key_algorithm( &attributes, 0 ); PSA_ASSERT( psa_import_key( &attributes, material, sizeof( material ), - &handle1 ) ); - TEST_ASSERT( handle1 != 0 ); + &valid_handle ) ); + TEST_ASSERT( valid_handle != 0 ); - /* Attempt to close and destroy some invalid handles. */ - if( handle1 - 1 != 0 ) + /* Construct an invalid handle as specified in the test case data. */ + switch( handle_construction ) { - TEST_EQUAL( psa_close_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_destroy_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE ); - } - if( handle1 + 1 != 0 ) - { - TEST_EQUAL( psa_close_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE ); + case INVALID_HANDLE_0: + invalid_handle = 0; + break; + case INVALID_HANDLE_UNOPENED: + /* We can't easily construct a handle that's never been opened + * without knowing how the implementation constructs handle + * values. The current test code assumes that valid handles + * are in a range between 1 and some maximum. */ + if( valid_handle == 1 ) + invalid_handle = 2; + else + invalid_handle = valid_handle - 1; + break; + case INVALID_HANDLE_CLOSED: + PSA_ASSERT( psa_import_key( &attributes, + material, sizeof( material ), + &invalid_handle ) ); + PSA_ASSERT( psa_destroy_key( invalid_handle ) ); + break; + case INVALID_HANDLE_HUGE: + invalid_handle = (psa_key_handle_t) ( -1 ); + break; + default: + TEST_ASSERT( ! "unknown handle construction" ); } - /* 0 is special: it isn't a valid handle, but close/destroy - * succeeds on it. */ - TEST_EQUAL( psa_close_key( 0 ), PSA_SUCCESS ); - TEST_EQUAL( psa_destroy_key( 0 ), PSA_SUCCESS ); + /* Attempt to use the invalid handle. */ + TEST_EQUAL( psa_get_key_attributes( invalid_handle, &attributes ), + usage_status ); + TEST_EQUAL( psa_close_key( invalid_handle ), close_status ); + TEST_EQUAL( psa_destroy_key( invalid_handle ), close_status ); /* After all this, check that the original handle is intact. */ - PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) ); + PSA_ASSERT( psa_get_key_attributes( valid_handle, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), PSA_KEY_TYPE_RAW_DATA ); TEST_EQUAL( psa_get_key_bits( &attributes ), PSA_BYTES_TO_BITS( sizeof( material ) ) ); - PSA_ASSERT( psa_close_key( handle1 ) ); + PSA_ASSERT( psa_close_key( valid_handle ) ); exit: PSA_DONE( ); From 8f7921ec4b8207550a765070edbca815e7374a02 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Oct 2019 11:47:35 +0200 Subject: [PATCH 1908/2197] HMAC_DRBG: support set_entropy_len() before seed() mbedtls_hmac_drbg_seed() always set the entropy length to the default, so a call to mbedtls_hmac_drbg_set_entropy_len() before seed() had no effect. Change this to the more intuitive behavior that set_entropy_len() sets the entropy length and seed() respects that and only uses the default entropy length if there was no call to set_entropy_len(). --- include/mbedtls/hmac_drbg.h | 8 +++----- library/hmac_drbg.c | 25 ++++++++++++++----------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 519d692fb..8ac227caa 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -141,11 +141,9 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * entropy length is set with * mbedtls_hmac_drbg_set_entropy_len() afterwards. * - * \note The entropy length for the initial seeding is - * the security strength (converted from bits to bytes). - * You can set a different entropy length for subsequent - * seeding by calling mbedtls_hmac_drbg_set_entropy_len() - * after this function. + * \note The default entropy length is the security strength + * (converted from bits to bytes). You can override + * it by calling mbedtls_hmac_drbg_set_entropy_len(). * * \note During the initial seeding, this function calls * the entropy source to obtain a nonce diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 50d88bd54..284c9b4e9 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -273,16 +273,19 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL; - /* - * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by - * each hash function, then according to SP800-90A rev1 10.1 table 2, - * min_entropy_len (in bits) is security_strength. - * - * (This also matches the sizes used in the NIST test vectors.) - */ - ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */ - md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */ - 32; /* better (256+) -> 256 bits */ + if( ctx->entropy_len == 0 ) + { + /* + * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by + * each hash function, then according to SP800-90A rev1 10.1 table 2, + * min_entropy_len (in bits) is security_strength. + * + * (This also matches the sizes used in the NIST test vectors.) + */ + ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */ + md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */ + 32; /* better (256+) -> 256 bits */ + } if( ( ret = hmac_drbg_reseed_core( ctx, custom, len, 1 /* add nonce */ ) ) != 0 ) @@ -303,7 +306,7 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx } /* - * Set entropy length grabbed for reseeds + * Set entropy length grabbed for seeding */ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len ) { From 8bf5613336f159c70560d3d93cd6c8362e102472 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 2 Oct 2019 20:31:54 +0200 Subject: [PATCH 1909/2197] CTR_DRBG: Don't use functions before they're defined Move the definitions of mbedtls_ctr_drbg_seed_entropy_len() and mbedtls_ctr_drbg_seed() to after they are used. This makes the code easier to read and to maintain. --- library/ctr_drbg.c | 128 ++++++++++++++++++++++----------------------- 1 file changed, 64 insertions(+), 64 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 0db7beb29..c986b7019 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -62,70 +62,6 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) #endif } -/* - * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow - * NIST tests to succeed (which require known length fixed entropy) - */ -/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) - * mbedtls_ctr_drbg_seed_entropy_len(ctx, f_entropy, p_entropy, - * custom, len, entropy_len) - * implements - * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, - * security_strength) -> initial_working_state - * with inputs - * custom[:len] = nonce || personalization_string - * where entropy_input comes from f_entropy for entropy_len bytes - * and with outputs - * ctx = initial_working_state - */ -int mbedtls_ctr_drbg_seed_entropy_len( - mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len, - size_t entropy_len ) -{ - int ret; - unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; - - memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); - - mbedtls_aes_init( &ctx->aes_ctx ); - - ctx->f_entropy = f_entropy; - ctx->p_entropy = p_entropy; - - ctx->entropy_len = entropy_len; - ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; - - /* - * Initialize with an empty key - */ - if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { - return( ret ); - } - - if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) - { - return( ret ); - } - return( 0 ); -} - -int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) -{ - return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, - custom, len, - MBEDTLS_CTR_DRBG_ENTROPY_LEN ) ); -} - void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ) { if( ctx == NULL ) @@ -445,6 +381,70 @@ exit: return( ret ); } +/* + * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow + * NIST tests to succeed (which require known length fixed entropy) + */ +/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) + * mbedtls_ctr_drbg_seed_entropy_len(ctx, f_entropy, p_entropy, + * custom, len, entropy_len) + * implements + * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, + * security_strength) -> initial_working_state + * with inputs + * custom[:len] = nonce || personalization_string + * where entropy_input comes from f_entropy for entropy_len bytes + * and with outputs + * ctx = initial_working_state + */ +int mbedtls_ctr_drbg_seed_entropy_len( + mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len, + size_t entropy_len ) +{ + int ret; + unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; + + memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); + + mbedtls_aes_init( &ctx->aes_ctx ); + + ctx->f_entropy = f_entropy; + ctx->p_entropy = p_entropy; + + ctx->entropy_len = entropy_len; + ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; + + /* + * Initialize with an empty key + */ + if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, + MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) + { + return( ret ); + } + return( 0 ); +} + +int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len ) +{ + return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, + custom, len, + MBEDTLS_CTR_DRBG_ENTROPY_LEN ) ); +} + /* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2) * mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, additional, add_len) * implements From 50ed86b6b92021969c6c84b99cee11e7e9121042 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Oct 2019 12:15:55 +0200 Subject: [PATCH 1910/2197] CTR_DRBG: support set_entropy_len() before seed() mbedtls_ctr_drbg_seed() always set the entropy length to the default, so a call to mbedtls_ctr_drbg_set_entropy_len() before seed() had no effect. Change this to the more intuitive behavior that set_entropy_len() sets the entropy length and seed() respects that and only uses the default entropy length if there was no call to set_entropy_len(). This removes the need for the test-only function mbedtls_ctr_drbg_seed_entropy_len(). Just call mbedtls_ctr_drbg_set_entropy_len() followed by mbedtls_ctr_drbg_seed(), it works now. --- include/mbedtls/ctr_drbg.h | 16 +++------ library/ctr_drbg.c | 44 +++++++++-------------- tests/suites/test_suite_ctr_drbg.function | 6 ++-- 3 files changed, 25 insertions(+), 41 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 2db402133..676b96e49 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -214,11 +214,8 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * with mbedtls_entropy_init() (which registers the platform's default * entropy sources). * - * \p f_entropy is always called with a buffer size equal to the entropy - * length. The entropy length is initially #MBEDTLS_CTR_DRBG_ENTROPY_LEN - * and this value is always used for the initial seeding. You can change - * the entropy length for subsequent seeding by calling - * mbedtls_ctr_drbg_set_entropy_len() after this function. + * The entropy length is #MBEDTLS_CTR_DRBG_ENTROPY_LEN by default. + * You can override it by calling mbedtls_ctr_drbg_set_entropy_len(). * * You can provide a personalization string in addition to the * entropy source, to make this instantiation as unique as possible. @@ -255,6 +252,8 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the * length of the buffer. + * \p f_entropy is always called with a buffer size + * equal to the entropy length. * \param p_entropy The entropy context to pass to \p f_entropy. * \param custom The personalization string. * This can be \c NULL, in which case the personalization @@ -298,7 +297,7 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, /** * \brief This function sets the amount of entropy grabbed on each - * subsequent reseed. + * seed or reseed. * * The default value is #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * @@ -499,11 +498,6 @@ int mbedtls_ctr_drbg_self_test( int verbose ); #endif /* MBEDTLS_SELF_TEST */ -/* Internal functions (do not call directly) */ -int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *, - int (*)(void *, unsigned char *, size_t), void *, - const unsigned char *, size_t, size_t ); - #ifdef __cplusplus } #endif diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index c986b7019..ae51d5467 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -381,10 +381,6 @@ exit: return( ret ); } -/* - * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow - * NIST tests to succeed (which require known length fixed entropy) - */ /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) * mbedtls_ctr_drbg_seed_entropy_len(ctx, f_entropy, p_entropy, * custom, len, entropy_len) @@ -397,13 +393,11 @@ exit: * and with outputs * ctx = initial_working_state */ -int mbedtls_ctr_drbg_seed_entropy_len( - mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len, - size_t entropy_len ) +int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len ) { int ret; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; @@ -415,7 +409,8 @@ int mbedtls_ctr_drbg_seed_entropy_len( ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; - ctx->entropy_len = entropy_len; + if( ctx->entropy_len == 0 ) + ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN; ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; /* @@ -434,17 +429,6 @@ int mbedtls_ctr_drbg_seed_entropy_len( return( 0 ); } -int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) -{ - return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, - custom, len, - MBEDTLS_CTR_DRBG_ENTROPY_LEN ) ); -} - /* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2) * mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, additional, add_len) * implements @@ -708,8 +692,11 @@ int mbedtls_ctr_drbg_self_test( int verbose ) mbedtls_printf( " CTR_DRBG (PR = TRUE) : " ); test_offset = 0; - CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy, - (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) ); + mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 ); + CHK( mbedtls_ctr_drbg_seed( &ctx, + ctr_drbg_self_test_entropy, + (void *) entropy_source_pr, + nonce_pers_pr, 16 ) ); mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) ); @@ -729,8 +716,11 @@ int mbedtls_ctr_drbg_self_test( int verbose ) mbedtls_ctr_drbg_init( &ctx ); test_offset = 0; - CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy, - (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) ); + mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 ); + CHK( mbedtls_ctr_drbg_seed( &ctx, + ctr_drbg_self_test_entropy, + (void *) entropy_source_nopr, + nonce_pers_nopr, 16 ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) ); CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) ); diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 4a97826f6..01050d92d 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -44,11 +44,11 @@ static void ctr_drbg_validate_internal( int reseed_mode, data_t * nonce, /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, ) * where nonce||perso = nonce[nonce->len] */ - TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( + mbedtls_ctr_drbg_set_entropy_len( &ctx, entropy_chunk_len ); + TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy->x, - nonce->x, nonce->len, - entropy_chunk_len ) == 0 ); + nonce->x, nonce->len ) == 0 ); if( reseed_mode == RESEED_ALWAYS ) mbedtls_ctr_drbg_set_prediction_resistance( &ctx, From fec306452b80365575e66543f328f1ec0946cdd6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 20:30:54 +0200 Subject: [PATCH 1911/2197] Add a reference configuration without any asymmetric cryptography Add a reference configuration with most symmetric cryptographic algorithms enabled, but without any asymmetric cryptography. This checks that we don't have spurious unexpected dependencies on asymmetric-only modules such as bignum. Keep HAVE_ASM disabled because it's platform-specific. Keep HAVEGE disabled because it's untested and not recommended. Keep MEMORY_BUFFER_ALLOC out because it isn't related to cryptography at all and it makes memory sanitizers ineffective. Keep THREADING disabled because it requires special build options. --- configs/config-symmetric-only.h | 99 +++++++++++++++++++++++++++++++ tests/scripts/test-ref-configs.pl | 2 + 2 files changed, 101 insertions(+) create mode 100644 configs/config-symmetric-only.h diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h new file mode 100644 index 000000000..94e80aba7 --- /dev/null +++ b/configs/config-symmetric-only.h @@ -0,0 +1,99 @@ +/** + * \file config-symmetric-only.h + * + * \brief Configuration without any asymmetric cryptography. + */ +/* + * Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +//#define MBEDTLS_HAVE_ASM +#define MBEDTLS_HAVE_TIME +#define MBEDTLS_HAVE_TIME_DATE + +/* Mbed Crypto feature support */ +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_CIPHER_MODE_CFB +#define MBEDTLS_CIPHER_MODE_CTR +#define MBEDTLS_CIPHER_MODE_OFB +#define MBEDTLS_CIPHER_MODE_XTS +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define MBEDTLS_CIPHER_PADDING_ZEROS +#define MBEDTLS_ERROR_STRERROR_DUMMY +#define MBEDTLS_FS_IO +#define MBEDTLS_ENTROPY_NV_SEED +#define MBEDTLS_SELF_TEST +#define MBEDTLS_USE_PSA_CRYPTO +#define MBEDTLS_VERSION_FEATURES + +/* Mbed Crypto modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_ARC4_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#define MBEDTLS_BASE64_C +#define MBEDTLS_BLOWFISH_C +#define MBEDTLS_CAMELLIA_C +#define MBEDTLS_ARIA_C +#define MBEDTLS_CCM_C +#define MBEDTLS_CHACHA20_C +#define MBEDTLS_CHACHAPOLY_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CMAC_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_DES_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_ERROR_C +#define MBEDTLS_GCM_C +//#define MBEDTLS_HAVEGE_C +#define MBEDTLS_HKDF_C +#define MBEDTLS_HMAC_DRBG_C +#define MBEDTLS_NIST_KW_C +#define MBEDTLS_MD_C +#define MBEDTLS_MD2_C +#define MBEDTLS_MD4_C +#define MBEDTLS_MD5_C +#define MBEDTLS_OID_C +#define MBEDTLS_PEM_PARSE_C +#define MBEDTLS_PEM_WRITE_C +#define MBEDTLS_PKCS5_C +#define MBEDTLS_PKCS12_C +#define MBEDTLS_PLATFORM_C +#define MBEDTLS_POLY1305_C +#define MBEDTLS_PSA_CRYPTO_C +#define MBEDTLS_PSA_CRYPTO_SE_C +#define MBEDTLS_PSA_CRYPTO_STORAGE_C +#define MBEDTLS_PSA_ITS_FILE_C +#define MBEDTLS_RIPEMD160_C +#define MBEDTLS_SHA1_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SHA512_C +//#define MBEDTLS_THREADING_C +#define MBEDTLS_TIMING_C +#define MBEDTLS_VERSION_C +#define MBEDTLS_XTEA_C + +#include "check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 09baebb66..bd11c093e 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -17,6 +17,8 @@ use warnings; use strict; my %configs = ( + 'config-symmetric-only.h' => { + }, 'config-suite-b.h' => { }, ); From b16841ee69f6fbf2d250ba0369a94eabf54f92eb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 10 Oct 2019 20:36:12 +0200 Subject: [PATCH 1912/2197] Fixed -Wunused warnings when building without asymmetric crypto --- include/mbedtls/psa_util.h | 6 ++++-- library/psa_crypto.c | 2 ++ tests/suites/test_suite_psa_crypto.function | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 8d18fcc57..a87ca815b 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -230,9 +230,11 @@ static inline int mbedtls_psa_get_ecc_oid_from_id( *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); return( 0 ); #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + default: + (void) oid; + (void) oid_len; + return( -1 ); } - - return( -1 ); } #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1 diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e26a7ec01..e6ef7f747 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2003,6 +2003,7 @@ exit: /* Message digests */ /****************************************************************/ +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_DETERMINISTIC) static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) { switch( alg ) @@ -2043,6 +2044,7 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) return( NULL ); } } +#endif psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 87529ac6c..3e698f568 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -894,6 +894,8 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits, "No sanity check for public key type=0x%08lx", (unsigned long) type ); test_fail( message, __LINE__, __FILE__ ); + (void) p; + (void) end; return( 0 ); } } From 581bfcfc962e7c7a89092bd3ecc81e13190a7e9b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 11 Oct 2019 17:19:45 +0200 Subject: [PATCH 1913/2197] Create seedfile in test-ref-configs.pl config-symmetric-only.h enables MBEDTLS_ENTROPY_NV_SEED so it needs a seedfile. Create it in test-ref-configs.pl so that the script works on its own, even if it is not invoked by all.sh. --- tests/scripts/test-ref-configs.pl | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index bd11c093e..1e6596928 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -50,6 +50,15 @@ sub abort { exit 1; } +# Create a seedfile for configurations that enable MBEDTLS_ENTROPY_NV_SEED. +# For test purposes, this doesn't have to be cryptographically random. +if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) { + local *SEEDFILE; + open SEEDFILE, ">tests/seedfile" or die; + print SEEDFILE "*" x 64 or die; + close SEEDFILE or die; +} + while( my ($conf, $data) = each %configs ) { system( "cp $config_h.bak $config_h" ) and die; system( "make clean" ) and die; From 247c4d3c8876dbf52c6c100600ea9b9840cbc904 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 17 Oct 2019 10:18:51 +0100 Subject: [PATCH 1914/2197] ECDSA: Fix side channel vulnerability The blinding applied to the scalar before modular inversion is inadequate. Bignum is not constant time/constant trace, side channel attacks can retrieve the blinded value, factor it (it is smaller than RSA keys and not guaranteed to have only large prime factors). Then the key can be recovered by brute force. Reducing the blinded value makes factoring useless because the adversary can only recover pk*t+z*N instead of pk*t. --- library/ecdsa.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/ecdsa.c b/library/ecdsa.c index bda9262c9..5084b7c9d 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -363,6 +363,7 @@ modn: MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pk, pk, &t ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pk, pk, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); From ccfc5eaa81a10dc3cbfb1b0ec26f3223334a1b1e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Oct 2019 15:57:51 +0200 Subject: [PATCH 1915/2197] Fix memory leak in some SE HAL tests --- tests/suites/test_suite_psa_crypto_se_driver_hal.function | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 61fb91805..e06ef1791 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -565,16 +565,17 @@ static int check_persistent_data( psa_key_lifetime_t lifetime, psa_storage_uid_t uid = file_uid_for_lifetime( lifetime ); struct psa_storage_info_t info; uint8_t *loaded = NULL; + int ok = 0; PSA_ASSERT( psa_its_get_info( uid, &info ) ); ASSERT_ALLOC( loaded, info.size ); PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) ); ASSERT_COMPARE( expected_data, size, loaded, info.size ); - return( 1 ); + ok = 1; exit: mbedtls_free( loaded ); - return( 0 ); + return( ok ); } /* Check that a function's return status is "smoke-free", i.e. that From dd61a2e3b88a521cdc259cf976085b73aa0eaf72 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Oct 2019 15:58:20 +0200 Subject: [PATCH 1916/2197] Use the intended configuration in component_test_se_full --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d4cb0111c..32ec5fa9f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -876,6 +876,7 @@ component_test_se_default () { component_test_se_full () { msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" + scripts/config.pl full scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -O2 -fsanitize=address' LDFLAGS='-fsanitize=address' From 004206c7f52227f712abd10f0117ac8102c5f35f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Oct 2019 17:11:33 +0200 Subject: [PATCH 1917/2197] Unify ASan options in make builds Use a common set of options when building with Asan without CMake. --- tests/scripts/all.sh | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d4cb0111c..5c74c71d1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -128,6 +128,9 @@ pre_initialize_variables () { # Include more verbose output for failing tests run by CMake export CTEST_OUTPUT_ON_FAILURE=1 + # CFLAGS and LDFLAGS for Asan builds that don't use CMake + ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined' + # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". # Parse the script with sed, because in sh there is no way to list @@ -826,7 +829,7 @@ component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' -O -Werror -Wall -Wextra -fsanitize=address,undefined" LDFLAGS='-fsanitize=address,undefined' + make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -868,7 +871,7 @@ component_test_aes_fewer_tables_and_rom_tables () { component_test_se_default () { msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C" scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C - make CC=clang CFLAGS='-Werror -Wall -Wextra -Wno-unused-function -Os -fsanitize=address' LDFLAGS='-fsanitize=address' + make CC=clang CFLAGS="$ASAN_CFLAGS -Os" LDFLAGS="$ASAN_CFLAGS" msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C" make test @@ -877,7 +880,7 @@ component_test_se_default () { component_test_se_full () { msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O2 -fsanitize=address' LDFLAGS='-fsanitize=address' + make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" msg "test: full config + MBEDTLS_PSA_CRYPTO_SE_C" make test @@ -912,7 +915,7 @@ component_test_m32_o0 () { # Build once with -O0, to compile out the i386 specific inline assembly msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s scripts/config.pl full - make CC=gcc CFLAGS='-O0 -Werror -Wall -Wextra -m32 -fsanitize=address' LDFLAGS='-m32 -fsanitize=address' + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" make test @@ -931,7 +934,7 @@ component_test_m32_o1 () { scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl unset MBEDTLS_MEMORY_DEBUG - make CC=gcc CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address' LDFLAGS='-m32 -fsanitize=address' + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O1" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O1 (ASan build)" make test @@ -944,7 +947,7 @@ component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT scripts/config.pl set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -m32 -fsanitize=address' + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test From bfeed663d2e19704596744af8e2cb3378231a06d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Oct 2019 19:06:33 +0200 Subject: [PATCH 1918/2197] Asan make builds: avoid sanitizer recovery Some sanitizers default to displaying an error message and recovering. This could result in a test being recorded as passing despite a complaint from the sanitizer. Turn off sanitizer recovery to avoid this risk. --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5c74c71d1..2414f452a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -129,7 +129,7 @@ pre_initialize_variables () { export CTEST_OUTPUT_ON_FAILURE=1 # CFLAGS and LDFLAGS for Asan builds that don't use CMake - ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined' + ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all' # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". From 8b5389f360bfa95c613ba0657ef9b0b5c4a7e20b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Oct 2019 19:08:07 +0200 Subject: [PATCH 1919/2197] 'make test' must fail if Asan fails When running 'make test' with GNU make, if a test suite program displays "PASSED", this was automatically counted as a pass. This would in particular count as passing: * A test suite with the substring "PASSED" in a test description. * A test suite where all the test cases succeeded, but the final cleanup failed, in particular if a sanitizer reported a memory leak. Use the test executable's return status instead to determine whether the test suite passed. It's always 0 on PASSED unless the executable's cleanup code fails, and it's never 0 on any failure. Fix ARMmbed/mbed-crypto#303 --- tests/scripts/run-test-suites.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/run-test-suites.pl b/tests/scripts/run-test-suites.pl index 1c9dc1dfc..d06badd23 100755 --- a/tests/scripts/run-test-suites.pl +++ b/tests/scripts/run-test-suites.pl @@ -93,7 +93,7 @@ for my $suite (@suites) $suite_cases_failed = () = $result =~ /.. FAILED/g; $suite_cases_skipped = () = $result =~ /.. ----/g; - if( $result =~ /PASSED/ ) { + if( $? == 0 ) { print "PASS\n"; if( $verbose > 2 ) { pad_print_center( 72, '-', "Begin $suite" ); From 54d193743395578f0ac53dd818d4e5eab26a9cc7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 21 Oct 2019 15:57:51 +0200 Subject: [PATCH 1920/2197] Fix memory leak in some SE HAL tests --- tests/suites/test_suite_psa_crypto_se_driver_hal.function | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 61fb91805..e06ef1791 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -565,16 +565,17 @@ static int check_persistent_data( psa_key_lifetime_t lifetime, psa_storage_uid_t uid = file_uid_for_lifetime( lifetime ); struct psa_storage_info_t info; uint8_t *loaded = NULL; + int ok = 0; PSA_ASSERT( psa_its_get_info( uid, &info ) ); ASSERT_ALLOC( loaded, info.size ); PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) ); ASSERT_COMPARE( expected_data, size, loaded, info.size ); - return( 1 ); + ok = 1; exit: mbedtls_free( loaded ); - return( 0 ); + return( ok ); } /* Check that a function's return status is "smoke-free", i.e. that From 67badb44513f09089080ea18f0c8ca3de7290151 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Tue, 22 Oct 2019 13:25:06 +0200 Subject: [PATCH 1921/2197] Secure array index in its bounds --- library/gcm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/gcm.c b/library/gcm.c index 5121a7ac7..2ee5256c6 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -246,7 +246,7 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], for( i = 15; i >= 0; i-- ) { lo = x[i] & 0xf; - hi = x[i] >> 4; + hi = ( x[i] >> 4 ) & 0xf; if( i != 15 ) { From 9d3baea4390247b0ea1acc6040afcbbf57dd5189 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 23 Oct 2019 17:45:59 +0200 Subject: [PATCH 1922/2197] fixup! HMAC_DRBG: support set_entropy_len() before seed() --- include/mbedtls/hmac_drbg.h | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 8ac227caa..00be9df40 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -139,7 +139,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * Note that SHA-256 is just as efficient as SHA-224. * The security strength can be reduced if a smaller * entropy length is set with - * mbedtls_hmac_drbg_set_entropy_len() afterwards. + * mbedtls_hmac_drbg_set_entropy_len(). * * \note The default entropy length is the security strength * (converted from bits to bytes). You can override @@ -222,14 +222,9 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx /** * \brief This function sets the amount of entropy grabbed on each - * reseed. + * seed or reseed. * - * The default value is set by mbedtls_hmac_drbg_seed(). - * - * \note mbedtls_hmac_drbg_seed() always sets the entropy length - * to the default value based on the chosen MD algorithm, - * so this function only has an effect if it is called - * after mbedtls_hmac_drbg_seed(). + * See the documentation of mbedtls_hmac_drbg_seed() for the default value. * * \param ctx The HMAC_DRBG context. * \param len The amount of entropy to grab, in bytes. From 379561feff8d1a2740414cc511ba8c70ba6b1e92 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 18 Oct 2019 16:57:48 +0200 Subject: [PATCH 1923/2197] fixup! CTR_DRBG: support set_entropy_len() before seed() Update a comment that referred to a now-removed function. --- library/ctr_drbg.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index ae51d5467..0045b77c6 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -382,14 +382,13 @@ exit: } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) - * mbedtls_ctr_drbg_seed_entropy_len(ctx, f_entropy, p_entropy, - * custom, len, entropy_len) + * mbedtls_ctr_drbg_seed(ctx, f_entropy, p_entropy, custom, len) * implements * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, * security_strength) -> initial_working_state * with inputs * custom[:len] = nonce || personalization_string - * where entropy_input comes from f_entropy for entropy_len bytes + * where entropy_input comes from f_entropy for ctx->entropy_len bytes * and with outputs * ctx = initial_working_state */ From 460988a472be8dc2d8a43238c75a3196fd9b16a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 17:05:10 +0200 Subject: [PATCH 1924/2197] fixup! CTR_DRBG: support set_entropy_len() before seed() Remove a comment that documented a now-removed restriction. --- include/mbedtls/ctr_drbg.h | 5 ----- 1 file changed, 5 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 676b96e49..05b4e95a2 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -301,11 +301,6 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * * The default value is #MBEDTLS_CTR_DRBG_ENTROPY_LEN. * - * \note mbedtls_ctr_drbg_seed() always sets the entropy length - * to #MBEDTLS_CTR_DRBG_ENTROPY_LEN, so this function - * only has an effect when it is called after - * mbedtls_ctr_drbg_seed(). - * * \note The security strength of CTR_DRBG is bounded by the * entropy length. Thus: * - When using AES-256 From c0ace355a45dee944889233ecdcfdf008eae699f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 17:06:31 +0200 Subject: [PATCH 1925/2197] mbedtls_ctr_drbg_context: minor documentation improvements --- include/mbedtls/ctr_drbg.h | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 05b4e95a2..86d546a10 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -169,14 +169,19 @@ extern "C" { typedef struct mbedtls_ctr_drbg_context { unsigned char counter[16]; /*!< The counter (V). */ - int reseed_counter; /*!< The reseed counter. */ + int reseed_counter; /*!< The reseed counter. + * This is the number of requests that have + * been made since the last (re)seeding, + * minus one. */ int prediction_resistance; /*!< This determines whether prediction resistance is enabled, that is whether to systematically reseed before each random generation. */ size_t entropy_len; /*!< The amount of entropy grabbed on each - seed or reseed operation. */ - int reseed_interval; /*!< The reseed interval. */ + seed or reseed operation, in bytes. */ + int reseed_interval; /*!< The reseed interval. + * This is the maximum number of requests + * that can be made between reseedings. */ mbedtls_aes_context aes_ctx; /*!< The AES context. */ From dbd3f7c68df4ba478a9f8b981458c7a1f76963df Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 17:25:30 +0200 Subject: [PATCH 1926/2197] mbedtls_ctr_drbg_reseed: Minor readability improvement No semantic change. --- library/ctr_drbg.c | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 0045b77c6..92316dabb 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -337,41 +337,32 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, size_t seedlen = 0; int ret; - if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT || - len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) + if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); - /* - * Gather entropy_len bytes of entropy to seed state - */ - if( 0 != ctx->f_entropy( ctx->p_entropy, seed, - ctx->entropy_len ) ) + /* Gather entropy_len bytes of entropy to seed state. */ + if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) ) { return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); } - seedlen += ctx->entropy_len; - /* - * Add additional data - */ - if( additional && len ) + /* Add additional data if provided. */ + if( additional != NULL && len != 0 ) { memcpy( seed + seedlen, additional, len ); seedlen += len; } - /* - * Reduce to 384 bits - */ + /* Reduce to 384 bits. */ if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 ) goto exit; - /* - * Update state - */ + /* Update state. */ if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 ) goto exit; ctx->reseed_counter = 1; From 9be5098061b58332187cda4a4413f3abf8749cc2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 18:42:27 +0200 Subject: [PATCH 1927/2197] CTR_DRBG: add the possibility of grabbing entropy for a nonce Add a new function mbedtls_ctr_drbg_set_nonce_len() which configures the DRBG instance to call f_entropy a second time during the initial seeding to grab a nonce. The default nonce length is 0, so there is no behavior change unless the user calls the new function. --- include/mbedtls/ctr_drbg.h | 100 +++++++++++++++++++++++++------------ library/ctr_drbg.c | 65 +++++++++++++++++++++--- 2 files changed, 125 insertions(+), 40 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 86d546a10..2b0c61712 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -22,6 +22,9 @@ * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set * to 32 or more, and the DRBG is initialized with an explicit * nonce in the \c custom parameter to mbedtls_ctr_drbg_seed(). + * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set + * to 32 or more, and mbedtls_ctr_drbg_set_nonce_len() is called to set + * an entropy nonce length of 16 bytes or more. * - 128 bits if AES-256 is used but #MBEDTLS_CTR_DRBG_ENTROPY_LEN is * between 24 and 47 and the DRBG is not initialized with an explicit * nonce (see mbedtls_ctr_drbg_seed()). @@ -29,6 +32,9 @@ * and #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set to 24 or more (which is * always the case unless it is explicitly set to a different value * in config.h). + * - 128 bits if AES-128 is used (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) + * to 16 or more, and mbedtls_ctr_drbg_set_nonce_len() is called to set + * an entropy nonce length of 8 bytes or more. * * Note that the value of #MBEDTLS_CTR_DRBG_ENTROPY_LEN defaults to: * - \c 48 if the module \c MBEDTLS_SHA512_C is enabled and the symbol @@ -172,7 +178,11 @@ typedef struct mbedtls_ctr_drbg_context int reseed_counter; /*!< The reseed counter. * This is the number of requests that have * been made since the last (re)seeding, - * minus one. */ + * minus one. + * Before the initial seeding, this field + * contains the amount of entropy in bytes + * to use as a nonce for the initial seeding. + */ int prediction_resistance; /*!< This determines whether prediction resistance is enabled, that is whether to systematically reseed before @@ -222,43 +232,45 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * The entropy length is #MBEDTLS_CTR_DRBG_ENTROPY_LEN by default. * You can override it by calling mbedtls_ctr_drbg_set_entropy_len(). * - * You can provide a personalization string in addition to the + * You can provide a nonce and personalization string in addition to the * entropy source, to make this instantiation as unique as possible. + * See SP 800-90A §8.6.7 for more details about nonces. + * + * The _seed_material_ value passed to the derivation function in + * the CTR_DRBG Instantiate Process described in NIST SP 800-90A §10.2.1.3.2 + * is the concatenation of the following strings: + * - A string obtained by calling \p f_entropy function for the entropy + * length. + * - A string obtained by calling \p f_entropy function for the nonce + * length set with mbedtls_ctr_drbg_set_nonce_len(). If the entropy + * nonce length is \c 0, this function does not make a second call + * to \p f_entropy. + * - The \p custom string. + * + * \note To achieve the nominal security strength permitted + * by CTR_DRBG, the entropy length must be: + * - at least 16 bytes for a 128-bit strength + * (maximum achievable strength when using AES-128); + * - at least 32 bytes for a 256-bit strength + * (maximum achievable strength when using AES-256). + * + * In addition, if you do not pass a nonce in \p custom, + * the sum of the entropy length + * (#MBEDTLS_CTR_DRBG_ENTROPY_LEN unless overridden with + * mbedtls_ctr_drbg_set_entropy_len()) + * and the entropy nonce length (\c 0 unless overridden + * with mbedtls_ctr_drbg_set_nonce_len()) must be: + * - at least 24 bytes for a 128-bit strength + * (maximum achievable strength when using AES-128); + * - at least 48 bytes for a 256-bit strength + * (maximum achievable strength when using AES-256). * - * \note The _seed_material_ value passed to the derivation - * function in the CTR_DRBG Instantiate Process - * described in NIST SP 800-90A §10.2.1.3.2 - * is the concatenation of the string obtained from - * calling \p f_entropy and the \p custom string. - * The origin of the nonce depends on the value of - * the entropy length relative to the security strength. - * - If the entropy length is at least 1.5 times the - * security strength then the nonce is taken from the - * string obtained with \p f_entropy. - * - If the entropy length is less than the security - * strength, then the nonce is taken from \p custom. - * In this case, for compliance with SP 800-90A, - * you must pass a unique value of \p custom at - * each invocation. See SP 800-90A §8.6.7 for more - * details. - */ -#if MBEDTLS_CTR_DRBG_ENTROPY_LEN < MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 -/** \warning When #MBEDTLS_CTR_DRBG_ENTROPY_LEN is less than - * #MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2, to achieve the - * maximum security strength permitted by CTR_DRBG, - * you must pass a value of \p custom that is a nonce: - * this value must never be repeated in subsequent - * runs of the same application or on a different - * device. - */ -#endif -/** * \param ctx The CTR_DRBG context to seed. * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the * length of the buffer. * \p f_entropy is always called with a buffer size - * equal to the entropy length. + * less than or equal to the entropy length. * \param p_entropy The entropy context to pass to \p f_entropy. * \param custom The personalization string. * This can be \c NULL, in which case the personalization @@ -320,11 +332,35 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * * \param ctx The CTR_DRBG context. * \param len The amount of entropy to grab, in bytes. - * This must be at most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. + * This must be at most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + * and at most the maximum length accepted by the + * entropy function that is set in the context. */ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len ); +/** + * \brief This function sets the amount of entropy grabbed + * as a nonce for the initial seeding. + * + * Call this function before calling mbedtls_ctr_drbg_seed() to read + * a nonce from the entropy source during the initial seeding. + * + * \param ctx The CTR_DRBG context. + * \param len The amount of entropy to grab for the nonce, in bytes. + * This must be at most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + * and at most the maximum length accepted by the + * entropy function that is set in the context. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if \p len is + * more than #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. + * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + * if the initial seeding has already taken place. + */ +int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, + size_t len ); + /** * \brief This function sets the reseed interval. * diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 92316dabb..85bd04f2b 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -86,6 +86,32 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, ctx->entropy_len = len; } +int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, + size_t len ) +{ + /* If mbedtls_ctr_drbg_seed() has already been called, it's + * too late. Return the error code that's closest to making sense. */ + if( ctx->f_entropy != NULL ) + return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + + if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); +#if SIZE_MAX > INT_MAX + /* This shouldn't be an issue because + * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible + * configuration, but make sure anyway. */ + if( len > INT_MAX ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); +#endif + + /* For backward compatibility with Mbed TLS <= 2.19, store the + * entropy nonce length in a field that already exists, but isn't + * used until after the initial seeding. */ + /* Due to the capping of len above, the value fits in an int. */ + ctx->reseed_counter = (int) len; + return( 0 ); +} + void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval ) { @@ -319,7 +345,7 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, #endif /* MBEDTLS_DEPRECATED_REMOVED */ /* CTR_DRBG_Reseed with derivation function (SP 800-90A §10.2.1.4.2) - * mbedtls_ctr_drbg_reseed(ctx, additional, len) + * mbedtls_ctr_drbg_reseed(ctx, additional, len, nonce_len) * implements * CTR_DRBG_Reseed(working_state, entropy_input, additional_input) * -> new_working_state @@ -327,11 +353,14 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, * ctx contains working_state * additional[:len] = additional_input * and entropy_input comes from calling ctx->f_entropy + * for (ctx->entropy_len + nonce_len) bytes * and with output * ctx contains new_working_state */ -int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t len ) +int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t len, + size_t nonce_len ) { unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; @@ -339,7 +368,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) + if( nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); @@ -351,6 +382,16 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, } seedlen += ctx->entropy_len; + /* Gather entropy for a nonce if requested. */ + if( nonce_len != 0 ) + { + if( 0 != ctx->f_entropy( ctx->p_entropy, seed, nonce_len ) ) + { + return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + } + seedlen += nonce_len; + } + /* Add additional data if provided. */ if( additional != NULL && len != 0 ) { @@ -372,6 +413,12 @@ exit: return( ret ); } +int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, size_t len ) +{ + return( mbedtls_ctr_drbg_reseed_internal( ctx, additional, len, 0 ) ); +} + /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) * mbedtls_ctr_drbg_seed(ctx, f_entropy, p_entropy, custom, len) * implements @@ -403,16 +450,18 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN; ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; - /* - * Initialize with an empty key - */ + /* Initialize with an empty key. */ if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) { return( ret ); } - if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) + /* Do the initial seeding. + * ctx->reseed_counter contains the desired amount of entropy to + * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()). */ + if( ( ret = mbedtls_ctr_drbg_reseed_internal( ctx, custom, len, + ctx->reseed_counter ) ) != 0 ) { return( ret ); } From 97f59ab527ae02cf34b7271a3d369e92d9039884 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 18:42:27 +0200 Subject: [PATCH 1928/2197] CTR_DRBG: add the possibility of grabbing entropy for a nonce Add a new function mbedtls_ctr_drbg_set_nonce_len() which configures the DRBG instance to call f_entropy a second time during the initial seeding to grab a nonce. The default nonce length is 0, so there is no behavior change unless the user calls the new function. --- library/ctr_drbg.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 85bd04f2b..8a62f6d46 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -357,10 +357,10 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, * and with output * ctx contains new_working_state */ -int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t len, - size_t nonce_len ) +static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t len, + size_t nonce_len ) { unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; From 58b56ce4445af23df4495df8ebb8731b43832849 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 19:10:01 +0200 Subject: [PATCH 1929/2197] CTR_DRBG entropy usage: test the exact amount of consumed entropy --- tests/suites/test_suite_ctr_drbg.function | 26 +++++++++++------------ 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 01050d92d..2b95062cc 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -197,7 +197,7 @@ void ctr_drbg_entropy_usage( ) unsigned char entropy[1024]; mbedtls_ctr_drbg_context ctx; size_t i, reps = 10; - size_t last_idx; + size_t expected_idx = 0; mbedtls_ctr_drbg_init( &ctx ); test_offset_idx = 0; @@ -207,20 +207,19 @@ void ctr_drbg_entropy_usage( ) memset( add, 0, sizeof( add ) ); /* Init must use entropy */ - last_idx = test_offset_idx; TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy, NULL, 0 ) == 0 ); - TEST_ASSERT( last_idx < test_offset_idx ); + expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; + TEST_EQUAL( test_offset_idx, expected_idx ); /* By default, PR is off and reseed_interval is large, * so the next few calls should not use entropy */ - last_idx = test_offset_idx; for( i = 0; i < reps; i++ ) { TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, add, sizeof( add ) ) == 0 ); } - TEST_ASSERT( last_idx == test_offset_idx ); + TEST_EQUAL( test_offset_idx, expected_idx ); /* While at it, make sure we didn't write past the requested length */ TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); @@ -232,17 +231,17 @@ void ctr_drbg_entropy_usage( ) * so the next call should reseed */ mbedtls_ctr_drbg_set_reseed_interval( &ctx, 2 * reps ); TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( last_idx < test_offset_idx ); + expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; + TEST_EQUAL( test_offset_idx, expected_idx ); /* The new few calls should not reseed */ - last_idx = test_offset_idx; for( i = 0; i < reps / 2; i++ ) { TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) , add, sizeof( add ) ) == 0 ); } - TEST_ASSERT( last_idx == test_offset_idx ); + TEST_EQUAL( test_offset_idx, expected_idx ); /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT). * Make sure it's detected as an error and doesn't cause memory @@ -253,18 +252,19 @@ void ctr_drbg_entropy_usage( ) /* Now enable PR, so the next few calls should all reseed */ mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( last_idx < test_offset_idx ); + expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; + TEST_EQUAL( test_offset_idx, expected_idx ); /* Finally, check setting entropy_len */ mbedtls_ctr_drbg_set_entropy_len( &ctx, 42 ); - last_idx = test_offset_idx; TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( test_offset_idx - last_idx == 42 ); + expected_idx += 42; + TEST_EQUAL( test_offset_idx, expected_idx ); mbedtls_ctr_drbg_set_entropy_len( &ctx, 13 ); - last_idx = test_offset_idx; TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( test_offset_idx - last_idx == 13 ); + expected_idx += 13; + TEST_EQUAL( test_offset_idx, expected_idx ); exit: mbedtls_ctr_drbg_free( &ctx ); From 4d2d4ff9b041a6966db49365ed282a037f995584 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 19:10:33 +0200 Subject: [PATCH 1930/2197] HMAC_DRBG entropy usage: test the exact amount of consumed entropy --- tests/suites/test_suite_hmac_drbg.function | 35 ++++++++++++++-------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index 13bc40062..b526f4313 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -37,7 +37,9 @@ void hmac_drbg_entropy_usage( int md_alg ) const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; entropy_ctx entropy; - size_t last_len, i, reps = 10; + size_t i, reps = 10; + size_t default_entropy_len; + size_t expected_consumed_entropy = 0; mbedtls_hmac_drbg_init( &ctx ); memset( buf, 0, sizeof( buf ) ); @@ -48,23 +50,29 @@ void hmac_drbg_entropy_usage( int md_alg ) md_info = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md_info != NULL ); + if( mbedtls_md_get_size( md_info ) <= 20 ) + default_entropy_len = 16; + else if( mbedtls_md_get_size( md_info ) <= 28 ) + default_entropy_len = 24; + else + default_entropy_len = 32; /* Init must use entropy */ - last_len = entropy.len; TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &entropy, NULL, 0 ) == 0 ); - TEST_ASSERT( entropy.len < last_len ); + /* default_entropy_len of entropy, plus half as much for the nonce */ + expected_consumed_entropy += default_entropy_len * 3 / 2; + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); /* By default, PR is off and reseed_interval is large, * so the next few calls should not use entropy */ - last_len = entropy.len; for( i = 0; i < reps; i++ ) { TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, buf, 16 ) == 0 ); } - TEST_ASSERT( entropy.len == last_len ); + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); /* While at it, make sure we didn't write past the requested length */ TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); @@ -76,33 +84,34 @@ void hmac_drbg_entropy_usage( int md_alg ) * so the next call should reseed */ mbedtls_hmac_drbg_set_reseed_interval( &ctx, 2 * reps ); TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( entropy.len < last_len ); + expected_consumed_entropy += default_entropy_len; + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); /* The new few calls should not reseed */ - last_len = entropy.len; for( i = 0; i < reps / 2; i++ ) { TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) , buf, 16 ) == 0 ); } - TEST_ASSERT( entropy.len == last_len ); + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); /* Now enable PR, so the next few calls should all reseed */ mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( entropy.len < last_len ); + expected_consumed_entropy += default_entropy_len; + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); /* Finally, check setting entropy_len */ mbedtls_hmac_drbg_set_entropy_len( &ctx, 42 ); - last_len = entropy.len; TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( (int) last_len - entropy.len == 42 ); + expected_consumed_entropy += 42; + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); mbedtls_hmac_drbg_set_entropy_len( &ctx, 13 ); - last_len = entropy.len; TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( (int) last_len - entropy.len == 13 ); + expected_consumed_entropy += 13; + TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); exit: mbedtls_hmac_drbg_free( &ctx ); From c949de06ec87c62437d5f20d417c516600676d81 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 19:14:26 +0200 Subject: [PATCH 1931/2197] Test mbedtls_ctr_drbg_set_nonce_len Test mbedtls_ctr_drbg_set_nonce_len (good cases only, which is in keeping with the coverage of other functions). --- tests/suites/test_suite_ctr_drbg.data | 10 ++++++++-- tests/suites/test_suite_ctr_drbg.function | 7 ++++++- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 312910edd..5f198a4ee 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1070,8 +1070,14 @@ CTR_DRBG CAVS 14.3 (AES-128 use df,True,128,64,0,0) #0 depends_on:MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_pr:"d4f1f4ae08bcb3e1":"5d4041942bcf68864a4997d8171f1f9fef55a769b7eaf03fe082029bb32a2b9d8239e865c0a42e14b964b9c09de85a20":"":"":"4155320287eedcf7d484c2c2a1e2eb64b9c9ce77c87202a1ae1616c7a5cfd1c687c7a0bfcc85bda48fdd4629fd330c22d0a76076f88fc7cd04037ee06b7af602" -CTR_DRBG entropy usage -ctr_drbg_entropy_usage: +CTR_DRBG entropy usage (entropy_nonce_len=0 by default) +ctr_drbg_entropy_usage:-1 + +CTR_DRBG entropy usage (entropy_nonce_len=0) +ctr_drbg_entropy_usage:0 + +CTR_DRBG entropy usage (entropy_nonce_len=7) +ctr_drbg_entropy_usage:7 CTR_DRBG write/update seed file [#1] ctr_drbg_seed_file:"data_files/ctr_drbg_seed":0 diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 2b95062cc..02f9eca5e 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -190,7 +190,7 @@ void ctr_drbg_validate_reseed_first( data_t * add_init, data_t * entropy, /* BEGIN_CASE */ -void ctr_drbg_entropy_usage( ) +void ctr_drbg_entropy_usage( int entropy_nonce_len ) { unsigned char out[16]; unsigned char add[16]; @@ -206,9 +206,14 @@ void ctr_drbg_entropy_usage( ) memset( out, 0, sizeof( out ) ); memset( add, 0, sizeof( add ) ); + if( entropy_nonce_len >= 0 ) + TEST_ASSERT( mbedtls_ctr_drbg_set_nonce_len( &ctx, entropy_nonce_len ) == 0 ); + /* Init must use entropy */ TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy, NULL, 0 ) == 0 ); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; + if( entropy_nonce_len >= 0 ) + expected_idx += entropy_nonce_len; TEST_EQUAL( test_offset_idx, expected_idx ); /* By default, PR is off and reseed_interval is large, From 0ed378aa02c22fdeba0113d7cd736777c0d4ebf6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 20:33:56 +0200 Subject: [PATCH 1932/2197] CTR_DRBG: explicitly set entropy_nonce_len=0 when desired No behavior change. Prepare for a future version that will set the entropy nonce length to a nonzero value by default. --- library/ctr_drbg.c | 2 ++ tests/suites/test_suite_ctr_drbg.function | 1 + 2 files changed, 3 insertions(+) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 8a62f6d46..8c6ee59d5 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -732,6 +732,7 @@ int mbedtls_ctr_drbg_self_test( int verbose ) test_offset = 0; mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 ); + mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 ); CHK( mbedtls_ctr_drbg_seed( &ctx, ctr_drbg_self_test_entropy, (void *) entropy_source_pr, @@ -756,6 +757,7 @@ int mbedtls_ctr_drbg_self_test( int verbose ) test_offset = 0; mbedtls_ctr_drbg_set_entropy_len( &ctx, 32 ); + mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 ); CHK( mbedtls_ctr_drbg_seed( &ctx, ctr_drbg_self_test_entropy, (void *) entropy_source_nopr, diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 02f9eca5e..c79b6e2aa 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -45,6 +45,7 @@ static void ctr_drbg_validate_internal( int reseed_mode, data_t * nonce, /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, ) * where nonce||perso = nonce[nonce->len] */ mbedtls_ctr_drbg_set_entropy_len( &ctx, entropy_chunk_len ); + mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 ); TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy->x, From e9a3454e0980887a81f7c61dfdd355769296940c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Oct 2019 20:43:24 +0200 Subject: [PATCH 1933/2197] CTR_DRBG: grab a nonce from the entropy source if needed Change the default entropy nonce length to be nonzero in some cases. Specifically, the default nonce length is now set in such a way that the entropy input during the initial seeding always contains enough entropy to achieve the maximum possible security strength per NIST SP 800-90A given the key size and entropy length. If MBEDTLS_CTR_DRBG_ENTROPY_LEN is kept to its default value, mbedtls_ctr_drbg_seed() now grabs extra entropy for a nonce if MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is disabled and either MBEDTLS_ENTROPY_FORCE_SHA256 is enabled or MBEDTLS_SHA512_C is disabled. If MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled, or if the entropy module uses SHA-512, then the default value of MBEDTLS_CTR_DRBG_ENTROPY_LEN does not require a second call to the entropy function to achieve the maximum security strength. This choice of default nonce size guarantees NIST compliance with the maximum security strength while keeping backward compatibility and performance high: in configurations that do not require grabbing more entropy, the code will not grab more entropy than before. --- include/mbedtls/ctr_drbg.h | 79 ++++++++++++----------- library/ctr_drbg.c | 31 +++++++-- tests/suites/test_suite_ctr_drbg.data | 5 ++ tests/suites/test_suite_ctr_drbg.function | 14 ++++ 4 files changed, 88 insertions(+), 41 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 2b0c61712..09f4e620e 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -12,36 +12,14 @@ * The Mbed TLS implementation of CTR_DRBG uses AES-256 (default) or AES-128 * (if \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled at compile time) * as the underlying block cipher, with a derivation function. - * The initial seeding grabs #MBEDTLS_CTR_DRBG_ENTROPY_LEN bytes of entropy. - * See the documentation of mbedtls_ctr_drbg_seed() for more details. * - * Based on NIST SP 800-90A §10.2.1 table 3 and NIST SP 800-57 part 1 table 2, - * here are the security strengths achieved in typical configuration: - * - 256 bits under the default configuration of the library, with AES-256 - * and with #MBEDTLS_CTR_DRBG_ENTROPY_LEN set to 48 or more. - * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set - * to 32 or more, and the DRBG is initialized with an explicit - * nonce in the \c custom parameter to mbedtls_ctr_drbg_seed(). - * - 256 bits if AES-256 is used, #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set - * to 32 or more, and mbedtls_ctr_drbg_set_nonce_len() is called to set - * an entropy nonce length of 16 bytes or more. - * - 128 bits if AES-256 is used but #MBEDTLS_CTR_DRBG_ENTROPY_LEN is - * between 24 and 47 and the DRBG is not initialized with an explicit - * nonce (see mbedtls_ctr_drbg_seed()). - * - 128 bits if AES-128 is used (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) - * and #MBEDTLS_CTR_DRBG_ENTROPY_LEN is set to 24 or more (which is - * always the case unless it is explicitly set to a different value - * in config.h). - * - 128 bits if AES-128 is used (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) - * to 16 or more, and mbedtls_ctr_drbg_set_nonce_len() is called to set - * an entropy nonce length of 8 bytes or more. - * - * Note that the value of #MBEDTLS_CTR_DRBG_ENTROPY_LEN defaults to: - * - \c 48 if the module \c MBEDTLS_SHA512_C is enabled and the symbol - * \c MBEDTLS_ENTROPY_FORCE_SHA256 is disabled at compile time. - * This is the default configuration of the library. - * - \c 32 if the module \c MBEDTLS_SHA512_C is disabled at compile time. - * - \c 32 if \c MBEDTLS_ENTROPY_FORCE_SHA256 is enabled at compile time. + * The security strength as defined in NIST SP 800-90A is + * 128 bits when AES-128 is used (\c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) + * and 256 bits otherwise, provided that #MBEDTLS_CTR_DRBG_ENTROPY_LEN is + * kept at its default value (and not overridden in config.h) and that the + * DRBG instance is set up with default parameters. + * See the documentation of mbedtls_ctr_drbg_seed() for more + * information. */ /* * Copyright (C) 2006-2019, Arm Limited (or its affiliates), All Rights Reserved @@ -232,6 +210,26 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * The entropy length is #MBEDTLS_CTR_DRBG_ENTROPY_LEN by default. * You can override it by calling mbedtls_ctr_drbg_set_entropy_len(). * + * The entropy nonce length is: + * - \c 0 if the entropy length is at least 3/2 times the entropy length, + * which guarantees that the security strength is the maximum permitted + * by the key size and entropy length according to NIST SP 800-90A §10.2.1; + * - Half the entropy length otherwise. + * You can override it by calling mbedtls_ctr_drbg_set_nonce_len(). + */ +#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 +/** With the default entropy length, the entropy nonce length is \c 0. + */ +#elif MBEDTLS_CTR_DRBG_ENTROPY_LEN & 1 +/** With the default entropy length, the entropy nonce length is + * (#MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2. + */ +#else +/** With the default entropy length, the entropy nonce length is + * #MBEDTLS_CTR_DRBG_ENTROPY_LEN / 2. + */ +#endif +/** * You can provide a nonce and personalization string in addition to the * entropy source, to make this instantiation as unique as possible. * See SP 800-90A §8.6.7 for more details about nonces. @@ -241,10 +239,20 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * is the concatenation of the following strings: * - A string obtained by calling \p f_entropy function for the entropy * length. - * - A string obtained by calling \p f_entropy function for the nonce - * length set with mbedtls_ctr_drbg_set_nonce_len(). If the entropy - * nonce length is \c 0, this function does not make a second call - * to \p f_entropy. + */ +#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 +/** + * - If mbedtls_ctr_drbg_set_nonce_len() has been called, a string + * obtained by calling \p f_entropy function for the specified length. + */ +#else +/** + * - A string obtained by calling \p f_entropy function for the entropy nonce + * length. If the entropy nonce length is \c 0, this function does not + * make a second call to \p f_entropy. + */ +#endif +/** * - The \p custom string. * * \note To achieve the nominal security strength permitted @@ -256,10 +264,7 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * * In addition, if you do not pass a nonce in \p custom, * the sum of the entropy length - * (#MBEDTLS_CTR_DRBG_ENTROPY_LEN unless overridden with - * mbedtls_ctr_drbg_set_entropy_len()) - * and the entropy nonce length (\c 0 unless overridden - * with mbedtls_ctr_drbg_set_nonce_len()) must be: + * and the entropy nonce length must be: * - at least 24 bytes for a 128-bit strength * (maximum achievable strength when using AES-128); * - at least 48 bytes for a 256-bit strength diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 8c6ee59d5..047bb2a3e 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -56,6 +56,9 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); + /* Indicate that the entropy nonce length is not set explicitly. + * See mbedtls_ctr_drbg_set_nonce_len(). */ + ctx->reseed_counter = -1; #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &ctx->mutex ); @@ -419,6 +422,19 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, return( mbedtls_ctr_drbg_reseed_internal( ctx, additional, len, 0 ) ); } +/* Return a "good" nonce length for CTR_DRBG. The chosen nonce length + * is sufficient to achieve the maximum security strength given the key + * size and entropy length. If there is enough entropy in the initial + * call to the entropy function to serve as both the entropy input and + * the nonce, don't make a second call to get a nonce. */ +static size_t good_nonce_len( size_t entropy_len ) +{ + if( entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 ) + return( 0 ); + else + return( ( entropy_len + 1 ) / 2 ); +} + /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) * mbedtls_ctr_drbg_seed(ctx, f_entropy, p_entropy, custom, len) * implements @@ -438,6 +454,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, { int ret; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; + size_t nonce_len; memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); @@ -448,6 +465,14 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, if( ctx->entropy_len == 0 ) ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN; + /* ctx->reseed_counter contains the desired amount of entropy to + * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()). + * If it's -1, indicating that the entropy nonce length was not set + * explicitly, use a sufficiently large nonce for security. */ + nonce_len = ( ctx->reseed_counter >= 0 ? + (size_t) ctx->reseed_counter : + good_nonce_len( ctx->entropy_len ) ); + ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; /* Initialize with an empty key. */ @@ -457,11 +482,9 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, return( ret ); } - /* Do the initial seeding. - * ctx->reseed_counter contains the desired amount of entropy to - * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()). */ + /* Do the initial seeding. */ if( ( ret = mbedtls_ctr_drbg_reseed_internal( ctx, custom, len, - ctx->reseed_counter ) ) != 0 ) + nonce_len ) ) != 0 ) { return( ret ); } diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 5f198a4ee..461e50255 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1071,6 +1071,11 @@ depends_on:MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_pr:"d4f1f4ae08bcb3e1":"5d4041942bcf68864a4997d8171f1f9fef55a769b7eaf03fe082029bb32a2b9d8239e865c0a42e14b964b9c09de85a20":"":"":"4155320287eedcf7d484c2c2a1e2eb64b9c9ce77c87202a1ae1616c7a5cfd1c687c7a0bfcc85bda48fdd4629fd330c22d0a76076f88fc7cd04037ee06b7af602" CTR_DRBG entropy usage (entropy_nonce_len=0 by default) +depends_on:!DEFAULT_ENTROPY_NONCE +ctr_drbg_entropy_usage:-1 + +CTR_DRBG entropy usage (entropy_nonce_len=entropy_len/2 by default) +depends_on:DEFAULT_ENTROPY_NONCE ctr_drbg_entropy_usage:-1 CTR_DRBG entropy usage (entropy_nonce_len=0) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c79b6e2aa..c28438587 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -3,6 +3,14 @@ #include "mbedtls/ctr_drbg.h" #include "string.h" +/* mbedtls_ctr_drbg_seed() grabs a nonce by default if the entropy + * length is smaller than 3/2 times the maximum security strength. */ +#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 +#undef DEFAULT_ENTROPY_NONCE +#else +#define DEFAULT_ENTROPY_NONCE +#endif + /* Modes for ctr_drbg_validate */ enum reseed_mode { @@ -215,6 +223,12 @@ void ctr_drbg_entropy_usage( int entropy_nonce_len ) expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; if( entropy_nonce_len >= 0 ) expected_idx += entropy_nonce_len; + else + { +#if defined(DEFAULT_ENTROPY_NONCE) + expected_idx += ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2; +#endif + } TEST_EQUAL( test_offset_idx, expected_idx ); /* By default, PR is off and reseed_interval is large, From 69971662bf8daf82ab641eac40aa2afe56476779 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 23 Oct 2019 19:39:36 +0200 Subject: [PATCH 1934/2197] CTR_DRBG: define a constant for the default entropy nonce length The default entropy nonce length is either zero or nonzero depending on the desired security strength and the entropy length. The implementation calculates the actual entropy nonce length from the actual entropy length, and therefore it doesn't need a constant that indicates the default entropy nonce length. A portable application may be interested in this constant, however. And our test code could definitely use it. Define a constant MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN and use it in test code. Previously, test_suite_ctr_drbg had knowledge about the default entropy nonce length built in and test_suite_psa_crypto_init failed. Now both use MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN. This change means that the test ctr_drbg_entropy_usage no longer validates that the default entropy nonce length is sensible. So add a new test that checks that the default entropy length and the default entropy nonce length are sufficient to ensure the expected security strength. --- include/mbedtls/ctr_drbg.h | 37 +++++++++------- tests/suites/test_suite_ctr_drbg.data | 15 ++++--- tests/suites/test_suite_ctr_drbg.function | 44 +++++++++++++------ tests/suites/test_suite_psa_crypto_init.data | 10 +++++ .../test_suite_psa_crypto_init.function | 6 +++ 5 files changed, 78 insertions(+), 34 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 09f4e620e..a0750e0d4 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -147,6 +147,24 @@ extern "C" { #endif +#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 +/** The default length of the nonce read from the entropy source. + * + * This is \c 0 because a single read from the entropy source is sufficient + * to include a nonce. + * See the documentation of mbedtls_ctr_drbg_seed() for more information. + */ +#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN 0 +#else +/** The default length of the nonce read from the entropy source. + * + * This is half of the default entropy length because a single read from + * the entropy source does not provide enough material to form a nonce. + * See the documentation of mbedtls_ctr_drbg_seed() for more information. + */ +#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2 +#endif + /** * \brief The CTR_DRBG context structure. */ @@ -216,20 +234,9 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * by the key size and entropy length according to NIST SP 800-90A §10.2.1; * - Half the entropy length otherwise. * You can override it by calling mbedtls_ctr_drbg_set_nonce_len(). - */ -#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 -/** With the default entropy length, the entropy nonce length is \c 0. - */ -#elif MBEDTLS_CTR_DRBG_ENTROPY_LEN & 1 -/** With the default entropy length, the entropy nonce length is - * (#MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2. - */ -#else -/** With the default entropy length, the entropy nonce length is - * #MBEDTLS_CTR_DRBG_ENTROPY_LEN / 2. - */ -#endif -/** + * With the default entropy length, the entropy nonce length is + * #MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN. + * * You can provide a nonce and personalization string in addition to the * entropy source, to make this instantiation as unique as possible. * See SP 800-90A §8.6.7 for more details about nonces. @@ -240,7 +247,7 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * - A string obtained by calling \p f_entropy function for the entropy * length. */ -#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 +#if MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN == 0 /** * - If mbedtls_ctr_drbg_set_nonce_len() has been called, a string * obtained by calling \p f_entropy function for the specified length. diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 461e50255..b50df2ba3 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1070,12 +1070,7 @@ CTR_DRBG CAVS 14.3 (AES-128 use df,True,128,64,0,0) #0 depends_on:MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_pr:"d4f1f4ae08bcb3e1":"5d4041942bcf68864a4997d8171f1f9fef55a769b7eaf03fe082029bb32a2b9d8239e865c0a42e14b964b9c09de85a20":"":"":"4155320287eedcf7d484c2c2a1e2eb64b9c9ce77c87202a1ae1616c7a5cfd1c687c7a0bfcc85bda48fdd4629fd330c22d0a76076f88fc7cd04037ee06b7af602" -CTR_DRBG entropy usage (entropy_nonce_len=0 by default) -depends_on:!DEFAULT_ENTROPY_NONCE -ctr_drbg_entropy_usage:-1 - -CTR_DRBG entropy usage (entropy_nonce_len=entropy_len/2 by default) -depends_on:DEFAULT_ENTROPY_NONCE +CTR_DRBG entropy usage (default entropy_nonce_len) ctr_drbg_entropy_usage:-1 CTR_DRBG entropy usage (entropy_nonce_len=0) @@ -1084,6 +1079,14 @@ ctr_drbg_entropy_usage:0 CTR_DRBG entropy usage (entropy_nonce_len=7) ctr_drbg_entropy_usage:7 +CTR_DRBG entropy strength: 128 bits +depends_on:MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +ctr_drbg_entropy_strength:128 + +CTR_DRBG entropy strength: 256 bits +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +ctr_drbg_entropy_strength:256 + CTR_DRBG write/update seed file [#1] ctr_drbg_seed_file:"data_files/ctr_drbg_seed":0 diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c28438587..8317c08c8 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -3,14 +3,6 @@ #include "mbedtls/ctr_drbg.h" #include "string.h" -/* mbedtls_ctr_drbg_seed() grabs a nonce by default if the entropy - * length is smaller than 3/2 times the maximum security strength. */ -#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 -#undef DEFAULT_ENTROPY_NONCE -#else -#define DEFAULT_ENTROPY_NONCE -#endif - /* Modes for ctr_drbg_validate */ enum reseed_mode { @@ -196,7 +188,37 @@ void ctr_drbg_validate_reseed_first( data_t * add_init, data_t * entropy, } /* END_CASE */ +/* BEGIN_CASE */ +void ctr_drbg_entropy_strength( int expected_bit_strength ) +{ + unsigned char entropy[/*initial entropy*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN + + /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN + + /*reseed*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN]; + mbedtls_ctr_drbg_context ctx; + size_t last_idx; + size_t byte_strength = expected_bit_strength / 8; + mbedtls_ctr_drbg_init( &ctx ); + test_offset_idx = 0; + test_max_idx = sizeof( entropy ); + memset( entropy, 0, sizeof( entropy ) ); + + /* The initial seeding must grab at least byte_strength bytes of entropy + * for the entropy input and byte_strength/2 bytes for a nonce. */ + TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, + mbedtls_test_entropy_func, entropy, + NULL, 0 ) == 0 ); + TEST_ASSERT( test_offset_idx >= ( byte_strength * 3 + 1 ) / 2 ); + last_idx = test_offset_idx; + + /* A reseed must grab at least byte_strength bytes of entropy. */ + TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) == 0 ); + TEST_ASSERT( test_offset_idx - last_idx >= byte_strength ); + +exit: + mbedtls_ctr_drbg_free( &ctx ); +} +/* END_CASE */ /* BEGIN_CASE */ void ctr_drbg_entropy_usage( int entropy_nonce_len ) @@ -224,11 +246,7 @@ void ctr_drbg_entropy_usage( int entropy_nonce_len ) if( entropy_nonce_len >= 0 ) expected_idx += entropy_nonce_len; else - { -#if defined(DEFAULT_ENTROPY_NONCE) - expected_idx += ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2; -#endif - } + expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; TEST_EQUAL( test_offset_idx, expected_idx ); /* By default, PR is off and reseed_interval is large, diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index c57a764ef..9620a642a 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -34,15 +34,25 @@ fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:0:PSA_ERROR_INSUFFICIENT_EN Fake entropy: less than the block size fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY +Fake entropy: not enough for a nonce +depends_on:ENTROPY_NONCE_LEN != 0 +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:ENTROPY_NONCE_LEN - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY + Fake entropy: one block eventually +depends_on:ENTROPY_NONCE_LEN == 0 fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS Fake entropy: one block in two steps +depends_on:ENTROPY_NONCE_LEN == 0 fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:-1:-1:PSA_SUCCESS Fake entropy: more than one block in two steps +depends_on:ENTROPY_NONCE_LEN == 0 fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS +Fake entropy: two blocks eventually +fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:MBEDTLS_ENTROPY_BLOCK_SIZE:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS + NV seed only: less than minimum entropy_from_nv_seed:MBEDTLS_ENTROPY_MIN_PLATFORM - 1:PSA_ERROR_INSUFFICIENT_ENTROPY diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 3c4b42e03..3283ac9f6 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -11,6 +11,12 @@ #define ENTROPY_MIN_NV_SEED_SIZE \ MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) +/* PSA crypto uses the CTR_DRBG module. In some configurations, it needs + * to read from the entropy source twice: once for the initial entropy + * and once for a nonce. */ +#include "mbedtls/ctr_drbg.h" +#define ENTROPY_NONCE_LEN MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN + typedef struct { size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */ From 2ce22a50790f2c8d0dae2a3d82f1148f9f389932 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 28 Oct 2019 15:25:10 +0000 Subject: [PATCH 1935/2197] Stop transactions from being reentrant We want to explicitly disallow creating new transactions when a transaction is already in progress. However, we were incorrectly checking for the existence of the injected entropy file before continuing with creating a transaction. This meant we could have a transaction already in progress and would be able to still create a new transaction. It also meant we couldn't start a new transaction if any entropy had been injected. Check the transaction file instead of the injected entropy file in order to prevent multiple concurrent transactions. --- library/psa_crypto_storage.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index a27442cd9..1389fd451 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -419,7 +419,7 @@ psa_status_t psa_crypto_save_transaction( void ) { struct psa_storage_info_t p_info; psa_status_t status; - status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); + status = psa_its_get_info( PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info ); if( status == PSA_SUCCESS ) { /* This shouldn't happen: we're trying to start a transaction while From f0ebbfb3fcd07a31c8329600731c1d6f3d726d87 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Oct 2019 17:28:46 +0100 Subject: [PATCH 1936/2197] Fix CTR_DRBG benchmark You can't reuse a CTR_DRBG context without free()ing it and re-init()ing. This generally happened to work, but was never guaranteed. It could have failed with alternative implementations of the AES module because mbedtls_ctr_drbg_seed() calls mbedtls_aes_init() on a context which is already initialized if mbedtls_ctr_drbg_seed() hasn't been called before, plausibly causing a memory leak. Calling free() and seed() with no intervening init fails when MBEDTLS_THREADING_C is enabled and all-bits-zero is not a valid mutex representation. So add the missing free() and init(). --- programs/test/benchmark.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index b005c203a..8f89c70c6 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -686,12 +686,13 @@ int main( int argc, char *argv[] ) mbedtls_ctr_drbg_context ctr_drbg; mbedtls_ctr_drbg_init( &ctr_drbg ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); TIME_AND_TSC( "CTR_DRBG (NOPR)", mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_ctr_drbg_init( &ctr_drbg ); if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON ); From bd326f93d4297adac26bef6d9e0cc056508ac2ee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Oct 2019 17:33:07 +0100 Subject: [PATCH 1937/2197] Note that mbedtls_ctr_drbg_seed() must not be called twice You can't reuse a CTR_DRBG context without free()ing it and re-init()ing it. This generally happened to work, but was never guaranteed. It could have failed with alternative implementations of the AES module because mbedtls_ctr_drbg_seed() calls mbedtls_aes_init() on a context which is already initialized if mbedtls_ctr_drbg_seed() hasn't been called before, plausibly causing a memory leak. Since the addition of mbedtls_ctr_drbg_set_nonce_len(), the second call to mbedtls_ctr_drbg_seed() uses a nonsensical value as the entropy nonce length. Calling free() and seed() with no intervening init fails when MBEDTLS_THREADING_C is enabled and all-bits-zero is not a valid mutex representation. --- include/mbedtls/ctr_drbg.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index a0750e0d4..091f15ac2 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -278,6 +278,13 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * (maximum achievable strength when using AES-256). * * \param ctx The CTR_DRBG context to seed. + * It must have been initialized with + * mbedtls_ctr_drbg_init(). + * After a successful call to mbedtls_ctr_drbg_seed(), + * you may not call mbedtls_ctr_drbg_seed() again on + * the same context unless you call + * mbedtls_ctr_drbg_free() and mbedtls_ctr_drbg_init() + * again first. * \param f_entropy The entropy callback, taking as arguments the * \p p_entropy context, the buffer to fill, and the * length of the buffer. From 35d6d46169717d60f3f8728d0b6df0cfbd57e056 Mon Sep 17 00:00:00 2001 From: Alexander K Date: Thu, 31 Oct 2019 14:46:45 +0300 Subject: [PATCH 1938/2197] Small performance improvement of mbedtls_mpi_div_mpi(): 1. don't use dynamic allocator for fixed size T2; 2. move T2 initialization out of the inner loop. --- library/bignum.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index d5bde8b2c..faf2be6e7 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1632,6 +1632,7 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, int ret; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; + mbedtls_mpi_uint __tp2[3]; MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); @@ -1639,7 +1640,11 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); + mbedtls_mpi_init( &T1 ); + /* Avoid dynamic memory allocations for constant-size T2. */ + T2.s = 1; + T2.n = 3; + T2.p = __tp2; if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) { @@ -1655,7 +1660,6 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z, 0 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, 2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T2, 3 ) ); k = mbedtls_mpi_bitlen( &Y ) % biL; if( k < biL - 1 ) @@ -1687,6 +1691,10 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, Y.p[t], NULL); } + T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2]; + T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1]; + T2.p[2] = X.p[i]; + Z.p[i - t - 1]++; do { @@ -1696,11 +1704,6 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, T1.p[0] = ( t < 1 ) ? 0 : Y.p[t - 1]; T1.p[1] = Y.p[t]; MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T2, 0 ) ); - T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2]; - T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1]; - T2.p[2] = X.p[i]; } while( mbedtls_mpi_cmp_mpi( &T1, &T2 ) > 0 ); @@ -1736,7 +1739,7 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, cleanup: mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); - mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); + mbedtls_mpi_free( &T1 ); return( ret ); } From 5033db293bd2a93128d09573e7ca2cce2f0e2862 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 Oct 2019 15:07:08 +0100 Subject: [PATCH 1939/2197] Clarify that the "FATAL" message is expected The test case "Memory buffer small buffer" emits a message "FATAL: verification of first header failed". In this test case, it's actually expected, but it looks weird to see this message from a passing test. Add a comment that states this explicitly, and modify the test description to indicate that the failure is expected, and change the test function name to be more accurate. Fix #309 --- tests/suites/test_suite_memory_buffer_alloc.data | 4 ++-- tests/suites/test_suite_memory_buffer_alloc.function | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_memory_buffer_alloc.data b/tests/suites/test_suite_memory_buffer_alloc.data index d59f1135a..660ca0a37 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.data +++ b/tests/suites/test_suite_memory_buffer_alloc.data @@ -16,8 +16,8 @@ memory_buffer_alloc_free_alloc:100:64:100:100:0:0:0:1:200:0 Memory buffer alloc - Out of Memory test memory_buffer_alloc_oom_test: -Memory buffer small buffer -memory_buffer_small_buffer: +Memory buffer: heap too small (header verification should fail) +memory_buffer_heap_too_small: Memory buffer underalloc memory_buffer_underalloc: diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function index bc034367a..886d22b07 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.function +++ b/tests/suites/test_suite_memory_buffer_alloc.function @@ -232,11 +232,14 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ -void memory_buffer_small_buffer( ) +void memory_buffer_heap_too_small( ) { unsigned char buf[1]; mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + /* With MBEDTLS_MEMORY_DEBUG enabled, this prints a message + * "FATAL: verification of first header failed". + */ TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() != 0 ); } /* END_CASE */ From 02348c6fce071f4c46083a3d5059eb996672942b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 Oct 2019 15:07:35 +0100 Subject: [PATCH 1940/2197] More accurate test case description --- tests/suites/test_suite_memory_buffer_alloc.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_memory_buffer_alloc.data b/tests/suites/test_suite_memory_buffer_alloc.data index 660ca0a37..d780fd41b 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.data +++ b/tests/suites/test_suite_memory_buffer_alloc.data @@ -19,5 +19,5 @@ memory_buffer_alloc_oom_test: Memory buffer: heap too small (header verification should fail) memory_buffer_heap_too_small: -Memory buffer underalloc +Memory buffer: attempt to allocate SIZE_MAX memory_buffer_underalloc: From cf5abd812a8d4a6c7da0a6c4de1c14f639b3f466 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 Oct 2019 15:07:45 +0100 Subject: [PATCH 1941/2197] Enable more test cases without MBEDTLS_MEMORY_DEBUG None of the test cases in tests_suite_memory_buffer_alloc actually need MBEDTLS_MEMORY_DEBUG. Some have additional checks when MBEDTLS_MEMORY_DEBUG but all are useful even without it. So enable them all and #ifdef out the parts that require DEBUG. --- .../test_suite_memory_buffer_alloc.function | 25 +++++++++++++++---- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function index 886d22b07..cc884c28e 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.function +++ b/tests/suites/test_suite_memory_buffer_alloc.function @@ -29,7 +29,7 @@ void mbedtls_memory_buffer_alloc_self_test( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ +/* BEGIN_CASE */ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, int d_bytes, int free_a, int free_b, int free_c, int free_d, int e_bytes, @@ -39,8 +39,11 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL, *ptr_e = NULL, *ptr_f = NULL; +#if defined(MBEDTLS_MEMORY_DEBUG) size_t reported_blocks; - size_t allocated_bytes = 0, reported_bytes; + size_t reported_bytes; +#endif + size_t allocated_bytes = 0; mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); @@ -78,8 +81,10 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, allocated_bytes += d_bytes * sizeof(char); } +#if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); TEST_ASSERT( reported_bytes == allocated_bytes ); +#endif if( free_a ) { @@ -117,8 +122,10 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, allocated_bytes -= d_bytes * sizeof(char); } +#if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); TEST_ASSERT( reported_bytes == allocated_bytes ); +#endif if( e_bytes > 0 ) { @@ -178,8 +185,10 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, ptr_f = NULL; } +#if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); TEST_ASSERT( reported_bytes == 0 ); +#endif TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); @@ -188,12 +197,14 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ +/* BEGIN_CASE */ void memory_buffer_alloc_oom_test( ) { unsigned char buf[1024]; unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL; +#if defined(MBEDTLS_MEMORY_DEBUG) size_t reported_blocks, reported_bytes; +#endif (void)ptr_c; @@ -210,8 +221,10 @@ void memory_buffer_alloc_oom_test( ) ptr_c = mbedtls_calloc( 431, sizeof(char) ); TEST_ASSERT( ptr_c == NULL ); +#if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); TEST_ASSERT( reported_bytes >= 864 && reported_bytes <= sizeof(buf) ); +#endif mbedtls_free( ptr_a ); ptr_a = NULL; @@ -221,8 +234,10 @@ void memory_buffer_alloc_oom_test( ) ptr_b = NULL; TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); +#if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); TEST_ASSERT( reported_bytes == 0 ); +#endif TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); @@ -231,7 +246,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ +/* BEGIN_CASE */ void memory_buffer_heap_too_small( ) { unsigned char buf[1]; @@ -244,7 +259,7 @@ void memory_buffer_heap_too_small( ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ +/* BEGIN_CASE */ void memory_buffer_underalloc( ) { unsigned char buf[100]; From 1a9bd94549bfea5824b42c4470eb04f9ae7a4a24 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 31 Oct 2019 16:11:34 +0100 Subject: [PATCH 1942/2197] Disable MBEDTLS_MEMORY_BUFFER_ALLOC_C after config.pl full Enabling memory_buffer_alloc is slow and makes ASan ineffective. We have a patch pending to remove it from the full config. In the meantime, disable it explicitly. --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 32ec5fa9f..75a51e07b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -877,6 +877,7 @@ component_test_se_default () { component_test_se_full () { msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -O2 -fsanitize=address' LDFLAGS='-fsanitize=address' From 20180ca919227c65b9341901452210461be5de95 Mon Sep 17 00:00:00 2001 From: Mykhailo Sopiha Date: Tue, 29 Oct 2019 15:58:10 +0200 Subject: [PATCH 1943/2197] Add ASN.1 ENUMERATED tag support Add ASN.1 ENUMERATED [1] tag to supported tag list. 1. https://tools.ietf.org/html/rfc3641#page-8 Signed-off-by: Mykhailo Sopiha --- include/mbedtls/asn1.h | 26 ++++++++++++++++++++++---- include/mbedtls/asn1write.h | 15 +++++++++++++++ library/asn1parse.c | 27 ++++++++++++++++++++++----- library/asn1write.c | 14 ++++++++++++-- 4 files changed, 71 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 1a7611168..1c6683f63 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -75,6 +75,7 @@ #define MBEDTLS_ASN1_OCTET_STRING 0x04 #define MBEDTLS_ASN1_NULL 0x05 #define MBEDTLS_ASN1_OID 0x06 +#define MBEDTLS_ASN1_ENUMERATED 0x0A #define MBEDTLS_ASN1_UTF8_STRING 0x0C #define MBEDTLS_ASN1_SEQUENCE 0x10 #define MBEDTLS_ASN1_SET 0x11 @@ -254,13 +255,32 @@ int mbedtls_asn1_get_bool( unsigned char **p, * a valid ASN.1 INTEGER. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * not fit in an \c int. - * \return An ASN.1 error code if the input does not start with - * a valid ASN.1 INTEGER. */ int mbedtls_asn1_get_int( unsigned char **p, const unsigned char *end, int *val ); +/** + * \brief Retrieve an enumerated ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p On entry, \c *p points to the start of the ASN.1 element. + * On successful completion, \c *p points to the first byte + * beyond the ASN.1 element. + * On error, the value of \c *p is undefined. + * \param end End of data. + * \param val On success, the parsed value. + * + * \return 0 if successful. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 ENUMERATED. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does + * not fit in an \c int. + */ +int mbedtls_asn1_get_enum( unsigned char **p, + const unsigned char *end, + int *val ); + /** * \brief Retrieve a bitstring ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. @@ -367,8 +387,6 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * not fit in an \c int. * \return An MPI error code if the parsed value is too large. - * \return An ASN.1 error code if the input does not start with - * a valid ASN.1 INTEGER. */ int mbedtls_asn1_get_mpi( unsigned char **p, const unsigned char *end, diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 982414626..0bce28ed1 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -192,6 +192,21 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, */ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); +/** + * \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value + * in ASN.1 format. + * + * \note This function works backwards in data buffer. + * + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param val The integer value to write. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. + */ +int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ); + /** * \brief Write a string in ASN.1 format using a specific * string encoding tag. diff --git a/library/asn1parse.c b/library/asn1parse.c index 412259e35..87e7aa989 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -139,17 +139,20 @@ int mbedtls_asn1_get_bool( unsigned char **p, return( 0 ); } -int mbedtls_asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ) +static int asn1_get_tagged_int( unsigned char **p, + const unsigned char *end, + int tag, int *val ) { int ret; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 ) return( ret ); - /* len==0 is malformed (0 must be represented as 020100). */ + /* + * len==0 is malformed (0 must be represented as 020100 for INTEGER, + * or 0A0100 for ENUMERATED tags + */ if( len == 0 ) return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); /* This is a cryptography library. Reject negative integers. */ @@ -180,6 +183,20 @@ int mbedtls_asn1_get_int( unsigned char **p, return( 0 ); } +int mbedtls_asn1_get_int( unsigned char **p, + const unsigned char *end, + int *val ) +{ + return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) ); +} + +int mbedtls_asn1_get_enum( unsigned char **p, + const unsigned char *end, + int *val ) +{ + return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) ); +} + #if defined(MBEDTLS_BIGNUM_C) int mbedtls_asn1_get_mpi( unsigned char **p, const unsigned char *end, diff --git a/library/asn1write.c b/library/asn1write.c index a138d0b75..b3a3ad508 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -231,7 +231,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolea return( (int) len ); } -int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) +static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag ) { int ret; size_t len = 0; @@ -255,11 +255,21 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) } MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); return( (int) len ); } +int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) +{ + return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) ); +} + +int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ) +{ + return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) ); +} + int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag, const char *text, size_t text_len ) { From 6af7bf91f20ac487c93991933862b83a86aa9766 Mon Sep 17 00:00:00 2001 From: Mykhailo Sopiha Date: Thu, 31 Oct 2019 15:55:16 +0200 Subject: [PATCH 1944/2197] Add test cases for ASN.1 ENUMERATED tag Add test cases for writing and parsing ASN.1 ENUMERATED tag values. Signed-off-by: Mykhailo Sopiha --- tests/suites/test_suite_asn1parse.data | 84 ++++++++++++++++++++++ tests/suites/test_suite_asn1parse.function | 43 +++++++++++ tests/suites/test_suite_asn1write.data | 42 +++++++++++ tests/suites/test_suite_asn1write.function | 21 ++++++ 4 files changed, 190 insertions(+) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index 4abae0bb4..e26f93af7 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -286,6 +286,90 @@ get_integer:"010101":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG INTEGER too large for mpi get_mpi_too_large: +ENUMERATED 0 +get_enum:"0A0100":"0":0 + +ENUMERATED 0, extra leading 0 +get_enum:"0A020000":"0":0 + +ENUMERATED 1 +get_enum:"0A0101":"1":0 + +ENUMERATED 1, extra leading 0 +get_enum:"0A020001":"1":0 + +ENUMERATED 0x7f +get_enum:"0A017f":"7f":0 + +ENUMERATED 0x80 +get_enum:"0A020080":"80":0 + +ENUMERATED 0x80, extra leading 0 +get_enum:"0A03000080":"80":0 + +ENUMERATED 0xff +get_enum:"0A0200ff":"ff":0 + +ENUMERATED 0x7fff +get_enum:"0A027fff":"7fff":0 + +ENUMERATED 0x12345678 +get_enum:"0A0412345678":"12345678":0 + +ENUMERATED 0x12345678, extra leading 0 +get_enum:"0A050012345678":"12345678":0 + +ENUMERATED 0x7fffffff +get_enum:"0A047fffffff":"7fffffff":0 + +ENUMERATED 0x7fffffff, extra leading 0 +get_enum:"0A05007fffffff":"7fffffff":0 + +ENUMERATED 0x80000000 +get_enum:"0A050080000000":"80000000":0 + +ENUMERATED 0xffffffff +get_enum:"0A0500ffffffff":"ffffffff":0 + +ENUMERATED 0x100000000 +get_enum:"0A050100000000":"0100000000":0 + +ENUMERATED -1 +get_enum:"0A01ff":"-1":0 + +ENUMERATED -1, extra leading ff +get_enum:"0A02ffff":"-1":0 + +ENUMERATED -0x7f +get_enum:"0A0181":"-7f":0 + +ENUMERATED -0x80 +get_enum:"0A0180":"-80":0 + +ENUMERATED -0x81 +get_enum:"0A02ff7f":"-81":0 + +ENUMERATED -0xff +get_enum:"0A02ff01":"-ff":0 + +ENUMERATED -0x100 +get_enum:"0A02ff00":"-100":0 + +ENUMERATED -0x7fffffff +get_enum:"0A0480000001":"-7fffffff":0 + +ENUMERATED -0x80000000 +get_enum:"0A0480000000":"-80000000":0 + +ENUMERATED -0x80000001 +get_enum:"0A05ff7fffffff":"-80000001":0 + +ENUMERATED -0xffffffff +get_enum:"0A05ff00000001":"-ffffffff":0 + +ENUMERATED -0x100000000 +get_enum:"0A05ff00000000":"-100000000":0 + BIT STRING: empty get_bitstring:"0300":0:0:MBEDTLS_ERR_ASN1_OUT_OF_DATA:MBEDTLS_ERR_ASN1_INVALID_DATA diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index defbd01bb..d747cc254 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -393,6 +393,49 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void get_enum( const data_t *input, + const char *expected_hex, int expected_result ) +{ + unsigned char *p; + long expected_value; + int expected_result_for_enum = expected_result; + int val; + int ret; + + errno = 0; + expected_value = strtol( expected_hex, NULL, 16 ); + if( expected_result == 0 && + ( errno == ERANGE +#if LONG_MAX > INT_MAX + || expected_value > INT_MAX || expected_value < INT_MIN +#endif + ) ) + { + /* The library returns the dubious error code INVALID_LENGTH + * for integers that are out of range. */ + expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + if( expected_result == 0 && expected_value < 0 ) + { + /* The library does not support negative INTEGERs and + * returns the dubious error code INVALID_LENGTH. + * Test that we preserve the historical behavior. If we + * decide to change the behavior, we'll also change this test. */ + expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + + p = input->x; + ret = mbedtls_asn1_get_enum( &p, input->x + input->len, &val ); + TEST_EQUAL( ret, expected_result_for_enum ); + if( ret == 0 ) + { + TEST_EQUAL( val, expected_value ); + TEST_ASSERT( p == input->x + input->len ); + } +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ void get_mpi_too_large( ) { diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index fd589fb23..7f5f5360e 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -49,6 +49,48 @@ mbedtls_asn1_write_int:0x12345678:"020412345678" ASN.1 Write int 2147483647 mbedtls_asn1_write_int:0x7fffffff:"02047fffffff" +ASN.1 Write enum 0 +mbedtls_asn1_write_enum:0:"0A0100" + +ASN.1 Write enum 1 +mbedtls_asn1_write_enum:1:"0A0101" + +ASN.1 Write enum 127 +mbedtls_asn1_write_enum:0x7f:"0A017f" + +ASN.1 Write enum 128 +mbedtls_asn1_write_enum:0x80:"0A020080" + +ASN.1 Write enum 255 +mbedtls_asn1_write_enum:0xff:"0A0200ff" + +ASN.1 Write enum 256 +mbedtls_asn1_write_enum:0x100:"0A020100" + +ASN.1 Write enum 32767 +mbedtls_asn1_write_enum:0x7fff:"0A027fff" + +ASN.1 Write enum 32768 +mbedtls_asn1_write_enum:0x8000:"0A03008000" + +ASN.1 Write enum 65535 +mbedtls_asn1_write_enum:0xffff:"0A0300ffff" + +ASN.1 Write enum 65536 +mbedtls_asn1_write_enum:0x10000:"0A03010000" + +ASN.1 Write enum 8388607 +mbedtls_asn1_write_enum:0x7fffff:"0A037fffff" + +ASN.1 Write enum 8388608 +mbedtls_asn1_write_enum:0x800000:"0A0400800000" + +ASN.1 Write enum 0x12345678 +mbedtls_asn1_write_enum:0x12345678:"0A0412345678" + +ASN.1 Write enum 2147483647 +mbedtls_asn1_write_enum:0x7fffffff:"0A047fffffff" + #ASN.1 Write mpi 0 #mbedtls_asn1_write_mpi:"00":"020100" diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index b69f6b5c3..21465c756 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -117,6 +117,27 @@ exit: } /* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_asn1_write_enum( int val, data_t *expected ) +{ + generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; + int ret; + + for( data.size = 0; data.size < expected->len + 1; data.size++ ) + { + if( ! generic_write_start_step( &data ) ) + goto exit; + ret = mbedtls_asn1_write_enum( &data.p, data.start, val ); + if( ! generic_write_finish_step( &data, expected, ret ) ) + goto exit; + } + +exit: + mbedtls_free( data.output ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ void mbedtls_asn1_write_mpi( data_t *val, data_t *expected ) { From d19a19373821cbf0c6df484a667de0c8515d9eb3 Mon Sep 17 00:00:00 2001 From: Alexander K Date: Fri, 1 Nov 2019 18:20:42 +0300 Subject: [PATCH 1945/2197] Fix code review comments: 1. variable name accoriding to the Mbed TLS coding style; 2. add a comment explaining safety of the optimization; 3. safer T2 initialization and memory zeroing on the function exit; --- library/bignum.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index faf2be6e7..a2f2a9f99 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1632,7 +1632,7 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, int ret; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; - mbedtls_mpi_uint __tp2[3]; + mbedtls_mpi_uint TP2[3]; MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); @@ -1641,10 +1641,16 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &T1 ); - /* Avoid dynamic memory allocations for constant-size T2. */ + /* + * Avoid dynamic memory allocations for constant-size T2. + * + * T2 is used for comparison only and the 3 limbs are assigned explicitly, + * so nobody increase the size of the MPI and we're safe to use an on-stack + * buffer. + */ T2.s = 1; - T2.n = 3; - T2.p = __tp2; + T2.n = sizeof( TP2 ) / sizeof( *TP2 ); + T2.p = TP2; if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) { @@ -1740,6 +1746,7 @@ cleanup: mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &T1 ); + mbedtls_platform_zeroize( TP2, sizeof( TP2 ) ); return( ret ); } From ee6abcedfdd28c797f9e99f1c5c14815013f2523 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 5 Sep 2019 14:47:19 +0100 Subject: [PATCH 1946/2197] Add new, constant time mpi comparison --- include/mbedtls/bignum.h | 19 +++++++++ library/bignum.c | 90 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 109 insertions(+) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 2c5ace690..3f6cdd1f9 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -594,6 +594,25 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); */ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); +/** + * \brief Compare two MPIs in constant time. + * + * \param X The left-hand MPI. This must point to an initialized MPI + * with the same allocated length as Y. + * \param Y The right-hand MPI. This must point to an initialized MPI + * with the same allocated length as X. + * \param ret The result of the comparison: + * \c 1 if \p X is greater than \p Y. + * \c -1 if \p X is lesser than \p Y. + * \c 0 if \p X is equal to \p Y. + * + * \return 0 on success. + * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of + * the two input MPIs is not the same. + */ +int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, + int *ret ); + /** * \brief Compare an MPI with an integer. * diff --git a/library/bignum.c b/library/bignum.c index d5bde8b2c..860571fdb 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1148,6 +1148,96 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) return( 0 ); } +static int ct_lt_mpi_uint( const mbedtls_mpi_uint x, const mbedtls_mpi_uint y ) +{ + mbedtls_mpi_uint ret; + mbedtls_mpi_uint cond; + + /* + * Check if the most significant bits (MSB) of the operands are different. + */ + cond = ( x ^ y ); + /* + * If the MSB are the same then the difference x-y will be negative (and + * have its MSB set to 1 during conversion to unsigned) if and only if x> ( sizeof( mbedtls_mpi_uint ) * 8 - 1 ); + + return ret; +} + +/* + * Compare signed values in constant time + */ +int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, + int *ret ) +{ + size_t i; + unsigned int cond, done; + + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET( ret != NULL ); + + if( X->n != Y->n ) + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + + /* + * if( X->s > 0 && Y->s < 0 ) + * { + * *ret = 1; + * done = 1; + * } + * else if( Y->s > 0 && X->s < 0 ) + * { + * *ret = -1; + * done = 1; + * } + */ + unsigned int sign_X = X->s; + unsigned int sign_Y = Y->s; + cond = ( ( sign_X ^ sign_Y ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); + *ret = cond * X->s; + done = cond; + + for( i = X->n; i > 0; i-- ) + { + /* + * if( ( X->p[i - 1] > Y->p[i - 1] ) && !done ) + * { + * done = 1; + * *ret = X->s; + * } + */ + cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ); + *ret |= ( cond * ( 1 - done ) ) * X->s; + done |= cond * ( 1 - done ); + + /* + * if( ( X->p[i - 1] < Y->p[i - 1] ) && !done ) + * { + * done = 1; + * *ret = -X->s; + * } + */ + cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ); + *ret |= ( cond * ( 1 - done ) ) * -X->s; + done |= cond * ( 1 - done ); + + } + + return( 0 ); +} + /* * Compare signed values */ From 385d5b8682fc8b825cc0a29c0628ed634e1923e6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 11 Sep 2019 16:07:14 +0100 Subject: [PATCH 1947/2197] Add tests to constant time mpi comparison --- tests/suites/test_suite_mpi.data | 33 ++++++++++++++++++++++++++++ tests/suites/test_suite_mpi.function | 23 +++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index f8ee09c05..efcb06041 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -175,6 +175,39 @@ mbedtls_mpi_cmp_mpi:10:"2":10:"-3":1 Base test mbedtls_mpi_cmp_mpi (Mixed values) #6 mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1 +Base test mbedtls_mpi_cmp_mpi_ct #1 +mbedtls_mpi_cmp_mpi_ct:1:10:"693":1:10:"693":0:0 + +Base test mbedtls_mpi_cmp_mpi_ct #2 +mbedtls_mpi_cmp_mpi_ct:1:10:"693":1:10:"692":1:0 + +Base test mbedtls_mpi_cmp_mpi_ct #3 +mbedtls_mpi_cmp_mpi_ct:1:10:"693":1:10:"694":-1:0 + +Base test mbedtls_mpi_cmp_mpi_ct (Negative values) #1 +mbedtls_mpi_cmp_mpi_ct:1:10:"-2":1:10:"-2":0:0 + +Base test mbedtls_mpi_cmp_mpi_ct (Negative values) #2 +mbedtls_mpi_cmp_mpi_ct:1:10:"-2":1:10:"-3":1:0 + +Base test mbedtls_mpi_cmp_mpi_ct (Negative values) #3 +mbedtls_mpi_cmp_mpi_ct:1:10:"-2":1:10:"-1":-1:0 + +Base test mbedtls_mpi_cmp_mpi_ct (Mixed values) #4 +mbedtls_mpi_cmp_mpi_ct:1:10:"-3":1:10:"2":-1:0 + +Base test mbedtls_mpi_cmp_mpi_ct (Mixed values) #5 +mbedtls_mpi_cmp_mpi_ct:1:10:"2":1:10:"-3":1:0 + +Base test mbedtls_mpi_cmp_mpi_ct (Mixed values) #6 +mbedtls_mpi_cmp_mpi_ct:2:10:"-2":2:10:"31231231289798":-1:0 + +Base test mbedtls_mpi_cmp_mpi_ct (X is longer in storage) #7 +mbedtls_mpi_cmp_mpi_ct:3:10:"693":2:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_cmp_mpi_ct (Y is longer in storage) #8 +mbedtls_mpi_cmp_mpi_ct:3:10:"693":4:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA + Base test mbedtls_mpi_cmp_abs #1 mbedtls_mpi_cmp_abs:10:"693":10:"693":0 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index eaae1968e..97fd7b983 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -587,6 +587,29 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_mpi_cmp_mpi_ct( int size_X, int radix_X, char * input_X, int size_Y, + int radix_Y, char * input_Y, int input_ret, int input_err ) +{ + int ret; + mbedtls_mpi X, Y; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + + TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); + + mbedtls_mpi_grow( &X, size_X ); + mbedtls_mpi_grow( &Y, size_Y ); + + TEST_ASSERT( mbedtls_mpi_cmp_mpi_ct( &X, &Y, &ret ) == input_err ); + if( input_err == 0 ) + TEST_ASSERT( ret == input_ret ); + +exit: + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_mpi_cmp_abs( int radix_X, char * input_X, int radix_Y, char * input_Y, int input_A ) From a779b4601e0cf706f8b2992e783e6a7edc9700ed Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 16 Sep 2019 14:27:39 +0100 Subject: [PATCH 1948/2197] Fix side channel vulnerability in ECDSA --- library/ecp.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index c281d8419..596800a67 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2803,6 +2803,7 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, { /* SEC1 3.2.1: Generate d such that 1 <= n < N */ int count = 0; + int cmp = 0; /* * Match the procedure given in RFC 6979 (deterministic ECDSA): @@ -2813,6 +2814,7 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, */ do { + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) ); @@ -2827,9 +2829,14 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, */ if( ++count > 30 ) return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + + ret = mbedtls_mpi_cmp_mpi_ct( d, &grp->N, &cmp ); + if( ret != 0 ) + { + goto cleanup; + } } - while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || - mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ); + while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp >= 0 ); } #endif /* ECP_SHORTWEIERSTRASS */ From b2590790f280ac5599adb16979c07fa916ac2cf6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 23 Sep 2019 09:19:14 +0100 Subject: [PATCH 1949/2197] Remove declaration after statement Visual Studio 2013 does not like it for some reason. --- library/bignum.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 860571fdb..ff8f8296d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1182,7 +1182,7 @@ int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, int *ret ) { size_t i; - unsigned int cond, done; + unsigned int cond, done, sign_X, sign_Y; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( Y != NULL ); @@ -1203,8 +1203,8 @@ int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * done = 1; * } */ - unsigned int sign_X = X->s; - unsigned int sign_Y = Y->s; + sign_X = X->s; + sign_Y = Y->s; cond = ( ( sign_X ^ sign_Y ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); *ret = cond * X->s; done = cond; From d80080c884c7014253e71e9b8d6b626d445b5f45 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 11 Oct 2019 10:22:37 +0100 Subject: [PATCH 1950/2197] Remove excess vertical space --- library/ecp.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/ecp.c b/library/ecp.c index 596800a67..b0ef3ca47 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2814,7 +2814,6 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, */ do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) ); From 1fc97594da2394cc32649eb015df317c35f8513e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 11 Oct 2019 10:43:40 +0100 Subject: [PATCH 1951/2197] mbedtls_mpi_cmp_mpi_ct: remove multiplications Multiplication is known to have measurable timing variations based on the operands. For example it typically is much faster if one of the operands is zero. Remove them from constant time code. --- library/bignum.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index ff8f8296d..b90404512 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1175,6 +1175,11 @@ static int ct_lt_mpi_uint( const mbedtls_mpi_uint x, const mbedtls_mpi_uint y ) return ret; } +static int ct_bool_get_mask( unsigned int b ) +{ + return ~( b - 1 ); +} + /* * Compare signed values in constant time */ @@ -1206,7 +1211,7 @@ int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, sign_X = X->s; sign_Y = Y->s; cond = ( ( sign_X ^ sign_Y ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); - *ret = cond * X->s; + *ret = ct_bool_get_mask( cond ) & X->s; done = cond; for( i = X->n; i > 0; i-- ) @@ -1219,8 +1224,8 @@ int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * } */ cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ); - *ret |= ( cond * ( 1 - done ) ) * X->s; - done |= cond * ( 1 - done ); + *ret |= ct_bool_get_mask( cond & ( 1 - done ) ) & X->s; + done |= cond & ( 1 - done ); /* * if( ( X->p[i - 1] < Y->p[i - 1] ) && !done ) @@ -1230,9 +1235,8 @@ int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * } */ cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ); - *ret |= ( cond * ( 1 - done ) ) * -X->s; - done |= cond * ( 1 - done ); - + *ret |= ct_bool_get_mask( cond & ( 1 - done ) ) & -X->s; + done |= cond & ( 1 - done ); } return( 0 ); From 0e5532d6cf98de89b5b13cace783bc67d64cc3bb Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 11 Oct 2019 14:21:53 +0100 Subject: [PATCH 1952/2197] Change mbedtls_mpi_cmp_mpi_ct to check less than The signature of mbedtls_mpi_cmp_mpi_ct() meant to support using it in place of mbedtls_mpi_cmp_mpi(). This meant full comparison functionality and a signed result. To make the function more universal and friendly to constant time coding, we change the result type to unsigned. Theoretically, we could encode the comparison result in an unsigned value, but it would be less intuitive. Therefore we won't be able to represent the result as unsigned anymore and the functionality will be constrained to checking if the first operand is less than the second. This is sufficient to support the current use case and to check any relationship between MPIs. The only drawback is that we need to call the function twice when checking for equality, but this can be optimised later if an when it is needed. --- include/mbedtls/bignum.h | 11 ++--- library/bignum.c | 68 ++++++++++++++-------------- library/ecp.c | 6 +-- tests/suites/test_suite_mpi.data | 44 +++++++++--------- tests/suites/test_suite_mpi.function | 12 +++-- 5 files changed, 71 insertions(+), 70 deletions(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 3f6cdd1f9..d4aedfc39 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -595,23 +595,22 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); /** - * \brief Compare two MPIs in constant time. + * \brief Check if an MPI is less than the other in constant time. * * \param X The left-hand MPI. This must point to an initialized MPI * with the same allocated length as Y. * \param Y The right-hand MPI. This must point to an initialized MPI * with the same allocated length as X. * \param ret The result of the comparison: - * \c 1 if \p X is greater than \p Y. - * \c -1 if \p X is lesser than \p Y. - * \c 0 if \p X is equal to \p Y. + * \c 1 if \p X is less than \p Y. + * \c 0 if \p X is greater than or equal to \p Y. * * \return 0 on success. * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of * the two input MPIs is not the same. */ -int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, - int *ret ); +int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, + unsigned *ret ); /** * \brief Compare an MPI with an integer. diff --git a/library/bignum.c b/library/bignum.c index b90404512..65696470d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1148,7 +1148,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) return( 0 ); } -static int ct_lt_mpi_uint( const mbedtls_mpi_uint x, const mbedtls_mpi_uint y ) +static unsigned ct_lt_mpi_uint( const mbedtls_mpi_uint x, + const mbedtls_mpi_uint y ) { mbedtls_mpi_uint ret; mbedtls_mpi_uint cond; @@ -1175,16 +1176,11 @@ static int ct_lt_mpi_uint( const mbedtls_mpi_uint x, const mbedtls_mpi_uint y ) return ret; } -static int ct_bool_get_mask( unsigned int b ) -{ - return ~( b - 1 ); -} - /* * Compare signed values in constant time */ -int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, - int *ret ) +int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, + unsigned *ret ) { size_t i; unsigned int cond, done, sign_X, sign_Y; @@ -1197,45 +1193,49 @@ int mbedtls_mpi_cmp_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; /* - * if( X->s > 0 && Y->s < 0 ) - * { - * *ret = 1; - * done = 1; - * } - * else if( Y->s > 0 && X->s < 0 ) - * { - * *ret = -1; - * done = 1; - * } + * Get sign bits of the signs. */ sign_X = X->s; + sign_X = sign_X >> ( sizeof( unsigned int ) * 8 - 1 ); sign_Y = Y->s; - cond = ( ( sign_X ^ sign_Y ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); - *ret = ct_bool_get_mask( cond ) & X->s; + sign_Y = sign_Y >> ( sizeof( unsigned int ) * 8 - 1 ); + + /* + * If the signs are different, then the positive operand is the bigger. + * That is if X is negative (sign bit 1), then X < Y is true and it is false + * if X is positive (sign bit 0). + */ + cond = ( sign_X ^ sign_Y ); + *ret = cond & sign_X; + + /* + * This is a constant time function, we might have the result, but we still + * need to go through the loop. Record if we have the result already. + */ done = cond; for( i = X->n; i > 0; i-- ) { /* - * if( ( X->p[i - 1] > Y->p[i - 1] ) && !done ) - * { - * done = 1; - * *ret = X->s; - * } + * If Y->p[i - 1] < X->p[i - 1] and both X and Y are negative, then + * X < Y. + * + * Again even if we can make a decision, we just mark the result and + * the fact that we are done and continue looping. */ - cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ); - *ret |= ct_bool_get_mask( cond & ( 1 - done ) ) & X->s; + cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ) & sign_X; + *ret |= cond & ( 1 - done ); done |= cond & ( 1 - done ); /* - * if( ( X->p[i - 1] < Y->p[i - 1] ) && !done ) - * { - * done = 1; - * *ret = -X->s; - * } + * If X->p[i - 1] < Y->p[i - 1] and both X and Y are positive, then + * X < Y. + * + * Again even if we can make a decision, we just mark the result and + * the fact that we are done and continue looping. */ - cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ); - *ret |= ct_bool_get_mask( cond & ( 1 - done ) ) & -X->s; + cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ) & ( 1 - sign_X ); + *ret |= cond & ( 1 - done ); done |= cond & ( 1 - done ); } diff --git a/library/ecp.c b/library/ecp.c index b0ef3ca47..a58e8a6e0 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2803,7 +2803,7 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, { /* SEC1 3.2.1: Generate d such that 1 <= n < N */ int count = 0; - int cmp = 0; + unsigned cmp = 0; /* * Match the procedure given in RFC 6979 (deterministic ECDSA): @@ -2829,13 +2829,13 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, if( ++count > 30 ) return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); - ret = mbedtls_mpi_cmp_mpi_ct( d, &grp->N, &cmp ); + ret = mbedtls_mpi_lt_mpi_ct( d, &grp->N, &cmp ); if( ret != 0 ) { goto cleanup; } } - while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp >= 0 ); + while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || cmp != 1 ); } #endif /* ECP_SHORTWEIERSTRASS */ diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index efcb06041..89aa4d51f 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -175,38 +175,38 @@ mbedtls_mpi_cmp_mpi:10:"2":10:"-3":1 Base test mbedtls_mpi_cmp_mpi (Mixed values) #6 mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1 -Base test mbedtls_mpi_cmp_mpi_ct #1 -mbedtls_mpi_cmp_mpi_ct:1:10:"693":1:10:"693":0:0 +Base test mbedtls_mpi_lt_mpi_ct #1 +mbedtls_mpi_lt_mpi_ct:1:10:"693":1:10:"693":0:0 -Base test mbedtls_mpi_cmp_mpi_ct #2 -mbedtls_mpi_cmp_mpi_ct:1:10:"693":1:10:"692":1:0 +Base test mbedtls_mpi_lt_mpi_ct #2 +mbedtls_mpi_lt_mpi_ct:1:10:"693":1:10:"692":0:0 -Base test mbedtls_mpi_cmp_mpi_ct #3 -mbedtls_mpi_cmp_mpi_ct:1:10:"693":1:10:"694":-1:0 +Base test mbedtls_mpi_lt_mpi_ct #3 +mbedtls_mpi_lt_mpi_ct:1:10:"693":1:10:"694":1:0 -Base test mbedtls_mpi_cmp_mpi_ct (Negative values) #1 -mbedtls_mpi_cmp_mpi_ct:1:10:"-2":1:10:"-2":0:0 +Base test mbedtls_mpi_lt_mpi_ct (Negative values) #1 +mbedtls_mpi_lt_mpi_ct:1:10:"-2":1:10:"-2":0:0 -Base test mbedtls_mpi_cmp_mpi_ct (Negative values) #2 -mbedtls_mpi_cmp_mpi_ct:1:10:"-2":1:10:"-3":1:0 +Base test mbedtls_mpi_lt_mpi_ct (Negative values) #2 +mbedtls_mpi_lt_mpi_ct:1:10:"-2":1:10:"-3":0:0 -Base test mbedtls_mpi_cmp_mpi_ct (Negative values) #3 -mbedtls_mpi_cmp_mpi_ct:1:10:"-2":1:10:"-1":-1:0 +Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3 +mbedtls_mpi_lt_mpi_ct:1:10:"-2":1:10:"-1":1:0 -Base test mbedtls_mpi_cmp_mpi_ct (Mixed values) #4 -mbedtls_mpi_cmp_mpi_ct:1:10:"-3":1:10:"2":-1:0 +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #4 +mbedtls_mpi_lt_mpi_ct:1:10:"-3":1:10:"2":1:0 -Base test mbedtls_mpi_cmp_mpi_ct (Mixed values) #5 -mbedtls_mpi_cmp_mpi_ct:1:10:"2":1:10:"-3":1:0 +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #5 +mbedtls_mpi_lt_mpi_ct:1:10:"2":1:10:"-3":0:0 -Base test mbedtls_mpi_cmp_mpi_ct (Mixed values) #6 -mbedtls_mpi_cmp_mpi_ct:2:10:"-2":2:10:"31231231289798":-1:0 +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #6 +mbedtls_mpi_lt_mpi_ct:2:10:"-2":2:10:"31231231289798":1:0 -Base test mbedtls_mpi_cmp_mpi_ct (X is longer in storage) #7 -mbedtls_mpi_cmp_mpi_ct:3:10:"693":2:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage) #7 +mbedtls_mpi_lt_mpi_ct:3:10:"693":2:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA -Base test mbedtls_mpi_cmp_mpi_ct (Y is longer in storage) #8 -mbedtls_mpi_cmp_mpi_ct:3:10:"693":4:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) #8 +mbedtls_mpi_lt_mpi_ct:3:10:"693":4:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_cmp_abs #1 mbedtls_mpi_cmp_abs:10:"693":10:"693":0 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 97fd7b983..617f4615c 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -588,10 +588,12 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_cmp_mpi_ct( int size_X, int radix_X, char * input_X, int size_Y, - int radix_Y, char * input_Y, int input_ret, int input_err ) +void mbedtls_mpi_lt_mpi_ct( int size_X, int radix_X, char * input_X, + int size_Y, int radix_Y, char * input_Y, + int input_ret, int input_err ) { - int ret; + unsigned ret; + unsigned input_uret = input_ret; mbedtls_mpi X, Y; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); @@ -601,9 +603,9 @@ void mbedtls_mpi_cmp_mpi_ct( int size_X, int radix_X, char * input_X, int size_Y mbedtls_mpi_grow( &X, size_X ); mbedtls_mpi_grow( &Y, size_Y ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi_ct( &X, &Y, &ret ) == input_err ); + TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err ); if( input_err == 0 ) - TEST_ASSERT( ret == input_ret ); + TEST_ASSERT( ret == input_uret ); exit: mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); From a0f732ba06fa85c6935c529bc99f198d2650e8e8 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 14 Oct 2019 08:59:14 +0100 Subject: [PATCH 1953/2197] ct_lt_mpi_uint: make use of biL --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 65696470d..55c4624a9 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1171,7 +1171,7 @@ static unsigned ct_lt_mpi_uint( const mbedtls_mpi_uint x, ret |= y & cond; - ret = ret >> ( sizeof( mbedtls_mpi_uint ) * 8 - 1 ); + ret = ret >> ( biL - 1 ); return ret; } From 4abc17236084714e57cf0fdcbfaf43ef50db6c1b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 14 Oct 2019 09:01:15 +0100 Subject: [PATCH 1954/2197] mpi_lt_mpi_ct: make use of unsigned consistent --- library/bignum.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 55c4624a9..cee666268 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1183,7 +1183,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned *ret ) { size_t i; - unsigned int cond, done, sign_X, sign_Y; + unsigned cond, done, sign_X, sign_Y; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( Y != NULL ); @@ -1196,9 +1196,9 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * Get sign bits of the signs. */ sign_X = X->s; - sign_X = sign_X >> ( sizeof( unsigned int ) * 8 - 1 ); + sign_X = sign_X >> ( sizeof( unsigned ) * 8 - 1 ); sign_Y = Y->s; - sign_Y = sign_Y >> ( sizeof( unsigned int ) * 8 - 1 ); + sign_Y = sign_Y >> ( sizeof( unsigned ) * 8 - 1 ); /* * If the signs are different, then the positive operand is the bigger. From 3f6f0e44ebe755d7a515a830b9768f3e1812d275 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 14 Oct 2019 09:09:32 +0100 Subject: [PATCH 1955/2197] Document ct_lt_mpi_uint --- library/bignum.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/bignum.c b/library/bignum.c index cee666268..d310adbab 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1148,6 +1148,13 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) return( 0 ); } +/** Decide if an integer is less than the other, without branches. + * + * \param x First integer. + * \param y Second integer. + * + * \return 1 if \p x is less than \p y, 0 otherwise + */ static unsigned ct_lt_mpi_uint( const mbedtls_mpi_uint x, const mbedtls_mpi_uint y ) { From b7e1b494efd095734fc9ad8cc12fa2d993305b64 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 14 Oct 2019 09:21:49 +0100 Subject: [PATCH 1956/2197] mpi_lt_mpi_ct test: hardcode base 16 --- tests/suites/test_suite_mpi.data | 22 +++++++++++----------- tests/suites/test_suite_mpi.function | 8 ++++---- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 89aa4d51f..6ce53dc5f 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -176,37 +176,37 @@ Base test mbedtls_mpi_cmp_mpi (Mixed values) #6 mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1 Base test mbedtls_mpi_lt_mpi_ct #1 -mbedtls_mpi_lt_mpi_ct:1:10:"693":1:10:"693":0:0 +mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0 Base test mbedtls_mpi_lt_mpi_ct #2 -mbedtls_mpi_lt_mpi_ct:1:10:"693":1:10:"692":0:0 +mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B4":0:0 Base test mbedtls_mpi_lt_mpi_ct #3 -mbedtls_mpi_lt_mpi_ct:1:10:"693":1:10:"694":1:0 +mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B6":1:0 Base test mbedtls_mpi_lt_mpi_ct (Negative values) #1 -mbedtls_mpi_lt_mpi_ct:1:10:"-2":1:10:"-2":0:0 +mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-2":0:0 Base test mbedtls_mpi_lt_mpi_ct (Negative values) #2 -mbedtls_mpi_lt_mpi_ct:1:10:"-2":1:10:"-3":0:0 +mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-3":0:0 Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3 -mbedtls_mpi_lt_mpi_ct:1:10:"-2":1:10:"-1":1:0 +mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-1":1:0 Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #4 -mbedtls_mpi_lt_mpi_ct:1:10:"-3":1:10:"2":1:0 +mbedtls_mpi_lt_mpi_ct:1:"-3":1:"2":1:0 Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #5 -mbedtls_mpi_lt_mpi_ct:1:10:"2":1:10:"-3":0:0 +mbedtls_mpi_lt_mpi_ct:1:"2":1:"-3":0:0 Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #6 -mbedtls_mpi_lt_mpi_ct:2:10:"-2":2:10:"31231231289798":1:0 +mbedtls_mpi_lt_mpi_ct:2:"-2":2:"1C67967269C6":1:0 Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage) #7 -mbedtls_mpi_lt_mpi_ct:3:10:"693":2:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) #8 -mbedtls_mpi_lt_mpi_ct:3:10:"693":4:10:"693":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_cmp_abs #1 mbedtls_mpi_cmp_abs:10:"693":10:"693":0 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 617f4615c..63a2509e1 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -588,8 +588,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_lt_mpi_ct( int size_X, int radix_X, char * input_X, - int size_Y, int radix_Y, char * input_Y, +void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X, + int size_Y, char * input_Y, int input_ret, int input_err ) { unsigned ret; @@ -597,8 +597,8 @@ void mbedtls_mpi_lt_mpi_ct( int size_X, int radix_X, char * input_X, mbedtls_mpi X, Y; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 ); mbedtls_mpi_grow( &X, size_X ); mbedtls_mpi_grow( &Y, size_Y ); From 0ac9557c86f75a9594cb84ea04984c994aeb7a25 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 14 Oct 2019 11:33:39 +0100 Subject: [PATCH 1957/2197] Add more tests for mbedtls_mpi_lt_mpi_ct --- tests/suites/test_suite_mpi.data | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 6ce53dc5f..e97f087b3 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -208,6 +208,36 @@ mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) #8 mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +Base test mbedtls_mpi_lt_mpi_ct (corner case) #1 +mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFFFFFFFFFF":1:"FF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case) #2 +mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"7FFFFFFFFFFFFFFF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case) #2 +mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"1":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case) #2 +mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"0":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case) #3 +mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFFFFFFFFFF":1:"FF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (XY, equal MS limbs) #3 +mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y) #4 +mbedtls_mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y) #4 +mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0 + Base test mbedtls_mpi_cmp_abs #1 mbedtls_mpi_cmp_abs:10:"693":10:"693":0 From 1f32b5bea431e951da395e157245ab8741a7d40a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 28 Oct 2019 12:07:52 +0000 Subject: [PATCH 1958/2197] Bignum: Document assumptions about the sign field --- include/mbedtls/bignum.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index d4aedfc39..1d00c560a 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -185,7 +185,7 @@ extern "C" { */ typedef struct mbedtls_mpi { - int s; /*!< integer sign */ + int s; /*!< Sign: -1 if the mpi is negative, 1 otherwise */ size_t n; /*!< total # of limbs */ mbedtls_mpi_uint *p; /*!< pointer to limbs */ } From 73ba9ec9a69f643f12f39fe4d7f098d69fd3a48e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 28 Oct 2019 12:12:15 +0000 Subject: [PATCH 1959/2197] Make mbedtls_mpi_lt_mpi_ct more portable The code relied on the assumptions that CHAR_BIT is 8 and that unsigned does not have padding bits. In the Bignum module we already assume that the sign of an MPI is either -1 or 1. Using this, we eliminate the above mentioned dependency. --- library/bignum.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index d310adbab..90704862d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1200,12 +1200,11 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; /* - * Get sign bits of the signs. + * Set sign_N to 1 if N >= 0, 0 if N < 0. + * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. */ - sign_X = X->s; - sign_X = sign_X >> ( sizeof( unsigned ) * 8 - 1 ); - sign_Y = Y->s; - sign_Y = sign_Y >> ( sizeof( unsigned ) * 8 - 1 ); + sign_X = ( X->s & 2 ) >> 1; + sign_Y = ( Y->s & 2 ) >> 1; /* * If the signs are different, then the positive operand is the bigger. From bb5147f16583b86f90609db818af3ea8f1089e29 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 28 Oct 2019 12:23:18 +0000 Subject: [PATCH 1960/2197] mbedtls_mpi_lt_mpi_ct: Improve documentation --- library/bignum.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 90704862d..71b9163dc 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1190,6 +1190,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned *ret ) { size_t i; + /* The value of any of these variables is either 0 or 1 at all times. */ unsigned cond, done, sign_X, sign_Y; MPI_VALIDATE_RET( X != NULL ); @@ -1208,14 +1209,14 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, /* * If the signs are different, then the positive operand is the bigger. - * That is if X is negative (sign bit 1), then X < Y is true and it is false - * if X is positive (sign bit 0). + * That is if X is negative (sign_X == 1), then X < Y is true and it is + * false if X is positive (sign_X == 0). */ cond = ( sign_X ^ sign_Y ); *ret = cond & sign_X; /* - * This is a constant time function, we might have the result, but we still + * This is a constant-time function. We might have the result, but we still * need to go through the loop. Record if we have the result already. */ done = cond; From 5e614cef157346fd647d882923e595a6229e9aad Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 28 Oct 2019 12:31:34 +0000 Subject: [PATCH 1961/2197] Rename variable for better readability --- library/bignum.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 71b9163dc..d683a5e3c 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1191,7 +1191,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, { size_t i; /* The value of any of these variables is either 0 or 1 at all times. */ - unsigned cond, done, sign_X, sign_Y; + unsigned cond, done, X_is_negative, Y_is_negative; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( Y != NULL ); @@ -1204,16 +1204,16 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * Set sign_N to 1 if N >= 0, 0 if N < 0. * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. */ - sign_X = ( X->s & 2 ) >> 1; - sign_Y = ( Y->s & 2 ) >> 1; + X_is_negative = ( X->s & 2 ) >> 1; + Y_is_negative = ( Y->s & 2 ) >> 1; /* * If the signs are different, then the positive operand is the bigger. - * That is if X is negative (sign_X == 1), then X < Y is true and it is - * false if X is positive (sign_X == 0). + * That is if X is negative (X_is_negative == 1), then X < Y is true and it + * is false if X is positive (X_is_negative == 0). */ - cond = ( sign_X ^ sign_Y ); - *ret = cond & sign_X; + cond = ( X_is_negative ^ Y_is_negative ); + *ret = cond & X_is_negative; /* * This is a constant-time function. We might have the result, but we still @@ -1230,7 +1230,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ) & sign_X; + cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ) & X_is_negative; *ret |= cond & ( 1 - done ); done |= cond & ( 1 - done ); @@ -1241,7 +1241,8 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ) & ( 1 - sign_X ); + cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ) + & ( 1 - X_is_negative ); *ret |= cond & ( 1 - done ); done |= cond & ( 1 - done ); } From c50e6d5edb4229358d0733de6bb3976cedb4b51d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 28 Oct 2019 12:37:21 +0000 Subject: [PATCH 1962/2197] mbedtls_mpi_lt_mpi_ct: simplify condition In the case of *ret we might need to preserve a 0 value throughout the loop and therefore we need an extra condition to protect it from being overwritten. The value of done is always 1 after *ret has been set and does not need to be protected from overwriting. Therefore in this case the extra condition can be removed. --- library/bignum.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index d683a5e3c..441e4b570 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1232,7 +1232,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, */ cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ) & X_is_negative; *ret |= cond & ( 1 - done ); - done |= cond & ( 1 - done ); + done |= cond; /* * If X->p[i - 1] < Y->p[i - 1] and both X and Y are positive, then @@ -1244,7 +1244,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ) & ( 1 - X_is_negative ); *ret |= cond & ( 1 - done ); - done |= cond & ( 1 - done ); + done |= cond; } return( 0 ); From f17c8006ae56a9f8540d146aa3e4a5571bc63c1f Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 29 Oct 2019 15:05:12 +0000 Subject: [PATCH 1963/2197] mbedtls_mpi_lt_mpi_ct: add tests for 32 bit limbs The corner case tests were designed for 64 bit limbs and failed on 32 bit platforms because the numbers in the test ended up being stored in a different number of limbs and the function (correctly) returnd an error upon receiving them. --- tests/suites/test_suite_mpi.data | 35 +++++++++++++++++++++++++++----- 1 file changed, 30 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index e97f087b3..30f1052b9 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -208,21 +208,46 @@ mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) #8 mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA -Base test mbedtls_mpi_lt_mpi_ct (corner case) #1 +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1 +depends_on:MBEDTLS_HAVE_INT64 mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFFFFFFFFFF":1:"FF":0:0 -Base test mbedtls_mpi_lt_mpi_ct (corner case) #2 +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #2 +depends_on:MBEDTLS_HAVE_INT64 mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"7FFFFFFFFFFFFFFF":0:0 -Base test mbedtls_mpi_lt_mpi_ct (corner case) #2 +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #3 +depends_on:MBEDTLS_HAVE_INT64 mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"1":0:0 -Base test mbedtls_mpi_lt_mpi_ct (corner case) #2 +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #4 +depends_on:MBEDTLS_HAVE_INT64 mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"0":0:0 -Base test mbedtls_mpi_lt_mpi_ct (corner case) #3 +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #5 +depends_on:MBEDTLS_HAVE_INT64 mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFFFFFFFFFF":1:"FF":0:0 +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #1 +depends_on:MBEDTLS_HAVE_INT32 +mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFF":1:"FF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #2 +depends_on:MBEDTLS_HAVE_INT32 +mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"7FFFFFFF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #3 +depends_on:MBEDTLS_HAVE_INT32 +mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"1":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #4 +depends_on:MBEDTLS_HAVE_INT32 +mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"0":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5 +depends_on:MBEDTLS_HAVE_INT32 +mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0 + Multi-limb mbedtls_mpi_lt_mpi_ct (X Date: Tue, 29 Oct 2019 15:08:46 +0000 Subject: [PATCH 1964/2197] ct_lt_mpi_uint: cast the return value explicitely The return value is always either one or zero and therefore there is no risk of losing precision. Some compilers can't deduce this and complain. --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 441e4b570..cdda688de 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1180,7 +1180,7 @@ static unsigned ct_lt_mpi_uint( const mbedtls_mpi_uint x, ret = ret >> ( biL - 1 ); - return ret; + return (unsigned) ret; } /* From 0e4792ef478a35464d40b6edc7387041336c8298 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 5 Nov 2019 11:42:20 +0000 Subject: [PATCH 1965/2197] mpi_lt_mpi_ct perform tests for both limb size The corner case tests were designed for 32 and 64 bit limbs independently and performed only on the target platform. On the other platform they are not corner cases anymore, but we can still exercise them. --- tests/suites/test_suite_mpi.data | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 30f1052b9..3058a62f5 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -209,43 +209,33 @@ Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) #8 mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1 -depends_on:MBEDTLS_HAVE_INT64 -mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFFFFFFFFFF":1:"FF":0:0 +mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #2 -depends_on:MBEDTLS_HAVE_INT64 -mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"7FFFFFFFFFFFFFFF":0:0 +mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"7FFFFFFFFFFFFFFF":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #3 -depends_on:MBEDTLS_HAVE_INT64 -mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"1":0:0 +mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"1":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #4 -depends_on:MBEDTLS_HAVE_INT64 -mbedtls_mpi_lt_mpi_ct:1:"8000000000000000":1:"0":0:0 +mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"0":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #5 -depends_on:MBEDTLS_HAVE_INT64 -mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFFFFFFFFFF":1:"FF":0:0 +mbedtls_mpi_lt_mpi_ct:2:"FFFFFFFFFFFFFFFF":2:"FF":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #1 -depends_on:MBEDTLS_HAVE_INT32 mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFF":1:"FF":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #2 -depends_on:MBEDTLS_HAVE_INT32 mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"7FFFFFFF":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #3 -depends_on:MBEDTLS_HAVE_INT32 mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"1":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #4 -depends_on:MBEDTLS_HAVE_INT32 mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"0":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5 -depends_on:MBEDTLS_HAVE_INT32 mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0 Multi-limb mbedtls_mpi_lt_mpi_ct (X Date: Sat, 11 Aug 2018 00:42:21 +0200 Subject: [PATCH 1966/2197] pk_write test cases with short/long private key Add pk_write test cases where the ASN.1 INTEGER encoding of the private value would not have the mandatory size for the OCTET STRING that contains the value. ec_256_long_prv.pem is a random secp256r1 private key, selected so that the private value is >= 2^255, i.e. the top bit of the first byte is set (which would cause the INTEGER encoding to have an extra leading 0 byte). ec_521_short_prv.pem is a random secp521r1 private key, selected so that the private value is < 2^519, i.e. the first byte is 0 and the top bit of the second byte is 0 (which would cause the INTEGER encoding to have one less 0 byte at the start). --- tests/data_files/ec_256_long_prv.pem | 5 +++++ tests/data_files/ec_521_short_prv.pem | 7 +++++++ tests/suites/test_suite_pkwrite.data | 8 ++++++++ 3 files changed, 20 insertions(+) create mode 100644 tests/data_files/ec_256_long_prv.pem create mode 100644 tests/data_files/ec_521_short_prv.pem diff --git a/tests/data_files/ec_256_long_prv.pem b/tests/data_files/ec_256_long_prv.pem new file mode 100644 index 000000000..5141e30b4 --- /dev/null +++ b/tests/data_files/ec_256_long_prv.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIIcex4mqXsQamUKTVf8vXmTAJrQvGjh5mXG8p9+OR4xAoAoGCCqGSM49 +AwEHoUQDQgAEqJ2HQjPpc6fDwE/vSa6U35USXawkTo98y4U6NsAl+rOGuqMPEFXf +P1Srm/Jrzwa/RuppRL5kgyAsGJTUmwZEzQ== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_521_short_prv.pem b/tests/data_files/ec_521_short_prv.pem new file mode 100644 index 000000000..427b7ad47 --- /dev/null +++ b/tests/data_files/ec_521_short_prv.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PRIVATE KEY----- +MIHcAgEBBEIAOXdk7W+Hf5L7Hc9fKe44wmpaRNs5ERFTkv5CrlXv/Bu3y28M673q +vBNo7a/UE/6NNQHu2pQODEYFpMg6R34b5SigBwYFK4EEACOhgYkDgYYABAFUMHXV +KPA4vkMgq+pFgDoH96XoM517gF2GJFV6h2gLhykzIHL/otAyEpAStw7MBvbU0V21 +ixB+hjqzO7Snxaj9mwB8g87OKxm5eGfsqvJNPdJ0RZ/EKy06Ukg6KThlhQeyrtIk +g5PTCrPnNszlffAy6/jCOe3Moi59g15H13sSzwfX6g== +-----END EC PRIVATE KEY----- diff --git a/tests/suites/test_suite_pkwrite.data b/tests/suites/test_suite_pkwrite.data index c8ff1773c..e0101ccdf 100644 --- a/tests/suites/test_suite_pkwrite.data +++ b/tests/suites/test_suite_pkwrite.data @@ -30,10 +30,18 @@ Private key write check EC 192 bits depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_write_key_check:"data_files/ec_prv.sec1.pem" +Private key write check EC 256 bits (top bit set) +depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_write_key_check:"data_files/ec_256_long_prv.pem" + Private key write check EC 521 bits depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED pk_write_key_check:"data_files/ec_521_prv.pem" +Private key write check EC 521 bits (top byte is 0) +depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_key_check:"data_files/ec_521_short_prv.pem" + Private key write check EC Brainpool 512 bits depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED pk_write_key_check:"data_files/ec_bp512_prv.pem" From 2700cfbdd5efcab973ba9d8564b9ab68f3d70677 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 11 Aug 2018 00:48:44 +0200 Subject: [PATCH 1967/2197] Fix pk_write with an EC key to write a constant-length private value When writing a private EC key, use a constant size for the private value, as specified in RFC 5915. Previously, the value was written as an ASN.1 INTEGER, which caused the size of the key to leak about 1 bit of information on average, and could cause the value to be 1 byte too large for the output buffer. --- library/pkwrite.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 438816078..c2c562348 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -38,7 +38,9 @@ #include "mbedtls/rsa.h" #endif #if defined(MBEDTLS_ECP_C) +#include "mbedtls/bignum.h" #include "mbedtls/ecp.h" +#include "mbedtls/platform_util.h" #endif #if defined(MBEDTLS_ECDSA_C) #include "mbedtls/ecdsa.h" @@ -154,6 +156,26 @@ static int pk_write_ec_param( unsigned char **p, unsigned char *start, return( (int) len ); } + +/* + * privateKey OCTET STRING -- always of length ceil(log2(n)/8) + */ +static int pk_write_ec_private( unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec ) +{ + int ret; + size_t byte_length = ( ec->grp.pbits + 7 ) / 8; + unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; + + ret = mbedtls_mpi_write_binary( &ec->d, tmp, byte_length ); + if( ret != 0 ) + goto exit; + ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length ); + +exit: + mbedtls_platform_zeroize( tmp, byte_length ); + return( ret ); +} #endif /* MBEDTLS_ECP_C */ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, @@ -424,9 +446,8 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); len += par_len; - /* privateKey: write as MPI then fix tag */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &ec->d ) ); - *c = MBEDTLS_ASN1_OCTET_STRING; + /* privateKey */ + MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_private( &c, buf, ec ) ); /* version */ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) ); From 53fc7b03090d0115c16929feba61f10437b70448 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 5 Nov 2019 11:56:07 +0000 Subject: [PATCH 1968/2197] mpi_lt_mpi_ct: Fix test numbering --- tests/suites/test_suite_mpi.data | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 3058a62f5..98a194b0e 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -193,19 +193,19 @@ mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-3":0:0 Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3 mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-1":1:0 -Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #4 +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #1 mbedtls_mpi_lt_mpi_ct:1:"-3":1:"2":1:0 -Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #5 +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #2 mbedtls_mpi_lt_mpi_ct:1:"2":1:"-3":0:0 -Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #6 +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #3 mbedtls_mpi_lt_mpi_ct:2:"-2":2:"1C67967269C6":1:0 -Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage) #7 +Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage) mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA -Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) #8 +Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1 @@ -238,19 +238,19 @@ mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"0":0:0 Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5 mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0 -Multi-limb mbedtls_mpi_lt_mpi_ct (XY, equal MS limbs) #3 +Multi-limb mbedtls_mpi_lt_mpi_ct (X>Y, equal MS limbs) mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0 -Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y) #4 +Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y) mbedtls_mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0 -Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y) #4 +Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y) mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0 Base test mbedtls_mpi_cmp_abs #1 From 0b1ae0e972f84a89960737703181babbe7777ec7 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 5 Nov 2019 12:19:14 +0000 Subject: [PATCH 1969/2197] mpi_lt_mpi_ct: Add further tests The existing tests did not catch a failure that came up at integration testing. Adding the missing test cases to trigger the bug. --- tests/suites/test_suite_mpi.data | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 98a194b0e..480768bf3 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -241,9 +241,6 @@ mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0 Multi-limb mbedtls_mpi_lt_mpi_ct (XY, equal MS limbs) mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0 @@ -253,6 +250,18 @@ mbedtls_mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0 Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y) mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0 +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #1 +mbedtls_mpi_lt_mpi_ct:2:"11FFFFFFFFFFFFFFFF":2:"FF1111111111111111":1:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #2 +mbedtls_mpi_lt_mpi_ct:2:"FF1111111111111111":2:"11FFFFFFFFFFFFFFFF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #3 +mbedtls_mpi_lt_mpi_ct:2:"-11FFFFFFFFFFFFFFFF":2:"-FF1111111111111111":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #4 +mbedtls_mpi_lt_mpi_ct:2:"-FF1111111111111111":2:"-11FFFFFFFFFFFFFFFF":1:0 + Base test mbedtls_mpi_cmp_abs #1 mbedtls_mpi_cmp_abs:10:"693":10:"693":0 From 307024207ab4b7ff75d87a0c214e8172fcb47fc1 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 5 Nov 2019 12:24:52 +0000 Subject: [PATCH 1970/2197] mpi_lt_mpi_ct: fix condition handling The code previously only set the done flag if the return value was one. This led to overriding the correct return value later on. --- library/bignum.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index cdda688de..fd0e8b263 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1224,26 +1224,25 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, for( i = X->n; i > 0; i-- ) { /* - * If Y->p[i - 1] < X->p[i - 1] and both X and Y are negative, then - * X < Y. + * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both + * X and Y are negative. * * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ) & X_is_negative; - *ret |= cond & ( 1 - done ); + cond = ct_lt_mpi_uint( Y->p[i - 1], X->p[i - 1] ); + *ret |= cond & ( 1 - done ) & X_is_negative; done |= cond; /* - * If X->p[i - 1] < Y->p[i - 1] and both X and Y are positive, then - * X < Y. + * If X->p[i - 1] < Y->p[i - 1] then X < Y is true if and only if both + * X and Y are positive. * * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ) - & ( 1 - X_is_negative ); - *ret |= cond & ( 1 - done ); + cond = ct_lt_mpi_uint( X->p[i - 1], Y->p[i - 1] ); + *ret |= cond & ( 1 - done ) & ( 1 - X_is_negative ); done |= cond; } From da252bed3c561fed9cbd114527b37396f23d82f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Nov 2019 16:23:49 +0100 Subject: [PATCH 1971/2197] Define a constant for the maximum signature size from pk_sign() Based on the buffer size used in the pk_sign sample program, this is MBEDTLS_MPI_MAX_SIZE. --- include/mbedtls/pk.h | 14 ++++++++++++-- programs/pkey/pk_sign.c | 2 +- programs/pkey/pk_verify.c | 2 +- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index d750004d5..a51177807 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -101,6 +101,11 @@ typedef struct mbedtls_pk_rsassa_pss_options } mbedtls_pk_rsassa_pss_options; +/** + * \brief Maximum size of a signature made by mbedtls_pk_sign(). + */ +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE + /** * \brief Types for interfacing with the debug module */ @@ -442,8 +447,13 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * \param md_alg Hash algorithm used (see notes) * \param hash Hash of the message to sign * \param hash_len Hash length or 0 (see notes) - * \param sig Place to write the signature - * \param sig_len Number of bytes written + * \param sig Place to write the signature. + * It must have enough room for the signature. + * #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough. + * You may use a smaller buffer if it is large enough + * given the key type. + * \param sig_len On successful return, + * the number of bytes written to \p sig. * \param f_rng RNG function * \param p_rng RNG parameter * diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 47a098a1a..79fb27376 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -70,7 +70,7 @@ int main( int argc, char *argv[] ) mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; unsigned char hash[32]; - unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; char filename[512]; const char *pers = "mbedtls_pk_sign"; size_t olen = 0; diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index a6bfe3f29..72caf7139 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -65,7 +65,7 @@ int main( int argc, char *argv[] ) size_t i; mbedtls_pk_context pk; unsigned char hash[32]; - unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; char filename[512]; mbedtls_pk_init( &pk ); From fbdf150080174db07241b5ef2af5c828e61de083 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 8 Nov 2019 09:59:16 +0000 Subject: [PATCH 1972/2197] getting_started: Make it clear that keys are passed in It was not obvious before that `AES_KEY` and `RSA_KEY` were shorthand for key material. A user copy pasting the code snippet would run into a compilation error if they didn't realize this. Make it more obvious that key material must come from somewhere external by making the snippets which use global keys into functions that take a key as a parameter. --- docs/getting_started.md | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 236c1a26c..9938909f2 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -72,9 +72,10 @@ with other function calls. This example shows how to import a key: ```C +void import_a_key(const uint8_t *key, size_t key_len) +{ psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t data[] = AES_KEY; psa_key_handle_t handle; printf("Import an AES key...\t"); @@ -94,7 +95,7 @@ This example shows how to import a key: psa_set_key_bits(&attributes, 128); /* Import the key */ - status = psa_import_key(&attributes, data, sizeof(data), &handle); + status = psa_import_key(&attributes, key, key_len, &handle); if (status != PSA_SUCCESS) { printf("Failed to import key\n"); return; @@ -108,6 +109,7 @@ This example shows how to import a key: psa_destroy_key(handle); mbedtls_psa_crypto_free(); +} ``` ### Signing a message using RSA @@ -123,9 +125,10 @@ Mbed Crypto supports encrypting, decrypting, signing and verifying messages usin This example shows how to sign a hash that has already been calculated: ```C +void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) +{ psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t key[] = RSA_KEY; uint8_t hash[32] = {0x50, 0xd8, 0x58, 0xe0, 0x98, 0x5e, 0xcc, 0x7f, 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, @@ -151,7 +154,7 @@ This example shows how to sign a hash that has already been calculated: psa_set_key_bits(&attributes, 1024); /* Import the key */ - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key, key_len, &handle); if (status != PSA_SUCCESS) { printf("Failed to import key\n"); return; @@ -176,6 +179,7 @@ This example shows how to sign a hash that has already been calculated: psa_destroy_key(handle); mbedtls_psa_crypto_free(); +} ``` ### Using symmetric ciphers @@ -196,6 +200,8 @@ Mbed Crypto supports encrypting and decrypting messages using various symmetric This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining) mode with no padding (assuming all prerequisites have been fulfilled): ```c +void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) +{ enum { block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), }; @@ -205,7 +211,6 @@ This example shows how to encrypt data using an AES (Advanced Encryption Standar uint8_t plaintext[block_size] = SOME_PLAINTEXT; uint8_t iv[block_size]; size_t iv_len; - uint8_t key[] = AES_KEY; uint8_t output[block_size]; size_t output_len; psa_key_handle_t handle; @@ -227,7 +232,7 @@ This example shows how to encrypt data using an AES (Advanced Encryption Standar psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key, key_len, &handle); if (status != PSA_SUCCESS) { printf("Failed to import a key\n"); return; @@ -266,6 +271,7 @@ This example shows how to encrypt data using an AES (Advanced Encryption Standar psa_destroy_key(handle); mbedtls_psa_crypto_free(); +} ``` **To decrypt a message with a symmetric cipher:** @@ -279,6 +285,8 @@ This example shows how to encrypt data using an AES (Advanced Encryption Standar This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding (assuming all prerequisites have been fulfilled): ```c +void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) +{ enum { block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES), }; @@ -288,7 +296,6 @@ This example shows how to decrypt encrypted data using an AES key in CBC mode wi psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; uint8_t ciphertext[block_size] = SOME_CIPHERTEXT; uint8_t iv[block_size] = ENCRYPTED_WITH_IV; - uint8_t key[] = AES_KEY; uint8_t output[block_size]; size_t output_len; psa_key_handle_t handle; @@ -309,7 +316,7 @@ This example shows how to decrypt encrypted data using an AES key in CBC mode wi psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &handle); + status = psa_import_key(&attributes, key, key_len, &handle); if (status != PSA_SUCCESS) { printf("Failed to import a key\n"); return; @@ -348,6 +355,7 @@ This example shows how to decrypt encrypted data using an AES key in CBC mode wi psa_destroy_key(handle); mbedtls_psa_crypto_free(); +} ``` #### Handling cipher operation contexts From 96ae5cd08707eedb51e555f0b347a228c5d62519 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 12 Nov 2019 03:05:51 -0500 Subject: [PATCH 1973/2197] Zeroize local AES variables before exiting the function This issue has been reported by Tuba Yavuz, Farhaan Fowze, Ken (Yihang) Bai, Grant Hernandez, and Kevin Butler (University of Florida) and Dave Tian (Purdue University). In AES encrypt and decrypt some variables were left on the stack. The value of these variables can be used to recover the last round key. To follow best practice and to limit the impact of buffer overread vulnerabilities (like Heartbleed) we need to zeroize them before exiting the function. --- library/aes.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/library/aes.c b/library/aes.c index aff0a9939..02a7986b5 100644 --- a/library/aes.c +++ b/library/aes.c @@ -918,6 +918,18 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, PUT_UINT32_LE( X2, output, 8 ); PUT_UINT32_LE( X3, output, 12 ); + mbedtls_platform_zeroize( &X0, sizeof( X0 ) ); + mbedtls_platform_zeroize( &X1, sizeof( X1 ) ); + mbedtls_platform_zeroize( &X2, sizeof( X2 ) ); + mbedtls_platform_zeroize( &X3, sizeof( X3 ) ); + + mbedtls_platform_zeroize( &Y0, sizeof( Y0 ) ); + mbedtls_platform_zeroize( &Y1, sizeof( Y1 ) ); + mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) ); + mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) ); + + mbedtls_platform_zeroize( &RK, sizeof( RK ) ); + return( 0 ); } #endif /* !MBEDTLS_AES_ENCRYPT_ALT */ @@ -986,6 +998,18 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, PUT_UINT32_LE( X2, output, 8 ); PUT_UINT32_LE( X3, output, 12 ); + mbedtls_platform_zeroize( &X0, sizeof( X0 ) ); + mbedtls_platform_zeroize( &X1, sizeof( X1 ) ); + mbedtls_platform_zeroize( &X2, sizeof( X2 ) ); + mbedtls_platform_zeroize( &X3, sizeof( X3 ) ); + + mbedtls_platform_zeroize( &Y0, sizeof( Y0 ) ); + mbedtls_platform_zeroize( &Y1, sizeof( Y1 ) ); + mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) ); + mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) ); + + mbedtls_platform_zeroize( &RK, sizeof( RK ) ); + return( 0 ); } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ From f85e4e67bd9a9b69a70741c4ccf1d155271a3c1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Nov 2019 11:08:23 +0100 Subject: [PATCH 1974/2197] test_suite_pk: fix use of sig_len without initialization In pk_sign_verify, if mbedtls_pk_sign() failed, sig_len was passed to mbedtls_pk_verify_restartable() without having been initialized. This worked only because in the only test case that expects signature to fail, the verify implementation doesn't look at sig_len before failing for the expected reason. The value of sig_len if sign() fails is undefined, so set sig_len to something sensible. --- tests/suites/test_suite_pk.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index b34907522..0050db7be 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -926,6 +926,8 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL, rs_ctx ) == sign_ret ); + if( sign_ret != 0 ) + sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, sig_len ) == verify_ret ); @@ -945,6 +947,8 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL ) == sign_ret ); + if( sign_ret != 0 ) + sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret ); From eba088a8ac585a038efccc4d21a44df1b21d1d73 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Nov 2019 16:32:32 +0100 Subject: [PATCH 1975/2197] test_suite_pk: check the signature size after pk_sign Add a check that the signature size from pk_sign is less than the documented maximum size. Reduce the stack consumption in pk_sign_verify. --- tests/suites/test_suite_pk.function | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 0050db7be..a7c0368c4 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -900,8 +900,9 @@ exit: void pk_sign_verify( int type, int sign_ret, int verify_ret ) { mbedtls_pk_context pk; - unsigned char hash[50], sig[5000]; size_t sig_len; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; void *rs_ctx = NULL; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_pk_restart_ctx ctx; @@ -926,7 +927,9 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL, rs_ctx ) == sign_ret ); - if( sign_ret != 0 ) + if( sign_ret == 0 ) + TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); + else sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, @@ -947,7 +950,9 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, rnd_std_rand, NULL ) == sign_ret ); - if( sign_ret != 0 ) + if( sign_ret == 0 ) + TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); + else sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256, From e48fe55c24ed92fdafe066bd9526cc3e2ce6c37b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Nov 2019 16:42:13 +0100 Subject: [PATCH 1976/2197] test_suite_pk: pk_genkey: support a variable key size or curve No intended behavior change. --- tests/suites/test_suite_pk.data | 30 +++++++++++++-------------- tests/suites/test_suite_pk.function | 32 +++++++++++++++++++++-------- 2 files changed, 38 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index ea5fc4f22..e1334d9c8 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -8,21 +8,21 @@ PK write valid parameters depends_on:MBEDTLS_RSA_C valid_parameters_pkwrite:"308204a20201000282010100a9021f3d406ad555538bfd36ee82652e15615e89bfb8e84590dbee881652d3f143504796125964876bfd2be046f973beddcf92e1915bed66a06f8929794580d0836ad54143775f397c09044782b0573970eda3ec15191ea8330847c10542a9fd4cc3b4dfdd061f4d1051406773130f40f86d81255f0ab153c6307e1539acf95aee7f929ea6055be7139785b52392d9d42406d50925897507dda61a8f3f0919bead652c64eb959bdcfe415e17a6da6c5b69cc02ba142c16249c4adccdd0f7526773f12da023fd7ef431ca2d70ca890b04db2ea64f706e9ecebd5889e253599e6e5a9265e2883f0c9419a3dde5e89d9513ed29dbab7012dc5aca6b17ab528254b10203010001028201001689f5e89142ae18a6ffb0513715a4b0b4a13b9e5b3729a2bd62d738c6e15cea7bf3a4d85ab2193a0628c9452bb1f0c1af8b132789df1c95e72778bf5330f5b0d915d242d5e0818e85001ed5fa93d1ce13455deb0a15438562e8e3c8d60ec1e4c9ebff9f2b36b9cde9332cc79f0d17a7ae79cc1353cd75409ad9b4b6d7ee3d82af6f3207656cf2ac98947c15c398db0cebf8dc3eef5398269480cdd09411b960273ae3f364da09af849f24aa87346c58618ea91d9d6cd1d3932c80dbfc1f0a4166a9036911999ca27761079f0ce02db02c1c909ff9b4278578d7bb1b54b2b7082fc9e864b6b394e331c0d11a9a68255565b6dd477f4119c5809839520700711102818100d7db987ad86de6a9b0749fb5da80bacde3bebd72dcc83f60a27db74f927ac3661386577bfce5b4a00ad024682401d6aad29713c8e223b53415305ca07559821099b187fdd1bad3dc4dec9da96f5fa6128331e8f7d89f1e1a788698d1a27256dc7cd392f04e531a9e38e7265bf4fd7eec01e7835e9b1a0dd8923e440381be1c2702818100c87025fff7a493c623404966fbc8b32ed164ca620ad1a0ad11ef42fd12118456017856a8b42e5d4ad36104e9dc9f8a2f3003c3957ffddb20e2f4e3fc3cf2cdddae01f57a56de4fd24b91ab6d3e5cc0e8af0473659594a6bbfdaacf958f19c8d508eac12d8977616af6877106288093d37904a139220c1bc278ea56edc086976702818043e708685c7cf5fa9b4f948e1856366d5e1f3a694f9a8e954f884c89f3823ac5798ee12657bfcaba2dac9c47464c6dc2fecc17a531be19da706fee336bb6e47b645dbc71d3eff9856bddeb1ac9b644ffbdd58d7ba9e1240f1faaf797ba8a4d58becbaf85789e1bd979fcfccc209d3db7f0416bc9eef09b3a6d86b8ce8199d4310281804f4b86ccffe49d0d8ace98fb63ea9f708b284ba483d130b6a75cb76cb4e4372d6b41774f20912319420ca4cbfc1b25a8cb5f01d6381f6ebc50ed3ef08010327f5ba2acc1ac7220b3fa6f7399314db2879b0db0b5647abd87abb01295815a5b086491b2c0d81c616ed67ef8a8ce0727f446711d7323d4147b5828a52143c43b4b028180540756beba83c20a0bda11d6dec706a71744ff28090cec079dffb507d82828038fe657f61496a20317f779cb683ce8196c29a6fe28839a282eef4de57773be56808b0c3e2ac7747e2b200b2fbf20b55258cd24622a1ce0099de098ab0855106ae087f08b0c8c346d81619400c1b4838e33ed9ff90f05db8fccf8fb7ab881ca12" -PK utils: RSA +PK utils: RSA 512-bit depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_utils:MBEDTLS_PK_RSA:512:64:"RSA" +pk_utils:MBEDTLS_PK_RSA:512:512:64:"RSA" -PK utils: ECKEY +PK utils: ECKEY SECP192R1 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_utils:MBEDTLS_PK_ECKEY:192:24:"EC" +pk_utils:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC" -PK utils: ECKEY_DH +PK utils: ECKEY_DH SECP192R1 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_utils:MBEDTLS_PK_ECKEY_DH:192:24:"EC_DH" +pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC_DH" -PK utils: ECDSA +PK utils: ECDSA SECP192R1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_utils:MBEDTLS_PK_ECDSA:192:24:"ECDSA" +pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:192:24:"ECDSA" PK PSA utilities: setup/free, info functions, unsupported operations pk_psa_utils: @@ -83,21 +83,21 @@ EC(DSA) verify test vector: good, bitlen(s) = 247 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0 -ECDSA sign-verify +ECDSA sign-verify: SECP192R1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_sign_verify:MBEDTLS_PK_ECDSA:0:0 +pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:0:0 -EC(DSA) sign-verify +EC(DSA) sign-verify: SECP192R1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_sign_verify:MBEDTLS_PK_ECKEY:0:0 +pk_sign_verify:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:0:0 -EC_DH (no) sign-verify +EC_DH (no) sign-verify: SECP192R1 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_sign_verify:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ERR_PK_TYPE_MISMATCH:MBEDTLS_ERR_PK_TYPE_MISMATCH +pk_sign_verify:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ERR_PK_TYPE_MISMATCH:MBEDTLS_ERR_PK_TYPE_MISMATCH RSA sign-verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME -pk_sign_verify:MBEDTLS_PK_RSA:0:0 +pk_sign_verify:MBEDTLS_PK_RSA:512:0:0 RSA encrypt test vector depends_on:MBEDTLS_PKCS1_V15 diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index a7c0368c4..ccf173632 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -27,13 +27,27 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); #define RSA_KEY_SIZE 512 #define RSA_KEY_LEN 64 -static int pk_genkey( mbedtls_pk_context *pk ) +/** Generate a key of the desired type. + * + * \param pk The PK object to fill. It must have been initialized + * with mbedtls_pk_setup(). + * \param parameter - For RSA keys, the key size in bits. + * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx). + * + * \return The status from the underlying type-specific key + * generation function. + * \return -1 if the key type is not recognized. + */ +static int pk_genkey( mbedtls_pk_context *pk, int parameter ) { ((void) pk); + (void) parameter; #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) - return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 ); + return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), + rnd_std_rand, NULL, + parameter, 3 ); #endif #if defined(MBEDTLS_ECP_C) if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY || @@ -42,7 +56,7 @@ static int pk_genkey( mbedtls_pk_context *pk ) { int ret; if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp, - MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 ) + parameter ) ) != 0 ) return( ret ); return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d, @@ -608,18 +622,18 @@ void invalid_parameters( ) /* END_CASE */ /* BEGIN_CASE */ -void pk_utils( int type, int size, int len, char * name ) +void pk_utils( int type, int parameter, int bitlen, int len, char * name ) { mbedtls_pk_context pk; mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk ) == 0 ); + TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type ); TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) ); - TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) size ); + TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) bitlen ); TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len ); TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); @@ -897,7 +911,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void pk_sign_verify( int type, int sign_ret, int verify_ret ) +void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) { mbedtls_pk_context pk; size_t sig_len; @@ -922,7 +936,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret ) memset( sig, 0, sizeof sig ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk ) == 0 ); + TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash, sig, &sig_len, @@ -1162,7 +1176,7 @@ void pk_rsa_alt( ) /* Initiliaze PK RSA context with random key */ TEST_ASSERT( mbedtls_pk_setup( &rsa, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - TEST_ASSERT( pk_genkey( &rsa ) == 0 ); + TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 ); /* Extract key to the raw rsa context */ TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 ); From a719db8b04ac3291af1ba49bd3166b1cbe7f70fa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Nov 2019 16:48:35 +0100 Subject: [PATCH 1977/2197] Add pk_utils and pk_sign tests with different curves This reveals that MBEDTLS_PK_SIGNATURE_MAX_SIZE is too small. --- tests/suites/test_suite_pk.data | 40 +++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index e1334d9c8..caa4c7776 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -20,10 +20,30 @@ PK utils: ECKEY_DH SECP192R1 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC_DH" +PK utils: ECKEY_DH Curve25519 +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED +pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE25519:255:32:"EC_DH" + +PK utils: ECKEY_DH Curve448 +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE448_ENABLED +pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE448:448:56:"EC_DH" + PK utils: ECDSA SECP192R1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:192:24:"ECDSA" +PK utils: ECDSA SECP256R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:256:32:"ECDSA" + +PK utils: ECDSA SECP384R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:384:48:"ECDSA" + +PK utils: ECDSA SECP521R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:521:66:"ECDSA" + PK PSA utilities: setup/free, info functions, unsupported operations pk_psa_utils: @@ -87,6 +107,26 @@ ECDSA sign-verify: SECP192R1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:0:0 +ECDSA sign-verify: SECP256R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:0:0 + +ECDSA sign-verify: SECP384R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:0:0 + +ECDSA sign-verify: SECP521R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:0:0 + +ECDSA sign-verify: BP256R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP256R1:0:0 + +ECDSA sign-verify: BP512R1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP512R1:0:0 + EC(DSA) sign-verify: SECP192R1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_sign_verify:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:0:0 From b22a24b23f7807fa406c61aa64a4d4fbbde18ffe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Nov 2019 16:56:39 +0100 Subject: [PATCH 1978/2197] Fix MBEDTLS_PK_SIGNATURE_MAX_SIZE to account for ECDSA The original definition of MBEDTLS_PK_SIGNATURE_MAX_SIZE only took RSA into account. An ECDSA signature may be larger than the maximum possible RSA signature size, depending on build options; for example this is the case with config-suite-b.h. --- include/mbedtls/pk.h | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index a51177807..2fdc4c1fc 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -104,7 +104,37 @@ typedef struct mbedtls_pk_rsassa_pss_options /** * \brief Maximum size of a signature made by mbedtls_pk_sign(). */ +/* This fallback value is used if there is no software signature support. + * This is possible even if check_config.h is included, for example if + * MBEDTLS_ECDH_C is enabled but neither MBEDTLS_ECDSA_C nor MBEDTLS_RSA_C. + * Use MBEDTLS_MPI_MAX_SIZE which is the maximum size than an RSA-alt + * implementation can produce, assuming that MBEDTLS_MPI_MAX_SIZE is set + * correctly. This is not necessarily the best choice of size and it may + * change in future versions. */ #define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE +#if defined(MBEDTLS_RSA_C) && \ + MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE +#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE +#endif +#if defined(MBEDTLS_ECDSA_C) && \ + MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_PK_SIGNATURE_MAX_SIZE +#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN +#endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE + 11 > MBEDTLS_PK_SIGNATURE_MAX_SIZE +/* PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE is the maximum size of a signature made + * through the PSA API in the PSA representation. + * The Mbed TLS representation is different for ECDSA signatures: + * PSA uses the raw concatenation of r and s, + * whereas Mbed TLS uses the ASN.1 representation (SEQUENCE of two INTEGERs). + * Add the overhead of ASN.1: up to (1+2) + 2 * (1+2+1) for the + * types, lengths (represented by up to 2 bytes), and potential leading + * zeros of the INTEGERs and the SEQUENCE. */ +#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE + 11 ) +#endif /** * \brief Types for interfacing with the debug module From f48d6f232092bc09e64c239f8bc511059f42c0f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Nov 2019 17:31:36 +0100 Subject: [PATCH 1979/2197] Add sanity checks for the mbedtls_pk_sign output size mbedtls_pk_sign does not take the size of its output buffer as a parameter. We guarantee that MBEDTLS_PK_SIGNATURE_MAX_SIZE is enough. For RSA and ECDSA signatures made in software, this is ensured by the way MBEDTLS_PK_SIGNATURE_MAX_SIZE is defined at compile time. For signatures made through RSA-alt and PSA, this is not guaranteed robustly at compile time, but we can test it at runtime, so do that. --- library/pk_wrap.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 5a699c030..7ffb2c0c9 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -774,6 +774,8 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, #endif /* SIZE_MAX > UINT_MAX */ *sig_len = rsa_alt->key_len_func( rsa_alt->key ); + if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, (unsigned int) hash_len, hash, sig ) ); @@ -1017,6 +1019,8 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, return( mbedtls_psa_err_translate_pk( status ) ); buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); psa_reset_key_attributes( &attributes ); + if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); /* make the signature */ status = psa_asymmetric_sign( *key, alg, hash, hash_len, From 2975571ff560dd9863f77c2771c365ec6b90cf4a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Nov 2019 15:49:40 +0100 Subject: [PATCH 1980/2197] Fix ECDSA case in PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE was taking the maximum ECDSA key size as the ECDSA signature size. Fix it to use the actual maximum size of an ECDSA signature. --- include/psa/crypto_sizes.h | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index bcca72482..33322472a 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -247,21 +247,6 @@ */ #define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128 -/** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE - * - * Maximum size of an asymmetric signature. - * - * This macro must expand to a compile-time constant integer. This value - * should be the maximum size of a MAC supported by the implementation, - * in bytes, and must be no smaller than this maximum. - */ -#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ - PSA_BITS_TO_BYTES( \ - PSA_VENDOR_RSA_MAX_KEY_BITS > PSA_VENDOR_ECC_MAX_CURVE_BITS ? \ - PSA_VENDOR_RSA_MAX_KEY_BITS : \ - PSA_VENDOR_ECC_MAX_CURVE_BITS \ - ) - /** The maximum size of a block cipher supported by the implementation. */ #define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16 @@ -457,6 +442,22 @@ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ ((void)alg, 0)) +#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ + PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + +/** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE + * + * Maximum size of an asymmetric signature. + * + * This macro must expand to a compile-time constant integer. This value + * should be the maximum size of a signature supported by the implementation, + * in bytes, and must be no smaller than this maximum. + */ +#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ + PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ + PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) + /** Sufficient output buffer size for psa_asymmetric_encrypt(). * * This macro returns a sufficient buffer size for a ciphertext produced using From d296e82e2d654e0981477b51cbc6c085251667a9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Nov 2019 18:00:51 +0100 Subject: [PATCH 1981/2197] Mbed Crypto implements mbedtls_xxx as well as PSA Link to the Mbed TLS documentation. --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9d34c556a..9f4467591 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,9 @@ Mbed Crypto is a reference implementation of the PSA cryptography API. It is wri ## Documentation -The Mbed Crypto library is a reference implementation of the PSA cryptography API. Please refer to the PSA Cryptography API documents for an overview of the library's interfaces and a detailed description of the types, macros and functions that it provides. +The Mbed Crypto library implements both the legacy Mbed TLS interfaces to cryptographic primitives (`mbedtls_xxx`) and the new PSA Cryptography interfaces (`psa_xxx`). + +Documentation for the Mbed TLS interfaces in the default library configuration is available as part of the [Mbed TLS documentation](https://tls.mbed.org/api/). There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list. From 7dd0b45b7f2e110b6cfbc4eb9a4fa7e962cbe407 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Nov 2019 18:01:51 +0100 Subject: [PATCH 1982/2197] Note that local documentation will be tailored to a specific config --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9f4467591..af047ab7d 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ You can read the [complete PSA cryptography API specification as a PDF document] ### Browsable library documentation -To generate a local copy of the library documentation in HTML format: +To generate a local copy of the library documentation in HTML format, tailored to your compile-time configuration: 1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. We use version 1.8.11 but slightly older or more recent versions should work. 1. Run `make apidoc`. From 24354a74a23c47609a5c46a816ccd0f8729c5585 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Nov 2019 18:02:05 +0100 Subject: [PATCH 1983/2197] Link to PSA documentation websites Link to the official PSA documentation page. Link to the PSA Crypto portal page. --- README.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index af047ab7d..a954a168e 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,9 @@ Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICEN ## PSA cryptography API -Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. +Arm's [Platform Security Architecture (PSA)](https://developer.arm.com/architectures/security-architectures/platform-security-architecture) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. -The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. +The [PSA cryptography API](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. The design goals of the PSA cryptography API include: @@ -28,12 +28,10 @@ The Mbed Crypto library implements both the legacy Mbed TLS interfaces to crypto Documentation for the Mbed TLS interfaces in the default library configuration is available as part of the [Mbed TLS documentation](https://tls.mbed.org/api/). +For the PSA interfaces, please refer to the PSA Cryptography API documents linked from the [PSA cryptography interfaces documentation portal](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) for an overview of the library's interfaces and a detailed description of the types, macros and functions that it provides. The API reference is available in [PDF](https://armmbed.github.io/mbed-crypto/PSA_Cryptography_API_Specification.pdf) and [HTML](https://armmbed.github.io/mbed-crypto/html/index.html) formats. + There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list. -### PSA Cryptography API - -You can read the [complete PSA cryptography API specification as a PDF document](https://github.com/ARMmbed/mbed-crypto/raw/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf). The API reference is also available in [HTML format](https://armmbed.github.io/mbed-crypto/html/index.html). - ### Browsable library documentation To generate a local copy of the library documentation in HTML format, tailored to your compile-time configuration: From 5460565be448bd573a9b4db8d7f5e6e1f7e0ef32 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Nov 2019 16:24:16 +0100 Subject: [PATCH 1984/2197] Fix errors in the definition of MBEDTLS_PK_SIGNATURE_MAX_SIZE The initial value for the max calculation needs to be 0. The fallback needs to come last. With the old code, the value was never smaller than the fallback. For RSA_ALT, use MPI_MAX_SIZE. Only use this if RSA_ALT is enabled. For PSA, check PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, and separately check the special case of ECDSA where PSA and mbedtls have different representations for the signature. --- include/mbedtls/pk.h | 45 ++++++++++++++++++++++++++++++-------------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 2fdc4c1fc..d0d7ac0f8 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -104,37 +104,54 @@ typedef struct mbedtls_pk_rsassa_pss_options /** * \brief Maximum size of a signature made by mbedtls_pk_sign(). */ -/* This fallback value is used if there is no software signature support. - * This is possible even if check_config.h is included, for example if - * MBEDTLS_ECDH_C is enabled but neither MBEDTLS_ECDSA_C nor MBEDTLS_RSA_C. - * Use MBEDTLS_MPI_MAX_SIZE which is the maximum size than an RSA-alt - * implementation can produce, assuming that MBEDTLS_MPI_MAX_SIZE is set - * correctly. This is not necessarily the best choice of size and it may - * change in future versions. */ -#define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE -#if defined(MBEDTLS_RSA_C) && \ +/* We need to set MBEDTLS_PK_SIGNATURE_MAX_SIZE to the maximum signature + * size among the supported signature types. Do it by starting at 0, + * then incrementally increasing to be large enough for each supported + * signature mechanism. + * + * The resulting value can be 0, for example if MBEDTLS_ECDH_C is enabled + * (which allows the pk module to be included) but neither MBEDTLS_ECDSA_C + * nor MBEDTLS_RSA_C nor any opaque signature mechanism (PSA or RSA_ALT). + */ +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0 + +#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \ MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE +/* For RSA, the signature can be as large as the bignum module allows. + * For RSA_ALT, the signature size is not necessarily tied to what the + * bignum module can do, but in the absence of any specific setting, + * we use that (rsa_alt_sign_wrap in pk_wrap will check). */ #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE #define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE #endif + #if defined(MBEDTLS_ECDSA_C) && \ MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_PK_SIGNATURE_MAX_SIZE +/* For ECDSA, the ecdsa module exports a constant for the maximum + * signature size. */ #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE #define MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE + 11 > MBEDTLS_PK_SIGNATURE_MAX_SIZE + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE /* PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE is the maximum size of a signature made - * through the PSA API in the PSA representation. - * The Mbed TLS representation is different for ECDSA signatures: + * through the PSA API in the PSA representation. */ +#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE +#endif + +#if PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 > MBEDTLS_PK_SIGNATURE_MAX_SIZE +/* The Mbed TLS representation is different for ECDSA signatures: * PSA uses the raw concatenation of r and s, * whereas Mbed TLS uses the ASN.1 representation (SEQUENCE of two INTEGERs). * Add the overhead of ASN.1: up to (1+2) + 2 * (1+2+1) for the * types, lengths (represented by up to 2 bytes), and potential leading * zeros of the INTEGERs and the SEQUENCE. */ #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE -#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE + 11 ) +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 ) #endif +#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ /** * \brief Types for interfacing with the debug module From 5bcb24b56ec39069c75c747555c3d3c259b84f2c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Nov 2019 17:33:29 +0100 Subject: [PATCH 1985/2197] Fix output buffer length check in pk_opaque_sign_wrap --- library/pk_wrap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 7ffb2c0c9..702c3bbb4 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -1019,7 +1019,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, return( mbedtls_psa_err_translate_pk( status ) ); buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); psa_reset_key_attributes( &attributes ); - if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) + if( buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); /* make the signature */ From 9db14fa478abd45993e1cbf0eafcd75776275e65 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Nov 2019 18:37:19 +0100 Subject: [PATCH 1986/2197] Update the documentation of mbedtls_pk_sign_restartable() Clarify the documentation regarding the signature size. Also fix minor niggles about references to mbedtls_pk_sign(). --- include/mbedtls/pk.h | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index d0d7ac0f8..634356334 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -531,16 +531,21 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * * \param ctx The PK context to use. It must have been set up * with a private key. - * \param md_alg Hash algorithm used (see notes) + * \param md_alg Hash algorithm used (see notes for mbedtls_pk_sign()) * \param hash Hash of the message to sign - * \param hash_len Hash length or 0 (see notes) - * \param sig Place to write the signature - * \param sig_len Number of bytes written + * \param hash_len Hash length or 0 (see notes for mbedtls_pk_sign()) + * \param sig Place to write the signature. + * It must have enough room for the signature. + * #MBEDTLS_PK_SIGNATURE_MAX_SIZE is always enough. + * You may use a smaller buffer if it is large enough + * given the key type. + * \param sig_len On successful return, + * the number of bytes written to \p sig. * \param f_rng RNG function * \param p_rng RNG parameter * \param rs_ctx Restart context (NULL to disable restart) * - * \return See \c mbedtls_pk_sign(), or + * \return See \c mbedtls_pk_sign(). * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ From ff25af2c15ff9b27cc3650a4ce4edbc32082f175 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 31 May 2019 20:13:58 +0200 Subject: [PATCH 1987/2197] Add missing MBEDTLS_ECP_C dependencies in check_config.h --- include/mbedtls/check_config.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 4965e1743..ede070405 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -134,7 +134,7 @@ #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ +#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ @@ -145,7 +145,9 @@ !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) ) ) + !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) #error "MBEDTLS_ECP_C defined, but not all prerequisites" #endif From 73a1f377f057e22135108df0bab7eaf46a7db310 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Nov 2019 18:39:22 +0100 Subject: [PATCH 1988/2197] Add documentation notes about the required size of the signature buffers --- include/mbedtls/rsa.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 840540b0d..ec8d0d8de 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -907,7 +907,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * the size of the hash corresponding to \p md_alg. * \param sig The buffer to hold the signature. This must be a writable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes - * for an 2048-bit RSA modulus. + * for an 2048-bit RSA modulus. A buffer length of + * #MBEDTLS_MPI_MAX_SIZE is always safe. * * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -954,7 +955,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * the size of the hash corresponding to \p md_alg. * \param sig The buffer to hold the signature. This must be a writable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes - * for an 2048-bit RSA modulus. + * for an 2048-bit RSA modulus. A buffer length of + * #MBEDTLS_MPI_MAX_SIZE is always safe. * * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -1015,7 +1017,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * the size of the hash corresponding to \p md_alg. * \param sig The buffer to hold the signature. This must be a writable * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes - * for an 2048-bit RSA modulus. + * for an 2048-bit RSA modulus. A buffer length of + * #MBEDTLS_MPI_MAX_SIZE is always safe. * * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. From 39bd5e7f9ef1af854612d44b6efc558fc8d99ad8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 21:36:44 +0200 Subject: [PATCH 1989/2197] Mbed TLS configuration file manipulation library and tool This is meant to be a drop-in replacement for config.pl which can additionally be used as a library in a Python script. So far this script supports the commands 'get', 'set' and 'realfull' but not the other built-in configurations. --- scripts/config.py | 298 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 298 insertions(+) create mode 100755 scripts/config.py diff --git a/scripts/config.py b/scripts/config.py new file mode 100755 index 000000000..f86d64b69 --- /dev/null +++ b/scripts/config.py @@ -0,0 +1,298 @@ +#!/usr/bin/env python3 + +"""Mbed TLS configuration file manipulation library and tool + +Basic usage, to read the Mbed TLS or Mbed Crypto configuration: + config = ConfigFile() + if 'MBEDTLS_RSA_C' in config: print('RSA is enabled') +""" + +## Copyright (C) 2019, ARM Limited, All Rights Reserved +## SPDX-License-Identifier: Apache-2.0 +## +## Licensed under the Apache License, Version 2.0 (the "License"); you may +## not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## +## This file is part of Mbed TLS (https://tls.mbed.org) + +import re + +class Setting: + """Representation of one Mbed TLS config.h setting. + + Fields: + * name: the symbol name ('MBEDTLS_xxx'). + * value: the value of the macro. The empty string for a plain #define + with no value. + * active: True if name is defined, False if a #define for name is + present in config.h but commented out. + """ + # pylint: disable=too-few-public-methods + def __init__(self, active, name, value=''): + self.active = active + self.name = name + self.value = value + +class Config: + """Representation of the Mbed TLS configuration. + + In the documentation of this class, a symbol is said to be *active* + if there is a #define for it that is not commented out, and *known* + if there is a #define for it whether commented out or not. + + This class supports the following protocols: + * `name in config` is True if the symbol `name` is set in the + configuration, False otherwise (whether `name` is known but commented + out or not known at all). + * `config[name]` is the value of the macro `name`. If `name` is not + set, raise `KeyError` (even if a definition for `name` is present + but commented out). + * `config[name] = value` sets the value associated to `name`. `name` + must be known, but does not need to be set. This does not cause + name to become set. + """ + + def __init__(self): + self.settings = {} + + def __contains__(self, name): + """True if the given symbol is active (i.e. set). + + False if the given symbol is not set, even if a definition + is present but commented out. + """ + return name in self.settings and self.settings[name].active + + def all(self, *names): + """True if all the elements of names are active (i.e. set).""" + return all(self.__contains__(name) for name in names) + + def any(self, *names): + """True if at least one symbol in names are active (i.e. set).""" + return any(self.__contains__(name) for name in names) + + def known(self, name): + """True if a #define for name is present, whether it's commented out or not.""" + return name in self.settings + + def __getitem__(self, name): + """Get the value of name, i.e. what the preprocessor symbol expands to. + + If name is not known, raise KeyError. name does not need to be active. + """ + return self.settings[name].value + + def get(self, name, default=None): + """Get the value of name. If name is inactive (not set), return default. + + If a #define for name is present and not commented out, return + its expansion, even if this is the empty string. + + If a #define for name is present but commented out, return default. + """ + if name in self.settings: + return self.settings[name].value + else: + return default + + def __setitem__(self, name, value): + """If name is known, set its value. + + If name is not known, raise KeyError. + """ + self.settings[name].value = value + + def set(self, name, value=None): + """Set name to the given value and make it active. + + If value is None and name is already known, don't change its value. + If value is None and name is not known, set its value to the empty + string. + """ + if name in self.settings: + if value is not None: + self.settings[name].value = value + self.settings[name].active = True + else: + self.settings[name] = Setting(True, name, value=value) + + def unset(self, name): + """Make name unset (inactive). + + name remains known. + """ + self.set(name) + self.settings[name].active = False + + def adapt(self, adapter): + """Run adapter on each known symbol and (de)activate it accordingly. + + `adapter` must be a function that returns a boolean. It is called as + `adapter(name, active)` for each setting, where `active` is `True` + if `name` is set and `False` if `name` is known but unset. If + `adapter` returns `True`, then set `name` (i.e. make it active), + otherwise unset `name` (i.e. make it known but inactive). + """ + for setting in self.settings.values(): + setting.active = adapter(setting.name, setting.active) + +def realfull_adapter(_name, _set): + """Uncomment everything.""" + return True + +class ConfigFile(Config): + """Representation of the Mbed TLS configuration read for a file. + + See the documentation of the `Config` class for methods to query + and modify the configuration. + """ + + default_path = 'include/mbedtls/config.h' + + def __init__(self, filename=None): + """Read the Mbed TLS configuration file.""" + if filename is None: + filename = self.default_path + super().__init__() + self.filename = filename + with open(filename) as file: + self.templates = [self._parse_line(line) for line in file] + + def set(self, name, value=None): + if name not in self.settings: + self.templates.append((name, '', '#define ' + name + ' ')) + super().set(name, value) + + _define_line_regexp = (r'(?P\s*)' + + r'(?P(//\s*)?)' + + r'(?P#\s*define\s+)' + + r'(?P\w+)' + + r'(?P(?:\((?:\w|\s|,)*\))?)' + + r'(?P\s*)' + + r'(?P.*)') + def _parse_line(self, line): + """Parse a line in config.h and return the corresponding template.""" + line = line.rstrip('\r\n') + m = re.match(self._define_line_regexp, line) + if m: + active = not m.group('commented_out') + name = m.group('name') + value = m.group('value') + template = (name, + m.group('indentation'), + m.group('define') + name + + m.group('arguments') + m.group('separator')) + self.settings[name] = Setting(active, name, value) + return template + else: + return line + + def _format_template(self, name, indent, middle): + """Build a line for config.h for the given setting. + + The line has the form "#define ". + """ + setting = self.settings[name] + return ''.join([indent, + '' if setting.active else '//', + middle, + setting.value]).rstrip() + + def write_to_stream(self, output): + """Write the whole configuration to output.""" + for template in self.templates: + if isinstance(template, str): + line = template + else: + line = self._format_template(*template) + output.write(line + '\n') + + def write(self, filename=None): + """Write the whole configuration to the file it was read from. + + If filename is specified, write to this file instead. + """ + if filename is None: + filename = self.filename + with open(filename, 'w') as output: + self.write_to_stream(output) + +if __name__ == '__main__': + def main(): + """Command line config.h manipulation tool.""" + parser = argparse.ArgumentParser(description=""" + Mbed TLS and Mbed Crypto configuration file manipulation tool. + """) + parser.add_argument('--file', '-f', + help="""File to read (and modify if requested). + Default: {}. + """.format(ConfigFile.default_path)) + parser.add_argument('--force', '-o', + help="""For the set command, if SYMBOL is not + present, add a definition for it.""") + subparsers = parser.add_subparsers(dest='command', + title='Commands') + parser_get = subparsers.add_parser('get', + help="""Find the value of SYMBOL + and print it. Exit with + status 0 if a #define for SYMBOL is + found, 1 otherwise. + """) + parser_get.add_argument('symbol', metavar='SYMBOL') + parser_set = subparsers.add_parser('set', + help="""Set SYMBOL to VALUE. + If VALUE is omitted, just uncomment + the #define for SYMBOL. + Error out of a line defining + SYMBOL (commented or not) is not + found, unless --force is passed. + """) + parser_set.add_argument('symbol', metavar='SYMBOL') + parser_set.add_argument('value', metavar='VALUE', nargs='?') + parser_unset = subparsers.add_parser('unset', + help="""Comment out the #define + for SYMBOL. Do nothing if none + is present.""") + parser_unset.add_argument('symbol', metavar='SYMBOL') + + def add_adapter(name, function, description): + subparser = subparsers.add_parser(name, help=description) + subparser.set_defaults(adapter=function) + add_adapter('realfull', realfull_adapter, + """Uncomment all #defines. No exceptions.""") + + args = parser.parse_args() + config = ConfigFile(args.file) + if args.command == 'get': + if args.symbol in config: + value = config[args.symbol] + if value: + sys.stdout.write(value + '\n') + return args.symbol not in config + elif args.command == 'set': + if not args.force and args.symbol not in config: + sys.stderr.write("A #define for the symbol {} " + "was not found in {}" + .format(args.symbol, args.file)) + return 1 + config.set(args.symbol, value=args.value) + elif args.command == 'unset': + config.unset(args.symbol) + else: + config.adapt(args.adapter) + config.write() + + # Import modules only used by main only if main is defined and called. + # pylint: disable=wrong-import-position + import argparse + import sys + sys.exit(main()) From 61f3c0ce8547b2d5a17d59a1cf0bc035c020b519 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 23:31:53 +0200 Subject: [PATCH 1990/2197] Implement the 'full' and 'baremetal' configurations Also fix 'realfull' to only affect the appropriate sections. Tested to produce the same results as config.pl on the default configuration. This commit deliberately contains a direct copy the lists of symbol names from config.pl. --- scripts/config.py | 120 +++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 108 insertions(+), 12 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index f86d64b69..54c293775 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -35,12 +35,14 @@ class Setting: with no value. * active: True if name is defined, False if a #define for name is present in config.h but commented out. + * section: the name of the section that contains this symbol. """ # pylint: disable=too-few-public-methods - def __init__(self, active, name, value=''): + def __init__(self, active, name, value='', section=None): self.active = active self.name = name self.value = value + self.section = section class Config: """Representation of the Mbed TLS configuration. @@ -137,18 +139,93 @@ class Config: """Run adapter on each known symbol and (de)activate it accordingly. `adapter` must be a function that returns a boolean. It is called as - `adapter(name, active)` for each setting, where `active` is `True` - if `name` is set and `False` if `name` is known but unset. If + `adapter(name, active, section)` for each setting, where `active` is + `True` if `name` is set and `False` if `name` is known but unset, + and `section` is the name of the section containing `name`. If `adapter` returns `True`, then set `name` (i.e. make it active), otherwise unset `name` (i.e. make it known but inactive). """ for setting in self.settings.values(): - setting.active = adapter(setting.name, setting.active) + setting.active = adapter(setting.name, setting.active, + setting.section) -def realfull_adapter(_name, _set): - """Uncomment everything.""" +def is_full_section(section): + """Is this section affected by "config.py full" and friends?""" + return section.endswith('support') or section.endswith('modules') + +def realfull_adapter(_name, active, section): + """Uncomment everything in the system and feature sections.""" + if not is_full_section(section): + return active return True +def include_in_full(name): + """Rules for symbols in the "full" configuration.""" + if re.search(r'PLATFORM_[A-Z0-9]+_ALT', name): + return True + if name in [ + 'MBEDTLS_TEST_NULL_ENTROPY', + 'MBEDTLS_DEPRECATED_REMOVED', + 'MBEDTLS_HAVE_SSE2', + 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', + 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', + 'MBEDTLS_ECP_DP_M221_ENABLED', + 'MBEDTLS_ECP_DP_M383_ENABLED', + 'MBEDTLS_ECP_DP_M511_ENABLED', + 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', + 'MBEDTLS_NO_PLATFORM_ENTROPY', + 'MBEDTLS_RSA_NO_CRT', + 'MBEDTLS_NO_UDBL_DIVISION', + 'MBEDTLS_NO_64BIT_MULTIPLICATION', + 'MBEDTLS_PSA_CRYPTO_SE_C', + 'MBEDTLS_PSA_CRYPTO_SPM', + 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', + 'MBEDTLS_PSA_INJECT_ENTROPY', + 'MBEDTLS_ECP_RESTARTABLE', + 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', + ]: + return False + if name.endswith('_ALT'): + return False + return True + +def full_adapter(name, active, section): + """Config adapter for "full".""" + if not is_full_section(section): + return active + return include_in_full(name) + +def keep_in_baremetal(name): + """Rules for symbols in the "baremetal" configuration.""" + if name in [ + 'MBEDTLS_TIMING_C', + 'MBEDTLS_FS_IO', + 'MBEDTLS_ENTROPY_NV_SEED', + 'MBEDTLS_HAVE_TIME', + 'MBEDTLS_HAVE_TIME_DATE', + 'MBEDTLS_DEPRECATED_WARNING', + 'MBEDTLS_HAVEGE_C', + 'MBEDTLS_THREADING_C', + 'MBEDTLS_THREADING_PTHREAD', + 'MBEDTLS_MEMORY_BACKTRACE', + 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', + 'MBEDTLS_PLATFORM_TIME_ALT', + 'MBEDTLS_PLATFORM_FPRINTF_ALT', + 'MBEDTLS_PSA_ITS_FILE_C', + 'MBEDTLS_PSA_CRYPTO_SE_C', + 'MBEDTLS_PSA_CRYPTO_STORAGE_C', + ]: + return False + return True + +def baremetal_adapter(name, active, section): + """Config adapter for "baremetal".""" + if not is_full_section(section): + return active + if name == 'MBEDTLS_NO_PLATFORM_ENTROPY': + return True + return include_in_full(name) and keep_in_baremetal(name) + class ConfigFile(Config): """Representation of the Mbed TLS configuration read for a file. @@ -164,8 +241,10 @@ class ConfigFile(Config): filename = self.default_path super().__init__() self.filename = filename + self.current_section = 'header' with open(filename) as file: self.templates = [self._parse_line(line) for line in file] + self.current_section = None def set(self, name, value=None): if name not in self.settings: @@ -179,11 +258,20 @@ class ConfigFile(Config): r'(?P(?:\((?:\w|\s|,)*\))?)' + r'(?P\s*)' + r'(?P.*)') + _section_line_regexp = (r'\s*/?\*+\s*[\\@]name\s+SECTION:\s*' + + r'(?P
.*)[ */]*') + _config_line_regexp = re.compile(r'|'.join([_define_line_regexp, + _section_line_regexp])) def _parse_line(self, line): """Parse a line in config.h and return the corresponding template.""" line = line.rstrip('\r\n') - m = re.match(self._define_line_regexp, line) - if m: + m = re.match(self._config_line_regexp, line) + if m is None: + return line + elif m.group('section'): + self.current_section = m.group('section') + return line + else: active = not m.group('commented_out') name = m.group('name') value = m.group('value') @@ -191,10 +279,9 @@ class ConfigFile(Config): m.group('indentation'), m.group('define') + name + m.group('arguments') + m.group('separator')) - self.settings[name] = Setting(active, name, value) + self.settings[name] = Setting(active, name, value, + self.current_section) return template - else: - return line def _format_template(self, name, indent, middle): """Build a line for config.h for the given setting. @@ -267,8 +354,17 @@ if __name__ == '__main__': def add_adapter(name, function, description): subparser = subparsers.add_parser(name, help=description) subparser.set_defaults(adapter=function) + add_adapter('baremetal', baremetal_adapter, + """Like full, but exclude features that require platform + features such as file input-output.""") + add_adapter('full', full_adapter, + """Uncomment most features. + Exclude alternative implementations and platform support + options, as well as some options that are awkward to test. + """) add_adapter('realfull', realfull_adapter, - """Uncomment all #defines. No exceptions.""") + """Uncomment all boolean #defines. + Suitable for generating documentation, but not for building.""") args = parser.parse_args() config = ConfigFile(args.file) From f6f5ea21b53e668715e5ca6852b88b94ce2c3efb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 23:37:06 +0200 Subject: [PATCH 1991/2197] Remove obsolete options from config.py These options haven't existed for a long time. --- scripts/config.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 54c293775..9e7648392 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -169,9 +169,6 @@ def include_in_full(name): 'MBEDTLS_HAVE_SSE2', 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', - 'MBEDTLS_ECP_DP_M221_ENABLED', - 'MBEDTLS_ECP_DP_M383_ENABLED', - 'MBEDTLS_ECP_DP_M511_ENABLED', 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', 'MBEDTLS_NO_PLATFORM_ENTROPY', 'MBEDTLS_RSA_NO_CRT', From 651a64de7d8ba3eb332e254b6273fd99bbc6d95c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 23:37:47 +0200 Subject: [PATCH 1992/2197] Sort symbol lists in alphabetical order They're easier to maintain that way. The old lists were partly alphabetized, partly based on config.h order, and partly in the order in which symbols had been added to config.pl. --- scripts/config.py | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 9e7648392..7293e11b4 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -164,22 +164,22 @@ def include_in_full(name): if re.search(r'PLATFORM_[A-Z0-9]+_ALT', name): return True if name in [ - 'MBEDTLS_TEST_NULL_ENTROPY', - 'MBEDTLS_DEPRECATED_REMOVED', - 'MBEDTLS_HAVE_SSE2', - 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', + 'MBEDTLS_DEPRECATED_REMOVED', + 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', + 'MBEDTLS_ECP_RESTARTABLE', + 'MBEDTLS_HAVE_SSE2', + 'MBEDTLS_NO_64BIT_MULTIPLICATION', 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', 'MBEDTLS_NO_PLATFORM_ENTROPY', - 'MBEDTLS_RSA_NO_CRT', 'MBEDTLS_NO_UDBL_DIVISION', - 'MBEDTLS_NO_64BIT_MULTIPLICATION', + 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', + 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', 'MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_SPM', - 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', 'MBEDTLS_PSA_INJECT_ENTROPY', - 'MBEDTLS_ECP_RESTARTABLE', - 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', + 'MBEDTLS_RSA_NO_CRT', + 'MBEDTLS_TEST_NULL_ENTROPY', ]: return False if name.endswith('_ALT'): @@ -195,22 +195,22 @@ def full_adapter(name, active, section): def keep_in_baremetal(name): """Rules for symbols in the "baremetal" configuration.""" if name in [ - 'MBEDTLS_TIMING_C', - 'MBEDTLS_FS_IO', + 'MBEDTLS_DEPRECATED_WARNING', 'MBEDTLS_ENTROPY_NV_SEED', + 'MBEDTLS_FS_IO', + 'MBEDTLS_HAVEGE_C', 'MBEDTLS_HAVE_TIME', 'MBEDTLS_HAVE_TIME_DATE', - 'MBEDTLS_DEPRECATED_WARNING', - 'MBEDTLS_HAVEGE_C', - 'MBEDTLS_THREADING_C', - 'MBEDTLS_THREADING_PTHREAD', 'MBEDTLS_MEMORY_BACKTRACE', 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', - 'MBEDTLS_PLATFORM_TIME_ALT', 'MBEDTLS_PLATFORM_FPRINTF_ALT', - 'MBEDTLS_PSA_ITS_FILE_C', + 'MBEDTLS_PLATFORM_TIME_ALT', 'MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_STORAGE_C', + 'MBEDTLS_PSA_ITS_FILE_C', + 'MBEDTLS_THREADING_C', + 'MBEDTLS_THREADING_PTHREAD', + 'MBEDTLS_TIMING_C', ]: return False return True From 4efaeba48bd9bd65ead3a7f801e4587fa0e241f3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 23:44:01 +0200 Subject: [PATCH 1993/2197] Support writing to a different file --- scripts/config.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index 7293e11b4..ac2a298d3 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -323,6 +323,8 @@ if __name__ == '__main__': parser.add_argument('--force', '-o', help="""For the set command, if SYMBOL is not present, add a definition for it.""") + parser.add_argument('--write', '-w', + help="""File to write to instead of the input file.""") subparsers = parser.add_subparsers(dest='command', title='Commands') parser_get = subparsers.add_parser('get', @@ -382,7 +384,7 @@ if __name__ == '__main__': config.unset(args.symbol) else: config.adapt(args.adapter) - config.write() + config.write(args.write) # Import modules only used by main only if main is defined and called. # pylint: disable=wrong-import-position From 3bdd412d096d779a4c4072b3a1df0a5571036d74 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 23:52:53 +0200 Subject: [PATCH 1994/2197] Invoke config.py instead of config.pl git grep -Fl /config.pl | xargs sed -i -e 's!/config\.pl!/config.py!g' Also: * Change one comment in include/mbedtls/check_config.h. * Change PERL to PYTHON in CMakeLists.txt. --- 3rdparty/everest/CMakeLists.txt | 2 +- CMakeLists.txt | 6 +- Makefile | 4 +- include/mbedtls/check_config.h | 2 +- scripts/apidoc_full.sh | 2 +- scripts/ecc-heap.sh | 4 +- scripts/footprint.sh | 6 +- tests/scripts/all.sh | 214 +++++++++++++++--------------- tests/scripts/basic-build-test.sh | 4 +- tests/scripts/curves.pl | 4 +- tests/scripts/depends-hashes.pl | 4 +- tests/scripts/depends-pkalgs.pl | 4 +- tests/scripts/list-symbols.sh | 2 +- 13 files changed, 129 insertions(+), 129 deletions(-) diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index 18c8731bd..782c0c563 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -10,7 +10,7 @@ set(everest_src list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib) -execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) +execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) if(${result} EQUAL 0) diff --git a/CMakeLists.txt b/CMakeLists.txt index 81fa6cb89..c49bae2f7 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -48,17 +48,17 @@ set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}" find_package(PythonInterp) find_package(Perl) -if(PERL_FOUND) +if(PYTHON_FOUND) # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning - execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY RESULT_VARIABLE result) if(${result} EQUAL 0) message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) endif() # If NULL Entropy is configured, display an appropriate warning - execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY + execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY RESULT_VARIABLE result) if(${result} EQUAL 0) message(WARNING ${NULL_ENTROPY_WARNING}) diff --git a/Makefile b/Makefile index c9eb681ce..4fd7f8eaa 100644 --- a/Makefile +++ b/Makefile @@ -70,11 +70,11 @@ post_build: ifndef WINDOWS # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning - -scripts/config.pl get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \ + -scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \ echo '$(CTR_DRBG_128_BIT_KEY_WARNING)' # If NULL Entropy is configured, display an appropriate warning - -scripts/config.pl get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \ + -scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \ echo '$(NULL_ENTROPY_WARNING)' endif diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ede070405..999fc520f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -45,7 +45,7 @@ #endif /* Fix the config here. Not convenient to put an #ifdef _WIN32 in config.h as - * it would confuse config.pl. */ + * it would confuse config.py. */ #if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \ !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #define MBEDTLS_PLATFORM_SNPRINTF_ALT diff --git a/scripts/apidoc_full.sh b/scripts/apidoc_full.sh index bebab103e..dfe117710 100755 --- a/scripts/apidoc_full.sh +++ b/scripts/apidoc_full.sh @@ -19,7 +19,7 @@ fi CONFIG_BAK=${CONFIG_H}.bak cp -p $CONFIG_H $CONFIG_BAK -scripts/config.pl realfull +scripts/config.py realfull make apidoc mv $CONFIG_BAK $CONFIG_H diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 94a04cf7e..69777a62c 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -59,8 +59,8 @@ EOF for F in 0 1; do for W in 2 3 4 5 6; do - scripts/config.pl set MBEDTLS_ECP_WINDOW_SIZE $W - scripts/config.pl set MBEDTLS_ECP_FIXED_POINT_OPTIM $F + scripts/config.py set MBEDTLS_ECP_WINDOW_SIZE $W + scripts/config.py set MBEDTLS_ECP_FIXED_POINT_OPTIM $F make benchmark >/dev/null 2>&1 echo "fixed point optim = $F, max window size = $W" echo "--------------------------------------------" diff --git a/scripts/footprint.sh b/scripts/footprint.sh index 697972f33..6cabcb925 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -62,9 +62,9 @@ doit() fi { - scripts/config.pl unset MBEDTLS_TIMING_C || true - scripts/config.pl unset MBEDTLS_FS_IO || true - scripts/config.pl --force set MBEDTLS_NO_PLATFORM_ENTROPY || true + scripts/config.py unset MBEDTLS_TIMING_C || true + scripts/config.py unset MBEDTLS_FS_IO || true + scripts/config.py --force set MBEDTLS_NO_PLATFORM_ENTROPY || true } >/dev/null 2>&1 make clean >/dev/null diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 282c51360..99abda3bf 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -590,10 +590,10 @@ component_test_ref_configs () { component_test_no_pem_no_fs () { msg "build: Default + !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO (ASan build)" - scripts/config.pl unset MBEDTLS_PEM_PARSE_C - scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS + scripts/config.py unset MBEDTLS_PEM_PARSE_C + scripts/config.py unset MBEDTLS_FS_IO + scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem + scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -603,7 +603,7 @@ component_test_no_pem_no_fs () { component_test_rsa_no_crt () { msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min - scripts/config.pl set MBEDTLS_RSA_NO_CRT + scripts/config.py set MBEDTLS_RSA_NO_CRT CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -613,7 +613,7 @@ component_test_rsa_no_crt () { component_test_new_ecdh_context () { msg "build: new ECDH context (ASan build)" # ~ 6 min - scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT + scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -623,8 +623,8 @@ component_test_new_ecdh_context () { component_test_everest () { msg "build: Everest ECDH context (ASan build)" # ~ 6 min - scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT - scripts/config.pl set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT + scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED CC=clang cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -634,8 +634,8 @@ component_test_everest () { component_test_psa_collect_statuses () { msg "build+test: psa_collect_statuses" # ~30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # slow and irrelevant + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # slow and irrelevant record_status tests/scripts/psa_collect_statuses.py # Check that psa_crypto_init() succeeded at least once record_status grep -q '^0:psa_crypto_init:' tests/statuses.log @@ -644,8 +644,8 @@ component_test_psa_collect_statuses () { component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . make @@ -658,8 +658,8 @@ component_test_full_cmake_clang () { component_test_full_make_gcc_o0 () { msg "build: make, full config, gcc -O0" # ~ 50s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests make CC=gcc CFLAGS='-O0' msg "test: main suites (full config, gcc -O0)" # ~ 5s @@ -668,8 +668,8 @@ component_test_full_make_gcc_o0 () { component_build_deprecated () { msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s - scripts/config.pl full - scripts/config.pl set MBEDTLS_DEPRECATED_WARNING + scripts/config.py full + scripts/config.py set MBEDTLS_DEPRECATED_WARNING # Build with -O -Wextra to catch a maximum of issues. make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests @@ -677,8 +677,8 @@ component_build_deprecated () { msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s # No cleanup, just tweak the configuration and rebuild make clean - scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING - scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED + scripts/config.py unset MBEDTLS_DEPRECATED_WARNING + scripts/config.py set MBEDTLS_DEPRECATED_REMOVED # Build with -O -Wextra to catch a maximum of issues. make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests @@ -713,13 +713,13 @@ component_build_default_make_gcc_and_cxx () { component_test_no_use_psa_crypto_full_cmake_asan() { # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan" - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl set MBEDTLS_ECP_RESTARTABLE # not using PSA, so enable restartable ECC - scripts/config.pl set MBEDTLS_PSA_CRYPTO_C - scripts/config.pl unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_ECP_RESTARTABLE # not using PSA, so enable restartable ECC + scripts/config.py set MBEDTLS_PSA_CRYPTO_C + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -729,10 +729,10 @@ component_test_no_use_psa_crypto_full_cmake_asan() { component_test_check_params_functionality () { msg "build+test: MBEDTLS_CHECK_PARAMS functionality" - scripts/config.pl full # includes CHECK_PARAMS + scripts/config.py full # includes CHECK_PARAMS # Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed(). - scripts/config.pl unset MBEDTLS_CHECK_PARAMS_ASSERT - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py unset MBEDTLS_CHECK_PARAMS_ASSERT + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # Only build and run tests. Do not build sample programs, because # they don't have a mbedtls_param_failed() function. make CC=gcc CFLAGS='-Werror -O1' lib test @@ -740,25 +740,25 @@ component_test_check_params_functionality () { component_test_check_params_without_platform () { msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C" - scripts/config.pl full # includes CHECK_PARAMS + scripts/config.py full # includes CHECK_PARAMS # Keep MBEDTLS_PARAM_FAILED as assert. - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY - scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT - scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED - scripts/config.pl unset MBEDTLS_PLATFORM_C + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT + scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT + scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_MEMORY + scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT + scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED + scripts/config.py unset MBEDTLS_PLATFORM_C make CC=gcc CFLAGS='-Werror -O1' all test } component_test_check_params_silent () { msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()" - scripts/config.pl full # includes CHECK_PARAMS - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.py full # includes CHECK_PARAMS + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests # Set MBEDTLS_PARAM_FAILED to nothing. sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H" make CC=gcc CFLAGS='-Werror -O1' all test @@ -769,20 +769,20 @@ component_test_no_platform () { # This should catch missing mbedtls_printf definitions, and by disabling file # IO, it should catch missing '#include ' msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_PLATFORM_C - scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY - scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT - scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT - scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl unset MBEDTLS_FS_IO - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_SE_C - scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C - scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.py full + scripts/config.py unset MBEDTLS_PLATFORM_C + scripts/config.py unset MBEDTLS_PLATFORM_MEMORY + scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT + scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT + scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py unset MBEDTLS_FS_IO + scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C + scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, # to re-enable platform integration features otherwise disabled in C99 builds make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs @@ -792,20 +792,20 @@ component_test_no_platform () { component_build_no_std_function () { # catch compile bugs in _uninit functions msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s - scripts/config.pl full - scripts/config.pl set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED + scripts/config.py full + scripts/config.py set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' } component_test_null_entropy () { msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" - scripts/config.pl set MBEDTLS_TEST_NULL_ENTROPY - scripts/config.pl set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - scripts/config.pl set MBEDTLS_ENTROPY_C - scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED - scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT - scripts/config.pl unset MBEDTLS_HAVEGE_C + scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY + scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + scripts/config.py set MBEDTLS_ENTROPY_C + scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED + scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT + scripts/config.py unset MBEDTLS_HAVEGE_C CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON . make @@ -815,9 +815,9 @@ component_test_null_entropy () { component_test_platform_calloc_macro () { msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" - scripts/config.pl set MBEDTLS_PLATFORM_MEMORY - scripts/config.pl set MBEDTLS_PLATFORM_CALLOC_MACRO calloc - scripts/config.pl set MBEDTLS_PLATFORM_FREE_MACRO free + scripts/config.py set MBEDTLS_PLATFORM_MEMORY + scripts/config.py set MBEDTLS_PLATFORM_CALLOC_MACRO calloc + scripts/config.py set MBEDTLS_PLATFORM_FREE_MACRO free CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -827,8 +827,8 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" @@ -842,7 +842,7 @@ component_test_malloc_0_null () { component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" - scripts/config.pl set MBEDTLS_AES_FEWER_TABLES + scripts/config.py set MBEDTLS_AES_FEWER_TABLES make CC=gcc CFLAGS='-Werror -Wall -Wextra' msg "test: AES_FEWER_TABLES" @@ -851,7 +851,7 @@ component_test_aes_fewer_tables () { component_test_aes_rom_tables () { msg "build: default config with AES_ROM_TABLES enabled" - scripts/config.pl set MBEDTLS_AES_ROM_TABLES + scripts/config.py set MBEDTLS_AES_ROM_TABLES make CC=gcc CFLAGS='-Werror -Wall -Wextra' msg "test: AES_ROM_TABLES" @@ -860,8 +860,8 @@ component_test_aes_rom_tables () { component_test_aes_fewer_tables_and_rom_tables () { msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled" - scripts/config.pl set MBEDTLS_AES_FEWER_TABLES - scripts/config.pl set MBEDTLS_AES_ROM_TABLES + scripts/config.py set MBEDTLS_AES_FEWER_TABLES + scripts/config.py set MBEDTLS_AES_ROM_TABLES make CC=gcc CFLAGS='-Werror -Wall -Wextra' msg "test: AES_FEWER_TABLES + AES_ROM_TABLES" @@ -870,7 +870,7 @@ component_test_aes_fewer_tables_and_rom_tables () { component_test_se_default () { msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C" - scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C + scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C make CC=clang CFLAGS="$ASAN_CFLAGS -Os" LDFLAGS="$ASAN_CFLAGS" msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C" @@ -879,9 +879,9 @@ component_test_se_default () { component_test_se_full () { msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" msg "test: full config + MBEDTLS_PSA_CRYPTO_SE_C" @@ -906,7 +906,7 @@ component_build_mbedtls_config_file () { msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s # Use the full config so as to catch a maximum of places where # the check of MBEDTLS_CONFIG_FILE might be missing. - scripts/config.pl full + scripts/config.py full sed 's!"check_config.h"!"mbedtls/check_config.h"!' <"$CONFIG_H" >full_config.h echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" @@ -916,7 +916,7 @@ component_build_mbedtls_config_file () { component_test_m32_o0 () { # Build once with -O0, to compile out the i386 specific inline assembly msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s - scripts/config.pl full + scripts/config.py full make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" @@ -932,10 +932,10 @@ support_test_m32_o0 () { component_test_m32_o1 () { # Build again with -O1, to compile in the i386 specific inline assembly msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl unset MBEDTLS_MEMORY_DEBUG + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py unset MBEDTLS_MEMORY_DEBUG make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O1" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O1 (ASan build)" @@ -947,8 +947,8 @@ support_test_m32_o1 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min - scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT - scripts/config.pl set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT + scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s @@ -960,7 +960,7 @@ support_test_m32_everest () { component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s - scripts/config.pl full + scripts/config.py full make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' msg "test: 64-bit ILP32, make, gcc" @@ -975,7 +975,7 @@ support_test_mx32 () { component_test_min_mpi_window_size () { msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s - scripts/config.pl set MBEDTLS_MPI_WINDOW_SIZE 1 + scripts/config.py set MBEDTLS_MPI_WINDOW_SIZE 1 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -985,9 +985,9 @@ component_test_min_mpi_window_size () { component_test_have_int32 () { msg "build: gcc, force 32-bit bignum limbs" - scripts/config.pl unset MBEDTLS_HAVE_ASM - scripts/config.pl unset MBEDTLS_AESNI_C - scripts/config.pl unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_HAVE_ASM + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' msg "test: gcc, force 32-bit bignum limbs" @@ -996,9 +996,9 @@ component_test_have_int32 () { component_test_have_int64 () { msg "build: gcc, force 64-bit bignum limbs" - scripts/config.pl unset MBEDTLS_HAVE_ASM - scripts/config.pl unset MBEDTLS_AESNI_C - scripts/config.pl unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_HAVE_ASM + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' msg "test: gcc, force 64-bit bignum limbs" @@ -1007,9 +1007,9 @@ component_test_have_int64 () { component_test_no_udbl_division () { msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests - scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.py set MBEDTLS_NO_UDBL_DIVISION make CFLAGS='-Werror -O1' msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s @@ -1018,9 +1018,9 @@ component_test_no_udbl_division () { component_test_no_64bit_multiplication () { msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests - scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION make CFLAGS='-Werror -O1' msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s @@ -1029,13 +1029,13 @@ component_test_no_64bit_multiplication () { component_build_arm_none_eabi_gcc () { msg "build: arm-none-eabi-gcc, make" # ~ 10s - scripts/config.pl baremetal + scripts/config.py baremetal make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib } component_build_arm_none_eabi_gcc_arm5vte () { msg "build: arm-none-eabi-gcc -march=arm5vte, make" # ~ 10s - scripts/config.pl baremetal + scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. @@ -1046,8 +1046,8 @@ component_build_arm_none_eabi_gcc_arm5vte () { component_build_arm_none_eabi_gcc_no_udbl_division () { msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s - scripts/config.pl baremetal - scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION + scripts/config.py baremetal + scripts/config.py set MBEDTLS_NO_UDBL_DIVISION make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib echo "Checking that software 64-bit division is not required" if_build_succeeded not grep __aeabi_uldiv library/*.o @@ -1055,8 +1055,8 @@ component_build_arm_none_eabi_gcc_no_udbl_division () { component_build_arm_none_eabi_gcc_no_64bit_multiplication () { msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s - scripts/config.pl baremetal - scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION + scripts/config.py baremetal + scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib echo "Checking that software 64-bit multiplication is not required" if_build_succeeded not grep __aeabi_lmul library/*.o @@ -1064,7 +1064,7 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { component_build_armcc () { msg "build: ARM Compiler 5, make" - scripts/config.pl baremetal + scripts/config.py baremetal make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib make clean @@ -1107,7 +1107,7 @@ support_build_mingw() { component_test_memsan () { msg "build: MSan (clang)" # ~ 1 min 20s - scripts/config.pl unset MBEDTLS_AESNI_C # memsan doesn't grok asm + scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . make diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 54ca93413..7ed0372ab 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -46,8 +46,8 @@ export CFLAGS=' --coverage -g3 -O0 ' export LDFLAGS=' --coverage' make clean cp "$CONFIG_H" "$CONFIG_BAK" -scripts/config.pl full -scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE +scripts/config.py full +scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE make -j diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl index 4791d5521..3e2255277 100755 --- a/tests/scripts/curves.pl +++ b/tests/scripts/curves.pl @@ -46,13 +46,13 @@ for my $curve (@curves) { system( "make clean" ) and die; # depends on a specific curve. Also, ignore error if it wasn't enabled - system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" ); + system( "scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" ); print "\n******************************************\n"; print "* Testing without curve: $curve\n"; print "******************************************\n"; - system( "scripts/config.pl unset $curve" ) + system( "scripts/config.py unset $curve" ) and abort "Failed to disable $curve\n"; system( "CFLAGS='-Werror -Wall -Wextra' make lib" ) diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index f57e7ed88..92bcceb82 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -58,11 +58,11 @@ for my $hash (@hashes) { print "* Testing without hash: $hash\n"; print "******************************************\n"; - system( "scripts/config.pl unset $hash" ) + system( "scripts/config.py unset $hash" ) and abort "Failed to disable $hash\n"; for my $opt (@ssl) { - system( "scripts/config.pl unset $opt" ) + system( "scripts/config.py unset $opt" ) and abort "Failed to disable $opt\n"; } diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl index 72c7f4103..70e77b046 100755 --- a/tests/scripts/depends-pkalgs.pl +++ b/tests/scripts/depends-pkalgs.pl @@ -60,10 +60,10 @@ while( my ($alg, $extras) = each %algs ) { print "* Testing without alg: $alg\n"; print "******************************************\n"; - system( "scripts/config.pl unset $alg" ) + system( "scripts/config.py unset $alg" ) and abort "Failed to disable $alg\n"; for my $opt (@$extras) { - system( "scripts/config.pl unset $opt" ) + system( "scripts/config.py unset $opt" ) and abort "Failed to disable $opt\n"; } diff --git a/tests/scripts/list-symbols.sh b/tests/scripts/list-symbols.sh index 6ecc199bf..1c348a79c 100755 --- a/tests/scripts/list-symbols.sh +++ b/tests/scripts/list-symbols.sh @@ -13,7 +13,7 @@ if grep -i cmake Makefile >/dev/null; then fi cp include/mbedtls/config.h include/mbedtls/config.h.bak -scripts/config.pl full +scripts/config.py full make clean make_ret= CFLAGS=-fno-asynchronous-unwind-tables make lib \ From 04362a0ad60b8fc333af4437d6958231115c0105 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 27 Jul 2019 23:56:04 +0200 Subject: [PATCH 1995/2197] Replace config.pl by a redirection to config.py Keep config.pl in Perl in case people are running "perl config.pl". --- scripts/config.pl | 299 +--------------------------------------------- 1 file changed, 4 insertions(+), 295 deletions(-) diff --git a/scripts/config.pl b/scripts/config.pl index 8066bb019..bd6c7e557 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -1,296 +1,5 @@ #!/usr/bin/env perl -# -# This file is part of mbed TLS (https://tls.mbed.org) -# -# Copyright (c) 2014-2016, ARM Limited, All Rights Reserved -# -# Purpose -# -# Comments and uncomments #define lines in the given header file and optionally -# sets their value or can get the value. This is to provide scripting control of -# what preprocessor symbols, and therefore what build time configuration flags -# are set in the 'config.h' file. -# -# Usage: config.pl [-f | --file ] [-o | --force] -# [set | unset | get | -# full | realfull] -# -# Full usage description provided below. -# -# The following options are disabled instead of enabled with "full". -# -# MBEDTLS_TEST_NULL_ENTROPY -# MBEDTLS_DEPRECATED_REMOVED -# MBEDTLS_HAVE_SSE2 -# MBEDTLS_PLATFORM_NO_STD_FUNCTIONS -# MBEDTLS_ECP_DP_M221_ENABLED -# MBEDTLS_ECP_DP_M383_ENABLED -# MBEDTLS_ECP_DP_M511_ENABLED -# MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES -# MBEDTLS_NO_PLATFORM_ENTROPY -# MBEDTLS_RSA_NO_CRT -# MBEDTLS_PSA_CRYPTO_SPM -# MBEDTLS_PSA_INJECT_ENTROPY -# MBEDTLS_ECP_RESTARTABLE -# and any symbol beginning _ALT -# - -use warnings; -use strict; - -my $config_file = "include/mbedtls/config.h"; -my $usage = < | --file ] [-o | --force] - [set | unset | get | - full | realfull | baremetal] - -Commands - set [] - Uncomments or adds a #define for the to - the configuration file, and optionally making it - of . - If the symbol isn't present in the file an error - is returned. - unset - Comments out the #define for the given symbol if - present in the configuration file. - get - Finds the #define for the given symbol, returning - an exitcode of 0 if the symbol is found, and 1 if - not. The value of the symbol is output if one is - specified in the configuration file. - full - Uncomments all #define's in the configuration file - excluding some reserved symbols, until the - 'Module configuration options' section - realfull - Uncomments all #define's with no exclusions - baremetal - Sets full configuration suitable for baremetal build. - -Options - -f | --file - The file or file path for the configuration file - to edit. When omitted, the following default is - used: - $config_file - -o | --force - If the symbol isn't present in the configuration - file when setting its value, a #define is - appended to the end of the file. - -EOU - -my @excluded = qw( -MBEDTLS_TEST_NULL_ENTROPY -MBEDTLS_DEPRECATED_REMOVED -MBEDTLS_HAVE_SSE2 -MBEDTLS_PLATFORM_NO_STD_FUNCTIONS -MBEDTLS_CTR_DRBG_USE_128_BIT_KEY -MBEDTLS_ECP_DP_M221_ENABLED -MBEDTLS_ECP_DP_M383_ENABLED -MBEDTLS_ECP_DP_M511_ENABLED -MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES -MBEDTLS_NO_PLATFORM_ENTROPY -MBEDTLS_RSA_NO_CRT -MBEDTLS_NO_UDBL_DIVISION -MBEDTLS_NO_64BIT_MULTIPLICATION -MBEDTLS_PSA_CRYPTO_SE_C -MBEDTLS_PSA_CRYPTO_SPM -MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER -MBEDTLS_PSA_INJECT_ENTROPY -MBEDTLS_ECP_RESTARTABLE -MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED -_ALT\s*$ -); - -# Things that should be disabled in "baremetal" -my @excluded_baremetal = qw( -MBEDTLS_TIMING_C -MBEDTLS_FS_IO -MBEDTLS_ENTROPY_NV_SEED -MBEDTLS_HAVE_TIME -MBEDTLS_HAVE_TIME_DATE -MBEDTLS_DEPRECATED_WARNING -MBEDTLS_HAVEGE_C -MBEDTLS_THREADING_C -MBEDTLS_THREADING_PTHREAD -MBEDTLS_MEMORY_BACKTRACE -MBEDTLS_MEMORY_BUFFER_ALLOC_C -MBEDTLS_PLATFORM_TIME_ALT -MBEDTLS_PLATFORM_FPRINTF_ALT -MBEDTLS_PSA_ITS_FILE_C -MBEDTLS_PSA_CRYPTO_SE_C -MBEDTLS_PSA_CRYPTO_STORAGE_C -); - -# Things that should be enabled in "full" even if they match @excluded -my @non_excluded = qw( -PLATFORM_[A-Z0-9]+_ALT -); - -# Things that should be enabled in "baremetal" -my @non_excluded_baremetal = qw( -MBEDTLS_NO_PLATFORM_ENTROPY -); - -# Process the command line arguments - -my $force_option = 0; - -my ($arg, $name, $value, $action); - -while ($arg = shift) { - - # Check if the argument is an option - if ($arg eq "-f" || $arg eq "--file") { - $config_file = shift; - - -f $config_file or die "No such file: $config_file\n"; - - } - elsif ($arg eq "-o" || $arg eq "--force") { - $force_option = 1; - - } - else - { - # ...else assume it's a command - $action = $arg; - - if ($action eq "full" || $action eq "realfull" || $action eq "baremetal" ) { - # No additional parameters - die $usage if @ARGV; - - } - elsif ($action eq "unset" || $action eq "get") { - die $usage unless @ARGV; - $name = shift; - - } - elsif ($action eq "set") { - die $usage unless @ARGV; - $name = shift; - $value = shift if @ARGV; - - } - else { - die "Command '$action' not recognised.\n\n".$usage; - } - } -} - -# If no command was specified, exit... -if ( not defined($action) ){ die $usage; } - -# Check the config file is present -if (! -f $config_file) { - - chdir '..' or die; - - # Confirm this is the project root directory and try again - if ( !(-d 'scripts' && -d 'include' && -d 'library' && -f $config_file) ) { - die "If no file specified, must be run from the project root or scripts directory.\n"; - } -} - - -# Now read the file and process the contents - -open my $config_read, '<', $config_file or die "read $config_file: $!\n"; -my @config_lines = <$config_read>; -close $config_read; - -# Add required baremetal symbols to the list that is included. -if ( $action eq "baremetal" ) { - @non_excluded = ( @non_excluded, @non_excluded_baremetal ); -} - -my ($exclude_re, $no_exclude_re, $exclude_baremetal_re); -if ($action eq "realfull") { - $exclude_re = qr/^$/; - $no_exclude_re = qr/./; -} else { - $exclude_re = join '|', @excluded; - $no_exclude_re = join '|', @non_excluded; -} -if ( $action eq "baremetal" ) { - $exclude_baremetal_re = join '|', @excluded_baremetal; -} - -my $config_write = undef; -if ($action ne "get") { - open $config_write, '>', $config_file or die "write $config_file: $!\n"; -} - -my $done; -for my $line (@config_lines) { - if ($action eq "full" || $action eq "realfull" || $action eq "baremetal" ) { - if ($line =~ /name SECTION: Module configuration options/) { - $done = 1; - } - - if (!$done && $line =~ m!^//\s?#define! && - ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) && - ( $action ne "baremetal" || ( $line !~ /$exclude_baremetal_re/ ) ) ) { - $line =~ s!^//\s?!!; - } - if (!$done && $line =~ m!^\s?#define! && - ! ( ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) && - ( $action ne "baremetal" || ( $line !~ /$exclude_baremetal_re/ ) ) ) ) { - $line =~ s!^!//!; - } - } elsif ($action eq "unset") { - if (!$done && $line =~ /^\s*#define\s*$name\b/) { - $line = '//' . $line; - $done = 1; - } - } elsif (!$done && $action eq "set") { - if ($line =~ m!^(?://)?\s*#define\s*$name\b!) { - $line = "#define $name"; - $line .= " $value" if defined $value && $value ne ""; - $line .= "\n"; - $done = 1; - } - } elsif (!$done && $action eq "get") { - if ($line =~ /^\s*#define\s*$name(?:\s+(.*?))\s*(?:$|\/\*|\/\/)/) { - $value = $1; - $done = 1; - } - } - - if (defined $config_write) { - print $config_write $line or die "write $config_file: $!\n"; - } -} - -# Did the set command work? -if ($action eq "set" && $force_option && !$done) { - - # If the force option was set, append the symbol to the end of the file - my $line = "#define $name"; - $line .= " $value" if defined $value && $value ne ""; - $line .= "\n"; - $done = 1; - - print $config_write $line or die "write $config_file: $!\n"; -} - -if (defined $config_write) { - close $config_write or die "close $config_file: $!\n"; -} - -if ($action eq "get") { - if ($done) { - if ($value ne '') { - print "$value\n"; - } - exit 0; - } else { - # If the symbol was not found, return an error - exit 1; - } -} - -if ($action eq "full" && !$done) { - die "Configuration section was not found in $config_file\n"; - -} - -if ($action ne "full" && $action ne "unset" && !$done) { - die "A #define for the symbol $name was not found in $config_file\n"; -} - -__END__ +# Backward compatibility redirection +my $py = $0; +$py =~ s/\.pl$/.py/; +exec 'python3', $py, @ARGV From a47ab228521b7865d7fc313f8c2cdc112f88687a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Jul 2019 00:36:53 +0200 Subject: [PATCH 1996/2197] Print help when invoked with no arguments --- scripts/config.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index ac2a298d3..c14d8676e 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -367,7 +367,10 @@ if __name__ == '__main__': args = parser.parse_args() config = ConfigFile(args.file) - if args.command == 'get': + if args.command is None: + parser.print_help() + return 1 + elif args.command == 'get': if args.symbol in config: value = config[args.symbol] if value: From a26ea87ddef0018cf98decc227804624d300b992 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Jul 2019 13:30:06 +0200 Subject: [PATCH 1997/2197] Fix encoding errors config.h is encoded in UTF-8. --- scripts/config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index c14d8676e..67a1f26d4 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -239,7 +239,7 @@ class ConfigFile(Config): super().__init__() self.filename = filename self.current_section = 'header' - with open(filename) as file: + with open(filename, 'r', encoding='utf-8') as file: self.templates = [self._parse_line(line) for line in file] self.current_section = None @@ -307,7 +307,7 @@ class ConfigFile(Config): """ if filename is None: filename = self.filename - with open(filename, 'w') as output: + with open(filename, 'w', encoding='utf-8') as output: self.write_to_stream(output) if __name__ == '__main__': From 5d650c86b4e27b294605e17551782a7070b469b6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 28 Jul 2019 16:39:19 +0200 Subject: [PATCH 1998/2197] Fix 'config.py set' without --force The `set` command can act on any known symbol. --- scripts/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index 67a1f26d4..9d8184343 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -377,7 +377,7 @@ if __name__ == '__main__': sys.stdout.write(value + '\n') return args.symbol not in config elif args.command == 'set': - if not args.force and args.symbol not in config: + if not args.force and args.symbol not in config.settings: sys.stderr.write("A #define for the symbol {} " "was not found in {}" .format(args.symbol, args.file)) From 1854ec45afc7124f286310f97478e7f280bd9f52 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Jul 2019 23:42:50 +0200 Subject: [PATCH 1999/2197] Report an error if switching to Python fails --- scripts/config.pl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/config.pl b/scripts/config.pl index bd6c7e557..4f6df09fd 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -2,4 +2,6 @@ # Backward compatibility redirection my $py = $0; $py =~ s/\.pl$/.py/; -exec 'python3', $py, @ARGV +exec 'python3', $py, @ARGV; +print STDERR "$0: python3: $!\n"; +exit 127; From 812f185bc8114b32bedd0937cf7e2e0eb61213a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Jul 2019 23:43:20 +0200 Subject: [PATCH 2000/2197] Also search config.h near the script By default, this script looks for include/mbedtls/config.h relative to the current directory. This allows running config.py from outside the build tree. To support out-of-tree builds where config.h and config.py are in the source tree and the current directory is in the build tree, also try DIRECTORY_CONTAINING_SCRIPT/../include/mbedtls/config.h, and the equivalent with symbolic links traversed. --- scripts/config.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 9d8184343..8fd335a49 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -24,6 +24,7 @@ Basic usage, to read the Mbed TLS or Mbed Crypto configuration: ## ## This file is part of Mbed TLS (https://tls.mbed.org) +import os import re class Setting: @@ -230,12 +231,20 @@ class ConfigFile(Config): and modify the configuration. """ - default_path = 'include/mbedtls/config.h' + _path_in_tree = 'include/mbedtls/config.h' + default_path = [_path_in_tree, + os.path.join(os.path.dirname(__file__), + os.pardir, + _path_in_tree), + os.path.join(os.path.dirname(os.path.abspath(os.path.dirname(__file__))), + _path_in_tree)] def __init__(self, filename=None): """Read the Mbed TLS configuration file.""" if filename is None: - filename = self.default_path + for filename in self.default_path: + if os.path.lexists(filename): + break super().__init__() self.filename = filename self.current_section = 'header' From b6fa7970a658259b43f378413076feb520f4dc97 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 23:13:23 +0200 Subject: [PATCH 2001/2197] Fix Config.unset() making the name known --- scripts/config.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 8fd335a49..d5f1a439f 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -131,9 +131,10 @@ class Config: def unset(self, name): """Make name unset (inactive). - name remains known. + name remains known if it was known before. """ - self.set(name) + if name not in self.settings: + return self.settings[name].active = False def adapt(self, adapter): From a52f97d5a5b39d61b853a5ad839c130874cc5cd4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 23:13:47 +0200 Subject: [PATCH 2002/2197] Fix --force requiring an argument --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index d5f1a439f..f0b5187f1 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -331,6 +331,7 @@ if __name__ == '__main__': Default: {}. """.format(ConfigFile.default_path)) parser.add_argument('--force', '-o', + action='store_true', help="""For the set command, if SYMBOL is not present, add a definition for it.""") parser.add_argument('--write', '-w', From 63cdb2855fba070bf00a96d4dfa5574daed43c16 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 23:14:00 +0200 Subject: [PATCH 2003/2197] Fix "--force set" without a value sneaking a None in --- scripts/config.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index f0b5187f1..ccc3c48e0 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -354,7 +354,8 @@ if __name__ == '__main__': found, unless --force is passed. """) parser_set.add_argument('symbol', metavar='SYMBOL') - parser_set.add_argument('value', metavar='VALUE', nargs='?') + parser_set.add_argument('value', metavar='VALUE', nargs='?', + default='') parser_unset = subparsers.add_parser('unset', help="""Comment out the #define for SYMBOL. Do nothing if none From 2552bc73d461ba18749f9bb7d7f445b15ba38267 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 23:14:29 +0200 Subject: [PATCH 2004/2197] Fix "#define ... not found" error when using the default file name Also make that error message end with a newline. --- scripts/config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index ccc3c48e0..b872a8f57 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -391,8 +391,8 @@ if __name__ == '__main__': elif args.command == 'set': if not args.force and args.symbol not in config.settings: sys.stderr.write("A #define for the symbol {} " - "was not found in {}" - .format(args.symbol, args.file)) + "was not found in {}\n" + .format(args.symbol, config.filename)) return 1 config.set(args.symbol, value=args.value) elif args.command == 'unset': From 7f04013099fb7f07550f796f5606d3c055219556 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 23:31:05 +0200 Subject: [PATCH 2005/2197] Documentation improvements --- scripts/config.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index b872a8f57..27a412ad0 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -53,12 +53,10 @@ class Config: if there is a #define for it whether commented out or not. This class supports the following protocols: - * `name in config` is True if the symbol `name` is set in the - configuration, False otherwise (whether `name` is known but commented - out or not known at all). - * `config[name]` is the value of the macro `name`. If `name` is not - set, raise `KeyError` (even if a definition for `name` is present - but commented out). + * `name in config` is `True` if the symbol `name` is active, `False` + otherwise (whether `name` is inactive or not known). + * `config[name]` is the value of the macro `name`. If `name` is inactive, + raise `KeyError` (even if `name` is known). * `config[name] = value` sets the value associated to `name`. `name` must be known, but does not need to be set. This does not cause name to become set. @@ -156,7 +154,7 @@ def is_full_section(section): return section.endswith('support') or section.endswith('modules') def realfull_adapter(_name, active, section): - """Uncomment everything in the system and feature sections.""" + """Activate all symbols found in the system and feature sections.""" if not is_full_section(section): return active return True @@ -293,7 +291,8 @@ class ConfigFile(Config): def _format_template(self, name, indent, middle): """Build a line for config.h for the given setting. - The line has the form "#define ". + The line has the form "#define " + where is "#define ". """ setting = self.settings[name] return ''.join([indent, @@ -334,7 +333,7 @@ if __name__ == '__main__': action='store_true', help="""For the set command, if SYMBOL is not present, add a definition for it.""") - parser.add_argument('--write', '-w', + parser.add_argument('--write', '-w', metavar='FILE', help="""File to write to instead of the input file.""") subparsers = parser.add_subparsers(dest='command', title='Commands') From aebf0027c078ffb13147c03b92fb45b96a5f35ae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Aug 2019 23:32:38 +0200 Subject: [PATCH 2006/2197] Test script for config.py Run config.py with various options and store the results in files. This script also supports the now-removed config.pl. This is a framework to run non-regression tests on config.py: run it with the old version, run it with the new version, and compare the output. This is deliberately not a functional test suite so that we don't need to maintain a set of known outputs. When something changes in config.py (or config.h), run the script before, run it after, and check manually whether any differences in the output are acceptable. --- tests/scripts/test_config_script.py | 177 ++++++++++++++++++++++++++++ 1 file changed, 177 insertions(+) create mode 100755 tests/scripts/test_config_script.py diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py new file mode 100755 index 000000000..0a93fa03e --- /dev/null +++ b/tests/scripts/test_config_script.py @@ -0,0 +1,177 @@ +#!/usr/bin/env python3 + +"""Test helper for the Mbed TLS configuration file tool + +Run config.py with various parameters and write the results to files. + +This is a harness to help regression testing, not a functional tester. +Sample usage: + + test_config_script.py -d old + ## Modify config.py and/or config.h ## + test_config_script.py -d new + diff -ru old new +""" + +## Copyright (C) 2019, ARM Limited, All Rights Reserved +## SPDX-License-Identifier: Apache-2.0 +## +## Licensed under the Apache License, Version 2.0 (the "License"); you may +## not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## +## This file is part of Mbed TLS (https://tls.mbed.org) + +import argparse +import glob +import os +import re +import shutil +import subprocess + +OUTPUT_FILE_PREFIX = 'config-' + +def output_file_name(directory, stem, extension): + return os.path.join(directory, + '{}{}.{}'.format(OUTPUT_FILE_PREFIX, + stem, extension)) + +def cleanup_directory(directory): + """Remove old output files.""" + for extension in []: + pattern = output_file_name(directory, '*', extension) + filenames = glob.glob(pattern) + for filename in filenames: + os.remove(filename) + +def prepare_directory(directory): + """Create the output directory if it doesn't exist yet. + + If there are old output files, remove them. + """ + if os.path.exists(directory): + cleanup_directory(directory) + else: + os.makedirs(directory) + +def guess_presets_from_help(help_text): + """Figure out what presets the script supports. + + help_text should be the output from running the script with --help. + """ + # Try the output format from config.py + hits = re.findall(r'\{([-\w,]+)\}', help_text) + for hit in hits: + words = set(hit.split(',')) + if 'get' in words and 'set' in words and 'unset' in words: + words.remove('get') + words.remove('set') + words.remove('unset') + return words + # Try the output format from config.pl + hits = re.findall(r'\n +([-\w]+) +- ', help_text) + if hits: + return hits + raise Exception("Unable to figure out supported presets. Pass the '-p' option.") + +def list_presets(options): + """Return the list of presets to test. + + The list is taken from the command line if present, otherwise it is + extracted from running the config script with --help. + """ + if options.presets: + return re.split(r'[ ,]+', options.presets) + else: + help_text = subprocess.run([options.script, '--help'], + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT).stdout + return guess_presets_from_help(help_text.decode('ascii')) + +def run_one(options, args): + """Run the config script with the given arguments. + + Write the following files: + * config-xxx.h: modified file. + * config-xxx.out: standard output. + * config-xxx.err: standard output. + * config-xxx.status: exit code. + """ + stem = '-'.join(args) + data_filename = output_file_name(options.output_directory, stem, 'h') + stdout_filename = output_file_name(options.output_directory, stem, 'out') + stderr_filename = output_file_name(options.output_directory, stem, 'err') + status_filename = output_file_name(options.output_directory, stem, 'status') + shutil.copy(options.input_file, data_filename) + # Pass only the file basename, not the full path, to avoid getting the + # directory name in error messages, which would make comparisons + # between output directories more difficult. + cmd = [os.path.abspath(options.script), + '-f', os.path.basename(data_filename)] + with open(stdout_filename, 'wb') as out: + with open(stderr_filename, 'wb') as err: + status = subprocess.call(cmd + args, + cwd=options.output_directory, + stdin=subprocess.DEVNULL, + stdout=out, stderr=err) + with open(status_filename, 'w') as status_file: + status_file.write('{}\n'.format(status)) + +### A list of symbols to test with set and unset. +TEST_SYMBOLS = [ + 'CUSTOM_OPTION', + 'DOES_NOT_EXIST', + 'MBEDTLS_AES_C', + 'MBEDTLS_NO_UDBL_DIVISION', + 'MBEDTLS_PLATFORM_ZEROIZE_ALT', +] + +### A list of symbols to test with set with a value. +TEST_SYMBOLS_WITH_VALUE = [ + 'CUSTOM_VALUE', + 'MBEDTLS_MPI_MAX_SIZE', +] + +def run_all(options): + """Run all the command lines to test.""" + presets = list_presets(options) + for preset in presets: + run_one(options, [preset]) + for symbol in TEST_SYMBOLS: + run_one(options, ['set', symbol]) + run_one(options, ['--force', 'set', symbol]) + run_one(options, ['unset', symbol]) + for symbol in TEST_SYMBOLS_WITH_VALUE: + run_one(options, ['set', symbol, 'value']) + run_one(options, ['--force', 'set', symbol, 'value']) + +def main(): + """Command line entry point.""" + parser = argparse.ArgumentParser(description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('-d', metavar='DIR', + dest='output_directory', required=True, + help="""Output directory.""") + parser.add_argument('-f', metavar='FILE', + dest='input_file', default='include/mbedtls/config.h', + help="""Config file (default: %(default)s).""") + parser.add_argument('-p', metavar='PRESET,...', + dest='presets', + help="""Presets to test (default: guessed from --help).""") + parser.add_argument('-s', metavar='FILE', + dest='script', default='scripts/config.py', + help="""Configuration script (default: %(default)s).""") + options = parser.parse_args() + prepare_directory(options.output_directory) + run_all(options) + +if __name__ == '__main__': + main() From 97409293713688849a1762e454337639f368983f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 22:10:34 +0200 Subject: [PATCH 2007/2197] cmake: fix Python requirement Perl is no longer needed. Python must be version 3. Version 2 is not suitable. The variable is PYTHONINTERP_FOUND, not PYTHON_FOUND. --- CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c49bae2f7..6d5332d1a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -46,9 +46,9 @@ set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}" "${CTR_DRBG_128_BIT_KEY_WARN_L3}" "${WARNING_BORDER}") -find_package(PythonInterp) -find_package(Perl) -if(PYTHON_FOUND) +# Python 3 is only needed here to check for configuration warnings. +find_package(PythonInterp 3) +if(PYTHONINTERP_FOUND) # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY From ea82042ff67ca352e88b51fd3854f7638a4c40a6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 22:13:02 +0200 Subject: [PATCH 2008/2197] cmake: update interpreter requirement for the test suite generator The test suite generator has been a Python script for a long time, but tests/CMakeLists.txt still looked for Perl. The reference to PYTHON_INTERP only worked due to a call to find_package(PythonInterp) in the toplevel CMakeLists.txt, and cmake would not have printed the expected error message if python was not available. --- tests/CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index bcf462f39..3b923a3a3 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -9,9 +9,9 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() -find_package(Perl) -if(NOT PERL_FOUND) - message(FATAL_ERROR "Cannot build test suites without Perl") +find_package(PythonInterp) +if(NOT PYTHONINTERP_FOUND) + message(FATAL_ERROR "Cannot build test suites without Python 2 or 3") endif() # Enable definition of various functions used throughout the testsuite From 7b887cd14d2eda743369203eb15d8cfef435d9ac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 22:51:33 +0200 Subject: [PATCH 2009/2197] Remove redundant test case --- tests/scripts/test_config_script.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index 0a93fa03e..a71b35792 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -128,7 +128,6 @@ def run_one(options, args): ### A list of symbols to test with set and unset. TEST_SYMBOLS = [ 'CUSTOM_OPTION', - 'DOES_NOT_EXIST', 'MBEDTLS_AES_C', 'MBEDTLS_NO_UDBL_DIVISION', 'MBEDTLS_PLATFORM_ZEROIZE_ALT', From 261742bd599812543b011663616b1c39720ecc8c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Sep 2019 22:51:47 +0200 Subject: [PATCH 2010/2197] Fix config.py output when a symbol has acquired or lost a value Normally a valueless symbol remains valueless and a symbol with a value keeps having one. But just in case a symbol does get changed from valueless to having a value, make sure there's a space between the symbol and the value. And if a symbol gets changed from having a value to valueless, strip trailing whitespace. Add corresponding tests. Also fix the case of a valueless symbol added with the set method, which would have resulted in attempting to use None as a string. This only happened with the Python API, not with the command line API. --- scripts/config.py | 14 +++++++++++++- tests/scripts/test_config_script.py | 3 +++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index 27a412ad0..8fe98a889 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -295,10 +295,22 @@ class ConfigFile(Config): where is "#define ". """ setting = self.settings[name] + value = setting.value + if value is None: + value = '' + # Normally the whitespace to separte the symbol name from the + # value is part of middle, and there's no whitespace for a symbol + # with no value. But if a symbol has been changed from having a + # value to not having one, the whitespace is wrong, so fix it. + if value: + if middle[-1] not in '\t ': + middle += ' ' + else: + middle = middle.rstrip() return ''.join([indent, '' if setting.active else '//', middle, - setting.value]).rstrip() + value]).rstrip() def write_to_stream(self, output): """Write the whole configuration to output.""" diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index a71b35792..dd3ecbbdb 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -129,6 +129,7 @@ def run_one(options, args): TEST_SYMBOLS = [ 'CUSTOM_OPTION', 'MBEDTLS_AES_C', + 'MBEDTLS_MPI_MAX_SIZE', 'MBEDTLS_NO_UDBL_DIVISION', 'MBEDTLS_PLATFORM_ZEROIZE_ALT', ] @@ -136,6 +137,7 @@ TEST_SYMBOLS = [ ### A list of symbols to test with set with a value. TEST_SYMBOLS_WITH_VALUE = [ 'CUSTOM_VALUE', + 'MBEDTLS_AES_C', 'MBEDTLS_MPI_MAX_SIZE', ] @@ -151,6 +153,7 @@ def run_all(options): for symbol in TEST_SYMBOLS_WITH_VALUE: run_one(options, ['set', symbol, 'value']) run_one(options, ['--force', 'set', symbol, 'value']) + run_one(options, ['unset', symbol]) def main(): """Command line entry point.""" From 518ce0beb3f5cd9f540c77c6bd44f061f33c280e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Sep 2019 20:29:22 +0200 Subject: [PATCH 2011/2197] Compatibility redirect: if python3 is not available, try python --- scripts/config.pl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/config.pl b/scripts/config.pl index 4f6df09fd..ed6727639 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -4,4 +4,6 @@ my $py = $0; $py =~ s/\.pl$/.py/; exec 'python3', $py, @ARGV; print STDERR "$0: python3: $!\n"; +exec 'python', $py, @ARGV; +print STDERR "$0: python: $!\n"; exit 127; From baf15df2517cd5d69537b6add5b565c25257b744 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 13 Sep 2019 15:14:42 +0200 Subject: [PATCH 2012/2197] Compatibility redirect: add copyright notice --- scripts/config.pl | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/scripts/config.pl b/scripts/config.pl index ed6727639..95e31913a 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -1,5 +1,23 @@ #!/usr/bin/env perl # Backward compatibility redirection + +## Copyright (C) 2019, ARM Limited, All Rights Reserved +## SPDX-License-Identifier: Apache-2.0 +## +## Licensed under the Apache License, Version 2.0 (the "License"); you may +## not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## +## This file is part of Mbed TLS (https://tls.mbed.org) + my $py = $0; $py =~ s/\.pl$/.py/; exec 'python3', $py, @ARGV; From 61a90bd32d3af4aa4f61cd125e3d21d73ca69164 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 13 Sep 2019 15:17:01 +0200 Subject: [PATCH 2013/2197] config.py testing: also test the get command --- tests/scripts/test_config_script.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index dd3ecbbdb..87c3d4695 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -147,10 +147,12 @@ def run_all(options): for preset in presets: run_one(options, [preset]) for symbol in TEST_SYMBOLS: + run_one(options, ['get', symbol]) run_one(options, ['set', symbol]) run_one(options, ['--force', 'set', symbol]) run_one(options, ['unset', symbol]) for symbol in TEST_SYMBOLS_WITH_VALUE: + run_one(options, ['get', symbol]) run_one(options, ['set', symbol, 'value']) run_one(options, ['--force', 'set', symbol, 'value']) run_one(options, ['unset', symbol]) From bc86f997caf8ad8fb5e5fab522d7dbc6d2fab4af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 12:18:23 +0200 Subject: [PATCH 2014/2197] Consolidate tests for set with/without values We currently test setting a symbol with a value even if it didn't originally had one and vice versa. So there's no need to have separate lists of symbols to test with. Just test everything we want to test with each symbol. --- tests/scripts/test_config_script.py | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index 87c3d4695..45f15a164 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -125,20 +125,17 @@ def run_one(options, args): with open(status_filename, 'w') as status_file: status_file.write('{}\n'.format(status)) -### A list of symbols to test with set and unset. +### A list of symbols to test with. +### This script currently tests what happens when you change a symbol from +### having a value to not having a value or vice versa. This is not +### necessarily useful behavior, and we may not consider it a bug if +### config.py stops handling that case correctly. TEST_SYMBOLS = [ - 'CUSTOM_OPTION', - 'MBEDTLS_AES_C', - 'MBEDTLS_MPI_MAX_SIZE', - 'MBEDTLS_NO_UDBL_DIVISION', - 'MBEDTLS_PLATFORM_ZEROIZE_ALT', -] - -### A list of symbols to test with set with a value. -TEST_SYMBOLS_WITH_VALUE = [ - 'CUSTOM_VALUE', - 'MBEDTLS_AES_C', - 'MBEDTLS_MPI_MAX_SIZE', + 'CUSTOM_SYMBOL', # does not exist + 'MBEDTLS_AES_C', # set, no value + 'MBEDTLS_MPI_MAX_SIZE', # unset, has a value + 'MBEDTLS_NO_UDBL_DIVISION', # unset, in "System support" + 'MBEDTLS_PLATFORM_ZEROIZE_ALT', # unset, in "Customisation configuration options" ] def run_all(options): @@ -150,9 +147,6 @@ def run_all(options): run_one(options, ['get', symbol]) run_one(options, ['set', symbol]) run_one(options, ['--force', 'set', symbol]) - run_one(options, ['unset', symbol]) - for symbol in TEST_SYMBOLS_WITH_VALUE: - run_one(options, ['get', symbol]) run_one(options, ['set', symbol, 'value']) run_one(options, ['--force', 'set', symbol, 'value']) run_one(options, ['unset', symbol]) From adc82f3535006a91c5ea237a1c0a5807e17d4cd9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Sep 2019 12:19:24 +0200 Subject: [PATCH 2015/2197] Add set+get tests The tests were not covering get for a symbol with a value. No symbol has an uncommented value in the default config.h. (Actually there's _CRT_SECURE_NO_DEPRECATE, but that's a bit of a hack that this script is not expected to handle, so don't use it). Add tests of "get FOO" after "set FOO" and "set FOO value", so that we have coverage for "get FOO" when "FOO" has a value. --- tests/scripts/test_config_script.py | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index 45f15a164..40ed9fd9b 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -96,21 +96,30 @@ def list_presets(options): stderr=subprocess.STDOUT).stdout return guess_presets_from_help(help_text.decode('ascii')) -def run_one(options, args): +def run_one(options, args, stem_prefix='', input_file=None): """Run the config script with the given arguments. - Write the following files: + Take the original content from input_file if specified, defaulting + to options.input_file if input_file is None. + + Write the following files, where xxx contains stem_prefix followed by + a filename-friendly encoding of args: * config-xxx.h: modified file. * config-xxx.out: standard output. * config-xxx.err: standard output. * config-xxx.status: exit code. + + Return ("xxx+", "path/to/config-xxx.h") which can be used as + stem_prefix and input_file to call this function again with new args. """ - stem = '-'.join(args) + if input_file is None: + input_file = options.input_file + stem = stem_prefix + '-'.join(args) data_filename = output_file_name(options.output_directory, stem, 'h') stdout_filename = output_file_name(options.output_directory, stem, 'out') stderr_filename = output_file_name(options.output_directory, stem, 'err') status_filename = output_file_name(options.output_directory, stem, 'status') - shutil.copy(options.input_file, data_filename) + shutil.copy(input_file, data_filename) # Pass only the file basename, not the full path, to avoid getting the # directory name in error messages, which would make comparisons # between output directories more difficult. @@ -124,6 +133,7 @@ def run_one(options, args): stdout=out, stderr=err) with open(status_filename, 'w') as status_file: status_file.write('{}\n'.format(status)) + return stem + "+", data_filename ### A list of symbols to test with. ### This script currently tests what happens when you change a symbol from @@ -145,9 +155,11 @@ def run_all(options): run_one(options, [preset]) for symbol in TEST_SYMBOLS: run_one(options, ['get', symbol]) - run_one(options, ['set', symbol]) + (stem, filename) = run_one(options, ['set', symbol]) + run_one(options, ['get', symbol], stem_prefix=stem, input_file=filename) run_one(options, ['--force', 'set', symbol]) - run_one(options, ['set', symbol, 'value']) + (stem, filename) = run_one(options, ['set', symbol, 'value']) + run_one(options, ['get', symbol], stem_prefix=stem, input_file=filename) run_one(options, ['--force', 'set', symbol, 'value']) run_one(options, ['unset', symbol]) From 24600e82907ad33c69b4754b027c35ccbd1a0d46 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 15 Nov 2019 11:53:42 +0100 Subject: [PATCH 2016/2197] Disable memory_buffer_alloc in the full config Enabling MBEDTLS_MEMORY_BUFFER_ALLOC_C module together with MBEDTLS_PLATFORM_MEMORY causes the library to use its own malloc replacement. This makes memory management analyzers such as ASan largely ineffective. We now test MBEDTLS_MEMORY_BUFFER_ALLOC_C separately. Disable it in the "full" config. This mirrors a change that was made in Mbed TLS on config.pl and had not been ported to Mbed Crypto yet. With this commit, config.py is aligned in Mbed Crypto and Mbed TLS. --- scripts/config.py | 5 +++-- tests/scripts/all.sh | 16 ---------------- 2 files changed, 3 insertions(+), 18 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 8fe98a889..db2661c92 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -169,6 +169,9 @@ def include_in_full(name): 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', 'MBEDTLS_ECP_RESTARTABLE', 'MBEDTLS_HAVE_SSE2', + 'MBEDTLS_MEMORY_BACKTRACE', + 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', + 'MBEDTLS_MEMORY_DEBUG', 'MBEDTLS_NO_64BIT_MULTIPLICATION', 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', 'MBEDTLS_NO_PLATFORM_ENTROPY', @@ -201,8 +204,6 @@ def keep_in_baremetal(name): 'MBEDTLS_HAVEGE_C', 'MBEDTLS_HAVE_TIME', 'MBEDTLS_HAVE_TIME_DATE', - 'MBEDTLS_MEMORY_BACKTRACE', - 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', 'MBEDTLS_PLATFORM_FPRINTF_ALT', 'MBEDTLS_PLATFORM_TIME_ALT', 'MBEDTLS_PSA_CRYPTO_SE_C', diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 051fb060d..2567cc0dd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -679,7 +679,6 @@ component_test_everest () { component_test_psa_collect_statuses () { msg "build+test: psa_collect_statuses" # ~30s scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # slow and irrelevant record_status tests/scripts/psa_collect_statuses.py # Check that psa_crypto_init() succeeded at least once record_status grep -q '^0:psa_crypto_init:' tests/statuses.log @@ -689,7 +688,6 @@ component_test_psa_collect_statuses () { component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . make @@ -703,7 +701,6 @@ component_test_full_cmake_clang () { component_test_full_make_gcc_o0 () { msg "build: make, full config, gcc -O0" # ~ 50s scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests make CC=gcc CFLAGS='-O0' msg "test: main suites (full config, gcc -O0)" # ~ 5s @@ -758,7 +755,6 @@ component_test_no_use_psa_crypto_full_cmake_asan() { # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh msg "build: cmake, full config minus MBEDTLS_USE_PSA_CRYPTO, ASan" scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_ECP_RESTARTABLE # not using PSA, so enable restartable ECC scripts/config.py set MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO @@ -776,7 +772,6 @@ component_test_check_params_functionality () { scripts/config.py full # includes CHECK_PARAMS # Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed(). scripts/config.py unset MBEDTLS_CHECK_PARAMS_ASSERT - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # Only build and run tests. Do not build sample programs, because # they don't have a mbedtls_param_failed() function. make CC=gcc CFLAGS='-Werror -O1' lib test @@ -786,8 +781,6 @@ component_test_check_params_without_platform () { msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C" scripts/config.py full # includes CHECK_PARAMS # Keep MBEDTLS_PARAM_FAILED as assert. - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT @@ -802,7 +795,6 @@ component_test_check_params_without_platform () { component_test_check_params_silent () { msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()" scripts/config.py full # includes CHECK_PARAMS - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests # Set MBEDTLS_PARAM_FAILED to nothing. sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H" make CC=gcc CFLAGS='-Werror -O1' all test @@ -822,7 +814,6 @@ component_test_no_platform () { scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py unset MBEDTLS_FS_IO scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -872,7 +863,6 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" @@ -948,7 +938,6 @@ component_test_se_default () { component_test_se_full () { msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" @@ -1001,9 +990,6 @@ component_test_m32_o1 () { # Build again with -O1, to compile in the i386 specific inline assembly msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.py unset MBEDTLS_MEMORY_DEBUG make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O1" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O1 (ASan build)" @@ -1076,7 +1062,6 @@ component_test_have_int64 () { component_test_no_udbl_division () { msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.py set MBEDTLS_NO_UDBL_DIVISION make CFLAGS='-Werror -O1' @@ -1087,7 +1072,6 @@ component_test_no_udbl_division () { component_test_no_64bit_multiplication () { msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s scripts/config.py full - scripts/config.py unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION make CFLAGS='-Werror -O1' From 02e79a4e4388e26a724173b5ee7b7d098e4aabad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 17:06:06 +0200 Subject: [PATCH 2017/2197] MBEDTLS_CTR_DRBG_USE_128_BIT_KEY: add selftest data In the CTR_DRBG module, add selftest data for when MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled. I generated the test data by running our own code. This is ok because we have other tests that ensure that the algorithm is implemented correctly. This makes programs/self/selftest pass when MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled. --- library/ctr_drbg.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 047bb2a3e..b6fcc0203 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -712,6 +712,15 @@ static const unsigned char nonce_pers_nopr[16] = { 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5, 0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f }; +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) +static const unsigned char result_pr[16] = + { 0x95, 0x3c, 0xa5, 0xbd, 0x44, 0x1, 0x34, 0xb7, + 0x13, 0x58, 0x3e, 0x6a, 0x6c, 0x7e, 0x88, 0x8a }; + +static const unsigned char result_nopr[16] = + { 0x6c, 0x25, 0x27, 0x95, 0xa3, 0x62, 0xd6, 0xdb, + 0x90, 0xfd, 0x69, 0xb5, 0x42, 0x9, 0x4b, 0x84 }; +#else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ static const unsigned char result_pr[16] = { 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f, 0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 }; @@ -719,6 +728,7 @@ static const unsigned char result_pr[16] = static const unsigned char result_nopr[16] = { 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88, 0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f }; +#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ static size_t test_offset; static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, From bbf67b98bb2b8c0245cc6225772498c9fe6471f5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 17:07:30 +0200 Subject: [PATCH 2018/2197] Remove selftest dependency in the test suite The test suites should always run self-tests for all enabled features. Otherwise we miss failing self-tests in CI runs, because we don't always run the selftest program independently. There was one spurious dependency to remove: MBEDTLS_CTR_DRBG_USE_128_BIT_KEY for ctr_drbg, which was broken but has now been fixed. --- tests/suites/test_suite_ctr_drbg.data | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index b50df2ba3..09195f04b 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1097,6 +1097,4 @@ CTR_DRBG Special Behaviours ctr_drbg_special_behaviours: CTR_DRBG self test -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_selftest: - From 80a607171ad14ff02e9340074f259c3fa951cd8b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 17:11:03 +0200 Subject: [PATCH 2019/2197] config.pl full: exclude MBEDTLS_ENTROPY_FORCE_SHA256 This is a variant toggle, not an extra feature, so it should be tested separately. We test most of the effect of MBEDTLS_ENTROPY_FORCE_SHA256 (namely, using SHA-256 in the entropy module) when we test the library with the SHA512 module disabled (which we do at least via depends-hashes.pl). This commit removes testing of the MBEDTLS_ENTROPY_FORCE_SHA256 option itself, which should be added separately. --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index db2661c92..cb0e1c5fe 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -168,6 +168,7 @@ def include_in_full(name): 'MBEDTLS_DEPRECATED_REMOVED', 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', 'MBEDTLS_ECP_RESTARTABLE', + 'MBEDTLS_ENTROPY_FORCE_SHA256', # Variant toggle, tested separately 'MBEDTLS_HAVE_SSE2', 'MBEDTLS_MEMORY_BACKTRACE', 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', From 2ef377d56de6da8ccfe249a88c05d19677a8fbcc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 18:44:21 +0200 Subject: [PATCH 2020/2197] all.sh: support variable seedfile size The size of the seedfile used by the entropy module when MBEDTLS_ENTROPY_NV_SEED is enabled is 32 byte when MBEDTLS_ENTROPY_FORCE_SHA256 is enabled or MBEDTLS_SHA512_C is disabled, and 64 bytes otherwise. A larger seedfile is ok on entry (the code just grabs the first N bytes), but a smaller seedfile is not ok. Therefore, if you run a component with a 32-byte seedfile and then a component with a 64-byte seedfile, the second component fails in the unit tests (up to test_suite_entropy which erases the seedfile and creates a fresh one). This is ok up to now because we only enable MBEDTLS_ENTROPY_NV_SEED together with MBEDTLS_ENTROPY_FORCE_SHA256. But it prevents enabling MBEDTLS_ENTROPY_NV_SEED without MBEDTLS_ENTROPY_FORCE_SHA256. To fix this, unconditionally create a seedfile before each component. --- tests/scripts/all.sh | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2567cc0dd..3b2aef324 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -403,12 +403,6 @@ pre_check_git () { fi } -pre_check_seedfile () { - if [ ! -f "./tests/seedfile" ]; then - dd if=/dev/urandom of=./tests/seedfile bs=32 count=1 - fi -} - pre_setup_keep_going () { failure_summary= failure_count=0 @@ -1272,7 +1266,16 @@ run_component () { cp -p "$CONFIG_H" "$CONFIG_BAK" current_component="$1" export MBEDTLS_TEST_CONFIGURATION="$current_component" + + # Unconditionally create a seedfile that's sufficiently long. + # Do this before each component, because a previous component may + # have messed it up or shortened it. + dd if=/dev/urandom of=./tests/seedfile bs=64 count=1 + + # Run the component code. "$@" + + # Restore the build tree to a clean state. cleanup } @@ -1282,7 +1285,6 @@ pre_initialize_variables pre_parse_command_line "$@" pre_check_git -pre_check_seedfile build_status=0 if [ $KEEP_GOING -eq 1 ]; then From 592f591c0df15ee1fe966f0c7bc2c3dd048912fe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Oct 2019 18:49:32 +0200 Subject: [PATCH 2021/2197] all.sh: test CTR_DRBG_USE_128_BIT_KEY and ENTROPY_FORCE_SHA256 Test MBEDTLS_CTR_DRBG_USE_128_BIT_KEY and MBEDTLS_ENTROPY_FORCE_SHA256 together and separately. --- tests/scripts/all.sh | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3b2aef324..02ca38173 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -920,6 +920,43 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } +component_test_ctr_drbg_aes_256_sha_256 () { + msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.pl set MBEDTLS_ENTROPY_FORCE_SHA256 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" + make test +} + +component_test_ctr_drbg_aes_128_sha_512 () { + msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)" + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.pl set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)" + make test +} + +component_test_ctr_drbg_aes_128_sha_256 () { + msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.pl set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + scripts/config.pl set MBEDTLS_ENTROPY_FORCE_SHA256 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" + make test +} + component_test_se_default () { msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C" scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C From 5a994c15f4a3699abe55507f327c762f177fa3cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 16:46:51 +0100 Subject: [PATCH 2022/2197] More readable code around expression generation FOO(BAR) is an expression, not a name. Pack expression generation into a method. No behavior change. --- tests/scripts/test_psa_constant_names.py | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 724f8d94b..4a32851e4 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -145,6 +145,9 @@ class Inputs: except BaseException as e: raise Exception('distribute_arguments({})'.format(name)) from e + def generate_expressions(self, names): + return itertools.chain(*map(self.distribute_arguments, names)) + _argument_split_re = re.compile(r' *, *') @classmethod def _argument_split(cls, arguments): @@ -252,8 +255,8 @@ def remove_file_if_exists(filename): except OSError: pass -def run_c(options, type_word, names): - """Generate and run a program to print out numerical values for names.""" +def run_c(options, type_word, expressions): + """Generate and run a program to print out numerical values for expressions.""" if type_word == 'status': cast_to = 'long' printf_format = '%ld' @@ -278,9 +281,9 @@ def run_c(options, type_word, names): int main(void) { ''') - for name in names: + for expr in expressions: c_file.write(' printf("{}\\n", ({}) {});\n' - .format(printf_format, cast_to, name)) + .format(printf_format, cast_to, expr)) c_file.write(''' return 0; } ''') @@ -313,14 +316,14 @@ def do_test(options, inputs, type_word, names): Use inputs to figure out what arguments to pass to macros that take arguments. """ - names = sorted(itertools.chain(*map(inputs.distribute_arguments, names))) - values = run_c(options, type_word, names) + expressions = sorted(inputs.generate_expressions(names)) + values = run_c(options, type_word, expressions) output = subprocess.check_output([options.program, type_word] + values) outputs = output.decode('ascii').strip().split('\n') - errors = [(type_word, name, value, output) - for (name, value, output) in zip(names, values, outputs) - if normalize(name) != normalize(output)] - return len(names), errors + errors = [(type_word, expr, value, output) + for (expr, value, output) in zip(expressions, values, outputs) + if normalize(expr) != normalize(output)] + return len(expressions), errors def report_errors(errors): """Describe each case where the output is not as expected.""" From 5a6dc895f227182ab97009967e5e1678f9750555 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 16:48:07 +0100 Subject: [PATCH 2023/2197] Simplify expression normalization No need to split lines, or remove whitespace after removing whitespace. No behavior change. --- tests/scripts/test_psa_constant_names.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 4a32851e4..73b67ca01 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -307,8 +307,7 @@ def normalize(expr): """Normalize the C expression so as not to care about trivial differences. Currently "trivial differences" means whitespace. """ - expr = re.sub(NORMALIZE_STRIP_RE, '', expr, len(expr)) - return expr.strip().split('\n') + return re.sub(NORMALIZE_STRIP_RE, '', expr) def do_test(options, inputs, type_word, names): """Test psa_constant_names for the specified type. From 8f5a5018e89aa15b770bea316aa7c5e527c8996f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 16:49:10 +0100 Subject: [PATCH 2024/2197] Describe options in alphabetical order No behavior change. --- tests/scripts/test_psa_constant_names.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 73b67ca01..785d1a4be 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -354,15 +354,15 @@ def main(): parser.add_argument('--include', '-I', action='append', default=['include'], help='Directory for header files') - parser.add_argument('--program', - default='programs/psa/psa_constant_names', - help='Program to test') parser.add_argument('--keep-c', action='store_true', dest='keep_c', default=False, help='Keep the intermediate C file') parser.add_argument('--no-keep-c', action='store_false', dest='keep_c', help='Don\'t keep the intermediate C file (default)') + parser.add_argument('--program', + default='programs/psa/psa_constant_names', + help='Program to test') options = parser.parse_args() headers = [os.path.join(options.include[0], 'psa', h) for h in ['crypto.h', 'crypto_extra.h', 'crypto_values.h']] From 69f93b5040c593f800bb0d5c80e3fa4bd2e60c2b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 16:49:50 +0100 Subject: [PATCH 2025/2197] Move the names of input files to global variables No behavior change. --- tests/scripts/test_psa_constant_names.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 785d1a4be..6ae393643 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -349,6 +349,9 @@ def run_tests(options, inputs): errors += e return count, errors +HEADERS = ['psa/crypto.h', 'psa/crypto_extra.h', 'psa/crypto_values.h'] +TEST_SUITES = ['tests/suites/test_suite_psa_crypto_metadata.data'] + def main(): parser = argparse.ArgumentParser(description=globals()['__doc__']) parser.add_argument('--include', '-I', @@ -364,10 +367,8 @@ def main(): default='programs/psa/psa_constant_names', help='Program to test') options = parser.parse_args() - headers = [os.path.join(options.include[0], 'psa', h) - for h in ['crypto.h', 'crypto_extra.h', 'crypto_values.h']] - test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] - inputs = gather_inputs(headers, test_suites) + headers = [os.path.join(options.include[0], h) for h in HEADERS] + inputs = gather_inputs(headers, TEST_SUITES) count, errors = run_tests(options, inputs) report_errors(errors) if errors == []: From 4408dfd0fc0e05c9b860957f92d6b13d27e6d9f2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 17:16:21 +0100 Subject: [PATCH 2026/2197] Minor docstring improvements No behavior change. --- tests/scripts/test_psa_constant_names.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 6ae393643..a40a82959 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -61,6 +61,7 @@ class read_file_lines: class Inputs: """Accumulate information about macros to test. + This includes macro names as well as information about their arguments when applicable. """ @@ -101,6 +102,7 @@ class Inputs: def gather_arguments(self): """Populate the list of values for macro arguments. + Call this after parsing all the inputs. """ self.arguments_for['hash_alg'] = sorted(self.hash_algorithms) @@ -118,6 +120,7 @@ class Inputs: def distribute_arguments(self, name): """Generate macro calls with each tested argument set. + If name is a macro without arguments, just yield "name". If name is a macro with arguments, yield a series of "name(arg1,...,argN)" where each argument takes each possible @@ -305,15 +308,21 @@ int main(void) NORMALIZE_STRIP_RE = re.compile(r'\s+') def normalize(expr): """Normalize the C expression so as not to care about trivial differences. + Currently "trivial differences" means whitespace. """ return re.sub(NORMALIZE_STRIP_RE, '', expr) def do_test(options, inputs, type_word, names): """Test psa_constant_names for the specified type. + Run program on names. Use inputs to figure out what arguments to pass to macros that take arguments. + + Return ``(count, errors)`` where ``count`` is the number of expressions + that have been tested and ``errors`` is the list of errors that were + encountered. """ expressions = sorted(inputs.generate_expressions(names)) values = run_c(options, type_word, expressions) @@ -332,6 +341,7 @@ def report_errors(errors): def run_tests(options, inputs): """Run psa_constant_names on all the gathered inputs. + Return a tuple (count, errors) where count is the total number of inputs that were tested and errors is the list of cases where the output was not as expected. From ffe2d6e71b9125d6a45d6d682699caf36efee8a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 17:17:01 +0100 Subject: [PATCH 2027/2197] Move the type_word->name_set mapping into its own method No behavior change. --- tests/scripts/test_psa_constant_names.py | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index a40a82959..a43a3e888 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -100,6 +100,17 @@ class Inputs: 'tag_length': ['1', '63'], } + def get_names(self, type_word): + """Return the set of known names of values of the given type.""" + return { + 'status': self.statuses, + 'algorithm': self.algorithms, + 'ecc_curve': self.ecc_curves, + 'dh_group': self.dh_groups, + 'key_type': self.key_types, + 'key_usage': self.key_usage_flags, + }[type_word] + def gather_arguments(self): """Populate the list of values for macro arguments. @@ -313,7 +324,7 @@ def normalize(expr): """ return re.sub(NORMALIZE_STRIP_RE, '', expr) -def do_test(options, inputs, type_word, names): +def do_test(options, inputs, type_word): """Test psa_constant_names for the specified type. Run program on names. @@ -324,6 +335,7 @@ def do_test(options, inputs, type_word, names): that have been tested and ``errors`` is the list of errors that were encountered. """ + names = inputs.get_names(type_word) expressions = sorted(inputs.generate_expressions(names)) values = run_c(options, type_word, expressions) output = subprocess.check_output([options.program, type_word] + values) @@ -348,13 +360,9 @@ def run_tests(options, inputs): """ count = 0 errors = [] - for type_word, names in [('status', inputs.statuses), - ('algorithm', inputs.algorithms), - ('ecc_curve', inputs.ecc_curves), - ('dh_group', inputs.dh_groups), - ('key_type', inputs.key_types), - ('key_usage', inputs.key_usage_flags)]: - c, e = do_test(options, inputs, type_word, names) + for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group', + 'key_type', 'key_usage']: + c, e = do_test(options, inputs, type_word) count += c errors += e return count, errors From c231711dbc8ed339d37698afe66fce46931cdc18 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 17:17:39 +0100 Subject: [PATCH 2028/2197] Move value collection into its own function No behavior change. --- tests/scripts/test_psa_constant_names.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index a43a3e888..53af0a524 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -324,6 +324,17 @@ def normalize(expr): """ return re.sub(NORMALIZE_STRIP_RE, '', expr) +def collect_values(options, inputs, type_word): + """Generate expressions using known macro names and calculate their values. + + Return a list of pairs of (expr, value) where expr is an expression and + value is a string representation of its integer value. + """ + names = inputs.get_names(type_word) + expressions = sorted(inputs.generate_expressions(names)) + values = run_c(options, type_word, expressions) + return expressions, values + def do_test(options, inputs, type_word): """Test psa_constant_names for the specified type. @@ -335,9 +346,7 @@ def do_test(options, inputs, type_word): that have been tested and ``errors`` is the list of errors that were encountered. """ - names = inputs.get_names(type_word) - expressions = sorted(inputs.generate_expressions(names)) - values = run_c(options, type_word, expressions) + expressions, values = collect_values(options, inputs, type_word) output = subprocess.check_output([options.program, type_word] + values) outputs = output.decode('ascii').strip().split('\n') errors = [(type_word, expr, value, output) From b86b6d32f98a21d85c061d14b1a05254b49c6f96 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 17:26:10 +0100 Subject: [PATCH 2029/2197] Path options that affect run_c as separate arguments No behavior change. --- tests/scripts/test_psa_constant_names.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 53af0a524..e64040802 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -269,8 +269,10 @@ def remove_file_if_exists(filename): except OSError: pass -def run_c(options, type_word, expressions): +def run_c(type_word, expressions, include_path=None, keep_c=False): """Generate and run a program to print out numerical values for expressions.""" + if include_path is None: + include_path = [] if type_word == 'status': cast_to = 'long' printf_format = '%ld' @@ -304,9 +306,9 @@ int main(void) c_file.close() cc = os.getenv('CC', 'cc') subprocess.check_call([cc] + - ['-I' + dir for dir in options.include] + + ['-I' + dir for dir in include_path] + ['-o', exe_name, c_name]) - if options.keep_c: + if keep_c: sys.stderr.write('List of {} tests kept at {}\n' .format(type_word, c_name)) else: @@ -324,7 +326,7 @@ def normalize(expr): """ return re.sub(NORMALIZE_STRIP_RE, '', expr) -def collect_values(options, inputs, type_word): +def collect_values(inputs, type_word, include_path=None, keep_c=False): """Generate expressions using known macro names and calculate their values. Return a list of pairs of (expr, value) where expr is an expression and @@ -332,7 +334,8 @@ def collect_values(options, inputs, type_word): """ names = inputs.get_names(type_word) expressions = sorted(inputs.generate_expressions(names)) - values = run_c(options, type_word, expressions) + values = run_c(type_word, expressions, + include_path=include_path, keep_c=keep_c) return expressions, values def do_test(options, inputs, type_word): @@ -346,7 +349,9 @@ def do_test(options, inputs, type_word): that have been tested and ``errors`` is the list of errors that were encountered. """ - expressions, values = collect_values(options, inputs, type_word) + expressions, values = collect_values(inputs, type_word, + include_path=options.include, + keep_c=options.keep_c) output = subprocess.check_output([options.program, type_word] + values) outputs = output.decode('ascii').strip().split('\n') errors = [(type_word, expr, value, output) From 2460933a6f546c9b50f28fd597adc9c23c9b71a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 17:44:21 +0100 Subject: [PATCH 2030/2197] Move test running and reporting functions into their own class This makes the structure of the code more apparent. No behavior change. --- tests/scripts/test_psa_constant_names.py | 88 ++++++++++++------------ 1 file changed, 45 insertions(+), 43 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index e64040802..e261b4f56 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -338,48 +338,52 @@ def collect_values(inputs, type_word, include_path=None, keep_c=False): include_path=include_path, keep_c=keep_c) return expressions, values -def do_test(options, inputs, type_word): - """Test psa_constant_names for the specified type. +class Tests: + """An object representing tests and their results.""" - Run program on names. - Use inputs to figure out what arguments to pass to macros that - take arguments. + def __init__(self, options): + self.options = options + self.count = 0 + self.errors = [] - Return ``(count, errors)`` where ``count`` is the number of expressions - that have been tested and ``errors`` is the list of errors that were - encountered. - """ - expressions, values = collect_values(inputs, type_word, - include_path=options.include, - keep_c=options.keep_c) - output = subprocess.check_output([options.program, type_word] + values) - outputs = output.decode('ascii').strip().split('\n') - errors = [(type_word, expr, value, output) - for (expr, value, output) in zip(expressions, values, outputs) - if normalize(expr) != normalize(output)] - return len(expressions), errors + def run_one(self, inputs, type_word): + """Test psa_constant_names for the specified type. -def report_errors(errors): - """Describe each case where the output is not as expected.""" - for type_word, name, value, output in errors: - print('For {} "{}", got "{}" (value: {})' - .format(type_word, name, output, value)) + Run the program on the names for this type. + Use the inputs to figure out what arguments to pass to macros that + take arguments. + """ + expressions, values = collect_values(inputs, type_word, + include_path=self.options.include, + keep_c=self.options.keep_c) + output = subprocess.check_output([self.options.program, type_word] + + values) + outputs = output.decode('ascii').strip().split('\n') + self.count += len(expressions) + for expr, value, output in zip(expressions, values, outputs): + if normalize(expr) != normalize(output): + self.errors.append((type_word, expr, value, output)) -def run_tests(options, inputs): - """Run psa_constant_names on all the gathered inputs. + def run_all(self, inputs): + """Run psa_constant_names on all the gathered inputs.""" + for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group', + 'key_type', 'key_usage']: + self.run_one(inputs, type_word) - Return a tuple (count, errors) where count is the total number of inputs - that were tested and errors is the list of cases where the output was - not as expected. - """ - count = 0 - errors = [] - for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group', - 'key_type', 'key_usage']: - c, e = do_test(options, inputs, type_word) - count += c - errors += e - return count, errors + def report(self, out): + """Describe each case where the output is not as expected. + + Write the errors to ``out``. + Also write a total. + """ + for type_word, name, value, output in self.errors: + out.write('For {} "{}", got "{}" (value: {})\n' + .format(type_word, name, output, value)) + out.write('{} test cases'.format(self.count)) + if self.errors: + out.write(', {} FAIL\n'.format(len(self.errors))) + else: + out.write(' PASS\n') HEADERS = ['psa/crypto.h', 'psa/crypto_extra.h', 'psa/crypto_values.h'] TEST_SUITES = ['tests/suites/test_suite_psa_crypto_metadata.data'] @@ -401,12 +405,10 @@ def main(): options = parser.parse_args() headers = [os.path.join(options.include[0], h) for h in HEADERS] inputs = gather_inputs(headers, TEST_SUITES) - count, errors = run_tests(options, inputs) - report_errors(errors) - if errors == []: - print('{} test cases PASS'.format(count)) - else: - print('{} test cases, {} FAIL'.format(count, len(errors))) + tests = Tests(options) + tests.run_all(inputs) + tests.report(sys.stdout) + if tests.errors: exit(1) if __name__ == '__main__': From a5000f1dc65f5cc530c0438284dc6d7df82f59e1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 17:51:11 +0100 Subject: [PATCH 2031/2197] Make a class for error data No behavior change. --- tests/scripts/test_psa_constant_names.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index e261b4f56..5780f25b1 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -8,6 +8,7 @@ or 1 (with a Python backtrace) if there was an operational error. """ import argparse +from collections import namedtuple import itertools import os import platform @@ -341,6 +342,9 @@ def collect_values(inputs, type_word, include_path=None, keep_c=False): class Tests: """An object representing tests and their results.""" + Error = namedtuple('Error', + ['type', 'expression', 'value', 'output']) + def __init__(self, options): self.options = options self.count = 0 @@ -362,7 +366,10 @@ class Tests: self.count += len(expressions) for expr, value, output in zip(expressions, values, outputs): if normalize(expr) != normalize(output): - self.errors.append((type_word, expr, value, output)) + self.errors.append(self.Error(type=type_word, + expression=expr, + value=value, + output=output)) def run_all(self, inputs): """Run psa_constant_names on all the gathered inputs.""" @@ -376,9 +383,10 @@ class Tests: Write the errors to ``out``. Also write a total. """ - for type_word, name, value, output in self.errors: + for error in self.errors: out.write('For {} "{}", got "{}" (value: {})\n' - .format(type_word, name, output, value)) + .format(error.type, error.expression, + error.output, error.value)) out.write('{} test cases'.format(self.count)) if self.errors: out.write(', {} FAIL\n'.format(len(self.errors))) From 84a45817a45004002e7b644dc02345c0c971b39c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 19:50:33 +0100 Subject: [PATCH 2032/2197] Allow gather_inputs to work with a derived Inputs class No behavior change. --- tests/scripts/test_psa_constant_names.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 5780f25b1..ee909cf81 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -251,9 +251,9 @@ class Inputs: if m: self.add_test_case_line(m.group(1), m.group(2)) -def gather_inputs(headers, test_suites): +def gather_inputs(headers, test_suites, inputs_class=Inputs): """Read the list of inputs to test psa_constant_names with.""" - inputs = Inputs() + inputs = inputs_class() for header in headers: inputs.parse_header(header) for test_cases in test_suites: From 8c8694c14de578034c06f3971749e2d3967786cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 19:22:45 +0100 Subject: [PATCH 2033/2197] add_test_case_line: data-driven dispatch No behavior change. --- tests/scripts/test_psa_constant_names.py | 30 ++++++++++++++---------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index ee909cf81..5b86b247d 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -61,6 +61,7 @@ class read_file_lines: from exc_value class Inputs: + # pylint: disable=too-many-instance-attributes """Accumulate information about macros to test. This includes macro names as well as information about their arguments @@ -93,6 +94,16 @@ class Inputs: 'KEY_TYPE': self.key_types, 'KEY_USAGE': self.key_usage_flags, } + # Test functions + self.table_by_test_function = { + 'key_type': self.key_types, + 'ecc_key_types': self.ecc_curves, + 'dh_key_types': self.dh_groups, + 'hash_algorithm': self.hash_algorithms, + 'mac_algorithm': self.mac_algorithms, + 'hmac_algorithm': self.mac_algorithms, + 'aead_algorithm': self.aead_algorithms, + } # macro name -> list of argument names self.argspecs = {} # argument name -> list of values @@ -220,24 +231,17 @@ class Inputs: def add_test_case_line(self, function, argument): """Parse a test case data line, looking for algorithm metadata tests.""" + sets = [] if function.endswith('_algorithm'): # As above, ECDH and FFDH algorithms are excluded for now. # Support for them will be added in the future. if 'ECDH' in argument or 'FFDH' in argument: return - self.algorithms.add(argument) - if function == 'hash_algorithm': - self.hash_algorithms.add(argument) - elif function in ['mac_algorithm', 'hmac_algorithm']: - self.mac_algorithms.add(argument) - elif function == 'aead_algorithm': - self.aead_algorithms.add(argument) - elif function == 'key_type': - self.key_types.add(argument) - elif function == 'ecc_key_types': - self.ecc_curves.add(argument) - elif function == 'dh_key_types': - self.dh_groups.add(argument) + sets.append(self.algorithms) + if function in self.table_by_test_function: + sets.append(self.table_by_test_function[function]) + for s in sets: + s.add(argument) # Regex matching a *.data line containing a test function call and # its arguments. The actual definition is partly positional, but this From 98a710c5b2a3e35f5dbe55d003aadffca655f08f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 18:58:36 +0100 Subject: [PATCH 2034/2197] Fix the collection of ECC curves and DH groups PSA_ECC_CURVE_xxx and PSA_DH_GROUP_xxx were not collected from headers, only from test suites. --- tests/scripts/test_psa_constant_names.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 5b86b247d..af536866c 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -89,8 +89,8 @@ class Inputs: self.table_by_prefix = { 'ERROR': self.statuses, 'ALG': self.algorithms, - 'CURVE': self.ecc_curves, - 'GROUP': self.dh_groups, + 'ECC_CURVE': self.ecc_curves, + 'DH_GROUP': self.dh_groups, 'KEY_TYPE': self.key_types, 'KEY_USAGE': self.key_usage_flags, } @@ -183,7 +183,7 @@ class Inputs: # Groups: 1=macro name, 2=type, 3=argument list (optional). _header_line_re = \ re.compile(r'#define +' + - r'(PSA_((?:KEY_)?[A-Z]+)_\w+)' + + r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' + r'(?:\(([^\n()]*)\))?') # Regex of macro names to exclude. _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') From 2bcfc714d2fcaa502186a307056fceea973a3ee7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 19:49:26 +0100 Subject: [PATCH 2035/2197] Error out if a test case uses an unknown macro name Insist that test cases must only use macro names that are declared in a header. This may catch errors such as not parsing the intended files. Make this check easily overridden in a derived class. --- tests/scripts/test_psa_constant_names.py | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index af536866c..8f393a1ab 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -69,6 +69,7 @@ class Inputs: """ def __init__(self): + self.all_declared = set() # Sets of names per type self.statuses = set(['PSA_SUCCESS']) self.algorithms = set(['0xffffffff']) @@ -213,6 +214,7 @@ class Inputs: if not m: return name = m.group(1) + self.all_declared.add(name) if re.search(self._excluded_name_re, name) or \ name in self._excluded_names: return @@ -229,6 +231,19 @@ class Inputs: for line in lines: self.parse_header_line(line) + _macro_identifier_re = r'[A-Z]\w+' + def generate_undeclared_names(self, expr): + for name in re.findall(self._macro_identifier_re, expr): + if name not in self.all_declared: + yield name + + def accept_test_case_line(self, function, argument): + #pylint: disable=unused-argument + undeclared = list(self.generate_undeclared_names(argument)) + if undeclared: + raise Exception('Undeclared names in test case', undeclared) + return True + def add_test_case_line(self, function, argument): """Parse a test case data line, looking for algorithm metadata tests.""" sets = [] @@ -240,8 +255,9 @@ class Inputs: sets.append(self.algorithms) if function in self.table_by_test_function: sets.append(self.table_by_test_function[function]) - for s in sets: - s.add(argument) + if self.accept_test_case_line(function, argument): + for s in sets: + s.add(argument) # Regex matching a *.data line containing a test function call and # its arguments. The actual definition is partly positional, but this From 79616687383c9ad8afe99d39d835ffd3d6145ea4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 20:08:10 +0100 Subject: [PATCH 2036/2197] Support key agreement Key agreement algorithms were excluded back when they were constructed with a macro conveying the key agreement itself taking the KDF as an argument, because that was hard to support. Now the encoding has changed and key agreement algorithms are constructed with PSA_ALG_KEY_AGREEMENT taking two arguments, one that identifies the raw key agreement and one that identifies the KDF. This is easy to process, so add support. --- tests/scripts/test_psa_constant_names.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 8f393a1ab..6e7bf48b1 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -104,6 +104,8 @@ class Inputs: 'mac_algorithm': self.mac_algorithms, 'hmac_algorithm': self.mac_algorithms, 'aead_algorithm': self.aead_algorithms, + 'key_derivation_algorithm': self.kdf_algorithms, + 'key_agreement_algorithm': self.ka_algorithms, } # macro name -> list of argument names self.argspecs = {} @@ -197,10 +199,6 @@ class Inputs: # Auxiliary macro whose name doesn't fit the usual patterns for # auxiliary macros. 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE', - # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script - # currently doesn't support them. - 'PSA_ALG_ECDH', - 'PSA_ALG_FFDH', # Deprecated aliases. 'PSA_ERROR_UNKNOWN_ERROR', 'PSA_ERROR_OCCUPIED_SLOT', @@ -248,11 +246,13 @@ class Inputs: """Parse a test case data line, looking for algorithm metadata tests.""" sets = [] if function.endswith('_algorithm'): - # As above, ECDH and FFDH algorithms are excluded for now. - # Support for them will be added in the future. - if 'ECDH' in argument or 'FFDH' in argument: - return sets.append(self.algorithms) + if function == 'key_agreement_algorithm' and \ + argument.startswith('PSA_ALG_KEY_AGREEMENT('): + # We only want *raw* key agreement algorithms as such, so + # exclude ones that are already chained with a KDF. + # Keep the expression as one to test as an algorithm. + function = 'other_algorithm' if function in self.table_by_test_function: sets.append(self.table_by_test_function[function]) if self.accept_test_case_line(function, argument): From d2cea9f57c2da5ea4582bc423334dbbb5bcd6d69 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 21 Nov 2019 20:10:13 +0100 Subject: [PATCH 2037/2197] Add some more KDF test cases --- .../test_suite_psa_crypto_metadata.data | 28 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.function | 2 ++ 2 files changed, 30 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index e989895d2..9cdee0353 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -262,6 +262,26 @@ Key derivation: HKDF using SHA-256 depends_on:MBEDTLS_SHA256_C key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF +Key derivation: HKDF using SHA-384 +depends_on:MBEDTLS_SHA512_C +key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_384 ):ALG_IS_HKDF + +Key derivation: TLS 1.2 PRF using SHA-256 +depends_on:MBEDTLS_SHA256_C +key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PRF + +Key derivation: TLS 1.2 PRF using SHA-384 +depends_on:MBEDTLS_SHA512_C +key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PRF + +Key derivation: TLS 1.2 PSK-to-MS using SHA-256 +depends_on:MBEDTLS_SHA256_C +key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PSK_TO_MS + +Key derivation: TLS 1.2 PSK-to-MS using SHA-384 +depends_on:MBEDTLS_SHA512_C +key_derivation_algorithm:PSA_ALG_TLS12_PSK_TO_MS( PSA_ALG_SHA_384 ):ALG_IS_TLS12_PSK_TO_MS + Key agreement: FFDH, raw output depends_on:MBEDTLS_DHM_C key_agreement_algorithm:PSA_ALG_FFDH:ALG_IS_FFDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_FFDH:PSA_ALG_CATEGORY_KEY_DERIVATION @@ -270,6 +290,10 @@ Key agreement: FFDH, HKDF using SHA-256 depends_on:MBEDTLS_DHM_C key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) +Key agreement: FFDH, HKDF using SHA-384 +depends_on:MBEDTLS_DHM_C +key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_FFDH:PSA_ALG_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 ) + Key agreement: ECDH, raw output depends_on:MBEDTLS_ECDH_C key_agreement_algorithm:PSA_ALG_ECDH:ALG_IS_ECDH | ALG_IS_RAW_KEY_AGREEMENT:PSA_ALG_ECDH:PSA_ALG_CATEGORY_KEY_DERIVATION @@ -278,6 +302,10 @@ Key agreement: ECDH, HKDF using SHA-256 depends_on:MBEDTLS_ECDH_C key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 ) +Key agreement: ECDH, HKDF using SHA-384 +depends_on:MBEDTLS_ECDH_C +key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 ) + Key type: raw data key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index a9f1b3938..3a9347e2f 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -37,6 +37,8 @@ #define ALG_IS_WILDCARD ( 1u << 19 ) #define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 20 ) #define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 21 ) +#define ALG_IS_TLS12_PRF ( 1u << 22 ) +#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 23 ) /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that From 8fa1348276fc07a322de309aa79f85b8d5709493 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Nov 2019 17:10:12 +0100 Subject: [PATCH 2038/2197] Enumerate metadata test functions explicitly When gathering test cases from test_suite_psa_crypto_metadata, look up the test function explicitly. This way test_psa_constant_names will error out if we add a new test function that needs coverage here. This change highlights an omission in the previous version: asymmetric_signature_wildcard was silently ignored as a source of algorithm expressions to test. Fix that. --- tests/scripts/test_psa_constant_names.py | 28 ++++++++++++++---------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 6e7bf48b1..89319870d 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -97,15 +97,22 @@ class Inputs: } # Test functions self.table_by_test_function = { - 'key_type': self.key_types, - 'ecc_key_types': self.ecc_curves, - 'dh_key_types': self.dh_groups, - 'hash_algorithm': self.hash_algorithms, - 'mac_algorithm': self.mac_algorithms, - 'hmac_algorithm': self.mac_algorithms, - 'aead_algorithm': self.aead_algorithms, - 'key_derivation_algorithm': self.kdf_algorithms, - 'key_agreement_algorithm': self.ka_algorithms, + # Any function ending in _algorithm also gets added to + # self.algorithms. + 'key_type': [self.key_types], + 'ecc_key_types': [self.ecc_curves], + 'dh_key_types': [self.dh_groups], + 'hash_algorithm': [self.hash_algorithms], + 'mac_algorithm': [self.mac_algorithms], + 'cipher_algorithm': [], + 'hmac_algorithm': [self.mac_algorithms], + 'aead_algorithm': [self.aead_algorithms], + 'key_derivation_algorithm': [self.kdf_algorithms], + 'key_agreement_algorithm': [self.ka_algorithms], + 'asymmetric_signature_algorithm': [], + 'asymmetric_signature_wildcard': [self.algorithms], + 'asymmetric_encryption_algorithm': [], + 'other_algorithm': [], } # macro name -> list of argument names self.argspecs = {} @@ -253,8 +260,7 @@ class Inputs: # exclude ones that are already chained with a KDF. # Keep the expression as one to test as an algorithm. function = 'other_algorithm' - if function in self.table_by_test_function: - sets.append(self.table_by_test_function[function]) + sets += self.table_by_test_function[function] if self.accept_test_case_line(function, argument): for s in sets: s.add(argument) From ae679390a20d8fbd0a32b7b70f4e569d89939c4a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Nov 2019 18:26:23 +0100 Subject: [PATCH 2039/2197] Fix entropy_calls when MBEDTLS_ENTROPY_NV_SEED is enabled --- tests/suites/test_suite_entropy.function | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index d1d88c5fa..1a4fefde3 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -271,7 +271,8 @@ void entropy_threshold( int threshold, int chunk_size, int result ) { TEST_ASSERT( ret == 0 ); #if defined(MBEDTLS_ENTROPY_NV_SEED) - // Two times as much calls due to the NV seed update + /* If the NV seed functionality is enabled, there are two entropy + * updates: before and after updating the NV seed. */ result *= 2; #endif TEST_ASSERT( dummy.calls == (size_t) result ); @@ -317,6 +318,11 @@ void entropy_calls( int strength1, int strength2, if( result >= 0 ) { TEST_ASSERT( ret == 0 ); +#if defined(MBEDTLS_ENTROPY_NV_SEED) + /* If the NV seed functionality is enabled, there are two entropy + * updates: before and after updating the NV seed. */ + result *= 2; +#endif TEST_ASSERT( dummy1.calls == (size_t) result ); } else From cbd91e013c6cd39b05963ac51ef59a70d458c097 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Nov 2019 19:50:54 +0100 Subject: [PATCH 2040/2197] Fix entropy_threshold when MBEDTLS_TEST_NULL_ENTROPY is enabled Don't use the default entropy sources so as not to depend on their characteristics. --- tests/suites/test_suite_entropy.function | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 1a4fefde3..9f10a9043 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -251,18 +251,26 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */ +/* BEGIN_CASE */ void entropy_threshold( int threshold, int chunk_size, int result ) { mbedtls_entropy_context ctx; - entropy_dummy_context dummy = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + entropy_dummy_context strong = + {DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0}; + entropy_dummy_context weak = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; mbedtls_entropy_init( &ctx ); + entropy_clear_sources( &ctx ); + /* Set strong source that reaches its threshold immediately and + * a weak source whose threshold is a test parameter. */ TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy, threshold, + &strong, 1, + MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 ); + TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, + &weak, threshold, MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 ); ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); @@ -275,7 +283,7 @@ void entropy_threshold( int threshold, int chunk_size, int result ) * updates: before and after updating the NV seed. */ result *= 2; #endif - TEST_ASSERT( dummy.calls == (size_t) result ); + TEST_ASSERT( weak.calls == (size_t) result ); } else { From 7a894f214221a1792f584ff56b4e8f0064c08848 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 16:06:46 +0100 Subject: [PATCH 2041/2197] Move backward compatibility aliases to their own header Move backward compatibility aliases to a separate header. Reserve crypto_extra.h for implementation-specific extensions that we intend to keep supporting. This is better documentation for users. New users should simply ignore backward compatibility aliases, and old users can look at crypto_compat.h to see what is deprecated without bothering about new features appearing in crypto_extra.h. This facilitates maintenance because scripts such as generate_psa_constants that want to ignore backward compability aliases can simply exclude crypto_compat.h from their parsing. --- include/psa/crypto_compat.h | 57 ++++++++++++++++++++++++ include/psa/crypto_extra.h | 17 +------ tests/scripts/test_psa_constant_names.py | 6 --- visualc/VS2010/mbedTLS.vcxproj | 1 + 4 files changed, 60 insertions(+), 21 deletions(-) create mode 100644 include/psa/crypto_compat.h diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h new file mode 100644 index 000000000..c6443dff6 --- /dev/null +++ b/include/psa/crypto_compat.h @@ -0,0 +1,57 @@ +/** + * \file psa/crypto_compat.h + * + * \brief PSA cryptography module: Backward compatibility aliases + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + */ +/* + * Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_COMPAT_H +#define PSA_CRYPTO_COMPAT_H + +#include "mbedtls/platform_util.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Deprecated PSA Crypto error code definitions + */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define PSA_ERROR_UNKNOWN_ERROR \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) +#define PSA_ERROR_OCCUPIED_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) +#define PSA_ERROR_EMPTY_SLOT \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) +#define PSA_ERROR_INSUFFICIENT_CAPACITY \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) +#define PSA_ERROR_TAMPERING_DETECTED \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_CORRUPTION_DETECTED ) +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_COMPAT_H */ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index c5313d619..62b4c2ee4 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -32,6 +32,8 @@ #include "mbedtls/platform_util.h" +#include "crypto_compat.h" + #ifdef __cplusplus extern "C" { #endif @@ -39,21 +41,6 @@ extern "C" { /* UID for secure storage seed */ #define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52 -/* - * Deprecated PSA Crypto error code definitions - */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) -#define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) -#define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) -#define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) -#define PSA_ERROR_TAMPERING_DETECTED \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_CORRUPTION_DETECTED ) -#endif /** \addtogroup attributes * @{ diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 89319870d..7553394f9 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -206,12 +206,6 @@ class Inputs: # Auxiliary macro whose name doesn't fit the usual patterns for # auxiliary macros. 'PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH_CASE', - # Deprecated aliases. - 'PSA_ERROR_UNKNOWN_ERROR', - 'PSA_ERROR_OCCUPIED_SLOT', - 'PSA_ERROR_EMPTY_SLOT', - 'PSA_ERROR_INSUFFICIENT_CAPACITY', - 'PSA_ERROR_TAMPERING_DETECTED', ]) def parse_header_line(self, line): """Parse a C header line, looking for "#define PSA_xxx".""" diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 7f71a5ab6..0e40e3577 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -212,6 +212,7 @@ + From 7b0ab6d34a2ec8abf3cfc4bbf1f4f0b9c94bf62f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 16:32:12 +0100 Subject: [PATCH 2042/2197] Simplify support for deprecated constants of various types Generalize MBEDTLS_DEPRECATED_NUMERIC_CONSTANT into macros that can accommodate types other than int. --- include/psa/crypto_compat.h | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index c6443dff6..7eb43cd0f 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -28,27 +28,38 @@ #ifndef PSA_CRYPTO_COMPAT_H #define PSA_CRYPTO_COMPAT_H -#include "mbedtls/platform_util.h" - #ifdef __cplusplus extern "C" { #endif +#if !defined(MBEDTLS_DEPRECATED_REMOVED) + +#if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED) +#define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_PSA_DEPRECATED +#endif + +typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; + +#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ + ( (mbedtls_deprecated_##type) ( value ) ) + /* * Deprecated PSA Crypto error code definitions */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) #define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR ) + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) #define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS ) + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS ) #define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST ) + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST ) #define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA ) + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA ) #define PSA_ERROR_TAMPERING_DETECTED \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_CORRUPTION_DETECTED ) -#endif + MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) + +#endif /* MBEDTLS_DEPRECATED_REMOVED */ #ifdef __cplusplus } From 89d8c5c44708ad9a5c496e8dad7e72b715f078ec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 17:01:59 +0100 Subject: [PATCH 2043/2197] Rename some signature-related identifiers Rename some macros and functions related to signature which are changing as part of the addition of psa_sign_message and psa_verify_message. perl -i -pe '%t = ( PSA_KEY_USAGE_SIGN => PSA_KEY_USAGE_SIGN_HASH, PSA_KEY_USAGE_VERIFY => PSA_KEY_USAGE_VERIFY_HASH, PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE => PSA_SIGNATURE_MAX_SIZE, PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE => PSA_SIGN_OUTPUT_SIZE, psa_asymmetric_sign => psa_sign_hash, psa_asymmetric_verify => psa_verify_hash, ); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files . ':!:**/crypto_compat.h') --- docs/getting_started.md | 18 +-- include/mbedtls/pk.h | 6 +- include/psa/crypto.h | 28 ++-- include/psa/crypto_sizes.h | 12 +- include/psa/crypto_values.h | 14 +- library/pk.c | 2 +- library/pk_wrap.c | 12 +- library/psa_crypto.c | 36 ++--- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_psa_crypto.data | 86 +++++------ tests/suites/test_suite_psa_crypto.function | 137 +++++++++--------- ...st_suite_psa_crypto_se_driver_hal.function | 81 +++++------ ...te_psa_crypto_se_driver_hal_mocks.function | 18 +-- ...test_suite_psa_crypto_slot_management.data | 12 +- 14 files changed, 230 insertions(+), 234 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index 9938909f2..aff687bf3 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -119,8 +119,8 @@ Mbed Crypto supports encrypting, decrypting, signing and verifying messages usin **Prerequisites to performing asymmetric signature operations:** * Initialize the library with a successful call to `psa_crypto_init()`. * Have a valid key with appropriate attributes set: - * Usage flag `PSA_KEY_USAGE_SIGN` to allow signing. - * Usage flag `PSA_KEY_USAGE_VERIFY` to allow signature verification. + * Usage flag `PSA_KEY_USAGE_SIGN_HASH` to allow signing. + * Usage flag `PSA_KEY_USAGE_VERIFY_HASH` to allow signature verification. * Algorithm set to the desired signature algorithm. This example shows how to sign a hash that has already been calculated: @@ -133,7 +133,7 @@ void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; - uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; psa_key_handle_t handle; @@ -148,7 +148,7 @@ void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) } /* Set key attributes */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_SIGN_RAW); psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); psa_set_key_bits(&attributes, 1024); @@ -161,10 +161,10 @@ void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) } /* Sign message using the key */ - status = psa_asymmetric_sign(handle, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, - hash, sizeof(hash), - signature, sizeof(signature), - &signature_length); + status = psa_sign_hash(handle, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, + hash, sizeof(hash), + signature, sizeof(signature), + &signature_length); if (status != PSA_SUCCESS) { printf("Failed to sign\n"); return; @@ -861,7 +861,7 @@ Mbed Crypto provides a simple way to generate a key or key pair. } /* Generate a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)); psa_set_key_type(&attributes, diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 634356334..99e7a55a1 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -134,11 +134,11 @@ typedef struct mbedtls_pk_rsassa_pss_options #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) -#if PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE -/* PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE is the maximum size of a signature made +#if PSA_SIGNATURE_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE +/* PSA_SIGNATURE_MAX_SIZE is the maximum size of a signature made * through the PSA API in the PSA representation. */ #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE -#define MBEDTLS_PK_SIGNATURE_MAX_SIZE PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE PSA_SIGNATURE_MAX_SIZE #endif #if PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 > MBEDTLS_PK_SIGNATURE_MAX_SIZE diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 7291c3e57..9c610838e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2879,7 +2879,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling - * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p handle. * \retval #PSA_ERROR_NOT_SUPPORTED @@ -2895,13 +2895,13 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length); +psa_status_t psa_sign_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); /** * \brief Verify the signature a hash or short message using a public key. @@ -2941,12 +2941,12 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_asymmetric_verify(psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length); +psa_status_t psa_verify_hash(psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length); /** * \brief Encrypt a short message with a public key. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 33322472a..e7aef5580 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -411,7 +411,7 @@ #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ (PSA_BITS_TO_BYTES(curve_bits) * 2) -/** Sufficient signature buffer size for psa_asymmetric_sign(). +/** Sufficient signature buffer size for psa_sign_hash(). * * This macro returns a sufficient buffer size for a signature using a key * of the specified type and size, with the specified algorithm. @@ -429,7 +429,7 @@ * * \return If the parameters are valid and supported, return * a buffer size in bytes that guarantees that - * psa_asymmetric_sign() will not fail with + * psa_sign_hash() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported * by the implementation, this macro shall return either a @@ -437,7 +437,7 @@ * If the parameters are not valid, the * return value is unspecified. */ -#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ +#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ ((void)alg, 0)) @@ -445,7 +445,7 @@ #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) -/** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE +/** \def PSA_SIGNATURE_MAX_SIZE * * Maximum size of an asymmetric signature. * @@ -453,7 +453,7 @@ * should be the maximum size of a signature supported by the implementation, * in bytes, and must be no smaller than this maximum. */ -#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ +#define PSA_SIGNATURE_MAX_SIZE \ (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) @@ -682,7 +682,7 @@ * * \return If the parameters are valid and supported, return * a buffer size in bytes that guarantees that - * psa_asymmetric_sign() will not fail with + * psa_sign_hash() will not fail with * #PSA_ERROR_BUFFER_TOO_SMALL. * If the parameters are a valid combination that is not supported * by the implementation, this macro shall return either a diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 1e0c2136a..a18def58b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -766,17 +766,17 @@ * Then you may create and use a key as follows: * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: * ``` - * psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN); // or VERIFY + * psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); // or VERIFY * psa_set_key_algorithm(&attributes, PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); * ``` * - Import or generate key material. - * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing + * - Call psa_sign_hash() or psa_verify_hash(), passing * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each * call to sign or verify a message may use a different hash. * ``` - * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); - * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); - * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); * ``` * * This value may not be used to build other algorithms that are @@ -1640,7 +1640,7 @@ * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00000400) /** Whether the key may be used to verify a message signature. * @@ -1650,7 +1650,7 @@ * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800) +#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00000800) /** Whether the key may be used to derive other keys. */ diff --git a/library/pk.c b/library/pk.c index e93ccfdab..da92e2a7f 100644 --- a/library/pk.c +++ b/library/pk.c @@ -621,7 +621,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, /* prepare the key attributes */ psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); /* import private key into PSA */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 702c3bbb4..6fc981c75 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -578,7 +578,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, psa_sig_md = PSA_ALG_ECDSA( psa_md ); psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, psa_sig_md ); status = psa_import_key( &attributes, @@ -605,9 +605,9 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, goto cleanup; } - if( psa_asymmetric_verify( key_handle, psa_sig_md, - hash, hash_len, - buf, 2 * signature_part_size ) + if( psa_verify_hash( key_handle, psa_sig_md, + hash, hash_len, + buf, 2 * signature_part_size ) != PSA_SUCCESS ) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; @@ -1023,8 +1023,8 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); /* make the signature */ - status = psa_asymmetric_sign( *key, alg, hash, hash_len, - sig, buf_len, sig_len ); + status = psa_sign_hash( *key, alg, hash, hash_len, + sig, buf_len, sig_len ); if( status != PSA_SUCCESS ) return( mbedtls_psa_err_translate_pk( status ) ); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e4d4924a9..25aff019a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1462,8 +1462,8 @@ static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_SIGN | - PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE ) ) != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -2726,7 +2726,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_key_slot_t *slot; size_t key_bits; psa_key_usage_t usage = - is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY; + is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH; uint8_t truncated = PSA_MAC_TRUNCATED_LENGTH( alg ); psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg ); @@ -3310,13 +3310,13 @@ cleanup: } #endif /* MBEDTLS_ECDSA_C */ -psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +psa_status_t psa_sign_hash( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) { psa_key_slot_t *slot; psa_status_t status; @@ -3333,7 +3333,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle, if( signature_size == 0 ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN_HASH, alg ); if( status != PSA_SUCCESS ) goto exit; if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) @@ -3414,12 +3414,12 @@ exit: return( status ); } -psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +psa_status_t psa_verify_hash( psa_key_handle_t handle, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ) { psa_key_slot_t *slot; psa_status_t status; @@ -3428,7 +3428,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle, psa_drv_se_context_t *drv_context; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg ); + status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY_HASH, alg ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index ccf173632..926cec425 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -106,7 +106,7 @@ psa_key_handle_t pk_psa_genkey( void ) const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve); const size_t bits = 256; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, bits ); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3bd373850..e0bedf762 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -234,7 +234,7 @@ import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ PSA import/export HMAC key: policy forbids export depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -242,7 +242,7 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24 PSA import/export RSA keypair: policy forbids export (sign) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1 +import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. @@ -350,27 +350,27 @@ key_attributes_init: PSA key policy: MAC, sign | verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, wrong algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224) +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224) PSA key policy: MAC, alg=0 in policy depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, ANY_HASH in policy is not meaningful depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, sign but not verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) +mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, verify but not sign depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -mac_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) +mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, neither sign nor verify depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -458,43 +458,43 @@ asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_K PSA key policy: asymmetric signature, sign | verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, wrong algorithm family depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, wrong hash algorithm depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, alg=0 in policy depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, sign but not verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, verify but not sign depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, neither sign nor verify depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -566,7 +566,7 @@ key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAG PSA key policy algorithm2: ECDH, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C -key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY +key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY Copy key: raw, 1 byte copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 @@ -605,55 +605,55 @@ copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:P Copy key: RSA key pair, same usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy fail: raw data, no COPY flag copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED @@ -690,11 +690,11 @@ copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4 Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: @@ -2217,7 +2217,7 @@ derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) +derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR @@ -2241,7 +2241,7 @@ derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C -derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256) +derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C @@ -2463,15 +2463,15 @@ generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 @@ -2500,11 +2500,11 @@ generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USA PSA generate key: ECC, SECP256R1, good depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT PSA generate key: RSA, default e generate_key_rsa:512:"":PSA_SUCCESS @@ -2554,11 +2554,11 @@ persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT PSA generate persistent key: RSA, 1024 bits, exportable depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY PSA generate persistent key: ECC, SECP256R1, exportable depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY PSA derive persistent key: HKDF SHA-256, exportable depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f3f79abcf..3ce8df82d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -222,7 +222,7 @@ int exercise_mac_setup( psa_key_type_t key_type, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, @@ -291,7 +291,7 @@ static int exercise_mac_key( psa_key_handle_t handle, unsigned char mac[PSA_MAC_MAX_SIZE] = {0}; size_t mac_length = sizeof( mac ); - if( usage & PSA_KEY_USAGE_SIGN ) + if( usage & PSA_KEY_USAGE_SIGN_HASH ) { PSA_ASSERT( psa_mac_sign_setup( &operation, handle, alg ) ); @@ -302,10 +302,10 @@ static int exercise_mac_key( psa_key_handle_t handle, &mac_length ) ); } - if( usage & PSA_KEY_USAGE_VERIFY ) + if( usage & PSA_KEY_USAGE_VERIFY_HASH ) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN ? + ( usage & PSA_KEY_USAGE_SIGN_HASH ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); PSA_ASSERT( psa_mac_verify_setup( &operation, @@ -445,7 +445,7 @@ static int exercise_signature_key( psa_key_handle_t handle, { unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; size_t payload_length = 16; - unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length = sizeof( signature ); psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); @@ -461,28 +461,28 @@ static int exercise_signature_key( psa_key_handle_t handle, #endif } - if( usage & PSA_KEY_USAGE_SIGN ) + if( usage & PSA_KEY_USAGE_SIGN_HASH ) { /* Some algorithms require the payload to have the size of * the hash encoded in the algorithm. Use this input size * even for algorithms that allow other input sizes. */ if( hash_alg != 0 ) payload_length = PSA_HASH_SIZE( hash_alg ); - PSA_ASSERT( psa_asymmetric_sign( handle, alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ) ); + PSA_ASSERT( psa_sign_hash( handle, alg, + payload, payload_length, + signature, sizeof( signature ), + &signature_length ) ); } - if( usage & PSA_KEY_USAGE_VERIFY ) + if( usage & PSA_KEY_USAGE_VERIFY_HASH ) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN ? + ( usage & PSA_KEY_USAGE_SIGN_HASH ? PSA_SUCCESS : PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_asymmetric_verify( handle, alg, - payload, payload_length, - signature, signature_length ), + TEST_EQUAL( psa_verify_hash( handle, alg, + payload, payload_length, + signature, signature_length ), verify_status ); } @@ -1061,8 +1061,8 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type, if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ) { return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY : - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + PSA_KEY_USAGE_VERIFY_HASH : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); } else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) @@ -1725,7 +1725,7 @@ void mac_key_policy( int policy_usage, status = psa_mac_sign_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) + ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) PSA_ASSERT( status ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -1734,7 +1734,7 @@ void mac_key_policy( int policy_usage, memset( mac, 0, sizeof( mac ) ); status = psa_mac_verify_setup( &operation, handle, exercise_alg ); if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) PSA_ASSERT( status ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -1930,7 +1930,7 @@ void asymmetric_signature_key_policy( int policy_usage, * `exercise_alg` is supposed to be forbidden by the policy. */ int compatible_alg = payload_length_arg > 0; size_t payload_length = compatible_alg ? payload_length_arg : 0; - unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; size_t signature_length; PSA_ASSERT( psa_crypto_init( ) ); @@ -1942,20 +1942,20 @@ void asymmetric_signature_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - status = psa_asymmetric_sign( handle, exercise_alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ); - if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 ) + status = psa_sign_hash( handle, exercise_alg, + payload, payload_length, + signature, sizeof( signature ), + &signature_length ); + if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) PSA_ASSERT( status ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); memset( signature, 0, sizeof( signature ) ); - status = psa_asymmetric_verify( handle, exercise_alg, - payload, payload_length, - signature, sizeof( signature ) ); - if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) + status = psa_verify_hash( handle, exercise_alg, + payload, payload_length, + signature, sizeof( signature ) ); + if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); else TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); @@ -2640,7 +2640,7 @@ void mac_bad_order( ) 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 }; PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); @@ -2768,7 +2768,7 @@ void mac_sign( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); @@ -2814,7 +2814,7 @@ void mac_verify( int key_type_arg, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); @@ -3700,7 +3700,7 @@ void signature_size( int type_arg, { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; - size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ); + size_t actual_size = PSA_SIGN_OUTPUT_SIZE( type, bits, alg ); TEST_EQUAL( actual_size, (size_t) expected_size_arg ); exit: ; @@ -3723,7 +3723,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); @@ -3734,17 +3734,17 @@ void sign_deterministic( int key_type_arg, data_t *key_data, /* Allocate a buffer which has the size advertized by the * library. */ - signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, + signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); + TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - PSA_ASSERT( psa_asymmetric_sign( handle, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT( psa_sign_hash( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); /* Verify that the signature is what is expected. */ ASSERT_COMPARE( output_data->x, output_data->len, signature, signature_length ); @@ -3776,17 +3776,17 @@ void sign_fail( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - actual_status = psa_asymmetric_sign( handle, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ); + actual_status = psa_sign_hash( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ); TEST_EQUAL( actual_status, expected_status ); /* The value of *signature_length is unspecified on error, but * whatever it is, it should be less than signature_size, so that @@ -3817,7 +3817,7 @@ void sign_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); @@ -3828,26 +3828,25 @@ void sign_verify( int key_type_arg, data_t *key_data, /* Allocate a buffer which has the size advertized by the * library. */ - signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, + signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); + TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ - PSA_ASSERT( psa_asymmetric_sign( handle, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT( psa_sign_hash( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); /* Check that the signature length looks sensible. */ TEST_ASSERT( signature_length <= signature_size ); TEST_ASSERT( signature_length > 0 ); /* Use the library to verify that the signature is correct. */ - PSA_ASSERT( psa_asymmetric_verify( - handle, alg, - input_data->x, input_data->len, - signature, signature_length ) ); + PSA_ASSERT( psa_verify_hash( handle, alg, + input_data->x, input_data->len, + signature, signature_length ) ); if( input_data->len != 0 ) { @@ -3855,9 +3854,9 @@ void sign_verify( int key_type_arg, data_t *key_data, * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_asymmetric_verify( handle, alg, - input_data->x, input_data->len, - signature, signature_length ), + TEST_EQUAL( psa_verify_hash( handle, alg, + input_data->x, input_data->len, + signature, signature_length ), PSA_ERROR_INVALID_SIGNATURE ); } @@ -3879,21 +3878,20 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); + TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE ); PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - PSA_ASSERT( psa_asymmetric_verify( handle, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ) ); + PSA_ASSERT( psa_verify_hash( handle, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len ) ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); @@ -3916,17 +3914,16 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - actual_status = psa_asymmetric_verify( handle, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ); + actual_status = psa_verify_hash( handle, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len ); TEST_EQUAL( actual_status, expected_status ); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index e06ef1791..8288234f6 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -421,17 +421,16 @@ static psa_status_t ram_sign( psa_drv_se_context_t *context, DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); slot = &ram_slots[slot_number]; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, slot->type ); DRIVER_ASSERT( psa_import_key( &attributes, slot->content, PSA_BITS_TO_BYTES( slot->bits ), &handle ) == PSA_SUCCESS ); - status = psa_asymmetric_sign( handle, alg, - hash, hash_length, - signature, signature_size, - signature_length ); + status = psa_sign_hash( handle, alg, + hash, hash_length, + signature, signature_size, signature_length ); exit: psa_destroy_key( handle ); @@ -455,7 +454,7 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); slot = &ram_slots[slot_number]; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, slot->type ); DRIVER_ASSERT( psa_import_key( &attributes, @@ -463,9 +462,9 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, PSA_BITS_TO_BYTES( slot->bits ), &handle ) == PSA_SUCCESS ); - status = psa_asymmetric_verify( handle, alg, - hash, hash_length, - signature, signature_length ); + status = psa_verify_hash( handle, alg, + hash, hash_length, + signature, signature_length ); exit: psa_destroy_key( handle ); @@ -651,12 +650,12 @@ static int smoke_test_key( psa_key_handle_t handle ) buffer, sizeof( buffer), buffer, sizeof( buffer), &length ) ); - SMOKE_ASSERT( psa_asymmetric_sign( handle, PSA_ALG_ECDSA_ANY, - buffer, 32, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_asymmetric_verify( handle, PSA_ALG_ECDSA_ANY, - buffer, 32, - buffer, sizeof( buffer ) ) ); + SMOKE_ASSERT( psa_sign_hash( handle, PSA_ALG_ECDSA_ANY, + buffer, 32, + buffer, sizeof( buffer ), &length ) ); + SMOKE_ASSERT( psa_verify_hash( handle, PSA_ALG_ECDSA_ANY, + buffer, 32, + buffer, sizeof( buffer ) ) ); SMOKE_ASSERT( psa_asymmetric_encrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT, buffer, 10, NULL, 0, @@ -998,7 +997,7 @@ void import_key_smoke( int type_arg, int alg_arg, psa_set_key_id( &attributes, id ); psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, alg ); @@ -1107,7 +1106,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_set_key_id( &attributes, id ); psa_set_key_lifetime( &attributes, lifetime ); psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( &attributes, alg ); @@ -1171,7 +1170,7 @@ void sign_verify( int flow, psa_key_handle_t sw_handle = 0; /* transparent key */ psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t drv_attributes; - uint8_t signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE]; + uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; size_t signature_length; memset( &driver, 0, sizeof( driver ) ); @@ -1210,7 +1209,7 @@ void sign_verify( int flow, /* Prepare to create two keys with the same key material: a transparent * key, and one that goes through the driver. */ psa_set_key_usage_flags( &sw_attributes, - PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ); + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &sw_attributes, alg ); psa_set_key_type( &sw_attributes, type ); drv_attributes = sw_attributes; @@ -1269,42 +1268,42 @@ void sign_verify( int flow, case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: PSA_ASSERT_VIA_DRIVER( - psa_asymmetric_sign( drv_handle, - alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ), + psa_sign_hash( drv_handle, + alg, + input->x, input->len, + signature, sizeof( signature ), + &signature_length ), PSA_SUCCESS ); break; case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: - PSA_ASSERT( psa_asymmetric_sign( sw_handle, - alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ) ); + PSA_ASSERT( psa_sign_hash( sw_handle, + alg, + input->x, input->len, + signature, sizeof( signature ), + &signature_length ) ); break; } /* Verify with both keys. */ - PSA_ASSERT( psa_asymmetric_verify( sw_handle, alg, - input->x, input->len, - signature, signature_length ) ); + PSA_ASSERT( psa_verify_hash( sw_handle, alg, + input->x, input->len, + signature, signature_length ) ); PSA_ASSERT_VIA_DRIVER( - psa_asymmetric_verify( drv_handle, alg, - input->x, input->len, - signature, signature_length ), + psa_verify_hash( drv_handle, alg, + input->x, input->len, + signature, signature_length ), PSA_SUCCESS ); /* Change the signature and verify again. */ signature[0] ^= 1; - TEST_EQUAL( psa_asymmetric_verify( sw_handle, alg, - input->x, input->len, - signature, signature_length ), + TEST_EQUAL( psa_verify_hash( sw_handle, alg, + input->x, input->len, + signature, signature_length ), PSA_ERROR_INVALID_SIGNATURE ); PSA_ASSERT_VIA_DRIVER( - psa_asymmetric_verify( drv_handle, alg, - input->x, input->len, - signature, signature_length ), + psa_verify_hash( drv_handle, alg, + input->x, input->len, + signature, signature_length ), PSA_ERROR_INVALID_SIGNATURE ); exit: diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 7088a5226..9f17b84f1 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -564,7 +564,7 @@ void mock_sign( int mock_sign_return_value, int expected_result ) psa_set_key_id( &attributes, id ); psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, algorithm ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR ); @@ -572,10 +572,10 @@ void mock_sign( int mock_sign_return_value, int expected_result ) key_material, sizeof( key_material ), &handle ) ); - TEST_ASSERT( psa_asymmetric_sign( handle, algorithm, - hash, sizeof( hash ), - signature, sizeof( signature ), - &signature_length) + TEST_ASSERT( psa_sign_hash( handle, algorithm, + hash, sizeof( hash ), + signature, sizeof( signature ), + &signature_length) == expected_result ); TEST_ASSERT( mock_sign_data.called == 1 ); @@ -623,7 +623,7 @@ void mock_verify( int mock_verify_return_value, int expected_result ) psa_set_key_id( &attributes, id ); psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); psa_set_key_algorithm( &attributes, algorithm ); psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); @@ -631,9 +631,9 @@ void mock_verify( int mock_verify_return_value, int expected_result ) key_material, sizeof( key_material ), &handle ) ); - TEST_ASSERT( psa_asymmetric_verify( handle, algorithm, - hash, sizeof( hash ), - signature, sizeof( signature ) ) + TEST_ASSERT( psa_verify_hash( handle, algorithm, + hash, sizeof( hash ), + signature, sizeof( signature ) ) == expected_result ); TEST_ASSERT( mock_verify_data.called == 1 ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 803917dbe..ba69cab1d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -39,27 +39,27 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0: Persistent slot: ECP keypair (ECDSA, exportable), close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE Persistent slot: ECP keypair (ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable), restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE From 4151094a52090d8d68188582f36b85f533af4cef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 16:10:58 +0100 Subject: [PATCH 2044/2197] Add backward compatibility aliases for signature-related identifiers Define deprecated aliases for identifiers that are being renamed. --- include/psa/crypto_compat.h | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 7eb43cd0f..6160d8a32 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -40,7 +40,9 @@ extern "C" { #define MBEDTLS_PSA_DEPRECATED #endif +typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t; typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; +typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t; #define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ ( (mbedtls_deprecated_##type) ( value ) ) @@ -59,6 +61,38 @@ typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; #define PSA_ERROR_TAMPERING_DETECTED \ MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) +/* + * Deprecated PSA Crypto numerical encodings + */ +#define PSA_KEY_USAGE_SIGN \ + MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) +#define PSA_KEY_USAGE_VERIFY \ + MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) + +/* + * Deprecated PSA Crypto size calculation macros + */ +#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) + +/* + * Deprecated PSA Crypto function names + */ +/* Make these macros and not wrappers so that there is no cost to + * applications that don't use the deprecated names. + * + * Put backslash-newline after "#define" to bypass check-names.sh which + * would otherwise complain about lowercase macro names. + */ +#define \ + psa_asymmetric_sign( key, alg, hash, hash_length, signature, signature_size, signature_length ) \ + ( (mbedtls_deprecated_psa_status_t) psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length ) ) +#define \ + psa_asymmetric_verify( key, alg, hash, hash_length, signature, signature_length ) \ + ( (mbedtls_deprecated_psa_status_t) psa_verify_hash( key, alg, hash, hash_length, signature, signature_length ) ) + #endif /* MBEDTLS_DEPRECATED_REMOVED */ #ifdef __cplusplus From 1a96049e30fdae3c8f51ca1b1d78f7d2f3e94f1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 17:12:21 +0100 Subject: [PATCH 2045/2197] Make the key_policy test function more flexible --- tests/suites/test_suite_psa_crypto.data | 13 +++++++++++-- tests/suites/test_suite_psa_crypto.function | 14 ++++++++------ 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e0bedf762..436ed7c31 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -342,8 +342,17 @@ PSA import RSA public key: maximum size exceeded depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED -PSA key policy set and get -key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING +PSA key policy: AES +depends_on:MBEDTLS_AES_C +check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING + +PSA key policy: ECC SECP256R1, sign +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY + +PSA key policy: ECC SECP256R1, sign+verify +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY Key attributes initializers zero properly key_attributes_init: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 3ce8df82d..d62d3c198 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1635,27 +1635,29 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void key_policy( int usage_arg, int alg_arg ) +void check_key_policy( int type_arg, int bits_arg, + int usage_arg, int alg_arg ) { psa_key_handle_t handle = 0; + psa_key_type_t key_type = type_arg; + size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; psa_key_usage_t usage = usage_arg; - psa_key_type_t key_type = PSA_KEY_TYPE_AES; - unsigned char key[32] = {0}; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - memset( key, 0x2a, sizeof( key ) ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, usage ); psa_set_key_algorithm( &attributes, alg ); psa_set_key_type( &attributes, key_type ); + psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) ); + PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); + psa_reset_key_attributes( &attributes ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); TEST_EQUAL( psa_get_key_type( &attributes ), key_type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage ); TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); From 841b14be02dd49915388c64b9987b4f894f075ef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 17:37:37 +0100 Subject: [PATCH 2046/2197] Add tests of deprecated PSA macros When MBEDTLS_TEST_DEPRECATED is defined, run some additional tests to validate deprecated PSA macros. We don't need to test deprecated features extensively, but we should at least ensure that they don't break the build. Add some code to component_build_deprecated in all.sh to run these tests with MBEDTLS_DEPRECATED_WARNING enabled. The tests are also executed when MBEDTLS_DEPRECATED_WARNING and MBEDTLS_DEPRECATED_REMOVED are both disabled. --- tests/scripts/all.sh | 4 ++++ tests/suites/main_test.function | 4 ++++ tests/suites/test_suite_psa_crypto.function | 18 ++++++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2567cc0dd..d9e9c82a4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -715,6 +715,10 @@ component_build_deprecated () { make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests + msg "test: make, full config + DEPRECATED_WARNING, expect warnings" # ~ 30s + make -C tests clean + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -DMBEDTLS_TEST_DEPRECATED' tests + msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s # No cleanup, just tweak the configuration and rebuild make clean diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 5d15f2bbe..6ddfc5927 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -29,6 +29,10 @@ #include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) && !defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_TEST_DEPRECATED +#endif + /*----------------------------------------------------------------------------*/ /* Common helper code */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index d62d3c198..5236b4e2b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1164,6 +1164,18 @@ void static_checks( ) * encoding. The shifted mask is the maximum truncated value. The * untruncated algorithm may be one byte larger. */ TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size ); + +#if defined(MBEDTLS_TEST_DEPRECATED) + /* Check deprecated constants. */ + TEST_EQUAL( PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR ); + TEST_EQUAL( PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS ); + TEST_EQUAL( PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL( PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL( PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED ); + TEST_EQUAL( PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH ); + TEST_EQUAL( PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH ); + TEST_EQUAL( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE ); +#endif /* MBEDTLS_TEST_DEPRECATED */ } /* END_CASE */ @@ -3703,7 +3715,13 @@ void signature_size( int type_arg, psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; size_t actual_size = PSA_SIGN_OUTPUT_SIZE( type, bits, alg ); + TEST_EQUAL( actual_size, (size_t) expected_size_arg ); +#if defined(MBEDTLS_TEST_DEPRECATED) + TEST_EQUAL( actual_size, + PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ) ); +#endif /* MBEDTLS_TEST_DEPRECATED */ + exit: ; } From 0627f98779c2ffe01d4db5eee88055272a8c2474 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 19:12:16 +0100 Subject: [PATCH 2047/2197] Add tests of deprecated PSA functions Test psa_asymmetric_sign and psa_asymmetric_verify. --- tests/suites/test_suite_psa_crypto.function | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5236b4e2b..196cc794b 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3769,6 +3769,15 @@ void sign_deterministic( int key_type_arg, data_t *key_data, ASSERT_COMPARE( output_data->x, output_data->len, signature, signature_length ); +#if defined(MBEDTLS_TEST_DEPRECATED) + PSA_ASSERT( psa_asymmetric_sign( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); + ASSERT_COMPARE( output_data->x, output_data->len, + signature, signature_length ); +#endif /* MBEDTLS_TEST_DEPRECATED */ + exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); @@ -3912,6 +3921,15 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_verify_hash( handle, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ) ); + +#if defined(MBEDTLS_TEST_DEPRECATED) + PSA_ASSERT( psa_asymmetric_verify( handle, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len ) ); + +#endif /* MBEDTLS_TEST_DEPRECATED */ + exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); From 06c28890c9d27561bb75390d9fc759bc6c7aede1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Nov 2019 18:07:46 +0100 Subject: [PATCH 2048/2197] Add test function for effective key attributes We're going to create some edge cases where the attributes of a key are not bitwise identical to the attributes passed during creation. Have a test function ready for that. --- tests/suites/test_suite_psa_crypto.function | 28 ++++++++++++++++----- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 196cc794b..543fe89e2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1647,14 +1647,20 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void check_key_policy( int type_arg, int bits_arg, - int usage_arg, int alg_arg ) +void effective_key_attributes( int type_arg, int expected_type_arg, + int bits_arg, int expected_bits_arg, + int usage_arg, int expected_usage_arg, + int alg_arg, int expected_alg_arg ) { psa_key_handle_t handle = 0; psa_key_type_t key_type = type_arg; + psa_key_type_t expected_key_type = expected_type_arg; size_t bits = bits_arg; + size_t expected_bits = expected_bits_arg; psa_algorithm_t alg = alg_arg; + psa_algorithm_t expected_alg = expected_alg_arg; psa_key_usage_t usage = usage_arg; + psa_key_usage_t expected_usage = expected_usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -1668,10 +1674,10 @@ void check_key_policy( int type_arg, int bits_arg, psa_reset_key_attributes( &attributes ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + TEST_EQUAL( psa_get_key_type( &attributes ), expected_key_type ); + TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); + TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg ); exit: psa_destroy_key( handle ); @@ -1680,6 +1686,16 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void check_key_policy( int type_arg, int bits_arg, + int usage_arg, int alg_arg ) +{ + test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg, + usage_arg, usage_arg, alg_arg, alg_arg ); + goto exit; +} +/* END_CASE */ + /* BEGIN_CASE */ void key_attributes_init( ) { From afaee1cacfd21a9022b3d014de1120b16b8f0dad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Nov 2019 09:45:32 +0100 Subject: [PATCH 2049/2197] Catch AES failure in mbedtls_ctr_drbg_random The functions mbedtls_ctr_drbg_random() and mbedtls_ctr_drbg_random_with_add() could return 0 if an AES function failed. This could only happen with alternative AES implementations (the built-in implementation of the AES functions involved never fail), typically due to a failure in a hardware accelerator. Bug reported and fix proposed by Johan Uppman Bruce and Christoffer Lauri, Sectra. --- library/ctr_drbg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 047bb2a3e..517b45580 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -584,7 +584,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, exit: mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( 0 ); + return( ret ); } int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, From 972630e2401144d3041999d445b44c0617a5d72f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Nov 2019 11:55:48 +0100 Subject: [PATCH 2050/2197] Remove dependency of crypto_values.h on crypto_extra.h Define PSA_ALG_ECDSA_DETERMINISTIC_FLAG in crypto_values.h. This is necessary for the current PSA API specification processing scripts. --- include/psa/crypto_extra.h | 2 +- include/psa/crypto_values.h | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index c5313d619..8bd07261b 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -384,7 +384,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, #define PSA_ALG_DSA(hash_alg) \ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000) -#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) +#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG /** Deterministic DSA signature with hashing. * * This is the deterministic variant defined by RFC 6979 of diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 1e0c2136a..b095e1c93 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1197,11 +1197,12 @@ */ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) +#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000) #define PSA_ALG_IS_ECDSA(alg) \ - (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \ + (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ PSA_ALG_ECDSA_BASE) #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \ - (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0) + (((alg) & PSA_ALG_ECDSA_DETERMINISTIC_FLAG) != 0) #define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ From 895242be1c3c6f92d695cd7e2964b54ec3b02d26 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Nov 2019 12:15:40 +0100 Subject: [PATCH 2051/2197] Add negative test cases for deprecated aliases Catch more potential plumbing errors such as not returning the right value or not writing to an output parameter. --- tests/suites/test_suite_psa_crypto.function | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 543fe89e2..83b0c952d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3786,6 +3786,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature, signature_length ); #if defined(MBEDTLS_TEST_DEPRECATED) + memset( signature, 0, signature_size ); + signature_length = INVALID_EXPORT_LENGTH; PSA_ASSERT( psa_asymmetric_sign( handle, alg, input_data->x, input_data->len, signature, signature_size, @@ -3839,6 +3841,16 @@ void sign_fail( int key_type_arg, data_t *key_data, * checking the error code then they don't overflow a buffer. */ TEST_ASSERT( signature_length <= signature_size ); +#if defined(MBEDTLS_TEST_DEPRECATED) + signature_length = INVALID_EXPORT_LENGTH; + TEST_EQUAL( psa_asymmetric_sign( handle, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ), + expected_status ); + TEST_ASSERT( signature_length <= signature_size ); +#endif /* MBEDTLS_TEST_DEPRECATED */ + exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); @@ -3978,9 +3990,15 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, actual_status = psa_verify_hash( handle, alg, hash_data->x, hash_data->len, signature_data->x, signature_data->len ); - TEST_EQUAL( actual_status, expected_status ); +#if defined(MBEDTLS_TEST_DEPRECATED) + TEST_EQUAL( psa_asymmetric_verify( handle, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len ), + expected_status ); +#endif /* MBEDTLS_TEST_DEPRECATED */ + exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); From 2ff02c361e65a3fac94f9a5dce1db3f97cf6606f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Nov 2019 12:17:21 +0100 Subject: [PATCH 2052/2197] Document MBEDTLS_TEST_DEPRECATED --- tests/suites/main_test.function | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 6ddfc5927..a1ba61058 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -29,6 +29,11 @@ #include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ +/* Test code may use deprecated identifiers only if the preprocessor symbol + * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set + * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is + * enabled but the corresponding warnings are not treated as errors. + */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) && !defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_TEST_DEPRECATED #endif From 0168f2f2c1dd36e31adc90cd2c694270726cceab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Nov 2019 12:22:32 +0100 Subject: [PATCH 2053/2197] Better documentation in crypto_compat.h Note that the identifiers declared in this header are deprecated. Indicate what API version identifiers were from. --- include/psa/crypto_compat.h | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 6160d8a32..dc11da389 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -3,6 +3,10 @@ * * \brief PSA cryptography module: Backward compatibility aliases * + * This header declares alternative names for macro and functions. + * New application code should not use these names. + * These names may be removed in a future version of Mbed Crypto. + * * \note This file may not be included directly. Applications must * include psa/crypto.h. */ @@ -34,6 +38,9 @@ extern "C" { #if !defined(MBEDTLS_DEPRECATED_REMOVED) +/* + * Mechanism for declaring deprecated values + */ #if defined(MBEDTLS_DEPRECATED_WARNING) && !defined(MBEDTLS_PSA_DEPRECATED) #define MBEDTLS_PSA_DEPRECATED __attribute__((deprecated)) #else @@ -48,7 +55,7 @@ typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_ ( (mbedtls_deprecated_##type) ( value ) ) /* - * Deprecated PSA Crypto error code definitions + * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2) */ #define PSA_ERROR_UNKNOWN_ERROR \ MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) @@ -62,7 +69,7 @@ typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_ MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) /* - * Deprecated PSA Crypto numerical encodings + * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3) */ #define PSA_KEY_USAGE_SIGN \ MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) @@ -70,7 +77,7 @@ typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_ MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) /* - * Deprecated PSA Crypto size calculation macros + * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3) */ #define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) @@ -78,7 +85,7 @@ typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) /* - * Deprecated PSA Crypto function names + * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) */ /* Make these macros and not wrappers so that there is no cost to * applications that don't use the deprecated names. From d11550e11d893cd743996d8789c6d82ac3ea190a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 3 Dec 2019 15:52:31 +0000 Subject: [PATCH 2054/2197] Fix number of allocated errors in Platform --- include/mbedtls/error.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 06bb1c9ca..3fff9a054 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -86,7 +86,7 @@ * CHACHA20 3 0x0051-0x0055 * POLY1305 3 0x0057-0x005B * CHACHAPOLY 2 0x0054-0x0056 - * PLATFORM 1 0x0070-0x0072 + * PLATFORM 2 0x0070-0x0072 * * High-level module nr (3 bits - 0x0...-0x7...) * Name ID Nr of Errors From 60f6b64b8f6545c9fcc699291a19144ddff2cd99 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 3 Dec 2019 15:55:56 +0000 Subject: [PATCH 2055/2197] Add two error codes to the Error module One of the error codes was already reserved, this commit just makes it explicit. The other one is a new error code for initializing return values in the library: `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` should not be returned by the library. If it is returned, then it is surely a bug in the library or somebody is tampering with the device. --- include/mbedtls/error.h | 4 ++++ library/error.c | 11 +++++++++++ scripts/generate_errors.pl | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 3fff9a054..7ca54b8c3 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -55,6 +55,7 @@ * Low-level module errors (0x0002-0x007E, 0x0003-0x007F) * * Module Nr Codes assigned + * ERROR 2 0x006E 0x0001 * MPI 7 0x0002-0x0010 * GCM 3 0x0012-0x0014 0x0013-0x0013 * BLOWFISH 3 0x0016-0x0018 0x0017-0x0017 @@ -112,6 +113,9 @@ extern "C" { #endif +#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ +#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ + /** * \brief Translate a mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating diff --git a/library/error.c b/library/error.c index 649b3baa4..85beaeeac 100644 --- a/library/error.c +++ b/library/error.c @@ -109,6 +109,10 @@ #include "mbedtls/entropy.h" #endif +#if defined(MBEDTLS_ERROR_C) +#include "mbedtls/error.h" +#endif + #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" #endif @@ -579,6 +583,13 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); #endif /* MBEDTLS_ENTROPY_C */ +#if defined(MBEDTLS_ERROR_C) + if( use_ret == -(MBEDTLS_ERR_ERROR_GENERIC_ERROR) ) + mbedtls_snprintf( buf, buflen, "ERROR - Generic error" ); + if( use_ret == -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED) ) + mbedtls_snprintf( buf, buflen, "ERROR - This is a bug in the library" ); +#endif /* MBEDTLS_ERROR_C */ + #if defined(MBEDTLS_GCM_C) if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) ) mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index e640f4ccd..b4c014e3f 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -31,7 +31,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES - ENTROPY GCM HKDF HMAC_DRBG MD2 MD4 MD5 + ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5 OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD From a13b905d8dde4d851f1730e62643d1fb775649ca Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 22 Nov 2019 12:48:59 +0000 Subject: [PATCH 2056/2197] Map the new Mbed TLS error value in PSA --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e4d4924a9..b98a4629d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -351,6 +351,8 @@ static psa_status_t mbedtls_to_psa_error( int ret ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); + case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED: + return( PSA_ERROR_CORRUPTION_DETECTED ); default: return( PSA_ERROR_GENERIC_ERROR ); From 24eed8d2d2df4423a63c8761edd0d65a43ff03a3 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 22 Nov 2019 13:21:35 +0000 Subject: [PATCH 2057/2197] Initialise return values to an error Initialising the return values to and error is best practice and makes the library more robust. --- library/aes.c | 7 +++-- library/asn1parse.c | 17 ++++++----- library/asn1write.c | 19 ++++++------ library/bignum.c | 35 +++++++++++----------- library/ccm.c | 9 +++--- library/chacha20.c | 5 ++-- library/chachapoly.c | 15 +++++----- library/cipher.c | 13 ++++---- library/cipher_wrap.c | 3 +- library/cmac.c | 13 ++++---- library/ctr_drbg.c | 9 +++--- library/dhm.c | 15 +++++----- library/ecdh.c | 21 ++++++------- library/ecdsa.c | 15 +++++----- library/ecjpake.c | 33 +++++++++++---------- library/ecp.c | 67 +++++++++++++++++++++--------------------- library/ecp_curves.c | 19 ++++++------ library/entropy.c | 5 ++-- library/entropy_poll.c | 3 +- library/gcm.c | 11 +++---- library/hkdf.c | 3 +- library/hmac_drbg.c | 13 ++++---- library/md.c | 11 +++---- library/md2.c | 7 +++-- library/md4.c | 7 +++-- library/md5.c | 7 +++-- library/nist_kw.c | 3 +- library/oid.c | 3 +- library/pem.c | 11 +++---- library/pk.c | 9 +++--- library/pk_wrap.c | 27 +++++++++-------- library/pkcs12.c | 7 +++-- library/pkcs5.c | 3 +- library/pkparse.c | 27 +++++++++-------- library/pkwrite.c | 19 ++++++------ library/platform.c | 5 ++-- library/poly1305.c | 5 ++-- library/psa_crypto.c | 43 ++++++++++++++------------- library/ripemd160.c | 7 +++-- library/rsa.c | 29 +++++++++--------- library/sha1.c | 7 +++-- library/sha256.c | 7 +++-- library/sha512.c | 7 +++-- 43 files changed, 322 insertions(+), 279 deletions(-) diff --git a/library/aes.c b/library/aes.c index aff0a9939..6e8699022 100644 --- a/library/aes.c +++ b/library/aes.c @@ -38,6 +38,7 @@ #include "mbedtls/aes.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_PADLOCK_C) #include "mbedtls/padlock.h" #endif @@ -766,7 +767,7 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, const unsigned char *key, unsigned int keybits) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; @@ -791,7 +792,7 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, const unsigned char *key, unsigned int keybits) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; @@ -1175,7 +1176,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t blocks = length / 16; size_t leftover = length % 16; unsigned char tweak[16]; diff --git a/library/asn1parse.c b/library/asn1parse.c index 412259e35..5075dfd53 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -29,6 +29,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -124,7 +125,7 @@ int mbedtls_asn1_get_bool( unsigned char **p, const unsigned char *end, int *val ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) @@ -143,7 +144,7 @@ int mbedtls_asn1_get_int( unsigned char **p, const unsigned char *end, int *val ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) @@ -185,7 +186,7 @@ int mbedtls_asn1_get_mpi( unsigned char **p, const unsigned char *end, mbedtls_mpi *X ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) @@ -202,7 +203,7 @@ int mbedtls_asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, mbedtls_asn1_bitstring *bs) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Certificate type is a single byte bitstring */ if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) @@ -235,7 +236,7 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, size_t *len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) return( ret ); @@ -261,7 +262,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, mbedtls_asn1_sequence *cur, int tag) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; mbedtls_asn1_buf *buf; @@ -310,7 +311,7 @@ int mbedtls_asn1_get_alg( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, @@ -354,7 +355,7 @@ int mbedtls_asn1_get_alg_null( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf params; memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); diff --git a/library/asn1write.c b/library/asn1write.c index a138d0b75..262d0bf56 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -28,6 +28,7 @@ #if defined(MBEDTLS_ASN1_WRITE_C) #include "mbedtls/asn1write.h" +#include "mbedtls/error.h" #include @@ -131,7 +132,7 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, #if defined(MBEDTLS_BIGNUM_C) int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write the MPI @@ -168,7 +169,7 @@ cleanup: int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write NULL @@ -182,7 +183,7 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, @@ -197,7 +198,7 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *s const char *oid, size_t oid_len, size_t par_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if( par_len == 0 ) @@ -216,7 +217,7 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *s int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if( *p - start < 1 ) @@ -233,7 +234,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolea int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; do @@ -263,7 +264,7 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag, const char *text, size_t text_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, @@ -339,7 +340,7 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p, int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; size_t unused_bits, byte_len; @@ -372,7 +373,7 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); diff --git a/library/bignum.c b/library/bignum.c index a2f2a9f99..1d258db0e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -46,6 +46,7 @@ #include "mbedtls/bignum.h" #include "mbedtls/bn_mul.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -314,7 +315,7 @@ cleanup: */ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MPI_VALIDATE_RET( X != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); @@ -457,7 +458,7 @@ static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c ) */ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j, slen, n; mbedtls_mpi_uint d; mbedtls_mpi T; @@ -532,7 +533,7 @@ cleanup: static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p, const size_t buflen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint r; size_t length = 0; char *p_end = *p + buflen; @@ -697,7 +698,7 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) */ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n, slen, plen; /* * Buffer should have space for (short) label and decimal formatted MPI, @@ -832,7 +833,7 @@ static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; size_t const limbs = CHARS_TO_LIMBS( buflen ); @@ -864,7 +865,7 @@ cleanup: */ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t const limbs = CHARS_TO_LIMBS( buflen ); size_t const overhead = ( limbs * ciL ) - buflen; unsigned char *Xp; @@ -991,7 +992,7 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, */ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, v0, t1; mbedtls_mpi_uint r0 = 0, r1; MPI_VALIDATE_RET( X != NULL ); @@ -1170,7 +1171,7 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ) */ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi_uint *o, *p, c, tmp; MPI_VALIDATE_RET( X != NULL ); @@ -1251,7 +1252,7 @@ static void mpi_sub_hlp( size_t n, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d ) int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { mbedtls_mpi TB; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); @@ -1474,7 +1475,7 @@ void mpi_mul_hlp( size_t i, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d, mbedtls_mp */ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi TA, TB; MPI_VALIDATE_RET( X != NULL ); @@ -1629,7 +1630,7 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; mbedtls_mpi_uint TP2[3]; @@ -1775,7 +1776,7 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, */ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MPI_VALIDATE_RET( R != NULL ); MPI_VALIDATE_RET( A != NULL ); MPI_VALIDATE_RET( B != NULL ); @@ -1937,7 +1938,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t wbits, wsize, one = 1; size_t i, j, nblimbs; size_t bufsize, nbits; @@ -2152,7 +2153,7 @@ cleanup: */ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t lz, lzt; mbedtls_mpi TA, TB; @@ -2214,7 +2215,7 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t const limbs = CHARS_TO_LIMBS( size ); size_t const overhead = ( limbs * ciL ) - size; unsigned char *Xp; @@ -2245,7 +2246,7 @@ cleanup: */ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( A != NULL ); @@ -2498,7 +2499,7 @@ int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi XX; MPI_VALIDATE_RET( X != NULL ); MPI_VALIDATE_RET( f_rng != NULL ); diff --git a/library/ccm.c b/library/ccm.c index a7e360ecf..eaef106a1 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -38,6 +38,7 @@ #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -74,7 +75,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, const unsigned char *key, unsigned int keybits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; CCM_VALIDATE_RET( ctx != NULL ); @@ -156,7 +157,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; unsigned char q; size_t len_left, olen; @@ -366,7 +367,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; unsigned char i; int diff; @@ -479,7 +480,7 @@ int mbedtls_ccm_self_test( int verbose ) unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN]; unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN]; size_t i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ccm_init( &ctx ); diff --git a/library/chacha20.c b/library/chacha20.c index 8a3610f0e..343b2167c 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -33,6 +33,7 @@ #include "mbedtls/chacha20.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include #include @@ -325,7 +326,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32], unsigned char* output ) { mbedtls_chacha20_context ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CHACHA20_VALIDATE_RET( key != NULL ); CHACHA20_VALIDATE_RET( nonce != NULL ); @@ -536,7 +537,7 @@ int mbedtls_chacha20_self_test( int verbose ) { unsigned char output[381]; unsigned i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; for( i = 0U; i < 2U; i++ ) { diff --git a/library/chachapoly.c b/library/chachapoly.c index dc643dd61..f0af5ded2 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -30,6 +30,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -122,7 +123,7 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, const unsigned char key[32] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( key != NULL ); @@ -135,7 +136,7 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, const unsigned char nonce[12], mbedtls_chachapoly_mode_t mode ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char poly1305_key[64]; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( nonce != NULL ); @@ -191,7 +192,7 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL ); CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL ); @@ -240,7 +241,7 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, unsigned char mac[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char len_block[16]; CHACHAPOLY_VALIDATE_RET( ctx != NULL ); CHACHAPOLY_VALIDATE_RET( mac != NULL ); @@ -304,7 +305,7 @@ static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, unsigned char *output, unsigned char tag[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); if( ret != 0 ) @@ -354,7 +355,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; size_t i; int diff; @@ -492,7 +493,7 @@ int mbedtls_chachapoly_self_test( int verbose ) { mbedtls_chachapoly_context ctx; unsigned i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output[200]; unsigned char mac[16]; diff --git a/library/cipher.c b/library/cipher.c index 69079aae7..b62f1d593 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -34,6 +34,7 @@ #include "mbedtls/cipher.h" #include "mbedtls/cipher_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include #include @@ -504,7 +505,7 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t block_size; CIPHER_VALIDATE_RET( ctx != NULL ); @@ -1134,7 +1135,7 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len ) { unsigned char check_tag[16]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; CIPHER_VALIDATE_RET( ctx != NULL ); CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); @@ -1211,7 +1212,7 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t finish_olen; CIPHER_VALIDATE_RET( ctx != NULL ); @@ -1455,7 +1456,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen, @@ -1471,7 +1472,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CCM_C) if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen, @@ -1487,7 +1488,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CHACHAPOLY_C) if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ if ( ( iv_len != ctx->cipher_info->iv_size ) || diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7fc40b5f0..a813426be 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -32,6 +32,7 @@ #if defined(MBEDTLS_CIPHER_C) #include "mbedtls/cipher_internal.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_CHACHAPOLY_C) #include "mbedtls/chachapoly.h" @@ -1916,7 +1917,7 @@ static int chacha20_stream_wrap( void *ctx, size_t length, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_chacha20_update( ctx, length, input, output ); if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) diff --git a/library/cmac.c b/library/cmac.c index 5d101e1c7..642680d55 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -50,6 +50,7 @@ #include "mbedtls/cmac.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -136,7 +137,7 @@ static int cmac_multiply_by_u( unsigned char *output, static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx, unsigned char* K1, unsigned char* K2 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX]; size_t olen, block_size; @@ -315,7 +316,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen, block_size; if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL || @@ -393,7 +394,7 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, unsigned char *output ) { mbedtls_cipher_context_t ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( cipher_info == NULL || key == NULL || input == NULL || output == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); @@ -427,7 +428,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length, const unsigned char *input, size_t in_len, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE]; unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE]; @@ -894,7 +895,7 @@ exit: static int test_aes128_cmac_prf( int verbose ) { int i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output[MBEDTLS_AES_BLOCK_SIZE]; for( i = 0; i < NB_PRF_TESTS; i++ ) @@ -921,7 +922,7 @@ static int test_aes128_cmac_prf( int verbose ) int mbedtls_cmac_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_AES_C) /* AES-128 */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 047bb2a3e..281dc4fe1 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -34,6 +34,7 @@ #include "mbedtls/ctr_drbg.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -319,7 +320,7 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, size_t add_len ) { unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( add_len == 0 ) return( 0 ); @@ -367,7 +368,7 @@ static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, { unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); @@ -452,7 +453,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, const unsigned char *custom, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; size_t nonce_len; @@ -590,7 +591,7 @@ exit: int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) diff --git a/library/dhm.c b/library/dhm.c index 8255632a9..392ed0c15 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -37,6 +37,7 @@ #include "mbedtls/dhm.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -137,7 +138,7 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, unsigned char **p, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( p != NULL && *p != NULL ); DHM_VALIDATE_RET( end != NULL ); @@ -239,7 +240,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, const mbedtls_mpi *P, const mbedtls_mpi *G ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( P != NULL ); DHM_VALIDATE_RET( G != NULL ); @@ -260,7 +261,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( input != NULL ); @@ -396,7 +397,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi GYb; DHM_VALIDATE_RET( ctx != NULL ); DHM_VALIDATE_RET( output != NULL ); @@ -473,7 +474,7 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ) int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *p, *end; #if defined(MBEDTLS_PEM_PARSE_C) @@ -627,7 +628,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n ) */ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; DHM_VALIDATE_RET( dhm != NULL ); @@ -679,7 +680,7 @@ static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_param */ int mbedtls_dhm_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_dhm_context dhm; mbedtls_dhm_init( &dhm ); diff --git a/library/ecdh.c b/library/ecdh.c index 914eb5055..3cf533371 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -36,6 +36,7 @@ #include "mbedtls/ecdh.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -80,7 +81,7 @@ static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* If multiplication is in progress, we already generated a privkey */ #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -121,7 +122,7 @@ static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point P; mbedtls_ecp_point_init( &P ); @@ -199,7 +200,7 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx, mbedtls_ecp_group_id grp_id ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_ecp_group_load( &ctx->grp, grp_id ); if( ret != 0 ) @@ -307,7 +308,7 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, void *p_rng, int restart_enabled ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t grp_len, pt_len; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; @@ -414,7 +415,7 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; ECDH_VALIDATE_RET( ctx != NULL ); ECDH_VALIDATE_RET( buf != NULL ); @@ -451,7 +452,7 @@ static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* If it's not our key, just import the public part as Qp */ if( side == MBEDTLS_ECDH_THEIRS ) @@ -475,7 +476,7 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, mbedtls_ecdh_side side ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECDH_VALIDATE_RET( ctx != NULL ); ECDH_VALIDATE_RET( key != NULL ); ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || @@ -530,7 +531,7 @@ static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx, void *p_rng, int restart_enabled ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif @@ -602,7 +603,7 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx, const unsigned char *buf, size_t blen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, @@ -652,7 +653,7 @@ static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx, void *p_rng, int restart_enabled ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif diff --git a/library/ecdsa.c b/library/ecdsa.c index bda9262c9..a6ba75d1c 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -51,6 +51,7 @@ #endif #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" /* Parameter validation macros based on platform_util.h */ #define ECDSA_VALIDATE_RET( cond ) \ @@ -229,7 +230,7 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x, const unsigned char *buf, size_t blen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n_size = ( grp->nbits + 7 ) / 8; size_t use_size = blen > n_size ? n_size : blen; @@ -429,7 +430,7 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, void *p_rng_blind, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context rng_ctx; mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; @@ -599,7 +600,7 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, const mbedtls_mpi *r, const mbedtls_mpi *s, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi e, s_inv, u1, u2; mbedtls_ecp_point R; mbedtls_mpi *pu1 = &u1, *pu2 = &u2; @@ -723,7 +724,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, unsigned char *sig, size_t *slen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; unsigned char *p = buf + sizeof( buf ); size_t len = 0; @@ -752,7 +753,7 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; ECDSA_VALIDATE_RET( ctx != NULL ); ECDSA_VALIDATE_RET( hash != NULL ); @@ -845,7 +846,7 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, const unsigned char *sig, size_t slen, mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = (unsigned char *) sig; const unsigned char *end = sig + slen; size_t len; @@ -925,7 +926,7 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, */ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECDSA_VALIDATE_RET( ctx != NULL ); ECDSA_VALIDATE_RET( key != NULL ); diff --git a/library/ecjpake.c b/library/ecjpake.c index 1845c936a..79ea3cbec 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -34,6 +34,7 @@ #include "mbedtls/ecjpake.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -110,7 +111,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, const unsigned char *secret, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECJPAKE_VALIDATE_RET( ctx != NULL ); ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT || @@ -159,7 +160,7 @@ static int ecjpake_write_len_point( unsigned char **p, const int pf, const mbedtls_ecp_point *P ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; /* Need at least 4 for length plus 1 for point */ @@ -199,7 +200,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info, const char *id, mbedtls_mpi *h ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[ECJPAKE_HASH_BUF_LEN]; unsigned char *p = buf; const unsigned char *end = buf + sizeof( buf ); @@ -249,7 +250,7 @@ static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, const unsigned char **p, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V, VV; mbedtls_mpi r, h; size_t r_len; @@ -324,7 +325,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V; mbedtls_mpi v; mbedtls_mpi h; /* later recycled to hold r */ @@ -382,7 +383,7 @@ static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, const unsigned char **p, const unsigned char *end ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( end < *p ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); @@ -422,7 +423,7 @@ static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( end < *p ) @@ -457,7 +458,7 @@ static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, const unsigned char *buf, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; const unsigned char *end = buf + len; @@ -495,7 +496,7 @@ static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; const unsigned char *end = buf + len; @@ -553,7 +554,7 @@ static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *B, const mbedtls_ecp_point *C ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi one; mbedtls_mpi_init( &one ); @@ -575,7 +576,7 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; const unsigned char *end = buf + len; mbedtls_ecp_group grp; @@ -639,7 +640,7 @@ static int ecjpake_mul_secret( mbedtls_mpi *R, int sign, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi b; /* Blinding value, then s + N * blinding */ mbedtls_mpi_init( &b ); @@ -668,7 +669,7 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point G; /* C: GA, S: GB */ mbedtls_ecp_point Xm; /* C: Xc, S: Xs */ mbedtls_mpi xm; /* C: xc, S: xs */ @@ -750,7 +751,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point K; mbedtls_mpi m_xm2_s, one; unsigned char kx[MBEDTLS_ECP_MAX_BYTES]; @@ -956,7 +957,7 @@ static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, const unsigned char *xm1, size_t len1, const unsigned char *xm2, size_t len2 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) ); @@ -1004,7 +1005,7 @@ static int ecjpake_lgc( void *p, unsigned char *out, size_t len ) */ int mbedtls_ecjpake_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecjpake_context cli; mbedtls_ecjpake_context srv; unsigned char buf[512], pms[32]; diff --git a/library/ecp.c b/library/ecp.c index c281d8419..1ad169742 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -81,6 +81,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/threading.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -634,7 +635,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ) */ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( P != NULL ); ECP_VALIDATE_RET( Q != NULL ); @@ -662,7 +663,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src */ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( pt != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) ); @@ -708,7 +709,7 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, const char *x, const char *y ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( P != NULL ); ECP_VALIDATE_RET( x != NULL ); ECP_VALIDATE_RET( y != NULL ); @@ -903,7 +904,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp int format, size_t *olen, unsigned char *buf, size_t blen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( pt != NULL ); ECP_VALIDATE_RET( olen != NULL ); @@ -936,7 +937,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( buf != NULL ); @@ -1031,7 +1032,7 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, */ static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( grp->modp == NULL ) return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) ); @@ -1088,7 +1089,7 @@ static inline int mbedtls_mpi_mul_mod( const mbedtls_ecp_group *grp, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( X, A, B ) ); MOD_MUL( *X ); cleanup: @@ -1108,7 +1109,7 @@ static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( X, A, B ) ); MOD_SUB( *X ); cleanup: @@ -1129,7 +1130,7 @@ static inline int mbedtls_mpi_add_mod( const mbedtls_ecp_group *grp, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, A, B ) ); MOD_ADD( *X ); cleanup: @@ -1140,7 +1141,7 @@ static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, mbedtls_mpi *X, size_t count ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, count ) ); MOD_ADD( *X ); cleanup: @@ -1162,7 +1163,7 @@ cleanup: */ static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi Zi, ZZi; if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ) @@ -1214,7 +1215,7 @@ cleanup: static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, mbedtls_ecp_point *T[], size_t T_size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi *c, u, Zi, ZZi; @@ -1303,7 +1304,7 @@ static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *Q, unsigned char inv ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char nonzero; mbedtls_mpi mQY; @@ -1337,7 +1338,7 @@ cleanup: static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *P ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, S, T, U; #if defined(MBEDTLS_SELF_TEST) @@ -1433,7 +1434,7 @@ cleanup: static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi T1, T2, T3, T4, X, Y, Z; #if defined(MBEDTLS_SELF_TEST) @@ -1521,7 +1522,7 @@ cleanup: static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l, ll; size_t p_size; int count = 0; @@ -1693,7 +1694,7 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, unsigned char w, size_t d, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t j = 0; const unsigned char T_size = 1U << ( w - 1 ); @@ -1829,7 +1830,7 @@ static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_ecp_point T[], unsigned char T_size, unsigned char i ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ii, j; /* Ignore the "sign" bit and scale down */ @@ -1862,7 +1863,7 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Txi; size_t i; @@ -1942,7 +1943,7 @@ static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, unsigned char w, unsigned char *parity_trick ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, mm; mbedtls_mpi_init( &M ); @@ -1988,7 +1989,7 @@ static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char parity_trick; unsigned char k[COMB_MAX_D + 1]; mbedtls_ecp_point *RR = R; @@ -2083,7 +2084,7 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char w, p_eq_g, i; size_t d; unsigned char T_size, T_ok; @@ -2215,7 +2216,7 @@ cleanup: */ static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) if( mbedtls_internal_ecp_grp_capable( grp ) ) @@ -2241,7 +2242,7 @@ cleanup: static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l; size_t p_size; int count = 0; @@ -2296,7 +2297,7 @@ static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, const mbedtls_mpi *d ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB; #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) @@ -2344,7 +2345,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; unsigned char b; mbedtls_ecp_point RP; @@ -2484,7 +2485,7 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, */ static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi YY, RHS; /* pt coordinates must be normalized for our checks */ @@ -2537,7 +2538,7 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( mbedtls_mpi_cmp_int( m, 1 ) == 0 ) { @@ -2569,7 +2570,7 @@ int mbedtls_ecp_muladd_restartable( const mbedtls_mpi *n, const mbedtls_ecp_point *Q, mbedtls_ecp_restart_ctx *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point mP; mbedtls_ecp_point *pmP = &mP; mbedtls_ecp_point *pR = R; @@ -2846,7 +2847,7 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( grp != NULL ); ECP_VALIDATE_RET( d != NULL ); ECP_VALIDATE_RET( G != NULL ); @@ -2882,7 +2883,7 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ECP_VALIDATE_RET( key != NULL ); ECP_VALIDATE_RET( f_rng != NULL ); @@ -2966,7 +2967,7 @@ cleanup: */ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Q; mbedtls_ecp_group grp; ECP_VALIDATE_RET( pub != NULL ); @@ -3012,7 +3013,7 @@ cleanup: */ int mbedtls_ecp_self_test( int verbose ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_ecp_group grp; mbedtls_ecp_point R, P; diff --git a/library/ecp_curves.c b/library/ecp_curves.c index dcc70739d..a24a50c03 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -29,6 +29,7 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -669,7 +670,7 @@ static int ecp_mod_p256k1( mbedtls_mpi * ); */ static int ecp_use_curve25519( mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Actually ( A + 2 ) / 4 */ MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) ); @@ -709,7 +710,7 @@ cleanup: static int ecp_use_curve448( mbedtls_ecp_group *grp ) { mbedtls_mpi Ns; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_init( &Ns ); @@ -900,7 +901,7 @@ static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry ) */ static int ecp_mod_p192( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint c = 0; mbedtls_mpi_uint *p, *end; @@ -991,7 +992,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) * (see fix_negative for the motivation of C) */ #define INIT( b ) \ - int ret; \ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; \ signed char c = 0, cc; \ uint32_t cur; \ size_t i = 0, bits = (b); \ @@ -1027,7 +1028,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) */ static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* C = - c * 2^(bits + 32) */ #if !defined(MBEDTLS_HAVE_INT64) @@ -1185,7 +1186,7 @@ cleanup: */ static int ecp_mod_p521( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M; mbedtls_mpi_uint Mp[P521_WIDTH + 1]; @@ -1234,7 +1235,7 @@ cleanup: */ static int ecp_mod_p255( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M; mbedtls_mpi_uint Mp[P255_WIDTH + 2]; @@ -1291,7 +1292,7 @@ cleanup: */ static int ecp_mod_p448( mbedtls_mpi *N ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, Q; mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH]; @@ -1353,7 +1354,7 @@ cleanup: static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, size_t adjust, size_t shift, mbedtls_mpi_uint mask ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, R; mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1]; diff --git a/library/entropy.c b/library/entropy.c index d7091cbf7..ad6de2307 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -36,6 +36,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -236,7 +237,7 @@ cleanup: int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, const unsigned char *data, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) @@ -308,7 +309,7 @@ cleanup: */ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 4556f88a5..c9b2c95c6 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -36,6 +36,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_TIMING_C) #include "mbedtls/timing.h" @@ -121,7 +122,7 @@ int mbedtls_platform_entropy_poll( void *data, { FILE *file; size_t read_len; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) data); #if defined(HAVE_GETRANDOM) diff --git a/library/gcm.c b/library/gcm.c index 5121a7ac7..26f6010a0 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -39,6 +39,7 @@ #include "mbedtls/gcm.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -168,7 +169,7 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, const unsigned char *key, unsigned int keybits ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; GCM_VALIDATE_RET( ctx != NULL ); @@ -280,7 +281,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, const unsigned char *add, size_t add_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; size_t i; const unsigned char *p; @@ -365,7 +366,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ectr[16]; size_t i; const unsigned char *p; @@ -476,7 +477,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, size_t tag_len, unsigned char *tag ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( iv != NULL ); @@ -508,7 +509,7 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; size_t i; int diff; diff --git a/library/hkdf.c b/library/hkdf.c index 82d8a429f..379035ddb 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -29,13 +29,14 @@ #include #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char prk[MBEDTLS_MD_MAX_SIZE]; ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, prk ); diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index f71c95c44..f811885c9 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -35,6 +35,7 @@ #include "mbedtls/hmac_drbg.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -127,7 +128,7 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t * md_info, const unsigned char *data, size_t data_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -159,7 +160,7 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, { unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; { size_t total_entropy_len; @@ -251,7 +252,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, const unsigned char *custom, size_t len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t md_size; if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) @@ -329,7 +330,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, unsigned char *output, size_t out_len, const unsigned char *additional, size_t add_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); size_t left = out_len; @@ -398,7 +399,7 @@ exit: */ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) @@ -434,7 +435,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) #if defined(MBEDTLS_FS_IO) int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; diff --git a/library/md.c b/library/md.c index e1b5183b6..b2352034b 100644 --- a/library/md.c +++ b/library/md.c @@ -34,6 +34,7 @@ #include "mbedtls/md.h" #include "mbedtls/md_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include "mbedtls/md2.h" #include "mbedtls/md4.h" @@ -643,7 +644,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si #if defined(MBEDTLS_FS_IO) int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; size_t n; mbedtls_md_context_t ctx; @@ -683,7 +684,7 @@ cleanup: int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; unsigned char *ipad, *opad; size_t i; @@ -738,7 +739,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; @@ -762,7 +763,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ipad; if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) @@ -781,7 +782,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, unsigned char *output ) { mbedtls_md_context_t ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( md_info == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); diff --git a/library/md2.c b/library/md2.c index 1c0b3df52..82aed8e73 100644 --- a/library/md2.c +++ b/library/md2.c @@ -35,6 +35,7 @@ #include "mbedtls/md2.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -170,7 +171,7 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; while( ilen > 0 ) @@ -212,7 +213,7 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; unsigned char x; @@ -250,7 +251,7 @@ int mbedtls_md2_ret( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md2_context ctx; mbedtls_md2_init( &ctx ); diff --git a/library/md4.c b/library/md4.c index 828fd4299..6a658e31d 100644 --- a/library/md4.c +++ b/library/md4.c @@ -35,6 +35,7 @@ #include "mbedtls/md4.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -253,7 +254,7 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -323,7 +324,7 @@ static const unsigned char md4_padding[64] = int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; @@ -371,7 +372,7 @@ int mbedtls_md4_ret( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md4_context ctx; mbedtls_md4_init( &ctx ); diff --git a/library/md5.c b/library/md5.c index a93da8a06..2306855f4 100644 --- a/library/md5.c +++ b/library/md5.c @@ -34,6 +34,7 @@ #include "mbedtls/md5.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -259,7 +260,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -318,7 +319,7 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; @@ -386,7 +387,7 @@ int mbedtls_md5_ret( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md5_context ctx; mbedtls_md5_init( &ctx ); diff --git a/library/nist_kw.c b/library/nist_kw.c index 317a2426a..03e807202 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -39,6 +39,7 @@ #include "mbedtls/nist_kw.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include #include @@ -116,7 +117,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, unsigned int keybits, const int is_wrap ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_values( cipher, diff --git a/library/oid.c b/library/oid.c index 27c455e87..891d3cdea 100644 --- a/library/oid.c +++ b/library/oid.c @@ -31,6 +31,7 @@ #include "mbedtls/oid.h" #include "mbedtls/rsa.h" +#include "mbedtls/error.h" #include #include @@ -732,7 +733,7 @@ FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pb int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n; unsigned int value; char *p; diff --git a/library/pem.c b/library/pem.c index 897c8a0d6..31f4a9a25 100644 --- a/library/pem.c +++ b/library/pem.c @@ -34,6 +34,7 @@ #include "mbedtls/md5.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -85,7 +86,7 @@ static int pem_pbkdf1( unsigned char *key, size_t keylen, mbedtls_md5_context md5_ctx; unsigned char md5sum[16]; size_t use_len; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md5_init( &md5_ctx ); @@ -146,7 +147,7 @@ static int pem_des_decrypt( unsigned char des_iv[8], { mbedtls_des_context des_ctx; unsigned char des_key[8]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_des_init( &des_ctx ); @@ -174,7 +175,7 @@ static int pem_des3_decrypt( unsigned char des3_iv[8], { mbedtls_des3_context des3_ctx; unsigned char des3_key[24]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_des3_init( &des3_ctx ); @@ -204,7 +205,7 @@ static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, { mbedtls_aes_context aes_ctx; unsigned char aes_key[32]; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_aes_init( &aes_ctx ); @@ -439,7 +440,7 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer, const unsigned char *der_data, size_t der_len, unsigned char *buf, size_t buf_len, size_t *olen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *encode_buf = NULL, *c, *p = buf; size_t len = 0, use_len, add_len = 0; diff --git a/library/pk.c b/library/pk.c index e93ccfdab..fc166728b 100644 --- a/library/pk.c +++ b/library/pk.c @@ -30,6 +30,7 @@ #include "mbedtls/pk_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" @@ -297,7 +298,7 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, mbedtls_ecp_restart_is_enabled() && ctx->pk_info->verify_rs_func != NULL ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) return( ret ); @@ -354,7 +355,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, if( type == MBEDTLS_PK_RSASSA_PSS ) { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_rsassa_pss_options *pss_opts; #if SIZE_MAX > UINT_MAX @@ -420,7 +421,7 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, mbedtls_ecp_restart_is_enabled() && ctx->pk_info->sign_rs_func != NULL ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) return( ret ); @@ -604,7 +605,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, psa_ecc_curve_t curve_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* export the private key material in the format PSA wants */ if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 702c3bbb4..266ee7fa4 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -27,6 +27,7 @@ #if defined(MBEDTLS_PK_C) #include "mbedtls/pk_internal.h" +#include "mbedtls/error.h" /* Even if RSA not activated, for the sake of RSA-alt */ #include "mbedtls/rsa.h" @@ -83,7 +84,7 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; size_t rsa_len = mbedtls_rsa_get_len( rsa ); @@ -248,7 +249,7 @@ static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; mbedtls_ecdsa_init( &ecdsa ); @@ -266,7 +267,7 @@ static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; mbedtls_ecdsa_init( &ecdsa ); @@ -340,7 +341,7 @@ static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len, void *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ @@ -365,7 +366,7 @@ static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ @@ -490,7 +491,7 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end, unsigned char *to, size_t to_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t unpadded_len, padding_len; if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len, @@ -524,7 +525,7 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, unsigned char *sig, size_t int_size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t tmp_size; if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size, @@ -545,7 +546,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t key_handle = 0; psa_status_t status; @@ -630,7 +631,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, @@ -658,7 +659,7 @@ static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len, void *rs_ctx ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); ret = mbedtls_ecdsa_read_signature_restartable( @@ -804,7 +805,7 @@ static int rsa_alt_check_pair( const void *pub, const void *prv ) unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char hash[32]; size_t sig_len = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); @@ -925,7 +926,7 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type ) static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, size_t n_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if( (size_t)( *p - start ) < n_len ) @@ -977,7 +978,7 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len, size_t buf_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const size_t rs_len = *sig_len / 2; unsigned char *p = sig + buf_len; diff --git a/library/pkcs12.c b/library/pkcs12.c index 7edf064c1..96c64ad63 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -37,6 +37,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -53,7 +54,7 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char **p = ¶ms->p; const unsigned char *end = params->p + params->len; @@ -145,7 +146,7 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, ((void) output); return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); #else - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[16]; mbedtls_arc4_context ctx; ((void) mode); @@ -250,7 +251,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, const unsigned char *salt, size_t saltlen, mbedtls_md_type_t md_type, int id, int iterations ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned int j; unsigned char diversifier[128]; diff --git a/library/pkcs5.c b/library/pkcs5.c index 3d29fd7e5..883232225 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -38,6 +38,7 @@ #if defined(MBEDTLS_PKCS5_C) #include "mbedtls/pkcs5.h" +#include "mbedtls/error.h" #if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" @@ -59,7 +60,7 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations, int *keylen, mbedtls_md_type_t *md_type ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf prf_alg_oid; unsigned char *p = params->p; const unsigned char *end = params->p + params->len; diff --git a/library/pkparse.c b/library/pkparse.c index ae210bca6..596dae919 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -31,6 +31,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -130,7 +131,7 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, const char *path, const char *pwd ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; @@ -157,7 +158,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, */ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; @@ -188,7 +189,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) static int pk_get_ecparams( unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *params ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if ( end - *p < 1 ) return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + @@ -243,7 +244,7 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, */ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = params->p; const unsigned char * const end = params->p + params->len; const unsigned char *end_field, *end_curve; @@ -433,7 +434,7 @@ cleanup: static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group_id *grp_id ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; mbedtls_ecp_group_init( &grp ); @@ -460,7 +461,7 @@ cleanup: */ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; if( params->tag == MBEDTLS_ASN1_OID ) @@ -500,7 +501,7 @@ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *g static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, mbedtls_ecp_keypair *key ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q, (const unsigned char *) *p, end - *p ) ) == 0 ) @@ -528,7 +529,7 @@ static int pk_get_rsapubkey( unsigned char **p, const unsigned char *end, mbedtls_rsa_context *rsa ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; if( ( ret = mbedtls_asn1_get_tag( p, end, &len, @@ -583,7 +584,7 @@ static int pk_get_pk_alg( unsigned char **p, const unsigned char *end, mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf alg_oid; memset( params, 0, sizeof(mbedtls_asn1_buf) ); @@ -615,7 +616,7 @@ static int pk_get_pk_alg( unsigned char **p, int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, mbedtls_pk_context *pk ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; mbedtls_asn1_buf alg_params; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; @@ -811,7 +812,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, const unsigned char *key, size_t keylen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int version, pubkey_done; size_t len; mbedtls_asn1_buf params; @@ -1164,7 +1165,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_info_t *pk_info; #if defined(MBEDTLS_PEM_PARSE_C) size_t len; @@ -1376,7 +1377,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; #if defined(MBEDTLS_RSA_C) const mbedtls_pk_info_t *pk_info; diff --git a/library/pkwrite.c b/library/pkwrite.c index c2c562348..49a21bf08 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -31,6 +31,7 @@ #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -77,7 +78,7 @@ static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, mbedtls_rsa_context *rsa ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_mpi T; @@ -116,7 +117,7 @@ end_of_export: static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, mbedtls_ecp_keypair *ec ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; @@ -144,7 +145,7 @@ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, static int pk_write_ec_param( unsigned char **p, unsigned char *start, mbedtls_ecp_keypair *ec ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const char *oid; size_t oid_len; @@ -163,7 +164,7 @@ static int pk_write_ec_param( unsigned char **p, unsigned char *start, static int pk_write_ec_private( unsigned char **p, unsigned char *start, mbedtls_ecp_keypair *ec ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t byte_length = ( ec->grp.pbits + 7 ) / 8; unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; @@ -181,7 +182,7 @@ exit: int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, const mbedtls_pk_context *key ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; PK_VALIDATE_RET( p != NULL ); @@ -229,7 +230,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0, par_len = 0, oid_len; mbedtls_pk_type_t pk_type; @@ -315,7 +316,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0; @@ -558,7 +559,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PUB_DER_MAX_BYTES]; size_t olen = 0; @@ -583,7 +584,7 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, si int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PRV_DER_MAX_BYTES]; const char *begin, *end; size_t olen = 0; diff --git a/library/platform.c b/library/platform.c index 575615954..420d09ea1 100644 --- a/library/platform.c +++ b/library/platform.c @@ -29,6 +29,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" /* The compile time configuration of memory allocation via the macros * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime @@ -86,7 +87,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), #include int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; va_list argp; va_start( argp, fmt ); @@ -131,7 +132,7 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, #include int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Avoid calling the invalid parameter handler by checking ourselves */ if( s == NULL || n == 0 || fmt == NULL ) diff --git a/library/poly1305.c b/library/poly1305.c index 2b56c5f7e..bc1e8a649 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -30,6 +30,7 @@ #include "mbedtls/poly1305.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -423,7 +424,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32], unsigned char mac[16] ) { mbedtls_poly1305_context ctx; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; POLY1305_VALIDATE_RET( key != NULL ); POLY1305_VALIDATE_RET( mac != NULL ); POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); @@ -529,7 +530,7 @@ int mbedtls_poly1305_self_test( int verbose ) { unsigned char mac[16]; unsigned i; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; for( i = 0U; i < 2U; i++ ) { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b98a4629d..c82cae9fe 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -75,6 +75,7 @@ #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include "mbedtls/ripemd160.h" #include "mbedtls/rsa.h" #include "mbedtls/sha1.h" @@ -1147,7 +1148,7 @@ static psa_status_t psa_get_rsa_public_exponent( psa_key_attributes_t *attributes ) { mbedtls_mpi mpi; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint8_t *buffer = NULL; size_t buflen; mbedtls_mpi_init( &mpi ); @@ -1251,7 +1252,7 @@ psa_status_t psa_get_key_slot_number( static int pk_write_pubkey_simple( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0; @@ -1336,7 +1337,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, PSA_KEY_TYPE_IS_ECC( slot->attr.type ) ) { mbedtls_pk_context pk; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { #if defined(MBEDTLS_RSA_C) @@ -1784,7 +1785,7 @@ static psa_status_t psa_validate_optional_attributes( if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_mpi actual, required; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_init( &actual ); mbedtls_mpi_init( &required ); ret = mbedtls_rsa_export( slot->data.rsa, @@ -2107,7 +2108,7 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ if( operation->alg != 0 ) @@ -2183,7 +2184,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ @@ -2251,7 +2252,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t *hash_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t actual_hash_length = PSA_HASH_SIZE( operation->alg ); /* Fill the output buffer with something that isn't a valid hash @@ -2634,7 +2635,7 @@ static int psa_cmac_setup( psa_mac_operation_t *operation, psa_key_slot_t *slot, const mbedtls_cipher_info_t *cipher_info ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; operation->mac_size = cipher_info->block_size; @@ -2755,7 +2756,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, const mbedtls_cipher_info_t *cipher_info = mbedtls_cipher_info_from_psa( full_length_alg, slot->attr.type, key_bits, NULL ); - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( cipher_info == NULL ) { status = PSA_ERROR_NOT_SUPPORTED; @@ -3107,7 +3108,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa, size_t *signature_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); @@ -3165,7 +3166,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, size_t signature_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); @@ -3231,7 +3232,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, size_t signature_size, size_t *signature_length ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); mbedtls_mpi_init( &r ); @@ -3286,7 +3287,7 @@ static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp, const uint8_t *signature, size_t signature_length ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); mbedtls_mpi_init( &r ); @@ -3525,7 +3526,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle, if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { mbedtls_rsa_context *rsa = slot->data.rsa; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( output_size < mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); #if defined(MBEDTLS_PKCS1_V15) @@ -3604,7 +3605,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle, if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa = slot->data.rsa; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( input_length != mbedtls_rsa_get_len( rsa ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -3801,7 +3802,7 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, size_t *iv_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( operation->iv_set || ! operation->iv_required ) { return( PSA_ERROR_BAD_STATE ); @@ -3833,7 +3834,7 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, size_t iv_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( operation->iv_set || ! operation->iv_required ) { return( PSA_ERROR_BAD_STATE ); @@ -3861,7 +3862,7 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, size_t *output_length ) { psa_status_t status; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t expected_output_size; if( operation->alg == 0 ) @@ -5371,7 +5372,7 @@ exit: psa_status_t psa_generate_random( uint8_t *output, size_t output_size ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; GUARD_MODULE_INITIALIZED; while( output_size > MBEDTLS_CTR_DRBG_MAX_REQUEST ) @@ -5466,7 +5467,7 @@ static psa_status_t psa_generate_key_internal( if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { mbedtls_rsa_context *rsa; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int exponent; psa_status_t status; if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) @@ -5508,7 +5509,7 @@ static psa_status_t psa_generate_key_internal( const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); mbedtls_ecp_keypair *ecp; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( domain_parameters_size != 0 ) return( PSA_ERROR_NOT_SUPPORTED ); if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) diff --git a/library/ripemd160.c b/library/ripemd160.c index 0791ae4cc..a62f4b824 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -35,6 +35,7 @@ #include "mbedtls/ripemd160.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -322,7 +323,7 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -390,7 +391,7 @@ static const unsigned char ripemd160_padding[64] = int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; @@ -439,7 +440,7 @@ int mbedtls_ripemd160_ret( const unsigned char *input, size_t ilen, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ripemd160_context ctx; mbedtls_ripemd160_init( &ctx ); diff --git a/library/rsa.c b/library/rsa.c index a35af4474..3c2f31438 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -49,6 +49,7 @@ #include "mbedtls/rsa_internal.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -98,7 +99,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; RSA_VALIDATE_RET( ctx != NULL ); if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || @@ -392,7 +393,7 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; RSA_VALIDATE_RET( ctx != NULL ); @@ -436,7 +437,7 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; RSA_VALIDATE_RET( ctx != NULL ); @@ -527,7 +528,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, void *p_rng, unsigned int nbits, int exponent ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi H, G, L; int prime_quality = 0; RSA_VALIDATE_RET( ctx != NULL ); @@ -719,7 +720,7 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; mbedtls_mpi T; RSA_VALIDATE_RET( ctx != NULL ); @@ -832,7 +833,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; /* Temporary holding the result */ @@ -1125,7 +1126,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, unsigned char *output ) { size_t olen; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = output; unsigned int hlen; const mbedtls_md_info_t *md_info; @@ -1212,7 +1213,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, unsigned char *output ) { size_t nb_pad, olen; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = output; RSA_VALIDATE_RET( ctx != NULL ); @@ -1322,7 +1323,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, unsigned char *output, size_t output_max_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, pad_len; unsigned char *p, bad, pad_done; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; @@ -1558,7 +1559,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, unsigned char *output, size_t output_max_len ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, plaintext_max_size; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; /* The following variables take sensitive values: their value must @@ -1774,7 +1775,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, unsigned char *p = sig; unsigned char salt[MBEDTLS_MD_MAX_SIZE]; size_t slen, min_slen, hlen, offset = 0; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; @@ -2029,7 +2030,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, const unsigned char *hash, unsigned char *sig ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *sig_try = NULL, *verif = NULL; RSA_VALIDATE_RET( ctx != NULL ); @@ -2151,7 +2152,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int expected_salt_len, const unsigned char *sig ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t siglen; unsigned char *p; unsigned char *hash_start; @@ -2448,7 +2449,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; RSA_VALIDATE_RET( dst != NULL ); RSA_VALIDATE_RET( src != NULL ); diff --git a/library/sha1.c b/library/sha1.c index 355c83d2f..923394341 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -34,6 +34,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -307,7 +308,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -368,7 +369,7 @@ void mbedtls_sha1_update( mbedtls_sha1_context *ctx, int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; @@ -440,7 +441,7 @@ int mbedtls_sha1_ret( const unsigned char *input, size_t ilen, unsigned char output[20] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha1_context ctx; SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); diff --git a/library/sha256.c b/library/sha256.c index 2dc0e1a2c..087a8e349 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -34,6 +34,7 @@ #include "mbedtls/sha256.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #include @@ -275,7 +276,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; @@ -336,7 +337,7 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx, int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; @@ -414,7 +415,7 @@ int mbedtls_sha256_ret( const unsigned char *input, unsigned char output[32], int is224 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha256_context ctx; SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); diff --git a/library/sha512.c b/library/sha512.c index 2e2b79787..fa4025653 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -34,6 +34,7 @@ #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" +#include "mbedtls/error.h" #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 @@ -323,7 +324,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; unsigned int left; @@ -383,7 +384,7 @@ void mbedtls_sha512_update( mbedtls_sha512_context *ctx, int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; uint64_t high, low; @@ -463,7 +464,7 @@ int mbedtls_sha512_ret( const unsigned char *input, unsigned char output[64], int is384 ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); From 49af2d3a4f1f51ec0c842df41b293b348574ec3f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Dec 2019 19:20:13 +0100 Subject: [PATCH 2058/2197] Support non-ASCII characters in headers Filter out non-ASCII characters in automatically processed headers. Do this in a way that minimizes the code change: keep manipulating strings, but strip off non-ASCII characters when reading lines, which should only remove characters in comments that we don't parse anyway. --- scripts/generate_psa_constants.py | 11 ++++++++--- tests/scripts/test_psa_constant_names.py | 12 ++++++++---- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index c2d255809..a9de148d7 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -270,11 +270,16 @@ class MacroCollector: # Other macro without parameter return + _nonascii_re = re.compile(rb'[^\x00-\x7f]+') + _continued_line_re = re.compile(rb'\\\r?\n\Z') def read_file(self, header_file): for line in header_file: - while line.endswith('\\\n'): + m = re.search(self._continued_line_re, line) + while m: cont = next(header_file) - line = line[:-2] + cont + line = line[:m.start(0)] + cont + m = re.search(self._continued_line_re, line) + line = re.sub(self._nonascii_re, rb'', line).decode('ascii') self.read_line(line) @staticmethod @@ -380,7 +385,7 @@ class MacroCollector: def generate_psa_constants(header_file_names, output_file_name): collector = MacroCollector() for header_file_name in header_file_names: - with open(header_file_name) as header_file: + with open(header_file_name, 'rb') as header_file: collector.read_file(header_file) temp_file_name = output_file_name + '.tmp' with open(temp_file_name, 'w') as output_file: diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 7553394f9..482932137 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -43,12 +43,14 @@ class read_file_lines: except that if process(line) raises an exception, then the read_file_lines snippet annotates the exception with the file name and line number. """ - def __init__(self, filename): + def __init__(self, filename, binary=False): self.filename = filename self.line_number = 'entry' self.generator = None + self.binary = binary def __enter__(self): - self.generator = enumerate(open(self.filename, 'r')) + self.generator = enumerate(open(self.filename, + 'rb' if self.binary else 'r')) return self def __iter__(self): for line_number, content in self.generator: @@ -224,13 +226,15 @@ class Inputs: if m.group(3): self.argspecs[name] = self._argument_split(m.group(3)) + _nonascii_re = re.compile(rb'[^\x00-\x7f]+') def parse_header(self, filename): """Parse a C header file, looking for "#define PSA_xxx".""" - with read_file_lines(filename) as lines: + with read_file_lines(filename, binary=True) as lines: for line in lines: + line = re.sub(self._nonascii_re, rb'', line).decode('ascii') self.parse_header_line(line) - _macro_identifier_re = r'[A-Z]\w+' + _macro_identifier_re = re.compile(r'[A-Z]\w+') def generate_undeclared_names(self, expr): for name in re.findall(self._macro_identifier_re, expr): if name not in self.all_declared: From 325584889d9e8c2ac78f2bdbe212d43781b262d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Dec 2019 19:03:35 +0100 Subject: [PATCH 2059/2197] Add option to show what values are tested This is useful to inspect what the script does manually, in particular to check that expected values do get tested. --keep-c provides the same information but in a way that's harder to access. --- tests/scripts/test_psa_constant_names.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 482932137..585f9decc 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -389,6 +389,8 @@ class Tests: outputs = output.decode('ascii').strip().split('\n') self.count += len(expressions) for expr, value, output in zip(expressions, values, outputs): + if self.options.show: + sys.stdout.write('{} {}\t{}\n'.format(type_word, value, output)) if normalize(expr) != normalize(output): self.errors.append(self.Error(type=type_word, expression=expr, @@ -434,6 +436,12 @@ def main(): parser.add_argument('--program', default='programs/psa/psa_constant_names', help='Program to test') + parser.add_argument('--show', + action='store_true', + help='Keep the intermediate C file') + parser.add_argument('--no-show', + action='store_false', dest='show', + help='Don\'t show tested values (default)') options = parser.parse_args() headers = [os.path.join(options.include[0], h) for h in HEADERS] inputs = gather_inputs(headers, TEST_SUITES) From 667c11141675361b9b7dd025622ffafa48c3cf0b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Dec 2019 19:03:20 +0100 Subject: [PATCH 2060/2197] Sanity checks for key attributes in exercise_key --- tests/suites/test_suite_psa_crypto.function | 83 +++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 83b0c952d..ba7c192b8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -106,6 +106,22 @@ static const size_t INVALID_EXPORT_LENGTH = ~0U; #undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE #endif +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +int lifetime_is_secure_element( psa_key_lifetime_t lifetime ) +{ + /* At the moment, anything that isn't a built-in lifetime is either + * a secure element or unassigned. */ + return( lifetime != PSA_KEY_LIFETIME_VOLATILE && + lifetime != PSA_KEY_LIFETIME_PERSISTENT ); +} +#else +int lifetime_is_secure_element( psa_key_lifetime_t lifetime ) +{ + (void) lifetime; + return( 0 ); +} +#endif + /** Test if a buffer contains a constant byte value. * * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`. @@ -212,6 +228,69 @@ static int construct_fake_rsa_key( unsigned char *buffer, return( len ); } +int check_key_attributes_sanity( psa_key_handle_t key ) +{ + int ok = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_lifetime_t lifetime; + psa_key_id_t id; + psa_key_type_t type; + psa_key_type_t bits; + + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + lifetime = psa_get_key_lifetime( &attributes ); + id = psa_get_key_id( &attributes ); + type = psa_get_key_type( &attributes ); + bits = psa_get_key_bits( &attributes ); + + /* Persistence */ + if( lifetime == PSA_KEY_LIFETIME_VOLATILE ) + TEST_ASSERT( id == 0 ); + else + { + TEST_ASSERT( + ( PSA_KEY_ID_USER_MIN <= id && id <= PSA_KEY_ID_USER_MAX ) || + ( PSA_KEY_ID_USER_MIN <= id && id <= PSA_KEY_ID_USER_MAX ) ); + } +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* randomly-generated 64-bit constant, should never appear in test data */ + psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21; + psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number ); + if( lifetime_is_secure_element( lifetime ) ) + { + /* Mbed Crypto currently always exposes the slot number to + * applications. This is not mandated by the PSA specification + * and may change in future versions. */ + TEST_EQUAL( status, 0 ); + TEST_ASSERT( slot_number != 0xec94d4a5058a1a21 ); + } + else + { + TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + } +#endif + + /* Type and size */ + TEST_ASSERT( type != 0 ); + TEST_ASSERT( bits != 0 ); + TEST_ASSERT( bits <= PSA_MAX_KEY_BITS ); + if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) + TEST_ASSERT( bits % 8 == 0 ); + + /* MAX macros concerning specific key types */ + if( PSA_KEY_TYPE_IS_ECC( type ) ) + TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); + else if( PSA_KEY_TYPE_IS_RSA( type ) ) + TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS ); + TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) <= PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE ); + + ok = 1; + +exit: + psa_reset_key_attributes( &attributes ); + return( ok ); +} + int exercise_mac_setup( psa_key_type_t key_type, const unsigned char *key_bytes, size_t key_length, @@ -1021,6 +1100,10 @@ static int exercise_key( psa_key_handle_t handle, psa_algorithm_t alg ) { int ok; + + if( ! check_key_attributes_sanity( handle ) ) + return( 0 ); + if( alg == 0 ) ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */ else if( PSA_ALG_IS_MAC( alg ) ) From fb745bf6180b5da37bd78f9528196d8386687c04 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 20:50:16 +0100 Subject: [PATCH 2061/2197] Fix memory failure handling in test_format_storage_data_check Fail the test instead of crashing if a memory allocation fails. Free memory even if the test fails. --- .../test_suite_psa_crypto_persistent_key.function | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 115bfea5d..d4163cdf7 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -32,8 +32,9 @@ void format_storage_data_check( data_t *key_data, int key_lifetime, int key_type, int key_usage, int key_alg, int key_alg2 ) { - uint8_t *file_data; - size_t file_data_length; + uint8_t *file_data = NULL; + size_t file_data_length = + key_data->len + sizeof( psa_persistent_key_storage_format ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_lifetime( &attributes, key_lifetime ); @@ -42,14 +43,15 @@ void format_storage_data_check( data_t *key_data, psa_set_key_algorithm( &attributes, key_alg ); psa_set_key_enrollment_algorithm( &attributes, key_alg2 ); - file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format ); - file_data = mbedtls_calloc( 1, file_data_length ); + ASSERT_ALLOC( file_data, file_data_length ); psa_format_key_data_for_storage( key_data->x, key_data->len, &attributes.core, file_data ); ASSERT_COMPARE( expected_file_data->x, expected_file_data->len, file_data, file_data_length ); + +exit: mbedtls_free( file_data ); } /* END_CASE */ From 92f2da9d676103d825a0e98859821baa847be5ad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 6 Dec 2019 21:23:12 +0100 Subject: [PATCH 2062/2197] More precise descriptions for format and parse tests --- .../test_suite_psa_crypto_persistent_key.data | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 8765dfc40..9e5d45a0f 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,27 +1,27 @@ -PSA Storage format data for storage +Format for storage: RSA private key format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN -PSA Storage parse stored data +Parse storage: RSA private key parse_storage_data_check:"505341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS -PSA Storage parse stored data wrong version, should fail +Parse storage: wrong version parse_storage_data_check:"505341004b455900ffffffff0100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE -PSA Storage parse too big data, should fail +Parse storage: data too big parse_storage_data_check:"505341004b455900000000000100000000000170010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE -PSA Storage parse bad magic, should fail +Parse storage: bad magic parse_storage_data_check:"645341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE -PSA Storage parse not enough magic, should fail +Parse storage: truncated magic parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE # Not specific to files, but only run this test in an environment where the maximum size could be reached. -Save maximum size persistent raw key +Save maximum-size persistent raw key depends_on:MBEDTLS_PSA_ITS_FILE_C save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE:PSA_SUCCESS -Save larger than maximum size persistent raw key, should fail +Save larger than maximum-size persistent raw key save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED Persistent key destroy @@ -66,7 +66,7 @@ import/export persistent key RSA keypair file not exist: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1 -PSA import/export-persistent symmetric key: 16 bytes [#1] +import/export-persistent symmetric key: 16 bytes depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0 @@ -92,6 +92,6 @@ import/export persistent key RSA keypair file not exist with restart: 1024-bit depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1 -PSA import/export-persistent symmetric key: 16 bytes [#2] +import/export-persistent symmetric key with restart: 16 bytes depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0 From f8210f2bd533e8935819ec5fd12680dfdc81f73f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 17:26:44 +0100 Subject: [PATCH 2063/2197] Test the block size for symmetric keys Also insist on their category. Fix a missing implementation of PSA_BLOCK_CIPHER_BLOCK_SIZE for ChaCha20. --- include/psa/crypto_values.h | 1 + tests/scripts/test_psa_constant_names.py | 2 ++ .../test_suite_psa_crypto_metadata.data | 20 +++++++------- .../test_suite_psa_crypto_metadata.function | 27 +++++++++++++++++++ 4 files changed, 40 insertions(+), 10 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index d0008a9f6..dbe75ad85 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -604,6 +604,7 @@ (type) == PSA_KEY_TYPE_DES ? 8 : \ (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ + (type) == PSA_KEY_TYPE_CHACHA20 ? 1 : \ 0) /** Vendor-defined algorithm flag. diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 585f9decc..717d0dbfa 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -102,6 +102,8 @@ class Inputs: # Any function ending in _algorithm also gets added to # self.algorithms. 'key_type': [self.key_types], + 'block_cipher_key_type': [self.key_types], + 'stream_cipher_key_type': [self.key_types], 'ecc_key_types': [self.ecc_curves], 'dh_key_types': [self.dh_groups], 'hash_algorithm': [self.hash_algorithms], diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 9cdee0353..d0cc79904 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -315,25 +315,25 @@ key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED Key type: secret for key derivation key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED -Key type: AES +Block cipher key type: AES depends_on:MBEDTLS_AES_C -key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED +block_cipher_key_type:PSA_KEY_TYPE_AES:16 -Key type: DES +Block cipher key type: DES depends_on:MBEDTLS_DES_C -key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED +block_cipher_key_type:PSA_KEY_TYPE_DES:8 -Key type: Camellia +Block cipher key type: Camellia depends_on:MBEDTLS_CAMELLIA_C -key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED +block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16 -Key type: ARC4 +Stream cipher key type: ARC4 depends_on:MBEDTLS_ARC4_C -key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED +stream_cipher_key_type:PSA_KEY_TYPE_ARC4 -Key type: ChaCha20 +Stream cipher key type: ChaCha20 depends_on:MBEDTLS_CHACHA20_C -key_type:PSA_KEY_TYPE_CHACHA20:KEY_TYPE_IS_UNSTRUCTURED +stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20 Key type: RSA public key depends_on:MBEDTLS_RSA_C diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 3a9347e2f..9282641e4 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -449,6 +449,33 @@ void key_type( int type_arg, int classification_flags ) } /* END_CASE */ +/* BEGIN_CASE */ +void block_cipher_key_type( int type_arg, int block_size_arg ) +{ + psa_key_type_t type = type_arg; + size_t block_size = block_size_arg; + + test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED ); + + TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); + TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), block_size ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void stream_cipher_key_type( int type_arg ) +{ + psa_key_type_t type = type_arg; + + test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED ); + + TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, + PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); + TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), 1 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void ecc_key_types( int curve_arg, int curve_bits_arg ) { From 7a1925c453b11851b521455eb8bd9fe0e8a07d35 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 18:01:24 +0100 Subject: [PATCH 2064/2197] Add a few EC public key import/export test cases Test a Brainpool curve and a curve whose bit size is not a multiple of 8. --- tests/suites/test_suite_psa_crypto.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 436ed7c31..fa2f6ec2f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -228,6 +228,14 @@ PSA import/export EC secp256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +PSA import/export EC secp521r1 public key: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP521R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 + +PSA import/export EC brainpoolP256r1 public key: good +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 + PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1 From 46c33801f3fb956966b03e556b8cdebc24fd492a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Dec 2019 21:20:16 +0100 Subject: [PATCH 2065/2197] Remove unused macros --- include/mbedtls/psa_util.h | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a87ca815b..2e7393b3c 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -378,24 +378,6 @@ static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group } } - -#define MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) \ - ( curve == PSA_ECC_CURVE_SECP192R1 ? 192 : \ - curve == PSA_ECC_CURVE_SECP224R1 ? 224 : \ - curve == PSA_ECC_CURVE_SECP256R1 ? 256 : \ - curve == PSA_ECC_CURVE_SECP384R1 ? 384 : \ - curve == PSA_ECC_CURVE_SECP521R1 ? 521 : \ - curve == PSA_ECC_CURVE_SECP192K1 ? 192 : \ - curve == PSA_ECC_CURVE_SECP224K1 ? 224 : \ - curve == PSA_ECC_CURVE_SECP256K1 ? 256 : \ - curve == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ - curve == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ - curve == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ - 0 ) - -#define MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( curve ) \ - ( ( MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) + 7 ) / 8 ) - /* Translations for PK layer */ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) From 4cd3277656a6f6676d2091053f8ce6dd6554b001 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 20:49:42 +0100 Subject: [PATCH 2066/2197] Factor common code of psa_import_ec_{public,private}_key --- library/psa_crypto.c | 40 ++++++++++++++++++---------------------- 1 file changed, 18 insertions(+), 22 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 25aff019a..59edae1cd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -584,6 +584,20 @@ exit: #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */ #if defined(MBEDTLS_ECP_C) +static psa_status_t psa_prepare_import_ec_key( psa_ecc_curve_t curve, + mbedtls_ecp_keypair **p_ecp ) +{ + mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE; + *p_ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); + if( *p_ecp == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + mbedtls_ecp_keypair_init( *p_ecp ); + + /* Load the group. */ + grp_id = mbedtls_ecc_group_of_psa( curve ); + return( mbedtls_to_psa_error( + mbedtls_ecp_group_load( &( *p_ecp )->grp, grp_id ) ) ); +} /* Import a public key given as the uncompressed representation defined by SEC1 * 2.3.3 as the content of an ECPoint. */ @@ -594,19 +608,11 @@ static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; - mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); - *p_ecp = NULL; - ecp = mbedtls_calloc( 1, sizeof( *ecp ) ); - if( ecp == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - mbedtls_ecp_keypair_init( ecp ); - - /* Load the group. */ - status = mbedtls_to_psa_error( - mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); + status = psa_prepare_import_ec_key( curve, &ecp ); if( status != PSA_SUCCESS ) goto exit; + /* Load the public value. */ status = mbedtls_to_psa_error( mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q, @@ -631,9 +637,7 @@ exit: } return( status ); } -#endif /* defined(MBEDTLS_ECP_C) */ -#if defined(MBEDTLS_ECP_C) /* Import a private key given as a byte string which is the private value * in big-endian order. */ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, @@ -643,22 +647,14 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; - mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); if( PSA_BITS_TO_BYTES( PSA_ECC_CURVE_BITS( curve ) ) != data_length ) return( PSA_ERROR_INVALID_ARGUMENT ); - *p_ecp = NULL; - ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); - if( ecp == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - mbedtls_ecp_keypair_init( ecp ); - - /* Load the group. */ - status = mbedtls_to_psa_error( - mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); + status = psa_prepare_import_ec_key( curve, &ecp ); if( status != PSA_SUCCESS ) goto exit; + /* Load the secret value. */ status = mbedtls_to_psa_error( mbedtls_mpi_read_binary( &ecp->d, data, data_length ) ); From 9c2ccd2e7afbb964be15fa4de53a2cd2682c5276 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 9 Dec 2019 15:00:41 +0000 Subject: [PATCH 2067/2197] Fix error code range in documentation --- include/mbedtls/error.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 7ca54b8c3..5ccebebde 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -52,7 +52,7 @@ * For historical reasons, low-level error codes are divided in even and odd, * even codes were assigned first, and -1 is reserved for other errors. * - * Low-level module errors (0x0002-0x007E, 0x0003-0x007F) + * Low-level module errors (0x0002-0x007E, 0x0001-0x007F) * * Module Nr Codes assigned * ERROR 2 0x006E 0x0001 From 18220610937ca099c0761a6fff0b84c0ff2f2d44 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Tue, 17 Dec 2019 15:03:59 +0000 Subject: [PATCH 2068/2197] Fix some pylint warnings Add docstrings where they were missing and fix a too-long line --- tests/scripts/check-test-cases.py | 3 +++ tests/scripts/mbedtls_test.py | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/scripts/check-test-cases.py b/tests/scripts/check-test-cases.py index 87a35e47e..939ca2314 100755 --- a/tests/scripts/check-test-cases.py +++ b/tests/scripts/check-test-cases.py @@ -26,6 +26,7 @@ import re import sys class Results: + """Store file and line information about errors or warnings in test suites.""" def __init__(self): self.errors = 0 self.warnings = 0 @@ -41,6 +42,7 @@ class Results: self.warnings += 1 def collect_test_directories(): + """Get the relative path for the TLS and Crypto test directories.""" if os.path.isdir('tests'): tests_dir = 'tests' elif os.path.isdir('suites'): @@ -55,6 +57,7 @@ def collect_test_directories(): return directories def check_description(results, seen, file_name, line_number, description): + """Check test case descriptions for errors.""" if description in seen: results.error(file_name, line_number, 'Duplicate description (also line {})', diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py index 6ac68a4fb..8f24435bf 100755 --- a/tests/scripts/mbedtls_test.py +++ b/tests/scripts/mbedtls_test.py @@ -310,7 +310,10 @@ class MbedTlsTest(BaseHostTest): param_bytes, length = self.test_vector_to_bytes(function_id, dependencies, args) - self.send_kv(''.join('{:02x}'.format(x) for x in length), ''.join('{:02x}'.format(x) for x in param_bytes)) + self.send_kv( + ''.join('{:02x}'.format(x) for x in length), + ''.join('{:02x}'.format(x) for x in param_bytes) + ) @staticmethod def get_result(value): From ad6cb11461c1b734f328b8638458794c8aea4551 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 14:58:03 +0200 Subject: [PATCH 2069/2197] Declare new config.h option MBEDTLS_SHA512_NO_SHA384 --- include/mbedtls/config.h | 10 ++++++++++ library/version_features.c | 3 +++ programs/test/query_config.c | 8 ++++++++ scripts/config.py | 1 + 4 files changed, 22 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index a4db6ba49..205c7bec7 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1033,6 +1033,16 @@ */ //#define MBEDTLS_SHA512_SMALLER +/** + * \def MBEDTLS_SHA512_NO_SHA384 + * + * Disable the SHA-384 option of the SHA-512 module. Use this to save some + * code size on devices that don't use SHA-384. + * + * Uncomment to disable SHA-384 + */ +//#define MBEDTLS_SHA512_NO_SHA384 + /** * \def MBEDTLS_THREADING_ALT * diff --git a/library/version_features.c b/library/version_features.c index a91723fcf..e2dc9b152 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -414,6 +414,9 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA512_SMALLER) "MBEDTLS_SHA512_SMALLER", #endif /* MBEDTLS_SHA512_SMALLER */ +#if defined(MBEDTLS_SHA512_NO_SHA384) + "MBEDTLS_SHA512_NO_SHA384", +#endif /* MBEDTLS_SHA512_NO_SHA384 */ #if defined(MBEDTLS_THREADING_ALT) "MBEDTLS_THREADING_ALT", #endif /* MBEDTLS_THREADING_ALT */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 1832b2c88..b6cbb09f7 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1132,6 +1132,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA512_SMALLER */ +#if defined(MBEDTLS_SHA512_NO_SHA384) + if( strcmp( "MBEDTLS_SHA512_NO_SHA384", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_NO_SHA384 ); + return( 0 ); + } +#endif /* MBEDTLS_SHA512_NO_SHA384 */ + #if defined(MBEDTLS_THREADING_ALT) if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) { diff --git a/scripts/config.py b/scripts/config.py index cb0e1c5fe..6d4828a95 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -183,6 +183,7 @@ def include_in_full(name): 'MBEDTLS_PSA_CRYPTO_SPM', 'MBEDTLS_PSA_INJECT_ENTROPY', 'MBEDTLS_RSA_NO_CRT', + 'MBEDTLS_SHA512_NO_SHA384', 'MBEDTLS_TEST_NULL_ENTROPY', ]: return False From 3df4e60561dc43854bc5a94515ff69466f6e0311 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 15:16:14 +0200 Subject: [PATCH 2070/2197] Implement SHA512_NO_SHA384 in sha512 module Saves 140 bytes on sha512.o, measured with: arm-none-eabi-gcc -Wall -Wextra -Iinclude -Os -mcpu=cortex-m0plus -mthumb -c library/sha512.c && arm-none-eabi-size sha512.o arm-none-eabi-gcc (GNU Tools for Arm Embedded Processors 7-2018-q2-update) 7.3.1 20180622 (release) [ARM/embedded-7-branch revision 261907] Todo: - fix selftest - fix dependencies in test suites - implement in MD layer --- include/mbedtls/sha512.h | 2 ++ library/sha512.c | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 48923e5bc..e8d0ab7c1 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -59,8 +59,10 @@ typedef struct mbedtls_sha512_context uint64_t total[2]; /*!< The number of Bytes processed. */ uint64_t state[8]; /*!< The intermediate digest state. */ unsigned char buffer[128]; /*!< The data block being processed. */ +#if !defined(MBEDTLS_SHA512_NO_SHA384) int is384; /*!< Determines which function to use: 0: Use SHA-512, or 1: Use SHA-384. */ +#endif } mbedtls_sha512_context; diff --git a/library/sha512.c b/library/sha512.c index fa4025653..6e9150757 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -151,6 +151,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) } else { +#if defined(MBEDTLS_SHA512_NO_SHA384) + return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ); +#else /* SHA-384 */ ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); ctx->state[1] = UL64(0x629A292A367CD507); @@ -160,9 +163,12 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) ctx->state[5] = UL64(0x8EB44A8768581511); ctx->state[6] = UL64(0xDB0C2E0D64F98FA7); ctx->state[7] = UL64(0x47B5481DBEFA4FA4); +#endif /* MBEDTLS_SHA512_NO_SHA384 */ } +#if !defined(MBEDTLS_SHA512_NO_SHA384) ctx->is384 = is384; +#endif return( 0 ); } @@ -437,7 +443,9 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, sha512_put_uint64_be( ctx->state[4], output, 32 ); sha512_put_uint64_be( ctx->state[5], output, 40 ); +#if !defined(MBEDTLS_SHA512_NO_SHA384) if( ctx->is384 == 0 ) +#endif { sha512_put_uint64_be( ctx->state[6], output, 48 ); sha512_put_uint64_be( ctx->state[7], output, 56 ); From 39ea19a35cd6f24ee5b2e79eb0887ced8d41ad16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 15:36:23 +0200 Subject: [PATCH 2071/2197] Adapt sha512 selftest to NO_SHA384 option --- library/sha512.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index 6e9150757..fc21331e9 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -524,8 +524,9 @@ static const size_t sha512_test_buflen[3] = 3, 112, 1000 }; -static const unsigned char sha512_test_sum[6][64] = +static const unsigned char sha512_test_sum[][64] = { +#if !defined(MBEDTLS_SHA512_NO_SHA384) /* * SHA-384 test vectors */ @@ -547,6 +548,7 @@ static const unsigned char sha512_test_sum[6][64] = 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, +#endif /* !MBEDTLS_SHA512_NO_SHA384 */ /* * SHA-512 test vectors @@ -577,6 +579,10 @@ static const unsigned char sha512_test_sum[6][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; +#define SHA512_TEST_SUM_N \ + ( sizeof( sha512_test_sum ) / sizeof( sha512_test_sum[0] ) ) + + /* * Checkup routine */ @@ -598,10 +604,14 @@ int mbedtls_sha512_self_test( int verbose ) mbedtls_sha512_init( &ctx ); - for( i = 0; i < 6; i++ ) + for( i = 0; i < (int) SHA512_TEST_SUM_N; i++ ) { j = i % 3; +#if !defined(MBEDTLS_SHA512_NO_SHA384) k = i < 3; +#else + k = 0; +#endif if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); From 6ba5a3fc57ac48d46ac7cc27543ffc6d4d5157e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 16:08:27 +0200 Subject: [PATCH 2072/2197] Declare test dependencies on !SHA512_NO_SHA384 --- tests/suites/test_suite_ecdsa.data | 20 +-- tests/suites/test_suite_hmac_drbg.misc.data | 8 +- .../test_suite_hmac_drbg.no_reseed.data | 120 +++++++++--------- tests/suites/test_suite_hmac_drbg.nopr.data | 120 +++++++++--------- tests/suites/test_suite_hmac_drbg.pr.data | 120 +++++++++--------- tests/suites/test_suite_md.data | 66 +++++----- tests/suites/test_suite_pkcs5.data | 10 +- tests/suites/test_suite_pkparse.data | 72 +++++------ tests/suites/test_suite_psa_crypto.data | 48 +++---- tests/suites/test_suite_psa_crypto_hash.data | 34 ++--- tests/suites/test_suite_rsa.data | 18 +-- tests/suites/test_suite_shax.data | 16 +-- 12 files changed, 326 insertions(+), 326 deletions(-) diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index 2aa0a2a6e..889f68488 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -66,7 +66,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"sample":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85" ECDSA deterministic test vector rfc 6979 p192 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"sample":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E" ECDSA deterministic test vector rfc 6979 p192 sha512 [#1] @@ -86,7 +86,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"test":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F" ECDSA deterministic test vector rfc 6979 p192 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"test":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A" ECDSA deterministic test vector rfc 6979 p192 sha512 [#2] @@ -106,7 +106,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"sample":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101" ECDSA deterministic test vector rfc 6979 p224 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"sample":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D" ECDSA deterministic test vector rfc 6979 p224 sha512 [#1] @@ -126,7 +126,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"test":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD" ECDSA deterministic test vector rfc 6979 p224 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"test":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB" ECDSA deterministic test vector rfc 6979 p224 sha512 [#2] @@ -146,7 +146,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"sample":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8" ECDSA deterministic test vector rfc 6979 p256 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"sample":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954" ECDSA deterministic test vector rfc 6979 p256 sha512 [#1] @@ -166,7 +166,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083" ECDSA deterministic test vector rfc 6979 p256 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"test":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C" ECDSA deterministic test vector rfc 6979 p256 sha512 [#2] @@ -186,7 +186,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"sample":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0" ECDSA deterministic test vector rfc 6979 p384 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"sample":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8" ECDSA deterministic test vector rfc 6979 p384 sha512 [#1] @@ -206,7 +206,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"test":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265" ECDSA deterministic test vector rfc 6979 p384 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"test":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5" ECDSA deterministic test vector rfc 6979 p384 sha512 [#2] @@ -226,7 +226,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"sample":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC" ECDSA deterministic test vector rfc 6979 p521 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"sample":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61" ECDSA deterministic test vector rfc 6979 p521 sha512 [#1] @@ -246,7 +246,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"test":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86" ECDSA deterministic test vector rfc 6979 p521 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"test":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979" ECDSA deterministic test vector rfc 6979 p521 sha512 [#2] diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data index 81cd62c3c..a3170fdf7 100644 --- a/tests/suites/test_suite_hmac_drbg.misc.data +++ b/tests/suites/test_suite_hmac_drbg.misc.data @@ -11,7 +11,7 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA256 HMAC_DRBG entropy usage SHA-384 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA384 HMAC_DRBG entropy usage SHA-512 @@ -43,11 +43,11 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-384 [#1] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-384 [#2] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-512 [#1] @@ -71,7 +71,7 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_buf:MBEDTLS_MD_SHA256 HMAC_DRBG from buffer SHA-384 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_buf:MBEDTLS_MD_SHA384 HMAC_DRBG from buffer SHA-512 diff --git a/tests/suites/test_suite_hmac_drbg.no_reseed.data b/tests/suites/test_suite_hmac_drbg.no_reseed.data index d7e62a120..8a726bc33 100644 --- a/tests/suites/test_suite_hmac_drbg.no_reseed.data +++ b/tests/suites/test_suite_hmac_drbg.no_reseed.data @@ -719,243 +719,243 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"3d99f9b7ac3a2fbe9cf15d960bf41f5588fc4db1e0d2a5c9c0fe9059f03593fb411f504bb63a9b3afa7ffa1357bb48be":"0bb5ebd55981a25ba69164da49fa92f2871fd3fc65eb30d0f0d0b8d798a4f8f2":"288e948a551284eb3cb23e26299955c2fb8f063c132a92683c1615ecaed80f30":"d975b22f79e34acf5db25a2a167ef60a10682dd9964e15533d75f7fa9efc5dcb":"ee8d707eea9bc7080d58768c8c64a991606bb808600cafab834db8bc884f866941b4a7eb8d0334d876c0f1151bccc7ce8970593dad0c1809075ce6dbca54c4d4667227331eeac97f83ccb76901762f153c5e8562a8ccf12c8a1f2f480ec6f1975ac097a49770219107d4edea54fb5ee23a8403874929d073d7ef0526a647011a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"a1dc2dfeda4f3a1124e0e75ebfbe5f98cac11018221dda3fdcf8f9125d68447abae5ea27166540515268a493a96b5187":"":"":"":"228293e59b1e4545a4ff9f232616fc5108a1128debd0f7c20ace837ca105cbf24c0dac1f9847dafd0d0500721ffad3c684a992d110a549a264d14a8911c50be8cd6a7e8fac783ad95b24f64fd8cc4c8b649eac2b15b363e30df79541a6b8a1caac238949b46643694c85e1d5fcbcd9aaae6260acee660b8a79bea48e079ceb6a5eaf4993a82c3f1b758d7c53e3094eeac63dc255be6dcdcc2b51e5ca45d2b20684a5a8fa5806b96f8461ebf51bc515a7dd8c5475c0e70f2fd0faf7869a99ab6c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"067fa0e25d71ea392671c24f38ef782ab3587a7b3c77ea756f7bd496b445b7a3ce6acc722768ca0e03784b2217bc60e4":"":"":"":"16eaa49510ffad8cc21ec32858640a0d6f34cb03e8649022aa5c3f566b44e8ace7c3b056cf2a44b242de09ae21dba4275418933611875841b4f0944a8272848c5dc1aad685935e12511d5ee27e9162d4bb968afab53c4b338269c1c77da9d78617911ed4390cb20e88bf30b74fda66fe05df5537a759061d3ffd9231d811e8b34213f22ab0b0ddafff7749a40243a901c310776e09d2e529806d4d6f0655178953c16707519c3c19b9aaa0d09fb676a9d23525c8bc388053bfccfbc368e3eb04" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"9f76503e84727297bc7056c7af917a1c98baa725295457db4fcf54ed09af7f15f39c46142b85a67b4b323594b7e97bde":"":"":"":"7d6a8bc5a7f057ceed6109bfac2486f80f81373b6b31d062aa1fad6d9eda5874867b9ef007ba5a92ba8f3fca624bfd9f7ee5770bbeb0391394fef783c16a7f003c06e5469bab03445bb28a2111def415d162e40472d3e5ae628c5c63170bb19f741c79a5331c883c12bca429f518bf71b14683a071b6c6e1e55d8c7a0f3942bc12a103556c49ca173e498b3b4a15027145cdaeb195bc8a7e1aa82ebdf6ecd516481a4d21f400d0d71b5894545888fee8beed80d3251647947f5abc4735b47fd0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"e242e5b3b49d87289fe02840dc742a2a6cd9490fe2cce581833dddb1edc0d103f987f5de5c68cd345c81b032ea55f36d":"":"":"":"3a858345dfaf00defdf6c83114b760ef53b131fbf14bcc4052cd948820eee78a11cbbd8f4baa308e1d187fced74cbf019c1080d9efffd93fda07df051433876d9900c1f9ad36ea1cb04989bb0c55fd6d01e46923f3bc8887ac00ebd4710212114165355361e240b04232df55a81add3fb363f0d4c9c5e3d313bc7caac7d49dca8517cedacf571fde9686ae93d901fb9b17097a638bb9899cfab0ebc9d1f8a43c2eed7c9f326a711d0f5b9cfc5166c9b561824cbd7775ec601ca712b3ddaaa05b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"42cc17365f5ea5fd22bdc4ade715e293064d6794d82bed5b77c4c107a73de1f76d759e4b191ba01e0ed5dea788ab018d":"":"":"":"de06dee8c8fe453aa03ac2546c39f5cda12412864d52ed5cbd0d4905dd226746d50d1af9fd3e1d90de0f16295cb7f6f4d3271ef00564709df4b05eb9f8adc0f8e8522b05b9f32c37d8526813898b9f71db57fc8328e3b79144482e8aa55c83934d6e097e43ec6d0bc32edaf8c0e6ca449b2e8388b32b286e2d4f85266b0605fb99d1a647565c95ff7857bcab73662b7218719189d792514edca2b1d0cdcd9b6347e132ef4c323da24ad5afd5ed6f96d27b0f879288e962fa0baca3d5b72b5c70" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d57024a230b825b241c206f7b55e2114461ecc9b75353f12ac1d9ad7e7871481fe401c320f74afdb07f566ea500b0628":"":"":"":"e8930bd55a0a5a6d83a9b3b2cde7085c2ae467ea4a2e65ca303697d492ca878bcb801769eb1b7ec564586ec8b36d350e192c4fbf03a98be0ddecf56d465914ba353ed7734d19a680fc4593d9234c4ac8c23b7dfa1e26b013f590cca43b9fef126121b4842496b11dea3ef5e981cb357341f03f92a546a62609236ded6f7d814456acc0596d555cbdc02cbd47dae2caa1897831ea464225922c6600a8bb92e711653067f83b21e1df054309858948c11a1399736fc8391c5b0fc35629abfa5650" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"059ded79125b2d56d9d52bcc950bf608d1a2373515dafcc81efb6588005a5722d8f5f4181f9f2a316c93fdfbadf50e75":"":"":"":"db65d2000632c3d7009c227e99c210e5897f4d7edae608a242b5a4f17708613f8c19a4dd65d6bc3ca57737c9bfdcca068288eea49440af768d1fc977c32b065bb71aa3d8c4d77c9e8e8a6166f332a247978a6c41ed253a1b68ad934a3416b40344a681de28638f00b0a0ffb75514c3f62253372f809906043de35e4805b8e962e5eb957f04212835f802b2c0b3e76c7cf239c89adf31909cd6224d542d929f9b20a10ab99a7c631e4e6188fe2ba8f552c9c88fdadb528679fe950431641b8f37" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"4630406b475b1263b6078e93e5d4282205958d94eb97d1e66b429fb69ec9fccd0dd9982c338df935e929c42fab66adaf":"":"":"":"5d80ec072f550981bcaac6787c0488cc470406249ec80f4bf11050630227f8b5ac6b3b369db237d7c24a0980dffe8d3abd9b64fd4efa492349bd4eb6902edb94553546110227d7de5a864ddae8b9fed8de9f0df9c596e39de903fda323ee6f788831452eb9e49c5eef3e058b5bf84f61f735a93e042bb9e458df6b25f42a6eb8fb03d437cfab757fab4990c721a757eaa5e9048208abbcce6e52f177b20dcf52f1fa551a92b68bcdb01680855b8f79131266378cd1f0c2a4141c9675f01d1e48" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"6ea9c6f784f12a9707ceac8a7162ee5381dc893ee139f8f4b4d93db266829db4ae92bc52ff860d8ecdc9fc16bd070130":"":"":"":"234366f1591cfe244956f9496cdf446e0d390ba64beaa066945b1b4c5337dded2619dd2bd0133a5d612bab7c251ab79e3951cb134894c422553fc8cc7b3ccb29c20adbf52dda35af779142d7efc735342db2ee067649fda25f3e8a74f8e4f6620cf5a17cb943602609cafb85bdf482873efa4c74928cc0d69444b72aa6bc72694a3a21c6a721aa4e0fccab0a98aef375a37a3e8a15dccad13b6d70b3483581004642d879804aa00cba207b51affca43490bb98f67953265574366ec3829e67aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5c13056be92a7f71236fcfef460298acc8595dd474310727f5ccb9a7acb2254ac7226f86349e20e2aca737068ab0f2ce":"":"":"":"16d415eddefa4dc295a64adcbbcb8c6fe8c8f123c6b09dc08a56d723cff5978cc120fd0a68a2f4c202c220db372d3128ef52385d5786c12dfc6e60ecfc3461a09fa80453e2b1b6365eaeb4df602d192aacb25ab6b4a59689d4bf8d1c4c42a32779f62b06baca6461f154cf40901f5787c1aa2bf67cbfe7546ef5b2bdff20790d8c72d077d48c59c92d1af90a90ccfcdf643dd9d6cee0b1faf5f2f35cfd01d2077ced5e2d013ec1e09336dfab9d9e51ba9a3a2837306213bca2d79abf8dc3282c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"38f08a099fc2d405c32d1e0f867e5450d5ee0d53783c31de9ddeae46d962999da01f13a43320c715612cedb920cf12eb":"":"":"":"079ce7a5b540cae96c2883e95acde3039048a6c45a2d259cc648639e7205392d91fa3ee080e615f1e0741a0e536c9e05844651b93461bfc547fb452fec61f853e1bd6e08eabd0cf1c5f84f85eca9d42b53d1e5bae51be5fd35189e4f1c02b843c6361fccf4ca6648bf30a23ccb8ebc16fcf158746eb39cd96f19d46707c001e11c4e0e8ccbc89fec66c69fc92843b6bb2ee1cc7595b65ba89ccaccd6130a8417faf705e8e203e90ee64ae970c409389b5cd0ca80a4e40b642689741691b20621" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"0863c868c32442a1a64095a71ab6ae2f9e61c119b58dfa4f34efd26593bbbf68bc407904c43300452dd4e61df47fa98f":"":"":"":"585334828cf531828fc7127fee0c926f85b8e71e8522ea921296dc62b83a09a00397cd45e0664d0f26fa24edd3e3d8ecef8fdd77ab22431d4066f0efaf3882c97f179a7060efe9e8cba5d8145bebd502c0e09ee791231d539983c08860d7783edb58440d193ed82bc77c27723381a0da45bb1fc2a609f8b73b90446e39869a5af5038aff603b44db9771113927a5297fdc3450eaa228e313afe43c31b0a95b476c5ca312b4f589f809749481722cea9990c02b647976aa6c6f02ce1e5e6ea6df" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"a41ad223e41e2bb9c131ec945ca310600ab00c51f6e4fcddd803bd9ab9be8af5483373838894d32745a81ba9d6967751":"":"":"":"95ca31a7eeebdd2348cf1d43411d2c35faffdbcaed4052d50cf92f0e9d2e757686b72d631a56ca98b68215e7014cfed943abc1e13441c1d660f13adf2188d0975154e1b42a592a62a43b57f82cc21a428873a92fda83abe420efb5233140e4d6c7852cf81e85961fa5c606c5f33e06077f414b0f814cbbe50cc606bffbd474364e608825fdaaf5e74d862795539be8697e2ce05d71446881e3f65bb54ed95e941586988f6e0c34e1beef426696e9dbd9a214013d826a8c99a2a686d8402c583f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"62a26c1327c0ebf8b40691fb4c8f812e81f5474b0c7db70aa9424110fee3a05e41c0cf2e87210e34d0c6bffc269bf2ba":"":"":"":"6e20a00df1af37e6cc55e580ba21335111eb375395343618df7d630b9dc234496e3964cd45c5de34bda46a28964f6148704c30925feeaecae0574038434cd33c1dd943207a8dbdcd72dc9ecb76a25728b3c2a8ac13c1de3a126d7d43a46e12e0d0ca8991469e582b78ef6aa691b5a0e3e85cba7d7aea3c1e8e031674e85f5af36546eb2a0a28d4ffbaa316a9a6c944fce291cc0c235e8499882eb62b22b548ae07cf9430329e009f4443cb94f7a14e8661166b0d681dcec867205abed48145e9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"fd54cf77ed35022a3fd0dec88e58a207c8c069250066481388f12841d38ad98591f9c02a1d205cdbcdf4d93054fde5f5":"":"":"":"f6d5bf594f44a1c7c9954ae498fe993f67f4e67ef4e349509719b7fd597311f2c123889203d90f147a242cfa863c691dc74cfe7027de25860c67d8ecd06bcd22dfec34f6b6c838e5aab34d89624378fb5598b9f30add2e10bdc439dcb1535878cec90a7cf7251675ccfb9ee37932b1a07cd9b523c07eff45a5e14d888be830c5ab06dcd5032278bf9627ff20dbec322e84038bac3b46229425e954283c4e061383ffe9b0558c59b1ece2a167a4ee27dd59afeeb16b38fbdb3c415f34b1c83a75" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5e919d353357671566d2c6ab6e1acd46f47d0c878fe36114d7fea9fecb88a3a27efca9e3d1e1b09d7f16832f3af75141":"":"442f17cb3cb1482a19729bfd58f46f6ef16285554892c01b0718968d6e011082":"f9557c93eb841bfd7b5d4b71da928efcbe3f55e1870493ef90d16eb238380d65":"36902134f1989cfe7eb518a56c06aada98997d9bacd04aee21f879a57b515ca3b5e0c2d5fed05ca1a8b054e8c46b389d9d9186feb0abe8e2e60b3a267281cc5b4b7341116ced35a0e07bc2b0330bbfd8b07f07248fa6d8fc5c9df13445324162bdfa22a91ba71453ab123c92f91c70b8bd540b3b180b11ab45ae2c59e57c7c43dab7576594959a96eb502d182267c86576b1846ccee1a694cabdfb42e0c8214192efb502926fa3c27eed020b7cc8866a5af9d838a57e78bf7acd230e1f4d8361" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"7a5d1efc9b7043060cabd67de7fe22740bcd6a8ceb355d69f118829a2b3c92006a5633e613f8769c1114b1822ffb5408":"":"f2ad962d992434468681c644587639901ff74e2bbdd8761961ec34edc4a0c36d":"75aae0d1bca9484c89fc4de3d1b34275ef0656775f3f8c96f2bbc50401aaa718":"5ca21af4b399db38f8b74a406aace69f994691f2765bb9c47b240000152739e059b163cd007de5f28bba17e485fcf9ff6f41f76e93998510e302282cbdbde09fe8b1a96187e57c9a3df94e2e748f20026476ca682dfa890b478f7a21f4927f74f99aedd9ae782ba10fcda1dc34c31b4f784722e01cc4679737276f56df23c5bd8c6985797b83c0ccde2b4c7a65c652745de7fc8a235ad7ed0f456f1e7568b2dad475f0bc46f02a7f35c05cfef9d0e2c773ff895e291a2cfc2424b106096d8864" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"611586ee40cb3ca4a9238ce112a237449bba5422ac9b18ea53480875334d8fa026da9d96c4e87f94b2f9a7c261be3edb":"":"2f835c336a3aa0019b0bf940c24643bc8fca58c9cfa6509aa9241de9e0e1a046":"1911a59c5f2568860ae71e803688889dc44d14ffb0d93e324c39f32d95c1c3ea":"27bf42f50476d8a2cc23f455e9ef477cb8e9c90f2e97c8a483093ebf55b2aee02e0356cff919e2ec9811b42c73498a6c2b96aa5b761ef7e715cbf66ad2e3ff8a6c92419dbf2e653ce70a87b51e26d9f607eb25b45b91f947d0026a38977143c8bbd94076e663b9cee35505b48e453e7cca83e540975ae8a53f26390aa63aaf1e2669410cc83427eea09428776a2d520eebd170602c52dd491c98042018a0372a0b39cb565cbe5e474f927f91515a6a7444fdbe1d89d8ae2c2482a0deb8ff236d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"85b1e5da599efd4a20ffcefd4737fa3ea1d2b14be33861c2a4ac3ac2a49d3947b14cf18f4ff426cb6345f1a7653e9630":"":"cf5bbf98d8577077b0b84475dee0f0e9aa95eedd1d916507b5233b688bcc856c":"b333ec111e1e7d78c9ac916e420704832539d2db46aca3bdc4732e8ce72b5e80":"4773d32a9fba37acc6900f3ac70f6978ff1e40039d6e3286c264fb7fc59f1bfe0188c7979380c8922bdd0e363c8e09a49faef59ea85a9f0e400b94c74a8a50687e4e51e25266eabb86276f22628d0d2e19c5696cd221a9b80f94045d001ca4c20dc916ca0ff22c93a41fc822912dd7e247927fd45982e94d3d1fde77cbe78beecba830b753079326ae33274f13fb7cd875e85fb5e9e703e61cbd41bc4ad47d7b4d14afc873a39dd810ad8eed95adff8dce3adb7659b7c1d4e3f62403767940b4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"50f986f6efb413fba3e8e0beb84d4948c2db0661ab8e064d9fee8b3c2f0a910fc35d37512f88bdfcfde797a21a006e01":"":"37c7b08222ba63f2136bb28f5ec09b9a899b56371615be41bef49a0b640590e4":"4a1e34a5d60ca08e3e6c0f1b86547ba2d12fa293275e7d75f83a0b846daa48df":"e27738c6fae66125fcaf4e725a0881d5a450fb5b02a55057d6cb7babd91d502c4f4a8431a83352f47ea8e5fd7e815f5080d144318a1dcbc755e0b935785cd5397955da22e3ff633b34a64ac72b2e6b7c51e78ff553731e6e8da911d147a6e05b36b74898cac6d3171bc8650e445ffd19ede2aa8218be17671321c186465d852dd80d73290546b88ef7a978b41c4c549e9c7fc6ef86e47084778fb5aed5d41e794ee0e700b77c0314a307b10df69daba605f3fdbe2dec708ba0b20d6b650befbd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"641dbcbf99b61437c2bf65a13dc3e0324eb940335da123870d9429636dfc82979d0cc913c73e8a6321fc3eb9e973c0aa":"":"72580c11a87ce6b4207908aaf5bcaaa1bd217fce3e8bc0726568c64639b70767":"cf9f4527e074b72be735558dcaa1fc82f26ae286bf944b49649f769bf6faf49f":"345395723d048c2270c0eac990498689bcb862a4996e82995b4e7169e671eb03bb2242c4669c874c1aeaffec58aa653c7d7431abd1650f0cbce8cf5db8316693f3ed501fd9b48c1a44b34f7878aa386d65afc31f94f908a322b03d06c2a1074a03bd2b579cafb0f7cee6d6934588ae1ce9e4ed37b03737c553ca19af4b46b5e43767cee2e459ab91407df6cfd13a6f186abdb148b85a5f49bf92ac6674fb055c7fe123e9355a0d33de281c03a56f91891dd496dabfd6eaa6fff6c9cfb4e67c44" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"b9c305ada943a64a2b00494e869f9a640173eb1c2518dd9be93abc3c93c7e6b5bd0627a199d15f77b188824df00d5997":"":"ffc6760f9af02d35666275c074eda03f53dbcb5690580bb25768a6566b328dfb":"f26f436a820ef71597b75134b8d9dca6e9a6afd9b429222a4c9c878f3b92716e":"e5413a234859511cd837312bb31aac4d31962c5f7f27aec47417f367ca99b8400a4287e60412fc356cb40d96ddf5cb801285ebca42b2f6fe4a711451c1574174c58dccb2cd3342b7092a196ac7d2881a08e7f5de939ccc8f4eedc8f867c81aa88655d96ae50f618279d5009ba2ac4b1df4e63030cc0ec3541b6a94bd9a2ae5d1fcf4d847114a783c997a7c6b9d549010bf7b649abef692cdea3aa8ada14574e0f78b7fcbe17b587ac14980e40264d6de030e429586593d5ce3ae571f95454dcf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"9875dbf59b760eab9998bf3341847910526d10071dc179f96081dd793a6001936881e7f39075cd382293a1aaa8c845d2":"":"1196583a99afe1d377b344585c8252a0690704b8f7a2b7582387ec91a60fd7e4":"20147a88e0f9f1e8caa8cb14488c9b5c38e5520a36ae913b4703d15af27218dd":"c808f6f296683d26208359a766fe61bc70ee8b6ed9ffb94ce269578fb5568fe2358d603638324b63b29bb36ae71a542e38ee69a2b93ad7e4a887a27a2852cdcd541a5fa6d0c8b087aa1185bd5788256e7d95c2aa2d5c11407b7bf762f416b01d8e747c45298f875200a2e67679d6d5ff7a7c0e50a010690b1920df1baf0afcfaee7ab0862004e23b5aa1ff47b8273d503bd74a54e7b39ac7e6d6fb0a594d30531cab8a67b22783470a65f24faba1c231b3ba45efae9f0be04e2338529cfec008" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ac92a6c791aba0406d6ea8255c3c0901eb711a424501c2c2c847076d78bdcfc3266b7c3bc578c7501daac6dda8366d4f":"":"13379a77d84a0c4cec95e62ac4c8a98ceede0d89b8bd317352a95300963415ed":"04d47ec89a3e1b7f22580167331225a00ff258da72446241a6c09c517ee4d48c":"c2e6528584c6dbec436ffec4075fd3aebe953fdc0b46b4b225a3c2886e60d21879e6ccce3746d881f6d80e33876afad439ab9f68fcc458492de12811fbd57ac49d868754da19279b4c0a38979201a588884def5677392dec97cafc94bccf8914d9f78575711bb6f2adf4116db91c8b54e36e9ac2f5e01caebd300acd7bd45eada69d20f1b4139013a8a614069315a1c99137a6f23e38f91c210e0c156c6fb498056e823dc41a05348ab43c2f6f4ce188d4e05a13d38f8025731ac1670949a040" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"63954ac7a0f989a458d2b4a6b7013dd66683624584b545060bd03a57b92822ef422764bbbc35fa5d40d34145afe44bec":"":"7b25d875dfb03333cc27b9d4286d00a85ea5921f4b8a4717b957349eb3509053":"8b70d28c5c80086c0cbbd01337ad45297af271d4bafc764b0fc5705700cd419d":"297752e61c4ebc4e1c68391335e2cdb49b0f19dafe359e451f8158fb7958d32a98455a852002d8f05169f438816ae6fccba1eae4d1fdd7a1176b04831d7ce892f711ec825062ea1c6b12144bbd3a0aca7f92520ebb87ac6045d2ac3a4a74fa559926f0daceb59d44fdb39f5fc3b877f34241531e863c153286f3f1b2ba2db4e2c8e2344be40c2a7a8cd01daf168696ce19f83ddb64d50e2313e78c5dfcf077f25e5b4d6f687279119ce856d4131a63ad133cedd020881939bf70f82eabfe46db" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d0944e0a3f3604a588271c8eb65913ad9b07ee2b29620f8106ca70ec10aeb896bc9b2b519c77fec5fc419e953ceb0be5":"":"d58593f2488f0a292ab552dac006c94b20ff500dd57af32be808921a5ee251c1":"ea9e579c9dca67f07ffd67d2483ec1fac3d2ec22fefff73c7ac9f125888d7a4b":"ae736da6632a7d8bdcc9e279cb7d3f9101a8f7dddeff253277d1d99b45c76a1a5c193334e912c3dfdff1bc389b209c3b29359a4ca53765a1e40cb900c6055d8a285cf63ebec79b46019efe95d5199f215f11961f3319d225bf3d60734fbfbf3593ab105cec2a17e308af469b3220ef7f055675396d289e6f4f8009881c8a2b4e9de88d53ad13e8bed8b38be6d8988f615b4590fde3d91caf50a86eac3fbf29924743145803978d261132b5975a9f108499250314e098e57c56e2f9327307cff8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"1ef53464bc7a441227a27ea7b5c558dbb3f509aaf880213cdef7e8f6a1d287c173cd5b3148d46c48c83c5cad3ccc1f50":"":"b052a66992fd8a8cb02c593edfe4766fcbcd3505af29d698e1f4db398acf717d":"37333448311c2c6edee19aadb8f1036cb60cff2a945c1a0ea087713bff31e915":"4ea7054659cae1cc178ef431aebb64c2c8dda3a965ea940a84c00d9790e2e3a33521395cc4d49038994aa4c7dcaf0b52b44375d93b625ac2281991a85a5acebf3de552355e17b3528faf39d392fed981400f28540f5ca64a4d2eeb952c88856c8f7388a49611810941b46b1000ee4a8aaaadcd39944c4abca9110fd6580093f9303f86a6e129d56b5aeff5422c2261af33523cc6a174e0782e13a026c003c17430b8371bbfc3d51c3e06fbdc30769a278b109238bbe383cd5523053fe589b72e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"14148d69d583d4c1758c307e0eb0b762511165823fc54096f9da5513e87df53b96a7be8d31b8a38f24a82d846b0e13ef":"":"e05f81f6402c52dff5c221a2f191155bb56abe160ce7dc8a6bedfa029195a612":"214777e3faee7d953b5c796675e106d50cdc12836b3114d14447ae91cea3c1db":"eb0497b32af8a91ed3959c31b079b8cc5c39db3100913332fffbb6b1d5ebbcdc97d6e67c934f3336197c9b730d80995a7d7445e36cf3047cab22895f244cac803eabd001eb1ff5d5645a803c41ea6dde6c972b47de0372ce901667d03e2e02aa0a5aea809e0bdc7430440365908418ce6066c24191ace05d6a797ef9b94409989cacbb9d9ec31f3cf0112b72e1420b47e0c184a8aacc214d55a0d5e0869d09303e4014de0430c07380006ea75984e6c32b06067d7d7b931e2b74666b4b569f71" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"27d47020acc3a80a55149fa0ef43f684843ba89fda4bff1c29d20baa2b21956780569b7fa0c4078d9ff71a3790f1be3f":"":"c03ea0b88e2f9b53f902b22746bf4dde09439c190a7a638e3cb990d86739dbed":"3ef05e71487cdbc209b5ab6e808e55f0a93bcc02df766b01c1c1ae5875b1023e":"3ee49e2a58d800d922cfb66284da84bbb5944c85f194d95f1156b673392132a430e47ae74f1ed7c1d0e632d8cb604c88777437d8f37e7d0428b834555a96800540bf5bce6f430328fd328baf4b22b7f8e663c1d8583bc0119248588840510e11203cf47dfc4f6cdf8344170a341fbb7d93999ba86be3fb94d9c03922fd3d75e3fd5b42365aa62606e352676b2a0c51fb030d8d5605e8ac6bac2b4f8417d8e060148e3d4ba67b31e5e704d866bc87741ba877d12b10e8a9b37f3feca908fe1fc4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"88b6550d49182ca7321d8015f780121223a93343dabaf21978ee2818e7bce6591d32b48eb4642069adcaa5986224e6d3":"":"809639f48ebf6756a530e1b6aad2036082b07b13ed3c13e80dc2b6ea56e70a04":"3395902e0004e584123bb6926f89954a5d03cc13c3c3e3b70fd0cbe975c339a7":"4a5a29bf725c8240ae6558641a6b8f2e584db031ef158124c4d1041fe56988fdaee91ca13925fee6d5e5748b26cc0275d45ef35abb56ad12e65aa6fe1d28a198f5aa7938fca4794c1a35f9a60a37c7360baf860efd20398c72a36b3c4805c67a185e2f099f034b80d04008c54d6a6e7ec727b1cace12e0119c171a02515ab18ea3d0a3463622dd88027b40567be96e5c301469b47d83f5a2056d1dc9341e0de101d6d5f1b78c61cc4a6bfd6f9184ebde7a97ccf53d393f26fd2afcae5ebedb7e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"2cd968bacda2bc314d2fb41fe43354fb761134eb19eec60431e2f36755b85126e3dedf2af9382a1e652143e952212d39":"59fa8235108821accbd3c14eaf76856d6a07f43383db4cc6038040b18810d53c":"":"":"06051ce6b2f1c34378e08caf8fe836201ff7ec2db8fc5a2519add2524d90470194b247af3a34a673298e57070b256f59fd098632768e2d55137d6c17b1a53fe45d6ed0e31d49e64820db145014e2f038b69b7220e042a8efc98985706ab9635451230a128aee801d4e3718ff59511c3f3ff1b20f109774a8ddc1fadf41afcc13d40096d997948857a894d0ef8b3235c3213ba85c50c2f3d61b0d104eccfcf36c35fe5e49e7602cb1533de12f0bec613a0ed9633821957e5b7cb32f60b7c02fa4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"023f5673dac29f62245510d0a866629c43c64bf35a0bad30f1270050876cfb1ce80b615a5a47ecb51217a46079e11fd3":"a6f797b155d6da01f5d155cb7291442e1b82d4190e93e279fe5b4aaa7d04ecc0":"":"":"507b824443af5db28f746229e03ab00c73cc3ee4956aa14b33eda00dd2b9b645c132dab7dcdbc659c8ba0e1a3575fe7dbc7cf9691f9b714acb1b33bef96943003c992f661e04fe9e8b9f648f4af9a58a45b08b8fa7fa3704e6bdc289abbe14a8c7e1747a52ac916c31ed079de0b900672e658a201279824d0d75ae35dbdd43aeab915653765d83e46f347fcb4fe3321fc28abd2d0d26a662661582ce21b6dc4ea6d1b236e9692a83c8ba0fb299157b80623ad4f448d25d57f537b10e5e30f80b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"96b5bc16ce0d101b90d54da6c4b3d85a70ee19d54cf4cde3d048afb5f758a6b52ea2c10c16feb71cedfab9bfa9e462f8":"2ff415e2432d2e6c4279910a5e56c0f5354a5af0099132d891943b4a8901ca6c":"":"":"ecebe717afe6dc08dbff3ed626bb06de0f9784283b70e378dec19d4fbb50e61b7be48ceb69851b2bb94641aec5027d53d314a96500a9bbb38a87c9aa42ebeb96a23cf29a0fbd5e48b399daa1b24dbdc85223f24b7d77332bb1a137ec709d27c008c709696cbe44bb2fc19fb10a2fad4ffd8a9d89492a939f2268d1557f44b6a64e2a57887830fd8bca1b6306aaedbd7f3f476b827995a1ed121388497edc7e639c87d092f6591a45b5647c6c091c15ed39f594b7fc4ae92331f96dd8e17be970" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"364a833a283a3e0b8a5b681daa50df96d806d4b54828f2b016de5d88597e6287d98cba8fda464d21aa1cfb7b26b9b226":"35b0e7534014dc2d7eb0f20ff78a69d5548d0a64122d4936a6ed177fb3ec66a6":"":"":"df4c799cae37173a81c545d019ffa336ef2c039a5865af425e5b60bc3d7202f4bc1aac5a84022bf4088061abd5c39d0fb047ba80163eb5dc8b9dd515948f16915832c6f76b45acc25b9c01e7f70955c0eb51bf50f00b24bb8e7ff53bd7c051b53d8b1a837a17a00355d7eb21e43b2b5b249dadced37d06e7047c2fd12012705a59d051afd26245ce3a59acb4b996b718c7dc1ae964bf12b1db02fd6c06ac2fec6ee5deb02c2c830110e9bbbd3c778a136b646ce2a0738563555a89409c56b81e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"bb4d38c775acdeed663256abb747ec25182bc16efd0de02cb4b05e4ad4749c92be6f1e856e423a8f3bfb0c0f27ad8210":"21591e796b7e68e7913fefbef4872af9c062f21c8023c0dbf47e040c3aed3733":"":"":"12575776e1b9f54b0fbc39e85a77b6912160bace4f1e9f049e3a1c5bcb452cf9be42ea10c028c3cc249401ac236dd3baa53ff327735435f4869d3289bc9465ccf15f826e4e4fff099986bdde0d09bd12e3caddcf452eed6ca1206ae4561b84770a9cc6e962567304ef79d8d3608529a3b5e4067fa83c8c35a06f1855da5f5ea7eb106e4c60181d12ba00cfbf7eac60bda00571d95c45c9d75c43b42e27a238aa5e0f02bbd96cde59a2e572934a99d05c399ffdf15c65f173748734c51999a29e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"f9d041d24158f480600c3747cbfd868c3f7e9ac7f74b3760eae5320839e4f5130f8477d88b1d914c0d8b375d089a4c83":"b148049f4093f0032c7f105dae219aa9e3f70487ce3a6b6ecd99429f66be5406":"":"":"84c58bf473061da92fa8d56aab3a75598428f18dca504191a51746eb5fcad8f784eafac5ea81d636d579e330baf7db95c8d706432e9f585e84da090c0eb40dcd819bf10e0d5b8600150d186f732af50b431c596c920eca742e6555129fdf5df96b44005083d7a33087b150d63529bee4b6e1ed4189ae2d93cee8dc671d47c0e74ba04218dfe273484a4bb59a57743ea56843d516ff2c72ef9841996d31b0d6c5beef367a6b44cc84cf4d403a06b40406e4c9f47da401e3cf31412694e6164dcb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c18f511ffc3479a59357c17c2fb3d1e0e6f0edda4c8b567f2413323c2037f2fd140fb0cf33eb59526d8c0dbd216939b5":"7387aa3b0b3d92afb29761d3d5ea16e32a68297b9ea6751e1d54c8612f6351c1":"":"":"949bf03868563c7d1498c69c327686682656374b2efdef6342e69a388229c580ca2217a9332d3ae77c2d1223f5dedf4b34ec50b79d5baa7283168ed7cbe71c6c3c9193bbe01b76e011c39d2d462017c2c74b7e698fa2140e16886a9ec0fc6c36decbae37537638ccf17777f1cfa49d2c2c7ba3aadd0a1565d61942de94aa6fa16ecafc2dafabc9082f23e75a0e2f8f79d1c0a15ce57fef7655f1a4fc6fc4d4a694bf6ca9e333959f35ad354524f614905c6a52ef8f524cdf01c5fadadf207772" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"6b09295110384eb56726f61474bdc532fdace31ceadb5fc23d587356cfac74338ab6f9d89394b907edb646650865a3fc":"7cafcb4db31ab411c396015b8bbbc990607e08bd1cef3337dfa0e295ae024f9e":"":"":"e51bc5b3a6bb2a2667f5d62c2ff9902dd07b566870b4c14242627da7581449ec985739cdc2bb5ef036033fa798112ce20df06d46d61aad7121b8282fe7556bdd363cdabbf47184e55edd85ee0b7b0be17b9a7f822f4d8906465b525c16385d0899b6c27728ff2a600870aef65f58f9d3777e8987d86e59fdb69cd232e7289fc75cf2174304137f988a17b60c57af84cd8e556aaad458f511fc0b3009516435c0c60098f35fb6a4a90d90bc6071d38000703ef57cbc19d6b78a0f797f3ba044c9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ec6d0f68240f5c47e822d9088364c6cd03ca53808162b4f06f5956da65290946f4d26653d079e50604f836c1d798243d":"b40b5737cc76c5f6d1df0f13bfbac7e26f92aa933125705b6197d9bedb11f2e1":"":"":"207833cf65599e1406ddaf3452f060c872099cbf7483f1f7f14033490f7258ca5fd7f5339f914498b6e61fa426cb872c880a9fda9b8ba590cd8006b990af7ad412f60c8b2ad969c2f9cb0e9d005943d4dd2dd7af9699046ce89d6405597716d43b9ad54641c2278b04b2bcc5b8ecbcd5e2044e4e6ec5a628605fcbd67249e813bb769d7df01b60404d030e69e9672b4fdeddf82a22042b83ca036578b69f9a0ad9702bcf95fe846705b49b0a0795dfbc4f671e0158ded6242bd8f8fbc2410c46" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"df59ac224e4ba1b6dff348f17bcf9c5a94a3235a54f2799a6cae29d8654b79d18b09b444a28a7d537e1a2bc89e95abd8":"14a0a91e0cfd63ef5fcbe2e8c7a44bcf5769c9f95b6c50bbe9d3b48b82a09053":"":"":"656438e7738d441b9ac116361e9f26adc0e303da7889cf559841b3e44127318edd356051bd0b3ecea78feb2b928227921a0c183c9f56bfd11ef31b28da6c78f3891d8ae1804bc158fa56e8b7a1a46be4954de493ef65a7f9beb46949a323a04e944034db30b19cebd8b70bfc155882ddfaca1bd5acb981c2c1b3e0862c6234d13093ddbcdff15129d586fc24ea2fd20946fe45b467bbbc77a6b6973eb6ea02994607c657eec29e4c4b3915cb730db056babf1779127047b401e25f97f606063b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"8da1ad6810c1d6b7ead210e48f51c370d4520547a330a4d591e61a9847aa043463f69d1b237999fda9b5697f1e7aaa07":"291c536dac72409e31e71cafb1b5f55c14421b2c7a44d792cfdc663dc8f62692":"":"":"c2bff571554c26bbd4442fbb3b0f8eb4db09840337658a7425613e0fd4f96e60da39b250c3a77379a53325a56ec02248c4d67fb9154e3b0eb8972a3109aed531eccc027705b267d2b9c037da79860d76e5e980b5b30b7ea588fa221d24d973f6d4c625de65123e91613a1528cdee59993aa827f319a759412f20aad6c50fa79a3debeb346ad92809470daf228cf344e09f03c839a28d580a2b3d7050685ef51e95649aba7228a2f0c82a2dfd89cae6ce549e8b27fd46f02feb473645765018ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5e8d6571f514519de6c4c0a7cc5b85df616735b8dd09c3bed2377499aaabb296a9b2c94642da10e8fa737cdfb3129334":"6ae29c71b76fc48f14a3d731a0f6f276f73e7672eff631dbb1d22b06463bb236":"":"":"5cadc1264314fb4bc7ed7fa74bfa16aefa624bf2fd60c992d0cba10429c56e0028ebb430b1a1c6662a9b3c7f6de244ca000ae63db9570f1aa3e7ffb1e97a9d848021d8e632fedc037712a29abec4063b9d57c60738f0af0b1aab3844b03f7aacc65d38bec91a11b7c3bf8d970f01e00fed9dbbe9e2e499a21c72a7c5a22864125133ecb073a4c9f6d9fd46024f5c1ee7fa447209afa6ccef1f97ae77ca67fca5959dde209d2597f87af6e154408579cec42c69fa9b7cc075ee3e37ee3d91ad9f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5c9481b2642855fac8931eccd1bd6c5a05b560a55f96d37e865f057a95812d81fe65c84c96a990eb7a302b58de723cb4":"b6a61b9a31207363d62c0b88f1632290f4f18feb41a6dedb85b7450ff9157016":"":"":"9cc77b68e1ac23fdd2e2a6ff697053f816bb48b39b1162f7aa3fdd2dd1867f68b13980c9e5989d4631b7983248501731326bd7bf6e967b3dee7d2d5625d3cc2e198623af9f77f86103491ebb4aefda5c333b51557b8f643e6d6c593fd7e27e4bccca13140f6129cbd024de076e4688567fd7e41dc7b2bd0bd9b3e966d5d3c461502221b52b001a4d2102894da04172efb900171a0eabab1fd134217580cfc33a0a94edc0bc132af91d048c6f5ea4e34ebc9686a99f81d19118ba4da63ae3df7a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c43f883d0adc2b56984d4a497a8ad76813a01df5a0ba22b53144763b65c7bf3f6f722e4ceac59966a6e44ed898e6109b":"769bace2c263edb87101743673724ef67a935e1ae9cace87202b6015d20fd9ca":"":"":"ce61480953190453247d091838dd80117f7f85a7e9a1237c92edf10cfa26b423735788b1e89f33625480d9faae57112ee62c8e4840475a6a738018ad3fd4a77efdd8f15ffb621c429419b6adb20431fd35f9d62fb33d500b87beac4856aa4971eb89710576b609ecfe758f3682dd316e7ee9d6560b444c2446656c8941dca7d6eaa70fdf8a70f18386ee5d4c86738bc261c0e8e5f509dabffd0425a86858ea3c71de5be98570dabd80a37b4f7f954002727c0b712e58693603c23130a45e98df" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d083f7f8c65374627ddb51582b3a39e2bf074508d5f28ecce25787f386058de8afafaf2ad7e6449308e176be01edbc59":"ddb4ced192f52bdfa17aa82391f57142ac50e77f428fa191e298c23899611aad":"":"":"b978826b890ce8a264bf1ad1c486aaf5a80aa407428c0201dd047fa1b26e9ea9ff25a9149215b04c2f32b65e007e0059a8efe11481926925061c748678835c0066f596352123f0b883e0c6ab027da2486244da5e6033953af9e41eec02f15bebdb4e1215d964905e67c9e3945ec8177b8c4869efc70a165719b8e1f153c41744d44d3c56a15822d522e69bd277c0c0435fa93e5e1bc49bc9d02aee058a01a04580a6cad821e9f85cf764fc70dfae494cbfa924eab0eff7842e3541bc29156f6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c2feb900032f2cca98d3f60536f563d8ac9af5fb2e90dba36c371c0a1c58cf5e4a60f2be0fa13b8266b715be8aad128c":"8e6f9be0c692648072d19c750804b10e2ec313c8013abd363de7a467787859f2":"72f54ba3f8e71ad69a040bb8493283acfc8815f17dbcea220ecd68372a2dffae":"adce8157ef60482841dd2ac5ac512bf7649120c1dba81ea75f2a70b7512bb6f3":"e76e4326ac69ddbc6b2408c529b05a96425c65cc65671601191238e9434d2a0147f3a25ce9b6818774f5263c92459bca421d2b492f9a9c2971359baaa1426d6e2c36d8924f39d02ee2fb5502c4e0b206dbe9aeeacd508abe6c055d547b5f9f35de4fdc9c05a2c63ad699a3a7e265598b8f40a8a295d7376b88c49af9edc790b8a5ee221e19877616678e2a5135d7b3756109200439d9ec8bfe0cc5f3c334ca9c022ab9192d5d554dc7ae76af1dc06d814427f46a7cfa2dcc62f4777d07ebde7d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ad500edbe28b9a4338b55451b81c652797eb48fba753c186ce0aa9ad02a84ea2c995b7ade6de0fb4ec97bcbd61b711d5":"5770c41832a4cdc4039a8c332a4b45e7a7b2dabb678ccd2e56452aabeab14925":"d8d5516d158b41cb9d66566b88064900af78183f765f2f72a19548fb797377b2":"60a3a01a72e6b3f33a0c236db08237e7d656bdf4bab1db57ae23b7305569dea5":"c5ac3df66bc664e8bf84c758c7926992f0e8a03cd3f3f5fb8277c85b4da526601e8131f9d205f35594e101a86fb83ccf4c1e98c8e609062256701ff2132e337cb7287f0ee2e8fe3ef11ae703d7efe52e63cf89119ced05950c55aae6c822b6b0a8e1b91b537e5bb2de165a4b5b43a1c41fbfd65fff9bc5329d303caca84f5d1fc6acacee622623ed5dde36aeda0816749557c924d6ed26cd80e456fd0ae2146477ccb63a203fe16ac1d0eb2d12b6a2cabb21d412422e95f2df8ccdc23b4ef0dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"51a29bac53961792077e88ed3603d33bd1f51b3fdb2b5cd1ea131c6f643af65de81eb2e260396d2a69b4184c4eb98a15":"72e5285b92c4ea4458e8a2159687cd46e7df9c1f4513d8b72cc88be41c2e1522":"16a69f7aee34c567595f3d362ccbdbb7b9e9372c4b1729fbb80d9a089eee31a4":"825197262a43f6523182f0a91005d70b17d81c2bb692edfd02ab988130c7d5b9":"f63f531c242a295d7796c3b4844fc74821af5a53e0e7ae822cd8a7f9de91e6164164f3448fd7d18feafb97c9500e0625d501dcb3927e6fb39ef65dd9586d157076436452bd3066cb30d1f47dc0a3ffa5f2e9ab4e183018b40a82b39b0d170aa21b05600eefea906838b95456e04cf046808030a56951d2502c5eb6271228905ed08549bb171d6c0408d88250785f42e349ce1d9e74a6cd0360a008ec804e7ecdcb4d1fe24aa5a18cbb65f4de1619a29c6062b409a386ea6f43e60adb9ea3dd28" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"b30ff9c6e5b6bd258f1cea0fd5ef9adb81fbec233ff2fab01e79b7422878b2e950604e10ab80ddceb9d2b968d0d37ba9":"e8acd4b380aace0b27572057eaa947e10e6b49516140139c74a1d4f472221dac":"1d2ded0003521e2ba6a4a3e732e0949c1d858fdf0925fedd9cfd7f603e0e692a":"688ac5e7b4400d962c106fd2ce712a1cda6a0b8ac5196ad727f9b882329a3d5a":"c5208fec1d67517311a42bec07782ceb247e9c818e4f5f3bd160c9e53d462b61884feb278cdc8f64e22f59d27dfa98d3a90da8c7c5ba28ca40bd0d18934595a376553d1a8a19de07a83e2e9db42748c982cbcbf4a975c20084ea9cc6c6a41b571faf66b364e4b7e4d32efc80c30b219da1c02a1ea02f6922adbc31a057f999605a2d827f10907835c2bdde4157d7bf2906a0ad27bb72f113c6ec4f23631a2b8517bbce91b560d90d73fbf0699bab21da23e27cfec513bb5e375f50108197d664" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"56715dcbaa4f5bdbd157bdd950d1c1b46c1f4f8d7818ab321d72c0ff3c0a928064b0439f7bf021dcdc7febf2126e5432":"cd5547991b525f7795e075a59af1701375175bd760db99d316b91463f87f7f3c":"b2e4f02f1c14866f538eddab402356ff3b405abbb9154e88b98483a83be70f7c":"b8db321ab30285eee7f9e377ad62def6caada447d00a4ec882081daafe2ec009":"7ed8c2be58e3553eb65508377d63d7f24518d1a7235dd4c740bd987dd8bc1c1e3ca97a69a37dc9a270ad88989e4868e6cf8e4cf01703c0b1eb6aed8c3f8af431d819e68b6947ae134d360d87e33668cdef0e45e11f5cd79329ff95ed00e4a6952750f1574f489394b5fde3c6f07311a1e5d9c4e070a0943ef9d4a130a9e4b0a80c256e96ca5042961766874898ea0f772b78d1a33e866351a4eb425b822b5ad596cf249bce8ccd6dafb334b71a503fce2c8fa3fbac9943910ce5ff02ebbedde8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"1c60a31760019e6a571e2987e57e19adbc1accf3edd44e501061cbec331b197eb68d0fa8fa5e3071d6f8b7c9c0a3c35d":"d4d84dc7311096791dd9c9d7f2cd291071f877afd86b9644427482d09ac9df64":"6473f4430398d7e5a2d218bd05e6aedac1e317269df3e4705d56c22d6e7abb0f":"379649b56a46399b9ab5f3880e1a73993a58cf52821d3cac87890aa0e6322a94":"d34152fa12fa341d0326a525aa838558630013857747f02634d24e9deec2da12f52fb405e7f1b973dc2d982d26eb2ddb4b49c35a9308b06809171dc990a4248e6da0c329a259f495247b9fa8c73af06604db7b629168e34081696a043977dd29a3c0362d5895f9aac24bcba58dd74078ef6f8d33eac864f2e6cdc479da3d224bad8099d011e914b6ccc3631a7369586e18c71a4087de0d47a7c29a09c12438c7de2d4b47768f47685b742c25b860e716c31e2afe4ce6d92bc2fb9f34400602f9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"eeccce7f7edc52f0e2559250be36526cd1839151a77c59d527f66fa24ea4d86b3fb298c8d72b6a0a8e191b60259d1fc1":"26d35895723ba3d431991a0e6fb2154ae5bff7e58609c926ee3269afc5cd631f":"227b9a71a6c17ecbf627161fc627f8f6f1a28ce39772b7a3d36064e2cc6dc4d5":"eb59f780c5a955e1355dfe15cc4a4e90a6ec75584e63bd0de734399f47b95070":"78ac77657dc56b23e617a9b38168da945c1cf52b6062c2b10f1d7a3814d9b9efa5545da050b0db5a65a2d2d2e02fa12e97eb970fa8e83c524bc809d675e0db35c9762323f327f1edb9b534ce16d02519750b41ebe51f747e9da43fd1afc60e46c7aba72e15cc7a22fad19ed55189f287a14737483eb6b32d966c3e3969d8198f01f2ed841f20d7d2e156d6285a29e07f6d7fff42bd575806c4092522b03e0d1b8df0cc88f5b82d24a7fd0feff6ada03a60ef2541a4ab041a49aa973c7163bf94" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"86f8104a081c9565dea5652f20145a068dadff125debf818262d8931cec6ba937fd5b51affcebee952fb67f29f197267":"c7ba5ff828855e6e78fa1732d63aac1f49701ff7ac1f3506e97941f998b4e9d2":"6917bca15db53a5359e5c4d30ab4d37fc6a1bc660faaf2e74864cb4aa52e0e02":"eea8db0cfc04f8de14d6053442b5b4f8733f822df4be5966a0de8b0f7d2036f6":"562b8b2fa3bb15cfc3f7e57f309e31b13c790c928ad6b32a005f5431c28576c5706c4ac0dc2c7a4435bebfa06571278f485932bd94382efcf727b300b230da9b9e9f377d2659ac75dd8247351d5ed8185effa0f255a2a2136e63717e0265d561a34c75ecee1c774c25e33fd938696825686acf9a419c1da3fa1ce8f695e231087aa0927dde6ab487dc61291ad4700c5c608fab1a418f6b30ff97b8b8f01ef8164287849a77b21be5d11d82d0c19056e07d59a30f6c576705c6cedcb9f22d3a8f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"0db6f73ab6d31ddf8f78d76961310d68f081c9e6d5985e1883978c2dec48d9f58875ab658b3a8b795bf464af9470a90c":"d886936ad36549a10b5dc5d6e21203abd75ad63f826794b4adaad45a70424c5f":"76993d3bcc32546430efa30e3b30acc34c7672b6e18c7e2e9a1f1cc26f7f7a22":"54c72cf3457e6f5f6b35dc14167fee9383c44c867f233ec9d81f187bce438c0f":"c3523894d273c85d605d39f5b89e3388afad8c20787897b903d8db7e3de7590340174be3abd7598daba7806ab934e0feca02bbe66282d469ec01476bad5ccba59fc14cd9549bf4af49641f4326b1052b179c89194d21bec0501c97ef2c24aaf045fd348b765910fe92c0039612e37baad2445b57d9db6c1e550adf6688a79b117f6b7a37e0209d89f194a1bfe1ff2e3b28f0454b383af8872f32322bd5313a3c9ca48d33eab7c3807bb98f8f402c43b99b2176f0b33be08c7e84c86b26e971ab" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"3b1ffbfae6ec54a175a80a33c8768fb60f2af9ee2b8620c4e800a17fb9241ae47f77da414f67b5d7b24dd100355d2afb":"0d50cf61e2020a909ba6e36ba4d0a394579d3e4377cd4bf0068967e8d0fe7a78":"5d4efb3f6e6503c5d85a1c43398d0441ce8aefafaabe2f6d86988a24e033f502":"cfb6156a1b139abf21c73001240997ee1a8cad91a4bd777c0372c1e8fcfd3fac":"d3ef776c8d77fcc5e947bf53e0be11777e69c7dce138f24c1a3212d1b6b932580371479b7619fc82f029d92969628f810b54a8fdab8eba799e750945f3545f6a96226bc760ad736101516efff5d8581f5864b38c29885d39843a4adca17046e1e388c890542988797b576da64804eb4101638328d3f8bfa398ffaf83cb7290a2cfd39ead13290ae773a8958b33914ca02c8ff6a069aa25ac8b36f6f0f1dcd8f1c5fc838083a64ae7ae11b85be3a9fa80ed83949b622002e91776273fa32d6cfd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"19767ce1f18aea366539642fad400a03a675b2f3c0b1cfd49925e535b2c2779043c5a1c57ef550acae733729516aa62e":"6bfa882c1e895eeffbb85578182653c022a4703091529780c075cd482809b990":"11236df1dca3de6e3e3a57d2741d1b77f15f45b05beb47cc500100b31188a42d":"98708a88fafae56c4f6fa780c6c0e33ca8f2592983b5ae607146cd6e92204416":"b6514a3779dcef2c9ea0ed7ddfa808d045c5907314c358302ca32b2055987a38ef601637cdcf77b1b8f7eac479f8f18972013c2e1a6dfe612e8a586dc529ece486505534c0ff3dc0b2049a0e46d7ac504a1fdfaa9b08d9fa017c5803415fa391ba7eeb576fd6ddba4404feb46e7cde56e090dd280be5edba7d6df9c5ba7d3454bcbd4d443b08fb51a117c1d5916f225dcd6c1c3fe2b2880f4d42962befe3ab76bdc086e29381dd985206e3e00ce722c9c040af5ff4cd4a8183b446d91b310845" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"f63292bab50668eb14b83975422a0c853fe55714a9edf9d8a817ba0b2f26ec40063a86ee3c79c694273342a02f68ecd0":"3c525956838e26b77b8cfc37f024ec398ed825076dbb749cf49a7d868c201e6d":"d9a41b47c3bf8743099dc8fd228f77dff01ae304761eaf57d751e11cf094bef1":"b790c37dbda20fbeafe9d1339a1151144253bdfbffe17ba87240eae49c606bf3":"3586b63315020b3ba1121314a0fa6c66d57de0ec44abeef7b7325e960832b7944cb0a81a747ee5c5d3163001536d3e5ad2ec869b0e5ceb14aee2e6915073619528c1421b59b80254dfc3cab0584898b0bca72c76ae25f52b7405b9dad38cb2b841e1d6a34fc5b277129db49928b2f6c0dd22900ee786ec128164ed12eb324b502499f1c5c89be2101901476b39c56034cc293e320e63a3e019186d4eaf9a098136e8c0ce7f6326f84ec95992dde2585ad3945a9534aa2954b8c15a48e3324d76" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"3df74683f298ba48648714e384989145c1b84246736dc275636809d64c75ff603056e703c435eacf21c0bb152d9fc2a0":"371217ca2337db03c4d06714624fa11f90d5dc575bdbe12a457c610be066dc2b":"f26b9cac8df57a33e4b5868c36f2b9322994a98269dcbd7956b93d147dd0aa27":"0a6db86c3abdc39878045b8fc2d5f0f77a8e298efdacb4cb9f74762fc23b96fc":"ff5252b7a39460a73094b9d668b53d1932243caa885c0ecd850612fdbe7e46cb275d079bb75a6b050191282ccb11ef255d52cb763618c4b624560d79bb9a5bc99319783de43c152e7aa7c4cd879a75869285320a9b749c897bf07220cc1bef1edc494bffa6ab93dcf839dc15f6f2e508b9e216e2a1786b75abfb01bb7bdeda722b47af895f551670f9562d9f9b78e98ee7ea5c5ca4f836af5bf153925b2aec055eee8164edf3f7b72e24b1203cfae1834705f74cac8c6043a3c2abf6bdf28fc9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"53d70692f0f4dbda23d78660f0f08c7e70ca94441f1440348f76108874d13ea14652725abd1a94d315364416c90e662a":"6deee916ad660811cf05b5652f32df4e97f544ebb57762617359159cc9a425c2":"acda427eea1c8c6791be6e4d2b60be30302abc84d5c5a13be7d510004b8710c9":"d27d7f598a14205c45788665cd062135b6b65547d3188959e38ab675401d2b62":"f77f9de60e95da3f1d0d67b5dde29b31df59ce980ebdbad7b5e0a0051fee39e1d6fc4311f21efa016039bb05f3b009b223be6f2c007b468388a8a19bb468c7b82cc93dab3e160b2b72fda1240fcceea01c2638e9c8bd2d1ed9ff9b55bf69fba4b6ae8e694c150896ac6233b75567993f9a9adf25ca0f0835b9991ff4b8d3f4f1a3e4c5f9866d98b7a75196804f996492a61dbab5bf72f87658e2300a1b0777ef7f43ffe8962f6b6708d2d91dcdf6b430cfaacb3289f74cb0f67370bcc9af249c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"85186650694f742c3f5f228f943788f05602d4827518908fd09a1fb445d8333db2d65f376d48c66eb9e0498999e1ff49":"499928c41841324749143be9cc769899c38d6f6e6933e56898896fabcd802931":"9574ca51f21865c2fb0efc75cc9d90ec5e9c43104979cd64d00ea5544ea01c96":"c0df840a18d7584b62c70b2f057bf824168edb673cb517cd9dac89a0fc80c9b4":"b31e50202f883a8563cf129a0d5f8a33abad79d8ec8a97167ed7fca778e5892480617cdf50b5e51547f7ec1bede35020a311572c61e33e9c82968e8f69586daea3dc19063bea56503f8ca482918d229949acd6f1c52cccdc5f7f4cd43602a72a5375f3aabfd2834ee0494823beada2daeccbed8d46984d1756fe2207ca92186b506115f6de7d840c0b3b658e4d422dbf07210f620c71545f74cdf39ff82de2b0b6b53fbfa0cf58014038184d34fc9617b71ccd22031b27a8fc5c7b338eeaf0fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #0 diff --git a/tests/suites/test_suite_hmac_drbg.nopr.data b/tests/suites/test_suite_hmac_drbg.nopr.data index 782e584e2..a1400e6a9 100644 --- a/tests/suites/test_suite_hmac_drbg.nopr.data +++ b/tests/suites/test_suite_hmac_drbg.nopr.data @@ -719,243 +719,243 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_nopr:MBEDTLS_MD_SHA256:"1353f3543eb1134980e061fc4382394975dbc74f1f1ea5ecc02780a813ac5ee6cf584db2447afbe2c8fa0c15575ee391ba60219332a67b95d90ec9de6b8453d4c8af991ae9277461ff3af1b92fc985d3":"345b0cc016f2765a8c33fc24f1dcfa182cbe29d7eacbcdc9bcda988521458fc2":"6964b9b9842aec9c7ec2aad926d701f30eec76fe699265ae2a7765d716958069":"6a03c28a9365c558c33d3fdc7e5ebf0b4d32caac70df71403fd70ced09757528":"a58546c72a0b4d47c9bd6c19e7cf4ab73b2d7ba36c6c6dc08606f608795ebd29":"5b029ef68b6799868b04dc28dbea26bc2fa9fcc8c2b2795aafeed0127b7297fa19a4ef2ba60c42ff8259d5a759f92bd90fdfb27145e82d798bb3ab7fd60bfaefb7aefb116ca2a4fa8b01d96a03c47c8d987fdd33c460e560b138891278313bb619d0c3c6f9d7c5a37e88fce83e94943705c6ff68e00484e74ad4097b0c9e5f10" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"096349506f3a7653d54db7ec1d09e93413edd175b6ddbeb00e56752a520ac8fffc7983b918acadaa71a67e1624f1b5024260a0495fdaba58aae41df82505012d480c8e4f751fd7ebc39f9becd694b2a3":"":"":"":"":"f4c7bec0c26cf3892d214549ac6f3d82f34c6966d4295099ee56166e879a70ecae130251facda351e903d877b6c5eab5153ce87ba6c7cf8bcc61cbd14cfbe34cf1ed43678aee69cd87b60e6bcb6ff48ebd44ce9e31982d8fe20aec34fa51d625f845f61056575969bf785c2ffab4dcc754f13de63423e94bad8d5e166d96a62a602d3ee4045df162028b89cac45e6207d9097f2b3ac0ab17729251985f276f1287f5c56cc9ba1a79fbdbb291f3a945fbfdbd63cf13b82ec91f7b1085b33279e3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"aece2087b713992ff49d3bf404dcda18403e015632ac03735fed29102cfea6ec1b574952687c9bad0e9aedcfc1da568be632162a83c802ab94f32bbd87f6cf4af1f2703f4a02af7d60e22383a770b9ac":"":"":"":"":"c0344807d5e3ea29fef73afb2b83dfe0aae186047fab6b603d8608df49476be18bf1f0f4707198fefa18804404887ea3c598d887e938440e1fbb8ed0a1a330cff84d952cc6405b12e7bf51b0c67d5e4896006dedb44637e393a97925890fd5176252f69d43920043844a91d0840844d89b8715052cec31e257c121d3fc0ee807b84afabee59624a00703f464b0079f12884a6e888ae4959c5423604f8ae2e6b57f4428e10b680cb74cf20417380dd5378449a24ef95d9438b0fee386badee962" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c39e77d579755aacd454ab7ca6528596c397f28bcd5467cc7e0fb47f398e875da83892a840381c1bc03b7a223e92904a714dff45759124fa33464a97d7f0d7fd2d1c6c21663d31fe80abdad59458c228":"":"":"":"":"10f8ec63a550c31ecdaf2fb1b373f71f18d146ea033dd65cec2ec0b73b55bb6f3fbb7136dd045e09c4073247f093493cf26b6683bc9ebc98025f75fa405fb8deecbffeb0236a33f0ed6c7600d992ce5a268c86085adadf68047178ed89d93d739351f892723d8d6e4f428946e4e6dad1d640a9c11de23ce9b793324e31dfacfd367d86855a28cc544f88b8a91506753fa061cefcb9d77bccc15a23a84dba644089ee03db8374fee91dc23af6672159b0d2db219ffd07390b69879910b5c336a5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"d2e8a25249ac850fd3b01f62cd1eae3dd94d38e724f8e2644b7bb510c37f203890242b11be773beb202e9ee93899b60a00ebf08db1648c8750b14d7b784cdf0a6d4e7cdc816469cbdc3a08d6d32503b7":"":"":"":"":"019f74eeef674ef100ba4a1835bddeb925fe6fffa97113dc00d7d8c0ed486a73e831561ae44c5bd90e189fbe2bb1bfb84f3e82ec8809699ee8c2fad80b464b6b344999c364868300c1edb065ae86109dc29516f2bdfe2a046ebc8725044c382d93990f1cba185f61f71fd22fbd076d727de32a6c1d2f430bed491c9d09eb6ee669a1dc4f8048c7be199c7cbb5aa4f14d1423c8a54763869f5dee947f776ef2543ebb88d3004739089efd86b7b22327ae952747068b35d4b3d86cac1debce3e41" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"cffc6c44279e641856c39f14ed35440ea2f149c77459106f960caf910af21c109067c0f9445320adfc0aaf0c86120a38584747b4049588e5d93569fcecd358c51507bed59f96145bb8db6bfb4ade3a2e":"":"":"":"":"928d6d9f9128b0af64028d5d2e94414af9f8dddd353e4155f42a5d08f3e530930e01ec0dddf25d65de7f49de702791372c71fcaf5f20bdb24eb999752bfdfca28525b16308d46cefb0bc3b260490115778161db2faebbd687b940ba098e3d5be640565b81ed9d434b6861fbb4cf034ba77380562119aa3164dc53653d4e82ec84cf351c35b1b668343faf17f172eb4c0cc3999d7d24aaba58dedf11225336b5bd747825d2ae9100cf6da3276f26cec198e52edf9194162483aa4a45fa348d0cb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"3a1f0474c279548c086de9e12ed754c49a0322e6631f7f441c8024fea654bb6ce245c357b13ae94064d1b41c23e5e0496199e8ac9d535f8d95fcf85fdbd31eb33c20793f35075c412ba7213194a873fb":"":"":"":"":"954b58042d028abd00f7ce3d39fdb61e0cff6c40391ef8629e87101915771b8d0c7e24292751aab1219645743c6f54306866775e28b54818c759a6bf807c4982eddd4be5e22fe35a303cd503d122cc3fc5cffe50b03117457e2efc1fd91a9768964552116811b0e65856e8f8256681c722ea2652deaa2498025e84262a3fdd78bd33bc36c057e198327a33232ecd36501a0acf997d0149b4a833153b710b90c8722b232a574d22e7026a89a4d9cc3506cc9942705a162b34db9f49301a087dfe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e5f4fa500982bdf8b023788f9a5532482b29b12e8ae776111adaa617a958ce8977873caee6e82c5098ae77287bde1d8295b8aa125923dd7f8e05df78adc29898836be76df7c5aafba6493b211cbf8b94":"":"":"":"":"5b3fc1a7ea418debe79994bc0a8c86f487ed2f320c34293db950a1a026c239b8da6226d1dea509a0fe76f5a811c9391a622343324c293a0090587c10193a2961e358d1e71c269827e0d44e93d87984f47acf5b4751c8c066156da1c44662af4826cdfb5f7cf98b1f0200d3a0d7b99fea7f1b17dee7acfa5baee8f95ae4e0bc050bee2eeea7c09baa729e6e02ed19476ba3f8f5a8c1660de0353df8723efcd98f5fcaa56f6eda77f2d15c76d26989aa998c4afdc53ffcde47dafba8fe5818e8ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b9444339a8738df6cfe95b6dc28980d02799b2ec5c8dba9ca98fa8075621a04172b0c9e414ea33c8bc4b3beeb536161cdb9a2a516f3e87bcc9f92ebbf4ac1a900559756903b72c4c1b5f9082d8b341f5":"":"":"":"":"09465004f009ed378f440c10fb122a265f464d373e7f1a1719c713f6bf38d28fb5447c269c127a0c10081533a847c0e19f4b640be0b1edf84d95025d56679e5880922f29c942e7284296a9309b4fab1b5bd9957d470db28d3d36a3585fd37573e8e3355d03690241d6f7211d8c6b054a813ba25f9cda76202d3270bf12f66d2e5ba5a946c7d28dd22d55d34a30a040aa9782d1e494603143d436cbb0212fa0df6d1bbf4f19818b99a68d9cb062aaee8fa05636fc60a072ec6e5ef24566c6b96a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2aa822efa22d4cd65359107c46309033984b8e9c3ecb1b77078a09ad9ec746ef4f64b287bcc3064867b678f81ab209db3ee132a11f8c9246ce0a3d6deb3345f9b15e4cd048289991c64a21afc46ac98e":"":"":"":"":"7b79baf0126782bebf1794fb48633dc69ba88d63504d27a206d974854d446737da4ca1fc5bbc54368966b583dc441b105bb30b3be19f2778ed31564acf333b7c4cb1727480aa985afd80396866e10f6da31287cce07358d6308e56e3bbce8613bbf472aeaecb27e66305e34af593c8631508cf7d2c512df7c9b3ab04a4ede436b9d2e6919c03a525dceba10afbf6e8a641591d09e8a90543f1905b08537b8868337c774c20ed47df32d115a7f3306d808bb82d06bcbdc81042d0a16a3fc8d0b6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"a32ac0aaaee05d57cb3a626fd26854ef08a3ad42a3c688ec6a9f9b67bbff02f86df150db0de2e3612cf106d9f158fb570901e1efb12252666e7a680513cf22bc0172c4f8c0d8b2eecfa1d471c10c9ef8":"":"":"":"":"8271bd7aaa795b58d8f741bc207332335a68feb66ac9c3bfd5dac72f20807029f555c3bcac629d228c3a77d596d99c5d545a8dcdd0a2fb2a5eed5c3492618dab4f763ecd7c6580817c6a7acca42d81831bfc13f38ed56ed42055877c7f31dfad35a73eb2052f6f9183dfc89b5926680dc2aa85995d42a0c073c881f1ed332794a784553493bfd842225030e0056d76e52810236b17f6f067d1272372395ffe9c2df3145cc65ed2c6f2f121dfc6c1eb8fa6132b44ee0373c7c027af80383d4a7f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c586e0f5999f107281dd5c7ca1ff88d4617b4fd1bb61313895dd4bede875c27b5b0e6c5ba15e8725eba8fa009406aa3d8b8b66f13e07c8918c0f3f55262debfbedfc641329e1fcd6442c245626cfd206":"":"":"":"":"9d4f4f688406d8e57d96369553ee39267a9df9020d7fa78b39e1f246675b70a8080cac5aa6967e78c55071241e20a9446a82507a215a6c5faa3a2ea3c05c12905558d98a8eef90c8abffe6cf8b874c5ef057e365fdf179438de6a78b4dcc075b41aace875a5dd35a44f2d2b17d6ef6aa91f79354931c4d487142f7ac2120fd78caa6c7ff5298729de16c0e8285d73a3c6a95ada99f329dc9aa0924b0059a6585853296789b7e1129432baef4bbd2240a8ef7b19046fba104a85d43aee0ebf021" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"bcac6c2160455e7db38a9c94ebd329c1ac043b6ff607a9c76a86156974d30251b4f4b14e6cf01d407cb426ad61608d1599a6b7ba9402756bea2709cf3b162cbf040d0f5f38fc4584cb9cf4e6a7bb3984":"":"":"":"":"37d76ebbab0d4c8354086a5c5edd5aa6314a4770749d468b9e5d3454f2dbc9b25432f2d5d9f4b88bea7f9835edb22f8a7b09bd604703870abee1160369d0575bdd3847ee5fa93a9fe9aaaac0d436022f94d1b96655ab00feba1f40202425e51b084e372249fbc37f49410fc9d4d16173a9bc29181b62e342a8835f818d2647c45b6ce6c5b6f29add13d57e80513f767339575671bccdccdc9d093dbd72c91ba07d81c58ab5256b6744a94f0e75482e3848de891dabf384322d1419814cfe1590" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4b667d35a481779ad919956ca06e07366a974738c09a5685fa23b3fcc1a54260cd39d725a7f2661ea86a2d57cfcd2a91e08419476bdc5534df58c6c3b077d3acd27ace0472f91854c164de7f76a9b1ac":"":"":"":"":"c82e5e2fb08171c233670e9e5403b07c600be4e91ff5b57ae284c4d733139b56ece720e82d3f9ac185e37d0f44d5281224cb5f9d230dbdfcaf1756389fe752575a2764f6ae775d0a82f2eb1d901ab04b59b54b5fadb2acc9b9af3e829ef19571dc416752b1bb0935ea2f3ad69dc452285c2f08412b11794134ba3bda0a10425576e88ea7b069b74b436aca93fe9dd1dafc78da1227b13d70157f60c9bee644451f8765e4c8badddad6c779d6b42d4e8b5ba65269186b04c38db348ab5f7a4146" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c0db9453f84c2aa74bf93ef21b9e7802bb8995f6fa5e634cd4064ca2a0075319a969bad1345bb5432df63412807a646d2008394d83989cb4a506990f59f8da80e6b3a1df3fb8d726639d59cbaed1562f":"":"":"":"":"120bc268ca0d3f55d5aff5b360ca4d29a4b8ec5cb624f9674ef0a67b90bb70c238b94b2bf804fe74ca18f8364ff8b1e50b2315f8aa0c3fea663e93c80544284136de1d162e9078e9a074a50b493bcc7e0c83a0047199164a2d32133db57abb05b751a357abd3ad5298773be21c534f98645e94f0935afa53729462acbe55993b7d801bd6b0cbc8eeb5a1c5f0c0d690702f8de0a1a78dcca8862538201fafbefee55cd5be62afa8e5111c89f1f68d0f1760cecc86bf6675cb09b20e097bace037" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"31836d292cb46aad594171e76237a3422844f62fb14d0cdf63ba587e73501051c7cbb280d4b46412e10927c9523bed1beeb5163737db7f910e444e5d5221c5469655fda4ab7218e63e1451f461b4fc70":"":"":"":"":"1cf3b49f28b791e7c81706fb1a870f1af134a0fb0d2aacfcd6e446caf0a91c04dc160f080ebd5503fb7c16ad9229bf0a7bffcaad07329d5bde4576870758a4bffebb6b5c309114688db8e59a55413b4b37689df38d72bc5358291bbcc0b05af487a33934ce626efde918d0ed5f2deb75a17bd8912a31dccd783354477fa850520c3b97b56c6d2b9e4a05d49bc36e6683271f2322c9a546fca88c502187a5f4a2035bf5c527aa312f16c357c37162d722510b52ff8357490a096692572cfd8b0f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"a0c341ddf73d9404177a5fde32cbe21319c318f35cc9afca9ad41a3b06e13491e843cc6afdf2bcd00ce77ff06ce3d8a54772c46baf142e569ecd9131d6185af3575bb62a41cb646bdcae8a7a9fe60cc5":"":"b83491ec1bd89f3fc84acf1aad6fbeb8ef6ab949f41adc6d0dedc53722c171fe":"b76cec3d6300ecc4a02e810296c7e70bd9b4e7121fc5e971cbb94337980fddbd":"2a25cb0ecf913749ad46b585c76097739a14ca7b59f1f3ce4f79bc8a4afd1378":"98c01d4527fd131cc327e9632104d9eee10407cd73ab607228d37b9b72ca2c987aa794804d505d072561ccd5016bd4189ac9e3db9187822877dd533347b5d2071818bb7683312e1e8806e9b73b021777f7f878bb7d304ec58ce92e5e36d3d05a7383dc77f3fe6eb84b615f3f290bf8a43c34ef5478a30a6ad616157c9d7dd046aa66b522bcef61c9d19382c32425d38ed3fc049e73035af1e8b97388de22c4dcba0bdc09fd36ab7eb3f67659cbd92b8d7f6d74b56fc8daf17068c65fb016e29f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7817fe880c0a4224eaed0da5f3962727e4b3be567021d37d3b6d4cd779274378f1cdab91c4e7c1433dcdcd0afbe4b43c32a2b5ffc520ac3721bfd5352fed023d04439c176288521319b5e315b6e5e85a":"":"c7708c25003e6587fc8c8116c500d37299f5d5ffcad3405349351d4fed623874":"45f88f2df43c4b9c3d829b7cfe61904ddf658c16043271f01c5f06ad3ec7bc32":"883cfd717ad8466035e6d3f3c04813e21657ad62eeaca449785aeb0836ac94f8":"6e0633c532099ebf0b10d4ad35d78a48b82fbce37913e655484ae40e29772a25630a7ab37f1d0ecdce27773a2ce88521b171432c07c02269df1822d2b6cde0d9f768375d9c60e688f497fb7ae262cdd5f7e8b84b84411d619c36529b41576ac456a240ed94d750fa722db874098ef7200c74c3234a3e5f21fcbc2cb5d50c4297d1e70901b8936964ccd242098002f4c8ed7dbf49de8c2a924c737f248d46ac1469f676377ca52cba12f28d9b534504d6e8423b5404b7e14de954b4225bb53551" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f2bb6edec000982bfdb301d1d88a23ce840e496a4f595a662e4127571264f1d7e9e283c567f11e7e266459fa781c6fd95339015836ebd69aa42857010f44e8a72b81f501c96931fb491dc1192f6f6a27":"":"ecd5ea33146cb74a707eedb8df881eddb1797cbb7b16c16f8d741d23795774fc":"d410d6e2e848f2241ee45c9870064ac0217d97f59a8e80f6b5107ff0e4240bd0":"8a8c58fde3b8c9711757cb17e46587d0c5187f758d64478e9968604af0367136":"990b1f68152b3607f3011f8d04ea33a3e8fc479c8a6eaeb589133569048fe1284ab44d51bdcf4f0cd4c8d64f4c6337cdbe5f4f497ea90ee4204845bebca2ffde7831cf49892829322644c4e20a45a9885ff619bdf5e79ee53c26f47072e20a46d2b108d180d6ba5859a696f472bfaa80b2fcc7eda374a3f91ac0b06c9f13afac1af244a389cab4489d0ee04a0598f9c5168f39b40e7127dad9f20d69ede6cae7683b25ded1cf9d903541fb4b0a804d7c163ab068d22949f28a8f4e853e691e51" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"6968f5b87019b4cdafcc9f3a89321f25ef5d8d70fd0781c9e3bb01b3ada18c8b61d9142b639aa75f5f9d798ca538475d09b121048e8a0cc4b2286efa12fa8b4b959938261a1ec8e607526b7a27931191":"":"fbe6b8af6685422eeeafc32327a99104b45ca5602513aed0a5c6235328e8a7a5":"04f137391e27caffecd4413c775117feda27cad839aa900ff2af47c700034b08":"f185925cc180e556a0703a5956ab6d846121f9d9cff97f65bbed3bc44904cb5f":"c8bbe16192bda74ef89d9859b248ac658896bd40b5491c90e923cab6815ec3d2126c62410370f5f44e01fbf1d1653064aed835604d5fd0633c8b71cdde6c831cd91d69e420db83e6d5d82c26c47a11f2ede616a2885a884835cf2142a6ae4cabe989700125df12902374bcce04f3fd78f034e50398d9bcf463dde6796627820c75a7efee82fe4e16375af57ad3154973042e0a92110ef745f468377f6cbec5fa1a1470eac80408f8e96d37248b100ef8476c2a85cccdfca5696ffefeeecda9e0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e8e99ffcf08aad8e50386f5d079d79d3db783a74165c6126b42b3140f744a7c723541930c8c772adb62981dbef8d054ecdcf1c30228904bd7ba31798bfbbd64757aa251ac9a1ae8c20a050670feac59b":"":"546e04247d6cb5212a57b62f99e1cca767a5768cf79296f45f0db24732ba6368":"fd45f66c8dede41387373c38674605f3e075c9b7cfc66123a5478b8f8e3ab276":"39911a79c6edbbc805a50d2aa018742094177a8e216d647c64428c00169ab2d6":"871577ddf34b29e5caf132aa82e1d2f1586b76e39aab62acd02f6d4440908a772ac5f6fd48c5f55f1ebe0e76221ac46b834a8a4f5dd9958721ee053ba3aef1574ebd980a5da6a94693662717ee548af0f921421d1afb814e4d1799d351889d2a1bdd57570a913e428e6613b16e158c1cfed038f6578920d60db73dc10a40da9bc363a0206b4e7e49670eccea866efd9a05bc237042cf052f2a4140f9377e3c6792b88ea06323fcebb99c643fc1c3653758d6866cdb148837fb0fdf77de1564cf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c7774e199b5a8c0b306ca236163249044ec2153dc89bd1c1459cfd40cc6069fd1921837aaa80f4dff34a97b4dd7e94c0143efa24f34924fa52abb4275a63cae7048a7fbb8b76300fa8d109f9561f1699":"":"1f437f758512071bd23d091c2b1ad8d51b99acc663e1d037fc5421092cbb1a45":"c622ac1071b50e4f899e4760cfed476adc013b6ff95c9b7be671f79cd2487ba5":"f973f45f75fb0d68e0bc5a723a72e722e6c8f3fea08d785141c78786da5101c6":"9475c697af430e94ed396c707bb7d5ee5bff18405131a0e898ed38065abc28ebdc1dc33d767c4dab69c846e3350bb414ef2d43798710958a6ff3e6b55de93c2ac31793a1dd4b07379e364ce72553323b9bcaa8839cbbbd347b4a82010b78967219b84c6fe9f9285ff741a0036aba6bfa7dd0d5a4ffc1936341b0e2a31082123b6d2af6740cb3ff43bb4a87ee74ef7eb06030745453d2ec225c8f31d214f1dead0f29af01ebfe90d2f8a8bf5e031242ebfcbd136b3e3db1f63a46f69a26d6159f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"898963d0237c58e4b7b6e894ab271555407d3ae8c1c4599f5f5490ad5701984a6e5ddd58d311b547f6fd2d4d67addb4ca6b86839b83978baef72b8cfbdd0cf180518af0e32e52ad4a73db460af05e187":"":"cbe5f14445cd310aecc97113232a0121ed2082f2c4152b4be68448f36c91b1f4":"efe0ef028e4179ae10b378bcda3d96056ff21d94404bfe022b563cb6690ad563":"98cf6a771c05f904b53ff9b12709d20bc3f1821385cf27ace7a4a584e73866c2":"5682b6bd667b45dcf16527a817852b52a7f5d0fa8c962f3dd3af63e7e71990da92b75e9fcf5de59b1565f525a734e978ba74dd80fe89a2e527960ce4207b9ca514d933676ad93e6dff5d57314a45889637a623eb7832854c3897faa511ed6dd246d2b8280e7d0524647d4bf7715b5546e0a9a1dec246b1680adea2eecdc354fb3122654102cd0bf94ac9333caef3fdc369e7649653352739783d048e08e8d231b332fa1558745e2ce89dd76d1dc442a71dc3d5eb7d3481558941e261f989b097" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"426bfdd4ead656611ce49bfd9f213843c194bb6863534ebc258415148f457e6e685fcf539922aade348a2af678038610af676246632dd70920d661518d4dc5221381b2fbf1c2f3bfed01cbb930398095":"":"971785b18e244d03e25b9a80c2c2204f5bab6dcbcaec986342450eb9b376bb5e":"5de582cba43a610866578604c9f2a542831f41c277d50b324f4edf1e2e5d498b":"46e4c325d2c45e00a3c17ab35115b5370abbae61337eb2da4e6aa91f951f55e9":"f2e8be2e994b74a4945fedabb167778523865ed27826f9c26ca2b49bf32af1626ae62bfeaab13e9bc52a081f365062a5cdbed0872f6479cfec5a5e79171d97ea898e8d10ed71203882d1d7b7d28c5d59b8872985abc628e73622f616c4c0904ecb1e4518be8b4398662dff8806c3f43750cc9be95aaac2a4730f40323d63af157d13555d043c4d0d7cb53f202df282fdfc5544a234f71121e893814f4bfa926351c5e9427e90f1117a3bce7a16f0e08cd06c3d7c458f9d07ca3269e015733aa1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"ddfb3d1d93e977aecd08efbd71dd48168e67658d93596b742670ed7c8804bd3e730d34a80ca1fb4ad2471ee22461bbda670337d675a17721ac63c3793153830a26b1871b316a3e10e49c555f44719577":"":"390c53a5ec1db52996eb042f9a76e45f0bca76ef6ea31b4642f00658342e601d":"b5436e880c15f03c3bb846d90f3ee5fc5bf5393865a112a4317d724738f5dd25":"d193f932af858698ab086bda36d04dfdbfaf487fae4298b38fef97bccdf63f38":"bdf9e1ba1fbafdb8f4628098aefae4810ee7fd565d0d285ddc3840f8e24a9985c2de57edf5a511079ba6c952c95c626e296fd62f3579ad03db536238fe69158317c9c26d373816343505c60a48e07a00edff8fbfef0ce69ed176e5484d056af02a270bb6fce7bae0b223bfd98ad359d53b159f3295be3fd630a568d2363121c7021ec23b14693be48f5b55e06be3d729c2a80948194b1266da96317bc592362809409a7666d5c168125b99de26da741f17ca52d63685ee8d8260d45764fc78ea" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"457e49a71da81a2a08bb19b97ba8e62ae4b5ad4ae64daf758a83a75506f9251149b2bd7180f69b9217346f8165b7cd8f100e0b1066e2877f5e5da21b037c2bbf178611dae627d9beaee64a9d0186462a":"":"c3181f694695c21405588f600ac33871b519e2b8e3b876424b32753da483d6ec":"68e717410f99ae13712175e402b51058b7625b7da27224414b472f9622d163d5":"f2cf13d05e853a13ed47c5d0eeb9c0416688050342f0d345ac1bb21d5ae675fe":"fc23aad02870885394ca831b72201d76cf736f08f6132b12178e8e3b016fef8d3bbb849e5d935ab732054ca701154e7d3e87d1b51b7392ccfaa19c4ad28638c67bd149ff67a93c09ee1fa5c2ef7bf9d40844baae79169e52e9990c93f099e036b63b000fb8ea67a13167b045c8f9163045beabe0575fef00b89fd90390b0124961698f4ad8884a1e1faf576de7a179c03221402279b31c93136b9436f9a07b5a67b1c199e7c6cbd0b5f53ee5bd0ef845243077c6eda0e021ac9219f6db5ad503" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"79e96cc8e77d8fe72cd6c66becb52753cea28bf71680fa541f345b83be79973db4081201bf23c94d1828e9ca1e825ac18aedc5ceb87a4c1b0c333c88d97e0f12d61b338e5ace5e15f71283d31a1ea90f":"":"4304ccb2666b227c92e2b00659ce0b34dbb53451591e32914a60d6e6cbbbfdd6":"d6e74777c02252b0613357b9a582f4d8cd7e436daf1674a663561b62d8ee7143":"0de123897d5f090b52db88e4c0f9fe736ccf27c134b0f5eac61b200d15e07986":"55a369d136e2d903c179472eebfc45ae236994669c46cd318401bc662f38a1f714f78ac9f15c819d2bd876a7af51e6caecff3c650a3e661e5d137a354cb16aed5b1554545bde08c10baaa5bce22284083b43a6dd9941a37f1a18929ced61181c137e9e38c79d107465a5a12f2a2f37788c8e398ac48b2be944d6dd3562c05922c25569c26a1203fdd244920e6c268028dbcf6807c05bbf1559969981467a479d7117a91f210118c1159749a1dbce4d8a0d5f2f8232c5152cbaa6441865ac3a88" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b37180874dd4a7e08b1256966ed5845001b0773b5136956dca7194cd12a9d9e1f1dd35534f579307de11c1e64875e9377081de3095d83ced0ea3df2ee8d5be4daee545b431dc908bc10efc04db16ab4e":"":"d3c8aa88cc8d5b59af3685177cf3826cd675854deddcb9b501c40c4288cd9cdf":"6783f5bd86fe178e6a4d303342374ed32853925f143a5ad083c04a9c298feb99":"4774e5d062eda04b680d717f652d87bf5cf635f597287b76fc35e2d5ce593d08":"e478d45fd3eb6f4c398a0ec84f93ea6861f00666753c143506c5e417100077e2c4c9ece450d98c9372d68aeffe9e57ef9176d4084f9c6d02479b516942dd4792a90ffe1e4e49a8156bdd872f1f05facc06e71e581f919cd94fb97208515ba284fcd255ea6f1d1ebb7d351e1ceea1cdee631072d3fc3f4ef9d5fc57a9ca98c88b81003d858cb5be0a3520c34e52d3beeadf91388ec9a495b1fc7ff7a6799ab0af211abf52c15467274c04bd104df14033df000d8624acd253a6c954c0d89b7238" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2779f20c02d086d30d53dbd6e7396a35e677214650e39f2ae83077fad70c068005faef347e7f73efb53a92f0629e012c7e1246d07b4e1bea7008dd8ecc7546e3f0a6e0e950e083373fde3fd994e114a4":"":"55edb840b85b391d4f1940be52a3e3824119349c780811c570d2c88dbefcea16":"e83ef56f09f82af4dd91a0b887d3f182dccd973435b74b7b3c432b39a61fe720":"eb9f30f2886d0486c5240f43104e426b36aae0006c4b9c64dab1bb713bcef7e3":"68c3feda06172a191184e0bb77a8f3c9096048bf71ed95b20cba1b1726660900d7d9f97b7ac648c76b50b921c28eee3d401ba81c8a46fabf82301fda8ffe9d76bd93cb275638f7c2088cfde88620661eb844cf953cc141b31e946338a0203c8ae67c2af1330a53251818aebef893010f16a519fcf22060a9aa9c597f3409465cf3c9ccf753db8c0bd3b465b028adfc447e37b5129c17ae9e8bd01f762662c466491fe57384825c163ab8a26d67efdda01b053c19d3bc6545c3661f2ad1df1e33" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"71c9fb2eb8cca98860f955a8bb3669c70b6f5374256da23fcbc4ffc2e90bc0a043b8ecbf1cb0c7b65a2cb7a47211541f2675512138964d0db8074727158bfb4f0d3c093f1e2c2bf697a48c2ebd27153b":"":"13b1d552e2c8c84f66961ac8c919166a248bc62fb896cff0b8b001cd7e147bd7":"27d626121ef579d9969809762c77068e4573af44b6e947a2892337a11404c133":"456ea206c38662750af39aed5fe0a39760f4dac85b83d7ccbc335f53a160a0c9":"464aee8af42ae68ee776780113805cade246b83a698c34bf4c92e5d81f28829ecdb808884bc7d784397f2b2f8c76a2e3517b53bcdc7257f44ec9357d014af4e8ddb44df98da72775567356f363fb85885f8f22505e5b5a80c824b4a0bc48029e3419d3d2f161b1469cead730cb123ca8387a2c8276635a91d0dcb2220797ae2702468587ac3a70b927625f3a6e2980d6fae6fddf4b380ca0d91eb4aee37b98644bdeac345f49523a241ca392972da02d70364f9401c21fcf39eeaf414a09fdfe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c9e54bcebbbdf44051e80b91cd10c87dc24267923350b6770406551a5069ea2255201f3f15bc3a2e4caaf0b45510f19db299a41db8d56ce993ade44323c455fb1a3f504124c35a9e907d9765e810c939":"":"2819b3ee279d57145ea1020ebc77c46031d69524a843158192e081f2ac91512b":"269ac853ccd332fef61330af7e80a33791ec44b6cbb83006e5ca0670597b35b1":"fdf031b1e0a8016bdf6a6ebb533dddaae1a3a5b14b9cf52a1a8028cc720b10c4":"a1c4c1d6e72dae5e4714bddf4a1cb8d01cff8a3973b12022011270c0de7ceb85ffb6a6aedfa54d0521ff33d748fdef8f29c52c7c414e692a30dfd0013776b58f58421605369c83d4d891a19c782a2d036f9638aba9e24b0eacdee87d4a8011699b638c287f0a12f11ede86a946be9c00d21a31584a2a0da536dcbf86e2df63be9a7b771999c9c7a6b748de713b7da757de2d731a8d980b75136b0fdc75ca7aef47cd36bb9370c5ca0ef81b9a04fdc78698720f68e5d54e1a777e557a1dfb4c22" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4d95f31b9606a5f6d04dff1d89b50becfd0882e6cf51c1c5d24ad843bc12d977eba4582c39d793a63eadb63f292568c7fc4270e6c9aec83186a20819a7d35e7f1155ea108794302d593c53ce9d25422b":"43bf6f32b3b5f580b54179e4102d063536e7c47681d6de3cfe88fd8ec66e4873":"":"":"":"e991d000b24ebdf838ba11f9849591b0029feff33604bc4d71acd94301f8d045eeb1f81f3a101a297403a35859113c099939638680d481c86067f54762892f82146f61cce7bc2c85d395348f3ea2aba6bb3e59dbcf8e41a81918b6cab304d44ea1e32573cd6936f38cdc11d3c2f96290cc27b0dfa3bbbafa9394acdf2f4435170b428563427c4b02ed25924226edf8d5a5eca4eec4aecf98ef2e6f75caa70bdd84877df2e637b7fad621c6170ca5bd86e21d0bb01cc90fe2e76353a9d5687bea" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"1378443dfec3c03d36b16bacc480edfcb1a4a509c17cf4b35787dae3bc91ade6c113a1e0df927a4449ff9e2f4f1cd9a27b07f57ccd6777f6d6bbfc9655f0676d7b4f91712efd43315be7c7f30e51da89":"f67cd35afbc96756499c68a5ea19991cd1ad4880fdc13afaa817608a141e9646":"":"":"":"b32d9838b3f45e3c4b3ede1181bf0aadab96d22790d8536f5913fe95c3ec0179dd1c7ae69430bc8c68f4f30105199b785a11adf7abec007d18abcee2e65df5a211adfda35fed8b9389a61d2fad33fe020119e72c782a316f17f8a588239567315bda461f5f4518a1aece4d0ae028c153d67a8d4ce620e571faa0403c56bcaa864822e4d8ae6d14feafefccbe879ce4baeca70d436218e0eb3a62bf15c018fd4cf66a50e3d9d7cc9e4744e29e9c945eabf03a6a2c4ca57e582b60914417da57f6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"69e9396c58ed867eb52fcd046504922e2e9a9b059234cdd3f0a09eee9fdfd45dedf5d3860b25115f8a3d0e2f3f543890a23a5aa278f836577956944a098d18f05900d1b076d30ea745be745b9efc0dcc":"1b6e1bb613d199a5e6f1b5c2ed041cf6f6633e2ef4d50ecad89b28102bf70554":"":"":"":"ee09f7b24cdc6b51a8212ca00613633c1a5f044fa921bec31baf679f5ba66bfd723721a03e0f260a44ad5cc4c580080667a781427a34c3d2fdfaceb4b040ee675491c4dd0c0d13abbe81336384806e37f2729e7fd080fd57011b54b664d58534c831c90d182d4d955676938d484087b0086d2bf2737a912afb66101575ca2bc5acf845f4970bb1ce4441eb667d5096319d6282714a8a9708ef9964cadf596ac3e7b1ba18fdec7e2e22f5e6352e825e965a494cb880aae78477aa3bcba9428107" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"d2f390fde0b50ea4afe6baf29a75e698fb0275c04c481df03910d238f4e72c6f63a6231df89123c2dbecfe0cb0313db34288f4143694ce2df2484d20884dbca097e35c3fd8ddee5273b53c1149bf5070":"2bc38d852d1ddee2e89b7174032d96c0b97f955e16bc61716c5c64248eb6232f":"":"":"":"e62346c72ef393a2904e982158992df4ccab03142c41d8d29c1454794926c48570eef34bd021d44cc9106401e9cbce6ddbb6c92257e89a787499d7f7a2dd527833307e02f44645ddbcb1303f1da95382c89805c76a2f12eb13d2b0205b7ec0ef21f596c98af608a2f2a2c5e3534e01a23ba25bd5fcba0481482e1ec8138fb1c86840060919d7620cb7b879d1096f64aecae1ea085a793a9f4dd665449ce73cb3036dd5f2a49138ce88c461a0a9e2f0c1fb8338f5eea53ab0a0ca8a8df9c315c4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"0cf86ffa1456c453b53305353ce43ad3ba44ebf4c6943cde8613cdc417ee9f6e759c0bf4676f1ebd05c519eb84dfcd3e379ce61016e48cccde24753878f7d8fd5da72518253b2f836f32e5b594d54ad6":"088c917f84679641f491aaf105eea0f02d0a8ae0b7add69645d1ef304c74b417":"":"":"":"79e71d9a974cb88d9022d35997032bb5fbf8f0daff411467217837a836aa44c493f868a333d1ebf66689895b53c9e01d58019dd1da2354fb966c88d2d6adbe66ac0b8901595a24dddba609478ec36e497f6fb6b4bcaa88b1e9a9c87088f66611446e8c2873e89ee1006b6d92d2eac54714fc6481e7782b38ed4b18d5f9714ae6a544110cb6063c8a9964c52a7026f52af448783c3427092e0339efd7d1a8522848a2faa8aa19c21363a537766c05505cb979269c73ee90679feaef8df13b6506" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7179c434bffa377d9b6821da9571667c8b962196f7d8aad062e75b6091a34a454e8f4d14a60fb5253ae373cf50edca93b8d2eb2075076ec8c7a42b7adbe7723a6ba8b51a55fadb16fc3a6fe9da020482":"bc1c39e646afc1bb62685b746007148494209a419b733e938c1a5d02e2350860":"":"":"":"3093a2e1f502d44d8be4f35b386774162f0e10870f9cd34e3b9d4e77c7ec7cd10cdfa0bf8228be96cb5741f069440a6b6f9ec155d88ba66b7fa84959c53d3574bf1cf9f1561006c776223b881dd396e9e9830af2c1b5f7457fc45e823b411c5c2ba3b11219aefe5508f75cbdb5e40edf6b1f61453541ac98dad9ed502bf1a8afa79604261c7a89e78cf2941d520e0c10bed18820da6c23a5ed1c0dffbb04cdcc9c3284d400644e9365c995d8c99eebf444f2cb051bb62f231301d31ea815c338" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b063333128a6ab4f433f151ae8aec4283ab6d1cbf4a69447850fa1a25930ec0f4204da52752a9bdc788c5cee6d8b92e1b8530dbe0c81b1d34037ee53f20758d5750d9863ed60c762ae2a8b4c973acc22":"067708b24df7a34811993d5c65d5348eea73e6c6680293afab5804b4328e7a96":"":"":"":"5f74a1d199f30fa22f2020baf036fc61b1cc2acaa80b48ddff1cf85fe5dd200a9afbd8bc51dd1829636fa335660f36d5d2a516e4c38e8ef0c3cad979e79e7e226b820634ef1d76ae81bc3e3807913eb0731b2e959c43afa83feb1d8da31dcdcb3dc3a4cf8f454c4ec41bbc822e58023f0d797c844bd8f20034b31d99579bff142cf53d2651d7a31b212d2b9d5705b048860d6c4e3f45ef1bf2d5e46433fec593b9f68be8b1e928ea04ddc4ce2fcecb737bb8f9d054c2ba5060fae5e5fc21a650" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e23fa0c86c8a7b99ba0d3ec3ca47349a57798c07587b666cc4ae1c9eff83b8cbffb49d1910bf05db3c7d0db7e27285ae9f6b4411d84364b27a66398f5b0a897ee2085526d3ac4f65e70800067d57a51e":"7ffdef21683a75484f6ac304801c213dc8cb7e3cf0f94c358a2e1ccc9969e834":"":"":"":"f952956cb8c528efe2c831c67b69e8aa7e79c013161497b9c55415fd40c7fae778a6fa82109a40dd72fb2f4d92e1cbc47f52d055485c99d893fbea1cf28dab35be1f162494cb79ea45c44a63a1685217cd3733dcfa88bb6de65c68f2390e479c0fcc6b398dc5498ac93002e7e7f360535d082c8e46386611075665060845c4f8bdee38c23d2f90d2b1d78217e865ecfb6df02498db837fe581c43382cd1d3a508b6dc052ef7c4d20349679db8d8bf8dedd763da8e5df775d133970be062a9ced" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4889013333cd1e2b3b8c4365bde690b66e06bcccbea25f04132a0962f13a7d458e823f5ec0ea091a07065593ca44fe49611602d165a35aacb352206844acdf41dc2c88b63b36912ae81875bfd3e098e3":"b4761d82a93e17d8a0a461ec8205932edf218157459a25a7f26ceddb59992192":"":"":"":"72aa3601986e6c970b8c2253118b8381264577e391e48bddff0cceeb5101975391a2c731f5611316b255c2a6c0554ed6cbf8acbbcd8609e3f99c3cec38aa060eedb863563442b7beb78f35221736c608a933aeb0d4a7cc050fbcca351cf780d42c5380284a6163520a80896ee7f71d2961d7629d673791f8fac10bd01d32d95e8efbd65381424c378bbf54b532a70c285d98bdbb559c9f37d6eae889b82d5006fba2892ae16acab103aff1b247711ef92dbc6e516c92e388fda4243808f95170" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"cc32ef3ea3b0db89c69312cad56b1ddea73ba4c302b85ff3c6605d1899a96f49909c6a54d98baf096ea5bd46abc2535309676d9d6bb9917271bf8c86c8852e29bf3ff5b2fe56ac094fa35dcc51547f62":"cb80942bfbcd8f112ed601cb12a5ca52cc0f280522db11da92ac6c76be3932fd":"":"":"":"2c972cfe1537bae42ecc46b1b41a691350f6e63c202245347e91602b93a4cbd5c8829e5a4f63f7ee0e29adb69386e8b659dca2e6000aa03beab132db6dada8dc35ab68433671cf621fe4593018b1eafd3a2191507fe015e2a5694fdfe2c3182fada71d18c5fdeed065089862249c5508f055ebeceb9fcfe5d16e4479dc17e2b59b5a0aa31cf21fc6b5925569b0ca63d1a5cd268a4d409f1039d902556236fb06e61c1c054ed3798cbe4d8c2a7b2d18206212591174cec9da519fb876c583a20f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"142bff9332c48103221359040cda6632baa92cfbd1ae7f8b3d0e33d6a8193939d9d20d17fdf6edd1b3ca9ff600fe965746b0ba1b61e9aa5141edb77ade0f191b87f0b33c0f3620801a755dca02698883":"8dbbcf0c190783122aa6da6e05ec9d82ee29f8e74e59f8fe6eb9492fe410df6a":"":"":"":"2537a8638d5759201cbc225e844208c1d08443b055fafe23329aed5eb2d814703b0fdbd0a89c2d62f8f4ea7746905b9bd90706b734060c96e4e406675576bae84317bf36d8523babab72236b71fc6087dfcfcbe765de13cd1ed316f495e3bd08d780cd6a58849c929ef24b41e9561868158046ffe8d2a89d169ba31331611f0872c6d075b9938e5170a3b8612f9ecff4743c0db5ae365fdc2678ec262eed3b7c337e65dd1ff24a867574ee460bec7c374fc6b3fe9b0eb7bd9f5507ec5988d313" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"821ed44bd793a4af223aebf52413ba5e0e231b2029b3d71475ac028d8c10f86d2382eb9c62bab540be847e22344704d339b798248d0bf2990c0621316e3c98ec07f05bba8887783adaebe8fcecc48fed":"8d2c8cdb2ddd6934271941f071ea47dfab869a5671dff9d424b916c1ccabb02d":"":"":"":"a5fcf13e4a6b9829ac30171920478a7878aeda658803f2e314f9ef8cf42c9c1933cbd8dfe5053abd30df644ca062070662f4b7e7851d28ff801cc4b878523b4610891abb29c095a70665de1199182fa193439665cb19cbdb00aaf3fd0fefaa2278194e79ebf652713a28c36f2cdb83f96c8eb1e85c9969381b52bc3444e8ad5d82c94964544b3e6649ae3f532d25a2e370e9fc8c77753239f130091c43720ffcd2bbcdb70a75223cfd9346091e8c056227f66648941552efaa5a0a369291e9ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"977bad4c5d1d16a2439863af8bb6fdbc206ad0bf20c4036c044645962c36e2e853f0d702a54b70421a509c25de124f27e330eba581fc82efca522e43956187c9ee4f58f971e4b91ed51cc8aeea26fdc3":"51cb91cb7ff1b39e18aacc0baad20443522bf869f26d9d7182005b5cb1d018de":"":"":"":"df4acafbe4f28ee47acc5134ef665a50deb68de9b3c7e075b26d5731049f13ffd00cda05f612f20fd901ff127277f269c069607442ed9f7b41892711a72b83ac592048bfb28ab2c64c6b9f5eb4427450f4475b1c04dd4665998b638d06fe8f463e2f07ff46073003132b66a5d4d19a65bd08230d1db0234fbd09a98864f8ca824e7a0ca9f1d1662027a60c7e95382122674d88224fb192cfc129952ed6515912aded9c72a49a39a00f9f9a16abbd361b20a12b5f3c4de54012aeb1b42f6fa3bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"3116ef07685eafff1c77f185fa840bb5627fb9a5d79f72f8007cdcdfbfefc56bb1769991d78e9e48fca4c97b01d720d1d3ea6fa6ffbe2569da94b6bb36cd34d72c37d0218b3d02c391e0653e286b24b8":"f138ca3ec867cb7ed7d5fdb0868d7470de5f802fdb941dc400ad524d9032e23a":"":"":"":"59f01ec06c97a49cc5de469cc2b39c28db7612029e0e24e3c2b24f92c0af2383bfb9a0dccbeefdaec4bbd2607dc582ee7eaae6a4ffab251404e3c59c95e5460ccc8d8dea4db73e924ccd7528708e1b6a9d62d485c93764686f93df6fb8a9ae86bbda1e038697b5485e27e0bac9a18126bff1e7b104401306cc424e783f55ebe9940176d7123ef58c9460e5fb8311f745fdccd39ce552547adccdcd853bfba87aeb87dfe8ae72080fb7b3e5c4718e743c9f576d7752e3db1fdb29f160bde115f3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f5ba27c487a40dfe342fe18e7f9c72bebc1ea229c7634cce87defd7aa11448e3f584d1769f3e76a017430e6e9bae6bb6c79170925e1156275311d86d4a03cfe3dfbf85f80bbd70ea98af76220833a0be":"34fd124aad5a10b852b2fe8481cd0ec46dc2d02ed9583f6e282a4c908e319024":"":"":"":"977fa5b70f4ca3c04b6f495de3bfdb4b8aef93bd14c82653e30a00a4678c602aa889766ab7caa434d9c15bd68bd14e66cdc609289a691dbcb391611be66c2056f8e675de5db9b2e2f15e5a330d00a8886eb8b8eed4076306d443ca292d783fb056186aa86e1dc9f18a113e015e535dffea954319cd26e5572f4173766207ed7d9b8b2c42a741340c1850a07139c0b358cab942bec51b159e50f5aa9d8fbe7ca9d1d2127a98fbf0f8c3094bea4e3039f7f7ab083fc9d050e29e7d4cc2d3d44caf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c4868db5c46fde0a10008838b5be62c349209fded42fab461b01e11723c8242a618faba54acba1e0afd4b27cbd731ed9d30016b5827dc2bfe4034c6654d69775fe98432b19e3da373213d939d391f54a":"135132cf2b8a57554bdc13c68e90dc434353e4f65a4d5ca07c3e0a13c62e7265":"a0bbd02f6aa71a06d1642ca2cc7cdc5e8857e431b176bcf1ecd20f041467bd2d":"93ee30a9e7a0e244aa91da62f2215c7233bdfc415740d2770780cbbad61b9ba2":"36d922cacca00ae89db8f0c1cae5a47d2de8e61ae09357ca431c28a07907fce1":"2aac4cebed080c68ef0dcff348506eca568180f7370c020deda1a4c9050ce94d4db90fd827165846d6dd6cb2031eec1634b0e7f3e0e89504e34d248e23a8fb31cd32ff39a486946b2940f54c968f96cfc508cd871c84e68458ca7dccabc6dcfb1e9fbef9a47caae14c5239c28686e0fc0942b0c847c9d8d987970c1c5f5f06eaa8385575dacb1e925c0ed85e13edbb9922083f9bbbb79405411ff5dfe70615685df1f1e49867d0b6ed69afe8ac5e76ffab6ff3d71b4dae998faf8c7d5bc6ae4d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"46c82cb81de474ae02cccfac1555d06e5dc44b6ef526e0e28356ffc8bc6c0fd0628d4d942834b94fc977609c8ec0a6392c0693130c6215d55e37da43d67def719051e99871db68128e245217d2aa3230":"5de51e3f49951bab36460724a63f046e75f6f610be7405f55016c93a59f1890a":"5dbb13f5b4eb275cb757513e6b8af6fefd7c9c9e0f5304fdd9b4c0968458f22b":"3ebceff3232e75c6beb79d97c78e93244a257f0772f82e234518c50e322630eb":"dc64e5a1fc7b32f0294db138dc131946e5602266f4cdf00037ffe513a44ff83c":"e3480544036a3684a88e23ff41a4bbd810f827021ca45e800aaaa36ed0b9bffcbbcc99a1ef1f1528b4bfe39514c7a390ba132d1681138c4b1b9f1a0fa1758837dde35d0f6c38683ba47a904937dc5ee3d3b75f909e5fb6311c6cda5e1121edc774e66092aa1dbde83e4680ff95c0bbc2946aa4d46770f247caa7b71bdefac9641ee99700fbd1e560f9f7fbd462ede64e009ced90c44c6ff03b890e16c79c7b8c959a27defa6f062168891977c637ec22ecfe20601d499443f1fb0ecc7d9505b7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"df8053def0260ae71f67e197ae8b547a228e9b67ba7909fc1cb3adca51058b15f6d5951f0b60c972d139b75dc44a3680127a84799fd7672e429f20876c175d135e5f894edc7a4da334eb8b73a334be61":"26890036a9b17d8e805c38568630e1c196091faad546ba8eb976f3aa031a8905":"40ea6bebb0cb94b7e527787e17ef9f7d3efb889fc1e47e49893ac5c4bba988c2":"090271c307b43b951c20ad3f081d2838df0936a4bbdc5eb6f2e16b1db482b1ac":"c203cc1a3af668e45653bab6b1aa39ba0669491a06d00cd39c97b777a8bfd4d7":"0d68d903c85c0172419dc9f782c5d67a0b3367d13cb2f734fed95c7fc082291edbf4fa83354c6588227e40bbff082be2dd276c264823a8f31ba18b00955d7a1fd612a2f37d824bc82cdec972d3f8384dfc78b51dca61e815766c877ef3d2113704c805a250aee7b55b849af048feb3536fe73ec4f0bee97006881d5eed8ea38ba1b8d16a3bcd91fda749b77d688997bff09f104a2d8cd8e133ea4aa764b237787358dadae1c25092cfe09f79efeb8eb6e20c39cafdceed90e602f221fe6b1d69" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b1a1b468e1d59716a23fb028e295588f17be6a79e589027237681fe9ce354860b1cc33918a64c8be171e595ee6a3b1ef46c2ef21df2815528482ab4c7a32449b97ac75a51dfa1c7e67a763f17e97bcd6":"77e5a3eb6ab38419f84b57997627c6bea79703c95bc1cd24ea73eba2edbed540":"52aa0be951816d21a2ede89f53913f6d5d70cc580a1cda8a49f8e49a6befa909":"5bd8e4ac61bdfe752b5a66cf2e048e812a8aeae8e20c3c8c43f31180e4b18303":"af5eab21e4dd9443b1b16f40413faebdb0e086991dd3c53c8a51bc434348311b":"d477404bcaf0ed53788354705f0fa9f46c4e2bef2cd94932b614b3c34e0b0c7c28d7483075c9745bfbd4e31e587fb1db77d557fcdfd3fea47da3f01e42635ed3fd87cf6c98a2f20aa833a1bb74a15b158e47841cebe53e4d5d8c85cae78ade156e025a7737aa9197b122e73a29ce0a881c7adc8ec228f4c14e56c722acb0165b1595f010266151801812c031efcee4a7739876777816af8baf4d29496912a012f1f33c07107b2db5ebd681722dfd76f3a58e9d7426e7fa75e326eaa416c5d820" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"098b8c107fbf943bcdd2199dfd15f130a20d518e95dc81988748e1f0ecc5c45f74622ca2940807df86fb05f0aab4727525f19d1d3bda1f70825f3e1fcb18d29e8e410616c105fda9324f4617af39f021":"220bbf23394c3cef156f683d05739b76f37538a0d360600bd52f0076425b5f5f":"af88f076ab39db1dd0e7002bae187965cd144382a3d1ca7b1ecd65d346f7c090":"bab9d09dce5073d11fcdf9539501dc998b6fffa8a0716edcf583a7d7385ff41c":"caf8d4e10513e5ceacad6f9f145a6f79e5c245aed4965ae85e2e7c5914f97510":"f556494b3849d78b06ae75571f0b9c8c108885fcb041dbd7892bf639d8ff6c82e19e8ce2d5aeb58e8b964ce4f75976a0a9c7f3ec8373b83150b88d6c58ff9b810124d4ac62d955aa64d194afef2f77de6994642ec86cee40aa7a5591e99a63edbd8bbdb22fc3c2506beee6d507fe34fdb4d4f525dcbe30b5747ff920a13f9e230899ffffbc5615e994ee96a1bfd8890cf607379be1a39d173662d0967c9dfea33b14d78cc8818c2a1956197f85e92bc11133ac4f7657f2db20eceecae8ca636a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f54e9df92752d30eec01c3756d569bdb39abcdedab80b0aacac76ab406723f480bb359a5fc6c7aeebb6719ab44114a75afd340af202be3ca30e4de794b826237105202dcff5d1291cdaf266673275825":"b69f77d5a08850a13f8e6d06847c4bec181ac0f6b720be3c06c0b67d44843c6e":"40f14c3340e7092b898758ea3c36750943acac7fbb6a83f0df3392f7936749cb":"5bcfb0786c447675032d2a32b304f25737de59cd07c84d3875c45475b15797d4":"656ab204e2c1834f346d89c37a30164db414827d83ca732c71ec71efa8182c28":"6eb8f276a8ff516f789d94d997f33c2e40b227776fae0681c83fde659462b72d37cd48c95899530ca072bf2470986ef29dfb193be7ee9ab3f8cde2317c9bf02a5f901ccb62bb665bc3a109eab7e3910888a522c765eb49b11d1ad0fbcc45abe3841e9bb4fc0e73188497cffba54f3ff82260767d0f70ea1668f45192e6719102e75aa5cc43084c50bdbd1ba491bb61ee9e5175092c1f50d56bfb68977a567e41c1e05d2d1523c198ded737079131fb12dcf847219d71fbedb5659411d7aff2bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2cc330b34c976c859936c21e2ad88bb60ff153e41131567f58ad34bff5c9cb418939fed56356af7fe215986a5d0ed8e9a078dcb1d3fcee6b99714eea3bfcefb37a344a69d414965539ddce9df239be2f":"bf531083f35066ebfaeabd67b82d392ef6b121e7d9603a5407c5bc74cd596023":"51f223dc461ac2df1c4877f65ca876d635d50939fa9dd586c176d8ab73c6d605":"ff9d6807d71ded1305d9e2cdc811dac2d73746b001b53ec8a5509c4ce0a07efa":"f5222c8966659974dd8a7244d2cee588b6c9a2700f338683fff9ccc45b6d3807":"981abda0e405c976435ec7f938570d911e5bbb32add52a8b94e528486e9dafae139eb15cc2b56fedfb9e4b2d10dbcaa5e6ab985be16c62b9b75a037684986843a7a0e3baabc34859253df2a053dcb0352a0554fd2d4530de0251b1b852d1d3b6e08548e215902ec8dc46ee89f3fc262c7a35aef8216b3def65bd56f0482a18a329f96863afd951307740fd8653d333f932940e2a87523afbc162c5c1d2bbe16f33a4b0ee0ec75bcfa6aee6d8348265938738be638f78506ab731d3e9ab345551" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b4e5aad9bf4fb03ded64e4bf40ecc6fe2214049bd5889a5aeea0bf47be8670d329e6ed04538dd6d207767c367406d482ba7ad29231fd944f00b8d9b762935b93819ec62e0ccfd48f619ac40c9c208304":"67826d2bf9651404d5df4db84ea64dcab10697ecb90c68041f421452109af3c3":"67d6983465facf33369eebe0be12dc65fe736969e8f41478e44ec25d461e4435":"65f97c99140c8c9ba2ce37710b06f822cc0eaa03589157a3b575bc9c423afc3f":"19c37886d613d24b0592ea0b3a465ec8f8a9229abde3fb5e0122032e1ac8dfc5":"05777487bc152260a852e1b31a091f8e929ed22d8a652a77e4391abce7efcf0570df3d466d56dc51ef14bbc55309c6831655ba97c6050e563083fd1f2fe65b43d0cf8762ef6598d967b473b68c4143287f70d096a6ea120e3c07f2a95b80b393ffeafac2d0309d349bff017a49b9ea547a5776b5c38b9e981ed0a4825853cafcdf0f17269b9df6189fabc30388a383e3c28949625ef3d59a2c371ef416ace8658adc0e0b0104f1acd4b349b91b660d64412168d3c9e29680a5e324e4d0ab9258" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"27ae2120824f3d416bbea1f987440c507a4f01fed08a1be27e6ec16390c92c4f8dab04203543caa3981373fb991d855340c29baf439f23bfb599a5eeb95ec2059af24dd86c0825957ea8392ce3d980f1":"cd646b0d1971f249f4c4d1eaa17e60c311d813057e0b71819a503aa41e5c6b21":"90ee2d0bf06cb94190e6505a75d12dd77c266497dc99c5f89bde60be6789099e":"7d82b50cdfaab9b5d23fb6618b59dd28cf1a83c77ff2993d9f1edb87ed7bc388":"f7f728d8ef6af8c5e77cef1e837030a6aa5c12bc81423b0ecb07a2db95a32a28":"4b25aaf436eb600a103d3fae8e301d2755132b3de3c8b4c442129a88ebb3ab20c4d3a54078ecc4197994ff04bf0e460919978d47e45c7d10d76a1e63ae34624e2f64125ae1bef304efb1af688f20d8e212f6df4e11243a49177e4b6456010d784d0e4a94e75371a75c4050b27e48359549f8268dd2a2290ebde22282d96b2f38e3f06103dafae5f54f0019bfb013df39a76482ec7f878d26ef0e34c9c21e67fbcc3412aa0739e875da0e9ea1340592144eb232385fc7e605ecd10fee45524718" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"dbd5f508e8226acb957bbc4914ab13810b9b5b2b51a1b55cd4ac60f6b6d4c370963448fd323968c27d97e005b1a079c9e3ba151887006c56593eca7809b23cb768f5b3701b456bdc85fb5672a81db2d9":"0cda5d501072cf482d3c56c49a3c929b423f6e15a3e835888b3a9873647ffddc":"d3f38ca5c0bbcef46976c6a5965a8493f714aa2c8a2c817576cbc0bd6652beb0":"20014421f9af259892f017dd5392cc973f103d4736f3866e66329e5e7704e0f8":"686aba6c9c6c221b2b4a7de766963e4d9880676e7e6ac8e644dd273fcee519bc":"b720c7c56e10c9e436036fa8e1f1d1c0c0b7246c28bd36e5f3e88f988684b95a01127bc64cbcf12b9689f718baa52042b0837fea791391ee2ae42e54acc571239e5b654486a025ac25f46f10280ecdc65ed098e65e07dc3870b17af8bfd58edba026dc12b4ff04830ef132d07dcd7c62f67172caf2620a204869a81e39809db7befa25c5ed8a74b6d306c21cfd3778180d444bd99314a430ff4ef6b7061832df9b82603d6a0f646b398e7dcd8bb33a7926bdfa085a450d3de68c1e8cb2ee4524" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7093224d6bcf0915eb75360ab4bb789c15834a371baa24deeceb33f86e8bfb46f4e34325ddcbee671f9e45f7887c1481238993ec4a309e10d3f8e3952c840d564644062534f985a6b4e38688d2c800a3":"e7cf1f32ba369cf5545ee672cd6746ea9a336de7039ecbb25419259eabdfa44c":"bb186a460387baae27c11aa8c65d6ee003577eac47b259254a933f82ac683250":"d823535ed974b7ff9f19dc38b9494aa99f88143e3383b5a183ec00c925bdfedf":"56548af797f4a07ec42273f895822d877a311bf1f8dd5c96fd8449732a13a921":"159c6923fb71f9670db4eef12dadd143ee701bec9b0f76b56e9b1b8c473eecc3e38cf06c8f3b0c3d49580e49caeac0fd48da5f53d0d3e9c829c253fac4e4f09730177a63e0e759f043169e91459c9cf959d2230c7b94be168cf4fa02588d78aefbc855d55e444d671a69d274c66ad1851c56c0d880416bcbad08523cefa2fb384dd0f9f188e8a601ce0a92d42faaed0a299d6a9c86958854712427b35e73a0817193b50f3557e66d64ad80fa9ff87427b7de5b7e6312d1d9988ba77be90d4cca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"ea96f8787458e505f5858e31bb85b6e335206f6d6d04bd9d333029193bd2a04e5f85ad152675ecc090119aff7720739bdbe34551ebbef10e822cd29e9ade1488c21fd9e798369d585d6f58168d509d94":"ba45df1a14e23361201a467d2cfb7a3dce3128069a8a59a9a388b8e31c48efb4":"d551272e5a60aa1232fcb4765e853de2ccec08941acc75188eca37120fa49aac":"c1b34347691ae9f1bf6be396e8b49aaedb38307526627399fc10c48748c3a7bc":"722c0efa445262f5800abf75e43d9daa44e3dcee7a7528f7313ee52fca9f1803":"e2f873758c4e71704d8545dd1eab51206ac11dfdb00dfd1ec9e53bdc7f6b57f5209727049d4d781059b0bc4b6091c9bdee947127b8c8f03f1ee5f3665720a4f6c6777682ef1937719052254aeb97e3a17b6b552bcbc9154551a7ed41d837a27b6c37b426508409b75236cc156dad89d896f25c54467fd45f9698a11c7ce01bfb1fe171e4d33faf73a30c8992c51a838e9c0537354371bf79146a79a6d42d4e987b9773377fbf384979690b2c04c332f22567fb0921c3e33088d3b011921fca6a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"92ac19b133398b7d8ddfba3c6046421b3618923241097b8f68b6c7430b6d232ae9ad8f864f358afa7cac72bbc4fd90f16ebc9c15913c11094bf7aaa510e6241face016a99ca08de6525a570bd1741dc7":"0517ea7410bde64edcc70df48f3c87f578b38b8c7087def16031e52760037df0":"439c97f62d6b7aadac64057c0003a41a44ee549f60afa92797ee7c9aebfc8164":"669d42f9901e029bce7584bbd22a13a74e6f6ba50441a2633773bf5ac745122a":"8bf3c1a08b2d8459df96d6abfa90725f1a735809da78bf99f7fded0230771804":"3b832a7f1df591bba571bf7662914b0e5a3b34d38228e377e4e7dcb4b9cb396ac268d71fbfd2e1a5cff4429feba36f55c7e45cdac49a5fc8a787292011c61f4f102bb9a5d9c8fe1cf047956f21c74987d80968d2e4cfa29bd92a35cb96dd372d9baaed8d31ba3462b42084dc1841a4042311abfe4b3358f56c9e0c69e233638d3be56d0d269cf110d5200759eceb63fdf3b0ad25937857d129b68f038fc73a842046cc7c45292d6ec3766aafbc22f1491774624751f2c50fee830e24a34a27b5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7a346bd6d853803d07844ca348f3c4837fce3e3a727f712223da248cd82db6ed4a9710cd8b9f2e7b593cca42da7b1a1285a78d0c764b24c3e4b21d25919c5400b4adaf0684c787326c19010728bc6f94":"3e8de39ab206ed166b203c97103059e6a9317d47f7a76bf4511829cc2e27a4cc":"327976aef239b20833d36b7f352e8e6570f8f325b568975a661b54b8ada49128":"9419cdf1c59abc03013d7d443c734aff57a6d97c870a03762c50b459d38f5e09":"f2c9c49c76bd683d42dd9de9d45a97b78710f39f2ee482e877e3b0844647f9e1":"24a83991f9455a0410213cc138696cf4eece7b2caca0a627c6ce023b7f912c115768ab8aad0fb10e35591d370e0372fe020823365b5bbe713417bc2f050cbf86fd626caf91323271eeebd5f2aae36fd0aced63779565604ef2653a0770fe4e42649eceb6089bb7662ca3d744fe178f5ac5bc20ce7a90325497f55ffd9b25c59a6b82f07553c080f0c45fed23ce47d972605a2f603b72d09d608548a04031dd2bbae9ff898201e4460479548d70b176e917ff3e3683e49f3330cfa77a25cc48fe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2d8fb8796d8a1764f8c824c55b880c53d2205559afbdf1cecda3dc2d05bf001e6252076dac013c7094ae72ca80cafce2cab30a160ce49dbd646710bc429c163231d73fe0e121f8cef8c02f70598fa853":"feea8ae0b299d5f79315383d938bcf9b536d11e036b28056bcbbc7fcede21cfc":"1a0fc47fa95cdafd2036eb5314e0f56266e58abb0f03b5e679638945b1fbcd58":"30707f376333df203eafba7fc52b40d8f1d97521a71d579c8b8457ac1328cacc":"f179c19e45c4a4f3cad8b545d116ca29e45f322580b7fc9715313be53f047658":"eaf7523b910b653a305f9122363d96e17fd22ccb9b6158cc42aceea40c34eac73e496827dd5fe4312f102ba6aa7aee934d1f41609bf3e14c29aa3aca210e3cabe70744a09f4c180f3d1ddf8be0b530403c5238761226f2c2c7ae29b24439afd65d6d5a0aa8daa11abce36df02ce61d352ab08965122e16708731d72a9fb5de071c20c6cb039273498ff1588c901d997151edbbd41870031ee337b38233edfd78aab389fae2bd280e4bc85d1bd6655269c3359753b17fdac502c3a2e871149fbf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #0 diff --git a/tests/suites/test_suite_hmac_drbg.pr.data b/tests/suites/test_suite_hmac_drbg.pr.data index b625ba7fc..c5a62c9a5 100644 --- a/tests/suites/test_suite_hmac_drbg.pr.data +++ b/tests/suites/test_suite_hmac_drbg.pr.data @@ -719,243 +719,243 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_pr:MBEDTLS_MD_SHA256:"ef9292f4a7a67ac4d4eba48936391bb45f8810c2ab02ba424cc8e4add53d1c514611e3233cd8cc8f6d69494dc336cbe1cbc67c17520af442933a235c6aa6b8f98128c66fcdd77843ae32e06b7a31689c9a6a3c540a19081bcbe850278d50adfac3638ec8cf85148a0547d28d0a7025db":"f4a8721a2a873f8fe94e4b3e137e866c79212f9c14f89be156c47a5fbb9aaecb":"b38a6628647a02c0de5b7acb939d0d1896c9c730106c8667d810bd4866ebaee4":"366370899b2a0d6f049e7d820061599a675cba5d3bc82ad747fa731bead8efb3":"1947d468ae4fa4da7f45cfaf32d62a4369796e532f1b03b1495587e6bb95d8330f5b7c962a9b0a2b715d9def79194741870e5c47d15a7308843e10616b891fc9e5cab7db901e0f1efbe1217dd627c71b54c98cec0fe1b25a84caa56f0bde247a9d9183587742a38825234b6b6cc808afde36ef5e17bcdb2c72c7645949289369" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"51ec4987ddacbcf6348e4a891fa571c6e3aec02879eb0181a121a4846344a687cdff9798761875320256e5a59bc94663faab8864cc0bb1e64343c0b978fcc0d6e84d0d17c1c1f4093fac3b4c01837c6b37d189d7608f0c335eb38fe1f43573e0c525093f60ef618bab297b8a4d9d8c16":"":"":"":"ade04730059471b1829bec8dfbb0ec708be7b4e77d688ce7cfba9ddde059a52f969407291440aa79492f827fe1a2f6568989fd36b4fd84e6699152536bff15388af319fb306f07de4309eb92ba3da5f7007948335993698d398bac42029912bec6ba39226c2bf238733b5081aa0a2ca392a719385184be619d9ca56771d8e3716a46cfb339f93ff48abe406ef788db2ada45ab5fcb7f689bd801a5ccad855b52cd4bf1d6e338f2c3eac94ce9fdd0dd06632d01ded3753e87957e8569a67eccad" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"f8dfa70524d46f3545db3c687fe85a8ea35e32eda470b4e14b8b12f4e9c6bbf6c08efa9ae1df90ae6f14b895c342ae07b5e8d563199a141c34e709c6e743260b573f88186f40f800c4c0ec9f9fbeba49f103bfa2d62d7ed8fc9ff88cb1ddc5d4ca4d074e0053c069393d70a5b3f1df3e":"":"":"":"05f4e609b085d28958f5702eb7b99f2e0c7a80f095907abd5b7329628aa6dce2e2f8bdb7a2992261ea414e6434dc98162d02c51936542218a31c6072ed55c9ed83c79698de7ffd3835d5e4d0f3a0c2a70bef2b6c602d1e0cc814c71b2fb1a001fb83a0e2befdec7e4749629693629ea2397b299cdf491415dda446817dd7d28da431f95162de83d917f9e9325774e2f7ef02fe8067cf4bac47e2f61ba235b532af3aa95a6517e9f1286e065ccf9b3eefa6cab4c940c83ee9a11da55ee21c8d06" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"7ab7da47ff7a95ebf2367de0a25c7885d80931447d2f5cc73ae7f66844910e481e05f53ca993b0266b7cde89960d681a3d3c568d9a6e35347cf52d2e0ff7ad1142983fd7d2c848674315ed3e009adb7154fde1f2d90019cac210dbfc06279d48fc7c2e900652b5cb638c1260acd896ea":"":"":"":"f00714df243103f54b4c0c516a7a631431dbefdecc30c09e8e834f09882100c1d0276273568cc6352c3028c156371389078236afe57d00edaa226262f1a7f6e0011ba48d4b8f089cd257b6b7cfe80ca2bbeee99635c277254546d4adbf046935791be21c48a7882ef6cb81f7bccdfcf9bc430d21cef1d788d4f4df6bd6ef5bcbf48e35f116d482d880f597bcbcfbbf68bc77f591bd7346d7a1085fbc1c2707c17bb288ce6bfb0a78a54731421762f18142975b8b3b79dec0d852dca80f1638b3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"40e83cb1fbbefb44426350916b0995fb6a1c5394f2fd625774459548cfab27f2f92e2e889d3deeb33dfd6c40f610b71b70387af8d70768c52b36bb2a59f3ad9a16be98c726c2d65af457b2f7d81c75fae82523c977cbdf6138b1cbe5a9b3ad402ba197a3009dba459d3f534ea143e5dc":"":"":"":"52cfd4a4741b6575578a1b7aab91a366341cfd483799ca08b851bb0dc2f2bf640e90c1406fd09fbf9166bd55d46aaaef38e0449b7187d019e68a3b98a7dd9cdac63ae9c966db4d901d37cc147835d017915902621216bc1835d70dc2101ae50e0541f796bd6bca2e53260ba3353e6aa4eee56f80aa329173e347d83d050ddeb465d8e1aa5450e6e7eb515a92fbcdfd8530f04fae3d1a41b13151a4827f0634d6e80424c1e934ce0e2077f5f31fd177e9a42acfcaa67d4043fd31a8ec72a39e6b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"39927d4fd0c3eba2044002e65b60d3994c3aad0c705bce2e9e41aca30a7c2f03e7b4968d8e729e868f5fd57b49a4b862b0bd169a4e2d77bd59745e778ca6fd762901ae3c0fcc48a0d6ee22bc8520ec450630055b3b66bdd2dde9f5215d241fa266d24342b50d42e2db5436a478c7ebaf":"":"":"":"96194dd1b6ac5efb3d4787bd1fb4c9cc32c29b67ee34369a7aad9a56f64f53526e9207c1d4c541c6e0df4960c54e10168284891841fe554adaa5012f325b3aea79fa4db8c36e67a0f914d9ab361d8ba0b3d6ca4904103f14a30a90dd6fd7c3f679c272dee7f01110f7229f4f5b6ed152a0149dc5a7185bf637d10899bca417cba8f919a2800d8a72d5575f0c174f98f77a1afad850334204e66156eff4572a6703aab50b850a8df498d1d96b1e2bc1ac34aa4399f3b13e97b4989539ca78e97a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"ad10dbbedf980a0c33576f7606e14785b2a903788b9b7cb4c29cf74a8bbec877999ca28c36c835b60680bab9005d8e4f341b97213fdb6a52e783d19850906cb643bcf48c291cd186ebcbf0a287e459d1795e29ffb0c7c84b0f6dfbe219b4f85d9fb893c0cf9134263a9e6a36c76d02a9":"":"":"":"5db269714c4ab774c2eb14eb95e9b60c6ccaa6e90f9f879e295cc007069dd231894cd8fe0c09bf748e26940160cd0cad75dd2e305ed1f2527ba857c42c3d0662d25cbbcfe342910498ced309cda1894a1186ab935fb614646d299ca56f86defdd0a0f52baee1b9b9be05df85a05c225475a7ce1cc58ebc488a4f57fd1f983881754dcfe3bd78cac529e9945c89383e331f0177e721644b3a8d82deef548d161e085cff59645a345cf7af3f3582bed5b81c7de7a6a216403bb88804f7d16ceec9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"e9506dd05bac4750f5d5b43e0663ecba6444455ab6f662802897a493ca11ff05f76045b621004f4a88fc6b1ba859ae795e4846f17c3b1c127a8ef16d32381e27eeca77ec062a8a8f811f5dd7f90737147f5fca2b7cc89009b0350292b88d1de5de94e1e82bd5f7bf2e06882a925977ce":"":"":"":"abc3d68bb9b0d29655ee2057a60e59fb84afbaf9c75ac5d146a9856384022e4873a6abb963d8795ded5ce33f8df9275f8ae4c3da0037973487348645415ed51458529bd7c4996128c943ddfa21484521fc645723802318ffd5191e957ec453a8e922d48b1e83681c1463a03c34175a5d610f8f3709b3044f45084f901704547e301f9807a7d92036e08a3eef791f67659816fcb28922b9b52e2a4a2e81cb848f9ae579cba346b0507e91f26b70d199acb6da5d3544b8caea762f6f30178636d8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"f1f00ebb7cb4bbb3b0a083a290d4d3cc4db53aa9eb3f2feb1d428cf6d8104bdc56b2a30e75782693d7565c5d1ad6edd6cc22967eeb5f159989c2ed7fdb62103c055456f5e1a3163bfa034c502ccbd9aa75385d4777d03a82606a890c89a207494d082becc22efad8fe69c367fa9e3350":"":"":"":"6b75aa14c129d011191b9016b089af15b806a494e8e763a7fe902479155704e1a92eab48ce29fd0f1e9d5a2014757c3cda6e021defdb91c796cbad709658edad6c8f7ab6aebe978d507459198e0719eec49b1926a7c4e33e34e8e366966e0e4e7f3ce0aed6e51d7804d803aab57257ff1250ae8b76bfc48a505d4600bccdd992d564b39c3519db0c7dd26f5dbabdf3c098735688aad1af8525e8a6a343835bed094708b78faa300c08600e638e6f24f4b2b78df0d747ffbb9521cc6786b9c89d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"1f3bade86f64dc0770dafd6a4900f61baf003c6dccec496856b7b08cb99db8f371f1c9606602ad397e0c757f56ec6176c04e832302fd6fbac3519af6d2cb9da5a85ee70efc19c7350145e904a7fa9d3199e1f6213999ee3bbdbcd1200b4dd4e7a8f112f3a37865e494bf8549349e9e78":"":"":"":"1a420c51052534d5d77347ed5751e44817824ed75467791c9717875dadcbceff2ffe024952958d4718b2b4028af83ecf363d57349a36476c0203fcdf4952794aa66b3692e7b0810ce060601817ad0794574b1ce12d6a7b6ec1d0b1e0acb2a6c453be81bf2d17e1fca7dc1c9ac5fe4a64069285a8cb9408051ba5ae4dc0c8897b4a216109b22ec56aace995a453f28dd7d2c38c7d44739b9f09ca0e52d62f204e7f4a09c3e231c8cdaf54f941e8d5565b25155be21cb316417a4c005f7e834d0e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"1b288c94a8aa7499850d7bf82177024f20e8ccd502b7b0f529c47185aad4eb82ca1efc0104f93cc35885e9894671b9d74fa8237f5d740fec09e90b88bc75124e564f1f198081d51c950dbef6a6ebb2b5e1aec008d8a5a4c692f6467c740f5026807bafc0710dc8e9197aee4372b429cf":"":"":"":"3daf72d94056e6c7138787004f40a4a0c81a244c8aa14c332675e977330b63315916d8fe6ba8f0aea5a22def342d4136d1d6c787b3a6c6c05a44ee1cf9b2d8911974974cbf7a14ed5b83fceb8dd8d3ed59194d3fb6cce579a97244091731a4c1ca1d6e4c9d2623a41de665ee3c8236e0da8710208cee948f248329781f40f6f4b4010508c219755b6df752b9523ed0c9644b17250bbc88b4338c688e97e952a924da894fc986f7e807fca4477be94dec993cd6910709d8032fd3a5b97612cd65" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"1e1837b46486b6e65713327240bfac6c618e817787c277b995c92dbe03b9b01de8e100b303ce5bf5048dccfce4d240878ffd5ddcb6754292291d1a79ee1e62b6da6b23d7a83d0fe9e84757dcfa51d05709d54142b42dc876506876b136b6df34b485c0c129581972bcbc674b893ad61b":"":"":"":"23c258b93d4e9943783e88b244a52cde6747d8d7ff28b77e2ddfaa2edcbb29eaf41dc75cdc2c5b581b3a59fe20e705223bdd90e786f6c6498330ec9bd7ca7303e53c0b21abef1497210f8222850ca7f01e0af4fefd36d82e711fb17f581b951e949876a5ef0a212fb73af4d32f6bf9fe8c9e60849fd2311f3b5cb8a4abe856b3dd629fbac41e6dfb502d1894088fc52832cefff807555457c03ba7b7daaf02830d9ff8c9e8ed09ddbb68d6530af0cc5ae9383acd34c89ec189f5a97abbf3ed5d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"67b2a6e09bf31ecee8fe9c719491baf3c6efc0e27519155f99c94667d727420265254ee6d34c6b9c03414452d68929812f1d23aca44adfaf6b02f519dfc3f034bc32c1b763a129a97c7258e5e77ba69d6eb459be2cc96fd6150b6040babcc406143bdc2c1862c7bf6607b4be95f3151f":"":"":"":"d0f71e56e975e443bd7364eaffa9dbfb60a82bd0ea6405de0b1301911449ae6ac0dc8792acd2b0ca3e68c2abb982362eb2a7a8f95d2960579f9932070c9cd7abd57a36759b2c6f12e20dbda8a16a17c29b70f5bb8db0efa9451d9a349b9917b7bc39af6c6be8217e0a6fb52e6a4c46dfe41e6a9cfba84335d0254cad07557fd7aa3fea185c8c88a921ea665e410067395791785ebdf1793038ceef6c590e64af00ac4ce69ac3d0b497feb93b4fee7d55cf0fa40dd49ea748b33f038b5097578c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"379d0a38c8897a6524d6a59df4f09ba975c146be7a398c3cbde8c222fcf998102e98223b81dfca7fb5bc92b164afbaf50f58b8df04889dbd69acd59f7d5ac08f81984910ee20a4d58c51512a3ed893d7b736da894a0b52f75c5208d14f858dfd42290f4181b7aa249097b93fb2bceab8":"":"":"":"166f643609dcb8951161ca15b3660759b69da616b45761b8cfec01a8a7f51a0bb1cf256c9fabe69b29552f8e861cbb3160b905d24845d368a17ebf911a839384c3b3aa6c8dedf1fde12384ec9535ab9d008728978ca58ad88780cdc3d272d1dcf2059b9bdc0d2311812fb1b559e31f8e5a89efcb2b33c705555ee0efb23d2c4d312fe02b998eb78af85e3839963afd98c1c644ed4493c3f1af0cb210e660748cadcfc9ef85fa3b5fafe345756ca34e7b7f88d3aff8783e92da00dbead5d51f89" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"96041c211e97d480d149e75c876886a78fee171e0f395a952a0e873af4dc22b46cdb68a60dd1d5753027e544643c5764cd65e202eb821804300ea618e8ff9785f3bf2fbf1b1048cd4450399e2f642af38bce41df8fde3208055e34d356b1aa1b0180673e8507af2035f75e9fe629f979":"":"":"":"51475ffba32991781b17e38ea58b08bde40f03b64824187b9506153f41c233f34dbdc52b63cfc71b120b4fe6c2866d11e9aaf44f82deddaf998caa56a4dd58a6ea2e8f5e3c4ec7fef73e5620cb6a77313a4bc0b135c57d18085010a4a026059c2abd4b6d2048393c5400341928f5ee6c5a063d679e185eb9be2834a1009d03d298b9abb09f993a8ede54bdc4d9a95c2af5552aed9fb02cf598a18b5cfe6c811d1ca4ed764d0756fdfcb5d03aac1ed80fc86595539c105da6b66a00a91caf44fd" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"423cf6fb44605cf03e3063bceb92c156e38c5badfaac35593139df46d325242c84908baef2f824bf3ea66e74bb4127a0c5650c33f68b5d33502b1f55e06fe2c1169fb34688a09291d1e12e5390a73da125be4cf15692e3e6ad0ab6ffb22cf3f77b00333517ecb2239c9b81e59a72d087":"":"":"":"41f335cf727ffec9ebfe7cb348d11cdb4e5e49a9a047d8342a6656e5d235219a5d80715166698cc1f16e34f743811b820e6ea55c2bdd0db1b97ea2269fbf60c739feed818282f447bfe2bd0b9a7c479144f0016703aff450abbd87a50e5e5af0d2d9469175542737bd116de2a73acbb74d9f0077a227704f271fe0696f071914dcb9c0f0191fee35eb66248eb17991b538649457d5d5f9d4bb9cd81c33a14d2becce003c143c9cfe39ccac51048ef169f6a22143eca721d04f6e147749a44a75" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0b2307c32f34d3f3c3d6887fb17ff68b01f158ef07438a41cde27d2d6725277f33f60888aa32b9b7406f78f47bd877a1795496f759d693f3f8bbd65cb5b2562c4a8d4a717b6bb8eeabc4d8f56118a97d3787d3065f1e20e6d71a1dee563fdb2d56561128fa83d8602fe0da3e89b019e1":"":"16815bf5482abc969179152f79aa34a04c28d483e6ac81aae14f7e0e051a5662":"938c363df2740ba9ccd39168f9bbcd7d421566955f141e13ed039c4d86195392":"959517e0b27d461d678ba2dd528bfb7e844f7bf14a15fb176efabb3a5200ff2b373c7c0683f095798951dc7ffd62b172ed814954c44087fc7a6695a5a275bc8aecd3a2ca8ed631a9ebf5e1d1c515542c67f31e16fd3ebc7e2333c7dffcf385f0d6ebe16b9ed42994be9f83d0cc1e2b3b5773cd2963639ac74ce64a311ac0726014bcd213818cecf5d562cd1c5e97be4028f64400cff31fcd587a004cf60f03c6f3222e4dabae5c4bdef8819670f77f9227eaf55eba5238f90c4bea4f03588b66" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"062f2aa7b48c983c1c6d00d06aa523a67d4e86e5bd266451bb286dcc5888f0f4940c3b022cc76d68e1706d62fea84d052a019b921335f69ed5dcd902632116759b68e09b531de276c9238faf3a9802806750454a5260bd808b796cb12116354b9a7ab9ce33f8dbd40ae7e74a07cfca02":"":"4a217bf136c3894ff7a3ca07eafafa286fafc8a827328b105b3a8aff28e49d14":"e433460e9414b21fc3d5e2705c08a21a36acde4458e24b78dcc51199b97c7a9a":"5c980247a1fa16ea086d54084281c5fd114777ed21478beee9edb175be7c4066b197065da5f4c15750783039eb4b5e2cd4ccdc2a45c49ce535f03a36657f218fc616b3e8ef0c84b78b0cd1c57477242bbddbbde098be573e20d6ddc76649d706e7f6c7ca3f44c845c2c9c9d316ac8b7389f7264c6f8cd6c56ca5503e5b37f52d19e8d47cc85a04a0196b9387433bca3c18dc30b47030fd297705101826840991eaf5b856a5ab75d2bbb70cb13e0dd1876802fc2bd776a518b9dcb9484c499644" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0fc79576bdba77a815108bc9cd2d168ee30f9ab76db70600ac95fc40c1f6b724068c12b99cb4928247e64b2ea8e75c728ccb3de18adfebe24ef99e14ad54bc1b3a486891b00b1c55172d16adb00ae58c9d8ae0fa9809245a56c9118048199767d35c026e6664773562af011c2ca7025d":"":"b0c200b6f8548643529fd414c693054d4fe04d8f76c3fb8ccc6992ffc25e6b19":"b91bf188cbaf4b01350d726585c6f3601a26b3654db2e2690a14f1989f83ad85":"7c64e503eea5b3df44dc0eb986188c312a0f5fe1f113239984608a69ccadce8a7c7f3136169e075b0c61812b1e74dfe6ab2e7d6f247f73859da5a1068c92ef8e6aedd94c3904b973ab887ca3c38de70b8b312e32a702710829ddf962f0e08779ed9770975536557e3f912ef0d5c4969202af50252117eca8182c30389c9b84fda95118f8c748f0b1752c1e58b8e0af530376aa34cd874cf49628bebbd7353ab4a5f64bbc8e3537762fd5556c680290b2c523153432a2e0df1658f2a5507a30a6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"ffde7e2726e89cce816ab3e22572fe31434f3181d0578d51161cc77305e2562b755008c7e4ccc8ec62806bdfbcd8508ae418fcb0b57a4d1007469ee3d959a07e949094b0a3e5af69aea3a90a222630978af9139027a656151225a2183b92e980fff9ba9876824bafcf18d63c916fe7ae":"":"bda1741b0b39d9248dd062870334e33cecde5c5f63a07a3030f98b021c6849fa":"1b5336fcbb0ed183e0f80cd31ede4f324997ffb842a83957f41d291612c55e8a":"61d542e4794e9bd4acefef4b325d954c8ec6a29138476ab1bb037507cf52c17edbd511579be5c232a67269ef42364cfb4e2aaefb31d9e8e260a04e51d95c2ed6c5e0f095efd92fbd36edcae4393659af6bb98b0b71b281e91e1df37c353987a6a9e259f2735fd16b8c1277df651b26ac3d9f292c9252be7fe09ab7851f515325a078cd69a7573a4810ab460c4c9e7604e54242ab956fe471e90f86613ece7372f1aa934a50dbd0457033843b887c279f14ad6b4960f401b7fb777253ca5e295f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"7946fe7ada4b545090d7647c99f71594fa094593115c23888146b27a7ccbfd77ce305c1ae4fddbb75a65dba4f0ea18897bb7e9aff3138ba030005a7d1c5802838ebb20848f8e81e7e8018cd0d0dd921243c094aa710f6b0b2ea004bd684799e3caed8c3c8944d5da995b88fa071d7526":"":"b29a506c7bc8b2282570223230664193216dd47f7d20ccdd35943a88c58c0503":"3a4c00cd2f278f0e82498d33fb6ae9e020f4d3793e832afc9864c0b7b6cda43c":"8c0667d913b13866c7eab98471109d966901fdc66fa4dff8996ce81ec5185ce374b118da34e07bd82833f20fa4e44ef159f9b0c47c046307a484b3f52822a596bcfb49b555ec8d481fb30e13dc9898f093d34cbb4d696d70161315c48def73bb1c8b4947c8ddab101d4918f5cc00b890b7450e4e10c17c46ea7f5e0a1df65a1fe74ad2577e592e7bddeadb246fa62cfa5bb8620220b18fff296a19a5a3ae6b833321ca779b7cb5b55658931610d8b7776087c41ee4d077400753681c7da5c5aa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"5459500d5a709b88bf067b4c390837eef5ae2e5f109c110a84cf32f561d26ddc567c5f4cf0f418cbc2a56d4325b2727f875cb1ceed3167136f0d93940417f616a3843b686ab4f5dd3d808801054c510fca5ea8fa0465f9d1afd8e0c68affa10f5af61e594e66b2bdb2372caa0712bff1":"":"eaec7b75ee03cdf0508c0ca171b005077954e2cec7230b0aedfe32a15cb1c855":"cdafe409b871625ab1b06a93c4d5a1f8196777370df18643f97050d7756adecd":"486aa4063b3840f0417034c65676d20da22c510d281bbf407855cb58a87ac9b33511d692315d88d27bd5d1ad5c35ec8b99018b5ca64897aff48544a5e578124ddc00f785deb60b0a60dc4873fa9a148da4dfa1557baa3aafa22680a40f650e4992d21e35fab3be5458dae13eb2caeddd8704d662b221bda01ac6329e2c451e865af9701a7ccb69c0ed0baeb226e6fbd2b871b99420949570bf5fc61c673aacb58feabdb304f870939d705426aae55cb3a2f3206c33abd453e077c4565c603a18" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"7e74b0a5413ee2ad8de814ea1f556ca5c54c6f11159f1fbc78faa86a74c4871a11658e917fed348e779aae510d383290bc6c4f13391709f8aa9bd79f38f310e2ffbe7fb1be3e6e3aac9d879f1e5fb3eb1fe81675cbdd098cd287f66fb9b28d50e12a64b9e08f28a40ed446fc3a12585c":"":"d152b0aa1946cf177aafc7d47322f8c756831550ec79adb40f34681fd6b3840f":"152229388caf5dc50454c2514d9ff1a4b70e3d1d9b8b29a228d59ce67e8bc586":"a1e2046729e849482bd693e21779e18370a542e2fc7baedbed054476f35447e069bfda33fa2723ad425717c027e8b30d57dd2fca8cf268849358354478cd8bb42e8f9a737c2e3d5490991e4902a52e86d1bafc1751f5908a36afca2b6b4663ccc9f1aa46e857e2ee61e4dc19d154029da48d59519dde64410b1d7daeb5b7b93213cba1bb059637023f928f16e5944e0ed2ca07be3674fed6e0da72313b3cb80b7a2d6533fc8785587366ca1b6769db803d6d840c5d1b6c4589272a3fe9371b0f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"70b5cab63391c5777e4e60516b7095dea3cf26d72b27c19f5a08de6634306d992de4c3f70bf2849a4c3dbeafb163f5d50dcbbcc8e6f4bd973636da95d71d39d6ffc9e67332088bf906921b9c48a7e3de158740a9c0f29a7b69d5545e390030965e305ac1653958360d01607bcbc39fb9":"":"ab042d23accf9a9473b43e82683e30f436fa492ba4a8911e4ed2622d481e0cd1":"b707e2d5a5020d37656009713bb100c55819a98e220fbdfd921c6c0724ba7238":"f3f82b7aa0639bcabecefc7b07b3eecc9962884250fad11b9351226f138e06e3e953e052792d0127618a28aaaa1bf5374a06393c18a326f8d3471010f9840dd16ec997f53fb981aa2b689bf1cdbf265b4ab698f9e8e9c054255147e04654b8fb1d0fd3a0b64d3880ee6e9fa87e0184f6ba307f4d3fea651556e0baeeb75f308fa32925f8c55ae0f355f8db8495ec6c46003763ad4ef36590ec40239b5e8530aadaac931feefc8e392c550ad4d89f5b314a53a0633c7a93bc05b588273e6d1d56" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"c17914dd6b73d65e5af112536f52b046d4963f9c9098c77d9dfe35ca7ee6366d4c0fed576ba4cd14caa3d0c406fffad2f0748362166975f5bcb9a395d568b8dbde3383c5654bd24f26890b21ee1f1cb10f3c93cf2df64cd764187c840590a54babc9c281de88ad1a1dbc2677fa8687f9":"":"4a61ee9349d53f8b3c1af36fe0a9303ef89705fd87e06e5f34b61e1350111279":"a9ad1cad4ca7a5af4bfb83680d4b914c23a6cd551e8b002c50f30be0d8693edf":"9ab30e3729dd8b2af987dcb793d7a3e1fc4ebcfe0a4ac976d91bd3897777effb210c8076e9fd135991e54abb4bb8c7b183a80ef37077692e519d38df4a04304fd83fe1d67d32147fe0a249a6c8bc603d99878039b873588c3781a193437f098094fd8c12945ef99036442c80cd1f544725040df980c548f0a675afaf62a1b7c225c9cdf0703e613c7a5d72c8b00d8ba199b8ecb48b6e0b0d103a3b0f57ff1a4b9189a20dedeac6eb26b1f66ea0c34ddded10af2b0133f4b5b95ac2239dd94919" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2aa5423270d0859a6e3aa3069a88f3ac4c30eda7f6e52aa891e4f995244a80d73d73f789561b00ceddf721ea59a7eda3157090ec192c578fc53d232c36453c5e8bc3c9c22f3aedb6a93f7aa63975d9bd3369cd518e570f6af0ab162e4c938d17dcd4f3ae46d7cd502ef73b2d40f50e2a":"":"32cae3ff757b79f2305a8b5f5fff5a77afb581faf5a3796c5ed7054d7c048017":"632eb6f1c827cf299f3403bf80af721fe5ff8245331f1ccfbb8f4e61ef5edadf":"1a85c36131a8c271d6c805233098bb29f9104e6254e0680c6e264a76f79ec17c7ac65c8a97610a0a7e5304b37d1ebdbe02cf9daa9e45b81d75d8c613afb974eb38dc49041eafa7462b4c272fdd3d7fd4b05b1e6142305ffd6fa634ddde90e273b51b02c0b68b823c77ddf3e93a2ab9436d0f4801f08a113eefeefefb9592683981423f83235f8e563ecdb4e44daa9afa5e1728204dde1bd254c7985e6d56897c570b0c6307fd49ae4dce18ea55eae846af2a5acaae17a71f8369b64f47b0e54d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"c69c61689d1f7763d43b22b6bc2262c377c62db60835114442fd5bd65c665705b5563b3b6e9e793d0f4128696eefc5ac603b3edb35b705ae39845cefdf8fde23f5479ae4f033442aa958e979c89bc41dde68d92f05b28c3644133d19788624bc970019a10f6b3c6c5b8dd22b0cee3e26":"":"15cd6984fab6ae7db72a4c099a064cdfbd141dce361fab0021872c91b1bb65ff":"86c295fcc7f9c2ec9fad377e0e4d0119334080f59fa68c21c19d7a1212dce03b":"97b971ec13db049ccd72bc597ebc2e33fe4da647d0f74855f242884d35dcf92d0349fdb3527c87c5431c10fa85569285096d3369bd1917c8c7c8650024acb88e5b17c42b50a75419e29757a9e1ae09053cf0b51dac437883cf3f5b1abb40a71f40d279bc9d596d0f59f4c70f81087b4446c402279f4486198ee3294d0a5f72eba7ba52cd552906371aeeedb47122bffb0d5ed27c3cbb86a6fc2d83ab4db7b6e1ee467dd1ec20dc15bcee168f2e200179714cfc04eac651a495a718e1ed985bfb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"4dcc7427dff46b7db7e2d3273e0605ce85c460cfd4269fce9ca3b10399b99e178b12f28786b9e3df457ac0015004844d6f6bef29ea562856ee82246d24982393f770d0b65d0ffc660d9d8359f10904fd8cbb76e648df60ec43237ff7dc46bc34920bba637a2c1643a53e8a88bb7bb97b":"":"4c0ab67b952186f2f85a0dbd4b2c1b0dd009dd794260ee7f321b2d2b3d994e09":"f5be66009b79f51f6aa0cd1a5a24a72c6a6c4263263cbcf80e8e0d514a2bbb1e":"211ca57a321cae2c6d1ad755ac924c92dd09bb1c6334ecc543ba78a18608479457bebda63f707fc28190b2d56e4cfd96d8c49fd146ace867236c57761ea28326e3d241d1dc35d7ca971df9d292f2563d33c5f32abe86367cf5f2f06628376752b353f72b501ffa94a50f146b8174cb7946ab8c8be382237334f37594418850a233c536d72763f10b06f728e3e60d3b4f0377d51b0de11d110a28b6fcb7c42b77e5f6b771c8e5d713a0f6c4d82ab2311cadf16b7cb441a417b2f595f32ea822ea" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"b72f34bf8209a28168ae7692e4c7d6f19feab9346971b85fb9f377f6e4a77dfb370a10addae744ac03f2f277c85423945f486830cd410f26e22c23a136d41800850113339242e1a0550bef81a239a289a8d020c14298854f0b17abb0bc461ed6d39ab2d9cfb03b835916c2a8e93710a0":"":"e919d983beae4b687bb393d90ad4104146e86564845800ecf82085d5b269f1dc":"abc8b519db05c1de8794248c5741627cc00ee35a972ecdec045a0cc557a2d967":"9777504473adadade14eefc0279f8347bb178a36dbb5fb028f0315b4309fad4ef554bf34b04146ba4bc260a89cf78195ad1c23c6e473a14385c66ba2a1c005cdfe336999245f00ffeaa41dfa3d9e68294e5d676f01f213c6d2d8a69b43e36f2a568999c0a8c07e96d7daf90f3e2e668eb9fc8e5c812a49a39507d193eb7c95b947aafe658a1065efe9370cf81014e4ffd54efffe5f863e6e4b7d875565617d8b72854ecf09263c55d1c3f1a4f4862214fafe7f03da5572095a7befcfd8e6ee63" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"35d5a6cae5aefdbc62f1efb638c15dda387a8f651810bf068a8d92601fd37e0efffd95196c09c668ddb05eef3de339222a0bd0d3b721a27e2f29be84a846c3964eb9a84cf69b214f612df3b414729df499da4d3ad8bf3613bdad3a70c73cae80556c16f8ab83adf0f2bc9391094bfd98":"":"cd603812a8444925993f2c1a0691bb4459faedd872f43852f9970675f579a1eb":"1441b6d4876b050fa4d969f1845d3f119cf5d8720c35da9c489000e6b7165db4":"259828d05b8e735fad69527cd2322f94e8e7ac2791607ccf2a74d070bf7d5574ffd8d6e447cb4e02bb15a87aa88d8f1667edc0905455b116ef7f08ce727d8f266965242e0042810f946e52acca6348d70e012d998322a18a2f3b4c4c6d6b66cfe65385312344e3eed14c6e7277eac9a4d09ddc5dcf8fcce6f79a23d34c80cb78aaaf1347ecce8c13efd450d59506513e62f527179b95b9b5d9df821c32538f8e1ccb17e911826e944ec44943ad8e726d54fa98ebc4d012d34a23771ba497ca2e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"66abf17d907a134232faaff93bfe361223b5b773980cc261fd19caaca022fd0a081c11efee01fb1f7abd0145b32a51b3237d6ace877ca6392bcae2fd2aa5b865aabfb1d1d1da33f42319a088c8dbed1124a71d39e627d5efaa1e8f3e5f70114bb03b71ce54e4f8d34e838106b2467cca":"":"1e51f2b67538f84440912c6fa20fbf009100fc3008b5b8e1308d95e7ca53b460":"301f91c659f73b618cb46a4343772f1eee9fb4949ec6328109823749bd8b0b11":"34c532082926e6d530b3a58282eb4666ac7374e8befaa4999dfc9f409e40ff966652295d2940db97061800583bc7d47b053553ad29c89ee61803c1089d30592270d2927031353592d4aa71f59a4bf3f2147cb406322367544c38fa5a3c8ccb534bd884355b06145db62161260162091c795874a2e99e01292a2e39e107738818a211750f858edbe0c2ea4734ad14f1c45bcc9f733f027616926558587f7332be55044dfd6fcdb628ff7d7d581820a217bc64aa092e450722686e0cb291eca45b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"37dc21c72dc7c82d5e13c51ecaf5a8ae06402500d92caf96c0555a95069f4f0144a961ead5d6d9bc317afc8206202bddd57fc02a2a500df1fb5c4d9d8837b52a5220fdf068fe2b8b4bcc63fbc9bfc94c8e21d987e8b6cb0f4cd37b144c668f18b7a36ed4e9758ee7b96029aa0ab2196a":"41e3b89347bd035bde510ab8ff83d5fdcc9d5f2de648bdb468a714f2c1083c52":"":"":"a929ee23c5832e5ab93ccaa40bf775593d7d04a1a8411dfa07b4c8a2da2dc91b1bcb9c27a0ba5a7152ce5ded5f76cf6b83c04c0f8a4f6b43383ae3e7d497280c0f944be91b0bca6a56df2d00641bfc1ec549b538898e559407b076164278c0eb7afb6d6f4495a50d4da178c04b259d21bb745692d3bd186edf5bb3da6f66b4418fc3d9b085b0a6c1a5e54696272c305c4b8887595b391dd6ed8da03dc9fdb2728d8c40a2defd8af05ef1c443a72323f2e0b0d268109fb7e7ee70192fa06bc6c2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0dcbeb660cff703e059913eebff4f639a24b611a078bae8f01320ea4af5e8e0ed93b8dc4e84d224036b5da645c147359c6123c54cc2367262a7594bc9a7dc69f76549ab803af66de8f253d338d48ab827b2b1918d636d6ec92bfd9123f1f5fb59b6c37eadca0ca7792e2b7932e1ddc33":"1debeed9ba5790437a6c56dd3c9e2f6df0912aa0ce2e57fa8eec9652e2eccfc1":"":"":"5bd815b3c3bb73a45dba72c68457ccc17212af905607d827e8b5ddbffa34a058ec360abbeb6c8ba16c770ae4826135ac7e4faf208da8b5fe3b26c16fa7c7ef4000c3dfe1b8b707dde64b415c671c4615d56e2648908e047ac978a389e346cebe9228daa7bcdf5e341f72c3c7ff74672edd60c7c6341726450ffbf9e3e7a16580e7e602f9ddd3f3556129052de05991907d81a87467ff5842c6e5dcff4543e24ee48149f16e9107a9aa40cbce367d4b76042d77ef1790b0a7701b2f04873d245f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"d9bd99128fe2771918afc6db6b2514eea0b617d9bd4599a238d9d99a7ce18995e8d85542f3f9dd89920b0f79b94d7f551fef4a330e9de24eb197bc75677bc13d8361104997af99ea2c6da03f4e71c89e03191bc5e320f057afee98e98facb99d15142c61ddd71666cdc38146fbc3ea4d":"eb701a9d119cc6dc0d735254067dfe161b1052ba3f93ab0d6bcc19cc0387027a":"":"":"67b86213a84778a9a38eb9913b9db8508b53ac0a81ff85dc78c966d638255f8f7c63ce06d4a66f5d9213ec2b32f7e63ce5dcf01b59d3b30433f0cf4c06c171d839953de913093ec845670b38ecacd81162dd73501b2e4c2d9dc69b97d49bd6d9f6250070ef6b360305fcc5ff392d1adad98d6bfda67d10b725c7cc8ef6b4fc206fde1871712b96dcbc2df4f08d79f1adf7fbb01bfd8f20e76956ed4b9dd1d7e5fb4f922ad2a529bd871490e741843d839e876c4b475e2fa140f28ac8d347a07b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0de3fed3b363d20ec5018d4aeafb25c8e0e6aa42ee8b56843043f8d9c40b9bdc8ed427d29c469d8976a5b785d050f3d2e5eb287a064c54311bab32dcd5f240682babef59c6ffa602669f3ce4590b054e2550444f249b56666b7b2fbec29b33d1b29ee653e388f9fb54b00635ff526dd9":"82b6a44b0f35f946fa0fd4628738e61a0bdd421a8de73f3d2efa25216c789080":"":"":"1f7b951d147ddbf21fef9d4849044c44b757309da8f0244f71e4d8301e1fd50c5e46407f5bcbed83eaefdf8983c330dd0a67568e866b20b48c2bc97dc63a7c0d3eb60f2488b1eefdfaa7b8dd43132511b4a2ca80bc9e82851584ec4ae463444aadd3c8e6db2d4469ad9750e18a31337613975b3fa0629b9a22bccb235d20157a4427acd619324e881e68f5615c65e59a566a73e4ce9d484fc5b0b29137c4f339be84781cad67d17de03099b1d03ac45106c1f2eb5b380ec84392b7ba5c91df4c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"abdc2ac24ba7d92ed9f518d9576510969f8d22074bed9b7639299d2137532c50faa49b5e843f417693a2eebd0ffd3f27c0ad2d8bbfdb912ed4d1ec85165d4ae577a92b1affab63070e25dca8bb1b035c8bbc5d3a07b4fe094690e4a45b99f9e5bb6b0bfe823f3c2a148732fd43db5e5d":"8c7b18ce389664fb72e777e70b533ced4c04b0c290fdd45b86b6b95708d74187":"":"":"c3d1420055f71a43264ab8da92829fa1b8937346375349d2e256705d933a21352ddb4eeceb36cdeab38cae58da81bcbe6deafeca5d7f018a0514bbc285f436b574ffac2547d26a3f9aef21b66c1e70b45d372e4dc2281182ae94667e442f39e1b9b2fc2aee06ab306095a904614613b513cf1af5a9df12b996cbe88cc3b25401790034ad0622df43af4cdbf9cb681538c79189a8260cf9c35378955f2ea859faa78773854883cd94bde4c0f50d4c998c278e47787e3f74f3dbb98f710366d315" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"d20353e175f4ebd0ef5fe77f7f6fbf5340ba07934828dd296c041a63de841002db0d21ecbfd5eda2bce80bed6f73c23d3f18900bcc02791ba9cae668fc33fc60ba84c6eb40afbbfff18be5c4960ce57ad67dfc8c1eabe61a299881c0f326f7093c1a232c80467772e707dbe75b5558d4":"f38f23461c471181a4179323aed247299df11ce145fbab9834b85b3cb42a10f5":"":"":"76a4994edba3d0d9ffee9ccb7e12a75e79c5ec1213f45ca4c50ad629ac533e5e6dbf58f8fac193755e74f9e7a75eedf89472e91d394e32eaed86efa4fb2f9e7fe4bec1d9c7a30fe9bd17c2cda73d136e752a9b818cee6f1262028031bc09cb81b89156138b571f03afa69dd388a807a8cbe9c4de66cad764114f9a4a6419ea70ccbbbff9dd774aea8a2d6b1d20d0a577c59953661f0a87b4d795c2626a025d733f43bb5cd1df37f5cf542c7c8b6bda061cf4693e0384060e63090415d7470cb0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"a58ca5154659ba58fc1b468c909c667e1b5087884c01ab15f86fb5a431e982c1c041be0aa014fb310019fff65f40ff13d4469b123223ae44f4f4ac0fb6877a7890f969d39047e39ab23882cd7838e16e64bc361fe18136471dea2e71a86ef2d9f8f7e1d24643d7df292409ff8cba0f13":"dc05980e40f07a02fdb150af580a7d195ba26f4fa72a1fe513ccc2cf6e4f699f":"":"":"6ad4543c218cb6aafe65e6a50c4f9ee9d5c7a3b9a0112bce262f49f5b0d20dab7225fd0acffa25165729d8fbba038eb65f7e72f136e5bb82e8d94698dd9b763c38f3041ccece3b04189aaabed79e4d4213e24218c5fccf5f9a0c3902875564431f4d670e6e60e1dbabcc4642c3ef895c115e28702927cb98d509f9341ac7ae2c6ef6c2dc4537e909c81a9804057b6e24fa63ec5edce835e624969a969e2c47c6dcb7e9bcb2bb8f344d2b9855a43e26c0606466887b28b67ffd7f99d374812d11" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"9d6e99a11d63cab5aabb1462abef66bef31a2886cd172651bbf30f65b16fb8f3b93b5042a908510d8518330538a06253959da557d2b390c6fe0b7ac6b18591e5791d275c7e3d558690719d5967d026a80604a389946e2a55486b5c49c2984990a2e14824aa2922e6a59892c5e6d969fb":"af631e7990394889b84d851920ce8877934e706b780908a07211d45b247584a6":"":"":"9f33ba9083c7f4088c9505622cd5b4937b7189b0cbcdcf352c54ef72057594b8568cd4b13a4bfeb61261d27f5febbf2cbbf902a8d55f6bdf669238ae84b8abc58826841f7f62a0c5bd9f74125cecbf8e3b4c1ec88663114e7c248c41cce92e73b05eb3f826100c1b2683cbba985d2ab694b5de1ed8624628917ec9bb97733f337298c0459f198c7a138f1670dfac0d58f287b8244f0605f97406ef528099aa2ef290db202baa7fb221a8523344ad836c9a2bb25e1ff3fb4dc20f69ebc9f0fdd9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"df7c57519ae3914c75174b3107b7ddab95df936c5cd7c296b1cb1ea06249915cda22bac19ccf2d522137989d5a42549809277ba155d04b3353520f4b5c2f18120bb4b8442130db58e9d46a1a41f5627c40a6b65a4f9075460b7053202a6e5b12b9e07ae6ee9b4945d4235d0b736e88f2":"10a198b05830cff2fb4f5b0317c258129396edb943769292753095b58bc8fece":"":"":"17b9fc6419c17534ee16aacf32550cbf58ea1f073b8e72fb9ae6e94094e797f216703da428394a1da8236f725b191cbec11531a1f87946c70fb1440a55be7d7d18c9b5085d626dd0cd9b3bd63a9014e5d14eef636beb694dfa7f781e83f3c1b4fe5519ab1a505d1be5b812514f3a39814601db104afe5726086f6bacb61c00ab8210239b2891938e97fc53de069f18a6469999727a904403bc53c6c73c7b3a5f9f37f380563f1281cdaa1b4bb4a636f849717c307848748172ae0191997abda8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2e403c307a03d766b61001842f85caf91a5eec97a49934547b2ce63411916495f3e102d333269e04381bbf140a28a2d61fa6a5f2286079619f4f4fafeb5c520c602d0ac3190fd500a3402e7c0647ac76c901e7c58e012cd6b9e83d2a969f0d0ae4e08ed5cb601fc72596a72b4854f246":"ff1d9eed8cf59f5708e41924cf13fd5d30ccb7dedce3062dfbb2c4bb4d36b65b":"":"":"e5e20f2cb063c1587583a381536aecbf0b0cb4400c99a74bbb6aa15f338b3e67187316865cf90e691d99466e34bd6612985575122c6c79848d4e2f26801d98e49c002f4063019394f4b3eee908f2d6b56749c260e56ece4e0431650a8bd9735879ee6c9bfaa5d44c07e7ff6978883c36597c31126386dafbbe035579819068bb060348629f74420bd411f2dc858d46dff0bb4f79946af96046da2c2cb32e0aaded4eb1ebc8748f277317f9ffb9aadac1bf5e6654ae7131d5ee0c765ff3d49d9e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"4b1240cedb84ee3f395317e177efcf03b0fb57be1e01e3c206170877a06ec2cc077e9751b4eec964a4422d010ef1487456fc16b3e6e7ccb8a06230144535274215f00afe175d394cb04518b630ba7255ada0c6676885801a8f503c55c38850de6f7904b40cf03fa195cd16ea2999347c":"9043ef3c775f32dce1902b9efdc481f61f29220eca53bb904155f2aacc3b3706":"":"":"4facd2fff1828b9f4a63f639503cf6533a4d242f316ef7168fba44b52b876056bb0fd040d5e331d2746169cdc88ccef74dcf6c642c1d1a0db4130f8be9ff88555de4c2a7a5824f005cccdfa6074df3385672eca57a45679d69dfec232cc8b1bca87f6f9c6cac2f630498d52449a5d1b328a6d2ac1a9054a0658be589bc277b7750ab5d647a73a15a059d72608f9d299d11f9fb417a37ddc1b52c8b8859c2949e5ebae650b9cf8b4fd771288e582dee38178b154e681eaf74d4d3f35daf00a309" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"c2027d8c084e2c6fc5d535726312bc6362372872cd37bf07cc1c3870f3b59a970c62b84a10d1498b2e02027d854fd84dd615e29e7c204579968569386b6f08393322c4fb36da4398ec4881ca9c17905b7b2fa28722c98d404e93fbaadb165411d41256a0dfc806a19df0f526571c80f0":"8c5c93583dbba016531aecc1da7b010b9559785b2e8cf660ce17022f8d86be78":"":"":"54074cf184040f57716e9eef80ed0e006cd029b99ca568fd7639c4c1b0f7431933516830f5f87b157fdbbb2af7ab57f6faa26323f096c8e86136e49d833665a6cb3a22f7d5d38290c2e9a23c62dea6c51b958460b263566c5c0e4be9adcb1c123b55879f405f11b3c34c24852d33c64d6563ee46cad14ce08d5919ddbffdfaad0bef8d8ed9974f1d95917e2b108d9519b13c4f6929429d2dc44ecace7799839ffcae035904b576e71e92b0a89f39e3b3444b75ee0705419c3b3533c793605eb6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"02ef640b9f087fa48457918d7bd6e910d7379bdd89e1549118ec67880dc3c4be3ad95397b8fc88bfced5aa76941716bf4c26696e9540d759c8c6b8603d5c40df267056c79bd8a3497b77052e498953493eb853b56c41f3286c09f1ec88637f95a1cb7e6e0efd3acb8a8fa4de63d10727":"38e664b930fb072112e6d47bfc5538b0d48672a12769f3eb860243bbc1c5db75":"":"":"c399e8c39ab174fa8cabb7e73845d8d434dcebc21062edc69d02928b0de4471517496365bbd59062a43408215f5b0f35971f4c48077623860206e0e6af8de751e6fe45eb6648a66e8ac5e603043c5365be3015af858fa2709c6c7b1cd22701dbbf4ef27fa45e6d7f9df4e8a558517a38e26bdd82960db9a92a0deee98657ab514913f134cb9362756a78ae4afed3a6c89e86341a8fb20b5cdfcd56933363f83e8c55c69adbf8e8d7199bc4f93b72ae1c4d0939b564d98e7f052c66e1e0988ca5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2f280ffe3306764839899faa89213139a40462039f4d9c55feaef6728c24cc636819357f6ea65badc8e493b99d5af1d995d14d81e39802711977d0a1c5783bfe3c290bc469bb9af520b0faa06f230fe6c4ba3804e39e3226f0731f09579e105d726b089d1c37c72e3faeb33768d3f20e":"e3d99860e8b1e9297c60b17904be8525be831d71dbd3f454f085d1758ebe7160":"":"":"45400ec700a4cf8309fbea94aa4fcbdd22c859e0f7defa746085a2f4ddb9db16efbb0c2fff798c99ff4e9e11986f4c330f3658e34a146f8d9071467228e3b0ea486cfbc81da3e739a301fe51b620d7d27fe9da0e4b875efe3c2bd0fde31f608015ad71cac9c95bce33e516c62fc45a9fc85a78c142416d7fbff3a83602dcce3add6301ca6b9be565e3cf06ad6f22855d57d9c184ed7214adc1bb014a1b6dafb86989283fa3a4be10c410442d761c98d2d3f94bb0d97ba1d5c8966eb47b0fe6ec" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"8f3ddc4230f8320bd18cf078c04c62e248fcc326980301174617a9e54351c667ba4c31a4c0e7dbd7336c27c0b8a034f6fd947b0a21e580e6c2dbfbd44d01f5fb4a51dcd2199df9f1803f24c5e774f048815302e016aad33254d308c5457f368965c15b6204e191c2a252e4fe88dfb978":"9bfe9bc055b3215560cd285553372c47cca422fca574c0d22d7ce5f2dd40b084":"":"":"34f550231d31c1b3a3db331d341ada3b987120d94e431831eea67e8d208f9cf1800549d445fc7befbdcc2488cc7f4340560d574fcd2396e9ecc9a232f1015cfb26db451623fe47ec8bacee1756573e74e519adc62b23ce86fc191ea5e13da9c7a14496426c6c53dfa7c7ccdb67d6164dbe88cbbe7f48d4971993003ab24f3eff18bd52c2661992e8f8da93bfdd28f01fc32edb439ad130352463084041e9871c431ba26c676ecd7812991833113cbbe687651e93aeb22a6a44cffc7a3fb214b2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"8b285ce6b4da70c83fd72aab1b4be62101bf9b29e168726ea2f670aab0deaefc5da3404c494c6019ea33679e37cec308dab13e0cb060f66c1c83fc6fba46477d1a3c802edd7594db0b297dedb9ccbc800c817f05658fb9b4c99938ae2140160c4a16d548634a353bc285cb38d0e93243":"723c0f287db4af285c195cebb1104a106f22e8b243fdcd0566228ab5f227a9e3":"881a1874c800db068b5913d195058d0726458de3782ff530af1a761f9628547f":"0c27cf271bd7931d187ec6f56038519674468fa2e7e6f994904c9f1afa346939":"51e042dd56a193908c9018c25f1c1a8b5e2734b055c3b7fde6a8ba9ec2b959349df29295abb0a24b4715f98d31de0a369e6262c2b2cd49c5462b7ae284e921f5ad2ec013edc1611343c228683f4170f34a75854b1b656d226e294172d488c10a415f09dee70984b9c49e8d36863192301d1762145e0d9e94e99bd30ce8490438ed050f418cf4ba0b07fe90a82d1ccf38578d99edf0518c4a758a199db4d3533c4dbc55b1da19840b8f365a574aa01647819032dc0ad641388c2093ebd4ab5d99" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"5b5c670d3e0e97a21cfd5bc3d038f0c3d2578cf3147f5545e5118a04c4eac727b50734939e2fd0aba704932ccaac42af316525e3fc5f1dd224131d65f8d44ff8420891c0af7c78f9cf766097fbf0f8bfdd131db1801275c28081e6063c0c4d6242f96e40fc513608289f378bc4f18518":"4cb0e590a1d575b6a2df9cb0243895263c894a990b6798424bea9ef199761d08":"feabcecf0648665b08a7c690add6ff75744de3916d5573145c35517808605beb":"fe81cf8978798311ee6d1c5d6145b3832d9ad1a1266fdac0f4fa230c631e9ba0":"62aa5e9b8a07bed2a5d3eef0c73bbc841bb8cbf544d32a2889806ba501c6768aca98c19b83fd4fb2cabf120c05716b9eac9b77d561ffdd69682308f80fcf1c78409f3b21749bf71abdb209660716a39c2562e8ae1b3478828bf35ec9d3f9712d95f49a36b9eaddaf1b249f023c36d09ff1b6f3df6d10e4e336763edef9501827d5171c507eec405bae52d56fd62f90f5c58a2f1a7310530df15ca6b7841a2871a37cae583e6b388978c118b9600840f5540af529bce0a24da8f906f601fc270f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"64cf47e52f758df802c2b37a4841c73a3228738d14b439a7d02b13fa3024715c744721e49f25a0e73e821f69786fe2d91ec1cce1d1cbf2dcbe5bdd2371c0a5df050841b6f07b1a2c0d064bc5e06ecf2ff9904928febe0bfaf3626df5bfb79fee1474cc8dfc3ae268570df2811bc3ba3b":"c3f0b0471d5273f40e74ccd71712071fa411b72b0f5a98c9eea9a5f7f176967e":"4df90039bbb54d8753b19ccb6250ffceb7279c05f6d69b5c47801c6fdeb1ddf8":"181d12bb126ea840bbf9e6ff5e68f8ef53f69071d223bff593a63e4e0c65ee1b":"8cec490ebe0b4837f040663de29e2c6dc801d7953cb2416d245ef66173e5d7baafbb77fd2c5ce69b4b8995bfe51f5f33cfffd9e9b1284fb8657bb7a3c26f5aac500cc7d3737fc81418c94d3db1a63f4922ca49803c04fdbc9488e21d9c4bc381c48bd9f7e5cd1ed6c6fa9e889e463dfc3a313812245a66be220266707a5358e25807ccb11f24780e5ef82c84a8803f72dbd21f55d96362d7cd8abbfd9d21f4e3dfac33326a4e538476508afd87e030d92328a91c91ffb16b054740dc3d0a2130" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"690a8be904c75e41342c8e2548abde2e465612a632710179ccb9c1dab76c4615bdaeda1587772638a61747738b96cfc94879325d2cf1cc0269d877eab8aa233ba8d7f1ff44e9118a128bcd8cc687eef58940343d27ba1d800aed9e2e911a8c83b8460f9d72c7b92852cc178d3d0baf6a":"5dd031fb2df56c510b3cc3c02fdcf6cf3ffa4a881e7475a8631073b3ed5e3c62":"a0a861238b2b9ea03582eb4703bc33921b5376c27004710d416ff921d6e6fc60":"3cef66f75aa682ad5430bdf0f01dd1f2c3492fcacc6f80ab351cfacc1c6b6ce0":"92b337a3364059acfcaef789ac1ae09c9ed05fdf69f5d5da7a1c9b6962d3a3c71a4041dc234f7be58fdbb728f8f5fb10404558f21d9b4c818fcadf5d6bac8bcb044e5b2fbd26ee08398dc8904c271e8d3d184bbf61f77c62fd3c8f1cc1ee2f8c4620c513f3abf5e312b431e8608b29cdf528d892ff03bc0a9cbd202b9da1d052ae2bc2dd8723198a1b3017ade2803c3dc8733ac33ddbdcef7a9948d64f72da0716b32dc6eea224bd49a7349a1c32e8e325ac11e5fad8353cf85d9eb4b72b1954" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0eba7b06309f0dc4e2bfabea57e1d01a5a3e711398320925647008abf19cae194efbff93968c0a7d1c7623ee1e3987cd95c3dbd1b2ba94d0b2d416fe2f2f6faeab46646a378e931bb5daac049333129ce7e20e53117a0f68baf4c86a3ee5e787b02b53b1e0140430e77ca86f242d7f90":"69adc69e03cd113c34ae6b89c7c2fcfbe987e426da865f7c8e052da4bade343a":"729489cc7ba4f3f96f77ff365fd5380cd83cc7b17b150d327c5b7632f1cb0460":"59892fcf99ce719819774539ed4f10edb7cd35cd66969137a88ebe6336da90f9":"565e3e392a9f364df0b575d9444aac262f58ce12312d5ac9832ae6351b6aae0398e0bedd3074f57bd4e9f0e89a50d627ecfe11fe9aea09fce563eb34efd27610a3255f81f953bb3f222b15c019b9d812150f7a1f19126994c505d9ce5c948882a1f6c5cdbc7050461ccdbbb7aae597dab53a12ea6bfaa4d4710188d690fb0a0a34df7fb6bba949fd6a8565fded8e4832ff7f6b08a653a72b8b88782b8d77c1f217e8487163fdbddcc88a83d8bdad479ca75fdbcaf02250db39528456942119f1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"9dea5f271193aef61bd72c76a581d65eadc8002b258a4d548c7ad1cb587a5f681e9709eab5e146833b01a79a34c352aa642a7a376595347c0203a8a0456af4e9859aea62c887166b3483e0c7acdd5b99a1b1a466dc0709cc6ba133abe29ecf3f3150d664d04baef8854fd86a5d8cab19":"895e5039eeb3ea1d197614a683c84d7780ac8724192bd6c35fe81137bc23e4bd":"9e8669a67bf80c695889a7e875a9ad1954b91e4bddd0848313b4efb4b00b14fc":"2e93a8b96ae1966e2a052db0d5c2d5b76cd7cd23494bb1170a33a9ddf39b21ce":"71a0ea8b9884e979f4ed546cee3688ebc399b41be38578f15b99d9621de0da3e671182f6da612334edb8d3a6d5e34c2872e277942854350526c3e000834bbe18cd5f2f336bcfabb42c4aaeb19b8cefa3f7066a89593960fabba244812d15c5fa7a7281067c789745127ee2b63b14237136c54864bf86ab7c377414a7933b829fc3052e8c26c698459a83b1990c093305372aa608c967bfda719e98c4c177764b72d184586f7b63a8e75f78c9e5e1dc045c3eb5b30c7147c69100c2cf910d4f3a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2b4c85aac528f5cf44e9018795a1e8f810220ce318aa174bed9db372602c00f68ac33625739f299241d1a8381372537bac392411a1d6849aa6610a177743afdf45cc524838fadf1b5feaaa9983ca79a4508b5e4a275514ef4c04c233c3dbbca32a00d0a1628323b91dacbe499c1ba928":"799a4b3c9f62c2f6aa9e91604e742dd06ff9f77b15d3799684e1dfcf029d807b":"1d15f59cb3e102d5ff47ad4c0aae13631ec4d300de4247137aec5b43e5aa4f79":"f43801851946f97208909f1ad0f79d6577eeda70067886b270f55d626d966fbe":"f05e50192528ba1185cb964324141c1d195f6e26c42164052a7b7244797c3084d48bc5e6e1a27e64562cf2fa36b4de30132a082de2f927059731d084e2042eb7720932ae8e1741f05f4c75079586924cc43a6cf3f5525e037b089674121c2741f836372f219a33bfcd910884abb166eeeed1840672663e0455b18bc7c9fcf20967b25dd77eb37e00d8fc40b0788c08280b0bd8878c504d982db4d3d2476f5fe6785b1959d1bfa2762c00efe436cd217b6d01adbf7da08d23254f1be1991d200a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"a716af9e058eedbe937ef79ee21cbaf4ac1ed0e2f4863eef4ca1e3e972f33326eb6ecfa7bc9bacd3d90215a3db843b24343edf7ada9e440a206df7f38f8cbd1d38159b8511f2a93d1f0b5ace8a89c0d823fe001656c3dde659874df88dd60056ced293cc49d64a71ee6b23199c9b20e6":"648aa30cb2687d857d309f702f6dae1f30edc824493d6e83a9e26d94f28948a2":"39c5a6514f3d399ac41b2640fd619312332fe053abf1b2a19472a58c28345347":"c912a1bb84f7aeeef79d73347097e09f6b8fb7ec593176cebbbb56af866bc309":"5387674cec52da2a9743b2556fa9874c0866e579079954cb357f17fc069c2e345c1ca80081040d620fba150c22eb1b8b2c7df082f637855c396ad6417fd383f8e93b7bd91693408e951b7572269c0ae65be8bcc9844f9fd8401e68f6fafdce195162154b34fdd5db8559dc11cfd3cbd3d391a45065761372f60c5182fe4cc162304061f86e666326c3332010fd388626cfa9ce1252982cae7b6eb1b8208c79b7b689aae9084fd180d00962fa4eea79f612ab7ec5fb51394f6f498528ad5860e7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"af405b42f8a67c349bc10d4d0b97f56cce433e1d34cebcc75c2850010d20cf74f61b23e1d2f964ad6c9a8d65c9f87749da279902d5c30fb67207d72be55451337f34aaa8e598b9ef55fd36224ebee4b5524a93f1513fc21fa984f0a76c2bcc98ddf39823d0a87d501b3515e3ee9fd4d6":"1cbd963d49b2553a9711687bc50743d820588049cf097c100739f857b3928fc0":"e0d336ea552a6dbc132f194ac9ab80a34a54f4d331a55a070dde6601d6d9084e":"91e882daaa304874fb0c063718984ac53e1f0716ca8c9210bdcdddc142c84082":"0acb19f2a65bf0e1d9f9561d8731fe0f0c178443f00faf427973ad45f2df4f4d21a4fdecdf96c34be28e389d8caed96b515ecb215ca915b38c715015e1b07949263fb65517ea4bcae361d76c418cd2c58d29010ea79b9420d1cedf937d3aaae7e29c2170ba88c8328664d884ace90e88c66200033d19ffd52f668b00b0df088b7942377c1aec37b3c304521c394ec749efbb252669e0c0415b8b04b995fc224903b0843fbaf0be1ce804c9f14a5e97afa70d0fca9cb708ad20388730aa9de020" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"e9ecd00efafeba4fa9cbab22b1b5288c98a36ff1d6856592a288325968c31d7d88fd2be5c82d79413b33c1dbe972859822ca2c8a92e7812479c14fa292a627a8909c3a953a2758d42f22a18682ffa219aa9908e06f521be8fb59ad58e5651aa9d6b95983e23e54cd57dfc82b2077bf96":"adf1f50a295d88f68e8c07a180897d8e7b49f7cc6cb78a3b25ee10b0583a0f0b":"82de6a73568ade5e5b0d8ae37c40ff25e858a7055346020c5e47feddfef75680":"cd0e15d764d2355ac9f1cbd5ea519ed1756a3bfaa55e3783b738c03bdb42e371":"1e592e5003fc0f3f81a7aef2272527980cc5a9ac7286a621513b9c7ce2ea94fbfa255ef2654d673bb8cd13f3a033a7701304acbbe8d19b82a61d2e77e7251f98b0e28e1a694f9cba2c86c7c8cb20d9c2986e52052f701596e3c837af95b166cd227f2fc00edd3ea62b57f60262712b2f71479569c119cbce9d771f8a2cfdf832aa8d70e0a912978fb2bb33b27a185fb3a4caa3a18913aeab095ac088d14381802117af0cc1d97c06fe9730bebbff0adf2ffac5995d299e4defb0722bd93f0799" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"898a6c47a5cff500ea0f5b18b5f0b4bcf7e75d6d7c92025f9920c666dbc1c5ffc48972e1d519428f8d61dfb5e300b48f2660ff53e1ffaa3950cffc50e17a874182236fbb555d35ced33302ef87b84c0ad31e87441ae365350452a39470567bc009871a3c9785bda4569af33d03d46f08":"9e16568a225b80e9011571f3b55102cf6362e26b8a60fd33680d4e6625738e5f":"b1c65d6e51ba043f63b4251ed58e9a8eebfc289f6285705f8ef44c202c9b4a22":"245ee741a2041eda22ce7053f8576c0a43eae868fd95ad7d58bb921c155b1b53":"b076210688b06ab6b57edf68126dcdfce82b6f9285ddec102ed60730aa7530863076186a3f7affbdd4ef081b7f5a32fb461bc5755ab4f860012631b74ae357fbc3cbd64f0eef8789c6c9dca894a41a005d272b4a57e761f91d221636d0ec7a49f10bb1b4264938604ff4dc7bc97eb799cea9e3e1d7a9b4bd66d88d244e22120bb311f502e66e60c5c9e42731ad320b23d6b06ae92a132b093ad924a1a7e08b5dccdc50e257bfdb63bf5705350588f61e93e4fc5042a2cad1bd6d9fbc82e875cf" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"8e92836dc5e4bbf9598803efb0d3871e5418cf18f379479bbcbd9262558af6cb6d97e73decb8781c30f69b61c1f5c91a5ea1f10fb1eef74b480e583710d9a6a2e57f8cfc9d0215fa73d1ce9c1562f3cc34be187940cd317b69139ab9aa58d064b6bca59ee6460c3db4e8b57fab0186f1":"6d9afc769985218745235e5af280eb45cec81a2e920c284ed5c77105489e8f4b":"711672f2ca12e7d8f32445a87163bc00f5d0f52c2f6799ba513b68c07c350de5":"426aeab2cfa56cd3146c0eb9facfbc048a504eec3273256b5e4db3d66c89560f":"56325373099fc1dd194555c3a1e69358fc7f80fe6610412cb31c14cdc70c73a74d040746c6cf388fb9718e7446888c6162de73ac097c32f8b4b00dd7f115fed1821d3786baaa1f64885cb93c75531e99171f98d3c3576337c1c41c5bfe83f94cef2adebc88c0790398d4c071488699edd599797c1f8f394b3e00e66bc4b68a7cacd209695961713c3bf2c9a5c8589d935e171f775f366217e2634ddf0db5f01ab31760ebd9ed9724292bec89db06d0145fb824a76292a35f39b01a06c43510a6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"a4f1fd83e53a406163862260fb9e2ec64d4af74f5fa41ff56c07c791b6bb6abbdb203670b1849afbf0931206ad6393798ff06fba8dca3318c29d9161c0ec18ec5d7d66847b1a618bb0e4f69fa1331fd1db5d5fffdeec5a2e045c588dc95a5d5eac6d35502ebe2e6a57318f15af53e001":"39dd79397f91a97432e5124e7b9b85928f62c598ecd19626070a81a5a8ed564a":"985724541d44c8b865672759c8d36ded75c2189c2281731888a741b305eb4161":"e2dae75950e417c18f1c3e5fbd66b1cc9fa617aa695c9d03d8768b9e197fea80":"703ab1f6a5332f01fa788cf73922a9f6cf856319772eeab07b4795702562cde350a8cf9395976fd227b08134feb469ca34f675c9b6f176ad684a5b0d02b4c135a7174bf0604a1546e7d8d978ecfd8cb6ae5efce3b228dc95cb413b010732c3e7f9ef8e547a93540e5e4aaaa3b0e5a8f45b83bb11209a03883c54f41e494fcbc66c2d57c01002137567ea2f99f7a1ed6c4c6080bdaa299d18f57bb3b386278a78b2ef23a03043e850bd9fd742527c45308e5b910fc586f9f21de7022d02b1493b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"f331ebcdbc0d2dfbf54758680dd49dd0bd666d0505ef6ba1c4bbfb7dee62edc34ea9063632c8e6719bbe140c3c840aabd66e7702c384700921dc1838c6c5a832c650a474e74270c378abff021d60d1a1884939bbdc51c547c72c929c0c73ca7f78668d33fba197642be8ac2d41cefde4":"ec299e456cd1985a3f1022d5c05f0ef9040cc8b8297ba5e404d92a6d36c3578f":"954f464877f7258f99acbfb9adfe4eedc89da71ca82e3581fb5bad127b2069e7":"515f9e746c7407196610bbae963b9bc15b1658972a30e62be6f78caee1287e88":"5aa30a796d46e789c498352ade179f0cd3336418fbeafae0d10fbf7798917672288b3b2a12267fc0435d88b4e99809c1e3067f0d65c910b12a330334b6a23d6d30910d301438c2c999353e1f78019ba7b20eaf68b499ff1e88db0431312a66f35305c4f3c3a2750c95bbc07ccbdf1e4d123eec378b9be8894b597bcc029c664e59e2b3c23fd72841af0ddc9374ecef21885a0b54d13186dc0a66ed3c3caca9e41753813ae61015a952142bd4d7ebbaa3193598be1267be937745fb0de09aa70d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"d99ddbd82ce9937cda083e30b3da47a6e6ca08b8f59f2fc934bb3f78e748bb28cfabddb375efc5f2025a53fd073a89b0fbec391290863ad862aa56fe6d945044e879ca05c3c019313f810dd559fa0e682d6b77ff7e612c7c40cd5231eece4018c5b3c0d8181ab44703f7a04c0a1c7c5e":"ebc2193d4a97b97d298f1305b2f7a54dab466f7c4e444831651cac29a6c5bd88":"6826aad41f8ac29e272884cb6d21300c7b0b3ca37205e1720afaf9f716f337ec":"5a7434648de82a3552e12aff800093776ca3e86565b29c0b3ad6c0bc3180623f":"cfc79a89a0a55dc9c6c6eccdfab5a9935335e806b73bab7f5eff5f9fea6aa3f47bf31f06d987a94e2bc2a4a6144ebe94d6f5aa8fcaabbf86a37c8d412207864322d3057b89fef358740c5962cf9e7c37072847fcaa6db693a5238ef270e8414e2b29448bbcc37dceaa75479c2ac5fee2d6fe9ed68516f6dbd90135ddcae8a12d1c1595e0edc34ea2bf00bee7ae773c240c2bc1ed828b7ff91a676891173eec1dabeecb2184df9186c3bd833e349351481655bda91bc0f4e419fb78e426de6b39" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #0 diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index 6cbdb4596..bdcc8db7b 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -34,7 +34,7 @@ depends_on:MBEDTLS_SHA256_C md_info:MBEDTLS_MD_SHA256:"SHA256":32 Information on SHA384 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_info:MBEDTLS_MD_SHA384:"SHA384":48 Information on SHA512 @@ -634,27 +634,27 @@ depends_on:MBEDTLS_SHA256_C mbedtls_md_hmac:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic HMAC-SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_hmac:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic HMAC-SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_hmac:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic HMAC-SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_hmac:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic HMAC-SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_hmac:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_hmac:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_hmac:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic HMAC-SHA-512 Test Vector NIST CAVS #1 @@ -778,27 +778,27 @@ depends_on:MBEDTLS_SHA256_C md_hmac_multi:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hmac_multi:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hmac_multi:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hmac_multi:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hmac_multi:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hmac_multi:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hmac_multi:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #1 @@ -922,35 +922,35 @@ depends_on:MBEDTLS_SHA256_C md_hex:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" generic SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" generic SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" generic SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" generic SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" generic SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" generic SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" generic SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" generic SHA-512 Test Vector NIST CAVS #1 @@ -1082,35 +1082,35 @@ depends_on:MBEDTLS_SHA256_C md_hex_multi:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" generic multi step SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic multi step SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" generic multi step SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" generic multi step SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" generic multi step SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" generic multi step SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" generic multi step SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" generic multi step SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 md_hex_multi:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" generic multi step SHA-512 Test Vector NIST CAVS #1 @@ -1194,19 +1194,19 @@ depends_on:MBEDTLS_SHA256_C mbedtls_md_file:"SHA256":"data_files/hash_file_4":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" generic SHA-384 Hash file #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_file:"SHA384":"data_files/hash_file_1":"e0a3e6259d6378001b54ef82f5dd087009c5fad86d8db226a9fe1d14ecbe33a6fc916e3a4b16f5f286424de15d5a8e0e" generic SHA-384 Hash file #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_file:"SHA384":"data_files/hash_file_2":"eff727afc8495c92e2f370f97a317f93c3350324b0646b0f0e264708b3c97d3d332d3c5390e1e47130f5c92f1ef4b9cf" generic SHA-384 Hash file #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_file:"SHA384":"data_files/hash_file_3":"6fc10ebda96a1ccf61777cac72f6034f92533d42052a4bf9f9d929c672973c71e5aeb1213268043c21527ac0f7f349c4" generic SHA-384 Hash file #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mbedtls_md_file:"SHA384":"data_files/hash_file_4":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic SHA-512 Hash file #1 diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index f3c421d0f..e51a7d268 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -67,23 +67,23 @@ depends_on:MBEDTLS_SHA256_C pbkdf2_hmac:MBEDTLS_MD_SHA256:"7061737300776f7264":"7361006c74":4096:16:"89b69d0516f829893c696226650a8687" PBKDF2 Python hashlib Test Vector #1 (SHA384) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":1:20:"c0e14f06e49e32d73f9f52ddf1d0c5c719160923" PBKDF2 Python hashlib Test Vector #2 (SHA384) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":2:20:"54f775c6d790f21930459162fc535dbf04a93918" PBKDF2 Python hashlib Test Vector #3 (SHA384) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":4096:20:"559726be38db125bc85ed7895f6e3cf574c7a01c" PBKDF2 Python hashlib Test Vector #5 (SHA384) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"819143ad66df9a552559b9e131c52ae6c5c1b0eed18f4d283b" PBKDF2 Python hashlib Test Vector #6 (SHA384) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"7061737300776f7264":"7361006c74":4096:16:"a3f00ac8657e095f8e0823d232fc60b3" PBKDF2 Python hashlib Test Vector #1 (SHA512) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 4add252df..ad4644963 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -651,147 +651,147 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index fa2f6ec2f..26dca18a4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -729,7 +729,7 @@ depends_on:MBEDTLS_SHA256_C hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS PSA hash setup: good, SHA-384 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS PSA hash setup: good, SHA-512 @@ -845,11 +845,11 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512 @@ -869,7 +869,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512 @@ -885,7 +885,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512 @@ -901,7 +901,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512 @@ -917,7 +917,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512 @@ -933,7 +933,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512 @@ -1556,7 +1556,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: deterministic ECDSA SECP256R1 SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign: deterministic ECDSA SECP384R1 SHA-256 @@ -1638,11 +1638,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: randomized ECDSA SECP256R1 SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify: randomized ECDSA SECP384R1 SHA-256 @@ -1746,11 +1746,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good, with label -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair @@ -1770,7 +1770,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm @@ -1798,7 +1798,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" PSA encrypt-decrypt: RSA OAEP-SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 @@ -1834,7 +1834,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) @@ -2118,23 +2118,23 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" # Test case manually extracted from debug output of TLS-PSK run @@ -2153,15 +2153,15 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: HKDF SHA-256, request maximum capacity diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 746d810f1..0e2d1b0d3 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -95,35 +95,35 @@ depends_on:MBEDTLS_SHA256_C hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" PSA hash finish: SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" PSA hash finish: SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" PSA hash finish: SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" PSA hash finish: SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" PSA hash finish: SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" PSA hash finish: SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" PSA hash finish: SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" PSA hash finish: SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" PSA hash finish: SHA-512 Test Vector NIST CAVS #1 @@ -287,7 +287,7 @@ depends_on:MBEDTLS_SHA256_C hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" PSA hash verify: SHA-384 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a" PSA hash verify: SHA-512 @@ -407,35 +407,35 @@ depends_on:MBEDTLS_SHA256_C hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" PSA hash multi part: SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" PSA hash multi part: SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" PSA hash multi part: SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" PSA hash multi part: SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" PSA hash multi part: SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" PSA hash multi part: SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" PSA hash multi part: SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" PSA hash multi part: SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" PSA hash multi part: SHA-512 Test Vector NIST CAVS #1 diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 3307849aa..2c9a5d305 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -23,11 +23,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0 RSA PKCS1 Verify v1.5 CAVS #6 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0 RSA PKCS1 Verify v1.5 CAVS #7 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384 # Bad padding after performing the public key operation mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED @@ -52,7 +52,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0 RSA PKCS1 Verify v1.5 CAVS #13 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0 RSA PKCS1 Verify v1.5 CAVS #14 @@ -72,7 +72,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0 RSA PKCS1 Verify v1.5 CAVS #18 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0 RSA PKCS1 Verify v1.5 CAVS #19 @@ -100,7 +100,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0 RSA PKCS1 Verify v1.5 CAVS #25 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0 RSA PKCS1 Verify v1.5 CAVS #26 @@ -124,11 +124,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #31 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #32 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0 RSA PKCS1 Verify v1.5 CAVS #33 @@ -207,11 +207,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA) -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #4 Verify -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #5 (MD2, 2048 bits RSA) diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index 2f65c230e..f67731e7f 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -114,35 +114,35 @@ SHA-512 Valid parameters sha512_valid_param: SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 sha384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" SHA-512 Test Vector NIST CAVS #1 From d602084cde718019249e1754613951c1b0a259a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 17 Jul 2019 16:28:21 +0200 Subject: [PATCH 2073/2197] Implement NO_SHA384 in MD layer and PSA --- include/mbedtls/md_internal.h | 2 ++ library/md.c | 24 ++++++++++++++++++++++++ library/psa_crypto.c | 2 ++ 3 files changed, 28 insertions(+) diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index bb876efc5..0922dff9d 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -79,7 +79,9 @@ extern const mbedtls_md_info_t mbedtls_sha224_info; extern const mbedtls_md_info_t mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) extern const mbedtls_md_info_t mbedtls_sha384_info; +#endif extern const mbedtls_md_info_t mbedtls_sha512_info; #endif diff --git a/library/md.c b/library/md.c index b2352034b..e235bc8da 100644 --- a/library/md.c +++ b/library/md.c @@ -120,12 +120,14 @@ const mbedtls_md_info_t mbedtls_sha256_info = { #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) const mbedtls_md_info_t mbedtls_sha384_info = { "SHA384", MBEDTLS_MD_SHA384, 48, 128, }; +#endif const mbedtls_md_info_t mbedtls_sha512_info = { "SHA512", @@ -142,8 +144,10 @@ static const int supported_digests[] = { #if defined(MBEDTLS_SHA512_C) MBEDTLS_MD_SHA512, +#if !defined(MBEDTLS_SHA512_NO_SHA384) MBEDTLS_MD_SHA384, #endif +#endif #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, @@ -211,8 +215,10 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) if( !strcmp( "SHA384", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); +#endif if( !strcmp( "SHA512", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); #endif @@ -250,8 +256,10 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) return( &mbedtls_sha256_info ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( &mbedtls_sha384_info ); +#endif case MBEDTLS_MD_SHA512: return( &mbedtls_sha512_info ); #endif @@ -306,7 +314,9 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: +#endif case MBEDTLS_MD_SHA512: mbedtls_sha512_free( ctx->md_ctx ); break; @@ -372,7 +382,9 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: +#endif case MBEDTLS_MD_SHA512: mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); break; @@ -439,7 +451,9 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: +#endif case MBEDTLS_MD_SHA512: ALLOC( sha512 ); break; @@ -498,8 +512,10 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); #endif @@ -542,8 +558,10 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); #endif @@ -586,8 +604,10 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); #endif @@ -631,8 +651,10 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); #endif @@ -839,8 +861,10 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); +#endif case MBEDTLS_MD_SHA512: return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); #endif diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4450fdb56..2785eace5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2037,8 +2037,10 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) return( &mbedtls_sha256_info ); #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: return( &mbedtls_sha384_info ); +#endif case PSA_ALG_SHA_512: return( &mbedtls_sha512_info ); #endif From 20f236de37da35e6a5f72c232ddc737b3ffdf8a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Sep 2019 10:01:10 +0200 Subject: [PATCH 2074/2197] Adjust depends-hashes.pl to test NO_SHA384 as well --- tests/scripts/depends-hashes.pl | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index 7cb41b55c..898ae497c 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -40,8 +40,18 @@ my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` ); # for md we want to catch MD5_C but not MD_C, hence the extra dot my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p'; my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p'; -my @hashes = split( /\s+/, +my @hash_modules = split( /\s+/, `sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` ); + +# there are also negative options for truncated variants, disabled by default +my $sha_trunc_sed_cmd = 's/^\/\/#define \(MBEDTLS_SHA..._NO_.*\)/\1/p'; +my @hash_negatives = split( /\s+/, + `sed -n -e '$sha_trunc_sed_cmd' $config_h` ); + +# list hash options with corresponding actions +my @hashes = ((map { "unset $_" } @hash_modules), + (map { "set $_" } @hash_negatives)); + system( "cp $config_h $config_h.bak" ) and die; sub abort { system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; @@ -55,12 +65,12 @@ for my $hash (@hashes) { system( "make clean" ) and die; print "\n******************************************\n"; - print "* Testing without hash: $hash\n"; + print "* Testing hash option: $hash\n"; print "******************************************\n"; $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$hash"; - system( "scripts/config.py unset $hash" ) - and abort "Failed to disable $hash\n"; + system( "scripts/config.py $hash" ) + and abort "Failed to $hash\n"; for my $opt (@ssl) { system( "scripts/config.py unset $opt" ) From 663ee2019a7f0ff95a35994708bee62434cdaa9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Jan 2020 10:11:22 +0100 Subject: [PATCH 2075/2197] Clarify documentation on is384. --- include/mbedtls/sha512.h | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index e8d0ab7c1..b6bee9a82 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -103,7 +103,11 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * * \param ctx The SHA-512 context to use. This must be initialized. * \param is384 Determines which function to use. This must be - * either \c for SHA-512, or \c 1 for SHA-384. + * either \c 0 for SHA-512, or \c 1 for SHA-384. + * + * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be + * 0, or the function will return + * MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. * \return A negative error code on failure. @@ -171,6 +175,9 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param ctx The SHA-512 context to use. This must be initialized. * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512 or \c 1 for SHA-384. + * + * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be + * 0, or the function will fail to work. */ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); @@ -241,6 +248,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process( * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * + * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be + * 0, or the function will return + * MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. + * * \return \c 0 on success. * \return A negative error code on failure. */ @@ -275,6 +286,9 @@ int mbedtls_sha512_ret( const unsigned char *input, * be a writable buffer of length \c 64 Bytes. * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. + * + * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be + * 0, or the function will fail to work. */ MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input, size_t ilen, From 792b16d83beae41997f3c4dae0c5e1ae0c42c080 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Jan 2020 10:13:18 +0100 Subject: [PATCH 2076/2197] Make more code paths conditional in psa_crypto.c --- library/psa_crypto.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2785eace5..cb7b5cf6a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2091,7 +2091,9 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: +#endif case PSA_ALG_SHA_512: mbedtls_sha512_free( &operation->ctx.sha512 ); break; @@ -2157,10 +2159,12 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); break; +#endif case PSA_ALG_SHA_512: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); @@ -2229,7 +2233,9 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: +#endif case PSA_ALG_SHA_512: ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, input, input_length ); @@ -2302,7 +2308,9 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: +#endif case PSA_ALG_SHA_512: ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); break; @@ -2391,7 +2399,9 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, break; #endif #if defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: +#endif case PSA_ALG_SHA_512: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); @@ -2519,8 +2529,10 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) return( 64 ); case PSA_ALG_SHA_256: return( 64 ); +#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: return( 128 ); +#endif case PSA_ALG_SHA_512: return( 128 ); default: From 0b9db441c8847b514030d65847ff3c008a6fbeac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Jan 2020 10:14:54 +0100 Subject: [PATCH 2077/2197] Make optional parameter validation more precise --- library/sha512.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/sha512.c b/library/sha512.c index fc21331e9..fbb034fac 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -132,7 +132,11 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) { SHA512_VALIDATE_RET( ctx != NULL ); +#if !defined(MBEDTLS_SHA512_NO_SHA384) SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); +#else + SHA512_VALIDATE_RET( is384 == 0 ); +#endif ctx->total[0] = 0; ctx->total[1] = 0; @@ -475,7 +479,11 @@ int mbedtls_sha512_ret( const unsigned char *input, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; +#if !defined(MBEDTLS_SHA512_NO_SHA384) SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); +#else + SHA512_VALIDATE_RET( is384 == 0 ); +#endif SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); From 2d88549c6b7549131ac1d2cf305d6cd5e1aa1853 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Jan 2020 10:17:35 +0100 Subject: [PATCH 2078/2197] Improve readability of macro in selftest --- library/sha512.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index fbb034fac..67571c29e 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -587,9 +587,7 @@ static const unsigned char sha512_test_sum[][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; -#define SHA512_TEST_SUM_N \ - ( sizeof( sha512_test_sum ) / sizeof( sha512_test_sum[0] ) ) - +#define ARRAY_LEN(a) ( sizeof( a ) / sizeof( a[0] ) ) /* * Checkup routine @@ -612,7 +610,7 @@ int mbedtls_sha512_self_test( int verbose ) mbedtls_sha512_init( &ctx ); - for( i = 0; i < (int) SHA512_TEST_SUM_N; i++ ) + for( i = 0; i < (int) ARRAY_LEN(sha512_test_sum); i++ ) { j = i % 3; #if !defined(MBEDTLS_SHA512_NO_SHA384) @@ -675,6 +673,8 @@ exit: return( ret ); } +#undef ARRAY_LEN + #endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SHA512_C */ From 86a39bdbc5b3d26cb455c286a6e6b2e4ffd4acf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Jan 2020 10:24:17 +0100 Subject: [PATCH 2079/2197] Improve readability of test dependencies - Always put MBEDTLS_SHA512_NO_SHA384 immediately after MBEDTLS_SHA512_C - Remove duplicate occurrences of MBEDTLS_SHA512_NO_SHA384 on the same line --- tests/suites/test_suite_pkparse.data | 72 ++++++++++++++-------------- tests/suites/test_suite_rsa.data | 18 +++---- 2 files changed, 45 insertions(+), 45 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index ad4644963..fc643a88a 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -651,147 +651,147 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 2c9a5d305..30919f3df 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -23,11 +23,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0 RSA PKCS1 Verify v1.5 CAVS #6 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0 RSA PKCS1 Verify v1.5 CAVS #7 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 # Bad padding after performing the public key operation mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED @@ -52,7 +52,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0 RSA PKCS1 Verify v1.5 CAVS #13 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0 RSA PKCS1 Verify v1.5 CAVS #14 @@ -72,7 +72,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0 RSA PKCS1 Verify v1.5 CAVS #18 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0 RSA PKCS1 Verify v1.5 CAVS #19 @@ -100,7 +100,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0 RSA PKCS1 Verify v1.5 CAVS #25 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0 RSA PKCS1 Verify v1.5 CAVS #26 @@ -124,11 +124,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #31 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #32 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0 RSA PKCS1 Verify v1.5 CAVS #33 @@ -207,11 +207,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA) -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #4 Verify -depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #5 (MD2, 2048 bits RSA) From 1e6fb01448291aa120b72ee6ed3c3403b6895af4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Jan 2020 11:00:34 +0100 Subject: [PATCH 2080/2197] Make SHA512_NO_SHA384 depend on SHA512_C --- include/mbedtls/check_config.h | 4 ++++ include/mbedtls/config.h | 2 ++ 2 files changed, 6 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6eae6a5e5..c3a38301c 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -510,6 +510,10 @@ #error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" #endif +#if defined(MBEDTLS_SHA512_NO_SHA384) && !defined(MBEDTLS_SHA512_C) +#error "MBEDTLS_SHA512_NO_SHA384 defined without MBEDTLS_SHA512_C" +#endif + #if defined(MBEDTLS_THREADING_PTHREAD) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 205c7bec7..585d08776 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1039,6 +1039,8 @@ * Disable the SHA-384 option of the SHA-512 module. Use this to save some * code size on devices that don't use SHA-384. * + * Requires: MBEDTLS_SHA512_C + * * Uncomment to disable SHA-384 */ //#define MBEDTLS_SHA512_NO_SHA384 From a15c71374b36b4ddac2b6c00d18f6ab6ac87813b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 9 Jan 2020 13:02:16 +0000 Subject: [PATCH 2081/2197] ctr_drbg: Clarify reseed_counter values before seeding Before the initial seeding, reseed_counter used to always be 0. Now, the value depends on whether or not the user has explicitly set the amount of data to get from the nonce (via e.g. mbedtls_ctr_drbg_set_nonce_len()). Add comments to clarify the possible values reseed_counter can have before the initial seeding. --- include/mbedtls/ctr_drbg.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 091f15ac2..234e6a036 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -177,7 +177,9 @@ typedef struct mbedtls_ctr_drbg_context * minus one. * Before the initial seeding, this field * contains the amount of entropy in bytes - * to use as a nonce for the initial seeding. + * to use as a nonce for the initial seeding, + * or -1 if no nonce length has been explicitly + * set (see mbedtls_ctr_drbg_set_nonce_len()). */ int prediction_resistance; /*!< This determines whether prediction resistance is enabled, that is From 28cd41676e2d3c978aa9cec0ce048e81b930cffa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Jan 2020 16:31:06 +0100 Subject: [PATCH 2082/2197] Fix possible error code mangling in psa_mac_verify_finish If psa_mac_finish_internal fails (which can only happen due to bad parameters or hardware problem), the error code was converted to PSA_ERROR_INVALID_SIGNATURE if the uninitialized stack variable actual_mac happened to contain the expected MAC. This is a minor bug but it may be possible to leverage it as part of a longer attack path in some scenarios. Reported externally. Found by static analysis. --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4450fdb56..8667d13c6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3030,6 +3030,8 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, status = psa_mac_finish_internal( operation, actual_mac, sizeof( actual_mac ) ); + if( status != PSA_SUCCESS ) + goto cleanup; if( safer_memcmp( mac, actual_mac, mac_length ) != 0 ) status = PSA_ERROR_INVALID_SIGNATURE; From 72d7609f821c2cf98e1cef22c06b4509651eb3d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Jan 2020 17:19:03 +0100 Subject: [PATCH 2083/2197] Bignum copy/shrink: More precise test case descriptions --- tests/suites/test_suite_mpi.data | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index f8ee09c05..500836077 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -205,37 +205,37 @@ mbedtls_mpi_cmp_abs:10:"2":10:"-3":-1 Base test mbedtls_mpi_cmp_abs (Mix values) #3 mbedtls_mpi_cmp_abs:10:"-2":10:"1":1 -Base test mbedtls_mpi_copy #1 +Copy zero (1 limb) to positive (1 limb) mbedtls_mpi_copy:0:1500 -Base test mpi_copy_self #1 +Copy self: positive (1 limb) mpi_copy_self:14 -Base test mbedtls_mpi_swap #1 +Swap 0 with positive (1 limb) mbedtls_mpi_swap:0:1500 -Test mbedtls_mpi_shrink #1 +Shrink 2 in 2 to 4 mbedtls_mpi_shrink:2:2:4:4 -Test mbedtls_mpi_shrink #2 +Shrink 2 in 4 to 4 mbedtls_mpi_shrink:4:2:4:4 -Test mbedtls_mpi_shrink #3 +Shrink 2 in 8 to 4 mbedtls_mpi_shrink:8:2:4:4 -Test mbedtls_mpi_shrink #4 +Shrink 4 in 8 to 4 mbedtls_mpi_shrink:8:4:4:4 -Test mbedtls_mpi_shrink #5 +Shrink 6 in 8 to 4 yielding 6 mbedtls_mpi_shrink:8:6:4:6 -Test mbedtls_mpi_shrink #6 +Shrink 2 in 4 to 0 yielding 2 mbedtls_mpi_shrink:4:2:0:2 -Test mbedtls_mpi_shrink #7 +Shrink 1 in 4 to 0 yielding 1 mbedtls_mpi_shrink:4:1:0:1 -Test mbedtls_mpi_shrink #8 +Shrink 0 in 4 to 0 yielding 1 mbedtls_mpi_shrink:4:0:0:1 Test mbedtls_mpi_safe_cond_assign #1 From 7428b451264df671fcc9345849f44de1ad3dbace Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Jan 2020 21:01:51 +0100 Subject: [PATCH 2084/2197] Better coverage for copy and swap Cover more cases: different signs, different zeronesses, repeated argument. --- tests/suites/test_suite_mpi.data | 75 +++++++++++++++++++++- tests/suites/test_suite_mpi.function | 95 ++++++++++++++++++++++------ 2 files changed, 148 insertions(+), 22 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 500836077..6dcf575b6 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -206,13 +206,82 @@ Base test mbedtls_mpi_cmp_abs (Mix values) #3 mbedtls_mpi_cmp_abs:10:"-2":10:"1":1 Copy zero (1 limb) to positive (1 limb) -mbedtls_mpi_copy:0:1500 +mbedtls_mpi_copy_sint:0:1500 + +Copy zero (1 limb) to negative (1 limb) +mbedtls_mpi_copy_sint:0:-1500 + +Copy positive (1 limb) to zero (1 limb) +mbedtls_mpi_copy_sint:1500:0 + +Copy negative (1 limb) to zero (1 limb) +mbedtls_mpi_copy_sint:-1500:0 + +Copy positive (1 limb) to negative (1 limb) +mbedtls_mpi_copy_sint:1500:-42 + +Copy negative (1 limb) to positive (1 limb) +mbedtls_mpi_copy_sint:-42:1500 + +Copy zero (null) to zero (null) +mbedtls_mpi_copy_binary:"":"" + +Copy zero (null) to positive (1 limb) +mbedtls_mpi_copy_binary:"":"1234" + +Copy positive (1 limb) to zero (null) +mbedtls_mpi_copy_binary:"1234":"" + +Copy positive to larger +mbedtls_mpi_copy_binary:"bead":"ca5cadedb01dfaceacc01ade" + +Copy positive to smaller +mbedtls_mpi_copy_binary:"ca5cadedb01dfaceacc01ade":"bead" Copy self: positive (1 limb) mpi_copy_self:14 -Swap 0 with positive (1 limb) -mbedtls_mpi_swap:0:1500 +Copy self: zero (1 limb) +mpi_copy_self:0 + +Swap zero (1 limb) with positive (1 limb) +mbedtls_mpi_swap_sint:0:1500 + +Swap zero (1 limb) with negative (1 limb) +mbedtls_mpi_swap_sint:0:-1500 + +Swap positive (1 limb) with zero (1 limb) +mbedtls_mpi_swap_sint:1500:0 + +Swap negative (1 limb) with zero (1 limb) +mbedtls_mpi_swap_sint:-1500:0 + +Swap positive (1 limb) with negative (1 limb) +mbedtls_mpi_swap_sint:1500:-42 + +Swap negative (1 limb) with positive (1 limb) +mbedtls_mpi_swap_sint:-42:1500 + +Swap zero (null) with zero (null) +mbedtls_mpi_swap_binary:"":"" + +Swap zero (null) with positive (1 limb) +mbedtls_mpi_swap_binary:"":"1234" + +Swap positive (1 limb) with zero (null) +mbedtls_mpi_swap_binary:"1234":"" + +Swap positive with larger +mbedtls_mpi_swap_binary:"bead":"ca5cadedb01dfaceacc01ade" + +Swap positive with smaller +mbedtls_mpi_swap_binary:"ca5cadedb01dfaceacc01ade":"bead" + +Swap self: 1 limb +mpi_swap_self:"face" + +Swap self: null +mpi_swap_self:"" Shrink 2 in 2 to 4 mbedtls_mpi_shrink:2:2:4:4 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index eaae1968e..32785c144 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -604,22 +604,40 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_copy( int input_X, int input_A ) +void mbedtls_mpi_copy_sint( int input_X, int input_Y ) { - mbedtls_mpi X, Y, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A ); + mbedtls_mpi X, Y; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &Y, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) != 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); + TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) != 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 ); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y ) +{ + mbedtls_mpi X, Y, X0; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 ); + + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary_le( &Y, input_Y->x, input_Y->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X0, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); + + TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + +exit: + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 ); } /* END_CASE */ @@ -711,22 +729,61 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_swap( int input_X, int input_Y ) +void mbedtls_mpi_swap_sint( int input_X, int input_Y ) { - mbedtls_mpi X, Y, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A ); + mbedtls_mpi X, Y; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &A, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) != 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 ); + mbedtls_mpi_swap( &X, &Y ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) != 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 ); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y ) +{ + mbedtls_mpi X, Y, X0, Y0; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); + + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary_le( &Y, input_Y->x, input_Y->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X0, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary_le( &Y0, input_Y->x, input_Y->len ) == 0 ); + + mbedtls_mpi_swap( &X, &Y ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + +exit: + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_swap_self( data_t *input_X ) +{ + mbedtls_mpi X, X0; + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 ); + + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X0, input_X->x, input_X->len ) == 0 ); + + mbedtls_mpi_swap( &X, &X ); + TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); + +exit: + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 ); } /* END_CASE */ From db42062cb95e7928c101d401f7ec55ebf5ec0391 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Jan 2020 21:12:50 +0100 Subject: [PATCH 2085/2197] mpi_copy: make the 0 case slightly more robust If Y was constructed through functions in this module, then Y->n == 0 iff Y->p == NULL. However we do not prevent filling mpi structures manually, and zero may be represented with n=0 and p a valid pointer. Most of the code can cope with such a representation, but for the source of mbedtls_mpi_copy, this would cause an integer underflow. Changing the test for zero from Y->p==NULL to Y->n==0 causes this case to work at no extra cost. --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 1d258db0e..231fa66d6 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -199,7 +199,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) if( X == Y ) return( 0 ); - if( Y->p == NULL ) + if( Y->n == 0 ) { mbedtls_mpi_free( X ); return( 0 ); From e2f563e22ed295a58359f5f88b7e775977e9d7ef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Jan 2020 21:17:43 +0100 Subject: [PATCH 2086/2197] Improve comments in mpi_shrink --- library/bignum.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 231fa66d6..b6503bbff 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -158,9 +158,10 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); - /* Actually resize up in this case */ + /* Actually resize up if there are currently fewer than nblimbs limbs. */ if( X->n <= nblimbs ) return( mbedtls_mpi_grow( X, nblimbs ) ); + /* Now X->n > nblimbs >= 0. */ for( i = X->n - 1; i > 0; i-- ) if( X->p[i] != 0 ) From 322752ba20246bd9df46437fce7fb235164a89ee Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 13:59:51 +0100 Subject: [PATCH 2087/2197] Minor comment improvement --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index b6503bbff..9af17aabd 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -161,7 +161,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) /* Actually resize up if there are currently fewer than nblimbs limbs. */ if( X->n <= nblimbs ) return( mbedtls_mpi_grow( X, nblimbs ) ); - /* Now X->n > nblimbs >= 0. */ + /* After this point, then X->n > nblimbs and in particular X->n > 0. */ for( i = X->n - 1; i > 0; i-- ) if( X->p[i] != 0 ) From a2bdcb9e3ae86ce01f6e33067a1f5d16860f0008 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 15:02:14 +0100 Subject: [PATCH 2088/2197] Remove redundant block_size validity check Check the value only once, as soon as we've obtained it. --- library/cipher.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index b62f1d593..409c3fe67 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -527,6 +527,10 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i *olen = 0; block_size = mbedtls_cipher_get_block_size( ctx ); + if ( 0 == block_size ) + { + return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); + } if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB ) { @@ -562,11 +566,6 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i } #endif - if ( 0 == block_size ) - { - return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); - } - if( input == output && ( ctx->unprocessed_len != 0 || ilen % block_size ) ) { @@ -625,11 +624,6 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i */ if( 0 != ilen ) { - if( 0 == block_size ) - { - return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); - } - /* Encryption: only cache partial blocks * Decryption w/ padding: always keep at least one whole block * Decryption w/o padding: only cache partial blocks From 2e9f108fbd3e1e4b413a549ad61a3b10784c5316 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 21 Jan 2020 14:08:26 +0000 Subject: [PATCH 2089/2197] Bump version to Mbed TLS 2.20.0 --- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 10 +++++----- library/CMakeLists.txt | 2 +- library/Makefile | 2 +- tests/suites/test_suite_version.data | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 197941fc9..7f7ce32a4 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.19.1" +PROJECT_NAME = "mbed TLS v2.20.0" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index ae694eeda..d4e5d5410 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -39,17 +39,17 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 19 -#define MBEDTLS_VERSION_PATCH 1 +#define MBEDTLS_VERSION_MINOR 20 +#define MBEDTLS_VERSION_PATCH 0 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x02130100 -#define MBEDTLS_VERSION_STRING "2.19.1" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.19.1" +#define MBEDTLS_VERSION_NUMBER 0x02140000 +#define MBEDTLS_VERSION_STRING "2.20.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.20.0" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 5c5ddc227..1d4d371fa 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -157,7 +157,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedcrypto SHARED ${src_crypto}) - set_target_properties(mbedcrypto PROPERTIES VERSION 2.17.0 SOVERSION 3) + set_target_properties(mbedcrypto PROPERTIES VERSION 2.20.0 SOVERSION 4) target_link_libraries(mbedcrypto ${libs}) target_include_directories(mbedcrypto PUBLIC ${MBEDTLS_DIR}/include/ diff --git a/library/Makefile b/library/Makefile index 6aeb95f92..ca063f486 100644 --- a/library/Makefile +++ b/library/Makefile @@ -36,7 +36,7 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_CRYPTO=so.3 +SOEXT_CRYPTO=so.4 # Set AR_DASH= (empty string) to use an ar implementation that does not accept # the - prefix for command line options (e.g. llvm-ar) diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index b6dca233b..ff0612b3b 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.19.1" +check_compiletime_version:"2.20.0" Check runtime library version -check_runtime_version:"2.19.1" +check_runtime_version:"2.20.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From 42a1acfd0e100035f71e7112935a115136d6b90c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 16:12:07 +0100 Subject: [PATCH 2090/2197] get_len_step: Fix end-of-buffer calculation when buffer_size==0 Fix get_len_step when buffer_size==0. The intent of this test is to ensure (via static or runtime buffer overflow analysis) that mbedtls_asn1_get_len does not attempt to access beyond the end of the buffer. When buffer_size is 0 (reached from get_len when parsing a 1-byte buffer), the buffer is buf[1..1] because allocating a 0-byte buffer might yield a null pointer rather than a valid pointer. In this case the end of the buffer is p==buf+1, not buf+buffer_size which is buf+0. The test passed because calling mbedtls_asn1_get_len(&p,end,...) with end < p happens to work, but this is not guaranteed. --- tests/suites/test_suite_asn1parse.function | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index d747cc254..f07fd409d 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -121,6 +121,7 @@ int get_len_step( const data_t *input, size_t buffer_size, { unsigned char *buf = NULL; unsigned char *p = NULL; + unsigned char *end; size_t parsed_length; int ret; @@ -130,7 +131,8 @@ int get_len_step( const data_t *input, size_t buffer_size, if( buffer_size == 0 ) { ASSERT_ALLOC( buf, 1 ); - p = buf + 1; + end = buf + 1; + p = end; } else { @@ -145,9 +147,10 @@ int get_len_step( const data_t *input, size_t buffer_size, memcpy( buf, input->x, buffer_size ); } p = buf; + end = buf + buffer_size; } - ret = mbedtls_asn1_get_len( &p, buf + buffer_size, &parsed_length ); + ret = mbedtls_asn1_get_len( &p, end, &parsed_length ); if( buffer_size >= input->len + actual_length ) { From 292672eb1246f3d0a93b456b2ed6090ff13d4020 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 16:20:04 +0100 Subject: [PATCH 2091/2197] If ASSERT_ALLOC_WEAK fails, mark the test as skipped, not passed This was the intended behavior of ASSERT_ALLOC_WEAK all along, but skipping was not implemented yet when ASSERT_ALLOC_WEAK was introduced. --- tests/suites/helpers.function | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 0cce463c0..3e68c0657 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -158,11 +158,10 @@ typedef enum } \ while( 0 ) -/** Allocate memory dynamically. Exit the test if this fails, but do - * not mark the test as failed. +/** Allocate memory dynamically. If the allocation fails, skip the test case. * * This macro behaves like #ASSERT_ALLOC, except that if the allocation - * fails, it jumps to the \c exit label without calling test_fail(). + * fails, it marks the test as skipped rather than failed. */ #define ASSERT_ALLOC_WEAK( pointer, length ) \ do \ @@ -172,8 +171,7 @@ typedef enum { \ ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ ( length ) ); \ - if( ( pointer ) == NULL ) \ - goto exit; \ + TEST_ASSUME( ( pointer ) != NULL ); \ } \ } \ while( 0 ) From 9018b11302ecde4e00f586aaeff3388a971ada73 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 16:30:53 +0100 Subject: [PATCH 2092/2197] Check that mbedtls_mpi_grow succeeds --- tests/suites/test_suite_mpi.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 63a2509e1..0f35a2a28 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -600,8 +600,8 @@ void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X, TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 ); - mbedtls_mpi_grow( &X, size_X ); - mbedtls_mpi_grow( &Y, size_Y ); + TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 ); + TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 ); TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err ); if( input_err == 0 ) From 84984ae22077538eb97ea0f85d12706b224c367e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 16:52:08 +0100 Subject: [PATCH 2093/2197] Add missing return code check on calls to mbedtls_md() --- tests/suites/test_suite_ecdsa.function | 4 +++- tests/suites/test_suite_pk.function | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index ab3db3adf..59c1c4907 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -500,7 +500,9 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, TEST_ASSERT( md_info != NULL ); hlen = mbedtls_md_get_size( md_info ); - mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); + TEST_ASSERT( mbedtls_md( md_info, + (const unsigned char *) msg, strlen( msg ), + hash ) == 0 ); mbedtls_ecp_set_max_ops( max_ops ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 926cec425..47427252c 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -844,7 +844,9 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, TEST_ASSERT( md_info != NULL ); hlen = mbedtls_md_get_size( md_info ); - mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); + TEST_ASSERT( mbedtls_md( md_info, + (const unsigned char *) msg, strlen( msg ), + hash ) == 0 ); mbedtls_ecp_set_max_ops( max_ops ); From ef4183858ac8b86a46c12248aa7e705ecddd215b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 18:56:27 +0100 Subject: [PATCH 2094/2197] Document how tested prefix lengths are chosen --- tests/suites/test_suite_asn1parse.function | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index d747cc254..63e3a31c7 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -185,6 +185,10 @@ void parse_prefixes( const data_t *input, size_t buffer_size; int ret; + /* Test every prefix of the input, except the empty string. + * The first byte of the string is the tag. Without a tag byte, + * we wouldn't know what to parse the input as. + */ for( buffer_size = 1; buffer_size <= input->len; buffer_size++ ) { test_set_step( buffer_size ); @@ -221,6 +225,12 @@ void get_len( const data_t *input, int actual_length_arg ) size_t actual_length = actual_length_arg; size_t buffer_size; + /* Test prefixes of a buffer containing the given length string + * followed by `actual_length` bytes of payload. To save a bit of + * time, we skip some "boring" prefixes: we don't test prefixes where + * the payload is truncated more than one byte away from either end, + * and we only test the empty string on a 1-byte input. + */ for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) { if( ! get_len_step( input, buffer_size, actual_length ) ) From 95c893d17f64f6549b2acfdead419d1711189282 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Jan 2020 21:26:36 +0100 Subject: [PATCH 2095/2197] More systematic handling of trailing garbage in parse_prefixes Before, the string to parse may contain trailing garbage (there was never more than one byte), and there was a separate argument indicating the length of the content. Now, the string to parse is the exact content, and the test code runs an extra test step with a trailing byte added. --- tests/suites/test_suite_asn1parse.data | 39 +++++++++++---------- tests/suites/test_suite_asn1parse.function | 40 ++++++++++++++++------ 2 files changed, 50 insertions(+), 29 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index e26f93af7..f129e6507 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -1,56 +1,59 @@ Empty length -parse_prefixes:"04":0:MBEDTLS_ERR_ASN1_INVALID_LENGTH +parse_prefixes:"04":MBEDTLS_ERR_ASN1_OUT_OF_DATA:UNPREDICTABLE_RESULT + +Incomplete length +parse_prefixes:"0481":MBEDTLS_ERR_ASN1_OUT_OF_DATA:UNPREDICTABLE_RESULT Prefixes of OCTET STRING, length=0 -parse_prefixes:"04007e":2:0 +parse_prefixes:"0400":0:0 Prefixes of OCTET STRING, length=0 (0 length bytes) -parse_prefixes:"04807e":2:MBEDTLS_ERR_ASN1_INVALID_LENGTH +parse_prefixes:"0480":MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_LENGTH Prefixes of OCTET STRING, length=1 -parse_prefixes:"0401417e":3:0 +parse_prefixes:"040141":0:0 Prefixes of OCTET STRING, length=2 -parse_prefixes:"040241427e":4:0 +parse_prefixes:"04024142":0:0 Prefixes of BOOLEAN, length=0 -parse_prefixes:"01007e":2:MBEDTLS_ERR_ASN1_INVALID_LENGTH +parse_prefixes:"0100":MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_LENGTH Prefixes of BOOLEAN, length=1 -parse_prefixes:"0101007e":3:0 +parse_prefixes:"010100":0:0 Prefixes of BOOLEAN, length=2 -parse_prefixes:"010200007e":4:MBEDTLS_ERR_ASN1_INVALID_LENGTH +parse_prefixes:"01020000":MBEDTLS_ERR_ASN1_INVALID_LENGTH:MBEDTLS_ERR_ASN1_INVALID_LENGTH Prefixes of INTEGER, length=1 -parse_prefixes:"0201417e":3:0 +parse_prefixes:"020141":0:0 Prefixes of INTEGER, length=2 -parse_prefixes:"020241427e":4:0 +parse_prefixes:"02024142":0:0 Prefixes of INTEGER, length=5 -parse_prefixes:"020541424344457e":7:0 +parse_prefixes:"02054142434445":0:0 Prefixes of empty BIT STRING -parse_prefixes:"03007e":2:MBEDTLS_ERR_ASN1_OUT_OF_DATA +parse_prefixes:"0300":MBEDTLS_ERR_ASN1_OUT_OF_DATA:UNPREDICTABLE_RESULT Prefixes of BIT STRING, unused_bits=0, payload_length=0 -parse_prefixes:"030100":3:0 +parse_prefixes:"030100":0:MBEDTLS_ERR_ASN1_LENGTH_MISMATCH Prefixes of BIT STRING, unused_bits=0, payload_length=1 -parse_prefixes:"0302002a":4:0 +parse_prefixes:"0302002a":0:MBEDTLS_ERR_ASN1_LENGTH_MISMATCH Prefixes of BIT STRING, unused_bits=1, payload_length=1 -parse_prefixes:"0302012a":4:0 +parse_prefixes:"0302012a":0:MBEDTLS_ERR_ASN1_LENGTH_MISMATCH Prefixes of empty SEQUENCE -parse_prefixes:"30007e":2:0 +parse_prefixes:"3000":0:0 Prefixes of SEQUENCE of BOOLEAN, INTEGER, INTEGER -parse_prefixes:"300b01010102012a02031234567e":13:0 +parse_prefixes:"300b01010102012a0203123456":0:0 Prefixes of SEQUENCE of (SEQUENCE of INTEGER, INTEGER), INTEGER -parse_prefixes:"300b30060201410201420201617e":13:0 +parse_prefixes:"300b3006020141020142020161":0:0 length=0 (short form) get_len:"00":0 diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 63e3a31c7..94e34fb47 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -9,8 +9,13 @@ #include "mbedtls/asn1write.h" #endif +/* Used internally to report an error that indicates a bug in a parsing function. */ #define ERR_PARSE_INCONSISTENCY INT_MAX +/* Use this magic value in some tests to indicate that the expected result + * should not be checked. */ +#define UNPREDICTABLE_RESULT 0x5552 + static int nested_parse( unsigned char **const p, const unsigned char *const end ) { @@ -176,10 +181,15 @@ exit: /* BEGIN_CASE */ void parse_prefixes( const data_t *input, - int actual_length_arg, - int last_result ) + int full_result, + int overfull_result ) { - size_t actual_length = actual_length_arg; + /* full_result: expected result from parsing the given string. */ + /* overfull_result: expected_result from parsing the given string plus + * some trailing garbage. This may be UNPREDICTABLE_RESULT to accept + * any result: use this for invalid inputs that may or may not become + * valid depending on what the trailing garbage is. */ + unsigned char *buf = NULL; unsigned char *p = NULL; size_t buffer_size; @@ -188,8 +198,9 @@ void parse_prefixes( const data_t *input, /* Test every prefix of the input, except the empty string. * The first byte of the string is the tag. Without a tag byte, * we wouldn't know what to parse the input as. + * Also test the input followed by an extra byte. */ - for( buffer_size = 1; buffer_size <= input->len; buffer_size++ ) + for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) { test_set_step( buffer_size ); /* Allocate a new buffer of exactly the length to parse each time. @@ -198,18 +209,25 @@ void parse_prefixes( const data_t *input, memcpy( buf, input->x, buffer_size ); p = buf; ret = nested_parse( &p, buf + buffer_size ); + if( ret == ERR_PARSE_INCONSISTENCY ) goto exit; - if( actual_length > 0 && buffer_size >= actual_length ) - { - TEST_EQUAL( ret, last_result ); - if( ret == 0 ) - TEST_ASSERT( p == buf + actual_length ); - } - else + if( buffer_size < input->len ) { TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } + else if( buffer_size == input->len ) + { + TEST_EQUAL( ret, full_result ); + } + else /* ( buffer_size > input->len ) */ + { + if( overfull_result != UNPREDICTABLE_RESULT ) + TEST_EQUAL( ret, overfull_result ); + } + if( ret == 0 ) + TEST_ASSERT( p == buf + input->len ); + mbedtls_free( buf ); buf = NULL; } From 80cc81103918e33b293b51c306b047b1e1911b72 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Wed, 22 Jan 2020 17:34:29 -0500 Subject: [PATCH 2096/2197] Parse RSA parameters DP, DQ and QP from PKCS1 private keys Otherwise these values are recomputed in mbedtls_rsa_deduce_crt, which currently suffers from side channel issues in the computation of QP (see https://eprint.iacr.org/2020/055). By loading the pre-computed values not only is the side channel avoided, but runtime overhead of loading RSA keys is reduced. Discussion in https://github.com/ARMmbed/mbed-crypto/issues/347 --- library/pkparse.c | 27 +++++++++++++++++++++------ library/rsa.c | 8 ++++++-- 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 596dae919..2311986f7 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -769,16 +769,31 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, goto cleanup; p += len; + /* Import DP */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_INTEGER ) ) != 0 || + ( ret = mbedtls_mpi_read_binary( &rsa->DP, p, len ) ) != 0 ) + goto cleanup; + p += len; + + /* Import DQ */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_INTEGER ) ) != 0 || + ( ret = mbedtls_mpi_read_binary( &rsa->DQ, p, len ) ) != 0 ) + goto cleanup; + p += len; + + /* Import QP */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_INTEGER ) ) != 0 || + ( ret = mbedtls_mpi_read_binary( &rsa->QP, p, len ) ) != 0 ) + goto cleanup; + p += len; + /* Complete the RSA private key */ if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 ) goto cleanup; - /* Check optional parameters */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ) - goto cleanup; - if( p != end ) { ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + diff --git a/library/rsa.c b/library/rsa.c index 3c2f31438..7ea72cd84 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -249,7 +249,7 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) { int ret = 0; - int have_N, have_P, have_Q, have_D, have_E; + int have_N, have_P, have_Q, have_D, have_E, have_DP, have_DQ, have_QP; int n_missing, pq_missing, d_missing, is_pub, is_priv; RSA_VALIDATE_RET( ctx != NULL ); @@ -259,6 +259,10 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); + have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 ); + have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 ); + have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 ); + /* * Check whether provided parameters are enough @@ -325,7 +329,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) */ #if !defined(MBEDTLS_RSA_NO_CRT) - if( is_priv ) + if( is_priv && !(have_DP && have_DQ && have_QP)) { ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, &ctx->DP, &ctx->DQ, &ctx->QP ); From 8c2631b6d36951c8f37d2318d28ceb6409bc4830 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Thu, 23 Jan 2020 17:23:52 -0500 Subject: [PATCH 2097/2197] Address review comments --- library/pkparse.c | 11 +++++++++++ library/rsa.c | 9 +++++++-- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 2311986f7..724197d79 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -769,6 +769,17 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, goto cleanup; p += len; + /* + * The RSA CRT parameters DP, DQ and QP are nominally redundant, in + * that they can be easily recomputed from D, P and Q. However by + * parsing them from the PKCS1 structure it is possible to avoid + * recalculating them which both reduces the overhead of loading + * RSA private keys into memory and also avoids side channels which + * can arise when computing those values, since all of D, P, and Q + * are secret. See https://eprint.iacr.org/2020/055 for a + * description of one such attack. + */ + /* Import DP */ if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 || diff --git a/library/rsa.c b/library/rsa.c index 7ea72cd84..dc34e38b4 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -249,7 +249,10 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) { int ret = 0; - int have_N, have_P, have_Q, have_D, have_E, have_DP, have_DQ, have_QP; + int have_N, have_P, have_Q, have_D, have_E; +#if !defined(MBEDTLS_RSA_NO_CRT) + int have_DP, have_DQ, have_QP; +#endif int n_missing, pq_missing, d_missing, is_pub, is_priv; RSA_VALIDATE_RET( ctx != NULL ); @@ -259,10 +262,12 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); + +#if !defined(MBEDTLS_RSA_NO_CRT) have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 ); have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 ); have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 ); - +#endif /* * Check whether provided parameters are enough From 3a3b5c782741e0b661e842340fbeafdf5dee4b08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2020 10:57:25 +0100 Subject: [PATCH 2098/2197] Improve doxygen formatting --- include/mbedtls/sha512.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index b6bee9a82..8e54ce01a 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -105,9 +105,9 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \param is384 Determines which function to use. This must be * either \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be - * 0, or the function will return - * MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. + * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must + * be \c 0, or the function will return + * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. * \return A negative error code on failure. @@ -176,8 +176,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512 or \c 1 for SHA-384. * - * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be - * 0, or the function will fail to work. + * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must + * be \c 0, or the function will fail to work. */ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); @@ -248,9 +248,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process( * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be - * 0, or the function will return - * MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. + * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must + * be \c 0, or the function will return + * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. * \return A negative error code on failure. @@ -287,8 +287,8 @@ int mbedtls_sha512_ret( const unsigned char *input, * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must be - * 0, or the function will fail to work. + * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must + * be \c 0, or the function will fail to work. */ MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input, size_t ilen, From b7f7092f57301fd33f9477f109e158f91b4b9171 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2020 10:59:08 +0100 Subject: [PATCH 2099/2197] Remove preprocessor directive for consistency Other cases in this switch statement aren't guarded either. --- library/psa_crypto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cb7b5cf6a..154806a3f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2529,10 +2529,8 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) return( 64 ); case PSA_ALG_SHA_256: return( 64 ); -#if !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: return( 128 ); -#endif case PSA_ALG_SHA_512: return( 128 ); default: From 2b9b780ac02e51b19a120f2057096bb2f92d33aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2020 11:01:02 +0100 Subject: [PATCH 2100/2197] Rename internal macro for consistency Other modules have similar internal macros using _LENGTH in the name. --- library/sha512.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index 67571c29e..00492a485 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -587,7 +587,7 @@ static const unsigned char sha512_test_sum[][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; -#define ARRAY_LEN(a) ( sizeof( a ) / sizeof( a[0] ) ) +#define ARRAY_LENGTH(a) ( sizeof( a ) / sizeof( a[0] ) ) /* * Checkup routine @@ -610,7 +610,7 @@ int mbedtls_sha512_self_test( int verbose ) mbedtls_sha512_init( &ctx ); - for( i = 0; i < (int) ARRAY_LEN(sha512_test_sum); i++ ) + for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ ) { j = i % 3; #if !defined(MBEDTLS_SHA512_NO_SHA384) @@ -673,7 +673,7 @@ exit: return( ret ); } -#undef ARRAY_LEN +#undef ARRAY_LENGTH #endif /* MBEDTLS_SELF_TEST */ From ee4ba54d8dc51bbcf409db8f7a0055a8e0427ca6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2020 12:11:56 +0100 Subject: [PATCH 2101/2197] Fix incrementing pointer instead of value This was introduced by a hasty search-and-replace that didn't account for C's operator precedence when changing those variables to pointer types. --- library/ecdsa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ecdsa.c b/library/ecdsa.c index e9c4315bf..5acd2d00e 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -298,7 +298,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, *p_sign_tries = 0; do { - if( *p_sign_tries++ > 10 ) + if( (*p_sign_tries)++ > 10 ) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; @@ -311,7 +311,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, *p_key_tries = 0; do { - if( *p_key_tries++ > 10 ) + if( (*p_key_tries)++ > 10 ) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; From 60239753d2c4d5b04984c971143037cc8ae03f97 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Mon, 27 Jan 2020 17:53:36 -0500 Subject: [PATCH 2102/2197] Avoid memory leak when RSA-CRT is not enabled in build --- library/pkparse.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/pkparse.c b/library/pkparse.c index 724197d79..ac631d93d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -769,6 +769,7 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, goto cleanup; p += len; +#if !defined(MBEDTLS_RSA_NO_CRT) /* * The RSA CRT parameters DP, DQ and QP are nominally redundant, in * that they can be easily recomputed from D, P and Q. However by @@ -800,6 +801,13 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, ( ret = mbedtls_mpi_read_binary( &rsa->QP, p, len ) ) != 0 ) goto cleanup; p += len; +#else + /* Verify existance of the CRT params */ + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ) + goto cleanup; +#endif /* Complete the RSA private key */ if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 ) From 2e9eef4f7b3939ac76b7c0790437b4a7bd6e1996 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Tue, 28 Jan 2020 14:43:52 -0500 Subject: [PATCH 2103/2197] Final review comments --- library/pkparse.c | 22 +++++++--------------- library/rsa.c | 2 +- 2 files changed, 8 insertions(+), 16 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index ac631d93d..7df30fea9 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -782,25 +782,17 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, */ /* Import DP */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &rsa->DP, p, len ) ) != 0 ) - goto cleanup; - p += len; + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DP ) ) != 0) + goto cleanup; /* Import DQ */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &rsa->DQ, p, len ) ) != 0 ) - goto cleanup; - p += len; + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0) + goto cleanup; /* Import QP */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &rsa->QP, p, len ) ) != 0 ) - goto cleanup; - p += len; + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->QP ) ) != 0) + goto cleanup; + #else /* Verify existance of the CRT params */ if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || diff --git a/library/rsa.c b/library/rsa.c index dc34e38b4..6c457468e 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -334,7 +334,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) */ #if !defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && !(have_DP && have_DQ && have_QP)) + if( is_priv && ! ( have_DP && have_DQ && have_QP ) ) { ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, &ctx->DP, &ctx->DQ, &ctx->QP ); From 74ca84a7a9e68584bcdc778238f138393bd1ae72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 29 Jan 2020 09:46:49 +0100 Subject: [PATCH 2104/2197] Fix some whitespace issues --- library/sha512.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/sha512.c b/library/sha512.c index 00492a485..30dd71954 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -587,7 +587,7 @@ static const unsigned char sha512_test_sum[][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; -#define ARRAY_LENGTH(a) ( sizeof( a ) / sizeof( a[0] ) ) +#define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( ( a )[0] ) ) /* * Checkup routine From 0a749c8fa33bf7425df47109bb3156644960949d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Nov 2019 19:33:58 +0100 Subject: [PATCH 2105/2197] Implement and test psa_hash_compute, psa_hash_compare --- library/psa_crypto.c | 52 +++++++++++++ tests/suites/test_suite_psa_crypto.data | 52 +++++++++++++ tests/suites/test_suite_psa_crypto.function | 83 +++++++++++++++++++++ 3 files changed, 187 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 154806a3f..98166684e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2351,6 +2351,58 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, return( PSA_SUCCESS ); } +psa_status_t psa_hash_compute( psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, + size_t *hash_length ) +{ + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + *hash_length = hash_size; + status = psa_hash_setup( &operation, alg ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_hash_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_hash_finish( &operation, hash, hash_size, hash_length ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if( status == PSA_SUCCESS ) + status = psa_hash_abort( &operation ); + else + psa_hash_abort( &operation ); + return( status ); +} + +psa_status_t psa_hash_compare( psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + const uint8_t *hash, size_t hash_length ) +{ + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + status = psa_hash_setup( &operation, alg ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_hash_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = psa_hash_verify( &operation, hash, hash_length ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if( status == PSA_SUCCESS ) + status = psa_hash_abort( &operation ); + else + psa_hash_abort( &operation ); + return( status ); +} + psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation ) { diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 26dca18a4..4cdba31a6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -774,6 +774,58 @@ hash_verify_bad_args: PSA hash finish: bad arguments hash_finish_bad_args: +PSA hash compute: bad algorithm (unknown hash) +depends_on:MBEDTLS_SHA256_C +hash_compute_fail:PSA_ALG_CATEGORY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED + +PSA hash compute: bad algorithm (wildcard) +depends_on:MBEDTLS_SHA256_C +hash_compute_fail:PSA_ALG_ANY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED + +PSA hash compute: bad algorithm (not a hash) +depends_on:MBEDTLS_SHA256_C +hash_compute_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":32:PSA_ERROR_INVALID_ARGUMENT + +PSA hash compute: output buffer too small +depends_on:MBEDTLS_SHA256_C +hash_compute_fail:PSA_ALG_SHA_256:"":31:PSA_ERROR_BUFFER_TOO_SMALL + +PSA hash compute: good, SHA-1 +depends_on:MBEDTLS_SHA1_C +hash_compute_compare:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" + +PSA hash compute: good, SHA-224 +depends_on:MBEDTLS_SHA256_C +hash_compute_compare:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" + +PSA hash compute: good, SHA-256 +depends_on:MBEDTLS_SHA256_C +hash_compute_compare:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" + +PSA hash compute: good, SHA-384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +hash_compute_compare:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" + +PSA hash compute: good, SHA-512 +depends_on:MBEDTLS_SHA512_C +hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" + +PSA hash compute: good, MD2 +depends_on:MBEDTLS_MD2_C +hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb" + +PSA hash compute: good, MD4 +depends_on:MBEDTLS_MD4_C +hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d" + +PSA hash compute: good, MD5 +depends_on:MBEDTLS_MD5_C +hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72" + +PSA hash compute: good, RIPEMD160 +depends_on:MBEDTLS_RIPEMD160_C +hash_compute_compare:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" + PSA hash clone: source state hash_clone_source_state: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ba7c192b8..c9c45b7e1 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2430,6 +2430,89 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_compute_fail( int alg_arg, data_t *input, + int output_size_arg, int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + uint8_t *output = NULL; + size_t output_size = output_size_arg; + size_t output_length = INVALID_EXPORT_LENGTH; + psa_status_t expected_status = expected_status_arg; + psa_status_t status; + + ASSERT_ALLOC( output, output_size ); + + PSA_ASSERT( psa_crypto_init( ) ); + + status = psa_hash_compute( alg, input->x, input->len, + output, output_size, &output_length ); + TEST_EQUAL( status, expected_status ); + TEST_ASSERT( output_length <= output_size ); + +exit: + mbedtls_free( output ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_compute_compare( int alg_arg, data_t *input, + data_t *expected_output ) +{ + psa_algorithm_t alg = alg_arg; + uint8_t output[PSA_HASH_MAX_SIZE + 1]; + size_t output_length = INVALID_EXPORT_LENGTH; + size_t i; + + PSA_ASSERT( psa_crypto_init( ) ); + + /* Compute with tight buffer */ + PSA_ASSERT( psa_hash_compute( alg, input->x, input->len, + output, PSA_HASH_SIZE( alg ), + &output_length ) ); + TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) ); + ASSERT_COMPARE( output, output_length, + expected_output->x, expected_output->len ); + + /* Compute with larger buffer */ + PSA_ASSERT( psa_hash_compute( alg, input->x, input->len, + output, sizeof( output ), + &output_length ) ); + TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) ); + ASSERT_COMPARE( output, output_length, + expected_output->x, expected_output->len ); + + /* Compare with correct hash */ + PSA_ASSERT( psa_hash_compare( alg, input->x, input->len, + output, output_length ) ); + + /* Compare with trailing garbage */ + TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, + output, output_length + 1 ), + PSA_ERROR_INVALID_SIGNATURE ); + + /* Compare with truncated hash */ + TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, + output, output_length - 1 ), + PSA_ERROR_INVALID_SIGNATURE ); + + /* Compare with corrupted value */ + for( i = 0; i < output_length; i++ ) + { + test_set_step( i ); + output[i] ^= 1; + TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, + output, output_length ), + PSA_ERROR_INVALID_SIGNATURE ); + output[i] ^= 1; + } + +exit: + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_bad_order( ) { From aead02cce9abecf6e229cc86035683ecb0650c93 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Nov 2019 19:38:39 +0100 Subject: [PATCH 2106/2197] Remove obsolete dependencies on MBEDTLS_MD_C The PSA implementation of hash algorithms, HMAC algorithms and KDF algorithms using HMAC no longer use the MD module. --- tests/suites/test_suite_psa_crypto.data | 367 ++++++++++++------------ 1 file changed, 183 insertions(+), 184 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 4cdba31a6..63a97de3c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -241,7 +241,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:128:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export HMAC key: policy forbids export -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) @@ -366,31 +366,31 @@ Key attributes initializers zero properly key_attributes_init: PSA key policy: MAC, sign | verify -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, wrong algorithm -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224) PSA key policy: MAC, alg=0 in policy -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, ANY_HASH in policy is not meaningful -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, sign but not verify -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, verify but not sign -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: MAC, neither sign nor verify -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key policy: cipher, encrypt | decrypt @@ -518,47 +518,47 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: derive via HKDF, permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key policy: derive via TLS 1.2 PRF, permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key policy: derive via HKDF, not permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key policy: derive via TLS 1.2 PRF, not permitted -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key policy: derive via HKDF, wrong algorithm -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: derive via TLS 1.2 PRF, wrong algorithm -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: agreement + KDF, permitted -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, not permitted -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, wrong agreement algorithm -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, wrong KDF algorithm -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)) PSA key policy: agreement + KDF, key only permits raw agreement -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: raw agreement, permitted @@ -753,19 +753,19 @@ depends_on:MBEDTLS_RIPEMD160_C hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS PSA hash setup: bad (unknown hash algorithm) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED PSA hash setup: bad (wildcard instead of hash algorithm) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED PSA hash setup: bad (not a hash algorithm) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA hash: bad order function calls -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C hash_bad_order: PSA hash verify: bad arguments @@ -836,7 +836,7 @@ MAC operation object initializers zero properly mac_operation_init: PSA MAC setup: good, HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS PSA MAC setup: good, AES-CMAC @@ -844,7 +844,6 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS PSA MAC setup: bad algorithm (unknown MAC algorithm) -depends_on:MBEDTLS_MD_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED PSA MAC setup: bad algorithm (not a MAC algorithm) @@ -852,15 +851,15 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT PSA MAC setup: truncated MAC too small (1 byte) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED PSA MAC setup: truncated MAC too large (33 bytes for SHA-256) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT PSA MAC setup: invalid key type, HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA MAC setup: incompatible key HMAC for CMAC @@ -877,167 +876,167 @@ depends_on:!MBEDTLS_MD5_C mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED PSA MAC: bad order function calls -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_bad_order: PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7" PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6" PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649" PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27" PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb" PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952" PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e" PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22" PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854" PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b" PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b" PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268" PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268" PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112" PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112" PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde" PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde" PSA MAC sign: CMAC-AES-128 @@ -1588,11 +1587,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH PSA import/exercise: HKDF SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA import/exercise: TLS 1.2 PRF SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA sign: RSA PKCS#1 v1.5, raw @@ -1949,435 +1948,435 @@ Crypto derivation operation object initializers zero properly key_derivation_init: PSA key derivation setup: HKDF-SHA-256, good case -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_SUCCESS PSA key derivation setup: HKDF-SHA-512, good case -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C derive_setup:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_SUCCESS PSA key derivation setup: TLS 1.2 PRF SHA-256, good case -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_setup:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_SUCCESS PSA key derivation setup: not a key derivation algorithm (HMAC) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: algorithm from bad hash -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED PSA key derivation setup: bad algorithm -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED PSA key derivation: HKDF-SHA-256, good case, direct output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, good case, key output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-512, good case -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, bad key type -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, bad key type, key output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C # Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation # detail. derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED PSA key derivation: HKDF-SHA-256, direct secret, direct output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, direct empty secret, direct output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, direct secret, key output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED PSA key derivation: HKDF-SHA-256, direct empty secret, key output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, RAW_DATA key as info -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_RAW_DATA:"4120696e666f":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: HKDF-SHA-256, DERIVE key as salt, direct output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, DERIVE key as salt, key output -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C # Whether we get NOT_PERMITTED or BAD_STATE for the output is an implementation # detail. derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"412073616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_BAD_STATE PSA key derivation: HKDF-SHA-256, DERIVE key as info -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, good case -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, key first -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, early label -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double seed -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, double key -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, bad key type -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, direct secret -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, direct empty secret -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as seed -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_RAW_DATA:"612073656564":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, RAW_DATA key as label -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_RAW_DATA:"61206c6162656c":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as seed -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_DERIVE:"612073656564":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, DERIVE key as label -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_DERIVE:"61206c6162656c":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: HKDF invalid state (double generate + read past capacity) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA key derivation: invalid state (call read/get_capacity after init and abort) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_tests: PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"" PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858" PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":"" PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":"" PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":"" PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":PSA_KEY_DERIVATION_INPUT_SECRET:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":PSA_KEY_DERIVATION_INPUT_INFO:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":"" PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":"" PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" # Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":"" PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66" PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66" PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"a0ba9f936cda311827a6f796ffd5198c":PSA_KEY_DERIVATION_INPUT_SECRET:"9bbe436ba940f017b17652849a71db35":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b" PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":"" PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f" PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f" PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"cd665cf6a8447dd6ff8b27555edb7465":PSA_KEY_DERIVATION_INPUT_SECRET:"b80b733d6ceefcdc71566ea48e5567df":PSA_KEY_DERIVATION_INPUT_LABEL:"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5" # Test case manually extracted from debug output of TLS-PSK run # Label: "master secret" # Salt: Concatenation of ClientHello.Random and ServerHello.Random PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":"" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18" PSA key derivation: HKDF SHA-256, request maximum capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"" PSA key derivation: HKDF SHA-1, request maximum capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA1_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":"" PSA key derivation: HKDF SHA-256, request too much capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256):255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: HKDF SHA-1, request too much capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA1_C derive_set_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_1):255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: over capacity 42: output 42+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff" PSA key derivation: over capacity 42: output 41+2 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff" PSA key derivation: over capacity 42: output 43+0 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"" PSA key derivation: over capacity 42: output 43+1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff" PSA key derivation: HKDF SHA-256, read maximum capacity minus 1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1 PSA key derivation: HKDF SHA-256, read maximum capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1 PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 PSA key derivation: HKDF SHA-256, exercise AES128-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise AES256-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES128-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) PSA key derivation: HKDF SHA-256, derive key export, 16+32 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 PSA key derivation: HKDF SHA-256, derive key export, 1+41 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 16+32 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32 PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41 -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 PSA key derivation: invalid type (0) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: invalid type (PSA_KEY_TYPE_CATEGORY_MASK) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: invalid length (0) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: invalid length (7 bits) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: raw data, 8 bits -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS PSA key derivation: invalid length (9 bits) -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA256_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum # output from HKDF-SHA512 (255*64 = 16320 bytes). PSA key derivation: largest possible key -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS PSA key derivation: key too large -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA512_C derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: ECDH + HKDF-SHA-256: good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_MD_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF @@ -2417,31 +2416,31 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDT raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":"" PSA generate random: 0 bytes @@ -2630,5 +2629,5 @@ depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTL persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY PSA derive persistent key: HKDF SHA-256, exportable -depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY From 7b8efaffaa306407bf7ab0a2e9c9685dd1f4f353 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Nov 2019 19:57:04 +0100 Subject: [PATCH 2107/2197] Add missing dependencies on MBEDTLS_MD_C The PSA implementations of deterministic ECDSA, of all RSA signatures and of RSA OAEP use the MD module. --- tests/suites/test_suite_psa_crypto.data | 164 ++++++++++++------------ 1 file changed, 82 insertions(+), 82 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 63a97de3c..e26fd577d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -249,7 +249,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS @@ -446,11 +446,11 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, alg=0 in policy @@ -458,7 +458,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, encrypt but not decrypt @@ -474,7 +474,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric signature, sign | verify -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, wrong algorithm family @@ -490,11 +490,11 @@ depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, wrong hash algorithm @@ -502,19 +502,19 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, alg=0 in policy -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0 PSA key policy: asymmetric signature, sign but not verify -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, verify but not sign -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature, neither sign nor verify -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: derive via HKDF, permitted @@ -621,35 +621,35 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH @@ -1559,19 +1559,19 @@ PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA keypair, PSS-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA public key, PKCS#1 v1.5 raw -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA public key, PSS-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA @@ -1579,7 +1579,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) PSA import/exercise: ECP SECP256R1 keypair, ECDH @@ -1595,41 +1595,41 @@ depends_on:MBEDTLS_SHA256_C import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA sign: RSA PKCS#1 v1.5, raw -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" PSA sign: RSA PKCS#1 v1.5 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: deterministic ECDSA SECP256R1 SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign: deterministic ECDSA SECP384R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 # Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler # to implement. sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED PSA sign: RSA PKCS#1 v1.5 raw, input too large -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small @@ -1637,7 +1637,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer @@ -1645,11 +1645,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid key type, signing with a public key @@ -1657,27 +1657,27 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid algorithm for ECC key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21 sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" PSA sign/verify: RSA PKCS#1 v1.5 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify: RSA PSS SHA-256, 0 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify: RSA PSS SHA-256, 129 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 @@ -1685,7 +1685,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: randomized ECDSA SECP256R1 SHA-384 @@ -1693,7 +1693,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify: randomized ECDSA SECP384R1 SHA-256 @@ -1701,51 +1701,51 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBE sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash length -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify: RSA PSS SHA-256, good signature, 0 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" PSA verify: RSA PSS SHA-256, good signature, 129 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" PSA verify: ECDSA SECP256R1, good @@ -1781,7 +1781,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: invalid algorithm for ECC key -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good @@ -1789,19 +1789,19 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good, with label -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good, with label -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair @@ -1809,7 +1809,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, key pair -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, input too large @@ -1821,7 +1821,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm @@ -1841,15 +1841,15 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"" PSA encrypt-decrypt: RSA OAEP-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA OAEP-SHA-256, with label -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" PSA encrypt-decrypt: RSA OAEP-SHA-384 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 @@ -1869,35 +1869,35 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":"" PSA decrypt: RSA OAEP-SHA-256, 0 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":"" PSA decrypt: RSA OAEP-SHA-256, 30 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5, invalid padding @@ -1909,7 +1909,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, invalid padding -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: invalid algorithm @@ -1921,7 +1921,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP, invalid key type (RSA public key) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) @@ -1937,11 +1937,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too small -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too large -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT Crypto derivation operation object initializers zero properly @@ -2534,11 +2534,11 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5) -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5) @@ -2546,7 +2546,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS PSA generate key: RSA, 0 bits: invalid @@ -2621,7 +2621,7 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY PSA generate persistent key: RSA, 1024 bits, exportable -depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY PSA generate persistent key: ECC, SECP256R1, exportable From 84b8fc8213503caa34e3f1bf39fd7e58eabcc0f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 28 Nov 2019 20:07:20 +0100 Subject: [PATCH 2108/2197] Use psa_hash_compute in psa_hmac_setup_internal --- library/psa_crypto.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 98166684e..84054a7e5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2737,14 +2737,8 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, if( key_length > block_size ) { - status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); - if( status != PSA_SUCCESS ) - goto cleanup; - status = psa_hash_update( &hmac->hash_ctx, key, key_length ); - if( status != PSA_SUCCESS ) - goto cleanup; - status = psa_hash_finish( &hmac->hash_ctx, - ipad, sizeof( ipad ), &key_length ); + status = psa_hash_compute( hash_alg, key, key_length, + ipad, sizeof( ipad ), &key_length ); if( status != PSA_SUCCESS ) goto cleanup; } From 1fb7aea9b3355ec807c51ca8fcdbf88b9523a4b6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 14:26:04 +0100 Subject: [PATCH 2109/2197] Add command line option to hide warnings --- tests/scripts/check-test-cases.py | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/scripts/check-test-cases.py b/tests/scripts/check-test-cases.py index 939ca2314..31fc34c52 100755 --- a/tests/scripts/check-test-cases.py +++ b/tests/scripts/check-test-cases.py @@ -20,6 +20,7 @@ # # This file is part of Mbed TLS (https://tls.mbed.org) +import argparse import glob import os import re @@ -27,9 +28,11 @@ import sys class Results: """Store file and line information about errors or warnings in test suites.""" - def __init__(self): + + def __init__(self, options): self.errors = 0 self.warnings = 0 + self.ignore_warnings = options.quiet def error(self, file_name, line_number, fmt, *args): sys.stderr.write(('{}:{}:ERROR:' + fmt + '\n'). @@ -37,9 +40,10 @@ class Results: self.errors += 1 def warning(self, file_name, line_number, fmt, *args): - sys.stderr.write(('{}:{}:Warning:' + fmt + '\n') - .format(file_name, line_number, *args)) - self.warnings += 1 + if not self.ignore_warnings: + sys.stderr.write(('{}:{}:Warning:' + fmt + '\n') + .format(file_name, line_number, *args)) + self.warnings += 1 def collect_test_directories(): """Get the relative path for the TLS and Crypto test directories.""" @@ -108,8 +112,16 @@ def check_ssl_opt_sh(results, file_name): file_name, line_number, description) def main(): + parser = argparse.ArgumentParser(description=__doc__) + parser.add_argument('--quiet', '-q', + action='store_true', + help='Hide warnings') + parser.add_argument('--verbose', '-v', + action='store_false', dest='quiet', + help='Show warnings (default: on; undoes --quiet)') + options = parser.parse_args() test_directories = collect_test_directories() - results = Results() + results = Results(options) for directory in test_directories: for data_file_name in glob.glob(os.path.join(directory, 'suites', '*.data')): @@ -117,7 +129,7 @@ def main(): ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh') if os.path.exists(ssl_opt_sh): check_ssl_opt_sh(results, ssl_opt_sh) - if results.warnings or results.errors: + if (results.warnings or results.errors) and not options.quiet: sys.stderr.write('{}: {} errors, {} warnings\n' .format(sys.argv[0], results.errors, results.warnings)) sys.exit(1 if results.errors else 0) From fa710f5c6a5e2a96e1b688a7c74a7b6a28173222 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 14:31:48 +0100 Subject: [PATCH 2110/2197] Don't declare a parameter as const Whether a parameter should be const is an implementation detail of the function, so don't declare a parameter of psa_hash_compare as const. (This only applies to parameters themselves, not to objects that pointer parameters points to.) --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 9c610838e..352281854 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -932,7 +932,7 @@ psa_status_t psa_hash_compare(psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, - const size_t hash_length); + size_t hash_length); /** The type of the state data structure for multipart hash operations. * From 29eb80d26cb084b849daee77ba0e3928c7fffda2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Jan 2020 20:42:40 +0100 Subject: [PATCH 2111/2197] Remove some spurious dependencies on MBEDTLS_SHA256_C --- tests/suites/test_suite_psa_crypto.data | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e26fd577d..71924c72e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -775,15 +775,12 @@ PSA hash finish: bad arguments hash_finish_bad_args: PSA hash compute: bad algorithm (unknown hash) -depends_on:MBEDTLS_SHA256_C hash_compute_fail:PSA_ALG_CATEGORY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED PSA hash compute: bad algorithm (wildcard) -depends_on:MBEDTLS_SHA256_C hash_compute_fail:PSA_ALG_ANY_HASH:"":32:PSA_ERROR_NOT_SUPPORTED PSA hash compute: bad algorithm (not a hash) -depends_on:MBEDTLS_SHA256_C hash_compute_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":32:PSA_ERROR_INVALID_ARGUMENT PSA hash compute: output buffer too small From 88e08464f5bb525048c4f74a3242a8bc5aff75c5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Jan 2020 20:43:00 +0100 Subject: [PATCH 2112/2197] Add dedicated test cases for psa_hash_compare psa_hash_compare is tested for good cases and invalid-signature cases in hash_compute_compare. Also test invalid-argument cases. Also run a few autonomous test cases with valid arguments. --- tests/suites/test_suite_psa_crypto.data | 29 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 20 ++++++++++++++ 2 files changed, 49 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 71924c72e..b70fc638f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -787,6 +787,35 @@ PSA hash compute: output buffer too small depends_on:MBEDTLS_SHA256_C hash_compute_fail:PSA_ALG_SHA_256:"":31:PSA_ERROR_BUFFER_TOO_SMALL +PSA hash compare: bad algorithm (unknown hash) +hash_compare_fail:PSA_ALG_CATEGORY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED + +PSA hash compare: bad algorithm (wildcard) +hash_compare_fail:PSA_ALG_ANY_HASH:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_NOT_SUPPORTED + +PSA hash compare: bad algorithm (not a hash) +hash_compare_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_ARGUMENT + +PSA hash compare: hash of a prefix +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"00":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: hash with flipped bit +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: hash with trailing garbage +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85500":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: truncated hash +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8":PSA_ERROR_INVALID_SIGNATURE + +PSA hash compare: good +depends_on:MBEDTLS_SHA256_C +hash_compare_fail:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":PSA_SUCCESS + PSA hash compute: good, SHA-1 depends_on:MBEDTLS_SHA1_C hash_compute_compare:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index c9c45b7e1..a2be082af 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2456,6 +2456,26 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_compare_fail( int alg_arg, data_t *input, + data_t *reference_hash, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t status; + + PSA_ASSERT( psa_crypto_init( ) ); + + status = psa_hash_compare( alg, input->x, input->len, + reference_hash->x, reference_hash->len ); + TEST_EQUAL( status, expected_status ); + +exit: + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_compute_compare( int alg_arg, data_t *input, data_t *expected_output ) From 13faa2d920b6dd8f1f0665f5ef30a838351d2557 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Jan 2020 16:32:21 +0100 Subject: [PATCH 2113/2197] Don't declare a parameter as const An earlier commit fixed this for psa_hash_compare. psa_mac_verify had the same flaw. --- include/psa/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 352281854..07be2b965 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -1300,7 +1300,7 @@ psa_status_t psa_mac_verify(psa_key_handle_t handle, const uint8_t *input, size_t input_length, const uint8_t *mac, - const size_t mac_length); + size_t mac_length); /** The type of the state data structure for multipart MAC operations. * From 8fe6e0de3aa7ac0af8ae14e536c88b699f8346c7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 16:58:13 +0100 Subject: [PATCH 2114/2197] Symmetric key types only use the upper 16 bits of psa_key_type_t Change the numerical encoding of values for symmetric key types to have 0000 as the lower 16 bits. Now the lower 16 bits are only used for key types that have a subtype (EC curve or DH group). --- include/psa/crypto_values.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index dbe75ad85..85d0a0d45 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -357,7 +357,7 @@ * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50010000) /** HMAC key. * @@ -381,7 +381,7 @@ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40010000) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -392,17 +392,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40020000) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40030000) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40040000) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -411,7 +411,7 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40000005) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40050000) /** RSA public key. */ #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) From 7bfcfac164604f8c17947bf8bd8e06a1768a843f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 17:22:26 +0100 Subject: [PATCH 2115/2197] Change key type encodings to avoid bit 16 Key types are now encoded through a category in the upper 4 bits (bits 28-31) and a type-within-category in the next 11 bits (bits 17-27), with bit 16 unused and bits 0-15 only used for the EC curve or DH group. For symmetric keys, bits 20-22 encode the block size (0x0=stream, 0x3=8B, 0x4=16B). --- include/psa/crypto_extra.h | 4 ++-- include/psa/crypto_values.h | 22 +++++++++---------- .../test_suite_psa_crypto_persistent_key.data | 10 ++++----- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 31e339c16..af4b95832 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -329,7 +329,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60040000) /** DSA key pair (private and public key). * @@ -347,7 +347,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70020000) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70040000) /** Whether a key type is an DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 85d0a0d45..0723ed963 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -381,7 +381,7 @@ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40010000) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x44020000) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -392,17 +392,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40020000) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x43020000) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40030000) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x44040000) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40040000) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40020000) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -411,18 +411,18 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40050000) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40040000) /** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70010000) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70020000) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x70030000) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x61000000) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x71000000) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) /** Elliptic curve key pair. * @@ -519,8 +519,8 @@ */ #define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x60040000) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x62000000) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x72000000) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) /** Diffie-Hellman key pair. * diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 9e5d45a0f..2b9e5be6d 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,17 +1,17 @@ Format for storage: RSA private key -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN Parse storage: RSA private key -parse_storage_data_check:"505341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS +parse_storage_data_check:"505341004b455900000000000100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS Parse storage: wrong version -parse_storage_data_check:"505341004b455900ffffffff0100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff0100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: data too big -parse_storage_data_check:"505341004b455900000000000100000000000170010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900000000000100000000000270010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: bad magic -parse_storage_data_check:"645341004b455900000000000100000000000170010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b455900000000000100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: truncated magic parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE From 2eea95cb5dbb87888ac28161d47c4beaff1f8d79 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 17:44:12 +0100 Subject: [PATCH 2116/2197] Extract the block size from the key type encoding --- include/psa/crypto_values.h | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 0723ed963..a86a32370 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -580,6 +580,8 @@ */ #define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd) +#define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \ + (((type) >> 24) & 7) /** The block size of a block cipher. * * \param type A cipher key type (value of type #psa_key_type_t). @@ -599,13 +601,9 @@ * \warning This macro may evaluate its argument multiple times. */ #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ - ( \ - (type) == PSA_KEY_TYPE_AES ? 16 : \ - (type) == PSA_KEY_TYPE_DES ? 8 : \ - (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \ - (type) == PSA_KEY_TYPE_ARC4 ? 1 : \ - (type) == PSA_KEY_TYPE_CHACHA20 ? 1 : \ - 0) + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ + 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \ + 0u) /** Vendor-defined algorithm flag. * From c7ef5b3f4573973f0e8302ee0214b70de195506e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Dec 2019 16:58:00 +0100 Subject: [PATCH 2117/2197] Rework mbedlts group id to PSA curve conversion Don't rely on the PSA curve identifier determining the key size, in preparation for removing that. --- library/psa_crypto.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84054a7e5..f031654a6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -375,35 +375,49 @@ static inline int psa_key_slot_is_external( const psa_key_slot_t *slot ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_ECP_C) -static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid ) +static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, + size_t *bits ) { switch( grpid ) { case MBEDTLS_ECP_DP_SECP192R1: + *bits = 192; return( PSA_ECC_CURVE_SECP192R1 ); case MBEDTLS_ECP_DP_SECP224R1: + *bits = 224; return( PSA_ECC_CURVE_SECP224R1 ); case MBEDTLS_ECP_DP_SECP256R1: + *bits = 256; return( PSA_ECC_CURVE_SECP256R1 ); case MBEDTLS_ECP_DP_SECP384R1: + *bits = 384; return( PSA_ECC_CURVE_SECP384R1 ); case MBEDTLS_ECP_DP_SECP521R1: + *bits = 521; return( PSA_ECC_CURVE_SECP521R1 ); case MBEDTLS_ECP_DP_BP256R1: + *bits = 256; return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); case MBEDTLS_ECP_DP_BP384R1: + *bits = 384; return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); case MBEDTLS_ECP_DP_BP512R1: + *bits = 512; return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); case MBEDTLS_ECP_DP_CURVE25519: + *bits = 255; return( PSA_ECC_CURVE_CURVE25519 ); case MBEDTLS_ECP_DP_SECP192K1: + *bits = 192; return( PSA_ECC_CURVE_SECP192K1 ); case MBEDTLS_ECP_DP_SECP224K1: + *bits = 224; return( PSA_ECC_CURVE_SECP224K1 ); case MBEDTLS_ECP_DP_SECP256K1: + *bits = 256; return( PSA_ECC_CURVE_SECP256K1 ); case MBEDTLS_ECP_DP_CURVE448: + *bits = 448; return( PSA_ECC_CURVE_CURVE448 ); default: return( 0 ); @@ -5251,12 +5265,13 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; psa_status_t status; + size_t bits = 0; + psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits ); mbedtls_ecdh_init( &ecdh ); - status = psa_import_ec_public_key( - mbedtls_ecc_group_to_psa( our_key->grp.id ), - peer_key, peer_key_length, - &their_key ); + status = psa_import_ec_public_key( curve, + peer_key, peer_key_length, + &their_key ); if( status != PSA_SUCCESS ) goto exit; @@ -5275,6 +5290,10 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, shared_secret, shared_secret_size, mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) ); + if( status != PSA_SUCCESS ) + goto exit; + if( PSA_BITS_TO_BYTES( bits ) != *shared_secret_length ) + status = PSA_ERROR_CORRUPTION_DETECTED; exit: mbedtls_ecdh_free( &ecdh ); From 4295e8b9c557e7545de0300368e584c59c9ea858 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 21:39:10 +0100 Subject: [PATCH 2118/2197] Rework PSA curve to mbedlts group id conversion Don't rely on the bit size encoded in the PSA curve identifier, in preparation for removing that. For some inputs, the error code on EC key creation changes from PSA_ERROR_INVALID_ARGUMENT to PSA_ERROR_NOT_SUPPORTED or vice versa. There will be further such changes in subsequent commits. --- library/psa_crypto.c | 30 ++++++++++++++++++++----- tests/suites/test_suite_psa_crypto.data | 6 +---- 2 files changed, 26 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f031654a6..8fc021a92 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -424,8 +424,10 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, } } -static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve ) +static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, + size_t byte_length ) { + (void) byte_length; switch( curve ) { case PSA_ECC_CURVE_SECP192R1: @@ -602,6 +604,8 @@ exit: #if defined(MBEDTLS_ECP_C) static psa_status_t psa_prepare_import_ec_key( psa_ecc_curve_t curve, + size_t data_length, + int is_public, mbedtls_ecp_keypair **p_ecp ) { mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE; @@ -610,8 +614,23 @@ static psa_status_t psa_prepare_import_ec_key( psa_ecc_curve_t curve, return( PSA_ERROR_INSUFFICIENT_MEMORY ); mbedtls_ecp_keypair_init( *p_ecp ); + if( is_public ) + { + /* A public key is represented as: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. + * So its data length is 2m+1 where n is the key size in bits. + */ + if( ( data_length & 1 ) == 0 ) + return( PSA_ERROR_INVALID_ARGUMENT ); + data_length = data_length / 2; + } + /* Load the group. */ - grp_id = mbedtls_ecc_group_of_psa( curve ); + grp_id = mbedtls_ecc_group_of_psa( curve, data_length ); + if( grp_id == MBEDTLS_ECP_DP_NONE ) + return( PSA_ERROR_INVALID_ARGUMENT ); return( mbedtls_to_psa_error( mbedtls_ecp_group_load( &( *p_ecp )->grp, grp_id ) ) ); } @@ -626,7 +645,7 @@ static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; - status = psa_prepare_import_ec_key( curve, &ecp ); + status = psa_prepare_import_ec_key( curve, data_length, 1, &ecp ); if( status != PSA_SUCCESS ) goto exit; @@ -668,7 +687,7 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, if( PSA_BITS_TO_BYTES( PSA_ECC_CURVE_BITS( curve ) ) != data_length ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_prepare_import_ec_key( curve, &ecp ); + status = psa_prepare_import_ec_key( curve, data_length, 0, &ecp ); if( status != PSA_SUCCESS ) goto exit; @@ -5578,7 +5597,8 @@ static psa_status_t psa_generate_key_internal( if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) { psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE( type ); - mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve ); + mbedtls_ecp_group_id grp_id = + mbedtls_ecc_group_of_psa( curve, PSA_BITS_TO_BYTES( bits ) ); const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); mbedtls_ecp_keypair *ecp; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b70fc638f..0205eea2b 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -304,11 +304,7 @@ import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325 PSA import EC public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -# For consistency with ECpub as ECpair, RSApub as RSApair and RSApair as RSApub, -# one would expect the status to be PSA_ERROR_INVALID_ARGUMENT. But the -# Mbed TLS pkparse module returns MBEDTLS_ERR_PK_INVALID_ALG, I think because -# it's looking for an OID where there is no OID. -import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C From 5055b239bfb68394a3230cecffa12af393c443f4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Dec 2019 17:49:31 +0100 Subject: [PATCH 2119/2197] Expose mbedtls/psa curve identifier conversions from psa_crypto.c --- include/psa/crypto_extra.h | 44 ++++++++++++++++++++++++++++++++++++++ library/psa_crypto.c | 8 +++---- 2 files changed, 48 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index af4b95832..fa931111d 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -560,6 +560,50 @@ psa_status_t psa_get_key_domain_parameters( /**@}*/ +/** \defgroup psa_tls_helpers TLS helper functions + * @{ + */ + +#if defined(MBEDTLS_ECP_C) +#include + +/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA. + * + * \note This function is provided solely for the convenience of + * Mbed TLS and may be removed at any time without notice. + * + * \param grpid An Mbed TLS elliptic curve identifier + * (`MBEDTLS_ECP_DP_xxx`). + * \param[out] bits On success, the bit size of the curve. + * + * \return The corresponding PSA elliptic curve identifier + * (`PSA_ECC_CURVE_xxx`). + * \return \c 0 on failure (\p grpid is not recognized). + */ +psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, + size_t *bits ); + +/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. + * + * \note This function is provided solely for the convenience of + * Mbed TLS and may be removed at any time without notice. + * + * \param curve A PSA elliptic curve identifier + * (`PSA_ECC_CURVE_xxx`). + * \param byte_length The byte-length of a private key on \p curve. + * + * \return The corresponding Mbed TLS elliptic curve identifier + * (`MBEDTLS_ECP_DP_xxx`). + * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized. + * \return #MBEDTLS_ECP_DP_NONE if \p byte_length is not + * correct for \p curve. + */ +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, + size_t byte_length ); +#endif /* MBEDTLS_ECP_C */ + +/**@}*/ + #ifdef __cplusplus } #endif diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8fc021a92..79db68696 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -375,8 +375,8 @@ static inline int psa_key_slot_is_external( const psa_key_slot_t *slot ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_ECP_C) -static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, - size_t *bits ) +psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, + size_t *bits ) { switch( grpid ) { @@ -424,8 +424,8 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, } } -static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, - size_t byte_length ) +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, + size_t byte_length ) { (void) byte_length; switch( curve ) From fc2459db137ab33f43c9cb9e6f7f4234691fd940 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Dec 2019 17:50:44 +0100 Subject: [PATCH 2120/2197] Remove mbedtls_psa_translate_ecc_group Internally, use the corresponding function from psa_crypto.c instead. Externally, this function is not used in Mbed TLS and is documented as "may change at any time". --- include/mbedtls/psa_util.h | 61 -------------------------------------- library/pk_wrap.c | 10 ++++--- 2 files changed, 6 insertions(+), 65 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 2e7393b3c..35e0a4b5e 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -317,67 +317,6 @@ static inline int mbedtls_psa_get_ecc_oid_from_id( #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ -static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid ) -{ - switch( grpid ) - { -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - case MBEDTLS_ECP_DP_SECP192R1: - return( PSA_ECC_CURVE_SECP192R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - case MBEDTLS_ECP_DP_SECP224R1: - return( PSA_ECC_CURVE_SECP224R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - case MBEDTLS_ECP_DP_SECP256R1: - return( PSA_ECC_CURVE_SECP256R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - case MBEDTLS_ECP_DP_SECP384R1: - return( PSA_ECC_CURVE_SECP384R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - case MBEDTLS_ECP_DP_SECP521R1: - return( PSA_ECC_CURVE_SECP521R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - case MBEDTLS_ECP_DP_BP256R1: - return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - case MBEDTLS_ECP_DP_BP384R1: - return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - case MBEDTLS_ECP_DP_BP512R1: - return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); -#endif -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - case MBEDTLS_ECP_DP_CURVE25519: - return( PSA_ECC_CURVE_CURVE25519 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - case MBEDTLS_ECP_DP_SECP192K1: - return( PSA_ECC_CURVE_SECP192K1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - case MBEDTLS_ECP_DP_SECP224K1: - return( PSA_ECC_CURVE_SECP224K1 ); -#endif -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - case MBEDTLS_ECP_DP_SECP256K1: - return( PSA_ECC_CURVE_SECP256K1 ); -#endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - case MBEDTLS_ECP_DP_CURVE448: - return( PSA_ECC_CURVE_CURVE448 ); -#endif - default: - return( 0 ); - } -} - /* Translations for PK layer */ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 2c665af3c..f73643149 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -542,10 +542,11 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, return( 0 ); } -static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { + mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_handle_t key_handle = 0; @@ -557,9 +558,10 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, unsigned char *p; mbedtls_pk_info_t pk_info = mbedtls_eckey_info; psa_algorithm_t psa_sig_md, psa_md; - psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group( - ( (mbedtls_ecdsa_context *) ctx )->grp.id ); - const size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7 ) / 8; + size_t curve_bits; + psa_ecc_curve_t curve = + mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits ); + const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8; if( curve == 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); From d8197cb9029ce9ea697cb490130de156959af647 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 12 Dec 2019 17:56:46 +0100 Subject: [PATCH 2121/2197] mbedtls_psa_parse_tls_ecc_group: make no assumption on PSA encodings Don't assume that the PSA encoding of elliptic curves is identical to the TLS encoding. This is currently true but about to change. The new implementation only works when MBEDTLS_ECP_C is defined. This is ok because the function is only used with MBEDTLS_ECP_C defined. --- include/mbedtls/psa_util.h | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 35e0a4b5e..fa4be0ea6 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -350,13 +350,19 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) /* This function transforms an ECC group identifier from * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * into a PSA ECC group identifier. */ +#if defined(MBEDTLS_ECP_C) static inline psa_ecc_curve_t mbedtls_psa_parse_tls_ecc_group( uint16_t tls_ecc_grp_reg_id ) { - /* The PSA identifiers are currently aligned with those from - * the TLS Supported Groups registry, so no conversion is necessary. */ - return( (psa_ecc_curve_t) tls_ecc_grp_reg_id ); + size_t bits; + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id ); + if( curve_info == NULL ) + return( 0 ); + else + return( mbedtls_ecc_group_to_psa( curve_info->grp_id, &bits ) ); } +#endif /* MBEDTLS_ECP_C */ /* This function takes a buffer holding an EC public key * exported through psa_export_public_key(), and converts From 025fccdc326d65820b2ec10c1421dc8434295c71 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Dec 2019 19:12:00 +0100 Subject: [PATCH 2122/2197] Change the encoding of EC curves and DH groups to include the size Change the representation of psa_ecc_curve_t and psa_dh_group_t from the IETF 16-bit encoding to a custom 24-bit encoding where the upper 8 bits represent a curve family and the lower 16 bits are the key size in bits. Families are based on naming and mathematical similarity, with sufficiently precise families that no two curves in a family have the same bit size (for example SECP-R1 and SECP-R2 are two different families). As a consequence, the lower 16 bits of a key type value are always either the key size or 0. --- include/psa/crypto_sizes.h | 33 +------ include/psa/crypto_types.h | 66 +------------- include/psa/crypto_values.h | 110 ++++++++---------------- library/psa_crypto.c | 3 +- tests/suites/test_suite_psa_crypto.data | 4 +- 5 files changed, 45 insertions(+), 171 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index e7aef5580..70ea4b6e1 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -198,38 +198,7 @@ * This may be 0 if the implementation does not support * the specified curve. */ -#define PSA_ECC_CURVE_BITS(curve) \ - ((curve) == PSA_ECC_CURVE_SECT163K1 ? 163 : \ - (curve) == PSA_ECC_CURVE_SECT163R1 ? 163 : \ - (curve) == PSA_ECC_CURVE_SECT163R2 ? 163 : \ - (curve) == PSA_ECC_CURVE_SECT193R1 ? 193 : \ - (curve) == PSA_ECC_CURVE_SECT193R2 ? 193 : \ - (curve) == PSA_ECC_CURVE_SECT233K1 ? 233 : \ - (curve) == PSA_ECC_CURVE_SECT233R1 ? 233 : \ - (curve) == PSA_ECC_CURVE_SECT239K1 ? 239 : \ - (curve) == PSA_ECC_CURVE_SECT283K1 ? 283 : \ - (curve) == PSA_ECC_CURVE_SECT283R1 ? 283 : \ - (curve) == PSA_ECC_CURVE_SECT409K1 ? 409 : \ - (curve) == PSA_ECC_CURVE_SECT409R1 ? 409 : \ - (curve) == PSA_ECC_CURVE_SECT571K1 ? 571 : \ - (curve) == PSA_ECC_CURVE_SECT571R1 ? 571 : \ - (curve) == PSA_ECC_CURVE_SECP160K1 ? 160 : \ - (curve) == PSA_ECC_CURVE_SECP160R1 ? 160 : \ - (curve) == PSA_ECC_CURVE_SECP160R2 ? 160 : \ - (curve) == PSA_ECC_CURVE_SECP192K1 ? 192 : \ - (curve) == PSA_ECC_CURVE_SECP192R1 ? 192 : \ - (curve) == PSA_ECC_CURVE_SECP224K1 ? 224 : \ - (curve) == PSA_ECC_CURVE_SECP224R1 ? 224 : \ - (curve) == PSA_ECC_CURVE_SECP256K1 ? 256 : \ - (curve) == PSA_ECC_CURVE_SECP256R1 ? 256 : \ - (curve) == PSA_ECC_CURVE_SECP384R1 ? 384 : \ - (curve) == PSA_ECC_CURVE_SECP521R1 ? 521 : \ - (curve) == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \ - (curve) == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \ - (curve) == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \ - (curve) == PSA_ECC_CURVE_CURVE25519 ? 255 : \ - (curve) == PSA_ECC_CURVE_CURVE448 ? 448 : \ - 0) +#define PSA_ECC_CURVE_BITS(curve) ((curve) & 0xffff) /** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN * diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index c4f9acd46..03180c6ef 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -70,78 +70,16 @@ typedef uint32_t psa_key_type_t; * The curve identifier is required to create an ECC key using the * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() * macros. - * - * The encoding of curve identifiers is taken from the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * - * This specification defines identifiers for some of the curves in the IANA - * registry. Implementations that support other curves that are in the IANA - * registry should use the IANA value and a implementation-specific identifier. - * Implemenations that support non-IANA curves should use one of the following - * approaches for allocating a key type: - * - * 1. Select a ::psa_ecc_curve_t value in the range #PSA_ECC_CURVE_VENDOR_MIN to - * #PSA_ECC_CURVE_VENDOR_MAX, which is a subset of the IANA private use - * range. - * 2. Use a ::psa_key_type_t value that is vendor-defined. - * - * The first option is recommended. */ -typedef uint16_t psa_ecc_curve_t; +typedef uint32_t psa_ecc_curve_t; /** The type of PSA Diffie-Hellman group identifiers. * * The group identifier is required to create an Diffie-Hellman key using the * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() * macros. - * - * The encoding of group identifiers is taken from the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * - * This specification defines identifiers for some of the groups in the IANA - * registry. Implementations that support other groups that are in the IANA - * registry should use the IANA value and a implementation-specific identifier. - * Implemenations that support non-IANA groups should use one of the following - * approaches for allocating a key type: - * - * 1. Select a ::psa_dh_group_t value in the range #PSA_DH_GROUP_VENDOR_MIN to - * #PSA_DH_GROUP_VENDOR_MAX, which is a subset of the IANA private use - * range. - * 2. Select a ::psa_dh_group_t value from the named groups allocated for - * GREASE in the IETF draft specification. The GREASE specification and - * values are listed below. - * 3. Use a ::psa_key_type_t value that is vendor-defined. - * - * Option 1 or 2 are recommended. - * - * The current draft of the GREASE specification is - * https://datatracker.ietf.org/doc/draft-ietf-tls-grease - * - * The following GREASE values are allocated for named groups: - * \code - * 0x0A0A - * 0x1A1A - * 0x2A2A - * 0x3A3A - * 0x4A4A - * 0x5A5A - * 0x6A6A - * 0x7A7A - * 0x8A8A - * 0x9A9A - * 0xAAAA - * 0xBABA - * 0xCACA - * 0xDADA - * 0xEAEA - * 0xFAFA - * \endcode */ -typedef uint16_t psa_dh_group_t; +typedef uint32_t psa_dh_group_t; /** \brief Encoding of a cryptographic algorithm. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a86a32370..87ad15f03 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -423,7 +423,7 @@ #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x61000000) #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x71000000) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ffffff) /** Elliptic curve key pair. * * \param curve A value of type ::psa_ecc_curve_t that identifies the @@ -458,70 +458,52 @@ ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ 0)) -/* The encoding of curve identifiers is currently aligned with the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 8422 and RFC 7027. */ -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e) -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c) +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x1600a0) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x1600c0) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x1600e0) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x160100) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x1200a0) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x1200c0) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x1200e0) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x120100) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x120180) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x120209) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x1a00a0) +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x2600a3) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x2600e9) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x2600ef) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x26011b) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x260199) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x26023b) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x2200a3) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x2200c1) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x2200e9) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x22011b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x220199) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x22023b) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x2a00a3) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x2a00c1) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x300100) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x300180) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x300200) /** Curve25519. * * This is the curve defined in Bernstein et al., * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. */ -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d) +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x0200ff) /** Curve448 * * This is the curve defined in Hamburg, * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. */ -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e) - -/** Minimum value for a vendor-defined ECC curve identifier - * - * The range for vendor-defined curve identifiers is a subset of the IANA - * registry private use range, `0xfe00` - `0xfeff`. - */ -#define PSA_ECC_CURVE_VENDOR_MIN ((psa_ecc_curve_t) 0xfe00) -/** Maximum value for a vendor-defined ECC curve identifier - * - * The range for vendor-defined curve identifiers is a subset of the IANA - * registry private use range, `0xfe00` - `0xfeff`. - */ -#define PSA_ECC_CURVE_VENDOR_MAX ((psa_ecc_curve_t) 0xfe7f) +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x0201c0) #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x62000000) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x72000000) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x0000ffff) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ffffff) /** Diffie-Hellman key pair. * * \param group A value of type ::psa_dh_group_t that identifies the @@ -556,29 +538,11 @@ ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ 0)) -/* The encoding of group identifiers is currently aligned with the - * TLS Supported Groups Registry (formerly known as the - * TLS EC Named Curve Registry) - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * The values are defined by RFC 7919. */ -#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x0100) -#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x0101) -#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x0102) -#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x0103) -#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x0104) - -/** Minimum value for a vendor-defined Diffie Hellman group identifier - * - * The range for vendor-defined group identifiers is a subset of the IANA - * registry private use range, `0x01fc` - `0x01ff`. - */ -#define PSA_DH_GROUP_VENDOR_MIN ((psa_dh_group_t) 0x01fc) -/** Maximum value for a vendor-defined Diffie Hellman group identifier - * - * The range for vendor-defined group identifiers is a subset of the IANA - * registry private use range, `0x01fc` - `0x01ff`. - */ -#define PSA_DH_GROUP_VENDOR_MAX ((psa_dh_group_t) 0x01fd) +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x020800) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x020c00) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x021000) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x021800) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x022000) #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \ (((type) >> 24) & 7) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 79db68696..1120c83f9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -427,7 +427,8 @@ psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, size_t byte_length ) { - (void) byte_length; + if( PSA_BITS_TO_BYTES( curve & 0xffff ) != byte_length ) + return( MBEDTLS_ECP_DP_NONE ); switch( curve ) { case PSA_ECC_CURVE_SECP192R1: diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0205eea2b..8f89ea365 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2594,7 +2594,9 @@ generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAG PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT +# INVALID_ARGUMENT would make more sense, but our code as currently structured +# doesn't fully relate the curve with its size. +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED PSA generate key: RSA, default e generate_key_rsa:512:"":PSA_SUCCESS From 228abc5773abdceb810780f7349dc7a93d7e826f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Dec 2019 17:24:19 +0100 Subject: [PATCH 2123/2197] Define EC curve family constants Define constants for ECC curve families and DH group families. These constants have 0x0000 in the lower 16 bits of the key type. Support these constants in the implementation and in the PSA metadata tests. Switch the slot management and secure element driver HAL tests to the new curve encodings. This requires SE driver code to become slightly more clever when figuring out the bit-size of an imported EC key since it now needs to take the data size into account. Switch some documentation to the new encodings. Remove the macro PSA_ECC_CURVE_BITS which can no longer be implemented. --- docs/getting_started.md | 2 +- include/psa/crypto.h | 8 +- include/psa/crypto_sizes.h | 10 --- include/psa/crypto_types.h | 4 +- include/psa/crypto_values.h | 81 +++++++++++++++++++ library/psa_crypto.c | 72 +++++++++++++++-- tests/scripts/test_psa_constant_names.py | 2 + .../test_suite_psa_crypto_metadata.data | 27 +++++++ .../test_suite_psa_crypto_metadata.function | 30 ++++--- .../test_suite_psa_crypto_se_driver_hal.data | 18 ++--- ...st_suite_psa_crypto_se_driver_hal.function | 28 ++++++- ...test_suite_psa_crypto_slot_management.data | 12 +-- 12 files changed, 245 insertions(+), 49 deletions(-) diff --git a/docs/getting_started.md b/docs/getting_started.md index aff687bf3..f3c1341dd 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -865,7 +865,7 @@ Mbed Crypto provides a simple way to generate a key or key pair. psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)); psa_set_key_type(&attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1)); + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1)); psa_set_key_bits(&attributes, key_bits); status = psa_generate_key(&attributes, &handle); if (status != PSA_SUCCESS) { diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 07be2b965..2b07b7471 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3502,10 +3502,10 @@ psa_status_t psa_key_derivation_output_bytes( * length is determined by the curve, and sets the mandatory bits * accordingly. That is: * - * - #PSA_ECC_CURVE_CURVE25519: draw a 32-byte string - * and process it as specified in RFC 7748 §5. - * - #PSA_ECC_CURVE_CURVE448: draw a 56-byte string - * and process it as specified in RFC 7748 §5. + * - Curve25519 (#PSA_ECC_CURVE_MONTGOMERY, 255 bits): draw a 32-byte + * string and process it as specified in RFC 7748 §5. + * - Curve448 (#PSA_ECC_CURVE_MONTGOMERY, 448 bits): draw a 56-byte + * string and process it as specified in RFC 7748 §5. * * - For key types for which the key is represented by a single sequence of * \p bits bits with constraints as to which bit sequences are acceptable, diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 70ea4b6e1..1f04222c2 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -190,16 +190,6 @@ #define PSA_VENDOR_ECC_MAX_CURVE_BITS 0 #endif -/** Bit size associated with an elliptic curve. - * - * \param curve An elliptic curve (value of type #psa_ecc_curve_t). - * - * \return The size associated with \p curve, in bits. - * This may be 0 if the implementation does not support - * the specified curve. - */ -#define PSA_ECC_CURVE_BITS(curve) ((curve) & 0xffff) - /** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN * * This macro returns the maximum length of the PSK supported diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 03180c6ef..b951cd5f5 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -65,7 +65,7 @@ typedef int32_t psa_status_t; */ typedef uint32_t psa_key_type_t; -/** The type of PSA elliptic curve identifiers. +/** The type of PSA elliptic curve family identifiers. * * The curve identifier is required to create an ECC key using the * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() @@ -73,7 +73,7 @@ typedef uint32_t psa_key_type_t; */ typedef uint32_t psa_ecc_curve_t; -/** The type of PSA Diffie-Hellman group identifiers. +/** The type of PSA Diffie-Hellman group family identifiers. * * The group identifier is required to create an Diffie-Hellman key using the * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 87ad15f03..93b7d2cdc 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -458,6 +458,79 @@ ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ 0)) +/** SEC Koblitz curves over prime fields. + * + * This family comprises the following curves: + * secp192k1, secp224k1, secp256k1. + * They are defined in _Standards for Efficient Cryptography_, + * _SEC 2: Recommended Elliptic Curve Domain Parameters_. + * https://www.secg.org/sec2-v2.pdf + */ +#define PSA_ECC_CURVE_SECP_K1 ((psa_ecc_curve_t) 0x160000) + +/** SEC random curves over prime fields. + * + * This family comprises the following curves: + * secp192k1, secp224r1, secp256r1, secp384r1, secp521r1. + * They are defined in _Standards for Efficient Cryptography_, + * _SEC 2: Recommended Elliptic Curve Domain Parameters_. + * https://www.secg.org/sec2-v2.pdf + */ +#define PSA_ECC_CURVE_SECP_R1 ((psa_ecc_curve_t) 0x120000) +/* SECP160R2 (SEC2 v1, obsolete) */ +#define PSA_ECC_CURVE_SECP_R2 ((psa_ecc_curve_t) 0x1a0000) + +/** SEC Koblitz curves over binary fields. + * + * This family comprises the following curves: + * sect163k1, sect233k1, sect239k1, sect283k1, sect409k1, sect571k1. + * They are defined in _Standards for Efficient Cryptography_, + * _SEC 2: Recommended Elliptic Curve Domain Parameters_. + * https://www.secg.org/sec2-v2.pdf + */ +#define PSA_ECC_CURVE_SECT_K1 ((psa_ecc_curve_t) 0x260000) + +/** SEC random curves over binary fields. + * + * This family comprises the following curves: + * sect163r1, sect233r1, sect283r1, sect409r1, sect571r1. + * They are defined in _Standards for Efficient Cryptography_, + * _SEC 2: Recommended Elliptic Curve Domain Parameters_. + * https://www.secg.org/sec2-v2.pdf + */ +#define PSA_ECC_CURVE_SECT_R1 ((psa_ecc_curve_t) 0x220000) + +/** SEC additional random curves over binary fields. + * + * This family comprises the following curve: + * sect163r2. + * It is defined in _Standards for Efficient Cryptography_, + * _SEC 2: Recommended Elliptic Curve Domain Parameters_. + * https://www.secg.org/sec2-v2.pdf + */ +#define PSA_ECC_CURVE_SECT_R2 ((psa_ecc_curve_t) 0x2a0000) + +/** Brainpool P random curves. + * + * This family comprises the following curves: + * brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, + * brainpoolP320r1, brainpoolP384r1, brainpoolP512r1. + * It is defined in RFC 5639. + */ +#define PSA_ECC_CURVE_BRAINPOOL_P_R1 ((psa_ecc_curve_t) 0x300000) + +/** Curve25519 and Curve448. + * + * This family comprises the following Montgomery curves: + * - 255-bit: Bernstein et al., + * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. + * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. + * - 448-bit: Hamburg, + * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. + * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. + */ +#define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x400000) + #define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x1600a0) #define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x1600c0) #define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x1600e0) @@ -538,6 +611,14 @@ ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ 0)) +/** Diffie-Hellman groups defined in RFC 7919 Appendix A. + * + * This family includes groups with the following key sizes (in bits): + * 2048, 3072, 4096, 6144, 8192. A given implementation may support + * all of these sizes or only a subset. + */ +#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x020000) + #define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x020800) #define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x020c00) #define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x021000) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1120c83f9..f0972b6c8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -427,10 +427,30 @@ psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, size_t byte_length ) { - if( PSA_BITS_TO_BYTES( curve & 0xffff ) != byte_length ) - return( MBEDTLS_ECP_DP_NONE ); + if( ( curve & 0xffff ) != 0 ) + { + if( PSA_BITS_TO_BYTES( curve & 0xffff ) != byte_length ) + return( MBEDTLS_ECP_DP_NONE ); + } switch( curve ) { + case PSA_ECC_CURVE_SECP_R1: + switch( byte_length ) + { + case PSA_BITS_TO_BYTES( 192 ): + return( MBEDTLS_ECP_DP_SECP192R1 ); + case PSA_BITS_TO_BYTES( 224 ): + return( MBEDTLS_ECP_DP_SECP224R1 ); + case PSA_BITS_TO_BYTES( 256 ): + return( MBEDTLS_ECP_DP_SECP256R1 ); + case PSA_BITS_TO_BYTES( 384 ): + return( MBEDTLS_ECP_DP_SECP384R1 ); + case PSA_BITS_TO_BYTES( 521 ): + return( MBEDTLS_ECP_DP_SECP521R1 ); + default: + return( MBEDTLS_ECP_DP_NONE ); + } + break; case PSA_ECC_CURVE_SECP192R1: return( MBEDTLS_ECP_DP_SECP192R1 ); case PSA_ECC_CURVE_SECP224R1: @@ -441,22 +461,63 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, return( MBEDTLS_ECP_DP_SECP384R1 ); case PSA_ECC_CURVE_SECP521R1: return( MBEDTLS_ECP_DP_SECP521R1 ); + + case PSA_ECC_CURVE_BRAINPOOL_P_R1: + switch( byte_length ) + { + case PSA_BITS_TO_BYTES( 256 ): + return( MBEDTLS_ECP_DP_BP256R1 ); + case PSA_BITS_TO_BYTES( 384 ): + return( MBEDTLS_ECP_DP_BP384R1 ); + case PSA_BITS_TO_BYTES( 512 ): + return( MBEDTLS_ECP_DP_BP512R1 ); + default: + return( MBEDTLS_ECP_DP_NONE ); + } + break; case PSA_ECC_CURVE_BRAINPOOL_P256R1: return( MBEDTLS_ECP_DP_BP256R1 ); case PSA_ECC_CURVE_BRAINPOOL_P384R1: return( MBEDTLS_ECP_DP_BP384R1 ); case PSA_ECC_CURVE_BRAINPOOL_P512R1: return( MBEDTLS_ECP_DP_BP512R1 ); + + case PSA_ECC_CURVE_MONTGOMERY: + switch( byte_length ) + { + case PSA_BITS_TO_BYTES( 255 ): + return( MBEDTLS_ECP_DP_CURVE25519 ); + case PSA_BITS_TO_BYTES( 448 ): + return( MBEDTLS_ECP_DP_CURVE448 ); + default: + return( MBEDTLS_ECP_DP_NONE ); + } + break; case PSA_ECC_CURVE_CURVE25519: return( MBEDTLS_ECP_DP_CURVE25519 ); + case PSA_ECC_CURVE_CURVE448: + return( MBEDTLS_ECP_DP_CURVE448 ); + + case PSA_ECC_CURVE_SECP_K1: + switch( byte_length ) + { + case PSA_BITS_TO_BYTES( 192 ): + return( MBEDTLS_ECP_DP_SECP192K1 ); + case PSA_BITS_TO_BYTES( 224 ): + return( MBEDTLS_ECP_DP_SECP224K1 ); + case PSA_BITS_TO_BYTES( 256 ): + return( MBEDTLS_ECP_DP_SECP256K1 ); + default: + return( MBEDTLS_ECP_DP_NONE ); + } + break; case PSA_ECC_CURVE_SECP192K1: return( MBEDTLS_ECP_DP_SECP192K1 ); case PSA_ECC_CURVE_SECP224K1: return( MBEDTLS_ECP_DP_SECP224K1 ); case PSA_ECC_CURVE_SECP256K1: return( MBEDTLS_ECP_DP_SECP256K1 ); - case PSA_ECC_CURVE_CURVE448: - return( MBEDTLS_ECP_DP_CURVE448 ); + default: return( MBEDTLS_ECP_DP_NONE ); } @@ -685,9 +746,6 @@ static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; - if( PSA_BITS_TO_BYTES( PSA_ECC_CURVE_BITS( curve ) ) != data_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_prepare_import_ec_key( curve, data_length, 0, &ecp ); if( status != PSA_SUCCESS ) goto exit; diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 717d0dbfa..1ea35596b 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -104,7 +104,9 @@ class Inputs: 'key_type': [self.key_types], 'block_cipher_key_type': [self.key_types], 'stream_cipher_key_type': [self.key_types], + 'ecc_key_family': [self.ecc_curves], 'ecc_key_types': [self.ecc_curves], + 'dh_key_family': [self.dh_groups], 'dh_key_types': [self.dh_groups], 'hash_algorithm': [self.hash_algorithms], 'mac_algorithm': [self.mac_algorithms], diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index d0cc79904..8c6340aae 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -351,6 +351,30 @@ Key type: DSA key pair depends_on:MBEDTLS_DSA_C key_type:PSA_KEY_TYPE_DSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_DSA +ECC key family: SECP K1 +ecc_key_family:PSA_ECC_CURVE_SECP_K1 + +ECC key family: SECP R1 +ecc_key_family:PSA_ECC_CURVE_SECP_R1 + +ECC key family: SECP R2 +ecc_key_family:PSA_ECC_CURVE_SECP_R2 + +ECC key family: SECT K1 +ecc_key_family:PSA_ECC_CURVE_SECT_K1 + +ECC key family: SECT R1 +ecc_key_family:PSA_ECC_CURVE_SECT_R1 + +ECC key family: SECT R2 +ecc_key_family:PSA_ECC_CURVE_SECT_R2 + +ECC key family: Brainpool P R1 +ecc_key_family:PSA_ECC_CURVE_BRAINPOOL_P_R1 + +ECC key family: Montgomery (Curve25519, Curve448) +ecc_key_family:PSA_ECC_CURVE_MONTGOMERY + ECC key types: sect163k1 depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED ecc_key_types:PSA_ECC_CURVE_SECT163K1:163 @@ -471,6 +495,9 @@ ECC key types: Curve448 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecc_key_types:PSA_ECC_CURVE_CURVE448:448 +DH group family: RFC 7919 +dh_key_family:PSA_DH_GROUP_RFC7919 + DH group types: FFDHE2048 dh_key_types:PSA_DH_GROUP_FFDHE2048:2048 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 9282641e4..01a1de766 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -476,11 +476,10 @@ void stream_cipher_key_type( int type_arg ) } /* END_CASE */ -/* BEGIN_CASE */ -void ecc_key_types( int curve_arg, int curve_bits_arg ) +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ +void ecc_key_family( int curve_arg ) { psa_ecc_curve_t curve = curve_arg; - size_t curve_bits = curve_bits_arg; psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve ); @@ -489,17 +488,23 @@ void ecc_key_types( int curve_arg, int curve_bits_arg ) TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve ); TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecc_key_types( int curve_arg, int curve_bits_arg ) +{ + size_t curve_bits = curve_bits_arg; + test_ecc_key_family( curve_arg ); - TEST_EQUAL( curve_bits, PSA_ECC_CURVE_BITS( curve ) ); TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ -void dh_key_types( int group_arg, int group_bits_arg ) +void dh_key_family( int group_arg ) { psa_dh_group_t group = group_arg; - size_t group_bits = group_bits_arg; psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group ); @@ -508,8 +513,15 @@ void dh_key_types( int group_arg, int group_bits_arg ) TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( public_type ), group ); TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( pair_type ), group ); - - /* We have nothing to validate about the group size yet. */ - (void) group_bits; +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ +void dh_key_types( int group_arg, int group_bits_arg ) +{ + test_dh_key_family( group_arg ); + /* We have nothing to validate about the group size yet. */ + (void) group_bits_arg; + goto exit; } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 1b0ef0494..0c2411b34 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -100,13 +100,13 @@ Key import smoke test: RSA OAEP encryption import_key_smoke:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" Key import smoke test: ECDSA secp256r1 -import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" Key import smoke test: ECDH secp256r1 -import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDH:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" Key import smoke test: ECDH secp256r1 with HKDF -import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +import_key_smoke:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" Generate key: not supported generate_key_not_supported:PSA_KEY_TYPE_AES:128 @@ -140,24 +140,24 @@ register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED Import-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Import-sign-verify: sign in driver then export_public, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Import-sign-verify: sign in software, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in driver then export_public, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in software, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" +sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 8288234f6..b468d5e5c 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -82,6 +82,28 @@ +/****************************************************************/ +/* Domain support functions */ +/****************************************************************/ + +/* Return the exact bit size given a curve family and a byte length. */ +static size_t ecc_curve_bits( psa_ecc_curve_t curve, size_t data_length ) +{ + switch( curve ) + { + case PSA_ECC_CURVE_SECP_R1: + if( data_length == PSA_BYTES_TO_BITS( 521 ) ) + return( 521 ); + break; + case PSA_ECC_CURVE_MONTGOMERY: + if( data_length == PSA_BYTES_TO_BITS( 255 ) ) + return( 255 ); + } + /* If not listed above, assume a multiple of 8 bits. */ + return( PSA_BYTES_TO_BITS( data_length ) ); +} + + /****************************************************************/ /* Miscellaneous driver methods */ /****************************************************************/ @@ -294,7 +316,11 @@ static psa_status_t ram_import( psa_drv_se_context_t *context, if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) *bits = PSA_BYTES_TO_BITS( data_length ); else if ( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - *bits = PSA_ECC_CURVE_BITS( PSA_KEY_TYPE_GET_CURVE( type ) ); + { + *bits = ecc_curve_bits( PSA_KEY_TYPE_GET_CURVE( type ), data_length ); + if( *bits == 0 ) + return( PSA_ERROR_DETECTED_BY_DRIVER ); + } else { memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index ba69cab1d..e01ba854d 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -39,27 +39,27 @@ persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX:0:0:0: Persistent slot: ECP keypair (ECDSA, exportable), close depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE Persistent slot: ECP keypair (ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable), restart depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN +persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN Attempt to overwrite: close before create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE From 45c29ce4c0d17947b16dcfcef7cc51f20e287fce Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Dec 2019 17:56:11 +0100 Subject: [PATCH 2124/2197] Move size-specific curve/group constants to crypto_compat.h --- include/psa/crypto_compat.h | 40 ++++++ include/psa/crypto_values.h | 49 ------- .../test_suite_psa_crypto_metadata.data | 136 ------------------ .../test_suite_psa_crypto_metadata.function | 20 --- 4 files changed, 40 insertions(+), 205 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index dc11da389..fb2c15028 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -102,6 +102,46 @@ typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_ #endif /* MBEDTLS_DEPRECATED_REMOVED */ +/* + * Size-specific elliptic curve and Diffie-Hellman group names + */ +#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x1600a0) +#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x1600c0) +#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x1600e0) +#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x160100) +#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x1200a0) +#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x1200c0) +#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x1200e0) +#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x120100) +#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x120180) +#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x120209) +#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x1a00a0) +#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x2600a3) +#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x2600e9) +#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x2600ef) +#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x26011b) +#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x260199) +#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x26023b) +#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x2200a3) +#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x2200c1) +#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x2200e9) +#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x22011b) +#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x220199) +#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x22023b) +#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x2a00a3) +#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x2a00c1) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x300100) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x300180) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x300200) +#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x0200ff) +#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x0201c0) + +#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x020800) +#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x020c00) +#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x021000) +#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x021800) +#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x022000) + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 93b7d2cdc..39e1e3824 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -531,49 +531,6 @@ */ #define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x400000) -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x1600a0) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x1600c0) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x1600e0) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x160100) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x1200a0) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x1200c0) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x1200e0) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x120100) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x120180) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x120209) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x1a00a0) -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x2600a3) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x2600e9) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x2600ef) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x26011b) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x260199) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x26023b) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x2200a3) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x2200c1) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x2200e9) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x22011b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x220199) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x22023b) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x2a00a3) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x2a00c1) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x300100) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x300180) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x300200) -/** Curve25519. - * - * This is the curve defined in Bernstein et al., - * _Curve25519: new Diffie-Hellman speed records_, LNCS 3958, 2006. - * The algorithm #PSA_ALG_ECDH performs X25519 when used with this curve. - */ -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x0200ff) -/** Curve448 - * - * This is the curve defined in Hamburg, - * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. - * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. - */ -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x0201c0) - #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x62000000) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x72000000) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ffffff) @@ -619,12 +576,6 @@ */ #define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x020000) -#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x020800) -#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x020c00) -#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x021000) -#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x021800) -#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x022000) - #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \ (((type) >> 24) & 7) /** The block size of a block cipher. diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 8c6340aae..b771e5823 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -375,141 +375,5 @@ ecc_key_family:PSA_ECC_CURVE_BRAINPOOL_P_R1 ECC key family: Montgomery (Curve25519, Curve448) ecc_key_family:PSA_ECC_CURVE_MONTGOMERY -ECC key types: sect163k1 -depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT163K1:163 - -ECC key types: sect163r1 -depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT163R1:163 - -ECC key types: sect163r2 -depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT163R2:163 - -ECC key types: sect193r1 -depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT193R1:193 - -ECC key types: sect193r2 -depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT193R2:193 - -ECC key types: sect233k1 -depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT233K1:233 - -ECC key types: sect233r1 -depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT233R1:233 - -ECC key types: sect239k1 -depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT239K1:239 - -ECC key types: sect283k1 -depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT283K1:283 - -ECC key types: sect283r1 -depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT283R1:283 - -ECC key types: sect409k1 -depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT409K1:409 - -ECC key types: sect409r1 -depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT409R1:409 - -ECC key types: sect571k1 -depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT571K1:571 - -ECC key types: sect571r1 -depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECT571R1:571 - -ECC key types: secp160k1 -depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP160K1:160 - -ECC key types: secp160r1 -depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP160R1:160 - -ECC key types: secp160r2 -depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP160R2:160 - -ECC key types: secp192k1 -depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP192K1:192 - -ECC key types: secp192r1 -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP192R1:192 - -ECC key types: secp224k1 -depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP224K1:224 - -ECC key types: secp224r1 -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP224R1:224 - -ECC key types: secp256k1 -depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP256K1:256 - -ECC key types: secp256r1 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP256R1:256 - -ECC key types: secp384r1 -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP384R1:384 - -ECC key types: secp521r1 -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_SECP521R1:521 - -ECC key types: Brainpool P256R1 -depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256 - -ECC key types: Brainpool P384R1 -depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384 - -ECC key types: Brainpool P512R1 -depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED -ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512 - -ECC key types: Curve25519 -depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED -ecc_key_types:PSA_ECC_CURVE_CURVE25519:255 - -ECC key types: Curve448 -depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED -ecc_key_types:PSA_ECC_CURVE_CURVE448:448 - DH group family: RFC 7919 dh_key_family:PSA_DH_GROUP_RFC7919 - -DH group types: FFDHE2048 -dh_key_types:PSA_DH_GROUP_FFDHE2048:2048 - -DH group types: FFDHE3072 -dh_key_types:PSA_DH_GROUP_FFDHE3072:2048 - -DH group types: FFDHE4096 -dh_key_types:PSA_DH_GROUP_FFDHE4096:2048 - -DH group types: FFDHE6144 -dh_key_types:PSA_DH_GROUP_FFDHE6144:2048 - -DH group types: FFDHE8192 -dh_key_types:PSA_DH_GROUP_FFDHE8192:2048 - diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 01a1de766..880105860 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -491,16 +491,6 @@ void ecc_key_family( int curve_arg ) } /* END_CASE */ -/* BEGIN_CASE */ -void ecc_key_types( int curve_arg, int curve_bits_arg ) -{ - size_t curve_bits = curve_bits_arg; - test_ecc_key_family( curve_arg ); - - TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ void dh_key_family( int group_arg ) { @@ -515,13 +505,3 @@ void dh_key_family( int group_arg ) TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( pair_type ), group ); } /* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ -void dh_key_types( int group_arg, int group_bits_arg ) -{ - test_dh_key_family( group_arg ); - /* We have nothing to validate about the group size yet. */ - (void) group_bits_arg; - goto exit; -} -/* END_CASE */ From 85f47c9d69cd0240d47ba1ec8845e7e7c7cbdc00 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Dec 2019 20:44:15 +0100 Subject: [PATCH 2125/2197] pk tests: USE_PSA_CRYPTO: test attributes of the PSA key --- tests/suites/test_suite_pk.function | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 47427252c..91c1f88bd 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1233,12 +1233,15 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ void pk_psa_sign( ) { + mbedtls_ecp_group_id grpid = MBEDTLS_ECP_DP_SECP256R1; mbedtls_pk_context pk; unsigned char hash[50], sig[100], pkey_legacy[100], pkey_psa[100]; unsigned char *pkey_legacy_start, *pkey_psa_start; size_t sig_len, klen_legacy, klen_psa; int ret; psa_key_handle_t handle; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + size_t expected_bits; /* * This tests making signatures with a wrapped PSA key: @@ -1254,7 +1257,7 @@ void pk_psa_sign( ) mbedtls_pk_init( &pk ); TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_key( MBEDTLS_ECP_DP_SECP256R1, + TEST_ASSERT( mbedtls_ecp_gen_key( grpid, (mbedtls_ecp_keypair*) pk.pk_ctx, rnd_std_rand, NULL ) == 0 ); @@ -1270,6 +1273,14 @@ void pk_psa_sign( ) TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle, PSA_ALG_SHA_256 ) == 0 ); + PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), + PSA_KEY_TYPE_ECC_KEY_PAIR( + mbedtls_ecc_group_to_psa( grpid, &expected_bits ) ) ); + TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); + TEST_EQUAL( psa_get_key_lifetime( &attributes ), + PSA_KEY_LIFETIME_VOLATILE ); + memset( hash, 0x2a, sizeof hash ); memset( sig, 0, sizeof sig ); From 33b1c6990819a15f0324c160ba6a005d970ec464 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 19 Dec 2019 00:09:47 +0100 Subject: [PATCH 2126/2197] pk tests: USE_PSA_CRYPTO: test several curves --- tests/suites/test_suite_pk.data | 38 +++++++++++++++++++++++++++-- tests/suites/test_suite_pk.function | 24 ++++++++++++------ 2 files changed, 52 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index caa4c7776..25d0f2db9 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -271,5 +271,39 @@ ECDSA restartable sign/verify: ECKEY, max_ops=250 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64 -PSA wrapped sign -pk_psa_sign: +PSA wrapped sign: SECP256R1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_CURVE_SECP256R1:256 + +PSA wrapped sign: SECP384R1 +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_CURVE_SECP384R1:384 + +PSA wrapped sign: SECP521R1 +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_CURVE_SECP521R1:521 + +PSA wrapped sign: SECP192K1 +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_CURVE_SECP192K1:192 + +## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336 +# PSA wrapped sign: SECP224K1 +# depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_CURVE_SECP224K1:224 + +PSA wrapped sign: SECP256K1 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_CURVE_SECP256K1:256 + +PSA wrapped sign: BP256R1 +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_CURVE_BRAINPOOL_P256R1:256 + +PSA wrapped sign: BP384R1 +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_CURVE_BRAINPOOL_P384R1:384 + +PSA wrapped sign: BP512R1 +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_CURVE_BRAINPOOL_P512R1:512 diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 91c1f88bd..2eeb07655 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -10,6 +10,11 @@ #include #include +/* Needed only for test case data under #if defined(MBEDTLS_USE_PSA_CRYPTO), + * but the test code generator requires test case data to be valid C code + * unconditionally (https://github.com/ARMmbed/mbedtls/issues/2023). */ +#include "psa/crypto.h" + #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" #include "psa_crypto_helpers.h" @@ -1230,18 +1235,23 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -void pk_psa_sign( ) +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */ +void pk_psa_sign( int grpid_arg, + int psa_curve_arg, int expected_bits_arg ) { - mbedtls_ecp_group_id grpid = MBEDTLS_ECP_DP_SECP256R1; + mbedtls_ecp_group_id grpid = grpid_arg; mbedtls_pk_context pk; - unsigned char hash[50], sig[100], pkey_legacy[100], pkey_psa[100]; + unsigned char hash[32]; + unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; + unsigned char pkey_legacy[200]; + unsigned char pkey_psa[200]; unsigned char *pkey_legacy_start, *pkey_psa_start; size_t sig_len, klen_legacy, klen_psa; int ret; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - size_t expected_bits; + psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg ); + size_t expected_bits = expected_bits_arg; /* * This tests making signatures with a wrapped PSA key: @@ -1274,9 +1284,7 @@ void pk_psa_sign( ) PSA_ALG_SHA_256 ) == 0 ); PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), - PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_ecc_group_to_psa( grpid, &expected_bits ) ) ); + TEST_EQUAL( psa_get_key_type( &attributes ), expected_type ); TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); TEST_EQUAL( psa_get_key_lifetime( &attributes ), PSA_KEY_LIFETIME_VOLATILE ); From 89177e862b97f01d5adf78542af6ed25b4976044 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Dec 2019 21:19:09 +0100 Subject: [PATCH 2127/2197] Convert USE_PSA_CRYPTO pk interface to the new PSA EC curve encoding --- include/mbedtls/psa_util.h | 113 ++++++++++++++++------------ library/pkwrite.c | 6 +- tests/suites/test_suite_pk.function | 4 +- 3 files changed, 70 insertions(+), 53 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index fa4be0ea6..be45542d6 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -160,81 +160,96 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg /* Translations for ECC. */ static inline int mbedtls_psa_get_ecc_oid_from_id( - psa_ecc_curve_t curve, char const **oid, size_t *oid_len ) + psa_ecc_curve_t curve, size_t bits, + char const **oid, size_t *oid_len ) { switch( curve ) { + case PSA_ECC_CURVE_SECP_R1: + switch( bits ) + { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - case PSA_ECC_CURVE_SECP192R1: - *oid = MBEDTLS_OID_EC_GRP_SECP192R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); - return( 0 ); + case 192: + *oid = MBEDTLS_OID_EC_GRP_SECP192R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - case PSA_ECC_CURVE_SECP224R1: - *oid = MBEDTLS_OID_EC_GRP_SECP224R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); - return( 0 ); + case 224: + *oid = MBEDTLS_OID_EC_GRP_SECP224R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - case PSA_ECC_CURVE_SECP256R1: - *oid = MBEDTLS_OID_EC_GRP_SECP256R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); - return( 0 ); + case 256: + *oid = MBEDTLS_OID_EC_GRP_SECP256R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - case PSA_ECC_CURVE_SECP384R1: - *oid = MBEDTLS_OID_EC_GRP_SECP384R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); - return( 0 ); + case 384: + *oid = MBEDTLS_OID_EC_GRP_SECP384R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - case PSA_ECC_CURVE_SECP521R1: - *oid = MBEDTLS_OID_EC_GRP_SECP521R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); - return( 0 ); + case 521: + *oid = MBEDTLS_OID_EC_GRP_SECP521R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + } + break; + case PSA_ECC_CURVE_SECP_K1: + switch( bits ) + { #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - case PSA_ECC_CURVE_SECP192K1: - *oid = MBEDTLS_OID_EC_GRP_SECP192K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); - return( 0 ); + case 192: + *oid = MBEDTLS_OID_EC_GRP_SECP192K1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - case PSA_ECC_CURVE_SECP224K1: - *oid = MBEDTLS_OID_EC_GRP_SECP224K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); - return( 0 ); + case 224: + *oid = MBEDTLS_OID_EC_GRP_SECP224K1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - case PSA_ECC_CURVE_SECP256K1: - *oid = MBEDTLS_OID_EC_GRP_SECP256K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); - return( 0 ); + case 256: + *oid = MBEDTLS_OID_EC_GRP_SECP256K1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + } + break; + case PSA_ECC_CURVE_BRAINPOOL_P_R1: + switch( bits ) + { #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - case PSA_ECC_CURVE_BRAINPOOL_P256R1: - *oid = MBEDTLS_OID_EC_GRP_BP256R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); - return( 0 ); + case 256: + *oid = MBEDTLS_OID_EC_GRP_BP256R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - case PSA_ECC_CURVE_BRAINPOOL_P384R1: - *oid = MBEDTLS_OID_EC_GRP_BP384R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); - return( 0 ); + case 384: + *oid = MBEDTLS_OID_EC_GRP_BP384R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - case PSA_ECC_CURVE_BRAINPOOL_P512R1: - *oid = MBEDTLS_OID_EC_GRP_BP512R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); - return( 0 ); + case 512: + *oid = MBEDTLS_OID_EC_GRP_BP512R1; + *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); + return( 0 ); #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ - default: - (void) oid; - (void) oid_len; - return( -1 ); + } + break; } + (void) oid; + (void) oid_len; + return( -1 ); } #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1 diff --git a/library/pkwrite.c b/library/pkwrite.c index 49a21bf08..4fa542415 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -273,18 +273,20 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si psa_key_type_t key_type; psa_key_handle_t handle; psa_ecc_curve_t curve; + size_t bits; handle = *((psa_key_handle_t*) key->pk_ctx ); if( PSA_SUCCESS != psa_get_key_attributes( handle, &attributes ) ) return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); key_type = psa_get_key_type( &attributes ); + bits = psa_get_key_bits( &attributes ); psa_reset_key_attributes( &attributes ); - curve = PSA_KEY_TYPE_GET_CURVE( key_type ); + curve = PSA_KEY_TYPE_GET_CURVE( key_type ) & 0xff0000; if( curve == 0 ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - ret = mbedtls_psa_get_ecc_oid_from_id( curve, &oid, &oid_len ); + ret = mbedtls_psa_get_ecc_oid_from_id( curve, bits, &oid, &oid_len ); if( ret != 0 ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 2eeb07655..d88ca5454 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -107,8 +107,8 @@ psa_key_handle_t pk_psa_genkey( void ) { psa_key_handle_t key; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const int curve = PSA_ECC_CURVE_SECP256R1; - const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve); + const psa_key_type_t type = + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ); const size_t bits = 256; psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); From 4080c91e7326c61ca3afe5776b1ee57e7d93da07 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Dec 2019 20:43:03 +0100 Subject: [PATCH 2128/2197] pk: USE_PSA_CRYPTO: don't translate via the TLS ID Use the same translation function that the PSA crypto implementation uses. --- library/pk.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/pk.c b/library/pk.c index 9d4100bb9..b83ba8e71 100644 --- a/library/pk.c +++ b/library/pk.c @@ -605,6 +605,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, psa_ecc_curve_t curve_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; + size_t bits; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* export the private key material in the format PSA wants */ @@ -616,12 +617,12 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 ) return( ret ); - curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; - key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); + curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits ); + key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id ); /* prepare the key attributes */ psa_set_key_type( &attributes, key_type ); + psa_set_key_bits( &attributes, bits ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); From 80d26fb56f836f7807fdb5d8260c52af8dbb5d4c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2019 16:13:28 +0100 Subject: [PATCH 2129/2197] Switch psa_crypto tests to the new curve encoding --- tests/suites/test_suite_psa_crypto.data | 188 ++++++++++++------------ 1 file changed, 94 insertions(+), 94 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8f89ea365..7c756c329 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -166,59 +166,59 @@ import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d0952 PSA import/export EC secp224r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1 +import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED -import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" +import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 +import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED -import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 +import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 +import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED -import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1 +import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export-public: cannot export-public a symmetric key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C @@ -226,15 +226,15 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA PSA import/export EC secp256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export EC secp521r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP521R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 +import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:521:0:PSA_SUCCESS:1 PSA import/export EC brainpoolP256r1 public key: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED -import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 +import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:256:0:PSA_SUCCESS:1 PSA import/export AES key: policy forbids export depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR @@ -276,39 +276,39 @@ import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: DER format depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: too short depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d == n - 1 (good) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_SUCCESS +import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_SUCCESS PSA import EC keypair: secp256r1, d == n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d > n (bad) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC public key: key pair depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: valid key but RSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C -import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):0:PSA_ERROR_INVALID_ARGUMENT +import_with_data:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import AES: bits=0 ok depends_on:MBEDTLS_AES_C @@ -352,11 +352,11 @@ check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDI PSA key policy: ECC SECP256R1, sign depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, sign+verify depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY Key attributes initializers zero properly key_attributes_init: @@ -483,7 +483,7 @@ asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_H PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -539,39 +539,39 @@ derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KE PSA key policy: agreement + KDF, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, not permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, wrong agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: agreement + KDF, wrong KDF algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)) PSA key policy: agreement + KDF, key only permits raw agreement depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy: raw agreement, permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH PSA key policy: raw agreement, not permitted depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH +raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH PSA key policy: raw agreement, wrong algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH PSA key policy: raw agreement, key only permits a KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) +raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)) PSA key policy algorithm2: CTR, CBC depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC_NOPAD @@ -579,7 +579,7 @@ key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAG PSA key policy algorithm2: ECDH, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C -key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY +key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY Copy key: raw, 1 byte copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 @@ -650,23 +650,23 @@ copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) +copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy fail: raw data, no COPY flag copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_ERROR_NOT_PERMITTED @@ -703,11 +703,11 @@ copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"4 Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT +copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT Hash operation object initializers zero properly hash_operation_init: @@ -1598,15 +1598,15 @@ import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa PSA import/exercise: ECP SECP256R1 keypair, ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) PSA import/exercise: ECP SECP256R1 keypair, ECDH depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_ALG_ECDH PSA import/exercise: HKDF SHA-256 depends_on:MBEDTLS_SHA256_C @@ -1626,15 +1626,15 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee8 PSA sign: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign: deterministic ECDSA SECP256R1 SHA-384 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" +sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign: deterministic ECDSA SECP384R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" +sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1656,7 +1656,7 @@ sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1664,15 +1664,15 @@ sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign: invalid key type, signing with a public key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C @@ -1680,7 +1680,7 @@ sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13 PSA sign: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21 -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify: RSA PKCS#1 v1.5, raw depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15 @@ -1704,27 +1704,27 @@ sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fd PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: randomized ECDSA SECP256R1 SHA-384 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify: randomized ECDSA SECP384R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C @@ -1772,39 +1772,39 @@ asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fd PSA verify: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify with keypair: ECDSA SECP256R1, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature of correct size depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature (empty) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature (truncated) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature (trailing junk) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE PSA verify: ECDSA SECP256R1, wrong signature (leading junk) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify: invalid algorithm for ECC key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_MD_C:MBEDTLS_PKCS1_V21 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT +asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 @@ -2391,79 +2391,79 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key agreement setup: ECDH + HKDF-SHA-256: good depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP_R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: bad key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: KDF instead of a key agreement algorithm depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA raw key agreement: ECDH SECP256R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA raw key agreement: ECDH SECP384R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" PSA raw key agreement: ECDH SECP521R1 (RFC 5903) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027) depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C -raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" +raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 +key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C -key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":"" +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":"" PSA generate random: 0 bytes generate_random:0 @@ -2590,13 +2590,13 @@ generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USA PSA generate key: ECC, SECP256R1, good depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C # INVALID_ARGUMENT would make more sense, but our code as currently structured # doesn't fully relate the curve with its size. -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED PSA generate key: RSA, default e generate_key_rsa:512:"":PSA_SUCCESS @@ -2650,7 +2650,7 @@ persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_U PSA generate persistent key: ECC, SECP256R1, exportable depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY PSA derive persistent key: HKDF SHA-256, exportable depends_on:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C From d1959dcd4a7bdb9baac83727d3d6fe72c8f46b0b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Dec 2019 20:44:49 +0100 Subject: [PATCH 2130/2197] Change auxiliary functions for TLS to the new PSA EC curve encoding This is a change to an internal API that is exposed only for the sake of Mbed TLS. --- include/mbedtls/psa_util.h | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index be45542d6..513bc5feb 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -366,16 +366,15 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 * into a PSA ECC group identifier. */ #if defined(MBEDTLS_ECP_C) -static inline psa_ecc_curve_t mbedtls_psa_parse_tls_ecc_group( - uint16_t tls_ecc_grp_reg_id ) +static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( + uint16_t tls_ecc_grp_reg_id, size_t *bits ) { - size_t bits; const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id ); if( curve_info == NULL ) return( 0 ); - else - return( mbedtls_ecc_group_to_psa( curve_info->grp_id, &bits ) ); + return( PSA_KEY_TYPE_ECC_KEY_PAIR( + mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) ); } #endif /* MBEDTLS_ECP_C */ @@ -404,15 +403,12 @@ static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src, * exchanges) and converts it into a format that the PSA key * agreement API understands. */ -static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( psa_ecc_curve_t curve, - unsigned char const *src, +static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src, size_t srclen, unsigned char *dst, size_t dstlen, size_t *olen ) { - ((void) curve); - if( srclen > dstlen ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); From b87b71946727b06dfb12d288ef52c4176ea475c1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2019 16:24:10 +0100 Subject: [PATCH 2131/2197] Remove old values of curve encodings Remove the values of curve encodings that are based on the TLS registry and include the curve size, keeping only the new encoding that merely encodes a curve family in 8 bits. Keep the old constant names as aliases for the new values and deprecate the old names. --- include/psa/crypto_compat.h | 107 +++++++++++++------- library/psa_crypto.c | 52 +++------- tests/suites/test_suite_pk.data | 18 ++-- tests/suites/test_suite_psa_crypto.function | 39 ++++++- 4 files changed, 132 insertions(+), 84 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index fb2c15028..4926bf5aa 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -50,6 +50,8 @@ extern "C" { typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t; typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t; +typedef MBEDTLS_PSA_DEPRECATED psa_ecc_curve_t mbedtls_deprecated_psa_ecc_curve_t; +typedef MBEDTLS_PSA_DEPRECATED psa_dh_group_t mbedtls_deprecated_psa_dh_group_t; #define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ ( (mbedtls_deprecated_##type) ( value ) ) @@ -105,42 +107,77 @@ typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_ /* * Size-specific elliptic curve and Diffie-Hellman group names */ -#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x1600a0) -#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x1600c0) -#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x1600e0) -#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x160100) -#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x1200a0) -#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x1200c0) -#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x1200e0) -#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x120100) -#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x120180) -#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x120209) -#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x1a00a0) -#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x2600a3) -#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x2600e9) -#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x2600ef) -#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x26011b) -#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x260199) -#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x26023b) -#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x2200a3) -#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x2200c1) -#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x2200e9) -#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x22011b) -#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x220199) -#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x22023b) -#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x2a00a3) -#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x2a00c1) -#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x300100) -#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x300180) -#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x300200) -#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x0200ff) -#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x0201c0) +#define PSA_ECC_CURVE_SECP160K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 ) +#define PSA_ECC_CURVE_SECP192K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 ) +#define PSA_ECC_CURVE_SECP224K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 ) +#define PSA_ECC_CURVE_SECP256K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_K1 ) +#define PSA_ECC_CURVE_SECP160R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 ) +#define PSA_ECC_CURVE_SECP192R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 ) +#define PSA_ECC_CURVE_SECP224R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 ) +#define PSA_ECC_CURVE_SECP256R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 ) +#define PSA_ECC_CURVE_SECP384R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 ) +#define PSA_ECC_CURVE_SECP521R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R1 ) +#define PSA_ECC_CURVE_SECP160R2 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECP_R2 ) +#define PSA_ECC_CURVE_SECT163K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 ) +#define PSA_ECC_CURVE_SECT233K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 ) +#define PSA_ECC_CURVE_SECT239K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 ) +#define PSA_ECC_CURVE_SECT283K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 ) +#define PSA_ECC_CURVE_SECT409K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 ) +#define PSA_ECC_CURVE_SECT571K1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_K1 ) +#define PSA_ECC_CURVE_SECT163R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 ) +#define PSA_ECC_CURVE_SECT193R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 ) +#define PSA_ECC_CURVE_SECT233R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 ) +#define PSA_ECC_CURVE_SECT283R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 ) +#define PSA_ECC_CURVE_SECT409R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 ) +#define PSA_ECC_CURVE_SECT571R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R1 ) +#define PSA_ECC_CURVE_SECT163R2 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R2 ) +#define PSA_ECC_CURVE_SECT193R2 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_SECT_R2 ) +#define PSA_ECC_CURVE_BRAINPOOL_P256R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_BRAINPOOL_P_R1 ) +#define PSA_ECC_CURVE_BRAINPOOL_P384R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_BRAINPOOL_P_R1 ) +#define PSA_ECC_CURVE_BRAINPOOL_P512R1 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_BRAINPOOL_P_R1 ) +#define PSA_ECC_CURVE_CURVE25519 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_MONTGOMERY ) +#define PSA_ECC_CURVE_CURVE448 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_curve_t, PSA_ECC_CURVE_MONTGOMERY ) -#define PSA_DH_GROUP_FFDHE2048 ((psa_dh_group_t) 0x020800) -#define PSA_DH_GROUP_FFDHE3072 ((psa_dh_group_t) 0x020c00) -#define PSA_DH_GROUP_FFDHE4096 ((psa_dh_group_t) 0x021000) -#define PSA_DH_GROUP_FFDHE6144 ((psa_dh_group_t) 0x021800) -#define PSA_DH_GROUP_FFDHE8192 ((psa_dh_group_t) 0x022000) +#define PSA_DH_GROUP_FFDHE2048 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) +#define PSA_DH_GROUP_FFDHE3072 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) +#define PSA_DH_GROUP_FFDHE4096 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) +#define PSA_DH_GROUP_FFDHE6144 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) +#define PSA_DH_GROUP_FFDHE8192 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) #ifdef __cplusplus } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f0972b6c8..63fbaed02 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -382,43 +382,43 @@ psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, { case MBEDTLS_ECP_DP_SECP192R1: *bits = 192; - return( PSA_ECC_CURVE_SECP192R1 ); + return( PSA_ECC_CURVE_SECP_R1 ); case MBEDTLS_ECP_DP_SECP224R1: *bits = 224; - return( PSA_ECC_CURVE_SECP224R1 ); + return( PSA_ECC_CURVE_SECP_R1 ); case MBEDTLS_ECP_DP_SECP256R1: *bits = 256; - return( PSA_ECC_CURVE_SECP256R1 ); + return( PSA_ECC_CURVE_SECP_R1 ); case MBEDTLS_ECP_DP_SECP384R1: *bits = 384; - return( PSA_ECC_CURVE_SECP384R1 ); + return( PSA_ECC_CURVE_SECP_R1 ); case MBEDTLS_ECP_DP_SECP521R1: *bits = 521; - return( PSA_ECC_CURVE_SECP521R1 ); + return( PSA_ECC_CURVE_SECP_R1 ); case MBEDTLS_ECP_DP_BP256R1: *bits = 256; - return( PSA_ECC_CURVE_BRAINPOOL_P256R1 ); + return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); case MBEDTLS_ECP_DP_BP384R1: *bits = 384; - return( PSA_ECC_CURVE_BRAINPOOL_P384R1 ); + return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); case MBEDTLS_ECP_DP_BP512R1: *bits = 512; - return( PSA_ECC_CURVE_BRAINPOOL_P512R1 ); + return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); case MBEDTLS_ECP_DP_CURVE25519: *bits = 255; - return( PSA_ECC_CURVE_CURVE25519 ); + return( PSA_ECC_CURVE_MONTGOMERY ); case MBEDTLS_ECP_DP_SECP192K1: *bits = 192; - return( PSA_ECC_CURVE_SECP192K1 ); + return( PSA_ECC_CURVE_SECP_K1 ); case MBEDTLS_ECP_DP_SECP224K1: *bits = 224; - return( PSA_ECC_CURVE_SECP224K1 ); + return( PSA_ECC_CURVE_SECP_K1 ); case MBEDTLS_ECP_DP_SECP256K1: *bits = 256; - return( PSA_ECC_CURVE_SECP256K1 ); + return( PSA_ECC_CURVE_SECP_K1 ); case MBEDTLS_ECP_DP_CURVE448: *bits = 448; - return( PSA_ECC_CURVE_CURVE448 ); + return( PSA_ECC_CURVE_MONTGOMERY ); default: return( 0 ); } @@ -451,16 +451,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, return( MBEDTLS_ECP_DP_NONE ); } break; - case PSA_ECC_CURVE_SECP192R1: - return( MBEDTLS_ECP_DP_SECP192R1 ); - case PSA_ECC_CURVE_SECP224R1: - return( MBEDTLS_ECP_DP_SECP224R1 ); - case PSA_ECC_CURVE_SECP256R1: - return( MBEDTLS_ECP_DP_SECP256R1 ); - case PSA_ECC_CURVE_SECP384R1: - return( MBEDTLS_ECP_DP_SECP384R1 ); - case PSA_ECC_CURVE_SECP521R1: - return( MBEDTLS_ECP_DP_SECP521R1 ); case PSA_ECC_CURVE_BRAINPOOL_P_R1: switch( byte_length ) @@ -475,12 +465,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, return( MBEDTLS_ECP_DP_NONE ); } break; - case PSA_ECC_CURVE_BRAINPOOL_P256R1: - return( MBEDTLS_ECP_DP_BP256R1 ); - case PSA_ECC_CURVE_BRAINPOOL_P384R1: - return( MBEDTLS_ECP_DP_BP384R1 ); - case PSA_ECC_CURVE_BRAINPOOL_P512R1: - return( MBEDTLS_ECP_DP_BP512R1 ); case PSA_ECC_CURVE_MONTGOMERY: switch( byte_length ) @@ -493,10 +477,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, return( MBEDTLS_ECP_DP_NONE ); } break; - case PSA_ECC_CURVE_CURVE25519: - return( MBEDTLS_ECP_DP_CURVE25519 ); - case PSA_ECC_CURVE_CURVE448: - return( MBEDTLS_ECP_DP_CURVE448 ); case PSA_ECC_CURVE_SECP_K1: switch( byte_length ) @@ -511,12 +491,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, return( MBEDTLS_ECP_DP_NONE ); } break; - case PSA_ECC_CURVE_SECP192K1: - return( MBEDTLS_ECP_DP_SECP192K1 ); - case PSA_ECC_CURVE_SECP224K1: - return( MBEDTLS_ECP_DP_SECP224K1 ); - case PSA_ECC_CURVE_SECP256K1: - return( MBEDTLS_ECP_DP_SECP256K1 ); default: return( MBEDTLS_ECP_DP_NONE ); diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 25d0f2db9..f44189682 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -273,37 +273,37 @@ pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75 PSA wrapped sign: SECP256R1 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_CURVE_SECP256R1:256 +pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_CURVE_SECP_R1:256 PSA wrapped sign: SECP384R1 depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_CURVE_SECP384R1:384 +pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_CURVE_SECP_R1:384 PSA wrapped sign: SECP521R1 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_CURVE_SECP521R1:521 +pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_CURVE_SECP_R1:521 PSA wrapped sign: SECP192K1 depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_CURVE_SECP192K1:192 +pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_CURVE_SECP_K1:192 ## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336 # PSA wrapped sign: SECP224K1 # depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED -# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_CURVE_SECP224K1:224 +# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_CURVE_SECP_K1:224 PSA wrapped sign: SECP256K1 depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_CURVE_SECP256K1:256 +pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_CURVE_SECP_K1:256 PSA wrapped sign: BP256R1 depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_CURVE_BRAINPOOL_P256R1:256 +pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_CURVE_BRAINPOOL_P_R1:256 PSA wrapped sign: BP384R1 depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_CURVE_BRAINPOOL_P384R1:384 +pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_CURVE_BRAINPOOL_P_R1:384 PSA wrapped sign: BP512R1 depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED -pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_CURVE_BRAINPOOL_P512R1:512 +pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_CURVE_BRAINPOOL_P_R1:512 diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a2be082af..b6e6e5a97 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1258,7 +1258,44 @@ void static_checks( ) TEST_EQUAL( PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH ); TEST_EQUAL( PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH ); TEST_EQUAL( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE ); -#endif /* MBEDTLS_TEST_DEPRECATED */ + + TEST_EQUAL( PSA_ECC_CURVE_SECP160K1, PSA_ECC_CURVE_SECP_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP192K1, PSA_ECC_CURVE_SECP_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP224K1, PSA_ECC_CURVE_SECP_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP256K1, PSA_ECC_CURVE_SECP_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP160R1, PSA_ECC_CURVE_SECP_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP192R1, PSA_ECC_CURVE_SECP_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP224R1, PSA_ECC_CURVE_SECP_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP256R1, PSA_ECC_CURVE_SECP_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP384R1, PSA_ECC_CURVE_SECP_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP521R1, PSA_ECC_CURVE_SECP_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECP160R2, PSA_ECC_CURVE_SECP_R2 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT163K1, PSA_ECC_CURVE_SECT_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT233K1, PSA_ECC_CURVE_SECT_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT239K1, PSA_ECC_CURVE_SECT_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT283K1, PSA_ECC_CURVE_SECT_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT409K1, PSA_ECC_CURVE_SECT_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT571K1, PSA_ECC_CURVE_SECT_K1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT163R1, PSA_ECC_CURVE_SECT_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT193R1, PSA_ECC_CURVE_SECT_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT233R1, PSA_ECC_CURVE_SECT_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT283R1, PSA_ECC_CURVE_SECT_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT409R1, PSA_ECC_CURVE_SECT_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT571R1, PSA_ECC_CURVE_SECT_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT163R2, PSA_ECC_CURVE_SECT_R2 ); + TEST_EQUAL( PSA_ECC_CURVE_SECT193R2, PSA_ECC_CURVE_SECT_R2 ); + TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_CURVE_BRAINPOOL_P_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_CURVE_BRAINPOOL_P_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_CURVE_BRAINPOOL_P_R1 ); + TEST_EQUAL( PSA_ECC_CURVE_CURVE25519, PSA_ECC_CURVE_MONTGOMERY ); + TEST_EQUAL( PSA_ECC_CURVE_CURVE448, PSA_ECC_CURVE_MONTGOMERY ); + + TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_GROUP_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_GROUP_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_GROUP_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_GROUP_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_GROUP_RFC7919 ); +#endif } /* END_CASE */ From f65ed6f25416b6786053658f88be7b3167d389ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2019 17:18:41 +0100 Subject: [PATCH 2132/2197] Change key types to a 16-bit encoding All key types now have an encoding on 32 bits where the bottom 16 bits are zero. Change to using 16 bits only. Keep 32 bits for key types in storage, but move the significant half-word from the top to the bottom. Likewise, change EC curve and DH group families from 32 bits out of which the top 8 and bottom 16 bits are zero, to 8 bits only. Reorder psa_core_key_attributes_t to avoid padding. --- include/psa/crypto_extra.h | 8 +-- include/psa/crypto_struct.h | 4 +- include/psa/crypto_types.h | 6 +- include/psa/crypto_values.h | 70 +++++++++---------- library/pkwrite.c | 2 +- library/psa_crypto.c | 5 -- library/psa_crypto_storage.c | 13 +++- programs/psa/psa_constant_names.c | 8 +-- scripts/generate_psa_constants.py | 2 +- tests/scripts/test_psa_constant_names.py | 6 +- .../test_suite_psa_crypto_persistent_key.data | 10 +-- ...t_suite_psa_crypto_persistent_key.function | 2 +- 12 files changed, 68 insertions(+), 68 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index fa931111d..817b3d2e4 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -329,7 +329,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60040000) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x6004) /** DSA key pair (private and public key). * @@ -347,7 +347,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x70040000) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7004) /** Whether a key type is an DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ @@ -418,9 +418,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes * from domain parameters set by psa_set_key_domain_parameters(). */ -/* This value is a deprecated value meaning an explicit curve in the IANA - * registry. */ -#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0xff01) +#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x80) /** diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 9f55484e2..938abd07b 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -330,14 +330,14 @@ typedef uint16_t psa_key_attributes_flag_t; typedef struct { psa_key_type_t type; + psa_key_bits_t bits; psa_key_lifetime_t lifetime; psa_key_id_t id; psa_key_policy_t policy; - psa_key_bits_t bits; psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, PSA_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0} struct psa_key_attributes_s { diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index b951cd5f5..ca48d60dc 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -63,7 +63,7 @@ typedef int32_t psa_status_t; /** \brief Encoding of a key type. */ -typedef uint32_t psa_key_type_t; +typedef uint16_t psa_key_type_t; /** The type of PSA elliptic curve family identifiers. * @@ -71,7 +71,7 @@ typedef uint32_t psa_key_type_t; * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() * macros. */ -typedef uint32_t psa_ecc_curve_t; +typedef uint8_t psa_ecc_curve_t; /** The type of PSA Diffie-Hellman group family identifiers. * @@ -79,7 +79,7 @@ typedef uint32_t psa_ecc_curve_t; * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() * macros. */ -typedef uint32_t psa_dh_group_t; +typedef uint8_t psa_dh_group_t; /** \brief Encoding of a cryptographic algorithm. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 39e1e3824..5167f256c 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -282,7 +282,7 @@ * * Zero is not the encoding of any key type. */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000) +#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000) /** Vendor-defined key type flag. * @@ -291,15 +291,15 @@ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * respect the bitwise structure used by standard encodings whenever practical. */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000) +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000) -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000) +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x4000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x5000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x6000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000) -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000) +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x1000) /** Whether a key type is vendor-defined. * @@ -313,7 +313,7 @@ * This encompasses both symmetric keys and non-key data. */ #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \ + (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x1000) == \ PSA_KEY_TYPE_CATEGORY_SYMMETRIC) /** Whether a key type is asymmetric: either a key pair or a public key. */ @@ -357,7 +357,7 @@ * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50010000) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x5001) /** HMAC key. * @@ -367,21 +367,21 @@ * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_SIZE(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x5100) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x5200) /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x44020000) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x4402) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -392,17 +392,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x43020000) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x4302) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x44040000) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x4404) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40020000) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x4002) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -411,19 +411,19 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x40040000) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x4004) /** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60020000) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x6002) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x70020000) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7002) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x61000000) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x71000000) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ffffff) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x6100) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff) /** Elliptic curve key pair. * * \param curve A value of type ::psa_ecc_curve_t that identifies the @@ -466,7 +466,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECP_K1 ((psa_ecc_curve_t) 0x160000) +#define PSA_ECC_CURVE_SECP_K1 ((psa_ecc_curve_t) 0x16) /** SEC random curves over prime fields. * @@ -476,9 +476,9 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECP_R1 ((psa_ecc_curve_t) 0x120000) +#define PSA_ECC_CURVE_SECP_R1 ((psa_ecc_curve_t) 0x12) /* SECP160R2 (SEC2 v1, obsolete) */ -#define PSA_ECC_CURVE_SECP_R2 ((psa_ecc_curve_t) 0x1a0000) +#define PSA_ECC_CURVE_SECP_R2 ((psa_ecc_curve_t) 0x1a) /** SEC Koblitz curves over binary fields. * @@ -488,7 +488,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECT_K1 ((psa_ecc_curve_t) 0x260000) +#define PSA_ECC_CURVE_SECT_K1 ((psa_ecc_curve_t) 0x26) /** SEC random curves over binary fields. * @@ -498,7 +498,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECT_R1 ((psa_ecc_curve_t) 0x220000) +#define PSA_ECC_CURVE_SECT_R1 ((psa_ecc_curve_t) 0x22) /** SEC additional random curves over binary fields. * @@ -508,7 +508,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECT_R2 ((psa_ecc_curve_t) 0x2a0000) +#define PSA_ECC_CURVE_SECT_R2 ((psa_ecc_curve_t) 0x2a) /** Brainpool P random curves. * @@ -517,7 +517,7 @@ * brainpoolP320r1, brainpoolP384r1, brainpoolP512r1. * It is defined in RFC 5639. */ -#define PSA_ECC_CURVE_BRAINPOOL_P_R1 ((psa_ecc_curve_t) 0x300000) +#define PSA_ECC_CURVE_BRAINPOOL_P_R1 ((psa_ecc_curve_t) 0x30) /** Curve25519 and Curve448. * @@ -529,11 +529,11 @@ * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. */ -#define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x400000) +#define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x40) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x62000000) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x72000000) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ffffff) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x6200) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) /** Diffie-Hellman key pair. * * \param group A value of type ::psa_dh_group_t that identifies the @@ -574,10 +574,10 @@ * 2048, 3072, 4096, 6144, 8192. A given implementation may support * all of these sizes or only a subset. */ -#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x020000) +#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x02) #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \ - (((type) >> 24) & 7) + (((type) >> 8) & 7) /** The block size of a block cipher. * * \param type A cipher key type (value of type #psa_key_type_t). diff --git a/library/pkwrite.c b/library/pkwrite.c index 4fa542415..b1b5f4685 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -282,7 +282,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si bits = psa_get_key_bits( &attributes ); psa_reset_key_attributes( &attributes ); - curve = PSA_KEY_TYPE_GET_CURVE( key_type ) & 0xff0000; + curve = PSA_KEY_TYPE_GET_CURVE( key_type ); if( curve == 0 ) return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 63fbaed02..203b6de26 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -427,11 +427,6 @@ psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, size_t byte_length ) { - if( ( curve & 0xffff ) != 0 ) - { - if( PSA_BITS_TO_BYTES( curve & 0xffff ) != byte_length ) - return( MBEDTLS_ECP_DP_NONE ); - } switch( curve ) { case PSA_ECC_CURVE_SECP_R1: diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 1389fd451..fa1214c86 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -259,7 +259,9 @@ typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; uint8_t lifetime[sizeof( psa_key_lifetime_t )]; - uint8_t type[sizeof( psa_key_type_t )]; + uint8_t type[4]; /* Size=4 for a 2-byte type to keep the structure more + * regular and aligned and to make potential future + * extensibility easier. */ uint8_t policy[sizeof( psa_key_policy_t )]; uint8_t data_len[4]; uint8_t key_data[]; @@ -276,7 +278,7 @@ void psa_format_key_data_for_storage( const uint8_t *data, memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); PUT_UINT32_LE( 0, storage_format->version, 0 ); PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - PUT_UINT32_LE( attr->type, storage_format->type, 0 ); + PUT_UINT32_LE( (uint32_t) attr->type, storage_format->type, 0 ); PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); @@ -302,6 +304,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, const psa_persistent_key_storage_format *storage_format = (const psa_persistent_key_storage_format *)storage_data; uint32_t version; + uint32_t type; if( storage_data_length < sizeof(*storage_format) ) return( PSA_ERROR_STORAGE_FAILURE ); @@ -332,7 +335,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, } GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - GET_UINT32_LE( attr->type, storage_format->type, 0 ); + GET_UINT32_LE( type, storage_format->type, 0 ); + if( type <= (psa_key_type_t) -1 ) + attr->type = (psa_key_type_t) type; + else + return( PSA_ERROR_STORAGE_FAILURE ); GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 73692d022..d8ffd46cf 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -80,7 +80,7 @@ static void append_with_curve(char **buffer, size_t buffer_size, curve_name, strlen(curve_name)); } else { append_integer(buffer, buffer_size, required_size, - "0x%04x", curve); + "0x%02x", curve); } append(buffer, buffer_size, required_size, ")", 1); } @@ -98,7 +98,7 @@ static void append_with_group(char **buffer, size_t buffer_size, group_name, strlen(group_name)); } else { append_integer(buffer, buffer_size, required_size, - "0x%04x", group); + "0x%02x", group); } append(buffer, buffer_size, required_size, ")", 1); } @@ -144,7 +144,7 @@ static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, { const char *name = psa_ecc_curve_name(curve); if (name == NULL) { - return snprintf(buffer, buffer_size, "0x%04x", (unsigned) curve); + return snprintf(buffer, buffer_size, "0x%02x", (unsigned) curve); } else { size_t length = strlen(name); if (length < buffer_size) { @@ -161,7 +161,7 @@ static int psa_snprint_dh_group(char *buffer, size_t buffer_size, { const char *name = psa_dh_group_name(group); if (name == NULL) { - return snprintf(buffer, buffer_size, "0x%04x", (unsigned) group); + return snprintf(buffer, buffer_size, "0x%02x", (unsigned) group); } else { size_t length = strlen(name); if (length < buffer_size) { diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index a9de148d7..c6bd9b6a0 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -61,7 +61,7 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size, default: %(key_type_code)s{ return snprintf(buffer, buffer_size, - "0x%%08lx", (unsigned long) type); + "0x%%04x", (unsigned) type); } break; } diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 1ea35596b..c02555e88 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -75,9 +75,9 @@ class Inputs: # Sets of names per type self.statuses = set(['PSA_SUCCESS']) self.algorithms = set(['0xffffffff']) - self.ecc_curves = set(['0xffff']) - self.dh_groups = set(['0xffff']) - self.key_types = set(['0xffffffff']) + self.ecc_curves = set(['0xff']) + self.dh_groups = set(['0xff']) + self.key_types = set(['0xffff']) self.key_usage_flags = set(['0x80000000']) # Hard-coded value for unknown algorithms self.hash_algorithms = set(['0x010000fe']) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 2b9e5be6d..0bbc7f0ed 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,17 +1,17 @@ Format for storage: RSA private key -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN Parse storage: RSA private key -parse_storage_data_check:"505341004b455900000000000100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS +parse_storage_data_check:"505341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS Parse storage: wrong version -parse_storage_data_check:"505341004b455900ffffffff0100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff0100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: data too big -parse_storage_data_check:"505341004b455900000000000100000000000270010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900000000000100000002700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: bad magic -parse_storage_data_check:"645341004b455900000000000100000000000270010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: truncated magic parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index d4163cdf7..4edc6979c 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -13,7 +13,7 @@ typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; uint8_t lifetime[sizeof( psa_key_lifetime_t )]; - uint8_t type[sizeof( psa_key_type_t )]; + uint8_t type[4]; uint8_t policy[sizeof( psa_key_policy_t )]; uint8_t data_len[4]; uint8_t key_data[]; From 46e6f9de4a80f440da4138d4ef642e1ca0e3938f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2019 17:24:43 +0100 Subject: [PATCH 2133/2197] Document the vendor range for EC curve and DH group families --- include/psa/crypto_types.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index ca48d60dc..d96c66e5c 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -70,6 +70,9 @@ typedef uint16_t psa_key_type_t; * The curve identifier is required to create an ECC key using the * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() * macros. + * + * Values defined by this standard will never be in the range 0x80-0xff. + * Vendors who define additional families must use an encoding in this range. */ typedef uint8_t psa_ecc_curve_t; @@ -78,6 +81,9 @@ typedef uint8_t psa_ecc_curve_t; * The group identifier is required to create an Diffie-Hellman key using the * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() * macros. + * + * Values defined by this standard will never be in the range 0x80-0xff. + * Vendors who define additional families must use an encoding in this range. */ typedef uint8_t psa_dh_group_t; From 7d7c8dc8b00789017099e9f45c44efe5d0b8b7f3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 8 Dec 2019 18:39:53 +0100 Subject: [PATCH 2134/2197] Test parsing invalid key type in storage --- tests/suites/test_suite_psa_crypto_persistent_key.data | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 0bbc7f0ed..7accdf6b4 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -4,6 +4,12 @@ format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe Parse storage: RSA private key parse_storage_data_check:"505341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS +Parse storage: AES-128 key +parse_storage_data_check:"505341004b45590000000000010000000244000000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS + +Parse storage: type out of range +parse_storage_data_check:"505341004b45590000000000010000000244010000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_ERROR_STORAGE_FAILURE + Parse storage: wrong version parse_storage_data_check:"505341004b455900ffffffff0100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE From 7cfcb3fc03744d9a1b2518ed26a128fa589782d6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2019 18:58:44 +0100 Subject: [PATCH 2135/2197] Change the encoding of key types to have a parity bit Change the encoding of key types, EC curve families and DH group families to make the low-order bit a parity bit (with even parity). This ensures that distinct key type values always have a Hamming distance of at least 2, which makes it easier for implementations to resist single bit flips. --- include/psa/crypto_extra.h | 6 +-- include/psa/crypto_values.h | 48 +++++++++---------- .../test_suite_psa_crypto_metadata.function | 18 +++++++ .../test_suite_psa_crypto_persistent_key.data | 14 +++--- 4 files changed, 52 insertions(+), 34 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 817b3d2e4..e9fa31189 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -329,7 +329,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x6004) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002) /** DSA key pair (private and public key). * @@ -347,7 +347,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7004) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002) /** Whether a key type is an DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ @@ -418,7 +418,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes * from domain parameters set by psa_set_key_domain_parameters(). */ -#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x80) +#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x7e) /** diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5167f256c..baaabff1e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -294,12 +294,12 @@ #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000) #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x4000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x5000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x6000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000) #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000) -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x1000) +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000) /** Whether a key type is vendor-defined. * @@ -313,8 +313,8 @@ * This encompasses both symmetric keys and non-key data. */ #define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \ - (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x1000) == \ - PSA_KEY_TYPE_CATEGORY_SYMMETRIC) + (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_RAW || \ + ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC) /** Whether a key type is asymmetric: either a key pair or a public key. */ #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \ @@ -357,7 +357,7 @@ * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x5001) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001) /** HMAC key. * @@ -367,21 +367,21 @@ * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_SIZE(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x5100) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x5200) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200) /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x4402) +#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -392,17 +392,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x4302) +#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x4404) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403) /** Key for the RC4 stream cipher. * * Note that RC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x4002) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -411,17 +411,17 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x4004) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004) /** RSA public key. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x6002) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001) /** RSA key pair (private and public key). */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7002) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x6100) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100) #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff) /** Elliptic curve key pair. @@ -466,7 +466,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECP_K1 ((psa_ecc_curve_t) 0x16) +#define PSA_ECC_CURVE_SECP_K1 ((psa_ecc_curve_t) 0x17) /** SEC random curves over prime fields. * @@ -478,7 +478,7 @@ */ #define PSA_ECC_CURVE_SECP_R1 ((psa_ecc_curve_t) 0x12) /* SECP160R2 (SEC2 v1, obsolete) */ -#define PSA_ECC_CURVE_SECP_R2 ((psa_ecc_curve_t) 0x1a) +#define PSA_ECC_CURVE_SECP_R2 ((psa_ecc_curve_t) 0x1b) /** SEC Koblitz curves over binary fields. * @@ -488,7 +488,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECT_K1 ((psa_ecc_curve_t) 0x26) +#define PSA_ECC_CURVE_SECT_K1 ((psa_ecc_curve_t) 0x27) /** SEC random curves over binary fields. * @@ -508,7 +508,7 @@ * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf */ -#define PSA_ECC_CURVE_SECT_R2 ((psa_ecc_curve_t) 0x2a) +#define PSA_ECC_CURVE_SECT_R2 ((psa_ecc_curve_t) 0x2b) /** Brainpool P random curves. * @@ -529,9 +529,9 @@ * _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. * The algorithm #PSA_ALG_ECDH performs X448 when used with this curve. */ -#define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x40) +#define PSA_ECC_CURVE_MONTGOMERY ((psa_ecc_curve_t) 0x41) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x6200) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) /** Diffie-Hellman key pair. @@ -574,7 +574,7 @@ * 2048, 3072, 4096, 6144, 8192. A given implementation may support * all of these sizes or only a subset. */ -#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x02) +#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x03) #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \ (((type) >> 8) & 7) diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 880105860..ed41f3bc5 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -56,6 +56,18 @@ #define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) ) +/* Check the parity of value. + * Return 0 if value has even parity and a nonzero value otherwise. */ +int test_parity( uint32_t value ) +{ + value ^= value >> 16; + value ^= value >> 8; + value ^= value >> 4; + return( 0x9669 & 1 << ( value & 0xf ) ); +} +#define TEST_PARITY( value ) \ + TEST_ASSERT( test_parity( value ) ) + void algorithm_classification( psa_algorithm_t alg, unsigned flags ) { TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags ); @@ -113,6 +125,8 @@ void key_type_classification( psa_key_type_t type, unsigned flags ) ( PSA_KEY_TYPE_IS_DH( type ) && PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); + TEST_PARITY( type ); + exit: ; } @@ -483,6 +497,8 @@ void ecc_key_family( int curve_arg ) psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve ); + test_parity( curve ); + test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY ); test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR ); @@ -498,6 +514,8 @@ void dh_key_family( int group_arg ) psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group ); + test_parity( group ); + test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY ); test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR ); diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 7accdf6b4..e0fba02c8 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,23 +1,23 @@ Format for storage: RSA private key -format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN +format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN Parse storage: RSA private key -parse_storage_data_check:"505341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS +parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS Parse storage: AES-128 key -parse_storage_data_check:"505341004b45590000000000010000000244000000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS +parse_storage_data_check:"505341004b45590000000000010000000024000000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS Parse storage: type out of range -parse_storage_data_check:"505341004b45590000000000010000000244010000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b45590000000000010000000024010000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_ERROR_STORAGE_FAILURE Parse storage: wrong version -parse_storage_data_check:"505341004b455900ffffffff0100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900ffffffff0100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: data too big -parse_storage_data_check:"505341004b455900000000000100000002700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: bad magic -parse_storage_data_check:"645341004b455900000000000100000002700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE +parse_storage_data_check:"645341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE Parse storage: truncated magic parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE From 3e819b7d690416cd24d66a7a605e26b3f7b6b77f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 20 Dec 2019 14:09:55 +0100 Subject: [PATCH 2136/2197] psa_key_agreement_ecdh: zeroize output on failure If psa_key_agreement_ecdh fails, there may be output that leaks sensitive information in the output buffer. Zeroize it. If this is due to an underlying failure in the ECDH implementation, it is currently not an issue since both the traditional Mbed TLS/Crypto implementation and Everest only write to the output buffer once every intermediate step has succeeded, but zeroizing is more robust. If this is because the recently added key size check fails, a leak could be a serious issue. --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 203b6de26..72ecdde21 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5343,6 +5343,8 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, status = PSA_ERROR_CORRUPTION_DETECTED; exit: + if( status != PSA_SUCCESS ) + mbedtls_platform_zeroize( shared_secret, shared_secret_size ); mbedtls_ecdh_free( &ecdh ); mbedtls_ecp_keypair_free( their_key ); mbedtls_free( their_key ); From cba7122d74fce7bc73f457920c818b12009766f6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 11 Sep 2019 14:15:10 +0100 Subject: [PATCH 2137/2197] ASN.1: Add helper macro to detect string types --- include/mbedtls/asn1.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 1c6683f63..1cfd414e3 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -90,6 +90,18 @@ #define MBEDTLS_ASN1_CONSTRUCTED 0x20 #define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80 +/* Slightly smaller way to check if tag is a string tag + * compared to canonical implementation. */ +#define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \ + ( ( tag ) < 32u && ( \ + ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \ + ( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \ + ( 1u << MBEDTLS_ASN1_T61_STRING ) | \ + ( 1u << MBEDTLS_ASN1_IA5_STRING ) | \ + ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \ + ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \ + ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) ) + /* * Bit masks for each of the components of an ASN.1 tag as specified in * ITU X.690 (08/2015), section 8.1 "General rules for encoding", From 63e38fe9147070d99e2d3c841dddf2274daa85c2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 11 Sep 2019 14:16:40 +0100 Subject: [PATCH 2138/2197] ASN.1: Add helper macro to compare ASN.1 buffer to OID string --- include/mbedtls/asn1.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 1cfd414e3..5f15ddbe8 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -132,6 +132,10 @@ ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) +#define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \ + ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \ + memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 ) + #ifdef __cplusplus extern "C" { #endif From 12ae27dd0e073ddca62afae953cb0b6a046e3692 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 11 Sep 2019 14:20:09 +0100 Subject: [PATCH 2139/2197] ASN.1: Introduce helper function to free ASN.1 sequence --- include/mbedtls/asn1.h | 25 ++++++++++++++++++++++ library/asn1parse.c | 11 +++++++++- tests/suites/test_suite_asn1parse.function | 10 ++------- 3 files changed, 37 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 5f15ddbe8..43ab9ae4d 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -343,6 +343,9 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, * \brief Parses and splits an ASN.1 "SEQUENCE OF ". * Updates the pointer to immediately behind the full sequence tag. * + * This function allocates memory for the sequence elements. You can free + * the allocated memory with mbedtls_asn1_sequence_free(). + * * \note On error, this function may return a partial list in \p cur. * You must set `cur->next = NULL` before calling this function! * Otherwise it is impossible to distinguish a previously non-null @@ -384,6 +387,28 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, const unsigned char *end, mbedtls_asn1_sequence *cur, int tag ); +/** + * \brief Free a heap-allocated linked list presentation of + * an ASN.1 sequence, including the first element. + * + * There are two common ways to manage the memory used for the representation + * of a parsed ASN.1 sequence: + * - Allocate a head node `mbedtls_asn1_sequence *head` with mbedtls_calloc(). + * Pass this node as the `cur` argument to mbedtls_asn1_get_sequence_of(). + * When you have finished processing the sequence, + * call mbedtls_asn1_sequence_free() on `head`. + * - Allocate a head node `mbedtls_asn1_sequence *head` in any manner, + * for example on the stack. Make sure that `head->next == NULL`. + * Pass `head` as the `cur` argument to mbedtls_asn1_get_sequence_of(). + * When you have finished processing the sequence, + * call mbedtls_asn1_sequence_free() on `head->cur`, + * then free `head` itself in the appropriate manner. + * + * \param seq The address of the first sequence component. This may + * be \c NULL, in which case this functions returns + * immediately. + */ +void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); #if defined(MBEDTLS_BIGNUM_C) /** diff --git a/library/asn1parse.c b/library/asn1parse.c index e7e4d13f6..3105d32b3 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -269,7 +269,16 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end return( 0 ); } - +void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ) +{ + while( seq != NULL ) + { + mbedtls_asn1_sequence *next = seq->next; + mbedtls_platform_zeroize( seq, sizeof( *seq ) ); + mbedtls_free( seq ); + seq = next; + } +} /* * Parses and splits an ASN.1 "SEQUENCE OF " diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index f07fd409d..898f7297d 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -508,7 +508,7 @@ void get_sequence_of( const data_t *input, int tag, int expected_result ) { mbedtls_asn1_sequence head = { { 0, 0, NULL }, NULL }; - mbedtls_asn1_sequence *cur, *next; + mbedtls_asn1_sequence *cur; unsigned char *p = input->x; const char *rest = description; unsigned long n; @@ -549,13 +549,7 @@ void get_sequence_of( const data_t *input, int tag, } exit: - cur = head.next; - while( cur != NULL ) - { - next = cur->next; - mbedtls_free( cur ); - cur = next; - } + mbedtls_asn1_sequence_free( head.next ); } /* END_CASE */ From b5c74a53d816c3af7d95e40d10751173525e18c7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 30 Oct 2019 17:07:02 +0100 Subject: [PATCH 2140/2197] Document one more error code for mbedtls_asn1_get_sequence_of Also fix a copypasta. --- include/mbedtls/asn1.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 43ab9ae4d..0a2727e12 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -379,9 +379,12 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, * \return 0 if successful. * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input contains * extra data after a valid SEQUENCE OF \p tag. + * \return #MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the input starts with + * an ASN.1 SEQUENCE in which an element has a tag that + * is different from \p tag. * \return #MBEDTLS_ERR_ASN1_ALLOC_FAILED if a memory allocation failed. * \return An ASN.1 error code if the input does not start with - * a valid ASN.1 BIT STRING. + * a valid ASN.1 SEQUENCE. */ int mbedtls_asn1_get_sequence_of( unsigned char **p, const unsigned char *end, From 199b709e538161b1f7742b6f1f01618f72bc1b85 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 11 Sep 2019 14:21:26 +0100 Subject: [PATCH 2141/2197] ASN.1: Add ASN.1 SEQUENCE traversal API --- include/mbedtls/asn1.h | 94 ++++++++++++++++++++++ library/asn1parse.c | 52 ++++++++++++ tests/suites/test_suite_asn1parse.data | 54 +++++++++++++ tests/suites/test_suite_asn1parse.function | 83 +++++++++++++++++++ 4 files changed, 283 insertions(+) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 0a2727e12..07fbe56a2 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -413,6 +413,100 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, */ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); +/** + * \brief Traverse an ASN.1 SEQUENCE container and + * call a callback for each entry. + * + * This function checks that the input is a SEQUENCE of elements that + * each have a "must" tag, and calls a callback function on the elements + * that have a "may" tag. + * + * For example, to validate that the input is a SEQUENCE of `tag1` and call + * `cb` on each element, use + * ``` + * mbedtls_asn1_traverse_sequence_of(&p, end, 0xff, tag1, 0, 0, cb, ctx); + * ``` + * + * To validate that the input is a SEQUENCE of ANY and call `cb` on + * each element, use + * ``` + * mbedtls_asn1_traverse_sequence_of(&p, end, 0, 0, 0, 0, cb, ctx); + * ``` + * + * To validate that the input is a SEQUENCE of CHOICE {NULL, OCTET STRING} + * and call `cb` on each element that is an OCTET STRING, use + * ``` + * mbedtls_asn1_traverse_sequence_of(&p, end, 0xfe, 0x04, 0xff, 0x04, cb, ctx); + * ``` + * + * The callback is called on the elements with a "may" tag from left to + * right. If the input is not a valid SEQUENCE of elements with a "must" tag, + * the callback is called on the elements up to the leftmost point where + * the input is invalid. + * + * \warning This function is still experimental and may change + * at any time. + * + * \param p The address of the pointer to the beginning of + * the ASN.1 SEQUENCE header. This is updated to + * point to the end of the ASN.1 SEQUENCE container + * on a successful invocation. + * \param end The end of the ASN.1 SEQUENCE container. + * \param tag_must_mask A mask to be applied to the ASN.1 tags found within + * the SEQUENCE before comparing to \p tag_must_value. + * \param tag_must_val The required value of each ASN.1 tag found in the + * SEQUENCE, after masking with \p tag_must_mask. + * Mismatching tags lead to an error. + * For example, a value of \c 0 for both \p tag_must_mask + * and \p tag_must_val means that every tag is allowed, + * while a value of \c 0xFF for \p tag_must_mask means + * that \p tag_must_val is the only allowed tag. + * \param tag_may_mask A mask to be applied to the ASN.1 tags found within + * the SEQUENCE before comparing to \p tag_may_value. + * \param tag_may_val The desired value of each ASN.1 tag found in the + * SEQUENCE, after masking with \p tag_may_mask. + * Mismatching tags will be silently ignored. + * For example, a value of \c 0 for \p tag_may_mask and + * \p tag_may_val means that any tag will be considered, + * while a value of \c 0xFF for \p tag_may_mask means + * that all tags with value different from \p tag_may_val + * will be ignored. + * \param cb The callback to trigger for each component + * in the ASN.1 SEQUENCE that matches \p tag_may_val. + * The callback function is called with the following + * parameters: + * - \p ctx. + * - The tag of the current element. + * - A pointer to the start of the current element's + * content inside the input. + * - The length of the content of the current element. + * If the callback returns a non-zero value, + * the function stops immediately, + * forwarding the callback's return value. + * \param ctx The context to be passed to the callback \p cb. + * + * \return \c 0 if successful the entire ASN.1 SEQUENCE + * was traversed without parsing or callback errors. + * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input + * contains extra data after a valid SEQUENCE + * of elements with an accepted tag. + * \return #MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the input starts + * with an ASN.1 SEQUENCE in which an element has a tag + * that is not accepted. + * \return An ASN.1 error code if the input does not start with + * a valid ASN.1 SEQUENCE. + * \return A non-zero error code forwarded from the callback + * \p cb in case the latter returns a non-zero value. + */ +int mbedtls_asn1_traverse_sequence_of( + unsigned char **p, + const unsigned char *end, + uint8_t tag_must_mask, uint8_t tag_must_val, + uint8_t tag_may_mask, uint8_t tag_may_val, + int (*cb)( void *ctx, int tag, + unsigned char* start, size_t len ), + void *ctx ); + #if defined(MBEDTLS_BIGNUM_C) /** * \brief Retrieve an integer ASN.1 tag and its value. diff --git a/library/asn1parse.c b/library/asn1parse.c index 3105d32b3..8506b49ae 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -247,6 +247,58 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, return( 0 ); } +/* + * Traverse an ASN.1 "SEQUENCE OF " + * and call a callback for each entry found. + */ +int mbedtls_asn1_traverse_sequence_of( + unsigned char **p, + const unsigned char *end, + uint8_t tag_must_mask, uint8_t tag_must_val, + uint8_t tag_may_mask, uint8_t tag_may_val, + int (*cb)( void *ctx, int tag, + unsigned char *start, size_t len ), + void *ctx ) +{ + int ret; + size_t len; + + /* Get main sequence tag */ + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + return( ret ); + } + + if( *p + len != end ) + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + while( *p < end ) + { + unsigned char const tag = *(*p)++; + + if( ( tag & tag_must_mask ) != tag_must_val ) + return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + + if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 ) + return( ret ); + + if( ( tag & tag_may_mask ) == tag_may_val ) + { + if( cb != NULL ) + { + ret = cb( ctx, tag, *p, len ); + if( ret != 0 ) + return( ret ); + } + } + + *p += len; + } + + return( 0 ); +} + /* * Get a bit string without unused bits */ diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index e26f93af7..6a66ee9f5 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -481,6 +481,60 @@ get_sequence_of:"1000":0x04:"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG Not a SEQUENCE (not SEQUENCE) get_sequence_of:"3100":0x04:"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +Traverse empty SEQUENCE +traverse_sequence_of:"3000":0:0:0:0:"":0 + +Traverse empty SEQUENCE plus trailing garbage +traverse_sequence_of:"30007e":0:0:0:0:"":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +Traverse SEQUENCE of INTEGER: 1 INTEGER +traverse_sequence_of:"30050203123456":0xff:0x02:0:0:"4,0x02,3":0 + +Traverse SEQUENCE of INTEGER: 2 INTEGERs +traverse_sequence_of:"30080203123456020178":0xff:0x02:0:0:"4,0x02,3,9,0x02,1":0 + +Traverse SEQUENCE of INTEGER: INTEGER, NULL +traverse_sequence_of:"300702031234560500":0xff:0x02:0:0:"4,0x02,3":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Traverse SEQUENCE of INTEGER: NULL, INTEGER +traverse_sequence_of:"300705000203123456":0xff:0x02:0:0:"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Traverse SEQUENCE of ANY: NULL, INTEGER +traverse_sequence_of:"300705000203123456":0:0:0:0:"4,0x05,0,6,0x02,3":0 + +Traverse SEQUENCE of ANY, skip non-INTEGER: INTEGER, NULL +traverse_sequence_of:"300702031234560500":0:0:0xff:0x02:"4,0x02,3":0 + +Traverse SEQUENCE of ANY, skip non-INTEGER: NULL, INTEGER +traverse_sequence_of:"300705000203123456":0:0:0xff:0x02:"6,0x02,3":0 + +Traverse SEQUENCE of INTEGER, skip everything +traverse_sequence_of:"30080203123456020178":0xff:0x02:0:1:"":0 + +Traverse SEQUENCE of {NULL, OCTET STRING}, skip NULL: OS, NULL +traverse_sequence_of:"300704031234560500":0xfe:0x04:0xff:0x04:"4,0x04,3":0 + +Traverse SEQUENCE of {NULL, OCTET STRING}, skip NULL: NULL, OS +traverse_sequence_of:"300705000403123456":0xfe:0x04:0xff:0x04:"6,0x04,3":0 + +Traverse SEQUENCE of {NULL, OCTET STRING}, skip everything +traverse_sequence_of:"300705000403123456":0xfe:0x04:0:1:"":0 + +Traverse SEQUENCE of INTEGER, stop at 0: NULL +traverse_sequence_of:"30020500":0xff:0x02:0:0:"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Traverse SEQUENCE of INTEGER, stop at 0: INTEGER +traverse_sequence_of:"30050203123456":0xff:0x02:0:0:"":RET_TRAVERSE_STOP + +Traverse SEQUENCE of INTEGER, stop at 0: INTEGER, NULL +traverse_sequence_of:"300702031234560500":0xff:0x02:0:0:"":RET_TRAVERSE_STOP + +Traverse SEQUENCE of INTEGER, stop at 1: INTEGER, NULL +traverse_sequence_of:"300702031234560500":0xff:0x02:0:0:"4,0x02,3":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +Traverse SEQUENCE of INTEGER, stop at 1: INTEGER, INTEGER +traverse_sequence_of:"30080203123456020178":0xff:0x02:0:0:"4,0x02,3":RET_TRAVERSE_STOP + AlgorithmIdentifier, no params get_alg:"300506034f4944":4:3:0:0:0:7:0 diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 898f7297d..3419f03b5 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -170,6 +170,53 @@ exit: return( 0 ); } +typedef struct +{ + const unsigned char *input_start; + const char *description; +} traverse_state_t; + +/* Value returned by traverse_callback if description runs out. */ +#define RET_TRAVERSE_STOP 1 +/* Value returned by traverse_callback if description has an invalid format + * (see traverse_sequence_of). */ +#define RET_TRAVERSE_ERROR 2 + + +static int traverse_callback( void *ctx, int tag, + unsigned char *content, size_t len ) +{ + traverse_state_t *state = ctx; + size_t offset; + const char *rest = state->description; + unsigned long n; + + TEST_ASSERT( content > state->input_start ); + offset = content - state->input_start; + test_set_step( offset ); + + if( *rest == 0 ) + return( RET_TRAVERSE_STOP ); + n = strtoul( rest, (char **) &rest, 0 ); + TEST_EQUAL( n, offset ); + TEST_EQUAL( *rest, ',' ); + ++rest; + n = strtoul( rest, (char **) &rest, 0 ); + TEST_EQUAL( n, (unsigned) tag ); + TEST_EQUAL( *rest, ',' ); + ++rest; + n = strtoul( rest, (char **) &rest, 0 ); + TEST_EQUAL( n, len ); + if( *rest == ',' ) + ++rest; + + state->description = rest; + return( 0 ); + +exit: + return( RET_TRAVERSE_ERROR ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -507,6 +554,13 @@ void get_sequence_of( const data_t *input, int tag, const char *description, int expected_result ) { + /* The description string is a comma-separated list of integers. + * For each element in the SEQUENCE in input, description contains + * two integers: the offset of the element (offset from the start + * of input to the tag of the element) and the length of the + * element's contents. + * "offset1,length1,..." */ + mbedtls_asn1_sequence head = { { 0, 0, NULL }, NULL }; mbedtls_asn1_sequence *cur; unsigned char *p = input->x; @@ -553,6 +607,35 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void traverse_sequence_of( const data_t *input, + int tag_must_mask, int tag_must_val, + int tag_may_mask, int tag_may_val, + const char *description, + int expected_result ) +{ + /* The description string is a comma-separated list of integers. + * For each element in the SEQUENCE in input, description contains + * three integers: the offset of the element's content (offset from + * the start of input to the content of the element), the element's tag, + * and the length of the element's contents. + * "offset1,tag1,length1,..." */ + + unsigned char *p = input->x; + traverse_state_t traverse_state = {input->x, description}; + int ret; + + ret = mbedtls_asn1_traverse_sequence_of( &p, input->x + input->len, + (uint8_t) tag_must_mask, (uint8_t) tag_must_val, + (uint8_t) tag_may_mask, (uint8_t) tag_may_val, + traverse_callback, &traverse_state ); + if( ret == RET_TRAVERSE_ERROR ) + goto exit; + TEST_EQUAL( ret, expected_result ); + TEST_EQUAL( *traverse_state.description, 0 ); +} +/* END_CASE */ + /* BEGIN_CASE */ void get_alg( const data_t *input, int oid_offset, int oid_length, From 1505f636a21b284df8403bd30bf49d19b6f5838c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 11 Sep 2019 14:25:26 +0100 Subject: [PATCH 2142/2197] ASN.1: Reimplement mbedtls_asn1_get_sequence_of() via traversal API --- library/asn1parse.c | 83 ++++++++++++++++++++++----------------------- 1 file changed, 40 insertions(+), 43 deletions(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index 8506b49ae..58fe9efd6 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -332,6 +332,41 @@ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ) } } +typedef struct +{ + int tag; + mbedtls_asn1_sequence *cur; +} asn1_get_sequence_of_cb_ctx_t; + +static int asn1_get_sequence_of_cb( void *ctx, + int tag, + unsigned char *start, + size_t len ) +{ + asn1_get_sequence_of_cb_ctx_t *cb_ctx = + (asn1_get_sequence_of_cb_ctx_t *) ctx; + mbedtls_asn1_sequence *cur = + cb_ctx->cur; + + if( cur->buf.p != NULL ) + { + cur->next = + mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + + if( cur->next == NULL ) + return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + + cur = cur->next; + } + + cur->buf.p = start; + cur->buf.len = len; + cur->buf.tag = tag; + + cb_ctx->cur = cur; + return( 0 ); +} + /* * Parses and splits an ASN.1 "SEQUENCE OF " */ @@ -340,49 +375,11 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, mbedtls_asn1_sequence *cur, int tag) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len; - mbedtls_asn1_buf *buf; - - /* Get main sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); - - if( *p + len != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - while( *p < end ) - { - buf = &(cur->buf); - buf->tag = **p; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &buf->len, tag ) ) != 0 ) - return( ret ); - - buf->p = *p; - *p += buf->len; - - /* Allocate and assign next pointer */ - if( *p < end ) - { - cur->next = (mbedtls_asn1_sequence*)mbedtls_calloc( 1, - sizeof( mbedtls_asn1_sequence ) ); - - if( cur->next == NULL ) - return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); - - cur = cur->next; - } - } - - /* Set final sequence entry's next pointer to NULL */ - cur->next = NULL; - - if( *p != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - - return( 0 ); + asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur }; + memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); + return( mbedtls_asn1_traverse_sequence_of( + p, end, 0xFF, tag, 0, 0, + asn1_get_sequence_of_cb, &cb_ctx ) ); } int mbedtls_asn1_get_alg( unsigned char **p, From 34aada2df5afa941b28e82e5635e7fa8138bc1b7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 3 Feb 2020 10:39:55 +0000 Subject: [PATCH 2143/2197] Replace use of uint8_t by unsigned char in ASN.1 seq traversal API The rest of the ASN.1 API uses `unsigned char`, too. --- include/mbedtls/asn1.h | 4 ++-- library/asn1parse.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 07fbe56a2..33b30041a 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -501,8 +501,8 @@ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); int mbedtls_asn1_traverse_sequence_of( unsigned char **p, const unsigned char *end, - uint8_t tag_must_mask, uint8_t tag_must_val, - uint8_t tag_may_mask, uint8_t tag_may_val, + unsigned char tag_must_mask, unsigned char tag_must_val, + unsigned char tag_may_mask, unsigned char tag_may_val, int (*cb)( void *ctx, int tag, unsigned char* start, size_t len ), void *ctx ); diff --git a/library/asn1parse.c b/library/asn1parse.c index 58fe9efd6..34c660775 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -254,8 +254,8 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_traverse_sequence_of( unsigned char **p, const unsigned char *end, - uint8_t tag_must_mask, uint8_t tag_must_val, - uint8_t tag_may_mask, uint8_t tag_may_val, + unsigned char tag_must_mask, unsigned char tag_must_val, + unsigned char tag_may_mask, unsigned char tag_may_val, int (*cb)( void *ctx, int tag, unsigned char *start, size_t len ), void *ctx ) From 9a6ecee4deb3cf2ab7151a49fd512199b2a8d922 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Feb 2020 16:15:47 +0100 Subject: [PATCH 2144/2197] Move test functions from Lilliput to Blefuscu We normally represent bignums in big-endian order and there is no reason to deviate here. --- tests/suites/test_suite_mpi.function | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 32785c144..2b877b976 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -627,9 +627,9 @@ void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y ) mbedtls_mpi X, Y, X0; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &Y, input_Y->x, input_Y->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X0, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 ); @@ -755,10 +755,10 @@ void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y ) mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &Y, input_Y->x, input_Y->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X0, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &Y0, input_Y->x, input_Y->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 ); mbedtls_mpi_swap( &X, &Y ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); @@ -776,8 +776,8 @@ void mpi_swap_self( data_t *input_X ) mbedtls_mpi X, X0; mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, input_X->x, input_X->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X0, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 ); mbedtls_mpi_swap( &X, &X ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); From a9da093617ef120f42f2aab5d999b8b3cb6b791b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 3 Feb 2020 16:18:30 +0100 Subject: [PATCH 2145/2197] shrink tests: clearer description --- tests/suites/test_suite_mpi.data | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 6dcf575b6..d21e2f7db 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -283,28 +283,28 @@ mpi_swap_self:"face" Swap self: null mpi_swap_self:"" -Shrink 2 in 2 to 4 +Shrink 2 limbs in a buffer of size 2 to 4 mbedtls_mpi_shrink:2:2:4:4 -Shrink 2 in 4 to 4 +Shrink 2 limbs in a buffer of size 4 to 4 mbedtls_mpi_shrink:4:2:4:4 -Shrink 2 in 8 to 4 +Shrink 2 limbs in a buffer of size 8 to 4 mbedtls_mpi_shrink:8:2:4:4 -Shrink 4 in 8 to 4 +Shrink 4 limbs in a buffer of size 8 to 4 mbedtls_mpi_shrink:8:4:4:4 -Shrink 6 in 8 to 4 yielding 6 +Shrink 6 limbs in a buffer of size 8 to 4 yielding 6 mbedtls_mpi_shrink:8:6:4:6 -Shrink 2 in 4 to 0 yielding 2 +Shrink 2 limbs in a buffer of size 4 to 0 yielding 2 mbedtls_mpi_shrink:4:2:0:2 -Shrink 1 in 4 to 0 yielding 1 +Shrink 1 limbs in a buffer of size 4 to 0 yielding 1 mbedtls_mpi_shrink:4:1:0:1 -Shrink 0 in 4 to 0 yielding 1 +Shrink 0 limbs in a buffer of size 4 to 0 yielding 1 mbedtls_mpi_shrink:4:0:0:1 Test mbedtls_mpi_safe_cond_assign #1 From 0a4270d7325e0f76e9e47ec7510d991db47bf289 Mon Sep 17 00:00:00 2001 From: Soby Mathew Date: Mon, 10 Feb 2020 15:20:39 +0000 Subject: [PATCH 2146/2197] Change the compatibility API to inline functions This patch changes the compatibility API defined in crypto_compat.h to static inline functions as the previous macro definitions were causing issues for the C pre-processor when included in projects which need to redefine the PSA function names. Making it static inline function solves this problem neatly and also modern compilers do a good job at inlining the function which makes the need for making it a macro redundant. Signed-off-by: Soby Mathew --- include/psa/crypto_compat.h | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 4926bf5aa..1ed5f052b 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -89,18 +89,28 @@ typedef MBEDTLS_PSA_DEPRECATED psa_dh_group_t mbedtls_deprecated_psa_dh_group_t; /* * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) */ -/* Make these macros and not wrappers so that there is no cost to - * applications that don't use the deprecated names. - * - * Put backslash-newline after "#define" to bypass check-names.sh which - * would otherwise complain about lowercase macro names. - */ -#define \ - psa_asymmetric_sign( key, alg, hash, hash_length, signature, signature_size, signature_length ) \ - ( (mbedtls_deprecated_psa_status_t) psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length ) ) -#define \ - psa_asymmetric_verify( key, alg, hash, hash_length, signature, signature_length ) \ - ( (mbedtls_deprecated_psa_status_t) psa_verify_hash( key, alg, hash, hash_length, signature, signature_length ) ) +MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign( psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + return psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length ); +} + +MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ) +{ + return psa_verify_hash( key, alg, hash, hash_length, signature, signature_length ); +} + + #endif /* MBEDTLS_DEPRECATED_REMOVED */ From a04a2c3ef13643ad7ee1c90f11a3a111dd39ca03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 18 Feb 2020 10:12:14 +0100 Subject: [PATCH 2147/2197] Don't pass zero to rsa_complete() as a param When parsing a PKCS#1 RSAPrivateKey structure, all parameters are always present. After importing them, we need to call rsa_complete() for the sake of alternative implementations. That function interprets zero as a signal for "this parameter was not provided". As that's never the case, we mustn't pass any zero value to that function, so we need to explicitly check for it. --- library/pkparse.c | 81 +++++++++++++++++++++++++++++------------------ 1 file changed, 50 insertions(+), 31 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 7df30fea9..7fb24e843 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -678,6 +678,32 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, } #if defined(MBEDTLS_RSA_C) +/* + * Wrapper around mbedtls_asn1_get_mpi() that rejects zero. + * + * The value zero is: + * - never a valid value for an RSA parameter + * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete(). + * + * Since values can't be omitted in PKCS#1, passing a zero value to + * rsa_complete() would be incorrect, so reject zero values early. + */ +static int asn1_get_nonzero_mpi( unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X ) +{ + int ret; + + ret = mbedtls_asn1_get_mpi( p, end, X ); + if( ret != 0 ) + return( ret ); + + if( mbedtls_mpi_cmp_int( X, 0 ) == 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + + return( 0 ); +} + /* * Parse a PKCS#1 encoded private RSA key */ @@ -730,44 +756,34 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, } /* Import N */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_rsa_import_raw( rsa, p, len, NULL, 0, NULL, 0, - NULL, 0, NULL, 0 ) ) != 0 ) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_rsa_import( rsa, &T, NULL, NULL, + NULL, NULL ) ) != 0 ) goto cleanup; - p += len; /* Import E */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, - NULL, 0, p, len ) ) != 0 ) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL, + NULL, &T ) ) != 0 ) goto cleanup; - p += len; /* Import D */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, - p, len, NULL, 0 ) ) != 0 ) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL, + &T, NULL ) ) != 0 ) goto cleanup; - p += len; /* Import P */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, p, len, NULL, 0, - NULL, 0, NULL, 0 ) ) != 0 ) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_rsa_import( rsa, NULL, &T, NULL, + NULL, NULL ) ) != 0 ) goto cleanup; - p += len; /* Import Q */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ) != 0 || - ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, p, len, - NULL, 0, NULL, 0 ) ) != 0 ) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_rsa_import( rsa, NULL, NULL, &T, + NULL, NULL ) ) != 0 ) goto cleanup; - p += len; #if !defined(MBEDTLS_RSA_NO_CRT) /* @@ -782,22 +798,25 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, */ /* Import DP */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DP ) ) != 0) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_mpi_copy( &rsa->DP, &T ) ) != 0 ) goto cleanup; /* Import DQ */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_mpi_copy( &rsa->DQ, &T ) ) != 0 ) goto cleanup; /* Import QP */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->QP ) ) != 0) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = mbedtls_mpi_copy( &rsa->QP, &T ) ) != 0 ) goto cleanup; #else /* Verify existance of the CRT params */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ) + if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || + ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ) goto cleanup; #endif From c42267920c6601f6174a3bdd0802ff5b1d08e8f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 14 Feb 2020 11:28:47 +0100 Subject: [PATCH 2148/2197] Check public part when parsing private RSA key --- library/pkparse.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 7fb24e843..da9edc973 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -820,9 +820,20 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, goto cleanup; #endif - /* Complete the RSA private key */ - if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 ) + /* rsa_complete() doesn't complete anything with the default + * implementation but is still called: + * - for the benefit of alternative implementation that may want to + * pre-compute stuff beyond what's provided (eg Montgomery factors) + * - as is also sanity-checks the key + * + * Furthermore, we also check the public part for consistency with + * mbedtls_pk_parse_pubkey(), as it includes size minima for example. + */ + if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 || + ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 ) + { goto cleanup; + } if( p != end ) { From b65370f97d88120c39fef88a224736dcb66faf94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 10 Feb 2020 10:50:16 +0100 Subject: [PATCH 2149/2197] Clean up test function pk_parse_key - remove incorrect compile-time dependency (the individual cases already have correct run-time dependency information) - remove unused argument - remove unused stack buffer - remove useless code block --- tests/suites/test_suite_pkparse.data | 16 ++++++++-------- tests/suites/test_suite_pkparse.function | 15 +++------------ 2 files changed, 11 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index fc643a88a..328f3e048 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -1073,32 +1073,32 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MB pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0 Key ASN1 (Incorrect first tag) -pk_parse_key:"":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (RSAPrivateKey, incorrect version tag) depends_on:MBEDTLS_RSA_C -pk_parse_key:"300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"300100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (RSAPrivateKey, version tag missing) depends_on:MBEDTLS_RSA_C -pk_parse_key:"3000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"3000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (RSAPrivateKey, invalid version) depends_on:MBEDTLS_RSA_C -pk_parse_key:"3003020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"3003020101":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (RSAPrivateKey, correct version, incorrect tag) depends_on:MBEDTLS_RSA_C -pk_parse_key:"300402010000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"300402010000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (RSAPrivateKey, values present, length mismatch) depends_on:MBEDTLS_RSA_C -pk_parse_key:"301c02010002010102010102010102010102010102010102010102010100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"301c02010002010102010102010102010102010102010102010102010100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (RSAPrivateKey, values present, check_privkey fails) depends_on:MBEDTLS_RSA_C -pk_parse_key:"301b020100020102020101020101020101020101020101020101020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"301b020100020102020101020101020101020101020101020101020101":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (ECPrivateKey, empty parameters) depends_on:MBEDTLS_ECP_C -pk_parse_key:"30070201010400a000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"30070201010400a000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 3eb0397e6..4650d3311 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -113,23 +113,14 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_parse_key( data_t * buf, char * result_str, int result ) +/* BEGIN_CASE */ +void pk_parse_key( data_t * buf, int result ) { mbedtls_pk_context pk; - unsigned char output[2000]; - ((void) result_str); mbedtls_pk_init( &pk ); - memset( output, 0, 2000 ); - - - TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == ( result ) ); - if( ( result ) == 0 ) - { - TEST_ASSERT( 1 ); - } + TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result ); exit: mbedtls_pk_free( &pk ); From 9bbe328752256d9b38d2f6e98c099526f1687051 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 10 Feb 2020 12:49:50 +0100 Subject: [PATCH 2150/2197] Test each failure mode of pk_parse_key_pkcs1_der() (Only the top-level ones, ie, for each call to eg asn1_get_mpi(), ensure there's at least one test case that makes this call fail in one way, but don't test the various ways to make asn1_get_mpi fail - that should be covered elsewhere.) - the new checks added by the previous commits needed exercising - existing tests sometimes had wrong descriptions or where passing for the wrong reason (eg with the "length mismatch" test, the function actually failed before reaching the length check) - while at it, add tests for the rest as well The valid minimal-size key was generated with: openssl genrsa 128 2>/dev/null | openssl rsa -outform der 2>/dev/null | xxd -p --- tests/suites/test_suite_pkparse.data | 61 +++++++++++++++++++++++++--- 1 file changed, 56 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 328f3e048..91d51977a 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -1072,9 +1072,12 @@ Parse EC Key #15 (SEC1 DER, secp256k1, SpecifiedECDomain) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0 -Key ASN1 (Incorrect first tag) +Key ASN1 (No data) pk_parse_key:"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +Key ASN1 (First tag not Sequence) +pk_parse_key:"020100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + Key ASN1 (RSAPrivateKey, incorrect version tag) depends_on:MBEDTLS_RSA_C pk_parse_key:"300100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT @@ -1091,13 +1094,61 @@ Key ASN1 (RSAPrivateKey, correct version, incorrect tag) depends_on:MBEDTLS_RSA_C pk_parse_key:"300402010000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -Key ASN1 (RSAPrivateKey, values present, length mismatch) +Key ASN1 (RSAPrivateKey, correct format+values, minimal modulus size (128 bit)) depends_on:MBEDTLS_RSA_C -pk_parse_key:"301c02010002010102010102010102010102010102010102010102010100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":0 -Key ASN1 (RSAPrivateKey, values present, check_privkey fails) +Key ASN1 (RSAPrivateKey, correct format, modulus too small (127 bit)) depends_on:MBEDTLS_RSA_C -pk_parse_key:"301b020100020102020101020101020101020101020101020101020101":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +pk_parse_key:"30630201000211007c8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct format, modulus even) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857002030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct format, d == 0) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"30630201000211007c8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct format, d == p == q == 0) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900000000000000000002090000000000000000000209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, trailing garbage) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3064020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c00":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, n wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100FF1100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, e wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c8571FF030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, d wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c85710203010001FF11009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, p wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201FF0900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, q wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61FF0900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, dp wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a211FF09009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, dq wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401FF0813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (RSAPrivateKey, correct values, qp wrong tag) +depends_on:MBEDTLS_RSA_C +pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (ECPrivateKey, empty parameters) depends_on:MBEDTLS_ECP_C From bbb5a0a94a526df1d17bfe02195fb3091031f8b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 18 Feb 2020 10:22:54 +0100 Subject: [PATCH 2151/2197] Fix pkparse bug wrt MBEDTLS_RSA_ALT Some code paths want to access members of the mbedtls_rsa_context structure. We can only do that when using our own implementation, as otherwise we don't know anything about that structure. --- library/pkparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index da9edc973..1cbb8cc33 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -785,7 +785,7 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, NULL, NULL ) ) != 0 ) goto cleanup; -#if !defined(MBEDTLS_RSA_NO_CRT) +#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) /* * The RSA CRT parameters DP, DQ and QP are nominally redundant, in * that they can be easily recomputed from D, P and Q. However by From bc7c2424c9df000848eb211dafc1d068b8c6817c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 19 Feb 2020 11:51:13 +0000 Subject: [PATCH 2152/2197] Bump version to Mbed TLS 2.21.0 --- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 8 ++++---- library/CMakeLists.txt | 2 +- tests/suites/test_suite_version.data | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 7f7ce32a4..2b14a3677 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.20.0" +PROJECT_NAME = "mbed TLS v2.21.0" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index d4e5d5410..35af4cc43 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -39,7 +39,7 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 20 +#define MBEDTLS_VERSION_MINOR 21 #define MBEDTLS_VERSION_PATCH 0 /** @@ -47,9 +47,9 @@ * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x02140000 -#define MBEDTLS_VERSION_STRING "2.20.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.20.0" +#define MBEDTLS_VERSION_NUMBER 0x02150000 +#define MBEDTLS_VERSION_STRING "2.21.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.21.0" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 1d4d371fa..9780b1c5d 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -157,7 +157,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedcrypto SHARED ${src_crypto}) - set_target_properties(mbedcrypto PROPERTIES VERSION 2.20.0 SOVERSION 4) + set_target_properties(mbedcrypto PROPERTIES VERSION 2.21.0 SOVERSION 4) target_link_libraries(mbedcrypto ${libs}) target_include_directories(mbedcrypto PUBLIC ${MBEDTLS_DIR}/include/ diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index ff0612b3b..868fe06d5 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.20.0" +check_compiletime_version:"2.21.0" Check runtime library version -check_runtime_version:"2.20.0" +check_runtime_version:"2.21.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From af997e0088d89ab3b8e9130be61b1957961a03f1 Mon Sep 17 00:00:00 2001 From: Dan Handley Date: Tue, 18 Feb 2020 16:54:24 +0000 Subject: [PATCH 2153/2197] Drop requirement for a CLA The Mbed Crypto project no longer requires a CLA. Contributions from now on must be made under both Apache-2.0 and GPL-2.0-or-later licenses, to enable LTS (Long Term Support) branches of the software to continue to be provided under either Apache-2.0 OR GPL-2.0-or-later. Contributors must accept the terms of the Developer Certificate of Origin (DCO) by adding a Signed-off-by: line to each commit message. The software on the development branch continues to be provided under Apache-2.0. Update README.md and CONTRIBUTING.md to explain the new licensing model. Add a copy of the DCO to the project. Expand the full Apache-2.0 license text in the LICENSE file and remove the redundant apache-2.0.txt. Signed-off-by: Dan Handley --- CONTRIBUTING.md | 8 +- LICENSE | 204 +++++++++++++++++++++++++++++++++++++++++++++++- README.md | 10 ++- apache-2.0.txt | 202 ----------------------------------------------- dco.txt | 37 +++++++++ 5 files changed, 249 insertions(+), 212 deletions(-) delete mode 100644 apache-2.0.txt create mode 100644 dco.txt diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 18851db41..d1ee2d328 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -5,11 +5,6 @@ We gratefully accept bug reports and contributions from the community. There are - As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted. - The contribution should not break API or ABI, unless there is a real justification for that. If there is an API change, the contribution, if accepted, will be merged only when there will be a major release. -Contributor License Agreement (CLA) ------------------------------------ -- All contributions, whether large or small, require a Contributor's License Agreement (CLA) to be accepted. This is because source code can possibly fall under copyright law and we need your consent to share in the ownership of the copyright. -- To accept the Contributor’s License Agreement (CLA), individual contributors can do this by creating an Mbed account and [accepting the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an Mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to Arm as described in the instructions given. - Coding Standards ---------------- - We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions are fully tested before submission, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. @@ -24,7 +19,8 @@ Making a Contribution 1. Write a test which shows that the bug was fixed or that the feature works as expected. 1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :) 1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it. -1. Mbed TLS is released under the Apache license, and as such, all the added files should include the Apache license header. +1. All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. +1. Ensure that each commit has at least one `Signed-off-by:` line from the committer. If anyone else contributes to the commit, they should also add their own `Signed-off-by:` line. By adding this line, contributor(s) certify that the contribution is made under the terms of the [Developer Certificate of Origin](dco.txt). The contribution licensing is described in the [License section of the README](README.md#License). API/ABI Compatibility --------------------- diff --git a/LICENSE b/LICENSE index 546a8e631..d64569567 100644 --- a/LICENSE +++ b/LICENSE @@ -1,2 +1,202 @@ -Unless specifically indicated otherwise in a file, files are licensed -under the Apache 2.0 license, as can be found in: apache-2.0.txt + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README.md b/README.md index a954a168e..b716f0881 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,6 @@ The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only. -Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license. - ## PSA cryptography API Arm's [Platform Security Architecture (PSA)](https://developer.arm.com/architectures/security-architectures/platform-security-architecture) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. @@ -89,6 +87,14 @@ Future releases of this library will include: * A configuration mechanism to compile only the algorithms you need for your application. * A wider set of cryptographic algorithms. +## License + +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 OR GPL-2.0-or-later licenses. + +## Contributing + +We gratefully accept bug reports and contributions from the community. Please see the [contributing guidelines](CONTRIBUTING.md) for details on how to do this. + ## Feedback welcome Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially. diff --git a/apache-2.0.txt b/apache-2.0.txt deleted file mode 100644 index d64569567..000000000 --- a/apache-2.0.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/dco.txt b/dco.txt new file mode 100644 index 000000000..8201f9921 --- /dev/null +++ b/dco.txt @@ -0,0 +1,37 @@ +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +1 Letterman Drive +Suite D4700 +San Francisco, CA, 94129 + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. From e0fcd887b810cbfd6138ac2472101d5bcd9486d4 Mon Sep 17 00:00:00 2001 From: Dan Handley Date: Tue, 18 Feb 2020 17:28:42 +0000 Subject: [PATCH 2154/2197] Minor formatting fixes to CONTRIBUTING.md Fix inconsistent list formatting in CONTRIBUTING.md. Signed-off-by: Dan Handley --- CONTRIBUTING.md | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d1ee2d328..c1ae452e2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -42,18 +42,14 @@ Mbed TLS maintains several LTS (Long Term Support) branches, which are maintaine When backporting to these branches please observe the following rules: - 1. Any change to the library which changes the API or ABI cannot be backported. - - 2. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted. - - 3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts. +1. Any change to the library which changes the API or ABI cannot be backported. +1. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted. +1. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts. It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors. Currently maintained LTS branches are: - 1. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7) - 1. [mbedtls-2.16](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16) @@ -80,12 +76,7 @@ Documentation Mbed TLS is well documented, but if you think documentation is needed, speak out! 1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation. - -2. Complex parts in the code should include comments. - -3. If needed, a Readme file is advised. - -4. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description. - -5. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog) entry should be added for this contribution. - +1. Complex parts in the code should include comments. +1. If needed, a Readme file is advised. +1. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description. +1. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog) entry should be added for this contribution. From 9ab962151161ea8f98b6bff67a89c4bde3ef9814 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Feb 2020 21:06:45 +0100 Subject: [PATCH 2155/2197] Move 3rdparty mentions to a separate line This makes it easier to merge changes related to adding or removing 3rdparty items. No semantic change. --- tests/scripts/check-names.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh index ee726074b..dc097ee8e 100755 --- a/tests/scripts/check-names.sh +++ b/tests/scripts/check-names.sh @@ -86,7 +86,8 @@ printf "Likely typos: " sort -u actual-macros enum-consts > _caps HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" -LIBRARY="$( ls library/*.c ) 3rdparty/everest/library/everest.c 3rdparty/everest/library/x25519.c" +LIBRARY="$( ls library/*.c )" +LIBRARY="$LIBRARY 3rdparty/everest/library/everest.c 3rdparty/everest/library/x25519.c" NL=' ' sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \ From 13fac98aca71fa3a51aca7631197246c9e8eedb0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Feb 2020 20:34:22 +0100 Subject: [PATCH 2156/2197] Generalize everest support to generic 3rdparty support Other third-party components can now be added by just adding lines to the definitions of @thirdparty_header_dirs and @thirdparty_source_dirs. No semantic change. The output does not change at all. --- scripts/generate_visualc_files.pl | 43 +++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 2134f53a6..adef3bda6 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -22,8 +22,18 @@ my $programs_dir = 'programs'; my $mbedtls_header_dir = 'include/mbedtls'; my $psa_header_dir = 'include/psa'; my $source_dir = 'library'; -my $everest_header_dir = '3rdparty/everest/include/everest'; -my @everest_source_dirs = ('3rdparty/everest/library', '3rdparty/everest/library/kremlib', '3rdparty/everest/library/legacy'); + +my @thirdparty_header_dirs = qw( + 3rdparty/everest/include/everest +); +my @thirdparty_source_dirs = qw( + 3rdparty/everest/library + 3rdparty/everest/library/kremlib + 3rdparty/everest/library/legacy +); +my @thirdparty_excluded = qw( + 3rdparty/everest/library/Hacl_Curve25519.c +); # Need windows line endings! my $vsx_hdr_tpl = <; - my @everest_sources = (); - foreach my $d (@everest_source_dirs) { push @everest_sources, <$d/*.c>; } - @everest_sources = grep !/3rdparty\/everest\/library\/Hacl_Curve25519.c/, @everest_sources; - map { s!/!\\!g } @everest_headers; - map { s!/!\\!g } @everest_sources; + my @thirdparty_headers = map { <$_/*.h> } @thirdparty_header_dirs; + my @thirdparty_sources = map { <$_/*.c> } @thirdparty_source_dirs; + @thirdparty_sources = grep { ! is_thirdparty_excluded($_) } @thirdparty_sources; + map { s!/!\\!g } @thirdparty_headers; + map { s!/!\\!g } @thirdparty_sources; gen_app_files( @app_list ); gen_main_file( \@mbedtls_headers, \@psa_headers, \@source_headers, - \@everest_headers, \@sources, \@everest_sources, $vsx_hdr_tpl, + \@thirdparty_headers, \@sources, \@thirdparty_sources, $vsx_hdr_tpl, $vsx_src_tpl, $vsx_main_tpl_file, $vsx_main_file ); gen_vsx_solution( @app_list ); From b41f88f47a146fd19a05c4087f6903e66461425e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 12 Feb 2020 20:45:18 +0100 Subject: [PATCH 2157/2197] Simplify the code around the call to gen_main_file There's no need to keep the directory lists separated until the last minute. No semantic change. The generated files change slightly because there was one directory list where slashes were not changed to backslashes like in the other five. This does not affect their semantics. --- scripts/generate_visualc_files.pl | 54 +++++++++++++++---------------- visualc/VS2010/mbedTLS.vcxproj | 14 ++++---- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index adef3bda6..5565729f9 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -31,9 +31,12 @@ my @thirdparty_source_dirs = qw( 3rdparty/everest/library/kremlib 3rdparty/everest/library/legacy ); -my @thirdparty_excluded = qw( + +my @excluded_files = qw( 3rdparty/everest/library/Hacl_Curve25519.c ); +my %excluded_files = (); +foreach (@excluded_files) { $excluded_files{$_} = 1 } # Need windows line endings! my $vsx_hdr_tpl = <; - my @psa_headers = <$psa_header_dir/*.h>; - my @source_headers = <$source_dir/*.h>; - my @sources = <$source_dir/*.c>; - map { s!/!\\!g } @mbedtls_headers; - map { s!/!\\!g } @psa_headers; - map { s!/!\\!g } @sources; + my @header_dirs = ( + $mbedtls_header_dir, + $psa_header_dir, + $source_dir, + @thirdparty_header_dirs, + ); + my @headers = (map { <$_/*.h> } @header_dirs); + my @source_dirs = ( + $source_dir, + @thirdparty_source_dirs, + ); + my @sources = (map { <$_/*.c> } @source_dirs); - my @thirdparty_headers = map { <$_/*.h> } @thirdparty_header_dirs; - my @thirdparty_sources = map { <$_/*.c> } @thirdparty_source_dirs; - @thirdparty_sources = grep { ! is_thirdparty_excluded($_) } @thirdparty_sources; - map { s!/!\\!g } @thirdparty_headers; - map { s!/!\\!g } @thirdparty_sources; + @headers = grep { ! $excluded_files{$_} } @headers; + @sources = grep { ! $excluded_files{$_} } @sources; + map { s!/!\\!g } @headers; + map { s!/!\\!g } @sources; gen_app_files( @app_list ); - gen_main_file( \@mbedtls_headers, \@psa_headers, \@source_headers, - \@thirdparty_headers, \@sources, \@thirdparty_sources, $vsx_hdr_tpl, - $vsx_src_tpl, $vsx_main_tpl_file, $vsx_main_file ); + gen_main_file( \@headers, \@sources, + $vsx_hdr_tpl, $vsx_src_tpl, + $vsx_main_tpl_file, $vsx_main_file ); gen_vsx_solution( @app_list ); diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 0e40e3577..eb5f275a8 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -222,13 +222,13 @@ - - - - - - - + + + + + + + From 7156d8cda95e54595b2f45a9b87cbb0d2882c3ea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 19 Feb 2020 20:08:44 +0100 Subject: [PATCH 2158/2197] Don't hard-code include paths in templates generate_visualc_files.pl has a list of directories that it pulls headers from, so it knows what directories to put on the include path. Make it inject the include path into the output files, rather than hard-coding the include paths in template files. A similar change (but with different code) was made in Mbed TLS in commit b78cf2b261f5549184c7a2e6aea472da879606af "Adjust visual studio file generation to always use the crypto submodule". No semantic change: this commit does not change the generated files. --- scripts/data_files/vs2010-app-template.vcxproj | 16 ++++++++++++---- scripts/data_files/vs2010-main-template.vcxproj | 16 ++++++++++++---- scripts/generate_visualc_files.pl | 14 ++++++++++++++ 3 files changed, 38 insertions(+), 8 deletions(-) diff --git a/scripts/data_files/vs2010-app-template.vcxproj b/scripts/data_files/vs2010-app-template.vcxproj index 5480a445c..e7bb122d8 100644 --- a/scripts/data_files/vs2010-app-template.vcxproj +++ b/scripts/data_files/vs2010-app-template.vcxproj @@ -93,7 +93,9 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + Console @@ -113,7 +115,9 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + Console @@ -135,7 +139,9 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + Console @@ -155,7 +161,9 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + Console diff --git a/scripts/data_files/vs2010-main-template.vcxproj b/scripts/data_files/vs2010-main-template.vcxproj index 7071cd28a..81bbbe669 100644 --- a/scripts/data_files/vs2010-main-template.vcxproj +++ b/scripts/data_files/vs2010-main-template.vcxproj @@ -86,7 +86,9 @@ Level3 Disabled WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + CompileAsC @@ -101,7 +103,9 @@ Level3 Disabled WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + CompileAsC @@ -118,7 +122,9 @@ true true WIN32;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + Windows @@ -136,7 +142,9 @@ true true WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +INCLUDE_DIRECTORIES + Windows diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 5565729f9..5b3bfcc47 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -32,6 +32,18 @@ my @thirdparty_source_dirs = qw( 3rdparty/everest/library/legacy ); +# Directories to add to the include path. +# Order matters in case there are files with the same name in more than +# one directory: the compiler will use the first match. +my @include_directories = qw( + include + 3rdparty/everest/include/ + 3rdparty/everest/include/everest + 3rdparty/everest/include/everest/vs2010 + 3rdparty/everest/include/everest/kremlib +); +my $include_directories = join(';', map {"../../$_"} @include_directories); + my @excluded_files = qw( 3rdparty/everest/library/Hacl_Curve25519.c ); @@ -123,6 +135,7 @@ sub gen_app { $content =~ s//$srcs/g; $content =~ s//$appname/g; $content =~ s//$guid/g; + $content =~ s/\r\nINCLUDE_DIRECTORIES\r\n +/$include_directories/g; content_to_file( $content, "$dir/$appname.$ext" ); } @@ -167,6 +180,7 @@ sub gen_main_file { my $out = slurp_file( $main_tpl ); $out =~ s/SOURCE_ENTRIES\r\n/$source_entries/m; $out =~ s/HEADER_ENTRIES\r\n/$header_entries/m; + $out =~ s/\r\nINCLUDE_DIRECTORIES\r\n +/$include_directories/g; content_to_file( $out, $main_out ); } From d362d0bf863bc89d68676eee83c8fd594e23ec67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 14:32:42 +0100 Subject: [PATCH 2159/2197] Tweak spacing in Visual Studio files Tweak the code to be slightly simpler and closer to mbedtls. This changes non-significant whitespace in the generated files. --- scripts/generate_visualc_files.pl | 4 ++-- visualc/VS2010/aescrypt2.vcxproj | 12 ++++++++---- visualc/VS2010/benchmark.vcxproj | 12 ++++++++---- visualc/VS2010/crypt_and_hash.vcxproj | 12 ++++++++---- visualc/VS2010/crypto_examples.vcxproj | 12 ++++++++---- visualc/VS2010/dh_genprime.vcxproj | 12 ++++++++---- visualc/VS2010/ecdh_curve25519.vcxproj | 12 ++++++++---- visualc/VS2010/ecdsa.vcxproj | 12 ++++++++---- visualc/VS2010/gen_entropy.vcxproj | 12 ++++++++---- visualc/VS2010/gen_key.vcxproj | 12 ++++++++---- visualc/VS2010/gen_random_ctr_drbg.vcxproj | 12 ++++++++---- visualc/VS2010/gen_random_havege.vcxproj | 12 ++++++++---- visualc/VS2010/generic_sum.vcxproj | 12 ++++++++---- visualc/VS2010/hello.vcxproj | 12 ++++++++---- visualc/VS2010/key_app.vcxproj | 12 ++++++++---- visualc/VS2010/key_app_writer.vcxproj | 12 ++++++++---- visualc/VS2010/key_ladder_demo.vcxproj | 12 ++++++++---- visualc/VS2010/mbedTLS.vcxproj | 12 ++++++++---- visualc/VS2010/mpi_demo.vcxproj | 12 ++++++++---- visualc/VS2010/pem2der.vcxproj | 12 ++++++++---- visualc/VS2010/pk_decrypt.vcxproj | 12 ++++++++---- visualc/VS2010/pk_encrypt.vcxproj | 12 ++++++++---- visualc/VS2010/pk_sign.vcxproj | 12 ++++++++---- visualc/VS2010/pk_verify.vcxproj | 12 ++++++++---- visualc/VS2010/psa_constant_names.vcxproj | 12 ++++++++---- visualc/VS2010/query_compile_time_config.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_decrypt.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_encrypt.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_genkey.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_sign.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_sign_pss.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_verify.vcxproj | 12 ++++++++---- visualc/VS2010/rsa_verify_pss.vcxproj | 12 ++++++++---- visualc/VS2010/selftest.vcxproj | 12 ++++++++---- visualc/VS2010/strerror.vcxproj | 12 ++++++++---- visualc/VS2010/zeroize.vcxproj | 12 ++++++++---- 36 files changed, 282 insertions(+), 142 deletions(-) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 5b3bfcc47..00a0c6322 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -135,7 +135,7 @@ sub gen_app { $content =~ s//$srcs/g; $content =~ s//$appname/g; $content =~ s//$guid/g; - $content =~ s/\r\nINCLUDE_DIRECTORIES\r\n +/$include_directories/g; + $content =~ s/INCLUDE_DIRECTORIES\r\n/$include_directories/g; content_to_file( $content, "$dir/$appname.$ext" ); } @@ -180,7 +180,7 @@ sub gen_main_file { my $out = slurp_file( $main_tpl ); $out =~ s/SOURCE_ENTRIES\r\n/$source_entries/m; $out =~ s/HEADER_ENTRIES\r\n/$header_entries/m; - $out =~ s/\r\nINCLUDE_DIRECTORIES\r\n +/$include_directories/g; + $out =~ s/INCLUDE_DIRECTORIES\r\n/$include_directories/g; content_to_file( $out, $main_out ); } diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj index f900580a2..ad2a774f3 100644 --- a/visualc/VS2010/aescrypt2.vcxproj +++ b/visualc/VS2010/aescrypt2.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj index e77d4b99e..7bdcc4be5 100644 --- a/visualc/VS2010/benchmark.vcxproj +++ b/visualc/VS2010/benchmark.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj index 1f7db3014..2ae86c4a3 100644 --- a/visualc/VS2010/crypt_and_hash.vcxproj +++ b/visualc/VS2010/crypt_and_hash.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj index 9df713bdb..687ed9dec 100644 --- a/visualc/VS2010/crypto_examples.vcxproj +++ b/visualc/VS2010/crypto_examples.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj index 9b2f9f90d..c036f6b87 100644 --- a/visualc/VS2010/dh_genprime.vcxproj +++ b/visualc/VS2010/dh_genprime.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj index 7e668eac1..00e589e2b 100644 --- a/visualc/VS2010/ecdh_curve25519.vcxproj +++ b/visualc/VS2010/ecdh_curve25519.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj index cf59d45eb..ae1531ba6 100644 --- a/visualc/VS2010/ecdsa.vcxproj +++ b/visualc/VS2010/ecdsa.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj index 08d23f574..884affcba 100644 --- a/visualc/VS2010/gen_entropy.vcxproj +++ b/visualc/VS2010/gen_entropy.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj index bd44e9775..cf41a89fb 100644 --- a/visualc/VS2010/gen_key.vcxproj +++ b/visualc/VS2010/gen_key.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj index 338a92835..dee5bae04 100644 --- a/visualc/VS2010/gen_random_ctr_drbg.vcxproj +++ b/visualc/VS2010/gen_random_ctr_drbg.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/gen_random_havege.vcxproj b/visualc/VS2010/gen_random_havege.vcxproj index 31d09d4c1..13e219807 100644 --- a/visualc/VS2010/gen_random_havege.vcxproj +++ b/visualc/VS2010/gen_random_havege.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj index 4ed977a70..c87ce89c8 100644 --- a/visualc/VS2010/generic_sum.vcxproj +++ b/visualc/VS2010/generic_sum.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj index 71a13dd58..ef0ec146a 100644 --- a/visualc/VS2010/hello.vcxproj +++ b/visualc/VS2010/hello.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj index 3d8d45735..cb93ec244 100644 --- a/visualc/VS2010/key_app.vcxproj +++ b/visualc/VS2010/key_app.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj index b17a485dc..bcd4a3e0a 100644 --- a/visualc/VS2010/key_app_writer.vcxproj +++ b/visualc/VS2010/key_app_writer.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj index 4b419afec..985cb492e 100644 --- a/visualc/VS2010/key_ladder_demo.vcxproj +++ b/visualc/VS2010/key_ladder_demo.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index eb5f275a8..33121bf1c 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -86,7 +86,8 @@ Level3 Disabled WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib CompileAsC @@ -101,7 +102,8 @@ Level3 Disabled WIN32;_DEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib CompileAsC @@ -118,7 +120,8 @@ true true WIN32;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Windows @@ -136,7 +139,8 @@ true true WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Windows diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj index 2015cff0e..a9939072e 100644 --- a/visualc/VS2010/mpi_demo.vcxproj +++ b/visualc/VS2010/mpi_demo.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj index 45799c1f9..0c4e5e146 100644 --- a/visualc/VS2010/pem2der.vcxproj +++ b/visualc/VS2010/pem2der.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj index baf3d7c30..05d495035 100644 --- a/visualc/VS2010/pk_decrypt.vcxproj +++ b/visualc/VS2010/pk_decrypt.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj index 38eb66155..2826a9611 100644 --- a/visualc/VS2010/pk_encrypt.vcxproj +++ b/visualc/VS2010/pk_encrypt.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj index 2bbea277a..b0c86e982 100644 --- a/visualc/VS2010/pk_sign.vcxproj +++ b/visualc/VS2010/pk_sign.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj index 8804a9c1c..879bc1026 100644 --- a/visualc/VS2010/pk_verify.vcxproj +++ b/visualc/VS2010/pk_verify.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj index 046505a9b..8b36047ca 100644 --- a/visualc/VS2010/psa_constant_names.vcxproj +++ b/visualc/VS2010/psa_constant_names.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj index e95a49f91..7fbb8c5d6 100644 --- a/visualc/VS2010/query_compile_time_config.vcxproj +++ b/visualc/VS2010/query_compile_time_config.vcxproj @@ -95,7 +95,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -115,7 +116,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -137,7 +139,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -157,7 +160,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj index 8ba60e38d..0e9e99ec6 100644 --- a/visualc/VS2010/rsa_decrypt.vcxproj +++ b/visualc/VS2010/rsa_decrypt.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj index af8663193..8e395878f 100644 --- a/visualc/VS2010/rsa_encrypt.vcxproj +++ b/visualc/VS2010/rsa_encrypt.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj index 2a6782423..6eec312a0 100644 --- a/visualc/VS2010/rsa_genkey.vcxproj +++ b/visualc/VS2010/rsa_genkey.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj index 37bae35b7..584496e7d 100644 --- a/visualc/VS2010/rsa_sign.vcxproj +++ b/visualc/VS2010/rsa_sign.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj index 2dfe7510e..994d818b1 100644 --- a/visualc/VS2010/rsa_sign_pss.vcxproj +++ b/visualc/VS2010/rsa_sign_pss.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj index ee834de5a..93c84a3e5 100644 --- a/visualc/VS2010/rsa_verify.vcxproj +++ b/visualc/VS2010/rsa_verify.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj index 00b4ebe8c..ac54a68b5 100644 --- a/visualc/VS2010/rsa_verify_pss.vcxproj +++ b/visualc/VS2010/rsa_verify_pss.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj index 184c3743f..279481f9f 100644 --- a/visualc/VS2010/selftest.vcxproj +++ b/visualc/VS2010/selftest.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj index 91c7ff7d2..10be4e681 100644 --- a/visualc/VS2010/strerror.vcxproj +++ b/visualc/VS2010/strerror.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj index 0697ca6fa..ac9c709df 100644 --- a/visualc/VS2010/zeroize.vcxproj +++ b/visualc/VS2010/zeroize.vcxproj @@ -94,7 +94,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -114,7 +115,8 @@ Level3 Disabled WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -136,7 +138,8 @@ true true WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console @@ -156,7 +159,8 @@ true true WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib Console From ae463e65055fc6cc3a710a2031ae1acf409edf4f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 14:44:40 +0100 Subject: [PATCH 2160/2197] Move EXTRA_GENERATED mentions to a separate line This makes reconciliation with other branches that don't have it (mbedtls, backports) easier. --- programs/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/Makefile b/programs/Makefile index f56df5f97..250c6483f 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -246,7 +246,8 @@ psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP) clean: ifndef WINDOWS - rm -f $(APPS) $(EXTRA_GENERATED) + rm -f $(APPS) + rm -f $(EXTRA_GENERATED) -rm -f test/cpp_dummy_build$(EXEXT) else if exist *.o del /Q /F *.o From 26e4fdc6cdbfa30308fbae72442843471d39212b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Mar 2020 21:15:04 +0100 Subject: [PATCH 2161/2197] Move MEMORY_BUFFER_ALLOC components to align the order with mbedtls No code change. This commit just moves two functions to make the order of component definitions match the one in mbedtls. --- tests/scripts/all.sh | 48 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 99caeb3e0..17ca34641 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -831,6 +831,30 @@ component_build_no_std_function () { make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' } +component_test_memory_buffer_allocator_backtrace () { + msg "build: default config with memory buffer allocator and backtrace enabled" + scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_PLATFORM_MEMORY + scripts/config.py set MBEDTLS_MEMORY_BACKTRACE + scripts/config.py set MBEDTLS_MEMORY_DEBUG + CC=gcc cmake . + make + + msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" + make test +} + +component_test_memory_buffer_allocator () { + msg "build: default config with memory buffer allocator" + scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_PLATFORM_MEMORY + CC=gcc cmake . + make + + msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" + make test +} + component_test_null_entropy () { msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY @@ -872,30 +896,6 @@ component_test_malloc_0_null () { if_build_succeeded programs/test/selftest calloc } -component_test_memory_buffer_allocator_backtrace () { - msg "build: default config with memory buffer allocator and backtrace enabled" - scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.py set MBEDTLS_PLATFORM_MEMORY - scripts/config.py set MBEDTLS_MEMORY_BACKTRACE - scripts/config.py set MBEDTLS_MEMORY_DEBUG - CC=gcc cmake . - make - - msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" - make test -} - -component_test_memory_buffer_allocator () { - msg "build: default config with memory buffer allocator" - scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.py set MBEDTLS_PLATFORM_MEMORY - CC=gcc cmake . - make - - msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" - make test -} - component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES From 40f17dc8039efde68561dca1f4ba1906b1bf1cb7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:25:08 +0100 Subject: [PATCH 2162/2197] Revert "Remove certs.h" This reverts commit b8e4ae18cf24644fa8daea6add26ad33aa1e52a7. --- include/mbedtls/certs.h | 106 ++++++++++++++++++++++++++++ programs/test/cpp_dummy_build.cpp | 1 + programs/test/query_config.c | 1 + scripts/data_files/query_config.fmt | 1 + visualc/VS2010/mbedTLS.vcxproj | 1 + 5 files changed, 110 insertions(+) create mode 100644 include/mbedtls/certs.h diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h new file mode 100644 index 000000000..c61790208 --- /dev/null +++ b/include/mbedtls/certs.h @@ -0,0 +1,106 @@ +/** + * \file certs.h + * + * \brief Sample certificates and DHM parameters for testing + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_CERTS_H +#define MBEDTLS_CERTS_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(MBEDTLS_PEM_PARSE_C) +/* Concatenation of all CA certificates in PEM format if available */ +extern const char mbedtls_test_cas_pem[]; +extern const size_t mbedtls_test_cas_pem_len; +#endif + +/* List of all CA certificates, terminated by NULL */ +extern const char * mbedtls_test_cas[]; +extern const size_t mbedtls_test_cas_len[]; + +/* + * Convenience for users who just want a certificate: + * RSA by default, or ECDSA if RSA is not available + */ +extern const char * mbedtls_test_ca_crt; +extern const size_t mbedtls_test_ca_crt_len; +extern const char * mbedtls_test_ca_key; +extern const size_t mbedtls_test_ca_key_len; +extern const char * mbedtls_test_ca_pwd; +extern const size_t mbedtls_test_ca_pwd_len; +extern const char * mbedtls_test_srv_crt; +extern const size_t mbedtls_test_srv_crt_len; +extern const char * mbedtls_test_srv_key; +extern const size_t mbedtls_test_srv_key_len; +extern const char * mbedtls_test_cli_crt; +extern const size_t mbedtls_test_cli_crt_len; +extern const char * mbedtls_test_cli_key; +extern const size_t mbedtls_test_cli_key_len; + +#if defined(MBEDTLS_ECDSA_C) +extern const char mbedtls_test_ca_crt_ec[]; +extern const size_t mbedtls_test_ca_crt_ec_len; +extern const char mbedtls_test_ca_key_ec[]; +extern const size_t mbedtls_test_ca_key_ec_len; +extern const char mbedtls_test_ca_pwd_ec[]; +extern const size_t mbedtls_test_ca_pwd_ec_len; +extern const char mbedtls_test_srv_crt_ec[]; +extern const size_t mbedtls_test_srv_crt_ec_len; +extern const char mbedtls_test_srv_key_ec[]; +extern const size_t mbedtls_test_srv_key_ec_len; +extern const char mbedtls_test_cli_crt_ec[]; +extern const size_t mbedtls_test_cli_crt_ec_len; +extern const char mbedtls_test_cli_key_ec[]; +extern const size_t mbedtls_test_cli_key_ec_len; +#endif + +#if defined(MBEDTLS_RSA_C) +extern const char mbedtls_test_ca_crt_rsa[]; +extern const size_t mbedtls_test_ca_crt_rsa_len; +extern const char mbedtls_test_ca_key_rsa[]; +extern const size_t mbedtls_test_ca_key_rsa_len; +extern const char mbedtls_test_ca_pwd_rsa[]; +extern const size_t mbedtls_test_ca_pwd_rsa_len; +extern const char mbedtls_test_srv_crt_rsa[]; +extern const size_t mbedtls_test_srv_crt_rsa_len; +extern const char mbedtls_test_srv_key_rsa[]; +extern const size_t mbedtls_test_srv_key_rsa_len; +extern const char mbedtls_test_cli_crt_rsa[]; +extern const size_t mbedtls_test_cli_crt_rsa_len; +extern const char mbedtls_test_cli_key_rsa[]; +extern const size_t mbedtls_test_cli_key_rsa_len; +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* certs.h */ diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index 81ca32c8f..c71ed7990 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -38,6 +38,7 @@ #include "mbedtls/bn_mul.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" +#include "mbedtls/certs.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" #include "mbedtls/check_config.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index b6cbb09f7..29d7d843c 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -47,6 +47,7 @@ #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" +#include "mbedtls/certs.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 911900f8b..600f13030 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -47,6 +47,7 @@ #include "mbedtls/blowfish.h" #include "mbedtls/camellia.h" #include "mbedtls/ccm.h" +#include "mbedtls/certs.h" #include "mbedtls/chacha20.h" #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 33121bf1c..8b771bff9 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -162,6 +162,7 @@ + From db7d5f024d63fd0df8a5772e9eab947e21ce79c0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:25:11 +0100 Subject: [PATCH 2163/2197] Revert "config: Remove explicit ciphersuite lists" This reverts commit 7242ea688a9c7b1702dd41a026e921a696a5e0e2. --- configs/config-psa-crypto.h | 198 +++++++++++++++++++++++++++++++++--- include/mbedtls/config.h | 198 +++++++++++++++++++++++++++++++++--- 2 files changed, 370 insertions(+), 26 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 58a2c88cf..3d6d7d311 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -614,8 +614,26 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the TLS ciphersuites that use the NULL - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_NULL_SHA + * TLS_ECDH_RSA_WITH_NULL_SHA + * TLS_ECDHE_ECDSA_WITH_NULL_SHA + * TLS_ECDHE_RSA_WITH_NULL_SHA + * TLS_ECDHE_PSK_WITH_NULL_SHA384 + * TLS_ECDHE_PSK_WITH_NULL_SHA256 + * TLS_ECDHE_PSK_WITH_NULL_SHA + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_SHA256 + * TLS_RSA_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_MD5 + * TLS_RSA_PSK_WITH_NULL_SHA384 + * TLS_RSA_PSK_WITH_NULL_SHA256 + * TLS_RSA_PSK_WITH_NULL_SHA + * TLS_PSK_WITH_NULL_SHA384 + * TLS_PSK_WITH_NULL_SHA256 + * TLS_PSK_WITH_NULL_SHA * * Uncomment this macro to enable the NULL cipher */ @@ -1039,8 +1057,65 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the TLS ciphersuites that use the AES - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * TLS_RSA_WITH_AES_256_GCM_SHA384 + * TLS_RSA_WITH_AES_256_CBC_SHA256 + * TLS_RSA_WITH_AES_256_CBC_SHA + * TLS_RSA_WITH_AES_128_GCM_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA + * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * TLS_PSK_WITH_AES_256_GCM_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA + * TLS_PSK_WITH_AES_128_GCM_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1054,8 +1129,17 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the TLS ciphersuites that use the ARC4 - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * TLS_ECDH_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * TLS_ECDHE_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_PSK_WITH_RC4_128_SHA + * TLS_DHE_PSK_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_MD5 + * TLS_RSA_PSK_WITH_RC4_128_SHA + * TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1133,8 +1217,49 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the TLS ciphersuites that use the - * Camellia cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ #define MBEDTLS_CAMELLIA_C @@ -1146,8 +1271,45 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the TLS ciphersuites that use the - * ARIA cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ //#define MBEDTLS_ARIA_C @@ -1233,8 +1395,17 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the TLS ciphersuites that use the DES - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_PSK_WITH_3DES_EDE_CBC_SHA * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1359,7 +1530,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support the TLS ciphersuites that use GCM. + * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in + * TLS. */ #define MBEDTLS_GCM_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 585d08776..a728a31e5 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -648,8 +648,26 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the TLS ciphersuites that use the NULL - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_NULL_SHA + * TLS_ECDH_RSA_WITH_NULL_SHA + * TLS_ECDHE_ECDSA_WITH_NULL_SHA + * TLS_ECDHE_RSA_WITH_NULL_SHA + * TLS_ECDHE_PSK_WITH_NULL_SHA384 + * TLS_ECDHE_PSK_WITH_NULL_SHA256 + * TLS_ECDHE_PSK_WITH_NULL_SHA + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_SHA256 + * TLS_RSA_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_MD5 + * TLS_RSA_PSK_WITH_NULL_SHA384 + * TLS_RSA_PSK_WITH_NULL_SHA256 + * TLS_RSA_PSK_WITH_NULL_SHA + * TLS_PSK_WITH_NULL_SHA384 + * TLS_PSK_WITH_NULL_SHA256 + * TLS_PSK_WITH_NULL_SHA * * Uncomment this macro to enable the NULL cipher */ @@ -1140,8 +1158,65 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the TLS ciphersuites that use the AES - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * TLS_RSA_WITH_AES_256_GCM_SHA384 + * TLS_RSA_WITH_AES_256_CBC_SHA256 + * TLS_RSA_WITH_AES_256_CBC_SHA + * TLS_RSA_WITH_AES_128_GCM_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA256 + * TLS_RSA_WITH_AES_128_CBC_SHA + * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * TLS_PSK_WITH_AES_256_GCM_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA + * TLS_PSK_WITH_AES_128_GCM_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA256 + * TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1155,8 +1230,17 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the TLS ciphersuites that use the ARC4 - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * TLS_ECDH_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * TLS_ECDHE_RSA_WITH_RC4_128_SHA + * TLS_ECDHE_PSK_WITH_RC4_128_SHA + * TLS_DHE_PSK_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_SHA + * TLS_RSA_WITH_RC4_128_MD5 + * TLS_RSA_PSK_WITH_RC4_128_SHA + * TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1234,8 +1318,49 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the TLS ciphersuites that use the - * Camellia cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ #define MBEDTLS_CAMELLIA_C @@ -1247,8 +1372,45 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the TLS ciphersuites that use the - * ARIA cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ //#define MBEDTLS_ARIA_C @@ -1338,8 +1500,17 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the TLS ciphersuites that use the DES - * cipher. + * This module is required to support the following ciphersuites in TLS: + * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_PSK_WITH_3DES_EDE_CBC_SHA * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1464,7 +1635,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_ARIA_C * - * This module is required to support the TLS ciphersuites that use GCM. + * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in + * TLS. */ #define MBEDTLS_GCM_C From 84a63fad5b7f8993e197a3ed94146cc7713436f2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:25:12 +0100 Subject: [PATCH 2164/2197] Revert "tests: Update generator with Mbed Crypto comments" This reverts commit dfcf84aea5413ef7c8bc1f30a972ba4ab04bc22b. --- tests/scripts/generate_test_code.py | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index 3a25a8433..1fff09992 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -24,12 +24,15 @@ understanding the script it is important to understand the framework. This doc string contains a summary of the framework and explains the function of this script. -Mbed Crypto test suites: -======================== +Mbed TLS test suites: +===================== Scope: ------ -The test suites focus on unit testing the crypto primitives. Tests can be added -to test any Mbed Crypto module. +The test suites focus on unit testing the crypto primitives and also +include x509 parser tests. Tests can be added to test any Mbed TLS +module. However, the framework is not capable of testing SSL +protocol, since that requires full stack execution and that is best +tested as part of the system test. Test case definition: --------------------- From 9bf54fa22cac985500e43e308a5bce3d7dda5a32 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:25:13 +0100 Subject: [PATCH 2165/2197] Revert "doxygen: Update for Mbed Crypto" This reverts commit 32577734e2635da3684d03ad04ba07044775cef9. --- doxygen/input/doc_mainpage.h | 63 +++++++++++++++++++++++++++++++----- doxygen/mbedtls.doxyfile | 1 + include/mbedtls/dhm.h | 2 ++ 3 files changed, 58 insertions(+), 8 deletions(-) diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index 2a637d1b2..4eff83692 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -5,7 +5,7 @@ */ /* * - * Copyright (C) 2006-2019, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -24,26 +24,73 @@ */ /** - * @mainpage Mbed Crypto v0.1.0 source code documentation + * @mainpage mbed TLS v2.17.0 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in * mbed TLS's source code using Doxygen. (See * http://www.stack.nl/~dimitri/doxygen/ for more information on Doxygen) * - * Mbed Crypto provides an implementation of the PSA Crypto API. The library is - * comprised of a number of independent modules, listed in the \ref - * mainpage_modules "Modules section". This "Modules section" introduces the - * high-level module concepts used throughout this documentation. + * mbed TLS has a simple setup: it provides the ingredients for an SSL/TLS + * implementation. These ingredients are listed as modules in the + * \ref mainpage_modules "Modules section". This "Modules section" introduces + * the high-level module concepts used throughout this documentation.\n + * Some examples of mbed TLS usage can be found in the \ref mainpage_examples + * "Examples section". * * @section mainpage_modules Modules * - * Mbed Crypto provides the following modules: + * mbed TLS supports SSLv3 up to TLSv1.2 communication by providing the + * following: + * - TCP/IP communication functions: listen, connect, accept, read/write. + * - SSL/TLS communication functions: init, handshake, read/write. + * - X.509 functions: CRT, CRL and key handling * - Random number generation * - Hashing * - Encryption/decryption * * Above functions are split up neatly into logical interfaces. These can be - * used separately to provide any of the above functions or to mix-and-match. + * used separately to provide any of the above functions or to mix-and-match + * into an SSL server/client solution that utilises a X.509 PKI. Examples of + * such implementations are amply provided with the source code. * + * Note that mbed TLS does not provide a control channel or (multiple) session + * handling without additional work from the developer. + * + * @section mainpage_examples Examples + * + * Example server setup: + * + * \b Prerequisites: + * - X.509 certificate and private key + * - session handling functions + * + * \b Setup: + * - Load your certificate and your private RSA key (X.509 interface) + * - Setup the listening TCP socket (TCP/IP interface) + * - Accept incoming client connection (TCP/IP interface) + * - Initialise as an SSL-server (SSL/TLS interface) + * - Set parameters, e.g. authentication, ciphers, CA-chain, key exchange + * - Set callback functions RNG, IO, session handling + * - Perform an SSL-handshake (SSL/TLS interface) + * - Read/write data (SSL/TLS interface) + * - Close and cleanup (all interfaces) + * + * Example client setup: + * + * \b Prerequisites: + * - X.509 certificate and private key + * - X.509 trusted CA certificates + * + * \b Setup: + * - Load the trusted CA certificates (X.509 interface) + * - Load your certificate and your private RSA key (X.509 interface) + * - Setup a TCP/IP connection (TCP/IP interface) + * - Initialise as an SSL-client (SSL/TLS interface) + * - Set parameters, e.g. authentication mode, ciphers, CA-chain, session + * - Set callback functions RNG, IO + * - Perform an SSL-handshake (SSL/TLS interface) + * - Verify the server certificate (SSL/TLS interface) + * - Write/read data (SSL/TLS interface) + * - Close and cleanup (all interfaces) */ diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 2b14a3677..473227110 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1618,6 +1618,7 @@ PREDEFINED = WIN32 \ P2MP \ P2MP_SERVER \ USE_CRYPTO \ + USE_SSL \ ENABLE_PLUGIN \ ENABLE_MANAGEMENT \ ENABLE_OCC \ diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 831cfd74b..f9561daf2 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -298,6 +298,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); #if defined(MBEDTLS_ASN1_PARSE_C) +/** \ingroup x509_module */ /** * \brief This function parses DHM parameters in PEM or DER format. * @@ -316,6 +317,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); #if defined(MBEDTLS_FS_IO) +/** \ingroup x509_module */ /** * \brief This function loads and parses DHM parameters from a file. * From 302e43f122bcb18da32e6552d01c41261e2d0b42 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:25:13 +0100 Subject: [PATCH 2166/2197] Revert "scripts: Remove unneeded scripts" This reverts commit ed05b29ea335dd12415b40570b31b08fa8c8bd09. --- scripts/memory.sh | 126 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100755 scripts/memory.sh diff --git a/scripts/memory.sh b/scripts/memory.sh new file mode 100755 index 000000000..3dad2899c --- /dev/null +++ b/scripts/memory.sh @@ -0,0 +1,126 @@ +#!/bin/sh + +# Measure memory usage of a minimal client using a small configuration +# Currently hardwired to ccm-psk and suite-b, may be expanded later +# +# Use different build options for measuring executable size and memory usage, +# since for memory we want debug information. + +set -eu + +CONFIG_H='include/mbedtls/config.h' + +CLIENT='mini_client' + +CFLAGS_EXEC='-fno-asynchronous-unwind-tables -Wl,--gc-section -ffunction-sections -fdata-sections' +CFLAGS_MEM=-g3 + +if [ -r $CONFIG_H ]; then :; else + echo "$CONFIG_H not found" >&2 + exit 1 +fi + +if grep -i cmake Makefile >/dev/null; then + echo "Not compatible with CMake" >&2 + exit 1 +fi + +if [ $( uname ) != Linux ]; then + echo "Only work on Linux" >&2 + exit 1 +fi + +if git status | grep -F $CONFIG_H >/dev/null 2>&1; then + echo "config.h not clean" >&2 + exit 1 +fi + +# make measurements with one configuration +# usage: do_config +do_config() +{ + NAME=$1 + UNSET_LIST=$2 + SERVER_ARGS=$3 + + echo "" + echo "config-$NAME:" + cp configs/config-$NAME.h $CONFIG_H + scripts/config.pl unset MBEDTLS_SSL_SRV_C + + for FLAG in $UNSET_LIST; do + scripts/config.pl unset $FLAG + done + + grep -F SSL_MAX_CONTENT_LEN $CONFIG_H || echo 'SSL_MAX_CONTENT_LEN=16384' + + printf " Executable size... " + + make clean + CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os lib >/dev/null 2>&1 + cd programs + CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os ssl/$CLIENT >/dev/null + strip ssl/$CLIENT + stat -c '%s' ssl/$CLIENT + cd .. + + printf " Peak ram usage... " + + make clean + CFLAGS=$CFLAGS_MEM make OFLAGS=-Os lib >/dev/null 2>&1 + cd programs + CFLAGS=$CFLAGS_MEM make OFLAGS=-Os ssl/$CLIENT >/dev/null + cd .. + + ./ssl_server2 $SERVER_ARGS >/dev/null & + SRV_PID=$! + sleep 1; + + if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 + then + FAILED=0 + else + echo "client failed" >&2 + FAILED=1 + fi + + kill $SRV_PID + wait $SRV_PID + + scripts/massif_max.pl massif.out.* + mv massif.out.* massif-$NAME.$$ +} + +# preparation + +CONFIG_BAK=${CONFIG_H}.bak +cp $CONFIG_H $CONFIG_BAK + +rm -f massif.out.* + +printf "building server... " + +make clean +make lib >/dev/null 2>&1 +(cd programs && make ssl/ssl_server2) >/dev/null +cp programs/ssl/ssl_server2 . + +echo "done" + +# actual measurements + +do_config "ccm-psk-tls1_2" \ + "" \ + "psk=000102030405060708090A0B0C0D0E0F" + +do_config "suite-b" \ + "MBEDTLS_BASE64_C MBEDTLS_PEM_PARSE_C MBEDTLS_CERTS_C" \ + "" + +# cleanup + +mv $CONFIG_BAK $CONFIG_H +make clean +rm ssl_server2 + +exit $FAILED From 32d90b39198474663e45b677ffe3f7e09949d06b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:25:14 +0100 Subject: [PATCH 2167/2197] Revert "Remove unused test data files" This reverts commit ef24980e667debd0cb8f1f26218c452bacbbe084. --- tests/data_files/Makefile | 216 +++++++++++++++ tests/data_files/Readme-x509.txt | 131 +++++++++ tests/data_files/bitstring-in-dn.pem | 51 ++++ tests/data_files/cert_example_multi.crt | 80 ++++++ tests/data_files/cert_example_multi_nocn.crt | 13 + tests/data_files/cert_example_wildcard.crt | 77 ++++++ tests/data_files/cert_md2.crt | 77 ++++++ tests/data_files/cert_md4.crt | 77 ++++++ tests/data_files/cert_md5.crt | 77 ++++++ tests/data_files/cert_sha1.crt | 77 ++++++ tests/data_files/cert_sha224.crt | 77 ++++++ tests/data_files/cert_sha256.crt | 77 ++++++ tests/data_files/cert_sha384.crt | 77 ++++++ tests/data_files/cert_sha512.crt | 77 ++++++ tests/data_files/cert_v1_with_ext.crt | 23 ++ tests/data_files/cli-rsa-sha1.crt | 20 ++ tests/data_files/cli-rsa-sha256.crt | 20 ++ tests/data_files/cli.opensslconf | 4 + tests/data_files/cli2.crt | 14 + tests/data_files/cli2.key | 5 + tests/data_files/crl-ec-sha1.pem | 10 + tests/data_files/crl-ec-sha224.pem | 10 + tests/data_files/crl-ec-sha256.pem | 10 + tests/data_files/crl-ec-sha384.pem | 10 + tests/data_files/crl-ec-sha512.pem | 10 + tests/data_files/crl-future.pem | 11 + tests/data_files/crl-idp.pem | 12 + tests/data_files/crl-idpnc.pem | 12 + .../crl-malformed-trailing-spaces.pem | 20 ++ tests/data_files/crl-rsa-pss-sha1-badsign.pem | 14 + tests/data_files/crl-rsa-pss-sha1.pem | 14 + tests/data_files/crl-rsa-pss-sha224.pem | 16 ++ tests/data_files/crl-rsa-pss-sha256.pem | 16 ++ tests/data_files/crl-rsa-pss-sha384.pem | 16 ++ tests/data_files/crl-rsa-pss-sha512.pem | 16 ++ tests/data_files/crl.pem | 11 + tests/data_files/crl_cat_ec-rsa.pem | 21 ++ tests/data_files/crl_cat_ecfut-rsa.pem | 22 ++ tests/data_files/crl_cat_rsa-ec.pem | 21 ++ tests/data_files/crl_cat_rsabadpem-ec.pem | 21 ++ tests/data_files/crl_expired.pem | 11 + tests/data_files/crl_md2.pem | 11 + tests/data_files/crl_md4.pem | 11 + tests/data_files/crl_md5.pem | 11 + tests/data_files/crl_sha1.pem | 11 + tests/data_files/crl_sha224.pem | 11 + tests/data_files/crl_sha256.pem | 11 + tests/data_files/crl_sha384.pem | 11 + tests/data_files/crl_sha512.pem | 11 + tests/data_files/crt_cat_rsaexp-ec.pem | 21 ++ tests/data_files/dh.1000.pem | 34 +++ tests/data_files/dir-maxpath/00.crt | 11 + tests/data_files/dir-maxpath/00.key | 8 + tests/data_files/dir-maxpath/01.crt | 13 + tests/data_files/dir-maxpath/01.key | 8 + tests/data_files/dir-maxpath/02.crt | 12 + tests/data_files/dir-maxpath/02.key | 8 + tests/data_files/dir-maxpath/03.crt | 12 + tests/data_files/dir-maxpath/03.key | 8 + tests/data_files/dir-maxpath/04.crt | 12 + tests/data_files/dir-maxpath/04.key | 8 + tests/data_files/dir-maxpath/05.crt | 12 + tests/data_files/dir-maxpath/05.key | 8 + tests/data_files/dir-maxpath/06.crt | 12 + tests/data_files/dir-maxpath/06.key | 8 + tests/data_files/dir-maxpath/07.crt | 12 + tests/data_files/dir-maxpath/07.key | 8 + tests/data_files/dir-maxpath/08.crt | 12 + tests/data_files/dir-maxpath/08.key | 8 + tests/data_files/dir-maxpath/09.crt | 12 + tests/data_files/dir-maxpath/09.key | 8 + tests/data_files/dir-maxpath/10.crt | 12 + tests/data_files/dir-maxpath/10.key | 8 + tests/data_files/dir-maxpath/11.crt | 12 + tests/data_files/dir-maxpath/11.key | 8 + tests/data_files/dir-maxpath/12.crt | 12 + tests/data_files/dir-maxpath/12.key | 8 + tests/data_files/dir-maxpath/13.crt | 12 + tests/data_files/dir-maxpath/13.key | 8 + tests/data_files/dir-maxpath/14.crt | 12 + tests/data_files/dir-maxpath/14.key | 8 + tests/data_files/dir-maxpath/15.crt | 12 + tests/data_files/dir-maxpath/15.key | 8 + tests/data_files/dir-maxpath/16.crt | 12 + tests/data_files/dir-maxpath/16.key | 8 + tests/data_files/dir-maxpath/17.crt | 12 + tests/data_files/dir-maxpath/17.key | 8 + tests/data_files/dir-maxpath/18.crt | 12 + tests/data_files/dir-maxpath/18.key | 8 + tests/data_files/dir-maxpath/19.crt | 12 + tests/data_files/dir-maxpath/19.key | 8 + tests/data_files/dir-maxpath/20.crt | 12 + tests/data_files/dir-maxpath/20.key | 8 + tests/data_files/dir-maxpath/Readme.txt | 10 + tests/data_files/dir-maxpath/c00.pem | 11 + tests/data_files/dir-maxpath/c01.pem | 24 ++ tests/data_files/dir-maxpath/c02.pem | 36 +++ tests/data_files/dir-maxpath/c03.pem | 48 ++++ tests/data_files/dir-maxpath/c04.pem | 60 +++++ tests/data_files/dir-maxpath/c05.pem | 72 +++++ tests/data_files/dir-maxpath/c06.pem | 84 ++++++ tests/data_files/dir-maxpath/c07.pem | 96 +++++++ tests/data_files/dir-maxpath/c08.pem | 108 ++++++++ tests/data_files/dir-maxpath/c09.pem | 120 +++++++++ tests/data_files/dir-maxpath/c10.pem | 132 +++++++++ tests/data_files/dir-maxpath/c11.pem | 144 ++++++++++ tests/data_files/dir-maxpath/c12.pem | 156 +++++++++++ tests/data_files/dir-maxpath/c13.pem | 168 ++++++++++++ tests/data_files/dir-maxpath/c14.pem | 180 +++++++++++++ tests/data_files/dir-maxpath/c15.pem | 192 +++++++++++++ tests/data_files/dir-maxpath/c16.pem | 204 ++++++++++++++ tests/data_files/dir-maxpath/c17.pem | 216 +++++++++++++++ tests/data_files/dir-maxpath/c18.pem | 228 ++++++++++++++++ tests/data_files/dir-maxpath/c19.pem | 240 +++++++++++++++++ tests/data_files/dir-maxpath/c20.pem | 252 ++++++++++++++++++ tests/data_files/dir-maxpath/int.opensslconf | 4 + tests/data_files/dir-maxpath/long.sh | 35 +++ tests/data_files/dir1/test-ca.crt | 80 ++++++ tests/data_files/dir2/test-ca.crt | 80 ++++++ tests/data_files/dir2/test-ca2.crt | 15 ++ tests/data_files/dir3/Readme | 1 + tests/data_files/dir3/test-ca.crt | 80 ++++++ tests/data_files/dir3/test-ca2.crt | 15 ++ tests/data_files/dir4/Readme | 47 ++++ tests/data_files/dir4/cert11.crt | 18 ++ tests/data_files/dir4/cert12.crt | 19 ++ tests/data_files/dir4/cert13.crt | 19 ++ tests/data_files/dir4/cert14.crt | 19 ++ tests/data_files/dir4/cert21.crt | 18 ++ tests/data_files/dir4/cert22.crt | 19 ++ tests/data_files/dir4/cert23.crt | 19 ++ tests/data_files/dir4/cert31.crt | 18 ++ tests/data_files/dir4/cert32.crt | 19 ++ tests/data_files/dir4/cert33.crt | 19 ++ tests/data_files/dir4/cert34.crt | 19 ++ tests/data_files/dir4/cert41.crt | 18 ++ tests/data_files/dir4/cert42.crt | 19 ++ tests/data_files/dir4/cert43.crt | 19 ++ tests/data_files/dir4/cert44.crt | 19 ++ tests/data_files/dir4/cert45.crt | 19 ++ tests/data_files/dir4/cert51.crt | 18 ++ tests/data_files/dir4/cert52.crt | 19 ++ tests/data_files/dir4/cert53.crt | 19 ++ tests/data_files/dir4/cert54.crt | 19 ++ tests/data_files/dir4/cert61.crt | 18 ++ tests/data_files/dir4/cert62.crt | 19 ++ tests/data_files/dir4/cert63.crt | 19 ++ tests/data_files/dir4/cert71.crt | 18 ++ tests/data_files/dir4/cert72.crt | 19 ++ tests/data_files/dir4/cert73.crt | 19 ++ tests/data_files/dir4/cert74.crt | 19 ++ tests/data_files/dir4/cert81.crt | 11 + tests/data_files/dir4/cert82.crt | 11 + tests/data_files/dir4/cert83.crt | 11 + tests/data_files/dir4/cert91.crt | 11 + tests/data_files/dir4/cert92.crt | 11 + tests/data_files/enco-ca-prstr.pem | 14 + tests/data_files/enco-cert-utf8str.pem | 13 + tests/data_files/format_gen.pub | 6 + tests/data_files/format_pkcs12.fmt | Bin 0 -> 3381 bytes tests/data_files/keyUsage.decipherOnly.crt | 14 + tests/data_files/passwd.psk | 1 + tests/data_files/rsa_pkcs8_1024_public.der | Bin 0 -> 162 bytes tests/data_files/server1-ms.req.sha256 | 16 ++ tests/data_files/server1-nospace.crt | 21 ++ tests/data_files/server1-v1.crt | 19 ++ tests/data_files/server1.cert_type.crt | 20 ++ .../server1.cert_type.crt.openssl.v3_ext | 5 + .../data_files/server1.cert_type_noauthid.crt | 20 ++ tests/data_files/server1.crt | 20 ++ tests/data_files/server1.crt.openssl.v3_ext | 4 + tests/data_files/server1.csr | 16 ++ tests/data_files/server1.der | Bin 0 -> 835 bytes tests/data_files/server1.ext_ku.crt | 22 ++ tests/data_files/server1.key_usage.crt | 20 ++ .../server1.key_usage.crt.openssl.v3_ext | 5 + .../data_files/server1.key_usage_noauthid.crt | 20 ++ tests/data_files/server1.noauthid.crt | 19 ++ tests/data_files/server1.req.cert_type | 17 ++ tests/data_files/server1.req.cert_type_empty | 17 ++ tests/data_files/server1.req.key_usage | 17 ++ tests/data_files/server1.req.key_usage_empty | 17 ++ tests/data_files/server1.req.ku-ct | 17 ++ tests/data_files/server1.req.md4 | 16 ++ tests/data_files/server1.req.md5 | 16 ++ tests/data_files/server1.req.sha1 | 16 ++ tests/data_files/server1.req.sha224 | 16 ++ tests/data_files/server1.req.sha256 | 16 ++ tests/data_files/server1.req.sha384 | 16 ++ tests/data_files/server1.req.sha512 | 16 ++ tests/data_files/server1.v1.crt | 18 ++ tests/data_files/server10-badsign.crt | 10 + tests/data_files/server10-bs_int3.pem | 22 ++ tests/data_files/server10.crt | 10 + tests/data_files/server10.key | 5 + tests/data_files/server10_int3-bs.pem | 22 ++ tests/data_files/server10_int3_int-ca2.crt | 40 +++ tests/data_files/server10_int3_int-ca2_ca.crt | 120 +++++++++ .../server10_int3_spurious_int-ca2.crt | 64 +++++ tests/data_files/server1_ca.crt | 41 +++ tests/data_files/server1_csr.opensslconf | 10 + tests/data_files/server2-badsign.crt | 20 ++ tests/data_files/server2-sha256.crt | 20 ++ tests/data_files/server2-v1-chain.crt | 38 +++ tests/data_files/server2-v1.crt | 19 ++ tests/data_files/server2.crt | 20 ++ tests/data_files/server2.der | Bin 0 -> 827 bytes tests/data_files/server2.ku-ds.crt | 21 ++ tests/data_files/server2.ku-ds_ke.crt | 21 ++ tests/data_files/server2.ku-ka.crt | 21 ++ tests/data_files/server2.ku-ke.crt | 21 ++ tests/data_files/server3.crt | 17 ++ tests/data_files/server3.key | 5 + tests/data_files/server4.crt | 18 ++ tests/data_files/server4.key | 27 ++ tests/data_files/server5-badsign.crt | 14 + tests/data_files/server5-der0.crt | Bin 0 -> 547 bytes tests/data_files/server5-der1a.crt | Bin 0 -> 548 bytes tests/data_files/server5-der1b.crt | Bin 0 -> 548 bytes tests/data_files/server5-der2.crt | Bin 0 -> 549 bytes tests/data_files/server5-der4.crt | Bin 0 -> 551 bytes tests/data_files/server5-der8.crt | Bin 0 -> 555 bytes tests/data_files/server5-der9.crt | Bin 0 -> 556 bytes tests/data_files/server5-expired.crt | 14 + tests/data_files/server5-future.crt | 14 + tests/data_files/server5-selfsigned.crt | 12 + tests/data_files/server5-sha1.crt | 14 + tests/data_files/server5-sha224.crt | 14 + tests/data_files/server5-sha384.crt | 14 + tests/data_files/server5-sha512.crt | 14 + tests/data_files/server5-ss-expired.crt | 12 + tests/data_files/server5-ss-forgeca.crt | 11 + tests/data_files/server5.crt | 14 + tests/data_files/server5.eku-cli.crt | 13 + tests/data_files/server5.eku-cs.crt | 13 + tests/data_files/server5.eku-cs_any.crt | 13 + tests/data_files/server5.eku-srv.crt | 13 + tests/data_files/server5.eku-srv_cli.crt | 13 + tests/data_files/server5.ku-ds.crt | 14 + tests/data_files/server5.ku-ka.crt | 14 + tests/data_files/server5.ku-ke.crt | 14 + tests/data_files/server5.req.ku.sha1 | 8 + tests/data_files/server5.req.sha1 | 8 + tests/data_files/server5.req.sha224 | 8 + tests/data_files/server5.req.sha256 | 8 + tests/data_files/server5.req.sha384 | 8 + tests/data_files/server5.req.sha512 | 8 + tests/data_files/server6-ss-child.crt | 13 + tests/data_files/server6.crt | 14 + tests/data_files/server6.key | 5 + tests/data_files/server7-badsign.crt | 47 ++++ tests/data_files/server7-expired.crt | 47 ++++ tests/data_files/server7-future.crt | 47 ++++ tests/data_files/server7.crt | 23 ++ tests/data_files/server7.key | 5 + tests/data_files/server7_all_space.crt | 47 ++++ tests/data_files/server7_int-ca-exp.crt | 47 ++++ tests/data_files/server7_int-ca.crt | 47 ++++ tests/data_files/server7_int-ca_ca2.crt | 62 +++++ tests/data_files/server7_pem_space.crt | 47 ++++ tests/data_files/server7_spurious_int-ca.crt | 65 +++++ tests/data_files/server7_trailing_space.crt | 47 ++++ tests/data_files/server8.crt | 18 ++ tests/data_files/server8.key | 27 ++ tests/data_files/server8_int-ca2.crt | 36 +++ tests/data_files/server9-bad-mgfhash.crt | 20 ++ tests/data_files/server9-bad-saltlen.crt | 20 ++ tests/data_files/server9-badsign.crt | 19 ++ tests/data_files/server9-defaults.crt | 19 ++ tests/data_files/server9-sha224.crt | 20 ++ tests/data_files/server9-sha256.crt | 20 ++ tests/data_files/server9-sha384.crt | 20 ++ tests/data_files/server9-sha512.crt | 20 ++ tests/data_files/server9-with-ca.crt | 99 +++++++ tests/data_files/server9.crt | 19 ++ tests/data_files/server9.key | 15 ++ tests/data_files/server9.req.sha1 | 11 + tests/data_files/server9.req.sha224 | 12 + tests/data_files/server9.req.sha256 | 12 + tests/data_files/server9.req.sha384 | 12 + tests/data_files/server9.req.sha512 | 12 + tests/data_files/test-ca-alt-good.crt | 41 +++ tests/data_files/test-ca-alt.crt | 21 ++ tests/data_files/test-ca-alt.csr | 16 ++ tests/data_files/test-ca-alt.key | 27 ++ tests/data_files/test-ca-good-alt.crt | 41 +++ tests/data_files/test-ca-sha1.crt | 20 ++ tests/data_files/test-ca-sha256.crt | 20 ++ tests/data_files/test-ca-v1.crt | 19 ++ tests/data_files/test-ca.crt | 20 ++ tests/data_files/test-ca.der | Bin 0 -> 837 bytes tests/data_files/test-ca.opensslconf | 28 ++ tests/data_files/test-ca.server1.opensslconf | 18 ++ tests/data_files/test-ca2-expired.crt | 13 + tests/data_files/test-ca2.crt | 15 ++ tests/data_files/test-ca2.key | 6 + tests/data_files/test-ca2.ku-crl.crt | 12 + tests/data_files/test-ca2.ku-crt.crt | 12 + tests/data_files/test-ca2.ku-crt_crl.crt | 12 + tests/data_files/test-ca2.ku-ds.crt | 12 + .../test-ca2_cat-future-invalid.crt | 27 ++ .../test-ca2_cat-future-present.crt | 28 ++ .../data_files/test-ca2_cat-past-invalid.crt | 27 ++ .../data_files/test-ca2_cat-past-present.crt | 28 ++ .../test-ca2_cat-present-future.crt | 28 ++ .../data_files/test-ca2_cat-present-past.crt | 28 ++ tests/data_files/test-ca_cat12.crt | 35 +++ tests/data_files/test-ca_cat21.crt | 35 +++ tests/data_files/test-ca_printable.crt | 21 ++ tests/data_files/test-ca_uppercase.crt | 20 ++ tests/data_files/test-ca_utf8.crt | 20 ++ tests/data_files/test-int-ca-exp.crt | 24 ++ tests/data_files/test-int-ca.crt | 24 ++ tests/data_files/test-int-ca.key | 51 ++++ tests/data_files/test-int-ca2.crt | 18 ++ tests/data_files/test-int-ca2.key | 6 + tests/data_files/test-int-ca3-badsign.crt | 12 + tests/data_files/test-int-ca3.crt | 12 + tests/data_files/test-int-ca3.key | 8 + 319 files changed, 9039 insertions(+) create mode 100644 tests/data_files/Readme-x509.txt create mode 100644 tests/data_files/bitstring-in-dn.pem create mode 100644 tests/data_files/cert_example_multi.crt create mode 100644 tests/data_files/cert_example_multi_nocn.crt create mode 100644 tests/data_files/cert_example_wildcard.crt create mode 100644 tests/data_files/cert_md2.crt create mode 100644 tests/data_files/cert_md4.crt create mode 100644 tests/data_files/cert_md5.crt create mode 100644 tests/data_files/cert_sha1.crt create mode 100644 tests/data_files/cert_sha224.crt create mode 100644 tests/data_files/cert_sha256.crt create mode 100644 tests/data_files/cert_sha384.crt create mode 100644 tests/data_files/cert_sha512.crt create mode 100644 tests/data_files/cert_v1_with_ext.crt create mode 100644 tests/data_files/cli-rsa-sha1.crt create mode 100644 tests/data_files/cli-rsa-sha256.crt create mode 100644 tests/data_files/cli.opensslconf create mode 100644 tests/data_files/cli2.crt create mode 100644 tests/data_files/cli2.key create mode 100644 tests/data_files/crl-ec-sha1.pem create mode 100644 tests/data_files/crl-ec-sha224.pem create mode 100644 tests/data_files/crl-ec-sha256.pem create mode 100644 tests/data_files/crl-ec-sha384.pem create mode 100644 tests/data_files/crl-ec-sha512.pem create mode 100644 tests/data_files/crl-future.pem create mode 100644 tests/data_files/crl-idp.pem create mode 100644 tests/data_files/crl-idpnc.pem create mode 100644 tests/data_files/crl-malformed-trailing-spaces.pem create mode 100644 tests/data_files/crl-rsa-pss-sha1-badsign.pem create mode 100644 tests/data_files/crl-rsa-pss-sha1.pem create mode 100644 tests/data_files/crl-rsa-pss-sha224.pem create mode 100644 tests/data_files/crl-rsa-pss-sha256.pem create mode 100644 tests/data_files/crl-rsa-pss-sha384.pem create mode 100644 tests/data_files/crl-rsa-pss-sha512.pem create mode 100644 tests/data_files/crl.pem create mode 100644 tests/data_files/crl_cat_ec-rsa.pem create mode 100644 tests/data_files/crl_cat_ecfut-rsa.pem create mode 100644 tests/data_files/crl_cat_rsa-ec.pem create mode 100644 tests/data_files/crl_cat_rsabadpem-ec.pem create mode 100644 tests/data_files/crl_expired.pem create mode 100644 tests/data_files/crl_md2.pem create mode 100644 tests/data_files/crl_md4.pem create mode 100644 tests/data_files/crl_md5.pem create mode 100644 tests/data_files/crl_sha1.pem create mode 100644 tests/data_files/crl_sha224.pem create mode 100644 tests/data_files/crl_sha256.pem create mode 100644 tests/data_files/crl_sha384.pem create mode 100644 tests/data_files/crl_sha512.pem create mode 100644 tests/data_files/crt_cat_rsaexp-ec.pem create mode 100644 tests/data_files/dh.1000.pem create mode 100644 tests/data_files/dir-maxpath/00.crt create mode 100644 tests/data_files/dir-maxpath/00.key create mode 100644 tests/data_files/dir-maxpath/01.crt create mode 100644 tests/data_files/dir-maxpath/01.key create mode 100644 tests/data_files/dir-maxpath/02.crt create mode 100644 tests/data_files/dir-maxpath/02.key create mode 100644 tests/data_files/dir-maxpath/03.crt create mode 100644 tests/data_files/dir-maxpath/03.key create mode 100644 tests/data_files/dir-maxpath/04.crt create mode 100644 tests/data_files/dir-maxpath/04.key create mode 100644 tests/data_files/dir-maxpath/05.crt create mode 100644 tests/data_files/dir-maxpath/05.key create mode 100644 tests/data_files/dir-maxpath/06.crt create mode 100644 tests/data_files/dir-maxpath/06.key create mode 100644 tests/data_files/dir-maxpath/07.crt create mode 100644 tests/data_files/dir-maxpath/07.key create mode 100644 tests/data_files/dir-maxpath/08.crt create mode 100644 tests/data_files/dir-maxpath/08.key create mode 100644 tests/data_files/dir-maxpath/09.crt create mode 100644 tests/data_files/dir-maxpath/09.key create mode 100644 tests/data_files/dir-maxpath/10.crt create mode 100644 tests/data_files/dir-maxpath/10.key create mode 100644 tests/data_files/dir-maxpath/11.crt create mode 100644 tests/data_files/dir-maxpath/11.key create mode 100644 tests/data_files/dir-maxpath/12.crt create mode 100644 tests/data_files/dir-maxpath/12.key create mode 100644 tests/data_files/dir-maxpath/13.crt create mode 100644 tests/data_files/dir-maxpath/13.key create mode 100644 tests/data_files/dir-maxpath/14.crt create mode 100644 tests/data_files/dir-maxpath/14.key create mode 100644 tests/data_files/dir-maxpath/15.crt create mode 100644 tests/data_files/dir-maxpath/15.key create mode 100644 tests/data_files/dir-maxpath/16.crt create mode 100644 tests/data_files/dir-maxpath/16.key create mode 100644 tests/data_files/dir-maxpath/17.crt create mode 100644 tests/data_files/dir-maxpath/17.key create mode 100644 tests/data_files/dir-maxpath/18.crt create mode 100644 tests/data_files/dir-maxpath/18.key create mode 100644 tests/data_files/dir-maxpath/19.crt create mode 100644 tests/data_files/dir-maxpath/19.key create mode 100644 tests/data_files/dir-maxpath/20.crt create mode 100644 tests/data_files/dir-maxpath/20.key create mode 100644 tests/data_files/dir-maxpath/Readme.txt create mode 100644 tests/data_files/dir-maxpath/c00.pem create mode 100644 tests/data_files/dir-maxpath/c01.pem create mode 100644 tests/data_files/dir-maxpath/c02.pem create mode 100644 tests/data_files/dir-maxpath/c03.pem create mode 100644 tests/data_files/dir-maxpath/c04.pem create mode 100644 tests/data_files/dir-maxpath/c05.pem create mode 100644 tests/data_files/dir-maxpath/c06.pem create mode 100644 tests/data_files/dir-maxpath/c07.pem create mode 100644 tests/data_files/dir-maxpath/c08.pem create mode 100644 tests/data_files/dir-maxpath/c09.pem create mode 100644 tests/data_files/dir-maxpath/c10.pem create mode 100644 tests/data_files/dir-maxpath/c11.pem create mode 100644 tests/data_files/dir-maxpath/c12.pem create mode 100644 tests/data_files/dir-maxpath/c13.pem create mode 100644 tests/data_files/dir-maxpath/c14.pem create mode 100644 tests/data_files/dir-maxpath/c15.pem create mode 100644 tests/data_files/dir-maxpath/c16.pem create mode 100644 tests/data_files/dir-maxpath/c17.pem create mode 100644 tests/data_files/dir-maxpath/c18.pem create mode 100644 tests/data_files/dir-maxpath/c19.pem create mode 100644 tests/data_files/dir-maxpath/c20.pem create mode 100644 tests/data_files/dir-maxpath/int.opensslconf create mode 100755 tests/data_files/dir-maxpath/long.sh create mode 100644 tests/data_files/dir1/test-ca.crt create mode 100644 tests/data_files/dir2/test-ca.crt create mode 100644 tests/data_files/dir2/test-ca2.crt create mode 100644 tests/data_files/dir3/Readme create mode 100644 tests/data_files/dir3/test-ca.crt create mode 100644 tests/data_files/dir3/test-ca2.crt create mode 100644 tests/data_files/dir4/Readme create mode 100644 tests/data_files/dir4/cert11.crt create mode 100644 tests/data_files/dir4/cert12.crt create mode 100644 tests/data_files/dir4/cert13.crt create mode 100644 tests/data_files/dir4/cert14.crt create mode 100644 tests/data_files/dir4/cert21.crt create mode 100644 tests/data_files/dir4/cert22.crt create mode 100644 tests/data_files/dir4/cert23.crt create mode 100644 tests/data_files/dir4/cert31.crt create mode 100644 tests/data_files/dir4/cert32.crt create mode 100644 tests/data_files/dir4/cert33.crt create mode 100644 tests/data_files/dir4/cert34.crt create mode 100644 tests/data_files/dir4/cert41.crt create mode 100644 tests/data_files/dir4/cert42.crt create mode 100644 tests/data_files/dir4/cert43.crt create mode 100644 tests/data_files/dir4/cert44.crt create mode 100644 tests/data_files/dir4/cert45.crt create mode 100644 tests/data_files/dir4/cert51.crt create mode 100644 tests/data_files/dir4/cert52.crt create mode 100644 tests/data_files/dir4/cert53.crt create mode 100644 tests/data_files/dir4/cert54.crt create mode 100644 tests/data_files/dir4/cert61.crt create mode 100644 tests/data_files/dir4/cert62.crt create mode 100644 tests/data_files/dir4/cert63.crt create mode 100644 tests/data_files/dir4/cert71.crt create mode 100644 tests/data_files/dir4/cert72.crt create mode 100644 tests/data_files/dir4/cert73.crt create mode 100644 tests/data_files/dir4/cert74.crt create mode 100644 tests/data_files/dir4/cert81.crt create mode 100644 tests/data_files/dir4/cert82.crt create mode 100644 tests/data_files/dir4/cert83.crt create mode 100644 tests/data_files/dir4/cert91.crt create mode 100644 tests/data_files/dir4/cert92.crt create mode 100644 tests/data_files/enco-ca-prstr.pem create mode 100644 tests/data_files/enco-cert-utf8str.pem create mode 100644 tests/data_files/format_gen.pub create mode 100644 tests/data_files/format_pkcs12.fmt create mode 100644 tests/data_files/keyUsage.decipherOnly.crt create mode 100644 tests/data_files/passwd.psk create mode 100644 tests/data_files/rsa_pkcs8_1024_public.der create mode 100644 tests/data_files/server1-ms.req.sha256 create mode 100644 tests/data_files/server1-nospace.crt create mode 100644 tests/data_files/server1-v1.crt create mode 100644 tests/data_files/server1.cert_type.crt create mode 100644 tests/data_files/server1.cert_type.crt.openssl.v3_ext create mode 100644 tests/data_files/server1.cert_type_noauthid.crt create mode 100644 tests/data_files/server1.crt create mode 100644 tests/data_files/server1.crt.openssl.v3_ext create mode 100644 tests/data_files/server1.csr create mode 100644 tests/data_files/server1.der create mode 100644 tests/data_files/server1.ext_ku.crt create mode 100644 tests/data_files/server1.key_usage.crt create mode 100644 tests/data_files/server1.key_usage.crt.openssl.v3_ext create mode 100644 tests/data_files/server1.key_usage_noauthid.crt create mode 100644 tests/data_files/server1.noauthid.crt create mode 100644 tests/data_files/server1.req.cert_type create mode 100644 tests/data_files/server1.req.cert_type_empty create mode 100644 tests/data_files/server1.req.key_usage create mode 100644 tests/data_files/server1.req.key_usage_empty create mode 100644 tests/data_files/server1.req.ku-ct create mode 100644 tests/data_files/server1.req.md4 create mode 100644 tests/data_files/server1.req.md5 create mode 100644 tests/data_files/server1.req.sha1 create mode 100644 tests/data_files/server1.req.sha224 create mode 100644 tests/data_files/server1.req.sha256 create mode 100644 tests/data_files/server1.req.sha384 create mode 100644 tests/data_files/server1.req.sha512 create mode 100644 tests/data_files/server1.v1.crt create mode 100644 tests/data_files/server10-badsign.crt create mode 100644 tests/data_files/server10-bs_int3.pem create mode 100644 tests/data_files/server10.crt create mode 100644 tests/data_files/server10.key create mode 100644 tests/data_files/server10_int3-bs.pem create mode 100644 tests/data_files/server10_int3_int-ca2.crt create mode 100644 tests/data_files/server10_int3_int-ca2_ca.crt create mode 100644 tests/data_files/server10_int3_spurious_int-ca2.crt create mode 100644 tests/data_files/server1_ca.crt create mode 100644 tests/data_files/server1_csr.opensslconf create mode 100644 tests/data_files/server2-badsign.crt create mode 100644 tests/data_files/server2-sha256.crt create mode 100644 tests/data_files/server2-v1-chain.crt create mode 100644 tests/data_files/server2-v1.crt create mode 100644 tests/data_files/server2.crt create mode 100644 tests/data_files/server2.der create mode 100644 tests/data_files/server2.ku-ds.crt create mode 100644 tests/data_files/server2.ku-ds_ke.crt create mode 100644 tests/data_files/server2.ku-ka.crt create mode 100644 tests/data_files/server2.ku-ke.crt create mode 100644 tests/data_files/server3.crt create mode 100644 tests/data_files/server3.key create mode 100644 tests/data_files/server4.crt create mode 100644 tests/data_files/server4.key create mode 100644 tests/data_files/server5-badsign.crt create mode 100644 tests/data_files/server5-der0.crt create mode 100644 tests/data_files/server5-der1a.crt create mode 100644 tests/data_files/server5-der1b.crt create mode 100644 tests/data_files/server5-der2.crt create mode 100644 tests/data_files/server5-der4.crt create mode 100644 tests/data_files/server5-der8.crt create mode 100644 tests/data_files/server5-der9.crt create mode 100644 tests/data_files/server5-expired.crt create mode 100644 tests/data_files/server5-future.crt create mode 100644 tests/data_files/server5-selfsigned.crt create mode 100644 tests/data_files/server5-sha1.crt create mode 100644 tests/data_files/server5-sha224.crt create mode 100644 tests/data_files/server5-sha384.crt create mode 100644 tests/data_files/server5-sha512.crt create mode 100644 tests/data_files/server5-ss-expired.crt create mode 100644 tests/data_files/server5-ss-forgeca.crt create mode 100644 tests/data_files/server5.crt create mode 100644 tests/data_files/server5.eku-cli.crt create mode 100644 tests/data_files/server5.eku-cs.crt create mode 100644 tests/data_files/server5.eku-cs_any.crt create mode 100644 tests/data_files/server5.eku-srv.crt create mode 100644 tests/data_files/server5.eku-srv_cli.crt create mode 100644 tests/data_files/server5.ku-ds.crt create mode 100644 tests/data_files/server5.ku-ka.crt create mode 100644 tests/data_files/server5.ku-ke.crt create mode 100644 tests/data_files/server5.req.ku.sha1 create mode 100644 tests/data_files/server5.req.sha1 create mode 100644 tests/data_files/server5.req.sha224 create mode 100644 tests/data_files/server5.req.sha256 create mode 100644 tests/data_files/server5.req.sha384 create mode 100644 tests/data_files/server5.req.sha512 create mode 100644 tests/data_files/server6-ss-child.crt create mode 100644 tests/data_files/server6.crt create mode 100644 tests/data_files/server6.key create mode 100644 tests/data_files/server7-badsign.crt create mode 100644 tests/data_files/server7-expired.crt create mode 100644 tests/data_files/server7-future.crt create mode 100644 tests/data_files/server7.crt create mode 100644 tests/data_files/server7.key create mode 100644 tests/data_files/server7_all_space.crt create mode 100644 tests/data_files/server7_int-ca-exp.crt create mode 100644 tests/data_files/server7_int-ca.crt create mode 100644 tests/data_files/server7_int-ca_ca2.crt create mode 100644 tests/data_files/server7_pem_space.crt create mode 100644 tests/data_files/server7_spurious_int-ca.crt create mode 100644 tests/data_files/server7_trailing_space.crt create mode 100644 tests/data_files/server8.crt create mode 100644 tests/data_files/server8.key create mode 100644 tests/data_files/server8_int-ca2.crt create mode 100644 tests/data_files/server9-bad-mgfhash.crt create mode 100644 tests/data_files/server9-bad-saltlen.crt create mode 100644 tests/data_files/server9-badsign.crt create mode 100644 tests/data_files/server9-defaults.crt create mode 100644 tests/data_files/server9-sha224.crt create mode 100644 tests/data_files/server9-sha256.crt create mode 100644 tests/data_files/server9-sha384.crt create mode 100644 tests/data_files/server9-sha512.crt create mode 100644 tests/data_files/server9-with-ca.crt create mode 100644 tests/data_files/server9.crt create mode 100644 tests/data_files/server9.key create mode 100644 tests/data_files/server9.req.sha1 create mode 100644 tests/data_files/server9.req.sha224 create mode 100644 tests/data_files/server9.req.sha256 create mode 100644 tests/data_files/server9.req.sha384 create mode 100644 tests/data_files/server9.req.sha512 create mode 100644 tests/data_files/test-ca-alt-good.crt create mode 100644 tests/data_files/test-ca-alt.crt create mode 100644 tests/data_files/test-ca-alt.csr create mode 100644 tests/data_files/test-ca-alt.key create mode 100644 tests/data_files/test-ca-good-alt.crt create mode 100644 tests/data_files/test-ca-sha1.crt create mode 100644 tests/data_files/test-ca-sha256.crt create mode 100644 tests/data_files/test-ca-v1.crt create mode 100644 tests/data_files/test-ca.crt create mode 100644 tests/data_files/test-ca.der create mode 100644 tests/data_files/test-ca.opensslconf create mode 100644 tests/data_files/test-ca.server1.opensslconf create mode 100644 tests/data_files/test-ca2-expired.crt create mode 100644 tests/data_files/test-ca2.crt create mode 100644 tests/data_files/test-ca2.key create mode 100644 tests/data_files/test-ca2.ku-crl.crt create mode 100644 tests/data_files/test-ca2.ku-crt.crt create mode 100644 tests/data_files/test-ca2.ku-crt_crl.crt create mode 100644 tests/data_files/test-ca2.ku-ds.crt create mode 100644 tests/data_files/test-ca2_cat-future-invalid.crt create mode 100644 tests/data_files/test-ca2_cat-future-present.crt create mode 100644 tests/data_files/test-ca2_cat-past-invalid.crt create mode 100644 tests/data_files/test-ca2_cat-past-present.crt create mode 100644 tests/data_files/test-ca2_cat-present-future.crt create mode 100644 tests/data_files/test-ca2_cat-present-past.crt create mode 100644 tests/data_files/test-ca_cat12.crt create mode 100644 tests/data_files/test-ca_cat21.crt create mode 100644 tests/data_files/test-ca_printable.crt create mode 100644 tests/data_files/test-ca_uppercase.crt create mode 100644 tests/data_files/test-ca_utf8.crt create mode 100644 tests/data_files/test-int-ca-exp.crt create mode 100644 tests/data_files/test-int-ca.crt create mode 100644 tests/data_files/test-int-ca.key create mode 100644 tests/data_files/test-int-ca2.crt create mode 100644 tests/data_files/test-int-ca2.key create mode 100644 tests/data_files/test-int-ca3-badsign.crt create mode 100644 tests/data_files/test-int-ca3.crt create mode 100644 tests/data_files/test-int-ca3.key diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 8694d0187..7f31cc874 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -63,7 +63,52 @@ test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@ all_final += test-ca-sha256.crt +test_ca_key_file_rsa_alt = test-ca-alt.key + +$(test_ca_key_file_rsa_alt): + $(OPENSSL) genrsa -out $@ 2048 +test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) + $(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ +all_intermediate += test-ca-alt.csr +test-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr + $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@ +all_final += test-ca-alt.crt +test-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt + cat test-ca-alt.crt test-ca-sha256.crt > $@ +all_final += test-ca-alt-good.crt +test-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt + cat test-ca-sha256.crt test-ca-alt.crt > $@ +all_final += test-ca-good-alt.crt + +test_ca_crt_file_ec = test-ca2.crt +test_ca_key_file_ec = test-ca2.key + +test_ca_crt_cat12 = test-ca_cat12.crt +$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec) + cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@ +all_final += $(test_ca_crt_cat12) + +test_ca_crt_cat21 = test-ca_cat21.crt +$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec) + cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@ +all_final += $(test_ca_crt_cat21) + +test-int-ca.csr: test-int-ca.key $(test_ca_config_file) + $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@ +all_intermediate += test-int-ca.csr +test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr + $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ +all_final += test-int-ca-exp.crt + +crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) + $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@ +all_final += crl-idp.pem +crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) + $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@ +all_final += crl-idpnc.pem + cli_crt_key_file_rsa = cli-rsa.key +cli_crt_extensions_file = cli.opensslconf cli-rsa.csr: $(cli_crt_key_file_rsa) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1 @@ -78,10 +123,56 @@ all_final += cli-rsa-sha256.crt test_ca_int_rsa1 = test-int-ca.crt +server7.csr: server7.key + $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@ +all_intermediate += server7.csr +server7-expired.crt: server7.csr $(test_ca_int_rsa1) + $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ +all_final += server7-expired.crt +server7-future.crt: server7.csr $(test_ca_int_rsa1) + $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ +all_final += server7-future.crt +server7-badsign.crt: server7.crt $(test_ca_int_rsa1) + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@ +all_final += server7-badsign.crt +server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt + cat server7.crt test-int-ca-exp.crt > $@ +all_final += server7_int-ca-exp.crt + +server5-ss-expired.crt: server5.key + $(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@ +all_final += server5-ss-expired.crt + +# try to forge a copy of test-int-ca3 with different key +server5-ss-forgeca.crt: server5.key + $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@ +all_final += server5-ss-forgeca.crt + +server10-badsign.crt: server10.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server10-badsign.crt +server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt + cat server10-badsign.crt test-int-ca3.crt > $@ +all_final += server10-bs_int3.pem +test-int-ca3-badsign.crt: test-int-ca3.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += test-int-ca3-badsign.crt +server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt + cat server10.crt test-int-ca3-badsign.crt > $@ +all_final += server10_int3-bs.pem + +rsa_pkcs1_2048_public.pem: server8.key + $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@ +all_final += rsa_pkcs1_2048_public.pem + rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem $(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@ all_final += rsa_pkcs1_2048_public.der +rsa_pkcs8_2048_public.pem: server8.key + $(OPENSSL) rsa -in $< -outform PEM -pubout -out $@ +all_final += rsa_pkcs8_2048_public.pem + rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@ all_final += rsa_pkcs8_2048_public.der @@ -660,16 +751,140 @@ all_final += ec_prv.pk8param.pem ### Generate CSRs for X.509 write test suite ################################################################ +server1.req.sha1: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 +all_final += server1.req.sha1 + +server1.req.md4: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4 +all_final += server1.req.md4 + +server1.req.md5: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5 +all_final += server1.req.md5 + +server1.req.sha224: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224 +all_final += server1.req.sha224 + +server1.req.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256 +all_final += server1.req.sha256 + +server1.req.sha384: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384 +all_final += server1.req.sha384 + +server1.req.sha512: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512 +all_final += server1.req.sha512 + +server1.req.cert_type: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 +all_final += server1.req.cert_type + +server1.req.key_usage: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 +all_final += server1.req.key_usage + +server1.req.ku-ct: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 +all_final += server1.req.ku-ct + +server1.req.key_usage_empty: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1 +all_final += server1.req.key_usage_empty + +server1.req.cert_type_empty: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1 +all_final += server1.req.cert_type_empty + # server2* server2.req.sha256: server2.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256 all_intermediate += server2.req.sha256 +# server5* + +# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.' +server5.req.ku.sha1: server5.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 +all_final += server5.req.ku.sha1 + ################################################################ ### Generate certificates for CRT write check tests ################################################################ +### The test files use the Mbed TLS generated certificates server1*.crt, +### but for comparison with OpenSSL also rules for OpenSSL-generated +### certificates server1*.crt.openssl are offered. +### +### Known differences: +### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension +### as unused bits, while Mbed TLS doesn't. + +test_ca_server1_db = test-ca.server1.db +test_ca_server1_serial = test-ca.server1.serial +test_ca_server1_config_file = test-ca.server1.opensslconf + +# server1* + +server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@ +server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ +server1.der: server1.crt + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ +all_final += server1.crt server1.noauthid.crt server1.der + +server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ +server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@ +server1.key_usage.der: server1.key_usage.crt + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ +all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der + +server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@ +server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@ +server1.cert_type.der: server1.cert_type.crt + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ +all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der + +server1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=1 output_file=$@ +server1.v1.der: server1.v1.crt + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ +all_final += server1.v1.crt server1.v1.der + +# OpenSSL-generated certificates for comparison +# Also provide certificates in DER format to allow +# direct binary comparison using e.g. dumpasn1 +server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) + echo "01" > $(test_ca_server1_serial) + rm -f $(test_ca_server1_db) + touch $(test_ca_server1_db) + $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@ +server1.der.openssl: server1.crt.openssl + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ +server1.key_usage.der.openssl: server1.key_usage.crt.openssl + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ +server1.cert_type.der.openssl: server1.cert_type.crt.openssl + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ + +server1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file) + echo "01" > $(test_ca_server1_serial) + rm -f $(test_ca_server1_db) + touch $(test_ca_server1_db) + $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@ +server1.v1.der.openssl: server1.v1.crt.openssl + $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ + +server1_all: server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl + # server2* server2.crt: server2.req.sha256 @@ -701,6 +916,7 @@ all: $(all_intermediate) $(all_final) .PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024 .PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048 .PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096 +.PHONY: server1_all # These files should not be committed to the repository. list_intermediate: diff --git a/tests/data_files/Readme-x509.txt b/tests/data_files/Readme-x509.txt new file mode 100644 index 000000000..6f54ed0c1 --- /dev/null +++ b/tests/data_files/Readme-x509.txt @@ -0,0 +1,131 @@ +This documents the X.509 CAs, certificates, and CRLS used for testing. + +Certification authorities +------------------------- + +There are two main CAs for use as trusted roots: +- test-ca.crt aka "C=NL, O=PolarSSL, CN=PolarSSL Test CA" + uses a RSA-2048 key + test-ca-sha1.crt and test-ca-sha256.crt use the same key, signed with + different hashes. +- test-ca2*.crt aka "C=NL, O=PolarSSL, CN=Polarssl Test EC CA" + uses an EC key with NIST P-384 (aka secp384r1) + variants used to test the keyUsage extension +The files test-ca_cat12 and test-ca_cat21 contain them concatenated both ways. + +Two intermediate CAs are signed by them: +- test-int-ca.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA" + uses RSA-4096, signed by test-ca2 + - test-int-ca-exp.crt is a copy that is expired +- test-int-ca2.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA" + uses an EC key with NIST P-384, signed by test-ca + +A third intermediate CA is signed by test-int-ca2.crt: +- test-int-ca3.crt "C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3" + uses an EC key with NIST P-256, signed by test-int-ca2 + +Finally, other CAs for specific purposes: +- enco-ca-prstr.pem: has its CN encoded as a printable string, but child cert + enco-cert-utf8str.pem has its issuer's CN encoded as a UTF-8 string. +- test-ca-v1.crt: v1 "CA", signs + server1-v1.crt: v1 "intermediate CA", signs + server2-v1*.crt: EE cert (without of with chain in same file) +- keyUsage.decipherOnly.crt: has the decipherOnly keyUsage bit set + +End-entity certificates +----------------------- + +Short information fields: + +- name or pattern +- issuing CA: 1 -> test-ca.crt + 2 -> test-ca2.crt + I1 -> test-int-ca.crt + I2 -> test-int-ca2.crt + I3 -> test-int-ca3.crt + O -> other +- key type: R -> RSA, E -> EC +- C -> there is a CRL revoking this cert (see below) +- L -> CN=localhost (useful for local test servers) +- P1, P2 if the file includes parent (resp. parent + grandparent) +- free-form comments + +List of certificates: + +- cert_example_multi*.crt: 1/O R: subjectAltName +- cert_example_wildcard.crt: 1 R: wildcard in subject's CN +- cert_md*.crt, cert_sha*.crt: 1 R: signature hash +- cert_v1_with_ext.crt: 1 R: v1 with extensions (illegal) +- cli2.crt: 2 E: basic +- cli-rsa.key, cli-rsa-*.crt: RSA key used for test clients, signed by + the RSA test CA. +- enco-cert-utf8str.pem: see enco-ca-prstr.pem above +- server1*.crt: 1* R C* P1*: misc *(server1-v1 see test-ca-v1.crt above) + *CRL for: .cert_type.crt, .crt, .key_usage.crt, .v1.crt + P1 only for _ca.crt +- server2-v1*.crt: O R: see test-ca-v1.crt above +- server2*.crt: 1 R L: misc +- server3.crt: 1 E L: EC cert signed by RSA CA +- server4.crt: 2 R L: RSA cert signed by EC CA +- server5*.crt: 2* E L: misc *(except -selfsigned and -ss-*) + -sha*: hashes + .eku*: extendeKeyUsage (cli/srv = www client/server, cs = codesign, etc) + .ku*: keyUsage (ds = signatures, ke/ka = key exchange/agreement) + .req*: CSR, not certificate + -der*: trailing bytes in der (?) + -badsign.crt: S5 with corrupted signature + -expired.crt: S5 with "not after" date in the past + -future.crt: S5 with "not before" date in the future + -selfsigned.crt: Self-signed cert with S5 key + -ss-expired.crt: Self-signed cert with S5 key, expired + -ss-forgeca.crt: Copy of test-int-ca3 self-signed with S5 key +- server6-ss-child.crt: O E: "child" of non-CA server5-selfsigned +- server6.crt, server6.pem: 2 E L C: revoked +- server7.crt: I1 E L P1(usually): EC signed by RSA signed by EC + -badsign.crt: S7 with corrupted signature + I1 + -expired.crt: S7 with "not after" date in the past + I1 + -future.crt: S7 with "not before" date in the future + I1 + _int-ca-exp.crt: S7 + expired I1 + _int-ca.crt: S7 + I1 + _int-ca_ca2.crt: S7 + I1 + 2 + _all_space.crt: S7 + I1 both with misplaced spaces (invalid PEM) + _pem_space.crt: S7 with misplace space (invalid PEM) + I1 + _trailing_space.crt: S7 + I1 both with trainling space (valid PEM) + _spurious_int-ca.crt: S7 + I2(spurious) + I1 +- server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2) +- server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS + *CRL for: 9.crt, -badsign, -with-ca (P1) +- server10.crt: I3 E L + -badsign.crt: S10 with corrupted signature + -bs_int3.pem: S10-badsign + I3 + _int3-bs.pem: S10 + I3-badsign + _int3_int-ca2.crt: S10 + I3 + I2 + _int3_int-ca2_ca.crt: S10 + I3 + I2 + 1 + _int3_spurious_int-ca2.crt: S10 + I3 + I1(spurious) + I2 + +Certificate revocation lists +---------------------------- + +Signing CA in parentheses (same meaning as certificates). + +- crl-ec-sha*.pem: (2) server6.crt +- crl-future.pem: (2) server6.crt + unknown +- crl-rsa-pss-*.pem: (1) server9{,badsign,with-ca}.crt + cert_sha384.crt + unknown +- crl.pem, crl_expired.pem: (1) server1{,.cert_type,.key_usage,.v1}.crt + unknown +- crl_md*.pem: crl_sha*.pem: (1) same as crl.pem +- crt_cat_*.pem: (1+2) concatenations in various orders: + ec = crl-ec-sha256.pem, ecfut = crl-future.pem + rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem + +Note: crl_future would revoke server9 and cert_sha384.crt if signed by CA 1 + crl-rsa-pss* would revoke server6.crt if signed by CA 2 + +Generation +---------- + +Newer test files have been generated through commands in the Makefile. The +resulting files are committed to the repository so that the tests can +run without having to re-do the generation and so that the output is the +same for everyone (the generation process is randomized). + +The origin of older certificates has not been recorded. diff --git a/tests/data_files/bitstring-in-dn.pem b/tests/data_files/bitstring-in-dn.pem new file mode 100644 index 000000000..1a98aa3ac --- /dev/null +++ b/tests/data_files/bitstring-in-dn.pem @@ -0,0 +1,51 @@ +-----BEGIN CERTIFICATE----- +MIIEATCCAumgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBxMRMwEQYDVQQDDApUZXN0 +IENBIDAxMREwDwYDVQQIDAhFY25pdm9ycDELMAkGA1UEBhMCWFgxHjAcBgkqhkiG +9w0BCQEWD3RjYUBleGFtcGxlLmNvbTEaMBgGA1UECgwRVGVzdCBDQSBBdXRob3Jp +dHkwHhcNMTUwMzExMTIwNjUxWhcNMjUwMzA4MTIwNjUxWjCBmzELMAkGA1UEBhMC +WFgxDDAKBgNVBAoMA3RjYTERMA8GA1UECAwIRWNuaXZvcnAxDDAKBgNVBAsMA1RD +QTEPMA0GA1UEAwwGQ2xpZW50MSEwHwYJKoZIhvcNAQkBFhJjbGllbnRAZXhhbXBs +ZS5jb20xEzARBgNVBAUTCjcxMDEwMTIyNTUxFDASBgNVBC0DCwA3MTAxMDEyMjU1 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQS0JLb8Dqy8V2mszkWk +V8c/NPQcG3ivueXZHqOT9JTiPqrigGcLHtlmlaJ0aUUxix7q60aOds041TFyeknT +SUFYY4ppOhiP+fOpWKPv4ZMwhSI2XzcgYhQSNHV0lIG1we9RAAfumomDMq7oMJhb +EGf0ihibbwZXPUwBlm10GaB4K93PNY8Bz4ekBxzQ1WJkQ5LGsQnVZSuLnvp5dWSe +J2axxyY4hPXR30jzEyZvy4kv4nzAu5lqZ5XKLrRO4TKwZrtr+CCPVkPJRE36rWYt +tQaJEEpNOo0ZPpTtG6F8/tGh5r8jFx/f6wG+nyANJJ98kEP8i6TPjRrg+697mLcd +iQIDAQABo3kwdzAJBgNVHRMEAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9j +cmwuZXhhbXBsZS5jb20vdGVzdF9jYV8wMS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUH +AwIwHQYDVR0RBBYwFIESY2xpZW50QGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUA +A4IBAQBySELCnU8/PtGIG3dwhJENOSU5R7w8jpRXxHCuSBR+W6nuUCISz+z+EdF/ +A7AOJDASuS+4gkrSSmQhGFpf7E5VbF8trVZhLAZrXqKMcUreKH6v0I8MAUXmIs3G +tqiBGf7pSYJN9DvVOOgANjdy6THuUzYv5qSvBZ4pNYEfHSlMNrV7niynd8dgPOML +pA7GUfv5k2mMkMbSD15pTMgcavrBKYgyqcvF1C3qghfoL5+i38H8sKzF8hy7wHtE +ESHtBq20RYA3m0UcA0e64GcanO2Ps/AQVBc7qMeHbqnqj3uUhtTkQcMUWnMgy1NR +5RbzoLMOxq7hoOCyIaQeM/wgxeGE +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAnQS0JLb8Dqy8V2mszkWkV8c/NPQcG3ivueXZHqOT9JTiPqri +gGcLHtlmlaJ0aUUxix7q60aOds041TFyeknTSUFYY4ppOhiP+fOpWKPv4ZMwhSI2 +XzcgYhQSNHV0lIG1we9RAAfumomDMq7oMJhbEGf0ihibbwZXPUwBlm10GaB4K93P +NY8Bz4ekBxzQ1WJkQ5LGsQnVZSuLnvp5dWSeJ2axxyY4hPXR30jzEyZvy4kv4nzA +u5lqZ5XKLrRO4TKwZrtr+CCPVkPJRE36rWYttQaJEEpNOo0ZPpTtG6F8/tGh5r8j +Fx/f6wG+nyANJJ98kEP8i6TPjRrg+697mLcdiQIDAQABAoIBAF7i3MnjGmbz080v +OxJb23iAG54wdlvTjr3UPGTbjSmcXyxnsADQRFQcJHYAekCzY8EiqewL80OvuMx8 +2SU1P81hA70Dg5tsBHWT3Z6HUwsKG6QYjKr1cUhTwLyazhyAVgogSN6v7GzO9M3I +DOBw8Xb0mz5oqGVre4S7TapN8n8ZG5oWm0XKGACXy0KbzY0KvWdkUzumFQ8X/ARE +FsWyu+O69EbMqZRUKu45SrcubsdVGjOwseZHkmp5V6pc6Q/OrTHZqXJtDva5UIRq ++Lof5scy9jiwwRnM/klvh23mz0ySU4YA3645m5KqyWR4YJCR1MnMANmXUSeYWfYz +19+R1gECgYEAzm83lI7eIhTH38H0/jFpf3R7vNjPX3TR5waa4EXsCxhTOpoL89mR +iNmzH0aOC4OR8rz/9PCnwmtH1lyQ4r/RokBmCp3pBxeWSlenFfV3rLCeEDo0Q/OL +SX5DL4IbZD0VmNDt606WS7AEv93GhpN03Anw6kgHQUm1l030PR9DYZECgYEAwrgO +/RyB/Ehw7smlysZb2sn1lvd6z8fg+pcu8ZNRKODaYCCOb8p1lnHrnIQdEmjhlmVp +HAEuJ5jxCb+lyruV+dlx+0W/p6lHtKr0iBHG8EFkHnjN6Y+59Qu0HfSm0pZw7Ftr +QcUDPuDJkTVUAvrZqciWlwzTWCC9KYXtasT+AHkCgYEAnP80dAUbpyvKvr/RxShr +JYW/PWZegChmIp+BViOXWvDLC3xwrqm+5yc59QVBrjwH2WYn+26zB0dzwPFxNyHP +GuiDMnvZ54zmve9foXGn7Gv+KjU53pvwSJqAGjeHAXr7W9c5uoVwBGv/kLPn8h1e ++KGO2X6iFeMq+cFNiNan9iECgYBj+oGnsKWFVeS2ls8LyMGNGzmAZF2opiZ8RHgU +DeIULS+zP8Qi3j92GdQyLxuGQlfiEvvfJzP9nOfWa5LC/4JIIUAHFo8LlT1+JHEe +FJKi9dBkXP7NN8DxcyruXpnxctFUarQttuytslmMt2cFiKuOI7I+qJUzoMu/sEZx +FeidcQKBgQCuralmtbl4nxjn3aR/ZgFTAKCL9WaJPh5hFJ9q4UuWxJdBX5z3Ey3/ +70ehLKYPumjmZtXynzz4BTWj1W9X+tgj/499uzV6LdQERGjT6WVy8xR9RELWW0an +N9N1IAc4qTSjbI4EIMwMBSAoFfCux/jfDkG4g+RDnpV92sqxz2CtKg== +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/tests/data_files/cert_example_multi.crt b/tests/data_files/cert_example_multi.crt new file mode 100644 index 000000000..c1e19987a --- /dev/null +++ b/tests/data_files/cert_example_multi.crt @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 17 (0x11) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: May 10 13:23:41 2012 GMT + Not After : May 11 13:23:41 2022 GMT + Subject: C=NL, O=PolarSSL, CN=www.example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + X509v3 Subject Alternative Name: + DNS:example.com, DNS:example.net, DNS:*.example.org + Signature Algorithm: sha1WithRSAEncryption + 4f:09:cb:7a:d5:ee:f5:ef:62:0d:dc:7b:a2:85:d6:8c:ca:95: + b4:6b:da:11:5b:92:00:75:13:b9:ca:0b:ce:ea:fb:c3:1f:e2: + 3f:7f:21:74:79:e2:e6:bc:da:06:e5:2f:6f:f6:55:c6:73:39: + cf:48:bc:0d:2f:0c:d2:7a:06:c3:4a:4c:d9:48:5d:a0:d0:73: + 89:e4:d4:85:1d:96:9a:0e:57:99:c6:6f:1d:21:27:1f:8d:05: + 29:e8:40:ae:82:39:68:c3:97:07:cf:3c:93:4c:1a:df:2f:a6: + a4:55:48:7f:7c:8c:1a:c9:22:da:24:cd:92:39:c6:8a:ec:b0: + 8d:f5:69:82:67:cb:04:ee:de:53:41:96:c1:27:dc:2f:fe:33: + fa:d3:0e:b8:d4:32:a9:84:28:53:a5:f0:d1:89:d5:a2:98:e7: + 16:91:bb:9c:c0:41:8e:8c:58:ac:ff:e3:dd:2e:7a:ab:b0:b9: + 71:76:ad:0f:27:33:f7:a9:29:d3:c0:76:c0:bf:06:40:7c:0e: + d5:a4:7c:8a:e2:32:6e:16:ae:da:64:1f:b0:55:7c:db:dd:f1: + a4:ba:44:7c:b3:99:58:d2:34:6e:00:ea:97:6c:14:3a:f2:10: + 1e:0a:a2:49:10:76:01:f4:f2:c8:18:fd:cc:63:46:12:8b:09: + 1b:f1:94:e6 +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIBETANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTIwNTEwMTMyMzQxWhcNMjIwNTExMTMyMzQxWjA6MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGDAWBgNVBAMTD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBALk8SsXIo46QF6SeUqpxdSZhgOfHtW2M +/6q2QSa3vhGtXHMWDGQRSAT/1uE7BduJu7OXCdUcFN1ohzmwPXHL4nbQGtgYLYAb +VPblRJrxy69hLt9JDZ0Jt+2x/Tz9PPokz12/fORT5yW16kQi6SbT6iCUnuZhZ7ou +B2cLAy+iCe3wM48LzhDvZ6TGCNrB7cI/10rdFT35XhyBYEY+tbM9L6beRxy8kq7r +3ydrFla33OzRVVelbux1JfW3e9+r0jpakZh9lxcLEwqna0qLwUcw+zr4QQTVwd+4 +Hb97AaVlouAeNremXMwwWvjNb83xGWIlygHjNX/6IPXc/WmyagB9F/cCAwEAAaOB +gTB/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFH3knGvm+XF9RtISPa1rHf3CqnhMMB8G +A1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MDIGA1UdEQQrMCmCC2V4YW1w +bGUuY29tggtleGFtcGxlLm5ldIINKi5leGFtcGxlLm9yZzANBgkqhkiG9w0BAQUF +AAOCAQEATwnLetXu9e9iDdx7ooXWjMqVtGvaEVuSAHUTucoLzur7wx/iP38hdHni +5rzaBuUvb/ZVxnM5z0i8DS8M0noGw0pM2UhdoNBzieTUhR2Wmg5XmcZvHSEnH40F +KehAroI5aMOXB888k0wa3y+mpFVIf3yMGski2iTNkjnGiuywjfVpgmfLBO7eU0GW +wSfcL/4z+tMOuNQyqYQoU6Xw0YnVopjnFpG7nMBBjoxYrP/j3S56q7C5cXatDycz +96kp08B2wL8GQHwO1aR8iuIybhau2mQfsFV8293xpLpEfLOZWNI0bgDql2wUOvIQ +HgqiSRB2AfTyyBj9zGNGEosJG/GU5g== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_example_multi_nocn.crt b/tests/data_files/cert_example_multi_nocn.crt new file mode 100644 index 000000000..1634846e1 --- /dev/null +++ b/tests/data_files/cert_example_multi_nocn.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV +BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE +BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt +WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz +UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ +81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD +AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 +dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB +ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB +bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm +EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_example_wildcard.crt b/tests/data_files/cert_example_wildcard.crt new file mode 100644 index 000000000..4895e8a03 --- /dev/null +++ b/tests/data_files/cert_example_wildcard.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 12 (0xc) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 7 16:06:36 2012 GMT + Not After : Feb 7 16:06:36 2022 GMT + Subject: C=NL, O=PolarSSL, CN=*.example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: sha1WithRSAEncryption + 91:b3:84:5c:5d:60:f2:a5:0a:4a:dc:d6:c6:75:da:34:52:72: + 6c:0e:60:4f:ef:0e:55:f3:4b:bf:d0:40:e7:91:2c:a7:94:8f: + 3d:db:0a:ec:b2:f5:83:a7:a1:33:61:96:37:57:14:80:5b:e7: + bc:e1:d3:2c:36:32:6f:ef:7a:00:99:33:15:fc:38:20:df:74: + 7d:3d:0f:81:d0:b4:fd:b6:46:f1:c5:b8:bc:de:74:a2:41:a7: + c8:51:da:20:12:82:3e:0c:8c:48:da:19:b6:52:e9:4f:67:c1: + 28:9e:20:b6:ce:be:89:bd:64:d7:05:3e:87:af:ba:2b:5d:aa: + fe:62:66:fb:a6:75:ad:89:a1:18:e8:78:54:ea:df:0a:85:e9: + 32:32:a8:1a:cd:35:81:f8:a8:da:d1:16:8a:63:e7:67:da:6e: + e1:3b:1c:31:20:99:ee:e2:b2:fb:82:c5:21:e2:63:4c:61:15: + 4d:53:ad:dd:15:7f:0b:b6:33:43:ad:27:8a:b1:af:93:17:72: + c4:be:31:26:93:3c:7d:fc:d5:3d:cf:0b:be:c5:7b:e9:b4:f8: + f3:30:f2:f5:a2:27:eb:9a:71:fc:7f:79:5e:88:c5:a6:2d:33: + 57:ba:38:06:e6:ad:0b:96:97:9d:cc:94:7b:83:09:17:a6:ee: + ce:bb:0f:36 +-----BEGIN CERTIFICATE----- +MIIDOzCCAiOgAwIBAgIBDDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTIwMjA3MTYwNjM2WhcNMjIwMjA3MTYwNjM2WjA4MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxFjAUBgNVBAMUDSouZXhhbXBsZS5jb20wggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5PErFyKOOkBeknlKqcXUmYYDnx7VtjP+q +tkEmt74RrVxzFgxkEUgE/9bhOwXbibuzlwnVHBTdaIc5sD1xy+J20BrYGC2AG1T2 +5USa8cuvYS7fSQ2dCbftsf08/Tz6JM9dv3zkU+cltepEIukm0+oglJ7mYWe6Lgdn +CwMvognt8DOPC84Q72ekxgjawe3CP9dK3RU9+V4cgWBGPrWzPS+m3kccvJKu698n +axZWt9zs0VVXpW7sdSX1t3vfq9I6WpGYfZcXCxMKp2tKi8FHMPs6+EEE1cHfuB2/ +ewGlZaLgHja3plzMMFr4zW/N8RliJcoB4zV/+iD13P1psmoAfRf3AgMBAAGjTTBL +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFH3knGvm+XF9RtISPa1rHf3CqnhMMB8GA1Ud +IwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQCR +s4RcXWDypQpK3NbGddo0UnJsDmBP7w5V80u/0EDnkSynlI892wrssvWDp6EzYZY3 +VxSAW+e84dMsNjJv73oAmTMV/Dgg33R9PQ+B0LT9tkbxxbi83nSiQafIUdogEoI+ +DIxI2hm2UulPZ8EoniC2zr6JvWTXBT6Hr7orXar+Ymb7pnWtiaEY6HhU6t8Kheky +MqgazTWB+Kja0RaKY+dn2m7hOxwxIJnu4rL7gsUh4mNMYRVNU63dFX8LtjNDrSeK +sa+TF3LEvjEmkzx9/NU9zwu+xXvptPjzMPL1oifrmnH8f3leiMWmLTNXujgG5q0L +lpedzJR7gwkXpu7Ouw82 +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_md2.crt b/tests/data_files/cert_md2.crt new file mode 100644 index 000000000..bfea77b6f --- /dev/null +++ b/tests/data_files/cert_md2.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 9 (0x9) + Signature Algorithm: md2WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Jul 12 10:56:59 2009 GMT + Not After : Jul 12 10:56:59 2011 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:dc:13:74:81:c6:12:f6:67:5d:a1:66:72:ed:dc: + 79:b6:58:5c:32:58:b3:d4:14:fd:6c:02:61:9e:0b: + 99:46:63:a3:0a:41:d4:42:33:21:e6:ed:43:07:5a: + 1d:a2:3b:64:29:a8:2a:c1:66:28:00:59:d8:0c:49: + 2d:30:b7:3d:8c:bb:60:62:31:83:27:7f:4b:95:92: + 2e:a0:d6:c6:84:94:4b:b3:e4:a6:cc:ff:32:3a:c5: + ec:4c:c9:24:58:bf:b3:33:77:6a:b5:17:8b:02:10: + 29:8e:95:aa:91:60:17:43:42:87:a8:7c:da:09:83: + 98:9d:7a:65:5e:20:52:07:2e:65:a5:31:fd:d9:74: + 1e:00:c9:ae:9d:81:56:8b:08:0a:f5:1e:9c:dc:a2: + 5e:6c:db:ff:11:83:15:f4:d1:24:57:9b:0f:eb:35: + c9:f1:aa:46:4e:74:7f:fe:1d:b0:91:1f:89:4a:84: + cb:df:75:e3:cd:77:82:62:09:e5:9f:6d:29:de:2e: + 25:d8:48:b6:20:be:51:97:4c:2d:20:65:2d:2a:50: + 9e:24:5d:72:95:e0:a2:06:41:8c:61:e4:50:57:74: + 96:b1:29:b5:a1:88:37:f1:5c:9e:b2:9e:8e:83:8d: + 72:3b:b5:5c:fe:bb:12:89:72:5c:a1:f9:d8:18:29: + b2:27 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + B7:51:D4:E5:20:D5:45:54:F4:C5:51:1B:E0:82:B5:61:05:AF:9B:B6 + X509v3 Authority Key Identifier: + keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21 + + Signature Algorithm: md2WithRSAEncryption + 28:5a:dd:48:fb:ec:80:fe:de:b7:20:c0:4c:05:a9:4b:51:e9: + a7:d1:4b:5e:76:42:d2:5d:9a:14:19:3b:cb:f9:91:d7:0f:11: + c9:cd:dd:00:8b:2c:76:73:22:a0:19:49:81:63:40:30:48:27: + 62:90:ca:b8:dc:33:35:b3:4b:58:ca:dc:07:66:87:2e:ea:44: + 2a:6a:13:67:7a:32:5e:48:1d:88:88:c5:70:e6:e7:ec:1b:2f: + a7:f4:61:71:29:f6:66:93:30:60:7e:b3:4c:01:c8:2c:53:ce: + 00:11:ec:bf:f6:f2:ce:51:97:d8:ed:ed:dc:c9:6b:b8:19:15: + c8:9a:61:6d:12:9a:99:25:d8:03:1d:a6:4c:20:a5:f8:46:a3: + 05:32:bb:1a:8e:1a:65:0d:f3:13:35:1d:6f:73:28:31:12:d7: + c4:9e:73:a0:a7:ce:82:25:d1:40:e8:1b:77:60:f3:3e:81:7f: + 19:ee:cf:97:4d:c8:c3:35:9b:72:98:3b:c3:35:43:14:0a:04: + 21:7b:f7:db:e6:5f:ce:21:d1:ce:bf:b7:ef:c1:63:21:c2:78: + e1:37:aa:b1:e0:31:b3:b6:63:4c:fd:66:c8:e6:cf:f8:d9:97: + 2f:cf:92:81:3f:d4:bf:ec:e2:ad:6e:39:c7:a6:a8:e0:32:b0: + 2e:0d:e1:30 +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MDkwNzEyMTA1NjU5WhcNMTEwNzEyMTA1NjU5WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BN0gcYS9mddoWZy7dx5tlhcMliz +1BT9bAJhnguZRmOjCkHUQjMh5u1DB1odojtkKagqwWYoAFnYDEktMLc9jLtgYjGD +J39LlZIuoNbGhJRLs+SmzP8yOsXsTMkkWL+zM3dqtReLAhApjpWqkWAXQ0KHqHza +CYOYnXplXiBSBy5lpTH92XQeAMmunYFWiwgK9R6c3KJebNv/EYMV9NEkV5sP6zXJ +8apGTnR//h2wkR+JSoTL33XjzXeCYgnln20p3i4l2Ei2IL5Rl0wtIGUtKlCeJF1y +leCiBkGMYeRQV3SWsSm1oYg38Vyesp6Og41yO7Vc/rsSiXJcofnYGCmyJwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBS3UdTlINVFVPTFURvggrVhBa+btjAf +BgNVHSMEGDAWgBTPIjEnkdjCVP8e2tnuisWJMq0MITANBgkqhkiG9w0BAQIFAAOC +AQEAKFrdSPvsgP7etyDATAWpS1Hpp9FLXnZC0l2aFBk7y/mR1w8Ryc3dAIssdnMi +oBlJgWNAMEgnYpDKuNwzNbNLWMrcB2aHLupEKmoTZ3oyXkgdiIjFcObn7Bsvp/Rh +cSn2ZpMwYH6zTAHILFPOABHsv/byzlGX2O3t3MlruBkVyJphbRKamSXYAx2mTCCl ++EajBTK7Go4aZQ3zEzUdb3MoMRLXxJ5zoKfOgiXRQOgbd2DzPoF/Ge7Pl03IwzWb +cpg7wzVDFAoEIXv32+ZfziHRzr+378FjIcJ44TeqseAxs7ZjTP1myObP+NmXL8+S +gT/Uv+zirW45x6ao4DKwLg3hMA== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_md4.crt b/tests/data_files/cert_md4.crt new file mode 100644 index 000000000..16f166b81 --- /dev/null +++ b/tests/data_files/cert_md4.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 5 (0x5) + Signature Algorithm: md4WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: md4WithRSAEncryption + 94:db:e1:86:71:2d:43:d6:51:61:a7:95:bc:e8:73:da:ff:e4: + fd:41:0f:5c:de:14:f4:c4:ba:5d:2c:30:2c:a6:dc:2d:e8:87: + 45:f1:c5:fe:d1:4a:64:99:19:09:2f:72:7c:3f:8d:c8:31:22: + dd:0a:69:03:3d:12:8c:4d:c3:f7:a3:c5:d1:5d:c9:ff:4b:83: + 6b:d6:b4:e5:d8:ce:94:5e:ec:bf:68:c5:b2:63:8e:5c:cb:f3: + 8d:62:73:82:62:7e:df:db:7d:0b:8d:21:10:db:9a:a1:62:4d: + 46:42:d1:bb:38:32:ef:c1:fc:a1:e2:7f:60:08:37:32:20:2c: + 7c:a2:c9:12:0d:89:fe:2b:15:08:91:79:e2:a9:79:a4:da:cd: + 81:43:01:e2:09:2d:1a:f4:16:ef:af:4d:50:46:5e:2d:dd:48: + 27:10:c0:42:b7:a5:9e:c2:1f:6e:50:36:03:ed:95:77:9a:a3: + d9:4c:d7:23:93:b1:24:2a:63:27:28:7a:de:3d:59:d2:92:c8: + 8f:f6:39:1d:65:ab:09:78:05:46:90:a9:f6:10:b1:ef:c8:8c: + 4d:7d:8d:f2:78:b7:88:15:09:7e:df:e9:87:a8:64:c1:95:53: + fb:da:05:b7:62:bc:ad:fb:d9:a4:a9:06:6c:6b:98:01:b9:39: + 78:d3:4e:87 +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1 +bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2Bgt +gBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFn +ui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLyS +ruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB +37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4TDAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC +AQEAlNvhhnEtQ9ZRYaeVvOhz2v/k/UEPXN4U9MS6XSwwLKbcLeiHRfHF/tFKZJkZ +CS9yfD+NyDEi3QppAz0SjE3D96PF0V3J/0uDa9a05djOlF7sv2jFsmOOXMvzjWJz +gmJ+39t9C40hENuaoWJNRkLRuzgy78H8oeJ/YAg3MiAsfKLJEg2J/isVCJF54ql5 +pNrNgUMB4gktGvQW769NUEZeLd1IJxDAQrelnsIfblA2A+2Vd5qj2UzXI5OxJCpj +Jyh63j1Z0pLIj/Y5HWWrCXgFRpCp9hCx78iMTX2N8ni3iBUJft/ph6hkwZVT+9oF +t2K8rfvZpKkGbGuYAbk5eNNOhw== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_md5.crt b/tests/data_files/cert_md5.crt new file mode 100644 index 000000000..13d43f1ac --- /dev/null +++ b/tests/data_files/cert_md5.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 6 (0x6) + Signature Algorithm: md5WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: md5WithRSAEncryption + 92:13:81:0c:ff:ac:ab:98:52:6c:28:c9:c6:3e:80:c6:ec:77: + d0:13:e1:a2:29:1d:2f:b7:c5:95:41:83:60:d9:50:9c:d0:d6: + 09:f7:0f:97:cd:c0:e6:b2:68:fa:31:c9:2a:a3:d3:1e:53:ae: + 79:dc:35:ba:b0:d9:e5:7a:37:1b:2a:92:fa:d2:59:90:43:1b: + 6a:91:c1:db:36:da:e9:39:d3:f5:ac:e3:46:01:ca:55:04:17: + 1a:b1:97:28:e8:ff:1b:e7:e1:10:c9:b5:31:d8:ce:a6:89:6a: + 4a:df:78:7b:02:2f:83:b3:41:d5:ef:0b:b6:44:ff:32:a6:cf: + 1b:c2:f4:b0:75:66:a9:da:6f:7c:a5:e3:c6:c1:3a:2f:bf:f8: + 12:6f:04:2c:37:f2:4e:fc:b9:09:ff:a4:5b:40:19:e9:58:91: + 64:82:d6:ad:b9:7f:c0:12:c2:ce:b7:b6:ba:fb:10:a2:3f:74: + 97:10:39:d4:dc:4a:e5:5c:f7:e5:3a:d9:68:d7:17:6b:f5:51: + 08:b4:a2:30:0d:cc:36:10:6d:4e:1d:22:cc:48:d1:38:44:ba: + cc:2b:47:99:f7:c6:8b:41:24:f3:f1:2c:10:1a:f2:88:bb:b2: + e0:fd:44:26:3d:ad:ea:af:1d:d0:00:56:41:4e:f4:b0:3b:9d: + 32:6f:48:c7 +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQ1MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1 +bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2Bgt +gBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFn +ui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLyS +ruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB +37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4TDAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQQFAAOC +AQEAkhOBDP+sq5hSbCjJxj6Axux30BPhoikdL7fFlUGDYNlQnNDWCfcPl83A5rJo ++jHJKqPTHlOuedw1urDZ5Xo3GyqS+tJZkEMbapHB2zba6TnT9azjRgHKVQQXGrGX +KOj/G+fhEMm1MdjOpolqSt94ewIvg7NB1e8LtkT/MqbPG8L0sHVmqdpvfKXjxsE6 +L7/4Em8ELDfyTvy5Cf+kW0AZ6ViRZILWrbl/wBLCzre2uvsQoj90lxA51NxK5Vz3 +5TrZaNcXa/VRCLSiMA3MNhBtTh0izEjROES6zCtHmffGi0Ek8/EsEBryiLuy4P1E +Jj2t6q8d0ABWQU70sDudMm9Ixw== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_sha1.crt b/tests/data_files/cert_sha1.crt new file mode 100644 index 000000000..718b2f27e --- /dev/null +++ b/tests/data_files/cert_sha1.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7 (0x7) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: sha1WithRSAEncryption + 93:26:40:68:3d:e7:62:ea:d1:6a:78:2b:c2:07:f3:0d:3b:f6: + 69:18:cd:08:5e:31:e7:48:60:08:2a:46:b6:de:d1:35:0a:ec: + 31:36:83:7d:eb:7c:d8:63:09:c3:e4:c5:10:ca:7c:7b:2f:20: + 4d:d2:0e:5f:ee:09:e3:84:4f:28:cc:08:74:9a:11:23:5f:de: + 0e:3a:0f:8b:2d:64:91:05:f6:d5:c7:30:c8:20:ee:6c:c4:62: + 7c:8d:a8:4d:2e:70:8c:ac:b5:5d:de:9b:10:5c:98:fd:a1:78: + 9b:9c:f0:73:33:de:2f:8c:59:fa:dc:af:4c:df:97:e3:9d:00: + 37:9a:fa:d3:67:77:b9:2f:b9:4a:23:ad:f9:b4:a1:b7:ac:c5: + a8:0f:62:8c:e6:7e:b4:94:2a:db:f2:fc:52:92:a4:9e:4e:51: + 4f:9d:c0:ce:ae:3d:17:1c:94:6c:5f:e8:16:b5:ce:2e:e2:5a: + cf:6a:db:dd:b0:d4:be:62:a5:46:92:30:7c:7c:fc:05:f8:78: + 30:93:30:28:ab:69:a1:72:31:dc:3b:97:63:3a:5b:b3:e1:34: + 86:80:4a:28:f5:dc:d5:84:8c:13:a4:6c:d2:c1:2d:a6:25:d7: + 6f:c9:93:78:a5:16:ba:d9:17:6e:3e:ca:96:f2:9e:5c:e3:ae: + 12:2e:a5:11 +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBBzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA9MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGzAZBgNVBAMTElBvbGFyU1NMIENlcnQgU0hBMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALk8SsXIo46QF6SeUqpxdSZhgOfH +tW2M/6q2QSa3vhGtXHMWDGQRSAT/1uE7BduJu7OXCdUcFN1ohzmwPXHL4nbQGtgY +LYAbVPblRJrxy69hLt9JDZ0Jt+2x/Tz9PPokz12/fORT5yW16kQi6SbT6iCUnuZh +Z7ouB2cLAy+iCe3wM48LzhDvZ6TGCNrB7cI/10rdFT35XhyBYEY+tbM9L6beRxy8 +kq7r3ydrFla33OzRVVelbux1JfW3e9+r0jpakZh9lxcLEwqna0qLwUcw+zr4QQTV +wd+4Hb97AaVlouAeNremXMwwWvjNb83xGWIlygHjNX/6IPXc/WmyagB9F/cCAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUfeSca+b5cX1G0hI9rWsd/cKqeEww +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAJMmQGg952Lq0Wp4K8IH8w079mkYzQheMedIYAgqRrbe0TUK7DE2g33rfNhj +CcPkxRDKfHsvIE3SDl/uCeOETyjMCHSaESNf3g46D4stZJEF9tXHMMgg7mzEYnyN +qE0ucIystV3emxBcmP2heJuc8HMz3i+MWfrcr0zfl+OdADea+tNnd7kvuUojrfm0 +obesxagPYozmfrSUKtvy/FKSpJ5OUU+dwM6uPRcclGxf6Ba1zi7iWs9q292w1L5i +pUaSMHx8/AX4eDCTMCiraaFyMdw7l2M6W7PhNIaASij13NWEjBOkbNLBLaYl12/J +k3ilFrrZF24+ypbynlzjrhIupRE= +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_sha224.crt b/tests/data_files/cert_sha224.crt new file mode 100644 index 000000000..7283c28c0 --- /dev/null +++ b/tests/data_files/cert_sha224.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 8 (0x8) + Signature Algorithm: sha224WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: sha224WithRSAEncryption + b8:9b:0a:d1:b4:d1:a4:ce:05:39:42:7a:3b:7b:5e:fd:97:57: + 8a:36:60:42:39:d0:e6:0c:9c:7e:2f:2b:be:ef:e7:45:34:77: + 48:7a:10:4a:fd:76:ca:42:39:25:3c:fa:19:f8:63:6c:e7:36: + 27:9a:ec:06:ce:e4:f7:2c:2e:c6:36:c1:25:bd:ab:09:aa:e2: + da:4e:de:ae:b5:f5:ba:9e:90:24:52:34:96:96:61:4c:26:b5: + 57:65:b1:10:ed:13:2b:54:90:ce:d3:21:cb:8c:d3:4c:6c:e5: + e1:78:22:16:3f:e1:be:f1:ee:5d:39:48:a1:e6:80:46:f4:46: + f2:79:03:3e:f1:fc:51:47:d9:05:e8:85:81:1b:0b:4f:fa:85: + 9d:ce:e7:76:5a:6f:da:98:9f:43:f1:f3:2f:2f:57:28:aa:70: + 14:82:7f:d5:69:14:8c:f9:82:b6:2f:a6:df:b5:6b:0e:43:c9: + 96:91:64:3d:8b:a8:17:15:9a:88:42:a4:d0:90:c0:a3:a2:e1: + dd:f6:95:6d:3b:9d:71:a6:1e:9e:2c:1e:db:f6:5f:93:43:2c: + ed:53:70:55:50:56:df:cd:96:6c:d5:91:0f:b1:a7:f4:b7:17: + 9d:1f:0b:f6:0b:f8:fe:e7:7c:de:c1:20:b7:fc:69:13:ba:e2: + 61:9b:a5:62 +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMjI0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA +58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa +2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe +5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H +HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB +BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 +TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ4F +AAOCAQEAuJsK0bTRpM4FOUJ6O3te/ZdXijZgQjnQ5gycfi8rvu/nRTR3SHoQSv12 +ykI5JTz6GfhjbOc2J5rsBs7k9ywuxjbBJb2rCari2k7errX1up6QJFI0lpZhTCa1 +V2WxEO0TK1SQztMhy4zTTGzl4XgiFj/hvvHuXTlIoeaARvRG8nkDPvH8UUfZBeiF +gRsLT/qFnc7ndlpv2pifQ/HzLy9XKKpwFIJ/1WkUjPmCti+m37VrDkPJlpFkPYuo +FxWaiEKk0JDAo6Lh3faVbTudcaYeniwe2/Zfk0Ms7VNwVVBW382WbNWRD7Gn9LcX +nR8L9gv4/ud83sEgt/xpE7riYZulYg== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_sha256.crt b/tests/data_files/cert_sha256.crt new file mode 100644 index 000000000..03a752131 --- /dev/null +++ b/tests/data_files/cert_sha256.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 9 (0x9) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: sha256WithRSAEncryption + 69:ce:f9:a9:d5:e2:32:db:fe:a9:f9:92:7a:d6:76:37:05:51: + c9:e3:a1:03:72:b2:bc:2c:86:4b:31:16:02:10:e8:43:d4:c0: + 33:3c:4f:ea:9d:12:6b:57:51:bc:d7:d9:42:56:cf:c7:29:e7: + d7:52:24:49:29:ac:9c:de:8f:cc:ab:1a:a9:62:07:5a:6b:f7: + fb:19:ab:f5:b1:2c:a4:aa:dc:5d:03:73:17:7c:ea:52:44:80: + ca:70:d3:10:c5:2e:fd:9f:d2:0d:65:c4:f2:cc:ef:1b:18:e1: + 0a:08:4e:67:d0:56:7f:24:54:2e:73:31:b5:4d:22:74:f8:30: + f9:92:c4:64:c9:46:80:d4:e1:bd:d6:e7:26:ea:bb:c4:fe:6f: + a2:c5:10:e4:64:2f:b0:44:04:2c:b3:44:39:cf:b4:de:ac:83: + 43:5e:0b:ca:cd:fb:4e:18:e6:38:39:e7:10:3f:d6:59:17:e7: + 42:ef:00:e3:88:c6:43:bc:21:12:bf:20:a8:64:c6:30:dc:8c: + 6b:b8:6a:ce:6b:8a:22:3b:d8:af:0c:b4:bb:4d:be:96:dd:40: + d9:87:3e:95:2e:1a:27:23:62:e8:6e:bd:e0:89:d0:a7:28:16: + 95:ea:cb:89:a3:f7:7f:fb:0f:ac:ab:d6:a8:b4:cb:43:92:d9: + cb:3e:8a:11 +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMjU2MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA +58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa +2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe +5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H +HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB +BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 +TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsF +AAOCAQEAac75qdXiMtv+qfmSetZ2NwVRyeOhA3KyvCyGSzEWAhDoQ9TAMzxP6p0S +a1dRvNfZQlbPxynn11IkSSmsnN6PzKsaqWIHWmv3+xmr9bEspKrcXQNzF3zqUkSA +ynDTEMUu/Z/SDWXE8szvGxjhCghOZ9BWfyRULnMxtU0idPgw+ZLEZMlGgNThvdbn +Juq7xP5vosUQ5GQvsEQELLNEOc+03qyDQ14Lys37ThjmODnnED/WWRfnQu8A44jG +Q7whEr8gqGTGMNyMa7hqzmuKIjvYrwy0u02+lt1A2Yc+lS4aJyNi6G694InQpygW +lerLiaP3f/sPrKvWqLTLQ5LZyz6KEQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_sha384.crt b/tests/data_files/cert_sha384.crt new file mode 100644 index 000000000..73caac90d --- /dev/null +++ b/tests/data_files/cert_sha384.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 10 (0xa) + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: sha384WithRSAEncryption + 68:e6:03:f0:ba:44:e7:cc:e1:b2:07:6c:56:c8:be:b7:ba:80: + 61:c8:f9:66:57:e1:cb:60:7d:cd:8d:0f:66:b0:f2:61:45:fd: + fc:c8:93:95:bb:b4:14:00:76:c7:e1:57:a6:e2:60:31:8b:fc: + e1:0f:68:24:4c:bb:1d:c5:b6:77:ec:23:e1:5b:4f:10:6c:6a: + e0:6d:e7:34:f8:72:14:ae:16:57:25:8b:e8:b9:71:a1:d0:78: + ea:18:c1:51:c4:2e:26:6d:cb:80:8d:a5:b9:de:e7:37:c1:2b: + ec:e8:98:c6:f9:1a:bf:fe:a3:de:3d:d6:59:98:45:dc:4a:a6: + ad:0a:af:73:50:43:23:5a:9b:9a:f9:8f:ff:41:15:e5:9c:12: + 9e:29:55:5c:79:9c:89:0c:c8:8a:82:86:b1:96:ae:7c:7d:4f: + 0b:fd:e3:9e:8b:a5:4d:88:55:05:ad:6c:63:aa:74:0c:41:0d: + 47:22:cc:1a:45:02:92:5e:d1:e0:b9:31:52:ff:f6:30:f0:87: + 2c:dd:fa:fa:b9:cc:45:cb:36:33:5b:35:7f:5f:05:4f:e0:8f: + 9a:e4:d2:fa:c9:d4:fc:62:99:ac:59:fb:fd:04:bc:5a:c0:47: + 5e:5d:3d:df:31:8c:7f:dc:00:cb:cb:c0:f4:62:41:44:db:1d: + ba:c0:ad:8a +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCjANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMzg0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA +58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa +2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe +5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H +HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB +BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 +TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQwF +AAOCAQEAaOYD8LpE58zhsgdsVsi+t7qAYcj5Zlfhy2B9zY0PZrDyYUX9/MiTlbu0 +FAB2x+FXpuJgMYv84Q9oJEy7HcW2d+wj4VtPEGxq4G3nNPhyFK4WVyWL6LlxodB4 +6hjBUcQuJm3LgI2lud7nN8Er7OiYxvkav/6j3j3WWZhF3EqmrQqvc1BDI1qbmvmP +/0EV5ZwSnilVXHmciQzIioKGsZaufH1PC/3jnoulTYhVBa1sY6p0DEENRyLMGkUC +kl7R4LkxUv/2MPCHLN36+rnMRcs2M1s1f18FT+CPmuTS+snU/GKZrFn7/QS8WsBH +Xl093zGMf9wAy8vA9GJBRNsdusCtig== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_sha512.crt b/tests/data_files/cert_sha512.crt new file mode 100644 index 000000000..4bb4eed03 --- /dev/null +++ b/tests/data_files/cert_sha512.crt @@ -0,0 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 11 (0xb) + Signature Algorithm: sha512WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:07 2011 GMT + Not After : Feb 12 14:44:07 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71: + 75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7: + be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b: + 05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0: + 3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5: + 44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1: + fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5: + ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e: + 07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef: + 67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9: + 5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc: + 92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5: + 6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d: + 97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8: + 41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e: + 36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25: + ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d: + 17:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + + Signature Algorithm: sha512WithRSAEncryption + 84:68:78:72:54:00:bf:8a:45:28:35:be:18:47:d8:69:f6:67: + de:a6:f8:a6:d0:fd:9f:79:f7:e8:02:8a:c3:83:5d:85:45:cc: + b6:98:77:a7:18:3f:6b:d2:e4:d0:af:d5:52:d9:db:7e:4a:d3: + 68:b0:08:64:14:de:c2:3b:1d:7b:ac:79:ad:49:5a:4c:f6:d2: + 35:ef:a4:8c:b7:5b:d1:0b:7b:50:c6:9c:48:3e:96:3b:1b:0b: + 0e:e8:10:3f:8c:3b:4f:6b:1d:5c:3a:27:f3:43:22:ac:37:11: + 71:b8:07:66:b0:f8:71:c3:22:cf:f4:96:83:93:fb:42:b0:1a: + 43:f9:4b:df:cb:5f:0f:ba:9e:80:f1:ff:08:3a:46:51:dc:d0: + 36:bd:b1:c4:ca:fb:00:12:e7:e0:37:70:40:0e:73:19:63:c2: + e5:da:56:77:07:68:a5:40:9e:d6:0f:ad:b5:b3:b2:f5:3f:01: + e8:68:e7:a3:b0:d7:f3:dd:ff:b6:d7:8f:75:4e:25:ab:12:32: + 99:45:ad:57:40:de:d7:b4:0d:d0:c3:66:89:47:f2:0c:b2:b5: + df:52:0e:fa:63:62:65:89:07:4a:80:69:0e:4e:ba:c0:43:5d: + 05:75:22:cf:50:f9:ac:bd:ef:8d:8c:10:08:b6:8b:62:4f:a1: + 60:55:a3:0d +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBNTEyMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA +58e1bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa +2BgtgBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe +5mFnui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5H +HLySruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhB +BNXB37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4 +TDAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ0F +AAOCAQEAhGh4clQAv4pFKDW+GEfYafZn3qb4ptD9n3n36AKKw4NdhUXMtph3pxg/ +a9Lk0K/VUtnbfkrTaLAIZBTewjsde6x5rUlaTPbSNe+kjLdb0Qt7UMacSD6WOxsL +DugQP4w7T2sdXDon80MirDcRcbgHZrD4ccMiz/SWg5P7QrAaQ/lL38tfD7qegPH/ +CDpGUdzQNr2xxMr7ABLn4DdwQA5zGWPC5dpWdwdopUCe1g+ttbOy9T8B6Gjno7DX +893/ttePdU4lqxIymUWtV0De17QN0MNmiUfyDLK131IO+mNiZYkHSoBpDk66wENd +BXUiz1D5rL3vjYwQCLaLYk+hYFWjDQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/cert_v1_with_ext.crt b/tests/data_files/cert_v1_with_ext.crt new file mode 100644 index 000000000..4f0704885 --- /dev/null +++ b/tests/data_files/cert_v1_with_ext.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDzTCCArUCCQC97UTH0j7CpDANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMC +WFgxCzAJBgNVBAgTAlhYMQswCQYDVQQHEwJYWDELMAkGA1UEChMCWFgxCzAJBgNV +BAsTAlhYMScwJQYJKoZIhvcNAQkBFhhhZG1pbkBpZGVudGl0eS1jaGVjay5vcmcx +GzAZBgNVBAMTEmlkZW50aXR5LWNoZWNrLm9yZzAeFw0xMzA3MDQxNjE3MDJaFw0x +NDA3MDQxNjE3MDJaMIGHMQswCQYDVQQGEwJYWDELMAkGA1UECBMCWFgxCzAJBgNV +BAcTAlhYMQswCQYDVQQKEwJYWDELMAkGA1UECxMCWFgxJzAlBgkqhkiG9w0BCQEW +GGFkbWluQGlkZW50aXR5LWNoZWNrLm9yZzEbMBkGA1UEAxMSaWRlbnRpdHktY2hl +Y2sub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1v8FswMughO8 +mwkHWAf+XRpK33kYR0ifBnObvk2R9ZTEUk/TfFEEFVlen5xhiE0g8lbCj8Y5Mzsg +wZsJv5in/KnraYb7VC0ah0jx4sMkhKRcyUWfjyH8r7FNH1j1jd08ZpWJGotYxxaL +evqom1rzLN99JPObwyCCgGcQjlRV7cMfIgwlwHb/JPXOy/hYAgjrCjqvBu3nL5/b +HF0PyVGiKCEQiHhMBKNjAxzQrCUGy7Vp+3QlIYrs6/m5A96vohX/j+wzwIp3QgiK +Yhj5E4Zo/iQLf6Rwl7pL4RTdT+crcy143mYiShNY+ayl9snfVJNnuHaMe15fVEsP +X9lDvdBvXwIDAQABoz8wPTA7BgNVHREENDAyghJpZGVudGl0eS1jaGVjay5vcmeC +Fnd3dy5pZGVudGl0eS1jaGVjay5vcmeHBCU7/jAwDQYJKoZIhvcNAQEFBQADggEB +AAXUXoWlQxKvSCVWhes8x03MCude0nDqDFH1DPGIKeVeWOw87nVni+hIvy8II6hj +5ZfGSHuZci2AgElA3tXk2qDcZ/uBXe2VV4IwsgXKUYSlpz1xoU55InT4e7KdssEP +HOyrU03Dzm8Jk0PhgEJpV48tkWYoJvZvOiwG0e43UPDv9xp8C8EbvJmmuWkUWnNW +o0yDnoAOxGfUGSUQ1guTpWCoQEKj3DS4v4lI0kNmJm+oRE2vv1XealWEHSuMpRZO +Qhy8WImX3muw99MP579tY44D5Z7p3kpiC1bwV3tzkHdf5mkrAbFJIfliPvjMrPMw +2eyXXijDsebpT0w3ruMxjHg= +-----END CERTIFICATE----- diff --git a/tests/data_files/cli-rsa-sha1.crt b/tests/data_files/cli-rsa-sha1.crt new file mode 100644 index 000000000..ffbe21a17 --- /dev/null +++ b/tests/data_files/cli-rsa-sha1.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f +M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu +1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw +MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v +4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ +/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC +AQEAX0vLL6qw6zYaO7a1ZXXJhWL8/vm1+yz5HrnXPX62xBD7P+cVGrOoNbD1QAj9 +otOpUsWYmHRvhotO42oqPsnoPA0JpGRR2elbTrcK9uDxg6PWwoix3uHPRuXdRIsU +jee2TcGilXgJw1HDvJ04E5qowAtAgOcE41ZraAN43GHO2PjxcXEEoWzqSqvlUrv3 +AOaCTn9X73izMRgPbQBnJjknIzoYwWgVFaDEW/lZE0+LLa99/mxFFUBhYzAY+h/R +rmtslJIyIzTd3sLo+XZ0hNtlBM0u1okOspSWtmoNdSiJDZMJ4LL71xuJYG46Sl/0 +1hH/1pZigeufZgYrQgqG8oHT4A== +-----END CERTIFICATE----- diff --git a/tests/data_files/cli-rsa-sha256.crt b/tests/data_files/cli-rsa-sha256.crt new file mode 100644 index 000000000..c81f98fb3 --- /dev/null +++ b/tests/data_files/cli-rsa-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f +M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu +1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw +MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v +4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ +/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC +AQEAlHabem2Tu69VUN7EipwnQn1dIHdgvT5i+iQHpSxY1crPnBbAeSdAXwsVEqLQ +gOOIAQD5VIITNuoGgo4i+4OpNh9u7ZkpRHla+/swsfrFWRRbBNP5Bcu74AGLstwU +zM8gIkBiyfM1Q1qDQISV9trlCG6O8vh8dp/rbI3rfzo99BOHXgFCrzXjCuW4vDsF +r+Dao26bX3sJ6UnEWg1H3o2x6PpUcvQ36h71/bz4TEbbUUEpe02V4QWuL+wrhHJL +U7o3SVE3Og7jPF8sat0a50YUWhwEFI256m02KAXLg89ueUyYKEr6rNwhcvXJpvU9 +giIVvd0Sbjjnn7NC4VDbcXV8vw== +-----END CERTIFICATE----- diff --git a/tests/data_files/cli.opensslconf b/tests/data_files/cli.opensslconf new file mode 100644 index 000000000..ae9ab9de2 --- /dev/null +++ b/tests/data_files/cli.opensslconf @@ -0,0 +1,4 @@ +[cli-rsa] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:false diff --git a/tests/data_files/cli2.crt b/tests/data_files/cli2.crt new file mode 100644 index 000000000..2dfa51632 --- /dev/null +++ b/tests/data_files/cli2.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT +9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud +IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM +lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU +LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U= +-----END CERTIFICATE----- diff --git a/tests/data_files/cli2.key b/tests/data_files/cli2.key new file mode 100644 index 000000000..e747d0943 --- /dev/null +++ b/tests/data_files/cli2.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49 +AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW +wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/crl-ec-sha1.pem b/tests/data_files/crl-ec-sha1.pem new file mode 100644 index 000000000..8358640a0 --- /dev/null +++ b/tests/data_files/crl-ec-sha1.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ +b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz +MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G +A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg +Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW +svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm +56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= +-----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha224.pem b/tests/data_files/crl-ec-sha224.pem new file mode 100644 index 000000000..9131f104f --- /dev/null +++ b/tests/data_files/crl-ec-sha224.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBcDCB9wIBATAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwEDaAAwZQIwbn+i0dOest0IJGzuqBLA +V5nscZPvHjDV6lWsSwurS4LC/Uv/qWteuMCp3OqQRJHcAjEA6KA0dibovfL1WKFo +C8jUGxlMfHeWDRkqMfcjjgIpky7v50sKtDOfmFJn3HFUbiKp +-----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha256.pem b/tests/data_files/crl-ec-sha256.pem new file mode 100644 index 000000000..adfd5f893 --- /dev/null +++ b/tests/data_files/crl-ec-sha256.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha384.pem b/tests/data_files/crl-ec-sha384.pem new file mode 100644 index 000000000..b757abb18 --- /dev/null +++ b/tests/data_files/crl-ec-sha384.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBcDCB9wIBATAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwMDaAAwZQIwateJaD13+Yi4HWBIlOov +8ZDsvnfQfW/R0A1s2ZccAi+byurShuNGiSvsFSh5d/6QAjEA427F8bNk/fdj5YXu +Oo1qEd7WpD2dNUb0draGSIcJGBRGzi5it14UXr9cR4S5eJ6Q +-----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha512.pem b/tests/data_files/crl-ec-sha512.pem new file mode 100644 index 000000000..f7c9402a3 --- /dev/null +++ b/tests/data_files/crl-ec-sha512.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwQDaQAwZgIxAL/VFrDIYUECsS0rVpAy +6zt/CqeAZ1sa/l5LTaG1XW286n2Kibipr6EpkYZNYIQILgIxAI0wb3Py1DHPWpYf +/BFBH7C3KYq+nWTrLeEnhrjU1LzG/CiQ8lnuskya6lw/P3lJ/A== +-----END X509 CRL----- diff --git a/tests/data_files/crl-future.pem b/tests/data_files/crl-future.pem new file mode 100644 index 000000000..1938219d4 --- /dev/null +++ b/tests/data_files/crl-future.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBgzCCAQoCAQEwCQYHKoZIzj0EATA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTMyMDMxMDEx +MDUxNVoXDTQyMDMwODExMDUxNVowKDASAgEKFw0xMzA5MjQxNjI4MzhaMBICARYX +DTE0MDEyMDEzNDMwNVqgcjBwMG4GA1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb ++zZ8oUKkQDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNV +BAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gA +MGUCMQCmsvNsOQdbGpmzpeZlKU9lDP6yyWenrI/89swZYogE3cSPob4tOzeYg38i +or91IPgCMD7N/0Qz6Nq2IgBtZORLgsA0ltK+W6AOS+/EIhvGuXV8uguUyYknl4vb ++cE+lWxhCQ== +-----END X509 CRL----- diff --git a/tests/data_files/crl-idp.pem b/tests/data_files/crl-idp.pem new file mode 100644 index 000000000..a229e7d6d --- /dev/null +++ b/tests/data_files/crl-idp.pem @@ -0,0 +1,12 @@ +-----BEGIN X509 CRL----- +MIIBszCBnAIBATANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UE +ChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTE4MDMxNDA3 +MzE0OFoXDTI4MDMxNDA3MzE0OFqgLTArMCkGA1UdHAEB/wQfMB2gG6AZhhdodHRw +Oi8vcGtpLmV4YW1wbGUuY29tLzANBgkqhkiG9w0BAQsFAAOCAQEAs/vp1Ybq9Lj/ +YM+O2uBqhRNdt494GYSYcZcltbQDwLgDwsFQ9S+q5zBtanhxiF3C6dyDoWS6xyY3 +dkdO9kK2YAQLNaFBCsKRrI9vGKuF5/1uIr0a8cQcqVzyRI9uK0KgGEk9/APGtqob +nj/nt2ryGC+yEh20FmvwFn1vN5xaWK3uUIJCNDTZe+KQn150iAU/mWZG2xDdSXgm +JtpTrY6toBgTwDGyus2wIDvAF6rBc1lRoR0BPuTR1fcUPMvr8jceZqG+xuH+vmkU +j1B4Tu+K27ZmZMlhltfgwLzcgH9Ee1TgWPN2QqMzeZW/vNMyIIvWAWk2cFyCJj6r +16/9upL64w== +-----END X509 CRL----- diff --git a/tests/data_files/crl-idpnc.pem b/tests/data_files/crl-idpnc.pem new file mode 100644 index 000000000..0ebe480ee --- /dev/null +++ b/tests/data_files/crl-idpnc.pem @@ -0,0 +1,12 @@ +-----BEGIN X509 CRL----- +MIIBsDCBmQIBATANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UE +ChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTE4MDMxNDEx +MTQzNloXDTI4MDMxNDExMTQzNlqgKjAoMCYGA1UdHAQfMB2gG6AZhhdodHRwOi8v +cGtpLmV4YW1wbGUuY29tLzANBgkqhkiG9w0BAQsFAAOCAQEACsszsNwAMkmUrbti +H1wpWN3LIb32MTZkBWZeFWWQ1MyzSFslgnOcu6tesJuTQJVJMGCSXZv7jkVHeeiK +x+BAoHCrR2aRVPbmiaP43Qp/dFOOfHVMM/VVWmuEYuCQaCAeVLQgGbgAYHE9aHQN +vBg8m7NJ95av2svLHMFIhirZlKWsAXM+aCyzoudEIhrP4Ppwt01SCtDl5gyg1Gkd +B3wuOckjTk0xwXdlOSMH9o0SD2fkc41AFDqOZTK2NTQzNChDNFbKXl8sr9SavJCm +k72l7wNJs6UOEhQMygyXEvqp8JbIi9JI+3TD4z4wUt0EnPkw0U48grLXFhjwBLWi +cxyjQQ== +-----END X509 CRL----- diff --git a/tests/data_files/crl-malformed-trailing-spaces.pem b/tests/data_files/crl-malformed-trailing-spaces.pem new file mode 100644 index 000000000..9eae3da19 --- /dev/null +++ b/tests/data_files/crl-malformed-trailing-spaces.pem @@ -0,0 +1,20 @@ +-----BEGIN X509 CRL----- +MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ +b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz +MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G +A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg +Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW +svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm +56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= +-----END X509 CRL----- +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwQDaQAwZgIxAL/VFrDIYUECsS0rVpAy +6zt/CqeAZ1sa/l5LTaG1XW286n2Kibipr6EpkYZNYIQILgIxAI0wb3Py1DHPWpYf +/BFBH7C3KYq+nWTrLeEnhrjU1LzG/CiQ8lnuskya6lw/P3lJ/A== +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/tests/data_files/crl-rsa-pss-sha1-badsign.pem new file mode 100644 index 000000000..7e2a59677 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha1-badsign.pem @@ -0,0 +1,14 @@ +-----BEGIN X509 CRL----- +MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x +NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 +WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM +MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS +4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 +MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo +mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O +7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa +y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha1.pem b/tests/data_files/crl-rsa-pss-sha1.pem new file mode 100644 index 000000000..59ca4f703 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha1.pem @@ -0,0 +1,14 @@ +-----BEGIN X509 CRL----- +MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x +NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 +WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM +MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS +4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 +MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo +mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O +7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa +y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha224.pem b/tests/data_files/crl-rsa-pss-sha224.pem new file mode 100644 index 000000000..a51d5d911 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha224.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI +i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v +TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e +Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 +NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB +f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D +a6JSqCIMRCQY2JOUn0A= +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha256.pem b/tests/data_files/crl-rsa-pss-sha256.pem new file mode 100644 index 000000000..f16a49118 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha256.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 +oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC +FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo +IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X +ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB +r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb +XLdJyyak33CLBKu+nJc= +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha384.pem b/tests/data_files/crl-rsa-pss-sha384.pem new file mode 100644 index 000000000..50f7e4cd2 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha384.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco +SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR +a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 +EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs +y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k +q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u +KUH/xf1jEnNzbYNGiZw= +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha512.pem b/tests/data_files/crl-rsa-pss-sha512.pem new file mode 100644 index 000000000..0f1d6510b --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha512.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F +ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq +1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 +t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU +p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 +sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 +enMfMvwScA5AImzu9xA= +-----END X509 CRL----- diff --git a/tests/data_files/crl.pem b/tests/data_files/crl.pem new file mode 100644 index 000000000..2bd10968e --- /dev/null +++ b/tests/data_files/crl.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 +OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL +dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz +//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U +yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q +NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 +5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +-----END X509 CRL----- diff --git a/tests/data_files/crl_cat_ec-rsa.pem b/tests/data_files/crl_cat_ec-rsa.pem new file mode 100644 index 000000000..3cda8ff03 --- /dev/null +++ b/tests/data_files/crl_cat_ec-rsa.pem @@ -0,0 +1,21 @@ +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 +OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL +dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz +//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U +yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q +NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 +5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +-----END X509 CRL----- diff --git a/tests/data_files/crl_cat_ecfut-rsa.pem b/tests/data_files/crl_cat_ecfut-rsa.pem new file mode 100644 index 000000000..87b8c2944 --- /dev/null +++ b/tests/data_files/crl_cat_ecfut-rsa.pem @@ -0,0 +1,22 @@ +-----BEGIN X509 CRL----- +MIIBgzCCAQoCAQEwCQYHKoZIzj0EATA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTMyMDMxMDEx +MDUxNVoXDTQyMDMwODExMDUxNVowKDASAgEKFw0xMzA5MjQxNjI4MzhaMBICARYX +DTE0MDEyMDEzNDMwNVqgcjBwMG4GA1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb ++zZ8oUKkQDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNV +BAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gA +MGUCMQCmsvNsOQdbGpmzpeZlKU9lDP6yyWenrI/89swZYogE3cSPob4tOzeYg38i +or91IPgCMD7N/0Qz6Nq2IgBtZORLgsA0ltK+W6AOS+/EIhvGuXV8uguUyYknl4vb ++cE+lWxhCQ== +-----END X509 CRL----- +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 +OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL +dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz +//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U +yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q +NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 +5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +-----END X509 CRL----- diff --git a/tests/data_files/crl_cat_rsa-ec.pem b/tests/data_files/crl_cat_rsa-ec.pem new file mode 100644 index 000000000..ded369d89 --- /dev/null +++ b/tests/data_files/crl_cat_rsa-ec.pem @@ -0,0 +1,21 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 +OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL +dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz +//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U +yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q +NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 +5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +-----END X509 CRL----- +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- diff --git a/tests/data_files/crl_cat_rsabadpem-ec.pem b/tests/data_files/crl_cat_rsabadpem-ec.pem new file mode 100644 index 000000000..a035e1899 --- /dev/null +++ b/tests/data_files/crl_cat_rsabadpem-ec.pem @@ -0,0 +1,21 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 +OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL +dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz +//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U +yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q +NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 +5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU +-----END X509 CRL----- +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- diff --git a/tests/data_files/crl_expired.pem b/tests/data_files/crl_expired.pem new file mode 100644 index 000000000..cf60ae4d7 --- /dev/null +++ b/tests/data_files/crl_expired.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx +OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir +jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct +wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ +SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS +IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k +OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA= +-----END X509 CRL----- diff --git a/tests/data_files/crl_md2.pem b/tests/data_files/crl_md2.pem new file mode 100644 index 000000000..e27379564 --- /dev/null +++ b/tests/data_files/crl_md2.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTA5MDcxOTE5NTYz +N1oXDTA5MDkxNzE5NTYzN1owKDASAgEBFw0wOTAyMDkyMTEyMzZaMBICAQMXDTA5 +MDIwOTIxMTIzNlowDQYJKoZIhvcNAQECBQADggEBAF8F5y82zgtxcwQ4aFvrkanT +ygyd5+RW/Y//vpck44V+CYx1d1r+QkauaXel9qUKBPsg2dUwQ+jwV/m+Sp2MHaX5 +NfW7XUb7Ji4yhwgh9/9vFPqqnKBf9esLJuJoQ4mLhcGB5J1yCcavLrynvB4PJEnG +graTbbyizelXBmk3ApvNYxczJZxt7EzpVbrFaev7myGmOffdDkIMc2WDpDkyLTlU +kITjB7fMJhD/dgNskKZ4fgkKKKPCMJrJPO67Wzwqx/6vsrZcACB9X+143WZr4GVO +Fw2SaMnqfVLlUEndoOpbLCU4ugcc82kQQF3TsovXJYW7XqoWl2u/ENCwShl9rl4= +-----END X509 CRL----- diff --git a/tests/data_files/crl_md4.pem b/tests/data_files/crl_md4.pem new file mode 100644 index 000000000..1f77dab78 --- /dev/null +++ b/tests/data_files/crl_md4.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEDBQADggEBAIJtYXy3uwIpmSGfi9muS8xv +36FT6g3s1V/xicdPa54juJgBI6sxHKzQtbSNIbqadEWwUtvQ8k1EMRo9UGObhRV8 +i+UWm5qi0GFV7nMi4E2p2Ji/sFKtgdxkzhCfn+p3MoGgx/nC7YtwpnNdF+kuCV1M +JTPqfm+taZkYADOafP/hRaPx3TI+HNE3ux4Cb7hNpWdfWzt48ZPMuhCMzItLd/UK +xxjJam9XAGUTKi7+eWtma9XzmYOIElQv2KFPVMcx5nvg039rrWK6tObGL67kCfTH +v+nIx7rAOW6UNU8aj1kfJHYjEKMBH1I9wjMSHUpkxBLQOKlPNRksiEVsIhmEVss= +-----END X509 CRL----- diff --git a/tests/data_files/crl_md5.pem b/tests/data_files/crl_md5.pem new file mode 100644 index 000000000..1b17967ec --- /dev/null +++ b/tests/data_files/crl_md5.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEEBQADggEBAKKCJZ1MwL+gKAw3RV4qEmb9 +gMDdSLJ1Vdkn9FgDx2ijNnYDtvaW+I3sOXrq7O6gVN1KEamJJbufVJA5+OE2oVbC +husEdgQm8D5TbrGcjPIPWxgYyuuRsl7XovZhXnqTIUrC+J8oH9XzKaMc+HZb5UhR +h8bzcyp+9jbBje7lWwKTzkuvd/I7VbS02TUkWFJTrYB0Laj8WMcgcZiyX0iZuj8j +4hOupu0lPoSzZ4h7t0Vmay6wO+8n8LJohyiwYS7LddpOjIdP0MWifN7u/ArqNNlh +2kg8eAc1pYOU/pJFTAAbOmC/kQpa9skd+PPIPPh9T53o3yeDQA0vFqN92JryCCU= +-----END X509 CRL----- diff --git a/tests/data_files/crl_sha1.pem b/tests/data_files/crl_sha1.pem new file mode 100644 index 000000000..049bebfcf --- /dev/null +++ b/tests/data_files/crl_sha1.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAG64jqn7VLdvnKROsbCPR8w9 +xnox9vjuM2lGWema9sTuptw9EhArVSbibXZ1IPPyrEy1QOq3NukBqUW3KzOzYV5M +BxZSa28FTQxtVChWkDUIMCK8BSxy07yieFf/3A8mbfcW3ZzN4akLxOweuFp6l2H7 +9oa2jeUi1BlHCZS6JYI2pHZl8qiMRiqqMleSM2k1w7TraKLNBFM8UK72brXeZjPi +nNOzdYsQDzWo1HW7dsLWLfZKoJeyqvofVDQpC5dO56kty/do89z1OnEXfzMNeVVT +JCeAOzuu6kdrf+9keRoWhcIoBos/XtTV57u0pgr81bLgjj5PYivevKL/kKbyvKI= +-----END X509 CRL----- diff --git a/tests/data_files/crl_sha224.pem b/tests/data_files/crl_sha224.pem new file mode 100644 index 000000000..066f5be07 --- /dev/null +++ b/tests/data_files/crl_sha224.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEOBQADggEBAL2sIly2OwgBu9UfEImduTG/ +RtGEO8RkXbCRJPLZaVGQh9b8rCRVHL9tIWm372FVkKyYEm3mIrl2ry16RznRt5yx +Dd8/DKUGUlIe1KwzjDc9O7bv1FDSXHd1USmGTheKDHNtuJXYENMHdoyR2k2BVGOZ +ie4zUcSpqyMjBlUjgNmXN6gQIcrRImumVUjMk74+rWTa0hQ0piF2qlRuE1dDqcZP +LkE/92rbnFeRAO91XUeEj13dif2UjlArFWd62AFp0wtIn2sb7wahhUj9/rEs6Wgx +kdiNsRMto6/ixLrPu3vxs80ZPWHey587T1ZZ9bS/wDkp9W+W0rGyRoPVmqiKtvM= +-----END X509 CRL----- diff --git a/tests/data_files/crl_sha256.pem b/tests/data_files/crl_sha256.pem new file mode 100644 index 000000000..c3ca25699 --- /dev/null +++ b/tests/data_files/crl_sha256.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQELBQADggEBAG4mBBgwfNynCYYL2CEnqore +mgKpC32tB6WiUBu9figcvdN3nSX/1wrB8rpiE8R04C8oSFglwhotJCnlWsy42tjb +0pk0Wuizln0PFMc/OypqRNNhwx31SHH42W4KzONiqvq3n/WkH3M1YniR1ZnMlyvi +lJioQn6ZAoc6O6mMP1J9duKYYhiMAOV992PD1/iqXw+jYN31RwdIS8/mGzIs4ake +EdviwhM3E4/sVbNOWCOnZFYV4m+yNAEe29HL1VKw6UXixBczct+brqXNVD3U6T0F +5ovR6BTefZO17eT52Duke5RZGDUyQOGywxOYKI5W+FcOYdp+U5Idk399tAz2Mdw= +-----END X509 CRL----- diff --git a/tests/data_files/crl_sha384.pem b/tests/data_files/crl_sha384.pem new file mode 100644 index 000000000..b3baa2a95 --- /dev/null +++ b/tests/data_files/crl_sha384.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEMBQADggEBAC0GpmRvsrvshp1q/SXk80HA +m28ZvEuys9zY5/AnrtYHQfsX9QRJk5li7PlnzHtVGp8I5Qi4mJVPaJ+JmhqAc/oo +NPmxDx8m9XF9v0XHzqQZIWlPXH8QM9WLzTazbQFXhuwnZ6LPhpo+m8cbN91mUFil +9g+SGkma+VYV+yPRNmKyldcRVvPZUIkhTCMWkZoYrbDXUmkVQpsgz2c5ksIeMI/7 +4Qj9J38I9AOt0DlQ3etFhNc0OMnR7zY8tn9B4dejoNklEZfiyDxsDZVPusZrxnWM +WxuehOGHZf3YESjLMtR7BW26QRHIF/nhGDHsbLiunxXI6eJlbYFoZMfwc6TMqnc= +-----END X509 CRL----- diff --git a/tests/data_files/crl_sha512.pem b/tests/data_files/crl_sha512.pem new file mode 100644 index 000000000..4d712e55d --- /dev/null +++ b/tests/data_files/crl_sha512.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQENBQADggEBAH6GU24hd6d/5PmDusT+h2Kl +e7scmhkZDPU+VJSnzHdEREYTPaoFqyVBuJOE95lZELEqdOauhO3lG2WEQVGcgEcv +4jS2EzR3BYex1c1upqGtdIvIoA9TOLukdy6KeauomiWho2Kd7bSaXHy20jwdkLko +/t3lVhTtBvKbh8XHVYwCaw1aCj3LydwNcS+zPnRgsMVHszFxmMNn5HCRW8lbYwcf +UA98OmxIZs2hpBKRpvlfA5y6sXEx2+tSMg+MJrziGBgG6OR/m+KTaK5Yle9nrC+7 +hzKIe83hpktvfB1CY5Ak4Uke9/1FRqAjs5KCRxYSGQ7ZdS7DgAeGwT3slLbl/tY= +-----END X509 CRL----- diff --git a/tests/data_files/crt_cat_rsaexp-ec.pem b/tests/data_files/crt_cat_rsaexp-ec.pem new file mode 100644 index 000000000..4f74c9ac2 --- /dev/null +++ b/tests/data_files/crt_cat_rsaexp-ec.pem @@ -0,0 +1,21 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx +OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir +jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct +wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ +SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS +IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k +OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA= +-----END X509 CRL----- +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- diff --git a/tests/data_files/dh.1000.pem b/tests/data_files/dh.1000.pem new file mode 100644 index 000000000..172f19fb4 --- /dev/null +++ b/tests/data_files/dh.1000.pem @@ -0,0 +1,34 @@ + +Recommended key length: 160 bits + +generator: + 23:84:3c:0d:55:8c:b9:7d:a9:d5:9a:80:82:fb:50: + 89:29:71:8e:8e:a1:29:2e:df:db:01:34:41:e7:66: + fa:60:dc:bc:34:83:45:70:e0:61:e9:a6:25:23:c2: + 77:33:a9:8a:90:94:21:ff:84:d2:7b:36:39:9b:e5: + f0:88:2b:35:98:64:28:58:27:be:fa:bf:e3:60:cc: + c4:61:60:59:78:a7:e1:a3:b3:a7:3e:7e:5b:a8:d7: + b7:ba:25:0e:b1:9e:79:03:b5:83:ba:43:34:b6:c1: + ce:45:66:72:07:64:8a:af:14:d8:ae:18:19:ba:25: + a6:d9:36:f8:8c: + +prime: + 9e:a4:a8:c4:29:fe:76:18:02:4f:76:c9:29:0e:f2: + ba:0d:92:08:9d:d9:b3:28:41:5d:88:4e:fe:3c:ae: + c1:d4:3e:7e:fb:d8:2c:bf:7b:63:70:99:9e:c4:ac: + d0:1e:7c:4e:22:07:d2:b5:f9:9a:9e:52:e2:97:9d: + c3:cb:0d:66:33:75:95:a7:96:6e:69:ec:16:bd:06: + 4a:1a:dc:b2:d4:29:23:ab:2e:8f:7f:6a:84:1d:82: + 23:6e:42:8c:1e:70:3d:21:bb:b9:b9:8f:f9:fd:9c: + 53:08:e4:e8:5a:04:ca:5f:8f:73:55:ac:e1:41:20: + c7:43:fa:8f:99: + + +-----BEGIN DH PARAMETERS----- +MIIBAwJ+AJ6kqMQp/nYYAk92ySkO8roNkgid2bMoQV2ITv48rsHUPn772Cy/e2Nw +mZ7ErNAefE4iB9K1+ZqeUuKXncPLDWYzdZWnlm5p7Ba9Bkoa3LLUKSOrLo9/aoQd +giNuQowecD0hu7m5j/n9nFMI5OhaBMpfj3NVrOFBIMdD+o+ZAn0jhDwNVYy5fanV +moCC+1CJKXGOjqEpLt/bATRB52b6YNy8NINFcOBh6aYlI8J3M6mKkJQh/4TSezY5 +m+XwiCs1mGQoWCe++r/jYMzEYWBZeKfho7OnPn5bqNe3uiUOsZ55A7WDukM0tsHO +RWZyB2SKrxTYrhgZuiWm2Tb4jAICAKA= +-----END DH PARAMETERS----- diff --git a/tests/data_files/dir-maxpath/00.crt b/tests/data_files/dir-maxpath/00.crt new file mode 100644 index 000000000..c806648ac --- /dev/null +++ b/tests/data_files/dir-maxpath/00.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/00.key b/tests/data_files/dir-maxpath/00.key new file mode 100644 index 000000000..b4d33156a --- /dev/null +++ b/tests/data_files/dir-maxpath/00.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIARPaEIfROHkE9Y0ZgHh7Mc3ZU6LR9lCOIw1ksYTHp5EoAoGCCqGSM49 +AwEHoUQDQgAEVbjX+oDAA+nL5PF1zs8qbNmyr0I+K6MpTi+kXV6RecbHYc/jbRCh +vAFVVaGTNGYvB1ugfaPrl1wIqNDua/93Eg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/01.crt b/tests/data_files/dir-maxpath/01.crt new file mode 100644 index 000000000..0e9107a72 --- /dev/null +++ b/tests/data_files/dir-maxpath/01.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/01.key b/tests/data_files/dir-maxpath/01.key new file mode 100644 index 000000000..7dd064311 --- /dev/null +++ b/tests/data_files/dir-maxpath/01.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINSnxPqUNMba8F2KWNxU88heSs7vgas5BOzjRwQsQe6IoAoGCCqGSM49 +AwEHoUQDQgAEM55/cxx8CxjvFUeFvVe7zJcQnaKI8xDol+WOibT7RTs/Ournh2Os +6DdP5ieg56p0l4pSSFFHlunhn6ppGu58ZA== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/02.crt b/tests/data_files/dir-maxpath/02.crt new file mode 100644 index 000000000..387b064da --- /dev/null +++ b/tests/data_files/dir-maxpath/02.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/02.key b/tests/data_files/dir-maxpath/02.key new file mode 100644 index 000000000..b5ac513f2 --- /dev/null +++ b/tests/data_files/dir-maxpath/02.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIPW9zE8cjiZ8w17jTAebb4xAmEg6heEEnEaG4lGCd38joAoGCCqGSM49 +AwEHoUQDQgAEFh6b9YupX8LzTzj+ZGuktJ+eRL86GmCuqW01z+sjDlv+F2UjyseW +aKuBTHtHCsxiCBS9a849VdnM2Afqry4cog== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/03.crt b/tests/data_files/dir-maxpath/03.crt new file mode 100644 index 000000000..7d90a5e0f --- /dev/null +++ b/tests/data_files/dir-maxpath/03.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/03.key b/tests/data_files/dir-maxpath/03.key new file mode 100644 index 000000000..2bfa48387 --- /dev/null +++ b/tests/data_files/dir-maxpath/03.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIBx2xwapGbHTy79IbpJkc/w9LJXPKNG7gGRLPOGPQFI6oAoGCCqGSM49 +AwEHoUQDQgAEEQ1wzSItaXq3rnYasGti7JV4LMZwetx7ucuZYPtVj67iGD8w/x6N +AD73lXcxS1Y4tffmxOPrRT2C9UqbDdVn1g== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/04.crt b/tests/data_files/dir-maxpath/04.crt new file mode 100644 index 000000000..1ddcf691a --- /dev/null +++ b/tests/data_files/dir-maxpath/04.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/04.key b/tests/data_files/dir-maxpath/04.key new file mode 100644 index 000000000..e836bbf05 --- /dev/null +++ b/tests/data_files/dir-maxpath/04.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIDQvTm0wfEAKoymv8ePBv7cRxrnM4g6LREnSll5ghQsXoAoGCCqGSM49 +AwEHoUQDQgAEFFw4HFFTU/YaL22RORy+q4zm+wuecBLlik4VfwnGeK1q18e1Vx2H +Q/0d2gwOyUr2KZtrE6JOIrG5Q84WTPxgzQ== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/05.crt b/tests/data_files/dir-maxpath/05.crt new file mode 100644 index 000000000..19de3a394 --- /dev/null +++ b/tests/data_files/dir-maxpath/05.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/05.key b/tests/data_files/dir-maxpath/05.key new file mode 100644 index 000000000..7f3095e8a --- /dev/null +++ b/tests/data_files/dir-maxpath/05.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIP3MTs0m9ssAAXQ94O6GYC3pckfpMUxQiPTG8hQYgA0WoAoGCCqGSM49 +AwEHoUQDQgAEBHU9DhX+RlHK4F9l5ZQsicz/eDWeOuBrIAeqbDS7A3i/o+wFPqCc +u1S71v5R4dzg4JdPGfW4aixQZjY5x25vEA== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/06.crt b/tests/data_files/dir-maxpath/06.crt new file mode 100644 index 000000000..36f99d2c0 --- /dev/null +++ b/tests/data_files/dir-maxpath/06.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/06.key b/tests/data_files/dir-maxpath/06.key new file mode 100644 index 000000000..5b0bce243 --- /dev/null +++ b/tests/data_files/dir-maxpath/06.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIESUhQgXWd8cVQnitNEpOD2JNMqH9ug/wYaY1xW3SaSGoAoGCCqGSM49 +AwEHoUQDQgAEgPalqAFB655/t5Mcja4zyZPNlgy4plttUTedbsaaG2nb/GIBhA0X +T/jpPrkakElLAOmV3xd4hq9ho30N8DAx/A== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/07.crt b/tests/data_files/dir-maxpath/07.crt new file mode 100644 index 000000000..5bb57f84d --- /dev/null +++ b/tests/data_files/dir-maxpath/07.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/07.key b/tests/data_files/dir-maxpath/07.key new file mode 100644 index 000000000..3f20131cc --- /dev/null +++ b/tests/data_files/dir-maxpath/07.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIEi1oKInPLbiINj8OxdActVTgI+YQVSefdQfCu1ihbLRoAoGCCqGSM49 +AwEHoUQDQgAEjTo+HeDBAO6f95ooo6huE6BOKKSjwJvtwUyBqyU2E9ePvk0olCAp +dAEl4/sXlHCzCGl0zdONrC7B8aUoc0Gi9A== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/08.crt b/tests/data_files/dir-maxpath/08.crt new file mode 100644 index 000000000..bf1f33e3f --- /dev/null +++ b/tests/data_files/dir-maxpath/08.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/08.key b/tests/data_files/dir-maxpath/08.key new file mode 100644 index 000000000..d1ee9c544 --- /dev/null +++ b/tests/data_files/dir-maxpath/08.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIC8M2G7XcqeagYgt8SZJbuTh4tYchGvX3yDZJKTuBgFUoAoGCCqGSM49 +AwEHoUQDQgAEaUHkP2BkI55e0s6OlkrSdbu8bp0y+YwZFx/GgFUptKol+AA/+2D8 +WuRJxs2XS059ub0FZ30ABqTMfD9ZWIhmAg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/09.crt b/tests/data_files/dir-maxpath/09.crt new file mode 100644 index 000000000..8f67e5419 --- /dev/null +++ b/tests/data_files/dir-maxpath/09.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/09.key b/tests/data_files/dir-maxpath/09.key new file mode 100644 index 000000000..fe6a06f8c --- /dev/null +++ b/tests/data_files/dir-maxpath/09.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIKkdxegP5yN840sBDxIPpiMftZss14uLaH7zoxOqrePDoAoGCCqGSM49 +AwEHoUQDQgAEe2QdevrehLH2oRsilBiVuZns5M43WmL3OJWyWijUcBUX3Nxf35jT +krFBUoPxdDfr1BPnaCojwvMEcC875uLPuQ== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/10.crt b/tests/data_files/dir-maxpath/10.crt new file mode 100644 index 000000000..72e699afb --- /dev/null +++ b/tests/data_files/dir-maxpath/10.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/10.key b/tests/data_files/dir-maxpath/10.key new file mode 100644 index 000000000..c5558f57c --- /dev/null +++ b/tests/data_files/dir-maxpath/10.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIPuPPMxo5e2doI7YfDp60qmEn4YwYs2sb5QlOpFQ3BIJoAoGCCqGSM49 +AwEHoUQDQgAEeo5RimyXeYYg8Te/PYJDnMKchyPcEcAqwAwDsDpDHjwT0ZcBnZu5 +sO2fxAJrtus0Zv4XMq7ODKpNi2mw4zyPVw== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/11.crt b/tests/data_files/dir-maxpath/11.crt new file mode 100644 index 000000000..e09e49ff0 --- /dev/null +++ b/tests/data_files/dir-maxpath/11.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/11.key b/tests/data_files/dir-maxpath/11.key new file mode 100644 index 000000000..b34bf8c9d --- /dev/null +++ b/tests/data_files/dir-maxpath/11.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIHaMieH2/wn6lnsFUGzww43ymhN16Z0nhG5TyvNeY8U2oAoGCCqGSM49 +AwEHoUQDQgAE2cEfliujQRf+64hXTet3PIY2HXWUUeJa81TT8IgUMZ58cKT8qw/Q +Omjz5i3OkqhjiVuGRlQnKCAc3vUSVXogfQ== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/12.crt b/tests/data_files/dir-maxpath/12.crt new file mode 100644 index 000000000..91ef9b03a --- /dev/null +++ b/tests/data_files/dir-maxpath/12.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/12.key b/tests/data_files/dir-maxpath/12.key new file mode 100644 index 000000000..906bdc677 --- /dev/null +++ b/tests/data_files/dir-maxpath/12.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIAzhAcc1Yb2u4bsQDaYeRaRW8kJ/HzFTTfINV1k+TxZ/oAoGCCqGSM49 +AwEHoUQDQgAEwxPSz5Sz3IGd29AXIUfwJITRD/RwGr8GGnSSMs6D6OXnQlZ26EB+ +/Oo7GcGTWaAtIBwwIQphnCH0XpyEgKFbjw== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/13.crt b/tests/data_files/dir-maxpath/13.crt new file mode 100644 index 000000000..c23c1659d --- /dev/null +++ b/tests/data_files/dir-maxpath/13.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/13.key b/tests/data_files/dir-maxpath/13.key new file mode 100644 index 000000000..c8a04ef42 --- /dev/null +++ b/tests/data_files/dir-maxpath/13.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIKb966FXMh8cFQt3sVpmcrh2/3yaGiLMwz+/XGKGMJ+2oAoGCCqGSM49 +AwEHoUQDQgAE65MwiS854ZYZ7L9UVwfZH3mg/nCK7j0NHCLQQxqXbw/MWwVb0HIu +PkRtkVVAklkYZBWI0rFEjNEBzEJwRZYcNg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/14.crt b/tests/data_files/dir-maxpath/14.crt new file mode 100644 index 000000000..5ca323c40 --- /dev/null +++ b/tests/data_files/dir-maxpath/14.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/14.key b/tests/data_files/dir-maxpath/14.key new file mode 100644 index 000000000..a526a1851 --- /dev/null +++ b/tests/data_files/dir-maxpath/14.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIKEycJNLyYJ5JgECpCuZiFeXZIMC+XsMEKoMhRTx6xD+oAoGCCqGSM49 +AwEHoUQDQgAE0TGTdER8z3aJzZmbqvVz4c70Odk2qJMU9/aqULZRcr1LhBiqy6Db +3XKQEWgNKxqbrekSwEDlVIjVZSdyKY+/PQ== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/15.crt b/tests/data_files/dir-maxpath/15.crt new file mode 100644 index 000000000..bef923a48 --- /dev/null +++ b/tests/data_files/dir-maxpath/15.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/15.key b/tests/data_files/dir-maxpath/15.key new file mode 100644 index 000000000..1d9390837 --- /dev/null +++ b/tests/data_files/dir-maxpath/15.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIL1c0zvh4Fx8aylrlHsOsK5Pcam7BWVHM2lDxGO26QIUoAoGCCqGSM49 +AwEHoUQDQgAEJSlIjKErLP4bE2rHnanQdgQjhiYU7dIYFBnlJ1jWdbLzuMp9BpBR +2dPPvn5djCqo6Y/lV6tCUhRchlDoJoItxw== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/16.crt b/tests/data_files/dir-maxpath/16.crt new file mode 100644 index 000000000..d9d998de2 --- /dev/null +++ b/tests/data_files/dir-maxpath/16.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN +kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 +buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX +BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh +FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/16.key b/tests/data_files/dir-maxpath/16.key new file mode 100644 index 000000000..70492de2f --- /dev/null +++ b/tests/data_files/dir-maxpath/16.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIM0YCnGkEG/TjBxrytP9Ztslm1yoQaWptBxegRzzBRDVoAoGCCqGSM49 +AwEHoUQDQgAEO1bKeyZgzZID4f/s5iD5He6NMaLf1jzBZ97gLBrbFN/OTBdH5oXx +S4UW2x/YeCY2B4/MtLKVN27lF4X7bwGVWw== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/17.crt b/tests/data_files/dir-maxpath/17.crt new file mode 100644 index 000000000..1ee78492c --- /dev/null +++ b/tests/data_files/dir-maxpath/17.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m +D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 +nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX +BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z +ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/17.key b/tests/data_files/dir-maxpath/17.key new file mode 100644 index 000000000..eee33e8c1 --- /dev/null +++ b/tests/data_files/dir-maxpath/17.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIAiUS1dM3qrcOun8PjKe+rw40L2HG/Y8Dfxl0AfzyIVeoAoGCCqGSM49 +AwEHoUQDQgAEayEqtszvZg9vWAixweehXVP0SDbUYX3i7TPruaNx2gJ6KctEvfEc +7hBhC46c6/GSOpJDDGbI/JxWUBfB37hNIA== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/18.crt b/tests/data_files/dir-maxpath/18.crt new file mode 100644 index 000000000..afd682eb8 --- /dev/null +++ b/tests/data_files/dir-maxpath/18.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf +bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR +hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX +BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi +oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/18.key b/tests/data_files/dir-maxpath/18.key new file mode 100644 index 000000000..4591d032a --- /dev/null +++ b/tests/data_files/dir-maxpath/18.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIJETLWqIZtnejCGzESDgMnknxqEx5evMGZfzBVPKMwKKoAoGCCqGSM49 +AwEHoUQDQgAErHPyZDXGH2zIKTn6y+ZCjhsTiWhkukkCHjTt91HgaU6HtW1NmnDe +udsY73BqNHyRLcYNn3Dx0YU5xjAQ9btTdg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/19.crt b/tests/data_files/dir-maxpath/19.crt new file mode 100644 index 000000000..a2220e5ca --- /dev/null +++ b/tests/data_files/dir-maxpath/19.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJyRCHND78 +KxZHoHHdOTjPuD6HjHPnEKX8apblUpETDJuLW7YR3V8Q0dTac+JHiR6e2l4DlDbf +5bTiyFoAzw9yo4GJMIGGMB0GA1UdDgQWBBRQMc94kTqW+zQO3lo2WMI/81k3czBX +BgNVHSMEUDBOgBSDbIpYntlhJ0GgIsyd75XRhlC18qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIzGOZqJRmvygzvLm8zxZFyoNpcT7e26H +nZd5xFIzEakCIHGYcUXzt+owSVlLmrlW8gQcB81ErQbxuBTAsvpaaKSS +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/19.key b/tests/data_files/dir-maxpath/19.key new file mode 100644 index 000000000..bb6562b3f --- /dev/null +++ b/tests/data_files/dir-maxpath/19.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIDJyHSKbXEZVfkNftQF4eHeJVuXhGdaboa7w4RejL5uYoAoGCCqGSM49 +AwEHoUQDQgAECckQhzQ+/CsWR6Bx3Tk4z7g+h4xz5xCl/GqW5VKREwybi1u2Ed1f +ENHU2nPiR4kentpeA5Q23+W04shaAM8Pcg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/20.crt b/tests/data_files/dir-maxpath/20.crt new file mode 100644 index 000000000..c82a5276a --- /dev/null +++ b/tests/data_files/dir-maxpath/20.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGebrN8JxE +heOdCxD+mhnQ4zMUxF1WUkmAAHIUw089BYiH9SAwYS/M5tnl+R8fbjvoGqSpR6Tk +V9EU3CQyIoxwo4GJMIGGMB0GA1UdDgQWBBTZs6oChL1c2CSZXY2YFQkkqg+lzDBX +BgNVHSMEUDBOgBRQMc94kTqW+zQO3lo2WMI/81k3c6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgRVGZReXKvdMHhwLbPvbrTVLeAGDqmqMH +/WqD4u23QBgCID/QtFaiawjviNFEdtU7JK6v4ZY0PQ0a0+HLZIHLi9ah +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/20.key b/tests/data_files/dir-maxpath/20.key new file mode 100644 index 000000000..2ec68ded2 --- /dev/null +++ b/tests/data_files/dir-maxpath/20.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIJHLciDhJcnlE5MhTrOfFlnRbpJQLOf4h72E6VDXxMM0oAoGCCqGSM49 +AwEHoUQDQgAExnm6zfCcRIXjnQsQ/poZ0OMzFMRdVlJJgAByFMNPPQWIh/UgMGEv +zObZ5fkfH2476BqkqUek5FfRFNwkMiKMcA== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/dir-maxpath/Readme.txt b/tests/data_files/dir-maxpath/Readme.txt new file mode 100644 index 000000000..606ec6cc2 --- /dev/null +++ b/tests/data_files/dir-maxpath/Readme.txt @@ -0,0 +1,10 @@ +These certificates form a very long chain, used to test the +MBEDTLS_X509_MAX_INT_CA limit. + +NN.key is the private key of certificate NN.crt. + +The root is 00.crt and N+1.crt is a child of N.crt. + +File cNN.pem contains the chain NN.crt to 00.crt. + +Those certificates were generated by tests/data_files/dir-maxpath/long.sh. diff --git a/tests/data_files/dir-maxpath/c00.pem b/tests/data_files/dir-maxpath/c00.pem new file mode 100644 index 000000000..c806648ac --- /dev/null +++ b/tests/data_files/dir-maxpath/c00.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c01.pem b/tests/data_files/dir-maxpath/c01.pem new file mode 100644 index 000000000..302fcbd02 --- /dev/null +++ b/tests/data_files/dir-maxpath/c01.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c02.pem b/tests/data_files/dir-maxpath/c02.pem new file mode 100644 index 000000000..77c251900 --- /dev/null +++ b/tests/data_files/dir-maxpath/c02.pem @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c03.pem b/tests/data_files/dir-maxpath/c03.pem new file mode 100644 index 000000000..d6c1a21b3 --- /dev/null +++ b/tests/data_files/dir-maxpath/c03.pem @@ -0,0 +1,48 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c04.pem b/tests/data_files/dir-maxpath/c04.pem new file mode 100644 index 000000000..613d7d85a --- /dev/null +++ b/tests/data_files/dir-maxpath/c04.pem @@ -0,0 +1,60 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c05.pem b/tests/data_files/dir-maxpath/c05.pem new file mode 100644 index 000000000..800904977 --- /dev/null +++ b/tests/data_files/dir-maxpath/c05.pem @@ -0,0 +1,72 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c06.pem b/tests/data_files/dir-maxpath/c06.pem new file mode 100644 index 000000000..e0fbf13df --- /dev/null +++ b/tests/data_files/dir-maxpath/c06.pem @@ -0,0 +1,84 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c07.pem b/tests/data_files/dir-maxpath/c07.pem new file mode 100644 index 000000000..c960d19cb --- /dev/null +++ b/tests/data_files/dir-maxpath/c07.pem @@ -0,0 +1,96 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c08.pem b/tests/data_files/dir-maxpath/c08.pem new file mode 100644 index 000000000..78c2c4a6d --- /dev/null +++ b/tests/data_files/dir-maxpath/c08.pem @@ -0,0 +1,108 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c09.pem b/tests/data_files/dir-maxpath/c09.pem new file mode 100644 index 000000000..269f4e3c7 --- /dev/null +++ b/tests/data_files/dir-maxpath/c09.pem @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c10.pem b/tests/data_files/dir-maxpath/c10.pem new file mode 100644 index 000000000..e29330479 --- /dev/null +++ b/tests/data_files/dir-maxpath/c10.pem @@ -0,0 +1,132 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c11.pem b/tests/data_files/dir-maxpath/c11.pem new file mode 100644 index 000000000..56cbcbf1e --- /dev/null +++ b/tests/data_files/dir-maxpath/c11.pem @@ -0,0 +1,144 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c12.pem b/tests/data_files/dir-maxpath/c12.pem new file mode 100644 index 000000000..77c8f3f8a --- /dev/null +++ b/tests/data_files/dir-maxpath/c12.pem @@ -0,0 +1,156 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c13.pem b/tests/data_files/dir-maxpath/c13.pem new file mode 100644 index 000000000..d5039ba45 --- /dev/null +++ b/tests/data_files/dir-maxpath/c13.pem @@ -0,0 +1,168 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c14.pem b/tests/data_files/dir-maxpath/c14.pem new file mode 100644 index 000000000..c6eca72e4 --- /dev/null +++ b/tests/data_files/dir-maxpath/c14.pem @@ -0,0 +1,180 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c15.pem b/tests/data_files/dir-maxpath/c15.pem new file mode 100644 index 000000000..220420d7d --- /dev/null +++ b/tests/data_files/dir-maxpath/c15.pem @@ -0,0 +1,192 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c16.pem b/tests/data_files/dir-maxpath/c16.pem new file mode 100644 index 000000000..041a83b45 --- /dev/null +++ b/tests/data_files/dir-maxpath/c16.pem @@ -0,0 +1,204 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN +kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 +buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX +BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh +FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c17.pem b/tests/data_files/dir-maxpath/c17.pem new file mode 100644 index 000000000..5bdbafd28 --- /dev/null +++ b/tests/data_files/dir-maxpath/c17.pem @@ -0,0 +1,216 @@ +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m +D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 +nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX +BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z +ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN +kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 +buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX +BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh +FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c18.pem b/tests/data_files/dir-maxpath/c18.pem new file mode 100644 index 000000000..d86318952 --- /dev/null +++ b/tests/data_files/dir-maxpath/c18.pem @@ -0,0 +1,228 @@ +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf +bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR +hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX +BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi +oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m +D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 +nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX +BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z +ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN +kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 +buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX +BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh +FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c19.pem b/tests/data_files/dir-maxpath/c19.pem new file mode 100644 index 000000000..b1e24e42f --- /dev/null +++ b/tests/data_files/dir-maxpath/c19.pem @@ -0,0 +1,240 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJyRCHND78 +KxZHoHHdOTjPuD6HjHPnEKX8apblUpETDJuLW7YR3V8Q0dTac+JHiR6e2l4DlDbf +5bTiyFoAzw9yo4GJMIGGMB0GA1UdDgQWBBRQMc94kTqW+zQO3lo2WMI/81k3czBX +BgNVHSMEUDBOgBSDbIpYntlhJ0GgIsyd75XRhlC18qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIzGOZqJRmvygzvLm8zxZFyoNpcT7e26H +nZd5xFIzEakCIHGYcUXzt+owSVlLmrlW8gQcB81ErQbxuBTAsvpaaKSS +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf +bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR +hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX +BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi +oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m +D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 +nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX +BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z +ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN +kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 +buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX +BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh +FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/c20.pem b/tests/data_files/dir-maxpath/c20.pem new file mode 100644 index 000000000..ff9747203 --- /dev/null +++ b/tests/data_files/dir-maxpath/c20.pem @@ -0,0 +1,252 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATGebrN8JxE +heOdCxD+mhnQ4zMUxF1WUkmAAHIUw089BYiH9SAwYS/M5tnl+R8fbjvoGqSpR6Tk +V9EU3CQyIoxwo4GJMIGGMB0GA1UdDgQWBBTZs6oChL1c2CSZXY2YFQkkqg+lzDBX +BgNVHSMEUDBOgBRQMc94kTqW+zQO3lo2WMI/81k3c6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgRVGZReXKvdMHhwLbPvbrTVLeAGDqmqMH +/WqD4u23QBgCID/QtFaiawjviNFEdtU7JK6v4ZY0PQ0a0+HLZIHLi9ah +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJyRCHND78 +KxZHoHHdOTjPuD6HjHPnEKX8apblUpETDJuLW7YR3V8Q0dTac+JHiR6e2l4DlDbf +5bTiyFoAzw9yo4GJMIGGMB0GA1UdDgQWBBRQMc94kTqW+zQO3lo2WMI/81k3czBX +BgNVHSMEUDBOgBSDbIpYntlhJ0GgIsyd75XRhlC18qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIzGOZqJRmvygzvLm8zxZFyoNpcT7e26H +nZd5xFIzEakCIHGYcUXzt+owSVlLmrlW8gQcB81ErQbxuBTAsvpaaKSS +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTcwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsc/JkNcYf +bMgpOfrL5kKOGxOJaGS6SQIeNO33UeBpToe1bU2acN652xjvcGo0fJEtxg2fcPHR +hTnGMBD1u1N2o4GJMIGGMB0GA1UdDgQWBBSDbIpYntlhJ0GgIsyd75XRhlC18jBX +BgNVHSMEUDBOgBSnjWvpWxZcFnfQ2KGtCg/u6fT/D6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAJo2NXfJU1sK6SVTu4OV21FKITlXntMi +oenYMsBjzO8oAiEAidSELcLjjAHi3mfBARvCgKlRhmbNEMCHQT7Ha7ZQoRw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTYwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARrISq2zO9m +D29YCLHB56FdU/RINtRhfeLtM+u5o3HaAnopy0S98RzuEGELjpzr8ZI6kkMMZsj8 +nFZQF8HfuE0go4GJMIGGMB0GA1UdDgQWBBSnjWvpWxZcFnfQ2KGtCg/u6fT/DzBX +BgNVHSMEUDBOgBRTw3K0Psy3u/6+3KKSoaQqJnPvPqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgDgXjoc6FfMF5W0NziV6vx2BOPNWav01Z +ynEP4h9ULnUCIQC1rU4sEId3UdjzTKhpSGTKtaOuPG+b0YdEMPimI4jmVw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTUwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ7Vsp7JmDN +kgPh/+zmIPkd7o0xot/WPMFn3uAsGtsU385MF0fmhfFLhRbbH9h4JjYHj8y0spU3 +buUXhftvAZVbo4GJMIGGMB0GA1UdDgQWBBRTw3K0Psy3u/6+3KKSoaQqJnPvPjBX +BgNVHSMEUDBOgBR1mXlrdW5rx1VnqMMnUBXo0WWGWqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTE0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMJnGjE9v3SjuGfi0jNByrwyNfhlTHMh +FhPQidNrDpXwAiEAqYtNiV8t9RrAa9GC6FWDuJpvIiU6FsE+lFq6uIq/J2E= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTQwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQlKUiMoSss +/hsTasedqdB2BCOGJhTt0hgUGeUnWNZ1svO4yn0GkFHZ08++fl2MKqjpj+VXq0JS +FFyGUOgmgi3Ho4GJMIGGMB0GA1UdDgQWBBR1mXlrdW5rx1VnqMMnUBXo0WWGWjBX +BgNVHSMEUDBOgBRNsJB++ccSBmbCCKBxi4CjXROBk6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKYOIo+fdCQRqpH4LN8qUK1aKzKmWGxS +fGzEEkg/29bMAiAl95cmucoCDMq2Ab8Coc0dEqyJ6+rAPMLBCbGawyiW6A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTMwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATRMZN0RHzP +donNmZuq9XPhzvQ52TaokxT39qpQtlFyvUuEGKrLoNvdcpARaA0rGput6RLAQOVU +iNVlJ3Ipj789o4GJMIGGMB0GA1UdDgQWBBRNsJB++ccSBmbCCKBxi4CjXROBkzBX +BgNVHSMEUDBOgBTmVnUSF2MYwws/nCMv7b1wJVkDmqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgVfuLpjp08AaxKWf6cuZUUCRd7CojSS1I +71hzeUyFS+sCIQDNJI6P/pBbiHgTaGlBAgfcEfmxmbY0n4xZndtxIkmyVA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTIwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATrkzCJLznh +lhnsv1RXB9kfeaD+cIruPQ0cItBDGpdvD8xbBVvQci4+RG2RVUCSWRhkFYjSsUSM +0QHMQnBFlhw2o4GJMIGGMB0GA1UdDgQWBBTmVnUSF2MYwws/nCMv7b1wJVkDmjBX +BgNVHSMEUDBOgBTZTtbi+j0Sm/Zs/+gTkWdASpQzfqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTExggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgWsm+rHJgwUEyNm8EKbEds5yurpp5/3y5 +PsvXJVDqxogCIQDUP0Jcl3A907CE2tPVXSgD6LQ6CPu19mixemPw60yijA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTEwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATDE9LPlLPc +gZ3b0BchR/AkhNEP9HAavwYadJIyzoPo5edCVnboQH786jsZwZNZoC0gHDAhCmGc +IfRenISAoVuPo4GJMIGGMB0GA1UdDgQWBBTZTtbi+j0Sm/Zs/+gTkWdASpQzfjBX +BgNVHSMEUDBOgBSOSt6ePyMRT6PGMaIi7FqNX9MKtKEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTEwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYYF5AnRV7eh2hLD5Dz//pceMTKz9Ls46 +E6DxvbfDHikCIFttlGrOCZVyS4ocsjuKIELVUX5qfygI0sn4kU3qCTs2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMTAwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZwR+WK6NB +F/7riFdN63c8hjYddZRR4lrzVNPwiBQxnnxwpPyrD9A6aPPmLc6SqGOJW4ZGVCco +IBze9RJVeiB9o4GJMIGGMB0GA1UdDgQWBBSOSt6ePyMRT6PGMaIi7FqNX9MKtDBX +BgNVHSMEUDBOgBQtxZSLJAkEz+2RKMQexM6EtsfgcqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA5ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgN//NqM0FrkrMjmxoeCY9DgxkH2R6sQ4d +NgtwCZAIqEICIBs4vupaVcuvni9tltbP26wi7c0FR+blZuo5DPIA3SVe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDkwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR6jlGKbJd5 +hiDxN789gkOcwpyHI9wRwCrADAOwOkMePBPRlwGdm7mw7Z/EAmu26zRm/hcyrs4M +qk2LabDjPI9Xo4GJMIGGMB0GA1UdDgQWBBQtxZSLJAkEz+2RKMQexM6EtsfgcjBX +BgNVHSMEUDBOgBT6gyXHzPIPYc1Vr1aGiLLeMh4HpqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA4ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIgP7S8vFstfUBdNe6ym5GYG5Q+aBVEKqRs +fVW7HNUktSYCIQDo6Jua6o/DJbrpq4qYWq5gv4yGyzPTN+3IaKrEICdaaw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDgwHhcNMTcwNjIyMTE1MDMzWhcN +MjcwNjIzMTE1MDMzWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7ZB16+t6E +sfahGyKUGJW5mezkzjdaYvc4lbJaKNRwFRfc3F/fmNOSsUFSg/F0N+vUE+doKiPC +8wRwLzvm4s+5o4GJMIGGMB0GA1UdDgQWBBT6gyXHzPIPYc1Vr1aGiLLeMh4HpjBX +BgNVHSMEUDBOgBS40mLt93U8Sh8ZGiDVAhRSiBPcXqEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA3ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgO4el1ZPhlIli/qNR2SIEiuvs5Mmy868i +N2Rv5X/VxIECIA/8rUALQxW38XSdBVX3e/jzu7ju47n1YwEqD9K9WdVv +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDcwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARpQeQ/YGQj +nl7Szo6WStJ1u7xunTL5jBkXH8aAVSm0qiX4AD/7YPxa5EnGzZdLTn25vQVnfQAG +pMx8P1lYiGYCo4GJMIGGMB0GA1UdDgQWBBS40mLt93U8Sh8ZGiDVAhRSiBPcXjBX +BgNVHSMEUDBOgBREq5J3toJPxZ3O+ssJ5vkkU0RJE6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA2ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANwGf+F4a+kmXWz8UjSpRkaToTV6EFWw +/Tjzj0tQhDoAAiEA19RxeWOVBBpM6LOHg6v5Lf54YN1snkLf+sEXyZCuWQQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDYwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASNOj4d4MEA +7p/3miijqG4ToE4opKPAm+3BTIGrJTYT14++TSiUICl0ASXj+xeUcLMIaXTN042s +LsHxpShzQaL0o4GJMIGGMB0GA1UdDgQWBBREq5J3toJPxZ3O+ssJ5vkkU0RJEzBX +BgNVHSMEUDBOgBSjovYaC/m6Li9Tp0V9iZRs9267Q6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA1ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKGcf+c442c/XiwubbaiQvsoZ7EoVxuM +oKmia0gPyBNkAiEA83asjJ5FDXQuLyZpczviXrbmqgCPOfYadtvkc0cxMis= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDUwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA9qWoAUHr +nn+3kxyNrjPJk82WDLimW21RN51uxpobadv8YgGEDRdP+Ok+uRqQSUsA6ZXfF3iG +r2GjfQ3wMDH8o4GJMIGGMB0GA1UdDgQWBBSjovYaC/m6Li9Tp0V9iZRs9267QzBX +BgNVHSMEUDBOgBTXh06MAV9S4l4lG1TKOrKRBh4qn6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTA0ggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgcjZNFWJtlDmoPZbAxqsGczRYK0lfPgu6 +g1H7pp0ce+wCIDj9BRZM2OB9EF0e+MDKGjyZGfvfrL6Ir47x/KrM6H8T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDQwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEdT0OFf5G +UcrgX2XllCyJzP94NZ464GsgB6psNLsDeL+j7AU+oJy7VLvW/lHh3ODgl08Z9bhq +LFBmNjnHbm8Qo4GJMIGGMB0GA1UdDgQWBBTXh06MAV9S4l4lG1TKOrKRBh4qnzBX +BgNVHSMEUDBOgBQox4F1NsZunlsduoGvzIgRSYfB36EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAzggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAIW++zqDZlLLUk/emePohdNOp5JO3wS9 +XvkBJ6Wua7GBAiAdx+EKmdjVrwnzrQltTgnmSfGMXhKNYifK3uD83W3pcQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDMwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQUXDgcUVNT +9hovbZE5HL6rjOb7C55wEuWKThV/CcZ4rWrXx7VXHYdD/R3aDA7JSvYpm2sTok4i +sblDzhZM/GDNo4GJMIGGMB0GA1UdDgQWBBQox4F1NsZunlsduoGvzIgRSYfB3zBX +BgNVHSMEUDBOgBQApzZdtBdD3dLxouQpr/aDiVttd6EzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAyggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgAkiNhqFAZXSUWEDK91OZvQGdeZOtd6mC ++Wv3fGk3t28CIEKOwidkUTUaiPdZ4efmAr+CEeGzdq27ob2S+nqqHqgV +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB2DCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDIwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQRDXDNIi1p +ereudhqwa2LslXgsxnB63Hu5y5lg+1WPruIYPzD/Ho0APveVdzFLVji19+bE4+tF +PYL1SpsN1WfWo4GJMIGGMB0GA1UdDgQWBBQApzZdtBdD3dLxouQpr/aDiVttdzBX +BgNVHSMEUDBOgBT5RCgQ0AlZTQbfFB2+6+w0XRvydaEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAxggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAOnd+7bAofkHVa4KFNjv3TCegw1lrhuM +8Of8wgvrTEGoAiEAsS8iKMpSfXH4D0egg4gLamE6akde965rDtySU+ve9lg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB1zCCAX2gAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDEwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWHpv1i6lf +wvNPOP5ka6S0n55EvzoaYK6pbTXP6yMOW/4XZSPKx5Zoq4FMe0cKzGIIFL1rzj1V +2czYB+qvLhyio4GJMIGGMB0GA1UdDgQWBBT5RCgQ0AlZTQbfFB2+6+w0XRvydTBX +BgNVHSMEUDBOgBSh3uHkX5nj86yFEFwjscSWM40P+qEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggEBMAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAI7unGW/gr9tOc3i+dF5N815srgh+FrX +oj9Et74EcSpTAiBubv+vOH0DE0gmYI11HeAIgutWqqMIC72dZlwTF/Vi3g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB3jCCAYWgAwIBAgIBATAKBggqhkjOPQQDAjAvMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxDTALBgNVBAMMBENBMDAwHhcNMTcwNjIyMTE1MDMyWhcN +MjcwNjIzMTE1MDMyWjAvMQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMx +DTALBgNVBAMMBENBMDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQznn9zHHwL +GO8VR4W9V7vMlxCdoojzEOiX5Y6JtPtFOz866ueHY6zoN0/mJ6DnqnSXilJIUUeW +6eGfqmka7nxko4GRMIGOMB0GA1UdDgQWBBSh3uHkX5nj86yFEFwjscSWM40P+jBf +BgNVHSMEWDBWgBQlFYvU5WboI4fcdPoiQs8/fPHZraEzpDEwLzELMAkGA1UEBhMC +VUsxETAPBgNVBAoMCG1iZWQgVExTMQ0wCwYDVQQDDARDQTAwggkA/KCWhcqToHAw +DAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiBasbuinP+pJTU4oDCVD8zQ +1rJBDSOKIEyWu84/D6Hj6wIgVMPUoO01bPhzllAa/gW8Xk/daey09SBgN3AT9pWU +TDA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBpTCCAUugAwIBAgIJAPygloXKk6BwMAoGCCqGSM49BAMCMC8xCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzENMAsGA1UEAwwEQ0EwMDAeFw0xNzA2MjIx +MTUwMzJaFw0yNzA2MjMxMTUwMzJaMC8xCzAJBgNVBAYTAlVLMREwDwYDVQQKDAht +YmVkIFRMUzENMAsGA1UEAwwEQ0EwMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA +BFW41/qAwAPpy+Txdc7PKmzZsq9CPiujKU4vpF1ekXnGx2HP420QobwBVVWhkzRm +LwdboH2j65dcCKjQ7mv/dxKjUDBOMB0GA1UdDgQWBBQlFYvU5WboI4fcdPoiQs8/ +fPHZrTAfBgNVHSMEGDAWgBQlFYvU5WboI4fcdPoiQs8/fPHZrTAMBgNVHRMEBTAD +AQH/MAoGCCqGSM49BAMCA0gAMEUCIQC7iRcVzwMyfVK5imirJ7MqJQ04euH4CLOt +IZ+SNfaERAIgSU0MWFDosVEIpg8YMqIHeF7Mg4ZyH6+fGazJgVLttUY= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir-maxpath/int.opensslconf b/tests/data_files/dir-maxpath/int.opensslconf new file mode 100644 index 000000000..df28cab5c --- /dev/null +++ b/tests/data_files/dir-maxpath/int.opensslconf @@ -0,0 +1,4 @@ +[int] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:true diff --git a/tests/data_files/dir-maxpath/long.sh b/tests/data_files/dir-maxpath/long.sh new file mode 100755 index 000000000..22f3bf548 --- /dev/null +++ b/tests/data_files/dir-maxpath/long.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +set -eu + +: ${OPENSSL:=openssl} +NB=20 + +OPT="-days 3653 -sha256" + +# generate self-signed root +$OPENSSL ecparam -name prime256v1 -genkey -out 00.key +$OPENSSL req -new -x509 -subj "/C=UK/O=mbed TLS/CN=CA00" $OPT \ + -key 00.key -out 00.crt + +# cXX.pem is the chain starting at XX +cp 00.crt c00.pem + +# generate long chain +i=1 +while [ $i -le $NB ]; do + UP=$( printf "%02d" $((i-1)) ) + ME=$( printf "%02d" $i ) + + $OPENSSL ecparam -name prime256v1 -genkey -out ${ME}.key + $OPENSSL req -new -subj "/C=UK/O=mbed TLS/CN=CA${ME}" \ + -key ${ME}.key -out ${ME}.csr + $OPENSSL x509 -req -CA ${UP}.crt -CAkey ${UP}.key -set_serial 1 $OPT \ + -extfile int.opensslconf -extensions int \ + -in ${ME}.csr -out ${ME}.crt + + cat ${ME}.crt c${UP}.pem > c${ME}.pem + + rm ${ME}.csr + i=$((i+1)) +done diff --git a/tests/data_files/dir1/test-ca.crt b/tests/data_files/dir1/test-ca.crt new file mode 100644 index 000000000..3c1d14cd2 --- /dev/null +++ b/tests/data_files/dir1/test-ca.crt @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:00 2011 GMT + Not After : Feb 12 14:44:00 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: + 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: + 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: + 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: + e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: + cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: + ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: + 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: + c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: + 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: + e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: + 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: + 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: + 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: + e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: + 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: + ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: + a2:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Key Identifier: + B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA + serial:00 + + Signature Algorithm: sha1WithRSAEncryption + b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: + 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: + 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: + 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: + 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: + 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: + 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: + e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: + e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: + 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: + 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: + 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: + 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: + e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: + f7:e0:e9:54 +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir2/test-ca.crt b/tests/data_files/dir2/test-ca.crt new file mode 100644 index 000000000..3c1d14cd2 --- /dev/null +++ b/tests/data_files/dir2/test-ca.crt @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:00 2011 GMT + Not After : Feb 12 14:44:00 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: + 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: + 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: + 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: + e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: + cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: + ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: + 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: + c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: + 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: + e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: + 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: + 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: + 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: + e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: + 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: + ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: + a2:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Key Identifier: + B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA + serial:00 + + Signature Algorithm: sha1WithRSAEncryption + b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: + 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: + 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: + 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: + 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: + 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: + 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: + e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: + e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: + 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: + 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: + 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: + 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: + e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: + f7:e0:e9:54 +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir2/test-ca2.crt b/tests/data_files/dir2/test-ca2.crt new file mode 100644 index 000000000..d41a420ef --- /dev/null +++ b/tests/data_files/dir2/test-ca2.crt @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT +Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF +QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT +Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF +QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu +ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy +aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g +JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 +t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv +uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir3/Readme b/tests/data_files/dir3/Readme new file mode 100644 index 000000000..189dadc89 --- /dev/null +++ b/tests/data_files/dir3/Readme @@ -0,0 +1 @@ +This is just to make sure files that don't parse as certs are ignored. diff --git a/tests/data_files/dir3/test-ca.crt b/tests/data_files/dir3/test-ca.crt new file mode 100644 index 000000000..3c1d14cd2 --- /dev/null +++ b/tests/data_files/dir3/test-ca.crt @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:00 2011 GMT + Not After : Feb 12 14:44:00 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: + 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: + 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: + 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: + e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: + cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: + ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: + 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: + c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: + 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: + e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: + 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: + 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: + 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: + e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: + 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: + ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: + a2:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Key Identifier: + B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA + serial:00 + + Signature Algorithm: sha1WithRSAEncryption + b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: + 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: + 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: + 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: + 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: + 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: + 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: + e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: + e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: + 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: + 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: + 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: + 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: + e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: + f7:e0:e9:54 +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir3/test-ca2.crt b/tests/data_files/dir3/test-ca2.crt new file mode 100644 index 000000000..d41a420ef --- /dev/null +++ b/tests/data_files/dir3/test-ca2.crt @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT +Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF +QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT +Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF +QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu +ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy +aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g +JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 +t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv +uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/Readme b/tests/data_files/dir4/Readme new file mode 100644 index 000000000..3f1f610b9 --- /dev/null +++ b/tests/data_files/dir4/Readme @@ -0,0 +1,47 @@ +This directory contains the certificates for the tests targeting the enforcement of the policy indicated by the *pathLenConstraint* field. All leaf elements were generated with *is_ca* unset and all roots with the *selfsign=1* option. + +1. zero pathlen constraint on an intermediate CA (invalid) +``` +cert11.crt -> cert12.crt (max_pathlen=0) -> cert13.crt -> cert14.crt +``` + +2. zero pathlen constraint on the root CA (invalid) +``` +cert21.crt (max_pathlen=0) -> cert22.crt -> cert23.crt +``` + +3. nonzero pathlen constraint on the root CA (invalid) +``` +cert31.crt (max_pathlen=1) -> cert32.crt -> cert33.crt -> cert34.crt +``` + +4. nonzero pathlen constraint on an intermediate CA (invalid) +``` +cert41.crt -> cert42.crt (max_pathlen=1) -> cert43.crt -> cert44.crt -> cert45.crt +``` + +5. nonzero pathlen constraint on an intermediate CA with maximum number of elements in the chain (valid) +``` +cert51.crt -> cert52.crt (max_pathlen=1) -> cert53.crt -> cert54.crt +``` + +6. nonzero pathlen constraint on the root CA with maximum number of elements in the chain (valid) +``` +cert61.crt (max_pathlen=1) -> cert62.crt -> cert63.crt +``` + +7. pathlen constraint on the root CA with maximum number of elements and a self signed certificate in the chain (valid) +(This situation happens for example when a root of some hierarchy gets integrated into another hierarchy. In this case the certificates issued before the integration will have an intermadiate self signed certificate in their chain) +``` +cert71.crt (max_pathlen=1) -> cert72.crt -> cert73.crt (self signed) -> cert74.crt -> cert74.crt +``` + +8. zero pathlen constraint on first intermediate CA (valid) +``` +cert81.crt -> cert82.crt (max_pathlen=0) -> cert83.crt +``` + +9. zero pathlen constraint on trusted root (valid) +``` +cert91.crt (max_pathlen=0) -> cert92.crt +``` diff --git a/tests/data_files/dir4/cert11.crt b/tests/data_files/dir4/cert11.crt new file mode 100644 index 000000000..3077c3da4 --- /dev/null +++ b/tests/data_files/dir4/cert11.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +hqLw+KDH8+tkX9hphnydOZFoueGTY5v8WdYI6KZXoIln9IAu4Rmb6M59uLziXurg +VKuwBqOkbUZsIY0NOA6C8FpdjZL1di8Viq669vBBs9c+x9hKpx8/VVcZfTaGgqni +h5XiivQynBQ4E2KOxEQ+VjUMDqIBHYG1VXWs4KMkAeJsqDYHtmS4XsC9TXTIri5S +9IX4mE5A9+ngSTo0/6Sjwcd27uO2IQHXDC7jkxX5OH5jFPAqsVKTYDeWlCU7bvbr +iy1H9Z9uCl+M7unbAl8BKQ8leOnno3KO3lQQAPGP2EFRT0XMuUXJnfydPbzMa9FY +ufB1I8zCBZviPvO/Of3yrwIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW +BBSUHSH6gjrYFZnS1gDvk7BpfwTKwDAfBgNVHSMEGDAWgBSUHSH6gjrYFZnS1gDv +k7BpfwTKwDANBgkqhkiG9w0BAQsFAAOCAQEATLqZGFEBO+2IiHjkn7pBkAuktmHm +jkkuFLONwe0vlxZFaabaFqSgkoS5eZ50D0dmuUkpJRNMnGK1B/ja5RewtAdxD6us +VT8JpeWYkhxaSIHjUW95jJLMVr17it8jHawI05tD26nqDjTq3C2rM4ExpAaK/Dgv +83ZHe4IdvenkXckDMIjmSsK0GfomZmKvmnfxhg4FnQvZGI48JJUqPA2dHxRhUyr4 +ohBmH5Xi5oLICd85GRi8YqD00agKL99EjGulaKNEdsQkrC4ZvY6QDV0EEnbu8b4R +GfiA42UWN2dKNSqNhBOrP9g5yTcIWXh1Dwpd1Z9vhBCwmBegPqqM5IM1dQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert12.crt b/tests/data_files/dir4/cert12.crt new file mode 100644 index 000000000..fd88c2d13 --- /dev/null +++ b/tests/data_files/dir4/cert12.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANJrP7/Y+KjupvlgaOmQYArfGuoh3CzcdPe/mlhq+fxD +8U9qzgSVuVR+FpNZi9DyMljMBrWV1OnZI+cVCDYYkNMa3IkV+AkzJGqwcSBKE+6N +RXZvv+I4xbGymdSSaT6Kh1PgPVk/EYNfLFF30pBsycjM81aMtZgW6aA9xCSp0r8W +XkZodsrJUQerDh/7VmDVEeKanZog8auvrvs/ENiA8d4p/75lOIER4nLz6SSn5Eqy +uXzNCwmT5PVwWStXbDD7EBs3rOtR2VNWQ9o6QdfKQOe/SkIddZr1IWGEJ8JHjtNo +jxcYO67A+Jgp1Jwjk+83eRICs0hlWyeHWfBlbOVIKLcCAwEAAaNTMFEwDwYDVR0T +BAgwBgEBAQIBADAdBgNVHQ4EFgQUyw8Phy/FAvifGQ+G6HWkMiWzyqUwHwYDVR0j +BBgwFoAUlB0h+oI62BWZ0tYA75OwaX8EysAwDQYJKoZIhvcNAQELBQADggEBACFS +6tFy9TpVMUfh1mkr3rFEVtho0NJkRhJW8z2PTmKQa069S9gS+U6+CsqwvM1y3yyh +Pt2q34fhhhbQ+gS8iAm+zvQtBsys3frfVkeKmRzxWDh2LnT+tJi/xtqdlULua5NB +21So46HdlceDTuv2vUbrHgxUS/IEjIL6OZZ0Sc6S6YybvGSioGsRUHO2k2IiOnUa +C+hpBvOkXScnItfdMKAAce71CsZeN97sbxeNIMBDiX9bSy+dZLscEhRwBUABiNr/ +sYdYvIpbrFXowjMtBdac+vvhcem7dkCrCdsGylGINWhE2tC9hKmFkFXo4mu/AGDS +M4/59TlMeK8X+WZ9zBs= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert13.crt b/tests/data_files/dir4/cert13.crt new file mode 100644 index 000000000..ac01a22cd --- /dev/null +++ b/tests/data_files/dir4/cert13.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs0qdKXytu/GTKpa2H0CE3 +OPSIMM2hiYbavzUroyL+hFv9XVoxh5CGnVUxK7B9ifVvzyElrcV7tjuIlGwp1hLH +tx/YU22xksI/n5/NS/qrxkK5xjwEWB9lx93rwLK0QnfjYRZrir7yySoBKi6IlHOv +GOwl0V/JAslMWwUZlFmvYvoCWSWGrDAkxWVnHq+HoZ7YoM/bdJdsIIJYe3tt7L8D +cJVP5dQ8jSs8/Ehm8BbG339r3B7v/KdK8zuoMig9ag/YOu9jOb0QvYC2HdZoL4WV +N+7aasTQmDGWGOt7fk7AEl0EI8lDvr2O/5q6ad9jRCkxyq3lJwRy+M3MdVKgA1On +AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFM6u5Gkjkxb8PDdQIGKD +D8t1Zv/9MB8GA1UdIwQYMBaAFMsPD4cvxQL4nxkPhuh1pDIls8qlMA0GCSqGSIb3 +DQEBCwUAA4IBAQCLpKATt01DUM8wCiDFVSpmpiCBqxnLRfQuY+ta1p+f15LME+cT +94lwaYCfCBtXQYwiuVFYdK8ztWEStPg6BecMLPB2K9gO/talxUoVDumsmR83p+2y +8YJmFHyjr+BShsjP9paCjUQkJiMOiWRpNFNpScv0IOHmb8NLER3vX/tCmxyVHPg/ +7tBpDXRD6jOyajYH4KUx6wddcYWb63N9sApVpRHNaqpUKjuiQwfUFZjA7AyK/FUS +/cO3++uq+CkZhBu8vupaznXD4h0E28GbZgvu/F0edB7f0Q5DpnuDJ6HFMYl3A2mM +m8pqKNnRYGCtQwppBYVsoBisga2ymtNud7K+ +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert14.crt b/tests/data_files/dir4/cert14.crt new file mode 100644 index 000000000..49e1cbb2e --- /dev/null +++ b/tests/data_files/dir4/cert14.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAzMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6Vc/T2GYTWj7nGZcy2voZyeWkFyfDIy +oexyJe8eyuWX+YqaSCra1JMcww0Jy8e9/6/aI9ezd1d73eZDcW5h61tagCpBki+W +dYh+FJfCdDdPnSkitWOBLKBK21AQ9dxePvkQBEanDdAk2IwasydCoHEiSCqwXNEz +jVJPL38ibbLf9sNO3kk6zOFA3QqVSTJ4BddNh9bHL7y106ekfMhrfyTzSpo3Wj0V +20ThmJZ1NuwYRl3j1XHALP0t8Cp2ZLbXuFsTWqTFNzXj+gWM8b2IfZqmqcew5poZ +4aDkjXXOizRxDPxCHp7rLz9xv1pIIBxady0YWp+w9vxLxFF6rYBLtQIDAQABo00w +SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQoF/qrn9WnKV3zOnCwMl99Uhmx8DAfBgNV +HSMEGDAWgBTOruRpI5MW/Dw3UCBigw/LdWb//TANBgkqhkiG9w0BAQsFAAOCAQEA +VUnlX//h3T5Ajc85WNkyTuirhSZtIr6+X/AxH4kR/QG5NiaDxP9H0FzMs5FcMni8 +3Rs4d2H3CBs+QB7lm/b+xy26vpORwlVFXScHeTEanuXSVsmGPkn7TAQrPoyZgVUN +uy4TGi8Mlkso4gmgehvgTklIV+Emxy32Abd1lRfI8/vOQ1xTdA7f3X98AfWStTya +DGRsQLZE/Q4/Gh57xNqF0ftBIRwt9TbGlu8AyZiIilVECGvE/gtTwuqpQPOhJQmi +NdYTErgD2Wkw9ohifQFo46AMMU1seehtqijW2pC2UjmV5nboPs0eGQmWrfNCjDOr +sZfh98BafcaFGjz605V36g== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert21.crt b/tests/data_files/dir4/cert21.crt new file mode 100644 index 000000000..501c5d7f2 --- /dev/null +++ b/tests/data_files/dir4/cert21.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 +YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg +xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q +GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN +2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 +7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEAMB0GA1Ud +DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S +8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAFEY2StppaPzOgG6vEvPJr//+ +NWY1jKcBB3cT+zWJW54+BexDjyaBRnBIPvRLDG8PAlhlYr9v/P6JCjBSuhYorFLG +P4ZhD+akuMvn6yF7nsyG20LHPwvE7/jye7+zSO3hhyqCg7N7M7O17exo/agw/iUI +DYUuUv1ZJlZvPB2kmZMYa78g0P2ynyKpu4hdbstJzxwA4aQDXGQxcQNtv+3ZCdC2 +TI4w0jodkjqdq/4y0McpkEvYL3/LaQElLaHr8CQo7xYEzsjv+cnzojCO/ilXU+Rl +sz940Q4njAJqlpfiJ44aFytjp96uN4YVpViFCvRz//9uyQY9kuA/8kKwJuO3qw== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert22.crt b/tests/data_files/dir4/cert22.crt new file mode 100644 index 000000000..5dcd65def --- /dev/null +++ b/tests/data_files/dir4/cert22.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG +Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG +g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT +cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 +iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY +xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T +BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw +FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu +DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a +lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 +7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ +i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N +j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk +5m5YpRsknaICjYs= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert23.crt b/tests/data_files/dir4/cert23.crt new file mode 100644 index 000000000..6c5472549 --- /dev/null +++ b/tests/data_files/dir4/cert23.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAyMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigGgHGNWNkEWWFn7eaU4kC2WjR3RtcBs +oW1MlQndUvwWUHgcbfIg7nh66Oi6Xl3IqAMjHj1J0EPGcwTfmLdaRvN38KjTMh3/ +FiFrrUL0MNgiGxjkTthWgsfV4C/i3vRDTCW+2UMFdd6+z7hwFf+ldTsCP9Qp+93G +drslrvAR2W0qjHLULAJGk/6WzxFG6xeCgdhkooDPprsflZJ/cN1SuqTYOaVMAj9J +aovStUTVhF8ouDULpq0fiBImoldObcGdaAWlgRl0k8NdoSLpWd/7+hi4sH5PSOZq ++8g1lQ3cgrE7ta4X3p/i6eApcn1hyEkTy9ZpKOFvZXnM4D1j8+KSKQIDAQABo00w +SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTCN2vDLY1tcenTzyRmlS4TBe2xijAfBgNV +HSMEGDAWgBQ4GXx51Wb8fnF1LYQYR4vN+1n8NTANBgkqhkiG9w0BAQsFAAOCAQEA +eb/tgtSbrz7j7HQaxGgI5LVedRro3a2fNLhO0wNboGI6gACIPait1ePkUwuMfLfl +Fky2/2VZ8Ie4pQqxFmdSUqf1NSmxgiWLRho4oTiFv1z08LYQgSdKT49ffKO67TDG +D1nI8rEuT1Nupq8WI5jcKgWqktMJjgKzfN+9nCgFGQMGqTBnt7uYZHhnuZfKSJPv +gHmS4gj72OQ2Nu6xORGhd6J8VjzcG6BX1pLebNQRzlHT3E5IVNF/9cCrc+E87Wns +bDGtzhyx7SIP7/2TiJeBZs7p8xXpaDF2cNx2F+jZH+P8feT7c+JoY7A72uVDSlYf +WVf02pylKRgqayOujH3PWA== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert31.crt b/tests/data_files/dir4/cert31.crt new file mode 100644 index 000000000..8c2af4c45 --- /dev/null +++ b/tests/data_files/dir4/cert31.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 +YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg +xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q +GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN +2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 +7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEBMB0GA1Ud +DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S +8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAB9nLaqxsBW0isDaBGNJyzH9O +WqYY0hex9tm3UqygfE9b9aahykpkowQIzh4D9Xpbd0hZGVlK/sw2qsKj6gDOiMtL +uWs4gaFNWIQqhVsTzL88c7XaW55n+TRQdVZyy38DZVWphte1Mumc9WB8N15rZTDh +iXjwGl0mrV1egq4hJZLpy14f6ihqU7KGfmc9onxvgvWxYLi+5v8874c4ophSKsI2 +qVE8iZ6uq2oQ66Pd5S50cYk6MEW5lifAhLM5WFZmW7dRKmykBGZ9rFrJrIvhkmh9 +He7q6TEQP1Wcoc147nIg0BTkHGtdrEv3jIX6UKKUEwUUk9ARB1mSodZQHBhuww== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert32.crt b/tests/data_files/dir4/cert32.crt new file mode 100644 index 000000000..5dcd65def --- /dev/null +++ b/tests/data_files/dir4/cert32.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG +Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG +g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT +cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 +iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY +xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T +BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw +FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu +DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a +lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 +7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ +i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N +j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk +5m5YpRsknaICjYs= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert33.crt b/tests/data_files/dir4/cert33.crt new file mode 100644 index 000000000..8e5d192b6 --- /dev/null +++ b/tests/data_files/dir4/cert33.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKAaAcY1Y2QRZYWft5pTiQ +LZaNHdG1wGyhbUyVCd1S/BZQeBxt8iDueHro6LpeXcioAyMePUnQQ8ZzBN+Yt1pG +83fwqNMyHf8WIWutQvQw2CIbGORO2FaCx9XgL+Le9ENMJb7ZQwV13r7PuHAV/6V1 +OwI/1Cn73cZ2uyWu8BHZbSqMctQsAkaT/pbPEUbrF4KB2GSigM+mux+Vkn9w3VK6 +pNg5pUwCP0lqi9K1RNWEXyi4NQumrR+IEiaiV05twZ1oBaWBGXSTw12hIulZ3/v6 +GLiwfk9I5mr7yDWVDdyCsTu1rhfen+Lp4ClyfWHISRPL1mko4W9leczgPWPz4pIp +AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFMI3a8MtjW1x6dPPJGaV +LhMF7bGKMB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 +DQEBCwUAA4IBAQCprzpoj6UaEG4eqLg2L3HqsvY73/XE8ytuZ9wDC3HodnmpezUX +48XwJPHFO7OGPGWZgsU2qX/Zp7yUXkVFSK4VnmnSzUtXNVlU0oWEEOzQLrpphksH +dcF8YNN/Y65KnhzIU784uHeFefUpPaE6yS5OSZboptZWVF9y1LoU3F7gN0UGvVG9 +hflz5O0/KvmYd+6+Yrje+2lbHiJHNXLmOPiZyk9TBDknygBuU14IOWghQim3yks9 +tKk8D38Vl85V5aG9nO4STjx5J8BtSl0x6wW3t9WwU5UC9geCROhZI1XRBafIoKkn +VSgHLpLTARtLikbbg/3SxpnW12msHvgLVasf +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert34.crt b/tests/data_files/dir4/cert34.crt new file mode 100644 index 000000000..bebcb651d --- /dev/null +++ b/tests/data_files/dir4/cert34.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCAzMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSrgWFD4lYQ0RF/z3mJZjn1lgNBkhnCP +0hciJv/etoMN3bCB+uc8fo0wxDQ2ZcbzTAQ0qBNnjJvAJ1qslZA9boIBKmT8JSix +ii/1XTDWI3E5aOvX1h6lW66pVsIzLm0NAf0VJn2xLw0Yv8hfKbwjcNeAfm7GCwJB +8skjekMKJ8+e6pP4ZHxmrnOo0kUlCg8w8RKzZ6sYJxX1ETekWPEUSXrscQ/YSjpO +zjLDph1lO4gVErBhdJgJpJznqkrRBiR7f/hIrpAV3wOUbtfrxrIb5FXOM9rt/svW +RRrzIUGnBvo04WZ+KQHPsMn+9x8i+/tueOg1KLfs10hW0RWsTQjmOQIDAQABo00w +SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBSOBr1U4h5PYyOqGe/gJgwWk7FfezAfBgNV +HSMEGDAWgBTCN2vDLY1tcenTzyRmlS4TBe2xijANBgkqhkiG9w0BAQsFAAOCAQEA +aBLuwNN5vOh2dLbn8lMNsc/oTFSInzu+ylzC/KLTkjoyMYY+S2ISUuew9pzUo4Gs +AAE/rqVYednayyA13eNRBnwIw+8kPTESaJMGl6uQQd8DzAalzqxbFhbwFY2T0pdi +LNFkGjmGdpRNy/VSTy6JEEBMhIKXjMpactmpiV6mwK3bfnFaXZ6o70+JZrNeiSe0 +g8sci6gBVEt27bGvhLalut8WXc7VCkxQhQCSBdv/94EmRxzPye6iAK0L9jaTHlt+ +qR5MWJxZN32muI7nsKnetUMZbIYwvO1LPn8f+0hdYkck8kE7ga1UM98oTgQeIOmj +3JNCDkNY+Z387ujaaOAVxw== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert41.crt b/tests/data_files/dir4/cert41.crt new file mode 100644 index 000000000..7065c9426 --- /dev/null +++ b/tests/data_files/dir4/cert41.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 +YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg +xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q +GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN +2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 +7SBymlokB3A8wq/LWPYPeQIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW +BBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S8cEL +j/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAWhrHGIMcEG2UJfv920hftxi+Jvj/ +ivrhEscqlVA0QNLqZV8v/ai/AiypDLk7uwKtsxF2i+sl81473aSFS9hh3F83/ofm +x8EU8X1FBQHN1zyAEpZyPXr7MiaTXn4w5sCeZLmpWyxGk+cRiPVRE0QUbXDGfVRp +3v984oCUMUzbb+zv6QlkHa6m/kZq0qrnNVVp0X4c7/Pb5elJOVlKnIslNgd/eLrz +zSabToAX9OP6tbJdSRky/LmIYW+CXH/Y4YVwpEu7NisZmDo6lnCBoRQB3QgxoMLp +mM+RUY+AyHr0ZsSUSb6iicJMRZ3mhxCLvnK/Noe/3hq4pUk4Sit7s7JL7A== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert42.crt b/tests/data_files/dir4/cert42.crt new file mode 100644 index 000000000..c0713188a --- /dev/null +++ b/tests/data_files/dir4/cert42.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG +Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG +g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT +cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 +iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY +xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNTMFEwDwYDVR0T +BAgwBgEBAQIBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0j +BBgwFoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAGKh +pBhYSGN0KGWIG4GG4mVoTiw880ehetDuTpl3ymZNqkoUuTaAtU3PJWOctcJva7h6 +4PSgyabi/WQmhntR1GxCUt0GTuhHmyJYsSwakXUgMgF6W6TKcxg6m4vjMkkrf+ZT +1lO/MiwxhTTluHPGkl/nBG+uxySInuQMDvdyQDXp2e17qxops+G+1UnRJinqLtsd +LMkCOT4pyh6B5ysnJ8gP1Z2EKWjhKJcIHRMUm7Ap/pf8Zgh5LIqdRtDSuNuTmPLP +lkgoebOCO3c/mWCciR0xGCcz86G3fYznvGp4XqHnRkg3SpAcHQbQ/nSHA+1LdfFi +nqZQPnJPVsJctDR935c= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert43.crt b/tests/data_files/dir4/cert43.crt new file mode 100644 index 000000000..8e5d192b6 --- /dev/null +++ b/tests/data_files/dir4/cert43.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKAaAcY1Y2QRZYWft5pTiQ +LZaNHdG1wGyhbUyVCd1S/BZQeBxt8iDueHro6LpeXcioAyMePUnQQ8ZzBN+Yt1pG +83fwqNMyHf8WIWutQvQw2CIbGORO2FaCx9XgL+Le9ENMJb7ZQwV13r7PuHAV/6V1 +OwI/1Cn73cZ2uyWu8BHZbSqMctQsAkaT/pbPEUbrF4KB2GSigM+mux+Vkn9w3VK6 +pNg5pUwCP0lqi9K1RNWEXyi4NQumrR+IEiaiV05twZ1oBaWBGXSTw12hIulZ3/v6 +GLiwfk9I5mr7yDWVDdyCsTu1rhfen+Lp4ClyfWHISRPL1mko4W9leczgPWPz4pIp +AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFMI3a8MtjW1x6dPPJGaV +LhMF7bGKMB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 +DQEBCwUAA4IBAQCprzpoj6UaEG4eqLg2L3HqsvY73/XE8ytuZ9wDC3HodnmpezUX +48XwJPHFO7OGPGWZgsU2qX/Zp7yUXkVFSK4VnmnSzUtXNVlU0oWEEOzQLrpphksH +dcF8YNN/Y65KnhzIU784uHeFefUpPaE6yS5OSZboptZWVF9y1LoU3F7gN0UGvVG9 +hflz5O0/KvmYd+6+Yrje+2lbHiJHNXLmOPiZyk9TBDknygBuU14IOWghQim3yks9 +tKk8D38Vl85V5aG9nO4STjx5J8BtSl0x6wW3t9WwU5UC9geCROhZI1XRBafIoKkn +VSgHLpLTARtLikbbg/3SxpnW12msHvgLVasf +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert44.crt b/tests/data_files/dir4/cert44.crt new file mode 100644 index 000000000..084fb2d82 --- /dev/null +++ b/tests/data_files/dir4/cert44.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDMw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRKuBYUPiVhDREX/PeYlmO +fWWA0GSGcI/SFyIm/962gw3dsIH65zx+jTDENDZlxvNMBDSoE2eMm8AnWqyVkD1u +ggEqZPwlKLGKL/VdMNYjcTlo69fWHqVbrqlWwjMubQ0B/RUmfbEvDRi/yF8pvCNw +14B+bsYLAkHyySN6Qwonz57qk/hkfGauc6jSRSUKDzDxErNnqxgnFfURN6RY8RRJ +euxxD9hKOk7OMsOmHWU7iBUSsGF0mAmknOeqStEGJHt/+EiukBXfA5Ru1+vGshvk +Vc4z2u3+y9ZFGvMhQacG+jThZn4pAc+wyf73HyL7+2546DUot+zXSFbRFaxNCOY5 +AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFI4GvVTiHk9jI6oZ7+Am +DBaTsV97MB8GA1UdIwQYMBaAFMI3a8MtjW1x6dPPJGaVLhMF7bGKMA0GCSqGSIb3 +DQEBCwUAA4IBAQCB3dtsoVdschVyCWSI16Se46RZJtLW1bM019KdyZj9DdIZ2VPm +Ip+BQFcVJyzbfmhn5QBbhNDKkwsfldI9Y8IqZ132j442/XIFZIilaPi3cE/WLFUY +Nxu2opuN3+KDwDYO32CUp3frr9OjAtB5amZnkXau+C1EkJlSuWaT+/gIlYwlr4/H +uADcyqFSmy28P9jmkK8AzZHhKnlRadAn2cDB8MFXD5VxnLJfejkprQVLdxTXRovP +cE/6c7PUGIK22WcSX8KTfuviKmjdGVhgeKps2nRNKaSIlqYCztyc8IjcZwJCnh6c +ZW8V9bi7WxDK+I9PPgrgLK8W+VTkS0RtjP5a +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert45.crt b/tests/data_files/dir4/cert45.crt new file mode 100644 index 000000000..e5d5b3d89 --- /dev/null +++ b/tests/data_files/dir4/cert45.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDMwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAeMRwwGgYDVQQDExNUZXN0IGxlYWYgaW52YWxpZCA0MIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcNsE/s4nauA5vSG/23znHT5ZjFAQiRa +83xo83MD2jMrBjgBBzOW0IKedk9lmqcRmoMsWt3PbYeH2Am+EqtOjh9vbHw/wXEw +eXg7DtZaYTjeRNkrwZ0z5Bz/TTvia7YkcfaU83OG4JyL8GmmbtiGNOHZyHqTv2Ky +j6YqyBJaDE7dwBNBJd5DElEuvr6Tu/Y3K3Z6z8bZUAX/5oII2sq8rg76ZQ+Dfk8i +upjp4MVPvowh/+ys+WNMW5MA5k1dwYyU1MZ20O/aa9VTMkb4DPyv4pXZgi1dBCMc +YskPRVoPPsE5xl3DZ3h4qZ039MbcalXFYe65689+Ra1O4/dsXR5raQIDAQABo00w +SzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTKtXdQZA8cZkS/89eiih4GTJX+fDAfBgNV +HSMEGDAWgBSOBr1U4h5PYyOqGe/gJgwWk7FfezANBgkqhkiG9w0BAQsFAAOCAQEA +IWynyo8ezt+So+w29h7z2ZS3/EcrErnSiDDJ0DaE/vcvflrT/tEPeDHTxy61qQuX +KoseO84foFqLPu1YqgSjRgmbk76gt8aAu0lr6/t0RHWdHKZG3QtK8696pGoMAhVg +Ha3f/YYaEkqSnHwU+/vxEXEkGHM22UHwb7dtH2LfBHtoQtjE6M+Ulv6QdkLj2LFD +XMKJIyAlibTRMW8YOP4G/DekCq1DstUOcTn7BFqeAjjzYwv3NHpOJHdZrUgyGb7B +QqDXf2rM3s7LEpwDMvfdraAEWld4/LRLkfau/PfKD5YwGYg3Nb45xyXFSEijVjAr +23G8HAIcJJu2jUIWGr9OtQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert51.crt b/tests/data_files/dir4/cert51.crt new file mode 100644 index 000000000..7065c9426 --- /dev/null +++ b/tests/data_files/dir4/cert51.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 +YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg +xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q +GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN +2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 +7SBymlokB3A8wq/LWPYPeQIDAQABo1AwTjAMBgNVHRMEBTADAQEBMB0GA1UdDgQW +BBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S8cEL +j/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAWhrHGIMcEG2UJfv920hftxi+Jvj/ +ivrhEscqlVA0QNLqZV8v/ai/AiypDLk7uwKtsxF2i+sl81473aSFS9hh3F83/ofm +x8EU8X1FBQHN1zyAEpZyPXr7MiaTXn4w5sCeZLmpWyxGk+cRiPVRE0QUbXDGfVRp +3v984oCUMUzbb+zv6QlkHa6m/kZq0qrnNVVp0X4c7/Pb5elJOVlKnIslNgd/eLrz +zSabToAX9OP6tbJdSRky/LmIYW+CXH/Y4YVwpEu7NisZmDo6lnCBoRQB3QgxoMLp +mM+RUY+AyHr0ZsSUSb6iicJMRZ3mhxCLvnK/Noe/3hq4pUk4Sit7s7JL7A== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert52.crt b/tests/data_files/dir4/cert52.crt new file mode 100644 index 000000000..c0713188a --- /dev/null +++ b/tests/data_files/dir4/cert52.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgNDAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG +Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG +g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT +cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 +iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY +xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNTMFEwDwYDVR0T +BAgwBgEBAQIBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0j +BBgwFoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAGKh +pBhYSGN0KGWIG4GG4mVoTiw880ehetDuTpl3ymZNqkoUuTaAtU3PJWOctcJva7h6 +4PSgyabi/WQmhntR1GxCUt0GTuhHmyJYsSwakXUgMgF6W6TKcxg6m4vjMkkrf+ZT +1lO/MiwxhTTluHPGkl/nBG+uxySInuQMDvdyQDXp2e17qxops+G+1UnRJinqLtsd +LMkCOT4pyh6B5ysnJ8gP1Z2EKWjhKJcIHRMUm7Ap/pf8Zgh5LIqdRtDSuNuTmPLP +lkgoebOCO3c/mWCciR0xGCcz86G3fYznvGp4XqHnRkg3SpAcHQbQ/nSHA+1LdfFi +nqZQPnJPVsJctDR935c= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert53.crt b/tests/data_files/dir4/cert53.crt new file mode 100644 index 000000000..8e5d192b6 --- /dev/null +++ b/tests/data_files/dir4/cert53.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKAaAcY1Y2QRZYWft5pTiQ +LZaNHdG1wGyhbUyVCd1S/BZQeBxt8iDueHro6LpeXcioAyMePUnQQ8ZzBN+Yt1pG +83fwqNMyHf8WIWutQvQw2CIbGORO2FaCx9XgL+Le9ENMJb7ZQwV13r7PuHAV/6V1 +OwI/1Cn73cZ2uyWu8BHZbSqMctQsAkaT/pbPEUbrF4KB2GSigM+mux+Vkn9w3VK6 +pNg5pUwCP0lqi9K1RNWEXyi4NQumrR+IEiaiV05twZ1oBaWBGXSTw12hIulZ3/v6 +GLiwfk9I5mr7yDWVDdyCsTu1rhfen+Lp4ClyfWHISRPL1mko4W9leczgPWPz4pIp +AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFMI3a8MtjW1x6dPPJGaV +LhMF7bGKMB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 +DQEBCwUAA4IBAQCprzpoj6UaEG4eqLg2L3HqsvY73/XE8ytuZ9wDC3HodnmpezUX +48XwJPHFO7OGPGWZgsU2qX/Zp7yUXkVFSK4VnmnSzUtXNVlU0oWEEOzQLrpphksH +dcF8YNN/Y65KnhzIU784uHeFefUpPaE6yS5OSZboptZWVF9y1LoU3F7gN0UGvVG9 +hflz5O0/KvmYd+6+Yrje+2lbHiJHNXLmOPiZyk9TBDknygBuU14IOWghQim3yks9 +tKk8D38Vl85V5aG9nO4STjx5J8BtSl0x6wW3t9WwU5UC9geCROhZI1XRBafIoKkn +VSgHLpLTARtLikbbg/3SxpnW12msHvgLVasf +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert54.crt b/tests/data_files/dir4/cert54.crt new file mode 100644 index 000000000..e42e14f54 --- /dev/null +++ b/tests/data_files/dir4/cert54.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDIwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAcMRowGAYDVQQDExFUZXN0IExlYWYgNCB2YWxpZDCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAJEq4FhQ+JWENERf895iWY59ZYDQZIZwj9IX +Iib/3raDDd2wgfrnPH6NMMQ0NmXG80wENKgTZ4ybwCdarJWQPW6CASpk/CUosYov +9V0w1iNxOWjr19YepVuuqVbCMy5tDQH9FSZ9sS8NGL/IXym8I3DXgH5uxgsCQfLJ +I3pDCifPnuqT+GR8Zq5zqNJFJQoPMPESs2erGCcV9RE3pFjxFEl67HEP2Eo6Ts4y +w6YdZTuIFRKwYXSYCaSc56pK0QYke3/4SK6QFd8DlG7X68ayG+RVzjPa7f7L1kUa +8yFBpwb6NOFmfikBz7DJ/vcfIvv7bnjoNSi37NdIVtEVrE0I5jkCAwEAAaNNMEsw +CQYDVR0TBAIwADAdBgNVHQ4EFgQUjga9VOIeT2Mjqhnv4CYMFpOxX3swHwYDVR0j +BBgwFoAUwjdrwy2NbXHp088kZpUuEwXtsYowDQYJKoZIhvcNAQELBQADggEBADdp +VpPr4AzE7ecrhclQKGjPa7leaorYuevjTLWsieY17mVQhlMX1itTNXlPBUfPAsOd +O7LUgY0yZOnV7l8TbfGal8pIF+acgFLgqM5A6z8ngChMi6iKEZChDVffAVHJs3e/ +WUm7VeFY8Mvwnay3iHj2trC7XQX2SZCovXYfNP3bVyqIaDNqt6SPY1skouWpmmUn +ISzcyH6EU/CegFjHJyXxrsIW9Nv2mDejrmcR0EJOmEAfWUgonfemeX93xkwZHW2s +lZ8/e6rTPPSGdhY/b4VRu6o1FpLcPLGZSgPwYBNVYtgT4WsoT0xUvm6Y1WipiZda +B/bpiL8l4GSVtTw1Jko= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert61.crt b/tests/data_files/dir4/cert61.crt new file mode 100644 index 000000000..8c2af4c45 --- /dev/null +++ b/tests/data_files/dir4/cert61.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 +YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg +xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q +GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN +2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 +7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEBMB0GA1Ud +DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S +8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAB9nLaqxsBW0isDaBGNJyzH9O +WqYY0hex9tm3UqygfE9b9aahykpkowQIzh4D9Xpbd0hZGVlK/sw2qsKj6gDOiMtL +uWs4gaFNWIQqhVsTzL88c7XaW55n+TRQdVZyy38DZVWphte1Mumc9WB8N15rZTDh +iXjwGl0mrV1egq4hJZLpy14f6ihqU7KGfmc9onxvgvWxYLi+5v8874c4ophSKsI2 +qVE8iZ6uq2oQ66Pd5S50cYk6MEW5lifAhLM5WFZmW7dRKmykBGZ9rFrJrIvhkmh9 +He7q6TEQP1Wcoc147nIg0BTkHGtdrEv3jIX6UKKUEwUUk9ARB1mSodZQHBhuww== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert62.crt b/tests/data_files/dir4/cert62.crt new file mode 100644 index 000000000..5dcd65def --- /dev/null +++ b/tests/data_files/dir4/cert62.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG +Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG +g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT +cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 +iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY +xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T +BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw +FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu +DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a +lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 +7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ +i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N +j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk +5m5YpRsknaICjYs= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert63.crt b/tests/data_files/dir4/cert63.crt new file mode 100644 index 000000000..ffa90e4fd --- /dev/null +++ b/tests/data_files/dir4/cert63.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAcMRowGAYDVQQDExFUZXN0IExlYWYgdmFsaWQgMjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAIoBoBxjVjZBFlhZ+3mlOJAtlo0d0bXAbKFt +TJUJ3VL8FlB4HG3yIO54eujoul5dyKgDIx49SdBDxnME35i3Wkbzd/Co0zId/xYh +a61C9DDYIhsY5E7YVoLH1eAv4t70Q0wlvtlDBXXevs+4cBX/pXU7Aj/UKfvdxna7 +Ja7wEdltKoxy1CwCRpP+ls8RRusXgoHYZKKAz6a7H5WSf3DdUrqk2DmlTAI/SWqL +0rVE1YRfKLg1C6atH4gSJqJXTm3BnWgFpYEZdJPDXaEi6Vnf+/oYuLB+T0jmavvI +NZUN3IKxO7WuF96f4ungKXJ9YchJE8vWaSjhb2V5zOA9Y/PikikCAwEAAaNNMEsw +CQYDVR0TBAIwADAdBgNVHQ4EFgQUwjdrwy2NbXHp088kZpUuEwXtsYowHwYDVR0j +BBgwFoAUOBl8edVm/H5xdS2EGEeLzftZ/DUwDQYJKoZIhvcNAQELBQADggEBABrt +2fKOUwAb5EFD/ebXMM4Qzg6sFYpq/mcnPlmGmqwNzmumlgYUBS15liTnA4nBgR09 +b2sejlwnzcnrsFB18YCmE/TIPuh3XMJXmUxjcnCy3qPuSwpuwG3brUGQPiIZhRZz +1+iSc7uba/JGaTqLBItaRPlB6dD3jqY3UowFaWvnYiVmCXg147EBC5Mn2EDiukg0 +xsqM03yfpUkp4/W9+WpJuGNyhicSJbNxlh3zEjrgWeMvhnFmrTr7ss6P2ZoKGS3/ +QrZBLUzkk25hCF3dTNfTDVSQUt0rONJvx3ym+Kp+zQWc/oHsDs0STs5Db2J0dGp8 +VEyxyevfwivF4EQ70Jw= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert71.crt b/tests/data_files/dir4/cert71.crt new file mode 100644 index 000000000..8c2af4c45 --- /dev/null +++ b/tests/data_files/dir4/cert71.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMBYxFDASBgNV +BAMTC1Rlc3Qgcm9vdCAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +mTX2sHY42Ord9gWyB6GcdlLjjE+4zBJ1BoDpMnvJ89niMTuZTq1ViMp/B6RuTH+2 +YF3+riZYQDH9yM/8rgvAUIvK9STaq19Zrm0mnfQUo9yKdkfoJ+XvWuvK6f+NkAMg +xfhAD6eSupigTvov/w2IT8rS0dxo4KF6hKBL2aYlXhiEyi/NmsEPZWvVh+qk3L/Q +GSwpgC+DhVoQzFRofUdK9O9MkgR675iftaFDvyi7F0fxrSLfB/Wy4cgRYzIW6pyN +2sXWivKdLI3bgB01ffdbO17ZAGILK1whO29/bX6hbH09Y/H7jR2vjy+KP9N0PEa3 +7SBymlokB3A8wq/LWPYPeQIDAQABo1MwUTAPBgNVHRMECDAGAQEBAgEBMB0GA1Ud +DgQWBBSOBd1fH00Y9r5S8cELj/9IT4BGlDAfBgNVHSMEGDAWgBSOBd1fH00Y9r5S +8cELj/9IT4BGlDANBgkqhkiG9w0BAQsFAAOCAQEAB9nLaqxsBW0isDaBGNJyzH9O +WqYY0hex9tm3UqygfE9b9aahykpkowQIzh4D9Xpbd0hZGVlK/sw2qsKj6gDOiMtL +uWs4gaFNWIQqhVsTzL88c7XaW55n+TRQdVZyy38DZVWphte1Mumc9WB8N15rZTDh +iXjwGl0mrV1egq4hJZLpy14f6ihqU7KGfmc9onxvgvWxYLi+5v8874c4ophSKsI2 +qVE8iZ6uq2oQ66Pd5S50cYk6MEW5lifAhLM5WFZmW7dRKmykBGZ9rFrJrIvhkmh9 +He7q6TEQP1Wcoc147nIg0BTkHGtdrEv3jIX6UKKUEwUUk9ARB1mSodZQHBhuww== +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert72.crt b/tests/data_files/dir4/cert72.crt new file mode 100644 index 000000000..5dcd65def --- /dev/null +++ b/tests/data_files/dir4/cert72.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBzCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwtUZXN0 +IHJvb3QgMjAeFw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCYxJDAiBgNV +BAMTG1Rlc3QgaW50ZXJtZWRpYXRlIG1heHBhdGggMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANpGlBMXdo8cO9oqUw/b6PMwiMNV8LCe6wB9VKHPa6OG +Q0o8Xqktgwnh1rojgpMhbCApE7UXeMr6ZGq/NtqmO1hO5adV5JehWZyvg7j4EBpG +g8iWo0jNpKMJ0Yx1uBkkljEdZLTHa4bK/zy2NKqDNS2yWs9/M5+xw5XE2ecAg7FT +cXhf3q50V+M6T2IaQ9BxntTyCT8IIF2eRM/t9Y944s9Rfzm/KQVKRYPudX7YhTt9 +iqCJB4JoqYhs3HEO0wPkJxY4KBTUCN94s+7jUFdRrYxe+8Ya6tIYWqD38i5qdGhY +xrVey1LatsDJQ2EgNYobM/LjoCLK1WUssEqf0OU2bi0CAwEAAaNQME4wDAYDVR0T +BAUwAwEBATAdBgNVHQ4EFgQUOBl8edVm/H5xdS2EGEeLzftZ/DUwHwYDVR0jBBgw +FoAUjgXdXx9NGPa+UvHBC4//SE+ARpQwDQYJKoZIhvcNAQELBQADggEBAFwZriTu +DKkiDHFfz3UX4fIxYTHCi4TveYZGPeTbxhBb3XZC5qDF4T5HvCTSkG9+oFfZzI1a +lPN2yZB7QnmHJoyWa5fuovwUL0iI3iIZMqU56tdVPW8gkJe++U5kHMSpz2VF0eo8 +7XkKWxZovRwczgfDFRP9zM9CylyzQjqxx6kbxJozWnwc5UrVbJMaPIqonXp1nDoZ +i878+hX4rJUEjgO6Sa9GVZQpmuCrQF0qKsTiUBzZN67hoD3xoTAYi5IXQE2tRD1N +j3zwng9liCsxurGMnuV0BPWv/IDYRu/syjee1Qv1VFeRto5D4Rldmi2p1f5iWJCk +5m5YpRsknaICjYs= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert73.crt b/tests/data_files/dir4/cert73.crt new file mode 100644 index 000000000..6854c74a0 --- /dev/null +++ b/tests/data_files/dir4/cert73.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAmMSQwIgYDVQQDExtUZXN0IGludGVybWVkaWF0ZSBtYXhwYXRoIDEw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaRpQTF3aPHDvaKlMP2+jz +MIjDVfCwnusAfVShz2ujhkNKPF6pLYMJ4da6I4KTIWwgKRO1F3jK+mRqvzbapjtY +TuWnVeSXoVmcr4O4+BAaRoPIlqNIzaSjCdGMdbgZJJYxHWS0x2uGyv88tjSqgzUt +slrPfzOfscOVxNnnAIOxU3F4X96udFfjOk9iGkPQcZ7U8gk/CCBdnkTP7fWPeOLP +UX85vykFSkWD7nV+2IU7fYqgiQeCaKmIbNxxDtMD5CcWOCgU1AjfeLPu41BXUa2M +XvvGGurSGFqg9/IuanRoWMa1XstS2rbAyUNhIDWKGzPy46AiytVlLLBKn9DlNm4t +AgMBAAGjUDBOMAwGA1UdEwQFMAMBAQEwHQYDVR0OBBYEFDgZfHnVZvx+cXUthBhH +i837Wfw1MB8GA1UdIwQYMBaAFDgZfHnVZvx+cXUthBhHi837Wfw1MA0GCSqGSIb3 +DQEBCwUAA4IBAQDPQC9vYJegBgVZHu0StoRT7L6ShWcZc5Z/TeyrqJBdoiguSRq5 +kMiFXZpksxeFlIUYry21MigYqxOXGZ2GZYNqhLpYVh7hzAY8uYvf4U70q88zj7mw +gIcgEaMd71GHqbb2O5x3fCN7vLeU5DFYBWfqLlkL57Uqr2aRDHlucryyRNordicN +WbCxPozmqtbNMABEUbjLMCCuzJeNRSZbS0OOod6Xd3N00EK7PqaRhbihbq3L6gUG +MjUI2keSxW4vXcDfI5Hqem6SHpCc3retx2VUgwIDAoTrw7E4dwmyC4Tp7TDJL/+d +GU8qhRmoQer7mLUzpb3s8mq/4rZx+alTQ3gu +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert74.crt b/tests/data_files/dir4/cert74.crt new file mode 100644 index 000000000..920c4c208 --- /dev/null +++ b/tests/data_files/dir4/cert74.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCjCCAfKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDExtUZXN0 +IGludGVybWVkaWF0ZSBtYXhwYXRoIDEwHhcNMDEwMTAxMDAwMDAwWhcNMzAxMjMx +MjM1OTU5WjAcMRowGAYDVQQDExFUZXN0IExlYWYgdmFsaWQgMzCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAIoBoBxjVjZBFlhZ+3mlOJAtlo0d0bXAbKFt +TJUJ3VL8FlB4HG3yIO54eujoul5dyKgDIx49SdBDxnME35i3Wkbzd/Co0zId/xYh +a61C9DDYIhsY5E7YVoLH1eAv4t70Q0wlvtlDBXXevs+4cBX/pXU7Aj/UKfvdxna7 +Ja7wEdltKoxy1CwCRpP+ls8RRusXgoHYZKKAz6a7H5WSf3DdUrqk2DmlTAI/SWqL +0rVE1YRfKLg1C6atH4gSJqJXTm3BnWgFpYEZdJPDXaEi6Vnf+/oYuLB+T0jmavvI +NZUN3IKxO7WuF96f4ungKXJ9YchJE8vWaSjhb2V5zOA9Y/PikikCAwEAAaNNMEsw +CQYDVR0TBAIwADAdBgNVHQ4EFgQUwjdrwy2NbXHp088kZpUuEwXtsYowHwYDVR0j +BBgwFoAUOBl8edVm/H5xdS2EGEeLzftZ/DUwDQYJKoZIhvcNAQELBQADggEBAK9R +J7H8epG2NagZ3Gpl6R1jSiIixWlPJci2Bz1Nr8NIER64TJCKHeh9ku6tzSdrVL3B +2rj5GmpubDXEWAKfMtt0ccF2UIva9rDMNzaAnCSevWHXf9Httr84X6RmhtXb9/Rm +fp3W+L0GlDfHfHn8uoVdQe5e6xkmGxtcHDUsyO/CJMkrwUyoB8zs7UtlNtOf45H4 +PPg09lzV7RQ9vFIH48F/4gZW+w3AqN9ZwvYkGcJUY8tyHpb9hDrR4F6loVInrlCE +0pQiQXNCdee1za9QsScSjYNxGfR2Dkzote41H098jvLalLTTg5Fqx/AylnX285FI +ETGOumNQ51IJLUpq+hc= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert81.crt b/tests/data_files/dir4/cert81.crt new file mode 100644 index 000000000..26b2bd555 --- /dev/null +++ b/tests/data_files/dir4/cert81.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBpTCCAUmgAwIBAgIBUTAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg +ODERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw +MFoXDTMwMTIzMTIzNTk1OVowMTEPMA0GA1UEAxMGUm9vdCA4MREwDwYDVQQKEwht +YmVkIFRMUzELMAkGA1UEBhMCVUswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT1 +GuTQ9vgf2l3oLM25r78cvIAQqE02GzQGjp/WWw3CysEwTwNEuZGhRiD5lDmkbUGW +UNxv/7uJjy7k3K3fDNdko1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTHFA2h +Au0tPnzeYnLcmlTQj4FAajAfBgNVHSMEGDAWgBTHFA2hAu0tPnzeYnLcmlTQj4FA +ajAMBggqhkjOPQQDAgUAA0gAMEUCIH7Z/HNb/Pwbs40iNll1a9gmgAbYOgdlVPWo +nSdcb7cZAiEAlhVb6CdBXsjOfAWWEET/QP74z608PKFccCIFPCDLkxo= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert82.crt b/tests/data_files/dir4/cert82.crt new file mode 100644 index 000000000..d49ecc9f3 --- /dev/null +++ b/tests/data_files/dir4/cert82.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBqDCCAUygAwIBAgIBUjAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg +ODERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw +MFoXDTMwMTIzMTIzNTk1OVowMTEPMA0GA1UEAxMGSW50IDgyMREwDwYDVQQKEwht +YmVkIFRMUzELMAkGA1UEBhMCVUswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS2 +giYQt4HVfQ2t8eTS0bvISwp7ol2x17umbllBxwzGDFEUQ00JL1/SStezecK0lNhE +0AvY8Ez2soQEtdSeQGkCo1MwUTAPBgNVHRMECDAGAQH/AgEAMB0GA1UdDgQWBBS3 ++nsv3nQknSg4aDjlTiRpCPo7XzAfBgNVHSMEGDAWgBTHFA2hAu0tPnzeYnLcmlTQ +j4FAajAMBggqhkjOPQQDAgUAA0gAMEUCIQDus2Lvx3yyvaViY1s334uMm6ge484X +oktMyxLVjkAMiAIgehTHiJJaT9PnlVa+hUpxsIfVAuMexrm5fw/bDF5Nxzw= +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert83.crt b/tests/data_files/dir4/cert83.crt new file mode 100644 index 000000000..21a748e32 --- /dev/null +++ b/tests/data_files/dir4/cert83.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBoDCCAUWgAwIBAgIBUzAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBkludCA4 +MjERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw +MFoXDTMwMTIzMTIzNTk1OVowMDEOMAwGA1UEAxMFRUUgODMxETAPBgNVBAoTCG1i +ZWQgVExTMQswCQYDVQQGEwJVSzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMSy +6X5iBYrdxxOMfdcA23pLBoJCeyEjiWfALxTm80MJGBdRNVdnT50xNU3SDDwHWPda +/EQqHq+itsqkUeyAGAyjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGsFH/KsvM4n +r+i1gI2iCVXi3KtFMB8GA1UdIwQYMBaAFLf6ey/edCSdKDhoOOVOJGkI+jtfMAwG +CCqGSM49BAMCBQADRwAwRAIgQURH8DHWFHVK38+znWc85G1P+g4ocdkA5Gt0LbOg +SJMCIBsacOLFywxZYF8atizw6zMRw+QeHR2514JIhJUck2kd +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert91.crt b/tests/data_files/dir4/cert91.crt new file mode 100644 index 000000000..6d4605a7c --- /dev/null +++ b/tests/data_files/dir4/cert91.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBqTCCAUygAwIBAgIBWzAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg +OTERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw +MFoXDTMwMTIzMTIzNTk1OVowMTEPMA0GA1UEAxMGUm9vdCA5MREwDwYDVQQKEwht +YmVkIFRMUzELMAkGA1UEBhMCVUswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATh +D2SmdS6D7cYi2vGMyuCdol/OOUN2di2pS2wfSI/MsY/Z4O9iNHqbXQP6l+hcT5ap +daycs7r6ZPNqmWM7b16go1MwUTAPBgNVHRMECDAGAQH/AgEAMB0GA1UdDgQWBBRb +zVrcAxddj0i0DEqvTGT8F37bizAfBgNVHSMEGDAWgBRbzVrcAxddj0i0DEqvTGT8 +F37bizAMBggqhkjOPQQDAgUAA0kAMEYCIQDbrSV4ndH0vAR3HqJfBn8NT8zdvMjB +qSJes6Qwa42b2wIhAKyoH0H+b1Svw8pMkvUYF4ElH5Cnn7gxb7Wl3arc0+hQ +-----END CERTIFICATE----- diff --git a/tests/data_files/dir4/cert92.crt b/tests/data_files/dir4/cert92.crt new file mode 100644 index 000000000..49b53a5bc --- /dev/null +++ b/tests/data_files/dir4/cert92.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBoTCCAUWgAwIBAgIBXDAMBggqhkjOPQQDAgUAMDExDzANBgNVBAMTBlJvb3Qg +OTERMA8GA1UEChMIbWJlZCBUTFMxCzAJBgNVBAYTAlVLMB4XDTAxMDEwMTAwMDAw +MFoXDTMwMTIzMTIzNTk1OVowMDEOMAwGA1UEAxMFRUUgOTIxETAPBgNVBAoTCG1i +ZWQgVExTMQswCQYDVQQGEwJVSzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABC9E +tK1pE8Ei8vgScunyjx50C+qDsQS8D2RhGHC4VkE2yyiFxJA/ynhoeXTKZsHuEWI9 +CfOSvk0RrTWf9nr0pTGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLqsN52tAf1k +XlzxQmdD5qG6Sy6PMB8GA1UdIwQYMBaAFFvNWtwDF12PSLQMSq9MZPwXftuLMAwG +CCqGSM49BAMCBQADSAAwRQIgXlfKqhkhXgK112Eycl+Z5NHM+6aqXE7i9j7IyGfk +ikICIQDBYNGbpSx82XG+IS/h4AWNTa4Hs6rmWvQDWJum7NrzMQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/enco-ca-prstr.pem b/tests/data_files/enco-ca-prstr.pem new file mode 100644 index 000000000..6503314a1 --- /dev/null +++ b/tests/data_files/enco-ca-prstr.pem @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICDTCCAXagAwIBAgIETZt8lzANBgkqhkiG9w0BAQUFADBCMUAwPgYDVQQDEzdP +cGVuVlBOIFdlYiBDQSAyMDExLjA0LjA1IDIwOjMzOjI3IFVUQyBhc2RlbW8ueW9u +YW4ubmV0MB4XDTExMDMyOTIwMzMyN1oXDTIxMDQwMjIwMzMyN1owQjFAMD4GA1UE +AxM3T3BlblZQTiBXZWIgQ0EgMjAxMS4wNC4wNSAyMDozMzoyNyBVVEMgYXNkZW1v +LnlvbmFuLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA38U3wA/eTGN/ +/AJHo2OsEHjLdO9k3Mo5QcShvg+6IoAThD7HEyOYm4Ild8s4+eEy2i9ecWvMKG6M +YSO+GwG9xOd9wDFtODpF+z6rIt8a4bLbQHcsp9Ccu+ZmjxkJkmxOCz774lxETArX +SaksAB5P6Web/LwKUv/Iy9crRM9HzSECAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zAN +BgkqhkiG9w0BAQUFAAOBgQARCDFYCb9n151hgwitxzbuacIVDqIH8EouV2VBqlNR +tj8q1maliDE3pW7WRAwMi5i3+5c0auKwhTGESsBPjasd5QnjqXOkRbcZhkeVQ1ln +6NEn6xC+M+H2LGVHSSropcGa8olLlo98LrsFuHVHMewTs7SK2lc+7rU/ILec3ymj +og== +-----END CERTIFICATE----- diff --git a/tests/data_files/enco-cert-utf8str.pem b/tests/data_files/enco-cert-utf8str.pem new file mode 100644 index 000000000..7d613d945 --- /dev/null +++ b/tests/data_files/enco-cert-utf8str.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB8jCCAVugAwIBAgIETZt8+zANBgkqhkiG9w0BAQUFADBCMUAwPgYDVQQDDDdP +cGVuVlBOIFdlYiBDQSAyMDExLjA0LjA1IDIwOjMzOjI3IFVUQyBhc2RlbW8ueW9u +YW4ubmV0MB4XDTE0MDcyOTAzNTMzM1oXDTI0MDgwMjAzNTMzM1owFzEVMBMGA1UE +AwwMZHcueW9uYW4ubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHYW8q +ZZ/HIIlU8j/YIyTh3h59JcJF0Es7RsPg25QVJkDkfhMn6l15f2neB2KPLKxCLpLD +ozYD4s/If8aq74A1C2vvOLo/Gq1erNS4b9IS5xLs3Lu643XGxS93Rf6jrsGa8lfb +Wa7DsQrp7FLT5GApwCp6CebmZq7jEImj0pDFRwIDAQABoyAwHjAJBgNVHRMEAjAA +MBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG9w0BAQUFAAOBgQAS1Ulo7iBABpm/ +S23mCnIFRY1+eFfYg4h8EiK9f8kWDwduXSYGVUqRHqh4LcNSdTOIaSEG4RGyV/EA +5RfTviaQ9PxPiSFegNja8/aHel/nORfsEk4rwBCPGKDveL5KYhAtyAs865ZzLtv+ +kEkfhaTgrBIikwlnquoX5UHOdL/iaw== +-----END CERTIFICATE----- diff --git a/tests/data_files/format_gen.pub b/tests/data_files/format_gen.pub new file mode 100644 index 000000000..81a7ab3ff --- /dev/null +++ b/tests/data_files/format_gen.pub @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA0UszjREl+JklUyevaN8fb0Gp +13Dzb4pY3MCoJK15BWoeoUFAIVvuI0C8bRm/i1OO4BN9tSRrRjW+S89YbYy1C73P +UgKZSejjnEFA4chcSOKOhZlM6K7+Pcrcx+sdiDu1DheODMiSFhoxt+H6IUvBEGkI +5AWFu5MDP7wlU/AZfQIDAQAB +-----END PUBLIC KEY----- diff --git a/tests/data_files/format_pkcs12.fmt b/tests/data_files/format_pkcs12.fmt new file mode 100644 index 0000000000000000000000000000000000000000..296d599d633ad09a8e59f9038c8dc61417ce2e31 GIT binary patch literal 3381 zcmV-54a)K`f(E^;4p#*mj($chDe6@ z4FLxRpn?a8FoFk!0s#Opf(LyD2`Yw2hW8Bt2LUh~1_~;MNQUSG)6eKb-*e(h`Xt>$Zy zUeW4x+>(b#T9UqeX!q#h95Vz-+_~Y?{$VrV?OD1a6zV~ z&c6NHRA@=(k=lmDOSvEGD0z4VkW`xH`hv{zIGo{^*df_^l1=Xo}FwR>2-mi3*L~#d*xBm|vh}L-du%`_c zNsRPYaX7h8G&ouPl@<#o!e%H5EJFn>;zClz%F;UL$ojg8A%O)U_5)rcmn;9JL`DiY zKJ6D~J?gox)!aPNb>f-aKfQ0KZ*WXy=IXugXYe0jWzoBr zNm%uI5?7D!H;Vt!K}T4ue=GXo^sZ{o4V^f+k+U zyv{<6Rj~BfWONJ6jF||#c$4A2Sk5%zf{KZt%@8GyzymflteKd)22l5TZ2dZGP)@@P z5Lc{FrJ*W9tqLgbkVl9j)6uHI$$WWzj=v4VFq`oY+yK}}b&ly`$;o~14t`Iev&CMN zZ(-Aw6$HV-B#4kP9!9Wa#xh~1cT4_qpoE{2o+}(291qYRZhM6NutQ8>uB!vLh7tOq ze%RYlM9D__Bh)EWLp^;tcfCb1JL~%*&R^0*=ri2armph1Am=^b8x>p;eB~2#R#s=0 z3Fw=jK(~t}8{5rZnM5MUVaWTewTkmgS4y+16}l!d!tS3^oHks47npEErV|CXpr@08!C?{Q zO}lC!8Cp^cZy&Bz_4v&XfxgLq(0`fPRF^`_&1jWxB39kh#FRlC*9U4GC@?Pilt_Vr z%&-0U*yuQt4DjxRH9X1ASh{wY6wAHR7g0689}_0QJ1uCr+}3us+zGhL+cY44DH|(M z(aYRwbr*ZDA8^Y?-P)abm|pb4x2SD$NoXWQ*Kets#m&R;v?%0k!_>s>aL{g^kO;~C zCvS0e*tJ5m7ye0EKu2#HZDcOfC-H@tHG|T}+{55yyok+KvN!C2I`ZVQrL}|$?vmSNgi0VGSavd!b_wa;x5K$lR zM0#eJK(E9+2g}mBqBuZ~oCPJx!F~6Ny+45;dC79PNF;290b}H3sxLHKHqb?S@30^H z>KddDc(h4V@ZUE}KX?V60rhfaGUvD=%^y|cxkC&^T1Yr55IlFp&?lw2rW0T2ZQEy+ z_;~}8@}fZ2RJ{qo14`G${gV^-c9A#b-5fNZN}4obxh&4w5Zc~n@{D{PIL1HT-}dyk zE0#N26>K={3)2HJ+W9#qSM700`UY_GjM{#3IGfoCl=yDqK1k3r;Vi8u z$t!5I@CFu>)Exv?V3H4s50zG%Ak2w^Kc&%QqzmY2Ko>Kyvlc4 zV)`41$(sTuzV+~&LNQUdh5Bo=7)G>8nT?um=P#aV&cYl{rA1eNkkK9v1`77 zzSVxq<0HiP-i73-g8)~-L@Ib6i73=Be(8oX#)!WkymR@nigIwl z29oC!|5)Rx7CqL{VHs>Egx11!9vk9{S`ML&k@iyXYjGlINW7W^Oca+isLok zuq+X4N)0R&ty*GB=8-E-+}h(g;y$&iTBy)2ozkZkg9N8`%TT+*U6LOsr_}hAMI=jm z6@j>~TAIT#{%u^UHIL6d#g95ZHV?2-1HZ$E54L2jH>FUDQ8EO&Dh0;XkIgQbpO~jL zse2-)Ydg?lknr+j&hLCLy}VBY@}IkNm?4J8$y}A(4R6Pr-W4(RD`6hnQSq-sn@!Fi z;O;X5M`MTNNCyReILNa8?iO-22bg?CVfKsTta^Bf3T*#4c9W;B?cR2>x&~yGa%lNDkf%OiQL^xVwkEMqSHUEDI+R&hJU`0Ypzb- z(0oZ&qQJ2ZsV@TB$&e^b@bkxp<#87U7y|(ON3=J(xa?351^+MOW`3+#0Pa3{-dQ`I zHkb0@*J#(Bllr*nC(s+;W*1M@U~67yL>o@wp}EOzySR8@aCg?K(3uz0V+tIwD6LXj zKSczM3PV^7iHZdQICIzQE$ z{8;cwl5|tvs-&`O;&t#5|4n@!h6+8E@gyvA7OUk!Xj2^>8|0q5^d^icEtyS%&$<(g z>8BhHgTo{vK?iVB}!|vM{k`_&c^v=%V3hOyea^}#ZydeAmy{SLl7*j->^Hyt z4Y<^d9pxC^+E*iBLq7_MAf@-^S9fBP6V;$nWahZ28jN%=mhtGV3(L>OTwidaA`fl=AnL?RRng%5t* z1j$A9?RazXuEA59G=V7M zSrU`1v%)5P1TZl$AutIB1uG5%0vZJX1Qb$?xAdc;PI%Fxc{oiXnYZd80XYN+Nj0L( Lu!EV#0s;sC_v&0} literal 0 HcmV?d00001 diff --git a/tests/data_files/keyUsage.decipherOnly.crt b/tests/data_files/keyUsage.decipherOnly.crt new file mode 100644 index 000000000..7c379787a --- /dev/null +++ b/tests/data_files/keyUsage.decipherOnly.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICFzCCAYCgAwIBAgIJAJsTzkylb95SMA0GCSqGSIb3DQEBBQUAMD8xCzAJBgNV +BAYTAkdCMRIwEAYDVQQHDAlDYW1icmlkZ2UxHDAaBgNVBAoME0RlZmF1bHQgQ29t +cGFueSBMdGQwHhcNMTUwNTEyMTAzNjU1WhcNMTgwNTExMTAzNjU1WjA/MQswCQYD +VQQGEwJHQjESMBAGA1UEBwwJQ2FtYnJpZGdlMRwwGgYDVQQKDBNEZWZhdWx0IENv +bXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9nxYOSbha/Ap4 +6rACrOMH7zfDD+0ZEHhbO0bgGRjc5ElvOaNuD321y9TnyAx+JrqPp/lFrAgNiVo1 +HPurPHfcJ+tNBUgBHboWGNENNaf9ovwFPawsBzEZraGnDaqVPEFcIsUQPVqO1lrQ +CHLUjtqo1hMZDqe/Web0Mw9cZrqOaQIDAQABoxswGTAJBgNVHRMEAjAAMAwGA1Ud +DwQFAwMH4IAwDQYJKoZIhvcNAQEFBQADgYEAJ0NS2wUbgRelK0qKxrR2Ts6jVYEH +bmykx3GHjFyKpscDIn2vNyyB7ygfFglZPcw+2mn3xuVIwOV/mWxFvKHk+j2WrTQL +tDqSC5BhFoR01veFu07JdEYvz+I+NCL5z0IGWXkUrk235Wl4w4WMZDnXTqncMNEk +fLtpo9y79XD00QY= +-----END CERTIFICATE----- diff --git a/tests/data_files/passwd.psk b/tests/data_files/passwd.psk new file mode 100644 index 000000000..17fee37df --- /dev/null +++ b/tests/data_files/passwd.psk @@ -0,0 +1 @@ +Client_identity:6162636465666768696a6b6c6d6e6f70 diff --git a/tests/data_files/rsa_pkcs8_1024_public.der b/tests/data_files/rsa_pkcs8_1024_public.der new file mode 100644 index 0000000000000000000000000000000000000000..fe429985bf29b545b3d52a24b692807062a827b5 GIT binary patch literal 162 zcmV;T0A2qufuAr91_>&LNQUm7(YwGJ1K49Joe8Zo!w`XNif5NQbH1%sC%f_kI=F#?@mywZ`mBGN;klTQhjX9KsO_<5g$57CK zAH?C};RwjjNh}Hu_A!(+5C;h{^9aC%6hcyqOB9?P4dldm4Gj&942=v;OiT>SqQrTP zkhumn1PzxmkboF22sb=9wWut$NWsvciBSpJwT!F`%uS5^3_x)%rY1&4hLue6whmcW zLxa2jn!RgE)e}vO>)gNNh3kad?>fYSE`M|maGxd=nbMy9SNnn6&*FV|&rfK`77Q9{jMpRO6g)xWwK~|@ge|-*bxqp{U-d7;d zA-!0b-{D7YqiQ_Y#^7THb)uGQen!2kpEPe7YxHyB>8)FpC*8cF!giHYwX>A{?lP%< zdrrxHYg2VnUQeBU=bvMo__A9$(V1tMc8TbSsm$@ZbN0gbp!DL8x(k&5)_pNNrCV^S zlbhwX-ZKA!ym{yLMsz+3j+~blH7WH`hds{}$;Ee{zL+~z_^syc)dfO#qE2OtuMTPo z*~rAq$iTSR*T5SbfwICZOa=@FvcTY!FH%ccPe~-etutVQ*+wqDnp6m_JcfzA8T@! z2_4#?pxHEGwy}oaoy!&9XSv6&+kN)tBZ-cE+n*oVexg{pW2@8JB_Rtuw_Njkbn3>( zwTEW^|4}IR@x>9_+>%qXcl|gs)nv~rr=WGNJp6ong3V9&{W4z|@u*t-)+TEX&O+Zs z<;vTH)_U*$ac;Ll%;nGDGb%sa5T9cm5d2X3+f|2et~z@4x6W7p4 literal 0 HcmV?d00001 diff --git a/tests/data_files/server1.ext_ku.crt b/tests/data_files/server1.ext_ku.crt new file mode 100644 index 000000000..3c4f854a2 --- /dev/null +++ b/tests/data_files/server1.ext_ku.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpzCCAo+gAwIBAgIBITANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNDAxMTQ0NDQzWhcNMjQwMzI5MTQ0NDQzWjA8MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o4G0MIGxMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKm +MGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0GCAQAwCwYDVR0PBAQDAgXgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3 +DQEBCwUAA4IBAQANtiYR2P6+a7rEtJARIgpurw1URYejATbbp3ZhaHBW603Wyb2+ +KJtm1KPCzoju/qTRt65YYkt+tu1wTzamyrkPxt8bBKmxiWnu5j1HLxdjOz8VW9lf +vTb5egR4dU9eNXni/5QkzrdkMO+ob4puDXY7ytPuGX6YfNVhCkrhBlYDJNE57CkK +vpCNj3+Te8PEkWPAEaUhqCnQk6qvPvpBfc/hqgwzlRMt3u5NkiVOuH72dtr4fOI1 +nlAU8D2wuvDVr3X5281ONNEtHU6rXe98vlUzS9QV9lBDdsO9nRYJzv2Nb1cjRIM5 +JZl0ILLR2tc6E/W5YXalNp37jfrFii1U9WrJ +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.key_usage.crt b/tests/data_files/server1.key_usage.crt new file mode 100644 index 000000000..b5a2532c2 --- /dev/null +++ b/tests/data_files/server1.key_usage.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw +DQYJKoZIhvcNAQEFBQADggEBAE6xegEHvwuQ8I4YCLX7oXmDJiDb7m2nMin+um0v +TMqHAE3B9GvdWGUgMIEMf76ee7OMDzxfzM2vyNGemB0rn1djEv+knJBSdMQKD9X8 +tkT8cPqMHlRMYYbFFkkZEOeqeihZXQdUORao9ZSXrokYwv+Fr+PAmiUJEmkZHbA1 +Gqp6tPfGxJ2ah50Og9oAPwyND6kvE2o++Dth2evjljPCPM2Gw5kjQGw3V9CAUyUo +KtLrtZdOeRHRCWCf3UQ/tYkG70tY/+grftrHqKB2E4qkmDiCPS9sEpa7jOGT6e4k +jGVeZFNZZ10mD2Svr3xl/60++c7yLxrquujo8NOTCVcshfs= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.key_usage.crt.openssl.v3_ext b/tests/data_files/server1.key_usage.crt.openssl.v3_ext new file mode 100644 index 000000000..e255027ee --- /dev/null +++ b/tests/data_files/server1.key_usage.crt.openssl.v3_ext @@ -0,0 +1,5 @@ +[v3_ext] +basicConstraints = CA:false +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid +keyUsage=critical, digitalSignature, nonRepudiation, keyEncipherment diff --git a/tests/data_files/server1.key_usage_noauthid.crt b/tests/data_files/server1.key_usage_noauthid.crt new file mode 100644 index 000000000..c82a97972 --- /dev/null +++ b/tests/data_files/server1.key_usage_noauthid.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDLjCCAhagAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +ozwwOjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAO +BgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQEFBQADggEBAKuveVlnjgJIkiH6HqZk ++oGpLPxpcoMEMskzyFxTfjP4L2Mj798qydBbobyVJdH5p/sIpcHsI0xajM/dcZKS +7b28KVwxOk+87DtwCikFT+jzWPe8fzowqsNAaKtvtDQnLYh8u2tDT1vhABwgTVAy +aHCzs+nm3o36NPSN9K+wmI+r1KFnhjtyOQ++7M8wRRT5jrC+1tYicjsnVMu07yB5 +04C99Fa3MToilg66Jos95U3gBF5GbSfDXYtd3/etNMkUiG8FEZJlkhKbTO+4E03a +X6+z2VojrAroYyO/F5ZlaC3/CsMQ8Zcate64nH/Lu/U78XAo8iKz5DLLOPBqodER +z4A= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.noauthid.crt b/tests/data_files/server1.noauthid.crt new file mode 100644 index 000000000..f778ae9e4 --- /dev/null +++ b/tests/data_files/server1.noauthid.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDHjCCAgagAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +oywwKjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAN +BgkqhkiG9w0BAQUFAAOCAQEAaf6oVaFgPEUYjT6cNoMf3p4Ja7EKr2Lp9jX0aV0D +Q4WwTg/QG3OVBX9IdK+ezAPuBRE7YWFKfbUR5MajWQt0MQPKXh0u7Tr4Z5JG3lXH +P/QzYZqTkSD9zlb0MHvYUl1T/Ulc4Ws7qSvf3iocvtSAZJIxNi9hxu2nXk2N4OGY +zyTONjlBtKjXa1THHKZzA5o1e4n2crtCDzXJFVqLeeIwW4zAqepXhGU1nepbazNP +B3IYzD+JM36XiDPAlci7ZDwpXHrT6fqlBOtfrUH+NAHXCSG2WT+6B4nVZW/P/Qrv +Hxrq4lP5fgpyX4jxa4UFW9YwRaUN7IAWuZL5dWINbiJZbg== +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.req.cert_type b/tests/data_files/server1.req.cert_type new file mode 100644 index 000000000..39ff3fdba --- /dev/null +++ b/tests/data_files/server1.req.cert_type @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpTCCAY0CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAkMCIGCSqGSIb3DQEJDjEV +MBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqGSIb3DQEBBQUAA4IBAQBErZcEaEEO +hLbRVuB3+N5by0mogdJsatJFSgW2/VztLvQBYu0O+VmTbZwCAWejA8U+cr6uPlyf +b4lDqj3W+XykeK9bSzoSr1yNO2VAcE74Y0ZrSz2yXMfT5R9IyKqQZspaKD8MOmYH +BqUH9o/phnGcaEG5xeSfhM1O/YNZuGnlLDQBGwT5puHOaLfjECvs8eZLopIWEBlD +QkRlhYqZBwhGZ8D/TxqG4teFtnBX5FG7UoSSVuneBrkREQM7ElhtD9jCWjfMnqm1 +59G84OycClwaKU7/Dm6zeMGDyFoMksBud7lyDHMhxvwSbzb1JR5v8iBsmVY2dhHt +Ot3Fx2be0gIr +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.cert_type_empty b/tests/data_files/server1.req.cert_type_empty new file mode 100644 index 000000000..70fd11133 --- /dev/null +++ b/tests/data_files/server1.req.cert_type_empty @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpDCCAYwCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAjMCEGCSqGSIb3DQEJDjEU +MBIwEAYJYIZIAYb4QgEBBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBACU0LLDBIMgG +B7gyNANHv42RovhQdzmUulqJPHNHx3v9G17F00bEykJb/r3awW6l5fhY/6oPydsY +hnWEM6VVCUkJ6Zqm2/wE49uaNTbFd9JU4OywRBfjHHSTOGnYFg+BYSfwaIkSCkx2 +kVhyklFm7My5wkyDPpFSU2tTfgsgaQMyTm93a2kxM7qJ/X3gFDG8o7R0vyojFVSI +mwsF9QsC6N9cygdFx23zCB0KsJ9KfmBqaTsdbKh8BsocYm5FJCw4WS/CBrCWBj+z +N7yEJj4SR5F+P7sFc5I0HANov5wQe8E3+WxxQt8jcqIje6DlaaGja44cXOzvFQyx +Hg/6H5EtBQc= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.key_usage b/tests/data_files/server1.req.key_usage new file mode 100644 index 000000000..30e481243 --- /dev/null +++ b/tests/data_files/server1.req.key_usage @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICnzCCAYcCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAeMBwGCSqGSIb3DQEJDjEP +MA0wCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBBQUAA4IBAQBsJ3v1Ar2X28GJsRSJ +WRQwFQwIbR/D0cHrwTf0ZfZttClytuc18JZlwkH3EG/rNkWaFp6MKIZoRMOBuSPc +MNvvKIo4nPaeouDPruymx0gNenlyRL3D4OZpBO/BmQIQjbUKWFbzEnEqvwvMDUnG +8w7UjPSFcxj2HzENr62HLPKKnVpL3nDXWK1a2A77KF9aMxyoWQ6FXb2xPD9cJjdo +c1jwskQbgosQzKKwwp5yxq0zRD3EAGw4A78mgHMfgFprq9e9azaB0JeyFG2Vn0t0 +L+vfiDEVQ3eJXSCen1kEVyHRju8g53UcSgd+JicWFboFj2/mJBuyW6yM++RGA9B5 +Zd62 +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.key_usage_empty b/tests/data_files/server1.req.key_usage_empty new file mode 100644 index 000000000..47e56bf1e --- /dev/null +++ b/tests/data_files/server1.req.key_usage_empty @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICnjCCAYYCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAdMBsGCSqGSIb3DQEJDjEO +MAwwCgYDVR0PBAMDAQAwDQYJKoZIhvcNAQEFBQADggEBAAqQ/EU/3oMt7YW4vWgm +0Q7F4v7DrFEoVMWfBzNWhMNIijzoaWKY8jwseZMzu8aCNQlJnM7c9FJF+OCgS7L5 +0ctwzjfCOi5I5cKgqv8WpuMZWHXNtB7YtjUWIZVri/RazCncZEwJGCKQjmQYrGJm +Qmu2+D+DWY+nEW47ZfDH9jOJtatnREjSNsKzc44L9zUaEy3bi+m455XGH+ABmeb7 +Iqmguh10xUyY6rEOFEuqvFyFr5g1eb53Rr5CQxGfw1j+2bbSh+rVb6Ehf9LAijyu +Ygqa91hGab/CjykS6HMrD91ouWtt2Rt3zCKo4Xxe8dlAszKB4W83M9OgDVVpiCfC +t3A= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.ku-ct b/tests/data_files/server1.req.ku-ct new file mode 100644 index 000000000..ebd01f5cc --- /dev/null +++ b/tests/data_files/server1.req.ku-ct @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICsjCCAZoCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAxMC8GCSqGSIb3DQEJDjEi +MCAwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG9w0BAQUF +AAOCAQEAWUMyIXHi4BbIxOeCD/Vtu9LGV8ENMV7dwYVEQcwrt1AHahtYgUtkoGcP +lOPqg1lbg22bu8dLPoY4HAzxCOAGs27otWL5LlE9M5QPH1RedEycmOuYrMl6K988 +hfDBJ+OkgCShcM91+udrc0gpDEI7N01A+fmukQ6EiaQjIf7HME/EKQqhEuEQMXHC +GBvdNuEF5BfV3aAYuT+xfdXDU2ZWwXXWAHGmVh3ntnhtEG6SnXSnBATU2wa4tpBd +KLbEbcsiy2uj0OLJlvG6LqsNggtkD58GCGpLpaVxdW80yw+f/krwLpeyocE1KGcT +7eX+9yhLe9NIZojvevw+53dNE7BUfw== +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.md4 b/tests/data_files/server1.req.md4 new file mode 100644 index 000000000..15585499c --- /dev/null +++ b/tests/data_files/server1.req.md4 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA +A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY +tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz +hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K +HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm +DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp +qGZf2UmuJdLeIMzSNX2rZ+SVDX9o +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.md5 b/tests/data_files/server1.req.md5 new file mode 100644 index 000000000..57714ede3 --- /dev/null +++ b/tests/data_files/server1.req.md5 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBAUA +A4IBAQCEiv3QM4xyKhYTsoOjyzQdXMhsXK3Kpw+Rh874Hf6pXHxUaYy7xLUZUx6K +x5Bvem1HMHAdmOqYTzsE9ZblAMZNRwv/CKGS3pvMkx/VZwXQhFGlHLFG//fPrgl3 +j4dt20QsWP8LnL4LweYSYI1wt1rjgYRHeF6bG/VIck6BIYQhKOGlzIwWUmfAGym6 +q4SYrd+ObZullSarGGSfNKjIUEpYtfQBz31f5tRsyzSps7oG4uc7Xba4qnl2o9FN +lWOMEER79QGwr7+T41FTHFztFddfJ06CCjoRCfEn0Tcsg11tSMS0851oLkMm8RyY +aozIzO82R3Em7aPhZBiBDy3wZC2l +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha1 b/tests/data_files/server1.req.sha1 new file mode 100644 index 000000000..578ec7f79 --- /dev/null +++ b/tests/data_files/server1.req.sha1 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBQUA +A4IBAQCiYQMOv2ALPUeg8wHKn9L5SdDbNxOzuMwhYsCYTw2TJMQO7NLUq6icEzxY +pUIIFt60JUQjZHxQSY3y9cSivwKXQA7pPfaPaFC/aMA2GxG23t2eaIWNQX8MfcWf +XAa8bl/vmC1MTov+mP2DGoXRiKYORrEInyDS2RaTathvHckcAv25nCIx7wYO9tC9 +LUwyoE9bhiQ7fo3KFlz4dK1HukyCM/FoPbJuL7NgdzmKVPyYCLh5Ah+TTD6+sltz +dFc4fj28w1v3jsBXz+tLrgFQidzuUI2poxt5UwU9TKY0dAJaTCtfIRcXW3h6DGG7 +EDR6rim6sbIQkGzYvGqs4TNoJOR+ +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha224 b/tests/data_files/server1.req.sha224 new file mode 100644 index 000000000..a4f2af4c1 --- /dev/null +++ b/tests/data_files/server1.req.sha224 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDgUA +A4IBAQArYR2mLKU5lsHyAyGHr4PlmC/cfePmCRyC/mj1riGTjDlNC2X3J1VZDqKb +U/uUxLudP7sbuttRksIAREATT74Pa40bMWiPUlBfA/M2mFTmKb/91uXeIISW8DL3 +xM/5BCDrhnZ/cjP23gKDgJRk+IGBNhYZDGz50TIBbDJ2e4GDkFjzANngUW64UcCQ +7hZOYtnYLBnoRvPwtal5jZqHwsgaPPePXu+SQ8mfuAJwJ78MOCAaKw0IP1h1OnPG +iubdl34lSIaYWwbHTdjaqUSQG3SSs4oxEvluYymrpZ6XGKXtphJXEPdTRiLu9d9l +A5NYVgvqHFQPmuXS92zrGzB788pV +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha256 b/tests/data_files/server1.req.sha256 new file mode 100644 index 000000000..6d21dc5d9 --- /dev/null +++ b/tests/data_files/server1.req.sha256 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4IBAQCVlSU7qeKri7E3u8JCZbCyjsGJTH9iHYyeDZ/nDLig7iKGYvyNmyzJ76Qu ++EntSmL2OtL95Yqooc6h1AQHzoCs+SO2wPoTUs3Ypi9r7vNNVO3ZnnxVtGgqCRVA +W+z9W4p2mHXQhgW1HkuLa5JD1SvJViyZbx9z3ie1BQ9NVKfv++ArPIv70zBtA7O3 +PZNG1JYN30Esz7RsCDRHbz6Npvu9ggUQL/U3mvQQ+Yo+xhwu1yFV+dRH7PebBeQv +vjcD2fXDabeofK3zztIpUIyUULX0GGClM9jslgJ/ZHUlArWKpLZph0AgF1Dzts// +M6c/sRw7gtjXmV0zq2tf2fL4+e2b +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha384 b/tests/data_files/server1.req.sha384 new file mode 100644 index 000000000..b857af7f1 --- /dev/null +++ b/tests/data_files/server1.req.sha384 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDAUA +A4IBAQBy35zHYLiYaScq1niQkzQ/BScUbdiWd2V90isBsB5Q3NjVoJl/yCaMrla3 +2XfrutpFpdqwenl5jM0o6+enKCmfur+z2/ije69Dju2aBd6A62cx1AEvFiMq7lyF +4DYJ32+2ty6KA8EhzE3NFs7zKXxmD5ybp+oXNEvXoeU3W8a+Ld5c1K/n+Ipa0TUy +cFBs6dCsbYO9wI6npwWqC5Hc9r/0zziMFO+4N5VORdYUFqObq4vCYOMXETpl8ryu +lGZorNUoJ7vV55T31CDqEtb0EE+nO+nT4agfDobncYjvc3WpQuLtUB4UwR5gpZl6 +ZI+j4uwikOgGO9gcx4IjaRP3q63F +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.req.sha512 b/tests/data_files/server1.req.sha512 new file mode 100644 index 000000000..85d52460d --- /dev/null +++ b/tests/data_files/server1.req.sha512 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDQUA +A4IBAQBb8jNpt0nkNVWstVoOCepQSF5R1R9hF0yEr7mk3HB9oO/nK07R1Oamgjw+ +CHQReTSjIKUX53o7ZwNZB5E+jBDsGz/2Yyj/vxNHJFk2exELtW30he8K2omVHE1F +XESbftCssWLNpTSDq6ME12+llkEDtgCtkv69oRUkuuF5ESUSZRGIZN4Vledm8SM1 +uGFtaG/PXbBbtUaNwNISDeIWDKRtbuca5web+QEi1djiUH21ZWIGEpOy7mtkYmRs +Qt1D32FoaqFNhafiaxNIXO11yd4lgpaDDlmrOSBsELcTIF9916o3DwMeVXy0GONW +BrwaO8q8rg+C+xvMY7858Kk8kwjb +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.v1.crt b/tests/data_files/server1.v1.crt new file mode 100644 index 000000000..e85ed30fc --- /dev/null +++ b/tests/data_files/server1.v1.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC6zCCAdMCAQEwDQYJKoZIhvcNAQEFBQAwOzELMAkGA1UEBhMCTkwxETAPBgNV +BAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMB4XDTExMDIx +MjE0NDQwNloXDTIxMDIxMjE0NDQwNlowPDELMAkGA1UEBhMCTkwxETAPBgNVBAoM +CFBvbGFyU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb +7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJ +BEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8Yw +fhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5B +Xhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1Y +ieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAATANBgkq +hkiG9w0BAQUFAAOCAQEAOKzKoIMPjmKis0WH0t9/Bn5cMAPsBAgeqROeWqAs1N7j +FIpCoyQW43t1rAtga946X6/IanTuLKScPkhNrcX4ASn0+DzaNxVelumjjfD6NEcn +/Fnq0a+5oNcqXrM9lCBtqFnGcDoFJq3VMA3P+YCqZ9ZaYy30mOkZRVlddMQCpk7g +RxVBLEaPL1DlSmR1hIvsHQ51DGU6xEnbrxGn19dFf1yfC+vnf5mhKPB8XGWd+IjZ +WkYsfmBe2hwH58XNvVf0suX9aQS16vwqpPbPi3wQ2d3cX1/vCCW4cCYW7Pytc3Op +pBjHEIkmil2/30+Rqk4SbZvo99MMPGIOREOJ81sNRw== +-----END CERTIFICATE----- diff --git a/tests/data_files/server10-badsign.crt b/tests/data_files/server10-badsign.crt new file mode 100644 index 000000000..eca171f35 --- /dev/null +++ b/tests/data_files/server10-badsign.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX10= +-----END CERTIFICATE----- diff --git a/tests/data_files/server10-bs_int3.pem b/tests/data_files/server10-bs_int3.pem new file mode 100644 index 000000000..b84cee7c3 --- /dev/null +++ b/tests/data_files/server10-bs_int3.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX10= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE +732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo +ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt +Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt +pz590JvGWfM= +-----END CERTIFICATE----- diff --git a/tests/data_files/server10.crt b/tests/data_files/server10.crt new file mode 100644 index 000000000..96a4040ce --- /dev/null +++ b/tests/data_files/server10.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX1Q= +-----END CERTIFICATE----- diff --git a/tests/data_files/server10.key b/tests/data_files/server10.key new file mode 100644 index 000000000..0088331ea --- /dev/null +++ b/tests/data_files/server10.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEILBDMs7bRVxVg6ovTpf2zB9m+22jY7R3LNKRvCPfa6YJoAoGCCqGSM49 +AwEHoUQDQgAEHG336dql6qGcsnIZqAkcc63eFbvepuOzTwXobRAuOmk3l4A5wXX/ +vs5wAawLX1wUTUM/AESHmAZrJK9tq5So8g== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/server10_int3-bs.pem b/tests/data_files/server10_int3-bs.pem new file mode 100644 index 000000000..a9e06150b --- /dev/null +++ b/tests/data_files/server10_int3-bs.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX1Q= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE +732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo +ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt +Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt +pz590JvGWf0= +-----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_int-ca2.crt b/tests/data_files/server10_int3_int-ca2.crt new file mode 100644 index 000000000..0df2c653b --- /dev/null +++ b/tests/data_files/server10_int3_int-ca2.crt @@ -0,0 +1,40 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX1Q= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE +732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo +ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt +Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt +pz590JvGWfM= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl +WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 +ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW +BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw +FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 +yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M +ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf +7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M +CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut +ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +-----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_int-ca2_ca.crt b/tests/data_files/server10_int3_int-ca2_ca.crt new file mode 100644 index 000000000..c25482b8b --- /dev/null +++ b/tests/data_files/server10_int3_int-ca2_ca.crt @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX1Q= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE +732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo +ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt +Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt +pz590JvGWfM= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl +WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 +ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW +BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw +FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 +yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M +ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf +7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M +CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut +ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:00 2011 GMT + Not After : Feb 12 14:44:00 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: + 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: + 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: + 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: + e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: + cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: + ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: + 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: + c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: + 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: + e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: + 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: + 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: + 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: + e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: + 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: + ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: + a2:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Key Identifier: + B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA + serial:00 + + Signature Algorithm: sha1WithRSAEncryption + b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: + 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: + 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: + 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: + 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: + 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: + 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: + e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: + e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: + 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: + 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: + 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: + 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: + e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: + f7:e0:e9:54 +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_spurious_int-ca2.crt b/tests/data_files/server10_int3_spurious_int-ca2.crt new file mode 100644 index 000000000..c9d6715f4 --- /dev/null +++ b/tests/data_files/server10_int3_spurious_int-ca2.crt @@ -0,0 +1,64 @@ +-----BEGIN CERTIFICATE----- +MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq +oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY +Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io +rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ +AzO3pJx7WJAApZuBX1Q= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE +732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo +ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt +Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt +pz590JvGWfM= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl +WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 +ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW +BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw +FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 +yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M +ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf +7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M +CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut +ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1_ca.crt b/tests/data_files/server1_ca.crt new file mode 100644 index 000000000..748d94457 --- /dev/null +++ b/tests/data_files/server1_ca.crt @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC +AQEAvc+WwZUemsJu2IiI2Cp6liA+UAvIx98dQe3kZs2zAoF9VwQbXcYzWQ/BILkj +NImKbPL9x0g2jIDn4ZvGYFywMwIO/d++YbwYiQw42/v7RiMy94zBPnzeHi86dy/0 +jpOOJUx3IXRsGLdyjb/1T11klcFqGnARiK+8VYolMPP6afKvLXX7K4kiUpsFQhUp +E5VeM5pV1Mci2ETOJau2cO40FJvI/C9W/wR+GAArMaw2fxG77E3laaa0LAOlexM6 +A4KOb5f5cGTM5Ih6tEF5FVq3/9vzNIYMa1FqzacBLZF8zSHYLEimXBdzjBoN4qDU +/WzRyYRBRjAI49mzHX6raleqnw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server1_csr.opensslconf b/tests/data_files/server1_csr.opensslconf new file mode 100644 index 000000000..6e7075ea6 --- /dev/null +++ b/tests/data_files/server1_csr.opensslconf @@ -0,0 +1,10 @@ +[ req ] +distinguished_name = req_distinguished_name +prompt = no +# Restrict to non-UTF8 PrintableStrings. +string_mask = nombstr + +[ req_distinguished_name ] +C = NL +O = PolarSSL +CN = PolarSSL Server 1 diff --git a/tests/data_files/server2-badsign.crt b/tests/data_files/server2-badsign.crt new file mode 100644 index 000000000..7e32d3b90 --- /dev/null +++ b/tests/data_files/server2-badsign.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY +oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw +UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y +iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M +wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS +RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8 +zhuYwjVuX6JHG08= +-----END CERTIFICATE----- diff --git a/tests/data_files/server2-sha256.crt b/tests/data_files/server2-sha256.crt new file mode 100644 index 000000000..f8a5b8b97 --- /dev/null +++ b/tests/data_files/server2-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAGGEshT5 +kvnRmLVScVeUEdwIrvW7ezbGbUvJ8VxeJ79/HSjlLiGbMc4uUathwtzEdi9R/4C5 +DXBNeEPTkbB+fhG1W06iHYj/Dp8+aaG7fuDxKVKHVZSqBnmQLn73ymyclZNHii5A +3nTS8WUaHAzxN/rajOtoM7aH1P9tULpHrl+7HOeLMpxUnwI12ZqZaLIzxbcdJVcr +ra2F00aXCGkYVLvyvbZIq7LC+yVysej5gCeQYD7VFOEks0jhFjrS06gP0/XnWv6v +eBoPez9d+CCjkrhseiWzXOiriIMICX48EloO/DrsMRAtvlwq7EDz4QhILz6ffndm +e4K1cVANRPN2o9Y= +-----END CERTIFICATE----- diff --git a/tests/data_files/server2-v1-chain.crt b/tests/data_files/server2-v1-chain.crt new file mode 100644 index 000000000..84bb6b2b9 --- /dev/null +++ b/tests/data_files/server2-v1-chain.crt @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD +ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI +UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 +MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx +ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI +p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj ++uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ +4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva +i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P +6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B +AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG +3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc +ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF +53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW +GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 +o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK +EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0 +MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV +BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw +WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/ +WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3 +G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz +IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP +krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server2-v1.crt b/tests/data_files/server2-v1.crt new file mode 100644 index 000000000..7ef7968f5 --- /dev/null +++ b/tests/data_files/server2-v1.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD +ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI +UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 +MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx +ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI +p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj ++uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ +4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva +i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P +6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B +AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG +3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc +ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF +53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW +GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 +o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== +-----END CERTIFICATE----- diff --git a/tests/data_files/server2.crt b/tests/data_files/server2.crt new file mode 100644 index 000000000..33393ee1b --- /dev/null +++ b/tests/data_files/server2.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF +y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF +kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd +dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu +UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1 +fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r +4mN4lW7gLdenN6g= +-----END CERTIFICATE----- diff --git a/tests/data_files/server2.der b/tests/data_files/server2.der new file mode 100644 index 0000000000000000000000000000000000000000..ec03190e12610688838c1ff3f27b0fb26632885d GIT binary patch literal 827 zcmXqLVm3EuVv=9L%*4n9LZ#K0^{oYx4M zYhXgqa3KQ$h~b<$`N@en8TrK}22G4g$gX5$WngY%%5h)*oCMkXBRVcEPp4LJ#Bf=mI?25i>mBYX8qY_vPR`=`2)3- zo;e#dY8T#m)${D6%(OlK4zdJoHoLO;*TaovHzpiR+>#b#wn!~_)#{Qs_FBoN+gdl| z7u@8P(e+IG9<5sJ_JX_1Ka*!G!-R*ongr5n*M(?zr&dl}_$cx4SqD#!cNsh%yW1|g z?Z2>Nl_0ZReb@>qITs0j{?_hW-7ayDB#tHNA5ZK36?>!hvwEi{6u~JpTQa5Tn6# zCT2zk#>Kt{-r$In6=q>FU@(vc2BRz=ix`W@Qq~tKJMP?1;13Y;O<0k#-nZL%vVlBE zTA4+{K&(MzOVpF4o9|r;`nL1xvZ?&9?e-l1`yV;Lfyn|G;6OWyxxJ2_UU2VYvP>C^ zwlMF37Qv(aR?CmhF|8`!p&-)qF66_f4MC?X&PB5O2WI}etpAepdF!MbyEeW)S{9qA z`?788J*}Vi!5U6&&Be|SSmN0yh@{TX6R6q~A*poewPjJ@r0ZK`OZ6{XX)`{*9kA}v z$1A?kHoG0QwU#{cVtSe&qBBQ+*%>x()lR=@21;{cB76_ux{wzj*OU77rnu>{2Wt7#C=BTy4jaQ zS-KblwmeR%$PpA>swH^PQ)c!Nfz*Wdn{t_ve*M|65B|%3lw2`2?}6_1<>o5@#6dhp literal 0 HcmV?d00001 diff --git a/tests/data_files/server2.ku-ds.crt b/tests/data_files/server2.ku-ds.crt new file mode 100644 index 000000000..3bd07d0fb --- /dev/null +++ b/tests/data_files/server2.ku-ds.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDijCCAnKgAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNDA5MDg0NDUxWhcNMjQwNDA2MDg0NDUxWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME +XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG +A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAc4kubASrFXFtplkYp6FUcnUn +Pf/6laS1htI+3y+q1UHWe2PcagZtCHTCUGBSWLeUIiaIBheaIRqv+4sSFVuXB7hV +0PGXpO5btth4R8BHzGqCdObKvPujp5BDq3xgcAFicA3HUMNsJoTDv/RYXY7je1Q5 +ntVyVPeji0AWMUYQjcqHTQQPGBgdJrRTMaYglZh15IhJ16ICNd9rWIeBA0h/+r0y +QuFEBz0nfe7Dvpqct7gJCv+7/5tCujx4LT17z7oK8BZN5SePAGU2ykJsUXk8ZICT +ongaQQVQwS6/GJ6A5V8ecaUvFrTby1h9+2sOW8n2NRGiaaG5gkvxVeayemcmOQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ds_ke.crt b/tests/data_files/server2.ku-ds_ke.crt new file mode 100644 index 000000000..ebee7e1c3 --- /dev/null +++ b/tests/data_files/server2.ku-ds_ke.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDijCCAnKgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNDA5MTAwMjQ5WhcNMjQwNDA2MTAwMjQ5WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME +XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG +A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAnW7+h85xBP2KJzFSpWfGirVe +ApdC9bX0Z1sVMmD486N+ty9W6BP6kJRxLDX0fOuRc3x7mCy5qZg/Yj40+yQSoA0w +bTNwJjuR8iMqWIqLw9hWR+E9T4lYLZWyGJVjlVTkO4i5wifwhoJE9Doohh/6crn5 +ImWgEkgT/wDVIHoamciO6KU36d0iAEEP2eYgxv2/sVHvjjsseTdvYh3D3VuOmQtS +uUvFxc6H5kYoq/yodJWDaOn3RS8pEpDsiW+abcWyxNTPtHFroJV7e9aaVmhlRSzw +sYDyD/ZyIlavoPSEiD3LTT/Tp6BIpz+zb4WHOHLEvUCsZputqxPVcNoEAi9xuA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ka.crt b/tests/data_files/server2.ku-ka.crt new file mode 100644 index 000000000..90f7c4a99 --- /dev/null +++ b/tests/data_files/server2.ku-ka.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDijCCAnKgAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNDA5MDg0NDIzWhcNMjQwNDA2MDg0NDIzWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME +XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG +A1UdDwQEAwIDCDANBgkqhkiG9w0BAQUFAAOCAQEAriPloIWfu7U8d1hls97C7OBI +OiE2xFh2UmuN/9hTK2CyW6MtBf8aG3l4jQDrsutHO0gUyoR67ug4yj+s+0S/zETZ +q6mPo7cBbVwjhGciQRiYgufFpdnbXR05HDgOVPK7qqjL6UOZnbu5caIEvIJgdwXn +n8WB9x/Ii4/2S9ysmRdRhDBYekzgH3Ac2UnHJTMh1XaSL817MW6B9BDKHt4xa7pW +cplDzrFKYbmxSSxzALE4Dr+zRvmDx4bcYpBkRRfOhnnR1caQBgaZzPcX/Vu+vw8e +qs2nyBW5RBu8MBCBU1DpqOSo6jl0QTpuq3NzQZIouG9fyckqDJS5ibrxQTutPw== +-----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ke.crt b/tests/data_files/server2.ku-ke.crt new file mode 100644 index 000000000..8daa0c13d --- /dev/null +++ b/tests/data_files/server2.ku-ke.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDijCCAnKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNDA5MDg0NDM5WhcNMjQwNDA2MDg0NDM5WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME +XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG +A1UdDwQEAwIFIDANBgkqhkiG9w0BAQUFAAOCAQEAqreLAIuxeLGKbhoEROYRqXxO +ndaC6uDcpxhgmEW7B2DW6ZtX8155v3ov61MuMas8fEQjD5STDP9qERxNTePnhW3m +kDZd2jUBE3ioHhTBv47i1PYU+DRe42kY6z0jUmNPK8TsTKfdbqTGXg9THe1KYB7q +hdljqGS08IgBl/q2lK2OOSycu27xhfb9Mo0BcLBab92WgyBu+cFPQsKiL4mD7QyJ ++73Ndb21EuANUjsRDQ3NPklssJcyJB2v85eekwk1acZUG21no3wdTvjxhVE/Xrdz +zUP9WkvAVfUrwGjUzG4YHE8wkHO7xKbKixNt+nQmDhe+tHVbztZjVwFJ8010gg== +-----END CERTIFICATE----- diff --git a/tests/data_files/server3.crt b/tests/data_files/server3.crt new file mode 100644 index 000000000..ed0d696b4 --- /dev/null +++ b/tests/data_files/server3.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICojCCAYqgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwODA5MDkxNzAzWhcNMjMwODA3MDkxNzAzWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG +CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5 +fQcsej6EFasvlTdJ/6OBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTkF2s2sgaJ +OtleQ7bgZH2Hq33eNzBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/ +pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQ +b2xhclNTTCBUZXN0IENBggEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjmSIjGKD1eH5W +4bl2MXfNIsTwc2vv/MAAhBzBEbTXd3T37+zAGPGjKncvTB+oufUVRGkoKbfoC6Jm +DYSEUuxtnUZOko/C//XlCEtK0TuS2aLEqF3gJjBJTCfthEdAhJCtmPAQDCzeKsdx +CoOtH0NQx6Xl64oDt2wYSQNWUTGLPfRpdsVEvBHhHYATQijkl2ZH8BDjsYcBicrS +qmCeN+0T1B9vrOQVEZe+fwgzVL38n8lkJZNPIbdovA9WLHwXAEzPv4la3w0qh4Tb +kSb8HtILl4I474QxrFywylyXR/p2znPleRIRgB5HtUp9tLSWkB0bwMlqQlg2EHXu +CAQ1sXmQ +-----END CERTIFICATE----- diff --git a/tests/data_files/server3.key b/tests/data_files/server3.key new file mode 100644 index 000000000..fecf44db1 --- /dev/null +++ b/tests/data_files/server3.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MF8CAQEEGItTogpE7AOnjvYuTqm+9OabmsX02XKIAqAKBggqhkjOPQMBAaE0AzIA +BH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5fQcsej6EFasvlTdJ +/w== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/server4.crt b/tests/data_files/server4.crt new file mode 100644 index 000000000..96b1aa772 --- /dev/null +++ b/tests/data_files/server4.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC6jCCAnCgAwIBAgIBCDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKvXjL5VfYc7D/truqEpYcZcvlUhnuCNDJctYDJL +vgYYj5uxDxLHBXvnEHLgO5K+lps42p+r/dd4oE64ttRoeZZUvr+7eBnW35n0EpPA +Ik9Gwu+vg7GfxmifgIR8hZnOQkt2OjvvpChPCxvUailtB450Izh+mEK/hYFr+7Jl +NnxR1XQlbbyDM7Ect1HwYcuS3MBlBqq048J+0KEkQXICSjKeHFga9eDCq+Jyfqe5 +bt0K30hl1N0164B7aoh08Eomme+aSuAsz+MsJ3m7AO2DUYdrDxlrky1QrvRWWfX0 +d8djTM+uHTo1DviRM6o9+P9DfoFd53/Z0Km03sVLQWvUrhECAwEAAaOBnTCBmjAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTBuBgNVHSME +ZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkA +wUPifmJDzOgwCgYIKoZIzj0EAwIDaAAwZQIxAPWlxnMcjBaxaVieQYSLBqzizS3/ +O8Na6owRGPk0/UK+j5O9NTBHk+uXW/fQblKamQIwUQl4dl6gkRDE4rBR/yGjZZ1Z +3dEpvL2Wimt3keD7AcLpYB2FJ1mVcY1XQUeK1Vfc +-----END CERTIFICATE----- diff --git a/tests/data_files/server4.key b/tests/data_files/server4.key new file mode 100644 index 000000000..9e4daee4a --- /dev/null +++ b/tests/data_files/server4.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAq9eMvlV9hzsP+2u6oSlhxly+VSGe4I0Mly1gMku+BhiPm7EP +EscFe+cQcuA7kr6Wmzjan6v913igTri21Gh5llS+v7t4GdbfmfQSk8AiT0bC76+D +sZ/GaJ+AhHyFmc5CS3Y6O++kKE8LG9RqKW0HjnQjOH6YQr+FgWv7smU2fFHVdCVt +vIMzsRy3UfBhy5LcwGUGqrTjwn7QoSRBcgJKMp4cWBr14MKr4nJ+p7lu3QrfSGXU +3TXrgHtqiHTwSiaZ75pK4CzP4ywnebsA7YNRh2sPGWuTLVCu9FZZ9fR3x2NMz64d +OjUO+JEzqj34/0N+gV3nf9nQqbTexUtBa9SuEQIDAQABAoIBAHnxtYvgCPttG1NU +yJTTU/I7IEozWJaLIZMqfShT/Z4/0bEvfb3ag/bAKzkKDNx+6Utvlh1XJQTCMiiL +BhtHpHjc3JwdAgZ8KCMNRB2ba/2L/ouupqrm8hqOjdn2r6xM5Vi9pmegEIMWTJDM +NSX+nC0oF1Jg69X6KViFc5DOKFMhacSEwLJkv/EqCgdWaBoqMlTtTWKdm34xSN2L +P5o9kOgihTBNUUnVBUWJiT7C6bBAFwb1rECpvNOk6h+lvG+fSDZKYdwBrAsKspIy +/aXZD4qaicefGblrHcZv2og/zYkFs4riWNOmglxZyrK/3rFFk0B8mBk1mWQvrK7+ +Jq/R4k0CgYEA0hO29hJjeTBDdOWgzyXr5uppmR1WU7fv/Jy8PLRMvUvmiMQqRDK3 +zwGc6H938wdsubpdTCLPhq0rhDCTqtwIEAuFjZIYJs4yZzfy6klaD3516iIgb+W7 +fe1RkYMBp9wV0x272vzP4Y5p/fzp5xhvN52OkhQsjHRHewfDaUwSFScCgYEA0Wgi +kGVK6OxzoMCgiWx/L+y3yrYuHdWANTIIa5RvZk4UQqEFkGYGVP1rpbB/fAa1Yqev +qXkLZqad2dhJCuBVryGt29CHsbnEQ/QuTwlGmyZj1U8NnJBgNCPTdmGTBIm/7w9S +ESZ48bUlcqzsZn1Big/A6JX1e5i9b/1jyozNVgcCgYEAnRZc49iQRZjPeGQVQZEL +u5ph6DrFyMhsTistnv77uzk8Y9y79k8unz6HhFt86GAO7zrqdPo60GxBdBGW+laa +ONVEwr4SDUJ28jQmEwdSru9TYQav1ryk3N9O9U5POKQcNcewJ2qQUAvcOi6bAVGG +KMJKT/WB8m0o3ljJyL03cFUCgYBoHFTq42Fd8oj+SCbIjCej5RXvc6nz7Tzjta9Y +BSFphLIv+ixxAThustv9MYYAXLl7hhEgueyAKaBbOVv/S09uVdlBayi7pLc+bb1E +UEFJS8nguH/08hbSdWlh9tsIK5BAQ6ayniUNTtmCbRTPU8Ds6i4ntL6qp2KvthQS +FPTVqwKBgQC8m2sJapMms0/7EeGpUwMO+WNCHeRyujnriWYL8Kms0lmAn8NrQoA5 +wgbx0nZ/VrXtLPGHy915jxDXOU1Yc2gqEf5Qm/GnByUuml1mUSldiPciSJvKzMqP +LeWnb62HD60t/zwstN20Yzt6mBLocm1PPdPhPweI/EF6pSgvlw5NTw== +-----END RSA PRIVATE KEY----- diff --git a/tests/data_files/server5-badsign.crt b/tests/data_files/server5-badsign.crt new file mode 100644 index 000000000..0c6507233 --- /dev/null +++ b/tests/data_files/server5-badsign.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S +C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V +fGa5kHvHARBPc8YAIVIqDvHH1A== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-der0.crt b/tests/data_files/server5-der0.crt new file mode 100644 index 0000000000000000000000000000000000000000..08d8dd311b525fd51171a1019ad3194dad91580a GIT binary patch literal 547 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z RfPe8Z2E`yPzK_SR0ss?|s)_&r literal 0 HcmV?d00001 diff --git a/tests/data_files/server5-der1a.crt b/tests/data_files/server5-der1a.crt new file mode 100644 index 0000000000000000000000000000000000000000..015017b17db1c360392790665896ea46dc0feac2 GIT binary patch literal 548 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z SfPe8Z2E`yPzK_SRG5`R+9IA={ literal 0 HcmV?d00001 diff --git a/tests/data_files/server5-der1b.crt b/tests/data_files/server5-der1b.crt new file mode 100644 index 0000000000000000000000000000000000000000..6340d9e2ed9fb5e60822f52182c08cddf98f4417 GIT binary patch literal 548 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z SfPe8Z2E`yPzK_SR9s~fs-K$Fg literal 0 HcmV?d00001 diff --git a/tests/data_files/server5-der2.crt b/tests/data_files/server5-der2.crt new file mode 100644 index 0000000000000000000000000000000000000000..c6e320a369c20c3ee8c54d3caa1d5af0a7225206 GIT binary patch literal 549 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z TfPe8Z2E`yPzK_SR?&JahYB8%# literal 0 HcmV?d00001 diff --git a/tests/data_files/server5-der4.crt b/tests/data_files/server5-der4.crt new file mode 100644 index 0000000000000000000000000000000000000000..4af05cce1ed05ea02e9fac3fed3a0904b44799b0 GIT binary patch literal 551 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z VfPe8Z2E`yPzK_SRE*F>*4*yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z ZfPe8Z2E`yPzK_SRE?NFxU9D;rKLC6Lu2cX3 literal 0 HcmV?d00001 diff --git a/tests/data_files/server5-der9.crt b/tests/data_files/server5-der9.crt new file mode 100644 index 0000000000000000000000000000000000000000..4947f1f83fad41a48cee838ccf8cfdf2f2100e29 GIT binary patch literal 556 zcmXqLVv;v#VqCg_nTe5!iILNQi;Y98&EuRc3p0~}ogudYCmVAp3!5;LpO2xS0Y8Yt zCCm|!pOaV=9PDE#V;}_*Vipz#3l$gVD1@XImngV8D>yqE$cghB8XH&|nHZXy8X1^G ziSrtPxJFQ}feAtLg$x8B=5yxcCnx4)dUQv4h>n#0YgPGb1~*69bF+nXsE> zoN`e`cE=-i|10FZtNF<`vE;&9k*(h|lp>QR`8{R0p)C0SmHs7@*jTZ>T^)zA%Xvf3 zc4_hbVmz_s?f=D%a}642fxRp%%)(^AU?2;$U6zkUj720MacTb*_M6w67;`VyonyI+c^Rf1A}TbXwv-X(%>vG8}Y%RF~v@ z<^^)(FlR6rq%s*Y%+iUuzU=m*rzyN2cKY4Do_I~z@c8QDhTWGh7Ym21ox~lx`of;? z>-3*3RMa$`y2{Ry$w1Mpe(tf@W8ACNKdH)Ee?0%uR8{2p(~r})Mm~-ctx4NCq53$Z afPe8Z2E`yPzK_SRp8sKBT=suSl_mf!qOWiO literal 0 HcmV?d00001 diff --git a/tests/data_files/server5-expired.crt b/tests/data_files/server5-expired.crt new file mode 100644 index 000000000..d726e5c8e --- /dev/null +++ b/tests/data_files/server5-expired.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHjCCAaWgAwIBAgIBHjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MDQwMzEwMTIwOTMwWhcNMTQwMzA4MTIwOTMwWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2cAMGQCMCDxvDmhlrEk0r4hqCwvQDxWEoXPbbD1gglfLT3BsGpu +XHUQ1W2HwB3o/7N5I13BBgIwcmG17zyNIOkYiyExYtPCZCpbofEMpRY5qWG0K6YL +fN08jSzyFt6kbO4ak0D6tC5Q +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-future.crt b/tests/data_files/server5-future.crt new file mode 100644 index 000000000..969c84b46 --- /dev/null +++ b/tests/data_files/server5-future.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHjCCAaWgAwIBAgIBHTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MzIwMzEwMTEwNDExWhcNNDIwMzA4MTEwNDExWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2cAMGQCMAZWcb+NYxFVK+W6Z5eknM2TrbqQGZEYHQXeV9/XF0t7 +TLDhA6a/pFDTJVZunFzesgIwfqkBYuvMkiNlS4lWcVyf8L4CZIHCn1yHnOCxu8ix +uqgLb4na3i94x9urgbZZYfVK +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-selfsigned.crt b/tests/data_files/server5-selfsigned.crt new file mode 100644 index 000000000..cb5564751 --- /dev/null +++ b/tests/data_files/server5-selfsigned.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBzTCCAXKgAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV +BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy +U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY0M1oYDzIwMjQwNjE4MTEz +NjQzWjBHMRMwEQYDVQQDEwpzZWxmc2lnbmVkMRAwDgYDVQQLEwd0ZXN0aW5nMREw +DwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIBBggqhkjO +PQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/q +L9I0XV0WvYqIwmt3DVXNiioO+gHItO3/o0AwPjAMBgNVHRMBAf8EAjAAMA8GA1Ud +DwEB/wQFAwMHgAAwHQYDVR0OBBYEFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqG +SM49BAMCA0kAMEYCIQCf/bzFoge0pCOIrtHrABgc1+Cl9kjlsICpduXhdHUMOwIh +AOJ+nBHfaEGyF4PRJvn/jMDeIaH1zisinVzC2v+JQOWq +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha1.crt b/tests/data_files/server5-sha1.crt new file mode 100644 index 000000000..73e2d1745 --- /dev/null +++ b/tests/data_files/server5-sha1.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAaSgAwIBAgIBEjAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0x +MzA5MjQxNjIxMjdaFw0yMzA5MjIxNjIxMjdaMDQxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDESMBAGA1UEAxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI +KoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDY +IxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6OBnTCBmjAJBgNVHRMEAjAAMB0G +A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjBuBgNVHSMEZzBlgBSdbSAkSQE/ +K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFy +U1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH +KoZIzj0EAQNoADBlAjEAyjvzRWtxbXvkoYTYSQY9gFBpP7/wTZ2q6FbRiAuZULFt +lc0PMPDfVZChgA6iDH+BAjBdkOb73f2pOwZpMRqrOgqSynbt2uWY87mC5lRlNEoR +WXEv1AzIeBCv+81DN1Iuu4w= +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha224.crt b/tests/data_files/server5-sha224.crt new file mode 100644 index 000000000..47b11688c --- /dev/null +++ b/tests/data_files/server5-sha224.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICIDCCAaWgAwIBAgIBEzAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMBA2kAMGYCMQCj0EyFUzDRmfokWzLVEWN0epR4/sZytfIeozp6BqWH +qaTBdAR2vthIKC7dKuUkg34CMQD6YtB2O9Vso79gbzSen2qh7gK7VvGE+31EVPbR +Ce/oNG/3OfhRSdn3FOvBBg2UErM= +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha384.crt b/tests/data_files/server5-sha384.crt new file mode 100644 index 000000000..5d6a79b2f --- /dev/null +++ b/tests/data_files/server5-sha384.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBFDAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMDA2gAMGUCMQCnsd/6VB2kLIqMRsWdkJvRaQROyAg78CQExFEY3CMv +9t0kWRXPc4nCMH69RjQVvC4CMB4lk9A7hnX2zQy3bbUhOCOvXcsQdEe8AMgJBviz +5Nob2wThRqsm1wjCF60fyzXWuA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha512.crt b/tests/data_files/server5-sha512.crt new file mode 100644 index 000000000..16112ac54 --- /dev/null +++ b/tests/data_files/server5-sha512.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBFTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMEA2gAMGUCMFPL2OI8arcbRlKAbRb/YfGibo4Mwts8KX3fOuRCbXEn +pDWeb82kBqfXwzPJwamFOwIxAPGzyhWrxn0qEynWV5nzFK02PYBnYFgClISyyudH +HJGHtbEVRc5JA8ALnggaLVpuvg== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-ss-expired.crt b/tests/data_files/server5-ss-expired.crt new file mode 100644 index 000000000..287ce9820 --- /dev/null +++ b/tests/data_files/server5-ss-expired.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1jCCAX2gAwIBAgIJANhkYQXjo814MAoGCCqGSM49BAMCMEgxCzAJBgNVBAYT +AlVLMREwDwYDVQQKDAhtYmVkIFRMUzESMBAGA1UECwwJdGVzdHN1aXRlMRIwEAYD +VQQDDAlsb2NhbGhvc3QwHhcNMDcwNjI3MDkyNzE1WhcNMTcwNjI3MDkyNzE1WjBI +MQswCQYDVQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxEjAQBgNVBAsMCXRlc3Rz +dWl0ZTESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD +QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d +Fr2KiMJrdw1VzYoqDvoByLTt/6NQME4wHQYDVR0OBBYEFFBhpY/UB9nXggEM5WV/ +jGNGpxO+MB8GA1UdIwQYMBaAFFBhpY/UB9nXggEM5WV/jGNGpxO+MAwGA1UdEwQF +MAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgIAQ47gmTsbA8pphQ1jBeLQDp7W99qr6P +oTl7/vYSJJcCICxNSJGLrNu8TfWLhgJiRsozMR9jGhp+tse1rlGUUJL6 +-----END CERTIFICATE----- diff --git a/tests/data_files/server5-ss-forgeca.crt b/tests/data_files/server5-ss-forgeca.crt new file mode 100644 index 000000000..bfd7b706a --- /dev/null +++ b/tests/data_files/server5-ss-forgeca.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBlDCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp +YXRlIENBIDMwHhcNMTUwOTAxMTIwODQzWhcNMjUwODI5MTIwODQzWjBKMQswCQYD +VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl +c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3 +zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI +wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0kA +MEYCIQDF5pY54AUMNbhy3jk+8sdgsZS6bmeH/QI4D0I6UiIhXQIhAO7Y8V7Z8bx2 +gZyyk/wZpswb53ZaIP2XsJiJ/CPMCCVq +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.crt b/tests/data_files/server5.crt new file mode 100644 index 000000000..459742828 --- /dev/null +++ b/tests/data_files/server5.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S +C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V +fGa5kHvHARBPc8YAIVIqDvHH1Q== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cli.crt b/tests/data_files/server5.eku-cli.crt new file mode 100644 index 000000000..8aa2e44a0 --- /dev/null +++ b/tests/data_files/server5.eku-cli.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB5DCCAWmgAwIBAgIBPDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDEwMTcyMTIxWhcNMjQwNDA3MTcyMTIxWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD +VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r +y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAoGCCqGSM49BAMCA2kA +MGYCMQCzHyEvd56zm1AzfDBi3psz3rDL/m0RN2WnbRBQJxIJqjwEXOrKazko9m9q +owgau88CMQDuI0fsq5tnyiHPaDSAE21/6hlrCR6deNbwzB94OuPIbx1wIas9D1jc +//iSmKtbl8Y= +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cs.crt b/tests/data_files/server5.eku-cs.crt new file mode 100644 index 000000000..db97b403e --- /dev/null +++ b/tests/data_files/server5.eku-cs.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB4zCCAWmgAwIBAgIBOjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDEwMTcyMDQxWhcNMjQwNDA3MTcyMDQxWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD +VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r +y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMDMAoGCCqGSM49BAMCA2gA +MGUCMQC294oVK6fUjH/abI1xzytTusi8dl7518L0Y19q8zi9K19OtxzPK09h7xyy +gaJRvpUCMFS6hYhrht38yqwwhSVlnmTMVtira58mEUhL6v7Qzw1sz/Dm4aXkW3s6 +JQV1kqqbRw== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cs_any.crt b/tests/data_files/server5.eku-cs_any.crt new file mode 100644 index 000000000..8fa8632dd --- /dev/null +++ b/tests/data_files/server5.eku-cs_any.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB6TCCAW+gAwIBAgIBOzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDEwMTcyMDU4WhcNMjQwNDA3MTcyMDU4WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jaDBmMAkGA1UdEwQCMAAwHQYD +VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r +y3i1Gbx+JMnb+zZ8MBkGA1UdJQQSMBAGCCsGAQUFBwMDBgRVHSUAMAoGCCqGSM49 +BAMCA2gAMGUCMQCSYaq/9IKOTkzIrU/eOtpha/3af3JwT6vKh4N3cSX62ksMz0GT +Uxmq4UGMBt4VmBkCMBGpYqof6hS1o92ltNRpDSHuVQ+nke1lOsoQ1plZp4SI+bY1 +bUD/WrUSLlwikZAeng== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-srv.crt b/tests/data_files/server5.eku-srv.crt new file mode 100644 index 000000000..64312f6c4 --- /dev/null +++ b/tests/data_files/server5.eku-srv.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB5DCCAWmgAwIBAgIBPjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDEwMTcyMTU0WhcNMjQwNDA3MTcyMTU0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD +VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r +y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kA +MGYCMQDQzjWB0xZs/8IsqJb7owYYtCiT17939Uuc/1yBF69pJRy7KV/qJlHNvlVu +qwWVTx0CMQDNW/0dlX1gU6ashrZv5Ly4sijg/g645fFpfMKCNXysEb9xiBeEj5de +2x5sX/0OSx4= +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-srv_cli.crt b/tests/data_files/server5.eku-srv_cli.crt new file mode 100644 index 000000000..9f58fedd2 --- /dev/null +++ b/tests/data_files/server5.eku-srv_cli.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB7DCCAXOgAwIBAgIBPTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDEwMTcyMTQyWhcNMjQwNDA3MTcyMTQyWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jbDBqMAkGA1UdEwQCMAAwHQYD +VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r +y3i1Gbx+JMnb+zZ8MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggq +hkjOPQQDAgNnADBkAjAmQjJxxC82ZhBpH/GQkOQXDmaaV/JHRHGok1cWn3j3Xj8A +fqRZkp8JihpGIMse208CMFCMdNAfNd1tv+oPuynoK5Oh6/YlASX/otJT68voEIAN +SmsT1m9VPQMIyUo/3RtYjg== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ds.crt b/tests/data_files/server5.ku-ds.crt new file mode 100644 index 000000000..58dd0714b --- /dev/null +++ b/tests/data_files/server5.ku-ds.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICLTCCAbKgAwIBAgIBLTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDA5MDg0ODM1WhcNMjQwNDA2MDg0ODM1WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG +A1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEAzp4DkFMq7eDB0x5FeS9gYDaG +Ol8rVnWlRTLQzHZBQjKp+TcBdHZaBPoi8LyXtWA4AjEA6OWhsuTcv/qXOscQT0rL +eEh8wcCQeJK1uNd78lNvx3W0Pcxdb6cd7AhaAKgXL+r4 +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ka.crt b/tests/data_files/server5.ku-ka.crt new file mode 100644 index 000000000..2447326c2 --- /dev/null +++ b/tests/data_files/server5.ku-ka.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICKzCCAbKgAwIBAgIBLjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDA5MDg0ODUwWhcNMjQwNDA2MDg0ODUwWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG +A1UdDwQEAwIDCDAKBggqhkjOPQQDAgNnADBkAjACzKQ88/NvngMQBFc9rC484+gO +BRkXP28BqRcj8sBt3EfmEGH23BuhkZuB1OFZuMICMC4/pHgbOQtaY9WZPUROUVVZ +OuO6XsVbhiE0rb/mumqmUwuOrCtC/KFdvFZol4BNGA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ke.crt b/tests/data_files/server5.ku-ke.crt new file mode 100644 index 000000000..41ae5ada3 --- /dev/null +++ b/tests/data_files/server5.ku-ke.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICKzCCAbKgAwIBAgIBLzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTQwNDA5MDg0OTA0WhcNMjQwNDA2MDg0OTA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG +A1UdDwQEAwIFIDAKBggqhkjOPQQDAgNnADBkAjAMl0Cjv9f45bHeJTul5XpYeJeT +52ZaOLTa/uTLy948EnEIi6sj3nFb9fvsUbsOOjECMAXAMY64KOqzixefz3y3XS/d +9miyeArPOmXU2JJ3LGuNbqqj9IbABawB1OD8v8gRmg== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.req.ku.sha1 b/tests/data_files/server5.req.ku.sha1 new file mode 100644 index 000000000..3281c9460 --- /dev/null +++ b/tests/data_files/server5.req.ku.sha1 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY +BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD +QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d +Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD +AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg +2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha1 b/tests/data_files/server5.req.sha1 new file mode 100644 index 000000000..1a14a1501 --- /dev/null +++ b/tests/data_files/server5.req.sha1 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAkGByqGSM49BAEDSQAwRgIhALSf2Mj3er+ocZCN++aEoIp5PQ9JCkPY +b88ghuTyS7DCAiEA+CnVzNN0I2kpnmKUOUcXxLcjoPaLROgxtubDvKv5ckM= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha224 b/tests/data_files/server5.req.sha224 new file mode 100644 index 000000000..276683410 --- /dev/null +++ b/tests/data_files/server5.req.sha224 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMBA0gAMEUCIDYaN1m9MRk5mhX1U8aZKd0alyGKWqcR +oglF2MsIii/2AiEAjFHs8XQ0Q4yDF8oLztCxlq3nAvqmPdQz9T+TkEfh+PA= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha256 b/tests/data_files/server5.req.sha256 new file mode 100644 index 000000000..c59e15f99 --- /dev/null +++ b/tests/data_files/server5.req.sha256 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMCA0cAMEQCIGmRFdjjd53oM2Zpt3E5vfqujnA+DHWk +s9OudcSWBdjmAiA7BAYjGnXyL6ATPqM7qnLVGTf3JMT+1rXl7esBm/0APA== +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha384 b/tests/data_files/server5.req.sha384 new file mode 100644 index 000000000..87556c6c3 --- /dev/null +++ b/tests/data_files/server5.req.sha384 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMDA0cAMEQCIDnO+PIPZJGqiky9unvq13uXxahw1bpk +Zb5NRV0c06Q5AiAo5B49tp3kDN/n0BDNt1BBGLUfhcU+Qn2SQenCyfuGLg== +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha512 b/tests/data_files/server5.req.sha512 new file mode 100644 index 000000000..607741e3e --- /dev/null +++ b/tests/data_files/server5.req.sha512 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMEA0gAMEUCIQD8xdtluTiBJM50d/WvDeUvPbXOUMlL +8xEJXU2WOK+RLAIgS8U6Z8tlJpXLEisz/j4gdABG3Y3h4PBJjlpszFisTNo= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server6-ss-child.crt b/tests/data_files/server6-ss-child.crt new file mode 100644 index 000000000..3c6fd4d1b --- /dev/null +++ b/tests/data_files/server6-ss-child.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB8jCCAZmgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV +BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy +U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY1NloYDzIwMjQwNjE4MTEz +NjU2WjBNMRkwFwYDVQQDExBzZWxmc2lnbmVkLWNoaWxkMRAwDgYDVQQLEwd0ZXN0 +aW5nMREwDwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIB +BggqhkjOPQMBBwNCAASBWTF2SST6Fa2roDFuDu0zEfqRJVXBsMGcA3I+mLotpHI3 +iR9DN40fjjrY8FfoL0/JAKT323MPssYElNFAOzjjo2EwXzAMBgNVHRMBAf8EAjAA +MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDxZrEo+LvwCNi/afcvLnHqyiZlT +MB8GA1UdIwQYMBaAFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqGSM49BAMCA0cA +MEQCIAMlQ59/NW7S0hP1cu5OTD2zqT087bEmnIfOTBYfj8UFAiBBrrz2dipODVYx +vvTsQmSCzjrm+JtQQoWa+cdnAG3w5g== +-----END CERTIFICATE----- diff --git a/tests/data_files/server6.crt b/tests/data_files/server6.crt new file mode 100644 index 000000000..6df671686 --- /dev/null +++ b/tests/data_files/server6.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ +H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 +AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ +Xj09kLboxuemP40IIqhQnpYptMg= +-----END CERTIFICATE----- diff --git a/tests/data_files/server6.key b/tests/data_files/server6.key new file mode 100644 index 000000000..1311cfa21 --- /dev/null +++ b/tests/data_files/server6.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIEQZG5j8IkRLxa9OoZJzD3KkrXqIgi9cHZMVv2s/VcPOoAoGCCqGSM49 +AwEHoUQDQgAEgVkxdkkk+hWtq6Axbg7tMxH6kSVVwbDBnANyPpi6LaRyN4kfQzeN +H4462PBX6C9PyQCk99tzD7LGBJTRQDs44w== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/server7-badsign.crt b/tests/data_files/server7-badsign.crt new file mode 100644 index 000000000..954b53a5b --- /dev/null +++ b/tests/data_files/server7-badsign.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK0 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7-expired.crt b/tests/data_files/server7-expired.crt new file mode 100644 index 000000000..a25ce4b07 --- /dev/null +++ b/tests/data_files/server7-expired.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTA3MDYwNTA4MTQwM1oXDTE3MDYwNTA4MTQwM1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv +bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBAHcG1ysT8yImc0x3Z2O0SOtSYYjCPS1Gc89j +fWdBSoS5YhPHLgEjHQgDA6XdDNL0eUo3afhucEvSexhqLUABLu89cmi7ST+TsTEb +/lu8qZUgpa1bcMOk1+whl0JllfcDEq2y0aclkO0/6M6JftNNJ3egq2qVBDEszTtY +zcYZIr1o04TNp0fAtmPUH6zjpBkNB0DQyKFhgYPJNwTapj6ZDVi1zBK3wwFfZfgK +s3QvwhWNNbHL4B0sPec/6TiF5dY3SeUM4L8oAGdT7/ELE6E74rFyS/EpjJdVzXDs +FfQvUDPb6PJuWZbr4mNg/FANeGPa3VENcPz+4fj+Azi1vV3wD4OKT7W0zIkRZ+Wq +1hLFuwa/JCSHsn1GWFyWd3+qHIoFJUSU3HNxWho+MZqta0Jx/PGvMdOxnJ2az1QX +TaRwrilvN3KwvjGJ+cvGa7V9x8y9seRHZwfXXOx1ZZ0uEYquZ0jxKpBp/SdhRbA5 +zLmq088npt7tgi+LcrXydorgltBaGZA7P+/OJA2JkbIBBwdSjyfG6T07y4pgQ90h +CeRqzu4jFcZE7mjpTdEyxAQRJa2dhHkhFB7Muq7ZTi3jlml5LZnlbUdPlR5iTgOU +yueZsAAEb//A6EU008WmG/K+EY230JxEUzGNf2l1j1H94HcP9OwjY4bn2PJdVzcb +B8PmaiMB +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7-future.crt b/tests/data_files/server7-future.crt new file mode 100644 index 000000000..eeb596fc2 --- /dev/null +++ b/tests/data_files/server7-future.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTI3MDYwNjA4MTQwM1oXDTM3MDYwNjA4MTQwM1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv +bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBAHF4y9PmCUF1yOlBIUCUAAFMZmXJwOGsMNKI +u0+At0sbs+W8J06PVyYt4UxL4TyIxHM6SOvKndFdCQxG7NQY0KU+HBdLVUM1iZy0 +Kopg7yHvEAZ0YWPptgCd10C/wmTz0b0R3cxhSb8FZjlBjNB7dJKhRQsh0za+GMx/ +LXunH/t0oP5an4yO3zTog+4+7bDGGEY7SymQJ9Z8t2gdZpn/r60j9IGhL5XI2BS/ ++cU96DMF3cMmFk24vAfduYicKc8KowhUpGCsIP0bl+TY8Vq6kepBA2lnj7/YOkDs +/f+wIS/Id/hdw9KxRUPX+cQLUt0/C7JktDVudZ5zLt1y0A971R+23ARtJGUBJGSp +5tkVX8+hK8sT6AVOkcvA51IOBsVxmuoWk/WcjBDdOjyIK2JFdbcJYvR8cpRbL+j8 +HdQEu+LorvGp28m3Q5mBTKZLKgyUeQWrbYDqeub1OvYYkuvZPZWFEDP2VYcS7AXN +IoUSTcMyhLNuncQl/z0Jbkto59+il6cQ2HIqkubLBk2X8uwMw2tloROlmklweHqR +ta6aRlLxBMgccJpK7cU5H8TMb6aR9GJGyzQJ2vET3jPBq/uEwbvK8HRVJ7Ld68k6 +ZMCwXGdTeYuDWt0ngAhf+i+GNexJRSLvzRGt18DOrpmj2X3naarNSTfRArm4EINW +WKW7hd8h +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7.crt b/tests/data_files/server7.crt new file mode 100644 index 000000000..ed087ef61 --- /dev/null +++ b/tests/data_files/server7.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- diff --git a/tests/data_files/server7.key b/tests/data_files/server7.key new file mode 100644 index 000000000..0088331ea --- /dev/null +++ b/tests/data_files/server7.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEILBDMs7bRVxVg6ovTpf2zB9m+22jY7R3LNKRvCPfa6YJoAoGCCqGSM49 +AwEHoUQDQgAEHG336dql6qGcsnIZqAkcc63eFbvepuOzTwXobRAuOmk3l4A5wXX/ +vs5wAawLX1wUTUM/AESHmAZrJK9tq5So8g== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/server7_all_space.crt b/tests/data_files/server7_all_space.crt new file mode 100644 index 000000000..a979830ba --- /dev/null +++ b/tests/data_files/server7_all_space.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAk G +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHf Y +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca-exp.crt b/tests/data_files/server7_int-ca-exp.crt new file mode 100644 index 000000000..fc0051772 --- /dev/null +++ b/tests/data_files/server7_int-ca-exp.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX +Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep +773Ap7Gxpk168id1EFhvW22YabKs +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca.crt b/tests/data_files/server7_int-ca.crt new file mode 100644 index 000000000..d3ddc46a8 --- /dev/null +++ b/tests/data_files/server7_int-ca.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca_ca2.crt b/tests/data_files/server7_int-ca_ca2.crt new file mode 100644 index 000000000..c289c0aad --- /dev/null +++ b/tests/data_files/server7_int-ca_ca2.crt @@ -0,0 +1,62 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT +Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF +QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT +Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF +QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu +ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy +aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g +JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 +t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv +uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_pem_space.crt b/tests/data_files/server7_pem_space.crt new file mode 100644 index 000000000..0ef0fc7bd --- /dev/null +++ b/tests/data_files/server7_pem_space.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAk G +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_spurious_int-ca.crt b/tests/data_files/server7_spurious_int-ca.crt new file mode 100644 index 000000000..632c4fd13 --- /dev/null +++ b/tests/data_files/server7_spurious_int-ca.crt @@ -0,0 +1,65 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl +WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 +ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW +BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw +FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 +yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M +ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf +7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M +CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut +ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_trailing_space.crt b/tests/data_files/server7_trailing_space.crt new file mode 100644 index 000000000..6faf8cf08 --- /dev/null +++ b/tests/data_files/server7_trailing_space.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server8.crt b/tests/data_files/server8.crt new file mode 100644 index 000000000..b435b2deb --- /dev/null +++ b/tests/data_files/server8.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 +quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB +ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q +AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr +u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb +J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA +J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz +2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh +2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server8.key b/tests/data_files/server8.key new file mode 100644 index 000000000..aa9941ec1 --- /dev/null +++ b/tests/data_files/server8.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA2xx/LgvNv87RdRCgorjOfariBeB62ERjj7W9wLAZuTe4GUoO +8V10gGdGhwbeW38GA73BjV4HFdRb9Nzlzz35wREsrmq5ir0dZ2YX6k692xWagofk +8HjDo4WHsP2fqZlf4zPszOoLtWFe8Ul+P6Mt6gEMzEKadpvE0DfTsRcBYQEWWX4c +F8NT/dFyy0xgFdp94uqtUO+O4ovUandV1nDZa7vx7jkEOKO94tHgZmvinEeZ6Sjm +tvwuymdDhOjVg9admGsBPoHcPHrK+fOc99YoGyd4fMPQ1WOngTSJrSVqvfLq7fpX +/OU0xsEPcS3SCBAbrURB4P55oGOTirFd6bDubwIDAQABAoIBAFvf3xQXrvY2am2D +w1d31l2rQYrlTZ1RT836js41CRQ44OD5xLpATZFpvJDxuFr1MDhxYK8+NgpZORW7 +akEz432pDes0pQgftCyfCngc/E7ZCCijgsOyX5Y5b2QvdLtQrHxAUZK6sJ4lbgIO +pvlYGvB78DnV057YQfZs8j7XPqTFYVNlIx6xCFxwiMTeUGZvSrN8CpKT/5zsSE5d +xX2alaYiWl2oSOI7axrtpMEXAI0A/O/N1mI+n3cs15cfAJa/fMjEMmGz0Pqg5IlS +IwZWpr6BzbdHldO/XlVErKMo4lADUmsr2d+q3vfQmLEAyizp7OmU9vc+DXcK9jH+ +aDd0gcECgYEA7SAVA/banYejN7Ovn84pJ+mguINMwPFZd9eW9op1PgRryGCpdh77 +qV64YIjFhwt1JQQIf5GCPD5Um0Z8mY59a6MU+sJGGB7xwVuCuXbDAKJJF6/58f7/ +MoLzsoQFy50TpA90T0WOvMWDnWSLTYjRr1fFTKNWNcvPoFOnmAydGbUCgYEA7I1X +mCFRSGiu0NdN2j7mwtTudI4m/qyYfUQxpSvvgN2DSHtG56h8Dz1w7CpNlLDHodPP +e8oiXMS/bBBNwWHu9hxhBqdmvj4C+K5Ax0EKYx7CsHWK7BJ8u8Ak8xwaufMiejt5 +ioJhI4pyukBEqJbnuzmuDcuoqxPF1ZTmM/WzrhMCgYBi5V9+cMUKsFhFUf6sUqpd +iBXM/o3TZpVe4x6GIob1X5ioUJA8wH1LTULul/xx7zhjQMRemAxOHdzhictLq97p +NnH4h2/+fWFsuELUIREBQa3kYDOJV0WOBomm6WMVYaSgZwWmTidS2bmjuhxTMP3q ++FtENFcvRpqIjns2cgRPhQKBgQDcjhia5o2z9q7wV57mG3nrNL+0ewoOsHxpZ5jm +SSXBQEf038RHoIczanUMLZEyTvWDhErTP690UZmtNzJYWWiFngY1PwYD4SvCFC6f +2ZvGuVqLTr0dyUr1f3y0E4Mz12dREn0LUO8jRSYdVGjvy+v6XBhWEoqMIB54OqG8 +1p0WcwKBgF4KfzBOi1DarCuxaa6huUdNc8efog5GO1lmNenKlRuPLp5wp3qvWsyH +blfbtJQNE1DhbDGwmzPCGLc3wXx0t0gCrcMkxoRATFMNOSLodG7Mbkj9AoEMx94X +XYfi5vYftbEUmZeZtHZBI3o3up/xtPcuGNlb8BSIIOaQtIYybxKa +-----END RSA PRIVATE KEY----- diff --git a/tests/data_files/server8_int-ca2.crt b/tests/data_files/server8_int-ca2.crt new file mode 100644 index 000000000..7a8da717d --- /dev/null +++ b/tests/data_files/server8_int-ca2.crt @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 +quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB +ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q +AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr +u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb +J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA +J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz +2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh +2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl +WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 +ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW +BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw +FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 +yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M +ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf +7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M +CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut +ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-mgfhash.crt b/tests/data_files/server9-bad-mgfhash.crt new file mode 100644 index 000000000..34ef69e03 --- /dev/null +++ b/tests/data_files/server9-bad-mgfhash.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3 +Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg +WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV +H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW +KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9 +uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-saltlen.crt b/tests/data_files/server9-bad-saltlen.crt new file mode 100644 index 000000000..f4da8832f --- /dev/null +++ b/tests/data_files/server9-bad-saltlen.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam +hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl +XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD +yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r +YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6 +JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-badsign.crt b/tests/data_files/server9-badsign.crt new file mode 100644 index 000000000..9e565419e --- /dev/null +++ b/tests/data_files/server9-badsign.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCFG +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-defaults.crt b/tests/data_files/server9-defaults.crt new file mode 100644 index 000000000..4ce5c8732 --- /dev/null +++ b/tests/data_files/server9-defaults.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B +AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7 +E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL +Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC +AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf +p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU +ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy +/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm +f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd +jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a +69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS +BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B +09JqWv4DoLNnwg== +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha224.crt b/tests/data_files/server9-sha224.crt new file mode 100644 index 000000000..1b05f313a --- /dev/null +++ b/tests/data_files/server9-sha224.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo +PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm +g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm +uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR +B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe +l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha256.crt b/tests/data_files/server9-sha256.crt new file mode 100644 index 000000000..7d0aa3956 --- /dev/null +++ b/tests/data_files/server9-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg +3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 +yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H +V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE +0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu +zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha384.crt b/tests/data_files/server9-sha384.crt new file mode 100644 index 000000000..aaa63e6ed --- /dev/null +++ b/tests/data_files/server9-sha384.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp +B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI +aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX +TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug +qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg +s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha512.crt b/tests/data_files/server9-sha512.crt new file mode 100644 index 000000000..a211b921d --- /dev/null +++ b/tests/data_files/server9-sha512.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR +6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu +6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk +tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU +6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ +5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-with-ca.crt b/tests/data_files/server9-with-ca.crt new file mode 100644 index 000000000..0478cff85 --- /dev/null +++ b/tests/data_files/server9-with-ca.crt @@ -0,0 +1,99 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCEG +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:00 2011 GMT + Not After : Feb 12 14:44:00 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: + 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: + 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: + 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: + e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: + cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: + ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: + 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: + c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: + 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: + e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: + 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: + 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: + 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: + e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: + 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: + ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: + a2:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Key Identifier: + B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA + serial:00 + + Signature Algorithm: sha1WithRSAEncryption + b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: + 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: + 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: + 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: + 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: + 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: + 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: + e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: + e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: + 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: + 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: + 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: + 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: + e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: + f7:e0:e9:54 +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server9.crt b/tests/data_files/server9.crt new file mode 100644 index 000000000..a6f9fbc76 --- /dev/null +++ b/tests/data_files/server9.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCEG +-----END CERTIFICATE----- diff --git a/tests/data_files/server9.key b/tests/data_files/server9.key new file mode 100644 index 000000000..e005864f9 --- /dev/null +++ b/tests/data_files/server9.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAequgOwrsTQNuK +Eo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv5zibCItjmToK +Je5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSpC9pAlQIDAQAB +AoGAHFCE2tBL0xB45Go/1e/Pi9//OVZAJ3Cw0mmEuqjVNB7I6zxhYhviWbgz92+V +g92KBlU9CIx0/ZhGMyHRNO0uYNEZUJyM8zItoo/nmU31+VaHOGgpei04HZrn1Nmw +QS01FVrn9wzKR/5qeEBmxE7rVMDQo8QLnllC3jXzIVUtX4ECQQD2g9dleWYbqIQe +Q9paXxzvODhCzNtQwD0PnOKc54Nu4zm3JI45REtunmG8et+Ncms9RycTjNlWPGJT +62jgaJexAkEA5ZMNv4u9NNRfZprmlNyvjSOf+w7fdKzhcnkHbGkfLnFdc7vq0XFC +nwORsdjpOvWQUwrV2Cw8Pl4rKa4B4iqUJQJBAMVti6maU3udN8qhXxP3js3LwctG +E/OVMpH5fMha5jl9w/B4V2tn1d3O/MmdwsKeu2JFRPd0W2+kRr+dDs6DFdECQQC1 +3g9QJRWY2n1RPXlZiJKSDxzXuOqQ9bwMAZE98vE+y5Qq8T2O+li6vAsZhysNCChz +gOvzuudmyRcMh8r6Lpz5AkAUKK3gYtJFiVH2arRig3JjZJqixgSTolMT1n+HG4uM +tnBqBiEBVwBxEqaohla/rHR5joZCdcDN8xq0yeTQyLH9 +-----END RSA PRIVATE KEY----- diff --git a/tests/data_files/server9.req.sha1 b/tests/data_files/server9.req.sha1 new file mode 100644 index 000000000..b9d005382 --- /dev/null +++ b/tests/data_files/server9.req.sha1 @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBojCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBIGCSqGSIb3DQEBCjAFogMC +AWoDgYEA2n8SOoiJCs+YyH2VXoUVxhutdXGP4+7cECakl2mmVEKhxXDMEG7hEFkB +mkk4b1kRNOQHKqUq3crfi0OkMcPGkPiLlYLKgT51CgsBhuJaMsdCYo/5POgTZD4u +FI5gfyO70Xpq9QmrWEqqTdalRG7+UmGa3VEUVyXTDnQZfU1N2QE= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha224 b/tests/data_files/server9.req.sha224 new file mode 100644 index 000000000..fe1c797ed --- /dev/null +++ b/tests/data_files/server9.req.sha224 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAIEoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCBKIDAgFiA4GB +AMlYYZKqpDqg5UZZq3NB3QUR9qftY/52/0gPfruw5s2gNtFmG1uyEBJX/oc7C/fU +lxo74HDraWJyvP7c3MMhOuwr/RfPNQhA2Hgwz9RuJIBhQrJfiZuHsCfiKVofMuMf +ar/4EKfyoELDdilhg6i+abahGOkqyXsjavFtyDSeCpXH +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha256 b/tests/data_files/server9.req.sha256 new file mode 100644 index 000000000..0ef9ef028 --- /dev/null +++ b/tests/data_files/server9.req.sha256 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFeA4GB +ACUaCTidvzWVJNKmRrriufThGUfw5Xgdsc3Ga8Cx+vRf+bPZmR3NVkc0Zq9uc0+8 +d1WXaLzbmge6IbcvTPWCLNDAWI9UzoQ6WS9myM3eDEGdruClYwb5BVLx3MvhvooK +L/H6snE1dHNPXyCNVFTJIll3bRlVMRsfZpDhmz8/ImJ4 +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha384 b/tests/data_files/server9.req.sha384 new file mode 100644 index 000000000..010345027 --- /dev/null +++ b/tests/data_files/server9.req.sha384 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIDAgFOA4GB +ANfZGK6nE/CP9PuALFzbA/mvOnYlI60pMowscRfCYpvR25iQJVhAJfYVXADRN3qd +NAiFWNVcjFMIkRlq7qifBN97VHGeYoWIuw9gYEb3OqDGzOsYP0KIgMNt8/A4qCkj +5MzolOYyT+N+QFGV0pdCNpX7QppfNdFyFAmWXa171RzG +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha512 b/tests/data_files/server9.req.sha512 new file mode 100644 index 000000000..676b5c996 --- /dev/null +++ b/tests/data_files/server9.req.sha512 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgE+A4GB +ACxWBhPkhyVlBY/mwkrW7OjYsaN2/ZlFSv76w63b61BpigReJsggMut5EPOgfGYJ +rzygKDlF/NtmMN22jWrFup9LsZJAX0gYbLmliiaG9Hch+i/8b42oaQTDWGFZ9LiY +W7F7X0f9lpzNKOtQ8ix0s+nYS2ONyzfu55+Rlzf8/63M +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca-alt-good.crt b/tests/data_files/test-ca-alt-good.crt new file mode 100644 index 000000000..f9beba032 --- /dev/null +++ b/tests/data_files/test-ca-alt-good.crt @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTcwNzAzMTU1MzQxWhcNMjcwNzA0MTU1MzQxWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2crirFCFKa5J4yx4gC+/Pe2kkIpoT +/SEvzefxJ8siPJl2XQVDrUFenNC8Uzw87/3Z7tW3uLKebn5++QEVYDtz5HAWfck1 +wwanGFL6noHw7qgQ5ak6HMoipPChD7Z6bKbBRgx2IVKoIbaXh0QmJ4qlaYc9rKGZ +aH9vms5pwPwDTlQqnm+VenG6ThFajWLeL/MlvcGd4pLHAWjL6S2E0vU5WQR6rev7 +He9pdtD/vLO30nOPJ6JuDp+1gB5UIm1+jP9Ww8OsQVJHGyp729dvIvEicgp8NSNB +UBtBZHpSVJM+BPlzKpXIVbiI7pU01q3xu0mleveUzL0tE0n9YT5uIcenAgMBAAGj +gZUwgZIwHQYDVR0OBBYEFJSaOPcahiGKvsg629IQvHh34EuwMGMGA1UdIwRcMFqA +FJSaOPcahiGKvsg629IQvHh34EuwoT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE +CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWsyH6AZdugfP40tiXH5PKD93QCuV +dAm9c2oUKbNfsAJMHOsWWp+b7hSNRMvKz4jcPAIQnMGNp/U4PuESp16uS0O9szud +X4HS8SD8GEto9d8uEF9J3fY6ZalCmgRrgwVpChy+MQmfqMr30OLTANsmoksA4ON3 +zdm5xDInPPjOq7emtdXoNOhv4rkM7dmeztC8DhO0n1PGeeY1CMCr93TcQzx1UVtl +QHOkQQQJM9UoV0fEA1N5lsc9uSQxPmZCVMw/W+MFIEkH6nbgh0bM/qjcaqDsWXyT +n5RutVDPESLLKaZxeR7J8srX/0nzhOiPIX+hDRWqhwQLxVkkRs6MxVDoiw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA +A4IBAQB2W2dIy4q4KysbrTL4HIaOqu62RceGuQ/KhyiI6O0ndCtQ/PgCBqHHTP8u +8F1X2ivb60ynHV6baMLPI4Kf1k4MONtLSf/++1qh0Gdycd3A8IDAfy0YnC1F3OPK +vWO/cZGitKoTbEpP4y4Rng3sFCDndRCWIRIDOEEW/H3lCcfL7sOQojdLl85ajFkh +YvcDqjmnTcspUnuq9Y00C7porXJthZwz1S18qVjcFNk0zEhVMUbupSrdXVmKtOJW +MWZjgcA+OXzcnb2hSKWbhjykH/u6/PqkuHPkD723rwXbmHdxRVS9CW57kDkn5ezJ +5pE6Sam4qFsCNFJNBV9FRf3ZBMFi +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca-alt.crt b/tests/data_files/test-ca-alt.crt new file mode 100644 index 000000000..7399e43d8 --- /dev/null +++ b/tests/data_files/test-ca-alt.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTcwNzAzMTU1MzQxWhcNMjcwNzA0MTU1MzQxWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2crirFCFKa5J4yx4gC+/Pe2kkIpoT +/SEvzefxJ8siPJl2XQVDrUFenNC8Uzw87/3Z7tW3uLKebn5++QEVYDtz5HAWfck1 +wwanGFL6noHw7qgQ5ak6HMoipPChD7Z6bKbBRgx2IVKoIbaXh0QmJ4qlaYc9rKGZ +aH9vms5pwPwDTlQqnm+VenG6ThFajWLeL/MlvcGd4pLHAWjL6S2E0vU5WQR6rev7 +He9pdtD/vLO30nOPJ6JuDp+1gB5UIm1+jP9Ww8OsQVJHGyp729dvIvEicgp8NSNB +UBtBZHpSVJM+BPlzKpXIVbiI7pU01q3xu0mleveUzL0tE0n9YT5uIcenAgMBAAGj +gZUwgZIwHQYDVR0OBBYEFJSaOPcahiGKvsg629IQvHh34EuwMGMGA1UdIwRcMFqA +FJSaOPcahiGKvsg629IQvHh34EuwoT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE +CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWsyH6AZdugfP40tiXH5PKD93QCuV +dAm9c2oUKbNfsAJMHOsWWp+b7hSNRMvKz4jcPAIQnMGNp/U4PuESp16uS0O9szud +X4HS8SD8GEto9d8uEF9J3fY6ZalCmgRrgwVpChy+MQmfqMr30OLTANsmoksA4ON3 +zdm5xDInPPjOq7emtdXoNOhv4rkM7dmeztC8DhO0n1PGeeY1CMCr93TcQzx1UVtl +QHOkQQQJM9UoV0fEA1N5lsc9uSQxPmZCVMw/W+MFIEkH6nbgh0bM/qjcaqDsWXyT +n5RutVDPESLLKaZxeR7J8srX/0nzhOiPIX+hDRWqhwQLxVkkRs6MxVDoiw== +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca-alt.csr b/tests/data_files/test-ca-alt.csr new file mode 100644 index 000000000..898c9e6a1 --- /dev/null +++ b/tests/data_files/test-ca-alt.csr @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgDCCAWgCAQAwOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAtnK4qxQhSmuSeMseIAvvz3tpJCKaE/0hL83n8SfLIjyZdl0FQ61B +XpzQvFM8PO/92e7Vt7iynm5+fvkBFWA7c+RwFn3JNcMGpxhS+p6B8O6oEOWpOhzK +IqTwoQ+2emymwUYMdiFSqCG2l4dEJieKpWmHPayhmWh/b5rOacD8A05UKp5vlXpx +uk4RWo1i3i/zJb3BneKSxwFoy+kthNL1OVkEeq3r+x3vaXbQ/7yzt9Jzjyeibg6f +tYAeVCJtfoz/VsPDrEFSRxsqe9vXbyLxInIKfDUjQVAbQWR6UlSTPgT5cyqVyFW4 +iO6VNNat8btJpXr3lMy9LRNJ/WE+biHHpwIDAQABoAAwDQYJKoZIhvcNAQELBQAD +ggEBAGHWUwqKMe+XwZ44u+1RKsH3jCXmxkBW4rwJwqtkrW8dzjCqFGmQoJeFivOA +o0TPchkpQXGUNssFPbXZZsq7OBt1hPkH7wMxknztu+D4F9wJ2Oxpy8x44WeUr3pI +rnl/VivUaywiIPMwR3W+7IIFTmzKfcSYf0l6uv4/A8BiSvtI4U9InfSvU+ENHuNH +rb0ynhYEqy9NHA2exD0A/gQb40CAHtJL+sTVTRgxOx8xT8K8WAQufk0HSB6iel6M +I+6VLnVjGJ5P/t6zPI4jcLzyg4V9DS282a/SadRFGc0uwPWxJW906BO5g6PNMaA8 +BdcuWaWwa2KQ/LuUCmumy+fC68E= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca-alt.key b/tests/data_files/test-ca-alt.key new file mode 100644 index 000000000..84b8fab60 --- /dev/null +++ b/tests/data_files/test-ca-alt.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAtnK4qxQhSmuSeMseIAvvz3tpJCKaE/0hL83n8SfLIjyZdl0F +Q61BXpzQvFM8PO/92e7Vt7iynm5+fvkBFWA7c+RwFn3JNcMGpxhS+p6B8O6oEOWp +OhzKIqTwoQ+2emymwUYMdiFSqCG2l4dEJieKpWmHPayhmWh/b5rOacD8A05UKp5v +lXpxuk4RWo1i3i/zJb3BneKSxwFoy+kthNL1OVkEeq3r+x3vaXbQ/7yzt9Jzjyei +bg6ftYAeVCJtfoz/VsPDrEFSRxsqe9vXbyLxInIKfDUjQVAbQWR6UlSTPgT5cyqV +yFW4iO6VNNat8btJpXr3lMy9LRNJ/WE+biHHpwIDAQABAoIBAAT6+rmI0iPS7euo +N8lOKhyy1LrsyuHyzf4dE9DMckob92B4x5UCXL91bmlFqGZNctOJJoJeY1nZ0FAt +Ae+Qce8G9FxY0K5MBZl4G4PF4ewux522dzkj4gyyDfOHl0aeQqsR+3MaE8SNLwvR +4HVeLPW4/L0dQkgKxzfHtQzD/N0mMW2/iywyiLYmvLBSHl3eZ+te0Q+5/JEm8fjU +FkVytSvJ6Z/c5U2PR0N6ampVgB7X7Uf6nEhDJW21q+u85JC60ujIn7TEZKd4bfIM +dMZF8LFczSzQ4mWISfhfRKVRew457tJalA/8qwg14jeggEuiDBE1FnR2f/JdHA9I +e/VyrnkCgYEA32bBltrgz9V6Z1x9XD2+T2aot/u1XHORM7EPZJMA9gP4wMBcbyy8 +zdpGf1hrJX3JMoKBDy6Xty8Cs9WJytWUwfwd92Sz01It4XeLsIeqYBq51gjGN+Fp +auw/8zifKdAEPMJXNhUX9sSuUz1LaT6wFI3vatWliliMPPbdgyoRmKMCgYEA0RIj ++huEwNkHWEaj47aDafekpRoVs81IjUjrXx6c0cabco10YR+TPX9+dwmjV4O5Y2f2 +Ph+ivXlPiOpf7Psx0PFlMPawWeoKIZjKPR92bMiLDXC0uF9frTujKm7VRNbAVjFE +7tvrVJnoDITSHMGXMui69o844klJUMwNpGFOcS0CgYEAkENaBiHIBU5VIgQvC+7v +Q3UGxPCtmEsk3B2d1BO+DiBYdZiC2GQqdEBdQAUIBAjrcUunLfenj2qzMxBVT/+G +dZJqg4SrP26VJEE/mrqxAiigEyBNaG6O1bZEQbsxxR2IbvgMu2b5t6gg7q3pUchi +ipNxpSrcIK+3t/Ku7vGutUMCgYEAl5t0A1YZOk8nCFiRV/tt6FXwStlTi4L9bZbH +N77XMTe4WaVCE3v2Jc5iQqf2juuyb+dfpUUDmipyBnMPBKZTRZUHMC5zS4BvwFUv +sosyMUhrrV9hbaGbm993ProIZVblOpuXxS4sxLimkQ1v3/JyVjR1/310XoOOaszN +x7nYTDECgYEAoLAWorWXzAO5GOAc3sf51dtTNnm2gJQ8v4FlJ0kWrjStUmb+aLR0 +20MCjIDuW/zWP5bVcD+pw8YW6UN0C5m45vTpUQgF59Ic1UMC+0H4z31N+QafaRfJ +yk5Nd2sIrJSkwuI23CnEh5khhiNTE2zvgNaHs5vkJu57xDxjg0GH45k= +-----END RSA PRIVATE KEY----- diff --git a/tests/data_files/test-ca-good-alt.crt b/tests/data_files/test-ca-good-alt.crt new file mode 100644 index 000000000..f360a7696 --- /dev/null +++ b/tests/data_files/test-ca-good-alt.crt @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA +A4IBAQB2W2dIy4q4KysbrTL4HIaOqu62RceGuQ/KhyiI6O0ndCtQ/PgCBqHHTP8u +8F1X2ivb60ynHV6baMLPI4Kf1k4MONtLSf/++1qh0Gdycd3A8IDAfy0YnC1F3OPK +vWO/cZGitKoTbEpP4y4Rng3sFCDndRCWIRIDOEEW/H3lCcfL7sOQojdLl85ajFkh +YvcDqjmnTcspUnuq9Y00C7porXJthZwz1S18qVjcFNk0zEhVMUbupSrdXVmKtOJW +MWZjgcA+OXzcnb2hSKWbhjykH/u6/PqkuHPkD723rwXbmHdxRVS9CW57kDkn5ezJ +5pE6Sam4qFsCNFJNBV9FRf3ZBMFi +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTcwNzAzMTU1MzQxWhcNMjcwNzA0MTU1MzQxWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2crirFCFKa5J4yx4gC+/Pe2kkIpoT +/SEvzefxJ8siPJl2XQVDrUFenNC8Uzw87/3Z7tW3uLKebn5++QEVYDtz5HAWfck1 +wwanGFL6noHw7qgQ5ak6HMoipPChD7Z6bKbBRgx2IVKoIbaXh0QmJ4qlaYc9rKGZ +aH9vms5pwPwDTlQqnm+VenG6ThFajWLeL/MlvcGd4pLHAWjL6S2E0vU5WQR6rev7 +He9pdtD/vLO30nOPJ6JuDp+1gB5UIm1+jP9Ww8OsQVJHGyp729dvIvEicgp8NSNB +UBtBZHpSVJM+BPlzKpXIVbiI7pU01q3xu0mleveUzL0tE0n9YT5uIcenAgMBAAGj +gZUwgZIwHQYDVR0OBBYEFJSaOPcahiGKvsg629IQvHh34EuwMGMGA1UdIwRcMFqA +FJSaOPcahiGKvsg629IQvHh34EuwoT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE +CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWsyH6AZdugfP40tiXH5PKD93QCuV +dAm9c2oUKbNfsAJMHOsWWp+b7hSNRMvKz4jcPAIQnMGNp/U4PuESp16uS0O9szud +X4HS8SD8GEto9d8uEF9J3fY6ZalCmgRrgwVpChy+MQmfqMr30OLTANsmoksA4ON3 +zdm5xDInPPjOq7emtdXoNOhv4rkM7dmeztC8DhO0n1PGeeY1CMCr93TcQzx1UVtl +QHOkQQQJM9UoV0fEA1N5lsc9uSQxPmZCVMw/W+MFIEkH6nbgh0bM/qjcaqDsWXyT +n5RutVDPESLLKaZxeR7J8srX/0nzhOiPIX+hDRWqhwQLxVkkRs6MxVDoiw== +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca-sha1.crt b/tests/data_files/test-ca-sha1.crt new file mode 100644 index 000000000..e8b537c72 --- /dev/null +++ b/tests/data_files/test-ca-sha1.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA +A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI +yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv +czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST +S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM +iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS +NWqiX9GyusBZjezaCaHabjDLU0qQ +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca-sha256.crt b/tests/data_files/test-ca-sha256.crt new file mode 100644 index 000000000..9b08fe20a --- /dev/null +++ b/tests/data_files/test-ca-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA +A4IBAQB2W2dIy4q4KysbrTL4HIaOqu62RceGuQ/KhyiI6O0ndCtQ/PgCBqHHTP8u +8F1X2ivb60ynHV6baMLPI4Kf1k4MONtLSf/++1qh0Gdycd3A8IDAfy0YnC1F3OPK +vWO/cZGitKoTbEpP4y4Rng3sFCDndRCWIRIDOEEW/H3lCcfL7sOQojdLl85ajFkh +YvcDqjmnTcspUnuq9Y00C7porXJthZwz1S18qVjcFNk0zEhVMUbupSrdXVmKtOJW +MWZjgcA+OXzcnb2hSKWbhjykH/u6/PqkuHPkD723rwXbmHdxRVS9CW57kDkn5ezJ +5pE6Sam4qFsCNFJNBV9FRf3ZBMFi +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca-v1.crt b/tests/data_files/test-ca-v1.crt new file mode 100644 index 000000000..e5a3b1cde --- /dev/null +++ b/tests/data_files/test-ca-v1.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDIzCCAgsCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK +EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA4MTRaGA8yMDI0 +MDYxODEwMDgxNFowUDEcMBoGA1UEAxMTUG9sYXJTU0wgVGVzdCBDQSB2MTEQMA4G +A1UECxMHdGVzdGluZzERMA8GA1UEChMIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUW +oM0h8ZnU7OrLfBhYCJSl7JvFi98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6j +MFKp8udAcBTLRKJyC8LlQPk+5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8 +Ko/vJ2DDxp/LuuxgfbfmhDK+T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59 +JHJpy0exFECDfWf0hvYxq/F5pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp +/KzbLijRfgJLI6AV8jhlZAnqDG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QID +AQABMA0GCSqGSIb3DQEBCwUAA4IBAQBoXC5AlXI5azyOPvmNse2qHhO7BrXOEjH+ +9g5P/VsrVADhsUGv6x0A2oLoWXtOjGDIWWH53BWHkCUCu4T5D5C6+I47rXWl4pAr +J+h+tQVZo6J0AJxfPse/NnrjsboUSWhunmo/iTrU6S4KJBguIKP6T1DZoD/8EYgU +x+fXDmvRO+MTesWDiY+p+FHEzsu3b9EBtG9dUiR/zzXi/ktFCfrgstKGSuW6+j7m +lcduTxsogi6Uc3tWKtn6qpSGR0uBoCz6emFO7Smmy/tIyVA88lH0+3UnxOvu4TAK +uvjYkOcZqhprDiMfhxBB7pxbfiviEANTbgSfCtZewSNz2RUJ9ocy +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca.crt b/tests/data_files/test-ca.crt new file mode 100644 index 000000000..e8b537c72 --- /dev/null +++ b/tests/data_files/test-ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA +A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI +yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv +czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST +S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM +iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS +NWqiX9GyusBZjezaCaHabjDLU0qQ +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca.der b/tests/data_files/test-ca.der new file mode 100644 index 0000000000000000000000000000000000000000..039fb9e43004e622bd1404116f68208800005c6d GIT binary patch literal 837 zcmXqLVs&G%f_kI=F#?@mywZ`mBGN;klTQhjX9KsO_<5g$57CK zAH?C};RwjjNh}Hu_A!(+5C;h{^9aC%6hcyqOB9?P4dldm4Gj&942=v;OiT<6qQrTP zkhzo@-o&Vc>{v!t2IeM4eg=akMlPl%Mn;AM_s#!^?|v|Cu6^6RX-2g!OT`wPRs1;f z%9~fGYa}8#rYwCk`)K!lDY=;zGu!2=5A<5zw}>sMV81-?=HwSUivo|HTWk=t^3!vN z0+G`$i;B1pJ$3kL_jDQG=AUo8k`L_AWGI;vZoOhD%Y?#@dz)|CUt9XfMyvn5dcxsj z^H1-3lTf?;S&Pv=|KAa6O3cw$wp{)F_3<>lf&)+V_Wsd(_sB8yfQeqMN>S!%_l+VB z&9&)Y+P)dC{#dzW(^fs9pDp4alJeExvi&hv5v`G zd4cFBi_{d(S3G%r(&7sWPi&rja`nr@pU$^W>u+E(nm02df6-MYW=00a#Q_F>20Xy{ zkrifPHDG3B{BIx&;_TP!7QC4hV&D%ba$=(yp zSf5T{U|xOMYODB`ORhngYUdu$ke${2W5Fa@4<>WHgK<+21^?T)$E3-`#B5?uM^*ZC z6Nm2K9(kA78#MN@`c78-w( Date: Wed, 26 Feb 2020 18:26:46 +0100 Subject: [PATCH 2168/2197] Revert "scripts: Remove dependency on NET" This reverts commit 356acc82ad413dfec8d49745793e94a2e2f4c69e. Conflicts: * scripts/generate_errors.pl: a line adjacent to a changed line has independently changed in the meantime. Just revert the change done in the commit that's being reverted. --- scripts/generate_errors.pl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index b4c014e3f..6f77759a4 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -32,7 +32,7 @@ my $error_format_file = $data_dir.'/error.fmt'; my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5 - OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 + NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 @@ -97,6 +97,9 @@ foreach my $line (@matches) $include_name =~ tr/A-Z/a-z/; $include_name = "" if ($include_name eq "asn1"); + # Fix faulty ones + $include_name = "net_sockets" if ($module_name eq "NET"); + my $found_ll = grep $_ eq $module_name, @low_level_modules; my $found_hl = grep $_ eq $module_name, @high_level_modules; if (!$found_ll && !$found_hl) From 1bf45e1980f4de08ab4732ee5511d5509d3b6c9c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:28:23 +0100 Subject: [PATCH 2169/2197] Revert "scripts: Remove dependency on X.509" This reverts commit 43a450c858c4b4d681fc3cb695622fe8fd05c66a. --- scripts/generate_errors.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 6f77759a4..1208b2fd7 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -36,7 +36,7 @@ my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 - RSA ); + RSA X509 ); my $line_separator = $/; undef $/; @@ -90,6 +90,7 @@ foreach my $line (@matches) $module_name = "HMAC_DRBG" if ($module_name eq "HMAC"); my $define_name = $module_name; + $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); $define_name = "ASN1_PARSE" if ($define_name eq "ASN1"); $define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM"); From 314bc89b36e54eeb3ecf4c6fbf0fd891215d2ba2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:28:25 +0100 Subject: [PATCH 2170/2197] Revert "scripts: Remove dependency on TLS" This reverts commit b58ff9541ba6ce14d34215f8e40d3c0d90ade268. --- scripts/generate_errors.pl | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 1208b2fd7..87c8bf7ac 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -36,7 +36,7 @@ my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH SHA1 SHA256 SHA512 THREADING XTEA ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 - RSA X509 ); + RSA SSL X509 ); my $line_separator = $/; undef $/; @@ -92,6 +92,7 @@ foreach my $line (@matches) my $define_name = $module_name; $define_name = "X509_USE,X509_CREATE" if ($define_name eq "X509"); $define_name = "ASN1_PARSE" if ($define_name eq "ASN1"); + $define_name = "SSL_TLS" if ($define_name eq "SSL"); $define_name = "PEM_PARSE,PEM_WRITE" if ($define_name eq "PEM"); my $include_name = $module_name; @@ -159,8 +160,19 @@ foreach my $line (@matches) ${$old_define} = $define_name; } - ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". - "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n" + if ($error_name eq "MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE") + { + ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". + "${white_space}\{\n". + "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n". + "${white_space} return;\n". + "${white_space}}\n" + } + else + { + ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". + "${white_space} mbedtls_snprintf( buf, buflen, \"$module_name - $description\" );\n" + } }; if ($ll_old_define ne "") From 458b8f2a59b9559ffd6005c0013544f910ebcfef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:28:28 +0100 Subject: [PATCH 2171/2197] Revert "Remove unused TLS, NET, and X.509 files" This reverts commit a4308b29a42a00fcbffa7d6d041946feeddc0ce9. --- doxygen/input/doc_ssltls.h | 51 + doxygen/input/doc_tcpip.h | 46 + doxygen/input/doc_x509.h | 45 + include/mbedtls/debug.h | 265 + include/mbedtls/net.h | 37 + include/mbedtls/net_sockets.h | 271 + include/mbedtls/pkcs11.h | 175 + include/mbedtls/ssl.h | 3494 +++++++++ include/mbedtls/ssl_cache.h | 151 + include/mbedtls/ssl_ciphersuites.h | 558 ++ include/mbedtls/ssl_cookie.h | 115 + include/mbedtls/ssl_internal.h | 819 ++ include/mbedtls/ssl_ticket.h | 142 + include/mbedtls/x509.h | 339 + include/mbedtls/x509_crl.h | 174 + include/mbedtls/x509_crt.h | 921 +++ include/mbedtls/x509_csr.h | 307 + library/certs.c | 436 ++ library/debug.c | 438 ++ library/error.c | 200 + library/net_sockets.c | 668 ++ library/pkcs11.c | 240 + library/ssl_cache.c | 353 + library/ssl_ciphersuites.c | 2373 ++++++ library/ssl_cli.c | 3944 ++++++++++ library/ssl_cookie.c | 256 + library/ssl_srv.c | 4437 +++++++++++ library/ssl_ticket.c | 595 ++ library/ssl_tls.c | 10634 ++++++++++++++++++++++++++ library/x509.c | 1062 +++ library/x509_create.c | 379 + library/x509_crl.c | 773 ++ library/x509_crt.c | 2879 +++++++ library/x509_csr.c | 419 + library/x509write_crt.c | 495 ++ library/x509write_csr.c | 287 + programs/test/cpp_dummy_build.cpp | 10 + programs/test/query_config.c | 13 + scripts/data_files/query_config.fmt | 13 + visualc/VS2010/mbedTLS.vcxproj | 32 + 40 files changed, 38846 insertions(+) create mode 100644 doxygen/input/doc_ssltls.h create mode 100644 doxygen/input/doc_tcpip.h create mode 100644 doxygen/input/doc_x509.h create mode 100644 include/mbedtls/debug.h create mode 100644 include/mbedtls/net.h create mode 100644 include/mbedtls/net_sockets.h create mode 100644 include/mbedtls/pkcs11.h create mode 100644 include/mbedtls/ssl.h create mode 100644 include/mbedtls/ssl_cache.h create mode 100644 include/mbedtls/ssl_ciphersuites.h create mode 100644 include/mbedtls/ssl_cookie.h create mode 100644 include/mbedtls/ssl_internal.h create mode 100644 include/mbedtls/ssl_ticket.h create mode 100644 include/mbedtls/x509.h create mode 100644 include/mbedtls/x509_crl.h create mode 100644 include/mbedtls/x509_crt.h create mode 100644 include/mbedtls/x509_csr.h create mode 100644 library/certs.c create mode 100644 library/debug.c create mode 100644 library/net_sockets.c create mode 100644 library/pkcs11.c create mode 100644 library/ssl_cache.c create mode 100644 library/ssl_ciphersuites.c create mode 100644 library/ssl_cli.c create mode 100644 library/ssl_cookie.c create mode 100644 library/ssl_srv.c create mode 100644 library/ssl_ticket.c create mode 100644 library/ssl_tls.c create mode 100644 library/x509.c create mode 100644 library/x509_create.c create mode 100644 library/x509_crl.c create mode 100644 library/x509_crt.c create mode 100644 library/x509_csr.c create mode 100644 library/x509write_crt.c create mode 100644 library/x509write_csr.c diff --git a/doxygen/input/doc_ssltls.h b/doxygen/input/doc_ssltls.h new file mode 100644 index 000000000..4addfb38e --- /dev/null +++ b/doxygen/input/doc_ssltls.h @@ -0,0 +1,51 @@ +/** + * \file doc_ssltls.h + * + * \brief SSL/TLS communication module documentation file. + */ +/* + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/** + * @addtogroup ssltls_communication_module SSL/TLS communication module + * + * The SSL/TLS communication module provides the means to create an SSL/TLS + * communication channel. + * + * The basic provisions are: + * - initialise an SSL/TLS context (see \c mbedtls_ssl_init()). + * - perform an SSL/TLS handshake (see \c mbedtls_ssl_handshake()). + * - read/write (see \c mbedtls_ssl_read() and \c mbedtls_ssl_write()). + * - notify a peer that connection is being closed (see \c mbedtls_ssl_close_notify()). + * + * Many aspects of such a channel are set through parameters and callback + * functions: + * - the endpoint role: client or server. + * - the authentication mode. Should verification take place. + * - the Host-to-host communication channel. A TCP/IP module is provided. + * - the random number generator (RNG). + * - the ciphers to use for encryption/decryption. + * - session control functions. + * - X.509 parameters for certificate-handling and key exchange. + * + * This module can be used to create an SSL/TLS server and client and to provide a basic + * framework to setup and communicate through an SSL/TLS communication channel.\n + * Note that you need to provide for several aspects yourself as mentioned above. + */ diff --git a/doxygen/input/doc_tcpip.h b/doxygen/input/doc_tcpip.h new file mode 100644 index 000000000..95f458601 --- /dev/null +++ b/doxygen/input/doc_tcpip.h @@ -0,0 +1,46 @@ +/** + * \file doc_tcpip.h + * + * \brief TCP/IP communication module documentation file. + */ +/* + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/** + * @addtogroup tcpip_communication_module TCP/IP communication module + * + * The TCP/IP communication module provides for a channel of + * communication for the \link ssltls_communication_module SSL/TLS communication + * module\endlink to use. + * In the TCP/IP-model it provides for communication up to the Transport + * (or Host-to-host) layer. + * SSL/TLS resides on top of that, in the Application layer, and makes use of + * its basic provisions: + * - listening on a port (see \c mbedtls_net_bind()). + * - accepting a connection (through \c mbedtls_net_accept()). + * - read/write (through \c mbedtls_net_recv()/\c mbedtls_net_send()). + * - close a connection (through \c mbedtls_net_close()). + * + * This way you have the means to, for example, implement and use an UDP or + * IPSec communication solution as a basis. + * + * This module can be used at server- and clientside to provide a basic + * means of communication over the internet. + */ diff --git a/doxygen/input/doc_x509.h b/doxygen/input/doc_x509.h new file mode 100644 index 000000000..9b52569bb --- /dev/null +++ b/doxygen/input/doc_x509.h @@ -0,0 +1,45 @@ +/** + * \file doc_x509.h + * + * \brief X.509 module documentation file. + */ +/* + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/** + * @addtogroup x509_module X.509 module + * + * The X.509 module provides X.509 support for reading, writing and verification + * of certificates. + * In summary: + * - X.509 certificate (CRT) reading (see \c mbedtls_x509_crt_parse(), + * \c mbedtls_x509_crt_parse_der(), \c mbedtls_x509_crt_parse_file()). + * - X.509 certificate revocation list (CRL) reading (see + * \c mbedtls_x509_crl_parse(), \c mbedtls_x509_crl_parse_der(), + * and \c mbedtls_x509_crl_parse_file()). + * - X.509 certificate signature verification (see \c + * mbedtls_x509_crt_verify() and \c mbedtls_x509_crt_verify_with_profile(). + * - X.509 certificate writing and certificate request writing (see + * \c mbedtls_x509write_crt_der() and \c mbedtls_x509write_csr_der()). + * + * This module can be used to build a certificate authority (CA) chain and + * verify its signature. It is also used to generate Certificate Signing + * Requests and X.509 certificates just as a CA would do. + */ diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h new file mode 100644 index 000000000..736444bb7 --- /dev/null +++ b/include/mbedtls/debug.h @@ -0,0 +1,265 @@ +/** + * \file debug.h + * + * \brief Functions for controlling and providing debug output from the library. + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_DEBUG_H +#define MBEDTLS_DEBUG_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" + +#if defined(MBEDTLS_ECP_C) +#include "ecp.h" +#endif + +#if defined(MBEDTLS_DEBUG_C) + +#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ + +#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ + mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ + MBEDTLS_DEBUG_STRIP_PARENS args ) + +#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ + mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) + +#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ + mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) + +#if defined(MBEDTLS_BIGNUM_C) +#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ + mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) +#endif + +#if defined(MBEDTLS_ECP_C) +#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ + mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ + mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) +#endif + +#if defined(MBEDTLS_ECDH_C) +#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ + mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) +#endif + +#else /* MBEDTLS_DEBUG_C */ + +#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) + +#endif /* MBEDTLS_DEBUG_C */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Set the threshold error level to handle globally all debug output. + * Debug messages that have a level over the threshold value are + * discarded. + * (Default value: 0 = No debug ) + * + * \param threshold theshold level of messages to filter on. Messages at a + * higher level will be discarded. + * - Debug levels + * - 0 No debug + * - 1 Error + * - 2 State change + * - 3 Informational + * - 4 Verbose + */ +void mbedtls_debug_set_threshold( int threshold ); + +/** + * \brief Print a message to the debug output. This function is always used + * through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl + * context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the message has occurred in + * \param line line number the message has occurred at + * \param format format specifier, in printf format + * \param ... variables used by the format specifier + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ... ); + +/** + * \brief Print the return value of a function to the debug output. This + * function is always used through the MBEDTLS_SSL_DEBUG_RET() macro, + * which supplies the ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text the name of the function that returned the error + * \param ret the return code value + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ); + +/** + * \brief Output a buffer of size len bytes to the debug output. This function + * is always used through the MBEDTLS_SSL_DEBUG_BUF() macro, + * which supplies the ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the buffer being dumped. Normally the + * variable or buffer name + * \param buf the buffer to be outputted + * \param len length of the buffer + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len ); + +#if defined(MBEDTLS_BIGNUM_C) +/** + * \brief Print a MPI variable to the debug output. This function is always + * used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the + * ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the MPI being output. Normally the + * variable name + * \param X the MPI variable + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X ); +#endif + +#if defined(MBEDTLS_ECP_C) +/** + * \brief Print an ECP point to the debug output. This function is always + * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the + * ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the ECP point being output. Normally the + * variable name + * \param X the ECP point + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X ); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Print a X.509 certificate structure to the debug output. This + * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, + * which supplies the ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the certificate being output + * \param crt X.509 certificate structure + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt ); +#endif + +#if defined(MBEDTLS_ECDH_C) +typedef enum +{ + MBEDTLS_DEBUG_ECDH_Q, + MBEDTLS_DEBUG_ECDH_QP, + MBEDTLS_DEBUG_ECDH_Z, +} mbedtls_debug_ecdh_attr; + +/** + * \brief Print a field of the ECDH structure in the SSL context to the debug + * output. This function is always used through the + * MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file + * and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param ecdh the ECDH context + * \param attr the identifier of the attribute being output + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr ); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* debug.h */ + diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h new file mode 100644 index 000000000..8cead58e5 --- /dev/null +++ b/include/mbedtls/net.h @@ -0,0 +1,37 @@ +/** + * \file net.h + * + * \brief Deprecated header file that includes net_sockets.h + * + * \deprecated Superseded by mbedtls/net_sockets.h + */ +/* + * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#include "net_sockets.h" +#if defined(MBEDTLS_DEPRECATED_WARNING) +#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h" +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h new file mode 100644 index 000000000..4c7ef00fe --- /dev/null +++ b/include/mbedtls/net_sockets.h @@ -0,0 +1,271 @@ +/** + * \file net_sockets.h + * + * \brief Network sockets abstraction layer to integrate Mbed TLS into a + * BSD-style sockets API. + * + * The network sockets module provides an example integration of the + * Mbed TLS library into a BSD sockets implementation. The module is + * intended to be an example of how Mbed TLS can be integrated into a + * networking stack, as well as to be Mbed TLS's network integration + * for its supported platforms. + * + * The module is intended only to be used with the Mbed TLS library and + * is not intended to be used by third party application software + * directly. + * + * The supported platforms are as follows: + * * Microsoft Windows and Windows CE + * * POSIX/Unix platforms including Linux, OS X + * + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_NET_SOCKETS_H +#define MBEDTLS_NET_SOCKETS_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" + +#include +#include + +#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ +#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ +#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ +#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ +#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ +#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ +#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ +#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ +#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */ +#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */ +#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */ +#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */ +#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */ + +#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ + +#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */ +#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */ + +#define MBEDTLS_NET_POLL_READ 1 /**< Used in \c mbedtls_net_poll to check for pending data */ +#define MBEDTLS_NET_POLL_WRITE 2 /**< Used in \c mbedtls_net_poll to check if write possible */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Wrapper type for sockets. + * + * Currently backed by just a file descriptor, but might be more in the future + * (eg two file descriptors for combined IPv4 + IPv6 support, or additional + * structures for hand-made UDP demultiplexing). + */ +typedef struct mbedtls_net_context +{ + int fd; /**< The underlying file descriptor */ +} +mbedtls_net_context; + +/** + * \brief Initialize a context + * Just makes the context ready to be used or freed safely. + * + * \param ctx Context to initialize + */ +void mbedtls_net_init( mbedtls_net_context *ctx ); + +/** + * \brief Initiate a connection with host:port in the given protocol + * + * \param ctx Socket to use + * \param host Host to connect to + * \param port Port to connect to + * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP + * + * \return 0 if successful, or one of: + * MBEDTLS_ERR_NET_SOCKET_FAILED, + * MBEDTLS_ERR_NET_UNKNOWN_HOST, + * MBEDTLS_ERR_NET_CONNECT_FAILED + * + * \note Sets the socket in connected mode even with UDP. + */ +int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); + +/** + * \brief Create a receiving socket on bind_ip:port in the chosen + * protocol. If bind_ip == NULL, all interfaces are bound. + * + * \param ctx Socket to use + * \param bind_ip IP to bind to, can be NULL + * \param port Port number to use + * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP + * + * \return 0 if successful, or one of: + * MBEDTLS_ERR_NET_SOCKET_FAILED, + * MBEDTLS_ERR_NET_BIND_FAILED, + * MBEDTLS_ERR_NET_LISTEN_FAILED + * + * \note Regardless of the protocol, opens the sockets and binds it. + * In addition, make the socket listening if protocol is TCP. + */ +int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); + +/** + * \brief Accept a connection from a remote client + * + * \param bind_ctx Relevant socket + * \param client_ctx Will contain the connected client socket + * \param client_ip Will contain the client IP address, can be NULL + * \param buf_size Size of the client_ip buffer + * \param ip_len Will receive the size of the client IP written, + * can be NULL if client_ip is null + * + * \return 0 if successful, or + * MBEDTLS_ERR_NET_ACCEPT_FAILED, or + * MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small, + * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to + * non-blocking and accept() would block. + */ +int mbedtls_net_accept( mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len ); + +/** + * \brief Check and wait for the context to be ready for read/write + * + * \param ctx Socket to check + * \param rw Bitflag composed of MBEDTLS_NET_POLL_READ and + * MBEDTLS_NET_POLL_WRITE specifying the events + * to wait for: + * - If MBEDTLS_NET_POLL_READ is set, the function + * will return as soon as the net context is available + * for reading. + * - If MBEDTLS_NET_POLL_WRITE is set, the function + * will return as soon as the net context is available + * for writing. + * \param timeout Maximal amount of time to wait before returning, + * in milliseconds. If \c timeout is zero, the + * function returns immediately. If \c timeout is + * -1u, the function blocks potentially indefinitely. + * + * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE + * on success or timeout, or a negative return code otherwise. + */ +int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); + +/** + * \brief Set the socket blocking + * + * \param ctx Socket to set + * + * \return 0 if successful, or a non-zero error code + */ +int mbedtls_net_set_block( mbedtls_net_context *ctx ); + +/** + * \brief Set the socket non-blocking + * + * \param ctx Socket to set + * + * \return 0 if successful, or a non-zero error code + */ +int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); + +/** + * \brief Portable usleep helper + * + * \param usec Amount of microseconds to sleep + * + * \note Real amount of time slept will not be less than + * select()'s timeout granularity (typically, 10ms). + */ +void mbedtls_net_usleep( unsigned long usec ); + +/** + * \brief Read at most 'len' characters. If no error occurs, + * the actual amount read is returned. + * + * \param ctx Socket + * \param buf The buffer to write to + * \param len Maximum length of the buffer + * + * \return the number of bytes received, + * or a non-zero error code; with a non-blocking socket, + * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. + */ +int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); + +/** + * \brief Write at most 'len' characters. If no error occurs, + * the actual amount read is returned. + * + * \param ctx Socket + * \param buf The buffer to read from + * \param len The length of the buffer + * + * \return the number of bytes sent, + * or a non-zero error code; with a non-blocking socket, + * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. + */ +int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); + +/** + * \brief Read at most 'len' characters, blocking for at most + * 'timeout' seconds. If no error occurs, the actual amount + * read is returned. + * + * \param ctx Socket + * \param buf The buffer to write to + * \param len Maximum length of the buffer + * \param timeout Maximum number of milliseconds to wait for data + * 0 means no timeout (wait forever) + * + * \return the number of bytes received, + * or a non-zero error code: + * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, + * MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. + * + * \note This function will block (until data becomes available or + * timeout is reached) even if the socket is set to + * non-blocking. Handling timeouts with non-blocking reads + * requires a different strategy. + */ +int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, + uint32_t timeout ); + +/** + * \brief Gracefully shutdown the connection and free associated data + * + * \param ctx The context to free + */ +void mbedtls_net_free( mbedtls_net_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* net_sockets.h */ diff --git a/include/mbedtls/pkcs11.h b/include/mbedtls/pkcs11.h new file mode 100644 index 000000000..02427ddc1 --- /dev/null +++ b/include/mbedtls/pkcs11.h @@ -0,0 +1,175 @@ +/** + * \file pkcs11.h + * + * \brief Wrapper for PKCS#11 library libpkcs11-helper + * + * \author Adriaan de Jong + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_PKCS11_H +#define MBEDTLS_PKCS11_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PKCS11_C) + +#include "x509_crt.h" + +#include + +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Context for PKCS #11 private keys. + */ +typedef struct mbedtls_pkcs11_context +{ + pkcs11h_certificate_t pkcs11h_cert; + int len; +} mbedtls_pkcs11_context; + +/** + * Initialize a mbedtls_pkcs11_context. + * (Just making memory references valid.) + */ +void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); + +/** + * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate. + * + * \param cert X.509 certificate to fill + * \param pkcs11h_cert PKCS #11 helper certificate + * + * \return 0 on success. + */ +int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert ); + +/** + * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the + * mbedtls_pkcs11_context will take over control of the certificate, freeing it when + * done. + * + * \param priv_key Private key structure to fill. + * \param pkcs11_cert PKCS #11 helper certificate + * + * \return 0 on success + */ +int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert ); + +/** + * Free the contents of the given private key context. Note that the structure + * itself is not freed. + * + * \param priv_key Private key structure to cleanup + */ +void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ); + +/** + * \brief Do an RSA private key decrypt, then remove the message + * padding + * + * \param ctx PKCS #11 context + * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param olen will contain the plaintext length + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Do a private RSA to sign a message digest + * + * \param ctx PKCS #11 context + * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * SSL/TLS wrappers for PKCS#11 functions + */ +static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len ) +{ + return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output, + output_max_len ); +} + +static inline int mbedtls_ssl_pkcs11_sign( void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig ) +{ + ((void) f_rng); + ((void) p_rng); + return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg, + hashlen, hash, sig ); +} + +static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx ) +{ + return ( (mbedtls_pkcs11_context *) ctx )->len; +} + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_PKCS11_C */ + +#endif /* MBEDTLS_PKCS11_H */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h new file mode 100644 index 000000000..135be0501 --- /dev/null +++ b/include/mbedtls/ssl.h @@ -0,0 +1,3494 @@ +/** + * \file ssl.h + * + * \brief SSL/TLS functions. + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SSL_H +#define MBEDTLS_SSL_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "bignum.h" +#include "ecp.h" + +#include "ssl_ciphersuites.h" + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#include "x509_crt.h" +#include "x509_crl.h" +#endif + +#if defined(MBEDTLS_DHM_C) +#include "dhm.h" +#endif + +#if defined(MBEDTLS_ECDH_C) +#include "ecdh.h" +#endif + +#if defined(MBEDTLS_ZLIB_SUPPORT) + +#if defined(MBEDTLS_DEPRECATED_WARNING) +#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library" +#endif + +#if defined(MBEDTLS_DEPRECATED_REMOVED) +#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" +#endif + +#include "zlib.h" +#endif + +#if defined(MBEDTLS_HAVE_TIME) +#include "platform_time.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +/* + * SSL Error codes + */ +#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ +#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ +#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ +#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ +#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ +#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ +#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ +#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ +#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ +#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ +#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ +#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ +#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ +#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ +#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ +#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ +#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ +#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ +#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ +#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ +#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ +#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ +#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ +#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ +#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ +#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ +#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ +#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ +#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ +#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ +#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ +#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */ +#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ +#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ +#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ +#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ +#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ +#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */ +#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ +#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ +#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ +#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ + +/* + * Various constants + */ +#define MBEDTLS_SSL_MAJOR_VERSION_3 3 +#define MBEDTLS_SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ +#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ +#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ +#define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ + +#define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */ +#define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */ + +#define MBEDTLS_SSL_MAX_HOST_NAME_LEN 255 /*!< Maximum host name defined in RFC 1035 */ + +/* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c + * NONE must be zero so that memset()ing structure to zero works */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_NONE 0 /*!< don't use this extension */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_512 1 /*!< MaxFragmentLength 2^9 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_1024 2 /*!< MaxFragmentLength 2^10 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_2048 3 /*!< MaxFragmentLength 2^11 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_4096 4 /*!< MaxFragmentLength 2^12 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_INVALID 5 /*!< first invalid value */ + +#define MBEDTLS_SSL_IS_CLIENT 0 +#define MBEDTLS_SSL_IS_SERVER 1 + +#define MBEDTLS_SSL_IS_NOT_FALLBACK 0 +#define MBEDTLS_SSL_IS_FALLBACK 1 + +#define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 +#define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 + +#define MBEDTLS_SSL_ETM_DISABLED 0 +#define MBEDTLS_SSL_ETM_ENABLED 1 + +#define MBEDTLS_SSL_COMPRESS_NULL 0 +#define MBEDTLS_SSL_COMPRESS_DEFLATE 1 + +#define MBEDTLS_SSL_VERIFY_NONE 0 +#define MBEDTLS_SSL_VERIFY_OPTIONAL 1 +#define MBEDTLS_SSL_VERIFY_REQUIRED 2 +#define MBEDTLS_SSL_VERIFY_UNSET 3 /* Used only for sni_authmode */ + +#define MBEDTLS_SSL_LEGACY_RENEGOTIATION 0 +#define MBEDTLS_SSL_SECURE_RENEGOTIATION 1 + +#define MBEDTLS_SSL_RENEGOTIATION_DISABLED 0 +#define MBEDTLS_SSL_RENEGOTIATION_ENABLED 1 + +#define MBEDTLS_SSL_ANTI_REPLAY_DISABLED 0 +#define MBEDTLS_SSL_ANTI_REPLAY_ENABLED 1 + +#define MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED -1 +#define MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT 16 + +#define MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION 0 +#define MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION 1 +#define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE 2 + +#define MBEDTLS_SSL_TRUNC_HMAC_DISABLED 0 +#define MBEDTLS_SSL_TRUNC_HMAC_ENABLED 1 +#define MBEDTLS_SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ + +#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0 +#define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1 + +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED 0 +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED 1 + +#define MBEDTLS_SSL_ARC4_ENABLED 0 +#define MBEDTLS_SSL_ARC4_DISABLED 1 + +#define MBEDTLS_SSL_PRESET_DEFAULT 0 +#define MBEDTLS_SSL_PRESET_SUITEB 2 + +#define MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED 1 +#define MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED 0 + +/* + * Default range for DTLS retransmission timer value, in milliseconds. + * RFC 6347 4.2.4.1 says from 1 second to 60 seconds. + */ +#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN 1000 +#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX 60000 + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +#if !defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) +#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +#endif + +/* + * Maximum fragment length in bytes, + * determines the size of each of the two internal I/O buffers. + * + * Note: the RFC defines the default size of SSL / TLS messages. If you + * change the value here, other clients / servers may not be able to + * communicate with you anymore. Only change this value if you control + * both sides of the connection and have it reduced at both sides, or + * if you're using the Max Fragment Length extension and you know all your + * peers are using it too! + */ +#if !defined(MBEDTLS_SSL_MAX_CONTENT_LEN) +#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ +#endif + +#if !defined(MBEDTLS_SSL_IN_CONTENT_LEN) +#define MBEDTLS_SSL_IN_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN +#endif + +#if !defined(MBEDTLS_SSL_OUT_CONTENT_LEN) +#define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN +#endif + +/* + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + */ +#if !defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) +#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 +#endif + +/* \} name SECTION: Module settings */ + +/* + * Length of the verify data for secure renegotiation + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 36 +#else +#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 12 +#endif + +/* + * Signaling ciphersuite values (SCSV) + */ +#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ +#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< RFC 7507 section 2 */ + +/* + * Supported Signature and Hash algorithms (For TLS 1.2) + * RFC 5246 section 7.4.1.4.1 + */ +#define MBEDTLS_SSL_HASH_NONE 0 +#define MBEDTLS_SSL_HASH_MD5 1 +#define MBEDTLS_SSL_HASH_SHA1 2 +#define MBEDTLS_SSL_HASH_SHA224 3 +#define MBEDTLS_SSL_HASH_SHA256 4 +#define MBEDTLS_SSL_HASH_SHA384 5 +#define MBEDTLS_SSL_HASH_SHA512 6 + +#define MBEDTLS_SSL_SIG_ANON 0 +#define MBEDTLS_SSL_SIG_RSA 1 +#define MBEDTLS_SSL_SIG_ECDSA 3 + +/* + * Client Certificate Types + * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 + */ +#define MBEDTLS_SSL_CERT_TYPE_RSA_SIGN 1 +#define MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN 64 + +/* + * Message, alert and handshake types + */ +#define MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC 20 +#define MBEDTLS_SSL_MSG_ALERT 21 +#define MBEDTLS_SSL_MSG_HANDSHAKE 22 +#define MBEDTLS_SSL_MSG_APPLICATION_DATA 23 + +#define MBEDTLS_SSL_ALERT_LEVEL_WARNING 1 +#define MBEDTLS_SSL_ALERT_LEVEL_FATAL 2 + +#define MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ +#define MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ +#define MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ +#define MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ +#define MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ +#define MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ +#define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ +#define MBEDTLS_SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ +#define MBEDTLS_SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ +#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ +#define MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ +#define MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ +#define MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ +#define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ +#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ +#define MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ +#define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ +#define MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ +#define MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ +#define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ +#define MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ +#define MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ +#define MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ +#define MBEDTLS_SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ +#define MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ +#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ +#define MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ +#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ +#define MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ + +#define MBEDTLS_SSL_HS_HELLO_REQUEST 0 +#define MBEDTLS_SSL_HS_CLIENT_HELLO 1 +#define MBEDTLS_SSL_HS_SERVER_HELLO 2 +#define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST 3 +#define MBEDTLS_SSL_HS_NEW_SESSION_TICKET 4 +#define MBEDTLS_SSL_HS_CERTIFICATE 11 +#define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE 12 +#define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST 13 +#define MBEDTLS_SSL_HS_SERVER_HELLO_DONE 14 +#define MBEDTLS_SSL_HS_CERTIFICATE_VERIFY 15 +#define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE 16 +#define MBEDTLS_SSL_HS_FINISHED 20 + +/* + * TLS extensions + */ +#define MBEDTLS_TLS_EXT_SERVERNAME 0 +#define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME 0 + +#define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 + +#define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 + +#define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 +#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 + +#define MBEDTLS_TLS_EXT_SIG_ALG 13 + +#define MBEDTLS_TLS_EXT_ALPN 16 + +#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ +#define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ + +#define MBEDTLS_TLS_EXT_SESSION_TICKET 35 + +#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ + +#define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 + +/* + * Size defines + */ +#if !defined(MBEDTLS_PSK_MAX_LEN) +#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ +#endif + +/* Dummy type used only for its size */ +union mbedtls_ssl_premaster_secret +{ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + unsigned char _pms_dhm[MBEDTLS_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + unsigned char _pms_psk[4 + 2 * MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 2 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE + + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES + + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */ +#endif +}; + +#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * SSL state machine + */ +typedef enum +{ + MBEDTLS_SSL_HELLO_REQUEST, + MBEDTLS_SSL_CLIENT_HELLO, + MBEDTLS_SSL_SERVER_HELLO, + MBEDTLS_SSL_SERVER_CERTIFICATE, + MBEDTLS_SSL_SERVER_KEY_EXCHANGE, + MBEDTLS_SSL_CERTIFICATE_REQUEST, + MBEDTLS_SSL_SERVER_HELLO_DONE, + MBEDTLS_SSL_CLIENT_CERTIFICATE, + MBEDTLS_SSL_CLIENT_KEY_EXCHANGE, + MBEDTLS_SSL_CERTIFICATE_VERIFY, + MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC, + MBEDTLS_SSL_CLIENT_FINISHED, + MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC, + MBEDTLS_SSL_SERVER_FINISHED, + MBEDTLS_SSL_FLUSH_BUFFERS, + MBEDTLS_SSL_HANDSHAKE_WRAPUP, + MBEDTLS_SSL_HANDSHAKE_OVER, + MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET, + MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, +} +mbedtls_ssl_states; + +/** + * \brief Callback type: send data on the network. + * + * \note That callback may be either blocking or non-blocking. + * + * \param ctx Context for the send callback (typically a file descriptor) + * \param buf Buffer holding the data to send + * \param len Length of the data to send + * + * \return The callback must return the number of bytes sent if any, + * or a non-zero error code. + * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_WRITE + * must be returned when the operation would block. + * + * \note The callback is allowed to send fewer bytes than requested. + * It must always return the number of bytes actually sent. + */ +typedef int mbedtls_ssl_send_t( void *ctx, + const unsigned char *buf, + size_t len ); + +/** + * \brief Callback type: receive data from the network. + * + * \note That callback may be either blocking or non-blocking. + * + * \param ctx Context for the receive callback (typically a file + * descriptor) + * \param buf Buffer to write the received data to + * \param len Length of the receive buffer + * + * \return The callback must return the number of bytes received, + * or a non-zero error code. + * If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ + * must be returned when the operation would block. + * + * \note The callback may receive fewer bytes than the length of the + * buffer. It must always return the number of bytes actually + * received and written to the buffer. + */ +typedef int mbedtls_ssl_recv_t( void *ctx, + unsigned char *buf, + size_t len ); + +/** + * \brief Callback type: receive data from the network, with timeout + * + * \note That callback must block until data is received, or the + * timeout delay expires, or the operation is interrupted by a + * signal. + * + * \param ctx Context for the receive callback (typically a file descriptor) + * \param buf Buffer to write the received data to + * \param len Length of the receive buffer + * \param timeout Maximum nomber of millisecondes to wait for data + * 0 means no timeout (potentially waiting forever) + * + * \return The callback must return the number of bytes received, + * or a non-zero error code: + * \c MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, + * \c MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. + * + * \note The callback may receive fewer bytes than the length of the + * buffer. It must always return the number of bytes actually + * received and written to the buffer. + */ +typedef int mbedtls_ssl_recv_timeout_t( void *ctx, + unsigned char *buf, + size_t len, + uint32_t timeout ); +/** + * \brief Callback type: set a pair of timers/delays to watch + * + * \param ctx Context pointer + * \param int_ms Intermediate delay in milliseconds + * \param fin_ms Final delay in milliseconds + * 0 cancels the current timer. + * + * \note This callback must at least store the necessary information + * for the associated \c mbedtls_ssl_get_timer_t callback to + * return correct information. + * + * \note If using a event-driven style of programming, an event must + * be generated when the final delay is passed. The event must + * cause a call to \c mbedtls_ssl_handshake() with the proper + * SSL context to be scheduled. Care must be taken to ensure + * that at most one such call happens at a time. + * + * \note Only one timer at a time must be running. Calling this + * function while a timer is running must cancel it. Cancelled + * timers must not generate any event. + */ +typedef void mbedtls_ssl_set_timer_t( void * ctx, + uint32_t int_ms, + uint32_t fin_ms ); + +/** + * \brief Callback type: get status of timers/delays + * + * \param ctx Context pointer + * + * \return This callback must return: + * -1 if cancelled (fin_ms == 0), + * 0 if none of the delays have passed, + * 1 if only the intermediate delay has passed, + * 2 if the final delay has passed. + */ +typedef int mbedtls_ssl_get_timer_t( void * ctx ); + +/* Defined below */ +typedef struct mbedtls_ssl_session mbedtls_ssl_session; +typedef struct mbedtls_ssl_context mbedtls_ssl_context; +typedef struct mbedtls_ssl_config mbedtls_ssl_config; + +/* Defined in ssl_internal.h */ +typedef struct mbedtls_ssl_transform mbedtls_ssl_transform; +typedef struct mbedtls_ssl_handshake_params mbedtls_ssl_handshake_params; +typedef struct mbedtls_ssl_sig_hash_set_t mbedtls_ssl_sig_hash_set_t; +#if defined(MBEDTLS_X509_CRT_PARSE_C) +typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert; +#endif +#if defined(MBEDTLS_SSL_PROTO_DTLS) +typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; +#endif + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Callback type: start external signature operation. + * + * This callback is called during an SSL handshake to start + * a signature decryption operation using an + * external processor. The parameter \p cert contains + * the public key; it is up to the callback function to + * determine how to access the associated private key. + * + * This function typically sends or enqueues a request, and + * does not wait for the operation to complete. This allows + * the handshake step to be non-blocking. + * + * The parameters \p ssl and \p cert are guaranteed to remain + * valid throughout the handshake. On the other hand, this + * function must save the contents of \p hash if the value + * is needed for later processing, because the \p hash buffer + * is no longer valid after this function returns. + * + * This function may call mbedtls_ssl_set_async_operation_data() + * to store an operation context for later retrieval + * by the resume or cancel callback. + * + * \note For RSA signatures, this function must produce output + * that is consistent with PKCS#1 v1.5 in the same way as + * mbedtls_rsa_pkcs1_sign(). Before the private key operation, + * apply the padding steps described in RFC 8017, section 9.2 + * "EMSA-PKCS1-v1_5" as follows. + * - If \p md_alg is #MBEDTLS_MD_NONE, apply the PKCS#1 v1.5 + * encoding, treating \p hash as the DigestInfo to be + * padded. In other words, apply EMSA-PKCS1-v1_5 starting + * from step 3, with `T = hash` and `tLen = hash_len`. + * - If `md_alg != MBEDTLS_MD_NONE`, apply the PKCS#1 v1.5 + * encoding, treating \p hash as the hash to be encoded and + * padded. In other words, apply EMSA-PKCS1-v1_5 starting + * from step 2, with `digestAlgorithm` obtained by calling + * mbedtls_oid_get_oid_by_md() on \p md_alg. + * + * \note For ECDSA signatures, the output format is the DER encoding + * `Ecdsa-Sig-Value` defined in + * [RFC 4492 section 5.4](https://tools.ietf.org/html/rfc4492#section-5.4). + * + * \param ssl The SSL connection instance. It should not be + * modified other than via + * mbedtls_ssl_set_async_operation_data(). + * \param cert Certificate containing the public key. + * In simple cases, this is one of the pointers passed to + * mbedtls_ssl_conf_own_cert() when configuring the SSL + * connection. However, if other callbacks are used, this + * property may not hold. For example, if an SNI callback + * is registered with mbedtls_ssl_conf_sni(), then + * this callback determines what certificate is used. + * \param md_alg Hash algorithm. + * \param hash Buffer containing the hash. This buffer is + * no longer valid when the function returns. + * \param hash_len Size of the \c hash buffer in bytes. + * + * \return 0 if the operation was started successfully and the SSL + * stack should call the resume callback immediately. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation + * was started successfully and the SSL stack should return + * immediately without calling the resume callback yet. + * \return #MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH if the external + * processor does not support this key. The SSL stack will + * use the private key object instead. + * \return Any other error indicates a fatal failure and is + * propagated up the call chain. The callback should + * use \c MBEDTLS_ERR_PK_xxx error codes, and must not + * use \c MBEDTLS_ERR_SSL_xxx error codes except as + * directed in the documentation of this callback. + */ +typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + mbedtls_md_type_t md_alg, + const unsigned char *hash, + size_t hash_len ); + +/** + * \brief Callback type: start external decryption operation. + * + * This callback is called during an SSL handshake to start + * an RSA decryption operation using an + * external processor. The parameter \p cert contains + * the public key; it is up to the callback function to + * determine how to access the associated private key. + * + * This function typically sends or enqueues a request, and + * does not wait for the operation to complete. This allows + * the handshake step to be non-blocking. + * + * The parameters \p ssl and \p cert are guaranteed to remain + * valid throughout the handshake. On the other hand, this + * function must save the contents of \p input if the value + * is needed for later processing, because the \p input buffer + * is no longer valid after this function returns. + * + * This function may call mbedtls_ssl_set_async_operation_data() + * to store an operation context for later retrieval + * by the resume or cancel callback. + * + * \warning RSA decryption as used in TLS is subject to a potential + * timing side channel attack first discovered by Bleichenbacher + * in 1998. This attack can be remotely exploitable + * in practice. To avoid this attack, you must ensure that + * if the callback performs an RSA decryption, the time it + * takes to execute and return the result does not depend + * on whether the RSA decryption succeeded or reported + * invalid padding. + * + * \param ssl The SSL connection instance. It should not be + * modified other than via + * mbedtls_ssl_set_async_operation_data(). + * \param cert Certificate containing the public key. + * In simple cases, this is one of the pointers passed to + * mbedtls_ssl_conf_own_cert() when configuring the SSL + * connection. However, if other callbacks are used, this + * property may not hold. For example, if an SNI callback + * is registered with mbedtls_ssl_conf_sni(), then + * this callback determines what certificate is used. + * \param input Buffer containing the input ciphertext. This buffer + * is no longer valid when the function returns. + * \param input_len Size of the \p input buffer in bytes. + * + * \return 0 if the operation was started successfully and the SSL + * stack should call the resume callback immediately. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation + * was started successfully and the SSL stack should return + * immediately without calling the resume callback yet. + * \return #MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH if the external + * processor does not support this key. The SSL stack will + * use the private key object instead. + * \return Any other error indicates a fatal failure and is + * propagated up the call chain. The callback should + * use \c MBEDTLS_ERR_PK_xxx error codes, and must not + * use \c MBEDTLS_ERR_SSL_xxx error codes except as + * directed in the documentation of this callback. + */ +typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + const unsigned char *input, + size_t input_len ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/** + * \brief Callback type: resume external operation. + * + * This callback is called during an SSL handshake to resume + * an external operation started by the + * ::mbedtls_ssl_async_sign_t or + * ::mbedtls_ssl_async_decrypt_t callback. + * + * This function typically checks the status of a pending + * request or causes the request queue to make progress, and + * does not wait for the operation to complete. This allows + * the handshake step to be non-blocking. + * + * This function may call mbedtls_ssl_get_async_operation_data() + * to retrieve an operation context set by the start callback. + * It may call mbedtls_ssl_set_async_operation_data() to modify + * this context. + * + * Note that when this function returns a status other than + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, it must free any + * resources associated with the operation. + * + * \param ssl The SSL connection instance. It should not be + * modified other than via + * mbedtls_ssl_set_async_operation_data(). + * \param output Buffer containing the output (signature or decrypted + * data) on success. + * \param output_len On success, number of bytes written to \p output. + * \param output_size Size of the \p output buffer in bytes. + * + * \return 0 if output of the operation is available in the + * \p output buffer. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if the operation + * is still in progress. Subsequent requests for progress + * on the SSL connection will call the resume callback + * again. + * \return Any other error means that the operation is aborted. + * The SSL handshake is aborted. The callback should + * use \c MBEDTLS_ERR_PK_xxx error codes, and must not + * use \c MBEDTLS_ERR_SSL_xxx error codes except as + * directed in the documentation of this callback. + */ +typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl, + unsigned char *output, + size_t *output_len, + size_t output_size ); + +/** + * \brief Callback type: cancel external operation. + * + * This callback is called if an SSL connection is closed + * while an asynchronous operation is in progress. Note that + * this callback is not called if the + * ::mbedtls_ssl_async_resume_t callback has run and has + * returned a value other than + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, since in that case + * the asynchronous operation has already completed. + * + * This function may call mbedtls_ssl_get_async_operation_data() + * to retrieve an operation context set by the start callback. + * + * \param ssl The SSL connection instance. It should not be + * modified. + */ +typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) && \ + !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +#define MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN 48 +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA256 +#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 32 +#elif defined(MBEDTLS_SHA512_C) +#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA384 +#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 48 +#elif defined(MBEDTLS_SHA1_C) +#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA1 +#define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 20 +#else +/* This is already checked in check_config.h, but be sure. */ +#error "Bad configuration - need SHA-1, SHA-256 or SHA-512 enabled to compute digest of peer CRT." +#endif +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED && + !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +/* + * This structure is used for storing current session data. + */ +struct mbedtls_ssl_session +{ +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t start; /*!< starting time */ +#endif + int ciphersuite; /*!< chosen ciphersuite */ + int compression; /*!< chosen compression */ + size_t id_len; /*!< session id length */ + unsigned char id[32]; /*!< session identifier */ + unsigned char master[48]; /*!< the master secret */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + /*! The digest of the peer's end-CRT. This must be kept to detect CRT + * changes during renegotiation, mitigating the triple handshake attack. */ + unsigned char *peer_cert_digest; + size_t peer_cert_digest_len; + mbedtls_md_type_t peer_cert_digest_type; +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + uint32_t verify_result; /*!< verification result */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + unsigned char *ticket; /*!< RFC 5077 session ticket */ + size_t ticket_len; /*!< session ticket length */ + uint32_t ticket_lifetime; /*!< ticket lifetime hint */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + int trunc_hmac; /*!< flag for truncated hmac activation */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + int encrypt_then_mac; /*!< flag for EtM activation */ +#endif +}; + +/** + * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. + */ +struct mbedtls_ssl_config +{ + /* Group items by size (largest first) to minimize padding overhead */ + + /* + * Pointers + */ + + const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */ + + /** Callback for printing debug output */ + void (*f_dbg)(void *, int, const char *, int, const char *); + void *p_dbg; /*!< context for the debug function */ + + /** Callback for getting (pseudo-)random numbers */ + int (*f_rng)(void *, unsigned char *, size_t); + void *p_rng; /*!< context for the RNG function */ + + /** Callback to retrieve a session from the cache */ + int (*f_get_cache)(void *, mbedtls_ssl_session *); + /** Callback to store a session into the cache */ + int (*f_set_cache)(void *, const mbedtls_ssl_session *); + void *p_cache; /*!< context for cache callbacks */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + /** Callback for setting cert according to SNI extension */ + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); + void *p_sni; /*!< context for SNI callback */ +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /** Callback to customize X.509 certificate chain verification */ + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); + void *p_vrfy; /*!< context for X.509 verify calllback */ +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + /** Callback to retrieve PSK key from identity */ + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); + void *p_psk; /*!< context for PSK callback */ +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + /** Callback to create & write a cookie for ClientHello veirifcation */ + int (*f_cookie_write)( void *, unsigned char **, unsigned char *, + const unsigned char *, size_t ); + /** Callback to verify validity of a ClientHello cookie */ + int (*f_cookie_check)( void *, const unsigned char *, size_t, + const unsigned char *, size_t ); + void *p_cookie; /*!< context for the cookie callbacks */ +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) + /** Callback to create & write a session ticket */ + int (*f_ticket_write)( void *, const mbedtls_ssl_session *, + unsigned char *, const unsigned char *, size_t *, uint32_t * ); + /** Callback to parse a session ticket into a session structure */ + int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); + void *p_ticket; /*!< context for the ticket callbacks */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + /** Callback to export key block and master secret */ + int (*f_export_keys)( void *, const unsigned char *, + const unsigned char *, size_t, size_t, size_t ); + void *p_export_keys; /*!< context for key export callback */ +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */ + mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */ + mbedtls_x509_crt *ca_chain; /*!< trusted CAs */ + mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */ +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + mbedtls_x509_crt_ca_cb_t f_ca_cb; + void *p_ca_cb; +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_ssl_async_sign_t *f_async_sign_start; /*!< start asynchronous signature operation */ + mbedtls_ssl_async_decrypt_t *f_async_decrypt_start; /*!< start asynchronous decryption operation */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + mbedtls_ssl_async_resume_t *f_async_resume; /*!< resume asynchronous operation */ + mbedtls_ssl_async_cancel_t *f_async_cancel; /*!< cancel asynchronous operation */ + void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */ +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + const int *sig_hashes; /*!< allowed signature hashes */ +#endif + +#if defined(MBEDTLS_ECP_C) + const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */ +#endif + +#if defined(MBEDTLS_DHM_C) + mbedtls_mpi dhm_P; /*!< prime modulus for DHM */ + mbedtls_mpi dhm_G; /*!< generator for DHM */ +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_handle_t psk_opaque; /*!< PSA key slot holding opaque PSK. + * This field should only be set via + * mbedtls_ssl_conf_psk_opaque(). + * If either no PSK or a raw PSK have + * been configured, this has value \c 0. */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + unsigned char *psk; /*!< The raw pre-shared key. This field should + * only be set via mbedtls_ssl_conf_psk(). + * If either no PSK or an opaque PSK + * have been configured, this has value NULL. */ + size_t psk_len; /*!< The length of the raw pre-shared key. + * This field should only be set via + * mbedtls_ssl_conf_psk(). + * Its value is non-zero if and only if + * \c psk is not \c NULL. */ + + unsigned char *psk_identity; /*!< The PSK identity for PSK negotiation. + * This field should only be set via + * mbedtls_ssl_conf_psk(). + * This is set if and only if either + * \c psk or \c psk_opaque are set. */ + size_t psk_identity_len;/*!< The length of PSK identity. + * This field should only be set via + * mbedtls_ssl_conf_psk(). + * Its value is non-zero if and only if + * \c psk is not \c NULL or \c psk_opaque + * is not \c 0. */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_SSL_ALPN) + const char **alpn_list; /*!< ordered list of protocols */ +#endif + + /* + * Numerical settings (int then char) + */ + + uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint32_t hs_timeout_min; /*!< initial value of the handshake + retransmission timeout (ms) */ + uint32_t hs_timeout_max; /*!< maximum value of the handshake + retransmission timeout (ms) */ +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renego_max_records; /*!< grace period for renegotiation */ + unsigned char renego_period[8]; /*!< value of the record counters + that triggers renegotiation */ +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + unsigned int badmac_limit; /*!< limit of records with a bad MAC */ +#endif + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) + unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ +#endif + + unsigned char max_major_ver; /*!< max. major version used */ + unsigned char max_minor_ver; /*!< max. minor version used */ + unsigned char min_major_ver; /*!< min. major version used */ + unsigned char min_minor_ver; /*!< min. minor version used */ + + /* + * Flags (bitfields) + */ + + unsigned int endpoint : 1; /*!< 0: client, 1: server */ + unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ + unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ + /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ + unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ +#if defined(MBEDTLS_ARC4_C) + unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ +#endif +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned int mfl_code : 3; /*!< desired fragment length */ +#endif +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ +#endif +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ +#endif +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + unsigned int anti_replay : 1; /*!< detect and prevent replay? */ +#endif +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ +#endif +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + unsigned int session_tickets : 1; /*!< use session tickets? */ +#endif +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) + unsigned int fallback : 1; /*!< is this a fallback? */ +#endif +#if defined(MBEDTLS_SSL_SRV_C) + unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in + Certificate Request messages? */ +#endif +}; + + +struct mbedtls_ssl_context +{ + const mbedtls_ssl_config *conf; /*!< configuration information */ + + /* + * Miscellaneous + */ + int state; /*!< SSL handshake: current state */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renego_status; /*!< Initial, in progress, pending? */ + int renego_records_seen; /*!< Records since renego request, or with DTLS, + number of retransmissions of request if + renego_max_records is < 0 */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ + int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + unsigned badmac_seen; /*!< records with a bad MAC received */ +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /** Callback to customize X.509 certificate chain verification */ + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); + void *p_vrfy; /*!< context for X.509 verify callback */ +#endif + + mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ + mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ + mbedtls_ssl_recv_timeout_t *f_recv_timeout; + /*!< Callback for network receive with timeout */ + + void *p_bio; /*!< context for I/O operations */ + + /* + * Session layer + */ + mbedtls_ssl_session *session_in; /*!< current session data (in) */ + mbedtls_ssl_session *session_out; /*!< current session data (out) */ + mbedtls_ssl_session *session; /*!< negotiated session data */ + mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ + + mbedtls_ssl_handshake_params *handshake; /*!< params required only during + the handshake process */ + + /* + * Record layer transformations + */ + mbedtls_ssl_transform *transform_in; /*!< current transform params (in) */ + mbedtls_ssl_transform *transform_out; /*!< current transform params (in) */ + mbedtls_ssl_transform *transform; /*!< negotiated transform params */ + mbedtls_ssl_transform *transform_negotiate; /*!< transform params in negotiation */ + + /* + * Timers + */ + void *p_timer; /*!< context for the timer callbacks */ + + mbedtls_ssl_set_timer_t *f_set_timer; /*!< set timer callback */ + mbedtls_ssl_get_timer_t *f_get_timer; /*!< get timer callback */ + + /* + * Record layer (incoming data) + */ + unsigned char *in_buf; /*!< input buffer */ + unsigned char *in_ctr; /*!< 64-bit incoming message counter + TLS: maintained by us + DTLS: read from peer */ + unsigned char *in_hdr; /*!< start of record header */ + unsigned char *in_len; /*!< two-bytes message length field */ + unsigned char *in_iv; /*!< ivlen-byte IV */ + unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ + unsigned char *in_offt; /*!< read offset in application data */ + + int in_msgtype; /*!< record header: message type */ + size_t in_msglen; /*!< record header: message length */ + size_t in_left; /*!< amount of data read so far */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint16_t in_epoch; /*!< DTLS epoch for incoming records */ + size_t next_record_offset; /*!< offset of the next record in datagram + (equal to in_left if none) */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + uint64_t in_window_top; /*!< last validated record seq_num */ + uint64_t in_window; /*!< bitmask for replay detection */ +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + + size_t in_hslen; /*!< current handshake message length, + including the handshake header */ + int nb_zero; /*!< # of 0-length encrypted messages */ + + int keep_current_message; /*!< drop or reuse current message + on next call to record layer? */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint8_t disable_datagram_packing; /*!< Disable packing multiple records + * within a single datagram. */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + /* + * Record layer (outgoing data) + */ + unsigned char *out_buf; /*!< output buffer */ + unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ + unsigned char *out_hdr; /*!< start of record header */ + unsigned char *out_len; /*!< two-bytes message length field */ + unsigned char *out_iv; /*!< ivlen-byte IV */ + unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ + + int out_msgtype; /*!< record header: message type */ + size_t out_msglen; /*!< record header: message length */ + size_t out_left; /*!< amount of data not yet written */ + + unsigned char cur_out_ctr[8]; /*!< Outgoing record sequence number. */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_ZLIB_SUPPORT) + unsigned char *compress_buf; /*!< zlib data buffer */ +#endif /* MBEDTLS_ZLIB_SUPPORT */ +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + signed char split_done; /*!< current record already splitted? */ +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ + + /* + * PKI layer + */ + int client_auth; /*!< flag for client auth. */ + + /* + * User settings + */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + char *hostname; /*!< expected peer CN for verification + (and SNI if available) */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_ALPN) + const char *alpn_chosen; /*!< negotiated protocol */ +#endif /* MBEDTLS_SSL_ALPN */ + + /* + * Information for DTLS hello verify + */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + unsigned char *cli_id; /*!< transport-level ID of the client */ + size_t cli_id_len; /*!< length of cli_id */ +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ + + /* + * Secure renegotiation + */ + /* needed to know when to send extension on server */ + int secure_renegotiation; /*!< does peer support legacy or + secure renegotiation */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + size_t verify_data_len; /*!< length of verify data stored */ + char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ + char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ +}; + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + +#define MBEDTLS_SSL_CHANNEL_OUTBOUND 0 +#define MBEDTLS_SSL_CHANNEL_INBOUND 1 + +extern int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen); +extern int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction); +extern int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl); +extern int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl); +extern int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl); +extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl); +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + +/** + * \brief Return the name of the ciphersuite associated with the + * given ID + * + * \param ciphersuite_id SSL ciphersuite ID + * + * \return a string containing the ciphersuite name + */ +const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); + +/** + * \brief Return the ID of the ciphersuite associated with the + * given name + * + * \param ciphersuite_name SSL ciphersuite name + * + * \return the ID with the ciphersuite or 0 if not found + */ +int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); + +/** + * \brief Initialize an SSL context + * Just makes the context ready for mbedtls_ssl_setup() or + * mbedtls_ssl_free() + * + * \param ssl SSL context + */ +void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); + +/** + * \brief Set up an SSL context for use + * + * \note No copy of the configuration context is made, it can be + * shared by many mbedtls_ssl_context structures. + * + * \warning The conf structure will be accessed during the session. + * It must not be modified or freed as long as the session + * is active. + * + * \warning This function must be called exactly once per context. + * Calling mbedtls_ssl_setup again is not supported, even + * if no session is active. + * + * \param ssl SSL context + * \param conf SSL configuration to use + * + * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if + * memory allocation failed + */ +int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf ); + +/** + * \brief Reset an already initialized SSL context for re-use + * while retaining application-set variables, function + * pointers and data. + * + * \param ssl SSL context + * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED, + MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or + * MBEDTLS_ERR_SSL_COMPRESSION_FAILED + */ +int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); + +/** + * \brief Set the current endpoint type + * + * \param conf SSL configuration + * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER + */ +void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); + +/** + * \brief Set the transport type (TLS or DTLS). + * Default: TLS + * + * \note For DTLS, you must either provide a recv callback that + * doesn't block, or one that handles timeouts, see + * \c mbedtls_ssl_set_bio(). You also need to provide timer + * callbacks with \c mbedtls_ssl_set_timer_cb(). + * + * \param conf SSL configuration + * \param transport transport type: + * MBEDTLS_SSL_TRANSPORT_STREAM for TLS, + * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS. + */ +void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); + +/** + * \brief Set the certificate verification mode + * Default: NONE on server, REQUIRED on client + * + * \param conf SSL configuration + * \param authmode can be: + * + * MBEDTLS_SSL_VERIFY_NONE: peer certificate is not checked + * (default on server) + * (insecure on client) + * + * MBEDTLS_SSL_VERIFY_OPTIONAL: peer certificate is checked, however the + * handshake continues even if verification failed; + * mbedtls_ssl_get_verify_result() can be called after the + * handshake is complete. + * + * MBEDTLS_SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, + * handshake is aborted if verification failed. + * (default on client) + * + * \note On client, MBEDTLS_SSL_VERIFY_REQUIRED is the recommended mode. + * With MBEDTLS_SSL_VERIFY_OPTIONAL, the user needs to call mbedtls_ssl_get_verify_result() at + * the right time(s), which may not be obvious, while REQUIRED always perform + * the verification as soon as possible. For example, REQUIRED was protecting + * against the "triple handshake" attack even before it was found. + */ +void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set the verification callback (Optional). + * + * If set, the provided verify callback is called for each + * certificate in the peer's CRT chain, including the trusted + * root. For more information, please see the documentation of + * \c mbedtls_x509_crt_verify(). + * + * \note For per context callbacks and contexts, please use + * mbedtls_ssl_set_verify() instead. + * + * \param conf The SSL configuration to use. + * \param f_vrfy The verification callback to use during CRT verification. + * \param p_vrfy The opaque context to be passed to the callback. + */ +void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/** + * \brief Set the random number generator callback + * + * \param conf SSL configuration + * \param f_rng RNG function + * \param p_rng RNG parameter + */ +void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Set the debug callback + * + * The callback has the following argument: + * void * opaque context for the callback + * int debug level + * const char * file name + * int line number + * const char * message + * + * \param conf SSL configuration + * \param f_dbg debug function + * \param p_dbg debug parameter + */ +void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg ); + +/** + * \brief Set the underlying BIO callbacks for write, read and + * read-with-timeout. + * + * \param ssl SSL context + * \param p_bio parameter (context) shared by BIO callbacks + * \param f_send write callback + * \param f_recv read callback + * \param f_recv_timeout blocking read callback with timeout. + * + * \note One of f_recv or f_recv_timeout can be NULL, in which case + * the other is used. If both are non-NULL, f_recv_timeout is + * used and f_recv is ignored (as if it were NULL). + * + * \note The two most common use cases are: + * - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL + * - blocking I/O, f_recv == NULL, f_recv_timout != NULL + * + * \note For DTLS, you need to provide either a non-NULL + * f_recv_timeout callback, or a f_recv that doesn't block. + * + * \note See the documentations of \c mbedtls_ssl_sent_t, + * \c mbedtls_ssl_recv_t and \c mbedtls_ssl_recv_timeout_t for + * the conventions those callbacks must follow. + * + * \note On some platforms, net_sockets.c provides + * \c mbedtls_net_send(), \c mbedtls_net_recv() and + * \c mbedtls_net_recv_timeout() that are suitable to be used + * here. + */ +void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, + void *p_bio, + mbedtls_ssl_send_t *f_send, + mbedtls_ssl_recv_t *f_recv, + mbedtls_ssl_recv_timeout_t *f_recv_timeout ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/** + * \brief Set the Maximum Tranport Unit (MTU). + * Special value: 0 means unset (no limit). + * This represents the maximum size of a datagram payload + * handled by the transport layer (usually UDP) as determined + * by the network link and stack. In practice, this controls + * the maximum size datagram the DTLS layer will pass to the + * \c f_send() callback set using \c mbedtls_ssl_set_bio(). + * + * \note The limit on datagram size is converted to a limit on + * record payload by subtracting the current overhead of + * encapsulation and encryption/authentication if any. + * + * \note This can be called at any point during the connection, for + * example when a Path Maximum Transfer Unit (PMTU) + * estimate becomes available from other sources, + * such as lower (or higher) protocol layers. + * + * \note This setting only controls the size of the packets we send, + * and does not restrict the size of the datagrams we're + * willing to receive. Client-side, you can request the + * server to use smaller records with \c + * mbedtls_ssl_conf_max_frag_len(). + * + * \note If both a MTU and a maximum fragment length have been + * configured (or negotiated with the peer), the resulting + * lower limit on record payload (see first note) is used. + * + * \note This can only be used to decrease the maximum size + * of datagrams (hence records, see first note) sent. It + * cannot be used to increase the maximum size of records over + * the limit set by #MBEDTLS_SSL_OUT_CONTENT_LEN. + * + * \note Values lower than the current record layer expansion will + * result in an error when trying to send data. + * + * \note Using record compression together with a non-zero MTU value + * will result in an error when trying to send data. + * + * \param ssl SSL context + * \param mtu Value of the path MTU in bytes + */ +void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set a connection-specific verification callback (optional). + * + * If set, the provided verify callback is called for each + * certificate in the peer's CRT chain, including the trusted + * root. For more information, please see the documentation of + * \c mbedtls_x509_crt_verify(). + * + * \note This call is analogous to mbedtls_ssl_conf_verify() but + * binds the verification callback and context to an SSL context + * as opposed to an SSL configuration. + * If mbedtls_ssl_conf_verify() and mbedtls_ssl_set_verify() + * are both used, mbedtls_ssl_set_verify() takes precedence. + * + * \param ssl The SSL context to use. + * \param f_vrfy The verification callback to use during CRT verification. + * \param p_vrfy The opaque context to be passed to the callback. + */ +void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/** + * \brief Set the timeout period for mbedtls_ssl_read() + * (Default: no timeout.) + * + * \param conf SSL configuration context + * \param timeout Timeout value in milliseconds. + * Use 0 for no timeout (default). + * + * \note With blocking I/O, this will only work if a non-NULL + * \c f_recv_timeout was set with \c mbedtls_ssl_set_bio(). + * With non-blocking I/O, this will only work if timer + * callbacks were set with \c mbedtls_ssl_set_timer_cb(). + * + * \note With non-blocking I/O, you may also skip this function + * altogether and handle timeouts at the application layer. + */ +void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); + +/** + * \brief Set the timer callbacks (Mandatory for DTLS.) + * + * \param ssl SSL context + * \param p_timer parameter (context) shared by timer callbacks + * \param f_set_timer set timer callback + * \param f_get_timer get timer callback. Must return: + * + * \note See the documentation of \c mbedtls_ssl_set_timer_t and + * \c mbedtls_ssl_get_timer_t for the conventions this pair of + * callbacks must follow. + * + * \note On some platforms, timing.c provides + * \c mbedtls_timing_set_delay() and + * \c mbedtls_timing_get_delay() that are suitable for using + * here, except if using an event-driven style. + * + * \note See also the "DTLS tutorial" article in our knowledge base. + * https://tls.mbed.org/kb/how-to/dtls-tutorial + */ +void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, + void *p_timer, + mbedtls_ssl_set_timer_t *f_set_timer, + mbedtls_ssl_get_timer_t *f_get_timer ); + +/** + * \brief Callback type: generate and write session ticket + * + * \note This describes what a callback implementation should do. + * This callback should generate an encrypted and + * authenticated ticket for the session and write it to the + * output buffer. Here, ticket means the opaque ticket part + * of the NewSessionTicket structure of RFC 5077. + * + * \param p_ticket Context for the callback + * \param session SSL session to be written in the ticket + * \param start Start of the output buffer + * \param end End of the output buffer + * \param tlen On exit, holds the length written + * \param lifetime On exit, holds the lifetime of the ticket in seconds + * + * \return 0 if successful, or + * a specific MBEDTLS_ERR_XXX code. + */ +typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *lifetime ); + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) +/** + * \brief Callback type: Export key block and master secret + * + * \note This is required for certain uses of TLS, e.g. EAP-TLS + * (RFC 5216) and Thread. The key pointers are ephemeral and + * therefore must not be stored. The master secret and keys + * should not be used directly except as an input to a key + * derivation function. + * + * \param p_expkey Context for the callback + * \param ms Pointer to master secret (fixed length: 48 bytes) + * \param kb Pointer to key block, see RFC 5246 section 6.3 + * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen). + * \param maclen MAC length + * \param keylen Key length + * \param ivlen IV length + * + * \return 0 if successful, or + * a specific MBEDTLS_ERR_XXX code. + */ +typedef int mbedtls_ssl_export_keys_t( void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen ); +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + +/** + * \brief Callback type: parse and load session ticket + * + * \note This describes what a callback implementation should do. + * This callback should parse a session ticket as generated + * by the corresponding mbedtls_ssl_ticket_write_t function, + * and, if the ticket is authentic and valid, load the + * session. + * + * \note The implementation is allowed to modify the first len + * bytes of the input buffer, eg to use it as a temporary + * area for the decrypted ticket contents. + * + * \param p_ticket Context for the callback + * \param session SSL session to be loaded + * \param buf Start of the buffer containing the ticket + * \param len Length of the ticket. + * + * \return 0 if successful, or + * MBEDTLS_ERR_SSL_INVALID_MAC if not authentic, or + * MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or + * any other non-zero code for other failures. + */ +typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len ); + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Configure SSL session ticket callbacks (server only). + * (Default: none.) + * + * \note On server, session tickets are enabled by providing + * non-NULL callbacks. + * + * \note On client, use \c mbedtls_ssl_conf_session_tickets(). + * + * \param conf SSL configuration context + * \param f_ticket_write Callback for writing a ticket + * \param f_ticket_parse Callback for parsing a ticket + * \param p_ticket Context shared by the two callbacks + */ +void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket ); +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) +/** + * \brief Configure key export callback. + * (Default: none.) + * + * \note See \c mbedtls_ssl_export_keys_t. + * + * \param conf SSL configuration context + * \param f_export_keys Callback for exporting keys + * \param p_export_keys Context for the callback + */ +void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys ); +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +/** + * \brief Configure asynchronous private key operation callbacks. + * + * \param conf SSL configuration context + * \param f_async_sign Callback to start a signature operation. See + * the description of ::mbedtls_ssl_async_sign_t + * for more information. This may be \c NULL if the + * external processor does not support any signature + * operation; in this case the private key object + * associated with the certificate will be used. + * \param f_async_decrypt Callback to start a decryption operation. See + * the description of ::mbedtls_ssl_async_decrypt_t + * for more information. This may be \c NULL if the + * external processor does not support any decryption + * operation; in this case the private key object + * associated with the certificate will be used. + * \param f_async_resume Callback to resume an asynchronous operation. See + * the description of ::mbedtls_ssl_async_resume_t + * for more information. This may not be \c NULL unless + * \p f_async_sign and \p f_async_decrypt are both + * \c NULL. + * \param f_async_cancel Callback to cancel an asynchronous operation. See + * the description of ::mbedtls_ssl_async_cancel_t + * for more information. This may be \c NULL if + * no cleanup is needed. + * \param config_data A pointer to configuration data which can be + * retrieved with + * mbedtls_ssl_conf_get_async_config_data(). The + * library stores this value without dereferencing it. + */ +void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_async_sign_t *f_async_sign, + mbedtls_ssl_async_decrypt_t *f_async_decrypt, + mbedtls_ssl_async_resume_t *f_async_resume, + mbedtls_ssl_async_cancel_t *f_async_cancel, + void *config_data ); + +/** + * \brief Retrieve the configuration data set by + * mbedtls_ssl_conf_async_private_cb(). + * + * \param conf SSL configuration context + * \return The configuration data set by + * mbedtls_ssl_conf_async_private_cb(). + */ +void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ); + +/** + * \brief Retrieve the asynchronous operation user context. + * + * \note This function may only be called while a handshake + * is in progress. + * + * \param ssl The SSL context to access. + * + * \return The asynchronous operation user context that was last + * set during the current handshake. If + * mbedtls_ssl_set_async_operation_data() has not yet been + * called during the current handshake, this function returns + * \c NULL. + */ +void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ); + +/** + * \brief Retrieve the asynchronous operation user context. + * + * \note This function may only be called while a handshake + * is in progress. + * + * \param ssl The SSL context to access. + * \param ctx The new value of the asynchronous operation user context. + * Call mbedtls_ssl_get_async_operation_data() later during the + * same handshake to retrieve this value. + */ +void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, + void *ctx ); +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +/** + * \brief Callback type: generate a cookie + * + * \param ctx Context for the callback + * \param p Buffer to write to, + * must be updated to point right after the cookie + * \param end Pointer to one past the end of the output buffer + * \param info Client ID info that was passed to + * \c mbedtls_ssl_set_client_transport_id() + * \param ilen Length of info in bytes + * + * \return The callback must return 0 on success, + * or a negative error code. + */ +typedef int mbedtls_ssl_cookie_write_t( void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *info, size_t ilen ); + +/** + * \brief Callback type: verify a cookie + * + * \param ctx Context for the callback + * \param cookie Cookie to verify + * \param clen Length of cookie + * \param info Client ID info that was passed to + * \c mbedtls_ssl_set_client_transport_id() + * \param ilen Length of info in bytes + * + * \return The callback must return 0 if cookie is valid, + * or a negative error code. + */ +typedef int mbedtls_ssl_cookie_check_t( void *ctx, + const unsigned char *cookie, size_t clen, + const unsigned char *info, size_t ilen ); + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Register callbacks for DTLS cookies + * (Server only. DTLS only.) + * + * Default: dummy callbacks that fail, in order to force you to + * register working callbacks (and initialize their context). + * + * To disable HelloVerifyRequest, register NULL callbacks. + * + * \warning Disabling hello verification allows your server to be used + * for amplification in DoS attacks against other hosts. + * Only disable if you known this can't happen in your + * particular environment. + * + * \note See comments on \c mbedtls_ssl_handshake() about handling + * the MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED that is expected + * on the first handshake attempt when this is enabled. + * + * \note This is also necessary to handle client reconnection from + * the same port as described in RFC 6347 section 4.2.8 (only + * the variant with cookies is supported currently). See + * comments on \c mbedtls_ssl_read() for details. + * + * \param conf SSL configuration + * \param f_cookie_write Cookie write callback + * \param f_cookie_check Cookie check callback + * \param p_cookie Context for both callbacks + */ +void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie ); + +/** + * \brief Set client's transport-level identification info. + * (Server only. DTLS only.) + * + * This is usually the IP address (and port), but could be + * anything identify the client depending on the underlying + * network stack. Used for HelloVerifyRequest with DTLS. + * This is *not* used to route the actual packets. + * + * \param ssl SSL context + * \param info Transport-level info identifying the client (eg IP + port) + * \param ilen Length of info in bytes + * + * \note An internal copy is made, so the info buffer can be reused. + * + * \return 0 on success, + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client, + * MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory. + */ +int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen ); + +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +/** + * \brief Enable or disable anti-replay protection for DTLS. + * (DTLS only, no effect on TLS.) + * Default: enabled. + * + * \param conf SSL configuration + * \param mode MBEDTLS_SSL_ANTI_REPLAY_ENABLED or MBEDTLS_SSL_ANTI_REPLAY_DISABLED. + * + * \warning Disabling this is a security risk unless the application + * protocol handles duplicated packets in a safe way. You + * should not disable this without careful consideration. + * However, if your application already detects duplicated + * packets and needs information about them to adjust its + * transmission strategy, then you'll want to disable this. + */ +void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) +/** + * \brief Set a limit on the number of records with a bad MAC + * before terminating the connection. + * (DTLS only, no effect on TLS.) + * Default: 0 (disabled). + * + * \param conf SSL configuration + * \param limit Limit, or 0 to disable. + * + * \note If the limit is N, then the connection is terminated when + * the Nth non-authentic record is seen. + * + * \note Records with an invalid header are not counted, only the + * ones going through the authentication-decryption phase. + * + * \note This is a security trade-off related to the fact that it's + * often relatively easy for an active attacker ot inject UDP + * datagrams. On one hand, setting a low limit here makes it + * easier for such an attacker to forcibly terminated a + * connection. On the other hand, a high limit or no limit + * might make us waste resources checking authentication on + * many bogus packets. + */ +void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +/** + * \brief Allow or disallow packing of multiple handshake records + * within a single datagram. + * + * \param ssl The SSL context to configure. + * \param allow_packing This determines whether datagram packing may + * be used or not. A value of \c 0 means that every + * record will be sent in a separate datagram; a + * value of \c 1 means that, if space permits, + * multiple handshake messages (including CCS) belonging to + * a single flight may be packed within a single datagram. + * + * \note This is enabled by default and should only be disabled + * for test purposes, or if datagram packing causes + * interoperability issues with peers that don't support it. + * + * \note Allowing datagram packing reduces the network load since + * there's less overhead if multiple messages share the same + * datagram. Also, it increases the handshake efficiency + * since messages belonging to a single datagram will not + * be reordered in transit, and so future message buffering + * or flight retransmission (if no buffering is used) as + * means to deal with reordering are needed less frequently. + * + * \note Application records are not affected by this option and + * are currently always sent in separate datagrams. + * + */ +void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, + unsigned allow_packing ); + +/** + * \brief Set retransmit timeout values for the DTLS handshake. + * (DTLS only, no effect on TLS.) + * + * \param conf SSL configuration + * \param min Initial timeout value in milliseconds. + * Default: 1000 (1 second). + * \param max Maximum timeout value in milliseconds. + * Default: 60000 (60 seconds). + * + * \note Default values are from RFC 6347 section 4.2.4.1. + * + * \note The 'min' value should typically be slightly above the + * expected round-trip time to your peer, plus whatever time + * it takes for the peer to process the message. For example, + * if your RTT is about 600ms and you peer needs up to 1s to + * do the cryptographic operations in the handshake, then you + * should set 'min' slightly above 1600. Lower values of 'min' + * might cause spurious resends which waste network resources, + * while larger value of 'min' will increase overall latency + * on unreliable network links. + * + * \note The more unreliable your network connection is, the larger + * your max / min ratio needs to be in order to achieve + * reliable handshakes. + * + * \note Messages are retransmitted up to log2(ceil(max/min)) times. + * For example, if min = 1s and max = 5s, the retransmit plan + * goes: send ... 1s -> resend ... 2s -> resend ... 4s -> + * resend ... 5s -> give up and return a timeout error. + */ +void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Set the session cache callbacks (server-side only) + * If not set, no session resuming is done (except if session + * tickets are enabled too). + * + * The session cache has the responsibility to check for stale + * entries based on timeout. See RFC 5246 for recommendations. + * + * Warning: session.peer_cert is cleared by the SSL/TLS layer on + * connection shutdown, so do not cache the pointer! Either set + * it to NULL or make a full copy of the certificate. + * + * The get callback is called once during the initial handshake + * to enable session resuming. The get function has the + * following parameters: (void *parameter, mbedtls_ssl_session *session) + * If a valid entry is found, it should fill the master of + * the session object with the cached values and return 0, + * return 1 otherwise. Optionally peer_cert can be set as well + * if it is properly present in cache entry. + * + * The set callback is called once during the initial handshake + * to enable session resuming after the entire handshake has + * been finished. The set function has the following parameters: + * (void *parameter, const mbedtls_ssl_session *session). The function + * should create a cache entry for future retrieval based on + * the data in the session structure and should keep in mind + * that the mbedtls_ssl_session object presented (and all its referenced + * data) is cleared by the SSL/TLS layer when the connection is + * terminated. It is recommended to add metadata to determine if + * an entry is still valid in the future. Return 0 if + * successfully cached, return 1 otherwise. + * + * \param conf SSL configuration + * \param p_cache parmater (context) for both callbacks + * \param f_get_cache session get callback + * \param f_set_cache session set callback + */ +void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Request resumption of session (client-side only) + * Session data is copied from presented session structure. + * + * \param ssl SSL context + * \param session session context + * + * \return 0 if successful, + * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or + * arguments are otherwise invalid + * + * \sa mbedtls_ssl_get_session() + */ +int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); +#endif /* MBEDTLS_SSL_CLI_C */ + +/** + * \brief Set the list of allowed ciphersuites and the preference + * order. First in the list has the highest preference. + * (Overrides all version-specific lists) + * + * The ciphersuites array is not copied, and must remain + * valid for the lifetime of the ssl_config. + * + * Note: The server uses its own preferences + * over the preference of the client unless + * MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! + * + * \param conf SSL configuration + * \param ciphersuites 0-terminated list of allowed ciphersuites + */ +void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, + const int *ciphersuites ); + +/** + * \brief Set the list of allowed ciphersuites and the + * preference order for a specific version of the protocol. + * (Only useful on the server side) + * + * The ciphersuites array is not copied, and must remain + * valid for the lifetime of the ssl_config. + * + * \param conf SSL configuration + * \param ciphersuites 0-terminated list of allowed ciphersuites + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 + * supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 + * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + */ +void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set the X.509 security profile used for verification + * + * \note The restrictions are enforced for all certificates in the + * chain. However, signatures in the handshake are not covered + * by this setting but by \b mbedtls_ssl_conf_sig_hashes(). + * + * \param conf SSL configuration + * \param profile Profile to use + */ +void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, + const mbedtls_x509_crt_profile *profile ); + +/** + * \brief Set the data required to verify peer certificate + * + * \note See \c mbedtls_x509_crt_verify() for notes regarding the + * parameters ca_chain (maps to trust_ca for that function) + * and ca_crl. + * + * \param conf SSL configuration + * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) + * \param ca_crl trusted CA CRLs + */ +void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ); + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +/** + * \brief Set the trusted certificate callback. + * + * This API allows to register the set of trusted certificates + * through a callback, instead of a linked list as configured + * by mbedtls_ssl_conf_ca_chain(). + * + * This is useful for example in contexts where a large number + * of CAs are used, and the inefficiency of maintaining them + * in a linked list cannot be tolerated. It is also useful when + * the set of trusted CAs needs to be modified frequently. + * + * See the documentation of `mbedtls_x509_crt_ca_cb_t` for + * more information. + * + * \param conf The SSL configuration to register the callback with. + * \param f_ca_cb The trusted certificate callback to use when verifying + * certificate chains. + * \param p_ca_cb The context to be passed to \p f_ca_cb (for example, + * a reference to a trusted CA database). + * + * \note This API is incompatible with mbedtls_ssl_conf_ca_chain(): + * Any call to this function overwrites the values set through + * earlier calls to mbedtls_ssl_conf_ca_chain() or + * mbedtls_ssl_conf_ca_cb(). + * + * \note This API is incompatible with CA indication in + * CertificateRequest messages: A server-side SSL context which + * is bound to an SSL configuration that uses a CA callback + * configured via mbedtls_ssl_conf_ca_cb(), and which requires + * client authentication, will send an empty CA list in the + * corresponding CertificateRequest message. + * + * \note This API is incompatible with mbedtls_ssl_set_hs_ca_chain(): + * If an SSL context is bound to an SSL configuration which uses + * CA callbacks configured via mbedtls_ssl_conf_ca_cb(), then + * calls to mbedtls_ssl_set_hs_ca_chain() have no effect. + * + * \note The use of this API disables the use of restartable ECC + * during X.509 CRT signature verification (but doesn't affect + * other uses). + * + * \warning This API is incompatible with the use of CRLs. Any call to + * mbedtls_ssl_conf_ca_cb() unsets CRLs configured through + * earlier calls to mbedtls_ssl_conf_ca_chain(). + * + * \warning In multi-threaded environments, the callback \p f_ca_cb + * must be thread-safe, and it is the user's responsibility + * to guarantee this (for example through a mutex + * contained in the callback context pointed to by \p p_ca_cb). + */ +void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb ); +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +/** + * \brief Set own certificate chain and private key + * + * \note own_cert should contain in order from the bottom up your + * certificate chain. The top certificate (self-signed) + * can be omitted. + * + * \note On server, this function can be called multiple times to + * provision more than one cert/key pair (eg one ECDSA, one + * RSA with SHA-256, one RSA with SHA-1). An adequate + * certificate will be selected according to the client's + * advertised capabilities. In case multiple certificates are + * adequate, preference is given to the one set by the first + * call to this function, then second, etc. + * + * \note On client, only the first call has any effect. That is, + * only one client certificate can be provisioned. The + * server's preferences in its CertficateRequest message will + * be ignored and our only cert will be sent regardless of + * whether it matches those preferences - the server can then + * decide what it wants to do with it. + * + * \note The provided \p pk_key needs to match the public key in the + * first certificate in \p own_cert, or all handshakes using + * that certificate will fail. It is your responsibility + * to ensure that; this function will not perform any check. + * You may use mbedtls_pk_check_pair() in order to perform + * this check yourself, but be aware that this function can + * be computationally expensive on some key types. + * + * \param conf SSL configuration + * \param own_cert own public certificate chain + * \param pk_key own private key + * + * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +/** + * \brief Configure a pre-shared key (PSK) and identity + * to be used in PSK-based ciphersuites. + * + * \note This is mainly useful for clients. Servers will usually + * want to use \c mbedtls_ssl_conf_psk_cb() instead. + * + * \warning Currently, clients can only register a single pre-shared key. + * Calling this function or mbedtls_ssl_conf_psk_opaque() more + * than once will overwrite values configured in previous calls. + * Support for setting multiple PSKs on clients and selecting + * one based on the identity hint is not a planned feature, + * but feedback is welcomed. + * + * \param conf The SSL configuration to register the PSK with. + * \param psk The pointer to the pre-shared key to use. + * \param psk_len The length of the pre-shared key in bytes. + * \param psk_identity The pointer to the pre-shared key identity. + * \param psk_identity_len The length of the pre-shared key identity + * in bytes. + * + * \note The PSK and its identity are copied internally and + * hence need not be preserved by the caller for the lifetime + * of the SSL configuration. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + */ +int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief Configure an opaque pre-shared key (PSK) and identity + * to be used in PSK-based ciphersuites. + * + * \note This is mainly useful for clients. Servers will usually + * want to use \c mbedtls_ssl_conf_psk_cb() instead. + * + * \warning Currently, clients can only register a single pre-shared key. + * Calling this function or mbedtls_ssl_conf_psk() more than + * once will overwrite values configured in previous calls. + * Support for setting multiple PSKs on clients and selecting + * one based on the identity hint is not a planned feature, + * but feedback is welcomed. + * + * \param conf The SSL configuration to register the PSK with. + * \param psk The identifier of the key slot holding the PSK. + * Until \p conf is destroyed or this function is successfully + * called again, the key slot \p psk must be populated with a + * key of type PSA_ALG_CATEGORY_KEY_DERIVATION whose policy + * allows its use for the key derivation algorithm applied + * in the handshake. + * \param psk_identity The pointer to the pre-shared key identity. + * \param psk_identity_len The length of the pre-shared key identity + * in bytes. + * + * \note The PSK identity hint is copied internally and hence need + * not be preserved by the caller for the lifetime of the + * SSL configuration. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + */ +int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, + psa_key_handle_t psk, + const unsigned char *psk_identity, + size_t psk_identity_len ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +/** + * \brief Set the pre-shared Key (PSK) for the current handshake. + * + * \note This should only be called inside the PSK callback, + * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb(). + * + * \param ssl The SSL context to configure a PSK for. + * \param psk The pointer to the pre-shared key. + * \param psk_len The length of the pre-shared key in bytes. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + */ +int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief Set an opaque pre-shared Key (PSK) for the current handshake. + * + * \note This should only be called inside the PSK callback, + * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb(). + * + * \param ssl The SSL context to configure a PSK for. + * \param psk The identifier of the key slot holding the PSK. + * For the duration of the current handshake, the key slot + * must be populated with a key of type + * PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its + * use for the key derivation algorithm + * applied in the handshake. + * + * \return \c 0 if successful. + * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + */ +int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, + psa_key_handle_t psk ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +/** + * \brief Set the PSK callback (server-side only). + * + * If set, the PSK callback is called for each + * handshake where a PSK-based ciphersuite was negotiated. + * The caller provides the identity received and wants to + * receive the actual PSK data and length. + * + * The callback has the following parameters: + * - \c void*: The opaque pointer \p p_psk. + * - \c mbedtls_ssl_context*: The SSL context to which + * the operation applies. + * - \c const unsigned char*: The PSK identity + * selected by the client. + * - \c size_t: The length of the PSK identity + * selected by the client. + * + * If a valid PSK identity is found, the callback should use + * \c mbedtls_ssl_set_hs_psk() or + * \c mbedtls_ssl_set_hs_psk_opaque() + * on the SSL context to set the correct PSK and return \c 0. + * Any other return value will result in a denied PSK identity. + * + * \note If you set a PSK callback using this function, then you + * don't need to set a PSK key and identity using + * \c mbedtls_ssl_conf_psk(). + * + * \param conf The SSL configuration to register the callback with. + * \param f_psk The callback for selecting and setting the PSK based + * in the PSK identity chosen by the client. + * \param p_psk A pointer to an opaque structure to be passed to + * the callback, for example a PSK store. + */ +void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk ); +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) + +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif + +/** + * \brief Set the Diffie-Hellman public P and G values, + * read as hexadecimal strings (server-side only) + * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]) + * + * \param conf SSL configuration + * \param dhm_P Diffie-Hellman-Merkle modulus + * \param dhm_G Diffie-Hellman-Merkle generator + * + * \deprecated Superseded by \c mbedtls_ssl_conf_dh_param_bin. + * + * \return 0 if successful + */ +MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, + const char *dhm_P, + const char *dhm_G ); + +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +/** + * \brief Set the Diffie-Hellman public P and G values + * from big-endian binary presentations. + * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN) + * + * \param conf SSL configuration + * \param dhm_P Diffie-Hellman-Merkle modulus in big-endian binary form + * \param P_len Length of DHM modulus + * \param dhm_G Diffie-Hellman-Merkle generator in big-endian binary form + * \param G_len Length of DHM generator + * + * \return 0 if successful + */ +int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, + const unsigned char *dhm_P, size_t P_len, + const unsigned char *dhm_G, size_t G_len ); + +/** + * \brief Set the Diffie-Hellman public P and G values, + * read from existing context (server-side only) + * + * \param conf SSL configuration + * \param dhm_ctx Diffie-Hellman-Merkle context + * + * \return 0 if successful + */ +int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ); +#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Set the minimum length for Diffie-Hellman parameters. + * (Client-side only.) + * (Default: 1024 bits.) + * + * \param conf SSL configuration + * \param bitlen Minimum bit length of the DHM prime + */ +void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, + unsigned int bitlen ); +#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_ECP_C) +/** + * \brief Set the allowed curves in order of preference. + * (Default: all defined curves.) + * + * On server: this only affects selection of the ECDHE curve; + * the curves used for ECDH and ECDSA are determined by the + * list of available certificates instead. + * + * On client: this affects the list of curves offered for any + * use. The server can override our preference order. + * + * Both sides: limits the set of curves accepted for use in + * ECDHE and in the peer's end-entity certificate. + * + * \note This has no influence on which curves are allowed inside the + * certificate chains, see \c mbedtls_ssl_conf_cert_profile() + * for that. For the end-entity certificate however, the key + * will be accepted only if it is allowed both by this list + * and by the cert profile. + * + * \note This list should be ordered by decreasing preference + * (preferred curve first). + * + * \param conf SSL configuration + * \param curves Ordered list of allowed curves, + * terminated by MBEDTLS_ECP_DP_NONE. + */ +void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curves ); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +/** + * \brief Set the allowed hashes for signatures during the handshake. + * (Default: all available hashes except MD5.) + * + * \note This only affects which hashes are offered and can be used + * for signatures during the handshake. Hashes for message + * authentication and the TLS PRF are controlled by the + * ciphersuite, see \c mbedtls_ssl_conf_ciphersuites(). Hashes + * used for certificate signature are controlled by the + * verification profile, see \c mbedtls_ssl_conf_cert_profile(). + * + * \note This list should be ordered by decreasing preference + * (preferred hash first). + * + * \param conf SSL configuration + * \param hashes Ordered list of allowed signature hashes, + * terminated by \c MBEDTLS_MD_NONE. + */ +void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, + const int *hashes ); +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set or reset the hostname to check against the received + * server certificate. It sets the ServerName TLS extension, + * too, if that extension is enabled. (client-side only) + * + * \param ssl SSL context + * \param hostname the server hostname, may be NULL to clear hostname + + * \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN. + * + * \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on + * allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on + * too long input hostname. + * + * Hostname set to the one provided on success (cleared + * when NULL). On allocation failure hostname is cleared. + * On too long input failure, old hostname is unchanged. + */ +int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +/** + * \brief Set own certificate and key for the current handshake + * + * \note Same as \c mbedtls_ssl_conf_own_cert() but for use within + * the SNI callback. + * + * \param ssl SSL context + * \param own_cert own public certificate chain + * \param pk_key own private key + * + * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ); + +/** + * \brief Set the data required to verify peer certificate for the + * current handshake + * + * \note Same as \c mbedtls_ssl_conf_ca_chain() but for use within + * the SNI callback. + * + * \param ssl SSL context + * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) + * \param ca_crl trusted CA CRLs + */ +void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ); + +/** + * \brief Set authmode for the current handshake. + * + * \note Same as \c mbedtls_ssl_conf_authmode() but for use within + * the SNI callback. + * + * \param ssl SSL context + * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or + * MBEDTLS_SSL_VERIFY_REQUIRED + */ +void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, + int authmode ); + +/** + * \brief Set server side ServerName TLS extension callback + * (optional, server-side only). + * + * If set, the ServerName callback is called whenever the + * server receives a ServerName TLS extension from the client + * during a handshake. The ServerName callback has the + * following parameters: (void *parameter, mbedtls_ssl_context *ssl, + * const unsigned char *hostname, size_t len). If a suitable + * certificate is found, the callback must set the + * certificate(s) and key(s) to use with \c + * mbedtls_ssl_set_hs_own_cert() (can be called repeatedly), + * and may optionally adjust the CA and associated CRL with \c + * mbedtls_ssl_set_hs_ca_chain() as well as the client + * authentication mode with \c mbedtls_ssl_set_hs_authmode(), + * then must return 0. If no matching name is found, the + * callback must either set a default cert, or + * return non-zero to abort the handshake at this point. + * + * \param conf SSL configuration + * \param f_sni verification function + * \param p_sni verification parameter + */ +void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_sni ); +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +/** + * \brief Set the EC J-PAKE password for current handshake. + * + * \note An internal copy is made, and destroyed as soon as the + * handshake is completed, or when the SSL context is reset or + * freed. + * + * \note The SSL context needs to be already set up. The right place + * to call this function is between \c mbedtls_ssl_setup() or + * \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake(). + * + * \param ssl SSL context + * \param pw EC J-PAKE password (pre-shared secret) + * \param pw_len length of pw in bytes + * + * \return 0 on success, or a negative error code. + */ +int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, + const unsigned char *pw, + size_t pw_len ); +#endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_ALPN) +/** + * \brief Set the supported Application Layer Protocols. + * + * \param conf SSL configuration + * \param protos Pointer to a NULL-terminated list of supported protocols, + * in decreasing preference order. The pointer to the list is + * recorded by the library for later reference as required, so + * the lifetime of the table must be atleast as long as the + * lifetime of the SSL configuration structure. + * + * \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA. + */ +int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ); + +/** + * \brief Get the name of the negotiated Application Layer Protocol. + * This function should be called after the handshake is + * completed. + * + * \param ssl SSL context + * + * \return Protcol name, or NULL if no protocol was negotiated. + */ +const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_ALPN */ + +/** + * \brief Set the maximum supported version sent from the client side + * and/or accepted at the server side + * (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION) + * + * \note This ignores ciphersuites from higher versions. + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and + * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * + * \param conf SSL configuration + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + */ +void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); + +/** + * \brief Set the minimum accepted SSL/TLS protocol version + * (Default: TLS 1.0) + * + * \note Input outside of the SSL_MAX_XXXXX_VERSION and + * SSL_MIN_XXXXX_VERSION range is ignored. + * + * \note MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided. + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and + * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * + * \param conf SSL configuration + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + */ +void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Set the fallback flag (client-side only). + * (Default: MBEDTLS_SSL_IS_NOT_FALLBACK). + * + * \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback + * connection, that is a connection with max_version set to a + * lower value than the value you're willing to use. Such + * fallback connections are not recommended but are sometimes + * necessary to interoperate with buggy (version-intolerant) + * servers. + * + * \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for + * non-fallback connections! This would appear to work for a + * while, then cause failures when the server is upgraded to + * support a newer TLS version. + * + * \param conf SSL configuration + * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK + */ +void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); +#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +/** + * \brief Enable or disable Encrypt-then-MAC + * (Default: MBEDTLS_SSL_ETM_ENABLED) + * + * \note This should always be enabled, it is a security + * improvement, and should not cause any interoperability + * issue (used only if the peer supports it too). + * + * \param conf SSL configuration + * \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED + */ +void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +/** + * \brief Enable or disable Extended Master Secret negotiation. + * (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED) + * + * \note This should always be enabled, it is a security fix to the + * protocol, and should not cause any interoperability issue + * (used only if the peer supports it too). + * + * \param conf SSL configuration + * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED + */ +void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_ARC4_C) +/** + * \brief Disable or enable support for RC4 + * (Default: MBEDTLS_SSL_ARC4_DISABLED) + * + * \warning Use of RC4 in DTLS/TLS has been prohibited by RFC 7465 + * for security reasons. Use at your own risk. + * + * \note This function is deprecated and will likely be removed in + * a future version of the library. + * RC4 is disabled by default at compile time and needs to be + * actively enabled for use with legacy systems. + * + * \param conf SSL configuration + * \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED + */ +void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Whether to send a list of acceptable CAs in + * CertificateRequest messages. + * (Default: do send) + * + * \param conf SSL configuration + * \param cert_req_ca_list MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or + * MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED + */ +void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, + char cert_req_ca_list ); +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +/** + * \brief Set the maximum fragment length to emit and/or negotiate + * (Default: the smaller of MBEDTLS_SSL_IN_CONTENT_LEN and + * MBEDTLS_SSL_OUT_CONTENT_LEN, usually 2^14 bytes) + * (Server: set maximum fragment length to emit, + * usually negotiated by the client during handshake + * (Client: set maximum fragment length to emit *and* + * negotiate with the server during handshake) + * + * \note With TLS, this currently only affects ApplicationData (sent + * with \c mbedtls_ssl_read()), not handshake messages. + * With DTLS, this affects both ApplicationData and handshake. + * + * \note This sets the maximum length for a record's payload, + * excluding record overhead that will be added to it, see + * \c mbedtls_ssl_get_record_expansion(). + * + * \note For DTLS, it is also possible to set a limit for the total + * size of daragrams passed to the transport layer, including + * record overhead, see \c mbedtls_ssl_set_mtu(). + * + * \param conf SSL configuration + * \param mfl_code Code for maximum fragment length (allowed values: + * MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024, + * MBEDTLS_SSL_MAX_FRAG_LEN_2048, MBEDTLS_SSL_MAX_FRAG_LEN_4096) + * + * \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA + */ +int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +/** + * \brief Activate negotiation of truncated HMAC + * (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED) + * + * \param conf SSL configuration + * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or + * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) + */ +void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +/** + * \brief Enable / Disable 1/n-1 record splitting + * (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED) + * + * \note Only affects SSLv3 and TLS 1.0, not higher versions. + * Does not affect non-CBC ciphersuites in any version. + * + * \param conf SSL configuration + * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or + * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED + */ +void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Enable / Disable session tickets (client only). + * (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.) + * + * \note On server, use \c mbedtls_ssl_conf_session_tickets_cb(). + * + * \param conf SSL configuration + * \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or + * MBEDTLS_SSL_SESSION_TICKETS_DISABLED) + */ +void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ); +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +/** + * \brief Enable / Disable renegotiation support for connection when + * initiated by peer + * (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) + * + * \warning It is recommended to always disable renegotation unless you + * know you need it and you know what you're doing. In the + * past, there have been several issues associated with + * renegotiation or a poor understanding of its properties. + * + * \note Server-side, enabling renegotiation also makes the server + * susceptible to a resource DoS by a malicious client. + * + * \param conf SSL configuration + * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or + * MBEDTLS_SSL_RENEGOTIATION_DISABLED) + */ +void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/** + * \brief Prevent or allow legacy renegotiation. + * (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) + * + * MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION allows connections to + * be established even if the peer does not support + * secure renegotiation, but does not allow renegotiation + * to take place if not secure. + * (Interoperable and secure option) + * + * MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations + * with non-upgraded peers. Allowing legacy renegotiation + * makes the connection vulnerable to specific man in the + * middle attacks. (See RFC 5746) + * (Most interoperable and least secure option) + * + * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE breaks off connections + * if peer does not support secure renegotiation. Results + * in interoperability issues with non-upgraded peers + * that do not support renegotiation altogether. + * (Most secure option, interoperability issues) + * + * \param conf SSL configuration + * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, + * SSL_ALLOW_LEGACY_RENEGOTIATION or + * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) + */ +void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +/** + * \brief Enforce renegotiation requests. + * (Default: enforced, max_records = 16) + * + * When we request a renegotiation, the peer can comply or + * ignore the request. This function allows us to decide + * whether to enforce our renegotiation requests by closing + * the connection if the peer doesn't comply. + * + * However, records could already be in transit from the peer + * when the request is emitted. In order to increase + * reliability, we can accept a number of records before the + * expected handshake records. + * + * The optimal value is highly dependent on the specific usage + * scenario. + * + * \note With DTLS and server-initiated renegotiation, the + * HelloRequest is retransmited every time mbedtls_ssl_read() times + * out or receives Application Data, until: + * - max_records records have beens seen, if it is >= 0, or + * - the number of retransmits that would happen during an + * actual handshake has been reached. + * Please remember the request might be lost a few times + * if you consider setting max_records to a really low value. + * + * \warning On client, the grace period can only happen during + * mbedtls_ssl_read(), as opposed to mbedtls_ssl_write() and mbedtls_ssl_renegotiate() + * which always behave as if max_record was 0. The reason is, + * if we receive application data from the server, we need a + * place to write it, which only happens during mbedtls_ssl_read(). + * + * \param conf SSL configuration + * \param max_records Use MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to + * enforce renegotiation, or a non-negative value to enforce + * it but allow for a grace period of max_records records. + */ +void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ); + +/** + * \brief Set record counter threshold for periodic renegotiation. + * (Default: 2^48 - 1) + * + * Renegotiation is automatically triggered when a record + * counter (outgoing or ingoing) crosses the defined + * threshold. The default value is meant to prevent the + * connection from being closed when the counter is about to + * reached its maximal value (it is not allowed to wrap). + * + * Lower values can be used to enforce policies such as "keys + * must be refreshed every N packets with cipher X". + * + * The renegotiation period can be disabled by setting + * conf->disable_renegotiation to + * MBEDTLS_SSL_RENEGOTIATION_DISABLED. + * + * \note When the configured transport is + * MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation + * period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM, + * the maximum renegotiation period is 2^64 - 1. + * + * \param conf SSL configuration + * \param period The threshold value: a big-endian 64-bit number. + */ +void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, + const unsigned char period[8] ); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/** + * \brief Check if there is data already read from the + * underlying transport but not yet processed. + * + * \param ssl SSL context + * + * \return 0 if nothing's pending, 1 otherwise. + * + * \note This is different in purpose and behaviour from + * \c mbedtls_ssl_get_bytes_avail in that it considers + * any kind of unprocessed data, not only unread + * application data. If \c mbedtls_ssl_get_bytes + * returns a non-zero value, this function will + * also signal pending data, but the converse does + * not hold. For example, in DTLS there might be + * further records waiting to be processed from + * the current underlying transport's datagram. + * + * \note If this function returns 1 (data pending), this + * does not imply that a subsequent call to + * \c mbedtls_ssl_read will provide any data; + * e.g., the unprocessed data might turn out + * to be an alert or a handshake message. + * + * \note This function is useful in the following situation: + * If the SSL/TLS module successfully returns from an + * operation - e.g. a handshake or an application record + * read - and you're awaiting incoming data next, you + * must not immediately idle on the underlying transport + * to have data ready, but you need to check the value + * of this function first. The reason is that the desired + * data might already be read but not yet processed. + * If, in contrast, a previous call to the SSL/TLS module + * returned MBEDTLS_ERR_SSL_WANT_READ, it is not necessary + * to call this function, as the latter error code entails + * that all internal data has been processed. + * + */ +int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the number of application data bytes + * remaining to be read from the current record. + * + * \param ssl SSL context + * + * \return How many bytes are available in the application + * data record read buffer. + * + * \note When working over a datagram transport, this is + * useful to detect the current datagram's boundary + * in case \c mbedtls_ssl_read has written the maximal + * amount of data fitting into the input buffer. + * + */ +size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the result of the certificate verification + * + * \param ssl The SSL context to use. + * + * \return \c 0 if the certificate verification was successful. + * \return \c -1u if the result is not available. This may happen + * e.g. if the handshake aborts early, or a verification + * callback returned a fatal error. + * \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX + * and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h. + */ +uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the name of the current ciphersuite + * + * \param ssl SSL context + * + * \return a string containing the ciphersuite name + */ +const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the current SSL version (SSLv3/TLSv1/etc) + * + * \param ssl SSL context + * + * \return a string containing the SSL version + */ +const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the (maximum) number of bytes added by the record + * layer: header + encryption/MAC overhead (inc. padding) + * + * \note This function is not available (always returns an error) + * when record compression is enabled. + * + * \param ssl SSL context + * + * \return Current maximum record expansion in bytes, or + * MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is + * enabled, which makes expansion much less predictable + */ +int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +/** + * \brief Return the maximum fragment length (payload, in bytes). + * This is the value negotiated with peer if any, + * or the locally configured value. + * + * \sa mbedtls_ssl_conf_max_frag_len() + * \sa mbedtls_ssl_get_max_record_payload() + * + * \param ssl SSL context + * + * \return Current maximum fragment length. + */ +size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +/** + * \brief Return the current maximum outgoing record payload in bytes. + * This takes into account the config.h setting \c + * MBEDTLS_SSL_OUT_CONTENT_LEN, the configured and negotiated + * max fragment length extension if used, and for DTLS the + * path MTU as configured and current record expansion. + * + * \note With DTLS, \c mbedtls_ssl_write() will return an error if + * called with a larger length value. + * With TLS, \c mbedtls_ssl_write() will fragment the input if + * necessary and return the number of bytes written; it is up + * to the caller to call \c mbedtls_ssl_write() again in + * order to send the remaining bytes if any. + * + * \note This function is not available (always returns an error) + * when record compression is enabled. + * + * \sa mbedtls_ssl_set_mtu() + * \sa mbedtls_ssl_get_max_frag_len() + * \sa mbedtls_ssl_get_record_expansion() + * + * \param ssl SSL context + * + * \return Current maximum payload for an outgoing record, + * or a negative error code. + */ +int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Return the peer certificate from the current connection. + * + * \param ssl The SSL context to use. This must be initialized and setup. + * + * \return The current peer certificate, if available. + * The returned certificate is owned by the SSL context and + * is valid only until the next call to the SSL API. + * \return \c NULL if no peer certificate is available. This might + * be because the chosen ciphersuite doesn't use CRTs + * (PSK-based ciphersuites, for example), or because + * #MBEDTLS_SSL_KEEP_PEER_CERTIFICATE has been disabled, + * allowing the stack to free the peer's CRT to save memory. + * + * \note For one-time inspection of the peer's certificate during + * the handshake, consider registering an X.509 CRT verification + * callback through mbedtls_ssl_conf_verify() instead of calling + * this function. Using mbedtls_ssl_conf_verify() also comes at + * the benefit of allowing you to influence the verification + * process, for example by masking expected and tolerated + * verification failures. + * + * \warning You must not use the pointer returned by this function + * after any further call to the SSL API, including + * mbedtls_ssl_read() and mbedtls_ssl_write(); this is + * because the pointer might change during renegotiation, + * which happens transparently to the user. + * If you want to use the certificate across API calls, + * you must make a copy. + */ +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Save session in order to resume it later (client-side only) + * Session data is copied to presented session structure. + * + * + * \param ssl SSL context + * \param session session context + * + * \return 0 if successful, + * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or + * arguments are otherwise invalid. + * + * \note Only the server certificate is copied, and not the full chain, + * so you should not attempt to validate the certificate again + * by calling \c mbedtls_x509_crt_verify() on it. + * Instead, you should use the results from the verification + * in the original handshake by calling \c mbedtls_ssl_get_verify_result() + * after loading the session again into a new SSL context + * using \c mbedtls_ssl_set_session(). + * + * \note Once the session object is not needed anymore, you should + * free it by calling \c mbedtls_ssl_session_free(). + * + * \sa mbedtls_ssl_set_session() + */ +int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); +#endif /* MBEDTLS_SSL_CLI_C */ + +/** + * \brief Perform the SSL handshake + * + * \param ssl SSL context + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE + * if the handshake is incomplete and waiting for data to + * be available for reading from or writing to the underlying + * transport - in this case you must call this function again + * when the underlying transport is ready for the operation. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous + * operation is in progress (see + * mbedtls_ssl_conf_async_private_cb()) - in this case you + * must call this function again when the operation is ready. + * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic + * operation is in progress (see mbedtls_ecp_set_max_ops()) - + * in this case you must call this function again to complete + * the handshake when you're done attending other tasks. + * \return #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED if DTLS is in use + * and the client did not demonstrate reachability yet - in + * this case you must stop using the context (see below). + * \return Another SSL error code - in this case you must stop using + * the context (see below). + * + * \warning If this function returns something other than + * \c 0, + * #MBEDTLS_ERR_SSL_WANT_READ, + * #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * you must stop using the SSL context for reading or writing, + * and either free it or call \c mbedtls_ssl_session_reset() + * on it before re-using it for a new connection; the current + * connection must be closed. + * + * \note If DTLS is in use, then you may choose to handle + * #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging + * purposes, as it is an expected return value rather than an + * actual error, but you still need to reset/free the context. + * + * \note Remarks regarding event-driven DTLS: + * If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram + * from the underlying transport layer is currently being processed, + * and it is safe to idle until the timer or the underlying transport + * signal a new event. This is not true for a successful handshake, + * in which case the datagram of the underlying transport that is + * currently being processed might or might not contain further + * DTLS records. + */ +int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); + +/** + * \brief Perform a single step of the SSL handshake + * + * \note The state of the context (ssl->state) will be at + * the next state after this function returns \c 0. Do not + * call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER. + * + * \param ssl SSL context + * + * \return See mbedtls_ssl_handshake(). + * + * \warning If this function returns something other than \c 0, + * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using + * the SSL context for reading or writing, and either free it + * or call \c mbedtls_ssl_session_reset() on it before + * re-using it for a new connection; the current connection + * must be closed. + */ +int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +/** + * \brief Initiate an SSL renegotiation on the running connection. + * Client: perform the renegotiation right now. + * Server: request renegotiation, which will be performed + * during the next call to mbedtls_ssl_read() if honored by + * client. + * + * \param ssl SSL context + * + * \return 0 if successful, or any mbedtls_ssl_handshake() return + * value except #MBEDTLS_ERR_SSL_CLIENT_RECONNECT that can't + * happen during a renegotiation. + * + * \warning If this function returns something other than \c 0, + * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using + * the SSL context for reading or writing, and either free it + * or call \c mbedtls_ssl_session_reset() on it before + * re-using it for a new connection; the current connection + * must be closed. + * + */ +int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/** + * \brief Read at most 'len' application data bytes + * + * \param ssl SSL context + * \param buf buffer that will hold the data + * \param len maximum number of bytes to read + * + * \return The (positive) number of bytes read if successful. + * \return \c 0 if the read end of the underlying transport was closed + * - in this case you must stop using the context (see below). + * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE + * if the handshake is incomplete and waiting for data to + * be available for reading from or writing to the underlying + * transport - in this case you must call this function again + * when the underlying transport is ready for the operation. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous + * operation is in progress (see + * mbedtls_ssl_conf_async_private_cb()) - in this case you + * must call this function again when the operation is ready. + * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic + * operation is in progress (see mbedtls_ecp_set_max_ops()) - + * in this case you must call this function again to complete + * the handshake when you're done attending other tasks. + * \return #MBEDTLS_ERR_SSL_CLIENT_RECONNECT if we're at the server + * side of a DTLS connection and the client is initiating a + * new connection using the same source port. See below. + * \return Another SSL error code - in this case you must stop using + * the context (see below). + * + * \warning If this function returns something other than + * a positive value, + * #MBEDTLS_ERR_SSL_WANT_READ, + * #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CLIENT_RECONNECT, + * you must stop using the SSL context for reading or writing, + * and either free it or call \c mbedtls_ssl_session_reset() + * on it before re-using it for a new connection; the current + * connection must be closed. + * + * \note When this function returns #MBEDTLS_ERR_SSL_CLIENT_RECONNECT + * (which can only happen server-side), it means that a client + * is initiating a new connection using the same source port. + * You can either treat that as a connection close and wait + * for the client to resend a ClientHello, or directly + * continue with \c mbedtls_ssl_handshake() with the same + * context (as it has been reset internally). Either way, you + * must make sure this is seen by the application as a new + * connection: application state, if any, should be reset, and + * most importantly the identity of the client must be checked + * again. WARNING: not validating the identity of the client + * again, or not transmitting the new identity to the + * application layer, would allow authentication bypass! + * + * \note Remarks regarding event-driven DTLS: + * - If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram + * from the underlying transport layer is currently being processed, + * and it is safe to idle until the timer or the underlying transport + * signal a new event. + * - This function may return MBEDTLS_ERR_SSL_WANT_READ even if data was + * initially available on the underlying transport, as this data may have + * been only e.g. duplicated messages or a renegotiation request. + * Therefore, you must be prepared to receive MBEDTLS_ERR_SSL_WANT_READ even + * when reacting to an incoming-data event from the underlying transport. + * - On success, the datagram of the underlying transport that is currently + * being processed may contain further DTLS records. You should call + * \c mbedtls_ssl_check_pending to check for remaining records. + * + */ +int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ); + +/** + * \brief Try to write exactly 'len' application data bytes + * + * \warning This function will do partial writes in some cases. If the + * return value is non-negative but less than length, the + * function must be called again with updated arguments: + * buf + ret, len - ret (if ret is the return value) until + * it returns a value equal to the last 'len' argument. + * + * \param ssl SSL context + * \param buf buffer holding the data + * \param len how many bytes must be written + * + * \return The (non-negative) number of bytes actually written if + * successful (may be less than \p len). + * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE + * if the handshake is incomplete and waiting for data to + * be available for reading from or writing to the underlying + * transport - in this case you must call this function again + * when the underlying transport is ready for the operation. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous + * operation is in progress (see + * mbedtls_ssl_conf_async_private_cb()) - in this case you + * must call this function again when the operation is ready. + * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic + * operation is in progress (see mbedtls_ecp_set_max_ops()) - + * in this case you must call this function again to complete + * the handshake when you're done attending other tasks. + * \return Another SSL error code - in this case you must stop using + * the context (see below). + * + * \warning If this function returns something other than + * a non-negative value, + * #MBEDTLS_ERR_SSL_WANT_READ, + * #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * you must stop using the SSL context for reading or writing, + * and either free it or call \c mbedtls_ssl_session_reset() + * on it before re-using it for a new connection; the current + * connection must be closed. + * + * \note When this function returns #MBEDTLS_ERR_SSL_WANT_WRITE/READ, + * it must be called later with the *same* arguments, + * until it returns a value greater that or equal to 0. When + * the function returns #MBEDTLS_ERR_SSL_WANT_WRITE there may be + * some partial data in the output buffer, however this is not + * yet sent. + * + * \note If the requested length is greater than the maximum + * fragment length (either the built-in limit or the one set + * or negotiated with the peer), then: + * - with TLS, less bytes than requested are written. + * - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. + * \c mbedtls_ssl_get_max_frag_len() may be used to query the + * active maximum fragment length. + * + * \note Attempting to write 0 bytes will result in an empty TLS + * application record being sent. + */ +int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); + +/** + * \brief Send an alert message + * + * \param ssl SSL context + * \param level The alert level of the message + * (MBEDTLS_SSL_ALERT_LEVEL_WARNING or MBEDTLS_SSL_ALERT_LEVEL_FATAL) + * \param message The alert message (SSL_ALERT_MSG_*) + * + * \return 0 if successful, or a specific SSL error code. + * + * \note If this function returns something other than 0 or + * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using + * the SSL context for reading or writing, and either free it or + * call \c mbedtls_ssl_session_reset() on it before re-using it + * for a new connection; the current connection must be closed. + */ +int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message ); +/** + * \brief Notify the peer that the connection is being closed + * + * \param ssl SSL context + * + * \return 0 if successful, or a specific SSL error code. + * + * \note If this function returns something other than 0 or + * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using + * the SSL context for reading or writing, and either free it or + * call \c mbedtls_ssl_session_reset() on it before re-using it + * for a new connection; the current connection must be closed. + */ +int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ); + +/** + * \brief Free referenced items in an SSL context and clear memory + * + * \param ssl SSL context + */ +void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); + +/** + * \brief Initialize an SSL configuration context + * Just makes the context ready for + * mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free(). + * + * \note You need to call mbedtls_ssl_config_defaults() unless you + * manually set all of the relevant fields yourself. + * + * \param conf SSL configuration context + */ +void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); + +/** + * \brief Load reasonnable default SSL configuration values. + * (You need to call mbedtls_ssl_config_init() first.) + * + * \param conf SSL configuration context + * \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER + * \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or + * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS + * \param preset a MBEDTLS_SSL_PRESET_XXX value + * + * \note See \c mbedtls_ssl_conf_transport() for notes on DTLS. + * + * \return 0 if successful, or + * MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error. + */ +int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, + int endpoint, int transport, int preset ); + +/** + * \brief Free an SSL configuration context + * + * \param conf SSL configuration context + */ +void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ); + +/** + * \brief Initialize SSL session structure + * + * \param session SSL session + */ +void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); + +/** + * \brief Free referenced items in an SSL session including the + * peer certificate and clear memory + * + * \note A session object can be freed even if the SSL context + * that was used to retrieve the session is still in use. + * + * \param session SSL session + */ +void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl.h */ diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h new file mode 100644 index 000000000..84254d3d1 --- /dev/null +++ b/include/mbedtls/ssl_cache.h @@ -0,0 +1,151 @@ +/** + * \file ssl_cache.h + * + * \brief SSL session cache implementation + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SSL_CACHE_H +#define MBEDTLS_SSL_CACHE_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" + +#if defined(MBEDTLS_THREADING_C) +#include "threading.h" +#endif + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) +#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ +#endif + +#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) +#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ +#endif + +/* \} name SECTION: Module settings */ + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context; +typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; + +/** + * \brief This structure is used for storing cache entries + */ +struct mbedtls_ssl_cache_entry +{ +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t timestamp; /*!< entry timestamp */ +#endif + mbedtls_ssl_session session; /*!< entry session */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_x509_buf peer_cert; /*!< entry peer_cert */ +#endif + mbedtls_ssl_cache_entry *next; /*!< chain pointer */ +}; + +/** + * \brief Cache context + */ +struct mbedtls_ssl_cache_context +{ + mbedtls_ssl_cache_entry *chain; /*!< start of the chain */ + int timeout; /*!< cache entry timeout */ + int max_entries; /*!< maximum entries */ +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; /*!< mutex */ +#endif +}; + +/** + * \brief Initialize an SSL cache context + * + * \param cache SSL cache context + */ +void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); + +/** + * \brief Cache get callback implementation + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param data SSL cache context + * \param session session to retrieve entry for + */ +int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); + +/** + * \brief Cache set callback implementation + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param data SSL cache context + * \param session session to store entry for + */ +int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); + +#if defined(MBEDTLS_HAVE_TIME) +/** + * \brief Set the cache timeout + * (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day)) + * + * A timeout of 0 indicates no timeout. + * + * \param cache SSL cache context + * \param timeout cache entry timeout in seconds + */ +void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); +#endif /* MBEDTLS_HAVE_TIME */ + +/** + * \brief Set the maximum number of cache entries + * (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50)) + * + * \param cache SSL cache context + * \param max cache entry maximum + */ +void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); + +/** + * \brief Free referenced items in a cache context and clear memory + * + * \param cache SSL cache context + */ +void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_cache.h */ diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h new file mode 100644 index 000000000..712678330 --- /dev/null +++ b/include/mbedtls/ssl_ciphersuites.h @@ -0,0 +1,558 @@ +/** + * \file ssl_ciphersuites.h + * + * \brief SSL Ciphersuites for mbed TLS + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SSL_CIPHERSUITES_H +#define MBEDTLS_SSL_CIPHERSUITES_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "pk.h" +#include "cipher.h" +#include "md.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Supported ciphersuites (Official IANA names) + */ +#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ +#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ + +#define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04 +#define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05 +#define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A + +#define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 + +#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ +#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ +#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ +#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F + +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 +#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35 +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 + +#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ +#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 + +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 + +#define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A +#define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B +#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C +#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D + +#define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E +#define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 + +#define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92 +#define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 + +#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE +#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF +#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ +#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ + +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 +#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ +#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ + +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 +#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ +#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */ + +#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 +#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */ + +#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ +/* The last two are named with PSK_DHE in the RFC, which looks like a typo */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF /**< experimental */ + +/* RFC 7905 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */ + +/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange. + * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below + */ +typedef enum { + MBEDTLS_KEY_EXCHANGE_NONE = 0, + MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_KEY_EXCHANGE_ECJPAKE, +} mbedtls_key_exchange_type_t; + +/* Key exchanges using a certificate */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED +#endif + +/* Key exchanges allowing client certificate requests */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED +#endif + +/* Key exchanges involving server signature in ServerKeyExchange */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED +#endif + +/* Key exchanges using ECDH */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED +#endif + +/* Key exchanges that don't involve ephemeral keys */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED +#endif + +/* Key exchanges that involve ephemeral keys */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED +#endif + +/* Key exchanges using a PSK */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED +#endif + +/* Key exchanges using DHE */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED +#endif + +/* Key exchanges using ECDHE */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED +#endif + +typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; + +#define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ +#define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, + eg for CCM_8 */ +#define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */ + +/** + * \brief This structure is used for storing ciphersuite information + */ +struct mbedtls_ssl_ciphersuite_t +{ + int id; + const char * name; + + mbedtls_cipher_type_t cipher; + mbedtls_md_type_t mac; + mbedtls_key_exchange_type_t key_exchange; + + int min_major_ver; + int min_minor_ver; + int max_major_ver; + int max_minor_ver; + + unsigned char flags; +}; + +const int *mbedtls_ssl_list_ciphersuites( void ); + +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); + +#if defined(MBEDTLS_PK_C) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); +#endif + +int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); +int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED) +static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) +static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */ + +static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} + +static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_ciphersuites.h */ diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h new file mode 100644 index 000000000..e34760ae8 --- /dev/null +++ b/include/mbedtls/ssl_cookie.h @@ -0,0 +1,115 @@ +/** + * \file ssl_cookie.h + * + * \brief DTLS cookie callbacks implementation + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SSL_COOKIE_H +#define MBEDTLS_SSL_COOKIE_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" + +#if defined(MBEDTLS_THREADING_C) +#include "threading.h" +#endif + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ +#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT +#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ +#endif + +/* \} name SECTION: Module settings */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Context for the default cookie functions. + */ +typedef struct mbedtls_ssl_cookie_ctx +{ + mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ +#if !defined(MBEDTLS_HAVE_TIME) + unsigned long serial; /*!< serial number for expiration */ +#endif + unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME, + or in number of tickets issued */ + +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; +#endif +} mbedtls_ssl_cookie_ctx; + +/** + * \brief Initialize cookie context + */ +void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); + +/** + * \brief Setup cookie context (generate keys) + */ +int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Set expiration delay for cookies + * (Default MBEDTLS_SSL_COOKIE_TIMEOUT) + * + * \param ctx Cookie contex + * \param delay Delay, in seconds if HAVE_TIME, or in number of cookies + * issued in the meantime. + * 0 to disable expiration (NOT recommended) + */ +void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); + +/** + * \brief Free cookie context + */ +void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); + +/** + * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t + */ +mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write; + +/** + * \brief Verify cookie, see \c mbedtls_ssl_cookie_write_t + */ +mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check; + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_cookie.h */ diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h new file mode 100644 index 000000000..5dde239df --- /dev/null +++ b/include/mbedtls/ssl_internal.h @@ -0,0 +1,819 @@ +/** + * \file ssl_internal.h + * + * \brief Internal functions shared by the SSL modules + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SSL_INTERNAL_H +#define MBEDTLS_SSL_INTERNAL_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" +#include "cipher.h" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + +#if defined(MBEDTLS_MD5_C) +#include "md5.h" +#endif + +#if defined(MBEDTLS_SHA1_C) +#include "sha1.h" +#endif + +#if defined(MBEDTLS_SHA256_C) +#include "sha256.h" +#endif + +#if defined(MBEDTLS_SHA512_C) +#include "sha512.h" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#include "ecjpake.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "psa_util.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + +/* Determine minimum supported version */ +#define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 +#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 + +/* Determine maximum supported version */ +#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 +#else +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +/* Shorthand for restartable ECC */ +#if defined(MBEDTLS_ECP_RESTARTABLE) && \ + defined(MBEDTLS_SSL_CLI_C) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_SSL__ECP_RESTARTABLE +#endif + +#define MBEDTLS_SSL_INITIAL_HANDSHAKE 0 +#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */ +#define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ +#define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ + +/* + * DTLS retransmission states, see RFC 6347 4.2.4 + * + * The SENDING state is merged in PREPARING for initial sends, + * but is distinct for resends. + * + * Note: initial state is wrong for server, but is not used anyway. + */ +#define MBEDTLS_SSL_RETRANS_PREPARING 0 +#define MBEDTLS_SSL_RETRANS_SENDING 1 +#define MBEDTLS_SSL_RETRANS_WAITING 2 +#define MBEDTLS_SSL_RETRANS_FINISHED 3 + +/* + * Allow extra bytes for record, authentication and encryption overhead: + * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256) + * and allow for a maximum of 1024 of compression expansion if + * enabled. + */ +#if defined(MBEDTLS_ZLIB_SUPPORT) +#define MBEDTLS_SSL_COMPRESSION_ADD 1024 +#else +#define MBEDTLS_SSL_COMPRESSION_ADD 0 +#endif + +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_MODE_CBC) +/* Ciphersuites using HMAC */ +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ +#elif defined(MBEDTLS_SHA256_C) +#define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ +#else +#define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ +#endif +#else +/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ +#define MBEDTLS_SSL_MAC_ADD 16 +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#define MBEDTLS_SSL_PADDING_ADD 256 +#else +#define MBEDTLS_SSL_PADDING_ADD 0 +#endif + +#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \ + MBEDTLS_MAX_IV_LENGTH + \ + MBEDTLS_SSL_MAC_ADD + \ + MBEDTLS_SSL_PADDING_ADD \ + ) + +#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ + ( MBEDTLS_SSL_IN_CONTENT_LEN ) ) + +#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ + ( MBEDTLS_SSL_OUT_CONTENT_LEN ) ) + +/* The maximum number of buffered handshake messages. */ +#define MBEDTLS_SSL_MAX_BUFFERED_HS 4 + +/* Maximum length we can advertise as our max content length for + RFC 6066 max_fragment_length extension negotiation purposes + (the lesser of both sizes, if they are unequal.) + */ +#define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ( \ + (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN) \ + ? ( MBEDTLS_SSL_OUT_CONTENT_LEN ) \ + : ( MBEDTLS_SSL_IN_CONTENT_LEN ) \ + ) + +/* + * Check that we obey the standard's message size bounds + */ + +#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384 +#error "Bad configuration - record content too large." +#endif + +#if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN +#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#endif + +#if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN +#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#endif + +#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 +#error "Bad configuration - incoming protected record payload too large." +#endif + +#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 +#error "Bad configuration - outgoing protected record payload too large." +#endif + +/* Calculate buffer sizes */ + +/* Note: Even though the TLS record header is only 5 bytes + long, we're internally using 8 bytes to store the + implicit sequence number. */ +#define MBEDTLS_SSL_HEADER_LEN 13 + +#define MBEDTLS_SSL_IN_BUFFER_LEN \ + ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) ) + +#define MBEDTLS_SSL_OUT_BUFFER_LEN \ + ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) ) + +#ifdef MBEDTLS_ZLIB_SUPPORT +/* Compression buffer holds both IN and OUT buffers, so should be size of the larger */ +#define MBEDTLS_SSL_COMPRESS_BUFFER_LEN ( \ + ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN ) \ + ? MBEDTLS_SSL_IN_BUFFER_LEN \ + : MBEDTLS_SSL_OUT_BUFFER_LEN \ + ) +#endif + +/* + * TLS extension flags (for extensions with outgoing ServerHello content + * that need it (e.g. for RENEGOTIATION_INFO the server already knows because + * of state of the renegotiation flag, so no indicator is required) + */ +#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0) +#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK (1 << 1) + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +/* + * Abstraction for a grid of allowed signature-hash-algorithm pairs. + */ +struct mbedtls_ssl_sig_hash_set_t +{ + /* At the moment, we only need to remember a single suitable + * hash algorithm per signature algorithm. As long as that's + * the case - and we don't need a general lookup function - + * we can implement the sig-hash-set as a map from signatures + * to hash algorithms. */ + mbedtls_md_type_t rsa; + mbedtls_md_type_t ecdsa; +}; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +/* + * This structure contains the parameters only needed during handshake. + */ +struct mbedtls_ssl_handshake_params +{ + /* + * Handshake specific crypto variables + */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + mbedtls_ssl_sig_hash_set_t hash_algs; /*!< Set of suitable sig-hash pairs */ +#endif +#if defined(MBEDTLS_DHM_C) + mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ +#endif +#if defined(MBEDTLS_ECDH_C) + mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_ecc_curve_t ecdh_psa_curve; + psa_key_handle_t ecdh_psa_privkey; + unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t ecdh_psa_peerkey_len; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_ECDH_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */ +#if defined(MBEDTLS_SSL_CLI_C) + unsigned char *ecjpake_cache; /*!< Cache for ClientHello ext */ + size_t ecjpake_cache_len; /*!< Length of cached data */ +#endif +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_handle_t psk_opaque; /*!< Opaque PSK from the callback */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + unsigned char *psk; /*!< PSK from the callback */ + size_t psk_len; /*!< Length of PSK from callback */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + int sni_authmode; /*!< authmode from SNI callback */ + mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ + mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */ + mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + int ecrs_enabled; /*!< Handshake supports EC restart? */ + mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ + enum { /* this complements ssl->state with info on intra-state operations */ + ssl_ecrs_none = 0, /*!< nothing going on (yet) */ + ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ + ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */ + ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */ + ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */ + } ecrs_state; /*!< current (or last) operation */ + mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */ + size_t ecrs_n; /*!< place for saving a length */ +#endif +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_pk_context peer_pubkey; /*!< The public key from the peer. */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ + unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ + + unsigned char *verify_cookie; /*!< Cli: HelloVerifyRequest cookie + Srv: unused */ + unsigned char verify_cookie_len; /*!< Cli: cookie length + Srv: flag for sending a cookie */ + + uint32_t retransmit_timeout; /*!< Current value of timeout */ + unsigned char retransmit_state; /*!< Retransmission state */ + mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ + mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ + unsigned char *cur_msg_p; /*!< Position in current message */ + unsigned int in_flight_start_seq; /*!< Minimum message sequence in the + flight being received */ + mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for + resending messages */ + unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter + for resending messages */ + + struct + { + size_t total_bytes_buffered; /*!< Cumulative size of heap allocated + * buffers used for message buffering. */ + + uint8_t seen_ccs; /*!< Indicates if a CCS message has + * been seen in the current flight. */ + + struct mbedtls_ssl_hs_buffer + { + unsigned is_valid : 1; + unsigned is_fragmented : 1; + unsigned is_complete : 1; + unsigned char *data; + size_t data_len; + } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; + + struct + { + unsigned char *data; + size_t len; + unsigned epoch; + } future_record; + + } buffering; + + uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + /* + * Checksum contexts + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_context fin_md5; + mbedtls_sha1_context fin_sha1; +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_operation_t fin_sha256_psa; +#else + mbedtls_sha256_context fin_sha256; +#endif +#endif +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_operation_t fin_sha384_psa; +#else + mbedtls_sha512_context fin_sha512; +#endif +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); + void (*calc_verify)(mbedtls_ssl_context *, unsigned char *); + void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); + int (*tls_prf)(const unsigned char *, size_t, const char *, + const unsigned char *, size_t, + unsigned char *, size_t); + + size_t pmslen; /*!< premaster length */ + + unsigned char randbytes[64]; /*!< random bytes */ + unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; + /*!< premaster secret */ + + int resume; /*!< session resume indicator*/ + int max_major_ver; /*!< max. major version client*/ + int max_minor_ver; /*!< max. minor version client*/ + int cli_exts; /*!< client extension presence*/ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + int new_session_ticket; /*!< use NewSessionTicket? */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + int extended_ms; /*!< use Extended Master Secret? */ +#endif + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + unsigned int async_in_progress : 1; /*!< an asynchronous operation is in progress */ +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + /** Asynchronous operation context. This field is meant for use by the + * asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start, + * mbedtls_ssl_config::f_async_decrypt_start, + * mbedtls_ssl_config::f_async_resume, mbedtls_ssl_config::f_async_cancel). + * The library does not use it internally. */ + void *user_async_ctx; +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +}; + +typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; + +/* + * This structure contains a full set of runtime transform parameters + * either in negotiation or active. + */ +struct mbedtls_ssl_transform +{ + /* + * Session specific crypto layer + */ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + /*!< Chosen cipersuite_info */ + unsigned int keylen; /*!< symmetric key length (bytes) */ + size_t minlen; /*!< min. ciphertext length */ + size_t ivlen; /*!< IV length */ + size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ + size_t maclen; /*!< MAC length */ + + unsigned char iv_enc[16]; /*!< IV (encryption) */ + unsigned char iv_dec[16]; /*!< IV (decryption) */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + /* Needed only for SSL v3.0 secret */ + unsigned char mac_enc[20]; /*!< SSL v3.0 secret (enc) */ + unsigned char mac_dec[20]; /*!< SSL v3.0 secret (dec) */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + + mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ + mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ + + mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */ + mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ + + /* + * Session specific compression layer + */ +#if defined(MBEDTLS_ZLIB_SUPPORT) + z_stream ctx_deflate; /*!< compression context */ + z_stream ctx_inflate; /*!< decompression context */ +#endif +}; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/* + * List of certificate + private key pairs + */ +struct mbedtls_ssl_key_cert +{ + mbedtls_x509_crt *cert; /*!< cert */ + mbedtls_pk_context *key; /*!< private key */ + mbedtls_ssl_key_cert *next; /*!< next key/cert pair */ +}; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/* + * List of handshake messages kept around for resending + */ +struct mbedtls_ssl_flight_item +{ + unsigned char *p; /*!< message, including handshake headers */ + size_t len; /*!< length of p */ + unsigned char type; /*!< type of the message: handshake or CCS */ + mbedtls_ssl_flight_item *next; /*!< next handshake message(s) */ +}; +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + +/* Find an entry in a signature-hash set matching a given hash algorithm. */ +mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg ); +/* Add a signature-hash-pair to a signature-hash set */ +void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg ); +/* Allow exactly one hash algorithm for each signature. */ +void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_md_type_t md_alg ); + +/* Setup an empty signature-hash set */ +static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set ) +{ + mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE ); +} + +#endif /* MBEDTLS_SSL_PROTO_TLS1_2) && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +/** + * \brief Free referenced items in an SSL transform context and clear + * memory + * + * \param transform SSL transform context + */ +void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); + +/** + * \brief Free referenced items in an SSL handshake context and clear + * memory + * + * \param ssl SSL context + */ +void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); + +void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); + +/** + * \brief Update record layer + * + * This function roughly separates the implementation + * of the logic of (D)TLS from the implementation + * of the secure transport. + * + * \param ssl The SSL context to use. + * \param update_hs_digest This indicates if the handshake digest + * should be automatically updated in case + * a handshake message is found. + * + * \return 0 or non-zero error code. + * + * \note A clarification on what is called 'record layer' here + * is in order, as many sensible definitions are possible: + * + * The record layer takes as input an untrusted underlying + * transport (stream or datagram) and transforms it into + * a serially multiplexed, secure transport, which + * conceptually provides the following: + * + * (1) Three datagram based, content-agnostic transports + * for handshake, alert and CCS messages. + * (2) One stream- or datagram-based transport + * for application data. + * (3) Functionality for changing the underlying transform + * securing the contents. + * + * The interface to this functionality is given as follows: + * + * a Updating + * [Currently implemented by mbedtls_ssl_read_record] + * + * Check if and on which of the four 'ports' data is pending: + * Nothing, a controlling datagram of type (1), or application + * data (2). In any case data is present, internal buffers + * provide access to the data for the user to process it. + * Consumption of type (1) datagrams is done automatically + * on the next update, invalidating that the internal buffers + * for previous datagrams, while consumption of application + * data (2) is user-controlled. + * + * b Reading of application data + * [Currently manual adaption of ssl->in_offt pointer] + * + * As mentioned in the last paragraph, consumption of data + * is different from the automatic consumption of control + * datagrams (1) because application data is treated as a stream. + * + * c Tracking availability of application data + * [Currently manually through decreasing ssl->in_msglen] + * + * For efficiency and to retain datagram semantics for + * application data in case of DTLS, the record layer + * provides functionality for checking how much application + * data is still available in the internal buffer. + * + * d Changing the transformation securing the communication. + * + * Given an opaque implementation of the record layer in the + * above sense, it should be possible to implement the logic + * of (D)TLS on top of it without the need to know anything + * about the record layer's internals. This is done e.g. + * in all the handshake handling functions, and in the + * application data reading function mbedtls_ssl_read. + * + * \note The above tries to give a conceptual picture of the + * record layer, but the current implementation deviates + * from it in some places. For example, our implementation of + * the update functionality through mbedtls_ssl_read_record + * discards datagrams depending on the current state, which + * wouldn't fall under the record layer's responsibility + * following the above definition. + * + */ +int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, + unsigned update_hs_digest ); +int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); + +int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); +int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); + +void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); +#endif + +#if defined(MBEDTLS_PK_C) +unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ); +unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ); +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ); +#endif + +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); +unsigned char mbedtls_ssl_hash_from_md_alg( int md ); +int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ); + +#if defined(MBEDTLS_ECP_C) +int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md ); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_key_cert *key_cert; + + if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + key_cert = ssl->handshake->key_cert; + else + key_cert = ssl->conf->key_cert; + + return( key_cert == NULL ? NULL : key_cert->key ); +} + +static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_key_cert *key_cert; + + if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + key_cert = ssl->handshake->key_cert; + else + key_cert = ssl->conf->key_cert; + + return( key_cert == NULL ? NULL : key_cert->cert ); +} + +/* + * Check usage of a certificate wrt extensions: + * keyUsage, extendedKeyUsage (later), and nSCertType (later). + * + * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we + * check a cert we received from them)! + * + * Return 0 if everything is OK, -1 if not. + */ +int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +void mbedtls_ssl_write_version( int major, int minor, int transport, + unsigned char ver[2] ); +void mbedtls_ssl_read_version( int *major, int *minor, int transport, + const unsigned char ver[2] ); + +static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 13 ); +#else + ((void) ssl); +#endif + return( 5 ); +} + +static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 12 ); +#else + ((void) ssl); +#endif + return( 4 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ); +#endif + +/* Visible for testing purposes only */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); +#endif + +int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, + const mbedtls_ssl_session *src ); + +/* constant-time buffer comparison */ +static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n ) +{ + size_t i; + volatile const unsigned char *A = (volatile const unsigned char *) a; + volatile const unsigned char *B = (volatile const unsigned char *) b; + volatile unsigned char diff = 0; + + for( i = 0; i < n; i++ ) + { + /* Read volatile data in order before computing diff. + * This avoids IAR compiler warning: + * 'the order of volatile accesses is undefined ..' */ + unsigned char x = A[i], y = B[i]; + diff |= x ^ y; + } + + return( diff ); +} + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) +int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, + unsigned char *output, + unsigned char *data, size_t data_len ); +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) +/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */ +int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg ); +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_internal.h */ diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h new file mode 100644 index 000000000..774a007a9 --- /dev/null +++ b/include/mbedtls/ssl_ticket.h @@ -0,0 +1,142 @@ +/** + * \file ssl_ticket.h + * + * \brief TLS server ticket callbacks implementation + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SSL_TICKET_H +#define MBEDTLS_SSL_TICKET_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +/* + * This implementation of the session ticket callbacks includes key + * management, rotating the keys periodically in order to preserve forward + * secrecy, when MBEDTLS_HAVE_TIME is defined. + */ + +#include "ssl.h" +#include "cipher.h" + +#if defined(MBEDTLS_THREADING_C) +#include "threading.h" +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Information for session ticket protection + */ +typedef struct mbedtls_ssl_ticket_key +{ + unsigned char name[4]; /*!< random key identifier */ + uint32_t generation_time; /*!< key generation timestamp (seconds) */ + mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */ +} +mbedtls_ssl_ticket_key; + +/** + * \brief Context for session ticket handling functions + */ +typedef struct mbedtls_ssl_ticket_context +{ + mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ + unsigned char active; /*!< index of the currently active key */ + + uint32_t ticket_lifetime; /*!< lifetime of tickets in seconds */ + + /** Callback for getting (pseudo-)random numbers */ + int (*f_rng)(void *, unsigned char *, size_t); + void *p_rng; /*!< context for the RNG function */ + +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; +#endif +} +mbedtls_ssl_ticket_context; + +/** + * \brief Initialize a ticket context. + * (Just make it ready for mbedtls_ssl_ticket_setup() + * or mbedtls_ssl_ticket_free().) + * + * \param ctx Context to be initialized + */ +void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); + +/** + * \brief Prepare context to be actually used + * + * \param ctx Context to be set up + * \param f_rng RNG callback function + * \param p_rng RNG callback context + * \param cipher AEAD cipher to use for ticket protection. + * Recommended value: MBEDTLS_CIPHER_AES_256_GCM. + * \param lifetime Tickets lifetime in seconds + * Recommended value: 86400 (one day). + * + * \note It is highly recommended to select a cipher that is at + * least as strong as the the strongest ciphersuite + * supported. Usually that means a 256-bit key. + * + * \note The lifetime of the keys is twice the lifetime of tickets. + * It is recommended to pick a reasonnable lifetime so as not + * to negate the benefits of forward secrecy. + * + * \return 0 if successful, + * or a specific MBEDTLS_ERR_XXX error code + */ +int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime ); + +/** + * \brief Implementation of the ticket write callback + * + * \note See \c mbedtls_ssl_ticket_write_t for description + */ +mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write; + +/** + * \brief Implementation of the ticket parse callback + * + * \note See \c mbedtls_ssl_ticket_parse_t for description + */ +mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse; + +/** + * \brief Free a context's content and zeroize it. + * + * \param ctx Context to be cleaned up + */ +void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_ticket.h */ diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h new file mode 100644 index 000000000..b63e864e3 --- /dev/null +++ b/include/mbedtls/x509.h @@ -0,0 +1,339 @@ +/** + * \file x509.h + * + * \brief X.509 generic defines and structures + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_X509_H +#define MBEDTLS_X509_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "asn1.h" +#include "pk.h" + +#if defined(MBEDTLS_RSA_C) +#include "rsa.h" +#endif + +/** + * \addtogroup x509_module + * \{ + */ + +#if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) +/** + * Maximum number of intermediate CAs in a verification chain. + * That is, maximum length of the chain, excluding the end-entity certificate + * and the trusted root certificate. + * + * Set this to a low value to prevent an adversary from making you waste + * resources verifying an overlong certificate chain. + */ +#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 +#endif + +/** + * \name X509 Error codes + * \{ + */ +#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ +#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ +#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ +#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ +#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ +#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ +#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ +#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */ +#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ +#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ +#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ +#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ +#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ +#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */ +#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */ +/* \} name */ + +/** + * \name X509 Verify codes + * \{ + */ +/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */ +#define MBEDTLS_X509_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ +#define MBEDTLS_X509_BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ +#define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ +#define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ +#define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 /**< The CRL is not correctly signed by the trusted CA. */ +#define MBEDTLS_X509_BADCRL_EXPIRED 0x20 /**< The CRL is expired. */ +#define MBEDTLS_X509_BADCERT_MISSING 0x40 /**< Certificate was missing. */ +#define MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ +#define MBEDTLS_X509_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ +#define MBEDTLS_X509_BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */ +#define MBEDTLS_X509_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */ +#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */ +#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */ +#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */ +#define MBEDTLS_X509_BADCERT_BAD_MD 0x4000 /**< The certificate is signed with an unacceptable hash. */ +#define MBEDTLS_X509_BADCERT_BAD_PK 0x8000 /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ +#define MBEDTLS_X509_BADCERT_BAD_KEY 0x010000 /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */ +#define MBEDTLS_X509_BADCRL_BAD_MD 0x020000 /**< The CRL is signed with an unacceptable hash. */ +#define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ +#define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */ + +/* \} name */ +/* \} addtogroup x509_module */ + +/* + * X.509 v3 Key Usage Extension flags + * Reminder: update x509_info_key_usage() when adding new flags. + */ +#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ +#define MBEDTLS_X509_KU_NON_REPUDIATION (0x40) /* bit 1 */ +#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ +#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ +#define MBEDTLS_X509_KU_KEY_AGREEMENT (0x08) /* bit 4 */ +#define MBEDTLS_X509_KU_KEY_CERT_SIGN (0x04) /* bit 5 */ +#define MBEDTLS_X509_KU_CRL_SIGN (0x02) /* bit 6 */ +#define MBEDTLS_X509_KU_ENCIPHER_ONLY (0x01) /* bit 7 */ +#define MBEDTLS_X509_KU_DECIPHER_ONLY (0x8000) /* bit 8 */ + +/* + * Netscape certificate types + * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) + */ + +#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ +#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ +#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ +#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ +#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ +#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ +#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ +#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ + +/* + * X.509 extension types + * + * Comments refer to the status for using certificates. Status can be + * different for writing certificates or reading CRLs or CSRs. + * + * Those are defined in oid.h as oid.c needs them in a data structure. Since + * these were previously defined here, let's have aliases for compatibility. + */ +#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER +#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER +#define MBEDTLS_X509_EXT_KEY_USAGE MBEDTLS_OID_X509_EXT_KEY_USAGE +#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES +#define MBEDTLS_X509_EXT_POLICY_MAPPINGS MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS +#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME /* Supported (DNS) */ +#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME +#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS +#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS /* Supported */ +#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS +#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS +#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE +#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS +#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY +#define MBEDTLS_X509_EXT_FRESHEST_CRL MBEDTLS_OID_X509_EXT_FRESHEST_CRL +#define MBEDTLS_X509_EXT_NS_CERT_TYPE MBEDTLS_OID_X509_EXT_NS_CERT_TYPE + +/* + * Storage format identifiers + * Recognized formats: PEM and DER + */ +#define MBEDTLS_X509_FORMAT_DER 1 +#define MBEDTLS_X509_FORMAT_PEM 2 + +#define MBEDTLS_X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \addtogroup x509_module + * \{ */ + +/** + * \name Structures for parsing X.509 certificates, CRLs and CSRs + * \{ + */ + +/** + * Type-length-value structure that allows for ASN1 using DER. + */ +typedef mbedtls_asn1_buf mbedtls_x509_buf; + +/** + * Container for ASN1 bit strings. + */ +typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring; + +/** + * Container for ASN1 named information objects. + * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.). + */ +typedef mbedtls_asn1_named_data mbedtls_x509_name; + +/** + * Container for a sequence of ASN.1 items + */ +typedef mbedtls_asn1_sequence mbedtls_x509_sequence; + +/** Container for date and time (precision in seconds). */ +typedef struct mbedtls_x509_time +{ + int year, mon, day; /**< Date. */ + int hour, min, sec; /**< Time. */ +} +mbedtls_x509_time; + +/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ +/** \} addtogroup x509_module */ + +/** + * \brief Store the certificate DN in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param dn The X509 name to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); + +/** + * \brief Store the certificate serial in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param serial The X509 serial to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); + +/** + * \brief Check a given mbedtls_x509_time against the system time + * and tell if it's in the past. + * + * \note Intended usage is "if( is_past( valid_to ) ) ERROR". + * Hence the return value of 1 if on internal errors. + * + * \param to mbedtls_x509_time to check + * + * \return 1 if the given time is in the past or an error occurred, + * 0 otherwise. + */ +int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); + +/** + * \brief Check a given mbedtls_x509_time against the system time + * and tell if it's in the future. + * + * \note Intended usage is "if( is_future( valid_from ) ) ERROR". + * Hence the return value of 1 if on internal errors. + * + * \param from mbedtls_x509_time to check + * + * \return 1 if the given time is in the future or an error occurred, + * 0 otherwise. + */ +int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); + +#if defined(MBEDTLS_SELF_TEST) + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_x509_self_test( int verbose ); + +#endif /* MBEDTLS_SELF_TEST */ + +/* + * Internal module functions. You probably do not want to use these unless you + * know you do. + */ +int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur ); +int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg ); +int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) +int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len ); +#endif +int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); +int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts ); +int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, + mbedtls_x509_time *t ); +int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial ); +int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag ); +int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts ); +int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); +int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); +int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, + size_t val_len ); +int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ); +int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ); +int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size ); + +#define MBEDTLS_X509_SAFE_SNPRINTF \ + do { \ + if( ret < 0 || (size_t) ret >= n ) \ + return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ + \ + n -= (size_t) ret; \ + p += (size_t) ret; \ + } while( 0 ) + +#ifdef __cplusplus +} +#endif + +#endif /* x509.h */ diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h new file mode 100644 index 000000000..fa838d68c --- /dev/null +++ b/include/mbedtls/x509_crl.h @@ -0,0 +1,174 @@ +/** + * \file x509_crl.h + * + * \brief X.509 certificate revocation list parsing + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_X509_CRL_H +#define MBEDTLS_X509_CRL_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "x509.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \addtogroup x509_module + * \{ */ + +/** + * \name Structures and functions for parsing CRLs + * \{ + */ + +/** + * Certificate revocation list entry. + * Contains the CA-specific serial numbers and revocation dates. + */ +typedef struct mbedtls_x509_crl_entry +{ + mbedtls_x509_buf raw; + + mbedtls_x509_buf serial; + + mbedtls_x509_time revocation_date; + + mbedtls_x509_buf entry_ext; + + struct mbedtls_x509_crl_entry *next; +} +mbedtls_x509_crl_entry; + +/** + * Certificate revocation list structure. + * Every CRL may have multiple entries. + */ +typedef struct mbedtls_x509_crl +{ + mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ + mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + + int version; /**< CRL version (1=v1, 2=v2) */ + mbedtls_x509_buf sig_oid; /**< CRL signature type identifier */ + + mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). */ + + mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ + + mbedtls_x509_time this_update; + mbedtls_x509_time next_update; + + mbedtls_x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ + + mbedtls_x509_buf crl_ext; + + mbedtls_x509_buf sig_oid2; + mbedtls_x509_buf sig; + mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ + + struct mbedtls_x509_crl *next; +} +mbedtls_x509_crl; + +/** + * \brief Parse a DER-encoded CRL and append it to the chained list + * + * \param chain points to the start of the chain + * \param buf buffer holding the CRL data in DER format + * \param buflen size of the buffer + * (including the terminating null byte for PEM data) + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, + const unsigned char *buf, size_t buflen ); +/** + * \brief Parse one or more CRLs and append them to the chained list + * + * \note Multiple CRLs are accepted only if using PEM format + * + * \param chain points to the start of the chain + * \param buf buffer holding the CRL data in PEM or DER format + * \param buflen size of the buffer + * (including the terminating null byte for PEM data) + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); + +#if defined(MBEDTLS_FS_IO) +/** + * \brief Load one or more CRLs and append them to the chained list + * + * \note Multiple CRLs are accepted only if using PEM format + * + * \param chain points to the start of the chain + * \param path filename to read the CRLs from (in PEM or DER encoding) + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); +#endif /* MBEDTLS_FS_IO */ + +/** + * \brief Returns an informational string about the CRL. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param prefix A line prefix + * \param crl The X509 CRL to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl ); + +/** + * \brief Initialize a CRL (chain) + * + * \param crl CRL chain to initialize + */ +void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); + +/** + * \brief Unallocate all CRL data + * + * \param crl CRL chain to free + */ +void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); + +/* \} name */ +/* \} addtogroup x509_module */ + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_x509_crl.h */ diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h new file mode 100644 index 000000000..eea263201 --- /dev/null +++ b/include/mbedtls/x509_crt.h @@ -0,0 +1,921 @@ +/** + * \file x509_crt.h + * + * \brief X.509 certificate parsing and writing + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_X509_CRT_H +#define MBEDTLS_X509_CRT_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "x509.h" +#include "x509_crl.h" + +/** + * \addtogroup x509_module + * \{ + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name Structures and functions for parsing and writing X.509 certificates + * \{ + */ + +/** + * Container for an X.509 certificate. The certificate may be chained. + */ +typedef struct mbedtls_x509_crt +{ + int own_buffer; /**< Indicates if \c raw is owned + * by the structure or not. */ + mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ + mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + + int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ + mbedtls_x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ + mbedtls_x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */ + + mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ + mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ + + mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ + mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ + + mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ + mbedtls_x509_time valid_to; /**< End time of certificate validity. */ + + mbedtls_x509_buf pk_raw; + mbedtls_pk_context pk; /**< Container for the public key context. */ + + mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ + mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ + mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ + mbedtls_x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ + + int ext_types; /**< Bit string containing detected and parsed extensions */ + int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ + int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ + + unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ + + mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ + + unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ + + mbedtls_x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ + mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ + + struct mbedtls_x509_crt *next; /**< Next certificate in the CA-chain. */ +} +mbedtls_x509_crt; + +/** + * Build flag from an algorithm/curve identifier (pk, md, ecp) + * Since 0 is always XXX_NONE, ignore it. + */ +#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) ) + +/** + * Security profile for certificate verification. + * + * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). + */ +typedef struct mbedtls_x509_crt_profile +{ + uint32_t allowed_mds; /**< MDs for signatures */ + uint32_t allowed_pks; /**< PK algs for signatures */ + uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ + uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ +} +mbedtls_x509_crt_profile; + +#define MBEDTLS_X509_CRT_VERSION_1 0 +#define MBEDTLS_X509_CRT_VERSION_2 1 +#define MBEDTLS_X509_CRT_VERSION_3 2 + +#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 +#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 + +#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) +#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 +#endif + +/** + * Container for writing a certificate (CRT) + */ +typedef struct mbedtls_x509write_cert +{ + int version; + mbedtls_mpi serial; + mbedtls_pk_context *subject_key; + mbedtls_pk_context *issuer_key; + mbedtls_asn1_named_data *subject; + mbedtls_asn1_named_data *issuer; + mbedtls_md_type_t md_alg; + char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; + char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; + mbedtls_asn1_named_data *extensions; +} +mbedtls_x509write_cert; + +/** + * Item in a verification chain: cert and flags for it + */ +typedef struct { + mbedtls_x509_crt *crt; + uint32_t flags; +} mbedtls_x509_crt_verify_chain_item; + +/** + * Max size of verification chain: end-entity + intermediates + trusted root + */ +#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) + +/** + * Verification chain as built by \c mbedtls_crt_verify_chain() + */ +typedef struct +{ + mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; + unsigned len; + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + /* This stores the list of potential trusted signers obtained from + * the CA callback used for the CRT verification, if configured. + * We must track it somewhere because the callback passes its + * ownership to the caller. */ + mbedtls_x509_crt *trust_ca_cb_result; +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +} mbedtls_x509_crt_verify_chain; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + +/** + * \brief Context for resuming X.509 verify operations + */ +typedef struct +{ + /* for check_signature() */ + mbedtls_pk_restart_ctx pk; + + /* for find_parent_in() */ + mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */ + mbedtls_x509_crt *fallback_parent; + int fallback_signature_is_good; + + /* for find_parent() */ + int parent_is_trusted; /* -1 if find_parent is not in progress */ + + /* for verify_chain() */ + enum { + x509_crt_rs_none, + x509_crt_rs_find_parent, + } in_progress; /* none if no operation is in progress */ + int self_cnt; + mbedtls_x509_crt_verify_chain ver_chain; + +} mbedtls_x509_crt_restart_ctx; + +#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + +/* Now we can declare functions that take a pointer to that */ +typedef void mbedtls_x509_crt_restart_ctx; + +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * Default security profile. Should provide a good balance between security + * and compatibility with current deployments. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default; + +/** + * Expected next default profile. Recommended for new deployments. + * Currently targets a 128-bit security level, except for RSA-2048. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next; + +/** + * NSA Suite B profile. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; + +/** + * \brief Parse a single DER formatted certificate and add it + * to the end of the provided chained list. + * + * \param chain The pointer to the start of the CRT chain to attach to. + * When parsing the first CRT in a chain, this should point + * to an instance of ::mbedtls_x509_crt initialized through + * mbedtls_x509_crt_init(). + * \param buf The buffer holding the DER encoded certificate. + * \param buflen The size in Bytes of \p buf. + * + * \note This function makes an internal copy of the CRT buffer + * \p buf. In particular, \p buf may be destroyed or reused + * after this call returns. To avoid duplicating the CRT + * buffer (at the cost of stricter lifetime constraints), + * use mbedtls_x509_crt_parse_der_nocopy() instead. + * + * \return \c 0 if successful. + * \return A negative error code on failure. + */ +int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen ); + +/** + * \brief Parse a single DER formatted certificate and add it + * to the end of the provided chained list. This is a + * variant of mbedtls_x509_crt_parse_der() which takes + * temporary ownership of the CRT buffer until the CRT + * is destroyed. + * + * \param chain The pointer to the start of the CRT chain to attach to. + * When parsing the first CRT in a chain, this should point + * to an instance of ::mbedtls_x509_crt initialized through + * mbedtls_x509_crt_init(). + * \param buf The address of the readable buffer holding the DER encoded + * certificate to use. On success, this buffer must be + * retained and not be changed for the liftetime of the + * CRT chain \p chain, that is, until \p chain is destroyed + * through a call to mbedtls_x509_crt_free(). + * \param buflen The size in Bytes of \p buf. + * + * \note This call is functionally equivalent to + * mbedtls_x509_crt_parse_der(), but it avoids creating a + * copy of the input buffer at the cost of stronger lifetime + * constraints. This is useful in constrained environments + * where duplication of the CRT cannot be tolerated. + * + * \return \c 0 if successful. + * \return A negative error code on failure. + */ +int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen ); + +/** + * \brief Parse one DER-encoded or one or more concatenated PEM-encoded + * certificates and add them to the chained list. + * + * For CRTs in PEM encoding, the function parses permissively: + * if at least one certificate can be parsed, the function + * returns the number of certificates for which parsing failed + * (hence \c 0 if all certificates were parsed successfully). + * If no certificate could be parsed, the function returns + * the first (negative) error encountered during parsing. + * + * PEM encoded certificates may be interleaved by other data + * such as human readable descriptions of their content, as + * long as the certificates are enclosed in the PEM specific + * '-----{BEGIN/END} CERTIFICATE-----' delimiters. + * + * \param chain The chain to which to add the parsed certificates. + * \param buf The buffer holding the certificate data in PEM or DER format. + * For certificates in PEM encoding, this may be a concatenation + * of multiple certificates; for DER encoding, the buffer must + * comprise exactly one certificate. + * \param buflen The size of \p buf, including the terminating \c NULL byte + * in case of PEM encoded data. + * + * \return \c 0 if all certificates were parsed successfully. + * \return The (positive) number of certificates that couldn't + * be parsed if parsing was partly successful (see above). + * \return A negative X509 or PEM error code otherwise. + * + */ +int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); + +#if defined(MBEDTLS_FS_IO) +/** + * \brief Load one or more certificates and add them + * to the chained list. Parses permissively. If some + * certificates can be parsed, the result is the number + * of failed certificates it encountered. If none complete + * correctly, the first error is returned. + * + * \param chain points to the start of the chain + * \param path filename to read the certificates from + * + * \return 0 if all certificates parsed successfully, a positive number + * if partly successful or a specific X509 or PEM error code + */ +int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); + +/** + * \brief Load one or more certificate files from a path and add them + * to the chained list. Parses permissively. If some + * certificates can be parsed, the result is the number + * of failed certificates it encountered. If none complete + * correctly, the first error is returned. + * + * \param chain points to the start of the chain + * \param path directory / folder to read the certificate files from + * + * \return 0 if all certificates parsed successfully, a positive number + * if partly successful or a specific X509 or PEM error code + */ +int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); +#endif /* MBEDTLS_FS_IO */ + +/** + * \brief Returns an informational string about the + * certificate. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param prefix A line prefix + * \param crt The X509 certificate to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt ); + +/** + * \brief Returns an informational string about the + * verification status of a certificate. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param prefix A line prefix + * \param flags Verification flags created by mbedtls_x509_crt_verify() + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ); + +/** + * \brief Verify a chain of certificates. + * + * The verify callback is a user-supplied callback that + * can clear / modify / add flags for a certificate. If set, + * the verification callback is called for each + * certificate in the chain (from the trust-ca down to the + * presented crt). The parameters for the callback are: + * (void *parameter, mbedtls_x509_crt *crt, int certificate_depth, + * int *flags). With the flags representing current flags for + * that specific certificate and the certificate depth from + * the bottom (Peer cert depth = 0). + * + * All flags left after returning from the callback + * are also returned to the application. The function should + * return 0 for anything (including invalid certificates) + * other than fatal error, as a non-zero return code + * immediately aborts the verification process. For fatal + * errors, a specific error code should be used (different + * from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not + * be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR + * can be used if no better code is available. + * + * \note In case verification failed, the results can be displayed + * using \c mbedtls_x509_crt_verify_info() + * + * \note Same as \c mbedtls_x509_crt_verify_with_profile() with the + * default security profile. + * + * \note It is your responsibility to provide up-to-date CRLs for + * all trusted CAs. If no CRL is provided for the CA that was + * used to sign the certificate, CRL verification is skipped + * silently, that is *without* setting any flag. + * + * \note The \c trust_ca list can contain two types of certificates: + * (1) those of trusted root CAs, so that certificates + * chaining up to those CAs will be trusted, and (2) + * self-signed end-entity certificates to be trusted (for + * specific peers you know) - in that case, the self-signed + * certificate doesn't need to have the CA bit set. + * + * \param crt The certificate chain to be verified. + * \param trust_ca The list of trusted CAs. + * \param ca_crl The list of CRLs for trusted CAs. + * \param cn The expected Common Name. This may be \c NULL if the + * CN need not be verified. + * \param flags The address at which to store the result of the verification. + * If the verification couldn't be completed, the flag value is + * set to (uint32_t) -1. + * \param f_vrfy The verification callback to use. See the documentation + * of mbedtls_x509_crt_verify() for more information. + * \param p_vrfy The context to be passed to \p f_vrfy. + * + * \return \c 0 if the chain is valid with respect to the + * passed CN, CAs, CRLs and security profile. + * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the + * certificate chain verification failed. In this case, + * \c *flags will have one or more + * \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX + * flags set. + * \return Another negative error code in case of a fatal error + * encountered during the verification process. + */ +int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); + +/** + * \brief Verify a chain of certificates with respect to + * a configurable security profile. + * + * \note Same as \c mbedtls_x509_crt_verify(), but with explicit + * security profile. + * + * \note The restrictions on keys (RSA minimum size, allowed curves + * for ECDSA) apply to all certificates: trusted root, + * intermediate CAs if any, and end entity certificate. + * + * \param crt The certificate chain to be verified. + * \param trust_ca The list of trusted CAs. + * \param ca_crl The list of CRLs for trusted CAs. + * \param profile The security profile to use for the verification. + * \param cn The expected Common Name. This may be \c NULL if the + * CN need not be verified. + * \param flags The address at which to store the result of the verification. + * If the verification couldn't be completed, the flag value is + * set to (uint32_t) -1. + * \param f_vrfy The verification callback to use. See the documentation + * of mbedtls_x509_crt_verify() for more information. + * \param p_vrfy The context to be passed to \p f_vrfy. + * + * \return \c 0 if the chain is valid with respect to the + * passed CN, CAs, CRLs and security profile. + * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the + * certificate chain verification failed. In this case, + * \c *flags will have one or more + * \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX + * flags set. + * \return Another negative error code in case of a fatal error + * encountered during the verification process. + */ +int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); + +/** + * \brief Restartable version of \c mbedtls_crt_verify_with_profile() + * + * \note Performs the same job as \c mbedtls_crt_verify_with_profile() + * but can return early and restart according to the limit + * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \param crt The certificate chain to be verified. + * \param trust_ca The list of trusted CAs. + * \param ca_crl The list of CRLs for trusted CAs. + * \param profile The security profile to use for the verification. + * \param cn The expected Common Name. This may be \c NULL if the + * CN need not be verified. + * \param flags The address at which to store the result of the verification. + * If the verification couldn't be completed, the flag value is + * set to (uint32_t) -1. + * \param f_vrfy The verification callback to use. See the documentation + * of mbedtls_x509_crt_verify() for more information. + * \param p_vrfy The context to be passed to \p f_vrfy. + * \param rs_ctx The restart context to use. This may be set to \c NULL + * to disable restartable ECC. + * + * \return See \c mbedtls_crt_verify_with_profile(), or + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + */ +int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx ); + +/** + * \brief The type of trusted certificate callbacks. + * + * Callbacks of this type are passed to and used by the CRT + * verification routine mbedtls_x509_crt_verify_with_ca_cb() + * when looking for trusted signers of a given certificate. + * + * On success, the callback returns a list of trusted + * certificates to be considered as potential signers + * for the input certificate. + * + * \param p_ctx An opaque context passed to the callback. + * \param child The certificate for which to search a potential signer. + * This will point to a readable certificate. + * \param candidate_cas The address at which to store the address of the first + * entry in the generated linked list of candidate signers. + * This will not be \c NULL. + * + * \note The callback must only return a non-zero value on a + * fatal error. If, in contrast, the search for a potential + * signer completes without a single candidate, the + * callback must return \c 0 and set \c *candidate_cas + * to \c NULL. + * + * \return \c 0 on success. In this case, \c *candidate_cas points + * to a heap-allocated linked list of instances of + * ::mbedtls_x509_crt, and ownership of this list is passed + * to the caller. + * \return A negative error code on failure. + */ +typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, + mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidate_cas ); + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +/** + * \brief Version of \c mbedtls_x509_crt_verify_with_profile() which + * uses a callback to acquire the list of trusted CA + * certificates. + * + * \param crt The certificate chain to be verified. + * \param f_ca_cb The callback to be used to query for potential signers + * of a given child certificate. See the documentation of + * ::mbedtls_x509_crt_ca_cb_t for more information. + * \param p_ca_cb The opaque context to be passed to \p f_ca_cb. + * \param profile The security profile for the verification. + * \param cn The expected Common Name. This may be \c NULL if the + * CN need not be verified. + * \param flags The address at which to store the result of the verification. + * If the verification couldn't be completed, the flag value is + * set to (uint32_t) -1. + * \param f_vrfy The verification callback to use. See the documentation + * of mbedtls_x509_crt_verify() for more information. + * \param p_vrfy The context to be passed to \p f_vrfy. + * + * \return See \c mbedtls_crt_verify_with_profile(). + */ +int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); + +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) +/** + * \brief Check usage of certificate against keyUsage extension. + * + * \param crt Leaf certificate used. + * \param usage Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT + * before using the certificate to perform an RSA key + * exchange). + * + * \note Except for decipherOnly and encipherOnly, a bit set in the + * usage argument means this bit MUST be set in the + * certificate. For decipherOnly and encipherOnly, it means + * that bit MAY be set. + * + * \return 0 is these uses of the certificate are allowed, + * MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension + * is present but does not match the usage argument. + * + * \note You should only call this function on leaf certificates, on + * (intermediate) CAs the keyUsage extension is automatically + * checked by \c mbedtls_x509_crt_verify(). + */ +int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, + unsigned int usage ); +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ + +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) +/** + * \brief Check usage of certificate against extendedKeyUsage. + * + * \param crt Leaf certificate used. + * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or + * MBEDTLS_OID_CLIENT_AUTH). + * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()). + * + * \return 0 if this use of the certificate is allowed, + * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not. + * + * \note Usually only makes sense on leaf certificates. + */ +int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, + const char *usage_oid, + size_t usage_len ); +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ + +#if defined(MBEDTLS_X509_CRL_PARSE_C) +/** + * \brief Verify the certificate revocation status + * + * \param crt a certificate to be verified + * \param crl the CRL to verify against + * + * \return 1 if the certificate is revoked, 0 otherwise + * + */ +int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); +#endif /* MBEDTLS_X509_CRL_PARSE_C */ + +/** + * \brief Initialize a certificate (chain) + * + * \param crt Certificate chain to initialize + */ +void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); + +/** + * \brief Unallocate all certificate data + * + * \param crt Certificate chain to free + */ +void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Initialize a restart context + */ +void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); + +/** + * \brief Free the components of a restart context + */ +void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/* \} name */ +/* \} addtogroup x509_module */ + +#if defined(MBEDTLS_X509_CRT_WRITE_C) +/** + * \brief Initialize a CRT writing context + * + * \param ctx CRT context to initialize + */ +void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); + +/** + * \brief Set the verion for a Certificate + * Default: MBEDTLS_X509_CRT_VERSION_3 + * + * \param ctx CRT context to use + * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or + * MBEDTLS_X509_CRT_VERSION_3) + */ +void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); + +/** + * \brief Set the serial number for a Certificate. + * + * \param ctx CRT context to use + * \param serial serial number to set + * + * \return 0 if successful + */ +int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); + +/** + * \brief Set the validity period for a Certificate + * Timestamps should be in string format for UTC timezone + * i.e. "YYYYMMDDhhmmss" + * e.g. "20131231235959" for December 31st 2013 + * at 23:59:59 + * + * \param ctx CRT context to use + * \param not_before not_before timestamp + * \param not_after not_after timestamp + * + * \return 0 if timestamp was parsed successfully, or + * a specific error code + */ +int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, + const char *not_after ); + +/** + * \brief Set the issuer name for a Certificate + * Issuer names should contain a comma-separated list + * of OID types and values: + * e.g. "C=UK,O=ARM,CN=mbed TLS CA" + * + * \param ctx CRT context to use + * \param issuer_name issuer name to set + * + * \return 0 if issuer name was parsed successfully, or + * a specific error code + */ +int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, + const char *issuer_name ); + +/** + * \brief Set the subject name for a Certificate + * Subject names should contain a comma-separated list + * of OID types and values: + * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * + * \param ctx CRT context to use + * \param subject_name subject name to set + * + * \return 0 if subject name was parsed successfully, or + * a specific error code + */ +int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, + const char *subject_name ); + +/** + * \brief Set the subject public key for the certificate + * + * \param ctx CRT context to use + * \param key public key to include + */ +void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); + +/** + * \brief Set the issuer key used for signing the certificate + * + * \param ctx CRT context to use + * \param key private key to sign with + */ +void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); + +/** + * \brief Set the MD algorithm to use for the signature + * (e.g. MBEDTLS_MD_SHA1) + * + * \param ctx CRT context to use + * \param md_alg MD algorithm to use + */ +void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); + +/** + * \brief Generic function to add to or replace an extension in the + * CRT + * + * \param ctx CRT context to use + * \param oid OID of the extension + * \param oid_len length of the OID + * \param critical if the extension is critical (per the RFC's definition) + * \param val value of the extension OCTET STRING + * \param val_len length of the value data + * + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, + const char *oid, size_t oid_len, + int critical, + const unsigned char *val, size_t val_len ); + +/** + * \brief Set the basicConstraints extension for a CRT + * + * \param ctx CRT context to use + * \param is_ca is this a CA certificate + * \param max_pathlen maximum length of certificate chains below this + * certificate (only for CA certificates, -1 is + * inlimited) + * + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, + int is_ca, int max_pathlen ); + +#if defined(MBEDTLS_SHA1_C) +/** + * \brief Set the subjectKeyIdentifier extension for a CRT + * Requires that mbedtls_x509write_crt_set_subject_key() has been + * called before + * + * \param ctx CRT context to use + * + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); + +/** + * \brief Set the authorityKeyIdentifier extension for a CRT + * Requires that mbedtls_x509write_crt_set_issuer_key() has been + * called before + * + * \param ctx CRT context to use + * + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); +#endif /* MBEDTLS_SHA1_C */ + +/** + * \brief Set the Key Usage Extension flags + * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) + * + * \param ctx CRT context to use + * \param key_usage key usage flags to set + * + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, + unsigned int key_usage ); + +/** + * \brief Set the Netscape Cert Type flags + * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) + * + * \param ctx CRT context to use + * \param ns_cert_type Netscape Cert Type flags to set + * + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, + unsigned char ns_cert_type ); + +/** + * \brief Free the contents of a CRT write context + * + * \param ctx CRT context to free + */ +void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); + +/** + * \brief Write a built up certificate to a X509 DER structure + * Note: data is written at the end of the buffer! Use the + * return value to determine where you should start + * using the buffer + * + * \param ctx certificate to write away + * \param buf buffer to write to + * \param size size of the buffer + * \param f_rng RNG function (for signature, see note) + * \param p_rng RNG parameter + * + * \return length of data written if successful, or a specific + * error code + * + * \note f_rng may be NULL if RSA is used for signature and the + * signature is made offline (otherwise f_rng is desirable + * for countermeasures against timing attacks). + * ECDSA signatures always require a non-NULL f_rng. + */ +int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +#if defined(MBEDTLS_PEM_WRITE_C) +/** + * \brief Write a built up certificate to a X509 PEM string + * + * \param ctx certificate to write away + * \param buf buffer to write to + * \param size size of the buffer + * \param f_rng RNG function (for signature, see note) + * \param p_rng RNG parameter + * + * \return 0 if successful, or a specific error code + * + * \note f_rng may be NULL if RSA is used for signature and the + * signature is made offline (otherwise f_rng is desirable + * for countermeasures against timing attacks). + * ECDSA signatures always require a non-NULL f_rng. + */ +int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); +#endif /* MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_X509_CRT_WRITE_C */ + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_x509_crt.h */ diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h new file mode 100644 index 000000000..a3c28048e --- /dev/null +++ b/include/mbedtls/x509_csr.h @@ -0,0 +1,307 @@ +/** + * \file x509_csr.h + * + * \brief X.509 certificate signing request parsing and writing + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_X509_CSR_H +#define MBEDTLS_X509_CSR_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "x509.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \addtogroup x509_module + * \{ */ + +/** + * \name Structures and functions for X.509 Certificate Signing Requests (CSR) + * \{ + */ + +/** + * Certificate Signing Request (CSR) structure. + */ +typedef struct mbedtls_x509_csr +{ + mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ + mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ + + int version; /**< CSR version (1=v1). */ + + mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). */ + mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ + + mbedtls_pk_context pk; /**< Container for the public key context. */ + + mbedtls_x509_buf sig_oid; + mbedtls_x509_buf sig; + mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ +} +mbedtls_x509_csr; + +/** + * Container for writing a CSR + */ +typedef struct mbedtls_x509write_csr +{ + mbedtls_pk_context *key; + mbedtls_asn1_named_data *subject; + mbedtls_md_type_t md_alg; + mbedtls_asn1_named_data *extensions; +} +mbedtls_x509write_csr; + +#if defined(MBEDTLS_X509_CSR_PARSE_C) +/** + * \brief Load a Certificate Signing Request (CSR) in DER format + * + * \note CSR attributes (if any) are currently silently ignored. + * + * \param csr CSR context to fill + * \param buf buffer holding the CRL data + * \param buflen size of the buffer + * + * \return 0 if successful, or a specific X509 error code + */ +int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen ); + +/** + * \brief Load a Certificate Signing Request (CSR), DER or PEM format + * + * \note See notes for \c mbedtls_x509_csr_parse_der() + * + * \param csr CSR context to fill + * \param buf buffer holding the CRL data + * \param buflen size of the buffer + * (including the terminating null byte for PEM data) + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); + +#if defined(MBEDTLS_FS_IO) +/** + * \brief Load a Certificate Signing Request (CSR) + * + * \note See notes for \c mbedtls_x509_csr_parse() + * + * \param csr CSR context to fill + * \param path filename to read the CSR from + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); +#endif /* MBEDTLS_FS_IO */ + +/** + * \brief Returns an informational string about the + * CSR. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param prefix A line prefix + * \param csr The X509 CSR to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr ); + +/** + * \brief Initialize a CSR + * + * \param csr CSR to initialize + */ +void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); + +/** + * \brief Unallocate all CSR data + * + * \param csr CSR to free + */ +void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + +/* \} name */ +/* \} addtogroup x509_module */ + +#if defined(MBEDTLS_X509_CSR_WRITE_C) +/** + * \brief Initialize a CSR context + * + * \param ctx CSR context to initialize + */ +void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); + +/** + * \brief Set the subject name for a CSR + * Subject names should contain a comma-separated list + * of OID types and values: + * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * + * \param ctx CSR context to use + * \param subject_name subject name to set + * + * \return 0 if subject name was parsed successfully, or + * a specific error code + */ +int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, + const char *subject_name ); + +/** + * \brief Set the key for a CSR (public key will be included, + * private key used to sign the CSR when writing it) + * + * \param ctx CSR context to use + * \param key Asymetric key to include + */ +void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); + +/** + * \brief Set the MD algorithm to use for the signature + * (e.g. MBEDTLS_MD_SHA1) + * + * \param ctx CSR context to use + * \param md_alg MD algorithm to use + */ +void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); + +/** + * \brief Set the Key Usage Extension flags + * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) + * + * \param ctx CSR context to use + * \param key_usage key usage flags to set + * + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + * + * \note The decipherOnly flag from the Key Usage + * extension is represented by bit 8 (i.e. + * 0x8000), which cannot typically be represented + * in an unsigned char. Therefore, the flag + * decipherOnly (i.e. + * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this + * function. + */ +int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); + +/** + * \brief Set the Netscape Cert Type flags + * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) + * + * \param ctx CSR context to use + * \param ns_cert_type Netscape Cert Type flags to set + * + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, + unsigned char ns_cert_type ); + +/** + * \brief Generic function to add to or replace an extension in the + * CSR + * + * \param ctx CSR context to use + * \param oid OID of the extension + * \param oid_len length of the OID + * \param val value of the extension OCTET STRING + * \param val_len length of the value data + * + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED + */ +int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len, + const unsigned char *val, size_t val_len ); + +/** + * \brief Free the contents of a CSR context + * + * \param ctx CSR context to free + */ +void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); + +/** + * \brief Write a CSR (Certificate Signing Request) to a + * DER structure + * Note: data is written at the end of the buffer! Use the + * return value to determine where you should start + * using the buffer + * + * \param ctx CSR to write away + * \param buf buffer to write to + * \param size size of the buffer + * \param f_rng RNG function (for signature, see note) + * \param p_rng RNG parameter + * + * \return length of data written if successful, or a specific + * error code + * + * \note f_rng may be NULL if RSA is used for signature and the + * signature is made offline (otherwise f_rng is desirable + * for countermeasures against timing attacks). + * ECDSA signatures always require a non-NULL f_rng. + */ +int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +#if defined(MBEDTLS_PEM_WRITE_C) +/** + * \brief Write a CSR (Certificate Signing Request) to a + * PEM string + * + * \param ctx CSR to write away + * \param buf buffer to write to + * \param size size of the buffer + * \param f_rng RNG function (for signature, see note) + * \param p_rng RNG parameter + * + * \return 0 if successful, or a specific error code + * + * \note f_rng may be NULL if RSA is used for signature and the + * signature is made offline (otherwise f_rng is desirable + * for countermeasures against timing attacks). + * ECDSA signatures always require a non-NULL f_rng. + */ +int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); +#endif /* MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_X509_CSR_WRITE_C */ + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_x509_csr.h */ diff --git a/library/certs.c b/library/certs.c new file mode 100644 index 000000000..b54ff611f --- /dev/null +++ b/library/certs.c @@ -0,0 +1,436 @@ +/* + * X.509 test certificates + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "mbedtls/certs.h" + +#if defined(MBEDTLS_CERTS_C) + +#if defined(MBEDTLS_ECDSA_C) +#define TEST_CA_CRT_EC \ +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \ +"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n" \ +"QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT\r\n" \ +"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n" \ +"QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu\r\n" \ +"ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy\r\n" \ +"aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g\r\n" \ +"JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7\r\n" \ +"NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE\r\n" \ +"AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w\r\n" \ +"CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56\r\n" \ +"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \ +"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \ +"-----END CERTIFICATE-----\r\n" +const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC; +const size_t mbedtls_test_ca_crt_ec_len = sizeof( mbedtls_test_ca_crt_ec ); + +const char mbedtls_test_ca_key_ec[] = +"-----BEGIN EC PRIVATE KEY-----\r\n" +"Proc-Type: 4,ENCRYPTED\r\n" +"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" +"\r\n" +"IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" +"ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" +"UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" +"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" +"-----END EC PRIVATE KEY-----\r\n"; +const size_t mbedtls_test_ca_key_ec_len = sizeof( mbedtls_test_ca_key_ec ); + +const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest"; +const size_t mbedtls_test_ca_pwd_ec_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1; + +const char mbedtls_test_srv_crt_ec[] = +"-----BEGIN CERTIFICATE-----\r\n" +"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" +"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" +"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" +"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" +"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" +"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" +"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" +"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" +"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" +"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" +"-----END CERTIFICATE-----\r\n"; +const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec ); + +const char mbedtls_test_srv_key_ec[] = +"-----BEGIN EC PRIVATE KEY-----\r\n" +"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" +"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" +"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" +"-----END EC PRIVATE KEY-----\r\n"; +const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec ); + +const char mbedtls_test_cli_crt_ec[] = +"-----BEGIN CERTIFICATE-----\r\n" +"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" +"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw\r\n" +"WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT\r\n" +"9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa\r\n" +"MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud\r\n" +"IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER\r\n" +"MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC\r\n" +"CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM\r\n" +"lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU\r\n" +"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n" +"-----END CERTIFICATE-----\r\n"; +const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec ); + +const char mbedtls_test_cli_key_ec[] = +"-----BEGIN EC PRIVATE KEY-----\r\n" +"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" +"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" +"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" +"-----END EC PRIVATE KEY-----\r\n"; +const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec ); +#endif /* MBEDTLS_ECDSA_C */ + +#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_SHA256_C) +#define TEST_CA_CRT_RSA_SHA256 \ +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ +"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ +"MTcwNTA0MTY1NzAxWhcNMjcwNTA1MTY1NzAxWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ +"A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ +"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ +"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ +"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ +"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ +"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ +"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ +"gZUwgZIwHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/MGMGA1UdIwRcMFqA\r\n" \ +"FLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE\r\n" \ +"CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T\r\n" \ +"BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHK/HHrTZMnnVMpde1io+voAtql7j\r\n" \ +"4sRhLrjD7o3THtwRbDa2diCvpq0Sq23Ng2LMYoXsOxoL/RQK3iN7UKxV3MKPEr0w\r\n" \ +"XQS+kKQqiT2bsfrjnWMVHZtUOMpm6FNqcdGm/Rss3vKda2lcKl8kUnq/ylc1+QbB\r\n" \ +"G6A6tUvQcr2ZyWfVg+mM5XkhTrOOXus2OLikb4WwEtJTJRNE0f+yPODSUz0/vT57\r\n" \ +"ApH0CnB80bYJshYHPHHymOtleAB8KSYtqm75g/YNobjnjB6cm4HkW3OZRVIl6fYY\r\n" \ +"n20NRVA1Vjs6GAROr4NqW4k/+LofY9y0LLDE+p0oIEKXIsIvhPr39swxSA==\r\n" \ +"-----END CERTIFICATE-----\r\n" + +static const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256; +const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA_SHA256; +const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa ); +#define TEST_CA_CRT_RSA_SOME +#endif /* MBEDTLS_SHA256_C */ + +#if !defined(TEST_CA_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C) +#define TEST_CA_CRT_RSA_SHA1 \ +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ +"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ +"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ +"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ +"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ +"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ +"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ +"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ +"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ +"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ +"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n" \ +"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n" \ +"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n" \ +"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n" \ +"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n" \ +"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n" \ +"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n" \ +"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \ +"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \ +"-----END CERTIFICATE-----\r\n" + +static const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1; + +#if !defined (TEST_CA_CRT_RSA_SOME) +const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA_SHA1; +const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa ); +#endif /* !TEST_CA_CRT_RSA_SOME */ +#endif /* !TEST_CA_CRT_RSA_COME || MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) +/* tests/data_files/server2-sha256.crt */ +#define TEST_SRV_CRT_RSA_SHA256 \ +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ +"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ +"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ +"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ +"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ +"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ +"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ +"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ +"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ +"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ +"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ +"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAGGEshT5\r\n" \ +"kvnRmLVScVeUEdwIrvW7ezbGbUvJ8VxeJ79/HSjlLiGbMc4uUathwtzEdi9R/4C5\r\n" \ +"DXBNeEPTkbB+fhG1W06iHYj/Dp8+aaG7fuDxKVKHVZSqBnmQLn73ymyclZNHii5A\r\n" \ +"3nTS8WUaHAzxN/rajOtoM7aH1P9tULpHrl+7HOeLMpxUnwI12ZqZaLIzxbcdJVcr\r\n" \ +"ra2F00aXCGkYVLvyvbZIq7LC+yVysej5gCeQYD7VFOEks0jhFjrS06gP0/XnWv6v\r\n" \ +"eBoPez9d+CCjkrhseiWzXOiriIMICX48EloO/DrsMRAtvlwq7EDz4QhILz6ffndm\r\n" \ +"e4K1cVANRPN2o9Y=\r\n" \ +"-----END CERTIFICATE-----\r\n" + +const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA_SHA256; +const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa ); +#define TEST_SRV_CRT_RSA_SOME +#endif /* MBEDTLS_SHA256_C */ + +#if !defined(TEST_SRV_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C) +/* tests/data_files/server2.crt */ +#define TEST_SRV_CRT_RSA_SHA1 \ +"-----BEGIN CERTIFICATE-----\r\n" \ +"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ +"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ +"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ +"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ +"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ +"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ +"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ +"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ +"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ +"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ +"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ +"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF\r\n" \ +"y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF\r\n" \ +"kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd\r\n" \ +"dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu\r\n" \ +"UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1\r\n" \ +"fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r\r\n" \ +"4mN4lW7gLdenN6g=\r\n" \ +"-----END CERTIFICATE-----\r\n"; + +#if !defined(TEST_SRV_CRT_RSA_SOME) +const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA_SHA1; +const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa ); +#endif /* TEST_SRV_CRT_RSA_SOME */ +#endif /* !TEST_CA_CRT_RSA_SOME || MBEDTLS_SHA1_C */ + +const char mbedtls_test_ca_key_rsa[] = +"-----BEGIN RSA PRIVATE KEY-----\r\n" +"Proc-Type: 4,ENCRYPTED\r\n" +"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" +"\r\n" +"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" +"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" +"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" +"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" +"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" +"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" +"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" +"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" +"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" +"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" +"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" +"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" +"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" +"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" +"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" +"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" +"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" +"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" +"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" +"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" +"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" +"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" +"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" +"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" +"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" +"-----END RSA PRIVATE KEY-----\r\n"; +const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa ); + +const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest"; +const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; + +const char mbedtls_test_srv_key_rsa[] = +"-----BEGIN RSA PRIVATE KEY-----\r\n" +"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" +"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" +"2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" +"Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" +"GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" +"y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" +"++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" +"Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" +"/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" +"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" +"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" +"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" +"CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" +"nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" +"AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" +"sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" +"mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" +"BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" +"whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" +"vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" +"3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" +"3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" +"ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" +"4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" +"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" +"-----END RSA PRIVATE KEY-----\r\n"; +const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa ); + +/* tests/data_files/cli-rsa-sha256.crt */ +const char mbedtls_test_cli_crt_rsa[] = +"-----BEGIN CERTIFICATE-----\r\n" +"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" +"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" +"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" +"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" +"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" +"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" +"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" +"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" +"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" +"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" +"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" +"AQEAlHabem2Tu69VUN7EipwnQn1dIHdgvT5i+iQHpSxY1crPnBbAeSdAXwsVEqLQ\r\n" +"gOOIAQD5VIITNuoGgo4i+4OpNh9u7ZkpRHla+/swsfrFWRRbBNP5Bcu74AGLstwU\r\n" +"zM8gIkBiyfM1Q1qDQISV9trlCG6O8vh8dp/rbI3rfzo99BOHXgFCrzXjCuW4vDsF\r\n" +"r+Dao26bX3sJ6UnEWg1H3o2x6PpUcvQ36h71/bz4TEbbUUEpe02V4QWuL+wrhHJL\r\n" +"U7o3SVE3Og7jPF8sat0a50YUWhwEFI256m02KAXLg89ueUyYKEr6rNwhcvXJpvU9\r\n" +"giIVvd0Sbjjnn7NC4VDbcXV8vw==\r\n" +"-----END CERTIFICATE-----\r\n"; +const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa ); + +/* tests/data_files/cli-rsa.key */ +const char mbedtls_test_cli_key_rsa[] = +"-----BEGIN RSA PRIVATE KEY-----\r\n" +"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" +"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" +"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" +"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" +"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" +"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" +"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" +"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" +"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" +"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" +"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" +"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" +"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" +"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" +"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" +"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" +"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" +"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" +"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" +"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" +"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" +"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" +"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" +"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" +"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" +"-----END RSA PRIVATE KEY-----\r\n"; +const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa ); +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_PEM_PARSE_C) +/* Concatenation of all available CA certificates */ +const char mbedtls_test_cas_pem[] = +#ifdef TEST_CA_CRT_RSA_SHA1 + TEST_CA_CRT_RSA_SHA1 +#endif +#ifdef TEST_CA_CRT_RSA_SHA256 + TEST_CA_CRT_RSA_SHA256 +#endif +#ifdef TEST_CA_CRT_EC + TEST_CA_CRT_EC +#endif + ""; +const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem ); +#endif + +/* List of all available CA certificates */ +const char * mbedtls_test_cas[] = { +#if defined(TEST_CA_CRT_RSA_SHA1) + mbedtls_test_ca_crt_rsa_sha1, +#endif +#if defined(TEST_CA_CRT_RSA_SHA256) + mbedtls_test_ca_crt_rsa_sha256, +#endif +#if defined(MBEDTLS_ECDSA_C) + mbedtls_test_ca_crt_ec, +#endif + NULL +}; +const size_t mbedtls_test_cas_len[] = { +#if defined(TEST_CA_CRT_RSA_SHA1) + sizeof( mbedtls_test_ca_crt_rsa_sha1 ), +#endif +#if defined(TEST_CA_CRT_RSA_SHA256) + sizeof( mbedtls_test_ca_crt_rsa_sha256 ), +#endif +#if defined(MBEDTLS_ECDSA_C) + sizeof( mbedtls_test_ca_crt_ec ), +#endif + 0 +}; + +#if defined(MBEDTLS_RSA_C) +const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_rsa; /* SHA1 or SHA256 */ +const char *mbedtls_test_ca_key = mbedtls_test_ca_key_rsa; +const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_rsa; +const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa; +const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa; +const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa; +const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa; +const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_rsa ); +const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_rsa ); +const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; +const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa ); +const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa ); +const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa ); +const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa ); +#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */ +const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_ec; +const char *mbedtls_test_ca_key = mbedtls_test_ca_key_ec; +const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_ec; +const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec; +const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec; +const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec; +const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec; +const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_ec ); +const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_ec ); +const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1; +const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec ); +const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec ); +const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec ); +const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec ); +#endif /* MBEDTLS_RSA_C */ + +#endif /* MBEDTLS_CERTS_C */ diff --git a/library/debug.c b/library/debug.c new file mode 100644 index 000000000..0c46c0690 --- /dev/null +++ b/library/debug.c @@ -0,0 +1,438 @@ +/* + * Debugging routines + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_DEBUG_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_time_t time_t +#define mbedtls_snprintf snprintf +#define mbedtls_vsnprintf vsnprintf +#endif + +#include "mbedtls/debug.h" + +#include +#include +#include + +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + +#define DEBUG_BUF_SIZE 512 + +static int debug_threshold = 0; + +void mbedtls_debug_set_threshold( int threshold ) +{ + debug_threshold = threshold; +} + +/* + * All calls to f_dbg must be made via this function + */ +static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *str ) +{ + /* + * If in a threaded environment, we need a thread identifier. + * Since there is no portable way to get one, use the address of the ssl + * context instead, as it shouldn't be shared between threads. + */ +#if defined(MBEDTLS_THREADING_C) + char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */ + mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr ); +#else + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); +#endif +} + +void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ... ) +{ + va_list argp; + char str[DEBUG_BUF_SIZE]; + int ret; + + if( NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + level > debug_threshold ) + { + return; + } + + va_start( argp, format ); + ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp ); + va_end( argp ); + + if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 ) + { + str[ret] = '\n'; + str[ret + 1] = '\0'; + } + + debug_send_line( ssl, level, file, line, str ); +} + +void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ) +{ + char str[DEBUG_BUF_SIZE]; + + if( NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + level > debug_threshold ) + { + return; + } + + /* + * With non-blocking I/O and examples that just retry immediately, + * the logs would be quickly flooded with WANT_READ, so ignore that. + * Don't ignore WANT_WRITE however, since is is usually rare. + */ + if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + return; + + mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n", + text, ret, -ret ); + + debug_send_line( ssl, level, file, line, str ); +} + +void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len ) +{ + char str[DEBUG_BUF_SIZE]; + char txt[17]; + size_t i, idx = 0; + + if( NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + level > debug_threshold ) + { + return; + } + + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n", + text, (unsigned int) len ); + + debug_send_line( ssl, level, file, line, str ); + + idx = 0; + memset( txt, 0, sizeof( txt ) ); + for( i = 0; i < len; i++ ) + { + if( i >= 4096 ) + break; + + if( i % 16 == 0 ) + { + if( i > 0 ) + { + mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); + debug_send_line( ssl, level, file, line, str ); + + idx = 0; + memset( txt, 0, sizeof( txt ) ); + } + + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ", + (unsigned int) i ); + + } + + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", + (unsigned int) buf[i] ); + txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; + } + + if( len > 0 ) + { + for( /* i = i */; i % 16 != 0; i++ ) + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " ); + + mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); + debug_send_line( ssl, level, file, line, str ); + } +} + +#if defined(MBEDTLS_ECP_C) +void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X ) +{ + char str[DEBUG_BUF_SIZE]; + + if( NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + level > debug_threshold ) + { + return; + } + + mbedtls_snprintf( str, sizeof( str ), "%s(X)", text ); + mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X ); + + mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text ); + mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y ); +} +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_BIGNUM_C) +void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X ) +{ + char str[DEBUG_BUF_SIZE]; + int j, k, zeros = 1; + size_t i, n, idx = 0; + + if( NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + NULL == X || + level > debug_threshold ) + { + return; + } + + for( n = X->n - 1; n > 0; n-- ) + if( X->p[n] != 0 ) + break; + + for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- ) + if( ( ( X->p[n] >> j ) & 1 ) != 0 ) + break; + + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n", + text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) ); + + debug_send_line( ssl, level, file, line, str ); + + idx = 0; + for( i = n + 1, j = 0; i > 0; i-- ) + { + if( zeros && X->p[i - 1] == 0 ) + continue; + + for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- ) + { + if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 ) + continue; + else + zeros = 0; + + if( j % 16 == 0 ) + { + if( j > 0 ) + { + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); + debug_send_line( ssl, level, file, line, str ); + idx = 0; + } + } + + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int) + ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ); + + j++; + } + + } + + if( zeros == 1 ) + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" ); + + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); + debug_send_line( ssl, level, file, line, str ); +} +#endif /* MBEDTLS_BIGNUM_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_pk_context *pk ) +{ + size_t i; + mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS]; + char name[16]; + + memset( items, 0, sizeof( items ) ); + + if( mbedtls_pk_debug( pk, items ) != 0 ) + { + debug_send_line( ssl, level, file, line, + "invalid PK context\n" ); + return; + } + + for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ ) + { + if( items[i].type == MBEDTLS_PK_DEBUG_NONE ) + return; + + mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); + name[sizeof( name ) - 1] = '\0'; + + if( items[i].type == MBEDTLS_PK_DEBUG_MPI ) + mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value ); + else +#if defined(MBEDTLS_ECP_C) + if( items[i].type == MBEDTLS_PK_DEBUG_ECP ) + mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value ); + else +#endif + debug_send_line( ssl, level, file, line, + "should not happen\n" ); + } +} + +static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text ) +{ + char str[DEBUG_BUF_SIZE]; + const char *start, *cur; + + start = text; + for( cur = text; *cur != '\0'; cur++ ) + { + if( *cur == '\n' ) + { + size_t len = cur - start + 1; + if( len > DEBUG_BUF_SIZE - 1 ) + len = DEBUG_BUF_SIZE - 1; + + memcpy( str, start, len ); + str[len] = '\0'; + + debug_send_line( ssl, level, file, line, str ); + + start = cur + 1; + } + } +} + +void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt ) +{ + char str[DEBUG_BUF_SIZE]; + int i = 0; + + if( NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + NULL == crt || + level > debug_threshold ) + { + return; + } + + while( crt != NULL ) + { + char buf[1024]; + + mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i ); + debug_send_line( ssl, level, file, line, str ); + + mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); + debug_print_line_by_line( ssl, level, file, line, buf ); + + debug_print_pk( ssl, level, file, line, "crt->", &crt->pk ); + + crt = crt->next; + } +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_ECDH_C) +static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, + int level, const char *file, + int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr ) +{ +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + const mbedtls_ecdh_context* ctx = ecdh; +#else + const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh; +#endif + + switch( attr ) + { + case MBEDTLS_DEBUG_ECDH_Q: + mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q", + &ctx->Q ); + break; + case MBEDTLS_DEBUG_ECDH_QP: + mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp", + &ctx->Qp ); + break; + case MBEDTLS_DEBUG_ECDH_Z: + mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z", + &ctx->z ); + break; + default: + break; + } +} + +void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr ) +{ +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr ); +#else + switch( ecdh->var ) + { + default: + mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, + attr ); + } +#endif +} +#endif /* MBEDTLS_ECDH_C */ + +#endif /* MBEDTLS_DEBUG_C */ diff --git a/library/error.c b/library/error.c index 27305b56f..d39ff7d84 100644 --- a/library/error.c +++ b/library/error.c @@ -140,6 +140,10 @@ #include "mbedtls/md5.h" #endif +#if defined(MBEDTLS_NET_C) +#include "mbedtls/net_sockets.h" +#endif + #if defined(MBEDTLS_OID_C) #include "mbedtls/oid.h" #endif @@ -192,10 +196,18 @@ #include "mbedtls/sha512.h" #endif +#if defined(MBEDTLS_SSL_TLS_C) +#include "mbedtls/ssl.h" +#endif + #if defined(MBEDTLS_THREADING_C) #include "mbedtls/threading.h" #endif +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) +#include "mbedtls/x509.h" +#endif + #if defined(MBEDTLS_XTEA_C) #include "mbedtls/xtea.h" #endif @@ -401,6 +413,165 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) ) mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" ); #endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_SSL_TLS_C) + if( use_ret == -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "SSL - The requested feature is not available" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "SSL - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_MAC) ) + mbedtls_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_RECORD) ) + mbedtls_snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CONN_EOF) ) + mbedtls_snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER) ) + mbedtls_snprintf( buf, buflen, "SSL - An unknown cipher was received" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN) ) + mbedtls_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_RNG) ) + mbedtls_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE) ) + mbedtls_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); + if( use_ret == -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) ) + mbedtls_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); + if( use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE) ) + { + mbedtls_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); + return; + } + if( use_ret == -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Verification of our peer failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) ) + mbedtls_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Memory allocation failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); + if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) ) + mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); + if( use_ret == -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) ) + mbedtls_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - Session ticket has expired" ); + if( use_ret == -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) ) + mbedtls_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INTERNAL_ERROR) ) + mbedtls_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING) ) + mbedtls_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) ) + mbedtls_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); + if( use_ret == -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) ) + mbedtls_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_WANT_READ) ) + mbedtls_snprintf( buf, buflen, "SSL - No data of requested type currently available on underlying transport" ); + if( use_ret == -(MBEDTLS_ERR_SSL_WANT_WRITE) ) + mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" ); + if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) ) + mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT) ) + mbedtls_snprintf( buf, buflen, "SSL - The client initiated a reconnect from the same port" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) ) + mbedtls_snprintf( buf, buflen, "SSL - Record header looks valid but is not expected" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NON_FATAL) ) + mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) ) + mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING) ) + mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that further message-processing should be done" ); + if( use_ret == -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) ) + mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" ); + if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) ) + mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" ); +#endif /* MBEDTLS_SSL_TLS_C */ + +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) + if( use_ret == -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); + if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_OID) ) + mbedtls_snprintf( buf, buflen, "X509 - Requested OID is unknown" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_FORMAT) ) + mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_VERSION) ) + mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SERIAL) ) + mbedtls_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_ALG) ) + mbedtls_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_NAME) ) + mbedtls_snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_DATE) ) + mbedtls_snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SIGNATURE) ) + mbedtls_snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS) ) + mbedtls_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_VERSION) ) + mbedtls_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" ); + if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG) ) + mbedtls_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); + if( use_ret == -(MBEDTLS_ERR_X509_SIG_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); + if( use_ret == -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) ) + mbedtls_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); + if( use_ret == -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT) ) + mbedtls_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); + if( use_ret == -(MBEDTLS_ERR_X509_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "X509 - Input invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "X509 - Allocation of memory failed" ); + if( use_ret == -(MBEDTLS_ERR_X509_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "X509 - Read/write of file failed" ); + if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" ); + if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) ) + mbedtls_snprintf( buf, buflen, "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" ); +#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ // END generated code if( strlen( buf ) == 0 ) @@ -629,6 +800,35 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" ); #endif /* MBEDTLS_MD5_C */ +#if defined(MBEDTLS_NET_C) + if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" ); + if( use_ret == -(MBEDTLS_ERR_NET_CONNECT_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_BIND_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Binding of the socket failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_LISTEN_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Could not listen on the socket" ); + if( use_ret == -(MBEDTLS_ERR_NET_ACCEPT_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); + if( use_ret == -(MBEDTLS_ERR_NET_RECV_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Reading information from the socket failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_SEND_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Sending information through the socket failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_CONN_RESET) ) + mbedtls_snprintf( buf, buflen, "NET - Connection was reset by peer" ); + if( use_ret == -(MBEDTLS_ERR_NET_UNKNOWN_HOST) ) + mbedtls_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); + if( use_ret == -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "NET - Buffer is too small to hold the data" ); + if( use_ret == -(MBEDTLS_ERR_NET_INVALID_CONTEXT) ) + mbedtls_snprintf( buf, buflen, "NET - The context is invalid, eg because it was free()ed" ); + if( use_ret == -(MBEDTLS_ERR_NET_POLL_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Polling the net context failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "NET - Input invalid" ); +#endif /* MBEDTLS_NET_C */ + #if defined(MBEDTLS_OID_C) if( use_ret == -(MBEDTLS_ERR_OID_NOT_FOUND) ) mbedtls_snprintf( buf, buflen, "OID - OID is not found" ); diff --git a/library/net_sockets.c b/library/net_sockets.c new file mode 100644 index 000000000..816b1303d --- /dev/null +++ b/library/net_sockets.c @@ -0,0 +1,668 @@ +/* + * TCP/IP or UDP/IP networking functions + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* Enable definition of getaddrinfo() even when compiling with -std=c99. Must + * be set before config.h, which pulls in glibc's features.h indirectly. + * Harmless on other platforms. */ +#define _POSIX_C_SOURCE 200112L + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_NET_C) + +#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ + !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ + !defined(__HAIKU__) +#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h" +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#endif + +#include "mbedtls/net_sockets.h" + +#include + +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + +#define IS_EINTR( ret ) ( ( ret ) == WSAEINTR ) + +#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0501) +#undef _WIN32_WINNT +/* Enables getaddrinfo() & Co */ +#define _WIN32_WINNT 0x0501 +#endif + +#include + +#include +#include + +#if defined(_MSC_VER) +#if defined(_WIN32_WCE) +#pragma comment( lib, "ws2.lib" ) +#else +#pragma comment( lib, "ws2_32.lib" ) +#endif +#endif /* _MSC_VER */ + +#define read(fd,buf,len) recv( fd, (char*)( buf ), (int)( len ), 0 ) +#define write(fd,buf,len) send( fd, (char*)( buf ), (int)( len ), 0 ) +#define close(fd) closesocket(fd) + +static int wsa_init_done = 0; + +#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define IS_EINTR( ret ) ( ( ret ) == EINTR ) + +#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ + +/* Some MS functions want int and MSVC warns if we pass size_t, + * but the standard functions use socklen_t, so cast only for MSVC */ +#if defined(_MSC_VER) +#define MSVC_INT_CAST (int) +#else +#define MSVC_INT_CAST +#endif + +#include + +#include + +#include + +/* + * Prepare for using the sockets interface + */ +static int net_prepare( void ) +{ +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + WSADATA wsaData; + + if( wsa_init_done == 0 ) + { + if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 ) + return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + + wsa_init_done = 1; + } +#else +#if !defined(EFIX64) && !defined(EFI32) + signal( SIGPIPE, SIG_IGN ); +#endif +#endif + return( 0 ); +} + +/* + * Initialize a context + */ +void mbedtls_net_init( mbedtls_net_context *ctx ) +{ + ctx->fd = -1; +} + +/* + * Initiate a TCP connection with host:port and the given protocol + */ +int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, + const char *port, int proto ) +{ + int ret; + struct addrinfo hints, *addr_list, *cur; + + if( ( ret = net_prepare() ) != 0 ) + return( ret ); + + /* Do name resolution with both IPv6 and IPv4 */ + memset( &hints, 0, sizeof( hints ) ); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; + hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; + + if( getaddrinfo( host, port, &hints, &addr_list ) != 0 ) + return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); + + /* Try the sockaddrs until a connection succeeds */ + ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; + for( cur = addr_list; cur != NULL; cur = cur->ai_next ) + { + ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, + cur->ai_protocol ); + if( ctx->fd < 0 ) + { + ret = MBEDTLS_ERR_NET_SOCKET_FAILED; + continue; + } + + if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 ) + { + ret = 0; + break; + } + + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_CONNECT_FAILED; + } + + freeaddrinfo( addr_list ); + + return( ret ); +} + +/* + * Create a listening socket on bind_ip:port + */ +int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ) +{ + int n, ret; + struct addrinfo hints, *addr_list, *cur; + + if( ( ret = net_prepare() ) != 0 ) + return( ret ); + + /* Bind to IPv6 and/or IPv4, but only in the desired protocol */ + memset( &hints, 0, sizeof( hints ) ); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; + hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; + if( bind_ip == NULL ) + hints.ai_flags = AI_PASSIVE; + + if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 ) + return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); + + /* Try the sockaddrs until a binding succeeds */ + ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; + for( cur = addr_list; cur != NULL; cur = cur->ai_next ) + { + ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, + cur->ai_protocol ); + if( ctx->fd < 0 ) + { + ret = MBEDTLS_ERR_NET_SOCKET_FAILED; + continue; + } + + n = 1; + if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &n, sizeof( n ) ) != 0 ) + { + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_SOCKET_FAILED; + continue; + } + + if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 ) + { + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_BIND_FAILED; + continue; + } + + /* Listen only makes sense for TCP */ + if( proto == MBEDTLS_NET_PROTO_TCP ) + { + if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 ) + { + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_LISTEN_FAILED; + continue; + } + } + + /* Bind was successful */ + ret = 0; + break; + } + + freeaddrinfo( addr_list ); + + return( ret ); + +} + +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) +/* + * Check if the requested operation would be blocking on a non-blocking socket + * and thus 'failed' with a negative return value. + */ +static int net_would_block( const mbedtls_net_context *ctx ) +{ + ((void) ctx); + return( WSAGetLastError() == WSAEWOULDBLOCK ); +} +#else +/* + * Check if the requested operation would be blocking on a non-blocking socket + * and thus 'failed' with a negative return value. + * + * Note: on a blocking socket this function always returns 0! + */ +static int net_would_block( const mbedtls_net_context *ctx ) +{ + int err = errno; + + /* + * Never return 'WOULD BLOCK' on a non-blocking socket + */ + if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK ) + { + errno = err; + return( 0 ); + } + + switch( errno = err ) + { +#if defined EAGAIN + case EAGAIN: +#endif +#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN + case EWOULDBLOCK: +#endif + return( 1 ); + } + return( 0 ); +} +#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ + +/* + * Accept a connection from a remote client + */ +int mbedtls_net_accept( mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len ) +{ + int ret; + int type; + + struct sockaddr_storage client_addr; + +#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ + defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t) + socklen_t n = (socklen_t) sizeof( client_addr ); + socklen_t type_len = (socklen_t) sizeof( type ); +#else + int n = (int) sizeof( client_addr ); + int type_len = (int) sizeof( type ); +#endif + + /* Is this a TCP or UDP socket? */ + if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE, + (void *) &type, &type_len ) != 0 || + ( type != SOCK_STREAM && type != SOCK_DGRAM ) ) + { + return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + } + + if( type == SOCK_STREAM ) + { + /* TCP: actual accept() */ + ret = client_ctx->fd = (int) accept( bind_ctx->fd, + (struct sockaddr *) &client_addr, &n ); + } + else + { + /* UDP: wait for a message, but keep it in the queue */ + char buf[1] = { 0 }; + + ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, + (struct sockaddr *) &client_addr, &n ); + +#if defined(_WIN32) + if( ret == SOCKET_ERROR && + WSAGetLastError() == WSAEMSGSIZE ) + { + /* We know buf is too small, thanks, just peeking here */ + ret = 0; + } +#endif + } + + if( ret < 0 ) + { + if( net_would_block( bind_ctx ) != 0 ) + return( MBEDTLS_ERR_SSL_WANT_READ ); + + return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + } + + /* UDP: hijack the listening socket to communicate with the client, + * then bind a new socket to accept new connections */ + if( type != SOCK_STREAM ) + { + struct sockaddr_storage local_addr; + int one = 1; + + if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 ) + return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + + client_ctx->fd = bind_ctx->fd; + bind_ctx->fd = -1; /* In case we exit early */ + + n = sizeof( struct sockaddr_storage ); + if( getsockname( client_ctx->fd, + (struct sockaddr *) &local_addr, &n ) != 0 || + ( bind_ctx->fd = (int) socket( local_addr.ss_family, + SOCK_DGRAM, IPPROTO_UDP ) ) < 0 || + setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &one, sizeof( one ) ) != 0 ) + { + return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + } + + if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 ) + { + return( MBEDTLS_ERR_NET_BIND_FAILED ); + } + } + + if( client_ip != NULL ) + { + if( client_addr.ss_family == AF_INET ) + { + struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr; + *ip_len = sizeof( addr4->sin_addr.s_addr ); + + if( buf_size < *ip_len ) + return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + + memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len ); + } + else + { + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr; + *ip_len = sizeof( addr6->sin6_addr.s6_addr ); + + if( buf_size < *ip_len ) + return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + + memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len); + } + } + + return( 0 ); +} + +/* + * Set the socket blocking or non-blocking + */ +int mbedtls_net_set_block( mbedtls_net_context *ctx ) +{ +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + u_long n = 0; + return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); +#else + return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) ); +#endif +} + +int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) +{ +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + u_long n = 1; + return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); +#else + return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) ); +#endif +} + +/* + * Check if data is available on the socket + */ + +int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) +{ + int ret; + struct timeval tv; + + fd_set read_fds; + fd_set write_fds; + + int fd = ctx->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + +#if defined(__has_feature) +#if __has_feature(memory_sanitizer) + /* Ensure that memory sanitizers consider read_fds and write_fds as + * initialized even on platforms such as Glibc/x86_64 where FD_ZERO + * is implemented in assembly. */ + memset( &read_fds, 0, sizeof( read_fds ) ); + memset( &write_fds, 0, sizeof( write_fds ) ); +#endif +#endif + + FD_ZERO( &read_fds ); + if( rw & MBEDTLS_NET_POLL_READ ) + { + rw &= ~MBEDTLS_NET_POLL_READ; + FD_SET( fd, &read_fds ); + } + + FD_ZERO( &write_fds ); + if( rw & MBEDTLS_NET_POLL_WRITE ) + { + rw &= ~MBEDTLS_NET_POLL_WRITE; + FD_SET( fd, &write_fds ); + } + + if( rw != 0 ) + return( MBEDTLS_ERR_NET_BAD_INPUT_DATA ); + + tv.tv_sec = timeout / 1000; + tv.tv_usec = ( timeout % 1000 ) * 1000; + + do + { + ret = select( fd + 1, &read_fds, &write_fds, NULL, + timeout == (uint32_t) -1 ? NULL : &tv ); + } + while( IS_EINTR( ret ) ); + + if( ret < 0 ) + return( MBEDTLS_ERR_NET_POLL_FAILED ); + + ret = 0; + if( FD_ISSET( fd, &read_fds ) ) + ret |= MBEDTLS_NET_POLL_READ; + if( FD_ISSET( fd, &write_fds ) ) + ret |= MBEDTLS_NET_POLL_WRITE; + + return( ret ); +} + +/* + * Portable usleep helper + */ +void mbedtls_net_usleep( unsigned long usec ) +{ +#if defined(_WIN32) + Sleep( ( usec + 999 ) / 1000 ); +#else + struct timeval tv; + tv.tv_sec = usec / 1000000; +#if defined(__unix__) || defined(__unix) || \ + ( defined(__APPLE__) && defined(__MACH__) ) + tv.tv_usec = (suseconds_t) usec % 1000000; +#else + tv.tv_usec = usec % 1000000; +#endif + select( 0, NULL, NULL, NULL, &tv ); +#endif +} + +/* + * Read at most 'len' characters + */ +int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ) +{ + int ret; + int fd = ((mbedtls_net_context *) ctx)->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + ret = (int) read( fd, buf, len ); + + if( ret < 0 ) + { + if( net_would_block( ctx ) != 0 ) + return( MBEDTLS_ERR_SSL_WANT_READ ); + +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + if( WSAGetLastError() == WSAECONNRESET ) + return( MBEDTLS_ERR_NET_CONN_RESET ); +#else + if( errno == EPIPE || errno == ECONNRESET ) + return( MBEDTLS_ERR_NET_CONN_RESET ); + + if( errno == EINTR ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#endif + + return( MBEDTLS_ERR_NET_RECV_FAILED ); + } + + return( ret ); +} + +/* + * Read at most 'len' characters, blocking for at most 'timeout' ms + */ +int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, + size_t len, uint32_t timeout ) +{ + int ret; + struct timeval tv; + fd_set read_fds; + int fd = ((mbedtls_net_context *) ctx)->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + FD_ZERO( &read_fds ); + FD_SET( fd, &read_fds ); + + tv.tv_sec = timeout / 1000; + tv.tv_usec = ( timeout % 1000 ) * 1000; + + ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv ); + + /* Zero fds ready means we timed out */ + if( ret == 0 ) + return( MBEDTLS_ERR_SSL_TIMEOUT ); + + if( ret < 0 ) + { +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + if( WSAGetLastError() == WSAEINTR ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#else + if( errno == EINTR ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#endif + + return( MBEDTLS_ERR_NET_RECV_FAILED ); + } + + /* This call will not block */ + return( mbedtls_net_recv( ctx, buf, len ) ); +} + +/* + * Write at most 'len' characters + */ +int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ) +{ + int ret; + int fd = ((mbedtls_net_context *) ctx)->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + ret = (int) write( fd, buf, len ); + + if( ret < 0 ) + { + if( net_would_block( ctx ) != 0 ) + return( MBEDTLS_ERR_SSL_WANT_WRITE ); + +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + if( WSAGetLastError() == WSAECONNRESET ) + return( MBEDTLS_ERR_NET_CONN_RESET ); +#else + if( errno == EPIPE || errno == ECONNRESET ) + return( MBEDTLS_ERR_NET_CONN_RESET ); + + if( errno == EINTR ) + return( MBEDTLS_ERR_SSL_WANT_WRITE ); +#endif + + return( MBEDTLS_ERR_NET_SEND_FAILED ); + } + + return( ret ); +} + +/* + * Gracefully close the connection + */ +void mbedtls_net_free( mbedtls_net_context *ctx ) +{ + if( ctx->fd == -1 ) + return; + + shutdown( ctx->fd, 2 ); + close( ctx->fd ); + + ctx->fd = -1; +} + +#endif /* MBEDTLS_NET_C */ diff --git a/library/pkcs11.c b/library/pkcs11.c new file mode 100644 index 000000000..0ea64252e --- /dev/null +++ b/library/pkcs11.c @@ -0,0 +1,240 @@ +/** + * \file pkcs11.c + * + * \brief Wrapper for PKCS#11 library libpkcs11-helper + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#include "mbedtls/pkcs11.h" + +#if defined(MBEDTLS_PKCS11_C) + +#include "mbedtls/md.h" +#include "mbedtls/oid.h" +#include "mbedtls/x509_crt.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include + +void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); +} + +int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) +{ + int ret = 1; + unsigned char *cert_blob = NULL; + size_t cert_blob_size = 0; + + if( cert == NULL ) + { + ret = 2; + goto cleanup; + } + + if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, + &cert_blob_size ) != CKR_OK ) + { + ret = 3; + goto cleanup; + } + + cert_blob = mbedtls_calloc( 1, cert_blob_size ); + if( NULL == cert_blob ) + { + ret = 4; + goto cleanup; + } + + if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, + &cert_blob_size ) != CKR_OK ) + { + ret = 5; + goto cleanup; + } + + if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) ) + { + ret = 6; + goto cleanup; + } + + ret = 0; + +cleanup: + if( NULL != cert_blob ) + mbedtls_free( cert_blob ); + + return( ret ); +} + + +int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert ) +{ + int ret = 1; + mbedtls_x509_crt cert; + + mbedtls_x509_crt_init( &cert ); + + if( priv_key == NULL ) + goto cleanup; + + if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) ) + goto cleanup; + + priv_key->len = mbedtls_pk_get_len( &cert.pk ); + priv_key->pkcs11h_cert = pkcs11_cert; + + ret = 0; + +cleanup: + mbedtls_x509_crt_free( &cert ); + + return( ret ); +} + +void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ) +{ + if( NULL != priv_key ) + pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert ); +} + +int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ) +{ + size_t input_len, output_len; + + if( NULL == ctx ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + if( MBEDTLS_RSA_PRIVATE != mode ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + output_len = input_len = ctx->len; + + if( input_len < 16 || input_len > output_max_len ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + /* Determine size of output buffer */ + if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, NULL, &output_len ) != CKR_OK ) + { + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + } + + if( output_len > output_max_len ) + return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); + + if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, output, &output_len ) != CKR_OK ) + { + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + } + *olen = output_len; + return( 0 ); +} + +int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + size_t sig_len = 0, asn_len = 0, oid_size = 0; + unsigned char *p = sig; + const char *oid; + + if( NULL == ctx ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + if( MBEDTLS_RSA_PRIVATE != mode ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + if( md_alg != MBEDTLS_MD_NONE ) + { + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == NULL ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + hashlen = mbedtls_md_get_size( md_info ); + asn_len = 10 + oid_size; + } + + sig_len = ctx->len; + if( hashlen > sig_len || asn_len > sig_len || + hashlen + asn_len > sig_len ) + { + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + } + + if( md_alg != MBEDTLS_MD_NONE ) + { + /* + * DigestInfo ::= SEQUENCE { + * digestAlgorithm DigestAlgorithmIdentifier, + * digest Digest } + * + * DigestAlgorithmIdentifier ::= AlgorithmIdentifier + * + * Digest ::= OCTET STRING + */ + *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; + *p++ = (unsigned char) ( 0x08 + oid_size + hashlen ); + *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; + *p++ = (unsigned char) ( 0x04 + oid_size ); + *p++ = MBEDTLS_ASN1_OID; + *p++ = oid_size & 0xFF; + memcpy( p, oid, oid_size ); + p += oid_size; + *p++ = MBEDTLS_ASN1_NULL; + *p++ = 0x00; + *p++ = MBEDTLS_ASN1_OCTET_STRING; + *p++ = hashlen; + } + + memcpy( p, hash, hashlen ); + + if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, + asn_len + hashlen, sig, &sig_len ) != CKR_OK ) + { + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + } + + return( 0 ); +} + +#endif /* defined(MBEDTLS_PKCS11_C) */ diff --git a/library/ssl_cache.c b/library/ssl_cache.c new file mode 100644 index 000000000..62a0a2987 --- /dev/null +++ b/library/ssl_cache.c @@ -0,0 +1,353 @@ +/* + * SSL session cache implementation + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * These session callbacks use a simple chained list + * to store and retrieve the session information. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_CACHE_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/ssl_cache.h" +#include "mbedtls/ssl_internal.h" + +#include + +void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) +{ + memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); + + cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; + cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &cache->mutex ); +#endif +} + +int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) +{ + int ret = 1; +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t t = mbedtls_time( NULL ); +#endif + mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; + mbedtls_ssl_cache_entry *cur, *entry; + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) + return( 1 ); +#endif + + cur = cache->chain; + entry = NULL; + + while( cur != NULL ) + { + entry = cur; + cur = cur->next; + +#if defined(MBEDTLS_HAVE_TIME) + if( cache->timeout != 0 && + (int) ( t - entry->timestamp ) > cache->timeout ) + continue; +#endif + + if( session->ciphersuite != entry->session.ciphersuite || + session->compression != entry->session.compression || + session->id_len != entry->session.id_len ) + continue; + + if( memcmp( session->id, entry->session.id, + entry->session.id_len ) != 0 ) + continue; + + ret = mbedtls_ssl_session_copy( session, &entry->session ); + if( ret != 0 ) + { + ret = 1; + goto exit; + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* + * Restore peer certificate (without rest of the original chain) + */ + if( entry->peer_cert.p != NULL ) + { + /* `session->peer_cert` is NULL after the call to + * mbedtls_ssl_session_copy(), because cache entries + * have the `peer_cert` field set to NULL. */ + + if( ( session->peer_cert = mbedtls_calloc( 1, + sizeof(mbedtls_x509_crt) ) ) == NULL ) + { + ret = 1; + goto exit; + } + + mbedtls_x509_crt_init( session->peer_cert ); + if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, + entry->peer_cert.len ) != 0 ) + { + mbedtls_free( session->peer_cert ); + session->peer_cert = NULL; + ret = 1; + goto exit; + } + } +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + ret = 0; + goto exit; + } + +exit: +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) + ret = 1; +#endif + + return( ret ); +} + +int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) +{ + int ret = 1; +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; + mbedtls_ssl_cache_entry *old = NULL; +#endif + mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; + mbedtls_ssl_cache_entry *cur, *prv; + int count = 0; + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) + return( ret ); +#endif + + cur = cache->chain; + prv = NULL; + + while( cur != NULL ) + { + count++; + +#if defined(MBEDTLS_HAVE_TIME) + if( cache->timeout != 0 && + (int) ( t - cur->timestamp ) > cache->timeout ) + { + cur->timestamp = t; + break; /* expired, reuse this slot, update timestamp */ + } +#endif + + if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) + break; /* client reconnected, keep timestamp for session id */ + +#if defined(MBEDTLS_HAVE_TIME) + if( oldest == 0 || cur->timestamp < oldest ) + { + oldest = cur->timestamp; + old = cur; + } +#endif + + prv = cur; + cur = cur->next; + } + + if( cur == NULL ) + { +#if defined(MBEDTLS_HAVE_TIME) + /* + * Reuse oldest entry if max_entries reached + */ + if( count >= cache->max_entries ) + { + if( old == NULL ) + { + ret = 1; + goto exit; + } + + cur = old; + } +#else /* MBEDTLS_HAVE_TIME */ + /* + * Reuse first entry in chain if max_entries reached, + * but move to last place + */ + if( count >= cache->max_entries ) + { + if( cache->chain == NULL ) + { + ret = 1; + goto exit; + } + + cur = cache->chain; + cache->chain = cur->next; + cur->next = NULL; + prv->next = cur; + } +#endif /* MBEDTLS_HAVE_TIME */ + else + { + /* + * max_entries not reached, create new entry + */ + cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); + if( cur == NULL ) + { + ret = 1; + goto exit; + } + + if( prv == NULL ) + cache->chain = cur; + else + prv->next = cur; + } + +#if defined(MBEDTLS_HAVE_TIME) + cur->timestamp = t; +#endif + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* + * If we're reusing an entry, free its certificate first + */ + if( cur->peer_cert.p != NULL ) + { + mbedtls_free( cur->peer_cert.p ); + memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + } +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + /* Copy the entire session; this temporarily makes a copy of the + * X.509 CRT structure even though we only want to store the raw CRT. + * This inefficiency will go away as soon as we implement on-demand + * parsing of CRTs, in which case there's no need for the `peer_cert` + * field anymore in the first place, and we're done after this call. */ + ret = mbedtls_ssl_session_copy( &cur->session, session ); + if( ret != 0 ) + { + ret = 1; + goto exit; + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* If present, free the X.509 structure and only store the raw CRT data. */ + if( cur->session.peer_cert != NULL ) + { + cur->peer_cert.p = + mbedtls_calloc( 1, cur->session.peer_cert->raw.len ); + if( cur->peer_cert.p == NULL ) + { + ret = 1; + goto exit; + } + + memcpy( cur->peer_cert.p, + cur->session.peer_cert->raw.p, + cur->session.peer_cert->raw.len ); + cur->peer_cert.len = session->peer_cert->raw.len; + + mbedtls_x509_crt_free( cur->session.peer_cert ); + mbedtls_free( cur->session.peer_cert ); + cur->session.peer_cert = NULL; + } +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + ret = 0; + +exit: +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) + ret = 1; +#endif + + return( ret ); +} + +#if defined(MBEDTLS_HAVE_TIME) +void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) +{ + if( timeout < 0 ) timeout = 0; + + cache->timeout = timeout; +} +#endif /* MBEDTLS_HAVE_TIME */ + +void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) +{ + if( max < 0 ) max = 0; + + cache->max_entries = max; +} + +void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) +{ + mbedtls_ssl_cache_entry *cur, *prv; + + cur = cache->chain; + + while( cur != NULL ) + { + prv = cur; + cur = cur->next; + + mbedtls_ssl_session_free( &prv->session ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_free( prv->peer_cert.p ); +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + mbedtls_free( prv ); + } + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &cache->mutex ); +#endif + cache->chain = NULL; +} + +#endif /* MBEDTLS_SSL_CACHE_C */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c new file mode 100644 index 000000000..518f7dde0 --- /dev/null +++ b/library/ssl_ciphersuites.c @@ -0,0 +1,2373 @@ +/** + * \file ssl_ciphersuites.c + * + * \brief SSL ciphersuites for mbed TLS + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_TLS_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#endif + +#include "mbedtls/ssl_ciphersuites.h" +#include "mbedtls/ssl.h" + +#include + +/* + * Ordered from most preferred to least preferred in terms of security. + * + * Current rule (except RC4 and 3DES, weak and null which come last): + * 1. By key exchange: + * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK + * 2. By key length and cipher: + * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 + * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 + * 4. By hash function used when relevant + * 5. By key exchange/auth again: EC > non-EC + */ +static const int ciphersuite_preference[] = +{ +#if defined(MBEDTLS_SSL_CIPHERSUITES) + MBEDTLS_SSL_CIPHERSUITES, +#else + /* Chacha-Poly ephemeral suites */ + MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + + /* All AES-256 ephemeral suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, + + /* All CAMELLIA-256 ephemeral suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, + + /* All ARIA-256 ephemeral suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, + + /* All AES-128 ephemeral suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, + + /* All CAMELLIA-128 ephemeral suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, + + /* All ARIA-128 ephemeral suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, + + /* The PSK ephemeral suites */ + MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, + MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, + + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, + MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, + + /* The ECJPAKE suite */ + MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, + + /* All AES-256 suites */ + MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_RSA_WITH_AES_256_CCM, + MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, + + /* All CAMELLIA-256 suites */ + MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + + /* All ARIA-256 suites */ + MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, + MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, + + /* All AES-128 suites */ + MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_RSA_WITH_AES_128_CCM, + MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, + + /* All CAMELLIA-128 suites */ + MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + + /* All ARIA-128 suites */ + MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, + + /* The RSA PSK suites */ + MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, + + MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, + + /* The PSK suites */ + MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_PSK_WITH_AES_256_CCM, + MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, + MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, + MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, + + MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_128_CCM, + MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, + MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, + MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, + + /* 3DES suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, + + /* RC4 suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, + MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, + + /* Weak suites */ + MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, + + /* NULL suites */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, + + MBEDTLS_TLS_RSA_WITH_NULL_SHA256, + MBEDTLS_TLS_RSA_WITH_NULL_SHA, + MBEDTLS_TLS_RSA_WITH_NULL_MD5, + MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, + MBEDTLS_TLS_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_PSK_WITH_NULL_SHA, + +#endif /* MBEDTLS_SSL_CIPHERSUITES */ + 0 +}; + +static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = +{ +#if defined(MBEDTLS_CHACHAPOLY_C) && \ + defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, + "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, + "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, + "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256", + MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, + MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#endif /* MBEDTLS_CHACHAPOLY_C && + MBEDTLS_SHA256_C && + MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_MD5_C) + { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#if defined(MBEDTLS_MD5_C) + { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", + MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", + MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ +#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ + +#if defined(MBEDTLS_ARIA_C) + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, + "TLS-RSA-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, + "TLS-RSA-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, + "TLS-RSA-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, + "TLS-RSA-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, + "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, + "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, + "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, + "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, + "TLS-PSK-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, + "TLS-PSK-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, + "TLS-PSK-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, + "TLS-PSK-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, + "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, + "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, + "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, + "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, + "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, + "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, + "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, + "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, + "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, + "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, + "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, + "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, + "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, + "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, + "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, + "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, + "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, + "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, + "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, + "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, + "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, + "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, + "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) + { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, + "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", + MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, + "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) + { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, + "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", + MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif + +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#endif /* MBEDTLS_ARIA_C */ + + + { 0, "", + MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, + 0, 0, 0, 0, 0 } +}; + +#if defined(MBEDTLS_SSL_CIPHERSUITES) +const int *mbedtls_ssl_list_ciphersuites( void ) +{ + return( ciphersuite_preference ); +} +#else +#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ + sizeof( ciphersuite_definitions[0] ) +static int supported_ciphersuites[MAX_CIPHERSUITES]; +static int supported_init = 0; + +static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) +{ + (void)cs_info; + +#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) + if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + return( 1 ); +#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ + +#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) + if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || + cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) + { + return( 1 ); + } +#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ + + return( 0 ); +} + +const int *mbedtls_ssl_list_ciphersuites( void ) +{ + /* + * On initial call filter out all ciphersuites not supported by current + * build based on presence in the ciphersuite_definitions. + */ + if( supported_init == 0 ) + { + const int *p; + int *q; + + for( p = ciphersuite_preference, q = supported_ciphersuites; + *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; + p++ ) + { + const mbedtls_ssl_ciphersuite_t *cs_info; + if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && + !ciphersuite_is_removed( cs_info ) ) + { + *(q++) = *p; + } + } + *q = 0; + + supported_init = 1; + } + + return( supported_ciphersuites ); +} +#endif /* MBEDTLS_SSL_CIPHERSUITES */ + +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( + const char *ciphersuite_name ) +{ + const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; + + if( NULL == ciphersuite_name ) + return( NULL ); + + while( cur->id != 0 ) + { + if( 0 == strcmp( cur->name, ciphersuite_name ) ) + return( cur ); + + cur++; + } + + return( NULL ); +} + +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) +{ + const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; + + while( cur->id != 0 ) + { + if( cur->id == ciphersuite ) + return( cur ); + + cur++; + } + + return( NULL ); +} + +const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) +{ + const mbedtls_ssl_ciphersuite_t *cur; + + cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); + + if( cur == NULL ) + return( "unknown" ); + + return( cur->name ); +} + +int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) +{ + const mbedtls_ssl_ciphersuite_t *cur; + + cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); + + if( cur == NULL ) + return( 0 ); + + return( cur->id ); +} + +#if defined(MBEDTLS_PK_C) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( MBEDTLS_PK_RSA ); + + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( MBEDTLS_PK_ECDSA ); + + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( MBEDTLS_PK_ECKEY ); + + default: + return( MBEDTLS_PK_NONE ); + } +} + +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + return( MBEDTLS_PK_RSA ); + + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( MBEDTLS_PK_ECDSA ); + + default: + return( MBEDTLS_PK_NONE ); + } +} + +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c new file mode 100644 index 000000000..4e5b3a602 --- /dev/null +++ b/library/ssl_cli.c @@ -0,0 +1,3944 @@ +/* + * SSLv3/TLSv1 client-side functions + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_CLI_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#include + +#include + +#if defined(MBEDTLS_HAVE_TIME) +#include "mbedtls/platform_time.h" +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#include "mbedtls/platform_util.h" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) +{ + if( conf->psk_identity == NULL || + conf->psk_identity_len == 0 ) + { + return( 0 ); + } + + if( conf->psk != NULL && conf->psk_len != 0 ) + return( 1 ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( conf->psk_opaque != 0 ) + return( 1 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + return( 0 ); +} + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf ) +{ + if( conf->psk_identity == NULL || + conf->psk_identity_len == 0 ) + { + return( 0 ); + } + + if( conf->psk != NULL && conf->psk_len != 0 ) + return( 1 ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t hostname_len; + + *olen = 0; + + if( ssl->hostname == NULL ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s", + ssl->hostname ) ); + + hostname_len = strlen( ssl->hostname ); + + if( end < p || (size_t)( end - p ) < hostname_len + 9 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + /* + * Sect. 3, RFC 6066 (TLS Extensions Definitions) + * + * In order to provide any of the server names, clients MAY include an + * extension of type "server_name" in the (extended) client hello. The + * "extension_data" field of this extension SHALL contain + * "ServerNameList" where: + * + * struct { + * NameType name_type; + * select (name_type) { + * case host_name: HostName; + * } name; + * } ServerName; + * + * enum { + * host_name(0), (255) + * } NameType; + * + * opaque HostName<1..2^16-1>; + * + * struct { + * ServerName server_name_list<1..2^16-1> + * } ServerNameList; + * + */ + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); + + *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); + + *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); + + memcpy( p, ssl->hostname, hostname_len ); + + *olen = hostname_len + 9; +} +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + /* We're always including an TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the + * initial ClientHello, in which case also adding the renegotiation + * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */ + if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) ); + + if( end < p || (size_t)( end - p ) < 5 + ssl->verify_data_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + /* + * Secure renegotiation + */ + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + + *p++ = 0x00; + *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; + *p++ = ssl->verify_data_len & 0xFF; + + memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + + *olen = 5 + ssl->verify_data_len; +} +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/* + * Only if we handle at least one key exchange that needs signatures. + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t sig_alg_len = 0; + const int *md; +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) + unsigned char *sig_alg_list = buf + 6; +#endif + + *olen = 0; + + if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding signature_algorithms extension" ) ); + + for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) + { +#if defined(MBEDTLS_ECDSA_C) + sig_alg_len += 2; +#endif +#if defined(MBEDTLS_RSA_C) + sig_alg_len += 2; +#endif + } + + if( end < p || (size_t)( end - p ) < sig_alg_len + 6 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + /* + * Prepare signature_algorithms extension (TLS 1.2) + */ + sig_alg_len = 0; + + for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) + { +#if defined(MBEDTLS_ECDSA_C) + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA; +#endif +#if defined(MBEDTLS_RSA_C) + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA; +#endif + } + + /* + * enum { + * none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5), + * sha512(6), (255) + * } HashAlgorithm; + * + * enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) } + * SignatureAlgorithm; + * + * struct { + * HashAlgorithm hash; + * SignatureAlgorithm signature; + * } SignatureAndHashAlgorithm; + * + * SignatureAndHashAlgorithm + * supported_signature_algorithms<2..2^16-2>; + */ + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); + + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + + *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + + *olen = 6 + sig_alg_len; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + unsigned char *elliptic_curve_list = p + 6; + size_t elliptic_curve_len = 0; + const mbedtls_ecp_curve_info *info; +#if defined(MBEDTLS_ECP_C) + const mbedtls_ecp_group_id *grp_id; +#else + ((void) ssl); +#endif + + *olen = 0; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) ); + +#if defined(MBEDTLS_ECP_C) + for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) +#else + for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) +#endif + { +#if defined(MBEDTLS_ECP_C) + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); +#endif + if( info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid curve in ssl configuration" ) ); + return; + } + + elliptic_curve_len += 2; + } + + if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + elliptic_curve_len = 0; + +#if defined(MBEDTLS_ECP_C) + for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) +#else + for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) +#endif + { +#if defined(MBEDTLS_ECP_C) + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); +#endif + elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; + elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; + } + + if( elliptic_curve_len == 0 ) + return; + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF ); + + *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); + + *p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF ); + + *olen = 6 + elliptic_curve_len; +} + +static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_point_formats extension" ) ); + + if( end < p || (size_t)( end - p ) < 6 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + + *p++ = 0x00; + *p++ = 2; + + *p++ = 1; + *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED; + + *olen = 6; +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + int ret; + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t kkpp_len; + + *olen = 0; + + /* Skip costly extension if we can't use EC J-PAKE anyway */ + if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding ecjpake_kkpp extension" ) ); + + if( end - p < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + + /* + * We may need to send ClientHello multiple times for Hello verification. + * We don't want to compute fresh values every time (both for performance + * and consistency reasons), so cache the extension content. + */ + if( ssl->handshake->ecjpake_cache == NULL || + ssl->handshake->ecjpake_cache_len == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "generating new ecjpake parameters" ) ); + + ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, + p + 2, end - p - 2, &kkpp_len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret ); + return; + } + + ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len ); + if( ssl->handshake->ecjpake_cache == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "allocation failed" ) ); + return; + } + + memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len ); + ssl->handshake->ecjpake_cache_len = kkpp_len; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "re-using cached ecjpake parameters" ) ); + + kkpp_len = ssl->handshake->ecjpake_cache_len; + + if( (size_t)( end - p - 2 ) < kkpp_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); + } + + *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + + *olen = kkpp_len + 4; +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); + + if( end < p || (size_t)( end - p ) < 5 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + + *p++ = 0x00; + *p++ = 1; + + *p++ = ssl->conf->mfl_code; + + *olen = 5; +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) + { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding truncated_hmac extension" ) ); + + if( end < p || (size_t)( end - p ) < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding encrypt_then_mac " + "extension" ) ); + + if( end < p || (size_t)( end - p ) < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding extended_master_secret " + "extension" ) ); + + if( end < p || (size_t)( end - p ) < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t tlen = ssl->session_negotiate->ticket_len; + + *olen = 0; + + if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ) + { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding session ticket extension" ) ); + + if( end < p || (size_t)( end - p ) < 4 + tlen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + + *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( tlen ) & 0xFF ); + + *olen = 4; + + if( ssl->session_negotiate->ticket == NULL || tlen == 0 ) + { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "sending session ticket of length %d", tlen ) ); + + memcpy( p, ssl->session_negotiate->ticket, tlen ); + + *olen += tlen; +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_ALPN) +static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t alpnlen = 0; + const char **cur; + + *olen = 0; + + if( ssl->conf->alpn_list == NULL ) + { + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); + + for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) + alpnlen += (unsigned char)( strlen( *cur ) & 0xFF ) + 1; + + if( end < p || (size_t)( end - p ) < 6 + alpnlen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + + /* + * opaque ProtocolName<1..2^8-1>; + * + * struct { + * ProtocolName protocol_name_list<2..2^16-1> + * } ProtocolNameList; + */ + + /* Skip writing extension and list length for now */ + p += 4; + + for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) + { + *p = (unsigned char)( strlen( *cur ) & 0xFF ); + memcpy( p + 1, *cur, *p ); + p += 1 + *p; + } + + *olen = p - buf; + + /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ + buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + + /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ + buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); +} +#endif /* MBEDTLS_SSL_ALPN */ + +/* + * Generate random bytes for ClientHello + */ +static int ssl_generate_random( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *p = ssl->handshake->randbytes; +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t t; +#endif + + /* + * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1) + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie != NULL ) + { + return( 0 ); + } +#endif + +#if defined(MBEDTLS_HAVE_TIME) + t = mbedtls_time( NULL ); + *p++ = (unsigned char)( t >> 24 ); + *p++ = (unsigned char)( t >> 16 ); + *p++ = (unsigned char)( t >> 8 ); + *p++ = (unsigned char)( t ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); +#else + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) + return( ret ); + + p += 4; +#endif /* MBEDTLS_HAVE_TIME */ + + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +/** + * \brief Validate cipher suite against config in SSL context. + * + * \param suite_info cipher suite to validate + * \param ssl SSL context + * \param min_minor_ver Minimal minor version to accept a cipher suite + * \param max_minor_ver Maximal minor version to accept a cipher suite + * + * \return 0 if valid, else 1 + */ +static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_info, + const mbedtls_ssl_context * ssl, + int min_minor_ver, int max_minor_ver ) +{ + (void) ssl; + if( suite_info == NULL ) + return( 1 ); + + if( suite_info->min_minor_ver > max_minor_ver || + suite_info->max_minor_ver < min_minor_ver ) + return( 1 ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) + return( 1 ); +#endif + +#if defined(MBEDTLS_ARC4_C) + if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + return( 1 ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) + return( 1 ); +#endif + + /* Don't suggest PSK-based ciphersuite if no PSK is available. */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && + ssl_conf_has_static_psk( ssl->conf ) == 0 ) + { + return( 1 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + + return( 0 ); +} + +static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) +{ + int ret; + size_t i, n, olen, ext_len = 0; + unsigned char *buf; + unsigned char *p, *q; + unsigned char offer_compress; + const int *ciphersuites; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + int uses_ec = 0; +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) +#endif + { + ssl->major_ver = ssl->conf->min_major_ver; + ssl->minor_ver = ssl->conf->min_minor_ver; + } + + if( ssl->conf->max_major_ver == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " + "consider using mbedtls_ssl_config_defaults()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 highest version supported + * 6 . 9 current UNIX time + * 10 . 37 random bytes + */ + buf = ssl->out_msg; + p = buf + 4; + + mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, + ssl->conf->transport, p ); + p += 2; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", + buf[4], buf[5] ) ); + + if( ( ret = ssl_generate_random( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); + return( ret ); + } + + memcpy( p, ssl->handshake->randbytes, 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 ); + p += 32; + + /* + * 38 . 38 session id length + * 39 . 39+n session id + * 39+n . 39+n DTLS only: cookie length (1 byte) + * 40+n . .. DTSL only: cookie + * .. . .. ciphersuitelist length (2 bytes) + * .. . .. ciphersuitelist + * .. . .. compression methods length (1 byte) + * .. . .. compression methods + * .. . .. extensions length (2 bytes) + * .. . .. extensions + */ + n = ssl->session_negotiate->id_len; + + if( n < 16 || n > 32 || +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || +#endif + ssl->handshake->resume == 0 ) + { + n = 0; + } + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + /* + * RFC 5077 section 3.4: "When presenting a ticket, the client MAY + * generate and include a Session ID in the TLS ClientHello." + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) +#endif + { + if( ssl->session_negotiate->ticket != NULL && + ssl->session_negotiate->ticket_len != 0 ) + { + ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 ); + + if( ret != 0 ) + return( ret ); + + ssl->session_negotiate->id_len = n = 32; + } + } +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + + *p++ = (unsigned char) n; + + for( i = 0; i < n; i++ ) + *p++ = ssl->session_negotiate->id[i]; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); + + /* + * DTLS cookie + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ssl->handshake->verify_cookie == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) ); + *p++ = 0; + } + else + { + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", + ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len ); + + *p++ = ssl->handshake->verify_cookie_len; + memcpy( p, ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len ); + p += ssl->handshake->verify_cookie_len; + } + } +#endif + + /* + * Ciphersuite list + */ + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; + + /* Skip writing ciphersuite length for now */ + n = 0; + q = p; + p += 2; + + for( i = 0; ciphersuites[i] != 0; i++ ) + { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + + if( ssl_validate_ciphersuite( ciphersuite_info, ssl, + ssl->conf->min_minor_ver, + ssl->conf->max_minor_ver ) != 0 ) + continue; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x", + ciphersuites[i] ) ); + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info ); +#endif + + n++; + *p++ = (unsigned char)( ciphersuites[i] >> 8 ); + *p++ = (unsigned char)( ciphersuites[i] ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites (excluding SCSVs)", n ) ); + + /* + * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); + *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); + *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); + n++; + } + + /* Some versions of OpenSSL don't handle it correctly if not at end */ +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); + *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ); + *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ); + n++; + } +#endif + + *q++ = (unsigned char)( n >> 7 ); + *q++ = (unsigned char)( n << 1 ); + +#if defined(MBEDTLS_ZLIB_SUPPORT) + offer_compress = 1; +#else + offer_compress = 0; +#endif + + /* + * We don't support compression with DTLS right now: if many records come + * in the same datagram, uncompressing one could overwrite the next one. + * We don't want to add complexity for handling that case unless there is + * an actual need for it. + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + offer_compress = 0; +#endif + + if( offer_compress ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", + MBEDTLS_SSL_COMPRESS_DEFLATE, MBEDTLS_SSL_COMPRESS_NULL ) ); + + *p++ = 2; + *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE; + *p++ = MBEDTLS_SSL_COMPRESS_NULL; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", + MBEDTLS_SSL_COMPRESS_NULL ) ); + + *p++ = 1; + *p++ = MBEDTLS_SSL_COMPRESS_NULL; + } + + // First write extensions, then the total length + // +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + ssl_write_hostname_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + + /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added + * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( uses_ec ) + { + ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; + + ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_ALPN) + ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + + /* olen unused if all extensions are disabled */ + ((void) olen); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", + ext_len ) ); + + if( ext_len > 0 ) + { + *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + p += ext_len; + } + + ssl->out_msglen = p - buf; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_HELLO; + + ssl->state++; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); +#endif + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + + return( 0 ); +} + +static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + /* Check verify-data in constant-time. The length OTOH is no secret */ + if( len != 1 + ssl->verify_data_len * 2 || + buf[0] != ssl->verify_data_len * 2 || + mbedtls_ssl_safer_memcmp( buf + 1, + ssl->own_verify_data, ssl->verify_data_len ) != 0 || + mbedtls_ssl_safer_memcmp( buf + 1 + ssl->verify_data_len, + ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + else +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + { + if( len != 1 || buf[0] != 0x00 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; + } + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + /* + * server should use the extension only if we did, + * and if so the server's value should match ours (and len is always 1) + */ + if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || + len != 1 || + buf[0] != ssl->conf->mfl_code ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching max fragment length extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + return( 0 ); +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || + len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching truncated HMAC extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ((void) buf); + + ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || + len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching encrypt-then-MAC extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ((void) buf); + + ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || + len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching extended master secret extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ((void) buf); + + ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || + len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching session ticket extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ((void) buf); + + ssl->handshake->new_session_ticket = 1; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t list_size; + const unsigned char *p; + + if( len == 0 || (size_t)( buf[0] + 1 ) != len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + list_size = buf[0]; + + p = buf + 1; + while( list_size > 0 ) + { + if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED ) + { +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + ssl->handshake->ecdh_ctx.point_format = p[0]; +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + ssl->handshake->ecjpake_ctx.point_format = p[0]; +#endif + MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); + return( 0 ); + } + + list_size--; + p++; + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + int ret; + + if( ssl->transform_negotiate->ciphersuite_info->key_exchange != + MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); + return( 0 ); + } + + /* If we got here, we no longer need our cached extension */ + mbedtls_free( ssl->handshake->ecjpake_cache ); + ssl->handshake->ecjpake_cache = NULL; + ssl->handshake->ecjpake_cache_len = 0; + + if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, + buf, len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( ret ); + } + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_ALPN) +static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ + size_t list_len, name_len; + const char **p; + + /* If we didn't send it, the server shouldn't send it */ + if( ssl->conf->alpn_list == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching ALPN extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + /* + * opaque ProtocolName<1..2^8-1>; + * + * struct { + * ProtocolName protocol_name_list<2..2^16-1> + * } ProtocolNameList; + * + * the "ProtocolNameList" MUST contain exactly one "ProtocolName" + */ + + /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ + if( len < 4 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + list_len = ( buf[0] << 8 ) | buf[1]; + if( list_len != len - 2 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + name_len = buf[2]; + if( name_len != list_len - 1 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + /* Check that the server chosen protocol was in our list and save it */ + for( p = ssl->conf->alpn_list; *p != NULL; p++ ) + { + if( name_len == strlen( *p ) && + memcmp( buf + 3, *p, name_len ) == 0 ) + { + ssl->alpn_chosen = *p; + return( 0 ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); +} +#endif /* MBEDTLS_SSL_ALPN */ + +/* + * Parse HelloVerifyRequest. Only called after verifying the HS type. + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) +{ + const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + int major_ver, minor_ver; + unsigned char cookie_len; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) ); + + /* + * struct { + * ProtocolVersion server_version; + * opaque cookie<0..2^8-1>; + * } HelloVerifyRequest; + */ + MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); + mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); + p += 2; + + /* + * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) + * even is lower than our min version. + */ + if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || + minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || + major_ver > ssl->conf->max_major_ver || + minor_ver > ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + cookie_len = *p++; + MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); + + if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, + ( "cookie length does not match incoming message size" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + mbedtls_free( ssl->handshake->verify_cookie ); + + ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len ); + if( ssl->handshake->verify_cookie == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + memcpy( ssl->handshake->verify_cookie, p, cookie_len ); + ssl->handshake->verify_cookie_len = cookie_len; + + /* Start over at ClientHello */ + ssl->state = MBEDTLS_SSL_CLIENT_HELLO; + mbedtls_ssl_reset_checksum( ssl ); + + mbedtls_ssl_recv_flight_completed( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) +{ + int ret, i; + size_t n; + size_t ext_len; + unsigned char *buf, *ext; + unsigned char comp; +#if defined(MBEDTLS_ZLIB_SUPPORT) + int accept_comp; +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renegotiation_info_seen = 0; +#endif + int handshake_failure = 0; + const mbedtls_ssl_ciphersuite_t *suite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); + + buf = ssl->in_msg; + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + /* No alert on a read error. */ + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + ssl->renego_records_seen++; + + if( ssl->conf->renego_max_records >= 0 && + ssl->renego_records_seen > ssl->conf->renego_max_records ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " + "but not honored by server" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) ); + + ssl->keep_current_message = 1; + return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + return( ssl_parse_hello_verify_request( ssl ) ); + } + else + { + /* We made it through the verification process */ + mbedtls_free( ssl->handshake->verify_cookie ); + ssl->handshake->verify_cookie = NULL; + ssl->handshake->verify_cookie_len = 0; + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) || + buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + /* + * 0 . 1 server_version + * 2 . 33 random (maybe including 4 bytes of Unix time) + * 34 . 34 session_id length = n + * 35 . 34+n session_id + * 35+n . 36+n cipher_suite + * 37+n . 37+n compression_method + * + * 38+n . 39+n extensions length (optional) + * 40+n . .. extensions + */ + buf += mbedtls_ssl_hs_hdr_len( ssl ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); + mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf + 0 ); + + if( ssl->major_ver < ssl->conf->min_major_ver || + ssl->minor_ver < ssl->conf->min_minor_ver || + ssl->major_ver > ssl->conf->max_major_ver || + ssl->minor_ver > ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server version out of bounds - " + " min: [%d:%d], server: [%d:%d], max: [%d:%d]", + ssl->conf->min_major_ver, ssl->conf->min_minor_ver, + ssl->major_ver, ssl->minor_ver, + ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", + ( (uint32_t) buf[2] << 24 ) | + ( (uint32_t) buf[3] << 16 ) | + ( (uint32_t) buf[4] << 8 ) | + ( (uint32_t) buf[5] ) ) ); + + memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 ); + + n = buf[34]; + + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); + + if( n > 32 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n ) + { + ext_len = ( ( buf[38 + n] << 8 ) + | ( buf[39 + n] ) ); + + if( ( ext_len > 0 && ext_len < 4 ) || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n ) + { + ext_len = 0; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + /* ciphersuite (used later) */ + i = ( buf[35 + n] << 8 ) | buf[36 + n]; + + /* + * Read and check compression + */ + comp = buf[37 + n]; + +#if defined(MBEDTLS_ZLIB_SUPPORT) + /* See comments in ssl_write_client_hello() */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + accept_comp = 0; + else +#endif + accept_comp = 1; + + if( comp != MBEDTLS_SSL_COMPRESS_NULL && + ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) ) +#else /* MBEDTLS_ZLIB_SUPPORT */ + if( comp != MBEDTLS_SSL_COMPRESS_NULL ) +#endif/* MBEDTLS_ZLIB_SUPPORT */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server hello, bad compression: %d", comp ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + /* + * Initialize update checksum functions + */ + ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); + + if( ssl->transform_negotiate->ciphersuite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n ); + + /* + * Check if the session can be resumed + */ + if( ssl->handshake->resume == 0 || n == 0 || +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || +#endif + ssl->session_negotiate->ciphersuite != i || + ssl->session_negotiate->compression != comp || + ssl->session_negotiate->id_len != n || + memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) + { + ssl->state++; + ssl->handshake->resume = 0; +#if defined(MBEDTLS_HAVE_TIME) + ssl->session_negotiate->start = mbedtls_time( NULL ); +#endif + ssl->session_negotiate->ciphersuite = i; + ssl->session_negotiate->compression = comp; + ssl->session_negotiate->id_len = n; + memcpy( ssl->session_negotiate->id, buf + 35, n ); + } + else + { + ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; + + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( ret ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", + ssl->handshake->resume ? "a" : "no" ) ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", i ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[37 + n] ) ); + + /* + * Perform cipher suite validation in same way as in ssl_write_client_hello. + */ + i = 0; + while( 1 ) + { + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == + ssl->session_negotiate->ciphersuite ) + { + break; + } + } + + suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); + if( ssl_validate_ciphersuite( suite_info, ssl, ssl->minor_ver, ssl->minor_ver ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", suite_info->name ) ); + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + ssl->handshake->ecrs_enabled = 1; + } +#endif + + if( comp != MBEDTLS_SSL_COMPRESS_NULL +#if defined(MBEDTLS_ZLIB_SUPPORT) + && comp != MBEDTLS_SSL_COMPRESS_DEFLATE +#endif + ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + ssl->session_negotiate->compression = comp; + + ext = buf + 40 + n; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server hello, total extension length: %d", ext_len ) ); + + while( ext_len ) + { + unsigned int ext_id = ( ( ext[0] << 8 ) + | ( ext[1] ) ); + unsigned int ext_size = ( ( ext[2] << 8 ) + | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + switch( ext_id ) + { + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + renegotiation_info_seen = 1; +#endif + + if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, + ext_size ) ) != 0 ) + return( ret ); + + break; + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); + + if( ( ret = ssl_parse_max_fragment_length_ext( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); + + if( ( ret = ssl_parse_truncated_hmac_ext( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); + + if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) ); + + if( ( ret = ssl_parse_extended_ms_ext( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) ); + + if( ( ret = ssl_parse_session_ticket_ext( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_point_formats extension" ) ); + + if( ( ret = ssl_parse_supported_point_formats_ext( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake_kkpp extension" ) ); + + if( ( ret = ssl_parse_ecjpake_kkpp( ssl, + ext + 4, ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_ALPN) + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + + if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 ) + return( ret ); + + break; +#endif /* MBEDTLS_SSL_ALPN */ + + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + ext_id ) ); + } + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; + + if( ext_len > 0 && ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + + /* + * Renegotiation security checks + */ + if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + handshake_failure = 1; + } +#if defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && + renegotiation_info_seen == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + handshake_failure = 1; + } + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + handshake_failure = 1; + } + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + handshake_failure = 1; + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + if( handshake_failure == 1 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char **p, + unsigned char *end ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + + /* + * Ephemeral DH parameters: + * + * struct { + * opaque dh_p<1..2^16-1>; + * opaque dh_g<1..2^16-1>; + * opaque dh_Ys<1..2^16-1>; + * } ServerDHParams; + */ + if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret ); + return( ret ); + } + + if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d", + ssl->handshake->dhm_ctx.len * 8, + ssl->conf->dhm_min_bitlen ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) +{ + const mbedtls_ecp_curve_info *curve_info; + mbedtls_ecp_group_id grp_id; +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + grp_id = ssl->handshake->ecdh_ctx.grp.id; +#else + grp_id = ssl->handshake->ecdh_ctx.grp_id; +#endif + + curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); + if( curve_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); + +#if defined(MBEDTLS_ECP_C) + if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) +#else + if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || + ssl->handshake->ecdh_ctx.grp.nbits > 521 ) +#endif + return( -1 ); + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP ); + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) +static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end ) +{ + uint16_t tls_id; + uint8_t ecpoint_len; + mbedtls_ssl_handshake_params *handshake = ssl->handshake; + + /* + * Parse ECC group + */ + + if( end - *p < 4 ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + + /* First byte is curve_type; only named_curve is handled */ + if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + + /* Next two bytes are the namedcurve value */ + tls_id = *(*p)++; + tls_id <<= 8; + tls_id |= *(*p)++; + + /* Convert EC group to PSA key type. */ + if( ( handshake->ecdh_psa_curve = + mbedtls_psa_parse_tls_ecc_group( tls_id ) ) == 0 ) + { + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + /* + * Put peer's ECDH public key in the format understood by PSA. + */ + + ecpoint_len = *(*p)++; + if( (size_t)( end - *p ) < ecpoint_len ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + + if( mbedtls_psa_tls_ecpoint_to_psa_ec( handshake->ecdh_psa_curve, + *p, ecpoint_len, + handshake->ecdh_psa_peerkey, + sizeof( handshake->ecdh_psa_peerkey ), + &handshake->ecdh_psa_peerkey_len ) != 0 ) + { + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + *p += ecpoint_len; + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO && + ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + + /* + * Ephemeral ECDH parameters: + * + * struct { + * ECParameters curve_params; + * ECPoint public; + * } ServerECDHParams; + */ + if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx, + (const unsigned char **) p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif + return( ret ); + } + + if( ssl_check_server_ecdh_params( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t len; + ((void) ssl); + + /* + * PSK parameters: + * + * opaque psk_identity_hint<0..2^16-1>; + */ + if( end - (*p) < 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " + "(psk_identity_hint length)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + len = (*p)[0] << 8 | (*p)[1]; + *p += 2; + + if( end - (*p) < (int) len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " + "(psk_identity_hint length)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + /* + * Note: we currently ignore the PKS identity hint, as we only allow one + * PSK to be provisionned on the client. This could be changed later if + * someone needs that feature. + */ + *p += len; + ret = 0; + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) +/* + * Generate a pre-master secret and encrypt it with the server's RSA key + */ +static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, + size_t offset, size_t *olen, + size_t pms_offset ) +{ + int ret; + size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2; + unsigned char *p = ssl->handshake->premaster + pms_offset; + mbedtls_pk_context * peer_pk; + + if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + /* + * Generate (part of) the pre-master as + * struct { + * ProtocolVersion client_version; + * opaque random[46]; + * } PreMasterSecret; + */ + mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, + ssl->conf->transport, p ); + + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); + return( ret ); + } + + ssl->handshake->pmslen = 48; + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + peer_pk = &ssl->handshake->peer_pubkey; +#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( ssl->session_negotiate->peer_cert == NULL ) + { + /* Should never happen */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + peer_pk = &ssl->session_negotiate->peer_cert->pk; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + /* + * Now write it out, encrypted + */ + if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_RSA ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + } + + if( ( ret = mbedtls_pk_encrypt( peer_pk, + p, ssl->handshake->pmslen, + ssl->out_msg + offset + len_bytes, olen, + MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( len_bytes == 2 ) + { + ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); + ssl->out_msg[offset+1] = (unsigned char)( *olen ); + *olen += 2; + } +#endif + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* We don't need the peer's public key anymore. Free it. */ + mbedtls_pk_free( peer_pk ); +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end, + mbedtls_md_type_t *md_alg, + mbedtls_pk_type_t *pk_alg ) +{ + ((void) ssl); + *md_alg = MBEDTLS_MD_NONE; + *pk_alg = MBEDTLS_PK_NONE; + + /* Only in TLS 1.2 */ + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + return( 0 ); + } + + if( (*p) + 2 > end ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + + /* + * Get hash algorithm + */ + if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) == MBEDTLS_MD_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported " + "HashAlgorithm %d", *(p)[0] ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + /* + * Get signature algorithm + */ + if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) == MBEDTLS_PK_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported " + "SignatureAlgorithm %d", (*p)[1] ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + /* + * Check if the hash is acceptable + */ + if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used HashAlgorithm %d that was not offered", + *(p)[0] ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) ); + *p += 2; + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) +{ + int ret; + const mbedtls_ecp_keypair *peer_key; + mbedtls_pk_context * peer_pk; + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + peer_pk = &ssl->handshake->peer_pubkey; +#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( ssl->session_negotiate->peer_cert == NULL ) + { + /* Should never happen */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + peer_pk = &ssl->session_negotiate->peer_cert->pk; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + } + + peer_key = mbedtls_pk_ec( *peer_pk ); + + if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, + MBEDTLS_ECDH_THEIRS ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); + return( ret ); + } + + if( ssl_check_server_ecdh_params( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* We don't need the peer's public key anymore. Free it, + * so that more RAM is available for upcoming expensive + * operations like ECDHE. */ + mbedtls_pk_free( peer_pk ); +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) +{ + int ret; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + unsigned char *p = NULL, *end = NULL; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + ssl->state++; + return( 0 ); + } + ((void) p); + ((void) end); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) + { + if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + ssl->state++; + return( 0 ); + } + ((void) p); + ((void) end); +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing ) + { + goto start_processing; + } +#endif + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + /* + * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server + * doesn't use a psk_identity_hint + */ + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE ) + { + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { + /* Current message is probably either + * CertificateRequest or ServerHelloDone */ + ssl->keep_current_message = 1; + goto exit; + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key exchange message must " + "not be skipped" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; + +start_processing: +#endif + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + end = ssl->in_msg + ssl->in_hslen; + MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { + if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } /* FALLTROUGH */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + ; /* nothing more to do */ + else +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + { + if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) + { + if( ssl_parse_server_ecdh_params_psa( ssl, &p, end ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO && + ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) + { + if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { + ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, + p, end - p ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) + { + size_t sig_len, hashlen; + unsigned char hash[64]; + mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; + mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; + unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + size_t params_len = p - params; + void *rs_ctx = NULL; + + mbedtls_pk_context * peer_pk; + + /* + * Handle the digitally-signed structure + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + if( ssl_parse_signature_algorithm( ssl, &p, end, + &md_alg, &pk_alg ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + if( pk_alg != mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) + { + pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + + /* Default hash for ECDSA is SHA-1 */ + if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE ) + md_alg = MBEDTLS_MD_SHA1; + } + else +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Read signature + */ + + if( p > end - 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + sig_len = ( p[0] << 8 ) | p[1]; + p += 2; + + if( p != end - sig_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); + + /* + * Compute the hash that has been signed + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( md_alg == MBEDTLS_MD_NONE ) + { + hashlen = 36; + ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params, + params_len ); + if( ret != 0 ) + return( ret ); + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( md_alg != MBEDTLS_MD_NONE ) + { + ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, + params, params_len, + md_alg ); + if( ret != 0 ) + return( ret ); + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + peer_pk = &ssl->handshake->peer_pubkey; +#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( ssl->session_negotiate->peer_cert == NULL ) + { + /* Should never happen */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + peer_pk = &ssl->session_negotiate->peer_cert->pk; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + /* + * Verify signature + */ + if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + } + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + rs_ctx = &ssl->handshake->ecrs_ctx.pk; +#endif + + if( ( ret = mbedtls_pk_verify_restartable( peer_pk, + md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) + { +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) +#endif + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif + return( ret ); + } + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* We don't need the peer's public key anymore. Free it, + * so that more RAM is available for upcoming expensive + * operations like ECDHE. */ + mbedtls_pk_free( peer_pk ); +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + } +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ + +exit: + ssl->state++; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); + + return( 0 ); +} + +#if ! defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) +static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + + if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + ssl->state++; + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); +} +#else /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ +static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *buf; + size_t n = 0; + size_t cert_type_len = 0, dn_len = 0; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + + if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + ssl->state++; + return( 0 ); + } + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + ssl->state++; + ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", + ssl->client_auth ? "a" : "no" ) ); + + if( ssl->client_auth == 0 ) + { + /* Current message is probably the ServerHelloDone */ + ssl->keep_current_message = 1; + goto exit; + } + + /* + * struct { + * ClientCertificateType certificate_types<1..2^8-1>; + * SignatureAndHashAlgorithm + * supported_signature_algorithms<2^16-1>; -- TLS 1.2 only + * DistinguishedName certificate_authorities<0..2^16-1>; + * } CertificateRequest; + * + * Since we only support a single certificate on clients, let's just + * ignore all the information that's supposed to help us pick a + * certificate. + * + * We could check that our certificate matches the request, and bail out + * if it doesn't, but it's simpler to just send the certificate anyway, + * and give the server the opportunity to decide if it should terminate + * the connection when it doesn't like our certificate. + * + * Same goes for the hash in TLS 1.2's signature_algorithms: at this + * point we only have one hash available (see comments in + * write_certificate_verify), so let's just use what we have. + * + * However, we still minimally parse the message to check it is at least + * superficially sane. + */ + buf = ssl->in_msg; + + /* certificate_types */ + if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; + n = cert_type_len; + + /* + * In the subsequent code there are two paths that read from buf: + * * the length of the signature algorithms field (if minor version of + * SSL is 3), + * * distinguished name length otherwise. + * Both reach at most the index: + * ...hdr_len + 2 + n, + * therefore the buffer length at this point must be greater than that + * regardless of the actual code path. + */ + if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + + /* supported_signature_algorithms */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) + | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); +#if defined(MBEDTLS_DEBUG_C) + unsigned char* sig_alg; + size_t i; +#endif + + /* + * The furthest access in buf is in the loop few lines below: + * sig_alg[i + 1], + * where: + * sig_alg = buf + ...hdr_len + 3 + n, + * max(i) = sig_alg_len - 1. + * Therefore the furthest access is: + * buf[...hdr_len + 3 + n + sig_alg_len - 1 + 1], + * which reduces to: + * buf[...hdr_len + 3 + n + sig_alg_len], + * which is one less than we need the buf to be. + */ + if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n + sig_alg_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + +#if defined(MBEDTLS_DEBUG_C) + sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n; + for( i = 0; i < sig_alg_len; i += 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Signature Algorithm found: %d" + ",%d", sig_alg[i], sig_alg[i + 1] ) ); + } +#endif + + n += 2 + sig_alg_len; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + /* certificate_authorities */ + dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) + | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); + + n += dn_len; + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + +exit: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ + +static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) || + ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + } + + ssl->state++; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); + + return( 0 ); +} + +static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) +{ + int ret; + + size_t header_len; + size_t content_len; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) + { + /* + * DHM key exchange -- send G^X mod P + */ + content_len = ssl->handshake->dhm_ctx.len; + + ssl->out_msg[4] = (unsigned char)( content_len >> 8 ); + ssl->out_msg[5] = (unsigned char)( content_len ); + header_len = 6; + + ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + &ssl->out_msg[header_len], content_len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + + if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, + &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) + { + psa_status_t status; + psa_key_policy_t policy; + + mbedtls_ssl_handshake_params *handshake = ssl->handshake; + + unsigned char own_pubkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t own_pubkey_len; + unsigned char *own_pubkey_ecpoint; + size_t own_pubkey_ecpoint_len; + + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + + header_len = 4; + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); + + /* + * Generate EC private key for ECDHE exchange. + */ + + /* Allocate a new key slot for the private key. */ + + status = psa_allocate_key( &handshake->ecdh_psa_privkey ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + /* The master secret is obtained from the shared ECDH secret by + * applying the TLS 1.2 PRF with a specific salt and label. While + * the PSA Crypto API encourages combining key agreement schemes + * such as ECDH with fixed KDFs such as TLS 1.2 PRF, it does not + * yet support the provisioning of salt + label to the KDF. + * For the time being, we therefore need to split the computation + * of the ECDH secret and the application of the TLS 1.2 PRF. */ + policy = psa_key_policy_init(); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_DERIVE, + PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ) ); + status = psa_set_key_policy( handshake->ecdh_psa_privkey, &policy ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + /* Generate ECDH private key. */ + status = psa_generate_key( handshake->ecdh_psa_privkey, + PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ), + MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ), + NULL, 0 ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + /* Export the public part of the ECDH private key from PSA + * and convert it to ECPoint format used in ClientKeyExchange. */ + status = psa_export_public_key( handshake->ecdh_psa_privkey, + own_pubkey, sizeof( own_pubkey ), + &own_pubkey_len ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + if( mbedtls_psa_tls_psa_ec_to_ecpoint( own_pubkey, + own_pubkey_len, + &own_pubkey_ecpoint, + &own_pubkey_ecpoint_len ) != 0 ) + { + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + /* Copy ECPoint structure to outgoing message buffer. */ + ssl->out_msg[header_len] = own_pubkey_ecpoint_len; + memcpy( ssl->out_msg + header_len + 1, + own_pubkey_ecpoint, own_pubkey_ecpoint_len ); + content_len = own_pubkey_ecpoint_len + 1; + + /* Compute ECDH shared secret. */ + status = psa_key_agreement( &generator, + handshake->ecdh_psa_privkey, + handshake->ecdh_psa_peerkey, + handshake->ecdh_psa_peerkey_len, + PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ) ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + /* The ECDH secret is the premaster secret used for key derivation. */ + + ssl->handshake->pmslen = + MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( handshake->ecdh_psa_curve ); + + status = psa_generator_read( &generator, + ssl->handshake->premaster, + ssl->handshake->pmslen ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_abort( &generator ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + status = psa_destroy_key( handshake->ecdh_psa_privkey ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + handshake->ecdh_psa_privkey = 0; + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO && + ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) + { + /* + * ECDH key exchange -- send client public value + */ + header_len = 4; + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + { + if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret ) + goto ecdh_calc_secret; + + mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx ); + } +#endif + + ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, + &content_len, + &ssl->out_msg[header_len], 1000, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif + return( ret ); + } + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q ); + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + { + ssl->handshake->ecrs_n = content_len; + ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; + } + +ecdh_calc_secret: + if( ssl->handshake->ecrs_enabled ) + content_len = ssl->handshake->ecrs_n; +#endif + if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, + &ssl->handshake->pmslen, + ssl->handshake->premaster, + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif + return( ret ); + } + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( mbedtls_ssl_ciphersuite_uses_psk( ciphersuite_info ) ) + { + /* + * opaque psk_identity<0..2^16-1>; + */ + if( ssl_conf_has_static_psk( ssl->conf ) == 0 ) + { + /* We don't offer PSK suites if we don't have a PSK, + * and we check that the server's choice is among the + * ciphersuites we offered, so this should never happen. */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + header_len = 4; + content_len = ssl->conf->psk_identity_len; + + if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or " + "SSL buffer too short" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); + ssl->out_msg[header_len++] = (unsigned char)( content_len ); + + memcpy( ssl->out_msg + header_len, + ssl->conf->psk_identity, + ssl->conf->psk_identity_len ); + header_len += ssl->conf->psk_identity_len; + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) + { + content_len = 0; + } + else +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only suites. */ + if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if( ( ret = ssl_write_encrypted_pms( ssl, header_len, + &content_len, 2 ) ) != 0 ) + return( ret ); + } + else +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only suites. */ + if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + /* + * ClientDiffieHellmanPublic public (DHM send G^X mod P) + */ + content_len = ssl->handshake->dhm_ctx.len; + + if( header_len + 2 + content_len > + MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long" + " or SSL buffer too short" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 ); + ssl->out_msg[header_len++] = (unsigned char)( content_len ); + + ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + &ssl->out_msg[header_len], content_len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only suites. */ + if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + /* + * ClientECDiffieHellmanPublic public; + */ + ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, + &content_len, + &ssl->out_msg[header_len], + MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO && + MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) + { + header_len = 4; + if( ( ret = ssl_write_encrypted_pms( ssl, header_len, + &content_len, 0 ) ) != 0 ) + return( ret ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { + header_len = 4; + + ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx, + ssl->out_msg + header_len, + MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, + &content_len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); + return( ret ); + } + + ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, + ssl->handshake->premaster, 32, &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + { + ((void) ciphersuite_info); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->out_msglen = header_len + content_len; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE; + + ssl->state++; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); + + return( 0 ); +} + +#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) +static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); + return( ret ); + } + + if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + ssl->state++; + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); +} +#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ +static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + size_t n = 0, offset = 0; + unsigned char hash[48]; + unsigned char *hash_start = hash; + mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; + unsigned int hashlen; + void *rs_ctx = NULL; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign ) + { + goto sign; + } +#endif + + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); + return( ret ); + } + + if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + ssl->state++; + return( 0 ); + } + + if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + ssl->state++; + return( 0 ); + } + + if( mbedtls_ssl_own_key( ssl ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + /* + * Make a signature of the handshake digests + */ +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; + +sign: +#endif + + ssl->handshake->calc_verify( ssl, hash ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + /* + * digitally-signed struct { + * opaque md5_hash[16]; + * opaque sha_hash[20]; + * }; + * + * md5_hash + * MD5(handshake_messages); + * + * sha_hash + * SHA(handshake_messages); + */ + hashlen = 36; + md_alg = MBEDTLS_MD_NONE; + + /* + * For ECDSA, default hash is SHA-1 only + */ + if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) + { + hash_start += 16; + hashlen -= 16; + md_alg = MBEDTLS_MD_SHA1; + } + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + /* + * digitally-signed struct { + * opaque handshake_messages[handshake_messages_length]; + * }; + * + * Taking shortcut here. We assume that the server always allows the + * PRF Hash function and has sent it in the allowed signature + * algorithms list received in the Certificate Request message. + * + * Until we encounter a server that does not, we will take this + * shortcut. + * + * Reason: Otherwise we should have running hashes for SHA512 and SHA224 + * in order to satisfy 'weird' needs from the server side. + */ + if( ssl->transform_negotiate->ciphersuite_info->mac == + MBEDTLS_MD_SHA384 ) + { + md_alg = MBEDTLS_MD_SHA384; + ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; + } + else + { + md_alg = MBEDTLS_MD_SHA256; + ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256; + } + ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) ); + + /* Info from md_alg will be used instead */ + hashlen = 0; + offset = 2; + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + rs_ctx = &ssl->handshake->ecrs_ctx.pk; +#endif + + if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ), + md_alg, hash_start, hashlen, + ssl->out_msg + 6 + offset, &n, + ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif + return( ret ); + } + + ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 ); + ssl->out_msg[5 + offset] = (unsigned char)( n ); + + ssl->out_msglen = 6 + n + offset; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY; + + ssl->state++; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) +{ + int ret; + uint32_t lifetime; + size_t ticket_len; + unsigned char *ticket; + const unsigned char *msg; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + /* + * struct { + * uint32 ticket_lifetime_hint; + * opaque ticket<0..2^16-1>; + * } NewSessionTicket; + * + * 0 . 3 ticket_lifetime_hint + * 4 . 5 ticket_len (n) + * 6 . 5+n ticket content + */ + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || + ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + } + + msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + + lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) | + ( msg[2] << 8 ) | ( msg[3] ); + + ticket_len = ( msg[4] << 8 ) | ( msg[5] ); + + if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) ); + + /* We're not waiting for a NewSessionTicket message any more */ + ssl->handshake->new_session_ticket = 0; + ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; + + /* + * Zero-length ticket means the server changed his mind and doesn't want + * to send a ticket after all, so just forget it + */ + if( ticket_len == 0 ) + return( 0 ); + + if( ssl->session != NULL && ssl->session->ticket != NULL ) + { + mbedtls_platform_zeroize( ssl->session->ticket, + ssl->session->ticket_len ); + mbedtls_free( ssl->session->ticket ); + ssl->session->ticket = NULL; + ssl->session->ticket_len = 0; + } + + mbedtls_platform_zeroize( ssl->session_negotiate->ticket, + ssl->session_negotiate->ticket_len ); + mbedtls_free( ssl->session_negotiate->ticket ); + ssl->session_negotiate->ticket = NULL; + ssl->session_negotiate->ticket_len = 0; + + if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + memcpy( ticket, msg + 6, ticket_len ); + + ssl->session_negotiate->ticket = ticket; + ssl->session_negotiate->ticket_len = ticket_len; + ssl->session_negotiate->ticket_lifetime = lifetime; + + /* + * RFC 5077 section 3.4: + * "If the client receives a session ticket from the server, then it + * discards any Session ID that was sent in the ServerHello." + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) ); + ssl->session_negotiate->id_len = 0; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +/* + * SSL handshake -- client side -- single step + */ +int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + /* Change state now, so that it is right in mbedtls_ssl_read_record(), used + * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && + ssl->handshake->new_session_ticket != 0 ) + { + ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET; + } +#endif + + switch( ssl->state ) + { + case MBEDTLS_SSL_HELLO_REQUEST: + ssl->state = MBEDTLS_SSL_CLIENT_HELLO; + break; + + /* + * ==> ClientHello + */ + case MBEDTLS_SSL_CLIENT_HELLO: + ret = ssl_write_client_hello( ssl ); + break; + + /* + * <== ServerHello + * Certificate + * ( ServerKeyExchange ) + * ( CertificateRequest ) + * ServerHelloDone + */ + case MBEDTLS_SSL_SERVER_HELLO: + ret = ssl_parse_server_hello( ssl ); + break; + + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = mbedtls_ssl_parse_certificate( ssl ); + break; + + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: + ret = ssl_parse_server_key_exchange( ssl ); + break; + + case MBEDTLS_SSL_CERTIFICATE_REQUEST: + ret = ssl_parse_certificate_request( ssl ); + break; + + case MBEDTLS_SSL_SERVER_HELLO_DONE: + ret = ssl_parse_server_hello_done( ssl ); + break; + + /* + * ==> ( Certificate/Alert ) + * ClientKeyExchange + * ( CertificateVerify ) + * ChangeCipherSpec + * Finished + */ + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = mbedtls_ssl_write_certificate( ssl ); + break; + + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: + ret = ssl_write_client_key_exchange( ssl ); + break; + + case MBEDTLS_SSL_CERTIFICATE_VERIFY: + ret = ssl_write_certificate_verify( ssl ); + break; + + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + break; + + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = mbedtls_ssl_write_finished( ssl ); + break; + + /* + * <== ( NewSessionTicket ) + * ChangeCipherSpec + * Finished + */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: + ret = ssl_parse_new_session_ticket( ssl ); + break; +#endif + + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); + break; + + case MBEDTLS_SSL_SERVER_FINISHED: + ret = mbedtls_ssl_parse_finished( ssl ); + break; + + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + break; + + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup( ssl ); + break; + + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + return( ret ); +} +#endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c new file mode 100644 index 000000000..56e9bdd2b --- /dev/null +++ b/library/ssl_cookie.c @@ -0,0 +1,256 @@ +/* + * DTLS cookie callbacks implementation + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * These session callbacks use a simple chained list + * to store and retrieve the session information. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_COOKIE_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_internal.h" +#include "mbedtls/platform_util.h" + +#include + +/* + * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is + * available. Try SHA-256 first, 512 wastes resources since we need to stay + * with max 32 bytes of cookie for DTLS 1.0 + */ +#if defined(MBEDTLS_SHA256_C) +#define COOKIE_MD MBEDTLS_MD_SHA224 +#define COOKIE_MD_OUTLEN 32 +#define COOKIE_HMAC_LEN 28 +#elif defined(MBEDTLS_SHA512_C) +#define COOKIE_MD MBEDTLS_MD_SHA384 +#define COOKIE_MD_OUTLEN 48 +#define COOKIE_HMAC_LEN 28 +#elif defined(MBEDTLS_SHA1_C) +#define COOKIE_MD MBEDTLS_MD_SHA1 +#define COOKIE_MD_OUTLEN 20 +#define COOKIE_HMAC_LEN 20 +#else +#error "DTLS hello verify needs SHA-1 or SHA-2" +#endif + +/* + * Cookies are formed of a 4-bytes timestamp (or serial number) and + * an HMAC of timestemp and client ID. + */ +#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN ) + +void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ) +{ + mbedtls_md_init( &ctx->hmac_ctx ); +#if !defined(MBEDTLS_HAVE_TIME) + ctx->serial = 0; +#endif + ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT; + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif +} + +void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ) +{ + ctx->timeout = delay; +} + +void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) +{ + mbedtls_md_free( &ctx->hmac_ctx ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); +#endif + + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) ); +} + +int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + unsigned char key[COOKIE_MD_OUTLEN]; + + if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 ) + return( ret ); + + ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 ); + if( ret != 0 ) + return( ret ); + + ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) ); + if( ret != 0 ) + return( ret ); + + mbedtls_platform_zeroize( key, sizeof( key ) ); + + return( 0 ); +} + +/* + * Generate the HMAC part of a cookie + */ +static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx, + const unsigned char time[4], + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len ) +{ + unsigned char hmac_out[COOKIE_MD_OUTLEN]; + + if( (size_t)( end - *p ) < COOKIE_HMAC_LEN ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + if( mbedtls_md_hmac_reset( hmac_ctx ) != 0 || + mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 || + mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 || + mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 ) + { + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( *p, hmac_out, COOKIE_HMAC_LEN ); + *p += COOKIE_HMAC_LEN; + + return( 0 ); +} + +/* + * Generate cookie for DTLS ClientHello verification + */ +int mbedtls_ssl_cookie_write( void *p_ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len ) +{ + int ret; + mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; + unsigned long t; + + if( ctx == NULL || cli_id == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( (size_t)( end - *p ) < COOKIE_LEN ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + +#if defined(MBEDTLS_HAVE_TIME) + t = (unsigned long) mbedtls_time( NULL ); +#else + t = ctx->serial++; +#endif + + (*p)[0] = (unsigned char)( t >> 24 ); + (*p)[1] = (unsigned char)( t >> 16 ); + (*p)[2] = (unsigned char)( t >> 8 ); + (*p)[3] = (unsigned char)( t ); + *p += 4; + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); +#endif + + ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, + p, end, cli_id, cli_id_len ); + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + + MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); +} + +/* + * Check a cookie + */ +int mbedtls_ssl_cookie_check( void *p_ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len ) +{ + unsigned char ref_hmac[COOKIE_HMAC_LEN]; + int ret = 0; + unsigned char *p = ref_hmac; + mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; + unsigned long cur_time, cookie_time; + + if( ctx == NULL || cli_id == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( cookie_len != COOKIE_LEN ) + return( -1 ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); +#endif + + if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, + &p, p + sizeof( ref_hmac ), + cli_id, cli_id_len ) != 0 ) + ret = -1; + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + + MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + if( ret != 0 ) + return( ret ); + + if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) + return( -1 ); + +#if defined(MBEDTLS_HAVE_TIME) + cur_time = (unsigned long) mbedtls_time( NULL ); +#else + cur_time = ctx->serial; +#endif + + cookie_time = ( (unsigned long) cookie[0] << 24 ) | + ( (unsigned long) cookie[1] << 16 ) | + ( (unsigned long) cookie[2] << 8 ) | + ( (unsigned long) cookie[3] ); + + if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) + return( -1 ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c new file mode 100644 index 000000000..b8e10d6dc --- /dev/null +++ b/library/ssl_srv.c @@ -0,0 +1,4437 @@ +/* + * SSLv3/TLSv1 server-side functions + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_SRV_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" +#include "mbedtls/platform_util.h" + +#include + +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" +#endif + +#if defined(MBEDTLS_HAVE_TIME) +#include "mbedtls/platform_time.h" +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen ) +{ + if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + mbedtls_free( ssl->cli_id ); + + if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + memcpy( ssl->cli_id, info, ilen ); + ssl->cli_id_len = ilen; + + return( 0 ); +} + +void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie ) +{ + conf->f_cookie_write = f_cookie_write; + conf->f_cookie_check = f_cookie_check; + conf->p_cookie = p_cookie; +} +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + int ret; + size_t servername_list_size, hostname_len; + const unsigned char *p; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) ); + + if( len < 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); + if( servername_list_size + 2 != len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + p = buf + 2; + while( servername_list_size > 2 ) + { + hostname_len = ( ( p[1] << 8 ) | p[2] ); + if( hostname_len + 3 > servername_list_size ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) + { + ret = ssl->conf->f_sni( ssl->conf->p_sni, + ssl, p + 3, hostname_len ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + return( 0 ); + } + + servername_list_size -= hostname_len + 3; + p += hostname_len + 3; + } + + if( servername_list_size != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) +{ + if( conf->f_psk != NULL ) + return( 1 ); + + if( conf->psk_identity_len == 0 || conf->psk_identity == NULL ) + return( 0 ); + + if( conf->psk != NULL && conf->psk_len != 0 ) + return( 1 ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( conf->psk_opaque != 0 ) + return( 1 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + return( 0 ); +} + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +{ + if( ssl->conf->f_psk != NULL ) + { + /* If we've used a callback to select the PSK, + * the static configuration is irrelevant. */ + + if( ssl->handshake->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); + } + + if( ssl->conf->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + /* Check verify-data in constant-time. The length OTOH is no secret */ + if( len != 1 + ssl->verify_data_len || + buf[0] != ssl->verify_data_len || + mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data, + ssl->verify_data_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + else +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + { + if( len != 1 || buf[0] != 0x0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; + } + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + +/* + * Status of the implementation of signature-algorithms extension: + * + * Currently, we are only considering the signature-algorithm extension + * to pick a ciphersuite which allows us to send the ServerKeyExchange + * message with a signature-hash combination that the user allows. + * + * We do *not* check whether all certificates in our certificate + * chain are signed with an allowed signature-hash pair. + * This needs to be done at a later stage. + * + */ +static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t sig_alg_list_size; + + const unsigned char *p; + const unsigned char *end = buf + len; + + mbedtls_md_type_t md_cur; + mbedtls_pk_type_t sig_cur; + + if ( len < 2 ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); + if( sig_alg_list_size + 2 != len || + sig_alg_list_size % 2 != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* Currently we only guarantee signing the ServerKeyExchange message according + * to the constraints specified in this extension (see above), so it suffices + * to remember only one suitable hash for each possible signature algorithm. + * + * This will change when we also consider certificate signatures, + * in which case we will need to remember the whole signature-hash + * pair list from the extension. + */ + + for( p = buf + 2; p < end; p += 2 ) + { + /* Silently ignore unknown signature or hash algorithms. */ + + if( ( sig_cur = mbedtls_ssl_pk_alg_from_sig( p[1] ) ) == MBEDTLS_PK_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext" + " unknown sig alg encoding %d", p[1] ) ); + continue; + } + + /* Check if we support the hash the user proposes */ + md_cur = mbedtls_ssl_md_alg_from_hash( p[0] ); + if( md_cur == MBEDTLS_MD_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" + " unknown hash alg encoding %d", p[0] ) ); + continue; + } + + if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 ) + { + mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" + " match sig %d and hash %d", + sig_cur, md_cur ) ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: " + "hash alg %d not supported", md_cur ) ); + } + } + + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t list_size, our_size; + const unsigned char *p; + const mbedtls_ecp_curve_info *curve_info, **curves; + + if ( len < 2 ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); + if( list_size + 2 != len || + list_size % 2 != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* Should never happen unless client duplicates the extension */ + if( ssl->handshake->curves != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* Don't allow our peer to make us allocate too much memory, + * and leave room for a final 0 */ + our_size = list_size / 2 + 1; + if( our_size > MBEDTLS_ECP_DP_MAX ) + our_size = MBEDTLS_ECP_DP_MAX; + + if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + ssl->handshake->curves = curves; + + p = buf + 2; + while( list_size > 0 && our_size > 1 ) + { + curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); + + if( curve_info != NULL ) + { + *curves++ = curve_info; + our_size--; + } + + list_size -= 2; + p += 2; + } + + return( 0 ); +} + +static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t list_size; + const unsigned char *p; + + if( len == 0 || (size_t)( buf[0] + 1 ) != len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + list_size = buf[0]; + + p = buf + 1; + while( list_size > 0 ) + { + if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED ) + { +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + ssl->handshake->ecdh_ctx.point_format = p[0]; +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + ssl->handshake->ecjpake_ctx.point_format = p[0]; +#endif + MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); + return( 0 ); + } + + list_size--; + p++; + } + + return( 0 ); +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + int ret; + + if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); + return( 0 ); + } + + if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, + buf, len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( ret ); + } + + /* Only mark the extension as OK when we're sure it is */ + ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->session_negotiate->mfl_code = buf[0]; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ((void) buf); + + if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) + ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ((void) buf); + + if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) + { + ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; + } + + return( 0 ); +} +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + if( len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ((void) buf); + + if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) + { + ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; + } + + return( 0 ); +} +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t len ) +{ + int ret; + mbedtls_ssl_session session; + + mbedtls_ssl_session_init( &session ); + + if( ssl->conf->f_ticket_parse == NULL || + ssl->conf->f_ticket_write == NULL ) + { + return( 0 ); + } + + /* Remember the client asked us to send a new ticket */ + ssl->handshake->new_session_ticket = 1; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) ); + + if( len == 0 ) + return( 0 ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + /* + * Failures are ok: just ignore the ticket and proceed. + */ + if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, + buf, len ) ) != 0 ) + { + mbedtls_ssl_session_free( &session ); + + if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) ); + else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) ); + else + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret ); + + return( 0 ); + } + + /* + * Keep the session ID sent by the client, since we MUST send it back to + * inform them we're accepting the ticket (RFC 5077 section 3.4) + */ + session.id_len = ssl->session_negotiate->id_len; + memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); + + mbedtls_ssl_session_free( ssl->session_negotiate ); + memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); + + /* Zeroize instead of free as we copied the content */ + mbedtls_platform_zeroize( &session, sizeof( mbedtls_ssl_session ) ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); + + ssl->handshake->resume = 1; + + /* Don't send a new ticket after all, this one is OK */ + ssl->handshake->new_session_ticket = 0; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_ALPN) +static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ + size_t list_len, cur_len, ours_len; + const unsigned char *theirs, *start, *end; + const char **ours; + + /* If ALPN not configured, just ignore the extension */ + if( ssl->conf->alpn_list == NULL ) + return( 0 ); + + /* + * opaque ProtocolName<1..2^8-1>; + * + * struct { + * ProtocolName protocol_name_list<2..2^16-1> + * } ProtocolNameList; + */ + + /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ + if( len < 4 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + list_len = ( buf[0] << 8 ) | buf[1]; + if( list_len != len - 2 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Validate peer's list (lengths) + */ + start = buf + 2; + end = buf + len; + for( theirs = start; theirs != end; theirs += cur_len ) + { + cur_len = *theirs++; + + /* Current identifier must fit in list */ + if( cur_len > (size_t)( end - theirs ) ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* Empty strings MUST NOT be included */ + if( cur_len == 0 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + + /* + * Use our order of preference + */ + for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) + { + ours_len = strlen( *ours ); + for( theirs = start; theirs != end; theirs += cur_len ) + { + cur_len = *theirs++; + + if( cur_len == ours_len && + memcmp( theirs, *ours, cur_len ) == 0 ) + { + ssl->alpn_chosen = *ours; + return( 0 ); + } + } + } + + /* If we get there, no match was found */ + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); +} +#endif /* MBEDTLS_SSL_ALPN */ + +/* + * Auxiliary functions for ServerHello parsing and related actions + */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/* + * Return 0 if the given key uses one of the acceptable curves, -1 otherwise + */ +#if defined(MBEDTLS_ECDSA_C) +static int ssl_check_key_curve( mbedtls_pk_context *pk, + const mbedtls_ecp_curve_info **curves ) +{ + const mbedtls_ecp_curve_info **crv = curves; + mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id; + + while( *crv != NULL ) + { + if( (*crv)->grp_id == grp_id ) + return( 0 ); + crv++; + } + + return( -1 ); +} +#endif /* MBEDTLS_ECDSA_C */ + +/* + * Try picking a certificate for this ciphersuite, + * return 0 on success and -1 on failure. + */ +static int ssl_pick_cert( mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) +{ + mbedtls_ssl_key_cert *cur, *list, *fallback = NULL; + mbedtls_pk_type_t pk_alg = + mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + uint32_t flags; + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_key_cert != NULL ) + list = ssl->handshake->sni_key_cert; + else +#endif + list = ssl->conf->key_cert; + + if( pk_alg == MBEDTLS_PK_NONE ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); + + if( list == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) ); + return( -1 ); + } + + for( cur = list; cur != NULL; cur = cur->next ) + { + MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", + cur->cert ); + + if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); + continue; + } + + /* + * This avoids sending the client a cert it'll reject based on + * keyUsage or other extensions. + * + * It also allows the user to provision different certificates for + * different uses based on keyUsage, eg if they want to avoid signing + * and decrypting with the same RSA key. + */ + if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info, + MBEDTLS_SSL_IS_SERVER, &flags ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: " + "(extended) key usage extension" ) ); + continue; + } + +#if defined(MBEDTLS_ECDSA_C) + if( pk_alg == MBEDTLS_PK_ECDSA && + ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); + continue; + } +#endif + + /* + * Try to select a SHA-1 certificate for pre-1.2 clients, but still + * present them a SHA-higher cert rather than failing if it's the only + * one we got that satisfies the other conditions. + */ + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && + cur->cert->sig_md != MBEDTLS_MD_SHA1 ) + { + if( fallback == NULL ) + fallback = cur; + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: " + "sha-2 with pre-TLS 1.2 client" ) ); + continue; + } + } + + /* If we get there, we got a winner */ + break; + } + + if( cur == NULL ) + cur = fallback; + + /* Do not update ssl->handshake->key_cert unless there is a match */ + if( cur != NULL ) + { + ssl->handshake->key_cert = cur; + MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate", + ssl->handshake->key_cert->cert ); + return( 0 ); + } + + return( -1 ); +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/* + * Check if a given ciphersuite is suitable for use with our config/keys/etc + * Sets ciphersuite_info only if the suite matches. + */ +static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, + const mbedtls_ssl_ciphersuite_t **ciphersuite_info ) +{ + const mbedtls_ssl_ciphersuite_t *suite_info; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + mbedtls_pk_type_t sig_type; +#endif + + suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id ); + if( suite_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", suite_info->name ) ); + + if( suite_info->min_minor_ver > ssl->minor_ver || + suite_info->max_minor_ver < ssl->minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); + return( 0 ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) + return( 0 ); +#endif + +#if defined(MBEDTLS_ARC4_C) + if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake " + "not configured or ext missing" ) ); + return( 0 ); + } +#endif + + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && + ( ssl->handshake->curves == NULL || + ssl->handshake->curves[0] == NULL ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " + "no common elliptic curve" ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + /* If the ciphersuite requires a pre-shared key and we don't + * have one, skip it now rather than failing later */ + if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && + ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + /* If the ciphersuite requires signing, check whether + * a suitable hash algorithm is present. */ + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info ); + if( sig_type != MBEDTLS_PK_NONE && + mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm " + "for signature algorithm %d", sig_type ) ); + return( 0 ); + } + } + +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* + * Final check: if ciphersuite requires us to have a + * certificate/key of a particular type: + * - select the appropriate certificate if we have one, or + * - try the next ciphersuite if we don't + * This must be done last since we modify the key_cert list. + */ + if( ssl_pick_cert( ssl, suite_info ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " + "no suitable certificate" ) ); + return( 0 ); + } +#endif + + *ciphersuite_info = suite_info; + return( 0 ); +} + +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) +static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) +{ + int ret, got_common_suite; + unsigned int i, j; + size_t n; + unsigned int ciph_len, sess_len, chal_len; + unsigned char *buf, *p; + const int *ciphersuites; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + buf = ssl->in_hdr; + + MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", + buf[2] ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", + ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", + buf[3], buf[4] ) ); + + /* + * SSLv2 Client Hello + * + * Record layer: + * 0 . 1 message length + * + * SSL layer: + * 2 . 2 message type + * 3 . 4 protocol version + */ + if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || + buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF; + + if( n < 17 || n > 512 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; + ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) + ? buf[4] : ssl->conf->max_minor_ver; + + if( ssl->minor_ver < ssl->conf->min_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", + ssl->major_ver, ssl->minor_ver, + ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + ssl->handshake->max_major_ver = buf[3]; + ssl->handshake->max_minor_ver = buf[4]; + + if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); + } + + ssl->handshake->update_checksum( ssl, buf + 2, n ); + + buf = ssl->in_msg; + n = ssl->in_left - 5; + + /* + * 0 . 1 ciphersuitelist length + * 2 . 3 session id length + * 4 . 5 challenge length + * 6 . .. ciphersuitelist + * .. . .. session id + * .. . .. challenge + */ + MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n ); + + ciph_len = ( buf[0] << 8 ) | buf[1]; + sess_len = ( buf[2] << 8 ) | buf[3]; + chal_len = ( buf[4] << 8 ) | buf[5]; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d", + ciph_len, sess_len, chal_len ) ); + + /* + * Make sure each parameter length is valid + */ + if( ciph_len < 3 || ( ciph_len % 3 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( sess_len > 32 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( chal_len < 8 || chal_len > 32 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( n != 6 + ciph_len + sess_len + chal_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", + buf + 6, ciph_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", + buf + 6 + ciph_len, sess_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge", + buf + 6 + ciph_len + sess_len, chal_len ); + + p = buf + 6 + ciph_len; + ssl->session_negotiate->id_len = sess_len; + memset( ssl->session_negotiate->id, 0, + sizeof( ssl->session_negotiate->id ) ); + memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); + + p += sess_len; + memset( ssl->handshake->randbytes, 0, 64 ); + memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); + + /* + * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ + for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) + { + if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " + "during renegotiation" ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; + break; + } + } + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) + { + if( p[0] == 0 && + p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && + p[2] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) ); + + if( ssl->minor_ver < ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + break; + } + } +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ + + got_common_suite = 0; + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; + ciphersuite_info = NULL; +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) + for( i = 0; ciphersuites[i] != 0; i++ ) +#else + for( i = 0; ciphersuites[i] != 0; i++ ) + for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) +#endif + { + if( p[0] != 0 || + p[1] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || + p[2] != ( ( ciphersuites[i] ) & 0xFF ) ) + continue; + + got_common_suite = 1; + + if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], + &ciphersuite_info ) ) != 0 ) + return( ret ); + + if( ciphersuite_info != NULL ) + goto have_ciphersuite_v2; + } + + if( got_common_suite ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " + "but none of them usable" ) ); + return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + } + +have_ciphersuite_v2: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + + ssl->session_negotiate->ciphersuite = ciphersuites[i]; + ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; + + /* + * SSLv2 Client Hello relevant renegotiation security checks + */ + if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->in_left = 0; + ssl->state++; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ + +/* This function doesn't alert on errors that happen early during + ClientHello parsing because they might indicate that the client is + not talking SSL/TLS at all and would not understand our alert. */ +static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) +{ + int ret, got_common_suite; + size_t i, j; + size_t ciph_offset, comp_offset, ext_offset; + size_t msg_len, ciph_len, sess_len, comp_len, ext_len; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + size_t cookie_offset, cookie_len; +#endif + unsigned char *buf, *p, *ext; +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renegotiation_info_seen = 0; +#endif + int handshake_failure = 0; + const int *ciphersuites; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + int major, minor; + + /* If there is no signature-algorithm extension present, + * we need to fall back to the default values for allowed + * signature-hash pairs. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + int sig_hash_alg_ext_present = 0; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +read_record_header: +#endif + /* + * If renegotiating, then the input was read with mbedtls_ssl_read_record(), + * otherwise read it ourselves manually in order to support SSLv2 + * ClientHello, which doesn't use the same record layer format. + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) +#endif + { + if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) + { + /* No alert on a read error. */ + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); + } + } + + buf = ssl->in_hdr; + +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) +#endif + if( ( buf[0] & 0x80 ) != 0 ) + return( ssl_parse_client_hello_v2( ssl ) ); +#endif + + MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_hdr_len( ssl ) ); + + /* + * SSLv3/TLS Client Hello + * + * Record layer: + * 0 . 0 message type + * 1 . 2 protocol version + * 3 . 11 DTLS: epoch + record sequence number + * 3 . 4 message length + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", + buf[0] ) ); + + if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", + ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]", + buf[1], buf[2] ) ); + + mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); + + /* According to RFC 5246 Appendix E.1, the version here is typically + * "{03,00}, the lowest version number supported by the client, [or] the + * value of ClientHello.client_version", so the only meaningful check here + * is the major version shouldn't be less than 3 */ + if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* For DTLS if this is the initial handshake, remember the client sequence + * number to use it in our next message (RFC 6347 4.2.1) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM +#if defined(MBEDTLS_SSL_RENEGOTIATION) + && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE +#endif + ) + { + /* Epoch should be 0 for initial handshakes */ + if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); + ssl->next_record_offset = 0; + ssl->in_left = 0; + goto read_record_header; + } + + /* No MAC to check yet, so we can update right now */ + mbedtls_ssl_dtls_replay_update( ssl ); +#endif + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + /* Set by mbedtls_ssl_read_record() */ + msg_len = ssl->in_hslen; + } + else +#endif + { + if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( ( ret = mbedtls_ssl_fetch_input( ssl, + mbedtls_ssl_hdr_len( ssl ) + msg_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); + } + + /* Done reading this record, get ready for the next one */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl ); + else +#endif + ssl->in_left = 0; + } + + buf = ssl->in_msg; + + MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len ); + + ssl->handshake->update_checksum( ssl, buf, msg_len ); + + /* + * Handshake layer: + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 DTLS only: message seqence number + * 6 . 8 DTLS only: fragment offset + * 9 . 11 DTLS only: fragment length + */ + if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); + + if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", + ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) ); + + /* We don't support fragmentation of ClientHello (yet?) */ + if( buf[1] != 0 || + msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* + * Copy the client's handshake message_seq on initial handshakes, + * check sequence number on renego. + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + /* This couldn't be done in ssl_prepare_handshake_record() */ + unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | + ssl->in_msg[5]; + + if( cli_msg_seq != ssl->handshake->in_msg_seq ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " + "%d (expected %d)", cli_msg_seq, + ssl->handshake->in_msg_seq ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->handshake->in_msg_seq++; + } + else +#endif + { + unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | + ssl->in_msg[5]; + ssl->handshake->out_msg_seq = cli_msg_seq; + ssl->handshake->in_msg_seq = cli_msg_seq + 1; + } + + /* + * For now we don't support fragmentation, so make sure + * fragment_offset == 0 and fragment_length == length + */ + if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || + memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + buf += mbedtls_ssl_hs_hdr_len( ssl ); + msg_len -= mbedtls_ssl_hs_hdr_len( ssl ); + + /* + * ClientHello layer: + * 0 . 1 protocol version + * 2 . 33 random bytes (starting with 4 bytes of Unix time) + * 34 . 35 session id length (1 byte) + * 35 . 34+x session id + * 35+x . 35+x DTLS only: cookie length (1 byte) + * 36+x . .. DTLS only: cookie + * .. . .. ciphersuite list length (2 bytes) + * .. . .. ciphersuite list + * .. . .. compression alg. list length (1 byte) + * .. . .. compression alg. list + * .. . .. extensions length (2 bytes, optional) + * .. . .. extensions (optional) + */ + + /* + * Minimal length (with everything empty and extensions omitted) is + * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can + * read at least up to session id length without worrying. + */ + if( msg_len < 38 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Check and save the protocol version + */ + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 ); + + mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf ); + + ssl->handshake->max_major_ver = ssl->major_ver; + ssl->handshake->max_minor_ver = ssl->minor_ver; + + if( ssl->major_ver < ssl->conf->min_major_ver || + ssl->minor_ver < ssl->conf->min_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", + ssl->major_ver, ssl->minor_ver, + ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + if( ssl->major_ver > ssl->conf->max_major_ver ) + { + ssl->major_ver = ssl->conf->max_major_ver; + ssl->minor_ver = ssl->conf->max_minor_ver; + } + else if( ssl->minor_ver > ssl->conf->max_minor_ver ) + ssl->minor_ver = ssl->conf->max_minor_ver; + + /* + * Save client random (inc. Unix time) + */ + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 ); + + memcpy( ssl->handshake->randbytes, buf + 2, 32 ); + + /* + * Check the session ID length and save session ID + */ + sess_len = buf[34]; + + if( sess_len > sizeof( ssl->session_negotiate->id ) || + sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); + + ssl->session_negotiate->id_len = sess_len; + memset( ssl->session_negotiate->id, 0, + sizeof( ssl->session_negotiate->id ) ); + memcpy( ssl->session_negotiate->id, buf + 35, + ssl->session_negotiate->id_len ); + + /* + * Check the cookie length and content + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + cookie_offset = 35 + sess_len; + cookie_len = buf[cookie_offset]; + + if( cookie_offset + 1 + cookie_len + 2 > msg_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", + buf + cookie_offset + 1, cookie_len ); + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( ssl->conf->f_cookie_check != NULL +#if defined(MBEDTLS_SSL_RENEGOTIATION) + && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE +#endif + ) + { + if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, + buf + cookie_offset + 1, cookie_len, + ssl->cli_id, ssl->cli_id_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) ); + ssl->handshake->verify_cookie_len = 1; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) ); + ssl->handshake->verify_cookie_len = 0; + } + } + else +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + { + /* We know we didn't send a cookie, so it should be empty */ + if( cookie_len != 0 ) + { + /* This may be an attacker's probe, so don't send an alert */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); + } + + /* + * Check the ciphersuitelist length (will be parsed later) + */ + ciph_offset = cookie_offset + 1 + cookie_len; + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + ciph_offset = 35 + sess_len; + + ciph_len = ( buf[ciph_offset + 0] << 8 ) + | ( buf[ciph_offset + 1] ); + + if( ciph_len < 2 || + ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */ + ( ciph_len % 2 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", + buf + ciph_offset + 2, ciph_len ); + + /* + * Check the compression algorithms length and pick one + */ + comp_offset = ciph_offset + 2 + ciph_len; + + comp_len = buf[comp_offset]; + + if( comp_len < 1 || + comp_len > 16 || + comp_len + comp_offset + 1 > msg_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", + buf + comp_offset + 1, comp_len ); + + ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; +#if defined(MBEDTLS_ZLIB_SUPPORT) + for( i = 0; i < comp_len; ++i ) + { + if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE ) + { + ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; + break; + } + } +#endif + + /* See comments in ssl_write_client_hello() */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; +#endif + + /* Do not parse the extensions if the protocol is SSLv3 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) + { +#endif + /* + * Check the extension length + */ + ext_offset = comp_offset + 1 + comp_len; + if( msg_len > ext_offset ) + { + if( msg_len < ext_offset + 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ext_len = ( buf[ext_offset + 0] << 8 ) + | ( buf[ext_offset + 1] ); + + if( ( ext_len > 0 && ext_len < 4 ) || + msg_len != ext_offset + 2 + ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + else + ext_len = 0; + + ext = buf + ext_offset + 2; + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len ); + + while( ext_len != 0 ) + { + unsigned int ext_id; + unsigned int ext_size; + if ( ext_len < 4 ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); + ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + switch( ext_id ) + { +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + case MBEDTLS_TLS_EXT_SERVERNAME: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); + if( ssl->conf->f_sni == NULL ) + break; + + ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + renegotiation_info_seen = 1; +#endif + + ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + case MBEDTLS_TLS_EXT_SIG_ALG: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); + + ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + + sig_hash_alg_ext_present = 1; + break; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); + + ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; + + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); + ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; + + ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) ); + + ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); + + ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); + + ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); + + ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); + + ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); + + ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_ALPN) + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + + ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + ext_id ) ); + } + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; + + if( ext_len > 0 && ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } +#if defined(MBEDTLS_SSL_PROTO_SSL3) + } +#endif + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) + { + if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && + p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) ); + + if( ssl->minor_ver < ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + break; + } + } +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + + /* + * Try to fall back to default hash SHA1 if the client + * hasn't provided any preferred signature-hash combinations. + */ + if( sig_hash_alg_ext_present == 0 ) + { + mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1; + + if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 ) + md_default = MBEDTLS_MD_NONE; + + mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default ); + } + +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + + /* + * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ + for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) + { + if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " + "during renegotiation" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } +#endif + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; + break; + } + } + + /* + * Renegotiation security checks + */ + if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + handshake_failure = 1; + } +#if defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && + renegotiation_info_seen == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + handshake_failure = 1; + } + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + handshake_failure = 1; + } + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + handshake_failure = 1; + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + if( handshake_failure == 1 ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Search for a matching ciphersuite + * (At the end because we need information from the EC-based extensions + * and certificate from the SNI callback triggered by the SNI extension.) + */ + got_common_suite = 0; + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; + ciphersuite_info = NULL; +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) + for( i = 0; ciphersuites[i] != 0; i++ ) +#else + for( i = 0; ciphersuites[i] != 0; i++ ) + for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) +#endif + { + if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || + p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) + continue; + + got_common_suite = 1; + + if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], + &ciphersuite_info ) ) != 0 ) + return( ret ); + + if( ciphersuite_info != NULL ) + goto have_ciphersuite; + } + + if( got_common_suite ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " + "but none of them usable" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + } + +have_ciphersuite: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + + ssl->session_negotiate->ciphersuite = ciphersuites[i]; + ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; + + ssl->state++; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); +#endif + + /* Debugging-only output for testsuite */ +#if defined(MBEDTLS_DEBUG_C) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info ); + if( sig_alg != MBEDTLS_PK_NONE ) + { + mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, + sig_alg ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", + mbedtls_ssl_hash_from_md_alg( md_alg ) ) ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm " + "%d - should not happen", sig_alg ) ); + } + } +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + + if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + const mbedtls_ssl_ciphersuite_t *suite = NULL; + const mbedtls_cipher_info_t *cipher = NULL; + + if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + *olen = 0; + return; + } + + /* + * RFC 7366: "If a server receives an encrypt-then-MAC request extension + * from a client and then selects a stream or Authenticated Encryption + * with Associated Data (AEAD) ciphersuite, it MUST NOT send an + * encrypt-then-MAC response extension back to the client." + */ + if( ( suite = mbedtls_ssl_ciphersuite_from_id( + ssl->session_negotiate->ciphersuite ) ) == NULL || + ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || + cipher->mode != MBEDTLS_MODE_CBC ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + + if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " + "extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + + if( ssl->handshake->new_session_ticket == 0 ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); + + *p++ = 0x00; + *p++ = 0x00; + + *olen = 4; +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + + if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + *p++ = 0x00; + *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; + *p++ = ssl->verify_data_len * 2 & 0xFF; + + memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); + p += ssl->verify_data_len; + memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + p += ssl->verify_data_len; + } + else +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + { + *p++ = 0x00; + *p++ = 0x01; + *p++ = 0x00; + } + + *olen = p - buf; +} + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + + if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + + *p++ = 0x00; + *p++ = 1; + + *p++ = ssl->session_negotiate->mfl_code; + + *olen = 5; +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + ((void) ssl); + + if( ( ssl->handshake->cli_exts & + MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + + *p++ = 0x00; + *p++ = 2; + + *p++ = 1; + *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED; + + *olen = 6; +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + int ret; + unsigned char *p = buf; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t kkpp_len; + + *olen = 0; + + /* Skip costly computation if not needed */ + if( ssl->transform_negotiate->ciphersuite_info->key_exchange != + MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) ); + + if( end - p < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF ); + + ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, + p + 2, end - p - 2, &kkpp_len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret ); + return; + } + + *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( kkpp_len ) & 0xFF ); + + *olen = kkpp_len + 4; +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_SSL_ALPN ) +static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen ) +{ + if( ssl->alpn_chosen == NULL ) + { + *olen = 0; + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); + + /* + * 0 . 1 ext identifier + * 2 . 3 ext length + * 4 . 5 protocol list length + * 6 . 6 protocol name length + * 7 . 7+n protocol name + */ + buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); + + *olen = 7 + strlen( ssl->alpn_chosen ); + + buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); + buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); + + buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF ); + buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF ); + + buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF ); + + memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *p = ssl->out_msg + 4; + unsigned char *cookie_len_byte; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) ); + + /* + * struct { + * ProtocolVersion server_version; + * opaque cookie<0..2^8-1>; + * } HelloVerifyRequest; + */ + + /* The RFC is not clear on this point, but sending the actual negotiated + * version looks like the most interoperable thing to do. */ + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); + p += 2; + + /* If we get here, f_cookie_check is not null */ + if( ssl->conf->f_cookie_write == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* Skip length byte until we know the length */ + cookie_len_byte = p++; + + if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, + &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, + ssl->cli_id, ssl->cli_id_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); + return( ret ); + } + + *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte ); + + ssl->out_msglen = p - ssl->out_msg; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; + + ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t t; +#endif + int ret; + size_t olen, ext_len = 0, n; + unsigned char *buf, *p; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie_len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + + return( ssl_write_hello_verify_request( ssl ) ); + } +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); + return( MBEDTLS_ERR_SSL_NO_RNG ); + } + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 protocol version + * 6 . 9 UNIX time() + * 10 . 37 random bytes + */ + buf = ssl->out_msg; + p = buf + 4; + + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p ); + p += 2; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", + buf[4], buf[5] ) ); + +#if defined(MBEDTLS_HAVE_TIME) + t = mbedtls_time( NULL ); + *p++ = (unsigned char)( t >> 24 ); + *p++ = (unsigned char)( t >> 16 ); + *p++ = (unsigned char)( t >> 8 ); + *p++ = (unsigned char)( t ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); +#else + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) + return( ret ); + + p += 4; +#endif /* MBEDTLS_HAVE_TIME */ + + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + p += 28; + + memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + + /* + * Resume is 0 by default, see ssl_handshake_init(). + * It may be already set to 1 by ssl_parse_session_ticket_ext(). + * If not, try looking up session ID in our cache. + */ + if( ssl->handshake->resume == 0 && +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE && +#endif + ssl->session_negotiate->id_len != 0 && + ssl->conf->f_get_cache != NULL && + ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); + ssl->handshake->resume = 1; + } + + if( ssl->handshake->resume == 0 ) + { + /* + * New session, create a new session id, + * unless we're about to issue a session ticket + */ + ssl->state++; + +#if defined(MBEDTLS_HAVE_TIME) + ssl->session_negotiate->start = mbedtls_time( NULL ); +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( ssl->handshake->new_session_ticket != 0 ) + { + ssl->session_negotiate->id_len = n = 0; + memset( ssl->session_negotiate->id, 0, 32 ); + } + else +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + { + ssl->session_negotiate->id_len = n = 32; + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, + n ) ) != 0 ) + return( ret ); + } + } + else + { + /* + * Resuming a session + */ + n = ssl->session_negotiate->id_len; + ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; + + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); + return( ret ); + } + } + + /* + * 38 . 38 session id length + * 39 . 38+n session id + * 39+n . 40+n chosen ciphersuite + * 41+n . 41+n chosen compression alg. + * 42+n . 43+n extensions length + * 44+n . 43+n+m extensions + */ + *p++ = (unsigned char) ssl->session_negotiate->id_len; + memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + p += ssl->session_negotiate->id_len; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", + ssl->handshake->resume ? "a" : "no" ) ); + + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); + *p++ = (unsigned char)( ssl->session_negotiate->compression ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", + mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", + ssl->session_negotiate->compression ) ); + + /* Do not write the extensions if the protocol is SSLv3 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) + { +#endif + + /* + * First write extensions, then the total length + */ + ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if ( mbedtls_ssl_ciphersuite_uses_ec( + mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) + { + ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + +#if defined(MBEDTLS_SSL_ALPN) + ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) ); + + if( ext_len > 0 ) + { + *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + p += ext_len; + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + } +#endif + + ssl->out_msglen = p - buf; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; + + ret = mbedtls_ssl_write_handshake_msg( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + + return( ret ); +} + +#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) +static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + + if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + ssl->state++; + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); +} +#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ +static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + size_t dn_size, total_dn_size; /* excluding length bytes */ + size_t ct_len, sa_len; /* including length bytes */ + unsigned char *buf, *p; + const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + const mbedtls_x509_crt *crt; + int authmode; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + + ssl->state++; + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) + authmode = ssl->handshake->sni_authmode; + else +#endif + authmode = ssl->conf->authmode; + + if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) || + authmode == MBEDTLS_SSL_VERIFY_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + return( 0 ); + } + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 4 cert type count + * 5 .. m-1 cert types + * m .. m+1 sig alg length (TLS 1.2 only) + * m+1 .. n-1 SignatureAndHashAlgorithms (TLS 1.2 only) + * n .. n+1 length of all DNs + * n+2 .. n+3 length of DN 1 + * n+4 .. ... Distinguished Name #1 + * ... .. ... length of DN 2, etc. + */ + buf = ssl->out_msg; + p = buf + 4; + + /* + * Supported certificate types + * + * ClientCertificateType certificate_types<1..2^8-1>; + * enum { (255) } ClientCertificateType; + */ + ct_len = 0; + +#if defined(MBEDTLS_RSA_C) + p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN; +#endif +#if defined(MBEDTLS_ECDSA_C) + p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN; +#endif + + p[0] = (unsigned char) ct_len++; + p += ct_len; + + sa_len = 0; +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + /* + * Add signature_algorithms for verify (TLS 1.2) + * + * SignatureAndHashAlgorithm supported_signature_algorithms<2..2^16-2>; + * + * struct { + * HashAlgorithm hash; + * SignatureAlgorithm signature; + * } SignatureAndHashAlgorithm; + * + * enum { (255) } HashAlgorithm; + * enum { (255) } SignatureAlgorithm; + */ + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + const int *cur; + + /* + * Supported signature algorithms + */ + for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) + { + unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur ); + + if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) ) + continue; + +#if defined(MBEDTLS_RSA_C) + p[2 + sa_len++] = hash; + p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA; +#endif +#if defined(MBEDTLS_ECDSA_C) + p[2 + sa_len++] = hash; + p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA; +#endif + } + + p[0] = (unsigned char)( sa_len >> 8 ); + p[1] = (unsigned char)( sa_len ); + sa_len += 2; + p += sa_len; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + /* + * DistinguishedName certificate_authorities<0..2^16-1>; + * opaque DistinguishedName<1..2^16-1>; + */ + p += 2; + + total_dn_size = 0; + + if( ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED ) + { + /* NOTE: If trusted certificates are provisioned + * via a CA callback (configured through + * `mbedtls_ssl_conf_ca_cb()`, then the + * CertificateRequest is currently left empty. */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_ca_chain != NULL ) + crt = ssl->handshake->sni_ca_chain; + else +#endif + crt = ssl->conf->ca_chain; + + while( crt != NULL && crt->version != 0 ) + { + dn_size = crt->subject_raw.len; + + if( end < p || + (size_t)( end - p ) < dn_size || + (size_t)( end - p ) < 2 + dn_size ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) ); + break; + } + + *p++ = (unsigned char)( dn_size >> 8 ); + *p++ = (unsigned char)( dn_size ); + memcpy( p, crt->subject_raw.p, dn_size ); + p += dn_size; + + MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p - dn_size, dn_size ); + + total_dn_size += 2 + dn_size; + crt = crt->next; + } + } + + ssl->out_msglen = p - buf; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; + ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); + ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); + + ret = mbedtls_ssl_write_handshake_msg( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) +{ + int ret; + + if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + } + + if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, + mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ), + MBEDTLS_ECDH_OURS ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); + return( ret ); + } + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && \ + defined(MBEDTLS_SSL_ASYNC_PRIVATE) +static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, + size_t *signature_len ) +{ + /* Append the signature to ssl->out_msg, leaving 2 bytes for the + * signature length which will be added in ssl_write_server_key_exchange + * after the call to ssl_prepare_server_key_exchange. + * ssl_write_server_key_exchange also takes care of incrementing + * ssl->out_msglen. */ + unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2; + size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN + - sig_start ); + int ret = ssl->conf->f_async_resume( ssl, + sig_start, signature_len, sig_max_len ); + if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) + { + ssl->handshake->async_in_progress = 0; + mbedtls_ssl_set_async_operation_data( ssl, NULL ); + } + MBEDTLS_SSL_DEBUG_RET( 2, "ssl_resume_server_key_exchange", ret ); + return( ret ); +} +#endif /* defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && + defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ + +/* Prepare the ServerKeyExchange message, up to and including + * calculating the signature if any, but excluding formatting the + * signature and sending the message. */ +static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, + size_t *signature_len ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; +#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + unsigned char *dig_signed = NULL; +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */ + + (void) ciphersuite_info; /* unused in some configurations */ +#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + (void) signature_len; +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ + + ssl->out_msglen = 4; /* header (type:1, length:3) to be written later */ + + /* + * + * Part 1: Provide key exchange parameters for chosen ciphersuite. + * + */ + + /* + * - ECJPAKE key exchanges + */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { + int ret; + size_t len = 0; + + ret = mbedtls_ecjpake_write_round_two( + &ssl->handshake->ecjpake_ctx, + ssl->out_msg + ssl->out_msglen, + MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); + return( ret ); + } + + ssl->out_msglen += len; + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + + /* + * For (EC)DHE key exchanges with PSK, parameters are prefixed by support + * identity hint (RFC 4279, Sec. 3). Until someone needs this feature, + * we use empty support identity hints here. + **/ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { + ssl->out_msg[ssl->out_msglen++] = 0x00; + ssl->out_msg[ssl->out_msglen++] = 0x00; + } +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + + /* + * - DHE key exchanges + */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) + if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) ) + { + int ret; + size_t len = 0; + + if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* + * Ephemeral DH parameters: + * + * struct { + * opaque dh_p<1..2^16-1>; + * opaque dh_g<1..2^16-1>; + * opaque dh_Ys<1..2^16-1>; + * } ServerDHParams; + */ + if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx, + &ssl->conf->dhm_P, + &ssl->conf->dhm_G ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_set_group", ret ); + return( ret ); + } + + if( ( ret = mbedtls_dhm_make_params( + &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + ssl->out_msg + ssl->out_msglen, &len, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret ); + return( ret ); + } + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + dig_signed = ssl->out_msg + ssl->out_msglen; +#endif + + ssl->out_msglen += len; + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED */ + + /* + * - ECDHE key exchanges + */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) + if( mbedtls_ssl_ciphersuite_uses_ecdhe( ciphersuite_info ) ) + { + /* + * Ephemeral ECDH parameters: + * + * struct { + * ECParameters curve_params; + * ECPoint public; + * } ServerECDHParams; + */ + const mbedtls_ecp_curve_info **curve = NULL; + const mbedtls_ecp_group_id *gid; + int ret; + size_t len = 0; + + /* Match our preference list against the offered curves */ + for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) + for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) + if( (*curve)->grp_id == *gid ) + goto curve_matching_done; + +curve_matching_done: + if( curve == NULL || *curve == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); + + if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, + (*curve)->grp_id ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); + return( ret ); + } + + if( ( ret = mbedtls_ecdh_make_params( + &ssl->handshake->ecdh_ctx, &len, + ssl->out_msg + ssl->out_msglen, + MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); + return( ret ); + } + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + dig_signed = ssl->out_msg + ssl->out_msglen; +#endif + + ssl->out_msglen += len; + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q ); + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ + + /* + * + * Part 2: For key exchanges involving the server signing the + * exchange parameters, compute and add the signature here. + * + */ +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) + { + size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; + size_t hashlen = 0; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + int ret; + + /* + * 2.1: Choose hash algorithm: + * A: For TLS 1.2, obey signature-hash-algorithm extension + * to choose appropriate hash. + * B: For SSL3, TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1 + * (RFC 4492, Sec. 5.4) + * C: Otherwise, use MD5 + SHA1 (RFC 4346, Sec. 7.4.3) + */ + + mbedtls_md_type_t md_alg; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + mbedtls_pk_type_t sig_alg = + mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + /* A: For TLS 1.2, obey signature-hash-algorithm extension + * (RFC 5246, Sec. 7.4.1.4.1). */ + if( sig_alg == MBEDTLS_PK_NONE || + ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, + sig_alg ) ) == MBEDTLS_MD_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + /* (... because we choose a cipher suite + * only if there is a matching hash.) */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) + { + /* B: Default hash SHA1 */ + md_alg = MBEDTLS_MD_SHA1; + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ + { + /* C: MD5 + SHA1 */ + md_alg = MBEDTLS_MD_NONE; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) ); + + /* + * 2.2: Compute the hash to be signed + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( md_alg == MBEDTLS_MD_NONE ) + { + hashlen = 36; + ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, + dig_signed, + dig_signed_len ); + if( ret != 0 ) + return( ret ); + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( md_alg != MBEDTLS_MD_NONE ) + { + ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, + dig_signed, + dig_signed_len, + md_alg ); + if( ret != 0 ) + return( ret ); + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + + /* + * 2.3: Compute and add the signature + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + /* + * For TLS 1.2, we need to specify signature and hash algorithm + * explicitly through a prefix to the signature. + * + * struct { + * HashAlgorithm hash; + * SignatureAlgorithm signature; + * } SignatureAndHashAlgorithm; + * + * struct { + * SignatureAndHashAlgorithm algorithm; + * opaque signature<0..2^16-1>; + * } DigitallySigned; + * + */ + + ssl->out_msg[ssl->out_msglen++] = + mbedtls_ssl_hash_from_md_alg( md_alg ); + ssl->out_msg[ssl->out_msglen++] = + mbedtls_ssl_sig_from_pk_alg( sig_alg ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( ssl->conf->f_async_sign_start != NULL ) + { + ret = ssl->conf->f_async_sign_start( ssl, + mbedtls_ssl_own_cert( ssl ), + md_alg, hash, hashlen ); + switch( ret ) + { + case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: + /* act as if f_async_sign was null */ + break; + case 0: + ssl->handshake->async_in_progress = 1; + return( ssl_resume_server_key_exchange( ssl, signature_len ) ); + case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: + ssl->handshake->async_in_progress = 1; + return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + default: + MBEDTLS_SSL_DEBUG_RET( 1, "f_async_sign_start", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + + if( mbedtls_ssl_own_key( ssl ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + /* Append the signature to ssl->out_msg, leaving 2 bytes for the + * signature length which will be added in ssl_write_server_key_exchange + * after the call to ssl_prepare_server_key_exchange. + * ssl_write_server_key_exchange also takes care of incrementing + * ssl->out_msglen. */ + if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), + md_alg, hash, hashlen, + ssl->out_msg + ssl->out_msglen + 2, + signature_len, + ssl->conf->f_rng, + ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ + + return( 0 ); +} + +/* Prepare the ServerKeyExchange message and send it. For ciphersuites + * that do not include a ServerKeyExchange message, do nothing. Either + * way, if successful, move on to the next step in the SSL state + * machine. */ +static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) +{ + int ret; + size_t signature_len = 0; +#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; +#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) + /* Extract static ECDH parameters and abort if ServerKeyExchange + * is not needed. */ + if( mbedtls_ssl_ciphersuite_no_pfs( ciphersuite_info ) ) + { + /* For suites involving ECDH, extract DH parameters + * from certificate at this point. */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) + if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) ) + { + ssl_get_ecdh_params_from_cert( ssl ); + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */ + + /* Key exchanges not involving ephemeral keys don't use + * ServerKeyExchange, so end here. */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); + ssl->state++; + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && \ + defined(MBEDTLS_SSL_ASYNC_PRIVATE) + /* If we have already prepared the message and there is an ongoing + * signature operation, resume signing. */ + if( ssl->handshake->async_in_progress != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming signature operation" ) ); + ret = ssl_resume_server_key_exchange( ssl, &signature_len ); + } + else +#endif /* defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) && + defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ + { + /* ServerKeyExchange is needed. Prepare the message. */ + ret = ssl_prepare_server_key_exchange( ssl, &signature_len ); + } + + if( ret != 0 ) + { + /* If we're starting to write a new message, set ssl->out_msglen + * to 0. But if we're resuming after an asynchronous message, + * out_msglen is the amount of data written so far and mst be + * preserved. */ + if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange (pending)" ) ); + else + ssl->out_msglen = 0; + return( ret ); + } + + /* If there is a signature, write its length. + * ssl_prepare_server_key_exchange already wrote the signature + * itself at its proper place in the output buffer. */ +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) + if( signature_len != 0 ) + { + ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 ); + ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", + ssl->out_msg + ssl->out_msglen, + signature_len ); + + /* Skip over the already-written signature */ + ssl->out_msglen += signature_len; + } +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ + + /* Add header and send. */ + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE; + + ssl->state++; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); + return( 0 ); +} + +static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); + + ssl->out_msglen = 4; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO_DONE; + + ssl->state++; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); +#endif + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, + const unsigned char *end ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t n; + + /* + * Receive G^Y mod P, premaster = (G^Y)^X mod P + */ + if( *p + 2 > end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + n = ( (*p)[0] << 8 ) | (*p)[1]; + *p += 2; + + if( *p + n > end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + } + + *p += n; + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, + unsigned char *peer_pms, + size_t *peer_pmslen, + size_t peer_pmssize ) +{ + int ret = ssl->conf->f_async_resume( ssl, + peer_pms, peer_pmslen, peer_pmssize ); + if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) + { + ssl->handshake->async_in_progress = 0; + mbedtls_ssl_set_async_operation_data( ssl, NULL ); + } + MBEDTLS_SSL_DEBUG_RET( 2, "ssl_decrypt_encrypted_pms", ret ); + return( ret ); +} +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + unsigned char *peer_pms, + size_t *peer_pmslen, + size_t peer_pmssize ) +{ + int ret; + mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl ); + mbedtls_pk_context *public_key = &mbedtls_ssl_own_cert( ssl )->pk; + size_t len = mbedtls_pk_get_len( public_key ); + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + /* If we have already started decoding the message and there is an ongoing + * decryption operation, resume signing. */ + if( ssl->handshake->async_in_progress != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming decryption operation" ) ); + return( ssl_resume_decrypt_pms( ssl, + peer_pms, peer_pmslen, peer_pmssize ) ); + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + + /* + * Prepare to decrypt the premaster using own private RSA key + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) + { + if ( p + 2 > end ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + if( *p++ != ( ( len >> 8 ) & 0xFF ) || + *p++ != ( ( len ) & 0xFF ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + } +#endif + + if( p + len != end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + /* + * Decrypt the premaster secret + */ +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( ssl->conf->f_async_decrypt_start != NULL ) + { + ret = ssl->conf->f_async_decrypt_start( ssl, + mbedtls_ssl_own_cert( ssl ), + p, len ); + switch( ret ) + { + case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: + /* act as if f_async_decrypt_start was null */ + break; + case 0: + ssl->handshake->async_in_progress = 1; + return( ssl_resume_decrypt_pms( ssl, + peer_pms, + peer_pmslen, + peer_pmssize ) ); + case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: + ssl->handshake->async_in_progress = 1; + return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + default: + MBEDTLS_SSL_DEBUG_RET( 1, "f_async_decrypt_start", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + + if( ! mbedtls_pk_can_do( private_key, MBEDTLS_PK_RSA ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + ret = mbedtls_pk_decrypt( private_key, p, len, + peer_pms, peer_pmslen, peer_pmssize, + ssl->conf->f_rng, ssl->conf->p_rng ); + return( ret ); +} + +static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + size_t pms_offset ) +{ + int ret; + unsigned char *pms = ssl->handshake->premaster + pms_offset; + unsigned char ver[2]; + unsigned char fake_pms[48], peer_pms[48]; + unsigned char mask; + size_t i, peer_pmslen; + unsigned int diff; + + /* In case of a failure in decryption, the decryption may write less than + * 2 bytes of output, but we always read the first two bytes. It doesn't + * matter in the end because diff will be nonzero in that case due to + * peer_pmslen being less than 48, and we only care whether diff is 0. + * But do initialize peer_pms for robustness anyway. This also makes + * memory analyzers happy (don't access uninitialized memory, even + * if it's an unsigned char). */ + peer_pms[0] = peer_pms[1] = ~0; + + ret = ssl_decrypt_encrypted_pms( ssl, p, end, + peer_pms, + &peer_pmslen, + sizeof( peer_pms ) ); + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if ( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) + return( ret ); +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + + mbedtls_ssl_write_version( ssl->handshake->max_major_ver, + ssl->handshake->max_minor_ver, + ssl->conf->transport, ver ); + + /* Avoid data-dependent branches while checking for invalid + * padding, to protect against timing-based Bleichenbacher-type + * attacks. */ + diff = (unsigned int) ret; + diff |= peer_pmslen ^ 48; + diff |= peer_pms[0] ^ ver[0]; + diff |= peer_pms[1] ^ ver[1]; + + /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */ + /* MSVC has a warning about unary minus on unsigned, but this is + * well-defined and precisely what we want to do here */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + mask = - ( ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif + + /* + * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding + * must not cause the connection to end immediately; instead, send a + * bad_record_mac later in the handshake. + * To protect against timing-based variants of the attack, we must + * not have any branch that depends on whether the decryption was + * successful. In particular, always generate the fake premaster secret, + * regardless of whether it will ultimately influence the output or not. + */ + ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); + if( ret != 0 ) + { + /* It's ok to abort on an RNG failure, since this does not reveal + * anything about the RSA decryption. */ + return( ret ); + } + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + if( diff != 0 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); +#endif + + if( sizeof( ssl->handshake->premaster ) < pms_offset || + sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + ssl->handshake->pmslen = 48; + + /* Set pms to either the true or the fake PMS, without + * data-dependent branches. */ + for( i = 0; i < ssl->handshake->pmslen; i++ ) + pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] ); + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, + const unsigned char *end ) +{ + int ret = 0; + size_t n; + + if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + /* + * Receive client pre-shared key identity name + */ + if( end - *p < 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + n = ( (*p)[0] << 8 ) | (*p)[1]; + *p += 2; + + if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ssl->conf->f_psk != NULL ) + { + if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; + } + else + { + /* Identity is not a big secret since clients send it in the clear, + * but treat it carefully anyway, just in case */ + if( n != ssl->conf->psk_identity_len || + mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) + { + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; + } + } + + if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) + { + MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ); + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); + } + + *p += n; + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) +{ + int ret; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + unsigned char *p, *end; + + ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \ + ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) ) + if( ( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) && + ( ssl->handshake->async_in_progress != 0 ) ) + { + /* We've already read a record and there is an asynchronous + * operation in progress to decrypt it. So skip reading the + * record. */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "will resume decryption of previously-read record" ) ); + } + else +#endif + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + end = ssl->in_msg + ssl->in_hslen; + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) + { + if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); + return( ret ); + } + + if( p != end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, + &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + } + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) + { + if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, + p, end - p) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + } + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP ); + + if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, + &ssl->handshake->pmslen, + ssl->handshake->premaster, + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + } + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) + { + if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + + if( p != end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically + * and skip the intermediate PMS. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if ( ssl->handshake->async_in_progress != 0 ) + { + /* There is an asynchronous operation in progress to + * decrypt the encrypted premaster secret, so skip + * directly to resuming this operation. */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK identity already parsed" ) ); + /* Update p to skip the PSK identity. ssl_parse_encrypted_pms + * won't actually use it, but maintain p anyway for robustness. */ + p += ssl->conf->psk_identity_len + 2; + } + else +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + + if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); + return( ret ); + } + + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + { + if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); + return( ret ); + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + + if( p != end ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { + if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + + if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, + p, end - p ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Opaque PSKs are currently only supported for PSK-only. */ + if( ssl_use_opaque_psk( ssl ) == 1 ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP ); + + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) + { + if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { + ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, + p, end - p ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, + ssl->handshake->premaster, 32, &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); + return( ret ); + } + + ssl->state++; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); + + return( 0 ); +} + +#if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) +static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + + if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + ssl->state++; + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); +} +#else /* !MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ +static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t i, sig_len; + unsigned char hash[48]; + unsigned char *hash_start = hash; + size_t hashlen; +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + mbedtls_pk_type_t pk_alg; +#endif + mbedtls_md_type_t md_alg; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + mbedtls_pk_context * peer_pk; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + + if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + ssl->state++; + return( 0 ); + } + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + if( ssl->session_negotiate->peer_cert == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + ssl->state++; + return( 0 ); + } +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( ssl->session_negotiate->peer_cert_digest == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + ssl->state++; + return( 0 ); + } +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + /* Read the message without adding it to the checksum */ + ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ ); + if( 0 != ret ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret ); + return( ret ); + } + + ssl->state++; + + /* Process the message contents */ + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || + ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + i = mbedtls_ssl_hs_hdr_len( ssl ); + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + peer_pk = &ssl->handshake->peer_pubkey; +#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( ssl->session_negotiate->peer_cert == NULL ) + { + /* Should never happen */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + peer_pk = &ssl->session_negotiate->peer_cert->pk; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + /* + * struct { + * SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only + * opaque signature<0..2^16-1>; + * } DigitallySigned; + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + md_alg = MBEDTLS_MD_NONE; + hashlen = 36; + + /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */ + if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) ) + { + hash_start += 16; + hashlen -= 16; + md_alg = MBEDTLS_MD_SHA1; + } + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + if( i + 2 > ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + /* + * Hash + */ + md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] ); + + if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" + " for verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + +#if !defined(MBEDTLS_MD_SHA1) + if( MBEDTLS_MD_SHA1 == md_alg ) + hash_start += 16; +#endif + + /* Info from md_alg will be used instead */ + hashlen = 0; + + i++; + + /* + * Signature + */ + if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) + == MBEDTLS_PK_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" + " for verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + /* + * Check the certificate's key type matches the signature alg + */ + if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + i++; + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + if( i + 2 > ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; + i += 2; + + if( i + sig_len != ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + /* Calculate hash and verify signature */ + ssl->handshake->calc_verify( ssl, hash ); + + if( ( ret = mbedtls_pk_verify( peer_pk, + md_alg, hash_start, hashlen, + ssl->in_msg + i, sig_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); + return( ret ); + } + + mbedtls_ssl_update_handshake_status( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) +{ + int ret; + size_t tlen; + uint32_t lifetime; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) ); + + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; + + /* + * struct { + * uint32 ticket_lifetime_hint; + * opaque ticket<0..2^16-1>; + * } NewSessionTicket; + * + * 4 . 7 ticket_lifetime_hint (0 = unspecified) + * 8 . 9 ticket_len (n) + * 10 . 9+n ticket content + */ + + if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, + ssl->session_negotiate, + ssl->out_msg + 10, + ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, + &tlen, &lifetime ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret ); + tlen = 0; + } + + ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; + ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; + ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; + ssl->out_msg[7] = ( lifetime ) & 0xFF; + + ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); + ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); + + ssl->out_msglen = 10 + tlen; + + /* + * Morally equivalent to updating ssl->state, but NewSessionTicket and + * ChangeCipherSpec share the same state. + */ + ssl->handshake->new_session_ticket = 0; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +/* + * SSL handshake -- server side -- single step + */ +int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); + + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + switch( ssl->state ) + { + case MBEDTLS_SSL_HELLO_REQUEST: + ssl->state = MBEDTLS_SSL_CLIENT_HELLO; + break; + + /* + * <== ClientHello + */ + case MBEDTLS_SSL_CLIENT_HELLO: + ret = ssl_parse_client_hello( ssl ); + break; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: + return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); +#endif + + /* + * ==> ServerHello + * Certificate + * ( ServerKeyExchange ) + * ( CertificateRequest ) + * ServerHelloDone + */ + case MBEDTLS_SSL_SERVER_HELLO: + ret = ssl_write_server_hello( ssl ); + break; + + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = mbedtls_ssl_write_certificate( ssl ); + break; + + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: + ret = ssl_write_server_key_exchange( ssl ); + break; + + case MBEDTLS_SSL_CERTIFICATE_REQUEST: + ret = ssl_write_certificate_request( ssl ); + break; + + case MBEDTLS_SSL_SERVER_HELLO_DONE: + ret = ssl_write_server_hello_done( ssl ); + break; + + /* + * <== ( Certificate/Alert ) + * ClientKeyExchange + * ( CertificateVerify ) + * ChangeCipherSpec + * Finished + */ + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = mbedtls_ssl_parse_certificate( ssl ); + break; + + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: + ret = ssl_parse_client_key_exchange( ssl ); + break; + + case MBEDTLS_SSL_CERTIFICATE_VERIFY: + ret = ssl_parse_certificate_verify( ssl ); + break; + + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); + break; + + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = mbedtls_ssl_parse_finished( ssl ); + break; + + /* + * ==> ( NewSessionTicket ) + * ChangeCipherSpec + * Finished + */ + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( ssl->handshake->new_session_ticket != 0 ) + ret = ssl_write_new_session_ticket( ssl ); + else +#endif + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + break; + + case MBEDTLS_SSL_SERVER_FINISHED: + ret = mbedtls_ssl_write_finished( ssl ); + break; + + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + break; + + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup( ssl ); + break; + + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + return( ret ); +} +#endif /* MBEDTLS_SSL_SRV_C */ diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c new file mode 100644 index 000000000..ed65bcd63 --- /dev/null +++ b/library/ssl_ticket.c @@ -0,0 +1,595 @@ +/* + * TLS server tickets callbacks implementation + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_TICKET_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/ssl_ticket.h" +#include "mbedtls/platform_util.h" + +#include + +/* + * Initialze context + */ +void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif +} + +#define MAX_KEY_BYTES 32 /* 256 bits */ + +#define TICKET_KEY_NAME_BYTES 4 +#define TICKET_IV_BYTES 12 +#define TICKET_CRYPT_LEN_BYTES 2 +#define TICKET_AUTH_TAG_BYTES 16 + +#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES + \ + TICKET_AUTH_TAG_BYTES ) +#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES ) + +/* + * Generate/update a key + */ +static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, + unsigned char index ) +{ + int ret; + unsigned char buf[MAX_KEY_BYTES]; + mbedtls_ssl_ticket_key *key = ctx->keys + index; + +#if defined(MBEDTLS_HAVE_TIME) + key->generation_time = (uint32_t) mbedtls_time( NULL ); +#endif + + if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 ) + return( ret ); + + if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 ) + return( ret ); + + /* With GCM and CCM, same context can encrypt & decrypt */ + ret = mbedtls_cipher_setkey( &key->ctx, buf, + mbedtls_cipher_get_key_bitlen( &key->ctx ), + MBEDTLS_ENCRYPT ); + + mbedtls_platform_zeroize( buf, sizeof( buf ) ); + + return( ret ); +} + +/* + * Rotate/generate keys if necessary + */ +static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) +{ +#if !defined(MBEDTLS_HAVE_TIME) + ((void) ctx); +#else + if( ctx->ticket_lifetime != 0 ) + { + uint32_t current_time = (uint32_t) mbedtls_time( NULL ); + uint32_t key_time = ctx->keys[ctx->active].generation_time; + + if( current_time >= key_time && + current_time - key_time < ctx->ticket_lifetime ) + { + return( 0 ); + } + + ctx->active = 1 - ctx->active; + + return( ssl_ticket_gen_key( ctx, ctx->active ) ); + } + else +#endif /* MBEDTLS_HAVE_TIME */ + return( 0 ); +} + +/* + * Setup context for actual use + */ +int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime ) +{ + int ret; + const mbedtls_cipher_info_t *cipher_info; + + ctx->f_rng = f_rng; + ctx->p_rng = p_rng; + + ctx->ticket_lifetime = lifetime; + + cipher_info = mbedtls_cipher_info_from_type( cipher); + if( cipher_info == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( cipher_info->mode != MBEDTLS_MODE_GCM && + cipher_info->mode != MBEDTLS_MODE_CCM ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + return( ret ); + /* We don't yet expect to support all ciphers through PSA, + * so allow fallback to ordinary mbedtls_cipher_setup(). */ + if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + return( ret ); + if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) + return( ret ); + + if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || + ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} + +/* + * Serialize a session in the following format: + * + * - If MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is enabled: + * 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session) + * n . n+2 peer_cert length = m (0 if no certificate) + * n+3 . n+2+m peer cert ASN.1 + * + * - If MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is disabled: + * 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session) + * n . n length of peer certificate digest = k (0 if no digest) + * n+1 . n+k peer certificate digest (digest type encoded in session) + */ +static int ssl_save_session( const mbedtls_ssl_session *session, + unsigned char *buf, size_t buf_len, + size_t *olen ) +{ + unsigned char *p = buf; + size_t left = buf_len; +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + size_t cert_len; +#else + size_t cert_digest_len; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( left < sizeof( mbedtls_ssl_session ) ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + /* This also copies the values of pointer fields in the + * session to be serialized, but they'll be ignored when + * loading the session through ssl_load_session(). */ + memcpy( p, session, sizeof( mbedtls_ssl_session ) ); + p += sizeof( mbedtls_ssl_session ); + left -= sizeof( mbedtls_ssl_session ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + if( session->peer_cert == NULL ) + cert_len = 0; + else + cert_len = session->peer_cert->raw.len; + + if( left < 3 + cert_len ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); + *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( cert_len ) & 0xFF ); + left -= 3; + + if( session->peer_cert != NULL ) + memcpy( p, session->peer_cert->raw.p, cert_len ); + + p += cert_len; + left -= cert_len; +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( session->peer_cert_digest != NULL ) + cert_digest_len = 0; + else + cert_digest_len = session->peer_cert_digest_len; + + if( left < 1 + cert_digest_len ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + *p++ = (unsigned char) cert_digest_len; + left--; + + if( session->peer_cert_digest != NULL ) + memcpy( p, session->peer_cert_digest, cert_digest_len ); + + p += cert_digest_len; + left -= cert_digest_len; +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + *olen = p - buf; + + return( 0 ); +} + +/* + * Unserialise session, see ssl_save_session() + */ +static int ssl_load_session( mbedtls_ssl_session *session, + const unsigned char *buf, size_t len ) +{ + const unsigned char *p = buf; + const unsigned char * const end = buf + len; +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + size_t cert_len; +#else + size_t cert_digest_len; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( sizeof( mbedtls_ssl_session ) > (size_t)( end - p ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + memcpy( session, p, sizeof( mbedtls_ssl_session ) ); + p += sizeof( mbedtls_ssl_session ); + + /* Non-NULL pointer fields of `session` are meaningless + * and potentially harmful. Zeroize them for safety. */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + session->peer_cert = NULL; +#else + session->peer_cert_digest = NULL; +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + session->ticket = NULL; +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* Deserialize CRT from the end of the ticket. */ + if( 3 > (size_t)( end - p ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; + p += 3; + + if( cert_len != 0 ) + { + int ret; + + if( cert_len > (size_t)( end - p ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + + if( session->peer_cert == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + mbedtls_x509_crt_init( session->peer_cert ); + + if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert, + p, cert_len ) ) != 0 ) + { + mbedtls_x509_crt_free( session->peer_cert ); + mbedtls_free( session->peer_cert ); + session->peer_cert = NULL; + return( ret ); + } + + p += cert_len; + } +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + /* Deserialize CRT digest from the end of the ticket. */ + if( 1 > (size_t)( end - p ) ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + cert_digest_len = (size_t) p[0]; + p++; + + if( cert_digest_len != 0 ) + { + if( cert_digest_len > (size_t)( end - p ) || + cert_digest_len != session->peer_cert_digest_len ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + session->peer_cert_digest = mbedtls_calloc( 1, cert_digest_len ); + if( session->peer_cert_digest == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + memcpy( session->peer_cert_digest, p, cert_digest_len ); + p += cert_digest_len; + } +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( p != end ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + return( 0 ); +} + +/* + * Create session ticket, with the following structure: + * + * struct { + * opaque key_name[4]; + * opaque iv[12]; + * opaque encrypted_state<0..2^16-1>; + * opaque tag[16]; + * } ticket; + * + * The key_name, iv, and length of encrypted_state are the additional + * authenticated data. + */ + +int mbedtls_ssl_ticket_write( void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *ticket_lifetime ) +{ + int ret; + mbedtls_ssl_ticket_context *ctx = p_ticket; + mbedtls_ssl_ticket_key *key; + unsigned char *key_name = start; + unsigned char *iv = start + TICKET_KEY_NAME_BYTES; + unsigned char *state_len_bytes = iv + TICKET_IV_BYTES; + unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES; + unsigned char *tag; + size_t clear_len, ciph_len; + + *tlen = 0; + + if( ctx == NULL || ctx->f_rng == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag, + * in addition to session itself, that will be checked when writing it. */ + if( end - start < TICKET_MIN_LEN ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); +#endif + + if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + goto cleanup; + + key = &ctx->keys[ctx->active]; + + *ticket_lifetime = ctx->ticket_lifetime; + + memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES ); + + if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 ) + goto cleanup; + + /* Dump session state */ + if( ( ret = ssl_save_session( session, + state, end - state, &clear_len ) ) != 0 || + (unsigned long) clear_len > 65535 ) + { + goto cleanup; + } + state_len_bytes[0] = ( clear_len >> 8 ) & 0xff; + state_len_bytes[1] = ( clear_len ) & 0xff; + + /* Encrypt and authenticate */ + tag = state + clear_len; + if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + state, clear_len, state, &ciph_len, + tag, TICKET_AUTH_TAG_BYTES ) ) != 0 ) + { + goto cleanup; + } + if( ciph_len != clear_len ) + { + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto cleanup; + } + + *tlen = TICKET_MIN_LEN + ciph_len; + +cleanup: +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); +} + +/* + * Select key based on name + */ +static mbedtls_ssl_ticket_key *ssl_ticket_select_key( + mbedtls_ssl_ticket_context *ctx, + const unsigned char name[4] ) +{ + unsigned char i; + + for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ ) + if( memcmp( name, ctx->keys[i].name, 4 ) == 0 ) + return( &ctx->keys[i] ); + + return( NULL ); +} + +/* + * Load session ticket (see mbedtls_ssl_ticket_write for structure) + */ +int mbedtls_ssl_ticket_parse( void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len ) +{ + int ret; + mbedtls_ssl_ticket_context *ctx = p_ticket; + mbedtls_ssl_ticket_key *key; + unsigned char *key_name = buf; + unsigned char *iv = buf + TICKET_KEY_NAME_BYTES; + unsigned char *enc_len_p = iv + TICKET_IV_BYTES; + unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES; + unsigned char *tag; + size_t enc_len, clear_len; + + if( ctx == NULL || ctx->f_rng == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( len < TICKET_MIN_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); +#endif + + if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + goto cleanup; + + enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; + tag = ticket + enc_len; + + if( len != TICKET_MIN_LEN + enc_len ) + { + ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + goto cleanup; + } + + /* Select key */ + if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL ) + { + /* We can't know for sure but this is a likely option unless we're + * under attack - this is only informative anyway */ + ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; + goto cleanup; + } + + /* Decrypt and authenticate */ + if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + ticket, enc_len, + ticket, &clear_len, + tag, TICKET_AUTH_TAG_BYTES ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) + ret = MBEDTLS_ERR_SSL_INVALID_MAC; + + goto cleanup; + } + if( clear_len != enc_len ) + { + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto cleanup; + } + + /* Actually load session */ + if( ( ret = ssl_load_session( session, ticket, clear_len ) ) != 0 ) + goto cleanup; + +#if defined(MBEDTLS_HAVE_TIME) + { + /* Check for expiration */ + mbedtls_time_t current_time = mbedtls_time( NULL ); + + if( current_time < session->start || + (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime ) + { + ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; + goto cleanup; + } + } +#endif + +cleanup: +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); +} + +/* + * Free context + */ +void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ) +{ + mbedtls_cipher_free( &ctx->keys[0].ctx ); + mbedtls_cipher_free( &ctx->keys[1].ctx ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); +#endif + + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) ); +} + +#endif /* MBEDTLS_SSL_TICKET_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c new file mode 100644 index 000000000..abe2450eb --- /dev/null +++ b/library/ssl_tls.c @@ -0,0 +1,10634 @@ +/* + * SSLv3/TLSv1 shared functions + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * The SSL 3.0 specification was drafted by Netscape in 1996, + * and became an IETF standard in 1999. + * + * http://wp.netscape.com/eng/ssl3/ + * http://www.ietf.org/rfc/rfc2246.txt + * http://www.ietf.org/rfc/rfc4346.txt + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_TLS_C) + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" +#include "mbedtls/platform_util.h" + +#include + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#include "psa/crypto.h" +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#include "mbedtls/oid.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#endif + +static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); +static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); + +/* Length of the "epoch" field in the record header */ +static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 2 ); +#else + ((void) ssl); +#endif + return( 0 ); +} + +/* + * Start a timer. + * Passing millisecs = 0 cancels a running timer. + */ +static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) +{ + if( ssl->f_set_timer == NULL ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) ); + ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs ); +} + +/* + * Return -1 is timer is expired, 0 if it isn't. + */ +static int ssl_check_timer( mbedtls_ssl_context *ssl ) +{ + if( ssl->f_get_timer == NULL ) + return( 0 ); + + if( ssl->f_get_timer( ssl->p_timer ) == 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) ); + return( -1 ); + } + + return( 0 ); +} + +static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ); +static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ); + +#define SSL_DONT_FORCE_FLUSH 0 +#define SSL_FORCE_FLUSH 1 + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +/* Forward declarations for functions related to message buffering. */ +static void ssl_buffering_free( mbedtls_ssl_context *ssl ); +static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, + uint8_t slot ); +static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_buffer_message( mbedtls_ssl_context *ssl ); +static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); +static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); + +static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); +static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) +{ + size_t mtu = ssl_get_current_mtu( ssl ); + + if( mtu != 0 && mtu < MBEDTLS_SSL_OUT_BUFFER_LEN ) + return( mtu ); + + return( MBEDTLS_SSL_OUT_BUFFER_LEN ); +} + +static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) +{ + size_t const bytes_written = ssl->out_left; + size_t const mtu = ssl_get_maximum_datagram_size( ssl ); + + /* Double-check that the write-index hasn't gone + * past what we can transmit in a single datagram. */ + if( bytes_written > mtu ) + { + /* Should never happen... */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + return( (int) ( mtu - bytes_written ) ); +} + +static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) +{ + int ret; + size_t remaining, expansion; + size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); + + if( max_len > mfl ) + max_len = mfl; + + /* By the standard (RFC 6066 Sect. 4), the MFL extension + * only limits the maximum record payload size, so in theory + * we would be allowed to pack multiple records of payload size + * MFL into a single datagram. However, this would mean that there's + * no way to explicitly communicate MTU restrictions to the peer. + * + * The following reduction of max_len makes sure that we never + * write datagrams larger than MFL + Record Expansion Overhead. + */ + if( max_len <= ssl->out_left ) + return( 0 ); + + max_len -= ssl->out_left; +#endif + + ret = ssl_get_remaining_space_in_datagram( ssl ); + if( ret < 0 ) + return( ret ); + remaining = (size_t) ret; + + ret = mbedtls_ssl_get_record_expansion( ssl ); + if( ret < 0 ) + return( ret ); + expansion = (size_t) ret; + + if( remaining <= expansion ) + return( 0 ); + + remaining -= expansion; + if( remaining >= max_len ) + remaining = max_len; + + return( (int) remaining ); +} + +/* + * Double the retransmit timeout value, within the allowed range, + * returning -1 if the maximum value has already been reached. + */ +static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) +{ + uint32_t new_timeout; + + if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) + return( -1 ); + + /* Implement the final paragraph of RFC 6347 section 4.1.1.1 + * in the following way: after the initial transmission and a first + * retransmission, back off to a temporary estimated MTU of 508 bytes. + * This value is guaranteed to be deliverable (if not guaranteed to be + * delivered) of any compliant IPv4 (and IPv6) network, and should work + * on most non-IP stacks too. */ + if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min ) + { + ssl->handshake->mtu = 508; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) ); + } + + new_timeout = 2 * ssl->handshake->retransmit_timeout; + + /* Avoid arithmetic overflow and range overflow */ + if( new_timeout < ssl->handshake->retransmit_timeout || + new_timeout > ssl->conf->hs_timeout_max ) + { + new_timeout = ssl->conf->hs_timeout_max; + } + + ssl->handshake->retransmit_timeout = new_timeout; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", + ssl->handshake->retransmit_timeout ) ); + + return( 0 ); +} + +static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl ) +{ + ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", + ssl->handshake->retransmit_timeout ) ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +/* + * Convert max_fragment_length codes to length. + * RFC 6066 says: + * enum{ + * 2^9(1), 2^10(2), 2^11(3), 2^12(4), (255) + * } MaxFragmentLength; + * and we add 0 -> extension unused + */ +static unsigned int ssl_mfl_code_to_length( int mfl ) +{ + switch( mfl ) + { + case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: + return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); + case MBEDTLS_SSL_MAX_FRAG_LEN_512: + return 512; + case MBEDTLS_SSL_MAX_FRAG_LEN_1024: + return 1024; + case MBEDTLS_SSL_MAX_FRAG_LEN_2048: + return 2048; + case MBEDTLS_SSL_MAX_FRAG_LEN_4096: + return 4096; + default: + return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); + } +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, + const mbedtls_ssl_session *src ) +{ + mbedtls_ssl_session_free( dst ); + memcpy( dst, src, sizeof( mbedtls_ssl_session ) ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + if( src->peer_cert != NULL ) + { + int ret; + + dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) ); + if( dst->peer_cert == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + mbedtls_x509_crt_init( dst->peer_cert ); + + if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p, + src->peer_cert->raw.len ) ) != 0 ) + { + mbedtls_free( dst->peer_cert ); + dst->peer_cert = NULL; + return( ret ); + } + } +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( src->peer_cert_digest != NULL ) + { + dst->peer_cert_digest = + mbedtls_calloc( 1, src->peer_cert_digest_len ); + if( dst->peer_cert_digest == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + memcpy( dst->peer_cert_digest, src->peer_cert_digest, + src->peer_cert_digest_len ); + dst->peer_cert_digest_type = src->peer_cert_digest_type; + dst->peer_cert_digest_len = src->peer_cert_digest_len; + } +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + if( src->ticket != NULL ) + { + dst->ticket = mbedtls_calloc( 1, src->ticket_len ); + if( dst->ticket == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + memcpy( dst->ticket, src->ticket, src->ticket_len ); + } +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen ) = NULL; +int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL; +int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + +/* + * Key material generation + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) +static int ssl3_prf( const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + int ret = 0; + size_t i; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; + unsigned char padding[16]; + unsigned char sha1sum[20]; + ((void)label); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); + + /* + * SSLv3: + * block = + * MD5( secret + SHA1( 'A' + secret + random ) ) + + * MD5( secret + SHA1( 'BB' + secret + random ) ) + + * MD5( secret + SHA1( 'CCC' + secret + random ) ) + + * ... + */ + for( i = 0; i < dlen / 16; i++ ) + { + memset( padding, (unsigned char) ('A' + i), 1 + i ); + + if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 ) + goto exit; + + if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 ) + goto exit; + } + +exit: + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); + + mbedtls_platform_zeroize( padding, sizeof( padding ) ); + mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); + + return( ret ); +} +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +static int tls1_prf( const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + size_t nb, hs; + size_t i, j, k; + const unsigned char *S1, *S2; + unsigned char tmp[128]; + unsigned char h_i[20]; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; + int ret; + + mbedtls_md_init( &md_ctx ); + + if( sizeof( tmp ) < 20 + strlen( label ) + rlen ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + hs = ( slen + 1 ) / 2; + S1 = secret; + S2 = secret + slen - hs; + + nb = strlen( label ); + memcpy( tmp + 20, label, nb ); + memcpy( tmp + 20 + nb, random, rlen ); + nb += rlen; + + /* + * First compute P_md5(secret,label+random)[0..dlen] + */ + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &md_ctx, S1, hs ); + mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); + mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); + + for( i = 0; i < dlen; i += 16 ) + { + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); + mbedtls_md_hmac_finish( &md_ctx, h_i ); + + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); + mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); + + k = ( i + 16 > dlen ) ? dlen % 16 : 16; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = h_i[j]; + } + + mbedtls_md_free( &md_ctx ); + + /* + * XOR out with P_sha1(secret,label+random)[0..dlen] + */ + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &md_ctx, S2, hs ); + mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); + + for( i = 0; i < dlen; i += 20 ) + { + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); + mbedtls_md_hmac_finish( &md_ctx, h_i ); + + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); + + k = ( i + 20 > dlen ) ? dlen % 20 : 20; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); + } + + mbedtls_md_free( &md_ctx ); + + mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int tls_prf_generic( mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + psa_status_t status; + psa_algorithm_t alg; + psa_key_policy_t policy; + psa_key_handle_t master_slot; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + + if( ( status = psa_allocate_key( &master_slot ) ) != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + if( md_type == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384); + else + alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256); + + policy = psa_key_policy_init(); + psa_key_policy_set_usage( &policy, + PSA_KEY_USAGE_DERIVE, + alg ); + status = psa_set_key_policy( master_slot, &policy ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + status = psa_import_key( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + status = psa_key_derivation( &generator, + master_slot, alg, + random, rlen, + (unsigned char const *) label, + (size_t) strlen( label ), + dlen ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + psa_destroy_key( master_slot ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_read( &generator, dstbuf, dlen ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + psa_destroy_key( master_slot ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_abort( &generator ); + if( status != PSA_SUCCESS ) + { + psa_destroy_key( master_slot ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_destroy_key( master_slot ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + + return( 0 ); +} + +#else /* MBEDTLS_USE_PSA_CRYPTO */ + +static int tls_prf_generic( mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + size_t nb; + size_t i, j, k, md_len; + unsigned char tmp[128]; + unsigned char h_i[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; + int ret; + + mbedtls_md_init( &md_ctx ); + + if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + md_len = mbedtls_md_get_size( md_info ); + + if( sizeof( tmp ) < md_len + strlen( label ) + rlen ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + nb = strlen( label ); + memcpy( tmp + md_len, label, nb ); + memcpy( tmp + md_len + nb, random, rlen ); + nb += rlen; + + /* + * Compute P_(secret, label + random)[0..dlen] + */ + if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &md_ctx, secret, slen ); + mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); + + for( i = 0; i < dlen; i += md_len ) + { + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); + mbedtls_md_hmac_finish( &md_ctx, h_i ); + + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); + + k = ( i + md_len > dlen ) ? dlen % md_len : md_len; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = h_i[j]; + } + + mbedtls_md_free( &md_ctx ); + + mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_SHA256_C) +static int tls_prf_sha256( const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen, + label, random, rlen, dstbuf, dlen ) ); +} +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) +static int tls_prf_sha384( const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, + label, random, rlen, dstbuf, dlen ) ); +} +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t ); +#endif + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +static void ssl_calc_verify_ssl( mbedtls_ssl_context *, unsigned char * ); +static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int ); +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_calc_verify_tls( mbedtls_ssl_context *, unsigned char * ); +static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int ); +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *,unsigned char * ); +static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); +#endif + +#if defined(MBEDTLS_SHA512_C) +static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *, unsigned char * ); +static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) +static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +{ + if( ssl->conf->f_psk != NULL ) + { + /* If we've used a callback to select the PSK, + * the static configuration is irrelevant. */ + if( ssl->handshake->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); + } + + if( ssl->conf->psk_opaque != 0 ) + return( 1 ); + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO && + MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) +{ + int ret = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + int psa_fallthrough; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + unsigned char tmp[64]; + unsigned char keyblk[256]; + unsigned char *key1; + unsigned char *key2; + unsigned char *mac_enc; + unsigned char *mac_dec; + size_t mac_key_len; + size_t iv_copy_len; + size_t taglen = 0; + const mbedtls_cipher_info_t *cipher_info; + const mbedtls_md_info_t *md_info; + + /* cf. RFC 5246, Section 8.1: + * "The master secret is always exactly 48 bytes in length." */ + size_t const master_secret_len = 48; + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + unsigned char session_hash[48]; +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + + mbedtls_ssl_session *session = ssl->session_negotiate; + mbedtls_ssl_transform *transform = ssl->transform_negotiate; + mbedtls_ssl_handshake_params *handshake = ssl->handshake; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); + + cipher_info = mbedtls_cipher_info_from_type( transform->ciphersuite_info->cipher ); + if( cipher_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", + transform->ciphersuite_info->cipher ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + md_info = mbedtls_md_info_from_type( transform->ciphersuite_info->mac ); + if( md_info == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", + transform->ciphersuite_info->mac ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* + * Set appropriate PRF function and other SSL / TLS / TLS1.2 functions + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + handshake->tls_prf = ssl3_prf; + handshake->calc_verify = ssl_calc_verify_ssl; + handshake->calc_finished = ssl_calc_finished_ssl; + } + else +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) + { + handshake->tls_prf = tls1_prf; + handshake->calc_verify = ssl_calc_verify_tls; + handshake->calc_finished = ssl_calc_finished_tls; + } + else +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA512_C) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + transform->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + { + handshake->tls_prf = tls_prf_sha384; + handshake->calc_verify = ssl_calc_verify_tls_sha384; + handshake->calc_finished = ssl_calc_finished_tls_sha384; + } + else +#endif +#if defined(MBEDTLS_SHA256_C) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + handshake->tls_prf = tls_prf_sha256; + handshake->calc_verify = ssl_calc_verify_tls_sha256; + handshake->calc_finished = ssl_calc_finished_tls_sha256; + } + else +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * SSLv3: + * master = + * MD5( premaster + SHA1( 'A' + premaster + randbytes ) ) + + * MD5( premaster + SHA1( 'BB' + premaster + randbytes ) ) + + * MD5( premaster + SHA1( 'CCC' + premaster + randbytes ) ) + * + * TLSv1+: + * master = PRF( premaster, "master secret", randbytes )[0..47] + */ + if( handshake->resume != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); + } + else + { + /* The label for the KDF used for key expansion. + * This is either "master secret" or "extended master secret" + * depending on whether the Extended Master Secret extension + * is used. */ + char const *lbl = "master secret"; + + /* The salt for the KDF used for key expansion. + * - If the Extended Master Secret extension is not used, + * this is ClientHello.Random + ServerHello.Random + * (see Sect. 8.1 in RFC 5246). + * - If the Extended Master Secret extension is used, + * this is the transcript of the handshake so far. + * (see Sect. 4 in RFC 7627). */ + unsigned char const *salt = handshake->randbytes; + size_t salt_len = 64; + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + mbedtls_md_type_t const md_type = ciphersuite_info->mac; +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) ); + + lbl = "extended master secret"; + salt = session_hash; + ssl->handshake->calc_verify( ssl, session_hash ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { +#if defined(MBEDTLS_SHA512_C) + if( md_type == MBEDTLS_MD_SHA384 ) + salt_len = 48; + else +#endif /* MBEDTLS_SHA512_C */ + salt_len = 32; + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + salt_len = 36; + + MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, salt_len ); + } +#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + ssl_use_opaque_psk( ssl ) == 1 ) + { + /* Perform PSK-to-MS expansion in a single step. */ + psa_status_t status; + psa_algorithm_t alg; + psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; + psa_key_handle_t psk; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); + + psk = ssl->conf->psk_opaque; + if( ssl->handshake->psk_opaque != 0 ) + psk = ssl->handshake->psk_opaque; + + if( md_type == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); + else + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + + status = psa_key_derivation( &generator, psk, alg, + salt, salt_len, + (unsigned char const *) lbl, + (size_t) strlen( lbl ), + master_secret_len ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_read( &generator, session->master, + master_secret_len ); + if( status != PSA_SUCCESS ) + { + psa_generator_abort( &generator ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + status = psa_generator_abort( &generator ); + if( status != PSA_SUCCESS ) + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + else +#endif + { + ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, + lbl, salt, salt_len, + session->master, + master_secret_len ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", + handshake->premaster, + handshake->pmslen ); + + mbedtls_platform_zeroize( handshake->premaster, + sizeof(handshake->premaster) ); + } + } + + /* + * Swap the client and server random values. + */ + memcpy( tmp, handshake->randbytes, 64 ); + memcpy( handshake->randbytes, tmp + 32, 32 ); + memcpy( handshake->randbytes + 32, tmp, 32 ); + mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + + /* + * SSLv3: + * key block = + * MD5( master + SHA1( 'A' + master + randbytes ) ) + + * MD5( master + SHA1( 'BB' + master + randbytes ) ) + + * MD5( master + SHA1( 'CCC' + master + randbytes ) ) + + * MD5( master + SHA1( 'DDDD' + master + randbytes ) ) + + * ... + * + * TLSv1: + * key block = PRF( master, "key expansion", randbytes ) + */ + ret = handshake->tls_prf( session->master, 48, "key expansion", + handshake->randbytes, 64, keyblk, 256 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", + mbedtls_ssl_get_ciphersuite_name( session->ciphersuite ) ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", session->master, 48 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); + + mbedtls_platform_zeroize( handshake->randbytes, + sizeof( handshake->randbytes ) ); + + /* + * Determine the appropriate key, IV and MAC length. + */ + + transform->keylen = cipher_info->key_bitlen / 8; + + if( cipher_info->mode == MBEDTLS_MODE_GCM || + cipher_info->mode == MBEDTLS_MODE_CCM || + cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) + { + size_t explicit_ivlen; + + transform->maclen = 0; + mac_key_len = 0; + + /* All modes haves 96-bit IVs; + * GCM and CCM has 4 implicit and 8 explicit bytes + * ChachaPoly has all 12 bytes implicit + */ + transform->ivlen = 12; + if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) + transform->fixed_ivlen = 12; + else + transform->fixed_ivlen = 4; + + /* All modes have 128-bit tags, except CCM_8 (ciphersuite flag) */ + taglen = transform->ciphersuite_info->flags & + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; + + + /* Minimum length of encrypted record */ + explicit_ivlen = transform->ivlen - transform->fixed_ivlen; + transform->minlen = explicit_ivlen + taglen; + } + else + { + /* Initialize HMAC contexts */ + if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || + ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); + return( ret ); + } + + /* Get MAC length */ + mac_key_len = mbedtls_md_get_size( md_info ); + transform->maclen = mac_key_len; + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + /* + * If HMAC is to be truncated, we shall keep the leftmost bytes, + * (rfc 6066 page 13 or rfc 2104 section 4), + * so we only need to adjust the length here. + */ + if( session->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) + { + transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN; + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) + /* Fall back to old, non-compliant version of the truncated + * HMAC implementation which also truncates the key + * (Mbed TLS versions from 1.3 to 2.6.0) */ + mac_key_len = transform->maclen; +#endif + } +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + + /* IV length */ + transform->ivlen = cipher_info->iv_size; + + /* Minimum length */ + if( cipher_info->mode == MBEDTLS_MODE_STREAM ) + transform->minlen = transform->maclen; + else + { + /* + * GenericBlockCipher: + * 1. if EtM is in use: one block plus MAC + * otherwise: * first multiple of blocklen greater than maclen + * 2. IV except for SSL3 and TLS 1.0 + */ +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( session->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) + { + transform->minlen = transform->maclen + + cipher_info->block_size; + } + else +#endif + { + transform->minlen = transform->maclen + + cipher_info->block_size + - transform->maclen % cipher_info->block_size; + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 ) + ; /* No need to adjust minlen */ + else +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + transform->minlen += transform->ivlen; + } + else +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %d, minlen: %d, ivlen: %d, maclen: %d", + transform->keylen, transform->minlen, transform->ivlen, + transform->maclen ) ); + + /* + * Finally setup the cipher contexts, IVs and MAC secrets. + */ +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + key1 = keyblk + mac_key_len * 2; + key2 = keyblk + mac_key_len * 2 + transform->keylen; + + mac_enc = keyblk; + mac_dec = keyblk + mac_key_len; + + /* + * This is not used in TLS v1.1. + */ + iv_copy_len = ( transform->fixed_ivlen ) ? + transform->fixed_ivlen : transform->ivlen; + memcpy( transform->iv_enc, key2 + transform->keylen, iv_copy_len ); + memcpy( transform->iv_dec, key2 + transform->keylen + iv_copy_len, + iv_copy_len ); + } + else +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + { + key1 = keyblk + mac_key_len * 2 + transform->keylen; + key2 = keyblk + mac_key_len * 2; + + mac_enc = keyblk + mac_key_len; + mac_dec = keyblk; + + /* + * This is not used in TLS v1.1. + */ + iv_copy_len = ( transform->fixed_ivlen ) ? + transform->fixed_ivlen : transform->ivlen; + memcpy( transform->iv_dec, key1 + transform->keylen, iv_copy_len ); + memcpy( transform->iv_enc, key1 + transform->keylen + iv_copy_len, + iv_copy_len ); + } + else +#endif /* MBEDTLS_SSL_SRV_C */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + if( mac_key_len > sizeof transform->mac_enc ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( transform->mac_enc, mac_enc, mac_key_len ); + memcpy( transform->mac_dec, mac_dec, mac_key_len ); + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + { + /* For HMAC-based ciphersuites, initialize the HMAC transforms. + For AEAD-based ciphersuites, there is nothing to do here. */ + if( mac_key_len != 0 ) + { + mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); + mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); + } + } + else +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_init != NULL ) + { + int ret = 0; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) ); + + if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, transform->keylen, + transform->iv_enc, transform->iv_dec, + iv_copy_len, + mac_enc, mac_dec, + mac_key_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + if( ssl->conf->f_export_keys != NULL ) + { + ssl->conf->f_export_keys( ssl->conf->p_export_keys, + session->master, keyblk, + mac_key_len, transform->keylen, + iv_copy_len ); + } +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + + /* Only use PSA-based ciphers for TLS-1.2. + * That's relevant at least for TLS-1.0, where + * we assume that mbedtls_cipher_crypt() updates + * the structure field for the IV, which the PSA-based + * implementation currently doesn't. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, + cipher_info, taglen ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + return( ret ); + } + + if( ret == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based encryption cipher context" ) ); + psa_fallthrough = 0; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); + psa_fallthrough = 1; + } + } + else + psa_fallthrough = 1; +#else + psa_fallthrough = 1; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + if( psa_fallthrough == 1 ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, + cipher_info ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + return( ret ); + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Only use PSA-based ciphers for TLS-1.2. + * That's relevant at least for TLS-1.0, where + * we assume that mbedtls_cipher_crypt() updates + * the structure field for the IV, which the PSA-based + * implementation currently doesn't. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, + cipher_info, taglen ); + if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + return( ret ); + } + + if( ret == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based decryption cipher context" ) ); + psa_fallthrough = 0; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); + psa_fallthrough = 1; + } + } + else + psa_fallthrough = 1; +#else + psa_fallthrough = 1; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + if( psa_fallthrough == 1 ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, + cipher_info ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, + cipher_info->key_bitlen, + MBEDTLS_ENCRYPT ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, + cipher_info->key_bitlen, + MBEDTLS_DECRYPT ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + return( ret ); + } + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if( cipher_info->mode == MBEDTLS_MODE_CBC ) + { + if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc, + MBEDTLS_PADDING_NONE ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); + return( ret ); + } + + if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec, + MBEDTLS_PADDING_NONE ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + + mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) ); + +#if defined(MBEDTLS_ZLIB_SUPPORT) + // Initialize compression + // + if( session->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) + { + if( ssl->compress_buf == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) ); + ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); + if( ssl->compress_buf == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", + MBEDTLS_SSL_COMPRESS_BUFFER_LEN ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); + + memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); + memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); + + if( deflateInit( &transform->ctx_deflate, + Z_DEFAULT_COMPRESSION ) != Z_OK || + inflateInit( &transform->ctx_inflate ) != Z_OK ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); + return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + } + } +#endif /* MBEDTLS_ZLIB_SUPPORT */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +void ssl_calc_verify_ssl( mbedtls_ssl_context *ssl, unsigned char hash[36] ) +{ + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; + unsigned char pad_1[48]; + unsigned char pad_2[48]; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); + + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + + memset( pad_1, 0x36, 48 ); + memset( pad_2, 0x5C, 48 ); + + mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); + mbedtls_md5_update_ret( &md5, pad_1, 48 ); + mbedtls_md5_finish_ret( &md5, hash ); + + mbedtls_md5_starts_ret( &md5 ); + mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); + mbedtls_md5_update_ret( &md5, pad_2, 48 ); + mbedtls_md5_update_ret( &md5, hash, 16 ); + mbedtls_md5_finish_ret( &md5, hash ); + + mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); + mbedtls_sha1_update_ret( &sha1, pad_1, 40 ); + mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + + mbedtls_sha1_starts_ret( &sha1 ); + mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); + mbedtls_sha1_update_ret( &sha1, pad_2, 40 ); + mbedtls_sha1_update_ret( &sha1, hash + 16, 20 ); + mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); + + return; +} +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +void ssl_calc_verify_tls( mbedtls_ssl_context *ssl, unsigned char hash[36] ) +{ + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); + + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + + mbedtls_md5_finish_ret( &md5, hash ); + mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); + + return; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32] ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + size_t hash_size; + psa_status_t status; + psa_hash_operation_t sha256_psa = psa_hash_operation_init(); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha256" ) ); + status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + return; + } + + status = psa_hash_finish( &sha256_psa, hash, 32, &hash_size ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + return; + } + MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, 32 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); +#else + mbedtls_sha256_context sha256; + + mbedtls_sha256_init( &sha256 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); + + mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); + mbedtls_sha256_finish_ret( &sha256, hash ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + mbedtls_sha256_free( &sha256 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return; +} +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) +void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48] ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + size_t hash_size; + psa_status_t status; + psa_hash_operation_t sha384_psa = psa_hash_operation_init(); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha384" ) ); + status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + return; + } + + status = psa_hash_finish( &sha384_psa, hash, 48, &hash_size ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + return; + } + MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, 48 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); +#else + mbedtls_sha512_context sha512; + + mbedtls_sha512_init( &sha512 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); + + mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); + mbedtls_sha512_finish_ret( &sha512, hash ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + mbedtls_sha512_free( &sha512 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return; +} +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ) +{ + unsigned char *p = ssl->handshake->premaster; + unsigned char *end = p + sizeof( ssl->handshake->premaster ); + const unsigned char *psk = ssl->conf->psk; + size_t psk_len = ssl->conf->psk_len; + + /* If the psk callback was called, use its result */ + if( ssl->handshake->psk != NULL ) + { + psk = ssl->handshake->psk; + psk_len = ssl->handshake->psk_len; + } + + /* + * PMS = struct { + * opaque other_secret<0..2^16-1>; + * opaque psk<0..2^16-1>; + * }; + * with "other_secret" depending on the particular key exchange + */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK ) + { + if( end - p < 2 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + *(p++) = (unsigned char)( psk_len >> 8 ); + *(p++) = (unsigned char)( psk_len ); + + if( end < p || (size_t)( end - p ) < psk_len ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + memset( p, 0, psk_len ); + p += psk_len; + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { + /* + * other_secret already set by the ClientKeyExchange message, + * and is 48 bytes long + */ + if( end - p < 2 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + *p++ = 0; + *p++ = 48; + p += 48; + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + { + int ret; + size_t len; + + /* Write length only when we know the actual value */ + if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, + p + 2, end - ( p + 2 ), &len, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); + return( ret ); + } + *(p++) = (unsigned char)( len >> 8 ); + *(p++) = (unsigned char)( len ); + p += len; + + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + { + int ret; + size_t zlen; + + if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, + p + 2, end - ( p + 2 ), + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); + return( ret ); + } + + *(p++) = (unsigned char)( zlen >> 8 ); + *(p++) = (unsigned char)( zlen ); + p += zlen; + + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z ); + } + else +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* opaque psk<0..2^16-1>; */ + if( end - p < 2 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + *(p++) = (unsigned char)( psk_len >> 8 ); + *(p++) = (unsigned char)( psk_len ); + + if( end < p || (size_t)( end - p ) < psk_len ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + memcpy( p, psk, psk_len ); + p += psk_len; + + ssl->handshake->pmslen = p - ssl->handshake->premaster; + + return( 0 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +/* + * SSLv3.0 MAC functions + */ +#define SSL_MAC_MAX_BYTES 20 /* MD-5 or SHA-1 */ +static void ssl_mac( mbedtls_md_context_t *md_ctx, + const unsigned char *secret, + const unsigned char *buf, size_t len, + const unsigned char *ctr, int type, + unsigned char out[SSL_MAC_MAX_BYTES] ) +{ + unsigned char header[11]; + unsigned char padding[48]; + int padlen; + int md_size = mbedtls_md_get_size( md_ctx->md_info ); + int md_type = mbedtls_md_get_type( md_ctx->md_info ); + + /* Only MD5 and SHA-1 supported */ + if( md_type == MBEDTLS_MD_MD5 ) + padlen = 48; + else + padlen = 40; + + memcpy( header, ctr, 8 ); + header[ 8] = (unsigned char) type; + header[ 9] = (unsigned char)( len >> 8 ); + header[10] = (unsigned char)( len ); + + memset( padding, 0x36, padlen ); + mbedtls_md_starts( md_ctx ); + mbedtls_md_update( md_ctx, secret, md_size ); + mbedtls_md_update( md_ctx, padding, padlen ); + mbedtls_md_update( md_ctx, header, 11 ); + mbedtls_md_update( md_ctx, buf, len ); + mbedtls_md_finish( md_ctx, out ); + + memset( padding, 0x5C, padlen ); + mbedtls_md_starts( md_ctx ); + mbedtls_md_update( md_ctx, secret, md_size ); + mbedtls_md_update( md_ctx, padding, padlen ); + mbedtls_md_update( md_ctx, out, md_size ); + mbedtls_md_finish( md_ctx, out ); +} +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ + ( defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C)) ) +#define SSL_SOME_MODES_USE_MAC +#endif + +/* The function below is only used in the Lucky 13 counter-measure in + * ssl_decrypt_buf(). These are the defines that guard the call site. */ +#if defined(SSL_SOME_MODES_USE_MAC) && \ + ( defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) ) +/* This function makes sure every byte in the memory region is accessed + * (in ascending addresses order) */ +static void ssl_read_memory( unsigned char *p, size_t len ) +{ + unsigned char acc = 0; + volatile unsigned char force; + + for( ; len != 0; p++, len-- ) + acc ^= *p; + + force = acc; + (void) force; +} +#endif /* SSL_SOME_MODES_USE_MAC && ( TLS1 || TLS1_1 || TLS1_2 ) */ + +/* + * Encryption/decryption functions + */ +static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) +{ + mbedtls_cipher_mode_t mode; + int auth_done = 0; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); + + if( ssl->session_out == NULL || ssl->transform_out == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload", + ssl->out_msg, ssl->out_msglen ); + + /* + * Add MAC before if needed + */ +#if defined(SSL_SOME_MODES_USE_MAC) + if( mode == MBEDTLS_MODE_STREAM || + ( mode == MBEDTLS_MODE_CBC +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + && ssl->session_out->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED +#endif + ) ) + { +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + unsigned char mac[SSL_MAC_MAX_BYTES]; + + ssl_mac( &ssl->transform_out->md_ctx_enc, + ssl->transform_out->mac_enc, + ssl->out_msg, ssl->out_msglen, + ssl->out_ctr, ssl->out_msgtype, + mac ); + + memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen ); + } + else +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + { + unsigned char mac[MBEDTLS_SSL_MAC_ADD]; + + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, + ssl->out_msg, ssl->out_msglen ); + mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); + mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); + + memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen ); + } + else +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", + ssl->out_msg + ssl->out_msglen, + ssl->transform_out->maclen ); + + ssl->out_msglen += ssl->transform_out->maclen; + auth_done++; + } +#endif /* AEAD not the only option */ + + /* + * Encrypt + */ +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) + if( mode == MBEDTLS_MODE_STREAM ) + { + int ret; + size_t olen = 0; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + "including %d bytes of padding", + ssl->out_msglen, 0 ) ); + + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc, + ssl->transform_out->iv_enc, + ssl->transform_out->ivlen, + ssl->out_msg, ssl->out_msglen, + ssl->out_msg, &olen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); + return( ret ); + } + + if( ssl->out_msglen != olen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + else +#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ +#if defined(MBEDTLS_GCM_C) || \ + defined(MBEDTLS_CCM_C) || \ + defined(MBEDTLS_CHACHAPOLY_C) + if( mode == MBEDTLS_MODE_GCM || + mode == MBEDTLS_MODE_CCM || + mode == MBEDTLS_MODE_CHACHAPOLY ) + { + int ret; + size_t enc_msglen, olen; + unsigned char *enc_msg; + unsigned char add_data[13]; + unsigned char iv[12]; + mbedtls_ssl_transform *transform = ssl->transform_out; + unsigned char taglen = transform->ciphersuite_info->flags & + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; + size_t explicit_ivlen = transform->ivlen - transform->fixed_ivlen; + + /* + * Prepare additional authenticated data + */ + memcpy( add_data, ssl->out_ctr, 8 ); + add_data[8] = ssl->out_msgtype; + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, add_data + 9 ); + add_data[11] = ( ssl->out_msglen >> 8 ) & 0xFF; + add_data[12] = ssl->out_msglen & 0xFF; + + MBEDTLS_SSL_DEBUG_BUF( 4, "additional data for AEAD", add_data, 13 ); + + /* + * Generate IV + */ + if( transform->ivlen == 12 && transform->fixed_ivlen == 4 ) + { + /* GCM and CCM: fixed || explicit (=seqnum) */ + memcpy( iv, transform->iv_enc, transform->fixed_ivlen ); + memcpy( iv + transform->fixed_ivlen, ssl->out_ctr, 8 ); + memcpy( ssl->out_iv, ssl->out_ctr, 8 ); + + } + else if( transform->ivlen == 12 && transform->fixed_ivlen == 12 ) + { + /* ChachaPoly: fixed XOR sequence number */ + unsigned char i; + + memcpy( iv, transform->iv_enc, transform->fixed_ivlen ); + + for( i = 0; i < 8; i++ ) + iv[i+4] ^= ssl->out_ctr[i]; + } + else + { + /* Reminder if we ever add an AEAD mode with a different size */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)", + iv, transform->ivlen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)", + ssl->out_iv, explicit_ivlen ); + + /* + * Fix message length with added IV + */ + enc_msg = ssl->out_msg; + enc_msglen = ssl->out_msglen; + ssl->out_msglen += explicit_ivlen; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + "including 0 bytes of padding", + ssl->out_msglen ) ); + + /* + * Encrypt and authenticate + */ + if( ( ret = mbedtls_cipher_auth_encrypt( &transform->cipher_ctx_enc, + iv, transform->ivlen, + add_data, 13, + enc_msg, enc_msglen, + enc_msg, &olen, + enc_msg + enc_msglen, taglen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); + return( ret ); + } + + if( olen != enc_msglen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->out_msglen += taglen; + auth_done++; + + MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", enc_msg + enc_msglen, taglen ); + } + else +#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) ) + if( mode == MBEDTLS_MODE_CBC ) + { + int ret; + unsigned char *enc_msg; + size_t enc_msglen, padlen, olen = 0, i; + + padlen = ssl->transform_out->ivlen - ( ssl->out_msglen + 1 ) % + ssl->transform_out->ivlen; + if( padlen == ssl->transform_out->ivlen ) + padlen = 0; + + for( i = 0; i <= padlen; i++ ) + ssl->out_msg[ssl->out_msglen + i] = (unsigned char) padlen; + + ssl->out_msglen += padlen + 1; + + enc_msglen = ssl->out_msglen; + enc_msg = ssl->out_msg; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + /* + * Prepend per-record IV for block cipher in TLS v1.1 and up as per + * Method 1 (6.2.3.2. in RFC4346 and RFC5246) + */ + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + /* + * Generate IV + */ + ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc, + ssl->transform_out->ivlen ); + if( ret != 0 ) + return( ret ); + + memcpy( ssl->out_iv, ssl->transform_out->iv_enc, + ssl->transform_out->ivlen ); + + /* + * Fix pointer positions and message length with added IV + */ + enc_msg = ssl->out_msg; + enc_msglen = ssl->out_msglen; + ssl->out_msglen += ssl->transform_out->ivlen; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + "including %d bytes of IV and %d bytes of padding", + ssl->out_msglen, ssl->transform_out->ivlen, + padlen + 1 ) ); + + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc, + ssl->transform_out->iv_enc, + ssl->transform_out->ivlen, + enc_msg, enc_msglen, + enc_msg, &olen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); + return( ret ); + } + + if( enc_msglen != olen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) + { + /* + * Save IV in SSL3 and TLS1 + */ + memcpy( ssl->transform_out->iv_enc, + ssl->transform_out->cipher_ctx_enc.iv, + ssl->transform_out->ivlen ); + } +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( auth_done == 0 ) + { + unsigned char mac[MBEDTLS_SSL_MAC_ADD]; + + /* + * MAC(MAC_write_key, seq_num + + * TLSCipherText.type + + * TLSCipherText.version + + * length_of( (IV +) ENC(...) ) + + * IV + // except for TLS 1.0 + * ENC(content + padding + padding_length)); + */ + unsigned char pseudo_hdr[13]; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); + + memcpy( pseudo_hdr + 0, ssl->out_ctr, 8 ); + memcpy( pseudo_hdr + 8, ssl->out_hdr, 3 ); + pseudo_hdr[11] = (unsigned char)( ( ssl->out_msglen >> 8 ) & 0xFF ); + pseudo_hdr[12] = (unsigned char)( ( ssl->out_msglen ) & 0xFF ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); + + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, + ssl->out_iv, ssl->out_msglen ); + mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); + mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); + + memcpy( ssl->out_iv + ssl->out_msglen, mac, + ssl->transform_out->maclen ); + + ssl->out_msglen += ssl->transform_out->maclen; + auth_done++; + } +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + } + else +#endif /* MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C ) */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* Make extra sure authentication was performed, exactly once */ + if( auth_done != 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); + + return( 0 ); +} + +static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) +{ + mbedtls_cipher_mode_t mode; + int auth_done = 0; +#if defined(SSL_SOME_MODES_USE_MAC) + size_t padlen = 0, correct = 1; +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); + + if( ssl->session_in == NULL || ssl->transform_in == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_in->cipher_ctx_dec ); + + if( ssl->in_msglen < ssl->transform_in->minlen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "in_msglen (%d) < minlen (%d)", + ssl->in_msglen, ssl->transform_in->minlen ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } + +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) + if( mode == MBEDTLS_MODE_STREAM ) + { + int ret; + size_t olen = 0; + + padlen = 0; + + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec, + ssl->transform_in->iv_dec, + ssl->transform_in->ivlen, + ssl->in_msg, ssl->in_msglen, + ssl->in_msg, &olen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); + return( ret ); + } + + if( ssl->in_msglen != olen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + else +#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ +#if defined(MBEDTLS_GCM_C) || \ + defined(MBEDTLS_CCM_C) || \ + defined(MBEDTLS_CHACHAPOLY_C) + if( mode == MBEDTLS_MODE_GCM || + mode == MBEDTLS_MODE_CCM || + mode == MBEDTLS_MODE_CHACHAPOLY ) + { + int ret; + size_t dec_msglen, olen; + unsigned char *dec_msg; + unsigned char *dec_msg_result; + unsigned char add_data[13]; + unsigned char iv[12]; + mbedtls_ssl_transform *transform = ssl->transform_in; + unsigned char taglen = transform->ciphersuite_info->flags & + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; + size_t explicit_iv_len = transform->ivlen - transform->fixed_ivlen; + + /* + * Compute and update sizes + */ + if( ssl->in_msglen < explicit_iv_len + taglen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) " + "+ taglen (%d)", ssl->in_msglen, + explicit_iv_len, taglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } + dec_msglen = ssl->in_msglen - explicit_iv_len - taglen; + + dec_msg = ssl->in_msg; + dec_msg_result = ssl->in_msg; + ssl->in_msglen = dec_msglen; + + /* + * Prepare additional authenticated data + */ + memcpy( add_data, ssl->in_ctr, 8 ); + add_data[8] = ssl->in_msgtype; + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, add_data + 9 ); + add_data[11] = ( ssl->in_msglen >> 8 ) & 0xFF; + add_data[12] = ssl->in_msglen & 0xFF; + + MBEDTLS_SSL_DEBUG_BUF( 4, "additional data for AEAD", add_data, 13 ); + + /* + * Prepare IV + */ + if( transform->ivlen == 12 && transform->fixed_ivlen == 4 ) + { + /* GCM and CCM: fixed || explicit (transmitted) */ + memcpy( iv, transform->iv_dec, transform->fixed_ivlen ); + memcpy( iv + transform->fixed_ivlen, ssl->in_iv, 8 ); + + } + else if( transform->ivlen == 12 && transform->fixed_ivlen == 12 ) + { + /* ChachaPoly: fixed XOR sequence number */ + unsigned char i; + + memcpy( iv, transform->iv_dec, transform->fixed_ivlen ); + + for( i = 0; i < 8; i++ ) + iv[i+4] ^= ssl->in_ctr[i]; + } + else + { + /* Reminder if we ever add an AEAD mode with a different size */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, taglen ); + + /* + * Decrypt and authenticate + */ + if( ( ret = mbedtls_cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec, + iv, transform->ivlen, + add_data, 13, + dec_msg, dec_msglen, + dec_msg_result, &olen, + dec_msg + dec_msglen, taglen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); + + if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + + return( ret ); + } + auth_done++; + + if( olen != dec_msglen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + else +#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) ) + if( mode == MBEDTLS_MODE_CBC ) + { + /* + * Decrypt and check the padding + */ + int ret; + unsigned char *dec_msg; + unsigned char *dec_msg_result; + size_t dec_msglen; + size_t minlen = 0; + size_t olen = 0; + + /* + * Check immediate ciphertext sanity + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + minlen += ssl->transform_in->ivlen; +#endif + + if( ssl->in_msglen < minlen + ssl->transform_in->ivlen || + ssl->in_msglen < minlen + ssl->transform_in->maclen + 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) " + "+ 1 ) ( + expl IV )", ssl->in_msglen, + ssl->transform_in->ivlen, + ssl->transform_in->maclen ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } + + dec_msglen = ssl->in_msglen; + dec_msg = ssl->in_msg; + dec_msg_result = ssl->in_msg; + + /* + * Authenticate before decrypt if enabled + */ +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( ssl->session_in->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) + { + unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; + unsigned char pseudo_hdr[13]; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); + + dec_msglen -= ssl->transform_in->maclen; + ssl->in_msglen -= ssl->transform_in->maclen; + + memcpy( pseudo_hdr + 0, ssl->in_ctr, 8 ); + memcpy( pseudo_hdr + 8, ssl->in_hdr, 3 ); + pseudo_hdr[11] = (unsigned char)( ( ssl->in_msglen >> 8 ) & 0xFF ); + pseudo_hdr[12] = (unsigned char)( ( ssl->in_msglen ) & 0xFF ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); + + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, + ssl->in_iv, ssl->in_msglen ); + mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect ); + mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_iv + ssl->in_msglen, + ssl->transform_in->maclen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, + ssl->transform_in->maclen ); + + if( mbedtls_ssl_safer_memcmp( ssl->in_iv + ssl->in_msglen, mac_expect, + ssl->transform_in->maclen ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); + + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } + auth_done++; + } +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + + /* + * Check length sanity + */ + if( ssl->in_msglen % ssl->transform_in->ivlen != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0", + ssl->in_msglen, ssl->transform_in->ivlen ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + /* + * Initialize for prepended IV for block cipher in TLS v1.1 and up + */ + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + unsigned char i; + dec_msglen -= ssl->transform_in->ivlen; + ssl->in_msglen -= ssl->transform_in->ivlen; + + for( i = 0; i < ssl->transform_in->ivlen; i++ ) + ssl->transform_in->iv_dec[i] = ssl->in_iv[i]; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ + + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec, + ssl->transform_in->iv_dec, + ssl->transform_in->ivlen, + dec_msg, dec_msglen, + dec_msg_result, &olen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); + return( ret ); + } + + if( dec_msglen != olen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) + { + /* + * Save IV in SSL3 and TLS1 + */ + memcpy( ssl->transform_in->iv_dec, + ssl->transform_in->cipher_ctx_dec.iv, + ssl->transform_in->ivlen ); + } +#endif + + padlen = 1 + ssl->in_msg[ssl->in_msglen - 1]; + + if( ssl->in_msglen < ssl->transform_in->maclen + padlen && + auth_done == 0 ) + { +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)", + ssl->in_msglen, ssl->transform_in->maclen, padlen ) ); +#endif + padlen = 0; + correct = 0; + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + if( padlen > ssl->transform_in->ivlen ) + { +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, " + "should be no more than %d", + padlen, ssl->transform_in->ivlen ) ); +#endif + correct = 0; + } + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) + { + /* + * TLSv1+: always check the padding up to the first failure + * and fake check up to 256 bytes of padding + */ + size_t pad_count = 0, real_count = 1; + size_t padding_idx = ssl->in_msglen - padlen; + size_t i; + + /* + * Padding is guaranteed to be incorrect if: + * 1. padlen > ssl->in_msglen + * + * 2. padding_idx > MBEDTLS_SSL_IN_CONTENT_LEN + + * ssl->transform_in->maclen + * + * In both cases we reset padding_idx to a safe value (0) to + * prevent out-of-buffer reads. + */ + correct &= ( padlen <= ssl->in_msglen ); + correct &= ( padding_idx <= MBEDTLS_SSL_IN_CONTENT_LEN + + ssl->transform_in->maclen ); + + padding_idx *= correct; + + for( i = 0; i < 256; i++ ) + { + real_count &= ( i < padlen ); + pad_count += real_count * + ( ssl->in_msg[padding_idx + i] == padlen - 1 ); + } + + correct &= ( pad_count == padlen ); /* Only 1 on correct padding */ + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + if( padlen > 0 && correct == 0 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); +#endif + padlen &= correct * 0x1FF; + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->in_msglen -= padlen; + } + else +#endif /* MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C ) */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption", + ssl->in_msg, ssl->in_msglen ); +#endif + + /* + * Authenticate if not done yet. + * Compute the MAC regardless of the padding result (RFC4346, CBCTIME). + */ +#if defined(SSL_SOME_MODES_USE_MAC) + if( auth_done == 0 ) + { + unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; + + ssl->in_msglen -= ssl->transform_in->maclen; + + ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 ); + ssl->in_len[1] = (unsigned char)( ssl->in_msglen ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + ssl_mac( &ssl->transform_in->md_ctx_dec, + ssl->transform_in->mac_dec, + ssl->in_msg, ssl->in_msglen, + ssl->in_ctr, ssl->in_msgtype, + mac_expect ); + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) + { + /* + * Process MAC and always update for padlen afterwards to make + * total time independent of padlen. + * + * Known timing attacks: + * - Lucky Thirteen (http://www.isg.rhul.ac.uk/tls/TLStiming.pdf) + * + * To compensate for different timings for the MAC calculation + * depending on how much padding was removed (which is determined + * by padlen), process extra_run more blocks through the hash + * function. + * + * The formula in the paper is + * extra_run = ceil( (L1-55) / 64 ) - ceil( (L2-55) / 64 ) + * where L1 is the size of the header plus the decrypted message + * plus CBC padding and L2 is the size of the header plus the + * decrypted message. This is for an underlying hash function + * with 64-byte blocks. + * We use ( (Lx+8) / 64 ) to handle 'negative Lx' values + * correctly. We round down instead of up, so -56 is the correct + * value for our calculations instead of -55. + * + * Repeat the formula rather than defining a block_size variable. + * This avoids requiring division by a variable at runtime + * (which would be marginally less efficient and would require + * linking an extra division function in some builds). + */ + size_t j, extra_run = 0; + + /* + * The next two sizes are the minimum and maximum values of + * in_msglen over all padlen values. + * + * They're independent of padlen, since we previously did + * in_msglen -= padlen. + * + * Note that max_len + maclen is never more than the buffer + * length, as we previously did in_msglen -= maclen too. + */ + const size_t max_len = ssl->in_msglen + padlen; + const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0; + + switch( ssl->transform_in->ciphersuite_info->mac ) + { +#if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \ + defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_MD5: + case MBEDTLS_MD_SHA1: + case MBEDTLS_MD_SHA256: + /* 8 bytes of message size, 64-byte compression blocks */ + extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 - + ( 13 + ssl->in_msglen + 8 ) / 64; + break; +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + /* 16 bytes of message size, 128-byte compression blocks */ + extra_run = ( 13 + ssl->in_msglen + padlen + 16 ) / 128 - + ( 13 + ssl->in_msglen + 16 ) / 128; + break; +#endif + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + extra_run &= correct * 0xFF; + + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_ctr, 8 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_hdr, 3 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_len, 2 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg, + ssl->in_msglen ); + /* Make sure we access everything even when padlen > 0. This + * makes the synchronisation requirements for just-in-time + * Prime+Probe attacks much tighter and hopefully impractical. */ + ssl_read_memory( ssl->in_msg + ssl->in_msglen, padlen ); + mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect ); + + /* Call mbedtls_md_process at least once due to cache attacks + * that observe whether md_process() was called of not */ + for( j = 0; j < extra_run + 1; j++ ) + mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg ); + + mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); + + /* Make sure we access all the memory that could contain the MAC, + * before we check it in the next code block. This makes the + * synchronisation requirements for just-in-time Prime+Probe + * attacks much tighter and hopefully impractical. */ + ssl_read_memory( ssl->in_msg + min_len, + max_len - min_len + ssl->transform_in->maclen ); + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, ssl->transform_in->maclen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_msg + ssl->in_msglen, + ssl->transform_in->maclen ); +#endif + + if( mbedtls_ssl_safer_memcmp( ssl->in_msg + ssl->in_msglen, mac_expect, + ssl->transform_in->maclen ) != 0 ) + { +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); +#endif + correct = 0; + } + auth_done++; + } + + /* + * Finally check the correct flag + */ + if( correct == 0 ) + return( MBEDTLS_ERR_SSL_INVALID_MAC ); +#endif /* SSL_SOME_MODES_USE_MAC */ + + /* Make extra sure authentication was performed, exactly once */ + if( auth_done != 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + if( ssl->in_msglen == 0 ) + { +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 + && ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) + { + /* TLS v1.2 explicitly disallows zero-length messages which are not application data */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid zero-length message type: %d", ssl->in_msgtype ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + ssl->nb_zero++; + + /* + * Three or more empty messages may be a DoS attack + * (excessive CPU consumption). + */ + if( ssl->nb_zero > 3 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty " + "messages, possible DoS attack" ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } + } + else + ssl->nb_zero = 0; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ; /* in_ctr read from peer, not maintained internally */ + } + else +#endif + { + unsigned char i; + for( i = 8; i > ssl_ep_len( ssl ); i-- ) + if( ++ssl->in_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == ssl_ep_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); + + return( 0 ); +} + +#undef MAC_NONE +#undef MAC_PLAINTEXT +#undef MAC_CIPHERTEXT + +#if defined(MBEDTLS_ZLIB_SUPPORT) +/* + * Compression/decompression functions + */ +static int ssl_compress_buf( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *msg_post = ssl->out_msg; + ptrdiff_t bytes_written = ssl->out_msg - ssl->out_buf; + size_t len_pre = ssl->out_msglen; + unsigned char *msg_pre = ssl->compress_buf; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); + + if( len_pre == 0 ) + return( 0 ); + + memcpy( msg_pre, ssl->out_msg, len_pre ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ", + ssl->out_msglen ) ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload", + ssl->out_msg, ssl->out_msglen ); + + ssl->transform_out->ctx_deflate.next_in = msg_pre; + ssl->transform_out->ctx_deflate.avail_in = len_pre; + ssl->transform_out->ctx_deflate.next_out = msg_post; + ssl->transform_out->ctx_deflate.avail_out = MBEDTLS_SSL_OUT_BUFFER_LEN - bytes_written; + + ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH ); + if( ret != Z_OK ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); + return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + } + + ssl->out_msglen = MBEDTLS_SSL_OUT_BUFFER_LEN - + ssl->transform_out->ctx_deflate.avail_out - bytes_written; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ", + ssl->out_msglen ) ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload", + ssl->out_msg, ssl->out_msglen ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); + + return( 0 ); +} + +static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *msg_post = ssl->in_msg; + ptrdiff_t header_bytes = ssl->in_msg - ssl->in_buf; + size_t len_pre = ssl->in_msglen; + unsigned char *msg_pre = ssl->compress_buf; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); + + if( len_pre == 0 ) + return( 0 ); + + memcpy( msg_pre, ssl->in_msg, len_pre ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ", + ssl->in_msglen ) ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload", + ssl->in_msg, ssl->in_msglen ); + + ssl->transform_in->ctx_inflate.next_in = msg_pre; + ssl->transform_in->ctx_inflate.avail_in = len_pre; + ssl->transform_in->ctx_inflate.next_out = msg_post; + ssl->transform_in->ctx_inflate.avail_out = MBEDTLS_SSL_IN_BUFFER_LEN - + header_bytes; + + ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH ); + if( ret != Z_OK ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); + return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + } + + ssl->in_msglen = MBEDTLS_SSL_IN_BUFFER_LEN - + ssl->transform_in->ctx_inflate.avail_out - header_bytes; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ", + ssl->in_msglen ) ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload", + ssl->in_msg, ssl->in_msglen ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_ZLIB_SUPPORT */ + +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) +static int ssl_write_hello_request( mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static int ssl_resend_hello_request( mbedtls_ssl_context *ssl ) +{ + /* If renegotiation is not enforced, retransmit until we would reach max + * timeout if we were using the usual handshake doubling scheme */ + if( ssl->conf->renego_max_records < 0 ) + { + uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; + unsigned char doublings = 1; + + while( ratio != 0 ) + { + ++doublings; + ratio >>= 1; + } + + if( ++ssl->renego_records_seen > doublings ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "no longer retransmitting hello request" ) ); + return( 0 ); + } + } + + return( ssl_write_hello_request( ssl ) ); +} +#endif +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ + +/* + * Fill the input message buffer by appending data to it. + * The amount of data already fetched is in ssl->in_left. + * + * If we return 0, is it guaranteed that (at least) nb_want bytes are + * available (from this read and/or a previous one). Otherwise, an error code + * is returned (possibly EOF or WANT_READ). + * + * With stream transport (TLS) on success ssl->in_left == nb_want, but + * with datagram transport (DTLS) on success ssl->in_left >= nb_want, + * since we always read a whole datagram at once. + * + * For DTLS, it is up to the caller to set ssl->next_record_offset when + * they're done reading a record. + */ +int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) +{ + int ret; + size_t len; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); + + if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " + "or mbedtls_ssl_set_bio()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + if( nb_want > MBEDTLS_SSL_IN_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + uint32_t timeout; + + /* Just to be sure */ + if( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use " + "mbedtls_ssl_set_timer_cb() for DTLS" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* + * The point is, we need to always read a full datagram at once, so we + * sometimes read more then requested, and handle the additional data. + * It could be the rest of the current record (while fetching the + * header) and/or some other records in the same datagram. + */ + + /* + * Move to the next record in the already read datagram if applicable + */ + if( ssl->next_record_offset != 0 ) + { + if( ssl->in_left < ssl->next_record_offset ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->in_left -= ssl->next_record_offset; + + if( ssl->in_left != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %d", + ssl->next_record_offset ) ); + memmove( ssl->in_hdr, + ssl->in_hdr + ssl->next_record_offset, + ssl->in_left ); + } + + ssl->next_record_offset = 0; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + ssl->in_left, nb_want ) ); + + /* + * Done if we already have enough data. + */ + if( nb_want <= ssl->in_left) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + return( 0 ); + } + + /* + * A record can't be split across datagrams. If we need to read but + * are not at the beginning of a new record, the caller did something + * wrong. + */ + if( ssl->in_left != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Don't even try to read if time's out already. + * This avoids by-passing the timer when repeatedly receiving messages + * that will end up being dropped. + */ + if( ssl_check_timer( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "timer has expired" ) ); + ret = MBEDTLS_ERR_SSL_TIMEOUT; + } + else + { + len = MBEDTLS_SSL_IN_BUFFER_LEN - ( ssl->in_hdr - ssl->in_buf ); + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + timeout = ssl->handshake->retransmit_timeout; + else + timeout = ssl->conf->read_timeout; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %u ms", timeout ) ); + + if( ssl->f_recv_timeout != NULL ) + ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len, + timeout ); + else + ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len ); + + MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + + if( ret == 0 ) + return( MBEDTLS_ERR_SSL_CONN_EOF ); + } + + if( ret == MBEDTLS_ERR_SSL_TIMEOUT ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) ); + ssl_set_timer( ssl, 0 ); + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + { + if( ssl_double_retransmit_timeout( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) ); + return( MBEDTLS_ERR_SSL_TIMEOUT ); + } + + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); + return( ret ); + } + + return( MBEDTLS_ERR_SSL_WANT_READ ); + } +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret ); + return( ret ); + } + + return( MBEDTLS_ERR_SSL_WANT_READ ); + } +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ + } + + if( ret < 0 ) + return( ret ); + + ssl->in_left = ret; + } + else +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + ssl->in_left, nb_want ) ); + + while( ssl->in_left < nb_want ) + { + len = nb_want - ssl->in_left; + + if( ssl_check_timer( ssl ) != 0 ) + ret = MBEDTLS_ERR_SSL_TIMEOUT; + else + { + if( ssl->f_recv_timeout != NULL ) + { + ret = ssl->f_recv_timeout( ssl->p_bio, + ssl->in_hdr + ssl->in_left, len, + ssl->conf->read_timeout ); + } + else + { + ret = ssl->f_recv( ssl->p_bio, + ssl->in_hdr + ssl->in_left, len ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + ssl->in_left, nb_want ) ); + MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + + if( ret == 0 ) + return( MBEDTLS_ERR_SSL_CONN_EOF ); + + if( ret < 0 ) + return( ret ); + + if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > SIZE_MAX ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, + ( "f_recv returned %d bytes but only %lu were requested", + ret, (unsigned long)len ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->in_left += ret; + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + + return( 0 ); +} + +/* + * Flush any data not yet written + */ +int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *buf; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); + + if( ssl->f_send == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " + "or mbedtls_ssl_set_bio()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* Avoid incrementing counter if data is flushed */ + if( ssl->out_left == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + return( 0 ); + } + + while( ssl->out_left > 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d", + mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) ); + + buf = ssl->out_hdr - ssl->out_left; + ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left ); + + MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret ); + + if( ret <= 0 ) + return( ret ); + + if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > SIZE_MAX ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, + ( "f_send returned %d bytes but only %lu bytes were sent", + ret, (unsigned long)ssl->out_left ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->out_left -= ret; + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + } + else +#endif + { + ssl->out_hdr = ssl->out_buf + 8; + } + ssl_update_out_pointers( ssl, ssl->transform_out ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + + return( 0 ); +} + +/* + * Functions to handle the DTLS retransmission state machine + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/* + * Append current handshake message to current outgoing flight + */ +static int ssl_flight_append( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_flight_item *msg; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) ); + MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight", + ssl->out_msg, ssl->out_msglen ); + + /* Allocate space for current message */ + if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", + sizeof( mbedtls_ssl_flight_item ) ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", ssl->out_msglen ) ); + mbedtls_free( msg ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + /* Copy current handshake message with headers */ + memcpy( msg->p, ssl->out_msg, ssl->out_msglen ); + msg->len = ssl->out_msglen; + msg->type = ssl->out_msgtype; + msg->next = NULL; + + /* Append to the current flight */ + if( ssl->handshake->flight == NULL ) + ssl->handshake->flight = msg; + else + { + mbedtls_ssl_flight_item *cur = ssl->handshake->flight; + while( cur->next != NULL ) + cur = cur->next; + cur->next = msg; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) ); + return( 0 ); +} + +/* + * Free the current flight of handshake messages + */ +static void ssl_flight_free( mbedtls_ssl_flight_item *flight ) +{ + mbedtls_ssl_flight_item *cur = flight; + mbedtls_ssl_flight_item *next; + + while( cur != NULL ) + { + next = cur->next; + + mbedtls_free( cur->p ); + mbedtls_free( cur ); + + cur = next; + } +} + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); +#endif + +/* + * Swap transform_out and out_ctr with the alternative ones + */ +static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_transform *tmp_transform; + unsigned char tmp_out_ctr[8]; + + if( ssl->transform_out == ssl->handshake->alt_transform_out ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) ); + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) ); + + /* Swap transforms */ + tmp_transform = ssl->transform_out; + ssl->transform_out = ssl->handshake->alt_transform_out; + ssl->handshake->alt_transform_out = tmp_transform; + + /* Swap epoch + sequence_number */ + memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 ); + memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 ); + memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); + + /* Adjust to the newly activated transform */ + ssl_update_out_pointers( ssl, ssl->transform_out ); + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_activate != NULL ) + { + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif +} + +/* + * Retransmit the current flight of messages. + */ +int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); + + ret = mbedtls_ssl_flight_transmit( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); + + return( ret ); +} + +/* + * Transmit or retransmit the current flight of messages. + * + * Need to remember the current message in case flush_output returns + * WANT_WRITE, causing us to exit this function and come back later. + * This function must be called until state is no longer SENDING. + */ +int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) +{ + int ret; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) ); + + if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) ); + + ssl->handshake->cur_msg = ssl->handshake->flight; + ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12; + ssl_swap_epochs( ssl ); + + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; + } + + while( ssl->handshake->cur_msg != NULL ) + { + size_t max_frag_len; + const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg; + + int const is_finished = + ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && + cur->p[0] == MBEDTLS_SSL_HS_FINISHED ); + + uint8_t const force_flush = ssl->disable_datagram_packing == 1 ? + SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; + + /* Swap epochs before sending Finished: we can't do it after + * sending ChangeCipherSpec, in case write returns WANT_READ. + * Must be done before copying, may change out_msg pointer */ + if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) ); + ssl_swap_epochs( ssl ); + } + + ret = ssl_get_remaining_payload_in_datagram( ssl ); + if( ret < 0 ) + return( ret ); + max_frag_len = (size_t) ret; + + /* CCS is copied as is, while HS messages may need fragmentation */ + if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + if( max_frag_len == 0 ) + { + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + continue; + } + + memcpy( ssl->out_msg, cur->p, cur->len ); + ssl->out_msglen = cur->len; + ssl->out_msgtype = cur->type; + + /* Update position inside current message */ + ssl->handshake->cur_msg_p += cur->len; + } + else + { + const unsigned char * const p = ssl->handshake->cur_msg_p; + const size_t hs_len = cur->len - 12; + const size_t frag_off = p - ( cur->p + 12 ); + const size_t rem_len = hs_len - frag_off; + size_t cur_hs_frag_len, max_hs_frag_len; + + if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) ) + { + if( is_finished ) + ssl_swap_epochs( ssl ); + + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + continue; + } + max_hs_frag_len = max_frag_len - 12; + + cur_hs_frag_len = rem_len > max_hs_frag_len ? + max_hs_frag_len : rem_len; + + if( frag_off == 0 && cur_hs_frag_len != hs_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)", + (unsigned) cur_hs_frag_len, + (unsigned) max_hs_frag_len ) ); + } + + /* Messages are stored with handshake headers as if not fragmented, + * copy beginning of headers then fill fragmentation fields. + * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ + memcpy( ssl->out_msg, cur->p, 6 ); + + ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff ); + ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff ); + ssl->out_msg[8] = ( ( frag_off ) & 0xff ); + + ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff ); + ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff ); + ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); + + /* Copy the handshake message content and set records fields */ + memcpy( ssl->out_msg + 12, p, cur_hs_frag_len ); + ssl->out_msglen = cur_hs_frag_len + 12; + ssl->out_msgtype = cur->type; + + /* Update position inside current message */ + ssl->handshake->cur_msg_p += cur_hs_frag_len; + } + + /* If done with the current message move to the next one if any */ + if( ssl->handshake->cur_msg_p >= cur->p + cur->len ) + { + if( cur->next != NULL ) + { + ssl->handshake->cur_msg = cur->next; + ssl->handshake->cur_msg_p = cur->next->p + 12; + } + else + { + ssl->handshake->cur_msg = NULL; + ssl->handshake->cur_msg_p = NULL; + } + } + + /* Actually send the message out */ + if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); + } + } + + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + /* Update state and set timer */ + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; + else + { + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) ); + + return( 0 ); +} + +/* + * To be called when the last message of an incoming flight is received. + */ +void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) +{ + /* We won't need to resend that one any more */ + ssl_flight_free( ssl->handshake->flight ); + ssl->handshake->flight = NULL; + ssl->handshake->cur_msg = NULL; + + /* The next incoming flight will start with this msg_seq */ + ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq; + + /* We don't want to remember CCS's across flight boundaries. */ + ssl->handshake->buffering.seen_ccs = 0; + + /* Clear future message buffering structure. */ + ssl_buffering_free( ssl ); + + /* Cancel timer */ + ssl_set_timer( ssl, 0 ); + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) + { + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; + } + else + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; +} + +/* + * To be called when the last message of an outgoing flight is send. + */ +void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) +{ + ssl_reset_retransmit_timeout( ssl ); + ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) + { + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; + } + else + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +/* + * Handshake layer functions + */ + +/* + * Write (DTLS: or queue) current handshake (including CCS) message. + * + * - fill in handshake headers + * - update handshake checksum + * - DTLS: save message for resending + * - then pass to the record layer + * + * DTLS: except for HelloRequest, messages are only queued, and will only be + * actually sent when calling flight_transmit() or resend(). + * + * Inputs: + * - ssl->out_msglen: 4 + actual handshake message len + * (4 is the size of handshake headers for TLS) + * - ssl->out_msg[0]: the handshake type (ClientHello, ServerHello, etc) + * - ssl->out_msg + 4: the handshake message body + * + * Outputs, ie state before passing to flight_append() or write_record(): + * - ssl->out_msglen: the length of the record contents + * (including handshake headers but excluding record headers) + * - ssl->out_msg: the record contents (handshake headers + content) + */ +int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +{ + int ret; + const size_t hs_len = ssl->out_msglen - 4; + const unsigned char hs_type = ssl->out_msg[0]; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) ); + + /* + * Sanity checks + */ + if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + /* In SSLv3, the client might send a NoCertificate alert. */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) + if( ! ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + + /* Whenever we send anything different from a + * HelloRequest we should be in a handshake - double check. */ + if( ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) && + ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } +#endif + + /* Double-check that we did not exceed the bounds + * of the outgoing record buffer. + * This should never fail as the various message + * writing functions must obey the bounds of the + * outgoing record buffer, but better be safe. + * + * Note: We deliberately do not check for the MTU or MFL here. + */ + if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: " + "size %u, maximum %u", + (unsigned) ssl->out_msglen, + (unsigned) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Fill handshake headers + */ + if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) + { + ssl->out_msg[1] = (unsigned char)( hs_len >> 16 ); + ssl->out_msg[2] = (unsigned char)( hs_len >> 8 ); + ssl->out_msg[3] = (unsigned char)( hs_len ); + + /* + * DTLS has additional fields in the Handshake layer, + * between the length field and the actual payload: + * uint16 message_seq; + * uint24 fragment_offset; + * uint24 fragment_length; + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Make room for the additional DTLS fields */ + if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: " + "size %u, maximum %u", + (unsigned) ( hs_len ), + (unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len ); + ssl->out_msglen += 8; + + /* Write message_seq and update it, except for HelloRequest */ + if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) + { + ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; + ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; + ++( ssl->handshake->out_msg_seq ); + } + else + { + ssl->out_msg[4] = 0; + ssl->out_msg[5] = 0; + } + + /* Handshake hashes are computed without fragmentation, + * so set frag_offset = 0 and frag_len = hs_len for now */ + memset( ssl->out_msg + 6, 0x00, 3 ); + memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + /* Update running hashes of handshake messages seen */ + if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) + ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); + } + + /* Either send now, or just save to be sent (and resent) later */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) ) + { + if( ( ret = ssl_flight_append( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret ); + return( ret ); + } + } + else +#endif + { + if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) ); + + return( 0 ); +} + +/* + * Record layer functions + */ + +/* + * Write current record. + * + * Uses: + * - ssl->out_msgtype: type of the message (AppData, Handshake, Alert, CCS) + * - ssl->out_msglen: length of the record content (excl headers) + * - ssl->out_msg: record content + */ +int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) +{ + int ret, done = 0; + size_t len = ssl->out_msglen; + uint8_t flush = force_flush; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); + +#if defined(MBEDTLS_ZLIB_SUPPORT) + if( ssl->transform_out != NULL && + ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) + { + if( ( ret = ssl_compress_buf( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); + return( ret ); + } + + len = ssl->out_msglen; + } +#endif /*MBEDTLS_ZLIB_SUPPORT */ + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_write != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) ); + + ret = mbedtls_ssl_hw_record_write( ssl ); + if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + if( ret == 0 ) + done = 1; + } +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + if( !done ) + { + unsigned i; + size_t protected_record_size; + + ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, ssl->out_hdr + 1 ); + + memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); + + if( ssl->transform_out != NULL ) + { + if( ( ret = ssl_encrypt_buf( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); + return( ret ); + } + + len = ssl->out_msglen; + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); + } + + protected_record_size = len + mbedtls_ssl_hdr_len( ssl ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* In case of DTLS, double-check that we don't exceed + * the remaining space in the datagram. */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ret = ssl_get_remaining_space_in_datagram( ssl ); + if( ret < 0 ) + return( ret ); + + if( protected_record_size > (size_t) ret ) + { + /* Should never happen */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " + "version = [%d:%d], msglen = %d", + ssl->out_hdr[0], ssl->out_hdr[1], + ssl->out_hdr[2], len ) ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", + ssl->out_hdr, protected_record_size ); + + ssl->out_left += protected_record_size; + ssl->out_hdr += protected_record_size; + ssl_update_out_pointers( ssl, ssl->transform_out ); + + for( i = 8; i > ssl_ep_len( ssl ); i-- ) + if( ++ssl->cur_out_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == ssl_ep_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + flush == SSL_DONT_FORCE_FLUSH ) + { + size_t remaining; + ret = ssl_get_remaining_payload_in_datagram( ssl ); + if( ret < 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram", + ret ); + return( ret ); + } + + remaining = (size_t) ret; + if( remaining == 0 ) + { + flush = SSL_FORCE_FLUSH; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + if( ( flush == SSL_FORCE_FLUSH ) && + ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) +{ + if( ssl->in_msglen < ssl->in_hslen || + memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || + memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ) + { + return( 1 ); + } + return( 0 ); +} + +static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl ) +{ + return( ( ssl->in_msg[9] << 16 ) | + ( ssl->in_msg[10] << 8 ) | + ssl->in_msg[11] ); +} + +static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) +{ + return( ( ssl->in_msg[6] << 16 ) | + ( ssl->in_msg[7] << 8 ) | + ssl->in_msg[8] ); +} + +static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) +{ + uint32_t msg_len, frag_off, frag_len; + + msg_len = ssl_get_hs_total_len( ssl ); + frag_off = ssl_get_hs_frag_off( ssl ); + frag_len = ssl_get_hs_frag_len( ssl ); + + if( frag_off > msg_len ) + return( -1 ); + + if( frag_len > msg_len - frag_off ) + return( -1 ); + + if( frag_len + 12 > ssl->in_msglen ) + return( -1 ); + + return( 0 ); +} + +/* + * Mark bits in bitmask (used for DTLS HS reassembly) + */ +static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) +{ + unsigned int start_bits, end_bits; + + start_bits = 8 - ( offset % 8 ); + if( start_bits != 8 ) + { + size_t first_byte_idx = offset / 8; + + /* Special case */ + if( len <= start_bits ) + { + for( ; len != 0; len-- ) + mask[first_byte_idx] |= 1 << ( start_bits - len ); + + /* Avoid potential issues with offset or len becoming invalid */ + return; + } + + offset += start_bits; /* Now offset % 8 == 0 */ + len -= start_bits; + + for( ; start_bits != 0; start_bits-- ) + mask[first_byte_idx] |= 1 << ( start_bits - 1 ); + } + + end_bits = len % 8; + if( end_bits != 0 ) + { + size_t last_byte_idx = ( offset + len ) / 8; + + len -= end_bits; /* Now len % 8 == 0 */ + + for( ; end_bits != 0; end_bits-- ) + mask[last_byte_idx] |= 1 << ( 8 - end_bits ); + } + + memset( mask + offset / 8, 0xFF, len / 8 ); +} + +/* + * Check that bitmask is full + */ +static int ssl_bitmask_check( unsigned char *mask, size_t len ) +{ + size_t i; + + for( i = 0; i < len / 8; i++ ) + if( mask[i] != 0xFF ) + return( -1 ); + + for( i = 0; i < len % 8; i++ ) + if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 ) + return( -1 ); + + return( 0 ); +} + +/* msg_len does not include the handshake header */ +static size_t ssl_get_reassembly_buffer_size( size_t msg_len, + unsigned add_bitmap ) +{ + size_t alloc_len; + + alloc_len = 12; /* Handshake header */ + alloc_len += msg_len; /* Content buffer */ + + if( add_bitmap ) + alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap */ + + return( alloc_len ); +} + +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ) +{ + return( ( ssl->in_msg[1] << 16 ) | + ( ssl->in_msg[2] << 8 ) | + ssl->in_msg[3] ); +} + +int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) +{ + if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %d", + ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" + " %d, type = %d, hslen = %d", + ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + int ret; + unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + + if( ssl_check_hs_header( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->handshake != NULL && + ( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && + recv_msg_seq != ssl->handshake->in_msg_seq ) || + ( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) ) + { + if( recv_msg_seq > ssl->handshake->in_msg_seq ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)", + recv_msg_seq, + ssl->handshake->in_msg_seq ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } + + /* Retransmit only on last message from previous flight, to avoid + * too many retransmissions. + * Besides, No sane server ever retransmits HelloVerifyRequest */ + if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && + ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, " + "message_seq = %d, start_of_flight = %d", + recv_msg_seq, + ssl->handshake->in_flight_start_seq ) ); + + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); + return( ret ); + } + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: " + "message_seq = %d, expected = %d", + recv_msg_seq, + ssl->handshake->in_msg_seq ) ); + } + + return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + } + /* Wait until message completion to increment in_msg_seq */ + + /* Message reassembly is handled alongside buffering of future + * messages; the commonality is that both handshake fragments and + * future messages cannot be forwarded immediately to the + * handshake logic layer. */ + if( ssl_hs_is_proper_fragment( ssl ) == 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + /* With TLS we don't handle fragmentation (for now) */ + if( ssl->in_msglen < ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + return( 0 ); +} + +void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL ) + { + ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + } + + /* Handshake message is complete, increment counter */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL ) + { + unsigned offset; + mbedtls_ssl_hs_buffer *hs_buf; + + /* Increment handshake sequence number */ + hs->in_msg_seq++; + + /* + * Clear up handshake buffering and reassembly structure. + */ + + /* Free first entry */ + ssl_buffering_free_slot( ssl, 0 ); + + /* Shift all other entries */ + for( offset = 0, hs_buf = &hs->buffering.hs[0]; + offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS; + offset++, hs_buf++ ) + { + *hs_buf = *(hs_buf + 1); + } + + /* Create a fresh last entry */ + memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + } +#endif +} + +/* + * DTLS anti-replay: RFC 6347 4.1.2.6 + * + * in_window is a field of bits numbered from 0 (lsb) to 63 (msb). + * Bit n is set iff record number in_window_top - n has been seen. + * + * Usually, in_window_top is the last record number seen and the lsb of + * in_window is set. The only exception is the initial state (record number 0 + * not seen yet). + */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) +{ + ssl->in_window_top = 0; + ssl->in_window = 0; +} + +static inline uint64_t ssl_load_six_bytes( unsigned char *buf ) +{ + return( ( (uint64_t) buf[0] << 40 ) | + ( (uint64_t) buf[1] << 32 ) | + ( (uint64_t) buf[2] << 24 ) | + ( (uint64_t) buf[3] << 16 ) | + ( (uint64_t) buf[4] << 8 ) | + ( (uint64_t) buf[5] ) ); +} + +/* + * Return 0 if sequence number is acceptable, -1 otherwise + */ +int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ) +{ + uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + uint64_t bit; + + if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) + return( 0 ); + + if( rec_seqnum > ssl->in_window_top ) + return( 0 ); + + bit = ssl->in_window_top - rec_seqnum; + + if( bit >= 64 ) + return( -1 ); + + if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 ) + return( -1 ); + + return( 0 ); +} + +/* + * Update replay window on new validated record + */ +void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) +{ + uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + + if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) + return; + + if( rec_seqnum > ssl->in_window_top ) + { + /* Update window_top and the contents of the window */ + uint64_t shift = rec_seqnum - ssl->in_window_top; + + if( shift >= 64 ) + ssl->in_window = 1; + else + { + ssl->in_window <<= shift; + ssl->in_window |= 1; + } + + ssl->in_window_top = rec_seqnum; + } + else + { + /* Mark that number as seen in the current window */ + uint64_t bit = ssl->in_window_top - rec_seqnum; + + if( bit < 64 ) /* Always true, but be extra sure */ + ssl->in_window |= (uint64_t) 1 << bit; + } +} +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) +/* Forward declaration */ +static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); + +/* + * Without any SSL context, check if a datagram looks like a ClientHello with + * a valid cookie, and if it doesn't, generate a HelloVerifyRequest message. + * Both input and output include full DTLS headers. + * + * - if cookie is valid, return 0 + * - if ClientHello looks superficially valid but cookie is not, + * fill obuf and set olen, then + * return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED + * - otherwise return a specific error code + */ +static int ssl_check_dtls_clihlo_cookie( + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie, + const unsigned char *cli_id, size_t cli_id_len, + const unsigned char *in, size_t in_len, + unsigned char *obuf, size_t buf_len, size_t *olen ) +{ + size_t sid_len, cookie_len; + unsigned char *p; + + if( f_cookie_write == NULL || f_cookie_check == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + /* + * Structure of ClientHello with record and handshake headers, + * and expected values. We don't need to check a lot, more checks will be + * done when actually parsing the ClientHello - skipping those checks + * avoids code duplication and does not make cookie forging any easier. + * + * 0-0 ContentType type; copied, must be handshake + * 1-2 ProtocolVersion version; copied + * 3-4 uint16 epoch; copied, must be 0 + * 5-10 uint48 sequence_number; copied + * 11-12 uint16 length; (ignored) + * + * 13-13 HandshakeType msg_type; (ignored) + * 14-16 uint24 length; (ignored) + * 17-18 uint16 message_seq; copied + * 19-21 uint24 fragment_offset; copied, must be 0 + * 22-24 uint24 fragment_length; (ignored) + * + * 25-26 ProtocolVersion client_version; (ignored) + * 27-58 Random random; (ignored) + * 59-xx SessionID session_id; 1 byte len + sid_len content + * 60+ opaque cookie<0..2^8-1>; 1 byte len + content + * ... + * + * Minimum length is 61 bytes. + */ + if( in_len < 61 || + in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || + in[3] != 0 || in[4] != 0 || + in[19] != 0 || in[20] != 0 || in[21] != 0 ) + { + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + sid_len = in[59]; + if( sid_len > in_len - 61 ) + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + + cookie_len = in[60 + sid_len]; + if( cookie_len > in_len - 60 ) + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + + if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len, + cli_id, cli_id_len ) == 0 ) + { + /* Valid cookie */ + return( 0 ); + } + + /* + * If we get here, we've got an invalid cookie, let's prepare HVR. + * + * 0-0 ContentType type; copied + * 1-2 ProtocolVersion version; copied + * 3-4 uint16 epoch; copied + * 5-10 uint48 sequence_number; copied + * 11-12 uint16 length; olen - 13 + * + * 13-13 HandshakeType msg_type; hello_verify_request + * 14-16 uint24 length; olen - 25 + * 17-18 uint16 message_seq; copied + * 19-21 uint24 fragment_offset; copied + * 22-24 uint24 fragment_length; olen - 25 + * + * 25-26 ProtocolVersion server_version; 0xfe 0xff + * 27-27 opaque cookie<0..2^8-1>; cookie_len = olen - 27, cookie + * + * Minimum length is 28. + */ + if( buf_len < 28 ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + /* Copy most fields and adapt others */ + memcpy( obuf, in, 25 ); + obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; + obuf[25] = 0xfe; + obuf[26] = 0xff; + + /* Generate and write actual cookie */ + p = obuf + 28; + if( f_cookie_write( p_cookie, + &p, obuf + buf_len, cli_id, cli_id_len ) != 0 ) + { + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + *olen = p - obuf; + + /* Go back and fill length fields */ + obuf[27] = (unsigned char)( *olen - 28 ); + + obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 ); + obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 ); + obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) ); + + obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 ); + obuf[12] = (unsigned char)( ( *olen - 13 ) ); + + return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); +} + +/* + * Handle possible client reconnect with the same UDP quadruplet + * (RFC 6347 Section 4.2.8). + * + * Called by ssl_parse_record_header() in case we receive an epoch 0 record + * that looks like a ClientHello. + * + * - if the input looks like a ClientHello without cookies, + * send back HelloVerifyRequest, then + * return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED + * - if the input looks like a ClientHello with a valid cookie, + * reset the session of the current context, and + * return MBEDTLS_ERR_SSL_CLIENT_RECONNECT + * - if anything goes wrong, return a specific error code + * + * mbedtls_ssl_read_record() will ignore the record if anything else than + * MBEDTLS_ERR_SSL_CLIENT_RECONNECT or 0 is returned, although this function + * cannot not return 0. + */ +static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) +{ + int ret; + size_t len; + + ret = ssl_check_dtls_clihlo_cookie( + ssl->conf->f_cookie_write, + ssl->conf->f_cookie_check, + ssl->conf->p_cookie, + ssl->cli_id, ssl->cli_id_len, + ssl->in_buf, ssl->in_left, + ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len ); + + MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret ); + + if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) + { + /* Don't check write errors as we can't do anything here. + * If the error is permanent we'll catch it later, + * if it's not, then hopefully it'll work next time. */ + (void) ssl->f_send( ssl->p_bio, ssl->out_buf, len ); + + return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); + } + + if( ret == 0 ) + { + /* Got a valid cookie, partially reset context */ + if( ( ret = ssl_session_reset_int( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret ); + return( ret ); + } + + return( MBEDTLS_ERR_SSL_CLIENT_RECONNECT ); + } + + return( ret ); +} +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ + +/* + * ContentType type; + * ProtocolVersion version; + * uint16 epoch; // DTLS only + * uint48 sequence_number; // DTLS only + * uint16 length; + * + * Return 0 if header looks sane (and, for DTLS, the record is expected) + * MBEDTLS_ERR_SSL_INVALID_RECORD if the header looks bad, + * MBEDTLS_ERR_SSL_UNEXPECTED_RECORD (DTLS only) if sane but unexpected. + * + * With DTLS, mbedtls_ssl_read_record() will: + * 1. proceed with the record if this function returns 0 + * 2. drop only the current record if this function returns UNEXPECTED_RECORD + * 3. return CLIENT_RECONNECT if this function return that value + * 4. drop the whole datagram if this function returns anything else. + * Point 2 is needed when the peer is resending, and we have already received + * the first record from a datagram but are still waiting for the others. + */ +static int ssl_parse_record_header( mbedtls_ssl_context *ssl ) +{ + int major_ver, minor_ver; + + MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) ); + + ssl->in_msgtype = ssl->in_hdr[0]; + ssl->in_msglen = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; + mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, " + "version = [%d:%d], msglen = %d", + ssl->in_msgtype, + major_ver, minor_ver, ssl->in_msglen ) ); + + /* Check record type */ + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && + ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && + ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* Silently ignore invalid DTLS records as recommended by RFC 6347 + * Section 4.1.2.7 */ + if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + /* Check version */ + if( major_ver != ssl->major_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + if( minor_ver > ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + /* Check length against the size of our buffer */ + if( ssl->in_msglen > MBEDTLS_SSL_IN_BUFFER_LEN + - (size_t)( ssl->in_msg - ssl->in_buf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + /* + * DTLS-related tests. + * Check epoch before checking length constraint because + * the latter varies with the epoch. E.g., if a ChangeCipherSpec + * message gets duplicated before the corresponding Finished message, + * the second ChangeCipherSpec should be discarded because it belongs + * to an old epoch, but not because its length is shorter than + * the minimum record length for packets using the new record transform. + * Note that these two kinds of failures are handled differently, + * as an unexpected record is silently skipped but an invalid + * record leads to the entire datagram being dropped. + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1]; + + /* Check epoch (and sequence number) with DTLS */ + if( rec_epoch != ssl->in_epoch ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: " + "expected %d, received %d", + ssl->in_epoch, rec_epoch ) ); + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) + /* + * Check for an epoch 0 ClientHello. We can't use in_msg here to + * access the first byte of record content (handshake type), as we + * have an active transform (possibly iv_len != 0), so use the + * fact that the record header len is 13 instead. + */ + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && + rec_epoch == 0 && + ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_left > 13 && + ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect " + "from the same port" ) ); + return( ssl_handle_possible_reconnect( ssl ) ); + } + else +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ + { + /* Consider buffering the record. */ + if( rec_epoch == (unsigned int) ssl->in_epoch + 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } + + return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + } + } + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + /* Replay detection only works for the current epoch */ + if( rec_epoch == ssl->in_epoch && + mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + } +#endif + + /* Drop unexpected ApplicationData records, + * except at the beginning of renegotiations */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && + ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER +#if defined(MBEDTLS_SSL_RENEGOTIATION) + && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->state == MBEDTLS_SSL_SERVER_HELLO ) +#endif + ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + + /* Check length against bounds of the current transform and version */ + if( ssl->transform_in == NULL ) + { + if( ssl->in_msglen < 1 || + ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + } + else + { + if( ssl->in_msglen < ssl->transform_in->minlen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->in_msglen > ssl->transform_in->minlen + MBEDTLS_SSL_IN_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + /* + * TLS encrypted messages can have up to 256 bytes of padding + */ + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 && + ssl->in_msglen > ssl->transform_in->minlen + + MBEDTLS_SSL_IN_CONTENT_LEN + 256 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } +#endif + } + + return( 0 ); +} + +/* + * If applicable, decrypt (and decompress) record content + */ +static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) +{ + int ret, done = 0; + + MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network", + ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ); + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_read != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) ); + + ret = mbedtls_ssl_hw_record_read( ssl ); + if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + + if( ret == 0 ) + done = 1; + } +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + if( !done && ssl->transform_in != NULL ) + { + if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt", + ssl->in_msg, ssl->in_msglen ); + + if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + } + +#if defined(MBEDTLS_ZLIB_SUPPORT) + if( ssl->transform_in != NULL && + ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) + { + if( ( ret = ssl_decompress_buf( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_ZLIB_SUPPORT */ + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + mbedtls_ssl_dtls_replay_update( ssl ); + } +#endif + + return( 0 ); +} + +static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); + +/* + * Read a record. + * + * Silently ignore non-fatal alert (and for DTLS, invalid records as well, + * RFC 6347 4.1.2.7) and continue reading until a valid record is found. + * + */ + +/* Helper functions for mbedtls_ssl_read_record(). */ +static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); +static int ssl_get_next_record( mbedtls_ssl_context *ssl ); +static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, + unsigned update_hs_digest ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) ); + + if( ssl->keep_current_message == 0 ) + { + do { + + ret = ssl_consume_current_message( ssl ); + if( ret != 0 ) + return( ret ); + + if( ssl_record_is_in_progress( ssl ) == 0 ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + int have_buffered = 0; + + /* We only check for buffered messages if the + * current datagram is fully consumed. */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl_next_record_is_in_datagram( ssl ) == 0 ) + { + if( ssl_load_buffered_message( ssl ) == 0 ) + have_buffered = 1; + } + + if( have_buffered == 0 ) +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + { + ret = ssl_get_next_record( ssl ); + if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ) + continue; + + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret ); + return( ret ); + } + } + } + + ret = mbedtls_ssl_handle_message_type( ssl ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) + { + /* Buffer future message */ + ret = ssl_buffer_message( ssl ); + if( ret != 0 ) + return( ret ); + + ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + } while( MBEDTLS_ERR_SSL_NON_FATAL == ret || + MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret ); + + if( 0 != ret ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret ); + return( ret ); + } + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + update_hs_digest == 1 ) + { + mbedtls_ssl_update_handshake_status( ssl ); + } + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) ); + ssl->keep_current_message = 0; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) +{ + if( ssl->in_left > ssl->next_record_offset ) + return( 1 ); + + return( 0 ); +} + +static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + mbedtls_ssl_hs_buffer * hs_buf; + int ret = 0; + + if( hs == NULL ) + return( -1 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) ); + + if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || + ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) + { + /* Check if we have seen a ChangeCipherSpec before. + * If yes, synthesize a CCS record. */ + if( !hs->buffering.seen_ccs ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) ); + ret = -1; + goto exit; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) ); + ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; + ssl->in_msglen = 1; + ssl->in_msg[0] = 1; + + /* As long as they are equal, the exact value doesn't matter. */ + ssl->in_left = 0; + ssl->next_record_offset = 0; + + hs->buffering.seen_ccs = 0; + goto exit; + } + +#if defined(MBEDTLS_DEBUG_C) + /* Debug only */ + { + unsigned offset; + for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) + { + hs_buf = &hs->buffering.hs[offset]; + if( hs_buf->is_valid == 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.", + hs->in_msg_seq + offset, + hs_buf->is_complete ? "fully" : "partially" ) ); + } + } + } +#endif /* MBEDTLS_DEBUG_C */ + + /* Check if we have buffered and/or fully reassembled the + * next handshake message. */ + hs_buf = &hs->buffering.hs[0]; + if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) ) + { + /* Synthesize a record containing the buffered HS message. */ + size_t msg_len = ( hs_buf->data[1] << 16 ) | + ( hs_buf->data[2] << 8 ) | + hs_buf->data[3]; + + /* Double-check that we haven't accidentally buffered + * a message that doesn't fit into the input buffer. */ + if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)", + hs_buf->data, msg_len + 12 ); + + ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->in_hslen = msg_len + 12; + ssl->in_msglen = msg_len + 12; + memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen ); + + ret = 0; + goto exit; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered", + hs->in_msg_seq ) ); + } + + ret = -1; + +exit: + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) ); + return( ret ); +} + +static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, + size_t desired ) +{ + int offset; + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available", + (unsigned) desired ) ); + + /* Get rid of future records epoch first, if such exist. */ + ssl_free_buffered_record( ssl ); + + /* Check if we have enough space available now. */ + if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) ); + return( 0 ); + } + + /* We don't have enough space to buffer the next expected handshake + * message. Remove buffers used for future messages to gain space, + * starting with the most distant one. */ + for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; + offset >= 0; offset-- ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message", + offset ) ); + + ssl_buffering_free_slot( ssl, (uint8_t) offset ); + + /* Check if we have enough space available now. */ + if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) ); + return( 0 ); + } + } + + return( -1 ); +} + +static int ssl_buffer_message( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + + if( hs == NULL ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) ); + + switch( ssl->in_msgtype ) + { + case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) ); + + hs->buffering.seen_ccs = 1; + break; + + case MBEDTLS_SSL_MSG_HANDSHAKE: + { + unsigned recv_msg_seq_offset; + unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + mbedtls_ssl_hs_buffer *hs_buf; + size_t msg_len = ssl->in_hslen - 12; + + /* We should never receive an old handshake + * message - double-check nonetheless. */ + if( recv_msg_seq < ssl->handshake->in_msg_seq ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq; + if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS ) + { + /* Silently ignore -- message too far in the future */ + MBEDTLS_SSL_DEBUG_MSG( 2, + ( "Ignore future HS message with sequence number %u, " + "buffering window %u - %u", + recv_msg_seq, ssl->handshake->in_msg_seq, + ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) ); + + goto exit; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ", + recv_msg_seq, recv_msg_seq_offset ) ); + + hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ]; + + /* Check if the buffering for this seq nr has already commenced. */ + if( !hs_buf->is_valid ) + { + size_t reassembly_buf_sz; + + hs_buf->is_fragmented = + ( ssl_hs_is_proper_fragment( ssl ) == 1 ); + + /* We copy the message back into the input buffer + * after reassembly, so check that it's not too large. + * This is an implementation-specific limitation + * and not one from the standard, hence it is not + * checked in ssl_check_hs_header(). */ + if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + /* Ignore message */ + goto exit; + } + + /* Check if we have enough space to buffer the message. */ + if( hs->buffering.total_bytes_buffered > + MBEDTLS_SSL_DTLS_MAX_BUFFERING ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len, + hs_buf->is_fragmented ); + + if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + if( recv_msg_seq_offset > 0 ) + { + /* If we can't buffer a future message because + * of space limitations -- ignore. */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n", + (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + goto exit; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- attempt to make space by freeing buffered future messages\n", + (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + } + + if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %u (%u with bitmap) would exceed the compile-time limit %u (already %u bytes buffered) -- fail\n", + (unsigned) msg_len, + (unsigned) reassembly_buf_sz, + MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + goto exit; + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d", + msg_len ) ); + + hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz ); + if( hs_buf->data == NULL ) + { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + hs_buf->data_len = reassembly_buf_sz; + + /* Prepare final header: copy msg_type, length and message_seq, + * then add standardised fragment_offset and fragment_length */ + memcpy( hs_buf->data, ssl->in_msg, 6 ); + memset( hs_buf->data + 6, 0, 3 ); + memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 ); + + hs_buf->is_valid = 1; + + hs->buffering.total_bytes_buffered += reassembly_buf_sz; + } + else + { + /* Make sure msg_type and length are consistent */ + if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) ); + /* Ignore */ + goto exit; + } + } + + if( !hs_buf->is_complete ) + { + size_t frag_len, frag_off; + unsigned char * const msg = hs_buf->data + 12; + + /* + * Check and copy current fragment + */ + + /* Validation of header fields already done in + * mbedtls_ssl_prepare_handshake_record(). */ + frag_off = ssl_get_hs_frag_off( ssl ); + frag_len = ssl_get_hs_frag_len( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d", + frag_off, frag_len ) ); + memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); + + if( hs_buf->is_fragmented ) + { + unsigned char * const bitmask = msg + msg_len; + ssl_bitmask_set( bitmask, frag_off, frag_len ); + hs_buf->is_complete = ( ssl_bitmask_check( bitmask, + msg_len ) == 0 ); + } + else + { + hs_buf->is_complete = 1; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete", + hs_buf->is_complete ? "" : "not yet " ) ); + } + + break; + } + + default: + /* We don't buffer other types of messages. */ + break; + } + +exit: + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) ); + return( ret ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) +{ + /* + * Consume last content-layer message and potentially + * update in_msglen which keeps track of the contents' + * consumption state. + * + * (1) Handshake messages: + * Remove last handshake message, move content + * and adapt in_msglen. + * + * (2) Alert messages: + * Consume whole record content, in_msglen = 0. + * + * (3) Change cipher spec: + * Consume whole record content, in_msglen = 0. + * + * (4) Application data: + * Don't do anything - the record layer provides + * the application data as a stream transport + * and consumes through mbedtls_ssl_read only. + * + */ + + /* Case (1): Handshake messages */ + if( ssl->in_hslen != 0 ) + { + /* Hard assertion to be sure that no application data + * is in flight, as corrupting ssl->in_msglen during + * ssl->in_offt != NULL is fatal. */ + if( ssl->in_offt != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Get next Handshake message in the current record + */ + + /* Notes: + * (1) in_hslen is not necessarily the size of the + * current handshake content: If DTLS handshake + * fragmentation is used, that's the fragment + * size instead. Using the total handshake message + * size here is faulty and should be changed at + * some point. + * (2) While it doesn't seem to cause problems, one + * has to be very careful not to assume that in_hslen + * is always <= in_msglen in a sensible communication. + * Again, it's wrong for DTLS handshake fragmentation. + * The following check is therefore mandatory, and + * should not be treated as a silently corrected assertion. + * Additionally, ssl->in_hslen might be arbitrarily out of + * bounds after handling a DTLS message with an unexpected + * sequence number, see mbedtls_ssl_prepare_handshake_record. + */ + if( ssl->in_hslen < ssl->in_msglen ) + { + ssl->in_msglen -= ssl->in_hslen; + memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, + ssl->in_msglen ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record", + ssl->in_msg, ssl->in_msglen ); + } + else + { + ssl->in_msglen = 0; + } + + ssl->in_hslen = 0; + } + /* Case (4): Application data */ + else if( ssl->in_offt != NULL ) + { + return( 0 ); + } + /* Everything else (CCS & Alerts) */ + else + { + ssl->in_msglen = 0; + } + + return( 0 ); +} + +static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ) +{ + if( ssl->in_msglen > 0 ) + return( 1 ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + if( hs == NULL ) + return; + + if( hs->buffering.future_record.data != NULL ) + { + hs->buffering.total_bytes_buffered -= + hs->buffering.future_record.len; + + mbedtls_free( hs->buffering.future_record.data ); + hs->buffering.future_record.data = NULL; + } +} + +static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + unsigned char * rec; + size_t rec_len; + unsigned rec_epoch; + + if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 0 ); + + if( hs == NULL ) + return( 0 ); + + rec = hs->buffering.future_record.data; + rec_len = hs->buffering.future_record.len; + rec_epoch = hs->buffering.future_record.epoch; + + if( rec == NULL ) + return( 0 ); + + /* Only consider loading future records if the + * input buffer is empty. */ + if( ssl_next_record_is_in_datagram( ssl ) == 1 ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) ); + + if( rec_epoch != ssl->in_epoch ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) ); + goto exit; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) ); + + /* Double-check that the record is not too large */ + if( rec_len > MBEDTLS_SSL_IN_BUFFER_LEN - + (size_t)( ssl->in_hdr - ssl->in_buf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( ssl->in_hdr, rec, rec_len ); + ssl->in_left = rec_len; + ssl->next_record_offset = 0; + + ssl_free_buffered_record( ssl ); + +exit: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) ); + return( 0 ); +} + +static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + size_t const rec_hdr_len = 13; + size_t const total_buf_sz = rec_hdr_len + ssl->in_msglen; + + /* Don't buffer future records outside handshakes. */ + if( hs == NULL ) + return( 0 ); + + /* Only buffer handshake records (we are only interested + * in Finished messages). */ + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + return( 0 ); + + /* Don't buffer more than one future epoch record. */ + if( hs->buffering.future_record.data != NULL ) + return( 0 ); + + /* Don't buffer record if there's not enough buffering space remaining. */ + if( total_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n", + (unsigned) total_buf_sz, MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + return( 0 ); + } + + /* Buffer record */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u", + ssl->in_epoch + 1 ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", ssl->in_hdr, + rec_hdr_len + ssl->in_msglen ); + + /* ssl_parse_record_header() only considers records + * of the next epoch as candidates for buffering. */ + hs->buffering.future_record.epoch = ssl->in_epoch + 1; + hs->buffering.future_record.len = total_buf_sz; + + hs->buffering.future_record.data = + mbedtls_calloc( 1, hs->buffering.future_record.len ); + if( hs->buffering.future_record.data == NULL ) + { + /* If we run out of RAM trying to buffer a + * record from the next epoch, just ignore. */ + return( 0 ); + } + + memcpy( hs->buffering.future_record.data, ssl->in_hdr, total_buf_sz ); + + hs->buffering.total_bytes_buffered += total_buf_sz; + return( 0 ); +} + +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_get_next_record( mbedtls_ssl_context *ssl ) +{ + int ret; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* We might have buffered a future record; if so, + * and if the epoch matches now, load it. + * On success, this call will set ssl->in_left to + * the length of the buffered record, so that + * the calls to ssl_fetch_input() below will + * essentially be no-ops. */ + ret = ssl_load_buffered_record( ssl ); + if( ret != 0 ) + return( ret ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); + } + + if( ( ret = ssl_parse_record_header( ssl ) ) != 0 ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) + { + if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) + { + ret = ssl_buffer_future_record( ssl ); + if( ret != 0 ) + return( ret ); + + /* Fall through to handling of unexpected records */ + ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; + } + + if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) + { + /* Skip unexpected record (but not whole datagram) */ + ssl->next_record_offset = ssl->in_msglen + + mbedtls_ssl_hdr_len( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding unexpected record " + "(header)" ) ); + } + else + { + /* Skip invalid record and the rest of the datagram */ + ssl->next_record_offset = 0; + ssl->in_left = 0; + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record " + "(header)" ) ); + } + + /* Get next record */ + return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + } +#endif + return( ret ); + } + + /* + * Read and optionally decrypt the message contents + */ + if( ( ret = mbedtls_ssl_fetch_input( ssl, + mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); + } + + /* Done reading this record, get ready for the next one */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_hdr_len( ssl ); + if( ssl->next_record_offset < ssl->in_left ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "more than one record within datagram" ) ); + } + } + else +#endif + ssl->in_left = 0; + + if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Silently discard invalid records */ + if( ret == MBEDTLS_ERR_SSL_INVALID_RECORD || + ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + { + /* Except when waiting for Finished as a bad mac here + * probably means something went wrong in the handshake + * (eg wrong psk used, mitm downgrade attempt, etc.) */ + if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || + ssl->state == MBEDTLS_SSL_SERVER_FINISHED ) + { +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + { + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + } +#endif + return( ret ); + } + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + if( ssl->conf->badmac_limit != 0 && + ++ssl->badmac_seen >= ssl->conf->badmac_limit ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } +#endif + + /* As above, invalid records cause + * dismissal of the whole datagram. */ + + ssl->next_record_offset = 0; + ssl->in_left = 0; + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) ); + return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + } + + return( ret ); + } + else +#endif + { + /* Error out (and send alert) on invalid records */ +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + { + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + } +#endif + return( ret ); + } + } + + return( 0 ); +} + +int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) +{ + int ret; + + /* + * Handle particular types of records + */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) + { + if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 ) + { + return( ret ); + } + } + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + if( ssl->in_msglen != 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %d", + ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->in_msg[0] != 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x", + ssl->in_msg[0] ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && + ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) + { + if( ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } +#endif + } + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) + { + if( ssl->in_msglen != 2 ) + { + /* Note: Standard allows for more than one 2 byte alert + to be packed in a single message, but Mbed TLS doesn't + currently support this. */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d", + ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]", + ssl->in_msg[0], ssl->in_msg[1] ) ); + + /* + * Ignore non-fatal alerts, except close_notify and no_renegotiation + */ + if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", + ssl->in_msg[1] ) ); + return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE ); + } + + if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); + return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ); + } + +#if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED) + if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no renegotiation alert" ) ); + /* Will be handled when trying to parse ServerHello */ + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) ); + /* Will be handled in mbedtls_ssl_parse_certificate() */ + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ + + /* Silently ignore: fetch new message */ + return MBEDTLS_ERR_SSL_NON_FATAL; + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL && + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + { + ssl_handshake_wrapup_free_hs_transform( ssl ); + } +#endif + + return( 0 ); +} + +int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ) +{ + int ret; + + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} + +int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message ) +{ + int ret; + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "send alert level=%u message=%u", level, message )); + + ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; + ssl->out_msglen = 2; + ssl->out_msg[0] = level; + ssl->out_msg[1] = message; + + if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); + } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) +{ +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + if( session->peer_cert != NULL ) + { + mbedtls_x509_crt_free( session->peer_cert ); + mbedtls_free( session->peer_cert ); + session->peer_cert = NULL; + } +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + if( session->peer_cert_digest != NULL ) + { + /* Zeroization is not necessary. */ + mbedtls_free( session->peer_cert_digest ); + session->peer_cert_digest = NULL; + session->peer_cert_digest_type = MBEDTLS_MD_NONE; + session->peer_cert_digest_len = 0; + } +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/* + * Handshake functions + */ +#if !defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +/* No certificate support -> dummy functions */ +int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + + if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + ssl->state++; + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); +} + +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + + if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + ssl->state++; + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); +} + +#else /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ +/* Some certificate support -> implement write and parse */ + +int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t i, n; + const mbedtls_x509_crt *crt; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + + if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + ssl->state++; + return( 0 ); + } + +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + if( ssl->client_auth == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + ssl->state++; + return( 0 ); + } + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + /* + * If using SSLv3 and got no cert, send an Alert message + * (otherwise an empty Certificate message will be sent). + */ + if( mbedtls_ssl_own_cert( ssl ) == NULL && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + ssl->out_msglen = 2; + ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; + ssl->out_msg[0] = MBEDTLS_SSL_ALERT_LEVEL_WARNING; + ssl->out_msg[1] = MBEDTLS_SSL_ALERT_MSG_NO_CERT; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); + goto write_msg; + } +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + } +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + { + if( mbedtls_ssl_own_cert( ssl ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); + return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ); + } + } +#endif + + MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) ); + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 6 length of all certs + * 7 . 9 length of cert. 1 + * 10 . n-1 peer certificate + * n . n+2 length of cert. 2 + * n+3 . ... upper level cert, etc. + */ + i = 7; + crt = mbedtls_ssl_own_cert( ssl ); + + while( crt != NULL ) + { + n = crt->raw.len; + if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", + i + 3 + n, MBEDTLS_SSL_OUT_CONTENT_LEN ) ); + return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); + } + + ssl->out_msg[i ] = (unsigned char)( n >> 16 ); + ssl->out_msg[i + 1] = (unsigned char)( n >> 8 ); + ssl->out_msg[i + 2] = (unsigned char)( n ); + + i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); + i += n; crt = crt->next; + } + + ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 ); + ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 ); + ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); + + ssl->out_msglen = i; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE; + +#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) +write_msg: +#endif + + ssl->state++; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); + + return( ret ); +} + +#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, + unsigned char *crt_buf, + size_t crt_buf_len ) +{ + mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert; + + if( peer_crt == NULL ) + return( -1 ); + + if( peer_crt->raw.len != crt_buf_len ) + return( -1 ); + + return( memcmp( peer_crt->raw.p, crt_buf, crt_buf_len ) ); +} +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, + unsigned char *crt_buf, + size_t crt_buf_len ) +{ + int ret; + unsigned char const * const peer_cert_digest = + ssl->session->peer_cert_digest; + mbedtls_md_type_t const peer_cert_digest_type = + ssl->session->peer_cert_digest_type; + mbedtls_md_info_t const * const digest_info = + mbedtls_md_info_from_type( peer_cert_digest_type ); + unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; + size_t digest_len; + + if( peer_cert_digest == NULL || digest_info == NULL ) + return( -1 ); + + digest_len = mbedtls_md_get_size( digest_info ); + if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) + return( -1 ); + + ret = mbedtls_md( digest_info, crt_buf, crt_buf_len, tmp_digest ); + if( ret != 0 ) + return( -1 ); + + return( memcmp( tmp_digest, peer_cert_digest, digest_len ) ); +} +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ + +/* + * Once the certificate message is read, parse it into a cert chain and + * perform basic checks, but leave actual verification to the caller + */ +static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *chain ) +{ + int ret; +#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) + int crt_cnt=0; +#endif + size_t i, n; + uint8_t alert; + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || + ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + i = mbedtls_ssl_hs_hdr_len( ssl ); + + /* + * Same message structure as in mbedtls_ssl_write_certificate() + */ + n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2]; + + if( ssl->in_msg[i] != 0 || + ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ + i += 3; + + /* Iterate through and parse the CRTs in the provided chain. */ + while( i < ssl->in_hslen ) + { + /* Check that there's room for the next CRT's length fields. */ + if ( i + 3 > ssl->in_hslen ) { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + /* In theory, the CRT can be up to 2**24 Bytes, but we don't support + * anything beyond 2**16 ~ 64K. */ + if( ssl->in_msg[i] != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + /* Read length of the next CRT in the chain. */ + n = ( (unsigned int) ssl->in_msg[i + 1] << 8 ) + | (unsigned int) ssl->in_msg[i + 2]; + i += 3; + + if( n < 128 || i + n > ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + /* Check if we're handling the first CRT in the chain. */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) + if( crt_cnt++ == 0 && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + /* During client-side renegotiation, check that the server's + * end-CRTs hasn't changed compared to the initial handshake, + * mitigating the triple handshake attack. On success, reuse + * the original end-CRT instead of parsing it again. */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Check that peer CRT hasn't changed during renegotiation" ) ); + if( ssl_check_peer_crt_unchanged( ssl, + &ssl->in_msg[i], + n ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + /* Now we can safely free the original chain. */ + ssl_clear_peer_cert( ssl->session ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ + + /* Parse the next certificate in the chain. */ +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + ret = mbedtls_x509_crt_parse_der( chain, ssl->in_msg + i, n ); +#else + /* If we don't need to store the CRT chain permanently, parse + * it in-place from the input buffer instead of making a copy. */ + ret = mbedtls_x509_crt_parse_der_nocopy( chain, ssl->in_msg + i, n ); +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + switch( ret ) + { + case 0: /*ok*/ + case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND: + /* Ignore certificate with an unknown algorithm: maybe a + prior certificate was already trusted. */ + break; + + case MBEDTLS_ERR_X509_ALLOC_FAILED: + alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR; + goto crt_parse_der_failed; + + case MBEDTLS_ERR_X509_UNKNOWN_VERSION: + alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; + goto crt_parse_der_failed; + + default: + alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; + crt_parse_der_failed: + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert ); + MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret ); + return( ret ); + } + + i += n; + } + + MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", chain ); + return( 0 ); +} + +#if defined(MBEDTLS_SSL_SRV_C) +static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) +{ + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + return( -1 ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + /* + * Check if the client sent an empty certificate + */ + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + if( ssl->in_msglen == 2 && + ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT && + ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); + return( 0 ); + } + + return( -1 ); + } +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && + ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && + memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); + return( 0 ); + } + + return( -1 ); +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ +} +#endif /* MBEDTLS_SSL_SRV_C */ + +/* Check if a certificate message is expected. + * Return either + * - SSL_CERTIFICATE_EXPECTED, or + * - SSL_CERTIFICATE_SKIP + * indicating whether a Certificate message is expected or not. + */ +#define SSL_CERTIFICATE_EXPECTED 0 +#define SSL_CERTIFICATE_SKIP 1 +static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, + int authmode ) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + + if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) + return( SSL_CERTIFICATE_SKIP ); + +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + { + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + return( SSL_CERTIFICATE_SKIP ); + + if( authmode == MBEDTLS_SSL_VERIFY_NONE ) + { + ssl->session_negotiate->verify_result = + MBEDTLS_X509_BADCERT_SKIP_VERIFY; + return( SSL_CERTIFICATE_SKIP ); + } + } +#else + ((void) authmode); +#endif /* MBEDTLS_SSL_SRV_C */ + + return( SSL_CERTIFICATE_EXPECTED ); +} + +static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, + int authmode, + mbedtls_x509_crt *chain, + void *rs_ctx ) +{ + int ret = 0; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; + int have_ca_chain = 0; + + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); + void *p_vrfy; + + if( authmode == MBEDTLS_SSL_VERIFY_NONE ) + return( 0 ); + + if( ssl->f_vrfy != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) ); + f_vrfy = ssl->f_vrfy; + p_vrfy = ssl->p_vrfy; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) ); + f_vrfy = ssl->conf->f_vrfy; + p_vrfy = ssl->conf->p_vrfy; + } + + /* + * Main check: verify certificate + */ +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + if( ssl->conf->f_ca_cb != NULL ) + { + ((void) rs_ctx); + have_ca_chain = 1; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "use CA callback for X.509 CRT verification" ) ); + ret = mbedtls_x509_crt_verify_with_ca_cb( + chain, + ssl->conf->f_ca_cb, + ssl->conf->p_ca_cb, + ssl->conf->cert_profile, + ssl->hostname, + &ssl->session_negotiate->verify_result, + f_vrfy, p_vrfy ); + } + else +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + { + mbedtls_x509_crt *ca_chain; + mbedtls_x509_crl *ca_crl; + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_ca_chain != NULL ) + { + ca_chain = ssl->handshake->sni_ca_chain; + ca_crl = ssl->handshake->sni_ca_crl; + } + else +#endif + { + ca_chain = ssl->conf->ca_chain; + ca_crl = ssl->conf->ca_crl; + } + + if( ca_chain != NULL ) + have_ca_chain = 1; + + ret = mbedtls_x509_crt_verify_restartable( + chain, + ca_chain, ca_crl, + ssl->conf->cert_profile, + ssl->hostname, + &ssl->session_negotiate->verify_result, + f_vrfy, p_vrfy, rs_ctx ); + } + + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); + } + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ); +#endif + + /* + * Secondary checks: always done, but change 'ret' only if it was 0 + */ + +#if defined(MBEDTLS_ECP_C) + { + const mbedtls_pk_context *pk = &chain->pk; + + /* If certificate uses an EC key, make sure the curve is OK */ + if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) && + mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 ) + { + ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); + if( ret == 0 ) + ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + } + } +#endif /* MBEDTLS_ECP_C */ + + if( mbedtls_ssl_check_cert_usage( chain, + ciphersuite_info, + ! ssl->conf->endpoint, + &ssl->session_negotiate->verify_result ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); + if( ret == 0 ) + ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + } + + /* mbedtls_x509_crt_verify_with_profile is supposed to report a + * verification failure through MBEDTLS_ERR_X509_CERT_VERIFY_FAILED, + * with details encoded in the verification flags. All other kinds + * of error codes, including those from the user provided f_vrfy + * functions, are treated as fatal and lead to a failure of + * ssl_parse_certificate even if verification was optional. */ + if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && + ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || + ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) + { + ret = 0; + } + + if( have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); + ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED; + } + + if( ret != 0 ) + { + uint8_t alert; + + /* The certificate may have been rejected for several reasons. + Pick one and send the corresponding alert. Which alert to send + may be a subject of debate in some cases. */ + if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER ) + alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH ) + alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE ) + alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE ) + alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE ) + alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK ) + alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY ) + alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED ) + alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED ) + alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED; + else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) + alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA; + else + alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN; + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + alert ); + } + +#if defined(MBEDTLS_DEBUG_C) + if( ssl->session_negotiate->verify_result != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x", + ssl->session_negotiate->verify_result ) ); + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) ); + } +#endif /* MBEDTLS_DEBUG_C */ + + return( ret ); +} + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl, + unsigned char *start, size_t len ) +{ + int ret; + /* Remember digest of the peer's end-CRT. */ + ssl->session_negotiate->peer_cert_digest = + mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); + if( ssl->session_negotiate->peer_cert_digest == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", + sizeof( MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) ) ); + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + ret = mbedtls_md( mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), + start, len, + ssl->session_negotiate->peer_cert_digest ); + + ssl->session_negotiate->peer_cert_digest_type = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; + ssl->session_negotiate->peer_cert_digest_len = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; + + return( ret ); +} + +static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl, + unsigned char *start, size_t len ) +{ + unsigned char *end = start + len; + int ret; + + /* Make a copy of the peer's raw public key. */ + mbedtls_pk_init( &ssl->handshake->peer_pubkey ); + ret = mbedtls_pk_parse_subpubkey( &start, end, + &ssl->handshake->peer_pubkey ); + if( ret != 0 ) + { + /* We should have parsed the public key before. */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + return( 0 ); +} +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + int crt_expected; +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET + ? ssl->handshake->sni_authmode + : ssl->conf->authmode; +#else + const int authmode = ssl->conf->authmode; +#endif + void *rs_ctx = NULL; + mbedtls_x509_crt *chain = NULL; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + + crt_expected = ssl_parse_certificate_coordinate( ssl, authmode ); + if( crt_expected == SSL_CERTIFICATE_SKIP ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + goto exit; + } + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_verify ) + { + chain = ssl->handshake->ecrs_peer_cert; + ssl->handshake->ecrs_peer_cert = NULL; + goto crt_verify; + } +#endif + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + /* mbedtls_ssl_read_record may have sent an alert already. We + let it decide whether to alert. */ + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + goto exit; + } + +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl_srv_check_client_no_crt_notification( ssl ) == 0 ) + { + ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; + + if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) + ret = 0; + else + ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; + + goto exit; + } +#endif /* MBEDTLS_SSL_SRV_C */ + + /* Clear existing peer CRT structure in case we tried to + * reuse a session but it failed, and allocate a new one. */ + ssl_clear_peer_cert( ssl->session_negotiate ); + + chain = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + if( chain == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", + sizeof( mbedtls_x509_crt ) ) ); + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_x509_crt_init( chain ); + + ret = ssl_parse_certificate_chain( ssl, chain ); + if( ret != 0 ) + goto exit; + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled) + ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; + +crt_verify: + if( ssl->handshake->ecrs_enabled) + rs_ctx = &ssl->handshake->ecrs_ctx; +#endif + + ret = ssl_parse_certificate_verify( ssl, authmode, + chain, rs_ctx ); + if( ret != 0 ) + goto exit; + +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + { + unsigned char *crt_start, *pk_start; + size_t crt_len, pk_len; + + /* We parse the CRT chain without copying, so + * these pointers point into the input buffer, + * and are hence still valid after freeing the + * CRT chain. */ + + crt_start = chain->raw.p; + crt_len = chain->raw.len; + + pk_start = chain->pk_raw.p; + pk_len = chain->pk_raw.len; + + /* Free the CRT structures before computing + * digest and copying the peer's public key. */ + mbedtls_x509_crt_free( chain ); + mbedtls_free( chain ); + chain = NULL; + + ret = ssl_remember_peer_crt_digest( ssl, crt_start, crt_len ); + if( ret != 0 ) + goto exit; + + ret = ssl_remember_peer_pubkey( ssl, pk_start, pk_len ); + if( ret != 0 ) + goto exit; + } +#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + /* Pass ownership to session structure. */ + ssl->session_negotiate->peer_cert = chain; + chain = NULL; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); + +exit: + + if( ret == 0 ) + ssl->state++; + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + { + ssl->handshake->ecrs_peer_cert = chain; + chain = NULL; + } +#endif + + if( chain != NULL ) + { + mbedtls_x509_crt_free( chain ); + mbedtls_free( chain ); + } + + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); + + ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; + ssl->out_msglen = 1; + ssl->out_msg[0] = 1; + + ssl->state++; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); + + return( 0 ); +} + +int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + /* CCS records are only accepted if they have length 1 and content '1', + * so we don't need to check this here. */ + + /* + * Switch to our negotiated transform and session parameters for inbound + * data. + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); + ssl->transform_in = ssl->transform_negotiate; + ssl->session_in = ssl->session_negotiate; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + ssl_dtls_replay_reset( ssl ); +#endif + + /* Increment epoch */ + if( ++ssl->in_epoch == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + /* This is highly unlikely to happen for legitimate reasons, so + treat it as an attack and don't send an alert. */ + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + memset( ssl->in_ctr, 0, 8 ); + + ssl_update_in_pointers( ssl, ssl->transform_negotiate ); + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_activate != NULL ) + { + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif + + ssl->state++; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); + + return( 0 ); +} + +void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info ) +{ + ((void) ciphersuite_info); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) + ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; + else +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA512_C) + if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + ssl->handshake->update_checksum = ssl_update_checksum_sha384; + else +#endif +#if defined(MBEDTLS_SHA256_C) + if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 ) + ssl->handshake->update_checksum = ssl_update_checksum_sha256; + else +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return; + } +} + +void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_starts_ret( &ssl->handshake->fin_md5 ); + mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 ); +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_abort( &ssl->handshake->fin_sha256_psa ); + psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); +#else + mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); +#endif +#endif +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_abort( &ssl->handshake->fin_sha384_psa ); + psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); +#else + mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 ); +#endif +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +} + +static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); + mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); +#else + mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); +#endif +#endif +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); +#else + mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); +#endif +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +} + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ + mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); + mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); +} +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); +#else + mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); +#endif +} +#endif + +#if defined(MBEDTLS_SHA512_C) +static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); +#else + mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); +#endif +} +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +static void ssl_calc_finished_ssl( + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) +{ + const char *sender; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; + + unsigned char padbuf[48]; + unsigned char md5sum[16]; + unsigned char sha1sum[20]; + + mbedtls_ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); + + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + + /* + * SSLv3: + * hash = + * MD5( master + pad2 + + * MD5( handshake + sender + master + pad1 ) ) + * + SHA1( master + pad2 + + * SHA1( handshake + sender + master + pad1 ) ) + */ + +#if !defined(MBEDTLS_MD5_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) + md5.state, sizeof( md5.state ) ); +#endif + +#if !defined(MBEDTLS_SHA1_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof( sha1.state ) ); +#endif + + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT" + : "SRVR"; + + memset( padbuf, 0x36, 48 ); + + mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 ); + mbedtls_md5_update_ret( &md5, session->master, 48 ); + mbedtls_md5_update_ret( &md5, padbuf, 48 ); + mbedtls_md5_finish_ret( &md5, md5sum ); + + mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 ); + mbedtls_sha1_update_ret( &sha1, session->master, 48 ); + mbedtls_sha1_update_ret( &sha1, padbuf, 40 ); + mbedtls_sha1_finish_ret( &sha1, sha1sum ); + + memset( padbuf, 0x5C, 48 ); + + mbedtls_md5_starts_ret( &md5 ); + mbedtls_md5_update_ret( &md5, session->master, 48 ); + mbedtls_md5_update_ret( &md5, padbuf, 48 ); + mbedtls_md5_update_ret( &md5, md5sum, 16 ); + mbedtls_md5_finish_ret( &md5, buf ); + + mbedtls_sha1_starts_ret( &sha1 ); + mbedtls_sha1_update_ret( &sha1, session->master, 48 ); + mbedtls_sha1_update_ret( &sha1, padbuf , 40 ); + mbedtls_sha1_update_ret( &sha1, sha1sum, 20 ); + mbedtls_sha1_finish_ret( &sha1, buf + 16 ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); + + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); + + mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize( md5sum, sizeof( md5sum ) ); + mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_calc_finished_tls( + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) +{ + int len = 12; + const char *sender; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; + unsigned char padbuf[36]; + + mbedtls_ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); + + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + + /* + * TLSv1: + * hash = PRF( master, finished_label, + * MD5( handshake ) + SHA1( handshake ) )[0..11] + */ + +#if !defined(MBEDTLS_MD5_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) + md5.state, sizeof( md5.state ) ); +#endif + +#if !defined(MBEDTLS_SHA1_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof( sha1.state ) ); +#endif + + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + ? "client finished" + : "server finished"; + + mbedtls_md5_finish_ret( &md5, padbuf ); + mbedtls_sha1_finish_ret( &sha1, padbuf + 16 ); + + ssl->handshake->tls_prf( session->master, 48, sender, + padbuf, 36, buf, len ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); + + mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +static void ssl_calc_finished_tls_sha256( + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) +{ + int len = 12; + const char *sender; + unsigned char padbuf[32]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + size_t hash_size; + psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; + psa_status_t status; +#else + mbedtls_sha256_context sha256; +#endif + + mbedtls_ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + ? "client finished" + : "server finished"; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + sha256_psa = psa_hash_operation_init(); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) ); + + status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + return; + } + + status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + return; + } + MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 ); +#else + + mbedtls_sha256_init( &sha256 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); + + mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); + + /* + * TLSv1.2: + * hash = PRF( master, finished_label, + * Hash( handshake ) )[0.11] + */ + +#if !defined(MBEDTLS_SHA256_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) + sha256.state, sizeof( sha256.state ) ); +#endif + + mbedtls_sha256_finish_ret( &sha256, padbuf ); + mbedtls_sha256_free( &sha256 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + ssl->handshake->tls_prf( session->master, 48, sender, + padbuf, 32, buf, len ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + + mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) +static void ssl_calc_finished_tls_sha384( + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) +{ + int len = 12; + const char *sender; + unsigned char padbuf[48]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + size_t hash_size; + psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT; + psa_status_t status; +#else + mbedtls_sha512_context sha512; +#endif + + mbedtls_ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + ? "client finished" + : "server finished"; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + sha384_psa = psa_hash_operation_init(); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha384" ) ); + + status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + return; + } + + status = psa_hash_finish( &sha384_psa, padbuf, sizeof( padbuf ), &hash_size ); + if( status != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + return; + } + MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 48 ); +#else + mbedtls_sha512_init( &sha512 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); + + mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); + + /* + * TLSv1.2: + * hash = PRF( master, finished_label, + * Hash( handshake ) )[0.11] + */ + +#if !defined(MBEDTLS_SHA512_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) + sha512.state, sizeof( sha512.state ) ); +#endif + + mbedtls_sha512_finish_ret( &sha512, padbuf ); + mbedtls_sha512_free( &sha512 ); +#endif + + ssl->handshake->tls_prf( session->master, 48, sender, + padbuf, 48, buf, len ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + + mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) +{ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) ); + + /* + * Free our handshake params + */ + mbedtls_ssl_handshake_free( ssl ); + mbedtls_free( ssl->handshake ); + ssl->handshake = NULL; + + /* + * Free the previous transform and swith in the current one + */ + if( ssl->transform ) + { + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); + } + ssl->transform = ssl->transform_negotiate; + ssl->transform_negotiate = NULL; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) ); +} + +void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) +{ + int resume = ssl->handshake->resume; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; + ssl->renego_records_seen = 0; + } +#endif + + /* + * Free the previous session and switch in the current one + */ + if( ssl->session ) + { +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + /* RFC 7366 3.1: keep the EtM state */ + ssl->session_negotiate->encrypt_then_mac = + ssl->session->encrypt_then_mac; +#endif + + mbedtls_ssl_session_free( ssl->session ); + mbedtls_free( ssl->session ); + } + ssl->session = ssl->session_negotiate; + ssl->session_negotiate = NULL; + + /* + * Add cache entry + */ + if( ssl->conf->f_set_cache != NULL && + ssl->session->id_len != 0 && + resume == 0 ) + { + if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->flight != NULL ) + { + /* Cancel handshake timer */ + ssl_set_timer( ssl, 0 ); + + /* Keep last flight around in case we need to resend it: + * we need the handshake and transform structures for that */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); + } + else +#endif + ssl_handshake_wrapup_free_hs_transform( ssl ); + + ssl->state++; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); +} + +int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) +{ + int ret, hash_len; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); + + ssl_update_out_pointers( ssl, ssl->transform_negotiate ); + + ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); + + /* + * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites + * may define some other value. Currently (early 2016), no defined + * ciphersuite does this (and this is unlikely to change as activity has + * moved to TLS 1.3 now) so we can keep the hardcoded 12 here. + */ + hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12; + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->verify_data_len = hash_len; + memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len ); +#endif + + ssl->out_msglen = 4 + hash_len; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_FINISHED; + + /* + * In case of session resuming, invert the client and server + * ChangeCipherSpec messages order. + */ + if( ssl->handshake->resume != 0 ) + { +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; +#endif +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; +#endif + } + else + ssl->state++; + + /* + * Switch to our negotiated transform and session parameters for outbound + * data. + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + unsigned char i; + + /* Remember current epoch settings for resending */ + ssl->handshake->alt_transform_out = ssl->transform_out; + memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); + + /* Set sequence_number to zero */ + memset( ssl->cur_out_ctr + 2, 0, 6 ); + + /* Increment epoch */ + for( i = 2; i > 0; i-- ) + if( ++ssl->cur_out_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + memset( ssl->cur_out_ctr, 0, 8 ); + + ssl->transform_out = ssl->transform_negotiate; + ssl->session_out = ssl->session_negotiate; + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_activate != NULL ) + { + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); +#endif + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); + return( ret ); + } +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define SSL_MAX_HASH_LEN 36 +#else +#define SSL_MAX_HASH_LEN 12 +#endif + +int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned int hash_len; + unsigned char buf[SSL_MAX_HASH_LEN]; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); + + ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + /* There is currently no ciphersuite using another length with TLS 1.2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + hash_len = 36; + else +#endif + hash_len = 12; + + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + } + + if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), + buf, hash_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + } + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->verify_data_len = hash_len; + memcpy( ssl->peer_verify_data, buf, hash_len ); +#endif + + if( ssl->handshake->resume != 0 ) + { +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; +#endif +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; +#endif + } + else + ssl->state++; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); + + return( 0 ); +} + +static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) +{ + memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_init( &handshake->fin_md5 ); + mbedtls_sha1_init( &handshake->fin_sha1 ); + mbedtls_md5_starts_ret( &handshake->fin_md5 ); + mbedtls_sha1_starts_ret( &handshake->fin_sha1 ); +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + handshake->fin_sha256_psa = psa_hash_operation_init(); + psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); +#else + mbedtls_sha256_init( &handshake->fin_sha256 ); + mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); +#endif +#endif +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + handshake->fin_sha384_psa = psa_hash_operation_init(); + psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); +#else + mbedtls_sha512_init( &handshake->fin_sha512 ); + mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 ); +#endif +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + handshake->update_checksum = ssl_update_checksum_start; + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs ); +#endif + +#if defined(MBEDTLS_DHM_C) + mbedtls_dhm_init( &handshake->dhm_ctx ); +#endif +#if defined(MBEDTLS_ECDH_C) + mbedtls_ecdh_init( &handshake->ecdh_ctx ); +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + mbedtls_ecjpake_init( &handshake->ecjpake_ctx ); +#if defined(MBEDTLS_SSL_CLI_C) + handshake->ecjpake_cache = NULL; + handshake->ecjpake_cache_len = 0; +#endif +#endif + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); +#endif + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET; +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_pk_init( &handshake->peer_pubkey ); +#endif +} + +static void ssl_transform_init( mbedtls_ssl_transform *transform ) +{ + memset( transform, 0, sizeof(mbedtls_ssl_transform) ); + + mbedtls_cipher_init( &transform->cipher_ctx_enc ); + mbedtls_cipher_init( &transform->cipher_ctx_dec ); + + mbedtls_md_init( &transform->md_ctx_enc ); + mbedtls_md_init( &transform->md_ctx_dec ); +} + +void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) +{ + memset( session, 0, sizeof(mbedtls_ssl_session) ); +} + +static int ssl_handshake_init( mbedtls_ssl_context *ssl ) +{ + /* Clear old handshake information if present */ + if( ssl->transform_negotiate ) + mbedtls_ssl_transform_free( ssl->transform_negotiate ); + if( ssl->session_negotiate ) + mbedtls_ssl_session_free( ssl->session_negotiate ); + if( ssl->handshake ) + mbedtls_ssl_handshake_free( ssl ); + + /* + * Either the pointers are now NULL or cleared properly and can be freed. + * Now allocate missing structures. + */ + if( ssl->transform_negotiate == NULL ) + { + ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) ); + } + + if( ssl->session_negotiate == NULL ) + { + ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) ); + } + + if( ssl->handshake == NULL ) + { + ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) ); + } + + /* All pointers should exist and can be directly freed without issue */ + if( ssl->handshake == NULL || + ssl->transform_negotiate == NULL || + ssl->session_negotiate == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) ); + + mbedtls_free( ssl->handshake ); + mbedtls_free( ssl->transform_negotiate ); + mbedtls_free( ssl->session_negotiate ); + + ssl->handshake = NULL; + ssl->transform_negotiate = NULL; + ssl->session_negotiate = NULL; + + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + /* Initialize structures */ + mbedtls_ssl_session_init( ssl->session_negotiate ); + ssl_transform_init( ssl->transform_negotiate ); + ssl_handshake_params_init( ssl->handshake ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->handshake->alt_transform_out = ssl->transform_out; + + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; + else + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + + ssl_set_timer( ssl, 0 ); + } +#endif + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) +/* Dummy cookie callbacks for defaults */ +static int ssl_cookie_write_dummy( void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len ) +{ + ((void) ctx); + ((void) p); + ((void) end); + ((void) cli_id); + ((void) cli_id_len); + + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} + +static int ssl_cookie_check_dummy( void *ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len ) +{ + ((void) ctx); + ((void) cookie); + ((void) cookie_len); + ((void) cli_id); + ((void) cli_id_len); + + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ + +/* Once ssl->out_hdr as the address of the beginning of the + * next outgoing record is set, deduce the other pointers. + * + * Note: For TLS, we save the implicit record sequence number + * (entering MAC computation) in the 8 bytes before ssl->out_hdr, + * and the caller has to make sure there's space for this. + */ + +static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_ctr = ssl->out_hdr + 3; + ssl->out_len = ssl->out_hdr + 11; + ssl->out_iv = ssl->out_hdr + 13; + } + else +#endif + { + ssl->out_ctr = ssl->out_hdr - 8; + ssl->out_len = ssl->out_hdr + 3; + ssl->out_iv = ssl->out_hdr + 5; + } + + /* Adjust out_msg to make space for explicit IV, if used. */ + if( transform != NULL && + ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + ssl->out_msg = ssl->out_iv + transform->ivlen - transform->fixed_ivlen; + } + else + ssl->out_msg = ssl->out_iv; +} + +/* Once ssl->in_hdr as the address of the beginning of the + * next incoming record is set, deduce the other pointers. + * + * Note: For TLS, we save the implicit record sequence number + * (entering MAC computation) in the 8 bytes before ssl->in_hdr, + * and the caller has to make sure there's space for this. + */ + +static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->in_ctr = ssl->in_hdr + 3; + ssl->in_len = ssl->in_hdr + 11; + ssl->in_iv = ssl->in_hdr + 13; + } + else +#endif + { + ssl->in_ctr = ssl->in_hdr - 8; + ssl->in_len = ssl->in_hdr + 3; + ssl->in_iv = ssl->in_hdr + 5; + } + + /* Offset in_msg from in_iv to allow space for explicit IV, if used. */ + if( transform != NULL && + ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + ssl->in_msg = ssl->in_iv + transform->ivlen - transform->fixed_ivlen; + } + else + ssl->in_msg = ssl->in_iv; +} + +/* + * Initialize an SSL context + */ +void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) +{ + memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); +} + +/* + * Setup an SSL context + */ + +static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) +{ + /* Set the incoming and outgoing record pointers. */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + ssl->in_hdr = ssl->in_buf; + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + { + ssl->out_hdr = ssl->out_buf + 8; + ssl->in_hdr = ssl->in_buf + 8; + } + + /* Derive other internal pointers. */ + ssl_update_out_pointers( ssl, NULL /* no transform enabled */ ); + ssl_update_in_pointers ( ssl, NULL /* no transform enabled */ ); +} + +int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf ) +{ + int ret; + + ssl->conf = conf; + + /* + * Prepare base structures + */ + + /* Set to NULL in case of an error condition */ + ssl->out_buf = NULL; + + ssl->in_buf = mbedtls_calloc( 1, MBEDTLS_SSL_IN_BUFFER_LEN ); + if( ssl->in_buf == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_IN_BUFFER_LEN) ); + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto error; + } + + ssl->out_buf = mbedtls_calloc( 1, MBEDTLS_SSL_OUT_BUFFER_LEN ); + if( ssl->out_buf == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_OUT_BUFFER_LEN) ); + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto error; + } + + ssl_reset_in_out_pointers( ssl ); + + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + goto error; + + return( 0 ); + +error: + mbedtls_free( ssl->in_buf ); + mbedtls_free( ssl->out_buf ); + + ssl->conf = NULL; + + ssl->in_buf = NULL; + ssl->out_buf = NULL; + + ssl->in_hdr = NULL; + ssl->in_ctr = NULL; + ssl->in_len = NULL; + ssl->in_iv = NULL; + ssl->in_msg = NULL; + + ssl->out_hdr = NULL; + ssl->out_ctr = NULL; + ssl->out_len = NULL; + ssl->out_iv = NULL; + ssl->out_msg = NULL; + + return( ret ); +} + +/* + * Reset an initialized and used SSL context for re-use while retaining + * all application-set variables, function pointers and data. + * + * If partial is non-zero, keep data in the input buffer and client ID. + * (Use when a DTLS client reconnects from the same port.) + */ +static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +{ + int ret; + +#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \ + !defined(MBEDTLS_SSL_SRV_C) + ((void) partial); +#endif + + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + + /* Cancel any possibly running timer */ + ssl_set_timer( ssl, 0 ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; + ssl->renego_records_seen = 0; + + ssl->verify_data_len = 0; + memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); + memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); +#endif + ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; + + ssl->in_offt = NULL; + ssl_reset_in_out_pointers( ssl ); + + ssl->in_msgtype = 0; + ssl->in_msglen = 0; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + ssl->next_record_offset = 0; + ssl->in_epoch = 0; +#endif +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + ssl_dtls_replay_reset( ssl ); +#endif + + ssl->in_hslen = 0; + ssl->nb_zero = 0; + + ssl->keep_current_message = 0; + + ssl->out_msgtype = 0; + ssl->out_msglen = 0; + ssl->out_left = 0; +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ) + ssl->split_done = 0; +#endif + + memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + + ssl->transform_in = NULL; + ssl->transform_out = NULL; + + ssl->session_in = NULL; + ssl->session_out = NULL; + + memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN ); + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) + if( partial == 0 ) +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ + { + ssl->in_left = 0; + memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN ); + } + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_reset != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) ); + if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif + + if( ssl->transform ) + { + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); + ssl->transform = NULL; + } + + if( ssl->session ) + { + mbedtls_ssl_session_free( ssl->session ); + mbedtls_free( ssl->session ); + ssl->session = NULL; + } + +#if defined(MBEDTLS_SSL_ALPN) + ssl->alpn_chosen = NULL; +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + if( partial == 0 ) +#endif + { + mbedtls_free( ssl->cli_id ); + ssl->cli_id = NULL; + ssl->cli_id_len = 0; + } +#endif + + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +/* + * Reset an initialized and used SSL context for re-use while retaining + * all application-set variables, function pointers and data. + */ +int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ) +{ + return( ssl_session_reset_int( ssl, 0 ) ); +} + +/* + * SSL set accessors + */ +void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ) +{ + conf->endpoint = endpoint; +} + +void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ) +{ + conf->transport = transport; +} + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) +{ + conf->anti_replay = mode; +} +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) +void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) +{ + conf->badmac_limit = limit; +} +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, + unsigned allow_packing ) +{ + ssl->disable_datagram_packing = !allow_packing; +} + +void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, + uint32_t min, uint32_t max ) +{ + conf->hs_timeout_min = min; + conf->hs_timeout_max = max; +} +#endif + +void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ) +{ + conf->authmode = authmode; +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + conf->f_vrfy = f_vrfy; + conf->p_vrfy = p_vrfy; +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + conf->f_rng = f_rng; + conf->p_rng = p_rng; +} + +void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg ) +{ + conf->f_dbg = f_dbg; + conf->p_dbg = p_dbg; +} + +void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, + void *p_bio, + mbedtls_ssl_send_t *f_send, + mbedtls_ssl_recv_t *f_recv, + mbedtls_ssl_recv_timeout_t *f_recv_timeout ) +{ + ssl->p_bio = p_bio; + ssl->f_send = f_send; + ssl->f_recv = f_recv; + ssl->f_recv_timeout = f_recv_timeout; +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ) +{ + ssl->mtu = mtu; +} +#endif + +void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) +{ + conf->read_timeout = timeout; +} + +void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, + void *p_timer, + mbedtls_ssl_set_timer_t *f_set_timer, + mbedtls_ssl_get_timer_t *f_get_timer ) +{ + ssl->p_timer = p_timer; + ssl->f_set_timer = f_set_timer; + ssl->f_get_timer = f_get_timer; + + /* Make sure we start with no timer running */ + ssl_set_timer( ssl, 0 ); +} + +#if defined(MBEDTLS_SSL_SRV_C) +void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *) ) +{ + conf->p_cache = p_cache; + conf->f_get_cache = f_get_cache; + conf->f_set_cache = f_set_cache; +} +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_CLI_C) +int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ) +{ + int ret; + + if( ssl == NULL || + session == NULL || + ssl->session_negotiate == NULL || + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate, + session ) ) != 0 ) + return( ret ); + + ssl->handshake->resume = 1; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_CLI_C */ + +void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, + const int *ciphersuites ) +{ + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites; +} + +void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor ) +{ + if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) + return; + + if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 ) + return; + + conf->ciphersuite_list[minor] = ciphersuites; +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, + const mbedtls_x509_crt_profile *profile ) +{ + conf->cert_profile = profile; +} + +/* Append a new keycert entry to a (possibly empty) list */ +static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, + mbedtls_x509_crt *cert, + mbedtls_pk_context *key ) +{ + mbedtls_ssl_key_cert *new_cert; + + new_cert = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) ); + if( new_cert == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + new_cert->cert = cert; + new_cert->key = key; + new_cert->next = NULL; + + /* Update head is the list was null, else add to the end */ + if( *head == NULL ) + { + *head = new_cert; + } + else + { + mbedtls_ssl_key_cert *cur = *head; + while( cur->next != NULL ) + cur = cur->next; + cur->next = new_cert; + } + + return( 0 ); +} + +int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ) +{ + return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); +} + +void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ) +{ + conf->ca_chain = ca_chain; + conf->ca_crl = ca_crl; + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb() + * cannot be used together. */ + conf->f_ca_cb = NULL; + conf->p_ca_cb = NULL; +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +} + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb ) +{ + conf->f_ca_cb = f_ca_cb; + conf->p_ca_cb = p_ca_cb; + + /* mbedtls_ssl_conf_ca_chain() and mbedtls_ssl_conf_ca_cb() + * cannot be used together. */ + conf->ca_chain = NULL; + conf->ca_crl = NULL; +} +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ) +{ + return( ssl_append_key_cert( &ssl->handshake->sni_key_cert, + own_cert, pk_key ) ); +} + +void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ) +{ + ssl->handshake->sni_ca_chain = ca_chain; + ssl->handshake->sni_ca_crl = ca_crl; +} + +void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, + int authmode ) +{ + ssl->handshake->sni_authmode = authmode; +} +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + ssl->f_vrfy = f_vrfy; + ssl->p_vrfy = p_vrfy; +} +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +/* + * Set EC J-PAKE password for current handshake + */ +int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, + const unsigned char *pw, + size_t pw_len ) +{ + mbedtls_ecjpake_role role; + + if( ssl->handshake == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + role = MBEDTLS_ECJPAKE_SERVER; + else + role = MBEDTLS_ECJPAKE_CLIENT; + + return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx, + role, + MBEDTLS_MD_SHA256, + MBEDTLS_ECP_DP_SECP256R1, + pw, pw_len ) ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + +static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) +{ + /* Remove reference to existing PSK, if any. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( conf->psk_opaque != 0 ) + { + /* The maintenance of the PSK key slot is the + * user's responsibility. */ + conf->psk_opaque = 0; + } + /* This and the following branch should never + * be taken simultaenously as we maintain the + * invariant that raw and opaque PSKs are never + * configured simultaneously. As a safeguard, + * though, `else` is omitted here. */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( conf->psk != NULL ) + { + mbedtls_platform_zeroize( conf->psk, conf->psk_len ); + + mbedtls_free( conf->psk ); + conf->psk = NULL; + conf->psk_len = 0; + } + + /* Remove reference to PSK identity, if any. */ + if( conf->psk_identity != NULL ) + { + mbedtls_free( conf->psk_identity ); + conf->psk_identity = NULL; + conf->psk_identity_len = 0; + } +} + +/* This function assumes that PSK identity in the SSL config is unset. + * It checks that the provided identity is well-formed and attempts + * to make a copy of it in the SSL config. + * On failure, the PSK identity in the config remains unset. */ +static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf, + unsigned char const *psk_identity, + size_t psk_identity_len ) +{ + /* Identity len will be encoded on two bytes */ + if( psk_identity == NULL || + ( psk_identity_len >> 16 ) != 0 || + psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ); + if( conf->psk_identity == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + conf->psk_identity_len = psk_identity_len; + memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); + + return( 0 ); +} + +int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len ) +{ + int ret; + /* Remove opaque/raw PSK + PSK Identity */ + ssl_conf_remove_psk( conf ); + + /* Check and set raw PSK */ + if( psk == NULL || psk_len > MBEDTLS_PSK_MAX_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + conf->psk_len = psk_len; + memcpy( conf->psk, psk, conf->psk_len ); + + /* Check and set PSK Identity */ + ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len ); + if( ret != 0 ) + ssl_conf_remove_psk( conf ); + + return( ret ); +} + +static void ssl_remove_psk( mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ssl->handshake->psk_opaque != 0 ) + { + ssl->handshake->psk_opaque = 0; + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ssl->handshake->psk != NULL ) + { + mbedtls_platform_zeroize( ssl->handshake->psk, + ssl->handshake->psk_len ); + mbedtls_free( ssl->handshake->psk ); + ssl->handshake->psk_len = 0; + } +} + +int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len ) +{ + if( psk == NULL || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( psk_len > MBEDTLS_PSK_MAX_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + ssl_remove_psk( ssl ); + + if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + ssl->handshake->psk_len = psk_len; + memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len ); + + return( 0 ); +} + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, + psa_key_handle_t psk_slot, + const unsigned char *psk_identity, + size_t psk_identity_len ) +{ + int ret; + /* Clear opaque/raw PSK + PSK Identity, if present. */ + ssl_conf_remove_psk( conf ); + + /* Check and set opaque PSK */ + if( psk_slot == 0 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + conf->psk_opaque = psk_slot; + + /* Check and set PSK Identity */ + ret = ssl_conf_set_psk_identity( conf, psk_identity, + psk_identity_len ); + if( ret != 0 ) + ssl_conf_remove_psk( conf ); + + return( ret ); +} + +int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, + psa_key_handle_t psk_slot ) +{ + if( psk_slot == 0 || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + ssl_remove_psk( ssl ); + ssl->handshake->psk_opaque = psk_slot; + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk ) +{ + conf->f_psk = f_psk; + conf->p_psk = p_psk; +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) +{ + int ret; + + if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || + ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) + { + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); + return( ret ); + } + + return( 0 ); +} +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, + const unsigned char *dhm_P, size_t P_len, + const unsigned char *dhm_G, size_t G_len ) +{ + int ret; + + if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 || + ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 ) + { + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); + return( ret ); + } + + return( 0 ); +} + +int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) +{ + int ret; + + if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || + ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) + { + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); + return( ret ); + } + + return( 0 ); +} +#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) +/* + * Set the minimum length for Diffie-Hellman parameters + */ +void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, + unsigned int bitlen ) +{ + conf->dhm_min_bitlen = bitlen; +} +#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +/* + * Set allowed/preferred hashes for handshake signatures + */ +void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, + const int *hashes ) +{ + conf->sig_hashes = hashes; +} +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_ECP_C) +/* + * Set the allowed elliptic curves + */ +void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curve_list ) +{ + conf->curve_list = curve_list; +} +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ) +{ + /* Initialize to suppress unnecessary compiler warning */ + size_t hostname_len = 0; + + /* Check if new hostname is valid before + * making any change to current one */ + if( hostname != NULL ) + { + hostname_len = strlen( hostname ); + + if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* Now it's clear that we will overwrite the old hostname, + * so we can free it safely */ + + if( ssl->hostname != NULL ) + { + mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); + mbedtls_free( ssl->hostname ); + } + + /* Passing NULL as hostname shall clear the old one */ + + if( hostname == NULL ) + { + ssl->hostname = NULL; + } + else + { + ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 ); + if( ssl->hostname == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + memcpy( ssl->hostname, hostname, hostname_len ); + + ssl->hostname[hostname_len] = '\0'; + } + + return( 0 ); +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, + const unsigned char *, size_t), + void *p_sni ) +{ + conf->f_sni = f_sni; + conf->p_sni = p_sni; +} +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_ALPN) +int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ) +{ + size_t cur_len, tot_len; + const char **p; + + /* + * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings + * MUST NOT be truncated." + * We check lengths now rather than later. + */ + tot_len = 0; + for( p = protos; *p != NULL; p++ ) + { + cur_len = strlen( *p ); + tot_len += cur_len; + + if( cur_len == 0 || cur_len > 255 || tot_len > 65535 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + conf->alpn_list = protos; + + return( 0 ); +} + +const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ) +{ + return( ssl->alpn_chosen ); +} +#endif /* MBEDTLS_SSL_ALPN */ + +void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ) +{ + conf->max_major_ver = major; + conf->max_minor_ver = minor; +} + +void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ) +{ + conf->min_major_ver = major; + conf->min_minor_ver = minor; +} + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) +void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) +{ + conf->fallback = fallback; +} +#endif + +#if defined(MBEDTLS_SSL_SRV_C) +void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, + char cert_req_ca_list ) +{ + conf->cert_req_ca_list = cert_req_ca_list; +} +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ) +{ + conf->encrypt_then_mac = etm; +} +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ) +{ + conf->extended_ms = ems; +} +#endif + +#if defined(MBEDTLS_ARC4_C) +void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ) +{ + conf->arc4_disabled = arc4; +} +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ) +{ + if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || + ssl_mfl_code_to_length( mfl_code ) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + conf->mfl_code = mfl_code; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) +{ + conf->trunc_hmac = truncate; +} +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) +{ + conf->cbc_record_splitting = split; +} +#endif + +void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) +{ + conf->allow_legacy_renegotiation = allow_legacy; +} + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ) +{ + conf->disable_renegotiation = renegotiation; +} + +void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ) +{ + conf->renego_max_records = max_records; +} + +void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, + const unsigned char period[8] ) +{ + memcpy( conf->renego_period, period, 8 ); +} +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_CLI_C) +void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) +{ + conf->session_tickets = use_tickets; +} +#endif + +#if defined(MBEDTLS_SSL_SRV_C) +void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket ) +{ + conf->f_ticket_write = f_ticket_write; + conf->f_ticket_parse = f_ticket_parse; + conf->p_ticket = p_ticket; +} +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) +void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys ) +{ + conf->f_export_keys = f_export_keys; + conf->p_export_keys = p_export_keys; +} +#endif + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +void mbedtls_ssl_conf_async_private_cb( + mbedtls_ssl_config *conf, + mbedtls_ssl_async_sign_t *f_async_sign, + mbedtls_ssl_async_decrypt_t *f_async_decrypt, + mbedtls_ssl_async_resume_t *f_async_resume, + mbedtls_ssl_async_cancel_t *f_async_cancel, + void *async_config_data ) +{ + conf->f_async_sign_start = f_async_sign; + conf->f_async_decrypt_start = f_async_decrypt; + conf->f_async_resume = f_async_resume; + conf->f_async_cancel = f_async_cancel; + conf->p_async_config_data = async_config_data; +} + +void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ) +{ + return( conf->p_async_config_data ); +} + +void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ) +{ + if( ssl->handshake == NULL ) + return( NULL ); + else + return( ssl->handshake->user_async_ctx ); +} + +void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, + void *ctx ) +{ + if( ssl->handshake != NULL ) + ssl->handshake->user_async_ctx = ctx; +} +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +/* + * SSL get accessors + */ +size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ) +{ + return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); +} + +int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) +{ + /* + * Case A: We're currently holding back + * a message for further processing. + */ + + if( ssl->keep_current_message == 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: record held back for processing" ) ); + return( 1 ); + } + + /* + * Case B: Further records are pending in the current datagram. + */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->in_left > ssl->next_record_offset ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more records within current datagram" ) ); + return( 1 ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + /* + * Case C: A handshake message is being processed. + */ + + if( ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more handshake messages within current record" ) ); + return( 1 ); + } + + /* + * Case D: An application data message is being processed + */ + if( ssl->in_offt != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: application data record is being processed" ) ); + return( 1 ); + } + + /* + * In all other cases, the rest of the message can be dropped. + * As in ssl_get_next_record, this needs to be adapted if + * we implement support for multiple alerts in single records. + */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: nothing pending" ) ); + return( 0 ); +} + +uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) +{ + if( ssl->session != NULL ) + return( ssl->session->verify_result ); + + if( ssl->session_negotiate != NULL ) + return( ssl->session_negotiate->verify_result ); + + return( 0xFFFFFFFF ); +} + +const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) +{ + if( ssl == NULL || ssl->session == NULL ) + return( NULL ); + + return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite ); +} + +const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + switch( ssl->minor_ver ) + { + case MBEDTLS_SSL_MINOR_VERSION_2: + return( "DTLSv1.0" ); + + case MBEDTLS_SSL_MINOR_VERSION_3: + return( "DTLSv1.2" ); + + default: + return( "unknown (DTLS)" ); + } + } +#endif + + switch( ssl->minor_ver ) + { + case MBEDTLS_SSL_MINOR_VERSION_0: + return( "SSLv3.0" ); + + case MBEDTLS_SSL_MINOR_VERSION_1: + return( "TLSv1.0" ); + + case MBEDTLS_SSL_MINOR_VERSION_2: + return( "TLSv1.1" ); + + case MBEDTLS_SSL_MINOR_VERSION_3: + return( "TLSv1.2" ); + + default: + return( "unknown" ); + } +} + +int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) +{ + size_t transform_expansion = 0; + const mbedtls_ssl_transform *transform = ssl->transform_out; + unsigned block_size; + + if( transform == NULL ) + return( (int) mbedtls_ssl_hdr_len( ssl ) ); + +#if defined(MBEDTLS_ZLIB_SUPPORT) + if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + + switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) + { + case MBEDTLS_MODE_GCM: + case MBEDTLS_MODE_CCM: + case MBEDTLS_MODE_CHACHAPOLY: + case MBEDTLS_MODE_STREAM: + transform_expansion = transform->minlen; + break; + + case MBEDTLS_MODE_CBC: + + block_size = mbedtls_cipher_get_block_size( + &transform->cipher_ctx_enc ); + + /* Expansion due to the addition of the MAC. */ + transform_expansion += transform->maclen; + + /* Expansion due to the addition of CBC padding; + * Theoretically up to 256 bytes, but we never use + * more than the block size of the underlying cipher. */ + transform_expansion += block_size; + + /* For TLS 1.1 or higher, an explicit IV is added + * after the record header. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + transform_expansion += block_size; +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ + + break; + + default: + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + return( (int)( mbedtls_ssl_hdr_len( ssl ) + transform_expansion ) ); +} + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) +{ + size_t max_len; + + /* + * Assume mfl_code is correct since it was checked when set + */ + max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code ); + + /* Check if a smaller max length was negotiated */ + if( ssl->session_out != NULL && + ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len ) + { + max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); + } + + /* During a handshake, use the value being negotiated */ + if( ssl->session_negotiate != NULL && + ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len ) + { + max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); + } + + return( max_len ); +} +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ) +{ + /* Return unlimited mtu for client hello messages to avoid fragmentation. */ + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO || + ssl->state == MBEDTLS_SSL_SERVER_HELLO ) ) + return ( 0 ); + + if( ssl->handshake == NULL || ssl->handshake->mtu == 0 ) + return( ssl->mtu ); + + if( ssl->mtu == 0 ) + return( ssl->handshake->mtu ); + + return( ssl->mtu < ssl->handshake->mtu ? + ssl->mtu : ssl->handshake->mtu ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) +{ + size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + +#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ + !defined(MBEDTLS_SSL_PROTO_DTLS) + (void) ssl; +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); + + if( max_len > mfl ) + max_len = mfl; +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl_get_current_mtu( ssl ) != 0 ) + { + const size_t mtu = ssl_get_current_mtu( ssl ); + const int ret = mbedtls_ssl_get_record_expansion( ssl ); + const size_t overhead = (size_t) ret; + + if( ret < 0 ) + return( ret ); + + if( mtu <= overhead ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + if( max_len > mtu - overhead ) + max_len = mtu - overhead; + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ + !defined(MBEDTLS_SSL_PROTO_DTLS) + ((void) ssl); +#endif + + return( (int) max_len ); +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) +{ + if( ssl == NULL || ssl->session == NULL ) + return( NULL ); + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + return( ssl->session->peer_cert ); +#else + return( NULL ); +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_CLI_C) +int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, + mbedtls_ssl_session *dst ) +{ + if( ssl == NULL || + dst == NULL || + ssl->session == NULL || + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + return( mbedtls_ssl_session_copy( dst, ssl->session ) ); +} +#endif /* MBEDTLS_SSL_CLI_C */ + +/* + * Perform a single step of the SSL handshake + */ +int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ret = mbedtls_ssl_handshake_client_step( ssl ); +#endif +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ret = mbedtls_ssl_handshake_server_step( ssl ); +#endif + + return( ret ); +} + +/* + * Perform the SSL handshake + */ +int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); + + while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + { + ret = mbedtls_ssl_handshake_step( ssl ); + + if( ret != 0 ) + break; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); + + return( ret ); +} + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_SRV_C) +/* + * Write HelloRequest to request renegotiation on server + */ +static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) ); + + ssl->out_msglen = 4; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; + + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_SRV_C */ + +/* + * Actually renegotiate current connection, triggered by either: + * - any side: calling mbedtls_ssl_renegotiate(), + * - client: receiving a HelloRequest during mbedtls_ssl_read(), + * - server: receiving any handshake message on server during mbedtls_ssl_read() after + * the initial handshake is completed. + * If the handshake doesn't complete due to waiting for I/O, it will continue + * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively. + */ +static int ssl_start_renegotiation( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); + + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + return( ret ); + + /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and + * the ServerHello will have message_seq = 1" */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ssl->handshake->out_msg_seq = 1; + else + ssl->handshake->in_msg_seq = 1; + } +#endif + + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; + + if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); + + return( 0 ); +} + +/* + * Renegotiate current connection on client, + * or request renegotiation on server + */ +int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_SSL_SRV_C) + /* On server, just send the request */ + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + { + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; + + /* Did we already try/start sending HelloRequest? */ + if( ssl->out_left != 0 ) + return( mbedtls_ssl_flush_output( ssl ) ); + + return( ssl_write_hello_request( ssl ) ); + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_CLI_C) + /* + * On client, either start the renegotiation process or, + * if already in progress, continue the handshake + */ + if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( ( ret = ssl_start_renegotiation( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); + return( ret ); + } + } + else + { + if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_SSL_CLI_C */ + + return( ret ); +} + +/* + * Check record counters and renegotiate if they're above the limit. + */ +static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) +{ + size_t ep_len = ssl_ep_len( ssl ); + int in_ctr_cmp; + int out_ctr_cmp; + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || + ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) + { + return( 0 ); + } + + in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len ); + out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len ); + + if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) + { + return( 0 ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "record counter limit reached: renegotiate" ) ); + return( mbedtls_ssl_renegotiate( ssl ) ); +} +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/* + * Receive application data decrypted from the SSL layer + */ +int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +{ + int ret; + size_t n; + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + if( ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + return( ret ); + } + } +#endif + + /* + * Check if renegotiation is necessary and/or handshake is + * in process. If yes, perform/continue, and fall through + * if an unexpected packet is received while the client + * is waiting for the ServerHello. + * + * (There is no equivalent to the last condition on + * the server-side as it is not treated as within + * a handshake while waiting for the ClientHello + * after a renegotiation request.) + */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ret = ssl_check_ctr_renegotiate( ssl ); + if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); + return( ret ); + } +#endif + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + { + ret = mbedtls_ssl_handshake( ssl ); + if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); + return( ret ); + } + } + + /* Loop as long as no application data record is available */ + while( ssl->in_offt == NULL ) + { + /* Start timer if not already running */ + if( ssl->f_get_timer != NULL && + ssl->f_get_timer( ssl->p_timer ) == -1 ) + { + ssl_set_timer( ssl, ssl->conf->read_timeout ); + } + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msglen == 0 && + ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA ) + { + /* + * OpenSSL sends empty messages to randomize the IV + */ + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + } + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); + + /* + * - For client-side, expect SERVER_HELLO_REQUEST. + * - For server-side, expect CLIENT_HELLO. + * - Fail (TLS) or silently drop record (DTLS) in other cases. + */ + +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + continue; + } +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + continue; + } +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + /* Determine whether renegotiation attempt should be accepted */ + if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || + ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) + { + /* + * Accept renegotiation request + */ + + /* DTLS clients need to know renego is server-initiated */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; + } +#endif + ret = ssl_start_renegotiation( ssl ); + if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + { + /* + * Refuse renegotiation + */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + { + /* SSLv3 does not have a "no_renegotiation" warning, so + we send a fatal alert and abort the connection. */ + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + else +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + { + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) + { + return( ret ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + + /* At this point, we don't know whether the renegotiation has been + * completed or not. The cases to consider are the following: + * 1) The renegotiation is complete. In this case, no new record + * has been read yet. + * 2) The renegotiation is incomplete because the client received + * an application data record while awaiting the ServerHello. + * 3) The renegotiation is incomplete because the client received + * a non-handshake, non-application data message while awaiting + * the ServerHello. + * In each of these case, looping will be the proper action: + * - For 1), the next iteration will read a new record and check + * if it's application data. + * - For 2), the loop condition isn't satisfied as application data + * is present, hence continue is the same as break + * - For 3), the loop condition is satisfied and read_record + * will re-deliver the message that was held back by the client + * when expecting the ServerHello. + */ + continue; + } +#if defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ssl->conf->renego_max_records >= 0 ) + { + if( ++ssl->renego_records_seen > ssl->conf->renego_max_records ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " + "but not honored by client" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + } + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) ); + return( MBEDTLS_ERR_SSL_WANT_READ ); + } + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + ssl->in_offt = ssl->in_msg; + + /* We're going to return something now, cancel timer, + * except if handshake (renegotiation) is in progress */ + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + ssl_set_timer( ssl, 0 ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* If we requested renego but received AppData, resend HelloRequest. + * Do it now, after setting in_offt, to avoid taking this branch + * again if ssl_write_hello_request() returns WANT_WRITE */ +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + } + + n = ( len < ssl->in_msglen ) + ? len : ssl->in_msglen; + + memcpy( buf, ssl->in_offt, n ); + ssl->in_msglen -= n; + + if( ssl->in_msglen == 0 ) + { + /* all bytes consumed */ + ssl->in_offt = NULL; + ssl->keep_current_message = 0; + } + else + { + /* more data available */ + ssl->in_offt += n; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) ); + + return( (int) n ); +} + +/* + * Send application data to be encrypted by the SSL layer, taking care of max + * fragment length and buffer size. + * + * According to RFC 5246 Section 6.2.1: + * + * Zero-length fragments of Application data MAY be sent as they are + * potentially useful as a traffic analysis countermeasure. + * + * Therefore, it is possible that the input message length is 0 and the + * corresponding return code is 0 on success. + */ +static int ssl_write_real( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ + int ret = mbedtls_ssl_get_max_out_record_payload( ssl ); + const size_t max_len = (size_t) ret; + + if( ret < 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret ); + return( ret ); + } + + if( len > max_len ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) " + "maximum fragment length: %d > %d", + len, max_len ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + else +#endif + len = max_len; + } + + if( ssl->out_left != 0 ) + { + /* + * The user has previously tried to send the data and + * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially + * written. In this case, we expect the high-level write function + * (e.g. mbedtls_ssl_write()) to be called with the same parameters + */ + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); + return( ret ); + } + } + else + { + /* + * The user is trying to send a message the first time, so we need to + * copy the data into the internal buffers and setup the data structure + * to keep track of partial writes + */ + ssl->out_msglen = len; + ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; + memcpy( ssl->out_msg, buf, len ); + + if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); + } + } + + return( (int) len ); +} + +/* + * Write application data, doing 1/n-1 splitting if necessary. + * + * With non-blocking I/O, ssl_write_real() may return WANT_WRITE, + * then the caller will call us again with the same arguments, so + * remember whether we already did the split or not. + */ +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +static int ssl_write_split( mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len ) +{ + int ret; + + if( ssl->conf->cbc_record_splitting == + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || + len <= 1 || + ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 || + mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) + != MBEDTLS_MODE_CBC ) + { + return( ssl_write_real( ssl, buf, len ) ); + } + + if( ssl->split_done == 0 ) + { + if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 ) + return( ret ); + ssl->split_done = 1; + } + + if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 ) + return( ret ); + ssl->split_done = 0; + + return( ret + 1 ); +} +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ + +/* + * Write application data (public-facing wrapper) + */ +int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) ); + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); + return( ret ); + } +#endif + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + { + if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); + return( ret ); + } + } + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + ret = ssl_write_split( ssl, buf, len ); +#else + ret = ssl_write_real( ssl, buf, len ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) ); + + return( ret ); +} + +/* + * Notify the peer that the connection is being closed + */ +int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ) +{ + int ret; + + if( ssl == NULL || ssl->conf == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); + + if( ssl->out_left != 0 ) + return( mbedtls_ssl_flush_output( ssl ) ); + + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + { + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret ); + return( ret ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); + + return( 0 ); +} + +void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) +{ + if( transform == NULL ) + return; + +#if defined(MBEDTLS_ZLIB_SUPPORT) + deflateEnd( &transform->ctx_deflate ); + inflateEnd( &transform->ctx_inflate ); +#endif + + mbedtls_cipher_free( &transform->cipher_ctx_enc ); + mbedtls_cipher_free( &transform->cipher_ctx_dec ); + + mbedtls_md_free( &transform->md_ctx_enc ); + mbedtls_md_free( &transform->md_ctx_dec ); + + mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) ); +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) +{ + mbedtls_ssl_key_cert *cur = key_cert, *next; + + while( cur != NULL ) + { + next = cur->next; + mbedtls_free( cur ); + cur = next; + } +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +static void ssl_buffering_free( mbedtls_ssl_context *ssl ) +{ + unsigned offset; + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + + if( hs == NULL ) + return; + + ssl_free_buffered_record( ssl ); + + for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) + ssl_buffering_free_slot( ssl, offset ); +} + +static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, + uint8_t slot ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot]; + + if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS ) + return; + + if( hs_buf->is_valid == 1 ) + { + hs->buffering.total_bytes_buffered -= hs_buf->data_len; + mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len ); + mbedtls_free( hs_buf->data ); + memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + } +} + +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params *handshake = ssl->handshake; + + if( handshake == NULL ) + return; + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 ) + { + ssl->conf->f_async_cancel( ssl ); + handshake->async_in_progress = 0; + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_free( &handshake->fin_md5 ); + mbedtls_sha1_free( &handshake->fin_sha1 ); +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_abort( &handshake->fin_sha256_psa ); +#else + mbedtls_sha256_free( &handshake->fin_sha256 ); +#endif +#endif +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_abort( &handshake->fin_sha384_psa ); +#else + mbedtls_sha512_free( &handshake->fin_sha512 ); +#endif +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_DHM_C) + mbedtls_dhm_free( &handshake->dhm_ctx ); +#endif +#if defined(MBEDTLS_ECDH_C) + mbedtls_ecdh_free( &handshake->ecdh_ctx ); +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + mbedtls_ecjpake_free( &handshake->ecjpake_ctx ); +#if defined(MBEDTLS_SSL_CLI_C) + mbedtls_free( handshake->ecjpake_cache ); + handshake->ecjpake_cache = NULL; + handshake->ecjpake_cache_len = 0; +#endif +#endif + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + /* explicit void pointer cast for buggy MS compiler */ + mbedtls_free( (void *) handshake->curves ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( handshake->psk != NULL ) + { + mbedtls_platform_zeroize( handshake->psk, handshake->psk_len ); + mbedtls_free( handshake->psk ); + } +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + /* + * Free only the linked list wrapper, not the keys themselves + * since the belong to the SNI callback + */ + if( handshake->sni_key_cert != NULL ) + { + mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next; + + while( cur != NULL ) + { + next = cur->next; + mbedtls_free( cur ); + cur = next; + } + } +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx ); + if( handshake->ecrs_peer_cert != NULL ) + { + mbedtls_x509_crt_free( handshake->ecrs_peer_cert ); + mbedtls_free( handshake->ecrs_peer_cert ); + } +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_pk_free( &handshake->peer_pubkey ); +#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + mbedtls_free( handshake->verify_cookie ); + ssl_flight_free( handshake->flight ); + ssl_buffering_free( ssl ); +#endif + +#if defined(MBEDTLS_ECDH_C) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key( handshake->ecdh_psa_privkey ); +#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */ + + mbedtls_platform_zeroize( handshake, + sizeof( mbedtls_ssl_handshake_params ) ); +} + +void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) +{ + if( session == NULL ) + return; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + ssl_clear_peer_cert( session ); +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + mbedtls_free( session->ticket ); +#endif + + mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) ); +} + +/* + * Free an SSL context + */ +void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) +{ + if( ssl == NULL ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) ); + + if( ssl->out_buf != NULL ) + { + mbedtls_platform_zeroize( ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN ); + mbedtls_free( ssl->out_buf ); + } + + if( ssl->in_buf != NULL ) + { + mbedtls_platform_zeroize( ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN ); + mbedtls_free( ssl->in_buf ); + } + +#if defined(MBEDTLS_ZLIB_SUPPORT) + if( ssl->compress_buf != NULL ) + { + mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); + mbedtls_free( ssl->compress_buf ); + } +#endif + + if( ssl->transform ) + { + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); + } + + if( ssl->handshake ) + { + mbedtls_ssl_handshake_free( ssl ); + mbedtls_ssl_transform_free( ssl->transform_negotiate ); + mbedtls_ssl_session_free( ssl->session_negotiate ); + + mbedtls_free( ssl->handshake ); + mbedtls_free( ssl->transform_negotiate ); + mbedtls_free( ssl->session_negotiate ); + } + + if( ssl->session ) + { + mbedtls_ssl_session_free( ssl->session ); + mbedtls_free( ssl->session ); + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( ssl->hostname != NULL ) + { + mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); + mbedtls_free( ssl->hostname ); + } +#endif + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_finish != NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) ); + mbedtls_ssl_hw_record_finish( ssl ); + } +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + mbedtls_free( ssl->cli_id ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) ); + + /* Actually clear after last debug message */ + mbedtls_platform_zeroize( ssl, sizeof( mbedtls_ssl_context ) ); +} + +/* + * Initialze mbedtls_ssl_config + */ +void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) +{ + memset( conf, 0, sizeof( mbedtls_ssl_config ) ); +} + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +static int ssl_preset_default_hashes[] = { +#if defined(MBEDTLS_SHA512_C) + MBEDTLS_MD_SHA512, + MBEDTLS_MD_SHA384, +#endif +#if defined(MBEDTLS_SHA256_C) + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA224, +#endif +#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) + MBEDTLS_MD_SHA1, +#endif + MBEDTLS_MD_NONE +}; +#endif + +static int ssl_preset_suiteb_ciphersuites[] = { + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + 0 +}; + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +static int ssl_preset_suiteb_hashes[] = { + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA384, + MBEDTLS_MD_NONE +}; +#endif + +#if defined(MBEDTLS_ECP_C) +static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = { + MBEDTLS_ECP_DP_SECP256R1, + MBEDTLS_ECP_DP_SECP384R1, + MBEDTLS_ECP_DP_NONE +}; +#endif + +/* + * Load default in mbedtls_ssl_config + */ +int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, + int endpoint, int transport, int preset ) +{ +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) + int ret; +#endif + + /* Use the functions here so that they are covered in tests, + * but otherwise access member directly for efficiency */ + mbedtls_ssl_conf_endpoint( conf, endpoint ); + mbedtls_ssl_conf_transport( conf, transport ); + + /* + * Things that are common to all presets + */ +#if defined(MBEDTLS_SSL_CLI_C) + if( endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED; +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED; +#endif + } +#endif + +#if defined(MBEDTLS_ARC4_C) + conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED; +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + conf->f_cookie_write = ssl_cookie_write_dummy; + conf->f_cookie_check = ssl_cookie_check_dummy; +#endif + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_SRV_C) + conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN; + conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX; +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; + memset( conf->renego_period, 0x00, 2 ); + memset( conf->renego_period + 2, 0xFF, 6 ); +#endif + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + { + const unsigned char dhm_p[] = + MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; + const unsigned char dhm_g[] = + MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; + + if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf, + dhm_p, sizeof( dhm_p ), + dhm_g, sizeof( dhm_g ) ) ) != 0 ) + { + return( ret ); + } + } +#endif + + /* + * Preset-specific defaults + */ + switch( preset ) + { + /* + * NSA Suite B + */ + case MBEDTLS_SSL_PRESET_SUITEB: + conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; + conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */ + conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; + conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; + + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + ssl_preset_suiteb_ciphersuites; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + conf->sig_hashes = ssl_preset_suiteb_hashes; +#endif + +#if defined(MBEDTLS_ECP_C) + conf->curve_list = ssl_preset_suiteb_curves; +#endif + break; + + /* + * Default + */ + default: + conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION > + MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ? + MBEDTLS_SSL_MIN_MAJOR_VERSION : + MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION; + conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION > + MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ? + MBEDTLS_SSL_MIN_MINOR_VERSION : + MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; + conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; + conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; +#endif + + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + mbedtls_ssl_list_ciphersuites(); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + conf->cert_profile = &mbedtls_x509_crt_profile_default; +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + conf->sig_hashes = ssl_preset_default_hashes; +#endif + +#if defined(MBEDTLS_ECP_C) + conf->curve_list = mbedtls_ecp_grp_id_list(); +#endif + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) + conf->dhm_min_bitlen = 1024; +#endif + } + + return( 0 ); +} + +/* + * Free mbedtls_ssl_config + */ +void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) +{ +#if defined(MBEDTLS_DHM_C) + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( conf->psk != NULL ) + { + mbedtls_platform_zeroize( conf->psk, conf->psk_len ); + mbedtls_free( conf->psk ); + conf->psk = NULL; + conf->psk_len = 0; + } + + if( conf->psk_identity != NULL ) + { + mbedtls_platform_zeroize( conf->psk_identity, conf->psk_identity_len ); + mbedtls_free( conf->psk_identity ); + conf->psk_identity = NULL; + conf->psk_identity_len = 0; + } +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + ssl_key_cert_free( conf->key_cert ); +#endif + + mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) ); +} + +#if defined(MBEDTLS_PK_C) && \ + ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) ) +/* + * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX + */ +unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ) +{ +#if defined(MBEDTLS_RSA_C) + if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) ) + return( MBEDTLS_SSL_SIG_RSA ); +#endif +#if defined(MBEDTLS_ECDSA_C) + if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) ) + return( MBEDTLS_SSL_SIG_ECDSA ); +#endif + return( MBEDTLS_SSL_SIG_ANON ); +} + +unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ) +{ + switch( type ) { + case MBEDTLS_PK_RSA: + return( MBEDTLS_SSL_SIG_RSA ); + case MBEDTLS_PK_ECDSA: + case MBEDTLS_PK_ECKEY: + return( MBEDTLS_SSL_SIG_ECDSA ); + default: + return( MBEDTLS_SSL_SIG_ANON ); + } +} + +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) +{ + switch( sig ) + { +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_SSL_SIG_RSA: + return( MBEDTLS_PK_RSA ); +#endif +#if defined(MBEDTLS_ECDSA_C) + case MBEDTLS_SSL_SIG_ECDSA: + return( MBEDTLS_PK_ECDSA ); +#endif + default: + return( MBEDTLS_PK_NONE ); + } +} +#endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + +/* Find an entry in a signature-hash set matching a given hash algorithm. */ +mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg ) +{ + switch( sig_alg ) + { + case MBEDTLS_PK_RSA: + return( set->rsa ); + case MBEDTLS_PK_ECDSA: + return( set->ecdsa ); + default: + return( MBEDTLS_MD_NONE ); + } +} + +/* Add a signature-hash-pair to a signature-hash set */ +void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg ) +{ + switch( sig_alg ) + { + case MBEDTLS_PK_RSA: + if( set->rsa == MBEDTLS_MD_NONE ) + set->rsa = md_alg; + break; + + case MBEDTLS_PK_ECDSA: + if( set->ecdsa == MBEDTLS_MD_NONE ) + set->ecdsa = md_alg; + break; + + default: + break; + } +} + +/* Allow exactly one hash algorithm for each signature. */ +void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, + mbedtls_md_type_t md_alg ) +{ + set->rsa = md_alg; + set->ecdsa = md_alg; +} + +#endif /* MBEDTLS_SSL_PROTO_TLS1_2) && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +/* + * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX + */ +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) +{ + switch( hash ) + { +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_SSL_HASH_MD5: + return( MBEDTLS_MD_MD5 ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_SSL_HASH_SHA1: + return( MBEDTLS_MD_SHA1 ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_SSL_HASH_SHA224: + return( MBEDTLS_MD_SHA224 ); + case MBEDTLS_SSL_HASH_SHA256: + return( MBEDTLS_MD_SHA256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_SSL_HASH_SHA384: + return( MBEDTLS_MD_SHA384 ); + case MBEDTLS_SSL_HASH_SHA512: + return( MBEDTLS_MD_SHA512 ); +#endif + default: + return( MBEDTLS_MD_NONE ); + } +} + +/* + * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX + */ +unsigned char mbedtls_ssl_hash_from_md_alg( int md ) +{ + switch( md ) + { +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( MBEDTLS_SSL_HASH_MD5 ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( MBEDTLS_SSL_HASH_SHA1 ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( MBEDTLS_SSL_HASH_SHA224 ); + case MBEDTLS_MD_SHA256: + return( MBEDTLS_SSL_HASH_SHA256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( MBEDTLS_SSL_HASH_SHA384 ); + case MBEDTLS_MD_SHA512: + return( MBEDTLS_SSL_HASH_SHA512 ); +#endif + default: + return( MBEDTLS_SSL_HASH_NONE ); + } +} + +#if defined(MBEDTLS_ECP_C) +/* + * Check if a curve proposed by the peer is in our list. + * Return 0 if we're willing to use it, -1 otherwise. + */ +int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) +{ + const mbedtls_ecp_group_id *gid; + + if( ssl->conf->curve_list == NULL ) + return( -1 ); + + for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) + if( *gid == grp_id ) + return( 0 ); + + return( -1 ); +} +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +/* + * Check if a hash proposed by the peer is in our list. + * Return 0 if we're willing to use it, -1 otherwise. + */ +int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md ) +{ + const int *cur; + + if( ssl->conf->sig_hashes == NULL ) + return( -1 ); + + for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) + if( *cur == (int) md ) + return( 0 ); + + return( -1 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags ) +{ + int ret = 0; +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + int usage = 0; +#endif +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + const char *ext_oid; + size_t ext_len; +#endif + +#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) && \ + !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + ((void) cert); + ((void) cert_endpoint); + ((void) flags); +#endif + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) + { + /* Server part of the key exchange */ + switch( ciphersuite->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT; + break; + + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; + break; + + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + usage = MBEDTLS_X509_KU_KEY_AGREEMENT; + break; + + /* Don't use default: we want warnings when adding new values */ + case MBEDTLS_KEY_EXCHANGE_NONE: + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + usage = 0; + } + } + else + { + /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */ + usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; + } + + if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 ) + { + *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE; + ret = -1; + } +#else + ((void) ciphersuite); +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ + +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) + { + ext_oid = MBEDTLS_OID_SERVER_AUTH; + ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ); + } + else + { + ext_oid = MBEDTLS_OID_CLIENT_AUTH; + ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH ); + } + + if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 ) + { + *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE; + ret = -1; + } +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ + + return( ret ); +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/* + * Convert version numbers to/from wire format + * and, for DTLS, to/from TLS equivalent. + * + * For TLS this is the identity. + * For DTLS, use 1's complement (v -> 255 - v, and then map as follows: + * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) + * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) + */ +void mbedtls_ssl_write_version( int major, int minor, int transport, + unsigned char ver[2] ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) + --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ + + ver[0] = (unsigned char)( 255 - ( major - 2 ) ); + ver[1] = (unsigned char)( 255 - ( minor - 1 ) ); + } + else +#else + ((void) transport); +#endif + { + ver[0] = (unsigned char) major; + ver[1] = (unsigned char) minor; + } +} + +void mbedtls_ssl_read_version( int *major, int *minor, int transport, + const unsigned char ver[2] ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + *major = 255 - ver[0] + 2; + *minor = 255 - ver[1] + 1; + + if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) + ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ + } + else +#else + ((void) transport); +#endif + { + *major = ver[0]; + *minor = ver[1]; + } +} + +int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) +{ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + + switch( md ) + { +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_SSL_HASH_MD5: + return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_SSL_HASH_SHA1: + ssl->handshake->calc_verify = ssl_calc_verify_tls; + break; +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_SSL_HASH_SHA384: + ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; + break; +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_SSL_HASH_SHA256: + ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256; + break; +#endif + default: + return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + } + + return 0; +#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */ + (void) ssl; + (void) md; + + return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +} + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) +int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, + unsigned char *output, + unsigned char *data, size_t data_len ) +{ + int ret = 0; + mbedtls_md5_context mbedtls_md5; + mbedtls_sha1_context mbedtls_sha1; + + mbedtls_md5_init( &mbedtls_md5 ); + mbedtls_sha1_init( &mbedtls_sha1 ); + + /* + * digitally-signed struct { + * opaque md5_hash[16]; + * opaque sha_hash[20]; + * }; + * + * md5_hash + * MD5(ClientHello.random + ServerHello.random + * + ServerParams); + * sha_hash + * SHA(ClientHello.random + ServerHello.random + * + ServerParams); + */ + if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret ); + goto exit; + } + if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, + ssl->handshake->randbytes, 64 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); + goto exit; + } + if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); + goto exit; + } + if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret ); + goto exit; + } + + if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret ); + goto exit; + } + if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, + ssl->handshake->randbytes, 64 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); + goto exit; + } + if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data, + data_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); + goto exit; + } + if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1, + output + 16 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret ); + goto exit; + } + +exit: + mbedtls_md5_free( &mbedtls_md5 ); + mbedtls_sha1_free( &mbedtls_sha1 ); + + if( ret != 0 ) + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + + return( ret ); + +} +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg ) +{ + psa_status_t status; + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; + psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) ); + + if( ( status = psa_hash_setup( &hash_operation, + hash_alg ) ) != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status ); + goto exit; + } + + if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes, + 64 ) ) != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); + goto exit; + } + + if( ( status = psa_hash_update( &hash_operation, + data, data_len ) ) != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); + goto exit; + } + + if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE, + hashlen ) ) != PSA_SUCCESS ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status ); + goto exit; + } + +exit: + if( status != PSA_SUCCESS ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + switch( status ) + { + case PSA_ERROR_NOT_SUPPORTED: + return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */ + case PSA_ERROR_BUFFER_TOO_SMALL: + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + case PSA_ERROR_INSUFFICIENT_MEMORY: + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + default: + return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED ); + } + } + return( 0 ); +} + +#else + +int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg ) +{ + int ret = 0; + mbedtls_md_context_t ctx; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); + *hashlen = mbedtls_md_get_size( md_info ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform mbedtls-based computation of digest of ServerKeyExchange" ) ); + + mbedtls_md_init( &ctx ); + + /* + * digitally-signed struct { + * opaque client_random[32]; + * opaque server_random[32]; + * ServerDHParams params; + * }; + */ + if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); + goto exit; + } + if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret ); + goto exit; + } + if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); + goto exit; + } + if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); + goto exit; + } + if( ( ret = mbedtls_md_finish( &ctx, hash ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret ); + goto exit; + } + +exit: + mbedtls_md_free( &ctx ); + + if( ret != 0 ) + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + + return( ret ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ + +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/library/x509.c b/library/x509.c new file mode 100644 index 000000000..3f8e29071 --- /dev/null +++ b/library/x509.c @@ -0,0 +1,1062 @@ +/* + * X.509 common functions for parsing and verification + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * The ITU-T X.509 standard defines a certificate format for PKI. + * + * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) + * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) + * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) + * + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_USE_C) + +#include "mbedtls/x509.h" +#include "mbedtls/asn1.h" +#include "mbedtls/oid.h" + +#include +#include + +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_printf printf +#define mbedtls_snprintf snprintf +#endif + +#if defined(MBEDTLS_HAVE_TIME) +#include "mbedtls/platform_time.h" +#endif +#if defined(MBEDTLS_HAVE_TIME_DATE) +#include "mbedtls/platform_util.h" +#include +#endif + +#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); } +#define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); } + +/* + * CertificateSerialNumber ::= INTEGER + */ +int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial ) +{ + int ret; + + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_SERIAL + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && + **p != MBEDTLS_ASN1_INTEGER ) + return( MBEDTLS_ERR_X509_INVALID_SERIAL + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + + serial->tag = *(*p)++; + + if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret ); + + serial->p = *p; + *p += serial->len; + + return( 0 ); +} + +/* Get an algorithm identifier without parameters (eg for signatures) + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + */ +int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg ) +{ + int ret; + + if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + return( 0 ); +} + +/* + * Parse an algorithm identifier with (optional) parameters + */ +int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params ) +{ + int ret; + + if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + return( 0 ); +} + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) +/* + * HashAlgorithm ::= AlgorithmIdentifier + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + * + * For HashAlgorithm, parameters MUST be NULL or absent. + */ +static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg ) +{ + int ret; + unsigned char *p; + const unsigned char *end; + mbedtls_x509_buf md_oid; + size_t len; + + /* Make sure we got a SEQUENCE and setup bounds */ + if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + + p = (unsigned char *) alg->p; + end = p + alg->len; + + if( p >= end ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + /* Parse md_oid */ + md_oid.tag = *p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + md_oid.p = p; + p += md_oid.len; + + /* Get md_alg from md_oid */ + if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + /* Make sure params is absent of NULL */ + if( p == end ) + return( 0 ); + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p != end ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * RSASSA-PSS-params ::= SEQUENCE { + * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, + * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, + * saltLength [2] INTEGER DEFAULT 20, + * trailerField [3] INTEGER DEFAULT 1 } + * -- Note that the tags in this Sequence are explicit. + * + * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value + * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other + * option. Enfore this at parsing time. + */ +int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len ) +{ + int ret; + unsigned char *p; + const unsigned char *end, *end2; + size_t len; + mbedtls_x509_buf alg_id, alg_params; + + /* First set everything to defaults */ + *md_alg = MBEDTLS_MD_SHA1; + *mgf_md = MBEDTLS_MD_SHA1; + *salt_len = 20; + + /* Make sure params is a SEQUENCE and setup bounds */ + if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + + p = (unsigned char *) params->p; + end = p + params->len; + + if( p == end ) + return( 0 ); + + /* + * HashAlgorithm + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) + { + end2 = p + len; + + /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ + if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p != end2 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p == end ) + return( 0 ); + + /* + * MaskGenAlgorithm + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) + { + end2 = p + len; + + /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ + if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) + return( ret ); + + /* Only MFG1 is recognised for now */ + if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + + MBEDTLS_ERR_OID_NOT_FOUND ); + + /* Parse HashAlgorithm */ + if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) + return( ret ); + + if( p != end2 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p == end ) + return( 0 ); + + /* + * salt_len + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 ) + { + end2 = p + len; + + if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p != end2 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p == end ) + return( 0 ); + + /* + * trailer_field (if present, must be 1) + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 ) + { + int trailer_field; + + end2 = p + len; + + if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p != end2 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + if( trailer_field != 1 ) + return( MBEDTLS_ERR_X509_INVALID_ALG ); + } + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + + if( p != end ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + +/* + * AttributeTypeAndValue ::= SEQUENCE { + * type AttributeType, + * value AttributeValue } + * + * AttributeType ::= OBJECT IDENTIFIER + * + * AttributeValue ::= ANY DEFINED BY AttributeType + */ +static int x509_get_attr_type_value( unsigned char **p, + const unsigned char *end, + mbedtls_x509_name *cur ) +{ + int ret; + size_t len; + mbedtls_x509_buf *oid; + mbedtls_x509_buf *val; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + oid = &cur->oid; + oid->tag = **p; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + + oid->p = *p; + *p += oid->len; + + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && + **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && + **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && + **p != MBEDTLS_ASN1_BIT_STRING ) + return( MBEDTLS_ERR_X509_INVALID_NAME + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + + val = &cur->val; + val->tag = *(*p)++; + + if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + + val->p = *p; + *p += val->len; + + cur->next = NULL; + + return( 0 ); +} + +/* + * Name ::= CHOICE { -- only one possibility for now -- + * rdnSequence RDNSequence } + * + * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + * + * RelativeDistinguishedName ::= + * SET OF AttributeTypeAndValue + * + * AttributeTypeAndValue ::= SEQUENCE { + * type AttributeType, + * value AttributeValue } + * + * AttributeType ::= OBJECT IDENTIFIER + * + * AttributeValue ::= ANY DEFINED BY AttributeType + * + * The data structure is optimized for the common case where each RDN has only + * one element, which is represented as a list of AttributeTypeAndValue. + * For the general case we still use a flat list, but we mark elements of the + * same set so that they are "merged" together in the functions that consume + * this list, eg mbedtls_x509_dn_gets(). + */ +int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur ) +{ + int ret; + size_t set_len; + const unsigned char *end_set; + + /* don't use recursion, we'd risk stack overflow if not optimized */ + while( 1 ) + { + /* + * parse SET + */ + if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + + end_set = *p + set_len; + + while( 1 ) + { + if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 ) + return( ret ); + + if( *p == end_set ) + break; + + /* Mark this item as being no the only one in a set */ + cur->next_merged = 1; + + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); + + if( cur->next == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + cur = cur->next; + } + + /* + * continue until end of SEQUENCE is reached + */ + if( *p == end ) + return( 0 ); + + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); + + if( cur->next == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + cur = cur->next; + } +} + +static int x509_parse_int( unsigned char **p, size_t n, int *res ) +{ + *res = 0; + + for( ; n > 0; --n ) + { + if( ( **p < '0') || ( **p > '9' ) ) + return ( MBEDTLS_ERR_X509_INVALID_DATE ); + + *res *= 10; + *res += ( *(*p)++ - '0' ); + } + + return( 0 ); +} + +static int x509_date_is_valid(const mbedtls_x509_time *t ) +{ + int ret = MBEDTLS_ERR_X509_INVALID_DATE; + int month_len; + + CHECK_RANGE( 0, 9999, t->year ); + CHECK_RANGE( 0, 23, t->hour ); + CHECK_RANGE( 0, 59, t->min ); + CHECK_RANGE( 0, 59, t->sec ); + + switch( t->mon ) + { + case 1: case 3: case 5: case 7: case 8: case 10: case 12: + month_len = 31; + break; + case 4: case 6: case 9: case 11: + month_len = 30; + break; + case 2: + if( ( !( t->year % 4 ) && t->year % 100 ) || + !( t->year % 400 ) ) + month_len = 29; + else + month_len = 28; + break; + default: + return( ret ); + } + CHECK_RANGE( 1, month_len, t->day ); + + return( 0 ); +} + +/* + * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4) + * field. + */ +static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, + mbedtls_x509_time *tm ) +{ + int ret; + + /* + * Minimum length is 10 or 12 depending on yearlen + */ + if ( len < yearlen + 8 ) + return ( MBEDTLS_ERR_X509_INVALID_DATE ); + len -= yearlen + 8; + + /* + * Parse year, month, day, hour, minute + */ + CHECK( x509_parse_int( p, yearlen, &tm->year ) ); + if ( 2 == yearlen ) + { + if ( tm->year < 50 ) + tm->year += 100; + + tm->year += 1900; + } + + CHECK( x509_parse_int( p, 2, &tm->mon ) ); + CHECK( x509_parse_int( p, 2, &tm->day ) ); + CHECK( x509_parse_int( p, 2, &tm->hour ) ); + CHECK( x509_parse_int( p, 2, &tm->min ) ); + + /* + * Parse seconds if present + */ + if ( len >= 2 ) + { + CHECK( x509_parse_int( p, 2, &tm->sec ) ); + len -= 2; + } + else + return ( MBEDTLS_ERR_X509_INVALID_DATE ); + + /* + * Parse trailing 'Z' if present + */ + if ( 1 == len && 'Z' == **p ) + { + (*p)++; + len--; + } + + /* + * We should have parsed all characters at this point + */ + if ( 0 != len ) + return ( MBEDTLS_ERR_X509_INVALID_DATE ); + + CHECK( x509_date_is_valid( tm ) ); + + return ( 0 ); +} + +/* + * Time ::= CHOICE { + * utcTime UTCTime, + * generalTime GeneralizedTime } + */ +int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, + mbedtls_x509_time *tm ) +{ + int ret; + size_t len, year_len; + unsigned char tag; + + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + tag = **p; + + if( tag == MBEDTLS_ASN1_UTC_TIME ) + year_len = 2; + else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) + year_len = 4; + else + return( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + + (*p)++; + ret = mbedtls_asn1_get_len( p, end, &len ); + + if( ret != 0 ) + return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); + + return x509_parse_time( p, len, year_len, tm ); +} + +int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) +{ + int ret; + size_t len; + int tag_type; + + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + tag_type = **p; + + if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); + + sig->tag = tag_type; + sig->len = len; + sig->p = *p; + + *p += len; + + return( 0 ); +} + +/* + * Get signature algorithm from alg OID and optional parameters + */ +int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts ) +{ + int ret; + + if( *sig_opts != NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret ); + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) + { + mbedtls_pk_rsassa_pss_options *pss_opts; + + pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) ); + if( pss_opts == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + ret = mbedtls_x509_get_rsassa_pss_params( sig_params, + md_alg, + &pss_opts->mgf1_hash_id, + &pss_opts->expected_salt_len ); + if( ret != 0 ) + { + mbedtls_free( pss_opts ); + return( ret ); + } + + *sig_opts = (void *) pss_opts; + } + else +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + { + /* Make sure parameters are absent or NULL */ + if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) || + sig_params->len != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG ); + } + + return( 0 ); +} + +/* + * X.509 Extensions (No parsing of extensions, pointer should + * be either manually updated or extensions should be parsed!) + */ +int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag ) +{ + int ret; + size_t len; + + if( *p == end ) + return( 0 ); + + ext->tag = **p; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ) ) != 0 ) + return( ret ); + + ext->p = *p; + end = *p + ext->len; + + /* + * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension + * + * Extension ::= SEQUENCE { + * extnID OBJECT IDENTIFIER, + * critical BOOLEAN DEFAULT FALSE, + * extnValue OCTET STRING } + */ + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( end != *p + len ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * Store the name in printable form into buf; no more + * than size characters will be written + */ +int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) +{ + int ret; + size_t i, n; + unsigned char c, merge = 0; + const mbedtls_x509_name *name; + const char *short_name = NULL; + char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; + + memset( s, 0, sizeof( s ) ); + + name = dn; + p = buf; + n = size; + + while( name != NULL ) + { + if( !name->oid.p ) + { + name = name->next; + continue; + } + + if( name != dn ) + { + ret = mbedtls_snprintf( p, n, merge ? " + " : ", " ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name ); + + if( ret == 0 ) + ret = mbedtls_snprintf( p, n, "%s=", short_name ); + else + ret = mbedtls_snprintf( p, n, "\?\?=" ); + MBEDTLS_X509_SAFE_SNPRINTF; + + for( i = 0; i < name->val.len; i++ ) + { + if( i >= sizeof( s ) - 1 ) + break; + + c = name->val.p[i]; + if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) + s[i] = '?'; + else s[i] = c; + } + s[i] = '\0'; + ret = mbedtls_snprintf( p, n, "%s", s ); + MBEDTLS_X509_SAFE_SNPRINTF; + + merge = name->next_merged; + name = name->next; + } + + return( (int) ( size - n ) ); +} + +/* + * Store the serial in printable form into buf; no more + * than size characters will be written + */ +int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ) +{ + int ret; + size_t i, n, nr; + char *p; + + p = buf; + n = size; + + nr = ( serial->len <= 32 ) + ? serial->len : 28; + + for( i = 0; i < nr; i++ ) + { + if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) + continue; + + ret = mbedtls_snprintf( p, n, "%02X%s", + serial->p[i], ( i < nr - 1 ) ? ":" : "" ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + if( nr != serial->len ) + { + ret = mbedtls_snprintf( p, n, "...." ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + return( (int) ( size - n ) ); +} + +/* + * Helper for writing signature algorithms + */ +int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts ) +{ + int ret; + char *p = buf; + size_t n = size; + const char *desc = NULL; + + ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); + if( ret != 0 ) + ret = mbedtls_snprintf( p, n, "???" ); + else + ret = mbedtls_snprintf( p, n, "%s", desc ); + MBEDTLS_X509_SAFE_SNPRINTF; + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) + { + const mbedtls_pk_rsassa_pss_options *pss_opts; + const mbedtls_md_info_t *md_info, *mgf_md_info; + + pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; + + md_info = mbedtls_md_info_from_type( md_alg ); + mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); + + ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", + md_info ? mbedtls_md_get_name( md_info ) : "???", + mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", + pss_opts->expected_salt_len ); + MBEDTLS_X509_SAFE_SNPRINTF; + } +#else + ((void) pk_alg); + ((void) md_alg); + ((void) sig_opts); +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + + return( (int)( size - n ) ); +} + +/* + * Helper for writing "RSA key size", "EC key size", etc + */ +int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) +{ + char *p = buf; + size_t n = buf_size; + int ret; + + ret = mbedtls_snprintf( p, n, "%s key size", name ); + MBEDTLS_X509_SAFE_SNPRINTF; + + return( 0 ); +} + +#if defined(MBEDTLS_HAVE_TIME_DATE) +/* + * Set the time structure to the current time. + * Return 0 on success, non-zero on failure. + */ +static int x509_get_current_time( mbedtls_x509_time *now ) +{ + struct tm *lt, tm_buf; + mbedtls_time_t tt; + int ret = 0; + + tt = mbedtls_time( NULL ); + lt = mbedtls_platform_gmtime_r( &tt, &tm_buf ); + + if( lt == NULL ) + ret = -1; + else + { + now->year = lt->tm_year + 1900; + now->mon = lt->tm_mon + 1; + now->day = lt->tm_mday; + now->hour = lt->tm_hour; + now->min = lt->tm_min; + now->sec = lt->tm_sec; + } + + return( ret ); +} + +/* + * Return 0 if before <= after, 1 otherwise + */ +static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after ) +{ + if( before->year > after->year ) + return( 1 ); + + if( before->year == after->year && + before->mon > after->mon ) + return( 1 ); + + if( before->year == after->year && + before->mon == after->mon && + before->day > after->day ) + return( 1 ); + + if( before->year == after->year && + before->mon == after->mon && + before->day == after->day && + before->hour > after->hour ) + return( 1 ); + + if( before->year == after->year && + before->mon == after->mon && + before->day == after->day && + before->hour == after->hour && + before->min > after->min ) + return( 1 ); + + if( before->year == after->year && + before->mon == after->mon && + before->day == after->day && + before->hour == after->hour && + before->min == after->min && + before->sec > after->sec ) + return( 1 ); + + return( 0 ); +} + +int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) +{ + mbedtls_x509_time now; + + if( x509_get_current_time( &now ) != 0 ) + return( 1 ); + + return( x509_check_time( &now, to ) ); +} + +int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) +{ + mbedtls_x509_time now; + + if( x509_get_current_time( &now ) != 0 ) + return( 1 ); + + return( x509_check_time( from, &now ) ); +} + +#else /* MBEDTLS_HAVE_TIME_DATE */ + +int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) +{ + ((void) to); + return( 0 ); +} + +int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) +{ + ((void) from); + return( 0 ); +} +#endif /* MBEDTLS_HAVE_TIME_DATE */ + +#if defined(MBEDTLS_SELF_TEST) + +#include "mbedtls/x509_crt.h" +#include "mbedtls/certs.h" + +/* + * Checkup routine + */ +int mbedtls_x509_self_test( int verbose ) +{ + int ret = 0; +#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) + uint32_t flags; + mbedtls_x509_crt cacert; + mbedtls_x509_crt clicert; + + if( verbose != 0 ) + mbedtls_printf( " X.509 certificate load: " ); + + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &clicert ); + + ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len ); + if( ret != 0 ) + { + if( verbose != 0 ) + mbedtls_printf( "failed\n" ); + + goto cleanup; + } + + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, + mbedtls_test_ca_crt_len ); + if( ret != 0 ) + { + if( verbose != 0 ) + mbedtls_printf( "failed\n" ); + + goto cleanup; + } + + if( verbose != 0 ) + mbedtls_printf( "passed\n X.509 signature verify: "); + + ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); + if( ret != 0 ) + { + if( verbose != 0 ) + mbedtls_printf( "failed\n" ); + + goto cleanup; + } + + if( verbose != 0 ) + mbedtls_printf( "passed\n\n"); + +cleanup: + mbedtls_x509_crt_free( &cacert ); + mbedtls_x509_crt_free( &clicert ); +#else + ((void) verbose); +#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */ + return( ret ); +} + +#endif /* MBEDTLS_SELF_TEST */ + +#endif /* MBEDTLS_X509_USE_C */ diff --git a/library/x509_create.c b/library/x509_create.c new file mode 100644 index 000000000..546e8fa1a --- /dev/null +++ b/library/x509_create.c @@ -0,0 +1,379 @@ +/* + * X.509 base functions for creating certificates / CSRs + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_CREATE_C) + +#include "mbedtls/x509.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/oid.h" + +#include + +/* Structure linking OIDs for X.509 DN AttributeTypes to their + * string representations and default string encodings used by Mbed TLS. */ +typedef struct { + const char *name; /* String representation of AttributeType, e.g. + * "CN" or "emailAddress". */ + size_t name_len; /* Length of 'name', without trailing 0 byte. */ + const char *oid; /* String representation of OID of AttributeType, + * as per RFC 5280, Appendix A.1. */ + int default_tag; /* The default character encoding used for the + * given attribute type, e.g. + * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ +} x509_attr_descriptor_t; + +#define ADD_STRLEN( s ) s, sizeof( s ) - 1 + +/* X.509 DN attributes from RFC 5280, Appendix A.1. */ +static const x509_attr_descriptor_t x509_attrs[] = +{ + { ADD_STRLEN( "CN" ), + MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "commonName" ), + MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "C" ), + MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "countryName" ), + MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "O" ), + MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "organizationName" ), + MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "L" ), + MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "locality" ), + MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "R" ), + MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, + { ADD_STRLEN( "OU" ), + MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "organizationalUnitName" ), + MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "ST" ), + MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "stateOrProvinceName" ), + MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "emailAddress" ), + MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, + { ADD_STRLEN( "serialNumber" ), + MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "postalAddress" ), + MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "postalCode" ), + MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "dnQualifier" ), + MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "title" ), + MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "surName" ), + MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "SN" ), + MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "givenName" ), + MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "GN" ), + MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "initials" ), + MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "pseudonym" ), + MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "generationQualifier" ), + MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "domainComponent" ), + MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, + { ADD_STRLEN( "DC" ), + MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, + { NULL, 0, NULL, MBEDTLS_ASN1_NULL } +}; + +static const x509_attr_descriptor_t *x509_attr_descr_from_name( const char *name, size_t name_len ) +{ + const x509_attr_descriptor_t *cur; + + for( cur = x509_attrs; cur->name != NULL; cur++ ) + if( cur->name_len == name_len && + strncmp( cur->name, name, name_len ) == 0 ) + break; + + if ( cur->name == NULL ) + return( NULL ); + + return( cur ); +} + +int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) +{ + int ret = 0; + const char *s = name, *c = s; + const char *end = s + strlen( s ); + const char *oid = NULL; + const x509_attr_descriptor_t* attr_descr = NULL; + int in_tag = 1; + char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; + char *d = data; + + /* Clear existing chain if present */ + mbedtls_asn1_free_named_data_list( head ); + + while( c <= end ) + { + if( in_tag && *c == '=' ) + { + if( ( attr_descr = x509_attr_descr_from_name( s, c - s ) ) == NULL ) + { + ret = MBEDTLS_ERR_X509_UNKNOWN_OID; + goto exit; + } + + oid = attr_descr->oid; + s = c + 1; + in_tag = 0; + d = data; + } + + if( !in_tag && *c == '\\' && c != end ) + { + c++; + + /* Check for valid escaped characters */ + if( c == end || *c != ',' ) + { + ret = MBEDTLS_ERR_X509_INVALID_NAME; + goto exit; + } + } + else if( !in_tag && ( *c == ',' || c == end ) ) + { + mbedtls_asn1_named_data* cur = + mbedtls_asn1_store_named_data( head, oid, strlen( oid ), + (unsigned char *) data, + d - data ); + + if(cur == NULL ) + { + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + } + + // set tagType + cur->val.tag = attr_descr->default_tag; + + while( c < end && *(c + 1) == ' ' ) + c++; + + s = c + 1; + in_tag = 1; + } + + if( !in_tag && s != c + 1 ) + { + *(d++) = *c; + + if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE ) + { + ret = MBEDTLS_ERR_X509_INVALID_NAME; + goto exit; + } + } + + c++; + } + +exit: + + return( ret ); +} + +/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved + * to store the critical boolean for us + */ +int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, size_t val_len ) +{ + mbedtls_asn1_named_data *cur; + + if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len, + NULL, val_len + 1 ) ) == NULL ) + { + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + } + + cur->val.p[0] = critical; + memcpy( cur->val.p + 1, val, val_len ); + + return( 0 ); +} + +/* + * RelativeDistinguishedName ::= + * SET OF AttributeTypeAndValue + * + * AttributeTypeAndValue ::= SEQUENCE { + * type AttributeType, + * value AttributeValue } + * + * AttributeType ::= OBJECT IDENTIFIER + * + * AttributeValue ::= ANY DEFINED BY AttributeType + */ +static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name) +{ + int ret; + size_t len = 0; + const char *oid = (const char*)cur_name->oid.p; + size_t oid_len = cur_name->oid.len; + const unsigned char *name = cur_name->val.p; + size_t name_len = cur_name->val.len; + + // Write correct string tag and value + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tagged_string( p, start, + cur_name->val.tag, + (const char *) name, + name_len ) ); + // Write OID + // + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, + oid_len ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SET ) ); + + return( (int) len ); +} + +int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ) +{ + int ret; + size_t len = 0; + mbedtls_asn1_named_data *cur = first; + + while( cur != NULL ) + { + MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) ); + cur = cur->next; + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + return( (int) len ); +} + +int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size ) +{ + int ret; + size_t len = 0; + + if( *p < start || (size_t)( *p - start ) < size ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + len = size; + (*p) -= len; + memcpy( *p, sig, len ); + + if( *p - start < 1 ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = 0; + len += 1; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); + + // Write OID + // + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid, + oid_len, 0 ) ); + + return( (int) len ); +} + +static int x509_write_extension( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *ext ) +{ + int ret; + size_t len = 0; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1, + ext->val.len - 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); + + if( ext->val.p[0] != 0 ) + { + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) ); + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p, + ext->oid.len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + return( (int) len ); +} + +/* + * Extension ::= SEQUENCE { + * extnID OBJECT IDENTIFIER, + * critical BOOLEAN DEFAULT FALSE, + * extnValue OCTET STRING + * -- contains the DER encoding of an ASN.1 value + * -- corresponding to the extension type identified + * -- by extnID + * } + */ +int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ) +{ + int ret; + size_t len = 0; + mbedtls_asn1_named_data *cur_ext = first; + + while( cur_ext != NULL ) + { + MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); + cur_ext = cur_ext->next; + } + + return( (int) len ); +} + +#endif /* MBEDTLS_X509_CREATE_C */ diff --git a/library/x509_crl.c b/library/x509_crl.c new file mode 100644 index 000000000..8450f87e0 --- /dev/null +++ b/library/x509_crl.c @@ -0,0 +1,773 @@ +/* + * X.509 Certidicate Revocation List (CRL) parsing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * The ITU-T X.509 standard defines a certificate format for PKI. + * + * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) + * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) + * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) + * + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_CRL_PARSE_C) + +#include "mbedtls/x509_crl.h" +#include "mbedtls/oid.h" +#include "mbedtls/platform_util.h" + +#include + +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_snprintf snprintf +#endif + +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) +#include +#else +#include +#endif + +#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) +#include +#endif + +/* + * Version ::= INTEGER { v1(0), v2(1) } + */ +static int x509_crl_get_version( unsigned char **p, + const unsigned char *end, + int *ver ) +{ + int ret; + + if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + { + *ver = 0; + return( 0 ); + } + + return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + } + + return( 0 ); +} + +/* + * X.509 CRL v2 extensions + * + * We currently don't parse any extension's content, but we do check that the + * list of extensions is well-formed and abort on critical extensions (that + * are unsupported as we don't support any extension so far) + */ +static int x509_get_crl_ext( unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *ext ) +{ + int ret; + + /* + * crlExtensions [0] EXPLICIT Extensions OPTIONAL + * -- if present, version MUST be v2 + */ + if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + while( *p < end ) + { + /* + * Extension ::= SEQUENCE { + * extnID OBJECT IDENTIFIER, + * critical BOOLEAN DEFAULT FALSE, + * extnValue OCTET STRING } + */ + int is_critical = 0; + const unsigned char *end_ext_data; + size_t len; + + /* Get enclosing sequence tag */ + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + end_ext_data = *p + len; + + /* Get OID (currently ignored) */ + if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, + MBEDTLS_ASN1_OID ) ) != 0 ) + { + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + } + *p += len; + + /* Get optional critical */ + if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, + &is_critical ) ) != 0 && + ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) + { + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + } + + /* Data should be octet string type */ + if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + /* Ignore data so far and just check its length */ + *p += len; + if( *p != end_ext_data ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + /* Abort on (unsupported) critical extensions */ + if( is_critical ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + } + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 CRL v2 entry extensions (no extensions parsed yet.) + */ +static int x509_get_crl_entry_ext( unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *ext ) +{ + int ret; + size_t len = 0; + + /* OPTIONAL */ + if( end <= *p ) + return( 0 ); + + ext->tag = **p; + ext->p = *p; + + /* + * Get CRL-entry extension sequence header + * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 + */ + if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + { + ext->p = NULL; + return( 0 ); + } + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + } + + end = *p + ext->len; + + if( end != *p + ext->len ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + while( *p < end ) + { + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + *p += len; + } + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 CRL Entries + */ +static int x509_get_entries( unsigned char **p, + const unsigned char *end, + mbedtls_x509_crl_entry *entry ) +{ + int ret; + size_t entry_len; + mbedtls_x509_crl_entry *cur_entry = entry; + + if( *p == end ) + return( 0 ); + + if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + end = *p + entry_len; + + while( *p < end ) + { + size_t len2; + const unsigned char *end2; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len2, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) + { + return( ret ); + } + + cur_entry->raw.tag = **p; + cur_entry->raw.p = *p; + cur_entry->raw.len = len2; + end2 = *p + len2; + + if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_x509_get_time( p, end2, + &cur_entry->revocation_date ) ) != 0 ) + return( ret ); + + if( ( ret = x509_get_crl_entry_ext( p, end2, + &cur_entry->entry_ext ) ) != 0 ) + return( ret ); + + if( *p < end ) + { + cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) ); + + if( cur_entry->next == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + cur_entry = cur_entry->next; + } + } + + return( 0 ); +} + +/* + * Parse one CRLs in DER format and append it to the chained list + */ +int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, + const unsigned char *buf, size_t buflen ) +{ + int ret; + size_t len; + unsigned char *p = NULL, *end = NULL; + mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; + mbedtls_x509_crl *crl = chain; + + /* + * Check for valid input + */ + if( crl == NULL || buf == NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + + /* + * Add new CRL on the end of the chain if needed. + */ + while( crl->version != 0 && crl->next != NULL ) + crl = crl->next; + + if( crl->version != 0 && crl->next == NULL ) + { + crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ); + + if( crl->next == NULL ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + } + + mbedtls_x509_crl_init( crl->next ); + crl = crl->next; + } + + /* + * Copy raw DER-encoded CRL + */ + if( buflen == 0 ) + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + + p = mbedtls_calloc( 1, buflen ); + if( p == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + memcpy( p, buf, buflen ); + + crl->raw.p = p; + crl->raw.len = buflen; + + end = p + buflen; + + /* + * CertificateList ::= SEQUENCE { + * tbsCertList TBSCertList, + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING } + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + } + + if( len != (size_t) ( end - p ) ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + /* + * TBSCertList ::= SEQUENCE { + */ + crl->tbs.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + end = p + len; + crl->tbs.len = end - crl->tbs.p; + + /* + * Version ::= INTEGER OPTIONAL { v1(0), v2(1) } + * -- if present, MUST be v2 + * + * signature AlgorithmIdentifier + */ + if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || + ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + + if( crl->version < 0 || crl->version > 1 ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + } + + crl->version++; + + if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1, + &crl->sig_md, &crl->sig_pk, + &crl->sig_opts ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); + } + + /* + * issuer Name + */ + crl->issuer_raw.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + + crl->issuer_raw.len = p - crl->issuer_raw.p; + + /* + * thisUpdate Time + * nextUpdate Time OPTIONAL + */ + if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + + if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) + { + if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) && + ret != ( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + } + + /* + * revokedCertificates SEQUENCE OF SEQUENCE { + * userCertificate CertificateSerialNumber, + * revocationDate Time, + * crlEntryExtensions Extensions OPTIONAL + * -- if present, MUST be v2 + * } OPTIONAL + */ + if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + + /* + * crlExtensions EXPLICIT Extensions OPTIONAL + * -- if present, MUST be v2 + */ + if( crl->version == 2 ) + { + ret = x509_get_crl_ext( &p, end, &crl->crl_ext ); + + if( ret != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + } + + if( p != end ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + end = crl->raw.p + crl->raw.len; + + /* + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING + */ + if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + + if( crl->sig_oid.len != sig_oid2.len || + memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 || + sig_params1.len != sig_params2.len || + ( sig_params1.len != 0 && + memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_SIG_MISMATCH ); + } + + if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 ) + { + mbedtls_x509_crl_free( crl ); + return( ret ); + } + + if( p != end ) + { + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + return( 0 ); +} + +/* + * Parse one or more CRLs and add them to the chained list + */ +int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ) +{ +#if defined(MBEDTLS_PEM_PARSE_C) + int ret; + size_t use_len; + mbedtls_pem_context pem; + int is_pem = 0; + + if( chain == NULL || buf == NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + do + { + mbedtls_pem_init( &pem ); + + // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated + // string + if( buflen == 0 || buf[buflen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN X509 CRL-----", + "-----END X509 CRL-----", + buf, NULL, 0, &use_len ); + + if( ret == 0 ) + { + /* + * Was PEM encoded + */ + is_pem = 1; + + buflen -= use_len; + buf += use_len; + + if( ( ret = mbedtls_x509_crl_parse_der( chain, + pem.buf, pem.buflen ) ) != 0 ) + { + mbedtls_pem_free( &pem ); + return( ret ); + } + } + else if( is_pem ) + { + mbedtls_pem_free( &pem ); + return( ret ); + } + + mbedtls_pem_free( &pem ); + } + /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte. + * And a valid CRL cannot be less than 1 byte anyway. */ + while( is_pem && buflen > 1 ); + + if( is_pem ) + return( 0 ); + else +#endif /* MBEDTLS_PEM_PARSE_C */ + return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) ); +} + +#if defined(MBEDTLS_FS_IO) +/* + * Load one or more CRLs and add them to the chained list + */ +int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = mbedtls_x509_crl_parse( chain, buf, n ); + + mbedtls_platform_zeroize( buf, n ); + mbedtls_free( buf ); + + return( ret ); +} +#endif /* MBEDTLS_FS_IO */ + +/* + * Return an informational string about the certificate. + */ +#define BEFORE_COLON 14 +#define BC "14" +/* + * Return an informational string about the CRL. + */ +int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl ) +{ + int ret; + size_t n; + char *p; + const mbedtls_x509_crl_entry *entry; + + p = buf; + n = size; + + ret = mbedtls_snprintf( p, n, "%sCRL version : %d", + prefix, crl->version ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &crl->issuer ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%sthis update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->this_update.year, crl->this_update.mon, + crl->this_update.day, crl->this_update.hour, + crl->this_update.min, crl->this_update.sec ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%snext update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->next_update.year, crl->next_update.mon, + crl->next_update.day, crl->next_update.hour, + crl->next_update.min, crl->next_update.sec ); + MBEDTLS_X509_SAFE_SNPRINTF; + + entry = &crl->entry; + + ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:", + prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + while( entry != NULL && entry->raw.len != 0 ) + { + ret = mbedtls_snprintf( p, n, "\n%sserial number: ", + prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_serial_gets( p, n, &entry->serial ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, " revocation date: " \ + "%04d-%02d-%02d %02d:%02d:%02d", + entry->revocation_date.year, entry->revocation_date.mon, + entry->revocation_date.day, entry->revocation_date.hour, + entry->revocation_date.min, entry->revocation_date.sec ); + MBEDTLS_X509_SAFE_SNPRINTF; + + entry = entry->next; + } + + ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, + crl->sig_opts ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n" ); + MBEDTLS_X509_SAFE_SNPRINTF; + + return( (int) ( size - n ) ); +} + +/* + * Initialize a CRL chain + */ +void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ) +{ + memset( crl, 0, sizeof(mbedtls_x509_crl) ); +} + +/* + * Unallocate all CRL data + */ +void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) +{ + mbedtls_x509_crl *crl_cur = crl; + mbedtls_x509_crl *crl_prv; + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; + mbedtls_x509_crl_entry *entry_cur; + mbedtls_x509_crl_entry *entry_prv; + + if( crl == NULL ) + return; + + do + { +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + mbedtls_free( crl_cur->sig_opts ); +#endif + + name_cur = crl_cur->issuer.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); + } + + entry_cur = crl_cur->entry.next; + while( entry_cur != NULL ) + { + entry_prv = entry_cur; + entry_cur = entry_cur->next; + mbedtls_platform_zeroize( entry_prv, + sizeof( mbedtls_x509_crl_entry ) ); + mbedtls_free( entry_prv ); + } + + if( crl_cur->raw.p != NULL ) + { + mbedtls_platform_zeroize( crl_cur->raw.p, crl_cur->raw.len ); + mbedtls_free( crl_cur->raw.p ); + } + + crl_cur = crl_cur->next; + } + while( crl_cur != NULL ); + + crl_cur = crl; + do + { + crl_prv = crl_cur; + crl_cur = crl_cur->next; + + mbedtls_platform_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) ); + if( crl_prv != crl ) + mbedtls_free( crl_prv ); + } + while( crl_cur != NULL ); +} + +#endif /* MBEDTLS_X509_CRL_PARSE_C */ diff --git a/library/x509_crt.c b/library/x509_crt.c new file mode 100644 index 000000000..605d8efd8 --- /dev/null +++ b/library/x509_crt.c @@ -0,0 +1,2879 @@ +/* + * X.509 certificate parsing and verification + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * The ITU-T X.509 standard defines a certificate format for PKI. + * + * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) + * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) + * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) + * + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf + * + * [SIRO] https://cabforum.org/wp-content/uploads/Chunghwatelecom201503cabforumV4.pdf + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + +#include "mbedtls/x509_crt.h" +#include "mbedtls/oid.h" +#include "mbedtls/platform_util.h" + +#include + +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_snprintf snprintf +#endif + +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif + +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) +#include +#else +#include +#endif + +#if defined(MBEDTLS_FS_IO) +#include +#if !defined(_WIN32) || defined(EFIX64) || defined(EFI32) +#include +#include +#include +#endif /* !_WIN32 || EFIX64 || EFI32 */ +#endif + +/* + * Item in a verification chain: cert and flags for it + */ +typedef struct { + mbedtls_x509_crt *crt; + uint32_t flags; +} x509_crt_verify_chain_item; + +/* + * Max size of verification chain: end-entity + intermediates + trusted root + */ +#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) + +/* + * Default profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = +{ +#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES) + /* Allow SHA-1 (weak, but still safe in controlled environments) */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | +#endif + /* Only SHA-2 hashes */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ + 2048, +}; + +/* + * Next-default profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = +{ + /* Hashes from SHA-256 and above */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ +#if defined(MBEDTLS_ECP_C) + /* Curves at or above 128-bit security level */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), +#else + 0, +#endif + 2048, +}; + +/* + * NSA Suite B Profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = +{ + /* Only SHA-256 and 384 */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), + /* Only ECDSA */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECKEY ), +#if defined(MBEDTLS_ECP_C) + /* Only NIST P-256 and P-384 */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ), +#else + 0, +#endif + 0, +}; + +/* + * Check md_alg against profile + * Return 0 if md_alg is acceptable for this profile, -1 otherwise + */ +static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, + mbedtls_md_type_t md_alg ) +{ + if( md_alg == MBEDTLS_MD_NONE ) + return( -1 ); + + if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 ) + return( 0 ); + + return( -1 ); +} + +/* + * Check pk_alg against profile + * Return 0 if pk_alg is acceptable for this profile, -1 otherwise + */ +static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile, + mbedtls_pk_type_t pk_alg ) +{ + if( pk_alg == MBEDTLS_PK_NONE ) + return( -1 ); + + if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 ) + return( 0 ); + + return( -1 ); +} + +/* + * Check key against profile + * Return 0 if pk is acceptable for this profile, -1 otherwise + */ +static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, + const mbedtls_pk_context *pk ) +{ + const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type( pk ); + +#if defined(MBEDTLS_RSA_C) + if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS ) + { + if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen ) + return( 0 ); + + return( -1 ); + } +#endif + +#if defined(MBEDTLS_ECP_C) + if( pk_alg == MBEDTLS_PK_ECDSA || + pk_alg == MBEDTLS_PK_ECKEY || + pk_alg == MBEDTLS_PK_ECKEY_DH ) + { + const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id; + + if( gid == MBEDTLS_ECP_DP_NONE ) + return( -1 ); + + if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 ) + return( 0 ); + + return( -1 ); + } +#endif + + return( -1 ); +} + +/* + * Like memcmp, but case-insensitive and always returns -1 if different + */ +static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) +{ + size_t i; + unsigned char diff; + const unsigned char *n1 = s1, *n2 = s2; + + for( i = 0; i < len; i++ ) + { + diff = n1[i] ^ n2[i]; + + if( diff == 0 ) + continue; + + if( diff == 32 && + ( ( n1[i] >= 'a' && n1[i] <= 'z' ) || + ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) ) + { + continue; + } + + return( -1 ); + } + + return( 0 ); +} + +/* + * Return 0 if name matches wildcard, -1 otherwise + */ +static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) +{ + size_t i; + size_t cn_idx = 0, cn_len = strlen( cn ); + + /* We can't have a match if there is no wildcard to match */ + if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) + return( -1 ); + + for( i = 0; i < cn_len; ++i ) + { + if( cn[i] == '.' ) + { + cn_idx = i; + break; + } + } + + if( cn_idx == 0 ) + return( -1 ); + + if( cn_len - cn_idx == name->len - 1 && + x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) + { + return( 0 ); + } + + return( -1 ); +} + +/* + * Compare two X.509 strings, case-insensitive, and allowing for some encoding + * variations (but not all). + * + * Return 0 if equal, -1 otherwise. + */ +static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) +{ + if( a->tag == b->tag && + a->len == b->len && + memcmp( a->p, b->p, b->len ) == 0 ) + { + return( 0 ); + } + + if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + a->len == b->len && + x509_memcasecmp( a->p, b->p, b->len ) == 0 ) + { + return( 0 ); + } + + return( -1 ); +} + +/* + * Compare two X.509 Names (aka rdnSequence). + * + * See RFC 5280 section 7.1, though we don't implement the whole algorithm: + * we sometimes return unequal when the full algorithm would return equal, + * but never the other way. (In particular, we don't do Unicode normalisation + * or space folding.) + * + * Return 0 if equal, -1 otherwise. + */ +static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) +{ + /* Avoid recursion, it might not be optimised by the compiler */ + while( a != NULL || b != NULL ) + { + if( a == NULL || b == NULL ) + return( -1 ); + + /* type */ + if( a->oid.tag != b->oid.tag || + a->oid.len != b->oid.len || + memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 ) + { + return( -1 ); + } + + /* value */ + if( x509_string_cmp( &a->val, &b->val ) != 0 ) + return( -1 ); + + /* structure of the list of sets */ + if( a->next_merged != b->next_merged ) + return( -1 ); + + a = a->next; + b = b->next; + } + + /* a == NULL == b */ + return( 0 ); +} + +/* + * Reset (init or clear) a verify_chain + */ +static void x509_crt_verify_chain_reset( + mbedtls_x509_crt_verify_chain *ver_chain ) +{ + size_t i; + + for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ ) + { + ver_chain->items[i].crt = NULL; + ver_chain->items[i].flags = (uint32_t) -1; + } + + ver_chain->len = 0; + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + ver_chain->trust_ca_cb_result = NULL; +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +} + +/* + * Version ::= INTEGER { v1(0), v2(1), v3(2) } + */ +static int x509_get_version( unsigned char **p, + const unsigned char *end, + int *ver ) +{ + int ret; + size_t len; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + { + *ver = 0; + return( 0 ); + } + + return( ret ); + } + + end = *p + len; + + if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_VERSION + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * Validity ::= SEQUENCE { + * notBefore Time, + * notAfter Time } + */ +static int x509_get_dates( unsigned char **p, + const unsigned char *end, + mbedtls_x509_time *from, + mbedtls_x509_time *to ) +{ + int ret; + size_t len; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); + + end = *p + len; + + if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 ) + return( ret ); + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 v2/v3 unique identifier (not parsed) + */ +static int x509_get_uid( unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *uid, int n ) +{ + int ret; + + if( *p == end ) + return( 0 ); + + uid->tag = **p; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + uid->p = *p; + *p += uid->len; + + return( 0 ); +} + +static int x509_get_basic_constraints( unsigned char **p, + const unsigned char *end, + int *ca_istrue, + int *max_pathlen ) +{ + int ret; + size_t len; + + /* + * BasicConstraints ::= SEQUENCE { + * cA BOOLEAN DEFAULT FALSE, + * pathLenConstraint INTEGER (0..MAX) OPTIONAL } + */ + *ca_istrue = 0; /* DEFAULT FALSE */ + *max_pathlen = 0; /* endless */ + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( *p == end ) + return( 0 ); + + if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + ret = mbedtls_asn1_get_int( p, end, ca_istrue ); + + if( ret != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( *ca_istrue != 0 ) + *ca_istrue = 1; + } + + if( *p == end ) + return( 0 ); + + if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + (*max_pathlen)++; + + return( 0 ); +} + +static int x509_get_ns_cert_type( unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type) +{ + int ret; + mbedtls_x509_bitstring bs = { 0, 0, NULL }; + + if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( bs.len != 1 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + + /* Get actual bitstring */ + *ns_cert_type = *bs.p; + return( 0 ); +} + +static int x509_get_key_usage( unsigned char **p, + const unsigned char *end, + unsigned int *key_usage) +{ + int ret; + size_t i; + mbedtls_x509_bitstring bs = { 0, 0, NULL }; + + if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( bs.len < 1 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + + /* Get actual bitstring */ + *key_usage = 0; + for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ ) + { + *key_usage |= (unsigned int) bs.p[i] << (8*i); + } + + return( 0 ); +} + +/* + * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId + * + * KeyPurposeId ::= OBJECT IDENTIFIER + */ +static int x509_get_ext_key_usage( unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *ext_key_usage) +{ + int ret; + + if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + /* Sequence length must be >= 1 */ + if( ext_key_usage->buf.p == NULL ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + + return( 0 ); +} + +/* + * SubjectAltName ::= GeneralNames + * + * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName + * + * GeneralName ::= CHOICE { + * otherName [0] OtherName, + * rfc822Name [1] IA5String, + * dNSName [2] IA5String, + * x400Address [3] ORAddress, + * directoryName [4] Name, + * ediPartyName [5] EDIPartyName, + * uniformResourceIdentifier [6] IA5String, + * iPAddress [7] OCTET STRING, + * registeredID [8] OBJECT IDENTIFIER } + * + * OtherName ::= SEQUENCE { + * type-id OBJECT IDENTIFIER, + * value [0] EXPLICIT ANY DEFINED BY type-id } + * + * EDIPartyName ::= SEQUENCE { + * nameAssigner [0] DirectoryString OPTIONAL, + * partyName [1] DirectoryString } + * + * NOTE: we only parse and use dNSName at this point. + */ +static int x509_get_subject_alt_name( unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name ) +{ + int ret; + size_t len, tag_len; + mbedtls_asn1_buf *buf; + unsigned char tag; + mbedtls_asn1_sequence *cur = subject_alt_name; + + /* Get main sequence tag */ + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( *p + len != end ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + while( *p < end ) + { + if( ( end - *p ) < 1 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + + tag = **p; + (*p)++; + if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != + MBEDTLS_ASN1_CONTEXT_SPECIFIC ) + { + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + } + + /* Skip everything but DNS name */ + if( tag != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2 ) ) + { + *p += tag_len; + continue; + } + + /* Allocate and assign next pointer */ + if( cur->buf.p != NULL ) + { + if( cur->next != NULL ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + + if( cur->next == NULL ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + + cur = cur->next; + } + + buf = &(cur->buf); + buf->tag = tag; + buf->p = *p; + buf->len = tag_len; + *p += buf->len; + } + + /* Set final sequence entry's next pointer to NULL */ + cur->next = NULL; + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 v3 extensions + * + */ +static int x509_get_crt_ext( unsigned char **p, + const unsigned char *end, + mbedtls_x509_crt *crt ) +{ + int ret; + size_t len; + unsigned char *end_ext_data, *end_ext_octet; + + if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + while( *p < end ) + { + /* + * Extension ::= SEQUENCE { + * extnID OBJECT IDENTIFIER, + * critical BOOLEAN DEFAULT FALSE, + * extnValue OCTET STRING } + */ + mbedtls_x509_buf extn_oid = {0, 0, NULL}; + int is_critical = 0; /* DEFAULT FALSE */ + int ext_type = 0; + + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + end_ext_data = *p + len; + + /* Get extension ID */ + if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, + MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + extn_oid.tag = MBEDTLS_ASN1_OID; + extn_oid.p = *p; + *p += extn_oid.len; + + /* Get optional critical */ + if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && + ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + /* Data should be octet string type */ + if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + + end_ext_octet = *p + len; + + if( end_ext_octet != end_ext_data ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + /* + * Detect supported extensions + */ + ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type ); + + if( ret != 0 ) + { + /* No parser found, skip extension */ + *p = end_ext_octet; + +#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + if( is_critical ) + { + /* Data is marked as critical: fail */ + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + } +#endif + continue; + } + + /* Forbid repeated extensions */ + if( ( crt->ext_types & ext_type ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + + crt->ext_types |= ext_type; + + switch( ext_type ) + { + case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: + /* Parse basic constraints */ + if( ( ret = x509_get_basic_constraints( p, end_ext_octet, + &crt->ca_istrue, &crt->max_pathlen ) ) != 0 ) + return( ret ); + break; + + case MBEDTLS_X509_EXT_KEY_USAGE: + /* Parse key usage */ + if( ( ret = x509_get_key_usage( p, end_ext_octet, + &crt->key_usage ) ) != 0 ) + return( ret ); + break; + + case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: + /* Parse extended key usage */ + if( ( ret = x509_get_ext_key_usage( p, end_ext_octet, + &crt->ext_key_usage ) ) != 0 ) + return( ret ); + break; + + case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: + /* Parse subject alt name */ + if( ( ret = x509_get_subject_alt_name( p, end_ext_octet, + &crt->subject_alt_names ) ) != 0 ) + return( ret ); + break; + + case MBEDTLS_X509_EXT_NS_CERT_TYPE: + /* Parse netscape certificate type */ + if( ( ret = x509_get_ns_cert_type( p, end_ext_octet, + &crt->ns_cert_type ) ) != 0 ) + return( ret ); + break; + + default: + /* + * If this is a non-critical extension, which the oid layer + * supports, but there isn't an x509 parser for it, + * skip the extension. + */ +#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + if( is_critical ) + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + else +#endif + *p = end_ext_octet; + } + } + + if( *p != end ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * Parse and fill a single X.509 certificate in DER format + */ +static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, + const unsigned char *buf, + size_t buflen, + int make_copy ) +{ + int ret; + size_t len; + unsigned char *p, *end, *crt_end; + mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; + + memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + + /* + * Check for valid input + */ + if( crt == NULL || buf == NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + /* Use the original buffer until we figure out actual length. */ + p = (unsigned char*) buf; + len = buflen; + end = p + len; + + /* + * Certificate ::= SEQUENCE { + * tbsCertificate TBSCertificate, + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING } + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + } + + end = crt_end = p + len; + crt->raw.len = crt_end - buf; + if( make_copy != 0 ) + { + /* Create and populate a new buffer for the raw field. */ + crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len ); + if( crt->raw.p == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + memcpy( crt->raw.p, buf, crt->raw.len ); + crt->own_buffer = 1; + + p += crt->raw.len - len; + end = crt_end = p + len; + } + else + { + crt->raw.p = (unsigned char*) buf; + crt->own_buffer = 0; + } + + /* + * TBSCertificate ::= SEQUENCE { + */ + crt->tbs.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + end = p + len; + crt->tbs.len = end - crt->tbs.p; + + /* + * Version ::= INTEGER { v1(0), v2(1), v3(2) } + * + * CertificateSerialNumber ::= INTEGER + * + * signature AlgorithmIdentifier + */ + if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || + ( ret = mbedtls_x509_get_serial( &p, end, &crt->serial ) ) != 0 || + ( ret = mbedtls_x509_get_alg( &p, end, &crt->sig_oid, + &sig_params1 ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + if( crt->version < 0 || crt->version > 2 ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + } + + crt->version++; + + if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1, + &crt->sig_md, &crt->sig_pk, + &crt->sig_opts ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + /* + * issuer Name + */ + crt->issuer_raw.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + crt->issuer_raw.len = p - crt->issuer_raw.p; + + /* + * Validity ::= SEQUENCE { + * notBefore Time, + * notAfter Time } + * + */ + if( ( ret = x509_get_dates( &p, end, &crt->valid_from, + &crt->valid_to ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + /* + * subject Name + */ + crt->subject_raw.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + crt->subject_raw.len = p - crt->subject_raw.p; + + /* + * SubjectPublicKeyInfo + */ + crt->pk_raw.p = p; + if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + crt->pk_raw.len = p - crt->pk_raw.p; + + /* + * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, + * -- If present, version shall be v2 or v3 + * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, + * -- If present, version shall be v2 or v3 + * extensions [3] EXPLICIT Extensions OPTIONAL + * -- If present, version shall be v3 + */ + if( crt->version == 2 || crt->version == 3 ) + { + ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); + if( ret != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + } + + if( crt->version == 2 || crt->version == 3 ) + { + ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); + if( ret != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + } + +#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) + if( crt->version == 3 ) +#endif + { + ret = x509_get_crt_ext( &p, end, crt ); + if( ret != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + } + + if( p != end ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + end = crt_end; + + /* + * } + * -- end of TBSCertificate + * + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING + */ + if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + if( crt->sig_oid.len != sig_oid2.len || + memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 || + sig_params1.len != sig_params2.len || + ( sig_params1.len != 0 && + memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_SIG_MISMATCH ); + } + + if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 ) + { + mbedtls_x509_crt_free( crt ); + return( ret ); + } + + if( p != end ) + { + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + return( 0 ); +} + +/* + * Parse one X.509 certificate in DER format from a buffer and add them to a + * chained list + */ +static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy ) +{ + int ret; + mbedtls_x509_crt *crt = chain, *prev = NULL; + + /* + * Check for valid input + */ + if( crt == NULL || buf == NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + while( crt->version != 0 && crt->next != NULL ) + { + prev = crt; + crt = crt->next; + } + + /* + * Add new certificate on the end of the chain if needed. + */ + if( crt->version != 0 && crt->next == NULL ) + { + crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + + if( crt->next == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + prev = crt; + mbedtls_x509_crt_init( crt->next ); + crt = crt->next; + } + + if( ( ret = x509_crt_parse_der_core( crt, buf, buflen, make_copy ) ) != 0 ) + { + if( prev ) + prev->next = NULL; + + if( crt != chain ) + mbedtls_free( crt ); + + return( ret ); + } + + return( 0 ); +} + +int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen ) +{ + return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 0 ) ); +} + +int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen ) +{ + return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 1 ) ); +} + +/* + * Parse one or more PEM certificates from a buffer and add them to the chained + * list + */ +int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen ) +{ +#if defined(MBEDTLS_PEM_PARSE_C) + int success = 0, first_error = 0, total_failed = 0; + int buf_format = MBEDTLS_X509_FORMAT_DER; +#endif + + /* + * Check for valid input + */ + if( chain == NULL || buf == NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + /* + * Determine buffer content. Buffer contains either one DER certificate or + * one or more PEM certificates. + */ +#if defined(MBEDTLS_PEM_PARSE_C) + if( buflen != 0 && buf[buflen - 1] == '\0' && + strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) + { + buf_format = MBEDTLS_X509_FORMAT_PEM; + } + + if( buf_format == MBEDTLS_X509_FORMAT_DER ) + return mbedtls_x509_crt_parse_der( chain, buf, buflen ); +#else + return mbedtls_x509_crt_parse_der( chain, buf, buflen ); +#endif + +#if defined(MBEDTLS_PEM_PARSE_C) + if( buf_format == MBEDTLS_X509_FORMAT_PEM ) + { + int ret; + mbedtls_pem_context pem; + + /* 1 rather than 0 since the terminating NULL byte is counted in */ + while( buflen > 1 ) + { + size_t use_len; + mbedtls_pem_init( &pem ); + + /* If we get there, we know the string is null-terminated */ + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN CERTIFICATE-----", + "-----END CERTIFICATE-----", + buf, NULL, 0, &use_len ); + + if( ret == 0 ) + { + /* + * Was PEM encoded + */ + buflen -= use_len; + buf += use_len; + } + else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA ) + { + return( ret ); + } + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + { + mbedtls_pem_free( &pem ); + + /* + * PEM header and footer were found + */ + buflen -= use_len; + buf += use_len; + + if( first_error == 0 ) + first_error = ret; + + total_failed++; + continue; + } + else + break; + + ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen ); + + mbedtls_pem_free( &pem ); + + if( ret != 0 ) + { + /* + * Quit parsing on a memory error + */ + if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED ) + return( ret ); + + if( first_error == 0 ) + first_error = ret; + + total_failed++; + continue; + } + + success = 1; + } + } + + if( success ) + return( total_failed ); + else if( first_error ) + return( first_error ); + else + return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT ); +#endif /* MBEDTLS_PEM_PARSE_C */ +} + +#if defined(MBEDTLS_FS_IO) +/* + * Load one or more certificates and add them to the chained list + */ +int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = mbedtls_x509_crt_parse( chain, buf, n ); + + mbedtls_platform_zeroize( buf, n ); + mbedtls_free( buf ); + + return( ret ); +} + +int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) +{ + int ret = 0; +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) + int w_ret; + WCHAR szDir[MAX_PATH]; + char filename[MAX_PATH]; + char *p; + size_t len = strlen( path ); + + WIN32_FIND_DATAW file_data; + HANDLE hFind; + + if( len > MAX_PATH - 3 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + memset( szDir, 0, sizeof(szDir) ); + memset( filename, 0, MAX_PATH ); + memcpy( filename, path, len ); + filename[len++] = '\\'; + p = filename + len; + filename[len++] = '*'; + + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir, + MAX_PATH - 3 ); + if( w_ret == 0 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + hFind = FindFirstFileW( szDir, &file_data ); + if( hFind == INVALID_HANDLE_VALUE ) + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + + len = MAX_PATH - len; + do + { + memset( p, 0, len ); + + if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) + continue; + + w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, + lstrlenW( file_data.cFileName ), + p, (int) len - 1, + NULL, NULL ); + if( w_ret == 0 ) + { + ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; + goto cleanup; + } + + w_ret = mbedtls_x509_crt_parse_file( chain, filename ); + if( w_ret < 0 ) + ret++; + else + ret += w_ret; + } + while( FindNextFileW( hFind, &file_data ) != 0 ); + + if( GetLastError() != ERROR_NO_MORE_FILES ) + ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; + +cleanup: + FindClose( hFind ); +#else /* _WIN32 */ + int t_ret; + int snp_ret; + struct stat sb; + struct dirent *entry; + char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN]; + DIR *dir = opendir( path ); + + if( dir == NULL ) + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 ) + { + closedir( dir ); + return( ret ); + } +#endif /* MBEDTLS_THREADING_C */ + + while( ( entry = readdir( dir ) ) != NULL ) + { + snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name, + "%s/%s", path, entry->d_name ); + + if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name ) + { + ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + goto cleanup; + } + else if( stat( entry_name, &sb ) == -1 ) + { + ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; + goto cleanup; + } + + if( !S_ISREG( sb.st_mode ) ) + continue; + + // Ignore parse errors + // + t_ret = mbedtls_x509_crt_parse_file( chain, entry_name ); + if( t_ret < 0 ) + ret++; + else + ret += t_ret; + } + +cleanup: + closedir( dir ); + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 ) + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; +#endif /* MBEDTLS_THREADING_C */ + +#endif /* _WIN32 */ + + return( ret ); +} +#endif /* MBEDTLS_FS_IO */ + +static int x509_info_subject_alt_name( char **buf, size_t *size, + const mbedtls_x509_sequence *subject_alt_name ) +{ + size_t i; + size_t n = *size; + char *p = *buf; + const mbedtls_x509_sequence *cur = subject_alt_name; + const char *sep = ""; + size_t sep_len = 0; + + while( cur != NULL ) + { + if( cur->buf.len + sep_len >= n ) + { + *p = '\0'; + return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + } + + n -= cur->buf.len + sep_len; + for( i = 0; i < sep_len; i++ ) + *p++ = sep[i]; + for( i = 0; i < cur->buf.len; i++ ) + *p++ = cur->buf.p[i]; + + sep = ", "; + sep_len = 2; + + cur = cur->next; + } + + *p = '\0'; + + *size = n; + *buf = p; + + return( 0 ); +} + +#define PRINT_ITEM(i) \ + { \ + ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + sep = ", "; \ + } + +#define CERT_TYPE(type,name) \ + if( ns_cert_type & type ) \ + PRINT_ITEM( name ); + +static int x509_info_cert_type( char **buf, size_t *size, + unsigned char ns_cert_type ) +{ + int ret; + size_t n = *size; + char *p = *buf; + const char *sep = ""; + + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" ); + + *size = n; + *buf = p; + + return( 0 ); +} + +#define KEY_USAGE(code,name) \ + if( key_usage & code ) \ + PRINT_ITEM( name ); + +static int x509_info_key_usage( char **buf, size_t *size, + unsigned int key_usage ) +{ + int ret; + size_t n = *size; + char *p = *buf; + const char *sep = ""; + + KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature" ); + KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation" ); + KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment" ); + KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment" ); + KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement" ); + KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign" ); + KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign" ); + KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only" ); + KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only" ); + + *size = n; + *buf = p; + + return( 0 ); +} + +static int x509_info_ext_key_usage( char **buf, size_t *size, + const mbedtls_x509_sequence *extended_key_usage ) +{ + int ret; + const char *desc; + size_t n = *size; + char *p = *buf; + const mbedtls_x509_sequence *cur = extended_key_usage; + const char *sep = ""; + + while( cur != NULL ) + { + if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) + desc = "???"; + + ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); + MBEDTLS_X509_SAFE_SNPRINTF; + + sep = ", "; + + cur = cur->next; + } + + *size = n; + *buf = p; + + return( 0 ); +} + +/* + * Return an informational string about the certificate. + */ +#define BEFORE_COLON 18 +#define BC "18" +int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt ) +{ + int ret; + size_t n; + char *p; + char key_size_str[BEFORE_COLON]; + + p = buf; + n = size; + + if( NULL == crt ) + { + ret = mbedtls_snprintf( p, n, "\nCertificate is uninitialised!\n" ); + MBEDTLS_X509_SAFE_SNPRINTF; + + return( (int) ( size - n ) ); + } + + ret = mbedtls_snprintf( p, n, "%scert. version : %d\n", + prefix, crt->version ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_snprintf( p, n, "%sserial number : ", + prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &crt->issuer ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%sissued on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_from.year, crt->valid_from.mon, + crt->valid_from.day, crt->valid_from.hour, + crt->valid_from.min, crt->valid_from.sec ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%sexpires on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_to.year, crt->valid_to.mon, + crt->valid_to.day, crt->valid_to.hour, + crt->valid_to.min, crt->valid_to.sec ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk, + crt->sig_md, crt->sig_opts ); + MBEDTLS_X509_SAFE_SNPRINTF; + + /* Key size */ + if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, + mbedtls_pk_get_name( &crt->pk ) ) ) != 0 ) + { + return( ret ); + } + + ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen( &crt->pk ) ); + MBEDTLS_X509_SAFE_SNPRINTF; + + /* + * Optional extensions + */ + + if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS ) + { + ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, + crt->ca_istrue ? "true" : "false" ); + MBEDTLS_X509_SAFE_SNPRINTF; + + if( crt->max_pathlen > 0 ) + { + ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + } + + if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) + { + ret = mbedtls_snprintf( p, n, "\n%ssubject alt name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + if( ( ret = x509_info_subject_alt_name( &p, &n, + &crt->subject_alt_names ) ) != 0 ) + return( ret ); + } + + if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE ) + { + ret = mbedtls_snprintf( p, n, "\n%scert. type : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) + return( ret ); + } + + if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) + { + ret = mbedtls_snprintf( p, n, "\n%skey usage : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 ) + return( ret ); + } + + if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) + { + ret = mbedtls_snprintf( p, n, "\n%sext key usage : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + if( ( ret = x509_info_ext_key_usage( &p, &n, + &crt->ext_key_usage ) ) != 0 ) + return( ret ); + } + + ret = mbedtls_snprintf( p, n, "\n" ); + MBEDTLS_X509_SAFE_SNPRINTF; + + return( (int) ( size - n ) ); +} + +struct x509_crt_verify_string { + int code; + const char *string; +}; + +static const struct x509_crt_verify_string x509_crt_verify_strings[] = { + { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, + { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, + { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, + { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, + { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, + { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, + { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, + { MBEDTLS_X509_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" }, + { MBEDTLS_X509_BADCERT_OTHER, "Other reason (can be used by verify callback)" }, + { MBEDTLS_X509_BADCERT_FUTURE, "The certificate validity starts in the future" }, + { MBEDTLS_X509_BADCRL_FUTURE, "The CRL is from the future" }, + { MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" }, + { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, + { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, + { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, + { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, + { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { 0, NULL } +}; + +int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ + int ret; + const struct x509_crt_verify_string *cur; + char *p = buf; + size_t n = size; + + for( cur = x509_crt_verify_strings; cur->string != NULL ; cur++ ) + { + if( ( flags & cur->code ) == 0 ) + continue; + + ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string ); + MBEDTLS_X509_SAFE_SNPRINTF; + flags ^= cur->code; + } + + if( flags != 0 ) + { + ret = mbedtls_snprintf( p, n, "%sUnknown reason " + "(this should not happen)\n", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + return( (int) ( size - n ) ); +} + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) +int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, + unsigned int usage ) +{ + unsigned int usage_must, usage_may; + unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY + | MBEDTLS_X509_KU_DECIPHER_ONLY; + + if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 ) + return( 0 ); + + usage_must = usage & ~may_mask; + + if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + usage_may = usage & may_mask; + + if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + return( 0 ); +} +#endif + +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) +int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, + const char *usage_oid, + size_t usage_len ) +{ + const mbedtls_x509_sequence *cur; + + /* Extension is not mandatory, absent means no restriction */ + if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 ) + return( 0 ); + + /* + * Look for the requested usage (or wildcard ANY) in our list + */ + for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next ) + { + const mbedtls_x509_buf *cur_oid = &cur->buf; + + if( cur_oid->len == usage_len && + memcmp( cur_oid->p, usage_oid, usage_len ) == 0 ) + { + return( 0 ); + } + + if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 ) + return( 0 ); + } + + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); +} +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ + +#if defined(MBEDTLS_X509_CRL_PARSE_C) +/* + * Return 1 if the certificate is revoked, or 0 otherwise. + */ +int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ) +{ + const mbedtls_x509_crl_entry *cur = &crl->entry; + + while( cur != NULL && cur->serial.len != 0 ) + { + if( crt->serial.len == cur->serial.len && + memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) + { + if( mbedtls_x509_time_is_past( &cur->revocation_date ) ) + return( 1 ); + } + + cur = cur->next; + } + + return( 0 ); +} + +/* + * Check that the given certificate is not revoked according to the CRL. + * Skip validation if no CRL for the given CA is present. + */ +static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, + mbedtls_x509_crl *crl_list, + const mbedtls_x509_crt_profile *profile ) +{ + int flags = 0; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; + + if( ca == NULL ) + return( flags ); + + while( crl_list != NULL ) + { + if( crl_list->version == 0 || + x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 ) + { + crl_list = crl_list->next; + continue; + } + + /* + * Check if the CA is configured to sign CRLs + */ +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + if( mbedtls_x509_crt_check_key_usage( ca, + MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) + { + flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; + break; + } +#endif + + /* + * Check if CRL is correctly signed by the trusted CA + */ + if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 ) + flags |= MBEDTLS_X509_BADCRL_BAD_MD; + + if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 ) + flags |= MBEDTLS_X509_BADCRL_BAD_PK; + + md_info = mbedtls_md_info_from_type( crl_list->sig_md ); + if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 ) + { + /* Note: this can't happen except after an internal error */ + flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; + break; + } + + if( x509_profile_check_key( profile, &ca->pk ) != 0 ) + flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + + if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, + crl_list->sig_md, hash, mbedtls_md_get_size( md_info ), + crl_list->sig.p, crl_list->sig.len ) != 0 ) + { + flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; + break; + } + + /* + * Check for validity of CRL (Do not drop out) + */ + if( mbedtls_x509_time_is_past( &crl_list->next_update ) ) + flags |= MBEDTLS_X509_BADCRL_EXPIRED; + + if( mbedtls_x509_time_is_future( &crl_list->this_update ) ) + flags |= MBEDTLS_X509_BADCRL_FUTURE; + + /* + * Check if certificate is revoked + */ + if( mbedtls_x509_crt_is_revoked( crt, crl_list ) ) + { + flags |= MBEDTLS_X509_BADCERT_REVOKED; + break; + } + + crl_list = crl_list->next; + } + + return( flags ); +} +#endif /* MBEDTLS_X509_CRL_PARSE_C */ + +/* + * Check the signature of a certificate by its parent + */ +static int x509_crt_check_signature( const mbedtls_x509_crt *child, + mbedtls_x509_crt *parent, + mbedtls_x509_crt_restart_ctx *rs_ctx ) +{ + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + size_t hash_len; +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + const mbedtls_md_info_t *md_info; + md_info = mbedtls_md_info_from_type( child->sig_md ); + hash_len = mbedtls_md_get_size( md_info ); + + /* Note: hash errors can happen only after an internal error */ + if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) + return( -1 ); +#else + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; + psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md ); + + if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) + return( -1 ); + + if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len ) + != PSA_SUCCESS ) + { + return( -1 ); + } + + if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) + != PSA_SUCCESS ) + { + return( -1 ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* Skip expensive computation on obvious mismatch */ + if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) ) + return( -1 ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA ) + { + return( mbedtls_pk_verify_restartable( &parent->pk, + child->sig_md, hash, hash_len, + child->sig.p, child->sig.len, &rs_ctx->pk ) ); + } +#else + (void) rs_ctx; +#endif + + return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, + child->sig_md, hash, hash_len, + child->sig.p, child->sig.len ) ); +} + +/* + * Check if 'parent' is a suitable parent (signing CA) for 'child'. + * Return 0 if yes, -1 if not. + * + * top means parent is a locally-trusted certificate + */ +static int x509_crt_check_parent( const mbedtls_x509_crt *child, + const mbedtls_x509_crt *parent, + int top ) +{ + int need_ca_bit; + + /* Parent must be the issuer */ + if( x509_name_cmp( &child->issuer, &parent->subject ) != 0 ) + return( -1 ); + + /* Parent must have the basicConstraints CA bit set as a general rule */ + need_ca_bit = 1; + + /* Exception: v1/v2 certificates that are locally trusted. */ + if( top && parent->version < 3 ) + need_ca_bit = 0; + + if( need_ca_bit && ! parent->ca_istrue ) + return( -1 ); + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + if( need_ca_bit && + mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 ) + { + return( -1 ); + } +#endif + + return( 0 ); +} + +/* + * Find a suitable parent for child in candidates, or return NULL. + * + * Here suitable is defined as: + * 1. subject name matches child's issuer + * 2. if necessary, the CA bit is set and key usage allows signing certs + * 3. for trusted roots, the signature is correct + * (for intermediates, the signature is checked and the result reported) + * 4. pathlen constraints are satisfied + * + * If there's a suitable candidate which is also time-valid, return the first + * such. Otherwise, return the first suitable candidate (or NULL if there is + * none). + * + * The rationale for this rule is that someone could have a list of trusted + * roots with two versions on the same root with different validity periods. + * (At least one user reported having such a list and wanted it to just work.) + * The reason we don't just require time-validity is that generally there is + * only one version, and if it's expired we want the flags to state that + * rather than NOT_TRUSTED, as would be the case if we required it here. + * + * The rationale for rule 3 (signature for trusted roots) is that users might + * have two versions of the same CA with different keys in their list, and the + * way we select the correct one is by checking the signature (as we don't + * rely on key identifier extensions). (This is one way users might choose to + * handle key rollover, another relies on self-issued certs, see [SIRO].) + * + * Arguments: + * - [in] child: certificate for which we're looking for a parent + * - [in] candidates: chained list of potential parents + * - [out] r_parent: parent found (or NULL) + * - [out] r_signature_is_good: 1 if child signature by parent is valid, or 0 + * - [in] top: 1 if candidates consists of trusted roots, ie we're at the top + * of the chain, 0 otherwise + * - [in] path_cnt: number of intermediates seen so far + * - [in] self_cnt: number of self-signed intermediates seen so far + * (will never be greater than path_cnt) + * - [in-out] rs_ctx: context for restarting operations + * + * Return value: + * - 0 on success + * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise + */ +static int x509_crt_find_parent_in( + mbedtls_x509_crt *child, + mbedtls_x509_crt *candidates, + mbedtls_x509_crt **r_parent, + int *r_signature_is_good, + int top, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx ) +{ + int ret; + mbedtls_x509_crt *parent, *fallback_parent; + int signature_is_good, fallback_signature_is_good; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* did we have something in progress? */ + if( rs_ctx != NULL && rs_ctx->parent != NULL ) + { + /* restore saved state */ + parent = rs_ctx->parent; + fallback_parent = rs_ctx->fallback_parent; + fallback_signature_is_good = rs_ctx->fallback_signature_is_good; + + /* clear saved state */ + rs_ctx->parent = NULL; + rs_ctx->fallback_parent = NULL; + rs_ctx->fallback_signature_is_good = 0; + + /* resume where we left */ + goto check_signature; + } +#endif + + fallback_parent = NULL; + fallback_signature_is_good = 0; + + for( parent = candidates; parent != NULL; parent = parent->next ) + { + /* basic parenting skills (name, CA bit, key usage) */ + if( x509_crt_check_parent( child, parent, top ) != 0 ) + continue; + + /* +1 because stored max_pathlen is 1 higher that the actual value */ + if( parent->max_pathlen > 0 && + (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) + { + continue; + } + + /* Signature */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +check_signature: +#endif + ret = x509_crt_check_signature( child, parent, rs_ctx ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + /* save state */ + rs_ctx->parent = parent; + rs_ctx->fallback_parent = fallback_parent; + rs_ctx->fallback_signature_is_good = fallback_signature_is_good; + + return( ret ); + } +#else + (void) ret; +#endif + + signature_is_good = ret == 0; + if( top && ! signature_is_good ) + continue; + + /* optional time check */ + if( mbedtls_x509_time_is_past( &parent->valid_to ) || + mbedtls_x509_time_is_future( &parent->valid_from ) ) + { + if( fallback_parent == NULL ) + { + fallback_parent = parent; + fallback_signature_is_good = signature_is_good; + } + + continue; + } + + break; + } + + if( parent != NULL ) + { + *r_parent = parent; + *r_signature_is_good = signature_is_good; + } + else + { + *r_parent = fallback_parent; + *r_signature_is_good = fallback_signature_is_good; + } + + return( 0 ); +} + +/* + * Find a parent in trusted CAs or the provided chain, or return NULL. + * + * Searches in trusted CAs first, and return the first suitable parent found + * (see find_parent_in() for definition of suitable). + * + * Arguments: + * - [in] child: certificate for which we're looking for a parent, followed + * by a chain of possible intermediates + * - [in] trust_ca: list of locally trusted certificates + * - [out] parent: parent found (or NULL) + * - [out] parent_is_trusted: 1 if returned `parent` is trusted, or 0 + * - [out] signature_is_good: 1 if child signature by parent is valid, or 0 + * - [in] path_cnt: number of links in the chain so far (EE -> ... -> child) + * - [in] self_cnt: number of self-signed certs in the chain so far + * (will always be no greater than path_cnt) + * - [in-out] rs_ctx: context for restarting operations + * + * Return value: + * - 0 on success + * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise + */ +static int x509_crt_find_parent( + mbedtls_x509_crt *child, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crt **parent, + int *parent_is_trusted, + int *signature_is_good, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx ) +{ + int ret; + mbedtls_x509_crt *search_list; + + *parent_is_trusted = 1; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* restore then clear saved state if we have some stored */ + if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 ) + { + *parent_is_trusted = rs_ctx->parent_is_trusted; + rs_ctx->parent_is_trusted = -1; + } +#endif + + while( 1 ) { + search_list = *parent_is_trusted ? trust_ca : child->next; + + ret = x509_crt_find_parent_in( child, search_list, + parent, signature_is_good, + *parent_is_trusted, + path_cnt, self_cnt, rs_ctx ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + /* save state */ + rs_ctx->parent_is_trusted = *parent_is_trusted; + return( ret ); + } +#else + (void) ret; +#endif + + /* stop here if found or already in second iteration */ + if( *parent != NULL || *parent_is_trusted == 0 ) + break; + + /* prepare second iteration */ + *parent_is_trusted = 0; + } + + /* extra precaution against mistakes in the caller */ + if( *parent == NULL ) + { + *parent_is_trusted = 0; + *signature_is_good = 0; + } + + return( 0 ); +} + +/* + * Check if an end-entity certificate is locally trusted + * + * Currently we require such certificates to be self-signed (actually only + * check for self-issued as self-signatures are not checked) + */ +static int x509_crt_check_ee_locally_trusted( + mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca ) +{ + mbedtls_x509_crt *cur; + + /* must be self-issued */ + if( x509_name_cmp( &crt->issuer, &crt->subject ) != 0 ) + return( -1 ); + + /* look for an exact match with trusted cert */ + for( cur = trust_ca; cur != NULL; cur = cur->next ) + { + if( crt->raw.len == cur->raw.len && + memcmp( crt->raw.p, cur->raw.p, crt->raw.len ) == 0 ) + { + return( 0 ); + } + } + + /* too bad */ + return( -1 ); +} + +/* + * Build and verify a certificate chain + * + * Given a peer-provided list of certificates EE, C1, ..., Cn and + * a list of trusted certs R1, ... Rp, try to build and verify a chain + * EE, Ci1, ... Ciq [, Rj] + * such that every cert in the chain is a child of the next one, + * jumping to a trusted root as early as possible. + * + * Verify that chain and return it with flags for all issues found. + * + * Special cases: + * - EE == Rj -> return a one-element list containing it + * - EE, Ci1, ..., Ciq cannot be continued with a trusted root + * -> return that chain with NOT_TRUSTED set on Ciq + * + * Tests for (aspects of) this function should include at least: + * - trusted EE + * - EE -> trusted root + * - EE -> intermediate CA -> trusted root + * - if relevant: EE untrusted + * - if relevant: EE -> intermediate, untrusted + * with the aspect under test checked at each relevant level (EE, int, root). + * For some aspects longer chains are required, but usually length 2 is + * enough (but length 1 is not in general). + * + * Arguments: + * - [in] crt: the cert list EE, C1, ..., Cn + * - [in] trust_ca: the trusted list R1, ..., Rp + * - [in] ca_crl, profile: as in verify_with_profile() + * - [out] ver_chain: the built and verified chain + * Only valid when return value is 0, may contain garbage otherwise! + * Restart note: need not be the same when calling again to resume. + * - [in-out] rs_ctx: context for restarting operations + * + * Return value: + * - non-zero if the chain could not be fully built and examined + * - 0 is the chain was successfully built and examined, + * even if it was found to be invalid + */ +static int x509_crt_verify_chain( + mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + mbedtls_x509_crt_verify_chain *ver_chain, + mbedtls_x509_crt_restart_ctx *rs_ctx ) +{ + /* Don't initialize any of those variables here, so that the compiler can + * catch potential issues with jumping ahead when restarting */ + int ret; + uint32_t *flags; + mbedtls_x509_crt_verify_chain_item *cur; + mbedtls_x509_crt *child; + mbedtls_x509_crt *parent; + int parent_is_trusted; + int child_is_trusted; + int signature_is_good; + unsigned self_cnt; + mbedtls_x509_crt *cur_trust_ca = NULL; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* resume if we had an operation in progress */ + if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent ) + { + /* restore saved state */ + *ver_chain = rs_ctx->ver_chain; /* struct copy */ + self_cnt = rs_ctx->self_cnt; + + /* restore derived state */ + cur = &ver_chain->items[ver_chain->len - 1]; + child = cur->crt; + flags = &cur->flags; + + goto find_parent; + } +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + + child = crt; + self_cnt = 0; + parent_is_trusted = 0; + child_is_trusted = 0; + + while( 1 ) { + /* Add certificate to the verification chain */ + cur = &ver_chain->items[ver_chain->len]; + cur->crt = child; + cur->flags = 0; + ver_chain->len++; + flags = &cur->flags; + + /* Check time-validity (all certificates) */ + if( mbedtls_x509_time_is_past( &child->valid_to ) ) + *flags |= MBEDTLS_X509_BADCERT_EXPIRED; + + if( mbedtls_x509_time_is_future( &child->valid_from ) ) + *flags |= MBEDTLS_X509_BADCERT_FUTURE; + + /* Stop here for trusted roots (but not for trusted EE certs) */ + if( child_is_trusted ) + return( 0 ); + + /* Check signature algorithm: MD & PK algs */ + if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_MD; + + if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_PK; + + /* Special case: EE certs that are locally trusted */ + if( ver_chain->len == 1 && + x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 ) + { + return( 0 ); + } + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +find_parent: +#endif + + /* Obtain list of potential trusted signers from CA callback, + * or use statically provided list. */ +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + if( f_ca_cb != NULL ) + { + mbedtls_x509_crt_free( ver_chain->trust_ca_cb_result ); + mbedtls_free( ver_chain->trust_ca_cb_result ); + ver_chain->trust_ca_cb_result = NULL; + + ret = f_ca_cb( p_ca_cb, child, &ver_chain->trust_ca_cb_result ); + if( ret != 0 ) + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + + cur_trust_ca = ver_chain->trust_ca_cb_result; + } + else +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + { + ((void) f_ca_cb); + ((void) p_ca_cb); + cur_trust_ca = trust_ca; + } + + /* Look for a parent in trusted CAs or up the chain */ + ret = x509_crt_find_parent( child, cur_trust_ca, &parent, + &parent_is_trusted, &signature_is_good, + ver_chain->len - 1, self_cnt, rs_ctx ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + /* save state */ + rs_ctx->in_progress = x509_crt_rs_find_parent; + rs_ctx->self_cnt = self_cnt; + rs_ctx->ver_chain = *ver_chain; /* struct copy */ + + return( ret ); + } +#else + (void) ret; +#endif + + /* No parent? We're done here */ + if( parent == NULL ) + { + *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; + return( 0 ); + } + + /* Count intermediate self-issued (not necessarily self-signed) certs. + * These can occur with some strategies for key rollover, see [SIRO], + * and should be excluded from max_pathlen checks. */ + if( ver_chain->len != 1 && + x509_name_cmp( &child->issuer, &child->subject ) == 0 ) + { + self_cnt++; + } + + /* path_cnt is 0 for the first intermediate CA, + * and if parent is trusted it's not an intermediate CA */ + if( ! parent_is_trusted && + ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) + { + /* return immediately to avoid overflow the chain array */ + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + } + + /* signature was checked while searching parent */ + if( ! signature_is_good ) + *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; + + /* check size of signing key */ + if( x509_profile_check_key( profile, &parent->pk ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + +#if defined(MBEDTLS_X509_CRL_PARSE_C) + /* Check trusted CA's CRL for the given crt */ + *flags |= x509_crt_verifycrl( child, parent, ca_crl, profile ); +#else + (void) ca_crl; +#endif + + /* prepare for next iteration */ + child = parent; + parent = NULL; + child_is_trusted = parent_is_trusted; + signature_is_good = 0; + } +} + +/* + * Check for CN match + */ +static int x509_crt_check_cn( const mbedtls_x509_buf *name, + const char *cn, size_t cn_len ) +{ + /* try exact match */ + if( name->len == cn_len && + x509_memcasecmp( cn, name->p, cn_len ) == 0 ) + { + return( 0 ); + } + + /* try wildcard match */ + if( x509_check_wildcard( cn, name ) == 0 ) + { + return( 0 ); + } + + return( -1 ); +} + +/* + * Verify the requested CN - only call this if cn is not NULL! + */ +static void x509_crt_verify_name( const mbedtls_x509_crt *crt, + const char *cn, + uint32_t *flags ) +{ + const mbedtls_x509_name *name; + const mbedtls_x509_sequence *cur; + size_t cn_len = strlen( cn ); + + if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) + { + for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next ) + { + if( x509_crt_check_cn( &cur->buf, cn, cn_len ) == 0 ) + break; + } + + if( cur == NULL ) + *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; + } + else + { + for( name = &crt->subject; name != NULL; name = name->next ) + { + if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 && + x509_crt_check_cn( &name->val, cn, cn_len ) == 0 ) + { + break; + } + } + + if( name == NULL ) + *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; + } +} + +/* + * Merge the flags for all certs in the chain, after calling callback + */ +static int x509_crt_merge_flags_with_cb( + uint32_t *flags, + const mbedtls_x509_crt_verify_chain *ver_chain, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + int ret; + unsigned i; + uint32_t cur_flags; + const mbedtls_x509_crt_verify_chain_item *cur; + + for( i = ver_chain->len; i != 0; --i ) + { + cur = &ver_chain->items[i-1]; + cur_flags = cur->flags; + + if( NULL != f_vrfy ) + if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 ) + return( ret ); + + *flags |= cur_flags; + } + + return( 0 ); +} + +/* + * Verify the certificate validity, with profile, restartable version + * + * This function: + * - checks the requested CN (if any) + * - checks the type and size of the EE cert's key, + * as that isn't done as part of chain building/verification currently + * - builds and verifies the chain + * - then calls the callback and merges the flags + * + * The parameters pairs `trust_ca`, `ca_crl` and `f_ca_cb`, `p_ca_cb` + * are mutually exclusive: If `f_ca_cb != NULL`, it will be used by the + * verification routine to search for trusted signers, and CRLs will + * be disabled. Otherwise, `trust_ca` will be used as the static list + * of trusted signers, and `ca_crl` will be use as the static list + * of CRLs. + */ +static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx ) +{ + int ret; + mbedtls_pk_type_t pk_type; + mbedtls_x509_crt_verify_chain ver_chain; + uint32_t ee_flags; + + *flags = 0; + ee_flags = 0; + x509_crt_verify_chain_reset( &ver_chain ); + + if( profile == NULL ) + { + ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; + goto exit; + } + + /* check name if requested */ + if( cn != NULL ) + x509_crt_verify_name( crt, cn, &ee_flags ); + + /* Check the type and size of the key */ + pk_type = mbedtls_pk_get_type( &crt->pk ); + + if( x509_profile_check_pk_alg( profile, pk_type ) != 0 ) + ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK; + + if( x509_profile_check_key( profile, &crt->pk ) != 0 ) + ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + + /* Check the chain */ + ret = x509_crt_verify_chain( crt, trust_ca, ca_crl, + f_ca_cb, p_ca_cb, profile, + &ver_chain, rs_ctx ); + + if( ret != 0 ) + goto exit; + + /* Merge end-entity flags */ + ver_chain.items[0].flags |= ee_flags; + + /* Build final flags, calling callback on the way if any */ + ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy ); + +exit: + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + mbedtls_x509_crt_free( ver_chain.trust_ca_cb_result ); + mbedtls_free( ver_chain.trust_ca_cb_result ); + ver_chain.trust_ca_cb_result = NULL; +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) + mbedtls_x509_crt_restart_free( rs_ctx ); +#endif + + /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by + * the SSL module for authmode optional, but non-zero return from the + * callback means a fatal error so it shouldn't be ignored */ + if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + ret = MBEDTLS_ERR_X509_FATAL_ERROR; + + if( ret != 0 ) + { + *flags = (uint32_t) -1; + return( ret ); + } + + if( *flags != 0 ) + return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); + + return( 0 ); +} + + +/* + * Verify the certificate validity (default profile, not restartable) + */ +int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, + NULL, NULL, + &mbedtls_x509_crt_profile_default, + cn, flags, + f_vrfy, p_vrfy, NULL ) ); +} + +/* + * Verify the certificate validity (user-chosen profile, not restartable) + */ +int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, + NULL, NULL, + profile, cn, flags, + f_vrfy, p_vrfy, NULL ) ); +} + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +/* + * Verify the certificate validity (user-chosen profile, CA callback, + * not restartable). + */ +int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + return( x509_crt_verify_restartable_ca_cb( crt, NULL, NULL, + f_ca_cb, p_ca_cb, + profile, cn, flags, + f_vrfy, p_vrfy, NULL ) ); +} +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx ) +{ + return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, + NULL, NULL, + profile, cn, flags, + f_vrfy, p_vrfy, rs_ctx ) ); +} + + +/* + * Initialize a certificate chain + */ +void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ) +{ + memset( crt, 0, sizeof(mbedtls_x509_crt) ); +} + +/* + * Unallocate all certificate data + */ +void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) +{ + mbedtls_x509_crt *cert_cur = crt; + mbedtls_x509_crt *cert_prv; + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; + mbedtls_x509_sequence *seq_cur; + mbedtls_x509_sequence *seq_prv; + + if( crt == NULL ) + return; + + do + { + mbedtls_pk_free( &cert_cur->pk ); + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + mbedtls_free( cert_cur->sig_opts ); +#endif + + name_cur = cert_cur->issuer.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); + } + + name_cur = cert_cur->subject.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); + } + + seq_cur = cert_cur->ext_key_usage.next; + while( seq_cur != NULL ) + { + seq_prv = seq_cur; + seq_cur = seq_cur->next; + mbedtls_platform_zeroize( seq_prv, + sizeof( mbedtls_x509_sequence ) ); + mbedtls_free( seq_prv ); + } + + seq_cur = cert_cur->subject_alt_names.next; + while( seq_cur != NULL ) + { + seq_prv = seq_cur; + seq_cur = seq_cur->next; + mbedtls_platform_zeroize( seq_prv, + sizeof( mbedtls_x509_sequence ) ); + mbedtls_free( seq_prv ); + } + + if( cert_cur->raw.p != NULL && cert_cur->own_buffer ) + { + mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len ); + mbedtls_free( cert_cur->raw.p ); + } + + cert_cur = cert_cur->next; + } + while( cert_cur != NULL ); + + cert_cur = crt; + do + { + cert_prv = cert_cur; + cert_cur = cert_cur->next; + + mbedtls_platform_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) ); + if( cert_prv != crt ) + mbedtls_free( cert_prv ); + } + while( cert_cur != NULL ); +} + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/* + * Initialize a restart context + */ +void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) +{ + mbedtls_pk_restart_init( &ctx->pk ); + + ctx->parent = NULL; + ctx->fallback_parent = NULL; + ctx->fallback_signature_is_good = 0; + + ctx->parent_is_trusted = -1; + + ctx->in_progress = x509_crt_rs_none; + ctx->self_cnt = 0; + x509_crt_verify_chain_reset( &ctx->ver_chain ); +} + +/* + * Free the components of a restart context + */ +void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_pk_restart_free( &ctx->pk ); + mbedtls_x509_crt_restart_init( ctx ); +} +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + +#endif /* MBEDTLS_X509_CRT_PARSE_C */ diff --git a/library/x509_csr.c b/library/x509_csr.c new file mode 100644 index 000000000..c8c08c87b --- /dev/null +++ b/library/x509_csr.c @@ -0,0 +1,419 @@ +/* + * X.509 Certificate Signing Request (CSR) parsing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * The ITU-T X.509 standard defines a certificate format for PKI. + * + * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) + * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) + * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) + * + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_CSR_PARSE_C) + +#include "mbedtls/x509_csr.h" +#include "mbedtls/oid.h" +#include "mbedtls/platform_util.h" + +#include + +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_snprintf snprintf +#endif + +#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) +#include +#endif + +/* + * Version ::= INTEGER { v1(0) } + */ +static int x509_csr_get_version( unsigned char **p, + const unsigned char *end, + int *ver ) +{ + int ret; + + if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + { + *ver = 0; + return( 0 ); + } + + return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + } + + return( 0 ); +} + +/* + * Parse a CSR in DER format + */ +int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen ) +{ + int ret; + size_t len; + unsigned char *p, *end; + mbedtls_x509_buf sig_params; + + memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); + + /* + * Check for valid input + */ + if( csr == NULL || buf == NULL || buflen == 0 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + mbedtls_x509_csr_init( csr ); + + /* + * first copy the raw DER data + */ + p = mbedtls_calloc( 1, len = buflen ); + + if( p == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + + memcpy( p, buf, buflen ); + + csr->raw.p = p; + csr->raw.len = len; + end = p + len; + + /* + * CertificationRequest ::= SEQUENCE { + * certificationRequestInfo CertificationRequestInfo, + * signatureAlgorithm AlgorithmIdentifier, + * signature BIT STRING + * } + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + } + + if( len != (size_t) ( end - p ) ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + /* + * CertificationRequestInfo ::= SEQUENCE { + */ + csr->cri.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + end = p + len; + csr->cri.len = end - csr->cri.p; + + /* + * Version ::= INTEGER { v1(0) } + */ + if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( ret ); + } + + if( csr->version != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + } + + csr->version++; + + /* + * subject Name + */ + csr->subject_raw.p = p; + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( ret ); + } + + csr->subject_raw.len = p - csr->subject_raw.p; + + /* + * subjectPKInfo SubjectPublicKeyInfo + */ + if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( ret ); + } + + /* + * attributes [0] Attributes + * + * The list of possible attributes is open-ended, though RFC 2985 + * (PKCS#9) defines a few in section 5.4. We currently don't support any, + * so we just ignore them. This is a safe thing to do as the worst thing + * that could happen is that we issue a certificate that does not match + * the requester's expectations - this cannot cause a violation of our + * signature policies. + */ + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + } + + p += len; + + end = csr->raw.p + csr->raw.len; + + /* + * signatureAlgorithm AlgorithmIdentifier, + * signature BIT STRING + */ + if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( ret ); + } + + if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params, + &csr->sig_md, &csr->sig_pk, + &csr->sig_opts ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); + } + + if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 ) + { + mbedtls_x509_csr_free( csr ); + return( ret ); + } + + if( p != end ) + { + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + } + + return( 0 ); +} + +/* + * Parse a CSR, allowing for PEM or raw DER encoding + */ +int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) +{ +#if defined(MBEDTLS_PEM_PARSE_C) + int ret; + size_t use_len; + mbedtls_pem_context pem; +#endif + + /* + * Check for valid input + */ + if( csr == NULL || buf == NULL || buflen == 0 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_PEM_PARSE_C) + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( buf[buflen - 1] == '\0' ) + { + mbedtls_pem_init( &pem ); + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN CERTIFICATE REQUEST-----", + "-----END CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len ); + if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + { + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN NEW CERTIFICATE REQUEST-----", + "-----END NEW CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len ); + } + + if( ret == 0 ) + { + /* + * Was PEM encoded, parse the result + */ + ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); + } + + mbedtls_pem_free( &pem ); + if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + return( ret ); + } +#endif /* MBEDTLS_PEM_PARSE_C */ + return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); +} + +#if defined(MBEDTLS_FS_IO) +/* + * Load a CSR into the structure + */ +int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = mbedtls_x509_csr_parse( csr, buf, n ); + + mbedtls_platform_zeroize( buf, n ); + mbedtls_free( buf ); + + return( ret ); +} +#endif /* MBEDTLS_FS_IO */ + +#define BEFORE_COLON 14 +#define BC "14" +/* + * Return an informational string about the CSR. + */ +int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr ) +{ + int ret; + size_t n; + char *p; + char key_size_str[BEFORE_COLON]; + + p = buf; + n = size; + + ret = mbedtls_snprintf( p, n, "%sCSR version : %d", + prefix, csr->version ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &csr->subject ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, + csr->sig_opts ); + MBEDTLS_X509_SAFE_SNPRINTF; + + if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, + mbedtls_pk_get_name( &csr->pk ) ) ) != 0 ) + { + return( ret ); + } + + ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen( &csr->pk ) ); + MBEDTLS_X509_SAFE_SNPRINTF; + + return( (int) ( size - n ) ); +} + +/* + * Initialize a CSR + */ +void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ) +{ + memset( csr, 0, sizeof(mbedtls_x509_csr) ); +} + +/* + * Unallocate all CSR data + */ +void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ) +{ + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; + + if( csr == NULL ) + return; + + mbedtls_pk_free( &csr->pk ); + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + mbedtls_free( csr->sig_opts ); +#endif + + name_cur = csr->subject.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); + } + + if( csr->raw.p != NULL ) + { + mbedtls_platform_zeroize( csr->raw.p, csr->raw.len ); + mbedtls_free( csr->raw.p ); + } + + mbedtls_platform_zeroize( csr, sizeof( mbedtls_x509_csr ) ); +} + +#endif /* MBEDTLS_X509_CSR_PARSE_C */ diff --git a/library/x509write_crt.c b/library/x509write_crt.c new file mode 100644 index 000000000..b6cb745a3 --- /dev/null +++ b/library/x509write_crt.c @@ -0,0 +1,495 @@ +/* + * X.509 certificate writing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * References: + * - certificates: RFC 5280, updated by RFC 6818 + * - CSRs: PKCS#10 v1.7 aka RFC 2986 + * - attributes: PKCS#9 v2.0 aka RFC 2985 + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_CRT_WRITE_C) + +#include "mbedtls/x509_crt.h" +#include "mbedtls/oid.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/sha1.h" +#include "mbedtls/platform_util.h" + +#include + +#if defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" +#endif /* MBEDTLS_PEM_WRITE_C */ + +void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); + + mbedtls_mpi_init( &ctx->serial ); + ctx->version = MBEDTLS_X509_CRT_VERSION_3; +} + +void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ) +{ + mbedtls_mpi_free( &ctx->serial ); + + mbedtls_asn1_free_named_data_list( &ctx->subject ); + mbedtls_asn1_free_named_data_list( &ctx->issuer ); + mbedtls_asn1_free_named_data_list( &ctx->extensions ); + + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_cert ) ); +} + +void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ) +{ + ctx->version = version; +} + +void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ) +{ + ctx->md_alg = md_alg; +} + +void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ) +{ + ctx->subject_key = key; +} + +void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ) +{ + ctx->issuer_key = key; +} + +int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, + const char *subject_name ) +{ + return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); +} + +int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, + const char *issuer_name ) +{ + return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name ); +} + +int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ) +{ + int ret; + + if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, + const char *not_after ) +{ + if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || + strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ) + { + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + } + strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); + strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); + ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; + ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; + + return( 0 ); +} + +int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, + const char *oid, size_t oid_len, + int critical, + const unsigned char *val, size_t val_len ) +{ + return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, + critical, val, val_len ); +} + +int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, + int is_ca, int max_pathlen ) +{ + int ret; + unsigned char buf[9]; + unsigned char *c = buf + sizeof(buf); + size_t len = 0; + + memset( buf, 0, sizeof(buf) ); + + if( is_ca && max_pathlen > 127 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + if( is_ca ) + { + if( max_pathlen >= 0 ) + { + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, max_pathlen ) ); + } + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) ); + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, + MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ), + 0, buf + sizeof(buf) - len, len ); +} + +#if defined(MBEDTLS_SHA1_C) +int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ) +{ + int ret; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ + unsigned char *c = buf + sizeof(buf); + size_t len = 0; + + memset( buf, 0, sizeof(buf) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); + + ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, + buf + sizeof( buf ) - 20 ); + if( ret != 0 ) + return( ret ); + c = buf + sizeof( buf ) - 20; + len = 20; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) ); + + return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, + MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ), + 0, buf + sizeof(buf) - len, len ); +} + +int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ) +{ + int ret; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ + unsigned char *c = buf + sizeof( buf ); + size_t len = 0; + + memset( buf, 0, sizeof(buf) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); + + ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, + buf + sizeof( buf ) - 20 ); + if( ret != 0 ) + return( ret ); + c = buf + sizeof( buf ) - 20; + len = 20; + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, + MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ), + 0, buf + sizeof( buf ) - len, len ); +} +#endif /* MBEDTLS_SHA1_C */ + +int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, + unsigned int key_usage ) +{ + unsigned char buf[5], ku[2]; + unsigned char *c; + int ret; + const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | + MBEDTLS_X509_KU_NON_REPUDIATION | + MBEDTLS_X509_KU_KEY_ENCIPHERMENT | + MBEDTLS_X509_KU_DATA_ENCIPHERMENT | + MBEDTLS_X509_KU_KEY_AGREEMENT | + MBEDTLS_X509_KU_KEY_CERT_SIGN | + MBEDTLS_X509_KU_CRL_SIGN | + MBEDTLS_X509_KU_ENCIPHER_ONLY | + MBEDTLS_X509_KU_DECIPHER_ONLY; + + /* Check that nothing other than the allowed flags is set */ + if( ( key_usage & ~allowed_bits ) != 0 ) + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + + c = buf + 5; + ku[0] = (unsigned char)( key_usage ); + ku[1] = (unsigned char)( key_usage >> 8 ); + ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); + + if( ret < 0 ) + return( ret ); + else if( ret < 3 || ret > 5 ) + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + + ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), + 1, c, (size_t)ret ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, + unsigned char ns_cert_type ) +{ + unsigned char buf[4]; + unsigned char *c; + int ret; + + c = buf + 4; + + ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); + if( ret < 3 || ret > 4 ) + return( ret ); + + ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), + 0, c, (size_t)ret ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +static int x509_write_time( unsigned char **p, unsigned char *start, + const char *t, size_t size ) +{ + int ret; + size_t len = 0; + + /* + * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter) + */ + if( t[0] == '2' && t[1] == '0' && t[2] < '5' ) + { + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, + (const unsigned char *) t + 2, + size - 2 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) ); + } + else + { + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, + (const unsigned char *) t, + size ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) ); + } + + return( (int) len ); +} + +int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + const char *sig_oid; + size_t sig_oid_len = 0; + unsigned char *c, *c2; + unsigned char hash[64]; + unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; + unsigned char tmp_buf[2048]; + size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; + size_t len = 0; + mbedtls_pk_type_t pk_alg; + + /* + * Prepare data to be signed in tmp_buf + */ + c = tmp_buf + sizeof( tmp_buf ); + + /* Signature algorithm needed in TBS, and later for actual signature */ + + /* There's no direct way of extracting a signature algorithm + * (represented as an element of mbedtls_pk_type_t) from a PK instance. */ + if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) ) + pk_alg = MBEDTLS_PK_RSA; + else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) ) + pk_alg = MBEDTLS_PK_ECDSA; + else + return( MBEDTLS_ERR_X509_INVALID_ALG ); + + if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, + &sig_oid, &sig_oid_len ) ) != 0 ) + { + return( ret ); + } + + /* + * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension + */ + + /* Only for v3 */ + if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 ) + { + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 3 ) ); + } + + /* + * SubjectPublicKeyInfo + */ + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->subject_key, + tmp_buf, c - tmp_buf ) ); + c -= pub_len; + len += pub_len; + + /* + * Subject ::= Name + */ + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) ); + + /* + * Validity ::= SEQUENCE { + * notBefore Time, + * notAfter Time } + */ + sub_len = 0; + + MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); + + MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); + + len += sub_len; + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + /* + * Issuer ::= Name + */ + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->issuer ) ); + + /* + * Signature ::= AlgorithmIdentifier + */ + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, tmp_buf, + sig_oid, strlen( sig_oid ), 0 ) ); + + /* + * Serial ::= INTEGER + */ + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, tmp_buf, &ctx->serial ) ); + + /* + * Version ::= INTEGER { v1(0), v2(1), v3(2) } + */ + + /* Can be omitted for v1 */ + if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 ) + { + sub_len = 0; + MBEDTLS_ASN1_CHK_ADD( sub_len, mbedtls_asn1_write_int( &c, tmp_buf, ctx->version ) ); + len += sub_len; + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + /* + * Make signature + */ + if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, + len, hash ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len, + f_rng, p_rng ) ) != 0 ) + { + return( ret ); + } + + /* + * Write data to output buffer + */ + c2 = buf + size; + MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf, + sig_oid, sig_oid_len, sig, sig_len ) ); + + if( len > (size_t)( c2 - buf ) ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + c2 -= len; + memcpy( c2, c, len ); + + len += sig_and_oid_len; + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + return( (int) len ); +} + +#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" +#define PEM_END_CRT "-----END CERTIFICATE-----\n" + +#if defined(MBEDTLS_PEM_WRITE_C) +int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + unsigned char output_buf[4096]; + size_t olen = 0; + + if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf), + f_rng, p_rng ) ) < 0 ) + { + return( ret ); + } + + if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, + output_buf + sizeof(output_buf) - ret, + ret, buf, size, &olen ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} +#endif /* MBEDTLS_PEM_WRITE_C */ + +#endif /* MBEDTLS_X509_CRT_WRITE_C */ diff --git a/library/x509write_csr.c b/library/x509write_csr.c new file mode 100644 index 000000000..8dc39e7a5 --- /dev/null +++ b/library/x509write_csr.c @@ -0,0 +1,287 @@ +/* + * X.509 Certificate Signing Request writing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * References: + * - CSRs: PKCS#10 v1.7 aka RFC 2986 + * - attributes: PKCS#9 v2.0 aka RFC 2985 + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_X509_CSR_WRITE_C) + +#include "mbedtls/x509_csr.h" +#include "mbedtls/oid.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/platform_util.h" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + +#include +#include + +#if defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" +#endif + +void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); +} + +void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) +{ + mbedtls_asn1_free_named_data_list( &ctx->subject ); + mbedtls_asn1_free_named_data_list( &ctx->extensions ); + + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) ); +} + +void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ) +{ + ctx->md_alg = md_alg; +} + +void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ) +{ + ctx->key = key; +} + +int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, + const char *subject_name ) +{ + return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); +} + +int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len, + const unsigned char *val, size_t val_len ) +{ + return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, + 0, val, val_len ); +} + +int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) +{ + unsigned char buf[4]; + unsigned char *c; + int ret; + + c = buf + 4; + + ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 ); + if( ret < 3 || ret > 4 ) + return( ret ); + + ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), + c, (size_t)ret ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, + unsigned char ns_cert_type ) +{ + unsigned char buf[4]; + unsigned char *c; + int ret; + + c = buf + 4; + + ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); + if( ret < 3 || ret > 4 ) + return( ret ); + + ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), + c, (size_t)ret ); + if( ret != 0 ) + return( ret ); + + return( 0 ); +} + +int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + const char *sig_oid; + size_t sig_oid_len = 0; + unsigned char *c, *c2; + unsigned char hash[64]; + unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; + unsigned char tmp_buf[2048]; + size_t pub_len = 0, sig_and_oid_len = 0, sig_len; + size_t len = 0; + mbedtls_pk_type_t pk_alg; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; + size_t hash_len; + psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* + * Prepare data to be signed in tmp_buf + */ + c = tmp_buf + sizeof( tmp_buf ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); + + if( len ) + { + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SET ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &c, tmp_buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, + MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + } + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ); + + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key, + tmp_buf, c - tmp_buf ) ); + c -= pub_len; + len += pub_len; + + /* + * Subject ::= Name + */ + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) ); + + /* + * Version ::= INTEGER { v1(0), v2(1), v3(2) } + */ + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, tmp_buf, 0 ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + /* + * Prepare signature + * Note: hash errors can happen only after an internal error + */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + + if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS ) + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + + if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) + != PSA_SUCCESS ) + { + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + } +#else /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); +#endif + if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, + f_rng, p_rng ) ) != 0 ) + { + return( ret ); + } + + if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) ) + pk_alg = MBEDTLS_PK_RSA; + else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) ) + pk_alg = MBEDTLS_PK_ECDSA; + else + return( MBEDTLS_ERR_X509_INVALID_ALG ); + + if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, + &sig_oid, &sig_oid_len ) ) != 0 ) + { + return( ret ); + } + + /* + * Write data to output buffer + */ + c2 = buf + size; + MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf, + sig_oid, sig_oid_len, sig, sig_len ) ); + + if( len > (size_t)( c2 - buf ) ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + + c2 -= len; + memcpy( c2, c, len ); + + len += sig_and_oid_len; + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + + return( (int) len ); +} + +#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" +#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" + +#if defined(MBEDTLS_PEM_WRITE_C) +int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + unsigned char output_buf[4096]; + size_t olen = 0; + + if( ( ret = mbedtls_x509write_csr_der( ctx, output_buf, sizeof(output_buf), + f_rng, p_rng ) ) < 0 ) + { + return( ret ); + } + + if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, + output_buf + sizeof(output_buf) - ret, + ret, buf, size, &olen ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} +#endif /* MBEDTLS_PEM_WRITE_C */ + +#endif /* MBEDTLS_X509_CSR_WRITE_C */ diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index c71ed7990..cc0d0e11a 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -47,6 +47,7 @@ #include "mbedtls/cmac.h" #include "mbedtls/compat-1.3.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/debug.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" #include "mbedtls/ecdh.h" @@ -66,12 +67,15 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/md_internal.h" +#include "mbedtls/net.h" +#include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" #include "mbedtls/padlock.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" #include "mbedtls/pk_internal.h" +#include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" #include "mbedtls/platform_time.h" @@ -84,6 +88,12 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_cache.h" +#include "mbedtls/ssl_ciphersuites.h" +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_internal.h" +#include "mbedtls/ssl_ticket.h" #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 29d7d843c..32194f5f0 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -53,6 +53,7 @@ #include "mbedtls/cipher.h" #include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/debug.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" #include "mbedtls/ecdh.h" @@ -71,11 +72,13 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/memory_buffer_alloc.h" +#include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" #include "mbedtls/padlock.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" +#include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" #include "mbedtls/platform_time.h" @@ -86,9 +89,19 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_cache.h" +#include "mbedtls/ssl_ciphersuites.h" +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_internal.h" +#include "mbedtls/ssl_ticket.h" #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" +#include "mbedtls/x509.h" +#include "mbedtls/x509_crl.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_csr.h" #include "mbedtls/xtea.h" #include diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 600f13030..064da4c38 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -53,6 +53,7 @@ #include "mbedtls/cipher.h" #include "mbedtls/cmac.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/debug.h" #include "mbedtls/des.h" #include "mbedtls/dhm.h" #include "mbedtls/ecdh.h" @@ -71,11 +72,13 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/memory_buffer_alloc.h" +#include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" #include "mbedtls/padlock.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" +#include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" #include "mbedtls/platform_time.h" @@ -86,9 +89,19 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_cache.h" +#include "mbedtls/ssl_ciphersuites.h" +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_internal.h" +#include "mbedtls/ssl_ticket.h" #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" +#include "mbedtls/x509.h" +#include "mbedtls/x509_crl.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_csr.h" #include "mbedtls/xtea.h" #include diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 8b771bff9..6e5bb741f 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -172,6 +172,7 @@ + @@ -192,12 +193,15 @@ + + + @@ -211,9 +215,19 @@ + + + + + + + + + + @@ -251,12 +265,14 @@ + + @@ -276,12 +292,14 @@ + + @@ -300,10 +318,24 @@ + + + + + + + + + + + + + + From 252e391cca6c11d161adec1b5424a831404f5949 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:33:58 +0100 Subject: [PATCH 2172/2197] Revert "config: Remove X.509 options" This reverts commit bb1f70121218b461a4197224d547e6bcfae4f991. * include/mbedtls/check_config.h: * MBEDTLS_X509_RSASSA_PSS_SUPPORT: there has been an addition (of MBEDTLS_SHA512_NO_SHA384) at the place where it was removed. Re-add it before MBEDTLS_SHA512_NO_SHA384 to keep it grouped with MBEDTLS_RSA_C. Conflicts: * scripts/config.pl: this file has been replaced by config.py. Port the reversed changes to config.py: * Revert removing three symbols from the list of symbols to exclude from full. --- configs/config-no-entropy.h | 5 + configs/config-psa-crypto.h | 208 ++++++++++++++++++++++++++++- configs/config-suite-b.h | 3 + include/mbedtls/check_config.h | 41 ++++++ include/mbedtls/config.h | 227 +++++++++++++++++++++++++++++++- library/version_features.c | 45 +++++++ programs/test/query_config.c | 120 +++++++++++++++++ scripts/config.py | 3 + tests/scripts/depends-pkalgs.pl | 5 +- 9 files changed, 653 insertions(+), 4 deletions(-) diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 502ca0320..433c663be 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -51,6 +51,8 @@ #define MBEDTLS_PKCS1_V21 #define MBEDTLS_SELF_TEST #define MBEDTLS_VERSION_FEATURES +#define MBEDTLS_X509_CHECK_KEY_USAGE +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE /* mbed TLS modules */ #define MBEDTLS_AES_C @@ -76,6 +78,9 @@ #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C #define MBEDTLS_VERSION_C +#define MBEDTLS_X509_USE_C +#define MBEDTLS_X509_CRT_PARSE_C +#define MBEDTLS_X509_CRL_PARSE_C //#define MBEDTLS_CMAC_C /* Miscellaneous options */ diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 3d6d7d311..8fe4567de 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1024,6 +1024,64 @@ */ #define MBEDTLS_VERSION_FEATURES +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * \warning Depending on your PKI use, enabling this can be a security risk! + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1154,7 +1212,8 @@ * Enable the generic ASN1 parser. * * Module: library/asn1.c - * Caller: library/dhm.c + * Caller: library/x509.c + * library/dhm.c * library/pkcs12.c * library/pkcs5.c * library/pkparse.c @@ -1169,6 +1228,9 @@ * Module: library/asn1write.c * Caller: library/ecdsa.c * library/pkwrite.c + * library/x509_create.c + * library/x509write_crt.c + * library/x509write_csr.c */ #define MBEDTLS_ASN1_WRITE_C @@ -1326,6 +1388,18 @@ */ #define MBEDTLS_CCM_C +/** + * \def MBEDTLS_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define MBEDTLS_CERTS_C + /** * \def MBEDTLS_CHACHA20_C * @@ -1694,6 +1768,13 @@ * library/pkparse.c * library/pkwrite.c * library/rsa.c + * library/x509.c + * library/x509_create.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * library/x509write_crt.c + * library/x509write_csr.c * * This modules translates between OIDs and internal values. */ @@ -1721,6 +1802,9 @@ * Module: library/pem.c * Caller: library/dhm.c * library/pkparse.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1735,6 +1819,8 @@ * * Module: library/pem.c * Caller: library/pkwrite.c + * library/x509write_crt.c + * library/x509write_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1761,6 +1847,8 @@ * Enable the generic public (asymetric) key parser. * * Module: library/pkparse.c + * Caller: library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_PK_C * @@ -1774,6 +1862,7 @@ * Enable the generic public (asymetric) key writer. * * Module: library/pkwrite.c + * Caller: library/x509write.c * * Requires: MBEDTLS_PK_C * @@ -1794,6 +1883,21 @@ */ #define MBEDTLS_PKCS5_C +/** + * \def MBEDTLS_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/pkcs11.c + * Caller: library/pk.c + * + * Requires: MBEDTLS_PK_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) + */ +//#define MBEDTLS_PKCS11_C + /** * \def MBEDTLS_PKCS12_C * @@ -1895,6 +1999,7 @@ * * Module: library/rsa.c * library/rsa_internal.c + * Caller: library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -1910,6 +2015,7 @@ * * Module: library/sha1.c * Caller: library/md.c + * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 * depending on the handshake parameters, and for SHA1-signed certificates. @@ -2004,6 +2110,106 @@ */ #define MBEDTLS_VERSION_C +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/x509_crl.c + * Caller: library/x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + /** * \def MBEDTLS_XTEA_C * diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 4faaa7718..dd9a2a019 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -66,9 +66,12 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C +#define MBEDTLS_X509_CRT_PARSE_C +#define MBEDTLS_X509_USE_C /* For test certificates */ #define MBEDTLS_BASE64_C +#define MBEDTLS_CERTS_C #define MBEDTLS_PEM_PARSE_C /* Save RAM at the expense of ROM */ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index c3a38301c..65a3cc8d4 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -270,6 +270,10 @@ #error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PKCS11_C) && !defined(MBEDTLS_PK_C) +#error "MBEDTLS_PKCS11_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C) #error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites" #endif @@ -510,6 +514,11 @@ #error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" #endif +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ + ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) ) +#error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SHA512_NO_SHA384) && !defined(MBEDTLS_SHA512_C) #error "MBEDTLS_SHA512_NO_SHA384 defined without MBEDTLS_SHA512_C" #endif @@ -541,6 +550,38 @@ #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" #endif +#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ + !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \ + !defined(MBEDTLS_PK_PARSE_C) ) +#error "MBEDTLS_X509_USE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ + !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \ + !defined(MBEDTLS_PK_WRITE_C) ) +#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) +#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) +#error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) +#error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) +#error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) +#error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64) #error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously" #endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index a728a31e5..f8788d89d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1125,6 +1125,83 @@ */ #define MBEDTLS_VERSION_FEATURES +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * \warning Depending on your PKI use, enabling this can be a security risk! + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK + * + * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` + * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure + * the set of trusted certificates through a callback instead of a linked + * list. + * + * This is useful for example in environments where a large number of trusted + * certificates is present and storing them in a linked list isn't efficient + * enough, or when the set of trusted certificates changes frequently. + * + * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and + * `mbedtls_ssl_conf_ca_cb()` for more information. + * + * Uncomment to enable trusted certificate callbacks. + */ +//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1255,7 +1332,8 @@ * Enable the generic ASN1 parser. * * Module: library/asn1.c - * Caller: library/dhm.c + * Caller: library/x509.c + * library/dhm.c * library/pkcs12.c * library/pkcs5.c * library/pkparse.c @@ -1270,6 +1348,9 @@ * Module: library/asn1write.c * Caller: library/ecdsa.c * library/pkwrite.c + * library/x509_create.c + * library/x509write_crt.c + * library/x509write_csr.c */ #define MBEDTLS_ASN1_WRITE_C @@ -1427,6 +1508,18 @@ */ #define MBEDTLS_CCM_C +/** + * \def MBEDTLS_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define MBEDTLS_CERTS_C + /** * \def MBEDTLS_CHACHA20_C * @@ -1799,6 +1892,13 @@ * library/pkparse.c * library/pkwrite.c * library/rsa.c + * library/x509.c + * library/x509_create.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * library/x509write_crt.c + * library/x509write_csr.c * * This modules translates between OIDs and internal values. */ @@ -1826,6 +1926,9 @@ * Module: library/pem.c * Caller: library/dhm.c * library/pkparse.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1840,6 +1943,8 @@ * * Module: library/pem.c * Caller: library/pkwrite.c + * library/x509write_crt.c + * library/x509write_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -1866,6 +1971,8 @@ * Enable the generic public (asymetric) key parser. * * Module: library/pkparse.c + * Caller: library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_PK_C * @@ -1879,6 +1986,7 @@ * Enable the generic public (asymetric) key writer. * * Module: library/pkwrite.c + * Caller: library/x509write.c * * Requires: MBEDTLS_PK_C * @@ -1899,6 +2007,21 @@ */ #define MBEDTLS_PKCS5_C +/** + * \def MBEDTLS_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/pkcs11.c + * Caller: library/pk.c + * + * Requires: MBEDTLS_PK_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) + */ +//#define MBEDTLS_PKCS11_C + /** * \def MBEDTLS_PKCS12_C * @@ -2020,6 +2143,7 @@ * * Module: library/rsa.c * library/rsa_internal.c + * Caller: library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2035,6 +2159,7 @@ * * Module: library/sha1.c * Caller: library/md.c + * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 * depending on the handshake parameters, and for SHA1-signed certificates. @@ -2129,6 +2254,106 @@ */ #define MBEDTLS_VERSION_C +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/x509_crl.c + * Caller: library/x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + /** * \def MBEDTLS_XTEA_C * diff --git a/library/version_features.c b/library/version_features.c index e2dc9b152..22089af70 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -429,6 +429,24 @@ static const char * const features[] = { #if defined(MBEDTLS_VERSION_FEATURES) "MBEDTLS_VERSION_FEATURES", #endif /* MBEDTLS_VERSION_FEATURES */ +#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) + "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", +#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ +#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", +#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + "MBEDTLS_X509_CHECK_KEY_USAGE", +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + "MBEDTLS_X509_RSASSA_PSS_SUPPORT", +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ #if defined(MBEDTLS_AESNI_C) "MBEDTLS_AESNI_C", #endif /* MBEDTLS_AESNI_C */ @@ -462,6 +480,9 @@ static const char * const features[] = { #if defined(MBEDTLS_CCM_C) "MBEDTLS_CCM_C", #endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CERTS_C) + "MBEDTLS_CERTS_C", +#endif /* MBEDTLS_CERTS_C */ #if defined(MBEDTLS_CHACHA20_C) "MBEDTLS_CHACHA20_C", #endif /* MBEDTLS_CHACHA20_C */ @@ -555,6 +576,9 @@ static const char * const features[] = { #if defined(MBEDTLS_PKCS5_C) "MBEDTLS_PKCS5_C", #endif /* MBEDTLS_PKCS5_C */ +#if defined(MBEDTLS_PKCS11_C) + "MBEDTLS_PKCS11_C", +#endif /* MBEDTLS_PKCS11_C */ #if defined(MBEDTLS_PKCS12_C) "MBEDTLS_PKCS12_C", #endif /* MBEDTLS_PKCS12_C */ @@ -600,6 +624,27 @@ static const char * const features[] = { #if defined(MBEDTLS_VERSION_C) "MBEDTLS_VERSION_C", #endif /* MBEDTLS_VERSION_C */ +#if defined(MBEDTLS_X509_USE_C) + "MBEDTLS_X509_USE_C", +#endif /* MBEDTLS_X509_USE_C */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + "MBEDTLS_X509_CRT_PARSE_C", +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_X509_CRL_PARSE_C) + "MBEDTLS_X509_CRL_PARSE_C", +#endif /* MBEDTLS_X509_CRL_PARSE_C */ +#if defined(MBEDTLS_X509_CSR_PARSE_C) + "MBEDTLS_X509_CSR_PARSE_C", +#endif /* MBEDTLS_X509_CSR_PARSE_C */ +#if defined(MBEDTLS_X509_CREATE_C) + "MBEDTLS_X509_CREATE_C", +#endif /* MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_X509_CRT_WRITE_C) + "MBEDTLS_X509_CRT_WRITE_C", +#endif /* MBEDTLS_X509_CRT_WRITE_C */ +#if defined(MBEDTLS_X509_CSR_WRITE_C) + "MBEDTLS_X509_CSR_WRITE_C", +#endif /* MBEDTLS_X509_CSR_WRITE_C */ #if defined(MBEDTLS_XTEA_C) "MBEDTLS_XTEA_C", #endif /* MBEDTLS_XTEA_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 32194f5f0..6dc4a003c 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1186,6 +1186,54 @@ int query_config( const char *config ) } #endif /* MBEDTLS_VERSION_FEATURES */ +#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) + if( strcmp( "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 ); + return( 0 ); + } +#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ + +#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + if( strcmp( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION ); + return( 0 ); + } +#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ); + return( 0 ); + } +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + if( strcmp( "MBEDTLS_X509_CHECK_KEY_USAGE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_KEY_USAGE ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ + +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + if( strcmp( "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT ); + return( 0 ); + } +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + #if defined(MBEDTLS_AESNI_C) if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) { @@ -1274,6 +1322,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CERTS_C) + if( strcmp( "MBEDTLS_CERTS_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CERTS_C ); + return( 0 ); + } +#endif /* MBEDTLS_CERTS_C */ + #if defined(MBEDTLS_CHACHA20_C) if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 ) { @@ -1522,6 +1578,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PKCS5_C */ +#if defined(MBEDTLS_PKCS11_C) + if( strcmp( "MBEDTLS_PKCS11_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS11_C ); + return( 0 ); + } +#endif /* MBEDTLS_PKCS11_C */ + #if defined(MBEDTLS_PKCS12_C) if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 ) { @@ -1642,6 +1706,62 @@ int query_config( const char *config ) } #endif /* MBEDTLS_VERSION_C */ +#if defined(MBEDTLS_X509_USE_C) + if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_USE_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_X509_CRL_PARSE_C) + if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CRL_PARSE_C */ + +#if defined(MBEDTLS_X509_CSR_PARSE_C) + if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + +#if defined(MBEDTLS_X509_CREATE_C) + if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CREATE_C */ + +#if defined(MBEDTLS_X509_CRT_WRITE_C) + if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CRT_WRITE_C */ + +#if defined(MBEDTLS_X509_CSR_WRITE_C) + if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C ); + return( 0 ); + } +#endif /* MBEDTLS_X509_CSR_WRITE_C */ + #if defined(MBEDTLS_XTEA_C) if( strcmp( "MBEDTLS_XTEA_C", config ) == 0 ) { diff --git a/scripts/config.py b/scripts/config.py index 6d4828a95..df2d3d51d 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -177,6 +177,7 @@ def include_in_full(name): 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', 'MBEDTLS_NO_PLATFORM_ENTROPY', 'MBEDTLS_NO_UDBL_DIVISION', + 'MBEDTLS_PKCS11_C', 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', 'MBEDTLS_PSA_CRYPTO_SE_C', @@ -185,6 +186,8 @@ def include_in_full(name): 'MBEDTLS_RSA_NO_CRT', 'MBEDTLS_SHA512_NO_SHA384', 'MBEDTLS_TEST_NULL_ENTROPY', + 'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3', + 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', ]: return False if name.endswith('_ALT'): diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl index 7fbd6d71e..c05edaacf 100755 --- a/tests/scripts/depends-pkalgs.pl +++ b/tests/scripts/depends-pkalgs.pl @@ -39,9 +39,10 @@ my %algs = ( 'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C', 'MBEDTLS_ECDH_C', 'MBEDTLS_ECJPAKE_C'], - 'MBEDTLS_PKCS1_V21' => [], + 'MBEDTLS_X509_RSASSA_PSS_SUPPORT' => [], + 'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], 'MBEDTLS_PKCS1_V15' => [], - 'MBEDTLS_RSA_C' => [], + 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], ); system( "cp $config_h $config_h.bak" ) and die; From 4e1174967abee9b5c3bd50dbc2be2e466b634018 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 18:56:08 +0100 Subject: [PATCH 2173/2197] Revert "config: Remove TLS and NET options" This reverts commit 1c66e48670b64b2ac598576cc08df3a715f3957b. Conflicts: * include/mbedtls/check_config.h: * MBEDTLS_SSL_PROTO_SSL3: there has been an addition (of MBEDTLS_SHA512_NO_SHA384) at the place where it was removed. Re-add it after (alphabetical order). * MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed. Re-add it after (alphabetical order). * MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it after (alphabetical order). * include/mbedtls/config.h: * MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed. Re-add it after (alphabetical order). * MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it after (alphabetical order). * library/version_features.c: re-generate by running scripts/generate_features.pl. * programs/test/query_config.c: re-generate by running scripts/generate_query_config.pl. * scripts/config.pl: this file has been replaced by config.py. Port the reversed changes to config.py: * Revert removing three symbols from the list of symbols to exclude from full. * Revert removing one symbol (MBEDTLS_NET_C) from the list of symbols to exclude from baremetal. * scripts/footprint.sh: * Re-add the line to unset MBEDTLS_NET_C, but with config.py instead of config.pl. * tests/scripts/all.sh: * component_test_no_platform: re-add the line to unset MBEDTLS_NET_C, but with config.py instead of config.pl. * component_build_arm_none_eabi_gcc, component_build_arm_none_eabi_gcc_no_udbl_division, component_build_arm_none_eabi_gcc_no_64bit_multiplication, component_build_armcc: these components now use the baremetal configuration, so they do not need to turn off MBEDTLS_NET_C explicitly. --- configs/README.txt | 4 +- configs/config-no-entropy.h | 1 + configs/config-psa-crypto.h | 1401 +++++++++++++++++++++++++----- configs/config-suite-b.h | 21 +- include/mbedtls/check_config.h | 180 +++- include/mbedtls/config.h | 1413 ++++++++++++++++++++++++++----- library/version_features.c | 153 ++++ programs/test/query_config.c | 512 +++++++++++ scripts/config.py | 5 + scripts/footprint.sh | 1 + tests/scripts/all.sh | 1 + tests/scripts/depends-pkalgs.pl | 20 +- 12 files changed, 3320 insertions(+), 392 deletions(-) diff --git a/configs/README.txt b/configs/README.txt index 17682ddb8..933fa7f21 100644 --- a/configs/README.txt +++ b/configs/README.txt @@ -1,8 +1,8 @@ This directory contains example configuration files. The examples are generally focused on a particular usage case (eg, support for -a restricted number of TLS ciphersuites) and aim at minimizing resource usage -for this target. They can be used as a basis for custom configurations. +a restricted number of ciphersuites) and aim at minimizing resource usage for +this target. They can be used as a basis for custom configurations. These files are complete replacements for the default config.h. To use one of them, you can pick one of the following methods: diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 433c663be..d8cc1ab41 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -41,6 +41,7 @@ /* mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_PADDING_PKCS7 +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_ECP_DP_CURVE25519_ENABLED diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 8fe4567de..f007ceec3 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -614,28 +614,29 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA + * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA * - * Uncomment this macro to enable the NULL cipher + * Uncomment this macro to enable the NULL cipher and ciphersuites */ //#define MBEDTLS_CIPHER_NULL_CIPHER @@ -655,6 +656,37 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -726,6 +758,281 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + * + * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Requires: MBEDTLS_ECJPAKE_C + * MBEDTLS_SHA256_C + * MBEDTLS_ECP_DP_SECP256R1_ENABLED + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + */ +//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -971,6 +1278,373 @@ */ //#define MBEDTLS_SHA256_SMALLER +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + +/** + * \def MBEDTLS_SSL_ASYNC_PRIVATE + * + * Enable asynchronous external private key operations in SSL. This allows + * you to configure an SSL connection to call an external cryptographic + * module to perform private key operations instead of performing the + * operation inside the library. + * + */ +//#define MBEDTLS_SSL_ASYNC_PRIVATE + +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Enable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + * + * \note Even if this option is disabled, both client and server are aware + * of the Renegotiation Indication Extension (RFC 5746) used to + * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). + * (See \c mbedtls_ssl_conf_legacy_renegotiation for the + * configuration of this extension). + * + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +//#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + * + * Enable server-side support for clients that reconnect from the same port. + * + * Some clients unexpectedly close the connection and try to reconnect using the + * same source port. This needs special support from the server to handle the + * new connection securely, as described in section 4.2.8 of RFC 6347. This + * flag enables that support. + * + * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Comment this to disable support for clients reusing the source port. + */ +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintenance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_EXPORT_KEYS + * + * Enable support for exporting key block and master secret. + * This is required for certain users of TLS, e.g. EAP-TLS. + * + * Comment this macro to disable support for key export + */ +#define MBEDTLS_SSL_EXPORT_KEYS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + * + * Fallback to old (pre-2.7), non-conforming implementation of the truncated + * HMAC extension which also truncates the HMAC key. Note that this option is + * only meant for a transitory upgrade period and is likely to be removed in + * a future version of the library. + * + * \warning The old implementation is non-compliant and has a security weakness + * (2^80 brute force attack on the HMAC key used for a single, + * uninterrupted connection). This should only be enabled temporarily + * when (1) the use of truncated HMAC is essential in order to save + * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use + * the fixed implementation yet (pre-2.7). + * + * \deprecated This option is deprecated and will likely be removed in a + * future version of Mbed TLS. + * + * Uncomment to fallback to old, non-compliant truncated HMAC implementation. + * + * Requires: MBEDTLS_SSL_TRUNCATED_HMAC + */ +//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + /** * \def MBEDTLS_THREADING_ALT * @@ -1082,6 +1756,31 @@ * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * \deprecated This feature is deprecated and will be removed + * in the next major revision of the library. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1115,65 +1814,66 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1187,17 +1887,18 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1257,6 +1958,7 @@ * library/ecdsa.c * library/rsa.c * library/rsa_internal.c + * library/ssl_tls.c * * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. */ @@ -1279,49 +1981,50 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ #define MBEDTLS_CAMELLIA_C @@ -1333,45 +2036,47 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * + * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ //#define MBEDTLS_ARIA_C @@ -1384,7 +2089,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-CCM ciphersuites in TLS. + * This module enables the AES-CCM ciphersuites, if other requisites are + * enabled as well. */ #define MBEDTLS_CCM_C @@ -1426,6 +2132,7 @@ * Enable the generic cipher layer. * * Module: library/cipher.c + * Caller: library/ssl_tls.c * * Uncomment to enable generic cipher wrappers. */ @@ -1460,6 +2167,20 @@ */ #define MBEDTLS_CTR_DRBG_C +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + /** * \def MBEDTLS_DES_C * @@ -1469,17 +2190,18 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1494,6 +2216,8 @@ * Enable the Diffie-Hellman-Merkle module. * * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c * * This module is used by the following key exchanges: * DHE-RSA, DHE-PSK @@ -1513,6 +2237,8 @@ * Enable the elliptic curve Diffie-Hellman library. * * Module: library/ecdh.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c * * This module is used by the following key exchanges: * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK @@ -1604,8 +2330,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in - * TLS. + * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other + * requisites are enabled as well. */ #define MBEDTLS_GCM_C @@ -1728,6 +2454,7 @@ * Module: library/md5.c * Caller: library/md.c * library/pem.c + * library/ssl_tls.c * * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 * depending on the handshake parameters. Further, it is used for checking @@ -1757,6 +2484,25 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP and UDP over IPv6/IPv4 networking routines. + * + * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) + * and Windows. For other platforms, you'll want to disable it, and write your + * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/net_sockets.c + * + * This module provides networking routines. + */ +#define MBEDTLS_NET_C + /** * \def MBEDTLS_OID_C * @@ -1834,6 +2580,9 @@ * Enable the generic public (asymetric) key layer. * * Module: library/pk.c + * Caller: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c * * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C * @@ -1999,7 +2748,10 @@ * * Module: library/rsa.c * library/rsa_internal.c - * Caller: library/x509.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2015,6 +2767,9 @@ * * Module: library/sha1.c * Caller: library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 @@ -2035,6 +2790,9 @@ * Module: library/sha256.c * Caller: library/entropy.c * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c * * This module adds support for SHA-224 and SHA-256. * This module is required for the SSL/TLS 1.2 PRF function. @@ -2049,11 +2807,91 @@ * Module: library/sha512.c * Caller: library/entropy.c * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c * * This module adds support for SHA-384 and SHA-512. */ #define MBEDTLS_SHA512_C +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + /** * \def MBEDTLS_THREADING_C * @@ -2083,9 +2921,9 @@ * * \note The provided implementation only works on POSIX/Unix (including Linux, * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by Mbed - * TLS's \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and - * provide your own implementation of the whole module by setting + * module and provide your own implementations of the callbacks needed by + * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide + * your own implementation of the whole module by setting * \c MBEDTLS_TIMING_ALT in the current file. * * \note See also our Knowledge Base article about porting to a new @@ -2299,6 +3137,187 @@ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +/** + * \brief This macro is invoked by the library when an invalid parameter + * is detected that is only checked with MBEDTLS_CHECK_PARAMS + * (see the documentation of that option for context). + * + * When you leave this undefined here, a default definition is + * provided that invokes the function mbedtls_param_failed(), + * which is declared in platform_util.h for the benefit of the + * library, but that you need to define in your application. + * + * When you define this here, this replaces the default + * definition in platform_util.h (which no longer declares the + * function mbedtls_param_failed()) and it is your responsibility + * to make sure this macro expands to something suitable (in + * particular, that all the necessary declarations are visible + * from within the library - you can ensure that by providing + * them in this file next to the macro definition). + * + * Note that you may define this macro to expand to nothing, in + * which case you don't have to worry about declarations or + * definitions. However, you will then be notified about invalid + * parameters only in non-void functions, and void function will + * just silently return early on invalid parameters, which + * partially negates the benefits of enabling + * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. + * + * \param cond The expression that should evaluate to true, but doesn't. + */ +//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) + +/* SSL Cache options */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +/* SSL options */ + +/** \def MBEDTLS_SSL_MAX_CONTENT_LEN + * + * Maximum length (in bytes) of incoming and outgoing plaintext fragments. + * + * This determines the size of both the incoming and outgoing TLS I/O buffers + * in such a way that both are capable of holding the specified amount of + * plaintext data, regardless of the protection mechanism used. + * + * To configure incoming and outgoing I/O buffers separately, use + * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, + * which overwrite the value set by this option. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of both + * incoming and outgoing I/O buffers. + */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_IN_CONTENT_LEN + * + * Maximum length (in bytes) of incoming plaintext fragments. + * + * This determines the size of the incoming TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option is undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of the incoming I/O buffer + * independently of the outgoing I/O buffer. + */ +//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_OUT_CONTENT_LEN + * + * Maximum length (in bytes) of outgoing plaintext fragments. + * + * This determines the size of the outgoing TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * It is possible to save RAM by setting a smaller outward buffer, while keeping + * the default inward 16384 byte buffer to conform to the TLS specification. + * + * The minimum required outward buffer size is determined by the handshake + * protocol's usage. Handshaking will fail if the outward buffer is too small. + * The specific size requirement depends on the configured ciphers and any + * certificate data which is sent during the handshake. + * + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer + * independently of the incoming I/O buffer. + */ +//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING + * + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + * + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * + */ +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 + +//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ + +/** + * Complete list of ciphersuites to use, in order of preference. + * + * \warning No dependency checking is done on that field! This option can only + * be used to restrict the set of available ciphersuites. It is your + * responsibility to make sure the needed modules are active. + * + * Use this to save a few hundred bytes of ROM (default ordering of all + * available ciphersuites) and a few to a few hundred bytes of RAM. + * + * The value below is only an example, not the default. + */ +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* X509 options */ +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ + +/** + * Allow SHA-1 in the default TLS configuration for certificate signing. + * Without this build-time option, SHA-1 support must be activated explicitly + * through mbedtls_ssl_conf_cert_profile. Turning on this option is not + * recommended because of it is possible to generate SHA-1 collisions, however + * this may be safe for legacy infrastructure where additional controls apply. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + +/** + * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake + * signature and ciphersuite selection. Without this build-time option, SHA-1 + * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. + * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by + * default. At the time of writing, there is no practical attack on the use + * of SHA-1 in handshake signatures, hence this option is turned on by default + * to preserve compatibility with existing peers, but the general + * warning applies nonetheless: + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + /** * Uncomment the macro to let mbed TLS use your alternate implementation of * mbedtls_platform_zeroize(). This replaces the default implementation in diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index dd9a2a019..18e2c4036 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -22,8 +22,7 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ /* - * Minimal configuration for the crypto required for TLS NSA Suite B Profile - * (RFC 6460) + * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) * * Distinguishing features: * - no RSA or classic DH, fully based on ECC @@ -46,6 +45,8 @@ /* mbed TLS feature support */ #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#define MBEDTLS_SSL_PROTO_TLS1_2 /* mbed TLS modules */ #define MBEDTLS_AES_C @@ -66,6 +67,9 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C #define MBEDTLS_X509_CRT_PARSE_C #define MBEDTLS_X509_USE_C @@ -95,6 +99,19 @@ */ #define MBEDTLS_ENTROPY_MAX_SOURCES 2 +/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ +#define MBEDTLS_SSL_CIPHERSUITES \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See coments in "mbedtls/ssl.h".) + * The minimum size here depends on the certificate chain used as well as the + * typical size of records. + */ +#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 65a3cc8d4..ca36395c0 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -57,8 +57,9 @@ #endif #endif /* _WIN32 */ -#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_TIMING_C) -#error "The TIMING module is not available for mbed OS - please use the timing functions provided by Mbed OS" +#if defined(TARGET_LIKE_MBED) && \ + ( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) ) +#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS" #endif #if defined(MBEDTLS_DEPRECATED_WARNING) && \ @@ -82,6 +83,10 @@ #error "MBEDTLS_DHM_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) && !defined(MBEDTLS_SSL_TRUNCATED_HMAC) +#error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_CMAC_C) && \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) #error "MBEDTLS_CMAC_C defined, but not all prerequisites" @@ -232,6 +237,69 @@ #error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C) +#error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ + !defined(MBEDTLS_ECDH_C) +#error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + ( !defined(MBEDTLS_DHM_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ + ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ + ( !defined(MBEDTLS_ECJPAKE_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ) +#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) && \ + !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) && \ + ( !defined(MBEDTLS_SHA256_C) && \ + !defined(MBEDTLS_SHA512_C) && \ + !defined(MBEDTLS_SHA1_C) ) +#error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires MBEDTLS_SHA512_C, MBEDTLS_SHA256_C or MBEDTLS_SHA1_C" +#endif + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) #error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" @@ -523,6 +591,114 @@ #error "MBEDTLS_SHA512_NO_SHA384 defined without MBEDTLS_SHA512_C" #endif +#if defined(MBEDTLS_SSL_PROTO_SSL3) && ( !defined(MBEDTLS_MD5_C) || \ + !defined(MBEDTLS_SHA1_C) ) +#error "MBEDTLS_SSL_PROTO_SSL3 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \ + !defined(MBEDTLS_SHA1_C) ) +#error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) && ( !defined(MBEDTLS_MD5_C) || \ + !defined(MBEDTLS_SHA1_C) ) +#error "MBEDTLS_SSL_PROTO_TLS1_1 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && ( !defined(MBEDTLS_SHA1_C) && \ + !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) ) +#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C) +#error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \ + !defined(MBEDTLS_MD_C) ) +#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C) +#error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (!defined(MBEDTLS_SSL_PROTO_SSL3) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1) && !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2)) +#error "MBEDTLS_SSL_TLS_C defined, but no protocols are active" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1)) +#error "Illegal protocol selection" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_TLS1) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_SSL_PROTO_TLS1_1)) +#error "Illegal protocol selection" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && (!defined(MBEDTLS_SSL_PROTO_TLS1) || \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1))) +#error "Illegal protocol selection" +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS) +#error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \ + !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +#error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) && \ + ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) +#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \ + ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) +#error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" +#endif + +#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C) +#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \ + !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1) +#error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ + !defined(MBEDTLS_X509_CRT_PARSE_C) +#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_THREADING_PTHREAD) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f8788d89d..617e9137c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -648,28 +648,29 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA + * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA * - * Uncomment this macro to enable the NULL cipher + * Uncomment this macro to enable the NULL cipher and ciphersuites */ //#define MBEDTLS_CIPHER_NULL_CIPHER @@ -696,6 +697,57 @@ */ //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES + * + * Remove 3DES ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on 3DES from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible + * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including + * them explicitly. + * + * A man-in-the-browser attacker can recover authentication tokens sent through + * a TLS connection using a 3DES based cipher suite (see "On the Practical + * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan + * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls + * in your threat model or you are unsure, then you should keep this option + * enabled to remove 3DES based cipher suites. + * + * Comment this macro to keep 3DES in the default ciphersuite list. + */ +#define MBEDTLS_REMOVE_3DES_CIPHERSUITES + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -796,6 +848,281 @@ */ #define MBEDTLS_ECDSA_DETERMINISTIC +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + * + * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Requires: MBEDTLS_ECJPAKE_C + * MBEDTLS_SHA256_C + * MBEDTLS_ECP_DP_SECP256R1_ENABLED + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + */ +//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + /** * \def MBEDTLS_PK_PARSE_EC_EXTENDED * @@ -1063,6 +1390,395 @@ */ //#define MBEDTLS_SHA512_NO_SHA384 +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + +/** + * \def MBEDTLS_SSL_ASYNC_PRIVATE + * + * Enable asynchronous external private key operations in SSL. This allows + * you to configure an SSL connection to call an external cryptographic + * module to perform private key operations instead of performing the + * operation inside the library. + * + */ +//#define MBEDTLS_SSL_ASYNC_PRIVATE + +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE + * + * This option controls the availability of the API mbedtls_ssl_get_peer_cert() + * giving access to the peer's certificate after completion of the handshake. + * + * Unless you need mbedtls_ssl_peer_cert() in your application, it is + * recommended to disable this option for reduced RAM usage. + * + * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still + * defined, but always returns \c NULL. + * + * \note This option has no influence on the protection against the + * triple handshake attack. Even if it is disabled, Mbed TLS will + * still ensure that certificates do not change during renegotiation, + * for exaple by keeping a hash of the peer's certificate. + * + * Comment this macro to disable storing the peer's certificate + * after the handshake. + */ +#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Enable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + * + * \note Even if this option is disabled, both client and server are aware + * of the Renegotiation Indication Extension (RFC 5746) used to + * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). + * (See \c mbedtls_ssl_conf_legacy_renegotiation for the + * configuration of this extension). + * + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +//#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + * + * Enable server-side support for clients that reconnect from the same port. + * + * Some clients unexpectedly close the connection and try to reconnect using the + * same source port. This needs special support from the server to handle the + * new connection securely, as described in section 4.2.8 of RFC 6347. This + * flag enables that support. + * + * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Comment this to disable support for clients reusing the source port. + */ +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintenance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_EXPORT_KEYS + * + * Enable support for exporting key block and master secret. + * This is required for certain users of TLS, e.g. EAP-TLS. + * + * Comment this macro to disable support for key export + */ +#define MBEDTLS_SSL_EXPORT_KEYS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + * + * Fallback to old (pre-2.7), non-conforming implementation of the truncated + * HMAC extension which also truncates the HMAC key. Note that this option is + * only meant for a transitory upgrade period and is likely to be removed in + * a future version of the library. + * + * \warning The old implementation is non-compliant and has a security weakness + * (2^80 brute force attack on the HMAC key used for a single, + * uninterrupted connection). This should only be enabled temporarily + * when (1) the use of truncated HMAC is essential in order to save + * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use + * the fixed implementation yet (pre-2.7). + * + * \deprecated This option is deprecated and will likely be removed in a + * future version of Mbed TLS. + * + * Uncomment to fallback to old, non-compliant truncated HMAC implementation. + * + * Requires: MBEDTLS_SSL_TRUNCATED_HMAC + */ +//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + /** * \def MBEDTLS_THREADING_ALT * @@ -1202,6 +1918,31 @@ * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * \deprecated This feature is deprecated and will be removed + * in the next major revision of the library. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT /* \} name SECTION: mbed TLS feature support */ /** @@ -1235,65 +1976,66 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1307,17 +2049,18 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1377,6 +2120,7 @@ * library/ecdsa.c * library/rsa.c * library/rsa_internal.c + * library/ssl_tls.c * * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. */ @@ -1399,49 +2143,50 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 */ #define MBEDTLS_CAMELLIA_C @@ -1453,45 +2198,47 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * + * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ //#define MBEDTLS_ARIA_C @@ -1504,7 +2251,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-CCM ciphersuites in TLS. + * This module enables the AES-CCM ciphersuites, if other requisites are + * enabled as well. */ #define MBEDTLS_CCM_C @@ -1546,6 +2294,7 @@ * Enable the generic cipher layer. * * Module: library/cipher.c + * Caller: library/ssl_tls.c * * Uncomment to enable generic cipher wrappers. */ @@ -1584,6 +2333,20 @@ */ #define MBEDTLS_CTR_DRBG_C +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + /** * \def MBEDTLS_DES_C * @@ -1593,17 +2356,18 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1618,6 +2382,8 @@ * Enable the Diffie-Hellman-Merkle module. * * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c * * This module is used by the following key exchanges: * DHE-RSA, DHE-PSK @@ -1637,6 +2403,8 @@ * Enable the elliptic curve Diffie-Hellman library. * * Module: library/ecdh.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c * * This module is used by the following key exchanges: * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK @@ -1728,8 +2496,8 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_ARIA_C * - * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in - * TLS. + * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other + * requisites are enabled as well. */ #define MBEDTLS_GCM_C @@ -1852,6 +2620,7 @@ * Module: library/md5.c * Caller: library/md.c * library/pem.c + * library/ssl_tls.c * * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 * depending on the handshake parameters. Further, it is used for checking @@ -1881,6 +2650,25 @@ */ //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP and UDP over IPv6/IPv4 networking routines. + * + * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) + * and Windows. For other platforms, you'll want to disable it, and write your + * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/net_sockets.c + * + * This module provides networking routines. + */ +#define MBEDTLS_NET_C + /** * \def MBEDTLS_OID_C * @@ -1958,6 +2746,9 @@ * Enable the generic public (asymetric) key layer. * * Module: library/pk.c + * Caller: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c * * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C * @@ -2143,7 +2934,10 @@ * * Module: library/rsa.c * library/rsa_internal.c - * Caller: library/x509.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK @@ -2159,6 +2953,9 @@ * * Module: library/sha1.c * Caller: library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 @@ -2179,6 +2976,9 @@ * Module: library/sha256.c * Caller: library/entropy.c * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c * * This module adds support for SHA-224 and SHA-256. * This module is required for the SSL/TLS 1.2 PRF function. @@ -2193,11 +2993,91 @@ * Module: library/sha512.c * Caller: library/entropy.c * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c * * This module adds support for SHA-384 and SHA-512. */ #define MBEDTLS_SHA512_C +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + /** * \def MBEDTLS_THREADING_C * @@ -2227,9 +3107,9 @@ * * \note The provided implementation only works on POSIX/Unix (including Linux, * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by Mbed - * TLS's \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and - * provide your own implementation of the whole module by setting + * module and provide your own implementations of the callbacks needed by + * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide + * your own implementation of the whole module by setting * \c MBEDTLS_TIMING_ALT in the current file. * * \note See also our Knowledge Base article about porting to a new @@ -2478,6 +3358,157 @@ */ //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) +/* SSL Cache options */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +/* SSL options */ + +/** \def MBEDTLS_SSL_MAX_CONTENT_LEN + * + * Maximum length (in bytes) of incoming and outgoing plaintext fragments. + * + * This determines the size of both the incoming and outgoing TLS I/O buffers + * in such a way that both are capable of holding the specified amount of + * plaintext data, regardless of the protection mechanism used. + * + * To configure incoming and outgoing I/O buffers separately, use + * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, + * which overwrite the value set by this option. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of both + * incoming and outgoing I/O buffers. + */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_IN_CONTENT_LEN + * + * Maximum length (in bytes) of incoming plaintext fragments. + * + * This determines the size of the incoming TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option is undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of the incoming I/O buffer + * independently of the outgoing I/O buffer. + */ +//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_OUT_CONTENT_LEN + * + * Maximum length (in bytes) of outgoing plaintext fragments. + * + * This determines the size of the outgoing TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * It is possible to save RAM by setting a smaller outward buffer, while keeping + * the default inward 16384 byte buffer to conform to the TLS specification. + * + * The minimum required outward buffer size is determined by the handshake + * protocol's usage. Handshaking will fail if the outward buffer is too small. + * The specific size requirement depends on the configured ciphers and any + * certificate data which is sent during the handshake. + * + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer + * independently of the incoming I/O buffer. + */ +//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING + * + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + * + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * + */ +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 + +//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ + +/** + * Complete list of ciphersuites to use, in order of preference. + * + * \warning No dependency checking is done on that field! This option can only + * be used to restrict the set of available ciphersuites. It is your + * responsibility to make sure the needed modules are active. + * + * Use this to save a few hundred bytes of ROM (default ordering of all + * available ciphersuites) and a few to a few hundred bytes of RAM. + * + * The value below is only an example, not the default. + */ +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* X509 options */ +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ + +/** + * Allow SHA-1 in the default TLS configuration for certificate signing. + * Without this build-time option, SHA-1 support must be activated explicitly + * through mbedtls_ssl_conf_cert_profile. Turning on this option is not + * recommended because of it is possible to generate SHA-1 collisions, however + * this may be safe for legacy infrastructure where additional controls apply. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + +/** + * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake + * signature and ciphersuite selection. Without this build-time option, SHA-1 + * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. + * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by + * default. At the time of writing, there is no practical attack on the use + * of SHA-1 in handshake signatures, hence this option is turned on by default + * to preserve compatibility with existing peers, but the general + * warning applies nonetheless: + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + /** * Uncomment the macro to let mbed TLS use your alternate implementation of * mbedtls_platform_zeroize(). This replaces the default implementation in diff --git a/library/version_features.c b/library/version_features.c index 22089af70..de3457e27 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -303,6 +303,15 @@ static const char * const features[] = { #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ +#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) + "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", +#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ +#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) + "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", +#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ +#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) + "MBEDTLS_REMOVE_3DES_CIPHERSUITES", +#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) "MBEDTLS_ECP_DP_SECP192R1_ENABLED", #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ @@ -354,6 +363,39 @@ static const char * const features[] = { #if defined(MBEDTLS_ECDSA_DETERMINISTIC) "MBEDTLS_ECDSA_DETERMINISTIC", #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) "MBEDTLS_PK_PARSE_EC_EXTENDED", #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ @@ -417,6 +459,90 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA512_NO_SHA384) "MBEDTLS_SHA512_NO_SHA384", #endif /* MBEDTLS_SHA512_NO_SHA384 */ +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + "MBEDTLS_SSL_ALL_ALERT_MESSAGES", +#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + "MBEDTLS_SSL_ASYNC_PRIVATE", +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#if defined(MBEDTLS_SSL_DEBUG_ALL) + "MBEDTLS_SSL_DEBUG_ALL", +#endif /* MBEDTLS_SSL_DEBUG_ALL */ +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + "MBEDTLS_SSL_ENCRYPT_THEN_MAC", +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + "MBEDTLS_SSL_FALLBACK_SCSV", +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + "MBEDTLS_SSL_HW_RECORD_ACCEL", +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + "MBEDTLS_SSL_CBC_RECORD_SPLITTING", +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + "MBEDTLS_SSL_RENEGOTIATION", +#endif /* MBEDTLS_SSL_RENEGOTIATION */ +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) + "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", +#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", +#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + "MBEDTLS_SSL_PROTO_SSL3", +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) + "MBEDTLS_SSL_PROTO_TLS1", +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) + "MBEDTLS_SSL_PROTO_TLS1_1", +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + "MBEDTLS_SSL_PROTO_TLS1_2", +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + "MBEDTLS_SSL_PROTO_DTLS", +#endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_ALPN) + "MBEDTLS_SSL_ALPN", +#endif /* MBEDTLS_SSL_ALPN */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + "MBEDTLS_SSL_DTLS_ANTI_REPLAY", +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + "MBEDTLS_SSL_DTLS_HELLO_VERIFY", +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + "MBEDTLS_SSL_SESSION_TICKETS", +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + "MBEDTLS_SSL_EXPORT_KEYS", +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + "MBEDTLS_SSL_SERVER_NAME_INDICATION", +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + "MBEDTLS_SSL_TRUNCATED_HMAC", +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) + "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */ #if defined(MBEDTLS_THREADING_ALT) "MBEDTLS_THREADING_ALT", #endif /* MBEDTLS_THREADING_ALT */ @@ -447,6 +573,9 @@ static const char * const features[] = { #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) "MBEDTLS_X509_RSASSA_PSS_SUPPORT", #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#if defined(MBEDTLS_ZLIB_SUPPORT) + "MBEDTLS_ZLIB_SUPPORT", +#endif /* MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_AESNI_C) "MBEDTLS_AESNI_C", #endif /* MBEDTLS_AESNI_C */ @@ -498,6 +627,9 @@ static const char * const features[] = { #if defined(MBEDTLS_CTR_DRBG_C) "MBEDTLS_CTR_DRBG_C", #endif /* MBEDTLS_CTR_DRBG_C */ +#if defined(MBEDTLS_DEBUG_C) + "MBEDTLS_DEBUG_C", +#endif /* MBEDTLS_DEBUG_C */ #if defined(MBEDTLS_DES_C) "MBEDTLS_DES_C", #endif /* MBEDTLS_DES_C */ @@ -552,6 +684,9 @@ static const char * const features[] = { #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) "MBEDTLS_MEMORY_BUFFER_ALLOC_C", #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ +#if defined(MBEDTLS_NET_C) + "MBEDTLS_NET_C", +#endif /* MBEDTLS_NET_C */ #if defined(MBEDTLS_OID_C) "MBEDTLS_OID_C", #endif /* MBEDTLS_OID_C */ @@ -615,6 +750,24 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA512_C) "MBEDTLS_SHA512_C", #endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_SSL_CACHE_C) + "MBEDTLS_SSL_CACHE_C", +#endif /* MBEDTLS_SSL_CACHE_C */ +#if defined(MBEDTLS_SSL_COOKIE_C) + "MBEDTLS_SSL_COOKIE_C", +#endif /* MBEDTLS_SSL_COOKIE_C */ +#if defined(MBEDTLS_SSL_TICKET_C) + "MBEDTLS_SSL_TICKET_C", +#endif /* MBEDTLS_SSL_TICKET_C */ +#if defined(MBEDTLS_SSL_CLI_C) + "MBEDTLS_SSL_CLI_C", +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + "MBEDTLS_SSL_SRV_C", +#endif /* MBEDTLS_SSL_SRV_C */ +#if defined(MBEDTLS_SSL_TLS_C) + "MBEDTLS_SSL_TLS_C", +#endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_THREADING_C) "MBEDTLS_THREADING_C", #endif /* MBEDTLS_THREADING_C */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 6dc4a003c..a76224a84 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -850,6 +850,30 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ +#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) + if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES ); + return( 0 ); + } +#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ + +#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) + if( strcmp( "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_ARC4_CIPHERSUITES ); + return( 0 ); + } +#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ + +#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) + if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_3DES_CIPHERSUITES ); + return( 0 ); + } +#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ + #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) { @@ -986,6 +1010,94 @@ int query_config( const char *config ) } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 ) { @@ -1154,6 +1266,230 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA512_NO_SHA384 */ +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DEBUG_ALL */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + if( strcmp( "MBEDTLS_SSL_FALLBACK_SCSV", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_FALLBACK_SCSV ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( strcmp( "MBEDTLS_SSL_HW_RECORD_ACCEL", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_HW_RECORD_ACCEL ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + if( strcmp( "MBEDTLS_SSL_CBC_RECORD_SPLITTING", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CBC_RECORD_SPLITTING ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) + if( strcmp( "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ + +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + if( strcmp( "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( strcmp( "MBEDTLS_SSL_PROTO_SSL3", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_SSL3 ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) + if( strcmp( "MBEDTLS_SSL_PROTO_TLS1", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1 ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_1", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_1 ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_ALPN) + if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_ALPN */ + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + if( strcmp( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_BADMAC_LIMIT ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) + if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */ + #if defined(MBEDTLS_THREADING_ALT) if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) { @@ -1234,6 +1570,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#if defined(MBEDTLS_ZLIB_SUPPORT) + if( strcmp( "MBEDTLS_ZLIB_SUPPORT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ZLIB_SUPPORT ); + return( 0 ); + } +#endif /* MBEDTLS_ZLIB_SUPPORT */ + #if defined(MBEDTLS_AESNI_C) if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) { @@ -1370,6 +1714,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CTR_DRBG_C */ +#if defined(MBEDTLS_DEBUG_C) + if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C ); + return( 0 ); + } +#endif /* MBEDTLS_DEBUG_C */ + #if defined(MBEDTLS_DES_C) if( strcmp( "MBEDTLS_DES_C", config ) == 0 ) { @@ -1514,6 +1866,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ +#if defined(MBEDTLS_NET_C) + if( strcmp( "MBEDTLS_NET_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C ); + return( 0 ); + } +#endif /* MBEDTLS_NET_C */ + #if defined(MBEDTLS_OID_C) if( strcmp( "MBEDTLS_OID_C", config ) == 0 ) { @@ -1682,6 +2042,54 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_SSL_CACHE_C) + if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CACHE_C */ + +#if defined(MBEDTLS_SSL_COOKIE_C) + if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_COOKIE_C */ + +#if defined(MBEDTLS_SSL_TICKET_C) + if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_TICKET_C */ + +#if defined(MBEDTLS_SSL_CLI_C) + if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) + if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_TLS_C) + if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_TLS_C */ + #if defined(MBEDTLS_THREADING_C) if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 ) { @@ -2106,6 +2514,110 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */ +#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) + if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */ + +#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) + if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ + +#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN) + if( strcmp( "MBEDTLS_SSL_MAX_CONTENT_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_CONTENT_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_IN_CONTENT_LEN) + if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) + if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) + if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */ + +#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) + if( strcmp( "MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */ + +#if defined(MBEDTLS_PSK_MAX_LEN) + if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_PSK_MAX_LEN */ + +#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT) + if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */ + +#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) + if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA ); + return( 0 ); + } +#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */ + +#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) + if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN ); + return( 0 ); + } +#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ + +#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES) + if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES ); + return( 0 ); + } +#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES */ + +#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) + if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE ); + return( 0 ); + } +#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ + #if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) { diff --git a/scripts/config.py b/scripts/config.py index df2d3d51d..e6085e9e1 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -183,11 +183,15 @@ def include_in_full(name): 'MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_SPM', 'MBEDTLS_PSA_INJECT_ENTROPY', + 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', + 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', + 'MBEDTLS_SSL_HW_RECORD_ACCEL', 'MBEDTLS_RSA_NO_CRT', 'MBEDTLS_SHA512_NO_SHA384', 'MBEDTLS_TEST_NULL_ENTROPY', 'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3', 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', + 'MBEDTLS_ZLIB_SUPPORT', ]: return False if name.endswith('_ALT'): @@ -209,6 +213,7 @@ def keep_in_baremetal(name): 'MBEDTLS_HAVEGE_C', 'MBEDTLS_HAVE_TIME', 'MBEDTLS_HAVE_TIME_DATE', + 'MBEDTLS_NET_C', 'MBEDTLS_PLATFORM_FPRINTF_ALT', 'MBEDTLS_PLATFORM_TIME_ALT', 'MBEDTLS_PSA_CRYPTO_SE_C', diff --git a/scripts/footprint.sh b/scripts/footprint.sh index 6cabcb925..961a0d60b 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -62,6 +62,7 @@ doit() fi { + scripts/config.py unset MBEDTLS_NET_C || true scripts/config.py unset MBEDTLS_TIMING_C || true scripts/config.py unset MBEDTLS_FS_IO || true scripts/config.py --force set MBEDTLS_NO_PLATFORM_ENTROPY || true diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 17ca34641..9a4788979 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -805,6 +805,7 @@ component_test_no_platform () { msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_PLATFORM_C + scripts/config.py unset MBEDTLS_NET_C scripts/config.py unset MBEDTLS_PLATFORM_MEMORY scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT diff --git a/tests/scripts/depends-pkalgs.pl b/tests/scripts/depends-pkalgs.pl index c05edaacf..0cc01f241 100755 --- a/tests/scripts/depends-pkalgs.pl +++ b/tests/scripts/depends-pkalgs.pl @@ -35,14 +35,26 @@ my $config_h = 'include/mbedtls/config.h'; # Some algorithms can't be disabled on their own as others depend on them, so # we list those reverse-dependencies here to keep check_config.h happy. my %algs = ( - 'MBEDTLS_ECDSA_C' => [], + 'MBEDTLS_ECDSA_C' => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'], 'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C', 'MBEDTLS_ECDH_C', - 'MBEDTLS_ECJPAKE_C'], + 'MBEDTLS_ECJPAKE_C', + 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'], 'MBEDTLS_X509_RSASSA_PSS_SUPPORT' => [], 'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], - 'MBEDTLS_PKCS1_V15' => [], - 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], + 'MBEDTLS_PKCS1_V15' => ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], + 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT', + 'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], ); system( "cp $config_h $config_h.bak" ) and die; From 9d28c426d14d57315dbb63212c0f5ec3f7785db3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:00:46 +0100 Subject: [PATCH 2174/2197] Revert "check-names: Enable referencing Mbed TLS macros" This reverts commit 7fcc7bc57699ce57fef8e590a0fb502ea6f65c0e. --- tests/scripts/list-macros.sh | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 9a89737df..3540b8e52 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -10,15 +10,8 @@ fi HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' ) HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" -# White-list macros we want to be able to refer to that don't exist in the -# crypto library, useful when referring to macros in Mbed TLS from comments. -WHITELIST='MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS' - -# Generate a list of macros and combine it with the white-listed macros in -# sorted order. -{ sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS | - egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_'; - printf '%s\n' $WHITELIST; -} | sort -u > macros +sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \ + | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \ + | sort -u > macros wc -l macros From 12230eb5c8150359d7f2fd99c36fb334cc375b2c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:02:33 +0100 Subject: [PATCH 2175/2197] Revert "Remove irrelevant configs" This reverts commit 1ad37309e4f17d73c2f22c3ff4bffe2523abe17c. Conflicts: * tests/scripts/test-ref-configs.pl: * config-ccm-psk-tls1_2.h: there has been an addition of "config-symmetric-only.h" at the place where the configurations that are added back were removed. Keep this configuration. --- configs/config-ccm-psk-tls1_2.h | 88 + configs/config-default.h | 3377 +++++++++++++++++++++++++++++ configs/config-mini-tls1_1.h | 75 + configs/config-thread.h | 90 + tests/scripts/test-ref-configs.pl | 10 +- 5 files changed, 3639 insertions(+), 1 deletion(-) create mode 100644 configs/config-ccm-psk-tls1_2.h create mode 100644 configs/config-default.h create mode 100644 configs/config-mini-tls1_1.h create mode 100644 configs/config-thread.h diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h new file mode 100644 index 000000000..c9b58dd53 --- /dev/null +++ b/configs/config-ccm-psk-tls1_2.h @@ -0,0 +1,88 @@ +/** + * \file config-ccm-psk-tls1_2.h + * + * \brief Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * Distinguishing features: + * - no bignum, no PK, no X509 + * - fully modern and secure (provided the pre-shared keys have high entropy) + * - very low record overhead with CCM-8 + * - optimized for low RAM usage + * + * See README.txt for usage instructions. + */ +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ +/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ + +/* mbed TLS feature support */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/* mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_CCM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_MD_C +#define MBEDTLS_NET_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C + +/* Save RAM at the expense of ROM */ +#define MBEDTLS_AES_ROM_TABLES + +/* Save some RAM by adjusting to your exact needs */ +#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */ + +/* + * You should adjust this to the exact number of sources you're using: default + * is the "platform_entropy_poll" source, but you may want to add other ones + * Minimum is 2 for the entropy test suite. + */ +#define MBEDTLS_ENTROPY_MAX_SOURCES 2 + +/* + * Use only CCM_8 ciphersuites, and + * save ROM and a few bytes of RAM by specifying our own ciphersuite list + */ +#define MBEDTLS_SSL_CIPHERSUITES \ + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See comments in "mbedtls/ssl.h".) + * The optimal size here depends on the typical size of records. + */ +#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-default.h b/configs/config-default.h new file mode 100644 index 000000000..e6abf24d5 --- /dev/null +++ b/configs/config-default.h @@ -0,0 +1,3377 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +/* + * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/** + * \name SECTION: System support + * + * This section sets system specific settings. + * \{ + */ + +/** + * \def MBEDTLS_HAVE_ASM + * + * The compiler has support for asm(). + * + * Requires support for asm() in compiler. + * + * Used in: + * library/aria.c + * library/timing.c + * include/mbedtls/bn_mul.h + * + * Required by: + * MBEDTLS_AESNI_C + * MBEDTLS_PADLOCK_C + * + * Comment to disable the use of assembly code. + */ +#define MBEDTLS_HAVE_ASM + +/** + * \def MBEDTLS_NO_UDBL_DIVISION + * + * The platform lacks support for double-width integer division (64-bit + * division on a 32-bit platform, 128-bit division on a 64-bit platform). + * + * Used in: + * include/mbedtls/bignum.h + * library/bignum.c + * + * The bignum code uses double-width division to speed up some operations. + * Double-width division is often implemented in software that needs to + * be linked with the program. The presence of a double-width integer + * type is usually detected automatically through preprocessor macros, + * but the automatic detection cannot know whether the code needs to + * and can be linked with an implementation of division for that type. + * By default division is assumed to be usable if the type is present. + * Uncomment this option to prevent the use of double-width division. + * + * Note that division for the native integer type is always required. + * Furthermore, a 64-bit type is always required even on a 32-bit + * platform, but it need not support multiplication or division. In some + * cases it is also desirable to disable some double-width operations. For + * example, if double-width division is implemented in software, disabling + * it can reduce code size in some embedded targets. + */ +//#define MBEDTLS_NO_UDBL_DIVISION + +/** + * \def MBEDTLS_NO_64BIT_MULTIPLICATION + * + * The platform lacks support for 32x32 -> 64-bit multiplication. + * + * Used in: + * library/poly1305.c + * + * Some parts of the library may use multiplication of two unsigned 32-bit + * operands with a 64-bit result in order to speed up computations. On some + * platforms, this is not available in hardware and has to be implemented in + * software, usually in a library provided by the toolchain. + * + * Sometimes it is not desirable to have to link to that library. This option + * removes the dependency of that library on platforms that lack a hardware + * 64-bit multiplier by embedding a software implementation in Mbed TLS. + * + * Note that depending on the compiler, this may decrease performance compared + * to using the library function provided by the toolchain. + */ +//#define MBEDTLS_NO_64BIT_MULTIPLICATION + +/** + * \def MBEDTLS_HAVE_SSE2 + * + * CPU supports SSE2 instruction set. + * + * Uncomment if the CPU supports SSE2 (IA-32 specific). + */ +//#define MBEDTLS_HAVE_SSE2 + +/** + * \def MBEDTLS_HAVE_TIME + * + * System has time.h and time(). + * The time does not need to be correct, only time differences are used, + * by contrast with MBEDTLS_HAVE_TIME_DATE + * + * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, + * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and + * MBEDTLS_PLATFORM_STD_TIME. + * + * Comment if your system does not support time functions + */ +#define MBEDTLS_HAVE_TIME + +/** + * \def MBEDTLS_HAVE_TIME_DATE + * + * System has time.h, time(), and an implementation for + * mbedtls_platform_gmtime_r() (see below). + * The time needs to be correct (not necessarily very accurate, but at least + * the date should be correct). This is used to verify the validity period of + * X.509 certificates. + * + * Comment if your system does not have a correct clock. + * + * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that + * behaves similarly to the gmtime_r() function from the C standard. Refer to + * the documentation for mbedtls_platform_gmtime_r() for more information. + * + * \note It is possible to configure an implementation for + * mbedtls_platform_gmtime_r() at compile-time by using the macro + * MBEDTLS_PLATFORM_GMTIME_R_ALT. + */ +#define MBEDTLS_HAVE_TIME_DATE + +/** + * \def MBEDTLS_PLATFORM_MEMORY + * + * Enable the memory allocation layer. + * + * By default mbed TLS uses the system-provided calloc() and free(). + * This allows different allocators (self-implemented or provided) to be + * provided to the platform abstraction layer. + * + * Enabling MBEDTLS_PLATFORM_MEMORY without the + * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide + * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and + * free() function pointer at runtime. + * + * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the + * alternate function at compile time. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Enable this layer to allow use of alternative memory allocators. + */ +//#define MBEDTLS_PLATFORM_MEMORY + +/** + * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + * + * Do not assign standard functions in the platform layer (e.g. calloc() to + * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) + * + * This makes sure there are no linking errors on platforms that do not support + * these functions. You will HAVE to provide alternatives, either at runtime + * via the platform_set_xxx() functions or at compile time by setting + * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a + * MBEDTLS_PLATFORM_XXX_MACRO. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Uncomment to prevent default assignment of standard functions in the + * platform layer. + */ +//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + +/** + * \def MBEDTLS_PLATFORM_EXIT_ALT + * + * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the + * function in the platform abstraction layer. + * + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * provide a function "mbedtls_platform_set_printf()" that allows you to set an + * alternative printf function pointer. + * + * All these define require MBEDTLS_PLATFORM_C to be defined! + * + * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; + * it will be enabled automatically by check_config.h + * + * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as + * MBEDTLS_PLATFORM_XXX_MACRO! + * + * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME + * + * Uncomment a macro to enable alternate implementation of specific base + * platform function + */ +//#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_TIME_ALT +//#define MBEDTLS_PLATFORM_FPRINTF_ALT +//#define MBEDTLS_PLATFORM_PRINTF_ALT +//#define MBEDTLS_PLATFORM_SNPRINTF_ALT +//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT +//#define MBEDTLS_PLATFORM_NV_SEED_ALT +//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT + +/** + * \def MBEDTLS_DEPRECATED_WARNING + * + * Mark deprecated functions so that they generate a warning if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * This only works with GCC and Clang. With other compilers, you may want to + * use MBEDTLS_DEPRECATED_REMOVED + * + * Uncomment to get warnings on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_WARNING + +/** + * \def MBEDTLS_DEPRECATED_REMOVED + * + * Remove deprecated functions so that they generate an error if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * Uncomment to get errors on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_REMOVED + +/** + * \def MBEDTLS_CHECK_PARAMS + * + * This configuration option controls whether the library validates more of + * the parameters passed to it. + * + * When this flag is not defined, the library only attempts to validate an + * input parameter if: (1) they may come from the outside world (such as the + * network, the filesystem, etc.) or (2) not validating them could result in + * internal memory errors such as overflowing a buffer controlled by the + * library. On the other hand, it doesn't attempt to validate parameters whose + * values are fully controlled by the application (such as pointers). + * + * When this flag is defined, the library additionally attempts to validate + * parameters that are fully controlled by the application, and should always + * be valid if the application code is fully correct and trusted. + * + * For example, when a function accepts as input a pointer to a buffer that may + * contain untrusted data, and its documentation mentions that this pointer + * must not be NULL: + * - the pointer is checked to be non-NULL only if this option is enabled + * - the content of the buffer is always validated + * + * When this flag is defined, if a library function receives a parameter that + * is invalid, it will: + * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a + * call to the function mbedtls_param_failed() + * - immediately return (with a specific error code unless the function + * returns void and can't communicate an error). + * + * When defining this flag, you also need to: + * - either provide a definition of the function mbedtls_param_failed() in + * your application (see platform_util.h for its prototype) as the library + * calls that function, but does not provide a default definition for it, + * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() + * below if the above mechanism is not flexible enough to suit your needs. + * See the documentation of this macro later in this file. + * + * Uncomment to enable validation of application-controlled parameters. + */ +//#define MBEDTLS_CHECK_PARAMS + +/* \} name SECTION: System support */ + +/** + * \name SECTION: mbed TLS feature support + * + * This section sets support for features that are or are not needed + * within the modules that are enabled. + * \{ + */ + +/** + * \def MBEDTLS_TIMING_ALT + * + * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), + * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() + * + * Only works if you have MBEDTLS_TIMING_C enabled. + * + * You will need to provide a header "timing_alt.h" and an implementation at + * compile time. + */ +//#define MBEDTLS_TIMING_ALT + +/** + * \def MBEDTLS_AES_ALT + * + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your + * alternate core implementation of a symmetric crypto, an arithmetic or hash + * module (e.g. platform specific assembly optimized implementations). Keep + * in mind that the function prototypes should remain the same. + * + * This replaces the whole module. If you only want to replace one of the + * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * provide the "struct mbedtls_aes_context" definition and omit the base + * function declarations and implementations. "aes_alt.h" will be included from + * "aes.h" to include the new function definitions. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * module. + * + * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their + * use constitutes a security risk. If possible, we recommend + * avoiding dependencies on them, and considering stronger message + * digests and ciphers instead. + * + */ +//#define MBEDTLS_AES_ALT +//#define MBEDTLS_ARC4_ALT +//#define MBEDTLS_ARIA_ALT +//#define MBEDTLS_BLOWFISH_ALT +//#define MBEDTLS_CAMELLIA_ALT +//#define MBEDTLS_CCM_ALT +//#define MBEDTLS_CHACHA20_ALT +//#define MBEDTLS_CHACHAPOLY_ALT +//#define MBEDTLS_CMAC_ALT +//#define MBEDTLS_DES_ALT +//#define MBEDTLS_DHM_ALT +//#define MBEDTLS_ECJPAKE_ALT +//#define MBEDTLS_GCM_ALT +//#define MBEDTLS_NIST_KW_ALT +//#define MBEDTLS_MD2_ALT +//#define MBEDTLS_MD4_ALT +//#define MBEDTLS_MD5_ALT +//#define MBEDTLS_POLY1305_ALT +//#define MBEDTLS_RIPEMD160_ALT +//#define MBEDTLS_RSA_ALT +//#define MBEDTLS_SHA1_ALT +//#define MBEDTLS_SHA256_ALT +//#define MBEDTLS_SHA512_ALT +//#define MBEDTLS_XTEA_ALT + +/* + * When replacing the elliptic curve module, pleace consider, that it is + * implemented with two .c files: + * - ecp.c + * - ecp_curves.c + * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT + * macros as described above. The only difference is that you have to make sure + * that you provide functionality for both .c files. + */ +//#define MBEDTLS_ECP_ALT + +/** + * \def MBEDTLS_MD2_PROCESS_ALT + * + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * alternate core implementation of symmetric crypto or hash function. Keep in + * mind that function prototypes should remain the same. + * + * This replaces only one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * no longer provide the mbedtls_sha1_process() function, but it will still provide + * the other function (using your mbedtls_sha1_process() function) and the definition + * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible + * with this definition. + * + * \note Because of a signature change, the core AES encryption and decryption routines are + * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, + * respectively. When setting up alternative implementations, these functions should + * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt + * must stay untouched. + * + * \note If you use the AES_xxx_ALT macros, then is is recommended to also set + * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES + * tables. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + * + * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use + * constitutes a security risk. If possible, we recommend avoiding + * dependencies on them, and considering stronger message digests + * and ciphers instead. + * + */ +//#define MBEDTLS_MD2_PROCESS_ALT +//#define MBEDTLS_MD4_PROCESS_ALT +//#define MBEDTLS_MD5_PROCESS_ALT +//#define MBEDTLS_RIPEMD160_PROCESS_ALT +//#define MBEDTLS_SHA1_PROCESS_ALT +//#define MBEDTLS_SHA256_PROCESS_ALT +//#define MBEDTLS_SHA512_PROCESS_ALT +//#define MBEDTLS_DES_SETKEY_ALT +//#define MBEDTLS_DES_CRYPT_ECB_ALT +//#define MBEDTLS_DES3_CRYPT_ECB_ALT +//#define MBEDTLS_AES_SETKEY_ENC_ALT +//#define MBEDTLS_AES_SETKEY_DEC_ALT +//#define MBEDTLS_AES_ENCRYPT_ALT +//#define MBEDTLS_AES_DECRYPT_ALT +//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT +//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT +//#define MBEDTLS_ECDSA_VERIFY_ALT +//#define MBEDTLS_ECDSA_SIGN_ALT +//#define MBEDTLS_ECDSA_GENKEY_ALT + +/** + * \def MBEDTLS_ECP_INTERNAL_ALT + * + * Expose a part of the internal interface of the Elliptic Curve Point module. + * + * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your + * alternative core implementation of elliptic curve arithmetic. Keep in mind + * that function prototypes should remain the same. + * + * This partially replaces one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation + * is still present and it is used for group structures not supported by the + * alternative. + * + * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT + * and implementing the following functions: + * unsigned char mbedtls_internal_ecp_grp_capable( + * const mbedtls_ecp_group *grp ) + * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) + * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) + * The mbedtls_internal_ecp_grp_capable function should return 1 if the + * replacement functions implement arithmetic for the given group and 0 + * otherwise. + * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are + * called before and after each point operation and provide an opportunity to + * implement optimized set up and tear down instructions. + * + * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and + * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac + * function, but will use your mbedtls_internal_ecp_double_jac if the group is + * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when + * receives it as an argument). If the group is not supported then the original + * implementation is used. The other functions and the definition of + * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your + * implementation of mbedtls_internal_ecp_double_jac and + * mbedtls_internal_ecp_grp_capable must be compatible with this definition. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + */ +/* Required for all the functions in this section */ +//#define MBEDTLS_ECP_INTERNAL_ALT +/* Support for Weierstrass curves with Jacobi representation */ +//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT +//#define MBEDTLS_ECP_ADD_MIXED_ALT +//#define MBEDTLS_ECP_DOUBLE_JAC_ALT +//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT +//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT +/* Support for curves with Montgomery arithmetic */ +//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT +//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT +//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT + +/** + * \def MBEDTLS_TEST_NULL_ENTROPY + * + * Enables testing and use of mbed TLS without any configured entropy sources. + * This permits use of the library on platforms before an entropy source has + * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the + * MBEDTLS_ENTROPY_NV_SEED switches). + * + * WARNING! This switch MUST be disabled in production builds, and is suitable + * only for development. + * Enabling the switch negates any security provided by the library. + * + * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + */ +//#define MBEDTLS_TEST_NULL_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_HARDWARE_ALT + * + * Uncomment this macro to let mbed TLS use your own implementation of a + * hardware entropy collector. + * + * Your function must be called \c mbedtls_hardware_poll(), have the same + * prototype as declared in entropy_poll.h, and accept NULL as first argument. + * + * Uncomment to use your own hardware entropy collector. + */ +//#define MBEDTLS_ENTROPY_HARDWARE_ALT + +/** + * \def MBEDTLS_AES_ROM_TABLES + * + * Use precomputed AES tables stored in ROM. + * + * Uncomment this macro to use precomputed AES tables stored in ROM. + * Comment this macro to generate AES tables in RAM at runtime. + * + * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb + * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the + * initialization time before the first AES operation can be performed. + * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c + * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded + * performance if ROM access is slower than RAM access. + * + * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. + * + */ +//#define MBEDTLS_AES_ROM_TABLES + +/** + * \def MBEDTLS_AES_FEWER_TABLES + * + * Use less ROM/RAM for AES tables. + * + * Uncommenting this macro omits 75% of the AES tables from + * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) + * by computing their values on the fly during operations + * (the tables are entry-wise rotations of one another). + * + * Tradeoff: Uncommenting this reduces the RAM / ROM footprint + * by ~6kb but at the cost of more arithmetic operations during + * runtime. Specifically, one has to compare 4 accesses within + * different tables to 4 accesses with additional arithmetic + * operations within the same table. The performance gain/loss + * depends on the system and memory details. + * + * This option is independent of \c MBEDTLS_AES_ROM_TABLES. + * + */ +//#define MBEDTLS_AES_FEWER_TABLES + +/** + * \def MBEDTLS_CAMELLIA_SMALL_MEMORY + * + * Use less ROM for the Camellia implementation (saves about 768 bytes). + * + * Uncomment this macro to use less memory for Camellia. + */ +//#define MBEDTLS_CAMELLIA_SMALL_MEMORY + +/** + * \def MBEDTLS_CIPHER_MODE_CBC + * + * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CBC + +/** + * \def MBEDTLS_CIPHER_MODE_CFB + * + * Enable Cipher Feedback mode (CFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CFB + +/** + * \def MBEDTLS_CIPHER_MODE_CTR + * + * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CTR + +/** + * \def MBEDTLS_CIPHER_MODE_OFB + * + * Enable Output Feedback mode (OFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_OFB + +/** + * \def MBEDTLS_CIPHER_MODE_XTS + * + * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. + */ +#define MBEDTLS_CIPHER_MODE_XTS + +/** + * \def MBEDTLS_CIPHER_NULL_CIPHER + * + * Enable NULL cipher. + * Warning: Only do so when you know what you are doing. This allows for + * encryption or channels without any security! + * + * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA + * + * Uncomment this macro to enable the NULL cipher and ciphersuites + */ +//#define MBEDTLS_CIPHER_NULL_CIPHER + +/** + * \def MBEDTLS_CIPHER_PADDING_PKCS7 + * + * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for + * specific padding modes in the cipher layer with cipher modes that support + * padding (e.g. CBC) + * + * If you disable all padding modes, only full blocks can be used with CBC. + * + * Enable padding modes in the cipher layer. + */ +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define MBEDTLS_CIPHER_PADDING_ZEROS + +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + +/** + * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED + * + * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve + * module. By default all supported curves are enabled. + * + * Comment macros to disable the curve and functions for it + */ +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_ECP_DP_CURVE448_ENABLED + +/** + * \def MBEDTLS_ECP_NIST_OPTIM + * + * Enable specific 'modulo p' routines for each NIST prime. + * Depending on the prime and architecture, makes operations 4 to 8 times + * faster on the corresponding curve. + * + * Comment this macro to disable NIST curves optimisation. + */ +#define MBEDTLS_ECP_NIST_OPTIM + +/** + * \def MBEDTLS_ECP_RESTARTABLE + * + * Enable "non-blocking" ECC operations that can return early and be resumed. + * + * This allows various functions to pause by returning + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in + * order to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum + * number of ECC operations a function may perform before pausing; see + * mbedtls_ecp_set_max_ops() for more information. + * + * This is useful in non-threaded environments if you want to avoid blocking + * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. + * + * Uncomment this macro to enable restartable ECC computations. + * + * \note This option only works with the default software implementation of + * elliptic curve functionality. It is incompatible with + * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. + */ +//#define MBEDTLS_ECP_RESTARTABLE + +/** + * \def MBEDTLS_ECDSA_DETERMINISTIC + * + * Enable deterministic ECDSA (RFC 6979). + * Standard ECDSA is "fragile" in the sense that lack of entropy when signing + * may result in a compromise of the long-term signing key. This is avoided by + * the deterministic variant. + * + * Requires: MBEDTLS_HMAC_DRBG_C + * + * Comment this macro to disable deterministic ECDSA. + */ +#define MBEDTLS_ECDSA_DETERMINISTIC + +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + * + * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Requires: MBEDTLS_ECJPAKE_C + * MBEDTLS_SHA256_C + * MBEDTLS_ECP_DP_SECP256R1_ENABLED + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + */ +//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + +/** + * \def MBEDTLS_PK_PARSE_EC_EXTENDED + * + * Enhance support for reading EC keys using variants of SEC1 not allowed by + * RFC 5915 and RFC 5480. + * + * Currently this means parsing the SpecifiedECDomain choice of EC + * parameters (only known groups are supported, not arbitrary domains, to + * avoid validation issues). + * + * Disable if you only need to support RFC 5915 + 5480 key formats. + */ +#define MBEDTLS_PK_PARSE_EC_EXTENDED + +/** + * \def MBEDTLS_ERROR_STRERROR_DUMMY + * + * Enable a dummy error function to make use of mbedtls_strerror() in + * third party libraries easier when MBEDTLS_ERROR_C is disabled + * (no effect when MBEDTLS_ERROR_C is enabled). + * + * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're + * not using mbedtls_strerror() or error_strerror() in your application. + * + * Disable if you run into name conflicts and want to really remove the + * mbedtls_strerror() + */ +#define MBEDTLS_ERROR_STRERROR_DUMMY + +/** + * \def MBEDTLS_GENPRIME + * + * Enable the prime-number generation code. + * + * Requires: MBEDTLS_BIGNUM_C + */ +#define MBEDTLS_GENPRIME + +/** + * \def MBEDTLS_FS_IO + * + * Enable functions that use the filesystem. + */ +#define MBEDTLS_FS_IO + +/** + * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + * Do not add default entropy sources. These are the platform specific, + * mbedtls_timing_hardclock and HAVEGE based poll functions. + * + * This is useful to have more control over the added entropy sources in an + * application. + * + * Uncomment this macro to prevent loading of default entropy functions. + */ +//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + +/** + * \def MBEDTLS_NO_PLATFORM_ENTROPY + * + * Do not use built-in platform entropy functions. + * This is useful if your platform does not support + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. + */ +//#define MBEDTLS_NO_PLATFORM_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_FORCE_SHA256 + * + * Force the entropy accumulator to use a SHA-256 accumulator instead of the + * default SHA-512 based one (if both are available). + * + * Requires: MBEDTLS_SHA256_C + * + * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option + * if you have performance concerns. + * + * This option is only useful if both MBEDTLS_SHA256_C and + * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. + */ +//#define MBEDTLS_ENTROPY_FORCE_SHA256 + +/** + * \def MBEDTLS_ENTROPY_NV_SEED + * + * Enable the non-volatile (NV) seed file-based entropy source. + * (Also enables the NV seed read/write functions in the platform layer) + * + * This is crucial (if not required) on systems that do not have a + * cryptographic entropy source (in hardware or kernel) available. + * + * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C + * + * \note The read/write functions that are used by the entropy source are + * determined in the platform layer, and can be modified at runtime and/or + * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. + * + * \note If you use the default implementation functions that read a seedfile + * with regular fopen(), please make sure you make a seedfile with the + * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at + * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from + * and written to or you will get an entropy source error! The default + * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE + * bytes from the file. + * + * \note The entropy collector will write to the seed file before entropy is + * given to an external source, to update it. + */ +//#define MBEDTLS_ENTROPY_NV_SEED + +/** + * \def MBEDTLS_MEMORY_DEBUG + * + * Enable debugging of buffer allocator memory issues. Automatically prints + * (to stderr) all (fatal) messages on memory allocation issues. Enables + * function for 'debug output' of allocated memory. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Uncomment this macro to let the buffer allocator print out error messages. + */ +//#define MBEDTLS_MEMORY_DEBUG + +/** + * \def MBEDTLS_MEMORY_BACKTRACE + * + * Include backtrace information with each allocated block. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * GLIBC-compatible backtrace() an backtrace_symbols() support + * + * Uncomment this macro to include backtrace information + */ +//#define MBEDTLS_MEMORY_BACKTRACE + +/** + * \def MBEDTLS_PK_RSA_ALT_SUPPORT + * + * Support external private RSA keys (eg from a HSM) in the PK layer. + * + * Comment this macro to disable support for external private RSA keys. + */ +#define MBEDTLS_PK_RSA_ALT_SUPPORT + +/** + * \def MBEDTLS_PKCS1_V15 + * + * Enable support for PKCS#1 v1.5 encoding. + * + * Requires: MBEDTLS_RSA_C + * + * This enables support for PKCS#1 v1.5 operations. + */ +#define MBEDTLS_PKCS1_V15 + +/** + * \def MBEDTLS_PKCS1_V21 + * + * Enable support for PKCS#1 v2.1 encoding. + * + * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C + * + * This enables support for RSAES-OAEP and RSASSA-PSS operations. + */ +#define MBEDTLS_PKCS1_V21 + +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_SPM + +/** + * \def MBEDTLS_PSA_HAS_ITS_IO + * + * Enable the non-volatile secure storage usage. + * + * This is crucial on systems that do not have a HW TRNG support. + * + */ +//#define MBEDTLS_PSA_HAS_ITS_IO + +/** + * \def MBEDTLS_RSA_NO_CRT + * + * Do not use the Chinese Remainder Theorem + * for the RSA private operation. + * + * Uncomment this macro to disable the use of CRT in RSA. + * + */ +//#define MBEDTLS_RSA_NO_CRT + +/** + * \def MBEDTLS_SELF_TEST + * + * Enable the checkup functions (*_self_test). + */ +#define MBEDTLS_SELF_TEST + +/** + * \def MBEDTLS_SHA256_SMALLER + * + * Enable an implementation of SHA-256 that has lower ROM footprint but also + * lower performance. + * + * The default implementation is meant to be a reasonnable compromise between + * performance and size. This version optimizes more aggressively for size at + * the expense of performance. Eg on Cortex-M4 it reduces the size of + * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about + * 30%. + * + * Uncomment to enable the smaller implementation of SHA256. + */ +//#define MBEDTLS_SHA256_SMALLER + +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + +/** + * \def MBEDTLS_SSL_ASYNC_PRIVATE + * + * Enable asynchronous external private key operations in SSL. This allows + * you to configure an SSL connection to call an external cryptographic + * module to perform private key operations instead of performing the + * operation inside the library. + * + */ +//#define MBEDTLS_SSL_ASYNC_PRIVATE + +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Enable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + * + * \note Even if this option is disabled, both client and server are aware + * of the Renegotiation Indication Extension (RFC 5746) used to + * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). + * (See \c mbedtls_ssl_conf_legacy_renegotiation for the + * configuration of this extension). + * + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +//#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + * + * Enable server-side support for clients that reconnect from the same port. + * + * Some clients unexpectedly close the connection and try to reconnect using the + * same source port. This needs special support from the server to handle the + * new connection securely, as described in section 4.2.8 of RFC 6347. This + * flag enables that support. + * + * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Comment this to disable support for clients reusing the source port. + */ +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintenance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_EXPORT_KEYS + * + * Enable support for exporting key block and master secret. + * This is required for certain users of TLS, e.g. EAP-TLS. + * + * Comment this macro to disable support for key export + */ +#define MBEDTLS_SSL_EXPORT_KEYS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + * + * Fallback to old (pre-2.7), non-conforming implementation of the truncated + * HMAC extension which also truncates the HMAC key. Note that this option is + * only meant for a transitory upgrade period and is likely to be removed in + * a future version of the library. + * + * \warning The old implementation is non-compliant and has a security weakness + * (2^80 brute force attack on the HMAC key used for a single, + * uninterrupted connection). This should only be enabled temporarily + * when (1) the use of truncated HMAC is essential in order to save + * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use + * the fixed implementation yet (pre-2.7). + * + * \deprecated This option is deprecated and will likely be removed in a + * future version of Mbed TLS. + * + * Uncomment to fallback to old, non-compliant truncated HMAC implementation. + * + * Requires: MBEDTLS_SSL_TRUNCATED_HMAC + */ +//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT + +/** + * \def MBEDTLS_THREADING_ALT + * + * Provide your own alternate threading implementation. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to allow your own alternate threading implementation. + */ +//#define MBEDTLS_THREADING_ALT + +/** + * \def MBEDTLS_THREADING_PTHREAD + * + * Enable the pthread wrapper layer for the threading layer. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to enable pthread mutexes. + */ +//#define MBEDTLS_THREADING_PTHREAD + +/** + * \def MBEDTLS_USE_PSA_CRYPTO + * + * Make the X.509 and TLS library use PSA for cryptographic operations, see + * #MBEDTLS_PSA_CRYPTO_C. + * + * Note: this option is still in progress, the full X.509 and TLS modules are + * not covered yet, but parts that are not ported to PSA yet will still work + * as usual, so enabling this option should not break backwards compatibility. + * + * \warning Support for PSA is still an experimental feature. + * Any public API that depends on this option may change + * at any time until this warning is removed. + * + * Requires: MBEDTLS_PSA_CRYPTO_C. + */ +//#define MBEDTLS_USE_PSA_CRYPTO + +/** + * \def MBEDTLS_VERSION_FEATURES + * + * Allow run-time checking of compile-time enabled features. Thus allowing users + * to check at run-time if the library is for instance compiled with threading + * support via mbedtls_version_check_feature(). + * + * Requires: MBEDTLS_VERSION_C + * + * Comment this to disable run-time checking and save ROM space + */ +#define MBEDTLS_VERSION_FEATURES + +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * \warning Depending on your PKI use, enabling this can be a security risk! + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * \deprecated This feature is deprecated and will be removed + * in the next major revision of the library. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT +/* \} name SECTION: mbed TLS feature support */ + +/** + * \name SECTION: mbed TLS modules + * + * This section enables or disables entire modules in mbed TLS + * \{ + */ + +/** + * \def MBEDTLS_AESNI_C + * + * Enable AES-NI support on x86-64. + * + * Module: library/aesni.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the AES-NI instructions on x86-64 + */ +#define MBEDTLS_AESNI_C + +/** + * \def MBEDTLS_AES_C + * + * Enable the AES block cipher. + * + * Module: library/aes.c + * Caller: library/cipher.c + * library/pem.c + * library/ctr_drbg.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * + * PEM_PARSE uses AES for decrypting encrypted keys. + */ +#define MBEDTLS_AES_C + +/** + * \def MBEDTLS_ARC4_C + * + * Enable the ARCFOUR stream cipher. + * + * Module: library/arc4.c + * Caller: library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + * + * \warning ARC4 is considered a weak cipher and its use constitutes a + * security risk. If possible, we recommend avoidng dependencies on + * it, and considering stronger ciphers instead. + * + */ +#define MBEDTLS_ARC4_C + +/** + * \def MBEDTLS_ASN1_PARSE_C + * + * Enable the generic ASN1 parser. + * + * Module: library/asn1.c + * Caller: library/x509.c + * library/dhm.c + * library/pkcs12.c + * library/pkcs5.c + * library/pkparse.c + */ +#define MBEDTLS_ASN1_PARSE_C + +/** + * \def MBEDTLS_ASN1_WRITE_C + * + * Enable the generic ASN1 writer. + * + * Module: library/asn1write.c + * Caller: library/ecdsa.c + * library/pkwrite.c + * library/x509_create.c + * library/x509write_crt.c + * library/x509write_csr.c + */ +#define MBEDTLS_ASN1_WRITE_C + +/** + * \def MBEDTLS_BASE64_C + * + * Enable the Base64 module. + * + * Module: library/base64.c + * Caller: library/pem.c + * + * This module is required for PEM support (required by X.509). + */ +#define MBEDTLS_BASE64_C + +/** + * \def MBEDTLS_BIGNUM_C + * + * Enable the multi-precision integer library. + * + * Module: library/bignum.c + * Caller: library/dhm.c + * library/ecp.c + * library/ecdsa.c + * library/rsa.c + * library/rsa_internal.c + * library/ssl_tls.c + * + * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. + */ +#define MBEDTLS_BIGNUM_C + +/** + * \def MBEDTLS_BLOWFISH_C + * + * Enable the Blowfish block cipher. + * + * Module: library/blowfish.c + */ +#define MBEDTLS_BLOWFISH_C + +/** + * \def MBEDTLS_CAMELLIA_C + * + * Enable the Camellia block cipher. + * + * Module: library/camellia.c + * Caller: library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + */ +#define MBEDTLS_CAMELLIA_C + +/** + * \def MBEDTLS_ARIA_C + * + * Enable the ARIA block cipher. + * + * Module: library/aria.c + * Caller: library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * + * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + */ +//#define MBEDTLS_ARIA_C + +/** + * \def MBEDTLS_CCM_C + * + * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. + * + * Module: library/ccm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-CCM ciphersuites, if other requisites are + * enabled as well. + */ +#define MBEDTLS_CCM_C + +/** + * \def MBEDTLS_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define MBEDTLS_CERTS_C + +/** + * \def MBEDTLS_CHACHA20_C + * + * Enable the ChaCha20 stream cipher. + * + * Module: library/chacha20.c + */ +#define MBEDTLS_CHACHA20_C + +/** + * \def MBEDTLS_CHACHAPOLY_C + * + * Enable the ChaCha20-Poly1305 AEAD algorithm. + * + * Module: library/chachapoly.c + * + * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C + */ +#define MBEDTLS_CHACHAPOLY_C + +/** + * \def MBEDTLS_CIPHER_C + * + * Enable the generic cipher layer. + * + * Module: library/cipher.c + * Caller: library/ssl_tls.c + * + * Uncomment to enable generic cipher wrappers. + */ +#define MBEDTLS_CIPHER_C + +/** + * \def MBEDTLS_CMAC_C + * + * Enable the CMAC (Cipher-based Message Authentication Code) mode for block + * ciphers. + * + * Module: library/cmac.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C + * + */ +//#define MBEDTLS_CMAC_C + +/** + * \def MBEDTLS_CTR_DRBG_C + * + * Enable the CTR_DRBG AES-based random generator. + * The CTR_DRBG generator uses AES-256 by default. + * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. + * + * Module: library/ctr_drbg.c + * Caller: + * + * Requires: MBEDTLS_AES_C + * + * This module provides the CTR_DRBG AES random number generator. + */ +#define MBEDTLS_CTR_DRBG_C + +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + +/** + * \def MBEDTLS_DES_C + * + * Enable the DES block cipher. + * + * Module: library/des.c + * Caller: library/pem.c + * library/cipher.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * + * PEM_PARSE uses DES/3DES for decrypting encrypted keys. + * + * \warning DES is considered a weak cipher and its use constitutes a + * security risk. We recommend considering stronger ciphers instead. + */ +#define MBEDTLS_DES_C + +/** + * \def MBEDTLS_DHM_C + * + * Enable the Diffie-Hellman-Merkle module. + * + * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * DHE-RSA, DHE-PSK + * + * \warning Using DHE constitutes a security risk as it + * is not possible to validate custom DH parameters. + * If possible, it is recommended users should consider + * preferring other methods of key exchange. + * See dhm.h for more details. + * + */ +#define MBEDTLS_DHM_C + +/** + * \def MBEDTLS_ECDH_C + * + * Enable the elliptic curve Diffie-Hellman library. + * + * Module: library/ecdh.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK + * + * Requires: MBEDTLS_ECP_C + */ +#define MBEDTLS_ECDH_C + +/** + * \def MBEDTLS_ECDSA_C + * + * Enable the elliptic curve DSA library. + * + * Module: library/ecdsa.c + * Caller: + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C + */ +#define MBEDTLS_ECDSA_C + +/** + * \def MBEDTLS_ECJPAKE_C + * + * Enable the elliptic curve J-PAKE library. + * + * \warning This is currently experimental. EC J-PAKE support is based on the + * Thread v1.0.0 specification; incompatible changes to the specification + * might still happen. For this reason, this is disabled by default. + * + * Module: library/ecjpake.c + * Caller: + * + * This module is used by the following key exchanges: + * ECJPAKE + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C + */ +//#define MBEDTLS_ECJPAKE_C + +/** + * \def MBEDTLS_ECP_C + * + * Enable the elliptic curve over GF(p) library. + * + * Module: library/ecp.c + * Caller: library/ecdh.c + * library/ecdsa.c + * library/ecjpake.c + * + * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED + */ +#define MBEDTLS_ECP_C + +/** + * \def MBEDTLS_ENTROPY_C + * + * Enable the platform-specific entropy code. + * + * Module: library/entropy.c + * Caller: + * + * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C + * + * This module provides a generic entropy pool + */ +#define MBEDTLS_ENTROPY_C + +/** + * \def MBEDTLS_ERROR_C + * + * Enable error code to error string conversion. + * + * Module: library/error.c + * Caller: + * + * This module enables mbedtls_strerror(). + */ +#define MBEDTLS_ERROR_C + +/** + * \def MBEDTLS_GCM_C + * + * Enable the Galois/Counter Mode (GCM) for AES. + * + * Module: library/gcm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other + * requisites are enabled as well. + */ +#define MBEDTLS_GCM_C + +/** + * \def MBEDTLS_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: MBEDTLS_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. + */ +//#define MBEDTLS_HAVEGE_C + +/** + * \def MBEDTLS_HKDF_C + * + * Enable the HKDF algorithm (RFC 5869). + * + * Module: library/hkdf.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the Hashed Message Authentication Code + * (HMAC)-based key derivation function (HKDF). + */ +#define MBEDTLS_HKDF_C + +/** + * \def MBEDTLS_HMAC_DRBG_C + * + * Enable the HMAC_DRBG random generator. + * + * Module: library/hmac_drbg.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * Uncomment to enable the HMAC_DRBG random number geerator. + */ +#define MBEDTLS_HMAC_DRBG_C + +/** + * \def MBEDTLS_NIST_KW_C + * + * Enable the Key Wrapping mode for 128-bit block ciphers, + * as defined in NIST SP 800-38F. Only KW and KWP modes + * are supported. At the moment, only AES is approved by NIST. + * + * Module: library/nist_kw.c + * + * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C + */ +//#define MBEDTLS_NIST_KW_C + +/** + * \def MBEDTLS_MD_C + * + * Enable the generic message digest layer. + * + * Module: library/md.c + * Caller: + * + * Uncomment to enable generic message digest wrappers. + */ +#define MBEDTLS_MD_C + +/** + * \def MBEDTLS_MD2_C + * + * Enable the MD2 hash algorithm. + * + * Module: library/md2.c + * Caller: + * + * Uncomment to enable support for (rare) MD2-signed X.509 certs. + * + * \warning MD2 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +//#define MBEDTLS_MD2_C + +/** + * \def MBEDTLS_MD4_C + * + * Enable the MD4 hash algorithm. + * + * Module: library/md4.c + * Caller: + * + * Uncomment to enable support for (rare) MD4-signed X.509 certs. + * + * \warning MD4 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +//#define MBEDTLS_MD4_C + +/** + * \def MBEDTLS_MD5_C + * + * Enable the MD5 hash algorithm. + * + * Module: library/md5.c + * Caller: library/md.c + * library/pem.c + * library/ssl_tls.c + * + * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 + * depending on the handshake parameters. Further, it is used for checking + * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded + * encrypted keys. + * + * \warning MD5 is considered a weak message digest and its use constitutes a + * security risk. If possible, we recommend avoiding dependencies on + * it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_MD5_C + +/** + * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Enable the buffer allocator implementation that makes use of a (stack) + * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() + * calls) + * + * Module: library/memory_buffer_alloc.c + * + * Requires: MBEDTLS_PLATFORM_C + * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * + * Enable this module to enable the buffer memory allocator. + */ +//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C + +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP and UDP over IPv6/IPv4 networking routines. + * + * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) + * and Windows. For other platforms, you'll want to disable it, and write your + * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/net_sockets.c + * + * This module provides networking routines. + */ +#define MBEDTLS_NET_C + +/** + * \def MBEDTLS_OID_C + * + * Enable the OID database. + * + * Module: library/oid.c + * Caller: library/asn1write.c + * library/pkcs5.c + * library/pkparse.c + * library/pkwrite.c + * library/rsa.c + * library/x509.c + * library/x509_create.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * This modules translates between OIDs and internal values. + */ +#define MBEDTLS_OID_C + +/** + * \def MBEDTLS_PADLOCK_C + * + * Enable VIA Padlock support on x86. + * + * Module: library/padlock.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the VIA PadLock on x86. + */ +#define MBEDTLS_PADLOCK_C + +/** + * \def MBEDTLS_PEM_PARSE_C + * + * Enable PEM decoding / parsing. + * + * Module: library/pem.c + * Caller: library/dhm.c + * library/pkparse.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for decoding / parsing PEM files. + */ +#define MBEDTLS_PEM_PARSE_C + +/** + * \def MBEDTLS_PEM_WRITE_C + * + * Enable PEM encoding / writing. + * + * Module: library/pem.c + * Caller: library/pkwrite.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for encoding / writing PEM files. + */ +#define MBEDTLS_PEM_WRITE_C + +/** + * \def MBEDTLS_PK_C + * + * Enable the generic public (asymetric) key layer. + * + * Module: library/pk.c + * Caller: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C + * + * Uncomment to enable generic public key wrappers. + */ +#define MBEDTLS_PK_C + +/** + * \def MBEDTLS_PK_PARSE_C + * + * Enable the generic public (asymetric) key parser. + * + * Module: library/pkparse.c + * Caller: library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key parse functions. + */ +#define MBEDTLS_PK_PARSE_C + +/** + * \def MBEDTLS_PK_WRITE_C + * + * Enable the generic public (asymetric) key writer. + * + * Module: library/pkwrite.c + * Caller: library/x509write.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key write functions. + */ +#define MBEDTLS_PK_WRITE_C + +/** + * \def MBEDTLS_PKCS5_C + * + * Enable PKCS#5 functions. + * + * Module: library/pkcs5.c + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the PKCS#5 functions. + */ +#define MBEDTLS_PKCS5_C + +/** + * \def MBEDTLS_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/pkcs11.c + * Caller: library/pk.c + * + * Requires: MBEDTLS_PK_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) + */ +//#define MBEDTLS_PKCS11_C + +/** + * \def MBEDTLS_PKCS12_C + * + * Enable PKCS#12 PBE functions. + * Adds algorithms for parsing PKCS#8 encrypted private keys + * + * Module: library/pkcs12.c + * Caller: library/pkparse.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * Can use: MBEDTLS_ARC4_C + * + * This module enables PKCS#12 functions. + */ +#define MBEDTLS_PKCS12_C + +/** + * \def MBEDTLS_PLATFORM_C + * + * Enable the platform abstraction layer that allows you to re-assign + * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). + * + * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT + * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned + * above to be specified at runtime or compile time respectively. + * + * \note This abstraction layer must be enabled on Windows (including MSYS2) + * as other module rely on it for a fixed snprintf implementation. + * + * Module: library/platform.c + * Caller: Most other .c files + * + * This module enables abstraction of common (libc) functions. + */ +#define MBEDTLS_PLATFORM_C + +/** + * \def MBEDTLS_POLY1305_C + * + * Enable the Poly1305 MAC algorithm. + * + * Module: library/poly1305.c + * Caller: library/chachapoly.c + */ +#define MBEDTLS_POLY1305_C + +/** + * \def MBEDTLS_PSA_CRYPTO_C + * + * Enable the Platform Security Architecture cryptography API. + * + * \note This option only has an effect when the build option + * USE_CRYPTO_SUBMODULE is also in use. + * + * \warning This feature is experimental and available on an opt-in basis only. + * PSA APIs are subject to change at any time. The implementation comes with + * less assurance and support than the rest of Mbed TLS. + * + * Module: crypto/library/psa_crypto.c + * + * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_C + * + * Enable the Platform Security Architecture persistent key storage. + * + * Module: library/psa_crypto_storage.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C and one of either + * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * (but not both) + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * + * Enable persistent key storage over files for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_file.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * + * Enable persistent key storage over PSA ITS for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_its.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + +/** + * \def MBEDTLS_RIPEMD160_C + * + * Enable the RIPEMD-160 hash algorithm. + * + * Module: library/ripemd160.c + * Caller: library/md.c + * + */ +#define MBEDTLS_RIPEMD160_C + +/** + * \def MBEDTLS_RSA_C + * + * Enable the RSA public-key cryptosystem. + * + * Module: library/rsa.c + * library/rsa_internal.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c + * + * This module is used by the following key exchanges: + * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C + */ +#define MBEDTLS_RSA_C + +/** + * \def MBEDTLS_SHA1_C + * + * Enable the SHA1 cryptographic hash algorithm. + * + * Module: library/sha1.c + * Caller: library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509write_crt.c + * + * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 + * depending on the handshake parameters, and for SHA1-signed certificates. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_SHA1_C + +/** + * \def MBEDTLS_SHA256_C + * + * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * + * Module: library/sha256.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module adds support for SHA-224 and SHA-256. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define MBEDTLS_SHA256_C + +/** + * \def MBEDTLS_SHA512_C + * + * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * + * Module: library/sha512.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This module adds support for SHA-384 and SHA-512. + */ +#define MBEDTLS_SHA512_C + +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + +/** + * \def MBEDTLS_THREADING_C + * + * Enable the threading abstraction layer. + * By default mbed TLS assumes it is used in a non-threaded environment or that + * contexts are not shared between threads. If you do intend to use contexts + * between threads, you will need to enable this layer to prevent race + * conditions. See also our Knowledge Base article about threading: + * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading + * + * Module: library/threading.c + * + * This allows different threading implementations (self-implemented or + * provided). + * + * You will have to enable either MBEDTLS_THREADING_ALT or + * MBEDTLS_THREADING_PTHREAD. + * + * Enable this layer to allow use of mutexes within mbed TLS + */ +//#define MBEDTLS_THREADING_C + +/** + * \def MBEDTLS_TIMING_C + * + * Enable the semi-portable timing interface. + * + * \note The provided implementation only works on POSIX/Unix (including Linux, + * BSD and OS X) and Windows. On other platforms, you can either disable that + * module and provide your own implementations of the callbacks needed by + * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide + * your own implementation of the whole module by setting + * \c MBEDTLS_TIMING_ALT in the current file. + * + * \note See also our Knowledge Base article about porting to a new + * environment: + * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * + * Module: library/timing.c + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. + */ +#define MBEDTLS_TIMING_C + +/** + * \def MBEDTLS_VERSION_C + * + * Enable run-time version information. + * + * Module: library/version.c + * + * This module provides run-time version information. + */ +#define MBEDTLS_VERSION_C + +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/x509_crl.c + * Caller: library/x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + +/** + * \def MBEDTLS_XTEA_C + * + * Enable the XTEA block cipher. + * + * Module: library/xtea.c + * Caller: + */ +#define MBEDTLS_XTEA_C + +/* \} name SECTION: mbed TLS modules */ + +/** + * \name SECTION: Module configuration options + * + * This section allows for the setting of module specific sizes and + * configuration options. The default values are already present in the + * relevant header files and should suffice for the regular use cases. + * + * Our advice is to enable options and change their values here + * only if you have a good reason and know the consequences. + * + * Please check the respective header file for documentation on these + * parameters (to prevent duplicate documentation). + * \{ + */ + +/* MPI / BIGNUM options */ +//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ + +/* CTR_DRBG options */ +//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ +//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ + +/* HMAC_DRBG options */ +//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* ECP options */ +//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ +//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ +//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ + +/* Entropy options */ +//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ +//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ + +/* Memory buffer allocator options */ +//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ + +/* Platform options */ +//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ + +/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ +//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ + +/** + * \brief This macro is invoked by the library when an invalid parameter + * is detected that is only checked with MBEDTLS_CHECK_PARAMS + * (see the documentation of that option for context). + * + * When you leave this undefined here, a default definition is + * provided that invokes the function mbedtls_param_failed(), + * which is declared in platform_util.h for the benefit of the + * library, but that you need to define in your application. + * + * When you define this here, this replaces the default + * definition in platform_util.h (which no longer declares the + * function mbedtls_param_failed()) and it is your responsibility + * to make sure this macro expands to something suitable (in + * particular, that all the necessary declarations are visible + * from within the library - you can ensure that by providing + * them in this file next to the macro definition). + * + * Note that you may define this macro to expand to nothing, in + * which case you don't have to worry about declarations or + * definitions. However, you will then be notified about invalid + * parameters only in non-void functions, and void function will + * just silently return early on invalid parameters, which + * partially negates the benefits of enabling + * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. + * + * \param cond The expression that should evaluate to true, but doesn't. + */ +//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) + +/* SSL Cache options */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +/* SSL options */ + +/** \def MBEDTLS_SSL_MAX_CONTENT_LEN + * + * Maximum length (in bytes) of incoming and outgoing plaintext fragments. + * + * This determines the size of both the incoming and outgoing TLS I/O buffers + * in such a way that both are capable of holding the specified amount of + * plaintext data, regardless of the protection mechanism used. + * + * To configure incoming and outgoing I/O buffers separately, use + * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, + * which overwrite the value set by this option. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of both + * incoming and outgoing I/O buffers. + */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_IN_CONTENT_LEN + * + * Maximum length (in bytes) of incoming plaintext fragments. + * + * This determines the size of the incoming TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option is undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of the incoming I/O buffer + * independently of the outgoing I/O buffer. + */ +//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_OUT_CONTENT_LEN + * + * Maximum length (in bytes) of outgoing plaintext fragments. + * + * This determines the size of the outgoing TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * It is possible to save RAM by setting a smaller outward buffer, while keeping + * the default inward 16384 byte buffer to conform to the TLS specification. + * + * The minimum required outward buffer size is determined by the handshake + * protocol's usage. Handshaking will fail if the outward buffer is too small. + * The specific size requirement depends on the configured ciphers and any + * certificate data which is sent during the handshake. + * + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer + * independently of the incoming I/O buffer. + */ +//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + +/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING + * + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + * + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * + */ +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 + +//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ + +/** + * Complete list of ciphersuites to use, in order of preference. + * + * \warning No dependency checking is done on that field! This option can only + * be used to restrict the set of available ciphersuites. It is your + * responsibility to make sure the needed modules are active. + * + * Use this to save a few hundred bytes of ROM (default ordering of all + * available ciphersuites) and a few to a few hundred bytes of RAM. + * + * The value below is only an example, not the default. + */ +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* X509 options */ +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ + +/** + * Allow SHA-1 in the default TLS configuration for certificate signing. + * Without this build-time option, SHA-1 support must be activated explicitly + * through mbedtls_ssl_conf_cert_profile. Turning on this option is not + * recommended because of it is possible to generate SHA-1 collisions, however + * this may be safe for legacy infrastructure where additional controls apply. + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + +/** + * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake + * signature and ciphersuite selection. Without this build-time option, SHA-1 + * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. + * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by + * default. At the time of writing, there is no practical attack on the use + * of SHA-1 in handshake signatures, hence this option is turned on by default + * to preserve compatibility with existing peers, but the general + * warning applies nonetheless: + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + +/** + * Uncomment the macro to let mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(). This replaces the default implementation in + * platform_util.c. + * + * mbedtls_platform_zeroize() is a widely used function across the library to + * zero a block of memory. The implementation is expected to be secure in the + * sense that it has been written to prevent the compiler from removing calls + * to mbedtls_platform_zeroize() as part of redundant code elimination + * optimizations. However, it is difficult to guarantee that calls to + * mbedtls_platform_zeroize() will not be optimized by the compiler as older + * versions of the C language standards do not provide a secure implementation + * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to + * configure their own implementation of mbedtls_platform_zeroize(), for + * example by using directives specific to their compiler, features from newer + * C standards (e.g using memset_s() in C11) or calling a secure memset() from + * their system (e.g explicit_bzero() in BSD). + */ +//#define MBEDTLS_PLATFORM_ZEROIZE_ALT + +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT + +/* \} name SECTION: Customisation configuration options */ + +/* Target and application specific configurations + * + * Allow user to override any previous default. + * + */ +#if defined(MBEDTLS_USER_CONFIG_FILE) +#include MBEDTLS_USER_CONFIG_FILE +#endif + +#include "check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h new file mode 100644 index 000000000..d4743bb22 --- /dev/null +++ b/configs/config-mini-tls1_1.h @@ -0,0 +1,75 @@ +/** + * \file config-mini-tls1_1.h + * + * \brief Minimal configuration for TLS 1.1 (RFC 4346) + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the + * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * + * See README.txt for usage instructions. + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +#define MBEDTLS_HAVE_ASM +#define MBEDTLS_HAVE_TIME + +/* mbed TLS feature support */ +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_PKCS1_V15 +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/* mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_DES_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_MD_C +#define MBEDTLS_MD5_C +#define MBEDTLS_NET_C +#define MBEDTLS_OID_C +#define MBEDTLS_PK_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_RSA_C +#define MBEDTLS_SHA1_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C +#define MBEDTLS_X509_CRT_PARSE_C +#define MBEDTLS_X509_USE_C + +/* For test certificates */ +#define MBEDTLS_BASE64_C +#define MBEDTLS_CERTS_C +#define MBEDTLS_PEM_PARSE_C + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-thread.h b/configs/config-thread.h new file mode 100644 index 000000000..f729a0381 --- /dev/null +++ b/configs/config-thread.h @@ -0,0 +1,90 @@ +/** + * \file config-thread.h + * + * \brief Minimal configuration for using TLS as part of Thread + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* + * Minimal configuration for using TLS a part of Thread + * http://threadgroup.org/ + * + * Distinguishing features: + * - no RSA or classic DH, fully based on ECC + * - no X.509 + * - support for experimental EC J-PAKE key exchange + * + * See README.txt for usage instructions. + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +#define MBEDTLS_HAVE_ASM + +/* mbed TLS feature support */ +#define MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_NIST_OPTIM +#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#define MBEDTLS_SSL_PROTO_TLS1_2 +#define MBEDTLS_SSL_PROTO_DTLS +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY +#define MBEDTLS_SSL_EXPORT_KEYS + +/* mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_CCM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_CMAC_C +#define MBEDTLS_ECJPAKE_C +#define MBEDTLS_ECP_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_HMAC_DRBG_C +#define MBEDTLS_MD_C +#define MBEDTLS_OID_C +#define MBEDTLS_PK_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SSL_COOKIE_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C + +/* Save RAM at the expense of ROM */ +#define MBEDTLS_AES_ROM_TABLES + +/* Save RAM by adjusting to our exact needs */ +#define MBEDTLS_ECP_MAX_BITS 256 +#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes + +/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ +#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index b29d0dd1b..3dea0046f 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -17,10 +17,18 @@ use warnings; use strict; my %configs = ( - 'config-symmetric-only.h' => { + 'config-default.h' => { + }, + 'config-mini-tls1_1.h' => { }, 'config-suite-b.h' => { }, + 'config-symmetric-only.h' => { + }, + 'config-ccm-psk-tls1_2.h' => { + }, + 'config-thread.h' => { + }, ); # If no config-name is provided, use all known configs. From 722a7e69404a5265c63ed2afcadec196b6e53877 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:05:19 +0100 Subject: [PATCH 2176/2197] Revert "Only build libmbedcrypto" This reverts commit 8298d70beecb6c3c1a375954e03f4ed1a80efc0a. Conflicts: * library/Makefile: removal of SOEXT_X509 and SOEXT_TLS vs change of value of SOEXT_CRYPTO. Keep all, with the new value of SOEXT_CRYPTO. --- Makefile | 4 +++ library/CMakeLists.txt | 72 ++++++++++++++++++++++++++++++++++++----- library/Makefile | 70 +++++++++++++++++++++++++++++++++++++-- scripts/bump_version.sh | 33 +++++++++++++++++++ tests/Makefile | 4 +-- 5 files changed, 171 insertions(+), 12 deletions(-) diff --git a/Makefile b/Makefile index 4fd7f8eaa..026c6371b 100644 --- a/Makefile +++ b/Makefile @@ -27,6 +27,8 @@ install: no_test cp -rp include/psa $(DESTDIR)/include mkdir -p $(DESTDIR)/lib + cp -RP library/libmbedtls.* $(DESTDIR)/lib + cp -RP library/libmbedx509.* $(DESTDIR)/lib cp -RP library/libmbedcrypto.* $(DESTDIR)/lib mkdir -p $(DESTDIR)/bin @@ -40,6 +42,8 @@ install: no_test uninstall: rm -rf $(DESTDIR)/include/mbedtls + rm -f $(DESTDIR)/lib/libmbedtls.* + rm -f $(DESTDIR)/lib/libmbedx509.* rm -f $(DESTDIR)/lib/libmbedcrypto.* for p in programs/*/* ; do \ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 9780b1c5d..8db082862 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -95,6 +95,30 @@ endif() list(APPEND src_crypto ${thirdparty_src}) +set(src_x509 + certs.c + pkcs11.c + x509.c + x509_create.c + x509_crl.c + x509_crt.c + x509_csr.c + x509write_crt.c + x509write_csr.c +) + +set(src_tls + debug.c + net_sockets.c + ssl_cache.c + ssl_ciphersuites.c + ssl_cli.c + ssl_cookie.c + ssl_srv.c + ssl_ticket.c + ssl_tls.c +) + if(CMAKE_COMPILER_IS_GNUCC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") endif(CMAKE_COMPILER_IS_GNUCC) @@ -137,8 +161,12 @@ if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + set(mbedtls_static_target "mbedtls_static") + set(mbedx509_static_target "mbedx509_static") set(mbedcrypto_static_target "mbedcrypto_static") elseif(USE_STATIC_MBEDTLS_LIBRARY) + set(mbedtls_static_target "mbedtls") + set(mbedx509_static_target "mbedx509") set(mbedcrypto_static_target "mbedcrypto") endif() @@ -150,9 +178,23 @@ if(USE_STATIC_MBEDTLS_LIBRARY) PUBLIC ${MBEDTLS_DIR}/include/ PUBLIC ${MBEDTLS_DIR}/crypto/include/) - install(TARGETS ${mbedcrypto_static_target} - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + if(USE_CRYPTO_SUBMODULE) + install(TARGETS ${mbedcrypto_static_target} + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + else() + add_library(${mbedx509_static_target} STATIC ${src_x509}) + set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) + target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) + + add_library(${mbedtls_static_target} STATIC ${src_tls}) + set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) + target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) + + install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target} + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + endif() endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) @@ -163,9 +205,23 @@ if(USE_SHARED_MBEDTLS_LIBRARY) PUBLIC ${MBEDTLS_DIR}/include/ PUBLIC ${MBEDTLS_DIR}/crypto/include/) - install(TARGETS mbedcrypto - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + if(USE_CRYPTO_SUBMODULE) + install(TARGETS mbedcrypto + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + else() + add_library(mbedx509 SHARED ${src_x509}) + set_target_properties(mbedx509 PROPERTIES VERSION 2.16.0 SOVERSION 0) + target_link_libraries(mbedx509 ${libs} mbedcrypto) + + add_library(mbedtls SHARED ${src_tls}) + set_target_properties(mbedtls PROPERTIES VERSION 2.16.0 SOVERSION 12) + target_link_libraries(mbedtls ${libs} mbedx509) + + install(TARGETS mbedtls mbedx509 mbedcrypto + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + endif() endif(USE_SHARED_MBEDTLS_LIBRARY) if(USE_CRYPTO_SUBMODULE) @@ -174,8 +230,8 @@ if(USE_CRYPTO_SUBMODULE) add_dependencies(crypto_lib mbedcrypto_static) endif() else() - add_custom_target(lib DEPENDS mbedcrypto) + add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - add_dependencies(lib mbedcrypto_static) + add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static) endif() endif() diff --git a/library/Makefile b/library/Makefile index ca063f486..8b7222942 100644 --- a/library/Makefile +++ b/library/Makefile @@ -36,6 +36,8 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif +SOEXT_TLS=so.12 +SOEXT_X509=so.0 SOEXT_CRYPTO=so.4 # Set AR_DASH= (empty string) to use an ar implementation that does not accept @@ -105,6 +107,16 @@ include ../3rdparty/Makefile.inc LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS) +OBJS_X509= certs.o pkcs11.o x509.o \ + x509_create.o x509_crl.o x509_crt.o \ + x509_csr.o x509write_crt.o x509write_csr.o + +OBJS_TLS= debug.o net_sockets.o \ + ssl_cache.o ssl_ciphersuites.o \ + ssl_cli.o ssl_cookie.o \ + ssl_srv.o ssl_ticket.o \ + ssl_tls.o + .SILENT: .PHONY: all static shared clean @@ -115,9 +127,63 @@ else all: shared static endif -static: libmbedcrypto.a +static: libmbedcrypto.a libmbedx509.a libmbedtls.a -shared: libmbedcrypto.$(DLEXT) +shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT) + +# tls +libmbedtls.a: $(OBJS_TLS) + echo " AR $@" + $(AR) $(ARFLAGS) $@ $(OBJS_TLS) +ifdef APPLE_BUILD +ifneq ($(APPLE_BUILD),0) + echo " RL $@" + $(RL) $(RLFLAGS) $@ +endif +endif + +libmbedtls.$(SOEXT_TLS): $(OBJS_TLS) libmbedx509.so + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto -lmbedx509 $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS) + +libmbedtls.so: libmbedtls.$(SOEXT_TLS) + echo " LN $@ -> $<" + ln -sf $< $@ + +libmbedtls.dylib: $(OBJS_TLS) libmbedx509.dylib + echo " LD $@" + $(CC) -dynamiclib -L. -lmbedcrypto -lmbedx509 $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS) + +libmbedtls.dll: $(OBJS_TLS) libmbedx509.dll + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_TLS) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -lmbedx509 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS) + +# x509 +libmbedx509.a: $(OBJS_X509) + echo " AR $@" + $(AR) $(ARFLAGS) $@ $(OBJS_X509) +ifdef APPLE_BUILD +ifneq ($(APPLE_BUILD),0) + echo " RL $@" + $(RL) $(RLFLAGS) $@ +endif +endif + +libmbedx509.$(SOEXT_X509): $(OBJS_X509) libmbedcrypto.so + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509) + +libmbedx509.so: libmbedx509.$(SOEXT_X509) + echo " LN $@ -> $<" + ln -sf $< $@ + +libmbedx509.dylib: $(OBJS_X509) libmbedcrypto.dylib + echo " LD $@" + $(CC) -dynamiclib -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509) + +libmbedx509.dll: $(OBJS_X509) libmbedcrypto.dll + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS) # crypto libmbedcrypto.a: $(OBJS_CRYPTO) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index d76e313c8..cf875c88d 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -9,6 +9,7 @@ # Sets the version numbers in the source code to those given. # # Usage: bump_version.sh [ --version ] [ --so-crypto ] +# [ --so-x509 ] [ --so-tls ] # [ -v | --verbose ] [ -h | --help ] # @@ -29,6 +30,14 @@ do shift SO_CRYPTO=$1 ;; + --so-x509) + shift + SO_X509=$1 + ;; + --so-tls) + shift + SO_TLS=$1 + ;; -v|--verbose) # Be verbose VERBOSE="1" @@ -39,6 +48,8 @@ do echo -e " -h|--help\t\tPrint this help." echo -e " --version \tVersion to bump to." echo -e " --so-crypto \tSO version to bump libmbedcrypto to." + echo -e " --so-x509 \tSO version to bump libmbedx509 to." + echo -e " --so-tls \tSO version to bump libmbedtls to." echo -e " -v|--verbose\t\tVerbose." exit 1 ;; @@ -72,6 +83,28 @@ then mv tmp library/Makefile fi +if [ "X" != "X$SO_X509" ]; +then + [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedx509 in library/CMakeLists.txt" + sed -e "/mbedx509/ s/ SOVERSION [0-9]\{1,\}/ SOVERSION $SO_X509/g" < library/CMakeLists.txt > tmp + mv tmp library/CMakeLists.txt + + [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedx509 in library/Makefile" + sed -e "s/SOEXT_X509=so.[0-9]\{1,\}/SOEXT_X509=so.$SO_X509/g" < library/Makefile > tmp + mv tmp library/Makefile +fi + +if [ "X" != "X$SO_TLS" ]; +then + [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedtls in library/CMakeLists.txt" + sed -e "/mbedtls/ s/ SOVERSION [0-9]\{1,\}/ SOVERSION $SO_TLS/g" < library/CMakeLists.txt > tmp + mv tmp library/CMakeLists.txt + + [ $VERBOSE ] && echo "Bumping SOVERSION for libmbedtls in library/Makefile" + sed -e "s/SOEXT_TLS=so.[0-9]\{1,\}/SOEXT_TLS=so.$SO_TLS/g" < library/Makefile > tmp + mv tmp library/Makefile +fi + [ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/version.h" read MAJOR MINOR PATCH <<<$(IFS="."; echo $VERSION) VERSION_NR="$( printf "0x%02X%02X%02X00" $MAJOR $MINOR $PATCH )" diff --git a/tests/Makefile b/tests/Makefile index f7505b602..8fb187e23 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -19,9 +19,9 @@ LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L ifndef SHARED -DEP=../library/libmbedcrypto.a +DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a else -DEP=../library/libmbedcrypto.$(DLEXT) +DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) endif ifdef DEBUG From 4fa9f9f744f3e4f1c1d9045e952f2c42d9da32d3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:05:31 +0100 Subject: [PATCH 2177/2197] Revert "programs, tests: Depend only on libmbedcrypto" This reverts commit 986a15199d40f354d467144f0c55ced36d161c1a. --- programs/Makefile | 6 ++++-- programs/aes/CMakeLists.txt | 4 ++-- programs/hash/CMakeLists.txt | 4 ++-- programs/pkey/CMakeLists.txt | 36 +++++++++++++++++----------------- programs/psa/CMakeLists.txt | 6 +++--- programs/random/CMakeLists.txt | 6 +++--- programs/test/CMakeLists.txt | 2 +- programs/util/CMakeLists.txt | 2 +- tests/CMakeLists.txt | 4 ++-- tests/Makefile | 2 ++ tests/data_files/Makefile | 6 ------ 11 files changed, 38 insertions(+), 40 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 250c6483f..7074df70a 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -9,15 +9,17 @@ LDFLAGS ?= LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ + -lmbedtls$(SHARED_SUFFIX) \ + -lmbedx509$(SHARED_SUFFIX) \ -lmbedcrypto$(SHARED_SUFFIX) include ../3rdparty/Makefile.inc LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) ifndef SHARED -DEP=../library/libmbedcrypto.a +DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a else -DEP=../library/libmbedcrypto.$(DLEXT) +DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) endif ifdef DEBUG diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt index 6c4c7e10f..f5a0caabb 100644 --- a/programs/aes/CMakeLists.txt +++ b/programs/aes/CMakeLists.txt @@ -1,8 +1,8 @@ add_executable(aescrypt2 aescrypt2.c) -target_link_libraries(aescrypt2 mbedcrypto) +target_link_libraries(aescrypt2 mbedtls) add_executable(crypt_and_hash crypt_and_hash.c) -target_link_libraries(crypt_and_hash mbedcrypto) +target_link_libraries(crypt_and_hash mbedtls) install(TARGETS aescrypt2 crypt_and_hash DESTINATION "bin" diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt index 3c6cca9d4..eda975bb0 100644 --- a/programs/hash/CMakeLists.txt +++ b/programs/hash/CMakeLists.txt @@ -1,8 +1,8 @@ add_executable(hello hello.c) -target_link_libraries(hello mbedcrypto) +target_link_libraries(hello mbedtls) add_executable(generic_sum generic_sum.c) -target_link_libraries(generic_sum mbedcrypto) +target_link_libraries(generic_sum mbedtls) install(TARGETS hello generic_sum DESTINATION "bin" diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index 14e6b142d..944a100a2 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -1,56 +1,56 @@ add_executable(dh_genprime dh_genprime.c) -target_link_libraries(dh_genprime mbedcrypto) +target_link_libraries(dh_genprime mbedtls) add_executable(ecdh_curve25519 ecdh_curve25519.c) -target_link_libraries(ecdh_curve25519 mbedcrypto) +target_link_libraries(ecdh_curve25519 mbedtls) add_executable(ecdsa ecdsa.c) -target_link_libraries(ecdsa mbedcrypto) +target_link_libraries(ecdsa mbedtls) add_executable(gen_key gen_key.c) -target_link_libraries(gen_key mbedcrypto) +target_link_libraries(gen_key mbedtls) add_executable(key_app key_app.c) -target_link_libraries(key_app mbedcrypto) +target_link_libraries(key_app mbedtls) add_executable(key_app_writer key_app_writer.c) -target_link_libraries(key_app_writer mbedcrypto) +target_link_libraries(key_app_writer mbedtls) add_executable(mpi_demo mpi_demo.c) -target_link_libraries(mpi_demo mbedcrypto) +target_link_libraries(mpi_demo mbedtls) add_executable(rsa_genkey rsa_genkey.c) -target_link_libraries(rsa_genkey mbedcrypto) +target_link_libraries(rsa_genkey mbedtls) add_executable(rsa_sign rsa_sign.c) -target_link_libraries(rsa_sign mbedcrypto) +target_link_libraries(rsa_sign mbedtls) add_executable(rsa_verify rsa_verify.c) -target_link_libraries(rsa_verify mbedcrypto) +target_link_libraries(rsa_verify mbedtls) add_executable(rsa_sign_pss rsa_sign_pss.c) -target_link_libraries(rsa_sign_pss mbedcrypto) +target_link_libraries(rsa_sign_pss mbedtls) add_executable(rsa_verify_pss rsa_verify_pss.c) -target_link_libraries(rsa_verify_pss mbedcrypto) +target_link_libraries(rsa_verify_pss mbedtls) add_executable(rsa_encrypt rsa_encrypt.c) -target_link_libraries(rsa_encrypt mbedcrypto) +target_link_libraries(rsa_encrypt mbedtls) add_executable(rsa_decrypt rsa_decrypt.c) -target_link_libraries(rsa_decrypt mbedcrypto) +target_link_libraries(rsa_decrypt mbedtls) add_executable(pk_sign pk_sign.c) -target_link_libraries(pk_sign mbedcrypto) +target_link_libraries(pk_sign mbedtls) add_executable(pk_verify pk_verify.c) -target_link_libraries(pk_verify mbedcrypto) +target_link_libraries(pk_verify mbedtls) add_executable(pk_encrypt pk_encrypt.c) -target_link_libraries(pk_encrypt mbedcrypto) +target_link_libraries(pk_encrypt mbedtls) add_executable(pk_decrypt pk_decrypt.c) -target_link_libraries(pk_decrypt mbedcrypto) +target_link_libraries(pk_decrypt mbedtls) install(TARGETS dh_genprime key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key DESTINATION "bin" diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index 814368316..c80043bc4 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -1,11 +1,11 @@ add_executable(crypto_examples crypto_examples.c) -target_link_libraries(crypto_examples mbedcrypto) +target_link_libraries(crypto_examples mbedtls) add_executable(key_ladder_demo key_ladder_demo.c) -target_link_libraries(key_ladder_demo mbedcrypto) +target_link_libraries(key_ladder_demo mbedtls) add_executable(psa_constant_names psa_constant_names.c) -target_link_libraries(psa_constant_names mbedcrypto) +target_link_libraries(psa_constant_names mbedtls) add_custom_target( psa_constant_names_generated diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt index 630c66e9d..30933d88d 100644 --- a/programs/random/CMakeLists.txt +++ b/programs/random/CMakeLists.txt @@ -1,11 +1,11 @@ add_executable(gen_random_havege gen_random_havege.c) -target_link_libraries(gen_random_havege mbedcrypto) +target_link_libraries(gen_random_havege mbedtls) add_executable(gen_random_ctr_drbg gen_random_ctr_drbg.c) -target_link_libraries(gen_random_ctr_drbg mbedcrypto) +target_link_libraries(gen_random_ctr_drbg mbedtls) add_executable(gen_entropy gen_entropy.c) -target_link_libraries(gen_entropy mbedcrypto) +target_link_libraries(gen_entropy mbedtls) install(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy DESTINATION "bin" diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 192ac4cb7..2b455ee01 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - mbedcrypto + mbedtls ) add_executable(selftest selftest.c) diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt index 4c3fb0dfa..f9b660453 100644 --- a/programs/util/CMakeLists.txt +++ b/programs/util/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - mbedcrypto + mbedtls ) add_executable(strerror strerror.c) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 3b923a3a3..a1194e520 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - mbedcrypto + mbedtls ) # Set the project root directory if it's not already defined, as may happen if @@ -36,7 +36,7 @@ function(add_test_suite suite_name) add_custom_command( OUTPUT test_suite_${data_name}.c COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o . - DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedcrypto ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data ) set(exe_name test_suite_${data_name}) diff --git a/tests/Makefile b/tests/Makefile index 8fb187e23..3203b883e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -8,6 +8,8 @@ LDFLAGS ?= CRYPTO_INCLUDES ?= -I../include LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -I../library -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ + -lmbedtls$(SHARED_SUFFIX) \ + -lmbedx509$(SHARED_SUFFIX) \ -lmbedcrypto$(SHARED_SUFFIX) include ../3rdparty/Makefile.inc diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 7f31cc874..e85fd70c2 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -14,12 +14,6 @@ OPENSSL ?= openssl FAKETIME ?= faketime -# Tools from Mbed TLS -# Mbed Crypto depends on Mbed TLS programs to generate its test certificates. -# These programs can be installed from Mbed TLS. -MBEDTLS_CERT_WRITE ?= mbedtls_cert_write -MBEDTLS_CERT_REQ ?= mbedtls_cert_req - ## Build the generated test data. Note that since the final outputs ## are committed to the repository, this target should do nothing on a From 70824f2c9ea28a0c044f14d967ce21899f41441d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:05:33 +0100 Subject: [PATCH 2178/2197] Revert "Remove programs that depend on TLS or X.509" This reverts commit 0688e4f2668dab8ad95b734c23b35977134a6d21. Run scripts/generate_visualc_files.pl to account for the added programs. --- programs/.gitignore | 17 + programs/CMakeLists.txt | 2 + programs/Makefile | 83 + programs/README.md | 43 + programs/ssl/CMakeLists.txt | 64 + programs/ssl/dtls_client.c | 374 +++ programs/ssl/dtls_server.c | 449 +++ programs/ssl/mini_client.c | 312 +++ programs/ssl/ssl_client1.c | 331 +++ programs/ssl/ssl_client2.c | 2454 ++++++++++++++++ programs/ssl/ssl_fork_server.c | 435 +++ programs/ssl/ssl_mail_client.c | 871 ++++++ programs/ssl/ssl_pthread_server.c | 545 ++++ programs/ssl/ssl_server.c | 416 +++ programs/ssl/ssl_server2.c | 3533 ++++++++++++++++++++++++ programs/test/CMakeLists.txt | 5 +- programs/test/udp_proxy.c | 944 +++++++ programs/test/udp_proxy_wrapper.sh | 117 + programs/x509/CMakeLists.txt | 30 + programs/x509/cert_app.c | 515 ++++ programs/x509/cert_req.c | 453 +++ programs/x509/cert_write.c | 825 ++++++ programs/x509/crl_app.c | 164 ++ programs/x509/req_app.c | 164 ++ tests/data_files/Makefile | 2 + visualc/VS2010/cert_app.vcxproj | 177 ++ visualc/VS2010/cert_req.vcxproj | 177 ++ visualc/VS2010/cert_write.vcxproj | 177 ++ visualc/VS2010/crl_app.vcxproj | 177 ++ visualc/VS2010/dtls_client.vcxproj | 177 ++ visualc/VS2010/dtls_server.vcxproj | 177 ++ visualc/VS2010/mbedTLS.sln | 195 ++ visualc/VS2010/mini_client.vcxproj | 177 ++ visualc/VS2010/req_app.vcxproj | 177 ++ visualc/VS2010/ssl_client1.vcxproj | 177 ++ visualc/VS2010/ssl_client2.vcxproj | 178 ++ visualc/VS2010/ssl_fork_server.vcxproj | 177 ++ visualc/VS2010/ssl_mail_client.vcxproj | 177 ++ visualc/VS2010/ssl_server.vcxproj | 177 ++ visualc/VS2010/ssl_server2.vcxproj | 178 ++ visualc/VS2010/udp_proxy.vcxproj | 177 ++ 41 files changed, 15999 insertions(+), 1 deletion(-) create mode 100644 programs/ssl/CMakeLists.txt create mode 100644 programs/ssl/dtls_client.c create mode 100644 programs/ssl/dtls_server.c create mode 100644 programs/ssl/mini_client.c create mode 100644 programs/ssl/ssl_client1.c create mode 100644 programs/ssl/ssl_client2.c create mode 100644 programs/ssl/ssl_fork_server.c create mode 100644 programs/ssl/ssl_mail_client.c create mode 100644 programs/ssl/ssl_pthread_server.c create mode 100644 programs/ssl/ssl_server.c create mode 100644 programs/ssl/ssl_server2.c create mode 100644 programs/test/udp_proxy.c create mode 100755 programs/test/udp_proxy_wrapper.sh create mode 100644 programs/x509/CMakeLists.txt create mode 100644 programs/x509/cert_app.c create mode 100644 programs/x509/cert_req.c create mode 100644 programs/x509/cert_write.c create mode 100644 programs/x509/crl_app.c create mode 100644 programs/x509/req_app.c create mode 100644 visualc/VS2010/cert_app.vcxproj create mode 100644 visualc/VS2010/cert_req.vcxproj create mode 100644 visualc/VS2010/cert_write.vcxproj create mode 100644 visualc/VS2010/crl_app.vcxproj create mode 100644 visualc/VS2010/dtls_client.vcxproj create mode 100644 visualc/VS2010/dtls_server.vcxproj create mode 100644 visualc/VS2010/mini_client.vcxproj create mode 100644 visualc/VS2010/req_app.vcxproj create mode 100644 visualc/VS2010/ssl_client1.vcxproj create mode 100644 visualc/VS2010/ssl_client2.vcxproj create mode 100644 visualc/VS2010/ssl_fork_server.vcxproj create mode 100644 visualc/VS2010/ssl_mail_client.vcxproj create mode 100644 visualc/VS2010/ssl_server.vcxproj create mode 100644 visualc/VS2010/ssl_server2.vcxproj create mode 100644 visualc/VS2010/udp_proxy.vcxproj diff --git a/programs/.gitignore b/programs/.gitignore index a6df08f9e..30489bed0 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -34,14 +34,31 @@ psa/key_ladder_demo random/gen_entropy random/gen_random_ctr_drbg random/gen_random_havege +ssl/dtls_client +ssl/dtls_server +ssl/ssl_client1 +ssl/ssl_client2 +ssl/ssl_fork_server +ssl/ssl_mail_client +ssl/ssl_pthread_server +ssl/ssl_server +ssl/ssl_server2 +ssl/mini_client test/benchmark test/ecp-bench test/selftest test/cpp_dummy_build +test/ssl_cert_test +test/udp_proxy test/zeroize test/query_compile_time_config util/pem2der util/strerror +x509/cert_app +x509/cert_req +x509/crl_app +x509/cert_write +x509/req_app # generated files pkey/keyfile.key diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt index b99b44e80..661b12071 100644 --- a/programs/CMakeLists.txt +++ b/programs/CMakeLists.txt @@ -3,5 +3,7 @@ add_subdirectory(hash) add_subdirectory(pkey) add_subdirectory(psa) add_subdirectory(random) +add_subdirectory(ssl) add_subdirectory(test) +add_subdirectory(x509) add_subdirectory(util) diff --git a/programs/Makefile b/programs/Makefile index 7074df70a..c5ac76749 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -70,17 +70,36 @@ APPS = \ psa/crypto_examples$(EXEXT) \ psa/key_ladder_demo$(EXEXT) \ psa/psa_constant_names$(EXEXT) \ + ssl/dtls_client$(EXEXT) \ + ssl/dtls_server$(EXEXT) \ + ssl/ssl_client1$(EXEXT) \ + ssl/ssl_client2$(EXEXT) \ + ssl/ssl_server$(EXEXT) \ + ssl/ssl_server2$(EXEXT) \ + ssl/ssl_fork_server$(EXEXT) \ + ssl/mini_client$(EXEXT) \ + ssl/ssl_mail_client$(EXEXT) \ random/gen_entropy$(EXEXT) \ random/gen_random_havege$(EXEXT) \ random/gen_random_ctr_drbg$(EXEXT) \ test/benchmark$(EXEXT) \ test/selftest$(EXEXT) \ + test/udp_proxy$(EXEXT) \ test/zeroize$(EXEXT) \ test/query_compile_time_config$(EXEXT) \ util/pem2der$(EXEXT) \ util/strerror$(EXEXT) \ + x509/cert_app$(EXEXT) \ + x509/crl_app$(EXEXT) \ + x509/cert_req$(EXEXT) \ + x509/cert_write$(EXEXT) \ + x509/req_app$(EXEXT) \ # End of APPS +ifdef PTHREAD +APPS += ssl/ssl_pthread_server$(EXEXT) +endif + ifdef TEST_CPP APPS += test/cpp_dummy_build$(EXEXT) endif @@ -214,6 +233,46 @@ random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP) echo " CC random/gen_random_ctr_drbg.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +ssl/dtls_client$(EXEXT): ssl/dtls_client.c $(DEP) + echo " CC ssl/dtls_client.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/dtls_server$(EXEXT): ssl/dtls_server.c $(DEP) + echo " CC ssl/dtls_server.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/dtls_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c $(DEP) + echo " CC ssl/ssl_client1.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c test/query_config.c $(DEP) + echo " CC ssl/ssl_client2.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP) + echo " CC ssl/ssl_server.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c test/query_config.c $(DEP) + echo " CC ssl/ssl_server2.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP) + echo " CC ssl/ssl_fork_server.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_fork_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c $(DEP) + echo " CC ssl/ssl_pthread_server.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_pthread_server.c $(LOCAL_LDFLAGS) -lpthread $(LDFLAGS) -o $@ + +ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c $(DEP) + echo " CC ssl/ssl_mail_client.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_mail_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +ssl/mini_client$(EXEXT): ssl/mini_client.c $(DEP) + echo " CC ssl/mini_client.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/mini_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + test/benchmark$(EXEXT): test/benchmark.c $(DEP) echo " CC test/benchmark.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -226,6 +285,10 @@ test/selftest$(EXEXT): test/selftest.c $(DEP) echo " CC test/selftest.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +test/udp_proxy$(EXEXT): test/udp_proxy.c $(DEP) + echo " CC test/udp_proxy.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/udp_proxy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + test/zeroize$(EXEXT): test/zeroize.c $(DEP) echo " CC test/zeroize.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -242,6 +305,26 @@ util/strerror$(EXEXT): util/strerror.c $(DEP) echo " CC util/strerror.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/strerror.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +x509/cert_app$(EXEXT): x509/cert_app.c $(DEP) + echo " CC x509/cert_app.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +x509/cert_write$(EXEXT): x509/cert_write.c $(DEP) + echo " CC x509/cert_write.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_write.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +x509/crl_app$(EXEXT): x509/crl_app.c $(DEP) + echo " CC x509/crl_app.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/crl_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +x509/cert_req$(EXEXT): x509/cert_req.c $(DEP) + echo " CC x509/cert_req.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/cert_req.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + +x509/req_app$(EXEXT): x509/req_app.c $(DEP) + echo " CC x509/req_app.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP) echo " CC psa/crypto_examples.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index 977e26c41..44edd617a 100644 --- a/programs/README.md +++ b/programs/README.md @@ -61,6 +61,36 @@ This subdirectory mostly contains sample programs that illustrate specific featu * [`random/gen_random_havege.c`](random/gen_random_havege.c): demonstrates the HAVEGE entropy collector. +## SSL/TLS examples + +### SSL/TLS sample applications + +* [`ssl/dtls_client.c`](ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads one datagram in response. + +* [`ssl/dtls_server.c`](ssl/dtls_server.c): a simple DTLS server program, which expects one datagram from the client and writes one datagram in response. This program supports DTLS cookies for hello verification. + +* [`ssl/mini_client.c`](ssl/mini_client.c): a minimalistic SSL client, which sends a short string and disconnects. This is primarily intended as a benchmark; for a better example of a typical TLS client, see `ssl/ssl_client1.c`. + +* [`ssl/ssl_client1.c`](ssl/ssl_client1.c): a simple HTTPS client that sends a fixed request and displays the response. + +* [`ssl/ssl_fork_server.c`](ssl/ssl_fork_server.c): a simple HTTPS server using one process per client to send a fixed response. This program requires a Unix/POSIX environment implementing the `fork` system call. + +* [`ssl/ssl_mail_client.c`](ssl/ssl_mail_client.c): a simple SMTP-over-TLS or SMTP-STARTTLS client. This client sends an email with fixed content. + +* [`ssl/ssl_pthread_server.c`](ssl/ssl_pthread_server.c): a simple HTTPS server using one thread per client to send a fixed response. This program requires the pthread library. + +* [`ssl/ssl_server.c`](ssl/ssl_server.c): a simple HTTPS server that sends a fixed response. It serves a single client at a time. + +### SSL/TLS feature demonstrators + +Note: unlike most of the other programs under the `programs/` directory, these two programs are not intended as a basis for writing an application. They combine most of the features supported by the library, and most applications require only a few features. To write a new application, we recommended that you start with `ssl_client1.c` or `ssl_server.c`, and then look inside `ssl/ssl_client2.c` or `ssl/ssl_server2.c` to see how to use the specific features that your application needs. + +* [`ssl/ssl_client2.c`](ssl/ssl_client2.c): an HTTPS client that sends a fixed request and displays the response, with options to select TLS protocol features and Mbed TLS library features. + +* [`ssl/ssl_server2.c`](ssl/ssl_server2.c): an HTTPS server that sends a fixed response, with options to select TLS protocol features and Mbed TLS library features. + +In addition to providing options for testing client-side features, the `ssl_client2` program has options that allow you to trigger certain behaviors in the server. For example, there are options to select ciphersuites, or to force a renegotiation. These options are useful for testing the corresponding features in a TLS server. Likewise, `ssl_server2` has options to activate certain behaviors that are useful for testing a TLS client. + ## Test utilities * [`test/benchmark.c`](test/benchmark.c): benchmark for cryptographic algorithms. @@ -76,3 +106,16 @@ This subdirectory mostly contains sample programs that illustrate specific featu * [`util/pem2der.c`](util/pem2der.c): a PEM to DER converter. Mbed TLS can read PEM files directly, but this utility can be useful for interacting with other tools or with minimal Mbed TLS builds that lack PEM support. * [`util/strerror.c`](util/strerror.c): prints the error description corresponding to an integer status returned by an Mbed TLS function. + +## X.509 certificate examples + +* [`x509/cert_app.c`](x509/cert_app.c): connects to a TLS server and verifies its certificate chain. + +* [`x509/cert_req.c`](x509/cert_req.c): generates a certificate signing request (CSR) for a private key. + +* [`x509/cert_write.c`](x509/cert_write.c): signs a certificate signing request, or self-signs a certificate. + +* [`x509/crl_app.c`](x509/crl_app.c): loads and dumps a certificate revocation list (CRL). + +* [`x509/req_app.c`](x509/req_app.c): loads and dumps a certificate signing request (CSR). + diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt new file mode 100644 index 000000000..f28a47d87 --- /dev/null +++ b/programs/ssl/CMakeLists.txt @@ -0,0 +1,64 @@ +set(THREADS_USE_PTHREADS_WIN32 true) +find_package(Threads) + +set(libs + mbedtls +) + +set(targets + dtls_client + dtls_server + ssl_client1 + ssl_client2 + ssl_server + ssl_fork_server + ssl_mail_client + mini_client +) + +if(USE_PKCS11_HELPER_LIBRARY) + set(libs ${libs} pkcs11-helper) +endif(USE_PKCS11_HELPER_LIBRARY) + +if(ENABLE_ZLIB_SUPPORT) + set(libs ${libs} ${ZLIB_LIBRARIES}) +endif(ENABLE_ZLIB_SUPPORT) + +add_executable(dtls_client dtls_client.c) +target_link_libraries(dtls_client ${libs}) + +add_executable(dtls_server dtls_server.c) +target_link_libraries(dtls_server ${libs}) + +add_executable(ssl_client1 ssl_client1.c) +target_link_libraries(ssl_client1 ${libs}) + +add_executable(ssl_client2 ssl_client2.c) +target_sources(ssl_client2 PUBLIC ../test/query_config.c) +target_link_libraries(ssl_client2 ${libs}) + +add_executable(ssl_server ssl_server.c) +target_link_libraries(ssl_server ${libs}) + +add_executable(ssl_server2 ssl_server2.c) +target_sources(ssl_server2 PUBLIC ../test/query_config.c) +target_link_libraries(ssl_server2 ${libs}) + +add_executable(ssl_fork_server ssl_fork_server.c) +target_link_libraries(ssl_fork_server ${libs}) + +add_executable(ssl_mail_client ssl_mail_client.c) +target_link_libraries(ssl_mail_client ${libs}) + +add_executable(mini_client mini_client.c) +target_link_libraries(mini_client ${libs}) + +if(THREADS_FOUND) + add_executable(ssl_pthread_server ssl_pthread_server.c) + target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT}) + set(targets ${targets} ssl_pthread_server) +endif(THREADS_FOUND) + +install(TARGETS ${targets} + DESTINATION "bin" + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c new file mode 100644 index 000000000..90db06ca9 --- /dev/null +++ b/programs/ssl/dtls_client.c @@ -0,0 +1,374 @@ +/* + * Simple DTLS client demonstration program + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +#if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) +int main( void ) +{ + mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); + return( 0 ); +} +#else + +#include + +#include "mbedtls/net_sockets.h" +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/error.h" +#include "mbedtls/certs.h" +#include "mbedtls/timing.h" + +/* Uncomment out the following line to default to IPv4 and disable IPv6 */ +//#define FORCE_IPV4 + +#define SERVER_PORT "4433" +#define SERVER_NAME "localhost" + +#ifdef FORCE_IPV4 +#define SERVER_ADDR "127.0.0.1" /* Forces IPv4 */ +#else +#define SERVER_ADDR "::1" +#endif + +#define MESSAGE "Echo this" + +#define READ_TIMEOUT_MS 1000 +#define MAX_RETRY 5 + +#define DEBUG_LEVEL 0 + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +int main( int argc, char *argv[] ) +{ + int ret, len; + mbedtls_net_context server_fd; + uint32_t flags; + unsigned char buf[1024]; + const char *pers = "dtls_client"; + int retry_left = MAX_RETRY; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt cacert; + mbedtls_timing_delay_context timer; + + ((void) argc); + ((void) argv); + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); +#endif + + /* + * 0. Initialize the RNG and the session data + */ + mbedtls_net_init( &server_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_x509_crt_init( &cacert ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + + mbedtls_printf( "\n . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 0. Load certificates + */ + mbedtls_printf( " . Loading the CA root certificate ..." ); + fflush( stdout ); + + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_printf( " ok (%d skipped)\n", ret ); + + /* + * 1. Start the connection + */ + mbedtls_printf( " . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR, + SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Setup stuff + */ + mbedtls_printf( " . Setting up the DTLS structure..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + /* OPTIONAL is usually a bad choice for security, but makes interop easier + * in this simplified example, in which the ca chain is hardcoded. + * Production code should set a proper ca chain and use REQUIRED. */ + mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &server_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); + + mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay ); + + mbedtls_printf( " ok\n" ); + + /* + * 4. Handshake + */ + mbedtls_printf( " . Performing the DTLS handshake..." ); + fflush( stdout ); + + do ret = mbedtls_ssl_handshake( &ssl ); + while( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 5. Verify the server certificate + */ + mbedtls_printf( " . Verifying peer X.509 certificate..." ); + + /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the + * handshake would not succeed if the peer's cert is bad. Even if we used + * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ + if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) + { + char vrfy_buf[512]; + + mbedtls_printf( " failed\n" ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } + else + mbedtls_printf( " ok\n" ); + + /* + * 6. Write the echo request + */ +send_request: + mbedtls_printf( " > Write to server:" ); + fflush( stdout ); + + len = sizeof( MESSAGE ) - 1; + + do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len ); + while( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + goto exit; + } + + len = ret; + mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE ); + + /* + * 7. Read the echo response + */ + mbedtls_printf( " < Read from server:" ); + fflush( stdout ); + + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + + do ret = mbedtls_ssl_read( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_TIMEOUT: + mbedtls_printf( " timeout\n\n" ); + if( retry_left-- > 0 ) + goto send_request; + goto exit; + + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); + ret = 0; + goto close_notify; + + default: + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret ); + goto exit; + } + } + + len = ret; + mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf ); + + /* + * 8. Done, cleanly close the connection + */ +close_notify: + mbedtls_printf( " . Closing the connection..." ); + + /* No error checking, the connection might be closed already */ + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + ret = 0; + + mbedtls_printf( " done\n" ); + + /* + * 9. Final clean-ups and exit + */ +exit: + +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &server_fd ); + + mbedtls_x509_crt_free( &cacert ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + /* Shell can not handle large exit numbers -> 1 for errors */ + if( ret < 0 ) + ret = 1; + + return( ret ); +} +#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && + MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C && + MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c new file mode 100644 index 000000000..dd21fbf47 --- /dev/null +++ b/programs/ssl/dtls_server.c @@ -0,0 +1,449 @@ +/* + * Simple DTLS server demonstration program + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_time_t time_t +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +/* Uncomment out the following line to default to IPv4 and disable IPv6 */ +//#define FORCE_IPV4 + +#ifdef FORCE_IPV4 +#define BIND_IP "0.0.0.0" /* Forces IPv4 */ +#else +#define BIND_IP "::" +#endif + +#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ + !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ + !defined(MBEDTLS_TIMING_C) + +int main( void ) +{ + printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " + "MBEDTLS_TIMING_C not defined.\n" ); + return( 0 ); +} +#else + +#if defined(_WIN32) +#include +#endif + +#include +#include +#include + +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/error.h" +#include "mbedtls/debug.h" +#include "mbedtls/timing.h" + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#define READ_TIMEOUT_MS 10000 /* 5 seconds */ +#define DEBUG_LEVEL 0 + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +int main( void ) +{ + int ret, len; + mbedtls_net_context listen_fd, client_fd; + unsigned char buf[1024]; + const char *pers = "dtls_server"; + unsigned char client_ip[16] = { 0 }; + size_t cliip_len; + mbedtls_ssl_cookie_ctx cookie_ctx; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; + mbedtls_timing_delay_context timer; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; +#endif + + mbedtls_net_init( &listen_fd ); + mbedtls_net_init( &client_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_ssl_cookie_init( &cookie_ctx ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); +#endif + mbedtls_x509_crt_init( &srvcert ); + mbedtls_pk_init( &pkey ); + mbedtls_entropy_init( &entropy ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); +#endif + + /* + * 1. Load the certificates and private RSA key + */ + printf( "\n . Loading the server cert. and key..." ); + fflush( stdout ); + + /* + * This demonstration program uses embedded test certificates. + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). + */ + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); + if( ret != 0 ) + { + printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); + if( ret != 0 ) + { + printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); + if( ret != 0 ) + { + printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + goto exit; + } + + printf( " ok\n" ); + + /* + * 2. Setup the "listening" UDP socket + */ + printf( " . Bind on udp/*/4433 ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + goto exit; + } + + printf( " ok\n" ); + + /* + * 3. Seed the RNG + */ + printf( " . Seeding the random number generator..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + printf( " ok\n" ); + + /* + * 4. Setup stuff + */ + printf( " . Setting up the DTLS data..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_cache_get, + mbedtls_ssl_cache_set ); +#endif + + mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) + { + printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, + &cookie_ctx ); + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay ); + + printf( " ok\n" ); + +reset: +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &client_fd ); + + mbedtls_ssl_session_reset( &ssl ); + + /* + * 3. Wait until a client connects + */ + printf( " . Waiting for a remote connection ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) + { + printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + goto exit; + } + + /* For HelloVerifyRequest cookies */ + if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, + client_ip, cliip_len ) ) != 0 ) + { + printf( " failed\n ! " + "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &client_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); + + printf( " ok\n" ); + + /* + * 5. Handshake + */ + printf( " . Performing the DTLS handshake..." ); + fflush( stdout ); + + do ret = mbedtls_ssl_handshake( &ssl ); + while( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + + if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) + { + printf( " hello verification requested\n" ); + ret = 0; + goto reset; + } + else if( ret != 0 ) + { + printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); + goto reset; + } + + printf( " ok\n" ); + + /* + * 6. Read the echo Request + */ + printf( " < Read from client:" ); + fflush( stdout ); + + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + + do ret = mbedtls_ssl_read( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_TIMEOUT: + printf( " timeout\n\n" ); + goto reset; + + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + printf( " connection was closed gracefully\n" ); + ret = 0; + goto close_notify; + + default: + printf( " mbedtls_ssl_read returned -0x%x\n\n", -ret ); + goto reset; + } + } + + len = ret; + printf( " %d bytes read\n\n%s\n\n", len, buf ); + + /* + * 7. Write the 200 Response + */ + printf( " > Write to client:" ); + fflush( stdout ); + + do ret = mbedtls_ssl_write( &ssl, buf, len ); + while( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + + if( ret < 0 ) + { + printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + goto exit; + } + + len = ret; + printf( " %d bytes written\n\n%s\n\n", len, buf ); + + /* + * 8. Done, cleanly close the connection + */ +close_notify: + printf( " . Closing the connection..." ); + + /* No error checking, the connection might be closed already */ + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + ret = 0; + + printf( " done\n" ); + + goto reset; + + /* + * Final clean-ups and exit + */ +exit: + +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + printf( "Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &client_fd ); + mbedtls_net_free( &listen_fd ); + + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_cookie_free( &cookie_ctx ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); +#endif + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + printf( " Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + /* Shell can not handle large exit numbers -> 1 for errors */ + if( ret < 0 ) + ret = 1; + + return( ret ); +} +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && + MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && + MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C + && MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */ diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c new file mode 100644 index 000000000..ff3612885 --- /dev/null +++ b/programs/ssl/mini_client.c @@ -0,0 +1,312 @@ +/* + * Minimal SSL client, used for memory measurements. + * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +/* + * We're creating and connecting the socket "manually" rather than using the + * NET module, in order to avoid the overhead of getaddrinfo() which tends to + * dominate memory usage in small configurations. For the sake of simplicity, + * only a Unix version is implemented. + * + * Warning: we are breaking some of the abtractions from the NET layer here. + * This is not a good example for general use. This programs has the specific + * goal of minimizing use of the libc functions on full-blown OSes. + */ +#if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__) +#define UNIX +#endif + +#if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(UNIX) + +int main( void ) +{ + mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " + "not defined.\n"); + return( 0 ); +} +#else + +#include + +#include "mbedtls/net_sockets.h" +#include "mbedtls/ssl.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" + +#include +#include +#include + +/* + * Hardcoded values for server host and port + */ +#define PORT_BE 0x1151 /* 4433 */ +#define PORT_LE 0x5111 +#define ADDR_BE 0x7f000001 /* 127.0.0.1 */ +#define ADDR_LE 0x0100007f +#define HOSTNAME "localhost" /* for cert verification if enabled */ + +#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" + +const char *pers = "mini_client"; + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +const unsigned char psk[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f +}; +const char psk_id[] = "Client_identity"; +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */ +const unsigned char ca_cert[] = { + 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01, + 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, + 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, + 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, + 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, + 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, + 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39, + 0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32, + 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, + 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, + 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, + 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, + 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, + 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, + 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, + 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, + 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, + 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, + 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, + 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, + 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, + 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, + 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d, + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20, + 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, + 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, + 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, + 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, + 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, + 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06, + 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, + 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, + 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56, + 0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8, + 0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a, + 0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67, + 0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67, + 0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6, + 0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f, + 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c, + 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20, +}; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +enum exit_codes +{ + exit_ok = 0, + ctr_drbg_seed_failed, + ssl_config_defaults_failed, + ssl_setup_failed, + hostname_failed, + socket_failed, + connect_failed, + x509_crt_parse_failed, + ssl_handshake_failed, + ssl_write_failed, +}; + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +int main( void ) +{ + int ret = exit_ok; + mbedtls_net_context server_fd; + struct sockaddr_in addr; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt ca; +#endif + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_ctr_drbg_init( &ctr_drbg ); + + /* + * 0. Initialize and setup stuff + */ + mbedtls_net_init( &server_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_init( &ca ); +#endif + + mbedtls_entropy_init( &entropy ); + if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, strlen( pers ) ) != 0 ) + { + ret = ctr_drbg_seed_failed; + goto exit; + } + + if( mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + { + ret = ssl_config_defaults_failed; + goto exit; + } + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), + (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) + { + ret = x509_crt_parse_failed; + goto exit; + } + + mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL ); + mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); +#endif + + if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + { + ret = ssl_setup_failed; + goto exit; + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 ) + { + ret = hostname_failed; + goto exit; + } +#endif + + /* + * 1. Start the connection + */ + memset( &addr, 0, sizeof( addr ) ); + addr.sin_family = AF_INET; + + ret = 1; /* for endianness detection */ + addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE; + addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; + ret = 0; + + if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) + { + ret = socket_failed; + goto exit; + } + + if( connect( server_fd.fd, + (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) + { + ret = connect_failed; + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + if( mbedtls_ssl_handshake( &ssl ) != 0 ) + { + ret = ssl_handshake_failed; + goto exit; + } + + /* + * 2. Write the GET request and close the connection + */ + if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST, + sizeof( GET_REQUEST ) - 1 ) <= 0 ) + { + ret = ssl_write_failed; + goto exit; + } + + mbedtls_ssl_close_notify( &ssl ); + +exit: + mbedtls_net_free( &server_fd ); + + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_free( &ca ); +#endif + + return( ret ); +} +#endif diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c new file mode 100644 index 000000000..646909f11 --- /dev/null +++ b/programs/ssl/ssl_client1.c @@ -0,0 +1,331 @@ +/* + * SSL client demonstration program + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/net_sockets.h" +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/error.h" +#include "mbedtls/certs.h" + +#include + +#define SERVER_PORT "4433" +#define SERVER_NAME "localhost" +#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" + +#define DEBUG_LEVEL 1 + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +int main( void ) +{ + int ret = 1, len; + int exit_code = MBEDTLS_EXIT_FAILURE; + mbedtls_net_context server_fd; + uint32_t flags; + unsigned char buf[1024]; + const char *pers = "ssl_client1"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt cacert; + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); +#endif + + /* + * 0. Initialize the RNG and the session data + */ + mbedtls_net_init( &server_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_x509_crt_init( &cacert ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + + mbedtls_printf( "\n . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 0. Initialize certificates + */ + mbedtls_printf( " . Loading the CA root certificate ..." ); + fflush( stdout ); + + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_printf( " ok (%d skipped)\n", ret ); + + /* + * 1. Start the connection + */ + mbedtls_printf( " . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Setup stuff + */ + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* OPTIONAL is not optimal for security, + * but makes interop easier in this simplified example */ + mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + /* + * 4. Handshake + */ + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); + goto exit; + } + } + + mbedtls_printf( " ok\n" ); + + /* + * 5. Verify the server certificate + */ + mbedtls_printf( " . Verifying peer X.509 certificate..." ); + + /* In real life, we probably want to bail out when ret != 0 */ + if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) + { + char vrfy_buf[512]; + + mbedtls_printf( " failed\n" ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } + else + mbedtls_printf( " ok\n" ); + + /* + * 3. Write the GET request + */ + mbedtls_printf( " > Write to server:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, GET_REQUEST ); + + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + goto exit; + } + } + + len = ret; + mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf ); + + /* + * 7. Read the HTTP response + */ + mbedtls_printf( " < Read from server:" ); + fflush( stdout ); + + do + { + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + ret = mbedtls_ssl_read( &ssl, buf, len ); + + if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + continue; + + if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) + break; + + if( ret < 0 ) + { + mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); + break; + } + + if( ret == 0 ) + { + mbedtls_printf( "\n\nEOF\n\n" ); + break; + } + + len = ret; + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + } + while( 1 ); + + mbedtls_ssl_close_notify( &ssl ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + +#ifdef MBEDTLS_ERROR_C + if( exit_code != MBEDTLS_EXIT_SUCCESS ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &server_fd ); + + mbedtls_x509_crt_free( &cacert ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_X509_CRT_PARSE_C */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c new file mode 100644 index 000000000..2cddfb42a --- /dev/null +++ b/programs/ssl/ssl_client2.c @@ -0,0 +1,2454 @@ +/* + * SSL client with certificate authentication + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_printf printf +#define mbedtls_fprintf fprintf +#define mbedtls_snprintf snprintf +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +#if !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/net_sockets.h" +#include "mbedtls/ssl.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" +#include "mbedtls/error.h" +#include "mbedtls/debug.h" +#include "mbedtls/timing.h" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + +#include +#include +#include + +#define MAX_REQUEST_SIZE 20000 +#define MAX_REQUEST_SIZE_STR "20000" + +#define DFL_SERVER_NAME "localhost" +#define DFL_SERVER_ADDR NULL +#define DFL_SERVER_PORT "4433" +#define DFL_REQUEST_PAGE "/" +#define DFL_REQUEST_SIZE -1 +#define DFL_DEBUG_LEVEL 0 +#define DFL_CONTEXT_CRT_CB 0 +#define DFL_NBIO 0 +#define DFL_EVENT 0 +#define DFL_READ_TIMEOUT 0 +#define DFL_MAX_RESEND 0 +#define DFL_CA_FILE "" +#define DFL_CA_PATH "" +#define DFL_CRT_FILE "" +#define DFL_KEY_FILE "" +#define DFL_KEY_OPAQUE 0 +#define DFL_PSK "" +#define DFL_PSK_OPAQUE 0 +#define DFL_PSK_IDENTITY "Client_identity" +#define DFL_ECJPAKE_PW NULL +#define DFL_EC_MAX_OPS -1 +#define DFL_FORCE_CIPHER 0 +#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED +#define DFL_ALLOW_LEGACY -2 +#define DFL_RENEGOTIATE 0 +#define DFL_EXCHANGES 1 +#define DFL_MIN_VERSION -1 +#define DFL_MAX_VERSION -1 +#define DFL_ARC4 -1 +#define DFL_SHA1 -1 +#define DFL_AUTH_MODE -1 +#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE +#define DFL_TRUNC_HMAC -1 +#define DFL_RECSPLIT -1 +#define DFL_DHMLEN -1 +#define DFL_RECONNECT 0 +#define DFL_RECO_DELAY 0 +#define DFL_RECONNECT_HARD 0 +#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED +#define DFL_ALPN_STRING NULL +#define DFL_CURVES NULL +#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM +#define DFL_HS_TO_MIN 0 +#define DFL_HS_TO_MAX 0 +#define DFL_DTLS_MTU -1 +#define DFL_DGRAM_PACKING 1 +#define DFL_FALLBACK -1 +#define DFL_EXTENDED_MS -1 +#define DFL_ETM -1 +#define DFL_CA_CALLBACK 0 + + +#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: " +#define GET_REQUEST_END "\r\n\r\n" + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#define USAGE_CONTEXT_CRT_CB \ + " context_crt_cb=%%d This determines whether the CRT verification callback is bound\n" \ + " to the SSL configuration of the SSL context.\n" \ + " Possible values:\n"\ + " - 0 (default): Use CRT callback bound to configuration\n" \ + " - 1: Use CRT callback bound to SSL context\n" +#else +#define USAGE_CONTEXT_CRT_CB "" +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_FS_IO) +#define USAGE_IO \ + " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (pre-loaded)\n" \ + " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (pre-loaded) (overrides ca_file)\n" \ + " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ + " default: \"\" (pre-loaded)\n" \ + " key_file=%%s default: \"\" (pre-loaded)\n" +#else +#define USAGE_IO \ + " No file operations available (MBEDTLS_FS_IO not defined)\n" +#endif /* MBEDTLS_FS_IO */ +#else /* MBEDTLS_X509_CRT_PARSE_C */ +#define USAGE_IO "" +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) +#define USAGE_KEY_OPAQUE \ + " key_opaque=%%d Handle your private key as if it were opaque\n" \ + " default: 0 (disabled)\n" +#else +#define USAGE_KEY_OPAQUE "" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#define USAGE_PSK_RAW \ + " psk=%%s default: \"\" (in hex, without 0x)\n" \ + " psk_identity=%%s default: \"Client_identity\"\n" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define USAGE_PSK_SLOT \ + " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \ + " Enable this to store the PSK configured through command line\n" \ + " parameter `psk` in a PSA-based key slot.\n" \ + " Note: Currently only supported in conjunction with\n" \ + " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ + " to force a particular PSK-only ciphersuite.\n" \ + " Note: This is to test integration of PSA-based opaque PSKs with\n" \ + " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ + " with prepopulated key slots instead of importing raw key material.\n" +#else +#define USAGE_PSK_SLOT "" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT +#else +#define USAGE_PSK "" +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +#define USAGE_CA_CALLBACK \ + " ca_callback=%%d default: 0 (disabled)\n" \ + " Enable this to use the trusted certificate callback function\n" +#else +#define USAGE_CA_CALLBACK "" +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#define USAGE_TICKETS \ + " tickets=%%d default: 1 (enabled)\n" +#else +#define USAGE_TICKETS "" +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +#define USAGE_TRUNC_HMAC \ + " trunc_hmac=%%d default: library default\n" +#else +#define USAGE_TRUNC_HMAC "" +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#define USAGE_MAX_FRAG_LEN \ + " max_frag_len=%%d default: 16384 (tls default)\n" \ + " options: 512, 1024, 2048, 4096\n" +#else +#define USAGE_MAX_FRAG_LEN "" +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +#define USAGE_RECSPLIT \ + " recsplit=0/1 default: (library default: on)\n" +#else +#define USAGE_RECSPLIT +#endif + +#if defined(MBEDTLS_DHM_C) +#define USAGE_DHMLEN \ + " dhmlen=%%d default: (library default: 1024 bits)\n" +#else +#define USAGE_DHMLEN +#endif + +#if defined(MBEDTLS_SSL_ALPN) +#define USAGE_ALPN \ + " alpn=%%s default: \"\" (disabled)\n" \ + " example: spdy/1,http/1.1\n" +#else +#define USAGE_ALPN "" +#endif /* MBEDTLS_SSL_ALPN */ + +#if defined(MBEDTLS_ECP_C) +#define USAGE_CURVES \ + " curves=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"secp521r1,brainpoolP512r1\"\n" \ + " - use \"none\" for empty list\n" \ + " - see mbedtls_ecp_curve_list()\n" \ + " for acceptable curve names\n" +#else +#define USAGE_CURVES "" +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +#define USAGE_DTLS \ + " dtls=%%d default: 0 (TLS)\n" \ + " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \ + " range of DTLS handshake timeouts in millisecs\n" \ + " mtu=%%d default: (library default: unlimited)\n" \ + " dgram_packing=%%d default: 1 (allowed)\n" \ + " allow or forbid packing of multiple\n" \ + " records within a single datgram.\n" +#else +#define USAGE_DTLS "" +#endif + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) +#define USAGE_FALLBACK \ + " fallback=0/1 default: (library default: off)\n" +#else +#define USAGE_FALLBACK "" +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +#define USAGE_EMS \ + " extended_ms=0/1 default: (library default: on)\n" +#else +#define USAGE_EMS "" +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#define USAGE_ETM \ + " etm=0/1 default: (library default: on)\n" +#else +#define USAGE_ETM "" +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +#define USAGE_RENEGO \ + " renegotiation=%%d default: 0 (disabled)\n" \ + " renegotiate=%%d default: 0 (disabled)\n" +#else +#define USAGE_RENEGO "" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#define USAGE_ECJPAKE \ + " ecjpake_pw=%%s default: none (disabled)\n" +#else +#define USAGE_ECJPAKE "" +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) +#define USAGE_ECRESTART \ + " ec_max_ops=%%s default: library default (restart disabled)\n" +#else +#define USAGE_ECRESTART "" +#endif + +#define USAGE \ + "\n usage: ssl_client2 param=<>...\n" \ + "\n acceptable parameters:\n" \ + " server_name=%%s default: localhost\n" \ + " server_addr=%%s default: given by name\n" \ + " server_port=%%d default: 4433\n" \ + " request_page=%%s default: \".\"\n" \ + " request_size=%%d default: about 34 (basic request)\n" \ + " (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n" \ + " If 0, in the first exchange only an empty\n" \ + " application data message is sent followed by\n" \ + " a second non-empty message before attempting\n" \ + " to read a response from the server\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " nbio=%%d default: 0 (blocking I/O)\n" \ + " options: 1 (non-blocking), 2 (added delays)\n" \ + " event=%%d default: 0 (loop)\n" \ + " options: 1 (level-triggered, implies nbio=1),\n" \ + " read_timeout=%%d default: 0 ms (no timeout)\n" \ + " max_resend=%%d default: 0 (no resend on timeout)\n" \ + "\n" \ + USAGE_DTLS \ + "\n" \ + " auth_mode=%%s default: (library default: none)\n" \ + " options: none, optional, required\n" \ + USAGE_IO \ + USAGE_KEY_OPAQUE \ + USAGE_CA_CALLBACK \ + "\n" \ + USAGE_PSK \ + USAGE_ECJPAKE \ + USAGE_ECRESTART \ + "\n" \ + " allow_legacy=%%d default: (library default: no)\n" \ + USAGE_RENEGO \ + " exchanges=%%d default: 1\n" \ + " reconnect=%%d default: 0 (disabled)\n" \ + " reco_delay=%%d default: 0 seconds\n" \ + " reconnect_hard=%%d default: 0 (disabled)\n" \ + USAGE_TICKETS \ + USAGE_MAX_FRAG_LEN \ + USAGE_TRUNC_HMAC \ + USAGE_CONTEXT_CRT_CB \ + USAGE_ALPN \ + USAGE_FALLBACK \ + USAGE_EMS \ + USAGE_ETM \ + USAGE_CURVES \ + USAGE_RECSPLIT \ + USAGE_DHMLEN \ + "\n" \ + " arc4=%%d default: (library default: 0)\n" \ + " allow_sha1=%%d default: 0\n" \ + " min_version=%%s default: (library default: tls1)\n" \ + " max_version=%%s default: (library default: tls1_2)\n" \ + " force_version=%%s default: \"\" (none)\n" \ + " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ + "\n" \ + " force_ciphersuite= default: all enabled\n"\ + " query_config= return 0 if the specified\n" \ + " configuration macro is defined and 1\n" \ + " otherwise. The expansion of the macro\n" \ + " is printed if it is defined\n" \ + " acceptable ciphersuite names:\n" + +#define ALPN_LIST_SIZE 10 +#define CURVE_LIST_SIZE 20 + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *server_name; /* hostname of the server (client only) */ + const char *server_addr; /* address of the server (client only) */ + const char *server_port; /* port on which the ssl service runs */ + int debug_level; /* level of debugging */ + int nbio; /* should I/O be blocking? */ + int event; /* loop or event-driven IO? level or edge triggered? */ + uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */ + int max_resend; /* DTLS times to resend on read timeout */ + const char *request_page; /* page on server to request */ + int request_size; /* pad request with header to requested size */ + const char *ca_file; /* the file with the CA certificate(s) */ + const char *ca_path; /* the path with the CA certificate(s) reside */ + const char *crt_file; /* the file with the client certificate */ + const char *key_file; /* the file with the client key */ + int key_opaque; /* handle private key as if it were opaque */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + int psk_opaque; +#endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + int ca_callback; /* Use callback for trusted certificate list */ +#endif + const char *psk; /* the pre-shared key */ + const char *psk_identity; /* the pre-shared key identity */ + const char *ecjpake_pw; /* the EC J-PAKE password */ + int ec_max_ops; /* EC consecutive operations limit */ + int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ + int renegotiation; /* enable / disable renegotiation */ + int allow_legacy; /* allow legacy renegotiation */ + int renegotiate; /* attempt renegotiation? */ + int renego_delay; /* delay before enforcing renegotiation */ + int exchanges; /* number of data exchanges */ + int min_version; /* minimum protocol version accepted */ + int max_version; /* maximum protocol version accepted */ + int arc4; /* flag for arc4 suites support */ + int allow_sha1; /* flag for SHA-1 support */ + int auth_mode; /* verify mode for connection */ + unsigned char mfl_code; /* code for maximum fragment length */ + int trunc_hmac; /* negotiate truncated hmac or not */ + int recsplit; /* enable record splitting? */ + int dhmlen; /* minimum DHM params len in bits */ + int reconnect; /* attempt to resume session */ + int reco_delay; /* delay in seconds before resuming session */ + int reconnect_hard; /* unexpectedly reconnect from the same port */ + int tickets; /* enable / disable session tickets */ + const char *curves; /* list of supported elliptic curves */ + const char *alpn_string; /* ALPN supported protocols */ + int transport; /* TLS or DTLS? */ + uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ + uint32_t hs_to_max; /* Max value of DTLS handshake timer */ + int dtls_mtu; /* UDP Maximum tranport unit for DTLS */ + int fallback; /* is this a fallback connection? */ + int dgram_packing; /* allow/forbid datagram packing */ + int extended_ms; /* negotiate extended master secret? */ + int etm; /* negotiate encrypt then mac? */ + int context_crt_cb; /* use context-specific CRT verify callback */ +} opt; + +int query_config( const char *config ); + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + const char *p, *basename; + + /* Extract basename from file */ + for( p = basename = file; *p != '\0'; p++ ) + if( *p == '/' || *p == '\\' ) + basename = p + 1; + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", + basename, line, level, str ); + fflush( (FILE *) ctx ); +} + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +int ca_callback( void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates ) +{ + int ret = 0; + mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; + mbedtls_x509_crt *first; + + /* This is a test-only implementation of the CA callback + * which always returns the entire list of trusted certificates. + * Production implementations managing a large number of CAs + * should use an efficient presentation and lookup for the + * set of trusted certificates (such as a hashtable) and only + * return those trusted certificates which satisfy basic + * parental checks, such as the matching of child `Issuer` + * and parent `Subject` field or matching key identifiers. */ + ((void) child); + + first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + if( first == NULL ) + { + ret = -1; + goto exit; + } + mbedtls_x509_crt_init( first ); + + if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) + { + ret = -1; + goto exit; + } + + while( ca->next != NULL ) + { + ca = ca->next; + if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) + { + ret = -1; + goto exit; + } + } + +exit: + + if( ret != 0 ) + { + mbedtls_x509_crt_free( first ); + mbedtls_free( first ); + first = NULL; + } + + *candidates = first; + return( ret ); +} +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +/* + * Test recv/send functions that make sure each try returns + * WANT_READ/WANT_WRITE at least once before sucesseding + */ +static int my_recv( void *ctx, unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( MBEDTLS_ERR_SSL_WANT_READ ); + } + + ret = mbedtls_net_recv( ctx, buf, len ); + if( ret != MBEDTLS_ERR_SSL_WANT_READ ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +static int my_send( void *ctx, const unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( MBEDTLS_ERR_SSL_WANT_WRITE ); + } + + ret = mbedtls_net_send( ctx, buf, len ); + if( ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static unsigned char peer_crt_info[1024]; + +/* + * Enabled if debug_level > 1 in code below + */ +static int my_verify( void *data, mbedtls_x509_crt *crt, + int depth, uint32_t *flags ) +{ + char buf[1024]; + ((void) data); + + mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); + if( depth == 0 ) + memcpy( peer_crt_info, buf, sizeof( buf ) ); + + if( opt.debug_level == 0 ) + return( 0 ); + + mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); + mbedtls_printf( "%s", buf ); + + if ( ( *flags ) == 0 ) + mbedtls_printf( " This certificate has no flags\n" ); + else + { + mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); + mbedtls_printf( "%s\n", buf ); + } + + return( 0 ); +} + +static int ssl_sig_hashes_for_test[] = { +#if defined(MBEDTLS_SHA512_C) + MBEDTLS_MD_SHA512, + MBEDTLS_MD_SHA384, +#endif +#if defined(MBEDTLS_SHA256_C) + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA224, +#endif +#if defined(MBEDTLS_SHA1_C) + /* Allow SHA-1 as we use it extensively in tests. */ + MBEDTLS_MD_SHA1, +#endif + MBEDTLS_MD_NONE +}; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/* + * Wait for an event from the underlying transport or the timer + * (Used in event-driven IO mode). + */ +#if !defined(MBEDTLS_TIMING_C) +int idle( mbedtls_net_context *fd, + int idle_reason ) +#else +int idle( mbedtls_net_context *fd, + mbedtls_timing_delay_context *timer, + int idle_reason ) +#endif +{ + + int ret; + int poll_type = 0; + + if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE ) + poll_type = MBEDTLS_NET_POLL_WRITE; + else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ ) + poll_type = MBEDTLS_NET_POLL_READ; +#if !defined(MBEDTLS_TIMING_C) + else + return( 0 ); +#endif + + while( 1 ) + { + /* Check if timer has expired */ +#if defined(MBEDTLS_TIMING_C) + if( timer != NULL && + mbedtls_timing_get_delay( timer ) == 2 ) + { + break; + } +#endif /* MBEDTLS_TIMING_C */ + + /* Check if underlying transport became available */ + if( poll_type != 0 ) + { + ret = mbedtls_net_poll( fd, poll_type, 0 ); + if( ret < 0 ) + return( ret ); + if( ret == poll_type ) + break; + } + } + + return( 0 ); +} + +int main( int argc, char *argv[] ) +{ + int ret = 0, len, tail_len, i, written, frags, retry_left; + mbedtls_net_context server_fd; + + unsigned char buf[MAX_REQUEST_SIZE + 1]; + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + unsigned char psk[MBEDTLS_PSK_MAX_LEN]; + size_t psk_len = 0; +#endif +#if defined(MBEDTLS_SSL_ALPN) + const char *alpn_list[ALPN_LIST_SIZE]; +#endif +#if defined(MBEDTLS_ECP_C) + mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; + const mbedtls_ecp_curve_info *curve_cur; +#endif + + const char *pers = "ssl_client2"; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_handle_t slot = 0; + psa_algorithm_t alg = 0; + psa_key_policy_t policy; + psa_status_t status; +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; +#endif + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_ssl_session saved_session; +#if defined(MBEDTLS_TIMING_C) + mbedtls_timing_delay_context timer; +#endif +#if defined(MBEDTLS_X509_CRT_PARSE_C) + uint32_t flags; + mbedtls_x509_crt cacert; + mbedtls_x509_crt clicert; + mbedtls_pk_context pkey; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_handle_t key_slot = 0; /* invalid key slot */ +#endif +#endif + char *p, *q; + const int *list; + + /* + * Make sure memory references are valid. + */ + mbedtls_net_init( &server_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) ); + mbedtls_ctr_drbg_init( &ctr_drbg ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &clicert ); + mbedtls_pk_init( &pkey ); +#endif +#if defined(MBEDTLS_SSL_ALPN) + memset( (void * ) alpn_list, 0, sizeof( alpn_list ) ); +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = psa_crypto_init(); + if( status != PSA_SUCCESS ) + { + mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif + + if( argc == 0 ) + { + usage: + if( ret == 0 ) + ret = 1; + + mbedtls_printf( USAGE ); + + list = mbedtls_ssl_list_ciphersuites(); + while( *list ) + { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); + list++; + if( !*list ) + break; + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + list++; + } + mbedtls_printf("\n"); + goto exit; + } + + opt.server_name = DFL_SERVER_NAME; + opt.server_addr = DFL_SERVER_ADDR; + opt.server_port = DFL_SERVER_PORT; + opt.debug_level = DFL_DEBUG_LEVEL; + opt.nbio = DFL_NBIO; + opt.event = DFL_EVENT; + opt.context_crt_cb = DFL_CONTEXT_CRT_CB; + opt.read_timeout = DFL_READ_TIMEOUT; + opt.max_resend = DFL_MAX_RESEND; + opt.request_page = DFL_REQUEST_PAGE; + opt.request_size = DFL_REQUEST_SIZE; + opt.ca_file = DFL_CA_FILE; + opt.ca_path = DFL_CA_PATH; + opt.crt_file = DFL_CRT_FILE; + opt.key_file = DFL_KEY_FILE; + opt.key_opaque = DFL_KEY_OPAQUE; + opt.psk = DFL_PSK; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + opt.psk_opaque = DFL_PSK_OPAQUE; +#endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + opt.ca_callback = DFL_CA_CALLBACK; +#endif + opt.psk_identity = DFL_PSK_IDENTITY; + opt.ecjpake_pw = DFL_ECJPAKE_PW; + opt.ec_max_ops = DFL_EC_MAX_OPS; + opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.renegotiation = DFL_RENEGOTIATION; + opt.allow_legacy = DFL_ALLOW_LEGACY; + opt.renegotiate = DFL_RENEGOTIATE; + opt.exchanges = DFL_EXCHANGES; + opt.min_version = DFL_MIN_VERSION; + opt.max_version = DFL_MAX_VERSION; + opt.arc4 = DFL_ARC4; + opt.allow_sha1 = DFL_SHA1; + opt.auth_mode = DFL_AUTH_MODE; + opt.mfl_code = DFL_MFL_CODE; + opt.trunc_hmac = DFL_TRUNC_HMAC; + opt.recsplit = DFL_RECSPLIT; + opt.dhmlen = DFL_DHMLEN; + opt.reconnect = DFL_RECONNECT; + opt.reco_delay = DFL_RECO_DELAY; + opt.reconnect_hard = DFL_RECONNECT_HARD; + opt.tickets = DFL_TICKETS; + opt.alpn_string = DFL_ALPN_STRING; + opt.curves = DFL_CURVES; + opt.transport = DFL_TRANSPORT; + opt.hs_to_min = DFL_HS_TO_MIN; + opt.hs_to_max = DFL_HS_TO_MAX; + opt.dtls_mtu = DFL_DTLS_MTU; + opt.fallback = DFL_FALLBACK; + opt.extended_ms = DFL_EXTENDED_MS; + opt.etm = DFL_ETM; + opt.dgram_packing = DFL_DGRAM_PACKING; + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "server_name" ) == 0 ) + opt.server_name = q; + else if( strcmp( p, "server_addr" ) == 0 ) + opt.server_addr = q; + else if( strcmp( p, "server_port" ) == 0 ) + opt.server_port = q; + else if( strcmp( p, "dtls" ) == 0 ) + { + int t = atoi( q ); + if( t == 0 ) + opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; + else if( t == 1 ) + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; + else + goto usage; + } + else if( strcmp( p, "debug_level" ) == 0 ) + { + opt.debug_level = atoi( q ); + if( opt.debug_level < 0 || opt.debug_level > 65535 ) + goto usage; + } + else if( strcmp( p, "context_crt_cb" ) == 0 ) + { + opt.context_crt_cb = atoi( q ); + if( opt.context_crt_cb != 0 && opt.context_crt_cb != 1 ) + goto usage; + } + else if( strcmp( p, "nbio" ) == 0 ) + { + opt.nbio = atoi( q ); + if( opt.nbio < 0 || opt.nbio > 2 ) + goto usage; + } + else if( strcmp( p, "event" ) == 0 ) + { + opt.event = atoi( q ); + if( opt.event < 0 || opt.event > 2 ) + goto usage; + } + else if( strcmp( p, "read_timeout" ) == 0 ) + opt.read_timeout = atoi( q ); + else if( strcmp( p, "max_resend" ) == 0 ) + { + opt.max_resend = atoi( q ); + if( opt.max_resend < 0 ) + goto usage; + } + else if( strcmp( p, "request_page" ) == 0 ) + opt.request_page = q; + else if( strcmp( p, "request_size" ) == 0 ) + { + opt.request_size = atoi( q ); + if( opt.request_size < 0 || + opt.request_size > MAX_REQUEST_SIZE ) + goto usage; + } + else if( strcmp( p, "ca_file" ) == 0 ) + opt.ca_file = q; + else if( strcmp( p, "ca_path" ) == 0 ) + opt.ca_path = q; + else if( strcmp( p, "crt_file" ) == 0 ) + opt.crt_file = q; + else if( strcmp( p, "key_file" ) == 0 ) + opt.key_file = q; +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) + else if( strcmp( p, "key_opaque" ) == 0 ) + opt.key_opaque = atoi( q ); +#endif + else if( strcmp( p, "psk" ) == 0 ) + opt.psk = q; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + else if( strcmp( p, "psk_opaque" ) == 0 ) + opt.psk_opaque = atoi( q ); +#endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + else if( strcmp( p, "ca_callback" ) == 0) + opt.ca_callback = atoi( q ); +#endif + else if( strcmp( p, "psk_identity" ) == 0 ) + opt.psk_identity = q; + else if( strcmp( p, "ecjpake_pw" ) == 0 ) + opt.ecjpake_pw = q; + else if( strcmp( p, "ec_max_ops" ) == 0 ) + opt.ec_max_ops = atoi( q ); + else if( strcmp( p, "force_ciphersuite" ) == 0 ) + { + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + + if( opt.force_ciphersuite[0] == 0 ) + { + ret = 2; + goto usage; + } + opt.force_ciphersuite[1] = 0; + } + else if( strcmp( p, "renegotiation" ) == 0 ) + { + opt.renegotiation = (atoi( q )) ? + MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; + } + else if( strcmp( p, "allow_legacy" ) == 0 ) + { + switch( atoi( q ) ) + { + case -1: + opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; + break; + case 0: + opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; + break; + case 1: + opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; + break; + default: goto usage; + } + } + else if( strcmp( p, "renegotiate" ) == 0 ) + { + opt.renegotiate = atoi( q ); + if( opt.renegotiate < 0 || opt.renegotiate > 1 ) + goto usage; + } + else if( strcmp( p, "exchanges" ) == 0 ) + { + opt.exchanges = atoi( q ); + if( opt.exchanges < 1 ) + goto usage; + } + else if( strcmp( p, "reconnect" ) == 0 ) + { + opt.reconnect = atoi( q ); + if( opt.reconnect < 0 || opt.reconnect > 2 ) + goto usage; + } + else if( strcmp( p, "reco_delay" ) == 0 ) + { + opt.reco_delay = atoi( q ); + if( opt.reco_delay < 0 ) + goto usage; + } + else if( strcmp( p, "reconnect_hard" ) == 0 ) + { + opt.reconnect_hard = atoi( q ); + if( opt.reconnect_hard < 0 || opt.reconnect_hard > 1 ) + goto usage; + } + else if( strcmp( p, "tickets" ) == 0 ) + { + opt.tickets = atoi( q ); + if( opt.tickets < 0 || opt.tickets > 2 ) + goto usage; + } + else if( strcmp( p, "alpn" ) == 0 ) + { + opt.alpn_string = q; + } + else if( strcmp( p, "fallback" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break; + case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break; + default: goto usage; + } + } + else if( strcmp( p, "extended_ms" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: + opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; + break; + case 1: + opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; + break; + default: goto usage; + } + } + else if( strcmp( p, "curves" ) == 0 ) + opt.curves = q; + else if( strcmp( p, "etm" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; + case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; + default: goto usage; + } + } + else if( strcmp( p, "min_version" ) == 0 ) + { + if( strcmp( q, "ssl3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; + else if( strcmp( q, "tls1" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; + else if( strcmp( q, "tls1_1" ) == 0 || + strcmp( q, "dtls1" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + else if( strcmp( q, "tls1_2" ) == 0 || + strcmp( q, "dtls1_2" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + else + goto usage; + } + else if( strcmp( p, "max_version" ) == 0 ) + { + if( strcmp( q, "ssl3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; + else if( strcmp( q, "tls1" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; + else if( strcmp( q, "tls1_1" ) == 0 || + strcmp( q, "dtls1" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + else if( strcmp( q, "tls1_2" ) == 0 || + strcmp( q, "dtls1_2" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + else + goto usage; + } + else if( strcmp( p, "arc4" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; + case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; + default: goto usage; + } + } + else if( strcmp( p, "allow_sha1" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.allow_sha1 = 0; break; + case 1: opt.allow_sha1 = 1; break; + default: goto usage; + } + } + else if( strcmp( p, "force_version" ) == 0 ) + { + if( strcmp( q, "ssl3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; + } + else if( strcmp( q, "tls1" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; + } + else if( strcmp( q, "tls1_1" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + } + else if( strcmp( q, "tls1_2" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + } + else if( strcmp( q, "dtls1" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; + } + else if( strcmp( q, "dtls1_2" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; + } + else + goto usage; + } + else if( strcmp( p, "auth_mode" ) == 0 ) + { + if( strcmp( q, "none" ) == 0 ) + opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE; + else if( strcmp( q, "optional" ) == 0 ) + opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + else if( strcmp( q, "required" ) == 0 ) + opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; + else + goto usage; + } + else if( strcmp( p, "max_frag_len" ) == 0 ) + { + if( strcmp( q, "512" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; + else if( strcmp( q, "1024" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; + else if( strcmp( q, "2048" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; + else if( strcmp( q, "4096" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; + else + goto usage; + } + else if( strcmp( p, "trunc_hmac" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; + case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; + default: goto usage; + } + } + else if( strcmp( p, "hs_timeout" ) == 0 ) + { + if( ( p = strchr( q, '-' ) ) == NULL ) + goto usage; + *p++ = '\0'; + opt.hs_to_min = atoi( q ); + opt.hs_to_max = atoi( p ); + if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) + goto usage; + } + else if( strcmp( p, "mtu" ) == 0 ) + { + opt.dtls_mtu = atoi( q ); + if( opt.dtls_mtu < 0 ) + goto usage; + } + else if( strcmp( p, "dgram_packing" ) == 0 ) + { + opt.dgram_packing = atoi( q ); + if( opt.dgram_packing != 0 && + opt.dgram_packing != 1 ) + { + goto usage; + } + } + else if( strcmp( p, "recsplit" ) == 0 ) + { + opt.recsplit = atoi( q ); + if( opt.recsplit < 0 || opt.recsplit > 1 ) + goto usage; + } + else if( strcmp( p, "dhmlen" ) == 0 ) + { + opt.dhmlen = atoi( q ); + if( opt.dhmlen < 0 ) + goto usage; + } + else if( strcmp( p, "query_config" ) == 0 ) + { + return query_config( q ); + } + else + goto usage; + } + + /* Event-driven IO is incompatible with the above custom + * receive and send functions, as the polling builds on + * refers to the underlying net_context. */ + if( opt.event == 1 && opt.nbio != 1 ) + { + mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); + opt.nbio = 1; + } + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( opt.debug_level ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + /* + * Unhexify the pre-shared key if any is given + */ + if( strlen( opt.psk ) ) + { + unsigned char c; + size_t j; + + if( strlen( opt.psk ) % 2 != 0 ) + { + mbedtls_printf( "pre-shared key not valid hex\n" ); + goto exit; + } + + psk_len = strlen( opt.psk ) / 2; + + for( j = 0; j < strlen( opt.psk ); j += 2 ) + { + c = opt.psk[j]; + if( c >= '0' && c <= '9' ) + c -= '0'; + else if( c >= 'a' && c <= 'f' ) + c -= 'a' - 10; + else if( c >= 'A' && c <= 'F' ) + c -= 'A' - 10; + else + { + mbedtls_printf( "pre-shared key not valid hex\n" ); + goto exit; + } + psk[ j / 2 ] = c << 4; + + c = opt.psk[j + 1]; + if( c >= '0' && c <= '9' ) + c -= '0'; + else if( c >= 'a' && c <= 'f' ) + c -= 'a' - 10; + else if( c >= 'A' && c <= 'F' ) + c -= 'A' - 10; + else + { + mbedtls_printf( "pre-shared key not valid hex\n" ); + goto exit; + } + psk[ j / 2 ] |= c; + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + if( opt.psk == NULL ) + { + mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); + ret = 2; + goto usage; + } + + if( opt.force_ciphersuite[0] <= 0 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if( opt.force_ciphersuite[0] > 0 ) + { + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + ciphersuite_info = + mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + + if( opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version ) + { + mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + ret = 2; + goto usage; + } + if( opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version ) + { + mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + ret = 2; + goto usage; + } + + /* If the server selects a version that's not supported by + * this suite, then there will be no common ciphersuite... */ + if( opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver ) + { + opt.max_version = ciphersuite_info->max_minor_ver; + } + if( opt.min_version < ciphersuite_info->min_minor_ver ) + { + opt.min_version = ciphersuite_info->min_minor_ver; + /* DTLS starts with TLS 1.1 */ + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } + + /* Enable RC4 if needed and not explicitly disabled */ + if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + { + if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) + { + mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" ); + ret = 2; + goto usage; + } + + opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + /* Ensure that the chosen ciphersuite is PSK-only; we must know + * the ciphersuite in advance to set the correct policy for the + * PSK key slot. This limitation might go away in the future. */ + if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || + opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + + /* Determine KDF algorithm the opaque PSK will be used in. */ +#if defined(MBEDTLS_SHA512_C) + if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); + else +#endif /* MBEDTLS_SHA512_C */ + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + } + +#if defined(MBEDTLS_ECP_C) + if( opt.curves != NULL ) + { + p = (char *) opt.curves; + i = 0; + + if( strcmp( p, "none" ) == 0 ) + { + curve_list[0] = MBEDTLS_ECP_DP_NONE; + } + else if( strcmp( p, "default" ) != 0 ) + { + /* Leave room for a final NULL in curve list */ + while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) + { + q = p; + + /* Terminate the current string */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + + if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) + { + curve_list[i++] = curve_cur->grp_id; + } + else + { + mbedtls_printf( "unknown curve %s\n", q ); + mbedtls_printf( "supported curves: " ); + for( curve_cur = mbedtls_ecp_curve_list(); + curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; + curve_cur++ ) + { + mbedtls_printf( "%s ", curve_cur->name ); + } + mbedtls_printf( "\n" ); + goto exit; + } + } + + mbedtls_printf("Number of curves: %d\n", i ); + + if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) + { + mbedtls_printf( "curves list too long, maximum %d", + CURVE_LIST_SIZE - 1 ); + goto exit; + } + + curve_list[i] = MBEDTLS_ECP_DP_NONE; + } + } +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_SSL_ALPN) + if( opt.alpn_string != NULL ) + { + p = (char *) opt.alpn_string; + i = 0; + + /* Leave room for a final NULL in alpn_list */ + while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) + { + alpn_list[i++] = p; + + /* Terminate the current string and move on to next one */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + } + } +#endif /* MBEDTLS_SSL_ALPN */ + + /* + * 0. Initialize the RNG and the session data + */ + mbedtls_printf( "\n . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* + * 1.1. Load the trusted CA + */ + mbedtls_printf( " . Loading the CA root certificate ..." ); + fflush( stdout ); + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.ca_path ) ) + if( strcmp( opt.ca_path, "none" ) == 0 ) + ret = 0; + else + ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); + else if( strlen( opt.ca_file ) ) + if( strcmp( opt.ca_file, "none" ) == 0 ) + ret = 0; + else + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); + else +#endif +#if defined(MBEDTLS_CERTS_C) + for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) + { + ret = mbedtls_x509_crt_parse( &cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i] ); + if( ret != 0 ) + break; + } +#else + { + ret = 1; + mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + } +#endif + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok (%d skipped)\n", ret ); + + /* + * 1.2. Load own certificate and private key + * + * (can be skipped if client authentication is not required) + */ + mbedtls_printf( " . Loading the client cert. and key..." ); + fflush( stdout ); + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.crt_file ) ) + if( strcmp( opt.crt_file, "none" ) == 0 ) + ret = 0; + else + ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); + else +#endif +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_x509_crt_parse( &clicert, + (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len ); +#else + { + ret = 1; + mbedtls_printf("MBEDTLS_CERTS_C not defined."); + } +#endif + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + -ret ); + goto exit; + } + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.key_file ) ) + if( strcmp( opt.key_file, "none" ) == 0 ) + ret = 0; + else + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); + else +#endif +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_pk_parse_key( &pkey, + (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0 ); +#else + { + ret = 1; + mbedtls_printf("MBEDTLS_CERTS_C not defined."); + } +#endif + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", + -ret ); + goto exit; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.key_opaque != 0 ) + { + if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, + PSA_ALG_SHA_256 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret ); + goto exit; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + /* + * 2. Start the connection + */ + if( opt.server_addr == NULL) + opt.server_addr = opt.server_name; + + mbedtls_printf( " . Connecting to %s/%s/%s...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr, opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", + -ret ); + goto exit; + } + + if( opt.nbio > 0 ) + ret = mbedtls_net_set_nonblock( &server_fd ); + else + ret = mbedtls_net_set_block( &server_fd ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 3. Setup stuff + */ + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + opt.transport, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", + -ret ); + goto exit; + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* The default algorithms profile disables SHA-1, but our tests still + rely on it heavily. */ + if( opt.allow_sha1 > 0 ) + { + crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); + mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); + mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); + } + + if( opt.context_crt_cb == 0 ) + mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); + + memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( opt.auth_mode != DFL_AUTH_MODE ) + mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) + mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, + opt.hs_to_max ); + + if( opt.dgram_packing != DFL_DGRAM_PACKING ) + mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", + ret ); + goto exit; + } +#endif + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + if( opt.trunc_hmac != DFL_TRUNC_HMAC ) + mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + if( opt.extended_ms != DFL_EXTENDED_MS ) + mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( opt.etm != DFL_ETM ) + mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); +#endif + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + if( opt.recsplit != DFL_RECSPLIT ) + mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit + ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED + : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); +#endif + +#if defined(MBEDTLS_DHM_C) + if( opt.dhmlen != DFL_DHMLEN ) + mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen ); +#endif + +#if defined(MBEDTLS_SSL_ALPN) + if( opt.alpn_string != NULL ) + if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", + ret ); + goto exit; + } +#endif + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + + mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ); +#endif + + if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) + mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + +#if defined(MBEDTLS_ARC4_C) + if( opt.arc4 != DFL_ARC4 ) + mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); +#endif + + if( opt.allow_legacy != DFL_ALLOW_LEGACY ) + mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( strcmp( opt.ca_path, "none" ) != 0 && + strcmp( opt.ca_file, "none" ) != 0 ) + { +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + if( opt.ca_callback != 0 ) + mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert ); + else +#endif + mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + } + if( strcmp( opt.crt_file, "none" ) != 0 && + strcmp( opt.key_file, "none" ) != 0 ) + { + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", + ret ); + goto exit; + } + } +#endif + +#if defined(MBEDTLS_ECP_C) + if( opt.curves != NULL && + strcmp( opt.curves, "default" ) != 0 ) + { + mbedtls_ssl_conf_curves( &conf, curve_list ); + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + /* The algorithm has already been determined earlier. */ + status = psa_allocate_key( &slot ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + policy = psa_key_policy_init(); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + + status = psa_set_key_policy( slot, &policy ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret ); + goto exit; + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", + ret ); + goto exit; + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + + if( opt.min_version != DFL_MIN_VERSION ) + mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, + opt.min_version ); + + if( opt.max_version != DFL_MAX_VERSION ) + mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, + opt.max_version ); + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + if( opt.fallback != DFL_FALLBACK ) + mbedtls_ssl_conf_fallback( &conf, opt.fallback ); +#endif + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", + -ret ); + goto exit; + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", + ret ); + goto exit; + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) + { + if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, + (const unsigned char *) opt.ecjpake_pw, + strlen( opt.ecjpake_pw ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", + ret ); + goto exit; + } + } +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( opt.context_crt_cb == 1 ) + mbedtls_ssl_set_verify( &ssl, my_verify, NULL ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( opt.nbio == 2 ) + mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv, NULL ); + else + mbedtls_ssl_set_bio( &ssl, &server_fd, + mbedtls_net_send, mbedtls_net_recv, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.dtls_mtu != DFL_DTLS_MTU ) + mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); +#endif + +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay ); +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( opt.ec_max_ops != DFL_EC_MAX_OPS ) + mbedtls_ecp_set_max_ops( opt.ec_max_ops ); +#endif + + mbedtls_printf( " ok\n" ); + + /* + * 4. Handshake + */ + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE && + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n", + -ret ); + if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + mbedtls_printf( + " Unable to verify the server's certificate. " + "Either it is invalid,\n" + " or you didn't set ca_file or ca_path " + "to an appropriate value.\n" + " Alternatively, you may want to use " + "auth_mode=optional for testing purposes.\n" ); + mbedtls_printf( "\n" ); + goto exit; + } + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + continue; +#endif + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + ret = idle( &server_fd, &timer, ret ); +#else + ret = idle( &server_fd, ret ); +#endif + if( ret != 0 ) + goto exit; + } + } + + mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version( &ssl ), + mbedtls_ssl_get_ciphersuite( &ssl ) ); + + if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) + mbedtls_printf( " [ Record expansion is %d ]\n", ret ); + else + mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + mbedtls_printf( " [ Maximum fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_max_frag_len( &ssl ) ); +#endif + +#if defined(MBEDTLS_SSL_ALPN) + if( opt.alpn_string != NULL ) + { + const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); + mbedtls_printf( " [ Application Layer Protocol is %s ]\n", + alp ? alp : "(none)" ); + } +#endif + + if( opt.reconnect != 0 ) + { + mbedtls_printf(" . Saving session for reuse..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* + * 5. Verify the server certificate + */ + mbedtls_printf( " . Verifying peer X.509 certificate..." ); + + if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) + { + char vrfy_buf[512]; + + mbedtls_printf( " failed\n" ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), + " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } + else + mbedtls_printf( " ok\n" ); + + mbedtls_printf( " . Peer certificate information ...\n" ); + mbedtls_printf( "%s\n", peer_crt_info ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( opt.renegotiate ) + { + /* + * Perform renegotiation (this must be done when the server is waiting + * for input from our side). + */ + mbedtls_printf( " . Performing renegotiation..." ); + fflush( stdout ); + while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE && + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", + ret ); + goto exit; + } + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + continue; +#endif + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &server_fd, &timer, ret ); +#else + idle( &server_fd, ret ); +#endif + } + + } + mbedtls_printf( " ok\n" ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + /* + * 6. Write the GET request + */ + retry_left = opt.max_resend; +send_request: + mbedtls_printf( " > Write to server:" ); + fflush( stdout ); + + len = mbedtls_snprintf( (char *) buf, sizeof( buf ) - 1, GET_REQUEST, + opt.request_page ); + tail_len = (int) strlen( GET_REQUEST_END ); + + /* Add padding to GET request to reach opt.request_size in length */ + if( opt.request_size != DFL_REQUEST_SIZE && + len + tail_len < opt.request_size ) + { + memset( buf + len, 'A', opt.request_size - len - tail_len ); + len += opt.request_size - len - tail_len; + } + + strncpy( (char *) buf + len, GET_REQUEST_END, sizeof( buf ) - len - 1 ); + len += tail_len; + + /* Truncate if request size is smaller than the "natural" size */ + if( opt.request_size != DFL_REQUEST_SIZE && + len > opt.request_size ) + { + len = opt.request_size; + + /* Still end with \r\n unless that's really not possible */ + if( len >= 2 ) buf[len - 2] = '\r'; + if( len >= 1 ) buf[len - 1] = '\n'; + } + + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) + { + written = 0; + frags = 0; + + do + { + while( ( ret = mbedtls_ssl_write( &ssl, buf + written, + len - written ) ) < 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE && + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n", + -ret ); + goto exit; + } + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &server_fd, &timer, ret ); +#else + idle( &server_fd, ret ); +#endif + } + } + + frags++; + written += ret; + } + while( written < len ); + } + else /* Not stream, so datagram */ + { + while( 1 ) + { + ret = mbedtls_ssl_write( &ssl, buf, len ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + continue; +#endif + + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + break; + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &server_fd, &timer, ret ); +#else + idle( &server_fd, ret ); +#endif + } + } + + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", + ret ); + goto exit; + } + + frags = 1; + written = ret; + + if( written < len ) + { + mbedtls_printf( " warning\n ! request didn't fit into single datagram and " + "was truncated to size %u", (unsigned) written ); + } + } + + buf[written] = '\0'; + mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", + written, frags, (char *) buf ); + + /* Send a non-empty request if request_size == 0 */ + if ( len == 0 ) + { + opt.request_size = DFL_REQUEST_SIZE; + goto send_request; + } + + /* + * 7. Read the HTTP response + */ + mbedtls_printf( " < Read from server:" ); + fflush( stdout ); + + /* + * TLS and DTLS need different reading styles (stream vs datagram) + */ + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) + { + do + { + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + ret = mbedtls_ssl_read( &ssl, buf, len ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + continue; +#endif + + if( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + { + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &server_fd, &timer, ret ); +#else + idle( &server_fd, ret ); +#endif + } + continue; + } + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); + ret = 0; + goto close_notify; + + case 0: + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); + ret = 0; + goto reconnect; + + default: + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", + -ret ); + goto exit; + } + } + + len = ret; + buf[len] = '\0'; + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + + /* End of message should be detected according to the syntax of the + * application protocol (eg HTTP), just use a dummy test here. */ + if( ret > 0 && buf[len-1] == '\n' ) + { + ret = 0; + break; + } + } + while( 1 ); + } + else /* Not stream, so datagram */ + { + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + + while( 1 ) + { + ret = mbedtls_ssl_read( &ssl, buf, len ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + continue; +#endif + + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + break; + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &server_fd, &timer, ret ); +#else + idle( &server_fd, ret ); +#endif + } + } + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_TIMEOUT: + mbedtls_printf( " timeout\n" ); + if( retry_left-- > 0 ) + goto send_request; + goto exit; + + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); + ret = 0; + goto close_notify; + + default: + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); + goto exit; + } + } + + len = ret; + buf[len] = '\0'; + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + ret = 0; + } + + /* + * 7b. Simulate hard reset and reconnect from same port? + */ + if( opt.reconnect_hard != 0 ) + { + opt.reconnect_hard = 0; + + mbedtls_printf( " . Restarting connection from same port..." ); + fflush( stdout ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", + -ret ); + goto exit; + } + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE && + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + -ret ); + goto exit; + } + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &server_fd, &timer, ret ); +#else + idle( &server_fd, ret ); +#endif + } + } + + mbedtls_printf( " ok\n" ); + + goto send_request; + } + + /* + * 7c. Continue doing data exchanges? + */ + if( --opt.exchanges > 0 ) + goto send_request; + + /* + * 8. Done, cleanly close the connection + */ +close_notify: + mbedtls_printf( " . Closing the connection..." ); + fflush( stdout ); + + /* No error checking, the connection might be closed already */ + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + ret = 0; + + mbedtls_printf( " done\n" ); + + /* + * 9. Reconnect? + */ +reconnect: + if( opt.reconnect != 0 ) + { + --opt.reconnect; + + mbedtls_net_free( &server_fd ); + +#if defined(MBEDTLS_TIMING_C) + if( opt.reco_delay > 0 ) + mbedtls_net_usleep( 1000000 * opt.reco_delay ); +#endif + + mbedtls_printf( " . Reconnecting with saved session..." ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", + -ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session returned %d\n\n", + ret ); + goto exit; + } + + if( ( ret = mbedtls_net_connect( &server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", + -ret ); + goto exit; + } + + if( opt.nbio > 0 ) + ret = mbedtls_net_set_nonblock( &server_fd ); + else + ret = mbedtls_net_set_block( &server_fd ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", + -ret ); + goto exit; + } + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE && + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + -ret ); + goto exit; + } + } + + mbedtls_printf( " ok\n" ); + + goto send_request; + } + + /* + * Cleanup and exit + */ +exit: +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); + } +#endif + + mbedtls_net_free( &server_fd ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_free( &clicert ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_pk_free( &pkey ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key( key_slot ); +#endif +#endif + mbedtls_ssl_session_free( &saved_session ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + /* This is ok even if the slot hasn't been + * initialized (we might have jumed here + * immediately because of bad cmd line params, + * for example). */ + status = psa_destroy_key( slot ); + if( status != PSA_SUCCESS ) + { + mbedtls_printf( "Failed to destroy key slot %u - error was %d", + (unsigned) slot, (int) status ); + if( ret == 0 ) + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && + MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + // Shell can not handle large exit numbers -> 1 for errors + if( ret < 0 ) + ret = 1; + + return( ret ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_CTR_DRBG_C MBEDTLS_TIMING_C */ diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c new file mode 100644 index 000000000..b6f1cc4fd --- /dev/null +++ b/programs/ssl/ssl_fork_server.c @@ -0,0 +1,435 @@ +/* + * SSL server demonstration program using fork() for handling multiple clients + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_time_t time_t +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ + !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \ + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + return( 0 ); +} +#elif defined(_WIN32) +int main( void ) +{ + mbedtls_printf("_WIN32 defined. This application requires fork() and signals " + "to work correctly.\n"); + return( 0 ); +} +#else + +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" +#include "mbedtls/ssl.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/timing.h" + +#include +#include + +#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) +#include +#endif + +#define HTTP_RESPONSE \ + "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ + "

mbed TLS Test Server

\r\n" \ + "

Successful connection using: %s

\r\n" + +#define DEBUG_LEVEL 0 + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +int main( void ) +{ + int ret = 1, len, cnt = 0, pid; + int exit_code = MBEDTLS_EXIT_FAILURE; + mbedtls_net_context listen_fd, client_fd; + unsigned char buf[1024]; + const char *pers = "ssl_fork_server"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; + + mbedtls_net_init( &listen_fd ); + mbedtls_net_init( &client_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_entropy_init( &entropy ); + mbedtls_pk_init( &pkey ); + mbedtls_x509_crt_init( &srvcert ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + + signal( SIGCHLD, SIG_IGN ); + + /* + * 0. Initial seeding of the RNG + */ + mbedtls_printf( "\n . Initial seeding of the random generator..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1. Load the certificates and private RSA key + */ + mbedtls_printf( " . Loading the server cert. and key..." ); + fflush( stdout ); + + /* + * This demonstration program uses embedded test certificates. + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). + */ + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); + if( ret != 0 ) + { + mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1b. Prepare SSL configuration + */ + mbedtls_printf( " . Configuring SSL..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + + mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) + { + mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Setup the listening TCP socket + */ + mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed! mbedtls_net_bind returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + while( 1 ) + { + /* + * 3. Wait until a client connects + */ + mbedtls_net_init( &client_fd ); + mbedtls_ssl_init( &ssl ); + + mbedtls_printf( " . Waiting for a remote connection ...\n" ); + fflush( stdout ); + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + NULL, 0, NULL ) ) != 0 ) + { + mbedtls_printf( " failed! mbedtls_net_accept returned %d\n\n", ret ); + goto exit; + } + + /* + * 3.5. Forking server thread + */ + + mbedtls_printf( " . Forking to handle connection ..." ); + fflush( stdout ); + + pid = fork(); + + if( pid < 0 ) + { + mbedtls_printf(" failed! fork returned %d\n\n", pid ); + goto exit; + } + + if( pid != 0 ) + { + mbedtls_printf( " ok\n" ); + + if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, + (const unsigned char *) "parent", + 6 ) ) != 0 ) + { + mbedtls_printf( " failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret ); + goto exit; + } + + continue; + } + + mbedtls_net_init( &listen_fd ); + + pid = getpid(); + + /* + * 4. Setup stuff + */ + mbedtls_printf( "pid %d: Setting up the SSL data.\n", pid ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, + (const unsigned char *) "child", + 5 ) ) != 0 ) + { + mbedtls_printf( + "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n", + pid, ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( + "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n", + pid, ret ); + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + mbedtls_printf( "pid %d: SSL setup ok\n", pid ); + + /* + * 5. Handshake + */ + mbedtls_printf( "pid %d: Performing the SSL/TLS handshake.\n", pid ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( + "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n", + pid, ret ); + goto exit; + } + } + + mbedtls_printf( "pid %d: SSL handshake ok\n", pid ); + + /* + * 6. Read the HTTP Request + */ + mbedtls_printf( "pid %d: Start reading from client.\n", pid ); + fflush( stdout ); + + do + { + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + ret = mbedtls_ssl_read( &ssl, buf, len ); + + if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + continue; + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( "pid %d: connection was closed gracefully\n", pid ); + break; + + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( "pid %d: connection was reset by peer\n", pid ); + break; + + default: + mbedtls_printf( "pid %d: mbedtls_ssl_read returned %d\n", pid, ret ); + break; + } + + break; + } + + len = ret; + mbedtls_printf( "pid %d: %d bytes read\n\n%s", pid, len, (char *) buf ); + + if( ret > 0 ) + break; + } + while( 1 ); + + /* + * 7. Write the 200 Response + */ + mbedtls_printf( "pid %d: Start writing to client.\n", pid ); + fflush( stdout ); + + len = sprintf( (char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite( &ssl ) ); + + while( cnt++ < 100 ) + { + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) + { + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) + { + mbedtls_printf( + "pid %d: Write failed! peer closed the connection\n\n", pid ); + goto exit; + } + + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( + "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n", + pid, ret ); + goto exit; + } + } + len = ret; + mbedtls_printf( "pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf ); + + mbedtls_net_usleep( 1000000 ); + } + + mbedtls_ssl_close_notify( &ssl ); + goto exit; + } + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + mbedtls_net_free( &client_fd ); + mbedtls_net_free( &listen_fd ); + + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && + MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && + MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_PARSE_C && + ! _WIN32 */ diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c new file mode 100644 index 000000000..c73297c2a --- /dev/null +++ b/programs/ssl/ssl_mail_client.c @@ -0,0 +1,871 @@ +/* + * SSL client for SMTP servers + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* Enable definition of gethostname() even when compiling with -std=c99. Must + * be set before config.h, which pulls in glibc's features.h indirectly. + * Harmless on other platforms. */ +#define _POSIX_C_SOURCE 200112L + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_FS_IO) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/base64.h" +#include "mbedtls/error.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/ssl.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" + +#include +#include + +#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) +#include +#else +#include +#endif + +#if defined(_WIN32) || defined(_WIN32_WCE) +#include +#include + +#if defined(_MSC_VER) +#if defined(_WIN32_WCE) +#pragma comment( lib, "ws2.lib" ) +#else +#pragma comment( lib, "ws2_32.lib" ) +#endif +#endif /* _MSC_VER */ +#endif + +#define DFL_SERVER_NAME "localhost" +#define DFL_SERVER_PORT "465" +#define DFL_USER_NAME "user" +#define DFL_USER_PWD "password" +#define DFL_MAIL_FROM "" +#define DFL_MAIL_TO "" +#define DFL_DEBUG_LEVEL 0 +#define DFL_CA_FILE "" +#define DFL_CRT_FILE "" +#define DFL_KEY_FILE "" +#define DFL_FORCE_CIPHER 0 +#define DFL_MODE 0 +#define DFL_AUTHENTICATION 0 + +#define MODE_SSL_TLS 0 +#define MODE_STARTTLS 0 + +#if defined(MBEDTLS_BASE64_C) +#define USAGE_AUTH \ + " authentication=%%d default: 0 (disabled)\n" \ + " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \ + " user_pwd=%%s default: \"" DFL_USER_PWD "\"\n" +#else +#define USAGE_AUTH \ + " authentication options disabled. (Require MBEDTLS_BASE64_C)\n" +#endif /* MBEDTLS_BASE64_C */ + +#if defined(MBEDTLS_FS_IO) +#define USAGE_IO \ + " ca_file=%%s default: \"\" (pre-loaded)\n" \ + " crt_file=%%s default: \"\" (pre-loaded)\n" \ + " key_file=%%s default: \"\" (pre-loaded)\n" +#else +#define USAGE_IO \ + " No file operations available (MBEDTLS_FS_IO not defined)\n" +#endif /* MBEDTLS_FS_IO */ + +#define USAGE \ + "\n usage: ssl_mail_client param=<>...\n" \ + "\n acceptable parameters:\n" \ + " server_name=%%s default: " DFL_SERVER_NAME "\n" \ + " server_port=%%d default: " DFL_SERVER_PORT "\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ + USAGE_AUTH \ + " mail_from=%%s default: \"\"\n" \ + " mail_to=%%s default: \"\"\n" \ + USAGE_IO \ + " force_ciphersuite= default: all enabled\n" \ + " acceptable ciphersuite names:\n" + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *server_name; /* hostname of the server (client only) */ + const char *server_port; /* port on which the ssl service runs */ + int debug_level; /* level of debugging */ + int authentication; /* if authentication is required */ + int mode; /* SSL/TLS (0) or STARTTLS (1) */ + const char *user_name; /* username to use for authentication */ + const char *user_pwd; /* password to use for authentication */ + const char *mail_from; /* E-Mail address to use as sender */ + const char *mail_to; /* E-Mail address to use as recipient */ + const char *ca_file; /* the file with the CA certificate(s) */ + const char *crt_file; /* the file with the client certificate */ + const char *key_file; /* the file with the client key */ + int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ +} opt; + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +static int do_handshake( mbedtls_ssl_context *ssl ) +{ + int ret; + uint32_t flags; + unsigned char buf[1024]; + memset(buf, 0, 1024); + + /* + * 4. Handshake + */ + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { +#if defined(MBEDTLS_ERROR_C) + mbedtls_strerror( ret, (char *) buf, 1024 ); +#endif + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf ); + return( -1 ); + } + } + + mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_ciphersuite( ssl ) ); + + /* + * 5. Verify the server certificate + */ + mbedtls_printf( " . Verifying peer X.509 certificate..." ); + + /* In real life, we probably want to bail out when ret != 0 */ + if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) + { + char vrfy_buf[512]; + + mbedtls_printf( " failed\n" ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } + else + mbedtls_printf( " ok\n" ); + + mbedtls_printf( " . Peer certificate information ...\n" ); + mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", + mbedtls_ssl_get_peer_cert( ssl ) ); + mbedtls_printf( "%s\n", buf ); + + return( 0 ); +} + +static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +{ + int ret; + + mbedtls_printf("\n%s", buf); + while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + return -1; + } + } + + return( 0 ); +} + +static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +{ + int ret; + unsigned char data[128]; + char code[4]; + size_t i, idx = 0; + + mbedtls_printf("\n%s", buf); + while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + return -1; + } + } + + do + { + len = sizeof( data ) - 1; + memset( data, 0, sizeof( data ) ); + ret = mbedtls_ssl_read( ssl, data, len ); + + if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + continue; + + if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) + return -1; + + if( ret <= 0 ) + { + mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); + return -1; + } + + mbedtls_printf("\n%s", data); + len = ret; + for( i = 0; i < len; i++ ) + { + if( data[i] != '\n' ) + { + if( idx < 4 ) + code[ idx++ ] = data[i]; + continue; + } + + if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) + { + code[3] = '\0'; + return atoi( code ); + } + + idx = 0; + } + } + while( 1 ); +} + +static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len ) +{ + int ret; + unsigned char data[128]; + char code[4]; + size_t i, idx = 0; + + mbedtls_printf("\n%s", buf); + if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + return -1; + } + + do + { + len = sizeof( data ) - 1; + memset( data, 0, sizeof( data ) ); + ret = mbedtls_net_recv( sock_fd, data, len ); + + if( ret <= 0 ) + { + mbedtls_printf( "failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + return -1; + } + + data[len] = '\0'; + mbedtls_printf("\n%s", data); + len = ret; + for( i = 0; i < len; i++ ) + { + if( data[i] != '\n' ) + { + if( idx < 4 ) + code[ idx++ ] = data[i]; + continue; + } + + if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) + { + code[3] = '\0'; + return atoi( code ); + } + + idx = 0; + } + } + while( 1 ); +} + +int main( int argc, char *argv[] ) +{ + int ret = 1, len; + int exit_code = MBEDTLS_EXIT_FAILURE; + mbedtls_net_context server_fd; +#if defined(MBEDTLS_BASE64_C) + unsigned char base[1024]; + /* buf is used as the destination buffer for printing base with the format: + * "%s\r\n". Hence, the size of buf should be at least the size of base + * plus 2 bytes for the \r and \n characters. + */ + unsigned char buf[sizeof( base ) + 2]; +#else + unsigned char buf[1024]; +#endif + char hostname[32]; + const char *pers = "ssl_mail_client"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt cacert; + mbedtls_x509_crt clicert; + mbedtls_pk_context pkey; + int i; + size_t n; + char *p, *q; + const int *list; + + /* + * Make sure memory references are valid in case we exit early. + */ + mbedtls_net_init( &server_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + memset( &buf, 0, sizeof( buf ) ); + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &clicert ); + mbedtls_pk_init( &pkey ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + + if( argc == 0 ) + { + usage: + mbedtls_printf( USAGE ); + + list = mbedtls_ssl_list_ciphersuites(); + while( *list ) + { + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + list++; + } + mbedtls_printf("\n"); + goto exit; + } + + opt.server_name = DFL_SERVER_NAME; + opt.server_port = DFL_SERVER_PORT; + opt.debug_level = DFL_DEBUG_LEVEL; + opt.authentication = DFL_AUTHENTICATION; + opt.mode = DFL_MODE; + opt.user_name = DFL_USER_NAME; + opt.user_pwd = DFL_USER_PWD; + opt.mail_from = DFL_MAIL_FROM; + opt.mail_to = DFL_MAIL_TO; + opt.ca_file = DFL_CA_FILE; + opt.crt_file = DFL_CRT_FILE; + opt.key_file = DFL_KEY_FILE; + opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "server_name" ) == 0 ) + opt.server_name = q; + else if( strcmp( p, "server_port" ) == 0 ) + opt.server_port = q; + else if( strcmp( p, "debug_level" ) == 0 ) + { + opt.debug_level = atoi( q ); + if( opt.debug_level < 0 || opt.debug_level > 65535 ) + goto usage; + } + else if( strcmp( p, "authentication" ) == 0 ) + { + opt.authentication = atoi( q ); + if( opt.authentication < 0 || opt.authentication > 1 ) + goto usage; + } + else if( strcmp( p, "mode" ) == 0 ) + { + opt.mode = atoi( q ); + if( opt.mode < 0 || opt.mode > 1 ) + goto usage; + } + else if( strcmp( p, "user_name" ) == 0 ) + opt.user_name = q; + else if( strcmp( p, "user_pwd" ) == 0 ) + opt.user_pwd = q; + else if( strcmp( p, "mail_from" ) == 0 ) + opt.mail_from = q; + else if( strcmp( p, "mail_to" ) == 0 ) + opt.mail_to = q; + else if( strcmp( p, "ca_file" ) == 0 ) + opt.ca_file = q; + else if( strcmp( p, "crt_file" ) == 0 ) + opt.crt_file = q; + else if( strcmp( p, "key_file" ) == 0 ) + opt.key_file = q; + else if( strcmp( p, "force_ciphersuite" ) == 0 ) + { + opt.force_ciphersuite[0] = -1; + + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + + if( opt.force_ciphersuite[0] <= 0 ) + goto usage; + + opt.force_ciphersuite[1] = 0; + } + else + goto usage; + } + + /* + * 0. Initialize the RNG and the session data + */ + mbedtls_printf( "\n . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1.1. Load the trusted CA + */ + mbedtls_printf( " . Loading the CA root certificate ..." ); + fflush( stdout ); + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.ca_file ) ) + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); + else +#endif +#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); +#else + { + mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined."); + goto exit; + } +#endif + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok (%d skipped)\n", ret ); + + /* + * 1.2. Load own certificate and private key + * + * (can be skipped if client authentication is not required) + */ + mbedtls_printf( " . Loading the client cert. and key..." ); + fflush( stdout ); + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.crt_file ) ) + ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); + else +#endif +#if defined(MBEDTLS_CERTS_C) + ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len ); +#else + { + mbedtls_printf("MBEDTLS_CERTS_C not defined."); + goto exit; + } +#endif + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.key_file ) ) + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); + else +#endif +#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0 ); +#else + { + mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined."); + goto exit; + } +#endif + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Start the connection + */ + mbedtls_printf( " . Connecting to tcp/%s/%s...", opt.server_name, + opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 3. Setup stuff + */ + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + /* OPTIONAL is not optimal for security, + * but makes interop easier in this simplified example */ + mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + + if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) + mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + + mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + mbedtls_printf( " ok\n" ); + + if( opt.mode == MODE_SSL_TLS ) + { + if( do_handshake( &ssl ) != 0 ) + goto exit; + + mbedtls_printf( " > Get header from server:" ); + fflush( stdout ); + + ret = write_ssl_and_get_response( &ssl, buf, 0 ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write EHLO to server:" ); + fflush( stdout ); + + gethostname( hostname, 32 ); + len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + } + else + { + mbedtls_printf( " > Get header from server:" ); + fflush( stdout ); + + ret = write_and_get_response( &server_fd, buf, 0 ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write EHLO to server:" ); + fflush( stdout ); + + gethostname( hostname, 32 ); + len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); + ret = write_and_get_response( &server_fd, buf, len ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write STARTTLS to server:" ); + fflush( stdout ); + + gethostname( hostname, 32 ); + len = sprintf( (char *) buf, "STARTTLS\r\n" ); + ret = write_and_get_response( &server_fd, buf, len ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + if( do_handshake( &ssl ) != 0 ) + goto exit; + } + +#if defined(MBEDTLS_BASE64_C) + if( opt.authentication ) + { + mbedtls_printf( " > Write AUTH LOGIN to server:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, "AUTH LOGIN\r\n" ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 200 || ret > 399 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write username to server: %s", opt.user_name ); + fflush( stdout ); + + ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name, + strlen( opt.user_name ) ); + + if( ret != 0 ) { + mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); + goto exit; + } + len = sprintf( (char *) buf, "%s\r\n", base ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 300 || ret > 399 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write password to server: %s", opt.user_pwd ); + fflush( stdout ); + + ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd, + strlen( opt.user_pwd ) ); + + if( ret != 0 ) { + mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); + goto exit; + } + len = sprintf( (char *) buf, "%s\r\n", base ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 200 || ret > 399 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + } +#endif + + mbedtls_printf( " > Write MAIL FROM to server:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write RCPT TO to server:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write DATA to server:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, "DATA\r\n" ); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 300 || ret > 399 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_printf( " > Write content to server:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" + "This is a simple test mail from the " + "mbed TLS mail client example.\r\n" + "\r\n" + "Enjoy!", opt.mail_from ); + ret = write_ssl_data( &ssl, buf, len ); + + len = sprintf( (char *) buf, "\r\n.\r\n"); + ret = write_ssl_and_get_response( &ssl, buf, len ); + if( ret < 200 || ret > 299 ) + { + mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + goto exit; + } + + mbedtls_printf(" ok\n" ); + + mbedtls_ssl_close_notify( &ssl ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + + mbedtls_net_free( &server_fd ); + mbedtls_x509_crt_free( &clicert ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C ** + MBEDTLS_CTR_DRBG_C */ diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c new file mode 100644 index 000000000..b5026959a --- /dev/null +++ b/programs/ssl/ssl_pthread_server.c @@ -0,0 +1,545 @@ +/* + * SSL server demonstration program using pthread for handling multiple + * clients. + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_snprintf snprintf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ + !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \ + !defined(MBEDTLS_PEM_PARSE_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + return( 0 ); +} +#else + +#include +#include + +#if defined(_WIN32) +#include +#endif + +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" +#include "mbedtls/ssl.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/error.h" + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#include "mbedtls/memory_buffer_alloc.h" +#endif + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +#define HTTP_RESPONSE \ + "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ + "

mbed TLS Test Server

\r\n" \ + "

Successful connection using: %s

\r\n" + +#define DEBUG_LEVEL 0 + +#define MAX_NUM_THREADS 5 + +mbedtls_threading_mutex_t debug_mutex; + +static void my_mutexed_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + long int thread_id = (long int) pthread_self(); + + mbedtls_mutex_lock( &debug_mutex ); + + ((void) level); + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: [ #%ld ] %s", + file, line, thread_id, str ); + fflush( (FILE *) ctx ); + + mbedtls_mutex_unlock( &debug_mutex ); +} + +typedef struct { + mbedtls_net_context client_fd; + int thread_complete; + const mbedtls_ssl_config *config; +} thread_info_t; + +typedef struct { + int active; + thread_info_t data; + pthread_t thread; +} pthread_info_t; + +static thread_info_t base_info; +static pthread_info_t threads[MAX_NUM_THREADS]; + +static void *handle_ssl_connection( void *data ) +{ + int ret, len; + thread_info_t *thread_info = (thread_info_t *) data; + mbedtls_net_context *client_fd = &thread_info->client_fd; + long int thread_id = (long int) pthread_self(); + unsigned char buf[1024]; + mbedtls_ssl_context ssl; + + /* Make sure memory references are valid */ + mbedtls_ssl_init( &ssl ); + + mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id ); + + /* + * 4. Get the SSL context ready + */ + if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 ) + { + mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", + thread_id, -ret ); + goto thread_exit; + } + + mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + /* + * 5. Handshake + */ + mbedtls_printf( " [ #%ld ] Performing the SSL/TLS handshake\n", thread_id ); + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", + thread_id, -ret ); + goto thread_exit; + } + } + + mbedtls_printf( " [ #%ld ] ok\n", thread_id ); + + /* + * 6. Read the HTTP Request + */ + mbedtls_printf( " [ #%ld ] < Read from client\n", thread_id ); + + do + { + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + ret = mbedtls_ssl_read( &ssl, buf, len ); + + if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + continue; + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " [ #%ld ] connection was closed gracefully\n", + thread_id ); + goto thread_exit; + + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " [ #%ld ] connection was reset by peer\n", + thread_id ); + goto thread_exit; + + default: + mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", + thread_id, -ret ); + goto thread_exit; + } + } + + len = ret; + mbedtls_printf( " [ #%ld ] %d bytes read\n=====\n%s\n=====\n", + thread_id, len, (char *) buf ); + + if( ret > 0 ) + break; + } + while( 1 ); + + /* + * 7. Write the 200 Response + */ + mbedtls_printf( " [ #%ld ] > Write to client:\n", thread_id ); + + len = sprintf( (char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite( &ssl ) ); + + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) + { + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) + { + mbedtls_printf( " [ #%ld ] failed: peer closed the connection\n", + thread_id ); + goto thread_exit; + } + + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", + thread_id, ret ); + goto thread_exit; + } + } + + len = ret; + mbedtls_printf( " [ #%ld ] %d bytes written\n=====\n%s\n=====\n", + thread_id, len, (char *) buf ); + + mbedtls_printf( " [ #%ld ] . Closing the connection...", thread_id ); + + while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", + thread_id, ret ); + goto thread_exit; + } + } + + mbedtls_printf( " ok\n" ); + + ret = 0; + +thread_exit: + +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n", + thread_id, -ret, error_buf ); + } +#endif + + mbedtls_net_free( client_fd ); + mbedtls_ssl_free( &ssl ); + + thread_info->thread_complete = 1; + + return( NULL ); +} + +static int thread_create( mbedtls_net_context *client_fd ) +{ + int ret, i; + + /* + * Find in-active or finished thread slot + */ + for( i = 0; i < MAX_NUM_THREADS; i++ ) + { + if( threads[i].active == 0 ) + break; + + if( threads[i].data.thread_complete == 1 ) + { + mbedtls_printf( " [ main ] Cleaning up thread %d\n", i ); + pthread_join(threads[i].thread, NULL ); + memset( &threads[i], 0, sizeof(pthread_info_t) ); + break; + } + } + + if( i == MAX_NUM_THREADS ) + return( -1 ); + + /* + * Fill thread-info for thread + */ + memcpy( &threads[i].data, &base_info, sizeof(base_info) ); + threads[i].active = 1; + memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) ); + + if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, + &threads[i].data ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} + +int main( void ) +{ + int ret; + mbedtls_net_context listen_fd, client_fd; + const char pers[] = "ssl_pthread_server"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_config conf; + mbedtls_x509_crt srvcert; + mbedtls_x509_crt cachain; + mbedtls_pk_context pkey; +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + unsigned char alloc_buf[100000]; +#endif +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; +#endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); +#endif + +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); +#endif + + mbedtls_x509_crt_init( &srvcert ); + mbedtls_x509_crt_init( &cachain ); + + mbedtls_ssl_config_init( &conf ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + memset( threads, 0, sizeof(threads) ); + mbedtls_net_init( &listen_fd ); + mbedtls_net_init( &client_fd ); + + mbedtls_mutex_init( &debug_mutex ); + + base_info.config = &conf; + + /* + * We use only a single entropy source that is used in all the threads. + */ + mbedtls_entropy_init( &entropy ); + + /* + * 1. Load the certificates and private RSA key + */ + mbedtls_printf( "\n . Loading the server cert. and key..." ); + fflush( stdout ); + + /* + * This demonstration program uses embedded test certificates. + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). + */ + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_x509_crt_parse( &cachain, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + mbedtls_pk_init( &pkey ); + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1b. Seed the random number generator + */ + mbedtls_printf( " . Seeding the random number generator..." ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1c. Prepare SSL configuration + */ + mbedtls_printf( " . Setting up the SSL data...." ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n", + -ret ); + goto exit; + } + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout ); + + /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if + * MBEDTLS_THREADING_C is set. + */ +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_cache_get, + mbedtls_ssl_cache_set ); +#endif + + mbedtls_ssl_conf_ca_chain( &conf, &cachain, NULL ); + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + + /* + * 2. Setup the listening TCP socket + */ + mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + +reset: +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf ); + } +#endif + + /* + * 3. Wait until a client connects + */ + mbedtls_printf( " [ main ] Waiting for a remote connection\n" ); + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + NULL, 0, NULL ) ) != 0 ) + { + mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret ); + goto exit; + } + + mbedtls_printf( " [ main ] ok\n" ); + mbedtls_printf( " [ main ] Creating a new thread\n" ); + + if( ( ret = thread_create( &client_fd ) ) != 0 ) + { + mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret ); + mbedtls_net_free( &client_fd ); + goto reset; + } + + ret = 0; + goto reset; + +exit: + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); +#endif + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + mbedtls_ssl_config_free( &conf ); + + mbedtls_net_free( &listen_fd ); + + mbedtls_mutex_free( &debug_mutex ); + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_free(); +#endif + +#if defined(_WIN32) + mbedtls_printf( " Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( ret ); +} + +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && + MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && + MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_THREADING_C && + MBEDTLS_THREADING_PTHREAD && MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c new file mode 100644 index 000000000..1852b2bad --- /dev/null +++ b/programs/ssl/ssl_server.c @@ -0,0 +1,416 @@ +/* + * SSL server demonstration program + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ + !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_PEM_PARSE_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + return( 0 ); +} +#else + +#include +#include + +#if defined(_WIN32) +#include +#endif + +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" +#include "mbedtls/ssl.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/error.h" +#include "mbedtls/debug.h" + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#define HTTP_RESPONSE \ + "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ + "

mbed TLS Test Server

\r\n" \ + "

Successful connection using: %s

\r\n" + +#define DEBUG_LEVEL 0 + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +int main( void ) +{ + int ret, len; + mbedtls_net_context listen_fd, client_fd; + unsigned char buf[1024]; + const char *pers = "ssl_server"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; +#endif + + mbedtls_net_init( &listen_fd ); + mbedtls_net_init( &client_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); +#endif + mbedtls_x509_crt_init( &srvcert ); + mbedtls_pk_init( &pkey ); + mbedtls_entropy_init( &entropy ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( DEBUG_LEVEL ); +#endif + + /* + * 1. Load the certificates and private RSA key + */ + mbedtls_printf( "\n . Loading the server cert. and key..." ); + fflush( stdout ); + + /* + * This demonstration program uses embedded test certificates. + * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the + * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). + */ + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + goto exit; + } + + ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0 ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Setup the listening TCP socket + */ + mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 3. Seed the RNG + */ + mbedtls_printf( " . Seeding the random number generator..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 4. Setup stuff + */ + mbedtls_printf( " . Setting up the SSL data...." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_cache_get, + mbedtls_ssl_cache_set ); +#endif + + mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + +reset: +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &client_fd ); + + mbedtls_ssl_session_reset( &ssl ); + + /* + * 3. Wait until a client connects + */ + mbedtls_printf( " . Waiting for a remote connection ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + NULL, 0, NULL ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + mbedtls_printf( " ok\n" ); + + /* + * 5. Handshake + */ + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); + goto reset; + } + } + + mbedtls_printf( " ok\n" ); + + /* + * 6. Read the HTTP Request + */ + mbedtls_printf( " < Read from client:" ); + fflush( stdout ); + + do + { + len = sizeof( buf ) - 1; + memset( buf, 0, sizeof( buf ) ); + ret = mbedtls_ssl_read( &ssl, buf, len ); + + if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + continue; + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); + break; + + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); + break; + + default: + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); + break; + } + + break; + } + + len = ret; + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + + if( ret > 0 ) + break; + } + while( 1 ); + + /* + * 7. Write the 200 Response + */ + mbedtls_printf( " > Write to client:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite( &ssl ) ); + + while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) + { + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) + { + mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); + goto reset; + } + + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + goto exit; + } + } + + len = ret; + mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); + + mbedtls_printf( " . Closing the connection..." ); + + while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret ); + goto reset; + } + } + + mbedtls_printf( " ok\n" ); + + ret = 0; + goto reset; + +exit: + +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &client_fd ); + mbedtls_net_free( &listen_fd ); + + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); +#endif + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( ret ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && + MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && + MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C + && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c new file mode 100644 index 000000000..d1e45be3c --- /dev/null +++ b/programs/ssl/ssl_server2.c @@ -0,0 +1,3533 @@ +/* + * SSL client with options + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_calloc calloc +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif + +#if !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/net_sockets.h" +#include "mbedtls/ssl.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/certs.h" +#include "mbedtls/x509.h" +#include "mbedtls/error.h" +#include "mbedtls/debug.h" +#include "mbedtls/timing.h" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + +#include +#include +#include +#include + +#if !defined(_MSC_VER) +#include +#endif + +#if !defined(_WIN32) +#include +#endif + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#if defined(MBEDTLS_SSL_TICKET_C) +#include "mbedtls/ssl_ticket.h" +#endif + +#if defined(MBEDTLS_SSL_COOKIE_C) +#include "mbedtls/ssl_cookie.h" +#endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#include "mbedtls/memory_buffer_alloc.h" +#endif + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO) +#define SNI_OPTION +#endif + +#if defined(_WIN32) +#include +#endif + +/* Size of memory to be allocated for the heap, when using the library's memory + * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */ +#define MEMORY_HEAP_SIZE 120000 + +#define DFL_SERVER_ADDR NULL +#define DFL_SERVER_PORT "4433" +#define DFL_RESPONSE_SIZE -1 +#define DFL_DEBUG_LEVEL 0 +#define DFL_NBIO 0 +#define DFL_EVENT 0 +#define DFL_READ_TIMEOUT 0 +#define DFL_CA_FILE "" +#define DFL_CA_PATH "" +#define DFL_CRT_FILE "" +#define DFL_KEY_FILE "" +#define DFL_CRT_FILE2 "" +#define DFL_KEY_FILE2 "" +#define DFL_ASYNC_OPERATIONS "-" +#define DFL_ASYNC_PRIVATE_DELAY1 ( -1 ) +#define DFL_ASYNC_PRIVATE_DELAY2 ( -1 ) +#define DFL_ASYNC_PRIVATE_ERROR ( 0 ) +#define DFL_PSK "" +#define DFL_PSK_OPAQUE 0 +#define DFL_PSK_LIST_OPAQUE 0 +#define DFL_PSK_IDENTITY "Client_identity" +#define DFL_ECJPAKE_PW NULL +#define DFL_PSK_LIST NULL +#define DFL_FORCE_CIPHER 0 +#define DFL_VERSION_SUITES NULL +#define DFL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION_DISABLED +#define DFL_ALLOW_LEGACY -2 +#define DFL_RENEGOTIATE 0 +#define DFL_RENEGO_DELAY -2 +#define DFL_RENEGO_PERIOD ( (uint64_t)-1 ) +#define DFL_EXCHANGES 1 +#define DFL_MIN_VERSION -1 +#define DFL_MAX_VERSION -1 +#define DFL_ARC4 -1 +#define DFL_SHA1 -1 +#define DFL_AUTH_MODE -1 +#define DFL_CERT_REQ_CA_LIST MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED +#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE +#define DFL_TRUNC_HMAC -1 +#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED +#define DFL_TICKET_TIMEOUT 86400 +#define DFL_CACHE_MAX -1 +#define DFL_CACHE_TIMEOUT -1 +#define DFL_SNI NULL +#define DFL_ALPN_STRING NULL +#define DFL_CURVES NULL +#define DFL_DHM_FILE NULL +#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM +#define DFL_COOKIES 1 +#define DFL_ANTI_REPLAY -1 +#define DFL_HS_TO_MIN 0 +#define DFL_HS_TO_MAX 0 +#define DFL_DTLS_MTU -1 +#define DFL_BADMAC_LIMIT -1 +#define DFL_DGRAM_PACKING 1 +#define DFL_EXTENDED_MS -1 +#define DFL_ETM -1 +#define DFL_CA_CALLBACK 0 + +#define LONG_RESPONSE "

01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah

\r\n" + +/* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer + * packets (for fragmentation purposes) */ +#define HTTP_RESPONSE \ + "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ + "

mbed TLS Test Server

\r\n" \ + "

Successful connection using: %s

\r\n" // LONG_RESPONSE + +/* + * Size of the basic I/O buffer. Able to hold our default response. + * + * You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh + * if you change this value to something outside the range <= 100 or > 500 + */ +#define DFL_IO_BUF_LEN 200 + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_FS_IO) +#define USAGE_IO \ + " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (pre-loaded)\n" \ + " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (pre-loaded) (overrides ca_file)\n" \ + " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ + " default: see note after key_file2\n" \ + " key_file=%%s default: see note after key_file2\n" \ + " crt_file2=%%s Your second cert and chain (in bottom to top order, top may be omitted)\n" \ + " default: see note after key_file2\n" \ + " key_file2=%%s default: see note below\n" \ + " note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \ + " preloaded certificate(s) and key(s) are used if available\n" \ + " dhm_file=%%s File containing Diffie-Hellman parameters\n" \ + " default: preloaded parameters\n" +#else +#define USAGE_IO \ + "\n" \ + " No file operations available (MBEDTLS_FS_IO not defined)\n" \ + "\n" +#endif /* MBEDTLS_FS_IO */ +#else +#define USAGE_IO "" +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +#define USAGE_SSL_ASYNC \ + " async_operations=%%c... d=decrypt, s=sign (default: -=off)\n" \ + " async_private_delay1=%%d Asynchronous delay for key_file or preloaded key\n" \ + " async_private_delay2=%%d Asynchronous delay for key_file2 and sni\n" \ + " default: -1 (not asynchronous)\n" \ + " async_private_error=%%d Async callback error injection (default=0=none,\n" \ + " 1=start, 2=cancel, 3=resume, negative=first time only)" +#else +#define USAGE_SSL_ASYNC "" +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#define USAGE_PSK_RAW \ + " psk=%%s default: \"\" (in hex, without 0x)\n" \ + " psk_list=%%s default: \"\"\n" \ + " A list of (PSK identity, PSK value) pairs.\n" \ + " The PSK values are in hex, without 0x.\n" \ + " id1,psk1[,id2,psk2[,...]]\n" \ + " psk_identity=%%s default: \"Client_identity\"\n" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define USAGE_PSK_SLOT \ + " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \ + " Enable this to store the PSK configured through command line\n" \ + " parameter `psk` in a PSA-based key slot.\n" \ + " Note: Currently only supported in conjunction with\n" \ + " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ + " to force a particular PSK-only ciphersuite.\n" \ + " Note: This is to test integration of PSA-based opaque PSKs with\n" \ + " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ + " with prepopulated key slots instead of importing raw key material.\n" \ + " psk_list_opaque=%%d default: 0 (don't use opaque dynamic PSKs)\n" \ + " Enable this to store the list of dynamically chosen PSKs configured\n" \ + " through the command line parameter `psk_list` in PSA-based key slots.\n" \ + " Note: Currently only supported in conjunction with\n" \ + " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \ + " to force a particular PSK-only ciphersuite.\n" \ + " Note: This is to test integration of PSA-based opaque PSKs with\n" \ + " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \ + " with prepopulated key slots instead of importing raw key material.\n" +#else +#define USAGE_PSK_SLOT "" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT +#else +#define USAGE_PSK "" +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +#define USAGE_CA_CALLBACK \ + " ca_callback=%%d default: 0 (disabled)\n" \ + " Enable this to use the trusted certificate callback function\n" +#else +#define USAGE_CA_CALLBACK "" +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#define USAGE_TICKETS \ + " tickets=%%d default: 1 (enabled)\n" \ + " ticket_timeout=%%d default: 86400 (one day)\n" +#else +#define USAGE_TICKETS "" +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_CACHE_C) +#define USAGE_CACHE \ + " cache_max=%%d default: cache default (50)\n" \ + " cache_timeout=%%d default: cache default (1d)\n" +#else +#define USAGE_CACHE "" +#endif /* MBEDTLS_SSL_CACHE_C */ + +#if defined(SNI_OPTION) +#define USAGE_SNI \ + " sni=%%s name1,cert1,key1,ca1,crl1,auth1[,...]\n" \ + " default: disabled\n" +#else +#define USAGE_SNI "" +#endif /* SNI_OPTION */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#define USAGE_MAX_FRAG_LEN \ + " max_frag_len=%%d default: 16384 (tls default)\n" \ + " options: 512, 1024, 2048, 4096\n" +#else +#define USAGE_MAX_FRAG_LEN "" +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +#define USAGE_TRUNC_HMAC \ + " trunc_hmac=%%d default: library default\n" +#else +#define USAGE_TRUNC_HMAC "" +#endif + +#if defined(MBEDTLS_SSL_ALPN) +#define USAGE_ALPN \ + " alpn=%%s default: \"\" (disabled)\n" \ + " example: spdy/1,http/1.1\n" +#else +#define USAGE_ALPN "" +#endif /* MBEDTLS_SSL_ALPN */ + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +#define USAGE_COOKIES \ + " cookies=0/1/-1 default: 1 (enabled)\n" \ + " 0: disabled, -1: library default (broken)\n" +#else +#define USAGE_COOKIES "" +#endif + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +#define USAGE_ANTI_REPLAY \ + " anti_replay=0/1 default: (library default: enabled)\n" +#else +#define USAGE_ANTI_REPLAY "" +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) +#define USAGE_BADMAC_LIMIT \ + " badmac_limit=%%d default: (library default: disabled)\n" +#else +#define USAGE_BADMAC_LIMIT "" +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +#define USAGE_DTLS \ + " dtls=%%d default: 0 (TLS)\n" \ + " hs_timeout=%%d-%%d default: (library default: 1000-60000)\n" \ + " range of DTLS handshake timeouts in millisecs\n" \ + " mtu=%%d default: (library default: unlimited)\n" \ + " dgram_packing=%%d default: 1 (allowed)\n" \ + " allow or forbid packing of multiple\n" \ + " records within a single datgram.\n" +#else +#define USAGE_DTLS "" +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +#define USAGE_EMS \ + " extended_ms=0/1 default: (library default: on)\n" +#else +#define USAGE_EMS "" +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +#define USAGE_ETM \ + " etm=0/1 default: (library default: on)\n" +#else +#define USAGE_ETM "" +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +#define USAGE_RENEGO \ + " renegotiation=%%d default: 0 (disabled)\n" \ + " renegotiate=%%d default: 0 (disabled)\n" \ + " renego_delay=%%d default: -2 (library default)\n" \ + " renego_period=%%d default: (2^64 - 1 for TLS, 2^48 - 1 for DTLS)\n" +#else +#define USAGE_RENEGO "" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#define USAGE_ECJPAKE \ + " ecjpake_pw=%%s default: none (disabled)\n" +#else +#define USAGE_ECJPAKE "" +#endif + +#if defined(MBEDTLS_ECP_C) +#define USAGE_CURVES \ + " curves=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"secp521r1,brainpoolP512r1\"\n" \ + " - use \"none\" for empty list\n" \ + " - see mbedtls_ecp_curve_list()\n" \ + " for acceptable curve names\n" +#else +#define USAGE_CURVES "" +#endif + +#define USAGE \ + "\n usage: ssl_server2 param=<>...\n" \ + "\n acceptable parameters:\n" \ + " server_addr=%%s default: (all interfaces)\n" \ + " server_port=%%d default: 4433\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " buffer_size=%%d default: 200 \n" \ + " (minimum: 1, max: 16385)\n" \ + " response_size=%%d default: about 152 (basic response)\n" \ + " (minimum: 0, max: 16384)\n" \ + " increases buffer_size if bigger\n"\ + " nbio=%%d default: 0 (blocking I/O)\n" \ + " options: 1 (non-blocking), 2 (added delays)\n" \ + " event=%%d default: 0 (loop)\n" \ + " options: 1 (level-triggered, implies nbio=1),\n" \ + " read_timeout=%%d default: 0 ms (no timeout)\n" \ + "\n" \ + USAGE_DTLS \ + USAGE_COOKIES \ + USAGE_ANTI_REPLAY \ + USAGE_BADMAC_LIMIT \ + "\n" \ + " auth_mode=%%s default: (library default: none)\n" \ + " options: none, optional, required\n" \ + " cert_req_ca_list=%%d default: 1 (send ca list)\n" \ + " options: 1 (send ca list), 0 (don't send)\n" \ + USAGE_IO \ + USAGE_SSL_ASYNC \ + USAGE_SNI \ + "\n" \ + USAGE_PSK \ + USAGE_CA_CALLBACK \ + USAGE_ECJPAKE \ + "\n" \ + " allow_legacy=%%d default: (library default: no)\n" \ + USAGE_RENEGO \ + " exchanges=%%d default: 1\n" \ + "\n" \ + USAGE_TICKETS \ + USAGE_CACHE \ + USAGE_MAX_FRAG_LEN \ + USAGE_TRUNC_HMAC \ + USAGE_ALPN \ + USAGE_EMS \ + USAGE_ETM \ + USAGE_CURVES \ + "\n" \ + " arc4=%%d default: (library default: 0)\n" \ + " allow_sha1=%%d default: 0\n" \ + " min_version=%%s default: (library default: tls1)\n" \ + " max_version=%%s default: (library default: tls1_2)\n" \ + " force_version=%%s default: \"\" (none)\n" \ + " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ + "\n" \ + " version_suites=a,b,c,d per-version ciphersuites\n" \ + " in order from ssl3 to tls1_2\n" \ + " default: all enabled\n" \ + " force_ciphersuite= default: all enabled\n" \ + " query_config= return 0 if the specified\n" \ + " configuration macro is defined and 1\n" \ + " otherwise. The expansion of the macro\n" \ + " is printed if it is defined\n" \ + " acceptable ciphersuite names:\n" + + +#define ALPN_LIST_SIZE 10 +#define CURVE_LIST_SIZE 20 + +#define PUT_UINT64_BE(out_be,in_le,i) \ +{ \ + (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF ); \ + (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF ); \ + (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF ); \ + (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF ); \ + (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF ); \ + (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF ); \ + (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8 ) & 0xFF ); \ + (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ +} + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *server_addr; /* address on which the ssl service runs */ + const char *server_port; /* port on which the ssl service runs */ + int debug_level; /* level of debugging */ + int nbio; /* should I/O be blocking? */ + int event; /* loop or event-driven IO? level or edge triggered? */ + uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */ + int response_size; /* pad response with header to requested size */ + uint16_t buffer_size; /* IO buffer size */ + const char *ca_file; /* the file with the CA certificate(s) */ + const char *ca_path; /* the path with the CA certificate(s) reside */ + const char *crt_file; /* the file with the server certificate */ + const char *key_file; /* the file with the server key */ + const char *crt_file2; /* the file with the 2nd server certificate */ + const char *key_file2; /* the file with the 2nd server key */ + const char *async_operations; /* supported SSL asynchronous operations */ + int async_private_delay1; /* number of times f_async_resume needs to be called for key 1, or -1 for no async */ + int async_private_delay2; /* number of times f_async_resume needs to be called for key 2, or -1 for no async */ + int async_private_error; /* inject error in async private callback */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + int psk_opaque; + int psk_list_opaque; +#endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + int ca_callback; /* Use callback for trusted certificate list */ +#endif + const char *psk; /* the pre-shared key */ + const char *psk_identity; /* the pre-shared key identity */ + char *psk_list; /* list of PSK id/key pairs for callback */ + const char *ecjpake_pw; /* the EC J-PAKE password */ + int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ + const char *version_suites; /* per-version ciphersuites */ + int renegotiation; /* enable / disable renegotiation */ + int allow_legacy; /* allow legacy renegotiation */ + int renegotiate; /* attempt renegotiation? */ + int renego_delay; /* delay before enforcing renegotiation */ + uint64_t renego_period; /* period for automatic renegotiation */ + int exchanges; /* number of data exchanges */ + int min_version; /* minimum protocol version accepted */ + int max_version; /* maximum protocol version accepted */ + int arc4; /* flag for arc4 suites support */ + int allow_sha1; /* flag for SHA-1 support */ + int auth_mode; /* verify mode for connection */ + int cert_req_ca_list; /* should we send the CA list? */ + unsigned char mfl_code; /* code for maximum fragment length */ + int trunc_hmac; /* accept truncated hmac? */ + int tickets; /* enable / disable session tickets */ + int ticket_timeout; /* session ticket lifetime */ + int cache_max; /* max number of session cache entries */ + int cache_timeout; /* expiration delay of session cache entries */ + char *sni; /* string describing sni information */ + const char *curves; /* list of supported elliptic curves */ + const char *alpn_string; /* ALPN supported protocols */ + const char *dhm_file; /* the file with the DH parameters */ + int extended_ms; /* allow negotiation of extended MS? */ + int etm; /* allow negotiation of encrypt-then-MAC? */ + int transport; /* TLS or DTLS? */ + int cookies; /* Use cookies for DTLS? -1 to break them */ + int anti_replay; /* Use anti-replay for DTLS? -1 for default */ + uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ + uint32_t hs_to_max; /* Max value of DTLS handshake timer */ + int dtls_mtu; /* UDP Maximum tranport unit for DTLS */ + int dgram_packing; /* allow/forbid datagram packing */ + int badmac_limit; /* Limit of records with bad MAC */ +} opt; + +int query_config( const char *config ); + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + const char *p, *basename; + + /* Extract basename from file */ + for( p = basename = file; *p != '\0'; p++ ) + if( *p == '/' || *p == '\\' ) + basename = p + 1; + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", basename, line, level, str ); + fflush( (FILE *) ctx ); +} + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) +int ca_callback( void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates) +{ + int ret = 0; + mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; + mbedtls_x509_crt *first; + + /* This is a test-only implementation of the CA callback + * which always returns the entire list of trusted certificates. + * Production implementations managing a large number of CAs + * should use an efficient presentation and lookup for the + * set of trusted certificates (such as a hashtable) and only + * return those trusted certificates which satisfy basic + * parental checks, such as the matching of child `Issuer` + * and parent `Subject` field. */ + ((void) child); + + first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + if( first == NULL ) + { + ret = -1; + goto exit; + } + mbedtls_x509_crt_init( first ); + + if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) + { + ret = -1; + goto exit; + } + + while( ca->next != NULL ) + { + ca = ca->next; + if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) + { + ret = -1; + goto exit; + } + } + +exit: + + if( ret != 0 ) + { + mbedtls_x509_crt_free( first ); + mbedtls_free( first ); + first = NULL; + } + + *candidates = first; + return( ret ); +} +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +/* + * Test recv/send functions that make sure each try returns + * WANT_READ/WANT_WRITE at least once before sucesseding + */ +static int my_recv( void *ctx, unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( MBEDTLS_ERR_SSL_WANT_READ ); + } + + ret = mbedtls_net_recv( ctx, buf, len ); + if( ret != MBEDTLS_ERR_SSL_WANT_READ ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +static int my_send( void *ctx, const unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( MBEDTLS_ERR_SSL_WANT_WRITE ); + } + + ret = mbedtls_net_send( ctx, buf, len ); + if( ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +/* + * Return authmode from string, or -1 on error + */ +static int get_auth_mode( const char *s ) +{ + if( strcmp( s, "none" ) == 0 ) + return( MBEDTLS_SSL_VERIFY_NONE ); + if( strcmp( s, "optional" ) == 0 ) + return( MBEDTLS_SSL_VERIFY_OPTIONAL ); + if( strcmp( s, "required" ) == 0 ) + return( MBEDTLS_SSL_VERIFY_REQUIRED ); + + return( -1 ); +} + +/* + * Used by sni_parse and psk_parse to handle coma-separated lists + */ +#define GET_ITEM( dst ) \ + dst = p; \ + while( *p != ',' ) \ + if( ++p > end ) \ + goto error; \ + *p++ = '\0'; + +#if defined(SNI_OPTION) +typedef struct _sni_entry sni_entry; + +struct _sni_entry { + const char *name; + mbedtls_x509_crt *cert; + mbedtls_pk_context *key; + mbedtls_x509_crt* ca; + mbedtls_x509_crl* crl; + int authmode; + sni_entry *next; +}; + +void sni_free( sni_entry *head ) +{ + sni_entry *cur = head, *next; + + while( cur != NULL ) + { + mbedtls_x509_crt_free( cur->cert ); + mbedtls_free( cur->cert ); + + mbedtls_pk_free( cur->key ); + mbedtls_free( cur->key ); + + mbedtls_x509_crt_free( cur->ca ); + mbedtls_free( cur->ca ); + + mbedtls_x509_crl_free( cur->crl ); + mbedtls_free( cur->crl ); + + next = cur->next; + mbedtls_free( cur ); + cur = next; + } +} + +/* + * Parse a string of sextuples name1,crt1,key1,ca1,crl1,auth1[,...] + * into a usable sni_entry list. For ca1, crl1, auth1, the special value + * '-' means unset. If ca1 is unset, then crl1 is ignored too. + * + * Modifies the input string! This is not production quality! + */ +sni_entry *sni_parse( char *sni_string ) +{ + sni_entry *cur = NULL, *new = NULL; + char *p = sni_string; + char *end = p; + char *crt_file, *key_file, *ca_file, *crl_file, *auth_str; + + while( *end != '\0' ) + ++end; + *end = ','; + + while( p <= end ) + { + if( ( new = mbedtls_calloc( 1, sizeof( sni_entry ) ) ) == NULL ) + { + sni_free( cur ); + return( NULL ); + } + + GET_ITEM( new->name ); + GET_ITEM( crt_file ); + GET_ITEM( key_file ); + GET_ITEM( ca_file ); + GET_ITEM( crl_file ); + GET_ITEM( auth_str ); + + if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL || + ( new->key = mbedtls_calloc( 1, sizeof( mbedtls_pk_context ) ) ) == NULL ) + goto error; + + mbedtls_x509_crt_init( new->cert ); + mbedtls_pk_init( new->key ); + + if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || + mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 ) + goto error; + + if( strcmp( ca_file, "-" ) != 0 ) + { + if( ( new->ca = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ) + goto error; + + mbedtls_x509_crt_init( new->ca ); + + if( mbedtls_x509_crt_parse_file( new->ca, ca_file ) != 0 ) + goto error; + } + + if( strcmp( crl_file, "-" ) != 0 ) + { + if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL ) + goto error; + + mbedtls_x509_crl_init( new->crl ); + + if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 ) + goto error; + } + + if( strcmp( auth_str, "-" ) != 0 ) + { + if( ( new->authmode = get_auth_mode( auth_str ) ) < 0 ) + goto error; + } + else + new->authmode = DFL_AUTH_MODE; + + new->next = cur; + cur = new; + } + + return( cur ); + +error: + sni_free( new ); + sni_free( cur ); + return( NULL ); +} + +/* + * SNI callback. + */ +int sni_callback( void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len ) +{ + const sni_entry *cur = (const sni_entry *) p_info; + + while( cur != NULL ) + { + if( name_len == strlen( cur->name ) && + memcmp( name, cur->name, name_len ) == 0 ) + { + if( cur->ca != NULL ) + mbedtls_ssl_set_hs_ca_chain( ssl, cur->ca, cur->crl ); + + if( cur->authmode != DFL_AUTH_MODE ) + mbedtls_ssl_set_hs_authmode( ssl, cur->authmode ); + + return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) ); + } + + cur = cur->next; + } + + return( -1 ); +} + +#endif /* SNI_OPTION */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + +#define HEX2NUM( c ) \ + if( c >= '0' && c <= '9' ) \ + c -= '0'; \ + else if( c >= 'a' && c <= 'f' ) \ + c -= 'a' - 10; \ + else if( c >= 'A' && c <= 'F' ) \ + c -= 'A' - 10; \ + else \ + return( -1 ); + +/* + * Convert a hex string to bytes. + * Return 0 on success, -1 on error. + */ +int unhexify( unsigned char *output, const char *input, size_t *olen ) +{ + unsigned char c; + size_t j; + + *olen = strlen( input ); + if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN ) + return( -1 ); + *olen /= 2; + + for( j = 0; j < *olen * 2; j += 2 ) + { + c = input[j]; + HEX2NUM( c ); + output[ j / 2 ] = c << 4; + + c = input[j + 1]; + HEX2NUM( c ); + output[ j / 2 ] |= c; + } + + return( 0 ); +} + +typedef struct _psk_entry psk_entry; + +struct _psk_entry +{ + const char *name; + size_t key_len; + unsigned char key[MBEDTLS_PSK_MAX_LEN]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_handle_t slot; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + psk_entry *next; +}; + +/* + * Free a list of psk_entry's + */ +int psk_free( psk_entry *head ) +{ + psk_entry *next; + + while( head != NULL ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; + psa_key_handle_t const slot = head->slot; + + if( slot != 0 ) + { + status = psa_destroy_key( slot ); + if( status != PSA_SUCCESS ) + return( status ); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + next = head->next; + mbedtls_free( head ); + head = next; + } + + return( 0 ); +} + +/* + * Parse a string of pairs name1,key1[,name2,key2[,...]] + * into a usable psk_entry list. + * + * Modifies the input string! This is not production quality! + */ +psk_entry *psk_parse( char *psk_string ) +{ + psk_entry *cur = NULL, *new = NULL; + char *p = psk_string; + char *end = p; + char *key_hex; + + while( *end != '\0' ) + ++end; + *end = ','; + + while( p <= end ) + { + if( ( new = mbedtls_calloc( 1, sizeof( psk_entry ) ) ) == NULL ) + goto error; + + memset( new, 0, sizeof( psk_entry ) ); + + GET_ITEM( new->name ); + GET_ITEM( key_hex ); + + if( unhexify( new->key, key_hex, &new->key_len ) != 0 ) + goto error; + + new->next = cur; + cur = new; + } + + return( cur ); + +error: + psk_free( new ); + psk_free( cur ); + return( 0 ); +} + +/* + * PSK callback + */ +int psk_callback( void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len ) +{ + psk_entry *cur = (psk_entry *) p_info; + + while( cur != NULL ) + { + if( name_len == strlen( cur->name ) && + memcmp( name, cur->name, name_len ) == 0 ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( cur->slot != 0 ) + return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); + else +#endif + return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); + } + + cur = cur->next; + } + + return( -1 ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +static mbedtls_net_context listen_fd, client_fd; + +/* Interruption handler to ensure clean exit (for valgrind testing) */ +#if !defined(_WIN32) +static int received_sigterm = 0; +void term_handler( int sig ) +{ + ((void) sig); + received_sigterm = 1; + mbedtls_net_free( &listen_fd ); /* causes mbedtls_net_accept() to abort */ + mbedtls_net_free( &client_fd ); /* causes net_read() to abort */ +} +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static int ssl_sig_hashes_for_test[] = { +#if defined(MBEDTLS_SHA512_C) + MBEDTLS_MD_SHA512, + MBEDTLS_MD_SHA384, +#endif +#if defined(MBEDTLS_SHA256_C) + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA224, +#endif +#if defined(MBEDTLS_SHA1_C) + /* Allow SHA-1 as we use it extensively in tests. */ + MBEDTLS_MD_SHA1, +#endif + MBEDTLS_MD_NONE +}; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/** Return true if \p ret is a status code indicating that there is an + * operation in progress on an SSL connection, and false if it indicates + * success or a fatal error. + * + * The possible operations in progress are: + * + * - A read, when the SSL input buffer does not contain a full message. + * - A write, when the SSL output buffer contains some data that has not + * been sent over the network yet. + * - An asynchronous callback that has not completed yet. */ +static int mbedtls_status_is_ssl_in_progress( int ret ) +{ + return( ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE || + ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); +} + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) +typedef struct +{ + mbedtls_x509_crt *cert; /*!< Certificate corresponding to the key */ + mbedtls_pk_context *pk; /*!< Private key */ + unsigned delay; /*!< Number of resume steps to go through */ + unsigned pk_owned : 1; /*!< Whether to free the pk object on exit */ +} ssl_async_key_slot_t; + +typedef enum { + SSL_ASYNC_INJECT_ERROR_NONE = 0, /*!< Let the callbacks succeed */ + SSL_ASYNC_INJECT_ERROR_START, /*!< Inject error during start */ + SSL_ASYNC_INJECT_ERROR_CANCEL, /*!< Close the connection after async start */ + SSL_ASYNC_INJECT_ERROR_RESUME, /*!< Inject error during resume */ +#define SSL_ASYNC_INJECT_ERROR_MAX SSL_ASYNC_INJECT_ERROR_RESUME +} ssl_async_inject_error_t; + +typedef struct +{ + ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */ + size_t slots_used; + ssl_async_inject_error_t inject_error; + int (*f_rng)(void *, unsigned char *, size_t); + void *p_rng; +} ssl_async_key_context_t; + +int ssl_async_set_key( ssl_async_key_context_t *ctx, + mbedtls_x509_crt *cert, + mbedtls_pk_context *pk, + int pk_take_ownership, + unsigned delay ) +{ + if( ctx->slots_used >= sizeof( ctx->slots ) / sizeof( *ctx->slots ) ) + return( -1 ); + ctx->slots[ctx->slots_used].cert = cert; + ctx->slots[ctx->slots_used].pk = pk; + ctx->slots[ctx->slots_used].delay = delay; + ctx->slots[ctx->slots_used].pk_owned = pk_take_ownership; + ++ctx->slots_used; + return( 0 ); +} + +#define SSL_ASYNC_INPUT_MAX_SIZE 512 + +typedef enum +{ + ASYNC_OP_SIGN, + ASYNC_OP_DECRYPT, +} ssl_async_operation_type_t; +/* Note that the enum above and the array below need to be kept in sync! + * `ssl_async_operation_names[op]` is the name of op for each value `op` + * of type `ssl_async_operation_type_t`. */ +static const char *const ssl_async_operation_names[] = +{ + "sign", + "decrypt", +}; + +typedef struct +{ + unsigned slot; + ssl_async_operation_type_t operation_type; + mbedtls_md_type_t md_alg; + unsigned char input[SSL_ASYNC_INPUT_MAX_SIZE]; + size_t input_len; + unsigned remaining_delay; +} ssl_async_operation_context_t; + +static int ssl_async_start( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + ssl_async_operation_type_t op_type, + mbedtls_md_type_t md_alg, + const unsigned char *input, + size_t input_len ) +{ + ssl_async_key_context_t *config_data = + mbedtls_ssl_conf_get_async_config_data( ssl->conf ); + unsigned slot; + ssl_async_operation_context_t *ctx = NULL; + const char *op_name = ssl_async_operation_names[op_type]; + + { + char dn[100]; + if( mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject ) > 0 ) + mbedtls_printf( "Async %s callback: looking for DN=%s\n", + op_name, dn ); + } + + /* Look for a private key that matches the public key in cert. + * Since this test code has the private key inside Mbed TLS, + * we call mbedtls_pk_check_pair to match a private key with the + * public key. */ + for( slot = 0; slot < config_data->slots_used; slot++ ) + { + if( mbedtls_pk_check_pair( &cert->pk, + config_data->slots[slot].pk ) == 0 ) + break; + } + if( slot == config_data->slots_used ) + { + mbedtls_printf( "Async %s callback: no key matches this certificate.\n", + op_name ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ); + } + mbedtls_printf( "Async %s callback: using key slot %u, delay=%u.\n", + op_name, slot, config_data->slots[slot].delay ); + + if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START ) + { + mbedtls_printf( "Async %s callback: injected error\n", op_name ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + } + + if( input_len > SSL_ASYNC_INPUT_MAX_SIZE ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + ctx = mbedtls_calloc( 1, sizeof( *ctx ) ); + if( ctx == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ctx->slot = slot; + ctx->operation_type = op_type; + ctx->md_alg = md_alg; + memcpy( ctx->input, input, input_len ); + ctx->input_len = input_len; + ctx->remaining_delay = config_data->slots[slot].delay; + mbedtls_ssl_set_async_operation_data( ssl, ctx ); + + if( ctx->remaining_delay == 0 ) + return( 0 ); + else + return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); +} + +static int ssl_async_sign( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + mbedtls_md_type_t md_alg, + const unsigned char *hash, + size_t hash_len ) +{ + return( ssl_async_start( ssl, cert, + ASYNC_OP_SIGN, md_alg, + hash, hash_len ) ); +} + +static int ssl_async_decrypt( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + const unsigned char *input, + size_t input_len ) +{ + return( ssl_async_start( ssl, cert, + ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE, + input, input_len ) ); +} + +static int ssl_async_resume( mbedtls_ssl_context *ssl, + unsigned char *output, + size_t *output_len, + size_t output_size ) +{ + ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); + ssl_async_key_context_t *config_data = + mbedtls_ssl_conf_get_async_config_data( ssl->conf ); + ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot]; + int ret; + const char *op_name; + + if( ctx->remaining_delay > 0 ) + { + --ctx->remaining_delay; + mbedtls_printf( "Async resume (slot %u): call %u more times.\n", + ctx->slot, ctx->remaining_delay ); + return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + } + + switch( ctx->operation_type ) + { + case ASYNC_OP_DECRYPT: + ret = mbedtls_pk_decrypt( key_slot->pk, + ctx->input, ctx->input_len, + output, output_len, output_size, + config_data->f_rng, config_data->p_rng ); + break; + case ASYNC_OP_SIGN: + ret = mbedtls_pk_sign( key_slot->pk, + ctx->md_alg, + ctx->input, ctx->input_len, + output, output_len, + config_data->f_rng, config_data->p_rng ); + break; + default: + mbedtls_printf( "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n", + ctx->slot, (long) ctx->operation_type ); + mbedtls_free( ctx ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + break; + } + + op_name = ssl_async_operation_names[ctx->operation_type]; + + if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME ) + { + mbedtls_printf( "Async resume callback: %s done but injected error\n", + op_name ); + mbedtls_free( ctx ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + } + + mbedtls_printf( "Async resume (slot %u): %s done, status=%d.\n", + ctx->slot, op_name, ret ); + mbedtls_free( ctx ); + return( ret ); +} + +static void ssl_async_cancel( mbedtls_ssl_context *ssl ) +{ + ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); + mbedtls_printf( "Async cancel callback.\n" ); + mbedtls_free( ctx ); +} +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +/* + * Wait for an event from the underlying transport or the timer + * (Used in event-driven IO mode). + */ +#if !defined(MBEDTLS_TIMING_C) +int idle( mbedtls_net_context *fd, + int idle_reason ) +#else +int idle( mbedtls_net_context *fd, + mbedtls_timing_delay_context *timer, + int idle_reason ) +#endif +{ + int ret; + int poll_type = 0; + + if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE ) + poll_type = MBEDTLS_NET_POLL_WRITE; + else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ ) + poll_type = MBEDTLS_NET_POLL_READ; +#if !defined(MBEDTLS_TIMING_C) + else + return( 0 ); +#endif + + while( 1 ) + { + /* Check if timer has expired */ +#if defined(MBEDTLS_TIMING_C) + if( timer != NULL && + mbedtls_timing_get_delay( timer ) == 2 ) + { + break; + } +#endif /* MBEDTLS_TIMING_C */ + + /* Check if underlying transport became available */ + if( poll_type != 0 ) + { + ret = mbedtls_net_poll( fd, poll_type, 0 ); + if( ret < 0 ) + return( ret ); + if( ret == poll_type ) + break; + } + } + + return( 0 ); +} + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot, + psa_algorithm_t alg, + unsigned char *psk, + size_t psk_len ) +{ + psa_status_t status; + psa_key_policy_t policy; + + policy = psa_key_policy_init(); + psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg ); + + status = psa_set_key_policy( slot, &policy ); + if( status != PSA_SUCCESS ) + { + fprintf( stderr, "POLICY\n" ); + return( status ); + } + + status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len ); + if( status != PSA_SUCCESS ) + { + fprintf( stderr, "IMPORT\n" ); + return( status ); + } + + return( PSA_SUCCESS ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +int main( int argc, char *argv[] ) +{ + int ret = 0, len, written, frags, exchanges_left; + int version_suites[4][2]; + unsigned char* buf = 0; +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_algorithm_t alg = 0; + psa_key_handle_t psk_slot = 0; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + unsigned char psk[MBEDTLS_PSK_MAX_LEN]; + size_t psk_len = 0; + psk_entry *psk_info = NULL; +#endif + const char *pers = "ssl_server2"; + unsigned char client_ip[16] = { 0 }; + size_t cliip_len; +#if defined(MBEDTLS_SSL_COOKIE_C) + mbedtls_ssl_cookie_ctx cookie_ctx; +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; +#endif + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; +#if defined(MBEDTLS_TIMING_C) + mbedtls_timing_delay_context timer; +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + unsigned char renego_period[8] = { 0 }; +#endif +#if defined(MBEDTLS_X509_CRT_PARSE_C) + uint32_t flags; + mbedtls_x509_crt cacert; + mbedtls_x509_crt srvcert; + mbedtls_pk_context pkey; + mbedtls_x509_crt srvcert2; + mbedtls_pk_context pkey2; + int key_cert_init = 0, key_cert_init2 = 0; +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + ssl_async_key_context_t ssl_async_keys; +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_context dhm; +#endif +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context cache; +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + mbedtls_ssl_ticket_context ticket_ctx; +#endif +#if defined(SNI_OPTION) + sni_entry *sni_info = NULL; +#endif +#if defined(MBEDTLS_ECP_C) + mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; + const mbedtls_ecp_curve_info * curve_cur; +#endif +#if defined(MBEDTLS_SSL_ALPN) + const char *alpn_list[ALPN_LIST_SIZE]; +#endif +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + unsigned char alloc_buf[MEMORY_HEAP_SIZE]; +#endif + + int i; + char *p, *q; + const int *list; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; +#endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); +#endif + + /* + * Make sure memory references are valid in case we exit early. + */ + mbedtls_net_init( &client_fd ); + mbedtls_net_init( &listen_fd ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_ctr_drbg_init( &ctr_drbg ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &srvcert ); + mbedtls_pk_init( &pkey ); + mbedtls_x509_crt_init( &srvcert2 ); + mbedtls_pk_init( &pkey2 ); +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) ); +#endif +#endif +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_init( &dhm ); +#endif +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_init( &cache ); +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + mbedtls_ssl_ticket_init( &ticket_ctx ); +#endif +#if defined(MBEDTLS_SSL_ALPN) + memset( (void *) alpn_list, 0, sizeof( alpn_list ) ); +#endif +#if defined(MBEDTLS_SSL_COOKIE_C) + mbedtls_ssl_cookie_init( &cookie_ctx ); +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = psa_crypto_init(); + if( status != PSA_SUCCESS ) + { + mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif + +#if !defined(_WIN32) + /* Abort cleanly on SIGTERM and SIGINT */ + signal( SIGTERM, term_handler ); + signal( SIGINT, term_handler ); +#endif + + if( argc == 0 ) + { + usage: + if( ret == 0 ) + ret = 1; + + mbedtls_printf( USAGE ); + + list = mbedtls_ssl_list_ciphersuites(); + while( *list ) + { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); + list++; + if( !*list ) + break; + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + list++; + } + mbedtls_printf("\n"); + goto exit; + } + + opt.buffer_size = DFL_IO_BUF_LEN; + opt.server_addr = DFL_SERVER_ADDR; + opt.server_port = DFL_SERVER_PORT; + opt.debug_level = DFL_DEBUG_LEVEL; + opt.event = DFL_EVENT; + opt.response_size = DFL_RESPONSE_SIZE; + opt.nbio = DFL_NBIO; + opt.read_timeout = DFL_READ_TIMEOUT; + opt.ca_file = DFL_CA_FILE; + opt.ca_path = DFL_CA_PATH; + opt.crt_file = DFL_CRT_FILE; + opt.key_file = DFL_KEY_FILE; + opt.crt_file2 = DFL_CRT_FILE2; + opt.key_file2 = DFL_KEY_FILE2; + opt.async_operations = DFL_ASYNC_OPERATIONS; + opt.async_private_delay1 = DFL_ASYNC_PRIVATE_DELAY1; + opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2; + opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR; + opt.psk = DFL_PSK; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + opt.psk_opaque = DFL_PSK_OPAQUE; + opt.psk_list_opaque = DFL_PSK_LIST_OPAQUE; +#endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + opt.ca_callback = DFL_CA_CALLBACK; +#endif + opt.psk_identity = DFL_PSK_IDENTITY; + opt.psk_list = DFL_PSK_LIST; + opt.ecjpake_pw = DFL_ECJPAKE_PW; + opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.version_suites = DFL_VERSION_SUITES; + opt.renegotiation = DFL_RENEGOTIATION; + opt.allow_legacy = DFL_ALLOW_LEGACY; + opt.renegotiate = DFL_RENEGOTIATE; + opt.renego_delay = DFL_RENEGO_DELAY; + opt.renego_period = DFL_RENEGO_PERIOD; + opt.exchanges = DFL_EXCHANGES; + opt.min_version = DFL_MIN_VERSION; + opt.max_version = DFL_MAX_VERSION; + opt.arc4 = DFL_ARC4; + opt.allow_sha1 = DFL_SHA1; + opt.auth_mode = DFL_AUTH_MODE; + opt.cert_req_ca_list = DFL_CERT_REQ_CA_LIST; + opt.mfl_code = DFL_MFL_CODE; + opt.trunc_hmac = DFL_TRUNC_HMAC; + opt.tickets = DFL_TICKETS; + opt.ticket_timeout = DFL_TICKET_TIMEOUT; + opt.cache_max = DFL_CACHE_MAX; + opt.cache_timeout = DFL_CACHE_TIMEOUT; + opt.sni = DFL_SNI; + opt.alpn_string = DFL_ALPN_STRING; + opt.curves = DFL_CURVES; + opt.dhm_file = DFL_DHM_FILE; + opt.transport = DFL_TRANSPORT; + opt.cookies = DFL_COOKIES; + opt.anti_replay = DFL_ANTI_REPLAY; + opt.hs_to_min = DFL_HS_TO_MIN; + opt.hs_to_max = DFL_HS_TO_MAX; + opt.dtls_mtu = DFL_DTLS_MTU; + opt.dgram_packing = DFL_DGRAM_PACKING; + opt.badmac_limit = DFL_BADMAC_LIMIT; + opt.extended_ms = DFL_EXTENDED_MS; + opt.etm = DFL_ETM; + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "server_port" ) == 0 ) + opt.server_port = q; + else if( strcmp( p, "server_addr" ) == 0 ) + opt.server_addr = q; + else if( strcmp( p, "dtls" ) == 0 ) + { + int t = atoi( q ); + if( t == 0 ) + opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; + else if( t == 1 ) + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; + else + goto usage; + } + else if( strcmp( p, "debug_level" ) == 0 ) + { + opt.debug_level = atoi( q ); + if( opt.debug_level < 0 || opt.debug_level > 65535 ) + goto usage; + } + else if( strcmp( p, "nbio" ) == 0 ) + { + opt.nbio = atoi( q ); + if( opt.nbio < 0 || opt.nbio > 2 ) + goto usage; + } + else if( strcmp( p, "event" ) == 0 ) + { + opt.event = atoi( q ); + if( opt.event < 0 || opt.event > 2 ) + goto usage; + } + else if( strcmp( p, "read_timeout" ) == 0 ) + opt.read_timeout = atoi( q ); + else if( strcmp( p, "buffer_size" ) == 0 ) + { + opt.buffer_size = atoi( q ); + if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 ) + goto usage; + } + else if( strcmp( p, "response_size" ) == 0 ) + { + opt.response_size = atoi( q ); + if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN ) + goto usage; + if( opt.buffer_size < opt.response_size ) + opt.buffer_size = opt.response_size; + } + else if( strcmp( p, "ca_file" ) == 0 ) + opt.ca_file = q; + else if( strcmp( p, "ca_path" ) == 0 ) + opt.ca_path = q; + else if( strcmp( p, "crt_file" ) == 0 ) + opt.crt_file = q; + else if( strcmp( p, "key_file" ) == 0 ) + opt.key_file = q; + else if( strcmp( p, "crt_file2" ) == 0 ) + opt.crt_file2 = q; + else if( strcmp( p, "key_file2" ) == 0 ) + opt.key_file2 = q; + else if( strcmp( p, "dhm_file" ) == 0 ) + opt.dhm_file = q; +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + else if( strcmp( p, "async_operations" ) == 0 ) + opt.async_operations = q; + else if( strcmp( p, "async_private_delay1" ) == 0 ) + opt.async_private_delay1 = atoi( q ); + else if( strcmp( p, "async_private_delay2" ) == 0 ) + opt.async_private_delay2 = atoi( q ); + else if( strcmp( p, "async_private_error" ) == 0 ) + { + int n = atoi( q ); + if( n < -SSL_ASYNC_INJECT_ERROR_MAX || + n > SSL_ASYNC_INJECT_ERROR_MAX ) + { + ret = 2; + goto usage; + } + opt.async_private_error = n; + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + else if( strcmp( p, "psk" ) == 0 ) + opt.psk = q; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + else if( strcmp( p, "psk_opaque" ) == 0 ) + opt.psk_opaque = atoi( q ); + else if( strcmp( p, "psk_list_opaque" ) == 0 ) + opt.psk_list_opaque = atoi( q ); +#endif +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + else if( strcmp( p, "ca_callback" ) == 0) + opt.ca_callback = atoi( q ); +#endif + else if( strcmp( p, "psk_identity" ) == 0 ) + opt.psk_identity = q; + else if( strcmp( p, "psk_list" ) == 0 ) + opt.psk_list = q; + else if( strcmp( p, "ecjpake_pw" ) == 0 ) + opt.ecjpake_pw = q; + else if( strcmp( p, "force_ciphersuite" ) == 0 ) + { + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + + if( opt.force_ciphersuite[0] == 0 ) + { + ret = 2; + goto usage; + } + opt.force_ciphersuite[1] = 0; + } + else if( strcmp( p, "curves" ) == 0 ) + opt.curves = q; + else if( strcmp( p, "version_suites" ) == 0 ) + opt.version_suites = q; + else if( strcmp( p, "renegotiation" ) == 0 ) + { + opt.renegotiation = (atoi( q )) ? + MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; + } + else if( strcmp( p, "allow_legacy" ) == 0 ) + { + switch( atoi( q ) ) + { + case -1: + opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; + break; + case 0: + opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; + break; + case 1: + opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION; + break; + default: goto usage; + } + } + else if( strcmp( p, "renegotiate" ) == 0 ) + { + opt.renegotiate = atoi( q ); + if( opt.renegotiate < 0 || opt.renegotiate > 1 ) + goto usage; + } + else if( strcmp( p, "renego_delay" ) == 0 ) + { + opt.renego_delay = atoi( q ); + } + else if( strcmp( p, "renego_period" ) == 0 ) + { +#if defined(_MSC_VER) + opt.renego_period = _strtoui64( q, NULL, 10 ); +#else + if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 ) + goto usage; +#endif /* _MSC_VER */ + if( opt.renego_period < 2 ) + goto usage; + } + else if( strcmp( p, "exchanges" ) == 0 ) + { + opt.exchanges = atoi( q ); + if( opt.exchanges < 0 ) + goto usage; + } + else if( strcmp( p, "min_version" ) == 0 ) + { + if( strcmp( q, "ssl3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; + else if( strcmp( q, "tls1" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; + else if( strcmp( q, "tls1_1" ) == 0 || + strcmp( q, "dtls1" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + else if( strcmp( q, "tls1_2" ) == 0 || + strcmp( q, "dtls1_2" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + else + goto usage; + } + else if( strcmp( p, "max_version" ) == 0 ) + { + if( strcmp( q, "ssl3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; + else if( strcmp( q, "tls1" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; + else if( strcmp( q, "tls1_1" ) == 0 || + strcmp( q, "dtls1" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + else if( strcmp( q, "tls1_2" ) == 0 || + strcmp( q, "dtls1_2" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + else + goto usage; + } + else if( strcmp( p, "arc4" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; + case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; + default: goto usage; + } + } + else if( strcmp( p, "allow_sha1" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.allow_sha1 = 0; break; + case 1: opt.allow_sha1 = 1; break; + default: goto usage; + } + } + else if( strcmp( p, "force_version" ) == 0 ) + { + if( strcmp( q, "ssl3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; + } + else if( strcmp( q, "tls1" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; + } + else if( strcmp( q, "tls1_1" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + } + else if( strcmp( q, "tls1_2" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + } + else if( strcmp( q, "dtls1" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; + } + else if( strcmp( q, "dtls1_2" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; + } + else + goto usage; + } + else if( strcmp( p, "auth_mode" ) == 0 ) + { + if( ( opt.auth_mode = get_auth_mode( q ) ) < 0 ) + goto usage; + } + else if( strcmp( p, "cert_req_ca_list" ) == 0 ) + { + opt.cert_req_ca_list = atoi( q ); + if( opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1 ) + goto usage; + } + else if( strcmp( p, "max_frag_len" ) == 0 ) + { + if( strcmp( q, "512" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; + else if( strcmp( q, "1024" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; + else if( strcmp( q, "2048" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; + else if( strcmp( q, "4096" ) == 0 ) + opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; + else + goto usage; + } + else if( strcmp( p, "alpn" ) == 0 ) + { + opt.alpn_string = q; + } + else if( strcmp( p, "trunc_hmac" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; + case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; + default: goto usage; + } + } + else if( strcmp( p, "extended_ms" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: + opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; + break; + case 1: + opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; + break; + default: goto usage; + } + } + else if( strcmp( p, "etm" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; + case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; + default: goto usage; + } + } + else if( strcmp( p, "tickets" ) == 0 ) + { + opt.tickets = atoi( q ); + if( opt.tickets < 0 || opt.tickets > 1 ) + goto usage; + } + else if( strcmp( p, "ticket_timeout" ) == 0 ) + { + opt.ticket_timeout = atoi( q ); + if( opt.ticket_timeout < 0 ) + goto usage; + } + else if( strcmp( p, "cache_max" ) == 0 ) + { + opt.cache_max = atoi( q ); + if( opt.cache_max < 0 ) + goto usage; + } + else if( strcmp( p, "cache_timeout" ) == 0 ) + { + opt.cache_timeout = atoi( q ); + if( opt.cache_timeout < 0 ) + goto usage; + } + else if( strcmp( p, "cookies" ) == 0 ) + { + opt.cookies = atoi( q ); + if( opt.cookies < -1 || opt.cookies > 1) + goto usage; + } + else if( strcmp( p, "anti_replay" ) == 0 ) + { + opt.anti_replay = atoi( q ); + if( opt.anti_replay < 0 || opt.anti_replay > 1) + goto usage; + } + else if( strcmp( p, "badmac_limit" ) == 0 ) + { + opt.badmac_limit = atoi( q ); + if( opt.badmac_limit < 0 ) + goto usage; + } + else if( strcmp( p, "hs_timeout" ) == 0 ) + { + if( ( p = strchr( q, '-' ) ) == NULL ) + goto usage; + *p++ = '\0'; + opt.hs_to_min = atoi( q ); + opt.hs_to_max = atoi( p ); + if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) + goto usage; + } + else if( strcmp( p, "mtu" ) == 0 ) + { + opt.dtls_mtu = atoi( q ); + if( opt.dtls_mtu < 0 ) + goto usage; + } + else if( strcmp( p, "dgram_packing" ) == 0 ) + { + opt.dgram_packing = atoi( q ); + if( opt.dgram_packing != 0 && + opt.dgram_packing != 1 ) + { + goto usage; + } + } + else if( strcmp( p, "sni" ) == 0 ) + { + opt.sni = q; + } + else if( strcmp( p, "query_config" ) == 0 ) + { + return query_config( q ); + } + else + goto usage; + } + + /* Event-driven IO is incompatible with the above custom + * receive and send functions, as the polling builds on + * refers to the underlying net_context. */ + if( opt.event == 1 && opt.nbio != 1 ) + { + mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); + opt.nbio = 1; + } + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( opt.debug_level ); +#endif + buf = mbedtls_calloc( 1, opt.buffer_size + 1 ); + if( buf == NULL ) + { + mbedtls_printf( "Could not allocate %u bytes\n", opt.buffer_size ); + ret = 3; + goto exit; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + if( strlen( opt.psk ) == 0 ) + { + mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); + ret = 2; + goto usage; + } + + if( opt.force_ciphersuite[0] <= 0 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + } + + if( opt.psk_list_opaque != 0 ) + { + if( opt.psk_list == NULL ) + { + mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + ret = 2; + goto usage; + } + + if( opt.force_ciphersuite[0] <= 0 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if( opt.force_ciphersuite[0] > 0 ) + { + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + ciphersuite_info = + mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + + if( opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version ) + { + mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + ret = 2; + goto usage; + } + if( opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version ) + { + mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + ret = 2; + goto usage; + } + + /* If we select a version that's not supported by + * this suite, then there will be no common ciphersuite... */ + if( opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver ) + { + opt.max_version = ciphersuite_info->max_minor_ver; + } + if( opt.min_version < ciphersuite_info->min_minor_ver ) + { + opt.min_version = ciphersuite_info->min_minor_ver; + /* DTLS starts with TLS 1.1 */ + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } + + /* Enable RC4 if needed and not explicitly disabled */ + if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + { + if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) + { + mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); + ret = 2; + goto usage; + } + + opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 ) + { + /* Ensure that the chosen ciphersuite is PSK-only; we must know + * the ciphersuite in advance to set the correct policy for the + * PSK key slot. This limitation might go away in the future. */ + if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || + opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) + { + mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + ret = 2; + goto usage; + } + + /* Determine KDF algorithm the opaque PSK will be used in. */ +#if defined(MBEDTLS_SHA512_C) + if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); + else +#endif /* MBEDTLS_SHA512_C */ + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + } + + if( opt.version_suites != NULL ) + { + const char *name[4] = { 0 }; + + /* Parse 4-element coma-separated list */ + for( i = 0, p = (char *) opt.version_suites; + i < 4 && *p != '\0'; + i++ ) + { + name[i] = p; + + /* Terminate the current string and move on to next one */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + } + + if( i != 4 ) + { + mbedtls_printf( "too few values for version_suites\n" ); + ret = 1; + goto exit; + } + + memset( version_suites, 0, sizeof( version_suites ) ); + + /* Get the suites identifiers from their name */ + for( i = 0; i < 4; i++ ) + { + version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] ); + + if( version_suites[i][0] == 0 ) + { + mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] ); + ret = 2; + goto usage; + } + } + } + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + /* + * Unhexify the pre-shared key and parse the list if any given + */ + if( unhexify( psk, opt.psk, &psk_len ) != 0 ) + { + mbedtls_printf( "pre-shared key not valid hex\n" ); + goto exit; + } + + if( opt.psk_list != NULL ) + { + if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL ) + { + mbedtls_printf( "psk_list invalid" ); + goto exit; + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_ECP_C) + if( opt.curves != NULL ) + { + p = (char *) opt.curves; + i = 0; + + if( strcmp( p, "none" ) == 0 ) + { + curve_list[0] = MBEDTLS_ECP_DP_NONE; + } + else if( strcmp( p, "default" ) != 0 ) + { + /* Leave room for a final NULL in curve list */ + while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) + { + q = p; + + /* Terminate the current string */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + + if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) + { + curve_list[i++] = curve_cur->grp_id; + } + else + { + mbedtls_printf( "unknown curve %s\n", q ); + mbedtls_printf( "supported curves: " ); + for( curve_cur = mbedtls_ecp_curve_list(); + curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; + curve_cur++ ) + { + mbedtls_printf( "%s ", curve_cur->name ); + } + mbedtls_printf( "\n" ); + goto exit; + } + } + + mbedtls_printf("Number of curves: %d\n", i ); + + if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) + { + mbedtls_printf( "curves list too long, maximum %d", + CURVE_LIST_SIZE - 1 ); + goto exit; + } + + curve_list[i] = MBEDTLS_ECP_DP_NONE; + } + } +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_SSL_ALPN) + if( opt.alpn_string != NULL ) + { + p = (char *) opt.alpn_string; + i = 0; + + /* Leave room for a final NULL in alpn_list */ + while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) + { + alpn_list[i++] = p; + + /* Terminate the current string and move on to next one */ + while( *p != ',' && *p != '\0' ) + p++; + if( *p == ',' ) + *p++ = '\0'; + } + } +#endif /* MBEDTLS_SSL_ALPN */ + + /* + * 0. Initialize the RNG and the session data + */ + mbedtls_printf( "\n . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* + * 1.1. Load the trusted CA + */ + mbedtls_printf( " . Loading the CA root certificate ..." ); + fflush( stdout ); + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.ca_path ) ) + if( strcmp( opt.ca_path, "none" ) == 0 ) + ret = 0; + else + ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); + else if( strlen( opt.ca_file ) ) + if( strcmp( opt.ca_file, "none" ) == 0 ) + ret = 0; + else + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); + else +#endif +#if defined(MBEDTLS_CERTS_C) + for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) + { + ret = mbedtls_x509_crt_parse( &cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i] ); + if( ret != 0 ) + break; + } +#else + { + ret = 1; + mbedtls_printf("MBEDTLS_CERTS_C not defined."); + } +#endif + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_printf( " ok (%d skipped)\n", ret ); + + /* + * 1.2. Load own certificate and private key + */ + mbedtls_printf( " . Loading the server cert. and key..." ); + fflush( stdout ); + +#if defined(MBEDTLS_FS_IO) + if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 ) + { + key_cert_init++; + if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", + -ret ); + goto exit; + } + } + if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 ) + { + key_cert_init++; + if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", -ret ); + goto exit; + } + } + if( key_cert_init == 1 ) + { + mbedtls_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" ); + goto exit; + } + + if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 ) + { + key_cert_init2++; + if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", + -ret ); + goto exit; + } + } + if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 ) + { + key_cert_init2++; + if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, "" ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", + -ret ); + goto exit; + } + } + if( key_cert_init2 == 1 ) + { + mbedtls_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" ); + goto exit; + } +#endif + if( key_cert_init == 0 && + strcmp( opt.crt_file, "none" ) != 0 && + strcmp( opt.key_file, "none" ) != 0 && + key_cert_init2 == 0 && + strcmp( opt.crt_file2, "none" ) != 0 && + strcmp( opt.key_file2, "none" ) != 0 ) + { +#if !defined(MBEDTLS_CERTS_C) + mbedtls_printf( "Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n" ); + goto exit; +#else +#if defined(MBEDTLS_RSA_C) + if( ( ret = mbedtls_x509_crt_parse( &srvcert, + (const unsigned char *) mbedtls_test_srv_crt_rsa, + mbedtls_test_srv_crt_rsa_len ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + -ret ); + goto exit; + } + if( ( ret = mbedtls_pk_parse_key( &pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa, + mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", + -ret ); + goto exit; + } + key_cert_init = 2; +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECDSA_C) + if( ( ret = mbedtls_x509_crt_parse( &srvcert2, + (const unsigned char *) mbedtls_test_srv_crt_ec, + mbedtls_test_srv_crt_ec_len ) ) != 0 ) + { + mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", + -ret ); + goto exit; + } + if( ( ret = mbedtls_pk_parse_key( &pkey2, + (const unsigned char *) mbedtls_test_srv_key_ec, + mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", + -ret ); + goto exit; + } + key_cert_init2 = 2; +#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_CERTS_C */ + } + + mbedtls_printf( " ok\n" ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + if( opt.dhm_file != NULL ) + { + mbedtls_printf( " . Loading DHM parameters..." ); + fflush( stdout ); + + if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", + -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } +#endif + +#if defined(SNI_OPTION) + if( opt.sni != NULL ) + { + mbedtls_printf( " . Setting up SNI information..." ); + fflush( stdout ); + + if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) + { + mbedtls_printf( " failed\n" ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } +#endif /* SNI_OPTION */ + + /* + * 2. Setup the listening TCP socket + */ + mbedtls_printf( " . Bind on %s://%s:%s/ ...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr ? opt.server_addr : "*", + opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 3. Setup stuff + */ + mbedtls_printf( " . Setting up the SSL/TLS structure..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_SERVER, + opt.transport, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret ); + goto exit; + } + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* The default algorithms profile disables SHA-1, but our tests still + rely on it heavily. Hence we allow it here. A real-world server + should use the default profile unless there is a good reason not to. */ + if( opt.allow_sha1 > 0 ) + { + crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); + mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); + mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); + } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( opt.auth_mode != DFL_AUTH_MODE ) + mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); + + if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST ) + mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) + mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max ); + + if( opt.dgram_packing != DFL_DGRAM_PACKING ) + mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret ); + goto exit; + }; +#endif + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + if( opt.trunc_hmac != DFL_TRUNC_HMAC ) + mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + if( opt.extended_ms != DFL_EXTENDED_MS ) + mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( opt.etm != DFL_ETM ) + mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); +#endif + +#if defined(MBEDTLS_SSL_ALPN) + if( opt.alpn_string != NULL ) + if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret ); + goto exit; + } +#endif + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + +#if defined(MBEDTLS_SSL_CACHE_C) + if( opt.cache_max != -1 ) + mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); + + if( opt.cache_timeout != -1 ) + mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); + + mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_cache_get, + mbedtls_ssl_cache_set ); +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED ) + { + if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg, + MBEDTLS_CIPHER_AES_256_GCM, + opt.ticket_timeout ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_conf_session_tickets_cb( &conf, + mbedtls_ssl_ticket_write, + mbedtls_ssl_ticket_parse, + &ticket_ctx ); + } +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { +#if defined(MBEDTLS_SSL_COOKIE_C) + if( opt.cookies > 0 ) + { + if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); + goto exit; + } + + mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, + &cookie_ctx ); + } + else +#endif /* MBEDTLS_SSL_COOKIE_C */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( opt.cookies == 0 ) + { + mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL ); + } + else +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + { + ; /* Nothing to do */ + } + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( opt.anti_replay != DFL_ANTI_REPLAY ) + mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay ); +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + if( opt.badmac_limit != DFL_BADMAC_LIMIT ) + mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit ); +#endif + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) + mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + +#if defined(MBEDTLS_ARC4_C) + if( opt.arc4 != DFL_ARC4 ) + mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); +#endif + + if( opt.version_suites != NULL ) + { + mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_0 ); + mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_1 ); + mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_2 ); + mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3 ); + } + + if( opt.allow_legacy != DFL_ALLOW_LEGACY ) + mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); + + if( opt.renego_delay != DFL_RENEGO_DELAY ) + mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay ); + + if( opt.renego_period != DFL_RENEGO_PERIOD ) + { + PUT_UINT64_BE( renego_period, opt.renego_period, 0 ); + mbedtls_ssl_conf_renegotiation_period( &conf, renego_period ); + } +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( strcmp( opt.ca_path, "none" ) != 0 && + strcmp( opt.ca_file, "none" ) != 0 ) + { +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + if( opt.ca_callback != 0 ) + mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert); + else +#endif + mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + } + if( key_cert_init ) + { + mbedtls_pk_context *pk = &pkey; +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( opt.async_private_delay1 >= 0 ) + { + ret = ssl_async_set_key( &ssl_async_keys, &srvcert, pk, 0, + opt.async_private_delay1 ); + if( ret < 0 ) + { + mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", + ret ); + goto exit; + } + pk = NULL; + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, pk ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + } + if( key_cert_init2 ) + { + mbedtls_pk_context *pk = &pkey2; +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( opt.async_private_delay2 >= 0 ) + { + ret = ssl_async_set_key( &ssl_async_keys, &srvcert2, pk, 0, + opt.async_private_delay2 ); + if( ret < 0 ) + { + mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", + ret ); + goto exit; + } + pk = NULL; + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, pk ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + goto exit; + } + } + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( opt.async_operations[0] != '-' ) + { + mbedtls_ssl_async_sign_t *sign = NULL; + mbedtls_ssl_async_decrypt_t *decrypt = NULL; + const char *r; + for( r = opt.async_operations; *r; r++ ) + { + switch( *r ) + { + case 'd': + decrypt = ssl_async_decrypt; + break; + case 's': + sign = ssl_async_sign; + break; + } + } + ssl_async_keys.inject_error = ( opt.async_private_error < 0 ? + - opt.async_private_error : + opt.async_private_error ); + ssl_async_keys.f_rng = mbedtls_ctr_drbg_random; + ssl_async_keys.p_rng = &ctr_drbg; + mbedtls_ssl_conf_async_private_cb( &conf, + sign, + decrypt, + ssl_async_resume, + ssl_async_cancel, + &ssl_async_keys ); + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(SNI_OPTION) + if( opt.sni != NULL ) + { + mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info ); +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( opt.async_private_delay2 >= 0 ) + { + sni_entry *cur; + for( cur = sni_info; cur != NULL; cur = cur->next ) + { + ret = ssl_async_set_key( &ssl_async_keys, + cur->cert, cur->key, 1, + opt.async_private_delay2 ); + if( ret < 0 ) + { + mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", + ret ); + goto exit; + } + cur->key = NULL; + } + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + } +#endif + +#if defined(MBEDTLS_ECP_C) + if( opt.curves != NULL && + strcmp( opt.curves, "default" ) != 0 ) + { + mbedtls_ssl_conf_curves( &conf, curve_list ); + } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + + if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + status = psa_allocate_key( &psk_slot ); + if( status != PSA_SUCCESS ) + { + fprintf( stderr, "ALLOC FAIL\n" ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + /* The algorithm has already been determined earlier. */ + status = psa_setup_psk_key_slot( psk_slot, alg, psk, psk_len ); + if( status != PSA_SUCCESS ) + { + fprintf( stderr, "SETUP FAIL\n" ); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret ); + goto exit; + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen( opt.psk_identity ) ) ) != 0 ) + { + mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret ); + goto exit; + } + } + + if( opt.psk_list != NULL ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_list_opaque != 0 ) + { + psk_entry *cur_psk; + for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) + { + status = psa_allocate_key( &cur_psk->slot ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + + status = psa_setup_psk_key_slot( cur_psk->slot, alg, + cur_psk->key, + cur_psk->key_len ); + if( status != PSA_SUCCESS ) + { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info ); + } +#endif + +#if defined(MBEDTLS_DHM_C) + /* + * Use different group than default DHM group + */ +#if defined(MBEDTLS_FS_IO) + if( opt.dhm_file != NULL ) + ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm ); +#endif + if( ret != 0 ) + { + mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret ); + goto exit; + } +#endif + + if( opt.min_version != DFL_MIN_VERSION ) + mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); + + if( opt.max_version != DFL_MIN_VERSION ) + mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret ); + goto exit; + } + + if( opt.nbio == 2 ) + mbedtls_ssl_set_bio( &ssl, &client_fd, my_send, my_recv, NULL ); + else + mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( opt.dtls_mtu != DFL_DTLS_MTU ) + mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); +#endif + +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay ); +#endif + + mbedtls_printf( " ok\n" ); + +reset: +#if !defined(_WIN32) + if( received_sigterm ) + { + mbedtls_printf( " interrupted by SIGTERM (not in net_accept())\n" ); + if( ret == MBEDTLS_ERR_NET_INVALID_CONTEXT ) + ret = 0; + + goto exit; + } +#endif + + if( ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) + { + mbedtls_printf( " ! Client initiated reconnection from same port\n" ); + goto handshake; + } + +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + + mbedtls_net_free( &client_fd ); + + mbedtls_ssl_session_reset( &ssl ); + + /* + * 3. Wait until a client connects + */ + mbedtls_printf( " . Waiting for a remote connection ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) + { +#if !defined(_WIN32) + if( received_sigterm ) + { + mbedtls_printf( " interrupted by SIGTERM (in net_accept())\n" ); + if( ret == MBEDTLS_ERR_NET_ACCEPT_FAILED ) + ret = 0; + + goto exit; + } +#endif + + mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", -ret ); + goto exit; + } + + if( opt.nbio > 0 ) + ret = mbedtls_net_set_nonblock( &client_fd ); + else + ret = mbedtls_net_set_block( &client_fd ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret ); + goto exit; + } + + mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, + client_ip, cliip_len ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", + -ret ); + goto exit; + } + } +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) + { + if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, + (const unsigned char *) opt.ecjpake_pw, + strlen( opt.ecjpake_pw ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret ); + goto exit; + } + } +#endif + + mbedtls_printf( " ok\n" ); + + /* + * 4. Handshake + */ +handshake: + mbedtls_printf( " . Performing the SSL/TLS handshake..." ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && + ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL ) + { + mbedtls_printf( " cancelling on injected error\n" ); + break; + } +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + + if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + break; + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + ret = idle( &client_fd, &timer, ret ); +#else + ret = idle( &client_fd, ret ); +#endif + if( ret != 0 ) + goto reset; + } + } + + if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) + { + mbedtls_printf( " hello verification requested\n" ); + ret = 0; + goto reset; + } + else if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + { + char vrfy_buf[512]; + flags = mbedtls_ssl_get_verify_result( &ssl ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } +#endif + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( opt.async_private_error < 0 ) + /* Injected error only the first time round, to test reset */ + ssl_async_keys.inject_error = SSL_ASYNC_INJECT_ERROR_NONE; +#endif + goto reset; + } + else /* ret == 0 */ + { + mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) ); + } + + if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) + mbedtls_printf( " [ Record expansion is %d ]\n", ret ); + else + mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + mbedtls_printf( " [ Maximum fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_max_frag_len( &ssl ) ); +#endif + +#if defined(MBEDTLS_SSL_ALPN) + if( opt.alpn_string != NULL ) + { + const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); + mbedtls_printf( " [ Application Layer Protocol is %s ]\n", + alp ? alp : "(none)" ); + } +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /* + * 5. Verify the client certificate + */ + mbedtls_printf( " . Verifying peer X.509 certificate..." ); + + if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) + { + char vrfy_buf[512]; + + mbedtls_printf( " failed\n" ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } + else + mbedtls_printf( " ok\n" ); + + if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) + { + char crt_buf[512]; + + mbedtls_printf( " . Peer certificate information ...\n" ); + mbedtls_x509_crt_info( crt_buf, sizeof( crt_buf ), " ", + mbedtls_ssl_get_peer_cert( &ssl ) ); + mbedtls_printf( "%s\n", crt_buf ); + } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( opt.exchanges == 0 ) + goto close_notify; + + exchanges_left = opt.exchanges; +data_exchange: + /* + * 6. Read the HTTP Request + */ + mbedtls_printf( " < Read from client:" ); + fflush( stdout ); + + /* + * TLS and DTLS need different reading styles (stream vs datagram) + */ + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) + { + do + { + int terminated = 0; + len = opt.buffer_size - 1; + memset( buf, 0, opt.buffer_size ); + ret = mbedtls_ssl_read( &ssl, buf, len ); + + if( mbedtls_status_is_ssl_in_progress( ret ) ) + { + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &client_fd, &timer, ret ); +#else + idle( &client_fd, ret ); +#endif + } + + continue; + } + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); + goto close_notify; + + case 0: + case MBEDTLS_ERR_NET_CONN_RESET: + mbedtls_printf( " connection was reset by peer\n" ); + ret = MBEDTLS_ERR_NET_CONN_RESET; + goto reset; + + default: + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); + goto reset; + } + } + + if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 ) + { + len = ret; + buf[len] = '\0'; + mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf ); + + /* End of message should be detected according to the syntax of the + * application protocol (eg HTTP), just use a dummy test here. */ + if( buf[len - 1] == '\n' ) + terminated = 1; + } + else + { + int extra_len, ori_len; + unsigned char *larger_buf; + + ori_len = ret; + extra_len = (int) mbedtls_ssl_get_bytes_avail( &ssl ); + + larger_buf = mbedtls_calloc( 1, ori_len + extra_len + 1 ); + if( larger_buf == NULL ) + { + mbedtls_printf( " ! memory allocation failed\n" ); + ret = 1; + goto reset; + } + + memset( larger_buf, 0, ori_len + extra_len ); + memcpy( larger_buf, buf, ori_len ); + + /* This read should never fail and get the whole cached data */ + ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len ); + if( ret != extra_len || + mbedtls_ssl_get_bytes_avail( &ssl ) != 0 ) + { + mbedtls_printf( " ! mbedtls_ssl_read failed on cached data\n" ); + ret = 1; + goto reset; + } + + larger_buf[ori_len + extra_len] = '\0'; + mbedtls_printf( " %u bytes read (%u + %u)\n\n%s\n", + ori_len + extra_len, ori_len, extra_len, + (char *) larger_buf ); + + /* End of message should be detected according to the syntax of the + * application protocol (eg HTTP), just use a dummy test here. */ + if( larger_buf[ori_len + extra_len - 1] == '\n' ) + terminated = 1; + + mbedtls_free( larger_buf ); + } + + if( terminated ) + { + ret = 0; + break; + } + } + while( 1 ); + } + else /* Not stream, so datagram */ + { + len = opt.buffer_size - 1; + memset( buf, 0, opt.buffer_size ); + + do + { + /* Without the call to `mbedtls_ssl_check_pending`, it might + * happen that the client sends application data in the same + * datagram as the Finished message concluding the handshake. + * In this case, the application data would be ready to be + * processed while the underlying transport wouldn't signal + * any further incoming data. + * + * See the test 'Event-driven I/O: session-id resume, UDP packing' + * in tests/ssl-opt.sh. + */ + + /* For event-driven IO, wait for socket to become available */ + if( mbedtls_ssl_check_pending( &ssl ) == 0 && + opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ ); +#else + idle( &client_fd, MBEDTLS_ERR_SSL_WANT_READ ); +#endif + } + + ret = mbedtls_ssl_read( &ssl, buf, len ); + + /* Note that even if `mbedtls_ssl_check_pending` returns true, + * it can happen that the subsequent call to `mbedtls_ssl_read` + * returns `MBEDTLS_ERR_SSL_WANT_READ`, because the pending messages + * might be discarded (e.g. because they are retransmissions). */ + } + while( mbedtls_status_is_ssl_in_progress( ret ) ); + + if( ret <= 0 ) + { + switch( ret ) + { + case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: + mbedtls_printf( " connection was closed gracefully\n" ); + ret = 0; + goto close_notify; + + default: + mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret ); + goto reset; + } + } + + len = ret; + buf[len] = '\0'; + mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + ret = 0; + } + + /* + * 7a. Request renegotiation while client is waiting for input from us. + * (only on the first exchange, to be able to test retransmission) + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( opt.renegotiate && exchanges_left == opt.exchanges ) + { + mbedtls_printf( " . Requestion renegotiation..." ); + fflush( stdout ); + + while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) + { + if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret ); + goto reset; + } + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &client_fd, &timer, ret ); +#else + idle( &client_fd, ret ); +#endif + } + } + + mbedtls_printf( " ok\n" ); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + /* + * 7. Write the 200 Response + */ + mbedtls_printf( " > Write to client:" ); + fflush( stdout ); + + len = sprintf( (char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite( &ssl ) ); + + /* Add padding to the response to reach opt.response_size in length */ + if( opt.response_size != DFL_RESPONSE_SIZE && + len < opt.response_size ) + { + memset( buf + len, 'B', opt.response_size - len ); + len += opt.response_size - len; + } + + /* Truncate if response size is smaller than the "natural" size */ + if( opt.response_size != DFL_RESPONSE_SIZE && + len > opt.response_size ) + { + len = opt.response_size; + + /* Still end with \r\n unless that's really not possible */ + if( len >= 2 ) buf[len - 2] = '\r'; + if( len >= 1 ) buf[len - 1] = '\n'; + } + + if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) + { + for( written = 0, frags = 0; written < len; written += ret, frags++ ) + { + while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) ) + <= 0 ) + { + if( ret == MBEDTLS_ERR_NET_CONN_RESET ) + { + mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); + goto reset; + } + + if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + goto reset; + } + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &client_fd, &timer, ret ); +#else + idle( &client_fd, ret ); +#endif + } + } + } + } + else /* Not stream, so datagram */ + { + while( 1 ) + { + ret = mbedtls_ssl_write( &ssl, buf, len ); + + if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + break; + + /* For event-driven IO, wait for socket to become available */ + if( opt.event == 1 /* level triggered IO */ ) + { +#if defined(MBEDTLS_TIMING_C) + idle( &client_fd, &timer, ret ); +#else + idle( &client_fd, ret ); +#endif + } + } + + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + goto reset; + } + + frags = 1; + written = ret; + } + + buf[written] = '\0'; + mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); + ret = 0; + + /* + * 7b. Continue doing data exchanges? + */ + if( --exchanges_left > 0 ) + goto data_exchange; + + /* + * 8. Done, cleanly close the connection + */ +close_notify: + mbedtls_printf( " . Closing the connection..." ); + + /* No error checking, the connection might be closed already */ + do ret = mbedtls_ssl_close_notify( &ssl ); + while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + ret = 0; + + mbedtls_printf( " done\n" ); + + goto reset; + + /* + * Cleanup and exit + */ +exit: +#ifdef MBEDTLS_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf("Last error was: -0x%X - %s\n\n", -ret, error_buf ); + } +#endif + + mbedtls_printf( " . Cleaning up..." ); + fflush( stdout ); + + mbedtls_net_free( &client_fd ); + mbedtls_net_free( &listen_fd ); + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_free( &dhm ); +#endif +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt_free( &cacert ); + mbedtls_x509_crt_free( &srvcert ); + mbedtls_pk_free( &pkey ); + mbedtls_x509_crt_free( &srvcert2 ); + mbedtls_pk_free( &pkey2 ); +#endif +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + for( i = 0; (size_t) i < ssl_async_keys.slots_used; i++ ) + { + if( ssl_async_keys.slots[i].pk_owned ) + { + mbedtls_pk_free( ssl_async_keys.slots[i].pk ); + mbedtls_free( ssl_async_keys.slots[i].pk ); + ssl_async_keys.slots[i].pk = NULL; + } + } +#endif +#if defined(SNI_OPTION) + sni_free( sni_info ); +#endif +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( ( ret = psk_free( psk_info ) ) != 0 ) + mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret ); +#endif +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) + mbedtls_dhm_free( &dhm ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) + if( opt.psk_opaque != 0 ) + { + /* This is ok even if the slot hasn't been + * initialized (we might have jumed here + * immediately because of bad cmd line params, + * for example). */ + status = psa_destroy_key( psk_slot ); + if( status != PSA_SUCCESS ) + { + mbedtls_printf( "Failed to destroy key slot %u - error was %d", + (unsigned) psk_slot, (int) status ); + } + } +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && + MBEDTLS_USE_PSA_CRYPTO */ + + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free( &cache ); +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + mbedtls_ssl_ticket_free( &ticket_ctx ); +#endif +#if defined(MBEDTLS_SSL_COOKIE_C) + mbedtls_ssl_cookie_free( &cookie_ctx ); +#endif + + mbedtls_free( buf ); + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_memory_buffer_alloc_status(); +#endif + mbedtls_memory_buffer_alloc_free(); +#endif + + mbedtls_printf( " done.\n" ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + // Shell can not handle large exit numbers -> 1 for errors + if( ret < 0 ) + ret = 1; + + return( ret ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_CTR_DRBG_C */ diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 2b455ee01..59f8d54f1 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -13,6 +13,9 @@ if(TEST_CPP) target_link_libraries(cpp_dummy_build ${libs}) endif() +add_executable(udp_proxy udp_proxy.c) +target_link_libraries(udp_proxy ${libs}) + add_executable(zeroize zeroize.c) target_link_libraries(zeroize ${libs}) @@ -20,6 +23,6 @@ add_executable(query_compile_time_config query_compile_time_config.c) target_sources(query_compile_time_config PUBLIC query_config.c) target_link_libraries(query_compile_time_config ${libs}) -install(TARGETS selftest benchmark query_compile_time_config +install(TARGETS selftest benchmark udp_proxy query_compile_time_config DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c new file mode 100644 index 000000000..41739d057 --- /dev/null +++ b/programs/test/udp_proxy.c @@ -0,0 +1,944 @@ +/* + * UDP proxy: emulate an unreliable UDP connexion for DTLS testing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* + * Warning: this is an internal utility program we use for tests. + * It does break some abstractions from the NET layer, and is thus NOT an + * example of good general usage. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_printf printf +#define mbedtls_calloc calloc +#define mbedtls_free free +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_NET_C) +int main( void ) +{ + mbedtls_printf( "MBEDTLS_NET_C not defined.\n" ); + return( 0 ); +} +#else + +#include "mbedtls/net_sockets.h" +#include "mbedtls/error.h" +#include "mbedtls/ssl.h" +#include "mbedtls/timing.h" + +#include + +/* For select() */ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) +#include +#include +#if defined(_MSC_VER) +#if defined(_WIN32_WCE) +#pragma comment( lib, "ws2.lib" ) +#else +#pragma comment( lib, "ws2_32.lib" ) +#endif +#endif /* _MSC_VER */ +#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ +#include +#include +#include +#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ + +#define MAX_MSG_SIZE 16384 + 2048 /* max record/datagram size */ + +#define DFL_SERVER_ADDR "localhost" +#define DFL_SERVER_PORT "4433" +#define DFL_LISTEN_ADDR "localhost" +#define DFL_LISTEN_PORT "5556" +#define DFL_PACK 0 + +#if defined(MBEDTLS_TIMING_C) +#define USAGE_PACK \ + " pack=%%d default: 0 (don't pack)\n" \ + " options: t > 0 (pack for t milliseconds)\n" +#else +#define USAGE_PACK +#endif + +#define USAGE \ + "\n usage: udp_proxy param=<>...\n" \ + "\n acceptable parameters:\n" \ + " server_addr=%%s default: localhost\n" \ + " server_port=%%d default: 4433\n" \ + " listen_addr=%%s default: localhost\n" \ + " listen_port=%%d default: 4433\n" \ + "\n" \ + " duplicate=%%d default: 0 (no duplication)\n" \ + " duplicate about 1:N packets randomly\n" \ + " delay=%%d default: 0 (no delayed packets)\n" \ + " delay about 1:N packets randomly\n" \ + " delay_ccs=0/1 default: 0 (don't delay ChangeCipherSpec)\n" \ + " delay_cli=%%s Handshake message from client that should be\n"\ + " delayed. Possible values are 'ClientHello',\n" \ + " 'Certificate', 'CertificateVerify', and\n" \ + " 'ClientKeyExchange'.\n" \ + " May be used multiple times, even for the same\n"\ + " message, in which case the respective message\n"\ + " gets delayed multiple times.\n" \ + " delay_srv=%%s Handshake message from server that should be\n"\ + " delayed. Possible values are 'HelloRequest',\n"\ + " 'ServerHello', 'ServerHelloDone', 'Certificate'\n"\ + " 'ServerKeyExchange', 'NewSessionTicket',\n"\ + " 'HelloVerifyRequest' and ''CertificateRequest'.\n"\ + " May be used multiple times, even for the same\n"\ + " message, in which case the respective message\n"\ + " gets delayed multiple times.\n" \ + " drop=%%d default: 0 (no dropped packets)\n" \ + " drop about 1:N packets randomly\n" \ + " mtu=%%d default: 0 (unlimited)\n" \ + " drop packets larger than N bytes\n" \ + " bad_ad=0/1 default: 0 (don't add bad ApplicationData)\n" \ + " protect_hvr=0/1 default: 0 (don't protect HelloVerifyRequest)\n" \ + " protect_len=%%d default: (don't protect packets of this size)\n" \ + "\n" \ + " seed=%%d default: (use current time)\n" \ + USAGE_PACK \ + "\n" + +/* + * global options + */ + +#define MAX_DELAYED_HS 10 + +static struct options +{ + const char *server_addr; /* address to forward packets to */ + const char *server_port; /* port to forward packets to */ + const char *listen_addr; /* address for accepting client connections */ + const char *listen_port; /* port for accepting client connections */ + + int duplicate; /* duplicate 1 in N packets (none if 0) */ + int delay; /* delay 1 packet in N (none if 0) */ + int delay_ccs; /* delay ChangeCipherSpec */ + char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from + * client that should be delayed. */ + uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */ + char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from + * server that should be delayed. */ + uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */ + int drop; /* drop 1 packet in N (none if 0) */ + int mtu; /* drop packets larger than this */ + int bad_ad; /* inject corrupted ApplicationData record */ + int protect_hvr; /* never drop or delay HelloVerifyRequest */ + int protect_len; /* never drop/delay packet of the given size*/ + unsigned pack; /* merge packets into single datagram for + * at most \c merge milliseconds if > 0 */ + unsigned int seed; /* seed for "random" events */ +} opt; + +static void exit_usage( const char *name, const char *value ) +{ + if( value == NULL ) + mbedtls_printf( " unknown option or missing value: %s\n", name ); + else + mbedtls_printf( " option %s: illegal value: %s\n", name, value ); + + mbedtls_printf( USAGE ); + exit( 1 ); +} + +static void get_options( int argc, char *argv[] ) +{ + int i; + char *p, *q; + + opt.server_addr = DFL_SERVER_ADDR; + opt.server_port = DFL_SERVER_PORT; + opt.listen_addr = DFL_LISTEN_ADDR; + opt.listen_port = DFL_LISTEN_PORT; + opt.pack = DFL_PACK; + /* Other members default to 0 */ + + opt.delay_cli_cnt = 0; + opt.delay_srv_cnt = 0; + memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) ); + memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) ); + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + exit_usage( p, NULL ); + *q++ = '\0'; + + if( strcmp( p, "server_addr" ) == 0 ) + opt.server_addr = q; + else if( strcmp( p, "server_port" ) == 0 ) + opt.server_port = q; + else if( strcmp( p, "listen_addr" ) == 0 ) + opt.listen_addr = q; + else if( strcmp( p, "listen_port" ) == 0 ) + opt.listen_port = q; + else if( strcmp( p, "duplicate" ) == 0 ) + { + opt.duplicate = atoi( q ); + if( opt.duplicate < 0 || opt.duplicate > 20 ) + exit_usage( p, q ); + } + else if( strcmp( p, "delay" ) == 0 ) + { + opt.delay = atoi( q ); + if( opt.delay < 0 || opt.delay > 20 || opt.delay == 1 ) + exit_usage( p, q ); + } + else if( strcmp( p, "delay_ccs" ) == 0 ) + { + opt.delay_ccs = atoi( q ); + if( opt.delay_ccs < 0 || opt.delay_ccs > 1 ) + exit_usage( p, q ); + } + else if( strcmp( p, "delay_cli" ) == 0 || + strcmp( p, "delay_srv" ) == 0 ) + { + uint8_t *delay_cnt; + char **delay_list; + size_t len; + char *buf; + + if( strcmp( p, "delay_cli" ) == 0 ) + { + delay_cnt = &opt.delay_cli_cnt; + delay_list = opt.delay_cli; + } + else + { + delay_cnt = &opt.delay_srv_cnt; + delay_list = opt.delay_srv; + } + + if( *delay_cnt == MAX_DELAYED_HS ) + { + mbedtls_printf( " too many uses of %s: only %d allowed\n", + p, MAX_DELAYED_HS ); + exit_usage( p, NULL ); + } + + len = strlen( q ); + buf = mbedtls_calloc( 1, len + 1 ); + if( buf == NULL ) + { + mbedtls_printf( " Allocation failure\n" ); + exit( 1 ); + } + memcpy( buf, q, len + 1 ); + + delay_list[ (*delay_cnt)++ ] = buf; + } + else if( strcmp( p, "drop" ) == 0 ) + { + opt.drop = atoi( q ); + if( opt.drop < 0 || opt.drop > 20 || opt.drop == 1 ) + exit_usage( p, q ); + } + else if( strcmp( p, "pack" ) == 0 ) + { +#if defined(MBEDTLS_TIMING_C) + opt.pack = (unsigned) atoi( q ); +#else + mbedtls_printf( " option pack only defined if MBEDTLS_TIMING_C is enabled\n" ); + exit( 1 ); +#endif + } + else if( strcmp( p, "mtu" ) == 0 ) + { + opt.mtu = atoi( q ); + if( opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE ) + exit_usage( p, q ); + } + else if( strcmp( p, "bad_ad" ) == 0 ) + { + opt.bad_ad = atoi( q ); + if( opt.bad_ad < 0 || opt.bad_ad > 1 ) + exit_usage( p, q ); + } + else if( strcmp( p, "protect_hvr" ) == 0 ) + { + opt.protect_hvr = atoi( q ); + if( opt.protect_hvr < 0 || opt.protect_hvr > 1 ) + exit_usage( p, q ); + } + else if( strcmp( p, "protect_len" ) == 0 ) + { + opt.protect_len = atoi( q ); + if( opt.protect_len < 0 ) + exit_usage( p, q ); + } + else if( strcmp( p, "seed" ) == 0 ) + { + opt.seed = atoi( q ); + if( opt.seed == 0 ) + exit_usage( p, q ); + } + else + exit_usage( p, NULL ); + } +} + +static const char *msg_type( unsigned char *msg, size_t len ) +{ + if( len < 1 ) return( "Invalid" ); + switch( msg[0] ) + { + case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" ); + case MBEDTLS_SSL_MSG_ALERT: return( "Alert" ); + case MBEDTLS_SSL_MSG_APPLICATION_DATA: return( "ApplicationData" ); + case MBEDTLS_SSL_MSG_HANDSHAKE: break; /* See below */ + default: return( "Unknown" ); + } + + if( len < 13 + 12 ) return( "Invalid handshake" ); + + /* + * Our handshake message are less than 2^16 bytes long, so they should + * have 0 as the first byte of length, frag_offset and frag_length. + * Otherwise, assume they are encrypted. + */ + if( msg[14] || msg[19] || msg[22] ) return( "Encrypted handshake" ); + + switch( msg[13] ) + { + case MBEDTLS_SSL_HS_HELLO_REQUEST: return( "HelloRequest" ); + case MBEDTLS_SSL_HS_CLIENT_HELLO: return( "ClientHello" ); + case MBEDTLS_SSL_HS_SERVER_HELLO: return( "ServerHello" ); + case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" ); + case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" ); + case MBEDTLS_SSL_HS_CERTIFICATE: return( "Certificate" ); + case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" ); + case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" ); + case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" ); + case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" ); + case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" ); + case MBEDTLS_SSL_HS_FINISHED: return( "Finished" ); + default: return( "Unknown handshake" ); + } +} + +#if defined(MBEDTLS_TIMING_C) +/* Return elapsed time in milliseconds since the first call */ +static unsigned ellapsed_time( void ) +{ + static int initialized = 0; + static struct mbedtls_timing_hr_time hires; + + if( initialized == 0 ) + { + (void) mbedtls_timing_get_timer( &hires, 1 ); + initialized = 1; + return( 0 ); + } + + return( mbedtls_timing_get_timer( &hires, 0 ) ); +} + +typedef struct +{ + mbedtls_net_context *ctx; + + const char *description; + + unsigned packet_lifetime; + unsigned num_datagrams; + + unsigned char data[MAX_MSG_SIZE]; + size_t len; + +} ctx_buffer; + +static ctx_buffer outbuf[2]; + +static int ctx_buffer_flush( ctx_buffer *buf ) +{ + int ret; + + mbedtls_printf( " %05u flush %s: %u bytes, %u datagrams, last %u ms\n", + ellapsed_time(), buf->description, + (unsigned) buf->len, buf->num_datagrams, + ellapsed_time() - buf->packet_lifetime ); + + ret = mbedtls_net_send( buf->ctx, buf->data, buf->len ); + + buf->len = 0; + buf->num_datagrams = 0; + + return( ret ); +} + +static unsigned ctx_buffer_time_remaining( ctx_buffer *buf ) +{ + unsigned const cur_time = ellapsed_time(); + + if( buf->num_datagrams == 0 ) + return( (unsigned) -1 ); + + if( cur_time - buf->packet_lifetime >= opt.pack ) + return( 0 ); + + return( opt.pack - ( cur_time - buf->packet_lifetime ) ); +} + +static int ctx_buffer_append( ctx_buffer *buf, + const unsigned char * data, + size_t len ) +{ + int ret; + + if( len > (size_t) INT_MAX ) + return( -1 ); + + if( len > sizeof( buf->data ) ) + { + mbedtls_printf( " ! buffer size %u too large (max %u)\n", + (unsigned) len, (unsigned) sizeof( buf->data ) ); + return( -1 ); + } + + if( sizeof( buf->data ) - buf->len < len ) + { + if( ( ret = ctx_buffer_flush( buf ) ) <= 0 ) + return( ret ); + } + + memcpy( buf->data + buf->len, data, len ); + + buf->len += len; + if( ++buf->num_datagrams == 1 ) + buf->packet_lifetime = ellapsed_time(); + + return( (int) len ); +} +#endif /* MBEDTLS_TIMING_C */ + +static int dispatch_data( mbedtls_net_context *ctx, + const unsigned char * data, + size_t len ) +{ +#if defined(MBEDTLS_TIMING_C) + ctx_buffer *buf = NULL; + if( opt.pack > 0 ) + { + if( outbuf[0].ctx == ctx ) + buf = &outbuf[0]; + else if( outbuf[1].ctx == ctx ) + buf = &outbuf[1]; + + if( buf == NULL ) + return( -1 ); + + return( ctx_buffer_append( buf, data, len ) ); + } +#endif /* MBEDTLS_TIMING_C */ + + return( mbedtls_net_send( ctx, data, len ) ); +} + +typedef struct +{ + mbedtls_net_context *dst; + const char *way; + const char *type; + unsigned len; + unsigned char buf[MAX_MSG_SIZE]; +} packet; + +/* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */ +void print_packet( const packet *p, const char *why ) +{ +#if defined(MBEDTLS_TIMING_C) + if( why == NULL ) + mbedtls_printf( " %05u dispatch %s %s (%u bytes)\n", + ellapsed_time(), p->way, p->type, p->len ); + else + mbedtls_printf( " %05u dispatch %s %s (%u bytes): %s\n", + ellapsed_time(), p->way, p->type, p->len, why ); +#else + if( why == NULL ) + mbedtls_printf( " dispatch %s %s (%u bytes)\n", + p->way, p->type, p->len ); + else + mbedtls_printf( " dispatch %s %s (%u bytes): %s\n", + p->way, p->type, p->len, why ); +#endif + + fflush( stdout ); +} + +int send_packet( const packet *p, const char *why ) +{ + int ret; + mbedtls_net_context *dst = p->dst; + + /* insert corrupted ApplicationData record? */ + if( opt.bad_ad && + strcmp( p->type, "ApplicationData" ) == 0 ) + { + unsigned char buf[MAX_MSG_SIZE]; + memcpy( buf, p->buf, p->len ); + + if( p->len <= 13 ) + { + mbedtls_printf( " ! can't corrupt empty AD record" ); + } + else + { + ++buf[13]; + print_packet( p, "corrupted" ); + } + + if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) + { + mbedtls_printf( " ! dispatch returned %d\n", ret ); + return( ret ); + } + } + + print_packet( p, why ); + if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) + { + mbedtls_printf( " ! dispatch returned %d\n", ret ); + return( ret ); + } + + /* Don't duplicate Application Data, only handshake covered */ + if( opt.duplicate != 0 && + strcmp( p->type, "ApplicationData" ) != 0 && + rand() % opt.duplicate == 0 ) + { + print_packet( p, "duplicated" ); + + if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) + { + mbedtls_printf( " ! dispatch returned %d\n", ret ); + return( ret ); + } + } + + return( 0 ); +} + +#define MAX_DELAYED_MSG 5 +static size_t prev_len; +static packet prev[MAX_DELAYED_MSG]; + +void clear_pending( void ) +{ + memset( &prev, 0, sizeof( prev ) ); + prev_len = 0; +} + +void delay_packet( packet *delay ) +{ + if( prev_len == MAX_DELAYED_MSG ) + return; + + memcpy( &prev[prev_len++], delay, sizeof( packet ) ); +} + +int send_delayed() +{ + uint8_t offset; + int ret; + for( offset = 0; offset < prev_len; offset++ ) + { + ret = send_packet( &prev[offset], "delayed" ); + if( ret != 0 ) + return( ret ); + } + + clear_pending(); + return( 0 ); +} + +/* + * Avoid dropping or delaying a packet that was already dropped twice: this + * only results in uninteresting timeouts. We can't rely on type to identify + * packets, since during renegotiation they're all encrypted. So, rely on + * size mod 2048 (which is usually just size). + */ +static unsigned char dropped[2048] = { 0 }; +#define DROP_MAX 2 + +/* + * OpenSSL groups packets in a datagram the first time it sends them, but not + * when it resends them. Count every record as seen the first time. + */ +void update_dropped( const packet *p ) +{ + size_t id = p->len % sizeof( dropped ); + const unsigned char *end = p->buf + p->len; + const unsigned char *cur = p->buf; + size_t len = ( ( cur[11] << 8 ) | cur[12] ) + 13; + + ++dropped[id]; + + /* Avoid counting single record twice */ + if( len == p->len ) + return; + + while( cur < end ) + { + len = ( ( cur[11] << 8 ) | cur[12] ) + 13; + + id = len % sizeof( dropped ); + ++dropped[id]; + + cur += len; + } +} + +int handle_message( const char *way, + mbedtls_net_context *dst, + mbedtls_net_context *src ) +{ + int ret; + packet cur; + size_t id; + + uint8_t delay_idx; + char ** delay_list; + uint8_t delay_list_len; + + /* receive packet */ + if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 ) + { + mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret ); + return( ret ); + } + + cur.len = ret; + cur.type = msg_type( cur.buf, cur.len ); + cur.way = way; + cur.dst = dst; + print_packet( &cur, NULL ); + + id = cur.len % sizeof( dropped ); + + if( strcmp( way, "S <- C" ) == 0 ) + { + delay_list = opt.delay_cli; + delay_list_len = opt.delay_cli_cnt; + } + else + { + delay_list = opt.delay_srv; + delay_list_len = opt.delay_srv_cnt; + } + + /* Check if message type is in the list of messages + * that should be delayed */ + for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ ) + { + if( delay_list[ delay_idx ] == NULL ) + continue; + + if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 ) + { + /* Delay message */ + delay_packet( &cur ); + + /* Remove entry from list */ + mbedtls_free( delay_list[delay_idx] ); + delay_list[delay_idx] = NULL; + + return( 0 ); + } + } + + /* do we want to drop, delay, or forward it? */ + if( ( opt.mtu != 0 && + cur.len > (unsigned) opt.mtu ) || + ( opt.drop != 0 && + strcmp( cur.type, "ApplicationData" ) != 0 && + ! ( opt.protect_hvr && + strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && + cur.len != (size_t) opt.protect_len && + dropped[id] < DROP_MAX && + rand() % opt.drop == 0 ) ) + { + update_dropped( &cur ); + } + else if( ( opt.delay_ccs == 1 && + strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) || + ( opt.delay != 0 && + strcmp( cur.type, "ApplicationData" ) != 0 && + ! ( opt.protect_hvr && + strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && + cur.len != (size_t) opt.protect_len && + dropped[id] < DROP_MAX && + rand() % opt.delay == 0 ) ) + { + delay_packet( &cur ); + } + else + { + /* forward and possibly duplicate */ + if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 ) + return( ret ); + + /* send previously delayed messages if any */ + ret = send_delayed(); + if( ret != 0 ) + return( ret ); + } + + return( 0 ); +} + +int main( int argc, char *argv[] ) +{ + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + uint8_t delay_idx; + + mbedtls_net_context listen_fd, client_fd, server_fd; + +#if defined( MBEDTLS_TIMING_C ) + struct timeval tm; +#endif + + struct timeval *tm_ptr = NULL; + + int nb_fds; + fd_set read_fds; + + mbedtls_net_init( &listen_fd ); + mbedtls_net_init( &client_fd ); + mbedtls_net_init( &server_fd ); + + get_options( argc, argv ); + + /* + * Decisions to drop/delay/duplicate packets are pseudo-random: dropping + * exactly 1 in N packets would lead to problems when a flight has exactly + * N packets: the same packet would be dropped on every resend. + * + * In order to be able to reproduce problems reliably, the seed may be + * specified explicitly. + */ + if( opt.seed == 0 ) + { + opt.seed = (unsigned int) time( NULL ); + mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); + } + + srand( opt.seed ); + + /* + * 0. "Connect" to the server + */ + mbedtls_printf( " . Connect to server on UDP/%s/%s ...", + opt.server_addr, opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port, + MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1. Setup the "listening" UDP socket + */ + mbedtls_printf( " . Bind on UDP/%s/%s ...", + opt.listen_addr, opt.listen_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port, + MBEDTLS_NET_PROTO_UDP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 2. Wait until a client connects + */ +accept: + mbedtls_net_free( &client_fd ); + + mbedtls_printf( " . Waiting for a remote connection ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + NULL, 0, NULL ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 3. Forward packets forever (kill the process to terminate it) + */ + clear_pending(); + memset( dropped, 0, sizeof( dropped ) ); + + nb_fds = client_fd.fd; + if( nb_fds < server_fd.fd ) + nb_fds = server_fd.fd; + if( nb_fds < listen_fd.fd ) + nb_fds = listen_fd.fd; + ++nb_fds; + +#if defined(MBEDTLS_TIMING_C) + if( opt.pack > 0 ) + { + outbuf[0].ctx = &server_fd; + outbuf[0].description = "S <- C"; + outbuf[0].num_datagrams = 0; + outbuf[0].len = 0; + + outbuf[1].ctx = &client_fd; + outbuf[1].description = "S -> C"; + outbuf[1].num_datagrams = 0; + outbuf[1].len = 0; + } +#endif /* MBEDTLS_TIMING_C */ + + while( 1 ) + { +#if defined(MBEDTLS_TIMING_C) + if( opt.pack > 0 ) + { + unsigned max_wait_server, max_wait_client, max_wait; + max_wait_server = ctx_buffer_time_remaining( &outbuf[0] ); + max_wait_client = ctx_buffer_time_remaining( &outbuf[1] ); + + max_wait = (unsigned) -1; + + if( max_wait_server == 0 ) + ctx_buffer_flush( &outbuf[0] ); + else + max_wait = max_wait_server; + + if( max_wait_client == 0 ) + ctx_buffer_flush( &outbuf[1] ); + else + { + if( max_wait_client < max_wait ) + max_wait = max_wait_client; + } + + if( max_wait != (unsigned) -1 ) + { + tm.tv_sec = max_wait / 1000; + tm.tv_usec = ( max_wait % 1000 ) * 1000; + + tm_ptr = &tm; + } + else + { + tm_ptr = NULL; + } + } +#endif /* MBEDTLS_TIMING_C */ + + FD_ZERO( &read_fds ); + FD_SET( server_fd.fd, &read_fds ); + FD_SET( client_fd.fd, &read_fds ); + FD_SET( listen_fd.fd, &read_fds ); + + if( ( ret = select( nb_fds, &read_fds, NULL, NULL, tm_ptr ) ) < 0 ) + { + perror( "select" ); + goto exit; + } + + if( FD_ISSET( listen_fd.fd, &read_fds ) ) + goto accept; + + if( FD_ISSET( client_fd.fd, &read_fds ) ) + { + if( ( ret = handle_message( "S <- C", + &server_fd, &client_fd ) ) != 0 ) + goto accept; + } + + if( FD_ISSET( server_fd.fd, &read_fds ) ) + { + if( ( ret = handle_message( "S -> C", + &client_fd, &server_fd ) ) != 0 ) + goto accept; + } + + } + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + +#ifdef MBEDTLS_ERROR_C + if( exit_code != MBEDTLS_EXIT_SUCCESS ) + { + char error_buf[100]; + mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_printf( "Last error was: -0x%04X - %s\n\n", - ret, error_buf ); + fflush( stdout ); + } +#endif + + for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ ) + { + mbedtls_free( opt.delay_cli + delay_idx ); + mbedtls_free( opt.delay_srv + delay_idx ); + } + + mbedtls_net_free( &client_fd ); + mbedtls_net_free( &server_fd ); + mbedtls_net_free( &listen_fd ); + +#if defined(_WIN32) + mbedtls_printf( " Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} + +#endif /* MBEDTLS_NET_C */ diff --git a/programs/test/udp_proxy_wrapper.sh b/programs/test/udp_proxy_wrapper.sh new file mode 100755 index 000000000..29033d5d1 --- /dev/null +++ b/programs/test/udp_proxy_wrapper.sh @@ -0,0 +1,117 @@ +#!/bin/sh +# -*-sh-basic-offset: 4-*- +# Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...] + +set -u + +MBEDTLS_BASE="$(dirname -- "$0")/../.." +TPXY_BIN="$MBEDTLS_BASE/programs/test/udp_proxy" +SRV_BIN="$MBEDTLS_BASE/programs/ssl/ssl_server2" + +: ${VERBOSE:=0} + +stop_proxy() { + if [ -n "${tpxy_pid:-}" ]; then + echo + echo " * Killing proxy (pid $tpxy_pid) ..." + kill $tpxy_pid + fi +} + +stop_server() { + if [ -n "${srv_pid:-}" ]; then + echo + echo " * Killing server (pid $srv_pid) ..." + kill $srv_pid >/dev/null 2>/dev/null + fi +} + +cleanup() { + stop_server + stop_proxy + exit 129 +} + +trap cleanup INT TERM HUP + +# Extract the proxy parameters +tpxy_cmd_snippet='"$TPXY_BIN"' +while [ $# -ne 0 ] && [ "$1" != "--" ]; do + tail="$1" quoted="" + while [ -n "$tail" ]; do + case "$tail" in + *\'*) quoted="${quoted}${tail%%\'*}'\\''" tail="${tail#*\'}";; + *) quoted="${quoted}${tail}"; tail=; false;; + esac + done + tpxy_cmd_snippet="$tpxy_cmd_snippet '$quoted'" + shift +done +unset tail quoted +if [ $# -eq 0 ]; then + echo " * No server arguments (must be preceded by \" -- \") - exit" + exit 3 +fi +shift + +dtls_enabled= +ipv6_in_use= +server_port_orig= +server_addr_orig= +for param; do + case "$param" in + server_port=*) server_port_orig="${param#*=}";; + server_addr=*:*) server_addr_orig="${param#*=}"; ipv6_in_use=1;; + server_addr=*) server_addr_orig="${param#*=}";; + dtls=[!0]*) dtls_enabled=1;; + esac +done + +if [ -z "$dtls_enabled" ] || [ -n "$ipv6_in_use" ]; then + echo >&2 "$0: Couldn't find DTLS enabling, or IPv6 is in use - immediate fallback to server application..." + if [ $VERBOSE -gt 0 ]; then + echo "[ $SRV_BIN $* ]" + fi + exec "$SRV_BIN" "$@" +fi + +if [ -z "$server_port_orig" ]; then + server_port_orig=4433 +fi +echo " * Server port: $server_port_orig" +tpxy_cmd_snippet="$tpxy_cmd_snippet \"listen_port=\$server_port_orig\"" +tpxy_cmd_snippet="$tpxy_cmd_snippet \"server_port=\$server_port\"" + +if [ -n "$server_addr_orig" ]; then + echo " * Server address: $server_addr_orig" + tpxy_cmd_snippet="$tpxy_cmd_snippet \"server_addr=\$server_addr_orig\"" + tpxy_cmd_snippet="$tpxy_cmd_snippet \"listen_addr=\$server_addr_orig\"" +fi + +server_port=$(( server_port_orig + 1 )) +set -- "$@" "server_port=$server_port" +echo " * Intermediate port: $server_port" + +echo " * Start proxy in background ..." +if [ $VERBOSE -gt 0 ]; then + echo "[ $tpxy_cmd_snippet ]" +fi +eval exec "$tpxy_cmd_snippet" >/dev/null 2>&1 & +tpxy_pid=$! + +if [ $VERBOSE -gt 0 ]; then + echo " * Proxy ID: $TPXY_PID" +fi + +echo " * Starting server ..." +if [ $VERBOSE -gt 0 ]; then + echo "[ $SRV_BIN $* ]" +fi + +exec "$SRV_BIN" "$@" >&2 & +srv_pid=$! + +wait $srv_pid + +stop_proxy +return 0 diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt new file mode 100644 index 000000000..39b8b5bab --- /dev/null +++ b/programs/x509/CMakeLists.txt @@ -0,0 +1,30 @@ +set(libs + mbedtls +) + +if(USE_PKCS11_HELPER_LIBRARY) + set(libs ${libs} pkcs11-helper) +endif(USE_PKCS11_HELPER_LIBRARY) + +if(ENABLE_ZLIB_SUPPORT) + set(libs ${libs} ${ZLIB_LIBRARIES}) +endif(ENABLE_ZLIB_SUPPORT) + +add_executable(cert_app cert_app.c) +target_link_libraries(cert_app ${libs}) + +add_executable(crl_app crl_app.c) +target_link_libraries(crl_app ${libs}) + +add_executable(req_app req_app.c) +target_link_libraries(req_app ${libs}) + +add_executable(cert_req cert_req.c) +target_link_libraries(cert_req ${libs}) + +add_executable(cert_write cert_write.c) +target_link_libraries(cert_write ${libs}) + +install(TARGETS cert_app crl_app req_app cert_req cert_write + DESTINATION "bin" + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c new file mode 100644 index 000000000..38fbd51bf --- /dev/null +++ b/programs/x509/cert_app.c @@ -0,0 +1,515 @@ +/* + * Certificate reading application + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_time time +#define mbedtls_time_t time_t +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ + !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_CTR_DRBG_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/ssl.h" +#include "mbedtls/x509.h" +#include "mbedtls/debug.h" + +#include +#include +#include + +#define MODE_NONE 0 +#define MODE_FILE 1 +#define MODE_SSL 2 + +#define DFL_MODE MODE_NONE +#define DFL_FILENAME "cert.crt" +#define DFL_CA_FILE "" +#define DFL_CRL_FILE "" +#define DFL_CA_PATH "" +#define DFL_SERVER_NAME "localhost" +#define DFL_SERVER_PORT "4433" +#define DFL_DEBUG_LEVEL 0 +#define DFL_PERMISSIVE 0 + +#define USAGE_IO \ + " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (none)\n" \ + " crl_file=%%s The single CRL file you want to use\n" \ + " default: \"\" (none)\n" \ + " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (none) (overrides ca_file)\n" + +#define USAGE \ + "\n usage: cert_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " mode=file|ssl default: none\n" \ + " filename=%%s default: cert.crt\n" \ + USAGE_IO \ + " server_name=%%s default: localhost\n" \ + " server_port=%%d default: 4433\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " permissive=%%d default: 0 (disabled)\n" \ + "\n" + +#if defined(MBEDTLS_CHECK_PARAMS) +#define mbedtls_exit exit +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + int mode; /* the mode to run the application in */ + const char *filename; /* filename of the certificate file */ + const char *ca_file; /* the file with the CA certificate(s) */ + const char *crl_file; /* the file with the CRL to use */ + const char *ca_path; /* the path with the CA certificate(s) reside */ + const char *server_name; /* hostname of the server (client only) */ + const char *server_port; /* port on which the ssl service runs */ + int debug_level; /* level of debugging */ + int permissive; /* permissive parsing */ +} opt; + +static void my_debug( void *ctx, int level, + const char *file, int line, + const char *str ) +{ + ((void) level); + + mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); + fflush( (FILE *) ctx ); +} + +static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) +{ + char buf[1024]; + ((void) data); + + mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); + mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); + mbedtls_printf( "%s", buf ); + + if ( ( *flags ) == 0 ) + mbedtls_printf( " This certificate has no flags\n" ); + else + { + mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); + mbedtls_printf( "%s\n", buf ); + } + + return( 0 ); +} + +int main( int argc, char *argv[] ) +{ + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + mbedtls_net_context server_fd; + unsigned char buf[1024]; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_x509_crt cacert; + mbedtls_x509_crl cacrl; + int i, j; + uint32_t flags; + int verify = 0; + char *p, *q; + const char *pers = "cert_app"; + + /* + * Set to sane values + */ + mbedtls_net_init( &server_fd ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_x509_crt_init( &cacert ); +#if defined(MBEDTLS_X509_CRL_PARSE_C) + mbedtls_x509_crl_init( &cacrl ); +#else + /* Zeroize structure as CRL parsing is not supported and we have to pass + it to the verify function */ + memset( &cacrl, 0, sizeof(mbedtls_x509_crl) ); +#endif + + if( argc == 0 ) + { + usage: + mbedtls_printf( USAGE ); + goto exit; + } + + opt.mode = DFL_MODE; + opt.filename = DFL_FILENAME; + opt.ca_file = DFL_CA_FILE; + opt.crl_file = DFL_CRL_FILE; + opt.ca_path = DFL_CA_PATH; + opt.server_name = DFL_SERVER_NAME; + opt.server_port = DFL_SERVER_PORT; + opt.debug_level = DFL_DEBUG_LEVEL; + opt.permissive = DFL_PERMISSIVE; + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + for( j = 0; p + j < q; j++ ) + { + if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) + argv[i][j] |= 0x20; + } + + if( strcmp( p, "mode" ) == 0 ) + { + if( strcmp( q, "file" ) == 0 ) + opt.mode = MODE_FILE; + else if( strcmp( q, "ssl" ) == 0 ) + opt.mode = MODE_SSL; + else + goto usage; + } + else if( strcmp( p, "filename" ) == 0 ) + opt.filename = q; + else if( strcmp( p, "ca_file" ) == 0 ) + opt.ca_file = q; + else if( strcmp( p, "crl_file" ) == 0 ) + opt.crl_file = q; + else if( strcmp( p, "ca_path" ) == 0 ) + opt.ca_path = q; + else if( strcmp( p, "server_name" ) == 0 ) + opt.server_name = q; + else if( strcmp( p, "server_port" ) == 0 ) + opt.server_port = q; + else if( strcmp( p, "debug_level" ) == 0 ) + { + opt.debug_level = atoi( q ); + if( opt.debug_level < 0 || opt.debug_level > 65535 ) + goto usage; + } + else if( strcmp( p, "permissive" ) == 0 ) + { + opt.permissive = atoi( q ); + if( opt.permissive < 0 || opt.permissive > 1 ) + goto usage; + } + else + goto usage; + } + + /* + * 1.1. Load the trusted CA + */ + mbedtls_printf( " . Loading the CA root certificate ..." ); + fflush( stdout ); + + if( strlen( opt.ca_path ) ) + { + if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", -ret ); + goto exit; + } + + verify = 1; + } + else if( strlen( opt.ca_file ) ) + { + if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", -ret ); + goto exit; + } + + verify = 1; + } + + mbedtls_printf( " ok (%d skipped)\n", ret ); + +#if defined(MBEDTLS_X509_CRL_PARSE_C) + if( strlen( opt.crl_file ) ) + { + if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", -ret ); + goto exit; + } + + verify = 1; + } +#endif + + if( opt.mode == MODE_FILE ) + { + mbedtls_x509_crt crt; + mbedtls_x509_crt *cur = &crt; + mbedtls_x509_crt_init( &crt ); + + /* + * 1.1. Load the certificate(s) + */ + mbedtls_printf( "\n . Loading the certificate(s) ..." ); + fflush( stdout ); + + ret = mbedtls_x509_crt_parse_file( &crt, opt.filename ); + + if( ret < 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret ); + mbedtls_x509_crt_free( &crt ); + goto exit; + } + + if( opt.permissive == 0 && ret > 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret ); + mbedtls_x509_crt_free( &crt ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1.2 Print the certificate(s) + */ + while( cur != NULL ) + { + mbedtls_printf( " . Peer certificate information ...\n" ); + ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", + cur ); + if( ret == -1 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); + mbedtls_x509_crt_free( &crt ); + goto exit; + } + + mbedtls_printf( "%s\n", buf ); + + cur = cur->next; + } + + /* + * 1.3 Verify the certificate + */ + if( verify ) + { + mbedtls_printf( " . Verifying X.509 certificate..." ); + + if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags, + my_verify, NULL ) ) != 0 ) + { + char vrfy_buf[512]; + + mbedtls_printf( " failed\n" ); + + mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + + mbedtls_printf( "%s\n", vrfy_buf ); + } + else + mbedtls_printf( " ok\n" ); + } + + mbedtls_x509_crt_free( &crt ); + } + else if( opt.mode == MODE_SSL ) + { + /* + * 1. Initialize the RNG and the session data + */ + mbedtls_printf( "\n . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto ssl_exit; + } + + mbedtls_printf( " ok\n" ); + +#if defined(MBEDTLS_DEBUG_C) + mbedtls_debug_set_threshold( opt.debug_level ); +#endif + + /* + * 2. Start the connection + */ + mbedtls_printf( " . SSL connection to tcp/%s/%s...", opt.server_name, + opt.server_port ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + goto ssl_exit; + } + + /* + * 3. Setup stuff + */ + if( ( ret = mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + goto exit; + } + + if( verify ) + { + mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); + mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); + } + else + mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); + + mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + + if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + goto ssl_exit; + } + + if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + goto ssl_exit; + } + + mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + + /* + * 4. Handshake + */ + while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); + goto ssl_exit; + } + } + + mbedtls_printf( " ok\n" ); + + /* + * 5. Print the certificate + */ +#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_printf( " . Peer certificate information ... skipped\n" ); +#else + mbedtls_printf( " . Peer certificate information ...\n" ); + ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", + mbedtls_ssl_get_peer_cert( &ssl ) ); + if( ret == -1 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); + goto ssl_exit; + } + + mbedtls_printf( "%s\n", buf ); +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + mbedtls_ssl_close_notify( &ssl ); + +ssl_exit: + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); + } + else + goto usage; + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + + mbedtls_net_free( &server_fd ); + mbedtls_x509_crt_free( &cacert ); +#if defined(MBEDTLS_X509_CRL_PARSE_C) + mbedtls_x509_crl_free( &cacrl ); +#endif + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && + MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && + MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c new file mode 100644 index 000000000..d25ad4c56 --- /dev/null +++ b/programs/x509/cert_req.c @@ -0,0 +1,453 @@ +/* + * Certificate request generation + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_PEM_WRITE_C) +int main( void ) +{ + mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " + "not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/x509_csr.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/error.h" + +#include +#include +#include + +#define DFL_FILENAME "keyfile.key" +#define DFL_PASSWORD NULL +#define DFL_DEBUG_LEVEL 0 +#define DFL_OUTPUT_FILENAME "cert.req" +#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" +#define DFL_KEY_USAGE 0 +#define DFL_FORCE_KEY_USAGE 0 +#define DFL_NS_CERT_TYPE 0 +#define DFL_FORCE_NS_CERT_TYPE 0 +#define DFL_MD_ALG MBEDTLS_MD_SHA256 + +#define USAGE \ + "\n usage: cert_req param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: keyfile.key\n" \ + " password=%%s default: NULL\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " output_file=%%s default: cert.req\n" \ + " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ + " key_usage=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " digital_signature\n" \ + " non_repudiation\n" \ + " key_encipherment\n" \ + " data_encipherment\n" \ + " key_agreement\n" \ + " key_cert_sign\n" \ + " crl_sign\n" \ + " force_key_usage=0/1 default: off\n" \ + " Add KeyUsage even if it is empty\n" \ + " ns_cert_type=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " ssl_client\n" \ + " ssl_server\n" \ + " email\n" \ + " object_signing\n" \ + " ssl_ca\n" \ + " email_ca\n" \ + " object_signing_ca\n" \ + " force_ns_cert_type=0/1 default: off\n" \ + " Add NsCertType even if it is empty\n" \ + " md=%%s default: SHA256\n" \ + " possible values:\n" \ + " MD4, MD5, SHA1\n" \ + " SHA224, SHA256\n" \ + " SHA384, SHA512\n" \ + "\n" + +#if defined(MBEDTLS_CHECK_PARAMS) +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *filename; /* filename of the key file */ + const char *password; /* password for the key file */ + int debug_level; /* level of debugging */ + const char *output_file; /* where to store the constructed key file */ + const char *subject_name; /* subject name for certificate request */ + unsigned char key_usage; /* key usage flags */ + int force_key_usage; /* Force adding the KeyUsage extension */ + unsigned char ns_cert_type; /* NS cert type */ + int force_ns_cert_type; /* Force adding NsCertType extension */ + mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ +} opt; + +int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + FILE *f; + unsigned char output_buf[4096]; + size_t len = 0; + + memset( output_buf, 0, 4096 ); + if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 ) + return( ret ); + + len = strlen( (char *) output_buf ); + + if( ( f = fopen( output_file, "w" ) ) == NULL ) + return( -1 ); + + if( fwrite( output_buf, 1, len, f ) != len ) + { + fclose( f ); + return( -1 ); + } + + fclose( f ); + + return( 0 ); +} + +int main( int argc, char *argv[] ) +{ + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + mbedtls_pk_context key; + char buf[1024]; + int i; + char *p, *q, *r; + mbedtls_x509write_csr req; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + const char *pers = "csr example app"; + + /* + * Set to sane values + */ + mbedtls_x509write_csr_init( &req ); + mbedtls_pk_init( &key ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + memset( buf, 0, sizeof( buf ) ); + + if( argc == 0 ) + { + usage: + mbedtls_printf( USAGE ); + goto exit; + } + + opt.filename = DFL_FILENAME; + opt.password = DFL_PASSWORD; + opt.debug_level = DFL_DEBUG_LEVEL; + opt.output_file = DFL_OUTPUT_FILENAME; + opt.subject_name = DFL_SUBJECT_NAME; + opt.key_usage = DFL_KEY_USAGE; + opt.force_key_usage = DFL_FORCE_KEY_USAGE; + opt.ns_cert_type = DFL_NS_CERT_TYPE; + opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE; + opt.md_alg = DFL_MD_ALG; + + for( i = 1; i < argc; i++ ) + { + + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "filename" ) == 0 ) + opt.filename = q; + else if( strcmp( p, "password" ) == 0 ) + opt.password = q; + else if( strcmp( p, "output_file" ) == 0 ) + opt.output_file = q; + else if( strcmp( p, "debug_level" ) == 0 ) + { + opt.debug_level = atoi( q ); + if( opt.debug_level < 0 || opt.debug_level > 65535 ) + goto usage; + } + else if( strcmp( p, "subject_name" ) == 0 ) + { + opt.subject_name = q; + } + else if( strcmp( p, "md" ) == 0 ) + { + if( strcmp( q, "SHA256" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_SHA256; + } + else if( strcmp( q, "SHA224" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_SHA224; + } + else +#if defined(MBEDTLS_MD5_C) + if( strcmp( q, "MD5" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_MD5; + } + else +#endif /* MBEDTLS_MD5_C */ +#if defined(MBEDTLS_MD4_C) + if( strcmp( q, "MD4" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_MD4; + } + else +#endif /* MBEDTLS_MD5_C */ +#if defined(MBEDTLS_SHA1_C) + if( strcmp( q, "SHA1" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_SHA1; + } + else +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA512_C) + if( strcmp( q, "SHA384" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_SHA384; + } + else + if( strcmp( q, "SHA512" ) == 0 ) + { + opt.md_alg = MBEDTLS_MD_SHA512; + } + else +#endif /* MBEDTLS_SHA512_C */ + { + goto usage; + } + } + else if( strcmp( p, "key_usage" ) == 0 ) + { + while( q != NULL ) + { + if( ( r = strchr( q, ',' ) ) != NULL ) + *r++ = '\0'; + + if( strcmp( q, "digital_signature" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; + else if( strcmp( q, "non_repudiation" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; + else if( strcmp( q, "key_encipherment" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; + else if( strcmp( q, "data_encipherment" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; + else if( strcmp( q, "key_agreement" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; + else if( strcmp( q, "key_cert_sign" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; + else if( strcmp( q, "crl_sign" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; + else + goto usage; + + q = r; + } + } + else if( strcmp( p, "force_key_usage" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.force_key_usage = 0; break; + case 1: opt.force_key_usage = 1; break; + default: goto usage; + } + } + else if( strcmp( p, "ns_cert_type" ) == 0 ) + { + while( q != NULL ) + { + if( ( r = strchr( q, ',' ) ) != NULL ) + *r++ = '\0'; + + if( strcmp( q, "ssl_client" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; + else if( strcmp( q, "ssl_server" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; + else if( strcmp( q, "email" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; + else if( strcmp( q, "object_signing" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; + else if( strcmp( q, "ssl_ca" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; + else if( strcmp( q, "email_ca" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; + else if( strcmp( q, "object_signing_ca" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; + else + goto usage; + + q = r; + } + } + else if( strcmp( p, "force_ns_cert_type" ) == 0 ) + { + switch( atoi( q ) ) + { + case 0: opt.force_ns_cert_type = 0; break; + case 1: opt.force_ns_cert_type = 1; break; + default: goto usage; + } + } + else + goto usage; + } + + mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg ); + + if( opt.key_usage || opt.force_key_usage == 1 ) + mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage ); + + if( opt.ns_cert_type || opt.force_ns_cert_type == 1 ) + mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type ); + + /* + * 0. Seed the PRNG + */ + mbedtls_printf( " . Seeding the random number generator..." ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1.0. Check the subject name for validity + */ + mbedtls_printf( " . Checking subject name..." ); + fflush( stdout ); + + if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1.1. Load the key + */ + mbedtls_printf( " . Loading the private key ..." ); + fflush( stdout ); + + ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password ); + + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d", ret ); + goto exit; + } + + mbedtls_x509write_csr_set_key( &req, &key ); + + mbedtls_printf( " ok\n" ); + + /* + * 1.2. Writing the request + */ + mbedtls_printf( " . Writing the certificate request ..." ); + fflush( stdout ); + + if( ( ret = write_certificate_request( &req, opt.output_file, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_printf( " failed\n ! write_certifcate_request %d", ret ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + + if( exit_code != MBEDTLS_EXIT_SUCCESS ) + { +#ifdef MBEDTLS_ERROR_C + mbedtls_strerror( ret, buf, sizeof( buf ) ); + mbedtls_printf( " - %s\n", buf ); +#else + mbedtls_printf("\n"); +#endif + } + + mbedtls_x509write_csr_free( &req ); + mbedtls_pk_free( &key ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */ diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c new file mode 100644 index 000000000..cd39108f2 --- /dev/null +++ b/programs/x509/cert_write.c @@ -0,0 +1,825 @@ +/* + * Certificate generation and signing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_PEM_WRITE_C) +int main( void ) +{ + mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_ERROR_C not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_csr.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/md.h" +#include "mbedtls/error.h" + +#include +#include +#include + +#if defined(MBEDTLS_X509_CSR_PARSE_C) +#define USAGE_CSR \ + " request_file=%%s default: (empty)\n" \ + " If request_file is specified, subject_key,\n" \ + " subject_pwd and subject_name are ignored!\n" +#else +#define USAGE_CSR "" +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + +#define DFL_ISSUER_CRT "" +#define DFL_REQUEST_FILE "" +#define DFL_SUBJECT_KEY "subject.key" +#define DFL_ISSUER_KEY "ca.key" +#define DFL_SUBJECT_PWD "" +#define DFL_ISSUER_PWD "" +#define DFL_OUTPUT_FILENAME "cert.crt" +#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" +#define DFL_ISSUER_NAME "CN=CA,O=mbed TLS,C=UK" +#define DFL_NOT_BEFORE "20010101000000" +#define DFL_NOT_AFTER "20301231235959" +#define DFL_SERIAL "1" +#define DFL_SELFSIGN 0 +#define DFL_IS_CA 0 +#define DFL_MAX_PATHLEN -1 +#define DFL_KEY_USAGE 0 +#define DFL_NS_CERT_TYPE 0 +#define DFL_VERSION 3 +#define DFL_AUTH_IDENT 1 +#define DFL_SUBJ_IDENT 1 +#define DFL_CONSTRAINTS 1 +#define DFL_DIGEST MBEDTLS_MD_SHA256 + +#define USAGE \ + "\n usage: cert_write param=<>...\n" \ + "\n acceptable parameters:\n" \ + USAGE_CSR \ + " subject_key=%%s default: subject.key\n" \ + " subject_pwd=%%s default: (empty)\n" \ + " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ + "\n" \ + " issuer_crt=%%s default: (empty)\n" \ + " If issuer_crt is specified, issuer_name is\n" \ + " ignored!\n" \ + " issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \ + "\n" \ + " selfsign=%%d default: 0 (false)\n" \ + " If selfsign is enabled, issuer_name and\n" \ + " issuer_key are required (issuer_crt and\n" \ + " subject_* are ignored\n" \ + " issuer_key=%%s default: ca.key\n" \ + " issuer_pwd=%%s default: (empty)\n" \ + " output_file=%%s default: cert.crt\n" \ + " serial=%%s default: 1\n" \ + " not_before=%%s default: 20010101000000\n"\ + " not_after=%%s default: 20301231235959\n"\ + " is_ca=%%d default: 0 (disabled)\n" \ + " max_pathlen=%%d default: -1 (none)\n" \ + " md=%%s default: SHA256\n" \ + " Supported values:\n" \ + " MD5, SHA1, SHA256, SHA512\n"\ + " version=%%d default: 3\n" \ + " Possible values: 1, 2, 3\n"\ + " subject_identifier=%%s default: 1\n" \ + " Possible values: 0, 1\n" \ + " (Considered for v3 only)\n"\ + " authority_identifier=%%s default: 1\n" \ + " Possible values: 0, 1\n" \ + " (Considered for v3 only)\n"\ + " basic_constraints=%%d default: 1\n" \ + " Possible values: 0, 1\n" \ + " (Considered for v3 only)\n"\ + " key_usage=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " digital_signature\n" \ + " non_repudiation\n" \ + " key_encipherment\n" \ + " data_encipherment\n" \ + " key_agreement\n" \ + " key_cert_sign\n" \ + " crl_sign\n" \ + " (Considered for v3 only)\n"\ + " ns_cert_type=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " ssl_client\n" \ + " ssl_server\n" \ + " email\n" \ + " object_signing\n" \ + " ssl_ca\n" \ + " email_ca\n" \ + " object_signing_ca\n" \ + "\n" + +#if defined(MBEDTLS_CHECK_PARAMS) +#define mbedtls_exit exit +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *issuer_crt; /* filename of the issuer certificate */ + const char *request_file; /* filename of the certificate request */ + const char *subject_key; /* filename of the subject key file */ + const char *issuer_key; /* filename of the issuer key file */ + const char *subject_pwd; /* password for the subject key file */ + const char *issuer_pwd; /* password for the issuer key file */ + const char *output_file; /* where to store the constructed CRT */ + const char *subject_name; /* subject name for certificate */ + const char *issuer_name; /* issuer name for certificate */ + const char *not_before; /* validity period not before */ + const char *not_after; /* validity period not after */ + const char *serial; /* serial number string */ + int selfsign; /* selfsign the certificate */ + int is_ca; /* is a CA certificate */ + int max_pathlen; /* maximum CA path length */ + int authority_identifier; /* add authority identifier to CRT */ + int subject_identifier; /* add subject identifier to CRT */ + int basic_constraints; /* add basic constraints ext to CRT */ + int version; /* CRT version */ + mbedtls_md_type_t md; /* Hash used for signing */ + unsigned char key_usage; /* key usage flags */ + unsigned char ns_cert_type; /* NS cert type */ +} opt; + +int write_certificate( mbedtls_x509write_cert *crt, const char *output_file, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + FILE *f; + unsigned char output_buf[4096]; + size_t len = 0; + + memset( output_buf, 0, 4096 ); + if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096, + f_rng, p_rng ) ) < 0 ) + return( ret ); + + len = strlen( (char *) output_buf ); + + if( ( f = fopen( output_file, "w" ) ) == NULL ) + return( -1 ); + + if( fwrite( output_buf, 1, len, f ) != len ) + { + fclose( f ); + return( -1 ); + } + + fclose( f ); + + return( 0 ); +} + +int main( int argc, char *argv[] ) +{ + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + mbedtls_x509_crt issuer_crt; + mbedtls_pk_context loaded_issuer_key, loaded_subject_key; + mbedtls_pk_context *issuer_key = &loaded_issuer_key, + *subject_key = &loaded_subject_key; + char buf[1024]; + char issuer_name[256]; + int i; + char *p, *q, *r; +#if defined(MBEDTLS_X509_CSR_PARSE_C) + char subject_name[256]; + mbedtls_x509_csr csr; +#endif + mbedtls_x509write_cert crt; + mbedtls_mpi serial; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + const char *pers = "crt example app"; + + /* + * Set to sane values + */ + mbedtls_x509write_crt_init( &crt ); + mbedtls_pk_init( &loaded_issuer_key ); + mbedtls_pk_init( &loaded_subject_key ); + mbedtls_mpi_init( &serial ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_entropy_init( &entropy ); +#if defined(MBEDTLS_X509_CSR_PARSE_C) + mbedtls_x509_csr_init( &csr ); +#endif + mbedtls_x509_crt_init( &issuer_crt ); + memset( buf, 0, 1024 ); + + if( argc == 0 ) + { + usage: + mbedtls_printf( USAGE ); + goto exit; + } + + opt.issuer_crt = DFL_ISSUER_CRT; + opt.request_file = DFL_REQUEST_FILE; + opt.subject_key = DFL_SUBJECT_KEY; + opt.issuer_key = DFL_ISSUER_KEY; + opt.subject_pwd = DFL_SUBJECT_PWD; + opt.issuer_pwd = DFL_ISSUER_PWD; + opt.output_file = DFL_OUTPUT_FILENAME; + opt.subject_name = DFL_SUBJECT_NAME; + opt.issuer_name = DFL_ISSUER_NAME; + opt.not_before = DFL_NOT_BEFORE; + opt.not_after = DFL_NOT_AFTER; + opt.serial = DFL_SERIAL; + opt.selfsign = DFL_SELFSIGN; + opt.is_ca = DFL_IS_CA; + opt.max_pathlen = DFL_MAX_PATHLEN; + opt.key_usage = DFL_KEY_USAGE; + opt.ns_cert_type = DFL_NS_CERT_TYPE; + opt.version = DFL_VERSION - 1; + opt.md = DFL_DIGEST; + opt.subject_identifier = DFL_SUBJ_IDENT; + opt.authority_identifier = DFL_AUTH_IDENT; + opt.basic_constraints = DFL_CONSTRAINTS; + + for( i = 1; i < argc; i++ ) + { + + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "request_file" ) == 0 ) + opt.request_file = q; + else if( strcmp( p, "subject_key" ) == 0 ) + opt.subject_key = q; + else if( strcmp( p, "issuer_key" ) == 0 ) + opt.issuer_key = q; + else if( strcmp( p, "subject_pwd" ) == 0 ) + opt.subject_pwd = q; + else if( strcmp( p, "issuer_pwd" ) == 0 ) + opt.issuer_pwd = q; + else if( strcmp( p, "issuer_crt" ) == 0 ) + opt.issuer_crt = q; + else if( strcmp( p, "output_file" ) == 0 ) + opt.output_file = q; + else if( strcmp( p, "subject_name" ) == 0 ) + { + opt.subject_name = q; + } + else if( strcmp( p, "issuer_name" ) == 0 ) + { + opt.issuer_name = q; + } + else if( strcmp( p, "not_before" ) == 0 ) + { + opt.not_before = q; + } + else if( strcmp( p, "not_after" ) == 0 ) + { + opt.not_after = q; + } + else if( strcmp( p, "serial" ) == 0 ) + { + opt.serial = q; + } + else if( strcmp( p, "authority_identifier" ) == 0 ) + { + opt.authority_identifier = atoi( q ); + if( opt.authority_identifier != 0 && + opt.authority_identifier != 1 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "subject_identifier" ) == 0 ) + { + opt.subject_identifier = atoi( q ); + if( opt.subject_identifier != 0 && + opt.subject_identifier != 1 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "basic_constraints" ) == 0 ) + { + opt.basic_constraints = atoi( q ); + if( opt.basic_constraints != 0 && + opt.basic_constraints != 1 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "md" ) == 0 ) + { + if( strcmp( q, "SHA1" ) == 0 ) + opt.md = MBEDTLS_MD_SHA1; + else if( strcmp( q, "SHA256" ) == 0 ) + opt.md = MBEDTLS_MD_SHA256; + else if( strcmp( q, "SHA512" ) == 0 ) + opt.md = MBEDTLS_MD_SHA512; + else if( strcmp( q, "MD5" ) == 0 ) + opt.md = MBEDTLS_MD_MD5; + else + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "version" ) == 0 ) + { + opt.version = atoi( q ); + if( opt.version < 1 || opt.version > 3 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + opt.version--; + } + else if( strcmp( p, "selfsign" ) == 0 ) + { + opt.selfsign = atoi( q ); + if( opt.selfsign < 0 || opt.selfsign > 1 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "is_ca" ) == 0 ) + { + opt.is_ca = atoi( q ); + if( opt.is_ca < 0 || opt.is_ca > 1 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "max_pathlen" ) == 0 ) + { + opt.max_pathlen = atoi( q ); + if( opt.max_pathlen < -1 || opt.max_pathlen > 127 ) + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + } + else if( strcmp( p, "key_usage" ) == 0 ) + { + while( q != NULL ) + { + if( ( r = strchr( q, ',' ) ) != NULL ) + *r++ = '\0'; + + if( strcmp( q, "digital_signature" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; + else if( strcmp( q, "non_repudiation" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; + else if( strcmp( q, "key_encipherment" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; + else if( strcmp( q, "data_encipherment" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; + else if( strcmp( q, "key_agreement" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; + else if( strcmp( q, "key_cert_sign" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; + else if( strcmp( q, "crl_sign" ) == 0 ) + opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; + else + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + + q = r; + } + } + else if( strcmp( p, "ns_cert_type" ) == 0 ) + { + while( q != NULL ) + { + if( ( r = strchr( q, ',' ) ) != NULL ) + *r++ = '\0'; + + if( strcmp( q, "ssl_client" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; + else if( strcmp( q, "ssl_server" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; + else if( strcmp( q, "email" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; + else if( strcmp( q, "object_signing" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; + else if( strcmp( q, "ssl_ca" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; + else if( strcmp( q, "email_ca" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; + else if( strcmp( q, "object_signing_ca" ) == 0 ) + opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; + else + { + mbedtls_printf( "Invalid argument for option %s\n", p ); + goto usage; + } + + q = r; + } + } + else + goto usage; + } + + mbedtls_printf("\n"); + + /* + * 0. Seed the PRNG + */ + mbedtls_printf( " . Seeding the random number generator..." ); + fflush( stdout ); + + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d - %s\n", + ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + // Parse serial to MPI + // + mbedtls_printf( " . Reading serial number..." ); + fflush( stdout ); + + if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_mpi_read_string " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + // Parse issuer certificate if present + // + if( !opt.selfsign && strlen( opt.issuer_crt ) ) + { + /* + * 1.0.a. Load the certificates + */ + mbedtls_printf( " . Loading the issuer certificate ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name), + &issuer_crt.subject ); + if( ret < 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + opt.issuer_name = issuer_name; + + mbedtls_printf( " ok\n" ); + } + +#if defined(MBEDTLS_X509_CSR_PARSE_C) + // Parse certificate request if present + // + if( !opt.selfsign && strlen( opt.request_file ) ) + { + /* + * 1.0.b. Load the CSR + */ + mbedtls_printf( " . Loading the certificate request ..." ); + fflush( stdout ); + + if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name), + &csr.subject ); + if( ret < 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + opt.subject_name = subject_name; + subject_key = &csr.pk; + + mbedtls_printf( " ok\n" ); + } +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + + /* + * 1.1. Load the keys + */ + if( !opt.selfsign && !strlen( opt.request_file ) ) + { + mbedtls_printf( " . Loading the subject key ..." ); + fflush( stdout ); + + ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key, + opt.subject_pwd ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } + + mbedtls_printf( " . Loading the issuer key ..." ); + fflush( stdout ); + + ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key, + opt.issuer_pwd ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " + "returned -x%02x - %s\n\n", -ret, buf ); + goto exit; + } + + // Check if key and issuer certificate match + // + if( strlen( opt.issuer_crt ) ) + { + if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key ) != 0 ) + { + mbedtls_printf( " failed\n ! issuer_key does not match " + "issuer certificate\n\n" ); + goto exit; + } + } + + mbedtls_printf( " ok\n" ); + + if( opt.selfsign ) + { + opt.subject_name = opt.issuer_name; + subject_key = issuer_key; + } + + mbedtls_x509write_crt_set_subject_key( &crt, subject_key ); + mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key ); + + /* + * 1.0. Check the names for validity + */ + if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " . Setting certificate values ..." ); + fflush( stdout ); + + mbedtls_x509write_crt_set_version( &crt, opt.version ); + mbedtls_x509write_crt_set_md_alg( &crt, opt.md ); + + ret = mbedtls_x509write_crt_set_serial( &crt, &serial ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.basic_constraints != 0 ) + { + mbedtls_printf( " . Adding the Basic Constraints extension ..." ); + fflush( stdout ); + + ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca, + opt.max_pathlen ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } + +#if defined(MBEDTLS_SHA1_C) + if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.subject_identifier != 0 ) + { + mbedtls_printf( " . Adding the Subject Key Identifier ..." ); + fflush( stdout ); + + ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject" + "_key_identifier returned -0x%04x - %s\n\n", + -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } + + if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.authority_identifier != 0 ) + { + mbedtls_printf( " . Adding the Authority Key Identifier ..." ); + fflush( stdout ); + + ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_" + "key_identifier returned -0x%04x - %s\n\n", + -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } +#endif /* MBEDTLS_SHA1_C */ + + if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.key_usage != 0 ) + { + mbedtls_printf( " . Adding the Key Usage extension ..." ); + fflush( stdout ); + + ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } + + if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.ns_cert_type != 0 ) + { + mbedtls_printf( " . Adding the NS Cert Type extension ..." ); + fflush( stdout ); + + ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type ); + if( ret != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type " + "returned -0x%04x - %s\n\n", -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + } + + /* + * 1.2. Writing the certificate + */ + mbedtls_printf( " . Writing the certificate..." ); + fflush( stdout ); + + if( ( ret = write_certificate( &crt, opt.output_file, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_strerror( ret, buf, 1024 ); + mbedtls_printf( " failed\n ! write_certificate -0x%04x - %s\n\n", + -ret, buf ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: +#if defined(MBEDTLS_X509_CSR_PARSE_C) + mbedtls_x509_csr_free( &csr ); +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + mbedtls_x509_crt_free( &issuer_crt ); + mbedtls_x509write_crt_free( &crt ); + mbedtls_pk_free( &loaded_subject_key ); + mbedtls_pk_free( &loaded_issuer_key ); + mbedtls_mpi_free( &serial ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C && + MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_ERROR_C && MBEDTLS_PEM_WRITE_C */ diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c new file mode 100644 index 000000000..a95157067 --- /dev/null +++ b/programs/x509/crl_app.c @@ -0,0 +1,164 @@ +/* + * CRL reading application + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/x509_crl.h" + +#include +#include +#include + +#define DFL_FILENAME "crl.pem" +#define DFL_DEBUG_LEVEL 0 + +#define USAGE \ + "\n usage: crl_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: crl.pem\n" \ + "\n" + +#if defined(MBEDTLS_CHECK_PARAMS) +#define mbedtls_exit exit +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *filename; /* filename of the certificate file */ +} opt; + +int main( int argc, char *argv[] ) +{ + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + unsigned char buf[100000]; + mbedtls_x509_crl crl; + int i; + char *p, *q; + + /* + * Set to sane values + */ + mbedtls_x509_crl_init( &crl ); + + if( argc == 0 ) + { + usage: + mbedtls_printf( USAGE ); + goto exit; + } + + opt.filename = DFL_FILENAME; + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "filename" ) == 0 ) + opt.filename = q; + else + goto usage; + } + + /* + * 1.1. Load the CRL + */ + mbedtls_printf( "\n . Loading the CRL ..." ); + fflush( stdout ); + + ret = mbedtls_x509_crl_parse_file( &crl, opt.filename ); + + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret ); + mbedtls_x509_crl_free( &crl ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1.2 Print the CRL + */ + mbedtls_printf( " . CRL information ...\n" ); + ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); + if( ret == -1 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret ); + mbedtls_x509_crl_free( &crl ); + goto exit; + } + + mbedtls_printf( "%s\n", buf ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + mbedtls_x509_crl_free( &crl ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C && + MBEDTLS_FS_IO */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c new file mode 100644 index 000000000..04ad119f7 --- /dev/null +++ b/programs/x509/req_app.c @@ -0,0 +1,164 @@ +/* + * Certificate request reading application + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) +int main( void ) +{ + mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + return( 0 ); +} +#else + +#include "mbedtls/x509_csr.h" + +#include +#include +#include + +#define DFL_FILENAME "cert.req" +#define DFL_DEBUG_LEVEL 0 + +#define USAGE \ + "\n usage: req_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: cert.req\n" \ + "\n" + +#if defined(MBEDTLS_CHECK_PARAMS) +#define mbedtls_exit exit +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +/* + * global options + */ +struct options +{ + const char *filename; /* filename of the certificate request */ +} opt; + +int main( int argc, char *argv[] ) +{ + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + unsigned char buf[100000]; + mbedtls_x509_csr csr; + int i; + char *p, *q; + + /* + * Set to sane values + */ + mbedtls_x509_csr_init( &csr ); + + if( argc == 0 ) + { + usage: + mbedtls_printf( USAGE ); + goto exit; + } + + opt.filename = DFL_FILENAME; + + for( i = 1; i < argc; i++ ) + { + p = argv[i]; + if( ( q = strchr( p, '=' ) ) == NULL ) + goto usage; + *q++ = '\0'; + + if( strcmp( p, "filename" ) == 0 ) + opt.filename = q; + else + goto usage; + } + + /* + * 1.1. Load the CSR + */ + mbedtls_printf( "\n . Loading the CSR ..." ); + fflush( stdout ); + + ret = mbedtls_x509_csr_parse_file( &csr, opt.filename ); + + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret ); + mbedtls_x509_csr_free( &csr ); + goto exit; + } + + mbedtls_printf( " ok\n" ); + + /* + * 1.2 Print the CSR + */ + mbedtls_printf( " . CSR information ...\n" ); + ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); + if( ret == -1 ) + { + mbedtls_printf( " failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret ); + mbedtls_x509_csr_free( &csr ); + goto exit; + } + + mbedtls_printf( "%s\n", buf ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + mbedtls_x509_csr_free( &csr ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C && + MBEDTLS_FS_IO */ diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index e85fd70c2..cfb384d45 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -13,6 +13,8 @@ ## Tools OPENSSL ?= openssl FAKETIME ?= faketime +MBEDTLS_CERT_WRITE ?= $(PWD)/../../programs/x509/cert_write +MBEDTLS_CERT_REQ ?= $(PWD)/../../programs/x509/cert_req ## Build the generated test data. Note that since the final outputs diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj new file mode 100644 index 000000000..ee7b4a152 --- /dev/null +++ b/visualc/VS2010/cert_app.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {D4D691D4-137C-CBFA-735B-D46636D7E4D8} + Win32Proj + cert_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj new file mode 100644 index 000000000..2645e86a4 --- /dev/null +++ b/visualc/VS2010/cert_req.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE} + Win32Proj + cert_req + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj new file mode 100644 index 000000000..f714d952d --- /dev/null +++ b/visualc/VS2010/cert_write.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {35E52E46-3BA9-4361-41D3-53663C2E9B8A} + Win32Proj + cert_write + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj new file mode 100644 index 000000000..b218a8909 --- /dev/null +++ b/visualc/VS2010/crl_app.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {DB904B85-AD31-B7FB-114F-88760CC485F2} + Win32Proj + crl_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj new file mode 100644 index 000000000..d9834354d --- /dev/null +++ b/visualc/VS2010/dtls_client.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5} + Win32Proj + dtls_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj new file mode 100644 index 000000000..9fb41f74c --- /dev/null +++ b/visualc/VS2010/dtls_server.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317} + Win32Proj + dtls_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 9292b2562..9645016d1 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -128,6 +128,51 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_c {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_server", "dtls_server.vcxproj", "{BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client1", "ssl_client1.vcxproj", "{487A2F80-3CA3-678D-88D5-82194872CF08}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client2", "ssl_client2.vcxproj", "{4E590E9D-E28F-87FF-385B-D58736388231}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server", "ssl_server.vcxproj", "{E08E0065-896A-7487-DEA5-D3B80B71F975}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server2", "ssl_server2.vcxproj", "{A4DA7463-1047-BDF5-E1B3-5632CB573F41}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_fork_server", "ssl_fork_server.vcxproj", "{918CD402-047D-8467-E11C-E1132053F916}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mini_client", "mini_client.vcxproj", "{C4FE29EA-266D-5295-4840-976B9B5B3843}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_mail_client", "ssl_mail_client.vcxproj", "{7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_entropy", "gen_entropy.vcxproj", "{DE695064-13C3-18B0-378D-8B22672BF3F4}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -153,6 +198,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "selftest", "selftest.vcxpro {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udp_proxy", "udp_proxy.vcxproj", "{7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "zeroize", "zeroize.vcxproj", "{10C01E94-4926-063E-9F56-C84ED190D349}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -173,6 +223,31 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "strerror", "strerror.vcxpro {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_app", "cert_app.vcxproj", "{D4D691D4-137C-CBFA-735B-D46636D7E4D8}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crl_app", "crl_app.vcxproj", "{DB904B85-AD31-B7FB-114F-88760CC485F2}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_req", "cert_req.vcxproj", "{C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_write", "cert_write.vcxproj", "{35E52E46-3BA9-4361-41D3-53663C2E9B8A}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "req_app", "req_app.vcxproj", "{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Win32 = Debug|Win32 @@ -389,6 +464,78 @@ Global {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32 {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64 {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.Build.0 = Debug|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.ActiveCfg = Release|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.Build.0 = Release|Win32 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.ActiveCfg = Release|x64 + {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.Build.0 = Release|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.ActiveCfg = Debug|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.Build.0 = Debug|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.ActiveCfg = Debug|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.Build.0 = Debug|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.ActiveCfg = Release|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.Build.0 = Release|Win32 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.ActiveCfg = Release|x64 + {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.Build.0 = Release|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.ActiveCfg = Debug|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.Build.0 = Debug|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.ActiveCfg = Debug|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.Build.0 = Debug|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.ActiveCfg = Release|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.Build.0 = Release|Win32 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.ActiveCfg = Release|x64 + {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.Build.0 = Release|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.ActiveCfg = Debug|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.Build.0 = Debug|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.ActiveCfg = Debug|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.Build.0 = Debug|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.ActiveCfg = Release|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.Build.0 = Release|Win32 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.ActiveCfg = Release|x64 + {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.Build.0 = Release|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.ActiveCfg = Debug|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.Build.0 = Debug|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.ActiveCfg = Debug|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.Build.0 = Debug|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.ActiveCfg = Release|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.Build.0 = Release|Win32 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.ActiveCfg = Release|x64 + {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.Build.0 = Release|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.ActiveCfg = Debug|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.Build.0 = Debug|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.ActiveCfg = Debug|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.Build.0 = Debug|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.ActiveCfg = Release|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.Build.0 = Release|Win32 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.ActiveCfg = Release|x64 + {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.Build.0 = Release|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.ActiveCfg = Debug|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.Build.0 = Debug|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.ActiveCfg = Debug|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.Build.0 = Debug|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.ActiveCfg = Release|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.Build.0 = Release|Win32 + {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.ActiveCfg = Release|x64 + {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.Build.0 = Release|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.ActiveCfg = Debug|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.Build.0 = Debug|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.ActiveCfg = Debug|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.Build.0 = Debug|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.ActiveCfg = Release|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.Build.0 = Release|Win32 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.ActiveCfg = Release|x64 + {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.Build.0 = Release|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.ActiveCfg = Debug|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.Build.0 = Debug|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.ActiveCfg = Debug|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.Build.0 = Debug|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.ActiveCfg = Release|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.Build.0 = Release|Win32 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.ActiveCfg = Release|x64 + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.Build.0 = Release|x64 {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.ActiveCfg = Debug|Win32 {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.Build.0 = Debug|Win32 {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.ActiveCfg = Debug|x64 @@ -429,6 +576,14 @@ Global {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.Build.0 = Release|Win32 {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.ActiveCfg = Release|x64 {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.Build.0 = Release|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.ActiveCfg = Debug|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.Build.0 = Debug|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.ActiveCfg = Debug|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.Build.0 = Debug|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.ActiveCfg = Release|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.Build.0 = Release|Win32 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.ActiveCfg = Release|x64 + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.Build.0 = Release|x64 {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.ActiveCfg = Debug|Win32 {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.Build.0 = Debug|Win32 {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.ActiveCfg = Debug|x64 @@ -461,6 +616,46 @@ Global {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.Build.0 = Release|Win32 {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.ActiveCfg = Release|x64 {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.Build.0 = Release|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.ActiveCfg = Debug|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.Build.0 = Debug|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.ActiveCfg = Debug|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.Build.0 = Debug|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.ActiveCfg = Release|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.Build.0 = Release|Win32 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.ActiveCfg = Release|x64 + {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.Build.0 = Release|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.ActiveCfg = Debug|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.Build.0 = Debug|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.ActiveCfg = Debug|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.Build.0 = Debug|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.ActiveCfg = Release|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.Build.0 = Release|Win32 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.ActiveCfg = Release|x64 + {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.Build.0 = Release|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.ActiveCfg = Debug|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.Build.0 = Debug|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.ActiveCfg = Debug|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.Build.0 = Debug|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.ActiveCfg = Release|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.Build.0 = Release|Win32 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.ActiveCfg = Release|x64 + {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.Build.0 = Release|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.ActiveCfg = Debug|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.Build.0 = Debug|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.ActiveCfg = Debug|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.Build.0 = Debug|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.ActiveCfg = Release|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.Build.0 = Release|Win32 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.ActiveCfg = Release|x64 + {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.Build.0 = Release|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.ActiveCfg = Debug|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.Build.0 = Debug|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.ActiveCfg = Debug|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.Build.0 = Debug|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.ActiveCfg = Release|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.Build.0 = Release|Win32 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.ActiveCfg = Release|x64 + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.Build.0 = Release|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj new file mode 100644 index 000000000..1f19a10e9 --- /dev/null +++ b/visualc/VS2010/mini_client.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {C4FE29EA-266D-5295-4840-976B9B5B3843} + Win32Proj + mini_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj new file mode 100644 index 000000000..70e9e1524 --- /dev/null +++ b/visualc/VS2010/req_app.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {486B1375-5CFA-C2D2-DD89-C9F497BADCB3} + Win32Proj + req_app + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj new file mode 100644 index 000000000..2b188fe30 --- /dev/null +++ b/visualc/VS2010/ssl_client1.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {487A2F80-3CA3-678D-88D5-82194872CF08} + Win32Proj + ssl_client1 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj new file mode 100644 index 000000000..21a6f6be0 --- /dev/null +++ b/visualc/VS2010/ssl_client2.vcxproj @@ -0,0 +1,178 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {4E590E9D-E28F-87FF-385B-D58736388231} + Win32Proj + ssl_client2 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj new file mode 100644 index 000000000..e4fd3620a --- /dev/null +++ b/visualc/VS2010/ssl_fork_server.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {918CD402-047D-8467-E11C-E1132053F916} + Win32Proj + ssl_fork_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj new file mode 100644 index 000000000..5341ff5dc --- /dev/null +++ b/visualc/VS2010/ssl_mail_client.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD} + Win32Proj + ssl_mail_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj new file mode 100644 index 000000000..eccee4f92 --- /dev/null +++ b/visualc/VS2010/ssl_server.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {E08E0065-896A-7487-DEA5-D3B80B71F975} + Win32Proj + ssl_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj new file mode 100644 index 000000000..0f7d5e75f --- /dev/null +++ b/visualc/VS2010/ssl_server2.vcxproj @@ -0,0 +1,178 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {A4DA7463-1047-BDF5-E1B3-5632CB573F41} + Win32Proj + ssl_server2 + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj new file mode 100644 index 000000000..10b28cde1 --- /dev/null +++ b/visualc/VS2010/udp_proxy.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A} + Win32Proj + udp_proxy + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + From 5bb8bec1de91e8d497446ccfc066db8802600218 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:11:43 +0100 Subject: [PATCH 2179/2197] Revert "Remove zlib" This reverts commit d874a1fd14bdf3df8ee232f539ac613adaae648c. Conflicts: * CMakeLists.txt: * ENABLE_ZLIB_SUPPORT: there has been a change immediately after where it was removed. Just re-add what was removed. * tests/CMakeLists.txt: * ENABLE_ZLIB_SUPPORT: there has been a change immediately after where it was removed. Just re-add what was removed. --- CMakeLists.txt | 10 ++++++++++ library/CMakeLists.txt | 4 ++++ programs/Makefile | 5 +++++ programs/test/CMakeLists.txt | 4 ++++ tests/CMakeLists.txt | 4 ++++ tests/Makefile | 5 +++++ 6 files changed, 32 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 6d5332d1a..4d40eea6a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -8,6 +8,8 @@ endif() # Set the project root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) +option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) + option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) @@ -179,6 +181,14 @@ endif() include_directories(include/) include_directories(library/) +if(ENABLE_ZLIB_SUPPORT) + find_package(ZLIB) + + if(ZLIB_FOUND) + include_directories(${ZLIB_INCLUDE_DIR}) + endif(ZLIB_FOUND) +endif(ENABLE_ZLIB_SUPPORT) + add_subdirectory(include) add_subdirectory(3rdparty) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 8db082862..a602a6bfd 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -148,6 +148,10 @@ if(HAIKU) set(libs ${libs} network) endif(HAIKU) +if(ENABLE_ZLIB_SUPPORT) + set(libs ${libs} ${ZLIB_LIBRARIES}) +endif(ENABLE_ZLIB_SUPPORT) + if(LINK_WITH_PTHREAD) set(libs ${libs} pthread) endif() diff --git a/programs/Makefile b/programs/Makefile index c5ac76749..65a31b1b8 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -44,6 +44,11 @@ EXEXT= SHARED_SUFFIX= endif +# Zlib shared library extensions: +ifdef ZLIB +LOCAL_LDFLAGS += -lz +endif + APPS = \ aes/aescrypt2$(EXEXT) \ aes/crypt_and_hash$(EXEXT) \ diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 59f8d54f1..0d2b9460a 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -2,6 +2,10 @@ set(libs mbedtls ) +if(ENABLE_ZLIB_SUPPORT) + set(libs ${libs} ${ZLIB_LIBRARIES}) +endif(ENABLE_ZLIB_SUPPORT) + add_executable(selftest selftest.c) target_link_libraries(selftest ${libs}) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index a1194e520..ecc33eec0 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -9,6 +9,10 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() +if(ENABLE_ZLIB_SUPPORT) + set(libs ${libs} ${ZLIB_LIBRARIES}) +endif(ENABLE_ZLIB_SUPPORT) + find_package(PythonInterp) if(NOT PYTHONINTERP_FOUND) message(FATAL_ERROR "Cannot build test suites without Python 2 or 3") diff --git a/tests/Makefile b/tests/Makefile index 3203b883e..cca7c1cf0 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -55,6 +55,11 @@ SHARED_SUFFIX= PYTHON ?= python2 endif +# Zlib shared library extensions: +ifdef ZLIB +LOCAL_LDFLAGS += -lz +endif + # A test application is built for each suites/test_suite_*.data file. # Application name is same as .data file's base name and can be # constructed by stripping path 'suites/' and extension .data. From 6bbe78390804f5fa6247df62df4cc45b5a790822 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:13:28 +0100 Subject: [PATCH 2180/2197] Revert "Remove pkcs11-helper option" This reverts commit d832f187f756079552601867348d924582bf65de. Conflicts: * CMakeLists.txt: * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before where it was removed. Just re-add what was removed. * tests/CMakeLists.txt: * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before where it was removed. Just re-add what was removed. --- CMakeLists.txt | 1 + library/CMakeLists.txt | 4 ++++ programs/Makefile | 1 + programs/test/CMakeLists.txt | 4 ++++ tests/CMakeLists.txt | 4 ++++ tests/Makefile | 1 + 6 files changed, 15 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 4d40eea6a..9c6fb5cd3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -8,6 +8,7 @@ endif() # Set the project root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) +option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF) option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index a602a6bfd..0053f09b0 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -148,6 +148,10 @@ if(HAIKU) set(libs ${libs} network) endif(HAIKU) +if(USE_PKCS11_HELPER_LIBRARY) + set(libs ${libs} pkcs11-helper) +endif(USE_PKCS11_HELPER_LIBRARY) + if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) diff --git a/programs/Makefile b/programs/Makefile index 65a31b1b8..feec28841 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -1,5 +1,6 @@ # To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS +# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -Wextra diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 0d2b9460a..64ed379e7 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -2,6 +2,10 @@ set(libs mbedtls ) +if(USE_PKCS11_HELPER_LIBRARY) + set(libs ${libs} pkcs11-helper) +endif(USE_PKCS11_HELPER_LIBRARY) + if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index ecc33eec0..5cc7a0ac2 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -9,6 +9,10 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() +if(USE_PKCS11_HELPER_LIBRARY) + set(libs ${libs} pkcs11-helper) +endif(USE_PKCS11_HELPER_LIBRARY) + if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) diff --git a/tests/Makefile b/tests/Makefile index cca7c1cf0..ae9ba85ff 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,5 +1,6 @@ # To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS +# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -Wextra From b85b20dfdcd16cf0b28842a7e8cfcbd6bad5bc3b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:42:43 +0100 Subject: [PATCH 2181/2197] Revert "tests: Add a crypto prefix to submodule tests" This reverts commit b478bb6ddbb1f3b7969ad9d6ccfdb0fa6d4843bd. Conflicts: * tests/CMakeLists.txt: revert the introduction of exe_name, but keep the addition of ${CMAKE_SOURCE_DIR}/crypto/library/ to target_include_directories. --- tests/CMakeLists.txt | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 5cc7a0ac2..19135c132 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -47,25 +47,18 @@ function(add_test_suite suite_name) DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data ) - set(exe_name test_suite_${data_name}) - # Add a prefix to differentiate these tests from those of the parent - # module, when this project is built as a submodule. - if(USE_CRYPTO_SUBMODULE) - set(exe_name crypto.${exe_name}) - endif() - include_directories(${CMAKE_CURRENT_SOURCE_DIR}) - add_executable(${exe_name} test_suite_${data_name}.c) - target_link_libraries(${exe_name} ${libs}) - target_include_directories(${exe_name} - PUBLIC ${MBEDTLS_DIR}/include/ - PUBLIC ${MBEDTLS_DIR}/crypto/include/ - PUBLIC ${MBEDTLS_DIR}/crypto/library/) + add_executable(test_suite_${data_name} test_suite_${data_name}.c) + target_link_libraries(test_suite_${data_name} ${libs}) + target_include_directories(test_suite_${data_name} + PUBLIC ${CMAKE_SOURCE_DIR}/include/ + PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/ + PUBLIC ${CMAKE_SOURCE_DIR}/crypto/library/) if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") else() - add_test(${data_name}-suite ${exe_name} --verbose) + add_test(${data_name}-suite test_suite_${data_name} --verbose) endif() endfunction(add_test_suite) From 5748757615a945016e5be484018e0c454f367f96 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:43:46 +0100 Subject: [PATCH 2182/2197] Revert "tests: Exclude version suite when used as a submodule" This reverts commit 1264c2a86f0b578b6f82a4c1993a22cbbe956a27. --- tests/CMakeLists.txt | 4 +--- tests/Makefile | 9 --------- 2 files changed, 1 insertion(+), 12 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 19135c132..6b1679c5e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -151,10 +151,8 @@ add_test_suite(psa_its) add_test_suite(shax) add_test_suite(timing) add_test_suite(rsa) +add_test_suite(version) add_test_suite(xtea) -if (NOT USE_CRYPTO_SUBMODULE) - add_test_suite(version) -endif() # Make scripts and data files needed for testing available in an # out-of-source build. diff --git a/tests/Makefile b/tests/Makefile index ae9ba85ff..15564c55e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -66,15 +66,6 @@ endif # constructed by stripping path 'suites/' and extension .data. APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data))) -# When this project is used as a submodule, exclude the following list of -# tests, which will be run from the parent module instead. -ifdef USE_CRYPTO_SUBMODULE -APPS := $(filter-out \ - test_suite_version \ - ,$(APPS)) -endif - - # Construct executable name by adding OS specific suffix $(EXEXT). BINARIES := $(addsuffix $(EXEXT),$(APPS)) From 1a9c624fcea3e2cd6fc1aa756e6ae8e2d57a9c2e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:45:22 +0100 Subject: [PATCH 2183/2197] Revert "tests: Use parent module includes when used as a submodule" This reverts commit 120d571e8e835afde4a5c31fdc26c2452c0b54d7. Conflicts: * tests/CMakeLists.txt: * target_include_directories: the instruction whose addition is to be reverted has changed. Remove what is there now. --- tests/CMakeLists.txt | 4 ---- tests/Makefile | 3 +-- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 6b1679c5e..49bff1325 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -50,10 +50,6 @@ function(add_test_suite suite_name) include_directories(${CMAKE_CURRENT_SOURCE_DIR}) add_executable(test_suite_${data_name} test_suite_${data_name}.c) target_link_libraries(test_suite_${data_name} ${libs}) - target_include_directories(test_suite_${data_name} - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/library/) if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX}) message(STATUS "The test suite ${data_name} will not be executed.") diff --git a/tests/Makefile b/tests/Makefile index 15564c55e..e74bf9548 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -6,8 +6,7 @@ CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -Wextra LDFLAGS ?= -CRYPTO_INCLUDES ?= -I../include -LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -I../library -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -I../library -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = -L../library \ -lmbedtls$(SHARED_SUFFIX) \ -lmbedx509$(SHARED_SUFFIX) \ From 7dc97048d65068b1577176a55b8d12bf88faa3a5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:48:43 +0100 Subject: [PATCH 2184/2197] Revert "Remove tests that depend on TLS or X.509" This reverts commit 9afb2e992136db3fae9a669c3faaf6d5d27602a8. Conflicts: * include/CMakeLists.txt * "Make config.h available" comment: there has been a change adjacent to where it was removed. Just re-add what was removed. * tests/CMakeLists.txt: * compat.sh: there has been a change immediately before where it was removed. Just re-add what was removed. --- .travis.yml | 5 + CMakeLists.txt | 2 + Makefile | 2 + configs/config-mini-tls1_1.h | 3 + configs/config-thread.h | 4 + include/CMakeLists.txt | 2 +- scripts/output_env.sh | 37 + tests/CMakeLists.txt | 6 + tests/Descriptions.txt | 14 +- tests/compat.sh | 1414 ++++ tests/scripts/basic-build-test.sh | 87 +- tests/scripts/key-exchanges.pl | 62 + tests/scripts/tcp_client.pl | 86 + tests/scripts/test-ref-configs.pl | 32 +- tests/scripts/travis-log-failure.sh | 36 + tests/ssl-opt.sh | 7707 ++++++++++++++++++++ tests/suites/test_suite_debug.data | 64 + tests/suites/test_suite_debug.function | 195 + tests/suites/test_suite_ssl.data | 59 + tests/suites/test_suite_ssl.function | 54 + tests/suites/test_suite_x509parse.data | 1995 +++++ tests/suites/test_suite_x509parse.function | 861 +++ tests/suites/test_suite_x509write.data | 105 + tests/suites/test_suite_x509write.function | 338 + 24 files changed, 13166 insertions(+), 4 deletions(-) create mode 100755 tests/compat.sh create mode 100755 tests/scripts/key-exchanges.pl create mode 100755 tests/scripts/tcp_client.pl create mode 100755 tests/scripts/travis-log-failure.sh create mode 100755 tests/ssl-opt.sh create mode 100644 tests/suites/test_suite_debug.data create mode 100644 tests/suites/test_suite_debug.function create mode 100644 tests/suites/test_suite_ssl.data create mode 100644 tests/suites/test_suite_ssl.function create mode 100644 tests/suites/test_suite_x509parse.data create mode 100644 tests/suites/test_suite_x509parse.function create mode 100644 tests/suites/test_suite_x509write.data create mode 100644 tests/suites/test_suite_x509write.function diff --git a/.travis.yml b/.travis.yml index 6a9b6f611..0ec09711f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,8 +16,13 @@ script: - make - make test - programs/test/selftest +- OSSL_NO_DTLS=1 tests/compat.sh +- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' --seed 4 - tests/scripts/test-ref-configs.pl - tests/scripts/curves.pl +- tests/scripts/key-exchanges.pl +after_failure: +- tests/scripts/travis-log-failure.sh env: global: - SEED=1 diff --git a/CMakeLists.txt b/CMakeLists.txt index 9c6fb5cd3..1e3098cd9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -218,6 +218,8 @@ if(ENABLE_TESTING) ADD_CUSTOM_TARGET(covtest COMMAND make test COMMAND programs/test/selftest + COMMAND tests/compat.sh + COMMAND tests/ssl-opt.sh ) ADD_CUSTOM_TARGET(lcov diff --git a/Makefile b/Makefile index 026c6371b..8e72bd17d 100644 --- a/Makefile +++ b/Makefile @@ -101,6 +101,8 @@ ifndef WINDOWS covtest: $(MAKE) check programs/test/selftest + tests/compat.sh + tests/ssl-opt.sh lcov: rm -rf Coverage diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h index d4743bb22..013bc0300 100644 --- a/configs/config-mini-tls1_1.h +++ b/configs/config-mini-tls1_1.h @@ -70,6 +70,9 @@ #define MBEDTLS_CERTS_C #define MBEDTLS_PEM_PARSE_C +/* For testing with compat.sh */ +#define MBEDTLS_FS_IO + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-thread.h b/configs/config-thread.h index f729a0381..25db16bf0 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -75,6 +75,10 @@ #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C +/* For tests using ssl-opt.sh */ +#define MBEDTLS_NET_C +#define MBEDTLS_TIMING_C + /* Save RAM at the expense of ROM */ #define MBEDTLS_AES_ROM_TABLES diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 02f924df4..62c0f620a 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -15,7 +15,7 @@ if(INSTALL_MBEDTLS_HEADERS) endif(INSTALL_MBEDTLS_HEADERS) -# Make config.h available in an out-of-source build. +# Make config.h available in an out-of-source build. ssl-opt.sh requires it. if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) link_to_source(mbedtls) link_to_source(psa) diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 132963c04..c809d46fe 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -15,6 +15,7 @@ # - type and version of the operating system # - version of armcc, clang, gcc-arm and gcc compilers # - version of libc, clang, asan and valgrind if installed +# - version of gnuTLS and OpenSSL print_version() { @@ -73,6 +74,42 @@ echo print_version "valgrind" "--version" "valgrind not found!" echo +: ${OPENSSL:=openssl} +print_version "$OPENSSL" "version" "openssl not found!" +echo + +if [ -n "${OPENSSL_LEGACY+set}" ]; then + print_version "$OPENSSL_LEGACY" "version" "openssl legacy version not found!" + echo +fi + +if [ -n "${OPENSSL_NEXT+set}" ]; then + print_version "$OPENSSL_NEXT" "version" "openssl next version not found!" + echo +fi + +: ${GNUTLS_CLI:=gnutls-cli} +print_version "$GNUTLS_CLI" "--version" "gnuTLS client not found!" "head -n 1" +echo + +: ${GNUTLS_SERV:=gnutls-serv} +print_version "$GNUTLS_SERV" "--version" "gnuTLS server not found!" "head -n 1" +echo + +if [ -n "${GNUTLS_LEGACY_CLI+set}" ]; then + print_version "$GNUTLS_LEGACY_CLI" "--version" \ + "gnuTLS client legacy version not found!" \ + "head -n 1" + echo +fi + +if [ -n "${GNUTLS_LEGACY_SERV+set}" ]; then + print_version "$GNUTLS_LEGACY_SERV" "--version" \ + "gnuTLS server legacy version not found!" \ + "head -n 1" + echo +fi + if `hash dpkg > /dev/null 2>&1`; then echo "* asan:" dpkg -s libasan2 2> /dev/null | grep -i version diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 49bff1325..d132ddb5e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -99,6 +99,7 @@ add_test_suite(cipher cipher.null) add_test_suite(cipher cipher.padding) add_test_suite(cmac) add_test_suite(ctr_drbg) +add_test_suite(debug) add_test_suite(des) add_test_suite(dhm) add_test_suite(ecdh) @@ -145,10 +146,13 @@ add_test_suite(psa_crypto_se_driver_hal_mocks) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_its) add_test_suite(shax) +add_test_suite(ssl) add_test_suite(timing) add_test_suite(rsa) add_test_suite(version) add_test_suite(xtea) +add_test_suite(x509parse) +add_test_suite(x509write) # Make scripts and data files needed for testing available in an # out-of-source build. @@ -156,7 +160,9 @@ if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/seedfile") link_to_source(seedfile) endif() + link_to_source(compat.sh) link_to_source(data_files) link_to_source(scripts) + link_to_source(ssl-opt.sh) link_to_source(suites) endif() diff --git a/tests/Descriptions.txt b/tests/Descriptions.txt index 3e9b25565..8b13bb39f 100644 --- a/tests/Descriptions.txt +++ b/tests/Descriptions.txt @@ -2,9 +2,21 @@ test_suites The various 'test_suite_XXX' programs from the 'tests' directory, executed using 'make check' (Unix make) or 'make test' (Cmake), include test cases (reference test vectors, sanity checks, malformed input for parsing - functions, etc.) for all modules. + functions, etc.) for all modules except the SSL modules. selftests The 'programs/test/selftest' program runs the 'XXX_self_test()' functions of each individual module. Most of them are included in the respective test suite, but some slower ones are only included here. + +compat + The 'tests/compat.sh' script checks interoperability with OpenSSL and + GnuTLS (and ourselves!) for every common ciphersuite, in every TLS + version, both ways (client/server), using client authentication or not. + For each ciphersuite/version/side/authmode it performs a full handshake + and a small data exchange. + +ssl_opt + The 'tests/ssl-opt.sh' script checks various options and/or operations not + covered by compat.sh: session resumption (using session cache or tickets), + renegotiation, SNI, other extensions, etc. diff --git a/tests/compat.sh b/tests/compat.sh new file mode 100755 index 000000000..0eae1eab3 --- /dev/null +++ b/tests/compat.sh @@ -0,0 +1,1414 @@ +#!/bin/sh + +# compat.sh +# +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2012-2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# Test interoperbility with OpenSSL, GnuTLS as well as itself. +# +# Check each common ciphersuite, with each version, both ways (client/server), +# with and without client authentication. + +set -u + +# initialise counters +TESTS=0 +FAILED=0 +SKIPPED=0 +SRVMEM=0 + +# default commands, can be overridden by the environment +: ${M_SRV:=../programs/ssl/ssl_server2} +: ${M_CLI:=../programs/ssl/ssl_client2} +: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system +: ${GNUTLS_CLI:=gnutls-cli} +: ${GNUTLS_SERV:=gnutls-serv} + +# do we have a recent enough GnuTLS? +if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then + G_VER="$( $GNUTLS_CLI --version | head -n1 )" + if echo "$G_VER" | grep '@VERSION@' > /dev/null; then # git version + PEER_GNUTLS=" GnuTLS" + else + eval $( echo $G_VER | sed 's/.* \([0-9]*\)\.\([0-9]\)*\.\([0-9]*\)$/MAJOR="\1" MINOR="\2" PATCH="\3"/' ) + if [ $MAJOR -lt 3 -o \ + \( $MAJOR -eq 3 -a $MINOR -lt 2 \) -o \ + \( $MAJOR -eq 3 -a $MINOR -eq 2 -a $PATCH -lt 15 \) ] + then + PEER_GNUTLS="" + else + PEER_GNUTLS=" GnuTLS" + if [ $MINOR -lt 4 ]; then + GNUTLS_MINOR_LT_FOUR='x' + fi + fi + fi +else + PEER_GNUTLS="" +fi + +# default values for options +MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2" +VERIFIES="NO YES" +TYPES="ECDSA RSA PSK" +FILTER="" +# exclude: +# - NULL: excluded from our default config +# - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions +# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL) +# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1 +# - ChachaPoly: requires OpenSSL >= 1.1.0 +# - 3DES: not in default config +EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305' +VERBOSE="" +MEMCHECK=0 +PEERS="OpenSSL$PEER_GNUTLS mbedTLS" + +# hidden option: skip DTLS with OpenSSL +# (travis CI has a version that doesn't work for us) +: ${OSSL_NO_DTLS:=0} + +print_usage() { + echo "Usage: $0" + printf " -h|--help\tPrint this help.\n" + printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')\n" + printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')\n" + printf " -m|--modes\tWhich modes to perform (Default: '$MODES')\n" + printf " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')\n" + printf " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')\n" + printf " -p|--peers\tWhich peers to use (Default: '$PEERS')\n" + printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" + printf " -M|--memcheck\tCheck memory leaks and errors.\n" + printf " -v|--verbose\tSet verbose output.\n" +} + +get_options() { + while [ $# -gt 0 ]; do + case "$1" in + -f|--filter) + shift; FILTER=$1 + ;; + -e|--exclude) + shift; EXCLUDE=$1 + ;; + -m|--modes) + shift; MODES=$1 + ;; + -t|--types) + shift; TYPES=$1 + ;; + -V|--verify) + shift; VERIFIES=$1 + ;; + -p|--peers) + shift; PEERS=$1 + ;; + -v|--verbose) + VERBOSE=1 + ;; + -M|--memcheck) + MEMCHECK=1 + ;; + -h|--help) + print_usage + exit 0 + ;; + *) + echo "Unknown argument: '$1'" + print_usage + exit 1 + ;; + esac + shift + done + + # sanitize some options (modes checked later) + VERIFIES="$( echo $VERIFIES | tr [a-z] [A-Z] )" + TYPES="$( echo $TYPES | tr [a-z] [A-Z] )" +} + +log() { + if [ "X" != "X$VERBOSE" ]; then + echo "" + echo "$@" + fi +} + +# is_dtls +is_dtls() +{ + test "$1" = "dtls1" -o "$1" = "dtls1_2" +} + +# minor_ver +minor_ver() +{ + case "$1" in + ssl3) + echo 0 + ;; + tls1) + echo 1 + ;; + tls1_1|dtls1) + echo 2 + ;; + tls1_2|dtls1_2) + echo 3 + ;; + *) + echo "error: invalid mode: $MODE" >&2 + # exiting is no good here, typically called in a subshell + echo -1 + esac +} + +filter() +{ + LIST="$1" + NEW_LIST="" + + if is_dtls "$MODE"; then + EXCLMODE="$EXCLUDE"'\|RC4\|ARCFOUR' + else + EXCLMODE="$EXCLUDE" + fi + + for i in $LIST; + do + NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLMODE" )" + done + + # normalize whitespace + echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//' +} + +# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for +# PSK ciphersuites with DTLS, which is incorrect, so disable them for now +check_openssl_server_bug() +{ + if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \ + echo "$1" | grep "^TLS-PSK" >/dev/null; + then + SKIP_NEXT="YES" + fi +} + +filter_ciphersuites() +{ + if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ]; + then + # Ciphersuite for mbed TLS + M_CIPHERS=$( filter "$M_CIPHERS" ) + + # Ciphersuite for OpenSSL + O_CIPHERS=$( filter "$O_CIPHERS" ) + + # Ciphersuite for GnuTLS + G_CIPHERS=$( filter "$G_CIPHERS" ) + fi + + # OpenSSL 1.0.1h doesn't support DTLS 1.2 + if [ `minor_ver "$MODE"` -ge 3 ] && is_dtls "$MODE"; then + O_CIPHERS="" + case "$PEER" in + [Oo]pen*) + M_CIPHERS="" + ;; + esac + fi + + # For GnuTLS client -> mbed TLS server, + # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails + if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then + G_CIPHERS="" + fi +} + +reset_ciphersuites() +{ + M_CIPHERS="" + O_CIPHERS="" + G_CIPHERS="" +} + +# Ciphersuites that can be used with all peers. +# Since we currently have three possible peers, each ciphersuite should appear +# three times: in each peer's list (with the name that this peer uses). +add_common_ciphersuites() +{ + case $TYPE in + + "ECDSA") + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-ECDSA-WITH-NULL-SHA \ + TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \ + TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \ + TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \ + TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-ECDSA:+NULL:+SHA1 \ + +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \ + +ECDHE-ECDSA:+3DES-CBC:+SHA1 \ + +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \ + +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \ + " + O_CIPHERS="$O_CIPHERS \ + ECDHE-ECDSA-NULL-SHA \ + ECDHE-ECDSA-RC4-SHA \ + ECDHE-ECDSA-DES-CBC3-SHA \ + ECDHE-ECDSA-AES128-SHA \ + ECDHE-ECDSA-AES256-SHA \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ + TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \ + TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \ + +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \ + +ECDHE-ECDSA:+AES-128-GCM:+AEAD \ + +ECDHE-ECDSA:+AES-256-GCM:+AEAD \ + " + O_CIPHERS="$O_CIPHERS \ + ECDHE-ECDSA-AES128-SHA256 \ + ECDHE-ECDSA-AES256-SHA384 \ + ECDHE-ECDSA-AES128-GCM-SHA256 \ + ECDHE-ECDSA-AES256-GCM-SHA384 \ + " + fi + ;; + + "RSA") + M_CIPHERS="$M_CIPHERS \ + TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + TLS-DHE-RSA-WITH-AES-256-CBC-SHA \ + TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \ + TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \ + TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \ + TLS-RSA-WITH-AES-256-CBC-SHA \ + TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \ + TLS-RSA-WITH-AES-128-CBC-SHA \ + TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \ + TLS-RSA-WITH-3DES-EDE-CBC-SHA \ + TLS-RSA-WITH-RC4-128-SHA \ + TLS-RSA-WITH-RC4-128-MD5 \ + TLS-RSA-WITH-NULL-MD5 \ + TLS-RSA-WITH-NULL-SHA \ + " + G_CIPHERS="$G_CIPHERS \ + +DHE-RSA:+AES-128-CBC:+SHA1 \ + +DHE-RSA:+AES-256-CBC:+SHA1 \ + +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \ + +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \ + +DHE-RSA:+3DES-CBC:+SHA1 \ + +RSA:+AES-256-CBC:+SHA1 \ + +RSA:+CAMELLIA-256-CBC:+SHA1 \ + +RSA:+AES-128-CBC:+SHA1 \ + +RSA:+CAMELLIA-128-CBC:+SHA1 \ + +RSA:+3DES-CBC:+SHA1 \ + +RSA:+ARCFOUR-128:+SHA1 \ + +RSA:+ARCFOUR-128:+MD5 \ + +RSA:+NULL:+MD5 \ + +RSA:+NULL:+SHA1 \ + " + O_CIPHERS="$O_CIPHERS \ + DHE-RSA-AES128-SHA \ + DHE-RSA-AES256-SHA \ + DHE-RSA-CAMELLIA128-SHA \ + DHE-RSA-CAMELLIA256-SHA \ + EDH-RSA-DES-CBC3-SHA \ + AES256-SHA \ + CAMELLIA256-SHA \ + AES128-SHA \ + CAMELLIA128-SHA \ + DES-CBC3-SHA \ + RC4-SHA \ + RC4-MD5 \ + NULL-MD5 \ + NULL-SHA \ + " + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ + TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \ + TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \ + TLS-ECDHE-RSA-WITH-RC4-128-SHA \ + TLS-ECDHE-RSA-WITH-NULL-SHA \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-RSA:+AES-128-CBC:+SHA1 \ + +ECDHE-RSA:+AES-256-CBC:+SHA1 \ + +ECDHE-RSA:+3DES-CBC:+SHA1 \ + +ECDHE-RSA:+ARCFOUR-128:+SHA1 \ + +ECDHE-RSA:+NULL:+SHA1 \ + " + O_CIPHERS="$O_CIPHERS \ + ECDHE-RSA-AES256-SHA \ + ECDHE-RSA-AES128-SHA \ + ECDHE-RSA-DES-CBC3-SHA \ + ECDHE-RSA-RC4-SHA \ + ECDHE-RSA-NULL-SHA \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-RSA-WITH-AES-128-CBC-SHA256 \ + TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \ + TLS-RSA-WITH-AES-256-CBC-SHA256 \ + TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \ + TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \ + TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \ + TLS-RSA-WITH-AES-128-GCM-SHA256 \ + TLS-RSA-WITH-AES-256-GCM-SHA384 \ + TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \ + TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \ + TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ + TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \ + " + G_CIPHERS="$G_CIPHERS \ + +RSA:+AES-128-CBC:+SHA256 \ + +DHE-RSA:+AES-128-CBC:+SHA256 \ + +RSA:+AES-256-CBC:+SHA256 \ + +DHE-RSA:+AES-256-CBC:+SHA256 \ + +ECDHE-RSA:+AES-128-CBC:+SHA256 \ + +ECDHE-RSA:+AES-256-CBC:+SHA384 \ + +RSA:+AES-128-GCM:+AEAD \ + +RSA:+AES-256-GCM:+AEAD \ + +DHE-RSA:+AES-128-GCM:+AEAD \ + +DHE-RSA:+AES-256-GCM:+AEAD \ + +ECDHE-RSA:+AES-128-GCM:+AEAD \ + +ECDHE-RSA:+AES-256-GCM:+AEAD \ + " + O_CIPHERS="$O_CIPHERS \ + NULL-SHA256 \ + AES128-SHA256 \ + DHE-RSA-AES128-SHA256 \ + AES256-SHA256 \ + DHE-RSA-AES256-SHA256 \ + ECDHE-RSA-AES128-SHA256 \ + ECDHE-RSA-AES256-SHA384 \ + AES128-GCM-SHA256 \ + DHE-RSA-AES128-GCM-SHA256 \ + AES256-GCM-SHA384 \ + DHE-RSA-AES256-GCM-SHA384 \ + ECDHE-RSA-AES128-GCM-SHA256 \ + ECDHE-RSA-AES256-GCM-SHA384 \ + " + fi + ;; + + "PSK") + M_CIPHERS="$M_CIPHERS \ + TLS-PSK-WITH-RC4-128-SHA \ + TLS-PSK-WITH-3DES-EDE-CBC-SHA \ + TLS-PSK-WITH-AES-128-CBC-SHA \ + TLS-PSK-WITH-AES-256-CBC-SHA \ + " + G_CIPHERS="$G_CIPHERS \ + +PSK:+ARCFOUR-128:+SHA1 \ + +PSK:+3DES-CBC:+SHA1 \ + +PSK:+AES-128-CBC:+SHA1 \ + +PSK:+AES-256-CBC:+SHA1 \ + " + O_CIPHERS="$O_CIPHERS \ + PSK-RC4-SHA \ + PSK-3DES-EDE-CBC-SHA \ + PSK-AES128-CBC-SHA \ + PSK-AES256-CBC-SHA \ + " + ;; + esac +} + +# Ciphersuites usable only with Mbed TLS and OpenSSL +# Each ciphersuite should appear two times, once with its OpenSSL name, once +# with its Mbed TLS name. +# +# NOTE: for some reason RSA-PSK doesn't work with OpenSSL, +# so RSA-PSK ciphersuites need to go in other sections, see +# https://github.com/ARMmbed/mbedtls/issues/1419 +# +# ChachaPoly suites are here rather than in "common", as they were added in +# GnuTLS in 3.5.0 and the CI only has 3.4.x so far. +add_openssl_ciphersuites() +{ + case $TYPE in + + "ECDSA") + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDH-ECDSA-WITH-NULL-SHA \ + TLS-ECDH-ECDSA-WITH-RC4-128-SHA \ + TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \ + TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \ + TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \ + " + O_CIPHERS="$O_CIPHERS \ + ECDH-ECDSA-NULL-SHA \ + ECDH-ECDSA-RC4-SHA \ + ECDH-ECDSA-DES-CBC3-SHA \ + ECDH-ECDSA-AES128-SHA \ + ECDH-ECDSA-AES256-SHA \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ + TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \ + TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \ + TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \ + TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \ + TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \ + TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ + " + O_CIPHERS="$O_CIPHERS \ + ECDH-ECDSA-AES128-SHA256 \ + ECDH-ECDSA-AES256-SHA384 \ + ECDH-ECDSA-AES128-GCM-SHA256 \ + ECDH-ECDSA-AES256-GCM-SHA384 \ + ECDHE-ECDSA-ARIA256-GCM-SHA384 \ + ECDHE-ECDSA-ARIA128-GCM-SHA256 \ + ECDHE-ECDSA-CHACHA20-POLY1305 \ + " + fi + ;; + + "RSA") + M_CIPHERS="$M_CIPHERS \ + TLS-RSA-WITH-DES-CBC-SHA \ + TLS-DHE-RSA-WITH-DES-CBC-SHA \ + " + O_CIPHERS="$O_CIPHERS \ + DES-CBC-SHA \ + EDH-RSA-DES-CBC-SHA \ + " + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \ + TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \ + TLS-RSA-WITH-ARIA-256-GCM-SHA384 \ + TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \ + TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \ + TLS-RSA-WITH-ARIA-128-GCM-SHA256 \ + TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ + TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ + " + O_CIPHERS="$O_CIPHERS \ + ECDHE-ARIA256-GCM-SHA384 \ + DHE-RSA-ARIA256-GCM-SHA384 \ + ARIA256-GCM-SHA384 \ + ECDHE-ARIA128-GCM-SHA256 \ + DHE-RSA-ARIA128-GCM-SHA256 \ + ARIA128-GCM-SHA256 \ + DHE-RSA-CHACHA20-POLY1305 \ + ECDHE-RSA-CHACHA20-POLY1305 \ + " + fi + ;; + + "PSK") + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ + TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \ + TLS-PSK-WITH-ARIA-256-GCM-SHA384 \ + TLS-PSK-WITH-ARIA-128-GCM-SHA256 \ + TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \ + TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ + TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ + " + O_CIPHERS="$O_CIPHERS \ + DHE-PSK-ARIA256-GCM-SHA384 \ + DHE-PSK-ARIA128-GCM-SHA256 \ + PSK-ARIA256-GCM-SHA384 \ + PSK-ARIA128-GCM-SHA256 \ + DHE-PSK-CHACHA20-POLY1305 \ + ECDHE-PSK-CHACHA20-POLY1305 \ + PSK-CHACHA20-POLY1305 \ + " + fi + ;; + esac +} + +# Ciphersuites usable only with Mbed TLS and GnuTLS +# Each ciphersuite should appear two times, once with its GnuTLS name, once +# with its Mbed TLS name. +add_gnutls_ciphersuites() +{ + case $TYPE in + + "ECDSA") + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ + TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ + TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ + TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \ + +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \ + +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \ + +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \ + +ECDHE-ECDSA:+AES-128-CCM:+AEAD \ + +ECDHE-ECDSA:+AES-256-CCM:+AEAD \ + +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \ + +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \ + " + fi + ;; + + "RSA") + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-RSA-WITH-NULL-SHA256 \ + " + G_CIPHERS="$G_CIPHERS \ + +RSA:+NULL:+SHA256 \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ + TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ + TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-RSA-WITH-AES-128-CCM \ + TLS-RSA-WITH-AES-256-CCM \ + TLS-DHE-RSA-WITH-AES-128-CCM \ + TLS-DHE-RSA-WITH-AES-256-CCM \ + TLS-RSA-WITH-AES-128-CCM-8 \ + TLS-RSA-WITH-AES-256-CCM-8 \ + TLS-DHE-RSA-WITH-AES-128-CCM-8 \ + TLS-DHE-RSA-WITH-AES-256-CCM-8 \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ + +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \ + +RSA:+CAMELLIA-128-CBC:+SHA256 \ + +RSA:+CAMELLIA-256-CBC:+SHA256 \ + +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ + +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \ + +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \ + +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \ + +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \ + +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \ + +RSA:+CAMELLIA-128-GCM:+AEAD \ + +RSA:+CAMELLIA-256-GCM:+AEAD \ + +RSA:+AES-128-CCM:+AEAD \ + +RSA:+AES-256-CCM:+AEAD \ + +RSA:+AES-128-CCM-8:+AEAD \ + +RSA:+AES-256-CCM-8:+AEAD \ + +DHE-RSA:+AES-128-CCM:+AEAD \ + +DHE-RSA:+AES-256-CCM:+AEAD \ + +DHE-RSA:+AES-128-CCM-8:+AEAD \ + +DHE-RSA:+AES-256-CCM-8:+AEAD \ + " + fi + ;; + + "PSK") + M_CIPHERS="$M_CIPHERS \ + TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ + TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ + TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ + TLS-DHE-PSK-WITH-RC4-128-SHA \ + " + G_CIPHERS="$G_CIPHERS \ + +DHE-PSK:+3DES-CBC:+SHA1 \ + +DHE-PSK:+AES-128-CBC:+SHA1 \ + +DHE-PSK:+AES-256-CBC:+SHA1 \ + +DHE-PSK:+ARCFOUR-128:+SHA1 \ + " + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ + TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ + TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \ + TLS-ECDHE-PSK-WITH-RC4-128-SHA \ + TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \ + TLS-RSA-PSK-WITH-AES-256-CBC-SHA \ + TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ + TLS-RSA-PSK-WITH-RC4-128-SHA \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-PSK:+3DES-CBC:+SHA1 \ + +ECDHE-PSK:+AES-128-CBC:+SHA1 \ + +ECDHE-PSK:+AES-256-CBC:+SHA1 \ + +ECDHE-PSK:+ARCFOUR-128:+SHA1 \ + +RSA-PSK:+3DES-CBC:+SHA1 \ + +RSA-PSK:+AES-256-CBC:+SHA1 \ + +RSA-PSK:+AES-128-CBC:+SHA1 \ + +RSA-PSK:+ARCFOUR-128:+SHA1 \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ + TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ + TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-ECDHE-PSK-WITH-NULL-SHA384 \ + TLS-ECDHE-PSK-WITH-NULL-SHA256 \ + TLS-PSK-WITH-AES-128-CBC-SHA256 \ + TLS-PSK-WITH-AES-256-CBC-SHA384 \ + TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ + TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ + TLS-PSK-WITH-NULL-SHA256 \ + TLS-PSK-WITH-NULL-SHA384 \ + TLS-DHE-PSK-WITH-NULL-SHA256 \ + TLS-DHE-PSK-WITH-NULL-SHA384 \ + TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ + TLS-RSA-PSK-WITH-NULL-SHA256 \ + TLS-RSA-PSK-WITH-NULL-SHA384 \ + TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-PSK-WITH-AES-128-GCM-SHA256 \ + TLS-PSK-WITH-AES-256-GCM-SHA384 \ + TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \ + TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \ + TLS-PSK-WITH-AES-128-CCM \ + TLS-PSK-WITH-AES-256-CCM \ + TLS-DHE-PSK-WITH-AES-128-CCM \ + TLS-DHE-PSK-WITH-AES-256-CCM \ + TLS-PSK-WITH-AES-128-CCM-8 \ + TLS-PSK-WITH-AES-256-CCM-8 \ + TLS-DHE-PSK-WITH-AES-128-CCM-8 \ + TLS-DHE-PSK-WITH-AES-256-CCM-8 \ + TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \ + TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \ + " + G_CIPHERS="$G_CIPHERS \ + +ECDHE-PSK:+AES-256-CBC:+SHA384 \ + +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ + +ECDHE-PSK:+AES-128-CBC:+SHA256 \ + +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ + +PSK:+AES-128-CBC:+SHA256 \ + +PSK:+AES-256-CBC:+SHA384 \ + +DHE-PSK:+AES-128-CBC:+SHA256 \ + +DHE-PSK:+AES-256-CBC:+SHA384 \ + +RSA-PSK:+AES-256-CBC:+SHA384 \ + +RSA-PSK:+AES-128-CBC:+SHA256 \ + +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ + +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ + +PSK:+CAMELLIA-128-CBC:+SHA256 \ + +PSK:+CAMELLIA-256-CBC:+SHA384 \ + +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \ + +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \ + +PSK:+AES-128-GCM:+AEAD \ + +PSK:+AES-256-GCM:+AEAD \ + +DHE-PSK:+AES-128-GCM:+AEAD \ + +DHE-PSK:+AES-256-GCM:+AEAD \ + +PSK:+AES-128-CCM:+AEAD \ + +PSK:+AES-256-CCM:+AEAD \ + +DHE-PSK:+AES-128-CCM:+AEAD \ + +DHE-PSK:+AES-256-CCM:+AEAD \ + +PSK:+AES-128-CCM-8:+AEAD \ + +PSK:+AES-256-CCM-8:+AEAD \ + +DHE-PSK:+AES-128-CCM-8:+AEAD \ + +DHE-PSK:+AES-256-CCM-8:+AEAD \ + +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \ + +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \ + +PSK:+CAMELLIA-128-GCM:+AEAD \ + +PSK:+CAMELLIA-256-GCM:+AEAD \ + +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \ + +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \ + +RSA-PSK:+AES-256-GCM:+AEAD \ + +RSA-PSK:+AES-128-GCM:+AEAD \ + +ECDHE-PSK:+NULL:+SHA384 \ + +ECDHE-PSK:+NULL:+SHA256 \ + +PSK:+NULL:+SHA256 \ + +PSK:+NULL:+SHA384 \ + +DHE-PSK:+NULL:+SHA256 \ + +DHE-PSK:+NULL:+SHA384 \ + +RSA-PSK:+NULL:+SHA256 \ + +RSA-PSK:+NULL:+SHA384 \ + " + fi + ;; + esac +} + +# Ciphersuites usable only with Mbed TLS (not currently supported by another +# peer usable in this script). This provide only very rudimentaty testing, as +# this is not interop testing, but it's better than nothing. +add_mbedtls_ciphersuites() +{ + case $TYPE in + + "ECDSA") + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \ + TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \ + TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \ + TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \ + TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \ + TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \ + " + fi + ;; + + "RSA") + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \ + TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \ + TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \ + TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \ + TLS-RSA-WITH-ARIA-256-CBC-SHA384 \ + TLS-RSA-WITH-ARIA-128-CBC-SHA256 \ + " + fi + ;; + + "PSK") + # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15 + M_CIPHERS="$M_CIPHERS \ + TLS-PSK-WITH-NULL-SHA \ + TLS-DHE-PSK-WITH-NULL-SHA \ + " + if [ `minor_ver "$MODE"` -gt 0 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-ECDHE-PSK-WITH-NULL-SHA \ + TLS-RSA-PSK-WITH-NULL-SHA \ + " + fi + if [ `minor_ver "$MODE"` -ge 3 ] + then + M_CIPHERS="$M_CIPHERS \ + TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \ + TLS-PSK-WITH-ARIA-256-CBC-SHA384 \ + TLS-PSK-WITH-ARIA-128-CBC-SHA256 \ + TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \ + TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \ + TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \ + TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \ + TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \ + TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \ + TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \ + " + fi + ;; + esac +} + +setup_arguments() +{ + G_MODE="" + case "$MODE" in + "ssl3") + G_PRIO_MODE="+VERS-SSL3.0" + ;; + "tls1") + G_PRIO_MODE="+VERS-TLS1.0" + ;; + "tls1_1") + G_PRIO_MODE="+VERS-TLS1.1" + ;; + "tls1_2") + G_PRIO_MODE="+VERS-TLS1.2" + ;; + "dtls1") + G_PRIO_MODE="+VERS-DTLS1.0" + G_MODE="-u" + ;; + "dtls1_2") + G_PRIO_MODE="+VERS-DTLS1.2" + G_MODE="-u" + ;; + *) + echo "error: invalid mode: $MODE" >&2 + exit 1; + esac + + # GnuTLS < 3.4 will choke if we try to allow CCM-8 + if [ -z "${GNUTLS_MINOR_LT_FOUR-}" ]; then + G_PRIO_CCM="+AES-256-CCM-8:+AES-128-CCM-8:" + else + G_PRIO_CCM="" + fi + + M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1" + O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem" + G_SERVER_ARGS="-p $PORT --http $G_MODE" + G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" + + # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes + if is_dtls "$MODE"; then + O_SERVER_ARGS="$O_SERVER_ARGS" + else + O_SERVER_ARGS="$O_SERVER_ARGS -www" + fi + + M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE" + O_CLIENT_ARGS="-connect localhost:$PORT -$MODE" + G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE" + G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL" + + if [ "X$VERIFY" = "XYES" ]; + then + M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" + O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10" + G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert" + + M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" + O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10" + G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt" + else + # don't request a client cert at all + M_SERVER_ARGS="$M_SERVER_ARGS ca_file=none auth_mode=none" + G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert" + + M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=none auth_mode=none" + O_CLIENT_ARGS="$O_CLIENT_ARGS" + G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure" + fi + + case $TYPE in + "ECDSA") + M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key" + O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key" + G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" + + if [ "X$VERIFY" = "XYES" ]; then + M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key" + O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key" + G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key" + else + M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none" + fi + ;; + + "RSA") + M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key" + O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2.crt -key data_files/server2.key" + G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key" + + if [ "X$VERIFY" = "XYES" ]; then + M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key" + O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server1.crt -key data_files/server1.key" + G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server1.crt --x509keyfile data_files/server1.key" + else + M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none" + fi + + # Allow SHA-1. It's disabled by default for security reasons but + # our tests still use certificates signed with it. + M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1" + M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1" + ;; + + "PSK") + # give RSA-PSK-capable server a RSA cert + # (should be a separate type, but harder to close with openssl) + M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2.crt key_file=data_files/server2.key" + O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert" + G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk" + + M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none" + O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70" + G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" + + # Allow SHA-1. It's disabled by default for security reasons but + # our tests still use certificates signed with it. + M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1" + M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1" + ;; + esac +} + +# is_mbedtls +is_mbedtls() { + echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null +} + +# has_mem_err +has_mem_err() { + if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && + grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null + then + return 1 # false: does not have errors + else + return 0 # true: has errors + fi +} + +# Wait for process $2 to be listening on port $1 +if type lsof >/dev/null 2>/dev/null; then + wait_server_start() { + START_TIME=$(date +%s) + if is_dtls "$MODE"; then + proto=UDP + else + proto=TCP + fi + while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do + if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then + echo "SERVERSTART TIMEOUT" + echo "SERVERSTART TIMEOUT" >> $SRV_OUT + break + fi + # Linux and *BSD support decimal arguments to sleep. On other + # OSes this may be a tight loop. + sleep 0.1 2>/dev/null || true + done + } +else + echo "Warning: lsof not available, wait_server_start = sleep" + wait_server_start() { + sleep 2 + } +fi + + +# start_server +# also saves name and command +start_server() { + case $1 in + [Oo]pen*) + SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS" + ;; + [Gg]nu*) + SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO" + ;; + mbed*) + SERVER_CMD="$M_SRV $M_SERVER_ARGS" + if [ "$MEMCHECK" -gt 0 ]; then + SERVER_CMD="valgrind --leak-check=full $SERVER_CMD" + fi + ;; + *) + echo "error: invalid server name: $1" >&2 + exit 1 + ;; + esac + SERVER_NAME=$1 + + log "$SERVER_CMD" + echo "$SERVER_CMD" > $SRV_OUT + # for servers without -www or equivalent + while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 & + PROCESS_ID=$! + + wait_server_start "$PORT" "$PROCESS_ID" +} + +# terminate the running server +stop_server() { + kill $PROCESS_ID 2>/dev/null + wait $PROCESS_ID 2>/dev/null + + if [ "$MEMCHECK" -gt 0 ]; then + if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then + echo " ! Server had memory errors" + SRVMEM=$(( $SRVMEM + 1 )) + return + fi + fi + + rm -f $SRV_OUT +} + +# kill the running server (used when killed by signal) +cleanup() { + rm -f $SRV_OUT $CLI_OUT + kill $PROCESS_ID >/dev/null 2>&1 + kill $WATCHDOG_PID >/dev/null 2>&1 + exit 1 +} + +# wait for client to terminate and set EXIT +# must be called right after starting the client +wait_client_done() { + CLI_PID=$! + + ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) & + WATCHDOG_PID=$! + + wait $CLI_PID + EXIT=$? + + kill $WATCHDOG_PID + wait $WATCHDOG_PID + + echo "EXIT: $EXIT" >> $CLI_OUT +} + +# run_client +run_client() { + # announce what we're going to do + TESTS=$(( $TESTS + 1 )) + VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') + TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`" + TITLE="$TITLE $MODE,$VERIF $2" + printf "$TITLE " + LEN=$(( 72 - `echo "$TITLE" | wc -c` )) + for i in `seq 1 $LEN`; do printf '.'; done; printf ' ' + + # should we skip? + if [ "X$SKIP_NEXT" = "XYES" ]; then + SKIP_NEXT="NO" + echo "SKIP" + SKIPPED=$(( $SKIPPED + 1 )) + return + fi + + # run the command and interpret result + case $1 in + [Oo]pen*) + CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2" + log "$CLIENT_CMD" + echo "$CLIENT_CMD" > $CLI_OUT + printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & + wait_client_done + + if [ $EXIT -eq 0 ]; then + RESULT=0 + else + # If the cipher isn't supported... + if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then + RESULT=1 + else + RESULT=2 + fi + fi + ;; + + [Gg]nu*) + # need to force IPv4 with UDP, but keep localhost for auth + if is_dtls "$MODE"; then + G_HOST="127.0.0.1" + else + G_HOST="localhost" + fi + CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 $G_HOST" + log "$CLIENT_CMD" + echo "$CLIENT_CMD" > $CLI_OUT + printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & + wait_client_done + + if [ $EXIT -eq 0 ]; then + RESULT=0 + else + RESULT=2 + # interpret early failure, with a handshake_failure alert + # before the server hello, as "no ciphersuite in common" + if grep -F 'Received alert [40]: Handshake failed' $CLI_OUT; then + if grep -i 'SERVER HELLO .* was received' $CLI_OUT; then : + else + RESULT=1 + fi + fi >/dev/null + fi + ;; + + mbed*) + CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$2" + if [ "$MEMCHECK" -gt 0 ]; then + CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD" + fi + log "$CLIENT_CMD" + echo "$CLIENT_CMD" > $CLI_OUT + $CLIENT_CMD >> $CLI_OUT 2>&1 & + wait_client_done + + case $EXIT in + # Success + "0") RESULT=0 ;; + + # Ciphersuite not supported + "2") RESULT=1 ;; + + # Error + *) RESULT=2 ;; + esac + + if [ "$MEMCHECK" -gt 0 ]; then + if is_mbedtls "$CLIENT_CMD" && has_mem_err $CLI_OUT; then + RESULT=2 + fi + fi + + ;; + + *) + echo "error: invalid client name: $1" >&2 + exit 1 + ;; + esac + + echo "EXIT: $EXIT" >> $CLI_OUT + + # report and count result + case $RESULT in + "0") + echo PASS + ;; + "1") + echo SKIP + SKIPPED=$(( $SKIPPED + 1 )) + ;; + "2") + echo FAIL + cp $SRV_OUT c-srv-${TESTS}.log + cp $CLI_OUT c-cli-${TESTS}.log + echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" + + if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot -o "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then + echo " ! server output:" + cat c-srv-${TESTS}.log + echo " ! ===================================================" + echo " ! client output:" + cat c-cli-${TESTS}.log + fi + + FAILED=$(( $FAILED + 1 )) + ;; + esac + + rm -f $CLI_OUT +} + +# +# MAIN +# + +if cd $( dirname $0 ); then :; else + echo "cd $( dirname $0 ) failed" >&2 + exit 1 +fi + +get_options "$@" + +# sanity checks, avoid an avalanche of errors +if [ ! -x "$M_SRV" ]; then + echo "Command '$M_SRV' is not an executable file" >&2 + exit 1 +fi +if [ ! -x "$M_CLI" ]; then + echo "Command '$M_CLI' is not an executable file" >&2 + exit 1 +fi + +if echo "$PEERS" | grep -i openssl > /dev/null; then + if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else + echo "Command '$OPENSSL_CMD' not found" >&2 + exit 1 + fi +fi + +if echo "$PEERS" | grep -i gnutls > /dev/null; then + for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do + if which "$CMD" >/dev/null 2>&1; then :; else + echo "Command '$CMD' not found" >&2 + exit 1 + fi + done +fi + +for PEER in $PEERS; do + case "$PEER" in + mbed*|[Oo]pen*|[Gg]nu*) + ;; + *) + echo "Unknown peers: $PEER" >&2 + exit 1 + esac +done + +# Pick a "unique" port in the range 10000-19999. +PORT="0000$$" +PORT="1$(echo $PORT | tail -c 5)" + +# Also pick a unique name for intermediate files +SRV_OUT="srv_out.$$" +CLI_OUT="cli_out.$$" + +# client timeout delay: be more patient with valgrind +if [ "$MEMCHECK" -gt 0 ]; then + DOG_DELAY=30 +else + DOG_DELAY=10 +fi + +SKIP_NEXT="NO" + +trap cleanup INT TERM HUP + +for VERIFY in $VERIFIES; do + for MODE in $MODES; do + for TYPE in $TYPES; do + for PEER in $PEERS; do + + setup_arguments + + case "$PEER" in + + [Oo]pen*) + + if test "$OSSL_NO_DTLS" -gt 0 && is_dtls "$MODE"; then + continue; + fi + + reset_ciphersuites + add_common_ciphersuites + add_openssl_ciphersuites + filter_ciphersuites + + if [ "X" != "X$M_CIPHERS" ]; then + start_server "OpenSSL" + for i in $M_CIPHERS; do + check_openssl_server_bug $i + run_client mbedTLS $i + done + stop_server + fi + + if [ "X" != "X$O_CIPHERS" ]; then + start_server "mbedTLS" + for i in $O_CIPHERS; do + run_client OpenSSL $i + done + stop_server + fi + + ;; + + [Gg]nu*) + + reset_ciphersuites + add_common_ciphersuites + add_gnutls_ciphersuites + filter_ciphersuites + + if [ "X" != "X$M_CIPHERS" ]; then + start_server "GnuTLS" + for i in $M_CIPHERS; do + run_client mbedTLS $i + done + stop_server + fi + + if [ "X" != "X$G_CIPHERS" ]; then + start_server "mbedTLS" + for i in $G_CIPHERS; do + run_client GnuTLS $i + done + stop_server + fi + + ;; + + mbed*) + + reset_ciphersuites + add_common_ciphersuites + add_openssl_ciphersuites + add_gnutls_ciphersuites + add_mbedtls_ciphersuites + filter_ciphersuites + + if [ "X" != "X$M_CIPHERS" ]; then + start_server "mbedTLS" + for i in $M_CIPHERS; do + run_client mbedTLS $i + done + stop_server + fi + + ;; + + *) + echo "Unknown peer: $PEER" >&2 + exit 1 + ;; + + esac + + done + done + done +done + +echo "------------------------------------------------------------------------" + +if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; +then + printf "FAILED" +else + printf "PASSED" +fi + +if [ "$MEMCHECK" -gt 0 ]; then + MEMREPORT=", $SRVMEM server memory errors" +else + MEMREPORT="" +fi + +PASSED=$(( $TESTS - $FAILED )) +echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))" + +FAILED=$(( $FAILED + $SRVMEM )) +exit $FAILED diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 7ed0372ab..6419f05e4 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -14,6 +14,8 @@ # The tests include: # * Unit tests - executed using tests/scripts/run-test-suite.pl # * Self-tests - executed using the test suites above +# * System tests - executed using tests/ssl-opt.sh +# * Interoperability tests - executed using tests/compat.sh # # The tests focus on functionality and do not consider performance. # @@ -34,11 +36,30 @@ if [ -d library -a -d include -a -d tests ]; then :; else exit 1 fi +: ${OPENSSL:="openssl"} +: ${OPENSSL_LEGACY:="$OPENSSL"} +: ${GNUTLS_CLI:="gnutls-cli"} +: ${GNUTLS_SERV:="gnutls-serv"} +: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} +: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} + +# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh +# we just export the variables they require +export OPENSSL_CMD="$OPENSSL" +export GNUTLS_CLI="$GNUTLS_CLI" +export GNUTLS_SERV="$GNUTLS_SERV" + CONFIG_H='include/mbedtls/config.h' CONFIG_BAK="$CONFIG_H.bak" # Step 0 - print build environment info -scripts/output_env.sh +OPENSSL="$OPENSSL" \ + OPENSSL_LEGACY="$OPENSSL_LEGACY" \ + GNUTLS_CLI="$GNUTLS_CLI" \ + GNUTLS_SERV="$GNUTLS_SERV" \ + GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \ + GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \ + scripts/output_env.sh echo # Step 1 - Make and instrumented build for code coverage @@ -62,6 +83,25 @@ fi perl scripts/run-test-suites.pl -v 2 |tee unit-test-$TEST_OUTPUT echo +# Step 2b - System Tests +sh ssl-opt.sh |tee sys-test-$TEST_OUTPUT +echo + +# Step 2c - Compatibility tests +sh compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' | \ + tee compat-test-$TEST_OUTPUT +OPENSSL_CMD="$OPENSSL_LEGACY" \ + sh compat.sh -m 'ssl3' |tee -a compat-test-$TEST_OUTPUT +OPENSSL_CMD="$OPENSSL_LEGACY" \ + GNUTLS_CLI="$GNUTLS_LEGACY_CLI" \ + GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \ + sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' | \ + tee -a compat-test-$TEST_OUTPUT +OPENSSL_CMD="$OPENSSL_NEXT" \ + sh compat.sh -e '^$' -f 'ARIA\|CHACHA' | \ + tee -a compat-test-$TEST_OUTPUT +echo + # Step 3 - Process the coverage report cd .. make lcov |tee tests/cov-$TEST_OUTPUT @@ -97,6 +137,49 @@ TOTAL_SKIP=$SKIPPED_TESTS TOTAL_AVAIL=$(($PASSED_TESTS + $FAILED_TESTS + $SKIPPED_TESTS)) TOTAL_EXED=$(($PASSED_TESTS + $FAILED_TESTS)) +# Step 4b - TLS Options tests +echo "TLS Options tests - tests/ssl-opt.sh" + +PASSED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p') +SKIPPED_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p') +TOTAL_TESTS=$(tail -n5 sys-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p') +FAILED_TESTS=$(($TOTAL_TESTS - $PASSED_TESTS)) + +echo "Passed : $PASSED_TESTS" +echo "Failed : $FAILED_TESTS" +echo "Skipped : $SKIPPED_TESTS" +echo "Total exec'd tests : $TOTAL_TESTS" +echo "Total avail tests : $(($TOTAL_TESTS + $SKIPPED_TESTS))" +echo + +TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) +TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) +TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) +TOTAL_AVAIL=$(($TOTAL_AVAIL + $TOTAL_TESTS + $SKIPPED_TESTS)) +TOTAL_EXED=$(($TOTAL_EXED + $TOTAL_TESTS)) + + +# Step 4c - System Compatibility tests +echo "System/Compatibility tests - tests/compat.sh" + +PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') +SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') +EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }') +FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS)) + +echo "Passed : $PASSED_TESTS" +echo "Failed : $FAILED_TESTS" +echo "Skipped : $SKIPPED_TESTS" +echo "Total exec'd tests : $EXED_TESTS" +echo "Total avail tests : $(($EXED_TESTS + $SKIPPED_TESTS))" +echo + +TOTAL_PASS=$(($TOTAL_PASS+$PASSED_TESTS)) +TOTAL_FAIL=$(($TOTAL_FAIL+$FAILED_TESTS)) +TOTAL_SKIP=$(($TOTAL_SKIP+$SKIPPED_TESTS)) +TOTAL_AVAIL=$(($TOTAL_AVAIL + $EXED_TESTS + $SKIPPED_TESTS)) +TOTAL_EXED=$(($TOTAL_EXED + $EXED_TESTS)) + # Step 4d - Grand totals echo "-------------------------------------------------------------------------" @@ -130,6 +213,8 @@ echo rm unit-test-$TEST_OUTPUT +rm sys-test-$TEST_OUTPUT +rm compat-test-$TEST_OUTPUT rm cov-$TEST_OUTPUT cd .. diff --git a/tests/scripts/key-exchanges.pl b/tests/scripts/key-exchanges.pl new file mode 100755 index 000000000..3bf7ae34f --- /dev/null +++ b/tests/scripts/key-exchanges.pl @@ -0,0 +1,62 @@ +#!/usr/bin/env perl + +# key-exchanges.pl +# +# Copyright (c) 2015-2017, ARM Limited, All Rights Reserved +# +# Purpose +# +# To test the code dependencies on individual key exchanges in the SSL module. +# is a verification step to ensure we don't ship SSL code that do not work +# for some build options. +# +# The process is: +# for each possible key exchange +# build the library with all but that key exchange disabled +# +# Usage: tests/scripts/key-exchanges.pl +# +# This script should be executed from the root of the project directory. +# +# For best effect, run either with cmake disabled, or cmake enabled in a mode +# that includes -Werror. + +use warnings; +use strict; + +-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; + +my $sed_cmd = 's/^#define \(MBEDTLS_KEY_EXCHANGE_.*_ENABLED\)/\1/p'; +my $config_h = 'include/mbedtls/config.h'; +my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` ); + +system( "cp $config_h $config_h.bak" ) and die; +sub abort { + system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; + # use an exit code between 1 and 124 for git bisect (die returns 255) + warn $_[0]; + exit 1; +} + +for my $kex (@kexes) { + system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; + system( "make clean" ) and die; + + print "\n******************************************\n"; + print "* Testing with key exchange: $kex\n"; + print "******************************************\n"; + + # full config with all key exchanges disabled except one + system( "scripts/config.pl full" ) and abort "Failed config full\n"; + for my $k (@kexes) { + next if $k eq $kex; + system( "scripts/config.pl unset $k" ) + and abort "Failed to disable $k\n"; + } + + system( "make lib CFLAGS='-Os -Werror'" ) and abort "Failed to build lib: $kex\n"; +} + +system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; +system( "make clean" ) and die; +exit 0; diff --git a/tests/scripts/tcp_client.pl b/tests/scripts/tcp_client.pl new file mode 100755 index 000000000..11cbf1b1b --- /dev/null +++ b/tests/scripts/tcp_client.pl @@ -0,0 +1,86 @@ +#!/usr/bin/env perl + +# A simple TCP client that sends some data and expects a response. +# Usage: tcp_client.pl HOSTNAME PORT DATA1 RESPONSE1 +# DATA: hex-encoded data to send to the server +# RESPONSE: regexp that must match the server's response + +use warnings; +use strict; +use IO::Socket::INET; + +# Pack hex digits into a binary string, ignoring whitespace. +sub parse_hex { + my ($hex) = @_; + $hex =~ s/\s+//g; + return pack('H*', $hex); +} + +## Open a TCP connection to the specified host and port. +sub open_connection { + my ($host, $port) = @_; + my $socket = IO::Socket::INET->new(PeerAddr => $host, + PeerPort => $port, + Proto => 'tcp', + Timeout => 1); + die "Cannot connect to $host:$port: $!" unless $socket; + return $socket; +} + +## Close the TCP connection. +sub close_connection { + my ($connection) = @_; + $connection->shutdown(2); + # Ignore shutdown failures (at least for now) + return 1; +} + +## Write the given data, expressed as hexadecimal +sub write_data { + my ($connection, $hexdata) = @_; + my $data = parse_hex($hexdata); + my $total_sent = 0; + while ($total_sent < length($data)) { + my $sent = $connection->send($data, 0); + if (!defined $sent) { + die "Unable to send data: $!"; + } + $total_sent += $sent; + } + return 1; +} + +## Read a response and check it against an expected prefix +sub read_response { + my ($connection, $expected_hex) = @_; + my $expected_data = parse_hex($expected_hex); + my $start_offset = 0; + while ($start_offset < length($expected_data)) { + my $actual_data; + my $ok = $connection->recv($actual_data, length($expected_data)); + if (!defined $ok) { + die "Unable to receive data: $!"; + } + if (($actual_data ^ substr($expected_data, $start_offset)) =~ /[^\000]/) { + printf STDERR ("Received \\x%02x instead of \\x%02x at offset %d\n", + ord(substr($actual_data, $-[0], 1)), + ord(substr($expected_data, $start_offset + $-[0], 1)), + $start_offset + $-[0]); + return 0; + } + $start_offset += length($actual_data); + } + return 1; +} + +if (@ARGV != 4) { + print STDERR "Usage: $0 HOSTNAME PORT DATA1 RESPONSE1\n"; + exit(3); +} +my ($host, $port, $data1, $response1) = @ARGV; +my $connection = open_connection($host, $port); +write_data($connection, $data1); +if (!read_response($connection, $response1)) { + exit(1); +} +close_connection($connection); diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 3dea0046f..956f9575d 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -9,7 +9,7 @@ # Purpose # # For each reference configuration file in the configs directory, build the -# configuration and run the test suites. +# configuration, run the test suites and compat.sh # # Usage: tests/scripts/test-ref-configs.pl [config-name [...]] @@ -18,16 +18,22 @@ use strict; my %configs = ( 'config-default.h' => { + 'opt' => '-f Default', + 'compat' => '-m tls1_2 -V NO', }, 'config-mini-tls1_1.h' => { + 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', }, 'config-suite-b.h' => { + 'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", }, 'config-symmetric-only.h' => { }, 'config-ccm-psk-tls1_2.h' => { + 'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', }, 'config-thread.h' => { + 'opt' => '-f ECJPAKE.*nolog', }, ); @@ -81,6 +87,30 @@ while( my ($conf, $data) = each %configs ) { system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n"; system( "make test" ) and abort "Failed test suite: $conf\n"; + + my $compat = $data->{'compat'}; + if( $compat ) + { + print "\nrunning compat.sh $compat\n"; + system( "tests/compat.sh $compat" ) + and abort "Failed compat.sh: $conf\n"; + } + else + { + print "\nskipping compat.sh\n"; + } + + my $opt = $data->{'opt'}; + if( $opt ) + { + print "\nrunning ssl-opt.sh $opt\n"; + system( "tests/ssl-opt.sh $opt" ) + and abort "Failed ssl-opt.sh: $conf\n"; + } + else + { + print "\nskipping ssl-opt.sh\n"; + } } system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; diff --git a/tests/scripts/travis-log-failure.sh b/tests/scripts/travis-log-failure.sh new file mode 100755 index 000000000..9866ca7da --- /dev/null +++ b/tests/scripts/travis-log-failure.sh @@ -0,0 +1,36 @@ +#!/bin/sh + +# travis-log-failure.sh +# +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# List the server and client logs on failed ssl-opt.sh and compat.sh tests. +# This script is used to make the logs show up in the Travis test results. +# +# Some of the logs can be very long: this means usually a couple of megabytes +# but it can be much more. For example, the client log of test 273 in ssl-opt.sh +# is more than 630 Megabytes long. + +if [ -d include/mbedtls ]; then :; else + echo "$0: must be run from root" >&2 + exit 1 +fi + +FILES="o-srv-*.log o-cli-*.log c-srv-*.log c-cli-*.log o-pxy-*.log" +MAX_LOG_SIZE=1048576 + +for PATTERN in $FILES; do + for LOG in $( ls tests/$PATTERN 2>/dev/null ); do + echo + echo "****** BEGIN file: $LOG ******" + echo + tail -c $MAX_LOG_SIZE $LOG + echo "****** END file: $LOG ******" + echo + rm $LOG + done +done diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh new file mode 100755 index 000000000..d952f33fd --- /dev/null +++ b/tests/ssl-opt.sh @@ -0,0 +1,7707 @@ +#!/bin/sh + +# ssl-opt.sh +# +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# Executes tests to prove various TLS/SSL options and extensions. +# +# The goal is not to cover every ciphersuite/version, but instead to cover +# specific options (max fragment length, truncated hmac, etc) or procedures +# (session resumption from cache or ticket, renego, etc). +# +# The tests assume a build with default options, with exceptions expressed +# with a dependency. The tests focus on functionality and do not consider +# performance. +# + +set -u + +if cd $( dirname $0 ); then :; else + echo "cd $( dirname $0 ) failed" >&2 + exit 1 +fi + +# default values, can be overridden by the environment +: ${P_SRV:=../programs/ssl/ssl_server2} +: ${P_CLI:=../programs/ssl/ssl_client2} +: ${P_PXY:=../programs/test/udp_proxy} +: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system +: ${GNUTLS_CLI:=gnutls-cli} +: ${GNUTLS_SERV:=gnutls-serv} +: ${PERL:=perl} + +O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key" +O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client" +G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" +G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt" +TCP_CLIENT="$PERL scripts/tcp_client.pl" + +# alternative versions of OpenSSL and GnuTLS (no default path) + +if [ -n "${OPENSSL_LEGACY:-}" ]; then + O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key" + O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client" +else + O_LEGACY_SRV=false + O_LEGACY_CLI=false +fi + +if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then + G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" +else + G_NEXT_SRV=false +fi + +if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then + G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt" +else + G_NEXT_CLI=false +fi + +TESTS=0 +FAILS=0 +SKIPS=0 + +CONFIG_H='../include/mbedtls/config.h' + +MEMCHECK=0 +FILTER='.*' +EXCLUDE='^$' + +SHOW_TEST_NUMBER=0 +RUN_TEST_NUMBER='' + +PRESERVE_LOGS=0 + +# Pick a "unique" server port in the range 10000-19999, and a proxy +# port which is this plus 10000. Each port number may be independently +# overridden by a command line option. +SRV_PORT=$(($$ % 10000 + 10000)) +PXY_PORT=$((SRV_PORT + 10000)) + +print_usage() { + echo "Usage: $0 [options]" + printf " -h|--help\tPrint this help.\n" + printf " -m|--memcheck\tCheck memory leaks and errors.\n" + printf " -f|--filter\tOnly matching tests are executed (BRE; default: '$FILTER')\n" + printf " -e|--exclude\tMatching tests are excluded (BRE; default: '$EXCLUDE')\n" + printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" + printf " -s|--show-numbers\tShow test numbers in front of test names\n" + printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" + printf " --port\tTCP/UDP port (default: randomish 1xxxx)\n" + printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n" + printf " --seed\tInteger seed value to use for this test run\n" +} + +get_options() { + while [ $# -gt 0 ]; do + case "$1" in + -f|--filter) + shift; FILTER=$1 + ;; + -e|--exclude) + shift; EXCLUDE=$1 + ;; + -m|--memcheck) + MEMCHECK=1 + ;; + -n|--number) + shift; RUN_TEST_NUMBER=$1 + ;; + -s|--show-numbers) + SHOW_TEST_NUMBER=1 + ;; + -p|--preserve-logs) + PRESERVE_LOGS=1 + ;; + --port) + shift; SRV_PORT=$1 + ;; + --proxy-port) + shift; PXY_PORT=$1 + ;; + --seed) + shift; SEED="$1" + ;; + -h|--help) + print_usage + exit 0 + ;; + *) + echo "Unknown argument: '$1'" + print_usage + exit 1 + ;; + esac + shift + done +} + +# Skip next test; use this macro to skip tests which are legitimate +# in theory and expected to be re-introduced at some point, but +# aren't expected to succeed at the moment due to problems outside +# our control (such as bugs in other TLS implementations). +skip_next_test() { + SKIP_NEXT="YES" +} + +# skip next test if the flag is not enabled in config.h +requires_config_enabled() { + if grep "^#define $1" $CONFIG_H > /dev/null; then :; else + SKIP_NEXT="YES" + fi +} + +# skip next test if the flag is enabled in config.h +requires_config_disabled() { + if grep "^#define $1" $CONFIG_H > /dev/null; then + SKIP_NEXT="YES" + fi +} + +get_config_value_or_default() { + # This function uses the query_config command line option to query the + # required Mbed TLS compile time configuration from the ssl_server2 + # program. The command will always return a success value if the + # configuration is defined and the value will be printed to stdout. + # + # Note that if the configuration is not defined or is defined to nothing, + # the output of this function will be an empty string. + ${P_SRV} "query_config=${1}" +} + +requires_config_value_at_least() { + VAL="$( get_config_value_or_default "$1" )" + if [ -z "$VAL" ]; then + # Should never happen + echo "Mbed TLS configuration $1 is not defined" + exit 1 + elif [ "$VAL" -lt "$2" ]; then + SKIP_NEXT="YES" + fi +} + +requires_config_value_at_most() { + VAL=$( get_config_value_or_default "$1" ) + if [ -z "$VAL" ]; then + # Should never happen + echo "Mbed TLS configuration $1 is not defined" + exit 1 + elif [ "$VAL" -gt "$2" ]; then + SKIP_NEXT="YES" + fi +} + +requires_ciphersuite_enabled() { + if [ -z "$($P_CLI --help | grep $1)" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if OpenSSL doesn't support FALLBACK_SCSV +requires_openssl_with_fallback_scsv() { + if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then + if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null + then + OPENSSL_HAS_FBSCSV="YES" + else + OPENSSL_HAS_FBSCSV="NO" + fi + fi + if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if GnuTLS isn't available +requires_gnutls() { + if [ -z "${GNUTLS_AVAILABLE:-}" ]; then + if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then + GNUTLS_AVAILABLE="YES" + else + GNUTLS_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if GnuTLS-next isn't available +requires_gnutls_next() { + if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then + if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then + GNUTLS_NEXT_AVAILABLE="YES" + else + GNUTLS_NEXT_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if OpenSSL-legacy isn't available +requires_openssl_legacy() { + if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then + if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then + OPENSSL_LEGACY_AVAILABLE="YES" + else + OPENSSL_LEGACY_AVAILABLE="NO" + fi + fi + if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if IPv6 isn't available on this host +requires_ipv6() { + if [ -z "${HAS_IPV6:-}" ]; then + $P_SRV server_addr='::1' > $SRV_OUT 2>&1 & + SRV_PID=$! + sleep 1 + kill $SRV_PID >/dev/null 2>&1 + if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then + HAS_IPV6="NO" + else + HAS_IPV6="YES" + fi + rm -r $SRV_OUT + fi + + if [ "$HAS_IPV6" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if it's i686 or uname is not available +requires_not_i686() { + if [ -z "${IS_I686:-}" ]; then + IS_I686="YES" + if which "uname" >/dev/null 2>&1; then + if [ -z "$(uname -a | grep i686)" ]; then + IS_I686="NO" + fi + fi + fi + if [ "$IS_I686" = "YES" ]; then + SKIP_NEXT="YES" + fi +} + +# Calculate the input & output maximum content lengths set in the config +MAX_CONTENT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384") +MAX_IN_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") +MAX_OUT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") + +if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then + MAX_CONTENT_LEN="$MAX_IN_LEN" +fi +if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then + MAX_CONTENT_LEN="$MAX_OUT_LEN" +fi + +# skip the next test if the SSL output buffer is less than 16KB +requires_full_size_output_buffer() { + if [ "$MAX_OUT_LEN" -ne 16384 ]; then + SKIP_NEXT="YES" + fi +} + +# skip the next test if valgrind is in use +not_with_valgrind() { + if [ "$MEMCHECK" -gt 0 ]; then + SKIP_NEXT="YES" + fi +} + +# skip the next test if valgrind is NOT in use +only_with_valgrind() { + if [ "$MEMCHECK" -eq 0 ]; then + SKIP_NEXT="YES" + fi +} + +# multiply the client timeout delay by the given factor for the next test +client_needs_more_time() { + CLI_DELAY_FACTOR=$1 +} + +# wait for the given seconds after the client finished in the next test +server_needs_more_time() { + SRV_DELAY_SECONDS=$1 +} + +# print_name +print_name() { + TESTS=$(( $TESTS + 1 )) + LINE="" + + if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then + LINE="$TESTS " + fi + + LINE="$LINE$1" + printf "$LINE " + LEN=$(( 72 - `echo "$LINE" | wc -c` )) + for i in `seq 1 $LEN`; do printf '.'; done + printf ' ' + +} + +# fail +fail() { + echo "FAIL" + echo " ! $1" + + mv $SRV_OUT o-srv-${TESTS}.log + mv $CLI_OUT o-cli-${TESTS}.log + if [ -n "$PXY_CMD" ]; then + mv $PXY_OUT o-pxy-${TESTS}.log + fi + echo " ! outputs saved to o-XXX-${TESTS}.log" + + if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot -o "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then + echo " ! server output:" + cat o-srv-${TESTS}.log + echo " ! ========================================================" + echo " ! client output:" + cat o-cli-${TESTS}.log + if [ -n "$PXY_CMD" ]; then + echo " ! ========================================================" + echo " ! proxy output:" + cat o-pxy-${TESTS}.log + fi + echo "" + fi + + FAILS=$(( $FAILS + 1 )) +} + +# is_polar +is_polar() { + echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null +} + +# openssl s_server doesn't have -www with DTLS +check_osrv_dtls() { + if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then + NEEDS_INPUT=1 + SRV_CMD="$( echo $SRV_CMD | sed s/-www// )" + else + NEEDS_INPUT=0 + fi +} + +# provide input to commands that need it +provide_input() { + if [ $NEEDS_INPUT -eq 0 ]; then + return + fi + + while true; do + echo "HTTP/1.0 200 OK" + sleep 1 + done +} + +# has_mem_err +has_mem_err() { + if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && + grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null + then + return 1 # false: does not have errors + else + return 0 # true: has errors + fi +} + +# Wait for process $2 to be listening on port $1 +if type lsof >/dev/null 2>/dev/null; then + wait_server_start() { + START_TIME=$(date +%s) + if [ "$DTLS" -eq 1 ]; then + proto=UDP + else + proto=TCP + fi + # Make a tight loop, server normally takes less than 1s to start. + while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do + if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then + echo "SERVERSTART TIMEOUT" + echo "SERVERSTART TIMEOUT" >> $SRV_OUT + break + fi + # Linux and *BSD support decimal arguments to sleep. On other + # OSes this may be a tight loop. + sleep 0.1 2>/dev/null || true + done + } +else + echo "Warning: lsof not available, wait_server_start = sleep" + wait_server_start() { + sleep "$START_DELAY" + } +fi + +# Given the client or server debug output, parse the unix timestamp that is +# included in the first 4 bytes of the random bytes and check that it's within +# acceptable bounds +check_server_hello_time() { + # Extract the time from the debug (lvl 3) output of the client + SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")" + # Get the Unix timestamp for now + CUR_TIME=$(date +'%s') + THRESHOLD_IN_SECS=300 + + # Check if the ServerHello time was printed + if [ -z "$SERVER_HELLO_TIME" ]; then + return 1 + fi + + # Check the time in ServerHello is within acceptable bounds + if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then + # The time in ServerHello is at least 5 minutes before now + return 1 + elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then + # The time in ServerHello is at least 5 minutes later than now + return 1 + else + return 0 + fi +} + +# wait for client to terminate and set CLI_EXIT +# must be called right after starting the client +wait_client_done() { + CLI_PID=$! + + CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR )) + CLI_DELAY_FACTOR=1 + + ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) & + DOG_PID=$! + + wait $CLI_PID + CLI_EXIT=$? + + kill $DOG_PID >/dev/null 2>&1 + wait $DOG_PID + + echo "EXIT: $CLI_EXIT" >> $CLI_OUT + + sleep $SRV_DELAY_SECONDS + SRV_DELAY_SECONDS=0 +} + +# check if the given command uses dtls and sets global variable DTLS +detect_dtls() { + if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then + DTLS=1 + else + DTLS=0 + fi +} + +# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] +# Options: -s pattern pattern that must be present in server output +# -c pattern pattern that must be present in client output +# -u pattern lines after pattern must be unique in client output +# -f call shell function on client output +# -S pattern pattern that must be absent in server output +# -C pattern pattern that must be absent in client output +# -U pattern lines after pattern must be unique in server output +# -F call shell function on server output +run_test() { + NAME="$1" + shift 1 + + if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then : + else + SKIP_NEXT="NO" + return + fi + + print_name "$NAME" + + # Do we only run numbered tests? + if [ "X$RUN_TEST_NUMBER" = "X" ]; then : + elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then : + else + SKIP_NEXT="YES" + fi + + # does this test use a proxy? + if [ "X$1" = "X-p" ]; then + PXY_CMD="$2" + shift 2 + else + PXY_CMD="" + fi + + # get commands and client output + SRV_CMD="$1" + CLI_CMD="$2" + CLI_EXPECT="$3" + shift 3 + + # Check if server forces ciphersuite + FORCE_CIPHERSUITE=$(echo "$SRV_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p') + if [ ! -z "$FORCE_CIPHERSUITE" ]; then + requires_ciphersuite_enabled $FORCE_CIPHERSUITE + fi + + # Check if client forces ciphersuite + FORCE_CIPHERSUITE=$(echo "$CLI_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p') + if [ ! -z "$FORCE_CIPHERSUITE" ]; then + requires_ciphersuite_enabled $FORCE_CIPHERSUITE + fi + + # should we skip? + if [ "X$SKIP_NEXT" = "XYES" ]; then + SKIP_NEXT="NO" + echo "SKIP" + SKIPS=$(( $SKIPS + 1 )) + return + fi + + # fix client port + if [ -n "$PXY_CMD" ]; then + CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g ) + else + CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g ) + fi + + # update DTLS variable + detect_dtls "$SRV_CMD" + + # prepend valgrind to our commands if active + if [ "$MEMCHECK" -gt 0 ]; then + if is_polar "$SRV_CMD"; then + SRV_CMD="valgrind --leak-check=full $SRV_CMD" + fi + if is_polar "$CLI_CMD"; then + CLI_CMD="valgrind --leak-check=full $CLI_CMD" + fi + fi + + TIMES_LEFT=2 + while [ $TIMES_LEFT -gt 0 ]; do + TIMES_LEFT=$(( $TIMES_LEFT - 1 )) + + # run the commands + if [ -n "$PXY_CMD" ]; then + echo "$PXY_CMD" > $PXY_OUT + $PXY_CMD >> $PXY_OUT 2>&1 & + PXY_PID=$! + # assume proxy starts faster than server + fi + + check_osrv_dtls + echo "$SRV_CMD" > $SRV_OUT + provide_input | $SRV_CMD >> $SRV_OUT 2>&1 & + SRV_PID=$! + wait_server_start "$SRV_PORT" "$SRV_PID" + + echo "$CLI_CMD" > $CLI_OUT + eval "$CLI_CMD" >> $CLI_OUT 2>&1 & + wait_client_done + + sleep 0.05 + + # terminate the server (and the proxy) + kill $SRV_PID + wait $SRV_PID + + if [ -n "$PXY_CMD" ]; then + kill $PXY_PID >/dev/null 2>&1 + wait $PXY_PID + fi + + # retry only on timeouts + if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then + printf "RETRY " + else + TIMES_LEFT=0 + fi + done + + # check if the client and server went at least to the handshake stage + # (useful to avoid tests with only negative assertions and non-zero + # expected client exit to incorrectly succeed in case of catastrophic + # failure) + if is_polar "$SRV_CMD"; then + if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi + fi + if is_polar "$CLI_CMD"; then + if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi + fi + + # check server exit code + if [ $? != 0 ]; then + fail "server fail" + return + fi + + # check client exit code + if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \ + \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ] + then + fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)" + return + fi + + # check other assertions + # lines beginning with == are added by valgrind, ignore them + # lines with 'Serious error when reading debug info', are valgrind issues as well + while [ $# -gt 0 ] + do + case $1 in + "-s") + if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else + fail "pattern '$2' MUST be present in the Server output" + return + fi + ;; + + "-c") + if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else + fail "pattern '$2' MUST be present in the Client output" + return + fi + ;; + + "-S") + if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then + fail "pattern '$2' MUST NOT be present in the Server output" + return + fi + ;; + + "-C") + if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then + fail "pattern '$2' MUST NOT be present in the Client output" + return + fi + ;; + + # The filtering in the following two options (-u and -U) do the following + # - ignore valgrind output + # - filter out everything but lines right after the pattern occurrences + # - keep one of each non-unique line + # - count how many lines remain + # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1 + # if there were no duplicates. + "-U") + if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then + fail "lines following pattern '$2' must be unique in Server output" + return + fi + ;; + + "-u") + if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then + fail "lines following pattern '$2' must be unique in Client output" + return + fi + ;; + "-F") + if ! $2 "$SRV_OUT"; then + fail "function call to '$2' failed on Server output" + return + fi + ;; + "-f") + if ! $2 "$CLI_OUT"; then + fail "function call to '$2' failed on Client output" + return + fi + ;; + + *) + echo "Unknown test: $1" >&2 + exit 1 + esac + shift 2 + done + + # check valgrind's results + if [ "$MEMCHECK" -gt 0 ]; then + if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then + fail "Server has memory errors" + return + fi + if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then + fail "Client has memory errors" + return + fi + fi + + # if we're here, everything is ok + echo "PASS" + if [ "$PRESERVE_LOGS" -gt 0 ]; then + mv $SRV_OUT o-srv-${TESTS}.log + mv $CLI_OUT o-cli-${TESTS}.log + if [ -n "$PXY_CMD" ]; then + mv $PXY_OUT o-pxy-${TESTS}.log + fi + fi + + rm -f $SRV_OUT $CLI_OUT $PXY_OUT +} + +run_test_psa() { + requires_config_enabled MBEDTLS_USE_PSA_CRYPTO + run_test "PSA-supported ciphersuite: $1" \ + "$P_SRV debug_level=2 force_version=tls1_2" \ + "$P_CLI debug_level=2 force_version=tls1_2 force_ciphersuite=$1" \ + 0 \ + -c "Successfully setup PSA-based decryption cipher context" \ + -c "Successfully setup PSA-based encryption cipher context" \ + -c "PSA calc verify" \ + -c "calc PSA finished" \ + -s "Successfully setup PSA-based decryption cipher context" \ + -s "Successfully setup PSA-based encryption cipher context" \ + -s "PSA calc verify" \ + -s "calc PSA finished" \ + -C "Failed to setup PSA-based cipher context"\ + -S "Failed to setup PSA-based cipher context"\ + -s "Protocol is TLSv1.2" \ + -c "Perform PSA-based ECDH computation."\ + -c "Perform PSA-based computation of digest of ServerKeyExchange" \ + -S "error" \ + -C "error" +} + +run_test_psa_force_curve() { + requires_config_enabled MBEDTLS_USE_PSA_CRYPTO + run_test "PSA - ECDH with $1" \ + "$P_SRV debug_level=4 force_version=tls1_2" \ + "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ + 0 \ + -c "Successfully setup PSA-based decryption cipher context" \ + -c "Successfully setup PSA-based encryption cipher context" \ + -c "PSA calc verify" \ + -c "calc PSA finished" \ + -s "Successfully setup PSA-based decryption cipher context" \ + -s "Successfully setup PSA-based encryption cipher context" \ + -s "PSA calc verify" \ + -s "calc PSA finished" \ + -C "Failed to setup PSA-based cipher context"\ + -S "Failed to setup PSA-based cipher context"\ + -s "Protocol is TLSv1.2" \ + -c "Perform PSA-based ECDH computation."\ + -c "Perform PSA-based computation of digest of ServerKeyExchange" \ + -S "error" \ + -C "error" +} + +cleanup() { + rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION + test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1 + test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1 + test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1 + test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1 + exit 1 +} + +# +# MAIN +# + +get_options "$@" + +# sanity checks, avoid an avalanche of errors +P_SRV_BIN="${P_SRV%%[ ]*}" +P_CLI_BIN="${P_CLI%%[ ]*}" +P_PXY_BIN="${P_PXY%%[ ]*}" +if [ ! -x "$P_SRV_BIN" ]; then + echo "Command '$P_SRV_BIN' is not an executable file" + exit 1 +fi +if [ ! -x "$P_CLI_BIN" ]; then + echo "Command '$P_CLI_BIN' is not an executable file" + exit 1 +fi +if [ ! -x "$P_PXY_BIN" ]; then + echo "Command '$P_PXY_BIN' is not an executable file" + exit 1 +fi +if [ "$MEMCHECK" -gt 0 ]; then + if which valgrind >/dev/null 2>&1; then :; else + echo "Memcheck not possible. Valgrind not found" + exit 1 + fi +fi +if which $OPENSSL_CMD >/dev/null 2>&1; then :; else + echo "Command '$OPENSSL_CMD' not found" + exit 1 +fi + +# used by watchdog +MAIN_PID="$$" + +# We use somewhat arbitrary delays for tests: +# - how long do we wait for the server to start (when lsof not available)? +# - how long do we allow for the client to finish? +# (not to check performance, just to avoid waiting indefinitely) +# Things are slower with valgrind, so give extra time here. +# +# Note: without lsof, there is a trade-off between the running time of this +# script and the risk of spurious errors because we didn't wait long enough. +# The watchdog delay on the other hand doesn't affect normal running time of +# the script, only the case where a client or server gets stuck. +if [ "$MEMCHECK" -gt 0 ]; then + START_DELAY=6 + DOG_DELAY=60 +else + START_DELAY=2 + DOG_DELAY=20 +fi + +# some particular tests need more time: +# - for the client, we multiply the usual watchdog limit by a factor +# - for the server, we sleep for a number of seconds after the client exits +# see client_need_more_time() and server_needs_more_time() +CLI_DELAY_FACTOR=1 +SRV_DELAY_SECONDS=0 + +# fix commands to use this port, force IPv4 while at it +# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later +P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" +P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" +P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" +O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" +O_CLI="$O_CLI -connect localhost:+SRV_PORT" +G_SRV="$G_SRV -p $SRV_PORT" +G_CLI="$G_CLI -p +SRV_PORT" + +if [ -n "${OPENSSL_LEGACY:-}" ]; then + O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" + O_LEGACY_CLI="$O_LEGACY_CLI -connect localhost:+SRV_PORT" +fi + +if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then + G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" +fi + +if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then + G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT" +fi + +# Allow SHA-1, because many of our test certificates use it +P_SRV="$P_SRV allow_sha1=1" +P_CLI="$P_CLI allow_sha1=1" + +# Also pick a unique name for intermediate files +SRV_OUT="srv_out.$$" +CLI_OUT="cli_out.$$" +PXY_OUT="pxy_out.$$" +SESSION="session.$$" + +SKIP_NEXT="NO" + +trap cleanup INT TERM HUP + +# Basic test + +# Checks that: +# - things work with all ciphersuites active (used with config-full in all.sh) +# - the expected (highest security) parameters are selected +# ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) +run_test "Default" \ + "$P_SRV debug_level=3" \ + "$P_CLI" \ + 0 \ + -s "Protocol is TLSv1.2" \ + -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ + -s "client hello v3, signature_algorithm ext: 6" \ + -s "ECDHE curve: secp521r1" \ + -S "error" \ + -C "error" + +run_test "Default, DTLS" \ + "$P_SRV dtls=1" \ + "$P_CLI dtls=1" \ + 0 \ + -s "Protocol is DTLSv1.2" \ + -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" + +# Test using an opaque private key for client authentication +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for client authentication" \ + "$P_SRV auth_mode=required" \ + "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 0 \ + -c "key type: Opaque" \ + -s "Verifying peer X.509 certificate... ok" \ + -S "error" \ + -C "error" + +# Test ciphersuites which we expect to be fully supported by PSA Crypto +# and check that we don't fall back to Mbed TLS' internal crypto primitives. +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 +run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 + +requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED +run_test_psa_force_curve "secp521r1" +requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED +run_test_psa_force_curve "brainpoolP512r1" +requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED +run_test_psa_force_curve "secp384r1" +requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED +run_test_psa_force_curve "brainpoolP384r1" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +run_test_psa_force_curve "secp256r1" +requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED +run_test_psa_force_curve "secp256k1" +requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED +run_test_psa_force_curve "brainpoolP256r1" +requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED +run_test_psa_force_curve "secp224r1" +requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED +run_test_psa_force_curve "secp224k1" +requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED +run_test_psa_force_curve "secp192r1" +requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED +run_test_psa_force_curve "secp192k1" + +# Test current time in ServerHello +requires_config_enabled MBEDTLS_HAVE_TIME +run_test "ServerHello contains gmt_unix_time" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -f "check_server_hello_time" \ + -F "check_server_hello_time" + +# Test for uniqueness of IVs in AEAD ciphersuites +run_test "Unique IV in GCM" \ + "$P_SRV exchanges=20 debug_level=4" \ + "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ + 0 \ + -u "IV used" \ + -U "IV used" + +# Tests for rc4 option + +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES +run_test "RC4: server disabled, client enabled" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 1 \ + -s "SSL - The server has no ciphersuites in common" + +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES +run_test "RC4: server half, client enabled" \ + "$P_SRV arc4=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 1 \ + -s "SSL - The server has no ciphersuites in common" + +run_test "RC4: server enabled, client disabled" \ + "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI" \ + 1 \ + -s "SSL - The server has no ciphersuites in common" + +run_test "RC4: both enabled" \ + "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The server has no ciphersuites in common" + +# Test empty CA list in CertificateRequest in TLS 1.1 and earlier + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \ + "$G_SRV"\ + "$P_CLI force_version=tls1_1" \ + 0 + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 +run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \ + "$G_SRV"\ + "$P_CLI force_version=tls1" \ + 0 + +# Tests for SHA-1 support + +requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES +run_test "SHA-1 forbidden by default in server certificate" \ + "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ + "$P_CLI debug_level=2 allow_sha1=0" \ + 1 \ + -c "The certificate is signed with an unacceptable hash" + +requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES +run_test "SHA-1 forbidden by default in server certificate" \ + "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ + "$P_CLI debug_level=2 allow_sha1=0" \ + 0 + +run_test "SHA-1 explicitly allowed in server certificate" \ + "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ + "$P_CLI allow_sha1=1" \ + 0 + +run_test "SHA-256 allowed by default in server certificate" \ + "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \ + "$P_CLI allow_sha1=0" \ + 0 + +requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES +run_test "SHA-1 forbidden by default in client certificate" \ + "$P_SRV auth_mode=required allow_sha1=0" \ + "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ + 1 \ + -s "The certificate is signed with an unacceptable hash" + +requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES +run_test "SHA-1 forbidden by default in client certificate" \ + "$P_SRV auth_mode=required allow_sha1=0" \ + "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ + 0 + +run_test "SHA-1 explicitly allowed in client certificate" \ + "$P_SRV auth_mode=required allow_sha1=1" \ + "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ + 0 + +run_test "SHA-256 allowed by default in client certificate" \ + "$P_SRV auth_mode=required allow_sha1=0" \ + "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \ + 0 + +# Tests for datagram packing +run_test "DTLS: multiple records in same datagram, client and server" \ + "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \ + 0 \ + -c "next record in same datagram" \ + -s "next record in same datagram" + +run_test "DTLS: multiple records in same datagram, client only" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \ + 0 \ + -s "next record in same datagram" \ + -C "next record in same datagram" + +run_test "DTLS: multiple records in same datagram, server only" \ + "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ + 0 \ + -S "next record in same datagram" \ + -c "next record in same datagram" + +run_test "DTLS: multiple records in same datagram, neither client nor server" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ + 0 \ + -S "next record in same datagram" \ + -C "next record in same datagram" + +# Tests for Truncated HMAC extension + +run_test "Truncated HMAC: client default, server default" \ + "$P_SRV debug_level=4" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC: client disabled, server default" \ + "$P_SRV debug_level=4" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC: client enabled, server default" \ + "$P_SRV debug_level=4" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC: client enabled, server disabled" \ + "$P_SRV debug_level=4 trunc_hmac=0" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC: client disabled, server enabled" \ + "$P_SRV debug_level=4 trunc_hmac=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC: client enabled, server enabled" \ + "$P_SRV debug_level=4 trunc_hmac=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ + 0 \ + -S "dumping 'expected mac' (20 bytes)" \ + -s "dumping 'expected mac' (10 bytes)" + +run_test "Truncated HMAC, DTLS: client default, server default" \ + "$P_SRV dtls=1 debug_level=4" \ + "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC, DTLS: client disabled, server default" \ + "$P_SRV dtls=1 debug_level=4" \ + "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC, DTLS: client enabled, server default" \ + "$P_SRV dtls=1 debug_level=4" \ + "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC, DTLS: client enabled, server disabled" \ + "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \ + "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC, DTLS: client disabled, server enabled" \ + "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \ + "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \ + 0 \ + -s "dumping 'expected mac' (20 bytes)" \ + -S "dumping 'expected mac' (10 bytes)" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ + "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \ + "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \ + 0 \ + -S "dumping 'expected mac' (20 bytes)" \ + -s "dumping 'expected mac' (10 bytes)" + +# Tests for Encrypt-then-MAC extension + +run_test "Encrypt then MAC: default" \ + "$P_SRV debug_level=3 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -s "server hello, adding encrypt then mac extension" \ + -c "found encrypt_then_mac extension" \ + -c "using encrypt then mac" \ + -s "using encrypt then mac" + +run_test "Encrypt then MAC: client enabled, server disabled" \ + "$P_SRV debug_level=3 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 etm=1" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +run_test "Encrypt then MAC: client enabled, aead cipher" \ + "$P_SRV debug_level=3 etm=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI debug_level=3 etm=1" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +run_test "Encrypt then MAC: client enabled, stream cipher" \ + "$P_SRV debug_level=3 etm=1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +run_test "Encrypt then MAC: client disabled, server enabled" \ + "$P_SRV debug_level=3 etm=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 etm=0" \ + 0 \ + -C "client hello, adding encrypt_then_mac extension" \ + -S "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Encrypt then MAC: client SSLv3, server enabled" \ + "$P_SRV debug_level=3 min_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 force_version=ssl3" \ + 0 \ + -C "client hello, adding encrypt_then_mac extension" \ + -S "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Encrypt then MAC: client enabled, server SSLv3" \ + "$P_SRV debug_level=3 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 min_version=ssl3" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -S "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +# Tests for Extended Master Secret extension + +run_test "Extended Master Secret: default" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "client hello, adding extended_master_secret extension" \ + -s "found extended master secret extension" \ + -s "server hello, adding extended master secret extension" \ + -c "found extended_master_secret extension" \ + -c "using extended master secret" \ + -s "using extended master secret" + +run_test "Extended Master Secret: client enabled, server disabled" \ + "$P_SRV debug_level=3 extended_ms=0" \ + "$P_CLI debug_level=3 extended_ms=1" \ + 0 \ + -c "client hello, adding extended_master_secret extension" \ + -s "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +run_test "Extended Master Secret: client disabled, server enabled" \ + "$P_SRV debug_level=3 extended_ms=1" \ + "$P_CLI debug_level=3 extended_ms=0" \ + 0 \ + -C "client hello, adding extended_master_secret extension" \ + -S "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Extended Master Secret: client SSLv3, server enabled" \ + "$P_SRV debug_level=3 min_version=ssl3" \ + "$P_CLI debug_level=3 force_version=ssl3" \ + 0 \ + -C "client hello, adding extended_master_secret extension" \ + -S "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Extended Master Secret: client enabled, server SSLv3" \ + "$P_SRV debug_level=3 force_version=ssl3" \ + "$P_CLI debug_level=3 min_version=ssl3" \ + 0 \ + -c "client hello, adding extended_master_secret extension" \ + -S "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +# Tests for FALLBACK_SCSV + +run_test "Fallback SCSV: default" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 force_version=tls1_1" \ + 0 \ + -C "adding FALLBACK_SCSV" \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" \ + -C "is a fatal alert message (msg 86)" + +run_test "Fallback SCSV: explicitly disabled" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ + 0 \ + -C "adding FALLBACK_SCSV" \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" \ + -C "is a fatal alert message (msg 86)" + +run_test "Fallback SCSV: enabled" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ + 1 \ + -c "adding FALLBACK_SCSV" \ + -s "received FALLBACK_SCSV" \ + -s "inapropriate fallback" \ + -c "is a fatal alert message (msg 86)" + +run_test "Fallback SCSV: enabled, max version" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 fallback=1" \ + 0 \ + -c "adding FALLBACK_SCSV" \ + -s "received FALLBACK_SCSV" \ + -S "inapropriate fallback" \ + -C "is a fatal alert message (msg 86)" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: default, openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ + 0 \ + -C "adding FALLBACK_SCSV" \ + -C "is a fatal alert message (msg 86)" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: enabled, openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ + 1 \ + -c "adding FALLBACK_SCSV" \ + -c "is a fatal alert message (msg 86)" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: disabled, openssl client" \ + "$P_SRV debug_level=2" \ + "$O_CLI -tls1_1" \ + 0 \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: enabled, openssl client" \ + "$P_SRV debug_level=2" \ + "$O_CLI -tls1_1 -fallback_scsv" \ + 1 \ + -s "received FALLBACK_SCSV" \ + -s "inapropriate fallback" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: enabled, max version, openssl client" \ + "$P_SRV debug_level=2" \ + "$O_CLI -fallback_scsv" \ + 0 \ + -s "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + +# Test sending and receiving empty application data records + +run_test "Encrypt then MAC: empty application data record" \ + "$P_SRV auth_mode=none debug_level=4 etm=1" \ + "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \ + -s "dumping 'input payload after decrypt' (0 bytes)" \ + -c "0 bytes written in 1 fragments" + +run_test "Default, no Encrypt then MAC: empty application data record" \ + "$P_SRV auth_mode=none debug_level=4 etm=0" \ + "$P_CLI auth_mode=none etm=0 request_size=0" \ + 0 \ + -s "dumping 'input payload after decrypt' (0 bytes)" \ + -c "0 bytes written in 1 fragments" + +run_test "Encrypt then MAC, DTLS: empty application data record" \ + "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \ + "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \ + 0 \ + -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \ + -s "dumping 'input payload after decrypt' (0 bytes)" \ + -c "0 bytes written in 1 fragments" + +run_test "Default, no Encrypt then MAC, DTLS: empty application data record" \ + "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \ + "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \ + 0 \ + -s "dumping 'input payload after decrypt' (0 bytes)" \ + -c "0 bytes written in 1 fragments" + +## ClientHello generated with +## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..." +## then manually twiddling the ciphersuite list. +## The ClientHello content is spelled out below as a hex string as +## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix". +## The expected response is an inappropriate_fallback alert. +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: beginning of list" \ + "$P_SRV debug_level=2" \ + "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \ + 0 \ + -s "received FALLBACK_SCSV" \ + -s "inapropriate fallback" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: end of list" \ + "$P_SRV debug_level=2" \ + "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \ + 0 \ + -s "received FALLBACK_SCSV" \ + -s "inapropriate fallback" + +## Here the expected response is a valid ServerHello prefix, up to the random. +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: not in list" \ + "$P_SRV debug_level=2" \ + "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \ + 0 \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + +# Tests for CBC 1/n-1 record splitting + +run_test "CBC Record splitting: TLS 1.2, no splitting" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1_2" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.1, no splitting" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1_1" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0, splitting" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1" \ + 0 \ + -S "Read from client: 123 bytes read" \ + -s "Read from client: 1 bytes read" \ + -s "122 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "CBC Record splitting: SSLv3, splitting" \ + "$P_SRV min_version=ssl3" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=ssl3" \ + 0 \ + -S "Read from client: 123 bytes read" \ + -s "Read from client: 1 bytes read" \ + -s "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + request_size=123 force_version=tls1" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0, splitting disabled" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1 recsplit=0" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \ + "$P_SRV nbio=2" \ + "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1" \ + 0 \ + -S "Read from client: 123 bytes read" \ + -s "Read from client: 1 bytes read" \ + -s "122 bytes read" + +# Tests for Session Tickets + +run_test "Session resume using tickets: basic" \ + "$P_SRV debug_level=3 tickets=1" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using tickets: cache disabled" \ + "$P_SRV debug_level=3 tickets=1 cache_max=0" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using tickets: timeout" \ + "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using tickets: openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -c "a session has been resumed" + +run_test "Session resume using tickets: openssl client" \ + "$P_SRV debug_level=3 tickets=1" \ + "( $O_CLI -sess_out $SESSION; \ + $O_CLI -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" + +# Tests for Session Tickets with DTLS + +run_test "Session resume using tickets, DTLS: basic" \ + "$P_SRV debug_level=3 dtls=1 tickets=1" \ + "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using tickets, DTLS: cache disabled" \ + "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ + "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using tickets, DTLS: timeout" \ + "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \ + "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_delay=2" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using tickets, DTLS: openssl server" \ + "$O_SRV -dtls1" \ + "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -c "a session has been resumed" + +run_test "Session resume using tickets, DTLS: openssl client" \ + "$P_SRV dtls=1 debug_level=3 tickets=1" \ + "( $O_CLI -dtls1 -sess_out $SESSION; \ + $O_CLI -dtls1 -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" + +# Tests for Session Resume based on session-ID and cache + +run_test "Session resume using cache: tickets enabled on client" \ + "$P_SRV debug_level=3 tickets=0" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: tickets enabled on server" \ + "$P_SRV debug_level=3 tickets=1" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "client hello, adding session ticket extension" \ + -S "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: cache_max=0" \ + "$P_SRV debug_level=3 tickets=0 cache_max=0" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using cache: cache_max=1" \ + "$P_SRV debug_level=3 tickets=0 cache_max=1" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: timeout > delay" \ + "$P_SRV debug_level=3 tickets=0" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: timeout < delay" \ + "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ + 0 \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using cache: no timeout" \ + "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: openssl client" \ + "$P_SRV debug_level=3 tickets=0" \ + "( $O_CLI -sess_out $SESSION; \ + $O_CLI -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" + +run_test "Session resume using cache: openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -c "a session has been resumed" + +# Tests for Session Resume based on session-ID and cache, DTLS + +run_test "Session resume using cache, DTLS: tickets enabled on client" \ + "$P_SRV dtls=1 debug_level=3 tickets=0" \ + "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache, DTLS: tickets enabled on server" \ + "$P_SRV dtls=1 debug_level=3 tickets=1" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "client hello, adding session ticket extension" \ + -S "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache, DTLS: cache_max=0" \ + "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using cache, DTLS: cache_max=1" \ + "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache, DTLS: timeout > delay" \ + "$P_SRV dtls=1 debug_level=3 tickets=0" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache, DTLS: timeout < delay" \ + "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ + 0 \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using cache, DTLS: no timeout" \ + "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache, DTLS: openssl client" \ + "$P_SRV dtls=1 debug_level=3 tickets=0" \ + "( $O_CLI -dtls1 -sess_out $SESSION; \ + $O_CLI -dtls1 -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" + +run_test "Session resume using cache, DTLS: openssl server" \ + "$O_SRV -dtls1" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -c "a session has been resumed" + +# Tests for Max Fragment Length extension + +if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then + printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n" + exit 1 +fi + +if [ $MAX_CONTENT_LEN -ne 16384 ]; then + printf "Using non-default maximum content length $MAX_CONTENT_LEN\n" +fi + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: enabled, default" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "Maximum fragment length is $MAX_CONTENT_LEN" \ + -s "Maximum fragment length is $MAX_CONTENT_LEN" \ + -C "client hello, adding max_fragment_length extension" \ + -S "found max fragment length extension" \ + -S "server hello, max_fragment_length extension" \ + -C "found max_fragment_length extension" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: enabled, default, larger message" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ + 0 \ + -c "Maximum fragment length is $MAX_CONTENT_LEN" \ + -s "Maximum fragment length is $MAX_CONTENT_LEN" \ + -C "client hello, adding max_fragment_length extension" \ + -S "found max fragment length extension" \ + -S "server hello, max_fragment_length extension" \ + -C "found max_fragment_length extension" \ + -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ + -s "$MAX_CONTENT_LEN bytes read" \ + -s "1 bytes read" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length, DTLS: enabled, default, larger message" \ + "$P_SRV debug_level=3 dtls=1" \ + "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ + 1 \ + -c "Maximum fragment length is $MAX_CONTENT_LEN" \ + -s "Maximum fragment length is $MAX_CONTENT_LEN" \ + -C "client hello, adding max_fragment_length extension" \ + -S "found max fragment length extension" \ + -S "server hello, max_fragment_length extension" \ + -C "found max_fragment_length extension" \ + -c "fragment larger than.*maximum " + +# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled +# (session fragment length will be 16384 regardless of mbedtls +# content length configuration.) + +requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: disabled, larger message" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ + 0 \ + -C "Maximum fragment length is 16384" \ + -S "Maximum fragment length is 16384" \ + -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ + -s "$MAX_CONTENT_LEN bytes read" \ + -s "1 bytes read" + +requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length DTLS: disabled, larger message" \ + "$P_SRV debug_level=3 dtls=1" \ + "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ + 1 \ + -C "Maximum fragment length is 16384" \ + -S "Maximum fragment length is 16384" \ + -c "fragment larger than.*maximum " + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: used by client" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 max_frag_len=4096" \ + 0 \ + -c "Maximum fragment length is 4096" \ + -s "Maximum fragment length is 4096" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: used by server" \ + "$P_SRV debug_level=3 max_frag_len=4096" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "Maximum fragment length is $MAX_CONTENT_LEN" \ + -s "Maximum fragment length is 4096" \ + -C "client hello, adding max_fragment_length extension" \ + -S "found max fragment length extension" \ + -S "server hello, max_fragment_length extension" \ + -C "found max_fragment_length extension" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +requires_gnutls +run_test "Max fragment length: gnutls server" \ + "$G_SRV" \ + "$P_CLI debug_level=3 max_frag_len=4096" \ + 0 \ + -c "Maximum fragment length is 4096" \ + -c "client hello, adding max_fragment_length extension" \ + -c "found max_fragment_length extension" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: client, message just fits" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \ + 0 \ + -c "Maximum fragment length is 2048" \ + -s "Maximum fragment length is 2048" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" \ + -c "2048 bytes written in 1 fragments" \ + -s "2048 bytes read" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: client, larger message" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \ + 0 \ + -c "Maximum fragment length is 2048" \ + -s "Maximum fragment length is 2048" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" \ + -c "2345 bytes written in 2 fragments" \ + -s "2048 bytes read" \ + -s "297 bytes read" + +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "Max fragment length: DTLS client, larger message" \ + "$P_SRV debug_level=3 dtls=1" \ + "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \ + 1 \ + -c "Maximum fragment length is 2048" \ + -s "Maximum fragment length is 2048" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" \ + -c "fragment larger than.*maximum" + +# Tests for renegotiation + +# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION +run_test "Renegotiation: none, for reference" \ + "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: client-initiated" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: server-initiated" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that +# the server did not parse the Signature Algorithm extension. This test is valid only if an MD +# algorithm stronger than SHA-1 is enabled in config.h +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" \ + -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? + +# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that +# the server did not parse the Signature Algorithm extension. This test is valid only if an MD +# algorithm stronger than SHA-1 is enabled in config.h +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: double" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: client-initiated, server-rejected" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 1 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" \ + -c "SSL - Unexpected message at ServerHello in renegotiation" \ + -c "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: server-initiated, client-rejected, default" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=-1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +# delay 2 for 1 alert record + 1 application data record +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=2 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=0 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -s "SSL - An unexpected message was received from our peer" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=0 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: periodic, just below period" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -S "record counter limit reached: renegotiate" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +# one extra exchange to be able to complete renego +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: periodic, just above period" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -s "record counter limit reached: renegotiate" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: periodic, two times period" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -s "record counter limit reached: renegotiate" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: periodic, above period, disabled" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -S "record counter limit reached: renegotiate" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: nbio, client-initiated" \ + "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \ + "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: nbio, server-initiated" \ + "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ + "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: openssl server, client-initiated" \ + "$O_SRV -www" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "ssl_hanshake() returned" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: gnutls server strict, client-initiated" \ + "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "ssl_hanshake() returned" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: gnutls server unsafe, client-initiated default" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + 1 \ + -c "client hello, adding renegotiation extension" \ + -C "found renegotiation extension" \ + -c "=> renegotiate" \ + -c "mbedtls_ssl_handshake() returned" \ + -c "error" \ + -C "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ + allow_legacy=0" \ + 1 \ + -c "client hello, adding renegotiation extension" \ + -C "found renegotiation extension" \ + -c "=> renegotiate" \ + -c "mbedtls_ssl_handshake() returned" \ + -c "error" \ + -C "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ + allow_legacy=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -C "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "ssl_hanshake() returned" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: DTLS, client-initiated" \ + "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \ + "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: DTLS, server-initiated" \ + "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \ + read_timeout=1000 max_resend=2" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: DTLS, renego_period overflow" \ + "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \ + "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -s "record counter limit reached: renegotiate" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ + "$G_SRV -u --mtu 4096" \ + "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "mbedtls_ssl_handshake returned" \ + -C "error" \ + -s "Extra-header:" + +# Test for the "secure renegotation" extension only (no actual renegotiation) + +requires_gnutls +run_test "Renego ext: gnutls server strict, client default" \ + "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "found renegotiation extension" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renego ext: gnutls server unsafe, client default" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "found renegotiation extension" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renego ext: gnutls server unsafe, client break legacy" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 allow_legacy=-1" \ + 1 \ + -C "found renegotiation extension" \ + -c "error" \ + -C "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renego ext: gnutls client strict, server default" \ + "$P_SRV debug_level=3" \ + "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \ + 0 \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ + -s "server hello, secure renegotiation extension" + +requires_gnutls +run_test "Renego ext: gnutls client unsafe, server default" \ + "$P_SRV debug_level=3" \ + "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \ + 0 \ + -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ + -S "server hello, secure renegotiation extension" + +requires_gnutls +run_test "Renego ext: gnutls client unsafe, server break legacy" \ + "$P_SRV debug_level=3 allow_legacy=-1" \ + "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \ + 1 \ + -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ + -S "server hello, secure renegotiation extension" + +# Tests for silently dropping trailing extra bytes in .der certificates + +requires_gnutls +run_test "DER format: no trailing bytes" \ + "$P_SRV crt_file=data_files/server5-der0.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with a trailing zero byte" \ + "$P_SRV crt_file=data_files/server5-der1a.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with a trailing random byte" \ + "$P_SRV crt_file=data_files/server5-der1b.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 2 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der2.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 4 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der4.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 8 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der8.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 9 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der9.crt \ + key_file=data_files/server5.key" \ + "$G_CLI localhost" \ + 0 \ + -c "Handshake was completed" \ + +# Tests for auth_mode + +run_test "Authentication: server badcert, client required" \ + "$P_SRV crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI debug_level=1 auth_mode=required" \ + 1 \ + -c "x509_verify_cert() returned" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -c "! mbedtls_ssl_handshake returned" \ + -c "X509 - Certificate verification failed" + +run_test "Authentication: server badcert, client optional" \ + "$P_SRV crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI debug_level=1 auth_mode=optional" \ + 0 \ + -c "x509_verify_cert() returned" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" + +run_test "Authentication: server goodcert, client optional, no trusted CA" \ + "$P_SRV" \ + "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ + 0 \ + -c "x509_verify_cert() returned" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -c "! Certificate verification flags"\ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" \ + -C "SSL - No CA Chain is set, but required to operate" + +run_test "Authentication: server goodcert, client required, no trusted CA" \ + "$P_SRV" \ + "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \ + 1 \ + -c "x509_verify_cert() returned" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -c "! Certificate verification flags"\ + -c "! mbedtls_ssl_handshake returned" \ + -c "SSL - No CA Chain is set, but required to operate" + +# The purpose of the next two tests is to test the client's behaviour when receiving a server +# certificate with an unsupported elliptic curve. This should usually not happen because +# the client informs the server about the supported curves - it does, though, in the +# corner case of a static ECDH suite, because the server doesn't check the curve on that +# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a +# different means to have the server ignoring the client's supported curve list. + +requires_config_enabled MBEDTLS_ECP_C +run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \ + "$P_SRV debug_level=1 key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ka.crt" \ + "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \ + 1 \ + -c "bad certificate (EC key curve)"\ + -c "! Certificate verification flags"\ + -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage + +requires_config_enabled MBEDTLS_ECP_C +run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \ + "$P_SRV debug_level=1 key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ka.crt" \ + "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \ + 1 \ + -c "bad certificate (EC key curve)"\ + -c "! Certificate verification flags"\ + -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check + +run_test "Authentication: server badcert, client none" \ + "$P_SRV crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI debug_level=1 auth_mode=none" \ + 0 \ + -C "x509_verify_cert() returned" \ + -C "! The certificate is not correctly signed by the trusted CA" \ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" + +run_test "Authentication: client SHA256, server required" \ + "$P_SRV auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ + key_file=data_files/server6.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ + 0 \ + -c "Supported Signature Algorithm found: 4," \ + -c "Supported Signature Algorithm found: 5," + +run_test "Authentication: client SHA384, server required" \ + "$P_SRV auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ + key_file=data_files/server6.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ + 0 \ + -c "Supported Signature Algorithm found: 4," \ + -c "Supported Signature Algorithm found: 5," + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Authentication: client has no cert, server required (SSLv3)" \ + "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \ + "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \ + key_file=data_files/server5.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -c "got no certificate to send" \ + -S "x509_verify_cert() returned" \ + -s "client has no certificate" \ + -s "! mbedtls_ssl_handshake returned" \ + -c "! mbedtls_ssl_handshake returned" \ + -s "No client certification received from the client, but required by the authentication mode" + +run_test "Authentication: client has no cert, server required (TLS)" \ + "$P_SRV debug_level=3 auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=none \ + key_file=data_files/server5.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -c "= write certificate$" \ + -C "skip write certificate$" \ + -S "x509_verify_cert() returned" \ + -s "client has no certificate" \ + -s "! mbedtls_ssl_handshake returned" \ + -c "! mbedtls_ssl_handshake returned" \ + -s "No client certification received from the client, but required by the authentication mode" + +run_test "Authentication: client badcert, server required" \ + "$P_SRV debug_level=3 auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -s "! mbedtls_ssl_handshake returned" \ + -s "send alert level=2 message=48" \ + -c "! mbedtls_ssl_handshake returned" \ + -s "X509 - Certificate verification failed" +# We don't check that the client receives the alert because it might +# detect that its write end of the connection is closed and abort +# before reading the alert message. + +run_test "Authentication: client cert not trusted, server required" \ + "$P_SRV debug_level=3 auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ + key_file=data_files/server5.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -s "! mbedtls_ssl_handshake returned" \ + -c "! mbedtls_ssl_handshake returned" \ + -s "X509 - Certificate verification failed" + +run_test "Authentication: client badcert, server optional" \ + "$P_SRV debug_level=3 auth_mode=optional" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: client badcert, server none" \ + "$P_SRV debug_level=3 auth_mode=none" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + 0 \ + -s "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got no certificate request" \ + -c "skip write certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" \ + -S "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: client no cert, server optional" \ + "$P_SRV debug_level=3 auth_mode=optional" \ + "$P_CLI debug_level=3 crt_file=none key_file=none" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -C "got no certificate to send" \ + -S "SSLv3 client has no certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" \ + -s "! Certificate was missing" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: openssl client no cert, server optional" \ + "$P_SRV debug_level=3 auth_mode=optional" \ + "$O_CLI" \ + 0 \ + -S "skip write certificate request" \ + -s "skip parse certificate verify" \ + -s "! Certificate was missing" \ + -S "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: client no cert, openssl server optional" \ + "$O_SRV -verify 10" \ + "$P_CLI debug_level=3 crt_file=none key_file=none" \ + 0 \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -c "skip write certificate verify" \ + -C "! mbedtls_ssl_handshake returned" + +run_test "Authentication: client no cert, openssl server required" \ + "$O_SRV -Verify 10" \ + "$P_CLI debug_level=3 crt_file=none key_file=none" \ + 1 \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -c "skip write certificate verify" \ + -c "! mbedtls_ssl_handshake returned" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Authentication: client no cert, ssl3" \ + "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \ + "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -c "skip write certificate verify" \ + -c "got no certificate to send" \ + -s "SSLv3 client has no certificate" \ + -s "skip parse certificate verify" \ + -s "! Certificate was missing" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its +# default value (8) + +MAX_IM_CA='8' +MAX_IM_CA_CONFIG=$( ../scripts/config.pl get MBEDTLS_X509_MAX_INTERMEDIATE_CA) + +if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then + printf "The ${CONFIG_H} file contains a value for the configuration of\n" + printf "MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script’s\n" + printf "test value of ${MAX_IM_CA}. \n" + printf "\n" + printf "The tests assume this value and if it changes, the tests in this\n" + printf "script should also be adjusted.\n" + printf "\n" + + exit 1 +fi + +requires_full_size_output_buffer +run_test "Authentication: server max_int chain, client default" \ + "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ + key_file=data_files/dir-maxpath/09.key" \ + "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \ + 0 \ + -C "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: server max_int+1 chain, client default" \ + "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ + key_file=data_files/dir-maxpath/10.key" \ + "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \ + 1 \ + -c "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: server max_int+1 chain, client optional" \ + "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ + key_file=data_files/dir-maxpath/10.key" \ + "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ + auth_mode=optional" \ + 1 \ + -c "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: server max_int+1 chain, client none" \ + "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ + key_file=data_files/dir-maxpath/10.key" \ + "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ + auth_mode=none" \ + 0 \ + -C "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: client max_int+1 chain, server default" \ + "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \ + "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ + key_file=data_files/dir-maxpath/10.key" \ + 0 \ + -S "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: client max_int+1 chain, server optional" \ + "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ + "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ + key_file=data_files/dir-maxpath/10.key" \ + 1 \ + -s "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: client max_int+1 chain, server required" \ + "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ + "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ + key_file=data_files/dir-maxpath/10.key" \ + 1 \ + -s "X509 - A fatal error occurred" + +requires_full_size_output_buffer +run_test "Authentication: client max_int chain, server required" \ + "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ + "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \ + key_file=data_files/dir-maxpath/09.key" \ + 0 \ + -S "X509 - A fatal error occurred" + +# Tests for CA list in CertificateRequest messages + +run_test "Authentication: send CA list in CertificateRequest (default)" \ + "$P_SRV debug_level=3 auth_mode=required" \ + "$P_CLI crt_file=data_files/server6.crt \ + key_file=data_files/server6.key" \ + 0 \ + -s "requested DN" + +run_test "Authentication: do not send CA list in CertificateRequest" \ + "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ + "$P_CLI crt_file=data_files/server6.crt \ + key_file=data_files/server6.key" \ + 0 \ + -S "requested DN" + +run_test "Authentication: send CA list in CertificateRequest, client self signed" \ + "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ + key_file=data_files/server5.key" \ + 1 \ + -S "requested DN" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -s "! mbedtls_ssl_handshake returned" \ + -c "! mbedtls_ssl_handshake returned" \ + -s "X509 - Certificate verification failed" + +# Tests for certificate selection based on SHA verson + +run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server5-sha1.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1_2" \ + 0 \ + -c "signed using.*ECDSA with SHA256" \ + -C "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server5-sha1.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -C "signed using.*ECDSA with SHA256" \ + -c "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server5-sha1.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1" \ + 0 \ + -C "signed using.*ECDSA with SHA256" \ + -c "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server6.crt \ + key_file2=data_files/server6.key" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -c "serial number.*09" \ + -c "signed using.*ECDSA with SHA256" \ + -C "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ + "$P_SRV crt_file=data_files/server6.crt \ + key_file=data_files/server6.key \ + crt_file2=data_files/server5.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -c "serial number.*0A" \ + -c "signed using.*ECDSA with SHA256" \ + -C "signed using.*ECDSA with SHA1" + +# tests for SNI + +run_test "SNI: no SNI callback" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$P_CLI server_name=localhost" \ + 0 \ + -S "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=localhost" + +run_test "SNI: matching cert 1" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=localhost" \ + 0 \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=localhost" + +run_test "SNI: matching cert 2" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=polarssl.example" \ + 0 \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" + +run_test "SNI: no matching cert" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=nonesuch.example" \ + 1 \ + -s "parse ServerName extension" \ + -s "ssl_sni_wrapper() returned" \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -c "SSL - A fatal alert message was received from our peer" + +run_test "SNI: client auth no override: optional" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \ + "$P_CLI debug_level=3 server_name=localhost" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" + +run_test "SNI: client auth override: none -> optional" \ + "$P_SRV debug_level=3 auth_mode=none \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \ + "$P_CLI debug_level=3 server_name=localhost" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" + +run_test "SNI: client auth override: optional -> none" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \ + "$P_CLI debug_level=3 server_name=localhost" \ + 0 \ + -s "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got no certificate request" \ + -c "skip write certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" + +run_test "SNI: CA no override" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \ + "$P_CLI debug_level=3 server_name=localhost \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -S "The certificate has been revoked (is on a CRL)" + +run_test "SNI: CA override" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \ + "$P_CLI debug_level=3 server_name=localhost \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -S "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -S "The certificate has been revoked (is on a CRL)" + +run_test "SNI: CA override with CRL" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \ + "$P_CLI debug_level=3 server_name=localhost \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -s "The certificate has been revoked (is on a CRL)" + +# Tests for SNI and DTLS + +run_test "SNI: DTLS, no SNI callback" \ + "$P_SRV debug_level=3 dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$P_CLI server_name=localhost dtls=1" \ + 0 \ + -S "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=localhost" + +run_test "SNI: DTLS, matching cert 1" \ + "$P_SRV debug_level=3 dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=localhost dtls=1" \ + 0 \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=localhost" + +run_test "SNI: DTLS, matching cert 2" \ + "$P_SRV debug_level=3 dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=polarssl.example dtls=1" \ + 0 \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" + +run_test "SNI: DTLS, no matching cert" \ + "$P_SRV debug_level=3 dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=nonesuch.example dtls=1" \ + 1 \ + -s "parse ServerName extension" \ + -s "ssl_sni_wrapper() returned" \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -c "SSL - A fatal alert message was received from our peer" + +run_test "SNI: DTLS, client auth no override: optional" \ + "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \ + "$P_CLI debug_level=3 server_name=localhost dtls=1" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" + +run_test "SNI: DTLS, client auth override: none -> optional" \ + "$P_SRV debug_level=3 auth_mode=none dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \ + "$P_CLI debug_level=3 server_name=localhost dtls=1" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" + +run_test "SNI: DTLS, client auth override: optional -> none" \ + "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \ + "$P_CLI debug_level=3 server_name=localhost dtls=1" \ + 0 \ + -s "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got no certificate request" \ + -c "skip write certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" + +run_test "SNI: DTLS, CA no override" \ + "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \ + "$P_CLI debug_level=3 server_name=localhost dtls=1 \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -S "The certificate has been revoked (is on a CRL)" + +run_test "SNI: DTLS, CA override" \ + "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \ + "$P_CLI debug_level=3 server_name=localhost dtls=1 \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -S "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -S "The certificate has been revoked (is on a CRL)" + +run_test "SNI: DTLS, CA override with CRL" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \ + "$P_CLI debug_level=3 server_name=localhost dtls=1 \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -s "The certificate has been revoked (is on a CRL)" + +# Tests for non-blocking I/O: exercise a variety of handshake flows + +run_test "Non-blocking I/O: basic handshake" \ + "$P_SRV nbio=2 tickets=0 auth_mode=none" \ + "$P_CLI nbio=2 tickets=0" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: client auth" \ + "$P_SRV nbio=2 tickets=0 auth_mode=required" \ + "$P_CLI nbio=2 tickets=0" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket" \ + "$P_SRV nbio=2 tickets=1 auth_mode=none" \ + "$P_CLI nbio=2 tickets=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket + client auth" \ + "$P_SRV nbio=2 tickets=1 auth_mode=required" \ + "$P_CLI nbio=2 tickets=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket + client auth + resume" \ + "$P_SRV nbio=2 tickets=1 auth_mode=required" \ + "$P_CLI nbio=2 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket + resume" \ + "$P_SRV nbio=2 tickets=1 auth_mode=none" \ + "$P_CLI nbio=2 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: session-id resume" \ + "$P_SRV nbio=2 tickets=0 auth_mode=none" \ + "$P_CLI nbio=2 tickets=0 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +# Tests for event-driven I/O: exercise a variety of handshake flows + +run_test "Event-driven I/O: basic handshake" \ + "$P_SRV event=1 tickets=0 auth_mode=none" \ + "$P_CLI event=1 tickets=0" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O: client auth" \ + "$P_SRV event=1 tickets=0 auth_mode=required" \ + "$P_CLI event=1 tickets=0" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O: ticket" \ + "$P_SRV event=1 tickets=1 auth_mode=none" \ + "$P_CLI event=1 tickets=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O: ticket + client auth" \ + "$P_SRV event=1 tickets=1 auth_mode=required" \ + "$P_CLI event=1 tickets=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O: ticket + client auth + resume" \ + "$P_SRV event=1 tickets=1 auth_mode=required" \ + "$P_CLI event=1 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O: ticket + resume" \ + "$P_SRV event=1 tickets=1 auth_mode=none" \ + "$P_CLI event=1 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O: session-id resume" \ + "$P_SRV event=1 tickets=0 auth_mode=none" \ + "$P_CLI event=1 tickets=0 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: basic handshake" \ + "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \ + "$P_CLI dtls=1 event=1 tickets=0" \ + 0 \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: client auth" \ + "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \ + "$P_CLI dtls=1 event=1 tickets=0" \ + 0 \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: ticket" \ + "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ + "$P_CLI dtls=1 event=1 tickets=1" \ + 0 \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: ticket + client auth" \ + "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ + "$P_CLI dtls=1 event=1 tickets=1" \ + 0 \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \ + "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ + "$P_CLI dtls=1 event=1 tickets=1 reconnect=1" \ + 0 \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: ticket + resume" \ + "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ + "$P_CLI dtls=1 event=1 tickets=1 reconnect=1" \ + 0 \ + -c "Read from server: .* bytes read" + +run_test "Event-driven I/O, DTLS: session-id resume" \ + "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \ + "$P_CLI dtls=1 event=1 tickets=0 reconnect=1" \ + 0 \ + -c "Read from server: .* bytes read" + +# This test demonstrates the need for the mbedtls_ssl_check_pending function. +# During session resumption, the client will send its ApplicationData record +# within the same datagram as the Finished messages. In this situation, the +# server MUST NOT idle on the underlying transport after handshake completion, +# because the ApplicationData request has already been queued internally. +run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \ + -p "$P_PXY pack=50" \ + "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \ + "$P_CLI dtls=1 event=1 tickets=0 reconnect=1" \ + 0 \ + -c "Read from server: .* bytes read" + +# Tests for version negotiation + +run_test "Version check: all -> 1.2" \ + "$P_SRV" \ + "$P_CLI" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.2" \ + -c "Protocol is TLSv1.2" + +run_test "Version check: cli max 1.1 -> 1.1" \ + "$P_SRV" \ + "$P_CLI max_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: srv max 1.1 -> 1.1" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli+srv max 1.1 -> 1.1" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI max_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ + "$P_SRV min_version=tls1_1" \ + "$P_CLI max_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI min_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI min_version=tls1_2" \ + 1 \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -c "SSL - Handshake protocol not within min/max boundaries" + +run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ + "$P_SRV min_version=tls1_2" \ + "$P_CLI max_version=tls1_1" \ + 1 \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -s "SSL - Handshake protocol not within min/max boundaries" + +# Tests for ALPN extension + +run_test "ALPN: none" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "client hello, adding alpn extension" \ + -S "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension " \ + -C "Application Layer Protocol is" \ + -S "Application Layer Protocol is" + +run_test "ALPN: client only" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 alpn=abc,1234" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension " \ + -c "Application Layer Protocol is (none)" \ + -S "Application Layer Protocol is" + +run_test "ALPN: server only" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "client hello, adding alpn extension" \ + -S "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension " \ + -C "Application Layer Protocol is" \ + -s "Application Layer Protocol is (none)" + +run_test "ALPN: both, common cli1-srv1" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3 alpn=abc,1234" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -s "server hello, adding alpn extension" \ + -c "found alpn extension" \ + -c "Application Layer Protocol is abc" \ + -s "Application Layer Protocol is abc" + +run_test "ALPN: both, common cli2-srv1" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3 alpn=1234,abc" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -s "server hello, adding alpn extension" \ + -c "found alpn extension" \ + -c "Application Layer Protocol is abc" \ + -s "Application Layer Protocol is abc" + +run_test "ALPN: both, common cli1-srv2" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3 alpn=1234,abcde" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -s "server hello, adding alpn extension" \ + -c "found alpn extension" \ + -c "Application Layer Protocol is 1234" \ + -s "Application Layer Protocol is 1234" + +run_test "ALPN: both, no common" \ + "$P_SRV debug_level=3 alpn=abc,123" \ + "$P_CLI debug_level=3 alpn=1234,abcde" \ + 1 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -c "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension" \ + -C "Application Layer Protocol is 1234" \ + -S "Application Layer Protocol is 1234" + + +# Tests for keyUsage in leaf certificates, part 1: +# server-side certificate/suite selection + +run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \ + "$P_SRV key_file=data_files/server2.key \ + crt_file=data_files/server2.ku-ds.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" + + +run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \ + "$P_SRV key_file=data_files/server2.key \ + crt_file=data_files/server2.ku-ke.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-" + +run_test "keyUsage srv: RSA, keyAgreement -> fail" \ + "$P_SRV key_file=data_files/server2.key \ + crt_file=data_files/server2.ku-ka.crt" \ + "$P_CLI" \ + 1 \ + -C "Ciphersuite is " + +run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ds.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-" + + +run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ka.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-ECDH-" + +run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ke.crt" \ + "$P_CLI" \ + 1 \ + -C "Ciphersuite is " + +# Tests for keyUsage in leaf certificates, part 2: +# client-side checking of server cert + +run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds_ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds_ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: KeyEncipherment, RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is TLS-" + +run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1 auth_mode=optional \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -c "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" \ + -c "! Usage does not match the keyUsage extension" + +run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: DigitalSignature, RSA: fail" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is TLS-" + +run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + "$P_CLI debug_level=1 auth_mode=optional \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -c "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" \ + -c "! Usage does not match the keyUsage extension" + +# Tests for keyUsage in leaf certificates, part 3: +# server-side checking of client cert + +run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \ + "$P_SRV debug_level=1 auth_mode=required" \ + "$O_CLI -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + 1 \ + -s "bad certificate (usage extensions)" \ + -s "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.ku-ds.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.ku-ka.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection + +run_test "extKeyUsage srv: serverAuth -> OK" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-srv.crt" \ + "$P_CLI" \ + 0 + +run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-srv.crt" \ + "$P_CLI" \ + 0 + +run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-cs_any.crt" \ + "$P_CLI" \ + 0 + +run_test "extKeyUsage srv: codeSign -> fail" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-cli.crt" \ + "$P_CLI" \ + 1 + +# Tests for extendedKeyUsage, part 2: client-side checking of server cert + +run_test "extKeyUsage cli: serverAuth -> OK" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-srv.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-srv_cli.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-cs_any.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "extKeyUsage cli: codeSign -> fail" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is TLS-" + +# Tests for extendedKeyUsage, part 3: server-side checking of client cert + +run_test "extKeyUsage cli-auth: clientAuth -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cli.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-srv_cli.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cs_any.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \ + "$P_SRV debug_level=1 auth_mode=required" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + 1 \ + -s "bad certificate (usage extensions)" \ + -s "Processing of the Certificate handshake message failed" + +# Tests for DHM parameters loading + +run_test "DHM parameters: reference" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=3" \ + 0 \ + -c "value of 'DHM: P ' (2048 bits)" \ + -c "value of 'DHM: G ' (2 bits)" + +run_test "DHM parameters: other parameters" \ + "$P_SRV dhm_file=data_files/dhparams.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=3" \ + 0 \ + -c "value of 'DHM: P ' (1024 bits)" \ + -c "value of 'DHM: G ' (2 bits)" + +# Tests for DHM client-side size checking + +run_test "DHM size: server default, client default, OK" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server default, client 2048, OK" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=2048" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server 1024, client default, OK" \ + "$P_SRV dhm_file=data_files/dhparams.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server 1000, client default, rejected" \ + "$P_SRV dhm_file=data_files/dh.1000.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1" \ + 1 \ + -c "DHM prime too short:" + +run_test "DHM size: server default, client 2049, rejected" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=2049" \ + 1 \ + -c "DHM prime too short:" + +# Tests for PSK callback + +run_test "PSK callback: psk, no callback" \ + "$P_SRV psk=abc123 psk_identity=foo" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123 psk_opaque=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123 psk_opaque=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback, EMS" \ + "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123 psk_opaque=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -c "using extended master secret"\ + -s "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ + "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ + "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123 psk_opaque=1" \ + 0 \ + -c "skip PMS generation for opaque PSK"\ + -S "skip PMS generation for opaque PSK"\ + -c "using extended master secret"\ + -s "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123 extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=foo psk=abc123 extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=abc psk=dead extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ + force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ + "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + psk_identity=abc psk=dead extended_ms=1" \ + 0 \ + -c "using extended master secret"\ + -s "using extended master secret"\ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -s "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -C "skip PMS generation for opaque PSK"\ + -C "using extended master secret"\ + -S "using extended master secret"\ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 1 \ + -s "SSL - Verification of the message MAC failed" + +run_test "PSK callback: no psk, no callback" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 1 \ + -s "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: callback overrides other settings" \ + "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 1 \ + -S "SSL - None of the common ciphersuites is usable" \ + -s "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: first id matches" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=abc psk=dead" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: second id matches" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: no match" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=ghi psk=beef" \ + 1 \ + -S "SSL - None of the common ciphersuites is usable" \ + -s "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: wrong key" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=abc psk=beef" \ + 1 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -s "SSL - Verification of the message MAC failed" + +# Tests for EC J-PAKE + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: client not configured" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "add ciphersuite: c0ff" \ + -C "adding ecjpake_kkpp extension" \ + -S "found ecjpake kkpp extension" \ + -S "skip ecjpake kkpp extension" \ + -S "ciphersuite mismatch: ecjpake not configured" \ + -S "server hello, ecjpake kkpp extension" \ + -C "found ecjpake_kkpp extension" \ + -S "None of the common ciphersuites is usable" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: server not configured" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 1 \ + -c "add ciphersuite: c0ff" \ + -c "adding ecjpake_kkpp extension" \ + -s "found ecjpake kkpp extension" \ + -s "skip ecjpake kkpp extension" \ + -s "ciphersuite mismatch: ecjpake not configured" \ + -S "server hello, ecjpake kkpp extension" \ + -C "found ecjpake_kkpp extension" \ + -s "None of the common ciphersuites is usable" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, TLS" \ + "$P_SRV debug_level=3 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 \ + -c "add ciphersuite: c0ff" \ + -c "adding ecjpake_kkpp extension" \ + -C "re-using cached ecjpake parameters" \ + -s "found ecjpake kkpp extension" \ + -S "skip ecjpake kkpp extension" \ + -S "ciphersuite mismatch: ecjpake not configured" \ + -s "server hello, ecjpake kkpp extension" \ + -c "found ecjpake_kkpp extension" \ + -S "None of the common ciphersuites is usable" \ + -S "SSL - Verification of the message MAC failed" + +server_needs_more_time 1 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: password mismatch, TLS" \ + "$P_SRV debug_level=3 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 ecjpake_pw=bad \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 1 \ + -C "re-using cached ecjpake parameters" \ + -s "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, DTLS" \ + "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 \ + -c "re-using cached ecjpake parameters" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, DTLS, no cookie" \ + "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ + "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 \ + -C "re-using cached ecjpake parameters" \ + -S "SSL - Verification of the message MAC failed" + +server_needs_more_time 1 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: password mismatch, DTLS" \ + "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 1 \ + -c "re-using cached ecjpake parameters" \ + -s "SSL - Verification of the message MAC failed" + +# for tests with configs/config-thread.h +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, DTLS, nolog" \ + "$P_SRV dtls=1 ecjpake_pw=bla" \ + "$P_CLI dtls=1 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 + +# Tests for ciphersuites per version + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +requires_config_enabled MBEDTLS_CAMELLIA_C +requires_config_enabled MBEDTLS_AES_C +run_test "Per-version suites: SSL3" \ + "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=ssl3" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 +requires_config_enabled MBEDTLS_CAMELLIA_C +requires_config_enabled MBEDTLS_AES_C +run_test "Per-version suites: TLS 1.0" \ + "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=tls1 arc4=1" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +requires_config_enabled MBEDTLS_CAMELLIA_C +requires_config_enabled MBEDTLS_AES_C +run_test "Per-version suites: TLS 1.1" \ + "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_CAMELLIA_C +requires_config_enabled MBEDTLS_AES_C +run_test "Per-version suites: TLS 1.2" \ + "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=tls1_2" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256" + +# Test for ClientHello without extensions + +requires_gnutls +run_test "ClientHello without extensions, SHA-1 allowed" \ + "$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt" \ + "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \ + 0 \ + -s "dumping 'client hello extensions' (0 bytes)" + +requires_gnutls +run_test "ClientHello without extensions, SHA-1 forbidden in certificates on server" \ + "$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt allow_sha1=0" \ + "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \ + 0 \ + -s "dumping 'client hello extensions' (0 bytes)" + +# Tests for mbedtls_ssl_get_bytes_avail() + +run_test "mbedtls_ssl_get_bytes_avail: no extra data" \ + "$P_SRV" \ + "$P_CLI request_size=100" \ + 0 \ + -s "Read from client: 100 bytes read$" + +run_test "mbedtls_ssl_get_bytes_avail: extra data" \ + "$P_SRV" \ + "$P_CLI request_size=500" \ + 0 \ + -s "Read from client: 500 bytes read (.*+.*)" + +# Tests for small client packets + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Small client packet SSLv3 BlockCipher" \ + "$P_SRV min_version=ssl3" \ + "$P_CLI request_size=1 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Small client packet SSLv3 StreamCipher" \ + "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.0 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.0 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.1 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.1 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 AEAD" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.2 AEAD shorter tag" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + 0 \ + -s "Read from client: 1 bytes read" + +# Tests for small client packets in DTLS + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small client packet DTLS 1.0" \ + "$P_SRV dtls=1 force_version=dtls1" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small client packet DTLS 1.0, without EtM" \ + "$P_SRV dtls=1 force_version=dtls1 etm=0" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet DTLS 1.0, truncated hmac" \ + "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \ + "$P_CLI dtls=1 request_size=1 trunc_hmac=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \ + "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small client packet DTLS 1.2" \ + "$P_SRV dtls=1 force_version=dtls1_2" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small client packet DTLS 1.2, without EtM" \ + "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet DTLS 1.2, truncated hmac" \ + "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \ + "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ + "$P_CLI dtls=1 request_size=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ + 0 \ + -s "Read from client: 1 bytes read" + +# Tests for small server packets + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Small server packet SSLv3 BlockCipher" \ + "$P_SRV response_size=1 min_version=ssl3" \ + "$P_CLI force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Small server packet SSLv3 StreamCipher" \ + "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.0 BlockCipher" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \ + "$P_SRV response_size=1 trunc_hmac=1" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=1 trunc_hmac=1" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.0 StreamCipher" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1 etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.1 BlockCipher" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \ + "$P_SRV response_size=1 trunc_hmac=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=1 trunc_hmac=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.1 StreamCipher" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 BlockCipher" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \ + "$P_SRV response_size=1 trunc_hmac=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=1 trunc_hmac=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 StreamCipher" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 AEAD" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.2 AEAD shorter tag" \ + "$P_SRV response_size=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + 0 \ + -c "Read from server: 1 bytes read" + +# Tests for small server packets in DTLS + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small server packet DTLS 1.0" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small server packet DTLS 1.0, without EtM" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet DTLS 1.0, truncated hmac" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \ + "$P_CLI dtls=1 trunc_hmac=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small server packet DTLS 1.2" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +run_test "Small server packet DTLS 1.2, without EtM" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet DTLS 1.2, truncated hmac" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ + "$P_CLI dtls=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ + 0 \ + -c "Read from server: 1 bytes read" + +# A test for extensions in SSLv3 + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "SSLv3 with extensions, server side" \ + "$P_SRV min_version=ssl3 debug_level=3" \ + "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \ + 0 \ + -S "dumping 'client hello extensions'" \ + -S "server hello, total extension length:" + +# Test for large client packets + +# How many fragments do we expect to write $1 bytes? +fragments_for_write() { + echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))" +} + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Large client packet SSLv3 BlockCipher" \ + "$P_SRV min_version=ssl3" \ + "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Large client packet SSLv3 StreamCipher" \ + "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.0 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.0 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.1 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.1 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 AEAD" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.2 AEAD shorter tag" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +# Test for large server packets +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Large server packet SSLv3 StreamCipher" \ + "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "Read from server: 16384 bytes read" + +# Checking next 4 tests logs for 1n-1 split against BEAST too +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Large server packet SSLv3 BlockCipher" \ + "$P_SRV response_size=16384 min_version=ssl3" \ + "$P_CLI force_version=ssl3 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read"\ + -c "16383 bytes read"\ + -C "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.0 BlockCipher" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read"\ + -c "16383 bytes read"\ + -C "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1 etm=0 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 1 bytes read"\ + -c "16383 bytes read"\ + -C "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -c "Read from server: 1 bytes read"\ + -c "16383 bytes read"\ + -C "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.0 StreamCipher" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.1 BlockCipher" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=16384 trunc_hmac=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.1 StreamCipher" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 BlockCipher" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_2 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ + 0 \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=16384 trunc_hmac=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 StreamCipher" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -c "Read from server: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC +run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ + "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ + 0 \ + -s "16384 bytes written in 1 fragments" \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 AEAD" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.2 AEAD shorter tag" \ + "$P_SRV response_size=16384" \ + "$P_CLI force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + 0 \ + -c "Read from server: 16384 bytes read" + +# Tests for restartable ECC + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, default" \ + "$P_SRV auth_mode=required" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1" \ + 0 \ + -C "x509_verify_cert.*4b00" \ + -C "mbedtls_pk_verify.*4b00" \ + -C "mbedtls_ecdh_make_public.*4b00" \ + -C "mbedtls_pk_sign.*4b00" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=0" \ + "$P_SRV auth_mode=required" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=0" \ + 0 \ + -C "x509_verify_cert.*4b00" \ + -C "mbedtls_pk_verify.*4b00" \ + -C "mbedtls_ecdh_make_public.*4b00" \ + -C "mbedtls_pk_sign.*4b00" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=65535" \ + "$P_SRV auth_mode=required" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=65535" \ + 0 \ + -C "x509_verify_cert.*4b00" \ + -C "mbedtls_pk_verify.*4b00" \ + -C "mbedtls_ecdh_make_public.*4b00" \ + -C "mbedtls_pk_sign.*4b00" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=1000" \ + "$P_SRV auth_mode=required" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=1000" \ + 0 \ + -c "x509_verify_cert.*4b00" \ + -c "mbedtls_pk_verify.*4b00" \ + -c "mbedtls_ecdh_make_public.*4b00" \ + -c "mbedtls_pk_sign.*4b00" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=1000, badsign" \ + "$P_SRV auth_mode=required \ + crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=1000" \ + 1 \ + -c "x509_verify_cert.*4b00" \ + -C "mbedtls_pk_verify.*4b00" \ + -C "mbedtls_ecdh_make_public.*4b00" \ + -C "mbedtls_pk_sign.*4b00" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -c "! mbedtls_ssl_handshake returned" \ + -c "X509 - Certificate verification failed" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \ + "$P_SRV auth_mode=required \ + crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=1000 auth_mode=optional" \ + 0 \ + -c "x509_verify_cert.*4b00" \ + -c "mbedtls_pk_verify.*4b00" \ + -c "mbedtls_ecdh_make_public.*4b00" \ + -c "mbedtls_pk_sign.*4b00" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \ + "$P_SRV auth_mode=required \ + crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=1000 auth_mode=none" \ + 0 \ + -C "x509_verify_cert.*4b00" \ + -c "mbedtls_pk_verify.*4b00" \ + -c "mbedtls_ecdh_make_public.*4b00" \ + -c "mbedtls_pk_sign.*4b00" \ + -C "! The certificate is not correctly signed by the trusted CA" \ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: DTLS, max_ops=1000" \ + "$P_SRV auth_mode=required dtls=1" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + dtls=1 debug_level=1 ec_max_ops=1000" \ + 0 \ + -c "x509_verify_cert.*4b00" \ + -c "mbedtls_pk_verify.*4b00" \ + -c "mbedtls_ecdh_make_public.*4b00" \ + -c "mbedtls_pk_sign.*4b00" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=1000 no client auth" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + debug_level=1 ec_max_ops=1000" \ + 0 \ + -c "x509_verify_cert.*4b00" \ + -c "mbedtls_pk_verify.*4b00" \ + -c "mbedtls_ecdh_make_public.*4b00" \ + -C "mbedtls_pk_sign.*4b00" + +requires_config_enabled MBEDTLS_ECP_RESTARTABLE +run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \ + "$P_SRV psk=abc123" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ + psk=abc123 debug_level=1 ec_max_ops=1000" \ + 0 \ + -C "x509_verify_cert.*4b00" \ + -C "mbedtls_pk_verify.*4b00" \ + -C "mbedtls_ecdh_make_public.*4b00" \ + -C "mbedtls_pk_sign.*4b00" + +# Tests of asynchronous private key support in SSL + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, delay=0" \ + "$P_SRV \ + async_operations=s async_private_delay1=0 async_private_delay2=0" \ + "$P_CLI" \ + 0 \ + -s "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): sign done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, delay=1" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1" \ + "$P_CLI" \ + 0 \ + -s "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): call 0 more times." \ + -s "Async resume (slot [0-9]): sign done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, delay=2" \ + "$P_SRV \ + async_operations=s async_private_delay1=2 async_private_delay2=2" \ + "$P_CLI" \ + 0 \ + -s "Async sign callback: using key slot " \ + -U "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): call 1 more times." \ + -s "Async resume (slot [0-9]): call 0 more times." \ + -s "Async resume (slot [0-9]): sign done, status=0" + +# Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1 +# with RSA PKCS#1v1.5 as used in TLS 1.0/1.1. +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +run_test "SSL async private: sign, RSA, TLS 1.1" \ + "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \ + async_operations=s async_private_delay1=0 async_private_delay2=0" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -s "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): sign done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, SNI" \ + "$P_SRV debug_level=3 \ + async_operations=s async_private_delay1=0 async_private_delay2=0 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=polarssl.example" \ + 0 \ + -s "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): sign done, status=0" \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt, delay=0" \ + "$P_SRV \ + async_operations=d async_private_delay1=0 async_private_delay2=0" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume (slot [0-9]): decrypt done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt, delay=1" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume (slot [0-9]): call 0 more times." \ + -s "Async resume (slot [0-9]): decrypt done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt RSA-PSK, delay=0" \ + "$P_SRV psk=abc123 \ + async_operations=d async_private_delay1=0 async_private_delay2=0" \ + "$P_CLI psk=abc123 \ + force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume (slot [0-9]): decrypt done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt RSA-PSK, delay=1" \ + "$P_SRV psk=abc123 \ + async_operations=d async_private_delay1=1 async_private_delay2=1" \ + "$P_CLI psk=abc123 \ + force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume (slot [0-9]): call 0 more times." \ + -s "Async resume (slot [0-9]): decrypt done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign callback not present" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1" \ + "$P_CLI; [ \$? -eq 1 ] && + $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -S "Async sign callback" \ + -s "! mbedtls_ssl_handshake returned" \ + -s "The own private key or pre-shared key is not set, but needed" \ + -s "Async resume (slot [0-9]): decrypt done, status=0" \ + -s "Successful connection" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt callback not present" \ + "$P_SRV debug_level=1 \ + async_operations=s async_private_delay1=1 async_private_delay2=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA; + [ \$? -eq 1 ] && $P_CLI" \ + 0 \ + -S "Async decrypt callback" \ + -s "! mbedtls_ssl_handshake returned" \ + -s "got no RSA private key" \ + -s "Async resume (slot [0-9]): sign done, status=0" \ + -s "Successful connection" + +# key1: ECDSA, key2: RSA; use key1 from slot 0 +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: slot 0 used with key1" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async sign callback: using key slot 0," \ + -s "Async resume (slot 0): call 0 more times." \ + -s "Async resume (slot 0): sign done, status=0" + +# key1: ECDSA, key2: RSA; use key2 from slot 0 +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: slot 0 used with key2" \ + "$P_SRV \ + async_operations=s async_private_delay2=1 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async sign callback: using key slot 0," \ + -s "Async resume (slot 0): call 0 more times." \ + -s "Async resume (slot 0): sign done, status=0" + +# key1: ECDSA, key2: RSA; use key2 from slot 1 +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: slot 1 used with key2" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async sign callback: using key slot 1," \ + -s "Async resume (slot 1): call 0 more times." \ + -s "Async resume (slot 1): sign done, status=0" + +# key1: ECDSA, key2: RSA; use key2 directly +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: fall back to transparent key" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + key_file2=data_files/server2.key crt_file2=data_files/server2.crt " \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async sign callback: no key matches this certificate." + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, error in start" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + async_private_error=1" \ + "$P_CLI" \ + 1 \ + -s "Async sign callback: injected error" \ + -S "Async resume" \ + -S "Async cancel" \ + -s "! mbedtls_ssl_handshake returned" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, cancel after start" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + async_private_error=2" \ + "$P_CLI" \ + 1 \ + -s "Async sign callback: using key slot " \ + -S "Async resume" \ + -s "Async cancel" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, error in resume" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + async_private_error=3" \ + "$P_CLI" \ + 1 \ + -s "Async sign callback: using key slot " \ + -s "Async resume callback: sign done but injected error" \ + -S "Async cancel" \ + -s "! mbedtls_ssl_handshake returned" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt, error in start" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1 \ + async_private_error=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -s "Async decrypt callback: injected error" \ + -S "Async resume" \ + -S "Async cancel" \ + -s "! mbedtls_ssl_handshake returned" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt, cancel after start" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1 \ + async_private_error=2" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -s "Async decrypt callback: using key slot " \ + -S "Async resume" \ + -s "Async cancel" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: decrypt, error in resume" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1 \ + async_private_error=3" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume callback: decrypt done but injected error" \ + -S "Async cancel" \ + -s "! mbedtls_ssl_handshake returned" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: cancel after start then operate correctly" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + async_private_error=-2" \ + "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ + 0 \ + -s "Async cancel" \ + -s "! mbedtls_ssl_handshake returned" \ + -s "Async resume" \ + -s "Successful connection" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: error in resume then operate correctly" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + async_private_error=-3" \ + "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ + 0 \ + -s "! mbedtls_ssl_handshake returned" \ + -s "Async resume" \ + -s "Successful connection" + +# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: cancel after start then fall back to transparent key" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_error=-2 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256; + [ \$? -eq 1 ] && + $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async sign callback: using key slot 0" \ + -S "Async resume" \ + -s "Async cancel" \ + -s "! mbedtls_ssl_handshake returned" \ + -s "Async sign callback: no key matches this certificate." \ + -s "Successful connection" + +# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +run_test "SSL async private: sign, error in resume then fall back to transparent key" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_error=-3 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256; + [ \$? -eq 1 ] && + $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -s "Async resume" \ + -s "! mbedtls_ssl_handshake returned" \ + -s "Async sign callback: no key matches this certificate." \ + -s "Successful connection" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "SSL async private: renegotiation: client-initiated; sign" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + exchanges=2 renegotiation=1" \ + "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -s "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): sign done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "SSL async private: renegotiation: server-initiated; sign" \ + "$P_SRV \ + async_operations=s async_private_delay1=1 async_private_delay2=1 \ + exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI exchanges=2 renegotiation=1" \ + 0 \ + -s "Async sign callback: using key slot " \ + -s "Async resume (slot [0-9]): sign done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "SSL async private: renegotiation: client-initiated; decrypt" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1 \ + exchanges=2 renegotiation=1" \ + "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume (slot [0-9]): decrypt done, status=0" + +requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "SSL async private: renegotiation: server-initiated; decrypt" \ + "$P_SRV \ + async_operations=d async_private_delay1=1 async_private_delay2=1 \ + exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI exchanges=2 renegotiation=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "Async decrypt callback: using key slot " \ + -s "Async resume (slot [0-9]): decrypt done, status=0" + +# Tests for ECC extensions (rfc 4492) + +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +run_test "Force a non ECC ciphersuite in the client side" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -C "client hello, adding supported_elliptic_curves extension" \ + -C "client hello, adding supported_point_formats extension" \ + -S "found supported elliptic curves extension" \ + -S "found supported point formats extension" + +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +run_test "Force a non ECC ciphersuite in the server side" \ + "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "found supported_point_formats extension" \ + -S "server hello, supported_point_formats extension" + +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +run_test "Force an ECC ciphersuite in the client side" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -c "client hello, adding supported_elliptic_curves extension" \ + -c "client hello, adding supported_point_formats extension" \ + -s "found supported elliptic curves extension" \ + -s "found supported point formats extension" + +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +run_test "Force an ECC ciphersuite in the server side" \ + "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "found supported_point_formats extension" \ + -s "server hello, supported_point_formats extension" + +# Tests for DTLS HelloVerifyRequest + +run_test "DTLS cookie: enabled" \ + "$P_SRV dtls=1 debug_level=2" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -s "cookie verification failed" \ + -s "cookie verification passed" \ + -S "cookie verification skipped" \ + -c "received hello verify request" \ + -s "hello verification requested" \ + -S "SSL - The requested feature is not available" + +run_test "DTLS cookie: disabled" \ + "$P_SRV dtls=1 debug_level=2 cookies=0" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -S "cookie verification failed" \ + -S "cookie verification passed" \ + -s "cookie verification skipped" \ + -C "received hello verify request" \ + -S "hello verification requested" \ + -S "SSL - The requested feature is not available" + +run_test "DTLS cookie: default (failing)" \ + "$P_SRV dtls=1 debug_level=2 cookies=-1" \ + "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \ + 1 \ + -s "cookie verification failed" \ + -S "cookie verification passed" \ + -S "cookie verification skipped" \ + -C "received hello verify request" \ + -S "hello verification requested" \ + -s "SSL - The requested feature is not available" + +requires_ipv6 +run_test "DTLS cookie: enabled, IPv6" \ + "$P_SRV dtls=1 debug_level=2 server_addr=::1" \ + "$P_CLI dtls=1 debug_level=2 server_addr=::1" \ + 0 \ + -s "cookie verification failed" \ + -s "cookie verification passed" \ + -S "cookie verification skipped" \ + -c "received hello verify request" \ + -s "hello verification requested" \ + -S "SSL - The requested feature is not available" + +run_test "DTLS cookie: enabled, nbio" \ + "$P_SRV dtls=1 nbio=2 debug_level=2" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -s "cookie verification failed" \ + -s "cookie verification passed" \ + -S "cookie verification skipped" \ + -c "received hello verify request" \ + -s "hello verification requested" \ + -S "SSL - The requested feature is not available" + +# Tests for client reconnecting from the same port with DTLS + +not_with_valgrind # spurious resend +run_test "DTLS client reconnect from same port: reference" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000" \ + 0 \ + -C "resend" \ + -S "The operation timed out" \ + -S "Client initiated reconnection from same port" + +not_with_valgrind # spurious resend +run_test "DTLS client reconnect from same port: reconnect" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ + 0 \ + -C "resend" \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + +not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts) +run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ + 0 \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + +only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout +run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \ + 0 \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + +run_test "DTLS client reconnect from same port: no cookies" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \ + 0 \ + -s "The operation timed out" \ + -S "Client initiated reconnection from same port" + +# Tests for various cases of client authentication with DTLS +# (focused on handshake flows and message parsing) + +run_test "DTLS client auth: required" \ + "$P_SRV dtls=1 auth_mode=required" \ + "$P_CLI dtls=1" \ + 0 \ + -s "Verifying peer X.509 certificate... ok" + +run_test "DTLS client auth: optional, client has no cert" \ + "$P_SRV dtls=1 auth_mode=optional" \ + "$P_CLI dtls=1 crt_file=none key_file=none" \ + 0 \ + -s "! Certificate was missing" + +run_test "DTLS client auth: none, client has no cert" \ + "$P_SRV dtls=1 auth_mode=none" \ + "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \ + 0 \ + -c "skip write certificate$" \ + -s "! Certificate verification was skipped" + +run_test "DTLS wrong PSK: badmac alert" \ + "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \ + "$P_CLI dtls=1 psk=abc124" \ + 1 \ + -s "SSL - Verification of the message MAC failed" \ + -c "SSL - A fatal alert message was received from our peer" + +# Tests for receiving fragmented handshake messages with DTLS + +requires_gnutls +run_test "DTLS reassembly: no fragmentation (gnutls server)" \ + "$G_SRV -u --mtu 2048 -a" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: some fragmentation (gnutls server)" \ + "$G_SRV -u --mtu 512" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: more fragmentation (gnutls server)" \ + "$G_SRV -u --mtu 128" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ + "$G_SRV -u --mtu 128" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ + "$G_SRV -u --mtu 256" \ + "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "mbedtls_ssl_handshake returned" \ + -C "error" \ + -s "Extra-header:" + +requires_gnutls +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ + "$G_SRV -u --mtu 256" \ + "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "mbedtls_ssl_handshake returned" \ + -C "error" \ + -s "Extra-header:" + +run_test "DTLS reassembly: no fragmentation (openssl server)" \ + "$O_SRV -dtls1 -mtu 2048" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: some fragmentation (openssl server)" \ + "$O_SRV -dtls1 -mtu 768" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: more fragmentation (openssl server)" \ + "$O_SRV -dtls1 -mtu 256" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ + "$O_SRV -dtls1 -mtu 256" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Tests for sending fragmented handshake messages with DTLS +# +# Use client auth when we need the client to send large messages, +# and use large cert chains on both sides too (the long chains we have all use +# both RSA and ECDSA, but ideally we should have long chains with either). +# Sizes reached (UDP payload): +# - 2037B for server certificate +# - 1542B for client certificate +# - 1013B for newsessionticket +# - all others below 512B +# All those tests assume MAX_CONTENT_LEN is at least 2048 + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: none (for reference)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=4096" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=4096" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: server only (max_frag_len)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=1024" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=2048" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# With the MFL extension, the server has no way of forcing +# the client to not exceed a certain MTU; hence, the following +# test can't be replicated with an MTU proxy such as the one +# `client-initiated, server only (max_frag_len)` below. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: server only (more) (max_frag_len)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=512" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=4096" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=none \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=2048" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=1024" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# While not required by the standard defining the MFL extension +# (according to which it only applies to records, not to datagrams), +# Mbed TLS will never send datagrams larger than MFL + { Max record expansion }, +# as otherwise there wouldn't be any means to communicate MTU restrictions +# to the peer. +# The next test checks that no datagrams significantly larger than the +# negotiated MFL are sent. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \ + -p "$P_PXY mtu=1110" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=none \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=2048" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=1024" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=2048" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=1024" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# While not required by the standard defining the MFL extension +# (according to which it only applies to records, not to datagrams), +# Mbed TLS will never send datagrams larger than MFL + { Max record expansion }, +# as otherwise there wouldn't be any means to communicate MTU restrictions +# to the peer. +# The next test checks that no datagrams significantly larger than the +# negotiated MFL are sent. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \ + -p "$P_PXY mtu=1110" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + max_frag_len=2048" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + max_frag_len=1024" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +run_test "DTLS fragmenting: none (for reference) (MTU)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + mtu=4096" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + mtu=4096" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +run_test "DTLS fragmenting: client (MTU)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=3500-60000 \ + mtu=4096" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=3500-60000 \ + mtu=1024" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +run_test "DTLS fragmenting: server (MTU)" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + mtu=512" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + mtu=2048" \ + 0 \ + -S "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +run_test "DTLS fragmenting: both (MTU=1024)" \ + -p "$P_PXY mtu=1024" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + mtu=1024" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=2500-60000 \ + mtu=1024" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 512 with full config. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: both (MTU=512)" \ + -p "$P_PXY mtu=512" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=2500-60000 \ + mtu=512" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=2500-60000 \ + mtu=512" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Test for automatic MTU reduction on repeated resend. +# Forcing ciphersuite for this test to fit the MTU of 508 with full config. +# The ratio of max/min timeout should ideally equal 4 to accept two +# retransmissions, but in some cases (like both the server and client using +# fragmentation and auto-reduction) an extra retransmission might occur, +# hence the ratio of 8. +not_with_valgrind +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: proxy MTU: auto-reduction" \ + -p "$P_PXY mtu=508" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=400-3200" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=400-3200" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 508 with full config. +only_with_valgrind +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: proxy MTU: auto-reduction" \ + -p "$P_PXY mtu=508" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-10000" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=250-10000" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend +# OTOH the client might resend if the server is to slow to reset after sending +# a HelloVerifyRequest, so only check for no retransmission server-side +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ + -p "$P_PXY mtu=1024" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=10000-60000 \ + mtu=1024" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=10000-60000 \ + mtu=1024" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 512 with full config. +# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend +# OTOH the client might resend if the server is to slow to reset after sending +# a HelloVerifyRequest, so only check for no retransmission server-side +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ + -p "$P_PXY mtu=512" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=10000-60000 \ + mtu=512" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=10000-60000 \ + mtu=512" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ + -p "$P_PXY mtu=1024" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=10000-60000 \ + mtu=1024 nbio=2" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=10000-60000 \ + mtu=1024 nbio=2" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 512 with full config. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ + -p "$P_PXY mtu=512" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=10000-60000 \ + mtu=512 nbio=2" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=10000-60000 \ + mtu=512 nbio=2" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 1450 with full config. +# This ensures things still work after session_reset(). +# It also exercises the "resumed handshake" flow. +# Since we don't support reading fragmented ClientHello yet, +# up the MTU to 1450 (larger than ClientHello with session ticket, +# but still smaller than client's Certificate to ensure fragmentation). +# An autoreduction on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "autoreduction"' below. +# reco_delay avoids races where the client reconnects before the server has +# resumed listening, which would result in a spurious autoreduction. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ + -p "$P_PXY mtu=1450" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=10000-60000 \ + mtu=1450" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=10000-60000 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + mtu=1450 reconnect=1 reco_delay=1" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# An autoreduction on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "autoreduction"' below. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +requires_config_enabled MBEDTLS_CHACHAPOLY_C +run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ + -p "$P_PXY mtu=512" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + exchanges=2 renegotiation=1 \ + hs_timeout=10000-60000 \ + mtu=512" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + exchanges=2 renegotiation=1 renegotiate=1 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=10000-60000 \ + mtu=512" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# An autoreduction on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "autoreduction"' below. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ + -p "$P_PXY mtu=512" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + exchanges=2 renegotiation=1 \ + hs_timeout=10000-60000 \ + mtu=512" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + exchanges=2 renegotiation=1 renegotiate=1 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=10000-60000 \ + mtu=512" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# An autoreduction on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "autoreduction"' below. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CCM_C +run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ + -p "$P_PXY mtu=1024" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + exchanges=2 renegotiation=1 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ + hs_timeout=10000-60000 \ + mtu=1024" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + exchanges=2 renegotiation=1 renegotiate=1 \ + hs_timeout=10000-60000 \ + mtu=1024" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# An autoreduction on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "autoreduction"' below. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC +run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ + -p "$P_PXY mtu=1024" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + exchanges=2 renegotiation=1 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ + hs_timeout=10000-60000 \ + mtu=1024" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + exchanges=2 renegotiation=1 renegotiate=1 \ + hs_timeout=10000-60000 \ + mtu=1024" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# An autoreduction on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "autoreduction"' below. +not_with_valgrind # spurious autoreduction due to timeout +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ + -p "$P_PXY mtu=1024" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + exchanges=2 renegotiation=1 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \ + hs_timeout=10000-60000 \ + mtu=1024" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + exchanges=2 renegotiation=1 renegotiate=1 \ + hs_timeout=10000-60000 \ + mtu=1024" \ + 0 \ + -S "autoreduction" \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 512 with full config. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +client_needs_more_time 2 +run_test "DTLS fragmenting: proxy MTU + 3d" \ + -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ + "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-10000 mtu=512" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=250-10000 mtu=512" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Forcing ciphersuite for this test to fit the MTU of 512 with full config. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C +client_needs_more_time 2 +run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ + -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ + "$P_SRV dtls=1 debug_level=2 auth_mode=required \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-10000 mtu=512 nbio=2" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + hs_timeout=250-10000 mtu=512 nbio=2" \ + 0 \ + -s "found fragmented DTLS handshake message" \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# interop tests for DTLS fragmentating with reliable connection +# +# here and below we just want to test that the we fragment in a way that +# pleases other implementations, so we don't need the peer to fragment +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_gnutls +run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ + "$G_SRV -u" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + mtu=512 force_version=dtls1_2" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +requires_gnutls +run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \ + "$G_SRV -u" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + mtu=512 force_version=dtls1" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +# We use --insecure for the GnuTLS client because it expects +# the hostname / IP it connects to to be the name used in the +# certificate obtained from the server. Here, however, it +# connects to 127.0.0.1 while our test certificates use 'localhost' +# as the server name in the certificate. This will make the +# certifiate validation fail, but passing --insecure makes +# GnuTLS continue the connection nonetheless. +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_gnutls +requires_not_i686 +run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + mtu=512 force_version=dtls1_2" \ + "$G_CLI -u --insecure 127.0.0.1" \ + 0 \ + -s "fragmenting handshake message" + +# See previous test for the reason to use --insecure +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +requires_gnutls +requires_not_i686 +run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + mtu=512 force_version=dtls1" \ + "$G_CLI -u --insecure 127.0.0.1" \ + 0 \ + -s "fragmenting handshake message" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ + "$O_SRV -dtls1_2 -verify 10" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + mtu=512 force_version=dtls1_2" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +run_test "DTLS fragmenting: openssl server, DTLS 1.0" \ + "$O_SRV -dtls1 -verify 10" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + mtu=512 force_version=dtls1" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + mtu=512 force_version=dtls1_2" \ + "$O_CLI -dtls1_2" \ + 0 \ + -s "fragmenting handshake message" + +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +run_test "DTLS fragmenting: openssl client, DTLS 1.0" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + mtu=512 force_version=dtls1" \ + "$O_CLI -dtls1" \ + 0 \ + -s "fragmenting handshake message" + +# interop tests for DTLS fragmentating with unreliable connection +# +# again we just want to test that the we fragment in a way that +# pleases other implementations, so we don't need the peer to fragment +requires_gnutls_next +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$G_NEXT_SRV -u" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +requires_gnutls_next +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$G_NEXT_SRV -u" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +requires_gnutls_next +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + "$G_NEXT_CLI -u --insecure 127.0.0.1" \ + 0 \ + -s "fragmenting handshake message" + +requires_gnutls_next +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1" \ + "$G_NEXT_CLI -u --insecure 127.0.0.1" \ + 0 \ + -s "fragmenting handshake message" + +## Interop test with OpenSSL might trigger a bug in recent versions (including +## all versions installed on the CI machines), reported here: +## Bug report: https://github.com/openssl/openssl/issues/6902 +## They should be re-enabled once a fixed version of OpenSSL is available +## (this should happen in some 1.1.1_ release according to the ticket). +skip_next_test +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$O_SRV -dtls1_2 -verify 10" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +skip_next_test +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$O_SRV -dtls1 -verify 10" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" + +skip_next_test +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + "$O_CLI -dtls1_2" \ + 0 \ + -s "fragmenting handshake message" + +# -nbio is added to prevent s_client from blocking in case of duplicated +# messages at the end of the handshake +skip_next_test +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1" \ + "$O_CLI -nbio -dtls1" \ + 0 \ + -s "fragmenting handshake message" + +# Tests for specific things with "unreliable" UDP connection + +not_with_valgrind # spurious resend due to timeout +run_test "DTLS proxy: reference" \ + -p "$P_PXY" \ + "$P_SRV dtls=1 debug_level=2" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "replayed record" \ + -S "replayed record" \ + -C "record from another epoch" \ + -S "record from another epoch" \ + -C "discarding invalid record" \ + -S "discarding invalid record" \ + -S "resend" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +not_with_valgrind # spurious resend due to timeout +run_test "DTLS proxy: duplicate every packet" \ + -p "$P_PXY duplicate=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ + 0 \ + -c "replayed record" \ + -s "replayed record" \ + -c "record from another epoch" \ + -s "record from another epoch" \ + -S "resend" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +run_test "DTLS proxy: duplicate every packet, server anti-replay off" \ + -p "$P_PXY duplicate=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ + 0 \ + -c "replayed record" \ + -S "replayed record" \ + -c "record from another epoch" \ + -s "record from another epoch" \ + -c "resend" \ + -s "resend" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +run_test "DTLS proxy: multiple records in same datagram" \ + -p "$P_PXY pack=50" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ + 0 \ + -c "next record in same datagram" \ + -s "next record in same datagram" + +run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \ + -p "$P_PXY pack=50 duplicate=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ + 0 \ + -c "next record in same datagram" \ + -s "next record in same datagram" + +run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ + 0 \ + -c "discarding invalid record (mac)" \ + -s "discarding invalid record (mac)" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" \ + -S "too many records with bad MAC" \ + -S "Verification of the message MAC failed" + +run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ + 1 \ + -C "discarding invalid record (mac)" \ + -S "discarding invalid record (mac)" \ + -S "Extra-header:" \ + -C "HTTP/1.0 200 OK" \ + -s "too many records with bad MAC" \ + -s "Verification of the message MAC failed" + +run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ + 0 \ + -c "discarding invalid record (mac)" \ + -s "discarding invalid record (mac)" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" \ + -S "too many records with bad MAC" \ + -S "Verification of the message MAC failed" + +run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \ + "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \ + 1 \ + -c "discarding invalid record (mac)" \ + -s "discarding invalid record (mac)" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" \ + -s "too many records with bad MAC" \ + -s "Verification of the message MAC failed" + +run_test "DTLS proxy: delay ChangeCipherSpec" \ + -p "$P_PXY delay_ccs=1" \ + "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \ + "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \ + 0 \ + -c "record from another epoch" \ + -s "record from another epoch" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +# Tests for reordering support with DTLS + +run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ + -p "$P_PXY delay_srv=ServerHello" \ + "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -c "Buffering HS message" \ + -c "Next handshake message has been buffered - load"\ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load"\ + -C "Injecting buffered CCS message" \ + -C "Remember CCS message" \ + -S "Injecting buffered CCS message" \ + -S "Remember CCS message" + +run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ + -p "$P_PXY delay_srv=ServerHello" \ + "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -c "Buffering HS message" \ + -c "found fragmented DTLS handshake message"\ + -c "Next handshake message 1 not or only partially bufffered" \ + -c "Next handshake message has been buffered - load"\ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load"\ + -C "Injecting buffered CCS message" \ + -C "Remember CCS message" \ + -S "Injecting buffered CCS message" \ + -S "Remember CCS message" + +# The client buffers the ServerKeyExchange before receiving the fragmented +# Certificate message; at the time of writing, together these are aroudn 1200b +# in size, so that the bound below ensures that the certificate can be reassembled +# while keeping the ServerKeyExchange. +requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300 +run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \ + -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ + "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -c "Buffering HS message" \ + -c "Next handshake message has been buffered - load"\ + -C "attempt to make space by freeing buffered messages" \ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load"\ + -C "Injecting buffered CCS message" \ + -C "Remember CCS message" \ + -S "Injecting buffered CCS message" \ + -S "Remember CCS message" + +# The size constraints ensure that the delayed certificate message can't +# be reassembled while keeping the ServerKeyExchange message, but it can +# when dropping it first. +requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900 +requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299 +run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \ + -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ + "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -c "Buffering HS message" \ + -c "attempt to make space by freeing buffered future messages" \ + -c "Enough space available after freeing buffered HS messages" \ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load"\ + -C "Injecting buffered CCS message" \ + -C "Remember CCS message" \ + -S "Injecting buffered CCS message" \ + -S "Remember CCS message" + +run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ + -p "$P_PXY delay_cli=Certificate" \ + "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -C "Buffering HS message" \ + -C "Next handshake message has been buffered - load"\ + -s "Buffering HS message" \ + -s "Next handshake message has been buffered - load" \ + -C "Injecting buffered CCS message" \ + -C "Remember CCS message" \ + -S "Injecting buffered CCS message" \ + -S "Remember CCS message" + +run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ + -p "$P_PXY delay_srv=NewSessionTicket" \ + "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -C "Buffering HS message" \ + -C "Next handshake message has been buffered - load"\ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load" \ + -c "Injecting buffered CCS message" \ + -c "Remember CCS message" \ + -S "Injecting buffered CCS message" \ + -S "Remember CCS message" + +run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ + -p "$P_PXY delay_cli=ClientKeyExchange" \ + "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -C "Buffering HS message" \ + -C "Next handshake message has been buffered - load"\ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load" \ + -C "Injecting buffered CCS message" \ + -C "Remember CCS message" \ + -s "Injecting buffered CCS message" \ + -s "Remember CCS message" + +run_test "DTLS reordering: Buffer encrypted Finished message" \ + -p "$P_PXY delay_ccs=1" \ + "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ + hs_timeout=2500-60000" \ + 0 \ + -s "Buffer record from epoch 1" \ + -s "Found buffered record from current epoch - load" \ + -c "Buffer record from epoch 1" \ + -c "Found buffered record from current epoch - load" + +# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec +# from the server are delayed, so that the encrypted Finished message +# is received and buffered. When the fragmented NewSessionTicket comes +# in afterwards, the encrypted Finished message must be freed in order +# to make space for the NewSessionTicket to be reassembled. +# This works only in very particular circumstances: +# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering +# of the NewSessionTicket, but small enough to also allow buffering of +# the encrypted Finished message. +# - The MTU setting on the server must be so small that the NewSessionTicket +# needs to be fragmented. +# - All messages sent by the server must be small enough to be either sent +# without fragmentation or be reassembled within the bounds of +# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based +# handshake, omitting CRTs. +requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 240 +requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 280 +run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \ + -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \ + "$P_SRV mtu=190 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \ + 0 \ + -s "Buffer record from epoch 1" \ + -s "Found buffered record from current epoch - load" \ + -c "Buffer record from epoch 1" \ + -C "Found buffered record from current epoch - load" \ + -c "Enough space available after freeing future epoch record" + +# Tests for "randomly unreliable connection": try a variety of flows and peers + +client_needs_more_time 2 +run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, FS, client auth" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, FS, ticket" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, max handshake, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \ + auth_mode=required" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, resumption" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123 debug_level=3" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -s "a session has been resumed" \ + -c "a session has been resumed" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123 debug_level=3 nbio=2" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \ + 0 \ + -s "a session has been resumed" \ + -c "a session has been resumed" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiation=1 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + renegotiate=1 debug_level=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiation=1 debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + renegotiate=1 debug_level=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ + debug_level=2" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + renegotiation=1 exchanges=4 debug_level=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION +run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ + debug_level=2 nbio=2" \ + "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \ + renegotiation=1 exchanges=4 debug_level=2 nbio=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +## Interop tests with OpenSSL might trigger a bug in recent versions (including +## all versions installed on the CI machines), reported here: +## Bug report: https://github.com/openssl/openssl/issues/6902 +## They should be re-enabled once a fixed version of OpenSSL is available +## (this should happen in some 1.1.1_ release according to the ticket). +skip_next_test +client_needs_more_time 6 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, openssl server" \ + -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ + "$O_SRV -dtls1 -mtu 2048" \ + "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ + 0 \ + -c "HTTP/1.0 200 OK" + +skip_next_test # see above +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, openssl server, fragmentation" \ + -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ + "$O_SRV -dtls1 -mtu 768" \ + "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ + 0 \ + -c "HTTP/1.0 200 OK" + +skip_next_test # see above +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ + "$O_SRV -dtls1 -mtu 768" \ + "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ + 0 \ + -c "HTTP/1.0 200 OK" + +requires_gnutls +client_needs_more_time 6 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, gnutls server" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$G_SRV -u --mtu 2048 -a" \ + "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ + 0 \ + -s "Extra-header:" \ + -c "Extra-header:" + +requires_gnutls_next +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$G_NEXT_SRV -u --mtu 512" \ + "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ + 0 \ + -s "Extra-header:" \ + -c "Extra-header:" + +requires_gnutls_next +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$G_NEXT_SRV -u --mtu 512" \ + "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \ + 0 \ + -s "Extra-header:" \ + -c "Extra-header:" + +# Final report + +echo "------------------------------------------------------------------------" + +if [ $FAILS = 0 ]; then + printf "PASSED" +else + printf "FAILED" +fi +PASSES=$(( $TESTS - $FAILS )) +echo " ($PASSES / $TESTS tests ($SKIPS skipped))" + +exit $FAILS diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data new file mode 100644 index 000000000..7f747d07b --- /dev/null +++ b/tests/suites/test_suite_debug.data @@ -0,0 +1,64 @@ +Debug print msg (threshold 1, level 0) +debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n" + +Debug print msg (threshold 1, level 1) +debug_print_msg_threshold:1:1:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n" + +Debug print msg (threshold 1, level 2) +debug_print_msg_threshold:1:2:"MyFile":999:"" + +Debug print msg (threshold 0, level 1) +debug_print_msg_threshold:0:1:"MyFile":999:"" + +Debug print msg (threshold 0, level 5) +debug_print_msg_threshold:0:5:"MyFile":999:"" + +Debug print return value #1 +mbedtls_debug_print_ret:"MyFile":999:"Test return value":0:"MyFile(0999)\: Test return value() returned 0 (-0x0000)\n" + +Debug print return value #2 +mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0x1000:"MyFile(0999)\: Test return value() returned -4096 (-0x1000)\n" + +Debug print return value #3 +mbedtls_debug_print_ret:"MyFile":999:"Test return value":-0xFFFF:"MyFile(0999)\: Test return value() returned -65535 (-0xffff)\n" + +Debug print buffer #1 +mbedtls_debug_print_buf:"MyFile":999:"Test return value":"":"MyFile(0999)\: dumping 'Test return value' (0 bytes)\n" + +Debug print buffer #2 +mbedtls_debug_print_buf:"MyFile":999:"Test return value":"00":"MyFile(0999)\: dumping 'Test return value' (1 bytes)\nMyFile(0999)\: 0000\: 00 .\n" + +Debug print buffer #3 +mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F":"MyFile(0999)\: dumping 'Test return value' (16 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\n" + +Debug print buffer #4 +mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F00":"MyFile(0999)\: dumping 'Test return value' (17 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 00 .\n" + +Debug print buffer #5 +mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" + +Debug print certificate #1 (RSA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2011-02-12 14\:44\:06\nMyFile(0999)\: expires on \: 2021-02-12 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" + +Debug print certificate #2 (EC) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2013-09-24 15\:49\:48\nMyFile(0999)\: expires on \: 2023-09-22 15\:49\:48\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" + +Debug print mbedtls_mpi #1 +mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n" + +Debug print mbedtls_mpi #2 +mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n" + +Debug print mbedtls_mpi #3 +mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" + +Debug print mbedtls_mpi #4 +mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" + +Debug print mbedtls_mpi #5 +mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" + +Debug print mbedtls_mpi #6 +mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function new file mode 100644 index 000000000..377d630d9 --- /dev/null +++ b/tests/suites/test_suite_debug.function @@ -0,0 +1,195 @@ +/* BEGIN_HEADER */ +#include "mbedtls/debug.h" +#include "string.h" + +struct buffer_data +{ + char buf[2000]; + char *ptr; +}; + +void string_debug(void *data, int level, const char *file, int line, const char *str) +{ + struct buffer_data *buffer = (struct buffer_data *) data; + char *p = buffer->ptr; + ((void) level); + + memcpy( p, file, strlen( file ) ); + p += strlen( file ); + + *p++ = '('; + *p++ = '0' + ( line / 1000 ) % 10; + *p++ = '0' + ( line / 100 ) % 10; + *p++ = '0' + ( line / 10 ) % 10; + *p++ = '0' + ( line / 1 ) % 10; + *p++ = ')'; + *p++ = ':'; + *p++ = ' '; + +#if defined(MBEDTLS_THREADING_C) + /* Skip "thread ID" (up to the first space) as it is not predictable */ + while( *str++ != ' ' ); +#endif + + memcpy( p, str, strlen( str ) ); + p += strlen( str ); + + /* Detect if debug messages output partial lines and mark them */ + if( p[-1] != '\n' ) + *p++ = '*'; + + buffer->ptr = p; +} +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_DEBUG_C:MBEDTLS_SSL_TLS_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void debug_print_msg_threshold( int threshold, int level, char * file, + int line, char * result_str ) +{ + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + struct buffer_data buffer; + + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + memset( buffer.buf, 0, 2000 ); + buffer.ptr = buffer.buf; + + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + + mbedtls_debug_set_threshold( threshold ); + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + + mbedtls_debug_print_msg( &ssl, level, file, line, + "Text message, 2 == %d", 2 ); + + TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + +exit: + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_debug_print_ret( char * file, int line, char * text, int value, + char * result_str ) +{ + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + struct buffer_data buffer; + + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + memset( buffer.buf, 0, 2000 ); + buffer.ptr = buffer.buf; + + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + + mbedtls_debug_print_ret( &ssl, 0, file, line, text, value); + + TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + +exit: + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_debug_print_buf( char * file, int line, char * text, + data_t * data, char * result_str ) +{ + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + struct buffer_data buffer; + + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + memset( buffer.buf, 0, 2000 ); + buffer.ptr = buffer.buf; + + + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + + mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len ); + + TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + +exit: + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_debug_print_crt( char * crt_file, char * file, int line, + char * prefix, char * result_str ) +{ + mbedtls_x509_crt crt; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + struct buffer_data buffer; + + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_x509_crt_init( &crt ); + memset( buffer.buf, 0, 2000 ); + buffer.ptr = buffer.buf; + + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt); + + TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + +exit: + mbedtls_x509_crt_free( &crt ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ +void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, + char * prefix, char * result_str ) +{ + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + struct buffer_data buffer; + mbedtls_mpi val; + + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + mbedtls_mpi_init( &val ); + memset( buffer.buf, 0, 2000 ); + buffer.ptr = buffer.buf; + + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + + TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 ); + + mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + + mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val); + + TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + +exit: + mbedtls_mpi_free( &val ); + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data new file mode 100644 index 000000000..147350744 --- /dev/null +++ b/tests/suites/test_suite_ssl.data @@ -0,0 +1,59 @@ +SSL DTLS replay: initial state, seqnum 0 +ssl_dtls_replay:"":"000000000000":0 + +SSL DTLS replay: 0 seen, 1 arriving +ssl_dtls_replay:"000000000000":"000000000001":0 + +SSL DTLS replay: 0 seen, 0 replayed +ssl_dtls_replay:"000000000000":"000000000000":-1 + +SSL DTLS replay: 0-1 seen, 2 arriving +ssl_dtls_replay:"000000000000000000000001":"000000000002":0 + +SSL DTLS replay: 0-1 seen, 1 replayed +ssl_dtls_replay:"000000000000000000000001":"000000000001":-1 + +SSL DTLS replay: 0-1 seen, 0 replayed +ssl_dtls_replay:"000000000000000000000001":"000000000000":-1 + +SSL DTLS replay: new +ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340004":0 + +SSL DTLS replay: way new +ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12350000":0 + +SSL DTLS replay: delayed +ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340002":0 + +SSL DTLS replay: lastest replayed +ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340003":-1 + +SSL DTLS replay: older replayed +ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340001":-1 + +SSL DTLS replay: most recent in window, replayed +ssl_dtls_replay:"abcd12340000abcd12340002abcd12340003":"abcd12340002":-1 + +SSL DTLS replay: oldest in window, replayed +ssl_dtls_replay:"abcd12340000abcd12340001abcd1234003f":"abcd12340000":-1 + +SSL DTLS replay: oldest in window, not replayed +ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd12340000":0 + +SSL DTLS replay: just out of the window +ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd1233ffff":-1 + +SSL DTLS replay: way out of the window +ssl_dtls_replay:"abcd12340001abcd12340002abcd1234003f":"abcd12330000":-1 + +SSL DTLS replay: big jump then replay +ssl_dtls_replay:"abcd12340000abcd12340100":"abcd12340100":-1 + +SSL DTLS replay: big jump then new +ssl_dtls_replay:"abcd12340000abcd12340100":"abcd12340101":0 + +SSL DTLS replay: big jump then just delayed +ssl_dtls_replay:"abcd12340000abcd12340100":"abcd123400ff":0 + +SSL SET_HOSTNAME memory leak: call ssl_set_hostname twice +ssl_set_hostname_twice:"server0":"server1" diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function new file mode 100644 index 000000000..326f22d3b --- /dev/null +++ b/tests/suites/test_suite_ssl.function @@ -0,0 +1,54 @@ +/* BEGIN_HEADER */ +#include +#include +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_SSL_TLS_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */ +void ssl_dtls_replay( data_t * prevs, data_t * new, int ret ) +{ + uint32_t len = 0; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + + mbedtls_ssl_init( &ssl ); + mbedtls_ssl_config_init( &conf ); + + TEST_ASSERT( mbedtls_ssl_config_defaults( &conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT ) == 0 ); + TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + + /* Read previous record numbers */ + for( len = 0; len < prevs->len; len += 6 ) + { + memcpy( ssl.in_ctr + 2, prevs->x + len, 6 ); + mbedtls_ssl_dtls_replay_update( &ssl ); + } + + /* Check new number */ + memcpy( ssl.in_ctr + 2, new->x, 6 ); + TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret ); + + mbedtls_ssl_free( &ssl ); + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ +void ssl_set_hostname_twice( char *hostname0, char *hostname1 ) +{ + mbedtls_ssl_context ssl; + mbedtls_ssl_init( &ssl ); + + TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 ); + TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 ); + + mbedtls_ssl_free( &ssl ); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data new file mode 100644 index 000000000..042d653b5 --- /dev/null +++ b/tests/suites/test_suite_x509parse.data @@ -0,0 +1,1995 @@ +X509 Certificate information #1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information #1 (DER) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server1.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information #2 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information #2 (DER) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server2.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information #3 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2011-02-12 14\:44\:00\nexpires on \: 2021-02-12 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" + +X509 Certificate information #3 (DER) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/test-ca.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2011-02-12 14\:44\:00\nexpires on \: 2021-02-12 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" + +X509 Certificate information MD2 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information MD4 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C +x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information MD5 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C +x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information SHA1 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information SHA224 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information SHA256 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_cert_info:"data_files/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information SHA384 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C +x509_cert_info:"data_files/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information SHA512 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C +x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA1 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA224 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA256 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA384 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA512 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information EC, SHA1 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information EC, SHA224 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_cert_info:"data_files/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information EC, SHA256 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_cert_info:"data_files/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information EC, SHA384 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +x509_cert_info:"data_files/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information EC, SHA512 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +x509_cert_info:"data_files/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information, NS Cert Type +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" + +X509 Certificate information, Key Usage +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/server1.key_usage.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" + +X509 Certificate information, Key Usage with decipherOnly +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/keyUsage.decipherOnly.crt":"cert. version \: 3\nserial number \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name \: C=GB, L=Cambridge, O=Default Company Ltd\nissued on \: 2015-05-12 10\:36\:55\nexpires on \: 2018-05-11 10\:36\:55\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n" + +X509 Certificate information, Subject Alt Name +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2012-05-10 13\:23\:41\nexpires on \: 2022-05-11 13\:23\:41\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \: example.com, example.net, *.example.org\n" + +X509 Certificate information, Subject Alt Name + Key Usage +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \: www.shotokan-braunschweig.de, www.massimo-abate.eu\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" + +X509 Certificate information, Key Usage + Extended Key Usage +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_cert_info:"data_files/server1.ext_ku.crt":"cert. version \: 3\nserial number \: 21\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2014-04-01 14\:44\:43\nexpires on \: 2024-03-29 14\:44\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\next key usage \: TLS Web Server Authentication\n" + +X509 Certificate information RSA signed by EC +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information EC signed by RSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information Bitstring in subject name +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \: \next key usage \: TLS Web Client Authentication\n" + +X509 certificate v1 with extension +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C +x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \: identity-check.org, www.identity-check.org\n" + +X509 CRL information #1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" + +X509 CRL Information MD2 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" + +X509 CRL Information MD4 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C +mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" + +X509 CRL Information MD5 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" + +X509 CRL Information SHA1 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" + +X509 CRL Information SHA224 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" + +X509 CRL Information SHA256 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" + +X509 CRL Information SHA384 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" + +X509 CRL Information SHA512 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" + +X509 CRL information RSA-PSS, SHA1 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" + +X509 CRL information RSA-PSS, SHA224 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" + +X509 CRL information RSA-PSS, SHA256 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" + +X509 CRL information RSA-PSS, SHA384 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" + +X509 CRL information RSA-PSS, SHA512 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" + +X509 CRL Information EC, SHA1 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C +mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" + +X509 CRL Information EC, SHA224 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" + +X509 CRL Information EC, SHA256 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" + +X509 CRL Information EC, SHA384 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" + +X509 CRL Information EC, SHA512 Digest +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" + +X509 CRL Malformed Input (trailing spaces at end of file) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +mbedtls_x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT + +X509 CRL Unsupported critical extension (issuingDistributionPoint) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +mbedtls_x509_crl_parse:"data_files/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRL Unsupported non-critical extension (issuingDistributionPoint) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 + +X509 CSR Information RSA with MD4 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with MD5 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA224 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA256 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA512 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" + +X509 CSR Information EC with SHA1 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA224 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA256 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA384 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA512 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" + +X509 CSR Information RSA-PSS with SHA1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA224 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA256 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA512 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA with SHA256 - Microsoft header +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" + +X509 Verify Information: empty +x509_verify_info:0:"":"" + +X509 Verify Information: one issue +x509_verify_info:MBEDTLS_X509_BADCERT_MISSING:"":"Certificate was missing\n" + +X509 Verify Information: two issues +x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:"":"The certificate validity has expired\nThe CRL is expired\n" + +X509 Verify Information: two issues, one unknown +x509_verify_info:MBEDTLS_X509_BADCERT_OTHER | 0x80000000:"":"Other reason (can be used by verify callback)\nUnknown reason (this should not happen)\n" + +X509 Verify Information: empty, with prefix +x509_verify_info:0:" ! ":"" + +X509 Verify Information: one issue, with prefix +x509_verify_info:MBEDTLS_X509_BADCERT_MISSING:" ! ":" ! Certificate was missing\n" + +X509 Verify Information: two issues, with prefix +x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:" ! ":" ! The certificate validity has expired\n ! The CRL is expired\n" + +X509 Get Distinguished Name #1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1" + +X509 Get Distinguished Name #2 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets:"data_files/server1.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" + +X509 Get Distinguished Name #3 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets:"data_files/server2.crt":"subject":"C=NL, O=PolarSSL, CN=localhost" + +X509 Get Distinguished Name #4 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" + +X509 Time Expired #1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C +mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1 + +X509 Time Expired #2 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C +mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_to":0 + +X509 Time Expired #3 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C +mbedtls_x509_time_is_past:"data_files/server2.crt":"valid_from":1 + +X509 Time Expired #4 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C +mbedtls_x509_time_is_past:"data_files/server2.crt":"valid_to":0 + +X509 Time Expired #5 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C +mbedtls_x509_time_is_past:"data_files/test-ca.crt":"valid_from":1 + +X509 Time Expired #6 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C +mbedtls_x509_time_is_past:"data_files/test-ca.crt":"valid_to":0 + +X509 Time Future #1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C +mbedtls_x509_time_is_future:"data_files/server5.crt":"valid_from":0 + +X509 Time Future #2 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C +mbedtls_x509_time_is_future:"data_files/server5.crt":"valid_to":1 + +X509 Time Future #3 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C +mbedtls_x509_time_is_future:"data_files/server5-future.crt":"valid_from":1 + +X509 Time Future #4 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C +mbedtls_x509_time_is_future:"data_files/server5-future.crt":"valid_to":1 + +X509 Time Future #5 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C +mbedtls_x509_time_is_future:"data_files/test-ca2.crt":"valid_from":0 + +X509 Time Future #6 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA256_C +mbedtls_x509_time_is_future:"data_files/test-ca2.crt":"valid_to":1 + +X509 Certificate verification #1 (Revoked Cert, Expired CRL, no CN) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" + +X509 Certificate verification #1a (Revoked Cert, Future CRL, no CN) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" + +X509 Certificate verification #2 (Revoked Cert, Expired CRL) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Server 1":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" + +X509 Certificate verification #2a (Revoked Cert, Future CRL) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"localhost":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" + +X509 Certificate verification #3 (Revoked Cert, Future CRL, CN Mismatch) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #3a (Revoked Cert, Expired CRL, CN Mismatch) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #4 (Valid Cert, Expired CRL) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server2.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" + +X509 Certificate verification #4a (Revoked Cert, Future CRL) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" + +X509 Certificate verification #5 (Revoked Cert) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #5' (Revoked Cert, differing DN string formats #1) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca_utf8.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #5'' (Revoked Cert, differing DN string formats #2) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca_printable.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #5''' (Revoked Cert, differing upper and lower case) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca_uppercase.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #6 (Revoked Cert) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Server 1":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #7 (Revoked Cert, CN Mismatch) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #8 (Valid Cert) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C +x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #8a (Expired Cert) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server5-expired.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" + +X509 Certificate verification #8b (Future Cert) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server5-future.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" + +X509 Certificate verification #8c (Expired Cert, longer chain) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server7-expired.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" + +X509 Certificate verification #8d (Future Cert, longer chain) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server7-future.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" + +X509 Certificate verification #9 (Not trusted Cert) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #10 (Not trusted Cert, Expired CRL) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #12 (Valid Cert MD4 Digest) +depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" + +X509 Certificate verification #13 (Valid Cert MD5 Digest) +depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" + +X509 Certificate verification #14 (Valid Cert SHA1 Digest explicitly allowed in profile) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #14 (Valid Cert SHA1 Digest allowed in compile-time default profile) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES +x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"":"NULL" + +X509 Certificate verification #14 (Valid Cert SHA1 Digest forbidden in default profile) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES +x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL" + +X509 Certificate verification #15 (Valid Cert SHA224 Digest) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #16 (Valid Cert SHA256 Digest) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #17 (Valid Cert SHA384 Digest) +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #18 (Valid Cert SHA512 Digest) +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #19 (Valid Cert, denying callback) +depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_OTHER:"compat":"verify_none" + +X509 Certificate verification #19 (Not trusted Cert, allowing callback) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":0:0:"compat":"verify_all" + +X509 Certificate verification #21 (domain matching wildcard certificate, case insensitive) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.ExAmPlE.com":0:0:"compat":"NULL" + +X509 Certificate verification #22 (domain not matching wildcard certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #23 (domain not matching wildcard certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #24 (domain matching CN of multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #25 (domain matching multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.net":0:0:"compat":"NULL" + +X509 Certificate verification #26 (domain not matching multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #27 (domain not matching multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"xample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #27 (domain not matching multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"bexample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #28 (domain not matching wildcard in multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.org":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" + +X509 Certificate verification #29 (domain matching wildcard in multi certificate) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.org":0:0:"compat":"NULL" + +X509 Certificate verification #30 (domain matching multi certificate without CN) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.shotokan-braunschweig.de":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #31 (domain not matching multi certificate without CN) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH + MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #32 (Valid, EC cert, RSA CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #33 (Valid, RSA cert, EC CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #34 (Valid, EC cert, EC CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #35 (Revoked, EC CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #36 (Valid, EC CA, SHA1 Digest) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C +x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #37 (Valid, EC CA, SHA224 Digest) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #38 (Valid, EC CA, SHA384 Digest) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5-sha384.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #39 (Valid, EC CA, SHA512 Digest) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5-sha512.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #40 (Valid, depth 0, RSA, CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/test-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #41 (Valid, depth 0, EC, CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify:"data_files/test-ca2.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #42 (Depth 0, not CA, RSA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/server2.crt":"data_files/server2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #43 (Depth 0, not CA, EC) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_verify:"data_files/server5.crt":"data_files/server5.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #44 (Corrupted signature, EC) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #45 (Corrupted signature, RSA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/server2-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #45b (Corrupted signature, intermediate CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #46 (Valid, depth 2, EC-RSA-EC) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #47 (Untrusted, depth 2, EC-RSA-EC) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #48 (Missing intermediate CA, EC-RSA-EC) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server7.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #49 (Valid, depth 2, RSA-EC-RSA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server8_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #50 (Valid, multiple CAs) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server2.crt":"data_files/test-ca_cat12.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #51 (Valid, multiple CAs, reverse order) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server2.crt":"data_files/test-ca_cat21.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #52 (CA keyUsage valid) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt_crl.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #53 (CA keyUsage missing cRLSign) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #54 (CA keyUsage missing cRLSign, no CRL) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #55 (CA keyUsage missing keyCertSign) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crl.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #56 (CA keyUsage plain wrong) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_CHECK_KEY_USAGE:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #57 (Valid, RSASSA-PSS, SHA-1) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #58 (Valid, RSASSA-PSS, SHA-224) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #59 (Valid, RSASSA-PSS, SHA-256) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #60 (Valid, RSASSA-PSS, SHA-384) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #61 (Valid, RSASSA-PSS, SHA-512) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #62 (Revoked, RSASSA-PSS, SHA-1) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #64 (Valid, RSASSA-PSS, SHA-1, not top) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #65 (RSASSA-PSS, SHA1, bad cert signature) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #66 (RSASSA-PSS, SHA1, no RSA CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #67 (Valid, RSASSA-PSS, all defaults) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #68 (RSASSA-PSS, wrong salt_len) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #69 (RSASSA-PSS, wrong mgf_hash) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #70 (v1 trusted CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server1-v1.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #71 (v1 trusted CA, other) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server2-v1.crt":"data_files/server1-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #72 (v1 chain) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server2-v1-chain.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #73 (selfsigned trusted without CA bit) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +x509_verify:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #74 (signed by selfsigned trusted without CA bit) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +x509_verify:"data_files/server6-ss-child.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" + +X509 Certificate verification #75 (encoding mismatch) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #76 (multiple CRLs, not revoked) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server5.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #77 (multiple CRLs, revoked) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #78 (multiple CRLs, revoked by second) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_rsa-ec.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #79 (multiple CRLs, revoked by future) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" + +X509 Certificate verification #80 (multiple CRLs, first future, revoked by second) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" + +X509 Certificate verification #81 (multiple CRLs, none relevant) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #82 (Not yet valid CA and valid CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #83 (valid CA and Not yet valid CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-future.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #84 (valid CA and Not yet valid CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-past.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #85 (Not yet valid CA and valid CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #86 (Not yet valid CA and invalid CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" + +X509 Certificate verification #87 (Expired CA and invalid CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_HAVE_TIME_DATE +x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" + +X509 Certificate verification #88 (Spurious cert in the chain) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/server7_spurious_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #89 (Spurious cert later in the chain) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify:"data_files/server10_int3_spurious_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #90 (EE with same name as trusted root) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify:"data_files/server5-ss-forgeca.crt":"data_files/test-int-ca3.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"":"NULL" + +X509 Certificate verification #91 (same CA with good then bad key) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +x509_verify:"data_files/server1.crt":"data_files/test-ca-good-alt.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #91 (same CA with bad then good key) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +x509_verify:"data_files/server1.crt":"data_files/test-ca-alt-good.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" + +X509 Certificate verification #92 (bad name, allowing callback) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"globalhost":0:0:"":"verify_all" + +X509 Certificate verification #93 (Suite B invalid, EC cert, RSA CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY|MBEDTLS_X509_BADCRL_BAD_MD|MBEDTLS_X509_BADCRL_BAD_PK:"suite_b":"NULL" + +X509 Certificate verification #94 (Suite B invalid, RSA cert, EC CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_PK:"suite_b":"NULL" + +X509 Certificate verification #95 (Suite B Valid, EC cert, EC CA) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL" + +X509 Certificate verification #96 (next profile Invalid Cert SHA224 Digest) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL" + +X509 Certificate verification #97 (next profile Valid Cert SHA256 Digest) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_SHA1_C +x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"next":"NULL" + +X509 Certificate verification callback: bad name +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_callback:"data_files/server5.crt":"data_files/test-ca2.crt":"globalhost":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000004\n" + +X509 Certificate verification callback: trusted EE cert +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +x509_verify_callback:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"NULL":0:"depth 0 - serial 53\:A2\:CB\:4B\:12\:4E\:AD\:83\:7D\:A8\:94\:B2 - subject CN=selfsigned, OU=testing, O=PolarSSL, C=NL - flags 0x00000000\n" + +X509 Certificate verification callback: trusted EE cert, expired +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE +x509_verify_callback:"data_files/server5-ss-expired.crt":"data_files/server5-ss-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 0 - serial D8\:64\:61\:05\:E3\:A3\:CD\:78 - subject C=UK, O=mbed TLS, OU=testsuite, CN=localhost - flags 0x00000001\n" + +X509 Certificate verification callback: simple +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_verify_callback:"data_files/server1.crt":"data_files/test-ca.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" + +X509 Certificate verification callback: simple, EE expired +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify_callback:"data_files/server5-expired.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 0 - serial 1E - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000001\n" + +X509 Certificate verification callback: simple, root expired +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify_callback:"data_files/server5.crt":"data_files/test-ca2-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial 01 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000001\ndepth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: two trusted roots +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify_callback:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" + +X509 Certificate verification callback: two trusted roots, reversed order +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify_callback:"data_files/server1.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" + +X509 Certificate verification callback: root included +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify_callback:"data_files/server1_ca.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" + +X509 Certificate verification callback: intermediate ca +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify_callback:"data_files/server7_int-ca.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: intermediate ca, root included +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify_callback:"data_files/server7_int-ca_ca2.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: intermediate ca trusted +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +x509_verify_callback:"data_files/server7_int-ca_ca2.crt":"data_files/test-int-ca.crt":"NULL":0:"depth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: intermediate ca, EE expired +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify_callback:"data_files/server7-expired.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000001\n" + +X509 Certificate verification callback: intermediate ca, int expired +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify_callback:"data_files/server7_int-ca-exp.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000001\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: intermediate ca, root expired +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:MBEDTLS_HAVE_TIME_DATE +x509_verify_callback:"data_files/server7_int-ca.crt":"data_files/test-ca2-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial 01 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000001\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: two intermediates +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify_callback:"data_files/server10_int3_int-ca2.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 3 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: two intermediates, root included +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify_callback:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 3 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: two intermediates, top int trusted +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +x509_verify_callback:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":"NULL":0:"depth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: two intermediates, low int trusted +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +x509_verify_callback:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-int-ca3.crt":"NULL":0:"depth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" + +X509 Certificate verification callback: no intermediate, bad signature +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_callback:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" + +X509 Certificate verification callback: one intermediate, bad signature +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +x509_verify_callback:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" + +X509 Parse Selftest +depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_selftest: + +X509 Certificate ASN1 (Incorrect first tag) +x509parse_crt:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT + +X509 Certificate ASN1 (Correct first tag, data length does not match) +x509parse_crt:"300000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (Correct first tag, no more data) +x509parse_crt:"3000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (Correct first tag, length data incorrect) +x509parse_crt:"30023085":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 Certificate ASN1 (Correct first tag, length data incomplete) +x509parse_crt:"30023083":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (Correct first tag, length data incomplete) +x509parse_crt:"30023081":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (Correct first tag, length data incomplete) +x509parse_crt:"3003308200":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (Correct first tag, second tag no TBSCertificate) +x509parse_crt:"300100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, no version tag, serial missing) +x509parse_crt:"3003300100":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, invalid version tag) +x509parse_crt:"30053003a00101":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, valid version tag, no length) +x509parse_crt:"30053003a00102":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, valid version tag, invalid length) +x509parse_crt:"30163014a012021000000000000000000000000000000000":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 Certificate ASN1 (TBSCertificate, valid version tag, no serial) +x509parse_crt:"30073005a003020104":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, invalid length version tag) +x509parse_crt:"30083006a00402010400":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate, incorrect serial tag) +x509parse_crt:"30083006a00302010400":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, incorrect serial length) +x509parse_crt:"30083006a00302010482":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, correct serial, no alg) +x509parse_crt:"300d300ba0030201048204deadbeef":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, correct serial, no alg oid) +x509parse_crt:"300e300ca0030201048204deadbeef00":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, alg oid no data in sequence) +x509parse_crt:"300f300da0030201048204deadbeef3000":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, alg with params) +x509parse_crt:"30163014a0030201048204deadbeef30070604cafed00d01":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, correct alg data, no params unknown version) +x509parse_crt:"30153013a0030201048204deadbeef30060604cafed00d":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 Certificate ASN1 (TBSCertificate, correct alg data, unknown version) +x509parse_crt:"30173015a0030201048204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 Certificate ASN1 (TBSCertificate, correct alg data, length mismatch) +x509parse_crt:"30183016a0030201048204deadbeef30090604cafed00d050000":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate, correct alg, unknown alg_id) +x509parse_crt:"30173015a0030201028204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND + +X509 Certificate ASN1 (TBSCertificate, correct alg, specific alg_id) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101020500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, correct alg, unknown specific alg_id) +x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101010500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND + +X509 Certificate ASN1 (TBSCertificate, correct alg, bad RSASSA-PSS params) +depends_on:MBEDTLS_X509_RSASSA_PSS_SUPPORT +x509parse_crt:"30193017A003020102020118300D06092A864886F70D01010A3100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, issuer no set data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, issuer no inner seq data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"3020301ea0030201028204deadbeef300d06092a864886f70d010102050030023100":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, issuer no inner set data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30223020a0030201028204deadbeef300d06092a864886f70d0101020500300431023000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, issuer two inner set datas) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, issuer no oid data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430020600":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, issuer invalid tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600060454657374":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, issuer, no string data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30253023a0030201028204deadbeef300d06092a864886f70d0101020500300731053003060013":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, issuer, no full following string) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"302b3029a0030201028204deadbeef300d06092a864886f70d0101020500300d310b3009060013045465737400":"":MBEDTLS_ERR_X509_INVALID_NAME+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, valid issuer, no validity) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, too much date data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301d170c303930313031303030303030170c30393132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate, invalid from date) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323300000000":"":MBEDTLS_ERR_X509_INVALID_DATE + +X509 Certificate ASN1 (TBSCertificate, invalid to date) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323300000000":"":MBEDTLS_ERR_X509_INVALID_DATE + +X509 Certificate ASN1 (TBSCertificate, valid validity, no subject) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, valid subject, no pubkeyinfo) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30563054a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, pubkey, no alg) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30583056a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, valid subject, unknown pk alg) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101000500":"":MBEDTLS_ERR_PK_UNKNOWN_PK_ALG + +X509 Certificate ASN1 (TBSCertificate, pubkey, no bitstring) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate, pubkey, no bitstring data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30693067a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_DATA + +X509 Certificate ASN1 (TBSCertificate, pubkey, invalid bitstring start) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_DATA + +X509 Certificate ASN1 (TBSCertificate, pubkey, invalid internal bitstring length) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate, pubkey, invalid internal bitstring tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, pubkey, invalid mbedtls_mpi) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate, pubkey, total length mismatch) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate, pubkey, check failed) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + +X509 Certificate ASN1 (TBSCertificate, pubkey, check failed, expanded length notation) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + +X509 Certificate ASN1 (TBSCertificate v3, Optional UIDs, Extensions not present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, issuerID wrong tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate v3, UIDs, no ext) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, UIDs, invalid length) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb":"":MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 Certificate ASN1 (TBSCertificate v3, ext empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, ext length mismatch) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (TBSCertificate v3, first ext invalid) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, first ext invalid tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, bool len missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, data missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, no octet present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet data missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, no pathlen) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet len mismatch) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (ExtKeyUsage, bad second tag) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +x509parse_crt:"3081de3081dba003020102020900ebdbcd14105e1839300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313230353935345a170d3234313130383230353935345a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa321301f301d0603551d250416301406082b0601050507030107082b06010505070302":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 Certificate ASN1 (SubjectAltName repeated) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +x509parse_crt:"3081fd3081faa003020102020900a8b31ff37d09a37f300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313231333731365a170d3234313130383231333731365a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + +X509 Certificate ASN1 (ExtKeyUsage repeated) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +x509parse_crt:"3081fd3081faa003020102020900ebdbcd14105e1839300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313230353935345a170d3234313130383230353935345a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa340303e301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d250416301406082b0601050507030106082b06010505070302":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + +X509 Certificate ASN1 (correct pubkey, no sig_alg) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (sig_alg mismatch) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500":"":MBEDTLS_ERR_X509_SIG_MISMATCH + +X509 Certificate ASN1 (sig_alg, no sig) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 Certificate ASN1 (signature, invalid sig data) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA + +X509 Certificate ASN1 (signature, data left) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 Certificate ASN1 (correct) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (GeneralizedTime instead of UTCTime) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2010-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with X520 CN) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: CN=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with X520 C) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: C=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with X520 L) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: L=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with X520 ST) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ST=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with X520 O) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: O=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with X520 OU) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: OU=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with unknown X520 part) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with composite RDN) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509parse_crt:"3082029f30820208a00302010202044c20e3bd300d06092a864886f70d01010505003056310b3009060355040613025553310b300906035504080c0243413121301f060355040a0c18496e7465726e6574205769646769747320507479204c74643117301506035504030c0e4672616e6b656e63657274204341301e170d3133303830323135313433375a170d3135303831373035353433315a3081d1310b3009060355040613025553311330110603550408130a57617368696e67746f6e31133011060b2b0601040182373c0201031302555331193017060b2b0601040182373c020102130844656c6177617265311a3018060355040a1311417574686f72697a652e4e6574204c4c43311d301b060355040f131450726976617465204f7267616e697a6174696f6e312a300e06035504051307343336393139313018060355040313117777772e617574686f72697a652e6e6574311630140603550407130d53616e204672616e636973636f30819f300d06092a864886f70d010101050003818d0030818902818100d885c62e209b6ac005c64f0bcfdaac1f2b67a18802f75b08851ff933deed888b7b68a62fcabdb21d4a8914becfeaaa1b7e08a09ffaf9916563586dc95e2877262b0b5f5ec27eb4d754aa6facd1d39d25b38a2372891bacdd3e919f791ed25704e8920e380e5623a38e6a23935978a3aec7a8e761e211d42effa2713e44e7de0b0203010001300d06092a864886f70d010105050003818100092f7424d3f6da4b8553829d958ed1980b9270b42c0d3d5833509a28c66bb207df9f3c51d122065e00b87c08c2730d2745fe1c279d16fae4d53b4bf5bdfa3631fceeb2e772b6b08a3eca5a2e2c687aefd23b4b73bf77ac6099711342cf070b35c6f61333a7cbf613d8dd4bd73e9df34bcd4284b0b4df57c36c450613f11e5dac":"cert. version \: 3\nserial number \: 4C\:20\:E3\:BD\nissuer name \: C=US, ST=CA, O=Internet Widgits Pty Ltd, CN=Frankencert CA\nsubject name \: C=US, ST=Washington, ??=US, ??=Delaware, O=Authorize.Net LLC, ??=Private Organization, serialNumber=4369191 + CN=www.authorize.net, L=San Francisco\nissued on \: 2013-08-02 15\:14\:37\nexpires on \: 2015-08-17 05\:54\:31\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\n":0 + +X509 Certificate ASN1 (Name with PKCS9 email) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: emailAddress=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (Name with unknown PKCS9 part) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD2_C +x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0 + +X509 Certificate ASN1 (ECDSA signature, RSA key) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C +x509parse_crt:"3081E630819E020103300906072A8648CE3D0401300F310D300B0603550403130454657374301E170D3133303731303039343631385A170D3233303730383039343631385A300F310D300B0603550403130454657374304C300D06092A864886F70D0101010500033B003038023100E8F546061D3B49BC2F6B7524B7EA4D73A8D5293EE8C64D9407B70B5D16BAEBC32B8205591EAB4E1EB57E9241883701250203010001300906072A8648CE3D0401033800303502186E18209AFBED14A0D9A796EFCAD68891E3CCD5F75815C833021900E92B4FD460B1994693243B9FFAD54729DE865381BDA41D25":"cert. version \: 1\nserial number \: 03\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:46\:18\nexpires on \: 2023-07-08 09\:46\:18\nsigned using \: ECDSA with SHA1\nRSA key size \: 384 bits\n":0 + +X509 Certificate ASN1 (ECDSA signature, EC key) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C +x509parse_crt:"3081EB3081A3020900F41534662EC7E912300906072A8648CE3D0401300F310D300B0603550403130454657374301E170D3133303731303039343031395A170D3233303730383039343031395A300F310D300B06035504031304546573743049301306072A8648CE3D020106082A8648CE3D030101033200042137969FABD4E370624A0E1A33E379CAB950CCE00EF8C3C3E2ADAEB7271C8F07659D65D3D777DCF21614363AE4B6E617300906072A8648CE3D04010338003035021858CC0F957946FE6A303D92885A456AA74C743C7B708CBD37021900FE293CAC21AF352D16B82EB8EA54E9410B3ABAADD9F05DD6":"cert. version \: 1\nserial number \: F4\:15\:34\:66\:2E\:C7\:E9\:12\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:40\:19\nexpires on \: 2023-07-08 09\:40\:19\nsigned using \: ECDSA with SHA1\nEC key size \: 192 bits\n":0 + +X509 Certificate ASN1 (RSA signature, EC key) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +x509parse_crt:"3081E430819F020104300D06092A864886F70D0101050500300F310D300B0603550403130454657374301E170D3133303731303135303233375A170D3233303730383135303233375A300F310D300B06035504031304546573743049301306072A8648CE3D020106082A8648CE3D03010103320004E962551A325B21B50CF6B990E33D4318FD16677130726357A196E3EFE7107BCB6BDC6D9DB2A4DF7C964ACFE81798433D300D06092A864886F70D01010505000331001A6C18CD1E457474B2D3912743F44B571341A7859A0122774A8E19A671680878936949F904C9255BDD6FFFDB33A7E6D8":"cert. version \: 1\nserial number \: 04\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 15\:02\:37\nexpires on \: 2023-07-08 15\:02\:37\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\n":0 + +X509 Certificate ASN1 (invalid version 3) +x509parse_crt:"30173015a0030201038204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 Certificate ASN1 (invalid version overflow) +x509parse_crt:"301A3018a00602047FFFFFFF8204deadbeef30080604cafed00d0500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 Certificate ASN1 (invalid SubjectAltNames tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509parse_crt:"308203723082025AA003020102020111300D06092A864886F70D0101050500303B310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C3119301706035504031310506F6C617253534C2054657374204341301E170D3132303531303133323334315A170D3232303531313133323334315A303A310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C311830160603550403130F7777772E6578616D706C652E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100B93C4AC5C8A38E9017A49E52AA7175266180E7C7B56D8CFFAAB64126B7BE11AD5C73160C64114804FFD6E13B05DB89BBB39709D51C14DD688739B03D71CBE276D01AD8182D801B54F6E5449AF1CBAF612EDF490D9D09B7EDB1FD3CFD3CFA24CF5DBF7CE453E725B5EA4422E926D3EA20949EE66167BA2E07670B032FA209EDF0338F0BCE10EF67A4C608DAC1EDC23FD74ADD153DF95E1C8160463EB5B33D2FA6DE471CBC92AEEBDF276B1656B7DCECD15557A56EEC7525F5B77BDFABD23A5A91987D97170B130AA76B4A8BC14730FB3AF84104D5C1DFB81DBF7B01A565A2E01E36B7A65CCC305AF8CD6FCDF1196225CA01E3357FFA20F5DCFD69B26A007D17F70203010001A38181307F30090603551D1304023000301D0603551D0E041604147DE49C6BE6F9717D46D2123DAD6B1DFDC2AA784C301F0603551D23041830168014B45AE4A5B3DED252F6B9D5A6950FEB3EBCC7FDFF30320603551D11042B3029C20B6578616D706C652E636F6D820B6578616D706C652E6E6574820D2A2E6578616D706C652E6F7267300D06092A864886F70D010105050003820101004F09CB7AD5EEF5EF620DDC7BA285D68CCA95B46BDA115B92007513B9CA0BCEEAFBC31FE23F7F217479E2E6BCDA06E52F6FF655C67339CF48BC0D2F0CD27A06C34A4CD9485DA0D07389E4D4851D969A0E5799C66F1D21271F8D0529E840AE823968C39707CF3C934C1ADF2FA6A455487F7C8C1AC922DA24CD9239C68AECB08DF5698267CB04EEDE534196C127DC2FFE33FAD30EB8D432A9842853A5F0D189D5A298E71691BB9CC0418E8C58ACFFE3DD2E7AABB0B97176AD0F2733F7A929D3C076C0BF06407C0ED5A47C8AE2326E16AEDA641FB0557CDBDDF1A4BA447CB39958D2346E00EA976C143AF2101E0AA249107601F4F2C818FDCC6346128B091BF194E6":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRL ASN1 (Incorrect first tag) +x509parse_crl:"":"":MBEDTLS_ERR_X509_INVALID_FORMAT + +X509 CRL ASN1 (Correct first tag, data length does not match) +x509parse_crl:"300000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRL ASN1 (TBSCertList, tag missing) +x509parse_crl:"3000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, version tag len missing) +x509parse_crl:"3003300102":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, version correct, alg missing) +x509parse_crl:"30053003020100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, alg correct, incorrect version) +x509parse_crl:"300b3009020102300406000500":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 CRL ASN1 (TBSCertList, correct version, sig_oid1 unknown) +x509parse_crl:"300b3009020100300406000500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + +X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown) +x509parse_crl:"30143012020100300d06092a864886f70d01010f0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + +X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"30143012020100300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, issuer set missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"30163014020100300d06092a864886f70d01010e05003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":MBEDTLS_ERR_X509_SIG_MISMATCH + +X509 CRL ASN1 (TBSCertList, sig present, len mismatch) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRL ASN1 (TBSCertList, sig present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 + +X509 CRL ASN1 (TBSCertList, no entries) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 + +X509 CRL ASN1 (invalid version 2) +x509parse_crl:"30463031020102300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 CRL ASN1 (invalid version overflow) +x509parse_crl:"3049303102047FFFFFFF300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 CRL ASN1 (extension seq too long, crl-idp.pem byte 121) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30300603551d1c0101ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (extension oid too long, crl-idp.pem byte 123) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290628551d1c0101ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (extension critical invalid length, crl-idp.pem byte 128) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0102ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRL ASN1 (extension data too long, crl-idp.pem byte 131) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff0420301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRL ASN1 (extension data too short, crl-idp.pem byte 131) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 + +X509 CRT parse path #2 (one cert) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_path:"data_files/dir1":0:1 + +X509 CRT parse path #3 (two certs) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_parse_path:"data_files/dir2":0:2 + +X509 CRT parse path #4 (two certs, one non-cert) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_parse_path:"data_files/dir3":1:2 + +X509 CRT verify long chain (max intermediate CA, trusted) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA:0:0 + +X509 CRT verify long chain (max intermediate CA, untrusted) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_max:"data_files/test-ca2.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA-1:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED + +X509 CRT verify long chain (max intermediate CA + 1) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA+1:MBEDTLS_ERR_X509_FATAL_ERROR:-1 + +X509 CRT verify chain #1 (zero pathlen intermediate) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 + +X509 CRT verify chain #2 (zero pathlen root) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert23.crt data_files/dir4/cert22.crt":"data_files/dir4/cert21.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 + +X509 CRT verify chain #3 (nonzero pathlen root) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert34.crt data_files/dir4/cert33.crt data_files/dir4/cert32.crt":"data_files/dir4/cert31.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 + +X509 CRT verify chain #4 (nonzero pathlen intermediate) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert45.crt data_files/dir4/cert44.crt data_files/dir4/cert43.crt data_files/dir4/cert42.crt":"data_files/dir4/cert41.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 + +X509 CRT verify chain #5 (nonzero maxpathlen intermediate) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert54.crt data_files/dir4/cert53.crt data_files/dir4/cert52.crt":"data_files/dir4/cert51.crt":0:0:"":0 + +X509 CRT verify chain #6 (nonzero maxpathlen root) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:"":0 + +X509 CRT verify chain #7 (maxpathlen root, self signed in path) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert74.crt data_files/dir4/cert73.crt data_files/dir4/cert72.crt":"data_files/dir4/cert71.crt":0:0:"":0 + +X509 CRT verify chain #8 (self signed maxpathlen root) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert61.crt data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:"":0 + +X509 CRT verify chain #9 (zero pathlen first intermediate, valid) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert83.crt data_files/dir4/cert82.crt":"data_files/dir4/cert81.crt":0:0:"":0 + +X509 CRT verify chain #10 (zero pathlen root, valid) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":0:0:"":0 + +X509 CRT verify chain #11 (valid chain, missing profile) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":-1:MBEDTLS_ERR_X509_BAD_INPUT_DATA:"nonesuch":0 + +X509 CRT verify chain #12 (suiteb profile, RSA root) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_crt_verify_chain:"data_files/server3.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"suiteb":0 + +X509 CRT verify chain #13 (RSA only profile, EC root) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server4.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 + +X509 CRT verify chain #13 (RSA only profile, EC trusted EE) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 + +X509 CRT verify chain #14 (RSA-3072 profile, root key too small) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +mbedtls_x509_crt_verify_chain:"data_files/server1.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 + +X509 CRT verify chain #15 (suiteb profile, rsa intermediate) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server7.crt data_files/test-int-ca.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_PK:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"suiteb":0 + +X509 CRT verify chain #16 (RSA-only profile, EC intermediate) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_crt_verify_chain:"data_files/server8.crt data_files/test-int-ca2.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 + +X509 CRT verify chain #17 (SHA-512 profile) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server7.crt data_files/test-int-ca.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_MD:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"sha512":0 + +X509 CRT verify chain #18 (len=1, vrfy fatal on depth 1) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C +mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca2.crt":-1:-2:"":2 + +X509 CRT verify chain #19 (len=0, vrfy fatal on depth 0) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C +mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca2.crt":-1:-1:"":1 + +X509 CRT verify chain #20 (len=1, vrfy fatal on depth 0) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca.crt":-1:-1:"":1 + +X509 CRT verify chain #21 (len=3, vrfy fatal on depth 3) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-4:"":8 + +X509 CRT verify chain #22 (len=3, vrfy fatal on depth 2) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-3:"":4 + +X509 CRT verify chain #23 (len=3, vrfy fatal on depth 1) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-2:"":2 + +X509 CRT verify chain #24 (len=3, vrfy fatal on depth 0) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-1:"":1 + +X509 CRT verify chain #25 (len=3, vrfy fatal on depth 3, untrusted) +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca2.crt":-1:-4:"":8 + +X509 OID description #1 +x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication" + +X509 OID description #2 +x509_oid_desc:"2B0601050507030f":"notfound" + +X509 OID description #3 +x509_oid_desc:"2B0601050507030100":"notfound" + +X509 OID numstring #1 (wide buffer) +x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":20:17 + +X509 OID numstring #2 (buffer just fits) +x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":18:17 + +X509 OID numstring #3 (buffer too small) +x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":17:MBEDTLS_ERR_OID_BUF_TOO_SMALL + +X509 OID numstring #4 (larger number) +x509_oid_numstr:"2A864886F70D":"1.2.840.113549":15:14 + +X509 OID numstring #5 (arithmetic overflow) +x509_oid_numstr:"2A8648F9F8F7F6F5F4F3F2F1F001":"":100:MBEDTLS_ERR_OID_BUF_TOO_SMALL + +X509 crt keyUsage #1 (no extension, expected KU) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 + +X509 crt keyUsage #2 (no extension, surprising KU) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN:0 + +X509 crt keyUsage #3 (extension present, no KU) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":0:0 + +X509 crt keyUsage #4 (extension present, single KU present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE:0 + +X509 crt keyUsage #5 (extension present, single KU absent) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN:MBEDTLS_ERR_X509_BAD_INPUT_DATA + +X509 crt keyUsage #6 (extension present, combined KU present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 + +X509 crt keyUsage #7 (extension present, combined KU both absent) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN|MBEDTLS_X509_KU_CRL_SIGN:MBEDTLS_ERR_X509_BAD_INPUT_DATA + +X509 crt keyUsage #8 (extension present, combined KU one absent) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_KEY_AGREEMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA + +X509 crt keyUsage #9 (extension present, decOnly allowed absent) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0 + +X509 crt keyUsage #10 (extension present, decOnly non-allowed present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA + +X509 crt keyUsage #11 (extension present, decOnly allowed present) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0 + +X509 crt extendedKeyUsage #1 (no extension, serverAuth) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.crt":"2B06010505070301":0 + +X509 crt extendedKeyUsage #2 (single value, present) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.eku-srv.crt":"2B06010505070301":0 + +X509 crt extendedKeyUsage #3 (single value, absent) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.eku-cli.crt":"2B06010505070301":MBEDTLS_ERR_X509_BAD_INPUT_DATA + +X509 crt extendedKeyUsage #4 (two values, first) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2B06010505070301":0 + +X509 crt extendedKeyUsage #5 (two values, second) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2B06010505070302":0 + +X509 crt extendedKeyUsage #6 (two values, other) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2B06010505070303":MBEDTLS_ERR_X509_BAD_INPUT_DATA + +X509 crt extendedKeyUsage #7 (any, random) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_check_extended_key_usage:"data_files/server5.eku-cs_any.crt":"2B060105050703FF":0 + +X509 RSASSA-PSS parameters ASN1 (good, all defaults) +x509_parse_rsassa_pss_params:"":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (wrong initial tag) +x509_parse_rsassa_pss_params:"":MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (unknown tag in top-level sequence) +x509_parse_rsassa_pss_params:"A400":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (good, HashAlg SHA256) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_parse_rsassa_pss_params:"A00D300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (good, explicit HashAlg = default) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_parse_rsassa_pss_params:"A009300706052B0E03021A":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #1) +x509_parse_rsassa_pss_params:"A00A300706052B0E03021A":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #2) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_parse_rsassa_pss_params:"A00A300706052B0E03021A00":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (HashAlg with parameters) +x509_parse_rsassa_pss_params:"A00F300D06096086480165030402013000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_INVALID_DATA + +X509 RSASSA-PSS parameters ASN1 (HashAlg unknown OID) +x509_parse_rsassa_pss_params:"A00D300B06096086480165030402FF":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_OID_NOT_FOUND + +X509 RSASSA-PSS parameters ASN1 (good, MGAlg = MGF1-SHA256) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:0 + +X509 RSASSA-PSS parameters ASN1 (good, explicit MGAlg = default) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +x509_parse_rsassa_pss_params:"A116301406092A864886F70D010108300706052B0E03021A":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #1) +x509_parse_rsassa_pss_params:"A11B301806092A864886F70D010108300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #2) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_parse_rsassa_pss_params:"A11B301806092A864886F70D010108300B060960864801650304020100":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (MGAlg AlgId wrong len #1) +x509_parse_rsassa_pss_params:"A11A301906092A864886F70D010108300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg OID != MGF1) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010109300B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + MBEDTLS_ERR_OID_NOT_FOUND + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong tag) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108310B0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1a) +x509_parse_rsassa_pss_params:"A10F300D06092A864886F70D0101083000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1b) +x509_parse_rsassa_pss_params:"A11B301906092A864886F70D010108300C0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg not an OID) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B0709608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg unknown OID) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B06096086480165030402FF":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_OID_NOT_FOUND + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params NULL) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_parse_rsassa_pss_params:"A11C301A06092A864886F70D010108300D06096086480165030402010500":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:0 + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params wrong tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_parse_rsassa_pss_params:"A11C301A06092A864886F70D010108300D06096086480165030402013000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1c) +x509_parse_rsassa_pss_params:"A11D301B06092A864886F70D010108300E06096086480165030402010500":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #2) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509_parse_rsassa_pss_params:"A11D301B06092A864886F70D010108300E0609608648016503040201050000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (good, saltLen = 94) +x509_parse_rsassa_pss_params:"A20302015E":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:0 + +X509 RSASSA-PSS parameters ASN1 (good, explicit saltLen = default) +x509_parse_rsassa_pss_params:"A203020114":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (saltLen wrong len #1) +x509_parse_rsassa_pss_params:"A20402015E":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (saltLen wrong len #2) +x509_parse_rsassa_pss_params:"A20402015E00":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (saltLen not an int) +x509_parse_rsassa_pss_params:"A2023000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:94:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (good, explicit trailerField = default) +x509_parse_rsassa_pss_params:"A303020101":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (trailerField wrong len #1) +x509_parse_rsassa_pss_params:"A304020101":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (trailerField wrong len #2) +x509_parse_rsassa_pss_params:"A30402010100":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (trailerField not an int) +x509_parse_rsassa_pss_params:"A3023000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (trailerField not 1) +x509_parse_rsassa_pss_params:"A303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + +X509 CSR ASN.1 (OK) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_csr_parse:"308201183081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010349003046022100B49FD8C8F77ABFA871908DFBE684A08A793D0F490A43D86FCF2086E4F24BB0C2022100F829D5CCD3742369299E6294394717C4B723A0F68B44E831B6E6C3BCABF97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0 + +X509 CSR ASN.1 (bad first tag) +mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + +X509 CSR ASN.1 (bad sequence: overlong) +mbedtls_x509_csr_parse:"3001":"":MBEDTLS_ERR_X509_INVALID_FORMAT + +X509 CSR ASN.1 (total length mistmatch) +mbedtls_x509_csr_parse:"30010000":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CSR ASN.1 (bad CRI: not a sequence) +mbedtls_x509_csr_parse:"30023100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad CRI: overlong) +mbedtls_x509_csr_parse:"30023001":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad CRI.Version: overlong) +mbedtls_x509_csr_parse:"30053002020100":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad CRI.Version: not v1) +mbedtls_x509_csr_parse:"30053003020101":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 CSR ASN.1 (bad CRI.Name: not a sequence) +mbedtls_x509_csr_parse:"300730050201003100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad CRI.Name: overlong) +mbedtls_x509_csr_parse:"30083005020100300100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad CRI.Name payload: not a set) +mbedtls_x509_csr_parse:"3009300702010030023000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad CRI.Name payload: overlong) +mbedtls_x509_csr_parse:"300A30080201003002310100":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad SubjectPublicKeyInfo: missing) +mbedtls_x509_csr_parse:"30143012020100300D310B3009060355040613024E4C":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad SubjectPublicKeyInfo: not a sequence) +mbedtls_x509_csr_parse:"30163014020100300D310B3009060355040613024E4C3100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad SubjectPublicKeyInfo: overlong) +mbedtls_x509_csr_parse:"30173014020100300D310B3009060355040613024E4C300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad attributes: missing) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"3081973081940201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad attributes: bad tag) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"3081993081960201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad attributes: overlong) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"30819A3081960201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA00100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad sigAlg: missing) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"3081C23081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad sigAlg: not a sequence) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"3081C43081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E03100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad sigAlg: overlong) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"3081C43081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E03001":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad sigAlg: unknown) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_x509_csr_parse:"3081CD3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04FF":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + +X509 CSR ASN.1 (bad sig: missing) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_csr_parse:"3081CD3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D0401":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (bad sig: not a bit string) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_csr_parse:"3081CF3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010400":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (bad sig: overlong) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_csr_parse:"3081CF3081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010301":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (extra data after signature) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +mbedtls_x509_csr_parse:"308201193081BF0201003034310B3009060355040613024E4C3111300F060355040A1308506F6C617253534C31123010060355040313096C6F63616C686F73743059301306072A8648CE3D020106082A8648CE3D0301070342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFFA029302706092A864886F70D01090E311A301830090603551D1304023000300B0603551D0F0404030205E0300906072A8648CE3D04010349003046022100B49FD8C8F77ABFA871908DFBE684A08A793D0F490A43D86FCF2086E4F24BB0C2022100F829D5CCD3742369299E6294394717C4B723A0F68B44E831B6E6C3BCABF9724300":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CSR ASN.1 (invalid version overflow) +mbedtls_x509_csr_parse:"3008300602047FFFFFFF":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION + +X509 File parse (no issues) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +x509parse_crt_file:"data_files/server7_int-ca.crt":0 + +X509 File parse (extra space in one certificate) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +x509parse_crt_file:"data_files/server7_pem_space.crt":1 + +X509 File parse (all certificates fail) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C +x509parse_crt_file:"data_files/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER + +X509 File parse (trailing spaces, OK) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +x509parse_crt_file:"data_files/server7_trailing_space.crt":0 + +X509 Get time (UTC no issues) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"500101000000Z":0:1950:1:1:0:0:0 + +X509 Get time (Generalized Time no issues) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"99991231235959Z":0:9999:12:31:23:59:59 + +X509 Get time (UTC year without leap day) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"490229121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC year with leap day) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212Z":0:2000:2:29:12:12:12 + +X509 Get time (UTC invalid day of month #1) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000132121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid day of month #2) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001131121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid hour) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130241212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid min) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130236012Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid sec) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130235960Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC without time zone) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212":0:2000:2:29:12:12:12 + +X509 Get time (UTC with invalid time zone #1) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212J":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC with invalid time zone #2) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212+0300":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (Date with invalid tag) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_CONTEXT_SPECIFIC:"000229121212":MBEDTLS_ERR_X509_INVALID_DATE+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:0:0:0:0:0:0 + +X509 Get time (UTC, truncated) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (Generalized Time, truncated) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"20000229121":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC without seconds) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212":MBEDTLS_ERR_X509_INVALID_DATE:2000:2:29:12:12:0 + +X509 Get time (UTC without seconds and with invalid time zone #1) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212J":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC without second and with invalid time zone #2) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212+0300":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid character in year) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid character in month) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001%30231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid character in day) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0011`0231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid character in hour) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0011302h1212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid character in min) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"00113023u012Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (UTC invalid character in sec) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0011302359n0Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (Generalized Time, year multiple of 100 but not 400 is not a leap year) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19000229000000Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 Get time (Generalized Time, year multiple of 4 but not 100 is a leap year) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19920229000000Z":0:1992:2:29:0:0:0 + +X509 Get time (Generalized Time, year multiple of 400 is a leap year) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"20000229000000Z":0:2000:2:29:0:0:0 + +X509 Get time (Generalized Time invalid leap year not multiple of 4, 100 or 400) +depends_on:MBEDTLS_X509_USE_C +x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19910229000000Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 + +X509 cert verify restart: trusted EE, max_ops=0 (disabled) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:0:0:0 + +X509 cert verify restart: trusted EE, max_ops=1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:1:0:0 + +X509 cert verify restart: no intermediate, max_ops=0 (disabled) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:0:0:0 + +X509 cert verify restart: no intermediate, max_ops=1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:1:100:10000 + +X509 cert verify restart: no intermediate, max_ops=40000 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:40000:0:0 + +X509 cert verify restart: no intermediate, max_ops=500 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:500:20:80 + +X509 cert verify restart: no intermediate, badsign, max_ops=0 (disabled) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 + +X509 cert verify restart: no intermediate, badsign, max_ops=1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 + +X509 cert verify restart: no intermediate, badsign, max_ops=40000 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:40000:0:0 + +X509 cert verify restart: no intermediate, badsign, max_ops=500 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:20:80 + +X509 cert verify restart: one int, max_ops=0 (disabled) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:0:0:0 + +X509 cert verify restart: one int, max_ops=1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:1:100:10000 + +X509 cert verify restart: one int, max_ops=30000 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:30000:0:0 + +X509 cert verify restart: one int, max_ops=500 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:500:25:100 + +X509 cert verify restart: one int, EE badsign, max_ops=0 (disabled) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 + +X509 cert verify restart: one int, EE badsign, max_ops=1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 + +X509 cert verify restart: one int, EE badsign, max_ops=30000 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0 + +X509 cert verify restart: one int, EE badsign, max_ops=500 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100 + +X509 cert verify restart: one int, int badsign, max_ops=0 (disabled) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 + +X509 cert verify restart: one int, int badsign, max_ops=1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 + +X509 cert verify restart: one int, int badsign, max_ops=30000 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0 + +X509 cert verify restart: one int, int badsign, max_ops=500 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100 diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function new file mode 100644 index 000000000..4a826082b --- /dev/null +++ b/tests/suites/test_suite_x509parse.function @@ -0,0 +1,861 @@ +/* BEGIN_HEADER */ +#include "mbedtls/bignum.h" +#include "mbedtls/x509.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_crl.h" +#include "mbedtls/x509_csr.h" +#include "mbedtls/pem.h" +#include "mbedtls/oid.h" +#include "mbedtls/base64.h" +#include "string.h" + +#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 +#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ +than the current threshold 19. To test larger values, please \ +adapt the script tests/data_files/dir-max/long.sh." +#endif + +/* Profile for backward compatibility. Allows SHA-1, unlike the default + profile. */ +const mbedtls_x509_crt_profile compat_profile = +{ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ + 1024, +}; + +const mbedtls_x509_crt_profile profile_rsa3072 = +{ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ), + 0, + 3072, +}; + +const mbedtls_x509_crt_profile profile_sha512 = +{ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ + 1024, +}; + +int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +{ + ((void) data); + ((void) crt); + ((void) certificate_depth); + *flags |= MBEDTLS_X509_BADCERT_OTHER; + + return 0; +} + +int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +{ + ((void) data); + ((void) crt); + ((void) certificate_depth); + *flags = 0; + + return 0; +} + +int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +{ + int *levels = (int *) data; + + ((void) crt); + ((void) certificate_depth); + + /* Simulate a fatal error in the callback */ + if( *levels & ( 1 << certificate_depth ) ) + { + *flags |= ( 1 << certificate_depth ); + return( -1 - certificate_depth ); + } + + return( 0 ); +} + +/* strsep() not available on Windows */ +char *mystrsep(char **stringp, const char *delim) +{ + const char *p; + char *ret = *stringp; + + if( *stringp == NULL ) + return( NULL ); + + for( ; ; (*stringp)++ ) + { + if( **stringp == '\0' ) + { + *stringp = NULL; + goto done; + } + + for( p = delim; *p != '\0'; p++ ) + if( **stringp == *p ) + { + **stringp = '\0'; + (*stringp)++; + goto done; + } + } + +done: + return( ret ); +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +typedef struct { + char buf[512]; + char *p; +} verify_print_context; + +void verify_print_init( verify_print_context *ctx ) +{ + memset( ctx, 0, sizeof( verify_print_context ) ); + ctx->p = ctx->buf; +} + +int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +{ + int ret; + verify_print_context *ctx = (verify_print_context *) data; + char *p = ctx->p; + size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p; + ((void) flags); + + ret = mbedtls_snprintf( p, n, "depth %d - serial ", certificate_depth ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, " - subject " ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf( p, n, " - flags 0x%08x\n", *flags ); + MBEDTLS_X509_SAFE_SNPRINTF; + + ctx->p = p; + + return( 0 ); +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_BIGNUM_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void x509_cert_info( char * crt_file, char * result_str ) +{ + mbedtls_x509_crt crt; + char buf[2000]; + int res; + + mbedtls_x509_crt_init( &crt ); + memset( buf, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + res = mbedtls_x509_crt_info( buf, 2000, "", &crt ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ +void mbedtls_x509_crl_info( char * crl_file, char * result_str ) +{ + mbedtls_x509_crl crl; + char buf[2000]; + int res; + + mbedtls_x509_crl_init( &crl ); + memset( buf, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); + res = mbedtls_x509_crl_info( buf, 2000, "", &crl ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + +exit: + mbedtls_x509_crl_free( &crl ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ +void mbedtls_x509_crl_parse( char * crl_file, int result ) +{ + mbedtls_x509_crl crl; + char buf[2000]; + + mbedtls_x509_crl_init( &crl ); + memset( buf, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == result ); + +exit: + mbedtls_x509_crl_free( &crl ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ +void mbedtls_x509_csr_info( char * csr_file, char * result_str ) +{ + mbedtls_x509_csr csr; + char buf[2000]; + int res; + + mbedtls_x509_csr_init( &csr ); + memset( buf, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_csr_parse_file( &csr, csr_file ) == 0 ); + res = mbedtls_x509_csr_info( buf, 2000, "", &csr ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + +exit: + mbedtls_x509_csr_free( &csr ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ +void x509_verify_info( int flags, char * prefix, char * result_str ) +{ + char buf[2000]; + int res; + + memset( buf, 0, sizeof( buf ) ); + + res = mbedtls_x509_crt_verify_info( buf, sizeof( buf ), prefix, flags ); + + TEST_ASSERT( res >= 0 ); + + TEST_ASSERT( strcmp( buf, result_str ) == 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */ +void x509_verify_restart( char *crt_file, char *ca_file, + int result, int flags_result, + int max_ops, int min_restart, int max_restart ) +{ + int ret, cnt_restart; + mbedtls_x509_crt_restart_ctx rs_ctx; + mbedtls_x509_crt crt; + mbedtls_x509_crt ca; + uint32_t flags = 0; + + /* + * See comments on ecp_test_vect_restart() for op count precision. + * + * For reference, with mbed TLS 2.6 and default settings: + * - ecdsa_verify() for P-256: ~ 6700 + * - ecdsa_verify() for P-384: ~ 18800 + * - x509_verify() for server5 -> test-ca2: ~ 18800 + * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500 + */ + + mbedtls_x509_crt_restart_init( &rs_ctx ); + mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init( &ca ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + + mbedtls_ecp_set_max_ops( max_ops ); + + cnt_restart = 0; + do { + ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, + &mbedtls_x509_crt_profile_default, NULL, &flags, + NULL, NULL, &rs_ctx ); + } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + + TEST_ASSERT( ret == result ); + TEST_ASSERT( flags == (uint32_t) flags_result ); + + TEST_ASSERT( cnt_restart >= min_restart ); + TEST_ASSERT( cnt_restart <= max_restart ); + + /* Do we leak memory when aborting? */ + ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, + &mbedtls_x509_crt_profile_default, NULL, &flags, + NULL, NULL, &rs_ctx ); + TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + +exit: + mbedtls_x509_crt_restart_free( &rs_ctx ); + mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free( &ca ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */ +void x509_verify( char *crt_file, char *ca_file, char *crl_file, + char *cn_name_str, int result, int flags_result, + char *profile_str, + char *verify_callback ) +{ + mbedtls_x509_crt crt; + mbedtls_x509_crt ca; + mbedtls_x509_crl crl; + uint32_t flags = 0; + int res; + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL; + char * cn_name = NULL; + const mbedtls_x509_crt_profile *profile; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + + mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init( &ca ); + mbedtls_x509_crl_init( &crl ); + + if( strcmp( cn_name_str, "NULL" ) != 0 ) + cn_name = cn_name_str; + + if( strcmp( profile_str, "" ) == 0 ) + profile = &mbedtls_x509_crt_profile_default; + else if( strcmp( profile_str, "next" ) == 0 ) + profile = &mbedtls_x509_crt_profile_next; + else if( strcmp( profile_str, "suite_b" ) == 0 ) + profile = &mbedtls_x509_crt_profile_suiteb; + else if( strcmp( profile_str, "compat" ) == 0 ) + profile = &compat_profile; + else + TEST_ASSERT( "Unknown algorithm profile" == 0 ); + + if( strcmp( verify_callback, "NULL" ) == 0 ) + f_vrfy = NULL; + else if( strcmp( verify_callback, "verify_none" ) == 0 ) + f_vrfy = verify_none; + else if( strcmp( verify_callback, "verify_all" ) == 0 ) + f_vrfy = verify_all; + else + TEST_ASSERT( "No known verify callback selected" == 0 ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); + + res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile, cn_name, &flags, f_vrfy, NULL ); + + TEST_ASSERT( res == ( result ) ); + TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + +exit: + mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crl_free( &crl ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void x509_verify_callback( char *crt_file, char *ca_file, char *name, + int exp_ret, char *exp_vrfy_out ) +{ + int ret; + mbedtls_x509_crt crt; + mbedtls_x509_crt ca; + uint32_t flags = 0; + verify_print_context vrfy_ctx; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + + mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init( &ca ); + verify_print_init( &vrfy_ctx ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + + if( strcmp( name, "NULL" ) == 0 ) + name = NULL; + + ret = mbedtls_x509_crt_verify_with_profile( &crt, &ca, NULL, + &compat_profile, + name, &flags, + verify_print, &vrfy_ctx ); + + TEST_ASSERT( ret == exp_ret ); + TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 ); + +exit: + mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free( &ca ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) +{ + mbedtls_x509_crt crt; + char buf[2000]; + int res = 0; + + mbedtls_x509_crt_init( &crt ); + memset( buf, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + if( strcmp( entity, "subject" ) == 0 ) + res = mbedtls_x509_dn_gets( buf, 2000, &crt.subject ); + else if( strcmp( entity, "issuer" ) == 0 ) + res = mbedtls_x509_dn_gets( buf, 2000, &crt.issuer ); + else + TEST_ASSERT( "Unknown entity" == 0 ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result ) +{ + mbedtls_x509_crt crt; + + mbedtls_x509_crt_init( &crt ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + + if( strcmp( entity, "valid_from" ) == 0 ) + TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_from ) == result ); + else if( strcmp( entity, "valid_to" ) == 0 ) + TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_to ) == result ); + else + TEST_ASSERT( "Unknown entity" == 0 ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_time_is_future( char * crt_file, char * entity, int result ) +{ + mbedtls_x509_crt crt; + + mbedtls_x509_crt_init( &crt ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + + if( strcmp( entity, "valid_from" ) == 0 ) + TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_from ) == result ); + else if( strcmp( entity, "valid_to" ) == 0 ) + TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_to ) == result ); + else + TEST_ASSERT( "Unknown entity" == 0 ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ +void x509parse_crt_file( char * crt_file, int result ) +{ + mbedtls_x509_crt crt; + + mbedtls_x509_crt_init( &crt ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == result ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ +void x509parse_crt( data_t * buf, char * result_str, int result ) +{ + mbedtls_x509_crt crt; + unsigned char output[2000]; + int res; + + mbedtls_x509_crt_init( &crt ); + memset( output, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); + if( ( result ) == 0 ) + { + res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + } + + mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_init( &crt ); + memset( output, 0, 2000 ); + + TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); + if( ( result ) == 0 ) + { + res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + } + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ +void x509parse_crl( data_t * buf, char * result_str, int result ) +{ + mbedtls_x509_crl crl; + unsigned char output[2000]; + int res; + + mbedtls_x509_crl_init( &crl ); + memset( output, 0, 2000 ); + + + TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf->x, buf->len ) == ( result ) ); + if( ( result ) == 0 ) + { + res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + } + +exit: + mbedtls_x509_crl_free( &crl ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ +void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) +{ + mbedtls_x509_csr csr; + char my_out[1000]; + int my_ret; + + mbedtls_x509_csr_init( &csr ); + memset( my_out, 0, sizeof( my_out ) ); + + my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der->x, csr_der->len ); + TEST_ASSERT( my_ret == ref_ret ); + + if( ref_ret == 0 ) + { + size_t my_out_len = mbedtls_x509_csr_info( my_out, sizeof( my_out ), "", &csr ); + TEST_ASSERT( my_out_len == strlen( ref_out ) ); + TEST_ASSERT( strcmp( my_out, ref_out ) == 0 ); + } + +exit: + mbedtls_x509_csr_free( &csr ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_crt_parse_path( char * crt_path, int ret, int nb_crt ) +{ + mbedtls_x509_crt chain, *cur; + int i; + + mbedtls_x509_crt_init( &chain ); + + TEST_ASSERT( mbedtls_x509_crt_parse_path( &chain, crt_path ) == ret ); + + /* Check how many certs we got */ + for( i = 0, cur = &chain; cur != NULL; cur = cur->next ) + if( cur->raw.p != NULL ) + i++; + + TEST_ASSERT( i == nb_crt ); + +exit: + mbedtls_x509_crt_free( &chain ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, + int ret_chk, int flags_chk ) +{ + char file_buf[128]; + int ret; + uint32_t flags; + mbedtls_x509_crt trusted, chain; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + + /* + * We expect chain_dir to contain certificates 00.crt, 01.crt, etc. + * with NN.crt signed by NN-1.crt + */ + + mbedtls_x509_crt_init( &trusted ); + mbedtls_x509_crt_init( &chain ); + + /* Load trusted root */ + TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 ); + + /* Load a chain with nb_int intermediates (from 01 to nb_int), + * plus one "end-entity" cert (nb_int + 1) */ + ret = mbedtls_snprintf( file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir, + nb_int + 1 ); + TEST_ASSERT( ret > 0 && (size_t) ret < sizeof file_buf ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 ); + + /* Try to verify that chain */ + ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, + NULL, NULL ); + TEST_ASSERT( ret == ret_chk ); + TEST_ASSERT( flags == (uint32_t) flags_chk ); + +exit: + mbedtls_x509_crt_free( &chain ); + mbedtls_x509_crt_free( &trusted ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, + int flags_result, int result, + char *profile_name, int vrfy_fatal_lvls ) +{ + char* act; + uint32_t flags; + int res; + mbedtls_x509_crt trusted, chain; + const mbedtls_x509_crt_profile *profile = NULL; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT( psa_crypto_init() == 0 ); +#endif + + mbedtls_x509_crt_init( &chain ); + mbedtls_x509_crt_init( &trusted ); + + while( ( act = mystrsep( &chain_paths, " " ) ) != NULL ) + TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 ); + TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 ); + + if( strcmp( profile_name, "" ) == 0 ) + profile = &mbedtls_x509_crt_profile_default; + else if( strcmp( profile_name, "next" ) == 0 ) + profile = &mbedtls_x509_crt_profile_next; + else if( strcmp( profile_name, "suiteb" ) == 0 ) + profile = &mbedtls_x509_crt_profile_suiteb; + else if( strcmp( profile_name, "rsa3072" ) == 0 ) + profile = &profile_rsa3072; + else if( strcmp( profile_name, "sha512" ) == 0 ) + profile = &profile_sha512; + + res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile, + NULL, &flags, verify_fatal, &vrfy_fatal_lvls ); + + TEST_ASSERT( res == ( result ) ); + TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + +exit: + mbedtls_x509_crt_free( &trusted ); + mbedtls_x509_crt_free( &chain ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ +void x509_oid_desc( data_t * buf, char * ref_desc ) +{ + mbedtls_x509_buf oid; + const char *desc = NULL; + int ret; + + + oid.tag = MBEDTLS_ASN1_OID; + oid.p = buf->x; + oid.len = buf->len; + + ret = mbedtls_oid_get_extended_key_usage( &oid, &desc ); + + if( strcmp( ref_desc, "notfound" ) == 0 ) + { + TEST_ASSERT( ret != 0 ); + TEST_ASSERT( desc == NULL ); + } + else + { + TEST_ASSERT( ret == 0 ); + TEST_ASSERT( desc != NULL ); + TEST_ASSERT( strcmp( desc, ref_desc ) == 0 ); + } +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ +void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret ) +{ + mbedtls_x509_buf oid; + char num_buf[100]; + + memset( num_buf, 0x2a, sizeof num_buf ); + + oid.tag = MBEDTLS_ASN1_OID; + oid.p = oid_buf->x; + oid.len = oid_buf->len; + + TEST_ASSERT( (size_t) blen <= sizeof num_buf ); + + TEST_ASSERT( mbedtls_oid_get_numeric_string( num_buf, blen, &oid ) == ret ); + + if( ret >= 0 ) + { + TEST_ASSERT( num_buf[ret] == 0 ); + TEST_ASSERT( strcmp( num_buf, numstr ) == 0 ); + } +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */ +void x509_check_key_usage( char * crt_file, int usage, int ret ) +{ + mbedtls_x509_crt crt; + + mbedtls_x509_crt_init( &crt ); + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + + TEST_ASSERT( mbedtls_x509_crt_check_key_usage( &crt, usage ) == ret ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret + ) +{ + mbedtls_x509_crt crt; + + mbedtls_x509_crt_init( &crt ); + + + TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + + TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, (const char *)oid->x, oid->len ) == ret ); + +exit: + mbedtls_x509_crt_free( &crt ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ +void x509_get_time( int tag, char * time_str, int ret, int year, int mon, + int day, int hour, int min, int sec ) +{ + mbedtls_x509_time time; + unsigned char buf[21]; + unsigned char* start = buf; + unsigned char* end = buf; + + memset( &time, 0x00, sizeof( time ) ); + *end = (unsigned char)tag; end++; + *end = strlen( time_str ); + TEST_ASSERT( *end < 20 ); + end++; + memcpy( end, time_str, (size_t)*(end - 1) ); + end += *(end - 1); + + TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret ); + if( ret == 0 ) + { + TEST_ASSERT( year == time.year ); + TEST_ASSERT( mon == time.mon ); + TEST_ASSERT( day == time.day ); + TEST_ASSERT( hour == time.hour ); + TEST_ASSERT( min == time.min ); + TEST_ASSERT( sec == time.sec ); + } +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +void x509_parse_rsassa_pss_params( data_t * hex_params, int params_tag, + int ref_msg_md, int ref_mgf_md, + int ref_salt_len, int ref_ret ) +{ + int my_ret; + mbedtls_x509_buf params; + mbedtls_md_type_t my_msg_md, my_mgf_md; + int my_salt_len; + + params.p = hex_params->x; + params.len = hex_params->len; + params.tag = params_tag; + + my_ret = mbedtls_x509_get_rsassa_pss_params( ¶ms, &my_msg_md, &my_mgf_md, + &my_salt_len ); + + TEST_ASSERT( my_ret == ref_ret ); + + if( ref_ret == 0 ) + { + TEST_ASSERT( my_msg_md == (mbedtls_md_type_t) ref_msg_md ); + TEST_ASSERT( my_mgf_md == (mbedtls_md_type_t) ref_mgf_md ); + TEST_ASSERT( my_salt_len == ref_salt_len ); + } + +exit: + ;; +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */ +void x509_selftest( ) +{ + TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 ); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data new file mode 100644 index 000000000..54d72701e --- /dev/null +++ b/tests/suites/test_suite_x509write.data @@ -0,0 +1,105 @@ +Certificate Request check Server1 SHA1 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0 + +Certificate Request check Server1 SHA224 +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0 + +Certificate Request check Server1 SHA256 +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0 + +Certificate Request check Server1 SHA384 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0 + +Certificate Request check Server1 SHA512 +depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0 + +Certificate Request check Server1 MD4 +depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0 + +Certificate Request check Server1 MD5 +depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0 + +Certificate Request check Server1 key_usage +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0 + +Certificate Request check Server1 key_usage empty +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0 + +Certificate Request check Server1 ns_cert_type +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 + +Certificate Request check Server1 ns_cert_type empty +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1 + +Certificate Request check Server1 key_usage + ns_cert_type +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 + +Certificate Request check Server5 ECDSA, key_usage +depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED +x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0 + +Certificate Request check opaque Server5 ECDSA, key_usage +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 + +Certificate write check Server1 SHA1 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0 + +Certificate write check Server1 SHA1, key_usage +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0 + +Certificate write check Server1 SHA1, ns_cert_type +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0 + +Certificate write check Server1 SHA1, version 1 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0 + +Certificate write check Server1 SHA1, RSA_ALT +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1 + +Certificate write check Server1 SHA1, RSA_ALT, key_usage +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1 + +Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1 + +Certificate write check Server1 SHA1, RSA_ALT, version 1 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1 + +X509 String to Names #1 +mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0 + +X509 String to Names #2 +mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID + +X509 String to Names #3 (Name precisely 255 bytes) +mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0 + +X509 String to Names #4 (Name larger than 255 bytes) +mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #5 (Escape non-allowed characters) +mbedtls_x509_string_to_names:"C=NL, O=Offspark\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #6 (Escape at end) +mbedtls_x509_string_to_names:"C=NL, O=Offspark\":"":MBEDTLS_ERR_X509_INVALID_NAME diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function new file mode 100644 index 000000000..e15802ff1 --- /dev/null +++ b/tests/suites/test_suite_x509write.function @@ -0,0 +1,338 @@ +/* BEGIN_HEADER */ +#include "mbedtls/bignum.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_csr.h" +#include "mbedtls/pem.h" +#include "mbedtls/oid.h" +#include "mbedtls/rsa.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#endif + + +#if defined(MBEDTLS_RSA_C) +int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len ) +{ + return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, + input, output, output_max_len ) ); +} +int mbedtls_rsa_sign_func( void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig ) +{ + return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, + md_alg, hashlen, hash, sig ) ); +} +size_t mbedtls_rsa_key_len_func( void *ctx ) +{ + return( ((const mbedtls_rsa_context *) ctx)->len ); +} +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen ) +{ + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; + mbedtls_x509_csr csr; + + if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + md_info = mbedtls_md_info_from_type( csr.sig_md ); + if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) + { + /* Note: this can't happen except after an internal error */ + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + } + + if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, + csr.sig_md, hash, mbedtls_md_get_size( md_info ), + csr.sig.p, csr.sig.len ) != 0 ) + { + return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); + } + + return( 0 ); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ +void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, + int key_usage, int set_key_usage, int cert_type, + int set_cert_type ) +{ + mbedtls_pk_context key; + mbedtls_x509write_csr req; + unsigned char buf[4096]; + unsigned char check_buf[4000]; + int ret; + size_t olen = 0, pem_len = 0; + int der_len = -1; + FILE *f; + const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; + rnd_pseudo_info rnd_info; + + memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); + + mbedtls_pk_init( &key ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + + mbedtls_x509write_csr_init( &req ); + mbedtls_x509write_csr_set_md_alg( &req, md_type ); + mbedtls_x509write_csr_set_key( &req, &key ); + TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); + if( set_key_usage != 0 ) + TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); + if( set_cert_type != 0 ) + TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); + + ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( ret == 0 ); + + pem_len = strlen( (char *) buf ); + + f = fopen( cert_req_check_file, "r" ); + TEST_ASSERT( f != NULL ); + olen = fread( check_buf, 1, sizeof( check_buf ), f ); + fclose( f ); + + TEST_ASSERT( olen >= pem_len - 1 ); + TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); + + der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( der_len >= 0 ); + + if( der_len == 0 ) + goto exit; + + ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + +exit: + mbedtls_x509write_csr_free( &req ); + mbedtls_pk_free( &key ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ +void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, + int cert_type ) +{ + mbedtls_pk_context key; + psa_key_handle_t slot; + psa_algorithm_t md_alg_psa; + mbedtls_x509write_csr req; + unsigned char buf[4096]; + int ret; + size_t pem_len = 0; + const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; + rnd_pseudo_info rnd_info; + + psa_crypto_init(); + memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); + + md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type ); + TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); + + mbedtls_pk_init( &key ); + TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 ); + + mbedtls_x509write_csr_init( &req ); + mbedtls_x509write_csr_set_md_alg( &req, md_type ); + mbedtls_x509write_csr_set_key( &req, &key ); + TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); + if( key_usage != 0 ) + TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); + if( cert_type != 0 ) + TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); + + ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1, + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( ret == 0 ); + + pem_len = strlen( (char *) buf ); + buf[pem_len] = '\0'; + TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 ); + +exit: + mbedtls_x509write_csr_free( &req ); + mbedtls_pk_free( &key ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ +void x509_crt_check( char *subject_key_file, char *subject_pwd, + char *subject_name, char *issuer_key_file, + char *issuer_pwd, char *issuer_name, + char *serial_str, char *not_before, char *not_after, + int md_type, int key_usage, int set_key_usage, + int cert_type, int set_cert_type, int auth_ident, + int ver, char *cert_check_file, int rsa_alt ) +{ + mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; + mbedtls_pk_context *key = &issuer_key; + + mbedtls_x509write_cert crt; + unsigned char buf[4096]; + unsigned char check_buf[5000]; + mbedtls_mpi serial; + int ret; + size_t olen = 0, pem_len = 0; + int der_len = -1; + FILE *f; + rnd_pseudo_info rnd_info; + + memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); + mbedtls_mpi_init( &serial ); + + mbedtls_pk_init( &subject_key ); + mbedtls_pk_init( &issuer_key ); + mbedtls_pk_init( &issuer_key_alt ); + + mbedtls_x509write_crt_init( &crt ); + + TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file, + subject_pwd ) == 0 ); + + TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file, + issuer_pwd ) == 0 ); + +#if defined(MBEDTLS_RSA_C) + /* For RSA PK contexts, create a copy as an alternative RSA context. */ + if( rsa_alt == 1 && mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA ) + { + TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt, + mbedtls_pk_rsa( issuer_key ), + mbedtls_rsa_decrypt_func, + mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func ) == 0 ); + + key = &issuer_key_alt; + } +#else + (void) rsa_alt; +#endif + + TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 ); + + if( ver != -1 ) + mbedtls_x509write_crt_set_version( &crt, ver ); + + TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 ); + TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before, + not_after ) == 0 ); + mbedtls_x509write_crt_set_md_alg( &crt, md_type ); + TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 ); + TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 ); + mbedtls_x509write_crt_set_subject_key( &crt, &subject_key ); + + mbedtls_x509write_crt_set_issuer_key( &crt, key ); + + if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 ) + { + TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 ); + TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 ); + if( auth_ident ) + TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 ); + if( set_key_usage != 0 ) + TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 ); + if( set_cert_type != 0 ) + TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 ); + } + + ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( ret == 0 ); + + pem_len = strlen( (char *) buf ); + + f = fopen( cert_check_file, "r" ); + TEST_ASSERT( f != NULL ); + olen = fread( check_buf, 1, sizeof( check_buf ), f ); + fclose( f ); + TEST_ASSERT( olen < sizeof( check_buf ) ); + + TEST_ASSERT( olen >= pem_len - 1 ); + TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); + + der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( der_len >= 0 ); + + if( der_len == 0 ) + goto exit; + + ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ), + rnd_pseudo_rand, &rnd_info ); + TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + +exit: + mbedtls_x509write_crt_free( &crt ); + mbedtls_pk_free( &issuer_key_alt ); + mbedtls_pk_free( &subject_key ); + mbedtls_pk_free( &issuer_key ); + mbedtls_mpi_free( &serial ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ +void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result + ) +{ + int ret; + size_t len = 0; + mbedtls_asn1_named_data *names = NULL; + mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; + unsigned char buf[1024], out[1024], *c; + + memset( &parsed, 0, sizeof( parsed ) ); + memset( out, 0, sizeof( out ) ); + memset( buf, 0, sizeof( buf ) ); + c = buf + sizeof( buf ); + + ret = mbedtls_x509_string_to_names( &names, name ); + TEST_ASSERT( ret == result ); + + if( ret != 0 ) + goto exit; + + ret = mbedtls_x509_write_names( &c, buf, names ); + TEST_ASSERT( ret > 0 ); + + TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 ); + TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 ); + + ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed ); + TEST_ASSERT( ret > 0 ); + + TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 ); + +exit: + mbedtls_asn1_free_named_data_list( &names ); + + parsed_cur = parsed.next; + while( parsed_cur != 0 ) + { + parsed_prv = parsed_cur; + parsed_cur = parsed_cur->next; + mbedtls_free( parsed_prv ); + } +} +/* END_CASE */ From 920b77524d1e83fb6bf6c4ea3e5316809fee27a6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:49:58 +0100 Subject: [PATCH 2185/2197] Revert "recursion.pl: Don't depend on X.509" This reverts commit e23737c618e93c99143bbe8343f3df4c4888ddc8. --- tests/scripts/recursion.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/recursion.pl b/tests/scripts/recursion.pl index 0c405813c..431e59211 100755 --- a/tests/scripts/recursion.pl +++ b/tests/scripts/recursion.pl @@ -16,7 +16,8 @@ use open qw(:std utf8); # exclude functions that are ok: # - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant -my $known_ok = qr/mpi_write_hlp/; +# - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA +my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/; my $cur_name; my $inside; From 9e277f44086d9f41b4fb3d64ae9bf2c3123dced7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:50:00 +0100 Subject: [PATCH 2186/2197] Revert "cpp_dummy_build: Remove X.509 dependency" This reverts commit 4c1fdb51292bbe0450dee6f7e3e794fd498635ec. --- programs/test/cpp_dummy_build.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index cc0d0e11a..9cd5090a3 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -97,6 +97,10 @@ #include "mbedtls/threading.h" #include "mbedtls/timing.h" #include "mbedtls/version.h" +#include "mbedtls/x509.h" +#include "mbedtls/x509_crl.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/x509_csr.h" #include "mbedtls/xtea.h" #if defined(MBEDTLS_PLATFORM_C) From 96ddb0ab4d83d5f2fb613ed5e0ebdacb2b5c8c44 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:50:01 +0100 Subject: [PATCH 2187/2197] Revert "asn1: Remove dependency on X.509" This reverts commit d8087713aea2bf3d61bb2470a8d74409e74907fb. --- include/mbedtls/asn1.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 33b30041a..4c61b6e1c 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -66,7 +66,7 @@ * - 0x02 -- tag indicating INTEGER * - 0x01 -- length in octets * - 0x05 -- value - * Such sequences are typically read into Mbed TLS's \c mbedtls_x509_buf. + * Such sequences are typically read into \c ::mbedtls_x509_buf. * \{ */ #define MBEDTLS_ASN1_BOOLEAN 0x01 From 69e8f7ffe335e7c416a1f5e1a2892498f1fa932d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:51:43 +0100 Subject: [PATCH 2188/2197] Revert "all.sh: Remove dependency on TLS, NET, and X.509" This reverts commit 9b90f2e294970ade3e4aa94879a19470f2c052e0. Conflicts: * tests/scripts/all.sh: do the same changes, dancing around the new outcome file feature and components added in the same places. Make sure that the components that are getting added back are at the same locations as where they are now in mbedtls. --- tests/scripts/all.sh | 297 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 284 insertions(+), 13 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9a4788979..481665a14 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -38,6 +38,10 @@ # * G++ # * arm-gcc and mingw-gcc # * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc +# * OpenSSL and GnuTLS command line tools, recent enough for the +# interoperability tests. If they don't support SSLv3 then a legacy +# version of these tools must be present as well (search for LEGACY +# below). # See the invocation of check_tools below for details. # # This script must be invoked from the toplevel directory of a git @@ -113,6 +117,7 @@ pre_initialize_variables () { CONFIG_BAK="$CONFIG_H.bak" append_outcome=0 + MEMORY=0 FORCE=0 KEEP_GOING=0 @@ -122,6 +127,13 @@ pre_initialize_variables () { export MBEDTLS_TEST_PLATFORM # Default commands, can be overridden by the environment + : ${OPENSSL:="openssl"} + : ${OPENSSL_LEGACY:="$OPENSSL"} + : ${OPENSSL_NEXT:="$OPENSSL"} + : ${GNUTLS_CLI:="gnutls-cli"} + : ${GNUTLS_SERV:="gnutls-serv"} + : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} + : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} @@ -208,6 +220,13 @@ General options: Tool path options: --armc5-bin-dir= ARM Compiler 5 bin directory. --armc6-bin-dir= ARM Compiler 6 bin directory. + --gnutls-cli= GnuTLS client executable to use for most tests. + --gnutls-serv= GnuTLS server executable to use for most tests. + --gnutls-legacy-cli= GnuTLS client executable to use for legacy tests. + --gnutls-legacy-serv= GnuTLS server executable to use for legacy tests. + --openssl= OpenSSL executable to use for most tests. + --openssl-legacy= OpenSSL executable to use for legacy tests e.g. SSLv3. + --openssl-next= OpenSSL executable to use for recent things like ARIA EOF } @@ -325,28 +344,28 @@ pre_parse_command_line () { --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; --except) all_except=1;; --force|-f) FORCE=1;; - --gnutls-cli) shift;; - --gnutls-legacy-cli) shift;; - --gnutls-legacy-serv) shift;; - --gnutls-serv) shift;; + --gnutls-cli) shift; GNUTLS_CLI="$1";; + --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; + --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; + --gnutls-serv) shift; GNUTLS_SERV="$1";; --help|-h) usage; exit;; --keep-going|-k) KEEP_GOING=1;; --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; - --memory|-m) ;; + --memory|-m) MEMORY=1;; --no-append-outcome) append_outcome=0;; --no-armcc) no_armcc=1;; --no-force) FORCE=0;; --no-keep-going) KEEP_GOING=0;; - --no-memory) ;; - --openssl) shift;; - --openssl-legacy) shift;; - --openssl-next) shift;; + --no-memory) MEMORY=0;; + --openssl) shift; OPENSSL="$1";; + --openssl-legacy) shift; OPENSSL_LEGACY="$1";; + --openssl-next) shift; OPENSSL_NEXT="$1";; --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";; --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; - --random-seed) ;; - --release-test|-r) ;; - --seed|-s) shift;; + --random-seed) unset SEED;; + --release-test|-r) SEED=1;; + --seed|-s) shift; SEED="$1";; -*) echo >&2 "Unknown option: $1" echo >&2 "Run $0 --help for usage." @@ -482,8 +501,17 @@ pre_prepare_outcome_file () { pre_print_configuration () { msg "info: $0 configuration" + echo "MEMORY: $MEMORY" echo "FORCE: $FORCE" echo "MBEDTLS_TEST_OUTCOME_FILE: ${MBEDTLS_TEST_OUTCOME_FILE:-(none)}" + echo "SEED: ${SEED-"UNSET"}" + echo "OPENSSL: $OPENSSL" + echo "OPENSSL_LEGACY: $OPENSSL_LEGACY" + echo "OPENSSL_NEXT: $OPENSSL_NEXT" + echo "GNUTLS_CLI: $GNUTLS_CLI" + echo "GNUTLS_SERV: $GNUTLS_SERV" + echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" + echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" } @@ -493,6 +521,30 @@ pre_check_tools () { # Build the list of variables to pass to output_env.sh. set env + case " $RUN_COMPONENTS " in + # Require OpenSSL and GnuTLS if running any tests (as opposed to + # only doing builds). Not all tests run OpenSSL and GnuTLS, but this + # is a good enough approximation in practice. + *" test_"*) + # To avoid setting OpenSSL and GnuTLS for each call to compat.sh + # and ssl-opt.sh, we just export the variables they require. + export OPENSSL_CMD="$OPENSSL" + export GNUTLS_CLI="$GNUTLS_CLI" + export GNUTLS_SERV="$GNUTLS_SERV" + # Avoid passing --seed flag in every call to ssl-opt.sh + if [ -n "${SEED-}" ]; then + export SEED + fi + set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" + set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" + set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" + set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" + check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ + "$GNUTLS_CLI" "$GNUTLS_SERV" \ + "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" + ;; + esac + case " $RUN_COMPONENTS " in *_doxygen[_\ ]*) check_tools "doxygen" "dot";; esac @@ -608,6 +660,12 @@ component_test_default_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s make test + + msg "test: ssl-opt.sh (ASan build)" # ~ 1 min + if_build_succeeded tests/ssl-opt.sh + + msg "test: compat.sh (ASan build)" # ~ 6 min + if_build_succeeded tests/compat.sh } component_test_full_cmake_gcc_asan () { @@ -639,6 +697,36 @@ component_test_no_pem_no_fs () { make test } +component_test_sslv3 () { + msg "build: Default + SSLv3 (ASan build)" # ~ 6 min + scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s + make test + + msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min + if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' + if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' + + msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min + if_build_succeeded tests/ssl-opt.sh +} + +component_test_no_renegotiation () { + msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min + scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s + make test + + msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min + if_build_succeeded tests/ssl-opt.sh +} + component_test_rsa_no_crt () { msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_RSA_NO_CRT @@ -647,6 +735,54 @@ component_test_rsa_no_crt () { msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s make test + + msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s + if_build_succeeded tests/ssl-opt.sh -f RSA + + msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min + if_build_succeeded tests/compat.sh -t RSA +} + +component_test_small_ssl_out_content_len () { + msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" + scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 + scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests" + if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet" +} + +component_test_small_ssl_in_content_len () { + msg "build: small SSL_IN_CONTENT_LEN (ASan build)" + scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096 + scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests" + if_build_succeeded tests/ssl-opt.sh -f "Max fragment" +} + +component_test_small_ssl_dtls_max_buffering () { + msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" + scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test" + if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" +} + +component_test_small_mbedtls_ssl_dtls_max_buffering () { + msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" + scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test" + if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" } component_test_new_ecdh_context () { @@ -690,6 +826,15 @@ component_test_full_cmake_clang () { msg "test: psa_constant_names (full config, clang)" # ~ 1s record_status tests/scripts/test_psa_constant_names.py + + msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s + if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' + + msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min + if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' + + msg "test: compat.sh ARIA + ChachaPoly" + if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_test_full_make_gcc_o0 () { @@ -738,6 +883,11 @@ component_test_depends_pkalgs () { record_status tests/scripts/depends-pkalgs.pl } +component_build_key_exchanges () { + msg "test/build: key-exchanges (gcc)" # ~ 1 min + record_status tests/scripts/key-exchanges.pl +} + component_build_default_make_gcc_and_cxx () { msg "build: Unix make, -Os (gcc)" # ~ 30s make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' @@ -763,6 +913,21 @@ component_test_no_use_psa_crypto_full_cmake_asan() { msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)" make test + + msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)" + if_build_succeeded tests/ssl-opt.sh + + msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)" + if_build_succeeded tests/compat.sh + + msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)" + if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' + + msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)" + if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' + + msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)" + if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_test_check_params_functionality () { @@ -832,6 +997,30 @@ component_build_no_std_function () { make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' } +component_build_no_ssl_srv () { + msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_SSL_SRV_C + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' +} + +component_build_no_ssl_cli () { + msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_SSL_CLI_C + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' +} + +component_build_no_sockets () { + # Note, C99 compliance can also be tested with the sockets support disabled, + # as that requires a POSIX platform (which isn't the same as C99). + msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. + scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib +} + component_test_memory_buffer_allocator_backtrace () { msg "build: default config with memory buffer allocator and backtrace enabled" scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C @@ -856,6 +1045,45 @@ component_test_memory_buffer_allocator () { make test } +component_test_no_max_fragment_length () { + # Run max fragment length tests with MFL disabled + msg "build: default config except MFL extension (ASan build)" # ~ 30s + scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: ssl-opt.sh, MFL-related tests" + if_build_succeeded tests/ssl-opt.sh -f "Max fragment length" +} + +component_test_asan_remove_peer_certificate () { + msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)" + scripts/config.pl unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" + make test + + msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" + if_build_succeeded tests/ssl-opt.sh + + msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" + if_build_succeeded tests/compat.sh +} + +component_test_no_max_fragment_length_small_ssl_out_content_len () { + msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)" + scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 + scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: MFL tests (disabled MFL extension case) & large packet tests" + if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer" +} + component_test_null_entropy () { msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY @@ -1173,6 +1401,15 @@ component_build_armcc () { armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" } +component_test_allow_sha1 () { + msg "build: allow SHA1 in certificates by default" + scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + make CFLAGS='-Werror -Wall -Wextra' + msg "test: allow SHA1 in certificates by default" + make test + if_build_succeeded tests/ssl-opt.sh -f SHA-1 +} + component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs @@ -1201,6 +1438,16 @@ component_test_memsan () { msg "test: main suites (MSan)" # ~ 10s make test + + msg "test: ssl-opt.sh (MSan)" # ~ 1 min + if_build_succeeded tests/ssl-opt.sh + + # Optional part(s) + + if [ "$MEMORY" -gt 0 ]; then + msg "test: compat.sh (MSan)" # ~ 6 min 20s + if_build_succeeded tests/compat.sh + fi } component_test_valgrind () { @@ -1210,6 +1457,20 @@ component_test_valgrind () { msg "test: main suites valgrind (Release)" make memcheck + + # Optional part(s) + # Currently broken, programs don't seem to receive signals + # under valgrind on OS X + + if [ "$MEMORY" -gt 0 ]; then + msg "test: ssl-opt.sh --memcheck (Release)" + if_build_succeeded tests/ssl-opt.sh --memcheck + fi + + if [ "$MEMORY" -gt 1 ]; then + msg "test: compat.sh --memcheck (Release)" + if_build_succeeded tests/compat.sh --memcheck + fi } component_test_cmake_out_of_source () { @@ -1222,7 +1483,17 @@ component_test_cmake_out_of_source () { msg "test: cmake 'out-of-source' build" make test - + # Test an SSL option that requires an auxiliary script in test/scripts/. + # Also ensure that there are no error messages such as + # "No such file or directory", which would indicate that some required + # file is missing (ssl-opt.sh tolerates the absence of some files so + # may exit with status 0 but emit errors). + if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err + if [ -s ssl-opt.err ]; then + cat ssl-opt.err >&2 + record_status [ ! -s ssl-opt.err ] + rm ssl-opt.err + fi cd "$MBEDTLS_ROOT_DIR" rm -rf "$OUT_OF_SOURCE_DIR" unset MBEDTLS_ROOT_DIR From d40f0070ec306f4f432d5bfb21686142ad359703 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:52:04 +0100 Subject: [PATCH 2189/2197] Revert "dhm: Remove dependency on TLS" This reverts commit ed16ca7b63a13358d62f1ad6882ec60fd92158e3. --- include/mbedtls/dhm.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index f9561daf2..9890e0ce5 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -350,10 +350,11 @@ int mbedtls_dhm_self_test( int verbose ); #endif /** - * RFC 3526, RFC 5114 and RFC 7919 standardize a number of Diffie-Hellman - * groups, some of which are included here for use by Mbed TLS's SSL/TLS module - * and the user's convenience when configuring the Diffie-Hellman parameters by - * hand through Mbed TLS's \c mbedtls_ssl_conf_dh_param. + * RFC 3526, RFC 5114 and RFC 7919 standardize a number of + * Diffie-Hellman groups, some of which are included here + * for use within the SSL/TLS module and the user's convenience + * when configuring the Diffie-Hellman parameters by hand + * through \c mbedtls_ssl_conf_dh_param. * * The following lists the source of the above groups in the standards: * - RFC 5114 section 2.2: 2048-bit MODP Group with 224-bit Prime Order Subgroup From 1174db5bac1e4ca0298d6b835e3877490271f777 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:52:06 +0100 Subject: [PATCH 2190/2197] Revert "ecp: Remove dependency on TLS and X.509" This reverts commit de0a41b716ae4d9e938236771d49a880480eb66e. --- configs/config-psa-crypto.h | 10 +++++----- include/mbedtls/config.h | 10 +++++----- include/mbedtls/ecp.h | 24 ++++++++++++------------ library/ecp.c | 2 +- 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index f007ceec3..f42ada692 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -726,11 +726,11 @@ * Enable "non-blocking" ECC operations that can return early and be resumed. * * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in Mbed TLS's SSL module, - * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in order - * to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum number - * of ECC operations a function may perform before pausing; see + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in + * order to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum + * number of ECC operations a function may perform before pausing; see * mbedtls_ecp_set_max_ops() for more information. * * This is useful in non-threaded environments if you want to avoid blocking diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 617e9137c..b0da06a30 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -787,11 +787,11 @@ * Enable "non-blocking" ECC operations that can return early and be resumed. * * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in Mbed TLS's SSL module, - * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in order - * to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum number - * of ECC operations a function may perform before pausing; see + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in + * order to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum + * number of ECC operations a function may perform before pausing; see * mbedtls_ecp_set_max_ops() for more information. * * This is useful in non-threaded environments if you want to avoid blocking diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index d04cc49b6..4c05b4fd0 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -375,19 +375,19 @@ mbedtls_ecp_keypair; * same; they must not be used until the function finally * returns 0. * - * This only applies to functions whose documentation mentions - * they may return #MBEDTLS_ERR_ECP_IN_PROGRESS (or - * `MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS` for functions in the - * Mbed TLS SSL module). For functions that accept a "restart - * context" argument, passing NULL disables restart and makes - * the function equivalent to the function with the same name + * This only applies to functions whose documentation + * mentions they may return #MBEDTLS_ERR_ECP_IN_PROGRESS (or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS for functions in the + * SSL module). For functions that accept a "restart context" + * argument, passing NULL disables restart and makes the + * function equivalent to the function with the same name * with \c _restartable removed. For functions in the ECDH - * module, restart is disabled unless the function accepts an - * "ECDH context" argument and mbedtls_ecdh_enable_restart() - * was previously called on that context. For function in the - * Mbed TLS SSL module, restart is only enabled for specific - * sides and key exchanges (currently only for clients and - * ECDHE-ECDSA). + * module, restart is disabled unless the function accepts + * an "ECDH context" argument and + * mbedtls_ecdh_enable_restart() was previously called on + * that context. For function in the SSL module, restart is + * only enabled for specific sides and key exchanges + * (currently only for clients and ECDHE-ECDSA). * * \param max_ops Maximum number of basic operations done in a row. * Default: 0 (unlimited). diff --git a/library/ecp.c b/library/ecp.c index e156fcbe2..ee0a460ab 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -374,7 +374,7 @@ int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, * Curves are listed in order: largest curves first, and for a given size, * fastest curves first. This provides the default order for the SSL module. * - * Reminder: update profiles in Mbed TLS's x509_crt.c when adding new curves! + * Reminder: update profiles in x509_crt.c when adding a new curves! */ static const mbedtls_ecp_curve_info ecp_supported_curves[] = { From 3a67150bf290f637e0daadbbdac24cadd7745024 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:52:06 +0100 Subject: [PATCH 2191/2197] Revert "md: Remove dependency on X.509" This reverts commit ebbc5f7940e5271d3cdd31818119d558ba040155. --- library/md.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/md.c b/library/md.c index e235bc8da..b56c2ddfe 100644 --- a/library/md.c +++ b/library/md.c @@ -138,7 +138,7 @@ const mbedtls_md_info_t mbedtls_sha512_info = { #endif /* - * Reminder: update profiles in Mbed TLS's x509_crt.c when adding a new hash! + * Reminder: update profiles in x509_crt.c when adding a new hash! */ static const int supported_digests[] = { From 169087482f8fb06275eecbb225c4d0350a4392b7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:52:07 +0100 Subject: [PATCH 2192/2197] Revert "pkey: Remove dependency on X.509" This reverts commit bf564c77fa97e67ac577d28258918ba29cde6af3. --- programs/pkey/key_app.c | 2 +- programs/pkey/rsa_genkey.c | 1 + programs/pkey/rsa_sign_pss.c | 2 +- programs/pkey/rsa_verify_pss.c | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 19dcdfe49..793930991 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -40,7 +40,7 @@ defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/error.h" #include "mbedtls/rsa.h" -#include "mbedtls/pk.h" +#include "mbedtls/x509.h" #include #endif diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index f2b7b5078..4e42e70b4 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -42,6 +42,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/bignum.h" +#include "mbedtls/x509.h" #include "mbedtls/rsa.h" #include diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 5019f28f5..42209e27c 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -55,7 +55,7 @@ int main( void ) #include "mbedtls/ctr_drbg.h" #include "mbedtls/md.h" #include "mbedtls/rsa.h" -#include "mbedtls/pk.h" +#include "mbedtls/x509.h" #include #include diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index de28337c8..148cd5110 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -55,6 +55,7 @@ int main( void ) #include "mbedtls/pem.h" #include "mbedtls/pk.h" #include "mbedtls/md.h" +#include "mbedtls/x509.h" #include #include From 1bc9c135b30a23286cc07abcbb74d1a76bcef221 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:52:08 +0100 Subject: [PATCH 2193/2197] Revert "selftest: Remove X.509 selftest" This reverts commit 47a3635fc7107c7d838816475c6c816d9b47f047. --- programs/test/selftest.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index bde1163c6..bd28e9a36 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -51,6 +51,7 @@ #include "mbedtls/base64.h" #include "mbedtls/bignum.h" #include "mbedtls/rsa.h" +#include "mbedtls/x509.h" #include "mbedtls/xtea.h" #include "mbedtls/pkcs5.h" #include "mbedtls/ecp.h" @@ -316,6 +317,9 @@ const selftest_t selftests[] = #if defined(MBEDTLS_RSA_C) {"rsa", mbedtls_rsa_self_test}, #endif +#if defined(MBEDTLS_X509_USE_C) + {"x509", mbedtls_x509_self_test}, +#endif #if defined(MBEDTLS_XTEA_C) {"xtea", mbedtls_xtea_self_test}, #endif From f66346eaf89a2ebd12f74e8eeb97cf901981ed43 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 26 Feb 2020 19:52:43 +0100 Subject: [PATCH 2194/2197] Revert "Remove Diffie-Hellman examples" This reverts commit bea98b458136029c2585037c74c114ddc5af896e. Conflicts: * programs/Makefile: * APPS: the layout of the definition has changed. re-add dh_client and dh_server appropriately. Run scripts/generate_visualc_files.pl to account for the added programs. --- programs/.gitignore | 2 + programs/Makefile | 10 + programs/README.md | 2 + programs/pkey/CMakeLists.txt | 8 +- programs/pkey/dh_client.c | 325 +++++++++++++++++++++++++++++ programs/pkey/dh_server.c | 348 +++++++++++++++++++++++++++++++ visualc/VS2010/dh_client.vcxproj | 177 ++++++++++++++++ visualc/VS2010/dh_server.vcxproj | 177 ++++++++++++++++ visualc/VS2010/mbedTLS.sln | 26 +++ 9 files changed, 1074 insertions(+), 1 deletion(-) create mode 100644 programs/pkey/dh_client.c create mode 100644 programs/pkey/dh_server.c create mode 100644 visualc/VS2010/dh_client.vcxproj create mode 100644 visualc/VS2010/dh_server.vcxproj diff --git a/programs/.gitignore b/programs/.gitignore index 30489bed0..d19162de1 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -9,7 +9,9 @@ hash/hello hash/md5sum hash/sha1sum hash/sha2sum +pkey/dh_client pkey/dh_genprime +pkey/dh_server pkey/ecdsa pkey/ecdh_curve25519 pkey/gen_key diff --git a/programs/Makefile b/programs/Makefile index feec28841..6304aee0e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -55,7 +55,9 @@ APPS = \ aes/crypt_and_hash$(EXEXT) \ hash/hello$(EXEXT) \ hash/generic_sum$(EXEXT) \ + pkey/dh_client$(EXEXT) \ pkey/dh_genprime$(EXEXT) \ + pkey/dh_server$(EXEXT) \ pkey/ecdh_curve25519$(EXEXT) \ pkey/ecdsa$(EXEXT) \ pkey/gen_key$(EXEXT) \ @@ -147,10 +149,18 @@ hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP) echo " CC hash/generic_sum.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP) + echo " CC pkey/dh_client.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP) echo " CC pkey/dh_genprime.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP) + echo " CC pkey/dh_server.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP) echo " CC pkey/ecdh_curve25519.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index 44edd617a..d26349d0f 100644 --- a/programs/README.md +++ b/programs/README.md @@ -44,6 +44,8 @@ This subdirectory mostly contains sample programs that illustrate specific featu ### Diffie-Hellman key exchange examples +* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key. + * [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement. ### Bignum (`mpi`) usage examples diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt index 944a100a2..5a37a4212 100644 --- a/programs/pkey/CMakeLists.txt +++ b/programs/pkey/CMakeLists.txt @@ -1,6 +1,12 @@ +add_executable(dh_client dh_client.c) +target_link_libraries(dh_client mbedtls) + add_executable(dh_genprime dh_genprime.c) target_link_libraries(dh_genprime mbedtls) +add_executable(dh_server dh_server.c) +target_link_libraries(dh_server mbedtls) + add_executable(ecdh_curve25519 ecdh_curve25519.c) target_link_libraries(ecdh_curve25519 mbedtls) @@ -52,6 +58,6 @@ target_link_libraries(pk_encrypt mbedtls) add_executable(pk_decrypt pk_decrypt.c) target_link_libraries(pk_decrypt mbedtls) -install(TARGETS dh_genprime key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key +install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c new file mode 100644 index 000000000..1dce31aa7 --- /dev/null +++ b/programs/pkey/dh_client.c @@ -0,0 +1,325 @@ +/* + * Diffie-Hellman-Merkle key exchange (client side) + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_time_t time_t +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ + defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ + defined(MBEDTLS_SHA1_C) +#include "mbedtls/net_sockets.h" +#include "mbedtls/aes.h" +#include "mbedtls/dhm.h" +#include "mbedtls/rsa.h" +#include "mbedtls/sha1.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" + +#include +#include +#endif + +#define SERVER_NAME "localhost" +#define SERVER_PORT "11999" + +#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_SHA1_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +int main( void ) +{ + FILE *f; + + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + size_t n, buflen; + mbedtls_net_context server_fd; + + unsigned char *p, *end; + unsigned char buf[2048]; + unsigned char hash[32]; + const char *pers = "dh_client"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_rsa_context rsa; + mbedtls_dhm_context dhm; + mbedtls_aes_context aes; + + mbedtls_net_init( &server_fd ); + mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); + mbedtls_dhm_init( &dhm ); + mbedtls_aes_init( &aes ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + + /* + * 1. Setup the RNG + */ + mbedtls_printf( "\n . Seeding the random number generator" ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + /* + * 2. Read the server's public RSA key + */ + mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); + fflush( stdout ); + + if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) + { + mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n" ); + goto exit; + } + + mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + + if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); + fclose( f ); + goto exit; + } + + rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + + fclose( f ); + + /* + * 3. Initiate the connection + */ + mbedtls_printf( "\n . Connecting to tcp/%s/%s", SERVER_NAME, + SERVER_PORT ); + fflush( stdout ); + + if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + goto exit; + } + + /* + * 4a. First get the buffer length + */ + mbedtls_printf( "\n . Receiving the server's DH parameters" ); + fflush( stdout ); + + memset( buf, 0, sizeof( buf ) ); + + if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + goto exit; + } + + n = buflen = ( buf[0] << 8 ) | buf[1]; + if( buflen < 1 || buflen > sizeof( buf ) ) + { + mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" ); + goto exit; + } + + /* + * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P + */ + memset( buf, 0, sizeof( buf ) ); + + if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n ) + { + mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + goto exit; + } + + p = buf, end = buf + buflen; + + if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret ); + goto exit; + } + + if( dhm.len < 64 || dhm.len > 512 ) + { + mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); + goto exit; + } + + /* + * 5. Check that the server's RSA signature matches + * the SHA-256 hash of (P,G,Ys) + */ + mbedtls_printf( "\n . Verifying the server's RSA signature" ); + fflush( stdout ); + + p += 2; + + if( ( n = (size_t) ( end - p ) ) != rsa.len ) + { + mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); + goto exit; + } + + if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); + goto exit; + } + + /* + * 6. Send our public value: Yc = G ^ Xc mod P + */ + mbedtls_printf( "\n . Sending own public value to server" ); + fflush( stdout ); + + n = dhm.len; + if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n ) + { + mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + goto exit; + } + + /* + * 7. Derive the shared secret: K = Ys ^ Xc mod P + */ + mbedtls_printf( "\n . Shared secret: " ); + fflush( stdout ); + + if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); + goto exit; + } + + for( n = 0; n < 16; n++ ) + mbedtls_printf( "%02x", buf[n] ); + + /* + * 8. Setup the AES-256 decryption key + * + * This is an overly simplified example; best practice is + * to hash the shared secret with a random value to derive + * the keying material for the encryption/decryption keys, + * IVs and MACs. + */ + mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" ); + fflush( stdout ); + + mbedtls_aes_setkey_dec( &aes, buf, 256 ); + + memset( buf, 0, sizeof( buf ) ); + + if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + goto exit; + } + + mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf ); + buf[16] = '\0'; + mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + + mbedtls_net_free( &server_fd ); + + mbedtls_aes_free( &aes ); + mbedtls_rsa_free( &rsa ); + mbedtls_dhm_free( &dhm ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && + MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && + MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c new file mode 100644 index 000000000..a797e6070 --- /dev/null +++ b/programs/pkey/dh_server.c @@ -0,0 +1,348 @@ +/* + * Diffie-Hellman-Merkle key exchange (server side) + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_printf printf +#define mbedtls_time_t time_t +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ + defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ + defined(MBEDTLS_SHA1_C) +#include "mbedtls/net_sockets.h" +#include "mbedtls/aes.h" +#include "mbedtls/dhm.h" +#include "mbedtls/rsa.h" +#include "mbedtls/sha1.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" + +#include +#include +#endif + +#define SERVER_PORT "11999" +#define PLAINTEXT "==Hello there!==" + +#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ + !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_SHA1_C) +int main( void ) +{ + mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " + "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else + +#if defined(MBEDTLS_CHECK_PARAMS) +#include "mbedtls/platform_util.h" +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ) +{ + mbedtls_printf( "%s:%i: Input param failed - %s\n", + file, line, failure_condition ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); +} +#endif + +int main( void ) +{ + FILE *f; + + int ret = 1; + int exit_code = MBEDTLS_EXIT_FAILURE; + size_t n, buflen; + mbedtls_net_context listen_fd, client_fd; + + unsigned char buf[2048]; + unsigned char hash[32]; + unsigned char buf2[2]; + const char *pers = "dh_server"; + + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_rsa_context rsa; + mbedtls_dhm_context dhm; + mbedtls_aes_context aes; + + mbedtls_mpi N, P, Q, D, E; + + mbedtls_net_init( &listen_fd ); + mbedtls_net_init( &client_fd ); + mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); + mbedtls_dhm_init( &dhm ); + mbedtls_aes_init( &aes ); + mbedtls_ctr_drbg_init( &ctr_drbg ); + + mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); + mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + + /* + * 1. Setup the RNG + */ + mbedtls_printf( "\n . Seeding the random number generator" ); + fflush( stdout ); + + mbedtls_entropy_init( &entropy ); + if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen( pers ) ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + goto exit; + } + + /* + * 2a. Read the server's private RSA key + */ + mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); + fflush( stdout ); + + if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) + { + mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n" ); + goto exit; + } + + mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + + if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || + ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret ); + fclose( f ); + goto exit; + } + fclose( f ); + + if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", + ret ); + goto exit; + } + + if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret ); + goto exit; + } + + /* + * 2b. Get the DHM modulus and generator + */ + mbedtls_printf( "\n . Reading DH parameters from dh_prime.txt" ); + fflush( stdout ); + + if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL ) + { + mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \ + " ! Please run dh_genprime first\n\n" ); + goto exit; + } + + if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 || + mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 ) + { + mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" ); + fclose( f ); + goto exit; + } + + fclose( f ); + + /* + * 3. Wait for a client to connect + */ + mbedtls_printf( "\n . Waiting for a remote connection" ); + fflush( stdout ); + + if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, + NULL, 0, NULL ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + goto exit; + } + + /* + * 4. Setup the DH parameters (P,G,Ys) + */ + mbedtls_printf( "\n . Sending the server's DH parameters" ); + fflush( stdout ); + + memset( buf, 0, sizeof( buf ) ); + + if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret ); + goto exit; + } + + /* + * 5. Sign the parameters and send them + */ + if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + goto exit; + } + + buf[n ] = (unsigned char)( rsa.len >> 8 ); + buf[n + 1] = (unsigned char)( rsa.len ); + + if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + 0, hash, buf + n + 2 ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); + goto exit; + } + + buflen = n + 2 + rsa.len; + buf2[0] = (unsigned char)( buflen >> 8 ); + buf2[1] = (unsigned char)( buflen ); + + if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 || + ( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen ) + { + mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + goto exit; + } + + /* + * 6. Get the client's public value: Yc = G ^ Xc mod P + */ + mbedtls_printf( "\n . Receiving the client's public value" ); + fflush( stdout ); + + memset( buf, 0, sizeof( buf ) ); + + n = dhm.len; + if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) + { + mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + goto exit; + } + + if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); + goto exit; + } + + /* + * 7. Derive the shared secret: K = Ys ^ Xc mod P + */ + mbedtls_printf( "\n . Shared secret: " ); + fflush( stdout ); + + if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, + mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); + goto exit; + } + + for( n = 0; n < 16; n++ ) + mbedtls_printf( "%02x", buf[n] ); + + /* + * 8. Setup the AES-256 encryption key + * + * This is an overly simplified example; best practice is + * to hash the shared secret with a random value to derive + * the keying material for the encryption/decryption keys + * and MACs. + */ + mbedtls_printf( "...\n . Encrypting and sending the ciphertext" ); + fflush( stdout ); + + mbedtls_aes_setkey_enc( &aes, buf, 256 ); + memcpy( buf, PLAINTEXT, 16 ); + mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf ); + + if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 ) + { + mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + goto exit; + } + + mbedtls_printf( "\n\n" ); + + exit_code = MBEDTLS_EXIT_SUCCESS; + +exit: + + mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); + mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + + mbedtls_net_free( &client_fd ); + mbedtls_net_free( &listen_fd ); + + mbedtls_aes_free( &aes ); + mbedtls_rsa_free( &rsa ); + mbedtls_dhm_free( &dhm ); + mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_entropy_free( &entropy ); + +#if defined(_WIN32) + mbedtls_printf( " + Press Enter to exit this program.\n" ); + fflush( stdout ); getchar(); +#endif + + return( exit_code ); +} +#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && + MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && + MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj new file mode 100644 index 000000000..37affb704 --- /dev/null +++ b/visualc/VS2010/dh_client.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE} + Win32Proj + dh_client + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj new file mode 100644 index 000000000..101227877 --- /dev/null +++ b/visualc/VS2010/dh_server.vcxproj @@ -0,0 +1,177 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + + + + + {46cf2d25-6a36-4189-b59c-e4815388e554} + true + + + + {8D91B804-E2CE-142D-8E06-FBB037ED1F65} + Win32Proj + dh_server + + + + Application + true + Unicode + + + Application + true + Unicode + + + Application + false + true + Unicode + + + Application + false + true + Unicode + + + + + + + + + + + + + + + + + + + true + $(Configuration)\$(TargetName)\ + + + true + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + false + $(Configuration)\$(TargetName)\ + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + + + Level3 + Disabled + WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + NotSet + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + Debug + + + false + + + + + Level3 + + + MaxSpeed + true + true + WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + + + + + Level3 + + + MaxSpeed + true + true + WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) + +../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib + + + Console + true + true + true + Release + %(AdditionalDependencies); + + + + + + diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 9645016d1..73102e1a9 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -23,11 +23,21 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "generic_sum", "generic_sum. {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_client", "dh_client.vcxproj", "{4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_genprime", "dh_genprime.vcxproj", "{718960D9-5DA6-7B56-39AD-637E81076C71}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_server", "dh_server.vcxproj", "{8D91B804-E2CE-142D-8E06-FBB037ED1F65}" + ProjectSection(ProjectDependencies) = postProject + {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} + EndProjectSection +EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdh_curve25519", "ecdh_curve25519.vcxproj", "{82EE497E-12CC-7C5B-A072-665678ACB43E}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -296,6 +306,14 @@ Global {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.Build.0 = Release|Win32 {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.ActiveCfg = Release|x64 {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.Build.0 = Release|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.ActiveCfg = Debug|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.Build.0 = Debug|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.ActiveCfg = Debug|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.Build.0 = Debug|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.ActiveCfg = Release|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.Build.0 = Release|Win32 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.ActiveCfg = Release|x64 + {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.Build.0 = Release|x64 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.ActiveCfg = Debug|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.Build.0 = Debug|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.ActiveCfg = Debug|x64 @@ -304,6 +322,14 @@ Global {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.Build.0 = Release|Win32 {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.ActiveCfg = Release|x64 {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.Build.0 = Release|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.ActiveCfg = Debug|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.Build.0 = Debug|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.ActiveCfg = Debug|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.Build.0 = Debug|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.ActiveCfg = Release|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.Build.0 = Release|Win32 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.ActiveCfg = Release|x64 + {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.Build.0 = Release|x64 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.ActiveCfg = Debug|Win32 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.Build.0 = Debug|Win32 {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.ActiveCfg = Debug|x64 From 7e771c767fa09f6797f6b33af048a2ba5cf5d996 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Feb 2020 17:54:07 +0100 Subject: [PATCH 2195/2197] Link test programs that only use platform functions with mbedcrypto Even if other higher-level libraries were added, these programs would only link with the crypto library, which is the one that contains platform functions. --- programs/test/CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 64ed379e7..879a539d0 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -18,18 +18,18 @@ target_link_libraries(benchmark ${libs}) if(TEST_CPP) add_executable(cpp_dummy_build cpp_dummy_build.cpp) - target_link_libraries(cpp_dummy_build ${libs}) + target_link_libraries(cpp_dummy_build mbedcrypto) endif() add_executable(udp_proxy udp_proxy.c) target_link_libraries(udp_proxy ${libs}) add_executable(zeroize zeroize.c) -target_link_libraries(zeroize ${libs}) +target_link_libraries(zeroize mbedcrypto) add_executable(query_compile_time_config query_compile_time_config.c) target_sources(query_compile_time_config PUBLIC query_config.c) -target_link_libraries(query_compile_time_config ${libs}) +target_link_libraries(query_compile_time_config mbedcrypto) install(TARGETS selftest benchmark udp_proxy query_compile_time_config DESTINATION "bin" From 3b46cd3f159a1f89b7ce5b1457cdd94589b3fae7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Feb 2020 17:56:33 +0100 Subject: [PATCH 2196/2197] Invoke config.py instead of config.pl in reverted content perl -i -pe 's/\bconfig\.pl/config.py/g' $(git grep -l -Fw config.pl -- . '#!tests/scripts/test_config_script.py') --- scripts/memory.sh | 4 +-- tests/scripts/all.sh | 62 +++++++++++++++++----------------- tests/scripts/key-exchanges.pl | 4 +-- tests/ssl-opt.sh | 8 ++--- 4 files changed, 39 insertions(+), 39 deletions(-) diff --git a/scripts/memory.sh b/scripts/memory.sh index 3dad2899c..c415f92d5 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -46,10 +46,10 @@ do_config() echo "" echo "config-$NAME:" cp configs/config-$NAME.h $CONFIG_H - scripts/config.pl unset MBEDTLS_SSL_SRV_C + scripts/config.py unset MBEDTLS_SSL_SRV_C for FLAG in $UNSET_LIST; do - scripts/config.pl unset $FLAG + scripts/config.py unset $FLAG done grep -F SSL_MAX_CONTENT_LEN $CONFIG_H || echo 'SSL_MAX_CONTENT_LEN=16384' diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 481665a14..f6861c99b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -699,7 +699,7 @@ component_test_no_pem_no_fs () { component_test_sslv3 () { msg "build: Default + SSLv3 (ASan build)" # ~ 6 min - scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3 + scripts/config.py set MBEDTLS_SSL_PROTO_SSL3 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -716,7 +716,7 @@ component_test_sslv3 () { component_test_no_renegotiation () { msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min - scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION + scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -745,8 +745,8 @@ component_test_rsa_no_crt () { component_test_small_ssl_out_content_len () { msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" - scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 - scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 + scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384 + scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -756,8 +756,8 @@ component_test_small_ssl_out_content_len () { component_test_small_ssl_in_content_len () { msg "build: small SSL_IN_CONTENT_LEN (ASan build)" - scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096 - scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 + scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096 + scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -767,7 +767,7 @@ component_test_small_ssl_in_content_len () { component_test_small_ssl_dtls_max_buffering () { msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" - scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 + scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -777,7 +777,7 @@ component_test_small_ssl_dtls_max_buffering () { component_test_small_mbedtls_ssl_dtls_max_buffering () { msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" - scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240 + scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -999,15 +999,15 @@ component_build_no_std_function () { component_build_no_ssl_srv () { msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_SSL_SRV_C + scripts/config.py full + scripts/config.py unset MBEDTLS_SSL_SRV_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' } component_build_no_ssl_cli () { msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_SSL_CLI_C + scripts/config.py full + scripts/config.py unset MBEDTLS_SSL_CLI_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' } @@ -1015,9 +1015,9 @@ component_build_no_sockets () { # Note, C99 compliance can also be tested with the sockets support disabled, # as that requires a POSIX platform (which isn't the same as C99). msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s - scripts/config.pl full - scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. - scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux + scripts/config.py full + scripts/config.py unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. + scripts/config.py set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib } @@ -1048,7 +1048,7 @@ component_test_memory_buffer_allocator () { component_test_no_max_fragment_length () { # Run max fragment length tests with MFL disabled msg "build: default config except MFL extension (ASan build)" # ~ 30s - scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1058,7 +1058,7 @@ component_test_no_max_fragment_length () { component_test_asan_remove_peer_certificate () { msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)" - scripts/config.pl unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE + scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1074,9 +1074,9 @@ component_test_asan_remove_peer_certificate () { component_test_no_max_fragment_length_small_ssl_out_content_len () { msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)" - scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 - scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 + scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384 + scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1155,9 +1155,9 @@ component_test_aes_fewer_tables_and_rom_tables () { component_test_ctr_drbg_aes_256_sha_256 () { msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl set MBEDTLS_ENTROPY_FORCE_SHA256 + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1167,9 +1167,9 @@ component_test_ctr_drbg_aes_256_sha_256 () { component_test_ctr_drbg_aes_128_sha_512 () { msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)" - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1179,10 +1179,10 @@ component_test_ctr_drbg_aes_128_sha_512 () { component_test_ctr_drbg_aes_128_sha_256 () { msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" - scripts/config.pl full - scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C - scripts/config.pl set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY - scripts/config.pl set MBEDTLS_ENTROPY_FORCE_SHA256 + scripts/config.py full + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1403,7 +1403,7 @@ component_build_armcc () { component_test_allow_sha1 () { msg "build: allow SHA1 in certificates by default" - scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + scripts/config.py set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES make CFLAGS='-Werror -Wall -Wextra' msg "test: allow SHA1 in certificates by default" make test diff --git a/tests/scripts/key-exchanges.pl b/tests/scripts/key-exchanges.pl index 3bf7ae34f..be029c7bd 100755 --- a/tests/scripts/key-exchanges.pl +++ b/tests/scripts/key-exchanges.pl @@ -47,10 +47,10 @@ for my $kex (@kexes) { print "******************************************\n"; # full config with all key exchanges disabled except one - system( "scripts/config.pl full" ) and abort "Failed config full\n"; + system( "scripts/config.py full" ) and abort "Failed config full\n"; for my $k (@kexes) { next if $k eq $kex; - system( "scripts/config.pl unset $k" ) + system( "scripts/config.py unset $k" ) and abort "Failed to disable $k\n"; } diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d952f33fd..c92c15277 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -296,9 +296,9 @@ requires_not_i686() { } # Calculate the input & output maximum content lengths set in the config -MAX_CONTENT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384") -MAX_IN_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") -MAX_OUT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") +MAX_CONTENT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384") +MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") +MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then MAX_CONTENT_LEN="$MAX_IN_LEN" @@ -2846,7 +2846,7 @@ run_test "Authentication: client no cert, ssl3" \ # default value (8) MAX_IM_CA='8' -MAX_IM_CA_CONFIG=$( ../scripts/config.pl get MBEDTLS_X509_MAX_INTERMEDIATE_CA) +MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA) if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then printf "The ${CONFIG_H} file contains a value for the configuration of\n" From 43aa905d1e0c5c3e8fbec98adc496bcd7d46b51f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Mar 2020 15:50:54 +0100 Subject: [PATCH 2197/2197] DHM functions are not part of x509 In the old days, key parsing was part of x509, but these days it's part of crypto. --- include/mbedtls/dhm.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 9890e0ce5..6dcfadd82 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -298,7 +298,6 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); #if defined(MBEDTLS_ASN1_PARSE_C) -/** \ingroup x509_module */ /** * \brief This function parses DHM parameters in PEM or DER format. * @@ -317,7 +316,6 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); #if defined(MBEDTLS_FS_IO) -/** \ingroup x509_module */ /** * \brief This function loads and parses DHM parameters from a file. *